KeyStoreFileCSCAN0010\.keystore$Found Android app signing keystore file.Remove secret file from repo or share, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 1Base64EncodedCertificateCSCAN0020\.(cs|ini|json|ps1|publishsettings|template|trd|ts|xml|scala)$MII[a-zA-Z0-9/+]{200}['">;=]MII[a-zA-Z0-9/+]{200}Found base64 encoded certificate with private key in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 1Microsoft.Art.ContentSearch.Base64EncodedCertValidator, Microsoft.Art.ContentSearchPublishSettingsCSCAN0030\.publishsettings$userpwd="[a-z0-9/\\+]{60}"Found app service deployment secrets in publish settings file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3CodeConnStringCSCAN0040(\.(cs|js|ts|cpp|scala|linq|hql|go|rs|pl|vb)|policy_and_key\.hpp|AccountConfig\.h)$\n[ \t]{0,50}(//|/\*)[ \t]{0,10}[a-zA-Z0-9/+]{86}==\n[ \t]{0,50}(//|/\*)[ \t]{0,10}[a-zA-Z0-9/+]{43}=[^{@\d%]\n[^\r\n]{0,400}[>|'|=|"][a-zA-Z0-9/+]{86}==\n[^\r\n]{0,400}[>|'|=|"][a-zA-Z0-9/+]{43}=[^{@\d%]\n[^\r\n]{0,400}[>|'|=|"][a-zA-Z0-9%]{43,53}%3d[^{a-zA-Z0-9%]\n.*(User ID|uid|UserId).*(Password|[^a-z]pwd)=[^'$%>@";\[\{][^;/"\r\n ]{7,128}(;|")Key Patterns ContentFiltersAccountKey\s*=\s*MII[a-zA-Z0-9/+]{43,}={0,2}(prefix <<|guestaccesstoken|Microsoft\.ApiManagement|skiptoken|cookie|tsm|fake|example|badlyFormatted|Invalid|sha512|sha256|"input"|ENCRYPTED|"EncodedRequestUri"|looks like|myStorageAccountName|(0|x|\*){8,})Found storage credential in source code file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3Microsoft.Art.ContentSearch.SymmetricKeyValidator, Microsoft.Art.ContentSearchPfxFileCSCAN0050\.(pfx|p12)$^(?<result>)[\u0000-\uFFFF]{20}Found PFX certificate file.Remove secret file from repo or share, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3Microsoft.Art.ContentSearch.EmptyCertValidator, Microsoft.Art.ContentSearchPemFileCSCAN0060\.(pem|key)$-----BEGIN\s(RSA\s)?PRIVATE\sKEY-----Found PEM certificate file with private key.Remove secret file from repo or share, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3PvkFileCSCAN0070\.pvk$^(?<result>)[\u0000-\uFFFF]{20}Found PVK certificate file.Remove secret file from repo or share, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3Microsoft.Art.ContentSearch.EmptyCertValidator, Microsoft.Art.ContentSearchSecurityConfigCSCAN0080securityconfig\.xml$<password>[^<]+</password>Found secrets in security config file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3ConfigFileCSCAN0090\.(config|cscfg|conf|json|js|txt|cpp|sql|dtsx|md|java|FF|template|settings|ini|BF|ste|isml|test|ts|resx|Azure|sample|backup|rd|hpp|psm1|cshtml|htm|bat|waz|yml|Beta|py|sh|m|php|xaml|keys|cmd|rds|loadtest|properties|vbs|ccf|user)$|(hubot|project.params)<machineKey[^>]+(decryptionKey\s*\=\s*"[a-fA-F0-9]{48,}|validationKey\s*\=\s*"[a-fA-F0-9]{48,})[^>]+>(decryptionKey|validationKey)="[a-zA-Z0-9]+"(connectionstring|connString)[^=]*=["'][^"']*Password\s*=\s*[^$\s;][^"']*(\x22|\x27)<add\skey="[^"]+(key(s|[0-9])?|credential(s)?|secret(s|[0-9])?|password|token|KeyPrimary|KeySecondary|KeyOrSas|KeyEncrypted)"\s*value\s*="[^"]+"[^>]*/><add\skey="[^"]+"\s*value="[^"]*EncryptedSecret:[^"]+"\s*/>value\s?=\s?"((([A-Za-z0-9+/]){4}){1,200})=="\n[^\r\n]{0,400}(>|'|=|")[a-zA-Z0-9/+]{86}==\n[^\r\n]{0,400}(>|'|=|")[a-zA-Z0-9/+]{43}=[^{@]\n[^\r\n]{0,400}(>|'|=|")[a-zA-Z0-9%]{43,53}%3d[^a-zA-Z0-9%]\n.*(User ID|uid|UserId).*(Password|[^a-z]pwd)=[^'$%>@'";\[\{][^;/"]{7,128}(;|")<Credential\sname="[^"]*(key(s|[0-9])?|credential(s)?|secret(s|[0-9])?|password|token|KeyPrimary|KeySecondary|KeyOrSas|KeyEncrypted)"(\s*value\s*="[^"]+".*?/>|[^>]*>.*?</Credential>)<setting\sname="[^"]*Password".*[\r\n]*\s*<value>.+</value>(?s)<SSIS:Parameter\n?\s*SSIS:Name="password">.*?<SSIS:Property\n?\s*SSIS:Name="Value">[^><#$\[\{\(]+</SSIS:Property><SSIS:Property\n?\s*SSIS:Name="Value">.*["']password["']:["'][^"']+["']Key Patterns ContentFilterskey\s*=\s*"[^"]*AppKey[^"]*"\s+value\s*=\s*"[a-z]+"key\s*=\s*"(?<keygroup>[^"]*)"\s+value\s*=\s*"[^"]*\k<keygroup>"value\s*=\s*"(([a-z]+_[a-z]+)+"|[a-z]+( [a-z]+)+"|_+[a-z]+_+"|[a-z]+-[a-z]+-[a-z]+["-]|[a-z]+-[a-z]+"|[a-z]+\\[a-z]+"|\d+"|[^"]*ConnectionString")AccountKey\s*=\s*MII[a-zA-Z0-9/+]{43,}={0,2}Credentials?Type|ConnectionStringKey|notasecret|PartitionKey|notreal|insertkey|LookupKey|IgnoreKeys|SecretsService|SecretsTenantId|(Password|pwd|secret|credentials?)(Key|Location)|KeyManagervalue="(true|false|@\(api|ssh\-rsa 2048|invalid|to be|a shared secret|secreturi|clientsecret|Overr?idden by|someValue|SOME\-SIGNING\-KEY|TokenBroker|UNKNOWN|Client Secret of|Junk Credentials|Default\-|__BOOTSTRAPKEY_|CacheSecret|CatalogCert|CosmosCredentials|DeleteServiceCert|EmailCredentials|MetricsConnection|SangamCredentials|SubscriptionConnection|Enter_your_|My_Issuer|ScaleUnitXstoreSharedKey|private_powerapps|TestSecret|foo_|bar_|temp_|__WinfabricTestInfra|configured|SecretFor|Test|XSTORE_KEY|ServiceBusDiagnosticXstoreSharedKey|BoxApplicationKey|googleapps)(SecurityHashcode|_AppKey"|((credential|password|token)s?|(Account|access)Key=)"[\s\r\n]*/|username"\s*value="|\.dll|(Secret|Token|Key|Credential)s?(Encryption|From|(Signing)?Certificate|Options|Thumbprint|Contacts|String|UserId)|Key(1;value1|word|s?Path|Index|Id|Store|WillDoWithoutValidation|:NamePattern|Name"|Ref")|(Secret|Credential)s?(Name|Path)"|(StrongName|Chaos\s?Mon|Redis|Registry|Registery|User|Insights?|Instrumentation|Match\()Key|(Certificate|cert)(Issuer|Subject)|rollingdate|skuId|HKEY_|AddServicePrincipalCredentials|Password Resets|SecretStore|(0|x|\*){8,})Found password, symmetric key or storage credential in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3Microsoft.Art.ContentSearch.SymmetricKeyValidator, Microsoft.Art.ContentSearchRunnerSvcMdsCSCAN0100runnersvc\.|\.xml<XstoreAccountInfo[ -~"\s\S\n\r\t]+accountSharedKey\s*=\s*"[^"]{30}[ -~"\s\S\n\r\t]+/><ServiceBusAccountInfo[ -~"\s\S\n\r\t]+connectionString\s*=\s*"[^"]{30}[ -~"\s\S\n\r\t]+/>Found storage credential in config file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3ScriptPasswordCSCAN0110(\.cmd|\.ps|\.ps1|\.psm1)$\s-Password\s+("[^"\r\n]*"|'[^'\r\n]*')\s-Password\s+[^$\(\)\[\{<\-\r\n]+\s*(\r\n|\-)Found potential password in script file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3ExternalApiSecretCSCAN0120\.cs$|\.cpp$|\.c$private\sconst\sstring\sAccessTokenSecret\s=\s".*";private\sconst\sstring\saccessToken\s=\s".*";private\sconst\sstring\sconsumerSecret\s=\s".*";private\sconst\sstring\sconsumerKey\s=\s".*";FacebookClient\(pageAccessToken\);pageAccessToken\s=\s".*";private\sstring\stwilioAccountSid\s=\s".*";private\sstring\stwilioAuthToken\s=\s".*";Found potential external API secret in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3MonitoringAgentCSCAN0130AgentConfig\.xml$Account moniker\s?=.*key\s?=.*Auto Key Patterns ContentFiltersautoKey%sFound storage credential in MonitoringAgent config file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3DefaultPasswordCSCAN0140\.(cs|xml|config|json|ts|cfg|txt|ps1|bat|cscfg|rdg|linq|publishsettings|cmd|psm1|aspx|asmx|vbs|added_cluster|clean|pubxml|ccf|ini|svd|sql|c|xslt|csv|FF|ExtendedTests|settings|cshtml|template|trd|argfile|scala)$|(config|certificate|publish|UT)\.js$|(commands|user|tests)\.cpp$T!T@n1130|P0rsche911|coMmac\!12|pass@word1|rdPa\$\$w0rd|iis6\!dfu|p@ssword1|Pa\$\$word1|\!\!123ab|admin123|P@ssw0rd1|user@123|abc@123|Password@123|rdP@\$\$w0rd|homerrocks|Pa\$\$w0rd1?|\!Password1|Pa55word1|P@\$\$w0rd1|Passw0rd1|J\$p1ter|rdPassW0rd|Y29NbWFjITEy|Pass4Sales|rdPa\$\$word|\!P@ssW0rd1|WS2012R2R0cks\!|DSFS0319Test|March2010M2\!|Password~1|UL0brlXlp_r8vG6iiRvCcsFDfu6bJ6KK|7\-Tdh3Klrec4dJbOyONDOkCQ84BWN1JN|\$mCertPwd|Pa\$\$word!|2012\$erver!|2008\$erver!|#Bugsfor\$|ITG2Install!|rdPa$$w0rd|T!T@n113000|T!T@n1130T!T@n1130|TitanPwd%|ChocoCheese!|n1130@T!T|Micr0s0ft|test1test!|123@tieorg|IWantYouToTripLikeIDo!\?|homerocks|Elvis1|S_MSLocal~!@#Found known password in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3AzureSecretCSCAN0150\.(xml|pubxml|definitions|ps1|wadcfgx|cmd|ccf)$userpwd="[a-z0-9]{60}"\n[^\r\n]{0,400}(>|'|=|")[a-zA-Z0-9/+]{43}=[^{@]\n[^\r\n]{0,400}(>|'|=|"|#)[a-zA-Z0-9/+]{86}==\n[^\r\n]{0,400}(>|'|=|")[a-zA-Z0-9%]{43,53}%3d[^a-zA-Z0-9%]\n.*(User ID|uid|UserId).*(Password|[^a-z]pwd)=[^'$%>@";\[\{][^;/"]{7,128}(;|")Key Patterns ContentFiltersAccountKey\s*=\s*MII[a-zA-Z0-9/+]{43,}={0,2}Found symmetric key or storage credential in source file.Validate file contains secrets, remove, roll credential, use an approved secret store.3Microsoft.Art.ContentSearch.SymmetricKeyValidator, Microsoft.Art.ContentSearchDomainPasswordCSCAN0160\.cs$|\.c$|\.cpp$|\.ps1$|\.ps$|\.cmd$|\.bat$|\.log$|\.psd$|\.psm1$NetworkCredential\(.*,.*,(corp|europe|middleeast|northamerica|southpacific|southamerica|fareast|africa|redmond|exchange|extranet|partners|extranettest|parttest|noe|ntdev|ntwksta|sys\-wingroup|windeploy|wingroup|winse|segroup|xcorp|xrep|phx|gme|usme|cdocidm|mslpa)\\.*net\suse.*\/u\:(corp|europe|middleeast|northamerica|southpacific|southamerica|fareast|africa|redmond|exchange|extranet|partners|extranettest|parttest|noe|ntdev|ntwksta|sys\-wingroup|windeploy|wingroup|winse|segroup|xcorp|xrep|phx|gme|usme|cdocidm|mslpa)\\.*schtasks.*/ru\s(corp|europe|middleeast|northamerica|southpacific|southamerica|fareast|africa|redmond|exchange|extranet|partners|extranettest|parttest|noe|ntdev|ntwksta|sys\-wingroup|windeploy|wingroup|winse|segroup|xcorp|xrep|phx|gme|usme|cdocidm|mslpa).*/rp.*new-object\s*System.Net.NetworkCredential\(.*?,\s*"[^"]+"Placeholder ContentFilters%1%\$MIGUSER_PASSWORD%miguser_pwd%Found domain credential in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3EncryptedPasswordCSCAN0200\.ini$ENC_UserName=[\w]+[\r\n]+ENC_Password=[\w]+Found DevDiv TFVC repo secrets.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 2Microsoft.Art.ContentSearch.EncodedUserNameExtractor, Microsoft.Art.ContentSearchGitCredentialCSCAN0210\.gitCredentials$https?://.+:.+@\[^/].comFound Git repo credentials.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 2DefaultPasswordContextsCSCAN0220\.(cs|xml|config|json|ts|cfg|txt|ps1|bat|cscfg|publishsettings|cmd|psm1|aspx|asmx|vbs|added_cluster|clean|pubxml|ccf|ini|svd|sql|c|xslt|csv|FF|ExtendedTests|settings|cshtml|template|trd|argfile|scala|rdg|linq|hql|go|rs|pl|java|php|py|vb)$|(config|certificate|publish|UT)\.js$|(commands|user|tests)\.cpp$ConvertTo-SecureString(\s*-String)?\s*"(?<scoringvalue>[^"\r\n]+)"new\sX509Certificate2\([^()]*,\s*"(?<scoringvalue>[^"\r\n]+)"[^)]*\)<password>(<value>)?(?<scoringvalue>.+)(</value>)?</password>ClearTextPassword(")?\s*[:=]\s*"(?<scoringvalue>[^"\r\n]+)"certutil(.exe)?\s+(\-[a-z]+\s+)*\-p\s+(?<quote>["'])(?<scoringvalue>[^"'%]+)\k<quote>certutil(.exe)?\s+(\-[a-z]+\s+)*\-p\s+(?<scoringvalue>[^"']\S*)\spassword\s*=\s*N?(?<quote>["'])(?<scoringvalue>[^"'\r\n]{4,})\k<quote>DefaultPasswordContexts Content Filter<value></value>Found known password context with password in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3Microsoft.Art.ContentSearch.PasswordContextValidator, Microsoft.Art.ContentSearchSlackTokenCSCAN0230\.(ps1|psm1|js|json|coffee|xml|js|md|html|py|php|java|ipynb|rb|scala)$|hubotxoxp-[a-zA-Z0-9]+-[a-zA-Z0-9]+-[a-zA-Z0-9]+-[a-zA-Z0-9]+xoxb-[a-zA-Z0-9]+-[a-zA-Z0-9]+Found slack token in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3VstsPersonalAccessTokenCSCAN0240\.(cs|ps1|bat|config|xml|json|md)$AccessToken.*?['="](?-i)[a-z2-7]{52}('|"|\s|[\r\n]+)[>|'|=|"][a-zA-Z0-9/+]{70}==password\s+(?-i)[a-z2-7]{52}(\s|[\r\n]+)Found Vsts personal access token in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3Microsoft.Art.ContentSearch.Base64EncodedVstsAccessTokenValidator, Microsoft.Art.ContentSearchOAuthTokenCSCAN0250\.(config|js|json|txt|cs|xml|java|py|scala|linq|md)$eyj[a-z0-9\-_%]+\.eyj[a-z0-9\-_%]+\.[a-z0-9\-_%]+refresh_token["']?\s*[:=]\s*["']?([a-z0-9_]+-)+[a-z0-9_]+["']?Key Patterns ContentFilters[:=]\s*["']?(base64-encoded|([a-z]+-)+[a-z]+)["']?Found JsonWebToken/RefreshToken in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3Microsoft.Art.ContentSearch.JsonWebTokenValidator, Microsoft.Art.ContentSearchAnsibleVaultCSCAN0260\.yml$\$ANSIBLE_VAULT;[0-9]\.[0-9];AES256[\r\n]+[0-9]+Found ansible vault in source file.Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan 3CSCAN-SKYPE0001BannedNativeAPI\.(cpp|h)$(?i).*\\(\.git|test[^\\]*|[^\\]*tests?)\\.*(?i).*((mock|test)[^\\]*|tests?)\.cpp(?i).*\\sdk\\inc\\.*\.h(?i).*\\\d+\\s\\SCC\\(client-shared_framework_roottools|client-shared_framework_slimcore|media_stack_all)\\.*(?i).*\\\d+\\s\\TPS\\.*(?-isn)(^|.*[\t ])(CopyMemory|IsBadCodePtr|IsBadHugeReadPtr|IsBadHugeWritePtr|IsBadReadPtr|IsBadStringPtr|IsBadWritePtr|RtlCopyMemory|StrCat|StrCatA|StrCatBuff|StrCatBuffA|StrCatBuffW|StrCatChainW|StrCatN|StrCatNA|StrCatNW|StrCatW|StrCpy|StrCpyA|StrCpyN|StrCpyNA|StrCpyNW|StrCpyW|StrNCat|StrNCatA|StrNCatW|StrNCpy|StrNCpyA|StrNCpyW|_fstrncat|_fstrncpy|_ftcscat|_ftcscpy|_getts|_gettws|_getws|_mbccat|_mbccpy|_mbscat|_mbscpy|_mbsnbcat|_mbsnbcpy|_mbsncat|_mbsncpy|_stprintf|_tccat|_tccpy|_tcscat|_tcscpy|_tcsncat|_tcsncpy|_vstprintf|gets|lstrcat|lstrcatA|lstrcatW|lstrcatn|lstrcatnA|lstrcatnW|lstrcpy|lstrcpyA|lstrcpyW|lstrcpyn|lstrcpynA|lstrcpynW|lstrncat|memcpy|sprintf|sprintfA|sprintfW|strcat|strcatA|strcatW|strcpy|strcpyA|strcpyW|strcpynA|strncat|strncpy|swprintf|vsprintf|vswprintf|wcscat|wcscpy|wcsncat|wcsncpy|wmemcpy|wsprintf|wsprintfA|wsprintfW|wvsprintf|wvsprintfA|wvsprintfW)\(\s*[^)].*\).*//\s*SEC:REVIEWED^\s*//Found Security Development Lifecycle (SDL) banned function in native C/C++ code.Replace banned function with a more secure version. For additional information on remediation see https://msdn.microsoft.com/en-us/library/bb288454.aspx1g85rLl0qU0V5FlaDUyY7NI1u5wY=XFplFsd7jhEbbd201UwoDaUs1Jrj788B3Kt4BVJWo0wOECcBg1O6M88ACUax41ITObTaf3h4kZYVsBZ5/8ruqTeDw46BYG6uI2Nd2AOPwJZpW65HUbz1A5rVteCu5ynLyfI/gpO8VoAoA5xH8WhzYpAJzk+JEC2znyBYPVc9MkXdX1s4vbGrEOgdVZfO6ZzkS4j8MMZOKa+nOCifjypod/o6y2XYko4VHQ3Fmh8rHpXD8xLc/RvusVdyav46j73LQkjQ9Pxaktzl0O/KkDsoi0RP2qNLDhDNFr40wjBwfaOcZ5fDRf6C818hsYkQ9F4cZUoKk+ZCoI6aVlQekkx4Ew==svp3YfIuM6ymh8HVef3OjGmqa699QLrnyKcUkvGAPSCKZfLTCEhSzoddvlYAMtWNIcJpa9Di10CeAmHOBOQxhCetJQ6bWQtAnYqO4oVoAE+D/uXBZ11YYWp0Y17GfmjfPXNCNNTI4OsewSatc3Lni5EQql8rT2w9+dyytEWv1N2CXZWEpvLHvfivH+/BgaseVHWzT+pqz1Jzd+RjtoUAFKQLO3pMkl+HYS1K7u2pk4+V3FaX+tO7OvWLIC/SvdzeS0jMKfg+Yfam/lM7iOT2NKt6S5waJaVfYUWQqsERRdsJhGgspd5zsM1gL79bA3SnuGj+/ohBy4N8OjTeYC8fVw==AQABMIIFZjCCBE6gAwIBAgITVwA878IoAK/Bpdmn3gAAADzvwjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwpNU0lUIENBIFoxMB4XDTE3MTAxNjIyNTEzNloXDTE4MTAxNjIyNTEzNlowgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBDb3Jwb3JhdGlvbiAoSW50ZXJuYWwgVXNlIE9ubHkpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvp3YfIuM6ymh8HVef3OjGmqa699QLrnyKcUkvGAPSCKZfLTCEhSzoddvlYAMtWNIcJpa9Di10CeAmHOBOQxhCetJQ6bWQtAnYqO4oVoAE+D/uXBZ11YYWp0Y17GfmjfPXNCNNTI4OsewSatc3Lni5EQql8rT2w9+dyytEWv1N2CXZWEpvLHvfivH+/BgaseVHWzT+pqz1Jzd+RjtoUAFKQLO3pMkl+HYS1K7u2pk4+V3FaX+tO7OvWLIC/SvdzeS0jMKfg+Yfam/lM7iOT2NKt6S5waJaVfYUWQqsERRdsJhGgspd5zsM1gL79bA3SnuGj+/ohBy4N8OjTeYC8fVwIDAQABo4ICOTCCAjUwCwYDVR0PBAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBRvYLTtf4mqDUG+qWU/65dn0TFOHzA0BgNVHREELTArpCkwJzENMAsGA1UECxMETU9QUjEWMBQGA1UEBRMNMjMwODU2KzI0Mjc0NzAfBgNVHSMEGDAWgBSQ7g3bRHXdP9q98SQAV63XuSdTozCBtQYDVR0fBIGtMIGqMIGnoIGkoIGhhiVodHRwOi8vY29ycHBraS9jcmwvTVNJVCUyMENBJTIwWjEuY3JshjxodHRwOi8vbXNjcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NU0lUJTIwQ0ElMjBaMS5jcmyGOmh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NU0lUJTIwQ0ElMjBaMS5jcmwwgYUGCCsGAQUFBwEBBHkwdzAxBggrBgEFBQcwAoYlaHR0cDovL2NvcnBwa2kvYWlhL01TSVQlMjBDQSUyMFoxLmNydDBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvTVNJVCUyMENBJTIwWjEuY3J0MD4GCSsGAQQBgjcVBwQxMC8GJysGAQQBgjcVCIfahnWD7tkBgsmFG4G1nmGF9OtggV2Bm8cnhoyZRwIBZAIBCTAbBgkrBgEEAYI3FQoEDjAMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBCwUAA4IBAQAde7bN5aCfIQXiuYd89vVk7h1Fx2fkIN7OFHPsHXJRewtmm+cKbckMnTKfnMSbhMuqNGm70oBoXElZ+6CMuELLza9C7pT9VuNpj1vJinKFmwcVF0NBvvN4NEV8FIqv/zBb9wRRHm0m8xsD/LN4opjIja+TbcRXW4v5tRQUSEmgyTsFscb+21E1euSkCTVQ17zI/nSGD1DHctRq62gfIjZzQgtEGf4U2z0tOxsfLd5H4ZNNLpXjh/ji+Z4XakqIsJajEXnOe6csOyiuifcQkYvN5peb3GIEY7DtJ0IQawT+UM/vxlwSMPnV8sp/M99BJQ/ELyhPrnJ5GFBA7sSaturNMIIF2zCCA8OgAwIBAgITZQAAADAJ6jM94oRM2gAAAAAAMDANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFNaWNyb3NvZnQgSW50ZXJuYWwgQ29ycG9yYXRlIFJvb3QwHhcNMTYwNzI3MjEzMDA1WhcNMjAwNzI3MjE0MDA1WjAVMRMwEQYDVQQDEwpNU0lUIENBIFoxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oW3Az2lYwe328yHmYX7SBW41ine3D2sau5FW3pN9Hk2ZzkhPt7amvvGXNXuHC6YMAI+rqsdwqQRvXlIY/sfQRUB8rPsJYQrnpfYwAznYBcNncwv5XJM+t+YK/yi3qToAosi/fyEqoQAfCfnbZJBmonGRNHthY7H2chduwOv8YTuhxyFmK/kYdFKFkFeOimChb/xUxvq7nEAmpCrqe7TRBwu+SkGuom23gaI3pGgXviKAxcNfjIWKY3gt5XEkT7wjd7aAFZx+kxhfJs30/F0ghTLZJB1t4uM0EU5OvDvb9eVtmjM8+IVITdJITzz0IfXKViOd8BlE0OLvYXYKNkMWQIDAQABo4ICCzCCAgcwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFJDuDdtEdd0/2r3xJABXrde5J1OjMFEGA1UdJQRKMEgGCCsGAQUFBwMDBggrBgEFBQcDDgYIKwYBBQUHAwEGBysGAQUCAwUGCisGAQQBgjcUAgIGCSsGAQQBgjcVBQYIKwYBBQUHAwIwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU2+wKZKjOwA7piFQO6cjexHhLemEwgaYGA1UdHwSBnjCBmzCBmKCBlaCBkoYgaHR0cDovL2NvcnBwa2kvY3JsL21zaW50Y3JjYS5jcmyGN2h0dHA6Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL21zaW50Y3JjYS5jcmyGNWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9tc2ludGNyY2EuY3JsMHsGCCsGAQUFBwEBBG8wbTAsBggrBgEFBQcwAoYgaHR0cDovL2NvcnBwa2kvYWlhL21zaW50Y3JjYS5jcnQwPQYIKwYBBQUHMAKGMWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL21zaW50Y3JjYS5jcnQwDQYJKoZIhvcNAQELBQADggIBACtTAtYNmsaU10ajQgHmjrSUuOLo76Tl0oRolACVKuFnxwMhDbhXCtgDL+q61WJQeaxpb9dlovISCRguz24R3t/Px5MBfMIkyhqQ/d543ZdFViCqpCJqYZGm3f4DJzI9JThRgoB6iNHKM5xQyHgjPDWp5gOgJdnuDVMZG34IeUavPgH4ak3l+HGYzI7FQ0K6UJDGBa+dN+egCTVkKlLego2u6i0+1gGHctx3GWGVp5F5mo3oJHEvBpiRBtfCg6uy/wi0I/1nCtf2T8xtHi/EyocgITrWM1P0m3rqy8eMOE08QuTJo4JDb3VBIYo7jRjNaYfGMwaAPNV/HxITIEDcnAy74vtvd7hETd9ddQ8AxGyS0IL9r2OyJhGP0wLxUCbeoRwR7FTLbpprvyczh6x3HhY2o/xbPR+0ErvSrsR33qeCq+M54AwnTIrhKMS763FwCHcYSJKHybSU3/5XE7ux/gUFT+AXNQE9XwA6kS0X+vsGuSpwIGOyfVWg3lRUmd+jsdWrZhq0jE1LCWtWZsErhtSjVuhwsKHLP5S7mkX+J4hbswOoju6Enq2zIwgb6Qi7iHf869cGLcj0eSlJFfIL1hkMfQOynVrf8LYi6zWwpQX87vA+LbxBrt5wU/7WDbbeCQC18gwDWNFcfCNnKtyhpGP+60voufSNY0zjMw25qqf+MIIFsDCCA5igAwIBAgIQCx8BEem5Cp1K2NZtNZ9wADANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFNaWNyb3NvZnQgSW50ZXJuYWwgQ29ycG9yYXRlIFJvb3QwHhcNMTIwNDA1MjE1NDU0WhcNMzcwNDA1MjIwMTA1WjAsMSowKAYDVQQDEyFNaWNyb3NvZnQgSW50ZXJuYWwgQ29ycG9yYXRlIFJvb3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCV2ldlrpoImQLgnSMRmPCan4PHEw+Gxd2JecDmnas8ZF1VMj5M7qhKnahwIJCoasPjnYORprpbkUZrAMM+yp3aQ+Ob7qn2d1EVxRduozSnQ1siu5DStXGIPv1z19h2wJ2T6uZEde59Vy3tyBfekYkaq9+d4Zh+ie+j6mvaufPG0Job7FZsG9B2KfjggLXiT5OnOqGgB/ODk+OtWJQyUCXyCUHgUwg8d+ZhHTZqfKZL5E6riz7ftgo707/EiySCJe8L4uXJSOqfCBgrzQyOik0Uh811DFmGPF0pT42RWUZGLSmAGxuMpSRZcCkvuhfeSczeR/hwCQiiLcoM1c6apoFtipq7B0NhpL29SE9KyGFQ0BwlH+HIU+/ccOZotaO70nte5CuIDCxS3aM8MnhWhCKGdG3UUbw5nQIQOrV7mid31TAmex8pomuqpVfGfnlNJ23orvyWMhbOKC6Gxf+vIiYHf75ZPsW/0+eKGRRh3u/ZwSIzG+CKXxeFO4BngLbkmmVgJDQMHk9KaOfT/Z3gX3G/hpNoOVCds8/eWSFn4XVje8Db+8r0LWPycxAQyT54d9sXBtWkSKLlfKfnntghz04TTmhz6xSt7H1S/Wi2FwmgCX9l3HxU9xAIF5gORk/tQjLgpFx+dj7d5NC+aQA44s1K2YoMOQl1Yd42X6wPsdHk0wIDAQABo4HNMIHKMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTb7ApkqM7ADumIVA7pyN7EeEt6YTAQBgkrBgEEAYI3FQEEAwIBADB5BgNVHSAEcjBwMG4GBFUdIAAwZjBkBggrBgEFBQcCAjBYHlYAaAB0AHQAcAA6AC8ALwB3AHcAdwAuAG0AaQBjAHIAbwBzAG8AZgB0AC4AYwBvAG0ALwBwAGsAaQAvAG0AcwBjAG8AcgBwAC8AYwBwAHMALgBoAHQAbTANBgkqhkiG9w0BAQsFAAOCAgEANIbFeirCqX6EPqeXqG85j5m9RVfQ/Oklc9WyduELqndZM+IveFHPLw8pVlShCx0s20xnis/EjQvDKB2X8Ht1X6FzqO1hEAnDFR5GLPA63iMMmyNim3HlihSj258MMMOqxD9pGrpcvFA0oTlF5wBcq+9G2n7q7jqcuX/zToReRKiyxSZumZrFhcAjcQNjd/4o8uTCdx8Xzy61qJ+jJlHW4GSEw8VIFhwiilUxTX7qj+T2ovgYR13S8cqfS5GxUL0onU4EO02P6+pODDb4YWKOc2/K8889QSrq4sh399a4kQjpmQbO8E/bkgyvecxCGIXmRQwONG7AS8JAAUa6FONYFh8T6+73xQvl7jTDDZ28mejldK4pcnR/DLosq6vCDvEMRQfOC60UVVRgGzBE5KrrGxtciYb+MTFhQdqbg8YWBErIo/x69pAPFv1iOSjHGyhCKXAhhyCl3XtxhScewqPP7OdhWK8KjvhCpGr9OfBB3aNceTer/hg6XAEaYs46xUBiZzJ3hYltp701PqklhauFJdMA1RnR5ZcNm9k2lCT6tUH1nAXa1/NNwzHIbcAIoLL3zM/TKxPD5HGhMl9FioZFbWgnVH0v7c0rMqeIKLqq8psMfiv4rCs40XT4L8+HHo837L4Il2Wlp21ZqcaefmYdme6j2jHNaIDICL++IJjnzbI=