diff options
100 files changed, 23739 insertions, 0 deletions
@@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..190d4f5 --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,16 @@ +NoScript - a Firefox extension for whitelist driven safe JavaScript execution +Copyright (C) 2004-2007 Giorgio Maone - g.maone@informaction.com + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA diff --git a/ReadMe.md b/ReadMe.md new file mode 100644 index 0000000..95b688d --- /dev/null +++ b/ReadMe.md @@ -0,0 +1,24 @@ +#NoScript Security Suite + +The best security you can get in a web browser! +Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks, "Spectre", "Meltdown" and other JavaScript exploits. +Fx52? <a href="https://noscript.net/getit">https://noscript.net/getit</a> + +<b>IMPORTANT</b> +<a href="https://forums.informaction.com/viewtopic.php?f=7&t=23974&p=94778">A Basic <b>NoScript 10 Guide</b></a> + +Still confused by NoScript 10's new UI? +Check this <a href="https://blog.jeaye.com/2017/11/30/noscript/">user-contributed NoScript 10 primer</a>. +and this <a href="https://hackademix.net/2017/12/04/noscript-quantum-vs-legacy-in-a-nutshell-2/">NoScript 10 "Quantum" vs NoScript 5 "Classic" (or "Legacy") comparison</a>. + +Winner of the "PC World World Class Award" and bundled with the Tor Browser, NoScript gives you with the best available protection on the web. + +It allows JavaScript, Flash, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking site, mitigating remotely exploitable vulnerabilities including Spectre and Meltdown. + +It protects your "trust boundaries" against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts, thanks to its unique ClearClick technology. + +Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality where you need it. +Experts do agree: Firefox is really safer with NoScript ;-) + +FAQ: <a href="https://noscript.net/faq">https://noscript.net/faq</a> +Forum: <a href="https://noscript.net/forum">https://noscript.net/forum</a>
\ No newline at end of file diff --git a/TLD/generate.pl b/TLD/generate.pl new file mode 100644 index 0000000..472ca26 --- /dev/null +++ b/TLD/generate.pl @@ -0,0 +1,52 @@ +#!/usr/bin/perl -w +# use strict; +use open ':utf8'; +use Regexp::Assemble; +$dat="public_suffix_list.dat"; +die(".dat file $dat not found!") unless -f "$dat"; + +sub generate { + my $src = "./tld_template.js"; + my $dst = "./tld.js"; + my (@rx, @ex, $rx, $ex); + open(DAT, $dat) || die("Cannot open $dat"); + while(<DAT>) { + s/\./\\\./g; + s/\s+utf.*//; + s/\n//; + if(/^!/) { + s/^!//; + push(@ex, lc($_)); + } elsif (!/^(\/\/|[ \n\r]|$)/) { + s/\*\\\./[^\\.]+\\./; + push(@rx, lc($_)); + } + } + close(DAT); + + #$o = Regexp::Optimizer->new; + #$o = Regexp::List->new; + $o = Regexp::Assemble->new; + $_ = $o->add(@rx)->as_string(); + s/\(\?-xism:(.*)\)/$1/; + $rx = $_; + @rx = NULL; + + $o = Regexp::Assemble->new; + $_ = $o->add(@ex)->as_string(); + s/\(\?-xism:(.*)\)/$1/; + $ex = $_; + @ex = NULL; + + open(SRC, $src) || die("Cannot open $src"); + open(DST, ">$dst") || die("Cannot open $dst"); + while(<SRC>) { + s/%tld_rx%/$rx/g; + s/%tld_ex%/$ex/g; + print DST; + print; + } + close(SRC); + close(DST); +} +generate(); diff --git a/TLD/generate.sh b/TLD/generate.sh new file mode 100644 index 0000000..ee5d327 --- /dev/null +++ b/TLD/generate.sh @@ -0,0 +1,18 @@ +#!/bin/bash +BASE=$(dirname "$0") +pushd "$BASE" +fname=public_suffix_list.dat +nflag="" +if [ -f $fname ]; then + nflag="-z $fname" +fi +URL=https://publicsuffix.org/list/$fname +curl -O $nflag "$URL" + +if ! grep 'com' $fname >/dev/null; then + echo >&2 "$fname empty or corrupt!" + exit 1 +fi + +./generate.pl +popd diff --git a/TLD/public_suffix_list.dat b/TLD/public_suffix_list.dat new file mode 100644 index 0000000..82e0f93 --- /dev/null +++ b/TLD/public_suffix_list.dat @@ -0,0 +1,12661 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at https://mozilla.org/MPL/2.0/. + +// Please pull this list from, and only from https://publicsuffix.org/list/public_suffix_list.dat, +// rather than any other VCS sites. Pulling from any other URL is not guaranteed to be supported. + +// Instructions on pulling and using this list can be found at https://publicsuffix.org/list/. + +// ===BEGIN ICANN DOMAINS=== + +// ac : https://en.wikipedia.org/wiki/.ac +ac +com.ac +edu.ac +gov.ac +net.ac +mil.ac +org.ac + +// ad : https://en.wikipedia.org/wiki/.ad +ad +nom.ad + +// ae : https://en.wikipedia.org/wiki/.ae +// see also: "Domain Name Eligibility Policy" at http://www.aeda.ae/eng/aepolicy.php +ae +co.ae +net.ae +org.ae +sch.ae +ac.ae +gov.ae +mil.ae + +// aero : see https://www.information.aero/index.php?id=66 +aero +accident-investigation.aero +accident-prevention.aero +aerobatic.aero +aeroclub.aero +aerodrome.aero +agents.aero +aircraft.aero +airline.aero +airport.aero +air-surveillance.aero +airtraffic.aero +air-traffic-control.aero +ambulance.aero +amusement.aero +association.aero +author.aero +ballooning.aero +broker.aero +caa.aero +cargo.aero +catering.aero +certification.aero +championship.aero +charter.aero +civilaviation.aero +club.aero +conference.aero +consultant.aero +consulting.aero +control.aero +council.aero +crew.aero +design.aero +dgca.aero +educator.aero +emergency.aero +engine.aero +engineer.aero +entertainment.aero +equipment.aero +exchange.aero +express.aero +federation.aero +flight.aero +freight.aero +fuel.aero +gliding.aero +government.aero +groundhandling.aero +group.aero +hanggliding.aero +homebuilt.aero +insurance.aero +journal.aero +journalist.aero +leasing.aero +logistics.aero +magazine.aero +maintenance.aero +media.aero +microlight.aero +modelling.aero +navigation.aero +parachuting.aero +paragliding.aero +passenger-association.aero +pilot.aero +press.aero +production.aero +recreation.aero +repbody.aero +res.aero +research.aero +rotorcraft.aero +safety.aero +scientist.aero +services.aero +show.aero +skydiving.aero +software.aero +student.aero +trader.aero +trading.aero +trainer.aero +union.aero +workinggroup.aero +works.aero + +// af : http://www.nic.af/help.jsp +af +gov.af +com.af +org.af +net.af +edu.af + +// ag : http://www.nic.ag/prices.htm +ag +com.ag +org.ag +net.ag +co.ag +nom.ag + +// ai : http://nic.com.ai/ +ai +off.ai +com.ai +net.ai +org.ai + +// al : http://www.ert.gov.al/ert_alb/faq_det.html?Id=31 +al +com.al +edu.al +gov.al +mil.al +net.al +org.al + +// am : https://en.wikipedia.org/wiki/.am +am + +// ao : https://en.wikipedia.org/wiki/.ao +// http://www.dns.ao/REGISTR.DOC +ao +ed.ao +gv.ao +og.ao +co.ao +pb.ao +it.ao + +// aq : https://en.wikipedia.org/wiki/.aq +aq + +// ar : https://nic.ar/nic-argentina/normativa-vigente +ar +com.ar +edu.ar +gob.ar +gov.ar +int.ar +mil.ar +musica.ar +net.ar +org.ar +tur.ar + +// arpa : https://en.wikipedia.org/wiki/.arpa +// Confirmed by registry <iana-questions@icann.org> 2008-06-18 +arpa +e164.arpa +in-addr.arpa +ip6.arpa +iris.arpa +uri.arpa +urn.arpa + +// as : https://en.wikipedia.org/wiki/.as +as +gov.as + +// asia : https://en.wikipedia.org/wiki/.asia +asia + +// at : https://en.wikipedia.org/wiki/.at +// Confirmed by registry <it@nic.at> 2008-06-17 +at +ac.at +co.at +gv.at +or.at + +// au : https://en.wikipedia.org/wiki/.au +// http://www.auda.org.au/ +au +// 2LDs +com.au +net.au +org.au +edu.au +gov.au +asn.au +id.au +// Historic 2LDs (closed to new registration, but sites still exist) +info.au +conf.au +oz.au +// CGDNs - http://www.cgdn.org.au/ +act.au +nsw.au +nt.au +qld.au +sa.au +tas.au +vic.au +wa.au +// 3LDs +act.edu.au +nsw.edu.au +nt.edu.au +qld.edu.au +sa.edu.au +tas.edu.au +vic.edu.au +wa.edu.au +// act.gov.au Bug 984824 - Removed at request of Greg Tankard +// nsw.gov.au Bug 547985 - Removed at request of <Shae.Donelan@services.nsw.gov.au> +// nt.gov.au Bug 940478 - Removed at request of Greg Connors <Greg.Connors@nt.gov.au> +qld.gov.au +sa.gov.au +tas.gov.au +vic.gov.au +wa.gov.au + +// aw : https://en.wikipedia.org/wiki/.aw +aw +com.aw + +// ax : https://en.wikipedia.org/wiki/.ax +ax + +// az : https://en.wikipedia.org/wiki/.az +az +com.az +net.az +int.az +gov.az +org.az +edu.az +info.az +pp.az +mil.az +name.az +pro.az +biz.az + +// ba : http://nic.ba/users_data/files/pravilnik_o_registraciji.pdf +ba +com.ba +edu.ba +gov.ba +mil.ba +net.ba +org.ba + +// bb : https://en.wikipedia.org/wiki/.bb +bb +biz.bb +co.bb +com.bb +edu.bb +gov.bb +info.bb +net.bb +org.bb +store.bb +tv.bb + +// bd : https://en.wikipedia.org/wiki/.bd +*.bd + +// be : https://en.wikipedia.org/wiki/.be +// Confirmed by registry <tech@dns.be> 2008-06-08 +be +ac.be + +// bf : https://en.wikipedia.org/wiki/.bf +bf +gov.bf + +// bg : https://en.wikipedia.org/wiki/.bg +// https://www.register.bg/user/static/rules/en/index.html +bg +a.bg +b.bg +c.bg +d.bg +e.bg +f.bg +g.bg +h.bg +i.bg +j.bg +k.bg +l.bg +m.bg +n.bg +o.bg +p.bg +q.bg +r.bg +s.bg +t.bg +u.bg +v.bg +w.bg +x.bg +y.bg +z.bg +0.bg +1.bg +2.bg +3.bg +4.bg +5.bg +6.bg +7.bg +8.bg +9.bg + +// bh : https://en.wikipedia.org/wiki/.bh +bh +com.bh +edu.bh +net.bh +org.bh +gov.bh + +// bi : https://en.wikipedia.org/wiki/.bi +// http://whois.nic.bi/ +bi +co.bi +com.bi +edu.bi +or.bi +org.bi + +// biz : https://en.wikipedia.org/wiki/.biz +biz + +// bj : https://en.wikipedia.org/wiki/.bj +bj +asso.bj +barreau.bj +gouv.bj + +// bm : http://www.bermudanic.bm/dnr-text.txt +bm +com.bm +edu.bm +gov.bm +net.bm +org.bm + +// bn : https://en.wikipedia.org/wiki/.bn +*.bn + +// bo : https://nic.bo/delegacion2015.php#h-1.10 +bo +com.bo +edu.bo +gob.bo +int.bo +org.bo +net.bo +mil.bo +tv.bo +web.bo +// Social Domains +academia.bo +agro.bo +arte.bo +blog.bo +bolivia.bo +ciencia.bo +cooperativa.bo +democracia.bo +deporte.bo +ecologia.bo +economia.bo +empresa.bo +indigena.bo +industria.bo +info.bo +medicina.bo +movimiento.bo +musica.bo +natural.bo +nombre.bo +noticias.bo +patria.bo +politica.bo +profesional.bo +plurinacional.bo +pueblo.bo +revista.bo +salud.bo +tecnologia.bo +tksat.bo +transporte.bo +wiki.bo + +// br : http://registro.br/dominio/categoria.html +// Submitted by registry <fneves@registro.br> +br +9guacu.br +abc.br +adm.br +adv.br +agr.br +aju.br +am.br +anani.br +aparecida.br +arq.br +art.br +ato.br +b.br +barueri.br +belem.br +bhz.br +bio.br +blog.br +bmd.br +boavista.br +bsb.br +campinagrande.br +campinas.br +caxias.br +cim.br +cng.br +cnt.br +com.br +contagem.br +coop.br +cri.br +cuiaba.br +curitiba.br +def.br +ecn.br +eco.br +edu.br +emp.br +eng.br +esp.br +etc.br +eti.br +far.br +feira.br +flog.br +floripa.br +fm.br +fnd.br +fortal.br +fot.br +foz.br +fst.br +g12.br +ggf.br +goiania.br +gov.br +// gov.br 26 states + df https://en.wikipedia.org/wiki/States_of_Brazil +ac.gov.br +al.gov.br +am.gov.br +ap.gov.br +ba.gov.br +ce.gov.br +df.gov.br +es.gov.br +go.gov.br +ma.gov.br +mg.gov.br +ms.gov.br +mt.gov.br +pa.gov.br +pb.gov.br +pe.gov.br +pi.gov.br +pr.gov.br +rj.gov.br +rn.gov.br +ro.gov.br +rr.gov.br +rs.gov.br +sc.gov.br +se.gov.br +sp.gov.br +to.gov.br +gru.br +imb.br +ind.br +inf.br +jab.br +jampa.br +jdf.br +joinville.br +jor.br +jus.br +leg.br +lel.br +londrina.br +macapa.br +maceio.br +manaus.br +maringa.br +mat.br +med.br +mil.br +morena.br +mp.br +mus.br +natal.br +net.br +niteroi.br +*.nom.br +not.br +ntr.br +odo.br +org.br +osasco.br +palmas.br +poa.br +ppg.br +pro.br +psc.br +psi.br +pvh.br +qsl.br +radio.br +rec.br +recife.br +ribeirao.br +rio.br +riobranco.br +riopreto.br +salvador.br +sampa.br +santamaria.br +santoandre.br +saobernardo.br +saogonca.br +sjc.br +slg.br +slz.br +sorocaba.br +srv.br +taxi.br +teo.br +the.br +tmp.br +trd.br +tur.br +tv.br +udi.br +vet.br +vix.br +vlog.br +wiki.br +zlg.br + +// bs : http://www.nic.bs/rules.html +bs +com.bs +net.bs +org.bs +edu.bs +gov.bs + +// bt : https://en.wikipedia.org/wiki/.bt +bt +com.bt +edu.bt +gov.bt +net.bt +org.bt + +// bv : No registrations at this time. +// Submitted by registry <jarle@uninett.no> +bv + +// bw : https://en.wikipedia.org/wiki/.bw +// http://www.gobin.info/domainname/bw.doc +// list of other 2nd level tlds ? +bw +co.bw +org.bw + +// by : https://en.wikipedia.org/wiki/.by +// http://tld.by/rules_2006_en.html +// list of other 2nd level tlds ? +by +gov.by +mil.by +// Official information does not indicate that com.by is a reserved +// second-level domain, but it's being used as one (see www.google.com.by and +// www.yahoo.com.by, for example), so we list it here for safety's sake. +com.by + +// http://hoster.by/ +of.by + +// bz : https://en.wikipedia.org/wiki/.bz +// http://www.belizenic.bz/ +bz +com.bz +net.bz +org.bz +edu.bz +gov.bz + +// ca : https://en.wikipedia.org/wiki/.ca +ca +// ca geographical names +ab.ca +bc.ca +mb.ca +nb.ca +nf.ca +nl.ca +ns.ca +nt.ca +nu.ca +on.ca +pe.ca +qc.ca +sk.ca +yk.ca +// gc.ca: https://en.wikipedia.org/wiki/.gc.ca +// see also: http://registry.gc.ca/en/SubdomainFAQ +gc.ca + +// cat : https://en.wikipedia.org/wiki/.cat +cat + +// cc : https://en.wikipedia.org/wiki/.cc +cc + +// cd : https://en.wikipedia.org/wiki/.cd +// see also: https://www.nic.cd/domain/insertDomain_2.jsp?act=1 +cd +gov.cd + +// cf : https://en.wikipedia.org/wiki/.cf +cf + +// cg : https://en.wikipedia.org/wiki/.cg +cg + +// ch : https://en.wikipedia.org/wiki/.ch +ch + +// ci : https://en.wikipedia.org/wiki/.ci +// http://www.nic.ci/index.php?page=charte +ci +org.ci +or.ci +com.ci +co.ci +edu.ci +ed.ci +ac.ci +net.ci +go.ci +asso.ci +aéroport.ci +int.ci +presse.ci +md.ci +gouv.ci + +// ck : https://en.wikipedia.org/wiki/.ck +*.ck +!www.ck + +// cl : https://en.wikipedia.org/wiki/.cl +cl +gov.cl +gob.cl +co.cl +mil.cl + +// cm : https://en.wikipedia.org/wiki/.cm plus bug 981927 +cm +co.cm +com.cm +gov.cm +net.cm + +// cn : https://en.wikipedia.org/wiki/.cn +// Submitted by registry <tanyaling@cnnic.cn> +cn +ac.cn +com.cn +edu.cn +gov.cn +net.cn +org.cn +mil.cn +公司.cn +网络.cn +網絡.cn +// cn geographic names +ah.cn +bj.cn +cq.cn +fj.cn +gd.cn +gs.cn +gz.cn +gx.cn +ha.cn +hb.cn +he.cn +hi.cn +hl.cn +hn.cn +jl.cn +js.cn +jx.cn +ln.cn +nm.cn +nx.cn +qh.cn +sc.cn +sd.cn +sh.cn +sn.cn +sx.cn +tj.cn +xj.cn +xz.cn +yn.cn +zj.cn +hk.cn +mo.cn +tw.cn + +// co : https://en.wikipedia.org/wiki/.co +// Submitted by registry <tecnico@uniandes.edu.co> +co +arts.co +com.co +edu.co +firm.co +gov.co +info.co +int.co +mil.co +net.co +nom.co +org.co +rec.co +web.co + +// com : https://en.wikipedia.org/wiki/.com +com + +// coop : https://en.wikipedia.org/wiki/.coop +coop + +// cr : http://www.nic.cr/niccr_publico/showRegistroDominiosScreen.do +cr +ac.cr +co.cr +ed.cr +fi.cr +go.cr +or.cr +sa.cr + +// cu : https://en.wikipedia.org/wiki/.cu +cu +com.cu +edu.cu +org.cu +net.cu +gov.cu +inf.cu + +// cv : https://en.wikipedia.org/wiki/.cv +cv + +// cw : http://www.una.cw/cw_registry/ +// Confirmed by registry <registry@una.net> 2013-03-26 +cw +com.cw +edu.cw +net.cw +org.cw + +// cx : https://en.wikipedia.org/wiki/.cx +// list of other 2nd level tlds ? +cx +gov.cx + +// cy : http://www.nic.cy/ +// Submitted by registry Panayiotou Fotia <cydns@ucy.ac.cy> +cy +ac.cy +biz.cy +com.cy +ekloges.cy +gov.cy +ltd.cy +name.cy +net.cy +org.cy +parliament.cy +press.cy +pro.cy +tm.cy + +// cz : https://en.wikipedia.org/wiki/.cz +cz + +// de : https://en.wikipedia.org/wiki/.de +// Confirmed by registry <ops@denic.de> (with technical +// reservations) 2008-07-01 +de + +// dj : https://en.wikipedia.org/wiki/.dj +dj + +// dk : https://en.wikipedia.org/wiki/.dk +// Confirmed by registry <robert@dk-hostmaster.dk> 2008-06-17 +dk + +// dm : https://en.wikipedia.org/wiki/.dm +dm +com.dm +net.dm +org.dm +edu.dm +gov.dm + +// do : https://en.wikipedia.org/wiki/.do +do +art.do +com.do +edu.do +gob.do +gov.do +mil.do +net.do +org.do +sld.do +web.do + +// dz : https://en.wikipedia.org/wiki/.dz +dz +com.dz +org.dz +net.dz +gov.dz +edu.dz +asso.dz +pol.dz +art.dz + +// ec : http://www.nic.ec/reg/paso1.asp +// Submitted by registry <vabboud@nic.ec> +ec +com.ec +info.ec +net.ec +fin.ec +k12.ec +med.ec +pro.ec +org.ec +edu.ec +gov.ec +gob.ec +mil.ec + +// edu : https://en.wikipedia.org/wiki/.edu +edu + +// ee : http://www.eenet.ee/EENet/dom_reeglid.html#lisa_B +ee +edu.ee +gov.ee +riik.ee +lib.ee +med.ee +com.ee +pri.ee +aip.ee +org.ee +fie.ee + +// eg : https://en.wikipedia.org/wiki/.eg +eg +com.eg +edu.eg +eun.eg +gov.eg +mil.eg +name.eg +net.eg +org.eg +sci.eg + +// er : https://en.wikipedia.org/wiki/.er +*.er + +// es : https://www.nic.es/site_ingles/ingles/dominios/index.html +es +com.es +nom.es +org.es +gob.es +edu.es + +// et : https://en.wikipedia.org/wiki/.et +et +com.et +gov.et +org.et +edu.et +biz.et +name.et +info.et +net.et + +// eu : https://en.wikipedia.org/wiki/.eu +eu + +// fi : https://en.wikipedia.org/wiki/.fi +fi +// aland.fi : https://en.wikipedia.org/wiki/.ax +// This domain is being phased out in favor of .ax. As there are still many +// domains under aland.fi, we still keep it on the list until aland.fi is +// completely removed. +// TODO: Check for updates (expected to be phased out around Q1/2009) +aland.fi + +// fj : https://en.wikipedia.org/wiki/.fj +*.fj + +// fk : https://en.wikipedia.org/wiki/.fk +*.fk + +// fm : https://en.wikipedia.org/wiki/.fm +fm + +// fo : https://en.wikipedia.org/wiki/.fo +fo + +// fr : http://www.afnic.fr/ +// domaines descriptifs : http://www.afnic.fr/obtenir/chartes/nommage-fr/annexe-descriptifs +fr +com.fr +asso.fr +nom.fr +prd.fr +presse.fr +tm.fr +// domaines sectoriels : http://www.afnic.fr/obtenir/chartes/nommage-fr/annexe-sectoriels +aeroport.fr +assedic.fr +avocat.fr +avoues.fr +cci.fr +chambagri.fr +chirurgiens-dentistes.fr +experts-comptables.fr +geometre-expert.fr +gouv.fr +greta.fr +huissier-justice.fr +medecin.fr +notaires.fr +pharmacien.fr +port.fr +veterinaire.fr + +// ga : https://en.wikipedia.org/wiki/.ga +ga + +// gb : This registry is effectively dormant +// Submitted by registry <Damien.Shaw@ja.net> +gb + +// gd : https://en.wikipedia.org/wiki/.gd +gd + +// ge : http://www.nic.net.ge/policy_en.pdf +ge +com.ge +edu.ge +gov.ge +org.ge +mil.ge +net.ge +pvt.ge + +// gf : https://en.wikipedia.org/wiki/.gf +gf + +// gg : http://www.channelisles.net/register-domains/ +// Confirmed by registry <nigel@channelisles.net> 2013-11-28 +gg +co.gg +net.gg +org.gg + +// gh : https://en.wikipedia.org/wiki/.gh +// see also: http://www.nic.gh/reg_now.php +// Although domains directly at second level are not possible at the moment, +// they have been possible for some time and may come back. +gh +com.gh +edu.gh +gov.gh +org.gh +mil.gh + +// gi : http://www.nic.gi/rules.html +gi +com.gi +ltd.gi +gov.gi +mod.gi +edu.gi +org.gi + +// gl : https://en.wikipedia.org/wiki/.gl +// http://nic.gl +gl +co.gl +com.gl +edu.gl +net.gl +org.gl + +// gm : http://www.nic.gm/htmlpages%5Cgm-policy.htm +gm + +// gn : http://psg.com/dns/gn/gn.txt +// Submitted by registry <randy@psg.com> +gn +ac.gn +com.gn +edu.gn +gov.gn +org.gn +net.gn + +// gov : https://en.wikipedia.org/wiki/.gov +gov + +// gp : http://www.nic.gp/index.php?lang=en +gp +com.gp +net.gp +mobi.gp +edu.gp +org.gp +asso.gp + +// gq : https://en.wikipedia.org/wiki/.gq +gq + +// gr : https://grweb.ics.forth.gr/english/1617-B-2005.html +// Submitted by registry <segred@ics.forth.gr> +gr +com.gr +edu.gr +net.gr +org.gr +gov.gr + +// gs : https://en.wikipedia.org/wiki/.gs +gs + +// gt : http://www.gt/politicas_de_registro.html +gt +com.gt +edu.gt +gob.gt +ind.gt +mil.gt +net.gt +org.gt + +// gu : http://gadao.gov.gu/register.html +// University of Guam : https://www.uog.edu +// Submitted by uognoc@triton.uog.edu +gu +com.gu +edu.gu +gov.gu +guam.gu +info.gu +net.gu +org.gu +web.gu + +// gw : https://en.wikipedia.org/wiki/.gw +gw + +// gy : https://en.wikipedia.org/wiki/.gy +// http://registry.gy/ +gy +co.gy +com.gy +edu.gy +gov.gy +net.gy +org.gy + +// hk : https://www.hkirc.hk +// Submitted by registry <hk.tech@hkirc.hk> +hk +com.hk +edu.hk +gov.hk +idv.hk +net.hk +org.hk +公司.hk +教育.hk +敎育.hk +政府.hk +個人.hk +个人.hk +箇人.hk +網络.hk +网络.hk +组織.hk +網絡.hk +网絡.hk +组织.hk +組織.hk +組织.hk + +// hm : https://en.wikipedia.org/wiki/.hm +hm + +// hn : http://www.nic.hn/politicas/ps02,,05.html +hn +com.hn +edu.hn +org.hn +net.hn +mil.hn +gob.hn + +// hr : http://www.dns.hr/documents/pdf/HRTLD-regulations.pdf +hr +iz.hr +from.hr +name.hr +com.hr + +// ht : http://www.nic.ht/info/charte.cfm +ht +com.ht +shop.ht +firm.ht +info.ht +adult.ht +net.ht +pro.ht +org.ht +med.ht +art.ht +coop.ht +pol.ht +asso.ht +edu.ht +rel.ht +gouv.ht +perso.ht + +// hu : http://www.domain.hu/domain/English/sld.html +// Confirmed by registry <pasztor@iszt.hu> 2008-06-12 +hu +co.hu +info.hu +org.hu +priv.hu +sport.hu +tm.hu +2000.hu +agrar.hu +bolt.hu +casino.hu +city.hu +erotica.hu +erotika.hu +film.hu +forum.hu +games.hu +hotel.hu +ingatlan.hu +jogasz.hu +konyvelo.hu +lakas.hu +media.hu +news.hu +reklam.hu +sex.hu +shop.hu +suli.hu +szex.hu +tozsde.hu +utazas.hu +video.hu + +// id : https://register.pandi.or.id/ +id +ac.id +biz.id +co.id +desa.id +go.id +mil.id +my.id +net.id +or.id +sch.id +web.id + +// ie : https://en.wikipedia.org/wiki/.ie +ie +gov.ie + +// il : http://www.isoc.org.il/domains/ +il +ac.il +co.il +gov.il +idf.il +k12.il +muni.il +net.il +org.il + +// im : https://www.nic.im/ +// Submitted by registry <info@nic.im> +im +ac.im +co.im +com.im +ltd.co.im +net.im +org.im +plc.co.im +tt.im +tv.im + +// in : https://en.wikipedia.org/wiki/.in +// see also: https://registry.in/Policies +// Please note, that nic.in is not an official eTLD, but used by most +// government institutions. +in +co.in +firm.in +net.in +org.in +gen.in +ind.in +nic.in +ac.in +edu.in +res.in +gov.in +mil.in + +// info : https://en.wikipedia.org/wiki/.info +info + +// int : https://en.wikipedia.org/wiki/.int +// Confirmed by registry <iana-questions@icann.org> 2008-06-18 +int +eu.int + +// io : http://www.nic.io/rules.html +// list of other 2nd level tlds ? +io +com.io + +// iq : http://www.cmc.iq/english/iq/iqregister1.htm +iq +gov.iq +edu.iq +mil.iq +com.iq +org.iq +net.iq + +// ir : http://www.nic.ir/Terms_and_Conditions_ir,_Appendix_1_Domain_Rules +// Also see http://www.nic.ir/Internationalized_Domain_Names +// Two <iran>.ir entries added at request of <tech-team@nic.ir>, 2010-04-16 +ir +ac.ir +co.ir +gov.ir +id.ir +net.ir +org.ir +sch.ir +// xn--mgba3a4f16a.ir (<iran>.ir, Persian YEH) +ایران.ir +// xn--mgba3a4fra.ir (<iran>.ir, Arabic YEH) +ايران.ir + +// is : http://www.isnic.is/domain/rules.php +// Confirmed by registry <marius@isgate.is> 2008-12-06 +is +net.is +com.is +edu.is +gov.is +org.is +int.is + +// it : https://en.wikipedia.org/wiki/.it +it +gov.it +edu.it +// Reserved geo-names (regions and provinces): +// http://www.nic.it/sites/default/files/docs/Regulation_assignation_v7.1.pdf +// Regions +abr.it +abruzzo.it +aosta-valley.it +aostavalley.it +bas.it +basilicata.it +cal.it +calabria.it +cam.it +campania.it +emilia-romagna.it +emiliaromagna.it +emr.it +friuli-v-giulia.it +friuli-ve-giulia.it +friuli-vegiulia.it +friuli-venezia-giulia.it +friuli-veneziagiulia.it +friuli-vgiulia.it +friuliv-giulia.it +friulive-giulia.it +friulivegiulia.it +friulivenezia-giulia.it +friuliveneziagiulia.it +friulivgiulia.it +fvg.it +laz.it +lazio.it +lig.it +liguria.it +lom.it +lombardia.it +lombardy.it +lucania.it +mar.it +marche.it +mol.it +molise.it +piedmont.it +piemonte.it +pmn.it +pug.it +puglia.it +sar.it +sardegna.it +sardinia.it +sic.it +sicilia.it +sicily.it +taa.it +tos.it +toscana.it +trentin-sud-tirol.it +trentin-süd-tirol.it +trentin-sudtirol.it +trentin-südtirol.it +trentin-sued-tirol.it +trentin-suedtirol.it +trentino-a-adige.it +trentino-aadige.it +trentino-alto-adige.it +trentino-altoadige.it +trentino-s-tirol.it +trentino-stirol.it +trentino-sud-tirol.it +trentino-süd-tirol.it +trentino-sudtirol.it +trentino-südtirol.it +trentino-sued-tirol.it +trentino-suedtirol.it +trentino.it +trentinoa-adige.it +trentinoaadige.it +trentinoalto-adige.it +trentinoaltoadige.it +trentinos-tirol.it +trentinostirol.it +trentinosud-tirol.it +trentinosüd-tirol.it +trentinosudtirol.it +trentinosüdtirol.it +trentinosued-tirol.it +trentinosuedtirol.it +trentinsud-tirol.it +trentinsüd-tirol.it +trentinsudtirol.it +trentinsüdtirol.it +trentinsued-tirol.it +trentinsuedtirol.it +tuscany.it +umb.it +umbria.it +val-d-aosta.it +val-daosta.it +vald-aosta.it +valdaosta.it +valle-aosta.it +valle-d-aosta.it +valle-daosta.it +valleaosta.it +valled-aosta.it +valledaosta.it +vallee-aoste.it +vallée-aoste.it +vallee-d-aoste.it +vallée-d-aoste.it +valleeaoste.it +valléeaoste.it +valleedaoste.it +valléedaoste.it +vao.it +vda.it +ven.it +veneto.it +// Provinces +ag.it +agrigento.it +al.it +alessandria.it +alto-adige.it +altoadige.it +an.it +ancona.it +andria-barletta-trani.it +andria-trani-barletta.it +andriabarlettatrani.it +andriatranibarletta.it +ao.it +aosta.it +aoste.it +ap.it +aq.it +aquila.it +ar.it +arezzo.it +ascoli-piceno.it +ascolipiceno.it +asti.it +at.it +av.it +avellino.it +ba.it +balsan-sudtirol.it +balsan-südtirol.it +balsan-suedtirol.it +balsan.it +bari.it +barletta-trani-andria.it +barlettatraniandria.it +belluno.it +benevento.it +bergamo.it +bg.it +bi.it +biella.it +bl.it +bn.it +bo.it +bologna.it +bolzano-altoadige.it +bolzano.it +bozen-sudtirol.it +bozen-südtirol.it +bozen-suedtirol.it +bozen.it +br.it +brescia.it +brindisi.it +bs.it +bt.it +bulsan-sudtirol.it +bulsan-südtirol.it +bulsan-suedtirol.it +bulsan.it +bz.it +ca.it +cagliari.it +caltanissetta.it +campidano-medio.it +campidanomedio.it +campobasso.it +carbonia-iglesias.it +carboniaiglesias.it +carrara-massa.it +carraramassa.it +caserta.it +catania.it +catanzaro.it +cb.it +ce.it +cesena-forli.it +cesena-forlì.it +cesenaforli.it +cesenaforlì.it +ch.it +chieti.it +ci.it +cl.it +cn.it +co.it +como.it +cosenza.it +cr.it +cremona.it +crotone.it +cs.it +ct.it +cuneo.it +cz.it +dell-ogliastra.it +dellogliastra.it +en.it +enna.it +fc.it +fe.it +fermo.it +ferrara.it +fg.it +fi.it +firenze.it +florence.it +fm.it +foggia.it +forli-cesena.it +forlì-cesena.it +forlicesena.it +forlìcesena.it +fr.it +frosinone.it +ge.it +genoa.it +genova.it +go.it +gorizia.it +gr.it +grosseto.it +iglesias-carbonia.it +iglesiascarbonia.it +im.it +imperia.it +is.it +isernia.it +kr.it +la-spezia.it +laquila.it +laspezia.it +latina.it +lc.it +le.it +lecce.it +lecco.it +li.it +livorno.it +lo.it +lodi.it +lt.it +lu.it +lucca.it +macerata.it +mantova.it +massa-carrara.it +massacarrara.it +matera.it +mb.it +mc.it +me.it +medio-campidano.it +mediocampidano.it +messina.it +mi.it +milan.it +milano.it +mn.it +mo.it +modena.it +monza-brianza.it +monza-e-della-brianza.it +monza.it +monzabrianza.it +monzaebrianza.it +monzaedellabrianza.it +ms.it +mt.it +na.it +naples.it +napoli.it +no.it +novara.it +nu.it +nuoro.it +og.it +ogliastra.it +olbia-tempio.it +olbiatempio.it +or.it +oristano.it +ot.it +pa.it +padova.it +padua.it +palermo.it +parma.it +pavia.it +pc.it +pd.it +pe.it +perugia.it +pesaro-urbino.it +pesarourbino.it +pescara.it +pg.it +pi.it +piacenza.it +pisa.it +pistoia.it +pn.it +po.it +pordenone.it +potenza.it +pr.it +prato.it +pt.it +pu.it +pv.it +pz.it +ra.it +ragusa.it +ravenna.it +rc.it +re.it +reggio-calabria.it +reggio-emilia.it +reggiocalabria.it +reggioemilia.it +rg.it +ri.it +rieti.it +rimini.it +rm.it +rn.it +ro.it +roma.it +rome.it +rovigo.it +sa.it +salerno.it +sassari.it +savona.it +si.it +siena.it +siracusa.it +so.it +sondrio.it +sp.it +sr.it +ss.it +suedtirol.it +südtirol.it +sv.it +ta.it +taranto.it +te.it +tempio-olbia.it +tempioolbia.it +teramo.it +terni.it +tn.it +to.it +torino.it +tp.it +tr.it +trani-andria-barletta.it +trani-barletta-andria.it +traniandriabarletta.it +tranibarlettaandria.it +trapani.it +trento.it +treviso.it +trieste.it +ts.it +turin.it +tv.it +ud.it +udine.it +urbino-pesaro.it +urbinopesaro.it +va.it +varese.it +vb.it +vc.it +ve.it +venezia.it +venice.it +verbania.it +vercelli.it +verona.it +vi.it +vibo-valentia.it +vibovalentia.it +vicenza.it +viterbo.it +vr.it +vs.it +vt.it +vv.it + +// je : http://www.channelisles.net/register-domains/ +// Confirmed by registry <nigel@channelisles.net> 2013-11-28 +je +co.je +net.je +org.je + +// jm : http://www.com.jm/register.html +*.jm + +// jo : http://www.dns.jo/Registration_policy.aspx +jo +com.jo +org.jo +net.jo +edu.jo +sch.jo +gov.jo +mil.jo +name.jo + +// jobs : https://en.wikipedia.org/wiki/.jobs +jobs + +// jp : https://en.wikipedia.org/wiki/.jp +// http://jprs.co.jp/en/jpdomain.html +// Submitted by registry <info@jprs.jp> +jp +// jp organizational type names +ac.jp +ad.jp +co.jp +ed.jp +go.jp +gr.jp +lg.jp +ne.jp +or.jp +// jp prefecture type names +aichi.jp +akita.jp +aomori.jp +chiba.jp +ehime.jp +fukui.jp +fukuoka.jp +fukushima.jp +gifu.jp +gunma.jp +hiroshima.jp +hokkaido.jp +hyogo.jp +ibaraki.jp +ishikawa.jp +iwate.jp +kagawa.jp +kagoshima.jp +kanagawa.jp +kochi.jp +kumamoto.jp +kyoto.jp +mie.jp +miyagi.jp +miyazaki.jp +nagano.jp +nagasaki.jp +nara.jp +niigata.jp +oita.jp +okayama.jp +okinawa.jp +osaka.jp +saga.jp +saitama.jp +shiga.jp +shimane.jp +shizuoka.jp +tochigi.jp +tokushima.jp +tokyo.jp +tottori.jp +toyama.jp +wakayama.jp +yamagata.jp +yamaguchi.jp +yamanashi.jp +栃木.jp +愛知.jp +愛媛.jp +兵庫.jp +熊本.jp +茨城.jp +北海道.jp +千葉.jp +和歌山.jp +長崎.jp +長野.jp +新潟.jp +青森.jp +静岡.jp +東京.jp +石川.jp +埼玉.jp +三重.jp +京都.jp +佐賀.jp +大分.jp +大阪.jp +奈良.jp +宮城.jp +宮崎.jp +富山.jp +山口.jp +山形.jp +山梨.jp +岩手.jp +岐阜.jp +岡山.jp +島根.jp +広島.jp +徳島.jp +沖縄.jp +滋賀.jp +神奈川.jp +福井.jp +福岡.jp +福島.jp +秋田.jp +群馬.jp +香川.jp +高知.jp +鳥取.jp +鹿児島.jp +// jp geographic type names +// http://jprs.jp/doc/rule/saisoku-1.html +*.kawasaki.jp +*.kitakyushu.jp +*.kobe.jp +*.nagoya.jp +*.sapporo.jp +*.sendai.jp +*.yokohama.jp +!city.kawasaki.jp +!city.kitakyushu.jp +!city.kobe.jp +!city.nagoya.jp +!city.sapporo.jp +!city.sendai.jp +!city.yokohama.jp +// 4th level registration +aisai.aichi.jp +ama.aichi.jp +anjo.aichi.jp +asuke.aichi.jp +chiryu.aichi.jp +chita.aichi.jp +fuso.aichi.jp +gamagori.aichi.jp +handa.aichi.jp +hazu.aichi.jp +hekinan.aichi.jp +higashiura.aichi.jp +ichinomiya.aichi.jp +inazawa.aichi.jp +inuyama.aichi.jp +isshiki.aichi.jp +iwakura.aichi.jp +kanie.aichi.jp +kariya.aichi.jp +kasugai.aichi.jp +kira.aichi.jp +kiyosu.aichi.jp +komaki.aichi.jp +konan.aichi.jp +kota.aichi.jp +mihama.aichi.jp +miyoshi.aichi.jp +nishio.aichi.jp +nisshin.aichi.jp +obu.aichi.jp +oguchi.aichi.jp +oharu.aichi.jp +okazaki.aichi.jp +owariasahi.aichi.jp +seto.aichi.jp +shikatsu.aichi.jp +shinshiro.aichi.jp +shitara.aichi.jp +tahara.aichi.jp +takahama.aichi.jp +tobishima.aichi.jp +toei.aichi.jp +togo.aichi.jp +tokai.aichi.jp +tokoname.aichi.jp +toyoake.aichi.jp +toyohashi.aichi.jp +toyokawa.aichi.jp +toyone.aichi.jp +toyota.aichi.jp +tsushima.aichi.jp +yatomi.aichi.jp +akita.akita.jp +daisen.akita.jp +fujisato.akita.jp +gojome.akita.jp +hachirogata.akita.jp +happou.akita.jp +higashinaruse.akita.jp +honjo.akita.jp +honjyo.akita.jp +ikawa.akita.jp +kamikoani.akita.jp +kamioka.akita.jp +katagami.akita.jp +kazuno.akita.jp +kitaakita.akita.jp +kosaka.akita.jp +kyowa.akita.jp +misato.akita.jp +mitane.akita.jp +moriyoshi.akita.jp +nikaho.akita.jp +noshiro.akita.jp +odate.akita.jp +oga.akita.jp +ogata.akita.jp +semboku.akita.jp +yokote.akita.jp +yurihonjo.akita.jp +aomori.aomori.jp +gonohe.aomori.jp +hachinohe.aomori.jp +hashikami.aomori.jp +hiranai.aomori.jp +hirosaki.aomori.jp +itayanagi.aomori.jp +kuroishi.aomori.jp +misawa.aomori.jp +mutsu.aomori.jp +nakadomari.aomori.jp +noheji.aomori.jp +oirase.aomori.jp +owani.aomori.jp +rokunohe.aomori.jp +sannohe.aomori.jp +shichinohe.aomori.jp +shingo.aomori.jp +takko.aomori.jp +towada.aomori.jp +tsugaru.aomori.jp +tsuruta.aomori.jp +abiko.chiba.jp +asahi.chiba.jp +chonan.chiba.jp +chosei.chiba.jp +choshi.chiba.jp +chuo.chiba.jp +funabashi.chiba.jp +futtsu.chiba.jp +hanamigawa.chiba.jp +ichihara.chiba.jp +ichikawa.chiba.jp +ichinomiya.chiba.jp +inzai.chiba.jp +isumi.chiba.jp +kamagaya.chiba.jp +kamogawa.chiba.jp +kashiwa.chiba.jp +katori.chiba.jp +katsuura.chiba.jp +kimitsu.chiba.jp +kisarazu.chiba.jp +kozaki.chiba.jp +kujukuri.chiba.jp +kyonan.chiba.jp +matsudo.chiba.jp +midori.chiba.jp +mihama.chiba.jp +minamiboso.chiba.jp +mobara.chiba.jp +mutsuzawa.chiba.jp +nagara.chiba.jp +nagareyama.chiba.jp +narashino.chiba.jp +narita.chiba.jp +noda.chiba.jp +oamishirasato.chiba.jp +omigawa.chiba.jp +onjuku.chiba.jp +otaki.chiba.jp +sakae.chiba.jp +sakura.chiba.jp +shimofusa.chiba.jp +shirako.chiba.jp +shiroi.chiba.jp +shisui.chiba.jp +sodegaura.chiba.jp +sosa.chiba.jp +tako.chiba.jp +tateyama.chiba.jp +togane.chiba.jp +tohnosho.chiba.jp +tomisato.chiba.jp +urayasu.chiba.jp +yachimata.chiba.jp +yachiyo.chiba.jp +yokaichiba.chiba.jp +yokoshibahikari.chiba.jp +yotsukaido.chiba.jp +ainan.ehime.jp +honai.ehime.jp +ikata.ehime.jp +imabari.ehime.jp +iyo.ehime.jp +kamijima.ehime.jp +kihoku.ehime.jp +kumakogen.ehime.jp +masaki.ehime.jp +matsuno.ehime.jp +matsuyama.ehime.jp +namikata.ehime.jp +niihama.ehime.jp +ozu.ehime.jp +saijo.ehime.jp +seiyo.ehime.jp +shikokuchuo.ehime.jp +tobe.ehime.jp +toon.ehime.jp +uchiko.ehime.jp +uwajima.ehime.jp +yawatahama.ehime.jp +echizen.fukui.jp +eiheiji.fukui.jp +fukui.fukui.jp +ikeda.fukui.jp +katsuyama.fukui.jp +mihama.fukui.jp +minamiechizen.fukui.jp +obama.fukui.jp +ohi.fukui.jp +ono.fukui.jp +sabae.fukui.jp +sakai.fukui.jp +takahama.fukui.jp +tsuruga.fukui.jp +wakasa.fukui.jp +ashiya.fukuoka.jp +buzen.fukuoka.jp +chikugo.fukuoka.jp +chikuho.fukuoka.jp +chikujo.fukuoka.jp +chikushino.fukuoka.jp +chikuzen.fukuoka.jp +chuo.fukuoka.jp +dazaifu.fukuoka.jp +fukuchi.fukuoka.jp +hakata.fukuoka.jp +higashi.fukuoka.jp +hirokawa.fukuoka.jp +hisayama.fukuoka.jp +iizuka.fukuoka.jp +inatsuki.fukuoka.jp +kaho.fukuoka.jp +kasuga.fukuoka.jp +kasuya.fukuoka.jp +kawara.fukuoka.jp +keisen.fukuoka.jp +koga.fukuoka.jp +kurate.fukuoka.jp +kurogi.fukuoka.jp +kurume.fukuoka.jp +minami.fukuoka.jp +miyako.fukuoka.jp +miyama.fukuoka.jp +miyawaka.fukuoka.jp +mizumaki.fukuoka.jp +munakata.fukuoka.jp +nakagawa.fukuoka.jp +nakama.fukuoka.jp +nishi.fukuoka.jp +nogata.fukuoka.jp +ogori.fukuoka.jp +okagaki.fukuoka.jp +okawa.fukuoka.jp +oki.fukuoka.jp +omuta.fukuoka.jp +onga.fukuoka.jp +onojo.fukuoka.jp +oto.fukuoka.jp +saigawa.fukuoka.jp +sasaguri.fukuoka.jp +shingu.fukuoka.jp +shinyoshitomi.fukuoka.jp +shonai.fukuoka.jp +soeda.fukuoka.jp +sue.fukuoka.jp +tachiarai.fukuoka.jp +tagawa.fukuoka.jp +takata.fukuoka.jp +toho.fukuoka.jp +toyotsu.fukuoka.jp +tsuiki.fukuoka.jp +ukiha.fukuoka.jp +umi.fukuoka.jp +usui.fukuoka.jp +yamada.fukuoka.jp +yame.fukuoka.jp +yanagawa.fukuoka.jp +yukuhashi.fukuoka.jp +aizubange.fukushima.jp +aizumisato.fukushima.jp +aizuwakamatsu.fukushima.jp +asakawa.fukushima.jp +bandai.fukushima.jp +date.fukushima.jp +fukushima.fukushima.jp +furudono.fukushima.jp +futaba.fukushima.jp +hanawa.fukushima.jp +higashi.fukushima.jp +hirata.fukushima.jp +hirono.fukushima.jp +iitate.fukushima.jp +inawashiro.fukushima.jp +ishikawa.fukushima.jp +iwaki.fukushima.jp +izumizaki.fukushima.jp +kagamiishi.fukushima.jp +kaneyama.fukushima.jp +kawamata.fukushima.jp +kitakata.fukushima.jp +kitashiobara.fukushima.jp +koori.fukushima.jp +koriyama.fukushima.jp +kunimi.fukushima.jp +miharu.fukushima.jp +mishima.fukushima.jp +namie.fukushima.jp +nango.fukushima.jp +nishiaizu.fukushima.jp +nishigo.fukushima.jp +okuma.fukushima.jp +omotego.fukushima.jp +ono.fukushima.jp +otama.fukushima.jp +samegawa.fukushima.jp +shimogo.fukushima.jp +shirakawa.fukushima.jp +showa.fukushima.jp +soma.fukushima.jp +sukagawa.fukushima.jp +taishin.fukushima.jp +tamakawa.fukushima.jp +tanagura.fukushima.jp +tenei.fukushima.jp +yabuki.fukushima.jp +yamato.fukushima.jp +yamatsuri.fukushima.jp +yanaizu.fukushima.jp +yugawa.fukushima.jp +anpachi.gifu.jp +ena.gifu.jp +gifu.gifu.jp +ginan.gifu.jp +godo.gifu.jp +gujo.gifu.jp +hashima.gifu.jp +hichiso.gifu.jp +hida.gifu.jp +higashishirakawa.gifu.jp +ibigawa.gifu.jp +ikeda.gifu.jp +kakamigahara.gifu.jp +kani.gifu.jp +kasahara.gifu.jp +kasamatsu.gifu.jp +kawaue.gifu.jp +kitagata.gifu.jp +mino.gifu.jp +minokamo.gifu.jp +mitake.gifu.jp +mizunami.gifu.jp +motosu.gifu.jp +nakatsugawa.gifu.jp +ogaki.gifu.jp +sakahogi.gifu.jp +seki.gifu.jp +sekigahara.gifu.jp +shirakawa.gifu.jp +tajimi.gifu.jp +takayama.gifu.jp +tarui.gifu.jp +toki.gifu.jp +tomika.gifu.jp +wanouchi.gifu.jp +yamagata.gifu.jp +yaotsu.gifu.jp +yoro.gifu.jp +annaka.gunma.jp +chiyoda.gunma.jp +fujioka.gunma.jp +higashiagatsuma.gunma.jp +isesaki.gunma.jp +itakura.gunma.jp +kanna.gunma.jp +kanra.gunma.jp +katashina.gunma.jp +kawaba.gunma.jp +kiryu.gunma.jp +kusatsu.gunma.jp +maebashi.gunma.jp +meiwa.gunma.jp +midori.gunma.jp +minakami.gunma.jp +naganohara.gunma.jp +nakanojo.gunma.jp +nanmoku.gunma.jp +numata.gunma.jp +oizumi.gunma.jp +ora.gunma.jp +ota.gunma.jp +shibukawa.gunma.jp +shimonita.gunma.jp +shinto.gunma.jp +showa.gunma.jp +takasaki.gunma.jp +takayama.gunma.jp +tamamura.gunma.jp +tatebayashi.gunma.jp +tomioka.gunma.jp +tsukiyono.gunma.jp +tsumagoi.gunma.jp +ueno.gunma.jp +yoshioka.gunma.jp +asaminami.hiroshima.jp +daiwa.hiroshima.jp +etajima.hiroshima.jp +fuchu.hiroshima.jp +fukuyama.hiroshima.jp +hatsukaichi.hiroshima.jp +higashihiroshima.hiroshima.jp +hongo.hiroshima.jp +jinsekikogen.hiroshima.jp +kaita.hiroshima.jp +kui.hiroshima.jp +kumano.hiroshima.jp +kure.hiroshima.jp +mihara.hiroshima.jp +miyoshi.hiroshima.jp +naka.hiroshima.jp +onomichi.hiroshima.jp +osakikamijima.hiroshima.jp +otake.hiroshima.jp +saka.hiroshima.jp +sera.hiroshima.jp +seranishi.hiroshima.jp +shinichi.hiroshima.jp +shobara.hiroshima.jp +takehara.hiroshima.jp +abashiri.hokkaido.jp +abira.hokkaido.jp +aibetsu.hokkaido.jp +akabira.hokkaido.jp +akkeshi.hokkaido.jp +asahikawa.hokkaido.jp +ashibetsu.hokkaido.jp +ashoro.hokkaido.jp +assabu.hokkaido.jp +atsuma.hokkaido.jp +bibai.hokkaido.jp +biei.hokkaido.jp +bifuka.hokkaido.jp +bihoro.hokkaido.jp +biratori.hokkaido.jp +chippubetsu.hokkaido.jp +chitose.hokkaido.jp +date.hokkaido.jp +ebetsu.hokkaido.jp +embetsu.hokkaido.jp +eniwa.hokkaido.jp +erimo.hokkaido.jp +esan.hokkaido.jp +esashi.hokkaido.jp +fukagawa.hokkaido.jp +fukushima.hokkaido.jp +furano.hokkaido.jp +furubira.hokkaido.jp +haboro.hokkaido.jp +hakodate.hokkaido.jp +hamatonbetsu.hokkaido.jp +hidaka.hokkaido.jp +higashikagura.hokkaido.jp +higashikawa.hokkaido.jp +hiroo.hokkaido.jp +hokuryu.hokkaido.jp +hokuto.hokkaido.jp +honbetsu.hokkaido.jp +horokanai.hokkaido.jp +horonobe.hokkaido.jp +ikeda.hokkaido.jp +imakane.hokkaido.jp +ishikari.hokkaido.jp +iwamizawa.hokkaido.jp +iwanai.hokkaido.jp +kamifurano.hokkaido.jp +kamikawa.hokkaido.jp +kamishihoro.hokkaido.jp +kamisunagawa.hokkaido.jp +kamoenai.hokkaido.jp +kayabe.hokkaido.jp +kembuchi.hokkaido.jp +kikonai.hokkaido.jp +kimobetsu.hokkaido.jp +kitahiroshima.hokkaido.jp +kitami.hokkaido.jp +kiyosato.hokkaido.jp +koshimizu.hokkaido.jp +kunneppu.hokkaido.jp +kuriyama.hokkaido.jp +kuromatsunai.hokkaido.jp +kushiro.hokkaido.jp +kutchan.hokkaido.jp +kyowa.hokkaido.jp +mashike.hokkaido.jp +matsumae.hokkaido.jp +mikasa.hokkaido.jp +minamifurano.hokkaido.jp +mombetsu.hokkaido.jp +moseushi.hokkaido.jp +mukawa.hokkaido.jp +muroran.hokkaido.jp +naie.hokkaido.jp +nakagawa.hokkaido.jp +nakasatsunai.hokkaido.jp +nakatombetsu.hokkaido.jp +nanae.hokkaido.jp +nanporo.hokkaido.jp +nayoro.hokkaido.jp +nemuro.hokkaido.jp +niikappu.hokkaido.jp +niki.hokkaido.jp +nishiokoppe.hokkaido.jp +noboribetsu.hokkaido.jp +numata.hokkaido.jp +obihiro.hokkaido.jp +obira.hokkaido.jp +oketo.hokkaido.jp +okoppe.hokkaido.jp +otaru.hokkaido.jp +otobe.hokkaido.jp +otofuke.hokkaido.jp +otoineppu.hokkaido.jp +oumu.hokkaido.jp +ozora.hokkaido.jp +pippu.hokkaido.jp +rankoshi.hokkaido.jp +rebun.hokkaido.jp +rikubetsu.hokkaido.jp +rishiri.hokkaido.jp +rishirifuji.hokkaido.jp +saroma.hokkaido.jp +sarufutsu.hokkaido.jp +shakotan.hokkaido.jp +shari.hokkaido.jp +shibecha.hokkaido.jp +shibetsu.hokkaido.jp +shikabe.hokkaido.jp +shikaoi.hokkaido.jp +shimamaki.hokkaido.jp +shimizu.hokkaido.jp +shimokawa.hokkaido.jp +shinshinotsu.hokkaido.jp +shintoku.hokkaido.jp +shiranuka.hokkaido.jp +shiraoi.hokkaido.jp +shiriuchi.hokkaido.jp +sobetsu.hokkaido.jp +sunagawa.hokkaido.jp +taiki.hokkaido.jp +takasu.hokkaido.jp +takikawa.hokkaido.jp +takinoue.hokkaido.jp +teshikaga.hokkaido.jp +tobetsu.hokkaido.jp +tohma.hokkaido.jp +tomakomai.hokkaido.jp +tomari.hokkaido.jp +toya.hokkaido.jp +toyako.hokkaido.jp +toyotomi.hokkaido.jp +toyoura.hokkaido.jp +tsubetsu.hokkaido.jp +tsukigata.hokkaido.jp +urakawa.hokkaido.jp +urausu.hokkaido.jp +uryu.hokkaido.jp +utashinai.hokkaido.jp +wakkanai.hokkaido.jp +wassamu.hokkaido.jp +yakumo.hokkaido.jp +yoichi.hokkaido.jp +aioi.hyogo.jp +akashi.hyogo.jp +ako.hyogo.jp +amagasaki.hyogo.jp +aogaki.hyogo.jp +asago.hyogo.jp +ashiya.hyogo.jp +awaji.hyogo.jp +fukusaki.hyogo.jp +goshiki.hyogo.jp +harima.hyogo.jp +himeji.hyogo.jp +ichikawa.hyogo.jp +inagawa.hyogo.jp +itami.hyogo.jp +kakogawa.hyogo.jp +kamigori.hyogo.jp +kamikawa.hyogo.jp +kasai.hyogo.jp +kasuga.hyogo.jp +kawanishi.hyogo.jp +miki.hyogo.jp +minamiawaji.hyogo.jp +nishinomiya.hyogo.jp +nishiwaki.hyogo.jp +ono.hyogo.jp +sanda.hyogo.jp +sannan.hyogo.jp +sasayama.hyogo.jp +sayo.hyogo.jp +shingu.hyogo.jp +shinonsen.hyogo.jp +shiso.hyogo.jp +sumoto.hyogo.jp +taishi.hyogo.jp +taka.hyogo.jp +takarazuka.hyogo.jp +takasago.hyogo.jp +takino.hyogo.jp +tamba.hyogo.jp +tatsuno.hyogo.jp +toyooka.hyogo.jp +yabu.hyogo.jp +yashiro.hyogo.jp +yoka.hyogo.jp +yokawa.hyogo.jp +ami.ibaraki.jp +asahi.ibaraki.jp +bando.ibaraki.jp +chikusei.ibaraki.jp +daigo.ibaraki.jp +fujishiro.ibaraki.jp +hitachi.ibaraki.jp +hitachinaka.ibaraki.jp +hitachiomiya.ibaraki.jp +hitachiota.ibaraki.jp +ibaraki.ibaraki.jp +ina.ibaraki.jp +inashiki.ibaraki.jp +itako.ibaraki.jp +iwama.ibaraki.jp +joso.ibaraki.jp +kamisu.ibaraki.jp +kasama.ibaraki.jp +kashima.ibaraki.jp +kasumigaura.ibaraki.jp +koga.ibaraki.jp +miho.ibaraki.jp +mito.ibaraki.jp +moriya.ibaraki.jp +naka.ibaraki.jp +namegata.ibaraki.jp +oarai.ibaraki.jp +ogawa.ibaraki.jp +omitama.ibaraki.jp +ryugasaki.ibaraki.jp +sakai.ibaraki.jp +sakuragawa.ibaraki.jp +shimodate.ibaraki.jp +shimotsuma.ibaraki.jp +shirosato.ibaraki.jp +sowa.ibaraki.jp +suifu.ibaraki.jp +takahagi.ibaraki.jp +tamatsukuri.ibaraki.jp +tokai.ibaraki.jp +tomobe.ibaraki.jp +tone.ibaraki.jp +toride.ibaraki.jp +tsuchiura.ibaraki.jp +tsukuba.ibaraki.jp +uchihara.ibaraki.jp +ushiku.ibaraki.jp +yachiyo.ibaraki.jp +yamagata.ibaraki.jp +yawara.ibaraki.jp +yuki.ibaraki.jp +anamizu.ishikawa.jp +hakui.ishikawa.jp +hakusan.ishikawa.jp +kaga.ishikawa.jp +kahoku.ishikawa.jp +kanazawa.ishikawa.jp +kawakita.ishikawa.jp +komatsu.ishikawa.jp +nakanoto.ishikawa.jp +nanao.ishikawa.jp +nomi.ishikawa.jp +nonoichi.ishikawa.jp +noto.ishikawa.jp +shika.ishikawa.jp +suzu.ishikawa.jp +tsubata.ishikawa.jp +tsurugi.ishikawa.jp +uchinada.ishikawa.jp +wajima.ishikawa.jp +fudai.iwate.jp +fujisawa.iwate.jp +hanamaki.iwate.jp +hiraizumi.iwate.jp +hirono.iwate.jp +ichinohe.iwate.jp +ichinoseki.iwate.jp +iwaizumi.iwate.jp +iwate.iwate.jp +joboji.iwate.jp +kamaishi.iwate.jp +kanegasaki.iwate.jp +karumai.iwate.jp +kawai.iwate.jp +kitakami.iwate.jp +kuji.iwate.jp +kunohe.iwate.jp +kuzumaki.iwate.jp +miyako.iwate.jp +mizusawa.iwate.jp +morioka.iwate.jp +ninohe.iwate.jp +noda.iwate.jp +ofunato.iwate.jp +oshu.iwate.jp +otsuchi.iwate.jp +rikuzentakata.iwate.jp +shiwa.iwate.jp +shizukuishi.iwate.jp +sumita.iwate.jp +tanohata.iwate.jp +tono.iwate.jp +yahaba.iwate.jp +yamada.iwate.jp +ayagawa.kagawa.jp +higashikagawa.kagawa.jp +kanonji.kagawa.jp +kotohira.kagawa.jp +manno.kagawa.jp +marugame.kagawa.jp +mitoyo.kagawa.jp +naoshima.kagawa.jp +sanuki.kagawa.jp +tadotsu.kagawa.jp +takamatsu.kagawa.jp +tonosho.kagawa.jp +uchinomi.kagawa.jp +utazu.kagawa.jp +zentsuji.kagawa.jp +akune.kagoshima.jp +amami.kagoshima.jp +hioki.kagoshima.jp +isa.kagoshima.jp +isen.kagoshima.jp +izumi.kagoshima.jp +kagoshima.kagoshima.jp +kanoya.kagoshima.jp +kawanabe.kagoshima.jp +kinko.kagoshima.jp +kouyama.kagoshima.jp +makurazaki.kagoshima.jp +matsumoto.kagoshima.jp +minamitane.kagoshima.jp +nakatane.kagoshima.jp +nishinoomote.kagoshima.jp +satsumasendai.kagoshima.jp +soo.kagoshima.jp +tarumizu.kagoshima.jp +yusui.kagoshima.jp +aikawa.kanagawa.jp +atsugi.kanagawa.jp +ayase.kanagawa.jp +chigasaki.kanagawa.jp +ebina.kanagawa.jp +fujisawa.kanagawa.jp +hadano.kanagawa.jp +hakone.kanagawa.jp +hiratsuka.kanagawa.jp +isehara.kanagawa.jp +kaisei.kanagawa.jp +kamakura.kanagawa.jp +kiyokawa.kanagawa.jp +matsuda.kanagawa.jp +minamiashigara.kanagawa.jp +miura.kanagawa.jp +nakai.kanagawa.jp +ninomiya.kanagawa.jp +odawara.kanagawa.jp +oi.kanagawa.jp +oiso.kanagawa.jp +sagamihara.kanagawa.jp +samukawa.kanagawa.jp +tsukui.kanagawa.jp +yamakita.kanagawa.jp +yamato.kanagawa.jp +yokosuka.kanagawa.jp +yugawara.kanagawa.jp +zama.kanagawa.jp +zushi.kanagawa.jp +aki.kochi.jp +geisei.kochi.jp +hidaka.kochi.jp +higashitsuno.kochi.jp +ino.kochi.jp +kagami.kochi.jp +kami.kochi.jp +kitagawa.kochi.jp +kochi.kochi.jp +mihara.kochi.jp +motoyama.kochi.jp +muroto.kochi.jp +nahari.kochi.jp +nakamura.kochi.jp +nankoku.kochi.jp +nishitosa.kochi.jp +niyodogawa.kochi.jp +ochi.kochi.jp +okawa.kochi.jp +otoyo.kochi.jp +otsuki.kochi.jp +sakawa.kochi.jp +sukumo.kochi.jp +susaki.kochi.jp +tosa.kochi.jp +tosashimizu.kochi.jp +toyo.kochi.jp +tsuno.kochi.jp +umaji.kochi.jp +yasuda.kochi.jp +yusuhara.kochi.jp +amakusa.kumamoto.jp +arao.kumamoto.jp +aso.kumamoto.jp +choyo.kumamoto.jp +gyokuto.kumamoto.jp +kamiamakusa.kumamoto.jp +kikuchi.kumamoto.jp +kumamoto.kumamoto.jp +mashiki.kumamoto.jp +mifune.kumamoto.jp +minamata.kumamoto.jp +minamioguni.kumamoto.jp +nagasu.kumamoto.jp +nishihara.kumamoto.jp +oguni.kumamoto.jp +ozu.kumamoto.jp +sumoto.kumamoto.jp +takamori.kumamoto.jp +uki.kumamoto.jp +uto.kumamoto.jp +yamaga.kumamoto.jp +yamato.kumamoto.jp +yatsushiro.kumamoto.jp +ayabe.kyoto.jp +fukuchiyama.kyoto.jp +higashiyama.kyoto.jp +ide.kyoto.jp +ine.kyoto.jp +joyo.kyoto.jp +kameoka.kyoto.jp +kamo.kyoto.jp +kita.kyoto.jp +kizu.kyoto.jp +kumiyama.kyoto.jp +kyotamba.kyoto.jp +kyotanabe.kyoto.jp +kyotango.kyoto.jp +maizuru.kyoto.jp +minami.kyoto.jp +minamiyamashiro.kyoto.jp +miyazu.kyoto.jp +muko.kyoto.jp +nagaokakyo.kyoto.jp +nakagyo.kyoto.jp +nantan.kyoto.jp +oyamazaki.kyoto.jp +sakyo.kyoto.jp +seika.kyoto.jp +tanabe.kyoto.jp +uji.kyoto.jp +ujitawara.kyoto.jp +wazuka.kyoto.jp +yamashina.kyoto.jp +yawata.kyoto.jp +asahi.mie.jp +inabe.mie.jp +ise.mie.jp +kameyama.mie.jp +kawagoe.mie.jp +kiho.mie.jp +kisosaki.mie.jp +kiwa.mie.jp +komono.mie.jp +kumano.mie.jp +kuwana.mie.jp +matsusaka.mie.jp +meiwa.mie.jp +mihama.mie.jp +minamiise.mie.jp +misugi.mie.jp +miyama.mie.jp +nabari.mie.jp +shima.mie.jp +suzuka.mie.jp +tado.mie.jp +taiki.mie.jp +taki.mie.jp +tamaki.mie.jp +toba.mie.jp +tsu.mie.jp +udono.mie.jp +ureshino.mie.jp +watarai.mie.jp +yokkaichi.mie.jp +furukawa.miyagi.jp +higashimatsushima.miyagi.jp +ishinomaki.miyagi.jp +iwanuma.miyagi.jp +kakuda.miyagi.jp +kami.miyagi.jp +kawasaki.miyagi.jp +marumori.miyagi.jp +matsushima.miyagi.jp +minamisanriku.miyagi.jp +misato.miyagi.jp +murata.miyagi.jp +natori.miyagi.jp +ogawara.miyagi.jp +ohira.miyagi.jp +onagawa.miyagi.jp +osaki.miyagi.jp +rifu.miyagi.jp +semine.miyagi.jp +shibata.miyagi.jp +shichikashuku.miyagi.jp +shikama.miyagi.jp +shiogama.miyagi.jp +shiroishi.miyagi.jp +tagajo.miyagi.jp +taiwa.miyagi.jp +tome.miyagi.jp +tomiya.miyagi.jp +wakuya.miyagi.jp +watari.miyagi.jp +yamamoto.miyagi.jp +zao.miyagi.jp +aya.miyazaki.jp +ebino.miyazaki.jp +gokase.miyazaki.jp +hyuga.miyazaki.jp +kadogawa.miyazaki.jp +kawaminami.miyazaki.jp +kijo.miyazaki.jp +kitagawa.miyazaki.jp +kitakata.miyazaki.jp +kitaura.miyazaki.jp +kobayashi.miyazaki.jp +kunitomi.miyazaki.jp +kushima.miyazaki.jp +mimata.miyazaki.jp +miyakonojo.miyazaki.jp +miyazaki.miyazaki.jp +morotsuka.miyazaki.jp +nichinan.miyazaki.jp +nishimera.miyazaki.jp +nobeoka.miyazaki.jp +saito.miyazaki.jp +shiiba.miyazaki.jp +shintomi.miyazaki.jp +takaharu.miyazaki.jp +takanabe.miyazaki.jp +takazaki.miyazaki.jp +tsuno.miyazaki.jp +achi.nagano.jp +agematsu.nagano.jp +anan.nagano.jp +aoki.nagano.jp +asahi.nagano.jp +azumino.nagano.jp +chikuhoku.nagano.jp +chikuma.nagano.jp +chino.nagano.jp +fujimi.nagano.jp +hakuba.nagano.jp +hara.nagano.jp +hiraya.nagano.jp +iida.nagano.jp +iijima.nagano.jp +iiyama.nagano.jp +iizuna.nagano.jp +ikeda.nagano.jp +ikusaka.nagano.jp +ina.nagano.jp +karuizawa.nagano.jp +kawakami.nagano.jp +kiso.nagano.jp +kisofukushima.nagano.jp +kitaaiki.nagano.jp +komagane.nagano.jp +komoro.nagano.jp +matsukawa.nagano.jp +matsumoto.nagano.jp +miasa.nagano.jp +minamiaiki.nagano.jp +minamimaki.nagano.jp +minamiminowa.nagano.jp +minowa.nagano.jp +miyada.nagano.jp +miyota.nagano.jp +mochizuki.nagano.jp +nagano.nagano.jp +nagawa.nagano.jp +nagiso.nagano.jp +nakagawa.nagano.jp +nakano.nagano.jp +nozawaonsen.nagano.jp +obuse.nagano.jp +ogawa.nagano.jp +okaya.nagano.jp +omachi.nagano.jp +omi.nagano.jp +ookuwa.nagano.jp +ooshika.nagano.jp +otaki.nagano.jp +otari.nagano.jp +sakae.nagano.jp +sakaki.nagano.jp +saku.nagano.jp +sakuho.nagano.jp +shimosuwa.nagano.jp +shinanomachi.nagano.jp +shiojiri.nagano.jp +suwa.nagano.jp +suzaka.nagano.jp +takagi.nagano.jp +takamori.nagano.jp +takayama.nagano.jp +tateshina.nagano.jp +tatsuno.nagano.jp +togakushi.nagano.jp +togura.nagano.jp +tomi.nagano.jp +ueda.nagano.jp +wada.nagano.jp +yamagata.nagano.jp +yamanouchi.nagano.jp +yasaka.nagano.jp +yasuoka.nagano.jp +chijiwa.nagasaki.jp +futsu.nagasaki.jp +goto.nagasaki.jp +hasami.nagasaki.jp +hirado.nagasaki.jp +iki.nagasaki.jp +isahaya.nagasaki.jp +kawatana.nagasaki.jp +kuchinotsu.nagasaki.jp +matsuura.nagasaki.jp +nagasaki.nagasaki.jp +obama.nagasaki.jp +omura.nagasaki.jp +oseto.nagasaki.jp +saikai.nagasaki.jp +sasebo.nagasaki.jp +seihi.nagasaki.jp +shimabara.nagasaki.jp +shinkamigoto.nagasaki.jp +togitsu.nagasaki.jp +tsushima.nagasaki.jp +unzen.nagasaki.jp +ando.nara.jp +gose.nara.jp +heguri.nara.jp +higashiyoshino.nara.jp +ikaruga.nara.jp +ikoma.nara.jp +kamikitayama.nara.jp +kanmaki.nara.jp +kashiba.nara.jp +kashihara.nara.jp +katsuragi.nara.jp +kawai.nara.jp +kawakami.nara.jp +kawanishi.nara.jp +koryo.nara.jp +kurotaki.nara.jp +mitsue.nara.jp +miyake.nara.jp +nara.nara.jp +nosegawa.nara.jp +oji.nara.jp +ouda.nara.jp +oyodo.nara.jp +sakurai.nara.jp +sango.nara.jp +shimoichi.nara.jp +shimokitayama.nara.jp +shinjo.nara.jp +soni.nara.jp +takatori.nara.jp +tawaramoto.nara.jp +tenkawa.nara.jp +tenri.nara.jp +uda.nara.jp +yamatokoriyama.nara.jp +yamatotakada.nara.jp +yamazoe.nara.jp +yoshino.nara.jp +aga.niigata.jp +agano.niigata.jp +gosen.niigata.jp +itoigawa.niigata.jp +izumozaki.niigata.jp +joetsu.niigata.jp +kamo.niigata.jp +kariwa.niigata.jp +kashiwazaki.niigata.jp +minamiuonuma.niigata.jp +mitsuke.niigata.jp +muika.niigata.jp +murakami.niigata.jp +myoko.niigata.jp +nagaoka.niigata.jp +niigata.niigata.jp +ojiya.niigata.jp +omi.niigata.jp +sado.niigata.jp +sanjo.niigata.jp +seiro.niigata.jp +seirou.niigata.jp +sekikawa.niigata.jp +shibata.niigata.jp +tagami.niigata.jp +tainai.niigata.jp +tochio.niigata.jp +tokamachi.niigata.jp +tsubame.niigata.jp +tsunan.niigata.jp +uonuma.niigata.jp +yahiko.niigata.jp +yoita.niigata.jp +yuzawa.niigata.jp +beppu.oita.jp +bungoono.oita.jp +bungotakada.oita.jp +hasama.oita.jp +hiji.oita.jp +himeshima.oita.jp +hita.oita.jp +kamitsue.oita.jp +kokonoe.oita.jp +kuju.oita.jp +kunisaki.oita.jp +kusu.oita.jp +oita.oita.jp +saiki.oita.jp +taketa.oita.jp +tsukumi.oita.jp +usa.oita.jp +usuki.oita.jp +yufu.oita.jp +akaiwa.okayama.jp +asakuchi.okayama.jp +bizen.okayama.jp +hayashima.okayama.jp +ibara.okayama.jp +kagamino.okayama.jp +kasaoka.okayama.jp +kibichuo.okayama.jp +kumenan.okayama.jp +kurashiki.okayama.jp +maniwa.okayama.jp +misaki.okayama.jp +nagi.okayama.jp +niimi.okayama.jp +nishiawakura.okayama.jp +okayama.okayama.jp +satosho.okayama.jp +setouchi.okayama.jp +shinjo.okayama.jp +shoo.okayama.jp +soja.okayama.jp +takahashi.okayama.jp +tamano.okayama.jp +tsuyama.okayama.jp +wake.okayama.jp +yakage.okayama.jp +aguni.okinawa.jp +ginowan.okinawa.jp +ginoza.okinawa.jp +gushikami.okinawa.jp +haebaru.okinawa.jp +higashi.okinawa.jp +hirara.okinawa.jp +iheya.okinawa.jp +ishigaki.okinawa.jp +ishikawa.okinawa.jp +itoman.okinawa.jp +izena.okinawa.jp +kadena.okinawa.jp +kin.okinawa.jp +kitadaito.okinawa.jp +kitanakagusuku.okinawa.jp +kumejima.okinawa.jp +kunigami.okinawa.jp +minamidaito.okinawa.jp +motobu.okinawa.jp +nago.okinawa.jp +naha.okinawa.jp +nakagusuku.okinawa.jp +nakijin.okinawa.jp +nanjo.okinawa.jp +nishihara.okinawa.jp +ogimi.okinawa.jp +okinawa.okinawa.jp +onna.okinawa.jp +shimoji.okinawa.jp +taketomi.okinawa.jp +tarama.okinawa.jp +tokashiki.okinawa.jp +tomigusuku.okinawa.jp +tonaki.okinawa.jp +urasoe.okinawa.jp +uruma.okinawa.jp +yaese.okinawa.jp +yomitan.okinawa.jp +yonabaru.okinawa.jp +yonaguni.okinawa.jp +zamami.okinawa.jp +abeno.osaka.jp +chihayaakasaka.osaka.jp +chuo.osaka.jp +daito.osaka.jp +fujiidera.osaka.jp +habikino.osaka.jp +hannan.osaka.jp +higashiosaka.osaka.jp +higashisumiyoshi.osaka.jp +higashiyodogawa.osaka.jp +hirakata.osaka.jp +ibaraki.osaka.jp +ikeda.osaka.jp +izumi.osaka.jp +izumiotsu.osaka.jp +izumisano.osaka.jp +kadoma.osaka.jp +kaizuka.osaka.jp +kanan.osaka.jp +kashiwara.osaka.jp +katano.osaka.jp +kawachinagano.osaka.jp +kishiwada.osaka.jp +kita.osaka.jp +kumatori.osaka.jp +matsubara.osaka.jp +minato.osaka.jp +minoh.osaka.jp +misaki.osaka.jp +moriguchi.osaka.jp +neyagawa.osaka.jp +nishi.osaka.jp +nose.osaka.jp +osakasayama.osaka.jp +sakai.osaka.jp +sayama.osaka.jp +sennan.osaka.jp +settsu.osaka.jp +shijonawate.osaka.jp +shimamoto.osaka.jp +suita.osaka.jp +tadaoka.osaka.jp +taishi.osaka.jp +tajiri.osaka.jp +takaishi.osaka.jp +takatsuki.osaka.jp +tondabayashi.osaka.jp +toyonaka.osaka.jp +toyono.osaka.jp +yao.osaka.jp +ariake.saga.jp +arita.saga.jp +fukudomi.saga.jp +genkai.saga.jp +hamatama.saga.jp +hizen.saga.jp +imari.saga.jp +kamimine.saga.jp +kanzaki.saga.jp +karatsu.saga.jp +kashima.saga.jp +kitagata.saga.jp +kitahata.saga.jp +kiyama.saga.jp +kouhoku.saga.jp +kyuragi.saga.jp +nishiarita.saga.jp +ogi.saga.jp +omachi.saga.jp +ouchi.saga.jp +saga.saga.jp +shiroishi.saga.jp +taku.saga.jp +tara.saga.jp +tosu.saga.jp +yoshinogari.saga.jp +arakawa.saitama.jp +asaka.saitama.jp +chichibu.saitama.jp +fujimi.saitama.jp +fujimino.saitama.jp +fukaya.saitama.jp +hanno.saitama.jp +hanyu.saitama.jp +hasuda.saitama.jp +hatogaya.saitama.jp +hatoyama.saitama.jp +hidaka.saitama.jp +higashichichibu.saitama.jp +higashimatsuyama.saitama.jp +honjo.saitama.jp +ina.saitama.jp +iruma.saitama.jp +iwatsuki.saitama.jp +kamiizumi.saitama.jp +kamikawa.saitama.jp +kamisato.saitama.jp +kasukabe.saitama.jp +kawagoe.saitama.jp +kawaguchi.saitama.jp +kawajima.saitama.jp +kazo.saitama.jp +kitamoto.saitama.jp +koshigaya.saitama.jp +kounosu.saitama.jp +kuki.saitama.jp +kumagaya.saitama.jp +matsubushi.saitama.jp +minano.saitama.jp +misato.saitama.jp +miyashiro.saitama.jp +miyoshi.saitama.jp +moroyama.saitama.jp +nagatoro.saitama.jp +namegawa.saitama.jp +niiza.saitama.jp +ogano.saitama.jp +ogawa.saitama.jp +ogose.saitama.jp +okegawa.saitama.jp +omiya.saitama.jp +otaki.saitama.jp +ranzan.saitama.jp +ryokami.saitama.jp +saitama.saitama.jp +sakado.saitama.jp +satte.saitama.jp +sayama.saitama.jp +shiki.saitama.jp +shiraoka.saitama.jp +soka.saitama.jp +sugito.saitama.jp +toda.saitama.jp +tokigawa.saitama.jp +tokorozawa.saitama.jp +tsurugashima.saitama.jp +urawa.saitama.jp +warabi.saitama.jp +yashio.saitama.jp +yokoze.saitama.jp +yono.saitama.jp +yorii.saitama.jp +yoshida.saitama.jp +yoshikawa.saitama.jp +yoshimi.saitama.jp +aisho.shiga.jp +gamo.shiga.jp +higashiomi.shiga.jp +hikone.shiga.jp +koka.shiga.jp +konan.shiga.jp +kosei.shiga.jp +koto.shiga.jp +kusatsu.shiga.jp +maibara.shiga.jp +moriyama.shiga.jp +nagahama.shiga.jp +nishiazai.shiga.jp +notogawa.shiga.jp +omihachiman.shiga.jp +otsu.shiga.jp +ritto.shiga.jp +ryuoh.shiga.jp +takashima.shiga.jp +takatsuki.shiga.jp +torahime.shiga.jp +toyosato.shiga.jp +yasu.shiga.jp +akagi.shimane.jp +ama.shimane.jp +gotsu.shimane.jp +hamada.shimane.jp +higashiizumo.shimane.jp +hikawa.shimane.jp +hikimi.shimane.jp +izumo.shimane.jp +kakinoki.shimane.jp +masuda.shimane.jp +matsue.shimane.jp +misato.shimane.jp +nishinoshima.shimane.jp +ohda.shimane.jp +okinoshima.shimane.jp +okuizumo.shimane.jp +shimane.shimane.jp +tamayu.shimane.jp +tsuwano.shimane.jp +unnan.shimane.jp +yakumo.shimane.jp +yasugi.shimane.jp +yatsuka.shimane.jp +arai.shizuoka.jp +atami.shizuoka.jp +fuji.shizuoka.jp +fujieda.shizuoka.jp +fujikawa.shizuoka.jp +fujinomiya.shizuoka.jp +fukuroi.shizuoka.jp +gotemba.shizuoka.jp +haibara.shizuoka.jp +hamamatsu.shizuoka.jp +higashiizu.shizuoka.jp +ito.shizuoka.jp +iwata.shizuoka.jp +izu.shizuoka.jp +izunokuni.shizuoka.jp +kakegawa.shizuoka.jp +kannami.shizuoka.jp +kawanehon.shizuoka.jp +kawazu.shizuoka.jp +kikugawa.shizuoka.jp +kosai.shizuoka.jp +makinohara.shizuoka.jp +matsuzaki.shizuoka.jp +minamiizu.shizuoka.jp +mishima.shizuoka.jp +morimachi.shizuoka.jp +nishiizu.shizuoka.jp +numazu.shizuoka.jp +omaezaki.shizuoka.jp +shimada.shizuoka.jp +shimizu.shizuoka.jp +shimoda.shizuoka.jp +shizuoka.shizuoka.jp +susono.shizuoka.jp +yaizu.shizuoka.jp +yoshida.shizuoka.jp +ashikaga.tochigi.jp +bato.tochigi.jp +haga.tochigi.jp +ichikai.tochigi.jp +iwafune.tochigi.jp +kaminokawa.tochigi.jp +kanuma.tochigi.jp +karasuyama.tochigi.jp +kuroiso.tochigi.jp +mashiko.tochigi.jp +mibu.tochigi.jp +moka.tochigi.jp +motegi.tochigi.jp +nasu.tochigi.jp +nasushiobara.tochigi.jp +nikko.tochigi.jp +nishikata.tochigi.jp +nogi.tochigi.jp +ohira.tochigi.jp +ohtawara.tochigi.jp +oyama.tochigi.jp +sakura.tochigi.jp +sano.tochigi.jp +shimotsuke.tochigi.jp +shioya.tochigi.jp +takanezawa.tochigi.jp +tochigi.tochigi.jp +tsuga.tochigi.jp +ujiie.tochigi.jp +utsunomiya.tochigi.jp +yaita.tochigi.jp +aizumi.tokushima.jp +anan.tokushima.jp +ichiba.tokushima.jp +itano.tokushima.jp +kainan.tokushima.jp +komatsushima.tokushima.jp +matsushige.tokushima.jp +mima.tokushima.jp +minami.tokushima.jp +miyoshi.tokushima.jp +mugi.tokushima.jp +nakagawa.tokushima.jp +naruto.tokushima.jp +sanagochi.tokushima.jp +shishikui.tokushima.jp +tokushima.tokushima.jp +wajiki.tokushima.jp +adachi.tokyo.jp +akiruno.tokyo.jp +akishima.tokyo.jp +aogashima.tokyo.jp +arakawa.tokyo.jp +bunkyo.tokyo.jp +chiyoda.tokyo.jp +chofu.tokyo.jp +chuo.tokyo.jp +edogawa.tokyo.jp +fuchu.tokyo.jp +fussa.tokyo.jp +hachijo.tokyo.jp +hachioji.tokyo.jp +hamura.tokyo.jp +higashikurume.tokyo.jp +higashimurayama.tokyo.jp +higashiyamato.tokyo.jp +hino.tokyo.jp +hinode.tokyo.jp +hinohara.tokyo.jp +inagi.tokyo.jp +itabashi.tokyo.jp +katsushika.tokyo.jp +kita.tokyo.jp +kiyose.tokyo.jp +kodaira.tokyo.jp +koganei.tokyo.jp +kokubunji.tokyo.jp +komae.tokyo.jp +koto.tokyo.jp +kouzushima.tokyo.jp +kunitachi.tokyo.jp +machida.tokyo.jp +meguro.tokyo.jp +minato.tokyo.jp +mitaka.tokyo.jp +mizuho.tokyo.jp +musashimurayama.tokyo.jp +musashino.tokyo.jp +nakano.tokyo.jp +nerima.tokyo.jp +ogasawara.tokyo.jp +okutama.tokyo.jp +ome.tokyo.jp +oshima.tokyo.jp +ota.tokyo.jp +setagaya.tokyo.jp +shibuya.tokyo.jp +shinagawa.tokyo.jp +shinjuku.tokyo.jp +suginami.tokyo.jp +sumida.tokyo.jp +tachikawa.tokyo.jp +taito.tokyo.jp +tama.tokyo.jp +toshima.tokyo.jp +chizu.tottori.jp +hino.tottori.jp +kawahara.tottori.jp +koge.tottori.jp +kotoura.tottori.jp +misasa.tottori.jp +nanbu.tottori.jp +nichinan.tottori.jp +sakaiminato.tottori.jp +tottori.tottori.jp +wakasa.tottori.jp +yazu.tottori.jp +yonago.tottori.jp +asahi.toyama.jp +fuchu.toyama.jp +fukumitsu.toyama.jp +funahashi.toyama.jp +himi.toyama.jp +imizu.toyama.jp +inami.toyama.jp +johana.toyama.jp +kamiichi.toyama.jp +kurobe.toyama.jp +nakaniikawa.toyama.jp +namerikawa.toyama.jp +nanto.toyama.jp +nyuzen.toyama.jp +oyabe.toyama.jp +taira.toyama.jp +takaoka.toyama.jp +tateyama.toyama.jp +toga.toyama.jp +tonami.toyama.jp +toyama.toyama.jp +unazuki.toyama.jp +uozu.toyama.jp +yamada.toyama.jp +arida.wakayama.jp +aridagawa.wakayama.jp +gobo.wakayama.jp +hashimoto.wakayama.jp +hidaka.wakayama.jp +hirogawa.wakayama.jp +inami.wakayama.jp +iwade.wakayama.jp +kainan.wakayama.jp +kamitonda.wakayama.jp +katsuragi.wakayama.jp +kimino.wakayama.jp +kinokawa.wakayama.jp +kitayama.wakayama.jp +koya.wakayama.jp +koza.wakayama.jp +kozagawa.wakayama.jp +kudoyama.wakayama.jp +kushimoto.wakayama.jp +mihama.wakayama.jp +misato.wakayama.jp +nachikatsuura.wakayama.jp +shingu.wakayama.jp +shirahama.wakayama.jp +taiji.wakayama.jp +tanabe.wakayama.jp +wakayama.wakayama.jp +yuasa.wakayama.jp +yura.wakayama.jp +asahi.yamagata.jp +funagata.yamagata.jp +higashine.yamagata.jp +iide.yamagata.jp +kahoku.yamagata.jp +kaminoyama.yamagata.jp +kaneyama.yamagata.jp +kawanishi.yamagata.jp +mamurogawa.yamagata.jp +mikawa.yamagata.jp +murayama.yamagata.jp +nagai.yamagata.jp +nakayama.yamagata.jp +nanyo.yamagata.jp +nishikawa.yamagata.jp +obanazawa.yamagata.jp +oe.yamagata.jp +oguni.yamagata.jp +ohkura.yamagata.jp +oishida.yamagata.jp +sagae.yamagata.jp +sakata.yamagata.jp +sakegawa.yamagata.jp +shinjo.yamagata.jp +shirataka.yamagata.jp +shonai.yamagata.jp +takahata.yamagata.jp +tendo.yamagata.jp +tozawa.yamagata.jp +tsuruoka.yamagata.jp +yamagata.yamagata.jp +yamanobe.yamagata.jp +yonezawa.yamagata.jp +yuza.yamagata.jp +abu.yamaguchi.jp +hagi.yamaguchi.jp +hikari.yamaguchi.jp +hofu.yamaguchi.jp +iwakuni.yamaguchi.jp +kudamatsu.yamaguchi.jp +mitou.yamaguchi.jp +nagato.yamaguchi.jp +oshima.yamaguchi.jp +shimonoseki.yamaguchi.jp +shunan.yamaguchi.jp +tabuse.yamaguchi.jp +tokuyama.yamaguchi.jp +toyota.yamaguchi.jp +ube.yamaguchi.jp +yuu.yamaguchi.jp +chuo.yamanashi.jp +doshi.yamanashi.jp +fuefuki.yamanashi.jp +fujikawa.yamanashi.jp +fujikawaguchiko.yamanashi.jp +fujiyoshida.yamanashi.jp +hayakawa.yamanashi.jp +hokuto.yamanashi.jp +ichikawamisato.yamanashi.jp +kai.yamanashi.jp +kofu.yamanashi.jp +koshu.yamanashi.jp +kosuge.yamanashi.jp +minami-alps.yamanashi.jp +minobu.yamanashi.jp +nakamichi.yamanashi.jp +nanbu.yamanashi.jp +narusawa.yamanashi.jp +nirasaki.yamanashi.jp +nishikatsura.yamanashi.jp +oshino.yamanashi.jp +otsuki.yamanashi.jp +showa.yamanashi.jp +tabayama.yamanashi.jp +tsuru.yamanashi.jp +uenohara.yamanashi.jp +yamanakako.yamanashi.jp +yamanashi.yamanashi.jp + +// ke : http://www.kenic.or.ke/index.php/en/ke-domains/ke-domains +ke +ac.ke +co.ke +go.ke +info.ke +me.ke +mobi.ke +ne.ke +or.ke +sc.ke + +// kg : http://www.domain.kg/dmn_n.html +kg +org.kg +net.kg +com.kg +edu.kg +gov.kg +mil.kg + +// kh : http://www.mptc.gov.kh/dns_registration.htm +*.kh + +// ki : http://www.ki/dns/index.html +ki +edu.ki +biz.ki +net.ki +org.ki +gov.ki +info.ki +com.ki + +// km : https://en.wikipedia.org/wiki/.km +// http://www.domaine.km/documents/charte.doc +km +org.km +nom.km +gov.km +prd.km +tm.km +edu.km +mil.km +ass.km +com.km +// These are only mentioned as proposed suggestions at domaine.km, but +// https://en.wikipedia.org/wiki/.km says they're available for registration: +coop.km +asso.km +presse.km +medecin.km +notaires.km +pharmaciens.km +veterinaire.km +gouv.km + +// kn : https://en.wikipedia.org/wiki/.kn +// http://www.dot.kn/domainRules.html +kn +net.kn +org.kn +edu.kn +gov.kn + +// kp : http://www.kcce.kp/en_index.php +kp +com.kp +edu.kp +gov.kp +org.kp +rep.kp +tra.kp + +// kr : https://en.wikipedia.org/wiki/.kr +// see also: http://domain.nida.or.kr/eng/registration.jsp +kr +ac.kr +co.kr +es.kr +go.kr +hs.kr +kg.kr +mil.kr +ms.kr +ne.kr +or.kr +pe.kr +re.kr +sc.kr +// kr geographical names +busan.kr +chungbuk.kr +chungnam.kr +daegu.kr +daejeon.kr +gangwon.kr +gwangju.kr +gyeongbuk.kr +gyeonggi.kr +gyeongnam.kr +incheon.kr +jeju.kr +jeonbuk.kr +jeonnam.kr +seoul.kr +ulsan.kr + +// kw : https://en.wikipedia.org/wiki/.kw +*.kw + +// ky : http://www.icta.ky/da_ky_reg_dom.php +// Confirmed by registry <kysupport@perimeterusa.com> 2008-06-17 +ky +edu.ky +gov.ky +com.ky +org.ky +net.ky + +// kz : https://en.wikipedia.org/wiki/.kz +// see also: http://www.nic.kz/rules/index.jsp +kz +org.kz +edu.kz +net.kz +gov.kz +mil.kz +com.kz + +// la : https://en.wikipedia.org/wiki/.la +// Submitted by registry <gavin.brown@nic.la> +la +int.la +net.la +info.la +edu.la +gov.la +per.la +com.la +org.la + +// lb : https://en.wikipedia.org/wiki/.lb +// Submitted by registry <randy@psg.com> +lb +com.lb +edu.lb +gov.lb +net.lb +org.lb + +// lc : https://en.wikipedia.org/wiki/.lc +// see also: http://www.nic.lc/rules.htm +lc +com.lc +net.lc +co.lc +org.lc +edu.lc +gov.lc + +// li : https://en.wikipedia.org/wiki/.li +li + +// lk : http://www.nic.lk/seclevpr.html +lk +gov.lk +sch.lk +net.lk +int.lk +com.lk +org.lk +edu.lk +ngo.lk +soc.lk +web.lk +ltd.lk +assn.lk +grp.lk +hotel.lk +ac.lk + +// lr : http://psg.com/dns/lr/lr.txt +// Submitted by registry <randy@psg.com> +lr +com.lr +edu.lr +gov.lr +org.lr +net.lr + +// ls : https://en.wikipedia.org/wiki/.ls +ls +co.ls +org.ls + +// lt : https://en.wikipedia.org/wiki/.lt +lt +// gov.lt : http://www.gov.lt/index_en.php +gov.lt + +// lu : http://www.dns.lu/en/ +lu + +// lv : http://www.nic.lv/DNS/En/generic.php +lv +com.lv +edu.lv +gov.lv +org.lv +mil.lv +id.lv +net.lv +asn.lv +conf.lv + +// ly : http://www.nic.ly/regulations.php +ly +com.ly +net.ly +gov.ly +plc.ly +edu.ly +sch.ly +med.ly +org.ly +id.ly + +// ma : https://en.wikipedia.org/wiki/.ma +// http://www.anrt.ma/fr/admin/download/upload/file_fr782.pdf +ma +co.ma +net.ma +gov.ma +org.ma +ac.ma +press.ma + +// mc : http://www.nic.mc/ +mc +tm.mc +asso.mc + +// md : https://en.wikipedia.org/wiki/.md +md + +// me : https://en.wikipedia.org/wiki/.me +me +co.me +net.me +org.me +edu.me +ac.me +gov.me +its.me +priv.me + +// mg : http://nic.mg/nicmg/?page_id=39 +mg +org.mg +nom.mg +gov.mg +prd.mg +tm.mg +edu.mg +mil.mg +com.mg +co.mg + +// mh : https://en.wikipedia.org/wiki/.mh +mh + +// mil : https://en.wikipedia.org/wiki/.mil +mil + +// mk : https://en.wikipedia.org/wiki/.mk +// see also: http://dns.marnet.net.mk/postapka.php +mk +com.mk +org.mk +net.mk +edu.mk +gov.mk +inf.mk +name.mk + +// ml : http://www.gobin.info/domainname/ml-template.doc +// see also: https://en.wikipedia.org/wiki/.ml +ml +com.ml +edu.ml +gouv.ml +gov.ml +net.ml +org.ml +presse.ml + +// mm : https://en.wikipedia.org/wiki/.mm +*.mm + +// mn : https://en.wikipedia.org/wiki/.mn +mn +gov.mn +edu.mn +org.mn + +// mo : http://www.monic.net.mo/ +mo +com.mo +net.mo +org.mo +edu.mo +gov.mo + +// mobi : https://en.wikipedia.org/wiki/.mobi +mobi + +// mp : http://www.dot.mp/ +// Confirmed by registry <dcamacho@saipan.com> 2008-06-17 +mp + +// mq : https://en.wikipedia.org/wiki/.mq +mq + +// mr : https://en.wikipedia.org/wiki/.mr +mr +gov.mr + +// ms : http://www.nic.ms/pdf/MS_Domain_Name_Rules.pdf +ms +com.ms +edu.ms +gov.ms +net.ms +org.ms + +// mt : https://www.nic.org.mt/go/policy +// Submitted by registry <help@nic.org.mt> +mt +com.mt +edu.mt +net.mt +org.mt + +// mu : https://en.wikipedia.org/wiki/.mu +mu +com.mu +net.mu +org.mu +gov.mu +ac.mu +co.mu +or.mu + +// museum : http://about.museum/naming/ +// http://index.museum/ +museum +academy.museum +agriculture.museum +air.museum +airguard.museum +alabama.museum +alaska.museum +amber.museum +ambulance.museum +american.museum +americana.museum +americanantiques.museum +americanart.museum +amsterdam.museum +and.museum +annefrank.museum +anthro.museum +anthropology.museum +antiques.museum +aquarium.museum +arboretum.museum +archaeological.museum +archaeology.museum +architecture.museum +art.museum +artanddesign.museum +artcenter.museum +artdeco.museum +arteducation.museum +artgallery.museum +arts.museum +artsandcrafts.museum +asmatart.museum +assassination.museum +assisi.museum +association.museum +astronomy.museum +atlanta.museum +austin.museum +australia.museum +automotive.museum +aviation.museum +axis.museum +badajoz.museum +baghdad.museum +bahn.museum +bale.museum +baltimore.museum +barcelona.museum +baseball.museum +basel.museum +baths.museum +bauern.museum +beauxarts.museum +beeldengeluid.museum +bellevue.museum +bergbau.museum +berkeley.museum +berlin.museum +bern.museum +bible.museum +bilbao.museum +bill.museum +birdart.museum +birthplace.museum +bonn.museum +boston.museum +botanical.museum +botanicalgarden.museum +botanicgarden.museum +botany.museum +brandywinevalley.museum +brasil.museum +bristol.museum +british.museum +britishcolumbia.museum +broadcast.museum +brunel.museum +brussel.museum +brussels.museum +bruxelles.museum +building.museum +burghof.museum +bus.museum +bushey.museum +cadaques.museum +california.museum +cambridge.museum +can.museum +canada.museum +capebreton.museum +carrier.museum +cartoonart.museum +casadelamoneda.museum +castle.museum +castres.museum +celtic.museum +center.museum +chattanooga.museum +cheltenham.museum +chesapeakebay.museum +chicago.museum +children.museum +childrens.museum +childrensgarden.museum +chiropractic.museum +chocolate.museum +christiansburg.museum +cincinnati.museum +cinema.museum +circus.museum +civilisation.museum +civilization.museum +civilwar.museum +clinton.museum +clock.museum +coal.museum +coastaldefence.museum +cody.museum +coldwar.museum +collection.museum +colonialwilliamsburg.museum +coloradoplateau.museum +columbia.museum +columbus.museum +communication.museum +communications.museum +community.museum +computer.museum +computerhistory.museum +comunicações.museum +contemporary.museum +contemporaryart.museum +convent.museum +copenhagen.museum +corporation.museum +correios-e-telecomunicações.museum +corvette.museum +costume.museum +countryestate.museum +county.museum +crafts.museum +cranbrook.museum +creation.museum +cultural.museum +culturalcenter.museum +culture.museum +cyber.museum +cymru.museum +dali.museum +dallas.museum +database.museum +ddr.museum +decorativearts.museum +delaware.museum +delmenhorst.museum +denmark.museum +depot.museum +design.museum +detroit.museum +dinosaur.museum +discovery.museum +dolls.museum +donostia.museum +durham.museum +eastafrica.museum +eastcoast.museum +education.museum +educational.museum +egyptian.museum +eisenbahn.museum +elburg.museum +elvendrell.museum +embroidery.museum +encyclopedic.museum +england.museum +entomology.museum +environment.museum +environmentalconservation.museum +epilepsy.museum +essex.museum +estate.museum +ethnology.museum +exeter.museum +exhibition.museum +family.museum +farm.museum +farmequipment.museum +farmers.museum +farmstead.museum +field.museum +figueres.museum +filatelia.museum +film.museum +fineart.museum +finearts.museum +finland.museum +flanders.museum +florida.museum +force.museum +fortmissoula.museum +fortworth.museum +foundation.museum +francaise.museum +frankfurt.museum +franziskaner.museum +freemasonry.museum +freiburg.museum +fribourg.museum +frog.museum +fundacio.museum +furniture.museum +gallery.museum +garden.museum +gateway.museum +geelvinck.museum +gemological.museum +geology.museum +georgia.museum +giessen.museum +glas.museum +glass.museum +gorge.museum +grandrapids.museum +graz.museum +guernsey.museum +halloffame.museum +hamburg.museum +handson.museum +harvestcelebration.museum +hawaii.museum +health.museum +heimatunduhren.museum +hellas.museum +helsinki.museum +hembygdsforbund.museum +heritage.museum +histoire.museum +historical.museum +historicalsociety.museum +historichouses.museum +historisch.museum +historisches.museum +history.museum +historyofscience.museum +horology.museum +house.museum +humanities.museum +illustration.museum +imageandsound.museum +indian.museum +indiana.museum +indianapolis.museum +indianmarket.museum +intelligence.museum +interactive.museum +iraq.museum +iron.museum +isleofman.museum +jamison.museum +jefferson.museum +jerusalem.museum +jewelry.museum +jewish.museum +jewishart.museum +jfk.museum +journalism.museum +judaica.museum +judygarland.museum +juedisches.museum +juif.museum +karate.museum +karikatur.museum +kids.museum +koebenhavn.museum +koeln.museum +kunst.museum +kunstsammlung.museum +kunstunddesign.museum +labor.museum +labour.museum +lajolla.museum +lancashire.museum +landes.museum +lans.museum +läns.museum +larsson.museum +lewismiller.museum +lincoln.museum +linz.museum +living.museum +livinghistory.museum +localhistory.museum +london.museum +losangeles.museum +louvre.museum +loyalist.museum +lucerne.museum +luxembourg.museum +luzern.museum +mad.museum +madrid.museum +mallorca.museum +manchester.museum +mansion.museum +mansions.museum +manx.museum +marburg.museum +maritime.museum +maritimo.museum +maryland.museum +marylhurst.museum +media.museum +medical.museum +medizinhistorisches.museum +meeres.museum +memorial.museum +mesaverde.museum +michigan.museum +midatlantic.museum +military.museum +mill.museum +miners.museum +mining.museum +minnesota.museum +missile.museum +missoula.museum +modern.museum +moma.museum +money.museum +monmouth.museum +monticello.museum +montreal.museum +moscow.museum +motorcycle.museum +muenchen.museum +muenster.museum +mulhouse.museum +muncie.museum +museet.museum +museumcenter.museum +museumvereniging.museum +music.museum +national.museum +nationalfirearms.museum +nationalheritage.museum +nativeamerican.museum +naturalhistory.museum +naturalhistorymuseum.museum +naturalsciences.museum +nature.museum +naturhistorisches.museum +natuurwetenschappen.museum +naumburg.museum +naval.museum +nebraska.museum +neues.museum +newhampshire.museum +newjersey.museum +newmexico.museum +newport.museum +newspaper.museum +newyork.museum +niepce.museum +norfolk.museum +north.museum +nrw.museum +nuernberg.museum +nuremberg.museum +nyc.museum +nyny.museum +oceanographic.museum +oceanographique.museum +omaha.museum +online.museum +ontario.museum +openair.museum +oregon.museum +oregontrail.museum +otago.museum +oxford.museum +pacific.museum +paderborn.museum +palace.museum +paleo.museum +palmsprings.museum +panama.museum +paris.museum +pasadena.museum +pharmacy.museum +philadelphia.museum +philadelphiaarea.museum +philately.museum +phoenix.museum +photography.museum +pilots.museum +pittsburgh.museum +planetarium.museum +plantation.museum +plants.museum +plaza.museum +portal.museum +portland.museum +portlligat.museum +posts-and-telecommunications.museum +preservation.museum +presidio.museum +press.museum +project.museum +public.museum +pubol.museum +quebec.museum +railroad.museum +railway.museum +research.museum +resistance.museum +riodejaneiro.museum +rochester.museum +rockart.museum +roma.museum +russia.museum +saintlouis.museum +salem.museum +salvadordali.museum +salzburg.museum +sandiego.museum +sanfrancisco.museum +santabarbara.museum +santacruz.museum +santafe.museum +saskatchewan.museum +satx.museum +savannahga.museum +schlesisches.museum +schoenbrunn.museum +schokoladen.museum +school.museum +schweiz.museum +science.museum +scienceandhistory.museum +scienceandindustry.museum +sciencecenter.museum +sciencecenters.museum +science-fiction.museum +sciencehistory.museum +sciences.museum +sciencesnaturelles.museum +scotland.museum +seaport.museum +settlement.museum +settlers.museum +shell.museum +sherbrooke.museum +sibenik.museum +silk.museum +ski.museum +skole.museum +society.museum +sologne.museum +soundandvision.museum +southcarolina.museum +southwest.museum +space.museum +spy.museum +square.museum +stadt.museum +stalbans.museum +starnberg.museum +state.museum +stateofdelaware.museum +station.museum +steam.museum +steiermark.museum +stjohn.museum +stockholm.museum +stpetersburg.museum +stuttgart.museum +suisse.museum +surgeonshall.museum +surrey.museum +svizzera.museum +sweden.museum +sydney.museum +tank.museum +tcm.museum +technology.museum +telekommunikation.museum +television.museum +texas.museum +textile.museum +theater.museum +time.museum +timekeeping.museum +topology.museum +torino.museum +touch.museum +town.museum +transport.museum +tree.museum +trolley.museum +trust.museum +trustee.museum +uhren.museum +ulm.museum +undersea.museum +university.museum +usa.museum +usantiques.museum +usarts.museum +uscountryestate.museum +usculture.museum +usdecorativearts.museum +usgarden.museum +ushistory.museum +ushuaia.museum +uslivinghistory.museum +utah.museum +uvic.museum +valley.museum +vantaa.museum +versailles.museum +viking.museum +village.museum +virginia.museum +virtual.museum +virtuel.museum +vlaanderen.museum +volkenkunde.museum +wales.museum +wallonie.museum +war.museum +washingtondc.museum +watchandclock.museum +watch-and-clock.museum +western.museum +westfalen.museum +whaling.museum +wildlife.museum +williamsburg.museum +windmill.museum +workshop.museum +york.museum +yorkshire.museum +yosemite.museum +youth.museum +zoological.museum +zoology.museum +ירושלים.museum +иком.museum + +// mv : https://en.wikipedia.org/wiki/.mv +// "mv" included because, contra Wikipedia, google.mv exists. +mv +aero.mv +biz.mv +com.mv +coop.mv +edu.mv +gov.mv +info.mv +int.mv +mil.mv +museum.mv +name.mv +net.mv +org.mv +pro.mv + +// mw : http://www.registrar.mw/ +mw +ac.mw +biz.mw +co.mw +com.mw +coop.mw +edu.mw +gov.mw +int.mw +museum.mw +net.mw +org.mw + +// mx : http://www.nic.mx/ +// Submitted by registry <farias@nic.mx> +mx +com.mx +org.mx +gob.mx +edu.mx +net.mx + +// my : http://www.mynic.net.my/ +my +com.my +net.my +org.my +gov.my +edu.my +mil.my +name.my + +// mz : http://www.uem.mz/ +// Submitted by registry <antonio@uem.mz> +mz +ac.mz +adv.mz +co.mz +edu.mz +gov.mz +mil.mz +net.mz +org.mz + +// na : http://www.na-nic.com.na/ +// http://www.info.na/domain/ +na +info.na +pro.na +name.na +school.na +or.na +dr.na +us.na +mx.na +ca.na +in.na +cc.na +tv.na +ws.na +mobi.na +co.na +com.na +org.na + +// name : has 2nd-level tlds, but there's no list of them +name + +// nc : http://www.cctld.nc/ +nc +asso.nc +nom.nc + +// ne : https://en.wikipedia.org/wiki/.ne +ne + +// net : https://en.wikipedia.org/wiki/.net +net + +// nf : https://en.wikipedia.org/wiki/.nf +nf +com.nf +net.nf +per.nf +rec.nf +web.nf +arts.nf +firm.nf +info.nf +other.nf +store.nf + +// ng : http://www.nira.org.ng/index.php/join-us/register-ng-domain/189-nira-slds +ng +com.ng +edu.ng +gov.ng +i.ng +mil.ng +mobi.ng +name.ng +net.ng +org.ng +sch.ng + +// ni : http://www.nic.ni/ +ni +ac.ni +biz.ni +co.ni +com.ni +edu.ni +gob.ni +in.ni +info.ni +int.ni +mil.ni +net.ni +nom.ni +org.ni +web.ni + +// nl : https://en.wikipedia.org/wiki/.nl +// https://www.sidn.nl/ +// ccTLD for the Netherlands +nl + +// BV.nl will be a registry for dutch BV's (besloten vennootschap) +bv.nl + +// no : http://www.norid.no/regelverk/index.en.html +// The Norwegian registry has declined to notify us of updates. The web pages +// referenced below are the official source of the data. There is also an +// announce mailing list: +// https://postlister.uninett.no/sympa/info/norid-diskusjon +no +// Norid generic domains : http://www.norid.no/regelverk/vedlegg-c.en.html +fhs.no +vgs.no +fylkesbibl.no +folkebibl.no +museum.no +idrett.no +priv.no +// Non-Norid generic domains : http://www.norid.no/regelverk/vedlegg-d.en.html +mil.no +stat.no +dep.no +kommune.no +herad.no +// no geographical names : http://www.norid.no/regelverk/vedlegg-b.en.html +// counties +aa.no +ah.no +bu.no +fm.no +hl.no +hm.no +jan-mayen.no +mr.no +nl.no +nt.no +of.no +ol.no +oslo.no +rl.no +sf.no +st.no +svalbard.no +tm.no +tr.no +va.no +vf.no +// primary and lower secondary schools per county +gs.aa.no +gs.ah.no +gs.bu.no +gs.fm.no +gs.hl.no +gs.hm.no +gs.jan-mayen.no +gs.mr.no +gs.nl.no +gs.nt.no +gs.of.no +gs.ol.no +gs.oslo.no +gs.rl.no +gs.sf.no +gs.st.no +gs.svalbard.no +gs.tm.no +gs.tr.no +gs.va.no +gs.vf.no +// cities +akrehamn.no +åkrehamn.no +algard.no +ålgård.no +arna.no +brumunddal.no +bryne.no +bronnoysund.no +brønnøysund.no +drobak.no +drøbak.no +egersund.no +fetsund.no +floro.no +florø.no +fredrikstad.no +hokksund.no +honefoss.no +hønefoss.no +jessheim.no +jorpeland.no +jørpeland.no +kirkenes.no +kopervik.no +krokstadelva.no +langevag.no +langevåg.no +leirvik.no +mjondalen.no +mjøndalen.no +mo-i-rana.no +mosjoen.no +mosjøen.no +nesoddtangen.no +orkanger.no +osoyro.no +osøyro.no +raholt.no +råholt.no +sandnessjoen.no +sandnessjøen.no +skedsmokorset.no +slattum.no +spjelkavik.no +stathelle.no +stavern.no +stjordalshalsen.no +stjørdalshalsen.no +tananger.no +tranby.no +vossevangen.no +// communities +afjord.no +åfjord.no +agdenes.no +al.no +ål.no +alesund.no +ålesund.no +alstahaug.no +alta.no +áltá.no +alaheadju.no +álaheadju.no +alvdal.no +amli.no +åmli.no +amot.no +åmot.no +andebu.no +andoy.no +andøy.no +andasuolo.no +ardal.no +årdal.no +aremark.no +arendal.no +ås.no +aseral.no +åseral.no +asker.no +askim.no +askvoll.no +askoy.no +askøy.no +asnes.no +åsnes.no +audnedaln.no +aukra.no +aure.no +aurland.no +aurskog-holand.no +aurskog-høland.no +austevoll.no +austrheim.no +averoy.no +averøy.no +balestrand.no +ballangen.no +balat.no +bálát.no +balsfjord.no +bahccavuotna.no +báhccavuotna.no +bamble.no +bardu.no +beardu.no +beiarn.no +bajddar.no +bájddar.no +baidar.no +báidár.no +berg.no +bergen.no +berlevag.no +berlevåg.no +bearalvahki.no +bearalváhki.no +bindal.no +birkenes.no +bjarkoy.no +bjarkøy.no +bjerkreim.no +bjugn.no +bodo.no +bodø.no +badaddja.no +bådåddjå.no +budejju.no +bokn.no +bremanger.no +bronnoy.no +brønnøy.no +bygland.no +bykle.no +barum.no +bærum.no +bo.telemark.no +bø.telemark.no +bo.nordland.no +bø.nordland.no +bievat.no +bievát.no +bomlo.no +bømlo.no +batsfjord.no +båtsfjord.no +bahcavuotna.no +báhcavuotna.no +dovre.no +drammen.no +drangedal.no +dyroy.no +dyrøy.no +donna.no +dønna.no +eid.no +eidfjord.no +eidsberg.no +eidskog.no +eidsvoll.no +eigersund.no +elverum.no +enebakk.no +engerdal.no +etne.no +etnedal.no +evenes.no +evenassi.no +evenášši.no +evje-og-hornnes.no +farsund.no +fauske.no +fuossko.no +fuoisku.no +fedje.no +fet.no +finnoy.no +finnøy.no +fitjar.no +fjaler.no +fjell.no +flakstad.no +flatanger.no +flekkefjord.no +flesberg.no +flora.no +fla.no +flå.no +folldal.no +forsand.no +fosnes.no +frei.no +frogn.no +froland.no +frosta.no +frana.no +fræna.no +froya.no +frøya.no +fusa.no +fyresdal.no +forde.no +førde.no +gamvik.no +gangaviika.no +gáŋgaviika.no +gaular.no +gausdal.no +gildeskal.no +gildeskål.no +giske.no +gjemnes.no +gjerdrum.no +gjerstad.no +gjesdal.no +gjovik.no +gjøvik.no +gloppen.no +gol.no +gran.no +grane.no +granvin.no +gratangen.no +grimstad.no +grong.no +kraanghke.no +kråanghke.no +grue.no +gulen.no +hadsel.no +halden.no +halsa.no +hamar.no +hamaroy.no +habmer.no +hábmer.no +hapmir.no +hápmir.no +hammerfest.no +hammarfeasta.no +hámmárfeasta.no +haram.no +hareid.no +harstad.no +hasvik.no +aknoluokta.no +ákŋoluokta.no +hattfjelldal.no +aarborte.no +haugesund.no +hemne.no +hemnes.no +hemsedal.no +heroy.more-og-romsdal.no +herøy.møre-og-romsdal.no +heroy.nordland.no +herøy.nordland.no +hitra.no +hjartdal.no +hjelmeland.no +hobol.no +hobøl.no +hof.no +hol.no +hole.no +holmestrand.no +holtalen.no +holtålen.no +hornindal.no +horten.no +hurdal.no +hurum.no +hvaler.no +hyllestad.no +hagebostad.no +hægebostad.no +hoyanger.no +høyanger.no +hoylandet.no +høylandet.no +ha.no +hå.no +ibestad.no +inderoy.no +inderøy.no +iveland.no +jevnaker.no +jondal.no +jolster.no +jølster.no +karasjok.no +karasjohka.no +kárášjohka.no +karlsoy.no +galsa.no +gálsá.no +karmoy.no +karmøy.no +kautokeino.no +guovdageaidnu.no +klepp.no +klabu.no +klæbu.no +kongsberg.no +kongsvinger.no +kragero.no +kragerø.no +kristiansand.no +kristiansund.no +krodsherad.no +krødsherad.no +kvalsund.no +rahkkeravju.no +ráhkkerávju.no +kvam.no +kvinesdal.no +kvinnherad.no +kviteseid.no +kvitsoy.no +kvitsøy.no +kvafjord.no +kvæfjord.no +giehtavuoatna.no +kvanangen.no +kvænangen.no +navuotna.no +návuotna.no +kafjord.no +kåfjord.no +gaivuotna.no +gáivuotna.no +larvik.no +lavangen.no +lavagis.no +loabat.no +loabát.no +lebesby.no +davvesiida.no +leikanger.no +leirfjord.no +leka.no +leksvik.no +lenvik.no +leangaviika.no +leaŋgaviika.no +lesja.no +levanger.no +lier.no +lierne.no +lillehammer.no +lillesand.no +lindesnes.no +lindas.no +lindås.no +lom.no +loppa.no +lahppi.no +láhppi.no +lund.no +lunner.no +luroy.no +lurøy.no +luster.no +lyngdal.no +lyngen.no +ivgu.no +lardal.no +lerdal.no +lærdal.no +lodingen.no +lødingen.no +lorenskog.no +lørenskog.no +loten.no +løten.no +malvik.no +masoy.no +måsøy.no +muosat.no +muosát.no +mandal.no +marker.no +marnardal.no +masfjorden.no +meland.no +meldal.no +melhus.no +meloy.no +meløy.no +meraker.no +meråker.no +moareke.no +moåreke.no +midsund.no +midtre-gauldal.no +modalen.no +modum.no +molde.no +moskenes.no +moss.no +mosvik.no +malselv.no +målselv.no +malatvuopmi.no +málatvuopmi.no +namdalseid.no +aejrie.no +namsos.no +namsskogan.no +naamesjevuemie.no +nååmesjevuemie.no +laakesvuemie.no +nannestad.no +narvik.no +narviika.no +naustdal.no +nedre-eiker.no +nes.akershus.no +nes.buskerud.no +nesna.no +nesodden.no +nesseby.no +unjarga.no +unjárga.no +nesset.no +nissedal.no +nittedal.no +nord-aurdal.no +nord-fron.no +nord-odal.no +norddal.no +nordkapp.no +davvenjarga.no +davvenjárga.no +nordre-land.no +nordreisa.no +raisa.no +ráisa.no +nore-og-uvdal.no +notodden.no +naroy.no +nærøy.no +notteroy.no +nøtterøy.no +odda.no +oksnes.no +øksnes.no +oppdal.no +oppegard.no +oppegård.no +orkdal.no +orland.no +ørland.no +orskog.no +ørskog.no +orsta.no +ørsta.no +os.hedmark.no +os.hordaland.no +osen.no +osteroy.no +osterøy.no +ostre-toten.no +østre-toten.no +overhalla.no +ovre-eiker.no +øvre-eiker.no +oyer.no +øyer.no +oygarden.no +øygarden.no +oystre-slidre.no +øystre-slidre.no +porsanger.no +porsangu.no +porsáŋgu.no +porsgrunn.no +radoy.no +radøy.no +rakkestad.no +rana.no +ruovat.no +randaberg.no +rauma.no +rendalen.no +rennebu.no +rennesoy.no +rennesøy.no +rindal.no +ringebu.no +ringerike.no +ringsaker.no +rissa.no +risor.no +risør.no +roan.no +rollag.no +rygge.no +ralingen.no +rælingen.no +rodoy.no +rødøy.no +romskog.no +rømskog.no +roros.no +røros.no +rost.no +røst.no +royken.no +røyken.no +royrvik.no +røyrvik.no +rade.no +råde.no +salangen.no +siellak.no +saltdal.no +salat.no +sálát.no +sálat.no +samnanger.no +sande.more-og-romsdal.no +sande.møre-og-romsdal.no +sande.vestfold.no +sandefjord.no +sandnes.no +sandoy.no +sandøy.no +sarpsborg.no +sauda.no +sauherad.no +sel.no +selbu.no +selje.no +seljord.no +sigdal.no +siljan.no +sirdal.no +skaun.no +skedsmo.no +ski.no +skien.no +skiptvet.no +skjervoy.no +skjervøy.no +skierva.no +skiervá.no +skjak.no +skjåk.no +skodje.no +skanland.no +skånland.no +skanit.no +skánit.no +smola.no +smøla.no +snillfjord.no +snasa.no +snåsa.no +snoasa.no +snaase.no +snåase.no +sogndal.no +sokndal.no +sola.no +solund.no +songdalen.no +sortland.no +spydeberg.no +stange.no +stavanger.no +steigen.no +steinkjer.no +stjordal.no +stjørdal.no +stokke.no +stor-elvdal.no +stord.no +stordal.no +storfjord.no +omasvuotna.no +strand.no +stranda.no +stryn.no +sula.no +suldal.no +sund.no +sunndal.no +surnadal.no +sveio.no +svelvik.no +sykkylven.no +sogne.no +søgne.no +somna.no +sømna.no +sondre-land.no +søndre-land.no +sor-aurdal.no +sør-aurdal.no +sor-fron.no +sør-fron.no +sor-odal.no +sør-odal.no +sor-varanger.no +sør-varanger.no +matta-varjjat.no +mátta-várjjat.no +sorfold.no +sørfold.no +sorreisa.no +sørreisa.no +sorum.no +sørum.no +tana.no +deatnu.no +time.no +tingvoll.no +tinn.no +tjeldsund.no +dielddanuorri.no +tjome.no +tjøme.no +tokke.no +tolga.no +torsken.no +tranoy.no +tranøy.no +tromso.no +tromsø.no +tromsa.no +romsa.no +trondheim.no +troandin.no +trysil.no +trana.no +træna.no +trogstad.no +trøgstad.no +tvedestrand.no +tydal.no +tynset.no +tysfjord.no +divtasvuodna.no +divttasvuotna.no +tysnes.no +tysvar.no +tysvær.no +tonsberg.no +tønsberg.no +ullensaker.no +ullensvang.no +ulvik.no +utsira.no +vadso.no +vadsø.no +cahcesuolo.no +čáhcesuolo.no +vaksdal.no +valle.no +vang.no +vanylven.no +vardo.no +vardø.no +varggat.no +várggát.no +vefsn.no +vaapste.no +vega.no +vegarshei.no +vegårshei.no +vennesla.no +verdal.no +verran.no +vestby.no +vestnes.no +vestre-slidre.no +vestre-toten.no +vestvagoy.no +vestvågøy.no +vevelstad.no +vik.no +vikna.no +vindafjord.no +volda.no +voss.no +varoy.no +værøy.no +vagan.no +vågan.no +voagat.no +vagsoy.no +vågsøy.no +vaga.no +vågå.no +valer.ostfold.no +våler.østfold.no +valer.hedmark.no +våler.hedmark.no + +// np : http://www.mos.com.np/register.html +*.np + +// nr : http://cenpac.net.nr/dns/index.html +// Submitted by registry <technician@cenpac.net.nr> +nr +biz.nr +info.nr +gov.nr +edu.nr +org.nr +net.nr +com.nr + +// nu : https://en.wikipedia.org/wiki/.nu +nu + +// nz : https://en.wikipedia.org/wiki/.nz +// Submitted by registry <jay@nzrs.net.nz> +nz +ac.nz +co.nz +cri.nz +geek.nz +gen.nz +govt.nz +health.nz +iwi.nz +kiwi.nz +maori.nz +mil.nz +māori.nz +net.nz +org.nz +parliament.nz +school.nz + +// om : https://en.wikipedia.org/wiki/.om +om +co.om +com.om +edu.om +gov.om +med.om +museum.om +net.om +org.om +pro.om + +// onion : https://tools.ietf.org/html/rfc7686 +onion + +// org : https://en.wikipedia.org/wiki/.org +org + +// pa : http://www.nic.pa/ +// Some additional second level "domains" resolve directly as hostnames, such as +// pannet.pa, so we add a rule for "pa". +pa +ac.pa +gob.pa +com.pa +org.pa +sld.pa +edu.pa +net.pa +ing.pa +abo.pa +med.pa +nom.pa + +// pe : https://www.nic.pe/InformeFinalComision.pdf +pe +edu.pe +gob.pe +nom.pe +mil.pe +org.pe +com.pe +net.pe + +// pf : http://www.gobin.info/domainname/formulaire-pf.pdf +pf +com.pf +org.pf +edu.pf + +// pg : https://en.wikipedia.org/wiki/.pg +*.pg + +// ph : http://www.domains.ph/FAQ2.asp +// Submitted by registry <jed@email.com.ph> +ph +com.ph +net.ph +org.ph +gov.ph +edu.ph +ngo.ph +mil.ph +i.ph + +// pk : http://pk5.pknic.net.pk/pk5/msgNamepk.PK +pk +com.pk +net.pk +edu.pk +org.pk +fam.pk +biz.pk +web.pk +gov.pk +gob.pk +gok.pk +gon.pk +gop.pk +gos.pk +info.pk + +// pl http://www.dns.pl/english/index.html +// Submitted by registry +pl +com.pl +net.pl +org.pl +// pl functional domains (http://www.dns.pl/english/index.html) +aid.pl +agro.pl +atm.pl +auto.pl +biz.pl +edu.pl +gmina.pl +gsm.pl +info.pl +mail.pl +miasta.pl +media.pl +mil.pl +nieruchomosci.pl +nom.pl +pc.pl +powiat.pl +priv.pl +realestate.pl +rel.pl +sex.pl +shop.pl +sklep.pl +sos.pl +szkola.pl +targi.pl +tm.pl +tourism.pl +travel.pl +turystyka.pl +// Government domains +gov.pl +ap.gov.pl +ic.gov.pl +is.gov.pl +us.gov.pl +kmpsp.gov.pl +kppsp.gov.pl +kwpsp.gov.pl +psp.gov.pl +wskr.gov.pl +kwp.gov.pl +mw.gov.pl +ug.gov.pl +um.gov.pl +umig.gov.pl +ugim.gov.pl +upow.gov.pl +uw.gov.pl +starostwo.gov.pl +pa.gov.pl +po.gov.pl +psse.gov.pl +pup.gov.pl +rzgw.gov.pl +sa.gov.pl +so.gov.pl +sr.gov.pl +wsa.gov.pl +sko.gov.pl +uzs.gov.pl +wiih.gov.pl +winb.gov.pl +pinb.gov.pl +wios.gov.pl +witd.gov.pl +wzmiuw.gov.pl +piw.gov.pl +wiw.gov.pl +griw.gov.pl +wif.gov.pl +oum.gov.pl +sdn.gov.pl +zp.gov.pl +uppo.gov.pl +mup.gov.pl +wuoz.gov.pl +konsulat.gov.pl +oirm.gov.pl +// pl regional domains (http://www.dns.pl/english/index.html) +augustow.pl +babia-gora.pl +bedzin.pl +beskidy.pl +bialowieza.pl +bialystok.pl +bielawa.pl +bieszczady.pl +boleslawiec.pl +bydgoszcz.pl +bytom.pl +cieszyn.pl +czeladz.pl +czest.pl +dlugoleka.pl +elblag.pl +elk.pl +glogow.pl +gniezno.pl +gorlice.pl +grajewo.pl +ilawa.pl +jaworzno.pl +jelenia-gora.pl +jgora.pl +kalisz.pl +kazimierz-dolny.pl +karpacz.pl +kartuzy.pl +kaszuby.pl +katowice.pl +kepno.pl +ketrzyn.pl +klodzko.pl +kobierzyce.pl +kolobrzeg.pl +konin.pl +konskowola.pl +kutno.pl +lapy.pl +lebork.pl +legnica.pl +lezajsk.pl +limanowa.pl +lomza.pl +lowicz.pl +lubin.pl +lukow.pl +malbork.pl +malopolska.pl +mazowsze.pl +mazury.pl +mielec.pl +mielno.pl +mragowo.pl +naklo.pl +nowaruda.pl +nysa.pl +olawa.pl +olecko.pl +olkusz.pl +olsztyn.pl +opoczno.pl +opole.pl +ostroda.pl +ostroleka.pl +ostrowiec.pl +ostrowwlkp.pl +pila.pl +pisz.pl +podhale.pl +podlasie.pl +polkowice.pl +pomorze.pl +pomorskie.pl +prochowice.pl +pruszkow.pl +przeworsk.pl +pulawy.pl +radom.pl +rawa-maz.pl +rybnik.pl +rzeszow.pl +sanok.pl +sejny.pl +slask.pl +slupsk.pl +sosnowiec.pl +stalowa-wola.pl +skoczow.pl +starachowice.pl +stargard.pl +suwalki.pl +swidnica.pl +swiebodzin.pl +swinoujscie.pl +szczecin.pl +szczytno.pl +tarnobrzeg.pl +tgory.pl +turek.pl +tychy.pl +ustka.pl +walbrzych.pl +warmia.pl +warszawa.pl +waw.pl +wegrow.pl +wielun.pl +wlocl.pl +wloclawek.pl +wodzislaw.pl +wolomin.pl +wroclaw.pl +zachpomor.pl +zagan.pl +zarow.pl +zgora.pl +zgorzelec.pl + +// pm : http://www.afnic.fr/medias/documents/AFNIC-naming-policy2012.pdf +pm + +// pn : http://www.government.pn/PnRegistry/policies.htm +pn +gov.pn +co.pn +org.pn +edu.pn +net.pn + +// post : https://en.wikipedia.org/wiki/.post +post + +// pr : http://www.nic.pr/index.asp?f=1 +pr +com.pr +net.pr +org.pr +gov.pr +edu.pr +isla.pr +pro.pr +biz.pr +info.pr +name.pr +// these aren't mentioned on nic.pr, but on https://en.wikipedia.org/wiki/.pr +est.pr +prof.pr +ac.pr + +// pro : http://registry.pro/get-pro +pro +aaa.pro +aca.pro +acct.pro +avocat.pro +bar.pro +cpa.pro +eng.pro +jur.pro +law.pro +med.pro +recht.pro + +// ps : https://en.wikipedia.org/wiki/.ps +// http://www.nic.ps/registration/policy.html#reg +ps +edu.ps +gov.ps +sec.ps +plo.ps +com.ps +org.ps +net.ps + +// pt : http://online.dns.pt/dns/start_dns +pt +net.pt +gov.pt +org.pt +edu.pt +int.pt +publ.pt +com.pt +nome.pt + +// pw : https://en.wikipedia.org/wiki/.pw +pw +co.pw +ne.pw +or.pw +ed.pw +go.pw +belau.pw + +// py : http://www.nic.py/pautas.html#seccion_9 +// Submitted by registry +py +com.py +coop.py +edu.py +gov.py +mil.py +net.py +org.py + +// qa : http://domains.qa/en/ +qa +com.qa +edu.qa +gov.qa +mil.qa +name.qa +net.qa +org.qa +sch.qa + +// re : http://www.afnic.re/obtenir/chartes/nommage-re/annexe-descriptifs +re +asso.re +com.re +nom.re + +// ro : http://www.rotld.ro/ +ro +arts.ro +com.ro +firm.ro +info.ro +nom.ro +nt.ro +org.ro +rec.ro +store.ro +tm.ro +www.ro + +// rs : https://www.rnids.rs/en/domains/national-domains +rs +ac.rs +co.rs +edu.rs +gov.rs +in.rs +org.rs + +// ru : https://cctld.ru/en/domains/domens_ru/reserved/ +ru +ac.ru +edu.ru +gov.ru +int.ru +mil.ru +test.ru + +// rw : http://www.nic.rw/cgi-bin/policy.pl +rw +gov.rw +net.rw +edu.rw +ac.rw +com.rw +co.rw +int.rw +mil.rw +gouv.rw + +// sa : http://www.nic.net.sa/ +sa +com.sa +net.sa +org.sa +gov.sa +med.sa +pub.sa +edu.sa +sch.sa + +// sb : http://www.sbnic.net.sb/ +// Submitted by registry <lee.humphries@telekom.com.sb> +sb +com.sb +edu.sb +gov.sb +net.sb +org.sb + +// sc : http://www.nic.sc/ +sc +com.sc +gov.sc +net.sc +org.sc +edu.sc + +// sd : http://www.isoc.sd/sudanic.isoc.sd/billing_pricing.htm +// Submitted by registry <admin@isoc.sd> +sd +com.sd +net.sd +org.sd +edu.sd +med.sd +tv.sd +gov.sd +info.sd + +// se : https://en.wikipedia.org/wiki/.se +// Submitted by registry <patrik.wallstrom@iis.se> +se +a.se +ac.se +b.se +bd.se +brand.se +c.se +d.se +e.se +f.se +fh.se +fhsk.se +fhv.se +g.se +h.se +i.se +k.se +komforb.se +kommunalforbund.se +komvux.se +l.se +lanbib.se +m.se +n.se +naturbruksgymn.se +o.se +org.se +p.se +parti.se +pp.se +press.se +r.se +s.se +t.se +tm.se +u.se +w.se +x.se +y.se +z.se + +// sg : http://www.nic.net.sg/page/registration-policies-procedures-and-guidelines +sg +com.sg +net.sg +org.sg +gov.sg +edu.sg +per.sg + +// sh : http://www.nic.sh/registrar.html +sh +com.sh +net.sh +gov.sh +org.sh +mil.sh + +// si : https://en.wikipedia.org/wiki/.si +si + +// sj : No registrations at this time. +// Submitted by registry <jarle@uninett.no> +sj + +// sk : https://en.wikipedia.org/wiki/.sk +// list of 2nd level domains ? +sk + +// sl : http://www.nic.sl +// Submitted by registry <adam@neoip.com> +sl +com.sl +net.sl +edu.sl +gov.sl +org.sl + +// sm : https://en.wikipedia.org/wiki/.sm +sm + +// sn : https://en.wikipedia.org/wiki/.sn +sn +art.sn +com.sn +edu.sn +gouv.sn +org.sn +perso.sn +univ.sn + +// so : http://www.soregistry.com/ +so +com.so +net.so +org.so + +// sr : https://en.wikipedia.org/wiki/.sr +sr + +// st : http://www.nic.st/html/policyrules/ +st +co.st +com.st +consulado.st +edu.st +embaixada.st +gov.st +mil.st +net.st +org.st +principe.st +saotome.st +store.st + +// su : https://en.wikipedia.org/wiki/.su +su + +// sv : http://www.svnet.org.sv/niveldos.pdf +sv +com.sv +edu.sv +gob.sv +org.sv +red.sv + +// sx : https://en.wikipedia.org/wiki/.sx +// Submitted by registry <jcvignes@openregistry.com> +sx +gov.sx + +// sy : https://en.wikipedia.org/wiki/.sy +// see also: http://www.gobin.info/domainname/sy.doc +sy +edu.sy +gov.sy +net.sy +mil.sy +com.sy +org.sy + +// sz : https://en.wikipedia.org/wiki/.sz +// http://www.sispa.org.sz/ +sz +co.sz +ac.sz +org.sz + +// tc : https://en.wikipedia.org/wiki/.tc +tc + +// td : https://en.wikipedia.org/wiki/.td +td + +// tel: https://en.wikipedia.org/wiki/.tel +// http://www.telnic.org/ +tel + +// tf : https://en.wikipedia.org/wiki/.tf +tf + +// tg : https://en.wikipedia.org/wiki/.tg +// http://www.nic.tg/ +tg + +// th : https://en.wikipedia.org/wiki/.th +// Submitted by registry <krit@thains.co.th> +th +ac.th +co.th +go.th +in.th +mi.th +net.th +or.th + +// tj : http://www.nic.tj/policy.html +tj +ac.tj +biz.tj +co.tj +com.tj +edu.tj +go.tj +gov.tj +int.tj +mil.tj +name.tj +net.tj +nic.tj +org.tj +test.tj +web.tj + +// tk : https://en.wikipedia.org/wiki/.tk +tk + +// tl : https://en.wikipedia.org/wiki/.tl +tl +gov.tl + +// tm : http://www.nic.tm/local.html +tm +com.tm +co.tm +org.tm +net.tm +nom.tm +gov.tm +mil.tm +edu.tm + +// tn : https://en.wikipedia.org/wiki/.tn +// http://whois.ati.tn/ +tn +com.tn +ens.tn +fin.tn +gov.tn +ind.tn +intl.tn +nat.tn +net.tn +org.tn +info.tn +perso.tn +tourism.tn +edunet.tn +rnrt.tn +rns.tn +rnu.tn +mincom.tn +agrinet.tn +defense.tn +turen.tn + +// to : https://en.wikipedia.org/wiki/.to +// Submitted by registry <egullich@colo.to> +to +com.to +gov.to +net.to +org.to +edu.to +mil.to + +// subTLDs: https://www.nic.tr/forms/eng/policies.pdf +// and: https://www.nic.tr/forms/politikalar.pdf +// Submitted by <mehmetgurevin@gmail.com> +tr +com.tr +info.tr +biz.tr +net.tr +org.tr +web.tr +gen.tr +tv.tr +av.tr +dr.tr +bbs.tr +name.tr +tel.tr +gov.tr +bel.tr +pol.tr +mil.tr +k12.tr +edu.tr +kep.tr + +// Used by Northern Cyprus +nc.tr + +// Used by government agencies of Northern Cyprus +gov.nc.tr + +// tt : http://www.nic.tt/ +tt +co.tt +com.tt +org.tt +net.tt +biz.tt +info.tt +pro.tt +int.tt +coop.tt +jobs.tt +mobi.tt +travel.tt +museum.tt +aero.tt +name.tt +gov.tt +edu.tt + +// tv : https://en.wikipedia.org/wiki/.tv +// Not listing any 2LDs as reserved since none seem to exist in practice, +// Wikipedia notwithstanding. +tv + +// tw : https://en.wikipedia.org/wiki/.tw +tw +edu.tw +gov.tw +mil.tw +com.tw +net.tw +org.tw +idv.tw +game.tw +ebiz.tw +club.tw +網路.tw +組織.tw +商業.tw + +// tz : http://www.tznic.or.tz/index.php/domains +// Submitted by registry <manager@tznic.or.tz> +tz +ac.tz +co.tz +go.tz +hotel.tz +info.tz +me.tz +mil.tz +mobi.tz +ne.tz +or.tz +sc.tz +tv.tz + +// ua : https://hostmaster.ua/policy/?ua +// Submitted by registry <dk@cctld.ua> +ua +// ua 2LD +com.ua +edu.ua +gov.ua +in.ua +net.ua +org.ua +// ua geographic names +// https://hostmaster.ua/2ld/ +cherkassy.ua +cherkasy.ua +chernigov.ua +chernihiv.ua +chernivtsi.ua +chernovtsy.ua +ck.ua +cn.ua +cr.ua +crimea.ua +cv.ua +dn.ua +dnepropetrovsk.ua +dnipropetrovsk.ua +dominic.ua +donetsk.ua +dp.ua +if.ua +ivano-frankivsk.ua +kh.ua +kharkiv.ua +kharkov.ua +kherson.ua +khmelnitskiy.ua +khmelnytskyi.ua +kiev.ua +kirovograd.ua +km.ua +kr.ua +krym.ua +ks.ua +kv.ua +kyiv.ua +lg.ua +lt.ua +lugansk.ua +lutsk.ua +lv.ua +lviv.ua +mk.ua +mykolaiv.ua +nikolaev.ua +od.ua +odesa.ua +odessa.ua +pl.ua +poltava.ua +rivne.ua +rovno.ua +rv.ua +sb.ua +sebastopol.ua +sevastopol.ua +sm.ua +sumy.ua +te.ua +ternopil.ua +uz.ua +uzhgorod.ua +vinnica.ua +vinnytsia.ua +vn.ua +volyn.ua +yalta.ua +zaporizhzhe.ua +zaporizhzhia.ua +zhitomir.ua +zhytomyr.ua +zp.ua +zt.ua + +// ug : https://www.registry.co.ug/ +ug +co.ug +or.ug +ac.ug +sc.ug +go.ug +ne.ug +com.ug +org.ug + +// uk : https://en.wikipedia.org/wiki/.uk +// Submitted by registry <Michael.Daly@nominet.org.uk> +uk +ac.uk +co.uk +gov.uk +ltd.uk +me.uk +net.uk +nhs.uk +org.uk +plc.uk +police.uk +*.sch.uk + +// us : https://en.wikipedia.org/wiki/.us +us +dni.us +fed.us +isa.us +kids.us +nsn.us +// us geographic names +ak.us +al.us +ar.us +as.us +az.us +ca.us +co.us +ct.us +dc.us +de.us +fl.us +ga.us +gu.us +hi.us +ia.us +id.us +il.us +in.us +ks.us +ky.us +la.us +ma.us +md.us +me.us +mi.us +mn.us +mo.us +ms.us +mt.us +nc.us +nd.us +ne.us +nh.us +nj.us +nm.us +nv.us +ny.us +oh.us +ok.us +or.us +pa.us +pr.us +ri.us +sc.us +sd.us +tn.us +tx.us +ut.us +vi.us +vt.us +va.us +wa.us +wi.us +wv.us +wy.us +// The registrar notes several more specific domains available in each state, +// such as state.*.us, dst.*.us, etc., but resolution of these is somewhat +// haphazard; in some states these domains resolve as addresses, while in others +// only subdomains are available, or even nothing at all. We include the +// most common ones where it's clear that different sites are different +// entities. +k12.ak.us +k12.al.us +k12.ar.us +k12.as.us +k12.az.us +k12.ca.us +k12.co.us +k12.ct.us +k12.dc.us +k12.de.us +k12.fl.us +k12.ga.us +k12.gu.us +// k12.hi.us Bug 614565 - Hawaii has a state-wide DOE login +k12.ia.us +k12.id.us +k12.il.us +k12.in.us +k12.ks.us +k12.ky.us +k12.la.us +k12.ma.us +k12.md.us +k12.me.us +k12.mi.us +k12.mn.us +k12.mo.us +k12.ms.us +k12.mt.us +k12.nc.us +// k12.nd.us Bug 1028347 - Removed at request of Travis Rosso <trossow@nd.gov> +k12.ne.us +k12.nh.us +k12.nj.us +k12.nm.us +k12.nv.us +k12.ny.us +k12.oh.us +k12.ok.us +k12.or.us +k12.pa.us +k12.pr.us +k12.ri.us +k12.sc.us +// k12.sd.us Bug 934131 - Removed at request of James Booze <James.Booze@k12.sd.us> +k12.tn.us +k12.tx.us +k12.ut.us +k12.vi.us +k12.vt.us +k12.va.us +k12.wa.us +k12.wi.us +// k12.wv.us Bug 947705 - Removed at request of Verne Britton <verne@wvnet.edu> +k12.wy.us +cc.ak.us +cc.al.us +cc.ar.us +cc.as.us +cc.az.us +cc.ca.us +cc.co.us +cc.ct.us +cc.dc.us +cc.de.us +cc.fl.us +cc.ga.us +cc.gu.us +cc.hi.us +cc.ia.us +cc.id.us +cc.il.us +cc.in.us +cc.ks.us +cc.ky.us +cc.la.us +cc.ma.us +cc.md.us +cc.me.us +cc.mi.us +cc.mn.us +cc.mo.us +cc.ms.us +cc.mt.us +cc.nc.us +cc.nd.us +cc.ne.us +cc.nh.us +cc.nj.us +cc.nm.us +cc.nv.us +cc.ny.us +cc.oh.us +cc.ok.us +cc.or.us +cc.pa.us +cc.pr.us +cc.ri.us +cc.sc.us +cc.sd.us +cc.tn.us +cc.tx.us +cc.ut.us +cc.vi.us +cc.vt.us +cc.va.us +cc.wa.us +cc.wi.us +cc.wv.us +cc.wy.us +lib.ak.us +lib.al.us +lib.ar.us +lib.as.us +lib.az.us +lib.ca.us +lib.co.us +lib.ct.us +lib.dc.us +// lib.de.us Issue #243 - Moved to Private section at request of Ed Moore <Ed.Moore@lib.de.us> +lib.fl.us +lib.ga.us +lib.gu.us +lib.hi.us +lib.ia.us +lib.id.us +lib.il.us +lib.in.us +lib.ks.us +lib.ky.us +lib.la.us +lib.ma.us +lib.md.us +lib.me.us +lib.mi.us +lib.mn.us +lib.mo.us +lib.ms.us +lib.mt.us +lib.nc.us +lib.nd.us +lib.ne.us +lib.nh.us +lib.nj.us +lib.nm.us +lib.nv.us +lib.ny.us +lib.oh.us +lib.ok.us +lib.or.us +lib.pa.us +lib.pr.us +lib.ri.us +lib.sc.us +lib.sd.us +lib.tn.us +lib.tx.us +lib.ut.us +lib.vi.us +lib.vt.us +lib.va.us +lib.wa.us +lib.wi.us +// lib.wv.us Bug 941670 - Removed at request of Larry W Arnold <arnold@wvlc.lib.wv.us> +lib.wy.us +// k12.ma.us contains school districts in Massachusetts. The 4LDs are +// managed independently except for private (PVT), charter (CHTR) and +// parochial (PAROCH) schools. Those are delegated directly to the +// 5LD operators. <k12-ma-hostmaster _ at _ rsuc.gweep.net> +pvt.k12.ma.us +chtr.k12.ma.us +paroch.k12.ma.us +// Merit Network, Inc. maintains the registry for =~ /(k12|cc|lib).mi.us/ and the following +// see also: http://domreg.merit.edu +// see also: whois -h whois.domreg.merit.edu help +ann-arbor.mi.us +cog.mi.us +dst.mi.us +eaton.mi.us +gen.mi.us +mus.mi.us +tec.mi.us +washtenaw.mi.us + +// uy : http://www.nic.org.uy/ +uy +com.uy +edu.uy +gub.uy +mil.uy +net.uy +org.uy + +// uz : http://www.reg.uz/ +uz +co.uz +com.uz +net.uz +org.uz + +// va : https://en.wikipedia.org/wiki/.va +va + +// vc : https://en.wikipedia.org/wiki/.vc +// Submitted by registry <kshah@ca.afilias.info> +vc +com.vc +net.vc +org.vc +gov.vc +mil.vc +edu.vc + +// ve : https://registro.nic.ve/ +// Submitted by registry +ve +arts.ve +co.ve +com.ve +e12.ve +edu.ve +firm.ve +gob.ve +gov.ve +info.ve +int.ve +mil.ve +net.ve +org.ve +rec.ve +store.ve +tec.ve +web.ve + +// vg : https://en.wikipedia.org/wiki/.vg +vg + +// vi : http://www.nic.vi/newdomainform.htm +// http://www.nic.vi/Domain_Rules/body_domain_rules.html indicates some other +// TLDs are "reserved", such as edu.vi and gov.vi, but doesn't actually say they +// are available for registration (which they do not seem to be). +vi +co.vi +com.vi +k12.vi +net.vi +org.vi + +// vn : https://www.dot.vn/vnnic/vnnic/domainregistration.jsp +vn +com.vn +net.vn +org.vn +edu.vn +gov.vn +int.vn +ac.vn +biz.vn +info.vn +name.vn +pro.vn +health.vn + +// vu : https://en.wikipedia.org/wiki/.vu +// http://www.vunic.vu/ +vu +com.vu +edu.vu +net.vu +org.vu + +// wf : http://www.afnic.fr/medias/documents/AFNIC-naming-policy2012.pdf +wf + +// ws : https://en.wikipedia.org/wiki/.ws +// http://samoanic.ws/index.dhtml +ws +com.ws +net.ws +org.ws +gov.ws +edu.ws + +// yt : http://www.afnic.fr/medias/documents/AFNIC-naming-policy2012.pdf +yt + +// IDN ccTLDs +// When submitting patches, please maintain a sort by ISO 3166 ccTLD, then +// U-label, and follow this format: +// // A-Label ("<Latin renderings>", <language name>[, variant info]) : <ISO 3166 ccTLD> +// // [sponsoring org] +// U-Label + +// xn--mgbaam7a8h ("Emerat", Arabic) : AE +// http://nic.ae/english/arabicdomain/rules.jsp +امارات + +// xn--y9a3aq ("hye", Armenian) : AM +// ISOC AM (operated by .am Registry) +հայ + +// xn--54b7fta0cc ("Bangla", Bangla) : BD +বাংলা + +// xn--90ae ("bg", Bulgarian) : BG +бг + +// xn--90ais ("bel", Belarusian/Russian Cyrillic) : BY +// Operated by .by registry +бел + +// xn--fiqs8s ("Zhongguo/China", Chinese, Simplified) : CN +// CNNIC +// http://cnnic.cn/html/Dir/2005/10/11/3218.htm +中国 + +// xn--fiqz9s ("Zhongguo/China", Chinese, Traditional) : CN +// CNNIC +// http://cnnic.cn/html/Dir/2005/10/11/3218.htm +中國 + +// xn--lgbbat1ad8j ("Algeria/Al Jazair", Arabic) : DZ +الجزائر + +// xn--wgbh1c ("Egypt/Masr", Arabic) : EG +// http://www.dotmasr.eg/ +مصر + +// xn--e1a4c ("eu", Cyrillic) : EU +ею + +// xn--node ("ge", Georgian Mkhedruli) : GE +გე + +// xn--qxam ("el", Greek) : GR +// Hellenic Ministry of Infrastructure, Transport, and Networks +ελ + +// xn--j6w193g ("Hong Kong", Chinese) : HK +// https://www.hkirc.hk +// Submitted by registry <hk.tech@hkirc.hk> +// https://www.hkirc.hk/content.jsp?id=30#!/34 +香港 +公司.香港 +教育.香港 +政府.香港 +個人.香港 +網絡.香港 +組織.香港 + +// xn--2scrj9c ("Bharat", Kannada) : IN +// India +ಭಾರತ + +// xn--3hcrj9c ("Bharat", Oriya) : IN +// India +ଭାରତ + +// xn--45br5cyl ("Bharatam", Assamese) : IN +// India +ভাৰত + +// xn--h2breg3eve ("Bharatam", Sanskrit) : IN +// India +भारतम् + +// xn--h2brj9c8c ("Bharot", Santali) : IN +// India +भारोत + +// xn--mgbgu82a ("Bharat", Sindhi) : IN +// India +ڀارت + +// xn--rvc1e0am3e ("Bharatam", Malayalam) : IN +// India +ഭാരതം + +// xn--h2brj9c ("Bharat", Devanagari) : IN +// India +भारत + +// xn--mgbbh1a ("Bharat", Kashmiri) : IN +// India +بارت + +// xn--mgbbh1a71e ("Bharat", Arabic) : IN +// India +بھارت + +// xn--fpcrj9c3d ("Bharat", Telugu) : IN +// India +భారత్ + +// xn--gecrj9c ("Bharat", Gujarati) : IN +// India +ભારત + +// xn--s9brj9c ("Bharat", Gurmukhi) : IN +// India +ਭਾਰਤ + +// xn--45brj9c ("Bharat", Bengali) : IN +// India +ভারত + +// xn--xkc2dl3a5ee0h ("India", Tamil) : IN +// India +இந்தியா + +// xn--mgba3a4f16a ("Iran", Persian) : IR +ایران + +// xn--mgba3a4fra ("Iran", Arabic) : IR +ايران + +// xn--mgbtx2b ("Iraq", Arabic) : IQ +// Communications and Media Commission +عراق + +// xn--mgbayh7gpa ("al-Ordon", Arabic) : JO +// National Information Technology Center (NITC) +// Royal Scientific Society, Al-Jubeiha +الاردن + +// xn--3e0b707e ("Republic of Korea", Hangul) : KR +한국 + +// xn--80ao21a ("Kaz", Kazakh) : KZ +қаз + +// xn--fzc2c9e2c ("Lanka", Sinhalese-Sinhala) : LK +// http://nic.lk +ලංකා + +// xn--xkc2al3hye2a ("Ilangai", Tamil) : LK +// http://nic.lk +இலங்கை + +// xn--mgbc0a9azcg ("Morocco/al-Maghrib", Arabic) : MA +المغرب + +// xn--d1alf ("mkd", Macedonian) : MK +// MARnet +мкд + +// xn--l1acc ("mon", Mongolian) : MN +мон + +// xn--mix891f ("Macao", Chinese, Traditional) : MO +// MONIC / HNET Asia (Registry Operator for .mo) +澳門 + +// xn--mix082f ("Macao", Chinese, Simplified) : MO +澳门 + +// xn--mgbx4cd0ab ("Malaysia", Malay) : MY +مليسيا + +// xn--mgb9awbf ("Oman", Arabic) : OM +عمان + +// xn--mgbai9azgqp6j ("Pakistan", Urdu/Arabic) : PK +پاکستان + +// xn--mgbai9a5eva00b ("Pakistan", Urdu/Arabic, variant) : PK +پاكستان + +// xn--ygbi2ammx ("Falasteen", Arabic) : PS +// The Palestinian National Internet Naming Authority (PNINA) +// http://www.pnina.ps +فلسطين + +// xn--90a3ac ("srb", Cyrillic) : RS +// https://www.rnids.rs/en/domains/national-domains +срб +пр.срб +орг.срб +обр.срб +од.срб +упр.срб +ак.срб + +// xn--p1ai ("rf", Russian-Cyrillic) : RU +// http://www.cctld.ru/en/docs/rulesrf.php +рф + +// xn--wgbl6a ("Qatar", Arabic) : QA +// http://www.ict.gov.qa/ +قطر + +// xn--mgberp4a5d4ar ("AlSaudiah", Arabic) : SA +// http://www.nic.net.sa/ +السعودية + +// xn--mgberp4a5d4a87g ("AlSaudiah", Arabic, variant) : SA +السعودیة + +// xn--mgbqly7c0a67fbc ("AlSaudiah", Arabic, variant) : SA +السعودیۃ + +// xn--mgbqly7cvafr ("AlSaudiah", Arabic, variant) : SA +السعوديه + +// xn--mgbpl2fh ("sudan", Arabic) : SD +// Operated by .sd registry +سودان + +// xn--yfro4i67o Singapore ("Singapore", Chinese) : SG +新加坡 + +// xn--clchc0ea0b2g2a9gcd ("Singapore", Tamil) : SG +சிங்கப்பூர் + +// xn--ogbpf8fl ("Syria", Arabic) : SY +سورية + +// xn--mgbtf8fl ("Syria", Arabic, variant) : SY +سوريا + +// xn--o3cw4h ("Thai", Thai) : TH +// http://www.thnic.co.th +ไทย +ศึกษา.ไทย +ธุรกิจ.ไทย +รัฐบาล.ไทย +ทหาร.ไทย +เน็ต.ไทย +องค์กร.ไทย + +// xn--pgbs0dh ("Tunisia", Arabic) : TN +// http://nic.tn +تونس + +// xn--kpry57d ("Taiwan", Chinese, Traditional) : TW +// http://www.twnic.net/english/dn/dn_07a.htm +台灣 + +// xn--kprw13d ("Taiwan", Chinese, Simplified) : TW +// http://www.twnic.net/english/dn/dn_07a.htm +台湾 + +// xn--nnx388a ("Taiwan", Chinese, variant) : TW +臺灣 + +// xn--j1amh ("ukr", Cyrillic) : UA +укр + +// xn--mgb2ddes ("AlYemen", Arabic) : YE +اليمن + +// xxx : http://icmregistry.com +xxx + +// ye : http://www.y.net.ye/services/domain_name.htm +*.ye + +// za : http://www.zadna.org.za/content/page/domain-information +ac.za +agric.za +alt.za +co.za +edu.za +gov.za +grondar.za +law.za +mil.za +net.za +ngo.za +nis.za +nom.za +org.za +school.za +tm.za +web.za + +// zm : https://zicta.zm/ +// Submitted by registry <info@zicta.zm> +zm +ac.zm +biz.zm +co.zm +com.zm +edu.zm +gov.zm +info.zm +mil.zm +net.zm +org.zm +sch.zm + +// zw : https://www.potraz.gov.zw/ +// Confirmed by registry <bmtengwa@potraz.gov.zw> 2017-01-25 +zw +ac.zw +co.zw +gov.zw +mil.zw +org.zw + + +// newGTLDs +// List of new gTLDs imported from https://newgtlds.icann.org/newgtlds.csv on 2018-05-08T19:40:37Z +// This list is auto-generated, don't edit it manually. + +// aaa : 2015-02-26 American Automobile Association, Inc. +aaa + +// aarp : 2015-05-21 AARP +aarp + +// abarth : 2015-07-30 Fiat Chrysler Automobiles N.V. +abarth + +// abb : 2014-10-24 ABB Ltd +abb + +// abbott : 2014-07-24 Abbott Laboratories, Inc. +abbott + +// abbvie : 2015-07-30 AbbVie Inc. +abbvie + +// abc : 2015-07-30 Disney Enterprises, Inc. +abc + +// able : 2015-06-25 Able Inc. +able + +// abogado : 2014-04-24 Minds + Machines Group Limited +abogado + +// abudhabi : 2015-07-30 Abu Dhabi Systems and Information Centre +abudhabi + +// academy : 2013-11-07 Binky Moon, LLC +academy + +// accenture : 2014-08-15 Accenture plc +accenture + +// accountant : 2014-11-20 dot Accountant Limited +accountant + +// accountants : 2014-03-20 Binky Moon, LLC +accountants + +// aco : 2015-01-08 ACO Severin Ahlmann GmbH & Co. KG +aco + +// active : 2014-05-01 Active Network, LLC +active + +// actor : 2013-12-12 United TLD Holdco Ltd. +actor + +// adac : 2015-07-16 Allgemeiner Deutscher Automobil-Club e.V. (ADAC) +adac + +// ads : 2014-12-04 Charleston Road Registry Inc. +ads + +// adult : 2014-10-16 ICM Registry AD LLC +adult + +// aeg : 2015-03-19 Aktiebolaget Electrolux +aeg + +// aetna : 2015-05-21 Aetna Life Insurance Company +aetna + +// afamilycompany : 2015-07-23 Johnson Shareholdings, Inc. +afamilycompany + +// afl : 2014-10-02 Australian Football League +afl + +// africa : 2014-03-24 ZA Central Registry NPC trading as Registry.Africa +africa + +// agakhan : 2015-04-23 Fondation Aga Khan (Aga Khan Foundation) +agakhan + +// agency : 2013-11-14 Binky Moon, LLC +agency + +// aig : 2014-12-18 American International Group, Inc. +aig + +// aigo : 2015-08-06 aigo Digital Technology Co,Ltd. +aigo + +// airbus : 2015-07-30 Airbus S.A.S. +airbus + +// airforce : 2014-03-06 United TLD Holdco Ltd. +airforce + +// airtel : 2014-10-24 Bharti Airtel Limited +airtel + +// akdn : 2015-04-23 Fondation Aga Khan (Aga Khan Foundation) +akdn + +// alfaromeo : 2015-07-31 Fiat Chrysler Automobiles N.V. +alfaromeo + +// alibaba : 2015-01-15 Alibaba Group Holding Limited +alibaba + +// alipay : 2015-01-15 Alibaba Group Holding Limited +alipay + +// allfinanz : 2014-07-03 Allfinanz Deutsche Vermögensberatung Aktiengesellschaft +allfinanz + +// allstate : 2015-07-31 Allstate Fire and Casualty Insurance Company +allstate + +// ally : 2015-06-18 Ally Financial Inc. +ally + +// alsace : 2014-07-02 Region Grand Est +alsace + +// alstom : 2015-07-30 ALSTOM +alstom + +// americanexpress : 2015-07-31 American Express Travel Related Services Company, Inc. +americanexpress + +// americanfamily : 2015-07-23 AmFam, Inc. +americanfamily + +// amex : 2015-07-31 American Express Travel Related Services Company, Inc. +amex + +// amfam : 2015-07-23 AmFam, Inc. +amfam + +// amica : 2015-05-28 Amica Mutual Insurance Company +amica + +// amsterdam : 2014-07-24 Gemeente Amsterdam +amsterdam + +// analytics : 2014-12-18 Campus IP LLC +analytics + +// android : 2014-08-07 Charleston Road Registry Inc. +android + +// anquan : 2015-01-08 QIHOO 360 TECHNOLOGY CO. LTD. +anquan + +// anz : 2015-07-31 Australia and New Zealand Banking Group Limited +anz + +// aol : 2015-09-17 Oath Inc. +aol + +// apartments : 2014-12-11 Binky Moon, LLC +apartments + +// app : 2015-05-14 Charleston Road Registry Inc. +app + +// apple : 2015-05-14 Apple Inc. +apple + +// aquarelle : 2014-07-24 Aquarelle.com +aquarelle + +// arab : 2015-11-12 League of Arab States +arab + +// aramco : 2014-11-20 Aramco Services Company +aramco + +// archi : 2014-02-06 Afilias plc +archi + +// army : 2014-03-06 United TLD Holdco Ltd. +army + +// art : 2016-03-24 UK Creative Ideas Limited +art + +// arte : 2014-12-11 Association Relative à la Télévision Européenne G.E.I.E. +arte + +// asda : 2015-07-31 Wal-Mart Stores, Inc. +asda + +// associates : 2014-03-06 Binky Moon, LLC +associates + +// athleta : 2015-07-30 The Gap, Inc. +athleta + +// attorney : 2014-03-20 United TLD Holdco Ltd. +attorney + +// auction : 2014-03-20 United TLD Holdco Ltd. +auction + +// audi : 2015-05-21 AUDI Aktiengesellschaft +audi + +// audible : 2015-06-25 Amazon Registry Services, Inc. +audible + +// audio : 2014-03-20 Uniregistry, Corp. +audio + +// auspost : 2015-08-13 Australian Postal Corporation +auspost + +// author : 2014-12-18 Amazon Registry Services, Inc. +author + +// auto : 2014-11-13 Cars Registry Limited +auto + +// autos : 2014-01-09 DERAutos, LLC +autos + +// avianca : 2015-01-08 Aerovias del Continente Americano S.A. Avianca +avianca + +// aws : 2015-06-25 Amazon Registry Services, Inc. +aws + +// axa : 2013-12-19 AXA SA +axa + +// azure : 2014-12-18 Microsoft Corporation +azure + +// baby : 2015-04-09 Johnson & Johnson Services, Inc. +baby + +// baidu : 2015-01-08 Baidu, Inc. +baidu + +// banamex : 2015-07-30 Citigroup Inc. +banamex + +// bananarepublic : 2015-07-31 The Gap, Inc. +bananarepublic + +// band : 2014-06-12 United TLD Holdco Ltd. +band + +// bank : 2014-09-25 fTLD Registry Services LLC +bank + +// bar : 2013-12-12 Punto 2012 Sociedad Anonima Promotora de Inversion de Capital Variable +bar + +// barcelona : 2014-07-24 Municipi de Barcelona +barcelona + +// barclaycard : 2014-11-20 Barclays Bank PLC +barclaycard + +// barclays : 2014-11-20 Barclays Bank PLC +barclays + +// barefoot : 2015-06-11 Gallo Vineyards, Inc. +barefoot + +// bargains : 2013-11-14 Binky Moon, LLC +bargains + +// baseball : 2015-10-29 MLB Advanced Media DH, LLC +baseball + +// basketball : 2015-08-20 Fédération Internationale de Basketball (FIBA) +basketball + +// bauhaus : 2014-04-17 Werkhaus GmbH +bauhaus + +// bayern : 2014-01-23 Bayern Connect GmbH +bayern + +// bbc : 2014-12-18 British Broadcasting Corporation +bbc + +// bbt : 2015-07-23 BB&T Corporation +bbt + +// bbva : 2014-10-02 BANCO BILBAO VIZCAYA ARGENTARIA, S.A. +bbva + +// bcg : 2015-04-02 The Boston Consulting Group, Inc. +bcg + +// bcn : 2014-07-24 Municipi de Barcelona +bcn + +// beats : 2015-05-14 Beats Electronics, LLC +beats + +// beauty : 2015-12-03 L'Oréal +beauty + +// beer : 2014-01-09 Minds + Machines Group Limited +beer + +// bentley : 2014-12-18 Bentley Motors Limited +bentley + +// berlin : 2013-10-31 dotBERLIN GmbH & Co. KG +berlin + +// best : 2013-12-19 BestTLD Pty Ltd +best + +// bestbuy : 2015-07-31 BBY Solutions, Inc. +bestbuy + +// bet : 2015-05-07 Afilias plc +bet + +// bharti : 2014-01-09 Bharti Enterprises (Holding) Private Limited +bharti + +// bible : 2014-06-19 American Bible Society +bible + +// bid : 2013-12-19 dot Bid Limited +bid + +// bike : 2013-08-27 Binky Moon, LLC +bike + +// bing : 2014-12-18 Microsoft Corporation +bing + +// bingo : 2014-12-04 Binky Moon, LLC +bingo + +// bio : 2014-03-06 Afilias plc +bio + +// black : 2014-01-16 Afilias plc +black + +// blackfriday : 2014-01-16 Uniregistry, Corp. +blackfriday + +// blanco : 2015-07-16 BLANCO GmbH + Co KG +blanco + +// blockbuster : 2015-07-30 Dish DBS Corporation +blockbuster + +// blog : 2015-05-14 Knock Knock WHOIS There, LLC +blog + +// bloomberg : 2014-07-17 Bloomberg IP Holdings LLC +bloomberg + +// blue : 2013-11-07 Afilias plc +blue + +// bms : 2014-10-30 Bristol-Myers Squibb Company +bms + +// bmw : 2014-01-09 Bayerische Motoren Werke Aktiengesellschaft +bmw + +// bnl : 2014-07-24 Banca Nazionale del Lavoro +bnl + +// bnpparibas : 2014-05-29 BNP Paribas +bnpparibas + +// boats : 2014-12-04 DERBoats, LLC +boats + +// boehringer : 2015-07-09 Boehringer Ingelheim International GmbH +boehringer + +// bofa : 2015-07-31 Bank of America Corporation +bofa + +// bom : 2014-10-16 Núcleo de Informação e Coordenação do Ponto BR - NIC.br +bom + +// bond : 2014-06-05 Bond University Limited +bond + +// boo : 2014-01-30 Charleston Road Registry Inc. +boo + +// book : 2015-08-27 Amazon Registry Services, Inc. +book + +// booking : 2015-07-16 Booking.com B.V. +booking + +// bosch : 2015-06-18 Robert Bosch GMBH +bosch + +// bostik : 2015-05-28 Bostik SA +bostik + +// boston : 2015-12-10 Boston TLD Management, LLC +boston + +// bot : 2014-12-18 Amazon Registry Services, Inc. +bot + +// boutique : 2013-11-14 Binky Moon, LLC +boutique + +// box : 2015-11-12 NS1 Limited +box + +// bradesco : 2014-12-18 Banco Bradesco S.A. +bradesco + +// bridgestone : 2014-12-18 Bridgestone Corporation +bridgestone + +// broadway : 2014-12-22 Celebrate Broadway, Inc. +broadway + +// broker : 2014-12-11 Dotbroker Registry Limited +broker + +// brother : 2015-01-29 Brother Industries, Ltd. +brother + +// brussels : 2014-02-06 DNS.be vzw +brussels + +// budapest : 2013-11-21 Minds + Machines Group Limited +budapest + +// bugatti : 2015-07-23 Bugatti International SA +bugatti + +// build : 2013-11-07 Plan Bee LLC +build + +// builders : 2013-11-07 Binky Moon, LLC +builders + +// business : 2013-11-07 Binky Moon, LLC +business + +// buy : 2014-12-18 Amazon Registry Services, Inc. +buy + +// buzz : 2013-10-02 DOTSTRATEGY CO. +buzz + +// bzh : 2014-02-27 Association www.bzh +bzh + +// cab : 2013-10-24 Binky Moon, LLC +cab + +// cafe : 2015-02-11 Binky Moon, LLC +cafe + +// cal : 2014-07-24 Charleston Road Registry Inc. +cal + +// call : 2014-12-18 Amazon Registry Services, Inc. +call + +// calvinklein : 2015-07-30 PVH gTLD Holdings LLC +calvinklein + +// cam : 2016-04-21 AC Webconnecting Holding B.V. +cam + +// camera : 2013-08-27 Binky Moon, LLC +camera + +// camp : 2013-11-07 Binky Moon, LLC +camp + +// cancerresearch : 2014-05-15 Australian Cancer Research Foundation +cancerresearch + +// canon : 2014-09-12 Canon Inc. +canon + +// capetown : 2014-03-24 ZA Central Registry NPC trading as ZA Central Registry +capetown + +// capital : 2014-03-06 Binky Moon, LLC +capital + +// capitalone : 2015-08-06 Capital One Financial Corporation +capitalone + +// car : 2015-01-22 Cars Registry Limited +car + +// caravan : 2013-12-12 Caravan International, Inc. +caravan + +// cards : 2013-12-05 Binky Moon, LLC +cards + +// care : 2014-03-06 Binky Moon, LLC +care + +// career : 2013-10-09 dotCareer LLC +career + +// careers : 2013-10-02 Binky Moon, LLC +careers + +// cars : 2014-11-13 Cars Registry Limited +cars + +// cartier : 2014-06-23 Richemont DNS Inc. +cartier + +// casa : 2013-11-21 Minds + Machines Group Limited +casa + +// case : 2015-09-03 CNH Industrial N.V. +case + +// caseih : 2015-09-03 CNH Industrial N.V. +caseih + +// cash : 2014-03-06 Binky Moon, LLC +cash + +// casino : 2014-12-18 Binky Moon, LLC +casino + +// catering : 2013-12-05 Binky Moon, LLC +catering + +// catholic : 2015-10-21 Pontificium Consilium de Comunicationibus Socialibus (PCCS) (Pontifical Council for Social Communication) +catholic + +// cba : 2014-06-26 COMMONWEALTH BANK OF AUSTRALIA +cba + +// cbn : 2014-08-22 The Christian Broadcasting Network, Inc. +cbn + +// cbre : 2015-07-02 CBRE, Inc. +cbre + +// cbs : 2015-08-06 CBS Domains Inc. +cbs + +// ceb : 2015-04-09 The Corporate Executive Board Company +ceb + +// center : 2013-11-07 Binky Moon, LLC +center + +// ceo : 2013-11-07 CEOTLD Pty Ltd +ceo + +// cern : 2014-06-05 European Organization for Nuclear Research ("CERN") +cern + +// cfa : 2014-08-28 CFA Institute +cfa + +// cfd : 2014-12-11 DotCFD Registry Limited +cfd + +// chanel : 2015-04-09 Chanel International B.V. +chanel + +// channel : 2014-05-08 Charleston Road Registry Inc. +channel + +// charity : 2018-04-11 Corn Lake, LLC +charity + +// chase : 2015-04-30 JPMorgan Chase Bank, National Association +chase + +// chat : 2014-12-04 Binky Moon, LLC +chat + +// cheap : 2013-11-14 Binky Moon, LLC +cheap + +// chintai : 2015-06-11 CHINTAI Corporation +chintai + +// christmas : 2013-11-21 Uniregistry, Corp. +christmas + +// chrome : 2014-07-24 Charleston Road Registry Inc. +chrome + +// chrysler : 2015-07-30 FCA US LLC. +chrysler + +// church : 2014-02-06 Binky Moon, LLC +church + +// cipriani : 2015-02-19 Hotel Cipriani Srl +cipriani + +// circle : 2014-12-18 Amazon Registry Services, Inc. +circle + +// cisco : 2014-12-22 Cisco Technology, Inc. +cisco + +// citadel : 2015-07-23 Citadel Domain LLC +citadel + +// citi : 2015-07-30 Citigroup Inc. +citi + +// citic : 2014-01-09 CITIC Group Corporation +citic + +// city : 2014-05-29 Binky Moon, LLC +city + +// cityeats : 2014-12-11 Lifestyle Domain Holdings, Inc. +cityeats + +// claims : 2014-03-20 Binky Moon, LLC +claims + +// cleaning : 2013-12-05 Binky Moon, LLC +cleaning + +// click : 2014-06-05 Uniregistry, Corp. +click + +// clinic : 2014-03-20 Binky Moon, LLC +clinic + +// clinique : 2015-10-01 The Estée Lauder Companies Inc. +clinique + +// clothing : 2013-08-27 Binky Moon, LLC +clothing + +// cloud : 2015-04-16 Aruba PEC S.p.A. +cloud + +// club : 2013-11-08 .CLUB DOMAINS, LLC +club + +// clubmed : 2015-06-25 Club Méditerranée S.A. +clubmed + +// coach : 2014-10-09 Binky Moon, LLC +coach + +// codes : 2013-10-31 Binky Moon, LLC +codes + +// coffee : 2013-10-17 Binky Moon, LLC +coffee + +// college : 2014-01-16 XYZ.COM LLC +college + +// cologne : 2014-02-05 punkt.wien GmbH +cologne + +// comcast : 2015-07-23 Comcast IP Holdings I, LLC +comcast + +// commbank : 2014-06-26 COMMONWEALTH BANK OF AUSTRALIA +commbank + +// community : 2013-12-05 Binky Moon, LLC +community + +// company : 2013-11-07 Binky Moon, LLC +company + +// compare : 2015-10-08 iSelect Ltd +compare + +// computer : 2013-10-24 Binky Moon, LLC +computer + +// comsec : 2015-01-08 VeriSign, Inc. +comsec + +// condos : 2013-12-05 Binky Moon, LLC +condos + +// construction : 2013-09-16 Binky Moon, LLC +construction + +// consulting : 2013-12-05 United TLD Holdco Ltd. +consulting + +// contact : 2015-01-08 Top Level Spectrum, Inc. +contact + +// contractors : 2013-09-10 Binky Moon, LLC +contractors + +// cooking : 2013-11-21 Minds + Machines Group Limited +cooking + +// cookingchannel : 2015-07-02 Lifestyle Domain Holdings, Inc. +cookingchannel + +// cool : 2013-11-14 Binky Moon, LLC +cool + +// corsica : 2014-09-25 Collectivité de Corse +corsica + +// country : 2013-12-19 DotCountry LLC +country + +// coupon : 2015-02-26 Amazon Registry Services, Inc. +coupon + +// coupons : 2015-03-26 Binky Moon, LLC +coupons + +// courses : 2014-12-04 OPEN UNIVERSITIES AUSTRALIA PTY LTD +courses + +// credit : 2014-03-20 Binky Moon, LLC +credit + +// creditcard : 2014-03-20 Binky Moon, LLC +creditcard + +// creditunion : 2015-01-22 CUNA Performance Resources, LLC +creditunion + +// cricket : 2014-10-09 dot Cricket Limited +cricket + +// crown : 2014-10-24 Crown Equipment Corporation +crown + +// crs : 2014-04-03 Federated Co-operatives Limited +crs + +// cruise : 2015-12-10 Viking River Cruises (Bermuda) Ltd. +cruise + +// cruises : 2013-12-05 Binky Moon, LLC +cruises + +// csc : 2014-09-25 Alliance-One Services, Inc. +csc + +// cuisinella : 2014-04-03 SALM S.A.S. +cuisinella + +// cymru : 2014-05-08 Nominet UK +cymru + +// cyou : 2015-01-22 Beijing Gamease Age Digital Technology Co., Ltd. +cyou + +// dabur : 2014-02-06 Dabur India Limited +dabur + +// dad : 2014-01-23 Charleston Road Registry Inc. +dad + +// dance : 2013-10-24 United TLD Holdco Ltd. +dance + +// data : 2016-06-02 Dish DBS Corporation +data + +// date : 2014-11-20 dot Date Limited +date + +// dating : 2013-12-05 Binky Moon, LLC +dating + +// datsun : 2014-03-27 NISSAN MOTOR CO., LTD. +datsun + +// day : 2014-01-30 Charleston Road Registry Inc. +day + +// dclk : 2014-11-20 Charleston Road Registry Inc. +dclk + +// dds : 2015-05-07 Minds + Machines Group Limited +dds + +// deal : 2015-06-25 Amazon Registry Services, Inc. +deal + +// dealer : 2014-12-22 Dealer Dot Com, Inc. +dealer + +// deals : 2014-05-22 Binky Moon, LLC +deals + +// degree : 2014-03-06 United TLD Holdco Ltd. +degree + +// delivery : 2014-09-11 Binky Moon, LLC +delivery + +// dell : 2014-10-24 Dell Inc. +dell + +// deloitte : 2015-07-31 Deloitte Touche Tohmatsu +deloitte + +// delta : 2015-02-19 Delta Air Lines, Inc. +delta + +// democrat : 2013-10-24 United TLD Holdco Ltd. +democrat + +// dental : 2014-03-20 Binky Moon, LLC +dental + +// dentist : 2014-03-20 United TLD Holdco Ltd. +dentist + +// desi : 2013-11-14 Desi Networks LLC +desi + +// design : 2014-11-07 Top Level Design, LLC +design + +// dev : 2014-10-16 Charleston Road Registry Inc. +dev + +// dhl : 2015-07-23 Deutsche Post AG +dhl + +// diamonds : 2013-09-22 Binky Moon, LLC +diamonds + +// diet : 2014-06-26 Uniregistry, Corp. +diet + +// digital : 2014-03-06 Binky Moon, LLC +digital + +// direct : 2014-04-10 Binky Moon, LLC +direct + +// directory : 2013-09-20 Binky Moon, LLC +directory + +// discount : 2014-03-06 Binky Moon, LLC +discount + +// discover : 2015-07-23 Discover Financial Services +discover + +// dish : 2015-07-30 Dish DBS Corporation +dish + +// diy : 2015-11-05 Lifestyle Domain Holdings, Inc. +diy + +// dnp : 2013-12-13 Dai Nippon Printing Co., Ltd. +dnp + +// docs : 2014-10-16 Charleston Road Registry Inc. +docs + +// doctor : 2016-06-02 Binky Moon, LLC +doctor + +// dodge : 2015-07-30 FCA US LLC. +dodge + +// dog : 2014-12-04 Binky Moon, LLC +dog + +// doha : 2014-09-18 Communications Regulatory Authority (CRA) +doha + +// domains : 2013-10-17 Binky Moon, LLC +domains + +// dot : 2015-05-21 Dish DBS Corporation +dot + +// download : 2014-11-20 dot Support Limited +download + +// drive : 2015-03-05 Charleston Road Registry Inc. +drive + +// dtv : 2015-06-04 Dish DBS Corporation +dtv + +// dubai : 2015-01-01 Dubai Smart Government Department +dubai + +// duck : 2015-07-23 Johnson Shareholdings, Inc. +duck + +// dunlop : 2015-07-02 The Goodyear Tire & Rubber Company +dunlop + +// duns : 2015-08-06 The Dun & Bradstreet Corporation +duns + +// dupont : 2015-06-25 E. I. du Pont de Nemours and Company +dupont + +// durban : 2014-03-24 ZA Central Registry NPC trading as ZA Central Registry +durban + +// dvag : 2014-06-23 Deutsche Vermögensberatung Aktiengesellschaft DVAG +dvag + +// dvr : 2016-05-26 Hughes Satellite Systems Corporation +dvr + +// earth : 2014-12-04 Interlink Co., Ltd. +earth + +// eat : 2014-01-23 Charleston Road Registry Inc. +eat + +// eco : 2016-07-08 Big Room Inc. +eco + +// edeka : 2014-12-18 EDEKA Verband kaufmännischer Genossenschaften e.V. +edeka + +// education : 2013-11-07 Binky Moon, LLC +education + +// email : 2013-10-31 Binky Moon, LLC +email + +// emerck : 2014-04-03 Merck KGaA +emerck + +// energy : 2014-09-11 Binky Moon, LLC +energy + +// engineer : 2014-03-06 United TLD Holdco Ltd. +engineer + +// engineering : 2014-03-06 Binky Moon, LLC +engineering + +// enterprises : 2013-09-20 Binky Moon, LLC +enterprises + +// epost : 2015-07-23 Deutsche Post AG +epost + +// epson : 2014-12-04 Seiko Epson Corporation +epson + +// equipment : 2013-08-27 Binky Moon, LLC +equipment + +// ericsson : 2015-07-09 Telefonaktiebolaget L M Ericsson +ericsson + +// erni : 2014-04-03 ERNI Group Holding AG +erni + +// esq : 2014-05-08 Charleston Road Registry Inc. +esq + +// estate : 2013-08-27 Binky Moon, LLC +estate + +// esurance : 2015-07-23 Esurance Insurance Company +esurance + +// etisalat : 2015-09-03 Emirates Telecommunications Corporation (trading as Etisalat) +etisalat + +// eurovision : 2014-04-24 European Broadcasting Union (EBU) +eurovision + +// eus : 2013-12-12 Puntueus Fundazioa +eus + +// events : 2013-12-05 Binky Moon, LLC +events + +// everbank : 2014-05-15 EverBank +everbank + +// exchange : 2014-03-06 Binky Moon, LLC +exchange + +// expert : 2013-11-21 Binky Moon, LLC +expert + +// exposed : 2013-12-05 Binky Moon, LLC +exposed + +// express : 2015-02-11 Binky Moon, LLC +express + +// extraspace : 2015-05-14 Extra Space Storage LLC +extraspace + +// fage : 2014-12-18 Fage International S.A. +fage + +// fail : 2014-03-06 Binky Moon, LLC +fail + +// fairwinds : 2014-11-13 FairWinds Partners, LLC +fairwinds + +// faith : 2014-11-20 dot Faith Limited +faith + +// family : 2015-04-02 United TLD Holdco Ltd. +family + +// fan : 2014-03-06 Asiamix Digital Limited +fan + +// fans : 2014-11-07 Asiamix Digital Limited +fans + +// farm : 2013-11-07 Binky Moon, LLC +farm + +// farmers : 2015-07-09 Farmers Insurance Exchange +farmers + +// fashion : 2014-07-03 Minds + Machines Group Limited +fashion + +// fast : 2014-12-18 Amazon Registry Services, Inc. +fast + +// fedex : 2015-08-06 Federal Express Corporation +fedex + +// feedback : 2013-12-19 Top Level Spectrum, Inc. +feedback + +// ferrari : 2015-07-31 Fiat Chrysler Automobiles N.V. +ferrari + +// ferrero : 2014-12-18 Ferrero Trading Lux S.A. +ferrero + +// fiat : 2015-07-31 Fiat Chrysler Automobiles N.V. +fiat + +// fidelity : 2015-07-30 Fidelity Brokerage Services LLC +fidelity + +// fido : 2015-08-06 Rogers Communications Canada Inc. +fido + +// film : 2015-01-08 Motion Picture Domain Registry Pty Ltd +film + +// final : 2014-10-16 Núcleo de Informação e Coordenação do Ponto BR - NIC.br +final + +// finance : 2014-03-20 Binky Moon, LLC +finance + +// financial : 2014-03-06 Binky Moon, LLC +financial + +// fire : 2015-06-25 Amazon Registry Services, Inc. +fire + +// firestone : 2014-12-18 Bridgestone Licensing Services, Inc +firestone + +// firmdale : 2014-03-27 Firmdale Holdings Limited +firmdale + +// fish : 2013-12-12 Binky Moon, LLC +fish + +// fishing : 2013-11-21 Minds + Machines Group Limited +fishing + +// fit : 2014-11-07 Minds + Machines Group Limited +fit + +// fitness : 2014-03-06 Binky Moon, LLC +fitness + +// flickr : 2015-04-02 Yahoo! Domain Services Inc. +flickr + +// flights : 2013-12-05 Binky Moon, LLC +flights + +// flir : 2015-07-23 FLIR Systems, Inc. +flir + +// florist : 2013-11-07 Binky Moon, LLC +florist + +// flowers : 2014-10-09 Uniregistry, Corp. +flowers + +// fly : 2014-05-08 Charleston Road Registry Inc. +fly + +// foo : 2014-01-23 Charleston Road Registry Inc. +foo + +// food : 2016-04-21 Lifestyle Domain Holdings, Inc. +food + +// foodnetwork : 2015-07-02 Lifestyle Domain Holdings, Inc. +foodnetwork + +// football : 2014-12-18 Binky Moon, LLC +football + +// ford : 2014-11-13 Ford Motor Company +ford + +// forex : 2014-12-11 Dotforex Registry Limited +forex + +// forsale : 2014-05-22 United TLD Holdco Ltd. +forsale + +// forum : 2015-04-02 Fegistry, LLC +forum + +// foundation : 2013-12-05 Binky Moon, LLC +foundation + +// fox : 2015-09-11 FOX Registry, LLC +fox + +// free : 2015-12-10 Amazon Registry Services, Inc. +free + +// fresenius : 2015-07-30 Fresenius Immobilien-Verwaltungs-GmbH +fresenius + +// frl : 2014-05-15 FRLregistry B.V. +frl + +// frogans : 2013-12-19 OP3FT +frogans + +// frontdoor : 2015-07-02 Lifestyle Domain Holdings, Inc. +frontdoor + +// frontier : 2015-02-05 Frontier Communications Corporation +frontier + +// ftr : 2015-07-16 Frontier Communications Corporation +ftr + +// fujitsu : 2015-07-30 Fujitsu Limited +fujitsu + +// fujixerox : 2015-07-23 Xerox DNHC LLC +fujixerox + +// fun : 2016-01-14 DotSpace Inc. +fun + +// fund : 2014-03-20 Binky Moon, LLC +fund + +// furniture : 2014-03-20 Binky Moon, LLC +furniture + +// futbol : 2013-09-20 United TLD Holdco Ltd. +futbol + +// fyi : 2015-04-02 Binky Moon, LLC +fyi + +// gal : 2013-11-07 Asociación puntoGAL +gal + +// gallery : 2013-09-13 Binky Moon, LLC +gallery + +// gallo : 2015-06-11 Gallo Vineyards, Inc. +gallo + +// gallup : 2015-02-19 Gallup, Inc. +gallup + +// game : 2015-05-28 Uniregistry, Corp. +game + +// games : 2015-05-28 United TLD Holdco Ltd. +games + +// gap : 2015-07-31 The Gap, Inc. +gap + +// garden : 2014-06-26 Minds + Machines Group Limited +garden + +// gbiz : 2014-07-17 Charleston Road Registry Inc. +gbiz + +// gdn : 2014-07-31 Joint Stock Company "Navigation-information systems" +gdn + +// gea : 2014-12-04 GEA Group Aktiengesellschaft +gea + +// gent : 2014-01-23 COMBELL NV +gent + +// genting : 2015-03-12 Resorts World Inc Pte. Ltd. +genting + +// george : 2015-07-31 Wal-Mart Stores, Inc. +george + +// ggee : 2014-01-09 GMO Internet, Inc. +ggee + +// gift : 2013-10-17 DotGift, LLC +gift + +// gifts : 2014-07-03 Binky Moon, LLC +gifts + +// gives : 2014-03-06 United TLD Holdco Ltd. +gives + +// giving : 2014-11-13 Giving Limited +giving + +// glade : 2015-07-23 Johnson Shareholdings, Inc. +glade + +// glass : 2013-11-07 Binky Moon, LLC +glass + +// gle : 2014-07-24 Charleston Road Registry Inc. +gle + +// global : 2014-04-17 Dot Global Domain Registry Limited +global + +// globo : 2013-12-19 Globo Comunicação e Participações S.A +globo + +// gmail : 2014-05-01 Charleston Road Registry Inc. +gmail + +// gmbh : 2016-01-29 Binky Moon, LLC +gmbh + +// gmo : 2014-01-09 GMO Internet Pte. Ltd. +gmo + +// gmx : 2014-04-24 1&1 Mail & Media GmbH +gmx + +// godaddy : 2015-07-23 Go Daddy East, LLC +godaddy + +// gold : 2015-01-22 Binky Moon, LLC +gold + +// goldpoint : 2014-11-20 YODOBASHI CAMERA CO.,LTD. +goldpoint + +// golf : 2014-12-18 Binky Moon, LLC +golf + +// goo : 2014-12-18 NTT Resonant Inc. +goo + +// goodhands : 2015-07-31 Allstate Fire and Casualty Insurance Company +goodhands + +// goodyear : 2015-07-02 The Goodyear Tire & Rubber Company +goodyear + +// goog : 2014-11-20 Charleston Road Registry Inc. +goog + +// google : 2014-07-24 Charleston Road Registry Inc. +google + +// gop : 2014-01-16 Republican State Leadership Committee, Inc. +gop + +// got : 2014-12-18 Amazon Registry Services, Inc. +got + +// grainger : 2015-05-07 Grainger Registry Services, LLC +grainger + +// graphics : 2013-09-13 Binky Moon, LLC +graphics + +// gratis : 2014-03-20 Binky Moon, LLC +gratis + +// green : 2014-05-08 Afilias plc +green + +// gripe : 2014-03-06 Binky Moon, LLC +gripe + +// grocery : 2016-06-16 Wal-Mart Stores, Inc. +grocery + +// group : 2014-08-15 Binky Moon, LLC +group + +// guardian : 2015-07-30 The Guardian Life Insurance Company of America +guardian + +// gucci : 2014-11-13 Guccio Gucci S.p.a. +gucci + +// guge : 2014-08-28 Charleston Road Registry Inc. +guge + +// guide : 2013-09-13 Binky Moon, LLC +guide + +// guitars : 2013-11-14 Uniregistry, Corp. +guitars + +// guru : 2013-08-27 Binky Moon, LLC +guru + +// hair : 2015-12-03 L'Oréal +hair + +// hamburg : 2014-02-20 Hamburg Top-Level-Domain GmbH +hamburg + +// hangout : 2014-11-13 Charleston Road Registry Inc. +hangout + +// haus : 2013-12-05 United TLD Holdco Ltd. +haus + +// hbo : 2015-07-30 HBO Registry Services, Inc. +hbo + +// hdfc : 2015-07-30 HOUSING DEVELOPMENT FINANCE CORPORATION LIMITED +hdfc + +// hdfcbank : 2015-02-12 HDFC Bank Limited +hdfcbank + +// health : 2015-02-11 DotHealth, LLC +health + +// healthcare : 2014-06-12 Binky Moon, LLC +healthcare + +// help : 2014-06-26 Uniregistry, Corp. +help + +// helsinki : 2015-02-05 City of Helsinki +helsinki + +// here : 2014-02-06 Charleston Road Registry Inc. +here + +// hermes : 2014-07-10 HERMES INTERNATIONAL +hermes + +// hgtv : 2015-07-02 Lifestyle Domain Holdings, Inc. +hgtv + +// hiphop : 2014-03-06 Uniregistry, Corp. +hiphop + +// hisamitsu : 2015-07-16 Hisamitsu Pharmaceutical Co.,Inc. +hisamitsu + +// hitachi : 2014-10-31 Hitachi, Ltd. +hitachi + +// hiv : 2014-03-13 Uniregistry, Corp. +hiv + +// hkt : 2015-05-14 PCCW-HKT DataCom Services Limited +hkt + +// hockey : 2015-03-19 Binky Moon, LLC +hockey + +// holdings : 2013-08-27 Binky Moon, LLC +holdings + +// holiday : 2013-11-07 Binky Moon, LLC +holiday + +// homedepot : 2015-04-02 Home Depot Product Authority, LLC +homedepot + +// homegoods : 2015-07-16 The TJX Companies, Inc. +homegoods + +// homes : 2014-01-09 DERHomes, LLC +homes + +// homesense : 2015-07-16 The TJX Companies, Inc. +homesense + +// honda : 2014-12-18 Honda Motor Co., Ltd. +honda + +// honeywell : 2015-07-23 Honeywell GTLD LLC +honeywell + +// horse : 2013-11-21 Minds + Machines Group Limited +horse + +// hospital : 2016-10-20 Binky Moon, LLC +hospital + +// host : 2014-04-17 DotHost Inc. +host + +// hosting : 2014-05-29 Uniregistry, Corp. +hosting + +// hot : 2015-08-27 Amazon Registry Services, Inc. +hot + +// hoteles : 2015-03-05 Travel Reservations SRL +hoteles + +// hotels : 2016-04-07 Booking.com B.V. +hotels + +// hotmail : 2014-12-18 Microsoft Corporation +hotmail + +// house : 2013-11-07 Binky Moon, LLC +house + +// how : 2014-01-23 Charleston Road Registry Inc. +how + +// hsbc : 2014-10-24 HSBC Global Services (UK) Limited +hsbc + +// hughes : 2015-07-30 Hughes Satellite Systems Corporation +hughes + +// hyatt : 2015-07-30 Hyatt GTLD, L.L.C. +hyatt + +// hyundai : 2015-07-09 Hyundai Motor Company +hyundai + +// ibm : 2014-07-31 International Business Machines Corporation +ibm + +// icbc : 2015-02-19 Industrial and Commercial Bank of China Limited +icbc + +// ice : 2014-10-30 IntercontinentalExchange, Inc. +ice + +// icu : 2015-01-08 ShortDot SA +icu + +// ieee : 2015-07-23 IEEE Global LLC +ieee + +// ifm : 2014-01-30 ifm electronic gmbh +ifm + +// ikano : 2015-07-09 Ikano S.A. +ikano + +// imamat : 2015-08-06 Fondation Aga Khan (Aga Khan Foundation) +imamat + +// imdb : 2015-06-25 Amazon Registry Services, Inc. +imdb + +// immo : 2014-07-10 Binky Moon, LLC +immo + +// immobilien : 2013-11-07 United TLD Holdco Ltd. +immobilien + +// inc : 2018-03-10 GTLD Limited +inc + +// industries : 2013-12-05 Binky Moon, LLC +industries + +// infiniti : 2014-03-27 NISSAN MOTOR CO., LTD. +infiniti + +// ing : 2014-01-23 Charleston Road Registry Inc. +ing + +// ink : 2013-12-05 Top Level Design, LLC +ink + +// institute : 2013-11-07 Binky Moon, LLC +institute + +// insurance : 2015-02-19 fTLD Registry Services LLC +insurance + +// insure : 2014-03-20 Binky Moon, LLC +insure + +// intel : 2015-08-06 Intel Corporation +intel + +// international : 2013-11-07 Binky Moon, LLC +international + +// intuit : 2015-07-30 Intuit Administrative Services, Inc. +intuit + +// investments : 2014-03-20 Binky Moon, LLC +investments + +// ipiranga : 2014-08-28 Ipiranga Produtos de Petroleo S.A. +ipiranga + +// irish : 2014-08-07 Binky Moon, LLC +irish + +// iselect : 2015-02-11 iSelect Ltd +iselect + +// ismaili : 2015-08-06 Fondation Aga Khan (Aga Khan Foundation) +ismaili + +// ist : 2014-08-28 Istanbul Metropolitan Municipality +ist + +// istanbul : 2014-08-28 Istanbul Metropolitan Municipality +istanbul + +// itau : 2014-10-02 Itau Unibanco Holding S.A. +itau + +// itv : 2015-07-09 ITV Services Limited +itv + +// iveco : 2015-09-03 CNH Industrial N.V. +iveco + +// iwc : 2014-06-23 Richemont DNS Inc. +iwc + +// jaguar : 2014-11-13 Jaguar Land Rover Ltd +jaguar + +// java : 2014-06-19 Oracle Corporation +java + +// jcb : 2014-11-20 JCB Co., Ltd. +jcb + +// jcp : 2015-04-23 JCP Media, Inc. +jcp + +// jeep : 2015-07-30 FCA US LLC. +jeep + +// jetzt : 2014-01-09 Binky Moon, LLC +jetzt + +// jewelry : 2015-03-05 Binky Moon, LLC +jewelry + +// jio : 2015-04-02 Reliance Industries Limited +jio + +// jlc : 2014-12-04 Richemont DNS Inc. +jlc + +// jll : 2015-04-02 Jones Lang LaSalle Incorporated +jll + +// jmp : 2015-03-26 Matrix IP LLC +jmp + +// jnj : 2015-06-18 Johnson & Johnson Services, Inc. +jnj + +// joburg : 2014-03-24 ZA Central Registry NPC trading as ZA Central Registry +joburg + +// jot : 2014-12-18 Amazon Registry Services, Inc. +jot + +// joy : 2014-12-18 Amazon Registry Services, Inc. +joy + +// jpmorgan : 2015-04-30 JPMorgan Chase Bank, National Association +jpmorgan + +// jprs : 2014-09-18 Japan Registry Services Co., Ltd. +jprs + +// juegos : 2014-03-20 Uniregistry, Corp. +juegos + +// juniper : 2015-07-30 JUNIPER NETWORKS, INC. +juniper + +// kaufen : 2013-11-07 United TLD Holdco Ltd. +kaufen + +// kddi : 2014-09-12 KDDI CORPORATION +kddi + +// kerryhotels : 2015-04-30 Kerry Trading Co. Limited +kerryhotels + +// kerrylogistics : 2015-04-09 Kerry Trading Co. Limited +kerrylogistics + +// kerryproperties : 2015-04-09 Kerry Trading Co. Limited +kerryproperties + +// kfh : 2014-12-04 Kuwait Finance House +kfh + +// kia : 2015-07-09 KIA MOTORS CORPORATION +kia + +// kim : 2013-09-23 Afilias plc +kim + +// kinder : 2014-11-07 Ferrero Trading Lux S.A. +kinder + +// kindle : 2015-06-25 Amazon Registry Services, Inc. +kindle + +// kitchen : 2013-09-20 Binky Moon, LLC +kitchen + +// kiwi : 2013-09-20 DOT KIWI LIMITED +kiwi + +// koeln : 2014-01-09 punkt.wien GmbH +koeln + +// komatsu : 2015-01-08 Komatsu Ltd. +komatsu + +// kosher : 2015-08-20 Kosher Marketing Assets LLC +kosher + +// kpmg : 2015-04-23 KPMG International Cooperative (KPMG International Genossenschaft) +kpmg + +// kpn : 2015-01-08 Koninklijke KPN N.V. +kpn + +// krd : 2013-12-05 KRG Department of Information Technology +krd + +// kred : 2013-12-19 KredTLD Pty Ltd +kred + +// kuokgroup : 2015-04-09 Kerry Trading Co. Limited +kuokgroup + +// kyoto : 2014-11-07 Academic Institution: Kyoto Jyoho Gakuen +kyoto + +// lacaixa : 2014-01-09 Fundación Bancaria Caixa d’Estalvis i Pensions de Barcelona, “la Caixa” +lacaixa + +// ladbrokes : 2015-08-06 LADBROKES INTERNATIONAL PLC +ladbrokes + +// lamborghini : 2015-06-04 Automobili Lamborghini S.p.A. +lamborghini + +// lamer : 2015-10-01 The Estée Lauder Companies Inc. +lamer + +// lancaster : 2015-02-12 LANCASTER +lancaster + +// lancia : 2015-07-31 Fiat Chrysler Automobiles N.V. +lancia + +// lancome : 2015-07-23 L'Oréal +lancome + +// land : 2013-09-10 Binky Moon, LLC +land + +// landrover : 2014-11-13 Jaguar Land Rover Ltd +landrover + +// lanxess : 2015-07-30 LANXESS Corporation +lanxess + +// lasalle : 2015-04-02 Jones Lang LaSalle Incorporated +lasalle + +// lat : 2014-10-16 ECOM-LAC Federaciòn de Latinoamèrica y el Caribe para Internet y el Comercio Electrònico +lat + +// latino : 2015-07-30 Dish DBS Corporation +latino + +// latrobe : 2014-06-16 La Trobe University +latrobe + +// law : 2015-01-22 Minds + Machines Group Limited +law + +// lawyer : 2014-03-20 United TLD Holdco Ltd. +lawyer + +// lds : 2014-03-20 IRI Domain Management, LLC ("Applicant") +lds + +// lease : 2014-03-06 Binky Moon, LLC +lease + +// leclerc : 2014-08-07 A.C.D. LEC Association des Centres Distributeurs Edouard Leclerc +leclerc + +// lefrak : 2015-07-16 LeFrak Organization, Inc. +lefrak + +// legal : 2014-10-16 Binky Moon, LLC +legal + +// lego : 2015-07-16 LEGO Juris A/S +lego + +// lexus : 2015-04-23 TOYOTA MOTOR CORPORATION +lexus + +// lgbt : 2014-05-08 Afilias plc +lgbt + +// liaison : 2014-10-02 Liaison Technologies, Incorporated +liaison + +// lidl : 2014-09-18 Schwarz Domains und Services GmbH & Co. KG +lidl + +// life : 2014-02-06 Binky Moon, LLC +life + +// lifeinsurance : 2015-01-15 American Council of Life Insurers +lifeinsurance + +// lifestyle : 2014-12-11 Lifestyle Domain Holdings, Inc. +lifestyle + +// lighting : 2013-08-27 Binky Moon, LLC +lighting + +// like : 2014-12-18 Amazon Registry Services, Inc. +like + +// lilly : 2015-07-31 Eli Lilly and Company +lilly + +// limited : 2014-03-06 Binky Moon, LLC +limited + +// limo : 2013-10-17 Binky Moon, LLC +limo + +// lincoln : 2014-11-13 Ford Motor Company +lincoln + +// linde : 2014-12-04 Linde Aktiengesellschaft +linde + +// link : 2013-11-14 Uniregistry, Corp. +link + +// lipsy : 2015-06-25 Lipsy Ltd +lipsy + +// live : 2014-12-04 United TLD Holdco Ltd. +live + +// living : 2015-07-30 Lifestyle Domain Holdings, Inc. +living + +// lixil : 2015-03-19 LIXIL Group Corporation +lixil + +// llc : 2017-12-14 Afilias plc +llc + +// loan : 2014-11-20 dot Loan Limited +loan + +// loans : 2014-03-20 Binky Moon, LLC +loans + +// locker : 2015-06-04 Dish DBS Corporation +locker + +// locus : 2015-06-25 Locus Analytics LLC +locus + +// loft : 2015-07-30 Annco, Inc. +loft + +// lol : 2015-01-30 Uniregistry, Corp. +lol + +// london : 2013-11-14 Dot London Domains Limited +london + +// lotte : 2014-11-07 Lotte Holdings Co., Ltd. +lotte + +// lotto : 2014-04-10 Afilias plc +lotto + +// love : 2014-12-22 Merchant Law Group LLP +love + +// lpl : 2015-07-30 LPL Holdings, Inc. +lpl + +// lplfinancial : 2015-07-30 LPL Holdings, Inc. +lplfinancial + +// ltd : 2014-09-25 Binky Moon, LLC +ltd + +// ltda : 2014-04-17 InterNetX, Corp +ltda + +// lundbeck : 2015-08-06 H. Lundbeck A/S +lundbeck + +// lupin : 2014-11-07 LUPIN LIMITED +lupin + +// luxe : 2014-01-09 Minds + Machines Group Limited +luxe + +// luxury : 2013-10-17 Luxury Partners, LLC +luxury + +// macys : 2015-07-31 Macys, Inc. +macys + +// madrid : 2014-05-01 Comunidad de Madrid +madrid + +// maif : 2014-10-02 Mutuelle Assurance Instituteur France (MAIF) +maif + +// maison : 2013-12-05 Binky Moon, LLC +maison + +// makeup : 2015-01-15 L'Oréal +makeup + +// man : 2014-12-04 MAN SE +man + +// management : 2013-11-07 Binky Moon, LLC +management + +// mango : 2013-10-24 PUNTO FA S.L. +mango + +// map : 2016-06-09 Charleston Road Registry Inc. +map + +// market : 2014-03-06 United TLD Holdco Ltd. +market + +// marketing : 2013-11-07 Binky Moon, LLC +marketing + +// markets : 2014-12-11 Dotmarkets Registry Limited +markets + +// marriott : 2014-10-09 Marriott Worldwide Corporation +marriott + +// marshalls : 2015-07-16 The TJX Companies, Inc. +marshalls + +// maserati : 2015-07-31 Fiat Chrysler Automobiles N.V. +maserati + +// mattel : 2015-08-06 Mattel Sites, Inc. +mattel + +// mba : 2015-04-02 Binky Moon, LLC +mba + +// mckinsey : 2015-07-31 McKinsey Holdings, Inc. +mckinsey + +// med : 2015-08-06 Medistry LLC +med + +// media : 2014-03-06 Binky Moon, LLC +media + +// meet : 2014-01-16 Charleston Road Registry Inc. +meet + +// melbourne : 2014-05-29 The Crown in right of the State of Victoria, represented by its Department of State Development, Business and Innovation +melbourne + +// meme : 2014-01-30 Charleston Road Registry Inc. +meme + +// memorial : 2014-10-16 Dog Beach, LLC +memorial + +// men : 2015-02-26 Exclusive Registry Limited +men + +// menu : 2013-09-11 Wedding TLD2, LLC +menu + +// meo : 2014-11-07 MEO Servicos de Comunicacoes e Multimedia, S.A. +meo + +// merckmsd : 2016-07-14 MSD Registry Holdings, Inc. +merckmsd + +// metlife : 2015-05-07 MetLife Services and Solutions, LLC +metlife + +// miami : 2013-12-19 Minds + Machines Group Limited +miami + +// microsoft : 2014-12-18 Microsoft Corporation +microsoft + +// mini : 2014-01-09 Bayerische Motoren Werke Aktiengesellschaft +mini + +// mint : 2015-07-30 Intuit Administrative Services, Inc. +mint + +// mit : 2015-07-02 Massachusetts Institute of Technology +mit + +// mitsubishi : 2015-07-23 Mitsubishi Corporation +mitsubishi + +// mlb : 2015-05-21 MLB Advanced Media DH, LLC +mlb + +// mls : 2015-04-23 The Canadian Real Estate Association +mls + +// mma : 2014-11-07 MMA IARD +mma + +// mobile : 2016-06-02 Dish DBS Corporation +mobile + +// mobily : 2014-12-18 GreenTech Consultancy Company W.L.L. +mobily + +// moda : 2013-11-07 United TLD Holdco Ltd. +moda + +// moe : 2013-11-13 Interlink Co., Ltd. +moe + +// moi : 2014-12-18 Amazon Registry Services, Inc. +moi + +// mom : 2015-04-16 Uniregistry, Corp. +mom + +// monash : 2013-09-30 Monash University +monash + +// money : 2014-10-16 Binky Moon, LLC +money + +// monster : 2015-09-11 Monster Worldwide, Inc. +monster + +// mopar : 2015-07-30 FCA US LLC. +mopar + +// mormon : 2013-12-05 IRI Domain Management, LLC ("Applicant") +mormon + +// mortgage : 2014-03-20 United TLD Holdco Ltd. +mortgage + +// moscow : 2013-12-19 Foundation for Assistance for Internet Technologies and Infrastructure Development (FAITID) +moscow + +// moto : 2015-06-04 Motorola Trademark Holdings, LLC +moto + +// motorcycles : 2014-01-09 DERMotorcycles, LLC +motorcycles + +// mov : 2014-01-30 Charleston Road Registry Inc. +mov + +// movie : 2015-02-05 Binky Moon, LLC +movie + +// movistar : 2014-10-16 Telefónica S.A. +movistar + +// msd : 2015-07-23 MSD Registry Holdings, Inc. +msd + +// mtn : 2014-12-04 MTN Dubai Limited +mtn + +// mtr : 2015-03-12 MTR Corporation Limited +mtr + +// mutual : 2015-04-02 Northwestern Mutual MU TLD Registry, LLC +mutual + +// nab : 2015-08-20 National Australia Bank Limited +nab + +// nadex : 2014-12-11 Nadex Domains, Inc. +nadex + +// nagoya : 2013-10-24 GMO Registry, Inc. +nagoya + +// nationwide : 2015-07-23 Nationwide Mutual Insurance Company +nationwide + +// natura : 2015-03-12 NATURA COSMÉTICOS S.A. +natura + +// navy : 2014-03-06 United TLD Holdco Ltd. +navy + +// nba : 2015-07-31 NBA REGISTRY, LLC +nba + +// nec : 2015-01-08 NEC Corporation +nec + +// netbank : 2014-06-26 COMMONWEALTH BANK OF AUSTRALIA +netbank + +// netflix : 2015-06-18 Netflix, Inc. +netflix + +// network : 2013-11-14 Binky Moon, LLC +network + +// neustar : 2013-12-05 Registry Services, LLC +neustar + +// new : 2014-01-30 Charleston Road Registry Inc. +new + +// newholland : 2015-09-03 CNH Industrial N.V. +newholland + +// news : 2014-12-18 United TLD Holdco Ltd. +news + +// next : 2015-06-18 Next plc +next + +// nextdirect : 2015-06-18 Next plc +nextdirect + +// nexus : 2014-07-24 Charleston Road Registry Inc. +nexus + +// nfl : 2015-07-23 NFL Reg Ops LLC +nfl + +// ngo : 2014-03-06 Public Interest Registry +ngo + +// nhk : 2014-02-13 Japan Broadcasting Corporation (NHK) +nhk + +// nico : 2014-12-04 DWANGO Co., Ltd. +nico + +// nike : 2015-07-23 NIKE, Inc. +nike + +// nikon : 2015-05-21 NIKON CORPORATION +nikon + +// ninja : 2013-11-07 United TLD Holdco Ltd. +ninja + +// nissan : 2014-03-27 NISSAN MOTOR CO., LTD. +nissan + +// nissay : 2015-10-29 Nippon Life Insurance Company +nissay + +// nokia : 2015-01-08 Nokia Corporation +nokia + +// northwesternmutual : 2015-06-18 Northwestern Mutual Registry, LLC +northwesternmutual + +// norton : 2014-12-04 Symantec Corporation +norton + +// now : 2015-06-25 Amazon Registry Services, Inc. +now + +// nowruz : 2014-09-04 Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti. +nowruz + +// nowtv : 2015-05-14 Starbucks (HK) Limited +nowtv + +// nra : 2014-05-22 NRA Holdings Company, INC. +nra + +// nrw : 2013-11-21 Minds + Machines GmbH +nrw + +// ntt : 2014-10-31 NIPPON TELEGRAPH AND TELEPHONE CORPORATION +ntt + +// nyc : 2014-01-23 The City of New York by and through the New York City Department of Information Technology & Telecommunications +nyc + +// obi : 2014-09-25 OBI Group Holding SE & Co. KGaA +obi + +// observer : 2015-04-30 Top Level Spectrum, Inc. +observer + +// off : 2015-07-23 Johnson Shareholdings, Inc. +off + +// office : 2015-03-12 Microsoft Corporation +office + +// okinawa : 2013-12-05 BRregistry, Inc. +okinawa + +// olayan : 2015-05-14 Crescent Holding GmbH +olayan + +// olayangroup : 2015-05-14 Crescent Holding GmbH +olayangroup + +// oldnavy : 2015-07-31 The Gap, Inc. +oldnavy + +// ollo : 2015-06-04 Dish DBS Corporation +ollo + +// omega : 2015-01-08 The Swatch Group Ltd +omega + +// one : 2014-11-07 One.com A/S +one + +// ong : 2014-03-06 Public Interest Registry +ong + +// onl : 2013-09-16 I-Registry Ltd. +onl + +// online : 2015-01-15 DotOnline Inc. +online + +// onyourside : 2015-07-23 Nationwide Mutual Insurance Company +onyourside + +// ooo : 2014-01-09 INFIBEAM INCORPORATION LIMITED +ooo + +// open : 2015-07-31 American Express Travel Related Services Company, Inc. +open + +// oracle : 2014-06-19 Oracle Corporation +oracle + +// orange : 2015-03-12 Orange Brand Services Limited +orange + +// organic : 2014-03-27 Afilias plc +organic + +// origins : 2015-10-01 The Estée Lauder Companies Inc. +origins + +// osaka : 2014-09-04 Osaka Registry Co., Ltd. +osaka + +// otsuka : 2013-10-11 Otsuka Holdings Co., Ltd. +otsuka + +// ott : 2015-06-04 Dish DBS Corporation +ott + +// ovh : 2014-01-16 OVH SAS +ovh + +// page : 2014-12-04 Charleston Road Registry Inc. +page + +// panasonic : 2015-07-30 Panasonic Corporation +panasonic + +// panerai : 2014-11-07 Richemont DNS Inc. +panerai + +// paris : 2014-01-30 City of Paris +paris + +// pars : 2014-09-04 Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti. +pars + +// partners : 2013-12-05 Binky Moon, LLC +partners + +// parts : 2013-12-05 Binky Moon, LLC +parts + +// party : 2014-09-11 Blue Sky Registry Limited +party + +// passagens : 2015-03-05 Travel Reservations SRL +passagens + +// pay : 2015-08-27 Amazon Registry Services, Inc. +pay + +// pccw : 2015-05-14 PCCW Enterprises Limited +pccw + +// pet : 2015-05-07 Afilias plc +pet + +// pfizer : 2015-09-11 Pfizer Inc. +pfizer + +// pharmacy : 2014-06-19 National Association of Boards of Pharmacy +pharmacy + +// phd : 2016-07-28 Charleston Road Registry Inc. +phd + +// philips : 2014-11-07 Koninklijke Philips N.V. +philips + +// phone : 2016-06-02 Dish DBS Corporation +phone + +// photo : 2013-11-14 Uniregistry, Corp. +photo + +// photography : 2013-09-20 Binky Moon, LLC +photography + +// photos : 2013-10-17 Binky Moon, LLC +photos + +// physio : 2014-05-01 PhysBiz Pty Ltd +physio + +// piaget : 2014-10-16 Richemont DNS Inc. +piaget + +// pics : 2013-11-14 Uniregistry, Corp. +pics + +// pictet : 2014-06-26 Pictet Europe S.A. +pictet + +// pictures : 2014-03-06 Binky Moon, LLC +pictures + +// pid : 2015-01-08 Top Level Spectrum, Inc. +pid + +// pin : 2014-12-18 Amazon Registry Services, Inc. +pin + +// ping : 2015-06-11 Ping Registry Provider, Inc. +ping + +// pink : 2013-10-01 Afilias plc +pink + +// pioneer : 2015-07-16 Pioneer Corporation +pioneer + +// pizza : 2014-06-26 Binky Moon, LLC +pizza + +// place : 2014-04-24 Binky Moon, LLC +place + +// play : 2015-03-05 Charleston Road Registry Inc. +play + +// playstation : 2015-07-02 Sony Computer Entertainment Inc. +playstation + +// plumbing : 2013-09-10 Binky Moon, LLC +plumbing + +// plus : 2015-02-05 Binky Moon, LLC +plus + +// pnc : 2015-07-02 PNC Domain Co., LLC +pnc + +// pohl : 2014-06-23 Deutsche Vermögensberatung Aktiengesellschaft DVAG +pohl + +// poker : 2014-07-03 Afilias plc +poker + +// politie : 2015-08-20 Politie Nederland +politie + +// porn : 2014-10-16 ICM Registry PN LLC +porn + +// pramerica : 2015-07-30 Prudential Financial, Inc. +pramerica + +// praxi : 2013-12-05 Praxi S.p.A. +praxi + +// press : 2014-04-03 DotPress Inc. +press + +// prime : 2015-06-25 Amazon Registry Services, Inc. +prime + +// prod : 2014-01-23 Charleston Road Registry Inc. +prod + +// productions : 2013-12-05 Binky Moon, LLC +productions + +// prof : 2014-07-24 Charleston Road Registry Inc. +prof + +// progressive : 2015-07-23 Progressive Casualty Insurance Company +progressive + +// promo : 2014-12-18 Afilias plc +promo + +// properties : 2013-12-05 Binky Moon, LLC +properties + +// property : 2014-05-22 Uniregistry, Corp. +property + +// protection : 2015-04-23 XYZ.COM LLC +protection + +// pru : 2015-07-30 Prudential Financial, Inc. +pru + +// prudential : 2015-07-30 Prudential Financial, Inc. +prudential + +// pub : 2013-12-12 United TLD Holdco Ltd. +pub + +// pwc : 2015-10-29 PricewaterhouseCoopers LLP +pwc + +// qpon : 2013-11-14 dotCOOL, Inc. +qpon + +// quebec : 2013-12-19 PointQuébec Inc +quebec + +// quest : 2015-03-26 Quest ION Limited +quest + +// qvc : 2015-07-30 QVC, Inc. +qvc + +// racing : 2014-12-04 Premier Registry Limited +racing + +// radio : 2016-07-21 European Broadcasting Union (EBU) +radio + +// raid : 2015-07-23 Johnson Shareholdings, Inc. +raid + +// read : 2014-12-18 Amazon Registry Services, Inc. +read + +// realestate : 2015-09-11 dotRealEstate LLC +realestate + +// realtor : 2014-05-29 Real Estate Domains LLC +realtor + +// realty : 2015-03-19 Fegistry, LLC +realty + +// recipes : 2013-10-17 Binky Moon, LLC +recipes + +// red : 2013-11-07 Afilias plc +red + +// redstone : 2014-10-31 Redstone Haute Couture Co., Ltd. +redstone + +// redumbrella : 2015-03-26 Travelers TLD, LLC +redumbrella + +// rehab : 2014-03-06 United TLD Holdco Ltd. +rehab + +// reise : 2014-03-13 Binky Moon, LLC +reise + +// reisen : 2014-03-06 Binky Moon, LLC +reisen + +// reit : 2014-09-04 National Association of Real Estate Investment Trusts, Inc. +reit + +// reliance : 2015-04-02 Reliance Industries Limited +reliance + +// ren : 2013-12-12 Beijing Qianxiang Wangjing Technology Development Co., Ltd. +ren + +// rent : 2014-12-04 XYZ.COM LLC +rent + +// rentals : 2013-12-05 Binky Moon, LLC +rentals + +// repair : 2013-11-07 Binky Moon, LLC +repair + +// report : 2013-12-05 Binky Moon, LLC +report + +// republican : 2014-03-20 United TLD Holdco Ltd. +republican + +// rest : 2013-12-19 Punto 2012 Sociedad Anonima Promotora de Inversion de Capital Variable +rest + +// restaurant : 2014-07-03 Binky Moon, LLC +restaurant + +// review : 2014-11-20 dot Review Limited +review + +// reviews : 2013-09-13 United TLD Holdco Ltd. +reviews + +// rexroth : 2015-06-18 Robert Bosch GMBH +rexroth + +// rich : 2013-11-21 I-Registry Ltd. +rich + +// richardli : 2015-05-14 Pacific Century Asset Management (HK) Limited +richardli + +// ricoh : 2014-11-20 Ricoh Company, Ltd. +ricoh + +// rightathome : 2015-07-23 Johnson Shareholdings, Inc. +rightathome + +// ril : 2015-04-02 Reliance Industries Limited +ril + +// rio : 2014-02-27 Empresa Municipal de Informática SA - IPLANRIO +rio + +// rip : 2014-07-10 United TLD Holdco Ltd. +rip + +// rmit : 2015-11-19 Royal Melbourne Institute of Technology +rmit + +// rocher : 2014-12-18 Ferrero Trading Lux S.A. +rocher + +// rocks : 2013-11-14 United TLD Holdco Ltd. +rocks + +// rodeo : 2013-12-19 Minds + Machines Group Limited +rodeo + +// rogers : 2015-08-06 Rogers Communications Canada Inc. +rogers + +// room : 2014-12-18 Amazon Registry Services, Inc. +room + +// rsvp : 2014-05-08 Charleston Road Registry Inc. +rsvp + +// rugby : 2016-12-15 World Rugby Strategic Developments Limited +rugby + +// ruhr : 2013-10-02 regiodot GmbH & Co. KG +ruhr + +// run : 2015-03-19 Binky Moon, LLC +run + +// rwe : 2015-04-02 RWE AG +rwe + +// ryukyu : 2014-01-09 BRregistry, Inc. +ryukyu + +// saarland : 2013-12-12 dotSaarland GmbH +saarland + +// safe : 2014-12-18 Amazon Registry Services, Inc. +safe + +// safety : 2015-01-08 Safety Registry Services, LLC. +safety + +// sakura : 2014-12-18 SAKURA Internet Inc. +sakura + +// sale : 2014-10-16 United TLD Holdco Ltd. +sale + +// salon : 2014-12-11 Binky Moon, LLC +salon + +// samsclub : 2015-07-31 Wal-Mart Stores, Inc. +samsclub + +// samsung : 2014-04-03 SAMSUNG SDS CO., LTD +samsung + +// sandvik : 2014-11-13 Sandvik AB +sandvik + +// sandvikcoromant : 2014-11-07 Sandvik AB +sandvikcoromant + +// sanofi : 2014-10-09 Sanofi +sanofi + +// sap : 2014-03-27 SAP AG +sap + +// sapo : 2014-11-07 MEO Servicos de Comunicacoes e Multimedia, S.A. +sapo + +// sarl : 2014-07-03 Binky Moon, LLC +sarl + +// sas : 2015-04-02 Research IP LLC +sas + +// save : 2015-06-25 Amazon Registry Services, Inc. +save + +// saxo : 2014-10-31 Saxo Bank A/S +saxo + +// sbi : 2015-03-12 STATE BANK OF INDIA +sbi + +// sbs : 2014-11-07 SPECIAL BROADCASTING SERVICE CORPORATION +sbs + +// sca : 2014-03-13 SVENSKA CELLULOSA AKTIEBOLAGET SCA (publ) +sca + +// scb : 2014-02-20 The Siam Commercial Bank Public Company Limited ("SCB") +scb + +// schaeffler : 2015-08-06 Schaeffler Technologies AG & Co. KG +schaeffler + +// schmidt : 2014-04-03 SALM S.A.S. +schmidt + +// scholarships : 2014-04-24 Scholarships.com, LLC +scholarships + +// school : 2014-12-18 Binky Moon, LLC +school + +// schule : 2014-03-06 Binky Moon, LLC +schule + +// schwarz : 2014-09-18 Schwarz Domains und Services GmbH & Co. KG +schwarz + +// science : 2014-09-11 dot Science Limited +science + +// scjohnson : 2015-07-23 Johnson Shareholdings, Inc. +scjohnson + +// scor : 2014-10-31 SCOR SE +scor + +// scot : 2014-01-23 Dot Scot Registry Limited +scot + +// search : 2016-06-09 Charleston Road Registry Inc. +search + +// seat : 2014-05-22 SEAT, S.A. (Sociedad Unipersonal) +seat + +// secure : 2015-08-27 Amazon Registry Services, Inc. +secure + +// security : 2015-05-14 XYZ.COM LLC +security + +// seek : 2014-12-04 Seek Limited +seek + +// select : 2015-10-08 iSelect Ltd +select + +// sener : 2014-10-24 Sener Ingeniería y Sistemas, S.A. +sener + +// services : 2014-02-27 Binky Moon, LLC +services + +// ses : 2015-07-23 SES +ses + +// seven : 2015-08-06 Seven West Media Ltd +seven + +// sew : 2014-07-17 SEW-EURODRIVE GmbH & Co KG +sew + +// sex : 2014-11-13 ICM Registry SX LLC +sex + +// sexy : 2013-09-11 Uniregistry, Corp. +sexy + +// sfr : 2015-08-13 Societe Francaise du Radiotelephone - SFR +sfr + +// shangrila : 2015-09-03 Shangri‐La International Hotel Management Limited +shangrila + +// sharp : 2014-05-01 Sharp Corporation +sharp + +// shaw : 2015-04-23 Shaw Cablesystems G.P. +shaw + +// shell : 2015-07-30 Shell Information Technology International Inc +shell + +// shia : 2014-09-04 Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti. +shia + +// shiksha : 2013-11-14 Afilias plc +shiksha + +// shoes : 2013-10-02 Binky Moon, LLC +shoes + +// shop : 2016-04-08 GMO Registry, Inc. +shop + +// shopping : 2016-03-31 Binky Moon, LLC +shopping + +// shouji : 2015-01-08 QIHOO 360 TECHNOLOGY CO. LTD. +shouji + +// show : 2015-03-05 Binky Moon, LLC +show + +// showtime : 2015-08-06 CBS Domains Inc. +showtime + +// shriram : 2014-01-23 Shriram Capital Ltd. +shriram + +// silk : 2015-06-25 Amazon Registry Services, Inc. +silk + +// sina : 2015-03-12 Sina Corporation +sina + +// singles : 2013-08-27 Binky Moon, LLC +singles + +// site : 2015-01-15 DotSite Inc. +site + +// ski : 2015-04-09 Afilias plc +ski + +// skin : 2015-01-15 L'Oréal +skin + +// sky : 2014-06-19 Sky International AG +sky + +// skype : 2014-12-18 Microsoft Corporation +skype + +// sling : 2015-07-30 Hughes Satellite Systems Corporation +sling + +// smart : 2015-07-09 Smart Communications, Inc. (SMART) +smart + +// smile : 2014-12-18 Amazon Registry Services, Inc. +smile + +// sncf : 2015-02-19 Société Nationale des Chemins de fer Francais S N C F +sncf + +// soccer : 2015-03-26 Binky Moon, LLC +soccer + +// social : 2013-11-07 United TLD Holdco Ltd. +social + +// softbank : 2015-07-02 SoftBank Corp. +softbank + +// software : 2014-03-20 United TLD Holdco Ltd. +software + +// sohu : 2013-12-19 Sohu.com Limited +sohu + +// solar : 2013-11-07 Binky Moon, LLC +solar + +// solutions : 2013-11-07 Binky Moon, LLC +solutions + +// song : 2015-02-26 Amazon Registry Services, Inc. +song + +// sony : 2015-01-08 Sony Corporation +sony + +// soy : 2014-01-23 Charleston Road Registry Inc. +soy + +// space : 2014-04-03 DotSpace Inc. +space + +// spiegel : 2014-02-05 SPIEGEL-Verlag Rudolf Augstein GmbH & Co. KG +spiegel + +// sport : 2017-11-16 Global Association of International Sports Federations (GAISF) +sport + +// spot : 2015-02-26 Amazon Registry Services, Inc. +spot + +// spreadbetting : 2014-12-11 Dotspreadbetting Registry Limited +spreadbetting + +// srl : 2015-05-07 InterNetX, Corp +srl + +// srt : 2015-07-30 FCA US LLC. +srt + +// stada : 2014-11-13 STADA Arzneimittel AG +stada + +// staples : 2015-07-30 Staples, Inc. +staples + +// star : 2015-01-08 Star India Private Limited +star + +// starhub : 2015-02-05 StarHub Ltd +starhub + +// statebank : 2015-03-12 STATE BANK OF INDIA +statebank + +// statefarm : 2015-07-30 State Farm Mutual Automobile Insurance Company +statefarm + +// statoil : 2014-12-04 Statoil ASA +statoil + +// stc : 2014-10-09 Saudi Telecom Company +stc + +// stcgroup : 2014-10-09 Saudi Telecom Company +stcgroup + +// stockholm : 2014-12-18 Stockholms kommun +stockholm + +// storage : 2014-12-22 XYZ.COM LLC +storage + +// store : 2015-04-09 DotStore Inc. +store + +// stream : 2016-01-08 dot Stream Limited +stream + +// studio : 2015-02-11 United TLD Holdco Ltd. +studio + +// study : 2014-12-11 OPEN UNIVERSITIES AUSTRALIA PTY LTD +study + +// style : 2014-12-04 Binky Moon, LLC +style + +// sucks : 2014-12-22 Vox Populi Registry Ltd. +sucks + +// supplies : 2013-12-19 Binky Moon, LLC +supplies + +// supply : 2013-12-19 Binky Moon, LLC +supply + +// support : 2013-10-24 Binky Moon, LLC +support + +// surf : 2014-01-09 Minds + Machines Group Limited +surf + +// surgery : 2014-03-20 Binky Moon, LLC +surgery + +// suzuki : 2014-02-20 SUZUKI MOTOR CORPORATION +suzuki + +// swatch : 2015-01-08 The Swatch Group Ltd +swatch + +// swiftcover : 2015-07-23 Swiftcover Insurance Services Limited +swiftcover + +// swiss : 2014-10-16 Swiss Confederation +swiss + +// sydney : 2014-09-18 State of New South Wales, Department of Premier and Cabinet +sydney + +// symantec : 2014-12-04 Symantec Corporation +symantec + +// systems : 2013-11-07 Binky Moon, LLC +systems + +// tab : 2014-12-04 Tabcorp Holdings Limited +tab + +// taipei : 2014-07-10 Taipei City Government +taipei + +// talk : 2015-04-09 Amazon Registry Services, Inc. +talk + +// taobao : 2015-01-15 Alibaba Group Holding Limited +taobao + +// target : 2015-07-31 Target Domain Holdings, LLC +target + +// tatamotors : 2015-03-12 Tata Motors Ltd +tatamotors + +// tatar : 2014-04-24 Limited Liability Company "Coordination Center of Regional Domain of Tatarstan Republic" +tatar + +// tattoo : 2013-08-30 Uniregistry, Corp. +tattoo + +// tax : 2014-03-20 Binky Moon, LLC +tax + +// taxi : 2015-03-19 Binky Moon, LLC +taxi + +// tci : 2014-09-12 Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti. +tci + +// tdk : 2015-06-11 TDK Corporation +tdk + +// team : 2015-03-05 Binky Moon, LLC +team + +// tech : 2015-01-30 Personals TLD Inc. +tech + +// technology : 2013-09-13 Binky Moon, LLC +technology + +// telecity : 2015-02-19 TelecityGroup International Limited +telecity + +// telefonica : 2014-10-16 Telefónica S.A. +telefonica + +// temasek : 2014-08-07 Temasek Holdings (Private) Limited +temasek + +// tennis : 2014-12-04 Binky Moon, LLC +tennis + +// teva : 2015-07-02 Teva Pharmaceutical Industries Limited +teva + +// thd : 2015-04-02 Home Depot Product Authority, LLC +thd + +// theater : 2015-03-19 Binky Moon, LLC +theater + +// theatre : 2015-05-07 XYZ.COM LLC +theatre + +// tiaa : 2015-07-23 Teachers Insurance and Annuity Association of America +tiaa + +// tickets : 2015-02-05 Accent Media Limited +tickets + +// tienda : 2013-11-14 Binky Moon, LLC +tienda + +// tiffany : 2015-01-30 Tiffany and Company +tiffany + +// tips : 2013-09-20 Binky Moon, LLC +tips + +// tires : 2014-11-07 Binky Moon, LLC +tires + +// tirol : 2014-04-24 punkt Tirol GmbH +tirol + +// tjmaxx : 2015-07-16 The TJX Companies, Inc. +tjmaxx + +// tjx : 2015-07-16 The TJX Companies, Inc. +tjx + +// tkmaxx : 2015-07-16 The TJX Companies, Inc. +tkmaxx + +// tmall : 2015-01-15 Alibaba Group Holding Limited +tmall + +// today : 2013-09-20 Binky Moon, LLC +today + +// tokyo : 2013-11-13 GMO Registry, Inc. +tokyo + +// tools : 2013-11-21 Binky Moon, LLC +tools + +// top : 2014-03-20 .TOP Registry +top + +// toray : 2014-12-18 Toray Industries, Inc. +toray + +// toshiba : 2014-04-10 TOSHIBA Corporation +toshiba + +// total : 2015-08-06 Total SA +total + +// tours : 2015-01-22 Binky Moon, LLC +tours + +// town : 2014-03-06 Binky Moon, LLC +town + +// toyota : 2015-04-23 TOYOTA MOTOR CORPORATION +toyota + +// toys : 2014-03-06 Binky Moon, LLC +toys + +// trade : 2014-01-23 Elite Registry Limited +trade + +// trading : 2014-12-11 Dottrading Registry Limited +trading + +// training : 2013-11-07 Binky Moon, LLC +training + +// travel : Dog Beach, LLC +travel + +// travelchannel : 2015-07-02 Lifestyle Domain Holdings, Inc. +travelchannel + +// travelers : 2015-03-26 Travelers TLD, LLC +travelers + +// travelersinsurance : 2015-03-26 Travelers TLD, LLC +travelersinsurance + +// trust : 2014-10-16 NCC Group Inc. +trust + +// trv : 2015-03-26 Travelers TLD, LLC +trv + +// tube : 2015-06-11 Latin American Telecom LLC +tube + +// tui : 2014-07-03 TUI AG +tui + +// tunes : 2015-02-26 Amazon Registry Services, Inc. +tunes + +// tushu : 2014-12-18 Amazon Registry Services, Inc. +tushu + +// tvs : 2015-02-19 T V SUNDRAM IYENGAR & SONS LIMITED +tvs + +// ubank : 2015-08-20 National Australia Bank Limited +ubank + +// ubs : 2014-12-11 UBS AG +ubs + +// uconnect : 2015-07-30 FCA US LLC. +uconnect + +// unicom : 2015-10-15 China United Network Communications Corporation Limited +unicom + +// university : 2014-03-06 Binky Moon, LLC +university + +// uno : 2013-09-11 Dot Latin LLC +uno + +// uol : 2014-05-01 UBN INTERNET LTDA. +uol + +// ups : 2015-06-25 UPS Market Driver, Inc. +ups + +// vacations : 2013-12-05 Binky Moon, LLC +vacations + +// vana : 2014-12-11 Lifestyle Domain Holdings, Inc. +vana + +// vanguard : 2015-09-03 The Vanguard Group, Inc. +vanguard + +// vegas : 2014-01-16 Dot Vegas, Inc. +vegas + +// ventures : 2013-08-27 Binky Moon, LLC +ventures + +// verisign : 2015-08-13 VeriSign, Inc. +verisign + +// versicherung : 2014-03-20 TLD-BOX Registrydienstleistungen GmbH +versicherung + +// vet : 2014-03-06 United TLD Holdco Ltd. +vet + +// viajes : 2013-10-17 Binky Moon, LLC +viajes + +// video : 2014-10-16 United TLD Holdco Ltd. +video + +// vig : 2015-05-14 VIENNA INSURANCE GROUP AG Wiener Versicherung Gruppe +vig + +// viking : 2015-04-02 Viking River Cruises (Bermuda) Ltd. +viking + +// villas : 2013-12-05 Binky Moon, LLC +villas + +// vin : 2015-06-18 Binky Moon, LLC +vin + +// vip : 2015-01-22 Minds + Machines Group Limited +vip + +// virgin : 2014-09-25 Virgin Enterprises Limited +virgin + +// visa : 2015-07-30 Visa Worldwide Pte. Limited +visa + +// vision : 2013-12-05 Binky Moon, LLC +vision + +// vista : 2014-09-18 Vistaprint Limited +vista + +// vistaprint : 2014-09-18 Vistaprint Limited +vistaprint + +// viva : 2014-11-07 Saudi Telecom Company +viva + +// vivo : 2015-07-31 Telefonica Brasil S.A. +vivo + +// vlaanderen : 2014-02-06 DNS.be vzw +vlaanderen + +// vodka : 2013-12-19 Minds + Machines Group Limited +vodka + +// volkswagen : 2015-05-14 Volkswagen Group of America Inc. +volkswagen + +// volvo : 2015-11-12 Volvo Holding Sverige Aktiebolag +volvo + +// vote : 2013-11-21 Monolith Registry LLC +vote + +// voting : 2013-11-13 Valuetainment Corp. +voting + +// voto : 2013-11-21 Monolith Registry LLC +voto + +// voyage : 2013-08-27 Binky Moon, LLC +voyage + +// vuelos : 2015-03-05 Travel Reservations SRL +vuelos + +// wales : 2014-05-08 Nominet UK +wales + +// walmart : 2015-07-31 Wal-Mart Stores, Inc. +walmart + +// walter : 2014-11-13 Sandvik AB +walter + +// wang : 2013-10-24 Zodiac Wang Limited +wang + +// wanggou : 2014-12-18 Amazon Registry Services, Inc. +wanggou + +// warman : 2015-06-18 Weir Group IP Limited +warman + +// watch : 2013-11-14 Binky Moon, LLC +watch + +// watches : 2014-12-22 Richemont DNS Inc. +watches + +// weather : 2015-01-08 International Business Machines Corporation +weather + +// weatherchannel : 2015-03-12 International Business Machines Corporation +weatherchannel + +// webcam : 2014-01-23 dot Webcam Limited +webcam + +// weber : 2015-06-04 Saint-Gobain Weber SA +weber + +// website : 2014-04-03 DotWebsite Inc. +website + +// wed : 2013-10-01 Atgron, Inc. +wed + +// wedding : 2014-04-24 Minds + Machines Group Limited +wedding + +// weibo : 2015-03-05 Sina Corporation +weibo + +// weir : 2015-01-29 Weir Group IP Limited +weir + +// whoswho : 2014-02-20 Who's Who Registry +whoswho + +// wien : 2013-10-28 punkt.wien GmbH +wien + +// wiki : 2013-11-07 Top Level Design, LLC +wiki + +// williamhill : 2014-03-13 William Hill Organization Limited +williamhill + +// win : 2014-11-20 First Registry Limited +win + +// windows : 2014-12-18 Microsoft Corporation +windows + +// wine : 2015-06-18 Binky Moon, LLC +wine + +// winners : 2015-07-16 The TJX Companies, Inc. +winners + +// wme : 2014-02-13 William Morris Endeavor Entertainment, LLC +wme + +// wolterskluwer : 2015-08-06 Wolters Kluwer N.V. +wolterskluwer + +// woodside : 2015-07-09 Woodside Petroleum Limited +woodside + +// work : 2013-12-19 Minds + Machines Group Limited +work + +// works : 2013-11-14 Binky Moon, LLC +works + +// world : 2014-06-12 Binky Moon, LLC +world + +// wow : 2015-10-08 Amazon Registry Services, Inc. +wow + +// wtc : 2013-12-19 World Trade Centers Association, Inc. +wtc + +// wtf : 2014-03-06 Binky Moon, LLC +wtf + +// xbox : 2014-12-18 Microsoft Corporation +xbox + +// xerox : 2014-10-24 Xerox DNHC LLC +xerox + +// xfinity : 2015-07-09 Comcast IP Holdings I, LLC +xfinity + +// xihuan : 2015-01-08 QIHOO 360 TECHNOLOGY CO. LTD. +xihuan + +// xin : 2014-12-11 Elegant Leader Limited +xin + +// xn--11b4c3d : 2015-01-15 VeriSign Sarl +कॉम + +// xn--1ck2e1b : 2015-02-26 Amazon Registry Services, Inc. +セール + +// xn--1qqw23a : 2014-01-09 Guangzhou YU Wei Information Technology Co., Ltd. +佛山 + +// xn--30rr7y : 2014-06-12 Excellent First Limited +慈善 + +// xn--3bst00m : 2013-09-13 Eagle Horizon Limited +集团 + +// xn--3ds443g : 2013-09-08 TLD REGISTRY LIMITED +在线 + +// xn--3oq18vl8pn36a : 2015-07-02 Volkswagen (China) Investment Co., Ltd. +大众汽车 + +// xn--3pxu8k : 2015-01-15 VeriSign Sarl +点看 + +// xn--42c2d9a : 2015-01-15 VeriSign Sarl +คอม + +// xn--45q11c : 2013-11-21 Zodiac Gemini Ltd +八卦 + +// xn--4gbrim : 2013-10-04 Suhub Electronic Establishment +موقع + +// xn--55qw42g : 2013-11-08 China Organizational Name Administration Center +公益 + +// xn--55qx5d : 2013-11-14 China Internet Network Information Center (CNNIC) +公司 + +// xn--5su34j936bgsg : 2015-09-03 Shangri‐La International Hotel Management Limited +香格里拉 + +// xn--5tzm5g : 2014-12-22 Global Website TLD Asia Limited +网站 + +// xn--6frz82g : 2013-09-23 Afilias plc +移动 + +// xn--6qq986b3xl : 2013-09-13 Tycoon Treasure Limited +我爱你 + +// xn--80adxhks : 2013-12-19 Foundation for Assistance for Internet Technologies and Infrastructure Development (FAITID) +москва + +// xn--80aqecdr1a : 2015-10-21 Pontificium Consilium de Comunicationibus Socialibus (PCCS) (Pontifical Council for Social Communication) +католик + +// xn--80asehdb : 2013-07-14 CORE Association +онлайн + +// xn--80aswg : 2013-07-14 CORE Association +сайт + +// xn--8y0a063a : 2015-03-26 China United Network Communications Corporation Limited +联通 + +// xn--9dbq2a : 2015-01-15 VeriSign Sarl +קום + +// xn--9et52u : 2014-06-12 RISE VICTORY LIMITED +时尚 + +// xn--9krt00a : 2015-03-12 Sina Corporation +微博 + +// xn--b4w605ferd : 2014-08-07 Temasek Holdings (Private) Limited +淡马锡 + +// xn--bck1b9a5dre4c : 2015-02-26 Amazon Registry Services, Inc. +ファッション + +// xn--c1avg : 2013-11-14 Public Interest Registry +орг + +// xn--c2br7g : 2015-01-15 VeriSign Sarl +नेट + +// xn--cck2b3b : 2015-02-26 Amazon Registry Services, Inc. +ストア + +// xn--cg4bki : 2013-09-27 SAMSUNG SDS CO., LTD +삼성 + +// xn--czr694b : 2014-01-16 Dot Trademark TLD Holding Company Limited +商标 + +// xn--czrs0t : 2013-12-19 Binky Moon, LLC +商店 + +// xn--czru2d : 2013-11-21 Zodiac Aquarius Limited +商城 + +// xn--d1acj3b : 2013-11-20 The Foundation for Network Initiatives “The Smart Internet” +дети + +// xn--eckvdtc9d : 2014-12-18 Amazon Registry Services, Inc. +ポイント + +// xn--efvy88h : 2014-08-22 Guangzhou YU Wei Information Technology Co., Ltd. +新闻 + +// xn--estv75g : 2015-02-19 Industrial and Commercial Bank of China Limited +工行 + +// xn--fct429k : 2015-04-09 Amazon Registry Services, Inc. +家電 + +// xn--fhbei : 2015-01-15 VeriSign Sarl +كوم + +// xn--fiq228c5hs : 2013-09-08 TLD REGISTRY LIMITED +中文网 + +// xn--fiq64b : 2013-10-14 CITIC Group Corporation +中信 + +// xn--fjq720a : 2014-05-22 Binky Moon, LLC +娱乐 + +// xn--flw351e : 2014-07-31 Charleston Road Registry Inc. +谷歌 + +// xn--fzys8d69uvgm : 2015-05-14 PCCW Enterprises Limited +電訊盈科 + +// xn--g2xx48c : 2015-01-30 Minds + Machines Group Limited +购物 + +// xn--gckr3f0f : 2015-02-26 Amazon Registry Services, Inc. +クラウド + +// xn--gk3at1e : 2015-10-08 Amazon Registry Services, Inc. +通販 + +// xn--hxt814e : 2014-05-15 Zodiac Taurus Limited +网店 + +// xn--i1b6b1a6a2e : 2013-11-14 Public Interest Registry +संगठन + +// xn--imr513n : 2014-12-11 Dot Trademark TLD Holding Company Limited +餐厅 + +// xn--io0a7i : 2013-11-14 China Internet Network Information Center (CNNIC) +网络 + +// xn--j1aef : 2015-01-15 VeriSign Sarl +ком + +// xn--jlq61u9w7b : 2015-01-08 Nokia Corporation +诺基亚 + +// xn--jvr189m : 2015-02-26 Amazon Registry Services, Inc. +食品 + +// xn--kcrx77d1x4a : 2014-11-07 Koninklijke Philips N.V. +飞利浦 + +// xn--kpu716f : 2014-12-22 Richemont DNS Inc. +手表 + +// xn--kput3i : 2014-02-13 Beijing RITT-Net Technology Development Co., Ltd +手机 + +// xn--mgba3a3ejt : 2014-11-20 Aramco Services Company +ارامكو + +// xn--mgba7c0bbn0a : 2015-05-14 Crescent Holding GmbH +العليان + +// xn--mgbaakc7dvf : 2015-09-03 Emirates Telecommunications Corporation (trading as Etisalat) +اتصالات + +// xn--mgbab2bd : 2013-10-31 CORE Association +بازار + +// xn--mgbb9fbpob : 2014-12-18 GreenTech Consultancy Company W.L.L. +موبايلي + +// xn--mgbca7dzdo : 2015-07-30 Abu Dhabi Systems and Information Centre +ابوظبي + +// xn--mgbi4ecexp : 2015-10-21 Pontificium Consilium de Comunicationibus Socialibus (PCCS) (Pontifical Council for Social Communication) +كاثوليك + +// xn--mgbt3dhd : 2014-09-04 Asia Green IT System Bilgisayar San. ve Tic. Ltd. Sti. +همراه + +// xn--mk1bu44c : 2015-01-15 VeriSign Sarl +닷컴 + +// xn--mxtq1m : 2014-03-06 Net-Chinese Co., Ltd. +政府 + +// xn--ngbc5azd : 2013-07-13 International Domain Registry Pty. Ltd. +شبكة + +// xn--ngbe9e0a : 2014-12-04 Kuwait Finance House +بيتك + +// xn--ngbrx : 2015-11-12 League of Arab States +عرب + +// xn--nqv7f : 2013-11-14 Public Interest Registry +机构 + +// xn--nqv7fs00ema : 2013-11-14 Public Interest Registry +组织机构 + +// xn--nyqy26a : 2014-11-07 Stable Tone Limited +健康 + +// xn--otu796d : 2017-08-06 Dot Trademark TLD Holding Company Limited +招聘 + +// xn--p1acf : 2013-12-12 Rusnames Limited +рус + +// xn--pbt977c : 2014-12-22 Richemont DNS Inc. +珠宝 + +// xn--pssy2u : 2015-01-15 VeriSign Sarl +大拿 + +// xn--q9jyb4c : 2013-09-17 Charleston Road Registry Inc. +みんな + +// xn--qcka1pmc : 2014-07-31 Charleston Road Registry Inc. +グーグル + +// xn--rhqv96g : 2013-09-11 Stable Tone Limited +世界 + +// xn--rovu88b : 2015-02-26 Amazon Registry Services, Inc. +書籍 + +// xn--ses554g : 2014-01-16 KNET Co., Ltd. +网址 + +// xn--t60b56a : 2015-01-15 VeriSign Sarl +닷넷 + +// xn--tckwe : 2015-01-15 VeriSign Sarl +コム + +// xn--tiq49xqyj : 2015-10-21 Pontificium Consilium de Comunicationibus Socialibus (PCCS) (Pontifical Council for Social Communication) +天主教 + +// xn--unup4y : 2013-07-14 Binky Moon, LLC +游戏 + +// xn--vermgensberater-ctb : 2014-06-23 Deutsche Vermögensberatung Aktiengesellschaft DVAG +vermögensberater + +// xn--vermgensberatung-pwb : 2014-06-23 Deutsche Vermögensberatung Aktiengesellschaft DVAG +vermögensberatung + +// xn--vhquv : 2013-08-27 Binky Moon, LLC +企业 + +// xn--vuq861b : 2014-10-16 Beijing Tele-info Network Technology Co., Ltd. +信息 + +// xn--w4r85el8fhu5dnra : 2015-04-30 Kerry Trading Co. Limited +嘉里大酒店 + +// xn--w4rs40l : 2015-07-30 Kerry Trading Co. Limited +嘉里 + +// xn--xhq521b : 2013-11-14 Guangzhou YU Wei Information Technology Co., Ltd. +广东 + +// xn--zfr164b : 2013-11-08 China Organizational Name Administration Center +政务 + +// xperia : 2015-05-14 Sony Mobile Communications AB +xperia + +// xyz : 2013-12-05 XYZ.COM LLC +xyz + +// yachts : 2014-01-09 DERYachts, LLC +yachts + +// yahoo : 2015-04-02 Yahoo! Domain Services Inc. +yahoo + +// yamaxun : 2014-12-18 Amazon Registry Services, Inc. +yamaxun + +// yandex : 2014-04-10 YANDEX, LLC +yandex + +// yodobashi : 2014-11-20 YODOBASHI CAMERA CO.,LTD. +yodobashi + +// yoga : 2014-05-29 Minds + Machines Group Limited +yoga + +// yokohama : 2013-12-12 GMO Registry, Inc. +yokohama + +// you : 2015-04-09 Amazon Registry Services, Inc. +you + +// youtube : 2014-05-01 Charleston Road Registry Inc. +youtube + +// yun : 2015-01-08 QIHOO 360 TECHNOLOGY CO. LTD. +yun + +// zappos : 2015-06-25 Amazon Registry Services, Inc. +zappos + +// zara : 2014-11-07 Industria de Diseño Textil, S.A. (INDITEX, S.A.) +zara + +// zero : 2014-12-18 Amazon Registry Services, Inc. +zero + +// zip : 2014-05-08 Charleston Road Registry Inc. +zip + +// zippo : 2015-07-02 Zadco Company +zippo + +// zone : 2013-11-14 Binky Moon, LLC +zone + +// zuerich : 2014-11-07 Kanton Zürich (Canton of Zurich) +zuerich + + +// ===END ICANN DOMAINS=== +// ===BEGIN PRIVATE DOMAINS=== +// (Note: these are in alphabetical order by company name) + +// 1GB LLC : https://www.1gb.ua/ +// Submitted by 1GB LLC <noc@1gb.com.ua> +cc.ua +inf.ua +ltd.ua + +// Agnat sp. z o.o. : https://domena.pl +// Submitted by Przemyslaw Plewa <it-admin@domena.pl> +beep.pl + +// Alces Software Ltd : http://alces-software.com +// Submitted by Mark J. Titorenko <mark.titorenko@alces-software.com> +*.compute.estate +*.alces.network + +// alwaysdata : https://www.alwaysdata.com +// Submitted by Cyril <admin@alwaysdata.com> +alwaysdata.net + +// Amazon CloudFront : https://aws.amazon.com/cloudfront/ +// Submitted by Donavan Miller <donavanm@amazon.com> +cloudfront.net + +// Amazon Elastic Compute Cloud : https://aws.amazon.com/ec2/ +// Submitted by Luke Wells <psl-maintainers@amazon.com> +*.compute.amazonaws.com +*.compute-1.amazonaws.com +*.compute.amazonaws.com.cn +us-east-1.amazonaws.com + +// Amazon Elastic Beanstalk : https://aws.amazon.com/elasticbeanstalk/ +// Submitted by Luke Wells <psl-maintainers@amazon.com> +cn-north-1.eb.amazonaws.com.cn +elasticbeanstalk.com +ap-northeast-1.elasticbeanstalk.com +ap-northeast-2.elasticbeanstalk.com +ap-northeast-3.elasticbeanstalk.com +ap-south-1.elasticbeanstalk.com +ap-southeast-1.elasticbeanstalk.com +ap-southeast-2.elasticbeanstalk.com +ca-central-1.elasticbeanstalk.com +eu-central-1.elasticbeanstalk.com +eu-west-1.elasticbeanstalk.com +eu-west-2.elasticbeanstalk.com +eu-west-3.elasticbeanstalk.com +sa-east-1.elasticbeanstalk.com +us-east-1.elasticbeanstalk.com +us-east-2.elasticbeanstalk.com +us-gov-west-1.elasticbeanstalk.com +us-west-1.elasticbeanstalk.com +us-west-2.elasticbeanstalk.com + +// Amazon Elastic Load Balancing : https://aws.amazon.com/elasticloadbalancing/ +// Submitted by Luke Wells <psl-maintainers@amazon.com> +*.elb.amazonaws.com +*.elb.amazonaws.com.cn + +// Amazon S3 : https://aws.amazon.com/s3/ +// Submitted by Luke Wells <psl-maintainers@amazon.com> +s3.amazonaws.com +s3-ap-northeast-1.amazonaws.com +s3-ap-northeast-2.amazonaws.com +s3-ap-south-1.amazonaws.com +s3-ap-southeast-1.amazonaws.com +s3-ap-southeast-2.amazonaws.com +s3-ca-central-1.amazonaws.com +s3-eu-central-1.amazonaws.com +s3-eu-west-1.amazonaws.com +s3-eu-west-2.amazonaws.com +s3-eu-west-3.amazonaws.com +s3-external-1.amazonaws.com +s3-fips-us-gov-west-1.amazonaws.com +s3-sa-east-1.amazonaws.com +s3-us-gov-west-1.amazonaws.com +s3-us-east-2.amazonaws.com +s3-us-west-1.amazonaws.com +s3-us-west-2.amazonaws.com +s3.ap-northeast-2.amazonaws.com +s3.ap-south-1.amazonaws.com +s3.cn-north-1.amazonaws.com.cn +s3.ca-central-1.amazonaws.com +s3.eu-central-1.amazonaws.com +s3.eu-west-2.amazonaws.com +s3.eu-west-3.amazonaws.com +s3.us-east-2.amazonaws.com +s3.dualstack.ap-northeast-1.amazonaws.com +s3.dualstack.ap-northeast-2.amazonaws.com +s3.dualstack.ap-south-1.amazonaws.com +s3.dualstack.ap-southeast-1.amazonaws.com +s3.dualstack.ap-southeast-2.amazonaws.com +s3.dualstack.ca-central-1.amazonaws.com +s3.dualstack.eu-central-1.amazonaws.com +s3.dualstack.eu-west-1.amazonaws.com +s3.dualstack.eu-west-2.amazonaws.com +s3.dualstack.eu-west-3.amazonaws.com +s3.dualstack.sa-east-1.amazonaws.com +s3.dualstack.us-east-1.amazonaws.com +s3.dualstack.us-east-2.amazonaws.com +s3-website-us-east-1.amazonaws.com +s3-website-us-west-1.amazonaws.com +s3-website-us-west-2.amazonaws.com +s3-website-ap-northeast-1.amazonaws.com +s3-website-ap-southeast-1.amazonaws.com +s3-website-ap-southeast-2.amazonaws.com +s3-website-eu-west-1.amazonaws.com +s3-website-sa-east-1.amazonaws.com +s3-website.ap-northeast-2.amazonaws.com +s3-website.ap-south-1.amazonaws.com +s3-website.ca-central-1.amazonaws.com +s3-website.eu-central-1.amazonaws.com +s3-website.eu-west-2.amazonaws.com +s3-website.eu-west-3.amazonaws.com +s3-website.us-east-2.amazonaws.com + +// Amune : https://amune.org/ +// Submitted by Team Amune <cert@amune.org> +t3l3p0rt.net +tele.amune.org + +// Aptible : https://www.aptible.com/ +// Submitted by Thomas Orozco <thomas@aptible.com> +on-aptible.com + +// Asociación Amigos de la Informática "Euskalamiga" : http://encounter.eus/ +// Submitted by Hector Martin <marcan@euskalencounter.org> +user.party.eus + +// Association potager.org : https://potager.org/ +// Submitted by Lunar <jardiniers@potager.org> +pimienta.org +poivron.org +potager.org +sweetpepper.org + +// ASUSTOR Inc. : http://www.asustor.com +// Submitted by Vincent Tseng <vincenttseng@asustor.com> +myasustor.com + +// AVM : https://avm.de +// Submitted by Andreas Weise <a.weise@avm.de> +myfritz.net + +// AW AdvisorWebsites.com Software Inc : https://advisorwebsites.com +// Submitted by James Kennedy <domains@advisorwebsites.com> +*.awdev.ca +*.advisor.ws + +// backplane : https://www.backplane.io +// Submitted by Anthony Voutas <anthony@backplane.io> +backplaneapp.io + +// BetaInABox +// Submitted by Adrian <adrian@betainabox.com> +betainabox.com + +// BinaryLane : http://www.binarylane.com +// Submitted by Nathan O'Sullivan <nathan@mammoth.com.au> +bnr.la + +// Blackbaud, Inc. : https://www.blackbaud.com +// Submitted by Paul Crowder <paul.crowder@blackbaud.com> +blackbaudcdn.net + +// Boomla : https://boomla.com +// Submitted by Tibor Halter <thalter@boomla.com> +boomla.net + +// Boxfuse : https://boxfuse.com +// Submitted by Axel Fontaine <axel@boxfuse.com> +boxfuse.io + +// bplaced : https://www.bplaced.net/ +// Submitted by Miroslav Bozic <security@bplaced.net> +square7.ch +bplaced.com +bplaced.de +square7.de +bplaced.net +square7.net + +// BrowserSafetyMark +// Submitted by Dave Tharp <browsersafetymark.io@quicinc.com> +browsersafetymark.io + +// callidomus : https://www.callidomus.com/ +// Submitted by Marcus Popp <admin@callidomus.com> +mycd.eu + +// CentralNic : http://www.centralnic.com/names/domains +// Submitted by registry <gavin.brown@centralnic.com> +ae.org +ar.com +br.com +cn.com +com.de +com.se +de.com +eu.com +gb.com +gb.net +hu.com +hu.net +jp.net +jpn.com +kr.com +mex.com +no.com +qc.com +ru.com +sa.com +se.net +uk.com +uk.net +us.com +uy.com +za.bz +za.com + +// Africa.com Web Solutions Ltd : https://registry.africa.com +// Submitted by Gavin Brown <gavin.brown@centralnic.com> +africa.com + +// iDOT Services Limited : http://www.domain.gr.com +// Submitted by Gavin Brown <gavin.brown@centralnic.com> +gr.com + +// Radix FZC : http://domains.in.net +// Submitted by Gavin Brown <gavin.brown@centralnic.com> +in.net + +// US REGISTRY LLC : http://us.org +// Submitted by Gavin Brown <gavin.brown@centralnic.com> +us.org + +// co.com Registry, LLC : https://registry.co.com +// Submitted by Gavin Brown <gavin.brown@centralnic.com> +co.com + +// c.la : http://www.c.la/ +c.la + +// certmgr.org : https://certmgr.org +// Submitted by B. Blechschmidt <hostmaster@certmgr.org> +certmgr.org + +// Citrix : https://citrix.com +// Submitted by Alex Stoddard <alex.stoddard@citrix.com> +xenapponazure.com + +// ClearVox : http://www.clearvox.nl/ +// Submitted by Leon Rowland <leon@clearvox.nl> +virtueeldomein.nl + +// Clever Cloud : https://www.clever-cloud.com/ +// Submitted by Quentin Adam <noc@clever-cloud.com> +cleverapps.io + +// Cloud66 : https://www.cloud66.com/ +// Submitted by Khash Sajadi <khash@cloud66.com> +c66.me +cloud66.ws + +// CloudAccess.net : https://www.cloudaccess.net/ +// Submitted by Pawel Panek <noc@cloudaccess.net> +jdevcloud.com +wpdevcloud.com +cloudaccess.host +freesite.host +cloudaccess.net + +// cloudControl : https://www.cloudcontrol.com/ +// Submitted by Tobias Wilken <tw@cloudcontrol.com> +cloudcontrolled.com +cloudcontrolapp.com + +// co.ca : http://registry.co.ca/ +co.ca + +// Co & Co : https://co-co.nl/ +// Submitted by Govert Versluis <govert@co-co.nl> +*.otap.co + +// i-registry s.r.o. : http://www.i-registry.cz/ +// Submitted by Martin Semrad <semrad@i-registry.cz> +co.cz + +// CDN77.com : http://www.cdn77.com +// Submitted by Jan Krpes <jan.krpes@cdn77.com> +c.cdn77.org +cdn77-ssl.net +r.cdn77.net +rsc.cdn77.org +ssl.origin.cdn77-secure.org + +// Cloud DNS Ltd : http://www.cloudns.net +// Submitted by Aleksander Hristov <noc@cloudns.net> +cloudns.asia +cloudns.biz +cloudns.club +cloudns.cc +cloudns.eu +cloudns.in +cloudns.info +cloudns.org +cloudns.pro +cloudns.pw +cloudns.us + +// Cloudeity Inc : https://cloudeity.com +// Submitted by Stefan Dimitrov <contact@cloudeity.com> +cloudeity.net + +// CNPY : https://cnpy.gdn +// Submitted by Angelo Gladding <angelo@lahacker.net> +cnpy.gdn + +// CoDNS B.V. +co.nl +co.no + +// Combell.com : https://www.combell.com +// Submitted by Thomas Wouters <thomas.wouters@combellgroup.com> +webhosting.be +hosting-cluster.nl + +// COSIMO GmbH : http://www.cosimo.de +// Submitted by Rene Marticke <rmarticke@cosimo.de> +dyn.cosidns.de +dynamisches-dns.de +dnsupdater.de +internet-dns.de +l-o-g-i-n.de +dynamic-dns.info +feste-ip.net +knx-server.net +static-access.net + +// Craynic, s.r.o. : http://www.craynic.com/ +// Submitted by Ales Krajnik <ales.krajnik@craynic.com> +realm.cz + +// Cryptonomic : https://cryptonomic.net/ +// Submitted by Andrew Cady <public-suffix-list@cryptonomic.net> +*.cryptonomic.net + +// Cupcake : https://cupcake.io/ +// Submitted by Jonathan Rudenberg <jonathan@cupcake.io> +cupcake.is + +// cyon GmbH : https://www.cyon.ch/ +// Submitted by Dominic Luechinger <dol@cyon.ch> +cyon.link +cyon.site + +// Daplie, Inc : https://daplie.com +// Submitted by AJ ONeal <aj@daplie.com> +daplie.me +localhost.daplie.me + +// Datto, Inc. : https://www.datto.com/ +// Submitted by Philipp Heckel <ph@datto.com> +dattolocal.com +dattorelay.com +dattoweb.com +mydatto.com +dattolocal.net +mydatto.net + +// Dansk.net : http://www.dansk.net/ +// Submitted by Anani Voule <digital@digital.co.dk> +biz.dk +co.dk +firm.dk +reg.dk +store.dk + +// Debian : https://www.debian.org/ +// Submitted by Peter Palfrader / Debian Sysadmin Team <dsa-publicsuffixlist@debian.org> +debian.net + +// deSEC : https://desec.io/ +// Submitted by Peter Thomassen <peter@desec.io> +dedyn.io + +// DNShome : https://www.dnshome.de/ +// Submitted by Norbert Auler <mail@dnshome.de> +dnshome.de + +// DrayTek Corp. : https://www.draytek.com/ +// Submitted by Paul Fang <mis@draytek.com> +drayddns.com + +// DreamHost : http://www.dreamhost.com/ +// Submitted by Andrew Farmer <andrew.farmer@dreamhost.com> +dreamhosters.com + +// Drobo : http://www.drobo.com/ +// Submitted by Ricardo Padilha <rpadilha@drobo.com> +mydrobo.com + +// Drud Holdings, LLC. : https://www.drud.com/ +// Submitted by Kevin Bridges <kevin@drud.com> +drud.io +drud.us + +// DuckDNS : http://www.duckdns.org/ +// Submitted by Richard Harper <richard@duckdns.org> +duckdns.org + +// dy.fi : http://dy.fi/ +// Submitted by Heikki Hannikainen <hessu@hes.iki.fi> +dy.fi +tunk.org + +// DynDNS.com : http://www.dyndns.com/services/dns/dyndns/ +dyndns-at-home.com +dyndns-at-work.com +dyndns-blog.com +dyndns-free.com +dyndns-home.com +dyndns-ip.com +dyndns-mail.com +dyndns-office.com +dyndns-pics.com +dyndns-remote.com +dyndns-server.com +dyndns-web.com +dyndns-wiki.com +dyndns-work.com +dyndns.biz +dyndns.info +dyndns.org +dyndns.tv +at-band-camp.net +ath.cx +barrel-of-knowledge.info +barrell-of-knowledge.info +better-than.tv +blogdns.com +blogdns.net +blogdns.org +blogsite.org +boldlygoingnowhere.org +broke-it.net +buyshouses.net +cechire.com +dnsalias.com +dnsalias.net +dnsalias.org +dnsdojo.com +dnsdojo.net +dnsdojo.org +does-it.net +doesntexist.com +doesntexist.org +dontexist.com +dontexist.net +dontexist.org +doomdns.com +doomdns.org +dvrdns.org +dyn-o-saur.com +dynalias.com +dynalias.net +dynalias.org +dynathome.net +dyndns.ws +endofinternet.net +endofinternet.org +endoftheinternet.org +est-a-la-maison.com +est-a-la-masion.com +est-le-patron.com +est-mon-blogueur.com +for-better.biz +for-more.biz +for-our.info +for-some.biz +for-the.biz +forgot.her.name +forgot.his.name +from-ak.com +from-al.com +from-ar.com +from-az.net +from-ca.com +from-co.net +from-ct.com +from-dc.com +from-de.com +from-fl.com +from-ga.com +from-hi.com +from-ia.com +from-id.com +from-il.com +from-in.com +from-ks.com +from-ky.com +from-la.net +from-ma.com +from-md.com +from-me.org +from-mi.com +from-mn.com +from-mo.com +from-ms.com +from-mt.com +from-nc.com +from-nd.com +from-ne.com +from-nh.com +from-nj.com +from-nm.com +from-nv.com +from-ny.net +from-oh.com +from-ok.com +from-or.com +from-pa.com +from-pr.com +from-ri.com +from-sc.com +from-sd.com +from-tn.com +from-tx.com +from-ut.com +from-va.com +from-vt.com +from-wa.com +from-wi.com +from-wv.com +from-wy.com +ftpaccess.cc +fuettertdasnetz.de +game-host.org +game-server.cc +getmyip.com +gets-it.net +go.dyndns.org +gotdns.com +gotdns.org +groks-the.info +groks-this.info +ham-radio-op.net +here-for-more.info +hobby-site.com +hobby-site.org +home.dyndns.org +homedns.org +homeftp.net +homeftp.org +homeip.net +homelinux.com +homelinux.net +homelinux.org +homeunix.com +homeunix.net +homeunix.org +iamallama.com +in-the-band.net +is-a-anarchist.com +is-a-blogger.com +is-a-bookkeeper.com +is-a-bruinsfan.org +is-a-bulls-fan.com +is-a-candidate.org +is-a-caterer.com +is-a-celticsfan.org +is-a-chef.com +is-a-chef.net +is-a-chef.org +is-a-conservative.com +is-a-cpa.com +is-a-cubicle-slave.com +is-a-democrat.com +is-a-designer.com +is-a-doctor.com +is-a-financialadvisor.com +is-a-geek.com +is-a-geek.net +is-a-geek.org +is-a-green.com +is-a-guru.com +is-a-hard-worker.com +is-a-hunter.com +is-a-knight.org +is-a-landscaper.com +is-a-lawyer.com +is-a-liberal.com +is-a-libertarian.com +is-a-linux-user.org +is-a-llama.com +is-a-musician.com +is-a-nascarfan.com +is-a-nurse.com +is-a-painter.com +is-a-patsfan.org +is-a-personaltrainer.com +is-a-photographer.com +is-a-player.com +is-a-republican.com +is-a-rockstar.com +is-a-socialist.com +is-a-soxfan.org +is-a-student.com +is-a-teacher.com +is-a-techie.com +is-a-therapist.com +is-an-accountant.com +is-an-actor.com +is-an-actress.com +is-an-anarchist.com +is-an-artist.com +is-an-engineer.com +is-an-entertainer.com +is-by.us +is-certified.com +is-found.org +is-gone.com +is-into-anime.com +is-into-cars.com +is-into-cartoons.com +is-into-games.com +is-leet.com +is-lost.org +is-not-certified.com +is-saved.org +is-slick.com +is-uberleet.com +is-very-bad.org +is-very-evil.org +is-very-good.org +is-very-nice.org +is-very-sweet.org +is-with-theband.com +isa-geek.com +isa-geek.net +isa-geek.org +isa-hockeynut.com +issmarterthanyou.com +isteingeek.de +istmein.de +kicks-ass.net +kicks-ass.org +knowsitall.info +land-4-sale.us +lebtimnetz.de +leitungsen.de +likes-pie.com +likescandy.com +merseine.nu +mine.nu +misconfused.org +mypets.ws +myphotos.cc +neat-url.com +office-on-the.net +on-the-web.tv +podzone.net +podzone.org +readmyblog.org +saves-the-whales.com +scrapper-site.net +scrapping.cc +selfip.biz +selfip.com +selfip.info +selfip.net +selfip.org +sells-for-less.com +sells-for-u.com +sells-it.net +sellsyourhome.org +servebbs.com +servebbs.net +servebbs.org +serveftp.net +serveftp.org +servegame.org +shacknet.nu +simple-url.com +space-to-rent.com +stuff-4-sale.org +stuff-4-sale.us +teaches-yoga.com +thruhere.net +traeumtgerade.de +webhop.biz +webhop.info +webhop.net +webhop.org +worse-than.tv +writesthisblog.com + +// ddnss.de : https://www.ddnss.de/ +// Submitted by Robert Niedziela <webmaster@ddnss.de> +ddnss.de +dyn.ddnss.de +dyndns.ddnss.de +dyndns1.de +dyn-ip24.de +home-webserver.de +dyn.home-webserver.de +myhome-server.de +ddnss.org + +// Definima : http://www.definima.com/ +// Submitted by Maxence Bitterli <maxence@definima.com> +definima.net +definima.io + +// dnstrace.pro : https://dnstrace.pro/ +// Submitted by Chris Partridge <chris@partridge.tech> +bci.dnstrace.pro + +// Dynu.com : https://www.dynu.com/ +// Submitted by Sue Ye <sue@dynu.com> +ddnsfree.com +ddnsgeek.com +giize.com +gleeze.com +kozow.com +loseyourip.com +ooguy.com +theworkpc.com +casacam.net +dynu.net +accesscam.org +camdvr.org +freeddns.org +mywire.org +webredirect.org +myddns.rocks +blogsite.xyz + +// dynv6 : https://dynv6.com +// Submitted by Dominik Menke <dom@digineo.de> +dynv6.net + +// E4YOU spol. s.r.o. : https://e4you.cz/ +// Submitted by Vladimir Dudr <info@e4you.cz> +e4.cz + +// Enalean SAS: https://www.enalean.com +// Submitted by Thomas Cottier <thomas.cottier@enalean.com> +mytuleap.com + +// Enonic : http://enonic.com/ +// Submitted by Erik Kaareng-Sunde <esu@enonic.com> +enonic.io +customer.enonic.io + +// EU.org https://eu.org/ +// Submitted by Pierre Beyssac <hostmaster@eu.org> +eu.org +al.eu.org +asso.eu.org +at.eu.org +au.eu.org +be.eu.org +bg.eu.org +ca.eu.org +cd.eu.org +ch.eu.org +cn.eu.org +cy.eu.org +cz.eu.org +de.eu.org +dk.eu.org +edu.eu.org +ee.eu.org +es.eu.org +fi.eu.org +fr.eu.org +gr.eu.org +hr.eu.org +hu.eu.org +ie.eu.org +il.eu.org +in.eu.org +int.eu.org +is.eu.org +it.eu.org +jp.eu.org +kr.eu.org +lt.eu.org +lu.eu.org +lv.eu.org +mc.eu.org +me.eu.org +mk.eu.org +mt.eu.org +my.eu.org +net.eu.org +ng.eu.org +nl.eu.org +no.eu.org +nz.eu.org +paris.eu.org +pl.eu.org +pt.eu.org +q-a.eu.org +ro.eu.org +ru.eu.org +se.eu.org +si.eu.org +sk.eu.org +tr.eu.org +uk.eu.org +us.eu.org + +// Evennode : http://www.evennode.com/ +// Submitted by Michal Kralik <support@evennode.com> +eu-1.evennode.com +eu-2.evennode.com +eu-3.evennode.com +eu-4.evennode.com +us-1.evennode.com +us-2.evennode.com +us-3.evennode.com +us-4.evennode.com + +// eDirect Corp. : https://hosting.url.com.tw/ +// Submitted by C.S. chang <cschang@corp.url.com.tw> +twmail.cc +twmail.net +twmail.org +mymailer.com.tw +url.tw + +// Facebook, Inc. +// Submitted by Peter Ruibal <public-suffix@fb.com> +apps.fbsbx.com + +// FAITID : https://faitid.org/ +// Submitted by Maxim Alzoba <tech.contact@faitid.org> +// https://www.flexireg.net/stat_info +ru.net +adygeya.ru +bashkiria.ru +bir.ru +cbg.ru +com.ru +dagestan.ru +grozny.ru +kalmykia.ru +kustanai.ru +marine.ru +mordovia.ru +msk.ru +mytis.ru +nalchik.ru +nov.ru +pyatigorsk.ru +spb.ru +vladikavkaz.ru +vladimir.ru +abkhazia.su +adygeya.su +aktyubinsk.su +arkhangelsk.su +armenia.su +ashgabad.su +azerbaijan.su +balashov.su +bashkiria.su +bryansk.su +bukhara.su +chimkent.su +dagestan.su +east-kazakhstan.su +exnet.su +georgia.su +grozny.su +ivanovo.su +jambyl.su +kalmykia.su +kaluga.su +karacol.su +karaganda.su +karelia.su +khakassia.su +krasnodar.su +kurgan.su +kustanai.su +lenug.su +mangyshlak.su +mordovia.su +msk.su +murmansk.su +nalchik.su +navoi.su +north-kazakhstan.su +nov.su +obninsk.su +penza.su +pokrovsk.su +sochi.su +spb.su +tashkent.su +termez.su +togliatti.su +troitsk.su +tselinograd.su +tula.su +tuva.su +vladikavkaz.su +vladimir.su +vologda.su + +// Fancy Bits, LLC : http://getchannels.com +// Submitted by Aman Gupta <aman@getchannels.com> +channelsdvr.net + +// Fastly Inc. : http://www.fastly.com/ +// Submitted by Fastly Security <security@fastly.com> +fastlylb.net +map.fastlylb.net +freetls.fastly.net +map.fastly.net +a.prod.fastly.net +global.prod.fastly.net +a.ssl.fastly.net +b.ssl.fastly.net +global.ssl.fastly.net + +// FASTVPS EESTI OU : https://fastvps.ru/ +// Submitted by Likhachev Vasiliy <lihachev@fastvps.ru> +fastpanel.direct +fastvps-server.com + +// Featherhead : https://featherhead.xyz/ +// Submitted by Simon Menke <simon@featherhead.xyz> +fhapp.xyz + +// Fedora : https://fedoraproject.org/ +// submitted by Patrick Uiterwijk <puiterwijk@fedoraproject.org> +fedorainfracloud.org +fedorapeople.org +cloud.fedoraproject.org +app.os.fedoraproject.org +app.os.stg.fedoraproject.org + +// Filegear Inc. : https://www.filegear.com +// Submitted by Jason Zhu <jason@owtware.com> +filegear.me + +// Firebase, Inc. +// Submitted by Chris Raynor <chris@firebase.com> +firebaseapp.com + +// Flynn : https://flynn.io +// Submitted by Jonathan Rudenberg <jonathan@flynn.io> +flynnhub.com +flynnhosting.net + +// Freebox : http://www.freebox.fr +// Submitted by Romain Fliedel <rfliedel@freebox.fr> +freebox-os.com +freeboxos.com +fbx-os.fr +fbxos.fr +freebox-os.fr +freeboxos.fr + +// freedesktop.org : https://www.freedesktop.org +// Submitted by Daniel Stone <daniel@fooishbar.org> +freedesktop.org + +// Futureweb OG : http://www.futureweb.at +// Submitted by Andreas Schnederle-Wagner <schnederle@futureweb.at> +*.futurecms.at +*.ex.futurecms.at +*.in.futurecms.at +futurehosting.at +futuremailing.at +*.ex.ortsinfo.at +*.kunden.ortsinfo.at +*.statics.cloud + +// GDS : https://www.gov.uk/service-manual/operations/operating-servicegovuk-subdomains +// Submitted by David Illsley <david.illsley@digital.cabinet-office.gov.uk> +service.gov.uk + +// GitHub, Inc. +// Submitted by Patrick Toomey <security@github.com> +github.io +githubusercontent.com + +// GitLab, Inc. +// Submitted by Alex Hanselka <alex@gitlab.com> +gitlab.io + +// UKHomeOffice : https://www.gov.uk/government/organisations/home-office +// Submitted by Jon Shanks <jon.shanks@digital.homeoffice.gov.uk> +homeoffice.gov.uk + +// GlobeHosting, Inc. +// Submitted by Zoltan Egresi <egresi@globehosting.com> +ro.im +shop.ro + +// GoIP DNS Services : http://www.goip.de +// Submitted by Christian Poulter <milchstrasse@goip.de> +goip.de + +// Google, Inc. +// Submitted by Eduardo Vela <evn@google.com> +*.0emm.com +appspot.com +blogspot.ae +blogspot.al +blogspot.am +blogspot.ba +blogspot.be +blogspot.bg +blogspot.bj +blogspot.ca +blogspot.cf +blogspot.ch +blogspot.cl +blogspot.co.at +blogspot.co.id +blogspot.co.il +blogspot.co.ke +blogspot.co.nz +blogspot.co.uk +blogspot.co.za +blogspot.com +blogspot.com.ar +blogspot.com.au +blogspot.com.br +blogspot.com.by +blogspot.com.co +blogspot.com.cy +blogspot.com.ee +blogspot.com.eg +blogspot.com.es +blogspot.com.mt +blogspot.com.ng +blogspot.com.tr +blogspot.com.uy +blogspot.cv +blogspot.cz +blogspot.de +blogspot.dk +blogspot.fi +blogspot.fr +blogspot.gr +blogspot.hk +blogspot.hr +blogspot.hu +blogspot.ie +blogspot.in +blogspot.is +blogspot.it +blogspot.jp +blogspot.kr +blogspot.li +blogspot.lt +blogspot.lu +blogspot.md +blogspot.mk +blogspot.mr +blogspot.mx +blogspot.my +blogspot.nl +blogspot.no +blogspot.pe +blogspot.pt +blogspot.qa +blogspot.re +blogspot.ro +blogspot.rs +blogspot.ru +blogspot.se +blogspot.sg +blogspot.si +blogspot.sk +blogspot.sn +blogspot.td +blogspot.tw +blogspot.ug +blogspot.vn +cloudfunctions.net +cloud.goog +codespot.com +googleapis.com +googlecode.com +pagespeedmobilizer.com +publishproxy.com +withgoogle.com +withyoutube.com + +// Hashbang : https://hashbang.sh +hashbang.sh + +// Hasura : https://hasura.io +// Submitted by Shahidh K Muhammed <shahidh@hasura.io> +hasura.app +hasura-app.io + +// Hepforge : https://www.hepforge.org +// Submitted by David Grellscheid <admin@hepforge.org> +hepforge.org + +// Heroku : https://www.heroku.com/ +// Submitted by Tom Maher <tmaher@heroku.com> +herokuapp.com +herokussl.com + +// Hibernating Rhinos +// Submitted by Oren Eini <oren@ravendb.net> +myravendb.com +ravendb.community +ravendb.me +development.run +ravendb.run + +// Ici la Lune : http://www.icilalune.com/ +// Submitted by Simon Morvan <simon@icilalune.com> +moonscale.net + +// iki.fi +// Submitted by Hannu Aronsson <haa@iki.fi> +iki.fi + +// info.at : http://www.info.at/ +biz.at +info.at + +// info.cx : http://info.cx +// Submitted by Jacob Slater <whois@igloo.to> +info.cx + +// Interlegis : http://www.interlegis.leg.br +// Submitted by Gabriel Ferreira <registrobr@interlegis.leg.br> +ac.leg.br +al.leg.br +am.leg.br +ap.leg.br +ba.leg.br +ce.leg.br +df.leg.br +es.leg.br +go.leg.br +ma.leg.br +mg.leg.br +ms.leg.br +mt.leg.br +pa.leg.br +pb.leg.br +pe.leg.br +pi.leg.br +pr.leg.br +rj.leg.br +rn.leg.br +ro.leg.br +rr.leg.br +rs.leg.br +sc.leg.br +se.leg.br +sp.leg.br +to.leg.br + +// intermetrics GmbH : https://pixolino.com/ +// Submitted by Wolfgang Schwarz <admin@intermetrics.de> +pixolino.com + +// IPiFony Systems, Inc. : https://www.ipifony.com/ +// Submitted by Matthew Hardeman <mhardeman@ipifony.com> +ipifony.net + +// IServ GmbH : https://iserv.eu +// Submitted by Kim-Alexander Brodowski <kim.brodowski@iserv.eu> +mein-iserv.de +test-iserv.de + +// Jino : https://www.jino.ru +// Submitted by Sergey Ulyashin <ulyashin@jino.ru> +myjino.ru +*.hosting.myjino.ru +*.landing.myjino.ru +*.spectrum.myjino.ru +*.vps.myjino.ru + +// Joyent : https://www.joyent.com/ +// Submitted by Brian Bennett <brian.bennett@joyent.com> +*.triton.zone +*.cns.joyent.com + +// JS.ORG : http://dns.js.org +// Submitted by Stefan Keim <admin@js.org> +js.org + +// Keyweb AG : https://www.keyweb.de +// Submitted by Martin Dannehl <postmaster@keymachine.de> +keymachine.de + +// KnightPoint Systems, LLC : http://www.knightpoint.com/ +// Submitted by Roy Keene <rkeene@knightpoint.com> +knightpoint.systems + +// .KRD : http://nic.krd/data/krd/Registration%20Policy.pdf +co.krd +edu.krd + +// LCube - Professional hosting e.K. : https://www.lcube-webhosting.de +// Submitted by Lars Laehn <info@lcube.de> +git-repos.de +lcube-server.de +svn-repos.de + +// Lightmaker Property Manager, Inc. : https://app.lmpm.com/ +// Submitted by Greg Holland <greg.holland@lmpm.com> +app.lmpm.com + +// Linki Tools UG : https://linki.tools +// Submitted by Paulo Matos <pmatos@linki.tools> +linkitools.space + +// linkyard ldt: https://www.linkyard.ch/ +// Submitted by Mario Siegenthaler <mario.siegenthaler@linkyard.ch> +linkyard.cloud +linkyard-cloud.ch + +// LiquidNet Ltd : http://www.liquidnetlimited.com/ +// Submitted by Victor Velchev <admin@liquidnetlimited.com> +we.bs + +// Lug.org.uk : https://lug.org.uk +// Submitted by Jon Spriggs <admin@lug.org.uk> +uklugs.org +glug.org.uk +lug.org.uk +lugs.org.uk + +// Lukanet Ltd : https://lukanet.com +// Submitted by Anton Avramov <register@lukanet.com> +barsy.bg +barsy.co.uk +barsyonline.co.uk +barsycenter.com +barsyonline.com +barsy.club +barsy.de +barsy.eu +barsy.in +barsy.info +barsy.io +barsy.me +barsy.menu +barsy.mobi +barsy.net +barsy.online +barsy.org +barsy.pro +barsy.pub +barsy.shop +barsy.site +barsy.support +barsy.uk + +// Magento Commerce +// Submitted by Damien Tournoud <dtournoud@magento.cloud> +*.magentosite.cloud + +// May First - People Link : https://mayfirst.org/ +// Submitted by Jamie McClelland <info@mayfirst.org> +mayfirst.info +mayfirst.org + +// Mail.Ru Group : https://hb.cldmail.ru +// Submitted by Ilya Zaretskiy <zaretskiy@corp.mail.ru> +hb.cldmail.ru + +// Memset hosting : https://www.memset.com +// Submitted by Tom Whitwell <domains@memset.com> +miniserver.com +memset.net + +// MetaCentrum, CESNET z.s.p.o. : https://www.metacentrum.cz/en/ +// Submitted by Zdeněk Šustr <zdenek.sustr@cesnet.cz> +cloud.metacentrum.cz +custom.metacentrum.cz + +// MetaCentrum, CESNET z.s.p.o. : https://www.metacentrum.cz/en/ +// Submitted by Radim Janča <janca@cesnet.cz> +flt.cloud.muni.cz +usr.cloud.muni.cz + +// Meteor Development Group : https://www.meteor.com/hosting +// Submitted by Pierre Carrier <pierre@meteor.com> +meteorapp.com +eu.meteorapp.com + +// Michau Enterprises Limited : http://www.co.pl/ +co.pl + +// Microsoft Corporation : http://microsoft.com +// Submitted by Justin Luk <juluk@microsoft.com> +azurecontainer.io +azurewebsites.net +azure-mobile.net +cloudapp.net + +// Mozilla Corporation : https://mozilla.com +// Submitted by Ben Francis <bfrancis@mozilla.com> +mozilla-iot.org + +// Mozilla Foundation : https://mozilla.org/ +// Submitted by glob <glob@mozilla.com> +bmoattachments.org + +// MSK-IX : https://www.msk-ix.ru/ +// Submitted by Khannanov Roman <r.khannanov@msk-ix.ru> +net.ru +org.ru +pp.ru + +// Netlify : https://www.netlify.com +// Submitted by Jessica Parsons <jessica@netlify.com> +bitballoon.com +netlify.com + +// Neustar Inc. +// Submitted by Trung Tran <Trung.Tran@neustar.biz> +4u.com + +// ngrok : https://ngrok.com/ +// Submitted by Alan Shreve <alan@ngrok.com> +ngrok.io + +// Nimbus Hosting Ltd. : https://www.nimbushosting.co.uk/ +// Submitted by Nicholas Ford <nick@nimbushosting.co.uk> +nh-serv.co.uk + +// NFSN, Inc. : https://www.NearlyFreeSpeech.NET/ +// Submitted by Jeff Wheelhouse <support@nearlyfreespeech.net> +nfshost.com + +// Now-DNS : https://now-dns.com +// Submitted by Steve Russell <steve@now-dns.com> +dnsking.ch +mypi.co +n4t.co +001www.com +ddnslive.com +myiphost.com +forumz.info +16-b.it +32-b.it +64-b.it +soundcast.me +tcp4.me +dnsup.net +hicam.net +now-dns.net +ownip.net +vpndns.net +dynserv.org +now-dns.org +x443.pw +now-dns.top +ntdll.top +freeddns.us +crafting.xyz +zapto.xyz + +// nsupdate.info : https://www.nsupdate.info/ +// Submitted by Thomas Waldmann <info@nsupdate.info> +nsupdate.info +nerdpol.ovh + +// No-IP.com : https://noip.com/ +// Submitted by Deven Reza <publicsuffixlist@noip.com> +blogsyte.com +brasilia.me +cable-modem.org +ciscofreak.com +collegefan.org +couchpotatofries.org +damnserver.com +ddns.me +ditchyourip.com +dnsfor.me +dnsiskinky.com +dvrcam.info +dynns.com +eating-organic.net +fantasyleague.cc +geekgalaxy.com +golffan.us +health-carereform.com +homesecuritymac.com +homesecuritypc.com +hopto.me +ilovecollege.info +loginto.me +mlbfan.org +mmafan.biz +myactivedirectory.com +mydissent.net +myeffect.net +mymediapc.net +mypsx.net +mysecuritycamera.com +mysecuritycamera.net +mysecuritycamera.org +net-freaks.com +nflfan.org +nhlfan.net +no-ip.ca +no-ip.co.uk +no-ip.net +noip.us +onthewifi.com +pgafan.net +point2this.com +pointto.us +privatizehealthinsurance.net +quicksytes.com +read-books.org +securitytactics.com +serveexchange.com +servehumour.com +servep2p.com +servesarcasm.com +stufftoread.com +ufcfan.org +unusualperson.com +workisboring.com +3utilities.com +bounceme.net +ddns.net +ddnsking.com +gotdns.ch +hopto.org +myftp.biz +myftp.org +myvnc.com +no-ip.biz +no-ip.info +no-ip.org +noip.me +redirectme.net +servebeer.com +serveblog.net +servecounterstrike.com +serveftp.com +servegame.com +servehalflife.com +servehttp.com +serveirc.com +serveminecraft.net +servemp3.com +servepics.com +servequake.com +sytes.net +webhop.me +zapto.org + +// NodeArt : https://nodeart.io +// Submitted by Konstantin Nosov <Nosov@nodeart.io> +stage.nodeart.io + +// Nodum B.V. : https://nodum.io/ +// Submitted by Wietse Wind <hello+publicsuffixlist@nodum.io> +nodum.co +nodum.io + +// Nucleos Inc. : https://nucleos.com +// Submitted by Piotr Zduniak <piotr@nucleos.com> +pcloud.host + +// NYC.mn : http://www.information.nyc.mn +// Submitted by Matthew Brown <mattbrown@nyc.mn> +nyc.mn + +// NymNom : https://nymnom.com/ +// Submitted by Dave McCormack <dave.mccormack@nymnom.com> +nom.ae +nom.af +nom.ai +nom.al +nym.by +nym.bz +nom.cl +nom.gd +nom.ge +nom.gl +nym.gr +nom.gt +nym.gy +nom.hn +nym.ie +nom.im +nom.ke +nym.kz +nym.la +nym.lc +nom.li +nym.li +nym.lt +nym.lu +nym.me +nom.mk +nym.mn +nym.mx +nom.nu +nym.nz +nym.pe +nym.pt +nom.pw +nom.qa +nym.ro +nom.rs +nom.si +nym.sk +nom.st +nym.su +nym.sx +nom.tj +nym.tw +nom.ug +nom.uy +nom.vc +nom.vg + +// Octopodal Solutions, LLC. : https://ulterius.io/ +// Submitted by Andrew Sampson <andrew@ulterius.io> +cya.gg + +// Omnibond Systems, LLC. : https://www.omnibond.com +// Submitted by Cole Estep <cole@omnibond.com> +cloudycluster.net + +// One Fold Media : http://www.onefoldmedia.com/ +// Submitted by Eddie Jones <eddie@onefoldmedia.com> +nid.io + +// OpenCraft GmbH : http://opencraft.com/ +// Submitted by Sven Marnach <sven@opencraft.com> +opencraft.hosting + +// Opera Software, A.S.A. +// Submitted by Yngve Pettersen <yngve@opera.com> +operaunite.com + +// OutSystems +// Submitted by Duarte Santos <domain-admin@outsystemscloud.com> +outsystemscloud.com + +// OwnProvider GmbH: http://www.ownprovider.com +// Submitted by Jan Moennich <jan.moennich@ownprovider.com> +ownprovider.com +own.pm + +// OX : http://www.ox.rs +// Submitted by Adam Grand <webmaster@mail.ox.rs> +ox.rs + +// oy.lc +// Submitted by Charly Coste <changaco@changaco.oy.lc> +oy.lc + +// Pagefog : https://pagefog.com/ +// Submitted by Derek Myers <derek@pagefog.com> +pgfog.com + +// Pagefront : https://www.pagefronthq.com/ +// Submitted by Jason Kriss <jason@pagefronthq.com> +pagefrontapp.com + +// .pl domains (grandfathered) +art.pl +gliwice.pl +krakow.pl +poznan.pl +wroc.pl +zakopane.pl + +// Pantheon Systems, Inc. : https://pantheon.io/ +// Submitted by Gary Dylina <gary@pantheon.io> +pantheonsite.io +gotpantheon.com + +// Peplink | Pepwave : http://peplink.com/ +// Submitted by Steve Leung <steveleung@peplink.com> +mypep.link + +// Planet-Work : https://www.planet-work.com/ +// Submitted by Frédéric VANNIÈRE <f.vanniere@planet-work.com> +on-web.fr + +// Platform.sh : https://platform.sh +// Submitted by Nikola Kotur <nikola@platform.sh> +*.platform.sh +*.platformsh.site + +// prgmr.com : https://prgmr.com/ +// Submitted by Sarah Newman <owner@prgmr.com> +xen.prgmr.com + +// priv.at : http://www.nic.priv.at/ +// Submitted by registry <lendl@nic.at> +priv.at + +// Protonet GmbH : http://protonet.io +// Submitted by Martin Meier <admin@protonet.io> +protonet.io + +// Publication Presse Communication SARL : https://ppcom.fr +// Submitted by Yaacov Akiba Slama <admin@chirurgiens-dentistes-en-france.fr> +chirurgiens-dentistes-en-france.fr +byen.site + +// Russian Academy of Sciences +// Submitted by Tech Support <support@rasnet.ru> +ras.ru + +// QA2 +// Submitted by Daniel Dent (https://www.danieldent.com/) +qa2.com + +// QNAP System Inc : https://www.qnap.com +// Submitted by Nick Chang <nickchang@qnap.com> +dev-myqnapcloud.com +alpha-myqnapcloud.com +myqnapcloud.com + +// Quip : https://quip.com +// Submitted by Patrick Linehan <plinehan@quip.com> +*.quipelements.com + +// Qutheory LLC : http://qutheory.io +// Submitted by Jonas Schwartz <jonas@qutheory.io> +vapor.cloud +vaporcloud.io + +// Rackmaze LLC : https://www.rackmaze.com +// Submitted by Kirill Pertsev <kika@rackmaze.com> +rackmaze.com +rackmaze.net + +// Red Hat, Inc. OpenShift : https://openshift.redhat.com/ +// Submitted by Tim Kramer <tkramer@rhcloud.com> +rhcloud.com + +// Resin.io : https://resin.io +// Submitted by Tim Perry <tim@resin.io> +resindevice.io +devices.resinstaging.io + +// RethinkDB : https://www.rethinkdb.com/ +// Submitted by Chris Kastorff <info@rethinkdb.com> +hzc.io + +// Revitalised Limited : http://www.revitalised.co.uk +// Submitted by Jack Price <jack@revitalised.co.uk> +wellbeingzone.eu +ptplus.fit +wellbeingzone.co.uk + +// Sandstorm Development Group, Inc. : https://sandcats.io/ +// Submitted by Asheesh Laroia <asheesh@sandstorm.io> +sandcats.io + +// SBE network solutions GmbH : https://www.sbe.de/ +// Submitted by Norman Meilick <nm@sbe.de> +logoip.de +logoip.com + +// schokokeks.org GbR : https://schokokeks.org/ +// Submitted by Hanno Böck <hanno@schokokeks.org> +schokokeks.net + +// Scry Security : http://www.scrysec.com +// Submitted by Shante Adam <shante@skyhat.io> +scrysec.com + +// Securepoint GmbH : https://www.securepoint.de +// Submitted by Erik Anders <erik.anders@securepoint.de> +firewall-gateway.com +firewall-gateway.de +my-gateway.de +my-router.de +spdns.de +spdns.eu +firewall-gateway.net +my-firewall.org +myfirewall.org +spdns.org + +// SensioLabs, SAS : https://sensiolabs.com/ +// Submitted by Fabien Potencier <fabien.potencier@sensiolabs.com> +*.s5y.io +*.sensiosite.cloud + +// Service Online LLC : http://drs.ua/ +// Submitted by Serhii Bulakh <support@drs.ua> +biz.ua +co.ua +pp.ua + +// ShiftEdit : https://shiftedit.net/ +// Submitted by Adam Jimenez <adam@shiftcreate.com> +shiftedit.io + +// Shopblocks : http://www.shopblocks.com/ +// Submitted by Alex Bowers <alex@shopblocks.com> +myshopblocks.com + +// SinaAppEngine : http://sae.sina.com.cn/ +// Submitted by SinaAppEngine <saesupport@sinacloud.com> +1kapp.com +appchizi.com +applinzi.com +sinaapp.com +vipsinaapp.com + +// Skyhat : http://www.skyhat.io +// Submitted by Shante Adam <shante@skyhat.io> +bounty-full.com +alpha.bounty-full.com +beta.bounty-full.com + +// staticland : https://static.land +// Submitted by Seth Vincent <sethvincent@gmail.com> +static.land +dev.static.land +sites.static.land + +// SourceLair PC : https://www.sourcelair.com +// Submitted by Antonis Kalipetis <akalipetis@sourcelair.com> +apps.lair.io +*.stolos.io + +// SpaceKit : https://www.spacekit.io/ +// Submitted by Reza Akhavan <spacekit.io@gmail.com> +spacekit.io + +// SpeedPartner GmbH: https://www.speedpartner.de/ +// Submitted by Stefan Neufeind <info@speedpartner.de> +customer.speedpartner.de + +// Stackspace : https://www.stackspace.io/ +// Submitted by Lina He <info@stackspace.io> +stackspace.space + +// Storj Labs Inc. : https://storj.io/ +// Submitted by Philip Hutchins <hostmaster@storj.io> +storj.farm + +// Studenten Net Twente : http://www.snt.utwente.nl/ +// Submitted by Silke Hofstra <syscom@snt.utwente.nl> +utwente.io + +// Sub 6 Limited: http://www.sub6.com +// Submitted by Dan Miller <dm@sub6.com> +temp-dns.com + +// Synology, Inc. : https://www.synology.com/ +// Submitted by Rony Weng <ronyweng@synology.com> +diskstation.me +dscloud.biz +dscloud.me +dscloud.mobi +dsmynas.com +dsmynas.net +dsmynas.org +familyds.com +familyds.net +familyds.org +i234.me +myds.me +synology.me +vpnplus.to + +// TAIFUN Software AG : http://taifun-software.de +// Submitted by Bjoern Henke <dev-server@taifun-software.de> +taifun-dns.de + +// TASK geographical domains (www.task.gda.pl/uslugi/dns) +gda.pl +gdansk.pl +gdynia.pl +med.pl +sopot.pl + +// The Gwiddle Foundation : https://gwiddlefoundation.org.uk +// Submitted by Joshua Bayfield <joshua.bayfield@gwiddlefoundation.org.uk> +gwiddle.co.uk + +// Thingdust AG : https://thingdust.com/ +// Submitted by Adrian Imboden <adi@thingdust.com> +cust.dev.thingdust.io +cust.disrec.thingdust.io +cust.prod.thingdust.io +cust.testing.thingdust.io + +// TownNews.com : http://www.townnews.com +// Submitted by Dustin Ward <dward@townnews.com> +bloxcms.com +townnews-staging.com + +// TrafficPlex GmbH : https://www.trafficplex.de/ +// Submitted by Phillipp Röll <phillipp.roell@trafficplex.de> +12hp.at +2ix.at +4lima.at +lima-city.at +12hp.ch +2ix.ch +4lima.ch +lima-city.ch +trafficplex.cloud +de.cool +12hp.de +2ix.de +4lima.de +lima-city.de +1337.pictures +clan.rip +lima-city.rocks +webspace.rocks +lima.zone + +// TransIP : htts://www.transip.nl +// Submitted by Rory Breuk <rbreuk@transip.nl> +*.transurl.be +*.transurl.eu +*.transurl.nl + +// TuxFamily : http://tuxfamily.org +// Submitted by TuxFamily administrators <adm@staff.tuxfamily.org> +tuxfamily.org + +// TwoDNS : https://www.twodns.de/ +// Submitted by TwoDNS-Support <support@two-dns.de> +dd-dns.de +diskstation.eu +diskstation.org +dray-dns.de +draydns.de +dyn-vpn.de +dynvpn.de +mein-vigor.de +my-vigor.de +my-wan.de +syno-ds.de +synology-diskstation.de +synology-ds.de + +// Uberspace : https://uberspace.de +// Submitted by Moritz Werner <mwerner@jonaspasche.com> +uber.space +*.uberspace.de + +// UDR Limited : http://www.udr.hk.com +// Submitted by registry <hostmaster@udr.hk.com> +hk.com +hk.org +ltd.hk +inc.hk + +// United Gameserver GmbH : https://united-gameserver.de +// Submitted by Stefan Schwarz <sysadm@united-gameserver.de> +virtualuser.de +virtual-user.de + +// .US +// Submitted by Ed Moore <Ed.Moore@lib.de.us> +lib.de.us + +// VeryPositive SIA : http://very.lv +// Submitted by Danko Aleksejevs <danko@very.lv> +2038.io + +// Viprinet Europe GmbH : http://www.viprinet.com +// Submitted by Simon Kissel <hostmaster@viprinet.com> +router.management + +// Virtual-Info : https://www.virtual-info.info/ +// Submitted by Adnan RIHAN <hostmaster@v-info.info> +v-info.info + +// WeDeploy by Liferay, Inc. : https://www.wedeploy.com +// Submitted by Henrique Vicente <security@wedeploy.com> +wedeploy.io +wedeploy.me +wedeploy.sh + +// Western Digital Technologies, Inc : https://www.wdc.com +// Submitted by Jung Jin <jungseok.jin@wdc.com> +remotewd.com + +// Wikimedia Labs : https://wikitech.wikimedia.org +// Submitted by Yuvi Panda <yuvipanda@wikimedia.org> +wmflabs.org + +// XenonCloud GbR: https://xenoncloud.net +// Submitted by Julian Uphoff <publicsuffixlist@xenoncloud.net> +half.host + +// XnBay Technology : http://www.xnbay.com/ +// Submitted by XnBay Developer <developer.xncloud@gmail.com> +xnbay.com +u2.xnbay.com +u2-local.xnbay.com + +// XS4ALL Internet bv : https://www.xs4all.nl/ +// Submitted by Daniel Mostertman <unixbeheer+publicsuffix@xs4all.net> +cistron.nl +demon.nl +xs4all.space + +// YesCourse Pty Ltd : https://yescourse.com +// Submitted by Atul Bhouraskar <atul@yescourse.com> +official.academy + +// Yola : https://www.yola.com/ +// Submitted by Stefano Rivera <stefano@yola.com> +yolasite.com + +// Yombo : https://yombo.net +// Submitted by Mitch Schwenk <mitch@yombo.net> +ybo.faith +yombo.me +homelink.one +ybo.party +ybo.review +ybo.science +ybo.trade + +// Yunohost : https://yunohost.org +// Submitted by Valentin Grimaud <security@yunohost.org> +nohost.me +noho.st + +// ZaNiC : http://www.za.net/ +// Submitted by registry <hostmaster@nic.za.net> +za.net +za.org + +// Zeit, Inc. : https://zeit.domains/ +// Submitted by Olli Vanhoja <olli@zeit.co> +now.sh + +// Zone.id : https://zone.id/ +// Submitted by Su Hendro <admin@zone.id> +zone.id + +// ===END PRIVATE DOMAINS=== diff --git a/TLD/tld.js b/TLD/tld.js new file mode 100644 index 0000000..b127b2e --- /dev/null +++ b/TLD/tld.js @@ -0,0 +1,46 @@ +var tld = { + normalize(d) { return d; }, + + isIp(d) { return this._ipRx.test(d); }, + + getDomain(domain) { + if (domain === "localhost" || this.isIp(domain)) return domain; + + domain = this.normalize(domain); + var pos = domain.search(this._tldEx); + if(pos === -1 ) { + pos = domain.search(this._tldRx); + if (pos === -1) { + // TLD not in the public suffix list, fall back to the "one-dot rule" + pos = domain.lastIndexOf("."); + if (pos === -1) { + return ""; + } + } + pos = domain.lastIndexOf(".", pos - 1) + 1; + } else if(domain[pos] == ".") { + ++pos; + } + return pos <= 0 ? domain : domain.substring(pos); + }, + + getPublicSuffix(domain) { + if (this.isIp(domain)) return ""; + + domain = this.normalize(domain); + var pos = domain.search(this._tldEx); + if(pos < 0) { + pos = domain.search(this._tldRx); + if(pos >= 0 && domain[pos] == ".") pos++; + } else { + pos = domain.indexOf(".", pos + 1) + 1; + } + return pos < 0 ? "" : domain.substring(pos); + }, + + _ipRx: /^(?:0\.|[1-9]\d{0,2}\.){3}(?:0|[1-9]\d{0,2})$|:.*:/i, + + _tldRx: /(?:\.|^)(?:s(?:h(?:i(?:(?:m(?:o(?:(?:go\.fukushim|fusa\.chib|ji\.okinaw|ichi\.nar)a|k(?:awa\.hokkaido|itayama\.nara)|n(?:oseki\.yamaguchi|ita\.gunma)|tsu(?:ke\.tochig|ma\.ibarak)i|da(?:te\.ibaraki|\.shizuoka)|suwa\.nagano)|a(?:m(?:aki\.hokkaido|oto\.osaka)|(?:(?:ne\.shima)?n|\.mi)e|bara\.nagasaki|da\.shizuoka)|izu\.(?:hokkaido|shizuoka))|n(?:(?:a(?:nomachi\.nagan|gawa\.toky)|onsen\.hyog)o|g(?:u\.(?:(?:wakayam|fukuok)a|hyogo)|o\.aomori)|j(?:o\.(?:yamagat|okayam|nar)a|uku\.tokyo)|to(?:ku\.hokkaido|mi\.miyazaki|\.gunma)|(?:yoshitomi\.fukuok|ichi\.hiroshim)a|shi(?:notsu\.hokkaido|ro\.aichi)|kamigoto\.nagasaki)|r(?:a(?:k(?:awa\.(?:fukushima|gifu)|o\.chiba)|(?:hama\.wakayam|taka\.yamagat)a|o(?:i\.hokkaido|ka\.saitama)|nuka\.hokkaido)|o(?:i(?:shi\.(?:miyagi|saga)|\.chiba)|sato\.ibaraki)|iuchi\.hokkaido)|b(?:u(?:kawa\.gunma|ya\.tokyo)|ata\.(?:niigata|miyagi)|e(?:cha|tsu)\.hokkaido)|(?:chi(?:kashuku\.miyag|nohe\.aomor)|iba\.miyazak|tara\.aich)i|o(?:(?:gama\.miya|ya\.tochi)gi|jiri\.nagano)|s(?:(?:hikui\.tokushim|ui\.chib)a|o\.hyogo)|zu(?:(?:oka\.shizu)?oka|kuishi\.iwate)|(?:jonawate\.osak|g)a|wa\.iwate)\.jp|k(?:(?:a(?:(?:ma\.miyag|tsu\.aich)i|(?:be|oi)\.hokkaido|\.ishikawa)|okuchuo\.ehime|i\.saitama)\.jp|sha)|ftedit\.io|a)|o(?:(?:(?:bara\.hiroshi|o\.okaya)m|nai\.(?:yamagat|fukuok))a\.jp|w(?:a\.(?:(?:fukushi|gun)ma|yamanashi)\.jp|\.aero|time)?|p(?:\.(?:h[tu]|pl|ro)|ping)?|uji|es)|a(?:(?:r(?:i\.hokkaido\.j)?|kotan\.hokkaido\.j)p|cknet\.nu|ngrila|w)|e(?:ll(?:\.museum)?|rbrooke\.museum)|unan\.yamaguchi\.jp|riram|\.cn)?|a(?:n(?:d(?:(?:(?:e(?:\.(?:m[oø]re-og-romsdal|vestfold)|fjord)|nes(?:sj[oø]en)?|[oø]y)\.n|cats\.i)o|vik(?:coromant)?|a\.hyogo\.jp|iego\.museum)|(?:(?:agochi\.tokushim|jo\.niigat|uki\.kagaw|go\.nar)a|n(?:ohe\.aomori|an\.hyogo))\.jp|t(?:a(?:(?:barbara|cruz|fe)\.museum|maria\.br)|oandre\.br)|o(?:\.tochigi\.jp|k\.pl|fi)|francisco\.museum)|k(?:(?:a(?:i(?:\.(?:(?:ibarak|fuku)i|osaka)|minato\.tottori)|(?:(?:\.hiroshi|do\.saita)m|ta\.yamagat)a|e\.(?:nagano|chiba)|hogi\.gifu|ki\.nagano|wa\.kochi)|egawa\.yamagata|yo\.kyoto)\.jp|u(?:ra(?:(?:\.(?:tochigi|chiba)|gawa\.ibaraki|i\.nara)\.jp)?|(?:ho)?\.nagano\.jp))|(?:ga(?:(?:mihara\.kanagaw|e\.yamagat)a|(?:\.saga)?)|y(?:ama\.(?:saitam|osak)a|o\.hyogo)|do\.niigata|bae\.fukui)\.jp|i(?:(?:t(?:(?:ama\.sait)?ama|o\.miyazaki)|k(?:ai\.nagasaki|i\.oita)|gawa\.fukuoka|jo\.ehime)\.jp|ntlouis\.museum)|l(?:(?:(?:a(?:ngen|t)|tdal)\.n|ud\.b)o|vador(?:dali\.museum|\.br)|e(?:m\.museum|rno\.it)?|zburg\.museum|on)|s(?:(?:a(?:guri\.fukuoka|yama\.hyogo)|ebo\.nagasaki)\.jp|katchewan\.museum|sari\.it)?|m(?:(?:egawa\.fukushim|ukawa\.kanagaw)a\.jp|s(?:club|ung)|nanger\.no|pa\.br)|r(?:(?:ufutsu|oma)\.hokkaido\.jp|(?:d(?:egn|ini)a)?\.it|psborg\.no|l)|t(?:(?:(?:osho\.okay|te\.sait)a|sumasendai\.kagoshi)ma\.jp|x\.museum)|v(?:e(?:s-the-whales\.com)?|annahga\.museum|ona\.it)|\.(?:gov\.(?:au|pl)|(?:edu\.)?au|c(?:om|r)|it)|o(?:(?:bernardo|gonca)\.br|tome\.st)|-east-1\.elasticbeanstalk\.com|(?:u(?:herad|da)\.n|x)o|fe(?:ty(?:\.aero)?)?|arland|po?)?|e(?:[sw]|r(?:v(?:e(?:(?:(?:(?:counterstri|qua)k|exchang)e|h(?:alflife|umour|ttp)|p(?:ics|2p)|sarcasm|irc)\.com|b(?:bs\.(?:com|net|org)|eer\.com|log\.net)|m(?:inecraft\.net|p3\.com)|ftp\.(?:com|net|org)|game\.(?:com|org))|ice(?:s(?:\.aero)?|\.gov\.uk))|a(?:nishi)?\.hiroshima\.jp)|(?:i(?:rou?\.niigata|hi\.nagasaki|ka\.kyoto|yo\.ehime)|ki(?:(?:gahara)?\.gifu|kawa\.niigata)|m(?:boku\.akita|ine\.miyagi))\.jp|l(?:ls(?:-(?:for-(?:less|u)\.com|it\.net)|yourhome\.org)|fip\.(?:info|biz|com|net|org)|(?:j(?:ord|e)|bu)?\.no|ect)|t(?:(?:o(?:uchi\.okayama|\.aichi)|agaya\.tokyo)\.jp|t(?:le(?:ment|rs)\.museum|su\.osaka\.jp))|c(?:ur(?:ity(?:tactics\.com)?|e)|\.ps)|\.(?:(?:gov|leg)\.br|eu\.org|net)|a(?:port\.museum|rch|t)|n(?:nan\.osaka\.jp|er)|v(?:astopol\.ua|en)|x(?:\.(?:hu|pl)|y)?|bastopol\.ua|jny\.pl|oul\.kr|ek)?|t(?:a(?:t(?:e(?:(?:(?:ofdelaware)?\.museu|far)m|bank)|i(?:c(?:-access\.net|\.land)|on\.museum)|(?:helle)?\.no|oil)|r(?:(?:ostwo\.gov|achowice|gard)\.pl|nberg\.museum|hub)?|(?:(?:v(?:anger|ern)|nge)\.n|ge\.nodeart\.i)o|l(?:bans\.museum|owa-wola\.pl)|d(?:t\.museum|a)|ckspace\.space|ples)|o(?:r(?:(?:d(?:al)?|-elvdal|fjord)\.no|e(?:\.(?:bb|dk|nf|ro|st|ve))?|j\.farm|age)|ckhol(?:m\.museu)?m|kke\.no)|u(?:ff(?:-4-sale\.(?:org|us)|toread\.com)|d(?:(?:ent\.aer|i)o|y)|ttgart\.museum)|j(?:o(?:rdal(?:shalsen)?\.no|hn\.museum)|ørdal(?:shalsen)?\.no)|e(?:i(?:(?:nkjer|gen)\.no|ermark\.museum)|am\.museum)|r(?:(?:anda?|yn)\.no|eam)|petersburg\.museum|c(?:group)?|\.no|yle)?|3(?:-(?:website(?:-(?:ap-(?:southeast-[12]|northeast-1)|us-(?:west-[12]|east-1)|(?:eu-we|sa-ea)st-1)|\.(?:ap-(?:northeast-2|south-1)|eu-(?:central-1|west-[23])|ca-central-1|us-east-2))|(?:(?:fips-us-gov-we|sa-ea)st|ca-central)-1|ap-(?:south(?:east-[12]|-1)|northeast-[12])|e(?:u-(?:west-[123]|central-1)|xternal-1)|us-(?:gov-west-1|west-[12]|east-2))\.amazonaws\.com|\.(?:(?:(?:dualstack\.(?:ap-(?:south(?:east-[12]|-1)|northeast-[12])|eu-(?:west-[123]|central-1)|(?:ca-central|sa-east)-1|us-east-[12])|eu-(?:central-1|west-[23])|us-east-2)\.|(?:ap-(?:northeast-2|south-1)\.)?)amazonaws\.com|c(?:n-north-1\.amazonaws\.com\.cn|a-central-1\.amazonaws\.com)))|o(?:(?:(?:(?:o\.kagoshi|ja\.okaya)m|degaura\.chib|eda\.fukuok)a|betsu\.hokkaido|wa\.ibaraki)\.jp|r(?:(?:-(?:(?:aur|o)dal|varanger|fron)|(?:tlan|fol)d|reisa|um)\.no|ocaba\.br)|u(?:nd(?:andvision\.museum|cast\.me)|th(?:carolina|west)\.museum)|n(?:dr(?:e-land\.no|io\.it)|g(?:dalen\.no)?|i\.nara\.jp|y)|l(?:u(?:nd\.no|tions)|ogne\.museum|a(?:\.no|r))|c(?:i(?:ety\.museum|al)|hi\.su|\.lk|cer)|s(?:(?:nowiec)?\.pl|a\.chiba\.jp)|k(?:a\.saitama\.jp|ndal\.no)|m(?:a\.fukushima\.jp|na\.no)|ft(?:ware(?:\.aero)?|bank)|\.(?:gov\.pl|it)|gn(?:dal|e)\.no|pot\.pl|hu|y)?|u(?:(?:k(?:agawa\.fukushima|umo\.kochi)|gi(?:nami\.tokyo|to\.saitama)|s(?:ono\.shizuoka|aki\.kochi))\.jp|m(?:(?:i(?:da\.tokyo|ta\.iwate)|oto\.(?:kumamot|hyog)o)\.jp|y\.ua)|z(?:u(?:k(?:a\.mie\.jp|i)|\.ishikawa\.jp)|aka\.nagano\.jp)|r(?:ge(?:onshall\.museum|ry)|rey\.museum|nadal\.no|f)|i(?:(?:fu\.ibaraki|ta\.osaka)\.jp|sse\.museum)|n(?:agawa\.hokkaido\.jp|(?:ndal|d)\.no)|e(?:\.fukuoka\.jp|dtirol\.it)|wa(?:\.nagano\.jp|lki\.pl)|l(?:(?:dal|a)\.no|i\.hu)|pp(?:l(?:ies|y)|ort)|̈dtirol\.it|cks)?|c(?:[ab]|h(?:o(?:ko(?:laden\.museum|keks\.net)|ol(?:\.(?:museum|n[az]|za))?|enbrunn\.museum|larships)|\.(?:[qs]a|i[dr]|l[ky]|ae|jo|ng|zm)|w(?:eiz\.museum|arz)|lesisches\.museum|aeffler|midt|ule)|i(?:en(?:ce(?:(?:(?:and(?:indust|histo)|histo)ry|(?:snaturelle)?s|-fiction|centers?)?\.museum)?|tist\.aero)|\.eg)|r(?:app(?:er-site\.net|ing\.cc)|ysec\.com)|\.(?:(?:gov|leg)\.br|k[er]|u[gs]|cn|tz)|o(?:t(?:land\.museum)?|r)|johnson)?|k(?:(?:a(?:n(?:land|it)|un)|j(?:erv[oø]y|[aå]k)|edsmo(?:korset)?|ånland|ánit)\.no|i(?:(?:e(?:rv[aá]|n)|ptvet)\.no|\.(?:museum|no)|n)?|o(?:(?:\.gov|czow)\.pl|le\.museum|dje\.no)|y(?:diving\.aero|pe)?|\.(?:eu\.org|ca)|lep\.pl)?|i(?:(?:benik\.museu|mple-url\.co)m|l(?:k(?:\.museum)?|jan\.no)|n(?:a(?:app\.com)?|gles)|r(?:acusa\.it|dal\.no)|te(?:s\.static\.land)?|c(?:il(?:ia|y))?\.it|e(?:llak\.no|na\.it)|\.(?:eu\.org|it)|gdal\.no)?|p(?:ace(?:(?:-to-rent\.co|\.museu)m|kit\.io)?|\.(?:(?:gov|leg)\.br|it)|y(?:deberg\.no|\.museum)|dns\.(?:org|de|eu)|o(?:rt(?:\.hu)?|t)|jelkavik\.no|readbetting|b\.[rs]u|iegel)|y(?:no(?:logy(?:-d(?:iskstation|s)\.d|\.m)|-ds\.d)e|dney(?:\.museum)?|kkylven\.no|tes\.net|mantec|stems)?|(?:ø(?:r(?:-(?:(?:aur|o)dal|varanger|fron)|reisa|fold|um)|ndre-land|gne|mna)|ál[aá]t)\.no|w(?:i(?:(?:noujscie|ebodzin|dnica)\.pl|ftcover|ss)|e(?:etpepper\.org|den\.museum)|atch)|v(?:(?:e(?:lvik|io)|albard)\.no|izzera\.museum|n-repos\.de|\.it)?|l(?:a(?:ttum\.no|sk\.pl)|d\.(?:do|pa)|[gz]\.br|upsk\.pl|ing)?|n(?:(?:[aå](?:ase|sa)|illfjord|oasa)\.no|\.cn|cf)?|z(?:(?:cz(?:ecin|ytno)|kola)\.pl|ex\.hu)?|s(?:l\.origin\.cdn77-secure\.org|\.it)|quare(?:7\.(?:net|ch|de)|\.museum)|r(?:[lt]|\.(?:gov\.pl|it)|v\.br)?|m(?:[oø]la\.no|\.ua|art|ile)?|d(?:\.(?:cn|us)|n\.gov\.pl)?|b(?:[is]|\.ua)?|\.(?:bg|se)|f(?:\.no|r)|j(?:c\.br)?|x(?:\.cn)?|g)|k(?:a(?:(?:m(?:i(?:(?:t(?:onda\.wakayam|sue\.oit)|i(?:zumi\.sait|chi\.toy)am|mine\.sag|oka\.akit)a|k(?:awa\.(?:h(?:okkaid|yog)o|saitama)|(?:itayama\.nar|oani\.akit)a)|s(?:u(?:nagawa\.hokkaido|\.ibaraki)|hihoro\.hokkaido|ato\.saitama)|(?:amakusa\.kumamot|furano\.hokkaid|gori\.hyog)o|no(?:yama\.yamagata|kawa\.tochigi)|\.(?:miyag|koch)i|jima\.ehime)|o(?:\.(?:niigata|kyoto)|enai\.hokkaido|gawa\.chiba)|a(?:(?:kura\.kanagaw|gaya\.chib)a|ishi\.iwate)|e(?:oka\.kyoto|yama\.mie))|wa(?:(?:(?:(?:zu\.shiz|ra\.fuk)uo|chinagano\.osa)k|(?:jima\.saita|ba\.gun)m)a|n(?:(?:abe\.kagoshim|ehon\.shizuok)a|ishi\.(?:(?:yamagat|nar)a|hyogo))|(?:tana\.nagasak|hara\.tottor|saki\.miyag)i|g(?:oe\.(?:saitama|mie)|uchi\.saitama)|k(?:ami\.na(?:gano|ra)|ita\.ishikawa)|m(?:inami\.miyazaki|ata\.fukushima)|i\.(?:iwate|nara)|ue\.gifu)|n(?:(?:a(?:(?:zawa\.ishik|g)aw|n\.osak)|o(?:ya\.kagoshim|nji\.kagaw)|na(?:mi\.shizuok|\.gunm)|maki\.nar|zaki\.sag|ra\.gunm)a|e(?:yama\.(?:fukushim|yamagat)a|gasaki\.iwate)|i(?:e\.aichi|\.gifu)|uma\.tochigi)|g(?:a(?:mi(?:(?:ishi\.fukushi|no\.okaya)ma|\.kochi)|(?:\.ishika)?wa)|(?:oshima\.kag)?oshima)|i(?:(?:(?:nan\.(?:tokushi|wakaya)|ta\.hiroshi)m|sei\.kanagaw|zuka\.osak)a|\.yamanashi)|k(?:amigahara\.gifu|egawa\.shizuoka|inoki\.shimane|ogawa\.hyogo|uda\.miyagi)|d(?:o(?:gawa\.miyazaki|ma\.osaka)|ena\.okinawa)|ho(?:ku\.(?:ishikaw|yamagat)|\.fukuok)a|yabe\.hokkaido)\.jp|s(?:(?:u(?:ga(?:\.(?:fukuoka|hyogo)|i\.aichi)|(?:kabe\.saitam|ya\.fukuok)a|migaura\.ibaraki)|hi(?:(?:wa(?:zaki\.niigat|ra\.osak|\.chib)|(?:har|b)a\.nar)a|ma\.(?:ibaraki|saga))|a(?:ma(?:\.ibaraki|tsu\.gifu)|oka\.okayama|hara\.gifu|i\.hyogo))\.jp|zuby\.pl)|r(?:a(?:s(?:uyama\.tochigi\.jp|jo(?:hka|k)\.no)|t(?:su\.saga\.jp|e\.museum)|(?:ganda|col)\.su)|i(?:(?:wa\.niigata|ya\.aichi)\.jp|katur\.museum)|u(?:izawa\.nagano|mai\.iwate)\.jp|(?:m[oø]|lso)y\.no|(?:pacz|tuzy)\.pl|elia\.su)|t(?:(?:su(?:(?:ragi\.(?:wakayam|nar)|ura\.chib)a|shika\.tokyo|yama\.fukui)|a(?:shina\.gunm|gami\.akit|no\.osak)a)\.jp|o(?:ri\.chiba\.jp|wice\.pl))|z(?:(?:o\.saitam|uno\.akit)a\.jp|imierz-dolny\.pl)|l(?:(?:mykia\.[rs]|uga\.s)u|isz\.pl)|u(?:tokeino\.no|fen)|fjord\.no)|o(?:(?:u(?:(?:(?:yama\.kagoshi|nosu\.saita)m|hoku\.sag)a|zushima\.tokyo)|(?:(?:ori\.fukushi|ya\.wakaya)m|r(?:iyama\.fukushim|yo\.nar))a|t(?:o(?:\.(?:shiga|tokyo)|hira\.kagawa|ura\.tottori)|a\.aichi)|g(?:a(?:\.(?:fukuoka|ibaraki)|nei\.tokyo)|e\.tottori)|k(?:(?:onoe\.oit|a\.shig)a|ubunji\.tokyo)|(?:(?:chi\.ko)?c|fu\.yamanas)hi|daira\.tokyo)\.jp|m(?:a(?:(?:(?:gane\.nagan|e\.toky)o|ki\.aichi)\.jp|tsu(?:(?:shima\.tokushim|\.ishikaw)a\.jp)?)|o(?:ro\.nagano|no\.mie)\.jp|mun(?:alforbund\.se|e\.no)|(?:forb|vux)\.se)|s(?:h(?:(?:i(?:mizu\.hokkaido|gaya\.saitama)|u\.yamanashi)\.jp|er)|(?:(?:a(?:i\.shizuok|ka\.akit)|ei\.shig)a|uge\.yamanashi)\.jp)|n(?:(?:s(?:ulat\.gov|kowola)|in)\.pl|an\.(?:aichi|shiga)\.jp|gs(?:vinger|berg)\.no|yvelo\.hu)|z(?:a(?:(?:gawa)?\.wakayam|ki\.chib)a\.jp|ow\.com)|b(?:ayashi\.miyazaki\.jp|ierzyce\.pl)|e(?:benhavn\.museum|ln(?:\.museum)?)|lobrzeg\.pl|pervik\.no)|i(?:t(?:a(?:(?:(?:shiobara\.fukushi|yama\.wakaya)m|(?:nakagusuku|daito)\.okinaw)a|ga(?:wa\.(?:miyazak|koch)i|ta\.(?:gifu|saga))|ka(?:ta\.(?:fukushima|miyazaki)|mi\.iwate)|h(?:iroshima\.hokkaido|ata\.saga)|m(?:oto\.saitama|i\.hokkaido)|a(?:iki\.nagano|kita\.akita)|\.(?:(?:kyot|toky)o|osaka)|ura\.miyazaki)\.jp|chen)|(?:y(?:o(?:s(?:(?:ato\.hokkaid|e\.toky)o|u\.aichi)|kawa\.kanagawa)|ama\.saga)|s(?:o(?:(?:fukushima)?\.nagano|saki\.mie)|(?:hiwada\.osak|arazu\.chib)a)|k(?:u(?:gawa\.shizuoka|chi\.kumamoto)|onai\.hokkaido)|ho(?:ku\.ehim|\.mi)e|bichuo\.okayama|jo\.miyazaki|zu\.kyoto)\.jp|n(?:(?:(?:okawa\.wakaya|ko\.kagoshi)m|\.okinaw)a\.jp|d(?:er|le))|m(?:(?:i(?:no\.wakayam|tsu\.chib)a|obetsu\.hokkaido)\.jp)?|r(?:(?:yu\.gunma|a\.aichi)\.jp|ovograd\.ua|kenes\.no)|w(?:a\.mie\.jp|i(?:\.nz)?)|cks-ass\.(?:net|org)|ds\.(?:museum|us)|(?:ev\.u)?a)?|u(?:(?:(?:m(?:a(?:(?:gaya\.saitam|tori\.osak)a|no\.(?:hiroshima|mie)|(?:moto\.kuma)?moto|kogen\.ehime)|e(?:jima\.okinaw|nan\.okayam)a|iyama\.kyoto)|d(?:amatsu\.yamaguchi|oyama\.wakayama)|j(?:u(?:kuri\.chib|\.oit)a|i\.iwate)|(?:i\.hiroshi|ki\.saita)ma|(?:zumaki\.iwat|wana\.mi)e|chinotsu\.nagasaki)\.j|okgrou)p|r(?:(?:o(?:(?:gi\.fukuok|be\.toyam|taki\.nar)a|is(?:hi\.aomor|o\.tochig)i|matsunai\.hokkaido)|(?:a(?:shiki\.okayam|te\.fukuok)|e\.hiroshim|ume\.fukuok)a|iyama\.hokkaido)\.jp|gan\.su)|n(?:(?:i(?:(?:gami\.okinaw|mi\.fukushim|saki\.oit)a|t(?:omi\.miyazaki|achi\.tokyo))|neppu\.hokkaido|ohe\.iwate)\.jp|st(?:unddesign|sammlung)?\.museum)|s(?:(?:hi(?:m(?:oto\.wakayama|a\.miyazaki)|ro\.hokkaido)|(?:atsu\.(?:gunm|shig)|u\.oit)a)\.jp|tanai\.[rs]u)|t(?:chan\.hokkaido\.jp|no\.pl))|12\.(?:(?:m[adeinost]|n[cehjmvy]|a[klrsz]|c[aot]|o[hkr]|w[aiy]|d[ce]|g[au]|k[sy]|p[ar]|fl|la|ri|sc|ut)\.us|i(?:l(?:\.us)?|[adn]\.us)|v(?:i(?:\.us)?|[at]\.us)|t(?:[nx]\.us|r)|ec)|r(?:(?:(?:istians[au]n|ødshera)d|o(?:kstadelva|dsherad)|åanghke)\.no|a(?:(?:ger[oø]|anghke)\.no|snodar\.su|kow\.pl)|\.(?:eu\.org|com|it|ua)|ym\.ua|e?d)?|y(?:o(?:t(?:a(?:n(?:abe|go)|mba)\.kyoto\.jp|o(?:\.jp)?)|(?:wa\.(?:hokkaido|akita)|nan\.chiba)\.jp)|uragi\.saga\.jp|iv\.ua|\.us)?|e(?:(?:mbuchi\.hokkaido|isen\.fukuoka)\.jp|rry(?:propertie|logistic|hotel)s|p(?:no\.pl|\.tr)|ymachine\.de|trzyn\.pl)?|v(?:(?:i(?:n(?:nherad|esdal)|t(?:s[oø]y|eseid))|a(?:(?:fjor|lsun)d|nangen|m)|æ(?:nangen|fjord))\.no|\.ua)|h(?:(?:meln(?:itskiy|ytskyi)|erson)?\.ua|a(?:rk[io]v\.ua|kassia\.su))|n(?:ightpoint\.systems|owsitall\.info|x-server\.net)?|l(?:(?:[aæ]bu|epp)\.no|odzko\.pl)|(?:árášjohka|åfjord)\.no|m(?:psp\.gov\.pl|\.ua)?|p(?:psp\.gov\.pl|mg|n)?|w(?:ps)?p\.gov\.pl|\.(?:bg|se)|g(?:\.kr)?|s\.u[as]|ddi|fh|z)|m(?:[hqv]|i(?:n(?:(?:a(?:m(?:i(?:(?:(?:yamashiro\.ky|oguni\.kumam)ot|m(?:inowa|aki)\.nagan|furano\.hokkaid)o|(?:tane\.kagoshim|uonuma\.niigat|daito\.okinaw|boso\.chib)a|(?:-alps\.yamanash|sanriku\.miyag|echizen\.fuku)i|a(?:(?:iki\.nagan|waji\.hyog)o|shigara\.kanagawa)|\.(?:(?:tokushim|fukuok)a|kyoto)|i(?:zu\.shizuoka|se\.mie))|ata\.kumamoto)|(?:kami\.gun|no\.saita)ma|to\.(?:osaka|tokyo))|o(?:(?:kamo)?\.gifu|bu\.yamanashi|wa\.nagano|h\.osaka))\.jp|i(?:(?:server\.co|ng\.museu)m)?|e(?:rs\.museum|\.nu)|nesota\.museum|com\.tn|t)|(?:y(?:a(?:k(?:o(?:\.(?:fukuoka|iwate)|nojo\.miyazaki)|e\.nara)|z(?:(?:aki\.miyaz)?aki|u\.kyoto)|(?:shiro\.saitam|waka\.fukuok)a|ma\.(?:fukuoka|mie)|da\.nagano|gi)|o(?:shi\.(?:(?:(?:hiro|toku)shi|saita)ma|aichi)|ta\.nagano))|h(?:a(?:ma\.(?:(?:wakayam|chib)a|(?:aich|fuku)i|mie)|r(?:a\.(?:hiroshima|kochi)|u\.fukushima))|o\.ibaraki)|zu(?:maki\.fukuoka|sawa\.iwate|nami\.gifu|ho\.tokyo)|k(?:a(?:sa\.hokkaido|wa\.yamagata)|i\.hyogo)|ma(?:ta\.miyazaki|\.tokushima)|fune\.kumamoto|ura\.kanagawa|bu\.tochigi)\.jp|s(?:(?:a(?:to\.(?:s(?:aitama|himane)|(?:wakayam|akit)a|miyagi)|(?:sa\.tott|wa\.aom)ori|ki\.o(?:kayam|sak)a)|hima\.(?:fukushim|shizuok)a|ugi\.mie)\.jp|s(?:oula|ile)\.museum|confused\.org)|l(?:\.(?:t[jmorwz]|a[celrz]|b[aory]|k[gmrz]|m[gvyz]|n[gioz]|p[ehly]|c[lno]|g[eht]|i[dnq]|s[hty]|z[amw]|[dj]o|e[cg]|r[uw]|v[ce]|hn|lv|qa|uy)|(?:itary|l)\.museum|ano?\.it)?|t(?:(?:o(?:(?:u\.yamaguch|\.ibarak)i|yo\.kagawa)|a(?:k(?:a\.tokyo|e\.gifu)|ne\.akita))\.jp|su(?:(?:ke\.niigat|e\.nar)a\.jp|bishi))?|d(?:(?:tre-gauldal|sund)\.no|ori\.(?:chib|gunm)a\.jp|atlantic\.museum)|c(?:ro(?:light\.aero|soft)|higan\.museum)|a(?:s(?:a\.nagano\.jp|ta\.pl)|mi)|e(?:l(?:ec|no)\.pl|\.jp)|\.(?:it|th|us))|a(?:t(?:su(?:(?:b(?:ushi\.saitam|ara\.osak)|d(?:a\.kanagaw|o\.chib)|zaki\.shizuok)a|s(?:hi(?:ge\.tokushima|ma\.miyagi)|aka\.mie)|m(?:oto\.(?:kagoshima|nagano)|ae\.hokkaido)|(?:(?:yama|no)\.ehim|e\.shiman)e|ura\.nagasaki|kawa\.nagano)\.jp|t(?:a-varjjat\.no|el)|era\.it|\.br)|r(?:i(?:n(?:ga\.br|e\.ru)|tim[eo]\.museum)|u(?:game\.kagawa|mori\.miyagi)\.jp|(?:yl(?:hurst|and)|burg)\.museum|ke(?:t(?:ing|s)?|r\.no)|(?:(?:che)?\.i|riot)t|nardal\.no|shalls)|s(?:(?:hik(?:(?:e\.hokkaid|i\.kumamot)o|o\.tochigi)|(?:uda\.shiman|aki\.ehim)e)\.jp|(?:fjorden|oy)\.no|sa-?carrara\.it|erati)|n(?:(?:iwa\.okayam|no\.kagaw)a\.jp|(?:chester|sions?|x)\.museum|a(?:gement|us\.br)|g(?:yshlak\.su|o)|tova\.it|dal\.no)?|(?:k(?:(?:urazaki\.kagoshim|inohara\.shizuok)a\.j|eu)|(?:murogawa\.yamagat|ebashi\.gunm)a\.j)p|l(?:(?:atvuopmi|selv|vik)\.no|(?:opolska|bork)\.pl|lorca\.museum)|i(?:(?:bara\.shiga|zuru\.kyoto)\.jp|ntenance\.aero|l\.pl|son|f)|c(?:e(?:rata\.it|io\.br)|hida\.tokyo\.jp|apa\.br|ys)|d(?:rid(?:\.museum)?|\.museum)|p(?:\.fastly(?:lb)?\.net)?|\.(?:(?:gov|leg)\.br|us)|yfirst\.(?:info|org)|z(?:owsze|ury)\.pl|gazine\.aero|ori\.nz)?|o(?:[ei]|r(?:(?:i(?:y(?:a(?:\.ibaraki|ma\.shiga)|oshi\.akita)|(?:machi\.shizuo|guchi\.osa)ka|oka\.iwate)|o(?:tsuka\.miyazaki|yama\.saitama))\.jp|dovia\.[rs]u|ena\.br|tgage|mon)|n(?:(?:za(?:(?:-e-della)?-|e(?:della)?)?brian)?za\.it|(?:t(?:icello|real)|mouth)\.museum|ey(?:\.museum)?|ster|ash)|t(?:o(?:(?:bu\.okinawa|yama\.kochi|su\.gifu)\.jp|rcycle(?:\.museum|s))?|egi\.tochigi\.jp)|s(?:(?:(?:kene)?s|j[oø]en|vik)\.no|eushi\.hokkaido\.jp|cow(?:\.museum)?)|d(?:e(?:lling\.aero|rn\.museum|na\.it)|a(?:len\.no)?|um\.no|\.gi)|b(?:i(?:\.(?:n[ag]|t[tz]|gp|ke)|l[ey])?|ara\.chiba\.jp)|(?:chizuki\.nagano|ka\.tochigi)\.jp|m(?:betsu\.hokkaido\.jp|a\.museum)?|v(?:i(?:miento\.bo|star|e))?|(?:[aå]reke|-i-rana)\.no|l(?:(?:ise)?\.it|de\.no)|\.(?:cn|it|us)|zilla-iot\.org|onscale\.net|par)?|y(?:(?:a(?:ctivedirectory|sustor)|qnapcloud|ravendb|iphost|vnc)\.com|d(?:atto\.(?:com|net)|issent\.net|dns\.rocks|robo\.com|s\.me)|-(?:(?:(?:route|vigo)r|gateway|wan)\.de|firewall\.org)|s(?:ecuritycamera\.(?:com|net|org)|hopblocks\.com)|p(?:e(?:p\.link|ts\.ws)|hotos\.cc|sx\.net|i\.co)|f(?:tp\.(?:biz|org)|irewall\.org|ritz\.net)|m(?:ailer\.com\.tw|ediapc\.net)|t(?:uleap\.com|is\.ru)|(?:jino\.r|cd\.e)u|\.(?:eu\.org|id)|oko\.niigata\.jp|home-server\.de|effect\.net|kolaiv\.ua|wire\.org)?|u(?:s(?:e(?:um(?:(?:vereniging|center)\.museum|\.(?:m[vw]|no|om|tt))?|et\.museum)|ashi(?:murayama|no)\.tokyo\.jp|ic(?:a\.(?:ar|bo)|\.museum)|\.(?:mi\.us|br))|r(?:(?:a(?:(?:yama\.yama|kami\.nii)gata|ta\.miyagi)|o(?:ran\.hokkaido|to\.kochi))\.jp|mansk\.su)|(?:(?:gi\.tokushim|ika\.niigat)a|k(?:awa\.hokkaid|o\.kyot)o)\.jp|n(?:akata\.fukuoka\.jp|cie\.museum|i\.il)|t(?:su(?:zawa\.chiba|\.aomori)\.jp|ual)|(?:en(?:chen|ster)|lhouse)\.museum|os[aá]t\.no|p\.gov\.pl)?|e(?:d(?:i(?:a(?:\.(?:museum|aero|hu|pl))?|c(?:al\.museum|ina\.bo)|zinhistorisches\.museum|o-?campidano\.it)|\.(?:p(?:[al]|ro)|e[ce]|s[ad]|br|ht|ly|om)|ecin\.(?:fr|km))?|i(?:n-(?:iserv|vigor)\.de|wa\.(?:gunma|mie)\.jp)|l(?:(?:[oø]y|and|dal|hus)\.no|bourne)|m(?:orial(?:\.museum)?|set\.net|e)|r(?:[aå]ker\.no|seine\.nu|ckmsd)|\.(?:eu\.org|u[ks]|it|ke|tz)|s(?:averde\.museum|sina\.it)|t(?:eorapp\.com|life)|e(?:res\.museum|t)|guro\.tokyo\.jp|x\.com|nu?|o)?|(?:á(?:tta-várjjat|latvuopmi)|å(?:lselv|søy)|j[oø]ndalen)\.no|s(?:\.(?:(?:(?:gov|leg)\.b|k)r|it|us)|k\.[rs]u|d)?|t(?:[nr]|\.(?:(?:gov|leg)\.br|eu\.org|it|us))?|c(?:\.(?:eu\.org|it)|kinsey)?|g(?:\.(?:gov|leg)\.br)?|k(?:\.(?:eu\.org|ua))?|l(?:b(?:fan\.org)?|s)?|r(?:agowo\.pl|\.no)?|b(?:\.(?:ca|it)|a)|d(?:\.(?:ci|us))?|n(?:\.(?:it|us))?|ma(?:fan\.biz)?|w(?:\.gov\.pl)?|(?:āori\.n)?z|\.(?:bg|se)|p(?:\.br)?|x(?:\.na)?)|t(?:[flz]|a(?:(?:k(?:a(?:ha(?:(?:(?:ru\.miyaz|gi\.ibar)ak|ma\.(?:aich|fuku))i|(?:shi\.okayam|ta\.yamagat)a)|(?:t(?:suki\.(?:osak|shig)|a\.fukuok|ori\.nar)|ishi\.osak|oka\.toyam)a|s(?:a(?:go\.hyogo|ki\.gunma)|hima\.shiga|u\.hokkaido)|(?:n(?:ezawa\.tochig|abe\.miyazak)|zaki\.miyazak)i|m(?:ori\.(?:kumamot|nagan)o|atsu\.kagawa)|(?:(?:razuka)?\.hyog|gi\.nagan)o|yama\.(?:g(?:unma|ifu)|nagano))|(?:e(?:t(?:omi\.okinaw|a\.oit)|hara\.hiroshim)|o\.chib|u\.sag)a|i(?:(?:no(?:ue\.hokkaid|\.hyog)|kawa\.hokkaid)o|\.mie)|ko\.aomori)|m(?:a(?:k(?:awa\.fukushima|i\.mie)|(?:mura\.gun|no\.okaya)ma|tsukuri\.ibaraki|yu\.shimane|\.tokyo)|ba\.hyogo)|ga(?:(?:mi\.niigat|wa\.fukuok)a|jo\.miyagi)|d(?:o(?:tsu\.kagawa|\.mie)|aoka\.osaka)|chi(?:arai\.fukuoka|kawa\.tokyo)|ji(?:ri\.osaka|mi\.gifu)|waramoto\.nara|hara\.aichi)\.jp|i(?:(?:(?:(?:ji\.waka|ra\.to)yam|nai\.niigat)a|shi(?:\.(?:hyogo|osaka)|n\.fukushima)|ki\.(?:hokkaido|mie)|wa\.miyagi|to\.tokyo)\.jp|fun-dns\.de|pei)|t(?:(?:e(?:(?:yama\.(?:toyam|chib)|bayashi\.gunm)a|shina\.nagano)|suno\.(?:nagan|hyog)o)\.jp|a(?:motors|r)|too)|r(?:a(?:(?:ma\.okinaw|\.sag)a\.jp|nto\.it)|u(?:mizu\.kagoshima|i\.gifu)\.jp|g(?:i\.pl|et)|nobrzeg\.pl)|n(?:a(?:(?:be\.(?:wakayama|kyoto)|gura\.fukushima)\.jp|(?:nger)?\.no)|ohata\.iwate\.jp|k\.museum)|b(?:(?:ayama\.yamanas|use\.yamaguc)hi\.jp)?|s(?:(?:\.(?:edu|gov))?\.a|hkent\.s)u|x(?:i(?:\.br)?)?|a?\.it|obao|lk)|o(?:(?:m(?:i(?:(?:gusuku\.okinaw|sato\.chib|oka\.gunm)a|ya\.miyagi|\.nagano|ka\.gifu)|(?:obe\.ibarak|e\.miyag)i|a(?:koma|r)i\.hokkaido)|b(?:e(?:tsu\.hokkaido|\.ehime)|ishima\.aichi|a\.mie)|h(?:(?:nosho\.chib|o\.fukuok)a|ma\.hokkaido)|chi(?:(?:gi\.tochi)?gi|o\.niigata)|ei\.aichi)\.jp|y(?:o(?:(?:(?:(?:hashi|kawa|ake)\.ai|\.ko)chi|n(?:(?:aka|o)\.osaka|e\.aichi)|(?:ura\.hokkaid|oka\.hyog)o|sato\.shiga)\.jp|t(?:(?:omi\.hokkaido|su\.fukuoka)\.jp|a(?:\.(?:yamagu|ai)chi\.jp)?))|a(?:(?:ko)?\.hokkaido|(?:ma\.toya)?ma)\.jp|s)|k(?:(?:a(?:(?:machi\.niigat|shiki\.okinaw)a|i\.(?:ibarak|aich)i)|u(?:(?:shima\.toku)?shima|yama\.yamaguchi)|o(?:rozawa\.saitama|name\.aichi)|i(?:gawa\.saitama|\.gifu))\.jp|yo(?:\.jp)?|ke\.no)|n(?:(?:(?:a(?:ki\.okinaw|mi\.toyam)|dabayashi\.osak)a|o(?:sho\.kagawa|\.iwate)|e\.ibaraki)\.jp|sberg\.no)|g(?:(?:a(?:(?:ne\.chib|\.toyam)a|kushi\.nagano)|(?:itsu\.nagasak|o\.aich)i|ura\.nagano)\.jp|liatti\.su)|s(?:(?:a(?:shimizu)?\.kochi|u\.saga)\.jp|hi(?:ma\.tokyo\.jp|ba)|(?:cana)?\.it)|r(?:i(?:no\.(?:museum|it)|de\.ibaraki\.jp)|a(?:hime\.shiga\.jp|y)|sken\.no)|w(?:n(?:(?:news-staging\.co|\.museu)m)?|ada\.aomori\.jp)|u(?:r(?:ism\.(?:pl|tn)|s)|ch\.museum)|t(?:(?:tori\.tot)?tori\.jp|al)|z(?:awa\.yamagata\.jp|sde\.hu)|\.(?:(?:gov|leg)\.br|it)|da(?:\.saitama\.jp|y)|o(?:n\.ehime\.jp|ls)|p(?:ology\.museum)?|lga\.no)?|r(?:a(?:n(?:i(?:-(?:andria-barlett|barletta-andri)|andriabarlett|barlettaandri)a\.it|sport(?:\.museum|e\.bo)|(?:[boø]y|a)\.no)|vel(?:ers(?:insurance)?|\.(?:pl|tt)|channel)?|d(?:ing(?:\.aero)?|e(?:r\.aero)?)|in(?:er\.aero|ing)|fficplex\.cloud|eumtgerade\.de|pani\.it|\.kp)|e(?:(?:nt(?:in(?:o(?:-(?:s(?:u[ë]?d)?-?tirol|a(?:lto)?-?adige)|s(?:u[ë]?d)?-?tirol|a(?:lto)?-?adige)?|-?su[ë]?d-?tirol)|o)|viso)\.it|e\.museum)|o(?:(?:ms[aoø]|ndheim|andin|gstad)\.no|lley\.museum|itsk\.su)|(?:øgstad|ysil|æna)\.no|ust(?:(?:ee)?\.museum)?|\.(?:eu\.org|it|no)|ieste\.it|d\.br|v)?|s(?:u(?:ru(?:g(?:a(?:shima\.saitama|\.fukui)|i\.ishikawa)|(?:\.yamanash|ta\.aomor)i|oka\.yamagata)|k(?:u(?:(?:i\.kanagaw|mi\.oit)a|ba\.ibaraki)|i(?:gata\.hokkaido|yono\.gunma))|(?:ga(?:ru\.aomor|\.tochig)|shima\.(?:nagasak|aich)|chiura\.ibarak)i|b(?:a(?:ta\.ishikaw|me\.niigat)a|etsu\.hokkaido)|(?:(?:yama\.okaya|magoi\.gun)m|iki\.fukuok)a|n(?:o\.(?:miyazak|koch)i|an\.niigata)|(?:wano\.shiman|\.mi)e)\.jp|elinograd\.su|\.it)|e(?:l(?:e(?:(?:kommunikat|vis)ion\.museum|\.amune\.org|fonica|city)|\.tr)?|n(?:(?:(?:kawa|ri)\.nar|ei\.fukushim|do\.yamagat)a\.jp|nis)|c(?:h(?:nology(?:\.museum)?)?|\.(?:mi\.us|ve)|nologia\.bo)|s(?:t(?:\.(?:ru|tj)|-iserv\.de)|hikaga\.hokkaido\.jp)|(?:a(?:ches-yoga\.co)?|x(?:tile|as)\.museu)m|r(?:n(?:opil\.ua|i\.it)|amo\.it|mez\.su)|m(?:p(?:io-?olbia\.it|-dns\.com)|asek)|\.(?:it|ua)|o\.br|va)|u(?:r(?:e(?:k\.pl|n\.tn)|ystyka\.pl|\.[ab]r|in\.it)|s(?:cany\.it|hu)|n(?:k\.org|es)|xfamily\.org|[lv]a\.su|be|i)|i(?:me(?:\.(?:museum|no)|keeping\.museum)|n(?:gvoll|n)\.no|(?:cket|p)s|(?:end|a)a|r(?:es|ol)|ffany)|h(?:e(?:at(?:er(?:\.museum)?|re)|workpc\.com|\.br)|ruhere\.net|d)?|m(?:\.(?:[nr]o|m[cg]|cy|fr|hu|km|pl|se|za)|p\.br|all)?|v(?:\.(?:b[bor]|i[mt]|t[rz]|na|sd)|edestrand\.no|s)?|y(?:(?:s(?:v[aæ]r|fjord|nes)|nset|dal)\.no|chy\.pl)|j(?:(?:eldsund|[oø]me)\.no|(?:max)?x|\.cn)?|w(?:mail\.(?:net|org|cc)|\.cn)?|c(?:m\.museum|p4\.me|i)?|(?:3l3p0rt\.ne|p\.i)t|k(?:sat\.bo|maxx)?|n(?:\.(?:it|us))?|g(?:ory\.pl)?|\.(?:bg|se)|ønsberg\.no|t(?:\.im)?|x\.us|dk?)|a(?:s(?:(?:a(?:hi(?:\.(?:(?:yamagat|toyam|chib)a|ibaraki|nagano|mie)|kawa\.hokkaido)|(?:k(?:a(?:wa\.fukushi|\.saita)|uchi\.okaya)|minami\.hiroshi)ma|go\.hyogo)|o\.kumamoto|uke\.aichi)\.jp|s(?:o(?:\.(?:eu\.org|[mn]c|bj|ci|dz|fr|gp|ht|km|re)|ciat(?:ion\.(?:museum|aero)|es))|a(?:ssination\.museum|bu\.hokkaido\.jp)|(?:isi\.museu|\.k)m|edic\.fr|n\.lk)|h(?:(?:i(?:ya\.(?:fukuoka|hyogo)|betsu\.hokkaido|kaga\.tochigi)|oro\.hokkaido)\.jp|gabad\.su)|(?:k(?:[oø]y|voll|er|im)|eral)\.no|t(?:ronomy\.museum|i\.it)|n(?:\.(?:au|lv)|es\.no)|coli-?piceno\.it|matart\.museum|[di]a|\.us)?|r(?:t(?:s(?:\.(?:museum|[cr]o|nf|ve)|andcrafts\.museum)|(?:anddesign|gallery|center|deco)\.museum|\.(?:museum|d[oz]|br|ht|pl|sn)|e(?:ducation\.museum|\.bo)?)?|a(?:(?:kawa\.(?:saitama|tokyo)|i\.shizuoka|o\.kumamoto)\.jp|mco|b)|ch(?:aeolog(?:ical|y)\.museum|i(?:tecture\.museum)?)|i(?:d(?:agaw)?a\.wakayam|(?:ake|ta)\.sag)a\.jp|e(?:(?:mark|ndal)\.no|zzo\.it)|\.(?:com|it|us)|boretum\.museum|m(?:enia\.su|y)|(?:dal|na)\.no|khangelsk\.su|q\.br|pa)?|n(?:d(?:r(?:ia(?:-(?:barletta-trani|trani-barletta)|barlettatrani|tranibarletta)\.it|oid)|(?:asuolo|ebu|øy)\.no|o(?:\.nara\.jp|y\.no)|\.museum)|a(?:n(?:\.(?:tokushima|nagano)\.jp|i\.br)|mizu\.ishikawa\.jp|lytics)|n(?:-arbor\.mi\.us|aka\.gunma\.jp|efrank\.museum)|t(?:hro(?:pology)?|iques)\.museum|(?:pachi\.gifu|jo\.aichi)\.jp|(?:cona)?\.it|quan|z)|c(?:\.(?:g(?:ov\.br|n)|l(?:eg\.br|k)|i[dlmnr]|m[aeuwz]|c[inry]|r[suw]|t[hjz]|z[amw]|a[et]|k[er]|n[iz]|p[ar]|s[ez]|u[gk]|be|jp|vn)|c(?:(?:ident-(?:investiga|preven)tion\.ae|t\.p)ro|e(?:sscam\.org|nture)|ountants?)|a(?:dem(?:y(?:\.museum)?|ia\.bo)|\.pro)|t(?:(?:\.edu)?\.au|ive|or)|hi\.nagano\.jp|o)?|i(?:(?:(?:zu(?:(?:wakamatsu|bange)\.fu|mi(?:sato\.fu|\.to))kushim|kawa\.kanagaw)a|(?:betsu\.hokkaid|oi\.hyog)o|s(?:ai\.aichi|ho\.shiga)|nan\.ehime|chi)\.jp|r(?:(?:-(?:traffic-control|surveillance)|(?:craf|por)t|line)\.aero|t(?:raffic\.aero|el)|(?:guard)?\.museum|force|bus)|d\.pl|p\.ee|go?)?|l(?:a(?:(?:bam|sk)a\.museum|headju\.no|nd\.fi)|\.(?:(?:gov|leg)\.br|eu\.org|it|no|us)|pha(?:\.bounty-full|-myqnapcloud)\.com|(?:(?:gard|vdal)\.n|farome)o|t(?:o-?adige\.it|a\.no|\.za)|s(?:t(?:ahaug\.no|om)|ace)|es(?:sandria\.it|und\.no)|l(?:finanz|state|y)|i(?:baba|pay)|waysdata\.net)?|m(?:a(?:(?:kusa\.kumamot|gasaki\.hyog)o|\.(?:shimane|aichi)|mi\.kagoshima)\.jp|e(?:rican(?:(?:a(?:ntiques|rt)?)?\.museum|express|family)|x)|b(?:ulance\.(?:museum|aero)|er\.museum)|(?:(?:li|ot)\.n|usement\.aer)o|(?:sterda(?:m\.museu)?|fa)m|(?:\.(?:gov|leg))?\.br|i(?:\.ibaraki\.jp|ca))?|p(?:p(?:\.(?:os(?:\.stg)?\.fedoraproject\.org|lmpm\.com)|s(?:\.(?:fbsbx\.com|lair\.io)|pot\.com)|l(?:inzi\.com|e)|chizi\.com)?|-(?:south(?:east-[12]|-1)|northeast-[123])\.elasticbeanstalk\.com|\.(?:gov\.(?:br|pl)|leg\.br|it)|ar(?:ecida\.br|tments))|u(?:s(?:t(?:r(?:alia\.museum|heim\.no)|in\.museum|evoll\.no)|post)|t(?:o(?:motive\.museum|\.pl|s)?|hor(?:\.aero)?)|(?:r(?:(?:skog-h[oø])?land|e)|kra)\.no|d(?:i(?:ble|o)?|nedaln\.no)|gustow\.pl|\.eu\.org|ction)?|k(?:(?:a(?:(?:bira\.hokkaid|shi\.hyog)o|iwa\.okayama|gi\.shimane)|i(?:(?:shima|runo)\.tokyo|(?:ta\.aki)?ta|\.kochi)|(?:keshi\.hokkaid|o\.hyog)o|une\.kagoshima)\.jp|(?:noluokta|rehamn)\.no|tyubinsk\.su|\.us|dn)|g(?:r(?:i(?:c(?:ulture\.museum|\.za)|gento\.it|net\.tn)|o\.(?:bo|pl)|ar\.hu|\.br)|e(?:matsu\.nagano\.jp|n(?:ts\.aero|cy))|a(?:(?:no)?\.niigata\.jp|khan)|uni\.okinawa\.jp|denes\.no|\.it)?|b(?:(?:i(?:ra\.hokkaido|ko\.chiba)|eno\.osaka)\.jp|a(?:shiri\.hokkaido\.jp|rth)|u(?:\.yamaguchi\.jp|dhabi)|o(?:\.pa|gado)|r(?:uzzo)?\.it|b(?:ott|vie)?|c(?:\.br)?|khazia\.su|\.ca|le)|t(?:(?:su(?:gi\.kanagawa|ma\.hokkaido)|ami\.shizuoka)\.jp|\.(?:eu\.org|it)|-band-camp\.net|h(?:\.cx|leta)|lanta\.museum|torney|m\.pl|o\.br)?|o(?:(?:(?:ga(?:shima\.toky|ki\.hyog)|ki\.nagan)o|(?:mori\.ao)?mori)\.jp|(?:st(?:a(?:-?valley)?|e))?\.it|l)?|v(?:o(?:cat\.(?:pro|fr)|ues\.fr)|e(?:r[oø]y\.no|llino\.it)|ia(?:tion\.museum|nca)|\.(?:it|tr))|z(?:u(?:re(?:(?:websites|-mobile)\.net|container\.io)?|mino\.nagano\.jp)|erbaijan\.su|\.us)?|e(?:ro(?:(?:batic|drome|club)\.aero|\.(?:mv|tt)|port\.fr)?|(?:\.or)?g|jrie\.no|tna)?|d(?:ac(?:hi\.tokyo\.jp)?|ul(?:t\.h)?t|v\.(?:br|mz)|ygeya\.[rs]u|m\.br|\.jp|s)?|ya(?:(?:gawa\.k|se\.kan)agawa|\.miyazaki|be\.kyoto)\.jp|\.(?:s(?:sl\.fastly\.net|e)|prod\.fastly\.net|bg)|q(?:u(?:ar(?:ium\.museum|elle)|ila\.it)|\.it)?|f(?:rica(?:\.com)?|amilycompany|jord\.no|l)?|a(?:r(?:borte\.no|p)|a(?:\.pro)?|\.no)|w(?:aji\.hyogo\.jp|s)?|x(?:is\.museum|a)?|h\.(?:cn|no)|éroport\.ci|ju\.br)|n(?:a(?:k(?:(?:a(?:g(?:awa\.(?:(?:tokushim|fukuok)a|(?:hokkaid|nagan)o)|usuku\.okinawa|yo\.kyoto)|n(?:o(?:(?:to\.ishikaw|jo\.gunm)a|\.(?:nagan|toky)o)|iikawa\.toyama)|t(?:ombetsu\.hokkaido|ane\.kagoshima|sugawa\.gifu)|m(?:(?:ichi\.yamanas|ura\.koc)hi|a\.fukuoka)|(?:yama\.yamagat|i\.kanagaw)a|\.(?:hiroshima|ibaraki)|satsunai\.hokkaido|domari\.aomori)|ijin\.okinawa)\.jp|lo\.pl)|g(?:(?:a(?:(?:r(?:eyam)?a\.chib|hama\.shig|i\.yamagat)a|s(?:(?:aki\.nagas)?aki|u\.kumamoto)|no(?:(?:\.nagano)?|hara\.gunma)|to(?:\.yamaguchi|ro\.saitama)|oka(?:kyo\.kyoto|\.niigata)|wa\.nagano)|i(?:so\.nagano|\.okayama))\.jp|o(?:\.okinawa\.jp|ya))|t(?:u(?:r(?:a(?:l(?:(?:history(?:museum)?|sciences)\.museum|\.bo))?|(?:historisches|e)\.museum|bruksgymn\.se)|urwetenschappen\.museum)|i(?:on(?:al(?:firearms|heritage)?\.museum|wide)|veamerican\.museum)|ori\.miyagi\.jp|al\.br|\.tn)|n(?:(?:(?:(?:go\.fukushi|moku\.gun)m|yo\.yamagat|jo\.okinaw)a|(?:bu\.(?:yamanash|tottor)|koku\.koch)i|a(?:e\.hokkaido|o\.ishikawa)|t(?:an\.kyoto|o\.toyama)|poro\.hokkaido)\.jp|nestad\.no)|m(?:e(?:(?:ga(?:ta\.ibaraki|wa\.saitama)|rikawa\.toyama)\.jp|\.(?:m[kvy]|t[jrt]|[hp]r|e[gt]|n[ag]|az|cy|jo|qa|vn))?|i(?:e\.fukushima|kata\.ehime)\.jp|(?:s(?:skogan|os)|dalseid)\.no)|(?:(?:chikatsuura\.wakayam|oshima\.kagaw)a|ha(?:\.okinawa|ri\.kochi)|su(?:shiobara)?\.tochigi|(?:yoro|ie)\.hokkaido)\.jp|r(?:(?:u(?:sawa\.yamanashi|to\.tokushima)|a(?:shino\.chiba|(?:\.nara)?)|ita\.chiba)\.jp|(?:vi(?:ika|k)|oy)\.no)|v(?:(?:igation\.aer|uotna\.n)o|al\.museum|oi\.su|y)|u(?:mburg\.museum|stdal\.no)|(?:p(?:les|oli))?\.it|b(?:ari\.mie\.jp)?|amesjevuemie\.no|lchik\.[rs]u|dex)?|o(?:(?:(?:s(?:e(?:gawa\.nar|\.osak)|hiro\.akit)|noichi\.ishikaw)a|b(?:oribetsu\.hokkaido|eoka\.miyazaki)|g(?:ata\.fukuoka|i\.tochigi)|zawaonsen\.nagano)\.jp|m(?:\.(?:a[defgil]|g[delt]|p[aelw]|n[ciu]|r[eos]|[qz]a|c[lo]|k[em]|m[gk]|s[it]|t[jm]|u[gy]|v[cg]|es|fr|hn|im|li)|i\.ishikawa\.jp|bre\.bo|e\.pt)|r(?:(?:d(?:-(?:(?:aur|o)dal|fron)|re(?:-land|isa)|kapp|dal)|e-og-uvdal)\.no|t(?:h(?:-kazakhstan\.su|westernmutual|\.museum)|on)|folk\.museum)|t(?:o(?:(?:gawa\.shig|\.ishikaw)a\.jp|dden\.no)|(?:icias\.b|teroy\.n)o|aires\.(?:fr|km)|\.br)|w(?:-dns\.(?:net|org|top)|aruda\.pl|\.sh|ruz|tv)?|-ip\.(?:c(?:o\.uk|a)|info|biz|net|org)|d(?:a\.(?:chiba|iwate)\.jp|um\.[ci]o)|h(?:o(?:st\.me|\.st)|eji\.aomori\.jp)|\.(?:eu\.org|com|it)|v(?:\.[rs]u|ara\.it)|ip\.(?:me|us)|kia)?|i(?:s(?:hi(?:(?:a(?:(?:wakura\.okaya|izu\.fukushi)m|(?:rita\.sa|zai\.shi)g)|(?:\.(?:fukuo|osa)|izu\.shizuo)k|go\.fukushim)a|ka(?:t(?:sura\.yamanash|a\.tochig)i|wa\.yamagata)|no(?:omote\.kagoshima|shima\.shimane|miya\.hyogo)|(?:mera\.miyazak|tosa\.koch)i|o(?:koppe\.hokkaido|\.aichi)|hara\.(?:kumamoto|okinawa)|waki\.hyogo)\.jp|s(?:hin\.aichi\.jp|edal\.no|a[ny])|\.za)|(?:i(?:(?:(?:mi\.okay|za\.sait)am|(?:gata\.nii)?gat)a|kappu\.hokkaido|hama\.ehime)|(?:rasaki\.yamanas|yodogawa\.koc)hi)\.jp|k(?:(?:i\.hokkaido|ko\.tochigi|aho\.akita)\.jp|o(?:laev\.ua|n)|e)|c(?:hinan\.(?:miyazak|tottor)i\.jp|\.(?:in|tj)|o)|n(?:o(?:miya\.kanagawa|he\.iwate)\.jp|ja)|e(?:ruchomosci\.pl|pce\.museum)|t(?:tedal\.no|eroi\.br)|d\.io)?|e(?:t(?:\.(?:e(?:[ct]|(?:u\.or)?g)|m[aeklostuvwxyz]|p[aehklnrsty]|s[abcdghloty]|a[cefgilruz]|b[abhmorstz]|g[eglnprtuy]|t[hjmnortw]|c[imnouwy]|i[dlmnqrs]|l[abckrvy]|k[ginyz]|n[fgirz]|v[ceinu]|u[akyz]|d[moz]|h[knt]|j[eo]|r[uw]|z[am]|om|qa|ws)|(?:-freaks|lify)\.com|(?:ban|wor)k|flix)?|w(?:(?:jersey|mexico|port|york)\.museum|h(?:ampshire\.museum|olland)|s(?:paper\.museum|\.hu)?)?|(?:s(?:\.(?:akershus|buskerud)|odd(?:tang)?en|se(?:by|t)|na)|dre-eiker)\.no|(?:muro\.hokkaido|yagawa\.osaka)\.jp|(?:braska\.museu|at-url\.co)m|r(?:ima\.tokyo\.jp|dpol\.ovh)|\.(?:k[er]|u[gs]|jp|pw|tz)|u(?:es\.museum|star)|x(?:(?:tdirec)?t|us)|c)?|y(?:m\.(?:l[acitu]|m[enx]|s[kux]|[kn]z|b[yz]|g[ry]|p[et]|ie|ro|tw)|c(?:\.m(?:useum|n))?|uzen\.toyama\.jp|ny\.museum|sa\.pl|\.us)|u(?:ma(?:ta\.(?:hokkaido|gunma)|zu\.shizuoka)\.jp|(?:ern|rem)berg\.museum|\.(?:ca|it)|oro\.it)?|(?:(?:(?:øtte|æ)røy|ååmesjevuemie|ávuotna)\.n|4t\.c)o|t(?:\.(?:(?:edu\.)?au|[nr]o|ca)|dll\.top|r\.br|t)|g(?:o(?:\.(?:lk|ph|za))?|\.eu\.org|rok\.io)?|h(?:(?:(?:-serv\.co|s)\.u)?k|lfan\.net|\.us)|s(?:w(?:\.edu)?\.au|update\.info|n\.us|\.ca)|f(?:l(?:fan\.org)?|shost\.com|\.ca)?|l(?:\.(?:eu\.org|ca|no))?|r(?:w(?:\.museum)?|a)?|c(?:\.(?:tr|us))?|z(?:\.eu\.org)?|m\.(?:cn|us)|\.(?:bg|se)|b(?:\.c)?a|[djv]\.us|x\.cn)|c(?:[gmwx]|o(?:m(?:\.(?:s[abcdeghlnotvy]|b[abhimorstyz]|m[gklostuvwxy]|g[ehilnprtuy]|p[aefhklrsty]|a[cfgilruwz]|c[imnouwy]|l[abckrvy]|t[jmnortw]|k[gimpyz]|e[cegst]|n[afgir]|v[ceinu]|d[emoz]|h[knrt]|i[moqs]|r[eouw]|u[agyz]|[oz]m|fr|jo|qa|ws)|m(?:uni(?:cations?\.museum|ty(?:\.museum)?)|bank)|p(?:uter(?:(?:history)?\.museum)?|a(?:ny|re))|unicações\.museum|(?:o\.i|cas)t|sec)?|n(?:t(?:emporary(?:art)?\.museum|r(?:ol\.aero|actors)|a(?:gem\.br|ct))|s(?:ul(?:t(?:ing(?:\.aero)?|ant\.aero)|ado\.st)|truction)|f(?:erence\.aero|\.(?:au|lv))|vent\.museum|dos)|\.(?:c(?:[ailrz]|o?m)|k(?:rd?|e)|i[dlmnrt]|m[aeguwz]|n[ailoz]|t[hjmtz]|u[agksz]|a[egot]|b[biw]|g[gly]|p[lnw]|z[amw]|j[ep]|l[cs]|r[sw]|s[tz]|v[ei]|dk|hu|om)|l(?:o(?:(?:nialwilliamsburg|radoplateau)\.museum|gne)|le(?:ge(?:fan\.org)?|ction\.museum)|(?:umb(?:ia|us)|dwar)\.museum)|u(?:n(?:t(?:ry(?:estate\.museum)?|y\.museum)|cil\.aero)|chpotatofries\.org|pons?|rses)|o(?:p(?:\.(?:[ht]t|m[vw]|br|km|py)|erativa\.bo)?|king(?:channel)?|l)|r(?:(?:reios-e-telecomunicações|poration|vette)\.museum|sica)|a(?:(?:staldefence|l)\.museum|ch)|d(?:es(?:pot\.com)?|y\.museum)|s(?:tume\.museum|enza\.it)|penhagen\.museum|g\.mi\.us|ffee)?|h(?:i(?:(?:ku(?:s(?:hino\.fukuoka|ei\.ibaraki)|ho(?:ku\.nagano|\.fukuoka)|(?:[gj]o|zen)\.fukuoka|ma\.nagano)|(?:hayaakasaka\.osak|gasaki\.kanagaw|b)a|(?:jiwa\.nagasak|zu\.tottor)i|t(?:ose\.hokkaido|a\.aichi)|yoda\.(?:gunma|tokyo)|ppubetsu\.hokkaido)\.jp|r(?:urgiens-dentistes(?:-en-france)?\.fr|opractic\.museum|yu\.aichi\.jp)|c(?:hibu\.saitama\.jp|ago\.museum)|ldren(?:s(?:garden)?)?\.museum|n(?:o\.nagano\.jp|tai)|mkent\.su|eti\.it)|a(?:m(?:pionship\.aero|bagri\.fr)|n(?:nel(?:sdvr\.net)?|el)|t(?:tanooga\.museum)?|r(?:ter\.aero|ity)|se)|e(?:r(?:n(?:i(?:(?:go|hi)v|vtsi)|ovtsy)|kas?sy)\.ua|(?:sapeakebay|ltenham)\.museum|ap)|u(?:o\.(?:(?:(?:fukuo|osa)k|chib)a|yamanashi|tokyo)\.jp|ng(?:buk|nam)\.kr|rch)|o(?:(?:(?:yo\.kumamot|fu\.toky)o|(?:s[eh]i|nan)\.chiba)\.jp|colate\.museum)|r(?:ist(?:iansburg\.museum|mas)|ysler|ome)|\.(?:eu\.org|it)|tr\.k12\.ma\.us)?|a(?:r(?:r(?:ara-?massa\.it|ier\.museum)|t(?:oonart\.museum|ier)|bonia-?iglesias\.it|e(?:ers?)?|go\.aero|avan|d?s)?|m(?:p(?:i(?:na(?:grande|s)\.br|dano-?medio\.it)|(?:obasso|ania)\.it)?|bridge\.museum|dvr\.org|\.it|era)?|s(?:a(?:delamoneda\.museum|cam\.net)?|t(?:res|le)\.museum|e(?:rta\.it|ih)?|ino(?:\.hu)?|h)|l(?:(?:(?:tanissett|abri)a)?\.it|ifornia\.museum|vinklein|l)?|(?:-central-1\.elasticbeanstalk\.co|daques\.museu)m|t(?:an(?:zaro|ia)\.it|ering(?:\.aero)?|holic)?|p(?:e(?:breton\.museum|town)|ital(?:one)?)|n(?:(?:ada)?\.museum|cerresearch|on)|(?:hcesuolo\.n|a\.aer)o|\.(?:eu\.org|it|na|us)|b(?:le-modem\.org)?|gliari\.it|xias\.br|fe)?|l(?:o(?:ud(?:(?:(?:f(?:unctions|ront)|ycluster|eity)\.ne|a(?:ccess\.(?:hos|ne)|pp\.ne))t|ns\.(?:c(?:lub|c)|in(?:fo)?|p(?:ro|w)|asia|biz|org|eu|us)|\.(?:(?:fedoraproject\.or|goo)g|metacentrum\.cz)|control(?:app|led)\.com|66\.ws)?|ck\.museum|thing)|i(?:n(?:ton\.museum|i(?:que|c))|ck)|ub(?:\.(?:aero|tw)|med)?|e(?:verapps\.io|aning)|a(?:n\.rip|ims)|\.it)?|i(?:vil(?:(?:i[sz]ation|war)\.museum|aviation\.aero)|s(?:co(?:freak\.com)?|tron\.nl)|t(?:y(?:\.hu|eats)?|adel|ic?)|n(?:cinnati|ema)\.museum|e(?:ncia\.bo|szyn\.pl)|rc(?:us\.museum|le)|priani|m\.br|\.it)?|u(?:st(?:om(?:er\.(?:speedpartner\.de|enonic\.io)|\.metacentrum\.cz)|\.(?:d(?:isrec|ev)|testing|prod)\.thingdust\.io)|ltur(?:al(?:center)?|e)\.museum|i(?:aba\.br|sinella)|ritiba\.br|pcake\.is|neo\.it)?|r(?:e(?:dit(?:union|card)?|ation\.museum|mona\.it|w\.aero)|a(?:ft(?:s\.museum|ing\.xyz)|nbrook\.museum)|i(?:\.(?:br|nz)|mea\.ua|cket)|o(?:tone\.it|wn)|\.(?:it|ua)|uises?|s)?|c(?:\.(?:(?:m[adeinost]|a[klrsz]|i[adln]|w[aivy]|c[aot]|o[hkr]|v[ait]|[hr]i|d[ce]|g[au]|k[sy]|p[ar]|s[cd]|t[nx]|fl|la)\.us|n(?:[cdehjmvy]\.us|a)|u(?:t\.us|a))|i\.fr)?|e(?:[bo]|r(?:t(?:ification\.aero|mgr\.org)|n)|(?:ltic\.museu|chire\.co)m|\.(?:(?:gov|leg)\.br|it)|nter(?:\.museum)?|sena-?forlì?\.it)|n(?:(?:-north-1\.eb\.amazonaws\.com\.c|py\.gd)n|\.(?:eu\.org|com|it|ua)|[gt]\.br)?|y(?:o(?:n\.(?:link|site)|u)|(?:\.eu\.or|a\.g)g|mru(?:\.museum)?|ber\.museum)?|z(?:\.(?:eu\.org|it)|e(?:ladz|st)\.pl)?|\.(?:(?:cdn77\.or|b)g|la|se)|d(?:n77-ssl\.net|\.eu\.org)?|b(?:[ans]|g\.ru|\.it|re)|t\.(?:it|us)|s(?:\.it|c)|v(?:\.ua)?|pa\.pro|66\.me|f[ad]?|k\.ua|q\.cn)|h(?:i(?:(?:(?:gashi(?:(?:(?:hiroshima\.hiroshi|chichibu\.saita|agatsuma\.gun)m|\.(?:fuku(?:shim|ok)|okinaw)|n(?:aruse\.aki|e\.yamaga)t|o(?:saka\.osak|mi\.shig))a|k(?:a(?:g(?:ura\.hokkaido|awa\.kagawa)|wa\.hokkaido)|urume\.tokyo)|y(?:o(?:dogawa\.osak|shino\.nar)a|ama(?:to\.toky|\.kyot)o)|m(?:atsu(?:shima\.miyagi|yama\.saitama)|urayama\.tokyo)|s(?:umiyoshi\.osaka|hirakawa\.gifu)|izu(?:mo\.shimane|\.shizuoka)|(?:tsuno\.ko|ura\.ai)chi)|r(?:a(?:(?:t(?:suka\.kanagaw|a\.fukushim)|kata\.osak|ra\.okinaw)a|(?:do\.nagasak|nai\.aomor)i|izumi\.iwate|ya\.nagano)|o(?:(?:gawa\.wakayam|kawa\.fukuok)a|no\.(?:fukushima|iwate)|s(?:aki\.aomori|hima)|o\.hokkaido))|k(?:a(?:ri\.yamaguchi|wa\.shimane)|imi\.shimane|one\.shiga)|da(?:ka\.(?:(?:wakay|sait)ama|hokkaido|kochi)|\.gifu)|no(?:(?:hara|de)\.tokyo|\.to(?:ttori|kyo))|m(?:e(?:shima\.oita|ji\.hyogo)|i\.toyama)|(?:oki\.kagoshim|zen\.sag|ji\.oit)a)\.j|pho)p|s(?:to(?:r(?:i(?:c(?:al(?:society)?|houses)|sch(?:es)?)|y(?:ofscience)?)|ire)\.museum|a(?:yama\.fukuoka\.jp|mitsu))|t(?:a(?:chi(?:(?:(?:o(?:miy|t)|nak)a)?\.ibaraki\.jp)?|\.oita\.jp)|ra\.no)|c(?:hiso\.gifu\.jp|am\.net)|\.(?:cn|us)|v)|a(?:(?:k(?:u(?:(?:san|i)\.ishikawa|ba\.nagano)|o(?:date\.hokkaido|ne\.kanagawa)|ata\.fukuoka)|chi(?:(?:oji|jo)\.tokyo|rogata\.akita|nohe\.aomori)|ya(?:kawa\.yamanashi|shima\.okayama)|ebaru\.okinawa|zu\.aichi)\.jp|m(?:a(?:(?:t(?:onbetsu\.hokkaido|ama\.saga)|matsu\.shizuoka|da\.shimane)\.jp|r(?:oy)?\.no)|m(?:arfeasta|erfest)\.no|burg(?:\.museum)?|-radio-op\.net|ura\.tokyo\.jp)|n(?:(?:a(?:m(?:igawa\.chiba|aki\.iwate)|wa\.fukushima)|(?:n(?:o\.saitam|an\.osak)|yu\.saitam)a)\.jp|d(?:a\.aichi\.jp|son\.museum)|g(?:gliding\.aero|out))|s(?:h(?:i(?:m(?:oto\.wakayama|a\.gifu)|kami\.aomori)\.jp|bang\.sh)|u(?:ra(?:-app\.io|\.app)|da\.saitama\.jp)|am(?:i\.nagasaki|a\.oita)\.jp|vik\.no)|r(?:a(?:\.nagano\.jp|m\.no)|vestcelebration\.museum|(?:sta|ei)d\.no|ima\.hyogo\.jp)|t(?:(?:o(?:gay|yam)a\.saita|sukaichi\.hiroshi)ma\.jp|tfjelldal\.no)|b(?:(?:oro\.hokkaido|ikino\.osaka)\.jp|mer\.no)|g(?:(?:i\.yamaguch|a\.tochig)i\.jp|ebostad\.no)|l(?:loffame\.museum|(?:den|sa)\.no|f\.host)|d(?:ano\.kanagawa\.jp|sel\.no)|p(?:pou\.akita\.jp|mir\.no)|i(?:bara\.shizuoka\.jp|r)|u(?:gesund\.no|s)|waii\.museum|\.(?:cn|no))|o(?:me(?:s(?:e(?:curity(?:ma|p)c\.com|nse))?|lin(?:ux\.(?:com|net|org)|k\.one)|unix\.(?:com|net|org)|d(?:ns\.org|epot)|ftp\.(?:net|org)|office\.gov\.uk|-webserver\.de|\.dyndns\.org|built\.aero|ip\.net|goods)|n(?:(?:(?:j(?:o\.(?:saitam|akit)|yo\.akit)|go\.hiroshim)a|betsu\.hokkaido|ai\.ehime)\.jp|e(?:foss\.no|ywell)|da)|k(?:u(?:to\.(?:yamanashi|hokkaido)|ryu\.hokkaido)\.jp|k(?:aido\.jp|sund\.no))|r(?:o(?:(?:kanai|nobe)\.hokkaido\.jp|logy\.museum)|(?:nindal|ten)\.no|se)|l(?:(?:mestrand|t[aå]len|e)?\.no|dings|iday)|s(?:t(?:ing(?:-cluster\.nl)?)?|pital)|b(?:by-site\.(?:com|org)|[oø]l\.no)|t(?:el(?:\.(?:hu|lk|tz)|e?s)|mail)?|f(?:u\.yamaguchi\.jp|\.no)|y(?:landet|anger)\.no|use(?:\.museum)?|pto\.(?:org|me)|ckey|w)|e(?:r(?:o(?:y\.(?:more-og-romsdal|nordland)\.no|ku(?:app|ssl)\.com)|(?:øy\.(?:møre-og-romsdal|nordland)|ad)\.no|e(?:-for-more\.info)?|itage\.museum|mes)|alth(?:\.(?:museum|nz|vn)|-carereform\.com|care)?|m(?:bygdsforbund\.museum|(?:sedal|nes?)\.no)|l(?:sinki(?:\.museum)?|las\.museum|p)|(?:kinan\.aichi|guri\.nara)\.jp|imatunduhren\.museum|pforge\.org|\.cn)|(?:(?:ø(?:y(?:landet|anger)|nefoss)|á(?:(?:bme|pmi)r|mmárfeasta)|j(?:elmeland|artdal)|ægebostad|valer|å)\.n|zc\.i)o|u(?:\.(?:eu\.org|com|net)|issier-justice\.fr|manities\.museum|r(?:dal|um)\.no|ghes)?|y(?:u(?:ga\.miyazaki\.jp|ndai)|llestad\.no|ogo\.jp|att)|k(?:\.(?:c(?:om|n)|org)|t)?|b(?:\.c(?:ldmail\.ru|n)|o)|r(?:\.eu\.org)?|dfc(?:bank)?|l\.(?:cn|no)|s(?:\.kr|bc)|\.(?:bg|se)|(?:n\.c)?n|m(?:\.no)?|gtv|t)|i(?:[oq]|s(?:-(?:a(?:-(?:(?:(?:h(?:ard-work|unt)e|financialadviso)r|d(?:e(?:mocrat|signer)|octor)|t(?:e(?:acher|chie)|herapist)|r(?:epublican|ockstar)|n(?:ascarfan|urse)|anarchist|musician)\.com|c(?:(?:(?:ubicle-sla|onservati)ve|pa)\.com|a(?:ndidate\.org|terer\.com)|hef\.(?:com|net|org)|elticsfan\.org)|l(?:i(?:ber(?:tarian|al)\.com|nux-user\.org)|(?:a(?:ndscap|wy)er|lama)\.com)|p(?:(?:ersonaltrain|hotograph|lay)er\.com|a(?:inter\.com|tsfan\.org))|b(?:(?:(?:ookkeep|logg)er|ulls-fan)\.com|ruinsfan\.org)|s(?:o(?:cialist\.com|xfan\.org)|tudent\.com)|g(?:eek\.(?:com|net|org)|(?:reen|uru)\.com)|knight\.org)|n-(?:a(?:c(?:t(?:ress|or)|countant)|(?:narch|rt)ist)|en(?:tertain|gine)er)\.com)|(?:into-(?:(?:car(?:toon)?|game)s|anime)|(?:(?:not-)?certifie|with-theban)d|uberleet|gone)\.com|(?:very-(?:(?:goo|ba)d|sweet|evil|nice)|found)\.org|s(?:aved\.org|lick\.com)|l(?:eet\.com|ost\.org)|by\.us)|(?:hi(?:ka(?:w(?:a\.(?:fukushim|okinaw))?a|ri\.hokkaido)|nomaki\.miyagi|gaki\.okinawa)|umi\.chiba)\.jp|a(?:-(?:geek\.(?:com|net|org)|hockeynut\.com)|\.(?:kagoshima\.jp|us)|haya\.nagasaki\.jp)|e(?:(?:(?:(?:n\.kagoshi|saki\.gun)m|hara\.kanagaw)a|\.mie)\.jp|(?:rnia\.i|lec)t)|s(?:marterthanyou\.com|hiki\.aichi\.jp)|t(?:(?:eingeek|mein)\.de|anbul)?|l(?:eofman\.museum|a\.pr)|\.(?:eu\.org|gov\.pl|it)|maili)?|n(?:(?:a(?:(?:(?:mi\.(?:waka|to)ya|washiro\.fukushi)m|tsuki\.fukuok)a|(?:shiki\.ibarak|zawa\.aich)i|\.(?:ibaraki|saitama|nagano)|g(?:awa\.hyog|i\.toky)o|be\.mie)|(?:uyama\.ai|o\.ko)chi|zai\.chiba|e\.kyoto)\.jp|t(?:e(?:r(?:n(?:et-dns\.de|ational)|active\.museum)|l(?:ligence\.museum)?)|\.(?:eu\.org|a[rz]|c[io]|l[ak]|m[vw]|r[uw]|t[jt]|v[en]|bo|is|ni|pt)|l\.tn|uit)?|f(?:o(?:\.(?:n[afir]|t[nrtz]|a[tuz]|p[klr]|b[bo]|c[ox]|e[ct]|h[tu]|k[ei]|v[en]|gu|la|mv|ro|sd|zm))?|\.(?:br|cu|mk|ua)|initi)|d(?:i(?:an(?:a(?:polis)?|market)?\.museum|gena\.bo)|\.(?:[it]n|br|gt)|ustri(?:a\.bo|es)|er[oø]y\.no)|\.(?:n(?:[ai]|et)|eu\.org|u[as]|rs|th)|s(?:ur(?:ance(?:\.aero)?|e)|titute)|-(?:the-band\.net|addr\.arpa)|g(?:atlan\.hu|\.pa)?|c(?:heon\.kr|\.hk)?|vestments|k)?|w(?:a(?:t(?:(?:suki\.saitam|a\.shizuok)a|(?:e\.iwat)?e)|k(?:u(?:ni\.yamagu|ra\.ai)chi|i\.fukushima)|m(?:izawa\.hokkaido|a\.ibaraki)|n(?:ai\.hokkaido|uma\.miyagi)|fune\.tochigi|de\.wakayama|izumi\.iwate)\.jp|i\.nz|c)|t(?:a(?:(?:k(?:o\.ibaraki|ura\.gunma)|(?:bashi\.toky|mi\.hyog)o|yanagi\.aomori|no\.tokushima)\.jp|u)|o(?:igawa\.niigat|man\.okinaw|\.shizuok)a\.jp|\.(?:eu\.org|ao)|s\.me|v)?|c(?:[eu]|hi(?:ka(?:wa(?:\.(?:chiba|hyogo)|misato\.yamanashi)|i\.tochigi)|no(?:miya\.(?:aichi|chiba)|(?:seki|he)\.iwate)|(?:ba\.tokushim|hara\.chib)a)\.jp|\.gov\.pl|bc)|k(?:(?:eda\.(?:(?:hokkaid|nagan)o|fukui|osaka|gifu)|usaka\.nagano|oma\.nara)\.jp|a(?:(?:(?:ruga\.nar|wa\.akit)a|ta\.ehime)\.jp|no)|i\.(?:nagasaki\.jp|fi))|z(?:(?:u(?:m(?:i(?:(?:otsu|sano)\.osak|\.(?:kagoshim|osak)|zaki\.fukushim)a|o(?:zaki\.niigata|\.shimane))|(?:nokuni)?\.shizuoka)|ena\.okinawa)\.jp|\.hr)|m(?:a(?:(?:kane\.hokkaido|bari\.ehime|ri\.saga)\.jp|geandsound\.museum|mat)|izu\.toyama\.jp|(?:peria)?\.it|mo(?:bilien)?|b\.br|db)?|(?:i(?:zu(?:ka\.fukuoka|na\.nagano)|d(?:e\.yamagata|a\.nagano)|(?:ji|ya)ma\.nagano|tate\.fukushima)|heya\.okinawa|yo\.ehime)\.jp|b(?:(?:ara(?:ki(?:\.(?:ibaraki|osaka))?|\.okayama)|igawa\.gifu)\.jp|estad\.no|m)|d(?:\.(?:l[vy]|au|ir|us)|e\.kyoto\.jp|v\.(?:hk|tw)|rett\.no|f\.il)?|l(?:lustration\.museum|\.(?:eu\.org|us)|ovecollege\.info|awa\.pl)?|v(?:ano(?:-frankivsk\.ua|vo\.su)|(?:e(?:land\.n|c)|gu\.n)o)|r(?:(?:aq|on)\.museum|uma\.saitama\.jp|is(?:\.arpa|h))?|p(?:i(?:fony\.net|ranga)|6\.arpa)|a(?:mallama\.com|\.us)|glesias-?carbonia\.it|e(?:\.eu\.org|ee)?|\.(?:[bn]g|ph|se)|f(?:\.ua|m)|234\.me)|b(?:[fw]|a(?:r(?:sy(?:\.(?:s(?:upport|hop|ite)|m(?:e(?:nu)?|obi)|i(?:n(?:fo)?|o)|c(?:o\.uk|lub)|o(?:nline|rg)|p(?:ro|ub)|net|bg|de|eu|uk)|online\.co(?:\.uk|m)|center\.com)|(?:(?:letta(?:-trani-|trani)andria|i)\.i|efoo)t|c(?:elona(?:\.museum)?|lay(?:card|s))|re(?:l?l-of-knowledge\.info|au\.bj)|u(?:eri\.br|m\.no)|(?:du\.n|\.pr)o|gains)?|l(?:s(?:an(?:-su[ë]?dtirol)?\.it|fjord\.no)|l(?:ooning\.aer|angen\.n)o|e(?:strand\.no|\.museum)|a(?:shov\.su|t\.no)|timore\.museum)|s(?:e(?:ball(?:\.museum)?|l\.museum)|(?:ilicata)?\.it|hkiria\.[rs]u|ketball)|n(?:d(?:(?:ai\.fukushima|o\.ibaraki)\.jp)?|a(?:narepublic|mex)|k)|t(?:o\.tochigi\.jp|hs\.museum|sfjord\.no)|(?:(?:jddar|mble)\.n|ckplaneapp\.i)o|h(?:c?cavuotna\.no|n\.museum)|da(?:joz\.museum|ddja\.no)|\.(?:(?:gov|leg)\.br|it)|u(?:ern\.museum|haus)|b(?:ia-gora\.pl|y)|id(?:ar\.no|u)|ghdad\.museum|yern)?|o(?:l(?:(?:zano(?:-altoadige)?|ogna)\.it|dlygoingnowhere\.org|eslawiec\.pl|ivia\.bo|t\.hu)|t(?:an(?:ic(?:al(?:garden)?|garden)|y)\.museum)?|u(?:n(?:ty-full\.com|ceme\.net)|tique)|\.(?:(?:nordland|telemark)\.no|it)|s(?:t(?:on(?:\.museum)?|ik)|ch)|zen(?:-su[ë]?dtirol)?\.it|o(?:k(?:ing)?|mla\.net)?|a(?:vista\.br|ts)|(?:d[oø]|kn)\.no|n(?:n\.museum|d)|x(?:fuse\.io)?|m(?:lo\.no)?|ehringer|fa)?|i(?:z(?:\.(?:p[klr]|t[jrt]|a[tz]|m[vw]|n[ir]|bb|cy|dk|et|id|ki|ua|vn|zm)|en\.okayama\.jp)?|r(?:(?:thplace|dart)\.museum|atori\.hokkaido\.jp|kenes\.no|\.ru)|e(?:l(?:awa\.pl|la\.it)|i\.hokkaido\.jp|szczady\.pl|v[aá]t\.no)|b(?:ai\.hokkaido\.jp|le(?:\.museum)?)|(?:l(?:bao|l)\.museu|tballoon\.co)m|(?:fuka|horo)\.hokkaido\.jp|al(?:owieza|ystok)\.pl|n(?:dal\.no|go?)|o(?:\.br)?|\.it|ke|d)?|r(?:o(?:(?:wsersafetymark\.i|nnoy(?:sund)?\.n)o|ke(?:r(?:\.aero)?|-it\.net)|ad(?:cast\.museum|way)|ther)|u(?:ssel(?:s(?:\.museum)?|\.museum)|(?:xelles|nel)\.museum|munddal\.no)|a(?:nd(?:ywinevalley\.museum|\.se)|sil(?:\.museum|ia\.me)|desco)|i(?:(?:tish(?:columbia)?|stol)\.museum|ndisi\.it|dgestone)|e(?:manger\.no|scia\.it)|y(?:ansk\.su|ne\.no)|ønnøy(?:sund)?\.no|\.(?:com|it))?|e(?:r(?:g(?:(?:en)?\.no|bau\.museum|amo\.it)|l(?:in(?:\.museum)?|ev[aå]g\.no)|(?:keley|n)\.museum)|a(?:r(?:alv[aá]hki|du)\.no|u(?:xarts\.museum|ty)|ts)|l(?:l(?:evue\.museum|uno\.it)|(?:em\.b|\.t)r|au\.pw)|t(?:a(?:\.bounty-full|inabox)\.com|ter-than\.tv)?|e(?:ldengeluid\.museum|p\.pl|r)|s(?:t(?:buy)?|kidy\.pl)|n(?:evento\.it|tley)|ppu\.oita\.jp|\.eu\.org|dzin\.pl|iarn\.no)?|l(?:o(?:g(?:s(?:pot\.(?:c(?:[afhlvz]|o(?:m(?:\.(?:e[egs]|a[ru]|b[ry]|c[oy]|mt|ng|tr|uy))?|\.(?:i[dl]|at|ke|nz|uk|za)))|m[dkrxy]|s[egikn]|b[aegj]|i[enst]|r[eosu]|a[elm]|h[kru]|l[itu]|[gk]r|d[ek]|f[ir]|n[lo]|p[et]|t[dw]|jp|qa|ug|vn)|ite\.(?:org|xyz)|yte\.com)|dns\.(?:com|net|org)|\.b[or])?|xcms\.com|ckbuster|omberg)|a(?:ck(?:baudcdn\.net|friday)?|nco)|\.it|ue)|u(?:n(?:go(?:takada|ono)\.oita|kyo\.tokyo)\.jp|s(?:(?:hey)?\.museum|an\.kr|iness)|lsan(?:-su[ë]?dtirol)?\.it|ild(?:ing\.museum|ers)?|z(?:en\.fukuoka\.jp|z)|d(?:ejju\.no|apest)|y(?:shouses\.net)?|rghof\.museum|khara\.su|gatti|\.no)|(?:á(?:(?:jdda|idá)r|hc?cavuotna|lát)|ø(?:\.(?:nordland|telemark)|mlo)|å(?:tsfjord|dåddjå)|ærum)\.no|y(?:(?:dgoszcz|tom)\.pl|(?:gland|kle)\.no|en\.site)?|j(?:(?:ark[oø]y|erkreim|ugn)\.no|\.cn)?|\.(?:s(?:sl\.fastly\.net|e)|b[gr])|m(?:[sw]|oattachments\.org|d\.br)?|c(?:[gn]|i\.dnstrace\.pro|\.ca)|n(?:pparibas|r\.la|\.it|l)|g(?:\.(?:eu\.org|it))?|placed\.(?:com|net|de)|b(?:[ct]|s\.tr|va)?|h(?:z\.br|arti)?|s(?:b\.br|\.it)?|z(?:\.it|h)?|(?:t\.i)?t|v(?:\.nl)?|d\.se)|o(?:r(?:g(?:\.(?:m[aegklnostuvwxyz]|s[abcdeghlnotvyz]|b[abhimorstwz]|g[eghilnprtuy]|p[aefhklnrsty]|a[cefgilruz]|l[abckrsvy]|k[gimnpyz]|t[jmnortw]|c[inouwy]|i[lmnqrs]|e[cegst]|n[agirz]|u[agkyz]|v[ceinu]|h[kntu]|d[moz]|r[osu]|z[amw]|j[eo]|om|qa|ws)|anic)?|\.(?:c[ir]|i[dt]|k[er]|t[hz]|u[gs]|at|bi|jp|mu|na|pw)|(?:k(?:anger|dal)|s(?:kog|ta)|land)\.no|a(?:\.gunma\.jp|(?:cl|ng)e)|egon(?:trail)?\.museum|i(?:stano\.it|gins))|s(?:a(?:k(?:i(?:kamijima\.hiroshima|\.miyagi)\.jp|a(?:(?:sayama\.osaka)?\.jp)?)|sco\.br)|t(?:r(?:o(?:w(?:wlkp|iec)|(?:lek|d)a)\.pl|e-toten\.no)|er[oø]y\.no)|h(?:i(?:ma\.(?:yamaguchi|tokyo)|no\.yamanashi)|u\.iwate)\.jp|(?:\.h(?:ordaland|edmark)|(?:[oø]yr|l)o)\.no|e(?:to\.nagasaki\.jp|n\.no))|t(?:a(?:(?:k(?:i\.(?:(?:saitam|chib)a|nagano)|e\.hiroshima)|r(?:u\.hokkaid|i\.nagan)o|\.(?:gunma|tokyo)|ma\.fukushima)\.jp|go\.museum)|su(?:k(?:i\.(?:yamanas|koc)hi\.jp|a)|(?:chi\.iwate|\.shiga)\.jp)|o(?:(?:(?:fuk|b)e|ineppu)\.hokkaido|\.fukuoka|yo\.kochi)\.jp|(?:\.i)?t|her\.nf)|k(?:(?:a(?:ya(?:(?:ma\.okaya)?ma|\.nagano)|wa\.(?:fukuoka|kochi)|gaki\.fukuoka|zaki\.aichi)|u(?:izumo\.shimane|ma\.fukushima|tama\.tokyo)|e(?:gawa\.saitama|to\.hokkaido)|oppe\.hokkaido)\.jp|i(?:n(?:awa(?:(?:\.okinawa)?\.jp)?|oshima\.shimane\.jp)|\.fukuoka\.jp)|snes\.no|\.us)|n(?:(?:o(?:(?:michi\.hiroshim|jo\.fukuok)a|\.(?:fuku(?:shima|i)|hyogo))|(?:juku\.chib|na\.okinaw)a|agawa\.miyagi)\.jp|-(?:aptible\.com|the-web\.tv|web\.fr)|t(?:ario\.museu|hewifi\.co)m|l(?:ine(?:\.museum)?)?|g(?:a\.fukuoka\.jp)?|(?:yoursid)?e|\.ca|ion)|g(?:(?:a(?:wa(?:\.(?:ibaraki|saitama|nagano)|ra\.miyagi)|(?:(?:ta)?\.akit|no\.saitam)a|sawara\.tokyo|ki\.gifu)|(?:o(?:ri\.fukuok|se\.saitam)|i(?:mi\.okinaw|\.sag))a|u(?:ni\.(?:kumamoto|yamagata)|chi\.aichi))\.jp|\.(?:ao|it)|liastra\.it)|m(?:(?:i(?:(?:hachiman\.shig|gawa\.chib|ya\.saitam)a|\.n(?:iigata|agano)|tama\.ibaraki)|u(?:ra\.nagasaki|ta\.fukuoka)|otego\.fukushima)\.jp|a(?:(?:chi\.(?:nagano|saga)|ezaki\.shizuoka)\.jp|svuotna\.no|ha\.museum)|e(?:\.tokyo\.jp|ga))?|b(?:(?:a(?:ma\.(?:nagasak|fuku)i|nazawa\.yamagata)|u(?:se\.nagano|\.aichi))\.jp|i(?:(?:hiro|ra)\.hokkaido\.jp)?|ninsk\.su|server)|i(?:(?:s(?:hida\.yamagat|o\.kanagaw)|(?:ta\.oi)?t|zumi\.gunm|\.kanagaw)a\.jp|r(?:ase\.aomori\.jp|m\.gov\.pl))|h(?:(?:(?:i(?:ra\.(?:tochi|miya)g|\.fuku)|tawara\.tochig|aru\.aich)i|kura\.yamagata|da\.shimane)\.jp|\.us)|y(?:(?:a(?:ma(?:zaki\.kyoto|\.tochigi)|be\.toyama)|odo\.nara)\.jp|(?:stre-slidre|garden|er)\.no|\.lc)|p(?:e(?:n(?:craft\.hosting|air\.museum)?|raunite\.com)|p(?:eg[aå]rd|dal)\.no|o(?:czno|le)\.pl)|l(?:a(?:yan(?:group)?|wa\.pl)|(?:sztyn|ecko|kusz)\.pl|bia-?tempio\.it|(?:\.n|l)o|dnavy)|(?:(?:ji(?:ya\.niigat|\.nar)|e\.yamagat)a|a(?:mishirasato\.chiba|rai\.ibaraki))\.jp|f(?:f(?:ic(?:e(?:-on-the\.net)?|ial\.academy)|\.ai)?|unato\.iwate\.jp|\.(?:by|no))|u(?:m(?:u\.hokkaido\.jp|\.gov\.pl)|(?:chi\.sag|da\.nar)a\.jp|tsystemscloud\.com)|w(?:n(?:(?:provider\.co|\.p)m|ip\.net)|a(?:riasahi\.aich|ni\.aomor)i\.jp)|d(?:a(?:wara\.kanagaw|te\.akit)a\.jp|(?:es?sa)?\.ua|da\.no|o\.br)|z(?:(?:u\.(?:kumamoto|ehime)|ora\.hokkaido)\.jp|\.au)|c(?:eanographi(?:que|c)\.museum|hi\.kochi\.jp)|o(?:(?:shik|kuw)a\.nagano\.jp|guy\.com|o)|v(?:(?:re-eiker|erhalla)\.no|h)|x(?:ford\.museum|\.rs)|\.(?:bg|se))|f(?:u(?:(?:k(?:u(?:(?:(?:yama\.hiroshi|mitsu\.toya)m|(?:roi\.shizu)?ok|domi\.sag)a|s(?:hima(?:\.(?:fukushima|hokkaido))?|aki\.hyogo)|chi(?:yama\.kyoto|\.fukuoka)|(?:i\.fuku)?i)|a(?:gawa\.hokkaido|ya\.saitama))|chu\.(?:to(?:yama|kyo)|hiroshima)|dai\.iwate)\.jp|ji(?:(?:(?:(?:(?:(?:nomiy|ed)a)?\.shizuo|idera\.osa)k|oka\.gunm)a|s(?:a(?:wa\.(?:kanagawa|iwate)|to\.akita)|hiro\.ibaraki)|kawa(?:\.(?:yamanashi|shizuoka)|guchiko\.yamanashi)|mi(?:\.(?:saitama|nagano)|no\.saitama)|yoshida\.yamanashi)\.jp|xerox|tsu)|r(?:(?:u(?:dono\.fukushima|bira\.hokkaido|kawa\.miyagi)|ano\.hokkaido)\.jp|niture(?:\.museum)?)|t(?:(?:(?:aba\.fukushim|tsu\.chib)a|su\.nagasaki)\.jp|ure(?:host|mail)ing\.at|bol)|n(?:a(?:gata\.yamagat|hashi\.toyam|bashi\.chib)a\.jp|d(?:acio\.museum)?)?|e(?:fuki\.yamanashi\.jp|ttertdasnetz\.de|l\.aero)|s(?:(?:sa\.tokyo|o\.aichi)\.jp|a\.no)|o(?:isku|ssko)\.no)|r(?:o(?:m(?:-(?:(?:i[adln]|w[aivy]|o[hkr]|[hr]i|d[ce]|k[sy]|p[ar]|s[cd]|t[nx]|v[at]|fl|ga|ut)\.com|m(?:[adinost]\.com|e\.org)|n(?:[cdehjmv]\.com|y\.net)|a(?:[klr]\.com|z\.net)|c(?:[at]\.com|o\.net)|la\.net)|\.hr)|g(?:\.museum|n\.no|ans)|s(?:inone\.it|ta\.no)|(?:land|ya)\.no|nt(?:doo|ie)r)|e(?:e(?:box(?:-os\.(?:com|fr)|os\.(?:com|fr))|d(?:dns\.(?:org|us)|esktop\.org)|(?:tls\.fastly\.ne|site\.hos)t|masonry\.museum)?|i(?:(?:ght\.aer|\.n)o|burg\.museum)|drikstad\.no|senius)|i(?:uli-?v(?:e(?:nezia)?)?-?giulia\.it|bourg\.museum)|an(?:(?:ziskaner|caise|kfurt)\.museum|a\.no)|\.(?:eu\.org|it)|(?:æn|øy)a\.no|l)?|i(?:r(?:e(?:wall-gateway\.(?:com|net|de)|baseapp\.com|nze\.it|stone)?|m(?:\.(?:[cr]o|dk|ht|in|nf|ve)|dale))|n(?:(?:earts?|land)\.museum|a(?:nc(?:ial|e)|l)|\.(?:ec|tn)|n[oø]y\.no)|l(?:m(?:\.(?:museum|hu))?|atelia\.museum|egear\.me)|e(?:ld\.museum|\.ee)|\.(?:eu\.org|cr|it)|t(?:jar\.no|ness)?|gueres\.museum|d(?:elity|o)|sh(?:ing)?|at)?|o(?:r(?:-(?:(?:(?:mor|som|th)e|better)\.biz|our\.info)|t(?:(?:missoula|worth)\.museum|al\.br)|got\.h(?:er|is)\.name|um(?:z\.info|\.hu)?|lì?-?cesena\.it|sa(?:nd\.no|le)|d(?:e\.no)?|ce\.museum|ex)|(?:l(?:kebib|lda)l|snes)\.no|o(?:d(?:network)?|tball)?|undation(?:\.museum)?|[tz]\.br|ggia\.it|x)?|a(?:r(?:m(?:e(?:quipment\.museum|rs(?:\.museum)?)|(?:stead)?\.museum)?|sund\.no|\.br)|s(?:t(?:(?:panel\.direc|lylb\.ne)t|vps-server\.com)?|hion)|m(?:ily(?:ds\.(?:com|net|org)|\.museum)?|\.pk)|n(?:tasyleague\.cc|s)?|i(?:rwinds|th|l)|uske\.no|ge)|l(?:o(?:r(?:i(?:da\.museum|pa\.br|st)|[aoø]\.no|ence\.it)|g\.br|wers)|a(?:(?:tanger|kstad)?\.no|nders\.museum)|y(?:nnh(?:osting\.net|ub\.com))?|(?:e(?:kkefjord|sberg)|å)\.no|i(?:ght(?:\.aero|s)|(?:ck)?r)|t\.cloud\.muni\.cz|\.us)|e(?:d(?:ora(?:infracloud|people)\.org|e(?:ration\.aero|x)|je\.no|\.us)|r(?:r(?:ar(?:a\.it|i)|ero)|mo\.it)|(?:ste-ip\.ne|\.i)t|t(?:sund)?\.no|ira\.br|edback)|h(?:s(?:k\.se|\.no)|app\.xyz|v?\.se)|y(?:(?:lkesbib|resda)l\.no|i)|(?:(?:nd|st)\.b|bx-?os\.f)r|j(?:(?:aler|ell)\.no|\.cn)|m(?:\.(?:br|it|no))?|t(?:paccess\.cc|r)|(?:v?g|c)\.it|\.(?:bg|se)|ørde\.no)|g(?:[fhpqt]|o(?:v(?:\.(?:m[aegklnorsuvwyz]|n(?:(?:c\.t)?r|g)|b[abfhmrstyz]|s[abcdghltxy]|a[ceflrsuz]|c[dlmnouxy]|l[abckrtvy]|p[hklnrsty]|t[jlmnortw]|g[ehinruy]|i[elnqrst]|k[gimnpyz]|e[cegt]|d[moz]|r[suw]|v[cen]|z[amw]|u[ak]|hk|jo|om|qa|ws)|ernment\.aero|t\.nz)?|t(?:(?:emba\.shizuoka|o\.nagasaki|su\.shimane)\.jp|dns\.(?:c(?:om|h)|org)|pantheon\.com)?|\.(?:(?:dyndns\.or|u)g|(?:gov|leg)\.br|t[hjz]|c[ir]|i[dt]|k[er]|jp|pw)|b(?:\.(?:p[aek]|[bd]o|e[cs]|ar|cl|gt|hn|mx|ni|sv|ve)|o\.wakayama\.jp)|o(?:g(?:le(?:(?:apis|code)\.com)?)?|d(?:hands|year))?|s(?:(?:e(?:n\.niigat|\.nar)a|hiki\.hyogo)\.jp|\.pk)|l(?:f(?:fan\.us)?|d(?:point)?|\.no)|r(?:ge\.museum|izia\.it|lice\.pl)|uv\.(?:bj|ci|fr|ht|km|ml|rw|sn)|k(?:ase\.miyazaki\.jp|\.pk)|n(?:ohe\.aomori\.jp|\.pk)|d(?:o\.gifu\.jp|addy)|i(?:ania\.br|p\.de)|jome\.akita\.jp|p(?:\.pk)?)|r(?:o(?:u(?:ndhandling\.aero|p(?:\.aero)?)|ks-th(?:is|e)\.info|n(?:dar\.za|g\.no)|zny\.[rs]u|sseto\.it|cery)|a(?:n(?:drapids\.museum|(?:vin|e)?\.no)|t(?:angen\.no|is)|z\.museum|jewo\.pl|inger|phics)|i(?:w\.gov\.pl|mstad\.no|pe)|\.(?:eu\.org|com|it|jp)|u(?:e\.no|\.br)|e(?:ta\.fr|en)|p\.lk)?|e(?:o(?:rg(?:ia\.(?:museum|su)|e)|metre-expert\.fr|logy\.museum)|n(?:\.(?:mi\.us|in|nz|tr)|kai\.saga\.jp|t(?:ing)?|ov?a\.it)|e(?:k(?:galaxy\.com|\.nz)|lvinck\.museum)|t(?:myip\.com|s-it\.net)|mological\.museum|isei\.kochi\.jp|\.it|a)?|a(?:m(?:e(?:-(?:server\.cc|host\.org)|s(?:\.hu)?|\.tw)?|(?:agori\.aichi|o\.shiga)\.jp|vik\.no)|l(?:l(?:ery(?:\.museum)?|up|o)|sa\.no)?|(?:u(?:sdal|lar)|ivuotna)\.no|ng(?:aviika\.no|won\.kr)|rden(?:\.museum)?|teway\.museum|\.us|p)?|i(?:t(?:hub(?:usercontent\.com|\.io)|-repos\.de|lab\.io)|n(?:o(?:wan|za)\.okinawa|an\.gifu)\.jp|e(?:htavuoatna\.no|ssen\.museum)|f(?:(?:u\.gif)?u\.jp|ts?)|(?:ldesk[aå]l|ske)\.no|v(?:ing|es)|ize\.com)?|l(?:o(?:b(?:al(?:\.(?:prod|ssl)\.fastly\.net)?|o)|ppen\.no|gow\.pl)|a(?:s(?:s(?:\.museum)?|\.museum)|de)|i(?:ding\.aero|wice\.pl)|e(?:eze\.com)?|ug\.org\.uk)?|u(?:(?:(?:shikami\.okinaw|nm)a|jo\.gifu)\.jp|(?:ovdageaidnu|len)\.no|a(?:m\.gu|rdian)|ernsey\.museum|i(?:tars|de)|b\.uy|\.us|cci|ge|ru)?|s(?:\.(?:(?:s(?:[ft]|valbard)|o(?:[fl]|slo)|jan-mayen|a[ah]|h[lm]|n[lt]|t[mr]|v[af]|bu|fm|mr|rl)\.no|cn)|m\.pl)?|(?:j(?:e(?:r(?:drum|stad)|mnes|sdal)|[oø]vik)|á(?:(?:ŋgaviik|ivuotn)a|lsá))\.no|y(?:eong(?:buk|nam|gi)\.kr|okuto\.kumamoto\.jp)?|d(?:(?:a(?:nsk)?|ynia)\.pl|(?:\.c)?n)?|w(?:iddle\.co\.uk|angju\.kr)?|m(?:[ox]|(?:ina\.p|ai)l|bh)?|b(?:\.(?:com|net)|iz)?|n(?:iezno\.pl)?|g(?:f\.br|ee)?|\.(?:bg|se)|[xz]\.cn|v\.a[ot]|12\.br|c\.ca)|p(?:a(?:r(?:is(?:\.(?:eu\.org|museum))?|a(?:chut|glid)ing\.aero|t(?:(?:ner)?s|i\.se|y)|(?:och\.k12\.ma\.u)?s|liament\.(?:cy|nz)|ma\.it)|l(?:m(?:springs\.museum|as\.br)|e(?:o\.museum|rmo\.it)|ace\.museum)|s(?:s(?:enger-association\.aero|agens)|adena\.museum)|n(?:a(?:ma\.museum|sonic)|theonsite\.io|erai)|ge(?:(?:speedmobilizer|frontapp)\.com)?|\.(?:gov\.(?:br|pl)|leg\.br|it|us)|d(?:erborn\.museum|(?:ov|u)a\.it)|cific\.museum|tria\.bo|via\.it|y)?|r(?:o(?:\.(?:[bp]r|[ht]t|az|cy|ec|mv|na|om|vn)|d(?:uction(?:\.aero|s))?|f(?:esional\.bo|\.pr)?|t(?:onet\.io|ection)|pert(?:ies|y)|ject\.museum|chowice\.pl|gressive|mo)?|es(?:s(?:\.(?:m(?:useum|a)|aero|cy|se)|e\.(?:ci|fr|km|ml))?|(?:ervation|idio)\.museum)|i(?:v(?:atizehealthinsurance\.net|\.(?:at|hu|me|no|pl))|(?:\.e|m)e|ncipe\.st)|\.(?:(?:gov|leg)\.br|it|us)|u(?:(?:szkow\.p|dentia)l)?|a(?:merica|to\.it|xi)|d\.(?:fr|km|mg)|zeworsk\.pl)?|o(?:r(?:t(?:(?:l(?:ligat|and)|al)\.museum|\.fr)|s(?:ang(?:er|u)|grunn|áŋgu)\.no|denone\.it|n)|l(?:i(?:ti(?:ca\.bo|e)|ce\.uk)|\.(?:dz|ht|tr)|kowice\.pl|tava\.ua)|d(?:(?:lasi|hal)e\.pl|zone\.(?:net|org))|st(?:s-and-telecommunications\.museum)?|i(?:nt(?:2this\.com|to\.us)|vron\.org)|(?:(?:mor(?:ski|z)e|wiat|znan)\.p|h)l|t(?:ager\.org|enza\.it)|k(?:rovsk\.su|er)|\.(?:gov\.pl|it)|a\.br)|i(?:(?:e(?:dmont|monte)\.i|a(?:cenza\.i|ge))t|l(?:ot(?:s\.museum|\.aero)|a\.pl)|(?:ttsburgh\.museu|xolino\.co)m|\.(?:(?:gov|leg)\.br|it)|s(?:(?:toi)?a\.it|z\.pl)|n(?:[gk]|b\.gov\.pl)?|c(?:t(?:ures|et)|s)|ppu\.hokkaido\.jp|mienta\.org|w\.gov\.pl|oneer|zza|d)|h(?:o(?:to(?:graphy(?:\.museum)?|s)?|enix\.museum|ne)|il(?:a(?:delphi(?:aare)?a|tely)\.museum|ips)|armac(?:ien(?:s\.km|\.fr)|y(?:\.museum)?)|ysio|d)?|l(?:a(?:(?:n(?:t(?:ation|s)|etarium)|za)\.museum|y(?:station)?|ce)|u(?:rinacional\.bo|mbing|s)|c\.(?:co\.im|ly|uk)|\.(?:eu\.org|ua)|o\.ps)?|e(?:r(?:so\.(?:[st]n|ht)|\.(?:la|nf|sg)|ugia\.it)|\.(?:(?:(?:gov|leg)\.b|k)r|ca|it)|(?:s(?:aro-?urbino|cara)\.i)?t|nza\.su)?|u(?:b(?:l(?:i(?:shproxy\.co|c\.museu)m|\.pt)|ol\.museum|\.sa)?|(?:p\.gov|lawy)\.pl|(?:g(?:lia)?)?\.it|eblo\.bo)|v(?:t\.(?:k12\.ma\.us|ge)|h\.br|\.it)|s(?:(?:se|p)\.gov\.pl|[ci]\.br)?|t(?:\.(?:eu\.org|it)|plus\.fit)?|g(?:(?:afan\.ne|\.i)t|fog\.com)|c(?:\.(?:it|pl)|loud\.host|cw)|p(?:\.(?:az|ru|se|ua)|g\.br)|b\.(?:(?:gov|leg)\.br|ao)|y(?:atigorsk\.ru)?|n(?:\.it|c)?|\.(?:bg|se)|m(?:n\.it)?|f(?:izer)?|[dz]\.it|wc?|k)|d(?:[jmz]|e(?:v(?:ices\.resinstaging\.io|-myqnapcloud\.com|\.static\.land|elopment\.run)?|l(?:(?:menhorst|aware)\.museum|l(?:-?ogliastra\.it)?|ivery|oitte|ta)|s(?:i(?:gn(?:\.(?:museum|aero))?)?|a\.id)|f(?:inima\.(?:net|io)|ense\.tn|\.br)|p(?:o(?:t\.museum|rte\.bo)|\.no)|(?:corativearts|troit)\.museum|n(?:mark\.museum|t(?:ist|al))|mo(?:cra(?:cia\.bo|t)|n\.nl)|\.(?:co(?:ol|m)|eu\.org|us)|a(?:l(?:er|s)?|tnu\.no)|bian\.net|dyn\.io|gree)?|y(?:n(?:dns(?:-(?:(?:offic|remot|fre|hom)e|at-(?:home|work)|w(?:iki|ork|eb)|server|blog|mail|pics|ip)\.com|\.(?:ddnss\.de|info|biz|org|tv|ws)|1\.de)|a(?:mi(?:sches-dns\.de|c-dns\.info)|lias\.(?:com|net|org)|thome\.net)|\.(?:(?:cosidn|ddns)s|home-webserver)\.de|-(?:(?:ip24|vpn)\.de|o-saur\.com)|v(?:6\.net|pn\.de)|serv\.org|ns\.com|u\.net)|r[oø]y\.no|\.fi)|a(?:[dy]|t(?:to(?:(?:relay|web)\.com|local\.(?:com|net))|e(?:\.(?:fukushima|hokkaido)\.jp)?|a(?:base\.museum)?|ing|sun)|(?:i(?:(?:wa\.hiroshim|sen\.akit|to\.osak)a|go\.ibaraki)|zaifu\.fukuoka)\.jp|(?:l(?:las|i)\.museu|mnserver\.co)m|vve(?:nj[aá]rg|siid)a\.no|(?:e(?:jeon|gu)\.k|bu)r|(?:plie\.m|nc)e|gestan\.[rs]u)|o(?:[gt]|n(?:texist\.(?:com|net|org)|ostia\.museum|etsk\.ua|na\.no)|es(?:ntexist\.(?:com|org)|-it\.net)|m(?:inic\.ua|ains)|omdns\.(?:com|org)|shi\.yamanashi\.jp|lls\.museum|c(?:tor|s)|vre\.no|wnload|dge|ha)?|i(?:s(?:co(?:ver(?:y\.museum)?|unt)|kstation\.(?:org|eu|me)|h)|(?:nosaur\.museu|tchyourip\.co)m|vt(?:tasvuot|asvuod)na\.no|e(?:lddanuorri\.no|t)|rect(?:ory)?|amonds|gital|y)|n(?:s(?:alias\.(?:com|net|org)|dojo\.(?:com|net|org)|up(?:dater\.de|\.net)|(?:home\.d|for\.m)e|iskinky\.com|king\.ch)|i(?:propetrovsk\.ua|\.us)|(?:epropetrovsk)?\.ua|p)|r(?:a(?:y(?:d(?:dns\.com|ns\.de)|-dns\.de)|(?:ngedal|mmen)\.no)|eamhosters\.com|ud\.(?:io|us)|[oø]bak\.no|\.(?:na|tr)|ive)|d(?:ns(?:(?:(?:fre|liv)e|geek|king)\.com|s\.(?:org|de)|\.(?:net|me))|r\.museum|-dns\.de|s)|s(?:cloud\.(?:m(?:obi|e)|biz)|mynas\.(?:com|net|org)|t\.mi\.us)|u(?:r(?:ham\.museum|ban)|ck(?:dns\.org)?|n(?:lop|s)|pont|bai)|v(?:r(?:cam\.info|dns\.org)?|ag)|(?:gca\.aer|ønna\.n)o|(?:lugoleka\.p|h)l|f\.(?:gov|leg)\.br|k(?:\.eu\.org)?|c(?:\.us|lk)|\.(?:bg|se)|p\.ua|tv)|l(?:[bkr]|i(?:b\.(?:(?:m[adeinost]|n[cdehjmvy]|a[klrsz]|i[adln]|c[aot]|o[hkr]|v[ait]|w[aiy]|[hr]i|d[ce]|g[au]|k[sy]|p[ar]|s[cd]|t[nx]|fl|la|ut)\.us|ee)|n(?:k(?:yard(?:-cloud\.ch|\.cloud)|itools\.space)?|d(?:e(?:snes\.no)?|[aå]s\.no)|coln(?:\.museum)?|z\.museum)|m(?:a(?:-city\.(?:rocks|at|ch|de)|nowa\.pl|\.zone)|ited|o)|v(?:ing(?:(?:history)?\.museum)?|orno\.it|e)|ll(?:e(?:hammer|sand)\.no|y)|ke(?:s(?:candy|-pie)\.com)?|fe(?:(?:insuranc|styl)e)?|g(?:(?:uria)?\.it|hting)|er(?:ne)?\.no|(?:xi|d)l|aison|\.it|psy)?|a(?:n(?:c(?:as(?:hire\.museum|ter)|ome|ia)|d(?:-4-sale\.us|es\.museum|rover)?|gev[aå]g\.no|s\.museum|bib\.se|xess)|(?:va(?:ngen|gis)|akesvuemie|hppi)\.no|(?:(?:-spezi|quil)a|z(?:io)?)\.it|r(?:(?:dal|vik)\.no|sson\.museum)|t(?:in(?:a\.it|o)|robe)?|(?:bou?r|jolla)\.museum|w(?:\.(?:pro|za)|yer)?|s(?:pezia\.it|alle)|m(?:borghini|er)|(?:dbroke|\.u)s|kas\.hu|py\.pl|caixa)?|o(?:(?:s(?:angeles\.museu|eyourip\.co)|(?:yalist|uvre)\.museu)m|c(?:alh(?:ost\.daplie\.me|istory\.museum)|ker|us)|g(?:i(?:stics\.aero|nto\.me)|oip\.(?:com|de))|m(?:bard(?:ia|y)\.it|\.(?:it|no)|za\.pl)|nd(?:on(?:\.museum)?|rina\.br)|(?:renskog|ppa)\.no|a(?:b[aá]t\.no|ns?)|di(?:ngen\.no|\.it)|t(?:en\.no|t[eo])|(?:wicz\.p)?l|(?:\.i|f)t|ve)|e(?:i(?:(?:r(?:fjord|vik)|kanger)\.no|tungsen\.de)|a(?:s(?:ing\.aero|e)|[nŋ]gaviika\.no)|(?:k(?:svik|a)|vanger|rdal|sja)\.no|b(?:timnetz\.de|esby\.no|ork\.pl)|g(?:(?:nica\.p|a)l|\.br|o)|c(?:c[eo]\.it|lerc)|n(?:vik\.no|ug\.su)|wismiller\.museum|zajsk\.pl|l\.br|\.it|frak|xus)|u(?:c(?:(?:ani|c)a\.it|erne\.museum)|x(?:e(?:mbourg\.museum)?|ury)|n(?:d(?:\.no|beck)|ner\.no)|g(?:s?\.org\.uk|ansk\.ua)|(?:r[oø]y|ster)\.no|\.(?:eu\.org|it)|(?:bin|kow)\.pl|zern\.museum|tsk\.ua|pin)?|t(?:d(?:\.(?:c(?:o\.im|y)|[hl]k|u[ak]|gi)|a)?|\.(?:eu\.org|it|ua))?|(?:ø(?:(?:ding|t)en|renskog)|áhppi|ærdal)\.no|v(?:\.(?:eu\.org|ua)|iv\.ua)?|c(?:ube-server\.de|\.it)?|y(?:ng(?:dal|en)\.no)?|g(?:\.(?:jp|ua)|bt)|p(?:lfinancia)?l|-o-g-i-n\.de|\.(?:bg|se)|äns\.museum|n\.cn|d?s|lc)|e(?:d(?:u(?:\.(?:e(?:[cest]|(?:u\.or)?g)|k(?:[gimnpyz]|rd)|m[egklnostvwxyz]|p[aefhklnrsty]|b[abhimorstz]|g[ehilnprtuy]|s[abcdglntvy]|l[abckrvy]|a[cflruz]|t[jmortw]|c[inouw]|i[nqst]|v[cenu]|d[moz]|h[knt]|n[gir]|r[suw]|u[ay]|z[am]|jo|om|qa|ws)|cat(?:ion(?:(?:al)?\.museum)?|or\.aero)|net\.tn)?|\.(?:c[ir]|ao|jp|pw)|ogawa\.tokyo\.jp|eka)|n(?:g(?:ine(?:er(?:\.aero|ing)?|\.aero)|\.(?:pro|br)|land\.museum|erdal\.no)|(?:vironment(?:alconservation)?|cyclopedic)\.museum|t(?:er(?:tainment\.aero|prises)|omology\.museum)|dof(?:internet\.(?:net|org)|theinternet\.org)|(?:iwa\.hokkaido|a\.gifu)\.jp|e(?:bakk\.no|rgy)|(?:na)?\.it|onic\.io|s\.tn)|s(?:t(?:-(?:(?:a-la-ma(?:is|si)|le-patr)on|mon-blogueur)\.com|ate(?:\.museum)?|\.pr)|\.(?:(?:(?:gov|leg)\.b|k)r|eu\.org)|a(?:shi|n)\.hokkaido\.jp|sex\.museum|urance|p\.br|q)?|u(?:-(?:(?:west-[123]|central-1)\.elasticbeanstalk|[1234]\.evennode)\.com|\.(?:(?:meteorapp\.)?com|int|org)|rovision|n\.eg|s)?|m(?:b(?:etsu\.hokkaido\.jp|roidery\.museum|aixada\.st)|(?:ilia-?romagna|r)\.it|er(?:gency\.aero|ck)|p(?:resa\.bo|\.br)|ail)|x(?:p(?:ert(?:s-comptables\.fr)?|ress(?:\.aero)?|osed)|(?:hibition|eter)\.museum|change(?:\.aero)?|traspace|net\.su)|a(?:st(?:(?:africa|coast)\.museum|-kazakhstan\.su)|t(?:ing-organic\.net|on\.mi\.us)?|rth)|i(?:(?:d(?:s(?:(?:ber|ko)g|voll)|fjord)?|gersund)\.no|heiji\.fukui\.jp|senbahn\.museum)|l(?:ve(?:ndrell\.museum|rum\.no)|b(?:urg\.museum|lag\.pl)|asticbeanstalk\.com|k\.pl)|t(?:ajima\.hiroshima\.jp|hnology\.museum|i(?:salat|\.br)|ne(?:dal)?\.no|c\.br)?|b(?:i(?:n(?:a\.kanagawa|o\.miyazaki)\.jp|z\.tw)|etsu\.hokkaido\.jp)|v(?:e(?:n(?:(?:(?:ass|ášš)i|es)\.no|ts)|rbank)|je-og-hornnes\.no)|c(?:o(?:(?:log|nom)ia\.bo|\.br)?|hizen\.fukui\.jp|n\.br)?|r(?:i(?:mo\.hokkaido\.jp|csson)|oti[ck]a\.hu|ni)|g(?:yptian\.museum|ersund\.no)?|p(?:ilepsy\.museum|ost|son)|1(?:64\.arpa|2\.ve)|quipment(?:\.aero)?|e(?:\.eu\.org)?|\.(?:bg|se)|kloges\.cy|hime\.jp|4\.cz)|r(?:e(?:s(?:i(?:stance\.museum|ndevice\.io)|earch\.(?:museum|aero)|\.(?:aero|in)|(?:tauran)?t)|a(?:l(?:estate(?:\.pl)?|t(?:or|y)|m\.cz)|d(?:(?:-books|myblog)\.org)?)|c(?:(?:reation\.ae|ht\.p)ro|\.(?:[cr]o|br|nf|ve)|i(?:fe\.br|pes))|n(?:(?:ne(?:s[oø]y|bu)|dalen)\.no|t(?:als)?)?|d(?:irectme\.net|umbrella|stone|\.sv)?|g(?:gio-?(?:calabr|emil)ia\.it|\.dk)|p(?:body\.aero|ublican|\.kp|air|ort)|l(?:\.(?:ht|pl)|iance)|vi(?:sta\.bo|ews?)|bun\.hokkaido\.jp|\.(?:it|kr)|i(?:sen?|t)|motewd\.com|klam\.hu|xroth|hab)?|i(?:(?:(?:ku(?:zentakata\.iwate|betsu\.hokkaido)|fu\.miyagi|tto\.shiga)\.j)?p|s(?:hir(?:ifuj)?i\.hokkaido\.jp|(?:[oø]r|sa)\.no)|o(?:(?:(?:branc|pret)o)?\.br|dejaneiro\.museum)?|n(?:g(?:e(?:rike|bu)|saker)|dal)\.no|(?:ghtathom|ik\.e)e|c(?:h(?:ardli)?|oh)|(?:min|et)i\.it|\.(?:it|us)|beirao\.br|vne\.ua|l)|a(?:n(?:(?:koshi\.hokkaido|zan\.saitama)\.jp|(?:daberg|a)\.no)|d(?:o(?:m\.pl|y\.no)|(?:øy|e)\.no|io(?:\.br)?)|(?:h(?:kkeravju|olt)|kkestad|lingen|uma)\.no|ven(?:db\.(?:community|run|me)|na\.it)|i(?:l(?:road|way)\.museum|sa\.no|d)|c(?:kmaze\.(?:com|net)|ing)|(?:gusa)?\.it|wa-maz\.pl|s\.ru)|o(?:(?:(?:y(?:rvik|ken)|llag|ros|an|st)\.n|torcraft\.aer|d(?:oy\.n|e))o|c(?:he(?:ster\.museum|r)|k(?:art\.museum|s))|m(?:a\.(?:museum|it)|s(?:kog|a)\.no|e\.it)|\.(?:(?:gov|leg)\.br|eu\.org|i[mt])|v(?:igo\.it|no\.ua)|kunohe\.aomori\.jp|uter\.management|gers|om)?|(?:ø(?:y(?:rvik|ken)|mskog|døy|ros|st)|á(?:hkkerávju|isa)|å(?:holt|de)|ælingen|l)\.no|y(?:u(?:(?:gasaki\.ibaraki|oh\.shiga)\.jp|kyu)|okami\.saitama\.jp|bnik\.pl|gge\.no)|u(?:\.(?:eu\.org|com|net)|ssia\.museum|ovat\.no|gby|hr|n)?|n(?:\.(?:(?:gov|leg)\.br|it)|(?:[su]|rt)\.tn)|s(?:\.(?:gov|leg)\.br|c\.cdn77\.org|vp)?|\.(?:cdn77\.net|bg|se)|z(?:gw\.gov|eszow)\.pl|[jr]\.(?:gov|leg)\.br|(?:[cg]\.|m\.?)it|hcloud\.com|v\.ua|we?)|y(?:a(?:m(?:a(?:(?:t(?:o(?:\.(?:k(?:anagawa|umamoto)|fukushima)|(?:koriyam|takad)a\.nara)|suri\.fukushima)|n(?:a(?:(?:shi\.yamana)?|kako\.yamana)shi|o(?:be\.yamagata|uchi\.nagano))|g(?:a(?:ta(?:\.(?:yamagata|ibaraki|nagano|gifu))?|\.kumamoto)|uchi)|da\.(?:(?:fukuok|toyam)a|iwate)|(?:kita\.kanagaw|zoe\.nar)a|moto\.miyagi|shina\.kyoto)\.jp|xun)|e\.fukuoka\.jp)|(?:s(?:u(?:gi\.shimane|oka\.nagano|da\.kochi|\.shiga)|hi(?:o\.saitama|ro\.hyogo)|aka\.nagano)|t(?:su(?:shiro\.kumamoto|ka\.shimane)|omi\.aichi)|k(?:umo\.(?:hokkaido|shimane)|age\.okayama)|wa(?:ta(?:hama\.ehime|\.kyoto)|ra\.ibaraki)|i(?:zu\.shizuoka|ta\.tochigi)|bu(?:ki\.fukushima|\.hyogo)|o(?:tsu\.gifu|\.osaka)|ese\.okinawa|zu\.tottori)\.jp|ch(?:i(?:yo\.(?:ibaraki|chiba)|mata\.chiba)\.jp|ts)|n(?:a(?:izu\.fukushim|gawa\.fukuok)a\.jp|dex)|h(?:(?:iko\.niigata|aba\.iwate)\.jp|oo)|lta\.ua)|o(?:(?:n(?:a(?:g(?:uni\.okinawa|o\.tottori)|baru\.okinawa)|(?:ezawa\.yamagat|o\.saitam)a)|i(?:chi\.hokkaido|ta\.niigata)|tsukaido\.chiba)\.jp|k(?:o(?:(?:s(?:hibahikari\.chib|uka\.kanagaw)|ze\.saitam|te\.akit)a\.jp|hama)|(?:a(?:(?:wa)?\.hyogo|ichiba\.chiba)|kaichi\.mie)\.jp)|s(?:hi(?:(?:(?:kawa|mi)\.saita|oka\.gun)m|da\.s(?:hizuok|aitam)|no(?:gari\.sag|\.nar))a\.jp|emite\.museum)|r(?:(?:ii\.saitama|o\.gifu)\.jp|k(?:shire)?\.museum)|m(?:itan\.okinawa\.jp|bo\.me)|u(?:t(?:h\.museum|ube))?|lasite\.com|dobashi|ga)|u(?:(?:(?:(?:za(?:wa\.nii|\.yama)ga|fu\.oi)t|gawa(?:ra\.kanagaw|\.fukushim)|r(?:ihonjo\.akit|a\.wakayam)|asa\.wakayam)a|k(?:uhashi\.fukuoka|i\.ibaraki)|su(?:i\.kagoshima|hara\.kochi)|u\.yamaguchi)\.jp|n)|bo\.(?:(?:scienc|trad)e|review|faith|party)|\.(?:bg|se)|k\.ca|n\.cn|t)|u(?:s(?:(?:-(?:east-(?:1\.(?:elasticbeanstalk|amazonaws)|2\.elasticbeanstalk)|(?:gov-west-1|west-[12])\.elasticbeanstalk|[1234]\.evennode)\.co|(?:c(?:ountryestat|ultur)e|decorativearts|livinghistory|garden)\.museu)m|h(?:i(?:ku\.ibaraki\.jp|story\.museum)|uaia\.museum)|a(?:(?:ntique|rt)s\.museum|\.(?:oita\.jp|museum))|\.(?:(?:eu\.)?org|gov\.pl|com|na)|u(?:i\.fukuok|ki\.oit)a\.jp|r\.cloud\.muni\.cz|er\.party\.eus|tka\.pl)?|n(?:(?:azuki\.toyama|zen\.nagasaki|nan\.shimane)\.jp|i(?:v(?:ersity(?:\.museum)?|\.sn)|on\.aero|com)|(?:usualperson\.co|dersea\.museu)m|(?:j[aá]rga\.n)?o)|r(?:(?:a(?:(?:soe\.okinaw|wa\.saitam|yasu\.chib)a|(?:kawa|usu)\.hokkaido)|uma\.okinawa|yu\.hokkaido|eshino\.mie)\.jp|bino-?pesaro\.it|[in]\.arpa|l\.tw)|t(?:a(?:z(?:u\.kagawa\.jp|as\.hu)|shinai\.hokkaido\.jp|h\.museum)|s(?:unomiya\.tochigi\.jp|ira\.no)|o\.kumamoto\.jp|wente\.io|\.us)|(?:e(?:no(?:hara\.yamanashi|\.gunma)|da\.nagano)|ji(?:(?:tawara)?\.kyoto|ie\.tochigi))\.jp|c(?:hi(?:n(?:ada\.ishik|omi\.kag)awa|hara\.ibaraki|ko\.ehime)\.jp|onnect)|m(?:i(?:\.fukuoka\.jp|g\.gov\.pl)|aji\.kochi\.jp|b(?:ria)?\.it|\.gov\.pl)|k(?:i(?:ha\.fukuoka|\.kumamoto)\.jp|\.(?:eu\.org|com|net)|lugs\.org)?|l(?:(?:lens(?:aker|vang)|vik)\.no|m\.museum|san\.kr)|d(?:(?:ono\.mie|a\.nara)\.jp|i(?:ne\.it|\.br)|\.it)|(?:2(?:-local)?\.xnbay\.co|(?:hren|vic)\.museu)m|b(?:e(?:\.yamaguchi\.jp|r\.space)|ank|s)|o(?:(?:numa\.niigat|zu\.toyam)a\.jp|l)|z(?:(?:hgorod)?\.ua|s\.gov\.pl)?|w(?:ajima\.ehime\.jp|\.gov\.pl)|p(?:(?:ow|po)\.gov\.pl|s)|g(?:(?:im)?\.gov\.pl)?|\.(?:bg|se)|y(?:\.com)?|fcfan\.org|a)|v(?:i(?:r(?:tu(?:e(?:eldomein\.nl|l\.museum)|al(?:-?user\.de|\.museum))|gin(?:ia\.museum)?)|c(?:(?:\.(?:edu|gov))?\.au|enza\.it)|n(?:n(?:ytsi|ic)a\.ua|dafjord\.no)?|k(?:ing(?:\.museum)?|(?:na)?\.no)|(?:bo-?valentia|terbo)\.it|s(?:ta(?:print)?|ion|a)|lla(?:ge\.museum|s)|p(?:sinaapp\.com)?|deo(?:\.hu)?|\.(?:it|us)|v[ao]|x\.br|ajes|g)?|a(?:l(?:le(?:(?:(?:-(?:d-?)?|d-?)?aosta|́?e(?:(?:-d)?-|d)?aoste)\.it|y\.museum|\.no)|er\.(?:hedmark|ostfold)\.no|-?d-?aosta\.it)|n(?:g(?:\.no|uard)|taa\.museum|ylven\.no|a)|(?:g(?:an?|soy)|ds[oø]|apste|ksdal)\.no|r(?:(?:d[oø]|ggat|oy)\.no|ese\.it)|por(?:cloud\.io|\.cloud)|\.(?:it|no|us)|cations|o\.it)?|e(?:r(?:s(?:ailles\.museum|icherung)|(?:(?:bani|on)a|celli)\.it|mögensberat(?:ung|er)|(?:dal|ran)\.no|isign)|(?:st(?:(?:v(?:ago|ågø)|b)y|re-(?:slidre|toten)|nes)|velstad|fsn)\.no|n(?:(?:e(?:zia|to)|ice)?\.it|nesla\.no|tures)|g(?:a(?:(?:rshei)?\.no|s)|årshei\.no)|t(?:erinaire\.(?:fr|km)|\.br)?|\.it)?|o(?:l(?:k(?:enkunde\.museum|swagen)|(?:da\.n|v)o|ogda\.su|yn\.ua)|(?:ss(?:evangen)?|agat)\.no|t(?:[eo]|ing)|yage|dka)|(?:(?:å(?:ler\.(?:hedmark|østfold)|g(?:søy|an|å))|árggát|ærøy|f)\.n|-info\.inf)o|l(?:a(?:di(?:kavkaz|mir)\.[rs]u|anderen(?:\.museum)?)|og\.br)|pn(?:dns\.net|plus\.to)|(?:[brsv]|da)\.it|t\.(?:it|us)|g(?:s\.no)?|c(?:\.it)?|n(?:\.ua)?|u(?:elos)?|\.bg)|w(?:a(?:(?:k(?:a(?:sa\.(?:tottor|fuku)i|(?:yama\.waka)?yama)|kanai\.hokkaido|uya\.miyagi|e\.okayama)|ji(?:ki\.tokushim|ma\.ishikaw)a|(?:zuka\.kyot|da\.nagan)o)\.jp|t(?:ch(?:(?:-and-|and)clock\.museum|es)?|ar(?:i\.miyagi|ai\.mie)\.jp)|s(?:h(?:ingtondc\.museum|tenaw\.mi\.us)|samu\.hokkaido\.jp)|r(?:abi\.saitama\.jp|m(?:ia\.pl|an)|szawa\.pl|\.museum)|l(?:es(?:\.museum)?|lonie\.museum|brzych\.pl|mart|ter)|n(?:ouchi\.gifu\.jp|g(?:gou)?)|\.(?:(?:(?:edu|gov)\.)?au|us)|w\.pl)|e(?:b(?:\.(?:[bcd]o|[lp]k|n[fi]|t[jr]|gu|id|ve|za)|ho(?:p\.(?:info|biz|net|org|me)|sting\.be)|s(?:pace\.rocks|ite)|redirect\.org|cam|er)|d(?:eploy\.(?:io|me|sh)|ding)?|llbeingzone\.(?:co\.uk|eu)|st(?:fale|er)n\.museum|ather(?:channel)?|i(?:bo|r)|grow\.pl|\.bs)|i(?:l(?:liam(?:sburg\.museum|hill)|dlife\.museum)|n(?:d(?:mill\.museum|ows)|b\.gov\.pl|ners|e)?|t(?:h(?:youtub|googl)e\.com|d\.gov\.pl)|(?:[fw]|ih|os)\.gov\.pl|e(?:lun\.pl|n)|ki(?:\.b[or])?|\.us)|o(?:r(?:k(?:i(?:nggroup\.aero|sboring\.com)|s(?:hop\.museum|\.aero)?)?|se-than\.tv|ld)|l(?:terskluwer|omin\.pl)|dzislaw\.pl|odside|w)|(?:(?:zmiuw|uoz)\.gov|locl(?:awek)?)\.pl|r(?:itesthisblog\.com|oc(?:law)?\.pl)|s(?:(?:kr|a)\.gov\.pl|\.na)?|h(?:aling\.museum|oswho)|m(?:flabs\.org|e)|pdevcloud\.com|\.(?:bg|se)|[vy]\.us|ww\.ro|t[cf]|f)|j(?:o(?:(?:(?:etsu\.niigat|hana\.toyam)a|so\.ibaraki)\.jp|urnal(?:is(?:m\.museum|t\.aero)|\.aero)|b(?:oji\.iwate\.jp|s(?:\.tt)?|urg)|r(?:peland\.no|\.br)|(?:lster|ndal)\.no|y(?:o\.kyoto\.jp)?|inville\.br|gasz\.hu|t)?|e(?:w(?:ish(?:art)?\.museum|elry(?:\.museum)?)|(?:fferson|rusalem)\.museum|(?:on(?:buk|nam)|ju)\.kr|(?:ssheim|vnaker)\.no|lenia-gora\.pl|tzt|ep)?|u(?:(?:d(?:ygarland|aica)|if)\.museum|e(?:disches\.museum|gos)|(?:nipe|s\.b)r|r\.pro)|a(?:m(?:ison\.museum|byl\.su|pa\.br)|(?:b\.b|gua)r|n-mayen\.no|worzno\.pl|va)|p(?:\.(?:eu\.org|net)|morgan|n\.com|rs)?|i(?:nsekikogen\.hiroshima\.jp|o)|d(?:evcloud\.com|f\.br)|ø(?:rpeland|lster)\.no|l(?:[cl]|\.cn)|s\.(?:org|cn)|fk\.museum|gora\.pl|c[bp]|x\.cn|\.bg|mp|nj)|[^\.]+\.(?:s(?:en(?:siosite\.cloud|dai\.jp)|t(?:atics\.cloud|olos\.io)|pectrum\.myjino\.ru|apporo\.jp|5y\.io|ch\.uk)|c(?:ompute(?:\.(?:amazonaws\.com(?:\.cn)?|estate)|-1\.amazonaws\.com)|ns\.joyent\.com|ryptonomic\.net|k)|e(?:x\.(?:futurecms|ortsinfo)\.at|lb\.amazonaws\.com(?:\.cn)?|r)|k(?:[hw]|(?:itakyushu|awasaki|obe)\.jp|unden\.ortsinfo\.at)|a(?:lces\.network|dvisor\.ws|wdev\.ca)|tr(?:ansurl\.(?:be|eu|nl)|iton\.zone)|(?:(?:host|land)ing|vps)\.myjino\.ru|(?:(?:quipelements|0emm)\.co|j)m|p(?:latform(?:sh\.site|\.sh)|g)|n(?:(?:agoya\.j)?p|om\.br)|m(?:agentosite\.cloud|m)|f(?:[jk]|uturecms\.at)|y(?:okohama\.jp|e)|in\.futurecms\.at|uberspace\.de|otap\.co|b[dn])|z(?:[mw]|a(?:p(?:orizhzh(?:ia|e)\.ua|to\.(?:org|xyz)|pos)|(?:ma(?:mi\.okin|\.kanag)awa|o\.miyagi)\.jp|(?:chpomor|kopane|gan)\.pl|\.(?:com|net|org|bz)|r(?:ow\.pl|a))|o(?:olog(?:ical|y)\.museum|ne(?:\.id)?)|u(?:shi\.kanagawa\.jp|erich)|(?:h(?:itomi|ytomy)r|t)\.ua|e(?:ntsuji\.kagawa\.jp|ro)|gor(?:zelec|a)\.pl|p\.(?:gov\.pl|ua)|\.(?:bg|se)|ip(?:po)?|lg\.br|j\.cn)|(?:ø(?:y(?:stre-slidre|garden|er)|r(?:s(?:kog|ta)|land)|stre-toten|vre-eiker|ksnes)|å(?:l(?:(?:esun|går)d)?|s(?:eral|nes)?|m(?:li|ot)|krehamn|fjord|rdal)|á(?:l(?:aheadju|tá)|kŋoluokta)|čáhcesuolo)\.no|(?:(?:[富岡]|和歌)山|(?:[広徳]|鹿児)島|(?:神奈|石)川|山[口形梨]|福[井岡島]|[佐滋]賀|宮[城崎]|愛[媛知]|長[崎野]|北海道|三重|京都|兵庫|千葉|埼玉|奈良|岐阜|岩手|島根|東京|栃木|沖縄|熊本|秋田|群馬|茨城|青森|静岡|高知|鳥取)\.jp|q(?:u(?:e(?:bec(?:\.museum)?|st)|icksytes\.com)|ld(?:\.(?:edu|gov))?\.au|(?:-a\.eu\.or|\.b)g|(?:h\.c|po)n|a(?:2\.com)?|c\.c(?:om|a)|sl\.br|vc)|x(?:e(?:n(?:apponazure|\.prgmr)\.com|rox)|(?:i(?:hua)?|[jz]\.c)n|s4all\.space|\.(?:bg|se)|(?:bo|x)x|nbay\.com|443\.pw|finity|peria|yz)|ا(?:ل(?:سعود(?:ي[ةه]|ی[ةۃ])|(?:عليا|ارد|يم)ن|جزائر|مغرب)|(?:تصال|مار)ات|يران(?:\.ir)?|یران(?:\.ir)?|بوظبي|رامكو)|1(?:2hp\.(?:at|ch|de)|337\.pictures|kapp\.com|6-b\.it|\.bg)|(?:(?:(?:องค์ก|ทหา)ร|ธุรกิจ|รัฐบาล|ศึกษา|เน็ต)\.)?ไทย|2(?:0(?:00\.hu|38\.io)|ix\.(?:at|ch|de)|\.bg)|о(?:(?:бр|д)\.срб|рг(?:\.срб)?|нлайн)|4(?:lima\.(?:at|ch|de)|u\.com|\.bg)|网(?:[址店站]|络(?:\.(?:cn|hk))?|絡\.hk)|3(?:utilities\.com|2-b\.it|\.bg)|網(?:絡\.(?:cn|hk|香港)|络\.hk|路\.tw)|م(?:و(?:بايلي|قع)|ليسيا|صر)|公(?:司(?:\.(?:cn|hk|香港))?|益)|組(?:織\.(?:hk|tw|香港)|织\.hk)|ب(?:ا(?:زار|رت)|ھارت|يتك)|(?:ירושלים|иком)\.museum|政(?:府(?:\.(?:hk|香港))?|务)|组(?:织(?:\.hk|机构)|織\.hk)|(?:پا[كک]ستا|فلسطي)ن|0(?:01www\.com|\.bg)|9(?:guacu\.br|\.bg)|м(?:о(?:сква|н)|кд)|大(?:[分阪]\.jp|众汽车|拿)|ع(?:ر(?:اق|ب)|مان)|भार(?:त(?:म्)?|ोत)|6(?:4-b\.it|\.bg)|இ(?:ந்தியா|லங்கை)|(?:[个箇]人|敎育)\.hk|سو(?:ري[اة]|دان)|商(?:[城店标]|業\.tw)|香(?:川\.jp|格里拉|港)|у(?:пр\.срб|кр)|新(?:潟\.jp|加坡|闻)|(?:ак|пр)\.срб|к(?:атолик|ом)|ك(?:اثوليك|وم)|中(?:[信国國]|文网)|個人\.(?:hk|香港)|教育\.(?:hk|香港)|(?:グーグ|セー)ル|с(?:айт|рб)|சிங்கப்பூர்|嘉里(?:大酒店)?|[578]\.bg|б(?:ел|г)|р(?:ус|ф)|ভা[রৰ]ত|ファッション|همراه|संगठन|বাংলা|భారత్|ഭാരതം|台[湾灣]|手[机表]|澳[門门]|닷[넷컴]|дети|تونس|شبكة|ڀارت|ਭਾਰਤ|ભારત|ଭାରତ|ಭಾರತ|ලංකා|クラウド|ポイント|電訊盈科|қаз|հայ|קום|قطر|कॉम|नेट|คอม|みんな|ストア|天主教|我爱你|淡马锡|诺基亚|飞利浦|ελ|ею|გე|コム|世界|企业|佛山|信息|健康|八卦|在线|娱乐|家電|工行|广东|微博|慈善|招聘|时尚|書籍|机构|游戏|点看|珠宝|移动|联通|臺灣|谷歌|购物|通販|集团|食品|餐厅|삼성|한국)$/ + , + _tldEx: /(?:\.|^)(?:city\.(?:k(?:itakyushu|awasaki|obe)|(?:yokoham|nagoy)a|s(?:apporo|endai))\.jp|www\.ck)$/ +} diff --git a/TLD/tld_ex.txt b/TLD/tld_ex.txt new file mode 100644 index 0000000..98277bc --- /dev/null +++ b/TLD/tld_ex.txt @@ -0,0 +1 @@ +congresodelalengua3\.ar|educ\.ar|gobiernoelectronico\.ar|mecon\.ar|nacion\.ar|nic\.ar|promocion\.ar|retina\.ar|uba\.ar|metro\.tokyo\.jp|pref\.aichi\.jp|pref\.akita\.jp|pref\.aomori\.jp|pref\.chiba\.jp|pref\.ehime\.jp|pref\.fukui\.jp|pref\.fukuoka\.jp|pref\.fukushima\.jp|pref\.gifu\.jp|pref\.gunma\.jp|pref\.hiroshima\.jp|pref\.hokkaido\.jp|pref\.hyogo\.jp|pref\.ibaraki\.jp|pref\.ishikawa\.jp|pref\.iwate\.jp|pref\.kagawa\.jp|pref\.kagoshima\.jp|pref\.kanagawa\.jp|pref\.kochi\.jp|pref\.kumamoto\.jp|pref\.kyoto\.jp|pref\.mie\.jp|pref\.miyagi\.jp|pref\.miyazaki\.jp|pref\.nagano\.jp|pref\.nagasaki\.jp|pref\.nara\.jp|pref\.niigata\.jp|pref\.oita\.jp|pref\.okayama\.jp|pref\.okinawa\.jp|pref\.osaka\.jp|pref\.saga\.jp|pref\.saitama\.jp|pref\.shiga\.jp|pref\.shimane\.jp|pref\.shizuoka\.jp|pref\.tochigi\.jp|pref\.tokushima\.jp|pref\.tottori\.jp|pref\.toyama\.jp|pref\.wakayama\.jp|pref\.yamagata\.jp|pref\.yamaguchi\.jp|pref\.yamanashi\.jp|city\.chiba\.jp|city\.fukuoka\.jp|city\.hiroshima\.jp|city\.kawasaki\.jp|city\.kitakyushu\.jp|city\.kobe\.jp|city\.kyoto\.jp|city\.nagoya\.jp|city\.osaka\.jp|city\.saitama\.jp|city\.sapporo\.jp|city\.sendai\.jp|city\.shizuoka\.jp|city\.yokohama\.jp|bl\.uk|british-library\.uk|icnet\.uk|jet\.uk|nel\.uk|nls\.uk|national-library-scotland\.uk|parliament\.uk|
\ No newline at end of file diff --git a/TLD/tld_rx.txt b/TLD/tld_rx.txt new file mode 100644 index 0000000..3444183 --- /dev/null +++ b/TLD/tld_rx.txt @@ -0,0 +1 @@ +ac|com\.ac|edu\.ac|gov\.ac|net\.ac|mil\.ac|org\.ac|ad|nom\.ad|ae|net\.ae|gov\.ae|ac\.ae|sch\.ae|org\.ae|mil\.ae|pro\.ae|name\.ae|aero|accident-investigation\.aero|accident-prevention\.aero|aerobatic\.aero|aeroclub\.aero|aerodrome\.aero|agents\.aero|aircraft\.aero|airline\.aero|airport\.aero|air-surveillance\.aero|airtraffic\.aero|air-traffic-control\.aero|ambulance\.aero|amusement\.aero|association\.aero|author\.aero|ballooning\.aero|broker\.aero|caa\.aero|cargo\.aero|catering\.aero|certification\.aero|championship\.aero|charter\.aero|civilaviation\.aero|club\.aero|conference\.aero|consultant\.aero|consulting\.aero|control\.aero|council\.aero|crew\.aero|design\.aero|dgca\.aero|educator\.aero|emergency\.aero|engine\.aero|engineer\.aero|entertainment\.aero|equipment\.aero|exchange\.aero|express\.aero|federation\.aero|flight\.aero|freight\.aero|fuel\.aero|gliding\.aero|government\.aero|groundhandling\.aero|group\.aero|hanggliding\.aero|homebuilt\.aero|insurance\.aero|journal\.aero|journalist\.aero|leasing\.aero|logistics\.aero|magazine\.aero|maintenance\.aero|marketplace\.aero|media\.aero|microlight\.aero|modelling\.aero|navigation\.aero|parachuting\.aero|paragliding\.aero|passenger-association\.aero|pilot\.aero|press\.aero|production\.aero|recreation\.aero|repbody\.aero|res\.aero|research\.aero|rotorcraft\.aero|safety\.aero|scientist\.aero|services\.aero|show\.aero|skydiving\.aero|software\.aero|student\.aero|taxi\.aero|trader\.aero|trading\.aero|trainer\.aero|union\.aero|workinggroup\.aero|works\.aero|af|gov\.af|com\.af|org\.af|net\.af|edu\.af|ag|com\.ag|org\.ag|net\.ag|co\.ag|nom\.ag|ai|off\.ai|com\.ai|net\.ai|org\.ai|gov\.al|edu\.al|org\.al|com\.al|net\.al|am|an|com\.an|net\.an|org\.an|edu\.an|ao|aq|[^\.]+\.ar|e164\.arpa|in-addr\.arpa|ip6\.arpa|uri\.arpa|urn\.arpa|as|at|gv\.at|ac\.at|co\.at|or\.at|[^\.]+\.au|act\.edu\.au|nsw\.edu\.au|nt\.edu\.au|qld\.edu\.au|sa\.edu\.au|tas\.edu\.au|vic\.edu\.au|wa\.edu\.au|act\.gov\.au|nsw\.gov\.au|nt\.gov\.au|qld\.gov\.au|sa\.gov\.au|tas\.gov\.au|vic\.gov\.au|wa\.gov\.au|aw|com\.aw|ax|az|com\.az|net\.az|int\.az|gov\.az|org\.az|edu\.az|info\.az|pp\.az|mil\.az|name\.az|biz\.az|ba|org\.ba|net\.ba|edu\.ba|gov\.ba|mil\.ba|unsa\.ba|unbi\.ba|co\.ba|com\.ba|rs\.ba|bb|com\.bb|edu\.bb|gov\.bb|net\.bb|org\.bb|[^\.]+\.bd|be|ac\.be|bf|bg|bh|bi|biz|bj|bm|com\.bm|edu\.bm|gov\.bm|net\.bm|org\.bm|[^\.]+\.bn|bo|com\.bo|edu\.bo|gov\.bo|gob\.bo|int\.bo|org\.bo|net\.bo|mil\.bo|tv\.bo|[^\.]+\.br|bs|com\.bs|net\.bs|org\.bs|edu\.bs|gov\.bs|[^\.]+\.bt|bw|by|bz|ca|ab\.ca|bc\.ca|mb\.ca|nb\.ca|nf\.ca|nl\.ca|ns\.ca|nt\.ca|nu\.ca|on\.ca|pe\.ca|qc\.ca|sk\.ca|yk\.ca|cat|cc|cd|cf|cg|ch|ci|[^\.]+\.ck|cl|cm|cn|ac\.cn|com\.cn|edu\.cn|gov\.cn|net\.cn|org\.cn|ah\.cn|bj\.cn|cq\.cn|fj\.cn|gd\.cn|gs\.cn|gz\.cn|gx\.cn|ha\.cn|hb\.cn|he\.cn|hi\.cn|hl\.cn|hn\.cn|jl\.cn|js\.cn|jx\.cn|ln\.cn|nm\.cn|nx\.cn|qh\.cn|sc\.cn|sd\.cn|sh\.cn|sn\.cn|sx\.cn|tj\.cn|xj\.cn|xz\.cn|yn\.cn|zj\.cn|[^\.]+\.co|com|coop|[^\.]+\.cr|cu|com\.cu|edu\.cu|org\.cu|net\.cu|gov\.cu|inf\.cu|cv|cx|[^\.]+\.cy|cz|de|dj|dk|dm|com\.dm|net\.dm|org\.dm|[^\.]+\.do|dz|com\.dz|org\.dz|net\.dz|gov\.dz|edu\.dz|asso\.dz|pol\.dz|art\.dz|ec|com\.ec|info\.ec|net\.ec|fin\.ec|med\.ec|pro\.ec|org\.ec|edu\.ec|gov\.ec|mil\.ec|edu|ee|com\.ee|org\.ee|fie\.ee|pri\.ee|[^\.]+\.eg|[^\.]+\.er|es|com\.es|nom\.es|org\.es|gob\.es|edu\.es|[^\.]+\.et|eu|fi|[^\.]+\.fj|[^\.]+\.fk|fm|fo|fr|fr|com\.fr|asso\.fr|nom\.fr|prd\.fr|presse\.fr|tm\.fr|aeroport\.fr|assedic\.fr|avocat\.fr|avoues\.fr|cci\.fr|chambagri\.fr|chirurgiens-dentistes\.fr|experts-comptables\.fr|geometre-expert\.fr|gouv\.fr|greta\.fr|huissier-justice\.fr|medecin\.fr|notaires\.fr|pharmacien\.fr|port\.fr|veterinaire\.fr|ga|gd|ge|com\.ge|edu\.ge|gov\.ge|org\.ge|mil\.ge|net\.ge|pvt\.ge|gf|gg|co\.gg|org\.gg|net\.gg|sch\.gg|gov\.gg|[^\.]+\.gh|gi|com\.gi|ltd\.gi|gov\.gi|mod\.gi|edu\.gi|org\.gi|gl|gm|[^\.]+\.gn|gov|gp|com\.gp|net\.gp|edu\.gp|org\.gp|gq|gr|com\.gr|edu\.gr|net\.gr|org\.gr|gov\.gr|gs|[^\.]+\.gt|[^\.]+\.gu|gw|gy|hk|com\.hk|edu\.hk|gov\.hk|idv\.hk|net\.hk|org\.hk|hm|hn|com\.hn|edu\.hn|org\.hn|net\.hn|mil\.hn|gob\.hn|hr|iz\.hr|from\.hr|name\.hr|com\.hr|ht|com\.ht|shop\.ht|firm\.ht|info\.ht|adult\.ht|net\.ht|pro\.ht|org\.ht|med\.ht|art\.ht|coop\.ht|pol\.ht|asso\.ht|edu\.ht|rel\.ht|gouv\.ht|perso\.ht|hu|co\.hu|info\.hu|org\.hu|priv\.hu|sport\.hu|tm\.hu|2000\.hu|agrar\.hu|bolt\.hu|casino\.hu|city\.hu|erotica\.hu|erotika\.hu|film\.hu|forum\.hu|games\.hu|hotel\.hu|ingatlan\.hu|jogasz\.hu|konyvelo\.hu|lakas\.hu|media\.hu|news\.hu|reklam\.hu|sex\.hu|shop\.hu|suli\.hu|szex\.hu|tozsde\.hu|utazas\.hu|video\.hu|[^\.]+\.id|ie|[^\.]+\.il|im|co\.im|ltd\.co\.im|plc\.co\.im|net\.im|gov\.im|org\.im|nic\.im|ac\.im|in|co\.in|firm\.in|net\.in|org\.in|gen\.in|ind\.in|nic\.in|ac\.in|edu\.in|res\.in|gov\.in|mil\.in|info|int|io|iq|gov\.iq|edu\.iq|ir|ac\.ir|co\.ir|gov\.ir|id\.ir|net\.ir|org\.ir|sch\.ir|is|net\.is|com\.is|edu\.is|gov\.is|org\.is|int\.is|it|gov\.edu|Agrigento\.it|AG\.it|Alessandria\.it|AL\.it|Ancona\.it|AN\.it|Aosta\.it|Aoste\.it|AO\.it|Arezzo\.it|AR\.it|Ascoli-Piceno\.it|AscoliPiceno\.it|AP\.it|Asti\.it|AT\.it|Avellino\.it|AV\.it|Bari\.it|BA\.it|BarlettaAndriaTrani\.it|Barletta-Andria-Trani\.it|Belluno\.it|BL\.it|Benevento\.it|BN\.it|Bergamo\.it|BG\.it|Biella\.it|BI\.it|Bologna\.it|BO\.it|Bolzano\.it|Bozen\.it|Balsan\.it|Alto-Adige\.it|AltoAdige\.it|Suedtirol\.it|BZ\.it|Brescia\.it|BS\.it|Brindisi\.it|BR\.it|Cagliari\.it|CA\.it|Caltanissetta\.it|CL\.it|Campobasso\.it|CB\.it|Caserta\.it|CE\.it|Catania\.it|CT\.it|Catanzaro\.it|CZ\.it|Chieti\.it|CH\.it|Como\.it|CO\.it|Cosenza\.it|CS\.it|Cremona\.it|CR\.it|Crotone\.it|KR\.it|Cuneo\.it|CN\.it|Enna\.it|EN\.it|Fermo\.it|Ferrara\.it|FE\.it|Firenze\.it|Florence\.it|FI\.it|Foggia\.it|FG\.it|Forli-Cesena\.it|ForliCesena\.it|FC\.it|Frosinone\.it|FR\.it|Genova\.it|Genoa\.it|GE\.it|Gorizia\.it|GO\.it|Grosseto\.it|GR\.it|Imperia\.it|IM\.it|Isernia\.it|IS\.it|LAquila\.it|Aquila\.it|AQ\.it|La-Spezia\.it|LaSpezia\.it|SP\.it|Latina\.it|LT\.it|Lecce\.it|LE\.it|Lecco\.it|LC\.it|Livorno\.it|LI\.it|Lodi\.it|LO\.it|Lucca\.it|LU\.it|Macerata\.it|MC\.it|Mantova\.it|MN\.it|Massa-Carrara\.it|MassaCarrara\.it|MS\.it|Matera\.it|MT\.it|Messina\.it|ME\.it|Milano\.it|Milan\.it|MI\.it|Modena\.it|MO\.it|Monza\.it|Napoli\.it|Naples\.it|NA\.it|Novara\.it|NO\.it|Nuoro\.it|NU\.it|Oristano\.it|OR\.it|Padova\.it|Padua\.it|PD\.it|Palermo\.it|PA\.it|Parma\.it|PR\.it|Pavia\.it|PV\.it|Perugia\.it|PG\.it|Pescara\.it|PE\.it|Pesaro-Urbino\.it|PesaroUrbino\.it|PU\.it|Piacenza\.it|PC\.it|Pisa\.it|PI\.it|Pistoia\.it|PT\.it|Pordenone\.it|PN\.it|Potenza\.it|PZ\.it|Prato\.it|PO\.it|Ragusa\.it|RG\.it|Ravenna\.it|RA\.it|Reggio-Calabria\.it|ReggioCalabria\.it|RC\.it|Reggio-Emilia\.it|ReggioEmilia\.it|RE\.it|Rieti\.it|RI\.it|Rimini\.it|RN\.it|Roma\.it|Rome\.it|RM\.it|Rovigo\.it|RO\.it|Salerno\.it|SA\.it|Sassari\.it|SS\.it|Savona\.it|SV\.it|Siena\.it|SI\.it|Siracusa\.it|SR\.it|Sondrio\.it|SO\.it|Taranto\.it|TA\.it|Teramo\.it|TE\.it|Terni\.it|TR\.it|Torino\.it|Turin\.it|TO\.it|Trapani\.it|TP\.it|Trento\.it|Trentino\.it|TN\.it|Treviso\.it|TV\.it|Trieste\.it|TS\.it|Udine\.it|UD\.it|Varese\.it|VA\.it|Venezia\.it|Venice\.it|VE\.it|Verbania\.it|VB\.it|Vercelli\.it|VC\.it|Verona\.it|VR\.it|Vibo-Valentia\.it|ViboValentia\.it|VV\.it|Vicenza\.it|VI\.it|Viterbo\.it|VT\.it|je|co\.je|org\.je|net\.je|sch\.je|gov\.je|[^\.]+\.jm|jo|com\.jo|org\.jo|net\.jo|edu\.jo|gov\.jo|mil\.jo|myname\.jo|jobs|jp|ac\.jp|ad\.jp|co\.jp|ed\.jp|go\.jp|gr\.jp|lg\.jp|ne\.jp|or\.jp|[^\.]+\.aichi\.jp|[^\.]+\.akita\.jp|[^\.]+\.aomori\.jp|[^\.]+\.chiba\.jp|[^\.]+\.ehime\.jp|[^\.]+\.fukui\.jp|[^\.]+\.fukuoka\.jp|[^\.]+\.fukushima\.jp|[^\.]+\.gifu\.jp|[^\.]+\.gunma\.jp|[^\.]+\.hiroshima\.jp|[^\.]+\.hokkaido\.jp|[^\.]+\.hyogo\.jp|[^\.]+\.ibaraki\.jp|[^\.]+\.ishikawa\.jp|[^\.]+\.iwate\.jp|[^\.]+\.kagawa\.jp|[^\.]+\.kagoshima\.jp|[^\.]+\.kanagawa\.jp|[^\.]+\.kawasaki\.jp|[^\.]+\.kitakyushu\.jp|[^\.]+\.kobe\.jp|[^\.]+\.kochi\.jp|[^\.]+\.kumamoto\.jp|[^\.]+\.kyoto\.jp|[^\.]+\.mie\.jp|[^\.]+\.miyagi\.jp|[^\.]+\.miyazaki\.jp|[^\.]+\.nagano\.jp|[^\.]+\.nagasaki\.jp|[^\.]+\.nagoya\.jp|[^\.]+\.nara\.jp|[^\.]+\.niigata\.jp|[^\.]+\.oita\.jp|[^\.]+\.okayama\.jp|[^\.]+\.okinawa\.jp|[^\.]+\.osaka\.jp|[^\.]+\.saga\.jp|[^\.]+\.saitama\.jp|[^\.]+\.sapporo\.jp|[^\.]+\.sendai\.jp|[^\.]+\.shiga\.jp|[^\.]+\.shimane\.jp|[^\.]+\.shizuoka\.jp|[^\.]+\.tochigi\.jp|[^\.]+\.tokushima\.jp|[^\.]+\.tokyo\.jp|[^\.]+\.tottori\.jp|[^\.]+\.toyama\.jp|[^\.]+\.wakayama\.jp|[^\.]+\.yamagata\.jp|[^\.]+\.yamaguchi\.jp|[^\.]+\.yamanashi\.jp|[^\.]+\.yokohama\.jp|[^\.]+\.ke|kg|org\.kg|net\.kg|com\.kg|edu\.kg|gov\.kg|mil\.kg|[^\.]+\.kh|ki|edu\.ki|biz\.ki|net\.ki|org\.ki|gov\.ki|info\.ki|com\.ki|km|kn|kr|ac\.kr|co\.kr|go\.kr|ne\.kr|or\.kr|re\.kr|pe\.kr|한글\.kr|[^\.]+\.kw|ky|edu\.ky|gov\.ky|com\.ky|org\.ky|net\.ky|kz|org\.kz|edu\.kz|net\.kz|gov\.kz|mil\.kz|com\.kz|la|[^\.]+\.lb|lc|com\.lc|org\.lc|edu\.lc|gov\.lc|li|lk|gov\.lk|sch\.lk|net\.lk|int\.lk|com\.lk|org\.lk|edu\.lk|ngo\.lk|soc\.lk|web\.lk|ltd\.lk|assn\.lk|grp\.lk|hotel\.lk|[^\.]+\.lr|ls|co\.ls|org\.ls|lt|lu|lv|com\.lv|edu\.lv|gov\.lv|org\.lv|mil\.lv|id\.lv|net\.lv|asn\.lv|conf\.lv|ly|com\.ly|net\.ly|gov\.ly|plc\.ly|edu\.ly|sch\.ly|med\.ly|org\.ly|id\.ly|ma|co\.ma|net\.ma|gov\.ma|org\.ma|mc|tm\.mc|asso\.mc|md|mg|org\.mg|nom\.mg|gov\.mg|prd\.mg|tm\.mg|edu\.mg|mil\.mg|com\.mg|mh|mil|mk|com\.mk|gov\.mk|org\.mk|net\.mk|edu\.mk|[^\.]+\.ml|[^\.]+\.mm|mn|gov\.mn|edu\.mn|org\.mn|mo|com\.mo|net\.mo|org\.mo|edu\.mo|gov\.mo|mobi|mp|mq|mr|ms|[^\.]+\.mt|mu|museum|[^\.]+\.mv|mw|ac\.mw|biz\.mw|co\.mw|com\.mw|coop\.mw|edu\.mw|gov\.mw|int\.mw|net\.mw|org\.mw|[^\.]+\.mx|[^\.]+\.my|[^\.]+\.mz|na|name|nc|ne|net|nf|com\.nf|net\.nf|per\.nf|rec\.nf|web\.nf|arts\.nf|firm\.nf|info\.nf|other\.nf|store\.nf|ng|[^\.]+\.ni|nl|no|fhs\.no|vgs\.no|fylkesbibl\.no|folkebibl\.no|museum\.no|idrett\.no|mil\.no|stat\.no|dep\.no|kommune\.no|herad\.no |priv\.no|aa\.no|ah\.no|bu\.no|fm\.no|hl\.no|hm\.no|jan-mayen\.no|mr\.no|nl\.no|nt\.no|of\.no|ol\.no|oslo\.no|rl\.no|sf\.no|st\.no|svalbard\.no|tm\.no|tr\.no|va\.no|vf\.no|gs\.aa\.no|gs\.ah\.no|gs\.bu\.no|gs\.fm\.no|gs\.hl\.no|gs\.hm\.no|gs\.jan-mayen\.no|gs\.mr\.no|gs\.nl\.no|gs\.nt\.no|gs\.of\.no|gs\.ol\.no|gs\.oslo\.no|gs\.rl\.no|gs\.sf\.no|gs\.st\.no|gs\.svalbard\.no|gs\.tm\.no|gs\.tr\.no|gs\.va\.no|gs\.vf\.no|akrehamn\.no|åkrehamn\.no|algard\.no|ålgård\.no|arna\.no|brumunddal\.no|bryne\.no|bronnoysund\.no|brønnøysund\.no|drobak\.no|drøbak\.no|egersund\.no|fetsund\.no|floro\.no|florø\.no|fredrikstad\.no|hokksund\.no|honefoss\.no|hønefoss\.no|jessheim\.no|jorpeland\.no|jørpeland\.no|kirkenes\.no|kopervik\.no|krokstadelva\.no|langevag\.no|langevåg\.no|leirvik\.no|mjondalen\.no|mjøndalen\.no|mo-i-rana\.no|mosjoen\.no|mosjøen\.no|nesoddtangen\.no|orkanger\.no|osoyro\.no|osøyro\.no|raholt\.no|råholt\.no|sandnessjoen\.no|sandnessjøen\.no|skedsmokorset\.no|slattum\.no|spjelkavik\.no|stathelle\.no|stavern\.no|stjordalshalsen\.no|stjørdalshalsen\.no|tananger\.no|tranby\.no|vossevangen\.no|afjord\.no|åfjord\.no|agdenes\.no|al\.no|ål\.no|alesund\.no|ålesund\.no|alstahaug\.no|alta\.no|áltá\.no|alaheadju\.no|álaheadju\.no|alvdal\.no|amli\.no|åmli\.no|amot\.no|åmot\.no|andebu\.no|andoy\.no|andøy\.no|andasuolo\.no|ardal\.no|årdal\.no|aremark\.no|arendal\.no|ås\.no|aseral\.no|åseral\.no|asker\.no|askim\.no|askvoll\.no|askoy\.no|askøy\.no|asnes\.no|åsnes\.no|audnedaln\.no|aukra\.no|aure\.no|aurland\.no|aurskog-holand\.no|aurskog-høland\.no|austevoll\.no|austrheim\.no|averoy\.no|averøy\.no|balestrand\.no|ballangen\.no|balat\.no|bálát\.no|balsfjord\.no|bahccavuotna\.no|báhccavuotna\.no|bamble\.no|bardu\.no|beardu\.no|beiarn\.no|bajddar\.no|bájddar\.no|baidar\.no|báidár\.no|berg\.no|bergen\.no|berlevag\.no|berlevåg\.no|bearalvahki\.no|bearalváhki\.no|bindal\.no|birkenes\.no|bjarkoy\.no|bjarkøy\.no|bjerkreim\.no|bjugn\.no|bodo\.no|bodø\.no|badaddja\.no|bådåddjå\.no|budejju\.no|bokn\.no|bremanger\.no|bronnoy\.no|brønnøy\.no|bygland\.no|bykle\.no|barum\.no|bærum\.no|bo\.telemark\.no|bø\.telemark\.no|bo\.nordland\.no|bø\.nordland\.no|bievat\.no|bievát\.no|bomlo\.no|bømlo\.no|batsfjord\.no|båtsfjord\.no|bahcavuotna\.no|báhcavuotna\.no|dovre\.no|drammen\.no|drangedal\.no|dyroy\.no|dyrøy\.no|donna\.no|dønna\.no|eid\.no|eidfjord\.no|eidsberg\.no|eidskog\.no|eidsvoll\.no|eigersund\.no|elverum\.no|enebakk\.no|engerdal\.no|etne\.no|etnedal\.no|evenes\.no|evenassi\.no|evenášši\.no|evje-og-hornnes\.no|farsund\.no|fauske\.no|fuossko\.no|fuoisku\.no|fedje\.no|fet\.no|finnoy\.no|finnøy\.no|fitjar\.no|fjaler\.no|fjell\.no|flakstad\.no|flatanger\.no|flekkefjord\.no|flesberg\.no|flora\.no|fla\.no|flå\.no|folldal\.no|forsand\.no|fosnes\.no|fredrikstad\.no|frei\.no|frogn\.no|froland\.no|frosta\.no|frana\.no|fræna\.no|froya\.no|frøya\.no|fusa\.no|fyresdal\.no|forde\.no|førde\.no|gamvik\.no|gangaviika\.no|gáŋgaviika|gaular\.no|gausdal\.no|gildeskal\.no|gildeskål\.no|giske\.no|gjemnes\.no|gjerdrum\.no|gjerstad\.no|gjesdal\.no|gjovik\.no|gjøvik\.no|gloppen\.no|gol\.no|gran\.no|grane\.no|granvin\.no|gratangen\.no|grimstad\.no|grong\.no|kraanghke\.no|kråanghke\.no|grue\.no|gulen\.no|hadsel\.no|halden\.no|halsa\.no|hamar\.no|hamaroy\.no|habmer\.no|hábmer\.no|hapmir\.no|hápmir\.no|hammerfest\.no|hammarfeasta\.no|hámmárfeasta\.no|haram\.no|hareid\.no|harstad\.no|hasvik\.no|aknoluokta\.no|ákŋoluokta\.no|hattfjelldal\.no|aarborte\.no|haugesund\.no|hemne\.no|hemnes\.no|hemsedal\.no|heroy\.more-og-romsdal\.no|herøy\.møre-og-romsdal\.no|heroy\.nordland\.no|herøy\.nordland\.no|hitra\.no|hjartdal\.no|hjelmeland\.no|hobol\.no|hobøl\.no|hof\.no|hol\.no|hole\.no|holmestrand\.no|holtalen\.no|holtålen\.no|hornindal\.no|horten\.no|hurdal\.no|hurum\.no|hvaler\.no|hyllestad\.no|hagebostad\.no|hægebostad\.no|hoyanger\.no|høyanger\.no|hoylandet\.no|høylandet\.no|ha\.no|hå\.no|ibestad\.no|inderoy\.no|inderøy\.no|iveland\.no|jevnaker\.no|jondal\.no|jolster\.no|jølster\.no|karasjok\.no|karasjohka\.no|kárášjohka\.no|karlsoy\.no|galsa\.no|gálsá\.no|karmoy\.no|karmøy\.no|kautokeino\.no|guovdageaidnu\.no|klepp\.no|klabu\.no|klæbu\.no|kongsberg\.no|kongsvinger\.no|kragero\.no|kragerø\.no|kristiansand\.no|kristiansund\.no|krodsherad\.no|krødsherad\.no|kvalsund\.no|rahkkeravju\.no|ráhkkerávju\.no|kvam\.no|kvinesdal\.no|kvinnherad\.no|kviteseid\.no|kvitsoy\.no|kvitsøy\.no|kvafjord\.no|kvæfjord\.no|giehtavuoatna\.no|kvanangen\.no|kvænangen\.no|navuotna\.no|návuotna\.no|kafjord\.no|kåfjord\.no|gaivuotna\.no|gáivuotna\.no|larvik\.no|lavangen\.no|lavagis\.no|loabat\.no|loabát\.no|lebesby\.no|davvesiida\.no|leikanger\.no|leirfjord\.no|leka\.no|leksvik\.no|lenvik\.no|leangaviika\.no|lea?gaviika\.no|lesja\.no|levanger\.no|lier\.no|lierne\.no|lillehammer\.no|lillesand\.no|lindesnes\.no|lindas\.no|lindås\.no|lom\.no|loppa\.no|lahppi\.no|láhppi\.no|lund\.no|lunner\.no|luroy\.no|lurøy\.no|luster\.no|lyngdal\.no|lyngen\.no|ivgu\.no|lardal\.no|Lærdal|lerdal\.no|lærdal\.no|lodingen\.no|lødingen\.no|lorenskog\.no|lørenskog\.no|loten\.no|løten\.no|malvik\.no|masoy\.no|måsøy\.no|muosat\.no|muosát\.no|mandal\.no|marker\.no|marnardal\.no|masfjorden\.no|meland\.no|meldal\.no|melhus\.no|meloy\.no|meløy\.no|meraker\.no|meråker\.no|moareke\.no|moåreke\.no|midsund\.no|midtre-gauldal\.no|modalen\.no|modum\.no|molde\.no|moskenes\.no|moss\.no|mosvik\.no|malselv\.no|målselv\.no|malatvuopmi\.no|málatvuopmi\.no|namdalseid\.no|aejrie\.no|namsos\.no|namsskogan\.no|naamesjevuemie\.no|nååmesjevuemie\.no|laakesvuemie\.no|nannestad\.no|narvik\.no|narviika\.no|naustdal\.no|nedre-eiker\.no|nes\.akershus\.no|nes\.buskerud\.no|nesna\.no|nesodden\.no|nesseby\.no|unjarga\.no|unjárga\.no|nesset\.no|nissedal\.no|nittedal\.no|nord-aurdal\.no|nord-fron\.no|nord-odal\.no|norddal\.no|nordkapp\.no|davvenjarga\.no|davvenjárga\.no|nordre-land\.no|nordreisa\.no|raisa\.no|ráisa\.no|nore-og-uvdal\.no|notodden\.no|naroy\.no|nærøy\.no|notteroy\.no|nøtterøy\.no|odda\.no|oksnes\.no|`øksnes\.no|oppdal\.no|oppegard\.no|oppegård\.no|orkdal\.no|orland\.no|ørland\.no|orskog\.no|ørskog\.no|orsta\.no|ørsta\.no|os\.hedmark\.no|os\.hordaland\.no|osen\.no|osteroy\.no|osterøy\.no|ostre-toten\.no|østre-toten\.no|overhalla\.no|ovre-eiker\.no|øvre-eiker\.no|oyer\.no|øyer\.no|oygarden\.no|øygarden\.no|oystre-slidre\.no|øystre-slidre\.no|porsanger\.no|porsangu\.no|porsáŋgu\.no|porsgrunn\.no|radoy\.no|radøy\.no|rakkestad\.no|rana\.no|ruovat\.no|randaberg\.no|rauma\.no|rendalen\.no|rennebu\.no|rennesoy\.no|rennesøy\.no|rindal\.no|ringebu\.no|ringerike\.no|ringsaker\.no|rissa\.no|risor\.no|risør\.no|roan\.no|rollag\.no|rygge\.no|ralingen\.no|rælingen\.no|rodoy\.no|rødøy\.no|romskog\.no|rømskog\.no|roros\.no|røros\.no|rost\.no|røst\.no|royken\.no|røyken\.no|royrvik\.no|røyrvik\.no|rade\.no|råde\.no|salangen\.no|siellak\.no|saltdal\.no|sálát\.no|sálat\.no|samnanger\.no|sande\.more-og-romsdal\.no|sande\.møre-og-romsdal\.no|sande\.vestfold\.no|sandefjord\.no|sandnes\.no|sandoy\.no|sandøy\.no|sarpsborg\.no|sauda\.no|sauherad\.no|sel\.no|selbu\.no|selje\.no|seljord\.no|sigdal\.no|siljan\.no|sirdal\.no|skaun\.no|skedsmo\.no|ski\.no|skien\.no|skiptvet\.no|skjervoy\.no|skjervøy\.no|skierva\.no|skiervá\.no|skjak\.no|skjåk\.no|skodje\.no|skanland\.no|skånland\.no|skanit\.no|skánit\.no|smola\.no|smøla\.no|snillfjord\.no|snasa\.no|snåsa\.no|snoasa\.no|snaase\.no|snåase\.no|sogndal\.no|sokndal\.no|sola\.no|solund\.no|songdalen\.no|sortland\.no|spydeberg\.no|stange\.no|stavanger\.no|steigen\.no|steinkjer\.no|stjordal\.no|stjørdal\.no|stokke\.no|stor-elvdal\.no|stord\.no|stordal\.no|storfjord\.no|omasvuotna\.no|strand\.no|stranda\.no|stryn\.no|sula\.no|suldal\.no|sund\.no|sunndal\.no|surnadal\.no|sveio\.no|svelvik\.no|sykkylven\.no|sogne\.no|søgne\.no|somna\.no|sømna\.no|sondre-land\.no|søndre-land\.no|sor-aurdal\.no|sør-aurdal\.no|sor-fron\.no|sør-fron\.no|sor-odal\.no|sør-odal\.no|sor-varanger\.no|sør-varanger\.no|matta-varjjat\.no|mátta-várjjat\.no|sorfold\.no|sørfold\.no|sorreisa\.no|sørreisa\.no|sorum\.no|sørum\.no|tana\.no|deatnu\.no|time\.no|tingvoll\.no|tinn\.no|tjeldsund\.no|dielddanuorri\.no|tjome\.no|tjøme\.no|tokke\.no|tolga\.no|torsken\.no|tranoy\.no|tranøy\.no|tromso\.no|tromsø\.no|tromsa\.no|romsa\.no|trondheim\.no|troandin\.no|trysil\.no|trana\.no|træna\.no|trogstad\.no|trøgstad\.no|tvedestrand\.no|tydal\.no|tynset\.no|tysfjord\.no|divtasvuodna\.no|divttasvuotna\.no|tysnes\.no|tysvar\.no|tysvær\.no|tonsberg\.no|tønsberg\.no|ullensaker\.no|ullensvang\.no|ulvik\.no|utsira\.no|vadso\.no|vadsø\.no|cahcesuolo\.no|cáhcesuolo\.no|vaksdal\.no|valle\.no|vang\.no|vanylven\.no|vardo\.no|vardø\.no|varggat\.no|várggát\.no|vefsn\.no|vaapste\.no|vega\.no|vegarshei\.no|vegårshei\.no|vennesla\.no|verdal\.no|verran\.no|vestby\.no|vestnes\.no|vestre-slidre\.no|vestre-toten\.no|vestvagoy\.no|vestvågøy\.no|vevelstad\.no|vik\.no|vikna\.no|vindafjord\.no|volda\.no|voss\.no|varoy\.no|værøy\.no|vagan\.no|vågan\.no|voagat\.no|vagsoy\.no|vågsøy\.no|vaga\.no|vågå\.no|valer\.ostfold\.no|våler\.østfold\.no|valer\.hedmark\.no|våler\.hedmark\.no|[^\.]+\.np|nr|biz\.nr|info\.nr|gov\.nr|edu\.nr|org\.nr|net\.nr|com\.nr|nu|[^\.]+\.nz|[^\.]+\.om|org|[^\.]+\.pa|[^\.]+\.pe|pf|com\.pf|org\.pf|edu\.pf|[^\.]+\.pg|ph|com\.ph|net\.ph|org\.ph|gov\.ph|edu\.ph|ngo\.ph|mil\.ph|pk|com\.pk|net\.pk|edu\.pk|org\.pk|fam\.pk|biz\.pk|web\.pk|gov\.pk|gob\.pk|gok\.pk|gon\.pk|gop\.pk|gos\.pk|goa\.pk|info\.pk|pl|aid\.pl|agro\.pl|atm\.pl|auto\.pl|biz\.pl|com\.pl|edu\.pl|gmina\.pl|gsm\.pl|info\.pl|mail\.pl|miasta\.pl|media\.pl|mil\.pl|net\.pl|nieruchomosci\.pl|nom\.pl|org\.pl |pc\.pl|powiat\.pl|priv\.pl|realestate\.pl|rel\.pl|sex\.pl|shop\.pl|sklep\.pl|sos\.pl|szkola\.pl|targi\.pl|tm\.pl|tourism\.pl|travel\.pl|turystyka\.pl|6bone\.pl|art\.pl|mbone\.pl|gov\.pl|uw\.gov\.pl|um\.gov\.pl|ug\.gov\.pl|upow\.gov\.pl|starostwo\.gov\.pl|so\.gov\.pl|sr\.gov\.pl|po\.gov\.pl|pa\.gov\.pl|med\.pl|ngo\.pl|irc\.pl|usenet\.pl|augustow\.pl|babia-gora\.pl|bedzin\.pl|beskidy\.pl|bialowieza\.pl|bialystok\.pl|bielawa\.pl|bieszczady\.pl|boleslawiec\.pl|bydgoszcz\.pl|bytom\.pl|cieszyn\.pl|czeladz\.pl|czest\.pl|dlugoleka\.pl|elblag\.pl|elk\.pl|glogow\.pl|gniezno\.pl|gorlice\.pl|grajewo\.pl|ilawa\.pl|jaworzno\.pl|jelenia-gora\.pl|jgora\.pl|kalisz\.pl|kazimierz-dolny\.pl|karpacz\.pl|kartuzy\.pl|kaszuby\.pl|katowice\.pl|kepno\.pl|ketrzyn\.pl|klodzko\.pl|kobierzyce\.pl|kolobrzeg\.pl|konin\.pl|konskowola\.pl|kutno\.pl|lapy\.pl|lebork\.pl|legnica\.pl|lezajsk\.pl|limanowa\.pl|lomza\.pl|lowicz\.pl|lubin\.pl|lukow\.pl|malbork\.pl|malopolska\.pl|mazowsze\.pl|mazury\.pl|mielec\.pl|mielno\.pl|mragowo\.pl|naklo\.pl|nowaruda\.pl|nysa\.pl|olawa\.pl|olecko\.pl|olkusz\.pl|olsztyn\.pl|opoczno\.pl|opole\.pl|ostroda\.pl|ostroleka\.pl|ostrowiec\.pl|ostrowwlkp\.pl|pila\.pl|pisz\.pl|podhale\.pl|podlasie\.pl|polkowice\.pl|pomorze\.pl|pomorskie\.pl|prochowice\.pl|pruszkow\.pl|przeworsk\.pl|pulawy\.pl|radom\.pl|rawa-maz\.pl|rybnik\.pl|rzeszow\.pl|sanok\.pl|sejny\.pl|slask\.pl|slupsk\.pl|sosnowiec\.pl|stalowa-wola\.pl|skoczow\.pl|starachowice\.pl|stargard\.pl|suwalki\.pl|swidnica\.pl|swiebodzin\.pl|swinoujscie\.pl|szczecin\.pl|szczytno\.pl|tarnobrzeg\.pl|tgory\.pl|turek\.pl|tychy\.pl|ustka\.pl|walbrzych\.pl|warmia\.pl|warszawa\.pl|waw\.pl|wegrow\.pl|wielun\.pl|wlocl\.pl|wloclawek\.pl|wodzislaw\.pl|wolomin\.pl|wroclaw\.pl|zachpomor\.pl|zagan\.pl|zarow\.pl|zgora\.pl|zgorzelec\.pl |gda\.pl|gdansk\.pl|gdynia\.pl|sopot\.pl|gliwice\.pl|krakow\.pl|poznan\.pl|wroc\.pl|zakopane\.pl|pn|gov\.pn|co\.pn|org\.pn|edu\.pn|net\.pn|pr|com\.pr|net\.pr|org\.pr|gov\.pr|edu\.pr|isla\.pr|pro\.pr|biz\.pr|info\.pr|name\.pr|est\.pr|prof\.pr|ac\.pr|pro|aca\.pro|bar\.pro|cpa\.pro|jur\.pro|law\.pro|med\.pro|eng\.pro|ps|edu\.ps|gov\.ps|sec\.ps|plo\.ps|com\.ps|org\.ps|net\.ps|pt|net\.pt|gov\.pt|org\.pt|edu\.pt|int\.pt|publ\.pt|com\.pt|nome\.pt|[^\.]+\.pw|[^\.]+\.py|[^\.]+\.qa|re|com\.re|asso\.re|nom\.re|ro|com\.ro|org\.ro|tm\.ro|nt\.ro|nom\.ro|info\.ro|rec\.ro|arts\.ro|firm\.ro|store\.ro|www\.ro|ru|com\.ru|net\.ru|org\.ru|pp\.ru|int\.ru|rw|gov\.rw|net\.rw|edu\.rw|ac\.rw|com\.rw|co\.rw|int\.rw|mil\.rw|gouv\.rw|[^\.]+\.sa|[^\.]+\.sb|sc|com\.sc|gov\.sc|net\.sc|org\.sc|edu\.sc|sd|com\.sd|net\.sd|org\.sd|edu\.sd|med\.sd|tv\.sd|gov\.sd|info\.sd|se|org\.se|pp\.se|tm\.se|parti\.se|press\.se|mil\.se|ab\.se|c\.se|d\.se|e\.se|f\.se|g\.se|h\.se|i\.se|k\.se|m\.se|n\.se|o\.se|s\.se|t\.se|u\.se|w\.se|x\.se|y\.se|z\.se|ac\.se|bd\.se|sg|com\.sg|net\.sg|org\.sg|gov\.sg|edu\.sg|per\.sg|sh|si|sk|sl|sm|sn|sr|st|su|[^\.]+\.sv|[^\.]+\.sy|sz|tc|td|tf|tg|[^\.]+\.th|tj|ac\.tj|biz\.tj|com\.tj|co\.tj|edu\.tj|int\.tj|name\.tj|net\.tj|org\.tj|web\.tj|gov\.tj|go\.tj|mil\.tj|tk|tl|tm|tn|to|[^\.]+\.tr|travel|tt|co\.tt|com\.tt|org\.tt|net\.tt|biz\.tt|info\.tt|pro\.tt|int\.tt|coop\.tt|jobs\.tt|mobi\.tt|travel\.tt|museum\.tt|aero\.tt|name\.tt|gov\.tt|edu\.tt|tv|tw|edu\.tw|gov\.tw|mil\.tw|com\.tw|net\.tw|org\.tw|idv\.tw|game\.tw|ebiz\.tw|club\.tw|網路\.tw|組織\.tw|商業\.tw|[^\.]+\.tz|ua|com\.ua|edu\.ua|gov\.ua|net\.ua|org\.ua|cherkassy\.ua|chernigov\.ua|chernovtsy\.ua|ck\.ua|cn\.ua|crimea\.ua|cv\.ua|dn\.ua|dnepropetrovsk\.ua|donetsk\.ua|dp\.ua|if\.ua|ivano-frankivsk\.ua|kh\.ua|kharkov\.ua|kherson\.ua|kiev\.ua|kirovograd\.ua|km\.ua|kr\.ua|ks\.ua|lg\.ua|lugansk\.ua|lutsk\.ua|lviv\.ua|mk\.ua|nikolaev\.ua|od\.ua|odessa\.ua|pl\.ua|poltava\.ua|rovno\.ua|rv\.ua|sebastopol\.ua|sumy\.ua|te\.ua|ternopil\.ua|vinnica\.ua|vn\.ua|zaporizhzhe\.ua|zp\.ua|uz\.ua|uzhgorod\.ua|zhitomir\.ua|zt\.ua|ug|co\.ug|ac\.ug|sc\.ug|go\.ug|ne\.ug|or\.ug|[^\.]+\.uk|[^\.]+\.sch\.uk|us|dni\.us|fed\.us|isa\.us|kids\.us|nsn\.us|ak\.us|al\.us|ar\.us|az\.us|ca\.us|co\.us|ct\.us|dc\.us|de\.us|fl\.us|ga\.us|hi\.us|ia\.us|id\.us|il\.us|in\.us|ks\.us|ky\.us|la\.us|ma\.us|md\.us|me\.us|mi\.us|mn\.us|mo\.us|ms\.us|mt\.us|nc\.us|nd\.us|ne\.us|nh\.us|nj\.us|nm\.us|nv\.us|ny\.us|oh\.us|ok\.us|or\.us|pa\.us|ri\.us|sc\.us|sd\.us|tn\.us|tx\.us|ut\.us|vt\.us|va\.us|wa\.us|wi\.us|wv\.us|wy\.us|[^\.]+\.uy|uz|com\.uz|co\.uz|va|vc|[^\.]+\.ve|vg|vi|com\.vi|org\.vi|edu\.vi|gov\.vi|vn|com\.vn|net\.vn|org\.vn|edu\.vn|gov\.vn|int\.vn|ac\.vn|biz\.vn|info\.vn|name\.vn|pro\.vn|health\.vn|vu|ws|[^\.]+\.ye|[^\.]+\.yu|[^\.]+\.za|[^\.]+\.zm|[^\.]+\.zw|
\ No newline at end of file diff --git a/TLD/tld_template.js b/TLD/tld_template.js new file mode 100644 index 0000000..71906d7 --- /dev/null +++ b/TLD/tld_template.js @@ -0,0 +1,46 @@ +var tld = { + normalize(d) { return d; }, + + isIp(d) { return this._ipRx.test(d); }, + + getDomain(domain) { + if (domain === "localhost" || this.isIp(domain)) return domain; + + domain = this.normalize(domain); + var pos = domain.search(this._tldEx); + if(pos === -1 ) { + pos = domain.search(this._tldRx); + if (pos === -1) { + // TLD not in the public suffix list, fall back to the "one-dot rule" + pos = domain.lastIndexOf("."); + if (pos === -1) { + return ""; + } + } + pos = domain.lastIndexOf(".", pos - 1) + 1; + } else if(domain[pos] == ".") { + ++pos; + } + return pos <= 0 ? domain : domain.substring(pos); + }, + + getPublicSuffix(domain) { + if (this.isIp(domain)) return ""; + + domain = this.normalize(domain); + var pos = domain.search(this._tldEx); + if(pos < 0) { + pos = domain.search(this._tldRx); + if(pos >= 0 && domain[pos] == ".") pos++; + } else { + pos = domain.indexOf(".", pos + 1) + 1; + } + return pos < 0 ? "" : domain.substring(pos); + }, + + _ipRx: /^(?:0\.|[1-9]\d{0,2}\.){3}(?:0|[1-9]\d{0,2})$|:.*:/i, + + _tldRx: /(?:\.|^)%tld_rx%$/ + , + _tldEx: /(?:\.|^)%tld_ex%$/ +} diff --git a/TLD/try.sh b/TLD/try.sh new file mode 100644 index 0000000..0335e37 --- /dev/null +++ b/TLD/try.sh @@ -0,0 +1,3 @@ +#!/bin/sh +perl -ne 'if (! /^(\/\/|!|[ \n\r])/) { s/\n/\|/; s/\./\\\./g ; s/\*\\\./[^\\.]+\\./; s/\s+utf.*/|/; print }' *.dat > tld_rx.txt +perl -ne 'if (/^!/) { s/\n/\|/; s/\./\\\./g ; s/^!//; s/\s+utf.*/|/; print }' *.dat > tld_ex.txt diff --git a/build.sh b/build.sh new file mode 100644 index 0000000..0159a17 --- /dev/null +++ b/build.sh @@ -0,0 +1,60 @@ +#!/bin/bash +BASE=$PWD +SRC="$BASE/src" +BUILD="$BASE/build" +MANIFEST_IN="$SRC/manifest.json" +MANIFEST_OUT="$BUILD/manifest.json" + +VER=$(grep '"version":' "$SRC/manifest.json" | sed -re 's/.*": "(.*?)".*/\1/') +XPI_DIR="$BASE/xpi" +XPI="$XPI_DIR/noscript-$VER" +LIB="$SRC/lib" +TLD="$BASE/TLD" + +if ! [ $(date -r "$LIB/tld.js" +'%Y%m%d') -ge $(date +'%Y%m%d') ] && "$TLD/generate.sh"; then + cp -u "$TLD/tld.js" $LIB +fi + +./html5_events.pl + +rm -rf $BUILD $XPI +cp -pR $SRC $BUILD + + +if [[ $VER == *rc* ]]; then + sed -re 's/^(\s+)"strict_min_version":.*$/\1"update_url": "https:\/\/secure.informaction.com\/update\/?v='$VER'",\n\0/' \ + "$MANIFEST_IN" > "$MANIFEST_OUT" +else + grep -v '"update_url":' "$MANIFEST_IN" > "$MANIFEST_OUT" +fi +if ! grep '"id":' "$MANIFEST_OUT" >/dev/null; then + echo >&2 "Cannot build manifest.json" + exit 1 +fi + +sed -re 's/\/\/\s*(.*)\s*\/\/ XPI_ONLY/\1/' $SRC/content/content.js > $BUILD/content/content.js + +if [ "$1" == "sign" ]; then + BUILD_CMD="$BASE/../../we-sign" + BUILD_OPTS="" +else + BUILD_CMD="web-ext" + BUILD_OPTS="build" +fi + +echo "Creating $XPI.xpi..." +mkdir -p $XPI_DIR + +"$BUILD_CMD" $BUILD_OPTS --source-dir=$(cygpath -w $BUILD) --artifacts-dir=$(cygpath -w $XPI_DIR) --ignore-files=test/XSS_test.js +SIGNED="$XPI_DIR/noscript_security_suite-$VER-an+fx.xpi" +if [ -f "$SIGNED" ]; then + mv "$SIGNED" "$XPI.xpi" +elif [ -f "$XPI.zip" ]; then + mv "$XPI.zip" "$XPI.xpi" +else + echo >&2 "ERROR: Could not create $XPI.xpi!" + exit 3 +fi +echo "Created $XPI.xpi" + +rm -rf "$BUILD" diff --git a/html5_events.pl b/html5_events.pl new file mode 100644 index 0000000..1fb02fe --- /dev/null +++ b/html5_events.pl @@ -0,0 +1,99 @@ +#!/usr/bin/perl +use strict; + +require LWP::UserAgent; +use LWP::Simple; +use RegExp::List; +use File::stat; +use File::Basename; +use List::MoreUtils qw(uniq); + +my $HTML5_URL = "https://hg.mozilla.org/mozilla-central/raw-file/tip/parser/html/nsHtml5AtomList.h"; +my $GECKO_URL = "https://hg.mozilla.org/mozilla-central/raw-file/tip/xpcom/ds/nsGkAtomList.h"; + +my $HERE = dirname($0); +my $SOURCE_FILE = $HERE . '/src/xss/InjectionChecker.js'; + +sub create_re +{ + my $cache = "$HERE/html5_events.re"; + my $sb = stat($cache); + + if ($sb && time() - $sb->mtime < 86400) + { + open IN, "<$cache"; + my @content = <IN>; + close IN; + return $content[0]; + } + + sub fetch_url + { + my $url = shift(@_); + my $ua = LWP::UserAgent->new; + $ua->agent('Mozilla/5.0'); + $ua->ssl_opts('verify_hostname' => 0); + my $res = $ua->get($url); + if ($res->is_success) + { + return $res->decoded_content; + } + else + { + my $err = $res->content; + my $ca_file = $ua->ssl_opts('SSL_ca_file'); + die ("Could not fetch $url: $err\n$ca_file"); + } + } + + + my $content = # fetch_url($HTML5_URL) . + fetch_url($GECKO_URL); + + $content = join("\n", grep(/^(?:HTML5|GK)_ATOM.*"on\w+"/, split(/[\n\r]/, $content))); + + $content =~ s/.*"(on\w+)".*/$1 /g; + $content =~ s/\s+/ /g; + $content =~ s/^\s+|\s+$//g; + + my $l = Regexp::List->new; + my $re = $l->list2re(uniq(split(' ', $content))); + $re =~ s/\(\?[-^]\w+:(.*)\)/$1/; + open (OUT, ">$cache"); + print OUT $re; + close OUT; + $re; +} + +sub patch +{ + my $src = shift; + my $dst = "$src.tmp"; + my $re = create_re(); + my $must_replace = 0; + print "Patching $src...\n"; + open IN, "<$src" or die ("Can't open $src!"); + open OUT, ">$dst" or die ("Can't open $dst!"); + + while (<IN>) + { + my $line = $_; + $must_replace = $line ne $_ if s/^(\s*const IC_EVENT_PATTERN\s*=\s*")([^"]+)/$1$re/; + + print OUT $_; + } + close IN; + close OUT; + + if ($must_replace) { + rename $dst, $src; + print "Patched.\n"; + } + else + { + unlink $dst; + print "Nothing to do.\n"; + } +} + +patch($SOURCE_FILE); diff --git a/html5_events.re b/html5_events.re new file mode 100644 index 0000000..a028b4a --- /dev/null +++ b/html5_events.re @@ -0,0 +1 @@ +on(?:p(?:o(?:inter(?:l(?:ock(?:change|error)|eave)|o(?:ver|ut)|cancel|enter|down|move|up)|p(?:up(?:hid(?:den|ing)|show(?:ing|n)|positioned)|state))|a(?:ge(?:hide|show)|(?:st|us)e)|ush(?:subscriptionchange)?|ro(?:cessorerror|gress)|lay(?:ing)?|hoto)|Moz(?:S(?:wipeGesture(?:(?:May)?Start|Update|End)?|crolledAreaChanged)|M(?:agnifyGesture(?:Update|Start)?|ouse(?:PixelScroll|Hittest))|EdgeUI(?:C(?:omplet|ancel)|Start)ed|RotateGesture(?:Update|Start)?|(?:Press)?TapGesture|AfterPaint)|m(?:o(?:z(?:pointerlock(?:change|error)|fullscreen(?:change|error)|key(?:down|up)onplugin|accesskeynotfound|orientationchange)|use(?:l(?:ongtap|eave)|o(?:ver|ut)|enter|wheel|down|move|up))|(?:idimessag|ut)e|essage(?:error)?|ark)|c(?:o(?:m(?:p(?:osition(?:update|start|end)|lete)|mand(?:update)?)|n(?:t(?:rollerchange|extmenu)|nect(?:ionavailable)?)|py)|h(?:(?:arging(?:time)?ch)?ange|ecking)|a(?:n(?:play(?:through)?|cel)|ched)|u(?:echange|t)|l(?:ick|ose))|s(?:ou(?:rce(?:(?:clos|end)ed|open)|nd(?:start|end))|e(?:lect(?:ionchange|start)?|ek(?:ing|ed)|t)|h(?:ipping(?:address|option)change|ow)|t(?:a(?:techange|lled|rt)|o(?:rage|p))|u(?:ccess|spend|bmit)|peech(?:start|end)|croll)|d(?:r(?:a(?:g(?:e(?:n(?:ter|d)|xit)|leave|start|drop|over)?|in)|op)|evice(?:(?:orienta|mo)tion|proximity|change|light)|(?:ischargingtime|uration)change|ata(?:available)?|ownloading|blclick)|a(?:nimation(?:iteration|cancel|start|end)|u(?:dio(?:process|start|end)|xclick)|b(?:solutedeviceorientation|ort)|fter(?:scriptexecute|print)|dd(?:sourcebuffer|track)|ppinstalled|ctivate)|DOM(?:Node(?:Inserted(?:IntoDocument)?|Removed(?:FromDocument)?)|(?:CharacterData|Subtree)Modified|A(?:ttrModified|ctivate)|Focus(?:Out|In)|MouseScroll)|r(?:e(?:s(?:ourcetimingbufferfull|ponseprogress|u(?:lt|me)|ize|et)|move(?:sourcebuffer|track)|adystatechange|pea(?:tEven)?t|questprogress)|atechange)|w(?:ebkit(?:Animation(?:Iteration|Start|End)|animation(?:iteration|start|end)|(?:TransitionE|transitione)nd)|a(?:iting(?:forkey)?|rning)|heel)|v(?:rdisplay(?:(?:presentchang|activat)e|d(?:eactivate|isconnect)|connect)|o(?:iceschanged|lumechange)|(?:isibility|ersion)change)|b(?:e(?:fore(?:p(?:aste|rint)|scriptexecute|c(?:opy|ut)|unload)|gin(?:Event)?)|ufferedamountlow|l(?:ocked|ur)|roadcast|oundary)|t(?:o(?:uch(?:cancel|start|move|end)|ggle)|ransition(?:cancel|start|end|run)|ime(?:update|out)|e(?:rminate|xt)|ypechange)|l(?:o(?:ad(?:e(?:d(?:meta)?data|nd)|ing(?:error|done)?|start)?|stpointercapture)|(?:anguage|evel)change|y)|u(?:p(?:date(?:(?:fou|e)nd|ready|start)?|gradeneeded)|n(?:derflow|load|mute)|serproximity)|g(?:amepad(?:(?:dis)?connected|button(?:down|up)|axismove)|otpointercapture|et)|o(?:(?:rientationchang|(?:ff|n)lin|bsolet)e|verflow|pen)|e(?:n(?:d(?:Event|ed)?|crypted|ter)|mptied|rror|xit)|f(?:ullscreen(?:change|error)|ocus(?:out|in)?|inish)|no(?:tificationcl(?:ick|ose)|update|match)|SVG(?:(?:Unl|L)oad|Resize|Scroll|Zoom)|key(?:statuseschange|press|down|up)|(?:CheckboxStateC|hashc)hange|R(?:adioStateChange|equest)|in(?:stall|valid|put)|AppCommand|zoom)
\ No newline at end of file diff --git a/src/_locales/en/messages.json b/src/_locales/en/messages.json new file mode 100644 index 0000000..467347c --- /dev/null +++ b/src/_locales/en/messages.json @@ -0,0 +1,675 @@ +{ + "Add": { + "message": "Add" + }, + "Add_accesskey": { + "message": "A" + }, + "AdditionalPermissions": { + "message": "Additional permissions for trusted sites" + }, + "AdditionalRestrictions": { + "message": "Additional restrictions for untrusted sites" + }, + "SectionAdvanced": { + "message": "Advanced" + }, + "Allow": { + "message": "Allow" + }, + "Allow_accesskey": { + "message": "l" + }, + "AllowBookmarks": { + "message": "Allow sites opened through bookmarks" + }, + "AllowClipboard": { + "message": "Allow rich text copy and paste from external clipboard" + }, + "AllowLocalLinks": { + "message": "Allow local links" + }, + "AllowPage": { + "message": "Allow all this page" + }, + "AllowPage_accesskey": { + "message": "A" + }, + "AllowPing": { + "message": "Allow <A PING…>" + }, + "AllowViaBookmarks": { + "message": "Allow sites opened through bookmarks" + }, + "AlwaysBlockUntrustedContent": { + "message": "Block every object coming from a site marked as untrusted" + }, + "SectionAppearance": { + "message": "Appearance" + }, + "AutoAllowTopLevel": { + "message": "Temporarily set top-level sites to TRUSTED" + }, + "AutoReload": { + "message": "Automatically reload affected pages when permissions change" + }, + "AutoReload_currentTab": { + "message": "Reload the current tab only" + }, + "BaseDom": { + "message": "Base 2nd level Domains (noscript.net)" + }, + "BlockedItems": { + "message": "Blocked $1 of $2 items." + }, + "BlockedObjects": { + "message": "NoScript Blocked Objects" + }, + "BookmarkSync": { + "message": "Backup NoScript configuration in a bookmark for easy synchronization" + }, + "Cancel": { + "message": "Cancel" + }, + "CascadePermissions": { + "message": "Cascade top document's permissions to 3rd party scripts" + }, + "ClearClickDescription": { + "message": "NoScript intercepted a mouse or keyboard interaction with a partially hidden element. Click on the image below to cycle between the obstructed and the clear version." + }, + "ClearClickHeader": { + "message": "Potential Clickjacking / UI Redressing Attempt!" + }, + "ClearClickOpt": { + "message": "ClearClick protection on pages…" + }, + "ClearClickReport": { + "message": "Report" + }, + "ClearClickReport_accesskey": { + "message": "R" + }, + "ClearClickReportId": { + "message": "Report ID:" + }, + "ClearClickTitle": { + "message": "ClearClick Warning" + }, + "Close": { + "message": "Close" + }, + "CollapseBlockedObjects": { + "message": "Collapse blocked objects" + }, + "ConfirmUnblock": { + "message": "Ask for confirmation before temporarily unblocking an object" + }, + "ContentBlocker": { + "message": "Apply these restrictions to whitelisted sites too" + }, + "CtxMenu": { + "message": "Contextual menu" + }, + "Custom": { + "message": "Custom" + }, + "CustomizePresets": { + "message": "Preset customization (for all the sites sharing a preset)" + }, + "Default": { + "message": "Default" + }, + "DefaultPolicies": { + "message": "Default Policies" + }, + "Description": { + "message": "Extra protection for your Firefox: NoScript allows JavaScript, Flash (and other plugins) only for trusted domains of your choice (e.g. your home-banking web site). This whitelist based pre-emptive blocking approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality… Experts will agree: Firefox is really safer with NoScript :-)" + }, + "Donate": { + "message": "Donate" + }, + "Donate_accesskey": { + "message": "o" + }, + "Embeddings": { + "message": "Embeddings" + }, + "Exceptions": { + "message": "Exceptions…" + }, + "Export": { + "message": "Export" + }, + "Export_accesskey": { + "message": "E" + }, + "FixLinks": { + "message": "Attempt to fix JavaScript links" + }, + "Hider": { + "message": "Drop here to hide." + }, + "Reveal": { + "message": "Click here to retrieve missing buttons…" + }, + "ShowFullAddresses": { + "message": "List full addresses in the permissions popup (https://www.noscript.net)" + }, + + "SectionGeneral": { + "message": "General" + }, + "GlobalHttpsWhitelist": { + "message": "Allow HTTPS scripts globally on HTTPS documents" + }, + "NotEnforced": { + "message": "Restrictions disabled" + }, + "NoEnforcement": { + "message": "Disable restrictions globally (dangerous)" + }, + "Enforce": { + "message": "Enable restrictions globally" + }, + "NoEnforcementForTab": { + "message": "Disable restrictions for this tab" + }, + "EnforceForTab": { + "message": "Enable restrictions for this tab" + }, + "httpsOnly": { + "message": "Match HTTPS content only" + }, + "Https": { + "message": "HTTPS" + }, + "Https_always": { + "message": "Always" + }, + "Https_behavior": { + "message": "Behavior" + }, + "Https_cookies": { + "message": "Cookies" + }, + "Https_description": { + "message": "Forbid active web content unless it comes from a secure (HTTPS) connection:" + }, + "Https_never": { + "message": "Never" + }, + "Https_proxy": { + "message": "When using a proxy (recommended with Tor)" + }, + "HttpsFaq": { + "message": "HTTPS FAQ…" + }, + "HttpsFaq_accesskey": { + "message": "Q" + }, + "HttpsForced": { + "message": "Force the following sites to use secure (HTTPS) connections:" + }, + "HttpsForcedExceptions": { + "message": "Never force secure (HTTPS) connections for the following sites:" + }, + "Import": { + "message": "Import" + }, + "Import_accesskey": { + "message": "I" + }, + "KeepLocked": { + "message": "Keep this element locked (recommended)" + }, + "MatchSample": { + "message": "Pattern matching sample:" + }, + "Next": { + "message": "Next" + }, + "NoUntrustedPlaceholder": { + "message": "No placeholder for objects coming from sites marked as untrusted" + }, + "Notifications": { + "message": "Notifications" + }, + "Notify": { + "message": "Show message about blocked scripts" + }, + "Notify_bottom": { + "message": "Place message at the bottom" + }, + "NotifyMeta": { + "message": "Show message about blocked META redirections" + }, + "NotifyMeta_accesskey": { + "message": "R" + }, + "NselForce": { + "message": "Show the <NOSCRIPT> element which follows a blocked <SCRIPT>" + }, + "NselNever": { + "message": "Hide <NOSCRIPT> elements" + }, + "OK": { + "message": "OK" + }, + "OptBlockCssScanners": { + "message": "Block CSS-based scanners" + }, + "OptFilterXGet": { + "message": "Sanitize cross-site suspicious requests" + }, + "OptFilterXPost": { + "message": "Turn cross-site POST requests into data-less GET requests" + }, + "Options": { + "message": "Options…" + }, + "Options_accesskey": { + "message": "O" + }, + "OptionsLong": { + "message": "NoScript Options" + }, + "OptionsWidth": { + "message": "40em" + }, + "PermanentInPrivate": { + "message": "Permanent \"Allow\" commands in private windows" + }, + "SectionSitePermissions": { + "message": "Per-site Permissions" + }, + "PermissionsText": { + "message": "You can specify which web sites are allowed to execute scripts. Type the address or the domain (e.g. \"http://www.site.com\" or \"site.com\") of the site you want to allow and then click Allow." + }, + "Plugins": { + "message": "Plugins" + }, + "Policies": { + "message": "Policies" + }, + "Preset": { + "message": "Security Level" + }, + "Preset_high": { + "message": "Fortress (Full lockdown)" + }, + "Preset_low": { + "message": "Easy going (Blacklist + Web Security)" + }, + "Preset_medium": { + "message": "Classic (Whitelist + Web Security)" + }, + "Preset_off": { + "message": "Off (are you serious?!)" + }, + "Prev": { + "message": "Previous" + }, + "RecentBlocked": { + "message": "Recently blocked sites" + }, + "Refresh": { + "message": "Refresh" + }, + + "ReloadWarn": { + "message": "These options will take effect on new or (manually) reloaded pages" + }, + "RemoveSelected": { + "message": "Remove Selected Sites" + }, + "Reset": { + "message": "Reset" + }, + "Reset_accesskey": { + "message": "s" + }, + "ResetDef": { + "message": "Reset to Default" + }, + "ResetDef_accesskey": { + "message": "D" + }, + "RestrictSubdocScripting": { + "message": "Block scripting in whitelisted subdocuments of non-whitelisted pages" + }, + "RevokeTemp": { + "message": "Revoke Temporary Permissions" + }, + "RevokeTemp_accesskey": { + "message": "R" + }, + "SecureCookies": { + "message": "Enable Automatic Secure Cookies Management" + }, + "SecureCookiesExceptions": { + "message": "Ignore unsafe cookies set over HTTPS by the following sites:" + }, + "SecureCookiesForced": { + "message": "Force encryption for all the cookies set over HTTPS by the following sites:" + }, + "SecurityManager": { + "message": "Security Manager" + }, + "Show": { + "message": "Show…" + }, + "ShowConsole": { + "message": "Show Console…" + }, + "ShowConsole_accesskey": { + "message": "S" + }, + "ShowPlaceholder": { + "message": "Show placeholder icon" + }, + "ShowReleaseNotes": { + "message": "Display the release notes on updates" + }, + "ShowCtxMenuItem": { + "message": "Show NoScript contextual menu item" + }, + "ShowCountBadge": { + "message": "Display script count badge" + }, + "SitePermissions": { + "message": "Site Permissions" + }, + "SitePermissions_accessKey": { + "message": "S" + }, + "SitePolicies": { + "message": "Site Specific Policies" + }, + "TempTrustPage": { + "message": "Set all on this page to Temporarily TRUSTED" + }, + "TempTrustPage_accesskey": { + "message": "T" + }, + "TempToPerm": { + "message": "Make page permissions permanent" + }, + "TempToPerm_accesskey": { + "message": "M" + }, + + "Trust": { + "message": "Mark as Trusted" + }, + "Trust_accesskey": { + "message": "T" + }, + "Trusted": { + "message": "Trusted" + }, + "Trusted_temporary": { + "message": "Temp. TRUSTED" + }, + "Trusted_permanent": { + "message": "TRUSTED" + }, + "TrustedPagesAdj": { + "message": "trusted" + }, + "Uninstall": { + "message": "Uninstall" + }, + "Unknown": { + "message": "Unknown" + }, + "UnsafeReload": { + "message": "Unsafe Reload" + }, + "UnsafeReload_accesskey": { + "message": "R" + }, + "Untrust": { + "message": "Mark as Untrusted" + }, + "Untrust_accesskey": { + "message": "U" + }, + "Untrusted": { + "message": "Untrusted" + }, + "UntrustedPagesAdj": { + "message": "untrusted" + }, + "WebAddress": { + "message": "Search or add a web site:" + }, + "WebAddress_accesskey": { + "message": "w" + }, + "Whitelist": { + "message": "Whitelist" + }, + "XSS_notify": { + "message": "Show XSS notifications" + }, + "XSS_clearUserChoices": { + "message": "Clear XSS Choices" + }, + "XSS_promptTitle": { + "message": "NoScript XSS Warning" + }, + "XSS_promptMessage": { + "message": "NoScript detected a potential Cross-Site Scripting attack\nfrom $1 to $2.\nSuspicious data:\n$3" + }, + "XSS_optBlock": { + "message": "Block this request" + }, + "XSS_optSanitize": { + "message": "Sanitize this request" + }, + "XSS_optAllow": { + "message": "Allow this request" + }, + "XSS_optAlwaysAllow": { + "message": "Always allow document requests from $1 to $2" + }, + "XSS_optAlwaysBlock": { + "message": "Always block document requests from $1 to $2" + }, + "Xss": { + "message": "XSS" + }, + "Xss_accesskey": { + "message": "X" + }, + "XssExceptions": { + "message": "Anti-XSS Protection Exceptions" + }, + "XssExceptions_description": { + "message": "Destinations matching these regular expressions will NOT be protected against XSS." + }, + "XssFaq": { + "message": "XSS FAQ…" + }, + "XssFaq_accesskey": { + "message": "Q" + }, + "about": { + "message": "About $1" + }, + "allowFrom": { + "message": "Allow all from $1" + }, + "allowGlobal": { + "message": "Disable all the permissions checks (dangerous)" + }, + "allowLocal": { + "message": "Allow $1" + }, + "allowTemp": { + "message": "Temporarily allow $1" + }, + "allowTempFrom": { + "message": "Temporarily allow all from $1" + }, + + "allowed_no": { + "message": "Scripts Currently Forbidden" + }, + "allowed_prt": { + "message": "Scripts Partially Allowed" + }, + "allowed_yes": { + "message": "Scripts Currently Allowed" + }, + "alwaysAsk": { + "message": "Always ask for confirmation" + }, + "audio_samples": { + "message": "Audio samples" + }, + "bookmarkSync_confirm": { + "message": "NoScript has found a configuration bookmark seemingly saved on\n$1.\nDo you really want to overwrite your local NoScript configuration with this bookmark's content?" + }, + "bookmarkSync_message": { + "message": "This bookmark is NOT meant to be opened, but to be synchronized using a service such as Weave or the XMarks extension." + }, + "bookmarkSync_title": { + "message": "NoScript Configuration Bookmark" + }, + "cap_script": { + "message": "script" + }, + "cap_frame": { + "message": "frame" + }, + "cap_object": { + "message": "object" + }, + "cap_media": { + "message": "media" + }, + "cap_font": { + "message": "font" + }, + "cap_webgl": { + "message": "webgl" + }, + "cap_fetch": { + "message": "fetch" + }, + "cap_other": { + "message": "other" + }, + "changelog": { + "message": "Changelog" + }, + "changelog_tip": { + "message": "Show changelog" + }, + "confirm": { + "message": "Are you sure?" + }, + "disable": { + "message": "Disable $1" + }, + "disable_accessKey": { + "message": "D" + }, + "distrust": { + "message": "Mark $1 as Untrusted" + }, + "extensionContributors": { + "message": "Contributors:" + }, + "extensionContributors_tip": { + "message": "People you should thank for this extension" + }, + "extensionCreator_tip": { + "message": "Visit author home page" + }, + "extensionCreatorLabel": { + "message": "Author:" + }, + "extensionHomepage_tip": { + "message": "Visit extension home page" + }, + "forbidGlobal": { + "message": "Forbid Scripts Globally (advised)" + }, + "forbidLocal": { + "message": "Forbid $1" + }, + "freshInstallReload": { + "message": "In order to operate on this tab, NoScript needs to reload it.\nProceed?" + }, + + "privilegedPage": { + "message": "This is a privileged page, whose permissions cannot be configured." + }, + + "incompatibleOptions": { + "message": "\"$1\"\nis incompatible with \"$2\".\nDo you want to enable the former and disable the latter?" + }, + "incompatibleOptions_title": { + "message": "Incompatible Options Warning" + }, + "informaction_tip": { + "message": "Visit InformAction home page" + }, + "license": { + "message": "License" + }, + "license_tip": { + "message": "Read end-user license" + }, + "logo_tip": { + "message": "Visit extension home page" + }, + "metaRefresh_notify": { + "message": "NoScript blocked a <META> redirection inside a <NOSCRIPT> element: $1 in $2 seconds." + }, + + "Reload": { + "message": "Reload" + }, + "removal_message": { + "message": "By disabling or uninstalling NoScript, you give up ALL the protections provided by NoScript.\n\nIf you're just tired of handling script permissions site by site, there's a safer choice.\n\nNoScript can stop blocking scripts, except those you mark as untrusted, while still protecting you with the most advanced security countermeasures against XSS, Clickjacking, CSRF and other web threats.\n\nDo you really want to remove ALL the NoScript protections?\n" + }, + "removal_no": { + "message": "No, just stop blocking scripts" + }, + "removal_title": { + "message": "Security Downgrade Warning" + }, + "removal_yes": { + "message": "Yes, remove ALL protections" + }, + "reset_title": { + "message": "NoScript Reset" + }, + "reset_warning": { + "message": "ALL the NoScript preferences and site permissions will be reset to their default values immediately.\nThis action cannot be reverted.\nDo you want to continue?" + }, + "siteInfo_confirm": { + "message": "You're about to ask for information about the \"$1\" site\nby submitting a query to $2.\nDo you want to continue?" + }, + "siteInfo_tooltip": { + "message": "Middle-click or shift+click for site info..." + }, + "sponsor_tip": { + "message": "Visit sponsor home page" + }, + "unsafeReload_warning": { + "message": "UNSAFELY reloading a suspicious\n\n$1 [$2]\n\nFROM [$3]\n\nNoScript will NOT protect this request!\n" + }, + "untrustedOrigin": { + "message": "an untrusted origin" + }, + "version": { + "message": "Version $1" + }, + "versionShort": { + "message": "v $1" + } +} diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js new file mode 100644 index 0000000..0f1558c --- /dev/null +++ b/src/bg/RequestGuard.js @@ -0,0 +1,549 @@ +var RequestGuard = (() => { + 'use strict'; + const VERSION_LABEL = `NoScript ${browser.runtime.getManifest().version}`; + browser.browserAction.setTitle({title: VERSION_LABEL}); + const REPORT_URI = "https://noscript-csp.invalid/__NoScript_Probe__/"; + const REPORT_GROUP = "NoScript-Endpoint"; + const REPORT_TO = { + name: "Report-To", + value: JSON.stringify({ "url": REPORT_URI, + "group": REPORT_GROUP, + "max-age": 10886400 }), + }; + const CSP = { + name: "content-security-policy", + start: `report-uri ${REPORT_URI};`, + end: `;report-to ${REPORT_URI};`, + isMine(header) { + let {name, value} = header; + if (name.toLowerCase() !== CSP.name) return false; + let startIdx = value.indexOf(this.start); + return startIdx > -1 && startIdx < value.lastIndexOf(this.end); + }, + inject(headerValue, mine) { + let startIdx = headerValue.indexOf(this.start); + if (startIdx < 0) return `${headerValue};${mine}`; + let endIdx = headerValue.lastIndexOf(this.end); + let retValue = `${headerValue.substring(0, startIdx)}${mine}`; + + return endIdx < 0 ? retValue : `${retValue}${headerValue.substring(endIdx + this.end.length + 1)}`; + }, + create(...directives) { + return `${this.start}${directives.join(';')}${this.end}`; + }, + createBlocker(...types) { + return this.create(...(types.map(type => `${type.name || type}-src ${type.value || "'none'"}`))); + }, + blocks(header, type) { + return header.includes(`;${type}-src 'none';`) + }, + types: ["script", "object", "media"], + }; + + const policyTypesMap = { + main_frame: "", + sub_frame: "frame", + script: "script", + xslt: "script", + xbl: "script", + font: "font", + object: "object", + object_subrequest: "fetch", + xmlhttprequest: "fetch", + ping: "ping", + beacon: "ping", + media: "media", + other: "", + }; + const allTypes = Object.keys(policyTypesMap); + Object.assign(policyTypesMap, {"webgl": "webgl"}); // fake types + + const FORBID_DATAURI_TYPES = ["font", "media", "object"]; + + const TabStatus = { + map: new Map(), + types: ["script", "object", "media", "frame", "font"], + newRecords() { + return { + allowed: {}, + blocked: {}, + noscriptFrames: {}, + } + }, + + initTab(tabId, records = this.newRecords()) { + this.map.set(tabId, records); + return records; + }, + + _record(request, what, optValue) { + let {tabId, frameId, type, url, documentUrl} = request; + let policyType = policyTypesMap[type] || type; + let requestKey = Policy.requestKey(url, documentUrl, policyType); + let map = this.map; + let records; + if (map.has(tabId)) { + records = map.get(tabId); + } else { + records = this.initTab(tabId); + } + + if (what === "noscriptFrame") { + let nsf = records.noscriptFrames; + if (frameId in nsf) { + return null; + } + nsf[frameId] = optValue; + what = optValue ? "blocked" : "allowed"; + if (frameId === 0) { + request.type = type = "main_frame"; + Content.reportTo(request, optValue, type); + } + } + let collection = records[what]; + if (type in collection) { + if (!collection[type].includes(requestKey)) { + collection[type].push(requestKey); + } + } else { + collection[type] = [requestKey]; + } + return records; + }, + + record(request, what, optValue) { + let records = this._record(request, what, optValue); + if (records) { + this.updateTab(request.tabId); + } + }, + + _pendingTabs: new Set(), + + updateTab(tabId) { + if (this._pendingTabs.size === 0) { + window.setTimeout(() => { // clamp UI updates + for (let tabId of this._pendingTabs) { + this._updateTabNow(tabId); + } + this._pendingTabs.clear(); + }, 200); + } + this._pendingTabs.add(tabId); + }, + _updateTabNow(tabId) { + this._pendingTabs.delete(tabId); + let records = this.map.get(tabId) || this.initTab(tabId); + let {allowed, blocked, noscriptFrames} = records; + let topAllowed = !(noscriptFrames && noscriptFrames[0]); + + let numAllowed = 0, numBlocked = 0, sum = 0; + let report = this.types.map(t => { + let a = allowed[t] && allowed[t].length || 0, b = blocked[t] && blocked[t].length || 0, s = a + b; + numAllowed+= a, numBlocked += b, sum += s; + return s && `<${t === "sub_frame" ? "frame" : t}>: ${b}/${s}`; + }).filter(s => s).join("\n"); + + let enforced = ns.isEnforced(tabId); + + let icon = topAllowed ? + (numBlocked ? "part" + : enforced ? "yes" : "global") + : (numAllowed ? "sub" : "no"); + let showBadge = ns.local.showCountBadge && numBlocked > 0; + + let browserAction = browser.browserAction; + browserAction.setIcon({tabId, path: {64: `/img/ui-${icon}64.png`}}); + browserAction.setBadgeText({tabId, text: showBadge ? numBlocked.toString() : ""}); + browserAction.setBadgeBackgroundColor({tabId, color: [255, 0, 0, 128]}); + browserAction.setTitle({tabId, + title: `${VERSION_LABEL} \n${enforced ? + _("BlockedItems", [numBlocked, numAllowed + numBlocked]) + ` \n${report}` + : _("NotEnforced")}` + }); + }, + + totalize(sum, value) { + return sum + value; + }, + + async probe(tabId) { + if (tabId === undefined) { + (await browser.tabs.query({})).forEach(tab => TabStatus.probe(tab.id)); + } else { + try { + TabStatus.recordAll(tabId, await ns.collectSeen(tabId)); + } catch (e) { + error(e); + } + } + }, + + recordAll(tabId, seen) { + if (seen) { + let records = TabStatus.map.get(tabId); + if (records) { + records.allowed = {}; + records.blocked = {}; + } + for (let thing of seen) { + thing.request.tabId = tabId; + TabStatus._record(thing.request, thing.allowed ? "allowed" : "blocked"); + } + this._updateTabNow(tabId); + } + }, + + async onActivatedTab(info) { + let {tabId} = info; + let seen = await ns.collectSeen(tabId); + + TabStatus.recordAll(tabId, seen); + }, + onRemovedTab(tabId) { + TabStatus.map.delete(tabId); + }, + } + browser.tabs.onActivated.addListener(TabStatus.onActivatedTab); + browser.tabs.onRemoved.addListener(TabStatus.onRemovedTab); + + if (!("setIcon" in browser.browserAction)) { // unsupported on Android + TabStatus._updateTabNow = TabStatus.updateTab = () => {}; + } + + const Content = { + + + async hearFrom(message, sender) { + debug("Received message from content", message, sender); + switch (message.type) { + case "pageshow": + TabStatus.recordAll(sender.tab.id, message.seen); + return true; + case "enable": + let {url, documentUrl, policyType} = message; + let TAG = `<${policyType.toUpperCase()}>`; + let origin = Sites.origin(url); + let {siteKey} = Sites.parse(url); + let options; + if (siteKey === origin) { + TAG += `@${siteKey}`; + } else { + options = [ + {label: _("allowLocal", siteKey), checked: true}, + {label: _("allowLocal", origin)} + ]; + } + // let parsedDoc = Sites.parse(documentUrl); + let t = u => `${TAG}@${u}`; + let ret = await Prompts.prompt({ + title: _("BlockedObjects"), + message: _("allowLocal", TAG), + options}); + debug(`Prompt returned %o`); + if (ret.button !== 0) return; + let key = [siteKey, origin][ret.option || 0]; + if (!key) return; + let {siteMatch, contextMatch, perms} = ns.policy.get(key, documentUrl); + let {capabilities} = perms; + if (!capabilities.has(policyType)) { + perms = new Permissions(new Set(capabilities), false); + perms.capabilities.add(policyType); + + /* TODO: handle contextual permissions + if (documentUrl) { + let context = new URL(documentUrl).origin; + let contextualSites = new Sites([context, perms]); + perms = new Permissions(new Set(capabilities), false, contextualSites); + } + */ + ns.policy.set(key, perms); + ns.savePolicy(); + } + return true; + case "canScript": + let records = TabStatus.map.get(sender.tab.id); + debug("Records.noscriptFrames %o, canScript: %s", records && records.noscriptFrames, !(records && records.noscriptFrames[sender.frameId])); + return !(records && records.noscriptFrames[sender.frameId]); + } + }, + + async reportTo(request, allowed, policyType) { + let {requestId, tabId, frameId, type, url, documentUrl, originUrl} = request; + let pending = pendingRequests.get(requestId); // null if from a CSP report + let initialUrl = pending ? pending.initialUrl : request.url; + request = { + key: Policy.requestKey(url, type, documentUrl || "", /^(media|object|frame)$/.test(type)), + type, url, documentUrl, originUrl + }; + if (tabId < 0) return; + if (pending) request.initialUrl = pending.initialUrl; + try { + browser.tabs.sendMessage( + tabId, + {type: "seen", request, allowed, policyType, ownFrame: true}, + {frameId} + ); + } catch (e) { + debug(`Couldn't deliver "seen" message for ${type}@${url} ${allowed ? "A" : "F" } to document ${documentUrl} (${frameId}/${tabId}`, e); + } + if (frameId === 0) return; + try { + browser.tabs.sendMessage( + tabId, + {type: "seen", request, allowed, policyType}, + {frameId: 0} + ); + } catch (e) { + debug(`Couldn't deliver "seen" message to top frame containing ${documentUrl} (${frameId}/${tabId}`, e); + } + } + }; + browser.runtime.onMessage.addListener(Content.hearFrom); + + const pendingRequests = new Map(); + function initPendingRequest(request) { + let {requestId, url} = request; + let redirected = pendingRequests.get(requestId); + let initialUrl = redirected ? redirected.initialUrl : url; + pendingRequests.set(requestId, { + url, redirected, + onCompleted: new Set(), + }); + return redirected; + } + + + const ABORT = {cancel: true}, ALLOW = {}; + const listeners = { + onBeforeRequest(request) { + try { + let redirected = initPendingRequest(request); + let {policy} = ns; + let policyType = policyTypesMap[request.type]; + if (policyType) { + let {url, originUrl, documentUrl} = request; + if (("fetch" === policyType || "frame" === policyType) && + (url === originUrl && originUrl === documentUrl || + /^(?:chrome|resource|moz-extension|about):/.test(originUrl)) + ) { + // livemark request or similar browser-internal, always allow; + return ALLOW; + } + + if (/^(?:data|blob):/.test(url)) { + request._dataUrl = url; + request.url = url = documentUrl; + } + let allowed = !ns.isEnforced(request.tabId) || + policy.can(url, policyType, originUrl); + Content.reportTo(request, allowed, policyType); + + if (!allowed) { + debug(`Blocking ${policyType}`, request); + TabStatus.record(request, "blocked"); + return ABORT; + } + } + } catch (e) { + error(e); + } + + return ALLOW; + }, + + async onHeadersReceived(request) { + // called for main_frame, sub_frame and object + debug("onHeadersReceived", request); + + try { + let header, blocker; + let responseHeaders = request.responseHeaders; + let content = {} + for (let h of responseHeaders) { + if (CSP.isMine(h)) { + header = h; + h.value = CSP.inject(h.value, ""); + } else if (/^\s*Content-(Type|Disposition)\s*$/i.test(h.name)) { + content[h.name.split("-")[1].trim().toLowerCase()] = h.value; + } + } + + + if (ns.isEnforced(request.tabId)) { + let policy = ns.policy; + let perms = policy.get(request.url, request.documentUrl).perms; + if (policy.autoAllowTop && request.frameId === 0 && perms === policy.DEFAULT) { + policy.set(Sites.optimalKey(request.url), perms = policy.TRUSTED.tempTwin); + } + + let {capabilities} = perms; + let canScript = capabilities.has("script"); + + let blockedTypes; + let forbidData = FORBID_DATAURI_TYPES.filter(t => !capabilities.has(t)); + if (!content.disposition && + (!content.type || /^\s*(?:video|audio|application)\//.test(content.type))) { + debug(`Suspicious content type "%s" in request %o with capabilities %o`, + content.type, request, capabilities); + blockedTypes = CSP.types.filter(t => !capabilities.has(t)); + } else if(!canScript) { + blockedTypes = ["script"]; + forbidData.push("object"); // data: URIs loaded in objects may run scripts + } + + for (let type of forbidData) { // object, font, media + // HTTP is blocked in onBeforeRequest, let's allow it only and block + // for instance data: and blob: URIs + let dataBlocker = {name: type, value: "http: https:"}; + if (blockedTypes) blockedTypes.push(dataBlocker) + else blockedTypes = [dataBlocker]; + } + + debug("Blocked types", blockedTypes); + if (blockedTypes && blockedTypes.length) { + blocker = CSP.createBlocker(...blockedTypes); + } + + if (canScript) { + if (!capabilities.has("webgl")) { + await RequestUtil.executeOnStart(request, { + file: "/content/webglHook.js" + }); + } + if (!capabilities.has("media")) { + await RequestUtil.executeOnStart(request, { + code: "window.mediaBlocker = true;" + }); + } + await RequestUtil.executeOnStart(request, { + file: "content/media.js" + }); + } + } + + debug(`CSP blocker:`, blocker); + if (blocker) { + if (header) { + header.value = CSP.inject(header.value, blocker); + } else { + header = {name: CSP.name, value: blocker}; + responseHeaders.push(header); + } + } + + if (header) return {responseHeaders}; + } catch (e) { + error(e, "Error in onHeadersReceived", uneval(request)); + } + return ALLOW; + }, + + onResponseStarted(request) { + if (request.type === "main_frame") { + TabStatus.initTab(request.tabId); + } + let scriptBlocked = request.responseHeaders.some( + h => CSP.isMine(h) && CSP.blocks(h.value, "script") + ); + debug("%s scriptBlocked=%s setting noscriptFrame on ", request.url, scriptBlocked, request.tabId, request.frameId); + TabStatus.record(request, "noscriptFrame", scriptBlocked); + pendingRequests.get(request.requestId).scriptBlocked = scriptBlocked; + }, + + onCompleted(request) { + let {requestId} = request; + if (pendingRequests.has(requestId)) { + let r = pendingRequests.get(requestId); + pendingRequests.delete(requestId); + for (let callback of r.onCompleted) { + try { + callback(request, r); + } catch (e) { + error(e); + } + } + } + }, + + onErrorOccurred(request) { + pendingRequests.delete(request.requestId); + } + }; + + function fakeRequestFromCSP(report, request) { + let type = report["violated-directive"].split("-", 1)[0]; // e.g. script-src 'none' => script + if (type === "frame") type = "sub_frame"; + let url = report['blocked-uri']; + if (url === 'self') url = request.documentUrl; + return Object.assign({}, request, { + url, + type, + }); + } + + async function onViolationReport(request) { + try { + let decoder = new TextDecoder("UTF-8"); + const report = JSON.parse(decoder.decode(request.requestBody.raw[0].bytes))['csp-report']; + let csp = report["original-policy"] + debug("CSP report", report); + if (report['blocked-uri'] !== 'self') { + let r = fakeRequestFromCSP(report, request); + Content.reportTo(r, false, policyTypesMap[r.type]); + TabStatus.record(r, "blocked"); + } else if (report["violated-directive"] === "script-src 'none'") { + let r = fakeRequestFromCSP(report, request); + TabStatus.record(r, "noscriptFrame", true); + } + } catch(e) { + error(e); + } + return ABORT; + } + + const RequestGuard = { + async start() { + let wr = browser.webRequest; + let listen = (what, ...args) => wr[what].addListener(listeners[what], ...args); + + let allUrls = ["<all_urls>"]; + let docTypes = ["main_frame", "sub_frame", "object"]; + + listen("onBeforeRequest", + {urls: allUrls, types: allTypes}, + ["blocking"] + ); + listen("onHeadersReceived", + {urls: allUrls, types: docTypes}, + ["blocking", "responseHeaders"] + ); + listen("onResponseStarted", + {urls: allUrls, types: docTypes}, + ["responseHeaders"] + ); + listen("onCompleted", + {urls: allUrls, types: allTypes}, + ); + listen("onErrorOccurred", + {urls: allUrls, types: allTypes}, + ); + + + wr.onBeforeRequest.addListener(onViolationReport, + {urls: [REPORT_URI], types: ["csp_report"]}, ["blocking", "requestBody"]); + + TabStatus.probe(); + }, + + stop() { + let wr = browser.webRequest; + for (let [name, listener] of Object.entries(this.listeners)) { + wr[name].removeListener(listener); + } + wr.onBeforeRequest.removeListener(onViolationReport); + } + }; + + return RequestGuard; +})(); diff --git a/src/bg/RequestUtil.js b/src/bg/RequestUtil.js new file mode 100644 index 0000000..1ebbbaa --- /dev/null +++ b/src/bg/RequestUtil.js @@ -0,0 +1,130 @@ +'use strict'; +{ + let runningScripts = new Map(); + + var RequestUtil = { + async executeOnStart(request, details) { + let {requestId, tabId, frameId} = request; + details = Object.assign({ + runAt: "document_start", + frameId, + }, details); + browser.tabs.executeScript(tabId, details); + return; + let filter = browser.webRequest.filterResponseData(requestId); + filter.onstart = event => { + browser.tabs.executeScript(tabId, details); + debug("Execute on start", details); + filter.write(new Uint8Array()); + }; + filter.ondata = event => { + filter.write(event.data); + filter.disconnect(); + + } + }, + async executeOnStartCS(request, details) { + let {url, requestId, tabId, frameId} = request; + + let urlObj = new URL(url); + if (urlObj.hash || urlObj.port || urlObj.username) { + urlObj.hash = urlObj.port = urlObj.username = ""; + url = urlObj.toString(); + } + let wr = browser.webRequest; + let filter = { + urls: [`${urlObj.origin}/*`], + types: ["main_frame", "sub_frame", "object"] + }; + let finalize; + let cleanup = r => { + if (cleanup && r.requestId === requestId) { + wr.onCompleted.removeListener(cleanup); + wr.onErrorOccurred.removeListener(cleanup); + cleanup = null; + if (finalize) { + finalize(); + } + } + }; + wr.onCompleted.addListener(cleanup, filter); + wr.onErrorOccurred.addListener(cleanup, filter); + + details = Object.assign({ + runAt: "document_start", + frameId, + }, details); + + if (browser.contentScripts) { + let js = [{}]; + if (details.file) js[0].file = details.file; + else if (details.code) js[0].code = details.code; + let settings = { + "runAt": details.runAt, + js, + matches: [url], + allFrames: frameId !== 0, + } + // let's try to avoid duplicates + let key = JSON.stringify(settings); + if (runningScripts.has(key)) { + let scriptRef = runningScripts.get(key); + scriptRef.count++; + return; + } + if (settings.allFrames) { + // let's check whether the same script is registered for top frames: + // if it is, let's unregister it first to avoid duplicates + settings.allFrames = false; + let topKey = JSON.stringify(settings); + settings.allFrames = true; + if (runningScripts.has(topKey)) { + let topScript = runningScripts.get(topKey); + try { + topScript.unregister(); + } catch (e) { + error(e); + } finally { + runningScripts.delete(topKey); + } + } + } + + let script = await browser.contentScripts.register(settings); + debug("Content script %o registered.", settings); + finalize = () => { + debug("Finalizing content script %o...", settings); + try { + script.unregister(); + runningScripts.delete(key); + debug("Content script %o unregistered!", settings); + } finally { + finalize = null; + } + } + runningScripts.set(key, script); + if (!cleanup) { // the request has already been interrupted + finalize(); + } + + return; + } + + function listener(r) { + if (r.requestId === requestId) { + browser.tabs.executeScript(tabId, details); + finalize(); + finalize = null; + } + } + finalize = () => { + wr.onResponseStarted.removeListener(listener); + } + wr.onResponseStarted.addListener(listener, filter); + debug("Executing %o", details); + + }, + + + } +} diff --git a/src/bg/Settings.js b/src/bg/Settings.js new file mode 100644 index 0000000..4fb656f --- /dev/null +++ b/src/bg/Settings.js @@ -0,0 +1,125 @@ +var Settings = { + + async import(data) { + + // figure out whether it's just a whitelist, a legacy backup or a "Quantum" export + try { + let json = JSON.parse(data); + if (json.whitelist) { + return await this.importLegacy(json); + } + if (json.trusted) { + return await this.importPolicy(json); + } + if (json.policy) { + return await this.importSettings(json); + } + } catch (e) { + return await this.importLists(data); + } + }, + + async importLegacy(json) { + await include("/legacy/Legacy.js"); + if (await Legacy.import(json)) { + try { + ns.policy = Legacy.migratePolicy(); + await ns.savePolicy(); + await Legacy.persist(); + return true; + } catch (e) { + error(e, "Importing legacy settings"); + Legacy.migrated = Legacy.undo; + } + } + return false; + }, + + async importLists(data) { + await include("/legacy/Legacy.js"); + try { + let [trusted, untrusted] = Legacy.extractLists(data.split("[UNTRUSTED]")); + let policy = ns.policy; + for (let site of trusted) { + policy.set(site, policy.TRUSTED); + } + for (let site of untrusted) { + policy.set(site, policy.UNTRUSTED, true); + } + await ns.savePolicy(); + } catch (e) { + error(e, "Importing white/black lists %s", data); + return false; + } + return true; + }, + + async importPolicy(json) { + try { + ns.policy = new Policy(json); + await ns.savePolicy(); + return true; + } catch (e) { + error(e, "Importing policy %o", json); + } + }, + + async importSettings(json) { + try { + await this.update(json); + return true; + } catch (e) { + error(e, "Importing settings %o", json); + } + return false; + }, + + async update(settings) { + let { + policy, + xssUserChoices, + tabId, + unrestrictedTab, + reloadAffected, + } = settings; + if (xssUserChoices) await XSS.saveUserChoices(xssUserChoices); + if (policy) { + ns.policy = new Policy(policy); + await ns.savePolicy(); + } + + if (typeof unrestrictedTab === "boolean") { + ns.unrestrictedTabs[settings.unrestrictedTab ? "add" : "delete"](tabId); + } + if (reloadAffected) { + browser.tabs.reload(tabId); + } + + let oldDebug = ns.local.debug; + await Promise.all(["local", "sync"].map( + storage => (settings[storage] || // changed or... + settings[storage] === null // ... needs reset to default + ) && ns.save( + ns[storage] = settings[storage] || ns.defaults[storage]) + )); + if (ns.local.debug !== oldDebug) { + await include("/lib/log.js"); + if (oldDebug) debug = () => {}; + } + if (ns.sync.xss) { + XSS.start(); + } else { + XSS.stop(); + } + }, + + export() { + return JSON.stringify({ + policy: ns.policy.dry(), + local: ns.local, + sync: ns.sync, + xssUserChoices: XSS.getUserChoices(), + }, null, 2); + }, + +} diff --git a/src/bg/defaults.js b/src/bg/defaults.js new file mode 100644 index 0000000..220bd23 --- /dev/null +++ b/src/bg/defaults.js @@ -0,0 +1,37 @@ +'use strict'; + +ns.defaults = (async () => { + let defaults = { + local: { + debug: false, + showCtxMenuItem: true, + showCountBadge: true, + showFullAddresses: false, + }, + sync: { + "global": false, + "xss": true, + "clearclick": true + } + }; + let defaultsClone = JSON.parse(JSON.stringify(defaults)); + + for (let [k, v] of Object.entries(defaults)) { + let store = await Storage.get(k, k); + if (k in store) { + Object.assign(v, store[k]); + } + v.storage = k; + } + + Object.assign(ns, defaults); + + // dynamic settings + if (!ns.local.uuid) { + await include("/lib/uuid.js"); + ns.local.uuid = uuid(); + await ns.save(ns.local); + } + + return ns.defaults = defaultsClone; +})(); diff --git a/src/bg/main.js b/src/bg/main.js new file mode 100644 index 0000000..74df62d --- /dev/null +++ b/src/bg/main.js @@ -0,0 +1,282 @@ + var ns = (() => { + 'use strict'; + + const popupURL = browser.extension.getURL("/ui/popup.html"); + let popupFor = tabId => `${popupURL}#tab${tabId}`; + + let ctxMenuId = "noscript-ctx-menu"; + + async function toggleCtxMenuItem(show = ns.local.showCtxMenuItem) { + if (!"contextMenus" in browser) return; + let id = ctxMenuId; + try { + await browser.contextMenus.remove(id); + } catch (e) {} + + if (show) { + browser.contextMenus.create({ + id, + title: "NoScript", + contexts: ["all"] + }); + } + } + + async function init() { + let policyData = (await Storage.get("sync", "policy")).policy; + if (policyData && policyData.DEFAULT) { + ns.policy = new Policy(policyData); + } else { + await include("/legacy/Legacy.js"); + ns.policy = await Legacy.createOrMigratePolicy(); + ns.savePolicy(); + } + + await include("/bg/defaults.js"); + await ns.defaults; + await include(["/bg/RequestGuard.js", "/bg/RequestUtil.js"]); + await RequestGuard.start(); + await XSS.start(); // we must start it anyway to initialize sub-objects + if (!ns.sync.xss) { + XSS.stop(); + } + Commands.install(); + }; + + var Commands = { + openPageUI() { + try { + browser.browserAction.openPopup(); + return; + } catch (e) { + debug(e); + } + browser.windows.create({ + url: popupURL, + width: 800, + height: 600, + type: "panel" + }); + }, + + togglePermissions() {}, + install() { + + + if ("command" in browser) { + // keyboard shortcuts + browser.commands.onCommand.addListener(cmd => { + if (cmd in Commands) { + Commands[cmd](); + } + }); + } + + if ("contextMenus" in browser) { + toggleCtxMenuItem(); + browser.contextMenus.onClicked.addListener((info, tab) => { + if (info.menuItemId == ctxMenuId) { + this.openPageUI(); + } + }); + } + + // wiring main UI + let ba = browser.browserAction; + if ("setIcon" in ba) { + //desktop + ba.setPopup({ + popup: popupURL + }); + } else { + // mobile + ba.onClicked.addListener(async tab => { + try { + await browser.tabs.remove(await browser.tabs.query({ + url: popupURL + })); + } catch (e) {} + await browser.tabs.create({ + url: popupFor(tab.id) + }); + }); + } + } + } + + var MessageHandler = { + responders: { + + async updateSettings(settings, sender) { + await Settings.update(settings); + toggleCtxMenuItem(); + }, + async broadcastSettings({ + tabId = -1 + }) { + let policy = ns.policy.dry(true); + let seen = tabId !== -1 ? await ns.collectSeen(tabId) : null; + let xssUserChoices = await XSS.getUserChoices(); + browser.runtime.sendMessage({ + type: "settings", + policy, + seen, + xssUserChoices, + local: ns.local, + sync: ns.sync, + unrestrictedTab: ns.unrestrictedTabs.has(tabId), + }); + }, + + exportSettings(m, sender, sendResponse) { + sendResponse(Settings.export()); + return false; + }, + + async importSettings({ + data + }) { + return await Settings.import(data); + }, + + async openStandalonePopup() { + let win = await browser.windows.getLastFocused({ + windowTypes: ["normal"] + }); + let [tab] = (await browser.tabs.query({ + lastFocusedWindow: true, + active: true + })); + + if (!tab || tab.id === -1) { + log("No tab found to open the UI for"); + return; + } + browser.windows.create({ + url: popupFor(tab.id), + width: 800, + height: 600, + top: win.top + 48, + left: win.left + 48, + type: "panel" + }); + } + }, + onMessage(m, sender, sendResponse) { + let { + type + } = m; + let { + responders + } = MessageHandler; + + + if (type && (type = type.replace(/^NoScript\./, '')) in responders) { + return responders[type](m, sender, sendResponse); + } else { + debug("Received unkown message", m, sender); + } + return false; + }, + + listen() { + browser.runtime.onMessage.addListener(this.onMessage); + }, + } + + + + return { + running: false, + policy: null, + local: null, + sync: null, + unrestrictedTabs: new Set(), + isEnforced(tabId = -1) { + return this.policy.enforced && (tabId === -1 || !this.unrestrictedTabs.has(tabId)); + }, + + async start() { + if (this.running) return; + this.running = true; + + let initializing = init(); + let wr = browser.webRequest; + let waitForPolicy = async r => { + try { + await initializing; + } catch (e) { + error(e); + } + } + wr.onBeforeRequest.addListener(waitForPolicy, { + urls: ["<all_urls>"] + }, ["blocking"]); + await initializing; + wr.onBeforeRequest.removeListener(waitForPolicy); + + await include("/bg/Settings.js"); + MessageHandler.listen(); + + log("STARTED"); + + this.devMode = (await browser.management.getSelf()).installType === "development"; + if (this.local.debug) { + if (this.devMode) { + include("/test/run.js"); + } + } else { + debug = () => {}; // suppress verbosity + } + }, + + stop() { + if (!this.running) return; + this.running = false; + RequestGuard.stop(); + log("STOPPED"); + }, + + async savePolicy() { + if (this.policy) { + await Storage.set("sync", { + policy: this.policy.dry() + }); + await browser.webRequest.handlerBehaviorChanged() + } + return this.policy; + }, + + + + async save(obj) { + if (obj && obj.storage) { + let toBeSaved = { + [obj.storage]: obj + }; + Storage.set(obj.storage, toBeSaved); + } + return obj; + }, + + async collectSeen(tabId) { + + try { + let seen = Array.from(await browser.tabs.sendMessage(tabId, { + type: "collect" + }, { + frameId: 0 + })); + debug("Collected seen", seen); + return seen; + } catch (e) { + // probably a page where content scripts cannot run, let's open the options instead + error(e, "Cannot collect noscript activity data"); + } + + return null; + }, + }; + })(); + + ns.start(); diff --git a/src/common/Entities.js b/src/common/Entities.js new file mode 100644 index 0000000..03a5d11 --- /dev/null +++ b/src/common/Entities.js @@ -0,0 +1,30 @@ +var Entities = { + get htmlNode() { + delete this.htmlNode; + return this.htmlNode = document.implementation.createHTMLDocument("") + .createElement("body"); + }, + convert: function(e) { + try { + this.htmlNode.innerHTML = e; + var child = this.htmlNode.firstChild || null; + return child && child.nodeValue || e; + } catch(ex) { + return e; + } + }, + convertAll: function(s) { + return s.replace(/[\\&][^<>]+/g, function(e) { return Entities.convert(e) }); + }, + convertDeep: function(s) { + for (var prev = null; (s = this.convertAll(s)) !== prev || (s = unescape(s)) !== prev; prev = s); + return s; + }, + neutralize: function(e, whitelist) { + var c = this.convert(e); + return (c == e) ? c : (whitelist && whitelist.test(c) ? e : e.replace(";", ",")); + }, + neutralizeAll: function(s, whitelist) { + return s.replace(/&[\w#-]*?;/g, function(e) { return Entities.neutralize(e, whitelist || null); }); + } +}; diff --git a/src/common/Policy.js b/src/common/Policy.js new file mode 100644 index 0000000..6adc2ae --- /dev/null +++ b/src/common/Policy.js @@ -0,0 +1,390 @@ +var {Permissions, Policy, Sites} = (() => { + 'use strict'; + + const SECURE_DOMAIN_PREFIX = "§:"; + const SECURE_DOMAIN_RX = new RegExp(`^${SECURE_DOMAIN_PREFIX}`); + const DOMAIN_RX = new RegExp(`(?:^\\w+://|${SECURE_DOMAIN_PREFIX})?([^/]*)`, "i"); + const SKIP_RX = /^(?:(?:about|chrome|resource|moz-.*):|\[System)/; + + class Sites extends Map { + static secureDomainKey(domain) { + return domain.includes(":") ? domain : `${SECURE_DOMAIN_PREFIX}${domain}`; + } + static isSecureDomainKey(domain) { + return domain.startsWith(SECURE_DOMAIN_PREFIX); + } + static toggleSecureDomainKey(domain, b = !Sites.isSecureDomainKey(domain)) { + return b ? Sites.secureDomainKey(domain) : domain.replace(SECURE_DOMAIN_RX, ''); + } + + static isValid(site) { + return /^(?:https?:(?:\/\/)?)?([\w\u0100-\uf000][\w\u0100-\uf000.-]*)?[\w\u0100-\uf000](?::\d+)?$/.test(site); + } + + static parse(site) { + let url, siteKey = ""; + if (site instanceof URL) { + url = site; + } else { + try { + url = new URL(site); + } catch (e) { + siteKey = typeof site === "string" ? site : site.toString(); + } + } + if (url) { + let path = url.pathname; + siteKey = url.origin; + if (path !== '/') siteKey += path; + } + return {url, siteKey}; + } + + static optimalKey(site) { + let {url, siteKey} = Sites.parse(site); + if (url && url.protocol === "https:") return Sites.secureDomainKey(tld.getDomain(url.hostname)); + return url && url.origin || siteKey; + } + + static origin(site) { + try { + return new URL(site).origin; + } catch (e) {}; + return site; + } + + static toExternal(url) { // domains are stored in punycode internally + let s = typeof url === "string" ? url : url && url.toString() || ""; + if (s.startsWith(SECURE_DOMAIN_PREFIX)) s = s.substring(SECURE_DOMAIN_PREFIX.length); + let [,domain] = DOMAIN_RX.exec(s); + return domain.startsWith("xn--") ? + s.replace(domain, punycode.toUnicode(domain)) + : s; + } + + set(k, v) { + if (!k || SKIP_RX.test(k)) return this; + let [,domain] = DOMAIN_RX.exec(k); + if (/[^\u0000-\u007f]/.test(domain)) { + k = k.replace(domain, punycode.toASCII(domain)); + } + return super.set(k, v); + } + + match(site) { + if (site && this.size) { + if (this.has(site)) return site; + + let {url, siteKey} = Sites.parse(site); + + if (site !== siteKey && this.has(siteKey)) { + return siteKey; + } + + if (url) { + let {origin} = url; + if (origin && origin !== "null" && origin < siteKey && this.has(origin)) { + return origin; + } + let domain = this.domainMatch(url); + if (domain) return domain; + let protocol = url.protocol; + if (this.has(protocol)) { + return protocol; + } + } + } + return null; + } + + domainMatch(url) { + let {protocol, hostname} = url; + if (!hostname) return null; + + let secure = protocol === "https:"; + for (let domain = hostname;;) { + if (this.has(domain)) { + return domain; + } + if (secure) { + let ssDomain = Sites.secureDomainKey(domain); + if (this.has(ssDomain)) { + return ssDomain; + } + } + let dotPos = domain.indexOf("."); + if (dotPos === -1) { + break; + } + domain = domain.substring(dotPos + 1); // sub + if (!domain) { + break; + } + } + return null; + } + + dry() { + let dry; + if (this.size) { + dry = Object.create(null); + for (let [key, perms] of this) { + dry[key] = perms.dry(); + } + } + return dry; + } + + static hydrate(dry, obj = new Sites()) { + if (dry) { + for (let [key, dryPerms] of Object.entries(dry)) { + obj.set(key, Permissions.hydrate(dryPerms)); + } + } + return obj; + } + } + + class Permissions { + + constructor(capabilities, temp = false, contextual = null) { + this.capabilities = new Set(capabilities); + this.temp = temp; + this.contextual = contextual instanceof Sites ? contextual : new Sites(contextual); + } + + dry() { + return {capabilities: [...this.capabilities], contextual: this.contextual.dry(), temp: this.temp}; + } + + static hydrate(dry = {}, obj = null) { + let capabilities = new Set(dry.capabilities); + let contextual = Sites.hydrate(dry.contextual); + let temp = dry.temp; + return obj ? Object.assign(obj, {capabilities, temp, contextual, _tempTwin: undefined}) + : new Permissions(capabilities, temp, contextual); + } + + static typed(capability, type) { + let [capName] = capability.split(":"); + return `${capName}:${type}`; + } + + allowing(capability) { + return this.capabilities.has(capability); + } + + set(capability, enabled = true) { + if (enabled) { + this.capabilities.add(capability); + } else { + this.capabilities.delete(capability); + } + return enabled; + } + + get tempTwin() { + return this._tempTwin || (this._tempTwin = new Permissions(this.capabilities, true, this.contextual)); + } + } + + Permissions.ALL = ["script", "object", "media", "frame", "font", "webgl", "fetch", "other"]; + Permissions.IMMUTABLE = { + UNTRUSTED: { + "script": false, + "object": false, + "webgl": false, + "fetch": false, + "other": false, + }, + TRUSTED: { + "script": true, + } + }; + + Object.freeze(Permissions.ALL); + + function defaultOptions() { + return { + sites:{ + trusted: `addons.mozilla.org + afx.ms ajax.aspnetcdn.com + ajax.googleapis.com bootstrapcdn.com + code.jquery.com firstdata.com firstdata.lv gfx.ms + google.com googlevideo.com gstatic.com + hotmail.com live.com live.net + maps.googleapis.com mozilla.net + netflix.com nflxext.com nflximg.com nflxvideo.net + noscript.net + outlook.com passport.com passport.net passportimages.com + paypal.com paypalobjects.com + securecode.com securesuite.net sfx.ms tinymce.cachefly.net + wlxrs.com + yahoo.com yahooapis.com + yimg.com youtube.com ytimg.com`.split(/\s+/).map(Sites.secureDomainKey), + untrusted: [], + custom: {}, + }, + DEFAULT: new Permissions(["frame", "fetch", "other"]), + TRUSTED: new Permissions(Permissions.ALL), + UNTRUSTED: new Permissions(), + enforced: true, + autoAllowTop: false, + }; + } + + function normalizePolicyOptions(dry) { + let options = Object.assign({}, dry); + for (let p of ["DEFAULT", "TRUSTED", "UNTRUSTED"]) { + options[p] = dry[p] instanceof Permissions ? dry[p] : Permissions.hydrate(dry[p]); + } + + if (typeof dry.sites === "object" && !(dry.sites instanceof Sites)) { + let {trusted, untrusted, temp, custom} = dry.sites; + let sites = Sites.hydrate(custom); + for (let key of trusted) sites.set(key, options.TRUSTED); + for (let key of untrusted) sites.set(key, options.UNTRUSTED); + if (temp) { + let tempPreset = options.TRUSTED.tempTwin; + for (let key of temp) sites.set(key, tempPreset); + } + options.sites = sites; + } + enforceImmutable(options); + return options; + } + + function enforceImmutable(policy) { + for (let [preset, filter] of Object.entries(Permissions.IMMUTABLE)) { + let presetCaps = policy[preset].capabilities; + for (let [cap, value] of Object.entries(filter)) { + if (value) presetCaps.add(cap); + else presetCaps.delete(cap); + } + } + } + + class Policy { + + constructor(options = defaultOptions()) { + Object.assign(this, normalizePolicyOptions(options)); + } + + static hydrate(dry, policyObj) { + return policyObj ? Object.assign(policyObj, normalizePolicyOptions(dry)) + : new Policy(dry); + } + + dry(includeTemp = false) { + let trusted = [], + temp = [], + untrusted = [], + custom = Object.create(null); + + const {DEFAULT, TRUSTED, UNTRUSTED} = this; + for(let [key, perms] of this.sites) { + if (!includeTemp && perms.temp) { + continue; + } + switch(perms) { + case TRUSTED: + trusted.push(key); + break; + case TRUSTED.tempTwin: + temp.push(key); + break; + case UNTRUSTED: + untrusted.push(key); + break; + case DEFAULT: + break; + default: + custom[key] = perms.dry(); + } + } + + let sites = { + trusted, + untrusted, + custom + }; + if (includeTemp) { + sites.temp = temp; + } + enforceImmutable(this); + return { + DEFAULT: DEFAULT.dry(), + TRUSTED: TRUSTED.dry(), + UNTRUSTED: UNTRUSTED.dry(), + sites, + enforced: this.enforced, + autoAllowTop: this.autoAllowTop, + }; + } + + static requestKey(url, type, documentUrl, includePath = false) { + url = includePath ? Sites.parse(url).siteKey : Sites.origin(url); + return `${type}@${url}<${Sites.origin(documentUrl)}`; + } + + static explodeKey(requestKey) { + let [, type, url, documentUrl] = /(\w+)@([^<]+)<(.*)/.exec(requestKey); + return {url, type, documentUrl}; + } + + set(site, perms, cascade = false) { + let sites = this.sites; + let {url, siteKey} = Sites.parse(site); + + sites.delete(siteKey); + + if (perms === this.UNTRUSTED) { + cascade = true; + Sites.toggleSecureDomainKey(siteKey, false); + } + if (cascade && !url) { + for (let subMatch; (subMatch = sites.match(siteKey));) { + sites.delete(subMatch); + } + } + + if (!perms || perms === this.DEFAULT) { + perms = this.DEFAULT; + } else { + sites.set(siteKey, perms); + } + return {siteKey, perms}; + } + + get(site, ctx = null) { + let perms, contextMatch; + let siteMatch = !(this.onlySecure && /^\w+tp:/i.test(site)) && this.sites.match(site); + if (siteMatch) { + perms = this.sites.get(siteMatch); + if (ctx) { + contextMatch = perms.contextual.match(ctx); + if (contextMatch) perms = perms.contextual.get(ctx); + } + } else { + perms = this.DEFAULT; + } + + return {perms, siteMatch, contextMatch}; + } + + can(url, capability = "script", ctx = null) { + return !this.enforced || + this.get(url, ctx).perms.allowing(capability); + } + + get snapshot() { + return JSON.stringify(this.dry(true)); + } + + equals(other) { + this.snapshot === other.snapshot; + } + } + + return {Permissions, Policy, Sites}; +})(); diff --git a/src/common/Storage.js b/src/common/Storage.js new file mode 100644 index 0000000..4555a28 --- /dev/null +++ b/src/common/Storage.js @@ -0,0 +1,24 @@ +var Storage = { + + async safeOp(op, type, keys) { + try { + return await browser.storage[type][op](keys); + } catch (e) { + if (type === "sync") { + debug("Sync disabled? Falling back to local storage (%s %o)", op, keys); + } else { + error(e); + throw e; + } + } + return await browser.storage.local[op](keys); + }, + + async get(type, keys) { + return await this.safeOp("get", type, keys); + }, + + async set(type, keys) { + return await this.safeOp("set", type, keys); + } +} diff --git a/src/common/SyntaxChecker.js b/src/common/SyntaxChecker.js new file mode 100644 index 0000000..8646901 --- /dev/null +++ b/src/common/SyntaxChecker.js @@ -0,0 +1,29 @@ +class SyntaxChecker { + constructor() { + this.lastError = null; + this.lastFunction = null; + this.lastScript = ""; + } + check(script) { + this.lastScript = script; + try { + return !!(this.lastFunction = new Function(script)); + } catch(e) { + this.lastError = e; + this.lastFunction = null; + } + return false; + } + unquote(s, q) { + // check that this is really a double or a single quoted string... + if (s.length > 1 && s.startsWith(q) && s.endsWith(q) && + // if nothing is left if you remove all he escapes and all the stuff between quotes + s.replace(/\\./g, '').replace(/^(['"])[^\n\r]*?\1/, '') === '') { + try { + return eval(s); + } catch (e) { + } + } + return null; + } +} diff --git a/src/common/locale.js b/src/common/locale.js new file mode 100644 index 0000000..60498a2 --- /dev/null +++ b/src/common/locale.js @@ -0,0 +1,45 @@ +'use strict'; +var _ = browser.i18n.getMessage; +var i18n = (() => { + var i18n = { + // derived from http://github.com/piroor/webextensions-lib-l10n + + updateString(aString) { + return aString.replace(/__MSG_(.+?)__/g, function(aMatched) { + var key = aMatched.slice(6, -2); + return _(key); + }); + }, + updateDOM(rootNode = document) { + var texts = document.evaluate( + 'descendant::text()[contains(self::text(), "__MSG_")]', + rootNode, + null, + XPathResult.ORDERED_NODE_SNAPSHOT_TYPE, + null + ); + for (let i = 0, maxi = texts.snapshotLength; i < maxi; i++) + { + let text = texts.snapshotItem(i); + text.nodeValue = this.updateString(text.nodeValue); + } + + var attributes = document.evaluate( + 'descendant::*/attribute::*[contains(., "__MSG_")]', + rootNode, + null, + XPathResult.ORDERED_NODE_SNAPSHOT_TYPE, + null + ); + for (let i = 0, maxi = attributes.snapshotLength; i < maxi; i++) + { + let attribute = attributes.snapshotItem(i); + debug('apply', attribute); + attribute.value = this.updateString(attribute.value); + } + } + }; + + document.addEventListener('DOMContentLoaded', e => i18n.updateDOM()); + return i18n; +})() diff --git a/src/content/PlaceHolder.js b/src/content/PlaceHolder.js new file mode 100644 index 0000000..37c0198 --- /dev/null +++ b/src/content/PlaceHolder.js @@ -0,0 +1,150 @@ +var PlaceHolder = (() => { + const HANDLERS = new Map(); + + class Handler { + constructor(type, selector) { + this.type = type; + this.selector = selector; + this.placeHolders = new Map(); + HANDLERS.set(type, this); + } + filter(element, request) { + let url = request.initialUrl || request.url; + return "data" in element ? element.data === url : element.src === url; + } + } + + new Handler("frame", "iframe"); + new Handler("object", "object, embed"); + new Handler("media", "video, audio"); + + function cloneStyle(src, dest, + props = ["width", "height", "position", "*", "margin*"]) { + var suffixes = ["Top", "Right", "Bottom", "Left"]; + for (let i = props.length; i-- > 0;) { + let p = props[i]; + if (p.endsWith("*")) { + let prefix = p.substring(0, p.length - 1); + props.splice(i, 1, ... + (suffixes.map(prefix ? (suffix => prefix + suffix) : + suffix => suffix.toLowerCase()))); + } + }; + + let srcStyle = window.getComputedStyle(src, null); + let destStyle = dest.style; + for (let p of props) { + destStyle[p] = srcStyle[p]; + } + destStyle.display = srcStyle.display !== "block" ? "inline-block" : "block"; + } + + class PlaceHolder { + + static create(policyType, request) { + return new PlaceHolder(policyType, request); + } + static canReplace(policyType) { + return HANDLERS.has(policyType); + } + + static listen() { + PlaceHolder.listen = () => {}; + window.addEventListener("click", ev => { + if (ev.button === 0) { + let replacement = ev.target.closest("a.__NoScript_PlaceHolder__"); + let ph = replacement && ev.isTrusted && replacement._placeHolderObj; + if (ph) { + ev.preventDefault(); + ev.stopPropagation(); + if (ev.target.value === "close") { + ph.close(replacement); + } else { + ph.enable(replacement); + } + } + } + }, true, false); + } + + constructor(policyType, request) { + this.policyType = policyType; + this.request = request; + this.replacements = new Set(); + this.handler = HANDLERS.get(policyType); + if (this.handler) { + [...document.querySelectorAll(this.handler.selector)] + .filter(element => this.handler.filter(element, request)) + .forEach(element => this.replace(element)); + }; + if (this.replacements.size) PlaceHolder.listen(); + } + + replace(element) { + let { + url + } = this.request; + this.origin = new URL(url).origin; + let TYPE = `<${this.policyType.toUpperCase()}>`; + + let replacement = document.createElement("a"); + replacement.className = "__NoScript_PlaceHolder__"; + cloneStyle(element, replacement); + replacement.style.backgroundImage = `url(${ICON_URL})`; + replacement.href = url; + replacement.title = `${TYPE}@${url}`; + + let inner = replacement.appendChild(document.createElement("span")); + inner.className = replacement.className; + + let button = inner.appendChild(document.createElement("button")); + button.className = replacement.className; + button.setAttribute("aria-label", button.title = _("Close")); + button.value = "close"; + button.textContent = "🗙"; + + let description = inner.appendChild(document.createElement("span")); + description.textContent = `${TYPE}@${this.origin}`; + + replacement._placeHolderObj = this; + replacement._placeHolderElement = element; + this.replacements.add(replacement); + + if (element.parentNode) element.parentNode.replaceChild(replacement, element); + else document.body.appendChild(replacement); + } + + async enable(replacement) { + debug("Enabling %o", this.request, this.policyType); + let ok = await browser.runtime.sendMessage({ + type: "enable", + url: this.request.url, + policyType: this.policyType, + documentUrl: document.URL + }); + debug("Received response", ok); + if (!ok) return; + if (this.request.embeddingDocument) { + window.location.reload(); + return; + } + try { + var element = replacement._placeHolderElement; + replacement.parentNode.replaceChild(element, replacement); + this.replacements.delete(replacement); + } catch (e) { + error(e, "While replacing"); + } + } + + close(replacement) { + replacement.classList.add("closing"); + this.replacements.delete(replacement); + window.setTimeout(() => replacement.parentNode.removeChild(replacement), 500); + } + } + + const ICON_URL = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAgAElEQVR4nOxddXxV5f9/E1KiIqV0qJR0STcIo0Y3DEQ6RfyC/hBhdAgC0jJqdI4B0o2EwChBhoTEqDF6vc/vj89zzn3OuefGtnvPJtvzej0vZffEU5/3+fQHSG7/5ZYFQCkADQF4AfgfgGkAfABsBXAIwDkA1wHcBxAC4A2ASAAxokeKv4WIa66Lew6JZ/iIZ/5PvKOheGcWt88uuSW35IbUAD4H4AngWwBzAewEcAUAJXC/IsYyV4zNU4w1tVtWIrklt7e8pQB/XTsDmAjgDyQ8kce1/yHm0FnMKYUL1ym5Jbe3oqUFUBXAIABHEUsiywJQKYAaAuQF0P8AmgaQD0BbAToE0DmArgN0H6AQgN4AFAlQjOiR4m8h4prr4p5D4hk+4pn/E+9oKN6ZJW6gcFTMtaqYe3JLbkmuFQPQA8BpOEE0qQH6HCBPgL4FaC5AOwG6IgiXEqi/EWPYKcb0rRjj52LMzswNwCmxFsXcvOZpAAwAsE/8f3JLbqa2agBGAAiGHYJIIb6unQGaCJAfQIEJSORx7YFi7BPFXEqJudmbu1ibEWKtXNlaAAiU3jPCxc9PbsnNsNUGMAasaXfqi1gOzH4nNAG7owcAtBSgQQBVBSit/bWIEWtXOx7rXxrAQYNnvwSQKx7PTW7JzWarCOB72DncxQD61AEQfAVQUCIgWncDwkKAeog1sbceYk0rOrkHHwNY7OB5y+OzycktucktF4CvADyDjQNXFaARAPkDdBigVI4PPKUH6AeAXiYCYnV3DxFrM0KslZ11eSbW2ugLnhHAOLBPg6P1jQJzCMktucW5VQdwHjYOWTWARgG0D6Bo6bBXc4L45f4xQIsTAZGa1aPFmo1yvFbnxR4ADApBsVlXAEfccyyS29vc0gHoABtf+xIAfQPQDoDCDQ73plgSv9xLA3QwERComT1crOU3Ym1trE1UXNcUrCBMbsnNYcsOYAgMDtH7ALUD28vvOzjMjmR/Z3ozgC4nAuI0u98Xa9wOoIwuWEfRA5FsFkxudlpuAD/C4PCUAGgkQEecPMATXXdoKRVAfQEKTgSEaWYPFvNO6cK1RLJZMLkZtNKw4YZbD6BZAN2K5cHN7NpDSwDoA4Cmw1jceJt6uJjnB25YQ7D/QWaXn6Dk9p9smQF4w+CgtARoBeKmle/rnoOr9k/B+oWEJlR39E1wjejkoM916SlKbv+5lhIG9vvUALUHaEM8DvBlOGf2c0WvCNDJREC0rugnxXzMWDewItHd7sjJLZG2fjA4FO0A2uiCg9zYvEOs9o4A3U4ERByXfluM3+w1A+DvisOU3P47rSWAh9AdhGYArXbhgb4BtuO3A9v09e9zV/+vORK9FONNby7RhwBYA/YjKOCSU5XcEn0rB45C0xyGGgAtAOiVmw/6VYBmA9QC7lEM6vvH4Gi9qERA5EY9SozPDHC0EaV4SpyJ5JYE2mDoDkAhgLyRcCzzBYCmgEUFN2m5CWB/+52JgODlvhNOxQHEuX8g1nWKWOfbYq8LGV8/2KUnLbklqlYP2pBQSgtQb4COJwJCkPtxgMaBE2+4gx2uKIghIed4WczP1XNLL547zsG+Hhd7bxCRGCjOSnJ7i9oI6Da6LkC+CUwEzvQosF/8GIDqwLXWhEow32LwCGwSddU8Uol1GSPWKbZiji/4LBg8O9k56C1otQFchbSxHwP0f4idE09i6m8A2g1OzfWui4goBzj9l7vHPQ6u5Wg+ddG4b4HPhIEO4iril48guSVgGwTdhjYBZ6lJaCKOb//ZBkFkzJgxXgTV2U3j9QUobzzGlT9/fvriiy+oePHihr//7KJx+oHPiME7Brn+eCY3d7b5kDYwGzi09F4iIN749gG6w/nuu++Sl5cX+fn5UUxMDAUHB9OmTZto8ODBVLhw4VgT20dwnVgQV0eewoUL0+DBg2nTpk0UHBxMSouJiSE/Pz/y8vKid999V3PPABeN+Z44K9msxzXfrSc2ubmktQDwANLG1UH8vPgSU/fSHcr69evT2rVryV4LCgqiNWvWUK9evahAgQJOE2FrxD0XYaC439l3FShQgHr16kVr1qyhoKAgu/NR2tq1a6l+/fqa53i5cK03iLOjG+sDJIcPJ9o2DLoNGwDOWpvQhOuKrv/y9+7dm65du+YUscjt9u3b5OvrSx07dqRcuXLZJcw04Dj8Z06O8Zm4Po0Dgv/oo4+oY8eO5OvrS7dv3471HJR27do16t27t9Weu2rNrxisu+jDTDnRyc3pNgvSBn0GjtZLaKJ1VdfL/MOGDaMXL17EmXDkduPGDVqwYAF5enpasdVKzwz7jkSKI48jp6b69evTxYsXXTJupb148YKGDRumeY+rdAJKnyXOlG4+s0w73cnNZqsG4CKkjfkSnEEmoYnWVf2E7uD17t3bZcRvREzt2rWzScAZAaoP0HiAloHNbvMAKmoAGLVMHreeEzjh4n3YIc6Wbk0uwvUpzJObk60VgEeQNqQX3h6WX+lloP2CxoXtj027du2alWxt1FPB4labEqDcAHkANAOgf8HpyxJy3GXcsBdXxBnTrcUjcRaTm4mtD6RNyATQWLjfh9+s/hJsm54lzfHdd991qPBzVVu7dq1NccBRTwmtO3NCjtsdBVVeibOWyXrufUw6+0m+jYS08IUBWpQIiDa+PQicLtwbHI2ot5t7eXmZQkRK8/LyUt/96aefPqpbt+61ypUr3/zss88eZMqU6TXgHCAk5Lgnu3G/Fomzp5vvSPPIIGm2SZAWvBq4eGVCE29c+xOAtoNr6pWH4VdF7X5+fqYSkp+fn+b9v/32255FixbtmT9//t7Zs2fvmzx58sFRo0YdHTRo0KlOnToFVK9e/Z8sWbK8TGzjdmcE5FYYpi2fZCI9JKk2B9JCNwXoWCIg4tj2CPCX/gdwUtH37BC90mvWrEkxMTGmElJMTAzVrFlTHUOWLFleFyhQIPjzzz9/8MUXX9ytWbPmjWbNmv3dtWvX8/369fvz+++//2PSpEmHevbseTYxjfugm/fzmDiLuj2bYyZhJIWmKfPUGaBLiYCYY9PvgDXmHrCf0jpt2rThhQsXDsqdO7daRHTEiBFxIoY7d+7Q4sWLqVu3blSyZEnKmDEjZcyYkUqWLEndunWjxYsX0507d2zeP2LECIfgZK8nhnFPNGFvL4kzqZv/YveTRdJoyyEtbB+wljmhCdqZHgE2R30LLpkNGz1t2rThxYsXv1ujRo1rnp6eF7t06XImb968T5TfY6tEi4mJoYULF1KVKlUcEmmVKlVo4cKFhl/qtWvXxgsAEsO425q01/+Ks6kbZ3L9wXg2X0gLOgQsNyc0YTtD+NvE4bOV5SZt2rThRYoUuacQfbdu3c4MHTr0D29v70M///zz/g8++ECtb3f+/HmniSg4OJi+++67WBPrd999p/G7JyI6f/685ZpMnxHaHSW03E1otoXQcBWhzjxCpXGEUt8QPulAyFqZgJSUmMZd0sR9fyLOqG6Mvu4hjbe/aYj/OyT+3HaRYB/ypjBm81OmTBmdP3/+R5UrV/6nUaNGlzt06HBuwIABJ7y9vQ+NHTv2cOvWrS/lzZv3qf6+p0+fOkVEMTExcSIidY2/+07zRX369Knl97QfEHreJHx9i/D1bUKvO4Redwm97xH6BBH6PCD0fUhImylRjftDk8/AS3FWdWNMBoFYNg3bPxKgsERA4Lb6G7BGuBmMK9a88847kYULF75fu3btqy1atLjYo0ePP0eOHHl00qRJB1q3bn0pV65cNqsKA6Do6GinCGnhwoVxJiKlL1y4UH1edHS05bcUKQndLhK8LhO6XyF0/5vQI5Dw1XVCzxsCGP7l6xLRuFMmwHkIE2dWN8ZkccDJplH4jUTirXoTAdYyt4ZxAEzatGnDixYterd+/fpX2rZtG9C/f/8TY8eOPdivX7/TRl96tadMQ0iZWv23M1/SO3fuOCU7O+pVqlRRFWwaDiDNe4T2xwgd/iB0PEnodJrQ+SyhSwCh6wVCt0sMDGneT1TjNpsDUHo4DEEgWTHooGlMfd8h8X75z4LdQrMaHMb06dOHFS9e/N8GDRr81aFDh3NDhw49PmXKlH2tWrW6lDVr1lf66wEQUr1LyP0locw3hLq/Et7Lrf7mjCy9ePHieBOR0hcvXkxEOh3A+/kJLfwJLXcQWu0itN5DaLOP0PYgod0RQofjhI4nWFeQiMZtpg5A38NgKA4kmwhtNI2TzxAkTpk/BGxaKmhwANOlSxdWvHjxOwrhDxs27PhPP/10qFGjRn+nSZPGuoR1ipSErBUIxb8mVJ9EqDWDUPsXQp3ZhOxl1euc0aZ369bNZYTUrVs3ItJZAXJ8QfDwJTReTWi8htB0PaHZRkKzzQRPP0KL7YSWvxNy10xU4zbLCmCrv4ShYjDZWUjXNO69fZD4tP2RAG0BqLbBwXvnnXciihQpcr9+/fpX2rVrpyF8/bUACO9kIxTwJJT/llBlDKHaeEL1iYQaUwg1phJqTiMUaKxe74w9vWTJki4jpJIlSxKRzg/gU09C/QWE+gsJDRYTGvxG+NKH0HAZodEKAQ5rCEU7Japxm+EH4Kg/gaGJMNltWDRNYE9nJD47/00wiutddVOlShVVsGDBB7Vr177apk2bgMGDBx+fNGnS/hYtWlxOmTKl9Rf/g+KEEv0I1SYSqnoTKo/mXmUsoeo4QrUJDATVJxFK9lLvc8ajLr75AOWeMWNGK486lBkguJNZzKHUmcOiSr15hHrzLcBQ4X+JatwHE8H5IXGmDZyFknwAUStIC9IUicvDLwZcG7C8wWHLlStXcPXq1a81b978Yu/evU9OnDjxQM+ePc9kypTpjf5aZK9GqPg9E0/NaUzkVb0JVX4iVP6R/1tlLP+t6jjRvTXPcORT72pC0vvUo/okC3dScxqh5nRCrZ+F2DLTIrrUnpWoxh2RCM6R0i/B0G04yYYSV4MUz18NidO3f5Ruw9KkSRNRpEiRuw0aNPirW7duf/7444+Hvvnmmz9y5coVAt21yFqJUHksocEi/lrWmsFsfrUJWgCoPFqAwBgGAqXnb6A+y1FUnatZaTmqDvkbStyJ4FCqTyLUmCzEFkl0qTmdULBJohh3GoCGI3EVST0GqwCiR0iiSUXUTD6Fkbij+v6nO2i5cuV6OmTIkOOzZs3a06ZNm0vQ/Y6MRQiVxxE8VrGcXG+++PpPZ8KpNl4QuQIAMggoQDCGUHaw+kxHcfWuVKbVrFlTmw+g3FCJMxnH41f7BK3oUn0SocJ3iWPcotcC6I9EcI6UvhVWocQXXURT/5mm5vDLhP9GPL8eBD755JNHOXPm1DrwpHqfUHY4oekGQpO1rCCrv5BZ41o/677+Y4QO4EctCGiA4CfCuznU59vLrONKc1qxYsUs/343h5YrUXpVb6nrwWECIWPOhB13qnSa33KDC7++TgRnicBnXqdTSjI5BjXZe8cmgs1wtutBQNPzNSM0Xkfw3MYmskYrdKz/VCH7j5O+/noAkEBA6SV6at5jK7eeqxxqPvroI+3firTTciVW3QYwlOydsONutJzHI/0tA7gsWWKpDzHWeh5vfbbhFpAm3Av/vTReViCQMj2h5kxCm/3sJNNsI8FjJWvE6/7KCrIaUy2sv/L1twkABkCQ/0vNO21lBXaFS62mp81kzJVYdRvAkL9hwoz7/byEQa8JA1+yaTKjNv15fYAuJoKz9AqGOQbf6roDatGOL/HfTeBpBQL5GrATTLPNbA9v8Buh7lwm/prT7BC/PQDQ9Y8raN5pVBcgvkE1Vr1oJ2uOxKjbA4YcX5g/7mYbCANfEQa/4d5mHyGrtqxYaYB+TwRn6Qqssg0/cCnFJaKmluv6DP/91N1WIJCnJnvJfblEEP8vsSP+Sk6AQLZSmncaVQaKa1itVX8vj4PxxAIYspc2b9wfVyD0e0IY+IIw6A1hcBhhSBgDgs60mh+gJWAnr4Q8SztgVXfgrStDpinU+bYU7bACgZyV2THGkPjHxv3rb4cT0NcGVL6ozibWSJUqlfXf02cjlOoTt/HZAoiPK7p/3B8UJLTczuHJ/UMEFxBKGBLOfXAoezO+k0G950OAJgEUmsBnSc4ALfpgdxGj2a02pIm5snRTYuhWIPBReYn4J8Se+J3hBCT/ALnXrFmTRowYQWvXrqXz58/TpUuXaNGiRdShQwcqVKgQpUuXjtKkSWM/5Xf6bITPu8WT+G2N+0v3jfv9vAy+Xn9xWLIVFxBBGBrJQNB0vebeNACNSAQgYFCG7K0oTX4VYkJ18N+V+2MFAtnLCOIfZ4P47QCAs73EV4R3P7ZNEHHp7+Vx8OUfHf85uGPcHxZiU2vbgxye/NU/nKBkwDNWBioAoIDA0AirZ6QUBPgmAc/RFVgVJL3qamI0u42AmEw2vD1Veo26FQhkK60l/viw/pUkzkDPIZQZQMhXL34ElDYToWhHAwJ3VTeYkyvGnS4zP6fhUv6qt9pN6HiK0P0qZyrq/1QnBigAEGnzmT0BepGA52gDrEqT/2eDhupBmsioRECk7u7WIFAq/sTvrHhQaRSz7nnrErIUI2T4iJAqLY8jRSpOMJIiJf9/ug95bJ80JZQeYEy0ds1+seiOgCFW487M3NWnLQgVvmXnqjpz2OTqsYrzFbQ/xslJZDHAAQAUKlTosfzv7gA9T8BzpHc/B1DfbOJ1RQuEmEATJB7nC/NBoGT8ib+SA+KPVY8Nsdty/oltdxYY7IxZjpWoOk6ET09lhWu9+ez402wziwFdz3P+wr6PCAOesx7ADgBERESs8fT01IRuf42E8xq8J2hGGk9gQhBwfNpgiMF/DJBfIiDMxAECCUX8zhC9He8+K9dfB93oflUcsgMMdsFAAoGq3qxjqTGZuYC6v3LMRdMNbPPvfJZzFRrpAQwAgIjWRkdHr27duvUV+e8DkHAZqfxglVF6SEIQclxaOUgD/79EQJCJAwRKuOgLHg/Cd4bgjfz7rQKAnOj6+20ChA1AMAQCZQ4KFzCJLS51ZrMY0GQtpyvrdJrQ4xqh9302BxopArUAsIGI1kVHR69u0aKFygmkEvuYUIrB/9OfIaB8AtBzrNspiAHXBVe5TWhiTJogYIv4dUSvJ3irCD9dCLAaBqzr8u/VJ2nvVZ5nBQ5GoKADBCsgGK3jAoQYUH8h6wFa7uTchFaKQLsAsFkGAVknkBbsJ5AQeQVuCRqSxno6Aeg5Vq0lpIXzTQREmNA94UBAT/g/GRC+EcHLcf5TrZOAKL3Wz9ou/6Zcr9xfY4oOKGRgMAAFKzD4SQsCChdQbTw/u/ZM1gN4rOTchB2Osz9Ar7u2LQFaAPATILCRiNbt3bt352effaaWZssE9hhMiPPjK2hJGm+iTiDyEGKgvRMB8SWWbj4IjNYBgPTV1xO+TPA2M/1IacCUVGD6rvxWZ464dhbfW/sXfk6tGRJQTNMCgwIKVoBg5EQlcwHjhB5gBjsBNVrB0Zjtj3H9gl53CP2COShIBoAhWj8AIvLXg8DOnTt35c2bVw33LgDQrgQ6P7215+cRgBQJQdyOWj+IQRYC6HgiILzE1M0FAT3x6whf/dILoq/1MxOpQuhWuf4WSYlAl4juo+vi7w1+E9cu4nvrL+Dn1JsnAYUABxkUDAFBDwQSCFT5if9efaJQBM5lS4CnH6H9UZ0p0CEA7DQCgQ0bNuzNnDmzmuKtJECXE+DsHBc0JY15QIJQuJ2WEtIAvRMBwSXGbh4I2CJ+5Ys/lYlOIfq6v0rELrL9NlrOLLXHKg6pbbKWnW2abuDebKO2K39vup6vbbyGg6M8fPnL3HAZP7fBbwIcFkigMFviFH6WOITJFs5ABYIxEsCN5d9qTufnNFxGaL6V6xR0uxgbANhlAAIbiGjd/PnzD6dLly5CubYuQHcT4Ox4688OkCoB6Nxm+x5iYDWQuHKwJbYeexAY7US3AwBVvbVpx1XCn8ME2GCRRPCrCE3WMUE338LstJLvv9VuLgbSei+b2trs1/V9/FvrPXxty99ZIddiO3+Vm28RQLGewcHDl9+pgEL9hTpAkMFgii62YoyFC6g2nsGizhz2CGy+hdDusACA29qYANsAsNcOCKydMmXKcfn6fjA/j8VtQVvSOP4vIQjdqGWGNLAFiYDIEnt3DAJ2iN0pu/loHfGLr36tGUxc9eYxm95wGRN90/VMOC22sxnNqOJPx1OETn8SOp9hO3vns4Qu5yy981n+rdOfbIbreIrv63Ccn9P2EANF6z0MDi38+WvdbCNzDB6rJEBYzByCDAY1pwsgULIqCRCo6s1/rzOb7222md/V9QLXK+z7WBcUFG4EAPsNQGCrDALDhw8/o1z/LkDzE+DcLNCfGyBrAtC7VfOGGFAz/Pcy/CQuELBD7IY2fD0YGGjJFVt57ZlMUA0WMeE3Xs3E57mNib7tASbUjieYiLucs9T88/pLKgh6zVIUVN97BIrfr7EZrvsVVsZ1u8jP6nKOn93xJCvq2h5isGm1i8Gn+RYWIxqvYfHjSx8eb735/IVXgWCySKwq5l59Iv/W4DdCs03CG1ABAMUb8LUEAOF6ADgoQGCPAIEdEghsUkAgf/78aj3HvDA/0egrQWPS2CcggRWCpaXB0OpEQFj/pW7TYzA2HnqyuUyvIFPt5EILX9mbUO47QvE+hM86EvI2IXxUg5CpDCFtXkLa3KLn4Z6xMCFzRULOeoRPOxJKDCRU+JFQex6hySZC2yOE7tdEefAgdrzpfZ/t773vsRnu63+ZFe95k6P0FHDwusxE2vkscwsdjjMgtN7LooOnHwNU49WCM1jCXIECBDWmMghUHs0cQc3pLEY03cCcRpcArlrc96HkDRhqAQEtABxxAgTW+/v778mWLdtr5b7qML+IzWr9mQHKJgDdq+0PZSDtTF6IGCRswIZbQcCI6G1l4NXYz8doRYISfQh5PQgZCxGQQn9wXNffL0Eo8hWh6lRCc39C90A2v/V7wix438f8Je7zQADFPQaGnjeZc+j+twCE8yxGdPiD5fjWeznPYvMtrJvwWCkBwWzmbKqN57nWmMyiTZO1fF/ns5awYCU5iCIGDA7TjJ+IjhHRYQEC+wQI/C5AYBsRbVFAYPHixYfke4eLs2jmmWmnXf+TSCAuILcyiNTgCjpmLsIGgMoCdD8BiddV3TiKUG+zH09W+ff1nndVxhI+70nIVpGQIrX2mWb3D8sSyv6P0HQrE/qAZ0yI/Z9K4CBAQQaEHoEscnS9YAGDtgdZsei5jb/wHisteRdrTrcAYJ1Z/FvL33XuwE+FHkDhAkI1YyWiP+yAwHYJBDYS0brvv//+tHJvRpgf5r4RTHPSHPK5h8Tttx+VAbQ3eQFuAlROvLsI3lYQKG3srKOY8GQvvGoTCJ+1J7yT1S5RVq1alXr27EkTJ06kFStW0J49e+js2bP01Vdfqdd4e3tHhYSEhIeEhIQ/fPgw4p9//ok4f/58xP79+yPXrVsX+euvv0Z+9913Ue3bt4+uWLFidObMmWPsvVPteRoTav1K6HqRiXHgC5bNVVBQACFIiA63LGDQJYDFhHZHWImopl5fzvqBmtNZ7KkxlTkEz20MHN2vsDNQ38f8roGvGAQGvdGMjYhOChA4KkDggACB3RIIaMyDsj6gnDiTZp6X9tr19YbJXEB2eQHNRMAocKHOFNL731oQyF7GhrPOHP761ZpB+LQtIWVaQ6KrUKECzZw5k65evWq3SKdcTmvJkiVRRBSh6+F2etj9+/fDd+/eHTF16tTIdu3aRefOnds+KHxUi/UIPa4zUQ58qQWEfsESGNxhWb77VeYKOp1mIGi1m60IHqtYJKgxlUWgunOZS1AsAT1vCjFAcAEKCEADAKdtgMBeAQJW5kE/P7+9yv0pxJmMMvGsbLBe1xwm0L3ahigvbmkykWwF6H2DQ/XWgsBH5YV33lw+6A0W81eu7DBC6iw2iezDDz+k4OBgm0Qvt2bNmqn3bd682QgAjLpNQCCisH///Td84cKFkW3bto1+//33bQPCZ10IzfyZQAe9tgCCCgZPWJHX+x4Tc/e/mbA7nmLRoMV2thrUmy+cgqax41GrXWxx6P634AIe8TsGPGcggAYAzggQOEFExwUIHJJAQG8e3ERE64sWLaoGDb0P88vbtdSu5XcwiQtIJy/eChMnHAKu86a8O23atOHyWN5aEMhRiZ1cPFby4S7QwoqQypYtG7Nr167IIkWKqMQ2fPhwpwCgcuXK6nOOHj0aRUSRBj0ugBCm9MOHD0d4eHhYl0xXevoChJqzCT3/ZRZdBYMXrD/oF6wDgqssGrQ/xjJ/4zXMGVX+kZWBzTYzp9D1AisDe99jEOgXzMACDQCcEyBwSgKBIwIE9JYBVR9w6NChXfny5VOLwtYSZ9Ssc7LCeh3fdS/pc+ugvLAeQC9NnPBE3YRLlChxu0qVKoHy395aEMhdg9B4LZvtpL8XK1YsZufOnSqB7tixI1L5LU2aNHT37l2HAFC4cGH1eVevXrUFALa602Bw7Ngx1aU2e/bslCKFgWUiRSpCmeGsKxgcymCgB4I+D/ir3iOQCbzDH2w69FgpPAcns36g5e/sc9DtEosRve7yvX0f6QHgPBGdJaI/JRA4RtbmQSt9wNatW/fJz5po4hl5CaZB6f1eMIELUCOkzMzvHwCOyFLenSdPnketWrU66+3tva9v374nkwQIpMum+fePP/4YbUB8keXLl1e5gC5dujgEgGzZLM999OhRFBHZ6vECg7/++ksFgMKFCxMR0ZIlS6hEiRLWQAAQivQkdDip5QgGPGdWvu8jJuivrjMItD/Gyr8Gi1gXUGc2mw7b7GO9QbdLfO3Xt/g+aADgAhEFSCBgTyloJQqMHDlS9RIsIM6qWWdEV0/gOdwcI1BdeVkJmJfsIxycrVV5d+rUqaMaNGhwafDgwUfWrFnj9/fff6+aPBgX2TgAACAASURBVHny4SQBAqL/9ttvsqyuIcT9+/errHaqVKno3LlzdgFALrIRFRVlDwBiAwpWQPDgwQNVZMuWLZtmDMeOHbNdEOTTjoROZ22AwB0293U5x96MjdewsrTqOAaDZpsYBDqeZKDofoU5B2gA4JIOBBSloC19gEYUIKJ1WbJkUaMGe4oza8b5uAWmRWk+9eBGLuC88qKRJhLBIYCySpMsXLjw3S5dupyaNWvW7ydPnlz39OnTFdHR0St+/vnno0kBBKpUqRJjRPiiRxFR1BdffKFyAQ0bNrRJ/MHBwepzM2fOTEQUbdDjAwYqCERFRakcQKpUqQzHc/36dRo2bJgxEBTpSeh6SSgJFXEgiHUCXpdZFPDcxorSauNZHPjSh0Gg9R7mEjqfYSCABgD+EiBwnqz1AU6JAgsWLDiiPC+rOLNmnY+R2nW6BI7OdXnLpbzkfYCOmDS5KIBaSRNMkyZNRNOmTQN++OGHAzt27Nh07969leHh4cuJaCURrZk5c6bqnfg2g0DHjh1j9EQv94CAgGj5+t27dxsSXGCg5Wv46aef2gKAuICCIRBkzpxZfZ89K0WdOnWMQQApCRVGE3reFlzAQ3Yi6n6Vtf6tdrEuoNYM9g2o/YuoG7CB9QRtDzAQQAMAV4joMhFdlEBA0QcYOQkZigK5c+d+rjyzFcwzCx6BlWWsANzABXylvMBMt9+tYG8r5d0lS5a81atXr+M+Pj7+Fy9eXP3ixYsV0dHRK4hoFRGtI6KNs2bNUj21kgAI2CLA6DFjxqhcQOnSpYm5e207fvy4+rzKlSvHBgCcBQMNEBQsWFAdU2BgoCHx7969WzPP7t27W1sPUmcn1F1M6HNfAMDf/HVvvZfdgevOteRAqDObTaeN17BbccsdegD4WwKBOIsC69atO6A8MyPMNQvq3IMHwg1cgKr88zFpUhHQ5kdPly5dWKtWrc6OHz9+7/79+zc8fPhwRXR09DIi8iWiNUS0npgl85s9e/bZJAgCGsJ89OhRdMaMGdVrfX19rYht69at6u9NmjSJiSMAOAMGkUQUKYsmx48ftxpPVFQUlS5tqSY8evToSCJ6c/78+bBKlSppuBoAHKjUeh9zACoArBPOQVPYLFh9EjtQ1V8oIiHX6AHgGhFdJYsocIEsooDsH+BIFFhfoEAB1SzYBOYlE/XRrssLAO+4kvgrKg8vYSIhbYLW469MmTI3BgwYcNTX19fv2rVrvm/evFlORCuIaDWJr79AY38i2lm1atVHSQgEDAly7ty5KsHlzZuXwsPDNQTn4+OjPsfLy4uIKMZBjxcYNGnSRB3P1q1brQDA19dXHU/GjBnpwYMH4UQUKvqbvXv3hpUqVUoHBCkI5UYya996jwCAhcJFWERLKrkD6/7Kv0EDANclEHBGFDhA1l6CW4hoo5+fn2oWTCHOsBln4j6slIE14UIxQM34841JE3oFUFNpQhkyZAht27btmcmTJ+8+duzYuqdPny6Pjo5eTpav/waBwn4ClX+vWrWqpuRTEgSBGCKKyZs3r3rdlClTNAQ3ffp09bdvvvnGGQCICyCoANC1a1cVAHx8fDRjCQ8PJ3mss2fPjiSLM5EKAkT0ZvXq1WFWHoaZyxHqLeQvfP0FIk5ivCVxiJwbARoA+IeIAsm2KKCYBmVRwKZCUPYQbArzcmR8oz0T4wGkdhUAqA/eYdJkdoDLNivvrVix4vUhQ4YcXr9+/ZYbN26sDA8PX0bar/8mYoWMv0Dl3bly5Xotjz0JgYCGSNevX68SSubMmTXKtx9++EG9f9y4cbEl/lgDwZAhQ9SxTJ8+XQMAU6ZMUceSO3fuGLL2KNSAwPnz50MrV66s1Q+kSMX5DurNYw6g2gRLwhQlR0L1SXoAuEHMBQSSY1HAoULw0KFDu5RnpzGZZnRnPR1cwAXUVh5YDebYN0MBaitNJH369KHt27f/c/r06b8fP35c//VfS9qv/w4i2hUZGWnx0EqRitBwRZIAgc6dO5MRgRYrVky9RnYR7tWrl/r3BQsWxAcAnAKDcePGqQDwww8/qOMIDg4m2UKwbt06xc/BLggQ0ev169eHWnED2SoTqgiCl3MIKlWFoAGAWxIIOCMKyFyArBBUuYDChQurdQXaijPt7rMQDqZRaW5N4QJl4BjlgWZV+D0JUHZpIhUqVLg+ZMiQwxs3btx8+/btFc58/W/fvq3aZfFBSc4D5+ErL06SAoGdO3eqBJImTRq6ffs2ERG1bt1avW/9+vUkNbcAwYIFC9Rx9OrVS33Z8OHDLftSpIhi4jRyLdaDwGsien3mzJk3X3zxhZYbeCc7oexQ62xJVcboAeA2Ed0kx6KAkULQkAvYs2fPHuX52cWZNuMs6CoL/wwXKAPVDdtnwgSiAfpWmkSaNGnCla//yZMn1z5//nyZo68/Ee09ffq0xT04dyNLNliPlUkWBCpWrKj+rrgIy/b2ffv2kZ3mEiCQxZHWrVsTEdHt27cpTZo06ji2b98umw+N3IqNQOAVEb2aOXNmmAYEUqQmFOmiS5w6Wg8A/5IxF6B3ENJzAbJC0IoLyJEjxwvlHd+Ks+3uc7BPew5iAGRAPMSAasrDqpo0gTsAFZMmUapUqZuDBg06sn79+i23bt0ykv03ku7rT0T7/P39z6kLUbi7BQCGhHNEHZIUCBAR0ZEjR9TfFBdh2eTmyGXYBYAQvW/fPhUA6tSpQ0REXbp0UcdQvnx5xaxpy63YljiggMDLXbt2vcmQIYNWJEiVUduh6pbCiegOWbgABQRkLuAiGfsG2OMCNq5ateqg8p5i4my7+wxEg2lVmntjxEMMGKE8aIRJh3getKa/Nm3anJk8efLuo0ePrnVC879LoPGB1atXX1QXocQgLQAMDmXvMCQZEFCbHPrbsGFDypUrl/pvZyIH4wsE586dU014pUuXpnPnzmliEY4cOSJbDYxAwEgnoOoDFBA4derU67Jly9oOPxbdx8cnhIjuEnMBRqJAbLkA1SIQExOzQXlPCnG2zTgDI7RznAQgTVwBQFVk+Jsw8AiAGkmDz5gx45u+ffseW7ly5dZr1675hoaGGn39Vbs/ia8/ER1cunTpX+oilBluDQADX7LPOJIWCAQEBGh+S58+vfr/b968iQsAxAoI7t69q36Zc+XKRQ0bNlTfLzwR7XkSOgKB1zIIENGLefPmvSlSpIgVEBQtWjRyyZIlz4goiIjuEXMBtkSBuHABW4hoo2wSbARzHIP8tXN9Bs4TEGsxoJjykGIwJ9HBYWjdfqtXr351zJgxew8cOLD+4cOHy4XX30rSef2RsPuT+PoT0WEfH58rFgD4zhgA+gWzyyiSFghMnTpV8xsAKleuXNxJX9vsAsCbN29UAJDBBwAFBATYciJyBAKG+gASIEBEz4ODg58/ffo05Cm3YCJ6REQPiegBEd0n5gJkUSCuXIDGL+DgwYO71Q+aOOPu3vsQaMVoAFUQBzGgh/KAHiYd2h+kQadPnz6se/fuJxYuXOh/6dKlVa9fv15GRMuJff7XkuXrv410X38iOrJs2bKrFgAYziWhNQDwigGg1x22FyNpgcCpU6eoXLlyKvGfOnUqjvRus9kEAeW9cp86daqR1SC2IGAlCoj+nIieEVEIET0lomAiekwMAg/IwgUoosAtij8XoMYIyO7BP5i09z206/st4mANOKU8YKEJA34ErStjuXLl/hk+fPhBf3//jffv318RERGhfP1XE3/9N5H267+H2C57iIiOrlixwgIApYdJABDBeeEHvuJosl53OUa8qneSAwEiii/b70yzAoBTp07F6MDHnu+AEQjEWhQgLQgEE9ETYhBwFRdgyztw07p16w4q619CnHV37/tC7b5fRCytAWmVm9PCnAwnOwHKIA26VatWZ2fMmPH76dOnVwvTnxz0oyj/tpFk+iPx9SeiY9u2bbPoAIp+bQMAQjhXXPerXBKr4sgkCQImNJvigO5vzsQTxEcUcAcXoM8ZoI8U3BwSErJZWfsM4qy7e88DBO1K+54jNgBQVbmxqkmHVLb9Z8iQIbRv375HV61atfUGu/0uJVb+qSG/pDX9ab7+RPSHv7+/BQCKfMUAoIDA4DDOLtM/hAtHdP+bs8y22kUoOzgZBNzX4upF6ApRwF1cgJw+TOYCNCbBggULqnUEvjVpz3XmQE/EIjZgkHLjIBMG+hCgMtJgK1WqdG306NH79u3bt+7x48fLo6Ojl5Jt9l81/RErY44R0YkTJ05cUiefz9MYAAY84ySRPQI5mYQSSVayTzIIuK+5EgTiIgrEhwvQ+wUYxQgcIGuT4CY5SrCMOPPu3u9B2v32BscGONXU1FpLTRjoEYAySYNt06bNmXnz5m2/cOGC7+vXr5cSK/9kzz9F+beDdMo/YqXMyZs3b6rpy/BhOS0ADAnnRJMDnnNGma/+4ZxybfZx5pgvfQjFv5IXLxkEXNviCwJxsQrElwsw8g7URwrqlYFqwpAHDx5sVdY8E8zJqLVUu9fnALwPJ8SAFMpNKWCO/O8tDTR9+vRhgwYNOrJhw4bNt2/fXhEREbGUbLP/Vso/YnbsVEREhCUhSIp3mPD1ADDwBZeN6nmTC1O2Pcj55BsuY/NgsW7JIODeFlsQMJMLUADgFlnHCMhJRJX8gbaUgaoYkC9fPjWpjrcJ+xwArVMduKKXQ3NgKeWGUiYM8jW0cf9lypS5MXbs2D0HDhxY9/Tp02US+29k+zdk/4nZsrOZM2dWc+Sj3xMDU+BL/vvXt7mGfbsjXJa60QquNFN7JqFop2QQcG9zFwi4gguIizLQpmfgokWLVM66qTj77t7nUtp9/hJOmAM7q4fChAHeBCivNMimTZsGzJkzZ/v58+dXOWD/rWz/JNh/YrbsXJEiRdRUzegRqNMDhGpNgV5/cY36FttFvbmFnFCyxlRCkQ7JIODelti5gJtk4QJsBQk59Am4fPnyDmWt88KcgqKdtXs8HEB6RwAwUbnBjCon66BlU/r37390zZo1W27cuBFn9p+YLTvXuHFjleVCm4POWwKarGU3YaUGffVJhCLtk0HAfS0huQAFAJ6QxTvQnjJQHyospxG3KwbExMRsVNY5hTj77t5fXTWtJXBCD6Cm1fYzYYDDpQF+8MEHr/7v//5v3969e9c/fPhwWVy0/yTYfyIK+Pbbbx+qk6/vYwAAQhHY5wFXjel8VqsIrPsrp5WqMZlTSxVulwwC7mvxVQjGlgvQewcqYoDCBchiwG1yjRiwqVixYk+UdR5uwt76aff2EoCs9gAgtXJxaoACTRhgfWmAlStXvjZt2rTfT58+vfrFixdLicie84899v8sEZ1ftmzZv+rky44wtgQoisCvb3HBiLaHOHV0o+WcVqr2TM4uW20CZ5Ip1DZJgEC+fPnol19+oT///JMiIyPjStSxbQnBBchigMIFOBID9D4BzloDNq9YsUKtYFXfhH0NFLQs7W1+2PEH+Fy58HMTBncHoA+lwbVv3/60j4+P39WrV1eGhoYuJWPffznyzyb7T0QXzp07ZykcmquRNQDIQUG97ojqMjo9QJ1ZrAeoPpEBoMpYQqE2SQIE5F6pUiUaNWoU/f777/T8+fM4U7gTLS4gEBsuQPEOdKQMdEYM0OcNNBIDNBGCQUFBfsqafghzcgR8rt3LRmBPX8PmqVzoacLAtkkDS58+fdiQIUMObd26deP9+/eXRUdH+5BW/pfTfiny/wGyZv/PELNlF6Ojoy+rE0+Rih1/HOkBOp0WeoB1hAa/ccnpmtNZD1BtPMcMVBlDKNRaXtQkAQJyL1myJPXr149Wr15NQUFBcaZ2g+YuLsCWd6CRMtDIGuBIDLDlFKQ3B27Kly+fWkFomwl76qndu0GwU0b8W+VCM9wVJ0sDy5cv38Offvpp7/79+9cGBwcvJaKl5Lz8f5y08v95sTF/lStXzmIJaH/cvkNQzxtcc77tAYs/QL15nE9eFgOUXPNJBQRSpNL+26AXLlyYevfuTWvXrqWQkJC4kb6lmcEFOFIGKgDgyBqgJA7V5wy0qQfo3LmzGqg22YT9/Fa7VzMBZIINPcBc5cK5JgzMSxpYqVKlbs6cOXPn2bNnV71+/dqHWP5X7P9GwT82zX/EbNklIroyZswYS3GQmrPtiAFPuMRUt0tcYKKFv1YMqDlNKwZUGcMJJpMKCORvSKi3mPB5X0LavNrfDHrZsmVp7NixdPr06bhBgOu4AHvKQL0YoCgD9dYAOVmILacge+ZATXDQ+PHj1dJ1Xibs5Vzt3mwGkM0WAOxULnR3xFIoQKWlgXl4eFxYunTp1qtXr64MDw/3Icf2f7vyPzF7duXIkSO31ckXbGsBAFkMUCMDZTFgN6Hpeq4pp7EGTBBiwFiRYTYJgUDhdswtDXhO6HaZ0Hg951p473O7YJAzZ07q27evzQKlsQSAuHIB9pSBRtYABQBsOQXFxhyo8QfYv3//XmVtSsP9KcN3avfjTwC5YUMRqGbRueLmQQUClEMamJeX14nNmzfL8r+iAHRk/1fkfwUAAojZsstEdDUmJuaaZfIp2eRnUwx4pHULbr6FvQLrL7A4BRlxAZVHJx0QKNSGnaf6h/CaDXzBHJTXVYLHOs6/+E52m2Dw7rvvUteuXcnf3z8+IOAsFxBXMcDIHKiIAY70AHJZcUN/gOvXr29X1iMH3G9tu6Ldg7sACsJAEZhFuSgLQG/cPKi90AYADRky5NC+ffvWPXr0aCkR+ZBx3n+r1F9kbf9X5X+xQdcqVKgQqi5A4/UOrAGKV+AfXE668RqtMlDxCdBzAZVHEwq1SiIg0Ip1Jv2eGINB/2eEdn8Qqs8kfFTTJhh88MEH1LNnT9q/f39sAUAPAnERAxy5BjsyB8rBQUZ6AL0/gJIkZGtQUNA2ZQ0yCVpw5/69ETQtrX0lcIIQTTM1BmAZtPbJsWPH7j527Njq58+f+5C1AtAq779YWEP7P7Fc9hcxmxa4atWqB+rkP+tsLAbI4cGqU9B+VgY2Wm6JDbDHBSQlEPjUk02nve8zGPR9zGAw4JkWDAa+Yu6g3hJC/pY2wSBPnjw0btw4evDggbMgEFcxwMgaYAsAjPQACgA46w+gAIBaNyAsLGyLMu/UghbcvX+6mIA2AN7TA0BD5YKGJgxogjSgTJkyvZw9e/b2c+fO+YaGhsoAEC8FoAIAMTExNzRiQO8g55SBHY5zLXmZCzDUBSRREPikKaHHNbaefP2vBQwUzmDAMy0QDHpN6HmL0GAFIU9Tm2DwxRdf0M6dO+MKAPbEAGedgpzRA8RLEVi0aFE14/YEE/auoXaNB4ItAZrmpVzgZcKAekoDKl++/D9Lly7dGhgYuDw8PHwJWXsA2goAsqsAJGbTrhPRjfLly1sqxtRdaJsL6B9C6BPEwUOGXICkC5D9AmQAqPxj0gGBAh6sM/G6LMDgJnMGfYJYp9IvWBIRJCAY9IbQ4x9C3UWEbFUNgeCzzz6jpUuXOgsCrhID7OkB7CUJsaUIVABAowj09vY+o8yzpwn75qVd2/FgkV9jCfifcsH/TBiQhzSg+vXrX1q/fv3GW7duLY+OjpYBILYegBoFoAQAN/fu3WsRAzIWJQx+Y9s12IoL2MkBQqpFwIZfQFIFgXwNeJ06/SnA4C8G0K9vsU6lzwNJRDAAgsFvCO1PcPr2lBmsgCBr1qz0888/x4SGhsZHDIgvAOj1AI4UgXY9ApcsWXJMmZ+H+Xu2CMDH0OUGmKZcMM2EAVWXBuTp6XnW399//f3795cKANC7ADuyAKgBQKRVAAYSy2s3iej2Z599FqEuQovfDcQAA11Al3PCIrCV6wrWXyiiBPXegUkcBPLW4ZRqbQ+xArXzGY6t6H6FMy6pIsIjnXggA0Eooc9DQoNlhA9KWQFB5syZadGiRXHhAhzpAewpAvV6AHsOQUaBQYaWgI0bNx5S5lXdhP2apl3LjTAwBfooF/iYMKCS0oC6du16Yt++fWuDg4N9iC0AsglQbwGw5QJsZAHQAMDcuXPVxIzI05gwNMIGFyB0Ab3u8Nes40nhF7CBS4rVmyeJApOsRYGkCgK5azBQttxJaL2XE6x0PMkg6nXZwhX0vmcRDwY8kzgCAQJKrobm/oRcDbXvAChv3ry0bt26+ACAI3+AuAKAPUuAnC5866FDh9QcgSVN2Csf7RruA1AAupJhas6yrSYMqIA0oIEDBx45evTompCQEAUA9CZAey7Adi0AYqNuEctvdz/44AO1Nh1a7dMBgM4ioLgHd73Ah7nFdotCUBYFFKtAMggQclblNWq2keC5jeMq2h5gEUHlCv5mXUHve0JpKAGBzA0MDuP/tjlEyO1hBQRlypShw4cPu1IMiI1DkLOWAEOX4ICAgN+VeRQwYZ+2atfuTwCfQZckVGVJDpkwoOzSgEaOHLnv5MmTq168eOFDbAFQAMBWDMBBMrYAGAHADRkAZsyYYUkSkr0GHzBbFoH+T/mQ9rjGh7ftASEK+BIaLJKsAjb0AUkVBHJUYk7JYyUHVTXbzNaUNvsI7Y+yp2XXC1yPQQWCR1odwaDXEgiEEQaFstiWtYoVEIwdOzbm+fPnrtIDGAGALUWgo3ThsiVAAwA3b95UnYGym7BHh7RrdhVAUeh8AdRy2udMGJBcA3D8+PG/nz171jc0NHQJaU2ARj4AsTEBXtcDABHd//jjjy3FIhv62uAC5FwB/1pEgdZ7CM02sVVA1geopkF7IDA66YDAxxV5fb5cwmvVeDVzBS38eQ3bHeYMTFZA8JitBqp+QOIGFBGt0WpCmhya9+XPn5927doV4wAA9HoAR/kBnMkTGBdToN/Tp09VZ6CMJuzPOe3+3AZQHLqowOvKBddNGFBKaUAzZ87ccf78+bgAgGIBiBUA+Pr6qrXakDobodc9+wrBvg+Fi/AFYRX4neMEGi5j02CdWckgYAQCH5VnLqnefE6x1nAZB1g13SDEg90MBApH0OMaJ2jtE8Q6GFkskEFgSDj7cpT5Tvs+gMaNG6fnAmILALE1BdoCAMUSYAgAkZGRqjNQShP25rp2nR6BHf80zkD3lQvMOIzyps2bN2/bxYsXV0o+ALacgOz5AASQDR8AYsXNHWJFzn0ielC6dGlLxuBivYwVgrIo0CeIrQJdz7M+oOUOZm8bLrUNAqpOQG8dSEogUI49KOvMZuVpg0VCPPC1AEHrPbymnf5k0+tX11kB2/chr72GG5BAYEg4h3h/qC02WqZMmZhTp05Fk2NLgBIZGBdToC1fACNToAIAmuxA8pjdvS/3tfvyHEBZAB/IAKB+Fc0oBS5PftGiRX5Xr15dERERYeQEZAQAtnwAjADgpg4AgojoweHDh0M0B9UqRkAnCvQLlvQBZ9nc1cJf+Af4OAABG9xAUgkgyl6W16XWDF6junNZPJCBoIU/6wg6HGerQfcrQiy4L3EDNkCgXzCh1Dead6ZJk4b8/PyMuIC4mAJtxQQ4CwCHEhoAQrR78gZABei8AdXEGe4OBNIDwJIlS7YGBgYuj46O/s0AAIy8AGPlBGQEAET0aNq0aa/UcaR6j33WbYoCzy2mwe5XhVLwoB0QmKLzFkzqIFCG16TmNC0QKBxB49WsW2m5k9e140khFgQKbuCR0A0YiQQCsJttY5FOeu+iRYuibQCAXgyIDwA44wxk5Q1oJgC80e5HBIAvAHwoA4DKEkeaDADCDXiFDgBimwfACABUHwAdADwUG/ukXLlyFlEga2VdARFJFFBAQFEKdr/KLKsMAg2XcuhwndkW64DqJ2CHG0gyIFCa10MDBIposJiVhU3WsqWl9R62GHQ+y9zA17eEbiCYOTJbIOD1NyFbNc17J06cGOUEAMQmKMgoKjA23oCmA0Ckdi+iAVQBkFkGgBjlghiTAWD58uVbAgMDVxCRLQCIqxuwQwA4efLk83Tp0qlzxycd+HAZgcDAV0Ip+EiAwBWJE9gudALLhHVgjvATUJyFjEQCCQiSEghUmyABwXShIxDKwi+XsFjQbCPrWdoeZGtBt0vsUdj7nhAJnvN+GIFA3ye8j9J7R44cGU2OTYFmAYC/2QAQo92HGHAF8CyJBgBu3LixnIgcxQHoC4FYJQIlG16AtgCAiIK3bdv2SnNIiw8QhyrCCRAQ4kC7w3xgm27gJCINFrGzUO1fDEQCG0CQVEAgW2leBysg+IXXrMEiBtIma7lUW+u97F6sigR3mRNT9AJGIDDwFaHkEM17vb29o9wAAEbuwHKCUFtlwxMaAKrrASDBRIA4AkCs4gDsAMBTIgqZP3/+G80hLT2MnU9kEFA806xA4G9WXLU/yibCZpv4K/blEmZv68wSIoHEDdgCgiQDAqV4/tXGMzDWmMzro4oFCjewih2JWu3i9e1yjtf76395/e2BwKBQQoUfNe+dNm1apB0AMPIGdHU8QIIAgIEIUANcJERtCaYETGgOQGz4s4kTJ4ZqDmmpoXy4NFyAHgQe8xepxzU2EXY4zvJr863sEttwKYsEdX9lVlflBmQgUEBAyTacROoOZCvFc686TnADE3XcwFyhG1jBnFXLncxpdT7DnJcRCMgAMCSCMDicUPpbzXt9fX0jbADAW8sBGCgBa4KTg6otwcyAEgCYrgOQAYCIno8ZMyZcc0g/60Lo99QOCAjrQO97LKN2u8ga7LYHWC/QdAO7xDb4TVgJZvNXruY0/upVn6jVDyhgkJRAoMpYnrciFtSYLCkJ5wiT4TLWsbTYznqBTn8K5eBt+yAwNJL36/O+mvcePHgw3EUA8J/QAejMgKFGAJBgjkBOAIDbrAB6ACCil97e3loQ+Kgm4asbxiAw6LXFT6BPENuuvf4SeoEjzLo23yK4gWVCNzDXIhbogUAWDZJIGTINCKjcwCQhEvzMoFl/AXNTTday1UUDAg44gaGRvEd5mqjvzJs3b8z58+fDEggATLcC6ByBXhgBQIK5Ai9dunTr72A/aAAAIABJREFUjRs3lukAwO1+ADYA4AURvZo/f74WBNLmJbQ+YB8E+j9l77Wv/xUiwQVCxxOcVajFdtZse/iyz4AqFvyiAwKdjiCJFCRlEBij5QZkkaDOLKEX8GEw9dwmgYAiDjxmjmzQa60+QPHt6H2fkLGw+s5KlSpFUwL5AURGRqrRtwngChxsBAAJFgw0d+5cfzsA4BZPQEcAQESvN2/erAUBgFB1qqQXCJf8BEQeAUUv0PsehxJ7XWZuoP1R1g14buM4Ao+VrOSqv4CBQMMRCB2BYjVIMiBQUgsCCjdQY7JFL1BvngUEFE6g8xlWDPa6y+LYwBeSx2CEFgQ6nCAgpfrOTZs2hbkAAGLtCZjAwUBBMFACJlg48PTp03fqAMDtsQBiYx+LjX6qA4CXJPzEjxw5Ela0aNEYzUHNUY/Q9ZLWHVV1G1b0AsGcVUjDDZxiJVarXawkbLJOAoKFkmgwQygLp1rEgyJau3YyCPgIcWA7r2mXc2wi7H1fxA+85P3QiwJDIwnVZ6jvy5kzZ8yzZ8/0AOD2WICbN2/uUMaQAOHAN2FgBkywhCDjx4/fHRgYuJyIFpMJ0YBOAsArAQJvoqKiQvv27RulOagpUhFqzGRil0FAFQlkbuA+6wa6X2VLQceT/OVq+bsOCHwkIJjNVgOZKyjSMYmBgAIEOhBQxIGGS3ntWu5kDqvrBea6+jwQbsM6fYACAINecS4Iy/kLdxIAXBYNeOHChV3K+xMgIchfMHAE8lEu8DFhQHJKsJEjR+4LDAxcFh0dHVsAiFM+ALGhD3UAEGILAIhNRmEbN26MzJgxo/awZi5PaLXXAAQkbqD/U1ZS9brLB7T7FS5C2vEEA0GrXezw0nQ96wgaLmXzV735kngguIKinZMQCPxkHwTqL2D34aYbeA07/MEeg6plQNYH6LiA9n9o3hcQEPCKTMwHkMApwU7DwBU4wZKC9u/f/4gOANyWEcgAAFRnIEcAQERh586di6hUqZJWJAAIn3YkdDojgYABN9AvmJWEve6wydDrLwEEJzm6sNVu1hE028jBMY2WW8SDevPYJFb7F0KxbskgUHO6sA4sZO6p2WaOJux0mjmtXndF3MBLYy5gaCSheD/1XZUrV44iEzMCJXBS0IMwCAZKsLTg3bt3P3H16tXlERERi8nNOQHFRiqmQD0APHMEAMT+5BGbN2+Oyp8/vzUQFO3F+gENCAhuYOALAQRPmE1VgKD7FSEanGLTYZt97FbcfIsQD3yFCfE3i4hQvEfSBQHFOlDrZ+E6vJgB03MbA2mXAF7XPg94vW1ZBXpcJ1kheP369Rc2AMDlOQGXLl16XHlvAqQF3waDcGAv5QIvEwYkFwZp1qxZwOXLl5eHhYUpAOCWrMDknC+ALQBQQEBJLBFBRJFz5syJfuedd7SHFinZD73TWQsIqNyAAIL+IRIQKKLBVZZjO59hj8K2B5kraOHP7sVN1mrBoGSvpAcCGhPhVNaTqErBdaxX6fAHW18U06BiFTDiAqSsQkOHDg0jk7ICjx079qzy3gQoDLICBglBEqw02Mcff/w0ICBgRWho6GJid2C31AVwEgA0pkCyJI4wBAAiinzw4EHUqFGjrLkBgFCgDaHlHkv46qA3BkAgRIPe9zjstUcgH+AuAcwVtD/KvgQtfxciggQGpftp3vd2g4DeT2ASK0hVfcAKIQrsZxDtcU1YBewoBLtdVt+RNm3amHgCgNN1ARK4NNgsGKQES9DioCdPnlwpAYDLKwNR3EyBdsUAGQSIKOrChQvRVasal7lC1kqE+ks5/+CgN9ZAoOoIHvGh/fpfC1fQ7SKbuTqeFCLCflZ6tfDnA19uaBIEAUkfUOtn1o80+I1FgRbbGTS7XWRAdcQFFLR4XPr4+LwiN1cGCgsLUy1uCVQcdDQMkoImaHnwnTt3rnvx4sVict4b8KABANisDUjxNAU6AwBKv3fvXvT3338fkz59emsgSJGKULw/1yQY8MIYCPo/5UPb54HgCm5znjw9GLQ/yjEHrXYTKo5ImiCgFwUaLmMlauu97CVoxQUY6AKa+6vPL1++fKQNAHBZbcCgoCA1JXgClQfvC4O04ABwRbnoipsHFQhQDmlQq1at2hQSEvKbAICl5MLqwDYAwJYi0B4A2BQDSFuVRi1UMXfu3Jh8+fJZAwFAeLcQodJ4Nkkpqa4GvhJWg+eSePCI4wx63eUvmgYMAljz3eE4y8lJBgT0ooCwCjRYxCHELfwlLuC2fS6g/1NCynfV5z9//lw2Abq8OnBgYOBO5V05BC24c/2uaNcvGEB7GBQGAQB1YDvdPKhQgEpLA5syZcrOx48fLyatM5BiCtT7AiiWAD0A2LME3BQb6HRQEDmnBzACAX21mphdu3bFVKliXdRCCwbjCG2PWoJaBr6UuAKhNNSAwW1hRfibdQZdLzAxJAkQKGVtFTDiAjqfYZ1KnyCdRUAnBpQYqD57zpw5r8hY/v+XtPK/IwvAEdJaAHYQkd+BAwf2K+8qLWjBnWu3U7t2NwC0gEFpMACYq1w414RN9ZIG1qVLl5NBQUFLoqOjF5GxKVC2BMimQEeWAHtRgY5iAuIsBugBQOmvXr2KmTVrVkyxYsVsg0HqrIQSgwiNNxB63paA4LlFRFA5A0VM+Je9Db+6zk5DSQUEDLkAYRZsuYM5I6/LbHK15xfQco/6XE9Pz3CyHwMgRwE6YwHYS5IFYOLEiX8q7/IyYd3matftDAAPGBQHBYBvlQu/NWFgk6WBVa9e/erNmzd9JACQTYHOWAIcKQLlmABX6QGcEgP0IKD0q1evxnh7e5NdMAAIORsQqkxivUHvIB0YKGLCY7YkKNxBnV+TEAjodQHz2Ymq2WbWkXQJYIVq34fCO/CNNRfQ74n6zA8//DCarOV/oxgAWwpAuxaALl26/K28a7IJa/atds12AagLg/LgAOCpoqAJA9smDSxz5szPr1275hMWFraILKbAuOQF0CsC7bkEx8UhKM5igJ1OV69epYkTJ1K5ctoiF9Y9BSGfJ6HqFK6V99UNLRj0fypEhcfsNJRUQKDaeK1F4Msl7BfQahebUrv/baAM1IkBuRqpzwwICAgm2/K/7AJsTwFomAcgX758z5X3bDNhvTy167UMljiAFHoA+Fy58HMTBnYHoA+lwe3Zs2dNaGjoInIcFRgXRaDsEWg3PyAZ+wPEVwywBwKa9uzZM1q1ahV16tSJsmbN6gAQQMhUhnMYNlzJabSVarv9Q9g0liRAoLSFC6gzS7gI+7LfRPujIkbgXxEubEMMqDZNfd706dNfkLX8f4u08n+sFYBBQUH+KqchaMDda/W5dq0mACgPnReg0lIrF6aG+7WTBFB9aXCjRo3a9+LFi0VkrAh05BIcF49AWQxQ9ABxFQPizQXYahcvXqQZM2aQTR8DfU/1HuGTdoTqPxNa7ibUnpM0QCB7aeEiPENSBm6yLQboAaD1AfVZrVq1CiVj+78zHoA2XYBXrlx5VHlHfRPWKBBafxsAvQGUhM4JSG5/KBf7mTDA4dLg8uTJ8+jRo0e/EZGsCNS7BMt6AAUAZEWgM3oAZyIDbYkBsbEGuAwElBYTE0Pnzp2jOXPmUIcOHSh//vzOgcK7BZMICJQRykDhGNRkHftJdDrNPgF9gpgzMrIG9LylPqdw4cKRpGX/nZH/7bkA+xPR1mLFij1R3jHchPXx065PEIDOAIrAwAdAaROVGyaaMMB1AKWQBvnvv/8uiY6OXkjGLsHOegQ6GxosiwGKHsCWW3CCcgH22v3792njxo00bNgwqlixonOA8DaDwEflJDFgFXsGdjjO0ZdqlKDkGqyWgwvT+AOEhYXFJgTYoQdgTEyMmgcwhTj77l6bidq1OQGgJYCCANLaAoDOyg2dTRjgTYDySoPctm3beqEIdDY92EGKvT+AI3NgXJ2CTOECHLXw8HA6ceIEzZgxg9q2bUt58uRJgiBQXlgDVnDSlXaH2U9Cdgoy0gPk81SfcebMmUdkzP47Y/8/SLosQJcuXfpdeXZecfbdvS6dteuyBUAj2DABKs3UmIDXADWVBvn999/vf/36dVz0ALYCg5wVAxRzoJEyUAYAV3ABbgcBfbt37x6tW7eOBg8eTHnz5k0aIPBxRU6u0mwjx090OedYD1D+B/X+ZcuWBZNz7L89+78q/y9evFgNAW4qzr6710QXA/ALOBVYNhhYAJSWQmZTAkwYpLc0yOzZsz8LDg5eTMZ6AHv+AHE1B9ryCnRGGeguLsAtICC3JUuWJA0QyFFZ0gP86dgrsJbFf2LChAnPKH7mP438nz9/ftX8523CWgRAK14DGASLBcAmAACAqqlcasJAj0AbGHTu3LkVOj2APX8Ae+ZAWQxwFB5s5BRkSxkYFy7AdFHAUVuzZk3SAIFc1ThvYMeTHEPR+55tfwCPtep9gwYNekG2tf+OMgDZDQA6YsI6LNWuQxCA7mBTvyYK0KgNUhfBhIE+BKiMNNhff/3VX/IHWErGOQLjKwbcIvtpwpx1Df7PcgFESQgE8tS2owiU8gW23q/e07Jly9dkHf0XJ/bf399fTQFWRpx5d6/BIO0a7AfQBsCnsKMAVFpV5caqJm2Y7K6YK1euYMkfwIfiLgYoqcJtOQUldi4gGQRcCQL5GojoQDsOQZ3OqtfXqFEjlOw7/9iL/9ew/5988olaes8MN3sStCvN3wdOKACVlla5MS3M0QPsBCiDNOBr164tdUIMiK01wFZwkLu5gPgoBE0BgiQDAgWbaJOE6AGg+zX12hIlSoSTcfBPrLT/z58/V4uAZID7I21J0Gxa7dy/B1ANXAzErvyvtFPKzQtNGPAjgEpIA541a9aOiIiIhaQVA2JrDdA7BdlLEpKQXEAyCJgJAp96ciSlUX6AHtfV64oVKxZOxsk/HDn/aNj/9evXH1ZBRZx1d895oXbOjwD0AVAGwPvOAkAP5QE9TNqoH6RB58yZM/j169cLybEYYFQ2/A9ynC7clVyAM96BySCQmECgUGtjU2Cvu+o1efPmjSTbtn9Z+WfE/itVgLcWLFjwmfLMH0yabw/tfPcA6AigMID0zhA/ABRTkRDmlAw/DG3NwM2bN2+UxAB7TkH6egFxVQbGlguIj0IwPiDgViBIMiBQuJ11+bDeQervOXPmjCTnlX/6/P87iGibXAAkozjj7p5niKBZaa4LADQBkBfAO84CAMDpgwgA+Zsw8AiAGkkDL1iw4AMnxQB7ykAzuABXigLJIGAmCBRpr60cJAFAjhw5Isn+19+e8m87EfnJvv+NxBl39xz9tXMMB/AdLA5AVjkA7LURyoNGmLRB86B1Xnj58uUCsjgFGcUG2PQJmDdv3vUyZcq8lDc8TZo0MVWrVn29YsWK+xR3LkDxDnSXKBAbEHAbECQdEOhgAYBe99W/Cw7A3tffru1f7/s/z6T5jdDO7yQ4AjBW8r/SqikPqgpQtAmDvwMt+zJnzpztQgzQ5wjQ+wRoUoV17979rmaTDXr//v2fkmMuwBnvwPhYBVwFAm4BgqQDAh0FANxT/5YnT54Icu7rb5T6y2/NmjWqQ10xmBP7Hw0r898aAO1gIwmoM00teLHPpAnIPgFZs2Z9FhERsYC0ykAlV6BRhOC+gICAk46IX+lly5YNPXHixF0yThbiKEYgPqKAszqBBAeCJAUC3QMt8yxSJIzi9vX3J6ItOXPmVLnPb2HOB3Sf9RkfDaABgFxwwv5v1MYoDxtl0sacBNdMV967cePGTQY+AbIyUGMSnDZtmpreHDlrEyqPJlT+UfRRhBy1NIuUKVOmqO3btweRdZCQrRgBWSHoyCrgKhBIUCBIMiBQsIn6/xUqVHhDsfv6q6a/PXv2HFCek12caTPmM0o7n3MABoMLgWZGLNl/pdVWHlgNoHATJhEKUFtpIvnz538klIFKhKCeC5BNgrunT5/+lwYAqvxkAYEqP3Em2cKduEiH9J5JkyYFk3HGIGcUgvYchPTpw8wEAZcBQZIBAdG//PLLFxS3r//WIkWKPFWe0xbuT/1NgjaraeewCUAXsEUvQ1wBAPKi7DBpU3YAlEZ+744d64mVgUaegZq6AVOnTr1sAYC6TPBVxggQGM3/rj6JUP47QpqPNZtetmzZsFOnTgWRbYWgI1HAWX2AIxBwBxDEBxBiiChmzZo1mhqIbzMIdOzYMYRi9/XfQUR+sukvjck0o5uDN4DGiIP5T9++Vx76jUmTeQVtnoBPP/30QXR0tKILWErGdQP8iWjntGnTLqmLkLsBJ4usOk6AwI9cUKL6JELtXwi1ZxFy1tMsXMaMGaNXrVr1mJwXBRzpA/QgYEscMBsI7AGCzeuTCggULlw4lCw+//qcfza//rLpr6k4y2aM/xvt+M8AGAqgCjgDcKzMf/pWUXlwCRM3exO0JsE1a9ZsJie4gKlTp15UFyKvB6eKrjGFU0dX+Yl79UmcNupLH04YUf57K5GgQoUK4WfPnn1EtkUBRyAg6wPs6QScAQJ7IOAqIHC6JxUQaN68+VOyb/fXfP3lqL8U4gybMe770LrSA1gLoCss4b9xZv+Vproz+pg0qQiAmkiTyp079xNnuIDJkydfUBeigCenhqozi0tJVxvPXEC1Cfy3hks5ZVTbQ4SmmwnZtOW7Pvzww+hVq1YpOeL1ooBeH+BuEHAGCEwDg6QCAp6ensFk7fN/kAy+/rLbbxOY4/hDgialMUcAGAsL+29VAiwu7SvlBe1M3Iyt0LoH+/j4+JE1F6CxCEyZMuW8uhiftid4rORCEXXncsbYqt7ca89kAPD047LbXS8Qul/hGn1IoTkEpUuXjjh69OgTAxAw4gJiCwL/WSBIKiDQvHnzJ8Ssv02vv3Xr1h1Rrs8ozq5Z422nHe9RAEMAVIYL2H+l5VJe8D7MyWhCAEUB1Eqa3EcffRRihwvYSERbJk2aFKAuRhEvLg7RdD0niKw3nzmByqP5v18uYQ6g/VEGgK/+4YwxbY8QPq6tOQQAaNSoUS8eP378iOx7CRpZBuxZB4xAwJVA4EpAsHpuUgGBJk2aPCKt4k9j98+VK9cL5dpW4uyaMc4jgialsS4C0AmWEuDxZv+Vpn5ZR5q4EYcAyipN8JdfftlJFi5ADhJaT0SbJ0+efE5djM/7MHvfajcTuscqBoHqk1gcqL+Ai0coWWO/+odLSPV9zL3uIkLqzJqD8N5770UvXrz4uRMgYEsx6A4giC0YuLQnIRB4QAZf/0WLFqn1NLKKM2vWGEdqxxgCYBQszj/x0v7rW3XlRSUAumXSBMMB6ilNMlOmTK8MuAA1VHjixIln1QUpOYizwXY8QWh7kOvGe6wi1P2VrQK1fyE0XmPJGtsjkENC+z4WeeNeEHrcIHzeT3MQAFC+fPmifH19n5N9paAtE6EjEIgPEJgNBlFEFPXNN98kCRDw8PAIIinij4i2ZMmS5Y3ye0+Y4y9DggZ1yr+tAPrCkvzTJey/3FQlxywTNyEAoALSRAcPHnyUiORQYTVGQC6/jDLfcmHIbpe4Vny7I1wowmMll5CqOo4ryLTYzkkjvf7i3PF9Hogae885d9yg14T2fxDyWDzFdEDwwgYI2PITMAsI3AUGVu8pUqSI1dq8rSDQsGHDeyQUfz/88IMqchaAORm0lD5LO64IAJMAtALn/ksHF7L/SuugvLAeQC9NnKyuyoliFtQnDFk7fvz40+p1ZUdwDrieN1jB1+Ucg4DnNpb/q41nZWCTtaKG3DkuIdXrDmeN6f+UuYCBrzh2fNBrQrNthA/LWh32vHnzRs+ePfuVAxBwViSICxA4AwZxAQWHzxs8eLDl659W61z1FoPAna1btx6S/2ZGNS2lvxQ0KL3/EIBhYE49O+Lo+++opZMnvMLECYcAVEt6d65cuZ7s2bNnA2kjBVdPmDBBTWeG8j/w17z3Pc4F1/1vJvK2BwlNN3ANuSpjCA0WiQoyRwhdzwtR4A4Xkej/VMsJDA7lhJIe6w2BIEOGDDE//PBDaFBQ0DMBAraUg+4EgtiAQXx6pLe3d7RmDeotZjMr3n4QKFCggMoR14I5iXOUvkI3FgCzwa6/nwPICDd8/ZU2RHlpS5M3YCu0Gs/ChQsHkc4sOG7cOEs0YIUfmYD7PuaCEF/fZk6g02muHd9oOdeVrzmN/7/FdrYIdAlgsPj6Nt/X74lFJ6BwA4ND+d8e6wmZK1gBAQCqUKFClJ+f3ytyrBcwAoHYAoE9MHAFKFg9b/To0VriL96fQbT1XkKF75IECECcSTPNfgSmPWkMZwD8H1j5lxsuVv7pW3Z58htMnHQUQEOg9RDcsGGDIgosJaIV48ePP6GOr+JP/PXuH8JE3CeIxYGuF/igNtvE/gGVfyTUmc015VtsZ6tA5zMEr8tsGeh1R9ILPJOA4LUQDV4RWvxOyN/CEAg++uij6GHDhoWdP3/+pQ4EXAEEcQWDOPeAgICoypUra5R++KQdofVuVrQ228jK1tJ933oQSCHOpFlmPxI0pztjPgC+Bif+cIvyT99+VF7e3uTFvwlQOWnyefLkeUKsEPyNiJaNHTtWrcGGL8YyoQ58wYTb9zFr+bv/Teh4iivGNFwmXIUncF15D192Dmqzj9DhD8ENXGHg6HVXAIHgCAY8Z3FABoOOpwllviOkzGAIBoUKFYr29vYO++uvv17ZAQFngCA2YBBfYFDv37JlS1SOHDm08/qkDaHZZva38FjFa9pgMa9n8e5vNQiUgzmFPuXeXnumLoI9/5oCyA9O6+829l9puZUBpAZoo8kLsAFaD8Hhw4cfJpE6zNvb+5gGABTl3cAXLA70ecDE3CWAzX9N1vLXv8pPDAT15rHTULNNDBBtD7KFoOt5BoKv/mHFYp8gYS58KnEFEhj0fkBosJzwUU1DIABAn3zySfSwYcPCDx069CY6Ojo+QGALDJwBBKf6rl27IkuWLKn96iMFoXgfQuPVvGZf+rA+pd48XtPaM9n7smintxIERsFcDpgEraXWniNfAP3AMTuZYcLXX2mq84OZ7sEEUAxAw3XENHfu3J1EtPinn35SXTLxhTfL6oPeMGEOeMba/a9vc5WYdkf4y1V/IesCqoxhfUDduewm3HgNKwdb7WKHoo4nGDi8LrOi8OtbrGDs80ALBjJnMPAlV5ypMpmQ0dpUJvdKlSpFTZs2LezMmTNvoqKibAGBM2BgDxCcBoV79+5Fzpo1K6pQoUIxVuPNUJBQaQybUesvZAerur9yjEWtGUz4NaYIp6sJnIATbx8IxJj8Pp3bbzCACQBaAvgEnPbb7V9/pZWWN3S1yQvxL0DVpfdnyZLl5aZNm7aMGTNGLcTAABAmQEBwAf2esEzv9RfXi/PcxsReawaHClcdx4e3zhxmYxut4AqzzbcSWv7O5sIOx1lH0PUCF5z86h8GFRkM+gVLYoLgDgY8J7Q9yuN6v4RdMABAFStWjB46dGiEj49P+KlTp0Jfv35tDwjiAwjh4eHh4RcuXIhYs+b/2zvvMKuqq43/LkJQEEVAbHyjElEEEQuJ9DLACAxdWigiGsWuSQzCJzoKUgVFICBNsSCiWICIRsFeMBZQx4/YEBMhakyIQAxN9/fHu8+9+5577hSYmXtmOOt51vPAnVv2WXuvd6+99iqP7L3uuuv2NWnSJFXpwXDI4YYGgw3t75aMsmfZ1OoZyrxsNy2h+G0m6aq11e3Kvzh1QIUEgbLipanz8QRwDYm4/0PKQO+TaLw3mJ6UXe6zx2+CyXIEkpWV9Y+8vLzE3Wzz21X3/bpd1grYoV165BYp7uC3DH1XS8mzZ2nBtrhFi7bdNO1mneZql+v6oI4LvZ7SZ/qvlQUx+C1dLQ7/MBkMLvvKHhO+tT6Df1lA8CyE7w1D3lVL6hN7p6Qjp+OTTjrpp/bt2+8bNmzY3rFjx+6ZN2/enuXLl+9+6aWXduXn5+/6/PPPd3399de7tm3bFudNmzbtzs/P371u3brdq1ev3jNnzpy9Y8aM2Td06NB9HTp0+LF+/frByu5y5VqGn19gaDXBKvp0y9MMbe+Q0redYpV+YrLitxwn66rlbWrKQQQCxeWdSMcc2W0EJqHAnwaUcNx/UamWO5nzMiCYe8BUd8bQrl27T+Nj8gDg+t322m6nlHDkVgX8DHlbu3q3h6Xobe+wi/VWLeC2U2UZZM+WiZuzSNeFuUvl6e69SseD/i/o+nDwnx0w2Khjwq+/kM8gbh1861gIFhSu2ibA6PucocVEQ1YPQ6xKkQChVLlSNcMxrQyNRkgurSdKwdtMdnhSgNK7iu8p/60JjkCg2DwvdX4eQLt/S9Tzr8x3f4/iFYPagvmyjAWzE8yV6RZw89ttzXcfAFz+dynnkHeUKJT7iBKD2t+phdwiT4u29YREnECHGQ4QLNSxodsSWQU9n9D1lwcGA1+Vv8A7Jlz0kbUOPrOAYC2EkVutlfBNAhiu+IcshpFbDQNfN3S+TwFNJ/YyVD66ZBQ7iCtVMRx5huGEHMPpww3n3pBcSq3lbTaV+vY0PD5A6X2K731XizzDqRck/X4EAun5S6Rbjrw+JHH2z9ju71ElZ2BmfAYE9BWYjkGLOgkAdskPcPW/tRNf8pkUtN/zUuLO86XkbSZrAbe4xS7627XDtZ0qk7fDDB0XOs4RaOQs0rVXtyXyFfR8QpZB32cVEDPgZcOg12UdDH1PtwnD82UhjPjYgsImORQv/VL+icu+ksUwcouAwOPLthiGfWDot9bQ7RFD27sFDo2vMNQfYDguW0FJ1U81VP0fy/UMNc821G0t5a7fT1mS54wyNB9naDPN0GGWofMCOfE6zJAl1HqiVehbbUXlPKvItzlKPi5A4QtR/BZ5iSrNEQgUicenru0FwFVAczJ09vfTldjBnQrmjQwI6SMwZ/oF1fjSRNeXtACwRoqbs0DOrLZTbA3BW5N3vtYTBQ5tp8oiaH+X3p89W8eHzvMdMHgeo7IjAAAXaklEQVRIVkWP5fIZ9HnaWgdrLSC8JgthyNsChWEbZCkMz5dzcsRGWQwXf2L5U/ElnyX+ffGn+tuIj/XeERtlaQz/UN81bL0snMFvCYAGvKxn7fuM4hx6LLd39os1dlf543UUxzkA4IJAEThF6R3FdzkCgQL5DatTjozeRb633mTA818QfYMd5MgMCetPJGcNUu0YKVocAH6QA+6Kb+SsG/qelKLHYzLrs2c69QNvcxa9Y/7GgWCKlKXd9GQwiFsGC3Uv3vUBKVr3ZQlA6L1KinjBcxYUXlT04aDXdMMweJ0shiFvS4mHvquxpvC7+vuQt6Xov3pTyj7wVcUv9F+r3+i7Wkrf8wmNo9tDUvycBRpv9kxbO/GORK2EpGrKtySDQLE5QPEjECgSj0xW/l3AHNTu6xfIB5fx3d+jvtiBVgWzJEMCuxdMTVdoxzSTkly/OxUAhq2XkvR4TLt39qyE+Zu0++UlTN9W46UgrkOs7dQAMJilXTVuHbiA8JAcid0fFSj0fFLXjL1XyVro+4wshgue0xGl3xqNs/9a+Ri8f/dbo79f8Jze3/cZfb73KgFNz8f1G7lLHaVfJIDqOEdjbH+X9eRPca7txifM+LQKfIBKH4FAobzE6pIjl1dQwY9cFPVXKim/B0LxTLyOlF3REJf3gJnsF9xxzX0A8K2NBlwvheqxXOnB2bOlDG0mBeyAecln4LhF4AcDzzKYpl01EBDmaffNWaTf7bI4AQzdHrbgsMwCxGMaX4/lUmiPvdd6PKb3dV9mFf1hfU/XBxIKn7PAUfrZGk9c8Z1gnSTv/a2FAEApcAQCcd5Mil9rG3A3MALF4JRJzH9x6VycQY/NkPB+QLHah7gCPOsqGwuw3QLAFzp7D3hRpvH590lB202XQni9BALPwI4jzPN+pwWDqQGAMENmd/asxLGh01zdMHSeb8FhoWULEnG+z7L9f84iywutotuovE5zbWTebP1WhxlOhN4ddsefnHx95/fe7+9uHoHAAfPYZOU3wCrU6rsjCsUvk5j//aHrsIM+FszKDAlwF5ir/UI851oLAP+Q1/3CD+Qc6/mknHcd59iz8BTrBxgXsAvmOc6u2woBg3SA4IBCu+nJwNDhbgsODkB43PEPCXZfz55leaYTlXeXE7AzLVnpCwvWSXHilbCSN49AoCBeaXXHkcEGVO1nEGr1VYMQ7v4uxYNxuoPZkiFB/gfMpX4QaHql7tndfIDeKxNVgzvMSGQHpj0L5/mAIAAMCgIEf0CNHxji4DDNibgrjKf5ovKmOgofpPRpFL+0lb9InHfQBgttIbkfBrATuAdd+7WkFKv9lCR1wnmIsuosHMTfgxnhB4Fjf6ncdS8foM/TusfvPD/RRCTpKizIG+4AQVowKAAQkkDBDwyTTGrEnQsWU4L/5n7W+z7v+9NG6BWk/EUEgMJ29OIqfzxY6OADAV+HXwOsQY6/7kB9Mhz0UxwajX2Ioyn7tEmXt5NcWRgw1D1LZ//Bbylop/syexMw2zkGTEx2ihWoFOnAoABASAKFgCi7JIAoAqeLzitM6Ytzb1+qYOCX4W0HVQLRcqsrzvPmA9NRm6+myPEXmmu/otBfsA+TDWZjBoX7A/IJVHIFfFQDKX3/tfKsd1ks55kbEBN4LVaYcuQFLOZ0gJAGGAIBogBO9/mCIvRKUvEPGAAClN97/gqaSuzyRqsjznPuBOajEnztgONQm69ysft71AHnoa7OsJD/C2Y0ya3HqXaMzOfeK3UMyFlg78ddK8D1kPsVp5iLOy0oFAQO+8Npvr+k7u1LlIPk4kVgThAQnz60QoNAisNapn8e0AuV+S6RJp+ZoGtxHqws+wmkA4HJYI5yhV35MEOzUbpT77LYOgPvTgTIpNyRH+CZuaAAmqKG2u53OG4pKX1JmP5JIDguOQ+j/V2GMy6pkCDgq+9vkNffM/3PBo6iHDj+CqJ7sA/XAMzqDAt8L4oYPMkv+CaXKJAmZ5GuBDvMSAaB+HGgCNluxVawwpS1JLiEd+4gpS82EBSg/K0nSvbt75RVlrPAcPbVFQoEVludcJ5ps9WXa1CN/+MI8Z1/cehr7EOeT2b9AR4/C+YsPwgcWV+LMGdhIkGm3XRfqGw6b3phO3AJmsqhMuFL4HnSKX+76VL+zvMU3dhjueGXYyoECGy0uuA8y26U538T5dDrXxj1wXnYyyj7CkJB/CGYzn4QqFZXde1zFqYmy6QAQRGu1krD2VYhOEj5x/uUf6aOZF3uV8hzn6cVvFXOm4/stDpAMr9GIuCnCeXQ618Y3YDzwONCMBEGBV9cAaaaf0IaD1e4bed5NoZ+hi+UtiiVcIrjfT+YQMFV/lsd5Z8gp2y7afLDdLpHoc/dlynJqf8LieKszW4otyAwLlX5P0Sx/pcC56GAnypUkN3fpZnYh64JZkEIJsOgqMF5YOr5J+bIk7RQcxZqMcaTaZwCmH4wcI8JRQWEQp12mVbYUt79A5V/rgA4d6myJfutUbrz0HcMrSYbYpX9SlQuQGABvoxV2ISu/H4DZKNY/9Bl+pUkfYh9+NMo+7ZKBfGbJPcgBFQuq+nltuHFouQS2P5quAXF26fc1x/ItV0YwOJAfrcg5Z+ho1fOIjllez6pdOeBr6ga0snJEYKHHnroHvf/YQaBFXbNO+PdDtyPzv09UImvwwl5rP+BUmvgW6wQWoN5PQST4/GXqO+AW2wUMNTIMrS41dcEIx0YpEm+KTIgFAIM+w0OZc0F7f7+6747rPL/QRZXtyUK0Oq7WqZ/+9mGQ09MmpNGjRr9c9KkSe+ceOKJ37uvn43CwDO9llx+3a51Z5y7geeBCcBA4Ax07i/XV35FpX44wugBJj8Ek+Txj6gLSzM/CIChyaWJNlhdH7BpuS4YzHLAYLpJLpudDhDSgcJ+AEMmuUhAkOec+313/dmzJcuuD0rGvVcZejxuOGVQyjyMHj36/TFjxqz3v97Mzt2PIVhHHufbNe4b6xvANOAioBmq7lshz/3p6AocgQxFDT8yPVkuf4GaP/rObIbDauvOu9dTWqi5Sy0Y3OcrwDErUYAjyToIAgS/QzFdPH9h4LCfUYKlDgouANyW7PH37vo7z9NRK/cR5Wo0G2OoXDtJ9llZWduvvPLK/Fq1av3gvl7TztUXIVg3Lv/Vrm2SeT3yh10OtKIC3fcXl+JlxQFzOZjvQjBpLu8F8xSYDqmTqGNBu2m6nur1lO6pvV558RJc850CHUUBhABQCEz4KW5eQFlwAYATBwEPAOzu73f6dVtiaDXRUPOsFHnn5uZ+ccIJJ2z3v97BztHeEKwXl7+za9o33o+Auah2RkcgixAV98wETcER0PVgdoRg8vy8DcwkMPWDgKB2I5XW7ve8U4TzcVuEc4ljHSzULucHBPfI4AcFPzAkgYMPIAKzAgvIEixt9jcHiQPAuETfhfZ3yvTvPN/QcoLh6JYp8j3++ON31KtX73v/6/XtnGwLwfrw8w67ln1j/hSV9R4FdEWVfSu8068oNAdHUKNQVZ9MT2IQv4eCOOoEAcHRZ2r3H/iKrcr7JzUNiVsHj9gCnfc7gOA115zjlPAqqLKPr+hHSn2ASamcBBiFsa9GwX6zz+np1lXwOg15jr9mNxrqpip+tWrVdh9//PEpO34dOwfvhWA9BPEuu4Z9494M3Ic8/r2AhsCRHCROv8IoBtyLI7AxYHaHYDKDeA+Yl8D0w5dd6HGthlLyeF3+l5y6/Kt0tRUHhCWJIp6eQ9EFhXgJMM9a8IGDv1dfElC4YDE1FTj2i4O+L81vuMcZr85ii1sSPoDGlxqOaJQiv1gs9pP/jI+VdT8r+z0hWAdBvNuuXd/Y/4rCfPOQA7wxiSSfg9b091MMeAgfCITVEjCozsAK1LgxqdaAx0dkSaGHbbCNOtap/n8cEJ61FsIKp4y3BwoPOpbCooS10HmeU/jTBxBJtQEtUHjc/q4AvrOIHPBZ97v9nGK5TE1UWTr3d4asroZDjkyVF5jq1avv9r9Wycp4hZV5puc9He8KVv6vgAeBcSjMtynq6HNQefyLSjFgKY4ARxFOn4DLe1FFlx5gDg8CgqpHShGG/Fm1COOA4HTu6f+C9SE8I1DovTJhKcSBwSv7bcGhy+JElWB/deDO8xywsIDhccc5xWf3814V4xSe6wMma7W0nmhoOFz9BwPkU6VKlX1VqlTZ53/9cCvT5YTPwefnHQSa/VuBJeiufzBK761DOSzuUZaUAgLXE77bgSDeA2YVmAGkVHZNcO1GhtyH1ZdgxEa1BLvwfXX7GfK2tRJelx9hwItOh59n5WD0wKHXU7oqc/sD5D7i9AdYYnsNWMDo+oA9atzv48UFsO+93ncEsfceD5Da3Wk4Y6ShznmGWKVAWVSuXDlF6bGyG2BlGVZT3+XvCHT4bQUeRo08h6Ky+XWJlL9IFEPIGRfo5YQvTqAgIFgH5gYwjdMBgQcGPZ8wXLhB/f5GfKxipcPzbY+/DbYFmNf+6w0dIQa+omOEBxD+DkF9V+tqss8f5XPovdKCxgoBh8c9n/TxEwFc0HseTwBQ14cMLcYbTh1mOKJx2meOxWJp/9bYymxdOVF8Y9dkwFXfFqT8k4BhKNCnLgfpXf/+Ugx5TeOCHUq4IgaLwn8DMxdMN9IcDzyu1VA756/eVN+CX2+yDUE/UQNQDxjiDUA3OD0C31Y/Qa9H4K/ekBUx6DWVPh/4igWNly1wWPAY8KJtN/ZCctuxeOuxNYkWZC7I9HnG0OVBXdudfrGhVrO0u3xhfLiVzVwrq0zPV3E4n8Agn7+hzWsikfIfMMVQ0ERcwD0IV+5AUXkPmFfA3ASmCZgaBSnG4ScYmo+VOT/8I8OvN6uXQRwYPnfAwd8h2AGJCz/Q8eLC9wUYw9YHNBd9xwEQCyKD1yUclr1WGDotMLS43dB4pOHY9oZDqheq2LFY7Kd0f6thZXCTlUl52e1dfp3A8N7NyOE3AZn9kfKXAMWAO3AE3ZpwZREWl78D8zQyd5sREGocxLUayoN+/r2GXisNA14xDF0vALjkcwsOX/gA4tNEm/ERfxEIDH5Ln73geSl3l4cM2XMNraYazv1fQ8NLDPW6GmqcbogdUvi4isg17bPeYJ+9PPh00vEKUhJ7DPAZuuobhxx+3pk/Uv4SoBhqkBAX+GmEp57AgfDf0S44Hl11ZR2AkoWNs+wzjbfP+PcQyPtAeQEpKb0G2IiOq3noqu9sIuUvcYoBV+MIviaqrhKG8mIlwTtQZ9hHUUpyZ1TBODDGIGRcyY61sx37o/ZZwn6FW1TeidZagLW2AYX33oSCfJoSXfWVGsVQ7vR3OJNwGeEoNFrSvA95mVeBmQLmIlTItJ5diFVSF2OpcxX72/XsWC6yY1tlx7ovBHIrad5IYA2/3cA65KMahcJ7G6Mgn0j5S5FiQHvg/3Am5HwyX3K8LHgvmE/ArAVzP5gJqPVZLjqXngnmZDB1kYc9qU16IXyI/Uxd+x1n2u/Mtb8xwf7mWjuGsAfnlASvJqV6rwF2AC+ilN7rUGJPQxTeG0X4lQHFUBx1vOcAqMZ6ppuPRFxxeCYpdfsN8vQ/jIp5XI5Sen9OIrEnUv4yIg8EkmoKgFotVcQjQcRlwxsJbNdlUC7//eia7yJUzCMLpfRGyp8hqoT8AvE6g6Bmi5nsShxx+eTlpDTqNCTO+/ORs28guuM/DhXzOOjz+TNNMXTlshhn4o5GPde3hGBhRRxu3oLWiq9Ft0GpvMtQ3f7foOq9ZyBPf3TNFyKKIQfMjfgmsTuYlSFYZBGHk1eiNeJfN0A+Cu6ZjJp2ZKPS3TWJnH2hJM8v0A1FZsUn81gwY9HddKYXXMTh4M1oTQRkbu4EXkZO5ptQcM95qGlHdN4vB1QJdVe5Hd/kdgSzJASLL+LM8hK0FvzrA0X1LUEtuq9BjTqboMi+Q4nO++WGvCNBb3R1E5/kqmBGgnkjBAsx4rLlN+zcVyVF8f8DvIocfXnAhahFd30ik7/cUgx1WK2GL5cAMKeiOPUvQ7AwIy5d/tLO9amkPes/hHb961FU39nIy1/NrqFI+csxebcEHYD38S2Atqg5aEXJKYg4wTvt3LYlUPH/DaxBZ/2b0a7fDjgFRfVFXv4KRJ6DsDpwCfBPfAuiJ5ilIVi0EZcML7Vz6p9ndK//Fro2ngxchc76TdGuX53I0VdhKYaSNWoCtxCwQAai/nKZXsAR7x8/bucwaG6BD5CT726UxDMIaEnirB8l8hwE5PoGjgVm4FsolcEMIoomLE+83M5Z5WDF/wvwKGpCczMwAsXxN0Ie/uisfxCSdyyogaK75hOwePqCeZCKk9tekXiHnZu+wUpvUDuuFXZuxwMjgVzgLHSvX4PI3D/oqRJy+NREQUQfErCYOqEMsc0hWPgHO2+2c9EpveJvQw6+BahA51XoSvgXwEl2rqsS3etHZClGIoCoFsr0CrQImqAOMK+GQBEONn7Vyr5JesX/BHgaKf4kFMzTF2iO0nZrkQjoiXb9iFLI8w8chqq7NEcOo5TFdgRyNt0HZmsIlKOi8lYr44FW5kFzgVJ1n0KgPREp/gXIwdfAzuVhROf8iIpIrqOwDvIR3IIixlIWYBMwv0UVZMLa1LQ88W4ry99S4G6/F3gHZevNQRV5r0Q7fguk+HWIHHwRHQC5QFAbmZGXAV+QZmG2Rqmla8H8GAJlKi/8o5XZzQSW3XZ5O0rWWYxucMaibL0ewC/tHNUmUvyISpDco0Et5Eg6H7iTNFYBYFqBGQ3mj2C2hUDJwsbbrGxGW1mlkyPa7dcjM38eCuD5Heq+k4NCd0+ycxOZ+hGVGnnOQu/WoB6qBnsZvn6Gfm4E5mIw88FsCIHyZYo3WBlcbGVSkMxQdt4a4F7gLnSHfwU637exsq9Hslc/UvyISp08IKiCcsTrohjyZsDvgSeAtO2xqtod71owiys4IGywz3itfeaATDw/fwy8hEz8mehsfz0wBO32zays61rZVyFS/IgySF5A0aFoJzoBOB05on6PItDSHhMAEwPTFDWbnISq1HwaAuUtLn9qxz7JPktT+2wFPTuwB3nxvZ1+Jgra+Q1K0Mm1sjzdyramlXUUwBNRqMi1CjynYRYyU1si03UB8CWFK4WpjFpm90Y99eaAeQZVrf0hg0r+gx3DM3ZMN9gxNiZtGG4Qb0Me/JXoTD8d5eFfh871uVZmja0MPadetNtHVC7IA4OfoewyDwwaofJSuehacRkF3Cik49p2d+2CuvPcCGYaui9fAeZlMOvBfIbu0bdZxd0L5ifLe+1r2+x7PrOfedl+x332O2+0v9HF/mbtYo7V8j+RE+9ZYBGKrZiAEnJGokq7OVY2jUgofXUrw0jpIyq35LcMaiFTtgHyXrdBV1ijkQn8IvAV+6doYeB/Iefd68CT6I5+OjrLj0INNQajFNw2VgYNrExqEe30EVVgipHsMzgCOBrteKchZWiN2k0NQnfcC1B46zvAJqRgmVby7cDXqPjqu+j8vgz4A2rnPh4B2jUo866/fabW9hlPs898tJWBe6aPlD6ig4Zc6+AwpAx10NXWKegM3AztlF1RlNtQ5BWfjMzpJ4EXgLeRM20TsBU1Ud0O/ICKYOwj+WbiJ/vaHuC/qOfdv4BvgL8h5c633/sS8EdgKWqIeQcy4fPQrn4NCsYZasfY1Y65mX2GU+wz1bHPeBjRLh9RRCnkWghV0Rm4Jtop66HCFQ2BM5FytUJ57d2APshqGAZcjM7WVyOw+B1S1DGo1PXNyAeRZ/kW+9pN9j2j7Geut98x0n7nMPsbfexvdrRjaGbH1NCOsZ4dc037DFWJdviIItov8oNCNZTHXhM5yo5FCncyOkufjnIXmgLnoBTY85BXvRXamdui+ncut7V/a2Xfe5797Dn2u86w393A/lY9+9u17Vhq2LFFyh5RRGVE3hGiMvKWH4qUsDpSyCORch6FHGy1LddBO7TLdZy/17KfqWm/o4b9zmr2N35mfzMy4SOKKKKIyhv9P62TYpfXPzkGAAAAAElFTkSuQmCC"; + + return PlaceHolder; +})(); diff --git a/src/content/content.css b/src/content/content.css new file mode 100644 index 0000000..015fb2d --- /dev/null +++ b/src/content/content.css @@ -0,0 +1,71 @@ +a.__NoScript_PlaceHolder__ { + outline: 2px solid #048; + color: #048; + text-decoration: none; + text-align: center; + background: rgba(255,250,200, .7) no-repeat center; + background-size: 256px; + visibility: visible !important; + cursor: pointer; + opacity: 0.8; + transition: 1s all; +} + +a.__NoScript_PlaceHolder__:hover { + opacity: 1; + text-decoration: underline; + background-size: 128px; + background-position: top left; +} + +a.__NoScript_PlaceHolder__.closing { + transition: .4s all; + opacity: 0; + transform: scale(0, 0); +} + +a.__NoScript_PlaceHolder__ > span { + display: flex !important; + flex-direction: row; + justify-content: space-around; + align-items: center; + position: relative; + padding: 0; + margin: 0; + width: 100%; + height: 100%; +} + +.__NoScript_PlaceHolder__ button { + appearance: none; + -moz-appearance: none; + border: none; + position: absolute; + top: 0; + right: 0; + display: block; + color: #800; + font-size: 16px; + font-family: sans-serif; + padding: 0 4px; + margin: 0; + background: none; + transition: .2s all; +} +.__NoScript_PlaceHolder__ button:hover { + + color: white; + text-shadow: -2px 0 2px red, 2px 0 2px red; +} + +.__NoScript_PlaceHolder__ > span > span { + display: block; + font-size: 18px; + background: rgba(255, 250, 200, .5); + border-radius: 8px; + padding: 8px; + margin: 0; + font-family: sans-serif; + overflow-wrap: break-word; + word-break: break-all; +} diff --git a/src/content/content.js b/src/content/content.js new file mode 100644 index 0000000..5ba5076 --- /dev/null +++ b/src/content/content.js @@ -0,0 +1,107 @@ +'use strict'; + + // debug = () => {}; // XPI_ONLY + +var _ = browser.i18n.getMessage; + +var canScript = true; + +var embeddingDocument = false; + +var seen = { + _map: new Map(), + _list: null, + record(event) { + let key = event.request.key; + if (this._map.has(key)) return; + this._map.set(key, event); + this._list = null; + }, + get list() { + return this._list || (this._list = [...this._map.values()]); + } +} + +var handlers = { + + seen(event) { + let {allowed, policyType, request, ownFrame} = event; + if (window.top === window) { + seen.record(event); + } + if (ownFrame) { + init(); + if (!allowed && PlaceHolder.canReplace(policyType)) { + request.embeddingDocument = embeddingDocument; + PlaceHolder.create(policyType, request); + } + } + }, + + collect(event) { + let list = seen.list; + debug("COLLECT", list); + return list; + } +}; + +browser.runtime.onMessage.addListener(async event => { + if (event.type in handlers) { + debug("Received message", event); + return handlers[event.type](event); + } +}); + +if (document.readyState !== "complete") { + let pageshown = e => { + removeEventListener("pageshow", pageshown); + init(); + }; + addEventListener("pageshow", pageshown); +} else init(); + +let notifyPage = () => { + if (document.readyState === "complete") { + browser.runtime.sendMessage({type: "pageshow", seen, canScript}); + return true; + } + return false; +} + + +async function init() { + try { + canScript = await browser.runtime.sendMessage({type: "canScript"}); + init = () => {}; + debug("canScript:", canScript); + } catch (e) { + // background script not initialized yet? + setTimeout(() => init(), 100); + return; + } + + if (!canScript) onScriptDisabled(); + seen.record({ + request: { + key: "noscript-probe", + url: document.URL, + documentUrl: document.URL, + type: window === window.top ? "main_frame" : "script", + }, + allowed: canScript + } + ); + + debug(`Loading NoScript in document %s, scripting=%s, content type %s readyState %s`, + document.URL, canScript, document.contentType, document.readyState); + + if (/application|video|audio/.test(document.contentType)) { + debug("Embedding document detected"); + embeddingDocument = true; + window.addEventListener("pageshow", e => { + debug("Active content still in document %s: %o", document.url, document.querySelectorAll("embed,object,video,audio")); + }, true); + // document.write("<plaintext>"); + } + notifyPage() || addEventListener("pageshow", notifyPage); +}; diff --git a/src/content/media.js b/src/content/media.js new file mode 100644 index 0000000..22bf014 --- /dev/null +++ b/src/content/media.js @@ -0,0 +1,59 @@ +console.log("Media Hook", document.documentElement.innerHTML); +try { + (() => { + let unpatched = new Map(); + function patch(obj, methodName, replacement) { + let methods = unpatched.get(obj) || {}; + methods[methodName] = obj[methodName]; + exportFunction(replacement, obj, {defineAs: methodName}); + unpatched.set(obj, methods); + } + patch(window.console, "log", function(s, ...args) { + unpatched.get(window.console).log.call(`PATCHED ${s}`, ...args); + }); + let urlMap = new WeakMap(); + patch(window.URL, "createObjectURL", function(o, ...args) { + let url = unpatched.get(window.URL).createObjectURL.call(this, o, ...args); + if (o instanceof MediaSource) { + let urls = urlMap.get(o); + if (!urls) urlMap.set(o, urls = new Set()); + urls.add(url); + } + return url; + }); + + patch(window.MediaSource.prototype, "addSourceBuffer", function(mime, ...args) { + let ms = this; + let urls = urlMap.get(ms); + let me = Array.from(document.querySelectorAll("video,audio")) + .find(e => e.srcObject === ms || urls && urls.has(e.src)); + let exposedMime = `${mime} (MSE)`; + + let request = { + id: "noscript-media", + type: "media", + url: document.URL, + documentUrl: document.URL, + embeddingDocument: true, + }; + seen.record({policyType: "media", request, allowed: false}); + notifyPage(); + + if (window.mediaBlocker) { + try { + let ph = PlaceHolder.create("media", request); + ph.replace(me); + PlaceHolder.listen(); + } catch (e) { + error(e); + } + throw new Error(`${exposedMime} blocked by NoScript`); + } + + return unpatched.get(window.MediaSource.prototype).addSourceBuffer.call(ms, mime, ...args); + }); + + })(); +} catch (e) { + error(e, "Cannot patch MediaSource"); +} diff --git a/src/content/onScriptDisabled.js b/src/content/onScriptDisabled.js new file mode 100644 index 0000000..e6c754a --- /dev/null +++ b/src/content/onScriptDisabled.js @@ -0,0 +1,74 @@ +function onScriptDisabled() { + for (let noscript of document.querySelectorAll("noscript")) { + // force show NOSCRIPT elements content + let replacement = document.createElement("div"); + replacement.innerHTML = noscript.innerHTML; + noscript.parentNode.replaceChild(replacement, noscript); + // emulate meta-refresh + let meta = replacement.querySelector('meta[http-equiv="refresh"]'); + if (meta) { + let content = meta.getAttribute("content"); + if (content) { + let [secs, url] = content.split(/\s*;\s*url\s*=\s*/i); + if (url) { + try { + let urlObj = new URL(url); + if (!/^https?:/.test(urlObj.protocol)) { + continue; + } + } catch (e) { + } + window.setTimeout(() => location.href = url, (parseInt(secs) || 0) * 1000); + } + } + } + } + + { + let eraser = { + tapped: null, + delKey: false, + }; + + addEventListener("pagehide", ev => { + eraser.tapped = null; + eraser.delKey = false; + }, false); + + addEventListener("keyup", ev => { + let el = eraser.tapped; + if (el && ev.keyCode === 46) { + eraser.tapped = null; + eraser.delKey = true; + let doc = el.ownerDocument; + let w = doc.defaultView; + if (w.getSelection().isCollapsed) { + let root = doc.body || doc.documentElement; + let posRx = /^(?:absolute|fixed)$/; + do { + if (posRx.test(w.getComputedStyle(el, '').position)) { + (eraser.tapped = el.parentNode).removeChild(el); + break; + } + } while ((el = el.parentNode) && el != root); + } + } + }, true); + + addEventListener("mousedown", ev => { + if (ev.button === 0) { + eraser.tapped = ev.target; + eraser.delKey = false; + } + }, true); + + addEventListener("mouseup", ev => { + if (eraser.delKey) { + eraser.delKey = false; + ev.preventDefault(); + ev.stopPropagation(); + } + eraser.tapped = null; + }, true); + } +} diff --git a/src/content/webglHook.js b/src/content/webglHook.js new file mode 100644 index 0000000..ba0d769 --- /dev/null +++ b/src/content/webglHook.js @@ -0,0 +1,31 @@ +console.log("WebGL Hook", document.documentElement.innerHTML); +try { + let proto = HTMLCanvasElement.prototype; + let getContext = proto.getContext; + exportFunction(function(type, ...rest) { + if (type && type.toLowerCase().includes("webgl")) { + let request = { + id: "noscript-webgl", + type: "webgl", + url: document.URL, + documentUrl: document.URL, + embeddingDocument: true, + }; + seen.record({policyType: "webgl", request, allowed: false}); + try { + let ph = PlaceHolder.create("webgl", request); + ph.replace(this); + PlaceHolder.listen(); + } catch (e) { + error(e); + } + notifyPage(); + return {}; + } + return getContext.call(this, type, ...rest); + }, proto, {defineAs: "getContext"}); +} catch (e) { + console.error(e); +} + +null; diff --git a/src/img/error64.png b/src/img/error64.png Binary files differnew file mode 100644 index 0000000..0400d35 --- /dev/null +++ b/src/img/error64.png diff --git a/src/img/icon256.png b/src/img/icon256.png Binary files differnew file mode 100644 index 0000000..a4e2684 --- /dev/null +++ b/src/img/icon256.png diff --git a/src/img/icon48.png b/src/img/icon48.png Binary files differnew file mode 100644 index 0000000..310fbdd --- /dev/null +++ b/src/img/icon48.png diff --git a/src/img/icon96.png b/src/img/icon96.png Binary files differnew file mode 100644 index 0000000..de0b65c --- /dev/null +++ b/src/img/icon96.png diff --git a/src/img/noscript-options.png b/src/img/noscript-options.png Binary files differnew file mode 100644 index 0000000..5fa1020 --- /dev/null +++ b/src/img/noscript-options.png diff --git a/src/img/ui-black64.png b/src/img/ui-black64.png Binary files differnew file mode 100644 index 0000000..5164774 --- /dev/null +++ b/src/img/ui-black64.png diff --git a/src/img/ui-clock64.png b/src/img/ui-clock64.png Binary files differnew file mode 100644 index 0000000..16a3374 --- /dev/null +++ b/src/img/ui-clock64.png diff --git a/src/img/ui-close64.png b/src/img/ui-close64.png Binary files differnew file mode 100644 index 0000000..2e15a2f --- /dev/null +++ b/src/img/ui-close64.png diff --git a/src/img/ui-custom64.png b/src/img/ui-custom64.png Binary files differnew file mode 100644 index 0000000..71335ee --- /dev/null +++ b/src/img/ui-custom64.png diff --git a/src/img/ui-global-no64.png b/src/img/ui-global-no64.png Binary files differnew file mode 100644 index 0000000..40d7e69 --- /dev/null +++ b/src/img/ui-global-no64.png diff --git a/src/img/ui-global64.png b/src/img/ui-global64.png Binary files differnew file mode 100644 index 0000000..cbf6c5b --- /dev/null +++ b/src/img/ui-global64.png diff --git a/src/img/ui-http64.png b/src/img/ui-http64.png Binary files differnew file mode 100644 index 0000000..dec85f0 --- /dev/null +++ b/src/img/ui-http64.png diff --git a/src/img/ui-https64.png b/src/img/ui-https64.png Binary files differnew file mode 100644 index 0000000..11e5b2f --- /dev/null +++ b/src/img/ui-https64.png diff --git a/src/img/ui-maybe64.png b/src/img/ui-maybe64.png Binary files differnew file mode 100644 index 0000000..d3f0625 --- /dev/null +++ b/src/img/ui-maybe64.png diff --git a/src/img/ui-no64.png b/src/img/ui-no64.png Binary files differnew file mode 100644 index 0000000..9f12a64 --- /dev/null +++ b/src/img/ui-no64.png diff --git a/src/img/ui-part64.png b/src/img/ui-part64.png Binary files differnew file mode 100644 index 0000000..806ef15 --- /dev/null +++ b/src/img/ui-part64.png diff --git a/src/img/ui-reload64.png b/src/img/ui-reload64.png Binary files differnew file mode 100644 index 0000000..dd5e0cf --- /dev/null +++ b/src/img/ui-reload64.png diff --git a/src/img/ui-revoke-temp64.png b/src/img/ui-revoke-temp64.png Binary files differnew file mode 100644 index 0000000..215d0a7 --- /dev/null +++ b/src/img/ui-revoke-temp64.png diff --git a/src/img/ui-sub64.png b/src/img/ui-sub64.png Binary files differnew file mode 100644 index 0000000..9c2aaab --- /dev/null +++ b/src/img/ui-sub64.png diff --git a/src/img/ui-tab-no64.png b/src/img/ui-tab-no64.png Binary files differnew file mode 100644 index 0000000..3384b2b --- /dev/null +++ b/src/img/ui-tab-no64.png diff --git a/src/img/ui-tab64.png b/src/img/ui-tab64.png Binary files differnew file mode 100644 index 0000000..acbdace --- /dev/null +++ b/src/img/ui-tab64.png diff --git a/src/img/ui-temp-all64.png b/src/img/ui-temp-all64.png Binary files differnew file mode 100644 index 0000000..a6aef86 --- /dev/null +++ b/src/img/ui-temp-all64.png diff --git a/src/img/ui-temp64.png b/src/img/ui-temp64.png Binary files differnew file mode 100644 index 0000000..461936c --- /dev/null +++ b/src/img/ui-temp64.png diff --git a/src/img/ui-yes64.png b/src/img/ui-yes64.png Binary files differnew file mode 100644 index 0000000..69ad53d --- /dev/null +++ b/src/img/ui-yes64.png diff --git a/src/img/warning64.png b/src/img/warning64.png Binary files differnew file mode 100644 index 0000000..34122e5 --- /dev/null +++ b/src/img/warning64.png diff --git a/src/legacy/Legacy.js b/src/legacy/Legacy.js new file mode 100644 index 0000000..aeb0762 --- /dev/null +++ b/src/legacy/Legacy.js @@ -0,0 +1,147 @@ +'use strict'; + +var Legacy = { + + async init() { + let migrated = (await browser.storage.local.get("legacyBackup")).legacyBackup; + let real = await this.import(migrated); + this.init = async () => real; + return real; + }, + + async import(migrated) { + if (this.migrated) this.undo = this.migrated; + this.migrated = (migrated && migrated.prefs) ? migrated : {prefs: {}}; + await include("/legacy/defaults.js"); + return 'whitelist' in this.migrated; // "real" migration with custom policy + }, + + async persist() { + await browser.storage.local.set({legacyBackup: this.migrated}); + }, + + getPref(name, def) { + return name in this.migrated.prefs ? this.migrated.prefs[name] : def; + }, + + getRxPref(name, parseRx = Legacy.RX.multi, flags, def) { + let source = this.getPref(name, def); + if (source instanceof RegExp) return source; + try { + return parseRx(source, flags); + } catch (e) { + error(e, "Parsing RegExp preference %s, falling back to %s", name, def); + if (def) { + if (def instanceof RegExp) { + return def; + } + try { + return parseRx(def, flags); + } catch(e) { + error(e); + } + } + } + return null; + }, + + async createOrMigratePolicy() { + try { + if (await this.init()) { + return this.migratePolicy(); + } + } catch (e) { + error(e); + } + return new Policy(); + }, + + extractLists(lists) { + return lists.map(listString => listString.split(/\s+/)) + .map(sites => sites.filter(s => !(s.includes(":") && + sites.includes(s.replace(/.*:\/*(?=\w)/g, "")) + ))); + }, + + migratePolicy() { + // here we normalize both NS whitelist and blacklist, getting finally rid of + // the legacy of CAPS mandating protocols for top-level domains + let [trusted, untrusted] = this.extractLists( + [this.migrated.whitelist, this.getPref("untrusted", "")]); + + // securify default whitelist domain items + if (this.getPref("httpsDefWhitelist")) { + this.getPref("default", ""). + split(/\s+/). + filter(s => !s.includes(":")). + forEach(s => { + let idx = trusted.indexOf(s); + if (idx !== -1) { + trusted[idx] = Sites.secureDomainKey(s); + } + }); + } + + let DEFAULT = new Permissions(["other"]); + let {capabilities} = DEFAULT; + // let's semplify object permissions now that almost everything is + // either blacklisted or C2P by the browser + if (!["Java", "Flash", "Silverlight", "Plugins"] + .find(type => this.getPref(`forbid${type}`))) { + capabilities.add("object"); + } + + let prefMap = { + "Fonts": "font", + "Frames": "frame", + "IFrames": "frame", + "Media": "media", + "WebGL": "webgl", + }; + for (let [legacy, current] of Object.entries(prefMap)) { + if (!this.getPref(`forbid${legacy}`, true)) capabilities.add(current); + } + + let TRUSTED = new Permissions(new Set(this.getPref("contentBlocker") ? capabilities : Permissions.ALL)); + TRUSTED.capabilities.add("script").add("fetch"); + + let UNTRUSTED = new Permissions(); + if (this.getPref("global")) { + if (!this.getPref("alwaysBlockUntrustedContent")) { + UNTRUSTED.capabilities = new Set(capabilities); + } + DEFAULT = new Permissions(TRUSTED.capabilities); + } + + return new Policy({ + sites: {untrusted, trusted, custom: {}}, + DEFAULT, + TRUSTED, + UNTRUSTED, + enforced: true, + // TODO: enforce these before ESR 59 gets released + cascadePermissions: this.getPref("cascadePermissions"), + restrictSubDocScripting: this.getPref("restrictSubDocScripting"), + onlySecure: this.getPref("allowHttpsOnly") + }); + + }, + + RX: { + simple: function(s, flags) { + var anchor = /\^/.test(flags); + return new RegExp(anchor ? rxParsers.anchor(s) : s, + anchor ? flags.replace(/\^/g, '') : flags); + }, + anchor: function(s) { + return /^\^|\$$/.test(s) ? s : "^" + s + "$"; + }, + multi: function(s, flags) { + var anchor = /\^/.test(flags); + var lines = s.split(anchor ? /\s+/ : /[\n\r]+/).filter(l => /\S/.test(l)); + return new RegExp((anchor ? lines.map(rxParsers.anchor) : lines).join('|'), + anchor ? flags.replace(/\^/g, '') : flags); + } + } +} +Legacy.init(); diff --git a/src/legacy/defaults.js b/src/legacy/defaults.js new file mode 100644 index 0000000..5526353 --- /dev/null +++ b/src/legacy/defaults.js @@ -0,0 +1,365 @@ +'use strict'; + +Legacy.migrated.prefs = Object.assign( +{ + "autoReload": true, + "autoReload.global": true, + "autoReload.allTabs": true, + "autoReload.allTabsOnPageAction": true, + "autoReload.allTabsOnGlobal": false, + "autoReload.onMultiContent": false, + "autoReload.useHistory": false, + "autoReload.useHistory.exceptCurrent": true, + "autoReload.embedders": 1, + "ctxMenu": true, + "statusIcon": true, + "sound": false, + "sound.oncePerSite": true, + "notify": true, + "notify.bottom": true, + "showAddress": false, + "showDomain": false, + "showTemp": true, + "showPermanent": true, + "showDistrust": true, + "showUntrusted": true, + "showBaseDomain": true, + "showAbout": true, + "showGlobal": true, + "showTempToPerm": true, + "showRevokeTemp": true, + "showBlockedObjects": true, + "showExternalFilters": true, + "showTempAllowPage": true, + "showAllowPage": true, + "mandatory": "[System+Principal] about: about:addons about:blocked about:certerror about:config about:crashes about:feeds about:home about:memory about:neterror about:plugins about:preferences about:privatebrowsing about:sessionrestore about:srcdoc about:support about:tabcrashed blob: chrome: mediasource: moz-extension: moz-safe-about: resource:", + "default": "about:blank about:pocket-saved about:pocket-signup addons.mozilla.org afx.ms ajax.aspnetcdn.com ajax.googleapis.com bootstrapcdn.com code.jquery.com firstdata.com firstdata.lv gfx.ms google.com googlevideo.com gstatic.com hotmail.com live.com live.net maps.googleapis.com mozilla.net netflix.com nflxext.com nflximg.com nflxvideo.net noscript.net outlook.com passport.com passport.net passportimages.com paypal.com paypalobjects.com securecode.com securesuite.net sfx.ms tinymce.cachefly.net wlxrs.com yahoo.com yahooapis.com yimg.com youtube.com ytimg.com", + "allowWhitelistUpdates": true, + "volatilePrivatePermissions": false, + "showVolatilePrivatePermissionsToggle": true, + "eraseFloatingElements": true, + "bgThumbs.allowed": false, + "bgThumbs.disableJS": true, + "forbidJava": true, + "forbidFlash": true, + "forbidSilverlight": true, + "forbidPlugins": true, + "forbidMedia": true, + "forbidFonts": true, + "forbidWebGL": false, + "forbidActiveContentParentTrustCheck": true, + "forbidIFrames": false, + "forbidIFramesContext": 3, + "forbidIFramesParentTrustCheck": true, + "forbidFrames": false, + "forbidMixedFrames": true, + "sound.block": "chrome://noscript/skin/block.wav", + "allowClipboard": false, + "allowLocalLinks": false, + "allowLocalLinks.from": "", + "allowLocalLinks.to": "", + "allowCachingObjects": true, + "showPlaceholder": true, + "global": false, + "globalHttpsWhitelist": false, + "confirmUnblock": true, + "confirmUnsafeReload": true, + "statusLabel": false, + "forbidBookmarklets": false, + "allowBookmarkletImports": true, + "allowBookmarks": false, + "notify.hideDelay": 5, + "notify.hidePermanent": true, + "notify.hide": false, + "truncateTitleLen": 255, + "truncateTitle": true, + "fixLinks": true, + "noping": true, + "consoleDump": 0, + "excaps": true, + "nselForce": true, + "nselNever": false, + "nselNoMeta": true, + "autoAllow": 0, + "toolbarToggle": 3, + "allowPageLevel": 0, + "forbidImpliesUntrust": false, + "keys.toggle": "ctrl shift VK_BACK_SLASH.|", + "keys.ui": "ctrl shift S", + "keys.tempAllowPage": "", + "keys.revokeTemp": "", + "menuAccelerators": false, + "forbidMetaRefresh": false, + "forbidMetaRefresh.remember": false, + "forbidMetaRefresh.notify": true, + "forbidMetaRefresh.exceptions": "^https?://(?:www|encrypted)\\.google\\.(?:[a-z]{2,3}|[a-z]{2}\\.[a-z]{2,3})/ t.co", + "contentBlocker": false, + "toggle.temp": true, + "firstRunRedirection": true, + "xss.notify": true, + "xss.notify.subframes": true, + "xss.trustReloads": false, + "xss.trustData": true, + "xss.trustExternal": true, + "xss.trustTemp": true, + "xss.checkInclusions": true, + "xss.checkInclusions.exceptions": "intensedebate.com/idc/js/", + "xss.checkCharset.exceptions": "", + "filterXPost": true, + "filterXGet": true, + "filterXGetRx": "<+(?=[^<>=\\d. /(-])|[\\\\\"\\x00-\\x07\\x09\\x0B\\x0C\\x0E-\\x1F\\x7F]", + "filterXGetUserRx": "", + "filterXExceptions": "^https?://([a-z]+)\\.google\\.(?:[a-z]{1,3}\\.)?[a-z]+/(?:search|custom|\\1)\\?\n^https?://([a-z]*)\\.?search\\.yahoo\\.com/search(?:\\?|/\\1\\b)\n^https?://[a-z]+\\.wikipedia\\.org/wiki/[^\"<>?%]+$\n^https?://translate\\.google\\.com/translate_t[^\"'<>?%]+$\n^https://secure\\.wikimedia\\.org/wikipedia/[a-z]+/wiki/[^\"<>\\?%]+$", + "filterXExceptions.blogspot": true, + "filterXExceptions.darla_name": true, + "filterXExceptions.deviantart": true, + "filterXExceptions.fbconnect": true, + "filterXExceptions.ebay": true, + "filterXExceptions.ggadgets": true, + "filterXExceptions.letitbit": true, + "filterXExceptions.livejournal": true, + "filterXExceptions.lycosmail": true, + "filterXExceptions.medicare": true, + "filterXException.photobucket": true, + "filterXExceptions.printfriendly": true, + "filterXExceptions.readability": true, + "filterXExceptions.yahoo": true, + "filterXExceptions.visa": true, + "filterXExceptions.verizon": true, + "filterXExceptions.zendesk": true, + "filterXExceptions.yt_comments": true, + "protectWindowNameXAssignment": true, + "injectionCheck": 2, + "injectionCheckPost": true, + "injectionCheckHTML": true, + "globalwarning": true, + "jsredirectIgnore": false, + "jsredirectFollow": false, + "jsredirectForceShow": false, + "removeSMILKeySniffer": true, + "utf7filter": true, + "safeJSRx": "(?:window\\.)?close\\s*\\(\\)", + "badInstall": false, + "fixURI": true, + "fixURI.exclude": "", + "urivalid.aim": "\\w[^\\\\?&\\x00-\\x1f#]*(?:\\?[^\\\\\\x00-\\x1f#]*(?:#[\\w.@+-]{2,32})?)?", + "urivalid.mailto": "[^\\x00-\\x08\\x0b\\x0c\\x0e-\\x1f]*", + "forbidExtProtSubdocs": true, + "forbidXBL": 1, + "forbidXHR": 1, + "whitelistRegExp": "", + "tempGlobal": false, + "lockPrivilegedUI": false, + "collapseObject": false, + "showUntrustedPlaceholder": true, + "jsHack": "", + "jsHackRegExp": "", + "canonicalFQDN": false, + "allowedMimeRegExp": "", + "alwaysBlockUntrustedContent": true, + "consoleLog": false, + "dropXssProtection": true, + "flashPatch": true, + "silverlightPatch": true, + "allowURLBarJS": false, + "allowURLBarImports": false, + "hideOnUnloadRegExp": "video/.*", + "untrusted": "", + "untrustedGranularity": 3, + "requireReloadRegExp": "application/x-vnd\\.moveplayer\\b.*", + "restrictSubdocScripting": false, + "cascadePermissions": false, + "secureCookies": false, + "secureCookiesExceptions": "", + "secureCookiesForced": "", + "secureCookies.recycle": false, + "secureCookies.perTab": false, + "httpsForced": "", + "httpsForcedBuiltIn": "www.youtube.com", + "httpsDefWhitelist": true, + "allowHttpsOnly": 0, + "https.showInConsole": true, + "clearClick": 3, + "clearClick.plugins": true, + "clearClick.prompt": true, + "clearClick.debug": false, + "clearClick.exceptions": ".mail.yahoo.com https://mail.google.com/ *.ebay.com *.photobucket.com .youtube.com", + "clearClick.subexceptions": "^http://bit(?:ly\\.com|\\.ly)/a/sidebar\\?u= http://*.uservoice.com/*/popin.html?* http://w.sharethis.com/share3x/lightbox.html?* http://disqus.com/embed/* *.disqus.com/*/reply.html* http://www.feedly.com/mini abine:*", + "clearClick.rapidFireCheck": true, + "clearClick.threshold": 18, + "emulateFrameBreak": true, + "stickyUI.liveReload": false, + "stickyUI": true, + "stickyUI.onKeyboard": true, + "hoverUI": true, + "hoverUI.delayEnter": 250, + "hoverUI.delayStop": 50, + "hoverUI.delayExit1": 250, + "hoverUI.delayExit2": 300, + "hoverUI.excludeToggling": true, + "ignorePorts": true, + "cp.last": true, + "sanitizePaste": true, + "surrogate.enabled": true, + "surrogate.debug": false, + "surrogate.sandbox": true, + "surrogate.2mdn.replacement": "if('Proxy' in window){let _f=function(){}; google=$S(); Object.defineProperty(google,'__noSuchMethod__',{configurable:true,enumerable:false,value:_f});let ima={};ima.AdsManagerLoadedEvent=ima.AdErrorEvent={Type:new Proxy({},{get:function(){return 0}}),};ima.settings=new Proxy({},{get:function(){return _f}});ima.AdsLoader=ima.AdsRequest=ima.AdDisplayContainer=function(){return new Proxy({},{get:function(){return _f}});};google.ima=ima;}", + "surrogate.2mdn.sources": ".2mdn.net", + "surrogate.360Haven.sources": "@www.360haven.com", + "surrogate.360Haven.replacement": "Object.defineProperty(window,'adblock',{get:function() false,set: function() false});Object.defineProperty(window,'google_ad_client',{get: function () { return $S({__noSuchMethod__: function() this})}});Object.defineProperty(window.HTMLBodyElement.prototype,'innerHTML',{get:function() ''});", + "surrogate.adagionet.sources": ".adagionet.com", + "surrogate.adagionet.replacement": "adagioWriteTag=adagioWriteBanner=function(){}", + "surrogate.addthis.sources": "^https?://(?:[^/:]+\\.)?addthis\\.com/.*addthis_widget\\.js", + "surrogate.addthis.replacement": "addthis=(function(){var f=$S(arguments.callee);return f.__noSuchMethod__=f.data=f.bar=f.dynamic=f.login=f.ad=f.util=f.user=f.session=f})();", + "surrogate.adfly.sources": "!@^https?://adf.ly/\\w+/?$", + "surrogate.adfly.replacement": "for(var a=/ysmm = '(.*?)';/gi.exec(document.documentElement.innerHTML)[1],b='',c='',d=0;d<a.length;d++)0==d%2?b+=a.charAt(d):c=a.charAt(d)+c;window.location=atob(b+c).substring(2)", + "surrogate.ampush.sources": ".ampush.io", + "surrogate.ampush.replacement": "window.ampt=$S({__noSuchMethod__:function(){}});", + "surrogate.digg.sources": "!@digg.com/newsbar/*", + "surrogate.digg.replacement": "window.location.href=document.querySelector('link[rel=canonical]').href", + "surrogate.dimtus.sources": "!@^http://(?:dimtus|imageteam)\\.(?:com|org)/img-", + "surrogate.dimtus.replacement": "document.querySelector('.overlay_ad').style.display='none'", + "surrogate.ga.sources": "*.google-analytics.com", + "surrogate.ga.replacement": "(function(){var _0=$S(function()_0),_u=function(){};_0.__noSuchMethod__=_0;('ga'in window)||(ga=_u);window.urchinTracker=window._u||_u;window._gaq=$S({__noSuchMethod__:_0,push:function(f){if(typeof f=='function')f();else if(f&&f.shift&&f[0]in this)this[f.shift()].apply(this,f)},_set:function(a,b){if(typeof b=='function')b()},_link:function(h){if(h)location.href=h},_linkByPost:function(f){if(f&&f.submit)f.submit();return true},_getLinkerUrl:function(u){return u},_trackEvent:_0});window._gat=$S({__noSuchMethod__:function(){return _gaq},_getTrackerByName:function(){return {_visitCode:function(){return 0}}}});window.cxApi=$S({__noSuchMethod__:_0,getChosenVariation:function(x){return typeof x == 'number' ? x : x[0]},chooseVariation:function(x){return 0}})})()", + "surrogate.glinks.replacement": "['focus','mouseover','mousedown','click'].forEach(function(et){addEventListener(et,function(e){var a=e.target,href=a.href&&a.getAttribute&&a.getAttribute('href');if(href&&/^(?:http|\\/url)/.test(href)&&!a._href){a._href=a.href=a.href.replace(/.*\\/url.*[?&](?:url|q)=(http[^&]+).*/,function(a,b)decodeURIComponent(b));do{if(/\\brwt\\(/.test(a.getAttribute('onmousedown')))a.removeAttribute('onmousedown')}while((a=a.parentElement))}},true)})", + "surrogate.glinks.sources": "!@^https?://[^/]+google\\..*/search", + "surrogate.googletag.replacement": "if(typeof googletag==='undefined'){googletag={slots:{},cmd:$S({__noSuchMethod__:function(){return $S(this)},push:function(f){return f()}})};}googletag.defineSlot=function(){return $S({__noSuchMethod__:function(){return $S(this)}})};let _gt=googletag;googletag=new Proxy(_gt,{get:function(s,w,e){return w in s?s[w]:function(){return $S({__noSuchMethod__:function(){return googletag;}})};}});let _renderedAds=new Proxy({},{get:function(a,b){return b in a?a[b]:{size:[729,90]};}});let _adsRenderedInfo=new Proxy({get:function(n){return _renderedAds[n];}},{get:function(x,c){return c in x?x[c]:function(){};},set:function(x,c,v){}});Object.defineProperty(googletag,'adsRenderedInfo',{configurable:true,enumerable:true,set:function(){},get:function(){return _adsRenderedInfo;}});", + "surrogate.googletag.sources": ".googletagservices.com", + "surrogate.gravatar.sources": ".gravatar.com", + "surrogate.gravatar.replacement": "Gravatar=$S({my_hash:'', profile_cb:function(){}, init:function(){}, __noSuchMethod__:function(){}})", + "surrogate.microsoftSupport.replacement": "let c=document.getElementById('contentArea');if(c)c.style.display=''", + "surrogate.microsoftSupport.sources": "!support.microsoft.com", + "surrogate.modpagespeed.replacement": "let s=document.querySelector('noscript>meta[http-equiv=refresh]+style');if(s)s.parentNode.removeChild(s)", + "surrogate.modpagespeed.sources": "!@^https?:", + "surrogate.qs.sources": "*.quantserve.com", + "surrogate.qs.replacement": "window.quantserve=function(){}", + "surrogate.uniblue.sources": "!@.uniblue.com .liutilities.com", + "surrogate.uniblue.replacement": "Array.forEach(document.links,function(l){if(/^https:\\/\\/store\\./.test(l.href)){l.setAttribute('href',l.href.replace(/.*?:/, ''));l.parentNode.replaceChild(l,l)}})", + "surrogate.yieldman.sources": "*.yieldmanager.com", + "surrogate.yieldman.replacement": "rmAddKey=rmAddCustomKey=rmShowAd=rmShowPop=rmShowInterstitial=rmGetQueryParameters=rmGetSize=rmGetWindowUrl=rmGetPubRedirect=rmGetClickUrl=rmReplace=rmTrim=rmUrlEncode=rmCanShowPop=rmCookieExists=rmWritePopFrequencyCookie=rmWritePopExpirationCookie=flashIntalledCookieExists=writeFlashInstalledCookie=flashDetection=rmGetCookie=function(){}", + "surrogate.popunder.sources": "@^http:\\/\\/[\\w\\-\\.]+\\.[a-z]+ wyciwyg:", + "surrogate.popunder.replacement": "(function(){var unloading=false;addEventListener('pagehide',function(){unloading=true;setTimeout(function(){unloading=false},100)},true);var cookie=document.__proto__.__lookupGetter__('cookie');document.__proto__.__defineGetter__('cookie',function() {if(unloading)return cookie.apply(this);var c='; popunder=yes; popundr=yes; setover18=1';return(cookie.apply(this).replace(c,'')+c).replace(/^; /, '')});var fid='_FID_'+(Date.now().toString(16));var open=window.__proto__.open;window.__proto__.open=function(url,target,features){try{if(!(/^_(?:top|parent|self)$/i.test(target)||target in frames)){var suspSrc,suspCall,ff=[],ss=new Error().stack.split('\\n').length;if(/popunde?r/i.test(target))return ko();for(var f,ev,aa=arguments;stackSize-->2&&aa.callee&&(f=aa.callee.caller)&&ff.indexOf(f)<0;ff.push(f)){aa=f.arguments;if(!aa)break;ev=aa[0];suspCall=f.name=='doPopUnder';if(!suspSrc)suspSrc=suspCall||/(?:\\bpopunde?r|\\bfocus\\b.*\\bblur|\\bblur\\b.*\\bfocus|[pP]uShown)\\b/.test(f.toSource());if(suspCall||ev&&typeof ev=='object'&&('type' in ev)&&ev.type=='click'&&ev.button===0&&(ev.currentTarget===document||('tagName' in ev.currentTarget)&&'body'==ev.currentTarget.tagName.toLowerCase())&&!(('href' in ev.target)&&ev.target.href&&(ev.target.href.indexOf(url)===0||url.indexOf(ev.target.href)===0))){if(suspSrc)return ko();}}}}catch(e){}return open.apply(null, arguments);function ko(){var fr=document.getElementById(fid)||document.body.appendChild(document.createElement('iframe'));fr.id=fid;fr.src='data:text/html,';fr.style.display='none';var w=fr.contentWindow;w.blur=function(){};return w;}}})()", + "surrogate.popunder.exceptions": ".meebo.com", + "surrogate.imdb.sources": "@*.imdb.com/video/*", + "surrogate.imdb.replacement": "addEventListener('DOMContentLoaded',function(ev){ad_utils.render_ad=function(w){w.location=w.location.href.replace(/.*\\bTRAILER=([^&]+).*/,'$1')}},true)", + "surrogate.nscookie.sources": "@*.facebook.com", + "surrogate.nscookie.replacement": "document.cookie='noscript=; domain=.facebook.com; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT;'", + "surrogate.imagebam.replacement": "(function(){if(\"over18\" in window){var _do=doOpen;doOpen=function(){};over18();doOpen=_do}else{var e=document.getElementById(Array.slice(document.getElementsByTagName(\"script\")).filter(function(s){return !!s.innerHTML})[0].innerHTML.match(/over18[\\s\\S]*?'([^']+)/)[1]);e.style.display='none'}})()", + "surrogate.imagebam.sources": "!@*.imagebam.com", + "surrogate.imagehaven.replacement": "['agreeCont','TransparentBlack'].forEach(function(id){var o=document.getElementById(id);if(o)o.style.display='none'})", + "surrogate.imagehaven.sources": "!@*.imagehaven.net", + "surrogate.imgreserve.sources": "!imgreserve.com", + "surrogate.imgreserve.replacement": "let b=document.querySelector('input[value=\"YES\"]');if(b)b.addEventListener('click',function(){document.cookie='AgeVerification=1';location.href=location},true)", + "surrogate.interstitialBox.replacement": "__defineSetter__('interstitialBox',function(){});__defineGetter__('interstitialBox',function(){return{}})", + "surrogate.interstitialBox.sources": "@*.imagevenue.com", + "surrogate.invodo.sources": ".invodo.com", + "surrogate.invodo.replacement": "Invodo=$S({__noSuchMethod__:function(){}})", + "surrogate.googleThumbs.replacement": "(function(){var ss=document.getElementsByTagName('script');var s,t,m,id,i;for(var j=ss.length;j-->0;)if(((s=ss[j])&&(t=s.firstChild&&s.firstChild.nodeValue)&&(id=t.match(/\\w+thumb\\d+/))&&(m=t.match(/['\"](data:[^'\"]+)/)))&&(i=document.getElementById(id)))i.src=m[1].replace(/\\\\(u[0-9a-f]{4}|x[0-9a-f]{2})/ig,function(a,b){return String.fromCharCode(parseInt(b.substring(1), 16))})})()", + "surrogate.googleThumbs.sources": "!^https?://www\\.google\\.[a-z]+/search", + "surrogate.amo.replacement": "addEventListener('click',function(e){if(e.button)return;var a=e.target.parentNode;var hash=a.getAttribute('data-hash');if(hash){var b=a.parentNode.parentNode;InstallTrigger.install({x:{URL:a.href,IconURL:b.getAttribute('data-icon'),Hash:hash,toString:function(){return a.href}}});e.preventDefault()}},false)", + "surrogate.amo.sources": "!https://addons.mozilla.org/", + "surrogate.ab_adsense.sources": "pagead2.googlesyndication.com", + "surrogate.ab_adsense.replacement": "gaGlobal={}", + "surrogate.ab_adscale.sources": "js.adscale.de", + "surrogate.ab_adscale.replacement": "adscale={}", + "surrogate.ab_adtiger.sources": "^http://ads\\.adtiger\\.", + "surrogate.ab_adtiger.replacement": "adspirit_pid={}", + "surrogate.ab_bidvertiser.sources": "^http://bdv\\.bidvert", + "surrogate.ab_bidvertiser.replacement": "report_error=function(){}", + "surrogate.ab_binlayer.sources": "^http://view\\.binlay(?:er)\\.", + "surrogate.ab_binlayer.replacement": "blLayer={}", + "surrogate.ab_mirago.sources": "^http://intext\\.mirago\\.", + "surrogate.ab_mirago.replacement": "HLSysBannerUrl=''", + "surrogate.ab_mirando.sources": "^http://get\\.mirando\\.", + "surrogate.ab_mirando.replacement": "Mirando={}", + "surrogate.facebook_connect.sources": "connect.facebook.net", + "surrogate.facebook_connect.replacement": "FB=(function(){var f=$S(arguments.callee);return f.__noSuchMethod__=f.Event=f.XFBML=f;})();", + "surrogate.revsci.sources": "js.revsci.net", + "surrogate.revsci.replacement": "rsinetsegs=[];DM_addEncToLoc=DM_tag=function(){};", + "surrogate.adriver.sources": "ad.adriver.ru/cgi-bin/erle.cgi", + "surrogate.adriver.replacement": "if(top!==self&&top.location.href===location.href)setTimeout('try{document.close();}catch(e){}',100)", + "surrogate.twitter.sources": "platform.twitter.com", + "surrogate.twitter.replacement": "twttr=(function(){var f=$S(arguments.callee); var ro = f.__noSuchMethod__=f.events=f.anywhere=f; ro.widgets=$S({__noSuchMethod__:function(){}}); return ro})();", + "surrogate.plusone.sources": "apis.google.com/js/plusone.js", + "surrogate.plusone.replacement": "gapi=(function(){var f=$S(arguments.callee);return f.__noSuchMethod__=f.plusone=f;})();", + "surrogate.disqus-theme.sources": ">.disqus.com/*/build/themes/t_c4ca4238a0b923820dcc509a6f75849b.js*", + "surrogate.disqus-theme.replacement": "DISQUS.dtpl.actions.register('comments.reply.new.onLoadingStart', function() { DISQUS.dtpl.actions.remove('comments.reply.new.onLoadingStart'); DISQUS.dtpl.actions.remove('comments.reply.new.onLoadingEnd');});", + "surrogate.skimlinks.sources": ".skimlinks.com/api/", + "surrogate.skimlinks.replacement": "window.skimlinks=function(){}", + "surrogate.picbucks.sources": "!*.picbucks.com http://www.imagebax.com/show.php/*", + "surrogate.picbucks.replacement": "Array.forEach(document.getElementsByTagName('script'), function(s){let m = s.textContent.match(/(?:Lbjs\\.TargetUrl\\s*=\\s*|Array\\s*\\().*(\\bhttp[^'\"]*)/); if (m) { location.href = m[1]; throw 'break'; }})", + "surrogate.imagebunk.sources": "!http://imagebunk.com/image/*", + "surrogate.imagebunk.replacement": "document.body.insertBefore(document.getElementById('img_obj'), document.body.firstChild)", + "surrogate.picsee.sources": "!^https?://picsee\\.net/2\\d.*\\.html", + "surrogate.picsee.replacement": "location.replace(location.href.replace(/(\\/2\\d{3}[^\\/]*)(.*)\\.html/, '/upload$1/$2'));", + "surrogate.owasp_antiClickjack.sources": "!^https?://", + "surrogate.owasp_antiClickjack.replacement": "if(window.top===window&&document.body.offsetWidth===0)['body','documentElement'].forEach(function(e){document[e].style.setProperty('display','unset','important')})", + "surrogate.gigya.replacement": "gigya=$S({__noSuchMethod__:function(){}, isGigya:true, __initialized:true});gigya.socialize=$S({__noSuchMethod__:function(){}, addEventHandlers:function(){}});gigya.accounts=$S({__noSuchMethod__:function(){}})", + "surrogate.gigya.sources": ".gigya.com", + "surrogate.stripe.replacement": "Stripe=$S({__noSuchMethod__:function(){}})", + "surrogate.stripe.sources": "js.stripe.com", + "surrogate.wp.sources": "!^.*\\/20\\d{2}\\/\\d{2}\\/\\d{2}\\/", + "surrogate.wp.replacement": "let s=document.createElement('style');s.textContent='.site{opacity: 1 !important}';document.documentElement.appendChild(s)", + "fakeScriptLoadEvents.enabled": true, + "fakeScriptLoadEvents.onlyRequireJS": true, + "fakeScriptLoadEvents.exceptions": "", + "fakeScriptLoadEvents.docExceptions": "", + "placeholderMinSize": 32, + "placeholderLongTip": true, + "placeholderCollapseOnClose": false, + "compat.evernote": true, + "compat.gnotes": true, + "forbidXSLT": true, + "oldStylePartial": false, + "proxiedDNS": 0, + "placesPrefs": false, + "ABE.enabled": true, + "ABE.siteEnabled": false, + "ABE.allowRulesetRedir": false, + "ABE.legacyPrompt": false, + "ABE.disabledRulesetNames": "", + "ABE.skipBrowserRequests": true, + "ABE.notify": true, + "ABE.notify.namedLoopback": false, + "ABE.wanIpAsLocal": true, + "ABE.wanIpCheckURL": "https://secure.informaction.com/ipecho/", + "ABE.localExtras": "", + "asyncNetworking": true, + "inclusionTypeChecking": true, + "inclusionTypeChecking.exceptions": "https://scache.vzw.com/ http://cache.vzw.com .sony-europe.com .amazonaws.com .hp-ww.com .yandex.st cdn.directvid.com/*.jsx", + "inclusionTypeChecking.checkDynamic": false, + "nosniff": true, + "recentlyBlockedCount": 10, + "showRecentlyBlocked": true, + "recentlyBlockedLevel": 0, + "frameOptions.enabled": true, + "frameOptions.parentWhitelist": "https://mail.google.com/*", + "logDNS": false, + "subscription.lastCheck": 0, + "subscription.checkInterval": 24, + "subscription.trustedURL": "", + "subscription.untrustedURL": "", + "siteInfoProvider": "https://noscript.net/about/%utf8%;%ace%", + "alwaysShowObjectSources": false, + "ef.enabled": false, + "showBlankSources": false, + "preset": "medium", + "forbidBGRefresh": 1, + "forbidBGRefresh.exceptions": ".mozilla.org", + "toStaticHTML": true, + "liveConnectInterception": true, + "audioApiInterception": true, + "doNotTrack.enabled": true, + "doNotTrack.exceptions": "", + "doNotTrack.forced": "", + "ajaxFallback.enabled": true, + "sync.enabled": false, + "ABE.rulesets.SYSTEM": "# Prevent Internet sites from requesting LAN resources.\r\nSite LOCAL\r\nAccept from LOCAL\r\nDeny", + "ABE.rulesets.USER": "# User-defined rules. Feel free to experiment here.\r\n", + "ABE.migration": 0, + "smartClickToPlay": true, + "removalWarning": true, + "middlemouse_temp_allow_main_site": true, + "webext.enabled": true +}, Legacy.migrated.prefs +); diff --git a/src/lib/Base64.js b/src/lib/Base64.js new file mode 100644 index 0000000..e83d2a5 --- /dev/null +++ b/src/lib/Base64.js @@ -0,0 +1,49 @@ + +'use strict'; +// we need this because of https://bugzilla.mozilla.org/show_bug.cgi?id=439276 + +var Base64 = { + + purify: function(input) { + return input.replace(/[^A-Za-z0-9\+\/=]+/g, ''); + }, + + alt: function(s) { + // URL base64 variant, see http://en.wikipedia.org/wiki/Base64#URL_applications + return s.replace(/-/g, '+').replace(/_/g, '/') + }, + + decode: function (input, strict) { + var output = ''; + var chr1, chr2, chr3; + var enc1, enc2, enc3, enc4; + var i = 0; + + // if (/[^A-Za-z0-9\+\/\=]/.test(input)) return ""; // we don't need this, caller checks for us + + const k = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; + while (i < input.length) { + + enc1 = k.indexOf(input.charAt(i++)); + enc2 = k.indexOf(input.charAt(i++)); + enc3 = k.indexOf(input.charAt(i++)); + enc4 = k.indexOf(input.charAt(i++)); + + chr1 = (enc1 << 2) | (enc2 >> 4); + chr2 = ((enc2 & 15) << 4) | (enc3 >> 2); + chr3 = ((enc3 & 3) << 6) | enc4; + + output += String.fromCharCode(chr1); + + if (enc3 != 64) { + output += String.fromCharCode(chr2); + } + if (enc4 != 64) { + output += String.fromCharCode(chr3); + } + + } + return output; + + } +}; diff --git a/src/lib/fastclick.js b/src/lib/fastclick.js new file mode 100644 index 0000000..86bf83e --- /dev/null +++ b/src/lib/fastclick.js @@ -0,0 +1,841 @@ +;(function () { + 'use strict'; + + /** + * @preserve FastClick: polyfill to remove click delays on browsers with touch UIs. + * + * @codingstandard ftlabs-jsv2 + * @copyright The Financial Times Limited [All Rights Reserved] + * @license MIT License (see LICENSE.txt) + */ + + /*jslint browser:true, node:true*/ + /*global define, Event, Node*/ + + + /** + * Instantiate fast-clicking listeners on the specified layer. + * + * @constructor + * @param {Element} layer The layer to listen on + * @param {Object} [options={}] The options to override the defaults + */ + function FastClick(layer, options) { + var oldOnClick; + + options = options || {}; + + /** + * Whether a click is currently being tracked. + * + * @type boolean + */ + this.trackingClick = false; + + + /** + * Timestamp for when click tracking started. + * + * @type number + */ + this.trackingClickStart = 0; + + + /** + * The element being tracked for a click. + * + * @type EventTarget + */ + this.targetElement = null; + + + /** + * X-coordinate of touch start event. + * + * @type number + */ + this.touchStartX = 0; + + + /** + * Y-coordinate of touch start event. + * + * @type number + */ + this.touchStartY = 0; + + + /** + * ID of the last touch, retrieved from Touch.identifier. + * + * @type number + */ + this.lastTouchIdentifier = 0; + + + /** + * Touchmove boundary, beyond which a click will be cancelled. + * + * @type number + */ + this.touchBoundary = options.touchBoundary || 10; + + + /** + * The FastClick layer. + * + * @type Element + */ + this.layer = layer; + + /** + * The minimum time between tap(touchstart and touchend) events + * + * @type number + */ + this.tapDelay = options.tapDelay || 200; + + /** + * The maximum time for a tap + * + * @type number + */ + this.tapTimeout = options.tapTimeout || 700; + + if (FastClick.notNeeded(layer)) { + return; + } + + // Some old versions of Android don't have Function.prototype.bind + function bind(method, context) { + return function() { return method.apply(context, arguments); }; + } + + + var methods = ['onMouse', 'onClick', 'onTouchStart', 'onTouchMove', 'onTouchEnd', 'onTouchCancel']; + var context = this; + for (var i = 0, l = methods.length; i < l; i++) { + context[methods[i]] = bind(context[methods[i]], context); + } + + // Set up event handlers as required + if (deviceIsAndroid) { + layer.addEventListener('mouseover', this.onMouse, true); + layer.addEventListener('mousedown', this.onMouse, true); + layer.addEventListener('mouseup', this.onMouse, true); + } + + layer.addEventListener('click', this.onClick, true); + layer.addEventListener('touchstart', this.onTouchStart, false); + layer.addEventListener('touchmove', this.onTouchMove, false); + layer.addEventListener('touchend', this.onTouchEnd, false); + layer.addEventListener('touchcancel', this.onTouchCancel, false); + + // Hack is required for browsers that don't support Event#stopImmediatePropagation (e.g. Android 2) + // which is how FastClick normally stops click events bubbling to callbacks registered on the FastClick + // layer when they are cancelled. + if (!Event.prototype.stopImmediatePropagation) { + layer.removeEventListener = function(type, callback, capture) { + var rmv = Node.prototype.removeEventListener; + if (type === 'click') { + rmv.call(layer, type, callback.hijacked || callback, capture); + } else { + rmv.call(layer, type, callback, capture); + } + }; + + layer.addEventListener = function(type, callback, capture) { + var adv = Node.prototype.addEventListener; + if (type === 'click') { + adv.call(layer, type, callback.hijacked || (callback.hijacked = function(event) { + if (!event.propagationStopped) { + callback(event); + } + }), capture); + } else { + adv.call(layer, type, callback, capture); + } + }; + } + + // If a handler is already declared in the element's onclick attribute, it will be fired before + // FastClick's onClick handler. Fix this by pulling out the user-defined handler function and + // adding it as listener. + if (typeof layer.onclick === 'function') { + + // Android browser on at least 3.2 requires a new reference to the function in layer.onclick + // - the old one won't work if passed to addEventListener directly. + oldOnClick = layer.onclick; + layer.addEventListener('click', function(event) { + oldOnClick(event); + }, false); + layer.onclick = null; + } + } + + /** + * Windows Phone 8.1 fakes user agent string to look like Android and iPhone. + * + * @type boolean + */ + var deviceIsWindowsPhone = navigator.userAgent.indexOf("Windows Phone") >= 0; + + /** + * Android requires exceptions. + * + * @type boolean + */ + var deviceIsAndroid = navigator.userAgent.indexOf('Android') > 0 && !deviceIsWindowsPhone; + + + /** + * iOS requires exceptions. + * + * @type boolean + */ + var deviceIsIOS = /iP(ad|hone|od)/.test(navigator.userAgent) && !deviceIsWindowsPhone; + + + /** + * iOS 4 requires an exception for select elements. + * + * @type boolean + */ + var deviceIsIOS4 = deviceIsIOS && (/OS 4_\d(_\d)?/).test(navigator.userAgent); + + + /** + * iOS 6.0-7.* requires the target element to be manually derived + * + * @type boolean + */ + var deviceIsIOSWithBadTarget = deviceIsIOS && (/OS [6-7]_\d/).test(navigator.userAgent); + + /** + * BlackBerry requires exceptions. + * + * @type boolean + */ + var deviceIsBlackBerry10 = navigator.userAgent.indexOf('BB10') > 0; + + /** + * Determine whether a given element requires a native click. + * + * @param {EventTarget|Element} target Target DOM element + * @returns {boolean} Returns true if the element needs a native click + */ + FastClick.prototype.needsClick = function(target) { + switch (target.nodeName.toLowerCase()) { + + // Don't send a synthetic click to disabled inputs (issue #62) + case 'button': + case 'select': + case 'textarea': + if (target.disabled) { + return true; + } + + break; + case 'input': + + // File inputs need real clicks on iOS 6 due to a browser bug (issue #68) + if ((deviceIsIOS && target.type === 'file') || target.disabled) { + return true; + } + + break; + case 'label': + case 'iframe': // iOS8 homescreen apps can prevent events bubbling into frames + case 'video': + return true; + } + + return (/\bneedsclick\b/).test(target.className); + }; + + + /** + * Determine whether a given element requires a call to focus to simulate click into element. + * + * @param {EventTarget|Element} target Target DOM element + * @returns {boolean} Returns true if the element requires a call to focus to simulate native click. + */ + FastClick.prototype.needsFocus = function(target) { + switch (target.nodeName.toLowerCase()) { + case 'textarea': + return true; + case 'select': + return !deviceIsAndroid; + case 'input': + switch (target.type) { + case 'button': + case 'checkbox': + case 'file': + case 'image': + case 'radio': + case 'submit': + return false; + } + + // No point in attempting to focus disabled inputs + return !target.disabled && !target.readOnly; + default: + return (/\bneedsfocus\b/).test(target.className); + } + }; + + + /** + * Send a click event to the specified element. + * + * @param {EventTarget|Element} targetElement + * @param {Event} event + */ + FastClick.prototype.sendClick = function(targetElement, event) { + var clickEvent, touch; + + // On some Android devices activeElement needs to be blurred otherwise the synthetic click will have no effect (#24) + if (document.activeElement && document.activeElement !== targetElement) { + document.activeElement.blur(); + } + + touch = event.changedTouches[0]; + + // Synthesise a click event, with an extra attribute so it can be tracked + clickEvent = document.createEvent('MouseEvents'); + clickEvent.initMouseEvent(this.determineEventType(targetElement), true, true, window, 1, touch.screenX, touch.screenY, touch.clientX, touch.clientY, false, false, false, false, 0, null); + clickEvent.forwardedTouchEvent = true; + targetElement.dispatchEvent(clickEvent); + }; + + FastClick.prototype.determineEventType = function(targetElement) { + + //Issue #159: Android Chrome Select Box does not open with a synthetic click event + if (deviceIsAndroid && targetElement.tagName.toLowerCase() === 'select') { + return 'mousedown'; + } + + return 'click'; + }; + + + /** + * @param {EventTarget|Element} targetElement + */ + FastClick.prototype.focus = function(targetElement) { + var length; + + // Issue #160: on iOS 7, some input elements (e.g. date datetime month) throw a vague TypeError on setSelectionRange. These elements don't have an integer value for the selectionStart and selectionEnd properties, but unfortunately that can't be used for detection because accessing the properties also throws a TypeError. Just check the type instead. Filed as Apple bug #15122724. + if (deviceIsIOS && targetElement.setSelectionRange && targetElement.type.indexOf('date') !== 0 && targetElement.type !== 'time' && targetElement.type !== 'month' && targetElement.type !== 'email') { + length = targetElement.value.length; + targetElement.setSelectionRange(length, length); + } else { + targetElement.focus(); + } + }; + + + /** + * Check whether the given target element is a child of a scrollable layer and if so, set a flag on it. + * + * @param {EventTarget|Element} targetElement + */ + FastClick.prototype.updateScrollParent = function(targetElement) { + var scrollParent, parentElement; + + scrollParent = targetElement.fastClickScrollParent; + + // Attempt to discover whether the target element is contained within a scrollable layer. Re-check if the + // target element was moved to another parent. + if (!scrollParent || !scrollParent.contains(targetElement)) { + parentElement = targetElement; + do { + if (parentElement.scrollHeight > parentElement.offsetHeight) { + scrollParent = parentElement; + targetElement.fastClickScrollParent = parentElement; + break; + } + + parentElement = parentElement.parentElement; + } while (parentElement); + } + + // Always update the scroll top tracker if possible. + if (scrollParent) { + scrollParent.fastClickLastScrollTop = scrollParent.scrollTop; + } + }; + + + /** + * @param {EventTarget} targetElement + * @returns {Element|EventTarget} + */ + FastClick.prototype.getTargetElementFromEventTarget = function(eventTarget) { + + // On some older browsers (notably Safari on iOS 4.1 - see issue #56) the event target may be a text node. + if (eventTarget.nodeType === Node.TEXT_NODE) { + return eventTarget.parentNode; + } + + return eventTarget; + }; + + + /** + * On touch start, record the position and scroll offset. + * + * @param {Event} event + * @returns {boolean} + */ + FastClick.prototype.onTouchStart = function(event) { + var targetElement, touch, selection; + + // Ignore multiple touches, otherwise pinch-to-zoom is prevented if both fingers are on the FastClick element (issue #111). + if (event.targetTouches.length > 1) { + return true; + } + + targetElement = this.getTargetElementFromEventTarget(event.target); + touch = event.targetTouches[0]; + + if (deviceIsIOS) { + + // Only trusted events will deselect text on iOS (issue #49) + selection = window.getSelection(); + if (selection.rangeCount && !selection.isCollapsed) { + return true; + } + + if (!deviceIsIOS4) { + + // Weird things happen on iOS when an alert or confirm dialog is opened from a click event callback (issue #23): + // when the user next taps anywhere else on the page, new touchstart and touchend events are dispatched + // with the same identifier as the touch event that previously triggered the click that triggered the alert. + // Sadly, there is an issue on iOS 4 that causes some normal touch events to have the same identifier as an + // immediately preceeding touch event (issue #52), so this fix is unavailable on that platform. + // Issue 120: touch.identifier is 0 when Chrome dev tools 'Emulate touch events' is set with an iOS device UA string, + // which causes all touch events to be ignored. As this block only applies to iOS, and iOS identifiers are always long, + // random integers, it's safe to to continue if the identifier is 0 here. + if (touch.identifier && touch.identifier === this.lastTouchIdentifier) { + event.preventDefault(); + return false; + } + + this.lastTouchIdentifier = touch.identifier; + + // If the target element is a child of a scrollable layer (using -webkit-overflow-scrolling: touch) and: + // 1) the user does a fling scroll on the scrollable layer + // 2) the user stops the fling scroll with another tap + // then the event.target of the last 'touchend' event will be the element that was under the user's finger + // when the fling scroll was started, causing FastClick to send a click event to that layer - unless a check + // is made to ensure that a parent layer was not scrolled before sending a synthetic click (issue #42). + this.updateScrollParent(targetElement); + } + } + + this.trackingClick = true; + this.trackingClickStart = event.timeStamp; + this.targetElement = targetElement; + + this.touchStartX = touch.pageX; + this.touchStartY = touch.pageY; + + // Prevent phantom clicks on fast double-tap (issue #36) + if ((event.timeStamp - this.lastClickTime) < this.tapDelay) { + event.preventDefault(); + } + + return true; + }; + + + /** + * Based on a touchmove event object, check whether the touch has moved past a boundary since it started. + * + * @param {Event} event + * @returns {boolean} + */ + FastClick.prototype.touchHasMoved = function(event) { + var touch = event.changedTouches[0], boundary = this.touchBoundary; + + if (Math.abs(touch.pageX - this.touchStartX) > boundary || Math.abs(touch.pageY - this.touchStartY) > boundary) { + return true; + } + + return false; + }; + + + /** + * Update the last position. + * + * @param {Event} event + * @returns {boolean} + */ + FastClick.prototype.onTouchMove = function(event) { + if (!this.trackingClick) { + return true; + } + + // If the touch has moved, cancel the click tracking + if (this.targetElement !== this.getTargetElementFromEventTarget(event.target) || this.touchHasMoved(event)) { + this.trackingClick = false; + this.targetElement = null; + } + + return true; + }; + + + /** + * Attempt to find the labelled control for the given label element. + * + * @param {EventTarget|HTMLLabelElement} labelElement + * @returns {Element|null} + */ + FastClick.prototype.findControl = function(labelElement) { + + // Fast path for newer browsers supporting the HTML5 control attribute + if (labelElement.control !== undefined) { + return labelElement.control; + } + + // All browsers under test that support touch events also support the HTML5 htmlFor attribute + if (labelElement.htmlFor) { + return document.getElementById(labelElement.htmlFor); + } + + // If no for attribute exists, attempt to retrieve the first labellable descendant element + // the list of which is defined here: http://www.w3.org/TR/html5/forms.html#category-label + return labelElement.querySelector('button, input:not([type=hidden]), keygen, meter, output, progress, select, textarea'); + }; + + + /** + * On touch end, determine whether to send a click event at once. + * + * @param {Event} event + * @returns {boolean} + */ + FastClick.prototype.onTouchEnd = function(event) { + var forElement, trackingClickStart, targetTagName, scrollParent, touch, targetElement = this.targetElement; + + if (!this.trackingClick) { + return true; + } + + // Prevent phantom clicks on fast double-tap (issue #36) + if ((event.timeStamp - this.lastClickTime) < this.tapDelay) { + this.cancelNextClick = true; + return true; + } + + if ((event.timeStamp - this.trackingClickStart) > this.tapTimeout) { + return true; + } + + // Reset to prevent wrong click cancel on input (issue #156). + this.cancelNextClick = false; + + this.lastClickTime = event.timeStamp; + + trackingClickStart = this.trackingClickStart; + this.trackingClick = false; + this.trackingClickStart = 0; + + // On some iOS devices, the targetElement supplied with the event is invalid if the layer + // is performing a transition or scroll, and has to be re-detected manually. Note that + // for this to function correctly, it must be called *after* the event target is checked! + // See issue #57; also filed as rdar://13048589 . + if (deviceIsIOSWithBadTarget) { + touch = event.changedTouches[0]; + + // In certain cases arguments of elementFromPoint can be negative, so prevent setting targetElement to null + targetElement = document.elementFromPoint(touch.pageX - window.pageXOffset, touch.pageY - window.pageYOffset) || targetElement; + targetElement.fastClickScrollParent = this.targetElement.fastClickScrollParent; + } + + targetTagName = targetElement.tagName.toLowerCase(); + if (targetTagName === 'label') { + forElement = this.findControl(targetElement); + if (forElement) { + this.focus(targetElement); + if (deviceIsAndroid) { + return false; + } + + targetElement = forElement; + } + } else if (this.needsFocus(targetElement)) { + + // Case 1: If the touch started a while ago (best guess is 100ms based on tests for issue #36) then focus will be triggered anyway. Return early and unset the target element reference so that the subsequent click will be allowed through. + // Case 2: Without this exception for input elements tapped when the document is contained in an iframe, then any inputted text won't be visible even though the value attribute is updated as the user types (issue #37). + if ((event.timeStamp - trackingClickStart) > 100 || (deviceIsIOS && window.top !== window && targetTagName === 'input')) { + this.targetElement = null; + return false; + } + + this.focus(targetElement); + this.sendClick(targetElement, event); + + // Select elements need the event to go through on iOS 4, otherwise the selector menu won't open. + // Also this breaks opening selects when VoiceOver is active on iOS6, iOS7 (and possibly others) + if (!deviceIsIOS || targetTagName !== 'select') { + this.targetElement = null; + event.preventDefault(); + } + + return false; + } + + if (deviceIsIOS && !deviceIsIOS4) { + + // Don't send a synthetic click event if the target element is contained within a parent layer that was scrolled + // and this tap is being used to stop the scrolling (usually initiated by a fling - issue #42). + scrollParent = targetElement.fastClickScrollParent; + if (scrollParent && scrollParent.fastClickLastScrollTop !== scrollParent.scrollTop) { + return true; + } + } + + // Prevent the actual click from going though - unless the target node is marked as requiring + // real clicks or if it is in the whitelist in which case only non-programmatic clicks are permitted. + if (!this.needsClick(targetElement)) { + event.preventDefault(); + this.sendClick(targetElement, event); + } + + return false; + }; + + + /** + * On touch cancel, stop tracking the click. + * + * @returns {void} + */ + FastClick.prototype.onTouchCancel = function() { + this.trackingClick = false; + this.targetElement = null; + }; + + + /** + * Determine mouse events which should be permitted. + * + * @param {Event} event + * @returns {boolean} + */ + FastClick.prototype.onMouse = function(event) { + + // If a target element was never set (because a touch event was never fired) allow the event + if (!this.targetElement) { + return true; + } + + if (event.forwardedTouchEvent) { + return true; + } + + // Programmatically generated events targeting a specific element should be permitted + if (!event.cancelable) { + return true; + } + + // Derive and check the target element to see whether the mouse event needs to be permitted; + // unless explicitly enabled, prevent non-touch click events from triggering actions, + // to prevent ghost/doubleclicks. + if (!this.needsClick(this.targetElement) || this.cancelNextClick) { + + // Prevent any user-added listeners declared on FastClick element from being fired. + if (event.stopImmediatePropagation) { + event.stopImmediatePropagation(); + } else { + + // Part of the hack for browsers that don't support Event#stopImmediatePropagation (e.g. Android 2) + event.propagationStopped = true; + } + + // Cancel the event + event.stopPropagation(); + event.preventDefault(); + + return false; + } + + // If the mouse event is permitted, return true for the action to go through. + return true; + }; + + + /** + * On actual clicks, determine whether this is a touch-generated click, a click action occurring + * naturally after a delay after a touch (which needs to be cancelled to avoid duplication), or + * an actual click which should be permitted. + * + * @param {Event} event + * @returns {boolean} + */ + FastClick.prototype.onClick = function(event) { + var permitted; + + // It's possible for another FastClick-like library delivered with third-party code to fire a click event before FastClick does (issue #44). In that case, set the click-tracking flag back to false and return early. This will cause onTouchEnd to return early. + if (this.trackingClick) { + this.targetElement = null; + this.trackingClick = false; + return true; + } + + // Very odd behaviour on iOS (issue #18): if a submit element is present inside a form and the user hits enter in the iOS simulator or clicks the Go button on the pop-up OS keyboard the a kind of 'fake' click event will be triggered with the submit-type input element as the target. + if (event.target.type === 'submit' && event.detail === 0) { + return true; + } + + permitted = this.onMouse(event); + + // Only unset targetElement if the click is not permitted. This will ensure that the check for !targetElement in onMouse fails and the browser's click doesn't go through. + if (!permitted) { + this.targetElement = null; + } + + // If clicks are permitted, return true for the action to go through. + return permitted; + }; + + + /** + * Remove all FastClick's event listeners. + * + * @returns {void} + */ + FastClick.prototype.destroy = function() { + var layer = this.layer; + + if (deviceIsAndroid) { + layer.removeEventListener('mouseover', this.onMouse, true); + layer.removeEventListener('mousedown', this.onMouse, true); + layer.removeEventListener('mouseup', this.onMouse, true); + } + + layer.removeEventListener('click', this.onClick, true); + layer.removeEventListener('touchstart', this.onTouchStart, false); + layer.removeEventListener('touchmove', this.onTouchMove, false); + layer.removeEventListener('touchend', this.onTouchEnd, false); + layer.removeEventListener('touchcancel', this.onTouchCancel, false); + }; + + + /** + * Check whether FastClick is needed. + * + * @param {Element} layer The layer to listen on + */ + FastClick.notNeeded = function(layer) { + var metaViewport; + var chromeVersion; + var blackberryVersion; + var firefoxVersion; + + // Devices that don't support touch don't need FastClick + if (typeof window.ontouchstart === 'undefined') { + return true; + } + + // Chrome version - zero for other browsers + chromeVersion = +(/Chrome\/([0-9]+)/.exec(navigator.userAgent) || [,0])[1]; + + if (chromeVersion) { + + if (deviceIsAndroid) { + metaViewport = document.querySelector('meta[name=viewport]'); + + if (metaViewport) { + // Chrome on Android with user-scalable="no" doesn't need FastClick (issue #89) + if (metaViewport.content.indexOf('user-scalable=no') !== -1) { + return true; + } + // Chrome 32 and above with width=device-width or less don't need FastClick + if (chromeVersion > 31 && document.documentElement.scrollWidth <= window.outerWidth) { + return true; + } + } + + // Chrome desktop doesn't need FastClick (issue #15) + } else { + return true; + } + } + + if (deviceIsBlackBerry10) { + blackberryVersion = navigator.userAgent.match(/Version\/([0-9]*)\.([0-9]*)/); + + // BlackBerry 10.3+ does not require Fastclick library. + // https://github.com/ftlabs/fastclick/issues/251 + if (blackberryVersion[1] >= 10 && blackberryVersion[2] >= 3) { + metaViewport = document.querySelector('meta[name=viewport]'); + + if (metaViewport) { + // user-scalable=no eliminates click delay. + if (metaViewport.content.indexOf('user-scalable=no') !== -1) { + return true; + } + // width=device-width (or less than device-width) eliminates click delay. + if (document.documentElement.scrollWidth <= window.outerWidth) { + return true; + } + } + } + } + + // IE10 with -ms-touch-action: none or manipulation, which disables double-tap-to-zoom (issue #97) + if (layer.style.msTouchAction === 'none' || layer.style.touchAction === 'manipulation') { + return true; + } + + // Firefox version - zero for other browsers + firefoxVersion = +(/Firefox\/([0-9]+)/.exec(navigator.userAgent) || [,0])[1]; + + if (firefoxVersion >= 27) { + // Firefox 27+ does not have tap delay if the content is not zoomable - https://bugzilla.mozilla.org/show_bug.cgi?id=922896 + + metaViewport = document.querySelector('meta[name=viewport]'); + if (metaViewport && (metaViewport.content.indexOf('user-scalable=no') !== -1 || document.documentElement.scrollWidth <= window.outerWidth)) { + return true; + } + } + + // IE11: prefixed -ms-touch-action is no longer supported and it's recomended to use non-prefixed version + // http://msdn.microsoft.com/en-us/library/windows/apps/Hh767313.aspx + if (layer.style.touchAction === 'none' || layer.style.touchAction === 'manipulation') { + return true; + } + + return false; + }; + + + /** + * Factory method for creating a FastClick object + * + * @param {Element} layer The layer to listen on + * @param {Object} [options={}] The options to override the defaults + */ + FastClick.attach = function(layer, options) { + return new FastClick(layer, options); + }; + + + if (typeof define === 'function' && typeof define.amd === 'object' && define.amd) { + + // AMD. Register as an anonymous module. + define(function() { + return FastClick; + }); + } else if (typeof module !== 'undefined' && module.exports) { + module.exports = FastClick.attach; + module.exports.FastClick = FastClick; + } else { + window.FastClick = FastClick; + } +}()); diff --git a/src/lib/fastclick.js.LICENSE.txt b/src/lib/fastclick.js.LICENSE.txt new file mode 100644 index 0000000..459a20d --- /dev/null +++ b/src/lib/fastclick.js.LICENSE.txt @@ -0,0 +1,22 @@ +Copyright (c) 2014 The Financial Times Ltd. + +Permission is hereby granted, free of charge, to any person +obtaining a copy of this software and associated documentation +files (the "Software"), to deal in the Software without +restriction, including without limitation the rights to use, +copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the +Software is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES +OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT +HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. diff --git a/src/lib/flextabs.LICENSE.txt b/src/lib/flextabs.LICENSE.txt new file mode 100644 index 0000000..ab5afe4 --- /dev/null +++ b/src/lib/flextabs.LICENSE.txt @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2016 mdmoreau + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/src/lib/flextabs.css b/src/lib/flextabs.css new file mode 100644 index 0000000..6227da3 --- /dev/null +++ b/src/lib/flextabs.css @@ -0,0 +1,17 @@ +.flextabs { + display: flex; + flex-wrap: wrap; +} + +.flextabs__tab { + width: 100%; +} + +.flextabs__content { + display: none; + width: 100%; +} + +.flextabs__content--active { + display: block; +} diff --git a/src/lib/flextabs.js b/src/lib/flextabs.js new file mode 100644 index 0000000..12842c5 --- /dev/null +++ b/src/lib/flextabs.js @@ -0,0 +1,68 @@ +(function(root, factory) { + if (typeof define === 'function' && define.amd) { + define([], factory); + } else if (typeof module === 'object' && module.exports) { + module.exports = factory(); + } else { + root.flextabs = factory(); + } +}(this, function() { + + var flextabs = function(target) { + + var _ = {}; + + _.flextabs = target; + + _.toggle = _.flextabs.querySelectorAll('.flextabs__toggle'); + + _.content = _.flextabs.querySelectorAll('.flextabs__content'); + + _.reset = function() { + for (var i = 0; i < _.toggle.length; i += 1) { + _.toggle[i].classList.remove('flextabs__toggle--active--last'); + _.content[i].classList.remove('flextabs__content--active--last'); + } + }; + + _.activate = function() { + var i = Array.prototype.indexOf.call(_.toggle, this); + _.toggle[i].classList.toggle('flextabs__toggle--active'); + _.toggle[i].classList.add('flextabs__toggle--active--last'); + _.content[i].classList.toggle('flextabs__content--active'); + _.content[i].classList.add('flextabs__content--active--last'); + }; + + _.aria = function() { + for (var i = 0; i < _.toggle.length; i += 1) { + var style = getComputedStyle(_.content[i]); + if (style.getPropertyValue('display') !== 'none') { + _.toggle[i].setAttribute('aria-expanded', true); + } else { + _.toggle[i].setAttribute('aria-expanded', false); + } + } + }; + + _.click = function(e) { + e.preventDefault(); + _.reset(); + _.activate.call(this); + _.aria(); + }; + + _.init = function() { + for (var i = 0; i < _.toggle.length; i += 1) { + window.addEventListener('load', _.aria); + window.addEventListener('resize', _.aria); + _.toggle[i].addEventListener('click', _.click); + } + }; + + return _; + + }; + + return flextabs; + +})); diff --git a/src/lib/include.js b/src/lib/include.js new file mode 100644 index 0000000..896c6d5 --- /dev/null +++ b/src/lib/include.js @@ -0,0 +1,35 @@ +var include = (() => +{ + let _inclusions = new Map(); + + function scriptLoader(src) { + let script = document.createElement("script"); + script.src = src; + return script; + } + + function styleLoader(src) { + let style = document.createElement("link"); + style.rel = "stylesheet"; + style.type = "text/css"; + style.href = src; + return style; + } + + return async function include(src) { + if (_inclusions.has(src)) return await _inclusions.get(src); + if (Array.isArray(src)) { + return await Promise.all(src.map(s => include(s))); + } + debug("Including", src); + + let loading = new Promise((resolve, reject) => { + let inc = src.endsWith(".css") ? styleLoader(src) : scriptLoader(src); + inc.onload = () => resolve(inc); + inc.onerror = () => reject(new Error(`Failed to load ${src}`)); + document.head.appendChild(inc); + }); + _inclusions.set(src, loading); + return await (loading); + } +})(); diff --git a/src/lib/log.js b/src/lib/log.js new file mode 100644 index 0000000..fe38b87 --- /dev/null +++ b/src/lib/log.js @@ -0,0 +1,14 @@ + +{ + let PREFIX = `[${browser.runtime.getManifest().name}]`; + + function log(msg, ...rest) { + console.log(`${PREFIX} ${msg}`, ...rest); + } + function debug(msg, ...rest) { + console.debug(`${PREFIX} ${msg}`, ...rest); + } + function error(e, msg, ...rest) { + console.error(`${PREFIX} ${msg}`, e, e.message, e.stack); + } +} diff --git a/src/lib/persistent-tabs.js b/src/lib/persistent-tabs.js new file mode 100644 index 0000000..8f7f711 --- /dev/null +++ b/src/lib/persistent-tabs.js @@ -0,0 +1,21 @@ +if (typeof flextabs === "function") { + + for (let tabs of document.querySelectorAll(".flextabs")) { + flextabs(tabs).init(); + let {id} = tabs; + if (!id) continue; + let rx = new RegExp(`(?:^|[#;])tab-${id}=(\\d+)(?:;|$)`); + let current = location.hash.match(rx); + console.log(`persisted %o`, current); + let toggles = tabs.querySelectorAll(".flextabs__toggle"); + let currentToggle = toggles[current && parseInt(current[1]) || 0]; + if (currentToggle) currentToggle.click(); + for (let toggle of toggles) { + toggle.addEventListener("click", e => { + let currentIdx = Array.indexOf(toggles, toggle); + location.hash = location.hash.split(";").filter(p => !rx.test(p)) + .concat(`tab-${id}=${currentIdx}`).join(";"); + }); + } + } +} diff --git a/src/lib/punycode.js b/src/lib/punycode.js new file mode 100644 index 0000000..2c87f6c --- /dev/null +++ b/src/lib/punycode.js @@ -0,0 +1,533 @@ +/*! https://mths.be/punycode v1.4.1 by @mathias */ +;(function(root) { + + /** Detect free variables */ + var freeExports = typeof exports == 'object' && exports && + !exports.nodeType && exports; + var freeModule = typeof module == 'object' && module && + !module.nodeType && module; + var freeGlobal = typeof global == 'object' && global; + if ( + freeGlobal.global === freeGlobal || + freeGlobal.window === freeGlobal || + freeGlobal.self === freeGlobal + ) { + root = freeGlobal; + } + + /** + * The `punycode` object. + * @name punycode + * @type Object + */ + var punycode, + + /** Highest positive signed 32-bit float value */ + maxInt = 2147483647, // aka. 0x7FFFFFFF or 2^31-1 + + /** Bootstring parameters */ + base = 36, + tMin = 1, + tMax = 26, + skew = 38, + damp = 700, + initialBias = 72, + initialN = 128, // 0x80 + delimiter = '-', // '\x2D' + + /** Regular expressions */ + regexPunycode = /^xn--/, + regexNonASCII = /[^\x20-\x7E]/, // unprintable ASCII chars + non-ASCII chars + regexSeparators = /[\x2E\u3002\uFF0E\uFF61]/g, // RFC 3490 separators + + /** Error messages */ + errors = { + 'overflow': 'Overflow: input needs wider integers to process', + 'not-basic': 'Illegal input >= 0x80 (not a basic code point)', + 'invalid-input': 'Invalid input' + }, + + /** Convenience shortcuts */ + baseMinusTMin = base - tMin, + floor = Math.floor, + stringFromCharCode = String.fromCharCode, + + /** Temporary variable */ + key; + + /*--------------------------------------------------------------------------*/ + + /** + * A generic error utility function. + * @private + * @param {String} type The error type. + * @returns {Error} Throws a `RangeError` with the applicable error message. + */ + function error(type) { + throw new RangeError(errors[type]); + } + + /** + * A generic `Array#map` utility function. + * @private + * @param {Array} array The array to iterate over. + * @param {Function} callback The function that gets called for every array + * item. + * @returns {Array} A new array of values returned by the callback function. + */ + function map(array, fn) { + var length = array.length; + var result = []; + while (length--) { + result[length] = fn(array[length]); + } + return result; + } + + /** + * A simple `Array#map`-like wrapper to work with domain name strings or email + * addresses. + * @private + * @param {String} domain The domain name or email address. + * @param {Function} callback The function that gets called for every + * character. + * @returns {Array} A new string of characters returned by the callback + * function. + */ + function mapDomain(string, fn) { + var parts = string.split('@'); + var result = ''; + if (parts.length > 1) { + // In email addresses, only the domain name should be punycoded. Leave + // the local part (i.e. everything up to `@`) intact. + result = parts[0] + '@'; + string = parts[1]; + } + // Avoid `split(regex)` for IE8 compatibility. See #17. + string = string.replace(regexSeparators, '\x2E'); + var labels = string.split('.'); + var encoded = map(labels, fn).join('.'); + return result + encoded; + } + + /** + * Creates an array containing the numeric code points of each Unicode + * character in the string. While JavaScript uses UCS-2 internally, + * this function will convert a pair of surrogate halves (each of which + * UCS-2 exposes as separate characters) into a single code point, + * matching UTF-16. + * @see `punycode.ucs2.encode` + * @see <https://mathiasbynens.be/notes/javascript-encoding> + * @memberOf punycode.ucs2 + * @name decode + * @param {String} string The Unicode input string (UCS-2). + * @returns {Array} The new array of code points. + */ + function ucs2decode(string) { + var output = [], + counter = 0, + length = string.length, + value, + extra; + while (counter < length) { + value = string.charCodeAt(counter++); + if (value >= 0xD800 && value <= 0xDBFF && counter < length) { + // high surrogate, and there is a next character + extra = string.charCodeAt(counter++); + if ((extra & 0xFC00) == 0xDC00) { // low surrogate + output.push(((value & 0x3FF) << 10) + (extra & 0x3FF) + 0x10000); + } else { + // unmatched surrogate; only append this code unit, in case the next + // code unit is the high surrogate of a surrogate pair + output.push(value); + counter--; + } + } else { + output.push(value); + } + } + return output; + } + + /** + * Creates a string based on an array of numeric code points. + * @see `punycode.ucs2.decode` + * @memberOf punycode.ucs2 + * @name encode + * @param {Array} codePoints The array of numeric code points. + * @returns {String} The new Unicode string (UCS-2). + */ + function ucs2encode(array) { + return map(array, function(value) { + var output = ''; + if (value > 0xFFFF) { + value -= 0x10000; + output += stringFromCharCode(value >>> 10 & 0x3FF | 0xD800); + value = 0xDC00 | value & 0x3FF; + } + output += stringFromCharCode(value); + return output; + }).join(''); + } + + /** + * Converts a basic code point into a digit/integer. + * @see `digitToBasic()` + * @private + * @param {Number} codePoint The basic numeric code point value. + * @returns {Number} The numeric value of a basic code point (for use in + * representing integers) in the range `0` to `base - 1`, or `base` if + * the code point does not represent a value. + */ + function basicToDigit(codePoint) { + if (codePoint - 48 < 10) { + return codePoint - 22; + } + if (codePoint - 65 < 26) { + return codePoint - 65; + } + if (codePoint - 97 < 26) { + return codePoint - 97; + } + return base; + } + + /** + * Converts a digit/integer into a basic code point. + * @see `basicToDigit()` + * @private + * @param {Number} digit The numeric value of a basic code point. + * @returns {Number} The basic code point whose value (when used for + * representing integers) is `digit`, which needs to be in the range + * `0` to `base - 1`. If `flag` is non-zero, the uppercase form is + * used; else, the lowercase form is used. The behavior is undefined + * if `flag` is non-zero and `digit` has no uppercase form. + */ + function digitToBasic(digit, flag) { + // 0..25 map to ASCII a..z or A..Z + // 26..35 map to ASCII 0..9 + return digit + 22 + 75 * (digit < 26) - ((flag != 0) << 5); + } + + /** + * Bias adaptation function as per section 3.4 of RFC 3492. + * https://tools.ietf.org/html/rfc3492#section-3.4 + * @private + */ + function adapt(delta, numPoints, firstTime) { + var k = 0; + delta = firstTime ? floor(delta / damp) : delta >> 1; + delta += floor(delta / numPoints); + for (/* no initialization */; delta > baseMinusTMin * tMax >> 1; k += base) { + delta = floor(delta / baseMinusTMin); + } + return floor(k + (baseMinusTMin + 1) * delta / (delta + skew)); + } + + /** + * Converts a Punycode string of ASCII-only symbols to a string of Unicode + * symbols. + * @memberOf punycode + * @param {String} input The Punycode string of ASCII-only symbols. + * @returns {String} The resulting string of Unicode symbols. + */ + function decode(input) { + // Don't use UCS-2 + var output = [], + inputLength = input.length, + out, + i = 0, + n = initialN, + bias = initialBias, + basic, + j, + index, + oldi, + w, + k, + digit, + t, + /** Cached calculation results */ + baseMinusT; + + // Handle the basic code points: let `basic` be the number of input code + // points before the last delimiter, or `0` if there is none, then copy + // the first basic code points to the output. + + basic = input.lastIndexOf(delimiter); + if (basic < 0) { + basic = 0; + } + + for (j = 0; j < basic; ++j) { + // if it's not a basic code point + if (input.charCodeAt(j) >= 0x80) { + error('not-basic'); + } + output.push(input.charCodeAt(j)); + } + + // Main decoding loop: start just after the last delimiter if any basic code + // points were copied; start at the beginning otherwise. + + for (index = basic > 0 ? basic + 1 : 0; index < inputLength; /* no final expression */) { + + // `index` is the index of the next character to be consumed. + // Decode a generalized variable-length integer into `delta`, + // which gets added to `i`. The overflow checking is easier + // if we increase `i` as we go, then subtract off its starting + // value at the end to obtain `delta`. + for (oldi = i, w = 1, k = base; /* no condition */; k += base) { + + if (index >= inputLength) { + error('invalid-input'); + } + + digit = basicToDigit(input.charCodeAt(index++)); + + if (digit >= base || digit > floor((maxInt - i) / w)) { + error('overflow'); + } + + i += digit * w; + t = k <= bias ? tMin : (k >= bias + tMax ? tMax : k - bias); + + if (digit < t) { + break; + } + + baseMinusT = base - t; + if (w > floor(maxInt / baseMinusT)) { + error('overflow'); + } + + w *= baseMinusT; + + } + + out = output.length + 1; + bias = adapt(i - oldi, out, oldi == 0); + + // `i` was supposed to wrap around from `out` to `0`, + // incrementing `n` each time, so we'll fix that now: + if (floor(i / out) > maxInt - n) { + error('overflow'); + } + + n += floor(i / out); + i %= out; + + // Insert `n` at position `i` of the output + output.splice(i++, 0, n); + + } + + return ucs2encode(output); + } + + /** + * Converts a string of Unicode symbols (e.g. a domain name label) to a + * Punycode string of ASCII-only symbols. + * @memberOf punycode + * @param {String} input The string of Unicode symbols. + * @returns {String} The resulting Punycode string of ASCII-only symbols. + */ + function encode(input) { + var n, + delta, + handledCPCount, + basicLength, + bias, + j, + m, + q, + k, + t, + currentValue, + output = [], + /** `inputLength` will hold the number of code points in `input`. */ + inputLength, + /** Cached calculation results */ + handledCPCountPlusOne, + baseMinusT, + qMinusT; + + // Convert the input in UCS-2 to Unicode + input = ucs2decode(input); + + // Cache the length + inputLength = input.length; + + // Initialize the state + n = initialN; + delta = 0; + bias = initialBias; + + // Handle the basic code points + for (j = 0; j < inputLength; ++j) { + currentValue = input[j]; + if (currentValue < 0x80) { + output.push(stringFromCharCode(currentValue)); + } + } + + handledCPCount = basicLength = output.length; + + // `handledCPCount` is the number of code points that have been handled; + // `basicLength` is the number of basic code points. + + // Finish the basic string - if it is not empty - with a delimiter + if (basicLength) { + output.push(delimiter); + } + + // Main encoding loop: + while (handledCPCount < inputLength) { + + // All non-basic code points < n have been handled already. Find the next + // larger one: + for (m = maxInt, j = 0; j < inputLength; ++j) { + currentValue = input[j]; + if (currentValue >= n && currentValue < m) { + m = currentValue; + } + } + + // Increase `delta` enough to advance the decoder's <n,i> state to <m,0>, + // but guard against overflow + handledCPCountPlusOne = handledCPCount + 1; + if (m - n > floor((maxInt - delta) / handledCPCountPlusOne)) { + error('overflow'); + } + + delta += (m - n) * handledCPCountPlusOne; + n = m; + + for (j = 0; j < inputLength; ++j) { + currentValue = input[j]; + + if (currentValue < n && ++delta > maxInt) { + error('overflow'); + } + + if (currentValue == n) { + // Represent delta as a generalized variable-length integer + for (q = delta, k = base; /* no condition */; k += base) { + t = k <= bias ? tMin : (k >= bias + tMax ? tMax : k - bias); + if (q < t) { + break; + } + qMinusT = q - t; + baseMinusT = base - t; + output.push( + stringFromCharCode(digitToBasic(t + qMinusT % baseMinusT, 0)) + ); + q = floor(qMinusT / baseMinusT); + } + + output.push(stringFromCharCode(digitToBasic(q, 0))); + bias = adapt(delta, handledCPCountPlusOne, handledCPCount == basicLength); + delta = 0; + ++handledCPCount; + } + } + + ++delta; + ++n; + + } + return output.join(''); + } + + /** + * Converts a Punycode string representing a domain name or an email address + * to Unicode. Only the Punycoded parts of the input will be converted, i.e. + * it doesn't matter if you call it on a string that has already been + * converted to Unicode. + * @memberOf punycode + * @param {String} input The Punycoded domain name or email address to + * convert to Unicode. + * @returns {String} The Unicode representation of the given Punycode + * string. + */ + function toUnicode(input) { + return mapDomain(input, function(string) { + return regexPunycode.test(string) + ? decode(string.slice(4).toLowerCase()) + : string; + }); + } + + /** + * Converts a Unicode string representing a domain name or an email address to + * Punycode. Only the non-ASCII parts of the domain name will be converted, + * i.e. it doesn't matter if you call it with a domain that's already in + * ASCII. + * @memberOf punycode + * @param {String} input The domain name or email address to convert, as a + * Unicode string. + * @returns {String} The Punycode representation of the given domain name or + * email address. + */ + function toASCII(input) { + return mapDomain(input, function(string) { + return regexNonASCII.test(string) + ? 'xn--' + encode(string) + : string; + }); + } + + /*--------------------------------------------------------------------------*/ + + /** Define the public API */ + punycode = { + /** + * A string representing the current Punycode.js version number. + * @memberOf punycode + * @type String + */ + 'version': '1.4.1', + /** + * An object of methods to convert from JavaScript's internal character + * representation (UCS-2) to Unicode code points, and back. + * @see <https://mathiasbynens.be/notes/javascript-encoding> + * @memberOf punycode + * @type Object + */ + 'ucs2': { + 'decode': ucs2decode, + 'encode': ucs2encode + }, + 'decode': decode, + 'encode': encode, + 'toASCII': toASCII, + 'toUnicode': toUnicode + }; + + /** Expose `punycode` */ + // Some AMD build optimizers, like r.js, check for specific condition patterns + // like the following: + if ( + typeof define == 'function' && + typeof define.amd == 'object' && + define.amd + ) { + define('punycode', function() { + return punycode; + }); + } else if (freeExports && freeModule) { + if (module.exports == freeExports) { + // in Node.js, io.js, or RingoJS v0.8.0+ + freeModule.exports = punycode; + } else { + // in Narwhal or RingoJS v0.7.0- + for (key in punycode) { + punycode.hasOwnProperty(key) && (freeExports[key] = punycode[key]); + } + } + } else { + // in Rhino or a web browser + root.punycode = punycode; + } + +}(this)); diff --git a/src/lib/punycode.js.LICENSE.txt b/src/lib/punycode.js.LICENSE.txt new file mode 100644 index 0000000..a41e0a7 --- /dev/null +++ b/src/lib/punycode.js.LICENSE.txt @@ -0,0 +1,20 @@ +Copyright Mathias Bynens <https://mathiasbynens.be/> + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/src/lib/tld.js b/src/lib/tld.js new file mode 100644 index 0000000..b127b2e --- /dev/null +++ b/src/lib/tld.js @@ -0,0 +1,46 @@ +var tld = { + normalize(d) { return d; }, + + isIp(d) { return this._ipRx.test(d); }, + + getDomain(domain) { + if (domain === "localhost" || this.isIp(domain)) return domain; + + domain = this.normalize(domain); + var pos = domain.search(this._tldEx); + if(pos === -1 ) { + pos = domain.search(this._tldRx); + if (pos === -1) { + // TLD not in the public suffix list, fall back to the "one-dot rule" + pos = domain.lastIndexOf("."); + if (pos === -1) { + return ""; + } + } + pos = domain.lastIndexOf(".", pos - 1) + 1; + } else if(domain[pos] == ".") { + ++pos; + } + return pos <= 0 ? domain : domain.substring(pos); + }, + + getPublicSuffix(domain) { + if (this.isIp(domain)) return ""; + + domain = this.normalize(domain); + var pos = domain.search(this._tldEx); + if(pos < 0) { + pos = domain.search(this._tldRx); + if(pos >= 0 && domain[pos] == ".") pos++; + } else { + pos = domain.indexOf(".", pos + 1) + 1; + } + return pos < 0 ? "" : domain.substring(pos); + }, + + _ipRx: /^(?:0\.|[1-9]\d{0,2}\.){3}(?:0|[1-9]\d{0,2})$|:.*:/i, + + _tldRx: /(?:\.|^)(?:s(?:h(?:i(?:(?:m(?:o(?:(?:go\.fukushim|fusa\.chib|ji\.okinaw|ichi\.nar)a|k(?:awa\.hokkaido|itayama\.nara)|n(?:oseki\.yamaguchi|ita\.gunma)|tsu(?:ke\.tochig|ma\.ibarak)i|da(?:te\.ibaraki|\.shizuoka)|suwa\.nagano)|a(?:m(?:aki\.hokkaido|oto\.osaka)|(?:(?:ne\.shima)?n|\.mi)e|bara\.nagasaki|da\.shizuoka)|izu\.(?:hokkaido|shizuoka))|n(?:(?:a(?:nomachi\.nagan|gawa\.toky)|onsen\.hyog)o|g(?:u\.(?:(?:wakayam|fukuok)a|hyogo)|o\.aomori)|j(?:o\.(?:yamagat|okayam|nar)a|uku\.tokyo)|to(?:ku\.hokkaido|mi\.miyazaki|\.gunma)|(?:yoshitomi\.fukuok|ichi\.hiroshim)a|shi(?:notsu\.hokkaido|ro\.aichi)|kamigoto\.nagasaki)|r(?:a(?:k(?:awa\.(?:fukushima|gifu)|o\.chiba)|(?:hama\.wakayam|taka\.yamagat)a|o(?:i\.hokkaido|ka\.saitama)|nuka\.hokkaido)|o(?:i(?:shi\.(?:miyagi|saga)|\.chiba)|sato\.ibaraki)|iuchi\.hokkaido)|b(?:u(?:kawa\.gunma|ya\.tokyo)|ata\.(?:niigata|miyagi)|e(?:cha|tsu)\.hokkaido)|(?:chi(?:kashuku\.miyag|nohe\.aomor)|iba\.miyazak|tara\.aich)i|o(?:(?:gama\.miya|ya\.tochi)gi|jiri\.nagano)|s(?:(?:hikui\.tokushim|ui\.chib)a|o\.hyogo)|zu(?:(?:oka\.shizu)?oka|kuishi\.iwate)|(?:jonawate\.osak|g)a|wa\.iwate)\.jp|k(?:(?:a(?:(?:ma\.miyag|tsu\.aich)i|(?:be|oi)\.hokkaido|\.ishikawa)|okuchuo\.ehime|i\.saitama)\.jp|sha)|ftedit\.io|a)|o(?:(?:(?:bara\.hiroshi|o\.okaya)m|nai\.(?:yamagat|fukuok))a\.jp|w(?:a\.(?:(?:fukushi|gun)ma|yamanashi)\.jp|\.aero|time)?|p(?:\.(?:h[tu]|pl|ro)|ping)?|uji|es)|a(?:(?:r(?:i\.hokkaido\.j)?|kotan\.hokkaido\.j)p|cknet\.nu|ngrila|w)|e(?:ll(?:\.museum)?|rbrooke\.museum)|unan\.yamaguchi\.jp|riram|\.cn)?|a(?:n(?:d(?:(?:(?:e(?:\.(?:m[oø]re-og-romsdal|vestfold)|fjord)|nes(?:sj[oø]en)?|[oø]y)\.n|cats\.i)o|vik(?:coromant)?|a\.hyogo\.jp|iego\.museum)|(?:(?:agochi\.tokushim|jo\.niigat|uki\.kagaw|go\.nar)a|n(?:ohe\.aomori|an\.hyogo))\.jp|t(?:a(?:(?:barbara|cruz|fe)\.museum|maria\.br)|oandre\.br)|o(?:\.tochigi\.jp|k\.pl|fi)|francisco\.museum)|k(?:(?:a(?:i(?:\.(?:(?:ibarak|fuku)i|osaka)|minato\.tottori)|(?:(?:\.hiroshi|do\.saita)m|ta\.yamagat)a|e\.(?:nagano|chiba)|hogi\.gifu|ki\.nagano|wa\.kochi)|egawa\.yamagata|yo\.kyoto)\.jp|u(?:ra(?:(?:\.(?:tochigi|chiba)|gawa\.ibaraki|i\.nara)\.jp)?|(?:ho)?\.nagano\.jp))|(?:ga(?:(?:mihara\.kanagaw|e\.yamagat)a|(?:\.saga)?)|y(?:ama\.(?:saitam|osak)a|o\.hyogo)|do\.niigata|bae\.fukui)\.jp|i(?:(?:t(?:(?:ama\.sait)?ama|o\.miyazaki)|k(?:ai\.nagasaki|i\.oita)|gawa\.fukuoka|jo\.ehime)\.jp|ntlouis\.museum)|l(?:(?:(?:a(?:ngen|t)|tdal)\.n|ud\.b)o|vador(?:dali\.museum|\.br)|e(?:m\.museum|rno\.it)?|zburg\.museum|on)|s(?:(?:a(?:guri\.fukuoka|yama\.hyogo)|ebo\.nagasaki)\.jp|katchewan\.museum|sari\.it)?|m(?:(?:egawa\.fukushim|ukawa\.kanagaw)a\.jp|s(?:club|ung)|nanger\.no|pa\.br)|r(?:(?:ufutsu|oma)\.hokkaido\.jp|(?:d(?:egn|ini)a)?\.it|psborg\.no|l)|t(?:(?:(?:osho\.okay|te\.sait)a|sumasendai\.kagoshi)ma\.jp|x\.museum)|v(?:e(?:s-the-whales\.com)?|annahga\.museum|ona\.it)|\.(?:gov\.(?:au|pl)|(?:edu\.)?au|c(?:om|r)|it)|o(?:(?:bernardo|gonca)\.br|tome\.st)|-east-1\.elasticbeanstalk\.com|(?:u(?:herad|da)\.n|x)o|fe(?:ty(?:\.aero)?)?|arland|po?)?|e(?:[sw]|r(?:v(?:e(?:(?:(?:(?:counterstri|qua)k|exchang)e|h(?:alflife|umour|ttp)|p(?:ics|2p)|sarcasm|irc)\.com|b(?:bs\.(?:com|net|org)|eer\.com|log\.net)|m(?:inecraft\.net|p3\.com)|ftp\.(?:com|net|org)|game\.(?:com|org))|ice(?:s(?:\.aero)?|\.gov\.uk))|a(?:nishi)?\.hiroshima\.jp)|(?:i(?:rou?\.niigata|hi\.nagasaki|ka\.kyoto|yo\.ehime)|ki(?:(?:gahara)?\.gifu|kawa\.niigata)|m(?:boku\.akita|ine\.miyagi))\.jp|l(?:ls(?:-(?:for-(?:less|u)\.com|it\.net)|yourhome\.org)|fip\.(?:info|biz|com|net|org)|(?:j(?:ord|e)|bu)?\.no|ect)|t(?:(?:o(?:uchi\.okayama|\.aichi)|agaya\.tokyo)\.jp|t(?:le(?:ment|rs)\.museum|su\.osaka\.jp))|c(?:ur(?:ity(?:tactics\.com)?|e)|\.ps)|\.(?:(?:gov|leg)\.br|eu\.org|net)|a(?:port\.museum|rch|t)|n(?:nan\.osaka\.jp|er)|v(?:astopol\.ua|en)|x(?:\.(?:hu|pl)|y)?|bastopol\.ua|jny\.pl|oul\.kr|ek)?|t(?:a(?:t(?:e(?:(?:(?:ofdelaware)?\.museu|far)m|bank)|i(?:c(?:-access\.net|\.land)|on\.museum)|(?:helle)?\.no|oil)|r(?:(?:ostwo\.gov|achowice|gard)\.pl|nberg\.museum|hub)?|(?:(?:v(?:anger|ern)|nge)\.n|ge\.nodeart\.i)o|l(?:bans\.museum|owa-wola\.pl)|d(?:t\.museum|a)|ckspace\.space|ples)|o(?:r(?:(?:d(?:al)?|-elvdal|fjord)\.no|e(?:\.(?:bb|dk|nf|ro|st|ve))?|j\.farm|age)|ckhol(?:m\.museu)?m|kke\.no)|u(?:ff(?:-4-sale\.(?:org|us)|toread\.com)|d(?:(?:ent\.aer|i)o|y)|ttgart\.museum)|j(?:o(?:rdal(?:shalsen)?\.no|hn\.museum)|ørdal(?:shalsen)?\.no)|e(?:i(?:(?:nkjer|gen)\.no|ermark\.museum)|am\.museum)|r(?:(?:anda?|yn)\.no|eam)|petersburg\.museum|c(?:group)?|\.no|yle)?|3(?:-(?:website(?:-(?:ap-(?:southeast-[12]|northeast-1)|us-(?:west-[12]|east-1)|(?:eu-we|sa-ea)st-1)|\.(?:ap-(?:northeast-2|south-1)|eu-(?:central-1|west-[23])|ca-central-1|us-east-2))|(?:(?:fips-us-gov-we|sa-ea)st|ca-central)-1|ap-(?:south(?:east-[12]|-1)|northeast-[12])|e(?:u-(?:west-[123]|central-1)|xternal-1)|us-(?:gov-west-1|west-[12]|east-2))\.amazonaws\.com|\.(?:(?:(?:dualstack\.(?:ap-(?:south(?:east-[12]|-1)|northeast-[12])|eu-(?:west-[123]|central-1)|(?:ca-central|sa-east)-1|us-east-[12])|eu-(?:central-1|west-[23])|us-east-2)\.|(?:ap-(?:northeast-2|south-1)\.)?)amazonaws\.com|c(?:n-north-1\.amazonaws\.com\.cn|a-central-1\.amazonaws\.com)))|o(?:(?:(?:(?:o\.kagoshi|ja\.okaya)m|degaura\.chib|eda\.fukuok)a|betsu\.hokkaido|wa\.ibaraki)\.jp|r(?:(?:-(?:(?:aur|o)dal|varanger|fron)|(?:tlan|fol)d|reisa|um)\.no|ocaba\.br)|u(?:nd(?:andvision\.museum|cast\.me)|th(?:carolina|west)\.museum)|n(?:dr(?:e-land\.no|io\.it)|g(?:dalen\.no)?|i\.nara\.jp|y)|l(?:u(?:nd\.no|tions)|ogne\.museum|a(?:\.no|r))|c(?:i(?:ety\.museum|al)|hi\.su|\.lk|cer)|s(?:(?:nowiec)?\.pl|a\.chiba\.jp)|k(?:a\.saitama\.jp|ndal\.no)|m(?:a\.fukushima\.jp|na\.no)|ft(?:ware(?:\.aero)?|bank)|\.(?:gov\.pl|it)|gn(?:dal|e)\.no|pot\.pl|hu|y)?|u(?:(?:k(?:agawa\.fukushima|umo\.kochi)|gi(?:nami\.tokyo|to\.saitama)|s(?:ono\.shizuoka|aki\.kochi))\.jp|m(?:(?:i(?:da\.tokyo|ta\.iwate)|oto\.(?:kumamot|hyog)o)\.jp|y\.ua)|z(?:u(?:k(?:a\.mie\.jp|i)|\.ishikawa\.jp)|aka\.nagano\.jp)|r(?:ge(?:onshall\.museum|ry)|rey\.museum|nadal\.no|f)|i(?:(?:fu\.ibaraki|ta\.osaka)\.jp|sse\.museum)|n(?:agawa\.hokkaido\.jp|(?:ndal|d)\.no)|e(?:\.fukuoka\.jp|dtirol\.it)|wa(?:\.nagano\.jp|lki\.pl)|l(?:(?:dal|a)\.no|i\.hu)|pp(?:l(?:ies|y)|ort)|̈dtirol\.it|cks)?|c(?:[ab]|h(?:o(?:ko(?:laden\.museum|keks\.net)|ol(?:\.(?:museum|n[az]|za))?|enbrunn\.museum|larships)|\.(?:[qs]a|i[dr]|l[ky]|ae|jo|ng|zm)|w(?:eiz\.museum|arz)|lesisches\.museum|aeffler|midt|ule)|i(?:en(?:ce(?:(?:(?:and(?:indust|histo)|histo)ry|(?:snaturelle)?s|-fiction|centers?)?\.museum)?|tist\.aero)|\.eg)|r(?:app(?:er-site\.net|ing\.cc)|ysec\.com)|\.(?:(?:gov|leg)\.br|k[er]|u[gs]|cn|tz)|o(?:t(?:land\.museum)?|r)|johnson)?|k(?:(?:a(?:n(?:land|it)|un)|j(?:erv[oø]y|[aå]k)|edsmo(?:korset)?|ånland|ánit)\.no|i(?:(?:e(?:rv[aá]|n)|ptvet)\.no|\.(?:museum|no)|n)?|o(?:(?:\.gov|czow)\.pl|le\.museum|dje\.no)|y(?:diving\.aero|pe)?|\.(?:eu\.org|ca)|lep\.pl)?|i(?:(?:benik\.museu|mple-url\.co)m|l(?:k(?:\.museum)?|jan\.no)|n(?:a(?:app\.com)?|gles)|r(?:acusa\.it|dal\.no)|te(?:s\.static\.land)?|c(?:il(?:ia|y))?\.it|e(?:llak\.no|na\.it)|\.(?:eu\.org|it)|gdal\.no)?|p(?:ace(?:(?:-to-rent\.co|\.museu)m|kit\.io)?|\.(?:(?:gov|leg)\.br|it)|y(?:deberg\.no|\.museum)|dns\.(?:org|de|eu)|o(?:rt(?:\.hu)?|t)|jelkavik\.no|readbetting|b\.[rs]u|iegel)|y(?:no(?:logy(?:-d(?:iskstation|s)\.d|\.m)|-ds\.d)e|dney(?:\.museum)?|kkylven\.no|tes\.net|mantec|stems)?|(?:ø(?:r(?:-(?:(?:aur|o)dal|varanger|fron)|reisa|fold|um)|ndre-land|gne|mna)|ál[aá]t)\.no|w(?:i(?:(?:noujscie|ebodzin|dnica)\.pl|ftcover|ss)|e(?:etpepper\.org|den\.museum)|atch)|v(?:(?:e(?:lvik|io)|albard)\.no|izzera\.museum|n-repos\.de|\.it)?|l(?:a(?:ttum\.no|sk\.pl)|d\.(?:do|pa)|[gz]\.br|upsk\.pl|ing)?|n(?:(?:[aå](?:ase|sa)|illfjord|oasa)\.no|\.cn|cf)?|z(?:(?:cz(?:ecin|ytno)|kola)\.pl|ex\.hu)?|s(?:l\.origin\.cdn77-secure\.org|\.it)|quare(?:7\.(?:net|ch|de)|\.museum)|r(?:[lt]|\.(?:gov\.pl|it)|v\.br)?|m(?:[oø]la\.no|\.ua|art|ile)?|d(?:\.(?:cn|us)|n\.gov\.pl)?|b(?:[is]|\.ua)?|\.(?:bg|se)|f(?:\.no|r)|j(?:c\.br)?|x(?:\.cn)?|g)|k(?:a(?:(?:m(?:i(?:(?:t(?:onda\.wakayam|sue\.oit)|i(?:zumi\.sait|chi\.toy)am|mine\.sag|oka\.akit)a|k(?:awa\.(?:h(?:okkaid|yog)o|saitama)|(?:itayama\.nar|oani\.akit)a)|s(?:u(?:nagawa\.hokkaido|\.ibaraki)|hihoro\.hokkaido|ato\.saitama)|(?:amakusa\.kumamot|furano\.hokkaid|gori\.hyog)o|no(?:yama\.yamagata|kawa\.tochigi)|\.(?:miyag|koch)i|jima\.ehime)|o(?:\.(?:niigata|kyoto)|enai\.hokkaido|gawa\.chiba)|a(?:(?:kura\.kanagaw|gaya\.chib)a|ishi\.iwate)|e(?:oka\.kyoto|yama\.mie))|wa(?:(?:(?:(?:zu\.shiz|ra\.fuk)uo|chinagano\.osa)k|(?:jima\.saita|ba\.gun)m)a|n(?:(?:abe\.kagoshim|ehon\.shizuok)a|ishi\.(?:(?:yamagat|nar)a|hyogo))|(?:tana\.nagasak|hara\.tottor|saki\.miyag)i|g(?:oe\.(?:saitama|mie)|uchi\.saitama)|k(?:ami\.na(?:gano|ra)|ita\.ishikawa)|m(?:inami\.miyazaki|ata\.fukushima)|i\.(?:iwate|nara)|ue\.gifu)|n(?:(?:a(?:(?:zawa\.ishik|g)aw|n\.osak)|o(?:ya\.kagoshim|nji\.kagaw)|na(?:mi\.shizuok|\.gunm)|maki\.nar|zaki\.sag|ra\.gunm)a|e(?:yama\.(?:fukushim|yamagat)a|gasaki\.iwate)|i(?:e\.aichi|\.gifu)|uma\.tochigi)|g(?:a(?:mi(?:(?:ishi\.fukushi|no\.okaya)ma|\.kochi)|(?:\.ishika)?wa)|(?:oshima\.kag)?oshima)|i(?:(?:(?:nan\.(?:tokushi|wakaya)|ta\.hiroshi)m|sei\.kanagaw|zuka\.osak)a|\.yamanashi)|k(?:amigahara\.gifu|egawa\.shizuoka|inoki\.shimane|ogawa\.hyogo|uda\.miyagi)|d(?:o(?:gawa\.miyazaki|ma\.osaka)|ena\.okinawa)|ho(?:ku\.(?:ishikaw|yamagat)|\.fukuok)a|yabe\.hokkaido)\.jp|s(?:(?:u(?:ga(?:\.(?:fukuoka|hyogo)|i\.aichi)|(?:kabe\.saitam|ya\.fukuok)a|migaura\.ibaraki)|hi(?:(?:wa(?:zaki\.niigat|ra\.osak|\.chib)|(?:har|b)a\.nar)a|ma\.(?:ibaraki|saga))|a(?:ma(?:\.ibaraki|tsu\.gifu)|oka\.okayama|hara\.gifu|i\.hyogo))\.jp|zuby\.pl)|r(?:a(?:s(?:uyama\.tochigi\.jp|jo(?:hka|k)\.no)|t(?:su\.saga\.jp|e\.museum)|(?:ganda|col)\.su)|i(?:(?:wa\.niigata|ya\.aichi)\.jp|katur\.museum)|u(?:izawa\.nagano|mai\.iwate)\.jp|(?:m[oø]|lso)y\.no|(?:pacz|tuzy)\.pl|elia\.su)|t(?:(?:su(?:(?:ragi\.(?:wakayam|nar)|ura\.chib)a|shika\.tokyo|yama\.fukui)|a(?:shina\.gunm|gami\.akit|no\.osak)a)\.jp|o(?:ri\.chiba\.jp|wice\.pl))|z(?:(?:o\.saitam|uno\.akit)a\.jp|imierz-dolny\.pl)|l(?:(?:mykia\.[rs]|uga\.s)u|isz\.pl)|u(?:tokeino\.no|fen)|fjord\.no)|o(?:(?:u(?:(?:(?:yama\.kagoshi|nosu\.saita)m|hoku\.sag)a|zushima\.tokyo)|(?:(?:ori\.fukushi|ya\.wakaya)m|r(?:iyama\.fukushim|yo\.nar))a|t(?:o(?:\.(?:shiga|tokyo)|hira\.kagawa|ura\.tottori)|a\.aichi)|g(?:a(?:\.(?:fukuoka|ibaraki)|nei\.tokyo)|e\.tottori)|k(?:(?:onoe\.oit|a\.shig)a|ubunji\.tokyo)|(?:(?:chi\.ko)?c|fu\.yamanas)hi|daira\.tokyo)\.jp|m(?:a(?:(?:(?:gane\.nagan|e\.toky)o|ki\.aichi)\.jp|tsu(?:(?:shima\.tokushim|\.ishikaw)a\.jp)?)|o(?:ro\.nagano|no\.mie)\.jp|mun(?:alforbund\.se|e\.no)|(?:forb|vux)\.se)|s(?:h(?:(?:i(?:mizu\.hokkaido|gaya\.saitama)|u\.yamanashi)\.jp|er)|(?:(?:a(?:i\.shizuok|ka\.akit)|ei\.shig)a|uge\.yamanashi)\.jp)|n(?:(?:s(?:ulat\.gov|kowola)|in)\.pl|an\.(?:aichi|shiga)\.jp|gs(?:vinger|berg)\.no|yvelo\.hu)|z(?:a(?:(?:gawa)?\.wakayam|ki\.chib)a\.jp|ow\.com)|b(?:ayashi\.miyazaki\.jp|ierzyce\.pl)|e(?:benhavn\.museum|ln(?:\.museum)?)|lobrzeg\.pl|pervik\.no)|i(?:t(?:a(?:(?:(?:shiobara\.fukushi|yama\.wakaya)m|(?:nakagusuku|daito)\.okinaw)a|ga(?:wa\.(?:miyazak|koch)i|ta\.(?:gifu|saga))|ka(?:ta\.(?:fukushima|miyazaki)|mi\.iwate)|h(?:iroshima\.hokkaido|ata\.saga)|m(?:oto\.saitama|i\.hokkaido)|a(?:iki\.nagano|kita\.akita)|\.(?:(?:kyot|toky)o|osaka)|ura\.miyazaki)\.jp|chen)|(?:y(?:o(?:s(?:(?:ato\.hokkaid|e\.toky)o|u\.aichi)|kawa\.kanagawa)|ama\.saga)|s(?:o(?:(?:fukushima)?\.nagano|saki\.mie)|(?:hiwada\.osak|arazu\.chib)a)|k(?:u(?:gawa\.shizuoka|chi\.kumamoto)|onai\.hokkaido)|ho(?:ku\.ehim|\.mi)e|bichuo\.okayama|jo\.miyazaki|zu\.kyoto)\.jp|n(?:(?:(?:okawa\.wakaya|ko\.kagoshi)m|\.okinaw)a\.jp|d(?:er|le))|m(?:(?:i(?:no\.wakayam|tsu\.chib)a|obetsu\.hokkaido)\.jp)?|r(?:(?:yu\.gunma|a\.aichi)\.jp|ovograd\.ua|kenes\.no)|w(?:a\.mie\.jp|i(?:\.nz)?)|cks-ass\.(?:net|org)|ds\.(?:museum|us)|(?:ev\.u)?a)?|u(?:(?:(?:m(?:a(?:(?:gaya\.saitam|tori\.osak)a|no\.(?:hiroshima|mie)|(?:moto\.kuma)?moto|kogen\.ehime)|e(?:jima\.okinaw|nan\.okayam)a|iyama\.kyoto)|d(?:amatsu\.yamaguchi|oyama\.wakayama)|j(?:u(?:kuri\.chib|\.oit)a|i\.iwate)|(?:i\.hiroshi|ki\.saita)ma|(?:zumaki\.iwat|wana\.mi)e|chinotsu\.nagasaki)\.j|okgrou)p|r(?:(?:o(?:(?:gi\.fukuok|be\.toyam|taki\.nar)a|is(?:hi\.aomor|o\.tochig)i|matsunai\.hokkaido)|(?:a(?:shiki\.okayam|te\.fukuok)|e\.hiroshim|ume\.fukuok)a|iyama\.hokkaido)\.jp|gan\.su)|n(?:(?:i(?:(?:gami\.okinaw|mi\.fukushim|saki\.oit)a|t(?:omi\.miyazaki|achi\.tokyo))|neppu\.hokkaido|ohe\.iwate)\.jp|st(?:unddesign|sammlung)?\.museum)|s(?:(?:hi(?:m(?:oto\.wakayama|a\.miyazaki)|ro\.hokkaido)|(?:atsu\.(?:gunm|shig)|u\.oit)a)\.jp|tanai\.[rs]u)|t(?:chan\.hokkaido\.jp|no\.pl))|12\.(?:(?:m[adeinost]|n[cehjmvy]|a[klrsz]|c[aot]|o[hkr]|w[aiy]|d[ce]|g[au]|k[sy]|p[ar]|fl|la|ri|sc|ut)\.us|i(?:l(?:\.us)?|[adn]\.us)|v(?:i(?:\.us)?|[at]\.us)|t(?:[nx]\.us|r)|ec)|r(?:(?:(?:istians[au]n|ødshera)d|o(?:kstadelva|dsherad)|åanghke)\.no|a(?:(?:ger[oø]|anghke)\.no|snodar\.su|kow\.pl)|\.(?:eu\.org|com|it|ua)|ym\.ua|e?d)?|y(?:o(?:t(?:a(?:n(?:abe|go)|mba)\.kyoto\.jp|o(?:\.jp)?)|(?:wa\.(?:hokkaido|akita)|nan\.chiba)\.jp)|uragi\.saga\.jp|iv\.ua|\.us)?|e(?:(?:mbuchi\.hokkaido|isen\.fukuoka)\.jp|rry(?:propertie|logistic|hotel)s|p(?:no\.pl|\.tr)|ymachine\.de|trzyn\.pl)?|v(?:(?:i(?:n(?:nherad|esdal)|t(?:s[oø]y|eseid))|a(?:(?:fjor|lsun)d|nangen|m)|æ(?:nangen|fjord))\.no|\.ua)|h(?:(?:meln(?:itskiy|ytskyi)|erson)?\.ua|a(?:rk[io]v\.ua|kassia\.su))|n(?:ightpoint\.systems|owsitall\.info|x-server\.net)?|l(?:(?:[aæ]bu|epp)\.no|odzko\.pl)|(?:árášjohka|åfjord)\.no|m(?:psp\.gov\.pl|\.ua)?|p(?:psp\.gov\.pl|mg|n)?|w(?:ps)?p\.gov\.pl|\.(?:bg|se)|g(?:\.kr)?|s\.u[as]|ddi|fh|z)|m(?:[hqv]|i(?:n(?:(?:a(?:m(?:i(?:(?:(?:yamashiro\.ky|oguni\.kumam)ot|m(?:inowa|aki)\.nagan|furano\.hokkaid)o|(?:tane\.kagoshim|uonuma\.niigat|daito\.okinaw|boso\.chib)a|(?:-alps\.yamanash|sanriku\.miyag|echizen\.fuku)i|a(?:(?:iki\.nagan|waji\.hyog)o|shigara\.kanagawa)|\.(?:(?:tokushim|fukuok)a|kyoto)|i(?:zu\.shizuoka|se\.mie))|ata\.kumamoto)|(?:kami\.gun|no\.saita)ma|to\.(?:osaka|tokyo))|o(?:(?:kamo)?\.gifu|bu\.yamanashi|wa\.nagano|h\.osaka))\.jp|i(?:(?:server\.co|ng\.museu)m)?|e(?:rs\.museum|\.nu)|nesota\.museum|com\.tn|t)|(?:y(?:a(?:k(?:o(?:\.(?:fukuoka|iwate)|nojo\.miyazaki)|e\.nara)|z(?:(?:aki\.miyaz)?aki|u\.kyoto)|(?:shiro\.saitam|waka\.fukuok)a|ma\.(?:fukuoka|mie)|da\.nagano|gi)|o(?:shi\.(?:(?:(?:hiro|toku)shi|saita)ma|aichi)|ta\.nagano))|h(?:a(?:ma\.(?:(?:wakayam|chib)a|(?:aich|fuku)i|mie)|r(?:a\.(?:hiroshima|kochi)|u\.fukushima))|o\.ibaraki)|zu(?:maki\.fukuoka|sawa\.iwate|nami\.gifu|ho\.tokyo)|k(?:a(?:sa\.hokkaido|wa\.yamagata)|i\.hyogo)|ma(?:ta\.miyazaki|\.tokushima)|fune\.kumamoto|ura\.kanagawa|bu\.tochigi)\.jp|s(?:(?:a(?:to\.(?:s(?:aitama|himane)|(?:wakayam|akit)a|miyagi)|(?:sa\.tott|wa\.aom)ori|ki\.o(?:kayam|sak)a)|hima\.(?:fukushim|shizuok)a|ugi\.mie)\.jp|s(?:oula|ile)\.museum|confused\.org)|l(?:\.(?:t[jmorwz]|a[celrz]|b[aory]|k[gmrz]|m[gvyz]|n[gioz]|p[ehly]|c[lno]|g[eht]|i[dnq]|s[hty]|z[amw]|[dj]o|e[cg]|r[uw]|v[ce]|hn|lv|qa|uy)|(?:itary|l)\.museum|ano?\.it)?|t(?:(?:o(?:(?:u\.yamaguch|\.ibarak)i|yo\.kagawa)|a(?:k(?:a\.tokyo|e\.gifu)|ne\.akita))\.jp|su(?:(?:ke\.niigat|e\.nar)a\.jp|bishi))?|d(?:(?:tre-gauldal|sund)\.no|ori\.(?:chib|gunm)a\.jp|atlantic\.museum)|c(?:ro(?:light\.aero|soft)|higan\.museum)|a(?:s(?:a\.nagano\.jp|ta\.pl)|mi)|e(?:l(?:ec|no)\.pl|\.jp)|\.(?:it|th|us))|a(?:t(?:su(?:(?:b(?:ushi\.saitam|ara\.osak)|d(?:a\.kanagaw|o\.chib)|zaki\.shizuok)a|s(?:hi(?:ge\.tokushima|ma\.miyagi)|aka\.mie)|m(?:oto\.(?:kagoshima|nagano)|ae\.hokkaido)|(?:(?:yama|no)\.ehim|e\.shiman)e|ura\.nagasaki|kawa\.nagano)\.jp|t(?:a-varjjat\.no|el)|era\.it|\.br)|r(?:i(?:n(?:ga\.br|e\.ru)|tim[eo]\.museum)|u(?:game\.kagawa|mori\.miyagi)\.jp|(?:yl(?:hurst|and)|burg)\.museum|ke(?:t(?:ing|s)?|r\.no)|(?:(?:che)?\.i|riot)t|nardal\.no|shalls)|s(?:(?:hik(?:(?:e\.hokkaid|i\.kumamot)o|o\.tochigi)|(?:uda\.shiman|aki\.ehim)e)\.jp|(?:fjorden|oy)\.no|sa-?carrara\.it|erati)|n(?:(?:iwa\.okayam|no\.kagaw)a\.jp|(?:chester|sions?|x)\.museum|a(?:gement|us\.br)|g(?:yshlak\.su|o)|tova\.it|dal\.no)?|(?:k(?:(?:urazaki\.kagoshim|inohara\.shizuok)a\.j|eu)|(?:murogawa\.yamagat|ebashi\.gunm)a\.j)p|l(?:(?:atvuopmi|selv|vik)\.no|(?:opolska|bork)\.pl|lorca\.museum)|i(?:(?:bara\.shiga|zuru\.kyoto)\.jp|ntenance\.aero|l\.pl|son|f)|c(?:e(?:rata\.it|io\.br)|hida\.tokyo\.jp|apa\.br|ys)|d(?:rid(?:\.museum)?|\.museum)|p(?:\.fastly(?:lb)?\.net)?|\.(?:(?:gov|leg)\.br|us)|yfirst\.(?:info|org)|z(?:owsze|ury)\.pl|gazine\.aero|ori\.nz)?|o(?:[ei]|r(?:(?:i(?:y(?:a(?:\.ibaraki|ma\.shiga)|oshi\.akita)|(?:machi\.shizuo|guchi\.osa)ka|oka\.iwate)|o(?:tsuka\.miyazaki|yama\.saitama))\.jp|dovia\.[rs]u|ena\.br|tgage|mon)|n(?:(?:za(?:(?:-e-della)?-|e(?:della)?)?brian)?za\.it|(?:t(?:icello|real)|mouth)\.museum|ey(?:\.museum)?|ster|ash)|t(?:o(?:(?:bu\.okinawa|yama\.kochi|su\.gifu)\.jp|rcycle(?:\.museum|s))?|egi\.tochigi\.jp)|s(?:(?:(?:kene)?s|j[oø]en|vik)\.no|eushi\.hokkaido\.jp|cow(?:\.museum)?)|d(?:e(?:lling\.aero|rn\.museum|na\.it)|a(?:len\.no)?|um\.no|\.gi)|b(?:i(?:\.(?:n[ag]|t[tz]|gp|ke)|l[ey])?|ara\.chiba\.jp)|(?:chizuki\.nagano|ka\.tochigi)\.jp|m(?:betsu\.hokkaido\.jp|a\.museum)?|v(?:i(?:miento\.bo|star|e))?|(?:[aå]reke|-i-rana)\.no|l(?:(?:ise)?\.it|de\.no)|\.(?:cn|it|us)|zilla-iot\.org|onscale\.net|par)?|y(?:(?:a(?:ctivedirectory|sustor)|qnapcloud|ravendb|iphost|vnc)\.com|d(?:atto\.(?:com|net)|issent\.net|dns\.rocks|robo\.com|s\.me)|-(?:(?:(?:route|vigo)r|gateway|wan)\.de|firewall\.org)|s(?:ecuritycamera\.(?:com|net|org)|hopblocks\.com)|p(?:e(?:p\.link|ts\.ws)|hotos\.cc|sx\.net|i\.co)|f(?:tp\.(?:biz|org)|irewall\.org|ritz\.net)|m(?:ailer\.com\.tw|ediapc\.net)|t(?:uleap\.com|is\.ru)|(?:jino\.r|cd\.e)u|\.(?:eu\.org|id)|oko\.niigata\.jp|home-server\.de|effect\.net|kolaiv\.ua|wire\.org)?|u(?:s(?:e(?:um(?:(?:vereniging|center)\.museum|\.(?:m[vw]|no|om|tt))?|et\.museum)|ashi(?:murayama|no)\.tokyo\.jp|ic(?:a\.(?:ar|bo)|\.museum)|\.(?:mi\.us|br))|r(?:(?:a(?:(?:yama\.yama|kami\.nii)gata|ta\.miyagi)|o(?:ran\.hokkaido|to\.kochi))\.jp|mansk\.su)|(?:(?:gi\.tokushim|ika\.niigat)a|k(?:awa\.hokkaid|o\.kyot)o)\.jp|n(?:akata\.fukuoka\.jp|cie\.museum|i\.il)|t(?:su(?:zawa\.chiba|\.aomori)\.jp|ual)|(?:en(?:chen|ster)|lhouse)\.museum|os[aá]t\.no|p\.gov\.pl)?|e(?:d(?:i(?:a(?:\.(?:museum|aero|hu|pl))?|c(?:al\.museum|ina\.bo)|zinhistorisches\.museum|o-?campidano\.it)|\.(?:p(?:[al]|ro)|e[ce]|s[ad]|br|ht|ly|om)|ecin\.(?:fr|km))?|i(?:n-(?:iserv|vigor)\.de|wa\.(?:gunma|mie)\.jp)|l(?:(?:[oø]y|and|dal|hus)\.no|bourne)|m(?:orial(?:\.museum)?|set\.net|e)|r(?:[aå]ker\.no|seine\.nu|ckmsd)|\.(?:eu\.org|u[ks]|it|ke|tz)|s(?:averde\.museum|sina\.it)|t(?:eorapp\.com|life)|e(?:res\.museum|t)|guro\.tokyo\.jp|x\.com|nu?|o)?|(?:á(?:tta-várjjat|latvuopmi)|å(?:lselv|søy)|j[oø]ndalen)\.no|s(?:\.(?:(?:(?:gov|leg)\.b|k)r|it|us)|k\.[rs]u|d)?|t(?:[nr]|\.(?:(?:gov|leg)\.br|eu\.org|it|us))?|c(?:\.(?:eu\.org|it)|kinsey)?|g(?:\.(?:gov|leg)\.br)?|k(?:\.(?:eu\.org|ua))?|l(?:b(?:fan\.org)?|s)?|r(?:agowo\.pl|\.no)?|b(?:\.(?:ca|it)|a)|d(?:\.(?:ci|us))?|n(?:\.(?:it|us))?|ma(?:fan\.biz)?|w(?:\.gov\.pl)?|(?:āori\.n)?z|\.(?:bg|se)|p(?:\.br)?|x(?:\.na)?)|t(?:[flz]|a(?:(?:k(?:a(?:ha(?:(?:(?:ru\.miyaz|gi\.ibar)ak|ma\.(?:aich|fuku))i|(?:shi\.okayam|ta\.yamagat)a)|(?:t(?:suki\.(?:osak|shig)|a\.fukuok|ori\.nar)|ishi\.osak|oka\.toyam)a|s(?:a(?:go\.hyogo|ki\.gunma)|hima\.shiga|u\.hokkaido)|(?:n(?:ezawa\.tochig|abe\.miyazak)|zaki\.miyazak)i|m(?:ori\.(?:kumamot|nagan)o|atsu\.kagawa)|(?:(?:razuka)?\.hyog|gi\.nagan)o|yama\.(?:g(?:unma|ifu)|nagano))|(?:e(?:t(?:omi\.okinaw|a\.oit)|hara\.hiroshim)|o\.chib|u\.sag)a|i(?:(?:no(?:ue\.hokkaid|\.hyog)|kawa\.hokkaid)o|\.mie)|ko\.aomori)|m(?:a(?:k(?:awa\.fukushima|i\.mie)|(?:mura\.gun|no\.okaya)ma|tsukuri\.ibaraki|yu\.shimane|\.tokyo)|ba\.hyogo)|ga(?:(?:mi\.niigat|wa\.fukuok)a|jo\.miyagi)|d(?:o(?:tsu\.kagawa|\.mie)|aoka\.osaka)|chi(?:arai\.fukuoka|kawa\.tokyo)|ji(?:ri\.osaka|mi\.gifu)|waramoto\.nara|hara\.aichi)\.jp|i(?:(?:(?:(?:ji\.waka|ra\.to)yam|nai\.niigat)a|shi(?:\.(?:hyogo|osaka)|n\.fukushima)|ki\.(?:hokkaido|mie)|wa\.miyagi|to\.tokyo)\.jp|fun-dns\.de|pei)|t(?:(?:e(?:(?:yama\.(?:toyam|chib)|bayashi\.gunm)a|shina\.nagano)|suno\.(?:nagan|hyog)o)\.jp|a(?:motors|r)|too)|r(?:a(?:(?:ma\.okinaw|\.sag)a\.jp|nto\.it)|u(?:mizu\.kagoshima|i\.gifu)\.jp|g(?:i\.pl|et)|nobrzeg\.pl)|n(?:a(?:(?:be\.(?:wakayama|kyoto)|gura\.fukushima)\.jp|(?:nger)?\.no)|ohata\.iwate\.jp|k\.museum)|b(?:(?:ayama\.yamanas|use\.yamaguc)hi\.jp)?|s(?:(?:\.(?:edu|gov))?\.a|hkent\.s)u|x(?:i(?:\.br)?)?|a?\.it|obao|lk)|o(?:(?:m(?:i(?:(?:gusuku\.okinaw|sato\.chib|oka\.gunm)a|ya\.miyagi|\.nagano|ka\.gifu)|(?:obe\.ibarak|e\.miyag)i|a(?:koma|r)i\.hokkaido)|b(?:e(?:tsu\.hokkaido|\.ehime)|ishima\.aichi|a\.mie)|h(?:(?:nosho\.chib|o\.fukuok)a|ma\.hokkaido)|chi(?:(?:gi\.tochi)?gi|o\.niigata)|ei\.aichi)\.jp|y(?:o(?:(?:(?:(?:hashi|kawa|ake)\.ai|\.ko)chi|n(?:(?:aka|o)\.osaka|e\.aichi)|(?:ura\.hokkaid|oka\.hyog)o|sato\.shiga)\.jp|t(?:(?:omi\.hokkaido|su\.fukuoka)\.jp|a(?:\.(?:yamagu|ai)chi\.jp)?))|a(?:(?:ko)?\.hokkaido|(?:ma\.toya)?ma)\.jp|s)|k(?:(?:a(?:(?:machi\.niigat|shiki\.okinaw)a|i\.(?:ibarak|aich)i)|u(?:(?:shima\.toku)?shima|yama\.yamaguchi)|o(?:rozawa\.saitama|name\.aichi)|i(?:gawa\.saitama|\.gifu))\.jp|yo(?:\.jp)?|ke\.no)|n(?:(?:(?:a(?:ki\.okinaw|mi\.toyam)|dabayashi\.osak)a|o(?:sho\.kagawa|\.iwate)|e\.ibaraki)\.jp|sberg\.no)|g(?:(?:a(?:(?:ne\.chib|\.toyam)a|kushi\.nagano)|(?:itsu\.nagasak|o\.aich)i|ura\.nagano)\.jp|liatti\.su)|s(?:(?:a(?:shimizu)?\.kochi|u\.saga)\.jp|hi(?:ma\.tokyo\.jp|ba)|(?:cana)?\.it)|r(?:i(?:no\.(?:museum|it)|de\.ibaraki\.jp)|a(?:hime\.shiga\.jp|y)|sken\.no)|w(?:n(?:(?:news-staging\.co|\.museu)m)?|ada\.aomori\.jp)|u(?:r(?:ism\.(?:pl|tn)|s)|ch\.museum)|t(?:(?:tori\.tot)?tori\.jp|al)|z(?:awa\.yamagata\.jp|sde\.hu)|\.(?:(?:gov|leg)\.br|it)|da(?:\.saitama\.jp|y)|o(?:n\.ehime\.jp|ls)|p(?:ology\.museum)?|lga\.no)?|r(?:a(?:n(?:i(?:-(?:andria-barlett|barletta-andri)|andriabarlett|barlettaandri)a\.it|sport(?:\.museum|e\.bo)|(?:[boø]y|a)\.no)|vel(?:ers(?:insurance)?|\.(?:pl|tt)|channel)?|d(?:ing(?:\.aero)?|e(?:r\.aero)?)|in(?:er\.aero|ing)|fficplex\.cloud|eumtgerade\.de|pani\.it|\.kp)|e(?:(?:nt(?:in(?:o(?:-(?:s(?:u[ë]?d)?-?tirol|a(?:lto)?-?adige)|s(?:u[ë]?d)?-?tirol|a(?:lto)?-?adige)?|-?su[ë]?d-?tirol)|o)|viso)\.it|e\.museum)|o(?:(?:ms[aoø]|ndheim|andin|gstad)\.no|lley\.museum|itsk\.su)|(?:øgstad|ysil|æna)\.no|ust(?:(?:ee)?\.museum)?|\.(?:eu\.org|it|no)|ieste\.it|d\.br|v)?|s(?:u(?:ru(?:g(?:a(?:shima\.saitama|\.fukui)|i\.ishikawa)|(?:\.yamanash|ta\.aomor)i|oka\.yamagata)|k(?:u(?:(?:i\.kanagaw|mi\.oit)a|ba\.ibaraki)|i(?:gata\.hokkaido|yono\.gunma))|(?:ga(?:ru\.aomor|\.tochig)|shima\.(?:nagasak|aich)|chiura\.ibarak)i|b(?:a(?:ta\.ishikaw|me\.niigat)a|etsu\.hokkaido)|(?:(?:yama\.okaya|magoi\.gun)m|iki\.fukuok)a|n(?:o\.(?:miyazak|koch)i|an\.niigata)|(?:wano\.shiman|\.mi)e)\.jp|elinograd\.su|\.it)|e(?:l(?:e(?:(?:kommunikat|vis)ion\.museum|\.amune\.org|fonica|city)|\.tr)?|n(?:(?:(?:kawa|ri)\.nar|ei\.fukushim|do\.yamagat)a\.jp|nis)|c(?:h(?:nology(?:\.museum)?)?|\.(?:mi\.us|ve)|nologia\.bo)|s(?:t(?:\.(?:ru|tj)|-iserv\.de)|hikaga\.hokkaido\.jp)|(?:a(?:ches-yoga\.co)?|x(?:tile|as)\.museu)m|r(?:n(?:opil\.ua|i\.it)|amo\.it|mez\.su)|m(?:p(?:io-?olbia\.it|-dns\.com)|asek)|\.(?:it|ua)|o\.br|va)|u(?:r(?:e(?:k\.pl|n\.tn)|ystyka\.pl|\.[ab]r|in\.it)|s(?:cany\.it|hu)|n(?:k\.org|es)|xfamily\.org|[lv]a\.su|be|i)|i(?:me(?:\.(?:museum|no)|keeping\.museum)|n(?:gvoll|n)\.no|(?:cket|p)s|(?:end|a)a|r(?:es|ol)|ffany)|h(?:e(?:at(?:er(?:\.museum)?|re)|workpc\.com|\.br)|ruhere\.net|d)?|m(?:\.(?:[nr]o|m[cg]|cy|fr|hu|km|pl|se|za)|p\.br|all)?|v(?:\.(?:b[bor]|i[mt]|t[rz]|na|sd)|edestrand\.no|s)?|y(?:(?:s(?:v[aæ]r|fjord|nes)|nset|dal)\.no|chy\.pl)|j(?:(?:eldsund|[oø]me)\.no|(?:max)?x|\.cn)?|w(?:mail\.(?:net|org|cc)|\.cn)?|c(?:m\.museum|p4\.me|i)?|(?:3l3p0rt\.ne|p\.i)t|k(?:sat\.bo|maxx)?|n(?:\.(?:it|us))?|g(?:ory\.pl)?|\.(?:bg|se)|ønsberg\.no|t(?:\.im)?|x\.us|dk?)|a(?:s(?:(?:a(?:hi(?:\.(?:(?:yamagat|toyam|chib)a|ibaraki|nagano|mie)|kawa\.hokkaido)|(?:k(?:a(?:wa\.fukushi|\.saita)|uchi\.okaya)|minami\.hiroshi)ma|go\.hyogo)|o\.kumamoto|uke\.aichi)\.jp|s(?:o(?:\.(?:eu\.org|[mn]c|bj|ci|dz|fr|gp|ht|km|re)|ciat(?:ion\.(?:museum|aero)|es))|a(?:ssination\.museum|bu\.hokkaido\.jp)|(?:isi\.museu|\.k)m|edic\.fr|n\.lk)|h(?:(?:i(?:ya\.(?:fukuoka|hyogo)|betsu\.hokkaido|kaga\.tochigi)|oro\.hokkaido)\.jp|gabad\.su)|(?:k(?:[oø]y|voll|er|im)|eral)\.no|t(?:ronomy\.museum|i\.it)|n(?:\.(?:au|lv)|es\.no)|coli-?piceno\.it|matart\.museum|[di]a|\.us)?|r(?:t(?:s(?:\.(?:museum|[cr]o|nf|ve)|andcrafts\.museum)|(?:anddesign|gallery|center|deco)\.museum|\.(?:museum|d[oz]|br|ht|pl|sn)|e(?:ducation\.museum|\.bo)?)?|a(?:(?:kawa\.(?:saitama|tokyo)|i\.shizuoka|o\.kumamoto)\.jp|mco|b)|ch(?:aeolog(?:ical|y)\.museum|i(?:tecture\.museum)?)|i(?:d(?:agaw)?a\.wakayam|(?:ake|ta)\.sag)a\.jp|e(?:(?:mark|ndal)\.no|zzo\.it)|\.(?:com|it|us)|boretum\.museum|m(?:enia\.su|y)|(?:dal|na)\.no|khangelsk\.su|q\.br|pa)?|n(?:d(?:r(?:ia(?:-(?:barletta-trani|trani-barletta)|barlettatrani|tranibarletta)\.it|oid)|(?:asuolo|ebu|øy)\.no|o(?:\.nara\.jp|y\.no)|\.museum)|a(?:n(?:\.(?:tokushima|nagano)\.jp|i\.br)|mizu\.ishikawa\.jp|lytics)|n(?:-arbor\.mi\.us|aka\.gunma\.jp|efrank\.museum)|t(?:hro(?:pology)?|iques)\.museum|(?:pachi\.gifu|jo\.aichi)\.jp|(?:cona)?\.it|quan|z)|c(?:\.(?:g(?:ov\.br|n)|l(?:eg\.br|k)|i[dlmnr]|m[aeuwz]|c[inry]|r[suw]|t[hjz]|z[amw]|a[et]|k[er]|n[iz]|p[ar]|s[ez]|u[gk]|be|jp|vn)|c(?:(?:ident-(?:investiga|preven)tion\.ae|t\.p)ro|e(?:sscam\.org|nture)|ountants?)|a(?:dem(?:y(?:\.museum)?|ia\.bo)|\.pro)|t(?:(?:\.edu)?\.au|ive|or)|hi\.nagano\.jp|o)?|i(?:(?:(?:zu(?:(?:wakamatsu|bange)\.fu|mi(?:sato\.fu|\.to))kushim|kawa\.kanagaw)a|(?:betsu\.hokkaid|oi\.hyog)o|s(?:ai\.aichi|ho\.shiga)|nan\.ehime|chi)\.jp|r(?:(?:-(?:traffic-control|surveillance)|(?:craf|por)t|line)\.aero|t(?:raffic\.aero|el)|(?:guard)?\.museum|force|bus)|d\.pl|p\.ee|go?)?|l(?:a(?:(?:bam|sk)a\.museum|headju\.no|nd\.fi)|\.(?:(?:gov|leg)\.br|eu\.org|it|no|us)|pha(?:\.bounty-full|-myqnapcloud)\.com|(?:(?:gard|vdal)\.n|farome)o|t(?:o-?adige\.it|a\.no|\.za)|s(?:t(?:ahaug\.no|om)|ace)|es(?:sandria\.it|und\.no)|l(?:finanz|state|y)|i(?:baba|pay)|waysdata\.net)?|m(?:a(?:(?:kusa\.kumamot|gasaki\.hyog)o|\.(?:shimane|aichi)|mi\.kagoshima)\.jp|e(?:rican(?:(?:a(?:ntiques|rt)?)?\.museum|express|family)|x)|b(?:ulance\.(?:museum|aero)|er\.museum)|(?:(?:li|ot)\.n|usement\.aer)o|(?:sterda(?:m\.museu)?|fa)m|(?:\.(?:gov|leg))?\.br|i(?:\.ibaraki\.jp|ca))?|p(?:p(?:\.(?:os(?:\.stg)?\.fedoraproject\.org|lmpm\.com)|s(?:\.(?:fbsbx\.com|lair\.io)|pot\.com)|l(?:inzi\.com|e)|chizi\.com)?|-(?:south(?:east-[12]|-1)|northeast-[123])\.elasticbeanstalk\.com|\.(?:gov\.(?:br|pl)|leg\.br|it)|ar(?:ecida\.br|tments))|u(?:s(?:t(?:r(?:alia\.museum|heim\.no)|in\.museum|evoll\.no)|post)|t(?:o(?:motive\.museum|\.pl|s)?|hor(?:\.aero)?)|(?:r(?:(?:skog-h[oø])?land|e)|kra)\.no|d(?:i(?:ble|o)?|nedaln\.no)|gustow\.pl|\.eu\.org|ction)?|k(?:(?:a(?:(?:bira\.hokkaid|shi\.hyog)o|iwa\.okayama|gi\.shimane)|i(?:(?:shima|runo)\.tokyo|(?:ta\.aki)?ta|\.kochi)|(?:keshi\.hokkaid|o\.hyog)o|une\.kagoshima)\.jp|(?:noluokta|rehamn)\.no|tyubinsk\.su|\.us|dn)|g(?:r(?:i(?:c(?:ulture\.museum|\.za)|gento\.it|net\.tn)|o\.(?:bo|pl)|ar\.hu|\.br)|e(?:matsu\.nagano\.jp|n(?:ts\.aero|cy))|a(?:(?:no)?\.niigata\.jp|khan)|uni\.okinawa\.jp|denes\.no|\.it)?|b(?:(?:i(?:ra\.hokkaido|ko\.chiba)|eno\.osaka)\.jp|a(?:shiri\.hokkaido\.jp|rth)|u(?:\.yamaguchi\.jp|dhabi)|o(?:\.pa|gado)|r(?:uzzo)?\.it|b(?:ott|vie)?|c(?:\.br)?|khazia\.su|\.ca|le)|t(?:(?:su(?:gi\.kanagawa|ma\.hokkaido)|ami\.shizuoka)\.jp|\.(?:eu\.org|it)|-band-camp\.net|h(?:\.cx|leta)|lanta\.museum|torney|m\.pl|o\.br)?|o(?:(?:(?:ga(?:shima\.toky|ki\.hyog)|ki\.nagan)o|(?:mori\.ao)?mori)\.jp|(?:st(?:a(?:-?valley)?|e))?\.it|l)?|v(?:o(?:cat\.(?:pro|fr)|ues\.fr)|e(?:r[oø]y\.no|llino\.it)|ia(?:tion\.museum|nca)|\.(?:it|tr))|z(?:u(?:re(?:(?:websites|-mobile)\.net|container\.io)?|mino\.nagano\.jp)|erbaijan\.su|\.us)?|e(?:ro(?:(?:batic|drome|club)\.aero|\.(?:mv|tt)|port\.fr)?|(?:\.or)?g|jrie\.no|tna)?|d(?:ac(?:hi\.tokyo\.jp)?|ul(?:t\.h)?t|v\.(?:br|mz)|ygeya\.[rs]u|m\.br|\.jp|s)?|ya(?:(?:gawa\.k|se\.kan)agawa|\.miyazaki|be\.kyoto)\.jp|\.(?:s(?:sl\.fastly\.net|e)|prod\.fastly\.net|bg)|q(?:u(?:ar(?:ium\.museum|elle)|ila\.it)|\.it)?|f(?:rica(?:\.com)?|amilycompany|jord\.no|l)?|a(?:r(?:borte\.no|p)|a(?:\.pro)?|\.no)|w(?:aji\.hyogo\.jp|s)?|x(?:is\.museum|a)?|h\.(?:cn|no)|éroport\.ci|ju\.br)|n(?:a(?:k(?:(?:a(?:g(?:awa\.(?:(?:tokushim|fukuok)a|(?:hokkaid|nagan)o)|usuku\.okinawa|yo\.kyoto)|n(?:o(?:(?:to\.ishikaw|jo\.gunm)a|\.(?:nagan|toky)o)|iikawa\.toyama)|t(?:ombetsu\.hokkaido|ane\.kagoshima|sugawa\.gifu)|m(?:(?:ichi\.yamanas|ura\.koc)hi|a\.fukuoka)|(?:yama\.yamagat|i\.kanagaw)a|\.(?:hiroshima|ibaraki)|satsunai\.hokkaido|domari\.aomori)|ijin\.okinawa)\.jp|lo\.pl)|g(?:(?:a(?:(?:r(?:eyam)?a\.chib|hama\.shig|i\.yamagat)a|s(?:(?:aki\.nagas)?aki|u\.kumamoto)|no(?:(?:\.nagano)?|hara\.gunma)|to(?:\.yamaguchi|ro\.saitama)|oka(?:kyo\.kyoto|\.niigata)|wa\.nagano)|i(?:so\.nagano|\.okayama))\.jp|o(?:\.okinawa\.jp|ya))|t(?:u(?:r(?:a(?:l(?:(?:history(?:museum)?|sciences)\.museum|\.bo))?|(?:historisches|e)\.museum|bruksgymn\.se)|urwetenschappen\.museum)|i(?:on(?:al(?:firearms|heritage)?\.museum|wide)|veamerican\.museum)|ori\.miyagi\.jp|al\.br|\.tn)|n(?:(?:(?:(?:go\.fukushi|moku\.gun)m|yo\.yamagat|jo\.okinaw)a|(?:bu\.(?:yamanash|tottor)|koku\.koch)i|a(?:e\.hokkaido|o\.ishikawa)|t(?:an\.kyoto|o\.toyama)|poro\.hokkaido)\.jp|nestad\.no)|m(?:e(?:(?:ga(?:ta\.ibaraki|wa\.saitama)|rikawa\.toyama)\.jp|\.(?:m[kvy]|t[jrt]|[hp]r|e[gt]|n[ag]|az|cy|jo|qa|vn))?|i(?:e\.fukushima|kata\.ehime)\.jp|(?:s(?:skogan|os)|dalseid)\.no)|(?:(?:chikatsuura\.wakayam|oshima\.kagaw)a|ha(?:\.okinawa|ri\.kochi)|su(?:shiobara)?\.tochigi|(?:yoro|ie)\.hokkaido)\.jp|r(?:(?:u(?:sawa\.yamanashi|to\.tokushima)|a(?:shino\.chiba|(?:\.nara)?)|ita\.chiba)\.jp|(?:vi(?:ika|k)|oy)\.no)|v(?:(?:igation\.aer|uotna\.n)o|al\.museum|oi\.su|y)|u(?:mburg\.museum|stdal\.no)|(?:p(?:les|oli))?\.it|b(?:ari\.mie\.jp)?|amesjevuemie\.no|lchik\.[rs]u|dex)?|o(?:(?:(?:s(?:e(?:gawa\.nar|\.osak)|hiro\.akit)|noichi\.ishikaw)a|b(?:oribetsu\.hokkaido|eoka\.miyazaki)|g(?:ata\.fukuoka|i\.tochigi)|zawaonsen\.nagano)\.jp|m(?:\.(?:a[defgil]|g[delt]|p[aelw]|n[ciu]|r[eos]|[qz]a|c[lo]|k[em]|m[gk]|s[it]|t[jm]|u[gy]|v[cg]|es|fr|hn|im|li)|i\.ishikawa\.jp|bre\.bo|e\.pt)|r(?:(?:d(?:-(?:(?:aur|o)dal|fron)|re(?:-land|isa)|kapp|dal)|e-og-uvdal)\.no|t(?:h(?:-kazakhstan\.su|westernmutual|\.museum)|on)|folk\.museum)|t(?:o(?:(?:gawa\.shig|\.ishikaw)a\.jp|dden\.no)|(?:icias\.b|teroy\.n)o|aires\.(?:fr|km)|\.br)|w(?:-dns\.(?:net|org|top)|aruda\.pl|\.sh|ruz|tv)?|-ip\.(?:c(?:o\.uk|a)|info|biz|net|org)|d(?:a\.(?:chiba|iwate)\.jp|um\.[ci]o)|h(?:o(?:st\.me|\.st)|eji\.aomori\.jp)|\.(?:eu\.org|com|it)|v(?:\.[rs]u|ara\.it)|ip\.(?:me|us)|kia)?|i(?:s(?:hi(?:(?:a(?:(?:wakura\.okaya|izu\.fukushi)m|(?:rita\.sa|zai\.shi)g)|(?:\.(?:fukuo|osa)|izu\.shizuo)k|go\.fukushim)a|ka(?:t(?:sura\.yamanash|a\.tochig)i|wa\.yamagata)|no(?:omote\.kagoshima|shima\.shimane|miya\.hyogo)|(?:mera\.miyazak|tosa\.koch)i|o(?:koppe\.hokkaido|\.aichi)|hara\.(?:kumamoto|okinawa)|waki\.hyogo)\.jp|s(?:hin\.aichi\.jp|edal\.no|a[ny])|\.za)|(?:i(?:(?:(?:mi\.okay|za\.sait)am|(?:gata\.nii)?gat)a|kappu\.hokkaido|hama\.ehime)|(?:rasaki\.yamanas|yodogawa\.koc)hi)\.jp|k(?:(?:i\.hokkaido|ko\.tochigi|aho\.akita)\.jp|o(?:laev\.ua|n)|e)|c(?:hinan\.(?:miyazak|tottor)i\.jp|\.(?:in|tj)|o)|n(?:o(?:miya\.kanagawa|he\.iwate)\.jp|ja)|e(?:ruchomosci\.pl|pce\.museum)|t(?:tedal\.no|eroi\.br)|d\.io)?|e(?:t(?:\.(?:e(?:[ct]|(?:u\.or)?g)|m[aeklostuvwxyz]|p[aehklnrsty]|s[abcdghloty]|a[cefgilruz]|b[abhmorstz]|g[eglnprtuy]|t[hjmnortw]|c[imnouwy]|i[dlmnqrs]|l[abckrvy]|k[ginyz]|n[fgirz]|v[ceinu]|u[akyz]|d[moz]|h[knt]|j[eo]|r[uw]|z[am]|om|qa|ws)|(?:-freaks|lify)\.com|(?:ban|wor)k|flix)?|w(?:(?:jersey|mexico|port|york)\.museum|h(?:ampshire\.museum|olland)|s(?:paper\.museum|\.hu)?)?|(?:s(?:\.(?:akershus|buskerud)|odd(?:tang)?en|se(?:by|t)|na)|dre-eiker)\.no|(?:muro\.hokkaido|yagawa\.osaka)\.jp|(?:braska\.museu|at-url\.co)m|r(?:ima\.tokyo\.jp|dpol\.ovh)|\.(?:k[er]|u[gs]|jp|pw|tz)|u(?:es\.museum|star)|x(?:(?:tdirec)?t|us)|c)?|y(?:m\.(?:l[acitu]|m[enx]|s[kux]|[kn]z|b[yz]|g[ry]|p[et]|ie|ro|tw)|c(?:\.m(?:useum|n))?|uzen\.toyama\.jp|ny\.museum|sa\.pl|\.us)|u(?:ma(?:ta\.(?:hokkaido|gunma)|zu\.shizuoka)\.jp|(?:ern|rem)berg\.museum|\.(?:ca|it)|oro\.it)?|(?:(?:(?:øtte|æ)røy|ååmesjevuemie|ávuotna)\.n|4t\.c)o|t(?:\.(?:(?:edu\.)?au|[nr]o|ca)|dll\.top|r\.br|t)|g(?:o(?:\.(?:lk|ph|za))?|\.eu\.org|rok\.io)?|h(?:(?:(?:-serv\.co|s)\.u)?k|lfan\.net|\.us)|s(?:w(?:\.edu)?\.au|update\.info|n\.us|\.ca)|f(?:l(?:fan\.org)?|shost\.com|\.ca)?|l(?:\.(?:eu\.org|ca|no))?|r(?:w(?:\.museum)?|a)?|c(?:\.(?:tr|us))?|z(?:\.eu\.org)?|m\.(?:cn|us)|\.(?:bg|se)|b(?:\.c)?a|[djv]\.us|x\.cn)|c(?:[gmwx]|o(?:m(?:\.(?:s[abcdeghlnotvy]|b[abhimorstyz]|m[gklostuvwxy]|g[ehilnprtuy]|p[aefhklrsty]|a[cfgilruwz]|c[imnouwy]|l[abckrvy]|t[jmnortw]|k[gimpyz]|e[cegst]|n[afgir]|v[ceinu]|d[emoz]|h[knrt]|i[moqs]|r[eouw]|u[agyz]|[oz]m|fr|jo|qa|ws)|m(?:uni(?:cations?\.museum|ty(?:\.museum)?)|bank)|p(?:uter(?:(?:history)?\.museum)?|a(?:ny|re))|unicações\.museum|(?:o\.i|cas)t|sec)?|n(?:t(?:emporary(?:art)?\.museum|r(?:ol\.aero|actors)|a(?:gem\.br|ct))|s(?:ul(?:t(?:ing(?:\.aero)?|ant\.aero)|ado\.st)|truction)|f(?:erence\.aero|\.(?:au|lv))|vent\.museum|dos)|\.(?:c(?:[ailrz]|o?m)|k(?:rd?|e)|i[dlmnrt]|m[aeguwz]|n[ailoz]|t[hjmtz]|u[agksz]|a[egot]|b[biw]|g[gly]|p[lnw]|z[amw]|j[ep]|l[cs]|r[sw]|s[tz]|v[ei]|dk|hu|om)|l(?:o(?:(?:nialwilliamsburg|radoplateau)\.museum|gne)|le(?:ge(?:fan\.org)?|ction\.museum)|(?:umb(?:ia|us)|dwar)\.museum)|u(?:n(?:t(?:ry(?:estate\.museum)?|y\.museum)|cil\.aero)|chpotatofries\.org|pons?|rses)|o(?:p(?:\.(?:[ht]t|m[vw]|br|km|py)|erativa\.bo)?|king(?:channel)?|l)|r(?:(?:reios-e-telecomunicações|poration|vette)\.museum|sica)|a(?:(?:staldefence|l)\.museum|ch)|d(?:es(?:pot\.com)?|y\.museum)|s(?:tume\.museum|enza\.it)|penhagen\.museum|g\.mi\.us|ffee)?|h(?:i(?:(?:ku(?:s(?:hino\.fukuoka|ei\.ibaraki)|ho(?:ku\.nagano|\.fukuoka)|(?:[gj]o|zen)\.fukuoka|ma\.nagano)|(?:hayaakasaka\.osak|gasaki\.kanagaw|b)a|(?:jiwa\.nagasak|zu\.tottor)i|t(?:ose\.hokkaido|a\.aichi)|yoda\.(?:gunma|tokyo)|ppubetsu\.hokkaido)\.jp|r(?:urgiens-dentistes(?:-en-france)?\.fr|opractic\.museum|yu\.aichi\.jp)|c(?:hibu\.saitama\.jp|ago\.museum)|ldren(?:s(?:garden)?)?\.museum|n(?:o\.nagano\.jp|tai)|mkent\.su|eti\.it)|a(?:m(?:pionship\.aero|bagri\.fr)|n(?:nel(?:sdvr\.net)?|el)|t(?:tanooga\.museum)?|r(?:ter\.aero|ity)|se)|e(?:r(?:n(?:i(?:(?:go|hi)v|vtsi)|ovtsy)|kas?sy)\.ua|(?:sapeakebay|ltenham)\.museum|ap)|u(?:o\.(?:(?:(?:fukuo|osa)k|chib)a|yamanashi|tokyo)\.jp|ng(?:buk|nam)\.kr|rch)|o(?:(?:(?:yo\.kumamot|fu\.toky)o|(?:s[eh]i|nan)\.chiba)\.jp|colate\.museum)|r(?:ist(?:iansburg\.museum|mas)|ysler|ome)|\.(?:eu\.org|it)|tr\.k12\.ma\.us)?|a(?:r(?:r(?:ara-?massa\.it|ier\.museum)|t(?:oonart\.museum|ier)|bonia-?iglesias\.it|e(?:ers?)?|go\.aero|avan|d?s)?|m(?:p(?:i(?:na(?:grande|s)\.br|dano-?medio\.it)|(?:obasso|ania)\.it)?|bridge\.museum|dvr\.org|\.it|era)?|s(?:a(?:delamoneda\.museum|cam\.net)?|t(?:res|le)\.museum|e(?:rta\.it|ih)?|ino(?:\.hu)?|h)|l(?:(?:(?:tanissett|abri)a)?\.it|ifornia\.museum|vinklein|l)?|(?:-central-1\.elasticbeanstalk\.co|daques\.museu)m|t(?:an(?:zaro|ia)\.it|ering(?:\.aero)?|holic)?|p(?:e(?:breton\.museum|town)|ital(?:one)?)|n(?:(?:ada)?\.museum|cerresearch|on)|(?:hcesuolo\.n|a\.aer)o|\.(?:eu\.org|it|na|us)|b(?:le-modem\.org)?|gliari\.it|xias\.br|fe)?|l(?:o(?:ud(?:(?:(?:f(?:unctions|ront)|ycluster|eity)\.ne|a(?:ccess\.(?:hos|ne)|pp\.ne))t|ns\.(?:c(?:lub|c)|in(?:fo)?|p(?:ro|w)|asia|biz|org|eu|us)|\.(?:(?:fedoraproject\.or|goo)g|metacentrum\.cz)|control(?:app|led)\.com|66\.ws)?|ck\.museum|thing)|i(?:n(?:ton\.museum|i(?:que|c))|ck)|ub(?:\.(?:aero|tw)|med)?|e(?:verapps\.io|aning)|a(?:n\.rip|ims)|\.it)?|i(?:vil(?:(?:i[sz]ation|war)\.museum|aviation\.aero)|s(?:co(?:freak\.com)?|tron\.nl)|t(?:y(?:\.hu|eats)?|adel|ic?)|n(?:cinnati|ema)\.museum|e(?:ncia\.bo|szyn\.pl)|rc(?:us\.museum|le)|priani|m\.br|\.it)?|u(?:st(?:om(?:er\.(?:speedpartner\.de|enonic\.io)|\.metacentrum\.cz)|\.(?:d(?:isrec|ev)|testing|prod)\.thingdust\.io)|ltur(?:al(?:center)?|e)\.museum|i(?:aba\.br|sinella)|ritiba\.br|pcake\.is|neo\.it)?|r(?:e(?:dit(?:union|card)?|ation\.museum|mona\.it|w\.aero)|a(?:ft(?:s\.museum|ing\.xyz)|nbrook\.museum)|i(?:\.(?:br|nz)|mea\.ua|cket)|o(?:tone\.it|wn)|\.(?:it|ua)|uises?|s)?|c(?:\.(?:(?:m[adeinost]|a[klrsz]|i[adln]|w[aivy]|c[aot]|o[hkr]|v[ait]|[hr]i|d[ce]|g[au]|k[sy]|p[ar]|s[cd]|t[nx]|fl|la)\.us|n(?:[cdehjmvy]\.us|a)|u(?:t\.us|a))|i\.fr)?|e(?:[bo]|r(?:t(?:ification\.aero|mgr\.org)|n)|(?:ltic\.museu|chire\.co)m|\.(?:(?:gov|leg)\.br|it)|nter(?:\.museum)?|sena-?forlì?\.it)|n(?:(?:-north-1\.eb\.amazonaws\.com\.c|py\.gd)n|\.(?:eu\.org|com|it|ua)|[gt]\.br)?|y(?:o(?:n\.(?:link|site)|u)|(?:\.eu\.or|a\.g)g|mru(?:\.museum)?|ber\.museum)?|z(?:\.(?:eu\.org|it)|e(?:ladz|st)\.pl)?|\.(?:(?:cdn77\.or|b)g|la|se)|d(?:n77-ssl\.net|\.eu\.org)?|b(?:[ans]|g\.ru|\.it|re)|t\.(?:it|us)|s(?:\.it|c)|v(?:\.ua)?|pa\.pro|66\.me|f[ad]?|k\.ua|q\.cn)|h(?:i(?:(?:(?:gashi(?:(?:(?:hiroshima\.hiroshi|chichibu\.saita|agatsuma\.gun)m|\.(?:fuku(?:shim|ok)|okinaw)|n(?:aruse\.aki|e\.yamaga)t|o(?:saka\.osak|mi\.shig))a|k(?:a(?:g(?:ura\.hokkaido|awa\.kagawa)|wa\.hokkaido)|urume\.tokyo)|y(?:o(?:dogawa\.osak|shino\.nar)a|ama(?:to\.toky|\.kyot)o)|m(?:atsu(?:shima\.miyagi|yama\.saitama)|urayama\.tokyo)|s(?:umiyoshi\.osaka|hirakawa\.gifu)|izu(?:mo\.shimane|\.shizuoka)|(?:tsuno\.ko|ura\.ai)chi)|r(?:a(?:(?:t(?:suka\.kanagaw|a\.fukushim)|kata\.osak|ra\.okinaw)a|(?:do\.nagasak|nai\.aomor)i|izumi\.iwate|ya\.nagano)|o(?:(?:gawa\.wakayam|kawa\.fukuok)a|no\.(?:fukushima|iwate)|s(?:aki\.aomori|hima)|o\.hokkaido))|k(?:a(?:ri\.yamaguchi|wa\.shimane)|imi\.shimane|one\.shiga)|da(?:ka\.(?:(?:wakay|sait)ama|hokkaido|kochi)|\.gifu)|no(?:(?:hara|de)\.tokyo|\.to(?:ttori|kyo))|m(?:e(?:shima\.oita|ji\.hyogo)|i\.toyama)|(?:oki\.kagoshim|zen\.sag|ji\.oit)a)\.j|pho)p|s(?:to(?:r(?:i(?:c(?:al(?:society)?|houses)|sch(?:es)?)|y(?:ofscience)?)|ire)\.museum|a(?:yama\.fukuoka\.jp|mitsu))|t(?:a(?:chi(?:(?:(?:o(?:miy|t)|nak)a)?\.ibaraki\.jp)?|\.oita\.jp)|ra\.no)|c(?:hiso\.gifu\.jp|am\.net)|\.(?:cn|us)|v)|a(?:(?:k(?:u(?:(?:san|i)\.ishikawa|ba\.nagano)|o(?:date\.hokkaido|ne\.kanagawa)|ata\.fukuoka)|chi(?:(?:oji|jo)\.tokyo|rogata\.akita|nohe\.aomori)|ya(?:kawa\.yamanashi|shima\.okayama)|ebaru\.okinawa|zu\.aichi)\.jp|m(?:a(?:(?:t(?:onbetsu\.hokkaido|ama\.saga)|matsu\.shizuoka|da\.shimane)\.jp|r(?:oy)?\.no)|m(?:arfeasta|erfest)\.no|burg(?:\.museum)?|-radio-op\.net|ura\.tokyo\.jp)|n(?:(?:a(?:m(?:igawa\.chiba|aki\.iwate)|wa\.fukushima)|(?:n(?:o\.saitam|an\.osak)|yu\.saitam)a)\.jp|d(?:a\.aichi\.jp|son\.museum)|g(?:gliding\.aero|out))|s(?:h(?:i(?:m(?:oto\.wakayama|a\.gifu)|kami\.aomori)\.jp|bang\.sh)|u(?:ra(?:-app\.io|\.app)|da\.saitama\.jp)|am(?:i\.nagasaki|a\.oita)\.jp|vik\.no)|r(?:a(?:\.nagano\.jp|m\.no)|vestcelebration\.museum|(?:sta|ei)d\.no|ima\.hyogo\.jp)|t(?:(?:o(?:gay|yam)a\.saita|sukaichi\.hiroshi)ma\.jp|tfjelldal\.no)|b(?:(?:oro\.hokkaido|ikino\.osaka)\.jp|mer\.no)|g(?:(?:i\.yamaguch|a\.tochig)i\.jp|ebostad\.no)|l(?:loffame\.museum|(?:den|sa)\.no|f\.host)|d(?:ano\.kanagawa\.jp|sel\.no)|p(?:pou\.akita\.jp|mir\.no)|i(?:bara\.shizuoka\.jp|r)|u(?:gesund\.no|s)|waii\.museum|\.(?:cn|no))|o(?:me(?:s(?:e(?:curity(?:ma|p)c\.com|nse))?|lin(?:ux\.(?:com|net|org)|k\.one)|unix\.(?:com|net|org)|d(?:ns\.org|epot)|ftp\.(?:net|org)|office\.gov\.uk|-webserver\.de|\.dyndns\.org|built\.aero|ip\.net|goods)|n(?:(?:(?:j(?:o\.(?:saitam|akit)|yo\.akit)|go\.hiroshim)a|betsu\.hokkaido|ai\.ehime)\.jp|e(?:foss\.no|ywell)|da)|k(?:u(?:to\.(?:yamanashi|hokkaido)|ryu\.hokkaido)\.jp|k(?:aido\.jp|sund\.no))|r(?:o(?:(?:kanai|nobe)\.hokkaido\.jp|logy\.museum)|(?:nindal|ten)\.no|se)|l(?:(?:mestrand|t[aå]len|e)?\.no|dings|iday)|s(?:t(?:ing(?:-cluster\.nl)?)?|pital)|b(?:by-site\.(?:com|org)|[oø]l\.no)|t(?:el(?:\.(?:hu|lk|tz)|e?s)|mail)?|f(?:u\.yamaguchi\.jp|\.no)|y(?:landet|anger)\.no|use(?:\.museum)?|pto\.(?:org|me)|ckey|w)|e(?:r(?:o(?:y\.(?:more-og-romsdal|nordland)\.no|ku(?:app|ssl)\.com)|(?:øy\.(?:møre-og-romsdal|nordland)|ad)\.no|e(?:-for-more\.info)?|itage\.museum|mes)|alth(?:\.(?:museum|nz|vn)|-carereform\.com|care)?|m(?:bygdsforbund\.museum|(?:sedal|nes?)\.no)|l(?:sinki(?:\.museum)?|las\.museum|p)|(?:kinan\.aichi|guri\.nara)\.jp|imatunduhren\.museum|pforge\.org|\.cn)|(?:(?:ø(?:y(?:landet|anger)|nefoss)|á(?:(?:bme|pmi)r|mmárfeasta)|j(?:elmeland|artdal)|ægebostad|valer|å)\.n|zc\.i)o|u(?:\.(?:eu\.org|com|net)|issier-justice\.fr|manities\.museum|r(?:dal|um)\.no|ghes)?|y(?:u(?:ga\.miyazaki\.jp|ndai)|llestad\.no|ogo\.jp|att)|k(?:\.(?:c(?:om|n)|org)|t)?|b(?:\.c(?:ldmail\.ru|n)|o)|r(?:\.eu\.org)?|dfc(?:bank)?|l\.(?:cn|no)|s(?:\.kr|bc)|\.(?:bg|se)|(?:n\.c)?n|m(?:\.no)?|gtv|t)|i(?:[oq]|s(?:-(?:a(?:-(?:(?:(?:h(?:ard-work|unt)e|financialadviso)r|d(?:e(?:mocrat|signer)|octor)|t(?:e(?:acher|chie)|herapist)|r(?:epublican|ockstar)|n(?:ascarfan|urse)|anarchist|musician)\.com|c(?:(?:(?:ubicle-sla|onservati)ve|pa)\.com|a(?:ndidate\.org|terer\.com)|hef\.(?:com|net|org)|elticsfan\.org)|l(?:i(?:ber(?:tarian|al)\.com|nux-user\.org)|(?:a(?:ndscap|wy)er|lama)\.com)|p(?:(?:ersonaltrain|hotograph|lay)er\.com|a(?:inter\.com|tsfan\.org))|b(?:(?:(?:ookkeep|logg)er|ulls-fan)\.com|ruinsfan\.org)|s(?:o(?:cialist\.com|xfan\.org)|tudent\.com)|g(?:eek\.(?:com|net|org)|(?:reen|uru)\.com)|knight\.org)|n-(?:a(?:c(?:t(?:ress|or)|countant)|(?:narch|rt)ist)|en(?:tertain|gine)er)\.com)|(?:into-(?:(?:car(?:toon)?|game)s|anime)|(?:(?:not-)?certifie|with-theban)d|uberleet|gone)\.com|(?:very-(?:(?:goo|ba)d|sweet|evil|nice)|found)\.org|s(?:aved\.org|lick\.com)|l(?:eet\.com|ost\.org)|by\.us)|(?:hi(?:ka(?:w(?:a\.(?:fukushim|okinaw))?a|ri\.hokkaido)|nomaki\.miyagi|gaki\.okinawa)|umi\.chiba)\.jp|a(?:-(?:geek\.(?:com|net|org)|hockeynut\.com)|\.(?:kagoshima\.jp|us)|haya\.nagasaki\.jp)|e(?:(?:(?:(?:n\.kagoshi|saki\.gun)m|hara\.kanagaw)a|\.mie)\.jp|(?:rnia\.i|lec)t)|s(?:marterthanyou\.com|hiki\.aichi\.jp)|t(?:(?:eingeek|mein)\.de|anbul)?|l(?:eofman\.museum|a\.pr)|\.(?:eu\.org|gov\.pl|it)|maili)?|n(?:(?:a(?:(?:(?:mi\.(?:waka|to)ya|washiro\.fukushi)m|tsuki\.fukuok)a|(?:shiki\.ibarak|zawa\.aich)i|\.(?:ibaraki|saitama|nagano)|g(?:awa\.hyog|i\.toky)o|be\.mie)|(?:uyama\.ai|o\.ko)chi|zai\.chiba|e\.kyoto)\.jp|t(?:e(?:r(?:n(?:et-dns\.de|ational)|active\.museum)|l(?:ligence\.museum)?)|\.(?:eu\.org|a[rz]|c[io]|l[ak]|m[vw]|r[uw]|t[jt]|v[en]|bo|is|ni|pt)|l\.tn|uit)?|f(?:o(?:\.(?:n[afir]|t[nrtz]|a[tuz]|p[klr]|b[bo]|c[ox]|e[ct]|h[tu]|k[ei]|v[en]|gu|la|mv|ro|sd|zm))?|\.(?:br|cu|mk|ua)|initi)|d(?:i(?:an(?:a(?:polis)?|market)?\.museum|gena\.bo)|\.(?:[it]n|br|gt)|ustri(?:a\.bo|es)|er[oø]y\.no)|\.(?:n(?:[ai]|et)|eu\.org|u[as]|rs|th)|s(?:ur(?:ance(?:\.aero)?|e)|titute)|-(?:the-band\.net|addr\.arpa)|g(?:atlan\.hu|\.pa)?|c(?:heon\.kr|\.hk)?|vestments|k)?|w(?:a(?:t(?:(?:suki\.saitam|a\.shizuok)a|(?:e\.iwat)?e)|k(?:u(?:ni\.yamagu|ra\.ai)chi|i\.fukushima)|m(?:izawa\.hokkaido|a\.ibaraki)|n(?:ai\.hokkaido|uma\.miyagi)|fune\.tochigi|de\.wakayama|izumi\.iwate)\.jp|i\.nz|c)|t(?:a(?:(?:k(?:o\.ibaraki|ura\.gunma)|(?:bashi\.toky|mi\.hyog)o|yanagi\.aomori|no\.tokushima)\.jp|u)|o(?:igawa\.niigat|man\.okinaw|\.shizuok)a\.jp|\.(?:eu\.org|ao)|s\.me|v)?|c(?:[eu]|hi(?:ka(?:wa(?:\.(?:chiba|hyogo)|misato\.yamanashi)|i\.tochigi)|no(?:miya\.(?:aichi|chiba)|(?:seki|he)\.iwate)|(?:ba\.tokushim|hara\.chib)a)\.jp|\.gov\.pl|bc)|k(?:(?:eda\.(?:(?:hokkaid|nagan)o|fukui|osaka|gifu)|usaka\.nagano|oma\.nara)\.jp|a(?:(?:(?:ruga\.nar|wa\.akit)a|ta\.ehime)\.jp|no)|i\.(?:nagasaki\.jp|fi))|z(?:(?:u(?:m(?:i(?:(?:otsu|sano)\.osak|\.(?:kagoshim|osak)|zaki\.fukushim)a|o(?:zaki\.niigata|\.shimane))|(?:nokuni)?\.shizuoka)|ena\.okinawa)\.jp|\.hr)|m(?:a(?:(?:kane\.hokkaido|bari\.ehime|ri\.saga)\.jp|geandsound\.museum|mat)|izu\.toyama\.jp|(?:peria)?\.it|mo(?:bilien)?|b\.br|db)?|(?:i(?:zu(?:ka\.fukuoka|na\.nagano)|d(?:e\.yamagata|a\.nagano)|(?:ji|ya)ma\.nagano|tate\.fukushima)|heya\.okinawa|yo\.ehime)\.jp|b(?:(?:ara(?:ki(?:\.(?:ibaraki|osaka))?|\.okayama)|igawa\.gifu)\.jp|estad\.no|m)|d(?:\.(?:l[vy]|au|ir|us)|e\.kyoto\.jp|v\.(?:hk|tw)|rett\.no|f\.il)?|l(?:lustration\.museum|\.(?:eu\.org|us)|ovecollege\.info|awa\.pl)?|v(?:ano(?:-frankivsk\.ua|vo\.su)|(?:e(?:land\.n|c)|gu\.n)o)|r(?:(?:aq|on)\.museum|uma\.saitama\.jp|is(?:\.arpa|h))?|p(?:i(?:fony\.net|ranga)|6\.arpa)|a(?:mallama\.com|\.us)|glesias-?carbonia\.it|e(?:\.eu\.org|ee)?|\.(?:[bn]g|ph|se)|f(?:\.ua|m)|234\.me)|b(?:[fw]|a(?:r(?:sy(?:\.(?:s(?:upport|hop|ite)|m(?:e(?:nu)?|obi)|i(?:n(?:fo)?|o)|c(?:o\.uk|lub)|o(?:nline|rg)|p(?:ro|ub)|net|bg|de|eu|uk)|online\.co(?:\.uk|m)|center\.com)|(?:(?:letta(?:-trani-|trani)andria|i)\.i|efoo)t|c(?:elona(?:\.museum)?|lay(?:card|s))|re(?:l?l-of-knowledge\.info|au\.bj)|u(?:eri\.br|m\.no)|(?:du\.n|\.pr)o|gains)?|l(?:s(?:an(?:-su[ë]?dtirol)?\.it|fjord\.no)|l(?:ooning\.aer|angen\.n)o|e(?:strand\.no|\.museum)|a(?:shov\.su|t\.no)|timore\.museum)|s(?:e(?:ball(?:\.museum)?|l\.museum)|(?:ilicata)?\.it|hkiria\.[rs]u|ketball)|n(?:d(?:(?:ai\.fukushima|o\.ibaraki)\.jp)?|a(?:narepublic|mex)|k)|t(?:o\.tochigi\.jp|hs\.museum|sfjord\.no)|(?:(?:jddar|mble)\.n|ckplaneapp\.i)o|h(?:c?cavuotna\.no|n\.museum)|da(?:joz\.museum|ddja\.no)|\.(?:(?:gov|leg)\.br|it)|u(?:ern\.museum|haus)|b(?:ia-gora\.pl|y)|id(?:ar\.no|u)|ghdad\.museum|yern)?|o(?:l(?:(?:zano(?:-altoadige)?|ogna)\.it|dlygoingnowhere\.org|eslawiec\.pl|ivia\.bo|t\.hu)|t(?:an(?:ic(?:al(?:garden)?|garden)|y)\.museum)?|u(?:n(?:ty-full\.com|ceme\.net)|tique)|\.(?:(?:nordland|telemark)\.no|it)|s(?:t(?:on(?:\.museum)?|ik)|ch)|zen(?:-su[ë]?dtirol)?\.it|o(?:k(?:ing)?|mla\.net)?|a(?:vista\.br|ts)|(?:d[oø]|kn)\.no|n(?:n\.museum|d)|x(?:fuse\.io)?|m(?:lo\.no)?|ehringer|fa)?|i(?:z(?:\.(?:p[klr]|t[jrt]|a[tz]|m[vw]|n[ir]|bb|cy|dk|et|id|ki|ua|vn|zm)|en\.okayama\.jp)?|r(?:(?:thplace|dart)\.museum|atori\.hokkaido\.jp|kenes\.no|\.ru)|e(?:l(?:awa\.pl|la\.it)|i\.hokkaido\.jp|szczady\.pl|v[aá]t\.no)|b(?:ai\.hokkaido\.jp|le(?:\.museum)?)|(?:l(?:bao|l)\.museu|tballoon\.co)m|(?:fuka|horo)\.hokkaido\.jp|al(?:owieza|ystok)\.pl|n(?:dal\.no|go?)|o(?:\.br)?|\.it|ke|d)?|r(?:o(?:(?:wsersafetymark\.i|nnoy(?:sund)?\.n)o|ke(?:r(?:\.aero)?|-it\.net)|ad(?:cast\.museum|way)|ther)|u(?:ssel(?:s(?:\.museum)?|\.museum)|(?:xelles|nel)\.museum|munddal\.no)|a(?:nd(?:ywinevalley\.museum|\.se)|sil(?:\.museum|ia\.me)|desco)|i(?:(?:tish(?:columbia)?|stol)\.museum|ndisi\.it|dgestone)|e(?:manger\.no|scia\.it)|y(?:ansk\.su|ne\.no)|ønnøy(?:sund)?\.no|\.(?:com|it))?|e(?:r(?:g(?:(?:en)?\.no|bau\.museum|amo\.it)|l(?:in(?:\.museum)?|ev[aå]g\.no)|(?:keley|n)\.museum)|a(?:r(?:alv[aá]hki|du)\.no|u(?:xarts\.museum|ty)|ts)|l(?:l(?:evue\.museum|uno\.it)|(?:em\.b|\.t)r|au\.pw)|t(?:a(?:\.bounty-full|inabox)\.com|ter-than\.tv)?|e(?:ldengeluid\.museum|p\.pl|r)|s(?:t(?:buy)?|kidy\.pl)|n(?:evento\.it|tley)|ppu\.oita\.jp|\.eu\.org|dzin\.pl|iarn\.no)?|l(?:o(?:g(?:s(?:pot\.(?:c(?:[afhlvz]|o(?:m(?:\.(?:e[egs]|a[ru]|b[ry]|c[oy]|mt|ng|tr|uy))?|\.(?:i[dl]|at|ke|nz|uk|za)))|m[dkrxy]|s[egikn]|b[aegj]|i[enst]|r[eosu]|a[elm]|h[kru]|l[itu]|[gk]r|d[ek]|f[ir]|n[lo]|p[et]|t[dw]|jp|qa|ug|vn)|ite\.(?:org|xyz)|yte\.com)|dns\.(?:com|net|org)|\.b[or])?|xcms\.com|ckbuster|omberg)|a(?:ck(?:baudcdn\.net|friday)?|nco)|\.it|ue)|u(?:n(?:go(?:takada|ono)\.oita|kyo\.tokyo)\.jp|s(?:(?:hey)?\.museum|an\.kr|iness)|lsan(?:-su[ë]?dtirol)?\.it|ild(?:ing\.museum|ers)?|z(?:en\.fukuoka\.jp|z)|d(?:ejju\.no|apest)|y(?:shouses\.net)?|rghof\.museum|khara\.su|gatti|\.no)|(?:á(?:(?:jdda|idá)r|hc?cavuotna|lát)|ø(?:\.(?:nordland|telemark)|mlo)|å(?:tsfjord|dåddjå)|ærum)\.no|y(?:(?:dgoszcz|tom)\.pl|(?:gland|kle)\.no|en\.site)?|j(?:(?:ark[oø]y|erkreim|ugn)\.no|\.cn)?|\.(?:s(?:sl\.fastly\.net|e)|b[gr])|m(?:[sw]|oattachments\.org|d\.br)?|c(?:[gn]|i\.dnstrace\.pro|\.ca)|n(?:pparibas|r\.la|\.it|l)|g(?:\.(?:eu\.org|it))?|placed\.(?:com|net|de)|b(?:[ct]|s\.tr|va)?|h(?:z\.br|arti)?|s(?:b\.br|\.it)?|z(?:\.it|h)?|(?:t\.i)?t|v(?:\.nl)?|d\.se)|o(?:r(?:g(?:\.(?:m[aegklnostuvwxyz]|s[abcdeghlnotvyz]|b[abhimorstwz]|g[eghilnprtuy]|p[aefhklnrsty]|a[cefgilruz]|l[abckrsvy]|k[gimnpyz]|t[jmnortw]|c[inouwy]|i[lmnqrs]|e[cegst]|n[agirz]|u[agkyz]|v[ceinu]|h[kntu]|d[moz]|r[osu]|z[amw]|j[eo]|om|qa|ws)|anic)?|\.(?:c[ir]|i[dt]|k[er]|t[hz]|u[gs]|at|bi|jp|mu|na|pw)|(?:k(?:anger|dal)|s(?:kog|ta)|land)\.no|a(?:\.gunma\.jp|(?:cl|ng)e)|egon(?:trail)?\.museum|i(?:stano\.it|gins))|s(?:a(?:k(?:i(?:kamijima\.hiroshima|\.miyagi)\.jp|a(?:(?:sayama\.osaka)?\.jp)?)|sco\.br)|t(?:r(?:o(?:w(?:wlkp|iec)|(?:lek|d)a)\.pl|e-toten\.no)|er[oø]y\.no)|h(?:i(?:ma\.(?:yamaguchi|tokyo)|no\.yamanashi)|u\.iwate)\.jp|(?:\.h(?:ordaland|edmark)|(?:[oø]yr|l)o)\.no|e(?:to\.nagasaki\.jp|n\.no))|t(?:a(?:(?:k(?:i\.(?:(?:saitam|chib)a|nagano)|e\.hiroshima)|r(?:u\.hokkaid|i\.nagan)o|\.(?:gunma|tokyo)|ma\.fukushima)\.jp|go\.museum)|su(?:k(?:i\.(?:yamanas|koc)hi\.jp|a)|(?:chi\.iwate|\.shiga)\.jp)|o(?:(?:(?:fuk|b)e|ineppu)\.hokkaido|\.fukuoka|yo\.kochi)\.jp|(?:\.i)?t|her\.nf)|k(?:(?:a(?:ya(?:(?:ma\.okaya)?ma|\.nagano)|wa\.(?:fukuoka|kochi)|gaki\.fukuoka|zaki\.aichi)|u(?:izumo\.shimane|ma\.fukushima|tama\.tokyo)|e(?:gawa\.saitama|to\.hokkaido)|oppe\.hokkaido)\.jp|i(?:n(?:awa(?:(?:\.okinawa)?\.jp)?|oshima\.shimane\.jp)|\.fukuoka\.jp)|snes\.no|\.us)|n(?:(?:o(?:(?:michi\.hiroshim|jo\.fukuok)a|\.(?:fuku(?:shima|i)|hyogo))|(?:juku\.chib|na\.okinaw)a|agawa\.miyagi)\.jp|-(?:aptible\.com|the-web\.tv|web\.fr)|t(?:ario\.museu|hewifi\.co)m|l(?:ine(?:\.museum)?)?|g(?:a\.fukuoka\.jp)?|(?:yoursid)?e|\.ca|ion)|g(?:(?:a(?:wa(?:\.(?:ibaraki|saitama|nagano)|ra\.miyagi)|(?:(?:ta)?\.akit|no\.saitam)a|sawara\.tokyo|ki\.gifu)|(?:o(?:ri\.fukuok|se\.saitam)|i(?:mi\.okinaw|\.sag))a|u(?:ni\.(?:kumamoto|yamagata)|chi\.aichi))\.jp|\.(?:ao|it)|liastra\.it)|m(?:(?:i(?:(?:hachiman\.shig|gawa\.chib|ya\.saitam)a|\.n(?:iigata|agano)|tama\.ibaraki)|u(?:ra\.nagasaki|ta\.fukuoka)|otego\.fukushima)\.jp|a(?:(?:chi\.(?:nagano|saga)|ezaki\.shizuoka)\.jp|svuotna\.no|ha\.museum)|e(?:\.tokyo\.jp|ga))?|b(?:(?:a(?:ma\.(?:nagasak|fuku)i|nazawa\.yamagata)|u(?:se\.nagano|\.aichi))\.jp|i(?:(?:hiro|ra)\.hokkaido\.jp)?|ninsk\.su|server)|i(?:(?:s(?:hida\.yamagat|o\.kanagaw)|(?:ta\.oi)?t|zumi\.gunm|\.kanagaw)a\.jp|r(?:ase\.aomori\.jp|m\.gov\.pl))|h(?:(?:(?:i(?:ra\.(?:tochi|miya)g|\.fuku)|tawara\.tochig|aru\.aich)i|kura\.yamagata|da\.shimane)\.jp|\.us)|y(?:(?:a(?:ma(?:zaki\.kyoto|\.tochigi)|be\.toyama)|odo\.nara)\.jp|(?:stre-slidre|garden|er)\.no|\.lc)|p(?:e(?:n(?:craft\.hosting|air\.museum)?|raunite\.com)|p(?:eg[aå]rd|dal)\.no|o(?:czno|le)\.pl)|l(?:a(?:yan(?:group)?|wa\.pl)|(?:sztyn|ecko|kusz)\.pl|bia-?tempio\.it|(?:\.n|l)o|dnavy)|(?:(?:ji(?:ya\.niigat|\.nar)|e\.yamagat)a|a(?:mishirasato\.chiba|rai\.ibaraki))\.jp|f(?:f(?:ic(?:e(?:-on-the\.net)?|ial\.academy)|\.ai)?|unato\.iwate\.jp|\.(?:by|no))|u(?:m(?:u\.hokkaido\.jp|\.gov\.pl)|(?:chi\.sag|da\.nar)a\.jp|tsystemscloud\.com)|w(?:n(?:(?:provider\.co|\.p)m|ip\.net)|a(?:riasahi\.aich|ni\.aomor)i\.jp)|d(?:a(?:wara\.kanagaw|te\.akit)a\.jp|(?:es?sa)?\.ua|da\.no|o\.br)|z(?:(?:u\.(?:kumamoto|ehime)|ora\.hokkaido)\.jp|\.au)|c(?:eanographi(?:que|c)\.museum|hi\.kochi\.jp)|o(?:(?:shik|kuw)a\.nagano\.jp|guy\.com|o)|v(?:(?:re-eiker|erhalla)\.no|h)|x(?:ford\.museum|\.rs)|\.(?:bg|se))|f(?:u(?:(?:k(?:u(?:(?:(?:yama\.hiroshi|mitsu\.toya)m|(?:roi\.shizu)?ok|domi\.sag)a|s(?:hima(?:\.(?:fukushima|hokkaido))?|aki\.hyogo)|chi(?:yama\.kyoto|\.fukuoka)|(?:i\.fuku)?i)|a(?:gawa\.hokkaido|ya\.saitama))|chu\.(?:to(?:yama|kyo)|hiroshima)|dai\.iwate)\.jp|ji(?:(?:(?:(?:(?:(?:nomiy|ed)a)?\.shizuo|idera\.osa)k|oka\.gunm)a|s(?:a(?:wa\.(?:kanagawa|iwate)|to\.akita)|hiro\.ibaraki)|kawa(?:\.(?:yamanashi|shizuoka)|guchiko\.yamanashi)|mi(?:\.(?:saitama|nagano)|no\.saitama)|yoshida\.yamanashi)\.jp|xerox|tsu)|r(?:(?:u(?:dono\.fukushima|bira\.hokkaido|kawa\.miyagi)|ano\.hokkaido)\.jp|niture(?:\.museum)?)|t(?:(?:(?:aba\.fukushim|tsu\.chib)a|su\.nagasaki)\.jp|ure(?:host|mail)ing\.at|bol)|n(?:a(?:gata\.yamagat|hashi\.toyam|bashi\.chib)a\.jp|d(?:acio\.museum)?)?|e(?:fuki\.yamanashi\.jp|ttertdasnetz\.de|l\.aero)|s(?:(?:sa\.tokyo|o\.aichi)\.jp|a\.no)|o(?:isku|ssko)\.no)|r(?:o(?:m(?:-(?:(?:i[adln]|w[aivy]|o[hkr]|[hr]i|d[ce]|k[sy]|p[ar]|s[cd]|t[nx]|v[at]|fl|ga|ut)\.com|m(?:[adinost]\.com|e\.org)|n(?:[cdehjmv]\.com|y\.net)|a(?:[klr]\.com|z\.net)|c(?:[at]\.com|o\.net)|la\.net)|\.hr)|g(?:\.museum|n\.no|ans)|s(?:inone\.it|ta\.no)|(?:land|ya)\.no|nt(?:doo|ie)r)|e(?:e(?:box(?:-os\.(?:com|fr)|os\.(?:com|fr))|d(?:dns\.(?:org|us)|esktop\.org)|(?:tls\.fastly\.ne|site\.hos)t|masonry\.museum)?|i(?:(?:ght\.aer|\.n)o|burg\.museum)|drikstad\.no|senius)|i(?:uli-?v(?:e(?:nezia)?)?-?giulia\.it|bourg\.museum)|an(?:(?:ziskaner|caise|kfurt)\.museum|a\.no)|\.(?:eu\.org|it)|(?:æn|øy)a\.no|l)?|i(?:r(?:e(?:wall-gateway\.(?:com|net|de)|baseapp\.com|nze\.it|stone)?|m(?:\.(?:[cr]o|dk|ht|in|nf|ve)|dale))|n(?:(?:earts?|land)\.museum|a(?:nc(?:ial|e)|l)|\.(?:ec|tn)|n[oø]y\.no)|l(?:m(?:\.(?:museum|hu))?|atelia\.museum|egear\.me)|e(?:ld\.museum|\.ee)|\.(?:eu\.org|cr|it)|t(?:jar\.no|ness)?|gueres\.museum|d(?:elity|o)|sh(?:ing)?|at)?|o(?:r(?:-(?:(?:(?:mor|som|th)e|better)\.biz|our\.info)|t(?:(?:missoula|worth)\.museum|al\.br)|got\.h(?:er|is)\.name|um(?:z\.info|\.hu)?|lì?-?cesena\.it|sa(?:nd\.no|le)|d(?:e\.no)?|ce\.museum|ex)|(?:l(?:kebib|lda)l|snes)\.no|o(?:d(?:network)?|tball)?|undation(?:\.museum)?|[tz]\.br|ggia\.it|x)?|a(?:r(?:m(?:e(?:quipment\.museum|rs(?:\.museum)?)|(?:stead)?\.museum)?|sund\.no|\.br)|s(?:t(?:(?:panel\.direc|lylb\.ne)t|vps-server\.com)?|hion)|m(?:ily(?:ds\.(?:com|net|org)|\.museum)?|\.pk)|n(?:tasyleague\.cc|s)?|i(?:rwinds|th|l)|uske\.no|ge)|l(?:o(?:r(?:i(?:da\.museum|pa\.br|st)|[aoø]\.no|ence\.it)|g\.br|wers)|a(?:(?:tanger|kstad)?\.no|nders\.museum)|y(?:nnh(?:osting\.net|ub\.com))?|(?:e(?:kkefjord|sberg)|å)\.no|i(?:ght(?:\.aero|s)|(?:ck)?r)|t\.cloud\.muni\.cz|\.us)|e(?:d(?:ora(?:infracloud|people)\.org|e(?:ration\.aero|x)|je\.no|\.us)|r(?:r(?:ar(?:a\.it|i)|ero)|mo\.it)|(?:ste-ip\.ne|\.i)t|t(?:sund)?\.no|ira\.br|edback)|h(?:s(?:k\.se|\.no)|app\.xyz|v?\.se)|y(?:(?:lkesbib|resda)l\.no|i)|(?:(?:nd|st)\.b|bx-?os\.f)r|j(?:(?:aler|ell)\.no|\.cn)|m(?:\.(?:br|it|no))?|t(?:paccess\.cc|r)|(?:v?g|c)\.it|\.(?:bg|se)|ørde\.no)|g(?:[fhpqt]|o(?:v(?:\.(?:m[aegklnorsuvwyz]|n(?:(?:c\.t)?r|g)|b[abfhmrstyz]|s[abcdghltxy]|a[ceflrsuz]|c[dlmnouxy]|l[abckrtvy]|p[hklnrsty]|t[jlmnortw]|g[ehinruy]|i[elnqrst]|k[gimnpyz]|e[cegt]|d[moz]|r[suw]|v[cen]|z[amw]|u[ak]|hk|jo|om|qa|ws)|ernment\.aero|t\.nz)?|t(?:(?:emba\.shizuoka|o\.nagasaki|su\.shimane)\.jp|dns\.(?:c(?:om|h)|org)|pantheon\.com)?|\.(?:(?:dyndns\.or|u)g|(?:gov|leg)\.br|t[hjz]|c[ir]|i[dt]|k[er]|jp|pw)|b(?:\.(?:p[aek]|[bd]o|e[cs]|ar|cl|gt|hn|mx|ni|sv|ve)|o\.wakayama\.jp)|o(?:g(?:le(?:(?:apis|code)\.com)?)?|d(?:hands|year))?|s(?:(?:e(?:n\.niigat|\.nar)a|hiki\.hyogo)\.jp|\.pk)|l(?:f(?:fan\.us)?|d(?:point)?|\.no)|r(?:ge\.museum|izia\.it|lice\.pl)|uv\.(?:bj|ci|fr|ht|km|ml|rw|sn)|k(?:ase\.miyazaki\.jp|\.pk)|n(?:ohe\.aomori\.jp|\.pk)|d(?:o\.gifu\.jp|addy)|i(?:ania\.br|p\.de)|jome\.akita\.jp|p(?:\.pk)?)|r(?:o(?:u(?:ndhandling\.aero|p(?:\.aero)?)|ks-th(?:is|e)\.info|n(?:dar\.za|g\.no)|zny\.[rs]u|sseto\.it|cery)|a(?:n(?:drapids\.museum|(?:vin|e)?\.no)|t(?:angen\.no|is)|z\.museum|jewo\.pl|inger|phics)|i(?:w\.gov\.pl|mstad\.no|pe)|\.(?:eu\.org|com|it|jp)|u(?:e\.no|\.br)|e(?:ta\.fr|en)|p\.lk)?|e(?:o(?:rg(?:ia\.(?:museum|su)|e)|metre-expert\.fr|logy\.museum)|n(?:\.(?:mi\.us|in|nz|tr)|kai\.saga\.jp|t(?:ing)?|ov?a\.it)|e(?:k(?:galaxy\.com|\.nz)|lvinck\.museum)|t(?:myip\.com|s-it\.net)|mological\.museum|isei\.kochi\.jp|\.it|a)?|a(?:m(?:e(?:-(?:server\.cc|host\.org)|s(?:\.hu)?|\.tw)?|(?:agori\.aichi|o\.shiga)\.jp|vik\.no)|l(?:l(?:ery(?:\.museum)?|up|o)|sa\.no)?|(?:u(?:sdal|lar)|ivuotna)\.no|ng(?:aviika\.no|won\.kr)|rden(?:\.museum)?|teway\.museum|\.us|p)?|i(?:t(?:hub(?:usercontent\.com|\.io)|-repos\.de|lab\.io)|n(?:o(?:wan|za)\.okinawa|an\.gifu)\.jp|e(?:htavuoatna\.no|ssen\.museum)|f(?:(?:u\.gif)?u\.jp|ts?)|(?:ldesk[aå]l|ske)\.no|v(?:ing|es)|ize\.com)?|l(?:o(?:b(?:al(?:\.(?:prod|ssl)\.fastly\.net)?|o)|ppen\.no|gow\.pl)|a(?:s(?:s(?:\.museum)?|\.museum)|de)|i(?:ding\.aero|wice\.pl)|e(?:eze\.com)?|ug\.org\.uk)?|u(?:(?:(?:shikami\.okinaw|nm)a|jo\.gifu)\.jp|(?:ovdageaidnu|len)\.no|a(?:m\.gu|rdian)|ernsey\.museum|i(?:tars|de)|b\.uy|\.us|cci|ge|ru)?|s(?:\.(?:(?:s(?:[ft]|valbard)|o(?:[fl]|slo)|jan-mayen|a[ah]|h[lm]|n[lt]|t[mr]|v[af]|bu|fm|mr|rl)\.no|cn)|m\.pl)?|(?:j(?:e(?:r(?:drum|stad)|mnes|sdal)|[oø]vik)|á(?:(?:ŋgaviik|ivuotn)a|lsá))\.no|y(?:eong(?:buk|nam|gi)\.kr|okuto\.kumamoto\.jp)?|d(?:(?:a(?:nsk)?|ynia)\.pl|(?:\.c)?n)?|w(?:iddle\.co\.uk|angju\.kr)?|m(?:[ox]|(?:ina\.p|ai)l|bh)?|b(?:\.(?:com|net)|iz)?|n(?:iezno\.pl)?|g(?:f\.br|ee)?|\.(?:bg|se)|[xz]\.cn|v\.a[ot]|12\.br|c\.ca)|p(?:a(?:r(?:is(?:\.(?:eu\.org|museum))?|a(?:chut|glid)ing\.aero|t(?:(?:ner)?s|i\.se|y)|(?:och\.k12\.ma\.u)?s|liament\.(?:cy|nz)|ma\.it)|l(?:m(?:springs\.museum|as\.br)|e(?:o\.museum|rmo\.it)|ace\.museum)|s(?:s(?:enger-association\.aero|agens)|adena\.museum)|n(?:a(?:ma\.museum|sonic)|theonsite\.io|erai)|ge(?:(?:speedmobilizer|frontapp)\.com)?|\.(?:gov\.(?:br|pl)|leg\.br|it|us)|d(?:erborn\.museum|(?:ov|u)a\.it)|cific\.museum|tria\.bo|via\.it|y)?|r(?:o(?:\.(?:[bp]r|[ht]t|az|cy|ec|mv|na|om|vn)|d(?:uction(?:\.aero|s))?|f(?:esional\.bo|\.pr)?|t(?:onet\.io|ection)|pert(?:ies|y)|ject\.museum|chowice\.pl|gressive|mo)?|es(?:s(?:\.(?:m(?:useum|a)|aero|cy|se)|e\.(?:ci|fr|km|ml))?|(?:ervation|idio)\.museum)|i(?:v(?:atizehealthinsurance\.net|\.(?:at|hu|me|no|pl))|(?:\.e|m)e|ncipe\.st)|\.(?:(?:gov|leg)\.br|it|us)|u(?:(?:szkow\.p|dentia)l)?|a(?:merica|to\.it|xi)|d\.(?:fr|km|mg)|zeworsk\.pl)?|o(?:r(?:t(?:(?:l(?:ligat|and)|al)\.museum|\.fr)|s(?:ang(?:er|u)|grunn|áŋgu)\.no|denone\.it|n)|l(?:i(?:ti(?:ca\.bo|e)|ce\.uk)|\.(?:dz|ht|tr)|kowice\.pl|tava\.ua)|d(?:(?:lasi|hal)e\.pl|zone\.(?:net|org))|st(?:s-and-telecommunications\.museum)?|i(?:nt(?:2this\.com|to\.us)|vron\.org)|(?:(?:mor(?:ski|z)e|wiat|znan)\.p|h)l|t(?:ager\.org|enza\.it)|k(?:rovsk\.su|er)|\.(?:gov\.pl|it)|a\.br)|i(?:(?:e(?:dmont|monte)\.i|a(?:cenza\.i|ge))t|l(?:ot(?:s\.museum|\.aero)|a\.pl)|(?:ttsburgh\.museu|xolino\.co)m|\.(?:(?:gov|leg)\.br|it)|s(?:(?:toi)?a\.it|z\.pl)|n(?:[gk]|b\.gov\.pl)?|c(?:t(?:ures|et)|s)|ppu\.hokkaido\.jp|mienta\.org|w\.gov\.pl|oneer|zza|d)|h(?:o(?:to(?:graphy(?:\.museum)?|s)?|enix\.museum|ne)|il(?:a(?:delphi(?:aare)?a|tely)\.museum|ips)|armac(?:ien(?:s\.km|\.fr)|y(?:\.museum)?)|ysio|d)?|l(?:a(?:(?:n(?:t(?:ation|s)|etarium)|za)\.museum|y(?:station)?|ce)|u(?:rinacional\.bo|mbing|s)|c\.(?:co\.im|ly|uk)|\.(?:eu\.org|ua)|o\.ps)?|e(?:r(?:so\.(?:[st]n|ht)|\.(?:la|nf|sg)|ugia\.it)|\.(?:(?:(?:gov|leg)\.b|k)r|ca|it)|(?:s(?:aro-?urbino|cara)\.i)?t|nza\.su)?|u(?:b(?:l(?:i(?:shproxy\.co|c\.museu)m|\.pt)|ol\.museum|\.sa)?|(?:p\.gov|lawy)\.pl|(?:g(?:lia)?)?\.it|eblo\.bo)|v(?:t\.(?:k12\.ma\.us|ge)|h\.br|\.it)|s(?:(?:se|p)\.gov\.pl|[ci]\.br)?|t(?:\.(?:eu\.org|it)|plus\.fit)?|g(?:(?:afan\.ne|\.i)t|fog\.com)|c(?:\.(?:it|pl)|loud\.host|cw)|p(?:\.(?:az|ru|se|ua)|g\.br)|b\.(?:(?:gov|leg)\.br|ao)|y(?:atigorsk\.ru)?|n(?:\.it|c)?|\.(?:bg|se)|m(?:n\.it)?|f(?:izer)?|[dz]\.it|wc?|k)|d(?:[jmz]|e(?:v(?:ices\.resinstaging\.io|-myqnapcloud\.com|\.static\.land|elopment\.run)?|l(?:(?:menhorst|aware)\.museum|l(?:-?ogliastra\.it)?|ivery|oitte|ta)|s(?:i(?:gn(?:\.(?:museum|aero))?)?|a\.id)|f(?:inima\.(?:net|io)|ense\.tn|\.br)|p(?:o(?:t\.museum|rte\.bo)|\.no)|(?:corativearts|troit)\.museum|n(?:mark\.museum|t(?:ist|al))|mo(?:cra(?:cia\.bo|t)|n\.nl)|\.(?:co(?:ol|m)|eu\.org|us)|a(?:l(?:er|s)?|tnu\.no)|bian\.net|dyn\.io|gree)?|y(?:n(?:dns(?:-(?:(?:offic|remot|fre|hom)e|at-(?:home|work)|w(?:iki|ork|eb)|server|blog|mail|pics|ip)\.com|\.(?:ddnss\.de|info|biz|org|tv|ws)|1\.de)|a(?:mi(?:sches-dns\.de|c-dns\.info)|lias\.(?:com|net|org)|thome\.net)|\.(?:(?:cosidn|ddns)s|home-webserver)\.de|-(?:(?:ip24|vpn)\.de|o-saur\.com)|v(?:6\.net|pn\.de)|serv\.org|ns\.com|u\.net)|r[oø]y\.no|\.fi)|a(?:[dy]|t(?:to(?:(?:relay|web)\.com|local\.(?:com|net))|e(?:\.(?:fukushima|hokkaido)\.jp)?|a(?:base\.museum)?|ing|sun)|(?:i(?:(?:wa\.hiroshim|sen\.akit|to\.osak)a|go\.ibaraki)|zaifu\.fukuoka)\.jp|(?:l(?:las|i)\.museu|mnserver\.co)m|vve(?:nj[aá]rg|siid)a\.no|(?:e(?:jeon|gu)\.k|bu)r|(?:plie\.m|nc)e|gestan\.[rs]u)|o(?:[gt]|n(?:texist\.(?:com|net|org)|ostia\.museum|etsk\.ua|na\.no)|es(?:ntexist\.(?:com|org)|-it\.net)|m(?:inic\.ua|ains)|omdns\.(?:com|org)|shi\.yamanashi\.jp|lls\.museum|c(?:tor|s)|vre\.no|wnload|dge|ha)?|i(?:s(?:co(?:ver(?:y\.museum)?|unt)|kstation\.(?:org|eu|me)|h)|(?:nosaur\.museu|tchyourip\.co)m|vt(?:tasvuot|asvuod)na\.no|e(?:lddanuorri\.no|t)|rect(?:ory)?|amonds|gital|y)|n(?:s(?:alias\.(?:com|net|org)|dojo\.(?:com|net|org)|up(?:dater\.de|\.net)|(?:home\.d|for\.m)e|iskinky\.com|king\.ch)|i(?:propetrovsk\.ua|\.us)|(?:epropetrovsk)?\.ua|p)|r(?:a(?:y(?:d(?:dns\.com|ns\.de)|-dns\.de)|(?:ngedal|mmen)\.no)|eamhosters\.com|ud\.(?:io|us)|[oø]bak\.no|\.(?:na|tr)|ive)|d(?:ns(?:(?:(?:fre|liv)e|geek|king)\.com|s\.(?:org|de)|\.(?:net|me))|r\.museum|-dns\.de|s)|s(?:cloud\.(?:m(?:obi|e)|biz)|mynas\.(?:com|net|org)|t\.mi\.us)|u(?:r(?:ham\.museum|ban)|ck(?:dns\.org)?|n(?:lop|s)|pont|bai)|v(?:r(?:cam\.info|dns\.org)?|ag)|(?:gca\.aer|ønna\.n)o|(?:lugoleka\.p|h)l|f\.(?:gov|leg)\.br|k(?:\.eu\.org)?|c(?:\.us|lk)|\.(?:bg|se)|p\.ua|tv)|l(?:[bkr]|i(?:b\.(?:(?:m[adeinost]|n[cdehjmvy]|a[klrsz]|i[adln]|c[aot]|o[hkr]|v[ait]|w[aiy]|[hr]i|d[ce]|g[au]|k[sy]|p[ar]|s[cd]|t[nx]|fl|la|ut)\.us|ee)|n(?:k(?:yard(?:-cloud\.ch|\.cloud)|itools\.space)?|d(?:e(?:snes\.no)?|[aå]s\.no)|coln(?:\.museum)?|z\.museum)|m(?:a(?:-city\.(?:rocks|at|ch|de)|nowa\.pl|\.zone)|ited|o)|v(?:ing(?:(?:history)?\.museum)?|orno\.it|e)|ll(?:e(?:hammer|sand)\.no|y)|ke(?:s(?:candy|-pie)\.com)?|fe(?:(?:insuranc|styl)e)?|g(?:(?:uria)?\.it|hting)|er(?:ne)?\.no|(?:xi|d)l|aison|\.it|psy)?|a(?:n(?:c(?:as(?:hire\.museum|ter)|ome|ia)|d(?:-4-sale\.us|es\.museum|rover)?|gev[aå]g\.no|s\.museum|bib\.se|xess)|(?:va(?:ngen|gis)|akesvuemie|hppi)\.no|(?:(?:-spezi|quil)a|z(?:io)?)\.it|r(?:(?:dal|vik)\.no|sson\.museum)|t(?:in(?:a\.it|o)|robe)?|(?:bou?r|jolla)\.museum|w(?:\.(?:pro|za)|yer)?|s(?:pezia\.it|alle)|m(?:borghini|er)|(?:dbroke|\.u)s|kas\.hu|py\.pl|caixa)?|o(?:(?:s(?:angeles\.museu|eyourip\.co)|(?:yalist|uvre)\.museu)m|c(?:alh(?:ost\.daplie\.me|istory\.museum)|ker|us)|g(?:i(?:stics\.aero|nto\.me)|oip\.(?:com|de))|m(?:bard(?:ia|y)\.it|\.(?:it|no)|za\.pl)|nd(?:on(?:\.museum)?|rina\.br)|(?:renskog|ppa)\.no|a(?:b[aá]t\.no|ns?)|di(?:ngen\.no|\.it)|t(?:en\.no|t[eo])|(?:wicz\.p)?l|(?:\.i|f)t|ve)|e(?:i(?:(?:r(?:fjord|vik)|kanger)\.no|tungsen\.de)|a(?:s(?:ing\.aero|e)|[nŋ]gaviika\.no)|(?:k(?:svik|a)|vanger|rdal|sja)\.no|b(?:timnetz\.de|esby\.no|ork\.pl)|g(?:(?:nica\.p|a)l|\.br|o)|c(?:c[eo]\.it|lerc)|n(?:vik\.no|ug\.su)|wismiller\.museum|zajsk\.pl|l\.br|\.it|frak|xus)|u(?:c(?:(?:ani|c)a\.it|erne\.museum)|x(?:e(?:mbourg\.museum)?|ury)|n(?:d(?:\.no|beck)|ner\.no)|g(?:s?\.org\.uk|ansk\.ua)|(?:r[oø]y|ster)\.no|\.(?:eu\.org|it)|(?:bin|kow)\.pl|zern\.museum|tsk\.ua|pin)?|t(?:d(?:\.(?:c(?:o\.im|y)|[hl]k|u[ak]|gi)|a)?|\.(?:eu\.org|it|ua))?|(?:ø(?:(?:ding|t)en|renskog)|áhppi|ærdal)\.no|v(?:\.(?:eu\.org|ua)|iv\.ua)?|c(?:ube-server\.de|\.it)?|y(?:ng(?:dal|en)\.no)?|g(?:\.(?:jp|ua)|bt)|p(?:lfinancia)?l|-o-g-i-n\.de|\.(?:bg|se)|äns\.museum|n\.cn|d?s|lc)|e(?:d(?:u(?:\.(?:e(?:[cest]|(?:u\.or)?g)|k(?:[gimnpyz]|rd)|m[egklnostvwxyz]|p[aefhklnrsty]|b[abhimorstz]|g[ehilnprtuy]|s[abcdglntvy]|l[abckrvy]|a[cflruz]|t[jmortw]|c[inouw]|i[nqst]|v[cenu]|d[moz]|h[knt]|n[gir]|r[suw]|u[ay]|z[am]|jo|om|qa|ws)|cat(?:ion(?:(?:al)?\.museum)?|or\.aero)|net\.tn)?|\.(?:c[ir]|ao|jp|pw)|ogawa\.tokyo\.jp|eka)|n(?:g(?:ine(?:er(?:\.aero|ing)?|\.aero)|\.(?:pro|br)|land\.museum|erdal\.no)|(?:vironment(?:alconservation)?|cyclopedic)\.museum|t(?:er(?:tainment\.aero|prises)|omology\.museum)|dof(?:internet\.(?:net|org)|theinternet\.org)|(?:iwa\.hokkaido|a\.gifu)\.jp|e(?:bakk\.no|rgy)|(?:na)?\.it|onic\.io|s\.tn)|s(?:t(?:-(?:(?:a-la-ma(?:is|si)|le-patr)on|mon-blogueur)\.com|ate(?:\.museum)?|\.pr)|\.(?:(?:(?:gov|leg)\.b|k)r|eu\.org)|a(?:shi|n)\.hokkaido\.jp|sex\.museum|urance|p\.br|q)?|u(?:-(?:(?:west-[123]|central-1)\.elasticbeanstalk|[1234]\.evennode)\.com|\.(?:(?:meteorapp\.)?com|int|org)|rovision|n\.eg|s)?|m(?:b(?:etsu\.hokkaido\.jp|roidery\.museum|aixada\.st)|(?:ilia-?romagna|r)\.it|er(?:gency\.aero|ck)|p(?:resa\.bo|\.br)|ail)|x(?:p(?:ert(?:s-comptables\.fr)?|ress(?:\.aero)?|osed)|(?:hibition|eter)\.museum|change(?:\.aero)?|traspace|net\.su)|a(?:st(?:(?:africa|coast)\.museum|-kazakhstan\.su)|t(?:ing-organic\.net|on\.mi\.us)?|rth)|i(?:(?:d(?:s(?:(?:ber|ko)g|voll)|fjord)?|gersund)\.no|heiji\.fukui\.jp|senbahn\.museum)|l(?:ve(?:ndrell\.museum|rum\.no)|b(?:urg\.museum|lag\.pl)|asticbeanstalk\.com|k\.pl)|t(?:ajima\.hiroshima\.jp|hnology\.museum|i(?:salat|\.br)|ne(?:dal)?\.no|c\.br)?|b(?:i(?:n(?:a\.kanagawa|o\.miyazaki)\.jp|z\.tw)|etsu\.hokkaido\.jp)|v(?:e(?:n(?:(?:(?:ass|ášš)i|es)\.no|ts)|rbank)|je-og-hornnes\.no)|c(?:o(?:(?:log|nom)ia\.bo|\.br)?|hizen\.fukui\.jp|n\.br)?|r(?:i(?:mo\.hokkaido\.jp|csson)|oti[ck]a\.hu|ni)|g(?:yptian\.museum|ersund\.no)?|p(?:ilepsy\.museum|ost|son)|1(?:64\.arpa|2\.ve)|quipment(?:\.aero)?|e(?:\.eu\.org)?|\.(?:bg|se)|kloges\.cy|hime\.jp|4\.cz)|r(?:e(?:s(?:i(?:stance\.museum|ndevice\.io)|earch\.(?:museum|aero)|\.(?:aero|in)|(?:tauran)?t)|a(?:l(?:estate(?:\.pl)?|t(?:or|y)|m\.cz)|d(?:(?:-books|myblog)\.org)?)|c(?:(?:reation\.ae|ht\.p)ro|\.(?:[cr]o|br|nf|ve)|i(?:fe\.br|pes))|n(?:(?:ne(?:s[oø]y|bu)|dalen)\.no|t(?:als)?)?|d(?:irectme\.net|umbrella|stone|\.sv)?|g(?:gio-?(?:calabr|emil)ia\.it|\.dk)|p(?:body\.aero|ublican|\.kp|air|ort)|l(?:\.(?:ht|pl)|iance)|vi(?:sta\.bo|ews?)|bun\.hokkaido\.jp|\.(?:it|kr)|i(?:sen?|t)|motewd\.com|klam\.hu|xroth|hab)?|i(?:(?:(?:ku(?:zentakata\.iwate|betsu\.hokkaido)|fu\.miyagi|tto\.shiga)\.j)?p|s(?:hir(?:ifuj)?i\.hokkaido\.jp|(?:[oø]r|sa)\.no)|o(?:(?:(?:branc|pret)o)?\.br|dejaneiro\.museum)?|n(?:g(?:e(?:rike|bu)|saker)|dal)\.no|(?:ghtathom|ik\.e)e|c(?:h(?:ardli)?|oh)|(?:min|et)i\.it|\.(?:it|us)|beirao\.br|vne\.ua|l)|a(?:n(?:(?:koshi\.hokkaido|zan\.saitama)\.jp|(?:daberg|a)\.no)|d(?:o(?:m\.pl|y\.no)|(?:øy|e)\.no|io(?:\.br)?)|(?:h(?:kkeravju|olt)|kkestad|lingen|uma)\.no|ven(?:db\.(?:community|run|me)|na\.it)|i(?:l(?:road|way)\.museum|sa\.no|d)|c(?:kmaze\.(?:com|net)|ing)|(?:gusa)?\.it|wa-maz\.pl|s\.ru)|o(?:(?:(?:y(?:rvik|ken)|llag|ros|an|st)\.n|torcraft\.aer|d(?:oy\.n|e))o|c(?:he(?:ster\.museum|r)|k(?:art\.museum|s))|m(?:a\.(?:museum|it)|s(?:kog|a)\.no|e\.it)|\.(?:(?:gov|leg)\.br|eu\.org|i[mt])|v(?:igo\.it|no\.ua)|kunohe\.aomori\.jp|uter\.management|gers|om)?|(?:ø(?:y(?:rvik|ken)|mskog|døy|ros|st)|á(?:hkkerávju|isa)|å(?:holt|de)|ælingen|l)\.no|y(?:u(?:(?:gasaki\.ibaraki|oh\.shiga)\.jp|kyu)|okami\.saitama\.jp|bnik\.pl|gge\.no)|u(?:\.(?:eu\.org|com|net)|ssia\.museum|ovat\.no|gby|hr|n)?|n(?:\.(?:(?:gov|leg)\.br|it)|(?:[su]|rt)\.tn)|s(?:\.(?:gov|leg)\.br|c\.cdn77\.org|vp)?|\.(?:cdn77\.net|bg|se)|z(?:gw\.gov|eszow)\.pl|[jr]\.(?:gov|leg)\.br|(?:[cg]\.|m\.?)it|hcloud\.com|v\.ua|we?)|y(?:a(?:m(?:a(?:(?:t(?:o(?:\.(?:k(?:anagawa|umamoto)|fukushima)|(?:koriyam|takad)a\.nara)|suri\.fukushima)|n(?:a(?:(?:shi\.yamana)?|kako\.yamana)shi|o(?:be\.yamagata|uchi\.nagano))|g(?:a(?:ta(?:\.(?:yamagata|ibaraki|nagano|gifu))?|\.kumamoto)|uchi)|da\.(?:(?:fukuok|toyam)a|iwate)|(?:kita\.kanagaw|zoe\.nar)a|moto\.miyagi|shina\.kyoto)\.jp|xun)|e\.fukuoka\.jp)|(?:s(?:u(?:gi\.shimane|oka\.nagano|da\.kochi|\.shiga)|hi(?:o\.saitama|ro\.hyogo)|aka\.nagano)|t(?:su(?:shiro\.kumamoto|ka\.shimane)|omi\.aichi)|k(?:umo\.(?:hokkaido|shimane)|age\.okayama)|wa(?:ta(?:hama\.ehime|\.kyoto)|ra\.ibaraki)|i(?:zu\.shizuoka|ta\.tochigi)|bu(?:ki\.fukushima|\.hyogo)|o(?:tsu\.gifu|\.osaka)|ese\.okinawa|zu\.tottori)\.jp|ch(?:i(?:yo\.(?:ibaraki|chiba)|mata\.chiba)\.jp|ts)|n(?:a(?:izu\.fukushim|gawa\.fukuok)a\.jp|dex)|h(?:(?:iko\.niigata|aba\.iwate)\.jp|oo)|lta\.ua)|o(?:(?:n(?:a(?:g(?:uni\.okinawa|o\.tottori)|baru\.okinawa)|(?:ezawa\.yamagat|o\.saitam)a)|i(?:chi\.hokkaido|ta\.niigata)|tsukaido\.chiba)\.jp|k(?:o(?:(?:s(?:hibahikari\.chib|uka\.kanagaw)|ze\.saitam|te\.akit)a\.jp|hama)|(?:a(?:(?:wa)?\.hyogo|ichiba\.chiba)|kaichi\.mie)\.jp)|s(?:hi(?:(?:(?:kawa|mi)\.saita|oka\.gun)m|da\.s(?:hizuok|aitam)|no(?:gari\.sag|\.nar))a\.jp|emite\.museum)|r(?:(?:ii\.saitama|o\.gifu)\.jp|k(?:shire)?\.museum)|m(?:itan\.okinawa\.jp|bo\.me)|u(?:t(?:h\.museum|ube))?|lasite\.com|dobashi|ga)|u(?:(?:(?:(?:za(?:wa\.nii|\.yama)ga|fu\.oi)t|gawa(?:ra\.kanagaw|\.fukushim)|r(?:ihonjo\.akit|a\.wakayam)|asa\.wakayam)a|k(?:uhashi\.fukuoka|i\.ibaraki)|su(?:i\.kagoshima|hara\.kochi)|u\.yamaguchi)\.jp|n)|bo\.(?:(?:scienc|trad)e|review|faith|party)|\.(?:bg|se)|k\.ca|n\.cn|t)|u(?:s(?:(?:-(?:east-(?:1\.(?:elasticbeanstalk|amazonaws)|2\.elasticbeanstalk)|(?:gov-west-1|west-[12])\.elasticbeanstalk|[1234]\.evennode)\.co|(?:c(?:ountryestat|ultur)e|decorativearts|livinghistory|garden)\.museu)m|h(?:i(?:ku\.ibaraki\.jp|story\.museum)|uaia\.museum)|a(?:(?:ntique|rt)s\.museum|\.(?:oita\.jp|museum))|\.(?:(?:eu\.)?org|gov\.pl|com|na)|u(?:i\.fukuok|ki\.oit)a\.jp|r\.cloud\.muni\.cz|er\.party\.eus|tka\.pl)?|n(?:(?:azuki\.toyama|zen\.nagasaki|nan\.shimane)\.jp|i(?:v(?:ersity(?:\.museum)?|\.sn)|on\.aero|com)|(?:usualperson\.co|dersea\.museu)m|(?:j[aá]rga\.n)?o)|r(?:(?:a(?:(?:soe\.okinaw|wa\.saitam|yasu\.chib)a|(?:kawa|usu)\.hokkaido)|uma\.okinawa|yu\.hokkaido|eshino\.mie)\.jp|bino-?pesaro\.it|[in]\.arpa|l\.tw)|t(?:a(?:z(?:u\.kagawa\.jp|as\.hu)|shinai\.hokkaido\.jp|h\.museum)|s(?:unomiya\.tochigi\.jp|ira\.no)|o\.kumamoto\.jp|wente\.io|\.us)|(?:e(?:no(?:hara\.yamanashi|\.gunma)|da\.nagano)|ji(?:(?:tawara)?\.kyoto|ie\.tochigi))\.jp|c(?:hi(?:n(?:ada\.ishik|omi\.kag)awa|hara\.ibaraki|ko\.ehime)\.jp|onnect)|m(?:i(?:\.fukuoka\.jp|g\.gov\.pl)|aji\.kochi\.jp|b(?:ria)?\.it|\.gov\.pl)|k(?:i(?:ha\.fukuoka|\.kumamoto)\.jp|\.(?:eu\.org|com|net)|lugs\.org)?|l(?:(?:lens(?:aker|vang)|vik)\.no|m\.museum|san\.kr)|d(?:(?:ono\.mie|a\.nara)\.jp|i(?:ne\.it|\.br)|\.it)|(?:2(?:-local)?\.xnbay\.co|(?:hren|vic)\.museu)m|b(?:e(?:\.yamaguchi\.jp|r\.space)|ank|s)|o(?:(?:numa\.niigat|zu\.toyam)a\.jp|l)|z(?:(?:hgorod)?\.ua|s\.gov\.pl)?|w(?:ajima\.ehime\.jp|\.gov\.pl)|p(?:(?:ow|po)\.gov\.pl|s)|g(?:(?:im)?\.gov\.pl)?|\.(?:bg|se)|y(?:\.com)?|fcfan\.org|a)|v(?:i(?:r(?:tu(?:e(?:eldomein\.nl|l\.museum)|al(?:-?user\.de|\.museum))|gin(?:ia\.museum)?)|c(?:(?:\.(?:edu|gov))?\.au|enza\.it)|n(?:n(?:ytsi|ic)a\.ua|dafjord\.no)?|k(?:ing(?:\.museum)?|(?:na)?\.no)|(?:bo-?valentia|terbo)\.it|s(?:ta(?:print)?|ion|a)|lla(?:ge\.museum|s)|p(?:sinaapp\.com)?|deo(?:\.hu)?|\.(?:it|us)|v[ao]|x\.br|ajes|g)?|a(?:l(?:le(?:(?:(?:-(?:d-?)?|d-?)?aosta|́?e(?:(?:-d)?-|d)?aoste)\.it|y\.museum|\.no)|er\.(?:hedmark|ostfold)\.no|-?d-?aosta\.it)|n(?:g(?:\.no|uard)|taa\.museum|ylven\.no|a)|(?:g(?:an?|soy)|ds[oø]|apste|ksdal)\.no|r(?:(?:d[oø]|ggat|oy)\.no|ese\.it)|por(?:cloud\.io|\.cloud)|\.(?:it|no|us)|cations|o\.it)?|e(?:r(?:s(?:ailles\.museum|icherung)|(?:(?:bani|on)a|celli)\.it|mögensberat(?:ung|er)|(?:dal|ran)\.no|isign)|(?:st(?:(?:v(?:ago|ågø)|b)y|re-(?:slidre|toten)|nes)|velstad|fsn)\.no|n(?:(?:e(?:zia|to)|ice)?\.it|nesla\.no|tures)|g(?:a(?:(?:rshei)?\.no|s)|årshei\.no)|t(?:erinaire\.(?:fr|km)|\.br)?|\.it)?|o(?:l(?:k(?:enkunde\.museum|swagen)|(?:da\.n|v)o|ogda\.su|yn\.ua)|(?:ss(?:evangen)?|agat)\.no|t(?:[eo]|ing)|yage|dka)|(?:(?:å(?:ler\.(?:hedmark|østfold)|g(?:søy|an|å))|árggát|ærøy|f)\.n|-info\.inf)o|l(?:a(?:di(?:kavkaz|mir)\.[rs]u|anderen(?:\.museum)?)|og\.br)|pn(?:dns\.net|plus\.to)|(?:[brsv]|da)\.it|t\.(?:it|us)|g(?:s\.no)?|c(?:\.it)?|n(?:\.ua)?|u(?:elos)?|\.bg)|w(?:a(?:(?:k(?:a(?:sa\.(?:tottor|fuku)i|(?:yama\.waka)?yama)|kanai\.hokkaido|uya\.miyagi|e\.okayama)|ji(?:ki\.tokushim|ma\.ishikaw)a|(?:zuka\.kyot|da\.nagan)o)\.jp|t(?:ch(?:(?:-and-|and)clock\.museum|es)?|ar(?:i\.miyagi|ai\.mie)\.jp)|s(?:h(?:ingtondc\.museum|tenaw\.mi\.us)|samu\.hokkaido\.jp)|r(?:abi\.saitama\.jp|m(?:ia\.pl|an)|szawa\.pl|\.museum)|l(?:es(?:\.museum)?|lonie\.museum|brzych\.pl|mart|ter)|n(?:ouchi\.gifu\.jp|g(?:gou)?)|\.(?:(?:(?:edu|gov)\.)?au|us)|w\.pl)|e(?:b(?:\.(?:[bcd]o|[lp]k|n[fi]|t[jr]|gu|id|ve|za)|ho(?:p\.(?:info|biz|net|org|me)|sting\.be)|s(?:pace\.rocks|ite)|redirect\.org|cam|er)|d(?:eploy\.(?:io|me|sh)|ding)?|llbeingzone\.(?:co\.uk|eu)|st(?:fale|er)n\.museum|ather(?:channel)?|i(?:bo|r)|grow\.pl|\.bs)|i(?:l(?:liam(?:sburg\.museum|hill)|dlife\.museum)|n(?:d(?:mill\.museum|ows)|b\.gov\.pl|ners|e)?|t(?:h(?:youtub|googl)e\.com|d\.gov\.pl)|(?:[fw]|ih|os)\.gov\.pl|e(?:lun\.pl|n)|ki(?:\.b[or])?|\.us)|o(?:r(?:k(?:i(?:nggroup\.aero|sboring\.com)|s(?:hop\.museum|\.aero)?)?|se-than\.tv|ld)|l(?:terskluwer|omin\.pl)|dzislaw\.pl|odside|w)|(?:(?:zmiuw|uoz)\.gov|locl(?:awek)?)\.pl|r(?:itesthisblog\.com|oc(?:law)?\.pl)|s(?:(?:kr|a)\.gov\.pl|\.na)?|h(?:aling\.museum|oswho)|m(?:flabs\.org|e)|pdevcloud\.com|\.(?:bg|se)|[vy]\.us|ww\.ro|t[cf]|f)|j(?:o(?:(?:(?:etsu\.niigat|hana\.toyam)a|so\.ibaraki)\.jp|urnal(?:is(?:m\.museum|t\.aero)|\.aero)|b(?:oji\.iwate\.jp|s(?:\.tt)?|urg)|r(?:peland\.no|\.br)|(?:lster|ndal)\.no|y(?:o\.kyoto\.jp)?|inville\.br|gasz\.hu|t)?|e(?:w(?:ish(?:art)?\.museum|elry(?:\.museum)?)|(?:fferson|rusalem)\.museum|(?:on(?:buk|nam)|ju)\.kr|(?:ssheim|vnaker)\.no|lenia-gora\.pl|tzt|ep)?|u(?:(?:d(?:ygarland|aica)|if)\.museum|e(?:disches\.museum|gos)|(?:nipe|s\.b)r|r\.pro)|a(?:m(?:ison\.museum|byl\.su|pa\.br)|(?:b\.b|gua)r|n-mayen\.no|worzno\.pl|va)|p(?:\.(?:eu\.org|net)|morgan|n\.com|rs)?|i(?:nsekikogen\.hiroshima\.jp|o)|d(?:evcloud\.com|f\.br)|ø(?:rpeland|lster)\.no|l(?:[cl]|\.cn)|s\.(?:org|cn)|fk\.museum|gora\.pl|c[bp]|x\.cn|\.bg|mp|nj)|[^\.]+\.(?:s(?:en(?:siosite\.cloud|dai\.jp)|t(?:atics\.cloud|olos\.io)|pectrum\.myjino\.ru|apporo\.jp|5y\.io|ch\.uk)|c(?:ompute(?:\.(?:amazonaws\.com(?:\.cn)?|estate)|-1\.amazonaws\.com)|ns\.joyent\.com|ryptonomic\.net|k)|e(?:x\.(?:futurecms|ortsinfo)\.at|lb\.amazonaws\.com(?:\.cn)?|r)|k(?:[hw]|(?:itakyushu|awasaki|obe)\.jp|unden\.ortsinfo\.at)|a(?:lces\.network|dvisor\.ws|wdev\.ca)|tr(?:ansurl\.(?:be|eu|nl)|iton\.zone)|(?:(?:host|land)ing|vps)\.myjino\.ru|(?:(?:quipelements|0emm)\.co|j)m|p(?:latform(?:sh\.site|\.sh)|g)|n(?:(?:agoya\.j)?p|om\.br)|m(?:agentosite\.cloud|m)|f(?:[jk]|uturecms\.at)|y(?:okohama\.jp|e)|in\.futurecms\.at|uberspace\.de|otap\.co|b[dn])|z(?:[mw]|a(?:p(?:orizhzh(?:ia|e)\.ua|to\.(?:org|xyz)|pos)|(?:ma(?:mi\.okin|\.kanag)awa|o\.miyagi)\.jp|(?:chpomor|kopane|gan)\.pl|\.(?:com|net|org|bz)|r(?:ow\.pl|a))|o(?:olog(?:ical|y)\.museum|ne(?:\.id)?)|u(?:shi\.kanagawa\.jp|erich)|(?:h(?:itomi|ytomy)r|t)\.ua|e(?:ntsuji\.kagawa\.jp|ro)|gor(?:zelec|a)\.pl|p\.(?:gov\.pl|ua)|\.(?:bg|se)|ip(?:po)?|lg\.br|j\.cn)|(?:ø(?:y(?:stre-slidre|garden|er)|r(?:s(?:kog|ta)|land)|stre-toten|vre-eiker|ksnes)|å(?:l(?:(?:esun|går)d)?|s(?:eral|nes)?|m(?:li|ot)|krehamn|fjord|rdal)|á(?:l(?:aheadju|tá)|kŋoluokta)|čáhcesuolo)\.no|(?:(?:[富岡]|和歌)山|(?:[広徳]|鹿児)島|(?:神奈|石)川|山[口形梨]|福[井岡島]|[佐滋]賀|宮[城崎]|愛[媛知]|長[崎野]|北海道|三重|京都|兵庫|千葉|埼玉|奈良|岐阜|岩手|島根|東京|栃木|沖縄|熊本|秋田|群馬|茨城|青森|静岡|高知|鳥取)\.jp|q(?:u(?:e(?:bec(?:\.museum)?|st)|icksytes\.com)|ld(?:\.(?:edu|gov))?\.au|(?:-a\.eu\.or|\.b)g|(?:h\.c|po)n|a(?:2\.com)?|c\.c(?:om|a)|sl\.br|vc)|x(?:e(?:n(?:apponazure|\.prgmr)\.com|rox)|(?:i(?:hua)?|[jz]\.c)n|s4all\.space|\.(?:bg|se)|(?:bo|x)x|nbay\.com|443\.pw|finity|peria|yz)|ا(?:ل(?:سعود(?:ي[ةه]|ی[ةۃ])|(?:عليا|ارد|يم)ن|جزائر|مغرب)|(?:تصال|مار)ات|يران(?:\.ir)?|یران(?:\.ir)?|بوظبي|رامكو)|1(?:2hp\.(?:at|ch|de)|337\.pictures|kapp\.com|6-b\.it|\.bg)|(?:(?:(?:องค์ก|ทหา)ร|ธุรกิจ|รัฐบาล|ศึกษา|เน็ต)\.)?ไทย|2(?:0(?:00\.hu|38\.io)|ix\.(?:at|ch|de)|\.bg)|о(?:(?:бр|д)\.срб|рг(?:\.срб)?|нлайн)|4(?:lima\.(?:at|ch|de)|u\.com|\.bg)|网(?:[址店站]|络(?:\.(?:cn|hk))?|絡\.hk)|3(?:utilities\.com|2-b\.it|\.bg)|網(?:絡\.(?:cn|hk|香港)|络\.hk|路\.tw)|م(?:و(?:بايلي|قع)|ليسيا|صر)|公(?:司(?:\.(?:cn|hk|香港))?|益)|組(?:織\.(?:hk|tw|香港)|织\.hk)|ب(?:ا(?:زار|رت)|ھارت|يتك)|(?:ירושלים|иком)\.museum|政(?:府(?:\.(?:hk|香港))?|务)|组(?:织(?:\.hk|机构)|織\.hk)|(?:پا[كک]ستا|فلسطي)ن|0(?:01www\.com|\.bg)|9(?:guacu\.br|\.bg)|м(?:о(?:сква|н)|кд)|大(?:[分阪]\.jp|众汽车|拿)|ع(?:ر(?:اق|ب)|مان)|भार(?:त(?:म्)?|ोत)|6(?:4-b\.it|\.bg)|இ(?:ந்தியா|லங்கை)|(?:[个箇]人|敎育)\.hk|سو(?:ري[اة]|دان)|商(?:[城店标]|業\.tw)|香(?:川\.jp|格里拉|港)|у(?:пр\.срб|кр)|新(?:潟\.jp|加坡|闻)|(?:ак|пр)\.срб|к(?:атолик|ом)|ك(?:اثوليك|وم)|中(?:[信国國]|文网)|個人\.(?:hk|香港)|教育\.(?:hk|香港)|(?:グーグ|セー)ル|с(?:айт|рб)|சிங்கப்பூர்|嘉里(?:大酒店)?|[578]\.bg|б(?:ел|г)|р(?:ус|ф)|ভা[রৰ]ত|ファッション|همراه|संगठन|বাংলা|భారత్|ഭാരതം|台[湾灣]|手[机表]|澳[門门]|닷[넷컴]|дети|تونس|شبكة|ڀارت|ਭਾਰਤ|ભારત|ଭାରତ|ಭಾರತ|ලංකා|クラウド|ポイント|電訊盈科|қаз|հայ|קום|قطر|कॉम|नेट|คอม|みんな|ストア|天主教|我爱你|淡马锡|诺基亚|飞利浦|ελ|ею|გე|コム|世界|企业|佛山|信息|健康|八卦|在线|娱乐|家電|工行|广东|微博|慈善|招聘|时尚|書籍|机构|游戏|点看|珠宝|移动|联通|臺灣|谷歌|购物|通販|集团|食品|餐厅|삼성|한국)$/ + , + _tldEx: /(?:\.|^)(?:city\.(?:k(?:itakyushu|awasaki|obe)|(?:yokoham|nagoy)a|s(?:apporo|endai))\.jp|www\.ck)$/ +} diff --git a/src/lib/uuid.js b/src/lib/uuid.js new file mode 100644 index 0000000..d809437 --- /dev/null +++ b/src/lib/uuid.js @@ -0,0 +1,6 @@ +'use strict'; +function uuid() { + return ([1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g, + c => (c ^ crypto.getRandomValues(new Uint8Array(1))[0] & 15 >> c / 4) + .toString(16)); +} diff --git a/src/manifest.json b/src/manifest.json new file mode 100644 index 0000000..87549f9 --- /dev/null +++ b/src/manifest.json @@ -0,0 +1,101 @@ +{ + "manifest_version": 2, + "default_locale": "en", + "name": "NoScript", + "applications": { + "gecko": { + "id": "{73a6fe31-595d-460b-a920-fcc0f8843232}", + "strict_min_version": "59.0" + } + }, + "version": "10.1.8.3rc4", + "description": "__MSG_Description__", + + "content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'none'", + + "icons": { + "48": "img/icon48.png", + "96": "img/icon96.png", + "256": "img/icon256.png" + }, + + "permissions": [ + "contextMenus", + "privacy", + "storage", + "tabs", + "unlimitedStorage", + "webNavigation", + "webRequest", + "webRequestBlocking", + "<all_urls>" + ], + + "background": { + "persistent": true, + "scripts": [ + "lib/uuid.js", + "lib/log.js", + "lib/include.js", + "lib/punycode.js", + "lib/tld.js", + "common/Policy.js", + "common/locale.js", + "common/Entities.js", + "common/SyntaxChecker.js", + "common/Storage.js", + "ui/Prompts.js", + "xss/XSS.js", + "bg/main.js" + ] + }, + + "content_scripts": [ + { + "run_at": "document_start", + "matches": ["<all_urls>"], + "match_about_blank": true, + "all_frames": true, + "js": [ + "lib/log.js", + "content/onScriptDisabled.js", + "content/content.js", + "content/PlaceHolder.js" + ] + }, + { + "matches": ["<all_urls>"], + "match_about_blank": true, + "all_frames": true, + "css": [ + "/content/content.css" + ] + } + ], + + "options_ui": { + "page": "ui/options.html", + "open_in_tab": true + }, + + "browser_action": { + "default_area": "navbar", + "default_title": "NoScript", + "default_icon": { + "64": "img/ui-maybe64.png" + } + }, + + "commands": { + "_execute_browser_action": { + "suggested_key": { + "default": "Alt+Shift+N" + } + }, + "togglePermissions": { + "suggested_key": { + "default": "Ctrl+Shift+T" + } + } + } +} diff --git a/src/test/Policy_test.js b/src/test/Policy_test.js new file mode 100644 index 0000000..f658379 --- /dev/null +++ b/src/test/Policy_test.js @@ -0,0 +1,29 @@ +{ + let p1 = new Policy(); + p1.set("noscript.net", new Permissions(["script"], true)); + p1.set("https://noscript.net", new Permissions(["script", "object"])); + p1.set("maone.net", p1.TRUSTED.tempTwin); + p1.set(Sites.secureDomainKey("secure.informaction.com"), p1.TRUSTED); + p1.set("https://flashgot.net", p1.TRUSTED); + p1.set("http://flashgot.net", p1.UNTRUSTED); + p1.set("perchè.com", p1.TRUSTED); + let p2 = new Policy(p1.dry()); + debug("p1", JSON.stringify(p1.dry())); + debug("p2", JSON.stringify(p2.dry())); + + for(let t of [ + () => p2.can("https://noscript.net"), + () => !p2.can("http://noscript.net"), + () => p2.can("https://noscript.net", "object"), + () => p1.snapshot !== p2.snapshot, + () => JSON.stringify(p1.dry()) === JSON.stringify(p2.dry()), + () => p1.can("http://perchè.com/test") /* IDN encoding */, + () => Sites.toExternal(new URL("https://perché.com/test")) === + "https://perché.com/test" /* IDN decoding */, + () => !p1.can("http://secure.informaction.com"), + () => p1.can("https://secure.informaction.com"), + () => p1.can("https://www.secure.informaction.com"), + ]) Test.run(t); + + Test.report(); +} diff --git a/src/test/Test.js b/src/test/Test.js new file mode 100644 index 0000000..8ca2ed7 --- /dev/null +++ b/src/test/Test.js @@ -0,0 +1,43 @@ +var Test = (() => { + 'use strict'; + return { + passed: 0, + failed: 0, + async include(tests) { + for(let test of tests) { + let src = `/test/${test}_test.js`; + log(`Testing ${test}`); + this.passed = this.failed = 0; + try { + await include(src); + } catch (e) { + // we might omit some tests in publicly available code for Security + // reasons, e.g. XSS_test.js + log("Missing test ", test); + continue; + } + } + }, + async run(test, msg = "", callback = null) { + let r = false; + try { + r = await test(); + } catch(e) { + error(e); + } + this[r ? "passed" : "failed"]++; + log(`${r ? "PASSED" : "FAILED"} ${msg || uneval(test)}`); + if (typeof callback === "function") try { + callback(r, test, msg); + } catch(e) { + error(e); + } + }, + + report() { + let {passed, failed} = this; + log(`FAILED: ${failed}, PASSED: ${passed}, TOTAL ${passed + failed}.`); + } + }; + +})(); diff --git a/src/test/XSS_test.js b/src/test/XSS_test.js new file mode 100644 index 0000000..99cbb3d --- /dev/null +++ b/src/test/XSS_test.js @@ -0,0 +1,16 @@ +{ + let y = async (url, originUrl = '') => await XSS.maybe({originUrl, url, method: "GET"}); + let n = async (...args) => !await y(...args); + Promise.all([ + () => y("https://noscript.net/<script"), + () => n("https://noscript.net/<script", "https://noscript.net/"), + () => y("https://vulnerabledoma.in/char_test?body=%80%3Cscript%3Ealert(1)%3C/script%3E"), + () => y("https://vulnerabledoma.in/char_test?body=%3Cp%20id=x%3Ejavascrip%3Cx%3Et:alert(%3Cx%3E1)%3C/p%3E%3Cmath%3E%3Ca%20href=%22%23*/=x.innerText,a%22%20xml:base=javascript:location/*%3EClick%20HERE"), + () => y("https://vulnerabledoma.in/char_test?body=%3Cp%20id=x%3E%26lt%3Bsv%3Cx%3Eg%20o%3Cx%3Enload=alert(%3Cx%3E1)%3E%3C/p%3E%3Cmath%3E%3Ca%20href=%23%250ax.innerText%20xml:base=javascript:%3C!--%3EClick%20HERE"), + () => y("https://vulnerabledoma.in/char_test?body=%3Cp%20id=x%3E%26lt%3Bsv%3Cx%3Eg%20o%3Cx%3Enload=alert(%3Cx%3E1)%3E%3C/p%3E%3Cmath%3E%3Ca%20href=%23*/x.innerText%20xml:base=%01javascript:/*%3EClick%20HERE"), + () => y("https://vulnerabledoma.in/char_test?body=%3Ca%20href=javascript%26colo%u0000n%3balert%281%u0029%3ECLICK"), + () => y("https://vulnerabledoma.in/xss_link?url=javascript%26colo%00n%3Balert%u00281%29"), + () => y("https://vulnerabledoma.in/xss_link?url=javascript:\\u{%0A6e}ame"), + ].map(t => Test.run(t)) + ).then(() => Test.report()); +} diff --git a/src/test/run.js b/src/test/run.js new file mode 100644 index 0000000..4325a40 --- /dev/null +++ b/src/test/run.js @@ -0,0 +1,8 @@ +(async () => { + await include("/test/Test.js"); + Test.include([ + "Policy", + "XSS", + "embargoed/XSS", + ]); +})(); diff --git a/src/ui/Prompts.js b/src/ui/Prompts.js new file mode 100644 index 0000000..03ea9ee --- /dev/null +++ b/src/ui/Prompts.js @@ -0,0 +1,101 @@ +var Prompts = (() => { + + + var promptData; + var backlog = []; + class WindowManager { + async open(data) { + promptData = data; + this.close(); + this.currentWindow = await browser.windows.create({ + url: browser.extension.getURL("ui/prompt.html"), + type: "panel", + allowScriptsToClose: true, + // titlePreface: "NoScript ", + width: data.features.width, + height: data.features.height, + }); + } + async close() { + if (this.currentWindow) { + try { + await browser.windows.remove(this.currentWindow.id); + } catch (e) { + debug(e); + } + this.currentWindow = null; + } + } + + async focus() { + if (this.currentWindow) { + try { + await browser.windows.update(this.currentWindow.id, + { + focused: true, + } + ); + } catch (e) { + error(e, "Focusing popup window"); + } + } + } + } + + var winMan = new WindowManager(); + var Prompts = { + DEFAULTS: { + title: "", + message: "Proceed?", + options: [], + checks: [], + buttons: [_("Ok"), _("Cancel")], + multiple: "close", // or "queue", or "focus" + width: 400, + height: 300, + }, + async prompt(features) { + features = Object.assign({}, this.DEFAULTS, features || {}); + return new Promise((resolve, reject) => { + let data = { + features, + result: { + button: -1, + checks: [], + option: null, + }, + done() { + this.done = () => {}; + winMan.close(); + resolve(this.result); + if (backlog.length) { + winMan.open(backlog.shift()); + } else { + promptData = null; + } + } + }; + if (promptData) { + backlog.push(data); + switch(promptData.features.multiple) { + case "focus": + winMan.focus(); + case "queue": + break; + default: + promptData.done(); + } + } else { + winMan.open(data); + } + }); + }, + + get promptData() { + return promptData; + } + } + + return Prompts; + +})(); diff --git a/src/ui/options.css b/src/ui/options.css new file mode 100644 index 0000000..f7db24b --- /dev/null +++ b/src/ui/options.css @@ -0,0 +1,187 @@ + +/* @import url("chrome://browser/content/extension.css"); */ +body { + background: #eee url("/img/noscript-options.png") no-repeat fixed top right; + background-size: 8em; + padding: 0 2em 0 0; + margin: 0.5em 0.5em 0.5em 0.5em; +} +.mobile body { + background-size: 4em; + padding-right: 0; +} + + +#header { + display: flex; + flex-flow: column; + padding: 0; + margin: 0 6em 0 0; + text-align: right; +} +#header h1 { + color: #048; + text-shadow: 0.06em 0.06em 0.06em rgba(0,0,0,.5); + font-size: 2em; + padding: 0; + margin: 0; + text-align: right; +} +#version { + color: #048; + font-size: 0.75em; + padding: 0; + margin: 0 0 0.5em; + display: block; + text-align: right; +} + +.buttons { + display: flex; + flex-flow: row wrap; + justify-content: flex-end; + width: 100%; + text-align: right; +} + +#sect-general { + display: flex; + flex-direction: column; + justify-content: space-around; + font-size: 1em; +} + +#sect-general label, #sect-general button, #sect-general span { + white-space: nowrap; +} + +.opt-group { + display: flex; + flex-flow: row wrap; + justify-content: flex-start; + border-bottom: 1px solid rgba(255, 255, 255, .5); + padding: .5em 0; +} + +.opt-group:last-child { + border-bottom: none; + margin-bottom: .5em; +} + +section form, section fieldset { + margin: .5em 0; +} + +fieldset:disabled { + opacity: .5; +} + +.opt-group > span { + margin: 0 .5em; +} + +.sect-sites form { + display: flex; + align-items: baseline; + flex-wrap: wrap; + justify-content: space-between; +} + +.sect-sites form > label { + white-space: nowrap; +} +#newsite { + flex: 2 2; +} + +#policy { + display: block; + margin-top: .5em; + min-height: 20em; + width: 90%; +} +.hide, div.debug { + display: none; +} + +body.debug div.debug { + display: initial; +} + +.error { + background: #ff8; + color: red; +} + +#policy-error { + background: red; + color: #ff8; + padding: 0; + margin: 0; + font-weight: bold; +} + +input, button { + font-size: 1em; +} + +button.add { + font-weight: bold; +} + +input[type="file"] { + display: none; +} + +.opt-group { + padding: 0.5em 0; +} +#xssFaq { + padding: 0.5em 1em; +} +#clearclick-options { + display: none; +} + + +.flextabs__tab { + /* shift all tabs to appear before content */ + order: -1; + /* let tabs scale to fit multiple on each row */ + width: auto; + margin: 0; +} +.flextabs__content--active { + /* ignore states activated for multi (accordion) toggle view */ + display: none; +} +.flextabs__content--active--last { + /* show the last activated item */ + display: block; +} + +.flextabs__content, .flextabs__toggle[aria-expanded="true"] { + background-color: rgba(200, 200, 200, .5) !important; + border: 0 solid #888; +} + +.flextabs__toggle { + -moz-appearance: none; + border-width: 0 1px 0 0 !important; + margin: 0 4px 0 0; + background: #ccc; + outline-width: 1px 0 0 0 !important; +} + + + +.flextabs__content { + border-width: 0 1px 1px 0; + border-radius: 0 .5em 0 0; + padding: .5em; +} + +.flextabs__toggle { + border-radius: .2em .2em 0 0; + padding: .2em .4em; +} diff --git a/src/ui/options.html b/src/ui/options.html new file mode 100644 index 0000000..433a1bd --- /dev/null +++ b/src/ui/options.html @@ -0,0 +1,125 @@ +<!DOCTYPE html> +<html> +<head> +<meta name="viewport" content="width=device-width,initial-scale=1"> +<title>NoScript Settings</title> +<meta charset="utf-8"> +<link rel="icon" href="/img/noscript-options.png"> +<link rel="stylesheet" href="/lib/flextabs.css" /> +<link rel="stylesheet" href="options.css" /> +<link rel="stylesheet" href="whirlpool.css" /> +<script src="/lib/include.js"></script> +<script src="/lib/log.js"></script> +<script src="/lib/flextabs.js"></script> +<script src="/common/locale.js"></script> +<script src="/ui/ui.js"></script> +</head> +<body> +<div id="header"> +<h1 > +NoScript Options +</h1> +<div> +<span id="version"></span> +</div> + +<div class="buttons"> +<span><input id="file-import" type="file"/></span> +<button id="btn-import" accesskey="__MSG_Import_accesskey__">__MSG_Import__</button> +<button id="btn-export" accesskey="__MSG_Export_accesskey__">__MSG_Export__</button> +<button id="btn-reset" accesskey="__MSG_Reset_accesskey__">__MSG_Reset__</button> +</div> +</div> +<section id="sect-io"> + +</section> + +<div id="main-tabs" class="flextabs"> + +<h3 class="flextabs__tab"><button class="flextabs__toggle">__MSG_SectionGeneral__</button></h3> +<div class="flextabs__content flextabs__content--active--last"> + <section id="sect-general"> + <div class="opt-group"> + <span id="global-opt"> + <input type="checkbox" id="opt-global"><label for="opt-global" id="lbl-global">__MSG_NoEnforcement__</label> + </span> + <span id="auto-opt"> + <input type="checkbox" class="enforcement_required" id="opt-auto"><label for="opt-auto" id="lbl-auto">__MSG_AutoAllowTopLevel__</label> + </span> + + </div> + + <fieldset class="enforcement_required"> + <legend accesskey="__MSG_CustomizePresets_accesskey__">__MSG_CustomizePresets__</legend> + <div id="presets"></div> + </fieldset> + </section> +</div> + +<h3 class="flextabs__tab"><button class="flextabs__toggle enforcement_required">__MSG_SectionSitePermissions__</button></h3> +<div class="flextabs__content"> + <section class="sect-sites"> + <form id="form-newsite" class="browser-style" > + <label id="newsite-label" for="newsite" accesskey="__MSG_WebAddress_accesskey__">__MSG_WebAddress__</label><input name="newsite" id="newsite" type="text" placeholder="[https://]noscript.net" + ><button class="add">+</button> + </form> + <div id="sites"> + <div class="cssload-container"> + <div class="cssload-whirlpool"></div> + </div> + </div> + </section> +</div> + +<h3 class="flextabs__tab appearance_tab"><button class="flextabs__toggle">__MSG_SectionAppearance__</button></h3> +<div class="flextabs__content appearance_tab"> + <div class="opt-group desktop"> + <span id="showCtxMenuItem-opt"> + <input type="checkbox" id="opt-showCtxMenuItem"> + <label for="opt-showCtxMenuItem" id="lbl-showCtxMenuItem">__MSG_ShowCtxMenuItem__</label> + </span> + </div> + <div class="opt-group desktop"> + <span id="showCountBadge-opt"> + <input type="checkbox" id="opt-showCountBadge"> + <label for="opt-showCountBadge" id="lbl-showCountBadge">__MSG_ShowCountBadge__</label> + </span> + </div> + <div class="opt-group"> + <span id="showFullAddresses-opt"> + <input type="checkbox" id="opt-showFullAddresses"> + <label for="opt-showFullAddresses" id="lbl-showFullAddresses">__MSG_ShowFullAddresses__</label> + </span> + </div> +</div> + +<h3 class="flextabs__tab"><button class="flextabs__toggle">__MSG_SectionAdvanced__</button></h3> +<div class="flextabs__content"> + <div class="opt-group"> + <span id="xss-opts"> + <input type="checkbox" id="opt-xss"><label for="opt-xss" id="lbl-xss">__MSG_OptFilterXGet__</label> + <span id="xssFaq">(<a href="https://noscript.net/faq#xss" title="https://noscript.net/faq#xss">__MSG_XssFaq__</a>)</span> + </span> + <button id="btn-delete-xss-choices" disabled>__MSG_XSS_clearUserChoices__</button> + </div> + <div id="clearclick-options" class="opt-group"> + <input type="checkbox" id="opt-clearclick"><label for="opt-clearclick" id="lbl-clearclick">ClearClick</label> + </div> + + <section id="debug" class="browser-style"> + <div class="opt-group"> + <span><input type="checkbox" id="opt-debug"><label id="label-debug" for="opt-debug">Debug</label></span> + </div> + <div id="debug-tools" class="debug browser-style"> + <label for="policy">Policy:</label> + <div id="policy-error"></div> + <textarea id="policy" class="browser-style"> + </textarea> + </div> + </section> +</div> +</div> +<script src="/lib/persistent-tabs.js"></script> +<script src="options.js"></script> +</body> +</html> diff --git a/src/ui/options.js b/src/ui/options.js new file mode 100644 index 0000000..79e6cb7 --- /dev/null +++ b/src/ui/options.js @@ -0,0 +1,220 @@ +'use strict'; +(async () => { + + await UI.init(); + + let policy = UI.policy; + + let version = browser.runtime.getManifest().version; + document.querySelector("#version").textContent = _("Version", version); + // simple general options + opt("global", o => { + if (o) { + policy.enforced = !o.checked; + UI.updateSettings({policy}); + } + let {enforced} = policy; + let disabled = !enforced; + for (let e of document.querySelectorAll(".enforcement_required")) { + e.disabled = disabled; + } + return disabled; + }); + + opt("auto", o => { + if (o) { + policy.autoAllowTop = o.checked; + UI.updateSettings({policy}); + } + return policy.autoAllowTop; + }); + + opt("xss"); + + { + let button = document.querySelector("#btn-reset"); + button.onclick = async () => { + if (confirm(_("reset_warning"))) { + policy = new Policy(); + await UI.updateSettings({policy, local: null, sync: null, xssUserChoices: {}}); + window.location.reload(); + } + } + + let fileInput = document.querySelector("#file-import"); + fileInput.onchange = () => { + let fr = new FileReader(); + fr.onload = async () => { + try { + await UI.importSettings(fr.result); + } catch (e) { + error(e, "Importing settings %s", fr.result); + } + location.reload(); + } + fr.readAsText(fileInput.files[0]); + } + + button = document.querySelector("#btn-import"); + button.onclick = () => fileInput.click(); + + document.querySelector("#btn-export").addEventListener("click", async e => { + let button = e.target; + button.disabled = true; + let settings = await UI.exportSettings(); + let f = document.createElement("iframe"); + f.srcdoc = `<a download="noscript_data.txt" target="_blank">NoScript Export</a>`; + f.style.position = "fixed"; + f.style.top = "-999px"; + f.style.height = "1px"; + f.onload = () => { + let w = f.contentWindow; + let a = w.document.querySelector("a"); + a.href = w.URL.createObjectURL(new w.Blob([settings], { + type: "text/plain" + })); + a.click(); + setTimeout(() => { + f.remove(); + button.disabled = false; + }, 1000); + + }; + document.body.appendChild(f); + }); + } + + { + let a = document.querySelector("#xssFaq a"); + a.onclick = e => { + e.preventDefault(); + browser.tabs.create({ + url: a.href + }); + } + let button = document.querySelector("#btn-delete-xss-choices"); + let choices = UI.xssUserChoices; + button.disabled = Object.keys(choices).length === 0; + button.onclick = () => { + UI.updateSettings({ + xssUserChoices: {} + }); + button.disabled = true + }; + + } + + opt("clearclick"); + opt("debug", "local", b => { + document.body.classList.toggle("debug", b); + if (b) updateRawPolicyEditor(); + }); + + // Appearance + + opt("showCountBadge", "local"); + opt("showCtxMenuItem", "local"); + opt("showFullAddresses", "local"); + + // PRESET CUSTOMIZER + { + let parent = document.getElementById("presets"); + let presetsUI = new UI.Sites(parent, + {"DEFAULT": true, "TRUSTED": true, "UNTRUSTED": true}); + + presetsUI.render([""]); + window.setTimeout(() => { + let def = parent.querySelector('input.preset[value="DEFAULT"]'); + def.checked = true; + def.click(); + }, 10); + } + + // SITES UI + let sitesUI = new UI.Sites(document.getElementById("sites")); + { + sitesUI.onChange = () => { + if (UI.local.debug) { + updateRawPolicyEditor(); + } + }; + let sites = policy.sites; + sitesUI.render(sites); + + let newSiteForm = document.querySelector("#form-newsite"); + let newSiteInput = newSiteForm.newsite; + let button = newSiteForm.querySelector("button"); + let canAdd = s => policy.get(s).siteMatch === null; + + let validate = () => { + let site = newSiteInput.value.trim(); + button.disabled = !(Sites.isValid(site) && canAdd(site)); + sitesUI.filterSites(site); + } + validate(); + newSiteInput.addEventListener("input", validate); + + newSiteForm.addEventListener("submit", e => { + e.preventDefault(); + e.stopPropagation(); + let site = newSiteInput.value.trim(); + let valid = Sites.isValid(site); + if (valid && canAdd(site)) { + policy.set(site, policy.TRUSTED); + UI.updateSettings({policy}); + newSiteInput.value = ""; + sitesUI.render(policy.sites); + sitesUI.highlight(site); + sitesUI.onChange(); + } + }, true); + } + + + // UTILITY FUNCTIONS + + async function opt(name, storage = "sync", onchange) { + let input = document.querySelector(`#opt-${name}`); + if (!input) { + debug("Checkbox not found %s", name); + return; + } + if (typeof storage === "function") { + input.onchange = e => storage(input); + input.checked = storage(null); + } else { + let obj = UI[storage]; + if (!obj) log(storage); + input.checked = obj[name]; + if (onchange) onchange(input.checked); + input.onchange = async () => { + obj[name] = input.checked; + await UI.updateSettings({[storage]: obj}); + if (onchange) onchange(obj[name]); + } + } + } + + + function updateRawPolicyEditor() { + if (!UI.local.debug) return; + + // RAW POLICY EDITING (debug only) + let policyEditor = document.getElementById("policy"); + policyEditor.value = JSON.stringify(policy.dry(true), null, 2); + if (!policyEditor.onchange) policyEditor.onchange = (e) => { + let ed = e.currentTarget + try { + policy = new Policy(JSON.parse(ed.value)); + UI.updateSettings({policy}); + sitesUI.render(policy.sites); + ed.className = ""; + document.getElementById("policy-error").textContent = ""; + } catch (e) { + error(e); + ed.className = "error"; + document.getElementById("policy-error").textContent = e.message; + } + } + } +})(); diff --git a/src/ui/popup.css b/src/ui/popup.css new file mode 100644 index 0000000..f8b31e2 --- /dev/null +++ b/src/ui/popup.css @@ -0,0 +1,235 @@ +body { + background: white; +} + +#top { + font-size: 1em; + position: relative; + margin: 0; + height: 2.4em; + min-width: 18.75em; + border-bottom: 0.06em solid #eee; + display: flex; + -moz-user-select: none; +} + + +#top a { + appearance: none !important; + -moz-appearance: none !important; + width: 2em; + height: 2em; + margin: 0.25em; + cursor: pointer; + font-size: 1em; + font-family: sans-serif; + font-weight: bold; + color: black; + background: transparent no-repeat center; + background-size: 100%; + transform: unset; + transition: all 0.3s; + border: none; + display: block; + + top: 0; + padding: 0; + text-align: left; + vertical-align: middle; + line-height: 1em; + +} + +#top > .spacer { + flex-grow: 1; + display: block; + cursor: pointer; +} + + + +#top > .hider.open ~ .spacer { + display: none; +} + +.hider { + background: #ccc; + box-shadow: inset 0 1px 3px #444; + border-radius: 1em 1em 0 0; + display: none; + position: relative; + margin: .25em 1.5em; + padding: 0; + + height: 2em; + overflow: hidden; + opacity: .5; +} + + + +.hider.open { + display: flex; + flex-grow: 1; + opacity: 1; + padding-left: 2em; +} +.hider:hover { + opacity: 1; +} +.hider:not(.open):not(.empty) { + display: block; + text-align: right; + line-height: 1em; + overflow: hidden; + width: 2em; +} + + +.reveal { + display: block; + padding: .3em; + margin: 0; +} + +.hider.open > .reveal { + display: none !important; +} + +.hider:not(.open) > :not(.reveal) { + display: none !important; +} + +.hider-label { + position: absolute; + z-index: 100; + top: .5em; + right: .5em; + color: #222; + text-align: right; + vertical-align: middle; + line-height: 100%; + font-size: 1em; + font-weight: bold; + pointer-events: none; + text-shadow: -2px 0 2px white, 2px 0 2px white; +} + +.hider-close { + -moz-appearance: none; + appearance: none; + color: black; + background: transparent; + padding: 0; + border-radius: .2em; + border: none; + position: absolute; + left: .2em; + top: 0; + font-size: 1em; + z-index: 100; + vertical-align: middle; + padding: .2em; +} + +.hider-close:hover, .reveal:hover { + color: white !important; + text-shadow: -2px 0 2px red, 2px 0 2px red; +} + +.hider > .icon { + opacity: .7; + margin: 0 .25em; + padding: 0; +} + +#top > a:hover { + transform: scale(1.2); +} + +#top a.icon { + text-indent: -500em; + color: transparent; +} + + +#top #revoke-temp { + background-image: url(/img/ui-revoke-temp64.png); +} +#top #temp-trust-page { + background-image: url(/img/ui-temp-all64.png); +} + +#top #enforce-tab { + background-image: url(/img/ui-tab-no64.png); +} +#top #enforce-tab[aria-pressed="true"] { + background-image: url(/img/ui-tab64.png); +} + +#top #enforce { + background-image: url(/img/ui-global-no64.png); +} +#top #enforce[aria-pressed="true"] { + background-image: url(/img/ui-global64.png); +} + +#top #options { + background-image: url(/img/noscript-options.png); +} +#top #close { + background-image: url(/img/ui-close64.png); +} + +#top #reload { + background-image: url(/img/ui-reload64.png); +} + +#sites { + margin: 0.5em 0.25em; +} + +#content { + text-align: center; +} +#buttons { + text-align: center; + margin: 0.5em; + display: flex; + justify-content: space-around; + +} +#buttons button { + flex-grow: 1; + margin: .5em 2em; +} + +.disabled .toggle.icon, .toggle.icon:disabled { + opacity: .2; + pointer-events: none; +} + +#message { + height: auto; + margin: .5em; + padding: .8em 0 0 2.5em; + background-size: 2em; + background-position: left top; + background-repeat: no-repeat; + min-height: 3em; + transition: height .5s; + font-size: 1.2em; + vertical-align: middle; +} +#message.hidden { + display: none; + height: 0; + min-height: 0; + overflow: hidden; +} +.warning { + background-image: url("/img/warning64.png"); +} +.error { + background-image: url("/img/error64.png"); +} diff --git a/src/ui/popup.html b/src/ui/popup.html new file mode 100644 index 0000000..d4bab21 --- /dev/null +++ b/src/ui/popup.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<html> +<head> +<meta name="viewport" content="width=device-width,initial-scale=1"> +<meta charset="utf-8"> +<title>NoScript Settings</title> +<meta charset="utf-8"> +<link rel="stylesheet" type="text/css" href="popup.css" /> +<script src="/lib/include.js"></script> +<script src="/lib/log.js"></script> +<script src="/common/locale.js"></script> +<script src="/ui/ui.js"></script> + +</head> +<body> +<div id="main"> +<div id="top"> + <a aria-role="button" id="close" class="close icon">__MSG_Close__</a> + <a aria-role="button" id="reload" class="reload icon">__MSG_Reload__</a> + <a aria-role="button" id="options" class="options icon">__MSG_Options__</a> + <div class="hider"> + <a aria-role="button" class="reveal" title="__MSG_Reveal__">🡆</a> + <div class="hider-label">__MSG_Hider__</div> + <button class="hider-close">🗙</button> + </div> + <div class="spacer"></div> + <a aria-role="button" id="enforce" class="toggle icon"></a> + <a aria-role="button" id="enforce-tab" class="toggle icon"></a> + <a aria-role="button" id="temp-trust-page" class="toggle icon">__MSG_TempTrustPage__</a> + <a aria-role="button" id="revoke-temp" class="toggle icon">__MSG_RevokeTemp__</a> +</div> +<div id="message" class="hidden"></div> +<div id="content"></div> +<div id="sites"></div> +<div id="buttons"> + +</div> +</div> +<script src="popup.js"></script> +</body> +</html> diff --git a/src/ui/popup.js b/src/ui/popup.js new file mode 100644 index 0000000..3f84549 --- /dev/null +++ b/src/ui/popup.js @@ -0,0 +1,249 @@ +'use strict'; + +var sitesUI; + +addEventListener("unload", e => { + if (!UI.initialized) { + browser.runtime.sendMessage({ + type: "openStandalonePopup" + }); + } +}); + +(async () => { + + function showMessage(className, message) { + let el = document.getElementById("message"); + el.textContent = message; + el.className = className; + } + + try { + let tabId; + let pendingReload = false; + let isBrowserAction = true; + let optionsClosed = false; + let tab = (await browser.tabs.query({ + windowId: browser.windows ? + (await browser.windows.getLastFocused({windowTypes: ["normal"]})).id + : null, + active: true + }))[0]; + + if (!tab || tab.id === -1) { + log("No tab found to open the UI for"); + close(); + } + if (tab.url === document.URL) { + isBrowserAction = false; + try { + tabId = parseInt(document.URL.match(/#.*\btab(\d+)/)[1]); + } catch (e) { + close(); + } + addEventListener("blur", close); + } else { + tabId = tab.id; + } + + await UI.init(tabId); + + if (isBrowserAction) { + browser.tabs.onActivated.addListener(e => { + if (e.tabId !== tabId) close(); + }); + } + + await include("/ui/toolbar.js"); + { + let clickHandlers = { + "options": e => { + browser.runtime.openOptionsPage(); + close(); + }, + "close": close, + "reload": reload, + "temp-trust-page": e => sitesUI.tempTrustAll(), + "revoke-temp": e => { + UI.revokeTemp(); + close(); + } + }; + for (let [id, handler] of Object.entries(clickHandlers)) { + document.getElementById(id).onclick = handler; + } + } + { + let policy = UI.policy; + let pressed = policy.enforced; + let button = document.getElementById("enforce"); + button.setAttribute("aria-pressed", pressed); + button.textContent = button.title = _(pressed ? "NoEnforcement" : "Enforce"); + button.onclick = () => { + policy.enforced = !pressed; + UI.updateSettings({policy, reloadAffected: true}); + close(); + } + } + { + let pressed = !UI.unrestrictedTab; + let button = document.getElementById("enforce-tab"); + button.setAttribute("aria-pressed", pressed); + button.textContent = button.title = _(pressed ? "NoEnforcementForTab" : "EnforceForTab"); + if (UI.policy.enforced) { + button.onclick = () => { + UI.updateSettings({ + unrestrictedTab: pressed, + reloadAffected: true, + }); + close(); + } + } else { + button.disabled = true; + } + } + + + let mainFrame = UI.seen && UI.seen.find(thing => thing.request.type === "main_frame"); + debug("Seen: %o", UI.seen); + if (!mainFrame) { + + if (/^https?:/.test(tab.url) && !tab.url.startsWith("https://addons.mozilla.org/")) { + document.body.classList.add("disabled"); + showMessage("warning", _("freshInstallReload")); + let buttons = document.querySelector("#buttons"); + let b = document.createElement("button"); + b.textContent = _("OK"); + b.onclick = document.getElementById("reload").onclick = () => { + reload(); + close(); + } + buttons.appendChild(b); + b = document.createElement("button"); + b.textContent = _("Cancel"); + b.onclick = () => close(); + buttons.appendChild(b); + return; + } + showMessage("warning", _("privilegedPage")); + document.getElementById("temp-trust-page").disabled = true; + if (!UI.seen) return; + } + + let justDomains = !UI.local.showFullAddresses; + + sitesUI = new UI.Sites(document.getElementById("sites")); + + sitesUI.onChange = (row) => { + pendingReload = !row.temp2perm; + if (optionsClosed) return; + browser.tabs.query({url: browser.runtime.getManifest().options_ui.page }) + .then(tabs => { + browser.tabs.remove(tabs.map(t => t.id)); + }); + optionsClosed = true; + }; + initSitesUI(); + UI.onSettings = initSitesUI; + + + + function initSitesUI() { + pendingReload = false; + let { + typesMap + } = sitesUI; + typesMap.clear(); + let policySites = UI.policy.sites; + let domains = new Map(); + + function urlToLabel(url) { + let { + origin + } = url; + let match = policySites.match(url); + if (match) return match; + if (domains.has(origin)) { + if (justDomains) return domains.get(origin); + } else { + let domain = tld.getDomain(url.hostname); + domain = url.protocol === "https:" ? Sites.secureDomainKey(domain) : domain; + domains.set(origin, domain); + if (justDomains) return domain; + } + return origin; + } + let seen = UI.seen; + let parsedSeen = seen.map(thing => Object.assign({ + type: thing.policyType + }, Sites.parse(thing.request.url))) + .filter(parsed => parsed.url && parsed.url.origin !== "null"); + + let sitesSet = new Set( + parsedSeen.map(parsed => parsed.label = urlToLabel(parsed.url)) + ); + if (!justDomains) { + for (let domain of domains.values()) sitesSet.add(domain); + } + let sites = [...sitesSet]; + for (let parsed of parsedSeen) { + sites.filter(s => parsed.label === s || domains.get(parsed.url.origin) === s).forEach(m => { + let siteTypes = typesMap.get(m); + if (!siteTypes) typesMap.set(m, siteTypes = new Set()); + siteTypes.add(parsed.type); + }); + } + + sitesUI.mainUrl = new URL(mainFrame.request.url) + sitesUI.mainSite = urlToLabel(sitesUI.mainUrl); + sitesUI.mainDomain = tld.getDomain(sitesUI.mainUrl.hostname); + + sitesUI.render(sites); + } + + function reload() { + if (sitesUI) sitesUI.clear(); + browser.tabs.reload(tabId); + pendingReload = false; + } + + function close() { + if (isBrowserAction) { + window.close(); + } else { + //browser.windows.remove(tab.windowId); + browser.tabs.remove(tab.id); + } + } + + let { + onCompleted + } = browser.webNavigation; + + let loadSnapshot = sitesUI.snapshot; + let onCompletedListener = navigated => { + if (navigated.tabId === tabId) { + UI.pullSettings(); + } + }; + onCompleted.addListener(onCompletedListener, { + url: [{ + hostContains: sitesUI.mainDomain + }] + }); + addEventListener("unload", e => { + onCompleted.removeListener(onCompletedListener); + debug("pendingReload", pendingReload); + if (pendingReload) { + UI.updateSettings({ + policy: UI.policy, + reloadAffected: true, + }); + } + }, true); + } catch (e) { + error(e, "Can't open popup"); + close(); + } + +})(); diff --git a/src/ui/prompt.css b/src/ui/prompt.css new file mode 100644 index 0000000..9406f01 --- /dev/null +++ b/src/ui/prompt.css @@ -0,0 +1,91 @@ + +body { + bottom: 8px; + font-family: sans-serif; + font-size: 12px; + color: #222; +} + +#header { + text-align: left; + margin: 0; + line-height: 24px; + color: #048; + position: relative; + font-size: 24px; + z-index: 500; + padding: 8px; + display: block; + background: url(/img/icon96.png) no-repeat top right; + height: 96px; +} + +#title { + margin-right: 96px; + font-size: 24px; + position: absolute; + bottom: 0; + top: 0; +} + +#main { + background: linear-gradient(to bottom, #e4f5fc 0%,#bfe8f9 41%,#9fd8ef 90%,#2ab0ed 100%) no-repeat; + display: flex; + flex-direction: column; + align-items: center; + padding: 120px 16px 16px 16px; + top: 0; + left: 0; + right:0; + bottom: 0; + position: fixed; + justify-content: center; +} +#message { + flex-grow: 1; + width: 100%; + max-height: 300px; + padding: 8px; + text-align: center; + word-break: break-all; +} +#message.multiline { + overflow: auto; + font-size: 12px; + text-align: justify; + margin-bottom: 16px; + background: rgba(255,255,255,.5); +} +#message.multiline p { + margin: 1px; + padding: 0; +} +#options { + display: flex; + flex-grow: 2; + flex-direction: column; + text-align: left; + align-items:baseline; + justify-content: center; +} + + +#checks { + display: flex; + flex-direction: column; + flex-grow: 1; + text-align: left; +} + +#buttons { + width: 100%; + display: flex; + flex-grow: 0; + flex-direction: row; + align-items: center; + margin: 8px; + justify-content: space-around; +} +#buttons button { + min-width: 100px; +} diff --git a/src/ui/prompt.html b/src/ui/prompt.html new file mode 100644 index 0000000..902b375 --- /dev/null +++ b/src/ui/prompt.html @@ -0,0 +1,32 @@ +<!DOCTYPE html> +<html> +<head> +<meta charset="utf-8"> +<title></title> +<meta charset="utf-8"> +<link rel="stylesheet" type="text/css" href="prompt.css" /> +<script src="/lib/include.js"></script> +<script src="/lib/log.js"></script> +<script src="/common/locale.js"></script> +<script src="/ui/resize_hack.js"></script> +</head> +<body> +<div id="header"> +<h1 id="title"></h1> +</div> +<div id="main"> +<div id="message"> +</div> +<div id="options"> +<input type="radio"> +</div> +<div id="checks"> + <input type="checkbox"> +</div> +<div id="buttons"> + <button id="button0" type="submit">OK</button><button id="button1">Cancel</button> +</div> +</div> +<script src="prompt.js"></script> +</body> +</html> diff --git a/src/ui/prompt.js b/src/ui/prompt.js new file mode 100644 index 0000000..f19aac9 --- /dev/null +++ b/src/ui/prompt.js @@ -0,0 +1,91 @@ +(async () => { + window.bg = await browser.runtime.getBackgroundPage(); + ["Prompts"] + .forEach(p => window[p] = bg[p]); + let data = Prompts.promptData; + debug(data); + let {title, message, options, checks, buttons} = data.features; + + function labelFor(el, text) { + let label = document.createElement("label"); + label.setAttribute("for", el.id); + label.textContent = text; + return label; + } + + function createInput(container, {label, type, name, checked}, count) { + let input = document.createElement("input"); + input.type = type; + input.value = count; + input.name = name; + input.checked = checked; + input.id = `${name}-${count}`; + let sub = document.createElement("div"); + sub.appendChild(input); + sub.appendChild(labelFor(input, label)); + container.appendChild(sub); + } + + function createButton(container, label, count) { + let button = document.createElement("button"); + if (count === 0) button.type = "submit"; + button.id = `${button}-${count}`; + button.value = count; + button.textContent = label; + container.appendChild(button); + } + + function renderInputs(container, dataset, type, name) { + if (typeof container === "string") { + container = document.querySelector(container); + } + if (typeof dataset === "string") { + container.innerHTML = dataset; + return; + } + container.innerHTML = ""; + let count = 0; + if (dataset && dataset[Symbol.iterator]) { + let create = type === "button" ? createButton : createInput; + for (let data of dataset) { + data.type = type; + data.name = name; + create(container, data, count++); + } + } + } + if (title) { + document.title = title; + document.querySelector("#title").textContent = title; + } + if (message) { + let lines = message.split(/\n/); + let container = document.querySelector("#message"); + container.classList.toggle("multiline", lines.length > 1); + message.innerHTML = ""; + for (let l of lines) { + let p = document.createElement("p"); + p.textContent = l; + container.appendChild(p); + } + } + renderInputs("#options", options, "radio", "opt"); + renderInputs("#checks", checks, "checkbox", "flag"); + renderInputs("#buttons", buttons, "button", "button"); + addEventListener("unload", e => { + data.done(); + }); + + let buttonClicked = e => { + let {result} = data; + result.button = parseInt(e.currentTarget.value); + let option = document.querySelector('#options [type="radio"]:checked'); + result.option = option && parseInt(option.value); + result.checks = [...document.querySelectorAll('#checks [type="checkbox"]:checked')] + .map(c => parseInt(c.value)); + data.done(); + }; + for (let b of document.querySelectorAll("#buttons button")) { + b.addEventListener("click", buttonClicked); + } +})(); diff --git a/src/ui/resize_hack.js b/src/ui/resize_hack.js new file mode 100644 index 0000000..c981e28 --- /dev/null +++ b/src/ui/resize_hack.js @@ -0,0 +1,15 @@ +document.addEventListener("DOMContentLoaded", async e => { + // Fix for Fx57 bug where bundled page loaded using + // browser.windows.create won't show contents unless resized. + // See https://bugzilla.mozilla.org/show_bug.cgi?id=1402110 + let win = await browser.windows.getCurrent({populate: true}); + if (win.tabs[0].url === document.URL) { + debug("Resize hack"); + await browser.windows.update(win.id, { + width: win.width + 1 + }); + await browser.windows.update(win.id, { + width: win.width + }); + } +}); diff --git a/src/ui/siteInfo.html b/src/ui/siteInfo.html new file mode 100644 index 0000000..0cb24ec --- /dev/null +++ b/src/ui/siteInfo.html @@ -0,0 +1,5 @@ +<!DOCTYPE html> +<meta charset="utf-8"> +<script src="/lib/log.js"></script> +<script src="/lib/include.js"></script> +<script src="siteInfo.js"></script> diff --git a/src/ui/siteInfo.js b/src/ui/siteInfo.js new file mode 100644 index 0000000..708c983 --- /dev/null +++ b/src/ui/siteInfo.js @@ -0,0 +1,20 @@ +(async () => { + let [domain, tabId] = decodeURIComponent(location.hash.replace("#", "")).split(";"); + const BASE = "https://noscript.net"; + await include(['/lib/punycode.js', '/common/Storage.js']); + let {siteInfoConsent} = await Storage.get("sync", "siteInfoConsent"); + if (!siteInfoConsent) { + await include('/common/locale.js'); + siteInfoConsent = confirm(_("siteInfo_confirm", [domain, BASE])); + if (siteInfoConsent) { + await Storage.set("sync", {siteInfoConsent}); + } else { + let current = await browser.tabs.getCurrent(); + await browser.tabs.update(parseInt(tabId), {active: true}); + await browser.tabs.remove(current.id); + return; + } + } + let ace = punycode.toASCII(domain); + location.href = `${BASE}/about/${domain};${ace}`; +})(); diff --git a/src/ui/toolbar.js b/src/ui/toolbar.js new file mode 100644 index 0000000..d2a2f6e --- /dev/null +++ b/src/ui/toolbar.js @@ -0,0 +1,117 @@ +{ + let toolbar = document.getElementById("top"); + let spacer = toolbar.querySelector(".spacer"); + let hider = toolbar.querySelector(".hider"); + + if (UI.local.toolbarLayout) { + debug(uneval(UI.local.toolbarLayout)); + let {left, right, hidden} = UI.local.toolbarLayout; + for (let id of left) { + toolbar.insertBefore(document.getElementById(id), hider); + } + for (let id of right) { + toolbar.appendChild(document.getElementById(id)); + } + for (let id of hidden) { + hider.appendChild(document.getElementById(id)); + } + } + + for (let i of toolbar.querySelectorAll(".icon")) { + if (!i.title) i.title = i.textContent; + } + + function toggleHider(b) { + let cl = hider.classList; + cl.toggle("open", b); + cl.toggle("empty", !hider.querySelector(".icon")); + } + hider.querySelector(".hider-close").onclick = e => { + toggleHider(false); + }; + + toggleHider(false); + + let dnd = { + dragstart(ev) { + let d = ev.target; + if (hider.querySelectorAll(".icon").length) { + toggleHider(true); + } + + if (!d.classList.contains("icon")) { + ev.preventDefault(); + return; + } + d.style.opacity = ".5"; + let dt = ev.dataTransfer; + dt.setData("text/plain", d.id); + dt.dropEffect = "move"; + dt.setDragImage(d, 0, 0); + toggleHider(true); + }, + dragend(ev) { + ev.target.style.opacity = ""; + }, + dragover(ev) { + ev.preventDefault(); + }, + dragenter(ev) { + let t = ev.target; + }, + dragleave(ev) { + let t = ev.target; + }, + drop(ev) { + let t = ev.target; + let d = document.getElementById(ev.dataTransfer.getData("text/plain")); + switch(t) { + case hider: + t.appendChild(d); + break; + case toolbar: + t.insertBefore(d, ev.clientX < hider.offsetLeft ? hider : spacer.nextElementSibling); + break; + default: + t.parentNode.insertBefore(d, ev.clientX < (t.offsetLeft + t.offsetWidth) ? t : t.nextElementSibling); + } + + let left = [], right = []; + let side = left; + for (let el of document.querySelectorAll("#top > .icon, #top > .spacer")) { + if (el === spacer) { + side = right; + } else { + side.push(el.id); + } + } + UI.local.toolbarLayout = { + left, right, + hidden: Array.map(document.querySelectorAll("#top > .hider > .icon"), el => el.id), + }; + + debug("%o", UI.local); + UI.updateSettings({local: UI.local}); + }, + + click(ev) { + let el = ev.target; + if (el.parentNode === hider && el.classList.contains("icon")) { + ev.preventDefault(); + ev.stopPropagation(); + } else if (el === spacer || el.classList.contains("reveal")) { + toggleHider(true); + } + } + + }; + + + for (let [action, handler] of Object.entries(dnd)) { + toolbar.addEventListener(action, handler, true); + } + + for (let draggable of document.querySelectorAll("#top .icon")) { + draggable.setAttribute("draggable", "true"); + } +} diff --git a/src/ui/ui-hc.css b/src/ui/ui-hc.css new file mode 100644 index 0000000..fd70e2a --- /dev/null +++ b/src/ui/ui-hc.css @@ -0,0 +1,63 @@ +input { + transform: none !important; + width: auto !important; + position: static !important; +} + +input[type="radio"] { + -moz-appearance: radio !important; + padding-right: .2em !important; +} +input[type="checkbox"] { + -moz-appearance: checkbox !important; +} + + +button { + text-indent: 0 !important; +} + +label { + display: initial !important; + position: static !important; + transform: none !important; + opacity: 1 !important; + text-indent: 0 !Important; + position: static; + width: auto !important; + padding: 4px !important; +} + +span.preset { + display: block; + width: auto !important; + white-space: nowrap !important; +} + +input.temp { + position: static !important; + opacity: 1 !important; +} + +.full-address { + font-size: 130%; +} + +tr.site { + border-top: 1px solid #888; +} + +#top { + display:flex; + flex-flow: row; + justify-content: space-around; + +} +#top button { + position: static; + width: auto; +} +#top button.icon { + font-size: 12px !important; + font-family: arial sans-serif !important; +} diff --git a/src/ui/ui.css b/src/ui/ui.css new file mode 100644 index 0000000..55f9247 --- /dev/null +++ b/src/ui/ui.css @@ -0,0 +1,391 @@ + +body { + font-family: sans-serif; + font: -moz-use-system-font; + font-size: 12px; +} + +.mobile > body { + font-size: 4mm; + min-width: auto; +} + +.mobile .desktop { + display: none !important; +} + + @media (max-width: 100mm) { + body { + background-size: 4em !important; + padding-right: 0 !important; + } + + .presets { + width: 0; + } + + .presets input.preset { + min-width: 0 !important; + background-color: none !important; + margin-bottom: 0; + margin-top: 1mm; + font-weight: bold; + } + .presets input.temp { + position: static; + } + .presets label.preset { + font-size: 50%; + top: -1mm; + left: 0; + margin: 0; + padding: 0; + text-align: center; + text-shadow: 0 0 4px #ff8; + position: absolute; + overflow: visible; + } + + td.presets { + white-space: nowrap !important; + vertical-align: bottom; + } + .url { + white-space: wrap; + word-break: break-all; + font-size: 75%; + letter-spacing: -0.2mm; + + } + + } + +input[type="text"] { + border: 1px solid; +} +input[type="checkbox"] { + width: 1em; + height: 1em; +} + +.presets { + -moz-user-select: none; +} +.sites { + border: 0; + background: white; + border-collapse: collapse; + border-spacing: 0; + width: 100%; + overflow-y: auto; + +} +.sites tr, .sites td { + margin: 0; + padding: 0; + border: none; + font-size: 1em; +} +.sites > tr.site:hover, .sites > tr.sites:active { + background: #abf; +} +.sites > tr:nth-child(even) {background: #fff} +.sites > tr:nth-child(odd) {background: #eee} + +.site .url { + padding: 0 0 0 0.5em; + color: #ccc; + vertical-align: middle; +} +.site .url .protocol { display: none } + +.site .url .domain { cursor: help } + +[data-key="domain"] .full-address .host, +[data-key="domain"] .full-address .sub, +[data-key="domain"] .full-address .protocol, +[data-key="host"] .full-address span .protocol, +[data-key="host"] .full-address span .protocol, { + background-color: #afe; +} +[data-key="host"] .full-address span .protocol, +[data-key="domain"] .full-address span .host, +[data-key="domain"] .full-address span .protocol { + border: none; +} + + +.site .url[data-key="domain"] .domain, +.site .url[data-key="host"] .domain, +.site .url[data-key="host"] .sub, +.site .url[data-key="unsafe"] span { + color: #a00; +} + +.site .url[data-key="secure"] .domain, +.site .url[data-key="secure"] .sub, +.site .url[data-key="full"] span { + color: black; +} + +.site .url[data-key="full"] span, +.site .url[data-key="unsafe"] span { + display: initial; +} + +.site .url .domain { + font-weight: bold; +} + +input.https-only { + font-size: 1em; + -moz-appearance: none; + background: url(/img/ui-http64.png) no-repeat center; + background-size: 1.5em; + width: 1.5em; + height: 1.5em; + margin: 0 0 -0.13em 0.13em; + padding:0; + cursor: pointer; +} +input.https-only:checked { + background-image: url(/img/ui-https64.png); +} +label.https-only { + display: none; +} + +[data-preset="UNTRUSTED"] .https-only, [data-preset="DEFAULT"] .https-only { + visibility: hidden; +} + + +td.presets { + font-size: 1em; + white-space: nowrap; +} + +.mobile td.presets { + white-space: normal; +} + +span.preset { + position: relative; + display: inline-block; + top: 0.13em; + font-size: 1em; +} + +.preset label, .preset input, .preset button { + cursor: pointer; +} + +.presets input.preset { + font-size: 1em; + -moz-appearance: none; + background: url(/img/ui-no64.png) no-repeat center left; + background-size: 1.5em; + width: 1.5em; + height: 1.5em; + outline: 0; + opacity: .5; + margin: 0 .5em 0.13em .5em; +} + +input.preset:active, input.preset:focus, input.preset:hover { + background-color: #ff8; + border-radius: .5em; +} + +.presets input.preset:checked, #presets input.preset { + opacity: 1; + transform: none; + min-width: 9.38em; + background-color: #ddd; + border-radius: 0.5em; +} + +.presets input.preset:focus { + transform: none; +} +.sites input + label { + font-size: 1em; + line-height: 1.5em; + vertical-align: top; +} +.presets label.preset { + padding: 0; + letter-spacing: -0.06em; + width: 0em; + overflow: hidden; + display: none; + text-transform: uppercase; + color: #000; + opacity: .6; + position: absolute; + left: 0em; + padding-left: 2.5em; + + transition: 0.2s all; +} + +.presets input.preset[value^="T"] + label { + text-transform: none; +} + +.presets input.preset:checked + label, #presets .presets label { + opacity: 1; + width: 100%; + display: inline-block; +} + +button.options { + -moz-appearance: none; + border: none; + background: none transparent; + font-family: sans-serif; + font-weight: bold; + color: #048; + text-shadow: -0.06em -0.06em 0.06em #fff, 0.13em 0.13em 0.13em #000; + padding: 0; + margin: 0; +} + +.preset .options { + -moz-appearance: none; + + border: 0; + background: none; + font-size: 1em; + width: 1em; + height: 1em; + + opacity: 0; + position: absolute; + bottom: 0.88em; + left: 1.13em; + + pointer-events: none; + +} + +.preset:hover input.preset:checked ~ .options { + display: block; + opacity: 1; + bottom: 0.38em; + +} +input.preset[value="T_TRUSTED"] { + background-image: url(/img/ui-temp64.png); +} + +input.preset[value="TRUSTED"] { + background-image: url(/img/ui-yes64.png) +} +input.preset[value="UNTRUSTED"] { + background-image: url(/img/ui-black64.png) +} +input.preset[value="CUSTOM"] { + background-image: url(/img/ui-custom64.png) +} + +input.temp { + font-size: 1em; + -moz-appearance: none; + margin: 0; + padding: 0; + border: 0; + opacity: 0; + background: url(/img/ui-clock64.png) no-repeat center; + background-size: 60%; + width: 1.5em; + height: 1.5em; + transition: 0.2s all; + right: 0; + top: 0; + pointer-events: none; + position: absolute; +} + +input.temp + label { + display: none; +} + +input.preset:checked ~ input.temp { + opacity: .5; + right: .5em; + pointer-events: all; +} +.presets input.preset:checked ~ input.temp:checked { + opacity: 1 !important; + background-size: 100%; + +} + +.customizing input.preset:checked, #presets input.preset:checked, .customizer fieldset { + background-color: #ffb !important; + border-radius: 0.5em 0.5em 0 0; + margin: 0 0.06em 0.06em 0.06em; +} +.customizing input.preset:checked, #presets input.preset, #presets input.preset:checked { + margin: 0 1em -0.2em 1em; + border-radius: 0.5em 0.5em 0 0; +} + +.customizing input.preset:checked + label.preset { + padding-left: 3em; +} + +.customizing, .customizer { + background-color: #cca !important; +} + +.customizer div { + transition: 0.2s height; + padding: 0; + margin: 0; +} + +span.cap { + white-space: nowrap; + display: inline-block; +} + +.customizer.closed .customizer-controls { + height: 0; + overflow: hidden; +} + +span.cap { + padding: 0.5em; + font-weight: normal; +} + +span.cap.needed { + font-weight: bold; + background-color: #c88; +} + +fieldset { + border: 0; + padding: 1.5em 0.5em 0.5em 0.5em; + margin: 0; + position: relative; +} + +legend { + font-weight: bold; + display: inline; + position: absolute; + top: 0.25em; + left: 1em; + white-space: nowrap; +} +.customizer legend { + font-weight: bold; + font-size: 0.75em; +} + +#presets .https-only { + display: none; +} diff --git a/src/ui/ui.js b/src/ui/ui.js new file mode 100644 index 0000000..99943d7 --- /dev/null +++ b/src/ui/ui.js @@ -0,0 +1,661 @@ +'use strict'; +var UI = (() => { + + var UI = { + initialized: false, + + presets: { + "DEFAULT": "Default", + "T_TRUSTED": "Trusted_temporary", + "TRUSTED": "Trusted_permanent", + "UNTRUSTED": "Untrusted", + "CUSTOM": "Custom", + }, + + async init(tabId = -1) { + UI.tabId = tabId; + let scripts = [ + "/ui/ui.css", + "/lib/punycode.js", + "/lib/tld.js", + "/common/Policy.js", + ]; + this.mobile = !("windows" in browser); + if (this.mobile) { + document.documentElement.classList.toggle("mobile", true); + scripts.push("/lib/fastclick.js"); + } + await include(scripts); + + detectHighContrast(); + + let inited = new Promise(resolve => { + let listener = m => { + if (m.type === "settings") { + UI.policy = new Policy(m.policy); + UI.snapshot = UI.policy.snapshot; + UI.seen = m.seen; + UI.unrestrictedTab = m.unrestrictedTab; + UI.xssUserChoices = m.xssUserChoices; + UI.local = m.local; + UI.sync = m.sync; + if (UI.local && !UI.local.debug) { + debug = () => {}; // be quiet! + } + resolve(); + if (UI.onSettings) UI.onSettings(); + } + }; + browser.runtime.onMessage.addListener(listener); + + if (this.mobile) FastClick.attach(document.body); + UI.pullSettings(); + }); + + await inited; + + this.initialized = true; + debug("Imported", Policy); + }, + async pullSettings() { + browser.runtime.sendMessage({type: "NoScript.broadcastSettings", tabId: UI.tabId}); + }, + async updateSettings({policy, xssUserChoices, unrestrictedTab, local, sync, reloadAffected}) { + if (policy) policy = policy.dry(true); + return await browser.runtime.sendMessage({type: "NoScript.updateSettings", + policy, + xssUserChoices, + unrestrictedTab, + local, + sync, + reloadAffected, + tabId: UI.tabId, + }); + }, + + async exportSettings() { + return await browser.runtime.sendMessage({type: "NoScript.exportSettings"}); + }, + async importSettings(data) { + return await browser.runtime.sendMessage({type: "NoScript.importSettings", data}); + }, + + async revokeTemp() { + let policy = this.policy; + Policy.hydrate(policy.dry(), policy); + if (this.isDirty(true)) { + await this.updateSettings({policy, reloadAffected: true}); + } + }, + + isDirty(reset = false) { + let currentSnapshot = this.policy.snapshot; + let dirty = currentSnapshot != this.snapshot; + if (reset) this.snapshot = currentSnapshot; + return dirty; + }, + + async openSiteInfo(domain) { + let url = `/ui/siteInfo.html#${encodeURIComponent(domain)};${UI.tabId}`; + browser.tabs.create({url}); + } + }; + + function detectHighContrast() { + // detect high contrast + let canary = document.createElement("input"); + canary.className="https-only"; + canary.style.display = "none"; + document.body.appendChild(canary); + if (UI.highContrast = window.getComputedStyle(canary).backgroundImage === "none") { + include("/ui/ui-hc.css"); + document.documentElement.classList.toggle("hc"); + } + canary.parentNode.removeChild(canary); + } + + function fireOnChange(sitesUI, data) { + if (UI.isDirty(true)) { + UI.updateSettings({policy: UI.policy}); + if (sitesUI.onChange) sitesUI.onChange(data, this); + } + } + + function compareBy(prop, a, b) { + let x = a[prop], y = b[prop]; + return x > y ? 1 : x < y ? -1 : 0; + } + + const TEMPLATE = ` + <table class="sites"> + <tr class="site"> + + <td class="presets"> + <span class="preset"> + <input id="preset" class="preset" type="radio" name="preset"><label for="preset" class="preset">PRESET</label> + <button class="options tiny">⚙</button> + <input id="temp" class="temp" type="checkbox"><label for="temp">Temporary</input> + </span> + </td> + + <td class="url" data-key="secure"> + <input class="https-only" id="https-only" type="checkbox"><label for="https-only" class="https-only"></label> + <span class="full-address"> + <span class="protocol">https://</span><span class="sub">www.</span><span class="domain">noscript.net</span><span class="path"></span> + </span> + </td> + + + + </tr> + <tr class="customizer"> + <td colspan="2"> + <div class="customizer-controls"> + <fieldset><legend></legend> + <span class="cap"> + <input class="cap" type="checkbox" value="script" /> + <label class="cap">script</label> + </span> + </fieldset> + </div> + </td> + </tr> + </table> + `; + + const TEMP_PRESETS = ["CUSTOM"]; + const DEF_PRESETS = { + // name: customizable, + "DEFAULT": false, + "T_TRUSTED": false, + "TRUSTED": false, + "UNTRUSTED": false, + "CUSTOM": true, + }; + + UI.Sites = class { + constructor(parentNode, presets = DEF_PRESETS) { + this.parentNode = parentNode; + let policy = UI.policy; + this.uiCount = UI.Sites.count = (UI.Sites.count || 0) + 1; + this.sites = policy.sites; + this.presets = presets; + this.customizing = null; + this.typesMap = new Map(); + this.clear(); + } + + initRow(table = this.table) { + let row = table.querySelector("tr.site"); + + // PRESETS + { + let presets = row.querySelector(".presets"); + let [span, input, label, options] = presets.querySelectorAll("span.preset, input.preset, label.preset, .options"); + span.remove(); + options.title = _("Options"); + for (let [preset, customizable] of Object.entries(this.presets)) { + let messageKey = UI.presets[preset]; + input.value = preset; + label.textContent = label.title = input.title = _(messageKey); + let clone = span.cloneNode(true); + clone.classList.add(preset); + let temp = clone.querySelector(".temp"); + if (TEMP_PRESETS.includes(preset)) { + temp.title = _("allowTemp", `(${label.title.toUpperCase()})`); + temp.nextElementSibling.textContent = _("allowTemp", ""); // label; + } else { + temp.nextElementSibling.remove(); + temp.remove(); + } + if (customizable) { + clone.querySelector(".options").remove(); + } + presets.appendChild(clone); + } + } + + // URL + { + let [input, label] = row.querySelectorAll("input.https-only, label.https-only"); + input.title = label.title = label.textContent = _("httpsOnly"); + } + + // CUSTOMIZER ROW + { + let [customizer, legend, cap, capInput, capLabel] = table.querySelectorAll(".customizer, legend, span.cap, input.cap, label.cap"); + row._customizer = customizer; + customizer.remove(); + let capParent = cap.parentNode; + capParent.removeChild(cap); + legend.textContent = _("allow"); + let idSuffix = UI.Sites.count; + for (let capability of Permissions.ALL) { + capInput.id = `capability-${capability}-${idSuffix}` + capLabel.setAttribute("for", capInput.id); + capInput.value = capability; + capInput.title = capLabel.textContent = _(`cap_${capability}`); + let clone = capParent.appendChild(cap.cloneNode(true)); + clone.classList.add(capability); + } + } + + // debug(table.outerHTML); + return row; + } + + allSiteRows() { + return this.table.querySelectorAll("tr.site"); + } + clear() { + debug("Clearing list", this.table); + + this.template = document.createElement("template"); + this.template.innerHTML = TEMPLATE; + this.fragment = this.template.content; + this.table = this.fragment.querySelector("table.sites"); + this.rowTemplate = this.initRow(); + + for (let r of this.allSiteRows()) { + r.parentNode.removeChild(r); + } + this.customize(null); + this.sitesCount = 0; + } + + siteNeeds(site, type) { + let siteTypes = this.typesMap && this.typesMap.get(site); + return !!siteTypes && siteTypes.has(type); + } + + handleEvent(ev) { + let target = ev.target; + let customizer = target.closest(".customizer"); + let row = customizer ? customizer.parentNode.querySelector("tr.customizing") : target.closest("tr.site"); + if (!row) return; + row.temp2perm = false; + let isTemp = target.matches("input.temp"); + let preset = target.matches("input.preset") ? target + : customizer || isTemp ? row.querySelector("input.preset:checked") + : target.closest("input.preset"); + debug("%s target %o\n\trow %s, perms %o\npreset %s %s", + ev.type, + target, row && row.siteMatch, row && row.perms, + preset && preset.value, preset && preset.checked); + + if (!preset) { + if (target.matches("input.https-only") && ev.type === "change") { + this.toggleSecure(row, target.checked); + fireOnChange(this, row); + } else if (target.matches(".domain")) { + UI.openSiteInfo(row.domain); + } + return; + } + + let policy = UI.policy; + let {siteMatch, contextMatch, perms} = row; + let presetValue = preset.value; + let policyPreset = presetValue.startsWith("T_") ? policy[presetValue.substring(2)].tempTwin : policy[presetValue]; + + if (policyPreset) { + if (row.perms !== policyPreset) { + row.temp2perm = row.perms && policyPreset.tempTwin === row.perms; + row.perms = policyPreset; + } + } + + + let isCap = customizer && target.matches(".cap"); + let tempToggle = preset.parentNode.querySelector("input.temp"); + + if (ev.type === "change") { + if (preset.checked) { + row.dataset.preset = preset.value; + } + if (isCap) { + perms.set(target.value, target.checked); + } else if (policyPreset) { + if (tempToggle && tempToggle.checked) { + policyPreset = policyPreset.tempTwin; + } + row.contextMatch = null; + row.perms = policyPreset; + delete row._customPerms; + debug("Site match", siteMatch); + if (siteMatch) { + policy.set(siteMatch, policyPreset); + } else { + this.customize(policyPreset, preset, row); + } + + } else if (preset.value === "CUSTOM") { + if (isTemp) { + row.perms.temp = target.checked; + } else { + let temp = preset.parentNode.querySelector("input.temp").checked; + let perms = row._customPerms || + (row._customPerms = new Permissions(new Set(row.perms.capabilities), temp)); + row.perms = perms; + policy.set(siteMatch, perms); + this.customize(perms, preset, row); + } + } + fireOnChange(this, row); + } else if (!(isCap || isTemp) && ev.type === "click") { + this.customize(row.perms, preset, row); + } + } + + customize(perms, preset, row) { + debug("Customize preset %s (%o) - Dirty: %s", preset && preset.value, perms, this.dirty); + for(let r of this.table.querySelectorAll("tr.customizing")) { + r.classList.toggle("customizing", false); + } + let customizer = this.rowTemplate._customizer; + customizer.classList.toggle("closed", true); + + if (!(perms && row && preset && + row.dataset.preset === preset.value && + this.presets[preset.value] && + preset !== customizer._preset)) { + delete customizer._preset; + return; + } + + customizer._preset = preset; + row.classList.toggle("customizing", true); + let immutable = Permissions.IMMUTABLE[preset.value] || {}; + for (let input of customizer.querySelectorAll("input")) { + let type = input.value; + if (type in immutable) { + input.disabled = true; + input.checked = immutable[type]; + } else { + input.checked = perms.allowing(type); + input.disabled = false; + } + input.parentNode.classList.toggle("needed", this.siteNeeds(row._site, type)); + row.parentNode.insertBefore(customizer, row.nextElementSibling); + customizer.classList.toggle("closed", false); + customizer.onkeydown = e => { + switch(e.keyCode) { + case 38: + case 8: + e.preventDefault(); + this.onkeydown = null; + this.customize(null); + preset.focus(); + return false; + } + } + window.setTimeout(() => customizer.querySelector("input").focus(), 50); + } + } + + render(sites = this.sites, sorter = this.sorter) { + let parentNode = this.parentNode; + debug("Rendering %o inside %o", sites, parentNode); + if (sites) this._populate(sites, sorter); + parentNode.innerHTML = ""; + parentNode.appendChild(this.fragment); + let root = parentNode.querySelector("table.sites"); + debug("Wiring", root); + if (!root.wiredBy) { + root.addEventListener("click", this, true); + root.addEventListener("change", this, true); + root.wiredBy = this; + } + return root; + } + + _populate(sites, sorter) { + this.clear(); + if (sites instanceof Sites) { + for (let [site, perms] of sites) { + this.append(site, site, perms); + } + } else { + for (let site of sites) { + let context = null; + if (site.site) { + site = site.site; + context = site.context; + } + let {siteMatch, perms, contextMatch} = UI.policy.get(site, context); + this.append(site, siteMatch, perms, contextMatch); + } + this.sites = sites; + } + this.sort(sorter); + window.setTimeout(() => this.focus(), 50); + } + + focus() { + let firstPreset = this.table.querySelector("input.preset:checked"); + if (firstPreset) firstPreset.focus(); + } + + sort(sorter = this.sorter) { + if (this.mainDomain) { + let md = this.mainDomain; + let wrappedCompare = sorter; + sorter = (a, b) => { + let x = a.domain, y = b.domain; + if (x === md) { + if (y !== md) { + return -1; + } + } else if (y === md) { + return 1; + } + return wrappedCompare(a, b); + } + } + let rows = [...this.allSiteRows()].sort(sorter); + if (this.mainSite) { + let mainLabel = "." + this.mainDomain; + let topIdx = rows.findIndex(r => r._label === mainLabel); + if (topIdx === -1) rows.findIndex(r => r._site === this.mainSite); + if (topIdx !== -1) { + // move the row to the top + let topRow = rows.splice(topIdx, 1)[0]; + rows.unshift(topRow); + topRow.classList.toggle("main", true); + } + } + this.clear(); + for (let row of rows) this.table.appendChild(row); + this.table.appendChild(this.rowTemplate._customizer); + } + + sorter(a, b) { + return compareBy("domain", a, b) || compareBy("_label", a, b); + } + + async tempTrustAll() { + let {policy} = UI; + let changed = 0; + for (let row of this.allSiteRows()) { + if (row._preset === "DEFAULT") { + policy.set(row._site, policy.TRUSTED.tempTwin); + changed++; + } + } + if (changed && UI.isDirty(true)) { + await UI.updateSettings({policy, reloadAffected: true}); + } + return changed; + } + + createSiteRow(site, siteMatch, perms, contextMatch = null, sitesCount = this.sitesCount++) { + debug("Creating row for site: %s, matching %s / %s, %o", site, siteMatch, contextMatch, perms); + + let row = this.rowTemplate.cloneNode(true); + row.sitesCount = sitesCount; + let url; + try { + url = new URL(site); + } catch (e) { + let protocol = Sites.isSecureDomainKey(site) ? "https:" : "http:"; + let hostname = Sites.toggleSecureDomainKey(site, false); + url = {protocol, hostname, origin: `${protocol}://${site}`, pathname: "/"}; + } + + let hostname = Sites.toExternal(url.hostname); + let domain = tld.getDomain(hostname); + + if (!siteMatch) { + // siteMatch = url.protocol === "https:" ? Sites.secureDomainKey(domain) : site; + siteMatch = site; + } + let secure = Sites.isSecureDomainKey(siteMatch); + let keyStyle = secure ? "secure" + : !domain || /^\w+:/.test(siteMatch) ? + (url.protocol === "https:" ? "full" : "unsafe") + : domain === hostname ? "domain" : "host"; + + let urlContainer = row.querySelector(".url"); + urlContainer.dataset.key = keyStyle; + row._site = site; + + row.siteMatch = siteMatch; + row.contextMatch = contextMatch; + row.perms = perms; + row.domain = domain || siteMatch; + if (domain) { // "normal" URL + let justDomain = hostname === domain; + let domainEntry = secure || domain === site; + row._label = domainEntry ? "." + domain : site; + row.querySelector(".protocol").textContent = `${url.protocol}//`; + row.querySelector(".sub").textContent = justDomain ? + (keyStyle === "full" || keyStyle == "unsafe" + ? "" : "…") + : hostname.substring(0, hostname.length - domain.length); + + row.querySelector(".domain").textContent = domain; + row.querySelector(".path").textContent = siteMatch.length > url.origin.length ? url.pathname : ""; + let httpsOnly = row.querySelector("input.https-only"); + httpsOnly.checked = keyStyle === "full" || keyStyle === "secure"; + } else { + row._label = siteMatch; + urlContainer.querySelector(".full-address").textContent = siteMatch; + } + + let presets = row.querySelectorAll("input.preset"); + let idSuffix = `-${this.uiCount}-${sitesCount}`; + for (let p of presets) { + p.id = `${p.value}${idSuffix}`; + p.name = `preset${idSuffix}`; + let label = p.nextElementSibling; + label.setAttribute("for", p.id); + let temp = p.parentNode.querySelector("input.temp"); + if (temp) { + temp.id = `temp-${p.id}`; + label = temp.nextElementSibling; + label.setAttribute("for", temp.id); + } + } + let policy = UI.policy; + + let presetName = "CUSTOM"; + for (let p of ["TRUSTED", "UNTRUSTED", "DEFAULT"]) { + let preset = policy[p]; + switch (perms) { + case preset: + presetName = p; + break; + case preset.tempTwin: + presetName = `T_${p}`; + if (!presetName in UI.presets) { + presetName = p; + } + break; + } + } + let tempFirst = true; // TODO: make it a preference + let unsafeMatch = keyStyle !== "secure" && keyStyle !== "full"; + if (presetName === "DEFAULT" && (tempFirst || unsafeMatch)) { + // prioritize temporary privileges over permanent + for (let p of TEMP_PRESETS) { + if (p in this.presets && (unsafeMatch || tempFirst && p === "TRUSTED")) { + row.querySelector(`.presets input[value="${p}"]`).parentNode.querySelector("input.temp").checked = true; + perms = policy.TRUSTED.tempTwin; + } + } + } + let preset = row.querySelector(`.presets input[value="${presetName}"]`); + if (!preset) { + debug(`Preset %s not found in %s!`, presetName, row.innerHTML); + } else { + preset.checked = true; + row.dataset.preset = row._preset = presetName; + if (TEMP_PRESETS.includes(presetName)) { + let temp = preset.parentNode.querySelector("input.temp"); + if (temp) { + temp.checked = perms.temp; + } + } + } + return row; + } + + append(site, siteMatch, perms, contextMatch) { + this.table.appendChild(this.createSiteRow(...arguments)); + } + + toggleSecure(row, secure = !!row.querySelector("https-only:checked")) { + this.customize(null); + let site = row.siteMatch; + site = site.replace(/^https?:/, secure ? "https:" : "http:"); + if (site === row.siteMatch) { + site = Sites.toggleSecureDomainKey(site, secure); + } + if (site !== row.siteMatch) { + let {policy} = UI; + policy.set(row.siteMatch, policy.DEFAULT); + policy.set(site, row.perms); + for(let r of this.allSiteRows()) { + if (r !== row && r.siteMatch === site && r.contextMatch === row.contextMatch) { + r.parentNode.removeChild(r); + } + } + let newRow = this.createSiteRow(site, site, row.perms, row.contextMatch, row.sitesCount); + row.parentNode.replaceChild(newRow, row); + } + } + + highlight(key) { + key = Sites.toExternal(key); + for (let r of this.allSiteRows()) { + if (r.querySelector(".full-address").textContent.trim().includes(key)) { + let url = r.lastElementChild; + url.style.transition = r.style.transition = "none"; + r.style.backgroundColor = "#850"; + url.style.transform = "scale(2)"; + r.querySelector("input.preset:checked").focus(); + window.setTimeout(() => { + r.style.transition = "1s background-color"; + url.style.transition = "1s transform"; + r.style.backgroundColor = ""; + url.style.transform = "none"; + r.scrollIntoView(); + }, 50); + } + } + } + + filterSites(key) { + key = Sites.toExternal(key); + for (let r of this.allSiteRows()) { + if (r.querySelector(".full-address").textContent.trim().includes(key)) { + r.style.display = ""; + } else { + r.style.display = "none"; + } + } + } + } + + return UI; +})(); diff --git a/src/ui/whirlpool.css b/src/ui/whirlpool.css new file mode 100644 index 0000000..0e2147a --- /dev/null +++ b/src/ui/whirlpool.css @@ -0,0 +1,45 @@ + +.cssload-container{ + position:relative; +} + +.cssload-whirlpool, +.cssload-whirlpool::before, +.cssload-whirlpool::after { + position: absolute; + top: 50%; + left: 50%; + border: 1px solid rgb(204,204,204); + border-left-color: rgb(0,0,0); + border-radius: 974px; +} + +.cssload-whirlpool { + margin: -24px 0 0 -24px; + height: 49px; + width: 49px; + animation: cssload-rotate 1150ms linear infinite; +} + +.cssload-whirlpool::before { + content: ""; + margin: -22px 0 0 -22px; + height: 43px; + width: 43px; + animation: cssload-rotate 1150ms linear infinite; +} + +.cssload-whirlpool::after { + content: ""; + margin: -28px 0 0 -28px; + height: 55px; + width: 55px; + animation: cssload-rotate 2300ms linear infinite; +} + + +@keyframes cssload-rotate { + 100% { + transform: rotate(360deg); + } +} diff --git a/src/xss/ASPIdiocy.js b/src/xss/ASPIdiocy.js new file mode 100644 index 0000000..c9958f1 --- /dev/null +++ b/src/xss/ASPIdiocy.js @@ -0,0 +1,638 @@ +'use strict'; + +var ASPIdiocy = XSS.ASPIdiocy = { + _replaceRx: /%u([0-9a-fA-F]{4})/g, + _affectsRx: /%u[0-9a-fA-F]{4}/, + _badPercentRx: /%(?!u[0-9a-fA-F]{4}|[0-9a-fA-F]{2})|%(?:00|u0000)[^&=]*/g, + + hasBadPercents(s) { + return this._badPercentRx.test(s) + }, + removeBadPercents(s) { + return s.replace(this._badPercentRx, ''); + }, + affects(s) { + return this._affectsRx.test(s); + }, + process(s) { + s = this.filter(s); + return /[\uff5f-\uffff]/.test(s) ? s + '&' + s.replace(/[\uff5f-\uffff]/g, '?') : s; + }, + filter(s) { + return this.removeBadPercents(s).replace(this._replaceRx, this._replace) + }, + + coalesceQuery(s) { // HPP protection, see https://www.owasp.org/images/b/ba/AppsecEU09_CarettoniDiPaola_v0.8.pdf + let qm = s.indexOf("?"); + if (qm < 0) return s; + let p = s.substring(0, qm); + let q = s.substring(qm + 1); + if (!q) return s; + + let unchanged = true; + let emptyParams = false; + + let pairs = (function rearrange(joinNames) { + let pairs = q.split("&"); + let accumulator = { + __proto__: null + }; + for (let j = 0, len = pairs.length; j < len; j++) { + let nv = pairs[j]; + let eq = nv.indexOf("="); + if (eq === -1) { + emptyParams = true; + if (joinNames && j < len - 1) { + pairs[j + 1] = nv + "&" + pairs[j + 1]; + delete pairs[j]; + } + continue; + } + let key = "#" + unescape(nv.substring(0, eq)).toLowerCase(); + if (key in accumulator) { + delete pairs[j]; + pairs[accumulator[key]] += ", " + nv.substring(eq + 1); + unchanged = false; + } else { + accumulator[key] = j; + } + } + return (emptyParams && !(unchanged || joinNames)) ? + pairs.concat(rearrange(true).filter(p => pairs.indexOf(p) === -1)) : + pairs; + })(); + + if (unchanged) return s; + for (let j = pairs.length; j-- > 0;) + if (!pairs[j]) pairs.splice(j, 1); + return p + pairs.join("&"); + }, + + _replace(match, hex) { + const k = parseInt(hex, 16); + const map = ASPIdiocy.map; + if (k in map) return map[k]; + const range = ASPIdiocy._findRange(k); + return range && range.data || String.fromCharCode(k); + }, + _findRange(k) { + const ranges = this.ranges; + for (let low = 0, high = ranges.length - 1; low <= high;) { + let i = parseInt((low + high) / 2); + let r = ranges[i]; + let comparison = k < r.start ? 1 : k > r.end ? -1 : 0; + if (comparison < 0) low = i + 1; + else if (comparison > 0) high = i - 1; + else return r; + } + return null; + } +} + +XSS.ASPIdiocy.map = { + 0x100: "\x41", + 0x101: "\x61", + 0x102: "\x41", + 0x103: "\x61", + 0x104: "\x41", + 0x105: "\x61", + 0x106: "\x43", + 0x107: "\x63", + 0x108: "\x43", + 0x109: "\x63", + 0x10a: "\x43", + 0x10b: "\x63", + 0x10c: "\x43", + 0x10d: "\x63", + 0x10e: "\x44", + 0x10f: "\x64", + 0x110: "\ufffd", + 0x111: "\x64", + 0x112: "\x45", + 0x113: "\x65", + 0x114: "\x45", + 0x115: "\x65", + 0x116: "\x45", + 0x117: "\x65", + 0x118: "\x45", + 0x119: "\x65", + 0x11a: "\x45", + 0x11b: "\x65", + 0x11c: "\x47", + 0x11d: "\x67", + 0x11e: "\x47", + 0x11f: "\x67", + 0x120: "\x47", + 0x121: "\x67", + 0x122: "\x47", + 0x123: "\x67", + 0x124: "\x48", + 0x125: "\x68", + 0x126: "\x48", + 0x127: "\x68", + 0x128: "\x49", + 0x129: "\x69", + 0x12a: "\x49", + 0x12b: "\x69", + 0x12c: "\x49", + 0x12d: "\x69", + 0x12e: "\x49", + 0x12f: "\x69", + 0x130: "\x49", + 0x131: "\x69", + 0x134: "\x4a", + 0x135: "\x6a", + 0x136: "\x4b", + 0x137: "\x6b", + 0x138: "\x3f", + 0x139: "\x4c", + 0x13a: "\x6c", + 0x13b: "\x4c", + 0x13c: "\x6c", + 0x13d: "\x4c", + 0x13e: "\x6c", + 0x141: "\x4c", + 0x142: "\x6c", + 0x143: "\x4e", + 0x144: "\x6e", + 0x145: "\x4e", + 0x146: "\x6e", + 0x147: "\x4e", + 0x148: "\x6e", + 0x14c: "\x4f", + 0x14d: "\x6f", + 0x14e: "\x4f", + 0x14f: "\x6f", + 0x150: "\x4f", + 0x151: "\x6f", + 0x154: "\x52", + 0x155: "\x72", + 0x156: "\x52", + 0x157: "\x72", + 0x158: "\x52", + 0x159: "\x72", + 0x15a: "\x53", + 0x15b: "\x73", + 0x15c: "\x53", + 0x15d: "\x73", + 0x15e: "\x53", + 0x15f: "\x73", + 0x162: "\x54", + 0x163: "\x74", + 0x164: "\x54", + 0x165: "\x74", + 0x166: "\x54", + 0x167: "\x74", + 0x168: "\x55", + 0x169: "\x75", + 0x16a: "\x55", + 0x16b: "\x75", + 0x16c: "\x55", + 0x16d: "\x75", + 0x16e: "\x55", + 0x16f: "\x75", + 0x170: "\x55", + 0x171: "\x75", + 0x172: "\x55", + 0x173: "\x75", + 0x174: "\x57", + 0x175: "\x77", + 0x176: "\x59", + 0x177: "\x79", + 0x178: "\ufffd", + 0x179: "\x5a", + 0x17a: "\x7a", + 0x17b: "\x5a", + 0x17c: "\x7a", + 0x17f: "\x3f", + 0x180: "\x62", + 0x189: "\ufffd", + 0x197: "\x49", + 0x19a: "\x6c", + 0x1a1: "\x6f", + 0x1ab: "\x74", + 0x1ae: "\x54", + 0x1af: "\x55", + 0x1b0: "\x75", + 0x1b6: "\x7a", + 0x1c0: "\x7c", + 0x1c3: "\x21", + 0x1cd: "\x41", + 0x1ce: "\x61", + 0x1cf: "\x49", + 0x1d0: "\x69", + 0x1d1: "\x4f", + 0x1d2: "\x6f", + 0x1d3: "\x55", + 0x1d4: "\x75", + 0x1d5: "\x55", + 0x1d6: "\x75", + 0x1d7: "\x55", + 0x1d8: "\x75", + 0x1d9: "\x55", + 0x1da: "\x75", + 0x1db: "\x55", + 0x1dc: "\x75", + 0x1dd: "\x3f", + 0x1de: "\x41", + 0x1df: "\x61", + 0x1e4: "\x47", + 0x1e5: "\x67", + 0x1e6: "\x47", + 0x1e7: "\x67", + 0x1e8: "\x4b", + 0x1e9: "\x6b", + 0x1ea: "\x4f", + 0x1eb: "\x6f", + 0x1ec: "\x4f", + 0x1ed: "\x6f", + 0x1f0: "\x6a", + 0x261: "\x67", + 0x2b9: "\x27", + 0x2ba: "\x22", + 0x2bb: "\x3f", + 0x2bc: "\x27", + 0x2c4: "\x5e", + 0x2c5: "\x3f", + 0x2c6: "\ufffd", + 0x2c7: "\x3f", + 0x2c8: "\x27", + 0x2cb: "\x60", + 0x2cc: "\x3f", + 0x2cd: "\x5f", + 0x2da: "\ufffd", + 0x2db: "\x3f", + 0x2dc: "\ufffd", + 0x300: "\x60", + 0x301: "\ufffd", + 0x302: "\x5e", + 0x303: "\x7e", + 0x308: "\ufffd", + 0x309: "\x3f", + 0x30a: "\ufffd", + 0x30e: "\x22", + 0x327: "\ufffd", + 0x37e: "\x3b", + 0x393: "\x47", + 0x398: "\x54", + 0x3a3: "\x53", + 0x3a6: "\x46", + 0x3a9: "\x4f", + 0x3b1: "\x61", + 0x3b2: "\ufffd", + 0x3b3: "\x3f", + 0x3b4: "\x64", + 0x3b5: "\x65", + 0x3bc: "\ufffd", + 0x3c0: "\x70", + 0x3c3: "\x73", + 0x3c4: "\x74", + 0x3c5: "\x3f", + 0x3c6: "\x66", + 0x4bb: "\x68", + 0x589: "\x3a", + 0x66a: "\x25", + 0x2012: "\x3f", + 0x2017: "\x3d", + 0x201b: "\x3f", + 0x201f: "\x3f", + 0x2023: "\x3f", + 0x2024: "\ufffd", + 0x2025: "\x3f", + 0x2026: "\ufffd", + 0x2030: "\ufffd", + 0x2031: "\x3f", + 0x2032: "\x27", + 0x2035: "\x60", + 0x2044: "\x2f", + 0x2070: "\ufffd", + 0x2074: "\x34", + 0x2075: "\x35", + 0x2076: "\x36", + 0x2077: "\x37", + 0x2078: "\x38", + 0x207f: "\x6e", + 0x2080: "\x30", + 0x2081: "\x31", + 0x2082: "\x32", + 0x2083: "\x33", + 0x2084: "\x34", + 0x2085: "\x35", + 0x2086: "\x36", + 0x2087: "\x37", + 0x2088: "\x38", + 0x2089: "\x39", + 0x20a1: "\ufffd", + 0x20a4: "\ufffd", + 0x20a7: "\x50", + 0x20ac: "\ufffd", + 0x2102: "\x43", + 0x2107: "\x45", + 0x210a: "\x67", + 0x210e: "\x68", + 0x210f: "\x3f", + 0x2112: "\x4c", + 0x2113: "\x6c", + 0x2114: "\x3f", + 0x2115: "\x4e", + 0x211a: "\x51", + 0x2122: "\ufffd", + 0x2123: "\x3f", + 0x2124: "\x5a", + 0x2128: "\x5a", + 0x2129: "\x3f", + 0x212a: "\x4b", + 0x212b: "\ufffd", + 0x212c: "\x42", + 0x212d: "\x43", + 0x2130: "\x45", + 0x2131: "\x46", + 0x2132: "\x3f", + 0x2133: "\x4d", + 0x2134: "\x6f", + 0x2205: "\ufffd", + 0x2212: "\x2d", + 0x2213: "\ufffd", + 0x2214: "\x3f", + 0x2215: "\x2f", + 0x2216: "\x5c", + 0x2217: "\x2a", + 0x221a: "\x76", + 0x221e: "\x38", + 0x2223: "\x7c", + 0x2229: "\x6e", + 0x2236: "\x3a", + 0x223c: "\x7e", + 0x2248: "\ufffd", + 0x2261: "\x3d", + 0x22c5: "\ufffd", + 0x2302: "\ufffd", + 0x2303: "\x5e", + 0x2310: "\ufffd", + 0x2320: "\x28", + 0x2321: "\x29", + 0x2329: "\x3c", + 0x232a: "\x3e", + 0x2500: "\x2d", + 0x2501: "\x3f", + 0x2502: "\ufffd", + 0x250c: "\x2b", + 0x2510: "\x2b", + 0x2514: "\x2b", + 0x2518: "\x2b", + 0x251c: "\x2b", + 0x2524: "\ufffd", + 0x252c: "\x2d", + 0x2534: "\x2d", + 0x253c: "\x2b", + 0x2550: "\x2d", + 0x2551: "\ufffd", + 0x2580: "\ufffd", + 0x2584: "\x5f", + 0x2588: "\ufffd", + 0x258c: "\ufffd", + 0x25a0: "\ufffd", + 0x263c: "\ufffd", + 0x2758: "\x7c", + 0x3000: "\x20", + 0x3008: "\x3c", + 0x3009: "\x3e", + 0x301a: "\x5b", + 0x301b: "\x5d", + 0x30fb: "\ufffd", + 0xff01: "\x21", + 0xff02: "\x22", + 0xff03: "\x23", + 0xff04: "\x24", + 0xff05: "\x25", + 0xff06: "\x26", + 0xff07: "\x27", + 0xff08: "\x28", + 0xff09: "\x29", + 0xff0a: "\x2a", + 0xff0b: "\x2b", + 0xff0c: "\x2c", + 0xff0d: "\x2d", + 0xff0e: "\x2e", + 0xff0f: "\x2f", + 0xff10: "\x30", + 0xff11: "\x31", + 0xff12: "\x32", + 0xff13: "\x33", + 0xff14: "\x34", + 0xff15: "\x35", + 0xff16: "\x36", + 0xff17: "\x37", + 0xff18: "\x38", + 0xff19: "\x39", + 0xff1a: "\x3a", + 0xff1b: "\x3b", + 0xff1c: "\x3c", + 0xff1d: "\x3d", + 0xff1e: "\x3e", + 0xff1f: "\x3f", + 0xff20: "\x40", + 0xff21: "\x41", + 0xff22: "\x42", + 0xff23: "\x43", + 0xff24: "\x44", + 0xff25: "\x45", + 0xff26: "\x46", + 0xff27: "\x47", + 0xff28: "\x48", + 0xff29: "\x49", + 0xff2a: "\x4a", + 0xff2b: "\x4b", + 0xff2c: "\x4c", + 0xff2d: "\x4d", + 0xff2e: "\x4e", + 0xff2f: "\x4f", + 0xff30: "\x50", + 0xff31: "\x51", + 0xff32: "\x52", + 0xff33: "\x53", + 0xff34: "\x54", + 0xff35: "\x55", + 0xff36: "\x56", + 0xff37: "\x57", + 0xff38: "\x58", + 0xff39: "\x59", + 0xff3a: "\x5a", + 0xff3b: "\x5b", + 0xff3c: "\x5c", + 0xff3d: "\x5d", + 0xff3e: "\x5e", + 0xff3f: "\x5f", + 0xff40: "\x60", + 0xff41: "\x61", + 0xff42: "\x62", + 0xff43: "\x63", + 0xff44: "\x64", + 0xff45: "\x65", + 0xff46: "\x66", + 0xff47: "\x67", + 0xff48: "\x68", + 0xff49: "\x69", + 0xff4a: "\x6a", + 0xff4b: "\x6b", + 0xff4c: "\x6c", + 0xff4d: "\x6d", + 0xff4e: "\x6e", + 0xff4f: "\x6f", + 0xff50: "\x70", + 0xff51: "\x71", + 0xff52: "\x72", + 0xff53: "\x73", + 0xff54: "\x74", + 0xff55: "\x75", + 0xff56: "\x76", + 0xff57: "\x77", + 0xff58: "\x78", + 0xff59: "\x79", + 0xff5a: "\x7a", + 0xff5b: "\x7b", + 0xff5c: "\x7c", + 0xff5d: "\x7d", + 0xff5e: "\x7e" +}; + +{ + let Range = class { + constructor(start, end, data) { + this.start = start; + this.end = end; + this.data = data; + } + }; + + XSS.ASPIdiocy.ranges = [ + new Range(0x80, 0xff, "\ufffd"), + new Range(0x132, 0x133, "\x3f"), + new Range(0x13f, 0x140, "\x3f"), + new Range(0x149, 0x14b, "\x3f"), + new Range(0x152, 0x153, "\ufffd"), + new Range(0x160, 0x161, "\ufffd"), + new Range(0x17d, 0x17e, "\ufffd"), + new Range(0x181, 0x188, "\x3f"), + new Range(0x18a, 0x190, "\x3f"), + new Range(0x191, 0x192, "\ufffd"), + new Range(0x193, 0x196, "\x3f"), + new Range(0x198, 0x199, "\x3f"), + new Range(0x19b, 0x19e, "\x3f"), + new Range(0x19f, 0x1a0, "\x4f"), + new Range(0x1a2, 0x1aa, "\x3f"), + new Range(0x1ac, 0x1ad, "\x3f"), + new Range(0x1b1, 0x1b5, "\x3f"), + new Range(0x1b7, 0x1bf, "\x3f"), + new Range(0x1c1, 0x1c2, "\x3f"), + new Range(0x1c4, 0x1cc, "\x3f"), + new Range(0x1e0, 0x1e3, "\x3f"), + new Range(0x1ee, 0x1ef, "\x3f"), + new Range(0x1f1, 0x260, "\x3f"), + new Range(0x262, 0x2b8, "\x3f"), + new Range(0x2bd, 0x2c3, "\x3f"), + new Range(0x2c9, 0x2ca, "\ufffd"), + new Range(0x2ce, 0x2d9, "\x3f"), + new Range(0x2dd, 0x2ff, "\x3f"), + new Range(0x304, 0x305, "\ufffd"), + new Range(0x306, 0x307, "\x3f"), + new Range(0x30b, 0x30d, "\x3f"), + new Range(0x30f, 0x326, "\x3f"), + new Range(0x328, 0x330, "\x3f"), + new Range(0x331, 0x332, "\x5f"), + new Range(0x333, 0x37d, "\x3f"), + new Range(0x37f, 0x392, "\x3f"), + new Range(0x394, 0x397, "\x3f"), + new Range(0x399, 0x3a2, "\x3f"), + new Range(0x3a4, 0x3a5, "\x3f"), + new Range(0x3a7, 0x3a8, "\x3f"), + new Range(0x3aa, 0x3b0, "\x3f"), + new Range(0x3b6, 0x3bb, "\x3f"), + new Range(0x3bd, 0x3bf, "\x3f"), + new Range(0x3c1, 0x3c2, "\x3f"), + new Range(0x3c7, 0x4ba, "\x3f"), + new Range(0x4bc, 0x588, "\x3f"), + new Range(0x58a, 0x669, "\x3f"), + new Range(0x66b, 0x1fff, "\x3f"), + new Range(0x2000, 0x2006, "\x20"), + new Range(0x2007, 0x200f, "\x3f"), + new Range(0x2010, 0x2011, "\x2d"), + new Range(0x2013, 0x2014, "\ufffd"), + new Range(0x2015, 0x2016, "\x3f"), + new Range(0x2018, 0x201a, "\ufffd"), + new Range(0x201c, 0x201e, "\ufffd"), + new Range(0x2020, 0x2022, "\ufffd"), + new Range(0x2027, 0x202f, "\x3f"), + new Range(0x2033, 0x2034, "\x3f"), + new Range(0x2036, 0x2038, "\x3f"), + new Range(0x2039, 0x203a, "\ufffd"), + new Range(0x203b, 0x2043, "\x3f"), + new Range(0x2045, 0x206f, "\x3f"), + new Range(0x2071, 0x2073, "\x3f"), + new Range(0x2079, 0x207e, "\x3f"), + new Range(0x208a, 0x20a0, "\x3f"), + new Range(0x20a2, 0x20a3, "\x3f"), + new Range(0x20a5, 0x20a6, "\x3f"), + new Range(0x20a8, 0x20ab, "\x3f"), + new Range(0x20ad, 0x2101, "\x3f"), + new Range(0x2103, 0x2106, "\x3f"), + new Range(0x2108, 0x2109, "\x3f"), + new Range(0x210b, 0x210d, "\x48"), + new Range(0x2110, 0x2111, "\x49"), + new Range(0x2116, 0x2117, "\x3f"), + new Range(0x2118, 0x2119, "\x50"), + new Range(0x211b, 0x211d, "\x52"), + new Range(0x211e, 0x2121, "\x3f"), + new Range(0x2125, 0x2127, "\x3f"), + new Range(0x212e, 0x212f, "\x65"), + new Range(0x2135, 0x2204, "\x3f"), + new Range(0x2206, 0x2211, "\x3f"), + new Range(0x2218, 0x2219, "\ufffd"), + new Range(0x221b, 0x221d, "\x3f"), + new Range(0x221f, 0x2222, "\x3f"), + new Range(0x2224, 0x2228, "\x3f"), + new Range(0x222a, 0x2235, "\x3f"), + new Range(0x2237, 0x223b, "\x3f"), + new Range(0x223d, 0x2247, "\x3f"), + new Range(0x2249, 0x2260, "\x3f"), + new Range(0x2262, 0x2263, "\x3f"), + new Range(0x2264, 0x2265, "\x3d"), + new Range(0x2266, 0x2269, "\x3f"), + new Range(0x226a, 0x226b, "\ufffd"), + new Range(0x226c, 0x22c4, "\x3f"), + new Range(0x22c6, 0x2301, "\x3f"), + new Range(0x2304, 0x230f, "\x3f"), + new Range(0x2311, 0x231f, "\x3f"), + new Range(0x2322, 0x2328, "\x3f"), + new Range(0x232b, 0x24ff, "\x3f"), + new Range(0x2503, 0x250b, "\x3f"), + new Range(0x250d, 0x250f, "\x3f"), + new Range(0x2511, 0x2513, "\x3f"), + new Range(0x2515, 0x2517, "\x3f"), + new Range(0x2519, 0x251b, "\x3f"), + new Range(0x251d, 0x2523, "\x3f"), + new Range(0x2525, 0x252b, "\x3f"), + new Range(0x252d, 0x2533, "\x3f"), + new Range(0x2535, 0x253b, "\x3f"), + new Range(0x253d, 0x254f, "\x3f"), + new Range(0x2552, 0x255d, "\x2b"), + new Range(0x255e, 0x2563, "\ufffd"), + new Range(0x2564, 0x2569, "\x2d"), + new Range(0x256a, 0x256c, "\x2b"), + new Range(0x256d, 0x257f, "\x3f"), + new Range(0x2581, 0x2583, "\x3f"), + new Range(0x2585, 0x2587, "\x3f"), + new Range(0x2589, 0x258b, "\x3f"), + new Range(0x258d, 0x258f, "\x3f"), + new Range(0x2590, 0x2593, "\ufffd"), + new Range(0x2594, 0x259f, "\x3f"), + new Range(0x25a1, 0x263b, "\x3f"), + new Range(0x263d, 0x2757, "\x3f"), + new Range(0x2759, 0x2fff, "\x3f"), + new Range(0x3001, 0x3007, "\x3f"), + new Range(0x300a, 0x300b, "\ufffd"), + new Range(0x300c, 0x3019, "\x3f"), + new Range(0x301c, 0x30fa, "\x3f"), + new Range(0x30fc, 0xff00, "\x3f") + ]; +} diff --git a/src/xss/Exceptions.js b/src/xss/Exceptions.js new file mode 100644 index 0000000..4e80c39 --- /dev/null +++ b/src/xss/Exceptions.js @@ -0,0 +1,238 @@ +'use strict'; + +XSS.Exceptions = (() => { + + var Exceptions = { + get legacyExceptions() { + delete this.legacyExceptions; + this.legacyExceptions = + Legacy.getRxPref("filterXExceptions", + Legacy.RX.multi, "g", /^https?:[a-z:/@.?-]*$/i); + return this.legacyExceptions; + }, + + async getWhitelist() { + return (await Storage.get("sync", "xssWhitelist")).xssWhitelist; + }, + async setWhitelist(xssWhitelist) { + await Storage.set("sync", {xssWhitelist}); + }, + + async shouldIgnore(xssReq) { + function logEx(...args) { + debug("[XSS preprocessing] Ignoring %o", xssReq, ...args); + } + + let { + srcObj, + destObj, + srcUrl, + destUrl, + srcOrigin, + destOrigin, + unescapedDest, + isGet, + isPost + } = xssReq; + + // same srcUrl + if (srcOrigin === destOrigin) { + return true; + } + + // same domain + https: source + if (/^https:/.test(srcOrigin) && xssReq.srcDomain === xssReq.destDomain) { + return true; + } + + if (/^(?:chrome|resource|moz-extension|about):/.test(srcOrigin)) { + debug("Privileged origin", srcOrigin); + } + + // destination or @source matching legacy regexp + if (this.legacyExceptions.test(unescapedDest) && + !this.isBadException(destObj.hostname) || + this.legacyExceptions.test("@" + unescape(srcUrl))) { + logEx("Legacy exception", this.legacyExceptions); + return true; + } + + if (!srcObj && isGet) { + if (/^https?:\/\/msdn\.microsoft\.com\/query\/[^<]+$/.test(unescapedDest)) { + return true; // MSDN from Microsoft VS + } + } + + if (srcOrigin) { // srcUrl-specific exceptions + + if (/^about:(?!blank)/.test(srcOrigin)) + return true; // any about: URL except about:blank + + if (srcOrigin === "https://www.youtube.com" && + /^https:\/\/(?:plus\.googleapis|apis\.google)\.com\/[\w/]+\/widget\/render\/comments\?/.test(destUrl) && + Legacy.getPref("filterXExceptions.yt_comments") + ) { + logEx("YouTube comments exception"); + return true; + } + + if (isPost) { + + if (srcOrigin === "https://sso.post.ch" && destOrigin === "https://app.swisspost.ch") { + return true; + } + + if (srcOrigin === "https://twitter.com" && /^https:\/\/.*\.twitter\.com$/.test(destOrigin)) { + return true; + } + + { + let rx = /^https:\/\/(?:[a-z]+\.)?unionbank\.com$/; + if (rx.test(srcOrigin) && rx.test(destOrigin)) { + return true; + } + } + + if (/^https?:\/\/csr\.ebay\.(?:\w{2,3}|co\.uk)\/cse\/start\.jsf$/.test(srcUrl) && + /^https?:\/\/msa-lfn\.ebay\.(?:\w{2,3}|co\.uk)\/ws\/eBayISAPI\.dll\?[^<'"%]*$/.test(unescapedDest) && + destObj.protocol === srcObj.protocol && + Legacy.getPref("filterXException.ebay")) { + logEx("Ebay exception"); + return true; + } + + if (/^https:\/\/(?:cap\.securecode\.com|www\.securesuite\.net|(?:.*?\.)?firstdata\.(?:l[tv]|com))$/.test(srcUrl) && + Legacy.getPref("filterXException.visa")) { + logEx("Verified by Visa exception"); + return true; + } + + if (/\.verizon\.com$/.test(srcOrigin) && + /^https:\/\/signin\.verizon\.com\/sso\/authsso\/forumLogin\.jsp$/.test(destUrl) && + Legacy.getPref("filterXExceptions.verizon")) { + logEx("Verizon login exception"); + return true; + } + + if (/^https?:\/\/mail\.lycos\.com\/lycos\/mail\/MailCompose\.lycos$/.test(srcUrl) && + /\.lycosmail\.lycos\.com$/.test(destOrigin) && + Legacy.getPref("filterXExceptions.lycosmail")) { + logEx("Lycos Mail exception"); + return true; + } + + if (/\.livejournal\.com$/.test(srcOrigin) && + /^https?:\/\/www\.livejournal\.com\/talkpost_do\.bml$/.test(destUrl) && + Legacy.getPref("filterXExceptions.livejournal")) { + logEx("Livejournal comments exception"); + return true; + } + + if (srcOrigin == "https://ssl.rapidshare.com" && + xssReq.srcDomain == "rapidshare.com") { + logEx("Rapidshare upload exception"); + return true; + } + + if (srcOrigin == "http://wm.letitbit.net" && + /^http:\/\/http\.letitbit\.net:81\/cgi-bin\/multi\/upload\.cgi\?/.test(destUrl) && + Legacy.getPref("filterXExceptions.letitibit") + ) { + logEx("letitbit.net upload exception"); + return true; + } + + if (/\.deviantart\.com$/.test(srcOrigin) && + /^http:\/\/my\.deviantart\.com\/journal\/update\b/.test(destUrl) && + Legacy.getPref("filterXExceptions.deviantart") + ) { + logEx("deviantart.com journal post exception"); + return true; + } + + if (srcOrigin == "https://www.mymedicare.gov" && + destOrigin == "https://myporal.medicare.gov" && + Legacy.getPref("filterXExceptions.medicare") + ) { + logEx("mymedicare.gov exception"); + return true; + } + + if (/^https?:\/\/(?:draft|www)\.blogger\.com\/template-editor\.g\?/.test(srcUrl) && + /^https?:\/\/[\w\-]+\.blogspot\.com\/b\/preview\?/.test(destUrl) && + Legacy.getPref("filterXExceptions.blogspot") + ) { + logEx("blogspot.com template preview exception"); + return true; + } + + if (/^https?:\/\/www\.readability\.com\/articles\/queue$/.test(destUrl) && + Legacy.getPref("filterXExceptions.readability")) { + logEx("Readability exception"); + return true; + } + + if (/^https?:\/\/pdf\.printfriendly\.com\/pdfs\/make$/.test(destUrl) && + Legacy.getPref("filterXExceptions.printfriendly")) { + logEx("Printfriendly exception"); + return true; + } + } + } + }, + + isBadException(host) { + // TLD check for Google search + let m = host.match(/\bgoogle\.((?:[a-z]{1,3}\.)?[a-z]+)$/i); + return m && tld.getPublicSuffix(host) != m[1]; + }, + + partial(xssReq) { + let { + srcObj, + destObj, + srcUrl, + destUrl, + srcOrigin, + destOrigin, + } = xssReq; + + let skipParams, skipRx; + if (/^https:\/\/www\.paypal\.com\/(?:[\w\-]+\/)?cgi-bin\/webscr\b/.test(destUrl)) { + // Paypal buttons encrypted parameter causes a DOS, strip it out + skipParams = ['encrypted']; + } else if (/\.adnxs\.com$/.test(srcOrigin) && /\.adnxs\.com$/.test(destOrigin)) { + skipParams = ['udj']; + } else if (/^https?:\/\/www\.mendeley\.com\/import\/bookmarklet\/$/.test(destUrl)) { + skipParams = ['html']; + } else if (destObj.hash && /^https:/.test(srcOrigin) && + (/^https?:\/\/api\.facebook\.com\//.test(srcUrl) || + /^https:\/\/tbpl\.mozilla\.org\//.test(srcUrl) || // work-around for hg reftest DOS + /^https:\/\/[^\/]+\.googleusercontent\.com\/gadgets\/ifr\?/.test(destUrl) // Google gadgets + )) { + skipRx = /#[^#]+$/; // remove receiver's hash + } else if (/^https?:\/\/apps\.facebook\.com\//.test(srcUrl) && Legacy.getPref("filterXExceptions.fbconnect")) { + skipRx = /&invite_url=javascript[^&]+/; // Zynga stuff + } else if (/^https?:\/\/l\.yimg\.com\/j\/static\/frame\?e=/.test(destUrl) && + /\.yahoo\.com$/.test(srcOrigin) && + Legacy.getPref("filterXExceptions.yahoo")) { + skipParams = ['e']; + } else if (/^https?:\/\/wpcomwidgets\.com\/\?/.test(destUrl)) { + skipParams = ["_data"]; + } else if (/^https:\/\/docs\.google\.com\/picker\?/.test(destUrl)) { + skipParams = ["nav", "pp"]; + } else if (/^https:\/\/.*[\?&]scope=/.test(destUrl)) { + skipRx = /[\?&]scope=[+\w]+(?=&|$)/; + } + if (skipParams) { + skipRx = new RegExp("(?:^|[&?])(?:" + skipParams.join('|') + ")=[^&]+", "g"); + } + return { + skipParams, + skipRx + }; + } + + }; + return Exceptions; +})(); diff --git a/src/xss/FlashIdiocy.js b/src/xss/FlashIdiocy.js new file mode 100644 index 0000000..c6835b1 --- /dev/null +++ b/src/xss/FlashIdiocy.js @@ -0,0 +1,147 @@ +'use strict'; + +XSS.FlashIdiocy = { + _affectsRx: /%(?:[8-9a-f]|[0-7]?[^0-9a-f])/i, // high (non-ASCII) percent encoding or invalid second digit + affects(s) { + return this._affectsRx.test(s); + }, + + purgeBadEncodings(s) { + return s.replace(/%(?:[0-9a-f]?(?:[^0-9a-f]|$))/ig, ""); + }, + + platformDecode(s) { + return s.replace(/%[8-9a-f][0-9a-f]/ig, s => this.map[s.substring(1).toLowerCase()]); + }, + + map: { + "80": "?", + "81": "", + "82": "?", + "83": "?", + "84": "?", + "85": "?", + "86": "?", + "87": "?", + "88": "?", + "89": "?", + "8a": "?", + "8b": "?", + "8c": "?", + "8d": "", + "8e": "?", + "8f": "", + "90": "", + "91": "?", + "92": "?", + "93": "?", + "94": "?", + "95": "?", + "96": "?", + "97": "?", + "98": "?", + "99": "?", + "9a": "?", + "9b": "?", + "9c": "?", + "9d": "", + "9e": "?", + "9f": "?", + "a0": " ", + "a1": "¡", + "a2": "¢", + "a3": "£", + "a4": "¤", + "a5": "¥", + "a6": "¦", + "a7": "§", + "a8": "¨", + "a9": "©", + "aa": "ª", + "ab": "«", + "ac": "¬", + "ad": "", + "ae": "®", + "af": "¯", + "b0": "°", + "b1": "±", + "b2": "²", + "b3": "³", + "b4": "´", + "b5": "µ", + "b6": "¶", + "b7": "·", + "b8": "¸", + "b9": "¹", + "ba": "º", + "bb": "»", + "bc": "¼", + "bd": "½", + "be": "¾", + "bf": "¿", + "c0": "À", + "c1": "Á", + "c2": "Â", + "c3": "Ã", + "c4": "Ä", + "c5": "Å", + "c6": "Æ", + "c7": "Ç", + "c8": "È", + "c9": "É", + "ca": "Ê", + "cb": "Ë", + "cc": "Ì", + "cd": "Í", + "ce": "Î", + "cf": "Ï", + "d0": "Ð", + "d1": "Ñ", + "d2": "Ò", + "d3": "Ó", + "d4": "Ô", + "d5": "Õ", + "d6": "Ö", + "d7": "×", + "d8": "Ø", + "d9": "Ù", + "da": "Ú", + "db": "Û", + "dc": "Ü", + "dd": "Ý", + "de": "Þ", + "df": "ß", + "e0": "à", + "e1": "á", + "e2": "â", + "e3": "ã", + "e4": "ä", + "e5": "å", + "e6": "æ", + "e7": "ç", + "e8": "è", + "e9": "é", + "ea": "ê", + "eb": "ë", + "ec": "ì", + "ed": "í", + "ee": "î", + "ef": "ï", + "f0": "ð", + "f1": "ñ", + "f2": "ò", + "f3": "ó", + "f4": "ô", + "f5": "õ", + "f6": "ö", + "f7": "÷", + "f8": "ø", + "f9": "ù", + "fa": "ú", + "fb": "û", + "fc": "ü", + "fd": "ý", + "fe": "þ", + "ff": "ÿ", + } +}; diff --git a/src/xss/InjectionChecker.js b/src/xss/InjectionChecker.js new file mode 100644 index 0000000..9617e3d --- /dev/null +++ b/src/xss/InjectionChecker.js @@ -0,0 +1,1199 @@ +debug("Initializing InjectionChecker"); +XSS.InjectionChecker = (async () => { + await include([ + "/lib/Base64.js", + "/xss/FlashIdiocy.js", + "/xss/ASPIdiocy.js"] + ); + + var {FlashIdiocy, ASPIdiocy} = XSS; + + const wordCharRx = /\w/g; + + function fuzzify(s) { + return s.replace(wordCharRx, '\\W*(?:/[*/][^]*)?$&'); + } + + const IC_COMMENT_PATTERN = '\\s*(?:\\/[\\/\\*][^]+)?'; + const IC_WINDOW_OPENER_PATTERN = fuzzify("alert|confirm|prompt|open(?:URL)?|print|show") + "\\w*" + fuzzify("Dialog"); + const IC_EVAL_PATTERN = "\\b(?:" + + fuzzify('eval|import|set(?:Timeout|Interval)|(?:f|F)unction|Script|toString|Worker|document|constructor|generateCRMFRequest|jQuery|fetch|write(?:ln)?|__(?:define(?:S|G)etter|noSuchMethod)__|definePropert(?:y|ies)') + + "|\\$|" + IC_WINDOW_OPENER_PATTERN + ")\\b"; + const IC_EVENT_PATTERN = "on(?:p(?:o(?:inter(?:l(?:ock(?:change|error)|eave)|o(?:ver|ut)|cancel|enter|down|move|up)|p(?:up(?:hid(?:den|ing)|show(?:ing|n)|positioned)|state))|a(?:ge(?:hide|show)|(?:st|us)e)|ush(?:subscriptionchange)?|ro(?:cessorerror|gress)|lay(?:ing)?|hoto)|Moz(?:S(?:wipeGesture(?:(?:May)?Start|Update|End)?|crolledAreaChanged)|M(?:agnifyGesture(?:Update|Start)?|ouse(?:PixelScroll|Hittest))|EdgeUI(?:C(?:omplet|ancel)|Start)ed|RotateGesture(?:Update|Start)?|(?:Press)?TapGesture|AfterPaint)|m(?:o(?:z(?:pointerlock(?:change|error)|fullscreen(?:change|error)|key(?:down|up)onplugin|accesskeynotfound|orientationchange)|use(?:l(?:ongtap|eave)|o(?:ver|ut)|enter|wheel|down|move|up))|(?:idimessag|ut)e|essage(?:error)?|ark)|c(?:o(?:m(?:p(?:osition(?:update|start|end)|lete)|mand(?:update)?)|n(?:t(?:rollerchange|extmenu)|nect(?:ionavailable)?)|py)|h(?:(?:arging(?:time)?ch)?ange|ecking)|a(?:n(?:play(?:through)?|cel)|ched)|u(?:echange|t)|l(?:ick|ose))|s(?:ou(?:rce(?:(?:clos|end)ed|open)|nd(?:start|end))|e(?:lect(?:ionchange|start)?|ek(?:ing|ed)|t)|h(?:ipping(?:address|option)change|ow)|t(?:a(?:techange|lled|rt)|o(?:rage|p))|u(?:ccess|spend|bmit)|peech(?:start|end)|croll)|d(?:r(?:a(?:g(?:e(?:n(?:ter|d)|xit)|leave|start|drop|over)?|in)|op)|evice(?:(?:orienta|mo)tion|proximity|change|light)|(?:ischargingtime|uration)change|ata(?:available)?|ownloading|blclick)|a(?:nimation(?:iteration|cancel|start|end)|u(?:dio(?:process|start|end)|xclick)|b(?:solutedeviceorientation|ort)|fter(?:scriptexecute|print)|dd(?:sourcebuffer|track)|ppinstalled|ctivate)|DOM(?:Node(?:Inserted(?:IntoDocument)?|Removed(?:FromDocument)?)|(?:CharacterData|Subtree)Modified|A(?:ttrModified|ctivate)|Focus(?:Out|In)|MouseScroll)|r(?:e(?:s(?:ourcetimingbufferfull|ponseprogress|u(?:lt|me)|ize|et)|move(?:sourcebuffer|track)|adystatechange|pea(?:tEven)?t|questprogress)|atechange)|w(?:ebkit(?:Animation(?:Iteration|Start|End)|animation(?:iteration|start|end)|(?:TransitionE|transitione)nd)|a(?:iting(?:forkey)?|rning)|heel)|v(?:rdisplay(?:(?:presentchang|activat)e|d(?:eactivate|isconnect)|connect)|o(?:iceschanged|lumechange)|(?:isibility|ersion)change)|b(?:e(?:fore(?:p(?:aste|rint)|scriptexecute|c(?:opy|ut)|unload)|gin(?:Event)?)|ufferedamountlow|l(?:ocked|ur)|roadcast|oundary)|t(?:o(?:uch(?:cancel|start|move|end)|ggle)|ransition(?:cancel|start|end|run)|ime(?:update|out)|e(?:rminate|xt)|ypechange)|l(?:o(?:ad(?:e(?:d(?:meta)?data|nd)|ing(?:error|done)?|start)?|stpointercapture)|(?:anguage|evel)change|y)|u(?:p(?:date(?:(?:fou|e)nd|ready|start)?|gradeneeded)|n(?:derflow|load|mute)|serproximity)|g(?:amepad(?:(?:dis)?connected|button(?:down|up)|axismove)|otpointercapture|et)|o(?:(?:rientationchang|(?:ff|n)lin|bsolet)e|verflow|pen)|e(?:n(?:d(?:Event|ed)?|crypted|ter)|mptied|rror|xit)|f(?:ullscreen(?:change|error)|ocus(?:out|in)?|inish)|no(?:tificationcl(?:ick|ose)|update|match)|SVG(?:(?:Unl|L)oad|Resize|Scroll|Zoom)|key(?:statuseschange|press|down|up)|(?:CheckboxStateC|hashc)hange|R(?:adioStateChange|equest)|in(?:stall|valid|put)|AppCommand|zoom)" + // autogenerated from nsGkAtomList.h + ; + const IC_EVENT_DOS_PATTERN = + "\\b(?:" + IC_EVENT_PATTERN + ")[^]*=[^]*\\b(?:" + IC_WINDOW_OPENER_PATTERN + ")\\b" + + "|\\b(?:" + IC_WINDOW_OPENER_PATTERN + ")\\b[^]+\\b(?:" + IC_EVENT_PATTERN + ")[^]*="; + + var InjectionChecker = { + reset: function() { + + this.isPost = + this.base64 = + this.nameAssignment = false; + + this.base64tested = []; + + }, + + fuzzify: fuzzify, + syntax: new SyntaxChecker(), + _log: function(msg, t, i) { + if (msg) msg = this._printable(msg); + if (t) msg += " - TIME: " + (Date.now() - t); + if (i) msg += " - ITER: " + i; + debug("[InjectionChecker]", msg); + }, + + _printable: function(msg) { + return msg.toString().replace(/[^\u0020-\u007e]/g, function(s) { + return "{" + s.charCodeAt(0).toString(16) + "}"; + }); + }, + log: function() {}, + get logEnabled() { + return this.log == this._log; + }, + set logEnabled(v) { + this.log = v ? this._log : function() {}; + }, + + escalate: function(msg) { + this.log(msg); + log("[InjectionChecker] ", msg); + }, + + bb: function(brac, s, kets) { + for (var j = 3; j-- > 0;) { + s = brac + s + kets; + if (this.checkJSSyntax(s)) return true; + } + return false; + }, + + checkJSSyntax(s) { + // bracket balancing for micro injections like "''), e v a l (name,''" + if (/^(?:''|"")?[^\('"]*\)/.test(s)) return this.bb("x(\n", s, "\n)"); + if (/^(?:''|"")?[^\['"]*\\]/.test(s)) return this.bb("y[\n", s, "\n]"); + if (/^(?:''|"")?[^\{'"]*\}/.test(s)) return this.bb("function z() {\n", s, "\n}"); + + let syntax = this.syntax; + s += " /* COMMENT_TERMINATOR */\nDUMMY_EXPR"; + if (syntax.check(s)) { + this.log("Valid fragment " + s); + return true; + } + return false; + }, + + checkTemplates(script) { + let templateExpressions = script.replace(/[[\]{}]/g, ";"); + return templateExpressions !== script && + (this.maybeMavo(script) || + (this.maybeJS(templateExpressions, true) && + (this.syntax.check(templateExpressions) || + /[^><=]=[^=]/.test(templateExpressions) && this.syntax.check( + templateExpressions.replace(/([^><=])=(?=[^=])/g, '$1==')) + ))); + }, + + maybeMavo(s) { + return /\[[^]*\([^]*\)[^]*\]/.test(s) && /\b(?:and|or|mod|\$url\b)/.test(s) && + this.maybeJS(s.replace(/\b(?:and|or|mod|[[\]])/g, ',').replace(/\$url\b/g, 'location'), true); + }, + get breakStops() { + var def = "\\/\\?&#;\\s\\x00}<>"; // we stop on URL, JS and HTML delimiters + var bs = { + nq: new RegExp("[" + def + "]") + }; + Array.forEach("'\"`", // special treatment for quotes + function(c) { + bs[c] = new RegExp("[" + def + c + "]"); + } + ); + delete this.breakStops; + return (this.breakStops = bs); + }, + + collapseChars: (s) => s.replace(/\;+/g, ';').replace(/\/{4,}/g, '////') + .replace(/\s+/g, (s) => /\n/g.test(s) ? '\n' : ' '), + + _reduceBackslashes: (bs) => bs.length % 2 ? "\\" : "", + + reduceQuotes: function(s) { + if (s[0] == '/') { + // reduce common leading path fragment resembling a regular expression or a comment + s = s.replace(/^\/[^\/\n\r]+\//, '_RX_').replace(/^\/\/[^\r\n]*/, '//_COMMENT_'); + } + + if (/\/\*/.test(s) || // C-style comments, would make everything really tricky + /\w\s*(\/\/[\s\S]*)?\[[\s\S]*\w[\s\S]*\]/.test(s)) { // property accessors, risky + return s; + } + + if (/['"\/]/.test(s)) { + + // drop noisy backslashes + s = s.replace(/\\{2,}/g, this._reduceBackslashes); + + // drop escaped quotes + s = s.replace(/\\["'\/]/g, " EQ "); + var expr; + for (;;) { + expr = s.replace(/(^[^'"\/]*[;,\+\-=\(\[]\s*)\/[^\/]+\//g, "$1 _RX_ ") + .replace(/(^[^'"\/]*)(["']).*?\2/g, "$1 _QS_ "); + if (expr == s) break; + s = expr; + } + } + + // remove c++ style comments + return s.replace(/^([^'"`\\]*?)\/\/[^\r\n]*/g, "$1//_COMMENT_"); + }, + + reduceURLs: function(s) { + // nested URLs with protocol are parsed as C++ style comments, and since + // they're potentially very expensive, we preemptively remove them if possible + while (/^[^'"]*?:\/\//.test(s)) { + s = s.replace(/:\/\/[^*\s]*/, ':'); + } + s = s.replace(/:\/\/[^'"*\n]*/g, ':'); + + return (/\bhttps?:$/.test(s) && !/\bh\W*t\W*t\W*p\W*s?.*=/.test(s)) ? + s.replace(/\b(?:[\w.]+=)?https?:$/, '') : + s; + }, + + reduceJSON(s) { + const REPL = 'J'; + const toStringRx = /^function\s*toString\(\)\s*{\s*\[native code\]\s*\}$/; + + // optimistic case first, one big JSON block + let m = s.match(/{[^]+}|\[[^]*{[^]+}[^]*\]/); + if (!m) return s; + + // semicolon-separated JSON chunks, like on syndication.twitter.com + if (/}\s*;\s*{/.test(s)) s = s.split(";").map(chunk => this.reduceJSON(chunk)).join(";"); + + let [expr] = m; + try { + if (toStringRx.test(JSON.parse(expr).toString)) { + this.log("Reducing big JSON " + expr); + return this.reduceJSON(s.replace(expr, REPL)); + } + } catch (e) {} + let iterations = 0; + for (;;) { + let prev = s; + let start = s.indexOf("{"); + let end = s.lastIndexOf("}"); + let prevExpr = ""; + while (start > -1 && end - start > 1) { + expr = s.substring(start, end + 1); + if (expr === prevExpr) break; + end = s.lastIndexOf("}", end - 1); + if (end === -1) { + start = s.indexOf("{", start + 1); + end = s.lastIndexOf("}"); + } + try { + if (!toStringRx.test(JSON.parse(expr).toString)) + continue; + + this.log("Reducing JSON " + expr); + s = s.replace(expr, REPL); + break; + } catch (e) {} + + if (/\btoString\b[\s\S]*:/.test(expr)) { + continue; + } + + let qred = this.reduceQuotes(expr); + if (/\{(?:\s*(?:(?:\w+:)+\w+)+;\s*)+\}/.test(qred)) { + this.log("Reducing pseudo-JSON " + expr); + s = s.replace(expr, REPL); + break; + } + + if (!/[(=.]|[^:\s]\s*\[|:\s*(?:location|document|set(?:Timeout|Interval)|eval|open|show\w*Dialog|alert|confirm|prompt)\b|(?:\]|set)\s*:/.test(qred) && + this.checkJSSyntax("JSON = " + qred) // no-assignment JSON fails with "invalid label" + ) { + this.log("Reducing slow JSON " + expr); + s = s.replace(expr, REPL); + break; + } + prevExpr = expr; + } + + if (s === prev) break; + } + + return s; + }, + + reduceXML: function reduceXML(s) { + var res; + + for (let pos = s.indexOf("<"); pos !== -1; pos = s.indexOf("<", 1)) { + + let head = s.substring(0, pos); + let tail = s.substring(pos); + + let qnum = 0; + for (pos = -1; + (pos = head.indexOf('"', ++pos)) > -1;) { + if (pos === 0 || head[pos - 1] != '\\') qnum++; + } + if (qnum % 2) break; // odd quotes + + let t = tail.replace(/^<(\??\s*\/?[a-zA-Z][\w:-]*)(?:[\s+]+[\w:-]+="[^"]*")*[\s+]*(\/?\??)>/, '<$1$2>'); + + (res || (res = [])).push(head); + s = t; + } + if (res) { + res.push(s); + s = res.join(''); + } + + return s; + }, + + _singleAssignmentRx: new RegExp( + "(?:\\b" + fuzzify('document') + "\\b[^]*\\.|\\s" + fuzzify('setter') + "\\b[^]*=)|/.*/[^]*(?:\\.(?:" + + "\\b" + fuzzify("onerror") + "\\b[^]*=|" + + +fuzzify('source|toString') + ")|\\[)|" + IC_EVENT_DOS_PATTERN + ), + _riskyAssignmentRx: new RegExp( + "\\b(?:" + fuzzify('location|innerHTML|outerHTML') + ")\\b[^]*=" + ), + _nameRx: new RegExp( + "=[^]*\\b" + fuzzify('name') + "\\b|" + + fuzzify("hostname") + "[^]*=[^]*(?:\\b\\d|[\"'{}~^|<*/+-])" + ), + _evalAliasingRx: new RegExp( + "=[^]+\\[" + IC_EVAL_PATTERN + "\\W*\\]" // TODO: check if it can be coalesced into _maybeJSRx + ), + + _maybeJSRx: new RegExp( + '(?:(?:\\[[^]+\\]|\\.\\D)(?:[^]*\\([^]*\\)|[^*]`[^]+`|[^=]*=[^=][^]*\\S)' + + // double function call + '|\\([^]*\\([^]*\\)' + + ')|(?:^|\\W)(?:' + IC_EVAL_PATTERN + + ')(?:\\W+[^]*|)[(`]|(?:[=(]|\\{[^]+:)[^]*(?:' + // calling eval-like functions directly or... + IC_EVAL_PATTERN + // ... assigning them to another function possibly called by the victim later + ')[^]*[\\n,;:|]|\\b(?:' + + fuzzify('setter|location|innerHTML|outerHTML') + // eval-like assignments + ')\\b[^]*=|' + + '.' + IC_COMMENT_PATTERN + "src" + IC_COMMENT_PATTERN + '=' + + IC_EVENT_DOS_PATTERN + + "|\\b" + fuzzify("onerror") + "\\b[^]*=" + + "|=[s\\\\[ux]?\d{2}" + // escape (unicode/ascii/octal) + "|\\b(?:toString|valueOf)\\b" + IC_COMMENT_PATTERN + "=[^]*(?:" + IC_EVAL_PATTERN + ")" + + "|(?:\\)|(?:[^\\w$]|^)[$a-zA-Z_\\u0ff-\\uffff][$\\w\\u0ff-\\uffff]*)" + IC_COMMENT_PATTERN + '=>' + // concise function definition + "|(?:[^\\w$]|^)" + IC_EVENT_PATTERN + IC_COMMENT_PATTERN + "=" + ), + + _riskyParensRx: new RegExp( + "(?:^|\\W)(?:(?:" + IC_EVAL_PATTERN + "|on\\w+)\\s*[(`]|" + + fuzzify("with") + "\\b[^]*\\(|" + + fuzzify("for") + "\\b[^]*\\([^]*[\\w$\\u0080-\\uffff]+[^]*\\b(?:" + + fuzzify("in|of") + ")\\b)" + ), + + _dotRx: /\./g, + _removeDotsRx: /^openid\.[\w.-]+(?==)|(?:[?&#\/]|^)[\w.-]+(?=[\/\?&#]|$)|[\w\.]*\.(?:\b[A-Z]+|\w*\d|[a-z][$_])[\w.-]*|=[a-z.-]+\.(?:com|net|org|biz|info|xxx|[a-z]{2})(?:[;&/]|$)/g, + _removeDots: (p) => p.replace(InjectionChecker._dotRx, '|'), + _arrayAccessRx: /\s*\[\d+\]/g, + _riskyOperatorsRx: /[+-]{2}\s*(?:\/[*/][\s\S]+)?(?:\w+(?:\/[*/][\s\S]+)?[[.]|location)|(?:\]|\.\s*(?:\/[*/][\s\S]+)?\w+|location)\s*(?:\/[*/][\s\S]+)?([+-]{2}|[+*\/<>~-]+\s*(?:\/[*/][\s\S]+)?=)/, // inc/dec/self-modifying assignments on DOM props + _assignmentRx: /^(?:[^()="'\s]+=(?:[^(='"\[+]+|[?a-zA-Z_0-9;,&=/]+|[\d.|]+))$/, + _badRightHandRx: /=[\s\S]*(?:_QS_\b|[|.][\s\S]*source\b|<[\s\S]*\/[^>]*>)/, + _wikiParensRx: /^(?:[\w.|-]+\/)*\(*[\w\s-]+\([\w\s-]+\)[\w\s-]*\)*$/, + _neutralDotsRx: /(?:^|[\/;&#])[\w-]+\.[\w-]+[\?;\&#]/g, + _openIdRx: /^scope=(?:\w+\+)\w/, // OpenID authentication scope parameter, see http://forums.informaction.com/viewtopic.php?p=69851#p69851 + _gmxRx: /\$\(clientName\)-\$\(dataCenter\)\.(\w+\.)+\w+/, // GMX webmail, see http://forums.informaction.com/viewtopic.php?p=69700#p69700 + + maybeJS(expr, mavoChecked = false) { + if (!mavoChecked && this.maybeMavo(expr)) return true; + + if (/`[\s\S]*`/.test(expr) || // ES6 templates, extremely insidious!!! + this._evalAliasingRx.test(expr) || + this._riskyOperatorsRx.test(expr) // this must be checked before removing dots... + ) return true; + + expr = // dotted URL components can lead to false positives, let's remove them + expr.replace(this._removeDotsRx, this._removeDots) + .replace(this._arrayAccessRx, '_ARRAY_ACCESS_') + .replace(/<([\w:]+)>[^</(="'`]+<\/\1>/g, '<$1/>') // reduce XML text nodes + .replace(/<!--/g, '') // remove HTML comments preamble (see next line) + .replace(/(^(?:[^/]*[=;.+-])?)\s*[\[(]+/g, '$1') // remove leading parens and braces + .replace(this._openIdRx, '_OPENID_SCOPE_=XYZ') + .replace(/^[^=]*OPENid\.(\w+)=/gi, "OPENid_\1") + .replace(this._gmxRx, '_GMX_-_GMX_'); + + if (expr.indexOf(")") !== -1) expr += ")"; // account for externally balanced parens + if (this._assignmentRx.test(expr) && !this._badRightHandRx.test(expr)) // commonest case, single assignment or simple chained assignments, no break + return this._singleAssignmentRx.test(expr) || this._riskyAssignmentRx.test(expr) && this._nameRx.test(expr); + + return this._riskyParensRx.test(expr) || + this._maybeJSRx.test(expr.replace(this._neutralDotsRx, '')) && + !this._wikiParensRx.test(expr); + + }, + + checkNonTrivialJSSyntax: function(expr) { + return this.maybeJS(this.reduceQuotes(expr)) && this.checkJSSyntax(expr); + }, + + + wantsExpression: (s) => /(?:^[+-]|[!%&(,*/:;<=>?\[^|]|[^-]-|[^+]\+)\s*$/.test(s), + + stripLiteralsAndComments: function(s) { + "use strict"; + + const MODE_NORMAL = 0; + const MODE_REGEX = 1; + const MODE_SINGLEQUOTE = 2; + const MODE_DOUBLEQUOTE = 3; + const MODE_BLOCKCOMMENT = 4; + const MODE_LINECOMMENT = 6; + const MODE_INTERPOLATION = 7; + + let mode = MODE_NORMAL; + let escape = false; + let res = []; + + function handleQuotes(c, q, type) { + if (escape) { + escape = false; + } else if (c == '\\') { + escape = true; + } else if (c === q) { + res.push(type); + mode = MODE_NORMAL; + } + } + for (let j = 0, l = s.length; j < l; j++) { + + switch (mode) { + case MODE_REGEX: + handleQuotes(s[j], '/', "_REGEXP_"); + break; + case MODE_SINGLEQUOTE: + handleQuotes(s[j], "'", "_QS_"); + break; + case MODE_DOUBLEQUOTE: + handleQuotes(s[j], '"', "_DQS_"); + break; + case MODE_INTERPOLATION: + handleQuotes(s[j], '`', "``"); + break; + case MODE_BLOCKCOMMENT: + if (s[j] === '/' && s[j - 1] === '*') { + res.push("/**/"); + mode = MODE_NORMAL; + } + break; + case MODE_LINECOMMENT: + if (s[j] === '\n') { + res.push("//\n"); + mode = MODE_NORMAL; + } + break; + default: + switch (s[j]) { + case '"': + mode = MODE_DOUBLEQUOTE; + break; + case "'": + mode = MODE_SINGLEQUOTE; + break; + case "`": + mode = MODE_INTERPOLATION; + break; + case '/': + switch (s[j + 1]) { + case '*': + mode = MODE_BLOCKCOMMENT; + j += 2; + break; + case '/': + mode = MODE_LINECOMMENT; + break; + default: + let r = res.join(''); + res = [r]; + if (this.wantsExpression(r)) mode = MODE_REGEX; + else res.push('/'); // after a self-contained expression: division operator + } + break; + default: + res.push(s[j]); + } + + } + } + return res.join(''); + }, + + checkLastFunction: function() { + var fn = this.syntax.lastFunction; + if (!fn) return false; + var m = fn.toSource().match(/\{([\s\S]*)\}/); + if (!m) return false; + var expr = this.stripLiteralsAndComments(m[1]); + return /=[\s\S]*cookie|\b(?:setter|document|location|(?:inn|out)erHTML|\.\W*src)[\s\S]*=|[\w$\u0080-\uffff\)\]]\s*[\[\(]/.test(expr) || + this.maybeJS(expr); + }, + + _createInvalidRanges: function() { + function x(n) { + return '\\u' + ("0000" + n.toString(16)).slice(-4); + } + + var ret = ""; + var first = -1; + var last = -1; + var cur = 0x7e; + while (cur++ <= 0xffff) { + try { + eval("var _" + String.fromCharCode(cur) + "_=1"); + } catch (e) { + if (!/illegal char/.test(e.message)) continue; + if (first == -1) { + first = last = cur; + ret += x(cur); + continue; + } + if (cur - last == 1) { + last = cur; + continue; + } + + if (last != first) ret += "-" + x(last); + ret += x(cur); + last = first = cur; + } + } + return ret; + }, + + get invalidCharsRx() { + delete this.invalidCharsRx; + return this.invalidCharsRx = new RegExp("^[^\"'`/<>]*[" + this._createInvalidRanges() + "]"); + }, + + checkJSBreak: function InjectionChecker_checkJSBreak(s) { + // Direct script injection breaking JS string literals or comments + + + // cleanup most urlencoded noise and reduce JSON/XML + s = ';' + this.reduceXML(this.reduceJSON(this.collapseChars( + s.replace(/\%\d+[a-z\(]\w*/gi, '§') + .replace(/[\r\n\u2028\u2029]+/g, "\n") + .replace(/[\x01-\x09\x0b-\x20]+/g, ' ') + ))); + + if (s.indexOf("*/") > 0 && /\*\/[\s\S]+\/\*/.test(s)) { // possible scrambled multi-point with comment balancing + s += ';' + s.match(/\*\/[\s\S]+/); + } + + if (!this.maybeJS(s)) return false; + + const MAX_TIME = 8000, + MAX_LOOPS = 1200; + + const logEnabled = this.logEnabled; + + const + invalidCharsRx = /[\u007f-\uffff]/.test(s) && this.invalidCharsRx, + dangerRx = /\(|(?:^|[+-]{2}|[+*/<>~-]+\\s*=)|`[\s\S]*`|\[[^\]]+\]|(?:setter|location|(?:inn|out)erHTML|cookie|on\w{3,}|\.\D)[^&]*=[\s\S]*?(?:\/\/|[\w$\u0080-\uFFFF.[\]})'"-]+)/, + exprMatchRx = /^[\s\S]*?(?:[=\)]|`[\s\S]*`|[+-]{2}|[+*/<>~-]+\\s*=)/, + safeCgiRx = /^(?:(?:[\.\?\w\-\/&:§\[\]]+=[\w \-:\+%#,§\.]*(?:[&\|](?=[^&\|])|$)){2,}|\w+:\/\/\w[\w\-\.]*)/, + // r2l, chained query string parameters, protocol://domain + headRx = /^(?:[^'"\/\[\(]*[\]\)]|[^"'\/]*(?:§|[^&]&[\w\.]+=[^=]))/ + // irrepairable syntax error, such as closed parens in the beginning + ; + + const injectionFinderRx = /(['"`#;>:{}]|[/?=](?![?&=])|&(?![\w-.[\]&!-]*=)|\*\/)(?!\1)/g; + injectionFinderRx.lastIndex = 0; + + const t = Date.now(); + var iterations = 0; + + for (let dangerPos = 0, m; + (m = injectionFinderRx.exec(s));) { + + let startPos = injectionFinderRx.lastIndex; + let subj = s.substring(startPos); + if (startPos > dangerPos) { + dangerRx.lastIndex = startPos; + if (!dangerRx.exec(s)) { + this.log("Can't find any danger in " + s); + return false; + } + dangerPos = dangerRx.lastIndex; + } + + let breakSeq = m[1]; + let quote = breakSeq in this.breakStops ? breakSeq : ''; + + if (!this.maybeJS(quote ? quote + subj : subj)) { + this.log("Fast escape on " + subj, t, iterations); + return false; + } + + let script = this.reduceURLs(subj); + + if (script.length < subj.length) { + if (!this.maybeJS(script)) { + this.log("Skipping to first nested URL in " + subj, t, iterations); + injectionFinderRx.lastIndex += subj.indexOf("://") + 1; + continue; + } + subj = script; + script = this.reduceURLs(subj.substring(0, dangerPos - startPos)); + } else { + script = subj.substring(0, dangerPos - startPos); + } + + let expr = subj.match(exprMatchRx); + + if (expr) { + expr = expr[0]; + if (expr.length < script.length) { + expr = script; + } + } else { + expr = script; + } + + // quickly skip (mis)leading innocuous CGI patterns + if ((m = subj.match(safeCgiRx))) { + + this.log("Skipping CGI pattern in " + subj); + + injectionFinderRx.lastIndex += m[0].length - 1; + continue; + } + + let bs = this.breakStops[quote || 'nq'] + + for (let len = expr.length, moved = false, hunt = !!expr, lastExpr = ''; hunt;) { + + if (Date.now() - t > MAX_TIME) { + this.log("Too long execution time! Assuming DOS... " + (Date.now() - t), t, iterations); + return true; + } + + hunt = expr.length < subj.length; + + if (moved) { + moved = false; + } else if (hunt) { + let pos = subj.substring(len).search(bs); + if (pos < 0) { + expr = subj; + hunt = false; + } else { + len += pos; + if (quote && subj[len] === quote) { + len++; + } else if (subj[len - 1] === '<') { + // invalid JS, and maybe in the middle of XML block + len++; + continue; + } + expr = subj.substring(0, len); + if (pos === 0) len++; + } + } + + if (lastExpr === expr) { + lastExpr = ''; + continue; + } + + lastExpr = expr; + + if (invalidCharsRx && invalidCharsRx.test(expr)) { + this.log("Quick skipping invalid chars"); + break; + } + + + + if (quote) { + if (this.checkNonTrivialJSSyntax(expr)) { + this.log("Non-trivial JS inside quoted string detected", t, iterations); + return true; + } + script = this.syntax.unquote(quote + expr, quote); + if (script && this.maybeJS(script) && + (this.checkNonTrivialJSSyntax(script) || + /'./.test(script) && this.checkNonTrivialJSSyntax("''" + script + "'") || + /"./.test(script) && this.checkNonTrivialJSSyntax('""' + script + '"') + ) && this.checkLastFunction() + ) { + this.log("JS quote Break Injection detected", t, iterations); + return true; + } + script = quote + quote + expr + quote; + } else { + script = expr; + } + + if (headRx.test(script.split("//")[0])) { + let balanced = script.replace(/^[^"'{}(]*\)/, 'P '); + if (balanced !== script && balanced.indexOf('(') > -1) { + script = balanced + ")"; + } else { + this.log("SKIP (head syntax) " + script, t, iterations); + break; // unrepairable syntax error in the head, move left cursor forward + } + } + + if (this.maybeJS(this.reduceQuotes(script))) { + + if (this.checkJSSyntax(script) && this.checkLastFunction()) { + this.log("JS Break Injection detected", t, iterations); + return true; + } + + if (this.checkTemplates(script)) { + this.log("JS template expression injection detected", t, iterations); + return true; + } + + if (++iterations > MAX_LOOPS) { + this.log("Too many syntax checks! Assuming DOS... " + s, t, iterations); + return true; + } + if (this.syntax.lastError) { // could be null if we're here thanks to checkLastFunction() + let errmsg = this.syntax.lastError.message; + if (logEnabled) this.log(errmsg + " --- " + this.syntax.lastScript + " --- ", t, iterations); + if (!quote) { + if (errmsg.indexOf("left-hand") !== -1) { + let m = subj.match(/^([^\]\(\\'"=\?]+?)[\w$\u0080-\uffff\s]+[=\?]/); + if (m) { + injectionFinderRx.lastIndex += m[1].length - 1; + } + break; + } else if (errmsg.indexOf("unterminated string literal") !== -1) { + let quotePos = subj.substring(len).search(/["']/); + if (quotePos > -1) { + expr = subj.substring(0, len += ++quotePos); + moved = true; + } else break; + } else if (errmsg.indexOf("syntax error") !== -1) { + let dblSlashPos = subj.indexOf("//"); + if (dblSlashPos > -1) { + let pos = subj.search(/['"\n\\\(]|\/\*/); + if (pos < 0 || pos > dblSlashPos) + break; + } + if (/^([\w\[\]]*=)?\w*&[\w\[\]]*=/.test(subj)) { // CGI param concatenation + break; + } + } + } else if (errmsg.indexOf("left-hand") !== -1) break; + + if (/invalid .*\bflag\b|missing ; before statement|invalid label|illegal character|identifier starts immediately/.test(errmsg)) { + if (errmsg.indexOf("illegal character") === -1 && /#\d*\s*$/.test(script)) { // sharp vars exceptional behavior + if (!quote) break; + // let's retry without quotes + quote = lastExpr = ''; + hunt = moved = true; + } else break; + } else if ((m = errmsg.match(/\b(?:property id\b|missing ([:\]\)\}]) )/))) { + let char = m[1] || '}'; + let newLen = subj.indexOf(char, len); + let nextParamPos = subj.substring(len).search(/[^&]&(?!&)/) + if (newLen !== -1 && (nextParamPos === -1 || newLen <= len + nextParamPos)) { + this.log("Extending to next " + char); + expr = subj.substring(0, len = ++newLen); + moved = char !== ':'; + } else if (char !== ':') { + let lastChar = expr[expr.length - 1]; + if (lastChar === char && (len > subj.length || lastChar != subj[len - 1])) break; + expr += char; + moved = hunt = true; + len++; + this.log("Balancing " + char, t, iterations); + } else { + break; + } + } else if (/finally without try/.test(errmsg)) { + expr = "try{" + expr; + hunt = moved = true; + } + } + } + } + } + this.log(s, t, iterations); + return false; + }, + + + checkJS: function(s, unescapedUni) { + this.log(s); + + if (/\?name\b[\s\S]*:|[^&?]\bname\b/.test(s)) { + this.nameAssignment = true; + } + + var hasUnicodeEscapes = !unescapedUni && /\\u(?:[0-9a-f]{4}|\{[0-9a-f]+\})/i.test(s); + if (hasUnicodeEscapes && /\\u(?:\{0*|00)[0-7][0-9a-f]/i.test(s)) { + this.escalate("Unicode-escaped lower ASCII"); + return true; + } + + if (/\\x[0-9a-f]{2}[\s\S]*['"]/i.test(s)) { + this.escalate("Obfuscated string literal"); + return true; + } + + if (/`[\s\S]*\$\{[\s\S]+[=(][\s\S]+\}[\s\S]*`/.test(s)) { + this.escalate("ES6 string interpolation"); + return true; + } + + this.syntax.lastFunction = null; + let ret = this.checkAttributes(s) || + (/[\\\(]|=[^=]/.test(s) || this._riskyOperatorsRx.test(s)) && this.checkJSBreak(s) || // MAIN + hasUnicodeEscapes && this.checkJS(this.unescapeJS(s), true); // optional unescaped recursion + if (ret) { + let msg = "JavaScript Injection in " + s; + if (this.syntax.lastFunction) { + msg += "\n" + this.syntax.lastFunction.toSource(); + } + this.escalate(msg); + } + return ret; + }, + + unescapeJS: function(s) { + return s.replace(/\\u([0-9a-f]{4})/gi, function(s, c) { + return String.fromCharCode(parseInt(c, 16)); + }); + }, + unescapeJSLiteral: function(s) { + return s.replace(/\\x([0-9a-f]{2})/gi, function(s, c) { + return String.fromCharCode(parseInt(c, 16)); + }); + }, + + unescapeCSS: function(s) { + // see http://www.w3.org/TR/CSS21/syndata.html#characters + return s.replace(/\\([\da-f]{0,6})\s?/gi, function($0, $1) { + try { + return String.fromCharCode(parseInt($1, 16)); + } catch (e) { + return ""; + } + }); + }, + + reduceDashPlus: function(s) { + // http://forums.mozillazine.org/viewtopic.php?p=5592865#p5592865 + return s.replace(/\-+/g, "-") + .replace(/\++/g, "+") + .replace(/\s+/g, ' ') + .replace(/(?: \-)+/g, ' -') + .replace(/(?:\+\-)+/g, '+-'); + }, + + _rxCheck: function(checker, s) { + var rx = this[checker + "Checker"]; + var ret = rx.exec(s); + if (ret) { + this.escalate(checker + " injection:\n" + ret + "\nmatches " + rx.source); + return true; + } + return false; + }, + + AttributesChecker: new RegExp( + "(?:\\W|^)(?:javascript:(?:[^]+[=\\\\\\(`\\[\\.<]|[^]*(?:\\bname\\b|\\\\[ux]\\d))|" + + "data:(?:(?:[a-z]\\w+/\\w[\\w+-]+\\w)?[;,]|[^]*;[^]*\\b(?:base64|charset=)|[^]*,[^]*<[^]*\\w[^]*>))|@" + + ("import\\W*(?:\\/\\*[^]*)?(?:[\"']|url[^]*\\()" + + "|-moz-binding[^]*:[^]*url[^]*\\(|\\{\\{[^]+\\}\\}") + .replace(/[a-rt-z\-]/g, "\\W*$&"), + "i"), + checkAttributes: function(s) { + s = this.reduceDashPlus(s); + if (this._rxCheck("Attributes", s)) return true; + if (/\\/.test(s) && this._rxCheck("Attributes", this.unescapeCSS(s))) return true; + let dataPos = s.search(/data:\S*\s/i); + if (dataPos !== -1) { + let data = this.urlUnescape(s.substring(dataPos).replace(/\s/g, '')); + if (this.checkHTML(data) || this.checkAttributes(data)) return true; + } + return false; + }, + + GlobalsChecker: /https?:\/\/[\S\s]+["'\s\0](?:id|class|data-\w+)[\s\0]*=[\s\0]*("')?\w{3,}(?:[\s\0]|\1|$)|(?:id|class|data-\w+)[\s\0]*=[\s\0]*("')?\w{3,}(?:[\s\0]|\1)[\s\S]*["'\s\0]href[\s\0]*=[\s\0]*(?:"')?https?:\/\//i, + HTMLChecker: new RegExp("<[^\\w<>]*(?:[^<>\"'\\s]*:)?[^\\w<>]*(?:" + // take in account quirks and namespaces + fuzzify("script|form|style|svg|marquee|(?:link|object|embed|applet|param|i?frame|base|body|meta|ima?ge?|video|audio|bindings|set|isindex|animate|template") + + ")[^>\\w])|['\"\\s\\0/](?:formaction|style|background|src|lowsrc|ping|innerhtml|data-bind|(?:data-)?mv-(?:\\w+[\\w-]*)|" + IC_EVENT_PATTERN + + ")[\\s\\0]*=|<%[^]+[=(][^]+%>", "i"), + + checkHTML(s) { + let links = s.match(/\b(?:href|src|base|(?:form)?action|\w+-\w+)\s*=\s*(?:(["'])[\s\S]*?\1|(?:[^'">][^>\s]*)?[:?\/#][^>\s]*)/ig); + if (links) { + for (let l of links) { + l = l.replace(/[^=]*=\s*/i, '').replace(/[\u0000-\u001f]/g, ''); + l = /^["']/.test(l) ? l.replace(/^(['"])([^]*?)\1[^]*/g, '$2') : l.replace(/[\s>][^]*/, ''); + + if (/^(?:javascript|data):|\[[^]+\]/i.test(l) || /[<'"(]/.test(unescape(l)) && this.checkUrl(l)) return true; + } + } + return this._rxCheck("HTML", s) || this._rxCheck("Globals", s); + }, + + checkNoscript: function(s) { + this.log(s); + return s.indexOf("\x1b(J") !== -1 && this.checkNoscript(s.replace(/\x1b\(J/g, '')) || // ignored in iso-2022-jp + s.indexOf("\x7e\x0a") !== -1 && this.checkNoscript(s.replace(/\x7e\x0a/g, '')) || // ignored in hz-gb-2312 + this.checkHTML(s) || this.checkSQLI(s) || this.checkHeaders(s); + }, + + HeadersChecker: /[\r\n]\s*(?:content-(?:type|encoding))\s*:/i, + checkHeaders: function(s) { + return this._rxCheck("Headers", s); + }, + SQLIChecker: /(?:(?:(?:\b|[^a-z])union[^a-z]|\()[\w\W]*(?:\b|[^a-z])select[^a-z]|(?:updatexml|extractvalue)(?:\b|[^a-z])[\w\W]*\()[\w\W]+(?:(?:0x|x')[0-9a-f]{16}|(?:0b|b')[01]{64}|\(|\|\||\+)/i, + checkSQLI: function(s) { + return this._rxCheck("SQLI", s); + }, + + base64: false, + base64tested: [], + get base64Decoder() { + return Base64; + }, // exposed here just for debugging purposes + + + checkBase64: function(url) { + this.base64 = false; + + const MAX_TIME = 8000; + const DOS_MSG = "Too long execution time, assuming DOS in Base64 checks"; + + this.log(url); + + + var parts = url.split("#"); // check hash + if (parts.length > 1 && this.checkBase64FragEx(unescape(parts[1]))) + return true; + + parts = parts[0].split(/[&;]/); // check query string + if (parts.length > 0 && parts.some(function(p) { + var pos = p.indexOf("="); + if (pos > -1) p = p.substring(pos + 1); + return this.checkBase64FragEx(unescape(p)); + }, this)) + return true; + + url = parts[0]; + parts = Base64.purify(url).split("/"); + if (parts.length > 255) { + this.log("More than 255 base64 slash chunks, assuming DOS"); + return true; + } + + + var t = Date.now(); + if (parts.some(function(p) { + if (Date.now() - t > MAX_TIME) { + this.log(DOS_MSG); + return true; + } + return this.checkBase64Frag(Base64.purify(Base64.alt(p))); + }, this)) + return true; + + + var uparts = Base64.purify(unescape(url)).split("/"); + + t = Date.now(); + while (parts.length) { + if (Date.now() - t > MAX_TIME) { + this.log(DOS_MSG); + return true; + } + if (this.checkBase64Frag(parts.join("/")) || + this.checkBase64Frag(uparts.join("/"))) + return true; + + parts.shift(); + uparts.shift(); + } + + return false; + }, + + + checkBase64Frag: function(f) { + if (this.base64tested.indexOf(f) < 0) { + this.base64tested.push(f); + try { + var s = Base64.decode(f); + if (s && s.replace(/[^\w\(\)]/g, '').length > 7 && + (this.checkHTML(s) || + this.checkAttributes(s)) + // this.checkJS(s) // -- alternate, whose usefulness is doubious but which easily leads to DOS + ) { + this.log("Detected BASE64 encoded injection: " + f + " --- (" + s + ")"); + return this.base64 = true; + } + } catch (e) {} + } + return false; + }, + + checkBase64FragEx: function(f) { + return this.checkBase64Frag(Base64.purify(f)) || this.checkBase64Frag(Base64.purify(Base64.alt(f))); + }, + + + checkUrl(url, skipRx = null) { + if (skipRx) url = url.replace(skipRx, ''); + return this.checkRecursive(url + // assume protocol and host are safe, but keep the leading double slash to keep comments in account + .replace(/^[a-z]+:\/\/.*?(?=\/|$)/, "//") + // Remove outer parenses from ASP.NET cookieless session's AppPathModifier + .replace(/\/\((S\(\w{24}\))\)\//, '/$1/') + ); + }, + + checkPost(formData, skipParams = null) { + let keys = Object.keys(formData); + if (Array.isArray(skipParams)) keys = keys.filter(k => !skipParams.includes(k)) + for (let key of keys) { + let chunk = `${key}=${formData[key].join(`;`)}`; + if (this.checkRecursive(chunk, 2, true)) { + return chunk; + } + } + return null; + }, + + checkRecursive(s, depth = 3, isPost = false) { + this.reset(); + this.isPost = isPost; + + + if (ASPIdiocy.affects(s)) { + if (this.checkRecursive(ASPIdiocy.process(s), depth, isPost)) + return true; + } else if (ASPIdiocy.hasBadPercents(s) && this.checkRecursive(ASPIdiocy.removeBadPercents(s), depth, isPost)) { + return true; + } + if (FlashIdiocy.affects(s)) { + let purged = FlashIdiocy.purgeBadEncodings(s); + if (purged !== s && this.checkRecursive(purged, depth, isPost)) + return true; + let decoded = FlashIdiocy.platformDecode(purged); + if (decoded !== purged && this.checkRecursive(decoded, depth, isPost)) + return true; + } + + if (s.indexOf("coalesced:") !== 0) { + let coalesced = ASPIdiocy.coalesceQuery(s); + if (coalesced !== s && this.checkRecursive("coalesced:" + coalesced, depth, isPost)) + return true; + } + + if (isPost) { + s = this.formUnescape(s); + if (this.checkBase64Frag(Base64.purify(s))) return true; + + if (s.indexOf("<") > -1) { + // remove XML-embedded Base64 binary data + s = s.replace(/<((?:\w+:)?\w+)>[0-9a-zA-Z+\/]+=*<\/\1>/g, ''); + } + + s = "#" + s; + } else { + if (this.checkBase64(s.replace(/^\/{1,3}/, ''))) return true; + } + + if (isPost) s = "#" + s; // allows the string to be JS-checked as a whole + return this._checkRecursive(s, depth); + }, + + _checkRecursive: function(s, depth) { + + if (this.checkHTML(s) || this.checkJS(s) || this.checkSQLI(s) || this.checkHeaders(s)) + return true; + + if (s.indexOf("&") !== -1) { + let unent = Entities.convertAll(s); + if (unent !== s && this._checkRecursive(unent, depth)) return true; + } + + if (--depth <= 0) + return false; + + if (s.indexOf('+') !== -1 && this._checkRecursive(this.formUnescape(s), depth)) + return true; + + var unescaped = this.urlUnescape(s); + let badUTF8 = this.utf8EscapeError; + + if (this._checkOverDecoding(s, unescaped)) + return true; + + if (/[\u0000-\u001f]|&#/.test(unescaped)) { + let unent = Entities.convertAll(unescaped.replace(/[\u0000-\u001f]+/g, '')); + if (unescaped != unent && this._checkRecursive(unent, depth)) { + this.log("Trash-stripped nested URL match!"); + return true; + } + } + + if (/\\x[0-9a-f]/i.test(unescaped)) { + let literal = this.unescapeJSLiteral(unescaped); + if (unescaped !== literal && this._checkRecursive(literal, depth)) { + this.log("Escaped literal match!"); + return true; + } + } + + if (unescaped.indexOf("\x1b(J") !== -1 && this._checkRecursive(unescaped.replace(/\x1b\(J/g, ''), depth) || // ignored in iso-2022-jp + unescaped.indexOf("\x7e\x0a") !== -1 && this._checkRecursive(unescaped.replace(/\x7e\x0a/g, '')) // ignored in hz-gb-2312 + ) { + return true; + } + + if (badUTF8) { + try { + let legacyEscaped = unescape(unescaped); + if (legacyEscaped !== unescaped && this._checkRecursive(unescape(unescaped))) return true; + } catch (e) {} + } + + if (unescaped !== s && this._checkRecursive(unescaped, depth)) { + return true; + } + + s = this.ebayUnescape(unescaped); + if (s != unescaped && this._checkRecursive(s, depth)) + return true; + + return false; + }, + + _checkOverDecoding: function(s, unescaped) { + if (/%[8-9a-f]/i.test(s)) { + const rx = /[<'"]/g; + var m1 = unescape(this.utf8OverDecode(s, false)).match(rx); + if (m1) { + unescaped = unescaped || this.urlUnescape(s); + var m0 = unescaped.match(rx); + if (!m0 || m0.length < m1.length) { + this.log("Potential utf8_decode() exploit!"); + return true; + } + } + } + return false; + }, + + utf8OverDecode: function(url, strict) { + return url.replace(strict ? + /%(?:f0%80%80|e0%80|c0)%[8-b][0-f]/gi : + /%(?:f[a-f0-9](?:%[0-9a-f]0){2}|e0%[4-9a-f]0|c[01])%[a-f0-9]{2}/gi, + function(m) { + var hex = m.replace(/%/g, ''); + if (strict) { + for (var j = 2; j < hex.length; j += 2) { + if ((parseInt(hex.substring(j, j + 2), 16) & 0xc0) != 0x80) return m; + } + } + switch (hex.length) { + case 8: + hex = hex.substring(2); + case 6: + c = (parseInt(hex.substring(0, 2), 16) & 0x3f) << 12 | + (parseInt(hex.substring(2, 4), 16) & 0x3f) << 6 | + parseInt(hex.substring(4, 6), 16) & 0x3f; + break; + default: + c = (parseInt(hex.substring(0, 2), 16) & 0x3f) << 6 | + parseInt(hex.substring(2, 4), 16) & 0x3f; + } + return encodeURIComponent(String.fromCharCode(c & 0x3f)); + } + ); + }, + + utf8EscapeError: true, + urlUnescape: function(url, brutal) { + var od = this.utf8OverDecode(url, !brutal); + this.utf8EscapeError = false; + try { + return decodeURIComponent(od); + } catch (warn) { + this.utf8EscapeError = true; + if (url != od) url += " (" + od + ")"; + this.log("Problem decoding " + url + ", maybe not an UTF-8 encoding? " + warn.message); + return od; + } + }, + + formUnescape: function(s, brutal) { + return this.urlUnescape(s.replace(/\+/g, ' '), brutal); + }, + + ebayUnescape: function(url) { + return url.replace(/Q([\da-fA-F]{2})/g, function(s, c) { + return String.fromCharCode(parseInt(c, 16)); + }); + }, + + checkWindowName(window, url) { + var originalAttempt = window.name; + try { + if (/^https?:\/\/(?:[^/]*\.)?\byimg\.com\/rq\/darla\//.test(url)) { + window.name = "DARLA_JUNK"; + return; + } + + if (/\s*{[\s\S]+}\s*/.test(originalAttempt)) { + try { + JSON.parse(originalAttempt); // fast track for crazy JSON in name like on NYT + return; + } catch (e) {} + } + + if (/[%=\(\\<]/.test(originalAttempt) && InjectionChecker.checkUrl(originalAttempt)) { + window.name = originalAttempt.replace(/[%=\(\\<]/g, " "); + } + + if (originalAttempt.length > 11) { + try { + if ((originalAttempt.length % 4 === 0)) { + var bin = window.atob(window.name); + if (/[%=\(\\]/.test(bin) && InjectionChecker.checkUrl(bin)) { + window.name = "BASE_64_XSS"; + } + } + } catch (e) {} + } + } finally { + if (originalAttempt != window.name) { + log('[NoScript XSS]: sanitized window.name, "' + originalAttempt + '"\nto\n"' + window.name + '"\nURL: ' + url); + log(url + "\n" + window.location.href); + } + } + }, + + }; + // InjectionChecker.logEnabled = true; + return InjectionChecker; +})(); diff --git a/src/xss/XSS.js b/src/xss/XSS.js new file mode 100644 index 0000000..94e33fa --- /dev/null +++ b/src/xss/XSS.js @@ -0,0 +1,246 @@ +'use strict'; + +var XSS = (() => { + + const ABORT = {cancel: true}, ALLOW = {}; + + let promptsMap = new Map(); + + async function getUserResponse(xssReq) { + let {originKey} = xssReq; + await promptsMap.get(originKey); + // promptsMap.delete(originKey); + switch (await XSS.getUserChoice(originKey)) { + case "allow": + return ALLOW; + case "block": + log("Blocking request from %s to %s by previous XSS prompt user choice", + xssReq.srcUrl, xssReq.destUrl); + return ABORT; + } + return null; + } + + async function requestListener(request) { + + if (ns.isEnforced(request.tabId)) { + let {policy} = ns; + let {type} = request; + if (type !== "main_frame") { + if (type === "sub_frame") type = "frame"; + if (!policy.can(request.url, type, request.originUrl)) { + return ALLOW; // it will be blocked by RequestGuard + } + } + } + let xssReq = XSS.parseRequest(request); + if (!xssReq) return null; + let userResponse = await getUserResponse(xssReq); + if (userResponse) return userResponse; + + let data; + let reasons; + try { + reasons = await XSS.maybe(xssReq); + if (!reasons) return ALLOW; + + data = []; + } catch (e) { + error(e, "XSS filter processing %o", xssReq); + reasons = { urlInjection: true }; + data = [e.toString()]; + } + + + + let prompting = (async () => { + userResponse = await getUserResponse(xssReq); + if (userResponse) return userResponse; + + let {srcOrigin, destOrigin, unescapedDest} = xssReq; + let block = !!(reasons.urlInjection || reasons.postInjection) + + if (reasons.protectName) { + RequestUtil.executeOnStart(request, { + file: "/xss/sanitizeName.js", + }); + if (!block) return ALLOW; + } + if (reasons.urlInjection) data.push(`(URL) ${unescapedDest}`); + if (reasons.postInjection) data.push(`(POST) ${reasons.postInjection}`); + + let source = srcOrigin && srcOrigin !== "null" ? srcOrigin : "[...]"; + + let {button, option} = await Prompts.prompt({ + title: _("XSS_promptTitle"), + message: _("XSS_promptMessage", [source, destOrigin, data.join(",")]), + options: [ + {label: _(`XSS_opt${block ? 'Block' : 'Sanitize'}`), checked: true}, // 0 + {label: _("XSS_optAlwaysBlock", [source, destOrigin])}, // 1 + {label: _("XSS_optAllow")}, // 2 + {label: _("XSS_optAlwaysAllow", [source, destOrigin])}, // 3 + ], + + buttons: [_("Ok")], + multiple: "focus", + width: 600, + height: 480, + }); + + if (button === 0 && option >= 2) { + if (option === 3) { // always allow + await XSS.setUserChoice(xssReq.originKey, "allow"); + await XSS.saveUserChoices(); + } + return ALLOW; + } + if (option === 1) { // always block + block = true; + await XSS.setUserChoice(xssReq.originKey, "block"); + await XSS.saveUserChoices(); + } + return block ? ABORT : ALLOW; + })(); + promptsMap.set(xssReq.originKey, prompting); + try { + return await prompting; + } catch (e) { + error(e); + return ABORT; + } + }; + + return { + async start() { + let {onBeforeRequest} = browser.webRequest; + if (onBeforeRequest.hasListener(requestListener)) return; + + await include("/legacy/Legacy.js"); + await include("/xss/Exceptions.js"); + + this._userChoices = (await Storage.get("sync", "xssUserChoices")).xssUserChoices || {}; + + // conver old style whitelist if stored + let oldWhitelist = await XSS.Exceptions.getWhitelist(); + if (oldWhitelist) { + for (let [destOrigin, sources] of Object.entries(oldWhitelist)) { + for (let srcOrigin of sources) { + this._userChoices[`${srcOrigin}>${destOrigin}`] = "allow"; + } + } + XSS.Exceptions.setWhitelist(null); + } + + onBeforeRequest.addListener(requestListener, { + urls: ["*://*/*"], + types: ["main_frame", "sub_frame", "object"] + }, ["blocking", "requestBody"]); + }, + + stop() { + let {onBeforeRequest} = browser.webRequest; + if (onBeforeRequest.hasListener(requestListener)) { + onBeforeRequest.removeListener(requestListener); + } + }, + + + parseRequest(request) { + let { + url: destUrl, + originUrl: srcUrl, + method + } = request; + let destObj; + try { + destObj = new URL(destUrl); + } catch (e) { + error(e, "Cannot create URL object for %s", destUrl); + return null; + } + let srcObj = null; + if (srcUrl) { + try { + srcObj = new URL(srcUrl); + } catch (e) {} + } else { + srcUrl = ""; + } + + let unescapedDest = unescape(destUrl); + let srcOrigin = srcObj ? srcObj.origin : ""; + let destOrigin = destObj.origin; + + let isGet = method === "GET"; + return { + xssUnparsed: request, + srcUrl, + destUrl, + srcObj, + destObj, + srcOrigin, + destOrigin, + get srcDomain() { + delete this.srcDomain; + return this.srcDomain = srcObj && srcObj.hostname && tld.getDomain(srcObj.hostname) || ""; + }, + get destDomain() { + delete this.destDomain; + return this.destDomain = tld.getDomain(destObj.hostname); + }, + get originKey() { + delete this.originKey; + return this.originKey = `${srcOrigin}>${destOrigin}`; + }, + unescapedDest, + isGet, + isPost: !isGet && method === "POST", + } + }, + + async saveUserChoices(xssUserChoices = this._userChoices || {}) { + this._userChoices = xssUserChoices; + await Storage.set("sync", {xssUserChoices}); + }, + getUserChoices() { + return this._userChoices; + }, + setUserChoice(originKey, choice) { + this._userChoices[originKey] = choice; + }, + getUserChoice(originKey) { + return this._userChoices[originKey]; + }, + + async maybe(request) { // return reason or null if everything seems fine + let xssReq = request.xssUnparsed ? request : this.parseRequest(request); + request = xssReq.xssUnparsed; + + if (await this.Exceptions.shouldIgnore(xssReq)) { + return null; + } + + let { + skipParams, + skipRx + } = this.Exceptions.partial(xssReq); + + let {destUrl} = xssReq; + + await include("/xss/InjectionChecker.js"); + let ic = await this.InjectionChecker; + ic.reset(); + + let postInjection = xssReq.isPost && + request.requestBody && request.requestBody.formData && + ic.checkPost(request.requestBody.formData, skipParams); + + let protectName = ic.nameAssignment; + let urlInjection = ic.checkUrl(destUrl, skipRx); + protectName = protectName || ic.nameAssignment; + ic.reset(); + return !(protectName || postInjection || urlInjection) ? null + : { protectName, postInjection, urlInjection }; + } + }; +})(); diff --git a/src/xss/sanitizeName.js b/src/xss/sanitizeName.js new file mode 100644 index 0000000..22185f4 --- /dev/null +++ b/src/xss/sanitizeName.js @@ -0,0 +1,4 @@ +if (/[<"'\`(=:]/.test(window.name)) { + console.log(`NoScript XSS filter sanitizing suspicious window.name "%s" on %s`, window.name, document.URL); + window.name = ""; +} |