From a7bf0a98adf1c49c1d7ad84cc61673b810f3aba7 Mon Sep 17 00:00:00 2001 From: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Date: Mon, 11 Dec 2023 11:26:14 +0200 Subject: [PATCH 01/50] [EWS v2] Update docker image with previous exchangelib version (#31357) --- Packs/MicrosoftExchangeOnPremise/Integrations/EWSv2/EWSv2.yml | 2 +- Packs/MicrosoftExchangeOnPremise/ReleaseNotes/2_0_11.md | 4 ++++ Packs/MicrosoftExchangeOnPremise/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/MicrosoftExchangeOnPremise/ReleaseNotes/2_0_11.md diff --git a/Packs/MicrosoftExchangeOnPremise/Integrations/EWSv2/EWSv2.yml b/Packs/MicrosoftExchangeOnPremise/Integrations/EWSv2/EWSv2.yml index 6852d45b3769..b1f669192e2b 100644 --- a/Packs/MicrosoftExchangeOnPremise/Integrations/EWSv2/EWSv2.yml +++ b/Packs/MicrosoftExchangeOnPremise/Integrations/EWSv2/EWSv2.yml @@ -1015,7 +1015,7 @@ script: name: from description: Replies to an email using EWS. name: reply-mail - dockerimage: demisto/py-ews:5.1.0.79987 + dockerimage: demisto/py-ews:5.0.3.82926 isfetch: true runonce: false script: '-' diff --git a/Packs/MicrosoftExchangeOnPremise/ReleaseNotes/2_0_11.md b/Packs/MicrosoftExchangeOnPremise/ReleaseNotes/2_0_11.md new file mode 100644 index 000000000000..09072652cdf2 --- /dev/null +++ b/Packs/MicrosoftExchangeOnPremise/ReleaseNotes/2_0_11.md @@ -0,0 +1,4 @@ +#### Integrations +##### EWS v2 +- Updated the Docker image to: *demisto/py-ews:5.0.3.82926*. +- Fixed an issue where the ***fetch-incidents*** and the ***ews-search-mailbox*** commands didn't return result for the given *folder* parameter. diff --git a/Packs/MicrosoftExchangeOnPremise/pack_metadata.json b/Packs/MicrosoftExchangeOnPremise/pack_metadata.json index 776b41afcbbd..597708ea47e8 100644 --- a/Packs/MicrosoftExchangeOnPremise/pack_metadata.json +++ b/Packs/MicrosoftExchangeOnPremise/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Exchange On-Premise", "description": "Exchange Web Services", "support": "xsoar", - "currentVersion": "2.0.10", + "currentVersion": "2.0.11", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 1f946bb3cf1c542adaec59baf23946e09a60aa5b Mon Sep 17 00:00:00 2001 From: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Date: Mon, 11 Dec 2023 14:11:04 +0200 Subject: [PATCH 02/50] Use "alert" instead of "incident" for XSIAM content (#31223) * DBotFindSimilarIncidents complete * FindSimilarIncidents complete * minor adjustments * fixed unit-tests * build wars: round 1 * update docker * added RN * fix unit-tests * CR changes * Bump pack from version Base to 1.32.53. * use get() on demistoVersion() * Bump pack from version Base to 1.32.54. * update docker * update docker * build wars: round 2 * Bump pack from version CommonScripts to 1.12.56. * Bump pack from version Base to 1.33.1. * Bump pack from version Base to 1.33.2. * update docker --------- Co-authored-by: Content Bot --- Packs/Base/ReleaseNotes/1_33_2.md | 7 ++++ .../DBotFindSimilarIncidents.py | 42 ++++++++++--------- .../DBotFindSimilarIncidents.yml | 2 +- .../DBotFindSimilarIncidents_test.py | 38 +++++++++++------ Packs/Base/pack_metadata.json | 2 +- Packs/CommonScripts/ReleaseNotes/1_12_56.md | 7 ++++ .../FindSimilarIncidentsV2.py | 17 ++++---- .../FindSimilarIncidentsV2.yml | 2 +- .../find_similar_incidents_test.py | 20 ++++++++- Packs/CommonScripts/pack_metadata.json | 2 +- 10 files changed, 95 insertions(+), 44 deletions(-) create mode 100644 Packs/Base/ReleaseNotes/1_33_2.md create mode 100644 Packs/CommonScripts/ReleaseNotes/1_12_56.md diff --git a/Packs/Base/ReleaseNotes/1_33_2.md b/Packs/Base/ReleaseNotes/1_33_2.md new file mode 100644 index 000000000000..91b3f444306c --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_33_2.md @@ -0,0 +1,7 @@ + +#### Scripts + +##### DBotFindSimilarIncidents + +- Fixed an issue where alerts were incorrectly called "incidents" in Cortex XSIAM. +- Updated the Docker image to: *demisto/ml:1.0.0.82882*. diff --git a/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents.py b/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents.py index 87753ed67c65..89024e8511b0 100644 --- a/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents.py +++ b/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents.py @@ -14,26 +14,29 @@ warnings.simplefilter("ignore") warnings.filterwarnings('ignore', category=UserWarning) +INCIDENT_ALIAS = 'incident' if (demisto.demistoVersion().get('platform') == 'xsoar') else 'alert' MESSAGE_NO_FIELDS_USED = "- No field are used to find similarity. Possible reasons: 1) No field selected " \ - " 2) Selected field are empty for this incident 3) Fields are misspelled" + f" 2) Selected field are empty for this {INCIDENT_ALIAS} 3) Fields are misspelled" -MESSAGE_NO_INCIDENT_FETCHED = "- 0 incidents fetched with these exact match for the given dates." +MESSAGE_NO_INCIDENT_FETCHED = f"- 0 {INCIDENT_ALIAS}s fetched with these exact match for the given dates." -MESSAGE_WARNING_TRUNCATED = "- Incidents fetched have been truncated to %s, please either add incident fields in " \ +MESSAGE_WARNING_TRUNCATED = f"- {INCIDENT_ALIAS.capitalize()} fetched have been truncated to "\ + "%s" \ + f", please either add {INCIDENT_ALIAS} fields in " \ "fieldExactMatch, enlarge the time period or increase the limit argument " \ "to more than %s." -MESSAGE_NO_CURRENT_INCIDENT = "- Incident %s does not exist within the given time range. " \ - "Please check incidentId value or that you are running the command within an incident." -MESSAGE_NO_FIELD = "- %s field(s) does not exist in the current incident." -MESSAGE_INCORRECT_FIELD = "- %s field(s) don't/doesn't exist within the fetched incidents." +MESSAGE_NO_CURRENT_INCIDENT = f"- {INCIDENT_ALIAS.capitalize()} %s does not exist within the given time range. " \ + f"Please check incidentId value or that you are running the command within an {INCIDENT_ALIAS}." +MESSAGE_NO_FIELD = f"- %s field(s) does not exist in the current {INCIDENT_ALIAS}." +MESSAGE_INCORRECT_FIELD = "- %s field(s) don't/doesn't exist within the fetched {INCIDENT_ALIAS}s." -SIMILARITY_COLUNM_NAME = 'similarity incident' +SIMILARITY_COLUNM_NAME = f'similarity {INCIDENT_ALIAS}' SIMILARITY_COLUNM_NAME_INDICATOR = 'similarity indicators' IDENTICAL_INDICATOR = 'Identical indicators' ORDER_SCORE_WITH_INDICATORS = [SIMILARITY_COLUNM_NAME, SIMILARITY_COLUNM_NAME_INDICATOR] ORDER_SCORE_NO_INDICATORS = [SIMILARITY_COLUNM_NAME] -COLUMN_ID = 'incident ID' +COLUMN_ID = f'{INCIDENT_ALIAS} ID' FIRST_COLUMNS_INCIDENTS_DISPLAY = [COLUMN_ID, 'created', 'name', SIMILARITY_COLUNM_NAME, SIMILARITY_COLUNM_NAME_INDICATOR, IDENTICAL_INDICATOR] @@ -728,8 +731,8 @@ def return_outputs_summary(confidence: float, number_incident_fetched: int, numb """ summary = { 'Confidence': str(confidence), - 'Number of incidents fetched with exact match ': number_incident_fetched, - 'Number of similar incidents found ': number_incidents_found, + f'Number of {INCIDENT_ALIAS}s fetched with exact match ': number_incident_fetched, + f'Number of similar {INCIDENT_ALIAS}s found ': number_incidents_found, 'Valid fields used for similarity': ', '.join(fields_used), } return_outputs(readable_output=global_msg + tableToMarkdown("Summary", summary)) @@ -792,8 +795,9 @@ def return_outputs_similar_incidents(show_actual_incident: bool, current_inciden if show_actual_incident == 'True': return_outputs( - readable_output=tableToMarkdown("Current Incident", incident_json, col_current_incident_to_display)) - readable_output = tableToMarkdown("Similar incidents", similar_incidents_json, colums_to_display) + readable_output=tableToMarkdown( + f"Current {INCIDENT_ALIAS.capitalize()}", incident_json, col_current_incident_to_display)) + readable_output = tableToMarkdown(f"Similar {INCIDENT_ALIAS.capitalize()}s", similar_incidents_json, colums_to_display) return_entry = { "Type": entryTypes["note"], "HumanReadable": readable_output, @@ -837,10 +841,10 @@ def return_outputs_similar_incidents_empty(): Return entry and context for similar incidents if no similar incidents were found :return: """ - hr = '### Similar Incident' + '\n' - hr += 'No Similar incident were found.' - return_outputs(readable_output=hr, - outputs={'DBotFindSimilarIncidents': create_context_for_incidents()}) + return_outputs( + readable_output=f'### Similar {INCIDENT_ALIAS.capitalize()}\nNo Similar {INCIDENT_ALIAS}s were found.', + outputs={'DBotFindSimilarIncidents': create_context_for_incidents()} + ) def enriched_with_indicators_similarity(full_args_indicators_script: dict, similar_incidents: pd.DataFrame): @@ -928,9 +932,9 @@ def main(): global_msg += "%s \n" % msg if incidents: - demisto.debug(f'Found {len(incidents)} incidents for {incident_id=}') + demisto.debug(f'Found {len(incidents)} {INCIDENT_ALIAS}s for {incident_id=}') else: - demisto.debug(f'No incidents found for {incident_id=}') + demisto.debug(f'No {INCIDENT_ALIAS}s found for {incident_id=}') return_outputs_summary(confidence, 0, 0, [], global_msg) return_outputs_similar_incidents_empty() return None, global_msg diff --git a/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents.yml b/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents.yml index 4bd0ae829cf8..b43e83ff08e5 100644 --- a/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents.yml +++ b/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents.yml @@ -84,7 +84,7 @@ script: '-' subtype: python3 timeout: '0' type: python -dockerimage: demisto/ml:1.0.0.78584 +dockerimage: demisto/ml:1.0.0.82882 runas: DBotWeakRole runonce: true tests: diff --git a/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents_test.py b/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents_test.py index 57a7b17751a3..d4f5c314af98 100644 --- a/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents_test.py +++ b/Packs/Base/Scripts/DBotFindSimilarIncidents/DBotFindSimilarIncidents_test.py @@ -1,14 +1,8 @@ -# from CommonServerPython import * -from DBotFindSimilarIncidents import normalize_command_line, main, demisto, keep_high_level_field, \ - preprocess_incidents_field, PREFIXES_TO_REMOVE, check_list_of_dict, REGEX_IP, match_one_regex, \ - SIMILARITY_COLUNM_NAME_INDICATOR, SIMILARITY_COLUNM_NAME, euclidian_similarity_capped, find_incorrect_fields, \ - MESSAGE_NO_INCIDENT_FETCHED, MESSAGE_INCORRECT_FIELD, MESSAGE_WARNING_TRUNCATED, COLUMN_ID, COLUMN_TIME, \ - TAG_SCRIPT_INDICATORS, Model - -import pytest +import demistomock as demisto import json import numpy as np import pandas as pd +import pytest CURRENT_INCIDENT_NOT_EMPTY = [ {'id': '123', 'commandline': 'powershell IP=1.1.1.1', 'CustomFields': {"nested_field": 'value_nested_field'}, @@ -41,7 +35,13 @@ SIMILAR_INDICATORS_EMPTY = [] +@pytest.fixture(autouse=True) +def mock_demistoVersion(mocker): + mocker.patch.object(demisto, 'demistoVersion', return_value={'platform': 'xsoar'}) + + def executeCommand(command, args): + from DBotFindSimilarIncidents import TAG_SCRIPT_INDICATORS global SIMILAR_INDICATORS, FETCHED_INCIDENT, CURRENT_INCIDENT if command == 'DBotFindSimilarIncidentsByIndicators': return [[], {'Contents': SIMILAR_INDICATORS, 'Type': 'note', 'Tags': [TAG_SCRIPT_INDICATORS]}] @@ -58,22 +58,26 @@ def check_exist_dataframe_columns(*fields, df): def test_keep_high_level_field(): + from DBotFindSimilarIncidents import keep_high_level_field incidents_field = ['xdralerts.comandline', 'commandline', 'CustomsFields.commandline'] res = ['xdralerts', 'commandline', 'CustomsFields'] assert keep_high_level_field(incidents_field) == res def test_preprocess_incidents_field(): + from DBotFindSimilarIncidents import preprocess_incidents_field, PREFIXES_TO_REMOVE assert preprocess_incidents_field('incident.commandline', PREFIXES_TO_REMOVE) == 'commandline' assert preprocess_incidents_field('commandline', PREFIXES_TO_REMOVE) == 'commandline' def test_check_list_of_dict(): + from DBotFindSimilarIncidents import check_list_of_dict assert check_list_of_dict([{'test': 'value_test'}, {'test1': 'value_test1'}]) is True assert check_list_of_dict({'test': 'value_test'}) is False def test_match_one_regex(): + from DBotFindSimilarIncidents import match_one_regex, REGEX_IP assert match_one_regex('123.123.123.123', [REGEX_IP]) is True assert match_one_regex('123.123.123', [REGEX_IP]) is False assert match_one_regex('abc', [REGEX_IP]) is False @@ -81,11 +85,13 @@ def test_match_one_regex(): def test_normalize_command_line(): + from DBotFindSimilarIncidents import normalize_command_line assert normalize_command_line('cmd -k IP=1.1.1.1 [1.1.1.1]') == 'cmd -k ip = IP IP' assert normalize_command_line('powershell "remove_quotes"') == 'powershell remove_quotes' def test_euclidian_similarity_capped(): + from DBotFindSimilarIncidents import euclidian_similarity_capped x = np.array([[1, 1, 1], [2, 2, 2]]) y = np.array([[2.1, 2.1, 2.1]]) distance = euclidian_similarity_capped(x, y) @@ -94,6 +100,7 @@ def test_euclidian_similarity_capped(): def test_main_regular(mocker): + from DBotFindSimilarIncidents import SIMILARITY_COLUNM_NAME_INDICATOR, SIMILARITY_COLUNM_NAME, main, COLUMN_ID, COLUMN_TIME global SIMILAR_INDICATORS, FETCHED_INCIDENT, CURRENT_INCIDENT FETCHED_INCIDENT = FETCHED_INCIDENT_NOT_EMPTY CURRENT_INCIDENT = CURRENT_INCIDENT_NOT_EMPTY @@ -117,7 +124,7 @@ def test_main_regular(mocker): }) mocker.patch.object(demisto, 'dt', return_value=None) mocker.patch.object(demisto, 'executeCommand', side_effect=executeCommand) - res, msg = main() + res, _ = main() assert ('empty_current_incident_field' not in res.columns) assert (res.loc['3', 'Identical indicators'] == 'ind_2') assert (res.loc['2', 'Identical indicators'] == "") @@ -133,6 +140,7 @@ def test_main_no_indicators_found(mocker): :param mocker: :return: """ + from DBotFindSimilarIncidents import SIMILARITY_COLUNM_NAME_INDICATOR, SIMILARITY_COLUNM_NAME, main, COLUMN_ID, COLUMN_TIME global SIMILAR_INDICATORS, FETCHED_INCIDENT, CURRENT_INCIDENT FETCHED_INCIDENT = FETCHED_INCIDENT_NOT_EMPTY CURRENT_INCIDENT = CURRENT_INCIDENT_NOT_EMPTY @@ -156,7 +164,7 @@ def test_main_no_indicators_found(mocker): }) mocker.patch.object(demisto, 'dt', return_value=None) mocker.patch.object(demisto, 'executeCommand', side_effect=executeCommand) - res, msg = main() + res, _ = main() assert ('empty_current_incident_field' not in res.columns) assert (res['Identical indicators'] == ["", "", ""]).all() assert check_exist_dataframe_columns(SIMILARITY_COLUNM_NAME_INDICATOR, SIMILARITY_COLUNM_NAME, COLUMN_ID, @@ -170,6 +178,7 @@ def test_main_no_fetched_incidents_found(mocker): :param mocker: :return: """ + from DBotFindSimilarIncidents import MESSAGE_NO_INCIDENT_FETCHED, main global SIMILAR_INDICATORS, FETCHED_INCIDENT, CURRENT_INCIDENT FETCHED_INCIDENT = FETCHED_INCIDENT_EMPTY CURRENT_INCIDENT = CURRENT_INCIDENT_NOT_EMPTY @@ -199,6 +208,7 @@ def test_main_no_fetched_incidents_found(mocker): def test_main_some_incorrect_fields(): + from DBotFindSimilarIncidents import find_incorrect_fields wrong_field_1 = 'wrong_field_1' wrong_field_2 = 'wrong_field_2' correct_field_1 = 'empty_fetched_incident_field' @@ -217,6 +227,7 @@ def test_main_all_incorrect_field(mocker): :param mocker: :return: """ + from DBotFindSimilarIncidents import MESSAGE_INCORRECT_FIELD, main global SIMILAR_INDICATORS, FETCHED_INCIDENT, CURRENT_INCIDENT FETCHED_INCIDENT = FETCHED_INCIDENT_NOT_EMPTY CURRENT_INCIDENT = CURRENT_INCIDENT_NOT_EMPTY @@ -255,6 +266,7 @@ def test_main_incident_truncated(mocker): :param mocker: :return: """ + from DBotFindSimilarIncidents import main, MESSAGE_WARNING_TRUNCATED global SIMILAR_INDICATORS, FETCHED_INCIDENT, CURRENT_INCIDENT FETCHED_INCIDENT = FETCHED_INCIDENT_NOT_EMPTY CURRENT_INCIDENT = CURRENT_INCIDENT_NOT_EMPTY @@ -293,6 +305,7 @@ def test_main_incident_nested(mocker): :param mocker: :return: """ + from DBotFindSimilarIncidents import main global SIMILAR_INDICATORS, FETCHED_INCIDENT, CURRENT_INCIDENT FETCHED_INCIDENT = FETCHED_INCIDENT_NOT_EMPTY CURRENT_INCIDENT = CURRENT_INCIDENT_NOT_EMPTY @@ -320,13 +333,13 @@ def test_main_incident_nested(mocker): }) mocker.patch.object(demisto, 'dt', return_value=['nested_val_1', 'nested_val_2']) mocker.patch.object(demisto, 'executeCommand', side_effect=executeCommand) - df, msg = main() + df, _ = main() assert not df.empty assert (df['similarity %s' % nested_field] == [1.0, 1.0, 1.0]).all() def test_get_get_data_from_indicators_automation(): - from DBotFindSimilarIncidents import get_data_from_indicators_automation + from DBotFindSimilarIncidents import TAG_SCRIPT_INDICATORS, get_data_from_indicators_automation res = get_data_from_indicators_automation(None, TAG_SCRIPT_INDICATORS) assert res is None @@ -364,6 +377,7 @@ def sample_data(): def test_remove_empty_or_short_fields(sample_data): + from DBotFindSimilarIncidents import Model """ Given: - sample_data: a dataframe with a column of strings diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json index e16020f733de..72f215987fba 100644 --- a/Packs/Base/pack_metadata.json +++ b/Packs/Base/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Base", "description": "The base pack for Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.33.1", + "currentVersion": "1.33.2", "author": "Cortex XSOAR", "serverMinVersion": "6.0.0", "url": "https://www.paloaltonetworks.com/cortex", diff --git a/Packs/CommonScripts/ReleaseNotes/1_12_56.md b/Packs/CommonScripts/ReleaseNotes/1_12_56.md new file mode 100644 index 000000000000..225358656130 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_12_56.md @@ -0,0 +1,7 @@ + +#### Scripts + +##### FindSimilarIncidents + +- Fixed an issue where alerts were incorrectly called "incidents" in Cortex XSIAM. +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/FindSimilarIncidentsV2.py b/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/FindSimilarIncidentsV2.py index ac5877fd27ef..20f368f49dfa 100644 --- a/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/FindSimilarIncidentsV2.py +++ b/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/FindSimilarIncidentsV2.py @@ -21,6 +21,7 @@ '2': 'Closed', '3': 'Closed' } +INCIDENT_ALIAS = 'incident' if (demisto.demistoVersion().get('platform') == 'xsoar') else 'alert' def parse_input(csv): @@ -76,7 +77,7 @@ def get_map_from_nested_dict(nested_dict, keys, raise_error=False): elif key in nested_dict: result[key] = nested_dict[key] else: - message = "Missing key\label\custom\context field for incident: %s" % key + message = f"Missing key\label\custom\context field for {INCIDENT_ALIAS}: {key}" if raise_error: return_error(message) else: @@ -154,7 +155,7 @@ def get_incidents_by_keys(similar_incident_keys, time_field, incident_time, inci min_date = incident_time - timedelta(hours=hours_back) query = build_incident_query(similar_keys_query, ignore_closed, incident_id, extra_query) - demisto.debug("Find similar incidents based on initial query: %s" % query) + demisto.debug(f"Find similar {INCIDENT_ALIAS}s based on initial query: {query}") get_incidents_argument = {'query': query, 'size': max_number_of_results, 'sort': '%s.desc' % time_field} @@ -256,7 +257,7 @@ def did_not_found_duplicates(): } demisto.results({'ContentsFormat': formats['markdown'], 'Type': entryTypes['note'], - 'Contents': 'No duplicate incidents has been found.', + 'Contents': f'No duplicate {INCIDENT_ALIAS}s has been found.', 'EntryContext': context}) sys.exit(0) @@ -333,14 +334,14 @@ def main(): response = demisto.dt(incident_similar_context, key) original_context_map[key] = response if not response and RAISE_ERROR_MISSING_VALUES: - raise ValueError("Error: Missing context key for incident: %s" % key) + raise ValueError(f"Error: Missing context key for {INCIDENT_ALIAS}: {key}") - log_message = 'Incident fields with exact match: %s' % exact_match_incident_fields + log_message = f'{INCIDENT_ALIAS.capitalize()} fields with exact match: %s' % exact_match_incident_fields if len(exact_match_incident_fields) > 1: log_message += ', applied with %s condition' % INCIDENT_FIELDS_APPLIED_CONDITION demisto.debug(log_message) if len(similar_incident_fields) > 0: - demisto.debug('Similar incident fields (not exact match): %s' % similar_incident_fields) + demisto.debug(f'Similar {INCIDENT_ALIAS} fields (not exact match): {similar_incident_fields}') if len(incident_similar_labels) > 0: demisto.debug('Similar labels: %s' % incident_similar_labels) if len(incident_similar_context) > 0: @@ -348,7 +349,7 @@ def main(): if len(exact_match_incident_fields) == 0 and len(similar_incident_fields) == 0 and len( incident_similar_labels) == 0 and len(original_context_map) == 0: - return_error("Does not have any field to compare in the current incident") + return_error(f"Does not have any field to compare in the current {INCIDENT_ALIAS}") duplicate_incidents = get_incidents_by_keys(exact_match_incident_fields, TIME_FIELD, incident[TIME_FIELD], incident['id'], @@ -408,7 +409,7 @@ def main(): duplicate_incidents_rows = duplicate_incidents_rows[:MAX_CANDIDATES_IN_LIST] hr_result = [dict((camel_case_to_space(k), v) for k, v in list(row.items())) for row in duplicate_incidents_rows] - markdown_result = tableToMarkdown("Duplicate incidents", + markdown_result = tableToMarkdown(f"Duplicate {INCIDENT_ALIAS}s", hr_result, headers=['Id', 'Name', 'Closed time', 'Time']) return {'ContentsFormat': formats['markdown'], diff --git a/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/FindSimilarIncidentsV2.yml b/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/FindSimilarIncidentsV2.yml index 1512babcf7fa..c9210df3e678 100644 --- a/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/FindSimilarIncidentsV2.yml +++ b/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/FindSimilarIncidentsV2.yml @@ -85,7 +85,7 @@ tags: - incidents timeout: 300ns type: python -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - Dedup - Generic v3 fromversion: 5.0.0 diff --git a/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/find_similar_incidents_test.py b/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/find_similar_incidents_test.py index e1b86a9c724b..81499f587688 100644 --- a/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/find_similar_incidents_test.py +++ b/Packs/CommonScripts/Scripts/FindSimilarIncidentsV2/find_similar_incidents_test.py @@ -1,7 +1,7 @@ import pytest from CommonServerPython import * -from FindSimilarIncidentsV2 import main +import demistomock as demisto default_args = { 'hoursBack': 5, @@ -154,6 +154,11 @@ ] +@pytest.fixture(autouse=True) +def mock_demistoVersion(mocker): + mocker.patch.object(demisto, 'demistoVersion', return_value={'platform': 'xsoar'}) + + def execute_command(command, args=None): if command == 'getIncidents': entry = {} @@ -209,6 +214,7 @@ def test_build_similar_keys_list(): def test_similar_incidents_fields(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarLabelsKeys': 'subject'}) @@ -223,6 +229,7 @@ def test_similar_incidents_fields(mocker): def test_similar_incidents_fields_with_diff(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarLabelsKeys': 'subject:1'}) @@ -239,6 +246,7 @@ def test_similar_incidents_fields_with_diff(mocker): def test_similar_incidents_missing_fields(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name,emailbody', 'similarLabelsKeys': 'emailbody'}) @@ -253,6 +261,7 @@ def test_similar_incidents_missing_fields(mocker): def test_similar_incidents_list_field(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'attachment.name:1'}) @@ -268,6 +277,7 @@ def test_similar_incidents_list_field(mocker): def test_similar_incidents_no_results(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarLabelsKeys': 'unique'}) @@ -281,6 +291,7 @@ def test_similar_incidents_no_results(mocker): def test_similar_incidents_order(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarLabelsKeys': 'subject'}) @@ -296,6 +307,7 @@ def test_similar_incidents_order(mocker): def test_similar_context_simple_value(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarContextKeys': 'simpleValue'}) @@ -310,6 +322,7 @@ def test_similar_context_simple_value(mocker): def test_similar_context_list_value(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarContextKeys': 'listValue.name'}) @@ -330,6 +343,7 @@ def test_similar_context_list_value(mocker): def test_similar_context_dict_list_value(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarContextKeys': 'dictListValue'}) @@ -351,6 +365,7 @@ def test_similar_context_dict_list_value(mocker): def test_similar_context_dict_list_value2(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarContextKeys': 'dictListValue2'}) @@ -377,6 +392,7 @@ def test_similar_context_dict_list_value2(mocker): def test_similar_context_multiple_dicts_value(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarContextKeys': 'multipleDictsValue'}) @@ -408,6 +424,7 @@ def test_similar_context_multiple_dicts_value(mocker): def test_similar_context_simple_list_value(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'similarIncidentFields': 'name', 'similarContextKeys': 'simpleListValue'}) @@ -424,6 +441,7 @@ def test_similar_context_simple_list_value(mocker): def test_similar_context_missing_key(mocker): + from FindSimilarIncidentsV2 import main args = dict(default_args) args.update({'skipMissingValues': 'no', 'similarContextKeys': 'missingKey'}) diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index 7f39bd82e832..7091c54ffc49 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.12.55", + "currentVersion": "1.12.56", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 4a6bf068581c9b7f838438d7364a2fb8fd7ca0f5 Mon Sep 17 00:00:00 2001 From: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Date: Mon, 11 Dec 2023 14:25:05 +0200 Subject: [PATCH 03/50] [ExtractEmailTransformer] Convert to JS (#31159) * [transformers] Enhance to be more durable * Add RN * Add RN; run format * Bump pack from version CommonScripts to 1.12.43. * IsEmailAddressInternal set isArray to true * Add TPB for SetAndHandleEmpty * Add TPB for IsEmailAddressInternal * Bump pack from version CommonScripts to 1.12.44. * Add TPB for ExtractEmailTransformer * Update the TPB for SetIfEmpty * Update the TPB for SetIfEmpty * Compatibility with XSOAR 6.9.0 * Update Packs/FiltersAndTransformers/Scripts/WhereFieldEquals/WhereFieldEquals.js * Delete pytest files * Bump pack from version CommonScripts to 1.12.46. * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Bump pack from version CommonScripts to 1.12.50. * First commit * Added RN * empty * Test to update emailRegex * Test to update emailRegex 1 * fix version * fix RN * Bump pack from version Base to 1.32.52. * Fix the regex * Add two versions: py and JS * Bump pack from version Base to 1.32.53. * Split by versions * Split by versions * Add ignore from BA109 * Fix the regex * Bump pack from version Base to 1.32.54. * Revert * Revert * Change the files name * Update the TPB * Fix the unit test * Update the README file * Add ignore; Update the docker image; Add RN * Update the docker image * Fix the conf.json * Add "pragma: no cover" to main * Update the TPB --------- Co-authored-by: Content Bot --- Packs/FiltersAndTransformers/.pack-ignore | 2 + Packs/FiltersAndTransformers/.secrets-ignore | 3 +- .../ReleaseNotes/1_2_44.md | 7 + .../ExtractEmailTransformer.js | 21 + .../ExtractEmailTransformer.yml | 9 +- .../Scripts/ExtractEmailTransformer/README.md | 4 +- .../ExtractEmailTransformer_6_10.py} | 2 +- .../ExtractEmailTransformer_6_10.yml | 21 + .../ExtractEmailTransformer_6_10_test.py} | 2 +- .../ExtractEmailTransformer_6_10/README.md | 22 + .../ExtractEmailTransformer_Test.yml | 775 ++++++++++++++++++ .../FiltersAndTransformers/pack_metadata.json | 2 +- Tests/conf.json | 4 + 13 files changed, 862 insertions(+), 12 deletions(-) create mode 100644 Packs/FiltersAndTransformers/ReleaseNotes/1_2_44.md create mode 100644 Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.js rename Packs/FiltersAndTransformers/Scripts/{ExtractEmailTransformer/ExtractEmailTransformer.py => ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10.py} (93%) create mode 100644 Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10.yml rename Packs/FiltersAndTransformers/Scripts/{ExtractEmailTransformer/ExtractEmailTransformer_test.py => ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10_test.py} (96%) create mode 100644 Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/README.md create mode 100644 Packs/FiltersAndTransformers/TestPlaybooks/ExtractEmailTransformer_Test.yml diff --git a/Packs/FiltersAndTransformers/.pack-ignore b/Packs/FiltersAndTransformers/.pack-ignore index a4e818387ac0..102c9525de56 100644 --- a/Packs/FiltersAndTransformers/.pack-ignore +++ b/Packs/FiltersAndTransformers/.pack-ignore @@ -18,3 +18,5 @@ ignore=BA124 [file:RegexGroups.yml] ignore=BA124 +[file:ExtractEmailTransformer_6_10.yml] +ignore=BA108,BA109 diff --git a/Packs/FiltersAndTransformers/.secrets-ignore b/Packs/FiltersAndTransformers/.secrets-ignore index 377ab02e9226..29358d0b6fc4 100644 --- a/Packs/FiltersAndTransformers/.secrets-ignore +++ b/Packs/FiltersAndTransformers/.secrets-ignore @@ -5,4 +5,5 @@ https://www. 192.168.1.10 2001:0db8:85a3:0000:0000:8a2e:0370:7334 11.1.1.1 -fe80::a00:27ff:fe4e:66a1 \ No newline at end of file +fe80::a00:27ff:fe4e:66a1 +double.tld@test.co.jp \ No newline at end of file diff --git a/Packs/FiltersAndTransformers/ReleaseNotes/1_2_44.md b/Packs/FiltersAndTransformers/ReleaseNotes/1_2_44.md new file mode 100644 index 000000000000..edb33d1fc27e --- /dev/null +++ b/Packs/FiltersAndTransformers/ReleaseNotes/1_2_44.md @@ -0,0 +1,7 @@ + +#### Scripts + +##### ExtractEmailTransformer + +- Improved implementation for better performance. +- Updated to catch emails with unicode as well (Available from Cortex XSOAR 6.11.0). diff --git a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.js b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.js new file mode 100644 index 000000000000..196dd1396b46 --- /dev/null +++ b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.js @@ -0,0 +1,21 @@ +function extract(values) { + // Extracts email addresses from a list of values. + // values: Array of strings. + + const listResults = []; + + for (const val of values) { + listResults.push(...((val || '').toLowerCase().match(emailRegex) || [])); + } + + return listResults; +} + +try { + const values = argToList(args.value); + const results = extract(values); + return results; +} catch (error) { + throw 'Error occurred while running the script:\n' + error; +} + diff --git a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.yml b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.yml index 084cac8a1b30..8be67d135f71 100644 --- a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.yml +++ b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.yml @@ -9,13 +9,10 @@ args: required: true description: the input value. isArray: true - tags: - transformer timeout: '0' -type: python -subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 -fromversion: 6.1.0 +type: javascript +fromversion: 6.11.0 tests: -- No tests (auto formatted) +- ExtractEmailTransformer_Test diff --git a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/README.md b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/README.md index 684873704718..9657c8bdb21d 100644 --- a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/README.md +++ b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/README.md @@ -7,9 +7,9 @@ Script Data | **Name** | **Description** | | --- | --- | -| Script Type | python3 | +| Script Type | javascript | | Tags | transformer | -| Cortex XSOAR Version | 6.1.0 | +| Cortex XSOAR Version | 6.11.0 | Inputs --- diff --git a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.py b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10.py similarity index 93% rename from Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.py rename to Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10.py index 82473b710f74..ecb508f87ccc 100644 --- a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer.py +++ b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10.py @@ -2,7 +2,7 @@ from CommonServerPython import * -def main(): +def main(): # pragma: no cover try: return_results(extract(argToList(demisto.args().get('value')))) except Exception as error: diff --git a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10.yml b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10.yml new file mode 100644 index 000000000000..a6f3ebd18e11 --- /dev/null +++ b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10.yml @@ -0,0 +1,21 @@ +comment: Extracts email addresses from the given value. +commonfields: + id: ExtractEmailTransformer + version: -1 +name: ExtractEmailTransformer +script: '-' +args: +- name: value + required: true + description: the input value. + isArray: true +tags: +- transformer +timeout: '0' +type: python +subtype: python3 +dockerimage: demisto/python3:3.10.13.82980 +fromversion: 6.1.0 +toversion: 6.10.9 +tests: +- ExtractEmailTransformer_Test diff --git a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer_test.py b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10_test.py similarity index 96% rename from Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer_test.py rename to Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10_test.py index 752a5991aaa8..30ed3ce17d25 100644 --- a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer/ExtractEmailTransformer_test.py +++ b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/ExtractEmailTransformer_6_10_test.py @@ -1,4 +1,4 @@ -from ExtractEmailTransformer import extract +from ExtractEmailTransformer_6_10 import extract import pytest TEST_EXTRACT__ARGUMENTS = ( diff --git a/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/README.md b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/README.md new file mode 100644 index 000000000000..684873704718 --- /dev/null +++ b/Packs/FiltersAndTransformers/Scripts/ExtractEmailTransformer_6_10/README.md @@ -0,0 +1,22 @@ +Extracts email addresses from the given value. + +**Note:** email addresses are case-insensitive. Results of this script are always lower case, to prevent creation of duplicate indicators. + +Script Data +--- + +| **Name** | **Description** | +| --- | --- | +| Script Type | python3 | +| Tags | transformer | +| Cortex XSOAR Version | 6.1.0 | + +Inputs +--- + +| **Argument Name** | **Description** | +| --- | --- | +| value | the input value. | + +## Outputs +There are no outputs for this script. diff --git a/Packs/FiltersAndTransformers/TestPlaybooks/ExtractEmailTransformer_Test.yml b/Packs/FiltersAndTransformers/TestPlaybooks/ExtractEmailTransformer_Test.yml new file mode 100644 index 000000000000..da45f93bb404 --- /dev/null +++ b/Packs/FiltersAndTransformers/TestPlaybooks/ExtractEmailTransformer_Test.yml @@ -0,0 +1,775 @@ +id: ExtractEmailTransformer_Test +version: -1 +name: ExtractEmailTransformer_Test +description: Test for ExtractEmailTransformer automation. +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: 883d16af-a224-4614-8f57-3bd4e2c64193 + type: start + task: + id: 883d16af-a224-4614-8f57-3bd4e2c64193 + version: -1 + name: "" + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "2" + - "3" + - "4" + - "5" + - "6" + - "9" + - "16" + - "18" + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 1555, + "y": 65 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "1": + id: "1" + taskid: 60d7c354-6580-4210-8963-c8d3b62ebc21 + type: condition + task: + id: 60d7c354-6580-4210-8963-c8d3b62ebc21 + version: -1 + name: Test ExtractEmailTransformer + description: Extracts email addresses from the given value. + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "8" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + complex: + root: test4 + transformers: + - operator: ExtractEmailTransformer + iscontext: true + right: + value: + simple: example@example.com + continueonerrortype: "" + view: |- + { + "position": { + "x": 50, + "y": 400 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "2": + id: "2" + taskid: b4e0cb46-0b76-44dc-8d46-f7229ff201b1 + type: regular + task: + id: b4e0cb46-0b76-44dc-8d46-f7229ff201b1 + version: -1 + name: Set value - example@example.com + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "15" + scriptarguments: + key: + simple: test1 + value: + simple: example@example.com + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 2200, + "y": 225 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "3": + id: "3" + taskid: 23a32fe8-5530-43ac-87d9-de354f1d9588 + type: regular + task: + id: 23a32fe8-5530-43ac-87d9-de354f1d9588 + version: -1 + name: Set value - ["example@example.com", "foo"] + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "14" + scriptarguments: + key: + simple: test2 + value: + simple: '["example@example.com", "foo"]' + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 1770, + "y": 225 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "4": + id: "4" + taskid: 8375c829-321a-4c80-8752-99019df3a012 + type: regular + task: + id: 8375c829-321a-4c80-8752-99019df3a012 + version: -1 + name: Set value - ["example@example.com", "notanem@il"] + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "13" + scriptarguments: + key: + simple: test3 + value: + simple: '["example@example.com", "notanem@il"]' + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 1340, + "y": 225 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "5": + id: "5" + taskid: 4fcdb780-7aaa-4ae0-877d-1629407fdc60 + type: regular + task: + id: 4fcdb780-7aaa-4ae0-877d-1629407fdc60 + version: -1 + name: Set value - EXAMPLE@example.com + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "1" + scriptarguments: + key: + simple: test4 + value: + simple: EXAMPLE@example.com + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 50, + "y": 225 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "6": + id: "6" + taskid: a97681df-436d-4166-82f2-57058d0b43d9 + type: regular + task: + id: a97681df-436d-4166-82f2-57058d0b43d9 + version: -1 + name: Set value - ["example1@example.com", "example2@example.com"] + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "11" + scriptarguments: + key: + simple: test5 + value: + simple: '["example1@example.com", "example2@example.com"]' + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 910, + "y": 225 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "7": + id: "7" + taskid: b0c79131-97c5-4d3b-82a1-93a87129f75b + type: regular + task: + id: b0c79131-97c5-4d3b-82a1-93a87129f75b + version: -1 + name: "Set value - 😎@example.com - It's correct, but for now the regex doesn't catch it" + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + scriptarguments: + key: + simple: test6 + value: + simple: "😎@example.com" + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 1985, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "8": + id: "8" + taskid: 6d4a253a-9b78-4f6b-8997-d87111741e02 + type: title + task: + id: 6d4a253a-9b78-4f6b-8997-d87111741e02 + version: -1 + name: Done + type: title + iscommand: false + brand: "" + description: '' + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 1340, + "y": 575 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "9": + id: "9" + taskid: ff5ef991-e05f-4bfd-8c0f-9ddf79ae4030 + type: regular + task: + id: ff5ef991-e05f-4bfd-8c0f-9ddf79ae4030 + version: -1 + name: Set value - example@example. + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "10" + scriptarguments: + key: + simple: test7 + value: + simple: example@example. + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 480, + "y": 225 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "10": + id: "10" + taskid: 7e0b2ecd-c359-4470-80cd-0355de5434bb + type: condition + task: + id: 7e0b2ecd-c359-4470-80cd-0355de5434bb + version: -1 + name: Test ExtractEmailTransformer - Is empty + description: Extracts email addresses from the given value. + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "8" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEmpty + left: + value: + complex: + root: test7 + transformers: + - operator: ExtractEmailTransformer + iscontext: true + right: + value: {} + continueonerrortype: "" + view: |- + { + "position": { + "x": 480, + "y": 400 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "11": + id: "11" + taskid: 01e8ae6a-c246-4220-8412-5c06c517e4e8 + type: condition + task: + id: 01e8ae6a-c246-4220-8412-5c06c517e4e8 + version: -1 + name: Test ExtractEmailTransformer + description: Extracts email addresses from the given value. + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "8" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: hasLength + left: + value: + complex: + root: test5 + transformers: + - operator: ExtractEmailTransformer + iscontext: true + right: + value: + simple: "2" + continueonerrortype: "" + view: |- + { + "position": { + "x": 910, + "y": 400 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "13": + id: "13" + taskid: aa752c0b-b763-4fda-8bcf-d27e242955dc + type: condition + task: + id: aa752c0b-b763-4fda-8bcf-d27e242955dc + version: -1 + name: Test ExtractEmailTransformer + description: Extracts email addresses from the given value. + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "8" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + complex: + root: test3 + transformers: + - operator: ExtractEmailTransformer + iscontext: true + right: + value: + simple: example@example.com + continueonerrortype: "" + view: |- + { + "position": { + "x": 1340, + "y": 400 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "14": + id: "14" + taskid: ae44df7c-adf2-4ac9-81b9-2d9a053f416a + type: condition + task: + id: ae44df7c-adf2-4ac9-81b9-2d9a053f416a + version: -1 + name: Test ExtractEmailTransformer + description: Extracts email addresses from the given value. + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "8" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + complex: + root: test2 + transformers: + - operator: ExtractEmailTransformer + iscontext: true + right: + value: + simple: example@example.com + continueonerrortype: "" + view: |- + { + "position": { + "x": 1770, + "y": 400 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "15": + id: "15" + taskid: 84657198-3817-483b-82b2-721e606ccb39 + type: condition + task: + id: 84657198-3817-483b-82b2-721e606ccb39 + version: -1 + name: Test ExtractEmailTransformer + description: Extracts email addresses from the given value. + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "8" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + complex: + root: test1 + transformers: + - operator: ExtractEmailTransformer + iscontext: true + right: + value: + simple: example@example.com + continueonerrortype: "" + view: |- + { + "position": { + "x": 2200, + "y": 400 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "16": + id: "16" + taskid: c94258e0-4b47-4af9-8645-7dcdd531c185 + type: regular + task: + id: c94258e0-4b47-4af9-8645-7dcdd531c185 + version: -1 + name: Set value - טסט@example.com + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "19" + scriptarguments: + key: + simple: test9 + value: + simple: טסט@example.com + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 2630, + "y": 225 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "18": + id: "18" + taskid: 5f05c38c-34b4-4ff2-84f9-ccd56ce3617d + type: regular + task: + id: 5f05c38c-34b4-4ff2-84f9-ccd56ce3617d + version: -1 + name: Set value - double.tld@test.co.jp + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "20" + scriptarguments: + key: + simple: test8 + value: + simple: double.tld@test.co.jp + separatecontext: false + continueonerrortype: "" + view: |- + { + "position": { + "x": 3060, + "y": 225 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "19": + id: "19" + taskid: 1c50ed73-251f-4d35-8b67-28145b874ca0 + type: condition + task: + id: 1c50ed73-251f-4d35-8b67-28145b874ca0 + version: -1 + name: Test ExtractEmailTransformer + description: Extracts email addresses from the given value. + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "8" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + complex: + root: test9 + transformers: + - operator: ExtractEmailTransformer + iscontext: true + right: + value: + simple: טסט@example.com + continueonerrortype: "" + view: |- + { + "position": { + "x": 2630, + "y": 400 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "20": + id: "20" + taskid: 61476bf4-29cc-4a03-8519-7a8564a14f2d + type: condition + task: + id: 61476bf4-29cc-4a03-8519-7a8564a14f2d + version: -1 + name: Test ExtractEmailTransformer + description: Extracts email addresses from the given value. + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "8" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + complex: + root: test8 + transformers: + - operator: ExtractEmailTransformer + iscontext: true + right: + value: + simple: double.tld@test.co.jp + continueonerrortype: "" + view: |- + { + "position": { + "x": 3060, + "y": 400 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false +view: |- + { + "linkLabelsPosition": {}, + "paper": { + "dimensions": { + "height": 590, + "width": 3390, + "x": 50, + "y": 50 + } + } + } +inputs: [] +outputs: [] +fromversion: 6.11.0 diff --git a/Packs/FiltersAndTransformers/pack_metadata.json b/Packs/FiltersAndTransformers/pack_metadata.json index 8584e53ccf54..9f648c137469 100644 --- a/Packs/FiltersAndTransformers/pack_metadata.json +++ b/Packs/FiltersAndTransformers/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Filters And Transformers", "description": "Frequently used filters and transformers pack.", "support": "xsoar", - "currentVersion": "1.2.43", + "currentVersion": "1.2.44", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Tests/conf.json b/Tests/conf.json index 5c9ff5c00fe2..61cf7802f491 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -198,6 +198,10 @@ { "playbookID": "SetAndHandleEmpty_Test" }, + { + "playbookID": "ExtractEmailTransformer_Test", + "fromversion": "6.11.0" + }, { "integrations": "Tripwire", "playbookID": "TestplaybookTripwire", From 7a8b0be298aa2a59e89d80d4c4a00d16c32b1514 Mon Sep 17 00:00:00 2001 From: Karina Fishman <147307864+karinafishman@users.noreply.github.com> Date: Mon, 11 Dec 2023 17:09:26 +0200 Subject: [PATCH 04/50] Fix for playbooks that uses deprecated sub-playbooks (#31330) * The sub-playbook of wildfire detonate file was changed to v2 * Replaced the old version of Cortex XDR - Retrieve File with the new version * Crowdstrike detonate file was changed to a new version * release notes update * release notes update * readme files updated * release note * fix for taskid and task field * fixes for taskid and task not equal value * release notes fix * added new images for the playbooks * Unique value fix * RN updated * fixes for PR * RN fix * fix * fix * RN fix * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> * PN fix and unique fix * fix for error in the build * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/ReleaseNotes/3_0_3.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CortexXDR/ReleaseNotes/6_0_8.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --- .../playbook-Detonate_File_-_Generic.yml | 589 ++++++------ ...playbook-Detonate_File_-_Generic_README.md | 354 +++---- .../playbook-Detonate_URL_-_Generic_v1.5.yml | 907 +++++++++--------- ...book-Detonate_URL_-_Generic_v1.5_README.md | 293 +++--- Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md | 10 + .../doc_files/Detonate_File_-_Generic.png | Bin 163195 -> 166089 bytes .../doc_files/Detonate_URL_-_Generic_v1.5.png | Bin 192356 -> 188709 bytes Packs/CommonPlaybooks/pack_metadata.json | 2 +- ...playbook-Ransomware_Enrich_and_Contain.yml | 144 +-- ...ok-Ransomware_Enrich_and_Contain_README.md | 28 +- Packs/Core/ReleaseNotes/3_0_3.md | 6 + .../Ransomware_Enrich_and_Contain.png | Bin 348374 -> 380970 bytes Packs/Core/pack_metadata.json | 2 +- .../Cortex_XDR_-_Malware_Investigation.yml | 197 ++-- ...rtex_XDR_-_Malware_Investigation_README.md | 24 +- Packs/CortexXDR/ReleaseNotes/6_0_8.md | 6 + .../Cortex_XDR_-_Malware_Investigation.png | Bin 190479 -> 180523 bytes Packs/CortexXDR/pack_metadata.json | 2 +- 18 files changed, 1318 insertions(+), 1246 deletions(-) create mode 100644 Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md create mode 100644 Packs/Core/ReleaseNotes/3_0_3.md create mode 100644 Packs/CortexXDR/ReleaseNotes/6_0_8.md diff --git a/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic.yml b/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic.yml index 162b719f6218..af0412f9d2c6 100644 --- a/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic.yml +++ b/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic.yml @@ -17,7 +17,7 @@ description: |- - VMRay Analyzer - Polygon - CrowdStrike Falcon Intelligence Sandbox - - OPSWAT Filescan + - OPSWAT Filescan. starttaskid: "0" tasks: "0": @@ -34,18 +34,18 @@ tasks: nexttasks: '#none#': - "9" - - "13" - "14" - "15" - "18" - "19" - "20" - - "22" - "23" - "24" - "25" - "27" - "29" + - "30" + - "31" separatecontext: false view: |- { @@ -153,55 +153,6 @@ tasks: continueonerrortype: "" isoversize: false isautoswitchedtoquietmode: false - "13": - id: "13" - taskid: cdc7dce0-1029-4a8f-8a7a-eee17d570ea7 - type: playbook - task: - id: cdc7dce0-1029-4a8f-8a7a-eee17d570ea7 - version: -1 - name: WildFire - Detonate file - description: |- - Detonate one or more files using the Wildfire integration. This playbook - returns relevant reports to the War Room and file reputations to the context data. - The detonation supports the following file types - - APK, JAR, DOC, DOCX, RTF, XLS, XLSX, PPT, PPTX, XML, PE32, PDF, DMG, PKG, RAR, 7Z - playbookName: WildFire - Detonate file - type: playbook - iscommand: false - brand: "" - nexttasks: - '#none#': - - "3" - scriptarguments: - File: - complex: - root: inputs.File - Interval: - simple: "1" - Timeout: - simple: "15" - separatecontext: true - loop: - iscommand: false - exitCondition: "" - wait: 1 - max: 0 - view: |- - { - "position": { - "x": 1470, - "y": 370 - } - } - note: false - timertriggers: [] - ignoreworker: false - skipunavailable: true - quietmode: 0 - continueonerrortype: "" - isoversize: false - isautoswitchedtoquietmode: false "14": id: "14" taskid: 13d629fd-83d1-4096-8e89-4d8ca6b4322e @@ -470,67 +421,6 @@ tasks: continueonerrortype: "" isoversize: false isautoswitchedtoquietmode: false - "22": - id: "22" - taskid: 2418c5d7-65e3-40ff-8281-fa47ad0369ca - type: playbook - task: - id: 2418c5d7-65e3-40ff-8281-fa47ad0369ca - version: -1 - name: Detonate File - CrowdStrike Falcon Intelligence Sandbox - description: |- - Detonates a File using CrowdStrike Falcon Intelligence Sandbox sandbox. - Accepted file formats: - Portable executables: .exe, .scr, .pif, .dll, .com, .cpl, etc. - Office documents: .doc, .docx, .ppt, .pps, .pptx, .ppsx, .xls, .xlsx, .rtf, .pub - PDF - APK - Executable JAR - Windows script component: .sct - Windows shortcut: .lnk - Windows help: .chm - HTML application: .hta - Windows script file: .wsf - Javascript: .js - Visual Basic: .vbs, .vbe - Shockwave Flash: .swf - Perl: .pl - Powershell: .ps1, .psd1, .psm1 - Scalable vector graphics: .svg - Python: .py - Linux ELF executables - Email files: MIME RFC 822 .eml, Outlook .msg. - playbookName: Detonate File - CrowdStrike Falcon Intelligence Sandbox - type: playbook - iscommand: false - brand: "" - nexttasks: - '#none#': - - "3" - scriptarguments: - File: - complex: - root: inputs.File - Interval: - simple: "1" - Timeout: - simple: "15" - separatecontext: true - view: |- - { - "position": { - "x": 4680, - "y": 370 - } - } - note: false - timertriggers: [] - ignoreworker: false - skipunavailable: true - quietmode: 0 - isoversize: false - isautoswitchedtoquietmode: false - continueonerrortype: "" "23": id: "23" taskid: c28803a1-9938-4fa0-8994-4f1d01f7e800 @@ -651,7 +541,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 0 isoversize: false isautoswitchedtoquietmode: false @@ -702,7 +592,7 @@ tasks: id: 8febf391-f313-4539-89c1-bd4df099dc51 version: -1 name: Detonate file - CrowdStrike Falcon Sandbox v2 - description: Detonates a File using CrowdStrike Falcon. + description: Detonates a File using CrowdStrike Falcon sandbox. playbookName: Detonate file - CrowdStrike Falcon Sandbox v2 type: playbook iscommand: false @@ -716,6 +606,8 @@ tasks: File: complex: root: inputs.File + transformers: + - operator: uniq separatecontext: true continueonerrortype: "" loop: @@ -782,6 +674,125 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false + "30": + id: "30" + taskid: b52cc619-b027-4886-8a06-a0975dbc61a9 + type: playbook + task: + id: b52cc619-b027-4886-8a06-a0975dbc61a9 + version: -1 + name: Detonate File - CrowdStrike Falcon Intelligence Sandbox v2 + description: |- + Detonates a file using CrowdStrike Falcon Intelligence Sandbox. + Accepted file formats: + Portable executables: .exe, .scr, .pif, .dll, .com, .cpl, etc. + Office documents: .doc, .docx, .ppt, .pps, .pptx, .ppsx, .xls, .xlsx, .rtf, .pub + PDF + APK + Executable JAR + Windows script component: .sct + Windows shortcut: .lnk + Windows help: .chm + HTML application: .hta + Windows script file: .wsf + Javascript: .js + Visual Basic: .vbs, .vbe + Shockwave Flash: .swf + Perl: .pl + Powershell: .ps1, .psd1, .psm1 + Scalable vector graphics: .svg + Python: .py + Linux ELF executables + Email files: MIME RFC 822 .eml, Outlook .msg. + playbookName: Detonate File - CrowdStrike Falcon Intelligence Sandbox v2 + type: playbook + iscommand: false + brand: "" + nexttasks: + '#none#': + - "3" + scriptarguments: + EnvironmentID: + simple: '160: Windows 10' + File: + complex: + root: inputs.File + transformers: + - operator: uniq + FullReport: + simple: "True" + Interval: + simple: "1" + Timeout: + simple: "10" + separatecontext: true + continueonerrortype: "" + loop: + iscommand: false + exitCondition: "" + wait: 1 + max: 0 + view: |- + { + "position": { + "x": 4680, + "y": 370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: true + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "31": + id: "31" + taskid: 18f66f67-79fe-416e-86aa-f68470eacfac + type: playbook + task: + id: 18f66f67-79fe-416e-86aa-f68470eacfac + version: -1 + name: WildFire - Detonate file v2 + playbookName: WildFire - Detonate file v2 + type: playbook + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "3" + scriptarguments: + File: + complex: + root: inputs.File + transformers: + - operator: uniq + Interval: + simple: "1" + Timeout: + simple: "8" + separatecontext: true + continueonerrortype: "" + loop: + iscommand: false + exitCondition: "" + wait: 1 + max: 100 + view: |- + { + "position": { + "x": 1470, + "y": 370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: true + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false view: |- { "linkLabelsPosition": { @@ -816,202 +827,202 @@ inputs: playbookInputQuery: outputs: - contextPath: Joe.Analysis.Status - description: Analysis Status + description: Analysis Status. type: string - contextPath: File.Name - description: The file's name (only in case of report type=json) + description: The file's name (only in case of report type=json). type: string - contextPath: File.SHA1 - description: SHA1 hash of the file + description: SHA1 hash of the file. type: string - contextPath: File.SHA256 - description: SHA256 hash of the file + description: SHA256 hash of the file. type: string - contextPath: File.Size - description: File size (only in case of report type=json) + description: File size (only in case of report type=json). type: number - contextPath: File.Type - description: File type e.g. "PE" (only in case of report type=json) + description: File type e.g. "PE" (only in case of report type=json). type: string - contextPath: File.Malicious - description: The File malicious description + description: The File malicious description. type: unknown - contextPath: File.Malicious.Description - description: For malicious files, the reason for the vendor to make the decision + description: For malicious files, the reason for the vendor to make the decision. type: string - contextPath: File.Malicious.Vendor - description: For malicious files, the vendor that made the decision + description: For malicious files, the vendor that made the decision. type: string - contextPath: DBotScore - description: The Indicator's object + description: The Indicator's object. type: unknown - contextPath: DBotScore.Indicator - description: The indicator that was tested + description: The indicator that was tested. type: string - contextPath: DBotScore.Score - description: The actual score + description: The actual score. type: number - contextPath: DBotScore.Type - description: The type of the indicator + description: The type of the indicator. type: string - contextPath: DBotScore.Vendor - description: Vendor used to calculate the score + description: Vendor used to calculate the score. type: string - contextPath: IP.Address - description: IP's relevant to the sample + description: IP's relevant to the sample. type: string - contextPath: DBotScore.Malicious.Vendor - description: Vendor used to calculate the score + description: Vendor used to calculate the score. type: string - contextPath: DBotScore.Malicious.Detections - description: The sub analysis detection statuses + description: The sub analysis detection statuses. type: string - contextPath: DBotScore.Malicious.SHA1 - description: The SHA1 of the file + description: The SHA1 of the file. type: string - contextPath: File - description: The File's object + description: The File's object. type: unknown - contextPath: File.MD5 - description: MD5 hash of the file + description: MD5 hash of the file. type: string - contextPath: Joe.Analysis.SampleName - description: Sample Data, could be a file name or URL + description: Sample Data, could be a file name or URL. type: string - contextPath: Joe.Analysis.Comments - description: Analysis Comments + description: Analysis Comments. type: string - contextPath: Joe.Analysis.Time - description: Submitted Time + description: Submitted Time. type: date - contextPath: Joe.Analysis.Runs - description: Sub-Analysis Information + description: Sub-Analysis Information. type: unknown - contextPath: Joe.Analysis.Result - description: Analysis Results + description: Analysis Results. type: string - contextPath: Joe.Analysis.Errors - description: Raised errors during sampling + description: Raised errors during sampling. type: unknown - contextPath: Joe.Analysis.Systems - description: Analysis OS + description: Analysis OS. type: unknown - contextPath: Joe.Analysis.MD5 - description: MD5 of analysis sample + description: MD5 of analysis sample. type: string - contextPath: Joe.Analysis.SHA1 - description: SHA1 of analysis sample + description: SHA1 of analysis sample. type: string - contextPath: Joe.Analysis.SHA256 - description: SHA256 of analysis sample + description: SHA256 of analysis sample. type: string - contextPath: InfoFile.Name - description: FileName of the report file + description: FileName of the report file. type: string - contextPath: InfoFile.EntryID - description: The EntryID of the report file + description: The EntryID of the report file. type: string - contextPath: InfoFile.Size - description: File Size + description: File Size. type: number - contextPath: InfoFile.Type - description: File type e.g. "PE" + description: File type e.g. "PE". type: string - contextPath: InfoFile.Info - description: Basic information of the file + description: Basic information of the file. type: string - contextPath: File.Extension - description: The extension of the file + description: The extension of the file. type: string - contextPath: InfoFile - description: The report file's object + description: The report file's object. type: unknown - contextPath: WildFire.Report - description: The submission object + description: The submission object. type: unknown - contextPath: WildFire.Report.Status - description: The status of the submission + description: The status of the submission. type: string - contextPath: WildFire.Report.SHA256 - description: SHA256 of the submission + description: SHA256 of the submission. type: string - contextPath: WildFire.Report.MD5 - description: MD5 of the submission + description: MD5 of the submission. type: string - contextPath: WildFire.Report.FileType - description: The type of the submission + description: The type of the submission. type: string - contextPath: WildFire.Report.Size - description: The size of the submission + description: The size of the submission. type: number - contextPath: Joe.Analysis - description: The Analysis object + description: The Analysis object. type: string - contextPath: Cuckoo.Task.Category - description: Category of task + description: Category of task. type: string - contextPath: Cuckoo.Task.Machine - description: Machine of task + description: Machine of task. type: string - contextPath: Cuckoo.Task.Errors - description: Errors of task + description: Errors of task. type: string - contextPath: Cuckoo.Task.Target - description: Target of task + description: Target of task. type: string - contextPath: Cuckoo.Task.Package - description: Package of task + description: Package of task. type: string - contextPath: Cuckoo.Task.SampleID - description: Sample ID of task + description: Sample ID of task. type: string - contextPath: Cuckoo.Task.Guest - description: Task guest + description: Task guest. type: string - contextPath: Cuckoo.Task.Custom - description: Custom values of task + description: Custom values of task. type: string - contextPath: Cuckoo.Task.Owner - description: Task owner + description: Task owner. type: string - contextPath: Cuckoo.Task.Priority - description: Priority of task + description: Priority of task. type: string - contextPath: Cuckoo.Task.Platform - description: Platform of task + description: Platform of task. type: string - contextPath: Cuckoo.Task.Options - description: Task options + description: Task options. type: string - contextPath: Cuckoo.Task.Status - description: Task status + description: Task status. type: string - contextPath: Cuckoo.Task.EnforceTimeout - description: Is timeout of task enforced + description: Is timeout of task enforced. type: string - contextPath: Cuckoo.Task.Timeout - description: Task timeout + description: Task timeout. type: string - contextPath: Cuckoo.Task.Memory - description: Task memory + description: Task memory. type: string - contextPath: Cuckoo.Task.Tags - description: Task tags + description: Task tags. type: string - contextPath: Cuckoo.Task.ID - description: ID of task + description: ID of task. type: string - contextPath: Cuckoo.Task.AddedOn - description: Date on which the task was added + description: Date on which the task was added. type: string - contextPath: Cuckoo.Task.CompletedOn - description: Date on which the task was completed + description: Date on which the task was completed. type: string - contextPath: Cuckoo.Task.Score - description: Reported score of the the task + description: Reported score of the the task. type: string - contextPath: Cuckoo.Task.Monitor - description: Monitor of the reported task + description: Monitor of the reported task. type: string - contextPath: ANYRUN.Task.AnalysisDate description: Date and time the analysis was executed. @@ -1188,7 +1199,7 @@ outputs: description: Task analysis status. type: String - contextPath: VMRay.Job - description: The Job Object + description: The Job Object. type: unknown - contextPath: VMRay.Job.JobID description: The ID of a new job. @@ -1206,7 +1217,7 @@ outputs: description: The ID of virtual machine. type: number - contextPath: VMRay.Sample - description: The Sample For Analysis + description: The Sample For Analysis. type: unknown - contextPath: VMRay.Sample.SampleID description: The sample ID of the task. @@ -1245,7 +1256,7 @@ outputs: description: The classifications of the sample. type: string - contextPath: VMRay.Submission - description: Submission Object + description: Submission Object. type: unknown - contextPath: VMRay.Submission.SubmissionID description: The submission ID. @@ -1263,7 +1274,7 @@ outputs: description: The SHA1 hash of the sample in submission. type: string - contextPath: VMRay.Submission.SHA256 - description: 'The SHA256 hash of the sample in submission.' + description: The SHA256 hash of the sample in submission. type: string - contextPath: VMRay.Submission.Verdict description: Verdict for the sample (Malicious, Suspicious, Clean, Not Available). @@ -1281,7 +1292,7 @@ outputs: description: The ID of the sample in submission. type: number - contextPath: VMRay.Sample.IOC.File - description: File Object + description: File Object. type: unknown - contextPath: VMRay.Sample.IOC.File.AnalysisID description: The IDs of other analyses that contain the given file. @@ -1299,10 +1310,10 @@ outputs: description: The type of the file. type: string - contextPath: VMRay.Sample.IOC.File.Hashes - description: File Hashes Object + description: File Hashes Object. type: unknown - contextPath: VMRay.Sample.IOC.File.Hashes.MD5 - description: 'The MD5 hash of the given file.' + description: The MD5 hash of the given file. type: string - contextPath: VMRay.Sample.IOC.File.Hashes.SSDeep description: The SSDeep hash of the given file. @@ -1314,7 +1325,7 @@ outputs: description: The SHA1 hash of the given file. type: string - contextPath: VMRay.Sample.IOC.URL - description: URL Object + description: URL Object. type: unknown - contextPath: VMRay.Sample.IOC.URL.AnalysisID description: The IDs of the other analyses that contain the given URL. @@ -1332,13 +1343,13 @@ outputs: description: The type of the URL. type: string - contextPath: VMRay.Sample.IOC.Domain - description: Domain Object + description: Domain Object. type: unknown - contextPath: VMRay.Sample.IOC.Domain.AnalysisID description: The IDs of the other analyses that contain the given domain. type: number - contextPath: VMRay.Sample.IOC.Domain.Domain - description: 'The domain.' + description: The domain. type: string - contextPath: VMRay.Sample.IOC.Domain.ID description: The ID of the domain. @@ -1347,7 +1358,7 @@ outputs: description: The type of the domain. type: string - contextPath: VMRay.Sample.IOC.IP - description: IP Object + description: IP Object. type: unknown - contextPath: VMRay.Sample.IOC.IP.AnalysisID description: The IDs of the other analyses that contain the given IP address. @@ -1356,7 +1367,7 @@ outputs: description: The IP address. type: string - contextPath: VMRay.Sample.IOC.IP.Operation - description: 'The operation of the given IP address.' + description: The operation of the given IP address. type: string - contextPath: VMRay.Sample.IOC.IP.ID description: The ID of the IP address. @@ -1365,16 +1376,16 @@ outputs: description: The type of the IP address. type: string - contextPath: VMRay.Sample.IOC.Mutex - description: Mutex Object + description: Mutex Object. type: unknown - contextPath: VMRay.Sample.IOC.Mutex.AnalysisID description: The IDs of other analyses that contain the given IP address. type: number - contextPath: VMRay.Sample.IOC.Mutex.Name - description: 'The name of the mutex.' + description: The name of the mutex. type: string - contextPath: VMRay.Sample.IOC.Mutex.Operation - description: The operation of the given mutex + description: The operation of the given mutex. type: string - contextPath: VMRay.Sample.IOC.Mutex.ID description: The ID of the mutex. @@ -1383,13 +1394,13 @@ outputs: description: The type of the mutex. type: string - contextPath: VMRay.ThreatIndicator - description: Indicator Object + description: Indicator Object. type: unknown - contextPath: VMRay.ThreatIndicator.AnalysisID description: The list of connected analysis IDs. type: number - contextPath: VMRay.ThreatIndicator.Category - description: 'The category of threat indicators.' + description: The category of threat indicators. type: string - contextPath: VMRay.ThreatIndicator.Classification description: The classifications of threat indicators. @@ -1401,238 +1412,238 @@ outputs: description: The operation that caused the indicators. type: string - contextPath: SecneurXAnalysis.Report.SHA256 - description: SHA256 value of the analyzed sample + description: SHA256 value of the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.Verdict - description: 'Summary result of the analyzed sample' + description: Summary result of the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.Tags - description: More details of the analyzed sample + description: More details of the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.IOC - description: List of IOC's observed in the analyzed sample + description: List of IOC's observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.Status - description: Analysis queued sample state + description: Analysis queued sample state. type: String - contextPath: SecneurXAnalysis.Report.DnsRequests - description: List of DNS data observed in the analyzed sample + description: List of DNS data observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.HttpRequests - description: List of HTTP data observed in the analyzed sample + description: List of HTTP data observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.JA3Digests - description: 'List of JA3 data observed in the analyzed sample' + description: List of JA3 data observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.ProcessCreated - description: Process behaviour data observed in the analyzed sample + description: Process behaviour data observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.RegistrySet - description: List of Registry creations observed in the analyzed sample + description: List of Registry creations observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.RegistryDeleted - description: List of Registry deletions observed in the analyzed sample + description: List of Registry deletions observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.FileCreated - description: List of File creations observed in the analyzed sample + description: List of File creations observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.FileDropped - description: List of File drops observed in the analyzed sample + description: List of File drops observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.FileDeleted - description: 'List of File deletions observed in the analyzed sample' + description: List of File deletions observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.FileModified - description: List of File changes observed in the analyzed sample + description: List of File changes observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.Platform - description: Platform of the analyzed sample + description: Platform of the analyzed sample. type: String - contextPath: ATD.Task.taskId - description: The task ID of the sample uploaded + description: The task ID of the sample uploaded. type: string - contextPath: ATD.Task.jobId - description: The job ID of the sample uploaded + description: The job ID of the sample uploaded. type: string - contextPath: ATD.Task.messageId - description: The message Id relevant to the sample uploaded + description: The message Id relevant to the sample uploaded. type: string - contextPath: ATD.Task.srcIp - description: Source IPv4 address + description: Source IPv4 address. type: string - contextPath: ATD.Task.destIp - description: Destination IPv4 address + description: Destination IPv4 address. type: string - contextPath: ATD.Task.MD5 - description: MD5 of the sample uploaded + description: MD5 of the sample uploaded. type: string - contextPath: ATD.Task.SHA1 - description: SHA1 of the sample uploaded + description: SHA1 of the sample uploaded. type: string - contextPath: ATD.Task.SHA256 - description: SHA256 of the sample uploaded + description: SHA256 of the sample uploaded. type: string - contextPath: InfoFile.Extension - description: The extension of the report file + description: The extension of the report file. type: string - contextPath: File.EntryID - description: The Entry ID of the sample + description: The Entry ID of the sample. type: string - contextPath: URL.Data - description: List of malicious URLs identified by Lastline analysis + description: List of malicious URLs identified by Lastline analysis. type: string - contextPath: URL.Malicious.Vendor - description: For malicious URLs, the vendor that made the decision + description: For malicious URLs, the vendor that made the decision. type: string - contextPath: URL.Malicious.Description - description: For malicious URLs, the reason for the vendor to make the decision + description: For malicious URLs, the reason for the vendor to make the decision. type: string - contextPath: URL.Malicious.Score - description: For malicious URLs, the score from the vendor + description: For malicious URLs, the score from the vendor. type: number - contextPath: Lastline.Submission.Status - description: Status of the submission + description: Status of the submission. type: string - contextPath: Lastline.Submission.DNSqueries - description: List of DNS queries done by the analysis subject + description: List of DNS queries done by the analysis subject. type: string - contextPath: Lastline.Submission.NetworkConnections - description: ist of network connections done by the analysis subject + description: ist of network connections done by the analysis subject. type: string - contextPath: Lastline.Submission.DownloadedFiles description: List of files that were downloaded using the Microsoft Windows file-download API functions. Each element is a tuple of file-origin URL and a File element. type: string - contextPath: Lastline.Submission.UUID - description: Task UUID of submitted sample + description: Task UUID of submitted sample. type: number - contextPath: Lastline.Submission.YaraSignatures.name - description: Yara signatures name + description: Yara signatures name. type: string - contextPath: Lastline.Submission.YaraSignatures.score description: The score according to the yara signatures. from 0 to 100. type: number - contextPath: Lastline.Submission.YaraSignatures.internal - description: True if the signature is only for internal usage + description: True if the signature is only for internal usage. type: boolean - contextPath: Lastline.Submission.Process.arguments - description: Argument of the process + description: Argument of the process. type: string - contextPath: Lastline.Submission.Process.process_id - description: The process ID + description: The process ID. type: string - contextPath: Lastline.Submission.Process.executable.abs_path - description: Absolute path of the executable of the process + description: Absolute path of the executable of the process. type: string - contextPath: Lastline.Submission.Process.executable.filename - description: Filename of the executable + description: Filename of the executable. type: string - contextPath: Lastline.Submission.Process.executable.yara_signature_hits - description: Yara signature of the executable of the process + description: Yara signature of the executable of the process. type: string - contextPath: Lastline.Submission.Process.executable.ext_info - description: Executable info of the process + description: Executable info of the process. type: string - contextPath: Joe.Analysis.ID - description: Web ID + description: Web ID. type: string - contextPath: Domain.Name - description: The Domain name + description: The Domain name. type: string - contextPath: Domain.DNS description: A list of IP objects resolved by DNS. type: string - contextPath: RegistryKey.Path - description: The path to the registry key + description: The path to the registry key. type: string - contextPath: RegistryKey.Value description: The value at the given RegistryKey. type: string - contextPath: Process.Name - description: Process name + description: Process name. type: string - contextPath: Process.PID - description: Process PID + description: Process PID. type: number - contextPath: Process.CommandLine - description: Process Command Line + description: Process Command Line. type: string - contextPath: Process.Path - description: Process path + description: Process path. type: string - contextPath: Process.StartTime - description: Process start time + description: Process start time. type: date - contextPath: Process.EndTime - description: Process end time + description: Process end time. type: date - contextPath: Polygon.Analysis.ID - description: Analysis ID in THF + description: Analysis ID in THF. type: number - contextPath: Polygon.Analysis.Name - description: File Name + description: File Name. type: string - contextPath: Polygon.Analysis.Size - description: File Size + description: File Size. type: number - contextPath: Polygon.Analysis.Started - description: Analysis start timestamp + description: Analysis start timestamp. type: date - contextPath: Polygon.Analysis.Analyzed - description: Analysis finish timestamp + description: Analysis finish timestamp. type: date - contextPath: Polygon.Analysis.MD5 - description: Analyzed file MD5 hash + description: Analyzed file MD5 hash. type: string - contextPath: Polygon.Analysis.SHA1 - description: Analyzed file SHA1 hash + description: Analyzed file SHA1 hash. type: string - contextPath: Polygon.Analysis.SHA256 - description: Analyzed file SHA256 + description: Analyzed file SHA256. type: string - contextPath: Polygon.Analysis.Result - description: Analysis verdict + description: Analysis verdict. type: string - contextPath: Polygon.Analysis.Status - description: The analysis status + description: The analysis status. type: string - contextPath: Polygon.Analysis.Verdict - description: Analysis verdict + description: Analysis verdict. type: boolean - contextPath: Polygon.Analysis.Probability - description: Verdict probability + description: Verdict probability. type: string - contextPath: Polygon.Analysis.Families - description: Malware families + description: Malware families. type: string - contextPath: Polygon.Analysis.Score - description: Polygon score + description: Polygon score. type: number - contextPath: Polygon.Analysis.Internet-connection - description: Internet availability + description: Internet availability. type: string - contextPath: Polygon.Analysis.Type - description: File type + description: File type. type: string - contextPath: Polygon.Analysis.DumpExists - description: Network activity dump exists + description: Network activity dump exists. type: boolean - contextPath: Polygon.Analysis.File - description: The information about files in analysis + description: The information about files in analysis. type: string - contextPath: Polygon.Analysis.URL - description: The information about URL indicators + description: The information about URL indicators. type: string - contextPath: Polygon.Analysis.IP - description: The information about IP indicators + description: The information about IP indicators. type: string - contextPath: Polygon.Analysis.Domain - description: The information about Domain indicators + description: The information about Domain indicators. type: string - contextPath: Polygon.Analysis.RegistryKey - description: The information about registry keys which were modified during the analysis + description: The information about registry keys which were modified during the analysis. type: string - contextPath: Polygon.Analysis.Process - description: The information about processes started during the analysis + description: The information about processes started during the analysis. type: string - contextPath: csfalconx.resource.id description: Analysis ID. @@ -1695,51 +1706,53 @@ outputs: description: The flow ID. type: string - contextPath: OPSWAT.Filescan.Analysis.finalVerdict.verdict - description: The final verdict + description: The final verdict. type: string - contextPath: OPSWAT.Filescan.Analysis.allTags - description: All tags + description: All tags. type: string - contextPath: OPSWAT.Filescan.Analysis.overallState - description: Overall state of the scan + description: Overall state of the scan. type: string - contextPath: OPSWAT.Filescan.Analysis.subtaskReferences - description: Status of scan subtasks + description: Status of scan subtasks. type: string - contextPath: OPSWAT.Filescan.Analysis.allSignalGroups - description: All signal groups + description: All signal groups. type: string - contextPath: OPSWAT.Filescan.Analysis.resources - description: Resources + description: Resources. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.name - description: Name of the main scan task + description: Name of the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.additionalInfo - description: Additional informations about the main scan task + description: Additional informations about the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.ID - description: ID of the main scan task + description: ID of the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.state - description: State of the main scan task + description: State of the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.resourceReference - description: Resource reference of the main scan task + description: Resource reference of the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.opcount - description: Counter + description: Counter. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.processTime - description: processTime + description: processTime. type: string - contextPath: OPSWAT.Filescan.Analysis.file.name - description: The name of the file + description: The name of the file. - contextPath: OPSWAT.Filescan.Analysis.file.hash - description: The SHA256 of the file + description: The SHA256 of the file. - contextPath: OPSWAT.Filescan.Analysis.file.type - description: The type of the submission + description: The type of the submission. fromversion: 5.0.0 tests: - Detonate File - No Files test - Detonate File - Generic Test +contentitemexportablefields: + contentitemfields: {} diff --git a/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic_README.md b/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic_README.md index 3a3754a55301..9575e5a10119 100644 --- a/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic_README.md +++ b/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_File_-_Generic_README.md @@ -13,7 +13,7 @@ Supported integrations: - VMRay Analyzer - Polygon - CrowdStrike Falcon Intelligence Sandbox -- OPSWAT Filescan +- OPSWAT Filescan. ## Dependencies @@ -21,19 +21,19 @@ This playbook uses the following sub-playbooks, integrations, and scripts. ### Sub-playbooks +* Detonate File - FireEye AX +* Detonate File - Group-IB TDS Polygon * Detonate File - JoeSecurity V2 -* Detonate File - Lastline v2 -* Detonate File - ANYRUN -* Detonate file - CrowdStrike Falcon Sandbox v2 * ATD - Detonate File -* Detonate File - SecneurX Analysis -* WildFire - Detonate file +* Detonate file - CrowdStrike Falcon Sandbox v2 +* Detonate File - ANYRUN * Detonate File - ThreatGrid v2 -* Detonate File - CrowdStrike Falcon Intelligence Sandbox -* Detonate File - FireEye AX -* Detonate File - VMRay -* Detonate File - Group-IB TDS Polygon +* WildFire - Detonate file v2 +* Detonate File - Lastline v2 * Detonate File - Cuckoo +* Detonate File - CrowdStrike Falcon Intelligence Sandbox v2 +* Detonate File - VMRay +* Detonate File - SecneurX Analysis ### Integrations @@ -62,72 +62,72 @@ This playbook does not use any scripts. | **Path** | **Description** | **Type** | | --- | --- | --- | -| Joe.Analysis.Status | Analysis Status | string | -| File.Name | The file's name \(only in case of report type=json\) | string | -| File.SHA1 | SHA1 hash of the file | string | -| File.SHA256 | SHA256 hash of the file | string | -| File.Size | File size \(only in case of report type=json\) | number | -| File.Type | File type e.g. "PE" \(only in case of report type=json\) | string | -| File.Malicious | The File malicious description | unknown | -| File.Malicious.Description | For malicious files, the reason for the vendor to make the decision | string | -| File.Malicious.Vendor | For malicious files, the vendor that made the decision | string | -| DBotScore | The Indicator's object | unknown | -| DBotScore.Indicator | The indicator that was tested | string | -| DBotScore.Score | The actual score | number | -| DBotScore.Type | The type of the indicator | string | -| DBotScore.Vendor | Vendor used to calculate the score | string | -| IP.Address | IP's relevant to the sample | string | -| DBotScore.Malicious.Vendor | Vendor used to calculate the score | string | -| DBotScore.Malicious.Detections | The sub analysis detection statuses | string | -| DBotScore.Malicious.SHA1 | The SHA1 of the file | string | -| File | The File's object | unknown | -| File.MD5 | MD5 hash of the file | string | -| Joe.Analysis.SampleName | Sample Data, could be a file name or URL | string | -| Joe.Analysis.Comments | Analysis Comments | string | -| Joe.Analysis.Time | Submitted Time | date | -| Joe.Analysis.Runs | Sub-Analysis Information | unknown | -| Joe.Analysis.Result | Analysis Results | string | -| Joe.Analysis.Errors | Raised errors during sampling | unknown | -| Joe.Analysis.Systems | Analysis OS | unknown | -| Joe.Analysis.MD5 | MD5 of analysis sample | string | -| Joe.Analysis.SHA1 | SHA1 of analysis sample | string | -| Joe.Analysis.SHA256 | SHA256 of analysis sample | string | -| InfoFile.Name | FileName of the report file | string | -| InfoFile.EntryID | The EntryID of the report file | string | -| InfoFile.Size | File Size | number | -| InfoFile.Type | File type e.g. "PE" | string | -| InfoFile.Info | Basic information of the file | string | -| File.Extension | The extension of the file | string | -| InfoFile | The report file's object | unknown | -| WildFire.Report | The submission object | unknown | -| WildFire.Report.Status | The status of the submission | string | -| WildFire.Report.SHA256 | SHA256 of the submission | string | -| WildFire.Report.MD5 | MD5 of the submission | string | -| WildFire.Report.FileType | The type of the submission | string | -| WildFire.Report.Size | The size of the submission | number | -| Joe.Analysis | The Analysis object | string | -| Cuckoo.Task.Category | Category of task | string | -| Cuckoo.Task.Machine | Machine of task | string | -| Cuckoo.Task.Errors | Errors of task | string | -| Cuckoo.Task.Target | Target of task | string | -| Cuckoo.Task.Package | Package of task | string | -| Cuckoo.Task.SampleID | Sample ID of task | string | -| Cuckoo.Task.Guest | Task guest | string | -| Cuckoo.Task.Custom | Custom values of task | string | -| Cuckoo.Task.Owner | Task owner | string | -| Cuckoo.Task.Priority | Priority of task | string | -| Cuckoo.Task.Platform | Platform of task | string | -| Cuckoo.Task.Options | Task options | string | -| Cuckoo.Task.Status | Task status | string | -| Cuckoo.Task.EnforceTimeout | Is timeout of task enforced | string | -| Cuckoo.Task.Timeout | Task timeout | string | -| Cuckoo.Task.Memory | Task memory | string | -| Cuckoo.Task.Tags | Task tags | string | -| Cuckoo.Task.ID | ID of task | string | -| Cuckoo.Task.AddedOn | Date on which the task was added | string | -| Cuckoo.Task.CompletedOn | Date on which the task was completed | string | -| Cuckoo.Task.Score | Reported score of the the task | string | -| Cuckoo.Task.Monitor | Monitor of the reported task | string | +| Joe.Analysis.Status | Analysis Status. | string | +| File.Name | The file's name \(only in case of report type=json\). | string | +| File.SHA1 | SHA1 hash of the file. | string | +| File.SHA256 | SHA256 hash of the file. | string | +| File.Size | File size \(only in case of report type=json\). | number | +| File.Type | File type e.g. "PE" \(only in case of report type=json\). | string | +| File.Malicious | The File malicious description. | unknown | +| File.Malicious.Description | For malicious files, the reason for the vendor to make the decision. | string | +| File.Malicious.Vendor | For malicious files, the vendor that made the decision. | string | +| DBotScore | The Indicator's object. | unknown | +| DBotScore.Indicator | The indicator that was tested. | string | +| DBotScore.Score | The actual score. | number | +| DBotScore.Type | The type of the indicator. | string | +| DBotScore.Vendor | Vendor used to calculate the score. | string | +| IP.Address | IP's relevant to the sample. | string | +| DBotScore.Malicious.Vendor | Vendor used to calculate the score. | string | +| DBotScore.Malicious.Detections | The sub analysis detection statuses. | string | +| DBotScore.Malicious.SHA1 | The SHA1 of the file. | string | +| File | The File's object. | unknown | +| File.MD5 | MD5 hash of the file. | string | +| Joe.Analysis.SampleName | Sample Data, could be a file name or URL. | string | +| Joe.Analysis.Comments | Analysis Comments. | string | +| Joe.Analysis.Time | Submitted Time. | date | +| Joe.Analysis.Runs | Sub-Analysis Information. | unknown | +| Joe.Analysis.Result | Analysis Results. | string | +| Joe.Analysis.Errors | Raised errors during sampling. | unknown | +| Joe.Analysis.Systems | Analysis OS. | unknown | +| Joe.Analysis.MD5 | MD5 of analysis sample. | string | +| Joe.Analysis.SHA1 | SHA1 of analysis sample. | string | +| Joe.Analysis.SHA256 | SHA256 of analysis sample. | string | +| InfoFile.Name | FileName of the report file. | string | +| InfoFile.EntryID | The EntryID of the report file. | string | +| InfoFile.Size | File Size. | number | +| InfoFile.Type | File type e.g. "PE". | string | +| InfoFile.Info | Basic information of the file. | string | +| File.Extension | The extension of the file. | string | +| InfoFile | The report file's object. | unknown | +| WildFire.Report | The submission object. | unknown | +| WildFire.Report.Status | The status of the submission. | string | +| WildFire.Report.SHA256 | SHA256 of the submission. | string | +| WildFire.Report.MD5 | MD5 of the submission. | string | +| WildFire.Report.FileType | The type of the submission. | string | +| WildFire.Report.Size | The size of the submission. | number | +| Joe.Analysis | The Analysis object. | string | +| Cuckoo.Task.Category | Category of task. | string | +| Cuckoo.Task.Machine | Machine of task. | string | +| Cuckoo.Task.Errors | Errors of task. | string | +| Cuckoo.Task.Target | Target of task. | string | +| Cuckoo.Task.Package | Package of task. | string | +| Cuckoo.Task.SampleID | Sample ID of task. | string | +| Cuckoo.Task.Guest | Task guest. | string | +| Cuckoo.Task.Custom | Custom values of task. | string | +| Cuckoo.Task.Owner | Task owner. | string | +| Cuckoo.Task.Priority | Priority of task. | string | +| Cuckoo.Task.Platform | Platform of task. | string | +| Cuckoo.Task.Options | Task options. | string | +| Cuckoo.Task.Status | Task status. | string | +| Cuckoo.Task.EnforceTimeout | Is timeout of task enforced. | string | +| Cuckoo.Task.Timeout | Task timeout. | string | +| Cuckoo.Task.Memory | Task memory. | string | +| Cuckoo.Task.Tags | Task tags. | string | +| Cuckoo.Task.ID | ID of task. | string | +| Cuckoo.Task.AddedOn | Date on which the task was added. | string | +| Cuckoo.Task.CompletedOn | Date on which the task was completed. | string | +| Cuckoo.Task.Score | Reported score of the the task. | string | +| Cuckoo.Task.Monitor | Monitor of the reported task. | string | | ANYRUN.Task.AnalysisDate | Date and time the analysis was executed. | String | | ANYRUN.Task.Behavior.Category | Category of a process behavior. | String | | ANYRUN.Task.Behavior.Action | Actions performed by a process. | String | @@ -186,13 +186,13 @@ This playbook does not use any scripts. | ANYRUN.Task.Process.Version.Version | Version of the program executed. | String | | File.SSDeep | SSDeep hash of the file submitted for analysis. | String | | ANYRUN.Task.Status | Task analysis status. | String | -| VMRay.Job | The Job Object | unknown | +| VMRay.Job | The Job Object. | unknown | | VMRay.Job.JobID | The ID of a new job. | number | | VMRay.Job.SampleID | The ID of sample. | number | | VMRay.Job.Created | The timestamp of the created job. | date | | VMRay.Job.VMName | The name of virtual machine. | string | | VMRay.Job.VMID | The ID of virtual machine. | number | -| VMRay.Sample | The Sample For Analysis | unknown | +| VMRay.Sample | The Sample For Analysis. | unknown | | VMRay.Sample.SampleID | The sample ID of the task. | number | | VMRay.Sample.Created | The timestamp of the created sample. | date | | VMRay.Sample.FileName | The file name of the sample. | string | @@ -205,7 +205,7 @@ This playbook does not use any scripts. | VMRay.Sample.Severity | Severity of the sample \(Malicious, Suspicious, Good, Blacklisted, Whitelisted, Unknown\). Deprecated. | string | | VMRay.Sample.Type | The file type. | string | | VMRay.Sample.Classifications | The classifications of the sample. | string | -| VMRay.Submission | Submission Object | unknown | +| VMRay.Submission | Submission Object. | unknown | | VMRay.Submission.SubmissionID | The submission ID. | number | | VMRay.Submission.HadErrors | Whether there are any errors in the submission. | boolean | | VMRay.Submission.IsFinished | The status of submission. Can be, "true" or "false". | boolean | @@ -217,124 +217,124 @@ This playbook does not use any scripts. | VMRay.Submission.Severity | Severity of the sample \(Malicious, Suspicious, Good, Blacklisted, Whitelisted, Unknown\). Deprecated. | string | | VMRay.Submission.SSDeep | The SSDeep hash of the sample in submission. | string | | VMRay.Submission.SampleID | The ID of the sample in submission. | number | -| VMRay.Sample.IOC.File | File Object | unknown | +| VMRay.Sample.IOC.File | File Object. | unknown | | VMRay.Sample.IOC.File.AnalysisID | The IDs of other analyses that contain the given file. | number | | VMRay.Sample.IOC.File.Name | The name of the file. | string | | VMRay.Sample.IOC.File.Operation | The operation of the given file. | string | | VMRay.Sample.IOC.File.ID | The ID of the file. | number | | VMRay.Sample.IOC.File.Type | The type of the file. | string | -| VMRay.Sample.IOC.File.Hashes | File Hashes Object | unknown | +| VMRay.Sample.IOC.File.Hashes | File Hashes Object. | unknown | | VMRay.Sample.IOC.File.Hashes.MD5 | The MD5 hash of the given file. | string | | VMRay.Sample.IOC.File.Hashes.SSDeep | The SSDeep hash of the given file. | string | | VMRay.Sample.IOC.File.Hashes.SHA256 | The SHA256 hash of the given file. | string | | VMRay.Sample.IOC.File.Hashes.SHA1 | The SHA1 hash of the given file. | string | -| VMRay.Sample.IOC.URL | URL Object | unknown | +| VMRay.Sample.IOC.URL | URL Object. | unknown | | VMRay.Sample.IOC.URL.AnalysisID | The IDs of the other analyses that contain the given URL. | number | | VMRay.Sample.IOC.URL.URL | The URL. | string | | VMRay.Sample.IOC.URL.Operation | The operation of the specified URL. | string | | VMRay.Sample.IOC.URL.ID | The ID of the URL. | number | | VMRay.Sample.IOC.URL.Type | The type of the URL. | string | -| VMRay.Sample.IOC.Domain | Domain Object | unknown | +| VMRay.Sample.IOC.Domain | Domain Object. | unknown | | VMRay.Sample.IOC.Domain.AnalysisID | The IDs of the other analyses that contain the given domain. | number | | VMRay.Sample.IOC.Domain.Domain | The domain. | string | | VMRay.Sample.IOC.Domain.ID | The ID of the domain. | number | | VMRay.Sample.IOC.Domain.Type | The type of the domain. | string | -| VMRay.Sample.IOC.IP | IP Object | unknown | +| VMRay.Sample.IOC.IP | IP Object. | unknown | | VMRay.Sample.IOC.IP.AnalysisID | The IDs of the other analyses that contain the given IP address. | number | | VMRay.Sample.IOC.IP.IP | The IP address. | string | | VMRay.Sample.IOC.IP.Operation | The operation of the given IP address. | string | | VMRay.Sample.IOC.IP.ID | The ID of the IP address. | number | | VMRay.Sample.IOC.IP.Type | The type of the IP address. | string | -| VMRay.Sample.IOC.Mutex | Mutex Object | unknown | +| VMRay.Sample.IOC.Mutex | Mutex Object. | unknown | | VMRay.Sample.IOC.Mutex.AnalysisID | The IDs of other analyses that contain the given IP address. | number | | VMRay.Sample.IOC.Mutex.Name | The name of the mutex. | string | -| VMRay.Sample.IOC.Mutex.Operation | The operation of the given mutex | string | +| VMRay.Sample.IOC.Mutex.Operation | The operation of the given mutex. | string | | VMRay.Sample.IOC.Mutex.ID | The ID of the mutex. | number | | VMRay.Sample.IOC.Mutex.Type | The type of the mutex. | string | -| VMRay.ThreatIndicator | Indicator Object | unknown | +| VMRay.ThreatIndicator | Indicator Object. | unknown | | VMRay.ThreatIndicator.AnalysisID | The list of connected analysis IDs. | number | | VMRay.ThreatIndicator.Category | The category of threat indicators. | string | | VMRay.ThreatIndicator.Classification | The classifications of threat indicators. | string | | VMRay.ThreatIndicator.ID | The ID of the threat indicator. | number | | VMRay.ThreatIndicator.Operation | The operation that caused the indicators. | string | -| SecneurXAnalysis.Report.SHA256 | SHA256 value of the analyzed sample | string | -| SecneurXAnalysis.Report.Verdict | Summary result of the analyzed sample | string | -| SecneurXAnalysis.Report.Tags | More details of the analyzed sample | string | -| SecneurXAnalysis.Report.IOC | List of IOC's observed in the analyzed sample | string | -| SecneurXAnalysis.Report.Status | Analysis queued sample state | String | -| SecneurXAnalysis.Report.DnsRequests | List of DNS data observed in the analyzed sample | string | -| SecneurXAnalysis.Report.HttpRequests | List of HTTP data observed in the analyzed sample | string | -| SecneurXAnalysis.Report.JA3Digests | List of JA3 data observed in the analyzed sample | string | -| SecneurXAnalysis.Report.ProcessCreated | Process behaviour data observed in the analyzed sample | string | -| SecneurXAnalysis.Report.RegistrySet | List of Registry creations observed in the analyzed sample | string | -| SecneurXAnalysis.Report.RegistryDeleted | List of Registry deletions observed in the analyzed sample | string | -| SecneurXAnalysis.Report.FileCreated | List of File creations observed in the analyzed sample | string | -| SecneurXAnalysis.Report.FileDropped | List of File drops observed in the analyzed sample | string | -| SecneurXAnalysis.Report.FileDeleted | List of File deletions observed in the analyzed sample | string | -| SecneurXAnalysis.Report.FileModified | List of File changes observed in the analyzed sample | string | -| SecneurXAnalysis.Report.Platform | Platform of the analyzed sample | String | -| ATD.Task.taskId | The task ID of the sample uploaded | string | -| ATD.Task.jobId | The job ID of the sample uploaded | string | -| ATD.Task.messageId | The message Id relevant to the sample uploaded | string | -| ATD.Task.srcIp | Source IPv4 address | string | -| ATD.Task.destIp | Destination IPv4 address | string | -| ATD.Task.MD5 | MD5 of the sample uploaded | string | -| ATD.Task.SHA1 | SHA1 of the sample uploaded | string | -| ATD.Task.SHA256 | SHA256 of the sample uploaded | string | -| InfoFile.Extension | The extension of the report file | string | -| File.EntryID | The Entry ID of the sample | string | -| URL.Data | List of malicious URLs identified by Lastline analysis | string | -| URL.Malicious.Vendor | For malicious URLs, the vendor that made the decision | string | -| URL.Malicious.Description | For malicious URLs, the reason for the vendor to make the decision | string | -| URL.Malicious.Score | For malicious URLs, the score from the vendor | number | -| Lastline.Submission.Status | Status of the submission | string | -| Lastline.Submission.DNSqueries | List of DNS queries done by the analysis subject | string | -| Lastline.Submission.NetworkConnections | ist of network connections done by the analysis subject | string | +| SecneurXAnalysis.Report.SHA256 | SHA256 value of the analyzed sample. | string | +| SecneurXAnalysis.Report.Verdict | Summary result of the analyzed sample. | string | +| SecneurXAnalysis.Report.Tags | More details of the analyzed sample. | string | +| SecneurXAnalysis.Report.IOC | List of IOC's observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.Status | Analysis queued sample state. | String | +| SecneurXAnalysis.Report.DnsRequests | List of DNS data observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.HttpRequests | List of HTTP data observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.JA3Digests | List of JA3 data observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.ProcessCreated | Process behaviour data observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.RegistrySet | List of Registry creations observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.RegistryDeleted | List of Registry deletions observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.FileCreated | List of File creations observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.FileDropped | List of File drops observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.FileDeleted | List of File deletions observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.FileModified | List of File changes observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.Platform | Platform of the analyzed sample. | String | +| ATD.Task.taskId | The task ID of the sample uploaded. | string | +| ATD.Task.jobId | The job ID of the sample uploaded. | string | +| ATD.Task.messageId | The message Id relevant to the sample uploaded. | string | +| ATD.Task.srcIp | Source IPv4 address. | string | +| ATD.Task.destIp | Destination IPv4 address. | string | +| ATD.Task.MD5 | MD5 of the sample uploaded. | string | +| ATD.Task.SHA1 | SHA1 of the sample uploaded. | string | +| ATD.Task.SHA256 | SHA256 of the sample uploaded. | string | +| InfoFile.Extension | The extension of the report file. | string | +| File.EntryID | The Entry ID of the sample. | string | +| URL.Data | List of malicious URLs identified by Lastline analysis. | string | +| URL.Malicious.Vendor | For malicious URLs, the vendor that made the decision. | string | +| URL.Malicious.Description | For malicious URLs, the reason for the vendor to make the decision. | string | +| URL.Malicious.Score | For malicious URLs, the score from the vendor. | number | +| Lastline.Submission.Status | Status of the submission. | string | +| Lastline.Submission.DNSqueries | List of DNS queries done by the analysis subject. | string | +| Lastline.Submission.NetworkConnections | ist of network connections done by the analysis subject. | string | | Lastline.Submission.DownloadedFiles | List of files that were downloaded using the Microsoft Windows file-download API functions. Each element is a tuple of file-origin URL and a File element. | string | -| Lastline.Submission.UUID | Task UUID of submitted sample | number | -| Lastline.Submission.YaraSignatures.name | Yara signatures name | string | +| Lastline.Submission.UUID | Task UUID of submitted sample. | number | +| Lastline.Submission.YaraSignatures.name | Yara signatures name. | string | | Lastline.Submission.YaraSignatures.score | The score according to the yara signatures. from 0 to 100. | number | -| Lastline.Submission.YaraSignatures.internal | True if the signature is only for internal usage | boolean | -| Lastline.Submission.Process.arguments | Argument of the process | string | -| Lastline.Submission.Process.process_id | The process ID | string | -| Lastline.Submission.Process.executable.abs_path | Absolute path of the executable of the process | string | -| Lastline.Submission.Process.executable.filename | Filename of the executable | string | -| Lastline.Submission.Process.executable.yara_signature_hits | Yara signature of the executable of the process | string | -| Lastline.Submission.Process.executable.ext_info | Executable info of the process | string | -| Joe.Analysis.ID | Web ID | string | -| Domain.Name | The Domain name | string | +| Lastline.Submission.YaraSignatures.internal | True if the signature is only for internal usage. | boolean | +| Lastline.Submission.Process.arguments | Argument of the process. | string | +| Lastline.Submission.Process.process_id | The process ID. | string | +| Lastline.Submission.Process.executable.abs_path | Absolute path of the executable of the process. | string | +| Lastline.Submission.Process.executable.filename | Filename of the executable. | string | +| Lastline.Submission.Process.executable.yara_signature_hits | Yara signature of the executable of the process. | string | +| Lastline.Submission.Process.executable.ext_info | Executable info of the process. | string | +| Joe.Analysis.ID | Web ID. | string | +| Domain.Name | The Domain name. | string | | Domain.DNS | A list of IP objects resolved by DNS. | string | -| RegistryKey.Path | The path to the registry key | string | +| RegistryKey.Path | The path to the registry key. | string | | RegistryKey.Value | The value at the given RegistryKey. | string | -| Process.Name | Process name | string | -| Process.PID | Process PID | number | -| Process.CommandLine | Process Command Line | string | -| Process.Path | Process path | string | -| Process.StartTime | Process start time | date | -| Process.EndTime | Process end time | date | -| Polygon.Analysis.ID | Analysis ID in THF | number | -| Polygon.Analysis.Name | File Name | string | -| Polygon.Analysis.Size | File Size | number | -| Polygon.Analysis.Started | Analysis start timestamp | date | -| Polygon.Analysis.Analyzed | Analysis finish timestamp | date | -| Polygon.Analysis.MD5 | Analyzed file MD5 hash | string | -| Polygon.Analysis.SHA1 | Analyzed file SHA1 hash | string | -| Polygon.Analysis.SHA256 | Analyzed file SHA256 | string | -| Polygon.Analysis.Result | Analysis verdict | string | -| Polygon.Analysis.Status | The analysis status | string | -| Polygon.Analysis.Verdict | Analysis verdict | boolean | -| Polygon.Analysis.Probability | Verdict probability | string | -| Polygon.Analysis.Families | Malware families | string | -| Polygon.Analysis.Score | Polygon score | number | -| Polygon.Analysis.Internet-connection | Internet availability | string | -| Polygon.Analysis.Type | File type | string | -| Polygon.Analysis.DumpExists | Network activity dump exists | boolean | -| Polygon.Analysis.File | The information about files in analysis | string | -| Polygon.Analysis.URL | The information about URL indicators | string | -| Polygon.Analysis.IP | The information about IP indicators | string | -| Polygon.Analysis.Domain | The information about Domain indicators | string | -| Polygon.Analysis.RegistryKey | The information about registry keys which were modified during the analysis | string | -| Polygon.Analysis.Process | The information about processes started during the analysis | string | +| Process.Name | Process name. | string | +| Process.PID | Process PID. | number | +| Process.CommandLine | Process Command Line. | string | +| Process.Path | Process path. | string | +| Process.StartTime | Process start time. | date | +| Process.EndTime | Process end time. | date | +| Polygon.Analysis.ID | Analysis ID in THF. | number | +| Polygon.Analysis.Name | File Name. | string | +| Polygon.Analysis.Size | File Size. | number | +| Polygon.Analysis.Started | Analysis start timestamp. | date | +| Polygon.Analysis.Analyzed | Analysis finish timestamp. | date | +| Polygon.Analysis.MD5 | Analyzed file MD5 hash. | string | +| Polygon.Analysis.SHA1 | Analyzed file SHA1 hash. | string | +| Polygon.Analysis.SHA256 | Analyzed file SHA256. | string | +| Polygon.Analysis.Result | Analysis verdict. | string | +| Polygon.Analysis.Status | The analysis status. | string | +| Polygon.Analysis.Verdict | Analysis verdict. | boolean | +| Polygon.Analysis.Probability | Verdict probability. | string | +| Polygon.Analysis.Families | Malware families. | string | +| Polygon.Analysis.Score | Polygon score. | number | +| Polygon.Analysis.Internet-connection | Internet availability. | string | +| Polygon.Analysis.Type | File type. | string | +| Polygon.Analysis.DumpExists | Network activity dump exists. | boolean | +| Polygon.Analysis.File | The information about files in analysis. | string | +| Polygon.Analysis.URL | The information about URL indicators. | string | +| Polygon.Analysis.IP | The information about IP indicators. | string | +| Polygon.Analysis.Domain | The information about Domain indicators. | string | +| Polygon.Analysis.RegistryKey | The information about registry keys which were modified during the analysis. | string | +| Polygon.Analysis.Process | The information about processes started during the analysis. | string | | csfalconx.resource.id | Analysis ID. | String | | csfalconx.resource.verdict | Analysis verdict. | String | | csfalconx.resource.created_timestamp | Analysis start time. | String | @@ -355,22 +355,22 @@ This playbook does not use any scripts. | csfalconx.resource.ioc_report_broad_maec_artifact_id | ID of the IOC pack to download \(MAEC\). | String | | csfalconx.resource.snadbox.environment_description | Environment description. | String | | OPSWAT.Filescan.Submission.flow_id | The flow ID. | string | -| OPSWAT.Filescan.Analysis.finalVerdict.verdict | The final verdict | string | -| OPSWAT.Filescan.Analysis.allTags | All tags | string | -| OPSWAT.Filescan.Analysis.overallState | Overall state of the scan | string | -| OPSWAT.Filescan.Analysis.subtaskReferences | Status of scan subtasks | string | -| OPSWAT.Filescan.Analysis.allSignalGroups | All signal groups | string | -| OPSWAT.Filescan.Analysis.resources | Resources | string | -| OPSWAT.Filescan.Analysis.taskReference.name | Name of the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.additionalInfo | Additional informations about the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.ID | ID of the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.state | State of the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.resourceReference | Resource reference of the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.opcount | Counter | string | -| OPSWAT.Filescan.Analysis.taskReference.processTime | processTime | string | -| OPSWAT.Filescan.Analysis.file.name | The name of the file | unknown | -| OPSWAT.Filescan.Analysis.file.hash | The SHA256 of the file | unknown | -| OPSWAT.Filescan.Analysis.file.type | The type of the submission | unknown | +| OPSWAT.Filescan.Analysis.finalVerdict.verdict | The final verdict. | string | +| OPSWAT.Filescan.Analysis.allTags | All tags. | string | +| OPSWAT.Filescan.Analysis.overallState | Overall state of the scan. | string | +| OPSWAT.Filescan.Analysis.subtaskReferences | Status of scan subtasks. | string | +| OPSWAT.Filescan.Analysis.allSignalGroups | All signal groups. | string | +| OPSWAT.Filescan.Analysis.resources | Resources. | string | +| OPSWAT.Filescan.Analysis.taskReference.name | Name of the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.additionalInfo | Additional informations about the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.ID | ID of the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.state | State of the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.resourceReference | Resource reference of the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.opcount | Counter. | string | +| OPSWAT.Filescan.Analysis.taskReference.processTime | processTime. | string | +| OPSWAT.Filescan.Analysis.file.name | The name of the file. | unknown | +| OPSWAT.Filescan.Analysis.file.hash | The SHA256 of the file. | unknown | +| OPSWAT.Filescan.Analysis.file.type | The type of the submission. | unknown | ## Playbook Image diff --git a/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml b/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml index 5615aad6558a..64cf166823e3 100644 --- a/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml +++ b/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5.yml @@ -1,5 +1,7 @@ id: Detonate URL - Generic v1.5 version: -1 +contentitemexportablefields: + contentitemfields: {} name: Detonate URL - Generic v1.5 description: |- Detonate URL through one or more active integrations that support URL detonation. @@ -21,7 +23,7 @@ description: |- - ANYRUN - VirusTotal - Anomali ThreatStream - - Hatching Triage + - Hatching Triage. starttaskid: "0" tasks: "0": @@ -54,26 +56,39 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "3": - id: "3" + "1": + id: "1" taskid: 7631e811-c7ae-4c2b-895b-793922894b45 - type: playbook + type: condition task: id: 7631e811-c7ae-4c2b-895b-793922894b45 version: -1 - name: Detonate URL - ThreatGrid v2 - description: Detonate one or more URLs using the ThreatGrid integration. - type: playbook + name: Check if URL exists + description: Checks if there is a URL to detonate. + type: condition iscommand: false brand: "" - playbookName: Detonate URL - ThreatGrid v2 - separatecontext: true + nexttasks: + '#default#': + - "20" + "yes": + - "2" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + complex: + root: inputs.URL + iscontext: true continueonerrortype: "" view: |- { "position": { - "x": -2910, - "y": 510 + "x": 450, + "y": 180 } } note: false @@ -83,77 +98,62 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - nexttasks: - '#none#': - - "20" - scriptarguments: - URL: - complex: - root: inputs.URL - transformers: - - operator: uniq - interval: - simple: "10" - timeout: - simple: "60" - loop: - iscommand: false - exitCondition: "" - wait: 1 - max: 100 - "12": - id: "12" + "2": + id: "2" taskid: 3868d472-e5f4-4714-8c58-5c8f95d6b626 - type: playbook + type: title task: id: 3868d472-e5f4-4714-8c58-5c8f95d6b626 version: -1 - name: Detonate URL - VirusTotal (API v3) - description: Detonate URL through VirusTotal (API v3) integration. - playbookName: Detonate URL - VirusTotal (API v3) - type: playbook + name: Detonate URL + type: title iscommand: false brand: "" + description: '' nexttasks: '#none#': - - "20" - scriptarguments: - URL: - complex: - root: inputs.URL - transformers: - - operator: uniq - separatecontext: true + - "3" + - "4" + - "5" + - "6" + - "7" + - "8" + - "9" + - "11" + - "12" + - "13" + - "14" + - "15" + - "16" + - "17" + - "19" + - "21" + separatecontext: false continueonerrortype: "" - loop: - iscommand: false - exitCondition: "" - wait: 1 - max: 100 view: |- { "position": { - "x": 870, - "y": 510 + "x": 450, + "y": 370 } } note: false timertriggers: [] ignoreworker: false - skipunavailable: true + skipunavailable: false quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "15": - id: "15" - taskid: 153f7c5c-e457-4b7f-8da8-d2b332bbdf7c + "3": + id: "3" + taskid: 7631e811-c7ae-4c2b-895b-793922894b45 type: playbook task: - id: 153f7c5c-e457-4b7f-8da8-d2b332bbdf7c + id: 7631e811-c7ae-4c2b-895b-793922894b45 version: -1 - name: Detonate URL - FireEye AX - description: Detonating URL with FireEye AX. - playbookName: Detonate URL - FireEye AX + name: Detonate URL - ThreatGrid v2 + description: Detonate one or more URLs using the ThreatGrid integration. + playbookName: Detonate URL - ThreatGrid v2 type: playbook iscommand: false brand: "" @@ -167,9 +167,9 @@ tasks: transformers: - operator: uniq interval: - simple: "1" + simple: "10" timeout: - simple: "30" + simple: "60" separatecontext: true continueonerrortype: "" loop: @@ -180,7 +180,7 @@ tasks: view: |- { "position": { - "x": 2130, + "x": -2500, "y": 510 } } @@ -191,16 +191,16 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "16": - id: "16" + "4": + id: "4" taskid: f880c851-c874-4f45-8e30-a31dcd6bd034 type: playbook task: id: f880c851-c874-4f45-8e30-a31dcd6bd034 version: -1 - name: Detonate URL - Hatching Triage - description: Detonating URL with Hatching Triage. - playbookName: Detonate URL - Hatching Triage + name: Detonate URL - McAfee ATD + description: Detonates a URL using the McAfee Advanced Threat Defense sandbox integration. + playbookName: Detonate URL - McAfee ATD type: playbook iscommand: false brand: "" @@ -208,15 +208,15 @@ tasks: '#none#': - "20" scriptarguments: + Interval: + simple: "1" + Timeout: + simple: "15" URL: complex: root: inputs.URL transformers: - operator: uniq - interval: - simple: "1" - timeout: - simple: "10" separatecontext: true continueonerrortype: "" loop: @@ -227,7 +227,7 @@ tasks: view: |- { "position": { - "x": 2550, + "x": -2090, "y": 510 } } @@ -238,51 +238,36 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "17": - id: "17" - taskid: 2c83e44b-3ff6-4494-8c99-45870d2b5630 - type: playbook + "5": + id: "5" + taskid: f2828581-9807-4f24-883e-130c0ca7fec6 + type: regular task: - id: 2c83e44b-3ff6-4494-8c99-45870d2b5630 + id: f2828581-9807-4f24-883e-130c0ca7fec6 version: -1 - name: Detonate URL - SecneurX Analysis - description: Detonates a URL using the SecneurX Analysis integration. Returns relevant reports to the War Room and file reputations to the context data. - playbookName: Detonate URL - SecneurX Analysis - type: playbook - iscommand: false + name: Detonate URL - JoeSecurity + description: Submit a URL for sandbox analysis. + script: '|||joe-submit-url' + type: regular + iscommand: true brand: "" nexttasks: '#none#': - "20" scriptarguments: - URL: + timeout: + simple: "60" + url: complex: root: inputs.URL transformers: - operator: uniq - Duration: - simple: "120" - Interval: - simple: "1" - Priority: - simple: High - Reboot: - simple: "False" - ReportFormat: - simple: json - Timeout: - simple: "15" - separatecontext: true + separatecontext: false continueonerrortype: "" - loop: - iscommand: false - exitCondition: "" - wait: 1 - max: 100 view: |- { "position": { - "x": 2970, + "x": -1670, "y": 510 } } @@ -293,19 +278,19 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "18": - id: "18" - taskid: 58587e54-ee47-45a0-8d1c-f662618448db + "6": + id: "6" + taskid: 20b9f2f5-0bf3-4990-8035-75e2ee5576f7 type: playbook task: - id: 58587e54-ee47-45a0-8d1c-f662618448db + id: 20b9f2f5-0bf3-4990-8035-75e2ee5576f7 version: -1 - name: Detonate URL - CrowdStrike Falcon Intelligence Sandbox - playbookName: Detonate URL - CrowdStrike Falcon Intelligence Sandbox + name: Detonate URL - Lastline v2 + description: Detonates a URL using the Lastline sandbox integration. + playbookName: Detonate URL - Lastline v2 type: playbook iscommand: false brand: "" - description: 'Detonate one or more files using the CrowdStrike Falcon Intelligence Sandbox integration. This playbook returns relevant reports to the War Room and file reputations to the context data.' nexttasks: '#none#': - "20" @@ -313,9 +298,7 @@ tasks: Interval: simple: "1" Timeout: - simple: "30" - Full Report: - simple: "True" + simple: "15" URL: complex: root: inputs.URL @@ -331,7 +314,7 @@ tasks: view: |- { "position": { - "x": 3390, + "x": -1250, "y": 510 } } @@ -342,34 +325,43 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "19": - id: "19" + "7": + id: "7" taskid: 36274297-5bc4-4f17-8f71-eace307e6ffd - type: regular + type: playbook task: id: 36274297-5bc4-4f17-8f71-eace307e6ffd version: -1 - name: Detonate URL - OPSWAT - description: Scan URL resource. - script: '|||opswat-filescan-scan-url' - type: regular - iscommand: true + name: Detonate URL - Cuckoo + description: Detonate a URL with Cuckoo. + playbookName: Detonate URL - Cuckoo + type: playbook + iscommand: false brand: "" nexttasks: '#none#': - "20" scriptarguments: - url: + URL: complex: root: inputs.URL transformers: - operator: uniq - separatecontext: false + interval: + simple: "1" + timeout: + simple: "10" + separatecontext: true continueonerrortype: "" + loop: + iscommand: false + exitCondition: "" + wait: 1 + max: 100 view: |- { "position": { - "x": 3810, + "x": -830, "y": 510 } } @@ -380,105 +372,65 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "1": - id: "1" + "8": + id: "8" taskid: 48e0c334-003e-4e26-80df-808e542ad988 - type: condition + type: playbook task: id: 48e0c334-003e-4e26-80df-808e542ad988 version: -1 - name: Check if URL exists - description: Checks if there is a URL to detonate. - type: condition + name: Detonate URL - ANYRUN + description: |- + Detonates one or more URLs using the ANYRUN sandbox integration. + Returns relevant reports to the War Room and URL reputations to the context data. + playbookName: Detonate URL - ANYRUN + type: playbook iscommand: false brand: "" nexttasks: - '#default#': + '#none#': - "20" - "yes": - - "2" - separatecontext: false - conditions: - - label: "yes" - condition: - - - operator: isNotEmpty - left: - value: - complex: - root: inputs.URL - iscontext: true + scriptarguments: + Interval: + simple: "1" + Timeout: + simple: "15" + URL: + complex: + root: inputs.URL + transformers: + - operator: uniq + separatecontext: true continueonerrortype: "" - view: |- - { - "position": { - "x": 450, - "y": 180 - } - } - note: false - timertriggers: [] - ignoreworker: false - skipunavailable: false - quietmode: 0 - isoversize: false - isautoswitchedtoquietmode: false - "2": - id: "2" - taskid: 3a4cc8fa-0f1f-4ecd-8661-7f3ec742964e - type: title - task: - id: 3a4cc8fa-0f1f-4ecd-8661-7f3ec742964e - version: -1 - name: Detonate URL - type: title + loop: iscommand: false - brand: "" - description: '' - nexttasks: - '#none#': - - "3" - - "4" - - "5" - - "10" - - "6" - - "7" - - "8" - - "9" - - "11" - - "12" - - "13" - - "14" - - "15" - - "16" - - "17" - - "18" - - "19" - separatecontext: false - continueonerrortype: "" + exitCondition: "" + wait: 1 + max: 100 view: |- { "position": { - "x": 450, - "y": 370 + "x": -420, + "y": 510 } } note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "4": - id: "4" + "9": + id: "9" taskid: e96e1ea1-83b9-45e7-8838-4417978b24d5 type: playbook task: id: e96e1ea1-83b9-45e7-8838-4417978b24d5 version: -1 - name: Detonate URL - McAfee ATD - description: Detonates a URL using the McAfee Advanced Threat Defense sandbox integration. - playbookName: Detonate URL - McAfee ATD + name: Detonate URL - Group-IB TDS Polygon + description: Detonate URL using Group-IB THF Polygon integration. + playbookName: Detonate URL - Group-IB TDS Polygon type: playbook iscommand: false brand: "" @@ -489,8 +441,8 @@ tasks: Interval: simple: "1" Timeout: - simple: "15" - URL: + simple: "60" + url: complex: root: inputs.URL transformers: @@ -505,7 +457,7 @@ tasks: view: |- { "position": { - "x": -2490, + "x": 10, "y": 510 } } @@ -516,16 +468,16 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "5": - id: "5" + "11": + id: "11" taskid: f2828581-9807-4f24-883e-130c0ca7fec6 type: regular task: id: f2828581-9807-4f24-883e-130c0ca7fec6 version: -1 - name: Detonate URL - JoeSecurity - description: Submit an URL for sandbox analysis. - script: '|||joe-submit-url' + name: Detonate URL - WildFire + description: Uploads a URL of a webpage to WildFire for analysis. + script: '|||wildfire-upload-url' type: regular iscommand: true brand: "" @@ -533,19 +485,21 @@ tasks: '#none#': - "20" scriptarguments: - timeout: - simple: "60" - url: + polling: + simple: "true" + upload: complex: root: inputs.URL transformers: - operator: uniq + verbose: + simple: "true" separatecontext: false continueonerrortype: "" view: |- { "position": { - "x": -2070, + "x": 450, "y": 510 } } @@ -556,16 +510,16 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "6": - id: "6" - taskid: 20b9f2f5-0bf3-4990-8035-75e2ee5576f7 + "12": + id: "12" + taskid: 3868d472-e5f4-4714-8c58-5c8f95d6b626 type: playbook task: - id: 20b9f2f5-0bf3-4990-8035-75e2ee5576f7 + id: 3868d472-e5f4-4714-8c58-5c8f95d6b626 version: -1 - name: Detonate URL - Lastline v2 - description: Detonates a URL using the Lastline sandbox integration. - playbookName: Detonate URL - Lastline v2 + name: Detonate URL - VirusTotal (API v3) + description: Detonate URL through VirusTotal (API v3) integration. + playbookName: Detonate URL - VirusTotal (API v3) type: playbook iscommand: false brand: "" @@ -573,10 +527,6 @@ tasks: '#none#': - "20" scriptarguments: - Interval: - simple: "1" - Timeout: - simple: "15" URL: complex: root: inputs.URL @@ -592,7 +542,7 @@ tasks: view: |- { "position": { - "x": -1650, + "x": 870, "y": 510 } } @@ -603,16 +553,16 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "7": - id: "7" + "13": + id: "13" taskid: bf8eaa1a-576f-4ab3-89b7-e383180a536c type: playbook task: id: bf8eaa1a-576f-4ab3-89b7-e383180a536c version: -1 - name: Detonate URL - Cuckoo - description: Detonating URL with Cuckoo - playbookName: Detonate URL - Cuckoo + name: Detonate URL - VMRay + description: Detonates a URL using the VMRay sandbox integration. + playbookName: Detonate URL - VMRay type: playbook iscommand: false brand: "" @@ -639,7 +589,7 @@ tasks: view: |- { "position": { - "x": -1230, + "x": 1290, "y": 510 } } @@ -650,18 +600,18 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "8": - id: "8" + "14": + id: "14" taskid: d1eb756a-f615-40b1-80fe-88179b28a4ac type: playbook task: id: d1eb756a-f615-40b1-80fe-88179b28a4ac version: -1 - name: Detonate URL - ANYRUN + name: Detonate URL - ThreatStream description: |- - Detonates one or more URLs using the ANYRUN sandbox integration. - Returns relevant reports to the War Room and url reputations to the context data. - playbookName: Detonate URL - ANYRUN + Detonates one or more URLs using the Anomali ThreatStream v2 sandbox integration. + Returns relevant reports to the War Room and URL reputations to the context data. + playbookName: Detonate URL - ThreatStream type: playbook iscommand: false brand: "" @@ -670,9 +620,9 @@ tasks: - "20" scriptarguments: Interval: - simple: "1" + simple: "5" Timeout: - simple: "15" + simple: "120" URL: complex: root: inputs.URL @@ -688,7 +638,7 @@ tasks: view: |- { "position": { - "x": -810, + "x": 1710, "y": 510 } } @@ -699,16 +649,16 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "9": - id: "9" + "15": + id: "15" taskid: aaaae5ac-95e9-4542-81c2-a3f634f13437 type: playbook task: id: aaaae5ac-95e9-4542-81c2-a3f634f13437 version: -1 - name: Detonate URL - Group-IB TDS Polygon - description: Detonate URL using Group-IB THF Polygon integration. - playbookName: Detonate URL - Group-IB TDS Polygon + name: Detonate URL - FireEye AX + description: Detonates a URL with FireEye AX. + playbookName: Detonate URL - FireEye AX type: playbook iscommand: false brand: "" @@ -716,15 +666,15 @@ tasks: '#none#': - "20" scriptarguments: - Interval: - simple: "1" - Timeout: - simple: "60" - url: + URL: complex: root: inputs.URL transformers: - operator: uniq + interval: + simple: "1" + timeout: + simple: "30" separatecontext: true continueonerrortype: "" loop: @@ -735,7 +685,7 @@ tasks: view: |- { "position": { - "x": -390, + "x": 2130, "y": 510 } } @@ -746,80 +696,43 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "10": - id: "10" + "16": + id: "16" taskid: bd03837d-6714-4e64-8afb-99aa81aeb6b5 - type: regular + type: playbook task: id: bd03837d-6714-4e64-8afb-99aa81aeb6b5 version: -1 - name: Detonate URL - CrowdStrike Falcon Intelligence Sandbox - description: Submits a URL for analysis. - script: '|||cs-falcon-sandbox-submit-url' - type: regular - iscommand: true - brand: "" - nexttasks: - '#none#': - - "20" - scriptarguments: - environmentID: - simple: "100" - polling: - simple: "true" - url: - complex: - root: inputs.URL - transformers: - - operator: uniq - separatecontext: false - continueonerrortype: "" - view: |- - { - "position": { - "x": 30, - "y": 510 - } - } - note: false - timertriggers: [] - ignoreworker: false - skipunavailable: true - quietmode: 0 - isoversize: false - isautoswitchedtoquietmode: false - "11": - id: "11" - taskid: e103cfd4-741c-4807-85af-f064c2b4de06 - type: regular - task: - id: e103cfd4-741c-4807-85af-f064c2b4de06 - version: -1 - name: Detonate URL - WildFire - description: Uploads a URL of a webpage to WildFire for analysis. - script: '|||wildfire-upload-url' - type: regular - iscommand: true + name: Detonate URL - Hatching Triage + description: Detonates a URL with Hatching Triage. + playbookName: Detonate URL - Hatching Triage + type: playbook + iscommand: false brand: "" nexttasks: '#none#': - "20" scriptarguments: - polling: - simple: "true" - upload: + URL: complex: root: inputs.URL transformers: - operator: uniq - verbose: - simple: "true" - separatecontext: false + interval: + simple: "1" + timeout: + simple: "10" + separatecontext: true continueonerrortype: "" + loop: + iscommand: false + exitCondition: "" + wait: 1 + max: 100 view: |- { "position": { - "x": 450, + "x": 2550, "y": 510 } } @@ -830,16 +743,16 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "13": - id: "13" + "17": + id: "17" taskid: 8139a6d0-05e9-4633-8c60-b840a51c7e11 type: playbook task: id: 8139a6d0-05e9-4633-8c60-b840a51c7e11 version: -1 - name: Detonate URL - VMRay - description: Detonates a URL using the VMRay sandbox integration. - playbookName: Detonate URL - VMRay + name: Detonate URL - SecneurX Analysis + description: Detonates a URL using the SecneurX Analysis integration. Returns relevant reports to the War Room and file reputations to the context data. + playbookName: Detonate URL - SecneurX Analysis type: playbook iscommand: false brand: "" @@ -847,15 +760,23 @@ tasks: '#none#': - "20" scriptarguments: + Duration: + simple: "120" + Interval: + simple: "1" + Priority: + simple: High + Reboot: + simple: "False" + ReportFormat: + simple: json + Timeout: + simple: "15" URL: complex: root: inputs.URL transformers: - operator: uniq - interval: - simple: "1" - timeout: - simple: "10" separatecontext: true continueonerrortype: "" loop: @@ -866,7 +787,7 @@ tasks: view: |- { "position": { - "x": 1290, + "x": 2970, "y": 510 } } @@ -877,45 +798,34 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "14": - id: "14" + "19": + id: "19" taskid: c54ae675-b7ba-48fb-8669-1a220aeacbed - type: playbook + type: regular task: id: c54ae675-b7ba-48fb-8669-1a220aeacbed version: -1 - name: Detonate URL - ThreatStream - description: |- - Detonates one or more URLs using the Anomali ThreatStream v2 sandbox integration. - Returns relevant reports to the War Room and URL reputations to the context data. - playbookName: Detonate URL - ThreatStream - type: playbook - iscommand: false + name: Detonate URL - OPSWAT + description: Scan URL resource. + script: '|||opswat-filescan-scan-url' + type: regular + iscommand: true brand: "" nexttasks: '#none#': - "20" scriptarguments: - Interval: - simple: "5" - Timeout: - simple: "120" - URL: + url: complex: root: inputs.URL transformers: - operator: uniq - separatecontext: true + separatecontext: false continueonerrortype: "" - loop: - iscommand: false - exitCondition: "" - wait: 1 - max: 100 view: |- { "position": { - "x": 1710, + "x": 3810, "y": 510 } } @@ -954,6 +864,55 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false + "21": + id: "21" + taskid: 60bd5acb-bfa4-411c-89bb-c07a71574ebf + type: playbook + task: + id: 60bd5acb-bfa4-411c-89bb-c07a71574ebf + version: -1 + name: Detonate URL - CrowdStrike Falcon Intelligence Sandbox v2 + description: Detonate one or more URLs using the CrowdStrike Falcon Intelligence Sandbox integration. This playbook returns relevant reports to the War Room and file reputations to the context data. + playbookName: Detonate URL - CrowdStrike Falcon Intelligence Sandbox v2 + type: playbook + iscommand: false + brand: "" + nexttasks: + '#none#': + - "20" + scriptarguments: + Full Report: + simple: "True" + Interval: + simple: "1" + Timeout: + simple: "10" + URL: + complex: + root: inputs.URL + transformers: + - operator: uniq + separatecontext: true + continueonerrortype: "" + loop: + iscommand: false + exitCondition: "" + wait: 1 + max: 100 + view: |- + { + "position": { + "x": 3380, + "y": 510 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: true + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false view: |- { "linkLabelsPosition": { @@ -962,8 +921,8 @@ view: |- "paper": { "dimensions": { "height": 705, - "width": 7100, - "x": -2910, + "width": 6690, + "x": -2500, "y": 50 } } @@ -981,115 +940,115 @@ inputs: playbookInputQuery: outputs: - contextPath: ThreatGrid.Sample.id - description: The sample id + description: The sample id. type: string - contextPath: ThreatGrid.Sample.filename - description: The sample filename + description: The sample filename. type: string - contextPath: ThreatGrid.Sample.state - description: The state of the sample, one of a stable set of strings "wait, prep, run, proc, succ, fail" + description: The state of the sample, one of a stable set of strings "wait, prep, run, proc, succ, fail". type: string - contextPath: ThreatGrid.Sample.status - description: The sample status + description: The sample status. type: string - contextPath: ThreatGrid.Sample.md5 - description: The sample md5 + description: The sample md5. type: string - contextPath: ThreatGrid.Sample.sha1 - description: The sample sha1 + description: The sample sha1. type: string - contextPath: ThreatGrid.Sample.sha256 - description: The sample sha256 + description: The sample sha256. type: string - contextPath: ThreatGrid.Sample.os - description: The sample os + description: The sample os. type: string - contextPath: ThreatGrid.Sample.submitted_at - description: The sample submission time + description: The sample submission time. type: string - contextPath: ATD.Task.taskId - description: The task ID of the sample uploaded + description: The task ID of the sample uploaded. type: string - contextPath: ATD.Task.jobId - description: The job ID of the sample uploaded + description: The job ID of the sample uploaded. type: string - contextPath: ATD.Task.messageId - description: The message Id relevant to the sample uploaded + description: The message Id relevant to the sample uploaded. type: string - contextPath: ATD.Task.url - description: The URL detonated + description: The URL detonated. type: string - contextPath: ATD.Task.srcIp - description: Source IPv4 address + description: Source IPv4 address. type: string - contextPath: ATD.Task.destIp - description: Destination IPv4 address + description: Destination IPv4 address. type: string - contextPath: ATD.Task.MD5 - description: MD5 of the sample uploaded + description: MD5 of the sample uploaded. type: string - contextPath: ATD.Task.SHA1 - description: SHA1 of the sample uploaded + description: SHA1 of the sample uploaded. type: string - contextPath: ATD.Task.SHA256 - description: SHA256 of the sample uploaded + description: SHA256 of the sample uploaded. type: string - contextPath: File.Name - description: Filename (only in case of report type=json) + description: Filename (only in case of report type=json). type: string - contextPath: File.Type - description: File type e.g. "PE" (only in case of report type=json) + description: File type e.g. "PE" (only in case of report type=json). type: string - contextPath: File.MD5 - description: MD5 hash of the file (only in case of report type=json) + description: MD5 hash of the file (only in case of report type=json). type: string - contextPath: File.SHA1 - description: SHA1 hash of the file (only in case of report type=json) + description: SHA1 hash of the file (only in case of report type=json). type: string - contextPath: File.SHA256 - description: SHA256 hash of the file (only in case of report type=json) + description: SHA256 hash of the file (only in case of report type=json). type: string - contextPath: File.EntryID - description: The Entry ID of the sample + description: The Entry ID of the sample. type: string - contextPath: File.Malicious - description: File Malicious object + description: File Malicious object. type: unknown - contextPath: DBotScore.Indicator - description: The indicator we tested (only in case of report type=json) + description: The indicator we tested (only in case of report type=json). type: string - contextPath: DBotScore.Type - description: The type of the indicator (only in case of report type=json) + description: The type of the indicator (only in case of report type=json). type: string - contextPath: DBotScore.Vendor - description: Vendor used to calculate the score (only in case of report type=json) + description: Vendor used to calculate the score (only in case of report type=json). type: string - contextPath: DBotScore.Score - description: The actual score (only in case of report type=json) + description: The actual score (only in case of report type=json). type: number - contextPath: IP.Address - description: IP's relevant to the sample + description: IP's relevant to the sample. type: string - contextPath: InfoFile.EntryID - description: The EntryID of the report file + description: The EntryID of the report file. type: string - contextPath: InfoFile.Extension - description: The extension of the report file + description: The extension of the report file. type: string - contextPath: InfoFile.Name - description: The name of the report file + description: The name of the report file. type: string - contextPath: InfoFile.Info - description: The info of the report file + description: The info of the report file. type: string - contextPath: InfoFile.Size - description: The size of the report file + description: The size of the report file. type: number - contextPath: InfoFile.Type - description: The type of the report file + description: The type of the report file. type: string - contextPath: URL.Malicious - description: URL Malicious object + description: URL Malicious object. type: string - contextPath: DBotScore.Reliability description: The reliability of the source providing the intelligence data. @@ -1179,7 +1138,7 @@ outputs: description: The submission time. type: string - contextPath: File.Size - description: File size (only in case of report type=json) + description: File size (only in case of report type=json). type: number - contextPath: File.Malicious.Vendor description: The vendor that determined that a file is malicious. @@ -1200,22 +1159,22 @@ outputs: description: The score that the malicious URL received from the vendor. type: number - contextPath: Lastline.Submission.Status - description: Status of the submission + description: Status of the submission. type: string - contextPath: Lastline.Submission.DNSqueries - description: List of DNS queries done by the analysis subject + description: List of DNS queries done by the analysis subject. type: string - contextPath: Lastline.Submission.NetworkConnections - description: List of network connections done by the analysis subject + description: List of network connections done by the analysis subject. type: string - contextPath: Lastline.Submission.DownloadedFiles description: List of files that were downloaded using the Microsoft Windows file-download API functions. Each element is a tuple of file-origin URL and a File element. type: string - contextPath: Lastline.Submission.UUID - description: ID of the submission + description: ID of the submission. type: string - contextPath: Lastline.Submission.YaraSignatures.name - description: Yara signatures name + description: Yara signatures name. type: string - contextPath: Lastline.Submission.YaraSignatures.score description: The score according to the yara signatures. from 0 to 100. @@ -1239,70 +1198,70 @@ outputs: description: Yara signature of the executable of the process. type: string - contextPath: Cuckoo.Task.Category - description: Category of task + description: Category of task. type: string - contextPath: Cuckoo.Task.Machine - description: Machine of task + description: Machine of task. type: string - contextPath: Cuckoo.Task.Errors - description: Errors of task + description: Errors of task. type: string - contextPath: Cuckoo.Task.Traget - description: Traget of task + description: Traget of task. type: string - contextPath: Cuckoo.Task.Package - description: Package of task + description: Package of task. type: string - contextPath: Cuckoo.Task.SampleID - description: Sample ID of task + description: Sample ID of task. type: string - contextPath: Cuckoo.Task.Guest - description: Task guest + description: Task guest. type: string - contextPath: Cuckoo.Task.Custom - description: Custom values of task + description: Custom values of task. type: string - contextPath: Cuckoo.Task.Owner - description: Task owner + description: Task owner. type: string - contextPath: Cuckoo.Task.Priority - description: Priority of task + description: Priority of task. type: string - contextPath: Cuckoo.Task.Platform - description: Platform of task + description: Platform of task. type: string - contextPath: Cuckoo.Task.Options - description: Task options + description: Task options. type: string - contextPath: Cuckoo.Task.Status - description: Task status + description: Task status. type: string - contextPath: Cuckoo.Task.EnforceTimeout - description: Is timeout of task enforced + description: Is timeout of task enforced. type: string - contextPath: Cuckoo.Task.Timeout - description: Task timeout + description: Task timeout. type: string - contextPath: Cuckoo.Task.Memory - description: Task memory + description: Task memory. type: string - contextPath: Cuckoo.Task.Tags - description: Task tags + description: Task tags. type: string - contextPath: Cuckoo.Task.ID - description: ID of task + description: ID of task. type: string - contextPath: Cuckoo.Task.AddedOn - description: Date on which the task was added + description: Date on which the task was added. type: string - contextPath: Cuckoo.Task.CompletedOn - description: Date on which the task was completed + description: Date on which the task was completed. type: string - contextPath: Cuckoo.Task.Score - description: Reported score of the the task + description: Reported score of the the task. type: string - contextPath: Cuckoo.Task.Monitor - description: Monitor of the reported task + description: Monitor of the reported task. type: string - contextPath: ANYRUN.Task.AnalysisDate description: Date and time the analysis was executed. @@ -1464,103 +1423,103 @@ outputs: description: Version of the program executed. type: String - contextPath: Domain.Name - description: The Domain name + description: The Domain name. type: string - contextPath: Domain.DNS description: A list of IP objects resolved by DNS. type: string - contextPath: RegistryKey.Path - description: The path to the registry key + description: The path to the registry key. type: string - contextPath: RegistryKey.Value description: The value at the given RegistryKey. type: string - contextPath: Process.Name - description: Process name + description: Process name. type: string - contextPath: Process.PID - description: Process PID + description: Process PID. type: number - contextPath: Process.CommandLine - description: Process Command Line + description: Process Command Line. type: string - contextPath: Process.Path - description: Process path + description: Process path. type: string - contextPath: Process.StartTime - description: Process start time + description: Process start time. type: date - contextPath: Process.EndTime - description: Process end time + description: Process end time. type: date - contextPath: Polygon.Analysis.ID - description: Analysis ID in THF + description: Analysis ID in THF. type: number - contextPath: Polygon.Analysis.Name - description: File Name + description: File Name. type: string - contextPath: Polygon.Analysis.Size - description: File Size + description: File Size. type: number - contextPath: Polygon.Analysis.Started - description: Analysis start timestamp + description: Analysis start timestamp. type: date - contextPath: Polygon.Analysis.Analyzed - description: Analysis finish timestamp + description: Analysis finish timestamp. type: date - contextPath: Polygon.Analysis.MD5 - description: Analyzed file MD5 hash + description: Analyzed file MD5 hash. type: string - contextPath: Polygon.Analysis.SHA1 - description: Analyzed file SHA1 hash + description: Analyzed file SHA1 hash. type: string - contextPath: Polygon.Analysis.SHA256 - description: Analyzed file SHA256 + description: Analyzed file SHA256. type: string - contextPath: Polygon.Analysis.Result - description: Analysis verdict + description: Analysis verdict. type: string - contextPath: Polygon.Analysis.Status - description: The analysis status + description: The analysis status. type: string - contextPath: Polygon.Analysis.Verdict - description: Analysis verdict + description: Analysis verdict. type: boolean - contextPath: Polygon.Analysis.Probability - description: Verdict probability + description: Verdict probability. type: string - contextPath: Polygon.Analysis.Families - description: Malware families + description: Malware families. type: string - contextPath: Polygon.Analysis.Score - description: Polygon score + description: Polygon score. type: number - contextPath: Polygon.Analysis.Internet-connection - description: Internet availability + description: Internet availability. type: string - contextPath: Polygon.Analysis.Type - description: File type + description: File type. type: string - contextPath: Polygon.Analysis.DumpExists - description: Network activity dump exists + description: Network activity dump exists. type: boolean - contextPath: Polygon.Analysis.File - description: The information about files in analysis + description: The information about files in analysis. type: string - contextPath: Polygon.Analysis.URL - description: The information about URL indicators + description: The information about URL indicators. type: string - contextPath: Polygon.Analysis.IP - description: The information about IP indicators + description: The information about IP indicators. type: string - contextPath: Polygon.Analysis.Domain - description: The information about Domain indicators + description: The information about Domain indicators. type: string - contextPath: Polygon.Analysis.RegistryKey - description: The information about registry keys which were modified during the analysis + description: The information about registry keys which were modified during the analysis. type: string - contextPath: Polygon.Analysis.Process - description: The information about processes started during the analysis + description: The information about processes started during the analysis. type: string - contextPath: CrowdStrike.Submit.job_id description: The The submitted report job ID. @@ -1629,7 +1588,7 @@ outputs: description: The imphash hash of the file. type: string - contextPath: CrowdStrike.Report.av_detect - description: The AV Multiscan range, for example 50-70 (min 0, max 100) + description: The AV Multiscan range, for example 50-70 (min 0, max 100). type: string - contextPath: CrowdStrike.Report.vx_family description: The file malware famil. @@ -1848,22 +1807,22 @@ outputs: description: Number of engines found the indicator undetected. type: number - contextPath: VirusTotal.Analysis.data.attributes.date - description: Date of the analysis in epoch + description: Date of the analysis in epoch. type: number - contextPath: VirusTotal.Analysis.data.attributes.status - description: Status of the analysis + description: Status of the analysis. type: string - contextPath: VirusTotal.Analysis.data.id description: ID of the analysis. type: string - contextPath: VirusTotal.Analysis.data.type - description: Type of object (analysis) + description: Type of object (analysis). type: string - contextPath: VirusTotal.Analysis.meta.url_info.id - description: ID of the url + description: ID of the url. type: string - contextPath: VirusTotal.Analysis.meta.url_info.url - description: The URL + description: The URL. type: string - contextPath: VirusTotal.Analysis.id description: The analysis ID. @@ -2001,7 +1960,7 @@ outputs: description: The name of the mutex. type: string - contextPath: VMRay.Sample.IOC.Mutex.Operation - description: The operation of the given mutex + description: The operation of the given mutex. type: string - contextPath: VMRay.Sample.IOC.Mutex.ID description: The ID of the mutex. @@ -2151,7 +2110,7 @@ outputs: description: Owner of the sample analysis. type: string - contextPath: Triage.sample-summaries.sample - description: Unique identifier of the sample, + description: Unique identifier of the sample,. type: string - contextPath: Triage.sample-summaries.score description: Score of the sample on a scale of 0 to 10. @@ -2169,52 +2128,52 @@ outputs: description: Tasks performed in the analysis. type: string - contextPath: SecneurXAnalysis.Report.SHA256 - description: SHA256 value of the analyzed sample + description: SHA256 value of the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.Platform - description: Platform of the analyzed sample + description: Platform of the analyzed sample. type: String - contextPath: SecneurXAnalysis.Report.Verdict - description: Summary result of the analyzed sample + description: Summary result of the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.Tags - description: More details of the analyzed sample + description: More details of the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.DnsRequests - description: List of DNS data observed in the analyzed sample + description: List of DNS data observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.HttpRequests - description: List of HTTP data observed in the analyzed sample + description: List of HTTP data observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.JA3Digests - description: List of JA3 data observed in the analyzed sample + description: List of JA3 data observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.ProcessCreated - description: Process behaviour data observed in the analyzed sample + description: Process behaviour data observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.RegistrySet - description: List of Registry creations observed in the analyzed sample + description: List of Registry creations observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.RegistryDeleted - description: List of Registry deletions observed in the analyzed sample + description: List of Registry deletions observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.FileCreated - description: List of File creations observed in the analyzed sample + description: List of File creations observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.FileDropped - description: List of File drops observed in the analyzed sample + description: List of File drops observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.FileDeleted - description: List of File deletions observed in the analyzed sample + description: List of File deletions observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.FileModified - description: List of File changes observed in the analyzed sample + description: List of File changes observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.IOC - description: List of IOC's observed in the analyzed sample + description: List of IOC's observed in the analyzed sample. type: string - contextPath: SecneurXAnalysis.Report.Status - description: Analysis queued sample state + description: Analysis queued sample state. type: String - contextPath: csfalconx.resource.id description: Analysis ID. @@ -2271,52 +2230,52 @@ outputs: description: The flow ID. type: string - contextPath: OPSWAT.Filescan.Analysis.finalVerdict.verdict - description: The final verdict + description: The final verdict. type: string - contextPath: OPSWAT.Filescan.Analysis.allTags - description: All tags + description: All tags. type: string - contextPath: OPSWAT.Filescan.Analysis.overallState - description: Overall state of the scan + description: Overall state of the scan. type: string - contextPath: OPSWAT.Filescan.Analysis.subtaskReferences - description: Status of scan subtasks + description: Status of scan subtasks. type: string - contextPath: OPSWAT.Filescan.Analysis.allSignalGroups - description: All signal groups + description: All signal groups. type: string - contextPath: OPSWAT.Filescan.Analysis.resources - description: Resources + description: Resources. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.name - description: Name of the main scan task + description: Name of the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.additionalInfo - description: Additional informations about the main scan task + description: Additional informations about the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.ID - description: ID of the main scan task + description: ID of the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.state - description: State of the main scan task + description: State of the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.resourceReference - description: Resource reference of the main scan task + description: Resource reference of the main scan task. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.opcount - description: Counter + description: Counter. type: string - contextPath: OPSWAT.Filescan.Analysis.taskReference.processTime - description: processTime + description: processTime. type: string - contextPath: OPSWAT.Filescan.Analysis.file.name - description: The name of the file + description: The name of the file. type: string - contextPath: OPSWAT.Filescan.Analysis.file.hash - description: The SHA256 of the file + description: The SHA256 of the file. type: string - contextPath: OPSWAT.Filescan.Analysis.file.type - description: The type of the submission + description: The type of the submission. type: string tests: - No tests (auto formatted) diff --git a/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5_README.md b/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5_README.md index bc1bcb2bda00..47065a065040 100644 --- a/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5_README.md +++ b/Packs/CommonPlaybooks/Playbooks/playbook-Detonate_URL_-_Generic_v1.5_README.md @@ -17,7 +17,7 @@ Supported integrations: - ANYRUN - VirusTotal - Anomali ThreatStream -- Hatching Triage +- Hatching Triage. ## Dependencies @@ -25,19 +25,19 @@ This playbook uses the following sub-playbooks, integrations, and scripts. ### Sub-playbooks +* Detonate URL - Cuckoo +* Detonate URL - ThreatGrid v2 +* Detonate URL - Lastline v2 +* Detonate URL - ThreatStream +* Detonate URL - FireEye AX * Detonate URL - McAfee ATD -* Detonate URL - Group-IB TDS Polygon * Detonate URL - VMRay -* Detonate URL - Hatching Triage -* Detonate URL - ThreatGrid v2 * Detonate URL - SecneurX Analysis -* Detonate URL - Lastline v2 -* Detonate URL - Cuckoo +* Detonate URL - Hatching Triage +* Detonate URL - CrowdStrike Falcon Intelligence Sandbox v2 * Detonate URL - ANYRUN -* Detonate URL - ThreatStream -* Detonate URL - CrowdStrike Falcon Intelligence Sandbox * Detonate URL - VirusTotal (API v3) -* Detonate URL - FireEye AX +* Detonate URL - Group-IB TDS Polygon ### Integrations @@ -49,10 +49,9 @@ This playbook does not use any scripts. ### Commands -* joe-submit-url * wildfire-upload-url * opswat-filescan-scan-url -* cs-falcon-sandbox-submit-url +* joe-submit-url ## Playbook Inputs @@ -68,43 +67,43 @@ This playbook does not use any scripts. | **Path** | **Description** | **Type** | | --- | --- | --- | -| ThreatGrid.Sample.id | The sample id | string | -| ThreatGrid.Sample.filename | The sample filename | string | -| ThreatGrid.Sample.state | The state of the sample, one of a stable set of strings "wait, prep, run, proc, succ, fail" | string | -| ThreatGrid.Sample.status | The sample status | string | -| ThreatGrid.Sample.md5 | The sample md5 | string | -| ThreatGrid.Sample.sha1 | The sample sha1 | string | -| ThreatGrid.Sample.sha256 | The sample sha256 | string | -| ThreatGrid.Sample.os | The sample os | string | -| ThreatGrid.Sample.submitted_at | The sample submission time | string | -| ATD.Task.taskId | The task ID of the sample uploaded | string | -| ATD.Task.jobId | The job ID of the sample uploaded | string | -| ATD.Task.messageId | The message Id relevant to the sample uploaded | string | -| ATD.Task.url | The URL detonated | string | -| ATD.Task.srcIp | Source IPv4 address | string | -| ATD.Task.destIp | Destination IPv4 address | string | -| ATD.Task.MD5 | MD5 of the sample uploaded | string | -| ATD.Task.SHA1 | SHA1 of the sample uploaded | string | -| ATD.Task.SHA256 | SHA256 of the sample uploaded | string | -| File.Name | Filename \(only in case of report type=json\) | string | -| File.Type | File type e.g. "PE" \(only in case of report type=json\) | string | -| File.MD5 | MD5 hash of the file \(only in case of report type=json\) | string | -| File.SHA1 | SHA1 hash of the file \(only in case of report type=json\) | string | -| File.SHA256 | SHA256 hash of the file \(only in case of report type=json\) | string | -| File.EntryID | The Entry ID of the sample | string | -| File.Malicious | File Malicious object | unknown | -| DBotScore.Indicator | The indicator we tested \(only in case of report type=json\) | string | -| DBotScore.Type | The type of the indicator \(only in case of report type=json\) | string | -| DBotScore.Vendor | Vendor used to calculate the score \(only in case of report type=json\) | string | -| DBotScore.Score | The actual score \(only in case of report type=json\) | number | -| IP.Address | IP's relevant to the sample | string | -| InfoFile.EntryID | The EntryID of the report file | string | -| InfoFile.Extension | The extension of the report file | string | -| InfoFile.Name | The name of the report file | string | -| InfoFile.Info | The info of the report file | string | -| InfoFile.Size | The size of the report file | number | -| InfoFile.Type | The type of the report file | string | -| URL.Malicious | URL Malicious object | string | +| ThreatGrid.Sample.id | The sample id. | string | +| ThreatGrid.Sample.filename | The sample filename. | string | +| ThreatGrid.Sample.state | The state of the sample, one of a stable set of strings "wait, prep, run, proc, succ, fail". | string | +| ThreatGrid.Sample.status | The sample status. | string | +| ThreatGrid.Sample.md5 | The sample md5. | string | +| ThreatGrid.Sample.sha1 | The sample sha1. | string | +| ThreatGrid.Sample.sha256 | The sample sha256. | string | +| ThreatGrid.Sample.os | The sample os. | string | +| ThreatGrid.Sample.submitted_at | The sample submission time. | string | +| ATD.Task.taskId | The task ID of the sample uploaded. | string | +| ATD.Task.jobId | The job ID of the sample uploaded. | string | +| ATD.Task.messageId | The message Id relevant to the sample uploaded. | string | +| ATD.Task.url | The URL detonated. | string | +| ATD.Task.srcIp | Source IPv4 address. | string | +| ATD.Task.destIp | Destination IPv4 address. | string | +| ATD.Task.MD5 | MD5 of the sample uploaded. | string | +| ATD.Task.SHA1 | SHA1 of the sample uploaded. | string | +| ATD.Task.SHA256 | SHA256 of the sample uploaded. | string | +| File.Name | Filename \(only in case of report type=json\). | string | +| File.Type | File type e.g. "PE" \(only in case of report type=json\). | string | +| File.MD5 | MD5 hash of the file \(only in case of report type=json\). | string | +| File.SHA1 | SHA1 hash of the file \(only in case of report type=json\). | string | +| File.SHA256 | SHA256 hash of the file \(only in case of report type=json\). | string | +| File.EntryID | The Entry ID of the sample. | string | +| File.Malicious | File Malicious object. | unknown | +| DBotScore.Indicator | The indicator we tested \(only in case of report type=json\). | string | +| DBotScore.Type | The type of the indicator \(only in case of report type=json\). | string | +| DBotScore.Vendor | Vendor used to calculate the score \(only in case of report type=json\). | string | +| DBotScore.Score | The actual score \(only in case of report type=json\). | number | +| IP.Address | IP's relevant to the sample. | string | +| InfoFile.EntryID | The EntryID of the report file. | string | +| InfoFile.Extension | The extension of the report file. | string | +| InfoFile.Name | The name of the report file. | string | +| InfoFile.Info | The info of the report file. | string | +| InfoFile.Size | The size of the report file. | number | +| InfoFile.Type | The type of the report file. | string | +| URL.Malicious | URL Malicious object. | string | | DBotScore.Reliability | The reliability of the source providing the intelligence data. | string | | URL.Data | The URL. | string | | Joe.Analysis.AnalysisID | The analysis ID. | string | @@ -134,19 +133,19 @@ This playbook does not use any scripts. | Joe.Submission.status | The submission status. | string | | Joe.Submission.submission_id | The submission ID. | string | | Joe.Submission.time | The submission time. | string | -| File.Size | File size \(only in case of report type=json\) | number | +| File.Size | File size \(only in case of report type=json\). | number | | File.Malicious.Vendor | The vendor that determined that a file is malicious. | string | | File.Malicious.Description | The reason that the vendor determined that the file is malicious. | string | | File.Malicious.Score | The score that the malicious file received from the vendor. | number | | URL.Malicious.Vendor | The vendor that determined that a URL is malicious. | string | | URL.Malicious.Description | The reason that the vendor determined that the URL is malicious. | string | | URL.Malicious.Score | The score that the malicious URL received from the vendor. | number | -| Lastline.Submission.Status | Status of the submission | string | -| Lastline.Submission.DNSqueries | List of DNS queries done by the analysis subject | string | -| Lastline.Submission.NetworkConnections | List of network connections done by the analysis subject | string | +| Lastline.Submission.Status | Status of the submission. | string | +| Lastline.Submission.DNSqueries | List of DNS queries done by the analysis subject. | string | +| Lastline.Submission.NetworkConnections | List of network connections done by the analysis subject. | string | | Lastline.Submission.DownloadedFiles | List of files that were downloaded using the Microsoft Windows file-download API functions. Each element is a tuple of file-origin URL and a File element. | string | -| Lastline.Submission.UUID | ID of the submission | string | -| Lastline.Submission.YaraSignatures.name | Yara signatures name | string | +| Lastline.Submission.UUID | ID of the submission. | string | +| Lastline.Submission.YaraSignatures.name | Yara signatures name. | string | | Lastline.Submission.YaraSignatures.score | The score according to the yara signatures. from 0 to 100. | number | | Lastline.Submission.YaraSignatures.internal | True if the signature is only for internal use. | boolean | | Lastline.Submission.Process.arguments | Argument of the process. | string | @@ -154,28 +153,28 @@ This playbook does not use any scripts. | Lastline.Submission.Process.executable.abs_path | Absolute path of the executable of the process. | string | | Lastline.Submission.Process.executable.filename | Filename of the executable. | string | | Lastline.Submission.Process.executable.yara_signature_hits | Yara signature of the executable of the process. | string | -| Cuckoo.Task.Category | Category of task | string | -| Cuckoo.Task.Machine | Machine of task | string | -| Cuckoo.Task.Errors | Errors of task | string | -| Cuckoo.Task.Traget | Traget of task | string | -| Cuckoo.Task.Package | Package of task | string | -| Cuckoo.Task.SampleID | Sample ID of task | string | -| Cuckoo.Task.Guest | Task guest | string | -| Cuckoo.Task.Custom | Custom values of task | string | -| Cuckoo.Task.Owner | Task owner | string | -| Cuckoo.Task.Priority | Priority of task | string | -| Cuckoo.Task.Platform | Platform of task | string | -| Cuckoo.Task.Options | Task options | string | -| Cuckoo.Task.Status | Task status | string | -| Cuckoo.Task.EnforceTimeout | Is timeout of task enforced | string | -| Cuckoo.Task.Timeout | Task timeout | string | -| Cuckoo.Task.Memory | Task memory | string | -| Cuckoo.Task.Tags | Task tags | string | -| Cuckoo.Task.ID | ID of task | string | -| Cuckoo.Task.AddedOn | Date on which the task was added | string | -| Cuckoo.Task.CompletedOn | Date on which the task was completed | string | -| Cuckoo.Task.Score | Reported score of the the task | string | -| Cuckoo.Task.Monitor | Monitor of the reported task | string | +| Cuckoo.Task.Category | Category of task. | string | +| Cuckoo.Task.Machine | Machine of task. | string | +| Cuckoo.Task.Errors | Errors of task. | string | +| Cuckoo.Task.Traget | Traget of task. | string | +| Cuckoo.Task.Package | Package of task. | string | +| Cuckoo.Task.SampleID | Sample ID of task. | string | +| Cuckoo.Task.Guest | Task guest. | string | +| Cuckoo.Task.Custom | Custom values of task. | string | +| Cuckoo.Task.Owner | Task owner. | string | +| Cuckoo.Task.Priority | Priority of task. | string | +| Cuckoo.Task.Platform | Platform of task. | string | +| Cuckoo.Task.Options | Task options. | string | +| Cuckoo.Task.Status | Task status. | string | +| Cuckoo.Task.EnforceTimeout | Is timeout of task enforced. | string | +| Cuckoo.Task.Timeout | Task timeout. | string | +| Cuckoo.Task.Memory | Task memory. | string | +| Cuckoo.Task.Tags | Task tags. | string | +| Cuckoo.Task.ID | ID of task. | string | +| Cuckoo.Task.AddedOn | Date on which the task was added. | string | +| Cuckoo.Task.CompletedOn | Date on which the task was completed. | string | +| Cuckoo.Task.Score | Reported score of the the task. | string | +| Cuckoo.Task.Monitor | Monitor of the reported task. | string | | ANYRUN.Task.AnalysisDate | Date and time the analysis was executed. | String | | ANYRUN.Task.FileInfo | Details of the submitted file. | String | | ANYRUN.Task.OS | OS of the sandbox in which the file was analyzed. | String | @@ -229,39 +228,39 @@ This playbook does not use any scripts. | ANYRUN.Task.Process.Version.Company | Company responsible for the program executed. | String | | ANYRUN.Task.Process.Version.Description | Description of the type of program. | String | | ANYRUN.Task.Process.Version.Version | Version of the program executed. | String | -| Domain.Name | The Domain name | string | +| Domain.Name | The Domain name. | string | | Domain.DNS | A list of IP objects resolved by DNS. | string | -| RegistryKey.Path | The path to the registry key | string | +| RegistryKey.Path | The path to the registry key. | string | | RegistryKey.Value | The value at the given RegistryKey. | string | -| Process.Name | Process name | string | -| Process.PID | Process PID | number | -| Process.CommandLine | Process Command Line | string | -| Process.Path | Process path | string | -| Process.StartTime | Process start time | date | -| Process.EndTime | Process end time | date | -| Polygon.Analysis.ID | Analysis ID in THF | number | -| Polygon.Analysis.Name | File Name | string | -| Polygon.Analysis.Size | File Size | number | -| Polygon.Analysis.Started | Analysis start timestamp | date | -| Polygon.Analysis.Analyzed | Analysis finish timestamp | date | -| Polygon.Analysis.MD5 | Analyzed file MD5 hash | string | -| Polygon.Analysis.SHA1 | Analyzed file SHA1 hash | string | -| Polygon.Analysis.SHA256 | Analyzed file SHA256 | string | -| Polygon.Analysis.Result | Analysis verdict | string | -| Polygon.Analysis.Status | The analysis status | string | -| Polygon.Analysis.Verdict | Analysis verdict | boolean | -| Polygon.Analysis.Probability | Verdict probability | string | -| Polygon.Analysis.Families | Malware families | string | -| Polygon.Analysis.Score | Polygon score | number | -| Polygon.Analysis.Internet-connection | Internet availability | string | -| Polygon.Analysis.Type | File type | string | -| Polygon.Analysis.DumpExists | Network activity dump exists | boolean | -| Polygon.Analysis.File | The information about files in analysis | string | -| Polygon.Analysis.URL | The information about URL indicators | string | -| Polygon.Analysis.IP | The information about IP indicators | string | -| Polygon.Analysis.Domain | The information about Domain indicators | string | -| Polygon.Analysis.RegistryKey | The information about registry keys which were modified during the analysis | string | -| Polygon.Analysis.Process | The information about processes started during the analysis | string | +| Process.Name | Process name. | string | +| Process.PID | Process PID. | number | +| Process.CommandLine | Process Command Line. | string | +| Process.Path | Process path. | string | +| Process.StartTime | Process start time. | date | +| Process.EndTime | Process end time. | date | +| Polygon.Analysis.ID | Analysis ID in THF. | number | +| Polygon.Analysis.Name | File Name. | string | +| Polygon.Analysis.Size | File Size. | number | +| Polygon.Analysis.Started | Analysis start timestamp. | date | +| Polygon.Analysis.Analyzed | Analysis finish timestamp. | date | +| Polygon.Analysis.MD5 | Analyzed file MD5 hash. | string | +| Polygon.Analysis.SHA1 | Analyzed file SHA1 hash. | string | +| Polygon.Analysis.SHA256 | Analyzed file SHA256. | string | +| Polygon.Analysis.Result | Analysis verdict. | string | +| Polygon.Analysis.Status | The analysis status. | string | +| Polygon.Analysis.Verdict | Analysis verdict. | boolean | +| Polygon.Analysis.Probability | Verdict probability. | string | +| Polygon.Analysis.Families | Malware families. | string | +| Polygon.Analysis.Score | Polygon score. | number | +| Polygon.Analysis.Internet-connection | Internet availability. | string | +| Polygon.Analysis.Type | File type. | string | +| Polygon.Analysis.DumpExists | Network activity dump exists. | boolean | +| Polygon.Analysis.File | The information about files in analysis. | string | +| Polygon.Analysis.URL | The information about URL indicators. | string | +| Polygon.Analysis.IP | The information about IP indicators. | string | +| Polygon.Analysis.Domain | The information about Domain indicators. | string | +| Polygon.Analysis.RegistryKey | The information about registry keys which were modified during the analysis. | string | +| Polygon.Analysis.Process | The information about processes started during the analysis. | string | | CrowdStrike.Submit.job_id | The The submitted report job ID. | string | | CrowdStrike.Submit.submission_type | The type of the submission. | string | | CrowdStrike.Submit.submission_id | The submission ID. | string | @@ -284,7 +283,7 @@ This playbook does not use any scripts. | CrowdStrike.Report.sha512 | The SHA512 hash of the file. | string | | CrowdStrike.Report.ssdeep | The SSDeep hash of the file. | string | | CrowdStrike.Report.imphash | The imphash hash of the file. | string | -| CrowdStrike.Report.av_detect | The AV Multiscan range, for example 50-70 \(min 0, max 100\) | string | +| CrowdStrike.Report.av_detect | The AV Multiscan range, for example 50-70 \(min 0, max 100\). | string | | CrowdStrike.Report.vx_family | The file malware famil. | string | | CrowdStrike.Report.url_analysis | Whether this report is url analysis. | string | | CrowdStrike.Report.analysis_start_time | The start time of the analysis. | string | @@ -357,12 +356,12 @@ This playbook does not use any scripts. | VirusTotal.Analysis.data.attributes.stats.suspicious | Number of engines found the indicator suspicious. | number | | VirusTotal.Analysis.data.attributes.stats.timeout | Number of engines found the indicator timeout. | number | | VirusTotal.Analysis.data.attributes.stats.undetected | Number of engines found the indicator undetected. | number | -| VirusTotal.Analysis.data.attributes.date | Date of the analysis in epoch | number | -| VirusTotal.Analysis.data.attributes.status | Status of the analysis | string | +| VirusTotal.Analysis.data.attributes.date | Date of the analysis in epoch. | number | +| VirusTotal.Analysis.data.attributes.status | Status of the analysis. | string | | VirusTotal.Analysis.data.id | ID of the analysis. | string | -| VirusTotal.Analysis.data.type | Type of object \(analysis\) | string | -| VirusTotal.Analysis.meta.url_info.id | ID of the url | string | -| VirusTotal.Analysis.meta.url_info.url | The URL | string | +| VirusTotal.Analysis.data.type | Type of object \(analysis\). | string | +| VirusTotal.Analysis.meta.url_info.id | ID of the url. | string | +| VirusTotal.Analysis.meta.url_info.url | The URL. | string | | VirusTotal.Analysis.id | The analysis ID. | string | | VMRay.Job.JobID | The ID of a new job. | number | | VMRay.Job.SampleID | The ID of sample. | number | @@ -408,7 +407,7 @@ This playbook does not use any scripts. | VMRay.Sample.IOC.IP.Type | The type of the IP address. | string | | VMRay.Sample.IOC.Mutex.AnalysisID | The IDs of other analyses that contain the given IP address. | string | | VMRay.Sample.IOC.Mutex.Name | The name of the mutex. | string | -| VMRay.Sample.IOC.Mutex.Operation | The operation of the given mutex | string | +| VMRay.Sample.IOC.Mutex.Operation | The operation of the given mutex. | string | | VMRay.Sample.IOC.Mutex.ID | The ID of the mutex. | string | | VMRay.Sample.IOC.Mutex.Type | The type of the mutex. | string | | VMRay.Sample.IOC.File.AnalysisID | The IDs of other analyses that contain the given file. | string | @@ -458,28 +457,28 @@ This playbook does not use any scripts. | Triage.sample-summaries.created | Date the analysis report was created. | date | | Triage.sample-summaries.custom | Custom sample analysis. | string | | Triage.sample-summaries.owner | Owner of the sample analysis. | string | -| Triage.sample-summaries.sample | Unique identifier of the sample, | string | +| Triage.sample-summaries.sample | Unique identifier of the sample,. | string | | Triage.sample-summaries.score | Score of the sample on a scale of 0 to 10. | number | | Triage.sample-summaries.sha256 | SHA256 hash of the sample. | string | | Triage.sample-summaries.status | Status of the analysis. | string | | Triage.sample-summaries.target | Target for the analysis. | string | | Triage.sample-summaries.tasks | Tasks performed in the analysis. | string | -| SecneurXAnalysis.Report.SHA256 | SHA256 value of the analyzed sample | string | -| SecneurXAnalysis.Report.Platform | Platform of the analyzed sample | String | -| SecneurXAnalysis.Report.Verdict | Summary result of the analyzed sample | string | -| SecneurXAnalysis.Report.Tags | More details of the analyzed sample | string | -| SecneurXAnalysis.Report.DnsRequests | List of DNS data observed in the analyzed sample | string | -| SecneurXAnalysis.Report.HttpRequests | List of HTTP data observed in the analyzed sample | string | -| SecneurXAnalysis.Report.JA3Digests | List of JA3 data observed in the analyzed sample | string | -| SecneurXAnalysis.Report.ProcessCreated | Process behaviour data observed in the analyzed sample | string | -| SecneurXAnalysis.Report.RegistrySet | List of Registry creations observed in the analyzed sample | string | -| SecneurXAnalysis.Report.RegistryDeleted | List of Registry deletions observed in the analyzed sample | string | -| SecneurXAnalysis.Report.FileCreated | List of File creations observed in the analyzed sample | string | -| SecneurXAnalysis.Report.FileDropped | List of File drops observed in the analyzed sample | string | -| SecneurXAnalysis.Report.FileDeleted | List of File deletions observed in the analyzed sample | string | -| SecneurXAnalysis.Report.FileModified | List of File changes observed in the analyzed sample | string | -| SecneurXAnalysis.Report.IOC | List of IOC's observed in the analyzed sample | string | -| SecneurXAnalysis.Report.Status | Analysis queued sample state | String | +| SecneurXAnalysis.Report.SHA256 | SHA256 value of the analyzed sample. | string | +| SecneurXAnalysis.Report.Platform | Platform of the analyzed sample. | String | +| SecneurXAnalysis.Report.Verdict | Summary result of the analyzed sample. | string | +| SecneurXAnalysis.Report.Tags | More details of the analyzed sample. | string | +| SecneurXAnalysis.Report.DnsRequests | List of DNS data observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.HttpRequests | List of HTTP data observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.JA3Digests | List of JA3 data observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.ProcessCreated | Process behaviour data observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.RegistrySet | List of Registry creations observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.RegistryDeleted | List of Registry deletions observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.FileCreated | List of File creations observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.FileDropped | List of File drops observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.FileDeleted | List of File deletions observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.FileModified | List of File changes observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.IOC | List of IOC's observed in the analyzed sample. | string | +| SecneurXAnalysis.Report.Status | Analysis queued sample state. | String | | csfalconx.resource.id | Analysis ID. | String | | csfalconx.resource.verdict | Analysis verdict. | String | | csfalconx.resource.created_timestamp | Analysis start time. | String | @@ -498,22 +497,22 @@ This playbook does not use any scripts. | csfalconx.resource.ioc_report_strict_maec_artifact_id | ID of the IOC pack to download \(MAEC\). | String | | csfalconx.resource.ioc_report_broad_maec_artifact_id | ID of the IOC pack to download \(MAEC\). | String | | OPSWAT.Filescan.Submission.flow_id | The flow ID. | string | -| OPSWAT.Filescan.Analysis.finalVerdict.verdict | The final verdict | string | -| OPSWAT.Filescan.Analysis.allTags | All tags | string | -| OPSWAT.Filescan.Analysis.overallState | Overall state of the scan | string | -| OPSWAT.Filescan.Analysis.subtaskReferences | Status of scan subtasks | string | -| OPSWAT.Filescan.Analysis.allSignalGroups | All signal groups | string | -| OPSWAT.Filescan.Analysis.resources | Resources | string | -| OPSWAT.Filescan.Analysis.taskReference.name | Name of the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.additionalInfo | Additional informations about the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.ID | ID of the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.state | State of the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.resourceReference | Resource reference of the main scan task | string | -| OPSWAT.Filescan.Analysis.taskReference.opcount | Counter | string | -| OPSWAT.Filescan.Analysis.taskReference.processTime | processTime | string | -| OPSWAT.Filescan.Analysis.file.name | The name of the file | string | -| OPSWAT.Filescan.Analysis.file.hash | The SHA256 of the file | string | -| OPSWAT.Filescan.Analysis.file.type | The type of the submission | string | +| OPSWAT.Filescan.Analysis.finalVerdict.verdict | The final verdict. | string | +| OPSWAT.Filescan.Analysis.allTags | All tags. | string | +| OPSWAT.Filescan.Analysis.overallState | Overall state of the scan. | string | +| OPSWAT.Filescan.Analysis.subtaskReferences | Status of scan subtasks. | string | +| OPSWAT.Filescan.Analysis.allSignalGroups | All signal groups. | string | +| OPSWAT.Filescan.Analysis.resources | Resources. | string | +| OPSWAT.Filescan.Analysis.taskReference.name | Name of the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.additionalInfo | Additional informations about the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.ID | ID of the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.state | State of the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.resourceReference | Resource reference of the main scan task. | string | +| OPSWAT.Filescan.Analysis.taskReference.opcount | Counter. | string | +| OPSWAT.Filescan.Analysis.taskReference.processTime | processTime. | string | +| OPSWAT.Filescan.Analysis.file.name | The name of the file. | string | +| OPSWAT.Filescan.Analysis.file.hash | The SHA256 of the file. | string | +| OPSWAT.Filescan.Analysis.file.type | The type of the submission. | string | ## Playbook Image diff --git a/Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md b/Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md new file mode 100644 index 000000000000..6a8f134ed76e --- /dev/null +++ b/Packs/CommonPlaybooks/ReleaseNotes/2_4_39.md @@ -0,0 +1,10 @@ + +#### Playbooks + +##### Detonate File - Generic + +The sub-playbook "Detonate File - CrowdStrike Falcon Intelligence Sandbox" was replaced with a new version "Detonate File - CrowdStrike Falcon Intelligence Sandbox v2". + +##### Detonate URL - Generic v1.5 + +The sub-playbook "Detonate URL - CrowdStrike Falcon Intelligence Sandbox" was replaced with a new version "Detonate URL - CrowdStrike Falcon Intelligence Sandbox v2". \ No newline at end of file diff --git a/Packs/CommonPlaybooks/doc_files/Detonate_File_-_Generic.png b/Packs/CommonPlaybooks/doc_files/Detonate_File_-_Generic.png index 28ddbd55ca8d155c25d7ee3aa489c95243e40e13..dbcb78e4f95336969f918d40ad37992c285a0c92 100644 GIT binary patch literal 166089 zcmcehNIyHU8YR z)!KH)<+SSubc zZXbF7oy0XGALZBA#8Vd0a&h}(t8$57dI9&|D+k_cZku@8IJsKO_wJpGu=iX5gNzF- zl37eriE@#>!dNg0HZU;o`pg^`dFl%lbOk(<8wXXT;y{cL5oP#{gr^8$P5#`U1S%U+ zQnBeXKU}r7we5#KoSWs>rx6k`JiQ)Y5LUW%#oL4$-l2C}IY)J;f^?I<8 zJPUES*7^2}u^N*c7q=z@n|3p0O6O!(Dp^hbS)eXm>Yt@hpFY6;h%B-DuaH5-Pts)_oehZIC|jRuN}- zc60~BMnln6^WjtV7JJW52|xJuDK|eqO5S%5C|iUYcU)6?8?ttELJa#AKyI|MDge*T z)9msT5B74CuJ6pgbzarLc(raz^oUonaRePc5XU%k3cj00JkhMvY5d>W^ zV)~TRWt2V)-y zygm|)lsRboG(G!=E>${=^sV`2SK0QB=8|XpA5d$?}TS#WcUd_J~m`rur_2-3& z*)dH8zMgIRY7o)=!?pH<^razVO1+D6V4*C21k3sDTKpajsGg>V`DV3HVT<6#jLVMz zcLft@0_D;1UqgQfPOO-G@(%z^F2meav38fRZ{H}MO?3(g2z2%K(yqsgHq^%mh0@cB zzCt12CRaXEAk&1H6*xvtOYWd$?G(Y;Oc@au!%9!nT+0%;GE!DZR^odV7kfkSK~AIb zQVJLL+%zDV*>Nq>j})`(Z$K;ZO|2xknjgk~d|LQ68eUszr9Nm6*o06g{&H&WSQcs1 zP_ugYv8mvuT&=9k4q{T!45&Mj|QYoWT*3VpxMMjNicng;mQO%tOAg#tcNgew&Z5$7D zL09NpP^9)Zt#s2J-TUN<`us<5i=M8syxEutw=Eses=2!a+2+b6AH|z{ov%*)p`Fu^ zC|qye^5l$`fdM0k5towG0PK48`Vsc50Cd4LPXV8Lp3jC2E5$tu_Vi?2_;W7khs(ns zoky+~Tg>JuPIlJZSyq3F7q}vHlea|iWsQI(i+kOad6;`(cJE0!P)`9DCv2d(^a!? ziHeIi`7`$M3q(oWka~I()%L_K!v7$ao7i-v8x=%U_2;fPEO9?`@2_-{hPH>UnAPGN(*Xz z)IRY-P&Pw5LuV|NhIeL{@mW)UT$7qq_N-tW1x}}E)EBlQAI%p^V~iy z>W8&kMAQ?S0r_V+SP^qdOwvf<((JyL+|7k7RJ1N`?h7q|Yg;(-Rc?9!X{=PbG^t~)E+EgL_7{A9 z0}6)B;`X77eh2qtC7cv{`}?;47)pUs1n*jys;jmdql~Dal$}c?qX;+2aRw@oklEl# z$F%~^pat#(W9{^SrLzeDOV3Ien8unq*f!nu$iMUSWY>l=_gg>^wu<-0;e|-h64WNXx_ofIImpn4XT#le0(qhV3#D4gdjFEq60Y zVy!20Ll9((ndYa9C~}+cE_a%Za30_kQgT-}x%Z(WP3~baO8*q2OWs z!hQ0UD4vOt5%crs&r|WOPtBQrU{s64A?_duA*A*#GnpFubsi%CnGcAOs;a7a#ubalR>rfhr;0=iZUXPqHuok%QFtY+UPOypsGYSgRP2 zGQtF6=i(Pe3GA2ooj?VzQlDSR!oq@I|NYro_c33sNaN}CJ~{YojxrGW_&F#9RV;0J zH3x}I=4Lg46g4?HSrjj|-I6%NXTam45!Ut!Bojjo;QH0;DsHK2OC@E#vJL$tojmYiGxq z-U;Yb~_>LD-&g<>lLl#;!X|`(b1EF&1*vboBKug?Tp}un5y}VNcTG!c~oEBL%mV&iM*Xg zhZy!}R!hq{Gs2_r?H=d)RLzy;wT|t$PF)?HCDfinP;{@8r?N}TwwbS^?7`>Ba%7j( zK6+`z>w6gn$}r+i5krUc!=~@CKxz8p-m~kRhohi=N-xn5X&aly=7lM?9O~ zc_&8TRwiOO3*6^bqGe(1+4`xL;u#@=m6g>7Z?AGBEgU&3=x;)Rm{O*U_TL%QEo6XC z<>aG&Xs=HWY%4J5JB&zA&@+)NcGyw4?W^rx&qth5^*xhu&5r_r#q(1kP0X4pgNy+M1qIQ@f;@ON6L00O<6?_H zya70<8|VABivyW_M6q~oZ*;=*jmnz7Jm;H|8IYsp8*qS-*3|;tldy^PmL;$0`CSmV zGW|^))Y7G;JLGL_zZxK@%y!2ev@SSkHgn_E?4OhN?#^woydW*Kv%_ve9if*Ok+K5+ zu>LVeAioIS7c5t>-g1}F{OVM^^+dmO%Xa-scn03a%igWL0VBx62cOIhdnYI<-4w}4 z^N8d`xC<15UY)YW5o@k+g9tQs`>Pk$3IY?N;w8;UNlEF!+o;3*NE@tnA6aAyINZ&T zX>_2Jt$K7gGVXTE*zeF8RZ%!W8xdcqK0y;OzI|e^#(xhctKg)F-uIuVU1eWT)boRc zzpHw?S+B0s%BgL<&dH&~i4WAY?m8vZuB@iJEH&ttIjbT)l?L!o|Ihl7;O7ZYh#t56n9fJD=5*Oj0A441-X6(&o|@QSO^Z`1NQAEPzH8e=S~ot zuzhap!p)N~r_plZ{(K{PvzrQkUSw9ll(nw4^JriP7DA$VK`W@&d7)m?b?Ci<#u68o|aD0)+3rPBXiitDmv|{*+cy zTjPBsJH3U{@kk-R#aYqNlca!QbeeU#{OF-|y#`$;>GL_7Y^(}ZGhJRwLkR=lcWkDnK8xgJ zr`bu^N0X)}GE>SQcJtY5$T{A6;rT^N7=9h2UsNe9hCzrSn?F2XB+l5bj5{04u>U#R z&b&XOZR`8OfJf`6y-G>%?iR0|)`$De6ZEHqmcFKPg<$~`NYZ zx(TgOX=$U1ljPZ0#Jay3=8o)-!Bv9#9`2ZE%=&mlmb0s>?A``C_bYNTFD@r%Tl0@E z@A}2v+O9e8 zSb;$%V&h)@!l)l{t`=M9V9EPU4WixXuP?HTyiK%6 z55KJ!*{G_jrN~}5?DUynP-X6K{%S?n(BND@Ic>p{BM!n8O1~Pp#He6bI9*@4&-!wn+ERG`)lasB9HnU z5E#2u*2~x*szx%2bI7BU*c-N%PhBP1it^umXE!V@&Jk1i39F$ zm@z=Z{7($3UMADIr+*_&tnWFhLZR-$T7@xsMghYgCB}pQT?jt8tTkLKC%^rX*}~4w z$9wrn;KAg&KdMx}8g2rgSMYyc8&4Feu#ePh>=EJ*b2{8e6SaK7!o%)!4ZdSSpMyW+ za_u1!&yD)c;aBCt$RUc`4HEt?p3>>QQd@KZ8Y`%=#TCu0@|i63QUM@S{(xRUHdo|# zFMz+B3e&W@sZb}XE&cF-)x53m`R-0Xa)Mdtt5awpe0yNtT}6AVExnezKW}1`(W3+T z0o7Os_sJW3f9`Ozs&1v^`jsyB{rZThwuxQ$uW5Cet~DVi7w9P!#Dr@1*Y{&Mo=(MPSpDQxY4T4e|$vJ+n6A~ z8=Y93aT(8>U0izr&uy*l!F)w?6HTW;xQIp~^~b*FHsAJv8|;=*2e7{>hV4agR2+wA zQHdOzzsKF`i>otYasc))2*2_lU7vfgv5J4N_iB58zC8xYR3~4=#i(H>#Kp>*sukZ& zzM+qAXtYv~na044UUH`SIvXI1J=pdlvziobe9oW9^OV!@t3T!3F!<7WxzKWDXRnB6 zDpdHYv{~KkT2D8}21qdG-H|U`?%7-0Yc%`KH1aeho+8Yu$d*eT5%N3Gk7T%2H{mKb z^|;mfYj4r~p_9!B9i`mitvvm)@=n*WkozOwW4Z85K;c`Vc43D>9`3~yP>`R0I>7Ja zlLG9EUI1H4=7G95<-3`S4A`e(9H%5%2odY?dC}+E1{B3p!uI?=+Hi><fz6&>WRg@3H7YojFepM&6>i%4|!5ibDHpP-3;=;DKDrhEJpJ3+?|Op-4d04 z!BR!ek+6#CkI)F6MlTIGsZDi=L^Cn_AJ$4V0+hkKlCnE_vi|y&2Ksa92-+M^_FZG&39G>fdh2DDI+}C+j0iQ-p-NAy8MdLzLYJxwC#wiAhFpCP6e7*u< zQ`|)}|B4|4HTz#grg|-Snv@T}hs@hGvx$kzLn~GA-H%VKvereq>prj8X|kF~QOaq1 zx^k~3j$!9@9eUl`W~~3=vdlQ#*7(6*7wUT_`eKxGLX1tEax;&DmkranpY!)G<$K-Q z-Q_>54yS_khu`~!RQT<)Pb828*XOK3zhS2gKk@KieQ$pExPp*|uxO_(ehaYx6{h}|N$yJcFlaz9fdBE7u zwlXGGawjsYxe@FGPU(R#dgUc&^b5&LIT{S7Agne0AxU(6?0uzkf}L|8vu3yqySIF@ z(XfXXCKjNK*?b2GQh9pG9s63hnMpIntl;;M(tny#P%Ufr-GIXlOf4Ec)h%~8y&jRJ zsjiFu)2K6a-?Ag@xm}96ovIH2A@Dk6^3q~Nr!4n@pSSH+thF6qL&^E9t%n7L9wPCC z2=?l=a?wM6yaQWe6HTn)F90JCB*88{d-OYVHLO#pj06gnX#BY*bt8+O_Eo!Q2Dhx^An9`Yg%BgN+dS_|CF|v`b zfB9lZPfR+CKYAb8=#Tyu?Pb}~z0{_du-Vs)WM!xF|U~iq4@u4^a!&fxd2z6Ln>#Yi zrO7|kf&Xx-O<&0`2m$+6E3ZORfjr^O4^dI+qo;#Dw=E_tefMEYWmUbM2X;}L)tT8L ztlU8gl7nM5CA%mj-Lf!VD*RjG8;fqAXWN!*`!>y*(bJf_zEkmIC#8>tnn76v@UXR$ z$y~>4>}U2wr$;xh*Am9U9s)?|M!U@rpdp`t)|}Y-R17lLwlf<8(gUiUQsM`-J{w61 zoZI`-1HNVz6DAcP=TTQz*SUQg>ZAw{4?n2L@5E)xfsD!vDxaC@`BCEFe?87UkR-|Q z_gl2E(RX)hF8Je<%8RYF^%&Kuf*4sj1v&vUW@MU+PBkzs4>B0fDf#eAxp5`V`3R(%FFN_3ofR^m;b9dyBPhR^*g@rSsrVkzGZ2=gAr>N zmjq8!XK&d}^kia{SD#>3ODo3E=Orhb*HX3~D?l^;=n|AOdIMGTP}PpfPDpvIs^iYW zDbCDVCkN#C{N8wwm0FB>Q6foO72A~3iD-$`gWwH}sFeH~DSgwXr|hXCC#F%WcRSy1 z;kfduD&Ah-S9c`P<_`A>y%kSAj}tITc6nK)Xck5S#6IV|2-eO9@?{}$U_c9){(N{Zhb{#S76FUze{3X|6<%vJHU9-F-iG0TC$vCm%T~BG^>i5C}Oq`T(ihihi zd-VrD{+#dljY28BRJ0JkVX63u*X%yMgNc{?ywH=S%{}div~;8B`3Ru7KB>XIu~F5sogdOEp|Z9m^1dk$0~ zYZgaUfcEyk*IsD?RdX!s@7^zA19%(BVs?}36O{sMx_zL)!|oFGySlUUyX-Z9TxB7W zhcFmrp|r^1{76~DsNy?m1+$ZamSP7%uVs8BL5I971sW6MhREk24OpWrx^% zHF{&G6?15r(Dtkvlg8H>dHS71(}9SY8ipqZz%xNvUqdvyKPk0quFTjAp66sAJs~S5 zU@{t(@^ zy%PRv%1~F^v&9NyONdB6MBIN$6sEAh$=p+JPwlL3s`^LXzy#_V*UMQ7jTAZ_HFnS_ zDDH6*#zTW{0Nx3eMFJY`qGEivnv3!gT~ezqaH(Um69=H+jUEbu3VwQ~@GC6Bmex#f zd>4WeEZ(=GX4frW36ChJ8&G*-W`m$2PdG(POcr-^WZ}V&4lnPm*bcimq(+M91;^^e z)L=}3zTVo=iRoiEqq9&xc?0?EtFKct z@Q5)ihCtoh-u3XVaB2#L=I1*U`T8{U$8TAKhr_dPA#c`hZLexrRH`66uJ*)lZ1$Ie zUPC>kM7j*;xZiv$YOt81Cv?5-<+saEAE(A$d{DHrCg({XpfP|tNNDJaQ)(30mX9Ox zj&oLHRFI8r@%%s^%V`iZ&8AW!d5oH;XrcXRU#B7N9XX@m~M5owQug=CzRDo=tvkjX!JW}D6-t6z%XrRELE2q_30V2n%P zCV2*R=QUD=&!2#8uNpCfGF((rG2PO|m1)yf3=)L%@{wIGpKnoCHD_WEUMxN5noUD@ z3YvW^S{I>dIvz%$AtMc1ck+yT7}^DvL9=T=V}M`%QwvaUjSg>W7jRxYC^l~is6`ph zO4~ocxCwD%R5cH`eC`9!`kHv8Q4wr6X6l4)SMM_5&mAakNMWsT(EfA11`KcSy%9Ab z4*SfNBpJ+1Op_D-Zcd_Qw3Ui@d+46%XwRCNjYN^UGqr0qBi)VFYm+onpkf^E=PuS& zn-9k9oZY9xxEiT!5h!i5@Q zAKQ6wR2&yaJbcZ@s%Pfy!W6C%%{2|+I9s@Zkl@JoVJ`dqXo+-c2oT;YPTHser8D46 zsuXVLJ1kUtfM|K@>f+QoJEjJ-PAY;-aL9SIYPgRS1g6n_%?bC*FTj?Co~&hCf9VcX z)%a>*3MZ=-oV;*Gdgr z(01T<_5(cPXj$`XED{cI02GybT0B&Ze7G)erp7G1h3{dK;q1$BuBUVN%(za?ga0V6 zd5)A`p(SrLK~u7wrbsA=y8ljm$(_5^RHY-n)S;?c{GkVRtR_KMmGs*S>rdP6ch`7u z%qF*4W@$Ryw|CU|ydY$>WK-ai`pr?$+Q}h0`HNchdh9&ZyTKsq^`N)6_nLfqjJ-H> zYc(rQhz)e@LCvj3!c*t4-i)b%afC(2-^jLhbd2W0JD3>2aNo`wTdO3>*bb@kpBTPA zS!CDmw1D;kj-NBQw|T)mB~#y9ilM4%YEC6RhHdpV^T@+uw zq+?VoANHF2<@YPf%Ak%kKDF*zVK3bevR6<@a_}cRId7Gt$;irHIg8%;vhBwzkU!Gx z7`=Zk$Hd zPeEBANJgsacc8k#^XCi9j3Y|Ud34ceIO$CY4M{vN@*Z0? zA1R!bDj1UpEYOlGq#Hh zKE#8sG1F@dvKfL9j-h;bu~de@f9+91j`Iu@A@q)8e4S)uG-Uj4!FN{usS;ke+I#y= zv-|xBCtH65nmrXN0Ox;URZnFSi*e;Z&Zd)5^Pt$%zAal5lkVk^a1OP7dDFefaVmbm zBkN#i<7L{S-|?b#PN+G`=Igiex!z;KHr=ms-@S`SPG-WN8~9_P7<N< z6+++4oD&_^iEcgt^30-j8to>^7zO`{l*v|5>)7_+y<-fY-SC27)V3cACcDuv+ObHo zwHjxd(0L!|-*SQ$fBe?>H-cwi-(ciGC1`S@!nMJl);J!}OR=!9@Ut^4Gc$7%Cf`wm zeTM{urdg<=u7S@>XRznpr+25W6ChfXh>rY!7?Q3@Xw^<=+=exb~W4Bli@$3HW%V z*Zw)4=F%(5qYs+nocAAfx~CM?jT5qhT_-4O3Ohr%-#C0C#bRbS2hyWp$~Q3~XO;ODBzM!4rI4DV3;m?_t38*Dvn>Ya8AvmFa=Y~tkL|7&ppk)vA zJL9>5e&_ZSiDn8Rf#_8;Ov>PGUL{?1lg{KNC#$%IFw%`xnnmWaYeo7CPhDjb<8Dm8 zS5{|XtPj}$&X#6T+%c@NZJ;qnK%mfTY4GVI^U>TtyI$v95O=hVo_QzU^!B4VsjC;* zJp9B4^)guc2p7ou8?p#{SVN7qCt!NIx}e^yKGjKpD5b)B;ZWnRC)k%9~^ zpobcVfC{v?w|5~BR0X25P#CWYl7Jl6JoW_5P5YV50r_@#E7@BWbu)Ki_ltyGhV(E2BK8`hYb5g%fA%F&#BJ;-Z@_mWosqyC7-#u+2S|Vqlo;JGQ zJ#A_7;u?~+`cOL#u&T_Q9B!8iW3Ydan>*KdB?tS{SCAH^LM>zK3yd<@FBcrO!K>7{ zkc~h0oKLT*I_Lx{D}_C#dn*)b2$pr#h8plzPXTQ|D^2daJEU##rQxYC*!Y|4d9A6V zs|%h}k1X}@(7ceTlcJ=C2^je1jYVxx# z)W<5qZFAJ8K6BK^>ijiB64Ov54Bz>&kq3^@eEISPG~3#srKE6$7g-RzFc!1G{>)R& zwG5U3L0WRq-2}W;W0YrSI9wOB`}Wmb`%@J3&LBjH$%9IHOUfFFc{Ib{Op!JGZ8~;8Of~M675J6YYFai7zYSB%Y@pa>$r+OA^<3wCQSlKWSyz)|jeA&VI z@I1}bPF9m!Q@Wk4?b)ODKQ6FqF%}^a_6F;=X<$U&0YLtg`q#9vS8X{1(7K**BYSRc zE);Uj;ivf~<4H|J>1Xr97m_Pm?zzf6+?xf>>49wL5#6J-am^>fi>)G~@74zcV;UYF zhFa~71?fSnJ-R}Ci$;Ze>?KId4d@-2xK^nls4{dE?Ts%1(zeA?xMP5 z#k5Sc>67dWUW+8MgZEWt!=w&noqIDRX9k}Nd+$8y*l`8N9DZ%#aH07RM+FiFGq7$R zgfznA3^=N9go862Q{o8wWqa2-5s+>Wx7}`jq{$!J$R`fkjHN;QyQ2s@A+QdZ6V ztVCHD6PFVe8Dy!PwZq;Lb4!=z%kqw8JCjU*8`(e}0-}zLdMi zAZDx6+u#3Nodc!MlWsX{^Np+os`F&WLC>A;UU+1i;E@2BipUfD(%m)VMXiP23&*khnP+ z-eT#hrK>%#JZt$0ylid->K~^q{g{nH+QbDn7HJ1JecP)Qw(ZRoMZb6f&KrPM{wwH; zs=`tfEC6R1Pc8}pRi}wFt5XeAkl%hP&|@`1CjL$^eECdBsDDU$H!W*ME@Uub&nx8p8nhZVV z3;7ITYedG}K%p6vUqN0TIM%7MV}RcMmKRcm3oM3?`w}2RCXyLWVefN(T!7BB-g-l; zLR1OD;)%;pqw(;_h{fhYU(vnIc>VYGSNVf=Zm(cD)1TKPj zoDoOnHbCVD4zbvelnV40OfaeHNi>CjOtI*zY}cCO^&r1rT(PmOwlb3r9i7{-47{bR zjNFI-T}5e~_bqmw)C!y5G>K&E79#1>JE~s!gEPoZAQa_Tfifc(uw|3_PT<-f>Lp>H zDFN5+3Ay%yO>ykc$N;^E&a^$_gbt<07PI`JaTbEGp!d9cAi0#*+@Ys`aIoYY*m{bY zjW4yfSqzQeasZVVP;lJ!J0eaz&_3tvhat6IomtSbBfr;sTd}TIS2)AWUe5(JkiTIJ77{Wgxx02 z4H-Vux21C9E;vlE)m5(s4GxzsXUM;Xugmv62j>Z{=lU#Ntqe})4Y3Nkr5izv!Av}gyL>L!B@Ckgt4HTtv*rQc&Xz;x&nKzQdjoMEz9rO#V znke*SIjgNaAshYiX~|l@Zug0-UGFzP=RT>PldZ+FuRO_~Jwlk&cbHs7$ke6fx*e#k z-n@jvJpoYqUquI2DT2c)P0!qnmgb2QP|j#m@bt?^d+H??q_3X7!~O6R5gXjYSyrs< zd%&2JriAp}g0fq@TLsQt2S=$C2rE@u%L`wXt zH}hQ$GvGv^{51p{ZuePK5!2<5GI%Ofa3m*>oaDXcYvOL~HTg=?eEJii zx0wVEM~Qw~R^R|Qj&(4Mh9_ekUm@XrlBbZZx}z(*u@q}rbiAU%B#}>kjW37#^mR zai!LNy!yU}hli)-mPlv4Yhmj%S9z;T6RBJOnT*ZpeS6uQe#}#DLuUsW*J*jnaDG|! zaVwt?>upnyR<$;xP@F^wO*RzDz;j!SatOrf$xmLy+#(W6&k z|4ldkLyO1GJ(!8w=4Kt=s6X=?D{9BCGk`qi$x9-*`V;c=V4Y_|6tjNo5LRSX8o==99NBz*ap*jTK9F$%7?0k4 zu1%aS(aE?3J!Q%3{unoA1`5&vUPh3b4d7&};SfuNn-$;T#1b$W5ehUj$~q|lr)9z- zh%GykSsg3wY(G3#=g~ZF(Hv=yqRUUi=`GM?!!uyvd^-8K+!O(-gi1hlL_Qlt;`%*e z8o=E)-R=ey@W;+$Co;EjdIy-y`v&m(9IIqI_PbW# zsoWfxFaDgfg;KCOw`QKD@@6=$M4yJtbCNL62d4$kP?xVY`5l{fU$GaHf5&))RZzY3eG|7uWN9|`{C#PI|dSt!xH3QESU=@N<>HozNd z@ZFckjQ{~Ui2gW%25<+0k`Ohd>kJZ>_Xh8+HPAT?E#PFHkRow70i9i^`-tN*7>RP! zQcmTlrKa&$Ec*-}s-FZ{eU@Nq6rZJ61wEq6X$2XxN1;zs46XysdX!+LxkT1q)Uq zP6qCE%6Jodz;o|(ZcT=s zkCYR{9^H?bbFTglk)0A9UMtztg;N-Io=z!CR;@NHHrj`IE&|2BXF-0YtaCK}-)k%} z1gyJFVdQ^~*fuDA(JVN(=6%=xtBO=1dmU<{*I?q!Gx)n&FaPX44Wv?{1@kL8HInns z!-yaPmmCUGlLX+jo;(Ubx8QeOfM(wbOq-m>=;gt`^vW0<@pD)!_HOK7+r%&sTAv;J?%4)X%7WG-@e%S51^ z(@wTYndl__(7anXDD9natv85UuA)^8}}m$s*K1?(= zWs0Ytuq(1ME`x?ISP>9jQM2+Q;LlARU>Chly95EXv_>#LS|4~xH1N&$>7R()XTQ7* zq7}@FXj<87)ZsZ8R-_Ll&Ts+{savg)DqP-h7*fDVz>LYrpm>NGYJeGPS=spz1EK-% zI`plN0S0{GxS7uU3q%+MTiP9M>AUH}{M@|o?Ejrjz)pf}3K?L1x{vM$@hjVy!g0v5 zbiq4yKlDRGp8m*@sr}8ms_WZX*U(FnsRY{eBOXk&}@107AA#s%2zqy zm@We6NfIy02R=dORvdtyo9!C#1V7)Sf5JYr%nv+qpd;NA_A%MLJ?*oG4!buI8`96hyzX&2H^YwaPo6 z+@AtwO92VJ;K={?Rn#z2kZ`QvRjS7;XKa~wLHWb0V^d#x9tc3R21b*+)+K-VDN z;NwuZA>+mbar+;JZ;`bm-8vqp1bMv&fZzvLGcQA`lLuSA-~THc(&_6d6<3w=H?x+ATj;<%Uy z^ybmA-Ti`}X~*Hdp{d>~i8Q2S!N4r*@6jE}f$9(RduG6@zuG?shr$veqyUH;_)~+Ax1m_ zj6mF3AP4XJhhcJF4lDAXWxGIXpbgZ=W4R%12q36g&#JS6TlB~wjXvS`azQJ-4tyQi zxFs<5n=U{iYxuqJ|1o?kaOdgto(+H&t(X_0&SD4pD*$elC;|O#>NA9x`1ixGZ|e9`7C)~;|2GJL0o5V>AF4z3gnjEs zRsKTf*m)`imIosTn#c8tyr)C&-rdb^daOdz_8E6o$68w*E za_|It#rm|>!~|6o){G;WEKo>L#i)cO$CVxVy9>ZST;O~I;dtvpAj!hAd?>K}!|({v zv|3qI`61vG2Rm?@F0JEc!FB$ImCDf}zDD08NPc zENAc@-aHUzmk`#_Z`inShQsQDaHKQ@bxJ|BE{z-E_&KbA{qPOGUxL^$_zyumFZG9f zIX*!?@HqL-A8!Mt_(jDsRO&G4F4ZOvJghBXicpAQ73n7Kz7?5y5fMB4{I+uEEp^m_%uK{yGQ5jTXohtC4q&c;NSLaZnUtoXa>JP!`c*yf7yHXZ{# z+SD`3@jB6e7FsedfWW*B7p?z&+$2y9sFIa=@y+MNdwZ3({CG9M26R_SYr*>iU~%9B zDzFF$%BuqZnsBn(5&BsLpl7a(MhMzwgBhx%re)C2+#ot|TcDU$E)X; zpr%%`UWyjV{iExB{~amt!Ha$(oxgh#CjsPw9+JZ}^=;Mk{XgDkG6;GIm;%e70F0wQ zSt$q^GNjjJI#+=Ixp6#8V_M)Q#=TD;&pWP_W_|qe<`K(@!E|C$U8ux?AOV~sxd#Cx z*gp)@gJesP4Q>L#Wf~xgW3myz)-ocXZ&KD4K*Bl(UP6?n2npyPlA%k#Sf2TsY~vTG zsZ_h{d9->h@N{nCF7)%y)ze-Dt2d8)bemR;5cBLN%cNerVCpEu%$*W*Jxbz` zhR(!GpP{ZH^X~jPdWyDa=F{o7LJ~nLm z&%?lhx#awIV6Q-kq()4Fx6IuF8j(#{I0AmQz6H|VW7f{#eQs|+a@8F;-~fIWJr8gn zQ3(Y1E7k5S)E%;}_`6w_W4ai>&*+&kmuy4ci%+2Vn!dxX^WC6qdUiKIkt3SKfO3d6 z>lPkS2ywYm8>(Tjc-EXegI*7_s$Zs*Wn_D}Fr>!D$6s?z->I*Rhh9w`A`T%3jNGTm zP!lND6Od)LX!lh9^Dr!suyaqC{YFCRUP*DIlQZd{jgsk z)Nf$)T9$3);q-itOmTm>6UC~rMaBE+T*YM5gwsbn`%Aszm-oAO`X-+AyB9M6C^)@6 zIE+^Q%;##>mQ7h7B1k)4wn82bLuT5X17z_QfH1W(XbtTgg!6;&Eh{|?h3`p#WG17d z;-T=}0%X~emE{0UuLDIJ48sCGm@W;_vh+*Gl%KHYP#zJ4l+&U`)-__a95^LNmkt z=adAf$Lm(Y?`GeRZ*i}=4M+glC6G)b18F{FpF==0LrQ8skfS>e1R3d!AP16p1_b%c zp`irY_MHLA`V5m$K6Ls*3ryEix*`KfOb|>jKy^d=ezZUnY43BDKwIEoI{V*EhX)Rr z`g5WWqeCG3Nb<25Fxp)HPPkY|OJ{s1aCE>S2+}5m0We$xekGjx{SJ{tH0-(wBx6!CS!en7^Bz^T~u# z?zH31;v)gOQU5yEzV{tBR6p7u+&+o}slW@TI+y+BXvuHX+2b5Ia)|QU8C#|-D`92V zcWQk9=R#Yl8}sd-K@b$*mN!eq0E=}1i*Z^0t1xQdPKv4hRBEx@7X9+}_d7m@he(nFbIY(jOgOY%Vqs|VZ>NceX9c$MI2Yu*> z2w909u-$=?e(-@`qH=?9kw)%_xeo0SpPmKxWrB7 z7ioYe%g&{zA<}@d={Q{5guKS`-w!te9c*Nx%!jZk1m6slZpc6?%MVD)Lm`;JTb=<1 zJ-h#^1nLw3)7k%S`td*+HuxpFnx;1aoVl%;^I931)t)#pEUu6pi0|v_fmYI=6LZ2RUkIG&AeZ9BM1LZ z(8_NjfLK9ak64yhF+9KSZV2me^Cq&dn<++VcPY;x$^a0y z0@e&N(qEv~4Z;VGOb)&d*FetEywsDxJ?lUTmyQ91s7I(#XAG|6*pZ-fr#qM84O-tRY%koeaD zWjBH8+?*(H2aeUQ*TzAcNUn7TvuE zz^IYpDcMwDIOMo0DRmGQ#MDdvA^{&EwO9zGg1>i(TU{i9zmuA8A=gD)wV{(LJ&4$E z#k%Z0ddwRdOmhUUcP%k9$@}5xg^TraVTj-8VHWRf`~0oKovUY?Ut$x;%ei^mGZ>Q@tY%I}Iq+?g}9+$sEnL;{yTw|mbi zw!7L@aiW)&n0e6O0Y6K{v@gDa`CxjOVz!}9Ue?u>t!wY?2}qB@KL+Q_`9Q9`jQ0bP z{rAhG7cbDzbus7Ft55yugklH?ZX$pu%cDePw*~ z-$@6>^@#yjH+OALs}zVEb^4EY3R~)T9}Mv?%}->{?>tQDYkO6;QVUkaHevYYIq=D4 zf|-?%21uDmum zLZE#X4vA+5W$nnmIG^lk_PbyUL;00BO%BrQFE>Rari2@2-z0lYYzY~EvD?NPf z3*DSaj`O<6B6k?aK%sIh{)L+G`K&kKF&S=u+F_7j!`T72Q-JugP&Q)ATZr0uuApbH94NS zo$MiaLn~hL<^C%vg{`2XXO&e3g00%Xv9Djcqx}wKg{}q5a%=GaD`HFGY5-#t>pSaR z0UpvzGK4M#P|{K8-hIHa_o$yWBm*Z{75CHivH>yB%lY{tFy=*Mv6PzfOLO?3C_J8I zGT)s(adYCYKKy)3o7lMYT4N`^K}aRTn`Nl1?knlA_E*n|lB4V)dt(pj=~$Y4bH70? z3_7}Ssa*QcS6>H9c-`<)&5PqNgWw0hc#r?1vhhd$c*L3IZr2neYG@Zc9d&xC3Sa+B zP`bX=K;*a7QC(IQCAzl}M@PGK@x+{}cJ+<$-(H)x2fK_fpI=Zk$eJ@0T~@7Tkth2T z3SBz{YW^@bsvuU139I}$ru{GAlF&aHOOZ8i<7$Jp;GQ{%H;V%XTVjjP{J&<#_aWl^^~o-Y)p4qUwDk3y0@2-&LFb+?8~V zJtCz?N60pe*mT-qdo8EDZEdPSOa}jd3zL1HH?)J8*gDOt!VNaO z^Im+q?=p{m3v*BEY|Fh13>FD9B-APm{hIsX9}$&)%I-aiY?8c>P&`6L&4 zLjca^$#RK35iXhGYPD-KF>MC@O(NEcl<#+Ijl|FiqD*6zrkI>{>A2S+VEET0K`2cx z9uxu(UHVTQ@xQ!$1W7ZRu>BKFSZvymV5>9;BmrAox~%%q3YgK~CVS)>NMFkWEL;4q zd+FA9kTUj+!n!T1V9H!_!@xi;7iU&U>?4*!;F?kd7bNsVEpcbbe(>{kAb|(RKR$^P zvHCpC-pgY43s}6E>m6WJu7T7)gcqx@RF&=p2MuBDG+uCKMGJ_3V)Iw&Ph!mg_wJcE z8KMW@e`o>lw!uehiR12ILUsygKgzS6f?he@`i>PDL_nbX%J$mp4eD4B#gflq*>eZiGi3Pzw;8smlSi9Law~Gx|sJ_!*QxTU=mh z{|^|^{VrtipTxcw%*B99C+MI%*eqD>r;N}uP93}Oxi_c5Rg*=d4l$&IkK)TrL@e$_ zoQFw6_sE=OC7qMZRd@-Ew^&*_6PRfkB4vYu_hoeVzzmF zqbGV~zI%mo1p_>*0p#u*;WCAcrdyO(;Szs{@b4hDe~){+#ezu>fpXyxE=w2;9jGS$ z6h?omCcqcwtVI2P^Xyi;dRXB=({KI>@cnEy|D;_-EXd`G?0(*0l#YujILt3f)K-Ia z6S1lln-%=E$FFm&zS)FFH5Fpwg_!}v`}5$R0R8OsqNg7G{y9m1rFk5LMiU-=)|W*;*m;jL`BaC{Z%;x` z)@CoT;K5MtR)L!TiOl`a5dFI@Wa)%|=JEX36qd7{ig5P31i$5u=w$&%IiOwwJpi!l zUF;;#5i$NWB>xqzFB0*M@}A9K#FNDv0NxFlFgQ|#Kl@VL4Yq39#jjl8$z5agODKIw zm&W&kak17a3j!dA6*1Pod!?_{6mKmm6g~-lb!(Ta_Mh9gazHua_PXsMpsB1p zv->}hoGjnV&tlK`dyM}_z9#?zj;l3mUFSqy%OB+eJV`H$HR{%5U`_6iePYF;KaU^6 z4c79X{K(F3>HTe}dbMegXBmVDuqyjNPsQ=hfc2k`02v4isQOP};V$;Bc|)u7|2!K{{Pu3q6cQ0FkojF(dsz?fq_%*-^Uc1+pvNop~fRJKvn0o~nyM7fg{HkVS zcNV~PkQGWiq5r+O{XdEIr6rGClHh+!GpwY6Z}tSv8Rl>MnVc6~7+w|_X34QiSza~1 z^7h{YAb>b1{@^1$;!LX8qA_i~ui5<+f!B!dOA3oGh~vFqSA1vUMxNc(H;_2w7a5jc z0zROR-)VyNB>y5R|I5p)=zeT9@t;EUt4yy)HxTHp2>g-Om4Z<9ci7j@vIUJD1ibw} zt9Skey#9p1m*=2XmOnO-L1w%}^rcT0*yAE()jy@aJLkJozsA~WpGmbrMErQB0{hf> zc*8iD)6*|OxIh2zhNj-j5#^$fP@5G90phG$hyR*VsQq8gixVj+4J=M7bi^@L zeV6QOR?7MO<~z9?q6Gw4?MVN)OGb#SO~~Bs>2Lzf&cf-<8{T1#F8MrACoQ!GnAhAz zhx*l0wGl+|tQv;y!H*TJb%+1mN_Oq__v>!l7{WX2ik4#;xUT(HN&2h6GGb}1;YQzz z1R~DP8LHdfTyziH8GnT%RX~{Aa`usY>U)<^ILR&2-$Lel$*Sn9ls=h@XYZ-s4O)t? z1C?rvhGKH-a)=qop+brT3FrFVm- zWE8)*9$Q%`_bjypu;Jm!`Lo=wf77zbDmPNJJdU!<0Bevrblha0Q@cQeL6-Gy(6lJ< z24@5lO;Wb8bz4vNGgWRI{(yyc#W|@E1f0fv5rkZi@-eRZ7YYS$o!%tLXX%%4>R6{h zUge=@dd{_f7m4r+^2{AC(T`(LSC+)CBFOSQl`!)Umsii5I~-CNd+xlEop3@6&;hKl z^ZHU&K4%t}cCqBud?C)P%+SRz4{>qccLyc413fI@l)3sR+(HQsvY#lNGkhf-N;S21 z@A4}c*DU<|3>sXZWXjs8BQh$}HuUm38n^jAA1Z;NV#rS;1$M4jyD`_3(NC6J!-8-|ol}wB15Yf{s4o->_bKF8I*dMS;N$YZ zNCsgJuQFTc_Stc29vw~n!9LsHO1k->b({UC;k3%hg>Fs!WX{9B3NxKE-_VTEs{D$p z3hkke`NJ)D>Oi&DUMlM3?S6PedTZ;cI9!rJCm^D&P(!?fJEem+yp4G>NEwXn7U)xa zCPL4nYAy+QiS6EzyX20dX0gP2t))(;(=UaB%CoWJ>S`1tu-+J91`&za{N~jPVAKR- z#S}$xNKRp<7ck$oo@fZa_G(c>*aUJSUURJ=s7~SP+oG^_a$Kn<)z$htz`nE3NsnWR zb1u*t#YXX4943&R-aGciO(LoIU_st9O7yLd4eK4JAW7C4I8yj z$b|^H0*ygdmmRT8vfatYJ}azUzf!sQHLoFbDPR1~-GHIqk>YvxXo#SL4>ks|jyo?- zd2Y6Pc!u;n5w)?B5mF+B+cRYm z$9hIldwbq-W>9W=5O-dFxs?W~Cii%H*xJwNdJJ`0h+liTx2S18wc;br2Z9Cztq0vv z!cv&6sV6VYTKyPw9T&*V_USl#7yUJk0K?X}S%m)nC{FO;H{J|j+?ZWjBic~kM@#XP z0H?lV<f(jyi2>*w0yWR-o{ZF6pGk79!!6`#m_bRm9W$4XW&wP+;} zB9OT=m|;(z3KaJ!i)7G+06HWUzFAzaTTk)e3Vr%xmi5ANz_hfPHbFzBGao%MgqPq2)-bQ z7Y1KXtn#A$h~?@48bS#ZB|}&t;N~%5~j`zcng_Hu*Jz z2LHr}TEIp-P%URGL%&qCYer{qsi4}WRCJ%9ID{`HcH%Ozp8w*DJk2&0Tl z*hme-J;MOZSl?PMbgCa;m!-X0DLsi`a!hAK=tdSGkqvmX>#)Kmg)f2TI(c@bxOjl@ z#V%y%w*BVk>-HsGYD*=FBQ|~}hg6)2`!lD%)(KRuRuhae%2srTFsEV(vmW&K0wh|1 zG(k{J$&;I%!V4gRJHl%;+|pACGyTlnq-c)Z(WIO8$JQC=BF9c=##+O9Rj}r?+YWR)=(*{oj`E8>6?5)7JH<8oXLvIZpV#_vwZcc8J1f}fiKnIFhC zj&23SgL8J*RwiBgbB2I{Bqllw&(+b7p{dtj69?kE0U`oPcdt72ud?fct2;nuM2!Z* zhy{V?11J@7+{B!Ushf)X!WQi9_`G2g6MvB0&EEqTX&0`A9U;X~37M1rZD&_1n4%3^ z5Ui5?jKvdq)bWtb5hOQOXLU5Euh>W`-}~VBzrnCPt-0C61kW_sYKZ-K z_CURQyr!&t>w(-ryW`I$bXHTb`A0AXI8M(h19Meu}E0^Oi1Ae%*Qs@_WzqmXh@{O(ro+205xwD$t^XI`#EK z5Slv0e41B)(vt99I}gCvWX}-ji^_;^>cbDh-G*YmtmE?Q4B!XlpfjHvxfEtP-uS!_ zDE2NJO4^_e6gW9_Rzbp;u*=vL* z1Or0j^skHje1=j!fBAlkI~@Ak4Dqg3LI@utTIAB5mU7UKzBX(f&B4Fz(DPj`)A!2u zP+@@pnnL2+kPQ4}k}9HCh0m>@wxd4iiIj~iuX@&U*7E@xsAaHWS-1{4@}x@b&f?_# zY+|+~5sRRmvPMKM<`BZ<8Bw)FVrT6os)Z1qM_uf9y!h($G$<#00tH= zOL?eo2dXuab)}_vhtS_rsxI`^+E0Roo@rt0m+hy5YO`IQ8Y|P?G|06Z^)7lFzl)ZX zYBp&hiXwFcI5k=b9dKd&XD%xKTwLw5u@Md%OQa9wnJOx26ti7JTk%G~d`(W+GGp)+ z#E2sL)|7heVU+a0BMb}WNn zyIIA1zJKQIDS6Grz`_uB)Y-YK9sxQCEz0c81a?*8_&wSW-&(?cs2(N74577LyI~q9 zz3=-I_TH*QD|^#FWhCHpmR~rvAuT>{Bp55N{C+?S5+e8wL37KA%>*7Qe45v@?$hgL zcoBZF0JZb(VRsc?b|m|bjZf3;_+WzoG|eVei?QwfbclLlrWaNdu4_1AKCylh;LE-U z+^A#2O*6WJCiA%`vZ+Dp+dLzjG7(5 z^=IK$IxUvYDNYG4?{UT9fSQ?pd6C~VKE)t)Mx|CRbA76)fq$aM&+a%9FY$mJHB*Ht zs6ho_i=7|NRG@{tYKhGcNw>{q16#sy;+M~7TQxVj+(E%N`|Rs?L&RGh(XSvOCs0-V z;Qsit7$Nw2n_PncVvU|5tV*3cU!K&7z9m;+KG(O!fa94oQS{#2j8Lof<-0nC+am)Y zWvDa;y_}))m*F|Zb%)7s4g=xOnS>_WXt1DRvxc}NCoSgZIPWkiEe4}7b0#z0XUFY* zp-YaKc}mdp(o0=la$W006y>)0-Et$6V6KN~*W&{mV9ZGbVmH9+G=DyCQ5HXI$g1?Ih1Og+2EcwR*D?zlJEQ z-&5T@uwXm!HHgz44_dWS$59tTU7~Z@VjcYwHEnJRc?n65D{rIiegJHp>oNIJ?%G6te_tI*@f7?sIlIf zoshf@rT;dQ5s+y-6L0Vcrx6}jv(m3tSGv(88oWgt%uQt1$7&NM8;^)+JQHa3uAJTz zDdHb*w}tT}>(<9>FYkx@tdvcERVXwX9%}z`Q*^+3Ece4V?WMRfE2=fg;VUiprUiVH zsr+$@a^1a68C=M`*09kdKZFDr-2-{ zp~IH`X$sDp3j{MPR9R1&w2d=+GDRMh4qGkBG_hSMFo~83b*-eX!s_3-e-lK}SA<{; z9jR0^?Ul{h^SJHQ!a{i@d#`2u-%%dZG8=sNxZZ1@ElvD!+E!X8QV{e7GD-jcFuK&Gd9+y2pM8x*K^>ItKYV@Q+2gSJbg}~!xE}A;?7gr)ujK0tU z2_)x=sE8JGUmbKYI%pVFS^GsZ{w1rT+l;fFs& z(TDUvdm5^B0IFZR_Ds;e;}o9m>Wn+Kp$zbKsTae2JbxhiR;2S*$9DiL6-I}X+}n7+ zL8-s34c@yWM!MavxGi&q7OcK=FSwi`9SiY|CohTE22bCAL##a}((zo`c`oGcNib_Z zlEp{NbePYhZaSvo3@v*=k6J`;fo7zMr;M}8V!yx3f6$edN^)kIL2;cAL2vxjJN@B> zQP*rfp(LgI(?|sErUpG0n2=*;(5j~7wa*yYIYYSPNl^2{JtkJ_ z_lSRkptgnz`70k^%Fu2dPS7im4EPm#TgsEL6a=T0NCr;Ie=8e)H~j>MB!oC0MKv7c zRgwt)m7IWozM(a&z?R-(Bm$FMmqrs`LE@~F0H~2p9$S)0J@X*!uN}K%3>4N4pWZ;l zk{N3QnRG=89g+$CmiY%E!XcqYCHy)^V0wB&cshoRf^;*d1wvoc%#A56Ev5le=&=RT zhq2D$;&j4c%)^Gl25#)mo%QZtd&E6Xn;E+IjN3kBP}-u4XUaYX>oP#wZiGoZtm2HZ z;--RrYPz^ZN+3o_>w6D-uNy|%!)E-zZXk<#2gyJ2Ypf>N<=spgiBJNm?fA4Yc&W`U zk8my&{ody{3R7iTl4Pob7sGPJjr5OLIL1Bf96_4up$_B%-k1Pvu&ux56Txf~85yqP}_|-TlY4GM{yRC^JY({MdE<8z*^ZvwdN9(cOEGRD?aJnU`pyIe| zIqyEZ-QSJvELIL-P)+rNr<^rCGfhWg2YryjTzCnY>=30nb#XQ~}XtlTY7Ts&MCE=doZJX1@Z5|560%FmZqSZ>ub zLp(Zdk%hN2V=7!tJAL$9)%-jA)|W>&z9Gg-4I3`-@?GZnrnAwhG99nIx{p_}Qh(I7 zfsd+)5mMgPUHcI^J%)ga-?4T3IQ#gXC%}{tQCLvTPuCK{mF3ws%89r{UN?|fJ$iIh zT)OuK(dmR~(ul3`xXLyAb(QWjWwHC^pgEq%pXAaTS} z4$zgQzo&jpZgle|+wKfJoD)uFb;)79q$cH_rpFk>kOI<`hCXE34z0I0#tVlC);;`kWqOr(I` zTUyA9vujw0;=5C|t;gCfo-jT|8W!E3ZC0BFI)=QSjk2kTq{IHX@?-n{@MB|NMQ_eU z(>^nEZ#|)XF2iR<^79+V-#zP5`E$?owh&6Vppy1Iqq9&lngQ#`uLmdYOs9N72G1>ORT-0d^d||SLmg!h@z8N|g*c-c&ww5OH&a>71$NX;tan z{u-!Mp3O>pBol^ruxO&hQbElsPmj)qM{tX_EIC9^2=XBYe-#O3SXeyx{jp(ZDSu=m z^>kN=&A4Bb*oAlOz2S5{$%UT@jP8r6V)uB3T;GGp!lf>y4z2ELsn^C*Wr@OTY`$U9&^^|iKnP|(YA{))l0IF zW6$uDa^d(1UCH*)*gP~wnAaK`f|mqXC1%Vo)_c<;^-d*vYq)@SwYX)~zQ+vin*pkV zq*`A^k@xXamMZ`*Ji-yk42k{yb^B_u9_ejtTMj!24Hd)!)o^=_QhURe;# zxA8d}EtO;&`em)nEbQ2Cs_yrcy$+sI zu+9E*msk9=g_$&tGGCS%T<42%7$A+nS$C<-oGbRhVXBjEQ(H~xlw0HU`miQINmJrX z=lxcfA9`kFNIIQiJHm3#haK!t~B%`pu1$WXBmSD!4HQQ6Pu_=iN>Tb*g35|`1; zlu#t^Xd!+tRTySFW&}NL#GXa!?YOegW7t+xFvMwMMK2@l{wWb3l{a>PLp4(PrPpSC z!*|{!<}1d9If3;u)3dDt{h>^hG}pVCkn>>}`zB%Yg_QiQ)FTWyVqyZL1`f{FCEKjS zj@ouu11=zOBW`@qeAmKQiA!|wUB!Z2M%WSO?kV!5knKDA4U2Hn5DOn4bx|3h>0O5H zJ8ee>Y6g|{i*WxAKP!^qb5+hP0p_@Q1Hh_Ly9(omG8$ftBGZFs8K*1&dt=Ozl=BE!p-GRTc;jZ2T~dLm|CY++n7 zPs6s1r{$oGzO3*w7xe&p1Zk-h!9#}hmcSnjtb^G2|upd^;*_@ zCY0gBq_@%2`m!%Y1q@r};x$WxPo0!XHMg*j3Moi#b_~@iZ*e&`L;s*b3W9nLer`$# z7|BRpA!tUwl_A1!5L`~rR0AwQk2y&_JiZ-7Y}k`*2REo(Y*&~M(No%z$GB_HtTi-n z>8&wx^n=1=s{;j2T5f$SNyNi((U8TSiT=@dF5t|DS6JJlP_Yi=_Jpe5fUw;pl3>_~ z%_d@DVagx+@cdT9*qhQLd3!<&kA2-2Shp}84dEv0#s{x_RU2BpYlyV!%K%?K^(441 zk0ECM4og8$mh2h;&?^$JGxKaVQYG9ZQg>h&OS#ecbEos!(ki&5-T&FrGeY*&x2NCd za=ZB{qY?STucLu$UnF(~v?80=rMvHbBJUf(xDe>EgZd-k4`5h*N^2et!@<07P+Oc$qW)lzk+jcV@J1MCG24_Obf>Qfi`tM<5zt-EYtuZxB6c$j zJ)Z$1m=yf0@6>;dEBJ!|{6CbT_wEm%RgLcP%y7ZH|sYI6H(?%ZC1n}wMlN9B$f@qPLkPcHVH zx>fU~&oP=JE((|dG3*Bxt@}q}Lg6mW2NxCb<`nZr-aWn&9#IogUlHVo%+2GX+7`sh&ML9_%M8qO7s=IXmHkBRscN; zKVQh1ypK_ee*pU}`8yj_f<{PGK*o1#L83*o|#;=?uO#am=OW1B*8oLxYr zrWv+T>6i-NzrC1O$eo)JXr-}cY{vs(tfe}RVh_gnLN?;Oj|<2)7S1;%BW4=f`@Y=C z(zZRVL8v9j7(AS5^Qc`AgN#m)c{2qjylOnZFOIfM1x}sQS^L2;-JI%mh39k=T~_3g z9%vKrW3+o)#PSgu}DYQsW6bCLJ~hffO+9A&lfhI+K=wUnN)(B5nl+DWX|(zkS-oMM0t z^L3o6@K`?*M1PHESS=Y(${_$%bXoAT#Svm#ZpJ$TXATy$oAv5QsGfYk6yy%lpga4# zjcokbfSH*K7>Q%+i-hJ<0+F)UAmC6nF`#V;&Yh3Ux@Gi5!>+52Mab zFS0<35DRH3-ldJ4r02y(S9R2&n>`3wyEAbu3=I<4U;{exD?BCX@bNE~1#^NWVjyoS z7wUQIAM+}`RUE-~wT^yb^-@)qJ;Om&9(HS3u(nn;N}-BI6V^>}Wm4wJT@*P$h#Wn(pb3!~kr96a*L zy|7M=_A44MH0IGEJW+?rsP75uXNv{>cMKgrDEyRhXr=i>56k z;Y$~h2i$;=I(8dy0@}aIii33@fHsGx0t+{+q|B!#;ut-JRa#Yel~F%)x9;bAv>0Pmu{aK0!oU(vQgd)it~mh&u*>lPYdaXVr0N~qm|v)2vfdfqmOV8CXk}TA=2aMKwKU_h*Z&Dsr3tPnGHIQpAI)6;v#?<8s8Wl7?c9l zN@mFh@i3uBvRq4TK) ze{7~?FYz!o81ikac2r(2Gfl_cHWfv#BSgn2R~@JAJY9nEP+K-WpjLDF#MN}F1P&oL ztUXX6=pM~Rm%nCIyookTzar=9YnHWm-wDr(C}ZWSoZMgj`KQQ}erC^<<3@(mqjK zF_Cd(hXK8y-gcKXu`1hhy)a?70?}}CP43er@5-aJ8T`nmL?(h_~kl@cT8MpZoN>B>!y#YicFBSWCx z9zVl)ooIGt{iLazFQ~gd4!>sY0ynz}SA{E{7=S%>TPd49z{sHbvE~S0ywLzMzv)%|hY_prHWV zaNishX(iY_Iv0?tKTLBq+|^TBW-{}3XfXvGkXy!_Dk%2AQ~AoU$Vgq6o1n6Cfb@gI zxR$1#GI;bW7R8JdQ8borVrz0Ekwtbw9wv(|Fnr&U6>#V#q&NEF_N*NAOi%gNcB5Pa z3zxAODHMKMFvalYp!?$_?}@-25mud*LFw}VN45$~SPJEpcU_8CE^`-Wi85wU zb0+Fjleea_D^WjJqqlCeRTm=Ab>xH{+z)-Se5i8rmYCT)axWJQUx$YA6H(r@-r;-b zI&skDV`0=fzCG>Vw+ZvS)Kw5!rYW-=c4f%U76F-PCQU9aU^u0Xly&LB=~FeGXE{*l zQO~kei4AKYn}wI6qW)O!#w1*SO=TY{$pm~=9)wP%%+Z@&<)M$55N zH3Z`GBARbUlp~UU$#+0o&n95hT!1%58TFU1id?sNZtzhB+hr@*N?F5sJBsgmJ-tT> z2yddpmtuZ23e{OicupWa#Q`Z7m1EQiOzHrfT7#8Qt{HqG&~l-b*i0j%gKTfmPN8-S zF;@W?z+lnA;1R@2d0 zgSuRj;9#P?TIx3ncGQOQSR3MeaLrq>CIr$aOW6*%`K%L52~GMUto*560960jtK;mw z`JKqoPZq(d&dcY_?cUV>75Xa~8+P>5*2_Q|(>>*opMN%=Iu8uKc(aY`5KFPwR?Dho zneh&1o@{^bzyqCG(UMn96o&xq#^^elSrh%CF!hyB)!UvkF%E)JR`vscU=erodxdl# zA7(}QLcez`f~50A+9S8 z94TC5k9S)g2ZdCmE|bPvkA%~3Yk79I$!W+I+im$|kqt~L=ijkg)Ha*XjRWm{t-P&T{#jTe;0Spy`COMWj2|Q>LJ>))O zG!x0~R?u-@Sn_jSZhBy7<>F$V(8OqgY71S*_uJMzV~HL*c|tjCEizSx(>`8j@$+nh z57EA6oJikU@-}*LvE{<~;yB{_bc?sn6;pvGFTOPSMQtB_vV9$JIM&J%p$kX3Z+GG~ z;^Q*3o9GK)^9oE0WB@KNkSI_-RKNkY{G>M*kuCm1VPvcH4oLrc>{@Ixbzy<)MfdD( zuEvHLhXI-(8Q@>ZjNqz|5>3mrsfoXt zF_MTQ7F!b#IU%lRx^#0iWNVhI-4CgIg(Z;BAZA+3a0sHrgRDvS95(-VFx!>Rm%-nj zM?IXOqk|#6x8Q#^H$0*q_rBbg@&N0??6if+;SUxc8ozfF7;14VQ&d3XNEI@C?L3zZ z`74fts^Z*zRqvAxHGMzAtP$zl{5w{qXCHcJh{WpfZI0S<#F9N6c6|sZ(=R04CEC(_ zTEbPrJW@UDfmEm}LpGNle%1m)*ZqfH@(MA{W4OKo8>c$oZ41sv6vQr;yc?U7CIR_%}cVd#952LZM!{uqLoq;8-JSq=3?-=Ee9a@bqrrm}XUm z=)}Z`-~KQ&Pf#1`L@7;F+8cTP4c8yUL6 z!Q)d6M0g3J6%OzF_|zwhdN_i@_IRW?C0*{GFku~IK+)7@e%_)O5_CTnf;$w_xN@qL z4`k-XDdU=P4|FQFM_cqnSdb(oa9lM+Nc4rlBOr~WHoP*Fc%>69K`65cnhF3cTgBDx zd@+zrM(Cx{QagB^CLONO?xPrH_4Eju-`v(Gq(?Vnd%3B6B3virl4oZ4)~br5!~193 z%La6=ff>IRB8Q%w1hWgyyxxKzfm0{2QSJ!hh92+R`5@JW_;YPYTC*iwH3>o@r>l>< zX3t6{jaOYA2e=dE5ANguqrwW0b&)U%H<8@Zs$?wshI>2M*f*Oi&jQ6xKu7(W%lhQ&VaGseG!kFT%&gmB zOZ+g3Vf<8(J;;&ZckSBc50AL7?caSIU<#(j{0SQgey`IK@4q~L(t&N4;J)Jq`-#fW zb_>>G$s!d`Q|z5{Kh*>U25#l!iPv57^77!fr*fBWrB}Q-C_kfhOGXxrd`=&TEn?G%)#tz1t{j&*68V+{=%5=`WggR7w+e(#>%@Hs)O;Swhe-HuZ zpFgd|`ND-LYWTz=S)aXkv}3Z?z&HdKr>?_ar)tUTyPo1?xwUsxc+I~Zt|7yah@C1n z?A}ow0zB9+R)yLpd$9(om7mj7q*5jTfQ&Uxy!orn){*A$WlMN(#N@| zLptA#k8o!Hd@XAth9<`BpBKm>&(3cA_4`i$bjE>{A?}D5 zqn|m?8|`+ycVMvcve56zFWJT#he8CicC{RO!rz~3MyR&seRJe3$FU}(@mEndQ_Dtq zSCM=UGFJ{JuTHJ*t=hh_!&sepnRll!iCajvofbk+*yWmD6mj@N5;&JCi2n3P()YRc zyhlN4O8E56*#q^;mBYHE-&4li>^e>;RX0qgXwOD- zoLGp*9^yz+$i}?Fw9hH69J9^~Y}a2Mi@KYvscT!8zI#F4!yyE0u^94;%K58Y;Z8zx zocQITlec#}@^!!BUzxZZQrLC6`U7U}osDC_WYki?9noQbSQ`J;kMt~hucLy*ieav4 z`W)DU>(5#E&8qB*tVzZ(g(T&hF?L4dvJc)L((pcN^Yr4;hrN-?yIgI!CZNHs`$JaB z%sGE*wia?yi9vOTo;Ms`qc&lc+rbUvL-q&u!dLq0YC4D>;G~XGt>`6K9Epc-*SLU- zW@@e7rsT?A{Uvvw(|k|NzJ1acFA@BK%<|nkp9;qxgYaAb3tt-V$Lm)5nBDsL6Gs|D0> z_k4Dx=1&Rzb(_SEk#%tUv~ewu-mzqKM2))_u3>0S6)t7&X1w@jSz?rzbjoR=*WP!! zg7-l~5=L=a>b3oWXNMDevf+_WuM`bfvyHcF^D`pNp!8dp8lscb3wd8Yw`=C_daGtM z^JrICi#yE0O0*{MD)~)CddAs+uZq^?HX_PapPwYtWhNoH50~OXTg?l?IOShL(Jc`V z?u2`fCs(>oUl91oA+*c&=F?SADmW|P^#U7vl$cs24*A5a(BWhIm0CWv3GJVDyZd%+ zuOHcyD==K5awpg`ct0!ZK`vA=h=3F}x;5g}|IyDSggn(>aOu~6)Of(+m8$PfL+4)` znNkyl7IzG@7$o(Cu>7O;@YjSU(T{d$l%Dd26ZvJ|eN&;UnbGY}vrMzITUz5KwO`wr zQg_l|I~F%=_7}NBuP${4B-G@v*F~qmPvt+Fmp{3o6E3fRN61<6M?}gySY;jH;2sa zxM{U(;r7@>Qv{6|y`D%BdUOfpHjtagF;SDE6GFP|$wHVO}Tn*W3}MXpUQ? zpS;}Ue5vZB0k}rXyA5P37Qdut6~?VE-ox>DG%=Q*9gJ{*M+I$(7owH;#8h7@TCT1_ zPZv+w!6|Qeg16wgH5Kv}yIk#-+)#}=^cBBeG|k6RGU&aw0|6H2+W*>TMp>V;Iit$JkQPJ{8y{Jz1*nMc7v&bY4ak<` zExUEg6x;ZL$7*lt6n>=d#lRcom~U3?p1qMVO&iVLNLI4^M!U8nxn#^XK0$DNz*LpC zlNO#y0~CXth>-in{yjrnPBZGyRG~Ygjs+H%5<^}TQYEzfjU<=zqppySp7E|DebUP5 z(hlF~QZE=a>=aZL$7iS|9pvBb3Qb$$97nd6L&gpJzggatd4YUVXSfhFDo`i&DENn@ zc2H}-jPYxWIfcT5w_py$yV!3be!|)u*AcajNBQ$_p7wcyx|AQ}v2Sa@Bu(RT*WDs6 z3BVy$eRp25DvJ+a7gYOK3y^h=Hx0&aapQvYy&;f2e|-t5iP6MWjQBb28x^)XZMBr* zD(Lp?eDv96^%&bYsih)7{>N$^7nPUI+>7awzj550@(q47HTIQ^ zane_k4f!Gm?JnLsT=VVr6^VUC4oz1A^rcZ_>YfMwDhf2Iv3va#(6j!nR$v@xk0oi-qqJb>j^Vpr9W{EjQN@ia zJVBkmx|0&}So)s%j{$D#bm?}9?EZF+-H$`i3-}KCDd|MgwV*#qzwi}~E~PJJ$4dK) znr{owR(MY=_OI-f<=4H|`9%4YT%xzP0@!NcL&dD9mO1Sl32ih9e7<;+lUHPIjl;6< z-Z}|o_H5kbXB~G6IMu6WtD#*tgpd0r+dn@V21kyAx693PT2m@@jw*kOI=A;I`sVl7 zzWM>Hlb4?-{=EF;vSoE?kilzjEGnN}Ks(U2aCasha5&@nH9W3=ovwmahmyV?2z;8z zD|f=(FsUN=EWFS%ul#;nn&ln=soCp$(&lQ&%Yte3&z}>4Y9?2$fB3VH%bB)hHg*Zg zy|v+_H|DR43Sf`fHdMyGhwN=$Krgk;btu;z_dXcffYW;Y=9mEw+H)-&ftnDpea6iE%nMi~+&qw2$3hSH1OC=`;Mgr>$xN)4$o4T;gth6o&z2 zVpTBl!{ArTf$V)A)p|QC6%XuJCcM#a?&MFLAg%;q#lmD~AN z23N_0aWD|u8VKFq;0xOKu|gbln!Z;l2AgVyF&qyPL));TXF+}ln6+JboZt= z&0XL2_dDnQ@BC-(IWuSO%pPat+p)g&t@Xz9Jny?m{n`UEwlRYLUmwSz?w}ko|PgLmGjyL%>UFXo&>`q|gsC8I6SY<&tC>P@$dEeYVDdH+za}lCS zQaF2bmeHYIGfs@DrCqG9^+~`sTZQ4VlpSf?kIA>oRmw8ruV@2nL;3!5C;yw z6YYB(LR$W+PqzHU1rGJ-S1M2Bc080CI97v-&7X=VdwG(snMup`{>%9AC%F6z=k{wc zWaUn(Nw37Nn#j$S+Xj?YGJ3<+6J*ePp(G+=DN8Xij^s@+(N=sKz7Hei7j)lVP&;9^ zS+i@^I&!r2$9ysOce#D5M!T9Sp0(JswuaO1`@u4hF^G9CFaUvbi8WX^R%Ht3zx4%9B1pmS zRil)~uT^^IDa+Uxchji?5w$2Q%ZrW(%BMLmZKo@L$9Ifk<8#0Tu3N~$CgL(&(*o8$ zKFAq?A>Q5P1oowW``WH8Q9Y^nz_95}Y?{BlLN9#Qk1I+JO zs4OCk=?am)m98awEtb33n?UjDn2^73+jPNvve(EejZLh5h1ffBMldrexNURprxI{K ztJB;fXl}vH)5vk*xlighVy$;^dK4`%WVA%{gZv__>2 z1~8kH*1Zz+o|kiC>J3=wfhjnc^(-fCq2yLqE!8%EhR@(eGw{83iV})H+dsk*aWQY& z$vJ}>K5wFPW2|)Vq8uy+Sh#}Z5JT5jd9&kEk?*&3RfCLr4CH$2%RSQMoenIVlQ@XR zTl5Hzw(4lw(o0%XW4R2zEcU2MKOZMlEQQ5?3DtKfK#(sjE^i@xid1%#Dt_cM{R_S;7c!v(TVIZ=9rH z<|GMe^QT(b&W~?9UPOn>IrrL#6*``zXJ4Y|GV>cpu3wmEA4whkb=h1q>Wrb7An#rm z8+s*;O7wN6#SrNXFRCw#PRTFsBbbUSM95#|o_+H=*^3c!WRCRLs8+f&+M;(U(`hFe zP(RZ#bZJRrG+u7L9cm!+A?>ElNbn7%)Q3;Ef(OoeJ(257kHg^RqN=-xG9M@;3|+P+ zicFp#pqZGqN5lu>G-;nzOcFn6J!E(i5d(05JmCZ1lC~Iz@U+96Ch_ZwZzOOumvD3BFz> zsgfN_gH_5?(rw>h^$GRE|^G&epXOyBEdV9($oI`ZM{==>6K> zwAs5HG+w2KB>Uiy8cdz@^ro^URBX_VfkUhSvM(l&16Fqs(wq0s(kZM8+kC1-Z@gV- zFj?oU_=A?uWn^LDTaNhY>Q|qWB#Zke9y6cyJ6sv?Fu^Xqz&-NmQAKBz{O6@Y7UGO%Q6FpIEtM*6 z&OOAk_@lBE`{|R{{R3Yj?8q8No0{;QycVN_5og(g@7*Wy+v1*T_;u0eaHn*z5a??4yLklIE;-bgWFLHT8jVE$c(7Q0dhBM#Wn7 z5lYE|k6gAV*^IoMB~L_5JVxDo9ZfZ^PyfWgK1h_Zb)!C7QibV}F~zXOvYgnM-Jg%t zp04^TEBkYfA=m)vn>EWZ@a3^%+F|Hg%C)QS0JqC0x-H3D6lNf@Y#X?Ev_;cBOD8Rg znO@dHB+mA_L7G-IVpGVhqnE1OcIH*N&Bjfg&)zoarSqQB{vZ}ozT@F~v(0I?>C*$x zguT&6nAa`ac0|5oZm+cxw^*{i6-n{_6{KugNz?26m~~WQ2j1d^gJ5!|Od4%@C9ulG(yEf$9nb+Hp7_nw1YdVwL2M}O z;ht1KxF@GQ!zQ0E7=GSZq%$@4(p33=VitqhD$zi%AUX%{Sx8?3Gx=!coS}S$W}4y0 za{x-YOO|@Z9A1>Ys@7QHTKA>%dFPtbMQyz)rd#h)^m?lN85xVprsFIQH_Tg|iflGD z;D+CHgL~KqN7#XI7gv^{k;fit~U(ZUgoC95|WG zJ${>sd!}Dx&%|ch{)cucj|`sPx_mJsRkU%||#e*3X=TSSRtC=NIbMs#B2|!u4yL z(fc32&uxWcj9&vT`@Gn&G5_e3%6>@0LvH~Z0#2|iBqBJtj z^XVL4((}YyX)BG5;kd$TG>-ub|9Tui4DpTvOs^i89Fypn9C{N{V9==@r+WGPxk8ZK zzW7GtbNuKNpKS(F=Xj0fSK9WYi(1EvUU!g5KU2>|!E4D!4CPxmPrA#^e`?*MJ+d{W zs<)42<|`8gVKAq5_hQiMEgf-$0>kstf8#Tx)o#U^*Fw7-w> z{ElH!rCz}nS5zp)ESvz{J5#rtCB(h-b|Qx}vC=YZ$=K&qkah3a;dHmJJZd@w+&c8n z);+;;EtnYs{#MX9%QQ!2px~8i3mTG#$+sskv_$5E{J6tXmQ_6aKsqq&hZVBm!<;h&5I_@nEMqXk@$G`Ho zqq{tEeR6&roS#}H0#9ocTvI#KG2`K1B6whI!aRu}UH#wOtj)7DxVJfCI&wJUrQV=Y zqUGbju9-9O3`+q}D66`P1P~pWutas*KLEQN?HjzHMwpX+TGXwg_0o*p&+qgRCa1@N zMOQpWPTftZcHP_fjIi(q!6L#O7ot0&V{VzB-U#2vyEhQ~2s23((C_WerJwDuF8i{c zBe%I$*w#H3J4v6Fd3~Jug*)SW)i}}6U#lU@rjh+&hCK;a@^g8xE+2CfU%rk`0Kc&J z<;jWyCJwsb$^MFt#F?Y$tgRmG`ey<y10Q zVsnP(jnbwY<5vM`qvLDiuZBxmg*e>cSmMx(OW^!;wndPfDQLEOpQ*0+t&XWlkjrsh z`?fB@w+&P}9He2)z7>qS)p7ks`fZA%uij@wd&pm(2l7mDB0JoECKM@{`J9wzDd2V_ zCh?}mE_3S10WxcN4wK~9E)$IKjF3kI;iod$KWbtIXr`svQKJGZ0nDYzsxPU30+y>OKDs@^dC`otf9 zmoLBmec|&Gc&5Tf-gH=HmwwAF#T?*WRx+|Ly1W=k6hN@vJMa#+V|$Cc`_GT}T{s(~ z9BB7a@<(&&;@P!g`i{J_;b*iiS+SwG3~g0A#f64N6Jqq;86pX0g6}D7(yK=V-DYVV-7Uc01`#TNBFf;fDzatM;;tpV-QA0U$q`mZ5*8Tk8<7 zl>AWsB)O5;`E`G3hHwoTjwYS`Me9d#emo^U18Ikn-+dBkTHo&DYK$6=? zm->vOIhg>^(fGt~^TnrK__Uy;;Y*wSIn!8xs`!ZvXixk2j<8v2rNy`c zo|cr-y{BJf)_E~G=b{2q#XQ`u2R47X#K7)8wqF>U4mF0WD$StvB-#OY`k<1glID}& z+THhOgEx(kmOrv#508^dAEuB46nbPvq}06Ba=I%5_K+y-of_um6i3OVkQYvuCd{L2 zAdA;^`%J+C{c3vux2zS>O6sib##BzpgaH4G^BT`1a>mJT9;C z?G3D!9*n}`uvOvNsSmCXkKT!091K1=dU>*ULm`ULvu+?uam8_VL;AjbsY^=$mVx`r zo+P%go7_jhgRe*sYQyf%kc=r3wY(~PJLfl^w4Tes=QL*5Vt8ZoajWX`A3{lA$bb)~t;BrnRkv9R)mJcm6GN9DdA~Q3 zng+OI6JT0YeDXIol>D>KZfak3%4MgPx^lH zI<{YHnSRrz!4I-6tC7OF$=3Fm?*Y)(osv8w9Y4ZgSemTeS1)j}SsN`WNtSRmJaGan z1ltu*%j;uw8NlvJm=rCh`M&A?HbWh&#i5fsW&xa${su=x|3iN4(G85aS4wHjpff^N zp?;NuCB>?<>&g=eMTHQ^yRl%3^4W?=rRo*#_mm_uPGY8~MA*W(2fg{{sAp#5U{0^k zBx$=tG4AXy{bbQ44`DkorB?D{>PCzgBSOgjIe(W)ctsOxB!@N->y$p z*6|Ve>ZQBVmlJ-s87Z@CjW0#xf5@X*jOi3+UAZs42VvmYLO)i$^&`C9MygSpYL3~p zxQkL#5ig!=S;r5yX?o6nB-&y$xf4i!hLbCgNFR!DX0MFi>X0MxBRbfkDuh**)Og#v zWM9(7y=|1f!5){WRiOQIQJ$PhHiEKvz7V8_pn=jT51oa;kHdOCy2+X13pv~mW8g?Q zG}Oy~hlykZz2AkU*1-BkLXA_@>2uvyGxRVH&=R%$+Fe1(!<}EB1+su>fW4W7BIP^_ zFfET$LPlzyG5`qYXezYtivPqTEhZ10B}XOR-n2t*d$Lx`M*|HrM8ULTzX7>Yw;ecp zUU#_e9#T4|sfxMDki_t+S48T!oZYJT(YOy2e(-v&C1qn0c1Ej^Wpuj z3d{YMT?u>zvvI7*OaV)4d)q0T?Jw=qOJAq#Y5+c{ovoC*h&;+h?`Phe`ygd}ul?=K zj^^-Jzfw5~Zr*!H=J(_d?uQ@WDc8e&(}WzK+~v0_4C?tTP|tC1YdY8Ckb*UX$aaO7 z-&M0v^V!~FFDJ-EBI9@0`{ezU-(lboCcwQt3N+BlR!=|yPHld8bse{)iRt|2xTD#^ zyF-Qk7M)uEVxBv%cG)6_-||g8VZqR_l-Q;c0$E^ETh)ah$+ce&62z5>F#B#MvAHCB!f;HCyCOaKqN)(2DurxDs%>CX4%H%5vu>EFA=G$DK& zjOv^bbUG!5S_Fqc<`-2L-sQ@*M|ekA^Jw!#Zp62=m+2+mi`zZ5yyo4kreD4q3_qc= z8Y*P^_`qEK5uY5GPGLJ7ii|2hakyn!D4q1_0auHvugjQO@oZR$26{i>az(s*tmSE| zA=jaJ6Y&+f@+)@K&{Hc$JVA4!+Ge4yr9Y!}@id&m0Vw%z1R22fg+^zTFw^Z}H_)3O zn0IFqJ^PJ^SOPeLLY>o^*g2W@jQ!=gf%Z&Qc98cl642-Cv$>6)$b5e5ndpCgo(IwV zR>j?iZXuh~jen$JcljSmzdPWyTBP#VVl03Qh=74z^FE{rDvG3$U>+{eNd)L--ml$l zoM)86Ub=P88(e_EkN3wo^`z8$DNLQjeGbLSqq4yB^*`DnTp!g5pch`7q2RZmJzO8w zl5qS_zqfZ3OC#D4qdu`gU~&WX%@wuL{ve1dy-H86rsZfCnb3*n`B zu+C{jBb<38ID6kXWi}CG(b|Aduv_%Hy<^${LNu-Z{k7H@%&x;G9jLYJwI)bAD+o|&L;Y(x8bcp9wojKkm zU;Ja*ktun3zPASV=JlQ!@*`dbIcQ;kpNQ)=BZMZ*KPDJPgW_&?0m}hhtI_-$rAjYx zL4YW0*I?4Ed`8-E0aGmiVNGKP+il9yRnH z=IbnKDEZp)Av#6GHLp<@Ipf>Zfq_9Y5zR2e$|KklXs5=q%;eDo<0Yo%l@SMhjH-P0 z7h_e0kiL>% zYj=kq-!Nr|ZK3?VlSKjbTgt_mQ^Eno}!=mA1|5-tBki@H*OCuE;9#J}_kV6prsE%mZ-N44P&aPONc$!}#C!alQOLAuKe+Cp|XW_>OL)84S zRq4j3VeY1Beg2ey0r(Dl= z1bRON8k{`}_zxhKkt7k*!~izIhQlV4PKQmko_TA8R@`s)hvQ0L*RE-Y`Jbb$ZufVz zq1V~eYx1j{H?;2vzpjbnGEm6ZDadY1Z@Rkl6mr?DQQW+vQiXqmBQIQks@_>k%3^IG zi~RM-k4&)Ytf6G8D~2g-^XlC3<3r1G{B++EBZ*OOB`lH=?;U^8jZ2#rJyyV$`i8EM zdABALKOUOZ>r*LVkAvJ#A8v5yX$m0#g%J(bc2}RoRpI)<=7T=DpW2-9z~+W}AI}lR zBm8lwYjPBo1gMU!F!)2W091%gNVz&uC~DFsH-0%6yw12v|M-2UHv2#40ASy}}mVMf^zBpQG!bd6d7AuoWX zV{WDT8dlq0sfl0BJGP)ths?Dy`d*%|!!P;S*LeugER%2Ml4CkozaIb6)^nIGeIdZf z6+}2`KJAT66>p~hI(_Uv`z)tpBUl8qH#lziG4NZ}4%<{3@02*gHih4I`ilxpTa7oD zEYZo@N}Boc4kNXc}QXCl1tn!Jm zREy6_GZBJ0(|?RRF6SecK(WVdV7jw??i9%Es$6cYYgrD~#Y4flN{Vonm-yKA--VVM zd3sgv3oKClZ#D&^y#<;V9ZBNaSVo|5`WxW*yNOzJsvx*{ijE9Mx`UkFVEM@VQqxEA zn5pP^S_v!Nz8R~nwd@fN+GWe}xYuFMO-cwzVKVQ&KJZPIMu$IyLB@G2J7}^$amV)Z zY{u8Xms>wK>gSAwbKy?i4lQJWC4vAgT-APtZOy^?Ng#35$X8hkV2c8}dW#lGdsHE{|*q|HT_l0N5 zMeCoBiy7_Tg5n?-L0t;;ry&t3!d>GPO}SOcENO01Z>~H?-z|2395m(Zug!^KdK-hv z(RKdG(Q7w0>k>yxjJSWBwzG?9l$l`h^&RiF;XSLes-g|S3D#UV^8z9sUfWAAHY0dL zoL5c|<;gMyUz1EK{?bpy!E9yC=p8nG>uG)7mp!ylDr`NpWBNTY*x9HMZ9xQ0Tm^|y zYQOrMCCw)v&N3_EbV8Hntqrud8Ov3=R~=&ZYA*r#ZGbU+aMpG})$E0r=w~1z4Wtv% zBuAF+O>`ze2WTeNZKe|BarRkf-d5s#C(tQ$JwM>J^++xqFjUEmD(8L^f2z&a)SYRi zn&7Tpx|d!)$Dfh#5I(Rvd8bV zRmIBR>i9Yi5oP8Phi1O+)4jzm&a26~rS&gPmV+M0QRLfy#EzarnZGIEqFpcjy-PuI z9i?CE0O>s!fp{f`NimU)=0;F(l`0RwxRpF(=ypB?ey0@-Kf&;l_Psbv+?+Zqdp%XH z3{u>Tk;o{eO~SoLov%iVrvfnc-rwW|JmY!Z(ZNkNeHnm!6&^90ieX7vCNa!4f6h`& z=sq#(D`;#6F+VEgp;>+r{`uik&#BUqYiH9KOrS=@ZAbniZx#@?{91?snP68?XzWnx zAz<|istT^UeYH|$V;Q3Zun4g0u&${6pvXfy=!n7X4DA#I{_rEJwj*j54G{R$;8$|r z_9Z2H*?uY3wp@5+oMKI52vpp|9(>cS+u!+GyjCJ_3n>7Eo$>9on>1CB-$l3J!Ryv{ z;oV%nl6edOc3iwY$H9+hQ$`PKbok-0WGemr;%Veu>pOXW^po%{5c{wxI>bODc=$K= zVd^FM+GYvNpQQ~6|1OgA9jN%2P3*r)b z<}j;%>a0Rrp+3PhiqSfoi}PFQ2v#MyEc--zd~Hspt)?U1?-lC;h0?_afDMebU=yR_ zqsC2nfmGHyr1g7O#BbX?DRw__HyxCppCN2cUSIiCfgX{CyPirLKeKn^b16pdtdA7r z9K2SDW8Kz!)sB|D(5_0-gGb^EkS{zP4W)(P`$o5U95N>)-g&T4F@;H5= z+a>)H3VNLNkgWX>G>+xr(YHyB@2Y0Hj? zlwxCob3%#_KjYkW^uAeT1zn3O-L>i&E9<7io{O!r)&^7o$>TdzRGeo3PYtrPw{jTg zHIG~UIGy`pLm7*tl&$8<4{ZSRKVEbfu+W< zuXMA=V(!y!`H&!fNM5Uuc~`U{HYFUK&)cU>@C3>VDN>?I`Xy|qy`EKj)lO7~2c7X- zjj7?;{E=rRMz)!eQXrhp-rwTp;(Y#4Css3s%b+e3U6;-Zmf$LAuJPy#cf(Eq2Mu%0 zU{0SJ`foWB+~C0qwG65CD`hIW?9E6jk?gixY7!q3rQS}fnG$|(!N8OJdf~i2607u) zx2u!1RZPv~-bk^A4*qr4^qUk@gFPQB;vCUG%S_%`6Q$Xj;(&@Y04^%GJ8vr@ZunFn z`5i&~XZ|-kW4Qr!ocfh=9*3K3woL{-S~kg(0_N)v$Ln27?rO-nQLD*v&Tega-LGx$ zJtpX|hC-KW!5biS+4aR|+X_bHv?UT=%enxhUXgyIi}G?$>QY4juCf2@M9hz{rQMEL zg)a51c&d`8jdik@M!pwX>%+F`nAa*v8j@lTkiKuHvQgFw(C#c*c~>k4SUH&a0$MB?A&tU0VTAhX;8{9_*o2 z$SX0MiH9*l8ZQr17P+ojv9U%q@{bS>5|evVbK^G@28HZJsp99`E=w>P6Tco7-a1hfNB zOPk!2*YsOb0>J|Ho%zlTK#vOu^x#K<9yeyZc7&Q=m3a&+M4p@iSwoig)`ZpNrdZ_B zA$;FKE1byr{K-JJG6y+} z${vZ|6AI6R)jVB#LTXVtl80tLkT2O`;b)Rbl;}$U+R-X)O1W$sD**gE*~-Y_sCOU& z8+YSaak}sA+OaWw2a;9krv-UjV4$s5yy|-ztTQ(iDAWx}_-x&gl8=jh1uHJ+rkb`H zaOV4df0fM>QcLG!^fJAtTcb8o_^g2cE&U6Fbm_Arg=Flmw5feQ-!cXm)pLHc%K$8p zQz(*Hx3;7y?S6(LjR}wcWCQAQfI`!nPX|ce;y!WAOA2}+Wu4c)V75g83F5t}I;5J3 zpd2K%fP0_G&G;bX{m)Mf`~{9Fh`d{-F+&XK=b{)WnKeKH$d_}-1PeFT48dRYJu!!X z;W{Gg)z){BB$Q@;m}%x=%fB##yK7ngPa<4aYCLD@G9knU&0>tf}aS`(#IA^|!5wZ^*L&E~DaPr`6dj1Rl}`;q}uJNF};Y zWM^Gd1-6bW`;fCOCFVeY#-!$lS@sj4j*7j>LSmoHg^BM!yVW9c+q0R7QZQYHKf09v z9c)gI&)Q>?irCE7u1H+dW~$D)_@ZFU^#jr);odXNld;JAE|Z|k(XCA-*n~qqwn)v*t@&cHk!ka}=CoSJ z^Rqdn?O&p)^x{J6=Uf<#B>_!Ht^I{_lh~n6_ydZ~Z*{4+$G2UD{FIheZC$+3%Jg-3iaGi(otb z3=hM@TN>@f=0S~+uikRs=aosnSMqqNejpYI@>}_6#2q@qR5n2hp!Ayt5jO*?^%90R zq^M?$=TY)Bu-`A|4+2iIs|Wg$Fo03lqLnNfrL$W#DbnN1(jPC+?@Ss=+;xpTRxl7~ zBd062098+W->-jzmUl~$qzl&qnVrMcdLf%;r z@ZG)V0{q$$$nwnr|IBN%ew~ko=NUoyfNcY_3#w4)->(?LI*Z6llucHJTe{-DviAL0O(t&2EVxiom(ByCY?>&gm)#-Rg;+X z^-KD@d{Tj^yJtie`k2)pI0^TmGJx8k`3a-)UN=BSus{c2EE;wM9- z=<9|q!6c82sj)bie{xci>7Lio<})oE%#C9OJF*Phr$nctZ}8iwRpgSJF*~>dj2Aq4 z@03_PxG6IipDlR3I+@7cN_YQTdCb%P;cRX}GEPDQp z34qwt2+s4Z&2ghe(CN%6v}??g0=~~}*pR!7!IK4K)Xa`pBF;mjr)M|YXE1(Ar_@ON zq(#et+|XlQm+qEq%wzdk1_xD=`~JsoP7l_+sXyElsj7W$l{;O;n%d zcpKKxj0l<3+0uGq40vq&Hx|H;XiP8BtMBld**Q^hG5d1LEHpb$j`56OW0c?vp-n_a zF(BQgCx|P2cD^BCIyfd4E;v`U=qCl}@ic!fzZk>!f8T7&ZpM~cY|(kYWs%Tu*;lM{U zfy?Y8cQ%;*d7*@}bAdaRX|q!ARMbHudKP@?t(L zv`d7i-^1b_agHvxcogTMj(^Sh5&zmZ;})y|<2@vt*vX*u(D*V)8Awp&#tz0j{$tD6 zFq2fH_m`}6vmUb)t9FKM5Y1nJ+SDFA z6HJE+SZNOcMkLjj?8*ojOMf{4p^)M=cJf2TFOsXkatEafA><&bYqTWz;rr&z&SVpAO??sa5n3Wd#K+2M3@%x*}2LHX$7hro5VVK)PaBY+% zcnFM95icK*U-JiSLqY5H<=&4}3y=8luyHBwT7wap5ONYQ`w{i zrX2N6XA>s+z`q_LhYHOC*A<@dAaHgDsFt5z6+gY_YUYIh{1G&|7fQ{=emUevtu)jc zq!tq&?o%7TQ0MdU43-DgFr;AU7a^>-Utjx=bg6*>Vrps8U%k4I7yCTrKHZZqfe&v7 z^eCd^g*AVC@M^KSC2+3=XJhI6TLNCs5hZufXOjFTX0V>M^9$vf>8@tY3F2Vk_#dd5 z!-ZBEjMo-55>h$8BL;Mlcx8HMib+6@jEiPA9RO*Y=%b+M?R^lmo0B3@e+ffDGo;TJ z{EO%y5?KRG+~14Mmgpe*uc8EOnRdxDh#*ebU1;z2Moz69*ytMG1I8tUsq|g~>T8n0 z-UxEN|2dHsSHIpx*#$Aq;3+Y|k>+)p2g>m^@o%z5(N6R}X{Q2Pu*S4cBv$e@*;u1z zB&DF8BtNL*0>$ewFO@&HFK_9(pff@xWOTE6pfq5Z$$pgIp1bt|i8&VknirbBpdb|5 zzbUIkNXUq;yt@*0E!NGG+{d%yPqFEb1vIE$n)+e17PP`puMlJOGIrPns5lSs4RDUJ znwBuADJ=FC(|K}8Ob&hHF@34qF4?mNvrx023Ca_dZ0#dBH)HoQ=yBeh zE4M&>sWEswq?5I;^#bVpr1d=xHuH$=^EB$K0m&fPQkg;+E&|?Q-;wId>_0|tx4*2M z_p~BG^n9lkD*MQL{*8zjJB)J-uSOq5^YoF19kCk39I#P;8zM-f6k;Ip-_{G8d7c2< zqlbPD7vPF$sySe)hmTmGsiqYX@i$-j=8C>y$1ku5ZZI-RCrRKxW||gF0GjIXGYeAH zf+3-~Duswq)Sd63rcwkom84!XyZES^QG~`SpN3?HChu4g+~?&Hm9+}Ao$Teo|G3un zr=fWw@kNPhIah>3+1QpDpm%rD8;|w^?rX%&*cz&eZ;k`t(?1u{$n3ylY1svzgeLhd zxN^g);oVV0R-RFJ_`l}rzgCW2E3>#WajG|x)@Jjl|P5%Ebxqw^ZDUMBwF%gF@hulLsQCYKa zoNCnFC;@}{??qZPSMXJo#DDKV8yE!LjCR!2_yPMSi2b*9Kp{z~l|=H*oyvS$DI0Q* z#@@e^Cya6ueQ4|t~H3%h*kd%=Gv5Bj%|1Q%#K;@|Jyg~mkd z-%nmzSDJ0T?qqDWinkN-fBXIPi&ClZQSja11+nRvwJIhG?@yrN(L($>5PL=QQIDa% z{63IIy!hv$ALb;uTRYLepVS3N!i%?eOHd{YWE8Wvp|PNml}Z6uiksz^6Yuix_{Qi! zMdyQ|qlJamoVUSPZN0k2dC(w9u0e(($&-g08p_|7pfWhpRfXK#9rcDtJY56bLFJdm zR-)Tp+9}Y@zXsN{6fH6lwfWJRCC{S$MADR@&5uR_rulXALKgJVC_mJ_t=9a{-&+;9 zx9WfH4Q&MvbgRg`u!F1W(nGh^9(0gFb69MkgT77%6WF?t)hGNY=OLv6dE}z|qw-4fJT$25 zH__@{-hoW39pkw)v~jY*9Q=DR%1;FN=Lj6sDna7_R|?e@P-agOTBsP%;3UztadoR` zuJ2SzeMYSb$#WL)v|@oFh(xPK4G*kXYl*_i*ngG`^ql-Oz%6ZEmrp?bCaEM8WV{i^ z&|okoDaC`n*4Q6xF)WLQAk?ar1j`@y-{t@RVELu{<=mL~Yi{Nxpp69*1>b9>Sg4V` zg&gow>c7?q8elTLB*0DO$|<3l3W1?R9VG_uB;7>|^ixKyY638K_aqmX{?6ESzvX`y zyNusHvErB;DfBED-N2&{W|RD%Hy5n4mT&n{JI((XGK?%+vgb4yuhF1i)rD|i-CCA^ zHX>@cIk;+o6_5FAGwA*NAVHNAcJ`BIT4QqPF*KutbwSYYh6jB?6bvg}=pW;Bk979D zm5kp|23i;(4+k@aAN5}fRiJN80n6AeA{aT7#sb2p7!WoEzrt$G)TZ%0FZ1%;OnPWJ zIi~fs=udUt1p`n`6UXY6-(@8E29?Qwy4# zHE~1&AEP#|C=^>n3WsSiK}PpJ^uH%5E&0$CO8%eMz%xnWfBWB=xnReIInWll+!INi zh9!R9*{Tk7UJIWapJx|>$U>&>i8BwJS@RB%vfZQLe-k&Dqw;e>Rg|l5$xQ|ShKKYv z5HqN0wK%8on6`JH5>nlw82DEUK(W}m^+&(yaD7TvB~=v2W4UnMy#pHOz$Z8$-cP^I z=~?;9U-UrbKv0dl%;GNyfK1X?tL~<#Co&42&%86TY!6!eB(ETKC%)VC7O%7M2;yp` zf|%fXCpQSzc-D<@*TMHc26z}f=pP_Z$9(-`rBSh5^!FHH=XJHofdy)~m-}>+L7kI4 zB#;9Q<`aRwF{mLTqmJ&}fo6M*Zl&*v9n?m}0tQe4?sX#N>=}7BWZSQn>T_y&N6ad7 z18H|u?;(A9hG<$^{rz<>?dn_>RAn$nitfoJ+kJ=>sN$HFKO?2_OmT(+8Z=PCFhP9A zXN)pQC}YQHoC216QN=<$>Tc{ITWm>kO)0#Ft_2%<%6=fYBxX?RLG1v>*~flIfzl}3 zD+i*L31W^Rx4(S?psk_s-`X0`1Fq;3j|B}sxOqdS`dPqM z0U_?aR7)vDKXO&E9Y}08S+l#IUPC!v@$TWg4-RSyXo_9Z@St5 zcS`5w7C8m?eopPV$rJj1ogR>#46C~zNw`a)Cl^g3OZZ0#8Y#WY7S0{W#s7Ut>XU)< zvh~5Cm8cB12Nwzpei<8EB{{PepnMP=v>oaD8&FS2<~Hz}xEpHxsGvzo1_ZJ)>FyM$ z<$NDyq>27pM!Gi~r(Wv8HXk0ilXm4#-B3ZciuBvLyDMsJ zCD2y0?koEna)0}Gs|nyrDt?jSHQ!@=o^l5qp@~C89S1ZRKSA#&MWFZ$cxeV8MW>A2 z%>aqZV`)$%Oef?Br)_;l@w-n>MG0jbV{1&YukAp)tB1Z6&U*x!f`!F7Rx$fy2H4a z9rKnbPFCnz;t1k$dk2KRmT--~?K zBb~v2zSZs>0Xy7m+;Z;ju-tP;$m=+SQSm6w(`k!+ zph)CqQ_obpT0H<}k7I5FG%jpsdinM0=$F7u=K?tH38>W$YZAE#=%p;U*AwWZv2{`< zuFf^swTkH>n*K|j6JBTH9XZ-!$S^n)?_8oxp9J*3J|EK})Q&2~Lj{2ie;k2s;TD&E z6zE`Rc!`L-ihcd8qI=&E{v`=B9r8UpVdtO|MAw5pGYvQk@_H=sla)ZPt z8v$;GHFR5%5o>QH5p?_OL8u)pB|bRx2l7g&5T0r9RZrA(qo;iLb+$M}y8-U${Ex7` z!whMMvk}fE5vhyGSinkpz1UfDHzJn!4OEz&O;;B>Ct=%XX=)DZLwN=!z-^tC0C}Pe z=yg(bZt3o@k^uS^cpeutZ;ro8yHR=xgt1yii@!dvq@JyXp`YBrsQQ!A^6Ct!h};&- zv`rJ=17{Fmd)WXd^EkW;^pllW&r;#!26YIK_;W*e@Y1n~^xUl@k|uGHOU@FwM?RPR#^n9RFo*b&`E7(LdT|q^eT!Gj`Q9zB> z3DrrBnsALbJbRG$^lP0F>kW2ob$Y&7W|b&e8t)-nxbeiZ92c7t(9XpSnJT8Rh~?}L zJ1Bi2E!G{}+z)!P#9Q!TYP|uydfKdMH|IHFgmgDT{s6J8)-V$22SJwv_B;GeA&_8D zYa7tk<~y@34!iS+d>UFSjOci%bm0;fJ7P1@4eC(3H=kALe-Y+a1vd8pMh&AK*FfusWm z_1WE^Y$+~{;QKEUN^Fc{U>mL3Vz+}vya=1LJqekjV8;J`)&VU0yV++)%>vb z6FpHZdL}?U$A6pQVqWP>ON3vXve7N_73i?}-!a1b-V56D$(5URWqKT1sn=<;F|}`| z1X!{J6>@0if(nt5r}NC9p=!KAz3b1ouGqNS4+g-QNlX^LWnUhHc1FGLr$GG)=6BYn zOOH8fv{k5>v8uqiKwIJ78E6GQQ1#rkD~|2!2O0sDcs$Z=s4n2$!J2u0x6MTYCrGntN3w|d)Q6&5<`Q$=Q$CZleLQ2M0XiAa+DIlQ4B|^)g?2fkDf$EBnVZ! zlFwH9sPEfx0ZL=@+bX=7M8o0>G_}yBh6}VD-x!xOl7%oq$tq^T4-^&^1m-zphv?-# z>H#PGMO7O9(D`Gg)1`+6{$STCWCVGVcCg7~*~n;O*UczM$K&-F5XHna;`Cc0PEjCZ zmLJV!Wl9fgt@WvQdrGxuz8?6052Np0(<~Q`SHv4tDsPOa1C8v`;GYKbun(XK3RSXz z$B>-PjeZ@HjyIs&Pd7o+I;c?_Zn4?907s>(En(GzPNb}5OW-)Wf>$u{pDlsGazF5I zWCHQ}eD8+%vE<2vj&KT&TE``IaF|z4S~sYiWBDgajhl zcs?KFdR*gv-LLB*#F*8vpUNL-OH;Sz zn%KO9!=9(Lgh>rX1mFG_G#>m|@ysr2!@1?_`6kdBV^YfC;#;kEKbc_3-B7 zO}7hdFR;ZiDC67f;ecuoOWJWZAR;q?F-49txvARkA5_`3%mPm*G}F-4|Jpv<-B+ES zJdN8+6^iLDu3M!4`ziCKziq!Hc4UrLBBKKBY~i4e)M{iv-p|2xhGB72)R;GT+j?K% zU(fb_jP(19@W_`tr}ioN@B7R& zLtK~dI90qll>x<}4seThG=13l7gTyLV9C$B8>Ew+-+qKS6?$}tlfy1HXoP$ZJu)q=G0OIt|>Rvkt}GmgU_tseD6QC>g~)jOC;%%d-d*2??t_Ow-?e0 z77ngK+U7u`-gB8N`&T|D#@seI1^p#E?Z(a?<>)@lvoTP^!*=dd5^DUSvl1(O3I7cz z0EN{V1`F(EvdafZ>HxXfw&pr`hsgd-FYgbB(Z3?Ar#ISt`*@J6Wz~^Ya5dQ+@Ix<^ zp}7!=Q8=;YtnQn)_{ht<>8o128~{ZdrhVpj*y~qbBJlv-xo@V>U-^0PkL9tLtWC?| zm%|gIKu)eM>vIi-hEq<@?@0TdWT6){JvQWlIW`+^J1w^RVBTa;QX;>3lM0bAlS0ZW zZu;$XvqDDx$hYg?@7tbOo9p|_tw*e%`73b9KU|q-4mjX$k`T59qW{`Wc7Xnt0Z;Ts zSj*2xf2^nb}>@0y1r&^f!Z=Apf8W(cE0>U2Jy3i z(*=T4bfYuNSi4=rn1g!*?tOlLy-u^~lYtzn#~4s0_FO_e>Mlq31Y)+0K?CM<=|;;0 zP=lzQxWUhc(@=SKc^rCG9^rWUD`Try^{`KlkI#@p#vY=%O6)M=K=GVb{=DE^Cxc-;%clc z?lB=FY4h%o!N0r>S5UMMuKVWJzP(E=FVPS@#?hXu&%QZ=&yI&s_8e0axxzkDAP|~C zB-KD?x^G`p#_fjTuCqevo9cZWCz$qMeeAMo^Qi691&vFFA>TZ9tukalE78amC~}aR z%qb#PbD`2mr*7JTntSa9c07v(s@ujuzgIo?kAKiweLQvhw=7_JY%kyT5F)hT4%<+`sz+*9q;9{hWmv((Gc3FIf%kc36EM+R~>OD|rEWQ7KbS zA}9Os53g01>|Q|8KB=UzU)xI?0%dba&fub|;-VzK;@0#Cn@^wZ3qHGIjguJ7HQngv z-pYY6D4?VA`Xb7V?FppQQurN2vL50_87gjxZ;oWkb>a{i`>y}ma&hdc+CQ~ekoT41 z$ROjYhyK&iLt*5#|7{rgOU|gg;K}X)!YoG0yeA(u&|?$H7=4Xu(u!STt8!Ab?sgPi zgARK1JSOd_!6{mTsQ7jEBVne;X{cypUE*))CkfBIX{sRRdC>U%8DP%mN(MN)a$V1Q zcMXiU8!ezMnIH!8?QuNpLYtO}RoOt8TILZRX9I zfb$*A)qQ_&&v<;3CLp(R4qWDUh~HG8cEPx5sQ$8MFXss+A5aCqo6RvCc3T?Wz5ugc z#T$IQnH~VfUN(Tkl^A0?Tp!(KV;=?%;@pon`oP5wsE5L*#Yv$DU){D@EyTJ$m^A0W0@%eVCnK$UB;ryu(A?k!1Jo84HE z4-=Mw25BD;dV9p)=}S_pi-0?B`@QBm4i0~_bl(}--bW7EsP;s4ke#raCf4_66P0T!8NE-C8hW7=CNa(&y_ zaEX3+Yn^^!x=)hd4$FWsvVmxHT=-&+mK%9euD z;vIBWr+Y90S}192<{ERs&FG&|DJG-CkpI2Ud^~$ffkx&hT!xDzC;bW$ByLgg>i8C+ zhwV2SlDp%Gn@+xIxTw_mKP{aOVZEWfWf|0*IUmAcp=0tpyICE{3Ym+NVUM9*g?@F= zg~ZZuul+#tIJ6M2zMWr_L5m{8T26nBtWy zoLfJ3f#Osp?u2}Sg3kU!(%h;;EO#yaGn0smP@zYxB( zL)j@bj5WVaNXdl)Zn0gpyy1t*xs&_l;dv-DVQxZ_>|gFN{STb}xh|6A5~6oD8C$r+ zh9p`2B}j6o#Q7+)B!_?`|Fk{8bsd?6`wAe*$pv1)WOwW{+K(LVA1}#C&^u)GfxhB@ zFUgwT{LAA#S}$o_YHS8Cdw5mO^c3hHb8GvH9df~;;5UKzx^ApWqx=P^iy+>{#?+E4 z_mE=)+8P?-@ z&HP}60W{V_2(0=VahZwPNs@R&62%~0r{2UJ%|KTcD57>CP^nQ30Tf&q!FcF`EuXD? z7J{jQ?K(1sFBwdzuzd{>voqgz<#`!`_eGyTqwh#SpgrXyMO!^Q>=LC+i7WH^P(5#R zQp74KSttAU9*N1n4b%Qz;|f-}klMU&l>qxuAuyIAJQpb$_uZ_pur{Rc1* zL4ZM%Gm&sIe0k$;`!&p_vlSN2gxu8q#Px^hr+91P*OExw^+1Gl8VpW zy#spNYTfhFuRdo02TqFHza|!`r}d(2z^B=sb^jAby$+sI^Q!K@D75ldB$UGeN*E;W zV72e>Wbfl#bo#n)NYHksl55Al>P32?A;P$_?9EPzQ~$9&NyV7g{%9^T^N9bKWwTC0&+xzHnOOrMfrIL&y9*tZ)zWk>&?j?Vn1_FP` z0V; z7vSVaXk!L>W9hG9RiA-}&7S5^lIa33awU&eJGAADE~Ju2G>l$%#m+*&?c*DZN9X*{OwWCVJ0eE#QNb#A#O65mNk6!!tCs0On10b@#qyM z;^U~t-vbAjHa2FP2jLn*mig8+mkW~XOtG?&CwgqV%#4*o)r;{;14=scFQ;{+WCr6i z`|u&cgoZ0{!P7`t-}-c)xyTY+y#5N~I;o{U-sCh00o!wJL)0)B zyS6R2yjhGToo4bz%V1Xq1k$iJonM3;v^Sz>OEDXRV)}$#kJcyDOJ22?^dCsS_YFHg zB2>f)cLb+>S<0UrDCk>HTPc}!G-S1@w4!D|S)zL&4w^lT5U!LcV$1mkveR4?OnVv9 zq1jNm#Bz6F>iRE_gD?5&#aYa5I>X(v<-?(_91`5CuhWMF+KLL(H%z;n?!Rc(>LX&B zsGY?&z6|PjW_{%4=MU=jhyad92xakF&+H2eU93alOm>=YqU7R7UT8h@1ug;AYkF6u zC27QMvVH79!~6{2!=B}_&F;SS80!K0zLo1yD^4Y}N)FY^dVsf4YxJPL$f7_D`uXS8J>6N~v{ z7N!gnnJzBBa9w*KI&w5-?(YhIH^qo6B~vZR$_3Jl8pq+1Zm+=*EeqcTxLDr4dvHl9 zH@ocDFAvzg-V>P*>t3eawUQCVY1K=L>C8PHO>DQtf3uOP3mECIa;f$%Aq}s5-6a{e z0awv{>0Z*=oF7+86s(e{#;gXamu@Z>j+%)O;Ogp^CH8B&2?rATNC|w+la|dReLZ60 z6RlaY(sINx~J4xH=7Z-iasfZ&&?W zan=FJw_mZquL`JMj`)y_+86H$!LKXNF=H}hMP7k0QeEFy>4#7C0`cSEV^fI0EX^yu ztFs2Yl?EWl7bwfaE!f@FZGd;~vd%se5n;ayi2hO044d=n+6jfb_PuAgbxzHPN}yULX#%u@F#sD>&ij&;!NfqmNUUby4*I<6cf|Osq?W79wIB^U<@iv%ybbwU=+}EE9!FKdB}S(Ccn$ zI`XhNurd9;7-L=k0{SY5t*=9`sKKnz5^)`3Q|P-2A3N%V%qFaWo8ri3qFssDIz{@B zO~d6~WzrZc9pY?mucJwR?of;-UN(Xh^Z5Ioaf!ShyFQ8a%=DRI-$lc&-hFbZjiA8{ z$0c$b(;mDU^b_OW7_rz8we2)cBy6<7fn}P1#)IW85(+5{$kSay$ z*0_|PU+Z1MEDv32DJHzeBX-4c{ld?=11-iP1E6Jud3vE59<(5lyXOlfxcH z_X+0S*+|=5RktKGN?T;V*Ch?m&Tnpv_gIcb+aMQ+hwW)2dz;RB7JrE=YTLT{L$*&|1J9-U|bR$m!W zU-O)3j!DS^jlRmt8;_t3b77W$gMHe&@H!|Up@nw0xDd~)`q6>>k$IaNyYwJ4FH=_p zdP7$V>tivr8%@(b*^TsA6~^Qy#R!t!7`ijYLGVtzwOaBWe?hn2C2UL1a>C4)!B<%_ zPntg16SzLMep2;ISiZxq=xoZ;oZsgm)3!PHgF10JAb@%o{kp8=W3yGfm)>mAC}w0f zV6Z$tG`DEYDcX`}v)*oCkZJR3A^hs9RUcR0Luk2o3PbAm8&KYyXEN3wg6c!Fno9wl z-7d=#KyoC6fm`0sWmvf8Q$;m6?UZ~iS-U`Rrf9jB;4v7GP^DiKux48m%A7rz+lgTe=arfxagxXholh>G%C8!1ZAmejj&c z+v=^uS;k1$Ujo&V@wD?G2++ABubGZtj`Rfixp4Gs1e1n{`2S3P9!qR(8dwAAIuSGk zX3X8~=-=1U%obR}CwIdb31P3VcPK5y2Wy3&G`>aG59bgkfq+zD9kb>&pP1&@s&*ib z^9b{6g*c<_xQqq;g?xkb`{TL#gD!o({sx%3oEOheL|8wOkJzjYE5v0sk2L6@H#BI0 z;c4t@JsC|tGl!Tz>u);{r+pgz?(;R~S&!^`ir%mZy)#m7U+?X$^!t`vpp6#ggB$7W zxiM#uyZs4nq!YFIT>`KKFZUj+^GjZEQVdY7wuDC*g-SI>`7=%DGftsp(bzF0t;Sga zXVC4d(YDooNAg;W!)fx1u!a{(NnyY2ME^4TN%fM>7Qno-#k{`0qS_!@YzU?n%;ekS z3N|?zH&-eu8X9gwE%g~mLO*qds`@&Az1VX1Pm?r>(?^&a-b*#^j4>Fg@O0YX6YO=6 zF?F7k)}9%#^P;YE(UaGiBZU>tT3h+`Uq#2}gf8d}AB+bJdNI-*MMoPb^6hf2gC3C@ zq{2(ynKW&oSEg6D+J}C^Nr{g?cHINMd+!(6lCQzto=A_pg!OpV$c&yRj7<6Q+W(m; zr*7Ylbkz{tH0#h31=VsOG6gxlkDBEC3$kvV*NpB<>P)) zg)n|Tb|!mAd679n*hPoL?}I1F%94@mCO;+&3?%szkuz@F6U<_r0-TG8Jwq;^+d4dj z655jELXh@*Ni`&Wts&twEJh9dw`T7nF_`v;8&X&mDlS`6*)IN`?T|F1z$n@SP-6$szhpIbOLjX>e4p(>ckUgG z*p+_!U+%l~;4%#42bY1tEnxW8Pqo{J=4|KJOe3tRPOf-cAO6K1*R@eup4y=8I*iH( z9kk`cE)@{c4kfXmnY5A)w1-?|zb$gEyhSs(Sr2}HGaQt= zPv=$mu2HZX$w*bi42f~@o=U&!4+>Y|acZD7{E|<^1U?A1Vt~1Ivfbo29Fi_b-Bp0r zM-7hj)=6N#s0qT&xFy_fq{{da1|)p1nNrdAAF5<|ErfX~I9HpgMqUD`%^mRRd<4@E zjH_#M$)d7^N0`+wF1?9cLY&ABT^aK`c=435Hmit^e5 z%bGmYNs%RUcMuPV=4!%q_$;NrgM2uD!r|0%+=m?M)1a82~A##3J)~LF7(n$7G@0og9v#VLtZB2Q-TMO!cQDo4jkE?xXFXOq=li1IR&QY zi@DBc_)6~_hzlIS$s8Rs*HLENj0kfai!2Z+ODE6i6wGPc{~dEGsQ0Uj)T?tXI&)pE zJL;rf8)v)Z$WK*T%>5(`eT4PYmjiFSY{kwz6kk*hAGKjd+hmIDJ>cY9`h=h?wS5db z5g7?vC~%alG7nhDr)XThfL8Q4X!@6N3drh(z<)!Ix7fl)-1G;tu)C8V7Rx9c9p37G z5t%K&CQh63n)P*T)}-TSdU)4^v_Hr9#{Ei{7Np~bEcz~9~ACV6gI6-t|Jtt1- zun<299y`q_*)V*FMm|i>NJZrjp|XfgQHjheO+OvVUyNGVkSg)9Wpe?3rSI}8${V8e z&xo))AQdBKPAPH!>_f?QK3>bv3d5K_vV>mDff4=!?M@cau|&6>4eKpJLh$JkJ2@<( z?+w$;e5(0hJlNMv7q~u5BeDGV?k@6ef`9yLe4AV(p<52`O$?IIf;vB6IUet9^&$zr z(w1u$KAc{Kr<>=KxUt{AR4BL(i0~S3R1GqYQXs+qnT{qV_kYX87IR(LJuSpJ_)2|_ z;`~5`ymBHDb)8u~L!*RdES3G7wd6&9Wm)=JlQ(MW4hZSo|1X8K3xu?7%X|3{`&&q1 zBK$CsNb&)EC~DhUrd0W)yXBf;Y0wp&*zr5N$S(g9MAf^r(B2_ifI*&DVsReQ{Cs3v z&;_1X#PJrZ|9r&2^U}C%_Fv8;@>LlAHNHwdGIM6X&Dg%iO$Lq+yh&=Dit1ckylK!;!ig)N1mWFc>+ zS(XwCKN*IjZ^hvI7buj=M_)5}s9CNdGcN)*fI&JQ*5zIU0DsbIJUE%(c;EDqvk`pw zcsWiEsxL*iL{g&N8*TL=vh5JEknhQ_7OVD~Pxb2WzrV`M7*N6?6(AMTk?&IKK5+v~%eT+kxbG z|8Irv?`82)VAIC&jb^RraOZ_l4zg1fu5;8=Z=@M>^r)SKbHa}T38O;NjTt%LR{Eqa z2L=S0i|&T=Ejsm$j;t*x+`k=fpb)(>y*bz%`zo|}h%Np8VELD!0J#B!#2C6Nq2fML zTke1-z4?vJ^*Bh3VC>s6^`K9m@s%+PZCj1Ic0D%Z)DNe!nib~*XiJ2b04Cp`DS`r} z^{qpyhjz|Ze^}b86s2zr)pbun$$<-LexGjG!yBVE%RP1#qa}0C2>qIPxOKi{wy*X6 zL)Z*cK;VL$Y)pADsl~*JFH>E8iY0wFigRxiSA_BEU(XAq_l1`nM=P9O0dg^OYkJHn z&`RA9?QReUGp0II{(80b=BLc3Vl!V@BsQNVMji1wWqT)YA0Hh^q$~|`=R*fYs@iTt z6&ir(FX18thZ-rsRbTM+u9PRUJw}ly@eGPQD^^z1<71m;>zDSw=Ls#A*>mXZS!T>$ zN^@(+T+FB#@yT*tb;>g&Xemh0a=S=hW{8u6P*&(tdq&aW+r9w+0D0^zVgKEvUVyAz zt&PHU^pu>--HAkk4rD3SI=9c2H52N~#8Gacw9{r%Z=^Qdl4zV*1`v(r%y*ybuzvwN z0KEVUFQ;Rh;#siV>oiEDH-A1VzSdz`^**#bFoy6hOvui>8)$Fiv+AjLPogshv_i>^ zxjdW#y(C9k4R^tLmsv-=W7E;t6H2bcW|M3lZ_q7(g8}$!8x5Erct(!b0PgF-eY8~$ z2cudJ##Kp4h7QAVATG1m^SA4#K|M?SGCeGfAEk9&tue+TRC(S>$w8LErsdZ7O4TyM zXpCL2nl;#z|nf%%dM+C+d8Y9h% zMa&3=kSa%cvw;pA)|OR>iW{mG!*VMaE%AIY{@8%tW!E_m;rV4O&pIJK4LfZzo@W?i zdEK*v0oj2KGQgsdE|g%dU677v5jkUwk1Dhrd&!k1PcP17Re4%Vku>VM8fxF!977|0 zL5Cr?$5zXE{QJJav<*DZn%%9iaFDQ*5XSF($9?c57bd{Vh-r09dN5h2L?l5emQi<; z*xt-EAh!6PXIk%p7oa?GI!FyT`UEo#_QZEKF0&7()*Hbz&nkg18;1J?jc%w~^+Ij& zfCm%tCee8a>M>rGK{D&0;uozez6=3 zxz=sdu08H_t(TM_R0b@M8to{MTjrZ@L2wWARao0Dr&TWs!4YW%&)h1dV10uneEka3 z#$yK8ZcEE<%Zf5;*OecH^=Sl+)o6#2|2PA1#j$*M!>Y;D=Ep)kPn452v(K54NVBm- zm8d0rXrhE%Kth8UF5);4BwSG=p!p5gjZwlZ8FSpAY3-$6M!bE~IUoTkq%|T9&~C=D(dU_`?Mdigp+YSq-Q?Nk=!~h~)qc8z&2% z$E{(_x@*5(;Gb&Xd7Qd?w8|I9#7bRep3mvxVQlq7#5gLD-aBCCgX~I1CFVb=7heM2 z4{a6o%gtH4LKaBFZ`3O^iEeu7n^En4w;5ZA_m|dNpL;x&QNzs($_ertn#61_4es{G~`^r4S%I@Dnc!^L2^59&l_T`Wk`eI$iP(=Z2jcBCUeg)FZ5J;<5viKm+c zHK}HJ45>*Z8@zQ9OkFk4&&*)trG7=19O9Yr8DA#=PMl#?VZ%O5NiE#a6$=e^IhM zXSFfB2ZVCs9=!Pz_-Mm-XzTnQ9FG(ht%R)h$IKjVJVYoL2}_;)j}0VEQ1%f<}up4 zk1yB8VlaxL+=Ta|c0u$xZ7f3e2(nwE^RQdUPrFv&$M7abl?6W2Z5MXm7 zLW;vTHgIP{xbBr^z4AcJi7VExs+?tocG(6pk<)&&n1%3kqsF&{?Nq6S_-gwU>WFdA zF2Dy`q`)C*xwkLmcL2TrGenePXR%FFt4m!LN|90=LYOo_>chkg6+8Dkg0AYCsGW6Q zE|~wdow^iiCGv-Hpzgy3F=SgAd7UHn`4HNE(S2l~IZ!BJL+y+S)~EI7uU(jx%S6uP zsw>$;M;B(kEY#c2d+Vr-)|7X`k^v4V)Bg1pULX3v&gbppe!e;1mYa|X)m7}h*7YLu z#P%X?#I6WXyLSS1N`>p!nx9o+rt>Cmuf(|naWx;G!NPyI4*NG41&PG)^6KYEQO*yi zIkT-x)w*uBBo08bteGM|D&xd6V1AHu8*&R#?^dh>hOXckUFW`~LzOg2Z2>c7k0ix~ z$sJ?hpAp%~7_i-{KZ68uGz+p^I=Gue+r`K*3imUhcc1sp*4H`4nskwFU}q)OMFcMH z1to@rztDR~+Hi*qOH5K~{yCk63H8v-vnVJ4*@pO_J9#yInymKbh0tFB55TH6bEG0? zIW6G2XFbF`R~e#^X}EdLFH$WltLP5$oN-B`~`x|Par7qnDs{S z4V@}?NOQ#!y z(hYv@!m+nm>4r^H3qTR_aj+h3TW?B-ukXAI@?y7b>MUksSa(wZ{GOvwK6}Geilxd& zJqqhM1tBu$jJ{2{74-(Ay^nj{9?@o=q zsDmG%t$@@wJ=5As1!%N1*6U~fq0z)SI5(n(BKt@Wr_x7bc!5r_((i{2!j6rcv~bpk z8Y5nllVrHC8scjo(ik_UoG5Yuck^7yl)?=+sXZV&RHd7YXKGwh%@%&Rq~b}wSKXwt z;m6{$V5uCJhE7%;1;^`^@W69CjRET)wYDpg4W6WN9_(zAyFW}w5hi39&4$S-a<%EP zX@Bo4rn{WqZl+P`B}wYf${W4!#i-dk;DhoaWbdzcXAB!p3C#}|kd;@oMPt{}Eg!IQ z=M4qeuh!_~7-*veuXDe*t`DnF%(ArWu?hxjd7|BD;d0Tq7nS&orJtN@EJ1j6B)9mu zVXTeXg{23FVO@X5Ake{KL4W9tiGEM3D}AIIPu<<9Kh7Whmg~nplf|5HYT?z1&gshJ z#3500>D9)Q7ppvXF*#p!v2eu8_9n(S8+|?P#c;%~*TK+v_9fQ<8;?U(2=%eb>_Z$7 z*~d{L`}*yO!sS2qH5F;PFT&=9^W`h^ey$8AZK(>87QGM}81s#i0}ellr5iYTNw(Re zn@bkPM{|a7xh`x%`>)(op z+_mtWNfypO==Bn#ZC`RhKZTVlCF~Ikk+msgP_=pJC($3n(dT|TkJpF0M=U2(a?7iw z8DIRM7CXQG&4-o6w!rZ0F=6(S~B z)5ycR>z(aQOj8hj3^qM;-dyYRTc_ogcXjLbY7SDShc7qKBh=4EH74*FgqA4_Py{|8 zF&cH$Fxp0KYPAnHn%VXpWqUu|{vDU57sWQ?_rI^^>IL69hz*9|UuzX>l1zFWo5bLX zUSEV>FK&T-@~{sI{|g5R-#>hSSS)RaHFT^VgQp zGR&S|>jD}=k%x&M+-+sN@bulAPT)PCpmp9@u$++7r4ySiwC=1FS!Z8ai1i!VwGyBt z6mjwX_po?2%)9yJ%{gkza{9g#(A~uDIP&>($UFwYA>WTB!6$eyqB>n0_xiHib?Ak9 zoUNmPc5MC&J9mXi785RJOc+NdIUgCNbAbYwfDXpHIp-zu{(hx>q(xne<+ayVY6fHn z2q^{qE(NUVEMxG_hT)d)U~g0)CsA!#5B}Q2QdM>BezVSo zg^RdN=YqP*<$V`(uOyzLNf z?T95289HfTY4%zUyx>Uia#_RI=mQ6MzJka3evu&by8yjL4jlkYBrPmg5VbJDAG!Gy z#W51x#uQ*bhrguY3^K+Tf*ODCO&f7Ehejks| zacZF8IJPF~0Z65FJ%4p1Qhyju2C@$>pKTXg)hpOSb?C@p3Q!J5WKka0Y%57w37Sm3 zb9%U9Y`|j8!==i%8K?dDa@698Pz5CF^^rwJTsfh_jYZ>w4oJhMf(&^vaK!-4=XqDxUjBW!XgL^-chD7@Z~nFLPE z7wEP=$kV%&L)abxd@AOf>SV4$InM9YdXyU8F6K?kV#z_!x%Z^eU?*8{xYc}|YD@_- zh-x5cquQ*P)Vz_1m3dIpD6Dtbcj*YA2abTdRR5@3i0WBS`u7&Mu+P;QPT5P2*vEe{ zxDXoW17k_7sZb(qzdos}+xwktJ`u~<4-uO_2N&-b5f_ib&i#xn95_C|4qH4jRqVt7 zumCRrk)b+{#^Q?~m3)ETCjcyRTBh|e>E;rrw#=C0av|qmSYRi$<`ck$DaGqz=G=vc zckn#leo#1$XYC^50c7k&G!cG`V44==q{ZshU|ID2!F+6)v$zTImx&B*-Z(H51ju_TYQn`f@YRM1gqA@0%nsBg(JXoQzO3F z&Lpu(5}x^~KL{qw%70iGA>a}yCoG{Gx95+J6FbyE;TToJVw@b(-7QZiqHEv(%n~S$ z?+r-=LyR}vY$go79RdXJ$(iqEO$#lWGDu%0ty(sg(N-WHw4k%%#>NhuE0)3b=Y8($ z$arXyGp`ASyo+|jJvvxcY1X<{RKG+B%=Pm0Z1NFVOU~4Tz{Go2+wvM>p1$g_>$)&g zu(?6-99LEn{n*y-TL!WNyK8p`VtgW7mm@er4ag5R*8s;6OlL8a0wk z0*F1dwkrJLq#{P_eOK6e5=rMU=uf=(LT?FO5hX+%NnRi{V<{+Om@kTxc`3os0jMf* z|Hj5H#^-S5+&kPaUE~O2*QP_WsmL^7T`~>$1O{VEu-4oKK2gjY!f-X>a9jh)zx7RT z)pA7;gPW98cUZg#VpjwS$Kllxhu9k&n2kxNK5wuQd^)QfuD5%iZb=pz(&GhjL+FK- zzotGMjC@rUvaHsxtygTP7Jm(Br^{5D<1m*#+{H0`p%yu_WA2EM1st1QTH`gZt8fbI zgilFL%LlNFCc57Gej@Bk0OUQnfLZCM9t0-4d1uK3P;Zvd>ajvj7azdSainBu1#nA| z_2u|iqUU1Pceyr%N`wW$BK7<;s?wZoCe4N+YPyA9{+`G*ev>@#h z=fS*A6bhLDxCt+&>O@=;YLh5_V>w9)3t&^t*O^gAA5d_Uav+;ZwO_s;hg;69W);4> zOn{1msNNfkNEh|M(%T$&e6lzZcFDnt=y4J;>5TFrDV+Lr=9a3V8T%HTYfM=OS0VgsFgJ}FHR1Z5(moMs(ci6bmh%xOr7#nKl39AbmrK!5jq%Zny+ zWGk7sT;39LcXtkW&p_Q8k`BFh5EwcX?m)QxatQqyv){kbpb*5pi?@CliR={VXQ8=<=^f(qPy0SQ{RbUNeDVA1L`2!^Tp!B!j&|_gpGXbISu=w~ z>>fhI&DDoCH0T40ycvMeQDeyu@ivv_X>zEz&>PnIvgRv0nrgNiX)L045Bh4{wyZ7k zh1K4b4Hk~5X875~Ut~f@?7xQ4kpWV{u5+2d86GaKFU;j1SfHXS$kq(co$%>-M4oll)Upk70 z#)?jH7Oe^5UBTy_O5oFcOUgS1(tNLgd~kOX%2jC5iT{tBZcvz)N71+b0|6Wz&gi~> z$*8>`F3m!s=RUFz3@axl!u7zcza&pD3x5!2y7&k*8lr)f`LpkjWTbV-}ND_a$ zc5ffZQsrr8j8&Y-Gc>!uuwQn=AN-#>Ek?h>rGZ@v>Z=$<)%f_;cDGaH*P#Q>mq^|K zw9E#3e7Yzcp@2k9f@mZkeTfYUu5vR*1jsq(mYZ=4_so6}7td)I(ssM%-g1OpfYQq9=mV8a3=maAD-$1^$+j{CbU<&DQiv!P&i^2@ z+ZqnJzjGfY_V-_a0Ye!S!YiSV*ux34OKRBKK9jU3`w^ya$OsuNqcopr5JI#_3Wt80 zL)}kgH_FgNrpRnJ5|W9$sb+#gnq^9qj&us)R=}L*G2VzG$rg|JnNvg?sI2;5tKvmZ z1M_91bYU8$kX6B{I+u+SG44x1@K|bTQbdRRy_5#PCQ!rlha7zRrW&duxl3(}tm1#F zBKiNaYjHQQthm}hU04V%wN&Wm_OLXn#}1cyY>V2lohsyl7R{ummwp{2SkM^+;fx3V z%J;wbgwsn|L^8?PvYs4(@ol4=K6VzU*qr+6Fb71#QKqu}N#O`M66F3p3Cj4kR4rOR zNutqI{$whz<@di6rf{OjKrnlJjmS1(arg|EU$)#Sc&LDK>00Kmp^LQ00?3E5jU<~A z_JNxnB5Klc1HV{Dss?d#W5Iuk{iOgzEq6}GANAc^P1;Hm{Qd7_KT_@N zVqFz*AritMQMv!Xf%m{i&>buqs<8iSBL=O{k+WQw&i8t#><+C@Gg_bg1x{(1qqujx zMpp4p1{!X%3MmQ!g#KjJv=f_RN3kQIhTz#XoAhMVo4PxxX;uDu+=s6%oXSmU(^c)O zL*+*J7q$-Ouh}P0taB#eGoRH|F})wFh0*ZL)2CyUfw@I&Q$xE{FJ96AdZ;7Ff3_vnBD zh~K4SzKyo<_@%vFx{O;jB_6;x-I+456bY|;aLcMT4mRR)3FVaQc_1L>GhZx*5{|yg z!ya(1cczWlb{9#VT;(Nt1bTUSHE*y(YH9Ju4+P#e)w2^LpXf3es&LPJ{oz->PMz|} zv{%9|_PEnjzOunW_;aaS?k|qAmx5Yt9>IZBbv1Q8fWC#O6pApL!S6bgdqTtEB0o z+jVhWu6g{{UNV_@oG$iCvQBPsz=7H*K{lPG+OptUgCmsJs6>S%0$tgKE(a=omotCP zE_6Lmw<>WE+MaM0iA0cGgm_jPeM9sop{#O3^W@}2F4!Ks9ksf4khxpltD##0GFviK z*L4h*F-TU!uoX1hBg+K=1=y_=y*902DIO4BMzZjJ5#3iAE~;M9N#ty(0SR7DPR^?V z#yObxL^Jq1v*X#Z8DIxG-jQa|(j zqzr}F$3L-_KR29I1Y=)-Av@92ATq8UK$3NgWR*}5T~`R`WtYJP4*fKzm*U6+-mpr! zhz$(Y=96c3%eA=B)mxzwn!C0(;-WpJm?=e1o=hj?Z}?qix*4XsnQg3}%yCDs&#Vk^ znZI-jRbSwASQxE+sjMiP{6fA>JdQG&KCY^+VMyIdKWiarVcfo_n_1z+aD|(W{Dtlu zlF|KJW*_-sZglV6H6iBIyrZIZ4%Rg2x^Wy0=ujG()(}}pxxT+e_u&~V$+K(O@0+L` z{h2gqN68G^R&A;JmZHDf+LhdOh9K2pc&$zw%8$+}H{UUXzcWkvu>R+ybio#OoqL2a zfahKk@NE@@t;~7ZsT2;+l~>TuhSz4Lyj@cM$Dg0&!vu_uL{lrxK&Z3P0ZUGbrghKX zN17<^D;2^%ku#`qo(W`PTAR%?`7P;++sDkDB8QAOx;4B>XEl$HwgaE5<;~uF8w>NR5-Vh|>tpR+8T0r@XJ7vHa&q>$iMfVmmD(#w z`&nV*`R}qLm-axmFg{Y$jxp7yxI^xOAjcmrz%(hdOR0jsh;jASJJI?S5ULMyY{~J8 zFf+y0&mjo4%~vbWCxXr(ezcfL0G*JaQZ1Tv>@}0>qsXL>@V$@0nKL?j38I*c)E=^% zm6Yig_0ifUIYpPUs2(`yY1I+A@~~403F)11R6B3Wtc`(=8hf9b9to!=LQ`Zi6?Bx! zN3+yF&tLofzCZ7u0KWT#$^ny)-cmex7Kev1g*nq^P2(0#9ZsWP^6%W)1=T;)DR+;? zmXJK}U@kRThm9+oZp2zDfa~|^6AlKEzpex zlp|?La0=s7opQLhyqvfm%0WT58E22K)zL8_y6njEnNHTnT}{LD!(5>%8SiPMzMMVS z?WD+N9sajeIAy#=5c?nv+Pn6#U1s?B+D9jo{+v6=nnc`{Fqws-pRwR%%PyEnr;36T zryR&Cn{kvNs82!l_Fg=!bfHx}JuBL6H4K@vnVL#zm5>^oo+`SBa0aw;^f}WD4j_wA z+q6Fd)NIzvE(;pa%HTzKfR)_2zW4KHIu%gEpMG6|(r{oJ7-5?b9ihj*)RJZ@Yzf2rHE92uiz|CQ7;7!-JLdR3gA`DV`7 zJ9XmHuAilPSBIo^L`GXd@3*`^(soPTU1wNYd)Y+$w_J+txFp~7SNVu0nNfqxB3kFmx_|$|-sX)=VRa;mWUECdcr?>XrUE z@tBxEV6G~jq8gGv_37RLg+pVi;3BcB^wCv-VoKdd*#T=O$RT~;6)Z}WW|uK92xTp< zV;YY8bkfIDi;%!4l(&AU1H)OD5*@70#fB z&h4JM^Q%*9#@9mEMGF_MC^_;~nD}c|BDR8x%JK9?qM>6AX;o*n(fiTK%zsEjLlVg- z<3%=vj>t8sJ2LiZ8zD!_IzCIIjFHf~F-0pkDAwNHtL$mW;3CD~RM{&L{o@xr?&ipW z#`BYbXwJ&CFz!&Y7kRlYt+>^orB8Bv*{-AcHFlEcr%S$8iP5PVT?u|;Rq5yOSE|GYzswxj8?`uO8tG}84rcI3ntpWtoQa2 z{vLB%Ehw91a(zwzPNGrZEEpRicpXGT3q+>m|1C(0;4E%{&}?)>B5s=kL{|!_F=zwg zHsE+|2xR;P-~O|7DB(@&C3*0mPuZ@S*1-7#R`w|ywX}! z^1@`13*ZaNT>&BXyRmICDP}i=tdY8KcV_DXWAGeeTWzW?xoXf-S7o?>XJe z0t_P6%l+t=jhwZCYOp{8Kj>vU)_gt&4wjbfa}m|yjM#~&+%6!oE++a0XcU=XYrsk% zO6ww=xWyFTU=-5V!zk)o(*@BM>Ppq~mw4KuHN%4C!G3^FVQ^>wKB`N5gRq4-Ciphf z#0c7x1$g#?iP0{2_LvtaTd#Z(v>x*A$Nf^hxh%f0gmll}Gp4_jbkOgK z4T^w0bOD%9&HT7ag8CY819JP;BKJ#UmR@fknWcengX>_o;qu*4F_dqhiU1QFp&^un zIQb>8v?W~kuxL*pQOcibu7>J)v2akZ>R(A{33A<{jO|>e5m&Pav~5v<05?3O6Y2^& zwRH;+1vm{PFztaa3f^qt4{h7qXV9>IAA2N#E|ey1X3s(3gi;F@i|-VfyR_3s3Ftp! zaQGTCo;K8nl4^jsL8+D$96++59eOU(0v7JFOmJP+$dW}!>(jVir zDu|9P?4KPu({Ns0R1q~gCV2>Gui z<~_T+HzQRoaUNWQ#eL#*)R+u*MxAVKPa#vElg;cEwZ_U#z3fgif?OlG4v`UDcxzq5 zD^!%^P6NU~L)+elhDsjh&g-zB?wr}awp_?7kyUc&SEim^QmH^j^D6~>eH(Xi3R2)u z-hI|>R0TE>sDq>vzXrNQVbS)2s-U!2BtP5|w(iT-t@>YHaE)r7BH8|L7UECqfH?YX zc__9+k`@O%guCQ}wKd2HHc0p&g?fDN%Ff)sOqG%DLiLx|%Ce3lse+i~T&W=1L``t{ zG*#rakOD-Z$kvzdQNYkBXnI26={KLkM7A{^g6%pX1?8%4*K!Tu8C&#bekypzPGErT zzt?DnOc)!?@5rG8Nbzqw@|u3Tim4U?K*DR|TeDOkt7uN4~QxApxJ{3mA? z;uWKZJ;|uNXdTSrdaBzhS!04BuFcm#O&B81FdIhP<^)=+n^X~;-=c~8h+kj?Eeece z-zOu5w+N?w@sn38S|d)F9cOTcB8)sXPNFk&Y3K5c3MkwRmpdw`NQC9ZK-nr5cva?h6p4sbC5!qyq zvPa0?e#iN)>%Oo1^XdA2?(gsM{ZH>+<2?3pJdfjbo+={WlWxG;!k!wRga06T37Yo$ ze*by6N)pN-=KD0y;Y|lX$b>09?;zxR9fij~d*uU=CXQDfQ9bnu0`$b+@5}I;oeKVI z?~aq2xFr{h3yW;w?qiVSiLXS1_x!awXqS+_P8Sf+yN(ZK%FAnNEbt#D0M3{wlVd-d zx(@QXe%K%aX#(1OKJgB_gGkvz43NW(hXg48aXw<;3ZzRbB{)e4X1fmSzfNq_ zi`WBEdde2}4uYM1fUiDO&3TAbM!>2`yjKY2BBgvuOUnLg96gW)&pVdhL9Cc(-dR^% zHa&NkE?;lhschxp5pS?pX!R}GU2xh|f2GpugqEcZ3Odu&)I;udb)T^4jKR-P37yH# ztg}=o6_Wr}mk9a9h-~BvXiiy>Dmjoz16>UoITl}}mU@6(=}8&E&JE;K00mF6SA9YY zgm3oSdfL?l;p#0YGPfEmZGcKX7_;De_mB!Dg_S@~bo;)FYAf123h#h z(!?j?d2f(fNJ$xMAo8F;sn}r71Me+>(xMtE0>sfU(AqGAT%>uOFpSh$d4me=J)sVZR}cH}2APx#FlPIx8UvC) zGlPJM(h>A&3q}v0kWDNosRf3}%IH+vy0^|Y$?|*6n;yC&qx+h`mGjipQok_tjL;SV z%#REFmIw%^X$O{8U!dpLfZ=#+xLiT%KmpIc(NY471cluEokEU6M)M2LCwc)fRPzK} z{12ZJ{w{LV`&ks6!m9RZudAN|;M2OLbeZg;s-1+(oOSB(UhpAqoCB5tz1B0IZXWS0 z=R~a0M9q{{K6PIhE8p{1eRtn3y1?!SuPf!`4O zjo-LT1mK$@_A9YgVYs?HQtcvAAI==t4>QHzwyvP)YW?lo<6Uik2p z*1&_bmePyafyr7&>a@Rh`gsj-`R&F|LhoY#%AQ?!KmL^HK+ zb3DbQ6U@6?8Mw~(cXwL^$O_%RdbX+@>lVu(%kIrQC8Uctq{^pDP^1MkhJfFZe8fir z3nhdclSH+~9F4{>Lq!n8K#IICE@Y$!l&$(vjQ9Wsf8VMDxkF}9ED$>>JVWu^Yl>@+ zdy-HO#urr5_qj1UQb~w8icihY!xaVaZ9+lHt9M9$595zX5Y#6@EXEKM5GLZTkXe-T z2I<(jR?J2CB5UuoHvR%r!HxLHR*Gl6ju#GuWGDUNY`y zd1HR*&U&!2aP1&j){7Rm?XBlV-z`d!9?r{H@xkLtkEPf$?dY>_f4_J|Mr5;|%VFFK z)FE6Tn&~O^O@D2=DPzGajPhDC_%!9DM{${%(2vasm zzX?;Jo)Sd=>!cb$8}Z>Xw$n?GWkoXP;{9L)2rzUiq;DVIt<|NubacGmGicE~1(;0Y z2bIW73WiooFBVtMPLir&m1m&b4}yRq>9nvyWvGF=fig zSQDJVuEbegJbW7>O{+~(>+S>WHqmN>Y?V~X*lC(bG^vB?M3G}tuKE36WQAtV#Ka@Y zT7k0Hjh4$mSv}M(HXTCP(FXXFuyp4Vihu(kMS&Pf^lAogNR~av$boip#}|N+$ia_j zmmWXzzwNI0f7p^qjllH*=C2*BR9l3D#H2*|N}9wRR_9x^<+i_xL5&)?vxIH^;zuqP z-aRm-tu$PWW`H1SBHfidUOeR@kT_cSL&0D2G0#b0J&_smz9^6UkKPx$Vt4*}{eN$u z^#h;p+DX~^VUP#9dckR__7>(CA{cQdRY-@99V0WZpW1uKIyZg;YRX@XxpE2$(6LJZPBvPr# zm?*LFl-O^|sQYOTPSn1$jSEP*3$rmP>I1Go)&r>QAKX0s9i{O~Pzj`cXhOT2)PS0K zD_NEyAEyS6jpOzx^3N4`G-v+zSz#GINTh7W7`5wCBz0Y&ZPg;HUVdTXbF5ld5I~lM zts>+6kWrArm|-cdcpmC?KScXm!9WuI9j|xp4Q;y09oW49V_?P2eRt4`gJH!A{NK?C z2Ku~kCZh>uHkaVfOG+Kuh&(Y|A%&_)RSFPbBz(~rd6ya6IQ9TpOa+vwfx5Lm1pl{k zSX~S**@8-BYt%v+Ud{)z?R*uFu=|3};D=?ao>tNHxOw^OFDZ0MTfq1jEFq)XakK3s zODhdVV9llwJeK59py2GSTErv?_(Z)sF_ zG+qF^0~92O*`qjc9z1nu-vlUV^$5iOUt=?`Ng!MJHN7PY)(Meid&cx8JZ9<_0*=VB z0CMKH`c4Bm&Y-c*%%%uPDUj7IpNRS1pL-fPO$;@j+VW@vfJp}I%5~sQJIGGH;&m~k z?pQY`fxU4gEbl|Y!wBq`K75ZFUT_W>#?gzUT^6{OTqgg&zz9nK&lV29iUV0SL2loa z5v7DejtU;^rP!CgiNK5h`9H&;Y{SPdAi4YxzyzObYe;&!Q*<#;=lBI~?Ekh(yFZM? z6rHjBXo};8>V8!JkA7dbRO<0w>lI0oi8v;<-*q5&U%Tw%j?fjcq(ukO9L9MkD}${` zN|qa^O05EV9EP}{cd9T@wi9^E-Nzhu7#`KW@K-SUwc*DSk-jmG)|2eVe@h*7UBSlc z1Z?oVIPr!w$L<4ralC#LeSYVIA&H8fhF%Sl+uxF?(&JMTei?)Q-yN|kmJM2NY5x5M z@TUSeSJBCT38?M^2)$23;|kKKUc4BeXj`L}7nCQsIb0k^u`-q-SQ@LFimQ;cF>0QJ zuLNrbJ|6Px#&P}%Oz@4fcZ~L!meu?4cD8+2I+pL^(8dny$Mvjjy8)~1-5)RBl0ChC zqS;qxa62k<&7*O!ar9jxS)#|_rb)OfSTNwV zCnk)r)ow#Q1^1yB5392hesqWYQ+hbTop7Q%Anz{f5a4BL49{<`p`Jm7L+1e z@fN7$CGq!+riQ)(nucxw9vGO=ps!(@j!o&;fJM@58g?3{X<*B0fRZD1u3tf~5CcOK z>ukCW0+|4ZHqqUB1o?ze&&gq>+fk@ugE4|2`nORS2gM+x1zU%Rz)OEv{ApSad*#w; z|2Qc7blW5UJlFQL`E(d`{M=7fJs94YN>up(GxZ&Wtq61%we7Xjvv3;9;vH3L5n>VD zkD>k6yseT@cZVkOk-xqDUx0pf4dZdtV88r7{?axv0!ErN407dsK#LDuM0cQksU|6bI>RvR73a z!u#*9j}CC}pZ$_Kd@|c($lAIq$mLs~#)9-ZAMDXvF*$!Kd3R6l$0yj;lS~x0M-G2X z*s2vQ1iN2w;pai~Z@v2(>Fcs{Y1a>tpL7KCIkPW^`-yPM;`*s`}B`gTtRyc`;WDam69F#+A?-t7w718af;_>cJC|=ZA^2|`;*evS>k8n zJ~ZVju@=aC@U?v96_k5Fx8^&k0sK)R^m>G6QA&mX5TTTWfDVv6_-c+|Dgp?lS21XY zS{DNw3VTuwp+VZaK<%-g7Zc6h#WWXVfY!gK$$V1P-CKrTjV9>gUp+rGauEq3HByN? z9c4pW;9j)O-#d*ot;+LriicmuOL(K*v6MHPwx`$spm}EZ*DOFq1%JhMzKXu~e4Oa| zt5+AzZCuCLRX%(S9Oh@2j*M-N<7Gz`9jBi8(5Z`g)48P54w0hF{!TkX)7dCQ8&%qA znMocQsxhq+F|12vrH^omQKBz4&tHJ@x47$QkVI^xqq5fVWr}*P9P{9bAI)>!-G3&Z z%4G=B(f$sw)c4fHm`*f;yVdpnInBA&lFdkt3YEC%P7IY4)P^`-)_~wjp((llgy8-b z%6^cHS@H>F&#Gb?9Qak8^_R$@;Yu7Yd5}PAG$F*P>S|CdggzsPK@r^0`Q#d;W6rou zaT+@JX%Xfmi_hob&S5G*`Z{j;y|><%BiFANlSVL)F{$04p{uJp5=l)uLZdf_u% zJ3}p_Yl&68U!CkMaYVj+3tq4ehgpTUQCCgzV>Xwp7yuF~HOCpu&VEdTQE^sVvCC`Q zuL|P0;l5IMip4SoDlt;dXoGIq>L}kC6-svG2q{6Vlxg~YNUX5WPl}Fo2HGZ38hVA& zDM9>b?e1W4?)~x0<c|gLAxJ8Ri)+YO>o@i&bWvfzKL3JyimDStMfh~{+V_Ax82d!-N_Ho^X(XQU#{=l zm{2N8AdRncDU63>8tU5i#oiuTaa3AghpjNq<>Nkt&$&Sn2KnWRBF1hGp1&_5jmoM+ zN_ihY9s+7dB@Js}0VzOjia0d~D)<1VrT=f3cIhpZK@Nfz_y92G%hIPpQ9%MK5sA>o z`$#(gXOWANS4BglrAJ$d;@Pn!z;b>Q$-$L?gkYfB*7r(=c6oY+M(DrRR zZ6C$%e|eFbYuqsboypyegZt|g=I}kGnbFFA_b=d)H{bifA@V6dOc5ZHs^YQ8pu^7$ z4_q9(X=`dUzKft%v3bMOuvzi2{iC4(HPCuA+SRXAp-ni2y4DkGSTmQ;-*oDR-A1gOx#yd&KKTGU411jLz>Gs7I9 zsLNh$e&ke~(I=pDYd%P4j@jLGc%ws9;v3eGelNj;f9>I`LBQu>VQTOl zCEXP#7Ts>z>j6<3p-y9=-NO`(${GH_RNOD%fafrwf?Tj8d5APzHK&GDAbU`84;Huu z|0X=%C?CZJ^!!!&4dd;Lxvb;Ti5Ko!?<9twyTO2K9M8reO_9Tp@>)Ba;hdxjIYDk~ zU{cS^ECvR=^QySURC6ltA8F;_JojvmlD~eaVkgdaXCX50)BNY=IhoDo<*|~NpM`9j zCq;U7&I(x82RN#DPBMAo;LRUn5F1bvQ1-*YBYLmlx%1S4z)=*Bh+#wqcd0hUPOpoI z!P8R%zn;2C@wpu%+|YcKK`dH{OxYW5(5D)CqAElQm*C(T;@6Y$n!LD*gNskjASQU= zUw_$le2LLQZ&fB*96tT=*d&McnW%jk{!8aRItXNhGR`zfsfySYpNw8vW~!o?-+K_U2kj^G(skhjI7HYKs|3U;9O= z@qcULcJEN&&r-N5d6q?$pK}>ratK$Toa$Xwl7EO4m&ttxk{^*cn_ml`=h0ume}H5D z>_x|99Aah%pb#e|0RwKOpgIqod}00<*J`|%g0HZk5n z`n^>CEBxG$c`n<(xKW*hBc`eU>IE*AfsEJOtw_i*z{Jl)FX;_CPa+*+z_?ox{@ah_ zsW?KEsmIolIEWHXfI^X>_3`2ZMMj-oN{AO0l%TrG7r*$zC4$$1B8k(g1W2xzKy}TJ z>s7!Vm>vB37aP6H`iLN6JTJqix1SwqPmv+uHe+LP>B+OLD&PCG^h&sK?s|FqilSR) zzUlr~2Jbx=lgJca4aSRS4#>*4{i!x&^d-O=c%@xEo&A{9H1VnP=u$Gs4kSN21+qIG zL;sfI0!KC332GKSM3g6v^lPD?Ho!u#u|O7VMRFbJcICpjZ|vaYxS{1FfNmZ2zlUWF z#i5tH6c?>2(XAL3+$C=&FL=y*6>zXWRwt+7S5FNPY>~3R9afmfL71~G9TdRKqQfug zEizBdBDKHIjWK*b6wQhZRh!~2^_xAhJ6;l{d>)sydxd;e>L;oc{K#I^5OMR1Nbj%8 z$UKDOm4id%CvUBWB%CB#Cc-BtA`;vz%-Q9)OVG5Ddp@oJtW17v)Gv1kb}u|HO30)u z0}9GB3A^$D1q*m%Pljc2wr?Vl9(qYXF#sD4;Sp_UdG0K3AJW}N%NBwsM8hr|NbHQ1 z3`UH$-?-pj9IqF6V+UFBkbMT=_>q4bZC1ciLk!epGt8n#eq+M8zpsl)M$}k<4h(2t z{esl@y^QDQr!oAp*Wj9RmX~|`MIj-t7=TEfuetf*ujtJ>ZgKN_93ki2vyPb)d&qb5 zVsoDK!RN*lL`*pblkQHt!Q=k6OW#c6M_+2?Ff7#)h~Izae-u7|eA`fSf9LGWJ+bz5 zm0J@s(6a7vtMl=rCRB(`}p zHH|AfXzu2_6|+-_SVVcRkrT!%mJ;%Zx-RzDer6hcrFtkcm;l@48V7p{qad`}HMzZRbVE*qwK@o1G)ZRUr~gJXFxFL#$m~5J3v}1r+g16b}WO9MacJMc-ub%_v8reBQP3TtoyI0|6c52DXSu zb6Ajh!5tJ09o4~5A3F7(f@^f6z#Y+YQX)|kJtY#Vy@)K9`~ukED>*$9xPn~Uv%7my zVgPw2*vuW?r})ny=?0KDc`LD)44#3(7<|myeImYZX`)V^;QUxWa_r-jqgii>&ZYer zll~6H4kJ6KifLQJ>JMUB!MjiV4IPW1qXu5OKO+M4?K5$TVXM8iyBlXgM`yZiFuisr z$9A4Nl&H$SJoI?rU?<{l3;G~Nih`SPb;s#JDU7bX=gx&gbyy3V1fpBWaQcy3xdRr) z^7W(-B7-~-;tU0)05;C(Luw;<6!EAKuRKeA_LCX~vS7;$*p8 z%wZWFo>}C)$gMoV3_KZg@au>nL-@gb-^(3z@|k4d9MGzn=KqtQzJf5^#jS1%`5iY9%^cXI2(QPE;P zN_jT*!Pk+vrk46!_|crz-8Y-F$kGutV6N_hg*+LJw?RJk^8BjAc>CPd0>_08|F4+& z-zl;E;g`JjGdu!_3@sp|tkA#+bTu0%J8o@@2b-5F!O!WT20BRlDu6Q;m7h_5>j);d zXkyTN0&dlTb-=lj?Q&f22+(GcU<-z zUg1&KQmZ}Gc#jmjTrS|fru?}uY5`mtOr2lsL8h1aIK!G_fBdsS|27-_hs09^uiT<< zv>^i#&SS-px8dIwo#bE( zR=jaO+QomYC8~~1%IGwfR%@tmzCCSutHlmUX?K|a=V*KGySso?(g8k%a!FK|^0(E3GPL<$Gch!0Hm@2c95j`4V_FB8=`7B3``w=@7Qo z`&)njd#|DX*GG)V;_}qS*%@^cIchPu>ABE|xm5Jck%5_iG4E#=%N*pQwV&hXzxTn` z_x9kjl+-xShdX{o$e*DCrk)JdFIR4YuWwEzV86hx)R{u-+nxa<-n3R zFRTj~``aIrafI}exonXK9D>xjTtmYi+<)7l#jTSlbB8rofoFHm6y8Qz^cyHF-Yo0! z!Q)0$KuxnljfT;3tbvkZY9`RqO}z4VLRAtOS}*}oQ-2O zJv8vLQnQ~49oFX(6{F(hW{hfLJ^@Uf&TZvf#(#vjqeuJ%7jgbS)tEStCmSKTV5()H zV3pCDKx-^#2PG?dH%Edp@5Ryw&3N%fOMYQ&#UG z6|N_!e^H-VObJyo)8hD&UmiQZGva?{){CUDL^xDFY-j-Q| z1+UsL(F)bTKW$dULlbNw?uRuu>cirIDDcwJatD>ak^)gKZ~f=~yot9{n-}oBNg1t- z7ARkV`Yxr%3|lmKLuzsGA>A`%`cS|xVkmm? z@Q7|OSI_Dyx{@Fvx`Gfl{zKaBLr_mrt4{*&KS7jWxihC`2malitiv$$WaxRZe`tzjk`FYfVkqihtM^M9Ve*# zn3+61neoc^)c&kLi+)~!@I4$FO^R$S3><3M1s>$^Mj*YZbznBCMb{XEA@Q9)0BLg# zcz$~;YgHP&BUGyIoYP&mI-E6BdJ-&{Q&loEGFx^;47!RF*6n@?G^AVBr z)na@u1vzHKKhr4ZE}qT{p`vHlF6Ghqk+dig)I4LYqNvsb)Z`mOb_S~IO2E*n6G-Z_XrXt6NplxRT$wxi?2Zcav$ZL zMx@=t8+%cE_)ieGSH+)j;duw1S06pasmme;zHTZgPZ0l4;zhESuYSb`VBxTH1_X&z#Nxk~ z7Qc-gzYji;P&mdcJ3sEF2cGB#K+zJwo{y3|ZHUw@x|4Ro-K5x-zOtL}#u#vK;rNv7KLoG=P`)wR=~d zjnbf`p$`wCSMlKl%WuX>@kTPftYY8P)#>OSgOmv9uDdbm@*zs2-quJ|a8!$7TuMsk zNP)T>KqGTn!XglBxxv?IXK}fpL~;(i@?5@wA!2_cuq!;haR@oE4PrSW{yl=mc$|TkG4z`#B!#|^U&P3Nx1D6l_$M*%47_T{A; zreNTvA`wkdcoNIrgsnru2j?1|;7#w>B>jpN*9qRCDw0805d!h~kGo*nICy{_jGV&y z=Kp=hIHKaU;zv%?oyq_i_>N>vC1M&r3FtCmPBHSO7zW^o)yaRQd_w_p`Mr!QWfH(j za3m6T2b!+P#))!H54Q`fDzYb@Dd3&?aQ+&x@P0Fy%|_3&SBuBEUdql}v@x)>d^Cvfng7(l?b~Pxkiyz`_miSkIL1Nz0Hw#VYe3hw}*WIgSG2 z%<)K{2FcF|$wR@sIhqjh#~Cz);rv@Z%>R+p%|JJLDbvDDG`-DcvB8C@iM_^n+N1HI)7 zv5!2(@zMf~D$AYhmM2{|mu?U3@7r!kv`Wy4yPs_PrkxC)P9~FN)+Wd^Vh8+G@cDXm z@*E7He|b28Y-p|YaD^zxWewyDIUsa$VDt~8;NumTVE^-Dvp1w4zP5^wCL>#oyfv`A%GWM-(|AS@E&N>CrLv9Ax$b2t0v zJ@izxco)qG(CN7oAoksl!YBt^d;^dCke0`aE_a8=xa-9NbwrK;>MY(@>P4_HxH_m9 ztPPYQLd3zJqegL?pWsMlidFlWPBtO;ono`$-0RKh@*jkV^_j7z7IQai0 zLCro4ec%67&t`)o&*siYS%WqL0>jfjX+z<1sC5S#gBborVYjVR zQGpk4$3ymWO79g3eotjmOaQ$Y*TExnAv<7}x%WTJxt+r@hUmSL?!r)o&0^~rAzNUF z+gh)D%H1=c;>4;fa59G&OX>q|g%qP4Vlm7!5E*TeNs9$}J!7@lqSZO9jQ?Zf<-fWy zbH^Br<~j|KmRFa7MLU=_Hj^(t2MaBizrBX-PAEfOlqn#KqFOm4lp~2jb123?1$3A~ z!!i~DY|w9;XtBtmGrfu9br*<~iFV*pTyFkMDoi}qB75M$Wa#tbC=m@ioI)78O-2{e z!73{m$S9rwI|7&DK8zK1Vl=^#c2`wD!h&9-$)tN0Mcc@{yt^Q(MKY29v#hFHVC8Y? zEkj7m%ka0;6$#`wi2gXiVDu-gHF!`kRxn&|1q78G2a{A_uPsHaGD4pCU%(%fY+Aho zTgBFJz!(67Jbr>fM5<@1_q*R87N4EGHC(;ildFfs6pvf5+WZ;8%!1Mwfkj~}j7+Rx zJZxTb_UtY2I}Z;`X_nYb7e#X|)fyi+5J8JE!^di=o&sg;Bg_Cn`@XlV{QXCKX$oiN zP4EBgqcuaO6RpFfjD0S+2&?-_s>nq^LvyM2cMZ)U3I?Nc1u1*vSKk9F`V@;)c-_LU z)U1@VPfVKDp#2$p8L2;_Mf~q@R1zXEP8_NtMo&+6)HfX9X{+uiDZFO@Pw>1cN-T z4U0V6JW>ksTL9r((SbN1Ft%9#42%pTT)+&i)%%5LH40#Z$%>Ec(8K2eiASn>-RJ?tXt$(mt-|MDYbqDDV6QSg^5fM85QDES7-O0?srWliK$2EiK3X6t6a zGQAuDzWNa~S%RKY23e;=cR&}41i8l`ymJ&fQGukcfuwTp`tMN#JpK!57dU*2}NJ=uN$oV06>qF&%KLokb@ggZ;*WPG59}MIm1gRKBz)7S5>Cr5437-;Ehg5 zgfwz4VerVXV4gF`BGn)%ad}r@MuIzh7_3DkG1)8G#pHt|@<;3hFZdQoRyCJu8%!=B zNN$AgC-2ugLqi#LOFXxpoLLPRDwFRx%XaZ9O;@V!Chse9(05F=3oK~eq`@Bq;H8SH z$-5KOXc_CUjD@a{)5xXfLP~Z&{xdHU(msIBdzm6vP=tE}*zcP*Jq|pglN3aJEpq#D ztut)5)Yhk>|*@$7y@^s*Rr4loS9P-n&?ss6sse5wfg6ewv8Rb;U^iczVZRkI0R$=fC$ zpJRoCj}?yaQtk8e7f_fO5&b2cuJGeby1qEWf`yMmZ=*|FK;E(37im$>ZU)RXyJvu% zpFr_uQtC4yx&|cy8mbYfQ;ZqeC#a|P2Pg=L{Vzjeh{nn0{QAd+Ao>||4kD86KZBew z9nloW^jD#mZEBIK_|dMty5rZp4yFK4g2vIunQD{5oZ#fofsg82?$CsZ;Wz9e>S3%F zxNH7@UgTmqaDMY>{#C?zD&RboG7DBWHasASe~X0hH>kB<#8u{m9m7nXburnOTu3P^9?YcRt zO%EAiiPdP{RY-Cxw)B)MQ{FLEOOC~8>)|;DS_IamVssBb(JHI?- ze;nJ~%aQ#_M&;!Tym(p1M`+WsI8PHJioZen_&zl52{NxNFfUDw%T(A|Cg}A%Wfvnu z*JuJtSp4oG2g2#C9)nwY&XbE0Q7B|kx$@^Da;s3B>@!*CPxvAcodWDbFzFZvYCph# zY<^9%$yG&{Uxdr`Bx|stqmDSiGN=z)>!>ri!JiN2gJEC=XH~ZE+A~<)v3qT<`mh)5 zg8K<}B2Cb(c~mp4?KG~Gs+#+V&tjnG`OOPAU*P+n5@IAceC*{wiLFB8$%y{dlT4(- z*E4IHcV6W?J~rFC($)Fpp#2E{hhx##4+hd7;UsBXD*Tz4W(OROy2;>zTbbK1{m(}F z+ulNs0)WK|;U&nd7N7(j%H+Iq9iVaTEB}_R!WF26aK$cy7MQV^1gvN-yGyJUm^R>te4StvOH@)E6cFSGK4+5T%PcVBSTU_ zvTR&fcGaeY@_wbd{X#F3Qkr6z@2oaQ=y|2jdHw+>ID;x&)(D3^UC=w28qgq?KXWg>@opj~S61&?a?y|Y|kvjMNT?e&FS8@N?afOD) z@o=rM@z`4?kk8yU?ymG!%v4umk#W2%c(dGuy2E?4<_R?lv)lG#Pn`Wtb~0!%Q5E0X za3XguXlLHiwv7&>HwjNy&I}5z+B**i!UW@O5>It+uxFb^$Fo&h`)&AdjE9fsIj@=+ z4{j+Vm__@}1aIb$N3+o6t**35sS=yCCeaIA5!8=;V*7>jEK0b)l=5qtX~>$ zWEK*-Eg8zeY`VX3T_#%ajKiQ)a)D{LvdwtI@qs!xx`mbYl0|0|m(u9efrCe$MqZD3 zR^v@52}gK&uU9V5m+@GCJ3Dx?RJ|*0se9OCmN#KW^uY)Yn`Uv&fV~SVn|8UQ&%~#+ zLngjq0@H+T3mmRjuIo+X9w2P^%5-zA_fw00P7IG-TKVdiev~ptEN{(?L=L;Hi#WM8 zM~_sbU47f9v2|I;ebbH#W>)PHf)O6b|Y>#X9~(eIZ{V>8W#!Qud_Md6h5`m-Xi+ z_1Tf%0#5T@);~fM{%n^hw9R&+IW$0Yhhc-58_%fJtT)d_`P!pXl2^|5zccSv>q?Ph zavJ*@f5wC2QQN7*V`kIsiQ|i3YcC6Q@ka8Ms5`Gsoq6_*x=P~3SyMgksVY_)l)-E- zxaR2LlN`dYY)d2jHQ#xXrlkquHV)n%G@EzS9PCkwbOZeM4fc9RGJhV z_SQM8l_@!!+unqwxbY@o!uP(N-Q1jvv!k4fvM`~xkfIjNiX_yr{chKuZAouDR9+IF zYd^TN%w2V>%6)gdP(_ELtLI`Qduz17oL&HpXJIu2=E^;G`f0=(U z+Ge=Ytv$*7N~&7E&kH*K^F0`am?&AX-8-=5cX|{b8U021%H1^$r-ea>N77Lq;K-)? zv#TsRg^j=Ar^>yRSX2`j9FUB>WXuSrK~yRG{jJvan$4<`O5=djvi{PTQNl-p6Mq!Y zFO6K!vlzS_A+SE2)Y^OelXM~9!`5OU4O|q$r0=V^C+rj81?u0}DnGO%j|&@v?b$#U zw80wLuWd``;rfbWb4hCYOJRC}c|XerO{M*Jb+wJ=E5NVe5pKZ?Sro$*Lj0abT%{9~ z9j98)L*zdeJr?3~3@ zb!@(H*~EecQ@sr}avlQpaKys5vdas|w-S6Q@iFNrhQ<2E=dX5B7aVn)vtO1ac|J`NR5z z5!|up4{wQ4&!dF5Fi-*9;s2PY1yvnT&IpC|SHirnmyz5$8P*=zrSd(`1|n zS4-96Ba+iwFWr+&bfYUNR^|uG3^t!1x0xBcJ@`UZM4*hloiNsf3{*38xkXG&P|2S3 zwNl5Nj>oRjC5yhZiBjQVmkUj$DqT0OPJn68_Wktf(-x;yD&c3? zUO(jU@$>a+Mlp%QnU!33Ezj$8O%|xnM(`#>%G6gg`B=j$0Tv-_Y;0`Pn3*}AmYx*? z@$Yez`k&)>?S*JJqGvj%?Wb+(#3lj_&3nYHuXo}}EJ5E(&K7pj+#`p!&yJjtJ+|=Y zgu!2rpD}j{X1jG&z|bTI zJMk}AV*oK{5#d!E^4ND9#5jRUm%_o50ix$mXsg~# zl6H}qXpRbxe{lQuZ63?{Q@f&FW*g7G*4k0lfBWD&>(iE&n`N@0vGC2;dz6l5E60LF z4N}7hQ8%BlmN*^7eC@7dOPiBP1hg{gn;*qQuEK$CWx9F~x=t3kZQI*86j?Y|qNEs3 zu@Al{-L387CoHJ{)P49*hoL|=g(S)Q_vM6a#!^xUE7u1)v@9yd!(Kk&ZcnN)Axo2c zXOeZQ_!>W{vdhV}_f{1WT||zJVVv@blE+bsbgt|HS0Q273&)xrC;8VHFAfDx?Q&J0 zfRk*sbRKtT_)QYTVzu-d48-=%9UvqLIpcls6C4$rOlxCbvdm@NSCA^aGD1G6FW9-- zpQhCQ_NJ`UO5hXFh&|(DnG>n%nQ2*7Caog#sjREpRhtvEa;EO9q2Y;u_0>$rM(kwl ztaQjOwfpkwH*}^hO((~F+HtbIF3PJp+O%T&q981OhHA!bMw86t+abB8aN-kO9BCJw zf>~5%^Qj&@Orr^ev(iotCMZ@cEL1r(KwcL7wS0HMgT67rD7MY0QZ@Jf)^d{d=*OiE zy@2N?RH9Bx`AhRI3)4T+&ZL?Akw%j$8@*UC)*Pc@`6EDVFQlx@A^fW>N$?3B=i7?c zl~*^@wf9Sh-HIUfyA=6$ye}6)0euOlH!05ZGMeLL&MSa7yZ!*Y(yq{eYWnk=?v7W) ze8}j}=y)vqH3xjIN;uO=EuTF|aCj^{lHcU1bCWXZG^?544roE>cK^bA@_&6E^l-e47Xdk8SNP zpWt{2Cw7Zpe)xbpyL>54JI*9B+uiz6Lki~0*uyV=e4fgi8I@sos~ktdG}IsO9y=U< zy>~n#a-(wFWoqv3{LFJc(^{_Qv~Q>`1knQw7#Veld@%sNFd2(e&sRWU5WuQhN$Ckx zbnieJypjB64nZzCfO+T02bW->Fo4U@H!7%9{&oh_{Qi235i;I+0M!R{uG@QhDgla| zD;b1Etvmpk+)EQELsw@2fSVDdk0$P_b-+l`o|!|wCKF1y_lBdpY|iegeWtT zsoC|rl3PpM?3ZblKP#M9LumK5bp{hu_^p&x7DV0byhr7jZbHqZB+hT@zS35w-_%#Q z1c}3KC{9=0(gG7qW;D~4IjI*h9;o*C93`fs?Rd}GXQD9e>O5~St5kZF#%-`6JKO#r zqj6y$;@rxn0HLPA28)Or}rX-*j*c(A$ys~F`{rF7IK-_m4_qOA6KHy1Zqdp|aM$faEOKAhmu+ai`vm1lO#HX%>T zfPn5g_^_<)xC%b)>4S8RI~&$=O+ozy7MXFjs7iI$BL+H-Z!thE zsIyS9Et6A{pJqIJ$$WfkcArUWp;SuX==Z_00J!d|Np~8I)qbV1Orj?@=43L)$rRPG zSm;!v;Y;B@K<9{AxasCDvNWaFo^C`octeYS)vQ0O;^AED)l&NkDQ@wYnuLU-@=157 zcOANJlsd$TwijD7Q48vNTAZzL-*xUSbSctof9+LylRvO>>QCZCi^0-9m$o;u`eP|_ zOLJpJV{n3N>pDISCjH}Zh4Wg7X_hgBwbgLprKz{2hi3aND^kS{?%1PhyWyk%&dDn- zw-@ESe42&2m|N%61}Tem4E#$KlitrTij~LE56;hL>F6X$#~f`7l#fWRq&f#}&%H#P zw3_@Y=cwWo4otbbZA-$*t>ZnpZ}ZIi?IVOt!}cyqxP5=~g?=7P z6B685zG-Tw+3!W;wPZuxVGuWq`G5TQI|%Q}jJ_;M8!$uFOAbsk<-7=bhRje046E|I zKol}84j75yc&pDCgW+%fYZd?*nF<(Lc0-dPGO|}N9&?d((hEgMR*1Q>A%W5in^ zzxk$j0pjC`2H1X4qR}XdxQfu0|ILiu1vD+8U`7J|;UF=<@iiZEb&c)eFrxB|71GPL z>NaPaL^*qG-YJZARx6NhEs!=PT=gbIj=14#?UV5&upUS(A0FthPNey=HZ!R4F~CKV zt8|KSu;)ismR6!iRb}b4`H1>Evj~!tg16|VhIJzO%g$`LcO5GlH7}C#rM2wzd)0OP z!C9fn)!rJG!kNu9>qQ7n?A`}S8|-DhCS@I+%R5sQZVsdh?{mb`Qe$@gzUbD4G?t3}lD(?-oUh|c^|fSA zRxUfQq-0qy8#X0)?7MH#b-h}uZ(}NzNp6V_+)Yhg8kH4mg!9N*Rdn1!A&z?2l*quu z4WMA*-IJf&nyv%~1r=yOu;$4q+ZI_z&D;Xp*EP8&t(i2Q4pWX%_$G-n?ql^7Zee)c za1!&w(Zy7STIE!WqSLVCe8!NGSEJM4xL_3c2)(h$-IKQx=yu|jA^p&ps zEwKwf8>!0a%T|+GT8Xj?+U%(u9oB`O9i$H}D0 z9d_-It}#xMiCU9wGHeNgbVB@ch0#1O0-cjGA^54q^Tcb~w4JIbnj4_sAvoZr!}vP# zR^4UUdNRw&y4C%Pt6XI(@=kDU?&Lvd#Hrn&-1<)AjaZH!_NcZ*Uj&>`_&sGTaZAkm}Z%bxQ_bm zyYEuWP@YdFY>ik@Xl~4$nW6AQwrvl@aPrkfKQXiflUtMNw>U&C6 zC!O@O=_Sp}OAd{m#ai)y@ANQ?=zw)p6&g(<>)-?H;B$U~Om7EGpcbvoVL$u=Y?+eS zAQtr<9ASEGQCqr~0xuAzH(39*(+YR~c9P%)Y6(B3T8EY}Eouq-oEI;WNT+o)EQ-ul zu{gR)HE*KIF5amjoD~h2ghYLsmsLKkMQf9nN~SvV`ubEV?dLGgWlPF&ggp1K#)VY6 zInVmE^rEQ<1|7$HrJv&jR3t;r1>P$|?k{Rk#@#T;y~+eXy2L5Z*<<_2=|uSt&w1{@ zUnCh-QmEt(;|PR9x28W9!D(2b^A5wD;Lf_%ADiH0HhY=4XV7R~GV8fe>zanU?4*=d z-x^P5z$W$D*s8*pJB*!1EAZ>6N!HldnA!TvlE54ur|HCSgKE!%XC1NzYD%CKJeP0S z)ZCt%@VuWOQ~AvVHS94k%noe zfBx~TRMfI!)8})vkktO>|)%@a#Y zQrwdB1N$dMMD9I8wU(1!jq9gSb`_uTKTOLb_9kwbQp46EC_{q^IPv=S8ugca{ZB{L zR<{@OboYeijOJ^e_%x7-?Jz*t4y275K38bcMKVM$7@StJ`r7Nj^)DQYGKFi|m0ObT zIu+_3&6%1d@?2RODiQ&7iI#`pNGl%w98HJsg*7F6>s0{;E3Ymt?bvpVl`l6p{-D<0 zc^ya?8^300=YAuSvbXEL?vszD)GN^+*w40-TvoPY659!9eO zqvbT6WAWPA{e|Z2gJr{}1t(9_r9zI@xC*vi-)ju0o*L>mzS zV|C#-xJmQ}<*i}iWbC-*(gN9;KWH245DN4^&GsK&WQf1vo{XK7$2fagR_U+|yH?$) z+_gw`FWRyd&TiyRWqp>oXZ*guYQ4f$Od$3{&W~PYfyK`jsezZ)9-17Of-}T#B{w@v zu{=+U_;x~vBe0InL-V{!7RO`a6AgLaHPiSxlhltbfbN8GSyzt4> z%Ud4;0*^!U?3NZ7Z{_zjnIQQ}*Bsn}wDI@Pg2%kc#6n5|PVnAZO>q2i)Hxry{(OErQ+bHl$g zLyc*S529y#Q+S6?+NV{@THZ_5biB?5AslKvji)NMSB`h(ECOVCNNB$yv`R92sKTK7 z09ie$z>doBTN;H}QCkTV#RXKj6jSbou{8F6--NUIchwCWE#bV z{vz%%rn&%n))QKe_k02#|IPBa9EOWeV`_%P)uIs+8-+kZT*Yo_9SLf&a zobUIs_dzMMs{HY4j*R)?5Q8N%0Q~lFNQKbt;fwSb z7D-MJE1|!uXikhrnkSO^^V~ap)%&b-7*}-J+97XLB+wf*upX zGE*N=ytQ7Ps#}mLY`#C@6Q@F2kW;>0eKVfp;~!BXr^*G@()=bCPGZTJ8{M#-liTdD zrYs12Zp}u#b@-uoBM^80usGgxrPpc4MKk@@8EnvbU(TAZq)L+|qriJ2jU`}ak#F39 zG#7~Oiw-W!$$<{x+aox&XB;})=e&^Oy!vIM!&Sm4EbG(e=E_he6oFMHW*QL=vX;tb zSK>#?BOi_#N*<(?&t=1((D4EMw?`rXg+!%b$bfy!ll!Qg@yTPT1o_>Tv3e2e2(EqV zIDz6TZy~bI#;MBIZwUo9VuhHKsCCsc9$2)YEd3<1M+d+j#Z~zO3;ICj5hXN{tI2qx zbVVH3>+J4J_)Xyr=Mbl&?bI{%Q^qZX>ls%j#2@;d{1M?EN+Ff0edfKN^d1VS+UaBK z*T5l+I6W=?TGArQyz@rv1;1Nz9Zs`(T_20OU*t)gIY(8-!dG$*R72B<68t2gyqLcFV}*5W=} zmT6lsL>|vQr@PnG55!QfmyUs*-l?-4l8MpL?j!j4}ps0^JhP-h*~up_b@K~3cJ~C(42{kFFJ|Ew}IBl5O-;kW0I-1k>Fq~1!UU}yr-VzyC zGk+9`&c6mUdOW5gB#r!!ad8pN_T<|p#kZAh%$6vjNEV|k)AQ5rH#6`0bz9H6%wrqg zHomWJ5wBz7^U3(GY1mjSC!e4R*@`Twg1uffoi|*!H|8`i%(J)Ag;MJvm2nAw`)AKT zv`Ps;jnXSm16rgetU*nT?scC=YK0S2%aMVOcYEpxpgD$rZnhKfvwe{%7823+0*Zhf4)N@3&Vo< z(_J}ND!a_X3T6sb%?nZtu*E>9msgx-LM0{aUe-lQ8alXzNzMc+Mw++H27t$Eax(8; z(_IIM#XVjygE%p`?%Z;F#*iS4a-QIJxZ8LxL31Jc!p{ju>|3AVjajz_1)nP~jvqK+ z{a)cQxcf}T#~p_JYBPm}{EY?m&A}XtwgHdCyjR?@xr*HHDa0?hzzXH2pcf7VOPxA` z8>piMOjEb%b~d2<+Vp2Et~X9RCZ??GPm>u{%bYe%%e&C)u%hcQSu46IuF~euB)Leh z-EAL>@*}1rs+Q z2P&cIqnFwK#FHpxtMkqDlu?Z@fAKMv!kwtYC)6%>rRc0Bfy7lkc<4~3npnfdEkB}# z4=7$Zl*pECLa$YUl~0&^X!pLhYe|lWZt#kVrRYmSY#Z zkDFWQ;S?>TcP+hRY47bBTU(&1dXb=NSk^T3K`~O|i#S2r>qA^pynqwxr99gnx70Sb z{hLB0whPZ80QCBlkzo_wdY>L`%#3;o)$P`)4k5FN!wFhhCjM!}7Z@-~(SmZYr#K~i zDenFIVKKX0#(klg@&U{(B~<-MX~m5thX=t9Y^oOs&bsd0Q_9#uhAR)V4u&+73I6t+ z^#7s}>rWj`cpi)}tH>V}Z2h0&DoZHswC=vfbsfdj#S|b7rgi=XCE_5IHe<5A9g3cA zf~Z2Ay5|x~!%oI_k1n7eZ%y`YtX*cWc!3@m?hD;;K<}_P> zx6(AC#phvwnycnE9?_?cWOgEGoDpx7MvOh@eE3sg(Ixs^EzlQF9lM00{6@2^2jNq?M(jQRz* zxf9~w{9RP)U6fX4kk_7ZZ{aST?DoALDh-iPKIItqVtydo#Mjs+C8Y)hJO09S|KuBa zDjyXiISU?6H&VnyQA^CIc9uz~`NQtdmky10F7b(5Ul{JTzEX|s?7D*dnzhkLu9aT9 zH1n7w`WyT=Hxr8ap+`cq<`5_lWvARCRU>ZQbsgaBLtpOxr~xa(_k(s@s@1Ph4RASN z*k`nBaG}G(C5U>`!HlMKVj>#)8!+1xqt&9g+)t#t}3yOo*XV3nJW-6(;!z80ou!+zf|)2!?CxU)PB ztbxt?e6L4qXUl8+)FNG))6esuqZa54{!mhAV$Jp@AI|dHFC28eHpajuh^4ola_P-d zbMAw6+p$({txKWM-NWuf`5geu$>O>g1SYDsRWN;V58tcW`kZ=J)7zcGr=SItwFmZGYr#TnQ^m3#)>j&7D$&hke zFzIRD)J%~E)s`Lrc`+1w`8DV}d3jRXB2>y@{tovOlg-ts7u@gY2NJG`n3?w$zV3GG zbIA|N%vU?qAIEjILBZL2w2qgo&-F?j)WTn@eXHj@$AR37cW=%nZt#Q4OiWJ8T3x+! zn#>>Rx#MfA>G~P>I|8iM7w;wL9pZ6uv#rCj@Jv^JXG z#N0Mvw727fulZ-QiY#EZ*PBzBP>ey{bN@z5GQ_k2v9g!0Uj2c60^FH&X0~Xj_~ear zR7(R@vE zt=Y%mpb$Ezq!b8NpjLFHTbok&e*qk2D!dS>xO1L^j1w(a+JRIpTlNWKjt`MWXYa*^6 zmE8R{) zOwa88?ZLga(T*=2DKyePOhjGqOKs58?(WQ2s6vqgjrcS!wM>^Rf77(0>qd6{VV8y% z#e*QKS1KklDn1$!>-O|K3c22E;#@a<5Yn0=H~p^=doNJfU0A{HpJD)EZaubO6eY+)Qc}52Rlyt*wm?t^O6(972?7 z)Lv0uD0nzM(Zgtj!(v-fr2YA+xas(hk#oka_eAFU+;&nJB*OS~CGNc9d(2YGoFxg4pw0QCtC>;LN66 zbDf7-YJMMb%(^~K+C$x?QHMtVW>Ti!yK_%(?P>WTnz-PI?PufGNWK5EUT}$A{kxE1 zO>P};6xnGME|y5Cp=`<3H1zJ^31l;g!kjYBw5~8&Sj#_&F`Kpe5^`g{JlC^y5 zYX9aoBFOXPxGJcM(@vj{{IC%K*Kh(DtTSIt|`sadw)vqK7o=E%iP1KMn_-UbHdDRHS?n$&2208&uqJ zzNC5f#zK-TZ|^LXb45h1<9M&jzAT4hV(=Hc#jTHtcSPyE>K9dAX1KXq@>IxW2XuGF zV^LN|t>|oqni3lx#X&37g4YjKN#$XNMon;3Of!VAn>}IpDi9_lcd>>Y9cWw!RTcn6 zgzXUed6HpP=(d%@IYEB}t6_kkan#UriF90}Dw>4Vb>f>N3aJ@^OH>!XCkg4HZZs1h z<#sa61fY5XN+o&-joQNom!>ey1X~pAjZE+s2|9V}JiH{WG3!y`d!wcFRMD^Bh942V zop(V%0P@LTw%9GC=Hs+OSrYL-=kuj$_BL>S54#FM)K_46jGQf1LSq?Jvm!G!a9uZ} z&3>V*{oJTGQT5lIQ|P8YKw-VQw!n%|h^qYJYO3$TojhKFUndwlf~y3KLkY3akXm$Y zf0(hysBw@Qbq(dh+&atiuWuY9pd(x@{Dr}R<Y+r2zTpV2s2;~8E1OKw6yy zuol-}6%DOBGQ3h+NY%d}Ok5>}S{JY}z~o=vWpKdT(d0q-zfT@S z13h5E(t)sq1JK(;5#yp|?_=IoLmaig=O`|MMMc7fDD^ldX~AHjFChb_B&udXs-~h@ z3%e1{p40>?{5T__$sKwRnW4&x-mNZ^nEJW-4anr& zpoqPM5j>@%an`2gHRwON;QxNN#KH&A$B=V687ACNS!Tc;hbPicBM3SWc#PD;7*7>x zj!Q6GRm>tN8OEaNaG~)|p+B0)vhzLS;y$%ABALO4tLHQe-^4cP-{L{X#ouk?*^}N4 zjd&w4Ixg*ZPpB(gWK+jw8Cj37pcv#wmmumF$7aG$k4|LTp`V7X82w)VAlz*Sh^k)y z%QU=xDSR3JNR30+am)t+NK3iU8@LIAQXsn=MD)+26EFa#Mb(~)ph!&Jfs1{cc`!At zPLq}gW(2gMQE5vYi_OHw{o@H%8FUD#w|9$DFT0+*TI+}25cj)>Qr+?NWA{v=RnGLx z$?^#Vz(2b7QCKnp%GAUPWRh{?CKKTn%{A#zJ%%am022J;3ptQi|J%Gxs>|;6@^$}4 z5&Tcv5^61jlpij$`1LF+_?;Re#X5Y&=?`CWxGYUm&TlnFFK$?v+9lm@&%IQh3MhQcHVSJheJ$u{QYKLa00GTi8{;Aj7E$A~M6SWv2SCzI1=o0*G7bxL%Uh z6mYt5vdZ2YNE!PXkuqF&FBz@_kYU*8vG4ar1OSFztH|smp(>2!x{hB=_v62uHu68i ztNy9M#5w>k+Gi%=2oFk{M!=LGu>|^L)M#c26G#UBn3#JB02`9{MGGBd6crfYnsIY= z5nKW&nOH@0a?en^Z5w*?x?xKyGK}YF)?IviBe|lTv(J5d9v$KJ!T9IV`JZKNznZI6 z=f`REF5Uk5&Pun5=a*NQ5pqu+4}l}W!Q;9iUA}7cu`Y0l;q%7g9mN=x7L0qtPE?NWq+=yWy!sw7R))Z=mBe zQo?BF83$`Q`dyG-EPs<;@bXh&No*wd->2~qBc;8E=b}ITrZGcd^uER$Fo{#`Y+iV5 z&4jJ{rG{;7P>zXT4!!!4U~S?1M_%ovK5Kdwe;?w80nhHa2lV#&v5LuvP1C`r+*7Yy z&ncUnO0s}t)(jO+WIdEu(BvS9g2{vBQ9RrXh%s(Mv-(%h*FFeRQBZp#rJ-^faqL$x zqn`Z3z(va!&~z1Vm5!6&B7kGl%N1v(kCl!_`aG+?4#@VPg=-3a9l3^J-yuU|-L6x_IQ8`@3?^Fw=a6=ZD|gWa zH_;fXgihS-+H{x@nU0&S2ZIif9!xy#gorp9E}oouhZ6(>o<}mlFnQcx``}(3>R+h+ zJ-D|7#Ima_{uG+kB> zP5YT%%H6xCFY2(yv2^Fl6rKL;5U~+iLupgTlD;j1i!QFgQESiITv`o;T!$fFPuLd( zlP$QfC%;llaV&npr`xGU$^u2J_uJFYKr!|`6RF1t3kAEPb2^b=0Y+$@BXG_XJIZN} zfJRjXP_sOS9{T6vhChr*pcGcURFp(bxZ*i5_T-$24vf5DD+C_xLtBd^v`% zjxDr9+AYbWB`K1>oSFGJ1%C>^+h*QPPK8K5i^45eOGT05Z$#>+qzt;>-xD$)Y)=0b zi*Iw|s75ztkCMiVr{@tfz|%u!dTFvN zp9s|(p_D4+wzLlT&we8O@to2#d8%5%8v#-~gQoNCPvRDRnpgRY*Dpj}Zo{q(KMk>( zZ%#<(c=vAs@lK28w@; zIU_3ir}o$X^PiF6k45JHz|B~L)(k8RXVcsSGyU2BVuU@F6Y5>W4g4;Z1)jj@-6;6@ z`F@kQc0R;w_HyQyY(xqTdqk;hz2h0~e=FRBw;odevg*}b2t^pkQ15C+ad+Y<|C40C zhy(7^;B4C4RRM15XHoacXQQ;<^)NdrQ8N=u_l%9{oW46--V`cA;+iI{$=uMKM)&HJ zsQdL58eT26nwPxc1H}dq8-ys-+rH>mui|AN4t^!o%)kG7Gt0o|#R>Jx&kl3H>x+iD zEP4Hp$Q})?Om(pHKv%{7IHs2-Es2-GH_v$C*pjG@N@Ao}V3(NTuQVQ%;mH4K3kj3^ zvT>*_Jc4W2btqi_bQDJDm5K(rXgi+91^r;=>$!@`Tgb@C0XdE9f&%dt4?a}q(d-d}f#yiA(BpgsD^o{W?g&_JjlN0x^U@|; zXo=m-M||N?m1xS{kv&jm$9VY)v`a2bj`*Xb9~w@HFz|u^Ep!k|%Pd=#Z0uBY8hv6g|5J`^kI>snJ@yU40N2UlT~7$H1VBnu2InG=?(c2u|OQu)+kn zSi;r28MuiFzz1#MTBmX!Awyb+5ilf{$aoUX?ST;sYXg59u>fDFhZ(E?s;ljF-0Rr` zXkJYt)qWcE*y%4qyhsN<039?$bk_-~1qHylLi$w{+_gvj{kS=jrRQ;sp;D4+Gb_ki zKGV3LrPVL8C2Oq5A!9L4Z#Zu}?QX77mp{||c6jEU*q>v5x8v&SRJ! z!gS3fe{ui5OuJ}v!iXl@-&%<;*eKyGp>cmTZfxo%H+WE7Ye5Ti)v5T4K)b{Ke0G;( zc~S%Q%bD9k7H66?PWA^__qsCy&O=#Mz1xAJ4A>I=6oi3fc=1eZCr7D}LGQ zI$Lj|{ocZXtfSeF-Z7q^x~5HPoaDB}Q(<7*CgGmdn}q+NB}*&oRl|uB=O6P7o=F%u zs1h7A5bPNk7_n3+QGSfPdP8PGXSuiDsI}(kohYN(zU@usUW-@N8{aK_3TBHXBkX!J zux=K)Y|az2GIS&L(R~Hx_4o}u8mZ)?yppn;vjMt?nOAZv6%H?s&bnB%=jt1*e&yQ! zxMDghw$hEwjNX#k+=|;y6}^!kKk&INnz{Euo%ldry^G@P8vLa#EQ(%7SH-&JyAO?ohX8YN#eah#qTu_w_ zUMHoxsCFw5zroG9Gl|8f=6l+zqy0ixZ_CEgZM?<7zP0JSx(i>qWRpb4*7nd8N;2;3 zt@PTn|5a1L-3s+Sidp-WHT`L`$z{i#yxBZf=Vh|*D<|&b*}S9dXEtQOi?0Q{wNA|XRk`QH(4LrjsiEgs$&yplGdO4ORB$8vLNqRo@0xSwc%*FrpLWzuQCd+#R$dHasIs=J zPfE8{xgtHu$>bbQKfCS&G8?azR$N^+hhk}N(iSggrTP5Q+g5o6LVq^Q7r&vB(fX>G zTZhA;HkXwG4IjIbQRxAtzO_2b!Kd}ii$ATU@d=)ikq5I7W4Lu2yTs>fjUza=w4gy9G;D2hsW1t2#gJzO5G zk*d|y)r%d?&cCHcK=_Sloe57jwEa2VhL=2xt9^U!oWEuLNUb_A1G#(Z^NbcRa_s%k zz7a%D3P2N4szZ>LxKgy)tXlq{l6fTtzhN)4jdE`PreRSD>wDURTR)6sVnv@g&O=-JMv0H?#=^=n z@p%@Y$z>UJa`&5{YVAk!W?$tlLZ>BVT=8J&fPzsJ-OcsJu+PinU9Vs%G9hs_<(`TbJ{2>$y2$6;}Nok8PsOmBx}#9zX%6A0O6}-@`3Z69V3R{>BNt6kbk@d$}Hd zdGto86>ziysjxI&eyTMco^IIv%t`wGj^vykc!tWily#3(T%x9{RE&@eo@0l@sF#7i z!)*((1*q&{{`&A|r3`iPd}x}t#pZWeA1Gg#Szfd5TZZL4;fWS@h%ece+4y(s*c zAA_iOSn<>^Voc>cOQr;g@NYq9X?iX$b4L=tNck zJg^lTOOF1<&;esysFenovo@r`;#`dyTlBX8tV*|MCYjPMb>rGNZAFAb*$w!=6F8{; z1IorUO0lD^A9Up1F(CxR7|{f?G#66Z{ycuRXvAMp1dqwF5tlK$Kwf{$vWXE}zNF+> zwfFAY{P(iTo%OVGBiV&TE7SSFC?_(-` zs&K`dCep@AY~i`6_o(d7+9A^vy%M&F<@GinaqE#qZ#fpnv9~yOv9Gg^I`yEI?B?n_ z>_&;3j{QnOZ^cf$c#ux4Q`NcRd8TJPltOBXM^GCK=GWD21Akk^(K=vMeBt1P{KHX?8d z9#$iXF2}ua_tMX>)a>(WcSK(4@Q#e)4I%oGdZxO~ul~3-_v-Mb6NgjIz?)`Zx#-MN z_ftTdvKOq8JNuI!a53iXK2YB?mZ^I1;x*PV{D#p8m%C!4DMs(x2}G0*3Y0bt0dhUe zabo@i+uEG_<&r%y7P$l7*l(xm$kR4rW%s!)%BMx%xV71)%)&9p6UEJm@+I@Cvd zskiCU6t8;K`wR^1-M-&n(6_3z@k;Uz%Qthx)(>Pp0H zI~?rF@3$_wluhm+9W9Xxe z+8mZ85$$odULBL?Czq3x8&GvysebBF%d$4+r4Je7fz0T&Me{vTc2n&KZn{qJls%_A zRTd=AOecd4bNi(2RJR>%F-hUNJtSJlCN&@Av)sz-Eyd!D{ZbT7!;;hMXllPTZb1^@ zGG$O6UMCfsv#pVqd-SB9tESjSiUkE%a?xCW5&+Ap1SD*v7x@f8XbbD^^1V{fT03)CYiGXF zH;xGJI_&lfwbt_|@E#p*S2sf6--7SE8b~4*kcaOZXhc4R?=Qjk*Zrmu@#zqfyVZRN zsXN1J;Sp9izle>T)eTu>3v-(Z#%@$Hhb+<^W_g4k6-59%Vxx*vZ=}@$d)0{P@QNTW zYdQWQnq2Q@vDD%62;a9ql$^^Bl|f@D1NBMT*Ebd+Z@>S0T?s3r%i_<0G``I-bKcz5 z!7F7(vMYJmD7z9#sfE||?bFt>t6wO~BzG3wq~i^tB96?$c_`Y`XlsCFS!SgvdRy2T zyR)I3JN_};apxxaQ<)(@w}Vkou0Q)Q?VpJCg}W#XM+;vCY$j!;2Ln-o=P+XS_rUBb z(<&!{!{5OM*q@)zvLVt1xpwUL!{YejAv)g=qvejr;o-w(%ICfVEI)VSbs+>?0{|Ki zy-nWa41p5$WB#T|lSuF%rakwUj){|nz9mzACYXn7*{VR2nGkLLH5 zbz5(WCJocemiht8YtVY7$4<|FLDPa%$*mJcwM8xY=)>$CeP~b9hf>r53z@l`0i@9N zHsajKPu>0TDtFXha)v}Z`~LX!HS*YHB&u9Uafa6Hm8MZrswaxD>GhrI(?_5i0zH9W z-zhvh26STsCQ<&&<49g!0){-+`Timhz&Ws={&+alJ)$}>a=#qB@f!fkp!xJOSrn|RPT_#lua)myN%(z!1qawLG)dT?^1&5A)JwA+lA*k7D+$LJCCZS{%_ zRHR82rI{KOjzwhFlaCfIJ*T~*+T;$f+fOoL1@F9bRGI*)vP3m$#W=S;givwVZc_uSnQ={EFWGoy7nRPk>>zY9ZJ& zRcCJnZVKQ@_`Z}R1lbKcKvx`Rz5)v4&thEF-WpRNYFEOz+N6ytB67g(seRUpwC)OA z_V>faDwsOq1T%hkco?jn`SA}Si~P6j6?d+u0u1py_QDR~I1jihVGY1g$Yh2M>GHJ! zI(QF~W6o)5dfaUXSgArv; zfF4#XN4|FK3AZQ~-^9wx?%P=n*g1@Be7>ULK>={>d-%3H>RqX~hy9FpP5#eKH)%%d zBD*%61!>p$WwBq7(Y@b7V&TVKvK$6{f{tB!Fluw%d$fTGzt3_^F)i{1{G>YU*E}JT zf~@TsIRDII=OrX%K7e{tY0?5|(+RigVg(izP)oA_$8&icHJo`PR<~ z$;D8()s2sDENPNsf274Jol~dvXop*ll@gSP}|#2tJz* zIwVYsK$!M6KZ8%l9)U1D8y1OlV++`46ACG4>97tF*k>r_5mP|0ee$fG6H8My15>}l zWRBd8?aw^{JA*uOVw(wqLGg&~BB^NaxR0u_`i;nQNel+UYcI;}N&vs8#9&x-PUL*X z0wWLxGy$vS!6&2w@cr-Ic)4c;L*>>;l6*SPuD{(qa5&)YT>uu9G5DFnF+?ErImfQ2WAJF>}q6 zj1#OFKFjFFKWYKoF-AC%cjR*H+RxXiV#fi+gETn*#J?o^#4*e*dV-LWpDvrhKkp?E zUq?q73kGKYlMnvnv+dGEz>fsr*EL>-hgq?=V5fTmPA~rsMRZbO zle6ENDtiH{-@mmk53Hox2{1AZjOtyOE)#^rJO zm{0go75$?S4^(6E#;i1*XhYvu!P$RV4-D3>jVJJ4K$O&U1b30B)a(r~$ZnR37RFix z5x_4{fvSCy!TSuc$Re=FIyHA7Jbw*D@A0m8$Khn>;AHQ19}fKN9&st(Xk)6`GYUL2v&l}yfnnbx<@=?+ z0&lFyh0*CINhPmu0$-|7YX$oy6W&tf=P zU#|omd}-ovAj@yHv<776>@;}?z8ep^yg9+t4Dl5tY2dm4iSxzn$FIN5l-P=#hHZGy z4znbZ`V)Xw+jy-IILI0ZvrVTdPxPM4pehrOrO3hRJWwu`jik0$Ig~f>>XX8}utf`8 z*~L4_OowEn=jL7)gxO3vurcObjYZIm!AES99n3;O+m0gRgv7hd&)nSx=HM~DeulxP zqRPl7Fop&9p9w9r;fTlhzz4C2nMcG2!oZlcHya+fr~?jPFXk8W=&bO?4>>%3fynD3 zsMGg;C}%PuS#kuxvQLl~S;aq)Y%cubFCX(5 zZey1|{*)!Q$)CEYo;3`V<4VK0->`(w>3Cx{}*beU1_Alw@7XR83+-8n7ZP46gv0>*l3r0 zF9Y!T$_*}7^!P>G4 zR!@rX(>_6Y;l?by-gf&^E1 zg)lhcZ!)tF!2?!sIdR)2O?X8^1W-;o6EdNga`e}Rurd^FTGbT6K4*3FB zu*{=~5mx@392oX7LInPgzOe++@YTNvr*D=*<<_^y9?>I6MS*fiGdh7p7dcRnH(xw* zvd4jJ79Bs{hTr+j4N5qCeVG#zvmcN=sho8;k|2v5dy-g|25{=~2Y2d^ZP0A4YtZmf zRHPljNma^qF(-}4O4q6^*{#?0o?#_ZhWZ=+Oasp#4U;Ce)C@^Yx9u=DQfOq>ogEEu z_+e0%8NHNj*>Gm>QY*LjS-0s)Jxba2p8;jA8`CuYVuMex!89deKi-HWg`R3hUiB6U z&XHd-sSa@67qIw7Xzi1JxwmDl+ot@DEE9G6IqtZ{`3mH2-2QFg6oms5#~c9D*~GJh z6CoF}mUr4z_9DB09aR0ljd9oQt9o6R-TMV3ngB2Unjo)?sH~^^fH*UXar_5_VC;}4 zHJ^=)fFzr@>}Y34VZHiyyn384aO6j16f3%#M~f%@tMb#Rmt}Xxw>kd2;b2P`Z{wqF zQ6!SQU9IH!II1mGmm#%ixf3D}T;64-YxBSKzr6MFHj>&JFIwOJ#n49rQLIS{-zahG zyQ|eot_P|4Z!&s&d()@&dBY*cG;mawqIt!2QQO(GEwnm7+dPj09C^;UVG}t(U1mp zT5Hd;yw~n9pX0boZEHXKsmAoSCNu{6N){s1VHim-cI0+?PqtZC*_@I?&0}IK>c?+k zYF>?HYj_`HwnZPa4E77QI-(GO}{( z=mo|-F_RWyOrUx(I0=iF5GIcvTSE61FMe^fM6LZ0l6cF$yIJ-Tzx`t;}5` zcV}MTCek;ae&(V}fA+Cl479G(Y!7vsmM=uF6ykEll}vUzVm4nM^_UdGT+VVmU7Kt6 zTleC;pgGE$!915u=i%C~fuI2AJG8o=<3-Ooj;87k1oUCOU7~AI*4%j4Fb>tc=lXd} zxuVr@-eA6%7^Cr%$Q1O;i(Ly+RreF9rb{Sn`tJkk{~Ub}hQLI1*3~cYb59`LdhVz9 z@H2=@H`1V?1`3j(%5NxSvX%QyZs;+M(&osOwlfX6cl8+ zz?}LX2s z72_YH$Yo)wI>)`pY@!nk{SHeRRK<4NG69*U1C7d??Xw#+QwyC>$^51HJ%?T{xw$;$ z$uaMt-=6N<=4G_1VjGB$_1~wrI!IHV!0+ZDw%Y%=9N^;gIMP?ItJuZKzBWmZ2?V!e zLAS$bH{ynp%Zcx5=3`$2?5_M9 z*vTN+{af)Q3>NL1=4@06G7quVwZ+Cu2zIdmyH7kO2zHwQyKUwQ<+lUkf;ML;5bPif z^1kiV5#$dL1MK8znvs#W2(WXMRuzO-bsiQtmZjk0bcj{i2k1>gEv4fn#&C~Rm@KcS zc8PAi;C?p~68_?hs4T9O^{g~E>CF|6D`jO~WaSk!dW^kTZ_z~=ZCV$HwfXdMjgoz7 zD3QAjBSW-#!=UzN;3w1=*new^W}bn>nI)=NfC#pzm&3wH%gsy*Bx$bW)Zg?qP1hIF zm~$&2zUJ6z@tCfi3O(yyDzhuUR;tG#MVHS9rk1W7K}0lg(l5AzxTqbfp_v33KdI!t z0GEsbBk}m?2p^D|jV=Uyw@59KMcE8V?}?=>3AnEn=)Js$*>9}rqE!82)!_sUB4DOw z`AhP{r-=aA7BMXpZPEpKuREE$0AzQ|5tvf3zP<-^1XsT;Z*f$-u_Hk!1@^}+yhW7m zvz))g<+Zik#eY(-SgLSBJ#AuOyZ?=8*{?7?W|$apH@&&7=qJ8b|xG>Mgn3Kksm_QJvrc> zAIv3r&^_UDEt*=$q|gNu`;Uhmz{M}jV*-&B2o*$CZ+%;$zhEPN2kZDicKwIQ9w}|G z7VgKM$dyiNF}f(9&q5-;&{31bR6|X>zw84zy~&*-rdrc81+)9DM}Clk6`p)=FY=gT zBzB`mrXSX>^?XVOjfzhovTN_Ob(4QT^#4+^D_jS~9@4ptxJCxJCiqogRaTSFpv~ zJz&$p#1QdAwoZqU05t~p{d3B_&jRJv^uMxEBqIaf)bY9T3_@!>_(dGEDAdf0(vPnX?41VQJ+*!))3>=b$$fzr$eRt!jv?%Pe&ri0q?!>JvJYoidCUrr_1 zr0@CqeFGEhl(*37(+K-LCGju}_>q{0IifzRIeo>@X7#vIOU z=cb0vd;`v$9C_~}-bYH44UpQB5PqC2D-0L-E} z2AK%VlV+mu<6n0TL6es(pKMf^(7`}(K$bJVqqp4;&*Lhgv!GDO1qosR4n1`s3&rCu zlvsQXSiDLh^>5rd4v2%Gbm^(3U?FTm}!Pv9p_;ct*OZiKsYK)t>~n)Rp-6sZq)Lw72T75 zH%V{~h4Ye7MT`0_3u>fTNJE5yqu)0q(j=!G@v9Js7P=2!hz60TpYTu;l^>h{(Gq%1 z3*|T>LA3nw@BGZZ zx94>F#>Vk01{N&y>}4NMAmK+rf-4sgZJ+{#1?IT(tBmyM#UVK80>1e)ClS6a0N-|Q zk-Ld%s7<+(g2G&d0MXtpTgd8?eCA~}>YQ=kLYMmp?t7-i*7cN~ zONT~2%bl$iAF$2&?{{VM-tWj4VJx=PXVTV0u~Jz4-ELpWG%({dLn>)EMY5O4M%e;y z5v8nAB@)DCW-E(jhAWFbol%T;ZTF6&ZEjppLd1cu_xb+cf}HT*Yd;Sbnjy&N!VL;N zY7n(w0U&VLcOfEWC$Rd+?)UI2Ttw|8tLzD4GY9dl`+4};=(%?w`hR}oMtMqJ5XdhX zZaKko$4)?K)hr?d$+=+n?%mL8GiSeT%4sb!F4lAyyxK#Ip^@uhwr;*gs+M|g7f9() zXlXgwnKjUxqU{8(9t)_q4l_I(*-6DvmI^&q<>X&DxXvG<6^7EYx>-8Qqo5NGV=KN> z&zYe(sV9(BS*5H~Iw}o>dqIrl z+(~6}ENne9Y6nX<7sbk2on|Rkx~-M$SIb$Lml^1vMZIhs_#3 zDcaeddnly@$SEm(e59xJ^??8=p{+)bc48q*&y_rJ))7weo=2Gz?yQ*8cY+H8GFR{G z^Us1cNc#>03g(HqkuVJculyoI>`8e39H^S37J>6{RH_7Uj($JP359ll5%L;^k=yFz zCgSiFn{#0Az5nTtiZq@9AS+^CB0iP}P{`9yzXCdrzlbqcBfLk4N~Ey))KEFq_zojj znz;(Asr-AX#%>FYz2wy{bAE$QV37W^=c0LOaO!mzBUkveC5Ldz`rO7 z!d-Uj*y^@B&${@%5Zz4I95_<1(^z%$G#gZ;&Uw^T$gaSc z=-!x7h@{H?h>|W?iKX3^0^;xOA01qH>|7N9@{Iwi+n<1oXQF*8AJqkRF@2Urbr!4d z?q;Xh3c!tZ5h@J^T3UWC=d0EcI%kE3i! zHNfGs)MNvPkp6{;V9@mvH6*QX02!Q&R7R1imhyO&4zmXUaZEi?ez*# zy3vh5pzMVatjb)4;02%SVL6!ZbNF#|rL1h#&3OYV-nMTbacOP1GI`#JJ{%%Hl&+?a&V7k$g1g-e+lF;6%s3X%F6g zIPf{-us^ErLrG>ecsTLl)x)v;50=j>j#ym!qZU9Np$#nRuf1$bNQWze({7}vhRoA; zxaSm;3W}W!9u(LVPj!v=M%kj(E$kviN&}Ne^<$|5YZI>8Gq)zQnFf+}vL(7Rw(GP4 z7RHEtJZYp2AG|u{bT?(=Mg$l)AwIGic|N#Wx8K3g(2U*qS54$~NfiHDeP{IlCjRyG z=psArtoQ^8fHgIV4~hVouVA?jPWYH00rw09+y~VOq{(pPotqnHOCLgi&7!=Za&k0`9IRw^G5aH6DKx+~TE=*U?RX5ZIY@P#4c_MSC$=Y#8zyGOxuu3{XZdzOuyPXPRpE zy@Rv;kE6A=j}|Y|!XolHO6G39b^rHz@}HF|6s;KjrD$c9xoghizb$f?1cx#k=Lk+5 z!scI(P6!LUvmt3U9%lJN+vJ}kW4mPHG|Cix11<-xJX zC+4Z3EETdD(6;fEbhRA+smRqlgaJ_9=Nd^2k(?3)9=}ok0?F))AhVD8DI=HeAUGAj zAHH}MQ+KRY;1?1IQ2F&!kv%u(zw}RIH1XwB!k4n4E_8{^UN@<)eLwnj&08(?ZCZ`UaUl<@g9^{Q75lI}U!)E4_k`JRT{JmW_mB;>@uivm&MAX- zvKw;qO48_K1SHIUu8DB!FE4xGyQ96@!_Fd}V%rUx1fSp@aG&t{`v29gt2>bMKCC zYny=2`N8;fu$Dx)yz3F&=O}+;X~A~jTbHY5;tzHf5&o0n6X}-C0|CcvOHjEchE)L| zbhl59DZm}SVQ%p(#9M6CZVi2`)&G?!Qq&Z%+r%MpVgNF;kP>|2zPal-!ryRsDKhlG z|3zYKX}LArYx2(l!`8grgKzF0oT>_%LWVmvN0A9DO<)zvtdRr}`zVN@E>BG(z5R+P z+q{eU`p#{a-0hD``aMi`E9w*a0b<9W^J-C1@3cM=Fk0Sr=@|kS0H_0MZ--ly;_h89 z#T)yLb#4e8RXzT{D3fSz(zc*Zt!zm|KL9FaxL1D^nHr+~T8+GGN6 z9|MIlb~!E*Ih`%wUz;$doOQ=Y!Mz5@y)MJO0^gJx@?2lJEMqu6*!=&s_vL|9uG{~c zh?9zB%6w9EQielj_HLpH4T>_BPGk(*Jhe}QBvcZWDNZCI^OT`us>I$>AybBIk}31F z{noSTd(ZdY?mh3mzkk2yuTJgfeb=+*XRXhA-UEiH^85X4<;u+rbDH&%dqJGM&|v-Y z{W)Ndm|r>w6&knJL6n`m1MAo!G7c0YB7kB@?b2LZJrTtKczs+|zZFq@A1FRm9gV_8 z!}@%i_xGQjZs={_xSXcyJMMHx)$QLPsc~37yLLfsOmYe8^ZgVYwhr7Y{dfS3f&P`D z+F%qs{4pfX1_S4Jz$S^19TOil)S;Zw1}MvkIe}Ed5QMe-W2pDl{iWWQ*tpY?FD53o z2#M!7xZC%2>dL^bMCe{6QmGE;nP3XUoUuA|f^~-Q9pT~v!FF`j^umSb#Ya%J^5{B% z`iJW!BY8N%{_|%a-k)XxCzLL=6&cV-??z5~1M)`&k{=BRM#G_A&(s!W&E^p4)AHK4 znbg&qB1S?+);GKU(>(ln3()wwpaA(EZ0-aKmmAP;5rzL7V;9qeC|rWzm2Exj6G8y1pWRxemDaLw~t?qqy?Qdgtv-%)hXEm>zt1&<3S6YM_#d4btJrol8O{ zbxipkcLF%-CF~Vf^l z$9yLtBSLt;m!b65GW7F7t4oSqmyqV-`0r?k^*4oPCf)@?R|pu|7>lE#^3Md&d&1FX zFH&MSrxPF6)TxLtt%yrXpqjzoDWX2gnw>3I;SKjdCEf^rQ32wtVM17u#a;-0aTapF zUu_?EBdz!ujDsuN9vDVB0>QDqN*%#05+VOjTnXlXUdzYR65gJ=j4|FEuG^sMuL@pzu4%Ej{R&;^9y zL?ffaH}&>hBqXuS`{f@SbTdM%la!-Tldg9tiHhHKN?Kh$s)<=uT#lS#XHb9}k4^b3P>dTxL@;rz2n8 zWW5`^{ATLE7En@wt0&BYkOwt}B*5NQ1ldsz*wHD^?RsFCbufBahiAqi2XG)R zXr{hWA;L?gl`hDlpWr$$7I@*m@m~L2(FO&-nR}5b=KPfY1TrAVcCt4+cH99y&`UP9 zfdg@wD07M2z%9B<_zULvf2QSsFxL&R-MVGiZjUtO(R|0%KUjq9S+wluQ`Z6;|niTebc|F4$L8ZdI-aGR`lxdk9D@EO8ivX zW`Z~?c!Xbw`-723F#k0BK|8H` zC=Dw;Y&;)2HeXPF7=8f^*JACd)(SKMAI!vj37(?2>nfamcMqaFLq-FJmF+$X zFV9=`w(LQk14nud?EdWzjQk>Z(4&*|aqt=9%^^rYw9o$xydmx)I1uA&*Y1xy2I-jE zdxrp24jEvMNHuCpd4YqA;UCh=CSYN=Z6eMX^MEGr^)W`8d;kGYXT~UtQ=_lYS;2Gv0?|y$Du>`VztMA#rg|pxCFqg@>d)7n0 zv~PP3B`-70t9YFTzAL~SaW7Jr?Am<4S}!ODB+-ij`LG$2g~Mx*?!fsjnRp-?9(!#! z!J*=Nv7#|&X$S)#ReX_A>Pg#7pAQR}(DQeeUF_e=EeUb{5L@Q*oKY=4o9r|Q9q4BH6|+havII-}hM`VWre zB3{QcJ1_M-NCD6o?(L-8oFr?{Kefa6D}c%?ciZs;e-$M^>8k$g+>$kjRZ-hs0)BB8 z!3n-zASW0p;(k#1SGnqnu))ObH)q98=@-+^D^p+rh~(MQdf4WvDTb7iC1yHWprA9TSt z0fI_46{2c({Vi&wLTvZdlfJ5C^$Xb9-+yeU287yH@& zP}$S`;7U@1(-Z_=m}~StSN*cJvpsfy4BkEefw&&z!A#7)kS~-(n$X>)H!?4}yZmw5 z;y;B1m~ec9~}6R^HBQ-+BgPi)p_HuWlKJ#Z}h8;hgD4IqhrWRag#LJba{ec_9E2$ z*Hf=%`5@y3+!k0^jIZlf;J`b;ZGGX(h2asFZ`_evmCw*;nEw8vO~tLYQy9!w*LMJQ{hrn>We~91m}&C3(YKRiMHRVdsm=W1AX|0Njlb z2XVaqMwTh)#!Z;#d6}9}hj3o!V5jto$3=nzc;mbfHG~|85l4mZ^N>3&p6sOTZG+nz zPDz(~BwQFh@-DYi89)49u`up^;i(lF2KplLIAS>MZWz?gkmRo+mpw(TgIow z(qtziHAV{B!djx?75`xsi|B#4X|qhyWDHVQuE)j}`?4UMjj$A_=1po~&_qxYv|EHT*zHIkyy;+oFc9Ro!N z`dj}Kb>Jz@;si2J`oI9Ku=ZM2i!N$Ce;NUiy6-?-ciGpu6qIXhO;tiYR4uYc7j~SSDd5HbS z;v=R?Sswp;!NAi*DL{IS&$rTT`#*2>FK>yHC7rQ$8I|`GAm00#auq*SIY=+}{N*SA zks?wtJI|$^u_8RJFLrp8J%%Rg}eE`Z!iGK`&qxc(I|N2}DPEs%o)tuoPzpDG7y!|Rc zUzE>uoBUD;>V(<|1J6P~UdI7|MJJa#^npjLTew+DkZ18iWy?!?I{-Bg!-)Hc^3$H+ z80Sw%p&l33C(+e95NL>AiuTx7-YhBGy@nK{F<+qa`Im$IN&ZGs46z@63=Q_x7l-yG zh|m!pSj8vqKpH(wUM>ZASDNLXnb=dmoW|yJK2&3D@4%=?=q!9JXTZQgAH=yy%j5lP zQJoFNhBWi662p6)COMnokN7u!0FiRNnLgU7POcY2S zO{lqOe36kyf$tLpVWcs=zs(r!uUEmzXTl*bWT|}qT865{umG(0!|v~XvOmZW$rf9` ziy&tD9cbVs6ptC;9&DKfx*2-U&L3ciSuYL$r)jWadDq`GpN26MB9I1If-_cdNK0U7 zVTJ7B)jsVPsCNT*c`ufncNy-`fnoC*mjEd(W#^YnMGM~ZNyixW#)Z=0jNQG5dl-`a zI(D8F^eX`kH!quCNt!Df;=pRjOXA8#FE66GL6w66@o~u*XB5g_fdlu@fEqtTJVfps zIu(Ga=vcw~SKt1(?lgc6b+a_ zN(3M0aH`es-@W0-HaEHPnNveA!t=EAE*bYaGsd0(Tf7+uTmDH&_Z34cJ&~Tf4qt>F zM@{XdLuVOUzX4@4PA($oHX6(e#r;TgZmnV;p3WUND(XyoMl+nc30`l z*+j|U>7JXN&pvgsUA-c~7Elj&(Vwf0TDSPn07``nya@gHzc`riu_!qf%bNH%%)&jz z%}qkIR~XyqGk!sx^NyqVuDW14pUR zRLxQLQrD*EBbTeSwh9+qFiW0mqn9o)^B$2r0YWofDt0okg+uI5XJ-mWF2$y;DSd8R zlWou|;zO7&PT;=^U`wU%*agN2fx@S0Xv%TMoSMeII04%HpcrkVT}w#vF4(+R* zs#&jFhY-YrfxW?xAMb=LQSk6~#?Dw4nPofh#XA7_wRlqcH2}Z%0Pw5awynI2(f5l} zN`V;*#s#QmgMD#X8S~U&KHjJQwOBxo(2(GC`%VWV73T{c{SBgG;6mhI+Cz1oF|&oM z7ErRjG-<+s&95Q}IW!BDIKS5ye4)}m-SJbX@A$m-WG4OgVuqvvm$%`pmo9I^wvOUS zGA(j*ZO0LOnGMb6VmsOJ#W^KwBva?Tb;LwtCNE0}HrGhD@xf^F7p030P^DX?q{PAaGC+Jw?o{Wyo`-G^u0!NHMvk+Mu)rct1fm?0Y&dP99vlp1Mg~`T{kB< zOupsV{`tYaWuRlrWrY9f9H)vj0Q$85Y8gyH?2;e%gh7>J|B%Hkdia?RF&jCe@|`FK zRrMYC9dC5o8Aj#-Q1!II_Ae9K zQ8r5IZ>tW2I(o>E4k-!E_{ezGTpRSYO=S2F-rcr; z1=?4KKIbl}sdc~m$=LfdlzsOZFfsM%X`VzE&to$(k__Lz-^r;dyxw|$lJ}2$HnvM- z*f)}zRJ~M0JKVPZ=bGx}Lg9cYV!SkXKO=xU%cCBum@%ol@)idfv~f@_T0> zpeh4)cSS}VS4`1=Nn>CQb@RS74%bAiSNwq=#=DfP&T~1W@x)@f%H|;^iA0FN(L3tJa>g?MZ1Vh8F9t0^4c7pr2{`=TZK*apA zuhV0+g*nSbnuJqBG-ox;Wl^Fvux{I?AcTV$-+!yoHWo_ z)D^h~d)BFTFpk&XK~XTnf05=vY>CP5{J_>#FTxgoc&pCC!$VI=x~Mg&#B04bu5ryo zwXN(&u7MBRg5IYX>SP%4kQ^Ema_INTVRp1sS#jLLe5wxv!QKeRoYhUXw6q*856G*` zbMTZ4#z#mO->Uu0UnXNuznS?IbCv`J?>ahbgwHf#`PjXLM!@KAD7?(f6jP@+R{`3G zk=@ZhQ?BEcAJp#aBEw}`!2=G3${<+5D@RpVU2(QrZG+||h>?V>BcaK!Mpe9PGd;Rf zl&VHXzNvKIP>46$rmYnlYNsT0?~r8ibBt6j(?-005l2jl`a>1-G6FyQCZ@g<^D||n z6;2DaQ^;BZ@$N60g>KdAn-~HnxrL9;N20Xg&aGzylk?y6dgqbzeV7zJ9Py zEaZ5~iAwnT_FHzMOhnKj$uKhp3q5K(3An=bdi8Ll8pgyiuAKGMDD_;{2AvS$!0l6x z!KKBWF)BpjM(~PjW7|F8L4Dguz^+E)>&oW2@=9sO8{nG+N4AE?AKtP@=>ack=xMhS z0@PrBV+t#n@$B>(z&~JI_HnoPPXwt^ddMgC9X6SpQ12dMbKjejm#(?;*+KN~$aU6A zU*vbFic+HsG}>pwgc@)}b8~Z^pvsrjF@<&3XED=9r|P3AFtSabLc<)K2mu_MMyWkE zih@o(FK8c?cOsL3xrg8qH8UX5rwl;2%!{ozeQ_cI2N*R8ja!0V#byQ_@FZaB7o zv$#VKgX-QM4RF+nJIHcB*z1sPNcC_0X@NDe%{N!ZrM$NR3%`fUW+z5ytggZy;UIp+ zL8M_5eR2!)-Uw1lma_qJo(wB;%yesnL$Hq9P^gWgxzr6SgiYm|USwY1ZJFWr`K?Fe z067rE-8VcOdNi45#z!l&*^ZsyZGicGNWLGB120YW>q@Zm68sQTpLW7JogJg|DDA+ucQjpV+xb%H`p@=ul&sbsqC7N;7kkUi9^z1I!e4x3AY6+nxP= zsJS}vA6t~uFHv2ZjWQprxr7ELhsmqDI-3ojM|fhcYsk(GWAHo?rumXec1>KGnwk(M z-{OdpVf$reF~6M7#X(6pn>k3GE5*FgI1ZLmOnqL(F)QQJOK5fZQ=O(`q8H876$MHc z9!_cO_4wMf=WDyWO38Swy5&IKf@z#1DyBsFkv8Fqodz>K25di&S>kFwJNJxvGW9k1 z3lA~WO_9?9FYiLXmI145EQVNakZ2Xp zkIWQ*mo|H+1>LDP`wU-KPDhC4Z}jVmx;5Q~UvNex3;w9z*MVJMm_=;R-z-*o;WMlJ zufK9HEG!&JHh}!*ki#&wjlOB%dsKqJIe#QKfSm#YQ8u>uM6yi!#1tuYOy zy{tO1-CPhq_u=4~wvo)p$fyu+v5&mw(^Z`DW{z)CE>$8H6|w@0l!Qk0{b&DF#A(XO zalN-Wj+-TlU7o{S1w#yZlY9|39_4(Bf&3+s11zM?T5;n~gyFU#<+Ry%$`a;VN}e+H zolWCh2+OPJb!n_%!++yH;;7hgL^*l~Pw8llW1vK}WY?U#reNi+`L(BqzGDHjWc)uj z_jjbt_HCIY#n1+X()@3|UAndn>=VPjUs9YF6N>a(Jo6DArq>vb5{-#TU6+OnR8BlKx`mR6 zC%AE+a$|Ju7UmsVm_Z&!T^h*282HM9))_r!>T@qS?K0mQ9#M5XcD~5t>|9Bc&(Oa4 z0dr4dpI#2->fk)B={ra8BMlLi#(rPsr$?%3YHNknl-6G?8LHauR6CJJ_Hla^Z!`bO zaiM#DZz^)_hc6EOxq2RwuKHzjX8x|Ly^G z*q_l&WbJtWslDgtPvX3GiiYVjWJ1pg;9&UKd%H37>LQeiw!OoR%a+U~bp@xZ%KD8x zSriJWs_GU=?+_mLoqIG|AL=ikJFGR$6ImmpC9O3b+Ro+wt+Yhc9sg{sdSzUgtncg- z^WY+})(x@Kt!w%PQ(YZPt&HCZ1t&fAuJ^QkJ3*UIcZ^!RbO8fUeW7w;x#OQoR&ZrOs3Lpr?s2`MOfHy9io*iC6S?n}_uAubvq^Q{ZOLOha>R8_a z>26cU=UcSCu{Boo(IoWm(ZczoHY|SO@8I#DH0%f&?kJvMWsNf)@T2CkSvr5|34J`& zw6Leujcn=ihdtbL#QuDqIco()`oz;~P$9U28?W(~al@ExE$Q^gTd19x-;Z@jBdRKSsjJDcDin8N1^SLtK{?f21tJ3zFtF@yphGv3`Gok6h z)lFURBm0gPjiwIc6@Z^?1fOqy z7+2`OUw?imphIkKt*Gvbx2R~-M^76CutygE&qRV_3 zVt@#0m5>5#HevQql%eI6DaQyIktQ=Y8|6=qpWJT^lbNS zjt_e?lgNG`tA(OGt=~9@J<5AMhQlKghdV}!=i-fCR_mAccd589Jei)hDp}{=242^P z+m%)xI=>4pt+<=tJKGYQS(TJN`#yi}Mf7MOxlL}2rfycM+CDdVushdVG{~`azFb8~ zYeTs-+uP##${osk6Y8T3IZ*cYiMR^REQhlAO2OHVZ-(-o4kWH;9GRu=+L*Rr&JLeRfA)D<^;JjYML zJBnDd-&<1Fpf{Htq*q+llwTU{ zHB1j$Bc!y)(b3UhD=$-Dgq|%cW&;BKBSjn`;AVfTaEH%}VIvN7`5x={bC}~aZN=!6 zyB+Vv$uf{p+-^u>$EB50Lk#UtiC9Iuo)Ek!6H&8NR@0UY>!-X5W~gFCc?CzVXrID! zXl4_eTeRN_vI~>`i4YnRQYA8_#TUCcYkDMYTw5u^u_4)xUipgI4~@I)AIA-z&%C#) zWEC>3y1&CVJ}Jpc5*J+&%NnPNvIy+vIfz_WNYXhn=2fUBO)p_ohlm8tiGCFI_Z*z+ zI-9!g(E-N*eMb!t1~G!beX%aarlKgliN`8rTM&F|IFYFj3M~aDGQoHbf_tOF=~LLH z26L|L(5QR8|2}q2L>-Xk8=G*NT3VvWk(8GD=-9Qm$~`Ie6;Vod0v=J?P&G*Yd8Tap zN0e}$M7 z{TSU9gl!oi0QGX9HoY=#>TC1*Pz@!)*oC5&1kbJU2K|FKe+h=h7iowOdO91w?8x5NM+tjJLd_6$Bn%Vk zuXR_4R`>N;`_P1pyIxdJYC})Lg-sb51gD8yb(7luJcO2O@Sg-hS3cZ znTV>`Fh)Dc>Z{lZdELp)=nFyEHrB@tIY{A<)Z`>O*aO=Fd+bzp3(srQc#A{G zh!P2@O1wG!$sXO0gb*Gg!*5}>Z*VZ!S#<_q!qsf2#Ay328v-%0C??7mbDBw#;o8Sc zsXeD47_2R47f9&0BXko+8wLY~6n`jfObKq4!MMy?9ZD?G zCc)YgHaVwmKxC3=nW`{!D8yHV=3yHb&Gug8th#hKgn4lsYi|K_9P4m8#=Lh>rWk(6q?trzGq!nyk10B99Lw?qVOU{79Z>Xi#LTTv8{m|z33s|DQ#tL8?v%n1ZQ)1S#br- zN;a7})qN2-*~Xt@m>y!2BM5Dx>y>BTgy5}yy;sL9$52UyV2Gel6Qe@dLvwa4L7Ev# zukmK-)uY|j-GNdu*X)ZpD^iW!swC7WbsidoKwHbNycyjLptcWr2f<*kr^an!56CCi zmDkLjxo|;lc6K&~+rMsEC)E2!f*C-L!Qc#pU2pmqXtCKTDR;ex7t3tVtFZGdUeuvt zr-9bq?2;2WT?kvDiQ>omv-WB}-ykFSyyY0uA>f6Kqnohk6umfxc zEIDA>r6@Lc0dput@@M!oWqpujb)6ulM%=PiR71d6^rMhFUPCaTT5r!1bMGpAMAv?N z)J4o)gO@cm2_E|pz0NBAB=@CDm-@pmgUw|Ep(0Nf7)lPGTZ3od*QEww(^+H=Wi{JJ z#_5i16LYkQx;AGeXWmdyK%U68-sEGuD6&(h3jlX0vVA%DX5KsWRIEQVOK0VoiA+G> zcEm!`HR1w+ZP!CCXvaDin4JCf-Z-NHBN?5!yfS;S#~IU&a_UHnHwF^K@O~Oq)zuAL zM)5g*BNml$GUgHH&LK?Zg zIpf@M^VMta#HXjr-jy+(mFT1bkoanBRjWu0z{|Nw zF(SWfIrr>Cfo83S(?+);b?zcg;hD%x4vdmBKc+$~Xdd(OvJrB~6J(d{(e zL=; zptowScR?%5aim0AMkRI1C995SUrbwbXK&9`59}xdKA)!e%_Q}N)fqCG$JfCZKT~Qj zU7!%V{upEBt0E|0Nzv~X#ul^t_K{BHd%Cf!&1n9lNnX1v?@!7r@BLhAGjAXfI7IML z3K1acXl)%+GeB*z`QWKaz!{8r#eV40{CtL;5X<)^r1;g>!!8*{hp30zr6Xz}Uw8fN zToCEId01*uPfJ~WzIE2G`u7bCv^bG-&4T)ew+6O7prZijorf3uZ2!)_P4lgVw@Wvd zl4*K6-2y||>^_}|bC%jHGB zcEwi4eY{rbA&qAFLx@y0!#Lgx4!SDpeNpqYLyIvB(MkTLE{_f|bTbIyQ!}W#=Fiw8 z9HH?i4b7Ep%+pT8?jkoyR0E5FA*rr|%6OF|TUvglU+*^;%W}%6^92zPh@oYnLFz$T z?qmgvqZkuEx`mSXr2wMb)#}3lkiAcw)Z9s3D_FCIV~>S%p{RM`46VuaQ{VF;YmesJ z)AwqW_ddE4+la2Dhge5D#DF=_RmqAE%GhTyI*{cwEYgZ3rlBaSzN=*pB{R! z?xbe=)HC$u3G8Z2Pn!I}=~5j(hcUL!>`qxmVE=UQU}%-4_uA6O!}!LC59wb*mCe0Q zY)iWvGmt?07uRo}CL)Eyv4!p5v(o@={Xf#0v>&R^iaU!KOS9cM>{?t@9Hw7<5D<#J zf9zUGyYut@+iRS9pU_lI8_zJdM_}ZC(>jEgc(gN5*|iBNcVtOOCfbtc)X9@CY?8Sm z%=49GTAw-VeaJ$Wg)%0nH_?!{v@U(`4*SwFmsPEEO(ppgv}#K`pD(KTIXkhwf$h~P z%E1--Pt8Yfe;ECZQA)TX#Xx6foN~4@vPwX0-yXdvzfDpXw!|)YBU9CH6&NLMM zcH|e{m_~OWhDJ!}%4{YI_y8v-TAqV?;5)&SiQ?lTi9{NFU2IW{^Tg zL`Q#D+#0AL~=&S z5}G7ANzTxuCN%KXM(51A_nx_@`#jJ6e#}fio7#I;sw2mbz+f;c z)vH%-z+g#X^~$B2Zbozcu3m<&-Wz-Q z3oT!48ay-IPGu>^mg0P$^1g(QbTWQrQ&xd%K*5-?FW-KM^B5@^ zISn`57e?}b_5*o<@A?UtcZI;f^Z&!Q{F?vEBjoTt^8XJ@65xh;`(7GA{hzOh8)i%W zf2<%Nx?`VxVXGvETx9;wQ1BabTseZ9SH3H7amgM;S`)L((wd(yrC^eKpU%RpB*d{-c$-n?kHwD`Q3 zA#r*uy#t38No1B4(i192q!IV^W73g65!X_hyPcM|Cz@hpDly}@SJsrzE{{1D8gbtb zfHaf>U*>p&nQWIR@{13nan{h#IQ~=)%wE5WbaN6b_(q&kNmO;Loa zjue^kb8-yFyU^d+$rK}Qd(Fq*);2hpO+V4ZQ0J3vKLcCL-6RJcC$an-6({`@($WE0 zr8j2|-blUb3q$H1xq1IWXv2e~3~4TxT;0}kW80&1#`KDZRzqkHY}ZsEb3>aRCi(2` zTEe6^qwu9pG}49HG&vl~#Gs-@{~#IKbM||T#GhvIZ&x?n_15cRcq&9>zUA|327h97y{=>oqFLSK*XFjx&yoHdOvHUc=7v8nn4h! zGJewC%l$}*-fw!tlQmhlxOJ5pAk|nH!{|KF?Lo9riO$Cxg zb_rZRos)t)ol}m_PP@PyrcC{!p5Cvv1AD-1Y4~d>W>QA6Wt_#C4ylP+#&pTjNDzwa zU-ECEA|pc=e?7^1l3;yse|ALzGnCiY*XN;7$j`~C`Xtpb(z8h=;)9J|BG$cjTmtyGcz**qb#9#FNA7ibRSKhT1uUsu8O>| zMj(X8V}HQkwnX@$&s~U;eAu=mxn9>QVmDSHMkaT!!dHwmuIZsG`6aHWCIzR6n{(wg zIBe_l-D6Kq5bg+!(ks^I``Tg7S+~_kF|(cNfwc+xbXv0IVx4yV>^(L@X;w2v^R|Zj z}8Et_8Q!EkjRLlATSJ)+#ns_a8grK6T5h^y5tlU zc4?Gy+gOMGEk>cTMfH+o1|_wq@fUDjvl?Hj4XR*sCB)mB$!39F#D*XPfX+71y% z8b^RMjj|f~R0$`I2)NX)fdG?PQ}jg#T!x zB=h(-g>+bV2s8aw@K(gC<2~?~49JC4YpZSo;7!^OZ z?O$)1dn08Xy5S^z+f#=Zj^3tZIAW`9VIRn<5{z=vV&URZ4toCe$>H*oqyszVR)>hv zE}0P%jc?vQunEH;((c5|s)VrYl$2AqGL1OO-K`M)TNNuKm;uwZqmZ!)Q|9E0t7LW4 zPA14oX~xR)DWlj~ceZg_JS{yo;%CpEZEL?o*sFev3(ZeX4#z#!6+29*A#=A>9{i4- zyzzk{I5=3udi{@$^5TSGs+hZpX{j0hn88(mww7$NSLDv#hPnpMTd&_-Fu4-MDJPwl zmUc1$qrw+Pi(I(VU@K09D3L~jzyW=X92z6o0l{%JS4mq`@r55goDsL_rs*2O-jrP# zS$?1Xagme${55E~Qw*mWWfIeKrBL#ww@a`=XDnewWo7bb&z<9mY;aLVhtd)S#;FAm zMGkl$3{D`J7FQo3d3R%Dt4&3Yv$2its>BD*F2*w!dOa9h`61`Eo~i9M(a^Jen9Cj`F{;!wCNz~w^oNAo#?b%16j=Y^F1 zx+bA3!;np(aP7sLayN~R&L6lxdSak}#v=o+=A;wEb@9BAjPJ`<+Vh^cE}_sVbjM$lg{{jGI| z-o%zcrpQC@)Atd-td-%kut;nnX4ABPtu9d8P=`6nCc|87a1P=lHL`2fC<|*_RC@>qvw584 z87g>JXQ%Rm2M^3)cgcz(Z4R{)?(RTB0tfTtEO?)Kh46X)0SB2+__fxyHo9|q89`hF zVxkj*hV($=awZ-V`+mEe(ZbR$0LyczYJ8HD6;e6!z+q*ea*+Dg-M?@GX8Vz-5Xe~% zOmm^gu||XNX%@ige1(_-Tf4hiD49Mzw>NS%X5eAo^m3t2D4Yg-h<2rbT#!()+@Sl< zAjz5cSU{SoseDv$^XxkyOUvbGj3C%vfo75*|J~sjeUxA*Pf3xc+yDy9G%A(m^n7^9 zz;&BGG&4F;;qgSfMQi!A1uk{!HIp=IzOAPUma%<-RIF^IXARmbC*cU-{=7&!4s%vfQ915gwvhL3q_D8TI1;wH(fVYRO9AoY+@YZYOKVwtN6E(8 z4o2C!FRvMQ5bavtJcRGxPE0Lw3}O43WzJk9;p2$0%Zw6tzv(rjXpiby(W{Cq+nMzq zx;e0P4G>X*g5y8gLLP_?WWNKn!LJYQ(pisasZa=VIbO`N(m^E|gJAhe0@8wCv zF+?W#7j~tee#Rr_>UA$;Fc)V+9 z_sY?^A^x&uiA7Y*B0_pX*pQw%PDBut_hM^I7vrS(Ib(8{7!$apa^y2gHmW2|8(UUc zSC}$U#)G?8Z0zj3t8+nRgpD~)N=})Yi-k?XHrU+QfT_F)7d3S{LOOF^+K+9)>&wa- zrDg(C{iM(O$EYkvjZvdWQ&*CyGVip}kPIn>jPf1q`^NE+FDoH|B0Ps`n9JOqj#p_6 zdU|z!bDOF!jKjSDkP(z`;O4c3FOvTO9-x!MEZv6d>&>t3@^Na#P zV|#CBn>fAe`}}ohG%x{Sj^9Wfsu~DsTsR81x3NNf|85|=JD1q~C09_>qmnlCY5X2; z>+mSD7QxICFYfM)@7WeY)ieoWr`lJNE+hnIYeq*8Do~uwyxZ5Y`RSaHq-i-yDY6HINYprDBD^81Z!T&YNe z_@|I4jKK33qkh%(wVLX-Wvlc0GVdZk;r>XmZmV$mVjqU%a>J)s+-_%yG=5}Y;DS}f zPKmCxTfe$^E%7Hvfv?Qml+P&Is45uwHfmNMu!dcYJ=I!nZyW1?A9GGOdXsMe^WYM1 ze|r?J#UjcJ3Jh;od|bKwy4+QlQx=ODut`QJ+Q`2i!2u5bHswmynfVp7a{DKPrY5etRh0C%{7;F-69b6EzfQ5LAx19 zV?|7>p1=R_LG{4z^2M=rntsBwXDAr1AYrEQl^;&F1KTQude)L#$PAJxh)2!K5!N6* zr2YtVrnA}ks8A#T*;~R^mvy_vBS*ldau2J}w~I}5a_ncPk~jN8%1$X$vC(jC`Y+b5 z&(kU%S`YTw{%Aci;Tex&D<*qAFiuz?LBc|yLxhO#5T)qvuI<) zXYZ`HAO(xhIwmvVo$+nDp^bVu%SK5lP5Jfb8+FCP>Ic4$KVNPpnc}^%L(Nru;i2$t z+Mx~Xz_i!;c(*=Gy0F$YqgWw$BqC%vyZ8_~Y-80J|8xDIF4>>G0H-WpO1PKG)(U%1 z;2u90)YF?7jY;q^E;(O*q6{Br{I2ViMi2N~H1LE@=G{^W4K>WW%N$vcD*^K1}sKP#7^2Ct`l-32ar~CKae_%;#sD zQ%Ep>ygq|@?DCYO=P7 z>D9f0$yTZ9p#xiMs*AX=7_Jwpz<#9oxuSNni+o$t(l*58KPi1<1EH0gN4G(c#dWK}6Hoe0FywKqbNLG|1FPj#Xa0T*aIqB`3dAZEZI1*M#+qj5}^Gy-kIU5;kQ1*mZIK z(fp(WHg8HtpTh@>QRp!_s@lDgcQ_%ie7ilrCeM}w`^4kW_V0blYlxJ`0iCB%He5wW~N5WQ1ily6j^|N!MGiq9@qu=(Hj3uht{MKX| z*Yx*Rcg4=*!xsn2GLuW!ivYgmb9J#_KVkqJ^-{1)m)2ac5kPeIJFD?x-w@|l)uinME4WX@T~S7a*{XI>)R^Uvayg|mJ7r+22PtFrsc1V42z;TnL+J8*mywV z+>vJ}Nym}8H_|3opxiIC;bEJbYvoLhVMevCz3iC@2mYNp3#ZQxzh0FD!qF9qdser2jkdXbRu;s(yazJ5)Qr_e zN`^N2x7$uHQQLbJtdu2eEZB{0b@RzY=(NixI2P$n|e`biT2zY)5g9n-!v-9FXAL^*)9q@`54k? z+$0FIz4RE42xl69@n3Xzek^b&OP&hOC1LA@pNmkD;d(S)&7a&l0X9=}YGKaHNV8Ow z>Z0~wO#R|J4h5-Kd;WkwAInVfawEXNn%wf}%>e6H=U2ak&$hpG>f+fvc9nD-qDSq1 zGtduVu&m$>lE0c|U19$g<5>e?xykO;?S)ozBUJz5tO3q@9N{_+`0C=ti`sYYu>RT@ zS)a_4S0p?{0HMXO3nPs$!f;bAmf*mGraQdiCyVdyW_n19$&XTw;v=N|4!sQ+1)<<# z`Q=so?Hn)LSkLd;SYTS+Ctz`8Z^MRHoP-4f7k8Gw7Hl+5JFKO=tE!d9C5e^9vU?tZ zC%BKi-WdKdS)=Fk$Xr&=Q?+D1n7?|QnVs2ZW!(5mWpoXPU;LHl3S04%qvbx2?T@?e z#Do~oR{D3;*2-^J>ZxPpfPo50df)XLN${alB`=osYidfjv~X|6`@Io=;EbP-^r5vD zw;5#9p4>is78du^WN+j^WK}oqfl>4P#vl-WI&5x=ntq#li*?<@HgvbF7GHH82`w=8 z*`^oqsgIVNena7ay;JM#_c`oq_`rhCT(u@HBkbDAZy|EU=e;dK9#`eGx`YhvH`7z0 zi_}c)_t^mq78she_tz{_2m9S(P+* zyLu@(uoY&)r86*R$Gy>a!6BpXLPDB=LErY2ni+ICq!YqIyXI{zgVXH73CWsyFa%bM z-5y+Hk+6DHGCe1ey!Wmi3sG1``RI$=rFJ@7uFIugtPFL`B|VHmQRZQW%waUnC1bnH zvAp<;HOymU>8FU}SRIY;AeU+aafy8_DE3jm`*EI$aAM-#)w~ zh?8$G{HFTUZ4%hZL%P7S;T%gW7PE6c_;`LUa~s-evs(wY#St0HZZB`IY<_dAgEed< zWXJ_!PE$0yUNl$2id|RJM3wJhX3cuOQ(?>UtN>5=ea$Chb1FX!zJlJx2EI$+L-HE-(j1 zW(Kn@dY$e3W!%|W$l<(5Yi6z-X{ ze#y0z-04oLsdyjo#${*sl3l5_mcZNP7a?(KccY0Lq(@1 zgzo;>+;n`j33)Edrv+ZTSy0f98|hOhSCC&qIgONOmP&B?JO*YyzOg({EzjJwYxQt) zRyVwGqs=@+^+{{OW*esc`JC^r_Xw0QGg15r#_S+D8JL#)ZdPDF5xen~iuzq<+yygJe0{Od zbI5VZu8#GWN}pn8e-B%IiQKu7UA`S+{MgUIRl-+zZ>{)bR`Kjl=EpKM_Yr$r)2<)~ zj%kCh$D;-gqP1inUdB&*3I)h;dB`I?8j^}jtDl*xhYa~NOgpq2YNeQOvfMUit}mTz zG^RD)9Gu@C>xmJ*_HCLnGULS^VWB`Myn5>z&uqNcYN)+o`*hO~M2A{(<&qOZM&UIv z7+D7^1Kez_sgsj+5Ua@f;Hkl%vi>Vt(rl`wYl!Mr%E+_}F(1L;w z=vm{5X-aLiB)mNWD%>L%_@IWbTa9jn@3#xnoIZ?>iHR}WTpq{T50##Kg|gPw7&wuz z^N|YfGf^3-M8~_kp9g$Vt-9zgNb$wUrnZ44$R zw8nj>}F*s3D>%KY-_uV30G%-M+l)Ct8hQE7@Jq9437y+tmDO271i|$HjIZN@3vIWIn_qF%>=_TE3-*+z93dQ z=Ge#1_b)`D)H2eo5jzn%n5oJ-j<@q`n&& zkDteVADk%CqRa~n1eHRi4>XJ3DNE+HmX z<+HmqXkmB8IS{tG`Hq8Q5z#O$VvbPs+APjb33P|TP{6N@J2O^^-uf!COB-sS7NLmW z+#W1w0JS3j-EL1|&7`Kioor9nZW_R-kXwm8Z+n^dYuDJ-k!*z$>`ynF&To1)=oL*l z>5Q_~F)@ZXcGbE~P;zE~O23u4s@>~x_VTBi<;LIFJrtexq>M}tUNms^`2-ul~PdbJg#T#acy;8C$6khTOb9u*^|ks@uZ+W>mAHl zK2oEyiaAzZ@YPVeiLIJ%|3qvsrAb zf8xlq5ux3~Apy_Sx@x}YvaL&p-OuDTSL@3&G>Vaxp{VCaP8o9OhHuu5Uzj$Mp>b+@ zklp$&?}E4lzsXvp;JR2>spcaIW@!Ie;{o5GOZ_U;Z*Y`TR?^DK3hFHqj|sj%NNo3p z2GqTg{sv3%b{^EdaYY&G-jI+`q4V7xn)RVS*J|3OlXf;dFf0dm)8`r%A?#k0Oh2GR-CCF>9KjaYB_&Sj(fg zNj&0W;)~eLLIZIQ>(SKo*8a9U1v39t(e`&iC~6Q@0hpGfB06m?OQd7!uh1nU7Q@Yz z_S-e>5i^#?1`)qXv%?O-S80JGcs=Xh6?cbQPbs(pV-380S3_6Jz#== za(Fcu)Xt0ItA}b3#!X~lSx33r6oM)2EqdvSrzqa#e_V{5i}`-Lbip-iUT=lHYas^S zb$YqXdnDI*ZQEXo2RLJ%;-ebn>&1(^$1-aTaIW%T$F$owx&R*w8mc^6(3iCJ^}!y5 zXjBkvb@$sAJ5fph>{)KuPSLWbB;j{`K8JLK6ycu!~c+6dYqV`0B?%=+`$m?O{+6G}{_$by$(pS{&s!>U*Gy_rC6J_^Gd8Ja@oC zLEiiQWD%F*9R4ckjZ!}@Dk&uGa#=lE?99x}Ok!%PGHfdsy(K{S(m=g?7PO4+6bU0q zh-d|op#*z}92^{$u&o7^$*Lz>0#mIdQwW!fB39kLlC#Ml9Ja7wqxuTP5)b9GD<--R zBSZGSR%87>n2m7l&iaAYNn5C>sIXN|l%tWZvK&7yx`ftG7&WCA zHRVF-RLSV8Ff-5-VOKC(U$FCavZ$%scoBJwtzThx`AK9Ih+0iSoifYOR_7?^b!I5h zR@5qCP}nS2NldyO@ZC#Detj@-1QdBq8#?oDe=#-exT#n3v{i8g)B)SCuGXYZba_h0 zYoWU+em9y1YR0kGs{1rJcm+Wei;NfuP(wjG1?UL{@hR4v#6q8_b9-nRa0bt{R#)^P!2kfg1lLk- z00@9~0t*X^=UhX}R|M{s30cj~cz&JJ2nBL0RY9i|o~a3XA0iPaeWC`%!S>`3Rlq;B z|EzKz6+N}zt3@DOr?erpSV?L45v~??=rGzlk|`7lbvw&c2?Vn}4vS_^Nkyqb7kUgZ zQSYOG>7$t`Uk7lscJ{LKYjLshvtJb8(}-pOR;8_@LtkhhL`UiI-&Puxx;M z&>ouj_U#FT`{XA#ho5OsQ!s0o7$v~csv|ODBK3{r!|Sm=Bi$_WUTz+pzd8k>=1|b9 zOKfcpNr`A-@Jkx-*x_%&^CTw-OSDa)cYv0%E4+4O7M z8t7CTq9jv?3`$OK-=I)aT$7vFn%W1*qAq zI)Krk;ec=z<;pFkUnf1{Wxbtvz`k7w1JsUJKYFOTM^w4?vq>c|CR06&B5Y0W7V1P7*y24auC z0qQNigD%aL+FJV%lpVswtiyLyYZT+XwfX{tLZG`6oOc8VSsaNxGUaRzb-0#z)DY1y z{NfjITU%Rcp<{vJ=k!1`k07d;Gm5RpMiVpx&m92Gz<-?tX*UlFo>n=EYE4q9{oVET z>x6(3;4PnpT{TBgAO*-JJUr|4UtNOw4d*L=_5%DH zdzv}{d9(W`GzdR$u<8s>OF=YP1TiM6&`FXX4fe}~t_~O$#cQ4xaNsTu|JK`VxB_X3 zm!eS615QsqA;dt4`9C}f_YPzfxQ_6P!UUrN94jeOMuU?lytGq-`gvEJoScsTfv~JE za&u@c5+jdehp_z65#*O1FJ4*#$`~GoC_}ruld0NNWy`mP=VcIQu!vb) zU!Cm|rc%(mbt@G+$%_}*^?KAjn!xS66A|fF0qeHURw-1EO7BGZZ2mfPwl475X|)iP+C?h2 zYYRfxL_DtRc64>s`jQ+lqD3^1J6di?h1FmAPfkNSgLTB0eVYJh;0VN$#|yX=X&het za*HZiku`ZyR+b3xI!xAG_Q5G1+03eYo3gA1CQdsu$UFmKA7~54Eo(s=BOclC4@pT* zTh$|r2+ZUc5wEL5EF$lPl&PngpUiwr%*zuGR=~~oNdTT~7X@WTI$+BgKg|KPmwap_ zJW~RvU5X)U@A8NdBydH*skf4<;-#d%(@vRYvDDu=c8Q-B3Sq$~FQ%F4CQTv6N31C_-`W5a7MwHwP4pn%JZyI)2yy@So8LFlk% zao5ls!MFv1EI6z=o_+JIlH=pxOZ?c$bp3o~YisMAoSZA*+Xq_+DR#qMb-J^HDk+}4 zuT?pmk@xrTBW29Tww#LOhi6toq>?c!pX1NGoEymaIWdMC`;?XzQ0Bdz8afHG_vY@E zj6}>hhJPsK8%EA4;SD3f;)gm+1BZS4I0@G!JcOxRiVXVt z2!%o5fP>l|7WM8MMpmucX@KWq~N-aJb13NR)f0K4Zc`d98g&ER zJ;@$3yE1t%$az)}RT?2%*Mh@5_WHd72xU&dGnYsWD=~5wcT*kTkmuyNR%uW-p~kHx zI67#9S$h=*JvwvVfB4SPFFC^lV6_D*CC~WL3Ly9>QxG44P`ZF<$^NRE; z$ASVihqusB6Sc;;{gBoRq9*OSE5D!D)FAt#wKP*K^DN;*z`MwtWc2iIJF zILzc^Vf|iI8n=6UK^X*bI5~y_F!}1>qW8bwhu@nUI9$M?TPiWkc=-s$88}@EpY!Fz zXY{UIr_JC#^2ci8>FUe$DQ7guEZd5MO-WMDogP*?c=P7VV{a)abm`!CElBY37ZKZ^ zogBZ<^*Rm1CWw5r7IidhW2Fk$#5}<&E=_RJw%$7SGUHbn!sQzbqck?QoWaaFxrBSSX(>Ja2-~3>3lZ9mGS)-SmXj#q%-9q zh!tjz5fDo!TOTP=^F;aqRN6gnX#6{a_&e)4oebvrjGZZ%C{mlcPjV0~FT?*@O8hrZIh_hbQq9hsPLxOh zAHjJ5G9?lp5PooY-*5$)+!m^%ex??u^6B5P4_7tm?+z6lO#DF{;Gp-PgFx^s&4u8i z_&&z!P6LKjmJB4;H>2-?J&rR~JtmY}Jzi2?Jznf>_NCSM zzXRysJ?s=CFw5iv?|O(r{11lr!Z10zxw_ATXT#EZv`dNBaW&wPj1AZ@^aHy3P`-^e<6y}`Cw|14xS z_glLa#ZVK>apxtI)gfY5v9F?JAb08X*PDONi!kx$+#X(LTU5)Vp@fHU$z14n?&?V1 za1tQ3C0710q$33&gA8oj-G5`o{{=Y6fFtTr(sJri;ylv>z|XzJ+Y7*U`U6G7{%8r~ z*LZJ%aoPXOA2F-?0Xc@~(KJ26MDW{}ouYd$ylY@QC&lE0QbLdB033cR$l_7!IHy5e zL;>vGobohmpl37_N7M`s(iGrpwqM=qVD`zl__0hf=VZ%476Fa_A}<190lx-(fX?Np zV4^G+K1hlwl@#q)uvLD(*QbM>>|M7~Le~a!utp?E%2(}OB$kDI;aQMpU*E9cAYjt} zm@8cApp{ab8P4?5Brt~#b1nNKYpWZlr8T`712axX+7UYqv@;;XNV_^QqJnvJBWc$2 zm7Vs7_s>ok7>h|CKTT#hA$O^d$ZYL>5g-R$E|VRw+xm|c{@WickB|#W31&|K73>Rt zb4WQgzLSyiQmy53GDYyG?>=2(`-v|! zcge}M{*2B$f7a4ZKKM7Z^>d?pJ`U5$f$FZE@23ebOa8|6T^``!tPRq04;-`-HV4?N zu_;~LZBstnHg$nu&`h}@@3u~ow+5ItmNGtBaC3vc!u)TH2Kfg?hl0$F?K<3;D*chp zYfb-@OmhnZS*^UviAOO!ua2`mn84_<# zZ zTahQMgdYm*?Psf#~4HV0dx0EwryX&-h->U;o@K`3Jp0J;!N`E!Hkr zd)8KULQgsbp5&+9rVKqv3p~kQJqOx0ctG=#>jBFtTafL*v1DT^*qSSW(D3^th1z4S zt>S+n9x#oTpWxm~SJ(guKH0`Qq!y%|*aOozZZC zBOD6J2F9b`y;qL)(>nj-BhP3@pang|w*VOt(JKlpc-n;Bk;#z`%BKzBX_>&gBj0-D`LvKh(~L2NP?KIMN;wsKY% z2GfV5Q^4a=N^XIk1>|?I$nVF}QDBjOcli{lW74Tlx32wzfbPMeM49F>n_v=r{=TF< zybNE3J+YhlVxO2+`MDLg=$H3BS4)^L{J2C#9wfkY#Zz%pHLK+j5OWs{NYb zEFbu@3z)M@?Ja{Ugvg)002najr4skVx1dNPO31bR4k}MHSPAT(q~ze^R*<%-aES!( zl>*X=CLZ*D1ppU3E4a&d@t7Xjh^?PanVC$myrzGn_*Difb?ef%e4LdOC8 ze1T{|;Oc{PPyJQ#?w!WW>Ngo~64lKL6&sx$r?Nq~CJ50fsNRrtf9&#zp+2JG&; zNjtO!`&t>^{QBX0G3YCY&%kt^9X}Qf$PE6ItfcX7!HHIGXv}3e;cTcOv!Rs?c0i_L-L_JHxF=mQR^c}PVS!0M1| z`7Y29RrLA=YXKOCvBj?l2`NUp%oF^|9ZVIDE(Z3a^>_C3@)kD;H4AC^*FLwUML|^i zKPPP^%%t%<7el9a2tXrFNBiPW_dd6v2IIe<;8yr9qIp*p2rv?Ccs4 z$dCZT$iph_5N_`Q*$#hg6$9&FxDEV;+aob3N<9c1)j>{n4aiX)BpXvdcu1QW3_lM8 zkcYL{LgGKg^nP3!h?(+I3?x}!_;El;%Js64$XX2Hh;Dx9GIt>0?Zk(ykeps}t?x_p z>bc=c63djve?szYV0X;cvN@@6Qk_&yYMs<3@-TiBHOMzkUvCh525BNdfLkFzR=O90 z<_J*t2r4)NBH211*}9}8TS&4QKoJYw7OY@+8aKCj+WCMjNOyY3}!4pac^PmT(0g2x?jkhF(HHT*x=dqSbHWD2nXnBuz=s$6)2|REpk7vLF@XP%Xc9W zC!{L^Az$6ytEaEUv})s;K3-h+_{VYj>l|Q7A4MZP+MdEo&L1zg>KGC;-FSH(>upvE z!n3WIA4A{;!2bhr9b>s~2!$1t0GE{4(;;YZ0FNYn@1+aWBqa#cE(p*4^?6>pm!gjk zK~ShW$*u6^{hj?D>M?)seOdl1YWf!Oet%c?)Aj~`-nvFeD zEH5r%JDxmy5b;hW%)w0gDb`Fy`fF}2v~CdLE>|A=TY~tfVBzI0cylrcRDm&&cTfVt zJ^=l?Py3SVPRFk>05HwIApaH9{PmzIgMB?D97F@oq87-1G)X%B*DfCN50G#hE|IjA ztRGojb14DS1;v!Oj=@7c$D#KT=>TtDgE!x_l5~LpV+-7bZBpI|@Dy+v@t<85WPHwb ztYH4@I}ZU;IRI@?ZP5bdwG`XWj^Md}BIyfQMBG60D@KN?`B}HoUmFk3f9QV|={g05 zjRCS>zMca$kUPiw;-^YPy3GFma*htXIS0fR5NJ36XyURu=)q`k8S$T8M(isfZOa)TY8~af3gGw4Oc1ejwf6#%fXmBC|Iy`^l8PWuK8{(8j{bDj z`_qJ6`d^!}a2aUt!T*abgVAt${t$&u!ltX6RZWA*R=F{is8KZQWfq1BR%utao%A~< z_&1>@-@I1*p4EmN3uB5EJ{srw=;wAa64F?U2N1W1nLdyQoDrBXql#|A-(SAYP9mif zo7F-Gi9r>J!7?W&9EhPBFn={Gr63e_M*;LjDXZxNF@WKl+W%%aD_QEE=R-Gq4|8QZ zrkp+AXF7N3TSKP*Tg5~Eu0uOoZ(QTwnta2r_#I?sVPs-ekS_7r)qXJbO8l=~mnlgQ zX~@{sxfB@Po0zqKcBVbm|8Rnv(3#!XhXG3HNJD1>P>{dOB86!Y3w*P`eR39Lsb|H} zMNslC4h&lSQXgcve{)&-CcN2ss$y0g42cGLqz36-=<`1uXF-VKJnRw!erteel8;0X z%HEHG9F;?QsR+vY`G82ne3>BV`-2h3INS!H#9A5oVQ3@`+mjFsxqZpn<8o_O zDKCrLjz2dmzXS$T2MS9Xm#@V9rEw5}f=c{=ytV$>Hx&vA9w+*DTiU?~i;e0!zEm^E zDtszyyj)N5E8Uk?fg_xoZ_l0q^IZn>b+@|941WI2WpZccm!j+Y-=h8}lL6TtQ6Uv~ zI$U5KA96V1+OC?;M&Y)H*@-FLNTc(g@>VaKR4tvbl(3fnlOw=f?n1j@ln&`d1*A~> zLctpH-8V|%^3Iz)lU#BqKNa?WGYL;&vayn50`da85WxH#gTih>lx6`8%7Q0R4l-VU zK)SV(mQXKQ08nXw_{rYi^_VEa%QOTOb;3zSjbd5t;+F3h;IhnP1{(v^N`ya^;uB4f ztvu02k&OG?2WA1;PAp)Qrp-G=Pf4+fQ(TK~0wq$j^9FYnZ0h=d@_ZD`Aa@puz6D}` zLQ;@_&RCWy>!OxJ-g1I>-Qy-3tA)Ss;{&h!E)3E|1wRi+PDtR954^RDfn-w-WV6RI zLjr~z0;PhZPm63J@!^5^@Mim7-XgN1L3HS-#Neg{v}$iotj{q+LO17dzlxzv9@M;WasKirr?d<%FxHwC1ElhvQXn99a zznt+e&&J)74;Hol5=C1ukL0ghwD-wL+1cryQG0qZLO(gB?^l#+0bG?uW_~(Q8u~1N z##x>ZTwsZRa~W*b$DWxeuz-4H13>jAK>l(s6kC`Aax+B*-h!So1)eg+lk5#)Fco0% z-wc0FDqOz)uwX)%`YC^EdB>LtL0N?J#@OLVN&v#aFSfTuewo$2!!8BEwC&;)IWm6` z!Edna@A*wf)X2`#XH<3J7MI}}$g`>Cn~g&{YT*Q)jniBo@<~4cTz)9u^!fYC*9CxQ z`-E*d4uK97qh3Eq&ViD;YES{IK2DtuJq5~T?kHcAfiNlnF#2zXw;o(@+n8P|*5|Tx z7nLwD`|!E<0%fk3jQIXapecg5B9>Hx(RUZ)vs?KZ6z(`ZMhYK|H{tSA(qnwwHa|Be zj`n^LWIORPvI2Zzefh3#+FD)6P4$OoLD}YX1-HfJx4^%=^;a1^bR8HtcbP`y@0y?^ z4DbUC-FN>3nDYleHM73c+zP$VZFN!@EL;)EN{$J%rbQQJ^)? zr|Upe{@zIV5J&|%FQd&t(1rOGkN-}sr+G;xx#Glnw|bug;9O}ai33lTcIa4>`c>GA z*91vxob1-tU?eCl`OuuM*`dZ5_Ru$+eAE++d*&m*=G72Wyn2%IDdtoD<%WE-1HeUD z;G|UIZS#fp`4dRG6s~v>J*#CA*WVlZop-6WkBcf_e&fD=bjie*z^5Uf%C6|=J>UU1 zzE@~%+D_I(j7i<-{GkaHu4&u%|5$tTaH!wEZCpwzMWrZfB_vz2ucP`PA?3_QWuj$qWW#jIoU|W9D~FpHKJi`@Ns%c<$%9kNY_K$I#5Y zuj_ifUgzsP&+EEQe*%L8xG|_K7#!JvqWV9}Iv6Zc9o3>wAHf3sDDlam8x)m$t8$|< zoJC!Tim1h8(9$~egGAJC_*ZD`slM;&iQ)z#zMgD2|Kn6@{s4HteDbzU?B4|XENJXk zz3(RUfHan&J`*xl0|o>n$Uy)b2gRLqJ?!;iD&F_^4T9ef3SZa#4*q`1+b#YNPjJ6c ze}Xod`e_J}DqmsvEAq7i4`FLvd~zJh8hEqsXHmfHSVRj!jj4Y`o4oYOyK^V^l>Bq3 z*VMQk@sIGhD*gN;hrdp3QO2(!rZ?AHdd?cv;9$)ZmHNbWz`?^LS?cl;;i}EyOP(XI z;`e{Mek}9X5K9m}?s5D+Es?-&h5m=9=>7~a(C7G+^(v5_D=v(veFw4qUGFgly9bQv zo}0u%Ku>@PmCyW)h)lu@FgrOlt! z0(jScSBYYzD_Dm@k}Ljopv7I))n|o*xLW7o+ybl`Grp@o7);4ZyDdT(j9q-1)w@mb z^QKc_bT|0@%)X-R5b$$|(?=s3&s3`TTCZIreX-uyX%O`t-c?wp%EwgTMk>g4eK+7g>mW?V=;~wnisR|KV>_2ncjZ8!%e!Xk{=WFSUYIx z*M3%YsM4(A=qZTMVP*IMusRMH8KlL6aEU#$2lI#2sd@wu*!BYN(Lef`2sdal_s>^Z zNr4=a*Z*TEa8Jcq$dC1w@T7`sGqRsShFzY$KdKL2bpb^_q0o~c2{-~EU48_!^fCSe zb4nikEKu3>hiR+;6h_6Rp^(l$v*rdy-OZ7x_$LzT!RXiLdgcRyC&xn~uaN{|lq68y z_?deuL%i}tF9lBjhd8@~ z;vrfL0>rFHYOOh9XJqNjgSgyG?6V!Q$M&1M5x{XhGEAMj-=3eLj`{Uo<*rK%{EjfJ z=(4#12I=p$^$l?%KC0>vNY00xPgdmo;cT~q!P$9fBCzu$Sh6bC7>ojVcm>x{nQ{-YJVN$ zdovNI~TI)z3(99^Z@Kl=CcO(TLOg|ME&1x zq_-fw4U4m@*niP{?^ynZu>7UTr1of&PrmKdqkC|J`9HAIwf(nwQzN2SP79do?MU+zz{(mYzfE0}a4~rpR!-+-J%>%tU`~p@%lV=e8WA6|J>i}~c zOa4MEL5gLD%@>>r>`Iw>q9#Vh8+$QuS0$utmnHa-k>Gn?u?CNf$sX`wKk^6g$X8&( z?8eL$1g>lJ*+u;J3F zAPCsaovSxw>(~7rFmEV3^lzA;|8mEs9LIRTWBUB3P}v=j)r;2tr@|k#uI* z*}bWui&Mlv38RF);4lU6jg!zSo?Jk}vIU9%Js3m3gTuQ%lYa|L8_&%y%|hEK9DL`Q*J6{We};^9(%pg1G%)it)D=GPCxFNgo-)D&*8j)MC+Lf@XTBUVyZgU8^WWZx zgWEN{kz0X5_;~f^@_~F=4o~)e1|WLqFuqBEQa`af#|UvbR-aE?Pp306}-tCFmc^`tl1iQh77=Ieq(Fwi^#k8sHBOzR+IINtz}l&nBAJQd*&JA z!w~bWI{09q8bSVdsu7TV3r;Ne{_z6*CkgmpXt`tVuvS9xL^yT)iY$k2c>7+UF|*0b zS&m1R9GgYz*uCH$v)y3E03|2t?zB%x<-_(J{{QTUKUK~y%-FD%?xpXaN=|dw&0HM{ z1mlr==%T{2CdPxH(4oTO5)rVCS&n_m+n`0lyo2dWahd*Z_F~@yviP38?-bZg@;@N> zBp8U(pemm}6H~{I*KPYjNd8b8`CS>ckAJ)vZ2twYXwdrq-J^%4PbOV45usP&+`uLZC{bK?7SK9qUnm{FAavlp_db8X*f=xb@SEy_7E= z@7rpg{gx=vvNYM!^6P6v3+QK(SetMDp1LpHY&zusilFYEF~WdTBLC#)SNi4bD6NFd zvX3bEZ{=qYrF-;8q3nT8y1kK2KW*cD&$d5TT*#jU&+^UTZJ^^S zdl6Gkg7bhG@kQ)~dlR6%n<6*E+0jh|BmK`Fnty-!O*f)K{>B&Ozf0&9`A7HsK$3Nb z_pz@K{_iGPAnlRaGoTCzn#C?(v^#sik6k&;mS4{%Z34XeNMy%n`y)l3n79JXy^n9Q z|M&?2IZq<;I>4Wv`lp#>Z-KZ3nz>6F_urU;|HR47P7?LM{@;_t|1mLu1|G{^&@R9v zHlB(v{%8H1X1lJOPp+|Hk0$rs#xvHV6@u6Oj_hE2YxH-65#7DZESZg5I6yLgc&?9a z&VB*f-WNW7Ds1x>*YBtf{Q5r})j)=6VpEDehuE?P%B}=_1@MJ#0{*@D`^9?B5sZ zHw5S2$5Q{xn$|C;C06nL2af$H+2;XptQ(1s?NIpd;n>eJM%q035avSMBu;pdchsx& zf#pIts9xYZaqoQ#$hPe<-UI9h2Lmzy*0Z|VeJ=3hhXnm0o*dO}ig~wO9Dd^|6<}Qu z>OZT<{*OO@6E0vDcKnNZft|^V-u@4-jecvr0vOBvTCxf=JQw#Bq_V>+p67Q=Ui-wZweg4oN${9`yr2;AI*+oS zcMYtYwe}l`|K(+N&O7lxJ`bSw0AIhbyun*iH5lR}Yzb&r&%~?W(aG^>h6`iQvB{n# z%9L8C|Ce>5vsKqwuERlu3}`bOhl4UyZyofNOE9WUFze8eO|PY(|L~sv!ccOf`q+a` zhnDqGZ$ZNZkyQ7zdp+r?bS*#6+i@1JK;RTv6@@9?gjEDBnN)<(uD<*F<7Wb3rbU&1 zYH4wBj>EI6maCUI{ClOeZ9%8%vTGJrSj&VWd3?jF#_y%Ugo8WYzm5XETa=mFNDVf) zzPE3V@M~YhVUI^Bu~0e2a*|2&N-uK%kiC0R>GUg`Cuj$_?p}a(x>V7&#_m~gCe4R7 zZSe#VHYMQ*42-8O`Bd@?L5?YuKwFUlx8{-f@ljeFmLp@0oPDa%6Cj;`m<4x3aFB{r zW=Yd3&cyLkk>2RuZ0Frm3curGEV^}1=>AjJVg5MP_nGba`J$TkaQd7%Twuu3FTND> z@e>AZ0@#I1dJjc^FwRaJMejAv8uuSBQeNkz^&iFCPT4mBN@f!DraaJz0GA_b{+7c| zi18LWmc{Jr^4n#w=&g-W+mBoc4VChY7Omm~SE%1Ns`kwJM~QxI{MM8pKAx5M{ih?( z0kE@@aq8AmM}P=nliC?J=ebAsPI7_ zzPjTI%GFmv?oqoldWap3AZgX>+wka9p?5|d$UEP0tSWDm0yhe^s+{=DYct%~Lbcc!|z3-5GuLejdu*$m2IHEdY<$eaCf zehz`OX~z!9SKRK!wfC~R>+wC>EfIV=M~1B3yQ37U?vniE6at2;er=1Nvery^2BZ6XN2^j)^(iF+~4%o0ZHaGZW=k?AzisZg&2 zF7#HQU2M*PP8=2s`t_(dcxSJ!hTItzXUFGp?^ol2qn?vl2tA>ykr1Nh(9vp9zh4pJ zjN2(1zGYKnVOPKP{;IodYTn(jq8i_+2oE-nQU9>{MvvBE*8JgW&OL4W*7MJJ6e@08 zdi1w7zl&4&aWkcCWC#j@^=i9Kln&pC16zyDE@5uZTOE@r-emCTGM!1#0CS|d&6>@y z#(^V%X-h~s4X`<>6rg=9VEv~_RFWsE~ z6zTlRN@~@=kT!HYI?8g4N`TN^k@1W%0(3VeWaKGUJKKGt5LE+HA9{CmepK6kxUY2f zMBGUT$*l3fdQ!{hP6gr1y3LEG<*&Rx;Sh}= zU=TXX7lSBmubY!h6b=Yj-hL!(7+jCU^V8;nJ?0f>(LGB4yh0FnxGVWU%5?j z@|I#*P(yWtq2+@PN#R`=%l^`Fh##$8dc1PI%Ts`p#Luqf(Tw}|yyZ<`rm1Ho#{$sf z;ei2VPvas3^fta;v%emT49Atb@Ih96g4~A+OBc?XM8~UPJ`huDnC&(BgxL^lDZRAP zwpUsE95$L29P>q?3*MDm%&qI@x`)N!jHjibQ=<{N)~Hx^+brx@co>9Er2h`@}Rc~I+!lJ zv(Pb04_&PF^SmxyVhRR(b6Fy7dJt{Pe_4l;J0nT&*_;*T;6Gqt}B zB~83`BdmSY!AzjZjE#l%eMnaL1{#@Zmg#Ki`u=ds{3ms4<^}WAtM&PQBky1Pi*~Ne zrUd}=EcgI{s?ds)0IUCQQf%u@4r03r@~E=fGz zCQnz5cQthWwS%w05#@|~B7 zH(570p^yTXFt9)24y*Xg;g1oLHjw2MEzx9wkTUBT*ww9is;~wZ>p0FAe!oh{id0Ox z5sF;syTEI_sF{}xGgt#{4_Zk}9csj-PtHQV;pcH6K#+5~YwNTA&EM({t|1*X2&GK8;u3 z&1TO49h2#FQ##B4&gXc)-Yr~lWs;$kJ}i?zuW*N1}%8E>*rwSA`S#Lwkt9Z1lfsdpq*q8Hu#AGWYR%BypmRr>8jTt$Pp!5AApRyI}4 zx80yoCMHfmVw1&vZ{Q*hQ>MRbv_%iAkKDzNFkR7Sm1f2eu#Je5F7x@`aQe5U;hzPQ zj1^cq!#8a9?o5|OOQfLf{+;`TeyRe7VM2&kW9hBWaCWp53X_s8$ifMBbSn8a1#P3( z5;9FQ=~d z;f2#W9gO#^qTUsZ=Z`~2RcSu@e<%JLE8$N5zdNPwTGNKS10|m6{y&~NR^GHAy_v+t z!4LFoF{v%Z^)RJ{(yetnxLBM4xfVSEie-YC-p0>?vb;n=rBHC~)!LEQh>Ljlr=)mf zr=a!y?5Q_b8kmB;-uUg3p`=hn@7+U z>1@pGafl5O)q|yw3d?(Wy&EWo%l+?zbQPIVADyjbw+icZe`ow#b^n&}rK+?tAsPNZ zI*hly3GzGxyRA6^jSY+Kg$A9k|Z6ta)GkC_KgJ$j#D%TYL?Kt+@+x%4c^L+}k z5TPAJr$7S8Uauq}A@f#Yi;ndq=*2~71+GEDYh}>F!E7HykGGP3o?`1AEjm$8wjBLNkq%QF1ElNZ zcUcAVg**MxmMI@zDN#~idW-x1m7>v)+POUJJ!K>o%d(4Re7kp)yc@E$IxvZXY&xR% zya``CW@9pA>vpWzV!D5Q0!CoXqmjJ%nIYE83wAms8|d<0sb1w)=yM#Mx01jmtUE+~ zadeM9K`E)t9=x4**pw0em9rM>L%esGm==>+l7-94@ZEIH&UeWbvPcboT4C7jCEdMD zX`&sruuawBhfxe5S)|5S!#x>+OxtCp>GEE!a`ymAFLc;9AJp2;CpjQfb>Hi{eh}np ztbPZgU4B4Jc-N-xT2O*NfEv*bb^+5Oc>evTb&v`0J{F);oGr#*C184ol2>t@yTlebsniS}AI=Ub@?DFq9s@uGv{H z9^8Z+z8~6+wE~SZbSQ}U_qNjyZ`g_7A*^Nmc;-~QjM+KDCO;0-;l(Jg@u<&RRQ!fY zW(6IeeR18KhtkX$G{m7qAQRWHWe?REw-CJk{5j(Uv|5D#1Wnj6GmVmI1F3}*2<;|M`uKOTo- zMVp|wr;eMeM>|k@Z{#`02gocy_DVx&uFLfyjca-$2^x&0sKg#^7Gpn;k6lQIqOg6{ zVV+wo2xQ!r_S#_;KB#t!hf-Q-p;M*k)Y~N%QZw{6;%jBmE!8Vh5lACumngQZP){~YA z8VeXblFm*tb4)gKLwyzMtO}Fwp?&B#hi#Vo0Mb4>2eEnC(j_B6 z2x}#GRpU3A9z7-iW|V(HE!%Q-{n2qdj&imTj#iEDhM6qNtK>6)G3K+dw`3xDm!-B{<;{@!?f<4%M4=j^W?Xyp%9-l{d#Hv zmVv2hs-LZ7<4nQ=1K>;$pbM_r;C@J0d+OwJry?IpG}Ob=y-1b+7n?)~-su#vPmNo) zsNxQOc6;exnZ24G$QE8lCT)h#CEa(^L-#4txtg(Xi;cy1M~esE-&nS25{lZJs!jWF zfpMiTi^X{Dvw76zq&SMntR?Jycz#Vy2C^)CotD_WtZd_PbjT9FebNTYxR)h+f2uaZ zLw;@&)6ZdB@;!&7yVZk$SFNdyMuCiXTqLwh$*xzf6`FGAYb1zC>t!8ZdsGP60(GS0 zPRRuTob~>Zn(>-Nvkuo)C=E=^%w<;a8&92G)>tJB^tX zr^mXO_!T|bAkI1^S2z1ESgoUOC)k)arOv^A*Lw-^q_EzlI$|*&N(^ed z-1AGwy->-<$h{Yn37-h=h%Uobf=bH-70-Ag`KWf_y7lf*a=AIXt#4^qNmwZ3@P9+) z7Jgl|;}HY!(y%=CyMCTBDstIQVcf)j^i$}+zHPQ5z-IZQJ6`j%j^SrZA`lsh0N;I| zLU=Q!FZd{doQ4Vw0PS^{#`37qNpWcGb;g+vKKN?RlvOV#nroDnrdf5Ioj=$6RH!o6 zzVZ1t$$Qpsa?~}Q@)skMs__otnPkPPoW`oF_JI28)DE-;-eWd{@uY8vvk%2$}1Qmd9aX$GF0;x)qHmj z>KU(WNyW9_&=yU3GT(0`zR!Wx&U760tlBNU*{9{W2vpbyoeHCsL17m)1ZHXIa@HQ; zG}(?&hZ7Ecj_)^`&P>Slr$YYEMEAWKaI(@D9y z;fDi_LmgGtC%e_L+?{gers%+s`iuL;P3x%>p)EfFHa*WHf9RG~@HAU%%cDm40a)!r zX+v_qb_jG$@ou7R+Bq;{?d4Jgbzj*&=r|L+JSFxzcylhl<%P`k=235CvW~w6Ie@iA zl@5<-@BftlSU3F&8TB+-N{T+=;8iObd`>-qwNspKxj{1!jO0;d7}qR4=4pPi8&CJA zjr77Y55W=~l(23@&t_5Vv<(ZEU3hP`OS$(6U=6*hN=WOKrbunGj(cozVyOF8W6EjBl+hOC z{RyyAb?IcdzUA#PPC!2maic^+ZEF^OnADv`28wL9wx>M-J?HUOyffo0ZWm+&VmCf# z&!NR^E3PMH9{K?xb}1*(#Db?1OGg(&Pjb=J$CmINS!>{8P-d_krzp>ccg1AX6>OFbF1u#u`ql8NP2b>}* z6*EIDFj6HW^+2$J}fE@wnnv;yg||M0jR4vhSK5%1$HIRh_UE1d=T7d$7>9PRog2W z{uCYKCQfmi!r17LYgRvZHnXWUP{3Q7Yq$hv>s}o!32k#%sdRS?KTLET49XLQuDk@> z4yV)uxBIdr#H8_SV@Bekagp`t z^2ZDC?#_%{dDo8)+Ff`pdVpqPj?@(rT`@d6g{1P~bW27cmVH~yuXqGROu)vYtT9inQk>B$-dqpcTxJfQ&;l-<^#Y@J*tH+a?6T{6Y4afAzrL70! zpxw9VW@liGjin}Pqjy!CL&)6wDeC!#SJkUOOe6`yl?C~NP{7$A#RZhrWY#oc4k;5r z0Pid54wILw9{cS0RPxnqS*j~6D_3`CN{JsATl+r_(VEsQ+RXXu4QF3;7%^>9LY#In z3*GM4>)7UgO$owgu$CwY@4kR>Su+8b@M47to7l(~f>|mu=^^tnTVgwiCA2m;6;2<; zCOhN&Zt3doI>1t}CpLo5Zss@FOSKiY_2@Tf$yXoM37h1pf07Y6=9}Qz?ha)eqLv@c zFZK?#tz-^I1=*F-HLuwAFNQ80xYrXV&sfNZ%vCGi`^K*G_#BL@SBa_WmFfW>wB zX30$#!<4k_BVxsOn<>BVNUO=*B^Gw3HcR>5>TK!qcUh>ei$IA%o6`y|PEl`k?MIL) z0=2$j`d5R)q5O%({CF|l(^gPY@W@1_UyRj3vUC7^r$n)~*lXNM?|4>rJX{ds;R9rb zNPucRstEWyS-8fk3w)X3$2nGN#sMZq&bQKXR$ zFXxmoVvuHdWjjjS)&}e^hOQ8+5k);A6u$WOaIc2ygT{{~)YI=S!O?MI;j3l)vG^Et zvD~R!==%8*-}kf(RyC5PE8^exb+YsVpP8P(KQJhdf!{0^4Gt4u0~y^qutDcfgeQY5UZY-)^7=Gt?gXRbi~jXfY2~c ztTXo{6J=RHjnJC%idwsucWcX0K&2wW2+)I{J+Kgt=h^xm2v)=JLbIo>Weqplvyo=bZVv)f>N)&}fMN*ay?bD`aXmr&Q1A)cu>M}Qi-Vqv zsLTL_DysHSH(9)6gB%12{^8d1<`TnMq`>uNyOyHJ+_d%W?ASO}bK zx*FK)_=rX@&zzhiS3@zN6zHw5O~9bh6AAFjP@!@6n}Z3}6uU%lPsv&kOWG?ZU&z#T z!eJp7W9EtopXpQp%66c($#3%v@H8s+flZX~CKu}%)}Xm7k3NcqGxj3=RhuE*5T5Z9 zG^y25+xfIkg@q$aBF)stRpu~k{m&I}bH%kYZ>El8g8ZZe6g6;5Ey?Gd2?@uAz(l%zAlE^QDUSeTnfwCr!kDLS^lR>B|hu0u8Ju3eWqbCk!d zT?Xc?q8FwexRA26N%TI+rwY2I&?miKwa$o8pEuFGxW~GO`R5Bb{1;jhv6`n{o#cju z6*btx(PX`m_~2^97YqB~n;L5s1I;i8y7k7-e5Q6(qgmN0Y9f|)dHMEv#>bmsG-}pOtgvEi>#p^6#=J!{NXdzXTI;?j(LioK-PJ2Kl)SVgPE%jx zQ?9oN-Sw0aHEdRR*sQid@a7mHaPjm6zl9HA5Tmy9>YM_NYZ+U^G95Z9{=I(oU0gC} z2p#5$+%G;B#{~}@cBD^{siS0~aX$qxpV|vG13i-iS(`V81JH`=p)WRZ#r2T@Y0Cs( zbfW4u9TKqfPnR8IB&%;{P+IHo$ zo1Bi8L4e$>mrD(G1cnI4^88MTDM22vDIgsXwl<9H+NdF?Il>3b)FmTFE<;E^bGfhS zB(xzewWeM1>sGaB?zh=CJDdluL{bZ5^Q88nq|~l7&~;0ADvV@b_Ok(gvtru-XJsCrf+3{w^p;|sH-ON3ahCU)->;#TvhHdg{fyf zST^o3Az39bVytncC`lbj^VFCO#hNV2w(2an#wr%HzjI}G)iBmlq3ai5 zIYdC+HUjM-eX`3xJU3t*lST3MTD<;g6Z2GJ9*2KdjIdWtcCWh= zCFCd2P6fP>TM0fug_A~Y0jkmYL2o{iQ2ZmEe=WfNXh~;A(2tIe%6`DxHew@gldP>8 zyr2udC~2;<_+2;5HJCMGSvhfvk3<7E4sL-{sE zM@pc#*o>l4P6`~2ylG*js>w%ojTPr>03A(Ib7tN;yRxQdz;DnQIrPjQAOa10wu2ix zXffV!?cc5qE0@f~L%+!G^NQZM&lGH^&N_;K!YS$M2_DEYi0R#Er{At5v|ZMl%bl`X z!K?x``V52dF0OeEZ8v&z7?LTt<`40l?Q=9%Vg;pR@3-s=4evRwCvh+cF z|NOT0v1#JdMZZSCZ(iPqwujnntd$hcYv}=z9)5B0eJj*(KCY<^@d0dyfj1jV!xXbk z=-Lng+SoLY!(L&J(sLU_>U^2_8WHs1KUnFp&|2yN^dR6TFiOm+tZ>ov7p)|H>7ScSqh+}tpyhdA7qn)NIr3yvel1K3EzBH z+Fdm&C9amxYo+ejkkGp@4x^Jgv=u25XOyrCv}wheZ`nY2*ACXB2s^Ms9`Mb)i&MNj zF&;c!)d6>tyDpa}JKtBHf2h<=ia&uV?8b^xC(rBi7wk_@5MpTn`1q1EGs?R5#6xG zmHH=kfwZvU;QWluX#`qLk1-jLOn;?5?(cU!0D)`YtQW_Cf!|69Pf+8^pxcYXY_i{ z&)+M0>*ugl3{fiXhEw)IrQ=$Y#{Q=>E5-Yw$T5*g8tWM{{hO3*nO?CR?+WG+s768qefO%{y(Ca!T zqp&Q!;F0&Y!Zhr!#Hr7~HzLT=ZCISi847u^VWoJfa%kK@ghN!UlPKz5QRR@SSWJv`i7z%rab%$pooUDQ#pzM)#u)<==Y=qR?Izob z)`KSg;Rf34N}0a^r8MJ6$OtrTU!6)e-wkh|wBLQ^^p&jfzRbIV!$0hsq7cj#*gZms z;Tj{Ci-Oi95IRYRd=fn4>7H^SeWNYlYVe?|{)FCey>y>uit(ca9{6%Ho3grSzvCm^ zSFLwT)vKOv@OZK9nmb8*wX~(#PdO7rL-?(0g|2Cy)jZlB$Z!is;(Z+$qo%lQu4zK0 z^X>>aw!xGQf%Gc>K%g{Z8;-h{v;(7uco6N+8t1>uCcVB$rEkI=VhVI~MOkEPsdf=N z_wLGO1&59E%iE%gsy02&dYc0Z8ku9c_juF7@=HaySh3n+C ztz@tz@ip>TO^;pp1t*SV}rLt2az?_t>W4Ryl;vl?!2p%Rmp%JUtg?hb$C*v{EfA#3#S4$boozh%+ zq1p(O(BeK(jb6^at&He)KW+X;CxBI#VL08e(gQXT&Y8D(!~M)2=!qec%fQtug!GJb z9{7V~vu3b&>4iw|9beogHkaLG5Ji0(Lt$&5CY7^BbZRpXINaA+`#F##xOFEn8S`T8 zh#;JZ@`w}v8LN0^s5r587yl32*Bz%Z7NO?aq*b4`mljf0Wp=I!^x!E=($`lSfS{1CQqREFfMvO&giHf zuq;i!jo>x?a7Pd2>#;f}vuI>t>+AeLp2AlC!%B++MNgS+n^lRjLj8Dq|zfrsXV&PLybNuact6x*R>dWjvBjo|_+b8i!W5Zi(E{2WzV6C;a9*GQsBpe&ib4u^!@TC%aOW zFX)houCb^$mfX@4tT^g6vwtId3f9Bd?VzK&n)xwpeVb`N1Rf?BFsUO@?3CX6Haa{9~YLT}Jw?Ud8^O6=}6#l>_Wwog_g8`U&3(FrRQq1z2E{5<Hzr&{Njbh5eq zSZt&r8f^9w;~S$KEoIByn%?UFA?f^0^Z;T*{ejr?89?-8sx>_mMtq`-;gqvzrj|Zm zsl8J7{g)o7;uG)6;EK0SB8;cLlbw-jUeg^|ka1 z4Xl81pm%jD)>jb4%){32#K}X_baJXtV)fJ%rL1u`;?zjoCSP6~ApyTDjBR0QWacFF zmW=zfkXr_k%$o=<(-mzY|MoYau;S$)LY;_BdXIZi<*j926OyeI$!}LtSbISt@n%_L zW1~glOh`ZAHVHn!1kt@-=*4*Z9XJM$M)8V*Yk|K9$xWaJ_KjX zD^`ykY+5V2kOWP8Z4)?h*Cm#`eZqgGo88ch>LEK7j1vh40#+Kd`XC2gJ+dfdrys!% zx(*U|HI1h&>FhLN98Gq)1RB-F~spm-PHG3xOqROcnIo49@Tj1Pe@l?S?? zs-d24y@Tr(SyIHcLQB>?wo=V6^^EVgOuu-M!QJhP63+_L$!h|lR-JtKIGjvuI1Lg; zW~PLnt}GINReR`#Dr6bBVJv`lb+bNBp9O4`yk$*2z9_M@F~ov*EE?euN~)a7iRvEG zjUAmQ!|qc#`zUr#bemSEOF^sBL+QtCR-uvkLug?B+A4CsA7<|#IsH0|R3dGjITp}+ zmJ~X>)u`M*svEtbjYMK6;=yjut-KPrH!_qpAi}z%TMpjq{gjwt*v>f+T29wGWrsLp zsFFA~=7|)r{(z1SJtBFxKl}8ozmK{En?$VM%7blmS+nhrd*Uu18OR^y zA8^>?TdOg6*~95TpGsTKipX=O*BI)ZCS_X{Fo*;_ctB?jYxA9wi6zB5Y~OihM~CLe zQ*uYRPjK#e{BSDWu|rew=qnND4&M&ovpvLh?%X+jt{X{rCt2L@K765Pl?3T_b@eR# z^rz;fmh?~>P#ysRgC!s7f#Y>+H>XeEe1A13>eAhzi^Csc^yRtF-%;Kvbz0<#R2A2Eow-8q4E+c_$(}aV8W`^??D4ZoPKLP$<$bkw zv!fCuEL=Z?Iwzr92eo)~@S@hj*5QZkbN)xNxYw6nd=ctOQ**@~+>0xcUm+-7X~sv* zKKH#Nptk?8qJ5Wd>NtLI-1s5v!hVy)69zy1B6I($`gG%Eo>|((`1wIDr+qz%mqoQN zN><-KlJjnHdfwJ4aI6hY?9wufUmtE%dbu94-g3l-(hu{W`*AZfc-;y$^K$T$Mdy^v zb?52W>G?y~Pqs)2omcXiIPbqR`uwlAyUaQJYIv*Qv!#y90NHY-`8~((UqE5^ZM!eh z^AKBttx<^P6Tcd5e0#;cBvV&3!KIwDk2$2-)P%My89uI0cT{xApvL(c$#V9!S8Al} zY?i*4T=K=k;}hPIGXzt?+hj! zeI&ma7&2es`Z3lz0MhBKuxma2+#<~uC9v%Umf4TBVh(nA z!5@?s!#Cy~yd^pYgbvOac_Y_eJ&C4LgHomI2|9{4RsIEgnCt6lURh~n$Kec0^ugk< z_Xhgf5knQF3OC-nsY-Ih2504~NZl!1m}s=2P49Kc3O5%wiRIzEMT+*ysJ*?p(> z#qeSHA|75Yd`?e()rYHiwn+qoveABfds+7G=%!y=UXhZ;YtqHVE+rH5`t_=xEHoG6 zh)B(ics%y#k9=q={iq&fLvM0>+oXr#13``EdsZ94O5W$jk`sYFpY=gAL4Di(sWd&O zD6KF1D7J>_!gtyO7sd(}j`7+CnD2iXQ6s{8MU~f{d!jmIp)!5FMQH_C*IBG!C zk+kXyX(~5&byayBxM_)LQa`u!;xD?RgTnx9!yBS6PV8CYS=+>ZZP_rBUOblPl+K`7 z99;{*T4WOy&)a<2hD&R2+RH8Y>$zY|lVk60UYOGQfpc=(LT@m(dZIOuv3!p8IOsE)al??;pXxtpU*#BZ`q@Zc6Ws^ zs>OGAz@1kWcf978yfpQL*7-`|D(n87Jqsv-TQh8lG;|#0C@k?M(~2FC6h_ zHq<5*?stVvwh4-c9u1h0$z1eXoxK`RT7CS6o5;bH$!PHp7cgT3z~TREm>#3~_-lJp ze!OJcF3t+^^)*hC(d|*b7NZ~U4E!Wx5l@CCR<#$R%fudTJ*+!h}n@yXTnoB56jApX>PoNaX* z%l{?maXbepI$ZZM{lM^gi#Yrhx>4=Trpmo7t8$m#1G9BqDSBr1!PAFPzoIVAzWo|u zx8p6vNOWAl+jqRbD4%}t;kuB~z4NlDCg~JOn#q^Kt|sS* z*ePTG@Z0%|i9I17$~pWeo5`oeRn~7gLGJitvlh$B?kDF5?4ec(sr}@S$k49R_Sa^N zL@&DcK9QD}&hYkD=ImRfuaA!w5XH~(zC$&2csY*0zmok}0d`DT$TV|Zac53oGLo!6 zL(Ssgdb{P)E_?Cej=%rm_#RmvcsK!FNdE;XF9;pKb7^nLTyYMs(*1I0TBx0W!d33$ zaNE2>t()cUXoXAZdy`E~zn{GqB=?T->+AMPN~vFd!lk7Vo98#FV!DG-h8|MT%TV&f z&E}r9`N5mgrzC>428EF50vq$sE}c@~@C;v>?L7&)4q?YNBKi68*YhtI=wmRI;__0# z4_$LyqbsP8B% z^Eo6iWR@9*qs%0i6MDYCGlSUtz3a2*yfzH>p)e;K`e6v|HGa<-SO3DZT@C~U4HSw zdmpdn)XjcYm*9x!x{$+{E*nh28MumI{?atIhtZs$rYns*=OpIuJPyw@J^DV>G6mlY zz=y@1@t*Vh0}&SHm#sAfe6A^6mNR?_*`hUCtc(S%+6G5GLL>1#qZNI_JfleN6>hwouF9$!OpTCl~ zxmf$z`KD@F?FWO-TMFk_qRjr%+u?INaql}rjrjeK*M{|Joh8WcW18i5_IyFFj^*w; zu${VH;(0&!SkOv$*fQW)I%@q0J9@oaQJ%+(x4u*M z>`+nKX$~{0wxBwt;>f+O+GEVUUqcBh!OMqKOGZ8iC+|72zS_r0Nd28*UB|idz8t$f2%Ek3 zORK}_T7~kX#-0S#BoWOA-##Qtgz1TacZ$O9Kf$S?GGcQUT&GQ)ml4$pOuAzbSJx_c zWcmvy2cd4Ou;PPA&q1mDUsP*n7_W%g2oDt+!ho+u%c2(#7kZ2<5+* z;28g8VJ>6$@kLH;W|-4y-cOcFa}!&>3rR@1@b3SQwzmw+YVF#ENeQK;TR;S)M7jm( zP#Q@ILApaaB$VzB0ZFC1TS8J=Lb|*2yXL*tdiJ~be)e~~&yV*w?jLJ8nfE>C6=R&^ z9OoEUaD$~t=ZCv^w=+h{6zVx|jj|t!8Hjz)WN9a0ldmeR_f_vhM(<9*eJyxoo(i?KB!-7XQD^FI2q(%1g(XI`xc znzeSZMOyU|Q`qJ67YS!Olci!d-kiI!+_d84jDD3Qz+dkk(Z$yWkEZnL`?|c_u5Hm} zFv;ZeTGKog%zxU$0(Od1BGyd;?FqFbJdEJ46hf(c3eN@ z(i>d+qa9wXx&4|WSb{4pUFzzIq?s?QbX;rix4Fq1PVe5Vs70}>2*y#X8tQi0)v$Av|PW~Wv+pGB*)(5>Yk7+`WwhZ zI10kRgV(j@@D50|<+3jgwp|mN;|3u*Da;{dgbECARGs5`ceUE@Zf$^Ve)WmwNd3RM zazN55FAhpv8OkDkXb%WQkPq&Oe$01DFFAqYv`Mj16iCv9XZmJ)>gc2U#Y(){4V&^; zxnWHFLV%(q9Vh0blDWPurQL3eoi&;~Du|07sIDf4H(m3%+J(D0STo$CHgM1M@%0yS z{qvEq;c$3Z|FFXA^%|eoJaNAw!b9&>A}V;?zdlkwkPNiprZ3A~8aSmq@|33?kzpd{uDV zt@K44&8Ho`M@wJg<{k!}>}o$Iys4aTS9m&Aa8TC2BmD36aR$g;yIB5 zyuDP}+O;yOt;?LM1(LZge7V5#@*(A?dY#e1nJl0Df}FK43RQ0ks6`B)#VlPp-WaXF z#&|U07g&R?Pa`s=wNT;KitW|arHI<}C*}(flQ7!KrL-k+n#VmkkxJnSexu>Hu;1e2 zXLOtw871uHS=|0B+7I5>meXw94xs-sZhE*z6{TDS{2b4ltH8dGp9y0VcoFIknpcD` zI?VYW48Kw&rW*GdtxpG~ibTZ4X(>=1~ti>c1&V$B&5;@1DpyH z&zq!EI1EQ|eSc6pY&He2t`BGVzT{5{3)(}XWpWG)J$tx^BMb}lSnKu(m%`M*nnZ2{ z04Q(o(b=ye*ZZ|zcY57}APu87uesYZaVG4GW7Edbl<3%OZ;Pe)`E6H9ANG6O?|ol7 zKdUZ~ii?fr$Zn~^U5>IFB8lD`Kp4WlOM2#5kgb@m@Cl#!F@V0Wl1Vv?`}2_AMl@K) z4JR_WkWdc?hmu@4B4s$PWuAsA#fc-FLT)OYPNuC@=_5KpjNMAF%odmBm@_S=Ynywm zRpaHe_aovL+vS7H^?R61UXl)bBxlxENU95s0;WSE43|w?Z}q_LS_!5%+KlPZCC#T1 zu++9#)!~09=TFA(*>8L2e7}+D+ndT`jr8@oo_$vLlQB=n7Pu%YouX-WYlI=-xuY`M z18Px4#4<>Q@~_VJ3PS~Ib^GWbz>k9I&dgtBZC^2^4EK?Eo)o>}5!|=Fp*ed09AsSh zX{@Uc99$E^`%SIxD0_4!fAlLJ7r9~adfhfmi-&cbgiCr@INpd!!o6|EKs)iN=_@nt zTLD3vYTzUNazy~l3+gU0-?=xi{2Ao-zDkPMBt;PAD)Q-16qNmTAtFW66K%QyU{sFI z)v1iY+aD3FLRh^Od%;H1?D8!IH$&ejC!{H&zoepVJDw_}*5@I{%wkoa9v6YQo)m?2 ztWZlmiPO#DNmZ`@9uisqgFilN>0S!obsHaRShI7%6WvO#wO5APd7d9gR$^lM43!!8 z<~dT#?%~Zk!yO^B!WTLP0FDL`=~`3F)^pnZ+bEIiQafM0edAA55x2uo*H7&u#`*m8 zhgI;7a}5{IoaY3>1IaVL>C`#IuBCag6u?y^msIA~?so)7$6#6A)K&Hln$wblaQI_} zJwUd`A}%#VFT~QgE@tbU70C;{i7GZmzxK+qHa=`%J>oIt1#!|4?;Yy)Mc|c`EulBi z#VlCMmDzfA^gC@#%irKFnz%S`c4*L?>d)3WmU+ymNyj{i?DpAfhC3#9l=8L*A@PT; zam#0yql(5CWjP3^$D|_dN*Qu&-F$Y@=01@=b+B4(5-k2IF%5@STQQ z`^Ev+Z8ro>B?~-g|M9?FS4hlCpL$-SchGznpVR2OpR@-3xracz!h0{O9Pat}kAvNh zd!9drGDm1Df)`qr*TFVE#o62r75!+Fjz_OhAQ&2;1`hAUiDK0g`geYD&YIE#bIgUhA(9m5^Q#X>9P&NEnb8}hD+KBD8Rc&@KUsluBo2G;P-56*n>$@N&j z-A=S=3M_`jxC0=@y|~z-1cigmAUaSC-Xl$VCz1H>d4j->p15o4*V*MGYNLC7NT3}O zG4=g_`NkkIgaci;X`Y{`c<*Sh`MH!G!iL|Ee(ft;=~K;6+x=bJnP5|8H6~*=Ui7Cj zY0kf$je*bgFb4grqe9oa?#J>kazt+~Hx=s;Q1d9ohaPo>L`FmiY`#GyHhlXd9`5;J zT=A>dsnfg`>#r=g>qJrbNI!@4P;n(R0AhPv?}!u<&v^-UC34C6&KcplhbeQvJ~pQyi=E3!b!&n1hrGi!mACcC#?) zy-maD;Y}y4gA(hk*E=v~ku%2Xs}%Kk4{y%O^lt?!8M>wN@aFnBXiW0N7*nDTs_8xx z<|9%@6#e3DY8=%_pQM3!R`c1v*(s|({kVrg zDn0%Dy*s+dRzJQ#X@xAX?-T_y>HU%jrP2Uz>P}UN6t z@y-JBQGD-!b^9^1F*;gWaR6?e&rQ3;Lp&;aeg(o+XwE0&!<*^^)ZKKuw@N}_S1A1F zNw{jET3>cgbnM{N&8zON%*@RN8M0S7?qnWUJ&7Ezk>!4Ode`3K+-M9 zuH>w+Y>8NK(1@sYFL^bs2vuaM#1!>q%N&qnfukrR9FQ~OS+pL5l#22Tyz_b1rfa32 ze^T&PWjwA<)NKv%=tIJB6|ozvPbSSFZ&dV;H)@5~-DjvWpHaK`aGi*fphL*M>Fvxh zHynf^oA@jzu2HkpAP3h-OisNkgjf*MeF=_(tVk#C6}4m?oijz_6_YKrD)6tWfejp+D`rfut4oruL>>VIJ8p zAgrHPJk=|dl%au?6Zh^c? zXE{?5iH=XP!(4iq8vbnmmPKn951)VHo4NW7at6+ofbpS`W{FMag14`${hCynQIE=v z<0^>lGN1NXK_L!K&dvV3CoSz=>;NCXMD%yKitjh0#{O=G;b^PGAfw_YrR(wsIldB~ zW6yj$zTJnrgt@pOYV@E*Bmw1%Lyl~`QlK~~nrE?AwRKPb4=GU#?o(wh>v6fwU-_2v z?Ojoe$PlKg^Ess{*+G%$1>Pvzs__FZ#hl)E?WQm8eCBG!QJ~7Zmpvi{j2+Fm%bdVtkfJ=197tdZ#Pnb)1PgikURPbcM^-u=G7Sv3 zr9!_ED17_W+8ptAeKg^~MARDD$)Nqxk%hgo4q?cJ#B0}#fzMdW3>V%Z$56bd!80>?S9V0pwe76FTPHXU5(vl4cK`}TR zR7P`UorZ7UuSsxP{L(;ktl{^<{{0#xlX~L0iyx3YXOrkE2@zBdDTIwRcr4XWq6ftViZ z^NpXFkefQFgt;lRoN!lWw2p^h54iO#dOWwjb$8usY>PVX%pPg-;P1wOl967s_4M6g zzGW%jd!y5qw&}Jv zC+KMNYp&5vH5p?*5*A|Vz?&LkF7B3-Jab6co+|Ht2}i>9+zjDUXmTp{;o-079yej6YqWBn+ZBG{nt;Tvks(Guc{35Ca}7oX;gAlP*zY5>=lTF zjoNw2c2vMs419>$P5GgvO%4o(m?XZ*$Ao$y)v9km{RV=&WPP0au{u>I$=bDn)ab5E z`E2RvSMOgnH%$=koor2vC6O$WH#^J}yh3&c==k+p}NW}0{t0HE5sw}_p!^Q|` zTQwgjunQP;mvq8lDcKs}I_H+!AUI!AGsC`czg&+oPREAe;` z!e1P?$W~xJ@x7-gF_MKnZ@`dV2#}uTCT$+ql4mLhAJEZ#y&9 zefu~xIoh>lN`>#_>F(WtChvU!=#v`^Vt40j=M^(r|@nWVWsmWf}# zNA6;V=-V-pt4I%=xf2poI0@$)r`_os1z#53h8oZo0I#=p|9CVwTRa#`9t-UkUR$@R zVdp3OF^M=@Y23n=I>)UE*)THRm~}2B_F--)f9Nrq>A_D|6OvIih^=v}i_?=Pm|PIp zdgX^D^eS1k)#S{iex+FWE{e;Ng4uI}?}fvZ^Y)~)LK+{Pd@@($Z|eqXh$-_6#6&09 zmk1@JMn-@5>gHm$&_x$!<(0yv}`fK`h@eRbM&q#bI zCk4#UTxKiXs`-BQ%@T)t7O2*Tp+6D5Yh^di{-#yk17*o;JOtHQE_T|GiFxf}>~Q;2 zIc8{RQqASCT3kM404U=_i*c{}_7C%%frI0*F0)Pq$Wc;V9eJ|v<^lIg)_(xdUQec9;PQSX&E`zA z$somR1jif8(1W=rYDEb#Oj;7i1R(b#!DT)5r77_0WM}CxHUBEL9-#iWjiNlq?LX78UyEk;BCgO~xgs2XS{A_g~>(m|cdcI&XBG_O4LLe1UV>6M&hB}Ei~9?B-Y)xJKHeuoVUkZ0(9|z9oA^#= z+!ymYnZRT)v2ZTly75FU1cbSl#{IaR{1@T%&N(_WTmYh^+nsJ}t{jQJ692sVGY7PZ z5BuT>sgO3%MV5vT&RM zE*b@klJAxxiaxyWO@@aewd^N(m`q6rk|{mhkz4p)PTJUDyCe}z#IG=w$f(L#=-O4B ztJnu%{qpI~%w~jH5&mEzhx#h31{IV5dqx=_w**kaYWxr7S|z&oK=;CkE7VEAtOamn zA{gB&vrrOGx%0!4-Orr*?({9)8}4vin1YvPcb+GL@OPQ*cjudhBVQevIEy{sAcZ9;W1`^y!7W*R(YpEi@Uw%D zc!=FUT7dgoEEBfgK3}(zM&ns*zfGSUK!s@NBAMq=%NolbR5~0pk0KZ*67N{0THMzU4 z%wL_6>%_2&-6N#5+i#jRY+3=KB>U<$jm;Wmke}sLL9D;OKO`DlY5O>Dv{AOwD~bH) zZF}zeo&Z%{f)T2~QU)8Ug5fRP{1B9db35CO-r;wWO698@yTpkKYZPq~^+V}fOW(sG zi%y|*iaDp#rp)BKP}0|vhh8!h3YC#OElq4A)(Z0psNNT zI#r5D7kjbKcA0zx4HjDI<&&P{@*39l(G{u}$AJbRg$XBSs)hNLg?GJPs%eB#w2?19 zqF>Y@-|hNA3suY?qG;hSLDZPGh-tvrB|V|HVyTBby%ye#io!wTiRESwGy;1;?dD`8 z1*c03f)C(LX)caZh0Tt0K}vvt;qvxslM1PWX=$h&7+a?L=Nxtc*)p**v+bjEw7*9~ z;EoGonPS2*(9R?UCBlfPk?#`>Rk@uC<~;3Dfa3DuY*<_#;}Jka=X75rOOE`?gv~d? zJ~)c*%Y(@X0ctbLIVqlpD2p=tH$}RYBXk7X&S?fQAN|@2REskg;V(~JX)pIuN~*1v z^IkKiUH){xpskQr7VU2Z6eHObwn?C1CZ(758yi!4Grbn+NH_21yXV5;@^PnYlYhl%-%k{#_L%liJA)M7!FgC3}%r zmr*j(EtRBn1#It^DS%vc1A$6#=5{1ZudQ zaI4SNC(b~pG;M3-X}U6bhEz`Lg_clB>4YwlHK6t~V@c+k*s=L@qwNlVp5W*tYwBI< z_2K>>#EZ*hYZYz!Q`-e++Iq)u_iuqDgFF?*4^p4}!gDJxEuIOYaRj+xz(w!mv3%b<2S;ZJ+W@ixl=ju>eY;+9r9G54S|AqzS~TQ`0bKU{^g?!(4{i_D`u_AIEhda znf7}aDv`UEqp%z+j`>Q{aoV+q37as$E=h*}sHLQ+sPTec!>@aE51`$0B%8(eGbQ{s z@D1_z>UMfYmeu9)C#5%zIT;kb%rGVpB|n%Q-JMP6<mk~QS1iyJVMwDIRyq! z2JpoBkMkw!fP7}U1^qQ*iF*e_?lf%@zq6I3kerQ4e~=2ouoO0Gp!cicFE7WM9mxT6 zt(d}-*+KY9I3)hd%XxJ}jMfDpgdV=V#2}FwFVZvyd0Unz7=ae8zQ|(+S@uc1_HlL! zR8k#@k&$bCjcz$!cQzZdh4C?rCy_f#_>S%GYxEn8j~>U1;Qz85UhD+AO>5AvB`VBp zX}LHbOd*I@#}Zz&9eMMSAk6I!pro1?g*2bLe1jkdK|L49&t9j$kh%JE!Ej)NXgKOw zVLqX|dwY=!5_Nrs$fZ8WzUH#=Pb1@XWf+Znwr!FnIg*tvBhjzQo>Dr9}(!nNJ?Ex<197a;CQ)Taz=cNbQGSuGaH*kkM z+xKiu*#MPEs-%O|EE{PKt3>DH?OhJbFMZG7C69+=s*1851D$oO)B{|u8vl6z-10fApK!bfj# zgV3PoQR?KTbjRG+EYfW3HE!~}IKSViGG}T*;EV_n{-zyvNfY=BKE?E$UObx-9kG~9EptQRU7BDdENS*jDrc?{%YXqeALd+fUN&X z`fS$a^%qQjpq9yvVNvZ}$=P_%^1y38qg8Af_z6ZsJf%+mPI%;Dg?S78EKzw1Gxk08c=J%2aC zhsDl|ZbL?h7{D3=DVo!V&fZ&w!1s6S;inS$0lk&j5T0-1fE&BM7*!CKp2`GEst(0V zuco6?R^yf4Si9S6>)x|~hqzIad==JvcIUa(30y$RQ)6;U(wt}abxiYaz1pVpO^WG-XqKY8oXaW@$IAo_{ z-RUdLRU}#R>go4ff1a0@5JD_CCUYDVL1t!Vjxay%2NZhQ&9LP`#jO=cVde5X^IDZW z6>NOk^8mj5wA~8c^w(?=s)P0?VbcDCrwXZj@=iN*I~r>pncp3^#v?!BGxF4RS*XVRB?bSywHH2b71y9&VEKaF)OHOy-;1 zw6fgp-da<4q-FXb>^!HDPvw#i{x}#C@~~(p3FffbO~S~8PSW}txLxFJ@IW&gn=@f8 zMFd(A=!2Fj0wSX1)L$g8Fj`Gw41+}JX&11i#o;tAk2hj}l)JS(jsj$R{!e1*=*Ny1 z9Jfv@y{bJi3|Y8orAcfTzHrzb{a<8lKDCs_vKw|i`7DdAUhjDmfE#L0kX7}D`)sQf z!_ujkY4Z*oZ$WFjxK`;Ga+6Ow9hw2oo)YgSi(dOo$XdXsUmli=M2~Yxu#(~R?XliA z&VDFf!h%cd<4ONChc2e+5aicLA9+xi#GX2~`hJwz?!~*W9f;A6t=;|AP|s&T|NUx` z|1=6jf4l9VKgb2zO17g1ov}btHc?Y|Z;xZL1TYb5BVXmSPB23X>kgaHKEv%uwrv)l zt7z%X*LFFd++1PN0v4BLkNJ9Mu~YUC^xxs@Fe<9Rn7^1P)>A+7Syys6;z_ObjpYM5 znJa>>d5@oBJ2k?6RPgnXWb);+cfF#o5Uy$Wad_!b6GV8}ftrm1OX73lv;Yfd)m$at z&c15=WQAc3p}W|=*ayCnfvEs}d($Y|;8@BY-p=g39YBa~W{`+&chwZL2Jqdq2tWx? z8qed};=O_Oreq8+Cim_A(KqsZw?@Bd5+;P**~j0aYS~{L8oQqFH%GDPOg{k)U1mR9 z-7XgD4&S75b)YvcG>ijfO-`31u8z|1T2?B1H#^IO^zG#qYqvJei=VqaB{T_m=btp$ zwog;}z4Bbp6iW%}{7YKV=IIh7Dw; zoA8lDyo)6D#l3)V%u@w*5#?OYJW9;vgUWy$WrCv)R^U$$vV={A`%lEQC$Ze;ms&=E zI9TG!qnICSNRyD=T{l5dKb5A=^&_hr;z-wT#L~jF#c*~n_!%%7Gj*7Rsm%mmY!~=E ze{0zL`KWjD!B2;4NbVj4R8W4nSzz9UQ@=9Eb4J;#b-yTdkEI;FeFQAhFu}IG4~G8_ zzubp_6;;>zd9BmEo5&D9(Ln}oPcYn4>}i_w&^9@f<6v2(yge=ycJ&B_pDlx=L#=OF zaBvKl!D(B^ABg8C>ckTVNx@C$>|E}R{HDSP^PcDYxQ=ICE%Z?FPrhzr65smgV5IFw zAVW_mZN4((nXp6{e}q+d`?UV#{cp5K0Yv71dZOvi(9|WX>FR2%(z)3peU51Gh72xn z%TH+@10d+&b)vB7cV2EEPrQ}lVx^od^;Xt;Q$Vt5T+A|Gii`kvR=0J%06%_yj_+ob zRY{LT?z|q5h)v&*sww&@e*;Me`R|)S;5A`MHIWze*r28IXMZD{Yv%o-1CuH`{>Op^`ngGQm~`vjgtUV+J0kvQrOaruZ&VR`#}CqSk3AsXvWVS?Q~sw8mr91ji7P z>N0ys8xoAUOb7ivwj_AxMN|Q6S(uFlRJbI zLK_qaF2Kz`FJba<)S`oyaVSaZ%>oAhuZ#NJKn`}N3pD>MApDF4#A}cL!O}8lwOw(= z^^`RL%vlGv1_A6x;T3@KXyH%zc^@4CoZ*wZeX)3d>S{&z0x&Pc>;^Rt88z6RObwaDWr96RBf{{6iJG^J6bejqk`r-Je4m^g|m^TJeKiEbO zy(P-sgGH3Drve7B79O4Nkhi4veeL9hM;GaKB`kqn<*yF`YDXU2ag*U1(p@6H_3h3y zv!h33#M4dT$Ix=x7uWBJ$|*D2Py$kp+zRsb!jc@99FBUP595cNM>t?$Y%1qSinpE6U}!q*2Y5dL?q#hW4Q7HXEp4`*tDHNT40 z6+aQO5kN6?Jox*?pi0~Tl45F@+8mlp zkXRBl3IZD=aVZx1*~K(aShm!JrGW^IEbMcHWbhJh+Wo|Z4mPtQ7PxGndTG=2tn1gL z1^?bl*v`>U12ERrsUZsb65m9yw%E>uW)z@ntKcOQOuCt1@0b8Gu9S7#H40y3KV3i% zOI7lhxAx(rm?VLIaEMOiD)aA)-bg9nW*dQj_w*Sz3xBKT*`Pv$2b{Vv15OKcA{}4h zo_}~hUuv&JOM9O`1bQSXsxUwR@rChwSJVIfUbrRVpaD?a{(-^YiwHond&pLD82`qY zL1tCX`_ymA2lizx4}h8D_~indh6rdq%0_I_)@3JzLzfXg!=gMKjU}INu#wgQEAXF- zQr=tJWQfpwiXf<=+1$R3r7DJ=$Y%lC04X;EYA~~<3T{zDJNy89GzElrJCYXnMNmxk zO2%MI;SLqN%=NNYLAZXRM$^D;d==hW;Q31+sCX^d;!fD1*zuFtjKb#=wy;Q*(=!RLRi2q{^l%M(`43Y6eKaQOO&B8w`5gO+VY!HZL9MjIgOc)n7 zwEwMshURlQAbkF}Ll3sUz&er|Y_ov3n+`{sd|&hodg~5ESPlp8KQaIvg9mKZbM8HH z%!Ln`)Sh~(v8DYo0|JJ_(O|rhqW8*@p;dd6)I<}N=3}4eD~&j%sMx^xA-!uZQ-!_I zC>UFVB(^@-K5K#YnebKYZDHPx-SxTcRP&wpuWwqCQMA%up1E9NG|xA>O+?arp4u$@ z+C1LiCF6m5T_3SS=C$ zTZk3h?#%&q^Ho>-N?$xguLuyFyDzTgD0P0C=Dx~yM`i#CYzM5ZuO9Li#tn{JaTe1J znggkV^sIDl(z=5ubq|>@n*_jFFQux;-5yv?LXd7Ns-`yR|>2jf*(6X+plD5eQ8=+uAg z0f$;L0EKSBH4wf5;>xuriL>wl>K<$2Gvg7fEOKJJGPq;F5E}RX%C`d&Fdyt=aH<>~ zknqF~4RtwXyd|c^UV_#?8T(&j01sr+G*tDmp^u;iMnn&(wHNjG^(w7qC6@oHNPe+Ts{axrJwk9XZs<$@6fO*p$78<2BBag3^6#Z|K-215h1IC z_)3!&wr*6QT_fRE%g&j3DzF6ue&YZhX)JXY!c3wDw86~>%V(ik)Q1ZDIXxR-w%0cn zGW>m^|6PCF0>Db3$5Jcy(BF~9kW%XbI7{Mv`Rd`-UUOf{R5|U-PY(-1L7iD#V);Ai zE2kY=pl*np-r4I!Q-vcj%mG!ifUYrTI2o3-J6e?oGTumw`6itJOyZ||jb~}iPe9~m zkP3`q5zQI~?D46Q(dYrR-P5bZR=;xEN5yP&)kxz*ELu7e@}5DL*J6)g*@P zIZg45-?-_( z@?pUbR)D+g=!xFEjE{N@bg@TJQPQ&A4#+Dncc*(st)+P=*sTpP14ChVanzk^y2e=IL-sj%{UIhX-SO3%a!I6z28&$$y~3Fcj)y? zY+Bu+8Z$C}CvBx{7tK-`(3c?Q8MTm~fckgc$Rf?MC-1r%hgZR_)da!*w_A=8pe2vl zKVd3vcm%rH7s)0HU+?=h94kHRN$8T;7WhXC!0y+#C!q;WEK=EdIs43HVEc#t)v0Cv zn{RdQ*S7D`w#I+b>%9YE(qk|i6M`*QFaXpBISaO{&`Q`$LD$~uVIkGsp=S%AiL~z> z0}&jwF_An|+XKUYfKK}$d;Ks1NONDq2MlhveY}q=q@MwbuGL7m&9XhczyVFMtmqqm z+5;iS$m_P7a`=9wFIgQIGyqwr0&0==YNWg0ql&^iHMd}FV}T&4C$=x14w!4q^gq#x zLJZbC7dzkenpx&41sSn+=hd5@R`l^+Y}wZXXVa4FxYTvm!&JPi;wiSaTsXT+Q{k9g zbqK`Ly`U({9aFcXIz`Y;jjHB+zg3J5b7zhs_13;=IF;Xd`D!n`HSyGqS1k*(lTGar;MnTT7+_^^}0a<;t0AQc+!496 zrm*Q!AsNtu-c0L-Am`N6>W32R&4wgSrSQyb8I|rB!6yOOjh+Au(pa7cNC|uM&8$B` zD=nZ4;^_sEzFzjrzPM*b`&5a7CSlq&Hm`L)*BbQ^FlRgMywS~6`L3jjrl6Si{54cp zP<(Oy-UP}R{>oP_14n+vEMRORz^~)b1k}f1y^h-$HF+{@7E}lhxDg3%1;?QSEyCio zbyK2ZmF3L$O*dc_>5@1=VK>Otf6n@y)g9I|lqt4yc|uwM&WA$uNd`4L1-Ed~RXfv6 zr3q8z?|6|ss0?WCZi)di&>ZXLb=>}?X*FBNV82#_{u^|xc`4y_ng8@njR+c&tBm8; zSp0;pn|#~VS-G`-87*!QH84}`NO7G}5Tx=3Q3~ol=DQ=FljbTmLh zy(O7qWWKGC?&J`tU8URV&R*TVi1{owvyl8k$2M;&X{=CXcKn+jE8x~+je2yWns4iJ z{o}MM%^1cCRqYR$H!puL2q&}Iep!USBihv~(qJd%q0)}c9kp^c1xec&!1Dh9QpaDJ z_H(%I_MrDrJcr4E6lej8jFO%Cb3YWHL8-$wQQ?j_5n!>ROSIbwu+*8F^_$!;kec0a zy}xVahCx-2>|LA-vxO##0Q@B^-RiTs{D`ZNh7-Dx~xE-|li9J3yaSm1*=(8gC0-x^g!_-ea+ zB-6tUk}iNUY5WaJitqjr6W=wz`6md{q4I|Z6BQ!Kf+{nHmEJg2gZ|x~bf*_T>cF3l zl!$uJeHC!p=DBbmq)6m5F2gmHxICTNL)u~0{NnGhHLhC95BkzR0L81IKA7Mo+$Cte zue4(ZDNOnT^c6rm9y;^!r!wovXud3tX!Z&1=f* z@iJAW_md?)&-3&^4d}K#-T5=i&4;eQs%KSrEPa)K2FkLb`sT8CKR3_$cfCNh16|q< z!ynBewZ;J4?R?epuO5iebde$tAP7%g@-z-IUEN-lO?r3PgeX9az5c&>Vgt4zGcgS?Wrg_*>|y6O)tsQXG#sba}0A8l!`Q7Z%`0?6_2nj znckZyE<~J;aG2f^df^4o#`}pTKV19oDy3gk@|9kW7FWJ_P@}oyN*J$oH zubDswD|kytk=&P{DA@S&09ArI;AsNG%Pou`E-XZH6@<1Z;9aJ} z|HV}l!Ac1C{(Gc8^h1CLYi~NxM_m`e=6(G|oCTRxt4=()(?#Y6yc}@S#unoKOM{SN z9?lN5#mJF3*?j%Uherl#?&xx004adF=h=n*_kTcvO8L71m1a@^d-*Ej8Dp9F4;4U8 zIF411T9$xSY4OP%sEoNXl313b)4c&KbszmouXN)F$5?MWhaN5dBT#XLh~m%BG7EzE zI>9lt%7ku`Bgh%8P0ds+;#9VBlTF@Z75ag7U)*hcx zO$p`G#{i+jm#x)#OZMjTnOWL(569NtJ^VgnrATuO5}TmYrb;I!!t@>?!y^D?)n4=s z=Zu+;{|F(DEc2Xw6DW*-E0lW6aqR_q-9>}*Ryu7-$=10{_w~WPv=Qtxy> z8WbMOf>tvt!0+RZHwNM^f)4w3VeX&;CHlh&sZ=LAehgJL3H@E){pLl`JE*{KFSlAj**djn!3hg|Ks~GH`ds>d9y{i%Nb9m0TsYxuGN+^EHn~fDqm;^5E#->Gco4fk3yenRcT{V@;(BcTq3}^pE3aO zlTH1sz$4Ua{GbY&Cox&RsfG;P{a%JMX;%idioA@0fu3Zz=Sc6U2zFAMrknMEe1eH4 z04o|uYo&p|iEY6^iccK{y&+=HvBbY6b6OVM`rp1EsYnzdLPdKt!rHL!JJE_*x&`)M z&u?CPm9(G9)jvR6D$Po}kCK@dsC^IiMKsU|cL)Pyc2KOS zK?6;j6e<+?Zsh>_!4=Q@beXk4xjM~gFisw{KVJ0SmWCq<4EhNa+@J)yCt6W};7HJI zx9I7c3Jsusp$Dr_h#h$o= zo}YG?{qI46Yx?rx3ez*kUZb8^rg%mYgdx70iE?#o&|{_IsaD;u92wA0h{hU}(UM*K zxkGH81^`cwoJd?^AO^oLUK(oI-fKDcC5NxbYNP`#Y(5Z!k_B`Gh?=RkhGH06=Urg# zTb}k<{}qDVNc_AH!>Lpd#ZOfi8T!`>r}D|50~B+{&Ihg(XbXISWnp9%yHvs$VLJd4 zBmb9$4C03WS7reO?YlR%|49aBlAGcId@2C@vY=2%kidO$S(=!~CgOLqm!3?_`767| zI9VsJDlJU1^EXZw^Q$#oI@!j*&(X@PX8ER?EDLF6VxGuMxt+RGL%4Q0OH%sQdCvCY z3N*7Z1_Hb?m*Gd!@hsoK(byo?>lu36UV)U6YP}B{Irjm5Tei!=BJNys`epQ#)8aJL z?=Li|64YRTfx|)FQ~CBrb-LPoYlI6FykU7iLX7Ne=@h;#rA^( zBWuu6>}H}ulLN=~#k-#&4*5|)X0|`m#vLSf3*?nl`Xx>~d@J=H;OI}CUJTHeb|77t z70CB&uba%q%o3lwmL0aUXqU9uKFPqOSuIWf3$9#U`O?9nt`}5bx&CY4gRLLo%?*t7 z>f~SR*#?$HKws!m!GxvOQU8b6uRGehh(NYk|H-m&Iq8_3ZI+Ly=bd*j0Pya?%Lyb%|V%KAHh_eaXBv8#oy8M$lrbN zXo^8m!^5Gkmi)CIS5;57+4O?7k}c_b?Fh44$*Se1?4p>pxDvS>KgrHqgD#yQmiKmC z4%vVz_k1#rfVnpUU2<5ANfx=~ll*1;E>FhhF@bg$^g@XLKMK{0{krvEHNN4@SNm3g zy9PkOY8xrxe2uNxbd@X9-bT{2*zI6-8W6F4hNV8>ASy3|yzdYI~hYb-V*RX)X!&~bFAluDEdY%t9MaTaflfp zfA_aF%u(MHvfKU5o5=IFAzLc)1%A2tnHBLfqdW%q_5Y8#_W)};%NIZq!Hx|D0U;<= zDT;tdO&muMsfsjd3Q7?H=>kGP$3~YfT|tyCT{5;SB znfagCjC7n5yL2(}+z}Hw_H>U2nVDA;sxJ-?23%i#z|dBrE1ImE^FWwm*k{8}nQ9U* zs`E3fOam0CN)uCg6p<+P-))ep<~ylLI?fH7sdfVm*bP_yf3X|FJ^c^0^=8@_p)q?k zeh+uB^Fkr*V=bB`IP&M>;RZ-(1;IqnUz6v`DQg1amLJ2Q4ZIfWscQ(7wPhPL()3zG zq$adwy&}NiK>`Sklh(c5c{e^fJkm~(*@6Y#s4z3sER>)SuvcL6R~Iln78$ItE;ET~ zMg>|ZEM`uCX>3D2$I3(gnCH0+d7hzn$p*_i!HhnuoA2-#MMRAs-3VY~I|R+X_Cp3` zckU~Lsa_qxCg3tVy#M&kj#HPm?HA;ak#f9rw+T;iS4&ch8h-b-RD<)R`^?bRWX;qt zUyjves8m0{b@9N~7Q-6Vm~U_IEuXM`NB6MS&z&m>T+c@ES{~_^2~w*pXd#fM5WgVU zL#;6oK@I$JWnNR|v_~LL{v+#pbF`uy`|7z4=B*yU4n60+7q8O%6@Fv z$fKDO(w1SR_btG6;j>vn?@Q-6xtaMc0zZX`E~JzPLYiB6F%Zgy?ee40)WvA);+SK< zmY@N&FYb`lo`-D35Wcs+yxv~TFw>!-rg+~wbO??ExplS3ww;$nl=oc-%uPMc;03`{ zg5xDis2)FIy+Zf&xJSuvzYSd|$4=ej36gTWq0s+S)T|El9lJ5%rD{x2So&q9L3zJK z7>MP6r<(Z8k4*{sIy#6*KSDO80ory^7@{-HK)~L#B?x@P&!pWs+~r%KH03`x7PGjw z6{hRFC5maTkjvc zV9dpHJ|qxYQv{v`4ODq6fy%nJyfAs?p?-?CCt%cBsW=A&=XeA8EU zjoWZA08B;Rk3$FyvJlkbha!O}NGzRC3^b_;Xn^B5L(XNxDTVtJJ{LR3&5aX`LJ5hA zuVkhx8MB?hLdm|KxPZOzh^5bG=m> zcWN-(Ss%!{`WeBp|4jk4lFPR}wjHEK?@u4;2$hkTXWu1AM4!5cQdu-}2kv}{cu9bq z0qXX{Cagf&D}NmG&R>+Ev}}oT4ki?-ucc`lxxnNp3!$f?*HM*q9W+h9(9KC2YZc`- zi0gp}FbXH5hzySm!?S_+3jVcl1d}j|eH?C*nsnlLw)?ic-k0_?{lcJ%mU(b_wye1I zI8OuudniFC>qnj+&K{K23oIvY2TC2B%xS@fL(-=XQas9AaY(_9eYACplkf)>6d zLge0hGm^p?P$dbTgEavHr-wAK6hTlmnMXw-$#Z^%?r?{Eo7KyV0}S;BFued2fPw98 zFc4o261z)_hk+fsCm~N@7U!$+@C0fbYz4fVjnPt$tbQb)i`r9UBz^Oi>bTc zQ_glKac=CR9#kzPSFm}oFGdWv7;&P=<=PSMEesM{8A8F@OToYI>VR3zK!5%>KbI(y zBV|^H6={~fyuC*|Z9$rwX*ec8xC9<~N1VqR*^C9c^~M4vxF78XM$sW}xq#uu-?2Vb zx#QdFLXXW@Hzc?W$3CVDfLgvZ-(^wY7V~vE`jkcXLAg6RkFi`ls?j>A`5Ss`F1%|y zhtvb=LAQFl!G*|l6qI>a5ERiq-Rmj;R3U&}<8be*jTfgtlC-v}e`jKXfUzsIw6wjk zHF*kS4#z}a3xduw-b#pn@@4b=V>aJXG`%;^l+G^n)Dt769FOuW^q$InEaho48u-?K ze1VANEM1;^GIg~t@#bd*li!Xwq3TE5!!)aehlkZCch8^3JNz%q zspY4M33Ll^q}J0#QM1S&!JLnh{;i5?U(!Og#1ov9_eUxkZp#BwVjZ`nQiGXWe*?`< z`<-8lTCO(0LalX_{I_Zyjqx&9nw=onihQXv6O|f55I#Q&gH-lDDmlgX$QKvLbG<%f z28Q>@7w-FJRB~G})@@2Rl#e&)!b6zZBK6z#USdLzDt?Rv^Y5#K9mhJ(`&Mh;Jn(w}2jHecT137o`Y}Y7Bp{AT@Qt`fl>nS5s_MV(CwxS~(r#4Gaq`PB z;*(p>Oxx{A9A6<5kpDRrC^9nlSLU3*P2I`wz-Z^pZ9&OO-i-JsIDDW9$7 zbBr{epK_owqAxhp$*t&E^@kTqa3UI*3zE0rjFjFXdvhx-1cjBW6}Vq{xN#B2olMOJ zDOfG5%=7)0Qp)q5&-)IF<+Rv6Jv4>zF2VzN$5R3~Q=I20pNpAqOE)a3&QY%MNlX0l z%cre&D!VVy{=(0kd0*-my_i^zstewC6VgAXd~D8rS>u!>YGxX3(W0C>>5!tSl-H>t zluy6!So^jP+UK-(TgBq_LukGR-BR45xS*OHJnIsk@n);yLUDhO>oLMSdFb8)l1u*x zc@0Bq$?G(v>@SWj;^LL?IOb&K!tZ2bz+CKX?Z=YfV^SS`#(4PMNKNf?=E}w@zN)kr zX7au(Z&=7b&Zc|PY@nTFYNaXao6nP`9_rZYw1FYM$MEVh7tXVShE~_;z$D?_W{u4i zPDkL>$IEa+_~lE=dWUeHxcjs-3BTMdI1C?s;7Cj#Zwmo974nrjr;SIVK?+H+?R=p> zdi>tnDAAb&gORt^aAstn7S1Cv)Q%mUAgR1R5YxO7eYytc`ssG~!c%EBkiYKO%?ZzB zg0rs9HbwAmy|dgy@W+#gc)qe**}IZxWX{Jj?7(#j-Z&EO7MN&DcB z?ah(7MwUG4p>X0jf6<1yscD8RlRnL?*(aGbLl2@Z+TgEEY9r@<3@d5 zAuTH|eB9EB3ItrdK0u*iUR)Yh$I25pfB(Z8ulw=53*Yi};DUX;oY-v%Vte36DIQL& zl%{nQ53Kkq0Oa_2#yy<4cnw;YSuUZlzYYk{up~R3VdUbx5{ISCPWzNEF6flpwzVNE znv4>b@f5d`VR0-Q(Y?hjGM5K7za0)0y>M;gDEqEe_X&NsvlIH1^hRDTB_r0H@N!{O z%xZU|{eg1`{q5V$X=F>E2mo>b{9a4j%xMe=-8w9=xueXrOYh9_&*UO5yVUgt!o_*J z12K90_s+t#@wTvCTb`UN0FaJfa2_4ccQBoX2UKqzf}@Dp7UUE!AL&A{Fram@m-omW zm-)m1&uoJO5_2zR0CmxLCDYElccH#j5DroHi4;MnigIG3;j%5eYY%f`vtO~ai+LUM znD&`wj$3Q^lxv{@v0K6Xo1gb4BqZ3bk!`$Z{P;}H_^=uD|AoZ zj^j=b8Hb0q3VW4Ea$&n2IVK(e>@4Vq6n=ulv*HqvxeS%=evH zN^l0@2pIpS78ypRny~7&7bdJ&iLAg*eKvGxYyl$f8k6O|IPXc)s^eFtgql(wd9~YS zjRy?$7khcpqPk#N=X zu!0roaIfBhLe;Z-QEf8|^;3o&?|i@SLOCCr8tikt8C!G1W?Jy*^N ze3L>ii#Q6X+>Ac0qw)+Qx0&}W|A=wG+004L*u@bnY~xN+F0C&Ir88o70M965l9=lj z5dpUu>;oa?qgi0~a~m8;NNFfZqt#h^r5*EKu$j1*T&Q$~7Je7Ii1QH3zR9ElXnVH3 zHsD!!1ufd$IoMrowyqfL4hTg8+h$#{%x&>PAEDO?sFsENA!GK61T6TR04H``e9@f#dg zZy2A2-ws6LI+^8{w=cZycoy312efw_C`aUyhXlf(2@sTtlG#^uVT$Ltz|J)k_TR+1bh&gl2iyq(_{{)1~ zlj}L=aN`aGoX3t*IwmABS&T?699G&g~&AIZ$298VdjoCBXQnV=9 zm1IQ|vm@Glg3V+qxjcBxLl|@&jn{YJsM!A6{Rnq}1$X$GVPlo%3p)tiPTi9_MmfFY znl*@5uggF)mqXqjhHG0-0sXxR(mf7Hz5yqv-ng*I2R&erDmED0{vxq~lqeDoFE-2# zF&0$i+mvFRh_`w7-)UQsw4jxp7a=b?AGV;0SrR!RF`r}xo3jGaIrXJAVyr^(Kp0if45&`u=V->MYal6lhsCI?tw(Vb3^6k>Pw%C z_xSu`M&cZ&b28%YtVoO4cJUc^wuu^Fo0vP7p~#_^={DjOg=;zRn4U6_BVzx-=OTe{ zpNc^nz+lXd|8NX~U>qqDFzNBboMVtP`&Mi+_nVQTk8V^?*IHPEtkgmJ(iXWVZF1a%Uo0YiKX4Je6=|4(c@w{xk*QRRdUk-*{OFHnf4nH z86MODlH~jCKbs^sN_ehK#Z^@rV3ZijKznHz6q9G-&N=o)hY}xuVC)YayUYy2z_Vfv znT1k_LqP`orWXt6)X5U|^E z21H`QPAz2KCsBp^^88;b)J?u@Y9)D`w{o7FA(jtQUMOKYkP)Cj zAub1VH^l{8w#f`f&qRs1_TIM;c0?Y9P3wC_q0E={j zghJb*BF< z9{cpXzsKSydJ9EOTVf3+RGQ=gy@$YFG5(MvNBOa&ndNw#Z3FE$u%M0oa)uSMQqfns zdgj_FjD_~7d(Z&rLdz*+>vx={>cTmA3(>-5*NdGLpVymy_w~MKL`}Ibtggn|6n!>8 zmfsS3hvgxx_q-T9a2}!nRh_)!%M*2$dWPjk^O;P!kpE4-kY*D*0;#5nA1pz}4OdUn z(w&FHsH+A{n*uhL78p)!qb}H(E_=8po*|wu?lPku<@8uu6`rY^Alf}gAx7|idn9$z)CKE0WJ-$?m)72BaF3Q2FGl;F|FWvKdE8(f!` zjJ~oNu0mr7Jx|9(+4w_kV@_MR&lckkYtwal+gwls6LK28cF!}}XB)NgaDmO|byT+vI;Nh9-F`g^@ovy7b zZ>;9W7Tdzh=AzF=la{(_e2i8GjG4^HtV!#p)+{$|ut^H4hpI7@*fGvxU_-9qI7eHXbHB4<_RvrSMI%npja<1Ax z>#toprfEBtqG<~qSJeaqSBsSeo7K)AJMSaP;=B)zyq8!7&vJdhkV>xF%ICPMWdf-z zLc+%I&U~uT@W>^t)xrtq zjH#-UFaCxp;5LJ~}Yx?v!ctclR!>a1|~qQ0CMIdCX#2V6c$so!KbDgnQX) zO!-Pfm2l%tggqVD?{+D3kAtJ7^TyhyRO%IgK*lC(8umSmmTTPkgw*nyn8Kb?HD=Xn~WM%!uu!1>PL-%QK0ppJ;npwu=nRESJ z=RDL%gw+Kbl81x@nW%^jHgYGrk$R7@h@Loc;>Rij=m}gXxHa0zlZI4D<%#@qkpZbWei%iMTthwCyopYdmMrt5~HIPv} z${C8;CX?hG&bizv=0fcYAG8J z?$l3tmfFOI6D@A5L?;k9Fs=;!U&k`x_#2iV`X^$ui#pP_}Yc>=sL1;0KsCs%IHqV1Jqk7J8O}{f% zeOHLF)(s{k7P)}1vLWbjXCVL6LOQ8tioIn=$s&p^DKd^GPTRN9NX?sEvu?y!DIlk+ zP>q#6pP2HgnDhWgHZ zj?)cg=BB%?yY_ObZv+>`Qk_l-nZF=WPJqeiPE(ZldDflO*JVlT-Yhv%X;sk2q*PPw z+7u6mgwCWrp)Ag4)-2U<_-q$`bESn~)18~#wekfiBym60vORSOwT?gSO*OfQr8AEK zT$$CIpr6-0t!#B+QQPMB86w;4lu_}?{<&(2PVy&2PhbQIkM20gkFBn$8O%IZ$i0?H zSoG`f%eU@h#s7G=tE#x4++HpRkuf6)}EwQjB8hQyhW(s15{)+ z2V<~{Z+8uBH(D_!ZWp1j=Xkp!mGsssOd% zRV!iLi&6J!yv9Iniws-Lnm|)Vko--f;+gu}l;!>cvqPA*_gG(vXy@2tmxPnV5czY1 zEZlLkbLG?W)bg0u#l~$-zks1-OrJfh5VoncuD-@*x%AWYy>j;3jN4m^^CWoJg;K=t z!L5ZEuS_?vOa{hMGpEEI<%R;!3yIF4vaRBipNCihB=rbKhV}7JTAVV9O+(0Dkb{C0Oha?*7hhw zbsPY6;5ty!+9G~6^8g#04}fs>`CK$5Nuuh50)`#GR;PA@#z0@O@mEjWV`}WRtwb$| z;vR%we29PaK9*E+AVyZYjGS&WU*<52%%{d^Nl_~nYTUV=erDKr<$xe|VczX>|C!{K zPsI@9p$9oYyBjZdHnOX5p?MdGq7fTjfG9GRUCinNlAYE1xm><08SaI8e>+>B6N~`h z^Lydfw@GyY?(S3~`dFd7PW(Bl!AK4{_E;5EsYvwgBi?=ZpSIhzf{M z(tOKC49XWfDDp^0=H&!pVCj$@(fxOso+ zsYf>W<(@3Zo_xdErp+98UUxN;&G5r!1Fzrj9QOn5Z+2(w*xK{1--Mv=8B^y&FVTD3 zMBi;PZyE&exQJzE+KDl9RkZ2DRGX;@Y^H~MEx-)7CK^pB^(!y82e=FNuL_j!-OTQw zu21r_sbrAo-Ax(p@(=}853#)s zkD#Pve+~_(5?s77;?qS3@`v(NQNM4#Q3^P+|a{|y7s0vBhY11jkz;=W_pcOj*TTH zkVe`&-=Wz5tBdQ7SynlreTL(FC|`dmyz4x?i|gqyxu$I9{kZ-g#f|Q40-nS!?Nqs$ zGLH8nELCiFEhmm6$G->})ki~ku|d+4aR2_=Ua}ThE>d|TDq|!TI#`oS+5-#K}qpT8ZpeStRKwQKlXlOsIDm&kCiWF_X z&`9bddPoRU-Z2l95?xw6u;CuxuZLGHF5X6_){c^$82kVFeR6RyAV5iuLVojw+2hboI9l6~YotH;OAB5u$mokwS)Vx^n6?}(MCS3M z%*9dcOGf&L{#^d2o{zFdqF~DXt<+=y4MutOStX#H)V<8SY+X9vsbfD9WBcJg)?)*S z3$toYj4BM4k3&BDt5h&Gl1^C6auxP0F|Z9V#x4H3@{mA|S(V#$#8i_CC>I3oo?NnR zJjnI)2n(_Z3uN@?!8Ee%pr1sw2Ajl`ZY2yqa5IXAkrZZ?VD+mv4#0IZUVEvu!}B}s z7&TMA-NX1ggUGGApuirQzXPRaao?zxQes0uF4f|$r|^Aw05%fXW-MP9SWouN2CRO2 z2)b=r0<5!-h%y=>LO_|Ks@Pflti*Ir`Mh40U@hq1-Tb;hZX0C`Jm!ceP<&uDCBhYv z@eERM)xbAvhUML_ub#OxF^D0$n_e4kd|KL)MJXVx_AUAuQRY`qS_+s}QFku~QTCQh ztdyk(_h5TjfnnqMpNdYt$Fb`7S^x+LD8wSA$G1ifFkY68Q_On|wo-4gFg4QRx}s;& z>_bth^nH?h=7d4`;=G$N*wuvbRSqJHS@ehTfKVBZJ3rnoHniMH>Z-X0=aej$)g}in3B}{!Ydr)FTv@PR=>NdD?2E9#9zXD}=13GNK=*A)!?i5}W zlq@83`J1JcJSN;pSPJ;5Ad-AFUq)Z-eFwVk52VCRSmt)_chtTKYzSvL&X>(iR7Y8R zLszcU8j-Nl)Xyx2iY($Ys8ppKhuOR&n?6Kt~x86&znZl$7bVb-(Wz^LNRtf$e?ix zi9CoAyEVn}VJOYHUA)Y`9Hg)VvR`9FOdM=e#%J}#L_|I;57gsVI}55MGRozucgl*X zp8EP*f5>=ex{n%useSr^M9Cp7I9F}tWN>isGzm{3*+Nlu4UCa+Q%Rsq4EO*@n;&VH z4D5FaGZ92OoEeD9!B}G5^gd6unR*kmx?M8y?wL621W~ezzycvik zTZV;jOx=FP!4W8)FCsO;`88anzT`YmB4L8Md%N`Atf<8|XTk*^D{#2ylJ0(2i*a{a z8;C^ta2}}S7`R1(C$O2-6{PYS?R@RNyl@Hzf-I8bC@y|B-U$+5mz;r^a@8|4Fv-O< zW|uT=#gD@uKW>G4({hFsW|ls7Jlxb;_3=H}86g5FE1%K4%uVj+`;43|*+m76n;^up z2yVO9RwPP~_)88)sqm z|2WB|v{_SM78z%Sh-wIeag5(bYOn_ODrpAbY%F9_9BsG%G@y{{`PI}V&b`0H1su5y zIv|etUqEFabm|qWUb1HLleLvA} zU%^G-9~@^nN}Tu56cxy0o|%+6>_-7z!867sw>h?N znO<%eXiYK5&37c+H7rk2U{AYC<248VPid$Ch%DTf8e|Knzd(6K_QfJ-8(Jv)Rn#Sp zn>@pcZtXCjnkL3aCuBp64}uuSIl>#HES-_b7X>C&REothq!d+g9+%AA|Wg! zN89K9Su8`?tYLZaTmuTdRKaqMZxtYQsRYYa+GfFqZi2|rr5#gFXhn}vtxUrg_n@Bz zPq<>xy}m2vT`sTL;Q5JQ&Ht=E*+8p7KlE^xil9HFharo+5gzk*S!B>{PZ;8Zk4|t9 zc1w2}?3c!nU6rlh9C5rVU#;o`83eYR09Td92>Wwmw!+k${!O$edr|N8Jw1dy{hs1s z`njim*wY1hYAwPy*pr=|1S%X7fISJ+n=_(4>BF8>r@#W(ZGIo^$>*=$(+7t5<!We|yfE#ZNfZbl_yFM<}3j{r4NP*_o(2Za^tbQTe#S}4c#7Z=Jw zR?vw`1702*N8yY$WJ{QUxD2gr=r%iSnLlmceXy4Tyy#fj}+FQW{lJ^M|eTl~Mu&~|z~w}ZOfL77kV zaM!GlKvk(t(GMzY7Pj2% z%TFiSdw@JA#zCZ}HJ0xUqm{;^S87WNOZQI@ERIf z@vp1LPkb)v(OX4B(8N6rEa7%Ep zQx!C$aRp&H=xzuH9&GO+x+S)0W=O65I8PigrJLEt4RJYU@!+`GI>sKDZ*S&tS9)G= zW=NsG{s2}P%1D*nN!H##`R8Ax<(vmA_eH*&IFzo5<=J%_B!TOv(ba1ORen~Z{rmaWs-58K7PnFe05D|J>q+Po-#;JY{D&eFqb+CGav4567GGP+L{^b7r@^$TL z0FXCGeY2VbkFyBTZ+8T0oM*g3S%#2hGd)yPf*CKLF&Ya()v#&u_AOZ4o2Ppwp&oQH zGmCwgng1|0h)@jSL2d3*6<%Im*VQajf8WXlpdJ8jX|v9f$+u%+Ea#bTPb8ZSeBe77 z?h&`f5bHep?$ku!y`#l(Y z3=rJ+D?He6d=hH0UwH9L1cwlr4=QWiYOXLmfn{|UX7xv5hH0zjzDC(i%;zFQ@oQr} zCJl=VZ#SDA$htCRUPA8GWRYk6CH}J4T5#u3TwU;|p(x)VzFfe;klM_od=89~k}XtO zTjktE7I_qAISy6QW0zURS@WTS*NMKj9NF1Z`?Jfgf{S#uuGmHcM3%oJ;O^`=zy zWvf)L^3Z*(vDtn!PV*4FA*;57~fWq@_GFAY4E12B7PY6)R zByOY!&(k|OP&%V~w;{dpr+jbfM8Qy#I>a4`?6cFmU^6GrIdnEKaL~4nQr(Xtf zDKzDwvWH&^yHuJP)UTt6O@pIpNvC2@9>ZVOOq6gycvc`F~BjB-xc;2Y*1a;jR(k6c% zsFo)_GFu!#ApRov$zA}_)>lb4{ctSgCrmZeB5`f!4U!t9ZMuZx^!1<*L>j$|oKcbT zITian6`V(I`tt>iM1c6kcKyFWe4S}};Bh@iZ(!FAg^woz;`!d)YX9x+{3j5(p9jF= zmrApO@C$D6iFg`ZFamz4ZjnGJD$c&X)}UR&@9*A!D73G|Z_Ci0Q8W3r&6dP|ok;A+ z6Y(%4J)tiALB$3j=IvwnH?JtyBwXyGWU?kH?v%)@g8i~v6ZgMynqReT=o@b{j2$m( zH@tlAUBLZrWM`* z$mYFS76*umJv-ld>L#%6#I`qhcDRl`)mX(5sLwI=(R|10_zCD6P@tMa1~K$Q$}y=X zR`2)nOM?sl`sjGs@4$h6h!0`syA_@SY?Te{|3;24fE+LOltx0oMdZaJ;|D=N9Y`v3 z>jHA^$UD)g$p;I0c|%9Z0Dx_9^eVd}6TBGwUIwLj-<5M7BS&2(`q)wlnAGyFHOKee z#mjq71y(RdfS~36 z0)iO$;l#J}V*yq^Bs5^^Xo1$eqz1AFCCwQ-|jyr7pAqx7H;L5Fcy2H{et zkn1c*>CFozQ+#UPF7~FOu9#p(ex)m8jD3fRP%8$?Clr=;-imZ18)(mNKCN^Ip!`9K zWDg`yyLB|(>VdmwMp=4z0Gcmu^jJc{&=dJOaXOF17vXg#I_141?t5RpPNua>N)FAL zN};c>XCYs3DxMa}mQJupUv4f>l;MQ%SoWU; z!FKY}2abBsuh;7$3m9OL44SzQvtg0C*~3=%V3B9`Pd*cbork5l^l+*>dL)X^{-mhW zKvB=Ob*gK7rGP5wnCI5%Dg(l_KaHx*-hbzOjfdtX2N0RffAfwF_WW2$5D3k0`CZ?G zo;OI&bvK3ohrYh=U}cP+e=#Zgvs*@4n=YkxSGoPi(Dn|0ck9pjvSmN~q)qxByj1FG z{rXVYw=2fc_@E44)q-?f1hQ)>wZ11htx%#4Swj{5w1up=LGD&=ua^a?m7x;-j3n8W zYeyR7rXKN3w;yxy;(POAG!l7c?}4`8=QyLDAu-57h^?3Ze+A9=^>eW(NXSS?cSh>V zS|ZW9p&;`sL4YL zC`C%EDiT=_0GtaHR$WNq(v5N7>M0GV?6NL-8N$QE-~eX*pvlMShv6s66{!x+PZ=G7 z`hULr>3=xvMZ~UL)1QxVGZ_>eygzkg`n3IEuc&{(2qr7B)kTGB692DCbZY~WG#g#v z9j$^JB-_(mb%oG!Ky;2>+&T_0#N_}XtkaEDyT?S&~B zZm*9dxxHQKW!QYx3I1#Jvm=fEIa=vICgty&Ms7OF^<0=q{_yQUj}+j<9fv%=bqO3oiZ2hD?LQ?alE^D-c34~9wVtAQ@xt2?Wq zRRe~^${#o(|LH0)#MM{DdoVu9W%q#Uf-afeb&UNo0acru{K8`#l%wr>XJ?eD zLHvJcf~gIN++S&jmcJV$Q{XSUys(NJU{>AG+TDQahZ^XHlpD6)kVeQj2UZr{DGw(Gf- zW_7M`;u%MoF>X2~D^)d>hqjM|zA@H-SP=pg+F77HP@dTN42u^PrMqPJ)D;Z%k$wa} zU2yK*qht((S~IP{9%)f>8eQ889>a&mB3%@9dH|;61A`4D#5JOzl|;u)Kf*N!)=k(r zc>E+&py*^qW*D2dRVL$`UhvWv8n;(S%Yk_?(9Pmjh|@=F;rsQ2R?XTTCoADv`nqo z7+~cqO;lSlv3kTV&G$0KbZRv1_S+98S$5<$o#~P@Nu~YNPQi7=T|ym#j-6ANOppdO znKV(GkHp!0dcza@DOa2~pE!|zyLmM2l*5M=oub>Pp=drF<8-buN;I{)I7@5u)ZJACU@FqAbValQn)rjSlr9gTU;jahNngI*6KnV-+p=>`*!8_yjM!>b#!tG& z0?Pbp5iR`pP36=cC5Ysh{o6gB|J)lHUrcM4P@Gp_Pvs~iYfPczq7OL5k)Ag8i><3x2EwJw{d=vsQ5E4ugLR>-%^tB;d57F0qfcX2W0!Mh{5Xdvh zA3IPW`ytTRLm!)Qcw8+AKf5n1=izNTK|JncCUheD0_+S`h$79$4%RQba9KK{uX~=o zwVtNbNHRPeZaIWnLVmqdkWt{t_hvpL;3Il{1_+Rh&@4#CZt2hi>02zPh5BNPfP9Oz zs*3>2>Nc=K;*t(x-bi6ivq;0!<3RTnx9EmyZuRzs!fRDPSE^*j&%2B*j0B=1H+Tz7bWHh`f9X_TDrTd|!Lrd(1qnUL`zFY=Eto)@x>-SoK^&6qx((J$5 zEr%2a&zrtQZ-pY~S7%uS5i0yZuKEc)rH7@*GXX4^uD{*_un>dnlUT+zCS};hAA30u zY$*J_Q~KwUy<#C=zmwK$b<6F$k|zAthJkJ;r%}7;3;4mJRS7nQh0G`UY;nt zI0T%>`VMgk*mgHalWsjdX_RSNcZ>dqi}^Sukim{xRS_5LHZOpMA?f;U_YXRW&9RW_ z+dcXk46<9(RxxmiBrxetnKKA_R{?ro2YRI7K06@NgSQ`0!;87JcBYpPGow9K$bltj zLKU|EB2o3v?T)PmUKu0R8^kx=1(@WjzxD)CHWV$tGEfvm5p6#ZA%6V9XOU6& z2k>=Vj#nytB6eqOcyiZ{7hk`3oCy@eexxhvq~yFlMVrp_Bj@$UZ+Vh1;^HtYUSXS6 z)V=Kv-?vVEk&>rU!cS)v5!t_>1c)3z{dXolP$S3xJSJc?1E+0=U@t%OQZ-;#$+rn9 zp_q{B?i<;SU=9uPJfhDwf%Cg zD4JdZReKqno9r832x713ai?OKSvuFhX++@|~zg=$6{2QkUMcBKnd6 z`YMUk6#@EsAQZUbVH1R@Ba(Q_M^Kp@{ILyK2aGD}OG+WHEBfED%kf7Q2Bge@;!f*P z1`9WQ8iCTAcdzx5U3&G)(Bs7rs>klVePy-!%}`2@<;Zk>aJa(E&n~w%sK}1#uMcHs z{PFg=|NdSlpjh=l2tI9T6GPk`0o<+g)(V+c^uQQ*IaLq^`NPNGFV6CePCn2(iMF#B zwiEPAH;RiN-8YI4bo@5+BFnBSdmC{=3m(SVdJQgEAB*t-sO^Cnu^IjjeaBQU9Ep%W z`dJs^1sLKp%T27f@nef`zVvDwwxF8?2zX`FL(m%P)urTC1k=U2~9|3xq?Tqw6}*7R(~Fx%@?n!j$b-cAbYxSW)os9 zG2k-R^vCF82v&U7^Jmho7d}OZH2_s> zfZecwY|NVwtBH!bfKXoqs9&G?0{>Ba*it@$P;PaGRaU27A~$>if+Ym5fvoQ4OIA0r~z3ZQ#@q6Z1pZSdy% z!I5YjObm#Y82%g;Bw8S7f8kW}R)90^innL9?LoBFKg`D{I&!NE`X(~+*j%IVV6t_n z&=mvo(Rg`*V6M2fi3*QjYj@R9ndlG0Cw`x`ab>rchjp5Mnb^sj-K>D3y;c(eAAd`F z$%@-$XJ-IwXF{S^mP4mpq@lIGdQn%0DqLG>!Cur;|5cA)EuM0%Ae~@$DK`2kA_ptj z)8tYQ%7JEs=ufk&M)cAHqPS-KQ5r3Dxk}=l|3XOHU zul^iq;}52eKZd3UIRx?$fZEf193JEVAv}i_non}@suS=k-&+sRtM1Xd;Vp1cc;Xld z>ufbCu<~C#etoOhSF>lETCZyoN}T zr6iRCIKDiDA_(cNbQibePH(mLwkk%U7dks2#Awe4$dpU~noqc2UieoC-tgniaT^mAR%3VZj9C(t5-DWlm1B%OD95!R-dG zWp`^|5I{nl>D=<^PF9<@=z83hEnpFD8MQ`cB@^I^Y2ODX`1^6lA&JmA6rd`J?XaEg z-sam8VAQEj=v3J7_TXie_;y31uO~N^eRN=mH@Y>a)5spP-?^7GnltS2_QJ#J=nuNn zEd;!vzwAojDdUMRBfV~uCTxSx=A&HkSQGim#{xTj62gVNV}gqZzShL~gJl3!@Xl(* z!zN)u{@a^nuXm5@BVi;+YXO6FzM6d%P&4FMPZa+iMm&8bz;hR~)yQZ8Lp|{-*C|{z5Q&vxTm4*;-Tpz?b1`iYi%l7(@&@S+ss-bS%@BeN`sL-9=l{)U0&U08Bjdf)1oL0e)GpDUiUl%qN!j#piCYol5E^gbLSUe$v^sWx$8 zXEu&nJO(J?c6y01#E<{Tfgt+9vnNAnyqcl*v9BP++9pJC;IMXMKbdj=`OgUCOZ>s~IROd!iVm|gL@rVN>2Y^X+;YVlO>SGi#vHhk( zTF7_k-X8EMJWWPwZ9+++8fs(Q7~*$f9j@M4sP9=Q{C54J;G=@_g}KEQY(Ix3rted+ zX=iO?Y&)0Q&Dby~H2GJ+*+c6Rdyv@{Z;#~ie;3|sg1|*nT9hX8pgsY=eA<5t4H(PS z!!_p?mpLK-Z9Uh30JTbg4flVGtQT$B7s|4HgDz%5#DcaIB3k`U!KO8<<*5y8!H$U* zH0}_o9B?#?Ie=My#~@PXZdNir(&EcTbmd2}!hWqJOB(l~wtIu`;^f5TR?BT3&#TFb z{#X$AnH4X_(S|FVQ4CzMde~^TWD&Js&@nrrI944<#>@Gc_Vct z5MC=@gSqlr;L92!9Y{i&oA#we0<*jaEAoAY=Q0wfec;ir4^#{RmehfHhOyG+d z-rdsVI^6jx2XuqIV;bsK|6jzwi?)V5VL>Jj+ez!kAQfKqIHjXV8r=fdYb#@gG`E%S zm*i~Rnk;Nd_X28yqYA1dU&>oCUtLTjqBcFJd!;XX6b{DJs!m-dFWPll-sNcPeN=J zD#|!wOQj2N@xFWwLRYfr5f4ScIEhn-;ltn6s{XUaMf2gJ*XJkw*L*k!g^HGyzm?7X z%%Q`x{&kHVy3gIy3mP<<9Aw>;w*wE;_w-q#{`#C_amWTw2TJj(g)0RYpd6t}O(frZ}T{#+qtH zkjT^Q(t}|{*@F`9q_>~4?3d(QK`Chvc^k7q@%Eq4&d}-n?b~H8ugl0zXvo&N6iipr z+MReqR{$X$l9FQ@+fhyr7Yu46IOTde!hZnZUri_tDPk3fSgNFiyv1Vz&Fs~cJ56mc99Ps^R+t5kj8@)B>(!w z!MOcRaZy9_%W=gg=k4&*MzI{TBhCJ5cc!a9Ns*cRy3c#f2L$^Lw3HavT^X^Qn*bi>t>|?pkKgWtT}NdkKa? zbPY<=!OB#iS|)#D{Qtp`K!wwy|5!Nf<+P0(b3oCfnlAvHeAjZHb!R*YoS^otXyggR zW{!d1rB4-We=>D($KiPLtbN`l3!2sL@Ur7@78N6YHo#fN@_FKhIg~bNF?7)zv*Ye6 zpEtuF7A_r*8!U5FQ&IhIp0tZqdTR|~w)y$Shs0Z7!Ba>GP*_OOug799d zV+Ar+$AT$S9;t)oj&^f%nsr}NaYJ`kJihS!9blS|)NPA+Za$mNB} zUPaH6&03h93P#MlV{#SZQ#Q4_;F)gF^u>yXJMsOTFDRpprj*^qdC|)0U*b$k1_ZPo z0*~vNanDiMz&6kz^v02>ES((~fce2j2I`*b9nRr z4P;}2$Md`f>c1(OeDl8UXlVVyQXpl++=T|Fs{MpFv$~dqGW!$x{=`Qpxqi@jC}{De zUO5Iz6ZUN%_ODh_laVsKHTP_K#Ar$NCJVu%LRO-5gF|-V&<<n4ero#t?cuy z$fZ4d(o=XAIdAP@*`ds}0a{@nla8X9GPKtUM#I23b4=}bLb=rEAP_DD4I>;Dz{i3y zs{+^}KkClpu|WA22S~g+tY4f0>FJLHQ%JQs0Zlk{d=Lg1nE~MFOD~N9wZjQAr8dC~ zwGkCT#JEV$O&VG8Q2F^pp+yHh4IB)If(0ieF9ZSK7@hQ2{|{?#9hcR%?GIA|iU=rz zfP{h=l#(K;pp-~=svsTG9TpZ{(n<*r-5u%{X_S;krMr=S$9&xT+;jKY=j?m$@BNR@ zVy*eiG3Utd7-LSt&nB_9qxRMg6A+s>4ewYt(?-#l3+5k1lB4 z{XyVSn)a8+!~)nF-uwXZH3@9`3vNvUm^m#VOtc!@B*=qGg1l%_qj4VEc7M>9^5@x+ zdcZ$u>UEJk@&!`tBT`V3p!6pm`STI72>hBqWV$EpIY$I%!|qyk806XR#lmS0&ajiB zyC22M6FH!%V(#YdKDSAZHpSf+)X7e^kis7$KHP^>{#4CqQ!5SEfnvEOPQr_~#7SNB zB!q{4KjyRP$zN@;^dE~pLODQ%DEWT};o>Mh@4V(oDOQ3FqlDVPLu0(?DBdezN3N)t z(;;{24QL9*TcJpTdEn1KUIzVTf29sXC;nEat02c5PBt(y*)53T^}gkn3a5Kq)b+j1 z>(iQl7b3*8A`9q4fqZA`@8=x5e>wo$^n<8&9jFLWf>R40@t_cZ9VeCvMvV{C7M9_xmYHMruL(`Nao=OZO!fMpPI+ly{p@vCf zN^~ZM03S2_T@HIxu4wFzqNydI!9|4!Nk0kvNupLPgxGv%Ghb%Xq1x~DknT={erdtN{9)i~F{MQN5gVv;HFXupB zCieWB#Ph#qzxn0&moHET@f^QXaUAW(KMw1L{DSCjeHgnwbWrUDumIso708NcgLkT} zb}I&HAXGuXZ7zV|!VFMG8I5K%+G)aaTv~UH8XgPw63qpJkX$p*Z=;+0Ty> z9#hA<%YtXHv=}r{#t&ogr{o6xamt)_1(JTfwL&^rDpmL~Oo$UBS~bvXg&FbK^Jp>f zV`}a5NJyPvZ=AY1&^h6X0#I&Q@?4V)W*H6H&S<5x87$(jg%BNa+WqJ(^5?J?*Uh7m zBQyxm?_hdS9O5B3=wG1r_J(!z6UM3Hs>!ti1m)`kVtJ9jjvdo<`*VnZnWoOOj z(|XgC$@e`$G-&B8F%lBCJASMoSfg|gPO-Sc6Xy#BAdBA;-?hBNDjVX>Zp(;p%2NU1l1aGX z)b|5bH5)KIt#A20yT@2V6Z7T|kQi(ak)tR`&dMf@yrCg3BPT63C?X~&mVZr;4pJts zXC2v;;ulClKmA9|HufC}gzrv(XL=&LrUG$qIuHwWcqq|w80^yFp5Z}IJ)e1fSp?>FD{d<=>$M~hEAj;F1(y$5jQOn_E#Y0)~rlOecy zkH}Bxf+(T=3eo|kV0SDU%{C5rCXT&A9+}G$FqiVCh)xGMFxnx1mLGbAdZrJgTM`O1_7UK_{_c#wrOL{L=$9^mVd|K88nM@3za}2Izn;z}tIP)_ zTieH^X}`hQwlnLdKib}x(+J!a!TN}GR{+V-L)ETt2~tI649YyxZHlH;*Q`+0Z!fI3 zlMpjn%-`!uh2ZD&0TG*Zx`EiN31;2YRpJbUhjBr!LBNR!{sf5Gt1u6<4t=t52YAK) z7s2U26=*4nVe=<4PAp`eDa$=?1N;@lAY-y(lX;Ja#bjN_g5f0;xNMZ==Urd93yisy z+?8n^(LwJ!v!F@WkWelRTX>oC@v!Ex7iGSKEq0)6= zC3K$7?*#*h|7MWiKZM!>rL2+)WOg}V2|2qd}&u3OB>yiQrL0MBCRaSJv zwsuE;C4}8pgd)pxzg}iqWX2WzaqdqFDw%rGp8vm^bC*Au{fV{z(r-FAI|xTqZh3rP zPKg$aw55E~wZm(+v-4af;Mr(`l^2W2=I^_jP}K7KuA=NAzs>LvG4GAqw)b^m7#@;v z#<=rE{!~nmmBoFU3YAc`FRK3!Wm5!jP=HA+wlC(t&XkAtksXh?-w)(ogo7i$ss4#_ zFzBtYZvR{oB<@TQa>I`7JhvE7S8h2T=JX zahy3wsrE$;&9}p-ZsQY3ao4+X->G@Jil1Uq@PQ8m7B8K99;@|EM;GsVf4Tra{pL z(msS>VxC;+L&|R&>M*8t=-ALo#KDKC_8$s3WNOx z@O+hl=Za_E6adPspQt#V7AWX_nJ4W>WlM0<4|vqKd1abVn$y+SD#sO1|FE@wOD0ML zI|85l(eCXE68;xJ%s6-`<6X_q5q&J+GX4w714yt}0DplsYAN=;4bpjAqjnd){kP?l zCpDSO<~=6*NZ&NruZM>4y4_-sqlO(3+iKgbX%fu{hE)vOsYD$cRR^+vxz_5#AGJ|* zfIZK(GnJA``7Y=V3*D1)Gub}Wk1PIT2)Lh6we1svk?y~|7xIBA_Yv;F2RMeI&3T#D7hEPEhtpNQX0Kr#$X6&)|mB@I2k# z#>s$o`wZ)@g{*l$o<^Z>#6gVTCNELp5|A%u<7|E#>?^P*AQxw%#T&iJ8|F%gN6a)L zio5*5lh0U+n2DSo7iwdEG^>z{wVQ`B1~9~?aEV@zTL z>PqVmaqx&GrF?dt2Jk3c#qpga{uwQD)@mm+nks{}ZhD!ITYdi)&yUH@$8VWNSbR&m zcM>D}C*$*PY4clLhat(I=HYBo{J>ju=_mP&)3<)+j<5dlk(dwqS;E^l;Q#O8XWp;e z=&=esHqq-n4nrCi;cVV6y12p&1kFWvAN$x7aO#y^s5lZIv@3P1>Dw{y#$Xkb>n#384X^ZD z4a(VF?SGTm5zCi(SJ|5~>AxTJa;ihn#6FV}W+-0E4P#;LS}wBO*jFJ3)P*X4=Y4G{PnxoK9d-e+2E15J?b^Q}z)H z30R3)HgT`7CH$F(;m9}#bw|pbbdhcXo zO0;++d#sc!^|Q!Qb{Ywq_aZP`96V0gH(hnb;$v#KwBl0XF@C2Eb$x88=mhQ(0A)Tt z#GCKV!^{ZCF9J`!Qo4H>J;m94NAoWa#nXUE)07ANU|*Pm6n%C^gwYSAlPn5097J6C z_e1xywDy2m-#^Tx zWHQO@G`2>IT?LEnZqd{V8!n71%J|`b&f&xgK0Cy1fnR`m8F5A1W>rYkANZ&c@b7pj zc3bsweNspuv1lmEHwnk29FqNbRNx68*+U96(b!X9xRP#Vwh!U)`V>2RYSQC*;a2y) zzx^*O{+HYEkB7O+KCyYqk!5JmjYC0<^I051zibLE`cTV z06Kf^{kT=;vMDRs9e!TIt!!gG#te_1LY@`v{2%<@tOX=FsaI)ceLC=yHUASCPQMiV z`zFke_1lRjur)5aK0Av)aSgW-@5#XQSWbRGI~7P0#K<6qW620?l&cAZop?2c2#bVI zIXT$-VcH+?JQ!$M@1p(n@p&4=coK;z4lWPuAPrv~VnyJ9Sor>*ANtTA@MuX`8GRYb zeSP`))>&%!Iw-n!efQH?0i$#MQpd#UL*Z=h>SYV-cYxWlpSCs`ApyW!Cub6yRU%UV zb_C?6A}L_@y#$^IPp`zsdl~S5ae@Q&fy8&Xk?tBf1!Vl)^TP!7Q72xnNTU@$05c|e zUQY!)$BrvX^x^y6i)a`v7^Wb_lzfahKWzJtwT z_I=cnV4=oto)n%(32T;7+q)7u`p~Ahq4nV>4z2Gk0^=c4^Ob7f^Nk9PyjXv!cz;mw zbk6b9`iQ2I;@RepcpfUfA3qvfpf!CA^Lku*(;pVHR1|1NrL-B^q22YJ1g7}1Hf}ag4T@mf zqWOs4g<63~J#Ecmtj%Btn{l{#75%>4fqJq?stBu7@cUH2VpRA%B51nGFx`~L#yaR7 zd4hVH7|I96XxEQ`wmhkRG2#Ud-ffb_GHU))$I#<=FiFB%PW)(T9)U@EBwtT}K0OP= zD@4S}Bl2#;@VAcvPDcDy(r3Jl|2#pHcY^uunSW%MV-&ogQ`hZWIqP>n`&f*)AAZCyg?v*9#|@W z){+*nln$^|Owd8}sRFEPJiAZ~*51QTzh{NxNyu}b;j|=JDL*A>D)rhe-=+HaoSc{` z*J?q@b;3I)=}t%PJ({v2+xRr$7k*6S=Y4t2+9k~~LF1>yuHE_0N(VB@e-2MBx5y`I z2X-qJUjd@Q??s&VPI8t9YP3 zN-?FB3`sc?@Z~#Kc(Vj7(8T(o0x`4{w6H|98ut*t4}h90t$II;-p+-gbL+yjkWMLq zowClkxGhmjhbN^Ff4pl)OV8D=PA2R5^{Tx4bo1P|KirCT?#mTtKY!h~&HL-And12u z&lS5u9*+*meoS0uXLumaa^NWc5^u+6o}!{4#^6j!`|IG%JWb_qv%~m&L4>NXwUkpx zGt~;j2_69|aq#YeDDarS#2QK_vCH`X{-OGzARhH;ZUMC8`an)qk+BJ}i=I!LKu!YA zI&z&}0h>0LT{;AWEtZ4puy(9=4^d_hd>|-r197`PHIrDS7v5Jfym|81n*}1%X|&E; z(au|YafF}O(?~Ojr`O~CSZOX05Q%Yo(Q6UUjvUOtDMC(!3} z6bMC5)4!qquL)ISy1nvH`}hml_}KgUDTc_)#K9wk)x*~uc#b$?1W3Dl_}>gWLWp!o z((~%^xSnji&_^{#`PWq0Qce|$OnS5VHn?bI!naxgW9JX%=wK|K>RX9_;bS!&pZDhXDgyW$I;!eh4x09_;0=#czku zz6yb0I%OWRK*oEP3;f2K8=2&YtN)l8_+A&pS4@)bbPputx=w_%X^gg~$d!Lt*(9Mh z{b@-mSOD#LYkhp1xBGF+yapdM;NOg5^_T8aew?^+G5&%0BLdYA6RT70Q{!zk+(tpG zQyph52&_hxM*S!_=8H0b{+`BMPN9RZ8pvqH`_ms}9`Ge5UW|Nk+NYipZ8Q-mLNcm2 zEDKP8<@}rHIC$p~{YU;pe;fhO|JFR03ehhJ^xK<%l*Q5y%j<+8v_QfW3x4Y5x9V6Q zJ~tF*_UnU-Y(Rg3T`;5bTpyoOjq1uohe>OFy2@J?`|;+Zk$e`TjCC)uJag%oV#37vy%L%+M6lkmeW4s00h846; zR^luX>1*B_Z!D3x5bIYVh zpT@x}LhkV|fzvN*ffcq}(-cCV3gIp@JFN@T0E3+sUzw=adLq;TS1@1SEq7bP=$1Rk z962d`t|aUn#eCsQ%l)M(UPE5jR; zdh_7GnujiSVdjrrj0T#WhG`6?h)r?#>?nwEVI1+=m$1q={4Zf&8YMD8ga4a{vbc72 zvU=l)r~&X>O2NlCj9YT(^Ggk zYfvEr+FI+6eM$&S_bhYVG6>_5EH_1RHARW-Q+BQMD8vh|YqMlvmFd&8+9A(v7KyFZ z@=b4D-B_d6SSAJPgMheHmWfjCBMxV2^C9dTH>iDPC{->Rf0Lg#rHI zfuSLEV6+m|5KpA0zrfZd&a`x(A1MLTZ=KGvEneG?w zI)^uY;OC9N|37z64=G-x;m}?W0f$!2e3(WwR3OEhb$AA=c){`eS|OTw1j*JPDiIX# z>DqmZJCbZ}8?2Tiu1nvq3$9EgT*IH7++1Nn1ghhe`%X-C*o`e458__{F{2MG?>;a#YNwzh$ZF0wt6f>*aC*|#$2y3L}4(sGNcnN zJ~e_)^wor^<#kT1_o_Z*Bl4F`siu2;mKxpq4WgjR9gH zmNJ}sqL(Nd)0wh2thBZtWQSH5RLo6q1zCUVL0=N!fy#{~fgk;=2+Q^%xP)^$*J)k) zexV%XxyrRYwJXbDb8sEt%z9HCt23AF(R4U}-#D2sy@Ysgkj=QJ^qm2X>zj-R$^`G< zE0cd#J8!^Vypg@nh?rLV8aRh5Ft!t7Nxcj2uAo_(z=T^d)EUSG&w}6kHRWg~J`8Rf z0dkz_mZyytkP{a0*9S}|!B6l@GTHt5i1am=ZYh&@ya-zq_q{NiBpU3PA3T$lp=?nC(9 zCl~UG;CGp}z=>aNaXk&w2M1;O1F4!38KPtr!pO;(6-hKVIgq+YOp89++HiEl%6uB+FL;!w@AScPY$NB@cjSBC^R%u#Q&(t^x_zuZ}U374)eY48u#0k0z}ElaA*Ui@`!1@OSFeiKp?6(#v7hO=734qGdIC#tn>Pj^i86)F`l2{agC^>Hpq^%-J3bCA z^?$+6F98;2Oxr(O2vFkIKIs@zY`~wd!0EX8GzYy)On|(0Y8c|LymqX6EtK(`chLc0 z9uAlo`FUJsQek|N(4D8MXI>%i$2I~h6NLrlP39E2lAy^d&G4)aUJ6AkkPYfdS4*8A z8>vHprg^IwAFYE1sIzQ#wiq-acCfXcK<}MW(_>tLA z2Uk?bQiqlbi=hCoq~0{E)w(-?+`AOg>Tj53M??K>6x6xD0)Gl-ROfl&PG z_g)aYhyzm6%E3)49H%3sjvTN@%!Y87=IaTRCgDM865H%w%w#{)+z8C%WAjMoePc2j zeFm1OC-N038a)C=kI3adk4ATc(bvx0dx+jS19Lxs;Mp&{(Z|OT@5b^& z!q44ZzEKpmnK;Ab&X!Y}myz(OfRahw5k}x1{A2Um*Y-SHB#^0KFm7(TqIX6#fuOvU zyWbE&%m7wNg+05Dh%N>cz*6HV)gzxIf}e-)tCnf9!|R50@H&5r;VJZb66}Cf_=}I& z*8zXCR5?V2QZkoi!L9rCK{AuytGm^I)B=FXm|!H$pmVum@RVNi+6dg0V7Iw!+z=~R z;9cIM@2+QEU6$5~QDZwAXc%zrV62$8KKL^%W*w<15lY-8)0b}0x)5qV4ByQA8S0-u z5g3|UESh^D;e6_d<&~#9xn{RDBi{aU#6>(+zY61>Ct38re+vr){l7Y>>W3D4Z>Ml# zy^eVlLg?r?VeJE;U7G1l186Y3Ln7mr=%T%`(S}ed>+N&u_$%ZQoo| zuJ#a2S4|J8R;cQMLwYX=P*-Tpr>S#%`P!8s7BOR|$KWyIE18qCzvtdt;9kOO-g)lJ z%=X4YB-{x?;>o{IK67io$7^>@qc`{VT}-^d@iH0Au%kx4`?d5jzzvc&e{dv2pvY}C zO}T$E4`ZxK7C^#y4+-U*PB7!NAZDq+9LH+?`E`8L}#JBP!Jn zQFF$Af8al^_&&Df)%m2>Tj5qqOH1cPnTs<0vyz?Tt+4@3oc+676c^cR1?ovdFJaA= zxMV$9006GAv41PO*N!upTnqm$ip+%XBk(*YKoh(qUW~de`NADpa{>?Kj{ZqK0Gs@4 zz-uUgAf~L-<2`rP@D;i$Rrr<;JMrb{UA1nESNo}xGGCNeDb0d&;%!ZTZMd~}aK``{o-MYpnq;xEz zqB)~&kp{)P>oL039$HrlZMfh}&rkqle{Os!no-HO@8KMrRptv2_1r2<6YPvSA#D0u zHA}n8djaD-91b!(Q};PVHX=;Id*@AC5N7+eFFp%g2Govmq-%gfdK1SRFbBo(0MpifSPN4ID?iK zQ*|cOer?)WX2W_gr0YVMHpY|8{a$GprZ1*+7sS>J3H(xZlcx_&1d|R=L6mz z6G4*TXj3oVfkX9W_7e`)7?T0-eb4qJcjtyEo}~l|iH5#O61RnCSS3Cr#5j8bR|2ov zCM@G>(FLk-VZk4V{o!0$WKeBDrwnBZRbUZx&_VBy8wn#7E)P06#?hn)SXI0fRD0=z zUl-aP|7}TUmQK%S%?#_krMC&mHp5=abu&57 z%x6!uj#-SP)1GzqT9%Pexn5zGiM%gpMW!iiQkT zxywA1(*H+Z(T)&in83T_~tjF$J&+<@3#*Tc9H)yb_j*KLVRPH-^s2MR0~gTbFb%w=rHHnX6kGQc@9|n-%9BWUt#P zbCA;WTHjK_#ucHO;fx2peZ)!jJx9Ejr z3+~D9CVYbfrbELs)MbW6J$J-LYD;feN+oyW^lg}&E_yGvzoP+S8|dkUHR#{f+|zF?0m{5<&00|s}UkRSFNWQU)nh_+$z zMS$WimpEmf#LYOMx`Mw(^M*58Oed=a$|}Glf{U=x84`z>@C!KSiRmo`h?O_MrJ7Ga zBZPJJz=TSw#F(7&@d?M{^)6Nx;J4T5s#TdAZ<4QA%Q4jOU%oE6`+P0D(D$v4NMoAL z21CBhu&CBz-AwtZ+wUzVTI2FvS8_r`q@2Y3ru(LO zXBy`ek5Q2F8M!ULj56=dG3wqt`?sSn0we9l8f75sn7HY@FvJYtWhk79-I#ax)95Eg z?+{+I4(TF{+8EsHC|&3DbMba>@tlC5*Z0z}bNafCET%_17DrBP?yR(p4Rckoz%{~M zZK|X%kMTbcbz4n?!eFIr{j$Uuij0X=hsS+D(zov)N$h5_O19q0rsEcxNAJR=YfaDr zmI4hs%6ZogGz6WJ`1(m=&V4lPOM8I{nQP(g4@N5@y=5;>3ff6hap*E>Wz2YcaqYywZ#91<+d`&j|Lil7nk4ft!PmRs6euMW9f8{deGcpOHRr?HG zimPxZa?cM{=6MdC;`()Zq19+*^LYAoU;A1Dq_g`1)HW~O|I#NJNYY)e#pk}Rhrul@ zS3Nf6%VB;!>(J;YgHG#~zyz;8CeN+)aQ-YExe6x*0uhaa_U^;gyUQI4VzNc%&e9$p z`XcLKE%VJf+UzC+C6o)LDdLKz+EZ5A+}EbncFRsMGUj-1a(4N+0xGOrXsXl@!4c!7 zwOb~>tGtOB>M+mh$uS6B9%K8NKyCT%4Zn~2O00;xI)lZ4fD@+-9`la!i!QoK{gL!G2{s=0YiS`Mc98%iWYqskfgDn}?Vz`luScP5;^Gr< z)&K6fI+V*~j=FLp{cj2Szjy8K8nNanfOFVXqaY)TxlpZh_8}ozgqP>G z^kBK;+B&B}HG79ia~SNFfqM6yQ@HH=ZA$Hg0H7dG;J#SgciUl;#?@1-?fl#sLa;6-h|ZZ%Tx4AtyeMgfPfJmr^+(v{B`4^?iW9Ennko0>|!cg^LV zVO#AM0oO)VxL(_4$N!Dm-GNVxHk=Ah)5#Mv?Q7?I;qdxIK9R**v9YOB5~~($8d)K| z1ryS(v4W#Jn6&X=NnC!A@Y(|aEl&cV0Nf{6vg-V`y6=$&^o_ zLHUg1uG+(S87|=*gMGN_Q!;CFtw%o`E|J)N8*|A%0BBIYHsphY! z#=K^x@>aU9&}@y$dwb5=HQ(NZhQ}?ea;K3kkv1Q*k+ZckvojjnUg=t38xV2#6Rp_@ zjcKU*sMPCb;v$eh1(a8KqlRy~w(zd*2F7L7uVUqH^Q*k&F%5&M9qBCzTD-VZYrS#j zRc@TuD9%i4v+N4;nhtA#^dVeMU^EN5YjyI{Zd7XYy^QhI4+%7^0z)oI@$--+Y=8YN zslC{W&Nb0WXP>z{OXn;;5oyG;Hu)foTE=uwB!>ZKPW4uFq3Kd-<$B+YnIJ@WZ-lw7C4vXVMIQr_J;nsEfovv0$0{W79o3` z7=1>-s$EiS0$fSu5`9maOCF`M!j8(R@-dtX+1lxJ&ReZL?hDz=0?z7uR_%pRaI;%Y z@?F0p<-w*o`c=ko)3Wj#Sd;BT-7Y-ed=xEcWI+VH%m!1lR5R4o2v-+!Hj;)6K1d0( ziMTuT$aku#wB2iAjEvyWmWHruRk@R-tq&cWDH?Dx0GPB|u9hEi8fb`PaCwPoCP}F|iVK zm<&41c1F6xmB1xu;#9~(En`Vs9zRNZg4AX|wm^)1B`xh#i8NC*(iw}d#n)NKl zkL#CkRtxYjjhsiq`L?m;9u_YJQKCpPLV3Pg6%fw9d!7dADy6d%zDPLPz%A7X3zlah zkHBdmd;fo{kwbBM+6gKESqS50BBOGznwaYlr}Vx(K(KdS1wt5Wx1YgRl(V$?Xf|hw z1)b+(c|8h)3$6NZ2;{EmVQyQs=~o#oCsU8E_uKUN(+fGwp4;78{~~YW*|W7aV_aK% zwY|nbEL~-SVt)p6-nvOWE5)nIt(>Bu+{2%Rx~8mtI9Xl9fbWRc;yWUv#n)HQ=l_fs zb8Iw9*UU?-UdSpLj)44aBV7)h2_U|m4Q`z*06L?a&)PN(R7jI%x@?#*OOD_pvA751 znB|&hX4J7(#?$bt3XHAI-9|pO={LN64jH;6Kxy&b+&|*0qsV7dF8a+v8a7v|Ao~#Z|d_ z|C^NSLe<77+*up`MnP;YVFoT3$#87rTwC8VYXGv4x=er7V1 zcUzr3Lv-Zi=ZPC}d5SrNq>Nqi&0X6ndewxVF%;WLq;y+vqj;R>4fu2l6_+R47^hdW z%i2)FC?>$ci>2jI_`%0N?31UfHWttClbu-HCCBZOywc}-&8t*MjKS?EMcGWNknwL% zzwNE0nO6f|vcI6l?6&sdq({^S+;rN+vS#AjZ@n@MYv7@^Iv%s-Crrty`*nW{?uktG z{`xL0xJ?#d1$mHp?;DC@Oz)j{!ExB)(crVq)>v2&^CobUNa@D8GPR4*s&3rSE;4_- zs&#_hPuT*e%4kYCN@(M{tLvU{8F*D|E7w~3f~Y>pr~blA<#~9>aTg9jdJ8V!bozyr zLnUI;Cru~a#CD7R@z2kY*I7fBePKBJ*U^j_gpqvaozlDs=CvMj&yI3ie*J7@ zyu?SEtz4ErptmwFX`o^M@zbZbrGCl&kHQ<+aw;$26Rt)Unze6D03;R3u3LIe>w~%D z2dE-48Z2LX7Ozvar5D0y(QRa5HIST6$)hQk-{K(hW|xpIw{h*FJ$+xbwS{e`)18Newh7PiL2MBl?$Om~`0PJqEU5YIC z?e{L8FLH2KgHAmhdq>2u*tRyj@5OQ~-u>3z?swg?u?QVy&nI*>rU)|LmAWE!t>sym z`K8?J9D|45md?_B>^Xcz+mTtUGLjKvwoGl{l^*!D+H*VEB9gPc(Cpamc8#68AG>zx z#V-`93I3S$-3J2t3aeYa1tx1`j;6i&j~!+|zf;AZJoAED4noEK%4wqOX>Bv(EzvR) ztqP5B?9=GRaLIN}Jh-!imfCvhAd6zFi4fY_O|_rd+}#-7-#TnieeHs38q?hyfrqxJ zNFpS#FWnR$t7&`*S0J5rQ_syLEx%|@EcdG>gWa5vc|_0m(eO)*T3*^{1I>iqVXO!; zkwcXb1^00Q1iuioK#9fW|4{Aum-UXxEJ3-OSEo+9rZ{}5+566js-a-8bg-SVWFUNh zo76n|bGmTP4@a3vAMfXJ|vom7eI&MG52wsb*+jx0`59 z>Pe@S#ngpN9|AapPucpXDRV=DSj}ilOzEj2+9X;Lj9`dEiTGO%WB zp^%4=DYG-izs2M7nQ72N@LNi>ZXiQwDek)cF;+;AY=*Ra0qBNt&LAEDB>Qe@Es)nR4%9v=@)4OT?*rWqIv zZ^1R`8u2lgm4>wQbXi6BAArLrUhX`TTEp+PLjXY1qr=|!UUk}hR#g4b0t$O7Cw)`( z;q~}xuAg+NhuD8}(nbBeyWvV=rrux9|tYWbVj0lKfmI`3C7?>5hyV0}v z)?sQu5Y9qFuEhh%Pl}%Wn2o3fB4L)D@AzbUa`QF&UNqb;ijuVA24!~FJ7Y;{d4q@K?~p50{=L|lrh0$D;*k~Zw=`dUNjs6^eLjrCh zHDxdd5}8XNes_FYnNc=}3=-807x;CsQ5;HClZU30=azvhX{pZ?fh`VE1!M*CkyHpo zwFmTN{JSmk5bLQ~uF<_@XxOjcKwLpMoe1;Odw zTAnjeigfNxPuCQ|F=KPCzetYS`@<*k8FhK9-(ARH$QW+f zX#EcTvFk40$WN_PD71J>C!pZ=&DGO84T}1<;MQ`k(6jO(%VSMbd6A)GI< zuG&(5bIp}Tz{#@y3~`Z}?K#rdDAIH9x_1h$tLc#E`gl!Psc>GRdh4!+G1{yBo* zUZRj7*@O+aT7J29m?1#H3)l^cRiW~f{80GNaOu)92m4M916Qp;rM7b9Z+*>ugFEpx z-}r@aS5^hGplPh5)ftX4#UWw_qO{^f!2+mgMm4xOP|^N$3P<{Q+XV?#d{f8tVX2kV zVgqrE)r1WN_gaHcCR#`v06(vLKWzbliecBwzx?H7^^*;_jxDr1OB>QTCaYw)iek3c zc1I2l7g-Npp}B0Dd(*@E0p!8dYG#{S|1c|6;8+}6)B2j#uhRZA?~}5p&k2Jnt@oDdeUXdGRl;z-f$&EIQV4r8D^XOXnIxADE;<)~Ej%mt28q{Ksk zn@@+@9!Bkf!l?gh2PfAPd2Y#o-yaRY7JYmI&I@G3DaO_m02F`o{Uzui1n7|kJU13r zYizNOG}N})vLNuVh3pToA5cXv%{Ps)h<&$Fio53(J+esZASvo;+}IK?FJN(OE`r3VQR;K1mO)Vzt~?ck~37$euB{I2!@S&+x(7V%Tt{qYv$`OD1)CJO9;)>Dqy|x93(-% z*s`oSo<}P6RuubjHucrEZ`;kW{Ep96(-g0Ey3f4x7D?V8-1xxM*|K8br3KFCD=1y9 z@iz1+*Vq+*iV_k7f(0os&vY+Z5C9RIJrAu?+hFT%gJkJo)rlh!625lpfRb(z;dv~5 zq~7woHelDpu|;zupZ}=0wP8Tmui!;c2I7xmR2}($YC(daMimNQ0{(lQi0u;)fmo%p z>L@4n6`G85b*^hdlQGlCVc>Nd$2;Lj9tOceRH!{#Ll&YHEClugXtg**xnHpvL*GMf zD&Iui5;^UxdcV<5%Y@ulnt$=|Y8sco9Mu}zSG6P$3Zt6>*MijZ3-VKb`O1#t^>X@nNz;!c{Q))wzM60EaW~TcuGhw$w8F`nr0wEy2KRZ;aY? zcTK=SLZK_H!0_FJy@^MCIBwrpxa$2Fz0UDLZUSJ3Q;!cF4x@hy6;=?X^f)q{)dIVQ>9JPd^Ib>?0l#7bj%b@C3!mTyZW+!|l} z!&eg!MnT;E3<`B(&vj}O!g*MQ5gOUL!AIzY8X$?EY!WzM{w%$(!z96*lMmAqbmyZr zRnfS!dUmHthC{k?zVooC>wMX>@}+e13z%%UM7J?CPDn2Jv;eA4Slyodl;G9wpBvt? zx4WG(cWf@%tb?_^PzJ)2$nlmQlgjqF5+syDb$Ep#)ma2joqI3Yl zaeRD!JanNuD^#oCUXz~l;Q6+I6W_$jtK8NivOszI9hpn9jN)Ei`jk*#zBVJdYv}g} z;O_p*4cPBu(Hhjr6~DTXVG--+Fz)-}Ot9Fc|ny!+! z@$LSxT`AEx3J_!qEXhNzFw^x^T$h)ShBJJosCL3;4>w|lgao@RM zL=nQFCn3yI{vm6S&b8>tmRb7#F~vD29=TWP8YS5^xP{uG=2V%{S{OM#|DBB&_G>j6 zgxzg5iw}0z`xmx0%;lX29V4w((}hFye+la*R}DJ}HD?G|&8A~k{nP2;56$Z;9eTNy z>@(yx-e?6t<``Fw@L=0bP(<8(Dp(T_>{XV zn4ZQ+uCpTUtDi}KJEo7hG?6GU97ae=J4t({QdQ-Cm#%IU0zv=*LCuZcZ1K~?rz5ci^{0QGB9{>sHb?5FoZNW3)NS~*b zYXaA=d$}-+ss7jlo14+XTGgB5I&oL0 z?Qa@80DQ3Jz4)+PK}62;Nk*Hpqe4rx^Ng4duXQ`GApqzf*g6x=sup+_1rRZ~h?|rw z_{k)%$4h777TUx{uQ2Za^xHc{15KyG3v`ODyE=^OgRVZOJb(J5 zb+wkjx<*vcDtAcHyY9N4mS5@S80UK|fFGbfv->Q_UHpGM&Y%)?4J>rU(xbBJV6b|p z-_)N()^G!?;eUJ%xv;YW-s*&13u&jpE(TH(t^B6Qqzt(&>)UONXLnmJtMtd4_tCt# z7Z=RB|07V$L1F?5rwA;crbTx!T(%V#cn()byC;6i7%#z;S;5WSj&~<*xw_bu`3BTl zY*i{$SE?a)p1cZu*TAi{cpgo-%bHMy6MO`vP>(v)`B*2etcSx|ppIMsDc z+Tz2LqyndRiOlD%)}s)zT+|960@TJu#ns*ap^Ql}XRq?!_tN_WZBeIst34(R;&y=x zf6}F~Rw>2x@R;m{fs1m+JuuxQO&ffi&-bnKbaPSOrJE*wN6|k@51PdBCBBFJ zLK^IK!HnabccU01IrTz3w>u}a<9!k=-poqxmW@CW=Bi0_<2&)lEsuc`n}pG(NCkl! zG6xQwYTbKn@ytyToL@+zyLP8n_@Q#{4f}_@4HrI(IpvGk{)!4!e@CW~qbNrrcc_6M zHrn?b)RZd`PGH*-mC--XX6BwO@UT2TMaTyLhWDw#DZkLg6EVIzYC#A@ zISDFR;7ngGwSG}|KGddGtT3o~5HA~b2$x}EEzuD#Pose(K63`t%U6o3uhj&5QBOZP zA5?&wcVZj7Y{LPS$Jpi5AgY|89cWJW{R6}RQb1L}xnnORnSyZ^bdLP5%GD*Wy%t}3 z9{h?m)qZuR_xje_G;Igp;^N|g(_OVZJK-0hMF%#5_gB|Iw)B|af*;{4kXy)*>`D;* ze1rEzSVXvq6K|nvzq)d3+G6?pfM5tzid3+_a4glu;-h_Ie!g?3$mQVp97Z|Mc+@v| z8TAcX&uL;44{|_a#Fj8R7swW!dNk0NhYoUJih$i`UvuS0T;TKYwG++e`_~+*TS_?b_&kB9olF5;uRvI-)V5WJ8m$nzT z2!ZI1nSfbz%!qBY4^jc^R1G_ee7^h^F5tV}DfTVwHQ`1rev6o2?u~}R!R;Gx3WG<1 zsO)E9>}fqw@RR?W;~A1*E2T)X#Fkf1?Vgy99)V^ zfRd1FCa>HDJ#D=3O(oS_1;kb5#|dozsNwH>Rm#PTL=$JYP=L5@4)z`g51LR$nEogF z0`^Q5pa|9T^9aTumxk%tGLYxy;4CO?cRvY7h?x`Utyx|AZfti8FhQ=3l_m{ru%QWv zeQVckD`bT{0i(cvFd_*jkqG6P&+FMI)47yuJjYh%&mYD1Q?xdaImZz>p%Z-`UHGL} zFc&sXq0>=3Rz%rF36XJ&hbmiP9XEb#LJZ0^9)0{|h}fk7*u_Mytq!euE+oWqf1W_? zV@%|dP;vY8zY}Y5z{Nm&rfC*UO$Vk{q8{OiXz2!zvwMphwO@~@!}R~$!|X$S0CwUd zrr)`Zcd_sfLQ}A8)qT}VQ;Qzk3H|@E_TKSS_xy*(>$&~m}gxj;^ zfs?e)H`5~|9s({=`E}(e+Nl9B!G{okA7`xRTpWe}7X~E%P&|}MF^tf_jGB17_GF$x z=pcdZlPJGH#(b}za-^&aZnE$1hn+7U-PO68omw&b||p!T4Oh+{vU z`cz5!w)U6r`vR&Tnh*c@b;xMN%R8y@6=X~d=bz2jw{(+0W1Azfx+FsOC4$rsLUA}j z6o<2ZvnmnF1HMjfwSGp_S?{3VphnPFF0kQQp(~pZ!nOkiajD!DLe%*R;>Y^Bq$=nU=#<*@RCk9YSA4UEljY15CD8L*4dU|7~ z^76dxS4MO>fK$e-#AMw|Dxv@nnuG6_;KNPufg)2zAFA4u%79Mt``#xf)RunZ zQST+R*d8V{YDI#&P2+!wjyPo-p>#PXdCM0_Jtu7$|LR6d33yybbH*R-=>MVfJj`vA zV`ua4HsefC<9&k}#}Q2z16th7$}15)!tHAuf4_Y#my!uap=kQtsEfJQx+6CVDp>9* zWQBOS6`XGfr~3qX-I-nUQx&q%l5RBD;kGcBbeFDIj-d&qDHJbHM;kkB4~08|}snyHGY z`Ua@G|M5GPGml85JP82$Q(1p6nPW-V|I>|L7dSO&VqENo_Kj!=hl-84o#xYe!(<(N z%=5U4m~e+2se-V|BMHQ|Zwc!E80-8*ZsqTWCq{Ht1nT8@u;1ztGV%G(dW!kdx}3Ei zZ95piz;{F_>Lfbd%d5?8Dwn;Sph|TgTxG_wZM!g96&xB!h;D<2{!=UIzx_xF_hf9o z?7xUklWZGE-Ute^6vi&Mt3^i@&`)hh7rsg!Mrh5@0mahsgbOWf3A(dQ?eZ*=r)p3+ zt7i3OJ3Y3GAKE%&UaAypx7ZE*N+__McpY)Vscr?*QYRRTk}_QJ%L2`_i?qNK)ar{B z!q38m4iwhotQy_;1$AAUS0}G^kbkND~s-n2|!j+dmPKVl6bi%U+dlK^PNAlsy zl}{^+S7>6~gdZPLlF4_t#y>NJmt9_(WSt!T&Nv-fj}y{$-Osq$JJ*Qphc+q`vM0m*=s;g(3Q2F;zV|u6*1)a;7NAAAq{}3*Vi%fj+t%!7Q2BZ%BH4Ti23doPGw}WQQ$133A=rzv2=)4OS?FIL<>Z zi|mYDaIw;fL^WPy_GbixA|SjVzV8amp|RLmdEWblg;M=y2yt26w2W;1e1BQu`Sgeb zTp3e6h!W;GDp60xzgdIHX7S|9V^X*j;q&VZZuG$$1S&o33sky4o4lsoWjX||TKV+M zhib+Xvg057j~W<$dl9`Kg$U9YhW_d2|<+w7z)2fD5iuadb+yQ(+ zTXy}*0u^Wx;w>4m;xo#sD|qN~S(rKr_0REgLn;prK!clrQF5^dRNh`nRzApBBKsY# zQ6yWnj(Vv9HzQ=YAd;Lzo2gJjcNe-2^w|YoWU^<#CB>`E3O@Sd$XOt-uDq zU(ni*t$OosQH7pU#2pwuULH-f;xjPtPp{jvq}YsXBr1wM)t5*&*OWfAL6X~13Dk?iYW1ak0+Gk z^iZpGXB?{_rsbTdtqH#zi|}Izxqm7Tst@*Cp5X_s$@N%<60`G=o$ZKTZYGO8){nyispne1h~t-ZHP zZ}r9$I*uJV_dFvv;ets2ZhpdnuE$=D;Kx>-DDfSJqocnK?R;CQ?4ky2i93Yl(>aF- zY6z}8d-pyv0j2ci!J~-KIoXJ61m3}=hPUsEDIj}10%{6Q6x~eWAnpT=Le!q5{nC)t z-KBw|F14C|Dc_VxJLkeD!#U-&i5SaiargRfmogV3q27zZtvY3@5r^6>HRS^%P!dE<*CFr;iWac==K#{vnCqKPF~KRb0v`)|o7d)j8AQ z%_G(lGR=zO2TAL!mD&6CSC!c41*n&8r4jxJwY7t7s&da(=Br!sx7w8rK^8qkubR5) z?lb6CN-25Hg6&*wxA#~{^}tW~9rGyk5pT$T2@TNS`)hx?|GNj5NwgAN`nAEx3Yi0T zz-?<+%)CL@uG!c%vm(zq!&y_(kcOKRx4QTjvR9;!@=qd=r}4yefCg;&nN;&3-qkMwGb*uEW* zo3VXf4}A}Ze5iIlfPgnLKhK(K#1h-S<2Df8N+WJiSzV4yh9|(W(BTt|Oa`cXhV0<( z%gM@(U&90;w;KrM1Ot;*Vuy@oq*svH$+fTmykv;lY|*_0Ggugk$u7=~>NC2_qk~<> z@}$oOG4D;jr*uGJwt5Drz5nbtgZF`tTX|GMf-uXcp(d^{aMyeaDhU#?8w?@T$eTBx z61DHYZ$eXI4wbzHbN9VSDL$6dNjxuMNF<)Fjgy7}dRO88yyk*XioNujtM=UYM*jqG zkf6xKfLNLgknw*^74qI7DOA{F{OJNZz)r$6Ply4WsQ?GbJIN1%Kd`Q70ix6Eh2Beh%MAG zB37A%>hQ&}B-IkHHoKOlg7ybF;#W{%W=fgsGR%%ibq$kTVp|MS8jGIRIc8wnFf+ZOIQCm;Z_$YI#T<`dsm+9 zu$Cq5cb6zQSE8dW$8+QhAB0k}WcRC~nhknwf+|l9L>3kVZcx*7m3Dq5a%aO{2sr5?Gn>CLi)rLs|f7My;T^QLX>2vrkCNryRiSMrneVeC%1ZC zpl2wUUi_-jMM!}3!rxQ&fhY)92$qs#-oh~IyumqaG2D%6k{CE3>^rn`vP0u zmQ@iH>y=PZdI1Uh@5+QAgeE6uSp^xnEJv^Zm?D&+$o5rTiaTr9Tx1+{0h+v^%xEua z5i8M~dj3ht5ZVz?fBhX6aa6JyF65yFGKQ-nfH8F9=lcUZ3SdRq{_H~y?cgj-7be4y zh2dt%M#I=Yw>s#($eU@@{FRiZJ&i}E>dr$Q4|F74WWd_N+td-Yys*0R*au6!TIFM) z#?21F|Mz6L&u88jzCrPRxx{KMmRINF8qs4z&2WIHZvmIcXUy8l*jhf$htETwJSa}m-WPoz)UQjzFs~Uu#p9$ zg0hx2Tf4*GAuzM+S6dsJCYJ*fK5{U`RcJom4Hy{`@w9*v2DrqC!EBJohcD6JUCJ<# z<_;(Q&2EY)!cZ-480A-)nCFKk(m?Ru6a8BW16>46M_~>dOm*vKh7mAVy>^jfF|I3V zPwq4{#$z9miZjwm()V(d2!0tW;o{xZww;02jsI4&6eiK!(1588*LLL1H390o+AO|N zGe3^J8Mw*!(w;CIBt<1AlsM}1$Ymqgq5#caHM;jdS(1Jhg7&c}q}j}STUmn%{5 z#M;7myB*rHJJ5vFeK6u>o5iJlfQDy)+1l*WC*k>Xr?Bq(Y7d-&iB+7U#PeI%9!`OA zV=5!IOmGbKFl*j4F6ZJc5?_wf-*@bX!AzXQFzgchFa%Adp@cazx8yEvgJrkDV3*Cu z&fkG$Z!3b+KzP{Nzcf|1Kw^hfjFQ{Z;9}=?_Ze09qYaY{MWC$D=xruy{ zz^it@`|?oRi7rJ%j5>O5@W|^WAw3iPe(m<3gb6*|{57A6s(;xh?ZH$=zmRZXC=d6T z?OT?6Gg-;8nFC)+AuobMH0-`4RkBsm;oDt3Xx~Y|ci1)Qa!4*VW2ih}s3>K5dHD#j z%_S1D1-?}hba1EI#;NEB<3bx^&C$rC9vF=|Ih3>=4WOchX*qtcC4j!}N5eFs^aOc? zNm0NgTP4gE^u)Trv``n9u^xnZn4PJ1H_An6=Mg+-LsimKAh@qE9_Z@Q2$}?{40uY8 zR1yX}h3|x^-V3df@IVqgpe&YP3G-rcMM29aaYdagY7ZzpaLd}~8&ms@w@ll3_LapJ z>DgDy>DiCu> ztW1Fb?Ob-C*{ddiuB_CHXnNB#n2&TZSNb|4D;P(%`mi;Nm&Z~`;oi1|?AC{q^9^$V z$zVDY`xE7FRf^^%Rg z#!cz?n$S@)$*C~R=IHr{n9YpZwig{cT|5qIId=Pe?!e7gdq}$eSXtulF7+bS0}G>j zyt`b_*7jK8{8tQ{d+%2(T2fNdc8h*A>@4Ce0Z}amFyXBZ*e}F(aR(Ax?}2CxrjH*0 zgw(<8yMft*QE>iuVbIb0ehV1P?DZTVt{YJjM-VgK7p%=a=Y=4KnR%z18P3e8myUZ& zdTXFL>4#wqM4Cw*=8iWKdA8*ta=muC>Uz&xvu#TB$jpqvGk zio+jAl=B)8)!cZnkjhKbeq?inpiZHGiMJYF`!qjVl`{h-RjHl-I0lsESqf^Q+~y>b z@@qQT!lKxL30Tv z8^Zj}kKRbD{Qc|jEHeOl_NxTiGo+VE(Z7oEo)Jlxnp)uRk1&_9r?vHX^p|n(;|`t8 zfDc6-n0%UR!v)9C!pn(iX>&71_;7-CI;tY!9TPZU6PvlnNI-bSVl&suXRdPGcVFwy zqPbg|CH5|H6uiC?D+(1&pLO-eZQ>#m?WY<5fD>85UtE7Wl(!X^=)U?Gn;PmjqpGtQ zICRf-Mq6+Bl^|xQybu35qu0;lFtufb+I0>_ghi|a0eZ`dh8}5$o%v{%G@1U6{{0wg z&wH=DO<@jg2#C)|`Zn9)KQ!QgHC8Bz(0d1Azy4oAdaTaXTiQ#6Fcc5xbMUw@FuW%= z6a<1ScPRS1^dOudY4AhOZVC~*Z|Vp~AafI|TjUXr&I69><%~gdW8Hw{CC$W;z~BNs zq$C{a19I5EXbuLH;pOewMiKBl|gORX<%2hbC8+txeHsswTz`1i3&g_7}|9|21MsV8JG9x%k z0M5>~dkD^x0B6k^V}zR}fYaSZ3~6QxfK!Sw(u;`LgX^teO%}G9ILcC5Q(ndL$*r?3-SLl$q%g^sP11ob{UnPjU+)K^)8b-uF=QIhD zN_0f$WfYN@5gDGd+TcGk5Nu|BBpiWA*tVG&O=9x^W#FN72yqV$KtiK!k7lkG>b z&U%0NzKJ)`uvBPdFm{<_neWuHgnaicBML|Mf}z~9VbbW4h1*X%9Qy>*4*OylrD6)) z?rM#H(;EqptRMN62J()`OORmX<{4G?`n@2~Y0D~4UYpaHL4vrHZd#lLfv$KK*y*AT z8gfes6J*f2QigyKHL7ouLKHb!E=b_r%UeE%@z|xJnR2cmjf;!E&Km}l)8*W=pbV7{ z^!ri3h~5Mn3+tY;uV)UR#9k2rLoyGJi^xj=pbQLmf$w3#8zV=DS=xE>V{Cv^MC=!$ zY9DX9TXDI?{JguI-W2GKHeC$;5eaNQNv9y7?q-2!5dkHd_ z=yQ+XSptL$s}K&%wZiDs6W*nDm_!h?`_Ld}K=~t(`u?8?r#*fQ_7(h}_XQ^+17m;V z)3TB1O$X7No0}K;B{N)8Iue=7GhihE!phQko0=6rw6a+P{F=#fc=K?zcW0^(^r|o)Pj%_Lb ziNP5Ml*a~iS65&#-^_Y$3j1X9FXU>EjhsTzsOhX)Wr_zd(*%)H$4C$<@+F<}uvbQs z<*sK``$Ez2mI{KW;zxMsZ=T9u2`okvJfGhakCQ;niNE9NY7Wd61S#c-MZz~$ELjnM;gc%s|DUD zF-Zcj9Ua*^ju4v*N2htPi6D+I0SPey&*ck;(nkhcyoHM#D~8A$@A=(LU#atN%0s&*tKucFpUR*J=GZOt!)toN(N#VB zMSIc{_PWd&_m|E7SAGkG>7jAGh>hs`Rj^gIhkl8ozsLKAqr8|l;a3EX+Mhvs@-~Ra zcb$88B3RA>EC#Ce$m76)G{Q?<+Km8*(aNh2PxD;C*`({Ir7Oks5l3|90nm9S-AGUrcpq%oN$ zc~T%o0z5G_{bxRB!+tn3U^=ik75eLc3DI^Co|f@iV7wEP$ijr`zSwKT)mOf;WuO_S zb+GGevvLivkckG&+-@gcMBEAEv4gL6DkFjW0zh1Sc!~Z9K99q{G4T?DOM=!@2l!3T zWT=ufj;>?+M_SM|BHJcqzJ0(i*ETsbcjdM1k?8Z&A;?FDRr#o%)wUZjeYupwe43}% z8KIgRSgVh4svBmlWBa?B&15=?VU=^5Kx^%o2IS0ubyFKs=!Rry4tP5S9?8f?Qvxk; z&}nfSXN>}I)?(7N)MT=MC%n2J8NEN}mi77;@&;PV@dmkm@lp{1D{df822G2+vVZFR z94e`A$X?HBDW1JDz+tT=dXyd16nADILI1>{Df31&4q5>DG-#{o&2<6@^&M zv>2HT{fhLemesAmXu{cYtz3j)$Usws<-{LCrloZ~LgppC8s7TitJ4!F>7-&*y#`d^ z^I7L0gp}BP56x|s1nDQKuYoMq!vODL)0{YDj|9PHgPuGl@PaYrM`pTB2n%Z#!MB&C zb#zp$%WW^Ch7gcC0AxppmQH~4VR2QC4* z<>lo?2=`dF=RY*tp)xf!rRV7A*lfqhz;J59F28duk4YG4JmwTZ?5ds(!zYfPxXWJ@ zjyEZE+=Tvz!b@keoT#7uinfd=HVXNk#=4OR_RA1HOZG`cZm2l0S(KX{@>G>UA0#v6 zNCIG!z@ARC4M|8f1fZKfw-16`z-oXVNp+7`N$sXcvb#_O1acc>?Ymlv%kVi)Az)sO z5B0LJ>Io3cyWA8J8ZUuhUVS)1zH}VroRDIv8eP&lVgJGEvE(2KT$&2{{vVgAJ@|aF z4vQKt%_UTOw_EkkPDZ6K#$lF!jtg43+dPSUN~Mb{V=U9`oP1oR*taqp&+lX9`ja(M zR~LFiyFchGwq!tUVbwx~Vt)z#2V*((w(TURpeXlY)L~kldD^k#thBUCM<)$zJ5iRP zgBz3&Uw-_K zfl;QmGy18*-YYmSX>a(%-=mQ5^52ceGhkY2i8iO%gn)>%9tYxRob&P7OBY(!GW}jm zY;LD_bO3Qpdog)aG-IRoM09!A3#$C0_`adEg3op!FxM&bJ_18F8E zrhX?60@d-YQk@b|-H^H5u+jkxyX*Md4Ctn@{;XQk!c64$X@BUki}@0WWgcSr=k8)sSyQ3Xw0^W z4z}u8C+SW^YG;7d^qYR9HjjHdy2J^b9>(E+;wmuLBK0~xbt zI0k_h(_AJ$ag}#=I-9*&94!zle;V-CUQkf5yOLu**qFM9mt4x@*CE}_V=iMZ<-^0~ zxRK8J$g1>Q^X9s5Q2@6m_94NWOsjf5U)vM*@_T`~J8$Z*a*p|PxQV8c4x)Y@7DKsz zi$mUj4Fnh8CXtQw3wRc_5k-+mzq|(hlILQI^otG1E)f?oq&vrqkq80<;lf`G zg#AU~)R=SW#yn^z)PNOVzC>^zNd`cCPdmTRM<|3~gns``7DUET@BzZZSDZj=NiZLz z3SsLK$sKF79-i%_EtjR|;LT|v}usY@DXpf~bsWjA%S&6(WXXc8=x`r5!1@Gc#tI{zf6T@>R8X8+&^$f8npgR-1$575s*zA|&L0*8-%M zNa8COJ2~vfI@_4W5qQ&Uf8l>`9Xin&;RQt{B2spjtWZdJ*1hn{lC4hazD5Avx; z6M4CBA+YM4Qilex=k5%b>Nvf*j)5xmv=$L&P=+6WXn~amFgE}tn7XARJZXXWON+Ea z=CJZ15Pvh-qCkK*z$M7DZ_Go)2y>d8t57jA?^f}%OupF zho#;CEo&_)(jb`!zGRZE3<}KLmIVPxcvw;A%0MT@lW-k7Mv$q%fcC5V_HAUYR`S#8+6M9G3-Ok#P;qfUEC?h z`OmuSRn7K;D{?56fKLc=KZZ}otW4>_EeGALoy+!bCSE)(%Zy$cJ|c3omU&N+^^enz zO=6wu$>b>760^p`-%Kat(gYi`6~gdp8c&I9?CdHfL2FA9oUVM1AB_N~7-HJL%Qbtz zNWo)KdVtv!V9q|$ip=6>ps8VvK`a7a23vKyfwltS3PJ|K7hXQ&sUP=FY>7pwgnght zA6$EM3XYZ@#NzE_Hh&~7LH6wpQ#lv{OI?JeRv%W`eFZngGv3B>7sYV+cD1lxEuJXQ zv+V42aEp?&D$Eqbrj-X3&1QE;*i;Rq2n!1{rmei=Dtq_tbYC=MI<#PNx-JMt6A}q!5FtO+J+E1^ z)Y{G1ITe**^!ahrkToelJ-Dsk$g}T;P%2U+25gHVFgZS(nMhkYVHg~Ol2tQ$G2W65 ze1+}f-Otw0l6VHZ%k}D!M994;k0>I`>;WM8Qx=c^DH_b}XEgqZC?U?dH}CPmCkRi&LEWw}R1o^6Q5mj3orvWqQq-0qh9b4uz?BEw*XkuLq%DT+x=OvqIXvbZ%KhAznjo*sD!MZKvq_s# zXSOcXm$7)El;fCWNnP!sP{8C2U{W=ASjrQNS;ORROB%rBPQawO z=Fk-&uta4DC0CkV2bc|kfnQssdLz;XSMlP(^a>;^Q$Zu=WYZ#b12+GK9Ttkn@q7R} z=2Lb`@J$+w$*uMmu+lk*vF__UMS+mI7li6o`=`k3assM#rD8*J<1XO$>~{+=rZxd0 zRXt5Vy(e2ZT52=eT|)bz#7_H3XUSq@oRid^Wd4A}}y8;&szZH14!x zl}*%kota8iUnxIYpP=RCF~7OxI({Fx)gUGR02T0649}`6mcmTNC1*AiSvKRvtkfuG`XVE96PrkwsSyi3np(+X?3( z%}y4b3YN~ zx77*~Gs;gQBWa|hq$2T7EBq_3S3I#CE(QldAM>x~1wA|fDj;!<-P?d8ZT-Qk2eOHImvjPz_tjJr zM^X9B`Zh}l`!p9tLkMGx-|m@L?W-dK6H0o9lXvy3f1XYf3eO+tdh4wRS9gQ^@Fr>7 zFtX3nR{i8>OJ9Q00_;&3f%4c|{?oBw2keLkc?;`QY=6;$$H4FicT*CACBq?4C+EPK zwgkfJB}X!n>^uPIBl)C<0Nr(f?#)6h$_G7%0NbU35K$zoLP1y&9*!x5VB4>eHs)OH zPEzr{gcA0v91Ay|K$@!TP8e4K36q+QJ(J{EgP!4{Sy>HEHb4IZ!9!GB4X=${I^!OK zxhn>15)>VBg!1$CIZ(_7qz7+HKRv=Llo!;?TS~zu41ot;o5Vr90~=!x(nBnd21ySP zo*$pxMRo&9L07xwR-LOI44?$@GgmK)I732`-As~#)Vr;$u za5ezkl4t>GzzQTisLkikZc5%oFy)V|;3D^aC8?rT1N1{smp!H9IEf+L0k03go?7D~t9s8~Q2tUdfu16yU-uH%QSXB0IM zXxYcmxU#S1`8h2l^B;5H1}M)1`L8~lPe1P7xaooH z1BN4|f@|r`_*J?)Fd28Oh!vqXYt=KTOI3k9r`%?oo}tp@ECQwlmK<45LOD@6K-`O- z5k$9Hu;rE|B?&}b;J?d#YDJ-o5&HXrBmJ35$d&JeEq6Yk9%1UKLlH}bnsig&N@WF^A;a{#{XJvZ_{gF&8tWPL7vLz-iRJ1r|Fxa7CdHFO z{`ioU11$L*mb^3)k&iZ)0-I~>97XhU8G>3ZB6f&g)PY`7O4`v`6?jH`Dk`r+*?3dH zo>1DW)a2@ain;!m0By+5ad#D!Dz}4Mc)_O-6x>eBF1n*J@SZQ|wC9eygy6F%5g0%! zZXCoxXB=s#0`)QmYA_ImiG^hgWY#0o1&ey5Lu>dDuCA_9eV9<^b>L^+Qo4gf!nw$x zxB28-u^B@KYgaacy41Rk@HB=dK8NqQVjYhQq;=u5~4%XJNxiQf+*gw>seANT;uvXS; zWk9}AkdHT%oWy%_sHh~FS-}7FfF(0IlKK!?GBO~G{*sxIN0tl^Fv6q!MsVhch(&%v z;S&5t2pMSL=lae5;`yyFj@-W45i?Zv>GJ$$US8f?^Yio8c-+JhI2>d&S9KOklz5A7 z1*}p=>~I{O_&`Yem$hkq&$^}rVD{Tv#{ z|A{HiX@Q*Tzygh8V|D}G(HB}E!rTU_jR$AN4#3wJz{_8tZW+I^&}>a=jy`c35b^A; z(sB4t7T_Zq;nG<|!C)2cYdK+rR?>r&2oGaB$qJ)q?$({!yd~nq^&cU`H5H1v0sQ&g zZy$1_SOZ!9))UUtCb(rOIv)e+AbUtN>JBxgiWz|=H^dvtQQ?7&QTvRTl5BE&zYt`* ztHzkE_rQmDjF*2VpRhn->szp&vad?Wi(~;+PV=KR9A4NA6m;upf-T_h7*G()yIiCo zH8?qqHEIl{5e01mxkXY>{&+ zpqjyisQocmS9`jaQnslC9N4D_Iej%X%FN8nZiv^!G7a1Jk9S+oeph4Kwd+FvJ{gd# zL|%``;7nVbqICsDTjqN(W2Iv|FA`+Ot#droR8hX$2kf%; za5RXIzZ6V0jKq5UJ^i znV-FqO#&HKAn>Y1Jot5GaMik4r!?4+H8qOHI2(S_m|q`E#eOU^0sg7A6{UtrjF9c{ zy&zc9V91!u^!XL#}e!@XcFmNM(;XK3{)*c2=*Z8lV zt~O(w70B)Th@2inIxGmelfPrmf5}4sk<?p5XnNBa+O3NXpBkRQ4c+WSt*xC57OY^N#Q!)k$ zQO3@I?&XS@zTn{CjH_S6t5lEToxnl_HyXF3qca)Dc)003s0aO#!2ECqH49XpX-hEz zMT9vd?ulU*W^945^+y1rjMHHhN-+n@&q=jA0#GQ!dpy6gPXI)(A(Yab)A$w%OdklP z{K;!geLSG5v2+QkPJQreU)i2wL#zt{ljjZm4aoO`xaw9}u6ksAWx;W*KAgZf?%q4V zX`Nj9!?UkqcTGi2pFYm!D1AOoLzF0-&Fje~%lu!XL6_)M-}oFQeRI;BbGMPf7B?Y z6V9|uFGnOO03^tq>Vs5aHduxEMYKp2R>H=NvKY|OHv$g~&5G^2$cIF*1TttBmq+5 z0b>E)F#%(;ei+7***)}`rH2bq13+a#EdTcTE7>R@d!bz!()a3HaJ!BF=BSaq2Jxky(+~?g zQUr4&G2%Np9M4CvB@LTZ{E*vnjO50Fa20M8@;Q&J`PO*M^*L!fc!nk5dQrZTxl`)rX6ieg`d^Lb zrH`h?Ot+Na2!p6*r}?JsB6x_F82-aNTA*mlp?W%z#iM zHT)W&j`#tI`}Z)z)*VPLzlTr%JgkVg?EwIGK1Z$=_Gtnd=U4{`%9e1R2jg(@h5 zgom+XU=276+eo`?dQ3ZMo__OT0=Kp8RX*3{u~Aw&N#~fl$>>ZA8(b1c^VY^x<}_Q5 zfbEGgR|dxW+(&m~79dwB3LlGXnU#S`PN?D){U!f05-J19@HK)-_6HvWG_^oNCK|Ey zKtlWWL(IoCR38YG9%@f-zu372*{hd;-qs%ewE1ILkH(8D@bGDHcb=J)f7&y>H_bf} z`6o%RlCo$#vP|B=NW%9olrSC8ZY*J9SUW=BVcTRcuyn2Q!BurwB#80MgaAk??d+;+px{#!o;D%B38Gr(2ke&=zk1JWk#r zi2lz3JkRf5WB_>f06f9M=bRAffU)xX;q3s=`Mqo?EhGdsL-^b19JZD9RSbhh0<$rE zCRdD@WC>+BJRYkcE|nqabi>^lSA`nhVT^4`x>1mY7ORfi{F&~ushnv$?Eu)MCw3Q{ z?LEoFJ#@sRF;o3-{UP%8N}IPQC{-4Z}_ z@&xE)?O}b83$J_+BG)V!;fCdH5wk-966kioW6l%}$Z)#~a#L{B9xXlyi_g#|NB;|# z5Mo=|MC~zJlC%?v+Xtm-W8&M2^UV}a2ne=@zHUlq-mE$rL5*}e|ByPN6yrB94r~Vg z*Qr*%;E6pzvV5QG;aO2~z_%&L8zJvjR00zQd%D0ffb!dk>frxVTZ#cJh5(DewdV#% z6kH+}*?!F+1abREII<#|AKK};?FdQ`pdaHORw0e#jQ*#?9{C`A0KmUj6G3i^+9R#1 zu@XLW?tB;P+)9vjYkMcvA|0FN;M7}h@zcuH4xW_0d0I?9d<+@fUBuYW~Pon0E{C|JEB-~MDG zOWd8(>t0_C7l`{H5ceON`9P5)+3ai}hLEz~Ys__JB4bD_=oVrI<>qQJE7|W(wRzpo zrlKzox}%hWCpH{V@wGTflpW~k=YWq4$k?P(gGD+&sMsBda5vQ#zaVF6mUPR2;N|gy z*akZTNW-)A8B{It64(wB1^=TwR=HJ^gCVW4X%G7q37hf z`oCy>FBtn&Mc+TLrN)h&gRfk76OP~>{Yriyl`kvhTt^bErF zs<)vmdzJqRk?rhZdn`&>K~!v=;{PwY;`u>Nx|2;w>0AzZYU-pnt(E8N*GQYNH2 zc5aD#5Yn7PUMzqM2$#xSDkbV)HL7o*G=P@akQU+sXarCmGP46r^?>ntV4dKQYx zwt#ik(s;cONh=Qk%41jRDNpPaP*eDr*A^rgUV9Qp9du9_L2G~qbIjPP?-&`ir#!)q zgK8K_t@>wI#o+kJ7Qg{qxP1*m%j+pkAqGAs%0G-C@Pfht?d@)Aj&|Q;$J>L^T2N&J;v4AhV zZ)`|@2|>XZ%PR|n;XuGq-qnQ+YY|}wbPgl%GPn*?$RCe@(zkzT?!vl~#XVHcdF0*32f*LL6tbGU=r9Gm<;&auMhkCp96Zh9Ui*__Qi`>vig7fQU8@CYc;KC zF#TUYqp~#4aZ)HZJP+LRABr&mj6W*)^miP=i>yV8u5DrJ3j1pTo5wH-Djz|XVT~zD zzt}CZp{Qm&oZdB2VPMCY2Eb0kh=U`55CUo{exMB*KPn*ORdPGK0a&oVBa;4Qf7>>x za4?KQum)|@IvM2V>HjJ>|EP36y2TL_@am8$5|jBP|#U7#K0JFFDd2x{vJ(!n1 zd`ZFR!@Nt@wT-W6kVla^YmN3r-w#A>+t-8Ygy>Iz#C6<*PUK%$poG9g6p$RS;w5aA z^1tF(Rc#=utLB;=P?d)AL6Bng*(h2w369~awS+=n_{2YYAF9u$$o;MbfIbLKuDvzK z!40w)dNYNPg=pZVa1J`<8(@Bm*f)eN90cmc2&E#*^M}rh#64=Ckx;b(q3Yz#hJ@-) zFk1Yt97ZwZFM#-78haE`Rfg~c&&_OJv~OFooFU#HTZf&QG1YK>-lKg9pPNCG@OOoyOTq@n6l z2&Y^jC? zC@EY;40%lpAcGewuN{TO=pDm7BPP!MCeR5|Ar1zvi*Tm=T=ZU$D&j(wwO~)Lb#GYuzS~$Z5gt1Z}=~xMRxXdy#|a1-U@K zq)!$N7KSLc^+&=e2??+@(oEij$L5&o4I%qQ0f=|K<$5iLIgMM|JrdACse2vom1eEh znw_^sE-ED+I)lcK{YL-a?5h7LA9O%I^fo9YAoo!l;OD!x_?#DLp|V{GoQqV(aqs3v z3<(h&x+0{#Le|^p1Hq!OKY~RqAsiN>W;t{zgnT_QoY242+{c(Z_mJEr2SOw5&q2&V z4tAyY0Z|fS5;ov7b`%z+Pn7C<|8#8B+~#Y8*x>gncKC_&{vFWs&x7w>OagE0(WFKM zIs+;kvBk`Ldt~|CgLOWni6UA`1{bV>wH5Ka2>6b>3I;ErMWGBp*~**(K9Hr3t;)(< ztU}SPNfL{XLB}Ir;kS1o51IZ1Xxwr0jiJ?@q+m{*#eOW3R%!cBJ<}VS?i98VK8A0u z_QTauZ-SU|M$$dV5iXKFUXGcqyEBmiy>pB75vaa{%o!+N;$a>^N=41;Zk`+CVBd@u z=vOH%@%UXtt_I8}P6xmKwW*A=iLPEUXT|!B@t7@lF{8)aFo^g0?nGpJbBz&MaO6({A zx&RVrA=U(HJqVbNm{`NKSN!}%Y8gKA0||H@NnWjpBuD1uh#OoD=!Bd%*^fCL8}1N0 zj2Se_MJDX^#4+dcan^F_bukR%HkA84pBzp9hEx#H z&BaG4b`ZHoTW|j{3o3-j>lA@?u{fJ6s|MRNxZlpTHx7HzQ+v+t0Nim(dHr&aX`N>@ z_xL1QZYhQu$``<%T`<13AHI+URqR;-+@OkE@!{V3%I{Ez@t z%z9!eWmouuF;ugwW@9d}KI&R=d;uaeY70Ux_DUXIBEw3ZM6uJ-r*A<)7UOzR4B}Mx z5EtkG_ws9`0V5N6K^<4-QWQJ)Kr#GdIMtD59Pu4A1^Gf#-x2|)2;qiH|a1QsDv<>J`fgzapV2B~PO#e4S z%u9WKDs=BnP0MXw+y~xAJ zz0BL()mIrtD35BS5_dB(Cf?(%v7&~$V@v%>CJoN)VWjUr4rgok zv*bJxovrzP0Qd)sV(u%oxQe_>pTC9(;PRq>G$KM|2W1Mz*cm(txHzj_O8*;szjwHA zUj{C;JKzB$MlrkXes2Ty&Eq(cSc+3g|FFS-|1YmwWDF~D#AiM&lOEqJB%f5f1tMn_ zW;+N?X8->1e*^vgL+sJ4JjcUq$OmR`^}sPFXy5~8q1!Zi(q);%{W+Z{ zs{i=g9{%AM6CYsfRFh08kcsPu>fM11TT0ubiSuA281r7w>#h!%W18Nj>CiyPO|BQW z@WnqQ`uaZ(^)p?sAe;p32JEhdvvBY|v#K*Tv{)Mna7jBy13}xY_suM9mo0+dgO4dK z&sm!4*e>K0t{((=*ohJ%;?f+Egg(;sB98OASA||RBtve!w3oM+xB2`} zw#T@GkHEv)&^EkgVHfRDI${Sm@*1{>5DWrFcq2&U3}O&swYCZR<*@Bf52`0~mh!Bi)=#^OOh+Ovx#*lllS`{yb zXunwPU1hP)LC){SfS*=^PrI9H5Q)!V7uW+6OlWe9lyhFS-xYqgkRfNjg_2UpeTT=+k_H_=sX#?Mc zrc6eHfAKj@!dQ8&Q$~aD7j8pqz{BUHf!x;mc17t+2a*ur@-Q18^b z_fGiWv@8;A=QRk?#C5-lycWhMhv zcB1XInL?j`(w&JTLV0&r{kM&LeIGXn)SGfj0vq`>wu2C<>GN#TD%v~dEy}i$ml2Qx z43HrB*(=JjkrzSmedy~gkCKj}rjx_$WOtiXd?IOm;?@!R#=EqBaUYD!alJHpt<9|E zvlE$RJ$c4{wcW8ex_DG-yRj3YB*(f?ZtR_7oYuJh2}1T)lTNacdAaTDOD2*fsp@7H zlmn(2I$MxeA+*trpgLFL8k)DQC{Mrcmt%@Z<}lNz-~4Q)^P^yQdbXo%Q=jGLP>Geo z@xl>Jnf9>*>tAb4awO^iYYg5U*@!TLYZITZ)>^oaNp;^zxR)Yh^jUqVT$Zny-CoCb zG`aD*;0B;t-HGyEpjV+Z6%;X8|I6dlU;s>YcFbd+ghdVoRD}n3kH_&Bm(uqan`jU! zJ~ndNOFNGc<*#O?H?W6{l+q{fEVB&du3487j^*BaV=DfWm7n>jLv?Ss$GfPZQ2WN9%4dXAfzrPX zd8YLJ>Rq@tSKP2_F*AF(dvc$POP<~$PQ5!pccScwsCfNn3qo*eLz{uTA+={3W#j9O z0kFl(3WHO_wW*FJZTd;0s>2es5|K(M!ra(85arGUsS$ z#Wy}UlsAnnx!bYws?YBajo{F^-s}VWcxX=r-P2jDrGzNX`q|GG+3bwx_#gqa-b00( z^F+tu8qk9 z>#JbKO6*=Yemt>WBbcP8jAlqd)@<+I7iLtXv`s0v!=VaLoH z*l{B?y+ksW@bmIU?3&fWFC-;IiHhKyCg%LjjE#-U$H%Q3kJG9al@8-i;p#mK1bOk_ zu1q95?ApadX|*!padGB&qm>tSg8c*(@{0`Aovg0l?6(_gv?D(S#onE)yLM^WGfmgU z)*R-vIlX>LLqJzUc|eO4l)bGNe#3(qw&OMvL;7!~U{X;T+}|!*A_?6Ujz8|~?T#H- z>aOLYyTvujL8HKaVh1f$S^C}k>YJB0Z>_JlTb31NUQ1<2NJU?cO8%||@b-oVMs9O0 zv2DlGbhjUm&XzQ9F60Z0E)t0-FjD&d+Q<#HpuoWLQB>f~xUx7v8XMq7eN*RrE8#}S zb#J|g2Z(>|Qh@a_V~xI-e%I8GrXLx7aJ%Bs>G`){@N~M3*JjMca+S?3fB4z`{Y%^V zq}bT*hb8R0miu&bpVZYtzB;e8tc|W?Z(rZae9?`O@NVnnoXm2YYB8}3=AA567-JhI zcJ@(fFLqYeA?llazNZ*%aUXIOn+*@(*1s=!^5wt z1TqCNxZjw>5SuT${!!rM9m_og}n?o5jtvysXcV?8rQEgZfN`T zAF*JVQHS?auJ0sZaj2gP@Q#Lye-Iy)JyeinX2&htzFB(eQl{PM%pCzOKYPs@eS?Fu zEfQ|H0~E@8j)=LW2vRy<1f5_H0Ws@6JYGPl`gV+UU>9Su#S0A>DzQ@oHt z+W;+b?g62;ceRswooD9Nv5CPCQw^Qiz8D1s1;3T$yAs_)oo%e_Za={`##?>jeG%g+#u6_D$($V>zti{QG+q#L{Qr}}S3Jc2zxJ*(tjTO!M+8OD z0i+u#iUW=y#YQI?5f}u)f}m6nFybghiAod@GL9n%Nd^%SDTyK?Fu-6ydO(FBA|wn_ z1OiIv)es<|B)R*Go^$W7d%m3e_xfudpZUz%tL?SkRW?^6An>~8wbk&M6mJK;fL(dmN&?=$>e{3Izj&BrIH$k-h3RZHUf=Q?t%a#hOzL*HSQWg* zh*pd*-h5D}+iUZdy@$M%z5j6ICM*9^s*(|JK6{y1dA3gL+U-^|(moEsEuUjO%UQ9U z9itn5W6W7)Nl9|xnvQ$0bu*@JN@hQc&SJ5Q&CR#E1Zfgx2T+Q{O`A;y>9@X3ZGE^c?(x25xc7 zc^c_rsmD}rnPFyMr3IK)Xv2oB2;M5)O>9=`y?C}AvNBt#NAhFIe3`)ol_ElNvr5B@ zpPP4(=<(>XvD6-@XAP#e0e6?9id@XiaW|?M5kvYKiFOt}D=Ukg)mTOgpXvWQ7Nz3I zOl%FH$9VUE#uw1wFZIlx96fXIRPlvN#nL5RqU}*|i6UzQ(OL{X+zg+l9viY+bYa(I zVm&E*s#~F~ui^&{wXFoN$Ep=x#a8PMKtObl6WJ%9HdKE)y(;o}^-}3Yzq4mAr(f+n zlSm)cPHV9<&mg$&?kJChOXgQ^R1zP9xKfq=)C~4#==IV&*NmM5+ZzP@%ah(|tbV*_ z1Igmk6#l0e^rVdI?xf?Xj}jI}xs6C)%8upbWxvm_Z=>XKA$*6UFdf-94fxb3A;IVu zbs+s)qZX+Q`FqKGJWLp#NNnt{iD0dlwN@+ZTheBaJ}|XP1Ibq%Q3_ySPu%ip9VsM* z6dzML#}otnb?Hue>pydyiE-!VI>qVFNiZd?XwsD|4#kLTkc~{(0u33ZKtEzDsdOO0%tbhB7Xs zh;>jL0FRs{1@v*5w;6sZ$-_o#16r3o+Sb;ls-_l~MqM}?)cs=LJEm2Eaf~;VMbSH|X5y`t<8qJ-bKWt4R1|5vpD}jfG7UA15I$uT_UADZT2ijQ)PZiH& za61L*UZoy;zSFecHc%CDvhT_Y?d`}ML7bAF+hK5fD{j2~_8cYAIY)}z%N;u^PN98F74q9=7r?MP zOoPL9D*QA^Z#tFVF*u$>B5Y105s=g+^w7qJx5IY}O#V;@-BXarkNmuM_sOKo({vv> zm7;0lt5>gfDJKaBFo{h8Ti1*YiEBK0z<3I7ge{61IAMw19IX`x84pMu@nD{|{4)}j zaMWe$Zdka>dZ$n**D9&4<8`0^Q_V}U%jc>yNXqM1mpEC+cI}s7j9>9URPue-D8S|m zP{tk)G@`PA*mVgOeUR#sOQj$$q;4H)deEx!fVD8WDoZ&PVx-kWCd5dz&Djfn`g_L} z*!?EHiuoyq1Q8?S6Pt&(%8$A3wuP3`!2Y=ybn`}_lT&RUp)p{XwiAj|&~-i>)^VW} zS~u8tdGkF zR>#x{6;w5mc%>)~iy3NZxNhA#zgNFXLC#WiBYwB$d=WHO0*@<@X!0RmPBeXlraIt# z1^FR_H?SP=Hihy25DKs*DqI3V!>7c;jT-rw{;KfMzOsMp3gL~cP1I8a zj%76VC}_aJ{f@42!#Bkhmyf*T3=YaH`-3e|?}o#M!Yb?#<{8dOV%6ES825l#@3|gy z5WZRWcz&vnQ%Ll3K->T;^)B}^(^wH)EBWD>%rokiX%3CmX2VHzRg$HKLQ-SkLaH)o zDFaXLvWwfwr(O%n!OdYb2M2krqC@P zkC@+FX04j0F<>^iW=x4M!wR>)!KD0VPfTbmthqC&S7xPZW3hNOhAI!ld}&$g9%BBH zQvBeft^#wl7z5?_#FleXWEbIO><-vE2WkGM4bo`3+|!@oX({*uflF2RNrJI(!-}A8 zp88axo#L3KXap z7c%O9?;jXo7#K0%-F;dc!OtNHowu1?TP=|y3uhjz40c**TL0j^dxYhClQ+Rj<*Z|I zg{v3Y-JMqImo`H8ZQVG;2Jh^k)xlDghEJc)>Yx5g>qzzqpzd-p)={IM9N>~6B6Xjh z7Q%`mn#23|gnvEUIY@P^uZ$goUZuJ@Ygnt4`0lWQdpfSe7aR9YgS;(G5E*@Kz3u9x z)$aBFqnS4BIN?nWMfptSbKU-xmyWC{obB;kH&$G51j}(CQj3sqG<~%{z0fam$i}@f zrFIGZVPc_tar5M0U$Wz1cRkxKXnE#N=4u>%kGCbNKfEQoIPC241Q(}tV_ zhd}Jvb)gi<2t0WmH;Iby48Sb8A3$WhUucV-dwDuqFvok_DBPV_dc*%i>F9i8sNh}i z;Fm;p`RHR^ZBjGsR7yrKuWS;<>FB0Jm#{g%UiW4dmW?#J-dJ1%_Q;@WkL ztPoLP>m#o|Cp6CMF)wdD88tuC)o{SwTT#fC4T-H;Z-@LmGO$v>wddEz@eE0oW`v_o z2NGI6j7)BF2dIWGr!D13tMNr9H@h~WHE)cZUTyM?<^)VF9Z)HZ9pDX@HFQxa+e4N+ z*WzbKUZj=_25L}?#BF%gYM;pt_D|L+e|opY9uvL_td&nA^5R!6dEp0lVW z=5@?Fc3>@^2xXD-B!1QGft$56tFL$_wabgVqG&-WHgYmEX<*L~g+1=FdSvItzSU{X z%#8)m8u&|g8~3ke2v=)V05&7R2pls02(4CtE!?_hMSyCgo~43u3%K9Cr`DxzjS*yX z1zy!lS5@jmy@k8_dk88rq*-p zT0#JEwrb=BmYZfsAPU>?#?`Z5D9>uAo={l6{J%X14Fw}rm+8MhPEm>pDO{;pd0AgS z#3mhMQYX*$alf40_cT}y9H@F(qJ1p`Jn9;k?U?dAVm?3G;2NBp=wJWOmv;d5@l6$t z2LJ0X|M&mEoslzDSj%Wm*^}V1I&ziG7@210(xa=47nCO58;hcO6SRS(0T*HQKh;^l zA@wV|%xYXevt~@sz(>7S@Hn3pZxW57V(3{EtsnF zr(o+S0;i_(CNKmq!m2K>Bh4i_7L56-)^ge=2WLYn3`1%-pObt~f3PsQ z$x0d6>ZsB}6wce5(5ScQ`vt**>O$U7qqV9_P%ko?R}q@NdQ&HfFd*b=#yXj+Ypx6p z*p<3PgX2nZDhIi!#aG=CpHl76Jy6y@ZNS)s7E-u>5`oC;Nn}pv;yg3;PmH=P!G-7+Qm8AY^d;+b|U>}*62W(LwfCnUm_xpi=+0_d;}9Ti!8T%dfshlIqxNN5O!Y4^NI7lIch7x$WiF0h{c_Ar_hKS zZle8Da2-wa_CO|ur;EUppjO=h}PwX^)`7OiQ8 zydWmN2PUGI7ssEE+L4{8;mY2xKF zU;KbI^@}FI-~~OO628UQG#YKk2DFfvc2lluQ8Qx!F|UXFY4B;hN^AU)(yiKeNGQdq zyh+1!lBEJElisu_pnj(QP>wLTl#S&gI{|J{Q&V%?AO*Q*?27pwL=-JE z9WRE*1g`C245EZ9283#k#tL3{F5oTs)b|oK?U=*cyZiH<>(B)S2BnCL!*jZ>v6g&>c)Ny3M?Fyg^`4}o6 zWGk8)s#{_fUxUxdMt>@*mm6E@QzfkW5M~M zIBj?g17KFuVfRL0iX1R4Sm#(#m-YrU5sze(lLc=0g^ z5PKxs{P3HHuzwaZq-h;MY>4g!(IN#{Y-Q*`ak@{Di39@z19UUD5)3031kXvayY5%^ z1{{GlG?6J#H8J+W_x=23jDJgBc3W4Minq5nK-d6&1^FZ9$D&xVnx6LT0fheD7|4Nr zJaQCtc|l+$v^I2;tZZWnwZ{0RWvMPGNK9LlLxa_fA0=4+S;ZH~CWX{1Mi2DQ{9O(q zSe&J|0ekTPja`E4T_F1e)4{d?LU*$~5CKg~!n^U*cYtujeRr}QVi|YTlQq(7Vpn)9 z!K<))`$igs@<(j^RvI($rJA>T7i+l{cqlQM%;Wkx!p6}Z8O|mKU}-jdvj_VDKz_u` z(+wPe{S|qwB;aI?57DDQ*`Ba1uE4X5=01bn`TMnP2@r%XtqKi2P3uAK{Z@PoEGNqFF=uHK)@DHUJbM_n0JYh7i6a5yBVZZtWA@G*!GWSM|(p)vQ9?V)F}7Y}O-X)<9JdSY`!^5MLq7yp9XotZwWFZ`G)CgL{!=<+Vv zsl3NSFjDiR*i399S+xFBLHofR7nf=-fP(meW zqBKC~S;Dl%9hOBnN{tvipwe(6{OP`r*8+{8^(G!CK!<`)>7OP(RUyC38=6f9tX7=X zw*%!~CmjU`-kH^k?}^>d#HnLQX4<0>Jr~7jbu39hZ^3;vGo<_&R1spdM?m4<-QX&_ z9qzmA4BUfKuLnWT*<@%PD>~&L=BK}$GGG7m#S~f|&bIh`+Y=CE-95KzCMpgoN6-AG z@;U*&bU{gMi(JeM`OQISy%;U1O^F#$Wp#} zFV)kQhCZ177ph*J3e6Ap!~<0T(ZJkNq!Ur(ZY7Mw%IDGcz}<$=vyspSEO?}rWTN*; zfI8L_j{;g-mOTqRW>I{#OHdxpB4GVis9!sHJVQ+_pmj#b4PeWTZGjs;xmme>ne(8& zZZPw7`K5o%&(B-x3DN-~v;hU2S=(nMw5S>$0l>(}+qDqWwlIwi`iDK7KUK(&u^Ndc zI~W$%rsE<^tkjWZQ+J(okhf2SH@BR71AZIG0Q4#(vy$*UPESX?Kl71o@n3q-L)IQbUtq zlhyc5d7IRNp(W-8Iz|VKJEc){k|#mNEmLXKfTSX$Vi4rzzymgS7gg5txaXgJWU$;> z-48$;NP9&)n&3KKcTb43z>hgdnpeD(CDs#vU!<`-At-sn_A&RBzbwH^U@w)QyXs^C zsCV3Tx7%ieSj_qe|Bp}1iqF3K6*dU3bx%sf!a<9?*cdE_A&4%QNxE1u2ak^lb5qrTWws3_3aUM z{u9`2_HR4aF?svAEL0T4q)!b}naHTt(HF*l1^DRu_9*acZjX(R$1QP2g@<{-^BsIm zAHQP$pY%G-KuO!p*CX)fH9<_AfYy!H**>;Y!pcfAiudKS>CIK_6bh?qYJuSI;7&sfT*iqt-pbrepbTohm z+Y&%y-Ox|~Yas3O*oc+G^Afe>5XW6MEtTjwK_9kJn<7Xbm*v%UsAP1GUOyeNap&yJ z{3XmBCQNDL?T0{I+H+n8DK4~3lHqb+HEOBWl~-Xkpm0(=G^-q-Ster4rJZ-goh!e7 zL)v`FY=f1H>>-mkjHcOpT36;Wa&vQ&){Kvv`Z0o+^4?DzTTsv)bPTuL(x^kEPhcL! zhbwWmBceQ>_bzU4w`p05q#6g#RrwWnOQTJSK-AM-G{kKhNSbw)MVZWodKy9d)!=KM z99Dh}=uUwiMu+L!7@ZRI%|D_{q%(darMb_AHqqN>f4R8r4QL589H=n+T~@oQbq~}hxIs5KA!S6~HxsxS;fYpdITVpT1KdZIr zFW|m7^ie_K5_jCFeRfvb$fosS9m=wLk49u9mev_jeA@>z^8(ASOcs$!m1v2sy0S7Kkr@%aawJu}F2cHaaL+~9z~m2ms7?tqt$D5;OAOEwx$Pw{hh>M#OS4G*h#d% zp$G4OaJ*Fx7nge>a=5Ui7$e+Asm#LJat5v33-BklTjbM=O>u|M-dIhQhOa~-4W%1` zFsnr@ZPhYrmOw=YnNn96Cn?MK^9|1^rDT=`xsm<>^$WnfoWEHIb{t$JhRk;+VqK%s z>G$dq*}3J@0$o-v^N#blfOM@rFI#4?0QB-=ns1X9PYK1SmwqET#{rF4-v48SSfxvJ zpiB@mYFCKx^RWcN(bipuUBZp~!^S5}BgTJK^X~E!mmymJLGch0d36Bp&Yi`2Z`n{H zJNKOor1syzp`$jVN~@ZWQ1ri05(f-B)NwV^Xf-}SNxj^{Nli&F~=0K;diQvoxdu*_>)U(q@!X;KzxDrO`oD>-=vOJ--Ggl(}3QUgEENIS2v%IM_NLEU`3Gfc}V+&63pI;sRkh}3qZac&5FTb$-qHy#2U03~uQ5R1= z7q4x6*-~erRf|V6tG>d*S+iwH7D@`13x-t97H?Kw{Lw&be(8?+r5B|u#>F8Nrt*#E zH#V8rR9=5QEshN+tF~?`&Hnn%R`jB|Nn;nCk6MFyqIs&5+!NRNP9v0$$Q+zJNNFDB6&VvJNZ9-^1rc~8N(wVWhEDU zV|o9ZKlpFYq%!z@-vvbO{+QmhH4`vRSJq>t@bgYnTOvmAC56M9sV~{DhO8dGL>qY} z&&ui(wN)2XtS;M5O-YH+K`eu{wY6StsV`XDfadY$mKN4PI*q$`-%5$MKdjNg*C4)h z)y^5|9Trs_4SqF5EbUpfh7h~hQQ2hHyS><=yWCE)A>rd9Rs)@Mf^)8XbUIvA7o%I8 z;+O1N40Ggy~TjBJc>m-AQhDPce#H87(K1al$&7}GKK-avO%htt1LgE8F z%~|0gWD@c-<$rs|{~2(4llFrdnXPilPPf(<)fo@=?$sxIdl_rt z$GVU{P7jL)XNJpcA;OB@96m@1$H*@y85W~;8dDCb;?)EVw>@7&PwY06JxJLuAmBx; zMv=#0;W1s|Q)l>nnzFR+B6(@@wCHoJ7ZZY;OdS%CX7+psV>OzV&IC>KIFh+M$P%^nkf-Qzg-e zeEXlR;D1KA0nTI3VVi*{^K(D<_77jUE*@dLj`$;!YQ8@&)X&dPE8o#cVzc#Q41X20 zG*U4vFC)aWcC}=@m71`&FVuvCfrxUqJe+uml|gqNm1~&!deHM;4e5Q*U9Kh^Kg#j= zdD!6(1h5fv+l)#MVqJuLjI>;Dh89nn8shUiO%y_vFJ!iZCrD#n_@;1ta8OnpQz>^3 zyYv(34yu{o7|vwp1b!l8IHyhyVR}YFu5wgv#}f*pXE(cl|GxXR!yW=lemdYZo5dOP z=ZJ*4WdD;^j6&KK_9of7gJ-uSq2g(6F-a$2t5dJSnx@?cvTjEMkxCjQ=cHZ=s^1j# zwAW+sX&lISM^AC|#A$i7Y=y4MNCrmA=rWN%{6n)kt-;DG7ZLpY#1gUvFJE|unuCLb zps;Ym>lYi?FNn2?LAQ-Zy%{N4rpu}y842Qi;7`ySsv&Lkdw!XT85ucLxf)*s%zbO= zip|6ELlO#>{CJd}YU z=5DpRt!hz8L+lq+R!CC_DYj2fPiqwz-P)hUR@n7;bp$}1)-a~- z1VL;6fQ*BglXjDlmFJSqdN^>5H9x-BhVpQe9i@ zDA6mI5QyAdUhd16S(7^CgyUg_g@x;mKNj*sYyYwMA7}#a;;hl?O008Pm-b~NC`xxm zSC+=R2@w(H&ZhT5tC`r-#)*jSk4W<9K~T~G@YQ}pW8y~dmN(vF7Wp)$K&E5#uFJI?AjG5Q-GH2Zp_nCQ&T@0;EHJa zjehXzKURzXvbcppV3xcQJ47v+@W<{^-#`#3x2t>Ke)+_%f6Dp6M$Bc8z8kII@W1pj zLAeK8qsnJOWQ_J_F7R9QW@Kb%gFqsw0R}uxBeAad=h7cU0}A3C*z$mA)#mX9$;O-Z zG{N;+#pY@w0*e*p=r@>@!Yq!fgSs8sA%ox4#QBG#M3XZzax#iR&(LdVYRb8}xtR^f zk2Fq$)C|$``bNk!3G2SqqDAz&fB(}YQz|ONqOR!BAS=DKTkjWN&9b!c7*PDiQ;+E@ zCs$B(2)h?u1#k`rE-_TMEH0xh+iUVU*sn4|r}b^` z;$05(V=eKuH4{|^?k*#a9UVW|qYBwXBY^ou>A{S*2eFQ3CW;B*YO zP#aydfsDe!tM(PIK}P5XaSQ&ryZ5{&!BJwBA>lIQ(%#pN z>Noja^O=kKw#CvqO6sSVG^uHm>>dM*tAFzA(G*sz$fk$gSR7HxXcJpA~7#FTF z>+w-mZ~U>;9)`SLz#*!^XTKvy58vr6xGHDh;nS*DezA7X0V?jX08CD9c=`rN)Hw^U zpYg%R$e`-yoan{zW>%7KbcHFO?QR9GuIgs%7S+mSo2mM87$WpFDqOe3{OdB*5Gg)* zoSKFPHOR1lU_G*M{s&4B=>i6%2*G|R#_AQ3qFL}KNXBWtuYT_HJ2XAsOXuc&;nkhy zem&#XMqg}bQnhF)t?)JTk(KRzxsFf+-8Jcvy+()G5%6wSb|VN+mElKGXM!sYkET?l zUSaZZzOL(oLaT9GD@bj&v<*O05DPIeW zsWLZt?euZ-ypZPu$n^@3p={TO4WxP7`zs$x?79Z!8h&+p*5lE7KmQ``@%;KgXYXoI z0mw{In{%aScJ&-d8|r6=kz_*CyTne#4hw@cG&-->5_&tyJ})LR6v4il2Z=yJ#a_G`N0YR>|&g} z-4>5Na^w*6BcG+U^;rw!FSU8R+nVU@t-v;KZOi8j$A4i@uY0|7*=Tws)eZ~v?h>VJ z!?KO1D3jYK%2CqGu-*k1~3n(qUahj=r{Hl}jZ=a!Vk zLM{JMw%&+8Jilvoss)^11*`qestr)pxtB*L(94nnwJ!CG3D~g37qD8~Y?)kATviOf zr5%sK=y?)2ec}mMn@TfTU9T3zY+S_eEyvTDX_D}LuL|rJ{n`_LfB0a0yAQ()GcdrX zm#@8vO#mhWQ&!VY3pk{lGCHzSjUf02AWUEo>>+2?PhrU|0SdF(z*# zn@EgNh(!DcbCq32_83EOPvGAGN|tBuiZoQxFYP+@V? z_MA}TG`JF4Mzvj=>he92hMX-a%6SoC)Z|Il34Aratsui&`L>6>eh9rJ8yxDWYq7SN zG}2p9J?Yk=Q+)LdE&HCZ8@^U9DRlSM8M_a3{`K`{%+%ykVj_$Y5(qXwr#9;z^>jFT zq9`rMgCt{i_7Ej^)6MYpDYohjxC1;$oXJyIU#mJxsjOoEDZ2Yh zfB4jVrJ%Rjv+!TE-qggLh}zs#<0_W*Fm&+zvVTcUQUc6p@{6WvlvO zSe-yxH3qm&hI!&xF{pqy2NOkjdlSef z1vt=$IlnUj8kYUQ!)&&vdheiZVdrFa>ru6 z5yd7-o{Jv+^=VP1jtj{+uZek|y-ltBhfbdJNL);9)N{Am-OONgpc!ogxsQV;WL5!= zAeUr;ZY~M*{C-D{VP?t@!B)HeN>!Ii0CNS#jN5H@l++V*rV&=m#rC{gQa0velta~& zkQ9e%I54EgvzaGGxf zv?4o9(D6Q7?OG+y#{0vnwoAqGN92?CgNq0hOw6=hZ)m5QgnWjQ917+1-re&M$HYnu z=XvcehSkLqJWP8(A97_|bZ15Z8*95S?8Venp69d6h#eu_z%EN6g@%Gt9T%Q>3t@9Q z^dUvlpGgTSY0W6CSWAjYbT_~4?Xaa~*5JPreNHljJU2JV2<*3VW zM_*BeMV`~}pYg@tX(5rKP8=+~_rHF-tzTS|Tn zIBD1TR&5q%Yct9~F0t#$qu13rRpR`$z*>L}gnZ!6ft8k-NyeW{`I9V&a6Zaboq8le z48#6Ag}Y$&kdjye^MILp25yKDBh{??$o`HszU`)U(wv}o`15Dpt9u^CLm_Snszx4$ zh-j&_+i5&wd!>{U#m3}t{Mv?ri)=q3C4Vq%LAh5?Pq9XgNlo=+fED-oFO3{-rFOBTpJ^#Efe7m zp$Z5wgPjgbW3_`g>%LvI&#pA2eP^k|c9DD5Tij+oUoCGgXuFd=z2WuomL9IYCqr?r z^Y`WILVY|mA++KvPYeMeQJ(-vubOn7BHDdE)<6Ag3LAxET_pdbw;8OHLiq;E1}_oe(R|D%Qc^36@u#pt%TYFWF~XNJ9KXpuV^=EA|@px#s{n}OUm3OpTE2wb?Q^>q_fxFl47I4#1OITFm z{j)V$+!K`+8*APp1e7)`_i~GSKfUR!O>s*Z00bIDiQ^R;f z()u3c#^5gS^IU;*uRVKxfxry;t?pPynlxXGZ>qx|l)dY=WJjG-Z)o5gbGc`Bhx25i zCnh)=)sb77C*ZnjVTeGJ(K9pGEUa&T$Xfz8yRD&XDhZHfiLIIKxvkvb<4T&g0v%}b zq_fO!{g1Fo$nqX~YabkpCI$?#U3~a`>Z-YC%M$D=*DU_n-;mnBsI4vH((uZr zdcNtrShf#?^U93ik)Cr;XXi>s?gL--n;sxe!@4#e^GTx4=API*z7S^Ibi3<%=FaRk zTl4BNNHIVhE9a)=y8FXtTFH@{I6>#NmU*Uy>LpsJyLV(XX2NnD3H8ePbfw~+2R4;U zZB@UpuWlZhSIx;-g}@}Z!s&(BOeM<9<99G?gQ5gdXQnw$OMW{k!7n}S_W5(nxbBXg znv#tRR=uASsIaT~UH*KMSG-r|#Z&IMVt3d*wsZZ>8a}34cIS5)Mxg2d!7g7rL7U)p z6T<4gKD(0#vdGZKjc+U0A&edZI|t>TIB%|cY4zmW`A4XH)B=C_Pp&>9!TinOcSW_3!&F_2w(m8RBqAkL@N}w6&g|Wq;C$ z5^EWVld`gcR##UWO^eh(m6&++2HjzEN1HMr!FRCoMhBEn5XCz7{H0w^(;wi{SuqIh0CU+y7R)a!r70Kyj*WvqeR+PeuH{=u=XJ#?9s1E#NpVwX!k>!&k z#uJnVdm0cbMYtv@eS+&`-8aP8$}N{njH&p23^$FKcq%{^%;$xf%P<(sZ|jXHZ%2)L znC|y4FR38d4R!}!@H^hI_MCW!^sJ{CCjfZ}niG|d#Ky}XQDt-hp z4beykr)=FSL$jL+%gdR7$VluAlP6LlfR7s=6}YrzD`7M1 zSnZJ0eY5;7Uz>r(6xeMl_&c6R3~zEO9|bXM!jcXjcOY6~wU=~ON&FN&dm^j$`(34f>S{S}Md79cg+d^$A@ zJ760xDZSwVxc^!e1E4uRgs^QplE1*vSP61rKH!yg%~J)E)4@YypA$UH=C|4<3>B$@ z>jmpdHV7q1t}RWripcaPEOzTPUH^!%_#THC;Po)8{D;rPd&=WK)aUYcZqk1U27M&wlL$F9mqtZ^LV9d z1RRSuoW=0PnOMN!;Xd1;mPXjZ5-hGPDY797y7|iBrbA2cxl}lM8R}@mHZMP>1c!@R z4N_pA8H}InXul7^uMR5p#I%&*_Coc>UU_g^MUJcx{5J4<0Re?vd>!>q+22i64l{?o zveZBQ-jM<1Z?EAdCL+4~Nj8@g+IOP%65+89(avzO&3r6YGdh6@S-JF~eE#eGyvjtz z7cl6`W&}FYm~6!6uEjj5_j+Luy8KfEO2o%iruBZgQM?DZ0e8DxGo7!tsuzQF)qor$ zIBb5q)=ok~wddsNg?@3~sxJfEIKE|hJoMoodJwreSEO;2!h`vjAl3Gkm9ySQ&rOw( zpuI0maWW3qy02AZgT727?Dnxy)OoIaJIQh>^p8hMm_3C%*_s-+MjrQ5&RRCrR?m*n z6+GOjTwfkNNx#^v4WLDFsj8^N`Jkyr@Q=e?e||?1-$jsZ9Hb=*Q@|e&$bkw(`W#Rv zQj0_AT>N&6H#J{7!Ou$4AmzO}v3;N%T6bkjvZQAZR1i84@+Ahko<{p?p|&A|Ytb&= zwXAIGKKR8f!Q37@wsWs+eZJ~pBgV(+nLRO=um+lAjG<5=?h#c)f~2-iQkCE|kJdT-W>360%CsnUJGw)kV(>NxbSvjFqDCu- zH7x|DTD_dDc`U|{Y>s|>zm*+3AV50dkE{@=kwq~Oh(vDr=7;qX5EKU^YxhI82Q{|p zkA}95WvX9&p!x!KVq-ZX?%)84e>$Ju5x$ z7y-I4x-|}L$8RN4mr1SM-rsEScX16AP>rEjcALlA9WaKbo1wapr5xdw9dT8HwR>wi zRg)D`4^h^LgdMfzg5A^gwTSlxzUhaW)ehad|m#x-a^OVeIYuy51kK*m?Xxk2ACSDsGSW z8h=!-7VVab2k(Ijlc`Sa2w6FTv?Br}kh!^6)%5N&xkyP|PQ*L7@|>J` z?K9N7E>>J@1K&&UfIFzTsha_xV;XJnSaE?7KB+?(Dn5eugvQn%a0BxCB1r1w`^g;+ZlbFrP;5V^#6MVc-EH(PnVtx5MxbU1} zPIszx0f|*YTpKu6!`;&l@;B?(kbCG)k7n4#^siWfd{NJrb~=4<$K&nX5G5lnZ0&NeEXD_|#p?^c)XE`3q{HVM@;A7WAN&10SmI&4xuhG+?uP3;rdy>M}olgX&cMq9+M?5G_qkP<>1Pl4Dns zzC!zSU)wNa{D}C;x9ndLi;UD$JB?FUXZ43EE!#|ry53bv2n(`*$fv!cZ=EBq_l4|4 zaf#q94L1&6DKo_oh!FP)GKTY@%K%(AgM5f=q0QloT`EDPUoSPgF|k_NdGvU=t8C`o zAaG{}676`0wj`t3ESRl4U>V!Ho4IhdphEk$-S$v$4MGT3v$blVL8-JdT;kWrn4~U3 zx5C!CliPYaZ0VWZcg(`y%iHrB)Oc6@8U@EHP_dnyp&A+niL0J>V^YyAX%5!l4mK`M z$Ho7P(?M%wAS)UHSlRf_U|ZKnp&0C{i9oFU4W;F(nYuAI=Z(7CtTujgwR0@_HY}7HUaBtDUh82yfC$+Xd4sImdo>dY)j{L zuO9h!fNli|Dk|<3L(rz$OQF>741(kro4rC7=%@yak8O84A63jd zm=mx4NMF!5s;3IBkh}A^c|}c(Ai|K}A4uQT1lf4RZ4Oqe;;MWok(bmz{M-X6DsUS@ z&Roe(WXW#6&u@;;VW(c);L*xw$*r9VbamGEy4&BoMEi@u_B&Fe2gtbXk+NLRQ5i1D zbK6DCP!ZS(ujQa&1O5Z@>Vrwqr4=l;z-Rl`Ylr4HvpZOy{rbxjH&9H%P~03~zwuJl z7p8f1yC~^eD}s-Zgg_Y7IYL6{m)ui=lU%Jog=Y+cgb{(kT2^)1cyq=DsHt_cB2dl=tqJEAc->_Rlziua`kG zt5xsVSfU?n$w2U7ecMZ#_5y9!G^@hFX$ue_G`ba!XO|B-S91|GX^=9B>Y#L=w96=yB(0}>&UI;V~T-RIp~54 zi*CCeUE$jOWuE|}f?^WWDGGqoLDCe$*Nj#JL`_!%VtzNg0jg&}iPg_)Ugs(M20}>_ zar^p{;p8)uf=U4t`FJ;xR~Z9k$HVhM?~5T~cXu}iw@!-nA5IKt&WdY%=&(0A(E%d2 z>b2JhV~01AxiyOg*sU{k10uL38B86xD=_*zbf&;c!}#=qCZ!C?=Z2#_ zNulHW%Q7H>zU2m`O>!N-4>Hh|1Lc`Q-~xzI2 z+&@a-vyD0HE>QZ{&vYRO6(r#1jm?71>LDqy7lc1V*{K0iCb^1q#M-1U69=dq;id^L zF#P1_y18>4yJm@_iYKkl$jF*Cd^bDf7%`&)A`e1U5f_b;-rh^Kgd+;;lYp!l&m`A| zwV4`iRKf}#G|g!t3wEd#5q{(WU92Z$^Rj}p%4z|}G@xzK6zXP^{&I!_AZ+ZF`tq6e zCcF0;ANZ{X@&&E#s;QkDv=W9vPSV$0Cr4QmdA2`vXK^@)Yd}1z0m71fNcR-ao(V4ARLD@`B`%ti;zmg5^R()ssWTU7`=b;tD2r3BPeG$ zLvM05mMQ;~I-&5FSSn6%SIJesfy=>YPD4Udc0YD%~*fmbsKN5!x_E-Jn5XI~%pl`&C zc?(LA==v|dH{J-P)SRV#EpdqhPR~TR-qf#gzXkq*2sb~x3OY)^h{atzjPyaV_7WT5 z4he~V75_-+e>OFw*dQxza< z#h0~-b_B^Jr+~cw;8wXa^rIFalM2*E2wM%DUBh&Q&M&(OPhZid{47)=`S@1aZGw6- zeiOch*0|_K{yBd8$wtBftj~SE%+1YxF}@9Sih&BY2gF+5PbC;&2e6|zah2$TKS@=f z`0QpB!rWA+)C>%mL!k#Z_LuckL7jatXjDrq;}YNifa3f87}A*qc*&$Pas@2z{#iwJ z23#?-8nVV8y0Bf38gMWTel)RoOJL0TYJf3sZf*|b8_MwLRSMcvFAuspx36YoX9eCC z?mwz&(o9I2A-@%gf1LT%ZnZaz|6$`xfc5}1L7DiU4UYkk#c`dwIbv7v9cLFx0ZFpy z*lNEy{R`q7y{8{#R%frLNYNVW>P<|aM zQNyz2YVQ27NX!nww5zKe58BpLlkb?rZs=GtNIBiTE%x9+2!q(w-K}M25OAsK>oZm8 z@?MP%$>_qB31t(ly?-wHJrkj-$vBet<_|~k4_%<|(iKoedTl}$96(>L9{sy}IYGlr zuNhULNVZk#S79BR&daxA7{S4AI)KK)t`8)q1JPu35YVLwzaZmx)5*!{?%lgLp-Iaj zkXNr>En>8z4tvY_eu;1nxvx8j9dwiNnLeza@j+#*o@r~fi_L}2IIqs9|ai|NH)M{nAOP{AWkwC#$Vq1s_E!dDfe=L zGzx_vh0qYD?D_FS##ydmEER(>dHWYD78z(|}dj3bnp!e51f;i#ntD&QPzce0v&6fg?jXi_zVm#2Uh z6S1=V^Dulxq@@RD&Pclu-MipO>$_MF`vysxd2qT8zEDoHepF?H@^^Yvb$eKXum@FA zkjYBDj_~%%LVqcEX4E}X%m4Vx`}NyTWdR*=D?N zK@%`Fyj;zmH`{=|qgCfz5hgFFJL<|2Iop{Cdk281P6RT2$~q_P(&b<~#4hTs+EJsr zFN9GTc)&)F!3e|%^!xEf2U`i#1DKlq7fvpbkm!ks%e_V9UVNFj^PRpK1%=2^xt+0~ zkWi{G0w60KGo7a*BiBSY4=WDZSgTzB+yMe(?UXzQnu)orY+%4P5;_4&@!PFG5q+Sw zJOf4noId|M%kKJY#0eM}%hHpfMzE1Nrj8DtAJ$8x7hZS=y0`b{B1(9PJ>-QHg0&Mm zqeTea8b{^k`*MOyOG^ozyF9uD{L@$T>4T$1WI?IDyFZ(KB(4>?{bvVs9`DL(j2cKa zILYjRaSJ8<_R_a{`}$jb@bH~;1E0ue&7r(YIGRs2I={@p|gAw?Z5 zJW1gTS0KGLqo@Vwuxg7JL1hWW8+8TwX;oUt@EFuw0O{>^YO|t>^{v}W^+|-tXQ2ZO zFxhOMq6Gs?5<5&lPGOASN?JLDp_lVS?>&O6hX~D$R=EIgnQjJ63S~2oe62$Qy9wLG z=$R}Md2T-s1jt$A?Tbf3A6b?9_yn;K74ik3Up{o8hJkAO~-hefd&+#PaxS)QQgE&y6{ImI9; z?)*R*x4Y)6TY#WJt|&g0t#RK_l#x~F%wRPIWxT9n;wiF$ZvbH{jmRbpf;hz1-_P@b zhWOq1Dpq1Y?*1Hb<~dQN)IZoTePJL~Rs5(Y&HT}$K+tqj56ia>KNnEQ~>5DZ43h_lKL z2h%xuLU#GhK`<4+5;{w}~K z%JWn@na7tYwRL0edW%W|XOEzgvQk@J&Y6XPCzkPoD2Z`?!#i*b zLJ|OQOdWIEyFXJs{q6wQfx5Of1m+Vy&gr9?Xw4v~7|N&hI|(asCj1klSug+u?3Wa+ z0*Fo2?{V-zBz5h7!-#_!!s#l}qBu~#Ja^nRGNJ>Xzm(Kes-iG}r-=p(aQYK3i%BU}gL zi$2jf4>YR~QxaOPq=tcVd-U}S{Ar?gk63U^JEI>m*gD_k|Z_~VIe0oF^e)>`AkXc}=V({7nlcE5U+t$6p>0 zd$0t9yyW|N-V%*W^bndxR-`E3Jh7xl$t>>pctK60i(@T5^53j07_6&yB+`pmUr$(9 z!Iw5_?6^+??d5)()(qMH_JoOXawe+1CB29)H)YwMSVH`ZRW)G5%(iWb#OH;i&ylvq zmI-=GVM??NsxGmf(x7HEu3Pz)-}BCLNUIsep>^sk%gbfJ_;$RXZ5|@g5On8@?Hc}^ zPu!k6DD^DRNM9bRP-m#cd!XO@)@Tcb65aaxH*S{v5@7YIS>c33Bm$|z-dD5RqF%cx z8ROzFJJ0tX-O3I8`pg{#0K?g``ug8=m~IXQo8#R1 zZ%Uyw2Wts;M`m(f%}*?9%p*#3p-w|VtA#Utsod_4IdC?MUY|TkL}5y{G&{o~Wbjko z#rhz{zu|YNQKj~GzTn2&l^5sg5StwzMh7YWg~S^5fW$^>=*161DzqvZx|Fi+=VUQ&($;lf$#14FUKwit_7i5Pabb{67pa6JH4bEH;R?l4yKopK3-iy8}c z{Rm>yyM!GK66jh~wbLQg_WNd8#)09j9-LTABHr-MnuCdEjlsmu|MxE+7&pzQ#>rqk+GyjKvJ>-hR`0uXV z;+e~x_rPk7dse^?V>RCm-qMB>_lF1n?DS>{0_Rc z!0@K_&J0QY#~=9lOaJjj=UdRdMtk@>YLJ*p1UaIm3OZtQmxRSmmV={*8@yaR3}k-a zeLHYDQwyI5&L3v?5P&;w^@_(?I|L^~jjsU{fKYa+L{Q(;J9^f0QFs4+8kRQmX0n+Auy_DE` z#J~NP*k!Q$B28oC!|Yz^cvPM)t!<7rvJK5wQ_8ckWq8!xW^Ip2FDu2Pe=bU8QS4uc z=8hxS-Yu6YGH}2Dw-x`Rg`Ogm{v6n}TedM}XQ`uR#w|O}_aWtqI^2o>uD_0)>K)Lw zg0X4`;(4O)5lUC1>3uMF0$r7uCD%W9p5Ig2H(|u?uW$d4;P!u7uCyue0axcA2_Hhp zEJ{aOG;@Q^FuZW(jrjPH>)^6(tmK;C#&TFHqxQc5liwymPrI7;NQB;DSjm;M-=$<6 zp$ck=&wU~(en1mSv}FF$7vBj2y<6IIaVK6#ckcXMMrC4}KV_tL2jg^}_%Hn7Z&*5M zfNER6u~0e0cd%Fue#$#r zyNcf__fG*m6-OLBJWc$?w-m&97MJg@9Y&?^Q)<=P>+J(9%G~fjGeh@jcdKzopXU&u z_Ve^s!OU>3ahq1}L&TiEG$%*!!xfnr!u1f1sNhdf`eFd|c#P;yGhojw%g5*D zL{OGW`k{L~#=}NukzBDMdyFS2rVtq`YxkYge*LtYz z%n$e&QUp9F=V9An$U#)RAFSs>!1<^GNy>i!fJLI37MaA zA^t@WVQm??!-m8ksr1+1T78UfN#M6cjK6kMS2<;Px%byym)V5-dRhFx%rWP`2Wf9K zA0P7E<$HOypD$T%W(3LjZ4%PoWfn}&h~Mc?c#^&V@_p3Z*4Ie?F;4x2BCaE#ykLDj z`-NInCX_WjXGV*L8TTGKAxqaKc#`<9`|-V0Pl4OJFp?thL)(5@>;L$|_u{!2d_$0{ zMc-2`Fq%eIRkuh^!*lZJUc-B+5M4t5p|3j$cE(J|En)i>i0;`q_8ZlkZ#qAdgkvI& z&NYwdS?;OgfQxy`-_?vNYue{He7yJTksVN<9?2(Sl0-bfCpR9)?XHHquI?PS&U(Cl zeXrqz%wFj%%6V)GAQ_+F$iXShls#GMk%_XGhw*nhg+a#?9;ip{?| z&(?E0*^6+Oezx(gG`c*jQ;ox`S%X4iJKD zU!25-nMv&2;L$EE)Klq1n)Qp$&Kw>3zD5cGi~We!D~}@;3>}C)r|*t}iwPtVCMqmB zi8QHX`QzOe5QOpO=%j`M#B5@MUG-aES4d856&RXJHR=P}-MorFq|W7?Nr zlF_Co>!Z#)7^o>JB||Vrw04adnDX+yy-up!O{D zNtYjt{zXX8idSPltL<1Jdm?@>zQDS;&)x{<%VoIF1-$dfG5=5baQj#b_7q_ctX1*f5-(7X#tJ^^HnDH zw0x~jT8&l;g(rbxK{-7=z3K|bN2i$txpamLzCDktxZu6t8G558dfS`*ym~2b-?D)Q z41_TXo(U?ZwkA>jKm9JTFRp+Y%NBv*WlQBMrX$OI+)&KN|{tI3m3d@cV z#>XlQ5T4L*FYi9(6r;GTva+&oVqXDa+brh@WvAKqtAtB!2EoLZ4v!Sj4Miv|18r^p zFGOob5ba*R+AX(=e6_?;#3Ims@Z6B_{H`n^OCu#OuZ02>6PP3Y>JJ;JKlLp3VfdMa| zj2gTX9vqw;@6qU|GHzraj>W?CKYb zQ-@T-dJb?YU?s9tP2_^8UPzQuj&)|%RiU-@+8oO z+gx!(--U^R!;UnjH4+DhZO#e4#QA9{(Zh!RJV)On;0}d*h16MsNW}{R&*{w&T^`K@ zRu0M-7>SeqPZ>zFP=a%ay(38Ugc1AOgiB=JI%lwvP8IMai^r@FJCp7>;PH3A&@Q+V zYdz`G9{w=g%EuI{b$_xMgV$eFltEh=18`u?VZr%lh?MCM({dw(6&PCcJtCKL)?6`J z@{_DWZ-yP==`-Ts*}J|Agc_HQF+$ttVUFk&DBR6>Y14C`*pIJB9a*FnwqOuaL~|Ol z+Og&ln!pQL!NwR}-VsTierOAqAkg(2RcaWb8=!6$69#K#s6nI*(6W5B+eQ+53rQ2j zJt{EJYUb<~?Y(Azr+#-YHz-17cY!yj%x1KbakHH8j1#kl5ZAp$YP*3q{taeOhY8-c z*bZ`A&{-&KJwycvTrWmM`ZhzW6m<~f4P1Jt#WNAlF&1Mjuod07@sIyd})Aj+H*2Y4pCXj z4c-4rzPvK}F0VZ}R=}(Qi}K+H#7}*^BTaD^Y5y=gDCF$|jnvBc9rWs1?N#v6rv8EOtdX=H(UR7~cq;kExWugMP&n_DZp-!^y zls5lS3$Q=Qe4QHTArYGRS?Ck;k7xjdmA%QdEw&h3JmT10EF`qphtK7WMgRODohpN(2VSTTS&ohHXW^EWPrOw8u>8?JEXYELmlG1mdO$D`GB}ug3T9tuKvUu63P` z&E#(y0K(EKm2jafB{bAaaLW;ImbnFneJ{WN< zMoNlSAsakBX;p9hmE(Z<{^bKFT4xzKuo(GLO3&TO@+f9Cy#oG_r<<*m|us_v#M&!-Q?e7>s$D z=<(aA?ifKkBge%dCx6NGt)1YiWq6{bM;*1ME*;WmI@UVT;|p#tjv+oXzpMGxW%Q&v zlorM4Vdc4KX`q}_Q)P(o_ugrV5uBZ#87ff%Lwor9@(h?UNk00Xn*vFJlX|#jO(czF zUp8FF2e;<;xc9gLPO+{phyPJ`9oMBx3Su1m8RE+^V_#Mxl5m1cmGcI&si~>h4j-+GYT_jtW0a1>o~Ads zXc0N)DLf&|+94(aB4Xq2y7)Mu+a%Az&$hFpQ7B&$rt?LnZ9%~(cYpAboyY;tcFC6^SC%aD8kk87q(t{4y?Hps9F0NeYI2jLEr^hSt0ZA^{hedf)8Tf4 zy(M>XWL-?$?!${#k<|ueDzOwj>Eq`__E$*Gd`JglbK8KQq-bG-J5HoaC7hCOi?Oq{ zz+EaEgB*ZwAioi;4t25c z#1;1#O*R&(cd%J*%ydao^C_lia3**vdafitGa4x`$Xt%tVmqk{PAv)Q73bwIA+K+_eX~4femdm9R%Ou|mABjB$#xa4Dd*FeB;g&h!fvj-Ri@DVktES`O zj=#_JCE2RqFWRjCF{myEv-cf20+PmoXM4ATNxD*E1 zK00K`a2$+Ex+@($%SEi?mnQ{^+DoH`SjP z=O?jM;|EYCw{6W#v8C$y+?cB-79n&FYK~m9oxd+z2I~ilFO>_}BsuG>&-QRa?OHj} ztjs%)Lu$4s5^@vB==H98>w0?i&WPIA1z6t@S3YB9J&WkCJVd zS@)T9TlI$9wbjZqvAnzmRGVi)Cyv-;<)8AF{*`dG*lBX@6aYA)+*mg-N&FsfNbL%J zf#=R@jQ3u#sliK-465}x*ueIxtBO2_g>QGrkRM#dEsk&6+PB*oqhvuRvgdAHM;%60 z{E94G!Xw?1^Lk>mzWb$Xjx%Rpy-Ju!!t2sV;RjU_21svl#-6zRE-)O;_)`N68==Fo z{5!t*Q5mXt*d};f0;d)E>Q!p(IP{*N!}OY6R}8=1m>Z@6qatP!FXk*{RSf8d=+_=j z**yK46uHnP@deELqvRoBX863(DNWsT9TIE)fImnvp;55W>77L|emI(t=$2#l5@d2+ z`Jk2m!0@!!_})agQiI5VFo+48%1sT}$j>$s+A3+VS3tx}tk4J&PJTk@ubR2aNOXVI zBj4LVrWJ&+y;qe(iur#L_tjxhZe8Ec!9+zAB&0p0NQg8@90LSNK|$$~1_|kKj*1ck zA|Oc1NQn~CjZ%W7bjQ#&k^>Ad-@ZBEInVRH*YkOgf4u*3Da`D>*IK{TYl+2svq;Ua z7P>Bt?HWnTjUl%TqMUI#U`vzN!mB#r+85`pI*E<52TAY*ifnz~wKF#r$i_C%jCg9s z^@<~-GZ-C;NxkpmQ{NJA0;KPf1=taSzDF)pvIfZsV{2o#>-RLdI@qsU{lg0T<4SP}qq8NR@ijSw5}Y}Wv*U<8HJ3;8!>LSk5Ebw?5M5RuB0nN{^FNWBm)&gl*ao&?L&ZEbZ<4!|^f-Ex% zp&%?xw2)0db+&19U?r*4<<;U>K1f~H@i6sAQw8Wiq^-8gh|*9=7P_YTIByBH^B|u@ zk<)zdn1kF4(}n&*zU?*h)GEoOo82ll-47%X)nAwb-z8Pz zt(1nIr{dOPk10AYRV^VY>Hag}V!_>6pdzz3O=ZcX&WbM0b=!7lYOZx^@jaYrciCR8 z<{R(SLfH;Ul2`&PkuQq|)^7o}3}-m1C|mS;`#OzEEFsd7%A${P<|;_GWdIZP{7n%ZtVq-s9ure6CB}i{F`p-i|8EF09uKr#$0@}7-GPT$XAFEFsnKV`{im8Gu;D(1xV3p& zAi=_hz_aRmpP!xC+M8>M27nRlC#V?dq6ShA0$>oRn`*PztUt-=g!yvs)ea3cnT#?q z-qqWex=zc|ogON9;0T3KDEP!MB@XDf&0cv1Q;i|)$)DAwaMQ|aBPoD_ko6qJK12qz zmI8}&m+gjyZJP9zy5$Rh&AxBFGTS8#Oo5hO6aGuUAX_Vo}C{N}7b6!L=t3zR`$zf34xi6;S! z*!!=J(4R${{n+guYWb-E)H=#L5De4#r> z7v|va75pQE;69=#NLz*;2-iOjy#rK+N!h{;5@rODLOT9mz|21O{T971+&>3((9jp2 zNe16y2<*dJuG{K&BFLGxHEQgz+DMA&*bJB5>NJ$|Jy#hg?zv z;m#ZdeRvq?-TeNMQ6@wtjPHT-w0Rm}1OlE}uhqw!I1yKx9u~$qXZ3o;#ipf%OK|&A-oL>Q$6DIfCJ>Z`I z%Wr^%=?V^N0rr!o1YGg)k&PUIggC?jxcO1|4D8xPV7;7#Vmu-MSpAj}d zyj!cI`eiwF3w5(S!CS#>cyu3dB4!QYLE zYN$Hghizzhy;z9#3UoBV4NhL3bd_vIBZlX_I4I*SgITFs5MR$`L-VmFWnY-tz9-`?Ua~ zVaM{`8JM)E7YfgGdWl%v8w#Iccnkri{sQ<$hkOTuhd!5s=J+L{J$>-g5Ey^r(8m+B ziYHfUG@C>CI&lLLH1lyGcW!&$Y=7v%H6t|ld?u0JA+k~t`a~5l#U!O5`1DVI`hSS; z8L0Bk#`qvyE|OPbO3Q3rUzFh6>_zdlVnY;8SlqMq-)tnkZjGaVy*Ev*05ItnTDYFd z{#m4xIq}4%|kh0YwIST>qNz$bMM_Ya$6r%GRlINJASEL4nT`aD!6)> z+tM1LaH|E5XC=`HH`0gDKH9);B_P^D%gnoN4WdwaQ@R#+Z2gnwgG!A0hZmY_tLjR_ zOUv`No6HKPl@r{|Wm_kycTKKopryZw5;PA5l8}mVpe0Mr!R2F)tB8#!NExr4aca-` zR&`ELMdeFdx-Etq<4#@37}`=1=>Psy-G~G-g%P9RQLB*wgwi}78rx#W%nZ^0Kg8(2 z{)>t|kpl@Wl5vQ<(jCv0B!g3%-!L>l`G&X~J-|+?4d~q-B187=h*|VuZU_!CL4aHU zrhEqrKlvN4_hsUz{sqAWSxkhKv$9?6%544a?@exWq&&<`_^Z>Ldu=xuXMT+iZ{9nyyHTdX1bj&e?5#xmPiG8yibKZmQ|Zi zy1$xd*1PlNkWomyDw$AZwh8cuZTOV zl|UyhhT3a{R}J&_%`z6Xv-ymdT55Af!{{yU0+mPj!51%wTgTIDwD7;rh)Kq7_8f*B zzlv%|AkM-Si2WP>+WY$GZKY9*uV0&q5wP}Vd1=F#N z;xu3g*BMjV8<0Fu0bR0mAMVrcOVW#{K)NXXCiXAzv!5f~bZ`RfA>10d%4at--Y$MO z&q(iG7AnI_P^PHdz9&oYf^9$&sbr*uP?w@~o zUGW|=;P}38;|whdcsrE#VD&AH`&ylrUtpSr6*3XKZP{vf7&;h%aJc_?zefEgFH@}< z9RbH3uXa8BgVx2p$GqjJeM!G3&@;8>>~44^9C)}(P6Rz8c>G_WH>H?Wd(L)n%3Yny zPaMJP-THczHZkea3qYxG;I%K={~w$Q;=%PDPd>r^a0~Xf(+RB_<@czi2J?m4lopW7 z=xcT5N1VMSJ3MY9KV+?xc`FKb{sr_PXcn9gyZK^|{eA`LXERl=o!I&QCPHM@{#{J_ z`@uU$&&GJO4hdR&8&9NxKJzuc@W_(;Mc*0jV*J+J$Oa(Jl&aCf8( z>|X$8pl*kvrC}YtH&w@1p`=oiPITGMYDTRoC{c4kBZUp|7c#0a9%IZ;MNcwH(n&~2 zWLaVtu5?dr&Su1|_S*mula2)xTXLl7gqv8{vy%)}AkLIeuvc&8>?COf$k*)&(K}n;8f$O*+r6zaKFQ2y}4jegVhjL#i zWY_grtTxjrEjlH7FV~`@0gyf0P%r}Y7lF{;`1%7b0;l*%6N6&4uoi>6oImdOlRtbr z)*xsV+90*G%v(EU8Ir{2?#*ocvs!ivUrg%?7SLl0FG|#omSE73`eBUu1|s2=UtY7B1LxDyk1okPAi9 zO(BEBcZ6z!q_pPv_{(|wvNBEyfPL!b8NF-bsF5ToU*PYX+rC~c2-ouxjRiEJrlax8 z>+BS9Tz{YqD&iN#88>d^_Uv2qDqswqxT;TZEa9L~X`Gyh@g<*37OG!il|JU~*G*A8{r~C)N zBgjBJhO_l?wiR6Y(N@wgGe8+HETY7XR;cuXe0LVU8nPRpe43seH$Vw!DBd(}*TeRt z=r|}xjw~}QmwN9^7P!uKY8E?LLv`~0&7KPmm+5c`Rm*pk0KTmKNId`8h&rvr;PHcG{i9*S*j@u`wkOBz2ZG zBy=piJZP6mVF_wXfE!qS;EH$;ih0!7j<^}UpRA*v-L_Fct~L9Xy(?n{?iA%iTBmEP z-vUJ&N7x{;b3k2|{a=p4Wr2MX`2pCY5We&$TuXwL{e?-lncFhCr<8vdv()oNlyYtR zmsEAO+awoIPK~9i`D>M`ZJTB4Sn6FIasbX$WO0l*+~?SLUe`ZBh9#6pgQeR|I5JNe zpv;r%vX2;zHhS{4;^h@$=Y8uCS5F%qDBmfxF<0l+VFYUZn&MY?)Wkcj1h<}=OK0++ zEr4SncghhrX?PpfH~#(0@?bVtO1n~n8{9j;xT1fqQsz8^?NR8q+UEdxT{wuz`umgr z0|@^6o797z-js%u?NCqe{%ii!4?pTUR9*x540By@A~bqu32yM7kW4z1L>@lH1(96? z+H!X+-ks1|u}e_?v+`;#L|Ir55zQz>bM~xn_JISfDte4ydFP+I)5T10nQ;t?*t7UN^En3MMA^o5FOP$;>%?~g2ITLF9T`-e@!Nlw+W*O; z_3B`ds-luoO?S8E2~yJ9mhTTvoH$Vhde~4!@7^gmTWf&>rzjvky?FzsppcM|@Ck@e z-wfwLLQBi6tOAOPic-Mb2~IpFqanO99WE&CK}Q29XfZo!W&=0tC4K%V*k(P(FDa?} zoR;;I|EEu%QqofagZM^7NBZ56TXEN%^5m6 z3dqRF9E)Rd3_Tc>gq9^%TymyDTt3EfI^A}`<9riI5KsM5B<(EvlY2f-efH%i6&?qZ zu3oQ;>*(ls`bZVD)(8j)oRI{h1;9!~U?Y1u6O0>7Ks~D7JCFXKZ1dm$MdeSTwvmMC z0#!18`2-ocDUJ;QcbuQ*@7f_p2!xnN(k1}qZ`X+Sf#tQZXh{JOm{)!$`Xn8zcPyiz{LaGf zFH8|SIueVYd4ss>$!tBFdkZXQeRfYB5hP8<6MBe6RaL8iJz<~e9kRV%3fTE=aFT^F%uZY@C zqo#*J;pwZQ3Aja1d%&l17t+}e2c2MEQu^ufXhxBD503Tm@*&;?FRm}}+u2eP^c3Y?Lk=MB>lPH zRgMw4>q(H|u}=>iFKWj>n9a?a-^@L}c_M^d^C)6EzV%9jH6fFIcl}0AP)wS#)YKmc z6CnV~OUoULK1=7zxV4fi@?hn|p}Y88%RAN2hRQ`>2@7(4`L%(Ki6Hf(&dF{P^S{2> zgBi!B{aS$kZstjE%}i-6t_*gey!A!YkgpPvc9=ZH#Rb8%{gg5+bMfzAjz0rM5Ek3t z!;T;vJgS~4-8EZl=&Yf9A~3)tp`~4gsxRN>`G=_VCS%EveenM8p!WAk_LDK-Ul6yT z(tuU+94~mB20gM0f{2%XJ>SI!|7MDjI<{*;>y=Q=yjEweVpo}^?s5SE_xy2_&=7#! zqA^JXEbs$>;J~B0i_)p}m1Ma^Embwac1ZI?3+;w!yseXmD&U*WXr$gc}!MYC6QXbUa zynEZ02YWFipk)%#Rc3Un`-0Um$k#SBSX*t+l}PXr6@$ zvk>hsk^=9|b-0j_k>q=9!U?K~QxbxPCI~>%4N$TfhUw`gnnfBUcK@sC$RYyi`+QMS4CAJ_Q-oIm%2N*!bed2Fuz ze^%@KZ%Uyan(`Sy+SN(G(f0_f{|BHwWoXwJ0XL`!11MK?Ybh3{3AfL8&_gCd;lUYp zGeW$i3h{$VYjOU-pni(Ml)E24_rJZ-&pwSlRQ#4*aS3*>C3rXv62!t_+0=rls^&y=GBYhxGc1wTK=+8}|mZC@(m54Z2?pA=mN zMqgw`JdOa%1)*>d2)FP{0Uvad?bO7FA*o{5m$}x!eTsg=vv~i10Y%p$i;27=rrVCf#KVKT&Cqk_X^+&%E zGAzAf3uv#2$w?dd9QFfbUxWdJ?9R&xxDj0F!V_T4r2wy_Fx>RSKNKON0bJn{O5pT9 zgTQ#mi;MsUH>L_l)={ zrK}7ElSv8a6Z?R+4wtWP$bhsT1@SHuS#^m~eYCD2}7$>{FAHEf!pck2A+ z*fX2wP}pzCT^HHdrA;Be(0gm$b0&WtCE~iNy_JJQ{@GbxY-8>5{S|UC4V9dLpHq2n zt;6s&iWc39DL-}KDk_|U0<_{#HQj-8k$*q`@Jj$1x`b4p09j_xnQN)O%sdw9uGxtVfCK{ReDTE7i45wPPD5sAZ>hS^P#|H})$k3zr!C+BU;n z>$GjOh)(+--6TrLDq5obMiufj?NJyOq%Td zMmA77a|tRIg#XpMWRoU_{O;j5cL^|jIAjq5puA*=v1oOmweuU@ko!XT;&)6L@6HGg zH)@P8B&u`lp1Lr!EvKNQ)OeBP1hQ#sn;A1iCtOx6;k8*$yST+0R5kov(?ZDr)vmr< zJ`Vc<_ih2o8^XSi+!cfS{=jBoN92G6YR#t0x)CPmYAw#l!|+mBHZJU}&va&MpU%## zuv4Q4NLNzimpbc|lrKl7q=u@O0*;zs<0B&po8mH9{KQn{c z>0webp6=i`ALPr@!Q%Pef>jAiG~-V5al5VdiiWl1N*VmTR&&kRSbGCj?qAdMV4Gf% z0lIi}je9mBFG*}?QE%-!zT&&d`KQSG5yk8ygew~kXo9}N7YzLKKdMML+Q4R&V`Ajq z@7(7;>K}wD)3S)t3jLKl)bm$G+Oh=SP?b(S&Z3H1h$Xih8++aGS;kiQEHw=hzcc3WG{d%NO~(%R zYPI!aPS$tKNb6#E$HR-d9`l;2@&>4cYro_Pfv{BAr*pl~a08f<$#EMoouc}2rw4R2 zb=w+wS_`yy)V%&Q5)mmcjLK9MV@JXKz<=OEd=3<7#BIHgg-?vo_Z1tes3sEY*451{ z;224D;Z6(HuP$oR!N24Fk$xduf>S2iQC?q~P(niqlHcnBrP zN5EYk@FD!KBVXEqE*mP?)ZTvyP{ImD(LJIc--Zk1z+3e@RiNI^(c=Mpp@otx=9j-v z9&_+$Xf~8@ic5#R$P65Wj#!(=B9vmoeXH zga0s~J%*BlQc!+@>uF}|p3_W6;An?k&ftIw)jmq zFZq{!IkxAzhJMYxOUPR3ebeC!G<*G~B0)RNsDK)^2<>-SubOt5n@-o}lyt##YIf!Q z9&VYZ& zx|qm_k)ks~lT+#FkqO=#_!ix_I!V@%KS&fqB5@m!7W&5?EUc8Tfa5VToYT57qWeK62cUD%Z4 zEG8ko9`sk4F5rCrrt@-eKjO=^VGwuj?&#nLt1b9v=FGScBDD{4-qv^Y_}wiq#*f+4 zbhIiJF(vNF^DcoC#1)Oq9J%gk2*~!;CuZe6bhRpQGimSYRObvMKtcSFY(xS${&ip2 z86QxzQsjq`qr;%#ZIeDSsABB3tW+!TKQsP;=Kv3 za-NY|0dVQ~Ps@w~B>PtIJ;lrGBACqwT?PSVdiQx80xFA#YjE$(g&g`)_|s2*FT@o(`C*DbD0k=yGiiM@i#AP4VGtt(dQj@eOx~t?&p4BzB?RCF>54? z+i^VZKdBH{oz0FMo7WUapeZ%m@-8sw^Z=GdnJ1Na5 zF}L$7i^Q%e;cS-UryMj*Z6#dZ|JzNL))xRZ9LS`$9Jrw@nM7$l5Q6Hzesl6U4YFP> zFBNeVxTeJnT2uqov53oSAF-56g)XaS9jcL>3FZV;Kmvg~!LjtTmJ)NvR0?)z|Hv&6*eshf+4W~+Tg%4y9)1KIc5TONPX4=n{;wzXT&=$O&K@tMIIMzr7T0q| z%H453K0(`UqC~{Kwc(GL%Hdz($pT<$kYLF_!W}63?vDPr4}F&X_L}BpQ+uvhiBt=E zt7z%pA7mz<=^EO&mNVZip2Eb>hD7G;*xzfP`1n{X=o5Uu@dqSUJOBfNXqu9ZtYO|( zJs0>Ew;9VD%dhEo)KHBkxyLe)g{SdcW~FS36k&0AP3T}W2o_Js0v;T3;p~LTga1N2 zUmqM$PCTihS7Ln4Wo2zG@cF}gV_(h`EVt%n&AnE<`f=TXvN7OhQ?xKR;@hG_pu6=Q zZN&niFG!sS1iNz0j4R;Bi~iIP2n)(RVUeJ0eog0Zs!a3h%rl>WzzM8DA+bLVA5qu# zoUe;X+ zox-c$j?LEQ!O8}_9KtRP^f3y|;J6C&HMwMX!X45N2HuR<J zK~fUi;C4}V;HXmmsr5#pIy_>-L$Y+b<&i3x2-xkXd{wrtc`RFj&7tZ`>zgd*L6{Qt zxBW=X3E2P5OCi`>=MOVIX!cvpLV0>?=Qt`USlQ53goKr@w#2J0xs!2&y-$8%tMA)# zMv(_hPV+MXdGzyHp4iy#4lgDr%=GiXriG~~P8nt8^KM_q>v`(Uzy+w!5edFl7_;v& zd-qjV?drK2r1kSxcB_2mTLlrFm)P#zqxn6mv8KQd{Vh{jyLinuP0cJ! zOFgm@>cYFTVbg|WyNG*80Ne!X#`iCe;)4^vW$a|Uzc6MvF}Bz$=IPN8%g1+L=`2;D zHV+ak$`VdSpjezjwLxnuMr`x$0D(IIK+4GobZv<_i7UhPzVurTmN{e9rn@0{YngB< zM1(}BF3EeX9YXf@^%)J7c`mNZST8p8a%Wjo=1tA;Bw<<4p**a0j878NkZdFZzCQ(_voQ~7$fN|gU0e)eiPhvb?%hkJ&jRldQ^leh!2p25(No{~+kz<6#g*u#JJ zVTBnCX)t?2A2AN|o+|W2>|jM!RlsIC*f4mFOkieiE?`_)it$3MrT=87^-WUgh7_@~ zXHIgDDu$1T-jq<~#IDE&PUI{3u`Vaoq#jSce)Hx{(1v`?$jE5SzVM6jC38SCnyrr4 zFzv4&COX0bIJ@sUL-K85;+0Qsh3`??)kDboar?QRY<4HiApNY+{PSmVnv7rLto;Y= zMVFoyeVLr~$&IN7=C=OZV`uzz%!gChLVVjO6_APk_iN^+xy^^cWT-{+evYU{21*f{ zRQFuiUiUt{_~ZlN{4U9u1~c**FMr4f%=DuYfR(;DK^OM@FH z5>$rN6O#@4Ak?^rD643#nn)5cY7GzpTp4lM)t*MAesURHp%CcYZ(j+Yh7blUmUlTR zi~DT$voN9Z8{*9gT6!A6-aKn9tG+z(1+TFl7yXT10khDI5B>^58VH@UyG==le{b=O zXO>Tl6>+G0Uof0g$YA?v5z9$YH7PoRVYfmXHm56n5vhKGVsu!?O*BCnU+RBFdohBKe`#X){mV(x_ zrf9}xt>ovlw=rFxn&8rP&qX{@1f(*aJPLNW{{R(rL#C=;dx|!XESX?$roqjAdn|f! zY$opu)y(g48MNzvO6*QCc+8{1vwE!y5h&uiHdZhfcHF4*{dut9`EAOF4@hkus@Do^ zzbKfspjE)}vRf?N&iM)^;uB85BD2Wx#I1pG<;v9uzIOT1kbJvK^9oqgVP`lfixavB zD3W<&&t^zkDk($>akD8!uUp!o2r<#$jk{3iTXcDXkA2AP+JHS3P3R{L<#&lR!|KevEPgRtCAsyJa7&xx{ArLcE_Pf)_I~x}UD}x!DVt&_`AwSwuDm$~%-u_`0}50VKOx~R5ZXh@_A zzniPDhFR^72tIdF(*VU{(LOlHAnv>nKx^a4!l1Pne&_mrEkGe3O=P6(VZYrzI_Yxh z!gg|&#q) zpyi$Rj*jb+aY0r>w1R?y)8hm;a3c_)2AV{@0e15wH4)+ys1W=*F7TI}c5;6mEqvIQ z@FvyusFTq#NH0)xA({f$BKT3PgAYbNNAQ~}2?z_zzEOF;3okO=W|_lC0#m~Jp&+1w zTsn{^0aF3VBuTSY%9NIt25SQi6zjdS;WC#xi7txc^7nYdv$RnZOl;f%k?{p&c&W}U z_+9Xx3>7h|YcR96Miv!~;jtdZ**##xuQuTVOZ^<6yL1lh0uIDEGKgmYv;&Pl*I&q= zj%%%4Tz{w7+R}dcS}`Bwy&OG}ByB3|&Se!tr=ja|t07YGLQN1O3s zG%L;05?3iRD)ZRw;9&yWGcV3Sam|6?-cvAXhWaD^r2z!&F)=Y&uFDha6N;o&??`q9 zRN!I{G>Z7>)~)z#l*EJrEu*c+Y61i+IXOAk_63v;7)rMZee_>papUfkzYx)Abw+V9 zadsi#))-{EB*aAcK;bl>D-f%UeJouJ9FmZrdcMNtUR_+7nt1meaF34FD%~#y4Q5SN^sGhEsr18yH!S+`Gq5-=10wA^!yF z=I+j1_%gEr!@;vg8xzLKO25CMOhsvJSr<)QJNpT3Q`BW>^AuAN+ zJK(;?Xy?w2ra^V9`FY}sH>DWcG^uhowDCiU_M&SK9j`AfCuS5~k))YDo@J_Mx)SQO zz1(VMp?pxL7(%FMhnWUQT)>|9KLmt?WZtOUsD$MFSCknF#EQgdSg~;38vW;oIL`{r zOi#;I%5-h72fJ+bARjXbMe;isdW;^>U}Wno%jXxe9-t83UJ2GLHR$8B;8`yygaae1^BFv?KmB~)(fN9!3Vk?OUH$4ijd-*AMZat z#q_}N5FpWK(Gc{~@+9^d5=8HQ5C2L`8`F*ABe2j5aT@dq3XBFe{0Y-bNjZ#=2YoXj zgfUbuC1g8Dr&qWT+g)O$cV;H)a9Ad<)k-!lF7U{!jKD0#RX)%9^@8>2>#g7VsijIB zT>HO=nAGO@NO|F^`D{DK3f3ID7~7T~ueLmyNLuf&9XzYIH8Gzx=bKCMdP1{O=B85Q z>9~!h#%Y=wfzIlZ&bll|RZA!oSGL6HT+PdHH_VI8Nc3evE6Hs2PDj60)=@l;VzC2(JSEFR_HdX(32uPMZHEO*PW6jNrj)TZ%fF{6})%v zUP4)!pWs)7v&B1DVDv#ZK86MM<*y zw7X^P%GU6jtkFOc{j+&&E>$cgd2NudH-2Q>ynnKR)!|!toL0GDnH{<`%hp>1zYPG$ zZg6@T-JmvkZFa>s_^YvD$L5E{511h;`WW6p=MKvzKUVg}=OGgcNDxkz!Id3Qr@R(fW9H1*li0?W|m|L+@2I6TSpThpfF_CHttINw5s^aoI|ZMN+*D^RcB|cA&uM zx{mC8&$Zhe?O7bOET@r3w0HYcj(UoB$kUaE*=;zhgU@>{RK$6D%f)H_)p~M9KbhRh zRK366X;bdkQG@s|YP>Z84EM^|Vl{KmN7f2ed2jfqeFMvZPRvZr1v-Q``J0DCq4jpQ zn_M1jMDEzuGnTF{@w;daVb=_p5?Y{*G6y?}APPiCg%Qz@+nzNkW z-ulQtI@1+Pj+I)|em|JW-Q-$bvNA|(qeCe?wAlUC>+yxNLh?k4aT{Oym_t&1gFGgN z+CVd;%(OQ{-t7*eYD0~cGo&?wwjzQM5Va*K`fqM-f@f;H&%9AyL3p@R7K*9}$S=Uo zbDcV_E@qWuR2#THMrG^k@n+%4Go%+DIaxangu;7UxvRR9em=O_1kEV9mDgS7ptrS* z-%9i?-9ik7cn^2Ywz_*YmzYjF=z^t)PGa_+Lcnc>;~!03o0+TAdQs zV8#S0Qch7ff~dx^&?>~v$W5u|w`cQezEyu%)acSajb9&+LiglqZ8m3sG!3uU(tzF9 zn6K!XJ_e;BsaxGC=`VtKJ!c|a%&H^TzvW{@=C*L7H}r4|&FD!|i4d<&DxuAgAkSPW z{m>HpGYviJ@aTLI$)(qrsz4o_?wY&f&e`Lmp5@-=VqK5FcD==xYIjf3XGrn#6c2~4 zXP0kp8aQx^n&0;rlgRLI-oZ-+gjotP+NB$j&~odvgMCO3lZ=Ff&U|~IPNrP6m?t~h z1Pp*%h0#Da3vlkFWfBuTBVKum99*8@|CSP*8O*yo_8YD~f#P(vzz21FZyyUYUGb=b z=~%!-W-DXK#%;TvjpV9lJ0pEr*`>_7_?b4eb%wYw!@VpaH~GX$^=1(hr^{i)hQ9Tm!DE26l0Ue7&0}%`*Ve4dW3{q*Qz0ZR)i2F*`zP-KL#{93>H?a#yaYh%hQq1^g8OBZY1rU@E z)hx5GG?=ZQ%%0}gE8STrFzv~f-D2Bb#SNZnOAZJk^_Yp0-P-!dwlDsF(i4m9TM_u-B$Q-4}vc9M2`5?gwXvLTiXQwn6iuaDNYa4Xsc zZDLxbLz*6NK<9|}yhoR<+c^g9EVf+=u=FnnV@o8H`Uc4-& zpAM^v?zHZ;t7;y^xrbM|Ci6bWdd#J%a)y%@C#MTB>g}uuE~1L>R6Ue(%fx51SUJ}J zIh|^~B;UE&6I90BY16-JmOewCvr?zPhjkl=5!2BKMT$MNP>7S1fTEf=^^4*9V|y_R zPT+>BpSw{BS3crj5}^dG1l((?*2na8=^>rB)7NEtv#v?p=#Q;wj2_KU$>LxEdMDYN z84cK>(TH|*nGr9A&U23ou*DCTRmLh4$ur`Y@yunO%iDH+63TDm=&idsqUx%sq&A*q zSqyZpZ{auPLcf+yFZ)j@`j_vt2{YX8o{G%ZK0{S*ue#6ozjB=&HmVf}kt2~U{=pv)}q0r|QEkk;K9CDjd)342-aOmcRd0gInY zYa#TgQa~&Sg<=-6>8Hl8rb!`VZ(Vy+X0B3)`z%Asqep%r)>X1bsH3(amD_xb-FMal zUE_}4slCIP=hIcbx#H3{+k`x#@m`Ku+Fkr))q8XDZ>D8#+XJecVQsjf)d`L2#K}0a zq2kpMm#M|vRxO^|ycl<*Prz1~k1IVdlrtYd>$Rlf=;&0N)}%`vu9G>|m2gFtR!II& zY5X=h#!muwvZ|}h-Pv&t| z2R{r>O_jTrSzqS9+>N|T$)*o&a@-L z6f33RVxCwXm!`VKwXV`jz}ru> zT@9^YtT0MLi%XSAtvNd-V-(G7{7CV2vxdE66Dt^ZMqLX0a#8WOA>~+M?wu)Xs@hOu zqqcHVO7~G*z7&mAk>zz7^%-{v!V2-xZ4=c|yi(#x$~H=muPI9wpD){fj2q==^ppjB zqX%NUmj|R4W_d*=2HmO)Rn^FY6|k+%UhGbDy;K|8LWB0zqUOfuHzZtHafPdc?4w8W zr8a5HU&={Of6#~}505Qpx%4`cO2$=PK*Jv~8y z5E8?XEz@Db^E@c91yk%8OFmqkqMvez6U;ga|JvHxdKwtZJJ1&Z^UWVjwREl9AzM{6XtkVjWDB>_;#(KrTh6?l zFdNF2dO6%|>n7MqWe9>D<|XE~wTMa^#ZK{u-wLKAyUE4-u!)N(l;`-z*N)AJ_O^4~ zx!C7Cvf{6BAhA>mJYuu@^-ULa_3^gM)+fZ|2_W3Qm*8l1UvYxFM0t;+Nc!RZoxCN?=Z@{!aoujT7DgT1Vh-Ih3Y2rhdt)y{!#I&TY!^)9V`_J3hP*cZuQ67t}16+Pl3M@F}J;1WmuqRCT9cHY}d1jFX%c9%GvdPHs^C+ zn**Cc=D_wzRc4@uoG!Dm!PP^59sc4dl!@sNz6-Vj!hpZuh&q^5>M~V90;$v;TNBd! z-aljDyT6Dg*Y!7LsWjB{(1Od`%rC&exY9(I<;0tYy0c>uLe}?aggDO}3vRsM2K*(} z4i9=OLdMDh-utB|2aDlu|CQFDr>Af2?4-myEq~N3wv!bQ5Y+hl(IMW>P7x=S1y1BU-f@q8#jyKjXPGa4vy+imqTT~j6oEBi9iYY3NaJPh6Y1wFZ3(M$S7kMtt zOs2@lNGOg9Dg|hS-le9V-9F_+pbmW`4ejpXlrd+5$3kFdfYM*-yl5XJ6mU=L%&8Xk z`mPe{&J1e3!n87jA%PlxLJX4DrzNUg(AU{(KX0@d_2!tjc6U?%o&6Z$B&@2p|cMT4swLaXW0&wnOR!;V+Qjs-%0NwBT;NbX}7L{(}Ob482WiW@6IO$ zD|4L@z>#tTftYL7*49wI-QrjB?IQO8523>B8DUE9K_3+;+-Y3r31K^^8F?j9CS+6M z>H1ft8p%ky!mdIN10z~?OOnE4ikXyR+sKwDn}fg}pOmzlJ3-B|ApOA03zy(O^z?~q zAo|X9Zvk$ox8fA!)u{7?qd+osu+-gXzBkvdEk?O!hJ^RpRkh_)^Ivwyb6%u|-n~`K zTDxR3;4GiRL<98pe`VyJTM0$UAVI9)u#trk%(C4dD0|Tl;+w^hUK*Is&#V#uZI^EZ ztkk(EQ6D~VGq`yudf)?VnWGv3dYX@2xho1j^POhA=A0kcr=h)BzhO5qdUsnD1%j<# zKzS*!iNOk`+l%2LU@eFGXKC$q0D4A4T$GNUkF zmtwVZS@&uPCY%Cxcg{U#f>4ybG4>Qyj3j@O!t0klNE#ZN1Qm{JJmLNdY|It{M;Ck` zEeG=%Auv^eI?g)a4_2#qPEH+=3DzEiDqq#VXmIC4ADvVQF4b(PkK*ZO(rHs;Xo^hA zeZ;~6dcM3YAs#UYC$4C5K_rbJ$m&9d!>;*i-p)~20$1z*xa>t0Ai)T~LfB(9t};Q+ z$H%e1sW9J16(wvNc!W`pN~#po^X0z7sLa&|=}ACUO0yo^tCc;JoL`f=%vRIznje*z z$O@_p_G-n9FP&9I$?MY+xc*x@44Sn){izRb2~MS!ekLf@vx96*sNikBFTeH!R+2VI zBAaioVq7?&15^;i*B=7awaE=pWRr11f^5pMbZSWozCJ!a9Kf0Y)%++Z$9_BA1osae z`vYr!<_EeoAP`yguCS*AKjyed4ZySzB(n*QF z&DKvrNcg!pzW~JKbZMX?(`+Yzc(FdQ&1j-s4hS~1;tf=&g2FesmK*I;nqd+I)*e2R z20Mnv+<&mxPyT=~;DAaGjnhD`6%=AAD=X6o_m;Riy!Z05-16v|(abkD-BS-&DWHWW z(yPZnPeSX%cxDg)4s>{>5VVoaRy$S~g38L`1Ed1&B%q2iMRnCnaSrCTt$iT)1*<|o zvr>i^xoc8KuJ)k^Wi@Jhh3ruEF>fJ@;=vY_$U0M8Y}grUXV;kkvTG>O`wbDN!RkHW zyf6Yw+z!-4CnZg+vkMY3xM%m#Z*zliXGg8=GE9~{p@H}W%F5i8Kse+!XIKJ+u|T?c zOTJ%uKaeBApjmeA&W9n&jVl0x9#)2ZDT08IV%N!5pYbi^zc;#aUCpR7bRt5;&JdI) zGExeHV%*?^$ZN=Vqm~9CFpsk@Jcq#$ZnG9&#h+xTeIot~fjAE8o;mKe-bBkBA!SfN z%g_p0`yOHNmVA}bf2PNZ2UvOsh90p)AUa%d5EK(}FwDuLWNuO__$D4_udSNk16BP2 zpnX9b&?Wfm_?7mlf)ojucJmMIQgIrXsvg{MA^YNqLq1?$o)zwf9V$lLxh9Za+;D?m zYc$KW&rk!mvsZ=ga|>GCjc8?uDmF-Hkc@q&k{e>qus1VMk+Ul)WU!d2YiO`r2y6xp z1j0SR-n*Z;091y-Lpn;BS-5{8s1EsnexrufZw0DZngO8mNqe@>sfIi)zb4xJ_k84-hu{p-k5@nx*pPhSJ6<%#mj=$GEZCrh^Ug#No0G0?(AY_5_;AQQ2P4uwYKrc z!ejH@7a?t~gs@L#_d8OYpgtq_8-!a=v)QXk%#9KNX0a(moC0ZN#m6#$&45}brtzh@ zJ&CPOC(yz=0fx1=s>nsbo}Pc;6!i?aTTWSlYN2)@C{YLTjKhIYxyiu5K-NRB%e(xc z9>8VO%jJm@MWmE%^sK?C71N#SxZPTy?@@>ydjj>wmwvH0pZWx#+$R-5wjXl-lRpHi4POK9H!HRp`7%y!n8O$JDv3b#vykG< zE6DHT!xf+g}9WfhRwN$KA@I2c>jRhB{B*N3f5U-Qf|wRHv|`Rk?{ z%8pKq0k=}=5|{kZu8`@|d+_7y$S?Q#RrR8RYBoItgw7bwMO+DB>^nnV+ff^_8JPmw za#7diT2cTTlbmJ!1639QYDPihhCdCfPl8Oxn&L-20v)xh&>FOriTiL3^a@)FkzfN< zSv4yHRd#`xu2jH2^cr#vGsJl0B;E6-CeWoiBY)sV9ls}*T`J^XvU*(8`8NF|2LqX2 zczCCmFV~&Rb;TtnlT3TC(Z&$fIb&OxKzFY_#j&T<{Pz`TcrDD#rh=&H&);vydMtUT z#3 zHawyjK){43Ss4XIKt+W;a!#TmnUjKBzz22qiyNX|JmpdgZ?K$BZyV-uRx zG_m`wYRCCJ&zU)o&U3Eo`*VJY8}{B+tJb>Ly~3_?aCRmJgwsnZhbN|!-58D~3=Ohi zDwiAkFpdx3wzD_y40bF!VdZenF7EST(Mt$*J-z6vSd^BQ)^q>hjch;#0}LBC8!?TQ z0lR}Y;<*2*$NS0m75p0Stoia+SN<>a|68fu`H8CblvQ`h#Pi)DhG1eR zweP<(V{_`^HQx!$wLx0^0JrI7`slZaU0zjp z4J4MV1`+IHQ||4TUFE>{z9 zo(}x*hO2K?X!fIXJ6|<>n@^{DuB{OxQJtm1VrynL% zaNCq))A~w1+Y{QvESE}4aW$t@j2h^061%y>_Odbyo&3kUz59;Bp7xmAwYuM{%wH1> z3ktsB$As-%cJ0>tG-^69W*VA(yxW{#(%vhk((FS*oAH0L*XQ{m;41t#_v!p-PEG@; zhxZq}sW{jcBR6vgk=;rQ|% zEN9<)X+m0grd@tV_uLDy(HC*VAN@$@TR|Vo0!o)ixIg!U9N+gK2%js9O`Q2vB) zz7VHdA_=zLV%Kw;7f+8$Q9O1SY$p?P%AQ-^^Mtp0d+B2^pKss$wR`3-m-Ao5p$-r7 z6^bpc{6Ww=e-{eAMMY=&{6W!<;lnJ&bGOIk#0QA=ZIZE_p1Irx2Csyf4u24O|7PmL z_1AI*pxM=shqnbZ{)&w?djQ6&PS&;_TS-owMLE~9d51^ zDQOvrjg=H!?#GTEY@BToi^ueDKX}mIast7r-Pgd$*-_@xu7dSn{jb{gL!)gylAEg{ zIFpV3p}ThN{h9yHm1pm1-?&B|SP)CU7Io?Of36pY;23_9?fm&i6-zs;?%4kc;s1oN zYw!PQ0EF;Isf>k&41#&@9urteW_RKdNqE~ zK-0PI7$@SoZz_C*7XH$)^Xv~k;2ZQ#_4n}$PFLa1`oRb}!IdU!X{ zq08g1tg1gI-=_bVeCzDivG1tG8*^VR`q~Td_ihe%7EHEWQ?vS;L4S{POf3WxJ8K{n ztb|A)*T_Yje!?)L82=KHap|9KF9a7(UFI#Q*ri5j{-CSvIKP9IMJV%Axn3z^MzDKe zaSExEwQ#TR#Gl&m<3FTkfEnU+b+&(S7tw?+uypAT>zAtPsY*r&4@(_C$n4b3Bdw$v zk3CwHw27i@aPSZPj<3aDpw!HcT{nMFCz(%!b@pe}ccx`D^Yq%lJ9Ir-G_L%tMk^T- z`;R}t159A`Yk z`VWp%{!`iib8Y$!L6!|3J1Lh%9nu>wC8Td#`(*amB8L0+F{6gX+5cpB$8HUv>5f^M zUOy;&WpkkE8s#3$7%tyl>}h_BOV&+qI>`3j-kn@QEQC}9{XhM>0cd38K>&CrH_S6}&Ix|~m4z0aS4F8RL)cI4DqxSA8;3ub(sC%qoUi&Q<1YQ< z#`q^Br6vKZw9wIv{ZXsLL92A5E~-A~+k01b(Z%-NYeKTpocM}zd?GLMML3_&5uY&^6hleIe}iERlmXVgLMJ37%(qpEjul z@1>Hr9vl3Jg;EGL76M>c1JAYh{NS)sUxQ(#YYSP=7r*^f_hfAGwBj+2WW}f>r*9vV zt{;`(V5KX{DSfNrQMV0~(f<-T{b`B+?g!t~v;amLd(h552y4GH0*%d2>dZZ~YwWem zB4Od4(gQLJnOsXIVsryI%&#Q&3cE_l0~}t+-9+*|yJX(!mv2B{*MwNy5w zd{|)fA8ww3NbvM^saBckDaV*~y{4TkC#G&Ey6*9vf^^7L2t7_kJ$6?v%kRm#JL;U7 z20yrJ9cI40bh6vX(}A3>M+I>V==mDCZ43)GNP4R;qTf4^%x*LlEaIk(llayuzMEVi z{B|WP#>Nym4LrTUXi=1W=(+-c7V{n%%d;mtbURYXifLIarh5WZD@58fA0Y&xIwu5C z*(C>+I#C*m%BUw)Y|gSk{(xWtKQr0RQCx@}ZA0Rax-g_+z8Cg3L|sU5rQ}0aZXs+4 zPey!M_&XYZIY*cB(UZ!PN=kk=Wvh@Qr#ea+hRJ+x&NEK}cF$fOS-?F&zb>4k6z%*E zhsl4~4QKg=lQUE`^%r5N8$J>jcf;9oQtxnmdX=$|!iFZoFHlTl_(+)GaCZ@9|3n^L zgbgE~h4(JQL%F%(ornZQ3ej7sUNi&zw?I<+ZK~q+Xv$tlVN`Y>-a_N@J+f;;g+`-; za^O68JB37i^Y(-)Ac?A?9ziguZWV-0PhR?lI^z!7eDx&Nfv9{Cb~p8O3d3K@+*uHd zpbo*QXjMW<^?>L0oK1$`wWX%`NTiz@5a0>!8eobV8823WG!x>emQv#!dw9X!>WT<< zjjX!^z|;6z>}!a!=uxl)3(?`QqpWA;U;LB~0fs+XUn9euT@dt!&?3xIFN0I!Qy$y*+(i7;QwR46(q3GuID+u-^ zWom2q`W>$K_rv8wh)_@55^3G+-35>zq~h8;coBd8(}3$0A1+qc5Jh z1zcI;wyPlJNz($HrcWrRss80NX{eTX{LY#|mBR6In&R~IB*BNA2sY{oO}315C5^+m zoC;9-XK2<~le8JFVgHOL^_Xin42k~WLv8a{mcF<=6QIfYb!?OawfqkOEucu?8!h-t z9V9S@2@La6LALNt0(E`oWf`{&x zUbz?nKClgBd2m0Vs8pqYBZSh#1fF^S9Oc$;mJ3Ks2&KDKcjwy1&#{Aetai< zPKV+Sv5$%do3N+d_cf4W=j&DUE*Js4YTD=vN00*qOQTY`ZXzjvaAMcQ6JrY0{~IL$ zGM~8RX_;XPtsv27DE*!WAuXNi=>0T{$wKi{JK__croV!xwV8z=$k7I9KnS50h{d8Q z<&^7k2=-HIG<4t_bwnaSp2X%H*xU0Rm-)bZ`I^(!;Cr*cd#%kKGZg?`!5zvR?v+n) zyd>r7xev^8NfxX@}p{erw zs!W1C00ajcGlpFrAzut(Iuc>o+4qO_%xMU+QZ}Yz=I0D$mioy7b{{?l=5vka)p0oa zQXdJ6wVygXf!Y0hk~8$snMV)6+9Zqud>Gw{AVMH80qbLOr-HJ>)m5-QuVS1u!CP5+ zP;bl8Q3zh;F+*YRW{cRlmI?|VdCR#&?B4b7(E(*6plX-_9NfAN$HQ5I)7J1z&j*^8 zt}kh=B>NT%x~VSL`YGhJIwtAdHNSa2&ag4usH1s36%4{4_pnC z_um2j{@;T5Um1`M1Ui=VRUH=J-kr?Aaj^nwq#o_{new6cn-iR-U8%onLg{=4()rAV zAcN_K`TI!ROr+NZD(RaHY&kjfr){`|&Oi&CJ?CO6$io<>SLZgs;(MF=Ttin{0`c(P zci09V$~qd-NL;knEFJSdZv00K=iYy$o}%iz!Q*x_8KL1@!oXWnkG%vXG~a)JS@{>A zm@_;2Pe3b6I1hmKSQ1;0KJdIk0=e^!r$3$UZQDXoFj4Mkn4sL3>HQn8_g4ZtOS^VU zv&?NEE)e*lvymO}AoxpK36ZihO7YBqQeyP?LUsPhH;$$uF>Xm*6t2uxJaDQ<;L!fk zseWVCsX0C|X-I1VY+H6b5~k;vnJ&c$1I^d6b2-9)M&rf<-Hpb8U=)3R9zsz%W?)po zm(3uMz64tTQi^H?YP~to`b)S3MyU1WKJP{~xfpaZ!eB3t(1M!96_(CMkeJv6O*fLrra{q}V66e(z{8-diuvOF?|Xx1Z)K z@9-gGJ{ViwgqTVPTmc;)$_4`Z1pw&US1v(911`(|#bu$xVS+-usq=8MQ{bgj)V-Ah zAZeE*oYWou`!4^c5)isSW%C3w-KlGA=yF5W_844M6}AV--OH4v2vD!_5|PG z0n512K~D*EQA#I;bx`2n9sjG0Gw9-#l>#;2g&&rt}S+ z>IRG2T~h1@zM=EIOw*8cSyLk(#{*Oc{!o5~6H}gMi2+N-8K#9`pN!0BgPIBW3A^JT z{Dd>dN1}<>L>yc`FrDlpflJP&oG64a1R~aIa)S2)$K~4nhvNc>_l0pp0$h$vPs&OI zU;@!gzMa}@JH`7^J!yI6x49RWj6JlG8{Kgw8kB=Q6Wjo#y9s@~3*G}L9y_FXu&EHY zuOSiFb1MiaC6JP36@PLgT^-%Da%Cg`Ab?N4i+~Bx5LvdPal8}=y0?lR2NNxpFNd-2UZlp+nI}&Rg z0W2}|r7+N^gv(%bmy5bop%nIBu>pR6;4lc3+zpGf^AP%M`1InGfgGYP#E zHTHNRY@!;>=nxE^v#b0Rr)l{q%W8_KLV&@^Hy2ZW1{9&2PiGT;4C3nqlt^5+_{+}# zGAr&DQxL-tESe!sT-etGc+Mv5eO{_<>WSz@aLW#=Zy@4-W`BRhK)~XgeqDU!LZ6|t zy4@rkKhTVFEp76^p=0KbsM6d{w~r~sMba$L!TjV)0)*Y=Uo{L6neQX)+|W~|z1&bu z_VM6V8_c7uohV>QRuq-~t10Kvz*10i4p4Zr!#U2-%cl!>LWSi443p8v zj0x)8`Anaf3!+f;34n5C-0bPf;9Nj%^f3r< z0KA>*Hw=ccz_-DdvKFvebQ6vV*irf^&d_uXfh=Gn2m|nH1Ktccrt30@wl^w!vM7q_ zL1o7qACa|pZ;Ok0M_7Ha~tMxpDY}pcsSJ?+u$Zd5qMV7ObP)! zD>Vq%zrra3{34|1XqbFYc6=|ie}2Go_#?X+fH>a(yXndd(xk+B9aMJB4V+<0;AQJE zRz2r^NkHZNf_tN-ij1ksDJjcugX0E3ZI^ELQ@*wU_80oq{=Nm@C$fmPC$g>Xlr_=< zYoxUlqHyOvFrMQlc3nOkhKyZz6#+BYdxVQKG|=|T$yn330Af#JhbeM?;v;ePL#H9- z0fGQxqT(s_Cd36W2^hja5w`)jG4&duA;6PiheyZoj`gSFF>B|xWd4#M|B z+$$j{kMsFHLl>{^eFCwqGuWzAd56d^B83a(@D0Fq-}*k+{a3-6Jcv2so7?E-e0|#g zNQM0GLozIIKp}ki`TS-Xw)V*;nQh*EZE>NantYhu%S!VY(+5B5sc3Eqq0RpD=ADbi zOLu7lOiuG1O6D)peu0cDt9M{UQq1ZBU>p!eAdP+rh)CAS0l-;&!DR}%{L5uGAVRku zH6#?iGq7AD&5V)3uAu`e&u`-7b-;q1Gq0zpQaH#)EPhWQ`u}AkzQOvx${Y+I1-`Y! zZ%*3WS4XLp9%MO{*9Ij+?*}nYy4KYNYZ}_z1^(6USoJ3l*O9v{5aY~JePYbbMjauU ze+<;-J9{gW*8WZD7PjylM1~HxN~h`+9AFJP--c zMIU`0O!-*>*pEW46UC~n!8?jettj281|VBu@Jo>%WgH3!_M$qId+_J!-vM0$u`VTP zcbe05|1Nkn^>+{os}>as2?3K%(mXhKM)4B|QIeUoMfCO;$9p^6s@FG8tE(Nz(Y=hi z8&y}o;`L?u+yKEApgJte&GCfT=Kg;eKJ6grf#Rq`@3vP zw@C~2)gw&oo?DF}1BGiRY5g2Ebxz;%o>XOK;u0ce{* z0TaI}paz(4Pm?*sy>t+Meyu!%uRA85g(DJP!XgNmY`Mgab z6HEEf>lc@f6ZAR#>ybGXf)dNK_I`yXBvVj!H3lGC-7$Mr!tNq;|(q0D9 z)@5}ScuIw`Cz!@IGY$skIKbF&%Cer&0hNO|ZFs0|a}p&3#(9Y#?fq!2J<5y`837GIQY4qwpvqKty6N8zn(2#}p=?$kIWsX~+>jREBU_@3`n$CMlf!q;Aa?;@eyyuj!P zH%Dw0m|hUNXCLaX0 zF$0+hxGevVE-Nd6oKbr@4)*`!&Vrl~sOjUrI_@M|{Y|uc?WA{AVn)5^-~g{bIy>J= zE7TZE5iJ0R8wLEjfa>`s12aq3(D#P$58}I<|NXLZHprr&2Rp&Q5eb4I84d}>^($~% zAcLt2C`p>eHON;wZh>jFl+QpX4KB<7qsz(yU|KnDIJo~kjvq|R(0H3y54_AINZe3q z*8^#yN9nYPh~Fl=7b>IP=t0*>EogB zKYPl*aiD*5`LFz{z^==>ebd$CZKS}!?2BCkN7ptbLmw$*qmt%`!IN}&J!H>9`sC@5 z$*d8X1XHT<55Y72dGeQYV{YW1V-|V@DE+y;PtJu|v`u71!)U$25Gbgj*4srj003!P z*Ehe?-DzN+xM!K$hmP@pa=~7z9+V;Wa!j}$Bak`pC#E^O(!E9^(26!76=0A9Qk*%w zpVrc7)lZc)>GoZ(N|L%;lmmRn6KZfL>3NCG5>L+4IXB>e+zfWqD;Xr5#p>0HH6?b- zzgQKM1{I?Tpap;!%Ob!{tj^Ga+Gg3)M zz_S967D-dd&^B;!{ra|nDs3vu^Ds z*Af8F73gLwu%J3Kam!GUlG8{7CeeNNwd5HvxFZ>_6~7M7K?bmFnI5Tq`$1|zZkKN- zwQ2(wdQ>hag0Bmdz|4DPGrA64KVcepG@Mdk(E;oou%xtn1fyMs9xY2_$=T4M2PFno zLKP&pc%=lI^rJ^h_}-Btz0x+(rrvc zsTL~$Z=R%keC{To7)k1M)@d2QIarzyGOhzZ_$Jx&;4xhQ_Q!Y0F-@DWm(h#3d0K@R z17xa@(tYla5U@}Fqc#@F$63;J)ERY_M*T!dpdnC14cj*s_TD?zA4nWHW&q@PI#ezv zk*^B~$s8>|(*>A{dG{6GuhfValrR{_%>;JI!Mf6(eLF|*`Q}|Tj+lv*$QksdGP1)Dm#4`}WaY=oM=z(3Jv6@^t+d@K zG}>qy$Cp$~+bWIhTdd6Coz$kknxN*}TO*sb@WL{?tY*l*oo$RvZ#a?q@g5z~OY9>^ zW$=M|;nTD^Z4IbgOKx9es{>@J&t^T71Xez&>YfPjn?iZGjTn%7om9!E^Bn_R(DvD? zx`6MIr3S}Rx8StoRk^lHMN1o!FM$FG>aq-O+n4oZznD`4DdjVoveBvsQgv+@%W}g# z6pVLS$fN*{uXY8WlYxj_Qe^LOJR+Q7w3Mnt=pEbwRhjBYzI{hd0Ap1y3hnT4<6|1fvB`ht{z^^A`knna~)h%-4>WVdH2EOxxRz zo_E82PT{++?ictYNm}SG7$eO`64CBp%?o&bhl0wcHZHXK@LS zTK0D(;W3*657j$f?Vgoua{y-D3~B(-$uLs8MGCrRO{f^28B79s6xHmI;v|qSP)&Q} z)D6VmQ&zsA`4kxD%`UIK`vI+bLQj=QyK**EKY*oDxcE9Ce{YPq_+~2+Id;j@am`sU zP0s|dfC(3(BjlS7>QxX6(u0-f*lr@KjxzxRxGsqSmMv5$y8&do&1`Or2SACpOrRzJ z1SjO=u{(hT{$-KEJyeMRoH`$EiTNIw2v;4p^Ux7SNkcjSgaIJYEai&|42oYqU-DM9RA+ zS%Jc+uLVFR3$)S<;2X+JKp#Lj2@6~4d|-TbY}o_ja`0DSS_xWW5hb3kB@udm-U!@K zAap|-?kEdLot9|c#37e>kf*Hw#|ML~k%4p;tVJ0Bn=m+=2BV$SVt_?X+l6tEs2-fw zfad-D;2Zd>V>;m7Y7PdJ0xW#;CF&2q>wzu&yLB1y>)3b(pm+3S6q%Ged$IWuHIx4N z))7m}SC|ezFLbLZ`MKjO1a4_NbRN)Z3c?VV+r*K@9V%Po#rTs(cFETjH(}CwgUSSZ z%P{=al39{g)kXXuoWc$&#>1(q01377-X)bm&Iue&k*^7*4m49Zf%zs34hMi{&25;$-@F9c z{8H6?8?=pl*JWiVARhG7@T7P!C>NE4*_bl}!`t$pi2#1_)pZo2o_-%s_S2Qwf_DG< zIG2+xk~aEqCx(GaG)#ydn7;lg&K*y;+$N~>ThKr-hqTnW+_zNyV{-PbLRwl!g?|@h zi)@DBpt6|nMf=kNw^0vIhb~!AQe^}H=Y-TmLr6byK;3bS-Cp3C-7*O+P-EEd$q7L6 z8G?us`*^!z$%?mRiKpKmNRx2rx+K(?hOOV+g7qpvw&JZB)tRa2<*d&1sdo4>X`q1B zFL4LKEYblZf*oO?;)vJ=da`YiE)NC{I>jW?@AeeJW7i3Qq!2RF*kQ9lAe9LqCiWVv zCn#lxwp~pvQEj@Hu@w}=f?BgeJwP#}Kw7<)I7x8{()+{4RjydNAb~2EjY{-YN|aFW zHZfF+Ic}}pyT;qd3NP z^!$)X`J+%o;QEvYuhOIyObY!?@Qnj0Se%9u6eU6fyikKT1?C)6p93LjNfMyYH5hpW z0prNP@pQs-OrIDew8R{D=MC^m`BPP^5aMM*6E$)dBzEs<*jjEiHBMZy%<-eB3Fq#H zdrA@q4PEBTavM$tJ@PxM%cIw4HeZJ2cQED>`=}Cyf=dy}$ir*8L`89hP`N9?idEv$ zMBrf3!C*jZ155=G4)O2;Sk6F~cEa?+1m&(`ZoHEnFCeZ!qRIlk-S!zD{ema-DnDe5 ze36y~;1f%lZLqfWUuOmiLRm3RFd=LR^zh&1EPV5!Q%esyFb8$Yl*(lCmT6YZ@-T%m zz(EV`0ve(Mpmr+CwB|5*T?xeeLV-DvP!QKRX~XI{7}_N_t%`Fy*A~ZXx0c)E`K&J4 z43*BtpETT7QlGeW@bxMzw_EIe3LKUY#bH6+{M*4jjg-%>?Xeu1hQZYm4ZLeG!dbj5 z@=GBv^*I7prU4daYNp3>mJ)%<9lFj3Fywd+7?T+Y4=o-H6JSc|D@Fd^%izsZtx1}$ zb5L`{peQ;kDSih6NcxG6+cr9Vsmww>u>bq%$qt$@Q|Q};b-|uOfQtsAz@a&agyZl& zLq(>xKXT{FoRajm!&-Z$jxlL{iWZ`Q(5^zt2U{S;D~f;zyiq(YamYTv zcKm}0`N$&9`}IlFzyn3F{-7=cr;~BwYa!u35<=EVCgF=lIfnPNprp?Kj<5h2(Ch*$ zEP}wi|M(Q`I%tf8nMx>}@3{=be-X)F)MN<{*=afmEH!XG_^b6R)A>5tHN(##(llY) z+!0?*pBAsFsNCt-LAz;LB5UU1C#z;p5ISNJOx=D3e=ga7VBp|&1ZJcg1h)KLs?8!; zJrj))Tc{f#9=@5ut_y#Y3|MTkreQU7uHSQ+qS8W+k3NH}q#_fXq|-AP_WiX+-}Z6n z;^aOXJM9XO7f$C@)@++#{QWB_`dhdK3I*suj%^}Dwg$>w)=DFD6PkdVelhhl>@(0R zAvCfA!PjKpn`g+jlBRUjID|5gz5a{7w(q(OaI+=a61Vpw5;l*3(H@yQS3-%*DJmE{ zln=1VA{}BCk8DEhPoLjhxvhS=bJ-B8D8=GQg{ zzs96Gyv9P_o0<((Q|tPlPWbP9B0>i`;mQxef4CKJSBc~|PS|Z9aKa#QjduA6ozv4( zVY*dfn6nv6u+7uA5O_3QLI*SW%_R^=3xU85X2rkfGR6L~)3|N{T{bHRqg5*`_MoB0XOV|}m4@ad+aCqG#6JpjX24%tSWFV2zXo-?e|s5- z_5O&yn*0mUy4m3X-kWS@`lW>ypb0b8+ytEe4Xe<2OYA?Jb50qu3rQMUaT!T{_+BQaSQ zb{weg8rTA;hv>xxmRNae1kCXlzn z3E5CU!x*X-3pupXyBC}qAAYxoNxD1>$;{+q%$lTy#Wf}l^)Ow-EJCi zyJ?YV021GK8Hm-@UXjfh=rZCXeDCYnKMAwN-ogkyNu9pw1^XN`1-tcA+>b;m-PR9~ z(Uh;~%egxshz8okr#3|0P9KN1I2{LVv1HG1TOw*M7cR`+r@S475_Vqd^J{jOz<(z| z5rRu$-GB#wow9J34+CT?_hf5xRWcoa3st#;59-kLDkV;b?Z-U_zG!Z+?HdSh*A*$6 z8#%DIlN~-EaPF2+9@95sG~jihZ%}@z!4y`{LFt#v^=XZ0H*8}EKTfE@@(<|63YWNP z%xVGKq=DF%r=AFb-(OOLJc;<@HW8 zp`SfRt|gfHMkA}l^c{P8j4S4f>Bj3r1>A@?<|*N5yVRx?2+gVGtT1Xyl8kLqn=uOm zj)p9~y7sLZHfL74TYbUg&G7uX(2DmEabP9@E_iT;(u|9*auRlu9%Q0UNg5&MkkVhUH-dju%9O=Nklihc)=l(t!Bj-mdYAQADccCvma zdIFpq;6M4?i2qj9#ZxWP@AjDE z!u>AeRnirt4VD@s@&>w!EKQWK4>)zy=wxO&u2770h=Xj$W`y^s7pHODnj>#1xqKq+ zksHEZoxG1?>Z`fw-nKDq(s&Wte~{#*_hNgtz<5$C z>&VD@o3peUs@L@hPh zCrB^8KRnu{0D|LctI-`|{kI**h*ObTB;=}dq)62wolKQub5=2ZyChLx8(Aq55NTMZ z>eQL}1l{gU3OZnaH$qXEJ?s>dp^FNLD467|YCf=3bHiwRM(_zsyAT?b+>@TuGz*k? zXxo&T6p-{P+>S**&;77zdQc@P8;-#esQdT_^k+$=sY zD?%?VftnJsB)&1IWm}0djoVi;WT!AiXaY&3bA=sOZxkur8-SXP+TwrOo`%-b5DV3H zTGZ_)ljfaAk=~nnFU0I0Xgdz1k18VF?xEYltMc2m3NZR@mzSRyK5t)S0bGyWar|=3 za@^GZk@ATaVwJP4_QO}ywGZ%~c-Fe0h!BDDX?LL3Mi;Ge-|e>Fa*esSxHcXd5G*{v zGvu{7H#%TRJ~FcOtmIMBGiK2fmr1)1dk5**X9?Aw<;{`!BobNrF?`Bc-+iuVl*4)G zVDX4WhFAzksAs>4G#%1ooTc{Z83ED*OnEZu19L`zM!*ZErEQKa&P`8pQI4yk{qBso zwiA$#DhiYs9wKb2Y$j&VmoZB3)H3jNbnkn=&Ci2NW5p?u_wtUfag!(BQp@75S{kEJjv7L|eU#4V}x|wBe%n zc{QcV(Dvw^xLIpjv$#=(7?-k=_(4kOEr!9}m(aQpI_6OpPg*fGF6z-_S&B&)LVC0c zr37eb>X# zxYLO`ZM6!t7xncN3BM{jkOQ#D-AsHAu0D2^FanL!?H41T&5_&^t8e;yrVdH%pz_ z9)&&=hlz1->*r!Gn00?R7?mTUU)yYBZ!Vj$;5(sGHP)Eual3LPy~*{++!%g#(eO>L z{T(eslgZrq=#e8w^{ny?KR&bDa;ff~?JvN-U|ED&&>&FGT?k~<+CP(7(Ds}4@z1Oo zEU^vI{d4RUkL{V7ArmlU4xU%DAVwU&+GC#_DP$s5|H^Yx46_)G*%D@b_{n#)?_S99 z^TZszGBJw#IHJ-xGM@-|L;3UJ20kJOqd}4bQ7d35aJd44e?ay2HgXgcM%v^07yLy~ zUJY0Vx;Q~5Jd=T4W214a5Sn#qJ)NtS@3;6$kYhZbnL9=^O2}~^_BmOA=$KI0+ zS&MEPb{=LF#&|667-S&oFF8$FzY%XL%+v$SS~HE7g^oU4f?>%<@`wi{Xx75|iFyxe z=S4<1tI#7x^a}iC_kR<)FR{`g)2|q^c(<8JioAXRseG(?#y*~WwQp&s-hGknl!ZVB zr9mWlXU&N{98U>F5n8N1dLDP07aoUtOL#2&I@p?*u}zfb93q7d);hOe&cL_d7MtvT zNTO!CAGAA|MTFnoY=|pV;&(pf+|Q?@9|?FZ(s~YhZG4R1XFOE;u=k6Xh=b>;(*3k|b zhDIv8LaoeB17{2)y~HP__ChzQDygN8v%MM_i*Z3VZ6Khr( z$>Rx#H5!gFgjZ&yZ-`p4JFS@#>73)eJyUBOz<#m5ep+6dWGjkGO{~pt z<`?AT9$ZJox^&$b-6LK4^SP?EvC*yNwpP0$GOyIae1!P?kyQ*5qe^B!q|`Q6R*LqIzkmCJ?n2JE zY?bJ7E~)b;r8??)zeINkkRj)vVrGgsHpkeG9CN)*BY>5h(|VPTm6Rb|x_vqXE5jZ4 z5Hzt{>uw$s8#&0~MNArYVo;J=zwgqMVaPaEvw!gwVsVGn=GG=^!p%h zd3HyKK8p;#S~sMZJ?5R-rn_d@S%Rpp8la8g%ZWT;ILA^FR$hAZvx$KbLW*>Lxgee_ z!MfOr+`o2`1@}tyxe+OP;a3IzeeUyl?%GcMCJ}36L0E};4)3eQh&x;2RuW8sXo3^Q zvt-Bd$ZPk6PL}vcFvm6Fua*U<$g_m3R$LVq&)Hb-tR#*w(TgtlJRGzxF=aRveaZIj z+NO1hpDQ+2#A7aF^AWmgwP^0)#6a)0eEnO(XRm;m8Q1G5ij{10SCz(_Yw$=-+`)Jf zo4wjav9oypr00fiZ@DE5dEJR}_(m@#@@mO#+C`BtQjUv_Gxo{x(I+3PBU+RC9t_Ua z434Z8i?P4)95BZ;9kr0e&KA^y9l|%f)EWgD#v2ktn%MICfz(>kz`nX&C*V=_2q_qFT?57q4fAs74BR(#k^9@ z-oJrdEXgSQ5KPM;x%F`Md>-T_9ur&~^c+JrZDpZ(;?kr=r5aakJO*8`7AJ~+MMgE3 zYR|XD14WD0Zdn)IbFyvxH~X2_rV=0M2az1bgEoU=r_<`0w{Tk3Z6k-th6lV00;}^p z%>vkJ0;CFMP6Agc_r+D(9(lnriaIyBoR4I;y|((+ubF?l(Z~K->$#^?Uk<#uUrr`tj~jR&oya)mbJ|BUyT z+weR*qayMpv)5K~`8ZZX0uxw0S6}uqN7p=QAsERjB~Ki0%?x07(-tL_-YcjJZEEuo zP1&;CoJXUx$y-?I6K%v0^igb_d)#bwy*u_c__LuTanhs1H6F{YOio)9-1gNeMaCnb zCi9Dm9G z!Fl~!3}>i6$4^u8PnSo{Hnx7tn@~Zumke*ljY(E75;J>a7S<5yIt33*h`wI)_Tr{! zrpmo5pz*#j(J-XiWi}bBaw&Djo^?#}T|KM4)vCLahhgnb2B{a4p+8H>{M;sQWcJE0 ze-vx@#?YJQqiB`H@A8%GkC&$FXbPuj-j^Xy?DwFrjYb=YcuWb#w|S*-;6}P`TlBpQ zIEokyuZy(d& zjFlp!Eqqq;Jo{c&6qOE|+9yb)zKxcB_>i3jZ$o6kkGS_ZXq2V>8H za6*1{sJ*9W}@&+~+dq9KJI`*_t&uCgYv!|sDYSkb~939PukZXXZQCS($ST*h;cJG<<` z$k{n5n2m7n&l<8LcPd2QoGTg6^FY#x%%{icL5|%=_Ssom%OD*i$t5HueS&0@zfePK zTAhNLcihP&IVWv858|MPDK0XgVNFv;_#!O(&Z9S41xxO1vPnH1M!UCk$`cOOuY2Q% zXFdDvv0f{+3cH7b$~WiTA92UKS%j30)Ji@_#k#V{dYAMWZT#VG2@GKpw2XBDzV*cS zS~IUOi`9|q3;5p0N;7hg)^>y#70YwjTb0h2&*awyj}WU`2bdWb6{hC!E~b5s&jtJy zh5O%R5uGf@OS_h{E4dudixxa^7vSrFltjjWQH0GIJl9ts1oP45F&r^Yi<# ze)D>^0R2T|rnSIbuZ_DE_kgaa`=HF>gky6;evdQh$c4!r+%e^J<^#)y)TWYKpsMbp1ctj z5JGG8UZeKj1A@_3YSH4S0J=Jsn@H5+hXWkf7J>UF$na$;q^4snA z{8@=iGH;Qk zM=e2GcY8^znx?|j9KG-ojXM3F`kj*0WcPV+3c#$J&DMpc3^&l_JN@l~WqR8+YUi8abKl36p#k(3n8d0SryH*Tu zJ93y>PPd~7T}@jgZ0clp)4FwW|K;cuCL`OC5$9@mr)SuioN7au z^4ZkR*}{9BS>Y&&qUE`|Lgf)>a zTj_fE{-C_S+HI*c{5z^e|2Rd=<`{~+X0Z8=p{nq=;i}C!j`>Pr+`=5v)3Ohrc@nf2 z#_wzN7PGiBNlmFC0Z+58tU>VL9r=lwi9cB6_Ya$Q0gwjg*wQ=1G#?<(V`j8s+}ZK{ z$1QAEQP!I^OwRivNaSCxY|bu6qL7~l`SGkFg6$H#`ksWI(KivdW5$oU=G4)*jk6%j z&wv<0tDsI)msX6fioeS#0QCy=1kyH=*Lwyj#`EMjQYi@>{!uDt*`) z>b(@P@GIUZhEH>Z?6@XUb)3I?YiZW?h^_C!TA)4Gn5&^gbr9`_s|NV26h6t&^^zOA zBSrfN#VGx=vrMf5bV&cTtt5`iArMH>>wkG z{YlFD5dFHO`9_EbluIQwLx1Ij9#9%MqAd}CfSK&NJ{T155Gq_$XuBU1p#25Q7OTA zxvxPw$eWpa6;p4M>UeQ%S%X1zAz@Y|Qk2^rq#91(hkp5$Ug~F%zttG!mL{oShL+Yc z%M6^hRb5v5O>6V&S=lu8tc$9~tMS{>0d$zv;sZ?Ak(Eml&rwBl*O!F@Nj7=al!g*j zCgIClL%h4EgNqR=`(t`}`K^u^EskDuw<_^6*ElvGFuJy5d$ui}76kgpRT(RN<8ty$ zn>cYpZ2Le&7YM<2zlIGVLl0}|MvcgB zmom$yR>Z8vZn`T7R5}RnCM`X$egq7G8?`;hvbvocU+ zUN&Ref#mm*@5X7owG12`UtDy&DJ(Vq!hI?#1*gbUj0PkH(n2-uw_-LYRbA}x(I_8yH6Xay% zHs?2s&f7jdRdY5YvrEKvwvju&#U?Dc|48-66vb%a33<=bYV4Dh$^%+<26x8}8ONfl zgjwDC(6x1#ic~yaej5X~Jjx<|sJ>Sh@itOZ*ZeImKh{Ib6}d<$em!&M4INwbcK&G4 zFP&J~Yv6hFH}c9xPtbDQG)HyGeCcxAEbBy1j+Y}mapNZ%tmJsj4eq!O!srFKY+Ij_ zqmlGVZEhDc^P8HC>ln3I^CcIrer^@Pus#@a)N&#TdIk&SYkU~zC2dO^mJT>XDAw>- zcwEr(Ub^23vMNRr_2t+&*l_pY@JZdnspGPheXF9`0B+Y^JP7#uhghpTrNxtXB}787 z4YjfD_4Wy+m>129ckh$6wnl>1hozDBJNi;Hs1zHyu=49|p%a~3JKLC=Q1s7b#jccDeT&fB`U8VKw(KHZ3ZA}Wav#%Y;xcBN{=)9}u%O5UW z+4ErA+S8PQpd9mp%=&H7%~|`J$K0&avqib0y5kcQ zF9ajFmD)(=m19KvmX~R2DKO{m^7gIQY+il7{j;^r&YQfI7n`5;TBbg}U+|!nW>Md) z@zitHh1hr^>RdZMXn0+&0DTsecI1c4K^>;vRcUK0X{$on$_VAp$h7`A$h}^_l#t_1 zhq*l0y~Btti<+SrL;7_z#=ebi4~K)Y%Qy?BqonndU+`Vw_n2#ANJVk4rHFnfCZnzG zhh2@_rqu#`McvH>WZ@xKwDR)#59PU?0Zx4<-rHxq3(D5*OKtkBtUuV?6g8&1H5NC~ ztMJ-O+O6|s`%v~X-AHU}tnF0P2`Sc%2Ck~(y}FiJD$=@%t&dse^pj(kGfDOXuWj`m zz~>RcXd3k12<~c!R;xF1Sc5*E`SAhE9J&g8o@t+bsANqAW;iH|@19?=` ziZ#;R5-@cprn5-yox0c?u2c1O?IZDI4}($=jMhw?;tuFB+Qyy0i?djR{ocKT0vQO8 ziRd~%s&PVNsK;8ZPW)KqjVv+GMN+bhk)Hnbg-HcIM#F;Dft~C=FP)7O*ATCW)~h4A z{SO5AHT&F(?D?Eh{dSMz{TDZ^P{&0_xSuus`hb^7O6HO_JDq{-GFJ!^c6r04r`CpGl~b~1=^qSjky==;t+kk{Xuoc_AuTXA;*O_98+jYJ49^(Gx5^^7pB;^_W#ORlns>#Tw5N#9v4l2`l(>kN;0)e)@dlT}GJvPU77=e;S0FYo;!P=;>$I~EC$ClNmk39KsHDP?x8$z)u=fNh@o7A*?Mi3;BaZF0 z`cb`<*rS^Ii%E4sV|~H2hph|docfWU1K6C*0HG@tv-bw6q&RVy{#<<(8eJt{(36&&iyUgrH(k;3kS%hRLAgiSR^lT;3uz!Fp z3vJeZ3QvwT27C8ZU&*MfcCyPT^b7W<2|AV?%tvnBT)ymk$CKF43~9-{o!(&lK1KNvb%uStvx?3b76cYKzc(( zbn$%z;J88lDRFL>D}ExRDa{>`%B?#pbCJn)?69{_9|#%q_uMJb^ilwE-ddgK)*|

UfZT8~u$d zlt$iTnZ`P*9=|{D`u~xE#99TvTvIoR6;!@ z7I_kBy~&%Hf<2z~d5k*&z-*iM`32vW9)GehjE`d*yI&*vK`+PU*N6I#&Ws#Db;|ue zuHG{o&NpiJP9ca0q8mn#AbRgDBnYCHL@&{Mi*AT0!4NHaCweD(?>$6s6TKUQF&Jgv z@_(Ma-{bv~Z|0cH%yq4E{myf(8-zDE-PMK|v7KtC@wr`9MVkax;s6N>Q<2Va_-^k% zL08H(H~LL}PKb!HQU9dRrnAvON8k!EZ-d3EMF<(LKMrH5#w0Jh>6&^-${!|Bp6<14 zHJAN{%Vzb{ir_~hK)f;7wq9)d()88GpfUh~;CSiYO06Wilk0e~(S}2&@9`QI#e#S+ z7k`Uxdnn$D5aII+>3d58G!^Xx99}&sTx*|#J*sW5(2_O*J>xg&Jc}qP*X7lRy5>YR zGX~zJ`}h3}&#$(+ex|gZqw;UcD}gQnMM!29Aw)`(E^sdUL#eg8xlZt3Xe+!aTJ}0h zKQG+EECbcuwgvY1{d&$_`HJhgpK>>i+#0Oh5S=`8$|VfnIRK=b&j!$`j_wkUnVO`n z;^j3R9`^__MD_uC+TBC%4W0PCmH2WWGr{%0ftTQ3YMM?08y^7cjvy-FHyJ6-ABh+l zseJlrX_ZJrw2@@U_W<&P#`y)mf=hbZpwg{zJA37yNDL0 z^q^Pa7>x>Uq%FM7moQ*~N}PAwr~!{9941|jgoG@hYz*=C%Fq+@_T4@m%yWo(@0 zHoddZa~ErH+;{3TYoqRgNtvXr33c6|4^r%SJm^09WV-uUo;}20%t)K*-g8650~!zx z57$SlRj&;Ka7K2i{yz=47npDim#Ty!+>?A!OB{MvE#XzbUTA5>F(3?ZKQ>(#zbFHwojr8c9&95FG&d`;}5%KGq}CnDEEuMeoDL*-VK{yb3l6US9-(TCmivO$ak+C z?wHW$UQZq;aVfp4EF{qQo8@Hv4o-;Y3F4pk3BI4|Ct*F^+<X{N zlyluXIqIp^Z0_DmVG(@rYk^=^ncG#WZIo^EfIrN5RT`tL@pAX5b%Y-mCb}AGyYj{3kc5mH_URAm z>G=&cVB4$Uf;Q3=(g0<(5-Bp>ux)y4emW|Q4diaih+27zQXTlVd{{<9!rQodPJT?U zdOE$(bH7F!&*-=D{uTK7nfvcoBBfzI3HH&~w-feF7Wny*_yH+GCzS+{gfM}@vewID zET1W8O~trn+uI)R>D7kuzcWG>5P=kRa(Gi1z5>)mm=t)_u5GJfDh~u;%0UgA$t>Qw zz>3{fRDaWQi|S|C^xwCh3k{?qfM*H2Jgch?g0c(VHt#Pti{dAjN^8Z9V|nt{R9z5m zMkNRtmZynQ?)fTrEuAdX6-?ZqgOJm@98HF9HF}}2KE!?5tqgbjv$RF8+RfqG&D(ec z^(HwInCCk#KvH4N?0LDj*dH+sS68U+jyZ*fD|h#33jp2uQ9K7+Y&{h|p3cTS?_f_a zwnjhZ!lbjMYmworH0v@Z*7+KXIyH@~*TR&w<#b{tE>`(5W4fy|aCrQp?c=Dk)5KzZ!09_tgWsF=_|Z=;<4&}Y>ArPY*>y%`7ptK z>!p2ZIv-E{Zx&!z{N|f-FyHhCG4JWFND*IV*1E;2m16WhPv1`j?XpF>n-+fpqJAwB zUs>$h^%r@JHWKrn%-Y!+zx%E)(6^Rjgu^c7>OPMa7htW%=cDdQW1CxeNX4#|!y)Jv z^__RO(jNE}jPUe9B(HQ}(Zn1;zP%*HMM!8Bc z;A58q=S9n+585F0yG6xacTM7M>W(PP1yN1i7P!`;iU7}@vo;AbK3|4_$SACRwP{@c z-d_>P&qx>JVM>Q}H{26Bs5cF5+o&_}9Q7`%Uk$5(`=LW}B1O5qM;-Ru{+X7Hm%s({ zW8=L~j}V0uZHspKFP+e_o$!-KQR2J(CHe@GEl1I#zYkZ|W0eL;y?o(6Q-YO!R@ZX; zE;fYv2GJ#9&12K#qHUj0ODOESK{>(XWuO`cQ1-|vZ4T2u8Z^~_%(Wg~E z;dAF4J7GFrH_JBcfLdzZB@xX9oQol#f3k4l)(P#uWmk71`qjQnf$+q5N>h7e)G*kK z+NnEwg)zZ^($8Z6|B|#9TqfpZ7krL7^?=*>e6~q%z(gcM0Et?0GMX`zUOv-k!GCD6 zp{X@`{E9u3Y$hqR9Kb!OInU9*TUrrkddD}uz@Zt3Wlk*{iZp1>cglohc)!iC-V1Q0 z=c*&+3R|f8C2>0=VD9h@7>Ynr?sVt7xm-`{+QqY-5*b>gdYad7XTy>DlHUY$yMrQE zAEvLp^Y!To`Q6Qt1{4RE6)}+Aq`Ruv&CAar_`ZUyZHvw;nSoD-+55Z054|Ct@QPWJ zaEox78n6jP8}BNV#_8qQk~>=MgY&@4t{^gf;?l6!?mYy~$ zD$jM*m6-&?bha`gj-u|i&|c8$+5>Ea`BgoEWb?-tH*?4t7{TW`w;5a2tUJQB9}+y< z=E1cMcqNQYm1al91pq|QU2|H+Cq;BB+f-)SKayMKn4Sjoj&Y$=M@T)Thv-fyet9^) z3B1kOAXSBw<|hzTVflp51eGv(0~7s~HqEhILQK|Czdw=j37?MUfCNp#*x!TI<7b_p z)_J*Cp3w60mwN#b@Hqhf(Wr>U*N0~?4m2U-F9G%%lBkQyC|}!~j0!KontXA#1BElJ#Q^yc;3*D>6w=BZ_q6M5Pz`Q}b5q5|{%c1TAz}~MENMwMB-i$)OLGjS+gUjrmYdnhH1+Tw zFKd)uHrLos$tS)1yf>}?Qz?zECyZ2ctNqjb=7?_GCdbESIX2=T)n|Tx{?6$YX}s%r zK+_!2;qW|h#_eEY&g?JwzI&vq(HQ!||DD(s`1QRf*_Ip?a0;fC^JhH{yX`Wct*I>&Jr1mV=HmSCOK za$>$wZMh5C_;7djlX{6*oUtOk!`P0oRia{+t3UW~yb+WCD0X?Vm60biqBD{C+Sh8~ z=lgc7Z%JPkI2-n+TbjK3p3#uyD|Rbqh_h*z8N^TI$v3R(clXE1al`cac=HJl7D}|=2*w5x za%!xMND>@M>;v>;U#_xG>R|l&N(fD^L)*=68hw}&403yYzlo}U)^d5Vp@^w-tnG?5 zUnxyZ$kr^wPiJ-23(YFI<(s`u30e{CC+TS58Vh;E<4P>sDWy;B)#F{;8T1&liTY~s z!2_ikwtNt1g_Ki*&dNY=>sIaajWPm0t#5ygOh|T@-lHbVf6O^4V>?|C&8;r^v_ATe zn8P8}K!!xyyw=RDoIrxGhH1|FX14B8=sGQ3qW_;$D1vmY^n-prukAUu8SB^Pd#3Nn zof`}xzWKIu%>!nRhsxeQR{r*WRFBo8z&z7tnP1^6x()}L@JfR4dI3nUj4(Xgk!l!1 zm(X$^t1J&|^_|RedaB10w$`3V{b+|AO9nw@$xC`aXNMfrp;F-&7+ht&AwTegtyuPU zWVpu*1j=$0a8`E2`(P9DQ{9sP%gfH`GWDpKRdYX#lRkAiLuKu#n5M&lnPkKD4&=@s z?MP~gvS}jY>t{Ng`t2?`_AQqa%^!KJ7VD$;6l$E-7?OD0%LZqj^3z!E1x7N4V?UUr z-;G9~6ZVqS_#unFFLud6LM@RG%dli#7c2yzKJ>qRV=US&CIdX_0cYWB)6*dD=Ah0+ zCho{q%Dsq6{$kf1wZVRDmqeyT_tkEkk8Sp)I(0qfZ1;Bwk)d93HIDA`-LhHapo`+Z zoa)}`M2F6KJ-DdwLQsyowi($NG=a1$=R|t)t z;I=7OVkO}&TGQ`PD83p3q|6J*N3=8C59Uj)Ikd{IQs)n^E>6DCttZCX&SnPehS)>g ztZ^Q-RFE(Dd%XePkdSl~z^Yhw7W0aWaK2qiakQMO#keELOB=_8*0<6Gozx!TQ|4OF z8Qa_TMN+Gk>hQ%&7)>HxUyau)keU6&S^|lF3e{`z8lex7Vm#!svHd##*<-USmrCcW z`MQ%o=CEOOe&l5bCr;=5U&;3Zy%VJwdFr|kuMwjhT!QVX<#GUMWyhx!{ZMAmzznP} zh%w?5@}Ztl9DSENn5gg7-Q3Vk*y$!;S*GBDno_W_jY9_b{26iM(5wxt* zpZPX?^PLi5SS8_b>=E7H-P+>go&1ogC?7>(X zg<5##Wdz!UH}pQkA5spT?dbM+s$YUXlh7fnc-W)g-x%@k-;Q@g>D^|~dw-s(=Qe0J zdP0v_Xz|1n#;)>0Myg|u>@|BeWj><}lgad`lQ5;X{gY+N*n@%l1seS232^Gv8Q!&0 z##}yc=Y(=UzP+Gczj{80F^nx&rTpxXDgEvfw_ab-N6bbE6T*T1R`3OHvx8*52O~`C zKWl0%m-WOJ5LDe?G+C=IR>L{;dS#e&0%2q?<>S6bl==&oxY( z?t2CsR2;Po-fZI7)~j&LvRyb!F41k0Y4PBqOh2i+xl&J}-?j;qsgUZWTWecY{aJYriO{Kovwi+o*4TR6iY01rmMrcIakP$L&3f#n$Nvr zAy27e>d(a|nzT7QSAurS%Kl&9?`C-2Ms{$BYpwFvwJ&nUY%Lhc+{#7OVKJO|7_Hdi)ALyK)DBgaR+fmoM!^z1 zPsj>#*}IcCPi-a(vRITRrYIAyOZ6J$Nj$ntC=K7&IX*l?l2vv@DNKb zFN{PpA)?clDL6p_(z?Dxbx1<`V7yE=BI~N`3zEtNM!~7w-vj#a^Y0CV_$-z7V>gpG}-L3V`FU0pW`t)Eync;nM zLD+dF?FFbUP~|z5IdU0~BlSCZ$T{A?v)=H$3Q=Cq-xY+J;FoXF@1L}iWrOodz{Uu% zW$ovLc<*Kck^vziXWrz2$mX6rG5Bkh`f$v%Yt|BVDDY|V9AW)hX=fr&f9W@LXt>$% z$$~T#EAqpG&pXjmCyo)`GtL|2xT0LSX}sVXw?AnTuP7&v9WG9)ZXyd}eIT^HaCJFv8Fo3XKqIjHDJB zNGnt?Ud6QJC6+Iq;PQOT1=A+`ThJI&=w967QtHS?6*3{86b?3@q~t} zGky))#%DFJ_?VRS`NK<;JKht>{F=f;*ON7VhdH`g(v#>Y(PO#x{6yfS^T4x>_9LYT z`g3rnt*89nZInrdkGn=d#c$4uzQO;D!k^xWCPHNYM=#>-fiKCR-|rzKiqyhOwMxQ!mJdsZ@U)`FnCPB%;Z90R@hqS4 z+E2<&rDIQj0mOCMVfQy8QCEX4G2&5N>Q<*U#w1aznB8D|NUW{`=WMOa$<}|bP2u$w z?XQCeIQ?44Kmz)B7G14m0f$4?HOVcZ5Yz=H|8beZuJ}Ck!%&kr)$!FN)k0DHpo)~h zopLw@_!JYA(^}XALbSHJN)n>QrpuhuWCW;&$9aA~-0kpA2SnO1E;ilvrV^^mhKeqG zEjhQkl7DHH>J$lA3iAmyN7*oJy&z}F_p?s`b2+d(VPFjPRaUhMz;N^SMN^Z6pY~Rd z%(&B@EM8(D$tDR%+a-`c~^hX2V2{TA0<9zoJevxLzPBNNt3$5Rqz z604W=z`gM5;s$$9M8xfoPRz?yyVlXS_950&?9IGKPq#VZnKji?{`yWkwB7zZj=H^p z-L79oNeuR7_%JWjIcU2W9(t|{H(&}fSjXopBq&`3kehG(W-Ad2vdUNiM#v>woITRX z-`BA>REj~NC4OII&Je@fKiGO@;50&v=Zp<(t;U{a&KLq>UF%E@ecVlkneAAQB*wH$ ze}-|PcBjJ&<#FUP;N30Tg`9d8cM)5|h==rKR)xp7~PE^oWhX_1t0+l{NSS@Y10?& zo544{`rh8PQOIpJ`6kG_3m<-UaeSd?YXYe2lsF1u+eDvhq?K9rC*HLli3k1~g@_0YhL1qkgYU#v%a$# zJ&3fLcF^(0OL6g0q(HT8tjnz7Qqvw(m*?2}`Fr(L^atQ=l-#IZ<=-@~3kvqkI)rEZ{cJJ6Gq>#tP7m_i$4Bi*sGaLb!@Wan#bSf+|K)oCE8CHEriy7JC7 zpl6}@2008cU>ajSv=O`Cxd-Lv_xy9l`9&O^lyRPTcVBEl( z^FobXewa82myR5@NLy_&GD-Pt0P5}N=wM1uZ_u&os~FcHkVu3_#rpx+0mJw*j7)p8 zIh>3my1srnW;b%-GVt@+;zu*_b-VO%Q^@JK?C!>BehB^$kRK~}qU^HXpH<4|5#V}r zCBRJEVfcq_(f``F$M(DlpbxfD*=ts}(OSKc4Qb8dX1lzv3F%RowK@W^prAC#n!V_< z!}EvKEGLeWIkncKY%jM~hRH$3;v_iO`D3Z1-Ewlz{bfwbu;(Wr?UH$Srzwt-WBNOA zU_G8Vu|z<>>-l?fqBh0IiivbRAt+AwE9l=bzO3NIXD6Nxv;6j?pY+=zV(`ZY2 zqTX2{A?o>H2uCIA0ev3$8>hHD75$1A2Zm|Z&yi$>6#mlK;c(9=m8CBWGNM5kf#L{+ zA6BEW?PQyw;m&+%QygTIBFf#~e3hFAPR0gFMEDabx3h~?d4VIHqL#gBd&OSSp!Q+6 zk$+oA6gynD2J_M>yqA5{e=28WEpLfl9UWX4<<#>n=e6I%!RhgU7?kM=)n;PAuMuDz zbiF{c18_+dGRFjtId6>~AR3ZHpOAxEZZ4Hx2VlU18~RAubYGQnE4Dy|Hs-1=0A7Z< z9&XwlHji|Y|3Z6t3{{!pX9(LV=u^_Uq+~+z+xM~?@7M+y9K}d zsI4c!JSLyx#1ZA6M7|Rk?QFOrA@MiQrunVBZJCKO3y6U7JIog-PC{-jEQI{7zWM-R z(JHqEek)j6+GOF0_3u7Kre2v3+uqlgQLE_@4ygoVs)a&VE9}wR21sld-))G?{z9E{Fdhx90x5@9kOe0h7Ec2j-ew5&$vLNX6S?1Z z+l-||Y&M^0&j3PTcwG%tN#o2mD5gHTW*n^NOYg7%_mm!fi$C@!R@P1UPK2zn_3A!1 z`pgDJ!%f%eWmkn?=J-nnK0@ZbJ=r`ysDl-Gwiru?$Xy(N>ydKfyQc^!5x*;h?9T7X z*f4h^>~N$*|J2FU6$L2ClZ>Q)7F*{WfU^S#BF4$aMta#uIRs-y9G9s~@!>XcT$dEg zY)HGmvDQYEy<=am1U(8I%?!~?O9M@hMc)Ix3Mpo#nR|@LC@!Z3Y3)cSniT(a1=6!~3QjAO18gKG8yoj!lQw`tTmiSPZ_-2)@ zndS`?yQ}-*jA>#+lp;Cp-Oi`4q8s%2DgP??_U9G*{1S`Z#lqNJrPz5sPMZGj9ejpl z0OmTN9Q$7lvYzNYqbjvxpMx155~F)^zt3SgJ8yk3UVU}#*&a>S59Jl9pijUbf(_M( zd+q0nYLj)}C^p#csAVAZ*F}To)C2D%)EhD9A7I*y`^ck3(DB9UDms({;8>GcJk`_h zEU4|Co8}lH&)M}Gb01eUfF!h7jpjM+_kGcMPCPaw=Dn;@yBquj%(^ic zKQ(&tp~VY2oFZX3U1IPOU+nbz*y}@<>CRwI8_6ZHE{*@xiR=YrZEaux9p|xOeRvzO-3P} zxlmkcbn#m(qkhUtoyXb!TwZTDhx|w~-=u>JoRq2V-hxsRx8_Bt(a2sH3Ck3OUi@{j zc3W$+$~C6de9gB@2XfY0yFa~dkCz(Pd!O?1S6$*z&h_!+=o$;~Pq?+8govV~DdLg{ z6`_u-FKia(9$sQt(A_?vlF;voVw&)K16YH4y3g^uSDIB{MbC{GG)1u( z-f=1%qqCUK7JjkvyV`;SNN=#k z$Jz42JMRbY{py&$er`@yL6EcKt>7`$R!i0{<6W{6#9SSJ%9n zlnRIVBs&CuC%f?U^ExH@(nAPW^ zMf%WJy1#5mFa%mD{S-WGoPo={yycg^ipLmJw#Aue=Rp@x+0w>ap0OaAehbn2t`6_k zV~t^mg3g*Nb=gK89poy6Avev>D`#dLR7`by#oo#4Ij@1K1{P-fL$w!2+@L&^nDWMp zI;GZ{$OzfjwRCSEqpv926Y+^`TPYu7u+zG9Wh%u6xVUz|*M8kClEmL!n1?(K#|Wzw|488hCA%_2lE3-vf4uSUdfC z{oPd}cxRU!45yg-#8n{(kKGAq#BO~^G7!;OnC~K>SL@w7&88F3YEHUq5)w(hkmf<1 zTI*LMIH#?w-z%fJw0Cbrf%jMCbA{-8H$3Vq<^muKDdRH$Qx`Wsf#Cg=d5DFl^|meR z0>A*FQ&HkzC8vc*#ONIdps7G;Bx_vf2E%Pt}Io^?CRWUw+fIcoG@YgD~~8X-PxIaJ=W={JO!f{rEH$~u>hRe-65xOALj4$m&^jSyd!g_nL^J|=*LZlH?!V&Y z=Pu^;T2KdGXfkIZsEOWKOx?(o{=eey2CWI~ksc_$a6H@psHxtmEuFd{X4nA0CBULd zAI=a^ZbWU<_Jorq1Uv*DBXLw8pY!i6P10}ejW@V##Z`W3s#Ili+a4})J2tajZ;70a zsEjW6^69_5h2!7Ge=&kTed|4M7(_E>gY4qZXl2f+V{i(v2t<+o63qf7tbd9416=|b6X zD*sa5x8RfM)APP zUVWnwj_s3QS#2|^L)?r3zszb(Rs4ypSO=8%-e1d&I4@MuXnK0(7BA%PM6m^ahP3-d7)h1oxXH%` zlZN77K;M4@Acs#A-8h5fBtiq{bxJ4ky8hP@jTM}1)B=8A*88LNJq0tNU@@5+bQeCi z$8X8kqh}Ra(z!kt3w~_oyD^~aoXY6Yw6HWgfIF-~p+?qUU)Yg@vQ};nYy%$9D2AG@ z1gpOJlgPUByR~JqRJYGTKvj=O!T|Bz*}WIU>rs&^>M2k1`m;lCc)$-fUAfp^=#*?D z5%D$+RUG5{RHnD#q^ju7`g@yL9TCuqgK$1;`AU{;`<2+lxbL5ksiCfq=GLOf zh=}X?lgm5rKYa8gt}DZrVJLwO$tl8>l3BW70YB(WBFG=&pF~?k!0v2q)~}RdmC-8^ z;$D+-uhf4=;AQ|dnLn84U_|1EAkpq``sP5&OxG38g5;!X-2EP|pUNrBoOq_V9QS!1 zJd;;0d7>f3W+a0a&exe+#4o3$o z-Ie8o!g#NBcxt1t8LQ&dLDSU290kgDvHqR;aOw`%D^opu(l_m)B$(Xe|I_c+Tz+O0 zTAsFBh!YVALy@;NARcTM<`2r<`dy3u3ZWRUSfQUB0(B?KJWKGV72%Bw;@N0?3NiD{)u@aS{sf^Zc=BGWWP zQ+O>e*)th0 za!^B*RktkAva3Ei2KquZnmIGuTq50z%NyGJl!zx0h7k0D00~Q(K`r;YXJ-I=Q1J1g zDLmh=o+vjo1f?g6z7@Qy%zyI0OXgkYOgT2+zn-)ZJpSQ#dyTRdf2FblB987=xCT)F zD;J?0YEciBRrIMQE?VISYvD}<`5FMPKK*UK?}sJKyC!ja5p@NO(m!jqu!3dfET~$C`#&w)gOxjp-MA_ zgaXj+&@47A<@3Qp@dNG;nK-7H^u10rm>*bA7T|4+?^1jD&5t>cmLI_j7PqjWC*&El zN(0G!#h2AUuLO`Rx!9j0aSb$Kxuk45alJCpuke2$=K%||r0drG`Tz9!rOiU!24o!i zF@W>;(i2t&n6%?LprOQX)mJ3CO^z#HCeoGCga?buo1Yyy8BNdjGi^gL8z^`fdJ9^W zVu17nz$*(HBvGPD5HiHLELNT}td%v%JE*z8Ci z-F7797GVFJF;8J@0oSYIdz*1iFEiwxd6`p-_d5X7=)th418I30CbfX5K+eF(N!_}_ zSl}Cs`}sX)5q0Da6c{n+tFU!9c@g)67{nT5LAHcxUu3L^dcM}%?4^{*Gx7zXF7uoP z6tYFU`1wAA{qCt2F%2TXg=oI~_JW&V*lG1Ex240vPiXt!G0V`cD)H0ruS@}wd84CK zXT_phXZyo-XQEL0r3E{G;&>*SiU|spN)X+Rh6E2s8Tov2_sPwX9r%d)DzcNd5FjcD zG@2HpCBx8&FL;fO{-$Mmwer*Du*_2;p~&0wK8XjLCSPy5R|&I|{__TgbL8ekAH!Ae zyn!pBi@tr@DYA~nFY70ZEjO9 zkn3RjAeyVYFo*`#c_5yBY%zx_CW*dN%U3$MJReS~W_EY{-5xMFc^^-RnkiJjQ0?u` zbZxOtv54s=YweF>l`N@I&x$I>0lNQ59hA!gIMEfDH(<#uZJHi<3LH#WIv^9TfC$fS z27qMWZH=boI<9o;jPU{BOl9V9L)$>};*jZ{jpbVRyI8ZCGJSww3SUosTd84Z59Yti zG8D*;{-%e}J1t*bd|4En3?7Pm6|0p_xx6!+EGA-~on8XC*q#&ix7c&5@Up1ZC=BrEc<# zZd8+^EA6jWS-@PeO~34yypr0C0`9T`lRzd4X#8`ng(9d0l>BZF+&wqq6Y>;h?5*`3 z%Jdp0+q;F+q(j7i%>1%LdTj0i=^gUrMytF^)l4tqMlXuOv2Dxkx;u)-!s0e$2&=zg zD&)XCp->agxbFs0fne|1wCv%pc#l_U+Gw^>Bb9+k5GB55>C%w(G+lpFN|(U3K4|>c z=$yEnU7n4>!jpr=2KAP5ilpz)#k|fmYGbNC4P=Y+s3$C*+fV$zbU@J3EOzi4g7EcU z=fN9OH-eGTC25PMFD)b>0r;&2*f$DsOtd)k!Nt0k?r|hHIiI?Hm>4&R5;k%gj z#Xs2coYrK@4kBuuN~zogWjgpt3``HJi=ZP2%uOOFyZf$ee1TBUj`m9VTR3DWw+ zv+Z$x>*<0O;Z&d!Z(D@_V4DiJcPGkKp_y%*AvpXhNc}5oSwfHHLH^0sSh07Ch`W8% z5PlDE<@~ru#6b)eNT&5Wl+kNV%)w^Uy8%2GmePfqXq>gafmmhnoq1xS4@`-X@aLot zuJ?ddS`O58xB>nY_i&AU5U$|&T# zeq>|MWp(_iqY{9Z+tG5t8enx2G+33;adf z#oj!mKeAQ2hdA2yFPR#8Wn`kU)4sgT5^bw@u>5D<8|W0u-i#I&tG^=Lt4Ga^)^7n0 z=@+u6BPo39k2qy`ZkDq>UH;(_o;C0u6q?C`_0*@pAQxmeU$Zl4`;_C8(Sxj6d~&7? z-(dCtT zV-2&M-{IoNJmbTI6M9*oUbY?sD?Ix{SGr=l{rJUYJek9RSm9M*?j3Qjg13Ap#P3y-Hu7zvPOxWB_{tVJND5;rjK&2_3-18vBi+EXaTB#HsGK?I%k*qWAGCSpQoQK zhsX?lvJ?$eJ^JK)WC$M;f8--dNb+p69H);6`9}BuO7c@l$O*~6l04UhvU|PU4a{-p z8U;K63yjLK>j6=o^^ugB{7S;l{^G9iarH1VjxB!oYyw= zEmef3du~$9aFzjNFYcAT%r78j1^81RzUV>*3$or>&kf zr|o_Pz1JF*4W28N?T-(f10SanW}I#>>lbPHE}Mq#T1Hg{+WV!ti({U_ftYUC+s)CW z11G=#>b3EE{lmqEPo3w8GE>k=)?sgDXp@mfyofftdan#8SEmjKN{~~?r4oPu+BCpn z^StX#l_vkS#!RT%P4}6yr6Ng{jB}5K!=2p+k>9qkYRrx@1Gt?hEh)G^Rft|ss-KB> zd;BV(y(@ESmjqZ*J0+DpEdr*t#7tm$r4g)Dn!O)Y7Gq_P{h9=Z zr;HDe5hgvK&X0_DbAXuAkj+9}G2Jp?CK4w~@Y+o)a)0uWEFEz(?Al1pXZ6lj_@6|c zVHA*O-2t{#Y0Ij(m#WtTK<4mquvClJSzMJ_2I*v?i{VM}32SxdY=430y1oTYj|qUQ z;6Mv|P_FbO-^H%72JgSO=_%I9^RxkrqxD=W#;t-{#O((#(l``(P+s_DNqDRQ*wu`C zc2cV~LylE&!Qme%3-S)JSxZRSA{n99wPRSB3{=A0F(3F6K$_!+7d4wr1?e5I@ zLHVWQ8G$8H$1({MzqGUqH(>HqvPb+qrGOS!u=hf%Z&Nz~XwTlzZ|CKVY@;|uBVf04 zwgz&Jmt8HoSeFt_*LA`%4kq#xCMr}-H}(*tO>nOgUp}Bh*WUw#?==Q=e=TXev;qWz z>LQh@tTz3a0=ap(yB`hAe->B^;S94etvt_zvkwdqF`A8~ILNp9T*MVdugC|twjg>z z++M>U3IS<2S*)w=y8{^Q3PMh+xkKICz}*)&&(Xpbp9XeF{*KBC>{a!Yjb2 zzv~Az@25mP1;+uoszRE2M<@Q|Lkvu?IIxg`Q1Nap@!FRMi9muy^{s9Tkr zuFu5ykr(pKs`UYNsNTZogAHJ}c(lEKQ-O(JeIJj-h}yd~HXUAVsr_=}0CodzvEzRF zK`24lzRdB1XEZVqa^HQ?D3(e<;Fuh5mFkvBZwyD%TXH?FMx`vk7>r~jrHsw*bVAnX zo0w4#j-!sR1YwtdlRg%x&?0Mrj=dB1MC=?`?!$%$;#Ik9LLIamFO;{vYx-=r5wE?+ zRNVtGEyfFLO56Y=a@A}PCxn^pSJ-nPI;`6Ey7BW)N&1d}{o?mJ)In^OazcEw=SjiZ z?$xLh+`sa#Pn-%Ju9ZJBgclwN6Z#kw0pzmUNgk3Z56LEoH4jCky|`^@NQ*uCWA?bIieI zmp&v&-J9XL>Z&cMnDhF!DutL=TpYWmysiy_!t>=fPC;e*jdJ7JZ`b!5T!36S^Uh3p zIX64EUYBt?5Q8*r_Wz+1`H+?$q%8TcYe_&C}(MIVfp z+$9Rv0OxM2Q{$+@8$6nb|24~Vm$y(1Od7R0QoI=v97Rr>;d|DQ9O!%0fu$J%h-bCe zS(G{cjIQQG)1}sB#~GNog92pi{j-&8lem;Q+bE#(Fau(2%zmA?psP)PaJz>Ht#NKW zXe7kMHW#FO;ldWvF6%UuMq8N32+zvnQPF0cVG!2 zoE8HlmgE78bRF0-6B8Kn^fBpVBuGR?9-s}sr1gIP(ihRhsCCI#+SRAnEHhHPgH-YT zP!F;bouMD>PQDa?7fyeB@%JGKnRLGE+FjbG0)>T?x!e& zZhZQO#0PI$ABD}5_mmP=8{Loc27VFsUJf@$UHG~{@|fd>$1h<# z93aq#c@d{}{kj3j8$RilUaQYX>#3r*ra9yZ;3n5z>*2}LH`zWAVsB3uA_gT57mZMd zbnmhl(Nq!CL30@%C|+m}hyhPFQzy64+5FEmMYZ$|gGm+DoJ&9Y*3)q0LQK6ZmD!TA z1e2SeQp7wWw}AzE<$4W>_0v$F@Ti`9WCT5;?&vVaEK za0R%i?D;6})>Q`2=B-hCqxpyq(hmn0xir!reG&zX#Vnl7{POH}Xm!>~=CxzEVQH!8Gc*At*VHU0*n=FA|8hEL{n% z=fN7036rHKMLKnl*5*5;gXNLCQ?bKKfT-X;VSn5c5J@FOCmr%MS{Cg0p|r3|&$xP% zO`{{D(QOxdI%UMLLZ#GHdYR67aolIa@!X5OO((z1b!YJ-vqpVO@BbNdld9siQt#+OR?p2crvv0cWKCDGX>2X(BqDs?JwgnTImp+$14)Y>XW|GC zenz59pp!rHPCRiNO)Te;G3A|fA_vefFrWkUrJa;)C0W<|Cu39SUw~2c5wKerfqJ85 zljJi+I_|Yan%Ns-PyLt@BqW>l&t+Gg=v*Qv`P?UavkO2w6&?UsJ48s@*j7S|zuR1U zS(lc&pBR7uxx}q|(!uGl4IuXB^G@7%qfpN`>y0^r%lHyknbYuW@o4WAanl=n$=e&| z{ICCvwY%5f+Kc7@K3c%7*~Q*1b9)S!oV%>FsEXCru36_ zfHxhmKANWMVES$&b z-cF`Y0~1;t4*PTTc$AX~zwG7ffhKA4fs1q^HY1vcPhM_Q2kY?-7^;m#X;NiTB%~vG!+2M+A zaT_w{qxeEoOT_p-<{_52MmTk}rS4h}ndbQWoO*$?8Gvwn9jaLA+W4Ing&Dh(_-T8& zwD?5?RbHeGIcO#EZZZrre_RE_Xn9cx$QTXt`gLOPQG5-y@c`CY#$7z~IJfz5#BIF# zLNjs1l2hN``xQ9sa0C_(QFP?9pU`-}J)A5god&|+2V&fpq6Yv2$o(*${o_fjBV+eY zMeXX%il_$@@T?5Yr(ogSnEG)}LZnYTbJ6U>2OPY>F_{HF`slbW?sZx)PtyVF?U}Ut zlc!T#bRP<>5MwC$4EK}Xo%GZc{=EIS(LpwnD!y!~@uDTF)_OYbaOoOiKX5N}JTQ^) zy9&Wak^&Wrn_~NiZVb+@z1{&)RV_WCj_cTesq4n|e2n+VdIxye|UewO_gaC?} zeAw6GciqSxQ>=sZ{I<8W0JOfpZh?)*W)thLj)7;G6vLiaUYu;HZ;}Mzl6|ID+j5Vr zblMu#2Rctkd`~#(rO&7K5h{+enGyrGk5!+v7PcvYd4VhT{%HE9bznqZ-d~#bIll!_ zg@T3as}Fgyt)uzHs!E)EQvZjz_kfCOTh>MuQNe^_KtO^L1pyHO$ruQNil7KcQV~$1 z{6MIHnydGDcc1^hf4pqrWwXjK>myX;sq;frbW+26_(CGN}oP>MT&$F-n z%dA3vQt?=Z(XSomfb>aovAU|wTseh^i^$9XfLZO{^`*q$R8&vOgE$_t{?fc$cF1g` zF7TeFW5TJSk7qgGpu0J7e`K{l-qQMNzp%qP}gp=*H<~rHHx-qhP(gSif|Y=-I)HZ zADdav{h3WCTFx&ORu(cwENROG2iY!7p4TFU+{xY-I*sqyVQ_K8y1KKAz|ZZi^}JgT zk4Y^}(8P@hG_9yzGWiD=z%!4vt~~pB_nmSTAo?xk5PH&UB)ejy$p#q>Q7_?04^nIqySe)?QS60Z=kbbZ~&) z*Yii-%F70^4zSgvPzR3}YYrWMPh5x^H6PTMa?fz@Xt+U-Y?+94Bkt8@uEM+OMY?mX z53`J-Mw%a7&^-0CgG7h?;(==oZyxteI0_eftWB@7;;DWM7~mE z_hd2t#T7>%WyI7+3Vg=;LV*ipHWb>8D7u%$_#lEM&_bxm;Ut6Vw%z2rL3o*iIatzdK^#@4%!Tgf1Kyu zvHJ7-s&n-#uF{V10?X=L6a4Ty7TVxye`XtDZTsQm-;`eV9KO2ioJ-!elpr~>%GtoT}@q3dw3kvdNVwtgujg(5jn; z?rmv@w60f*6|MIQ|C8F0+q442-v`fzTjW*^FDfn>z-&(|Jl_M1;MqESs#Im}5H3~= z(JopTbjOZGILGf^8IOxh>=C_udhU0)ZRx(8!=|3G3t`v2dkWVMKJCsnOwA{YS9i6a zg$VHjr25IXGZod~)3@3ANy{R7|jH~)~_4R8i>Q5!{W*ab!xN6lzOQbl&rAY!D z@6**UpJ*fBze{IRa=cUE7<9+*u=&t8$myDQyf_bSqPN~pyouero>mRUp3DAb;-lmr$zGf^gB-33{;UB0~0B6`qAa& z(YFFka8Z;kpv7_2y=7wbG*20DUX%AY#Sv|#76w&Ip^&EAnoGSYkQi0OU6bNsSQ4Na z-^!NNO&)m~XtXv#(N4E_Ip&e*Yo2+^wq$j75P z8>Lzk6=iMS<>oYLRV3PQBtO?{OHNp?vW|;Z4eq%@`(M2c50rspAZ@6!hp$ggDbbZH!Ro__JbUt@2`SP(pj3KZ4`9xlRxaEb^+uAu>Qs;6vna<9SZIrbqLv&iu~VW$lGra<__0gE@bTo(-}c`{YVA;b+3T zn%bW`mucHSI;s9?Msc!2`$36j%QRh%hZ+i36$$-zzq?PpTX^BS9PqMlKpjpu>E%$# z6n*+U`NZ=J9sNH^I%0S}EnOP#YvIs$+ZT!--C)qa;<~`99A>*Ve{#utIJIC#rY*tz z31#?|TGs4r$KHoFzn%BrS94kMXo~P~>lbNH(^TS4e4HPeO#MClE6El0oG?9uvQ3i4 z0SSj+>-iF!lB?mbM>DMMILeGFu<-XY4H}bh(bE&y*-}7I6aeWDthiy(MrD+__osnj7-Sd`l5Whk4r0i}gQ%Bak z*(B6B>@%OD4z!ewAc+xQbMxIw%jM}>&3R@N+6PF?#QDgjIZ-26Re|@Og(bfYL-)F^ zSM}j4>9qB31sOW^Y|nqiE|IeRJY!0q@nA{p(yWI0(g&<|EYWV&)!sUmoZcGqk(z98 zC{LRREHDkB--|V)WcEQB*8?bv9;t?^n=DZMwX1$#oe&`(TnOdg2>?PyZHEayMmha6 zI>ch=jG)TK>7~`X49x`>IgW&cZSV6K@M~>i?RkfNnZTrnVawxhA0D=N9KLUMbyPsN zuH^H`>yxufugjqeu9OeNWqD25>eTe_qNaotNK+jS)b)ONcLu0^wZUmV^`U(0YI|ss znO)QRR07S&H*2Q*e;|%j81Kr1QI+3ms9j6NjO?0-%oo8U-@ViP3rV3zWf5V^P6e26mu5}pVB`;(w=TT{(x=;oVATrzE58y%U8VxCMbJFzYL@wz~UA+20&8z!F=OabGn~oS*kau{2r}is^?t2;ysn0Ib=tG!< zrUX##7iK5D!Qc!u&)O39`#z9ox`7{-=;f8ih0qRImDZBHksDt9!d?pWyy%#>~ z>c?4UxG^GUC^7U+I}V=lvp1qHoIoEw@qozF^@lruEZH6SK=~rYONz)rVwfPpPDdlm z>T!xwx;dCry`Z|+s$V-PUH&4yZ(IMPc6@YW0{B1{FRA6X#Gl{pa>w)Q_1uWCi49wv zYGQcE$)4Q)7^A%>=lJet*$oR*Ne&S~^1erbMm8%RuwljbglW-pDa(HIG(sis;AL~) zp4iljz#3QUzHa{WOMIXgG1@5lLTsZ%(%J5EUw$Qcyr%beF{3yU<0CrM^0eZf+|01D zP~3o60!27MV40!ebAf)WaViz&l#-!)+8xJBK+ zf3K5eh7EZJ+SAxwxpM88NLZ&0IlVIpGa}#e0{NEZ)qd&%bUA-i|4kZD$Vq0d!TXAj z5kE6HA$Xnk?3LYdlR?M5puP5(y_(5Ecv5od=LA4^UgVs$Be@$b5ga#|ih2%$xKvMx zP@F7Rx+e0(@x}=$c#&Fi9x{VZ0vyxD6|OnKVqyNkde`URlG=umGk0C`oi` z0&bekcJ$R@j79?-kA?`TkN6a}iOdFpMtOuyl>KWH<f`le_nYK^}FV?A`HZl`2Kr{3I4L|#O?{-+3xz4Yurn`zsvo0kzRTEQr-4x ztMC~-?fyelmd@x)Zyg1RyJdb;|K3EXx|k@k?qml? zr2b4^BibfCBVc-eeQA~p)ov=hsBXSJF#OJg_!>3>~-H>H+iBQqh7z~zv60B)eDAaOLl@Ts9dVe(%%V$I*<%dIsn#3 zTAp|>J((8ud++!mq`WurfeuW&P1F#m>@l@` zgI2?U32F?=4)PDigIc!+=inXq?+2!Qt)P4flWwDAH)mWgNt=54{_uD&g_PELi~$u= z@@(1noSeADYV~RZmfGiK5k`eb%22?WH&$b|^d+%E1dt1k;iCfRG^ci>-5n$UNV~>T zzH%);%B|ZM{tQ$GvRUk-1E*KsIQH8RW6R=!n$(t-?h>>Led;M{7HjHYy;O0`?j{jz z#~p^>mmRbUhrb^Cu?^Stc_{*FP>1`X8$EXc+pQ3^v}Lm-=v%KiqZdPOOsYiDXR+TH z?}oR(0UL}B44I#paj&0&N~X;E;&}K^juHo?4^$&N7KoYU{>G$66dv)0*zSTwHyg7i zu^{WW=sSL6_sQ!3G@yy%IcxNmIMDzsPRIG0Q#8{^AnkZbe2oQJB@twm7VR1tu*IOk%u?Fhd~IHNS{(Y+xz`}i9zYM| z_U@2Hi~NF$fNkQujxM`mUk{b>CysAK7`$}PqFw%m*%e1A?3PKf7c8FFmoX(mX2S8{ z|I=@<)TBu=wzUSBU5M4sGE(UkBix2Gy)ZGMJ$WGS7HuHXosKq6~jOQ-tTiO+H zh4juNV_^jXaM-N?4 z95p#cb<_1u$E)T?=VFfX1_fB;Q(j)5^$X{)4}Ie#m}ARcn+WXr!z7@Llf3c053Qhh zG6-tJ0r~muUdpE9nrmsn;-iki@QQbp^kS^!tNm-Q^f5tBdOkIrgBUZ z>GKid1>dBO_ac1A^4NO!&|j53B(sNZl%86fNm)U6>;xFzNV(9}}-65U+IGQJda> zcV%EFLij0?7(Cl=gUn81S}1Vu?`G^`6g0B9d)n1#U`CSz12HsDK9V00nUO^jZ5|A(6|C0@(?ERcB|Fq}cvL6yGgR{tyj33<-cz4W16T4Rw6MAx-uW@IfX)f}L2w=U z71V?eO`XGBhjx4Ts0}g~-&A0`8}jLMnCUB@Ai*P>Q6>mF zT%p&{!jbfD9&-%I&7}GhQNg#9C2~MYh#K zyH?Jj6}xzhuo$=aBU~{{%gRDnjIEcdFuVl1CM6T@C-^PxA3cV=&9`%46+Fb}FQWSu zCprsS^7ai*2-zLL=r>;4K0PK)i>6T?GKmzpb7l^-QV2R5h4Yg3b^Tght4qSHiY>qvMVv_ zJI&lcYdCQ3w>eUR+!VxEz}t^@A+0GZN1eCQeQLIN5+A25#!PBva@V4x-n*_d6VAq?UomnuC} z3ETF@6>Ph(n$3N}MwuZC0>tS)idhSp8LO$jjhR4b57X-}qtHk`i#jk@bNjkBI?@NI z?Uv(z-A_>K^!^3sYHzt5zNFt~pi-dY^|abg#bIR97!_J9CfjRQP4Lmyb1a6laWpK2 z7L!3!eOoSJS4^&jr;2|kQdl038wOIu7yKgasP)FQ!zKGNlJ|TTi6=N7md!e(7ilry zaT9KXG_mg)fecw-1>T;b><;aM;Qn5$k;?6WO3Wix(F4o^heo*)P{fD?PL%}Jz68s} znNHXe@YFdB2FSYEM*o*7_(&_!zBPndLGfsC@e&i^S|v!*!9zks9_H$iYEp`M+1={M z5*ay}=Rk46Zyi_?F);Vhk3*FY^&@XWP0VzuemK(CdCxxSiIxP5ro`!I22T%A z@Pl>w0zHNZaPb}47vYX}<+B^X=j462SVW8&on#a~lxrwIi{v-ffPU_fT7zY1JyeJ@ z5*csL!3CVZSJ6Y7%Zqlf1F72aXAys?8a)Jn`!Qte^YS=?CNC&D_7k>q;#eiN=l|^& z7<7H7Rj(X}Mit~ipS8%ov)g=H>zAjU$6 zJeHP$=ovC4>epHr)D;ME%V%({tobu61gCrsAx?$aGaCS$#EAf~af%EItC@RI6F}b> z<`_4k3TQ0YeeZwVdtE)>(jQ3HH9Z2E>OwDjf%bhC=E3;7W<2$UN-=UHB0ue5X59w# z(aVCoiezu#abiQ@RPH-9LR0zr6k=Bb^Qzh^nDb^^vI-N>uqS4rxZ-#1?SZ`I63gii zX9R5TJ8lgtK}qE$@WJ`3r^PI%LQsK$W}_!>0f=wMs-c#4=|%oRgOG*mL4?)a&iw_p znjYa}kn?-#MF3ky{hL6=Jn$rfXzu|=%EK@QNGbge6p{kc4Zw7WWK%*Xwh@^(RzNj(Z}h;A$gS@~5!1p5xp8c2`mr{4IO9>tbbax8-p;o9 ze43NUz{BfL&v5vpH^Cf;*6s0MG5$byNwAQefmRhW)2UUHywMpu)GFl1B&&mKgfX~Q zSx(Xa~{n$yZWL25)^*ezSZoG1l zj<(7((iW}(Y$^&fB|DB;Gz~TbKlV~yG7ouL8>IMwUq5zxyF&|C4fTK+u(*%`L0F;F zY_#P=e5J=p|I5#ta~q(CzeE591axaxQ=ZlN}<*so+~UG+V!jV7*P z%S@~Z4s{=b^jR=9zoQ=v7OHulsjL0x_t{H^6ZeA?{7ll?(o~a7uZlsYjOH^CKKukS zN3F~HU#E0lpBaY)DTB?zh>1n{=}MFff>UpPzJ6;&%RYY(JpFXKF>qWFeLpaeJ!t7_Wa?f6sM zi<9k2GAFoZ1mknk<<-;*)e6neS3hxq0V@IWQBt+;!?i81e1K#m107rz5%z2I2@+Rx zm6XHG;Ka@ZqP}OUIfnk7nWOPL#c(R5qFCbngmWTx=E2ZZ(cMaR;gMcXylAK6InhPYc-1rJ_`F+C5{Ffan z4%tj+P1mrJ?vp`DLB14K+1`8$waV@J+BD)34(R-<{ao%b409}6i*tjgyRrje7jr8~{eoT316|ehM@)$hsUFABHlR(!Ogz0q|GSv?<5;jiq*? z?&SA;4*7%58=jLFG>Z!%!+e8AZZyB>(_tFETcWGKUm}jwd-*l}NIHRY_hN4aLQ|!5 z?5+1haQ?2siZxWF6tWFe+KmKP8aq~h$%!ehkm6Smhjy}y)@jq^dp{6TcnyAv!z6?F zwu;Aeo?ea)8#0hxRUd6v$>axzW)UWFkU|<^Z9=aRL^1AU$WDorrOUVErYeqLd^t2te3fBRhe zOVWb@dhMwkX#RlEOzw4Nxroo%kzlk>Tu{DiRrLb03C^r%3E@k?q01WkFjs#I3tuLe zcjZDK@nsn6nQt-822*WJz1$U(lxo36v_6^r`uvxz=czJf2r~U+YJ+a}i_R$|C@|p~ zsV^Ha)_>p&OjL}_u?d(nMuqWD8P8s5dzCUJR_9IbG;;f1#H#5x@8=M zS3l$+AK+Laya(NikN6At=x@*5y@Xe*h@(^&Dq9!~%;5sd=?Bc$0@=k_P!$A~HoC0F zSi!WDhkQF-4>N??X#bjZ%@`vSct2J`$a2aD$j;|WPlx0sE2k?U;0wc|usl3!VC}M) zeEReUiOu?WT^@eJdXO3W!NneDf9b_XGG2e`r};b8dBCj z73fTYv2ISWvpTQ2P5BPzac@Kv5PA^1Qku-TLQG4#d208Ds6F_9gyXdp-tg+c{BJ+- zzP#1bKOFiBtkPhZTjC|fS2yoL)tK?R%l-h$pr$XUI6JmVvoA91!8|&Ic_o<{S@$GD zakmQU$V1SnIrrRP5j^)z=*X%L<;QJ8{M4KSTtTgToh3HF85@ce=51308X%(zK-=Ry z&f*yi{#|1@0r+1PrRFucu|q@YR2zJTZE8?r`P6naV=t87pjJWmSA`UznoA@hO(?Tf zA)?KNZK3}pk=ZeT388!>2vgmbT__7~FaRTOJ zK4s-A^32zP2iI%yvNo7Y_OF@EdQAsD09W}GX={p-W=#+WJ9Km1?Pe|g6s!@1ngPO< zG!+lNO;mKcnkc$cxH#6-Yq5z2NWQLWyX7-Z;(>*nY-y1kcom#-+$=t!E4Hg)K;iVr=g1WR|Z%_%S-7RQY=ey zECVc4xIrUmsjzo{?49>h>skOu7$K~`WZ!WY_gEqGfuT07$2F2DNoHvnk?DVk;X)sm zTJ9G(wWFrtY=s$0u)RbHaIBJsX{!#X;Ke;7186&55`P7R`t_m-1BO?fFM{sArMyTc zhbi_)NVrG8eMgNh0x6>Rg!Ew<_4DL=G7xq}-}JA*A4yZsd^p^)ruW+QP$0rzz@5tz zU53#bt9Uu$5n+f(?&|v%Qs2`5@*n{k$k9-O_R3tbi*LRQM#GU0@g>w1lIjJPzQKC! zmWD!h4QEua8NFEw@7q?9O5TYOPN>s6be(Z=w490;G{2@fr_t~@!{woaL2N3`+7I58 z(5$a&z4P!0rsRp0g_aGqZcfegYfy?~E3lfrUwJz<-FG=Z1^Pf?Xj9-Ez9N5p*YQLu zUj3Uz`4%xSEq!7(Uq2h>(KAzUX#@a_BDob^7&>FIkxzzFL*Pu=EibyTDP<>LHttiS zB-yJM%4Zw|kg+y9MO6)dOn<<9rXNt}-j%07ONPlIj_uF;{u-nVEZquX&s5KSd!jXp z@X@+BS_SA7j%}NwoZRqvy*>j&3Zbj!z9s~G!*j>MuTY_=_@Am!$S`VOIBlxCU+W`;7&m`0dksU!h9X_c!=i^Hjhgh6?J0r4n6~+7 z^ea33q1q)#S1ef>YcXsZet-2AjhpQJYV!JF$XDYXM{u8S1pCm$(PcD|4*FJ^-=#N+ z&6H@K+^TSRz1C#bsHm_HVi+{_-1+rB_C3+$ z_lxG4E+u~RTpDYNYEIDFpP-l&RLK`r=@|$ksspa>*&n<31;2)6o=8zPhv2gQ#AUx$X)IJvTi}7=V9-MnlUEF}PJBI!Yl$wq#QbI#bd=Jb9u$;E<&BCqZ ze{4-^uPR(y2(*unCxr+{#Wrb|qKw(6;a9K@%wQ>O#!h3@9hRp&|RtETVm* z3|Ck3_lU^di4;xAo$6eOy>x}@lJ%DW_R&tK)4Nc|m+5-lbI7UWs^u?+qudqD6pueL zt;0HA_3ch;IBRa%E=8*sWP`E{(4!9a*U*9o zlQ0>7#oqD#@%G?GxfV0- z2<15@nG;H}*Ofowdt>i}GQ*s{KoR4qAZR$Svp+-8FVzq!#s$r?51dxALhz83OMJQV zw;@$o9gpXuZ>DN-sAj8iR7gw11W@7a+`_dH)k`pt`8mId!6c{s)* z=>e_7>R<==IJls)%F3HriHfbd#iy#_)DJ}%tRMySDK5xj#no&TUpDbQc7$-FFNv?@GL2E9d14b1Um%*K;DuN@hd4K?ZH|5pK;8 z6aD{##mr5yZy~#X>EH| zPrgXFa7wH_BR<|OgEZbyG4a*I`!|RVu$?1KI=V{oRC6s=VDT{NkV9h_Br|PvMyyiV zgFn;>n~9ZdkUEWCTo5ImhvP?iY$mJi!g_4)vo#*P-r01WOT>POUDK$DBy(=`4}-Ux zVfK64xNuvU$sAX^_YB>;p2Ok7bKl7}WeZJ9w(uQV-rm7QQ`*!n`73=ACS}xpNBx;^ z>lxa9h2ugiKBYOS7cRzd^}eX9)tsy8&`%pJ-{{-uyREl6K<0FsPH--Ib%;{8EW%DS zWl7gY!>_tP=Zw@#aS>vLMh&dv_BN*PN2(=HF#tOR7-R@bojmZSy84|$R~{Mo~8In~it9T&d+Znbe|v+)=| zU;gh`2k|_STL$)PJzV9GC|u1wXM_14vni-u42N2{XYw54YVt#mkMF^`<;I1RMtXC zVkdWXg{RRo&0%^o_cygBZv0nVC7c+0?SfkF#qC*^M%ehySl+smJ6ruG^VM`SdRkFd zC8HuH^}HpXwOj?4AyO{Nq#_C*3i9$wY`UjN4lhqQ-yw<)e$^Ad_<2+f_VK>b$Kt~B|NUw-Nr8~js>|9M@re|>8Jo^ig09Utv4c4lY3aTa%6PEdfe zcE3v>O5gZ&oT{W&tiOawjVUn*3eF9Q#RG z%FuC){j2M1)EbAXH~en(S>Ue_5hrr_*cx?q#INhu9fF&@NaEZwU%%BBn?!H7dpnA5 zOL=o+RE!P|0lyz+TT_WwX|#PX`LS*ye=^lWS9IZhXxQb&&)YXyB2GIkDLLg0G-lX^ ztwg@Krk|-q2P+lLOpjBTbhCvk|Gc%^rlqbplowV;;kb`fg2fFHVv?iJVqXgD>Gaos zfOSkDt%_<9{7egfc=_JPWa0Uqo~X&BUOSoVp=4VN8~t<}GaK#HcZAnU>E6+8jY%;W z8JPdN&0lU}>?nK2^v`!V#ogGp=d(tp&h0bif6j8-Ehn#*jmH_UE=Wzj6*~fk!=HC=-*qBgy0`(6ZHRo(0zbN;{#&T;~1O=B} zXTO+HodFzij&t%fcAA_&&7*UxaPwrEXUX;?g~5~c6k{i$J3`ZoseF7?U02R`uRh1? z3P3iXc{PVelrmBn@7ZD27?)M!@O8hY2Q(8Ih5S&_4X4o*nJqjVs%$ae(6?V~@so1y zpX@6e$vpTvoK z*>&d+R7Vvmcr$=SDgsMYwEmnA{b}M$;Y7XBmfK*!Y)Ro<>0;NU_Iz$?*vKL5uiE@q zuH-Gn-!GtW;p5v{t(1E=>#(z7Qr9F^skuG8pfzBaQ$8N&bWYNX>ZIoSAO)Yn4fC$? z$Y({j7F*NoZT!7F+EUf2_tVXPX!AG=C%fv~FEY^eMQa<|Z3sQ2rlPSJ@|`PVG3ut` z?=E}>X3k)1Wy-9Q#tNK*^;6;D^K$R--XgKQ+cClFrzq6TO$w)1@meKY8hMZF3c0F> z)cN6wKCTlbj3TWssi;HN_w~`gO#cCpX(gIJ6ComYmOXG{vB`J-;^Kkrkq`Q*@2s|d z72s!gwr8J27Oi;0aQot=C#y=08xL=VToi2(T&O!tox`b;!Kg7;vo+Ym<-l#(^*rwC z1>SZ>@t5D+h~}$^&LXRS0@m_?`rSRC8zfZ>`snM46^{Byoj1RF7}l4b9+!-MbyWK5 zUuw~7v=Y$_IcL?`Q`3bD4RhW(B_a>fG-!g=OmAYw97YxtRl^WzvBfVPjvLd1a6qp+ zv<75xnhxG%DJOGUjk>b=rSu7u1-zJKY4r^0GaLIh%7Cp+)4w%ig^!}!Xt(aH)i{+V z`unAFo~eZWc7LNMvYA=Fx0XfkEmICvNbW4o7-U9L55A_`6o+VlJ-bUUDddXDlc%$W z4mT4Gy6ubT)b?^Lj6n?y*Iqocl#<>D3tXAa zqgx^8xc+PP2Sstm!`jg94pzJUGlz|@oU`n3bX~2Mb87DLdDd5GGw1BIHhTD1%|b(8 ztCA+otV2JkNloPr??^*<_lMHQu5`yB->Vg7IT025RAf1_h(VRcu|p zP;X~Tt063|@>$E8hs5fa4&~!V< zmCu@S+dZS+WqVMi(cP+OQk~mu#PhJL4wsDmpX)3Y_afI@+TcVLrv|~vsnrRa(Q?vR zJI&4d{=ygjVjFP8_p#1e0o;}WpeJO!-6=}OBvQoIr;VMcK>%@;5E`oP2z76cg+%qY z*p5HL%k>36b=T0WU=XKQhXdS`OsT1DM9=k>r(Pl=regAWSe(~yyE(tnQL?SS+3w`P ze?<6Ct4U9KrID%l@}9kDb1P`9dh!NVBG){1ziL?bTknZtPt85IJsT%V14D~`d?bge!kI8rgP-FZn(pp3lG1>XMJj{)!feL08c*%OS8yKO&#vgATWnKhAZv* zdYhzVCrfwqaDSsPJ7>XEMq9z{PF1cuGB1 zIN-)GIJ-R)ld=g~-W8&u|GKiZu#O3J@thopPfPL;pk-Ym>?A|a(dGDB{8 zyFi7@pKvsAKF}Qc8((S6K31>JSFcbwXVo)UZdA*GJz|7%h@?r zS?Th8BTM`}KfBb}l0Ic^Z*Ml@-5?}zvTrY-%}H;1OQCTZ&f~PUU(SrwU%HTK-{hgu zk`Z?C@eh~hS$4Wy-DP8c82Wy8g-n*RM1CD8+*ylE!aJ~p9o<<>b@B`@Ui9V7$ZLGj zn66VKux)4zWAv4Z2T#r|=aB7;mPT}Z6hnH(%psCf=yc!wpcm+jb1Jc5HADs$5>t$5 zkMAM(DDiQTI#9#if)iQi6U=uXGz@X%M%sLJtWHUv+14!2FXyjVXFB*~tGWAJoACTz zE6-4>sJNLkQ8^(rTCrO;o}DA_xothv=YysJi;)~1lmB?rriCH!7b(J$IKYy)To-2K zA$mZQ<;6-|YeiImdj#?}j#RtpxW8)AI~^|1r(FJZA>0gbs&jtl_l#f;TKhlWJ4`BR z_}3N;?nQAqt+AU_ms4bE+@M@f)+iF}+YHL7D0bRvpBtnoVSSLSd~C8k4F@$9A<>1- z#&Q^Kcf5bQZJ1i)LUlu}Mj=#oZ6>KYJ!nMX9-pxQVvH$F_Z?;EO5t?612^}bG&;z5 zCMRF@AXJr&g;#%HN8XrP)gZkbzt5&t6^GMp45xObv3zDl@!}M$)%pc`-1;E{YxK-j zO!PQYZUHxBZ2qaViP%39#}MKnU;zM6iEI{ZplPK#|;Kqn_Lj+sPFEwWv>4 zp)fnExKno~V-CiGrh;#}_Ovp3xq6}mLPRY%iYXobZ=|5HEZPcJI0kjt*8|<3|G@>& zD=Jv(kh7eDGVa6Bo|R7+bz7n7o(bCWOGm-He|cR*Q}6 z=gpUkmpUE$;ujTy%`llML1NLTvdDmI<5-tS&ReicUrwE^EKQ=VQmlz5m2*q)-ns4B zJs`oYQ;}&Fj;F`OPU9n~O-qqC4|a(QVE2N)PNJ~$n=~eN#jd|p(C4HzA@Di>@S4#{ zjt|C#2FE`m@5pW3r&%u4Kj(e>PX78t6253w=xnh~b$NR0169L$UEN5tJ8Cb!znx2| zqoYr=m1m)>{In6EN3D_^dER({ahILZ1R19=s3P0jnySsT9C z0?T3xJoncEukfEk3(Sr!aJ3_ZehN6k0-tftFlC-KaIcG6lBKBlus68u!`tAB(jrCZNw3ILc%7n474>~$l5*j#t*7stL+ZOsWYG|{oM}Z2S0#x)2T{@Z8$r1Hp9XMa z@l~?}A9}enSzw2=u$xjGdeHQl0cQoGQ=XPuz{y#%scHiBy$S){$dfQruzx5T$N~a= z=8N2O?!hI(-d6_ygutBj$;M0yUD5d_93l4rjxR_xH|ZGtT_LpEF=(~r3x?;Aa+5mgDH>f9-uNQ(>#; z?=O4wPu~N`W;98|qQySzIcHY8Athl|iNcMsNJ6-=z4W~bUdD%sv+QoJ9da*}ACEbL zz{^YVJc2Br43yHJU3;Efyw;qv6--n&IAV>^rTM$%1yaOLWFU_9m+}_e(~$!~*F$+diOH%ID56mtPj_XR zw5wZ{`^Cs=RV-3+YgL$2Q=P2TXC(5XkQT{N=;)|gIOesZPXvE?-~i@C*mB(hZox|; zz*D>3TtE(XIY&Sutntl0?B{>&{hAtv#`>imwmkuizl&1*KB~uZBVlU#C@~bYf^(m7 zpF_&$b!A7-a)~IMSenb9ZBQ~Mcv1+(yu|w$kWUX+PqPV_CN7?6kE>jF zHLA9&_V%VO8cyXNcs}cy-Yr@ZwQvURc{dTm!4?kOVkr8{#PjsH#7=%i(3_7&Xpz$T zOIz!E?a}w1z|=u5Pw{I!x{teuK|A$-A}ITrYEl_R-`2_EdTS$&wNy-?2R!ijJR3%B zXz6dm(zhL3Lbv-KWcdL5S06tgY5zx0i4cH+mpPooH8 zn8e&qm5+}tjwSUPd_)F|Aa2FC1FT7%M#-+Dr^7H&aVZ*VT8}xX)w&c{)@A3|ylko! z+vruj&|u$VQky2o*4ArP?>36-UFOpI@vHx2R9u6e9StFODe5dZEMH71$+eQKEGc#rEjQ-|}z?qiyv3eDn4QjS?*1S_kBLR6qZS0n1E>dUs^5#gve@0a>dpF$!ue6Fs4Gi7m*6p94ACp8k%bF z;3L%sQDk*1HW;nTBw<~Wv2_W8bxG88I`^R8-Y8X8JCsU0lv-ptbI4D3M9^u|pUjI? z&Q2;-i=al+dnW>S3+xrwUYH zZRvS;+XOt6YC&@FPwNI-FqD_qBAABKZUIQ#Pl$wSm|}*y6d7t(xsU!m8R_yi4kk?S z5k>;&c&`D*Brg^7iI2XZed|-P3?&%q!jU)D)=PtG!Cf%pWpbu~IY`sue(Hi0_{QU- zj#ny-Ha68Ng)qP;c`9C(cAN(uf#klbIIUuVQzG($>L966MkTIE9+@^s)DtklDE?=` z_{c{Pj5H(|7sCh&^YA~RFou}I+#x8;0fNHh@TW?`T1M{`B=yl?Zl3m%;c7R>;($XM zC_OCn%V^=*um#;a-W&~|l}qX6+a7B8XogF)*$ zH$R1+j>cz0GR<=5KC-6yB#=z&btF@w&|N?t@!nnpSsaD|9bj;U7pfI0R}Bq@*4*@x zHBqwq(G`M%Wc?=;q?_Pl2nuqNpdd!ZYF;2}Hwg+7-HjAvoS-0(N&p`d+Y5$+DW}3c zvY4rjtAxE>yW&izE#F3b&V(>l0-b*|~>eAwhxqbXW$25Cw;PD=;Lm z1Qu|~?%6)HJgnk4GMFvkdGu)H$^M&OVYo(NvJj=S?|Q?--CH!sujZJgJK4Jz zs~gx8{K@c2bh% zHL>y&CGPL;M?f-kc3|SS{t@(?`RM+>X8tX^JCVohh9N+&tR$4C@MOeLN`?kp_TSCU z|9!PEUmMeAgE=Jxk7LI=&HXV@eGrqcgZqln@<&>M|W>L+xOJQK`b`w1Z zIp?v_?Y>Q$QaCfDY&IzY%K{=o*%>QA?S#ySXZT#z>|sOO07Jcit!?Q@lY%oxk4MgJ z_q1EmBLyhW97v!O~kSh^W!n*E_=(-KIc+y=BmUCC~td z>`O<%Y+|~l;!W5h-@oiC`+wX2|L=Cyh+tR0V|G=OU{}|+OeEj|7zwe)J0oOQBQU#4 zf0z(!6jVnIiwR$D6M1pHPqysT#tvJ1dXm$|nzF^OQAuITy5q~9)m&Hj+pUjavBtpO z2_LC-Y+YL+Z`C^ci4xh+Bgn<@0|@!veg;^$S~#5OJ|n4Cj}HjGJlA7xI|V6oA9c7BOlmqvT$S={K|s+XK%i z{^+T5&8Y7_@P9AGIY6yBx}K54gTMJY4U-jwZrHUE| zUxIobM;g-hKcykwX0?sF9Qk{Z;rJ#_NVy%3mf%G0>@wzSb$-r)uca`8k)Qa#%Lh<1RX+mz}6hsuK3@?*{O56t!BRsKcms?YdO0&cyPcgmi`ez76{}%+qROF%` z0fO27Cm@)K(b`(FM9w#4IZwM0QU}got0Z9Gd}1*_dq}Vt{Ol8gpM8q?+2b?JxS*Xs zKb2R$9nRzA)>-d?3_G<`Mt`XAY~A6KKtnxXO}kLr|KAogivZJ054N1eEn?!5$OU0s z|8*WD9W)p!h1%xpGy$YKgcNMUKP}0FacXLbH~(|q#CscU-B1(Tho;OOH@n}cDh@XofxvqxgOnu z1im)qwnVoGe~#sJ*J*wuwI)LhbjqNt0l{6%Xu5Dp!^8a8i-kdJvpJFv55333Braio z`PKf@(6slH3o?dWolhzZS7uXO3f!&qJm&ZhK+Fp~gZbowJcS$pl38JBNv=XDd37SE zBwJX|cnG4i39u5)Gg@3WL%rQ!?UDqEi1~oL^E}N>W1e;TeF9>Aysm~6gW*Kqj0jU> z#agHgidqy3W~(Q=ZbP^*HkbcC%F1{lRj~3Hz0WIxz@DMmm{%$$-%n?LH(8~C50!YV z>(9D=)gWGBjoU@_S0BDn)*_DL_pG<1eCABNv?fa|zP>fgOS~BAg z=AmvceDwWQmA6gn_C_VG-IVXTc?)u-k5PnB$T9YJfH{|oXKobY$*A|rkjqYx&(4$Y zYb?`sps%R!;+h?xq2pJhRX3k2H^F=H8=W?Wp*$v2+?D3S#mB)s__&MH%(I@Xb!_2Q zqt)&&ci0f>f9^oRZ@V~V-RvK60@a66T1>3wA~W3SI%K!j@AUlI%NH!wULQ#Zy>@H( zie9IZt-iIAYzJG*}JQ zU`nREedwy^kX=?U?CH91p4+oN%;iMczp=fd+W1quu~xgW{&s|L-k2p8p2d)&K)ItM z{#~OKl-yWT*M_;Ywl~*s1uWF#jWVk7oRH6QKJu5)%;dP#hE2IPZM9pKP{VP=4o`PP zHfH`9Yi5k(w9AMie^SvfYk*vUsXsNF)Z2cd3oyvY+!v*`(}JGj55O z=kpy?ZYPDD72{o3VVUa8v4`*pgV%FVeJaQruwGVI%O2MVx~;;whHR`mSdZycLrz=< zg#&Ov3O@bmHY!M2nsw=$AK|aeHNiJW_`rJ7U-bM(SZLG*0<~jVK{@w|qL4mG5_Rr~uNJ%9l7PmSZrrZWDjY319r+!)ypT@jj@Ye|TlCjSoPey>GcyOgRr!;Wj1-RD$c6waR(#)b> z>6Ts6zy-h+WS20kyJ)ci7W}k2L*c?JK%nke0|G{(BBB3rt$4wOQetj!5(d zy9u%2S0%~6N!^hA$#(HLB!z62D)pEL@1?UbGWxZYofr0e#UN}ncPpF;EiuZB^7W$3 zD6PXzRY8tKnlylryFmo2bu54W+a9tqjQUV-?D%W_Y67Lf@*j)r_e~XCNjleitbg4$ zDL<+7)$!456f`HYVd>^dERxYkgz;|gYfF|=PV?BBZ;s13xtD|pwO2?c@ZD1fdJs8) z7}Jx-n{4yMHUhT}&O@7MMYDG86F8eH9Zn;{T`8-X6eZU;Dx#m&<~zd=E<6N$ciT<_ zA8!pGf6WGEPVN6i+gk@zwRL;L2gJlc5m1m&3_?Jq8%05pPNfy4LqHk{o7kWNDvfSH zLb@9R5R{Z|=|;NY8*`!F^W5umpM&>%|8l$7d#yRg96f$xEZ5T$2gg4<*ov2=ea6c; z_pwjdu-!2jNxrGd5D zHWi)%ik3%IkFDxQ4FMcGgNwccwAS@E!PXL%XJX(RBD+z9-7@~oLh_aTqtws--k}x} zhnyO(0p#IJz0GrglzyBqELgq_Z3>a{Q;H{n6c4euqNul?{xyAXJ#=1mMFyI>H{^|3 zQF#f@q<-xRg*Pi8$V@d0mbjPLyKdj)wsfTS(?29{84R62Kg{b^BE%fBvT)H^x$L^t zUf`D7bXe$a=vc~aWGn5>65BUi<*PC7 zf4P=$o_qKDU_F1T3xkA4)q(T1xh)N zFLjui*m6K;fqcNo5pe$o9%268Oimv7djX6gEv$M7emmb6@giN5XQd{qzc>YuuT)eK zjTbq=_^P3BNliAxE_F5}w7ASj`tc(bwhD*ndUH_#0sd55l)@~>D^_lKw#_cs$qWu; zTHE=q&}9odlqmpEoD3=#o`50FTb9lCx=$^MvaD96_*!*`IK6NI)f`ieAWOh;q<4Fp zty~Tqama#3BUB)=&wD!s9_p!61a=&!7WcBX0(%YgP&us(&o5Lu)0jDapsERa4D_XY zf&h<0vksX-U!%TU8@1>=A-r(uOTp?QPp49XJLo(X@{{TZw&pL^`T2*QgL{6zg2nH4 zSu>9ZE@q`!^p?#x0~UA9uAg76gjFkFK$>@^7NMMq01c>e`!W_>%Kyk0)?(Zhh{H)N z81(~9eSh&2=X8j?^^F|b_uo5&=g+n}0Nm}<;YYrS0qO{<+y?wJHo9o1o8xR&H?|5| zYGuSLX*(PVAc!6rj_b@m6K~HOZR^+u_XML?#$9Pygz=W$eQMF4x#{WIaqlsWRK#)V zh~rZC0uQo2)g1GFsEZiWAr=^ui*3Eum9i8vGVm<~XEY}noQA*#zL-q)x1yx%z*8J< zEPI%Byq!Fc0TSgRjO$@jb7~K~Ovg(LW@+Y*jIRl?=7FcxJ{3aIQW2E(?JY5D?kT6a zoQ^an2GQ9~4`C*}vV@Puec0d%m{k$`ET;_cw3_ceTlk3uP-m~ReDvABE>@*vZKd{2 zSJ1*)tl(QhjMjV}viLt4jm<7~s3G)m9d~HpoO~Q|y;9P$|FcG{^mbAE7bS!Q@^6Sc#a(}0^Bh>!0@V3VDyVbXRS`k!AX z2&>bqtj-m9d$4644VnLVqIl$LiYnF91n2p0JVT%8Jy_RMOHd{96Kk7z(7fXC%D8YO zC%a#$pEs#L#KHQ9SN9BAOQ^gs+L6h9zQ}9YA8b>6fkLab`OuM;Q(c+eUI01O-EV$X z2W&9JqR2q__^5fid-oI~vNnDXaxOdkv zP+oJ^D?;p*Q+q#v#d?$8(RNyhfbaq^AF3)Q1PV-!nV7GN9T5prhg4s@%?Xv^= zc@8aZ$vWGA)F<6a8rJP&n^TM@r1jvg+05aA0?oEuU`8`Cm@qTCj;c?q^kJtLq|(!& zclOy%5(U(Ofcz30(q7`(-`ZMUt3*JdjzJX5*i~<%&ieL{s%t1V!K;^98O&alNk&I| zbKwByHzM$DkpJefN~hJSOa$Hz9=8<-A1vKdCihJa?LAYj*B zufG-F${Zw0N_z9gOSfp|+L|K>*F=3rK4(Z~wV+%Hg%v74Z()#qBS1-~^X&x%{QAXqlbY~LPjAkP3oTaHi#e#7NDN6C6!LI zDYh*WB_$u-NFDOi36S%)4a*v5mBxvmZ)u~A(<%@G5J;cx_g9a)3>-%Gz6r5bWzInG z(${L&QIg;H2qb29S?J)83(;QF!OO2UXF;5FY#UZVo@_JQ#e(}bsgJ796%_eZ&H7vp z8KtNo7LDv5f9=>(0aEW-HilnE;z0X0=0f$*^5*S8@s7pWj68=x-OEZBTtuj#WY)KD zkjtBfpK824vPny6FWq-rbTMXt%NuNtGP)`cS0VTF%qXlyfHL5%jTv*3^#xM>RFSK5 zkoI)A;on>8Z(UgoLQw5|Qz}HH7t>$Y>`~!Bux1xhT}()I9b8vkVgsKbY*(eabVK;o zwTw1vkEw#y8J?cbdpck#9b5Y@T-A2$yhm%iB7!hW`Tw4&ki$uHCD&FI4Iwu(iJybF z!*xf?+%Ys%z-k*7sKl7%zR>Z4F-1}}!&Cz$4xY2Bk&_mCSLU644@F+eSf@MoZ=DC8 zr@uJFe#cZY#6}m8e8!e|fzWETF{H*S5CCK9Q2Wg3;MTbt6bn^uCyJ>$zCT3Rvz+`$ zQe^xtx@PxQ)3JEu&R(=j1r){nJmZ^>s22x%6C{R{0UT*9FvnZz2B@=?PiH(YfC{Jq zuh*cKT7#i-MQ*mHvY}uCXIq)m(N^8K8$*Kj=zBF zMm@!1S2qRBI^O^9rg3P*$;i^q_n_`L=S|_A12YK@!48T0R%x;T(US*U)xK-#^tq6J z`sCsCrB@>D(WBxvo{%pThK&d-I?$%H2rPodA8TuAU%-L4`4>@7^d7qv&8=1K zdF2FSBp{IxJ#T5hTTWhOLL)fec@OkdN(A_xVK~H}Zor?SDG+7`+)*M!IZZ6D?hw9p z)Z%z0^1iMmwxe_yroEuSkp{syQ zoW}0PuqTyS?r9pwfmii=WT^$gS%+2#&(Ev{0_{s7b00xkm+I8IQTjUpOGZAJwub^v zngYK~W{{n6aMPYq5bRKD%aGOS+Q=|eP3|E_8A@`+^E7dJ!|qpBa#D2Kx&p;=jnk8= z@3(oILO!XV{qJa#kPi+*x{XUA;3L ziqKeXQ||gUnxF8Q>uABEp0Ee>1*CtBQAf~(6-cOhyU)|a3lsKw^Ql*~0&adHZK~2c zBfppBG`yGfO7e|MNRygR2e#MRE5Ab;MG5nC)1QKE-2Fn$znaB)S!X1DI6esyR~X<~ znt$v7jDIt$9$n91ks=R2FG;TcakemR(!}+YBsl};8TH41xe5_u>Z`fK4CgEE-|>J# zW4{NjE!}S65NU4lcxH4YMXA-I&Jrv(sADqh0suHlbc4JVht z>0`0K0FZRoRTV96z><^dxsOqDGPEY^L+=+Iqv=~#5*iA`;DD~T4Kg!%CkMY%0m#K$ zwds`H7c>)@r`bcOx zljLo?F~5off%qQaaLKy03k#2poti$!?-87aRAS0;7%=eF-gen(lTo-p8Q075kX|ZC*A1^kd|_Y8?c+>vdt>Jv{h@#w_80~&T8fd@dJU9= z9csI5oH-0@8OCd^i%0ZN&h(DYWe?$UZ+Q`7w0<+zolQEdC zcoX3nAc)kUY3q@*b_SRJwnGd6^iixi81H2|#Sn-RVWY8S$n>I0NLH5k3b@zc2bDjr zEXGZHX3U^Uydnm7=+{y-<(yf;UxF7oLHg?gN`Fc0#n1<}I+v4aYZD>(X*7(DQ)NqB zL^-1}Og~MX9D-sA<$8g+7nCIwn3Zq9Dzi`3pUga3e=?VYMl+AcYqQ8H$Xp0<{;W#2|{LR0nO zM}|vi%|nn}Qf305`A+=O)Ltd6&qI)SEG)+SWtL$d5DWz7nHkBkF&u7ENjV~`2WQnk z7C?m(F7!~N_!=wC1hM%ERj*?rbemy4=O`8x?%9|vbsH)|1{J=th#e)l+(9;jhYxLq%$SSF9HA7%kXAuZ zY6q7RGV#gbnA`(O1Jv*0gkVqw*cca)MNB&O{cCYWf{JRFRV~6mwEzYRz=v2kp_?EM z*x4|YrOnFYhV%pE76D;9^iUOi%PI&FYFpa_d10&a(5T61CCUPFp&t)@ho`f?DhNp=Rf+!a{bl|w}eB?wYgc(xr#RWn2u~I(di4#d+Fouwq|AOxD>nau# z4W2<*xlAZo>qlbcxLE(;DpcM4uNE>uomFk-1g3Lw5lG$wB>KrOwSZ6|fSxo;_!H_$ zTL*SjnV|26Ibtrl{|q};tIojE30>>To~+*#MX69SgqDb#$twuL%eoHXb;imODNn@h zBA~k(;o3go?PtECepp!$8pXPbXoQxWL1*u{M;jPCgF0)k9J&V9Wv@h?{=`0O-9iJ>t6*>&vrhxI6MNa@_h zl+I>^z{b+Poa>uZ!oNYVJCtDnkmzQ>^jxS!P}-PElyA%cv7`R25G z;15m7{}cc6Pa4P$+xe=LnWN3V0Bo9ya5-9r5-dY$G$A3 zu0S6al-HR6;Mi<8g}ncNAq56-ZKx&FZT}q<4B~aeoTO@~FJ3RLi8u{!TSBcNv4_JD z{)uEjLYqOP{;ejpnrYTe$zVQCR5pb~pPL+BEX|2*qG?|2LdE{WhC2~+i=r%I?BPG| z`Bv6sL{c86i4^@)fZ1p!Xc{#jLHK`JH>dwED8o7=oKg^j#7XQuu;U2~YDwkd3OIAq z9ipA5HYl;ovA)egkCb0rxxp@9zn`1}pm^vewvXe+MB(bXs!rw`=L5=LybMaHZciOj zEYYC0ql3B4;OXHYJ2j9;1foyOf?6miqH5S@mA8+nZ5n~ckQAeCuCbi8)ho%j4c=d69q zkdiZS-9IHoqhx=HF$4rm1EeCpF$lxo!!$|!-Ltzuh5pm)zW!j+m^1AjqQ0TcurmMG zyuWnXBIFwC6T#ca={CuQRy%!&$N(o$Lm_(@7QXHF$wWwcXLeWc>-4&l#Yy3kwVH&d zxZ4|}y3dO9oUPa&ZEzAD7n`hgMGsk%I=uKiqir%|4DFF5>ZOPuQU+vd>SYKCvK5H6 z>Et8KsCN*RRnV_#Mw!KNoPq~E+t0wS=PvfEoz;L?@oLh_}8`fXm3gOV&! zz!6z%Xc~)WWd1Aw3hVo0ktWFSWv5OneTQiBwvf)^INNi9AB>;~F_}`qBVELae2`Y-yIqYid9rt0&-OeW{}xkV zinXBIZQk+}IOy|#agd@`7*m$j*Y_99zutAwnQLO#nY+rKefNc#MiMW=sr&7}$lK8) zckG4lYuIL$AEf2o%P+wS=wuTiZah$X3w{1)*9+-T%hYD>YV@0nSF}l>VEX8%$8k|5 zEU=Z*TnB&hJd|Zynp+uKzF%JeYS@2yiOC&gq#uvG*yH+fbMj656&9Nps=YyN>C7|s ztYTp*uG^uZd$lQK#nK6~jVLs$clM$c7D8c6b8QqY6;-LfCV&4j^u{b!nznw;kjKY1;ZzP+I# zAyepioVtdDox*W1?}p{_Ao=*-BSiLl4>U(HELB$H#WT20Q9@P$<`le|VQ#6_A8AaA z+l5OO9xoBEm=>*jd6W2)e{zvV0uv!)kEA9u<^eE*ocZS9)7Q~5Io6~gV5B*w6?R~# zX^xeUFi67z=oy6DZx4Th&436n95U{aRNyyjA0?9iX@Amf(+~&PcUfBC;CHw{ zBg0GJBOPsd9Yq8SCX|vrhlhXh%_hmz+hD;Vfx}_fc1tOXR2*%ge6Z^Z-Gd;;01<>M z&po^CQ{36899=RZ`|>y#uS40KsjqK|H)h8}cdaoVKhjW4MWsY=8COo0*;Cf>QDcsU zakKW)pxVb(hjF>GH1+!;dkL>TxlsU+M9`(WVxk4fyKoOza~~TCTJPljx<^T8_c@V@ zo#)y(V~?Er6jW-24VPgB{_(YcRLgx4>W3HaG?+q{i=k>sc?K!$&+WO+_Gy@}Vn1bR zows?5KO*>Cvti9hkEBnwNqq2*ooDp;;?mkCEMkM72q(C^w8luhspZ|~%G9eY2LhIH z_AN)l$RiiW;YTs2hmXiUaP$$kx@yvQ7|ojaAwhP)w*p2gF(E*2%}Pae4dCat_UPO- zxV}~#FQR=>gyt$Sk)xL0E|^WR9$17kb*=*7D=O9tzT~CB`Q|kdEDmf@j7RaoRF|NG zx3{Vb1C#ejR@*vXrg4$nxB<4n2_kA7b+*IWq6;KBio%y)48T{-v6waq1-O!bKfgMpc)iw<=Vxhf(>Ep^3YCKMkO?d)BiXz8kG5jj;R zE+qQjR-4zS+=9cMae0OF;Mz?ZcrYTLqc$U{kajGWE#IzADk5xz+ib4UiaV0rkX$VvA+idR}Bg7B%#tLZad%QGxFL{rMck-+M3S0 znTq$WNCFU1_(AyoAamjJ z)Vc~kT=hezmy;a0fjowTMsF)peA%tW;0AZ4#-l1F#_YJMf!63lLw*Na@uh#%9FYX?j?$OW;PjRaryGQH2@@?+)TItWD`0ezIQ+w za_7wbxsf0?kyfpapTQHm>5-%PBg7qx0rJJ%mI%HF*YAzF3^xFm*5!TZQ}G42L!yQU z!@#}W3HRF)49ehh!wK<-6Lfkt!*1?1`w!d()b$Y*s%TyXRyb+U5SWNh6N%yVX^=&MxjGnNh6k)shkqpMl*B={O5y_)_u$ z<+0>dD2k8HI_aut8Ch^DJLM-9U|``hI{pS3f~-0j4ILGYFvBdXy5-GD`V+}7Pn$@5 z31rW?<+Py86HTzhK-aPO*l3`PSdpcJhM3ixsep)z6O?z9b)fMhc(&-NN2CM5sxvPA zwavhp%^8hEq!8|G=M-fu1yc8@z7C^=>y+FLwe~<-K~hQ=5mT@Vfn~0{AVajvIGb^g zqzKI}&-Mq*bWaQs#}ayoyHOGKcovCh+oH7(gkWuie_L;0>yUvC9#Qow;T{$(vW}&N za`Vp`YYA+m9ac+m-4`nDER1>W&S@2MGa#2YoCQv5%zFsAj{9NtzS4mw;QGJu#_#QY z!hX-(MhOK21JWX;_k;{+(ZlrC*wE_DX^}Uy+l1vd$F;1 zjKE6!v%|Ka-#-zr2d@@Z0QoEVfxDEj0ueAdn~)d#6OfzWxhVG83>d~NbqnM`{&Ic%g#9^caDqCFh^bPvnxT|N zA%N;^F5Y=S{AKM!+ta+pJjc3#bHyP7*VKo5zw_ppsC=^B0vRFb(FWJfa870hZO;R? zclkv5Jy=j3@K@bf=ny=AHctXwoC+r5Z7XYUNJ$ZHnSvPNzM0pn$2`@?+ zoyn;TIha!!AQ$T9zulD;bTfs%H1>%1U;(~`Z^1%sxGwjn*IPlIar&%A-ciQ=i*M&6M8VNwUml2Wv2SvCS* zg#@Pnlt+qzJW@ zSx?0n@HN27F}IiYcX)uQ&J<48m^95AUbEu-65nD*ZE4-YYTaTU7++z725D@oRTHVG z%_-1D`PQFm869;79JP&eIl`_hfhAEI^yNcGEd|sm&yPl39*|j7Lz%?}sm{m;9$k@} z=h7o@TH>><8XU9tJ~3;H;zeZ;B6nbv9|Nd};JWyqUWeqY|Ief?M0(07((~I4S;F42 z=sZ1Fve^2MW~O=ErmD7Pt#{U*sdt-Xl#?edz4cEjVP)5;xo@6TVNQZ}%%LDs!SSEE zH-B~S!MH~DpW_ca}`8x+i7CT@k44AB27Yw9+EvVBS-xIpLEY(;D77_QFRgd zVPsIBAt*CW5H%<&gY>M_a&n;??Fat`**G5}W8>Oz)4<_GLT2SS+=DrRs^(UGP#flJ z_de^?4W-3(pYWumYBA>IO{OSFk;3VkEZu*}aqXlO+yrzFoNrI01s%HOv>e!uy$w}A zuG94X<~oT*@excU`8$7FRm4s7u)uvc;YnkJ?<9+227isWD2h27!5H0uAptKX^U zX*h&wg@#6SBiU4NjbN;x6iH%|9BH<(m&SJWWqe0!g+rZ?!)>d4lhEu}&5Eya<+L(Z%p0BIUpp(7KX+MA+whpmjIJ9L6;5&-ig&1M`0U zp@FqK2`!8|S!6}JKprJ>&z4aIx%_o7D32MblkMPkY}eothnt1}aM|HrRYah`@3RKd z!=r0Z{d4Z(19);&GHl3Vt`-3r``}pmW?DUm51&fSlH&@@>;D2R8iLJ+qv%`RV%{L0aJ| zXoaSFMpPb41AipV@J%TqMl$HkW2N@Ka&BgWwpmEA0{A>f2GUl2Y(|2;UhB+ zc!oA43Ks1{WB@idiGj|WsgdItI<<$ep@&kO*kpsFbb2UaL%bOl=hA9;x#utFYi~`x zCD)qT*{+QH;WS^$)-2k~a9JeZ@7O3xW4Qf%d3$P1h zF9=C?oz*TRg}uy0u^;Fdt;0Mx5Qd6+JPvRc{NvuNA{+88MG>YAlmMKOEf6r`Ts29fxW@{wF|Y0j7>QX*r-UU zh~!7Wqye;|OR%C#ZComF`)~+ZU=RbK3h1hig4ltIMNQl_5IzmgiUBHtL?2GdP(Gs^ zF~=YX(QOAj;1aggo&}5f%A*fCM}0u7zUgMk98%yX8`BCy7ni>bM0}*sFvLy3Pn$m4 z7{E_R8bObo#C+7Bi4QpcUlrA`P|yaU*~OTz_WDOL@e~ileca7=X1_GvsrP(G)?G%l z6S=S8z3xN&YQG{y;_kzhNV~!vuj;$7***>;%KH%eSKlSVyGO8Il$e zn92K{arguOJ^CW}d1TQBZ&kOeb2^_rshWFoHiVrYDf`$ge4alh*!P9+rTnn$jO1(KZf+3TRCbY{f?v2J4Yde zd1fNFAIT7;dMFz#NRd1G3?kRkbOr=a!vSauXOy)a=`BT&IHn8_xGTa9Sj38pydk}) zSlB1##wB(&Vmmaz{S2(G5j|X8YaC0_D;`VHy@g^eU}W&xHeIukLyT+-$XW%^<=JX~9bbygvU}y)Y<=RQQ&SUPr{N zg4k_nZ`B~tKJvsYlp9m+08-W3T&KW}n2S*JcG~%Wvee&A(fyqhLB;}#7UgoN2!z94 zam8_8e(Ug@JE!GQK61#2x8u$ zdbug&G;l(U$hj102o$e{hK0H~d><;d8iHOnoRz8rGDkrq9HS;)j-n302>AcN2#_4O z3Srq{qDf$L1_-<7y_$P{3Nr#SqT_f{72rAXuOGIa(PXP%+q@7ZqNKwlLCVY>6IkCMw%&JJKiSv6gyDn!h_`Q`;B) zO#ije3~H*i{&}4;S98DS9l-vO%RLR7P&}tSu;wr-N09d!IFt{lNApv{gr+`*s|AAJbtAadA z8tG&|5zXGjq^Ev>2rjJhc>BX4`Gz@&L_1&y4=gA#M$Cp=YP{#g_zA9y|L(d4P*h!V zeK^E<2)~ZtWVg5q?bw-jYa;kEoBN2$5G~cAi1t^h!+=r!QAZs*nK<$ASwgd(H=j%$ z^ihJaUxRGaElXbnf!qSL-NMYM};(N%$+A;;X}-&xHn83Nv~kah$k;385Dw?*$PxOllURmO=GF{uHWA3ngNf}bBr zx3(;HmC#Luz0=D*v_e@NlE719$bwbe4jt}MX(Sc(vv zbme^m7s0QjHs{6CX*)=62`l~e`Y^^GfQYPRe}(!biiFw= zgjza55e+NhgYbsWrUA*wDO&xyu1kwl+(v0^_|5@OmsU#8 zoY;K>j|$h8M*?^{Y1YgiXbXP5k0qoG}s& z*d7-_Q7+EZdZImEfIUK;!5{4rEdR`K^g*;oci5x5h5{OmH}s?OhitM0*yIS)s0Z+E zqGm`OSf5)BD*S{b{M@$Nhfht5QYI_Rt-HxJMGROn7A6uvwtdXg9() zcP1^(n-7M@E!VQ~jgK@AXIU}}?;&Ln2T|qRP~mbk8+YA-j!4fHH|}F>sMs$Zi160` zrta~dQAjbYz^v_OXAoncLf6$5u9mgR_F$0)y9S&0YlE!Kq@O){j-`ix^dc=P4SaC& zsL8hNz9i`i@42dWi(YD+T*$Oe&|=)|^5+ESJ42lP2SW zT(t3JO{!VDiI!z3hqOPbf>kKoxr0Yfm!tz533ZCKQ(*EGrW`r9@p#8v+kr|he-ZRQ z)kEfkh>5W?C^|eo4GEKW%;q391r|d=!mrG9jr#U^qsr8TcX2T~yHTk`gk{J4k{pY) zk_<4$#ZZ?ihCA#Er{NZca)ow^9tw4&h`J{_1tdDYD5CjFs{3!z)O9J&Am?d%JCAn_ zH#->+k4}oP!kRtXCD-4q0bARNZ4Lg;?pK?JC2A$pTr7=ZF2spzFA@<^Nrk2b z$B2t0%FTQ^cMSdhm@9w1v8U_1JH5{r?Q>oyyh(Z9{1uv0K)lWu+W9^^%ZL;fCy*^> zg1`vD#~JtDqKUX6TLz>R!4dO#8#)#?BhN^JC`g>~pzj$V-4l6&eo2X~Z;atKwb3q? zvC>-;M%}k>7XmFoM*n6PGj!kNq<9hsP zr$7LSj|bW@`UC!Vf9T|at(I)>=R(AIxtE~7-ZQbqw{Sc0HZHzv=ZM2)VXHeHMc#lv zD<+9d+PpeCVs)~1fUJMEIM*wkDgKH9BD<^y++H;(CImh|5dw-X>PB8iYk%!B6-E9g z<^+5WmjQC*`$uE(1_O|zD0&E?)avMgV?wS*VIG1POJ^%z`cvj@hrEFkyX7qRxKiwW zlHXsA88iuCM5bsX6Kt(fE>rri<>P^JFsXJ2kN0o?(7pFo#Ubwi2SfwyNTMJ$_G4yR zge50VRcqrrmQ~Df3mQ{ijXlF1%hJ(nlGkfQMMc%Ur+uwOy!FLfzqfX88*o}VLeFOMwn?5BNvuBa zs}2DS0U_yL+iQhJS~72B@ot4#2rEq#saR;o5fMa=ExjAKn)*ag3${WD;7f%v0~A1z z@JJK%SDU}j!rbIwu~Ho=@MiGi5C_CeomYUF zbha;`W{GWzKEQ9RjuT9s z0(^33=a36rs0b=4@?13~+VZW}z>}n8w=oY%@&RzmZ+~)mI}nrhUx>-E1BlsOTdO`p zxH}<+_9-EfNJEgwn36ZPK#N*W;A&m5Xp|m!N`2|!Pb@&VDscGF1cuk;qz4Z7mor3M zt%P)9SrV4EA<{fwm<1iMPjd5T43ADE$vE~!;qnv{tjruh=tnS>?#%I$M^uhX09V4`P+jL;l zy`?gv88~Y%pT6S$J zkS($#mKQ#Uivg(ui59HZL9XFr{vYacWU**F411^Uj`07~&#l9!J`Ex9pdJuKY5 z?NC6?i<3S?hx~+RZ-*4dm?EEsfUp2|W4jL)25*i7g44th=B}OX~9Va!uT^X~~#U8p=V>`U`@S%==NB(33ygQ|AezITq zVB2T5$JN&-wuN}F%n5thg5F^}gtFYD!4 z?-F|@%X54VDJa&wp7%PM{e*;WF52{!7-~RLjBfiG38!~f+TUNSwfW@o@i&(hY&}}5 zf96>{=BWK$D<>uE*d+yx# zB1qR*k_&N#A=s#B>frZ?xfDRE11R6%q9Nj7CLHQ#9YPE2hmXnyI4jJiM>W; z5E9$%1pUuT?ul6KkUZX~UvyRPQ2obOb2QA241whz$JfTpO2$_z3f!JQ@5>zI@9-#C zuI;}*^*pYZv*a#LGititCXahe)o%RsgwVXW^PxAP)iz&-)n%y&FTMQOXf)EHdSY$X z{`K0JYNDKpz}9R`2@%77_+}{^*$?Sx5px6>8VrLE?@|bw#(Q1U$nJto7`|LbuoT+$ z9K@`fAqhz4hyCmIq6+#-U<%lad?ByGB@Lr>^+wE-5vf{hPb4h~7RGHME3hzp^Ru<9 zABZ=39nX7Ag}4s$!v5h0*?z)1c^Wre^Ft~q{CL{6@jVn_&%!)tAk0 zwFtD14c_^b2_d*9Ad4(~aF)XM&`vA}u3uzH6DyGy3C}czh7YaRO7gIa*6o?p4c=Qs z`#s^M!fKBPR8q$q85X$Pz~bF^{wjFQo&xn1{K0Zx%DWyd)F0s_zv1i1@k{oC5vCOFuo%*Tw#HP#5 zGvUDH^2<8wcC)?)vd&KPiZX=UCSG7P2+z! zJL-|7jn}#}6Zo2Ek?oyWX(elJXYTwLEe(o>m4!E5;=)-hJ06_NU65+{=)6+te4t>V zrGQpAZ?wProfz%%hqZkLnRBimW*c*F8toSo*Qx>2X-JdhP8LA4H}A?PxqTOJgHPP; zPypAH#gglgh(~{9!&?FEeqY8ZhYUGdD1Y(V2z!mam7;bKq(K^o~t)ANTmffpy zNZ6^Tps2%nrFcRc53d>9!|li{G`+TbDR*kr%xlkbPKR5_F^|tLMw(LK<#k$4eEExM zX1)bN3*oc2#xudFVE&B~?Fpr;+ZHM*B~fbXl&z|G&{2{~&j6CU^xh z7}9AYLNX*0rhFI2C7c$yJ2IlEo6PoFW_2SU*p?(vMw2f}`|k(_m*hNH`omSBrHE)C zkJIC{5eDM<=Qnb-r^s~Z&6{`*hJ0oxNU!jFckV>%uZ6actBJWu4HeCus5Y|Ie|@qD z4z23xSwn=G+yJW)5V9SUC4MLNLc`*k-1 z(YEv3xF+{+bZ24GMC2@j+;zcD1NRCjXcr5Y6x!}}y%GPJarnRm3dSA$g+azb)(!3V zU%yP(ixjDlNH6khHbOe>*Mv3+x!moO@pIDClQB7_Qwl~g@y9nSB@{|!2wGe*Z_rG7 zZSSFkQicC|RR8=bQD-23q{KziyJ6}*BQ(3y;LsiKH>Ygj;r@2z)t*&N$AL}b37?wD zG8ANp zZq1cpd{_~6X`ild?)`)10|(^u7QEiwF$b%`)+DNBrUGUxGFzr-qnrL4Be+UHo-igg zab~050SLXT0V$%CrbPm1yVE9VjTm6?505Zh2{=sk1U6k^LzIFqcW!e9?(drAr1EC^ z+R#DU*sZT7-iOjcfh2MYcMP#~;UBI=Q36O3aU zfu;`Oxob$#RPz~QgJL#D*I!SpIZoHeU_z?E_Vc(lpzCklFPy>`HD=zlncg#k8_jtH zb|hc_@k4#nFGZ{U#MQj9EZMplC5*u*#K+$^Rloc!zm7Ec!=-9Ma{a0JhTScA+QqoS z{FTa*W~r9$2|a6HQQYxKiTAjQD`(gi?XzFUMVKGS$o#(uT&*7*W;SJp?#9JLWOSQA zT>J_;0o&I7h5f)U=iZB?$s@K0b@gIGtbrsoX zIGwVU>!a)Y0pHs#zLiDHmBLDy)xP?wSQ+Ub-Q|DCtl?SEm@JZVdp1sO@S8)1I><7F z5{0ZssY7bK`h!|2RYIIqPYT|w@QpXZDms6tww{QAcVZBPLBckuwnV6RjI^vdI*x~& zxc=d}2HD_h?E}j$D>f|}6BZoV)sEL2-{~)9O2+~&e9aj~tBvMD!1VJ`WX>h&b-$TQ zNQio`L=i+z5t5bp+TjZ7F!<9YDdvFq8HPSt{DZ@HwRK88(2+UwYJj#;O%A8PC*zf& zVJFSemrT}H()Fh+Lc$jS!lyKKyLKJfxv{1BZVs{46?a_n5`S}{yMaxZ`8k_EH;Y5l z|AED~DdG{8g4_c(wiHOVpL4ypbx&lX;juRtI_sAjN@7Yvf}dNk@mZRy+r2aRn*2g) zNGC_ww{BTl<#I zRNp4S0{V8RI$msj;+<6_csEB);WK=H;)b9Fg;Amd?N+SCnkhE0M^`4uinz#4&NT8f z@-8^uxDmd5+K!s%R+t38oN_Z!e8EC{qjT6PmYW$Iz1?{U1-DdZlP}%b#=*rUwokXV zwpMYKXI45}czT$ESRiK4F^!E&-MVPWN`ctM7*L|=b{mp55x*Uto5^r@PWnl79~LX^ zcbFTa-ort;bk)M-mF#16R+R`1MrIbm2iF-_S0C*;Ke$GutCT$^DJq)VZ^afn%~hYU z$+f4l&{0ThY`W?%{L#*+h=_5dX?@E zET!FHZY_Oac`*#;EQ3^cNzX9F7V2XUcJRc^XBuzt2!2tf@Gu;r0D86K#%#(hMc1RB z^hX5Aulo{F9=j%1Y1~9T9NI(^xM)-KRn4aOlWX+^XL3{Pe7}Edfuk1&Lt~PqT)0n_+)Pftbw}^; zGdjGZj^&Nr+c{zukCQ?Foa@2;4Ex2(awv8$PwFV>us&xQ^8`dKiQaUDo84631))&d zJv@}eyx=K5YiKMvX#5U?LH%}f_wt?g{lo(NV$0uusD(T$o{~0kcB8vIbSDF)?}ix%Y@qDY(JK?dpH*$H_8+Z{qhX4SWCIMwn6l_$hLIMJB)N zl_7#jph_CQkBGD`RTW=Zv2{Ll((gz|?V$xn%Q8L%bmyAGvJ9TSo4hE``19yB-Q}74 zQdFIyFU{Mj55n4e3vbNjaHUX=k52);d~c%^#g5W|l*HIK-7R{r3%@Ps{sWM@Qrl@~dI_IZcLBQ@%V2W^%W!to$~4 zO)fa{wldgpb8z@}tRr>)L~LFf!ZBb-yA5tXT(YxD7H`s$UX*T<)1AIVm6yvNlDU#H&4 z;s5Q3qEun!O8k@$P>FmadIH{6sq;$g!-o&2d3X-U7>{^|u3gs<$c-;JWLR5Uqq%To z1iK#_6R^(tZ-p0wn)roTg)&Y&w_ZEbIuPz7z0b5KYoj*s=K{m7gZ^a_GrG1>c2mqK zyb>jsbj1^q+-I1(gk?^EQpU8EW+AfgQ-5G=4gogkPMWCrJx*Ff;Do06YBEpS8)j+V zUSEA< z6SqJ!hf_3~4YWT9n{rDD0jVoCOB7WfXcFG9H+{P(mh~#l<>z0#D=I30ww~&&6#kOO zDJdz-%-A-1uD`fH2mypht1UO2Ns(uGLPUjoKxxvEFPQIKLT_FW$Lsr=Xqk12&G7|Ejt{tw9oH;d-=| z!EVobi$CM7Td>1Jd~}51%{B(4 z{AXC6+^4cinth6#P4keHl+@G8etMr$AoqBQ=-fuh^+UBuUjfw4c2d=! z;s z&+o*jsi~_Q8xLfun+mjU`}2aB7r>pXC!(^jaUVa$^q-J`k@Vs@+%p@{c5OK}C6#0L zr%ZEiTJ=ogo>p?dc}s;%i;KvSTiR=~zPq1yrM+PFCaxHBJ9hc`c}q*no~eaTx+&FF zRkBVF8?_C;2&|n941S!s&wj(4B1^ZOlgUp4%=&0cMoC9UE>lQrB8zGZzkDMOjSvvg zmejV@KV>iDPimIwXg57OD<&>3&cVrff%S!l|FCEaMGq@(~a+_~_{9L&mV0&xM z-L{EOZ_)2TZ+F}Xt$uyk2jX;&gDedj&0x^oMC=`{=>F~7x5ivM%jMCGakmp(CLZ;( zUcOeZvDcy7GP-_y^=?3ehrfNkj9mxbDs~#)6{v4$=)P{BK|pJ{O!wfDkhPxip zzIAt0NYTdM#>pZ6;E5E8=Aootdek-axx#a*QuPpGY=|roVVKH`Jp( zrTk<2_+!Jalw>@%-?fj9A8pj{F2+rC=g_!?#yK7VtV+jZdfMm_CUAuZSDE^eqiH;uu7}^nu_>Be` zB0Dx0-^GDB0Ta&cxR!7GeL|0k#<(`eR&%*@YrLSO@vZS&0y$PHj!PwTMcGm<@=?)P ze@=nOKI7Ef4CeU!+k>`=a>$5U@V*nP6BZ)dsI2|4SW!$UI^*13v{CNU9wK_CjhBz! zzXV{<@<8qq3e!w_t~~-2QY@ni8KrW{l*C+%gKgf$g0T%nrK2oK`l}i zr{ZF}i)r7+=O`O4#7axO=jSvI?&9&h z;h6b?iV-j2rQz{no#BjdStT@qE=tq&Xk%2|F^U57a^C8;HfnfbETGSyf9jt)+!$rw zABkqrY-l+@zFfxuU=hkUua9r^_mZxKR}!n?b;{SZwdqz%I+jnpJ`6T&YX95SuFKP` zAr#J&u14JtAbCk`$=}?qL+d0ikaAPSaoYLLaN-4WE31!zT9(&>(!-f|;PDe5AI43T zgR;mIT`Ec7kB;MQpR0)Nii9iIqxUzco0|ri58Z9dSX;1oT%$23YeM_;8^hWedr zLD}KV59eqfZ>4oOZn{{VcbZT2ZPYz9Q07z{;Uze3(uo!`KG2LDHe;>&CMIOY9Bua! zHyq5a6W5iJ1met1qP19W{YL2RbsPdUGLItA>FLHz`x@?iD|z~vyFx!vPQHKZYPnHY zZhnYuhj_eq_4R1=Mfa~1C0jeD0vhvdc*gSAO7*|=cTIX!FszMaSFR`+Hwj%?b*y-s zKL1hNiGIw%R_CO!)meeX8_u2rT8}SRYANUUd#?=@+v2vs6hdTS{O8#`mhd;cc&oa;RA`(FL# zx!%9t$6s@~e)F4q`L3VO_x|1ykL`PtZ+2PEKeu;zzH>2$(lGBg6XN<5TQ)gJtekx- zQL``FF(ANu?rE8m6pL58*r!Xv=2qV8-p4*2s0z*Ekx(uED3L|1R=jv3Kb2RZhI0et9UcI%nz;8gDfc{O&a8 zjuU#f(Htd@F_{v=xJ2@*xNsq~i(4sM8PI$nhm(cjzb+Z8P-TnHPZx|%H4F{J%yX%Z z$oa9nN@Q#vYe)Dw0C*d5nN!A(YpCJ=-aNFd0k}uQ4RSyHp`?bbSLK%LK5WCCg-yqO zo%bF(#FZttE`hlWs}t5mc&^l)ZSm$e1vO>3)34@o?FQxLqgpCQ%Y)hnv|?hzfpC0k zi+G-|RrYZ_h*kMyhtWhOK~}=>NuS9j(v75wppKBPh@vER0U^ZvB8hT=KyeEL2NJL5 zgz%4}yC?WP1JwFg=LezY3@et&YqkP1N?8tx1WXMUoWc_eC=&E*fnyiG8SNs-4lkT} zh4p=7W3c%==19fH+Y_&1r@}s)cgwMSCrmgsHYq67%(PxQp?&zdTOd>a0exhCz=qK~ z|LK9x)ZzgZUv) zrvl+dS3ilo1LcSwcBSXwa@i4mQkgX;$#;+R&`mMm1nvBbn(1+yaO;|&nTvI7-pG@O za~DQ=pdzsZZ0~>$f-%pnMRxVQ-mNNwA0Hiyr*l~skAi4Fd_AU=%j~-ZI^K(jy6p#% z?axo!VMpT&vbhqXnxEeDgpMG?lF!Jhdrz_L#pj3^-iIm0uRMhbs4{OLVrHs}II((p z(Ic#4x6r)YQdI`3oZI4pYZ;twK+R+E?UV;|1#JcI*#aL*aXvfOji}TM57SMG#BgK1 zWAQ3dD1K{;YoYBO>wISN@pBw^;B4^`P!bWfi z+IbqR0qdu zP~knwd~LmEi!V>li|9hJ#)%UlV{ZT%`zwbxcJgNZzjMeu)d9HAQ_aCe|Q`2 z_pdFJm%}%*Sg6#weoI%6l5OXnVqK54Vn##9z1tO%bVs5`I-VE=tXidTVUJD4+@l~a zuy?n6YDOCZhuRQMw7wWy+GHPRKoyCP`w%o^;$GeE6nG%HvDv}Vz0fu)WW6n7{!2q3 zqvF%z^=pA-H%3=Q@b)p^CPW6F@C)z{3}gV@I2~9!z&ruG2Z{$09d(4os`i|QOnh@o z|Bs5xH}Oo^4u!!0iUk0l(o?Kc1*bkJfa@nCp=)sc%FQ>VnK3sLXMgR0VWZ$hZ#lUb z@5uwq)&%0Y-IK-?TZ7Ki9|R4JWk3+t)8G}U=SV649v5nYKxfA~h*i>u%_@D%dyGKd z)1)UQ12?%iX(kGsCpf%@Z_VFW!QpYcK3(83-*;|T97NnM{!CYX)NEsCjna zX!&T|Fa*u2LpfZ0&MsxG<347|;j?|+C&@iMJukX_uh*VRzjtq=Oqd$%vj+=;5|M}i zDA3qWE5Qk5IDS%n6NtY-ok446WhLeqdfGa4?CO-MpLxis$E8t&XK;`;2LZ%hXQdTO zvFsMd@ZjWvQ0MXSabtV?c90fJdIEUB&CL~R5(?*czdd|L8c@YGS%Mxt|MMG;e0sfW z(IQmK0pnl5jho-T`~8CyppA6_ZA=LSIOjBFB_{(p65T6K_wYQETD3w85`&1sWk4|! zFVTa>j%u(AhjVR9&O7V3W@cq=1{8{ZBRK47cR$PGzj^uhU-@4?>;xw|J$l^J1kJwS zKugvK)2!7^Bq0t*n#bdD0$C?y22$7k4nVl5p)<~c)enb2INQhhijLgTBjmEO-GD1b zf}k3ZC;-z)Jm@w{d<^wK{+DI>k^f}Lfc1aR6m%p0k>|fZ!&nQUL;9^A{{Gr`!zSBG zy6a8Z4>VA*Ux81CW0ef_ET|&^l@rl}s3>B?a7_Hf>)6wEw@pGqLJA8DjkV$d46388 zZ5@VMA#53QS}>GDHEgklYjh(vBY?dF6epO&SkG%t^${MYi7;ytw+eE&mNVgNp&>=| zAwWgTCagG!8O3TfTx@+u)4*u==*OcxyFjkQQdIcR;b800!$Tp>oFNB~;`TVVq_q z8wn+lP4qf;bf-SWzwfPww|6YWsZ58S+L1WgE@;>z~>ApY#!V%xDH{P3bf)K;_grZwKBwYim%=BdvS3w1exP??N{k|dUz~? z8}NTu?T7<_%DN*RPlPLM*Ni}TpmtI9DfaT-jk8>C7ec~FhBZ@r>1$ODI_!|3kC15k z*QGD%zmehd3+o2Qiu@Hy1D;9=Sjg*Fg{UqUNJm61$Pey3N*I7W^1Taz&7XgI40e?1 zL6&BE_?!gexg|dGtEJgIXeK}cy&*HXi{|cC&Mv2KC-CP0`3BGqKly^bB$tvD}@Bd%PS_-2=(tP>~S#sn=*dr@51zh9}cU7_~4dVhOB}D zsrPP(maccFyawvSYD~od=Y^Z!GtyxLo6~=-sW{zxfzkHhHIYt4Fp~BCpx78f0^;jT zRBo>Ev?jz}iGeEw3o+QiM35wGCKtj!BJ|K6Y=NA(p1Sl3ieGPiYeiVd+?U>1K7gP$>Lsc&V&Of;Rw?F&)qh`i>O&5d+s$GQiH`7mZNJt^taK0RX|?J@Ei_e0GIw@2gW9_ciAP_S(?p;4 za_}8aw=GZeGi=N(E!AIuV#YGbl0Vt(co1>ge#ccUP$5II#mC9OzIw=WlOnXA@~Xw=m6i>yuNLic+3Whq^{C$dvSMxXcG7iTFM`rTw zBnWwUqUzrAWk?0NjLUG=1`>j8@*)RXJqRB>e0;WhbsUeu&?;9`5p>d(E~TLxiz0Aq zJg7-bFP*NrtS(M}-I$Ma#hS6PFpbm&hXVK_NAmLvXvS(BVbEN5>*jc>CX-)^V%aPy>^o1 zPSAYSb7{K}1*F=9)Ktq$*xI97@nqXAS2A(+l|Mt*n+ubAevudb2kGwOC#JABK|`b= z3Yn9eTl4azS?Cwe;kk*MbX$8?)Zq-djKew_?Zpz%`0dh)3KEx)EDknx?T)voF-OEQ z1_$xM%D<33i_|^i2E2d$B!uWdzQmC5lQX%Oup|KP#3Opu^D$nHUR1?Mq;g9Ny=l7r z*`?{vlfHxKi<{1mJ6OJazI^qIvOQ%T(E-`(x?Ej-W}f+%`#Y=j^s2Z92OE&&!062~ zBr^_g22}ylD=y0-k>*>4uQ`;z|7$+e+0zbol(|p+4N9*+pzL}zNmp0b#m{f&O8Kx* zcV(|m#{>IJYqPDhu+HVOU6x?fzWa->QPb-4MLrTFjbwa{bJi90#Z5^EC@ z5`IriOiZ|Q$Ltce+gBf&p(2iqPfk4nC)WPUM!v}YH6Q0_+3WyUsirYv!9HXfjkceS zO|ej2DGxFTlkBD_Q1VipvJ^=<@2xYenPYmEnqssuQa%G??!+I5>YXCyHS;lU)><-M zbA4St9K2%vYwL8TM|Gr>Dqq9Hddu2(Y0T;AplA{)BVPELfSA2|TK`nD&Vk)XX`{@a zbkdE~10U5QkrPW})}w=^%gV|qbLTaNje?}7;!%vZFS|SfpIEADNk{c@IqY~01Z{46 zDH4)W|Bh4EL8#m+BknW%`BZYE{@Pv(3;IE_wyXD?yX zvE;d&9lL)p-ula?L6$9oi~vSC*wymyX6|p#{ma{{td=X`$e){t$O~m1`*R(knHIGV z**ZB{V(eKSjM3R+k8-@L5wZ4^(vIjMH`QYMGUm{*N#ID`1k{RWo2STS4nQc+QPdkrV4-A|7O0j`qGR?j%uC^^!5 zz1niP!nQESC0l_75Aw5wiwIO%EmLwPcNS5ph}tHUzF9gJr0JA`0;%@)b|zl;9brW5 zdhnFePce>L&ZsS+*1lS<#7cFd@tAw2ChGJmcE9PpXlo>PW5kPaP3>Z;!!0vq6;;)D zK{%QtL2i5Su~(Uagi%6P8qTOv^}dibeb-EYk=$}O3Jn(t-JmE!+khi{1OpR|p513k z`-mGoE@@!Kzu)AEUa2?{tLPhd{kcN=Ibbv;E5o_uR?p#8r&^?%e3v0t{=I` zR$aG${pSMDqB~be!8YKO8DC?@a0Wfo&QHUQ@IU;vPDo;MQN$|{^PC>ukB8lJqD`t5 zwd*~~!0b0HO=E`oIcy%?mh>X#%At>XgpxHx36#XC_OXH^9Ac`Y!ixgKQ`(}z_sIN{ zU?Du_dn3)}(d2ul%%JQEu6jVe`LWUld|bx6d<5JVoN`D*XqXkZ5s?$&!}E`(Lgx4L zrrblV+v^glP_0?FHa z6Rs3|3n_#aqm#=-Crx95?fDNIuAWq~f0bYLjCYmOyjySS*pT#FWVA z(F_THG~`3qw+TC<7f*nfZnk{E7vcpG)*m?m8sXetLUm3<)bxz*zC4$LH0O`fl&oN z?h(S5DsISs=gA;h#&`8}blci>OxsDNCMHJPXw}o3%>8iLaTU#IK5TFF7sZXf0g?c< zl;Y#?v8p{5VgYt3CEOXZwpZcf3YlytJcy5PTG($!xb_60Ep$~jMarEpys*jhmWzdQ zv=DtnzAySJtqpkp^ZPV}lvW|_0i=B&mMuee_o%IeOS*j9d?B?SeEmOjhHvn|jtRH$ n|Jmoi*o6OkE&Kl|+h4X)XfD;9hxbGlfxiPL7RI@IPyY5_@U>ka literal 192356 zcmeFacTiMWw>GYbSwui`QY5G(L87EK03u1p00=Y+A|Od(lfyWYgMff!1O=5OIfF`Q zkA-liP+SH}toUGgJ4i`}^+HoikP6TfeIJFD-?0_St)_XFcoLYwaC+T~CwY z5Z9qyyLK^XUA^+lu3g;SyLQnL4(tQ}vPk#22mG;h2&)iC+5TZf0hUm-%dmp8nFxZhhvu^_iy?KP<{3 zm>(W^Aal~2ky)hcaZs8^voW^ffpLP6+4vlekb2@i+P#k1xFnrOu42?$^XpQ~z%08I z?)b*r50_YKD;zj>0uiulHy!=|^S^wU6T2>)xpv`jt@6L)^*_J)6&;-yAN{}Kko#orH(*2HlC|J_-`|S1Jj=S;7f(36-vAGE&gTQ1ZmYk`s2h}LP7$?%DJqf!adA0g&sWf z=qrS$r>9^~U07Hc#cE45sc*oaB$kglL0rVbg(O$~-Mi}-t4Vis|K<$-@r{{%2g>%7 zNBk46y^b;k5`mL2ZQjT<8nMc$;weinF3r*MzXICwc07pH*K*4EB9 zu9VpJ?aR?EcDHx=TJ$I)o?*`1o{(d0ICxyQv!LheFCi5b=5}Y|j}B4CUjP%_|4XJ= zT&Rfzw`}~zo417_$lzO=8OYl`ji@4yv0N+4%uU{5J2|hF+4y~w*o-z@(UDmp+he^- z&y;51u3Sw+C)Q%<&8(Xna2{~x~YTkiOj)HxiRO1@Io)o)j+}IM4mRx>SLsZ zg@xVF`;!m5OqnFRjM+-r3qukHE?tl~I5pWWdaCrc0twNDs|PRY9^QNCX@YCm(}6_) zJI{&c9q)If+`ndWsFmnb<_0B~HheU%7OCVUUZKQhZ(CWJdZmS2oD zbsQ-_cBIJN7o}{*zD@V#>fbUj(2V9&5lC!T7mm{+crFy_)rs9a1<$Aunc;^IOuLa8 zWPD-r1k;O|Dyar%~T zh?m{5L6k4jNebp2nF>qq?@O6q&5(IDSc@XbWF>Y!tUNg5R;`|V4&Lfheu9Em|syK@?zXTs_)IOH0d{_KWZkI$&4e;9UfQRL~YLn>3C_5TbaPvV$9Wdgg{pb3@Y6PvIiipe~qu zw`{ljFz0^UAX6pXK#a|zC5%lMe_{`cl5y6^#r^5dbnlt z^;6|6bt1T=P6Qq0<(izF6!1#3&d`B5_zxciPh_IbE##EL1K(rQ^mNAPWiD=RLbcH{ zK3x-emEakFTQ;U`>cU4c-JjfTWN$^(bei+mX$}>iOfb(+{%!ND56$!0c!5x&xJi|m zgXgzl4?hRrKc?C5^c@{A%@QZBpRG`D&&lCXGe@NQQmfwNadT{Mtwk>_Eq$JJj%j<4 zm7g!>s|c4RpLqW>$;l#`z_b?n3Z|=cUI239MGac*89PJX_7Ovgo_b(F-FxXlR6AW( z(LB)<+`_3D9r5wWe$7U|?TYYex4_pg1mI$1njyeQ7RRW!Fr(n~H99S2Nl#gMdGyj` zJ0V)XE7X|JLr=L#)IO`4`9$}^-n;U$>cvBBR=o0ZQAxMhF9#h7Mb>-0W~#T7Ew2y^Twx=(iVVMODvL9wdOsw0wCyOm^ETBr!1{VMcK1UvIp0k3jdR;NWR zg8A5+k5Yhxym|8`#7C7sNk`*K(cy*HZ{Y@)2#^t{IT>_>!gCq~I}0!tE#;!(VyS_A zBbLE&@&o1VPxv>5Zx_r(rA#3kJk2_qWqI?aj)LpGI`V{*4Wg)`Lheg@`>Disw=0yN zp9t&a_Z;czDXSWtiZEls0oMb9JpJk|kd5oNM2Nr(Nr-#g zfr1d+^m<^w#ETLPDs{pYmkqAC>589$rhWPoU8ioOl(Th4)$~^%1DkvS-sl7OoB^Sj`Ots>Y`Qh4 zHcUeFK@I>;(XF%UAS1{(DitoQUkUYaUyTKJFQg7VbAKSh<)%dhx9W*5H8;Dj{r&1B zY<+fCmH@-Fr8MX6`X~3I#bGKBA9mOP;Nb9!n(zky?F94B$p=QCo~9^S*g%dstsw^{ z{)u&b!X*%*7Dc;j-kvE*5_g&z)@**kw8vuo$M-+XK5{xfKHklYM-;Zz7C~Mc)~N;8 zYwdXtJ%P8{F>cGVH)24I0W-gs0V45cA`Y2*_eXtLrD{+ ze%bQMfYK2Rr78{7U6-~D|LP-~bzUS0tgw2tB%nh29RQ0<=MMb^)$tj2J-{QKWCb&qA)CiB+jSVME_IcD6*3{`6 zBW=T1${Sm;^Kc))?_uudR?Ih}_Ms(59bPib z$+b4=cSRYK{DtMp?H1Qf5RODlGh@RN_RTvn|Nh{qVk=}AKXo=eEhZ5l6H{UFLs&^Q_*pRQ1ID$@W^jA|1-pw-U@q`>qT1rLC; zN7L)em|~@iM0Kx!aNT3A1#5NRZ(s z`D795TNzT!$tAKyHJHo$R- zFTBBbOT!x>8Q1oTNd-Rla@Pdh3-vq#?%o05UaJAfn>TNAb#GzvNTDm-^8DQaSVu=s zF$eE&N%m741M>08`4NK$P7Fc}zj1`?%E$tj_!c6rTrW46b+i0vL?P!f#PeAqp z(s56pty~}X@`ZY@JDPJ-m&(f6++`^N{(jV$Y>WO82433viuCIeDWN;QM?;sEO!5uu z3$^o!<#f7qUMlaL$z99QArS6B(c;~^vq1GZFkOG=OW|dBBq7uL08rtgeJifPG@qik z2ycYr!bo}XqyBg6BeXH58wrs<4NJ21m_-x2iT8eFef~x<_v774K9pzc^TCo~8K!I3 z$7n-`XC}eF=H-7z4~ytUG-)tK)qM2L_PlAUOr}z+$b}-=w?<;q*8?|33RD=njhism5j6>S8{u(EVuo7p^INS zQ%*vK^g^M`0pS%ryqt(8IcBiU0SQ#zed&7>VeF=G%lnJI<_k5Eyq=3`M-yX(_c&Jr#gq_Yl=?|3{XIy?0k-OO@$ zoUy*i=y2_cd7D+VzW*6MFY`NSm3L>`37tfqcx+>irlpu^4@be%3d(ZAKqtB0Y%Faj zz3q8Rl88=7UlcF@w%1xjKLfY9VSZ~oz!j73>*ORj zXKyR&9^p@$%tg<8wp+BO3ONm@L`7;@1h+Uk_{s2jPfhwNJi>ogAWnq7C4P~eBYdSZ%2X9i8Q6PxX6X_elJTt?kKu6cs@} zUoQt`S&NSjIO0S$x;5Xky^pwAuFx9I#bcRN;z54>x~OFmxx%Fdd^&W!T{}u=kC*S( zYUJ$fquup`rdS4;agWCbf`454U8cW)|2g^npg!RDT7bX!vA{u7fQ78#EdZt46U4)d zXw!wCC)<@w5u~A0Me)h(+8#t?CrvUk1OwV z)D68a7K-w1dKvTE(#~4VenKF6hsQca!QGI$;Ef3nTInQD-*m}R&IrF5&6|N#JJ>63 zJUrx7q}`=@R>GSgC1r~(kzte1#GQ1Sl_FSt@9ig-lW<>|qDF5ZNDRUKEh4zJoT`oV z+`i9ai#$q)r_0S~v_-$OU5Ym5b!FD-Tp3#{ozWWhm|2+~q^XfR z=3k4fL&7oX%!z3zJLOGEs;f?krj{$YMk(jD-U8Z^$jg$L>T*lWu;fB|a`g$XmHeo< zXs(pS{^e5k!_y0`O=W6(ys~FE(Nb|5ZayfKg%|JTSlS+|44IP-Rm+pa;_a&fDJ1Vv z8=L2(YNPPJ%D4}N(JnQ)MX&V@51XDZ<29YP*)v`Q39(BW*BTR0vZoK~vWW6SHD!vr03#;3g}$f)1?$6=X~)Q{+s|c-RLQ?LnHpC zzM3-mqc4!9?@E*#mO|SFGTK{kv^mG#AyejiTO+wxzSrW$cu`#SNjZl{y69Ds%T=Eh z5|(S3y(r9)y2jtT7Q1UKQO(Ind4>Ax`cBcJmc`>XU>3oxnpjUgu1wqL?t1CW#49@u zlwxg*)-fUSwi!09&U(3j)#FDh*yE*DMTnIMj(&^0 zqs_Bt+n32tiW=n8Gj8(ZHpvAuRj=AsIx(i4qIZf&2MCic!|R*4MwL5-!^dbl1Y;$! z*lsMEhOb+nigt+PbV+cXUkhjmZiYA?KW%j<%2U{TD_*}rHuk_bU6fisdFOUw>hWA& zc~#YwaI1M2$~wmTDY2wad#!jl z`_j|cMfg=D-ifyNA@DcPv%NCllFj#z;2Dr)XcD^EWNxDk0708foljhI1%yhf%D|Q9N8E!|WI_?ZTN@(#F&!W98*fSyA5g z&a-ih{7kRKU&~ytUU3@ZJ{oyBm@&k5=bYQdi-cf8jFCbyu!guq;eshS0R;5+Qv8i1YO z+ivj@e>*w`V1l@ZK4l zANESUF)Lc{koW6jda3=%wNt#nrc7MX{rEH6#vS7>l?$p#|;x3I?z z%xKrg_mi_aAIU^5hhdD+vBIbK*`AXhsgx!Vn79nP=jW%$@q-V{bO zZjBUGBwc0>s$KYKMd06=5-;|2G4|QsFaLUX@wkdRYqxgRJ*^K8a~7I&YHQE6$X(ic zVUm7ZYsC*XMxwr((Y}safZ(&fh#_6WY2(ec@)r~3ccd2m9%!JeP-b4&QXfxDuTQI) zrZu1@0Og4zdEcbAGde~YEho4|PA(FF#p9Ot1T;Ko4uQDd)E6WB9WIQ%*rLUxA3JouQ2N@n9gXv+pOfm%2b{;-84>Z1G(1LsR8ho zZe)?HXCX#uGK50wi#yMDMO*u%a1?h9F#NvYVwKFbkJ`Df$jZCxRaj-x;VJ;`pdbiC z_ZRf!FaOJ1tebO>7nG{jFr)}188>Z47TZ}`i~%ytH8!$2WQ33mtxR*Dzwb0O{SiQl z{d3DN0x50Hw5>JUK3gGlPn<>z8tdYqStWkZ-*;}=phdsXH}h2f3ZQ2!xe=j^W}bI^ zNbD$d8F8xRsg+JtrP*T>pA9AXW~xwLMG{dEVA4bj<{-JvGB2YeEbK5@z=*m z4&FW~?F-i11Pz8T3~dF90pq;UYUd?+GnyNB2!}~JO@V{hO~Xwjv;5YM0X9XW-_Nh9 ziFa^&45S!EYlQ|MiS8)+CHf@f%aS)UY!|iBi*}7Hn4YHntrT`Phx0Ta zRc7frP5vBg}$I^}v z=7&mjSIA!NJGr~-&#-8=0{UG>*q4}&a^&LMSvgFF%SnlB&qgmi$_dQ@*4R#9ABWR97c694nhqjgu1! zTdzXNZAIH>W1rpI;u(;)zjoQ}Jn<{K*{KO14jz+lSn6kRg*T(|&hC1_{1p^QO)ZFV zk)^TP^O1~$brc}+JlR1EA^z*pICOHWn&wfK=;rO3(cG5Qy`uP`QyMLvxqLlL%sRq@ zi|#ZFN!KdJ`Zt1~R)@|@zII#?%S`k*%KcR&)^>jSD&9xy>yKsrYC(;o3+((G=nQq^ z;32wTGQ%6-{qUmP~EM%UbqC*H@u;*H3I}>hf@c z4Jyt#dAn;Ci3>M63JlKebbq`tT3SOG9^Nc<(MvzxVlKs?>fjr}F(Qd|9pUaJ**N=9 zOo`2ID4p=hyn)yLA~b`9f=BZQNDDxF(jVCT5`bMSbX!9$Vop^aoo3*YIURI_lbO!T z`_v2%+|W%=QQiYr(wi^-@DT_GAZw=*(Ae00qYe#gGe^S(@vC0~kW2TON0qjkL&@YK zs&eF~@-nvG6UZ$xfT_w1e-jgrsfno5xPx)%W;0W_JDS%W=OU}7JKD$<%hBQfRLq=t zPp>Q)TbZ7$v8}rFIzxRqC(*)p0gdzj_UqMw7@q{51(%@`A-s2EooISSz2MGDpTVo1 z_l{Hyzq@y%SzZ9rxd~v^J>Ftf2AkH?m$I}A)QU36X~?>QT%O>*$UIb_w!UNxUd zBPaZGDe?*lcf6Ec3^#=Ya?@zNOSpRM$=J%oKYJk5EYU2d5X>?xK!&YcJO3l`rme zZF{~7z+&Gh!Uh`NgP=lK0%pp8Y{()IP=C=o`5{F+-ztESkeTrD9^Ta!2Ys#_jfB^}qg6Gbt z7I=s;o+^*&>l)(e=c!g-iZVHrK+6{AZUu@YNeo zKuber`yPdu2B40QH?ib6O|+Srn>%%4WIz6;$is!+Gn_x}?xk$5DGJJN1=H4jH4W{o zSk?!KMPbd0g~1uP8J@V6?K!K$5Xh|qKN={xvvn&?h1?*^lT_s)7PJnM`b7#eF;)2t zc4aCK-&&ilW454~F_L_>P{pMy782=k;+RF{(+BnckbiCfS{m|utYb&1f7fTK&67|( zlkVf-*OA;P7Kux9?pUu{9YC9ds@FH%V!El zo4Ap+$nCT(!qLhz8&s9VbY|^@qR6e>hG%{vjNB@MkYqt!O?b=OQ!k(4ax34#I!sMf zQK{Z>X|2qP_!@_qxLPQ+{q!jrM3%nBHMat*G=-CAMVFlBwk2t#(X{eK;NpDUTOW*t z(a%m^{+Y^~n)3d>*Uz=!0#k?wg>5Jx#k*^^alpmQ3MOmDX<1p>7JN%M0q5szAjq2! zm7PhH1CoL9UC+AutAp9jB7;q;Xy`p5lF-Gxxy2W3TGNa3EF!Idz-dS%MjC*!;k|yd zd)S*lzuXqcz_g+pso_H=)^mm^?>dQt6XV;TBRr@{iCG|f2ioW~q>XZIcr9%tTHI}O z`koZm$1#+xkBO|Mt@}JDx;V8dYPNjO4sJ#jHk?mSF3z;DbH;^Q1hq1tRG6R&(!lMb zp`wziQjx#!Y_~*?@fPIVAHPQ8u%NDFCH2stq*ii*paH$9zbAHs8dO&{Z){ z1VROcF_)YLw_;3Ag*FIXtQ2&A!O^gwi`LL}v+MxuuHWLhUjvxmxM)81&Xl{^Spxk1 z@sm!Z?DK>cwY?H?*GJW@^z_#5-)x`qcs!D?K%>aJ0wF}Db{5alM zZx5<z8KpHusGU$#Ffy;#zgcc{o)_0f@6FGKm-A)vf~DkKS8xbh>|V z5beK1#acg-a19N>8j0wIpc*z_y->_mZCHsL?JYO+!b&+!9SlaFl)c?kQ!UQtL2Y@V zSgEQ?#>y|A%S>!uQC&@6?wua@r%hq)sUrk8n)mn_&zO1Mx--#7vR$H0$7?bVYo~_`eo9nkZ;PRhmsB5nddaDl z+_px0{Z!PVr$n}PEP2963)v~2f>MyHMls`c=)9FKoc*#K({9;owNP$oE0Ge(*FRa@ zaOU9620QX2+wn;{lys)s&6~I4t?=)bMOuD*Z^|}n^aCm<>+jGgIOqQFgvP4^x?pQR zIXPM2;Pf`h%|Aj&RG#M+A>(S=BYwjvq2*-P*cU9{YsO-)W*KotsG;JS6Iw=Co&!-E~@bW=~{Bcl*5|rZ5 z29wCI-Ud7C2B(jk?@%{DNkMuTsHE0((_Lsl)@Y~FsvBz*HdhKmF+POkZN9NtW<=48 ziCi_0i(I)|V3)-~etWHcrA&eRMv5HcPc=&Q-;9}=%cfCE7X;izbU0c3-6oCx6@ z8$ZUP(egsdA}c3H_}#mApk8Tje>Kc+t$7P7&*jHG+F>@?fO6i2-Srg}6*8HqH4u9~ z+PE;z24DeBO1a)6DXa{UoqBIr5P}=4<#SY3P-Yypoz?ub@MSy$VGgfNbMpn+@U-C? zh#^ug>E>E_%U3lcw2 z+Oo2;BDFA_h+jh~v;I*YPI$iNsmGqKsEGC3aVoCvW*fwjuYet>(k-9PMdv_h*9|0h z)M*^?nPK%qUoq2Rj%}~O=FFXPa(5X!!GN}QwTxB!MmpxF{KX^HAR%XG7Yc+O_1l)7 z5nKamNDmtuu3_WRp|7Sx`EiI`ra#LS)6dC8amXuZL~t;Hf)=oyCj?1=dZnhqpt|la z#k&8&#xnb$mY7X(>5DLDIt^5&XF?qS+nXz7YWOlCcW_%ujy>$gjoW=2!c?w~)1kF1 zi~XnW$lHaO7gM-QioHz*LT!0fy{;aa#fg>->i}0dIVFi?os*Ms+%M&G6~`e}W=47Q zE~I=e8I*98LqT+nuJkTl+EuVsYFTld&|50p`m$+%^S6&r`T~&Z>gqs;l1UfI91NA~ zxCJxAb9DwgVtNf1b6}F0%+f>8ue}DlxVpN!H_XiV8|yspb{N;41=UbWbI&`&q19Qv z1Qp=T?i*}P(c@r+YEGe&lYc4aTE)N9gIhO}S$hbqk^QX2FT7oPlClUAkGM3@Ge=6}H%=+gofc~JB0x!W#q zd0l2WR38!(DXk0hL(={zFOtcube-vavHgoLm70UjE)&YidY4nGJLm(M$URA@;UJ{q zl8MjAI)^;4Mm}W);8IMitgJRr5zv9@g{OHp;aZaw)VNx=H2~UQcGG2dryl&X7T|yI z!@uy}d;Ihe6rE)YFTURt^romN8i!L<0T5wyYw+u0Q+(Pr=$F&fe-?KRu0)nbaq>Oc z$8gQ8zrX(m63GX8J0pog|Dc-O-2kd+dL021N)h*zpo*rK*RSsJf;J-M$5d2)@04SP zo){=0cKvkOm6zp0U8)W`5&Xj<8qs{bASJzFlthijXo9{!vwv?jHUg@~235f;bA#wQ z&t-h;R(f>xVFN%b#Kj>K{i7V-=W&sO#g}dlIXlB6K+pWcmOwtx=YcdbGGa%*d<(ZY z_VEd*;_kN^ZwzKJj?$o4J^I8{?8^H zBXo3B_R*rb5F(`Xt7hnfZEt0L(8R35eg|e@`?vCA$GW}6kDJ0QIY7v>0dxg?d}L(A z90Z%<2W_!c8-YZ^#&CO9$va``VH5d*Vpp&ruDXF!IjtN@S&pf4o`y$w6wZNKVbDkl z0tM*#{`^21?`i5{+nEfZ+28l?54+iqbt`={z6a-*p;y*aAecdi0g%iOJ-zf5q_6WE z+5|?%j*!+BaVTn*vsc2j?1NsJehOx0R)VZ7>VagS)qNKLy_2ABfQbi^e%n|5gLqHQO^V5L@ z1)HTGFI=q~A@`un^oaoSn^jk*{FCi*lItW&GIF&3>UIC~Vr8C(0$;1ClnBffG1URQ zqFj>#mIG?IxKn7tiBeV;P4{zh`lG?lJWm?xH*%E>T=l^Ic6onmsOFKd-Fx;me+b-@ zT~l-6?Afy*FGDpifBEvIhCQkurkkGlkqkuY`iIXYuE3lM@55!9P!+u$wodU*5t8>X z+aMZ<2chij`5|B4C4+w0aqhNRsEb?+>N?F1UX3I~^DsBuMHnVQ4L}e9aLrM@9|Xaig_`FG?<+-y zVj6#VJY-v%rxdDIQ3{oY%9 zGJTK})t&nHJ>@5?x!MEsDy;W^2osAl`wq>Y&Z>OanQU18=(dhOsB=@vQyq|VhyaCo z6U*^w?!3YpfN4F^g48yyt~uYUZaN(OYOT@JtRRwVn`tS4%=;H*(!G(#wlMRL?t|d4 zhzs9yUNFOos$g*H-{P6-FTFgbbw$!s{EZnXjWOjbohpdvO%T82wZA>b7}Vsa{gQdz zI`opQ_Jc29%qc%qrTjc_92YXd876%qfaHFM4xjl<1d`*VKuV_uU|pNeum!|#v0Z__ zKl@qVR||!;R8Y<~?dxx?V)7+)e^kkakgU=Xr!evCa_?g#z-SQqA&A}zSiA)@=+V1_ zKFdmNfjuy7_Sld?;A#l+?X57uEU1$uh%!)U%3V-UQ0%j@Wcc3aa))V|Fq^n-#6ag$ zN`jV-g2U`IOg6h$YcAU8he>R$SJ_kwr=1+sIp;7BT%p=HcHQ@OK}LC`!az8Xb70{HP=( z^SHp#ts_SWF57-i7|weE)mDo}q(NU(mxC_;iMX|u?eC3_f5(af2S6aP^|erf>ss%% zPJ|MLGIXvu5?Ui;s1GiAXW=Ef-EOCI3{W()R0Cn1D=2G6}pq$(bqlsz(Q`N^w|6q|{Z22hxz`eE?#4Jj2#qY64V zQX~Hw__+MH$c%-r4#qztfx*6VRp)eUdy ziu($Z=lNkDphG`$4V(^9@M-}j0|`K6(-{X*D!_qR-|IT`mrR$4K`!r^t>1ol(wM~J z2>K;@Et6&Z5tCg`RHiK%oBWIP$pX&~&dMGk$R3%o-`IN48RU{&5-bIiksUbp`8CkF zC1eYJc80@v3Zitc^o_a)fjUUI-9 z&#`RHg&tw=;a78q9?*FtvB(|43;8?DlNgA0ij8yE6gmIJy#LlncyEA3IE4+ff_kiB zJmeXX&bXB#%`>{`o9?3McX;oV1d@%BwiwS=*jqM(=2evrV#v1}xtD!F=Egl^C*__x zVLC3rhhV%4q#G$9+blm**$FppT1O$89wS|*QZC=~rki{8i0~cP8LF;rPH#Y0eI2upS92i7a7Wi9p`L91beHCC7?~I)CVOU@KbAHOgKbRqXpokzJKAn+S@g2jpt+G( zS=n7e)FysK{HG}Tue0$tcWDa*&Ur7!u8+^lo7;B=rRJO6=~X$( zFDt0QFqaXxA_j9i>F0PZ)I!5+yoiCB&Oi@QWL=-DYee%C>o~#m8J9Ug)7R~*dTfhf zyg+^K#XtCR`kGiUK7$%vE10Pc#MM&|beK{dI?`(er|RqLjOG}|>jl8n@i*;TwHfe< zg9{GOnLGyI(4VD>CM z)wbbeHkk41XO!DG0fxg^IUn&4hI13h2C2?>BVdC7{nAyiiqR6IH~zsY%7Z9V?NoLM zE)vlnn1D_T-5IZD`LE>X@2)iBFpwYa9JT*ci2^VREVBN|KNy7z7)7$E72iLY z3kWZUj8NdEB6aSfs{~kI2V-x?eiT~Kd|D-bi$2VBvt^ z?s{C8pGB~SrAiI@o2fVY^T};@g#ozdEkdmLSrJIRHoTU*U|x>_CGxs#9*Q%{J@E6v0E8+~NGAyeO6UK(-~JR1{v>jLN$Vd7z0ZH7tE^^q!|u)a z&~)7wq-9Sf$}@teS2E9y0cO4X?|C=4vmwz@ezEQ^-~X3O-7OZF`>-RNH7}1l&3HIZ zS%akZ%4jb6->jx&4*zt3Wf!)VppnRwf*ZrX3n(#{H)Xx;S^mj_Hh?;d$#z{O5%>#Q zX87$b=Q3zpo9!HUJAa!m8yw1mFBkv0BrsQE=_1fB_#K8h;eXl*k$;`D8L#;IFIkSH zB@V?`W_kma2jGA1vFTahnx@-9X)qgMAXsxg`{QebXR*1PTg^kuq9u-c+OyO`N2&iQ z7W^-~t2-W~^)*Wi7r5bn+JwnHqyFUeg?ag2H_fAq+^2#m?Hhb-Pz3|rhnn67`vG~_ zd>6RqoCDP~@1XK}isH-&n!i{-Z{hy^e=&N^l1co_Z!>&lAy0@wUcwcbfK|b(aW__O-@Z%R=}_EBD@$=59fB@OEEjXMBg1r^SU$xkZ6e@JFO{m#-X z-ea?6qoBgC1VRIx>YC9~bCE~H#}0Q|;;dc2uh`FS8JKk7LJ1JgH5+&_Fn3lnSq|6HcDB;iXH>jY4^r)W zN<7w4v?ARopRw=W=#Y!?_9cnB2PUp%W@er+&^Cg54#{r1lbJ-Jzq`HhCt?7AW_SV$ z{}fM_U*$fiyoIN(FWZKXKB#=6s&G!#>qGkQgZw4){uTY}l8Ge)Ft@0l`9qlnil_&3 zpY=p8otBs+OGi5u90Hcx%w}sDIHTWq{BYu(@+AqHiQnT!tkb8Mt%^3J+{tI!;1;yO zA0kG^S0xia!5*<1G-8)QJ(wH+Cx~=O_mHNhrZQ9;j(%-9*01e~^?O}T{~(yv9kaES zn|Rz}FL@hml6P%TKK`8LvRfxuKDYn242rhco<4mVLq)Z}Kx(f^XZ*QXf0GaeQi1Qc zXVkj?0uw$JS*r@wnS zv#?MiHbXGI(z*YgVX?V7WxD6om-a7rEtG7bG#;UJP>@#SU-a&**Xlgycz9UWt5M=pLU`r4<54wN0KjuN)Sy9n5zuyqVW?1IoKojR44h@w|jh6s!j;BSEv z(47}|^6#>`m6sPUcPVLtl4q`NQ8BUO-E(*p$pfY(I)lpYL~UJLn90QFJ%K^H>%plP zhUH#vAo2g$q6BW=0tKu4D0d1YMi{tz1E3Q0=g*&m+fRP|^;ZfSek@c11*W4h&q#3D z&X5kc_V_TkdoYlC{4+g8F5fI;9|fSonasqDqF-;q+{w3&0aPMva^z{?NXOaOG%jAexJiJWQUyYXnk`)Yyav-! z4%mU5k@ytCR6kJE={0BjD9fM-c@oSXDG>JTLB~>P@9l)S^Z(2W_?f5s_b345fx6)D z$h|NF5xq0G;3V;|x-Cqf|9lE$3(7TinxIA;u?HNLTC@i)L{|d=x&3LDEKG!+fDDq) zv?3dXzsx{zwe%p&3!Zibnm}6Kr5-Mr7W1zKL){4Ad~Z+CJq5c5 zfTZ47cCLT>bHkJ6tHV$cQ#Tnr^#V4{LjdMu)1YGH^Vno7n9koFMQ6|1t&R5t5Fp^S z;6bhsMw}o4L1}4+b=QBJtDsm8n?Gv-{hyhcNa^p{j8Ql<8P|;$(Jh2)kl9$CHjOi&{;Y7=*QKM5{l8sbnWg3;A z@cgD;6o5;)>UuNUnm;=19jnu)gBk6Q8bP~+-AV*>@6c9`el!Ya$`{Pz^Vny#6m3=h z(2B3liO@Rq{{Ce^9kb8#HdD)v32{`0KOYGRkM5Mdtrg9}t zuAog@C&^ix>r1TzzIpveFyosH)TdApb#S9KkKZ~i^m|hfS_;im-=7?1`Xth7ZO z$G!Xa@5f={!UKtEwD_-N;u@Ak#e21*C3fIM_ZeWy7beR+tzr5XuO9HPCezUUFf-Hc z;=OmzXAV9G2ArFHF>H6Zp~fYBWzSF0s?6LqKz`VTGNM>)e2Nl;Y+z$N8yW zH{GNyGS>SEH-7o0H-~mLww}GA`dq{Ef}^}57S;Dk>xPL54>8r(Jw-LI^FUb+uu9w6 zyKpZ%+=0*>W2$rpUSI-c%w=~FlAs-T>ICn}EY!^F#FoSUJ1!B`-+o>Hnj7^_-tWiD z;H)yu==BK^wWOWGQsATBT6`NVlK3F*9nr-)!YaqPdmrR**;D%{TpDDoCo%2C1-HA@ z*-#O4YLye2MB529(QnhTy47noJJK6 zI`+`DB#G$lHU56<=Y=3eMfz<_dRTn_G~~NBZt>M`OC99Tl_S4jh1`|uS^(}$YC(E0 z+*X_FZI_5v4`*vxsMO7)jVH_6nt%LtZ}D7VEp!KUR%y#~07Yi65K>cd&^)q^*E^ zQY++EhpjTaNPxS0Y_AMLXX(x8PsK@bsQP#Sy59WhsiTIju3H3$lzHhXOp3fD(sMHY zw76)v?cELQ zEo+6Fiw}EhMKY*v)ah34J~xm`_Wl?Hk%OSt=w?|n04RGTw|whRI2znK(jX|TpM1RD zdks6AbRM(u2U54P8klf4dM{RYwyIFR?TPH_yp1RVmu2ZG&n!E2^k||78+XcGNx(}W z=P_TJNXbT#ki`zBZuzFQa$QQKvGp-4HSV@rYJZWh3b>7(vvOzNY9;W~a^q5e2+$SU z;zZOzvM~GN%6?MAT$ficKW#$938O-jIV&a>;ZL=&N%i0HlzRLj;Kk#%*T&UYHzKdi z0Vm_-SR(mkcMpWxn+%?+Fi|`0GC*yYvAA5A+kD;k>76;d+trmN_w?~G)t7duiU7gJ zV(C?iyN6oRIa6kn+6SM08**&iHlON9aw1oeoxTOD@eG={xNUQ>`z@ycJbx#X58Yn3 zJk=Ra@>#2uvYUQiHDBW2I*jz1nXJ0k@q$BT^GB7({1D`=8_PtrQhP$n$^HDPQNz-i z5b~1q%v6}-9BQP%QRBVS=N&n_A+ao&&r3lV=i{Q2;$_Q4(a!RZ^mS(H*2WeY=juf& zk?KSp*1t2(HvQUpaJn;DR*AV?@Dqw^r5YEsFIT@&&D4LkptAMbNB)qFW%lN3Vj6pH zn){>F%@)bl^BConyZY6h&cNTYu*LTgjx)WloqCD-QIe_7*HYaEl4f2!C~EK(?YoL( z)>Qu99EWe(&vT4`j@E9}$Hoaht}5`{v+u~zccllr0$0JsthOZX_i8YKz7V?WQFgKC z3{1BxOF|R^#U_Gic@#ImR8QM#%f`QNIvOroROJ)AlXPypKyAxrz8KB7LcpkysE}$m z=8YMjA?-+8XhiUOJB_*aMHXYQ-hK zkrCM=(<&PiMHYCsLC7^7c$`0<9QDD9@9}E;u%F-Sv_l;^r)sOPHp`zjUZGf74UW)v zFfcUaXvdneoww?`rn0kQrpCw88XXP93D?FcdP>9UisKbPd`#rYBb!!OKnr=6XDkS> zSo9;#cdh@jxs|a)v2vpAVZ7oj&mLK?a8z;PTh%vi+?$Lz1-T>BLjF5TNmeZ{4mU8N z`MmA2`7%^js}$BVpUgf9Zp+N+82ug&R>&Qk7GSICV+>Psn7#y1)pS~#7rLnxMmR$l zAD9rx9ONR`bqtS6XRQrm(vAU685uf=EWNzh`pLEJl`XjR4!5(4A`fLZ>I_zGrF)yt zezlQupI7fG$TZ%raTN18wOBK^SVdSJHUAK>o7|SI%F4erq-inM!tUro(m{}70kU$l zM}+nS^EViE7ZitzGfV@uS-!!4+|5{g`$toBv;X$ArW1{_m8GAdIB1Vpyk6Em6Q}rx?Fs}n6nuu>dxb;t^~Jh!+rb=y zL!sc5Re&ZOC@jcX^F(5en}KcA^}Oe?#dqEOd`xeoiqwBK-0aGnN|@$-b$5D4F? z^SNrF7oY62chS?P^I|tSCp>W503Gd^RMNj$iSyIcsa>d8Uy0Mda^uF0&FzF6b)4ss z5#g;-kuDe&5moxE9OD$iRR-T5ZQenewAa%75qAp}8mg5!w<-*BwU<5k+T~-PZ*; z5t+Oo#*8rG24EO3Wb!r702ySj(b0t2mDkNiR}Id?#B6LOvgN2%Q+*!bKE_bX`iWC# zZvG@wo$~s6dmfE$$;f6Va-!Owr&u(HFpZil-PGh~fvnKPefae#Puy>~ogcw!&B3aa zmsOkI1}&aMe<81xSynab$CVq`uXj(^CD2m}(-frqXj^K{rx?}B`ZwE90C>W@N!7J} zxYjI>M5LEdN3x32V%2uVn>TNU7KeDpmwV7Y7r;#8*0Hw@>`~MFv~_gV{E{fXiVzjK zpWo-Suzt;%)e+mGO~uH)6fOw`m#L0*Z2#aDAhklFX|unA&Pyq|GW+~SI>H+=^4x}c zxJJ$kjJ(h#Q4g+>>(V=eTcY^n5}E2NqKHBm8rGZC!mh6(9>mDcH;8m`18nmv?jktd zpd(pU^r#A@n}X71n63xkXEVL{!Xhfl5xB7&$#raHS@Y$rb?zT`{$iFZ$@A=I_x;&>w-?y7 zuFhIgIoX3t#YNY{r~!IDGaoewU%)7(MoSe=RbZF#rbZUWHMu3qe77Qnjj#X z@3FQt?B2hYZ%HUFjgtG#_r+6 zF|t@Z6O=>T#CHH>3IdksZHG&jdo7OguRPa%pGa=r2HroJCs^<;q z=;)9my>G3jR}nu0>A=|e@>EYng$Uw-FCPFqd(8~MjqG|LAbe$SN2M5C{zb+Iy^y-7+{OWx;v;HJ?^-f~w!|ajpxc5+1+k$LuV(9+HW} zs!&p+RcXoIYzy-#<@0Cp!&T>Re>vmxqKPo`DK}76iRwKl~dGc2SkrD4!0}TCR3tOv)K}lMxLxIb1_VvveZrRb{(Wv(@IRI zb0NmRzn)%g>J`j1>e@=YQ{H4VmEeU1fq#)gBece#(I$aa;00sYQk9FZw^dt`$Hsgy z$PXmwCgzru$fawSp5pbH%aghg{cJy>C7z3rfb@;?UAJ}a&-jpT=Xku$Yb;O*KdQ-l zwTGj$$0F|mX{=HViSS|q2q9zB%6_TRtap3_LUf87zkAMh;@(p<)M2vrFa9-E? zX1_sHJ%_b$yMFW5t@IjBhR#z})a~V-5AEgkyj%CSlm$EWjr80=H!wn1K>`#wIDvRma9++cwjb($r|0D` zvhb|Cg&YQxOY?h&soRv*(ZjN}3}Tz5zVm2WdhBH?shLCiVb}c)2jQe*pkG(VGCrhT zuWpENdwC&fM_ABZ_mMS0|q%pk2fv6Y*XP z^3LA~Dn_cyK+$*nHm2vd7$K!!a_>)fd+CiSuxJTE<2m82ZOQ8R@B_!JTa_tSsM|Ak zxpmJDM7{SCO#B4A%tKrXZvIR8>-7)B(K3*;jd(Nwvw$|00=aTzYaW<$SJdnde9=%7 z^X#6yL{_+{l$#7e3_6|+CjI`j*V65_Z#XGzlmmPcT*w~U$6?{&;crC@Rb{~(9@4i2 zWv}$)TEUi{UlHEa$=Dz;m{H{MkbBSR*2ab!lV@rWuB(tH^At>TGoB1&g4d!<0H$mF zAW+Q?tZ1|OaXO`^ea!Q`gme^O^>_gP&6OMsw}BgylAxG)o5%Aa9CsTWfahA0G>A!l zk7aHLvzzpDpZT9q1WZ!9Nu#@uOr5eA2$~8cxEIR) z0ANrsXPpKWKas8k6TXcOJr82XJYsz(TzPmz;{YP+BSXfQ^ptXIFh_U;enTsP%5P(8 z<72q<%d(-paW6~W!Y$LV?(IL96xAyo3=yiXxFH4*N*f~7bdi!UJoSqX6$WQ=CSoJt z66)1X?dUh4y%(?2pj05!-{uPrHE-i&1CvY5!JLL%;i2>bm_^VBv}mwprSR)(dr)Nu z?INI%X-5-&0;X58e@-9FlJ>u}59Vq3+rZ~rH$WW?6#M}LwR#~R!X!*7Q1Xq1AD3Y! zMBJRAK+*SWC>Y0yb^r>}6K-+$==bM9KZ>$s?-2N(6P7;=(m7N4Jdxmi4uiidj{Ng4 z`7=K|ei7ia*8!@{oROzcX+S(D5|H9y~A^?dW&tQ5Y`6 zT@v;k!VZKU8Mp;Zia4;DyQtW+fhRRN^A7F+?@+*-E^fU=5O*Bd4R_GxLvV_V?cD#E zL;vJ!7eRmvNv$a|1l*|&we~5%RY$KN(Peu%30Ghsgb6oKQ8qI_LW(`}Z!CbC)gQaU zc!&T(=j%&B!zf`e9hw_d)h4DsJ3#v6*sk=+T?l~lJVhSHDWJ2DL(^$A{T)7mYeWN7 zDZw2koz?gm0HH-#n&GNgNU_N)*qZ_*P&M7IkU;-Wt^7Mvs{KE;^6$oW*J=fQoN+27 zWcyli@>$IvI|_H^*wMC6m6CaIaZ!c9-!=;RaK9OjN&&)r|GJd|E$X=|J%UWm;h67Z zf9~p^(&i;-T|zM`cbE>wwoJ6kIo*?T_c{5F4aX9)bgMb#nI?!B`7MF$ttmK_!<^JA zZVo=*dCJb>-}&y}iTF`Y+G*pO9Mn z==XC;vM%15hcG0M;DpVqrz>@WoI<(_88w%}bz+)qn4vcVaA~zxE|{A8$?mmF{{E>D z?v3k*wgwOq{ROH9rRh2D?Wksf_6l;2HbHu4>?s5eV}NPpcJJU--=swe)FW$0K+gJG zA8lt!x168*7jp`Id&S+(FHKHRL&-Sku@%b|avFyDSor|p*Vx@@5A)+Q7FOr>U@j6z zIR=-EBwRM1hwJJD$!OG1X7h3O6mJPjpdJ$5Q)I>TLJl#^z~eXct{vi=%x%JPiX2;tzOn~>>Tg_?KHty5 z6I*N{C3ApqY7fRG2OF9uVbf`;iLWr67`!h6nF8-;(3xSs=6}bTxl}gY4pnU0WJLCN zZ|Q!q*qFME_qU+lIGCH)Q60X2wqS04Ze*J&Sg1vqTH zYX|qEV3O>wABpw9z6u!#yW8V9uW~z${RBFqy<*j9IHZ0#+{0pV>n_A1mjR1}ulMbP zy27e8A!e3@b!KqWT}Rn!fDbD9RJl`aEOfG^oEmd(BK{`zdqk{gm5PGOmPh8=Aqe-1 z)`HHe_&;~nzCD<{_NlF}7zvq27b0(Tri8TTdD>;>5faKW#!FtT)U|sOtKM+i?5HAb z;L{Ke!z|1HH-ui1bmSIgj6|XSK-q9$w;kVkdEcpJr@E1Cr?=cuhoXz`8D%=}gX}|f z8c69^@WA6+y8XM3R;|itQ9vtbbf$EC#Xu(Fwz-;^bR-%as02V=6Qce{71-?G&)wlM z=LiVMS|1iScs%vPV{Gkyi$!APyyaDCOZAPhsS1kajS%So=_3j zM^8SPLab-3pNcUuI199{@u5kbig2QWj1%UUA#>}-NVJv?&TVbEoitrafysWOSPNq=m zj)zaSr(aujlja#4(5{?E>%A`AYVCpcRufjfy?ShvS zNG*U7Ami7@Ji%U``M+(&&K-ugwubB3tA0J_;5{B_ljtMkJDcqP(lt)W^TOjw@{Kth zMp1<_@-*-9e1AUSG1NPi2^AyW>DJtasrkBcK)P){AwCjjB{7;64eda5rBC&%Cu$@U zjW64QmP{j3rC?kX9l66Ighva}l3o>x_59R>!p5w0}1Ob9r=|ke83>w7Y zvx{*r0k*ELXnr7Q55_JRQ#4mP1gZ6hAnE%lz4J30Oxsxq3P?ufHZ~J5RoMN@Nl?MP z?JuV)cTQUNPe+A~2s)B>9x#7qsofXPm&Rk!T>?N$wG4`nYr*0jXnpVNXKDNB=@CmG zRNSwN5NC&1H8$(Lh^%eGT0K_a?V!dePQAK!aNjNgdb{`-R=96xh`#n`m{Z-N8k(1! zkl(G!+XmJkT~z~o+1AfG&qY1?F3SFzmzD`W+!zN?1}~W~8 ze=xWnn2M}>2zG`TiU4ZY`6Fy$Qu`rDPv*Wj(s%=Auz&L@%h9 zc{`WH{_=rm`~6er%W~6sEZR$uI8Px9)Y`>5u12DSkZV1@%8*ek4%{GXIk5v%X_$9W zgS-y1n|DC^;fj}5AKt=e`KJe|jy*NEO0|q#EL6Y=10eLymp8G>l-lr9TB1!tNk%f+ zTtFq>04njEGDjoiIl<6r`Us#Br5{_pg*h3(s%S5W0kyhSphN|L5}%1v)^`#9D|)T- zuwZW2a+Pkeh?M27Zl@7}h9SF4CQ4a!d~Z)=6#bRUAu%*09OR zNrt6^Q-<1e8bGW-2XpR^BegDY#p)vvs}SC}dvL|-JUU|^Iov($KT;fi9S&evVUc?n z8!gH<=YPp|NY#8$n%tn0^_=l94(HkT<*%+3SMgYGFGi_KeRzU<6QcuiN|B)0W!Uh$ zG0Xr0%?XxEeIn6*@rJ2GCC|UQtR`l%^qs^5#q1KOMWGn`WLr{pd)dn91B?8#5o;aV zi>j4N@x6=HwC%mU9C|8icfF^zEXy95GPfvtt=J!8WYjb;FmP@nQgOt(KlUj77eQ5$p1gVm+`>haJG4S{@C^dlhRY1ibgl3 z{9~aLCILUl!d5^4=4p4G&p5sR?(sIR#K+|ER_oO%M#OlptAvcl=}4sdzywI1Ej%z; z>3eW{v*9M?&rKAOASg0)Bz3WF`6e|c=;_8-nM|O6fek2YZ&whrPz+@fONH?iJfdTq?67;Ogq>T4^#E-uMh)% zwgX&0J4pmReP}AO@aR)Wbz5nGDCqv1ff|_a-UaPJ7~;(ifthlP<^}qC+F2Sx(PToK ze){#kufsjd3vd>PxClci!iS;!KXQVzWXd080MTo8FhET=pDFf-d9RPA;JeC{Z*#%K zc8V+09HT`&efrcnr&zZCwkZPi0Cp~^6+l;0Gu$6cPk!P5!g_mit-Y`BIOyqZ@9JVX zeE4u(7)%%;AXgfw-d;PfrU=7o?vR@uRDwNEfVX?4hbBG2egE}HB1smxV73S2U3u^^ z%&D_h*ML1X7;}X=9v1C=kmcZW4j!J6F?*%(a~vdYt!E>fyszKKR~PE-n^=Usk`}qoj~X1eU%A54pP*383^fC~`FiKEL6 zre0d)2Lo!rT5Mnt>p{dScqa|FM8GfRo2rSaL?s-qGHZkq@> z76wb(aX8-d=g-$sDO{YKF8DjCFn@o)whn-cJ@j3GiSmO+i-GDS(H2y$kUy7#J*k*NGu!xhRm)&Of5ZC>26W)tf=V*YwBF| z1aAX2Yv0-wBvk-s6nN-s}L29K^F1z0dQLouqp*qZjCsbm5D zW*R+*0kF?IKKAt~QFAG=qQN|0jf9C40Q_@>#+u{o z5A&|J$D%npVvGEvqpPL%lNm#6C0mIh#kv);hYPAyCk%(8>b4SZ^SSoF`>-s3S_stq zkKsK#mk%w$6g7T*DqxCbKkQ?ec{HnAbl9h;g2hLSr}WdSTYAEkKH1?Pbj{T$0Mf$5Gw{Hz^Ry&yXrIA6|qd3fZ}=_TZs z!rIBh!ibu8!WUv%;dXHCI0)T9xjx*Y%Z58t5*+UWYp?4_6ln}6(B7#ip5|GuFn}*w zZp6R%$rsz9q9oGX8A3qz% zdic^Pei^u^XKBjfVcr6e(*@Kpq6Sino#FGx$D1J3x*<=28K^_P4G!qd#qE8)Fz01J zZ1Dzy^T@=23^bg`Yv)sH*8y}bXgAXK19Z6vA8UF9pP2l=>>$AMZk9owF#zwOEnWk& zFaXi7Iu|_1u68*lX#>{0u)BqlRUjN*ItTwfe?woO(_M}Wb0}wIC3^g7S-v-Ddj`JZ zISOIgd0=xFr1|&Hsk%X?$)rMEE%%U|`YxVGZC4ZSAfY=BT+w@0$9G}L=u{w*MDC6x z_5(g=z$=O2NF(vHjU}D>yAU2|#HHdc1h|w{&Lu_Y@tpjPLBGWfH;cyd^0CZQQLKE< z8_UA!OV=lN<9-=J<>Eq3#GPFzd~+xOnGT)QDcTlH5qd9cE@TfEDGg5X@fHx$hswui z;hS`{EtALS&zjfXnWN0@pI#Vz-o-YF=&Rs3F(xvD7Z9e_)obi~ zU_xd$h|^~9d2;Z@^gGllCUB(_zHL`q28jSeVxRF2pda4%jB9~YSP~qHVZYG#G{F6$ zVMFQg4SCW*;A&<5(ihpqBBWiS{UK>df?ylhCI;c=g@Kqz3jq5jsd+CMHaYqA2~c{> zx4LK-$6!jML20qMVL`H~R&NEv`utn(-u#6|0(K^iA!r!cY!?Qy0jjlqor*`j7Uh~Z@JW3x@}zK;oForz#B##nV6dAd*_x-gUSf)*a2d~bK^cj zo%NimYK^03hb)*AxA_h`_W( zU!6|sX~!{#ZBJ&C=9V_bs`HTeN zxu33;tDixMSvGO)D$79xJ6qd;s@o{V%h80Z#}XsxTSlDsm?mhZI$6mrU))Q+VQ?H~ zVjl8%q#@v6jlaz_{M)?JxqQ}VuzvV}9vs@yj`u}$@mP}GqlM4m=(-|sL4R0q#;a6jD z49CLg$=d@Ii-3!F=Dty`J|I3dVs0&W{8>L%v}|s}U*e1aQX z>6TL!cWZa`-N41-<2wmsiGIx8A8G%_0<2@-x3afsxhw5-JHVrtS_nW{{aoF18~)Yz zo81Qcg637dFN7v2#G0rP2dJ|)prl^@tL>X{ZQl|tWIUXQ)9nxg!u0s&)DH+ZHxZS* zd_@)4rJp2Kzs=iFF(-mI5;W%RViDgWNEJl+8x(26e*t|frGzMZ<;EvC`mu3LU0j;2*gWeNj9R9+6wK#=ai3OiL8EJAP^=Hu{!x1CS9gEJe^`#)fSuX!Hj zRo8mp%27_s;E*)0tS1%nk{APOia6CIKHq84~KH>3;ZoeO*q9 zn<$B$0NJV!9POVbwLqVSUVT4&CgK+cuaza(412fH9-4xa`sWg&L^9cEP>e%9>LSF2 zcdY7+@LzuqjpQl*Bw2%wgk2mehT(l6Aw-oNNLXP}NB#8JY3?DwPj~I1S%yXi5QXgh zU^CN41GLMS=YijuTeVI?M<18Q_frUenX}eTVEA> z^zLy|;3G?ZLk~jJjuyTz~0I7WKP0F$U&C(EW=GZC9%F}&?XYrLkIgx z{I3jvU5VqZaDa=$RZDuecU#p9$!pPL!neNtLHR-G`Nn*u#+UPQyv%dKf@kFf&kEit zJDUF1RqLv0(ihAdix-{D3upEFzuA^DQXa`YYDDuUsc~JQdG_0Z1A*$_#}7Sbt`EdZ z6e%@4wHMAG&&IeX6y7+X7~S<)(93DMAi+jCoMJI+PTcT}S|%39;XMOmpIFFODNn*& zo(ajq1Qf!ylp`ErQR4a&|WaRU79)p}Ckxf^QcN8Vh)uYkg;zV6#az z$5A<@gkm>mFOw_}qaN4xzU4tCR})NzGCC(sYsVDk>h?rMV=;fEVS z8-A$=@w?SBHa-t!U{lt$x8QW$A1mGYW{;WI%AI~ro*}b`DO9~BElXr%B-;}#-+ny3 zi!u)420)Q(JC?)kyW&?H>0%hfxFCRD7(YYsz$JC@Fy;pN3}G~%+Z`W1sulGm5p`1% zUb^$oPu+u@z)7yVDA;epp+j?3oY`IE~RVAliSH?UTY;+C+0!zxetTAxU zh+(k~Ua6_BeshBZJnx$78J}`OSe9*$tK#Gq>$Z(|eslWAddOV3d zX>O}TG!7L^K~6TkH5UIQ%{h}9Ho?~O&wuS-ltxQH`GNGJ0c)5q$ZbBd5XprAp38I; z!+o8Xd*`!1?hm#_yYqOBy_Pmb)D$TTjXzrNnv_H0zC=r6)}AdOLFYc4hu--VM>eQ# zrn=i?!?eQH5(l$zC6c$CW`h561lK!%w-RB?D z8J+ks&l)S+fFJB03nR&^q%AvZz_J4Q(VZV;>g~kdu^)E-DR80k_g%1nS{gJT;D>Gu z+-(GR*dS%=R%-{E!kPrQLe(Y?D3QC~uC58pYPyX@B`PYmB&s4VCEnQ$W>$Xz2-ZZU z`Xo%)fE69xEvLcbpJd&!AZ~%8f&EHfU(ub@9MSiasPrP>+uKY1E(t07bd-1u+_TYi z7gbDYm5_ta0Y}f+0G4&Z@wme6PKNf+3DDW~zGN{j@HFzKvg;+hDXp50WI*7W-bO5n zFzzN{J^|H_L(8poVRE>J@d)-`m1vJYuf9&V;C%LZgyK3TM zuA{R3%boD&*^fe7WChs_wjdbbS^I$P3=3H7WXc!P zQRRPJ6O|p4ndw2XYvr1*=kPnUU(kXlru0Qm6CDb)z#g_x%62$a9( zGWNHaQ*bkp`llgg%V$c5Ip=od?g1!3otr_4z7=&01J*oZx!2OGWpuP+oFW+7Gcdrl zu`;jar|R*`YOb&I7*D);o-47kx6@sGWnngSA)#_=;rt~(KZ$+U(hOw$7(qe5I)mlo zkGm(M8Z{6ODx9-+V4w5)171t^h||Gg8OVu6zmxFXqZC*1K^g_YWZ z0i>prCABT|UO{Q{uw<#_mI}7GYw^HQjvAV@Z30z;EvRbU)WkF*=y>+A6o>w2(bAYx z_qBQXO3g$=rlh5%(@tOnGo#`l@0zK|?xRc)!|nD75K)5hDugaeqTcoqLoC5WP}PzmxzM3yxMKBqSJ<#tZTm zV?sUd*Mz#+rg)0E`w!`XbTeV^wYu#yZ`b{;0m|)kT}q$9SeBt^Ds~+YQ z%&Ld1Rm)&md)NP+VApuF`3rCj_4{a^Uv%Q^`1IrM*j%ZBHEHv>gxzgd&W>2|I~O_I z8}AorJ|my=s=E&;0E@<%JG0#{Thal6p z%4~pD0=#t`#+M2w019RYM(yaZ+ymO(FHicMLu|#&TtTps%#Ocex;EcPJe!qL+ zx}jlY0^F@hbo(oyB2rWe0d5l#>lujb0DIIDuZS0_GG?XZ8jB?up^1TKkMRTl;^1@K z8S*kVe6Qq~A)&CoE5jf)Ep4LbBnqL2eF;;KALY;mhaT;cVuPtR4<6;nc!Gl_?AYk( z>DdogD*LYel5}p&udiD=Hxe&?8SvntgJhn$Q0qKZ(W+m;a@4FC35WhKJKh(h_;*S5 zI50&J7x<$T(rGZ{MeX^);7e*w;t59QBCUxyOrG`6{?)JZ!U#%b!p97|Ed8^ckVDza za^)mSCq$YwqcvGq(fI)zd|WamJ^l3Jn)lrc$C)sBYqyP|8BQ>=Am}@gwvo9;3$ttJ z<016xgHr%GlarIvi}6AZKANo|P0ci4AMU+*{LKBG$VL5c-hW;oR3BL-Ep`}k3jgB# z-H?|z$devh!i39S zUS0tGei=;m`cv`Hpb#6&pW*(x5Gbf4zqvWWbO!ZfXlj50<=_Yy7hww`%@wp_Q$Hny z%=(onElLCW_S`!C$^^26YUlLNkTsHXWplQ(pF6jt90!A#*a{09hAG}4nvzP2ii58^ zxx)Y(ksg%3g(t<;XO40#Jh8~Q`SLFzFr(uA$MU32Q!4XpS+1DuG%$b{sH-UIE?JMX zscnjpM0|U8;5vx(_mMBe1V2eIg1u-14_dPo9WThjOy7UBM~{L@+oX!|!E&UN(#rVy z>N|vUESRpDv5dmD8T&h;q$&3 z#QSv<)-ZWLQcN5S)kCAvS6Zy|IDq+msYtZsQ7uQhcXdl^oR0nEeMT566r<0uZlqGI zkY@QFw<;DlOKsJ1D=Sriuj5aHI*GDif%)@vp_-sx&7FsioRY~MU2}L_K|01W;&i&$i%X?EoH)FTmDD?EsS#`gXOB46G-ros#ERo>xrUa z-a6S&EGDW>-h!A$fDQ!1Q_8(OMiv)TTTJ8x`uqD+0N((+%h}d=_d+dvzHfr~UV8%W z4&_vJD>)hzEiLWqIB)?xHiT5*WmIR*m=(B=O=r6NG1U_F)W&Z@~>3QPL|1BDoyrd*GiLX8{%qcW#=uFUVHHI zQ=kt$Dy3?5b~sGK!0x1YKg5b-e-zxWJq4nj!BST!BLFQte`2vq8wl-Mu1^_!NqmX-ItnDFCb8&35#U z%a)k69RUrTPjB0Z4aNoDLsMIul|uM!Ry%|l!dyF6>4Yf8%2!HOx;AXVj7fIWZS6qw zDC4lNZBs%YXOGW9xsV(6%8*oEhJ*?w4~b>3^7In%^WOTbGVo4B^vJk70Z z_c5f;Av@2**R<&!j@fdpxO^;%G52cKu{N%^4j1;L^O>gq{!ug z(agh7_$^|El7&pw`NI{;g}wvM#NNcJjUNx<<#Ogg9xiSn!p~R7gpSPC63<4&EZAxG z-Xge?V!|o~R_2L;dcLFSWW_xgyzkbaTGAX~8VhxE(e2KkHjvqsl9km2f${j#8h{;c z%uD_b({kMd6?>yw19vXK2^xU8(XfC7&TC~Zu%)GCb-=GoI^`VKn)iHwXp)bHmiHKK zPb~vj@~$oXw)$WCpX}M-HzWDP4@UYdqM<|xZ zwAh+nQY4stn7ENF=> zKEZ|mLaV#?`*p=;3VbxH>R{N`} z8v~4(^IM)ngi5bk$119-ITIn#2jxA(Fs!GJY`7lZT4#x&9+t>h`?A_dMftc<$mxkf zdoXG2Enx$`BoA+bCWTR%=(IhSErIy)%%j!aGH83-8sz}mU}najd)XS@UB;bwI;Czh?RpIKoc z9}Ed+*AjBpApQLw%=$VCY;1##cc}--a^&D$N662G;emsyM5=sJR4pNV|Io0{w13|H znib=Ur1RTj{h!8&Ro<>Zjt1JWKW`Gof)c%vgD!-ZCDTRz9j#$(ZJ)9m>Z4TL9h6F3 z%)O@vklcBsr%aW(KE#ERjjta%i2G4D&N`yws;8vmBoY}tPPdQR|kYA zY(4AP;i>Zp!)zNz$nOy{T|Mv7-vm35oeqrk@f79bbvMp#>8j=CQ#GQM(WwUx?IYus zCS5x`5}qVbV28KI0GM0xI_!~lANA4g+-(~e*{YK{B_4OYr-+q2<>h5~_uSjePG0lR zNh3d&+bulxOA^HaSSYu@aiK)cqvWr8M2$Me}2{ zy|=JlV=Wtr+PND#doYY!qdz4+IJjgPW2OTY`6>m~Dhm zExpQebE+?OqN-HpmQv~2%FXyhMjz@|yWE!rgysO^mYe5#pUKkw+7!w3dK>DrW*%z( zb+XDH%)u?ZRX?4@rI80<_I_Cz1TC$KlpxQZ=olKy&=kh6SIi zjZP@AA%z?u?*p8H-z!F6x{l@0->UzLQ?Dut$Z z<0gq{!8=?rolt_W6tZ;d31w@u<22$+q^?qr7Y{96^4{>L@H+c3&upwFZu61mV~IhK z5?>$6+ee1DmlRROXD4GH)=JGy)X0!}g#)tDwc4oaTO+ZToa58jQ9_B(eqGy4p+&YY@vL6V&T#`B1grW7HcxkaVgP}L+upJ zw3AK(6vH{|SnY5)>J+31FGCQyTA3KZ|ARKpI`Q$szhMFXciJ00dJN?BaG^YkV@{Ri z2w+DwR4f&}k17AS@>fuKdVBsY{g_bWts~}8jJRn@M7e9*#UJI{7(_zx<214v&ow5= z=c8#)9Au|XEXh_(4Tf`AxKI;)$7UtOe|fiw%ByVoRY`}x!ueCT6#>qGV|^1-v3*-?L~Q5iL~eTbFtV61xMnh zp&1dVh#7CuWu1!c8NQq__2=7eA|U+eJKVzzvio13;P^1MSG8kh&O<)V^78V3B)#v6 z)QZ3@{m4xKZSujJLHmD4{r|)J{rykX4Xhk3Pb`o~q&==eetXu)k8P_i;9VJ($-K!* zjfiHQwVp6&#g<^pq9xMgLmEyo6+@xGAZ4mwVDeX)(fPn)%*rmJS*w^~*dVncVd`t`j+0S}+zeQ|sSDvEd>h#n0 zp-%Q(IX??C=Y|x^pdKDOps-rED0&sbDXhYSS9? zN!;jFM9hX_NZEXYT+g?yv%DVLC=ei{))_2I{U0ttam@?UsH!Q8 z9S@u!`Y_B=rQ-Bk)yfkW3=M6M{`yu|fG1FtV{Y^Ma-Ro_8~jM}u6Um+FHdi(4dVwJ z7hsFSzmMi%hBSjCJcgI6XPA8S4(UFr{>1>|kIWk0{c?4S<*I+%!T%`aILGKrL{`xLkiAn>EfY(aoz_x~?d{^=+fMDlc6Fzdhbc;5PHz*Ik!e+l z@?H-&zYd6oG#sl>qpIAT3fplgS92n5OPqembpxfewb!OKRMyhdSKH3vS`AW933IA) ztHuitNwGIR-4Yv5QI(fkm=!f;cEZej`o#^M}-A)Mf&A z1IiIYAgzwhhgD3?COlimp_cc8>{8Ilhzt}it%^g{qUeIJM}6uv(Vq`EUr|ldc)#`Z zX!$~UAcVPLLtf<|Gp!k`MohlANvfyz`GHdAIc+Ep-(_es7H^cu3T?XS=wJpx$KL|E zSihUF1I&X~+$R_XGa(DQsA|B*!^msxLqj}Q)rg5stM}~tJgqIxL=QCRI3DNg(>`4^KXu|MB2tn4Kp2Y36~xtBMljYcb?F65q#c$Z=~ z?E3oIgvA_`itG-=cU&3SUU;f$_O1!}<2|Vz`BC*TlIMzmS3PPxKgO-Ou0zdjq0jGT z6oRMG9iY)Iz!no(&x__2qaB{MYEB@5bluW2@z0VAZfXc63=`%eJ_mGHjqXDT1_p;- z6X(U_z*6_*qg*of0mN;vC)3&is@FwQ#+pMR+oyXa=|j2jWQ%>Ek)<1|DPB>QlZz`g zCr4L}_)KbOX9f8`|7B1H1gNX|tzvkkKD5Lc=+xWW+frcihL0Y0sIlkZRLECK16X{> z!9@cez2b5wej+Hn{wV;hc6I_gC5k|hdCA*zC-R>k`A^$WaTkI%Xg~N3Cb=U| z{aqxYLGkeL)=~JM?D0%Ct+AX1_nTk7c<~|` zAR}9kwJkBjERpj+%7Pr{a}x?M&!2h;%C*&5ORNxw`Sg?uPgFjx5yR^za{w$->ZKnS zARgprxEnb!=&z1(Z`W<)zP$i0OPA4htsz?O->5*ACa^MQfHM$o9Nm2T5 z078ZaH8eET-rmkcby-?8t}2zB;fmD=d~**HBDIrkokOgWA7ttb+2eVEc9U=(tNoap z8|JODBeI9iz$72te(nNbog@rOU%~S$tEY}~A z1=vvl*#OzChz79POb3?M1K%ts3M3gn<^m6<{2TfQJMj4+ybnuIo!p}lH8(f6T8g77 z)2AMXAW-=F;h#?fT_7M~AtzeW)!NM0*Hk;^!YSohfL$#sQ^@bL=WNx|rT^Q9{KxDN zY6!}`#%X47yIbDuKV+mPHp+2miuK@gsifk~yk+OkdEt|m22k$&3{$}&aQt8$^u=UZ zkg0O6d+v&FTA7RnSTQLX84U-AMOhWT812)_uvfJom4lWH;@e%|?i0GsFAh94P%-*T z9nJRSh7pI?E@cgU5r%{r{TABDV>NdWLYxeAkw}@Y>Gc4vWc}mK*}u35)F3-OK)vuM zm?Wt@85&+htEVTC7}B%DWFR8ao(>o9C7w6j?Ou)bzqjkRc6D)4E?f-Vo9G z#KOnNr>m>$l4w+r_Gy6x+55vs7+_8h{nY`2cZ+w4>OjZO=DsFRYS%IKwI2^8Fe3Zt=H!*N;4|FL^Ozj9SQoVq2+%9-yB7g~mz;SQa-p zUK!*BsEv4l?w?SjrsbXg`{%LgIWwygTGRne<{e*nc$km=2zNlXX)%^I%po9gXv6Jp zfjkrDpr4I);&13Yfxj?Kq9z?|HqDNK$0hGya&>j>`uX!eaG_(K2twrN8!%a{2Fyp0 zoqN9zE<6iIBftvqt&qNg;C*w0rIH}9nf4%OH2(!AuDH_#`K$3<$v@%|@I(N1m zY>tc&(hFT*U;mhq5$LU=%F_BNGm{g4`z>6EeRUv!*vEg2+kk0%ZhnOLi}@wkYZwP~ z*AX5Cmh#8*FGFG#$3ndl13$W7;OzDC;O^%w_v`I zl`&8NFP^va!<8IOtM?#S44!fa%D5~<5uc#hja@&&g!$oV(DVif3;$oja$lF1kI(Ci%y-uD6AsrtGg0GvK^Z3^g-2<57HgQHg9IU3tTvZd3 z52~{!Qz-SIo5;E+$2`xsv8BYXF5S4mS##X(A%NGN*W`5t^UA8DnINP?owZ+_3P%2I zQzEmZknCkGEiC}jV7_?A+|n*|+Z* zS+|dC^egZv_x|NkzRt*eDeutie1D)e8i%?Kz$BovLNE@roE}^AR)Jc(3i>`~W?s{S z?;^i20K6tA9r90m^#0PLNg(-gAGpYJN+|$WC=fWsBln2Eth~JQ70!T55wX19BK0wf z8+xSsF0UIVU?06x&K{EO{0@_G|>U9fM`qh;-^n-ahkrKD+Zv+Opqge^-^wCmFnT?`Mv@nU@xr! z8Zpm#18ux9x8U*E)M(RbWr5Z#C%=Vnm8-**_P~k28^>7cp6ox@`}lHgKAT7oPvh-v zJJXH+d+Y<5cDcPh3;pFE?FQ=H-ObG|n_DLfvV48Ue2w|WnksSRSuFVPtj&GgVho`n z;#HG8f#T~+z=^pM;?^AcE7A&6CiG{;K2YRIilGJMOYWqa{- zC6Xf+6OW$eic2Jc1pqJRb zzGNZkxH$xM%th3>A*f*vUMfl`-R!F{_fc@BJcg zKTxD>Kj4esRsy<3Ken2TNq;`wNjd0h(|icwYV#t`v!F)BtM$mnf~2a5g}CgTGV*q` zBGS=L&VoBmRz{|qGn$>AQ0PCY12lcD<@~5;d)u#y{uV*FLx;t^_t27GI4!^}NNAiB z|FH)(|GfTp)V!thD_rdzl(PqJeR;M98^Trd;xN~@G0+*#UakA+Y^Z+0rTUvq-8;v9y8%Rb==m|;Ld#3?`7 zbABFAx$$)Ahmu|v)K&+>|51BMvu`S`msJ|3P2@;YJ4j0&TkL;I1Z*GV7y5J&%h(k} z9ojCJ(-%{*0m7-c?^no&3))Ukgmjb3alSQ&M;TN%b&UPCCX=%s*|%g_J;CXJ3{w8S z`a2TjJs)OEZV$!DyWXZH_gAIsCGujaFa7waiYmy>k&2a-x<5=fU|kfDr{MrcQk0n% z3(Uyf>N8Eop*Fi*moa`!Ano#)IA$ex)rr)KFFv027SqFjwCc2I>E^p+k>%>Tjb{-= z=W+ee34ZteU+8B-_=0790V`C6ox>Mrs5hL0=|LR5a<%$5%$u@gHaKq$NT7c7io+8N zuZH<#4^q{DIv}y$X8DR=7=g2D>nI0L3O`!1wUU2x6B%{r-esiHX7!`ZcK;(2#z$`C zsCoTn;q@F(KUSxzw=#?`jw$gey>ScXq>U&44SbhLOU84YwLscmZHeihI2D7-DSeoO<=kU}-^-($(?j%_{Hvf-iBU!^1%)Y;>2#0Tu)+!EO z;P#58rAHl7gqgnCfv{yT0MSJGcfm|=Cfxx#n{!`b`ANE*zRzd9DK>ul30tHe=q$op zdXa;a($4H}Doghn?@}MborM6=&4mdNF-kWh0v-|7)Pb&*rn8l;I}k^$7p|eSD9C1& zFRW|)f9$P zH`m2w{GO+`?%)0We#ZB{-S_V}e#iIt{MB{j^?IG>`J9jE<6Ny7rfWf_QxB*qGDYqw zM-bBmx9Hv|0eDBaY_}J+mapDIHbCQAra38{L@g0WFJQWu?eE4OoPP}RbmZIgnm|dx z&Q-YiW4L6|tn}6i4eQ7$YQQEq*gF9X2dp9m>4W_}Gkhc1>A^%EW^&tu+MH#DaHHOkW*>10} zgQSbhurp04ey#CF0;jz}YXbGHyZM}k?Rn|xK5eOw05DfkT&4GXE+S#lR=r3GA#`|h zTZsHWPpSTm@H>Y3{ppeVv8_Q5SKfOrA#*O$>m&u9%fe}-Tlel570CZ$MC0bIIX4}} z!Ic|kbA0)ywrk10QEuP2weg_0RF6P9)S=A0yT!rm#)^{enHTsy7K4>>*mCi<%~cHQ zmoKSPH@Bud^^xT;F0za{-1F zM7ndCRu4;=jyIo`^c**F&-hmm6CFZK%Bg%?WR|55oRqG$lMb`_qrSH`>6bncUQU=#e-|Q zC9ihHxe&vJt*KGCh4L@Y6cS`s&_qi^% z%Cm%ILX0@MHm0{?Dk(G1gv+4adKBZm4N>e#puyvRTvq>!gpbf7H#iq&;fj zkrn9qnp9rkxsjXdG#y{FXS7;uKl`t^?JgA2@2T)@^+;4zFhNnwo@;zG?!SXm?I(Oo zrmgW-XPk#MC0?DguQ~fK2rxMnncto*e&KKC2UlFl%=KQ{RO;hZshLyFt@RIyub$5L zJ}8}yWNq%dvPB)C`Xx*i<*kW$t1afOUvFTP3U2~-^_u1qZg;G$j#7rN+8FuA?jA}H zZ7grCuef1Q+}<^gEq`K{pux8^XIfD1Hs9RI^RL`>Y!0CQcxL9!vkzStmW-Ze1jQP(hIRrHCw+ql+P6eez1I`kPXf4RkpFzM$*9A4K)o}rVclrmi;;&Ru~ z+6`CLo&Czkf|XEO9HsY`wZiv|0y6P_vXR zC9<)W^}=?$ehE}Rx*mYm$u*QV=0<;V4Q)i!&m7Rv;U^pSP)M^u#R+=g*tOlx_dG+B zQXFV1(z+#Q_mO1t=75uHKOz8Ybc?+|XSahZ^8xbf4;SDizQ2EI153>Q6y5mu=$@Yu z2Xex8qes1EYc|mO<#W<(k#)O-kiuOg%&BOG?-u<|s!5RWDVl`gi3+2y-K!&^)#^L= zSy<1Eh-g#S@}2!}=g>Odo!8+@M=j4$BA4gz3fh7G^?m{p45!dX!-V0o{HMcpT?3~X z>#1WqwjU+faLMLo`Ac*{-3T0de}E6fb5_8C;L?$xf`%XJXQ8eAwBE8Wg)WFf8!@WV zY&Y6%D*^mT-zS;n{p!Yx7Vr3x|BR4hHbEDfUA`vG#@#|Qa9H5p^sQOG>-Tm8n{it2 z-G2DK(u*Pj_08LxsP_ELM;oBV+s8$sB34}=Y*RWLTJ7vsV}w@C_j}8VT3tKk2efC3zmnfH zdbwc}0nlm!*C=W=7+S3_%7EXh-$Ol^dOAj23pv7y)4*;+38V9!0JdsI|+O>CWl(ueg=lMMaoA|XIkKerJONFpF)L@3!@gU``?;05!iMbG_1LF4b$_-A&*;xNgC^h;6< zn4st9-K2kImVYYbLARvIL3YpiV>Zqa>wgQ(7LWtj4RS!asP*mKMtyPVsOezam*Ro3 zmdxG5rRVI~P`{<`9Uz(2J22|Gae^c5E_iuMfl-DEpx;0pw~*(xuvJ&`KPAx}R;rDS zpH`ryO`_rQMNnu18OqUN#-Jse^#r7)SkRKHSU9RLnm|jVlZEJF0uDORk{nMH?6h{x z0WEc{W-deIT^ohSyN4hK0Ut(R#Jj6^I*$-eZe|NBA%_0im3@hm!|PJ`d+@B6v4^Sjt-ds0-dyPA>A{v6r(#((!N>f1(A`Y$w8 z;I=%MD&)%hd+ev(#>XP)^>me4!Wc+L?9jX0T$Mp6$}!?ckl|cA07;JwS>1m~djHw? zVO)R9Zhz+cgirse^xa^Z;Tc_}zh^wvUnANSu04GJUxgb^f?#_>eR={`6a=w9VCBG0 zRHkG(b}fTE$-6di!zi7%?80Jq1&UAaAX3CK>!V1K50Rp~TU`_l0OHe8D;Yi*bPOb~ z<_?GBC_c%7wQtU@ErJ`4ZNQJ3Z-p|94owx^R9_(DNfX&Vxsf%=MO19kB`Uk%F@#4Xm9Z8H9v z4hg2XRu$3JMZt{c^%ApL*oYv*3es#=Ljx$~bDTT~NbBG&2NVNbCn2-gX#Vx$Qvh#I z&C+jebn5@~0teJ^LlPV`=M9uJgK~1B%ko48OHu;)_5wxG)u^&6j)qAy4CAqqf3ySr zJ_uIIv@K2pEy*Eb_a1|X5MyQX$m9I3g7vw%;^tNj%)ltUz(I;K_S8J3 z?Um?K;Qu2o{TjX_{m)u}|1ypKT~u&ufCX#E6Czp!_kwoz>XdCbrX<l(BC|v)!u4m_}8BL zC~%UR4Q}F}4h*OR8?ZM3W{8vQR2)ud0YvP1a2!YkX)5qCcmCM75J?6ge9t-i;?$Zn(^vTD1cRj!n9=z8rI6na4{@>c@2Op?75cE9?%GzAT(*$5~bRypm zr50}J+jZe41OV)zZ~6I|XqVFG!%)MFx~YL=l#&3(W#VswYFvH69p$=|&;=|1N!Yrg z0dTTO{BuD#`M5C})Likq=MNBgl}RZ3hV&n%0J75UNkHUYEcB;I>=PTb)&!t&bUgP4 z>W>igM@_Z~?p}v!wtnScr%Zj+A3)gG$6nZ@{zOB6VDe2;1VG+yU4vR3P)iEYzzV4a zV%0#yQ7fbtLukqxn}BNfY*5Qxu}B4^7Km&WlS$3MOmHwjQ&*##Am_WLKvQk2>0Vq~~T9Lp`d*%}WrthR4g-%jEqudR`H4~X=tS(2N&WXN>9ArMwXs*ECQ zX@j^izNUuuNti>p%C?jXhDUhS!JfLbzMztWAM9y!Imds}@xjeR`ydV;Yp#hwH?~=U zpmLUt(&0mwZvbj&XGFY87(a~fR$&4<#Wxnhzp8iyKN2N3h;lTu8JXP;7@xjw6GG@Y zpg4`y3^gRmV<5_j*E!dLOcMa4soPIN8=cJm|N4~JZ2N(YM7#iEv$r>jL=E48hC5l) zQNwJ|uwqhzFEo4qA|_q>c#hIUCx_TA#@#g9M3?d@ z3Ku~V|GMp=v2Qw!u`MJS%G&m~6#%z%7MtUcnFm5w5+01A%K9Uic~yZL9Wrw$W3sKT z$Gu50}?0{c*kNszDLpQHJHPXY8Cs_P@lbf{QUfB`f00w`fXGml0#1x< zAj?h;!LM^5gRnYrj!JIkr-dWhf1q6ktz;@ zD)#HUAwj?z28p<=C3Lxw>oZWr`D!J(vtTnijmMr-oxivGqgs1lR0wCopwZ0~(pt_% zRWH8syA-&LNNvN(c!jewf8CdHG7>6-C(x(=Si3>z{)XJaa{g;x>f~*d2gVGh1|VFS z+dt+;b_U^Upi?p(#uCN?qg4<{KxeXvf>{OSMq9&Jd?8#_j70h&v(kmpTHu?|Sj=H8 zqWNk2;fa2bhxuekI})rX2sYaP=IKAnv|sKCvMKk&VX^CFrr#oOEvnXs69vd^vKF@E z-jni=K6YS69tr1g1FRrLz5k~RV|eE;eq*mDB-L-s;^)`Eqt@Bf5DOv)0EyeO9x;sG zg{K`%Quj^}zFmrP*ngeOK%LtJ z1oi|JaC$oT&4IJoEnG#(ju(=hU;CXg6izf@@JY_GDA`4VcU%`Y&_HUw3Tkc^K*H&pypeJs)11uN*^y?ys_iJ3*5|9VHSsBdrJD- zh^i1#t{_vQ3}wB+g+>Jst&$hmcy#Mclv{kk3o5#lnL+rYkk=RH+vQMnPJwzYTU;OI zbx8;ZA)4w(k=a5xKxqMb7$XbyTBE^nRy1uGG383$0M*{e;w2sQH=r4tn~V%lK+S>i zb#=#}L?;Bj56Ce>ROMx;_98o&QKAbw0^?K3Oh8oS2uQ%vA>uTQuL)dIe>5WTBh-Hm$z{?ML(GjHU7o80&Y=J-cAAKybzJs%BD^OPiy z@5vGknrZBDr{K>w_o|&3AakEAG0gT8Xl3cY^S@u;M-@<%AAJgsYpSz@8R6S{NMUsJ!on0!H;x|n ztAnMfRqC($=Rd)c$Sbx2f^*J57`U1$5XY1NB^`tV#su11#~ zanu2ut`DW$hNXf3GzA7GZ2ShMz9~LBf8PrdC(629oEtOm{-5W6;~6yA3T7iL+^&zw zOgUf3TKMMSZhnH4v(C2&4paW^Hchm=UJ_lbKi%%V{Gw$_l1Lsn4OO`<{p&bG%D2XEs<#N`S=ay{L#5}VOa9IDkb zjux`s*IFn7Q0k z@)k8I`KJz$^v_i~FjBM+-;YRW>UjX_FPo^TzaXINxKsZ`Riehuqhf zx=Lm4)S0=nA5h3D;d9#%-sd6$%?P(rK)jA3@tv&0{@JO`q9}2*X1y8LSse`c{`_82YzxT#v{E?oX+a@#D|@g9V6H)bh%kZ0KL7c+8qM z2v(a{{L%z`XHl?dS$yBY3v877E+J$2;v+FbpCRX8AAc2aop$5D-^}VMr7Vi;feiGt zi2|ER_p$~A_HNFFNYEjgDwG4nA8GSzIRM&{=WQo-jRgu?@L5sFF5pq#NIaF^)Icjd zuRok3cqWu=xx2tUQzUAvq-tyPt>(M&2P3`YC;jLgdhO za;vhcP3S%d<1-%*2yll&+Kq40RtTJpDc88V3;s1Ol?au_gIpX0)tg|dXml)_jvBa> zjl>Rh!qURE(j{=;75k`O9EcMaD1P4w9xn({H^Y-W1?wRl&hE}77PKGY182R7QT2%` z;+TyY@vA_FW%3Jh%CBBe{|LZ5Uk&tYHoN2r9`WXU*C_*NBHgOf-T^XneoUJiu#mGc z;sUjao3_rD2=Od2GhzVp-RyW^+#jqF0nbO6*)(ky$?e@>0Vc*7hw9#dlV7T|FrXVg z>$NB%o#d2Sw>Z&JLeT0nIrQq+?$KuZih-|_)Q%In+9gqZGDoeu$3Nm?sS6s>Caj&y zbb8c34cyB#9VY0|rn25CTKAC!hj`~qf7w;?cB##@=luyl#Mk5c#{jeXb!r%l0c2Q+ z&{Zet0tro48!Ed);)$re`4K>To2i@s5KN1kq03bh@^zAV#&NI(zi#cZ zt00|?DWgLthb8pQk$tL&8Z^}dsu`87&ETfkE9MoD<|8Yw-`*Mnd|gaGtFRSF9d^Xr zf*Gr0K=w8ILS&O`aNc7HZHQUS#xH|poFp@Q>p|J|%i{K%uqFOaEr*4OR~RlyGYoT3 zRuKc)f3VDE%5XaXU3{gXtWpk&>7P_n$B?Y{*Zabrs-6>RR%0#6u+6X~EbmRLmdQO$ z3~TCy(yk1n9=0_+9=lh#^JGwoLLhyyS*EC-2&u&Z5=ye~u6BY^iYAn`fua_VKAd{+ zga7F~lbEVv?ps;OuWh`iU^KU7e0@HH;8OTr9fQeax)!BM#us1)d%gtk{{;X{lylEG z2!5jNr{JD>2>i=*X-<^TJ2!syz8LVn81dhP&GP<7C-i=jRdxL&Nb968YlJnV93tbr z)!;pQk9h?!g$>zHDdY@`#)94u3wB`VZa-Q11bH?g?#Gx2D5N8rY{u_`1o?xn>()S6 z9-54Gx(z0MyTMZhqEK8mv86i}w4+)vw`U$=t$k*y&L*rJ8HP58$5}<$VN8lissTXC zRb<*6V-JC`grsvdZ!&r|@S0fW>@|{n(2(YU;VmC&0lPB;+wvzmGTjNsscLfv+YL&Z zZ)vd(R(+)XFO>A?HmG;`olJ?+hM(xG%Htm-9JLP-pePl~RpU@+Y z;ypynLy$_hR;{_78&Fo+F@JYzf(1cdR+6XS)${$zD(@B%+m{B?ZC_PJ)R{gwWV&U$ z7=qY9!O7)f;t<5<1HHUgQ0IXs8USKH#>*nkF9tZj=7z^(h<YgQu=s;xY5vQptU^?J;E5j|SJK4$M7upC9mjG>ShKKFPNy-wvl<_cYJd0+HUF#vQ)whYC zhJNnpgsLov5<2nE)ctjqY(hfPwF})xgILk3o1*ER0W}dvj@hg$)4p0nQ@?qjbIsN3 z=rA)mfL>@B5o*F8bpAyv4(WUov;ROLZRsQHLsjP?Od+4At+yC|XZNt5{g2z| z?X?p$JNicrk|;YejVX!asfr(jO*9Q$y5~n4Wlw_vhzcQl++^Zm7l3OM^bMBEP{X^U z5bCTJyW)`d{sT)N!bT)UZBTX^lc3(17ywHs{Imf$!J+=3cGN}#wDFiV9nBc@Z>Dh6 zi_K((Vu%F9kPs&ow7fzNz(Ax`6PhvbhJIG0n#7^y6^}`}`s>+9hv8Ptqjw#;tiEl_ zZ&08egBjPNM3RJU*@FSeR+aBtw&j2Q`t>AS_yWHkH%6s9Q_h`Q+kMmS%r(0*bc&50 zqz1iJ){S{AV>Bhb6FT+3xcPrM%v}mA_bynTZRG-B*H5P@#i#b zYG^D$FPuCBW*gH}+=XpQ3Y&m7{@2(s8d~g)R|lY&ex)B>3M%AK2WV(Cb^y`XpCEOBre29jou_YRVz54>%aEfM*` zg0?^*dLgzt58JdVs)K;~Jg|EG$^t`g5M^Em3%cIP%7>~fB1T+ur+#IG=4(R;wA)FZ zGC(kac_PPJ7Br>AO%6DHl_~r0aZCSdghcIKa2$lq-pNJ=H$n(U!SOQNfZbqRzy_3i zD{*WhC9|>$TL-(vwRZ-}O_RGIt!Rr-%_4C3no8`_BniV^({qH*Aq;zBR&Ryrka*Wo ziE(Y7p@PE;x`&ih*mN59!;C>Psq4a6>#e!=5F@!G zC!3wna8-bEYQ2cG__(5Y!hGYW7YpSPHSNQz5j8;)XbB2p6KeXQg9;%+wywsS?0XBC zWI5`B09aIAXR{jYzw?yA)MWJc8&>TzkY)vK?9izFxM`B^c=T|wt;Wbsm}!d+KJ*lt z`nr!1bB@ibMPlQTeKGQ3fmM?~qJE6sgwN}~fDe|Zjvg>whm}7j_RS!KMr&k)+exa) zpj?q*g>|7rrPTeC3#VQ&oSAv#zE1EGwDHY@;??vgC#gFe0QS5sRTrP*`zdn+4Bjf3 zZ8mM1@FbUIGyBeOusY*~Wl2=aUOdRBUX05uxB*|8Vjipw?WyMsU3;zT=E0xC>$oVmE;exX zmWI_0ktJNNI!)D5MbQr*k#^G- zjbXk$P=7KM7iG33bn|xpt`8dR7J*wb#1mY$_U!oBHsr?5o2V z^>syy*4%EL26^_GpR&*4j9$0go>hU81ghK{V=@kIGlUwOHNNi>q9dP4Cw)ajiJe0w zz;#BSz`0U8N~7A>=HL&Wsq|J&?e!gt)b1>fmqiG_pQ^1-yv>lNw43kKN}`%+4PnEY zHKovCBWI_VV~7gBn0qcPwbeS)Pg;aJxUVjDBssjM%FJ3G{Zb-aE5a48nJ#wX zb{0o`R`si!^yq}W63M;z$Lk9|q0dwlSKX%xWf*>mk(Y`rliyg4!bpVrm3PiB>xD%t zpBAqb^=eP@>ir!CfZpr7WlHF-0uZzbB@4EZx#!@dZJGG%&xu{EmT(>zF36(hu^p@R zFKzAaJi9B+(I3#tQeDk%%xKl)rrHYllJ$(P&iYaxyL->-q>Xl0juq|&o$RyRu8G7Q z4sYgPsjP=DbXS#O7VDKWYiEuF!5$pE4NN^+8S}+gV!4>1;NW0QAT!(SZ_=srOeTky zR)z{`jGgBKpVKOcX!~QmS`F`7R14wO@P$|re5Xap9oZZul%3MhV+tN=BPj)Y-AB;WZHu+;3B`G?>nmg*& z+U6#VZB#|>zZ<(&Fh3xWnaCir=xM{UaI~Mm1(7uvR|#HxX*GWTEU#wcoKNUl+QRa1 zFR(iviyBQ#v!+eTnXE!4T4kZ*LvLx5jDmy=9{n;YEX55+m@vTMhgltc33szk2RSV^ zwN|pFjC-4A=5`CE&E@8&+DcxoDvl#ulI1N17^q_?UbhPKYZc@P z>|j>pQ<7oJ4hauQda@trdrXo+?>GTRy)K!zER;kx6EB)N*q6qQ&h z?V6-VM=lmniMK8EI8Xj!c)XukI9T>5;)1RO>B}5F)GG0+M5&J>*GHj!seM#yb@Uc! z_@>*-R*}25xaYXSwJ{!?GoJXRW$Xn6M9lPO(sXA9d@n=3sT{FiI=!7Fc(*9E;a;v9@NUT znq|{)h_Ib%D0X6SlcAEzYJNK7wb(i$Icetj3%kBby!}xg(!r1m9=LXZcXadkBg?ttWs#^Qs8Fo3lf^G)%wk!Vxiq zb6MjlnCDNa#bOqirm1W$k4Z%-hh}4wv~%R#J#<# zWJlKS+OC+{*ix2mt zERSJVM*2{#GE7zeHaqy~RoL)zWj&6&Rk~4GrjIF+?Q@#<^Or_WAaa>jj z4VwK>vbNXVI1%5ifh$S0)03|xNYBQk4npQZ<{C7|+fF&UJgkh5Z0su|>Is{4=T)Zf zQ_nCY(^_fpFXl5b^Dyl+E0fR8jn#Z$r6wy}J9Z{Dw@ug4_)RN+MMO=_e&|VKOsJm& zTe{%m51|ZA7iuBxJ^SR;ui8rg-GNVv*jD>o#>7l7Yc6;)t?>$N625@5Gr6)e znh;X+{L3wOA4Ms<=%Fd&#EZhMMoktiYLC^!0wtJ6x8=X&Y$)e=v8ePC0XT_e%}i!{ z|31>!dGk5~)WW%K)#vj#A5;ejB?PkcRS(xX)mWU*I~VR>mKr+OIsL*N6Tc9C>ZnAo zyGg<9jU=ihVsvXpOM5L>hzqp?fvb4kp+cqj0lPy5f3AJ=7fse0$*IoimtI)MvcmlJ zRrWohOXIrgB_mPtfi25*^_2pJc|yMj&+!Bw2*KwKP1;ThhRjsaM9EW3Nv=w+`es*V ztgrkKo}70T^4GAw^JS^Hlcw&fGt8Vodv?WQA<{^_0!243v+mZPyr zdn|@(x>T~)@?~9(Nj{g!Sf;my8Q=4h6;40L7U?hhRea)Z-dyk$OZW70>%^?pTzV2# zGH=4jgqoDq^0$Irdo{zaktrt=!mNMcetJH&15$HIp~eGK1lg6Mrb4ID#^NuUcI`^* zSnh%s9#3!g^)1ypXxbL-m@JHl=aCw@0@DI~3G1FFE8o{|-A=yuO+i>Rf1ujL*r~{% z?zB50Y~Lu$=Whm3kfEyz1zYFxN|d4rL^qYF>X(( zrLvyp@5LXTaerpw)X`DG#lG~y6koVf$x5m?v7YMo<@%3${c^4(uRN(&B(ZCG#w%kH zCfKpph@W(Ie)`hnwy@zI&$|b8DOzl;eJDw<@?#3|Hh~`A&*>hqK;ag=H zv>dP4E*NOCu1&jJsIzNkJe=vBCSq1N(KWy;eV8C7Pszn!#v)?&iPR~RFUoz~fco#R zr%^~fO3mqIJ@}G6z_k5wl41VTOst~wAr{l3?c$Q0Yu6^6@mT3Gr$uV)@Ker$Tc_9d zY3E0x@^R!IDH(cm)KTkFHbgC5vgVXr1vYlv>hGpr*!l zTZ9UZHrCI`!c2C5{T{`_mhgdkc~(MW=-Pp`5vwGM!nFkxHHL@mj??F~o8y`x{jIM~ zGH9;!GQ7#rkYq1(O87!6n;X+Vvw6i@q93Z(r|n zTpjD#v%dVXc07jLm^R7kAlB&-OT}7zAu+eb;r^+@J|UVJF;81c&H2}5wkv&X45)U= zy<5fRFr7c;RG2PbMI?mWaP*oW10S|6re*6%b)}4^kKy*ZTWi{A=iN>$m>rJle%(7{ zCGY4JG`_oKEHRf~Vyvx}Y-XXsm6Yw^Vw-Mgi&ghb{#XCJ{?df8XouDHx8;fJixy=^ z#6;VjAm>3&^(cnA?4qk`lCJHXdUpepqx}!z!mo|BDVoa-{?FIf+G>jdDkhrt?~@(Z z>y4IL7?~DeU%EWDG(#jl>Cp zQ#oB&OP{c@{9H_+d0q&oCNtawpS_S^OxHahB|MojOb91S!mctyI}0@}-uc?P(s?{1 z?1~Npo;kf^A-07|jkGKEyDdkP!!W{y~+NB;?V0!996yh_EuCwQ|vRP%yMUr^Xq@MSa8fzU{)E*nsJ;AIy&;K!@j1qJ{QUROFTpFV*sdFu%QF*} z2WyitCEiy=3|ILKl`vFm0DC& z_N}?;{+uLaD%We2}xfZI6SZiBnCtsu$#C%1?_5g1H?JsEIj##$(Li=LX(N zFnzacu9gCqQ=7z$8g{=RdgUyUR}N*T_rE228H@3#I85DU>uL(Ls1fDK8*NS^GiXgT za{6JtayOVzP`r#=UW%zTw*9((XstTu_oo%+s8ge+!0D#+TKABR_hg> z_Hyixz^Oy!X*+UNbN||C(qxC)TG;Mk`Lz7?9c%|Do$-a81M&nyo`T5-M%BV2lQwZ{ zP77bOjDnM9o;+d5pMEaxR$EH_>m}!0TC|i^LwQPmOZWF}`B`3NQj;?{DSUyAZPf#| zt~gO=+a+Q*ehndrJS)x@W%m%3{!KM`PLtGX#}|p5`a5hB&S7IQbG&PHyv{uy!tTzv zxzLWs9}LF3EJBE#ru7#Y+?VFc?3uzC3NzSNKa@Rl2r;dlZmV@N_NRXQqKq)wT0q~u zwrKNA(Yd!TfqH*zN@1R#~%w zl7nG*-*tRu0{fs-Kim!4XC;^SbwP%G&D3@=H6;D&5$m3}IK#KS>$;S>13Ijc?}4BB zITpctvYE6da(bE9S*iHs?qR3?2=YjeYu&SzuGBW@Oa>DsEb5Eo-Sm{?(Ff^2<8M~(2@wuP!ww+3Se( z*0S3&VP4PAH}){I&4>Byo=rW%{!lW{qU&uG%#wpsX>oxcQsqr9B$+t<9yD>D!{Rup z?WXx<9NO96vy$qwI}>oZd9A0NT{Jr_s!~KaRs`3VM_7}X?=MQuDtl4!1eu;E5E zZxlV;@!Z-*LpEv0{QYV#`z9`%J3g?~cF7`)CR;SA-e5o=ED8Zr9;Z7|D(6fjt-q{HQ0b_aG{&kw;d_pCg!tyJ%3 z>RvCvPZG8T+V%}UWpnIX)tOmuW+(m%bTbNFthn{uL!f}yks!m~J|XOVWcTnJto*6= zDOFF+rzk%qeT2ZX-!k6@ud9;S>QF|_MCisB^eh)Wv0Wbk9O?4hmRdfKo_}pzugS}H z>Uy5=yh`ZG1(Dw_JM51QW!E}5-%hbL6Ip1wWts03-MY;g5pbB*5ycXR9*1TAvf+8j zoR@YhU$oZ6g6u~zX>L;Kq`R5ITCFH-a$O|?f_^MmRR=$CXjf6eB)u$)<@B=8H?i*3 zz50C}pF3SlQGx+HgIk#s*uzd7mUXkI9uKLZSl0wAgybVNHc+3)%8Q$O(mOQy-GE^1 z(7{#0thv6-TH@WSt5J&ED`5L=PCW^K-SIyro@>^tZ71!0Dry4};Y5RR5u*A@Tox|a zSFjQ(;C3hV(Zq%6AHw;fE5AuGdQKtry`>)N>-0$p9!Yb(W4R(CEnHgL?GAfga$2m2 zkQ`FRz&!E{YtzY)sM_q90^2@l&|i zqAgk?N7+CXYC8EOYy4e2yHL0u`(OD(qE*Ea<&R&1gthgfUQTxn2pTNOPCq%_)7GS@ zzI$N2#1Q-9j+y^vIvnmkN%$euCJ{wg>P&L3Hc+36{ce!Lz<>8wyA4k(ecocICIj$t zq0dYlR}I7y`Mg4JEUz%EIQ@cUGf>}mvw2F){$wq~4r_(7Oj`B6!~xOO;#oNMF!3U> zTty=jmuum)nNRX(8g(a|-bhjwd$=|_f8TCDvk%imERANtq$N&HzQGZ8E!))ETW1k^ zJ=9IUPo~zc>rRPC)<}=>21MEI&BMn#H7C+a(_eCsE z$vE8Q47WGIaf%o|GP0RC$*+gQ+_!y#1t^uep-xBq`Bx8fUzPf>mzg)` zPzL#yUQBk9nMM&X(-FCBDB_00=-zLias>T#pmJE86!VhHx*m zzcN&@TCpm-aDAm@mp(3pR4vW?u@6o{7~)p9fQv#x65Vi9e1vLH4c`r zk~5R}dcX9rjN9J+2;S*^EWMtNYj)S`8YyZk=V~Q~idTXCyVbepZGA+UX8`#y^v_0) z7uTMS^;1a`HhFM2*LsZK;AYZ0!n2)6)idHPCmKo@_D)azkPm#gx=eZ6a+s#v5#M$F z^W}a1K5Y<-!$}^0)4mNKU3YHe{?>~3E?n4A(QBhype~1*ees%6T;Z%y=kH}t^TOIV zmk=|7g3@~@=#Q!Xl$nrVGGGb~_mbAfadFIc;~Gb`!mbzCN_{KzuK4o@=g?b| zoXyg2jpH^mlT44wrE0yKZ!c6%FYa*De5fK}ecx|9!@Udh@%ky7r_^xg&su=~h@}+kE-^C(v#T#xb0RC>lfApF7;;9L z&3-uCMZk`uCtEt>HJx~67oO5!_xFi4JZ7Bky?6Ybq^XZf25E^dY@={#smphsdA|ZO zvg--$g4@3)9}Ck})k`a9owJ)8s%%dmdpH;Mro1MY`y6|Hrrd0nrO zYUoNTxoeFn6t$UD7qy*MIjRyB@4-wm;s31+H<>&2o<-C=tA)DHakrG7aE~LayFlTJ zoN@NRBkouC4iL<-i*1}s6Pa3(Fg0X88ffCXXLSB?DF2PxIN zeOzvpeRRjNj%?4`afRa8E$8d@rKL;#Y+5Y$##2WKxB9w>{XU8V<87($gw$^y)r|k} z*wKPxyCgP)(U9%CnT$96&`mz|G$p6=d*gAmR2>vEjWqGqAzbbfcjJ6zKN)Fkmpq*4 zkYUUkt1f)yKr8Rfn&GOQM%rb)om5wNXuMdClU2)TI6S~P&%Ryatt<4LNv@yAXB5kR z`%%4I!KZ!LW2`4BNi{*OdEq>vZx>-^bphYQmM!_3*^3>MXj`Sl_U86&;xD&fGRTfU zVPp&mf?2f}Shwfju4S0V$+BN5bY9i@`TN@}jN(Iqo~!xo=MSc8wF`PshnDB=mBiGZhs|u{KeV^rc7olIOv2M}|&{W%9TA(INJ7_V`yS zx`rCL);`)Y?sAcG^_6@h-UFDyoO4o#Am-f<^@3=(D{!jm!;c^VY9}NCwAt!nwFqW z6)(4(uj#;1E3Ge_s_qt{Ns1w=+1KA{{fsB1I(Yjq6V+&vO>4h-+)WnokTJHFAT13o z%rSfK<~T(YdOQEon+lUO$F>xguL@#k-}~K_70dpZw`-oJ?6u?Qr08h9F5!gp(ttl( zws)1e7-Lr8694FO(1nkeiWfydt}h%9Fgt!Ha4F{R`@#O)=wqh*#n|UwCplib>qr>J z|6td41{5K$X}_ccvB>oRuc^ji>cVr|lC&d!jGk~B|8**Hq13;&vy2^k$f>taXFf*x zn7_BD$@XIx*}^}jK02zwSAsEa9&MhTarGLQP4XWo=LtE`fAstk&YeB-T!~vlAr=$4 zPsdj}hknw7YuCJ?44v}h7&@s}0WKkoX2ayeII%s$jO2-gDQUbL#bYdK3A3+ z#yc`=>1;{dBQCvR%Gn=kHQscG<9wf{_cg{Ve##m7^Y5xcBxNVFxO`TYhO~}J7d|MX zn(d_!_)yGJ5I$fHhE`(G7xl6+$$5FUh**k66m??-q1CV3Fq zsj@duwrRgu<>bh+Ul@%tV#R2Gx*pw?Vy9A6F#Y5=P4an;Z<62IHQw&I$IU)6v#%xe z?aP;Pb#&!g$!rh$n8v!fs4?SAmuKrKPwOt8FrZcM(--;fl(x=wbp5tn8}_$LnV{+L zSA1~3+^}wsJ5gfiJWanCc8!GFnN;D4%Bdjo9P5!2wV3t1v2wvjHSZLqmM*+Mp?NrU zsOqhxL$@#GSZg+wws)BBRPL00+5rQB7W=A~`?zGu&*sylkwug4Z0^ndMzcaWFWFB) zQkBY}86VA(ebvwYGPlb_eSU6JV(@(MfaVjrIvG|P%H2JjOL2JZ*FUDG-|=#IGZB8W zUJ^G-x!3_NpWpjdkB@tTtLlyxiG8vG%<6rK5*lYsqjinW@3ps2WA78a|L{`^hV$mL z3uL<}=zZ%W_G^5izTDzs;(13<_b{!WDb~a?d$+>gh)Z7dhrd0Ypo~t1o27n^-%0g- zBjL2Xw=Ko$OJ4R6rB`#p)mG!t^$6BWGddl?5_WPNi$;dyODV)};=i+B(H+m(&&g<| z_(4RO`;JELqc+NLvqPYAGRewE;^^> z1Sh%B$_1WH2&n2Nu_rJumTNk!T3KoCT&E4{>Kn&!a&|9}5K?NZ#=qa&HD9Mdz!ep4 zzklIUxQpg92Kzu&#f{)!wZrXGz83y|{_<%2u1^>-ZttnPVS-1FThlL&zvtID@`hRX z`XTIe$FtfCIhG?kU#f)K7E6Q&Ibh=V3@2z6o+GO{Uq!z?-Bm7`#D2P5=5#puKqUpq zBjpU^t|N_6inqw>svVD!q(3ht1sogzYjS4-tOAN zVi*yta^%bBU1CHXKK1l>xsy2^4@_vz)>aCb;AvuArZf}UtqxG1V__KpczVNm|L+L# zsXUb>m7+2htPMjQ^I69%$LViUA0-W<6cuKMrl@gJ1iq>dQu04MnFXNSRXU$Z`@>6c zVZEizrfH#akMqTW;BXEaW2sj<+a-Tr0C6}iEZkySYq+@>dx#GE>~CI)8BL9UyeL>BS&wM&;ezduxMD`mwX;pxbdSxM#wbGQ-jNH!c z<(IHa11UvG+sPPTF$fIKs1a%FC>{oKo@H_{=+AkdhJvQ9`;0h7zP3ZlndIySp1H>28qj zj(v^y^Stlg`6dvW9ZBb5EzfPYdcQ!Qr~gv~_@Q}^Ub;NAB!cINbZRVYh%FUHajc)EKtRlw*8F)u zC5=?m8_ILL9yQwQY%-Ukb(psbzasXcgZM@=x&|B5w^h zH7>C%G6*;gf%}_UG5{lPFA01t6sNszUl57{pFaMnAkhpOd}#9-XsV!Sjt#704+^N@j+@yXuFm&J+*VA zbE76y84-~ngYZ8WX^FZELfaVZzksqDZXEN9YN}wYMRxy?@5Mr)8Md;Ol_+ymCKRwA_bBh8^$Tfq&u-+b$l)#)^xP)>Y!zbm>TVEFG-UD5em7+^|u+RKtDN zOtc;9oDb-@^R%3;@;><1>zq7~;(bFduSA;5V^Z>G0VW2kJsGTzaS4k=A`X6nC<-1m zwj&QW#VX5blRJM5pHTdZP-0T_fq(ebQ(*h9Sq$JO#e1W(dq~{R8E|-!J{Ye)LDis0 z^EF|^juJ0H@f379*cmn6i+m<%bEyR}5Di_m zP7b-m?LxAf60^68lIZOZDb(13N4;+-S=Nh&(E>PWRvB%Egqd2oF*&@7F{{$UAU?4a zKTi9?_7r-kR9X?xN!KDiHGBxbR4ZLs-F{v%$s(8M9!_qzJ;uvveEE_9-|t*v7-z_G zzApBa#muW|>Y-%8><#`T(iD%Xq8(?;M^xT8NZ-BUbv`fr$WqH9<8phOR&;nlfdiC} zxJcWm)nDa)T6Vl5p`goGtmYSY7Mn`x5csQj#syi(gtgYF(O?Z?)h>zC?$;gh*6Nv zEa{>e=grqUI-;UIy(Z_xt#D&Ukz?{Zcur)#RA|t6lcP9*8y!HEW=1M!V}MR zu_^D@tSV26<8(BWyt1Tu{esttKhg-srWiNSXVBL4ob+cnnIK)hR^i*>mJM%xQ)#g` zW<#2jRd$92xU!*|5?ds^1c&TdVCi2Q<%xgYU2@AheM3 zF&9s%8wS(8j78XkzWHP>bLb217+|zq>B|+M2#P6H$_}M$v(QnB7>s7WVW)qS5(8m3 zh$%De%h`0HFH7OKh})g3RSfiy9LAEKWGlDB{M7AEaKmyy;@;xDf7W ziKKWW|8aZFV?r_sVUoDFYDms3g%9}(S9IxOcha~=N7>2R9%(FA75 zFv{{wDavq^4?+KWJgo0(RGMy&6^VI08;&D6c8Sooq}{TrW$*qSoLyT~DlT@=N1i&v zdc~N(u`lxL>vjbto9?ax`p#pNm(t)$;TBLmqs0%8)*t(>ja4st)-Te5lQ&V+Iz=Jn z@FsR~9sJ&O-(=zKhj4i)6!KfjaRCcWQw-~@MGI-DO9axF3cJtsi^3ib_ABAja!>m- zBG%rz*zWcB=KE)BC}QqEibwN&Cq$U%^8379KPyx1r${R4u~)o<7Km4S?Swa3@rIgI zaxzhmr`|A_D#U9xEi=f5kw$)*ch6}QMB*|M#YDwivJhe7P`z5BMCIKjOS-Cgw&ig) zt~FYz>%6{+^$@(7;;wAB*0X;kaD8&Yd;5GTVfjJMYCMj=X{-iP zAl#IhKt6qh2PR-7!|nG#@({z29(F7q?(-)+V?>UQ6j07|cBi>N|B!OWwlL|y{FTb9 zg+{=XSu{>C{5y0SRYQy&=pBl9j)e{Ezj~+bzk0{9vmFz{p@uruT0HPgScYYoxp+6G zP?v{!@e6G3Ll;8b{Wvy2j+~MdbFdDUNvwBOJ+Zqyi#WJEP`CbEa;9M>1yerXURKM> z1Smq@JE6xOGPqR%3UM)NSqhATJ#wQTr_5?JWyP@CDltg7ZM70$?7daWV+wr%CtZ~?5bw2^I`gp$6s}F&6U|8>U+WB zAkjo|it6LggM}=La#<#7knU6F9U>pO((5TCIzkI9K76QP&bUQ z>^pj-_&slHEVY}JJMYT;2>(hdxDSy@g7s{X-5NpI&~?$l?iJC^>z=)(Jz1xRyNi5} zSNiS@+AxI6Ez0V4Kh#wX%%*i_%^qMcz7^qb|H!rQ_7D-uv{W6Y&2-t-KI!wn!e=ET z5RXo-E-}i_BgAgG4VjqhV*ztD%RRYyllr{24$Xp$hz_jQ{%+k-tVy5d$wll1frJ9z z8=vr{E!DujMJ)ckpF{to+wE@j$Fnaq(k?YFqQfHRlw!MgQ3X>itGAs%!nj4}W=GL0nZKV! zEhU@?7NckFcO>g%8oM-`4CZ1IvMvb6J;TIGIE8XR68}EGO5-N0RA;tw@&V#0v z^aw5#*JeUiy);Yo7_lbgnkSwEhm<*n#VLKdXo+ZTo?sGcv{!IgJN6v+@+7DrT z8Zw_tUv>mxz2CX^gkMn+eL@kl!*-|b88}4B5wk_GUv{8|c9e?H^TSYHATT50o=URJ z5$!+HJdPxXkn!1wt>9fNq%JgOef;&J2&cWvA^PX9Oy#|q?L!h|i^o@=;=bw>Ix~{4 zoHx|UP88}hFU0{>uaFL2oSxSO$cpU_KmQ~M2kVA zTmNg`MV1fUA)2B9?$!DDD<$LFeKXnFZ4NgGo=tUxQ0{l&x})$VhYw(1Y%myR;99x& z)RT==fU#vK=9_E5l8m4v78(aZFRMPBz(9P|ZrP9Jj|9V@>MJ!uQpxzv%xS$5>ec*{cT6H}_JiwCoSm zJ5!pyP3-AJwqQR^uMZ`l!(_74Vwcpu_PrCKKnUXld_EBt5ypyg| zGBgG{HTbjbKh6uK9Axu_oL}hL_p4keaA>Zf07gS5om7 z1O*vKZpnX@M?Z3OXc)s^Q6E)ctNXmsrA&c1uNgKq` zAX%E~_B|lSr6KA(wBI2hq_4D?Jg(or!W%wm!Wr@k{m2*p^qq<%4*XNpOCf4!+@8-` zn`1dl?$7thleLxqO5~01Cii%yqJHU)^7kf6OBa>2gINQwYC!h+`OeGi((d!tr;r|+ z%cF+};%E0o^@isovNu`Q&7Pd5$0m$A$Kw1Tv3_MWp#&TrmPB4_)vD)cw~&cK-QvNY zqnYy5!G!FpFndD9Hb?8GtGEy%{!vLWELgYB1b8lEV90|GOfl^2pn`VF_xO1I!1|Ik z4YrkilMs<0rk>^@tKS@g9jCtVf(mhYgIW+}D-zt-9}x-|KSP$eQ@EUqEN9Q78p=M@ zA9u?LO-4}qj`O)F1dgL+2WJLS1dkU{30S~%A z2j>3Av1t*l!Aqn`Z-{BvCWJ0h%N|bM~ zX39mjaoV&zn(R2FT`+%sk+);mXu6}>TFIB)mnz!4I5`#Xl~QEo-?ua7p^2K%jwPs) zd$VhA&Q72g@`F0<;;1`SPGYg?cza);+y`HCXbT$);~~mo@;(+^r#_3~X1WsA`PEaz z#%%BF?!{tiF%bn3k}bn-m#LVZp|pP4){bAsajVen00_*Xa~W!XU4a`R{duygu;H-n z#4}#T+Q4h*5=4E}{qd}h^G_pBXTLPhTU)YC8d5DigG&Vzl*3yF)1mMNv-B`8gM!Ux z5~(EzHJ*1*bjqCyTVRM17>B3@y47J8#UolQ%==gu3#mFy)a?s))fh&y%hT9}FQJdX z!mUJ}UO<*cCr3vbwfQ~*GEhoH!Sz8P#CsX`#E9>r{6^v{TJNRphjA(H{?|*)2Z>+8 zo_uKTwUlSGh%wV>hJS;kC30R1+gAem(2NX}P76`!?6O>?b7_lCc%U zvnEDtDX^3Hzb?!QHH`V09m)zzr&ejy!CPKUO?oWf<_1jf-5P4yFq9cYBigm!k{pAs z-+4a&up>lf@&9cD=^2WP}Q9FGtF8;+r@rmaE>%LkW* zAc$@YSH<&Y^+p!1n}lCeQ)fQtHY${v4HYFbj{_Vap}EfeCIW`VV~{ve7@KCE_QT@C z*C?zhL0-I>wLL>0m#k}y7YbL$>l)-9_}^NnCTaoU#RREUR;E92E4)lXYGcxb(Ss2Z zn6yK(n#ah*78I-DLU#kiF#LR$j77HWlSpFR5K-e>)q+k4rKnhZ(L4=XQTFKhOXi#N zJ-l5-44_u>-sb*b^B$T@h27=ehJ)JU!`d->b5D0FlxeowTFc#V-*W}-q2RqE1bXdl zo%-<5_DFelP=NHHPuJ`3LFxKm&meAu!xNlAMMYn2g^^EBC%4CJvOsbaC~1|+)c)Eq{54g z)f(;w1&_}r4f7wL;?XP11)T3?8MS9-ntwz%Lm_QnIsQ~@XP(j4NRig8((3cGmCoNQ zrTBG%QF}oDq+#k?V-Fb)%=<`fir3#s)&ctB<3{)9du9|y4Pid2=TgfpSmaa>*6?m5 z>iO8-Z}^5ulKO>~ef+hO_i^s>=y*`j-L(5WULWSGu9X!;Knu6MdGn{9aCy2AA#I*F z-4yN4Tm|)~BPQBBdrn6?bOYw-thc!VCLpTYelWBTD2eoq>U)?Zr!JiY3^9Pg%PkclTTuM_MwuTMN-xe2nHrXuu;JUxWt3i<# z8?wQ6;6=$O{dq)u4L>@dl%p6Nw~B$duW!CVE0m`tN{t~#O+X$HJ7M_TmZonQ zQ26kEI>b(RY1ANeeAuqQ;@KOOg$r4f9i5Bl5M@|Qx|a!@a}BP|*bfJXJ#GBW>5_Qu z&3=9CBj+N$+KSpIsJnwn{Q0DWP=a|RteVAvs`kY~l&xjAZ@MNmtiB;6iEC>jjx!Fi zyFJ2(JhTheB3%54%A3^s3rF0%YW<#MR}AY{JwaaN=laWDHpgS~-l2X-KTD=dvXQc5 z5QM=*n{fBmTBY9~e`$=8-Nu0}Md6EumyTj$2eDdCXt-=Hgh>gN=JPVP?|^a}AL?2t zkDNOL=Igk~cUz2I$_j{?3`_2R#>^P}moZVBvYUg+>b=#Cdl?{0T?2iSAm62M9^lH? z9yHyIWu9#cX4`jVT9_^CG(}-~JsZJ1q`DkQeef4WXk<;~Ma2yQ_U(b)?v(A-ZuyYO ztRlO7Hzrx8K_lT~wqY+%Ek~<4vE%b;Mkn$U4E}81UY6Gw;aV&W%s?x$yoNqVM@tNiLW%G_hN`{ zcQvZp@Cq=*8l7u*#6 z!-*KdW2TBaXcPB%WM|g8S-&fUIDa>zH<~{8LBxGOX&{CBH@9b#RLC6iX+g&>k-N{~ zc>bXaa(LEb4kH<8#L%Wc(MiX+fFl(Mn9vBMyCC|q5%&wZ%;XbtpXPH^B|ndsWkGND zs{1sFMJ#jP7PtsARPPxt3q>*2VceH4s8m4=%2POJoG7>3s6D~e)oCV3>2f%tCu z3cjNvQbA9>PHTt=RGXYlL!m2-EaQ7dbPYZ#ZCtT77uW7jiqC=T3x( z?l3x@`S%d)zPi*VDJ}GUf*I2nn~J_j)%jfw<6lv|1TNgcWbKd?{n|6T1FRbG6&T=6 zX>JaBFauvVUOt+R38xW!5s`z=YyAs8FjPAnVq?`Utd&ph7lB$nmEpqY+Ih=?pB!WU z#wA$|FtV1@#*DxB6h}FaxoSnjtr^^ z*4GvG;W7;i@a0s~bQlhm2PD~I;j=PH24Eh!$Wyiq*S*%QtVT(+yDBsNd9GhEp&~*L z{a-xYmg49>TEu28Gi-wzQ{%-VlCh&mHQM z7evUo!(1mLC#Hl5iQ%GGQkdjI4B0lGj%(il`lqq}ReI!e@pw|@vhK*9KHOoG5(&Z( zu}ckXy3KH$tmU?t=(|OJX0rDkn4-EozvaJtv{-JNuQ$|i)!iIQWX9&5taOL_##i|y z7+=|+TGCxUr+Rwfb9EvlHTg>*)8Ye2BzM_?UNO>y*ey|cngc^QicMd@b!V^IwBuVO zlOc!Q{OoAd=IsT~|y zLr56XHj$pA8bS&VRXdPR9bz>-97V0G1Yb3sFN!ql4 z*M49HRzI_#vqCO#6P5nRuI<-zulh1Tf^@|0*8Ahvr#DjwNxjT^R~Xa$+!bON zmT^z*t(h^=C|EAro((C2Trz5TIA6=U_WXc*J!bbc#nf=X%isSYe#VU+<4yvlg5)EG zOv3xcK_im!H<^M9r3z{n<(HLAd7q9ay-24_8c}|iB1N*>#w2~0%SQcitnmOfObB|v z>>Sd`TD@RQmA1)<{)uNZ!Vl}@Nngp7A6F2Fb9wS2mN3J}heUL>_P@-E*4 zp~VzI)Eg0@2UtNRZ~w67052~BMAT)DnQDJ7uUM!9*|`|h4{HQ~y}cI2`(C=<*Opq45To9~>S- z5r_CY>=WkYJ~S9uu`GX%th_qJ`R!=<+n05b}Waig-Ms-35Nf+8uO&e?Yk0 z#~RamA5&WFU_HM28E*9pdF@IxcNv=QtZh)m|w^ zlQqGOB=&Q1HW-vg+v9n;+~k3R!36Ftr`%qTSa?1^bq$W_0J= zY0xYhm9m3ZMaMkI9BDeW&vlALiKH|eMT3ZK@HfDsK+6r#tMu1lm{ z1uX~|@~WzUdpoQq6EujFkEUlPpDr=VAQg6EN$?^s+5t*(Da7;W$C||a!g+#dGbV}~ zyJ4xsl`;iKjyu1@R>bKRF?}?hvWh1Q1Dq$B%^Ar+o-EQUm3UWS$!OXaljUWQ`P?mW zO!2Ri8inYuc6_@9@*$1$5w4-P+?C-W+#(5HDOijA$y{{$g3nIcwT=;{91okpELyaJ z3%e%)?^E>M`Nb}Ikfnmhhh<+}ylG)V1?d#7P|?P|8u}L_9yN&j2IQ z<`wSnN%a9y0ajY0rh|Jm&m2?=q4Drnz^5)S>w$mvr3Kg%K@s|bS2b{QDdW-6@2}4` z@=+`8HTTmE4e^$G6Sge%*NT#^&~rs@FhX&i5x z6V)7|m-kx&K5H3cgjj;_m&C6AWT%?$Cr$T#`9~DyZ8=}20|4LWigO?IEIXTDpca){ z*V=Eg5#;;1WM7JS2&II&fuKaE^cNI$OMDG_p2Q!;Wrmr1=_1XjeQ1y%U{$x)o2*Nx zL{watMVR3_F^z|75R)xxk2bTRl618j zq*6x?4y6G!rQ_F+rwdkw6)vR(?<(J+#*+MSlX>Ilg0L9&`a6%~6(z+2z8>Pe6e-~| zoRXk_@5dU$_~RSLeXbGIE1!V{mJaD(30zt{UuI}Pgc$*7Dx~Mb!8T3QhUc37nuRnL z6PDzNZeW0+vu$)!6&qq2`DE}flBBlKjQJrA4{OIzY>4Zx?J$4$Q|w%&mT8m=IAL9&FLrG6lT_aDrKgFNo2r0cdMik@EW z-qHVyI*4{Nos0Q?=hhpqE9f-11QxujZHrAL*}FP`Jw*3L)8$R6UDB+=9D@?95%#%` zgCt4aZ~X$Jn6;F%2>dud4rpKf*-Qn9vp8bv-g3LYLT8YC-Fr<3){t{mkUnRs4RLE; zGHf89Qlvbkw?f%UUwV)&zZ4|u^5;Y34WSw6>Nd;{Bg^uZZ~FvVYRi z7sM*;O?>H5TlIvi@6#N2G)D_QtDi;hKS7?Uwppf15c(X2&u*YJ|7@A$+a?n3aC>E? z`D7#jgX)nc97<)e84zCs6gqPE`R)0VFD()xY7>gone7q<|K+sVHZ{o)M43_riaM+F zCblR{+qx-#0ne^mtI49m&s2Nhr3CguGoKK$L~vxt%GcVh>mB|9Q|gN6-P4}&=7;Cs zxQ&z!7*$#%O|U1u#v;d__QrlxN~OcjHVI@w)I^~vW0lVnjziQ|$Af?^tU4bDzpo#a zT88kFYEX6r`NgeKTOhh=E)ZXcQOpHMp26;GnYzQs2#E-7Fi)Nj-+%!i%OfDHw~2i& z^#;5h@-hWH+%DpPBUk6?gD}cf6#qBX2~y{^4_?>ze0FQ!Eayr@mX=l14k)dK z+)lR`VTO%NaH8|J!u=v&Va~Yy+Odzal>rQB-p);T`+~Gcf0&8J`&^D@4yl(+M2^44 z6-7kiw7l>fJ2MaY=^-UjNB%OCkN4{yb%ha_@p^&2dm9B=oh3zGBKN3BLf=|k{D3Qd z`sETxPFGS()%NLrVWYf-0>wJC!20Fg61z^j_zVe(B7~2I;E;9c*Yd{3AuVXcOL6-1 zJ*EH!u}TJx$3zjd(gnOXD1AyEp`2V#BdAyAgHaqx3O}yF(EpWfFN4P96GYmqS(*Ml z3J+dVWhu;L3d4GLnmRBr13x%=z+OJXEvdEz0V*L*=?K3{5KqyQ9Tr9$h&!cZ? zd%U#~Fds;GKBY-1g_gk{Jmt4$-_Sl{(66hw=CTZt?T?KHVaavU)=~)gD~6ykLg`5U zyHwq*H-<4U<&PD@7AW7&Gcf2!aP8XB5B>_X_rzehx%SJ zt6|mK*P6h^Nve0+no_0B6mOyT^NeHDNwTz~zT6mUzE_|-^m_Jdm&@=bj&HG5C+^1J z$I;7G-YG7y2uuscgE#!w*aEDRg5`60Enr0}BM9r3%3hNEdtM7Y_VkIxKO9RG{ibH<19F2@Uy|z038G9GIH~?7!3qr>LXsi&^Zs%U*xz2UJFeg zH)95A_08GE%Fxph&p)%pspzCH#Zuhz6fOxrOyu}L*&nX+k3IZC!-PN5WHf`>A-1rH z1d7eZ(Ei78GyiqnroyQi7#CUgCmEYaUuh5E9%xUq>o$A(g6&u;Rn50iuRcx5`C}3n zobPspLfBzADx>eQf>F^x@ypwZpMUFSQLkKPLv1)WF*}Ua35{mCJ(hVEbJO z+Sb*q^H^vg%H+E)w*qP~c$fKlkzX;m-r`*Bs5vzcx`6Fm_sH-x@phFMa_#UEDi?s0596p(PzGnxfocilA7Nb{MMO6M8&y_VO&U~L%~Qd> zUkzk?8A7??=V#k=udp1glrS!$!=d4vKm+0jL-Cd7SY$>8tC4PVN+-;Eqof13h}}=> z8oUIw3Jq8R9QXD%kgFPA$|`0zG}l(2?p^}sR%E!>ql+Em56y%BgevzCuI>D4GoZNE z%8+r4vPdfe*!gz<<1{}M^UB^_jnqZ#hbu{%Z^1=CE=Yd($q zST-QnF^u{9X?kQ!hh#y>^vNXZduTrZ|c$L2kNjvS$tW&0C|27~aQO>u|-J<$$zhljU&h18a zr@)@?H=s_#7KN%P*E`Tl+u0rjS(EA6cW!cH&!*dP+h`mM?tjya zA9*K-k={~0ZpO6522>rvmMSHTXJuSfV*JDLIjdN5*TRzD(JGDY*eBZkJD0C$+pdDn z`)@b7GjQ=}i?rBdE!Zt43buKf>z;Sj%OeQWm&jdSzyBIe1uTqZ!3gOR+H_lKN6~GL zq)OjH=6`OWWaz8XUymNZ3NX2q9-7FSe63;yAfq+ZLQECoFQIb)lgh@lnXUN3`Z|%v zR^QCBX9@cfM2Ze~Wa1a_)?HwvVvHOv_Sk%y*rVP*zs>XlM{N#j?H3iwH+~7@=27sO zwsizD^*WRq%S*U3JO&;TyobiBhSD&}N{xpH${)_Apu$0ZK?W)tf#Gi=YHCu{0L-f8 z`0?q(C$s#C!g2BH`YD5)XH{PyRD0OjzMvlx&_qSq4vf^XDfrHjj2m#O5%)S#JV#wd z%OG0YWV`(2&mZ-VF^ji2YWqo*H-pBQN*Mr0yk4(3uo$pqnF`CP3~}+2_|4i7lfaJhVTCzzg3u$ z+P4aWAIit*L_t*^NCt2j>bUeJ23&9kRdpIaNh&#fq(D#5FfJnwZC*YoamFMQC_q}V zm9s9G1+lVSV5M6#Ry@05+}^CS9N-p(UC?@)BfT(z$_+UENKP6Y>-xD)T%1Lt>E*xCh0WVUmsp>AFZ|)Wdy}T-~bCH z>=9mX_q_NK`sk{McV&$lXMa-q;I^kEpz-U`OUa|V2Vm#-gSIjK()YZfx9Xd&V7|3^ zy(Aq>*xwhM52Qnc*bQiWZ?o)$3GTm4-d&0VuNu9;Kx*;uWr|Rfr*d89op5@Qc&{>S zDEMFWivqm$0T>AiJNTDIfPB&o!e`s%U<_ST41UfQfryOu59n+?Ig}f!F#z!hR=#kF z4GQp`tNl{ZZiTle3Nvs?YCs}b*AE(3V+%&0!Zh{zd4*=P6073~Fp56?_Do z2Q3+QJ2Mun;|LHMfl>cv#qCV9$@Q=u<*g5JJ{8|*ovEhVVy|9?Kr@iI^s^$Cr0w`>lKMVwTrNrKG((H?4s~s5F zB2uD$TbXzG{rb3z#5yO9;*#HTx=b3dH9KyxA>6JYW&2y$g)LTDB`PKJ%&%uZD)K#$ zD165qy@w}(w6fM4UH0LopXsnSzPY*B53A`K@@bKS2qJbY?SO;A3z-%d3x~!C-G94r zWUMzdYdAZMmb}`|FOGFt09}Rsci1mpSu(8m#YM*(c>%u7R8r2PjSfGWJ+d+K9yVjj&yNu&`!mCH`{@8@u`WC?| zt3}E8560`mXZpYMI)`6QKEG-z1ojqN?+0#E;&0LDI z`$ya)$2Iu59oSouH;1{;(NbF8S4La+Unl)2GB{G$L?7(X= z^LCnO-xQ?#oS%>JW2=|1HdE~HGV{ALcXYjij>s@^PO?+o6gmYcMG+k;RR&W<*+Uaw zX zJy*{**MnCLdjM#{2D*7~S6uzCX=l#C6Vdli>1w7-==Nxur^neSC=$in-Ch#1l{Ucc zuVhm^_Fa1;sRIBBm=^VYZ7^AvY>lesK3w!Z!oXHo!?-;B{2(5L-}x<9pd?&ZS6nad z-D%brlk0e}W*&Cz(zv?Dn?KVUJFONh=Qc96b;B^ikBZPN2h{ zWd7UZE1G=vVDj5xl%(thmk;4}n5_>V*FlCB8&~))Uu1P!r|N>+jg|BSmWZ~* zeXY|k4UK)hT0}aoGJ%B#5mY#bh%wLxR}Q0_)FFG9M|k*?j=RI+WJswZ_A+#DQhqF` zf9rU`G!Cj0hmp<{*qHAkgfJ~EMt(?-?`(o0qnWq?tO0x@w<;5g|K`BeKK%BoI~DW- z++CMD-4t$}hg%SO4UDMYqqIqd3*DCdgSxe>3tUa7ZQU&Q>LT;KhrQ~>wO`c>QODu2 z@rcO#s%P6!tXkd{6s32i&|2_qGwaO0;4v>ia*bU2#Q?;w|6{Vt?Uwt;$A4OVx81V= zXC0SJ@}qSBh+$8?)=AyqV zG%<5b600{yHL&ROR++_q{Tl)2?HtUCYS0aSZzXHIYnEELQ}=w4u(aMZBDiERy&!p? z1X`yv6;}C|d!2-aDmPDAN&_D4QJ-+gTirOWWyGvgFIn%BobSwPjs8^J;ovx6RT0}` z4JG1N6S>)qn8|O1vkReR4u3esB}k}MU%7nTsj@PEb8=55y|!Cx&-rD}#WCW;H<<#1 zavAWGBsshEq`NIooG^YsQ|s<9ttcO#@4V^( zN;2Lj`XG3uHJGhbG^^|eAke-2ox#yjxBj4WY4vuQbQ7Q!Bg1Vx;dquv8 z)j522B-`~lClkmq$emnS@zZFTQY`_U^%oP{PYcz-`E@6Nl;L^QiKQuF55hf-x+Tg`^52 zsdl~}Xsa=PXcP3R4dh$Tp03`Q0&LOzAz!UCC{JIvx{=2HV*gC;eSifxUYE&{Zf=2K zg43gDTUmBNa0B-*V%5cx#P>OBCd0?$WK3Oy#&DrQ{@##;ml5Z%Gx&L)hakRT@05cT zF|$)#so7J}H&Z5nF^;-efW6tf5(YrN0`x`BCEhRzuTw#0J!A5%+m#kSbgcw>+?(y= zMR)n$g}#8xJq(a^ok0YEIyCPKc;>VUB15Lda4^8;ov`2^QX_uyHcA$7TuYClrIqwQ z^`UX)%dQ7_ttlv9vZVtOZR2198_1;uN^#f|dzkh9v2wFi=Us%WIixlXk!cT&9uPs7+T$lg5!mogMJ_ak?*~JXTMhW zM91#g8R1e+UT*3B;ZkaR441T^T0~#mbpHL7`IyQ~wMF*!+4=z_#LEECmiZ!H6PoG< zWK4jz%+MwrrUqBhnE(FMRS-d$)1JV3s+ZqO=Q-Pe9RgWP;`6p8_maEyc%k#Nfy-QY zPYwhL@}&G~M?SItB+H>}{pk?;T9){+PHi`(^C|=wzf(4dHO608fU5uKp*{@NG9AFkN=`y50+NQm+t;Qn##Um z>)@Bm)Te8(Zlg^Mif=hrpuKOlaD9Y}yBVfhz0h()#IS*r**DRSP3=(45oC zg86x|6X#!U;f~n2JGJ$%|MAMRO=`Nhax7p_rIzCgFSUbu4f4Hz)*l1;hDOkCND% zi<`yxhwonsEHjZ$m*Sra<{U@AVKNj-qHQ&M{1AL6nT(5xAiSn(HCz(8_A60q#qIp< zy${$Lt?Ie_c{I}&)M%>W?@0uxH(fFQePUfj%2ptS^@Ehv!*GNQEKG?2M`S;or?h)` zo2M*i#QarS>zCBf z=+%Zy^YJ{jt6uuIbJ)i{RtpW%oiWPaUyVqzi)#Tmrn<$&Y-ttlsl`T<@Keq`Yr0D3 z^@iqm@jd{y(L#Q*Ehik&EjQX3dNzXwk$x-oCY}N6m}wM?t00Ai=*DpQFv8Z=T5_a^ zR0?J+VKBU9WiAA>Gqumxi+yUr#%Z_4CeG8y{|Sm{(*%bo0hx^I*=PoCmL}G-b<$S; z6xyD^t17cz3}BkV39G8K7*~@|#3-d2%LPgbBYv4$rpNm+5 z2x}@C>Ie;=KG@8d&lJ?o48tq$ZamL-0cmb@Jq3^l_`0)p&e#8{CB81Kq1GQS9k*Y> zcU0J|$h69gacSh|nTX46c^ONKVNFVYvxRq(K!Q*Qk*9pg{_}Mz<#@i<33FP&PN`8P z2oKbX7lKD?)#)c|$V8x0br)O9_M|%#xzxh$*Z0CKcoeak#$UyLAgI>B_kxM$E`wIN zO^iMWlW;jYKXOkPev9eq?p6emieCF0ksx%4>r=#pMr$zl)_l1MBjW^1GE6@aS#bH` zeQ7+?q|JOJZa^LJyKw2nnut+N0CDzmx=vHB9O%K!sP4|51T{c^CHssOYOuZde!T@vo=cUNFe= z(pWA~Qj+h+RRNELXfi(RI?!5oaV9+Xo!m97ptGfttaCe^Doq0) zx0tEyHYVgPF{!ZU`sU*V!fv;_%T@N&fCis^+>glz+;o1L$frG z7|wH?+b0oAKS8%=Td1p`;`6NXUTvXX>0GfFc}FOP+*1g;q|#iYNYXUC{13PZACvIX zl}Yc!<;0RtBgXKhB*&rRtqVqAP>X3s8?+7qR2^1xGkjMcv_lSUD>5bKpnu&E7Ml-y zC_H!ONL@NWTx1=fzu+gpsM#8_Au~;ZWGO!gAXT#HS1FYke)aL-->q&HO_vJX@l0uo zDkVOT9wd$~0_D=_O7m&8tNQn%SQhPIT}2^uX6}yNqYw`;5Fzd*`%9MD0EJdym}qRi zpMa17D#5eB_E4Qw?^0yl*DT3`xY_rDkkz2T2Zlj1zGVT7irGF-V%*Waxk|;EDyxk1!w^Jwbb0b87%v#WfOhVZj7cWK0GODzIM916wAvH4vz4T5@&ZUmS?Gtj~&= zzx^R}zLmiVpn_N%d^2M}Zof2=v7HD|i!2gX~Vu1CQqvX6C+xz|B;9|?r zEaee*)+GwpDC3n+1h4UGSE${_fKL3pMuQ8-pM}E20KTYVVH21LiTC-v!wDHMg|yF6 z9z6crTVMc}MS%ZB!^PLe#c!Y^>wcMrTozDp`HV%cMy~Un)k4L{n6(wy2!wV%kKGT> zTmx@*jP~N@b8E=8YJKbb1)KH6=XdoG4)R-HqIm=$rSV{Tol> zS1xjZrKljh8avq>Vh0;oPFy&a+lMnha{+uUB!oz0V3n7dX97GVS;?se^t^a4z#%F^ z%mekqXH=8=seE+mE;XwO!mNdrO#%MohC9uIOAxGN{7x6wWXt#ZbZQm_%j?KWhQP4Cj+c&&F&p@vvN)aE66Bngt& zCG$T*myfYY{6`hCEse-?A-SV+y;|Y^*oY+T=T_rpW#28BIR zeUF-Er)f1zNkME*i-YgUTpUPnO_EHf)F+GXz+%!3+q5=h^#t_V0b(eeZvM|M*ma9xp)Tg~8P?vd_TIp`CZ;&sDzvy*d7rmDju|$FO zOuV#X9?^J;PfgTYvdfOM#?$O;;ms#xKCMnul{L?5$)MgvG`S5=6=;|~C9RQrtu@Kh z(AT@9skW7^LL$TI+u5}zA~Y>_?47i0e=r1A0&bpIb)05>M%biyM6y)Bf{LN4Xy4vd zn#F_4qnh!h#HAUuya*cp^dVjE)f){jo!m&})*#9}+L0TzH|_!Tv0Zzp_aluAEr33i z%GG}qY3wmPMYKNXVgSuY!8fLTUA~gjzQN6&xhP|Pa|{}4Th2gi;S1{G`X;B6p_8V321~%Qukb{w+H$R^e2C>6ydWyBM#EL&3+va|qmbq)~N^UhTYa7!<2+=A)R+4bUobTanaalfj#H9$VQl=te%wTj;t|Q7M@$$S zcd+du%>eMp)01&Z=;Ilc@-)vux%xt~Ganu-`!kRdxXmcqcXOOnhwhloICdv>JiNJZ z-CW}72Rxf-K|39fB83frLIqat2IFnSAGBYF57_RZV9j7qTCFVuDUX>W*0&%^`) zr{%;8dj>aDe5nsoJ54p~$ENC?9c#-{yI|uBZzQNmym)PMot8JKF+Wbjt-CSxHdit*Sl+i)Hp?}braC*e{b}Z}b0Ydq`z~Ji7-S*WgMH>H^hi;I2Tre-UAejC zZCHHsTJ{a6@g8N{(v{b#P)`5(v+X2ZOWftv7=)}(Ua8DuAWh*S+4KDH`6%dMWdI>< zd#%w+Dr>00rK;1t_YN?tN4|$Kwww~%RChc*BZ@v!q~ZQEF;2@N^t^2^BQB@AuaG0@ z{=N81`_T=sN&f-oir(I)gWKCgO^+Vu>eM6Sd1XfA!ihh)$&4#{ACv5PM@1IrwHV0; zj#8dYw;;GxL8IW3L8fn_X<6@=2I!~vZQnNv^-iU=Tf$3h9z*)l@t2#oMa`|+GqBRX zNwCeLI%n?UN6kP=#f8v}Qf4eUyP!cFnfo5f7p+2w_@=&S`cP`QU=x`@5t;y1QfQn% z(V(0c1i#y^Jkf!+mH}MT{A4QSie^yshq_W5zW0<;dQS?HE|#<1>}B@j6aFM29;K*? zZ>q-?1^$8{^`hP`YI!{)+$OLaGb<(}tlCZBUC}UHAgtQRI+F+cNIR7KR6?CsPNP;= z{hdk_x_e2#M96ZN;$>F`L!rw_ex<_JI&W0IP4LRxfyx;u3q1XRc%)qgZ`Jv>Cl08_YN zpk_Joa^xKwsy$pVJxMaa877dqQ{JKw@^)Q(SfinLFJVvg6i_OI-w2l(IH*ktcXzxC z!6%%!;z@~q!{teRDjfg$A%is!JRp;r_TZ@tft*{XQ5$K5gaULU#6gk*Tx7x#fIDEc zMr$wZ4;Spu@cpVeUaIpBE)QU-uVP!&emx;O7~Xb@1M^vCL!;Sgnf)eZTq>KBYb<)Y zq#U5}^+O|0Auh5T=)I>p(9nRhM6mX|0`XQ^d#+gn1#yw3?Zbe=0-~D&dK5SX_=J+| zvUcg(luT8)(1HK7cjbLw)RMM*Ng)NZ`&LKNW4$+eC%#{)9R9Tj8%N;W^E-!OdN_=? z>Z4jGbUyBhmt(Y5F^przv|TSPPf!RowBbIFP)guJKSx<(sIlZh0d>HIJ(qZUwaOeX z_dKLdbJ3TtB1O#3r!- zh#jP^-+_%cV6;s@HekG3~ZoCq05L; zE6@D>g`lc|@mW*97!U~;S)X!wl_#To*yVlj4?I?dg_M5|+)y4lkIQJO(6$EQJ!=>cQi<@@tv z+~_60c49l?Wwox8N=@`eKk}6WA7FO9GFB|&En47P*aB-s{g|MKXDq59p2#NDTBgG@ z@3Nqk4*oHGa?M`glu>`STK9BA|u~i)0@kkC0E%8@WxXm88J#7zZ%AC$^wu_6A7*VSsqGoK& z88~Vdwf#KIs%hbXW-EWvv`Tp_EEx#ChRB*rNbsG+CYw@sYw;mG!vm|FYaZiNjv zMTb%IEytG|up!tlE7caG3v9&UUp&H>Rw0*r&5n3 zmvWoov9TB4H;b>Wm!BrbN5@7yk>?16aD#ocn%a&sKki z^(gojGz*O)E7$%Ul&_~ngT49o@}nsYe%ND)CbUgWf5ms@G(go2w-OsR8PKNx2k?ox z{0$wG$RR}PrvR!Noai4KvrYJ5?*-p^7)S?l_kZ%;_5!ep%l%?T%d6OeIP5{k-GA3l zz+?O1RdN;25I1dac<_%iVQ9Pm!taEju0t;6nf#hEw#TGM#C$gYU}s5^E}>V9DbC*l zK!<@WS}y(=C0~XA^4O&%qS1fG1hF2}J zN#?!8UWM2}i&Y0>1|GA&>br~?AjD{iRZL2$a8V#5lp5bu8cv$gabfl}+8p0R5RX!~ zPqkxP<$DMCz8!GMcmIdqVIs9b=g0kR%2J`jL@M2X7OCxyUB7N)ulj+8aYv<{6Z;Q| z+rQ#FP&$l_jvXU83P4v3ehjGbGq>!SwM&%mZYzJ=h4Es?Si{=CVF3ccx*1IEv)JCY zJXPS*&R6DNu>1bszk|&OLR33XzfENf;+T0Y5&i!^fgomPW#Tm{{^^CJO(WOu++xh= zVK@)O-J~Kj6q{?)?f`A1)^*_wkuYnOr*bRkh>cHFYf1J4XF{OxrByly;EV>DM)t=0 z%)9RzIcmkq^4S&7`nO~nYl81Sz z1*CZwbaaJ2a^W)u^(@$3*I;)U4|5sPfs_S$_yY_DfkVq~Vt@X-6I8+rUkh5V6+xTER?g_qVQeT#o`-pb@R2@Cm*(C=wJP_ z0ndl&$KM|?yiiSBo&V9~7F{6*$IA%-vL+aM3~NAwr^W7uPZZ=mGJ4-BL0d5qdIclF zvB{_3$)VZgVbr0i0?%oH7cxqE7v?i@0vfT(B+k0wt%_HMuZmtDRF9Ou^Ad`BY6%}z zO0IdDeMJyJFvI$lzf)mr%!YL?)C+ryyKe#b zns`5QKBz%@E)8K=&AYSL;VlV>m;%hMdWL;cW3VrQ-YRla-+OP=zsNK;hr)B{Kks@hH>Sy+g^t-SfeeECdY+JEYVp@RRYCTw- z0?#JJ1CiKJ=y0Gl+0Ct^=|{H1V(?KP028$I+gsBOl1(-!o6Ag1j~HY|=TgmJYCWZju*uP);#`f!x?=B4f_3L0c3tiZ@ zA*nb4VYGmf6W5+#&jrJn2zIgawq4BN0W#vc-ML>phzu2PgO?D-q88(YnLJ;CeiDDN z?n_iXQ{MRNy?GL#pT-*0KbAoKXQZg}o0GSHUFgWQwoW4l!VYXSIkmtI8_xQl|##NvQhLTz`dRe<+anHYGnYh*L-|$o(x@e-$2#bN=j{% zq$%_w;sMmeliPTK_yhVM&Bv}mr!K%aw9I6mz}Ta6JJLAtR3Y2n3_6vEh+FT!)sqov zQ6Fsxw8sm<`j4`ZgB86q#t7YQhZ`cyD*|g;j)cCI^EJRkQUa2y8j5q<&*S-xLb3eR z+g$RM3?_Z~;Ep^L?0`k7REs9ZUdzL<3$4{P#$SIL|UZ}!~1{lH~q%*w?(KHh$y5%p#6pqu62Nq*jpueHM7@u!H~c@=XG!59z1 z>kg#mG@$qT{oiop!DGY&$6MZd&=){}yEaOuqLp;{p6BKY!GYLvr0ThNI?5WO{sc`* z0QWVDJ96=GRg6r2g)^Lip6?0R%&}<%!&#k#^0eR$s@;_j<_LUn)Nu$Lu)DBy@>a7t zfCG(}Oo5Acb4u~}7_BG=FdjL&gN9L^lGv1}#s`7YH&Z`S8Y=sE9}c0eM5p~E0c|<4 zo95~npsTNlC1^W>gnrVQ?GQmtVjYNsXA9uW7Gk3^pRv)klb_>!duBySFDzMAztDlU z2d|c^N{}#x-a&`+yF8!ljrHYv;IT5ERo1eh8o(ILYWq_$ z)UsZvEJ1=LZEF*Xq(FLMCu;?)aU9h-4LxZH?tze}>A1VOj%zIgL|frh+YkXYS+jb$ zyQ-`$^T>Lm$kO%jC=t`rj8Yk4vK@+1X1i)XQQs%4D(+m@UaI5;ZOrilfyap^r`1Dic@r3O_$-(H1dT@LGiv}$dW z6}prW#MkR1@}P(&rq7+PZQ!+!s$Ez_1pkx$UcxwBR5J7?%=Y|716%Ql*f`Qu)#vrt zDJ=e2KLIt`HzkU=*fQlWG2K%r0x?O z*ndgB5hRcAJ)^pucwv|W9_i~1FZPyu#RK1R1;XRmit1m&Y)LmLDtR~DPphKWvhAo$ zJmnH2jz+z@Ge~W9;gF6Fj-Ga5+$VRvcWdM5#gudQyL;bVyHCq1Z&bS6uW9wG8k+k? ze^Q424WS?8$5ID*GyQoV?P)_3mr>2U7PpORl|+S%6>UuWzIlS3E}-_Hik;C`QRnkaKfm<_od^ ziHH>Wk(PLQ@t_1NJV*0;^M`}E5l2@{+!v;feR)V1{y6k-)mW>7G~rG0Sa*7a(^Oa5 zxhKt(BWbmI^tNxVy&I^|zALItSCa~%j>>NVx@%wm@u92TG7>CBV4KbBdXop0p!X-8@H z3WBaa+}yCMP+l;6n*(2q4hDXz%F-0P;(GRjj6ZEKy+SmgvZ4DikR_p(Z@|#ByA_6)4lK1KM|=O zZA$#37woLx+ejsZGSHE|20;&8BoRj;b=fCbFwp`S%c{5@xJ3*?-dx6^z&KA*Lv7oFx*87BjzP20N!qL;2%g4AQ>P$qFH# z9|kD;{po}Kw5Oy2>>GM;Ou0nT_LqS9*49IJQ-!jWMSMrBK|Gf$-@rO@S3I0Rn^L77GX#UuUj4tj|`+L}=4CUL?PoHPvgXB{Qjq8hs2de!6ct z@I7wmfnkG8yIx0n2C4gPMH6TVWchnxD+G!Ps~mr%$Si5m4qlx8qDQ_V?KE*njUAT+ zDd=bQL;BrqdF*ZHX{7YS45ux8SBZQqPdn6Rz6?D0ePkr)Gq8urxB0zPSl=J*_ zuXep%Zx6G(Bpk|QRrx#V@xJ7N1{JsfYd3-XvMF#vr0g)x#6fWu$5E$*X~ z`t5rIIvtc%LWg7?C^~&^_4<4`;FF~IKCX0}TS!%{QToUM6{Ha%an7-#IKYUhutv~Ejb{tE z;3i*R@Wm^suBfEUASKA;CGmoQ|4!4usX8B_{nA#MBY9_R=l1CL&4j4YHk!{N)}%hP zqnJXS(MGnM<$>rDk`n(tQ|=Qy4fpg5C~|yzKc2x118UUvm2J-Ae;lwEv|s^ILu%rk zvL!$*iBL3Gona_)irnwJEb$%N-EvYuUwSgTeR)=YyvS#LV7h7toa7~YN#h_7= zb!c1JRH4t=8#i7*Wy597S#PW^L_Aa2I(jkIyLx5et91)GeI@KWkC@fDi0EiGLPTp& zEErKWK{Ay5__diYaG+1TQoSOJ{7Iu;ud|laNgBSg8sRoGxErDS;a*T z(>@WJbYA-{b4bK4NA~z_Jz_rSa5$rPM}mKO8h5&&qef}V-IL*G`D0oxQFc3M67yTv zI9q?82$uvHlB>7e3B~EL^fj6LSNCPT$IA;g$VnQ%J|ELht0pw5|C6Ky(9u7c1D+o& zP8pLTboo>>TSW^?c7OD^9P7R@SM1_Y+oZ<-us_W-YHKt_^zLsufDCUv-~W*Px$I(E zN}P+oHD+Ipud>Gzq~q31kAamH8obmKnxRA|BfAtwK=tCu9!s{d*#%pzZIzHgvlt6Y zQKb_)y5dkY)x7%7bHxEQ>o-rKWQcY9ytDc3RY|K0#<(nkRb5C0Cnvw-jk2IF{FpU| zsPB3G^h{SWFigvo1^!S@62Y5}#5!Rp$8huGH#C;?m6rEb`q6s=G$*zcDFweq8}> zP#ggRZY0Tw0kaPuf_+H->>{R}{uMTRGQx-{yo3hIx%H;YgvgVz3IQV`@h7|dWi`m9 z^D&P6rChEF(g9ER2V&MB#+kibI`3vltQo7j$p3>s^w76ob$n$5%-amb;Kukk5?qq0 zb}BX8^C%HGydpE_25_~a0x40wEcTF~hU{^@52wX_rylVJ24zOL1VclD#+A2eKVDaT zv>&isb!^bEwY7b}V_~ATli7A|ri|0UyJV0=ZowMNsvt;aRnCc7ow^^~gIh92r@J|p zK!I|bRMtg8y~BhlzT4c_r0z;?G(DBUw6c!!B2pVxL8eV@AdE%wdt8ddZe}g$s7aLp zQ--YOI*EgL0!<^UOY#pYg z2#2V=(vB`W0S4gX-B(9V^S~G;YF0HgL>O$%X%M4Be73Zs7N5$>+jeo#QykV>ULDUG zdgHwj(}xo@4=ClpSv*bsbZZMYWNGEAdfm6DPO|rqRkXJ|v9Zm>!+5Hc5GzNS#8h(0 zkbJ&HQBqtWb7VZ>iAXT{OYu-R=#}560PI)6IR5kQrzv+An+RI2pP;?-t(pn)pL)34 z#L(tc9o}B@`QpJj`wEV6+L~jly2=B)Z}-Sb%{QEv;3sa{`N*_0yIt+5nJld7d#W zL{2Bl)ESMqZNF=NAw&jw9EW!yzw4OW<_Nvgf?OqZqT&&It$;eYyZCFGHV^3%2<8xg zJ8}j97Somf&sc}P&=aa6Oudg7EKKr_t-VReDw--)qoHxBzLVd>^5OipkthsCqE__| z7PT+l*XL-+`Y<+`D&G1?hYO>0vVDx6^X{Q<1em-WtcdUxxsLqi zQ%o=$ApI#2RzUUt%@!B-z VFs?vjt2(6iw!OBqdSPy6BY~gpCp(WPM)$egR=iNv zHu8`oJy;Fs}@{u6%i4#kol7R%S98=W50@Q=c+XD)6va>-!(kvy*A13JjTeGozB*Jp-08GsA?D* zaGYJ66A983F1_qNFA%%*xb&lOe$@Gb>kv_xGHsK2SRZ|&oB4H0>F`0%3WgOpAYm{m zv_qrj%hl>tx^W0o@XL_j-}i-3%@S{r?PD-M!p*}hdTssVbv_(3Xo`(dtLRZ$<$}eR z>ECMFZq#?&kcS99@lg&w&U-9v@PdZq8Mb}@EbM^DUwrlfyR=4GdS(b1UXI=-5>R#m zR#&ZVS<2byQO{}7J1^&)t#WSEg&fc`&Hq_d7jB(Za`V@db3)^9r_O4mO7otN8t8 zF^AwND*u-Ek6#HPONaUE#rf8^9EiCI@t#Say-hGWHmC zw6v2VL_3B=T!Gw_Q`x#h+NHNI#f-Ax;1J}+I4rhX@#CeySg5kEU>Ab8oa1|z9vp$4 zS=8x;>`C_zA8c?R=R9ov=SMo3Q5-=J1V!2fI>Jk)pGfU0aGcTAYGheGEa*`f zBgKK!Q^OvQ90F!Bmke3)m9w{6Qkyt-h!_{@xzA7Vk!O{eY{EI`qH65Rzwajwg>S8^ znQSx&)tA5L(=3fJDe7t-1si){0Y=4R~&EIK||S!}D$%r4IwF2e$c z^`Fm1J3AqRV3Sl2hxahW7*-Ijq-_ZBb>u2hR0k_RZ1U%2GHP@wl zZv6FD+x<^KV&4?{&4)i2pK^!w2za#&k4(xneN}YW>EE4sRV#<&|9>AJ`)6+d*@T1u zj)NL(5Si*dJ1w-Po?jyzS|dFE(&$2eTaoMdVdEl`v2}OQ@5q(^;*SsNv@6m_QQd|H zDCWG~s$pV1!>*j96=O8&+Nz%o2SQu@GO22dSIVzWXi$g%5r0_xc8mJv;<5XbRnYQ= zyFqU4oWt>Fo!oM(E)T0g_t=0Mv1yvgG|=JT^Y7|*8Gq|geZ)tz$8GtM%n%Ign5%D3 z|F(@!zm&McL;sW|eBCQtHAbZH@=NhMW3+ECWI2JL z6`v~eF)y$iobt;ZTL9fs9qzSS4Vh=&HoAisZYbZAEgw4^r@z~0zNtb>KAqIbvIM!w zrRBcZE&Xj(5EJPCRUPlwXD}?p{Yw~ z1w`1DptJu=w&x>5);TC57A|B^1?`?Jx<1Z|jz2hH(foC%F6gtFO$J9kZL({GJ>>JU zvyR7+SS#N;fL!3u#C08eCGqkVNDDl#;Pf~LY<*89>P z($}_-FaEp3_i4*=uXv1&&s?RV6I{%_+30OAk2LyoFo2&QYTKq^2%PL_8Zg2n<~xeY z#CL}Zc4NYn0XFOr2LY4XfAE3T!dK;t8TI!-7%9!`dI&dg>dPwP3HZ%l_ho&Y-p#D* z+}_gCSZJ+E)Z69gg_$do+Y;GUMT!!U^J6Rw{KsDq23Dn~WqP~b(R$usI>+Xfa$%82Yym zgvpP|AP%o0WlLDqJXqDdn^5~LfT!8DD~7fmazd8n5R38lE` zUS7~Bfhgjd?X@O>o0zpHt`Op6$ZPa$(+s4kM!N4NvIs6c=(4XcLvYcFlBFIL{?b`l zAHHfQwSsFt%YQamgE`ym6IoStwbpJ{y)Tmf^qk!E^2aqGJTsJ${J~V{PGf9}r~C-l z=#PB-MDNG<046`v<33*2oLIr6Ti{?xh_%hZwPz1Cr@PwSYPRsPdY8#Ezu5ly0TDdY zQ>F^3S$tg?MI*cQ$%!pjT4FDlihPh=zuTT|`J{NMXAQMttyDeW{Mk3WD8cFD~S?&Jd(f@ zsAmx#|7px3e*4f;?^4C_?=zbx9r+};xveYJkrt!-vshRdvKmYW^b~kyw(jjphT7X~ z+ivN|&90oPIDB24f+=Os-Nf|)PM?U-j=XRv$$PXKd%L>j7HqF2oD?3dmu1pjU}jc~YRz zli=Tmo*sE|Y?NBNUKABwu-=Wug-`5-&%UL$9c2P$Z8U^fQ-Mqi_?^^W)xek5&N4g# zD-@ptzO%^_$}7xs7`f7R1SF;%)R7nLUirHSgyr|!nLyuHegOJ!+ss0ez6 zd1?3E14_T+$zI)O_?F8U%-zsTjzXm?RWwEgO6y`9%woutE( z+)_1^v&U>@`A-=uRzR_JbEiDbF1>j z`)p`IOxTjV-O^a~k@rg8IoofbW!8o}?S{ZB2?kSLYT@a@6GnjwQ>U!tLirW=8qUW} zWn3(2iO+*dzKF7|4I9E%I;pLk$AXK$)jA+KlkAlzBBf55OWD^n*ubmOBI+TpfBhmSn7T$XW0k5$YIDz{M<8!bW}g&Rlem+XRsimJP$&i(_^@xb4`NS;P_=6vcy}W_6p% zgahDlFEH=;GWXxwTK!>a4{$Y>Z4Gf%ndeP4ul3Lz>B`oyAWYH!3YmDRn>M_un|A49 zRjt%H(WQ+idT(0KmHF!+uh}e3F`8J}yg&OWsKIhT-c|-kWK*MSH@IHjpH1=~pC3N( zit=abHSnogf+1S?yzrFx#1I@w9De2*3)7mHxa@RVO6+sPh6X3fzC$J}D=QBAWt$Gw zy_<)vqV3^8z`XOIZ!F;q8_^pRiAYZ2R+0~d-oMj=yM3?`0oPkw+9j0TaqA zjZ-S&w+AyD`J~q)FJvzXN`e+rrMq@)Rm0-4t!-w@8+~j1vBb=+0lYP|XAn#XY?@3S zGtC{Nf-rkw3k3Bq;{+vrmapZ4psTAI2@!Fg3Sbh7zIOX@*U`zgfLH>5Tr0`vXRJQY z{pna4Sr>=fbTYC3tIu}V7lw}*S`f0$~XN?$F8qVI}V-W#iy-t6xorV|pHcd^p<(MB8oTeL!HD*x=^Jyz@jTtfyO6Q0 z9*k)3!?{=mB0n6Q=DxDfR+ruDy`Ztdkz%@)J~Z<4?ND}2;c5}76-t5~+0TX7rL7&p zA~8mgsLgzFYCBBw4Z@iLeg(2f9ry~telhK%!jj@immy+(;&=qgATZnoo2cM=^C}k> zwG3emBj8osHr2<=@-&VKYvF+Gh9|WJ&ye^nZzt@&S((1mg?;$ES>=Oc6iT^wSoehWx~})X(PY+N49=iTIqUM}2VYKoQ)Yc17d(N4 zbPI0h-I9i)9T+1+I9MLxCzmjLP5?3l*L|>T!w47fP~(I7ws`+;W6-6yehjNX^4jB($;X6&VG?@k?C0abMS%pLWMy z*{>yU-M&8{8@XA{_P!7^{B*{0Cs29`T6M;!1pGakDcoiVU$5pCBxt}R$g61R{9MLr zfC9Jcu)dpJr!WKoml0T&M%tN3v2gu{@e&E&4Pg;T$oe2(+2`&cj?K{rB3%lS^(Y0x zKn+P#nzqpNc9HTqwZ)|uOt00@$mY~W+pl&ZWi`Wt`Ar1X=jLcXYp_HM*q^n!~_ZIE}?UWif(zN>E%4mvc>}AzKY+-BnUd+(g}!RNl1+$ zJ!CAc#ExV}F(iT9mf~7bfDl^bsTDf$$T>qVeGU1mA1|1A&hii(AQo8BNts5h$Na zUMuhwNdxD%ccVw8_L4@;Avd-CbQcBM2URTmF2d*_jIw3FxKTjy@`=9{nKpHa_nbM^ zH$$qjt-q+finsc?lCCG8nr_i5BOf+yzXy9yKUv=J9xs%ZW;m|tD=V6As)xMaUxJDp z?Hz_ckp_4H>=oIX^)5X|Vv;#>u~w|P80R?Zs&9&PwMNM|aI-9%_i0z7T5B-v!T~jU zUeF-(C>-_~q{S|yapugKU&;1zpbjE^-=dYho)^q(BD}(O;#B^V2WVw$U}XjNcSfl4 z`1-1X5vX&4C02n(@FQUbhr?xCw+UBORqfpBH`;?HeioK&XGjgkSQLA?@MN?0qDVd{ zs>7102N@yvMv*HBIPnoa6cZ_@;jYv721T(|_5;sK(KDLuA}J&_ZVec^XzZ}5LlNB3 zyuN<)n2~Kq>D8R05e4(9lue|0Ev$LD%pcFK`p zwKH~S1Jp?TULXOi#Ejb%Nae!9BsYM0Z!A80gC^ezEYm4n?T+YBY)2)p*xH#^n5FL> z;ORT;mU8Gi60Re?5^tliO2An20<&XNDcm*%1aD34J3z{c=&nE8!;l~7;t6| zyI=|o7a%G^Q5>HB1LxcNr)>VY^Vf5=9pmyr?52SspX)R)Hm7TNunXw#F4M{$V~-0N zcho@}lu4F1q+_&JS%^mY14i~kMtuW~h8;%3?q$J*u1Dc|ls(BCjchk*C-Kpe*su2@ zhC9II&<5$Jv4jZ6+v5cjFZvxK9416Kl_(eXkEVqnQ00IDsjMy4LB@(17%LW6)ePy; z^=r7k(VL2ln|EN`WWPs`FGRx}NywyOYo%QtyhJZw-uWv`tvHU`do2RZUk=S5 zyw6~@#R<(zAQWczp8mVX5|70GrfKuwt{w17VZr9JYX7{jbxD#1J?-kp)y~ zXt6H*xg^_y>mS5=C5D;;ML2`j`9h7k)BA9@ADL7c^kkHMlrAGG87EiwksGnsC}E4h zvobix7uAo!f6DA(`X0t7?zXgGrPz!>+SD0X^g&e z*$KQb$`-H2(Vi=52(jp|DAh{y24d7oJETwy{5aUEqB(YY&ybV@+qV6u&QBzZUw~~J z*)I78i9#Dd=-7-4j3Yh%&le4bD(ho0%mG!GkiXoyjRms8M*a`5K)*sTrkI?gs+wMj zGUASqP_%3NzLLG*BWD~Frz55ICXa*La3RpuS$5mR2@^5Xx`_p zO2ed3ks(#uD&cAuN4-5p4nx$iY9}$ZSq@Rl%85-KImD??fKxU3(KNZtAlPH!vX#n# zxK_0sMzTShH=+I$B(*&g(0{YIB3?FNeD{rR^gCoAwLCxuk^_pr{d1Q8S83!OA0C3r zwHs@R>1#7Pgcgm0OKe*cVk*vP<&au|cr$R0nEYT^HBRHJ? zn;ykC>|5`^kEyM>#fFHU>q3Ap9Zm%^swip!G*dgxErhtl2J$#IBRtmV`tLt~$BlPW zxKAe&EDmGp0=1FoMBB)V?=O8~r~t&z1@N97;(aTL@%ONV=)cYZ|4hx;RDwbkb)3dz z>;=8;)hPLIR->bUxTC$)?2&bs;6sxm;q;@%6U*y%9HHz_IFBt_-)@X$$uQ_i9}B+E zS9DgUZE08$afM&=4tS9}wm4>`KnC9QhNNg$@58n70Yh?h{db?k0)qKr^XqX2DLAvj zF#lw8u%8*1jB8i-D3()V@ur=~s2lV|EcGvIiho8nX3EIjjr71Ho$QzJr@&;#X7P^% z=3vv}gD=1#k(u`C`ON&cPnk5e{oGmz%aAVeId;NGo37zvnMsdOQTqFYlM zNGXA3Zq9=x@Yh)uf2v?sA{Z65T^^VmW@OsNW=&&8-9Nx)0VU^^{?K>XAU?3}x-zNY z=xnnoiLVO$hJWs1Gc12Bd9^Ck*cg8wO^~8`Kiobd0=w_)y8;4oMb2Uex`yL4gXxUX zO#k!e5`%lDt=?VZ&!z+;wFrbnSRkqUpiYX;txYoUoU75Su6j79rfQE z9Ecw0)NV}4VOl3(J5KoC6`RFBP$387)XJtqj%CFjE3@nUO(Q9mpQ~plR^R#_m$Rwc zXV0uZu3nd8nl*E3H(CY;0n_qj*@RCpT@ol!4^q4IAy^e%e+Lx9_xzw8|MhctL2=xt zWw}Z+Gz3224^?>(pVxVj>2V1o2A%&6Vi-UcW^I=nMhsyL+r+T;&xql;Jl?yP4=3`$ zh3@K5qfj!DyF^Gwqi7K?U{)37$n2){B62g#P;#D8?~nfl9Rl-m(o zY+Hx?sYdgVY3i%^57g+uT;%}$uQwnbA`6)4yK15q4z$$);KEvPH}dnV8R2;&$I!2# z^l>nl>5j!7bUh2#v&Sru(fOY~|4sldIPOi4MZ^@5Ayr7GeRdf zutj#w*`UIK0b9m)GMHqYD%#k0r@_Qecy^Qwu8*65;4XcDZTR1R4jcpq#rJ8Y{lEd# z0%#3DK)U&`dmyXixG6F&1pyB6mm8PBin8?9!{0HlEdGye@K7i6NB$9b2n5N8g_z9j z@dy#4z8k}NE|kMeUTLQ3JvWSq5iK*tAr)cHv$bAVG!{bniwY(GG%$}LZDIO9(iTKg zcb?N6-@Fdwc*Bw^q2;*!zp)&@f-qaVXL~tPvE_(;Qj+7f<^sJi11u~oDxpt)5@gS+ za$3IVLuj^sdJg#q=MErXVn#UC=pAJazbNed31Q+t;r=sGwy|NBC+-_84 z^kEMd{=+TRvSfoPhK z2rb0$4Bqf8r?-d#dqb8q0p1`@ff;=rj)c@DkGXcb(dB*LV9MoL+gr73C?(eWinQ~D zfXpr$C~K5*&>_^<-&aIk>!A~4fzi?(HHxgB`sJbG6 zX@pK|bWucH zR-3NLaqW%!pjnk|bNysrEM7HRrX zcFUpQ)yVFetm6Ll+Du3(I+O!m<-q|XE&vT^sWKbwgWXmy0BoB>zoMkTG5mhvD~Cj& z{E4IOPH$!moA+{`-xLvKc#_jfzE z>I5Q+Jqcd=NgIvekm~A0$OGy1xXqm>l(>v}Igf2PLn6G*%zWke+#1edRX^>O9Ht6HA*!98)^ z@vhp4O*FuVneSotCO&GgZ7fPba~ceO>``uwsPC{#Bov`3?wr{O?pcG6(pqQQ>D-sX zfKJPMroq=rU7my2lKXT3jj51|^m0O>g6c#5b1%3IjO-s|n3P;8U0t;%^l^%hu9YnH zMo0j7(a_M4*jytbQ`VcW&3V9JkO9+cSbUGh%{TX>!!2Ccsq2LL7~%{s{*kE6Ld(VE z);($}O*~lOFG=O^{kCP%H?5mu1X=M@+H{RTU3w*cdNP~W()7|JJ1@#|8eHNy@7}+Y z-)FC~k(j9H!ApaN5&J-q@{_U>)%hFVSsxL?oA?aS85X&`HEJoynG=%{@6xvnt>!a9 z1pgRTqsLh27`}yEX~&KoRi6#sUKv`KO!77`=4)?ncNcjCYeC{C3Z{KY{u!Vuxl`^R zqM>SyNVxQN5YWsK%wks6P~7BH+y)5Jy*NU)ntxW5Z+i@2!)Q{RYE}C zwESaTX`ww&UP;56loMqGpwC{5@|!VoEyCusPd!PA@@}a^?L%tcp9Y%;%3leTU%k2V z`#yd2(&MFxruzz1Xv9CsuKD0X!k6(g>4L|h#}Tpb@0T2B9U#5Dp?n&k<~%_In$q>-7FDqQz9kuu&KiZC7YTDV4S z>NVuqn0HU#uJn@fT!6RRy~3|;aO4#R*ypk|mGRx9Lqkn|R2%}X-Cp@(@u_fFUq`E!651F}2%X@sj5VZ9JR+ zaPt+4ZQ0oY?5M(ToVoNosX)0c3^S1QCG+%2vYNh+Ni-{M^n(7`4G4=)dT)+Ev)!Q_ z)@5ZF>KPihl}#wW9r|#YuI6f?Q<|8{G}JeSLjjpaOqY?>3zL53kI+!U!0K`n0H{W3 ze?qlzcyN?|0&+F^P+ErpaN^z7urGk9A9~Q96GL?|E?U+QF(KuM>U$-GAWu36WFUBX z$c@(PCLZzL@Dgpdj z@i5MP@30xl?8Bp)>%?!$4Grmh$}|?W?^h`p9!rne`k3hL-IjEAUsYu#wfj{prrZo6 z)Z}NSU91N48#?`iBBkrP@|(-%1^vXD1tV&-bY#M?q7fJNa9+~kK&Pc;kIXd;-J5HO zfRjM00>Xt5!1Ig|Up_KQK11O3a}MpC2GBB`-DlY$)=*iNSyW#z1le=TL9eB=S+R0( zl=14d=bun@r(Y$7O;zH@k~r@7N*aI-0a6@Vkn9QC+*svXYTQUXQ-ur!KtuC%8g!wQ z@{Ay&Cu<1$K!`HSBW?hcj0oo0jG?k_Gu5q))QoAo#_AS;<1IG|otvTm#@`DiFH_l@ zNJW*7Nb#Fg3ez_!X{7$icr9#01PAhkS;#-Xp0Fzjqk2|5-<; zEN>)K3nhc$R66zTEC>R{!W}l%iB4Djy|%K6BXG=0C@QrA38MW{;ua57T84jyE+?^a z?td7QwIPDw0fOL3T=Yx~*jx)Pj9)eEHpNSwxsqoyy0RLLT(S{Z|IwCb{kdTgY6_dn ziM5`aIIGLSEM_hFcBW}pQvyq$yb^^e$CE*QQSUKb6OL!zBivPWb>WB4zpR9wDk6e$ z!jsLai@iQRUI$bFKIp3`MFvTnXpmMnZ&i`H?>ZnHrY*ms0$rISCsujkG)1UaIeKij z%u|J3NVesn2tgs`$PqKJsU(CV^*d}&)1a{<2!h=2;SJg$ODzDP$%1}10>sZrn_m~k zb9LE}CB3+$rlgAFSfu}ii6DyZ$0!o315!!nNl{r`oNRv%YuB2?A($s5VMkl>39ZXj zyw36<)9kd<0BTVU(24nO_H837KMs{94Z*Khrx+A)dQLzr_e)EXVgA1$>(T6Luv~|T zv^Q3l88QR|1ZMyT6*VA=>i-WjDl2-o&+NAYqJY?IFT4{qr{s|Cz5Ize%ypRAN*&rw zhgiLl{NOV`TOsNSr5Lv5B!FQQweP)vs=LZbqW~-aA?tp&uKnIIU zjin|omrI>rI|~ql3-5g+>~0E{UYX$qSn!pPmdO*#o=J=u9=*=oxg9>kw10YIV=-L% zfd>V`Z%f#F1P}(gynT{{i*Nln%#7>xYA*BfY0s)$(u%dK2Ka-oA`2p}lcN6K<3y-q zeDDJLq|eP2fQj?CdPZitu!ec$3iRG=wC=ly?q&oNgR#12x^H+bF-FF<8jAU#*4Q=( z91-`jomNOEvVil$BA%#z1Oy?VbS!Isy?21aRJC?*OqVPTCgSBotTRimyt(xD4dGrY zC;*03MObFXCwd?Y!B0GDn62X7U2M49uIcnt(UvzqezC{HPVRt;K6?LCDCU{A5|H9L z?FB4vSIoVUSt!`PvZnSdWUezm;zr%eSptNq85%EfO-$pPr63R|SXu{&^hr(`pf5jN z%n__q>X~Mr?~#r%ZE6_boBKRm3XDZj`(`);Ea~wa?J;DHD7pgeH|*X~$D1pNWK<6( zqoDk0v_NcqxJgr_tQM(1U8MeKz@C)L2lXddz=H1GME6cWZfvwb2<`<91XjJ=RSlRz z`I6e1Dbg}r*yW=j(kwcUu=rix1qOTU^k%6m{pSG-=#oHa$;>xg9bq>#sZ*f9p>t>G*3UdcJ+C3x!$LwJJ%)If{NsiD{B9c zyI{frz4jHo+dmvJTuD%U5`8U8E#LOoLpFy;uZ0p2&@0{(#ABn%HRgG8CYqmKTr#C> zd=H``E?u_0VQZb%b0b;|a|!3(d}#C29hw=(RO9X?ucr~y_?GkjwCsWgM&1Q*{!`_W z91`;k>M6c=aA8_C$ES_AO&*8o%3uem)X;p!A|Blt7KfjK;mNGh%`1gQ4rjBMA9CVU zwB%PTtlaismZS>WyUc=>O#z*iRXWze_Z1wWfFcih`jqzHC}{^urGs^K!9npWpu8+5 z67kaQaAqZ+4rj)3&#%;oN&QQR`H&pBiE6r&9erc(1$uBWb=%N3{#eCxAP;aS(t-ka z8<#w&O3H)@MH@KdTak&ht#dhJ9*LSoPJLExg(t(MVQB$0q~1Wc_YgiH6SJhskdE?z z#I*YqO&JaZ11I?Z?s;Kvz>dEGarNXr@43_u3-Dpy1kF!B-)_uu^4S<}0>lW|Q`?kB zTB;!GK)(#8{dJ%)-cGG1>aSOPr}6VPWxcYi6FCiFkZ;o+Lk{Kux_yEBHfg{}x=2y% z=>vUQXbM+}LRpn@S93#P8LF3O2a?tB9QDlT!0+`!T+SS6*O>A?`HlIDk#qe|9Oj_o z7L*L1Zx?Do=q<*5C{oloOES(`Z8@Y67&V|e02CIo zZpUAldHzX_I0TK}uyu4Y#}kIbBOO!qHh(aMwEotUd`Kn#x^^1BU*!2ZyG#<8I`t3v zJlCuEi9fH}Rh5rt^_nlc{pR@y@8x0$_I-w9++$pAcd=(lZ6E*nknhh}YtmApdEmsU z;3j&xLr}&j1l5jOIO8tl#H&NRI*g|EZl)pdJk~o=hF_o{*&yY~Pc<_LjFc8bE;T*K)(K<1p z%6eBE8L{Ai|2U|vw)*<5GI7^?%UNxMne6-gr{P;lpFtF(Ra13V)KL~C1I2yy5;%qH zD4Qh!*(}$s5E^g2#2G~jHg5VVvT>`(#&IHzme0P@SJ#a0Q4;P! zxmvyLLwGt9sk05s_ksugP;6zuUjs!4;3t43C8Q%dH`5WnEh$jj!g&q2{JR3wAim}z z6u+pR4rtuAkYV0jz3-Wj<-o<&YwiZ z-Tg3^VNRR$<$rkWcZ8D)#2vuMzY#JI9n;LuN?IL0a;H5jIk+LqbbmtME5s1OpyY&o z<8$QI?K4c<1?}%m8yG${hDHk}o1ut%6HslZqN2j}<$ECd@gXQS^RJpTRAiK!a zGmz`Nc9NezWZ^H}&Y~h1H>nAJ{$QVS|Cg5`3lD7b$4-K$=3^jbK?6Fy7*#Y!f7&8( zbN3+1FRV<^5XL24MLLZvIRM&UsEe$brqYs}qsBG`8e@i62=>w6~#Qk_!yMWzx zX>;PY0=ucHRe-{3zlvG`?;$K^dxVK!?Pi5|U}^rv7toGSr*N*j^M{aMgBNHlr)7DN z8$}pp5j|NA0VHBf3B;J5-3xLSPHS->lE^B4{|}FzPtUt?+p0--p*Hds21)4b5J@<8 zAeX)A^FJ3-1kJ?Vt(0%gz42;HOGFa|eLJM0?)e%Bi72E8Wd+C!1pUf8n{fH+C$ENW z)#ET4D3V31A9OYO>tlMBEN?m(vNIE@`c>BbJ*awZxXYmCB0LcQH8zYx5wvFjM7?H3 zjd~UWht8}PT&8^dedAfElWE8E6s>Z+goYWaZbFs#YhHL`>zcFs^n9p8SmcuVg%QUi zggn-EaF6|YNoHR-1c7&`ae(Fm6Zg-Iu-q?i@*ua1K%sp`Y%+t z=4J=R#b!RF#_Zku)FcX`AP6WO^D7O7TG};L++BTuK0ewvFTsml?cv&9!t&aQu+Hyi zAL|p+Z9y}f)zF*KN-4T}G>RV5^XwZHs%Kxo-=Tbt9AWmH-9HuhQG1BDW&WUPUF>DN z`flLTqEk6vO5oEgH(5U$-3>Gl64yRC$}~R0w2M#?`;!lTKArmM4Xh8oJAi%Vyd^8} zE94S@L*`MH%5NqLhXZD~FO1Hc^}^7p>JsX07p1JdF!Wq*X;PXC9o?Z+Y~=sKaWjr- z0v4HMs&drw< z)jat@&$O>`HFoH7H5zff5%D-bQ0U?>pBXsZe4Gp6Qgz6={-Pm>&BYhI?Osk~1KwSPL&v0uV}!awCD>8Dy=!O$Pb7L5 z8$Ajn6=BxKzrBF*pUYA<>NhnP2sMuYHPmnB_>5kI`b_~kLKTS$aIi||^HRjkWgvKE zS-u~U(MSYlPHg*p0~nY{A0$v;Q|<>shcci;dEDRxx=w@ZwB)F}2pwD?v_29H!x&0vlQ~v0@{Pd2&|AlI*e=ge9 znU4ENq5s#f7a?7D zckS`C@+^_cG^f1%1d_^VaE#lUWTBL&X^U=&9ToY!z-Z z1MQjfaHwK!Vf{UZbMr9E0IG%x26a48T3coDa6CI3I7{a0{>LByK$yy+G&W& zmqDM(xYCYw4DYN>yb`sQWR}?O9v4u{)fGm{RD>}aBJ)Z97dO=7kA7|>Y!Xus1fdgn zWzOwAyuvMqFp@+968Zn`njm1Ye-t4@;oM6&ns%e5r~d+HyoVrBXEWAvKr`F)`B_TF zwp*phIuen3k(;b68h&n1m!;T25v`J}0p~T~(OrP~P;f9Vye_kP&@YmH&>10X3EC!R z7hEX_56V=q+n|cM|I<7XO?yfpl(B_FAzidILmbLNKw{$t6@e*+P~BjacE%Y&v!zRI zSw>vBA_Dh${1+UTZ}c8Q(sLWJ#m=46oI7Pxkka4iAK*(sWfvw;(rYq)Y!q3EuW;h< zb%dc2^)+XKqRFy(MJV;X1q$faoVO8DI+~zpG{q|O5V-Gw3EwZtB5UQE3?+1Nz;gWa)`lq2Z^WKvZkZVBO9GPtvgo@>!XMY0kjQE z*oLKpYz*2)73j;V&YPy_S_G~|@R3&$3U2}D4osvAqH89&4%WGX8b0-);nTpzjy!*vW>u0|Ct84`clqYH7TH!Tc{%9(g^$;UDDv1T$nE{Lz!V$f8zKr zQOA#0L>;Hi-HP_-zU6BY1JUnV0DFV8VR3r^{&z6LBpv@L3C(jn4#Rm)Mky#Ea<)M9 z*V=Wx2_22U2AAVa-H`<3Oqswjv&rP~QIwH|PpbNT9imYtaNLexpAo*|J=~!bBlv)W zQFuLS(K{fYPq8EB=R&t^gH!=^trpJoTTMWUPsSIOs!=%yDKmGRB9VZwISihx?w&yt z#~>IJTi1k+?9X4nTDcEGas?_%Gd=~UZc5K-lzm&+btUX~{b4+6cjNgwx4UIk|E9A} z`DK)?n)YOVfExkfY+$t9_Pcg-79EjK?xu^?1!e6*6<6#Gys*ad{^NIuy6#G+xZ-5t zLiWsxB=JGO-a9B$b2hh$|Br>vDYHDflKtf%$m01Fe={IsC-e6;4p8hIR*&~zg4bW1 zWSf%%bjiY0iylB>snfQ1&O*S7jE8+sv%QAs`>WskUid+2R87)JJS^w1nw!55ez4Ce zQvP>cdL6v6PS`TQ4sy>^6HF5vWJs&V?u$j5HGPaL0&166)C@PAG31j>K`1e zgyNWBmj;}KfEwSFqQ9uhsu&-s6|LeYmN2JL%SBU1=R^ICaT@BpqRGmK7J4|yNq3*y zS#oVX(LE~Rv^^Yx!@&aGAgh2lA2)a9zTmgcQXzcPoFPjcV#i>o$IhqdZ?<>%O#r+T z%#npwpjw8X4HjB}WcRe$H);ECu~$Oz1}+D7mJ_N~1)r9x2-Qj7!w*u*za;ar4t7)* zWLf@uXMCEV2yNM@lL0fyLbm*JY+mARIm1G4@^3%t8)$f%l^nQK_G7iHa9H>XI}kqV zmZFym@s++SYCAamK0fOc9fniL`uG~WHE@B|#IDR%7%JG>qTEF54sUcn*o-U2!`QYi zFZN!@_?ISjCkd_sXiJVbG6$4mn}3ur2EdPv^KkEgqc^gdUK0@gr*b-_!jio3LoLxN zQELcgt%gahhc;Vx(>6t>CKXpJ&SmSWa|5Sy!!vY$;9K{>csGZUut<{G6<*gFYR@xz zO&zHQRb>U7W``;78J}Oy;yIYhAat5-ClTGD5mo`5!fKTJz~Qwk4`=oiv6kUibRH5$ zsQwPttU#q(jcm>QEsP8@(5w|%o=a{A=QsuS7FGpN24goD)EK+zel!C*>+_|Q3{kMD zDy4pDlMa->V<&V%JGP575}uEIKX7?qd-O@akNd;Rm+@8Ys!CcASeI1eAWhgpLcY;u zNoG{5%=WUI^-<=nLMe(1&qkwR33=OXIYrgL1l64pg1=j$J_02^HuPx_j_cB-slOMo zf(rYs+#wY1W<^~l=`g)6JuNZm=q6J=gr>y4E2U?dcIyI{72*y1H+e+Pl5}O@N-oSg zo2D_ZS6L6*8~t`Idk9*@Cqa>@>rF(`rGL+7Wj{Jq@sLrzUF8xx0kxjE8^nouXAjCW z6cfhOFKKwc`jQ-6^6K<3%IQ4aTx%=+!_8V2c*nm_|)huObW5D>ro^92!#G< z(Z^*2Y;805yz#f*d!hpU*iAwC2f~4i=ZOf(*)a;zNRanPp+VmzbV9V?Nihyc9UDE$ zO~Fg8%n~od};%8bM-fc0DmDqB7GJ~9}Lf(Lekgn zsGT3VrqI)9D~}J5ILe)AXJXk>7q6l!$(g zIxbe7Sr3{lMmoeX5Jclm(}@uQAnwUD;|8WokiJae1#ig86GjrI0?eu>eC3MsK^i-s z@b`d5D@`3t65a&%_D1twTnkjqq2@k|SzwCUfsPX}nC;4nL$w!vM>Llo)N#x~^Frub z_aQR-Dd$Nxhv3A2m<2bb{wuFXK`Q_c4ufT?kEoWo1SGjQx_2%Rw8EPf0V7`xprl6d za_Qy>#rK=2VE+y>J#ALDZwemhX|_~h08w}RdNfz&HdUX=@Tb6k%teOF|%P=B9G+-^f#F}6_njJ0V!uwM35N`7{*?TsDr zDu=ma7NAKoT0VT}XMs{D`;*aUFa`0Rj}^?=iZ>OX|sLbcf|pZ#g*oU#RD1QL!!*C z0V7`%l?@rD2a_hTKA~D&->^kO;2htOHyl{d^{xEY?6KPc?H_GGF6jFmekWtT!Jbij zVIFX5o~`GS)uw{{-Q`M0m>9#^EFGQ$9O;WI4gsQ9KaQgQ2~or1%ie+qvr)3|O2VUD=hpxl44|*v>=R`P0n~=%OPdaZIjip^nqWNwe0I6>Rw5Q z9`*e#iUYq%%Rvqv8%*xIh>JK&x`#L@d*Z2(q|U($%`3X{in~k{H7`pIu(c*SynLY* z=1mxu)B@7pS|_JMh(f@*dDC@z1O>cfAZ=qq?1{*Wy}0QFA&1`v&}TF2uZ-fHSfFIA z?NjIr+Cn4-$P!zs;Q9)_$xH*a#GL4QH2p2!2MN3XP2I@oWRs2h88H8zLjfDpprEdS ztf$ui-0v-JPl0Mr*>ZOhuj{%JIhZ_B+kQ-Q#$|e7W%A~?SK|>WVsCFLizHiHiiDpY zS4^!eCHUcEVBW^YxD!#Rb#YUzAgtJcklM_@B$VdF0$;~kKXD*z5(p-?`~^UA&JAwLUV-oq9B6} zIi_BExyN8%uCBln6*LUn5Q@p8!KTRXJ{CYI!v6`owD0MGq9fQPEj)kpL4P_tv4uDk zAW+a^A|U4JLEtIbcUpq4hEogpqZX8FJzly2#S$eT zN?vkd>M^0jHATxWueEFjFC*%Qln+pY|46(0RQATe2k>cbJlu?t;l;INMuael4LK+1 z_HXeekOvGiBKm(5dVknT1nI0=*{1L6-)CZ^J{P2_e2(R5mk86G{VO<7xxa;expMcm z35Frj;0+#9091uK8A2-4)zu6rXT}_Xx-8g2fga+^)r6k#PQY!a=ov!tL>#2fZa#$2 zx%u0RL&QKS_o*?l#LGp+WtWORgN6t`vl;By>(bKwK4a`a4ZzTm0MXw*!nXdi=@G7D{J*coNVIg4axBsP=w*^EUqLXF%U(Rzik+EsK+A}VNDHeJU+v*eSo$hqq z*3})f+(USn7zSA1VEy~3$2pMFr>gOJtD4<4tER@!&bsE05DIUo5)g@dK<$@i&Lp8! zZY@kps83{7Lb=TnW#AFxL3JSjCLBE3XjQ2=!jv^QPN8kCes2ai!tudwQ=Ju2TP!tL zan6(w!%jpc9iWoVYWV&c(!Jq^IyG^^GH#|~HeXaL8$Wf9-W;#7Pf5{o>DIV+`*~h{ zq`Ed(;r2!mCc@NZR~(#o>|RFmmLVJWUttqT9tv;^eBYk8O6DuSB@;AU|Or$F?d0PgCr-GaL1NM}L7W`{@!O4I@b zucwei4cblF!eJbBv>a<3YPj(PuZnhoxp?Uz6m;;xY&#A1ccyY~Nm>iu{4(aBV!QhW zb+fp{0KE(cWy(NEvQ*3lv=X*_u z;WM23(|v4*-u$>>;2FGSYrN9w26hd;#IwnbT}ktHBHE8a>-8Od$4ACruoz#7aH!SD zm_NfqY{a88LiU*KbPCaVYHAJ~`RBh39^{^U^I3heNg|}fux8A5-h6W5eRG>J$D4&! ze9h#{3cc=hd8iyq%(opcY320#6F#(@Dv;P&$9=hGe71skdZ^-T3LDOKi`xoW-<7qp zP`D%_mZN_vCntE1jEI<&ypNB~Z(3-c6fUWS(_O_y)BU;0so8LBE=2Y(iqek2rE9T2 zSzn#MkJf4Q@Zye&s1+XxH@GDAJ;vteYtlzSyu4#?_~1oq;lGM0g`^ahK6~wWb@Cu# zEdiRRasp8cdg%SH+1UJ;wxO$Yr@@b|B@;kzcNM?4m9Qcitayf@f$-RL#XbVqw4{Ak zD6|!&qjp?minMjmRk-syl!1tNnWBRI$O8nzRcg@sR;MZ9rSSG(w530OI|+KKg5A)y z_y^g}TFW!!OlNSe!u!!HpFRL{6S2bx0YhZpw-W)3qacPOVBR>4@uZW_} z3*U;?e=1jvKqHR^h^`Jj*zd)r$PyVaKDTmn)qRLAVt8K7-&H)pv$B-1!gE*gFWZ~a z(Y4~g`92x#aa^kFrR@IC+sU7P7RmKOU`^9Km0MiW2tn5zN7(#02K%@W)D@~Ymi|#= zYjpiO*i}3*_<16MF1kRM)YQi9uy?(C#M8I$T~0x?b-NENRamHUG=Qbub`d66a40Ju< zAUm3~digAl<X150VPETQY;`-tpM?K|8|Sg{Kj*Zle@4KQ)B0cl^I!3!;E zB-8dF(*=)`70~tb-B0D7U%5w#7`TrIlmmU1B)Y!1xqvJ^@Ki--_QEF$a_Vh={WD7c zu~)eGQyNL{CIhW?qj`MsF7b55;y(-jza-xuuXWdsh-5aHn%IMyn$34B+R<J&c^Y8s{Z2?;FKUII{q>HKXr34G_siP(4ybU4#?EG#EI0-80Z>%d&&#bVl~z&gj{1VIP; z<@@(|fsL6+dbWP}k^C*4;w|_$LJKkoycX4BKBc<{F`*n$?Eg0J(Y)|Euo32~x>ckr zXCD1K!RJBXk9Zi}x{SboKYs{;FPwvz*nf3-Xv16xa-h3xiZn#_N;Ec9hY?*?fd|+z znZR?}uvCLsbYURH3#pQkhtdM34?RFphyNs=j{7OM1&PZupv?J<)4O3=&H`6)u9e+e z(4vRHN7`emND9B80B?@Mg>(yW3EOrs+cJ!_0FB#6(C;5viMBl6&UDAKD>=JcJ>i$5 z)T)N}wC??hY2nF^{!F_JL%}%64p6qKwS#rXg^*udSx=>7IF|f8;pKV6-##2{e*2T7 z=D}jPErGt6YZX#P0M^0sQPvI42p3@htmJa65n$$2psTo1hHo1cfHiUr$I@unt#k<< zJqr$@Pt%p<&lh0B1qR9O)WrSA-*iier5|w6K?uc#)5BZnM?wj!F7E)x44bE?r|Y)r zF=X2M)9(H+uf#}kalXT;7x?UTwH&4#uW_B{vE~H+VHUjf8CJc`<~F_VNI5%Kf^#t^ z8ULz603;N)CSiRc8T~+u$i5*5pUDqfYXFxm;jLNxON13}z)E(u%~{x*!ydp&15f52 z*nrXAAikdUo>c``jnb2_>AQ!QACsU;*t-g+`MXS6`GksXytQi zIF`d5OfkCwWE_BrtIAS_`-i}>-(%)mkDzA*(86!Ea{(RqK;W=lNbU|i$oUi)Q1QJf z!ohZ6ufKw#GWtk&)?P?COd)?MoQbRTXMu?)^3~zTagP9DkMaxwF|NgHVBg;mwAiL| z|1WhqJoWzwJhiam_Xo{|JS@(4tvhS?Myd)W%cm%k%sw-I`~X3^*KNA!(bgr08{tLS z$CtCN5H@%LB8^6>M#NWfu)(;HY;(9DeHikMAmQjSCD>p?b-NINS`QSwGbfF_D9!}f zpwZxX5NzTZ>(zhtzW z`;|X8*~WcL$sZU&5^AlQ{lJ(TIM#Gk0{QN;be!uaADOHJH8qsBE)y)pejvntq2gZT zs)ru}vp@*z{@4|hK-Nd0^Qv(bDTllF0S5u&hui+$s%ZQ6hS8q|PmVK&22j?`98`P^ zy65HX+*hzO(u4!wyQLZxGYDSVMF>kSsn)I{hESvg)KSVB!}eT@tsp41BI_hLt&N}= z|H}t@FLFivt_Ap~hjnGZDfDWwb_{)1T=G=JMcw7=ByM%jj`9{DTM&~s=5aj>u1Bw!EWN(ipcHIzAJIWXyKv_R?@VGj_ zz`@;*1e7|?y*T#Ac-p;2y*u%4g`st3n~<~+5!1m!UO8F>XF~+8gY|eW{GI!H zTF`Ih;RZ$d&hcl+)OZQI=>U~ymO)QoCknX!yZ4XZadTjWjn-7U583a2odjfl{_-9( z;EG&HIy_j+eNb8Y8zIy_t_+civd99cB3GOMNR)s;GQn-T1_A4}mzJ!AXTXvuU;Czk zxZ%HhK(`LWm3wLXyLB%zm6ZKYOpHcXCR#1l($~BuZ3#*T&<#X&j}#yfH4liI_h8}( z(!oaHU>R|0JR}emRD3M=kn;w8{+kDi8%WLYtJQWh?cD;IK{R=z@vO=6ar?GJ6D;wJibyNCKyT zBE54BzDO4QK)bNy$KHZRPlbZ5EeLJf4KE+L0=8Daxgq!&p!%q_G>({b~awCOIr2B~B3lUfZm@Ce5!rvVdL`p@Z>by97SjEnOvGYqv;{;7IEZXVBG8Vb*N!y41&EFU@xx9M(LVE0Q(*z z_p1nYJ%IiDK)Wcwz6W66E+9=H!8?Hc?u;oi9NS^xzXBs@;Xzuk{&YEuSvoYJf>0nP zfP(un%Aa=d$5ZcIU20CJwQRuBoC1&BW(YV)12;S zQD$*>zLA0e&GG)se`5$-p{kcoGV8p^(9KjnS1lF(x<-2;Ms1;CNw~jn?bl*6UQ}{A zt>|%DTG~VU)gH@$a%0`qFRvvWRXWxm3RtWLm_13>4CB#m@9JVHn(MM4{a>{94Kw76b8gLyQuXQf`22h5J!;%E@ zAxZl>_8K?sdda(gX!Nn$nvMZ_15U3De){COBO8G%GC&r3!Ycoh{3uf4n+aFaeBRyr4Irhst>} zyEpb_c8UH&g%S}yaejJU;R8CWW!a_fl+qTnS1fxzIGR5WDq6~15i59ZY6t&()zhCSB?v}m7RAShq~5LW@(WI|N)4ea?hIx8u( zS0!n%=l|0Oey5WvPUGzQU5(De^VD&m!jvx#Y(>{_pXG1gf4(Qqz_m-rTw@>W%Fps$ zc@saj4haYdl#b-9lo_r~SxyD8uKoJ8Iv8qc)8Sm+86y?2Z3sW7+D+4q@6S5lC^>Zy z(VBafa_bOX-l`zDr)~-4Nm>GXgWR(Nnl`B3m5^k-8$rwley@0fOl2m4+5x~*7n<_^ z*8NxxJ=d;=jt<%Hp2RdR@n>w(sCb$EzmgFacnAv+H9jLOkOm9C{z^DEd5ZD=BZk+H zi5z%%s-`MdvrBKX=AD$Bd*dP=mrLaENXmf#12#1dRK`{b8^&vyRbc08O+&SGtJG`E!8FSn=OeB&(^TUDtYo zeL!jp{u3t!rqV^?+6e?7I86dKRL7APo&(=&B-M}$DQ9+2y=TV~B#>!Y0~TJLyNC{L zZp(nF^VH6KtFc|_ByKWGY{JXWY5H4lj9GUUdzNXp&eDu*YQb^Ina_S@J%Z{b-!KXm0WFg@x4@I(lr=3y#>FZv$B@6TAg3+l4U=0_sNqdO#Xv; z#wort)!NP_qgpsN8aO==0j09VO`cSc(%i4n*rUv2;O4?D>6y!uqbI~u_nd1cgx496 z*U$LXL5LER!Q3i8$k+)xB)Duf2b!?5+k=PE(-xEBAn55yh=LcSR8IHxyF z+-lG=mU(NuR#NDt$M8*;)^8H|v+u_~UEZ)RY*b*iJQ4)JQsKg{!W!|fN6|Ib``(<2 zpSR#+-b%T!MpmY-Ku}z&98)A#zXkv5)xfW+g#!Mr1;!$JZS4??PXUE{T&zo#ry7>t zURVH`9PfT8RJ5vXF*KqzL&AWJ!5>`2F}gvNcr_UgA3T!m6G&#$soHLlyi8ZMkGnd*T0-@` ziSor6M1ene=kFgkR9eX{UGQHb6L{txX zjvN3tb2BxH;gxPnbU7&>FbV zVe3+`PU1o@$0~4yrC{Ne-DqmzkwV8xQ@JF=^&P*nI&|HG?n`?r+*@y^Mua)@I2Bo! zU-xKdHhJ1*uyrVT!&ew5dEpc;xa?{=KQbIDvBuAuk(_E7t?|dq@|&>Kuk#?FxRz~s z8%M~UMm52xOjeloFG1If*rS7A=K?vJqt zl-_i)mt9%THuHtv5W8MR9U7O}A{Qa&#gL+X-Gz%%W!r|dr}JH?yNhN*okEcW>l@UB zewv5xdX$SW+S$fkcW8CZp9z@rV`nyV)e(#~pKFVlin!m3f4eaEVnTqkMg&PGw%xcz z!fB4`EREj!p92_gXqUSlLoo+q)eu}}x`sT{2Kp5ZZ;!xB;$-{-Nd$pY_W86Bdew32VEg|sf)~biK zdfA4bX5o~&%}|xZN#aCpx8_p5G-Yj&ov!`e&8e?Lz^VWk>S0JjEPO@*IjiQIT>$7Jfy4>gQS`P$p;Q zr=?LIzN#&vp7s6Ywk1bP`$Acab_gL67e&4|yqPm3g9@Y86WEh8H!s#(W$vQt6RLwR zhtF$ERG!toQ}w-U>bm{%WZln#v*USADEEj>kKi(a%86NVa~N5L_G0+%twSM@KFgU1 zOx)2V(jMZqd1$^&l%0~JH>~u^5}l=Cd_Og3Fi`oCaV{l_$1vb<)e19YYf_uY?_YfQumit{l>3QY-YR6)$;9k#}}27=6OAKh`B`Pp2FCm4W4tfEiR z;jkPsHIQADXePAK;HT1PI!+O0@5X56tQY2iF!`0?$79TR1kd&|BK5bjqv&V|!+UT> z#I0NKCQo(ncwYQ3yv6Y0$;9mRMosD8>8Yz^o2vekk$51sH3&~N1OUnB8u=PAdY9)k z^gbM|e3oLq-m|kNG0~`)miDVUMPUukcLcN zRK13Ya`2QaN_=^0XB%P!Q)EZ9xXfe$B(5g4rVA?y9pFp^6-^$Gzo4r1&gyD&t|w;L zAW~Ka2R+iJs}Q5E{ra>Rssr|Q=a2jDb7=d(I@1#-@^+R)dd8^DJkG#> zMBN&%Q2KX7y#NHMa|C;xXHGY??o zU9|dB56~(0aT?FDbLsx8dXR%x%QdN zMtZb6=f}V{c}H!F5A`3%TF+t^6gc5U4*cfPE4E#QUndJ~=imQuG`l1(!cf2WmFbBL zYe$(=vZ{{8WB1JtISf?$cIgk4JeH7?Ti;$T<7j;0lSa#4B0Wk^vEQ`-*d^h03JAjQ zG&aG}|6|IWiY|t!RHcELjJ+NTCR~&?L0`EUBNtX=XY|8Ug>KnqDh$vQ3U@IQ-R%r2 zBD)KNaga|Rpxqo;h>0DbIM zbu51aeQm^28rdRdd4qK=D`UQQQUxsB?B!~_cGQT9To$p=QEtve8GNh@#L0nEHwbThM^D;ZP-32$ecJQOuNkBk_%GbBQFY`U)qH{R)d-*lZ{#J{ zAGOBlB_sP|Mr*f*K zLaVznG13wCT;ltnu7krd^;0fqL;DZ>9mr%6WMf`|SRreX)0^zV%aHeR-2K++SH?^w z`KEn|hCy;L>Jv-LF%8v+SCU0|-do zOFTY4?oU}YIyA)T#8dRXQ(ge z8ChQiIIY8IVPC3h?)78&HUq6_@0_}X8QW$J>p?k6;mtWAlYxk(TJNR13Y4&!8Carlq zS>r9t?KVCop%PJPwkAopP39p|aeIclW@(v`l~od4o%NbOk$r$gf_tE9+$&Unplth$ zub2JIE!hhfE_@9U%RYtUTMk^cUw3ne$qWpP!>on%%D|%xI$=bG)gK8z_LTA~cTwf1 z>2%n8ZNZTy^T%>wEqjfdO?}J5oH=a9yZCoC*Vl`#Ia!XnI4hu9Rav^d?K98U&-(hV z4Z3iPiD~FxpFELf_u)jHZO@9DT}Q`lQ&S$wy3vUVUdsAP_mP{ECU!cD+Dg)df?X`4 zsCNs3<{))*1&jfT;%zsR+dA`K3SVs-q@oaxBFQ)H&xq4nP$9jZaB|G zPe;?y@RY*dVAb2WAgCxR-c5S;tj)`my{)UyQ<=w;Ek-_u+I5{TFP~W+EL~ZgiAqj3 zz5i6l{o6q6e7mJx&LBxBsxQHbwy@o!?#IKJcK!x}6eJ~e-u3y_Yi^EbKt65oP|N0Pg7fio~9h zNsWoQ8Ft!1)+!xq7K?Nmxh5|93fOco8!+MY&w{$Ty85355fKr;)|?(%l&>1=_YN3F z#l#4R<_*xcRSbZNKYoq4|FpwQ{$Ppv+mOA6yN-Ewb#=i;va+)3sqtf-4Gl^Tj+nFd z;cdWb%9;%hSe=b0(3TvU4d0n-d3XIn$Ngri-YiE}9?EKC7}lp&<$AXHC2>>Mj1C3zKWwz4MQUn{@A%1d?z1+NUNG_Bn}KK4`x^ba zfoInhIp&+5p}kmR81S4y*v}eY$0!=5bevQ*jLghFl#GHUpZp~0x(iIL#l>?@w26v> zN_w9oYy%#++h3$#q-QT{2=i4-jW!6!rwUybpDMX+ZZ0Il7a@7{5k{Yg9m4D8bDbFs z7=hnT4%{OoF3z;D{C28g!b|;#55j5_`b1gJugbj_eBoc zVO2p-gCNSut-0r+=PmxX`) z^;*hh4H^PR^tk0we-;*_&2}C1|7JrKmRB@9M~7^VlPziNq0URgIsGXfy=6g@LgJ~R zfpIFR@9&-CVAfvdP8vR!x|th`JLpT{19>+lI&xzUK!F}l-QUxbdI=zX?@W&H-3D41O{Ta zsi`TLU=vRr=DDk=%p8lwxeEDMzS5L9RNjZ-6}XV?22fh{!~WB!Pg7s{Yf9#Hi?}D$ zXJozxe$zG-yTXg!ikt~;vFy^}BdiPzt7FfgNNr+b0(6XDQ&ZE_0f%U8pu414+ zBL`Tpz>aoYMh39AI$Bws$}(x))15n4n6nnNaMoDUF(cFZ8FH81L}^>_mYPq-nY~qu z?9KoA6^mgALCR|Ez! zxczS2#OTv14iZB*6N@FZ4=r;wtfBg7iH}J-=r!BQ( z--5)f0SLh*!eEj8IKA?$A8P42LOL_`gW%+N_q^8keeCP&3!o1S+=3#@@bWAyYlG11 z#iFq1jztZ|u%{MBpaK47<*OX?xu~gDzOMaIb$h^Trp&mY3H6K6BV;q#LC;g=*z1!j z%zk-XjF+BIhbbf^qz>YA@YFzsYB7nS?l3G|1X*fOp^vLBVPQbD;8Qp*x;7feG%`2`s)87pnVIX_+V)pfRY6tR4?prP7(t*zhatNIyfHe;)SNrO2%MFZ z)31ERGX>M-%9NYCXrt=(0}DMxN+sNl6fsaTk7I9gsyP4FtxFe3X7lp$?T^kv3;Wye4u}Cuv)q$4XsJ{IeSrJkcoK&^# z?+q31xOQdg;<+c5f6(Mo)sE^4!$&B4=$0E!!cmOf^l;Twsd)#TUs7lIH6*xCAA;{{ ze%{4gYqsYaRLxq0eKs~uByte3(|m?yBcS%!q5QSEqH|*$00!qu1o=h~7~Ft~@l)_+ z+S0cvt7hT?v%Nz@fzQ9uxTKrdyLM$4Ws92SFZc^PTvk0MJn=f`d+@g#ItydJvV$gk zMvH9ZQUuh3VFR)RH)NLO8y&Zfg#*$6z7q2-fGcA&GhWmuj#2xfaYtZ2o;)-DbK%** zYl~dCI1WBHh=hT4bu7E5b-bpkWeeUVcWVCENL6B)@yLjY-vWNMe@geVCe!)?jjr!D zR_#=ML^nlQHxt*cv6QA?G0nldy&3p?;d6zus;a6PnVFA>9F+gcBE;B#?%TS-H*vyM zT{+q@)_=Mg?Rc?m$h50K#NFM!r)GU%boV75uy^X?a^vrH);}&zl{2Jzu5KH;$-vw$ zaYXXhT6P)Ds8D&>${fRduK8(m+kz?O%HBR%{E2i!1@YOIZx)^4*cfJyGZjt5wT4Vh zWaGunezh^55EZ0P&DB#EUytt9U#=dM|FmR=U;aTdpY=UQzvmJIkKc3pxia67{NBQC zVV;a@tJN*<4Ns|V^9GFprav8Npxu-AKc#~!q3PcC##CA3VB`Tpwaq>^*gG%lD89t?1{X;og|KPt2{%k|J8$ zRlVb{g01c+IooNEIhY;Nx!)8Yzc8^C#dM2U68KwvXyEG2myP{92{bW>lb} z4A|Pex)@{rI1TUEtB|^K#-uwp-=Kkia_HClZu@KE^CgP+e?DJVS<0W@g0IrdE|-&B z&4l`1zWb+LR+>@^xe8a39eb8iyRYPBC1)PyUGB^-DKm6ta+%B4ef*W(F$AAcbgE=h zI&4W^{O8Z-{7qEoFag(v$m`#k-_yxm?F%2DFFb`aZ%R^!#1*Bv6UOaQqTw?nf{m{* z@^2r{(~&LsW^KD$1&acFUX>|J&2~d+Z+pMGl}@!6t&RK|qwMwxGShrdRoUKsSEpd) zFrVjw%TLR+sW*n@+lD&rzTu}9Q=MH_+H&QpytvnX2K2tlXYo>4t+bVQDKgQsSn<Kv&t zx;XC8;ghP2oLl{edj?E=;{sJDI<#hgD9;t=MU(dOV zsQn~FGN``V8%ptYt$H(*(YY+ldhVpq(2$y#$lcc74jJpifq{Xy;`aDq?1RFEccJ)r zVOIj7J^arRfTJY6${fDnIBBmP+-9oTek zi#X4y>g)?!88k0nn6QtIgjNUZBFp7Kh-4-GPqB&OLm#O$&% zm8SP$-F#9=Y|0*k};iM=Rt68W7r#uk}38JGIAEaEvIC1k`1HN_r|V7O;~dE&BmyM;;Eh1hks z=ec*>N~XqxXGH3CvlP~9W?VvRW>mYJg*;rl>eYhKGyx3UfqT1ye8_rfdplu*$e%Np z+hJ-oA0oWzCz2^4mwA6Xo0<>5Iv7|@CYF4I&h|cMEy`cConBq3nJid{{k6K#P46<- znp*NBNN4fGQ2zK^s?fUWYF_BCuWu#kQ<;QW)_*RV>*h#3KVSZKeWj}+ z`rA}|&5B{eh)*TOkf~ZTP1ssPdC#x-<{%$s=NlQy#;SFF9 zsFdY+{#c2tahP2D87B82z zdTEBj_3!3gw5+Serc(_w%RL|DT$pIC4c@3!bg|^o%~|)4Yi7J)bp0M6@z`73p4tln z2~&@$x`3C0e}-aAs)v)1ktrQwB06hwoAwI#mX6 z>ormwBEnx9y)YHApw+%}Xb#euxmsphVWwh+YgdAV$PSEIuy;$Oq_ZmBZ`9DFAPh3% zrp#AMF{GT>D17%ju4BFUeVU{B;V*cnMCWmOLaj;w-*E{6mMG1wJ)vS*<&dqKou5A& zue7H&|Gqpsh6NFrR(Mc#%|*mpFg~wU2tuuz*ceEJ_Xz!Ue&zccJh4N7!W}d)vF!}o z_My&nOJTEa5vFD>%S-&>s>kTrgR0JohWLUmqF;V@4il!}-6}db=y|LuroaeyMhFt{ zltbaF@k%{!80Jd@ie^k`FW~*F4cg75=m{PEMQY(1A&*DKE_PU!3s`*0luk2k&l(yY z&V>QCvY5XR#IoZfZNKszk?30d_&XC7Shj$kR5!hN-gjYbxI z75;WZQxa3FZ*_cc#0%BGF=<}j0v-qM2>Gdz%-149blG@IUwoyNH^Z=LB=1$GRQda-ZI^vhqZ zwRE+q*r$Jlvb3rZM>UqB3BY z4y*1#G(Z|?7}URu%jBa9gY+w$b2b&1P0>+6=V8UYEt)T}r``D$dkdGU#VZ$~=xHLzIBcaMo+{zjlz{Qn zCMgGa$&1yE4C5|to5L;ww1ATm8jX~=UfT5+*Zmq`cf4``1_wn<*L+uaBichHa!5$#0k5L?`+3w~7GX-!D5GGJ!(ZyYdo|4Y) z_c_~Ol=(V1_(_zUU)eQ2CeO*WpZ&m42OYZhfv{#g#$}4qG`7C^XFWkjvhKnV;=7I54tQBPRqZ`xQ#D7UpNX0guR7b{1#>=UJtnpC9QJ z^TRXM;Af5cC`v2(y-c&XE76ET+wB=W_LDgd*H)G&AEsIKmbGNuxdzsmla|82vY)qP z=4!l>?GLP?K}77$0UNpff&=4uL~SQ=vZoGS$1gWGSJ-LEis^plp6=xz3cWE8k3_1C z_*ikYcb>CBqr;TBYP|->_fGh=n|Cm=KUCHB9HjFuMdbKwaB%zJ5O9-Rjuhk zw(w?-Z8r(?@G&T~r2=$(3KIA7+*uD_8|$oiy`gr<3E zv)9Ho-x%mnda`rA6v`oenKcE=%6u53-o8DeF;(ze(v7<)7%}!Jyt4u!xnO8~3nMbL zkARHu`l2|t#rCIx`21K`i|+2a(Y%0u5ZV8OG%KAQa!sNj}S6FUYdv43lj?6i1iut#<3gv6;M|wYN zd-S|~c;uie=UHA=lSC(V)D9?mNpHSGsbMs;MY7<4nZvT4NoxZG2?x;KjyOSDos$7n2hz^=USH;#MedLR`FK=ip&g$uK|QtRDNsDbi$&$qk$% zBo8we7S$y%>O5ucpDMfYFt1YBdPHf=VOULk;ojluCt*HX5qopBEE*?1eFVc$d!G3H zU~J%zf;r>LDc^C`QtS4n(&A#=jQmIY(i>OAQ=jkZ(7|XxlFk4jlb&78OY~rD(VB9PFQ2yd}fc^Pvof*RkLn$YO z$nOC=w3wOD8wTy!)z07Aka1y-WW@k$By*y9qtqmX}k zb*3>GYixkxlDZ4d90%|~JE`b}HsjP%XwV22cM{yi?84(49PFw8mLpOl@&8-=4DHD$ z&FcNr>%UzF9guZb=faAsdO7>!{{O#UeA9;~ZmU|`uj=F{tF~UeAKp>4^G?t6wUL|E zKK-ou4D5qVZ23GXyUxPjX8r8@TGeE(`P%RWR3qiT;Uw3ye_|9mpR3Lfa{&&cxEF18 zs`7MMAGP+_j~^AEcYi#YHAlu?I{ldX1&ilYU$ zS&UwWq!_)_cv^fh_>`;vPJ!&}B1wO5-IIt2?=oE)0&Ll($pF*r*Dqg8nn9UV^z7*r zqlqzVE8>zg=3URtp9DI!8s4iUfe}#$Ovg{57r&5UM65orHjWAhj-o!9C4U(>l$Cyd zUT^X9b4R~?DLHfIjLHAKqW7|UJ)Qj5YQ$e(%oH)f;nTl6|3AEA?Tvl0p!)s3#D&hi z$_0)JmF3Ud-%q+fd3Ausky)nMvnK8-+F7GG?R(h8J=cCb`5*MqMjw7=P095a?-&^P zxIA4PLqL5*Qi_+;py`~LOY^`72$Q4}qWFL`OVq>NKNa^r`K~g>+8+Y+dK0Cj5E*liyF?Ke_kw;ht+12gq<3Bp@R6K+!qrn+$28g0Syi(1S-4 z?j3d9t1{>Mu1WRYb@T1nv>UZWf4owzUQ|@|$ZPq|B_9tnXFpbcf3wo_`>xIdOF6bQ zRee5O@!7dbyng-}%lb1*Z4TQaOe7_CfVv`lfIc{S#RMMPq{c9}ScdDzNt{uFd#|1E z-k<%~_J88%C(f6*L!bIe;O%wX(!WKhPdqZ&&?Gl z-{*h*{>M!~t3$c0yg+A+#e(c`&zDV!(ey7I0?taIw z%h!J7O5eHVq5Qtjza(TOcWjw`*Y$xAYh9p>zsY+c#=F3C+eyp}kVrbP2~C>?#&%~b~Vq>X^3v}{v|V6*nql-CC3-$H*CZ=)AxR=b z9GI!fEHz(~yDtXhJkcBVUwmx7EZ%EqXS#XC`IoPCkNwV*?Oko2A91D9m)z6`a^S5% z2Z!~t{%2>AId}w2PYIqZ^X^yc$kqN!@HrnQp8BsyQM~-#k8L{&OELnV8G|+rkysGH zE5nR(P~h1+z9zGI0j!rBT}3Mr?|-Z)I{#2&{;ZvgDt}jX7al*i_G7j++xiT-X7c?F zoF4#YiPB4%x46moqE6R=d&XKnHnuASaekI5}+ zL8;<`FVK;9OKyGhBHxkIb%Bl)Yxmo8t>?vDDSPSU_5R1-#H_XSSDfGbuk`7TRqNF! zRovU=`+9N6iMVgZJn+;-2IDShI7nALcRtxknhZ;k?TSbQ<_J+c@C_DZM=P>{q`Jpp zI|ne)pZ2^>_Q}YU*bee?SOjp^td$>fg%|nBhJ0sS&;=#hqD$Yvx9^c}4q3ehP<%Ct ziUH>x9x{XPpdq_PrzGe~x`FErw$Is8OJ?7P)KrI&)Dv1k1A#vnY{;Cx#xRiN&=@TW cfJMO{dF7cxhboVKDPaHtPgg&ebxsLQ05??Y6aWAK diff --git a/Packs/CommonPlaybooks/pack_metadata.json b/Packs/CommonPlaybooks/pack_metadata.json index 4cde0bba3f15..f6bf92618bcd 100644 --- a/Packs/CommonPlaybooks/pack_metadata.json +++ b/Packs/CommonPlaybooks/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Playbooks", "description": "Frequently used playbooks pack.", "support": "xsoar", - "currentVersion": "2.4.38", + "currentVersion": "2.4.39", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain.yml b/Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain.yml index 8f4545a285fe..cdc6e49f6a76 100644 --- a/Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain.yml +++ b/Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain.yml @@ -28,6 +28,7 @@ tasks: '#none#': - "7" separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -38,7 +39,7 @@ tasks: note: false timertriggers: [] ignoreworker: false - skipunavailable: false + skipunavailable: true quietmode: 0 isoversize: false isautoswitchedtoquietmode: false @@ -58,6 +59,7 @@ tasks: '#none#': - "8" separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -100,6 +102,7 @@ tasks: iscontext: true right: value: {} + continueonerrortype: "" view: |- { "position": { @@ -145,6 +148,7 @@ tasks: value: simple: "true" ignorecase: true + continueonerrortype: "" view: |- { "position": { @@ -167,8 +171,7 @@ tasks: id: 25f7c2e8-f0e2-4ac5-81e8-78eb6cacc629 version: -1 name: Robust search of IoCs - description: |- - Searches Cortex XSIAM indicators. + description: Searches Cortex XSIAM indicators. scriptName: SearchIncidentsV2 type: regular iscommand: false @@ -182,6 +185,7 @@ tasks: query: simple: initiatorsha256:${inputs.FileSHA256} OR remoteip:${alert.remoteip} separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -225,6 +229,7 @@ tasks: iscontext: true right: value: {} + continueonerrortype: "" view: |- { "position": { @@ -293,6 +298,7 @@ tasks: iscontext: true - operator: uniq separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -338,6 +344,7 @@ tasks: value: simple: "true" ignorecase: true + continueonerrortype: "" view: |- { "position": { @@ -399,6 +406,7 @@ tasks: UserContainment: simple: "False" separatecontext: false + continueonerrortype: "" loop: iscommand: false scriptArguments: @@ -444,6 +452,7 @@ tasks: brand: "" description: '' separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -474,6 +483,7 @@ tasks: '#none#': - "30" separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -514,6 +524,7 @@ tasks: root: alert accessor: initiatorpath separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -544,7 +555,7 @@ tasks: '#default#': - "21" "yes": - - "29" + - "44" separatecontext: false conditions: - label: "yes" @@ -559,6 +570,7 @@ tasks: value: simple: "True" ignorecase: true + continueonerrortype: "" view: |- { "position": { @@ -573,54 +585,6 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false - "29": - id: "29" - taskid: b9596e34-c1d6-4838-8c25-bfd9657f6e6f - type: playbook - task: - id: b9596e34-c1d6-4838-8c25-bfd9657f6e6f - version: -1 - name: WildFire - Detonate file - description: |- - Detonate one or more files using the Wildfire integration. This playbook - returns relevant reports to the Alerts War Room and file reputations to the context data. - The detonation supports the following file types - - APK, JAR, DOC, DOCX, RTF, XLS, XLSX, PPT, PPTX, OOXML, PE32, PE, PDF, DMG, PKG, RAR, 7Z, JS, ELF, HTA, LNK, VBS, PS1, PERL, PYTHON, SHELL. - playbookName: WildFire - Detonate file - type: playbook - iscommand: false - brand: "" - nexttasks: - '#none#': - - "21" - scriptarguments: - File: - complex: - root: File - Interval: - simple: "1" - Timeout: - simple: "15" - separatecontext: false - loop: - iscommand: false - exitCondition: "" - wait: 1 - max: 100 - view: |- - { - "position": { - "x": -740, - "y": 1390 - } - } - note: false - timertriggers: [] - ignoreworker: false - skipunavailable: false - quietmode: 0 - isoversize: false - isautoswitchedtoquietmode: false "30": id: "30" taskid: 15f199c3-7100-484e-82b5-21fd628f7087 @@ -650,6 +614,7 @@ tasks: simple: "true" reputationcalc: 2 separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -694,6 +659,7 @@ tasks: iscontext: true right: value: {} + continueonerrortype: "" view: |- { "position": { @@ -730,6 +696,7 @@ tasks: root: Core.RetrievedFiles accessor: action_id separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -801,8 +768,9 @@ tasks: scriptarguments: entryId: simple: ${lastCompletedTaskEntries} - continueonerror: true separatecontext: false + continueonerror: true + continueonerrortype: "" view: |- { "position": { @@ -868,8 +836,9 @@ tasks: complex: root: Core.Endpoint accessor: endpoint_id - continueonerror: true separatecontext: false + continueonerror: true + continueonerrortype: "" view: |- { "position": { @@ -900,6 +869,7 @@ tasks: '#none#': - "18" separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -933,6 +903,7 @@ tasks: - "42" - "43" separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -969,8 +940,9 @@ tasks: root: ExtractedIndicators accessor: IP reputationcalc: 1 - continueonerror: true separatecontext: false + continueonerror: true + continueonerrortype: "" view: |- { "position": { @@ -1007,8 +979,9 @@ tasks: root: ExtractedIndicators accessor: Domain reputationcalc: 1 - continueonerror: true separatecontext: false + continueonerror: true + continueonerrortype: "" view: |- { "position": { @@ -1045,8 +1018,9 @@ tasks: root: ExtractedIndicators accessor: URL reputationcalc: 1 - continueonerror: true separatecontext: false + continueonerror: true + continueonerrortype: "" view: |- { "position": { @@ -1083,8 +1057,9 @@ tasks: root: ExtractedIndicators accessor: File reputationcalc: 1 - continueonerror: true separatecontext: false + continueonerror: true + continueonerrortype: "" view: |- { "position": { @@ -1099,6 +1074,59 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false + "44": + id: "44" + taskid: 2ba16adb-1683-409a-81be-59ed83cb7bbc + type: playbook + task: + id: 2ba16adb-1683-409a-81be-59ed83cb7bbc + version: -1 + name: WildFire - Detonate file v2 + description: |- + Detonate one or more files using the Wildfire v2 integration. This playbook + returns relevant reports to the War Room and file reputations to the context data. + The detonation supports the following file types - + APK, JAR, DOC, DOCX, RTF, XLS, XLSX, PPT, PPTX, OOXML, PE32, PE, PDF, DMG, PKG, RAR, 7Z, JS, ELF, HTA, LNK, VBS, PS1, PERL, PYTHON, SHELL. + + Note: Base64 encoded files are currently not supported. + playbookName: WildFire - Detonate file v2 + type: playbook + iscommand: false + brand: "" + nexttasks: + '#none#': + - "21" + scriptarguments: + File: + complex: + root: inputs.detonateRansomFile + transformers: + - operator: uniq + Interval: + simple: "1" + Timeout: + simple: "8" + separatecontext: true + continueonerrortype: "" + loop: + iscommand: false + exitCondition: "" + wait: 1 + max: 0 + view: |- + { + "position": { + "x": -770, + "y": 1400 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: true + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false view: |- { "linkLabelsPosition": { diff --git a/Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md b/Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md index 53e68e8e12f9..0d1a78238074 100644 --- a/Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md +++ b/Packs/Core/Playbooks/playbook-Ransomware_Enrich_and_Contain_README.md @@ -4,39 +4,44 @@ The playbook executes the following: 1. Checks if the initiator is a remote attacker and allows isolating the remote host, if possible. 2. Retrieves the WildFire sandbox report and extracts the indicators within it. - - The playbook tries to retrieve the report, but if there is no report available, the playbook tries to fetch the ransomware file for detonation. + * The playbook tries to retrieve the report, but if there is no report available, the playbook tries to fetch the ransomware file for detonation. 3. Hunts for the ransomware alert indicators from the alert table, searches for endpoints that have been seen with them, and allows containing the identified endpoints. ## Dependencies + This playbook uses the following sub-playbooks, integrations, and scripts. ### Sub-playbooks -* WildFire - Detonate file + +* WildFire - Detonate file v2 * Containment Plan ### Integrations + * CortexCoreIR * CoreIOCs ### Scripts + * SearchIncidentsV2 * isError ### Commands -* domain -* core-retrieve-file-details -* file + * wildfire-report -* core-isolate-endpoint * core-get-endpoints -* url +* core-retrieve-files * ip +* core-retrieve-file-details * extractIndicators -* core-retrieve-files +* core-isolate-endpoint +* file +* url +* domain ## Playbook Inputs + --- | **Name** | **Description** | **Default Value** | **Required** | @@ -44,12 +49,15 @@ This playbook uses the following sub-playbooks, integrations, and scripts. | isolateRemoteAttacker | Whether to isolate the remote attacker host. | true | Optional | | isolateSimilarEndpoints | Whether to isolate endpoints which has been detected with the alert IoCs. | false | Optional | | FileSHA256 | The ransomware file SHA256. | alert.initiatorsha256 | Optional | -| detonateRansomFile | Whether to detonate the ransomware file in sandbox. Set to True to enable file detonation and False to disable it.
By default is set to True | True | Optional | +| detonateRansomFile | Whether to detonate the ransomware file in sandbox. Set to True to enable file detonation and False to disable it.
| True | Optional | ## Playbook Outputs + --- There are no outputs for this playbook. ## Playbook Image + --- + ![Ransomware Enrich and Contain](../doc_files/Ransomware_Enrich_and_Contain.png) diff --git a/Packs/Core/ReleaseNotes/3_0_3.md b/Packs/Core/ReleaseNotes/3_0_3.md new file mode 100644 index 000000000000..e57b8d60d9d0 --- /dev/null +++ b/Packs/Core/ReleaseNotes/3_0_3.md @@ -0,0 +1,6 @@ + +#### Playbooks + +##### Ransomware Enrich and Contain + +Changed the sub-playbook Detonate File - WildFire to a new version. diff --git a/Packs/Core/doc_files/Ransomware_Enrich_and_Contain.png b/Packs/Core/doc_files/Ransomware_Enrich_and_Contain.png index 9ef89edf1df330587d374216d11b4b6ee439728c..2c82e7acb2a8c587448f816f603cf7d891593881 100644 GIT binary patch literal 380970 zcmeEuc|6qZ-)|`;lW0LHONuhq63RL)BKtC9XOt`vvadr^Nl~aQW#5+>J7XWDD7!3U zC&|(_N4FFabT5c5BS7}w8#Sfv(rsa<;sryjuYQ@?BLsRedg| z8(Px0_cH90yc=FcW`hZm9`Sd<9PDMagQ~b!BIU~e@r(BucI(wJG4b8s!SH|mLxRHi`toZ=PW;Cm@54g8{^M4# zWOGKQ^r5JjxKsaWHzqdK9|!)N$K4+Na4)MT@yEG~;CYiv_PNgy@=92q{`m71K0XE^ z3kJG0&{_g)M`5_H6fG(5JrBWixfjALfA+pyl=JqMKk(Nx)a^hY5#L3B?s^wayA$$* zfqqEoi_uzl21{~%yqsCa$>gwv|_vYI1YOeyNCrbggGlbsWvrs5Tzdh(J?Mb)= zEVuS-_$#he)PHV%kW*1{kyB?diCq2U$rHhMLPHxKz4kv&&>wN9Hci?)>CcknbA+t-KaUEmJ~6b{i$AaTGBRq&JSXQz$g^i~J-wHZ^m%Q{V$;qj zPCJjsm(J~>9|oN-4(wyK|MfBcZM`O_@fC6>aVi?KS)c4JOUP&$Hb@th^K@{y{1k(6 zpjw4L`&GdYeL&3C!e#E?17sTxLy=MfPt6e(H_OjU3#tvi5h4!DDN{Gng{y5}V$b4q zpqDNUGU{{aN#)1ODoTFN`Ag=ffy}kA?PheDPo8BnVxMBvwYIh%DtAsYa6H=^Ta#c? zo}q*2lX8mWfUT!mu^(i+#{FSp*^XvaJ&@jBc;z_)oOeS~P*$yS@EDhTa?E40Hp17p z%3*beQQzX?6mBu?IWh}*YtNHyUwKrz0}WRd=Y6QMZTMHN@)bf`peZ6xFxlB%-3U|M zUFw0nakwfIJC}O%*@G~?YrBba_6S4d9BbB|)%LEBX#53x)o49^eRf{nf=7>b8!9N{ z;7>%L?`XRD?ci6;?!%z(IU^?MZj)eM4@t{~wwNqOMMvBBkZ*}@+$)LBADtjSSZaLV zG80Og*T3lxBm`4sHkyh=Xbz6)r@8svX)CtKwVde{bg%gGF@<5 zG);bsd9stP$rRzwLAo9u9%9d+Vq$~`Q*pTO??jZK6+FfG_ zRk)-(`FQoyzyv<(&6{rzgdC=9QzB8ue9C9puRvOL=)15TWJAYQx=iwg*p6N|w(bpfSiWF8X3u%Ou}J{Re;(tY6>oeJxYbE0+flUy>3|4q zB!49Hr^ed@bm5)h&nOE*51-r!4(P_=g*)26{UCZ;K5tkIfcFguSK>aW0x365~PL} zP5NoSA1;KoK+-}&LROZBg=y-#3IB;_Zacbj_Z6LbY$TVQys2&C0MgjlSWR17NhFf_ zZO*ydeJu9I&t5SAZOYHHM`xl~sK$t*~2GR_0Mh@+ehp=OqtruLSY|Q@U(?{9d{r zo2%4g!-^$9R8kGcSLn>iu~|-5{}!e?m!zbv#H_^g|*Tx?H(snZrD(j2R1r)1aquFBvQO-6S)Fc38GNm{sNjS zWwf`)!1c{DAX?lhE~iTR%AJvz^ecWhjwx(g*S!&N)-cK;i5=Vf@Lgc!TI80R%uqI| zb&~7TO{t83#swb#qDDO?{qahBFQfjR>N1p&kWju_%Me-l+O=%ca;I#XoBWqkbln2} z#i8%Qzx}~|STYQS!q2x3t%@R}vVv_o^b`1V!oEmd2Fk5^a-Sr?e#}KDM*Dc)NPt3I z?n@%SzBSjjhk@+O2kdp{NBKWt#hw98+9=*34uc=R*f8|$HG(w4%NQCzDiHjap}ALD9JIMgjBo!e&znSJ16hMeli;k z*JgiwShX=<#HCnM2TA|(<%=2L6yiou!2wBnieqEC4)W1a(T+cb8 zz~(*e-qtDp=ZX>(Be)_GQiiI09fys(#e|QsA4@@_ByrVu>pY_t9Aa!wkTS=Psf_q6eNCQbdq{sx(rXj!c9&4 zPZJC3wuDH-$PBs7^Cjk8`mYYHRP&l=agG~d&LAzi#5ykyY2wex%TRVHEDxooB`j>= z&Am$TmIr!!W$UI7RDa;im(}OZ9Z0{lm}mc^+*;#ua|5ojs6r?i5?( zeeeKx;AO+=P#GD+ef#$1JMvOg85=(~Z=WAF0AW)Nq6+WWRy`kE{C!Tp+Jwmbb)+V*3v$LNnIc5;>L$UF_ zfM?qdhQu$7dT!Hsy)~=^;cjT=p-CxwyD}}MJJ|+~11Wwy-o~q|dq)ww_1eWhJsD99 zc{V$(G%=i12a7A?bg+R%AqHz((#quKMyz z`TovE>A{xfW?d7L*cw=i3HhKZ_agfjdJPV<0~d&(CfRdp+u!iggF9<@OJ3h+ID{$vf&W9EpHt5_?u~j2a}ykNM(<^;6}I=Xx;bRFd-*)$V6eKO)i+FHNddSt1dCXI)!1)*`zK* zXC_`&59OCt&02s=s#9AOAN3ws#Y?{OSg$;MLE=o0g4JjygTiXd6_RLy{QOAKI|?zr z=ekg}A;xoYu)rEyP7Lag$u7$u3v_bxQ`L-<*Yl(XTD&g!)zF=`B+aSnq5Y&!vtOgH zr$9u<9Udu`D64hJIHzi^c4lPn3b~q5U4}?fcA$0^8r)C1=vU(x@MX(932Br`jJ?VZ zNA&G=Up!SZx_0p3s5>G3V1AXTLPj+RAZ~sSd_KJEtRXcp$mJfI3t1MlgK1@&mP|R6 zRVtJ)tg%uW5Vm&a7HEf)7pcEqU9i7bwz>SvubA-A^BM0T(l$x9+lM1+zRwiWPt0R< zI8gHDf|#Lgg1j02{L4~&a_^hKZ?QQ;v2~#^Vz%?k+Y{fLM1xGKd>tSiie>tGuMSJ` zmzR$jm*yj6s;0l(@ZIQBE~a)fge&6p+$WA%!Hvz+h(s>y%+)SGb?MoMQE{ff;`Oyp zw)um zG!&jdQ64X^{)!h6E4|bF38b6Rt-uncuEAF-_LGDwoYV4~zx>n|cnZd;vsHUMUmQHR zF<~fux{XvpSda)N0SAxbcy#)Ii^|vEyY&s_L7^Oexe6 zMu*b0LU@eE@vLt%iRo+6xn45^T*gn58iG zjH47WW+v5qKHctX8zk+d07v_jP7bMSxm+fdB~*ud+J^=>zjf4fOn@{EQL=M#^c>rF zj^6umw!c_hShy8=lKt4R8?CiuiyaH$^e}x8*o#7KvmcO@M;j{|p9}-Z&fM~6t~A|C)aQCVDv|VaOoY>qJ>QgWWkmrdxV_#ZNswBhPqmG zNzAOs>dR~N2GPT|8ukI=!L?V9BbGWp-HLO4=Sf}tH0Y!#dMS)Ubx>jR(q#LdsIy}w zyWYt|-qkLzL(E{7N^8?U<9Pismwz5UPU=B<`D+Oi7P}O-{F@W{^Ws+Gc+Jup%>AgB zUx`EYyijXu>{0VQ&Rgp*#~U7Co&CvX)alI_Gv&zgF@xr%jxQb?GlAnP+QS4g*%^5f z(w7)VMQ_dYTgVz`X`jHDF8Gh+1t)lYC|AnqJMJ~R##;NO;F`Mnjo#7m>LHRYxq9!N zJKm*hLJ|?hbr8O=oy%x!UGG(7;DiV-XGp$Z#k}^@T1|^VPm(6Zc0mws?(}j-jMxDSM36|AX_%MoHN&@&rdXA?h_&R$D(Ki zCMUmJv*!cWu)snrVhNfKGG^ab|Lt_k=MU=n1~1Z^OWVbF7ZlxbR5fqdEV+F+1Q=_| zSDqgWR~;b!3tNkEv2`nxM06%YP7@PBdOrsJ zB!*z@IUfvsg7Zy|ZWX&}MWRN@Gq&afw-H9;RTKUow+;JRZKgy&7`yrQV`bL!?mRE0 z2~4=6$B)wqfgAfa-a6Yui9v`GG0KoqpO&+38v1rlEFqV7YeC3S{Ab1aulc6=?(BC01H7ZFgHT4!6XAxA z)1zyWF-e&>w#o}S`vW#3D4$+Wpv-ao;#=eztoKsb>)ErTe#0|nvr|Ej%f>jgHb2X3 zA(W?fZdDpQwT_ZNQU|ZHnEWzs99paOPJu8OI=A&BI1}d^!jh;zju}2@_x?rVl&PqH z2qVsJJ=?uUZ{Lq|#nLfz(j@nrHYTpAiY^^bH-;zO%+AW+wT$ji^oYdXE|DtK=^9cn z`Fwk#<7wJP^}S|@WuD%*Sare5wT}%gMW;6I=!|RNzc=ai_4ZbUs5m&diCDg8pa8q#qzZHbCt8PXZ*6#ZU1AHT0^?Zwr_@BNCXGKeuG zWUXSWOksYW8@VzeDDb{d4n+x{G$PPk})->G)x7b?bP zLL+g${-2vGef=g(IFE*Lji?}heR{a5CbG!DkP}^dgJmtE7)A^=Ov>=%O~{Ciy*g*R z_&t8jpsMT%hwAg=gX5&tDejmgzf{Nz4v|i|TYT0t;XJXE3lq5E(nalKN&~o?^4(*a z9Cjw``jgPJ)me;)GURJUb#yTGxFtG=QO{u2JssAPUsBg2-f2GVJm{6{hEvF!AD1hz zMyk&YEk#j&wgK-34Q)^thcf37p187X2L`r8&{&$NTxg@+?tiyg>~JvK{pp*OFO-Fc zV`cb;viDX*UXI(-$4`J{4FS=Kbj+$;CVD*JJa1zvq;jF}^}{jrdbei7^#V zs-k=E9DZEU!se`v74DF0CRwed`6ashaWV3YZ5jq{b0@&ITD6LPaF992p`kHDDkXgmt3)lYGf(nTME8CgOAZeluej2} zsK*<0(K8ycTWs^*D}vL|;B7wZzdKxc>E-48S9hNC@5lACFw22BOul0tNfr$OaVG@SPaC2O5LHXNQ@>z>g zeAgDhErmbA{<&a3y~Q;l44Uh;4xMfEyNSU*_Y9c5rB-Hu@3OVn4xi0cfdJM5yaiaJ zu9TIKm2h5fyn=d@vlx!(uejeV7j{I|+~@5zb9aJK;76%Dck^rgN$@}zd&N=CBq@WW z8q3sxjo>VtRNb|t>RTa@=DXV1dV-s0yO(o~jx;MJfqU%e-GZ~&D@6p~x{a~Eg{wcS zw_NPBG0`U+*;NNia;H9je2dDx{1EFoRGO#SSzBflRDA#^y?g+BZ)1K%Xkq4C&gkfC zWMcJ5-I>S)nLB3S0PS#vrFpqc)T7uqZ8vl;i($Oj@OV~^gv56XgHJY5j$YK&OU9-j zLBz!fIDblU3zMQ{Zy(dpkuhyTv5V@K#U^uheKd-kn+Z}yC1YAzu#E#KZZ{~0oiEt+ z+0~Wb`vBz(^;(p>dyCNG(mil_qrb;Fr*?Bvb3lZt%)q~_Jf53uQTuaRFOU&#*{VoE zsY7Wx(MQA8r++(*215=Z+lB5b_hDAFP`K~!P{^<=r=j7>sLOckKV5$oqN1aV>(;zG z_1E#9z9D9z;WNaN9&Ne1O8nwG>`$l;29MXRzs(vMgA;7#7qx2^oUht0|7b`y95We9 zUX8)+qO`N-yX=f6+1}>0&pItIyI@*CsM2I)A>S%S6$Y&0v1YBX;j5Ukd<%=}`lh$W z1TNQ~jr;|6FrxD?yk^yv(H2Gj(@ z^*hU%FO&{ z2jk>5G_~CO46y`fTh^R3ylNg(x>lS-FV3|Ts^pM$XJ--4rL-*m%^ii?6ZtqqX>{O> z*0BuG%cJ_eFb@4FDR`hq$+peIk;89I<5MD@eF$kxYDha?ps2s5^y4v95o2FEFbZ4O>Yzfd=GP^u;Ssmo#<8L{52Da1Gxo3Q&ODd{j?HGKg=U(x=7@}iGy$Pf6byF| zsH9IKnVdnb{@o(bhF-nz7X8eqH#IdiROT2LK&=<)BiuOW^7QifoRK(_bVM=ri3ndM zsk5_+wVHI*n(_t(`vvYK)^A@RV8*6}+1VfWh*D~b##|?Z@}I|%WLBOJ^L#?bnrvMF z{St<(!DR#cx5dvxLZ3&I&{hZyS|!6#@Y9=@3;Vj5wLedEeBR6O>=0*$dM8i8#6w?R zgG<((+;4_eIy+3#Gq7bCTVGalw`QS*t7P6y&&Qw#u-G*5e4=uYclJ#`$NC2{HBQW6 zeC&>smh@U0H}KKb4h@3&IKBm?sAk}>utLs zp;Jc=9!&YwpciEb2NT#9UeyE%5fxgeA;VADOaO6R&5OI$%rEmyrPrrTG0~0L@u;+R z98NrqQE!y!;7(Oe+m~(<`q5*%U9^LNKjMqPe+?x--egkalZY59vI^e({(TNwkiG9I zxaKkEQ{LY$FX&cat(l)jfkqDKolFp49L*x`!o^lwKBqP0oKXukg1dwuSWp|8aq|24 zeek|-arAZ`UhBjq7w!rEBauIv8=s++*Szr`h1mx80!ak_YM!>5H9; zc6A%6ugvEZv8lyYlLUUMTT>hh`TZTSh?W)&0{8f4ItS`?R-HnCU1!`WnlTJY*1C>f zNRYSbx*0wUS_qJD}0BUo& z!Ea%gFD;v_r}DGnEaT<%$avGN5PSSaM{u!3r`-J2z~SQ`uR!El$OaYXOy^|2@qsjI zker+8T#r|Uedxxq1bQnNGXbx7Oyp25%m+FFWkzP)tSU# zxOmBHfs@hvj-$q|y`P4vZz0j_258Q~648OOdQ8qK!J(||Y^Jq*T%%bU|EVZ8-aPyi z#|lsJ#cs23*|#=Y+4&-dX6}#j@s^PrWD<5|#l1W@vU5iN_U&{C^QGOIF!sC1H(wETOkgSZ+d>-R3^L>7CtqILql>0 z?hrQ(5N>mtoRxgH)?**1=uR$^9^Rx38P{Yrvv%N@N$<=ciuU#nv>yBWJH}Jd&-*Zs zb2m~;c+(!=ZYAHUnnA~mY#MT88p~aQe9R4cgDCc&IH8r10I}W9vL2kl? zrRR10Z!Mi0mpkJ0{h>HAbtUpzdEG1A^yJ0j`ro%Jzs;2{hu{S7ckEenkv}Roh@gH4 zx0}h@TJmxrF9)+GR}5AhDT$z!0N~2H!-tdO=zxrV+8*1v%1gY4Ik*{j(PvufS}TjY z`Vu?s{TIU$=Zf0$Qfo9SFMX4>?cOmpJqn}b6EnzWm5|CR4=v&OnABY94O7Qgd$GJ{rNwj)zR=}9|2Qn*qq6Puz9>$OUXW%KmWllM zCBjk|&y|mgohAnZ)|w!ZFNUrv3;0DL;nUDIU+dFzq#%ctfvxFERKVTv+_(ZIm9*gL zkL2i~8vFnWE5#>w6)Q7c-DU4J_+t3jW06C|@{$&NU%G1l$n0hU}mu30~6#dyx*FAW2~m{_itVv$(dre z$uF1*gAFeu(|41gqbfmKh2AeIg}y(N$D9fTL8;@trsz0ikP8}z2dYg$QX}@CG2iEM zZU~=cHte}T=-?+i+B3?<@O24-(VFs!+@2|Ym6oCXHrCdaFsPv5^%pN*EG){P;c+@{ ze`MJTMm`?v0yYn}%@{Te>Fw`tWyo1tay1lKon3|i|Ef?gCpq{jFVN5??g2X;`eR;2 z-YRthN_`S2UfAKx4#dADKpl-pCU7r zYJt@~oXmo@ZRHUT%!3RBtkLj*fLem%NJ?;$Y4XNHVzDEo!T0SOdDS&=ghDaCs+=*P4Dr6Ju1G?@xU6g}HLa>kR+61=wrRkSWz}M5==T|O zje3V+Lw)^8hMb_*<(2vQjQ>K++$yn_rHR9PpOFV#(<3TVv#qadGl%PfU4%nF=W&Ov zCW@KI5sFGszuenD=q@XEz6e=^%lY(P7J$uEhw=Gxr>1jnBS9>_Vv+Wm9l(xwDJ>vSMgjQOnnREh%O zKWh%R9ohB{I|z_;na)?9ZL0wQ0B?jI4u{KEv!{?rz5xr&c}C^>MJ`W6o;+jLKbA=w zR6okUk5FM*h{^2vV1u>oOx(n$<;p^#&=6vFm$}LHux*1lVF*^AZ0USQzc6-j*kRP{ zM>GBL5?&b~IqM3r54E<=0(8KBMu6++J9W||D||5vG)dO6X*Kw?>@encF%N|3XeUR2 z@9MiAF+v}GFd3rjp*biDSx896V1CB_32^A93)zy7rfwIku&K(p) zYUG0XTSWZvhcr-7gED|$UEe>Sqknx(&&DPb*at7KxI>?aC6y7>^afIpWi3D@=>gD^RJL}k7Eh1q zApZQXn~^wT3GuASYEbXX^G0;*)(3D5j~45jI`pMyX-k*rw3w_p4wxjDb2xQnk_6yt zL1Qn^-vXuLF7!r~2?7xaKm>vKo1lb0v3d+h1IMhf3MOTl@aDGc*l|JjdHw9jSKitL%;DqJ(4Ua|jNZvSe zU@ol|^|CKZo3}r+AP1FJtC%2PPdMUW{XB=Q8oelG_t|SuerINKVO$X*O;uD(z#>mjs)%Br7hyluc zh0)SvTORc;Y`{Mc%*r3yex}(LhUZs>oV9aAhrR4Km-4_!ubTf<+L6OC15w9b9|ysw zONcR78QG48a$bMlM#?#N^?X#~$SC5vF#>LBedH!Q%k0XYKjAMIJi$jX?p^c%AX@;_ zPl4aK@iZhf6zATqC2CxKwYrt8FWTo56Y&DTEI5yR$E51{zIS*JG8QT3D<*Zm^+9&M zLK;(A)n`b3uR5&HV4AQ|%x%VCF56)7->wXE?s91Tr1`}OQ@(kz{xVd?PNMtc8qouXgTmom~R%9^4UVXpi0PqL?Q>jM|9_#ZF ze5(phjAlE+bhq91UFSkn?n!F*1qp2Rp+kovL7L)G@U7s3%E}G}>2h2Qod@b0JkS9-c%AH0>IQMRE z1SYGFq96beQb$;~pBeU9VyAdyv6ATPVjZZ&YXCCrL+{!PFLkIZI}&N{_sN1JGKP&E zlHJ1dD`8?oo}~JQ814r@&MwGXJ=NQX`h^DrCH(m+VPR3-!D9-M(I?VClIFbbu{bu0 zxaz|W1Tbi5$)~=lANh__l<) zion6R=h}Pd23g2yXC^v@TUu@qf~1ib#|v6o)M$`B0F`Dmw1}{t8ID2SBL3}=R6 zch6IOmY%ccRh8j5&80lt9mJ<(cmHA_FYMWKgN#QF2Iv?tTBp21DEmz4>z_P=(5<0I zF@U$Cspiuc`9G?u=RM81AZ|Tw`u)gJ9UlaoED6b;KQZjpQY{wo@?Hq1un~IW;ojBW zSJj9f1S!{nsZr&D@yI^EhTSLsMhXTBGhhvR4ZEK6| zfI$OdgROPD<@f$&73g~Dfak(lT!zm}U`?LXw>KlsLRn2(>q2WKXo zD^{LyJ;Wdiz?bRu$wCsZ?SHw6*E9br5$K$t=Wt-FLsvizC3>Xtk1f`p+qc_5hH;O+ zCZhp4xv5VFuEKpd&V%@HS z6n@NH?eR96A^vU(%+Aw_UsTXh-fc~?*)TkRC*-`*PL*%-e(iJ|a(AFsU2@!Fw8_hH z!!t(nSpLZT$^jn^)_uI_=?1|o+24Kkz80eY8Vc4+Db{;N&uC2gJ26QO?h|r$Ls5OW z*mbg+qwr8qzII!)Mz^*8b*Pvi#ysg=`$37Fm}GC(ZSw(6ng)WUtr>e09p^?fSZ={W zyY>V4&9_aSsIlH34=>y_O7cYQk)cP_-wVi=(0*&d-Sl`nX3>625-TiEH7Vi9?Qi-u zN?OXjjMw+*c>k7okhe!{Z6@=NR>8kuXKBEo2I#r#+xZjdg3ZnlUGr-+7H{{kr3E{* za;f=gk*wd9{5@nX#~zBSE%mUb(|s|33T? z+SV?8Me@pJ-b&wma zc7LVe-07P!se=y-%{>2LIB5&z(e}?f(f{{ZVHartzh$DN*S~&m0x*P^+dtg7`@x~Y zGSp(;NM`I%m0&@M1h{hRa+0fD@_#)NC<}5Kvm==2rfiq~-j^-+cLr1kmF4*X^-H{eKQ0@S zDJ=n+`wG$uF-xuAWM-my#`ch1#QC*x~-bzh_dn6m&x$&czfHJ-_+E-v3 z^5s@)n5TLGedPE%4Lr&KR$(M2_v&9(acUpjpxRTZ2LL`*8}KX|nJBSSx!|r@*R; zmGf`agEf?CB|`4$<$o#8>QEsjyFA9xK-r`H+~|kui;7KILRK5q_Cg2#tr8k5rGd&~ zx%szBlK-g{-<>nOE|poTmQ!-(tG(qSJo4|-0&uH1K!xv{Kh{T)m|KfwlY5O_T{rf%9*} z-ocO}2C^7Y_~XyNkCfcU@K>Qu^eg?^5Z`v%T-rJvn1P9_?4S1N?}s&~HF;Y_g%1Bq z`q9j}I5E8?Jo@jOCl>^)r3scaIsp z%nHJmdwopP=1R;fX=0g=u>BG7onw}eXX?F6!jG;6v=)uOA`}yJnQj{s!v7F^zenAg zc0Bq0ef-qWSO;mN#>K`~@SA>*mR;ygH&$@TL{I3e*9OxE?7;jc!L81t=Btkwy|}uM zOm_Kxdy9k`yg^1G5K)w#Fwj(5VY_Ja`y%;WSRHOLcy3Yumf15!ueU#~cw}T?^@pE? zg+&MHfIiBC_F`)Q@6YjeMuh5L8t8fff);m9d&!@0!Nugg^VOOyU>_;@7X$kC=p1Wm z&G=xYl#~?c#9TRywgOZ1EnxC&14$e0w)!AJsjJc=C5WH`o4y~BfNtKuIF1DmK zbQ$5~EUFkke`@o+kg|Xpqd%tk-&~lH-@YO)8xP!O*YP9Izd!*l9$*v*m!?%{C};SU zR_E$v__ZJ`bn})lT!3xz%@U>X608R^Vs;OGq63GgAF@KJJqy>>3-`_tY!o^ra0C24 zDweC@<408i0f9iM`~x9K4ws?U<&Z!1EzA#;+PHFwwLcDZ574yMYxpp^xf-Ce z-GgBXGI>?5KUa1HgQ;ptaNZdyE^Bab=j9{+@QK=g(}0oxZyGSKGw8Jawss&fKN=}6 zOKj~=&;+|)*H^3D#sVO84fa`IhAS%v(Gd97b6$4T%qw0zCy$8l2di{RGpu^xz-4AN zSpVUMjosIJ3ofbC>Nz<%U68v9Tcp-@T->4()~} zCK%1(P~7ahc9Sa4;9*G1Z`Nm-`G>ddARwUcu@|-oVPlK&S=VRC-LG#B68q))81(^@ zPArl+H#$`hYBqj^)A+%MTbl-_hOw{`Xj`^22wlkuGht7p&!--R zgH3+sN=ef5g)E#;;u)X&?j75(u6CIExH>UCcOnXfnLO@%>89&cPg6lv)0sl~#C?BI*b? zx8~W#Ir@x;uWK3v3`eaNmhE_r{?5*{KP~q>@g2@5R?-;@7pd6W*NX*=9UNFFl<{&*RkC|U$wPkxNpP7)>#(u)g!oX z%l}Zs_rJTn|F@c-|7N5kjPp~#t)KMuq?2~evuFDQGvL>*JsQvt>8H5#iecpY#?Ck8&vuC@iL;L3%D|ruH59;PWZve&@erRHgD%VXgt~%>)_zr%vU(WTwdMrgKO?4}c4PSbI2j`>5zbPNutkGzZBLmYEGK ziOIRG9YnL)vAwh(@kQ3&6KY%Sx2CCvTO ze{AC@Uj*F)X5<+_uW zZ~Jrs0k`jEl&REYRM1l6z*cA?@vH@H3=2A5|1AU9=khUn53Fk+(3R|4eu>@N`|ut4 z-x$CZub&+QW^Q-oKQVwS=uQcu>i;l+L3{N7GXog2YOORB!0Z6!|PWqRF6=Qc1esE3HH`TeAVY(n%eb1)}ymKa6` zZt2s=Y+k>tZRE~g2yE>PTyjrPbb0OcbCY@=8_iR6P7zQTerlHsuSFSRGRyKa%4fT0 z8b2rtiwO?pdG(=VwPgC6C-=@}YA0k=Z~b^+;QVpXebNfXbRzV><@<7nLi_18;=~zH zpa(c~Jll34Q2zn4=g^ReF`v}rRHI3)rzv0q;{7sb)stk^!5dI0GcL)Q23v8fXp7it zxW%3$_UPXAtfXXZbNO$DxIsMN1Dh0H7q6*(kMQ@HJ|&qK+!QvOB{NeHop-~OXMFwF zy6jCOB>r4r6p!z8!aFB!cJ`c{tY=-teWr*C2knRBtjAwx^nSh8PO(Ip9>{r%2c6O9 z(Z{_Q0KxF_N@uT6*8ZivG@wwvBl7zW6*B!==&k`Mpn;)(VtXo=M_Skw> z9)+yY2KZHyn3S(-nbYQcB?goKsiZ)Z@K`h`By{y#`lnsyM_oSPC2>9!F_|zOmUJF( z*Zd`jIy*Oa#wP0g?VBxtPqRu+#raw`jd;o^M(>UH{lbR&L6r1Zc4Vz4mX^upy3T7W zQJ+aWibn@ojBhliVG5j$P|?xx*?s}uc?+o9WgG#o`#*m|RuK2Iv^DpJFZdMaJ$4^J z(I0kL1qvW&Jz39nz*`l%ySu;Ac+TN4%wds3SLs*CD=^Sz*v;|uBwe2gHvou>HXr3% z4Gx~RTio15;!!nbY!k2Z%NQ>B+EJ&NHEKP@V$`j72%)#}qw|VXL>0j9+V_-w+2dBd zzTtKu;C3JiVD1(oNyM7BiGaVDU->msnl(L_@yjZp(ICgSQUiWQsjtRSki9Lda$HA^ z8%G?+A)qRvPZInlkRzQY^z9OAc=3`eAZZ@LZ z+a!SWd-zj*WVfpXHdg?SqD@*sO*hvOSOfJ4jqKzc&Ud>+>DAp>IU_iS)UL~@Tr9Xm zECDzoPp>t_^Xh;XS)hBhm>sbCX+WAbY$)7typWoJW2pI3vyUs{RZd8Yy(qFov$Lj5 z75AKcPfhz<{#;Rp5>Ms%#aDWOQJoH`)7Yq-7e{uACa}N$MF17JB$<0N6 zqLf(Xbg_$*yUhWubCjHAYaSKB4Oqap`;9z|)bt*dvCk8>Y`8I8%Lj&S=Q15KiEj)! zpy$tD;fz0beV6O`QWuAm#5nx5VbAD`oF&{53HhROYAYYxyx=u{$cN{KHZ^-X<(d%= zjUO8A02|cTiM*GkX(>Y+yiMVVpY`cGt4;p>781@5FA`CXx}hJ2M^b4>Hf!#;0hG>| zm0;dL6LmvJk43bXnPaC5_UM0vdJwl&fF0g15AjP;Vg87n$Klrp&l6 zM1E4!)^b-$3Ru{!c|uZ0-N5P7WM`dMuUFDxHaiDkC;a^Bok-axfW$fpUOc1?2H{R;&&pk?%Ny*KVvHjY00dF9w zcg3+wA@-bMx2*-|c(rR%)?%F8Ctfo;RigZ=k~)!9m!)tXL($08{xRcEUw%kW-AWna z4OqIPusPxf3iu2~uf`*qM-^b>HB{ZeZ13h?7p`*^;gCd;{lkbVZ7C^_SOw<{kv2J( zuRFZv8ii#ll{iI4vswEc`vIDhVEpQ_9B-VLiJDh}$I`tiN8xVq1!_{@#c9;?>P!_> z3Igr_I)yd#eF@20_}QxAC_XR>;zBb-kk}yEH0#A$n+piZ)s#0g+O+|1C;{YZ;mD)B zSV=9OX%n{1y77*#%@F%7zYDiv;(6`DUHjg-(#UyvV})0Nu{zDwb&s&3)0k<<%d+YF zP8Hsf4udgKQBwsG#X3>ZC>4RP^pb7I&KuxOa(lMZF&Ieg158DOlODr(ac~PAUO@M9 zkJn!LQFN|qDki+#u7*R^m~XlB%uH28^8w2DtxlzC3qZcEC=2xbnac0c?^OWTZB{fy zTP>HoYY3*%ayh@}n$?Xatc3zH@m=>wEPUyK0Hh|B{}i=P{Q0h&PP2g6OpT+d$W7Av zJCh%bTInu))+bf93}V3*G^@2!LDxZgp?7r4`>pw{i5}Z5?N6hDfff!+o>fVM>)_oQ z?wq@QZiaBG8b9&q+$CPkEGn0e|9ZrjF^q(;RuW&&rl#Qb$h-9JpnjH-G<#wj%!uaL zF}gYPMy#~x6ktnitwpH=n5((c&(-~bQZEp@0IO`NFd8Mw?W_-R=r>`aQBK{a&+MPW zF8Xi!%Pg?=J1rw`-JI%Ibn|>AN?E9xQuDHyj7H@&KiyE0-ugv40eK;&=#UGUs#!N_ zg_-ux%!qvIDG*yx>KQvz@Dk$^6dB}+#4p@ckX<(CeCG2ZrXT@xuo5+5RD&v;S1eN@ zggT3PAk00z7e95Ro~N#`YFB$q!9D|kBOe01ktZ%Q91wW%v=_Xnf_G>XASNoel?R)p zHR{J=&jHNXKdJ9?1@nmlSj&UcSpOo4YylPUq6aF`&#-wWv|H4Ro4KrM|033T{9Y~O zSuTHz9B4SZFFGdmggT3OIL_4YeO2nL%Q76_EF3%uY$7Y^LNDUL=-R*ueBIs2gTW+5 zJr2FzzP{E(Ue4nrs4bvoWPq4kL^kBXB(4w2h#4Y0o&%bA%Ka9(T$T}K+ps>)z?J*e z!2tVuB5}VRyLb1#U8^|lB$QFc>wc~-$iyux|EfjuaWemZ@=#k^f5PTOsQamJ<%uYS!-WR{u|=7Lm#q( zGTmzJ7da@`V2MA2i+2@?++eTZ*IgpQM(&4iaKegfvb;{H0&3yh({DlI|*1*`Xuqe*hj_q z*t_Dwi-mxsx7Em!?|~dEyGps?6HIcpb{wl+!=3?I)42p4NjhbHQhkyTWRbm`6>Q<= zI1gT8=T4dej7@*=HWiFtb0z;|Wl^Z< zO3Z^-Y<3wiK&%7rUP(<$8&$L`op%rriJ=SsrXUc$4Wz@JE_^F?ApA(2telTVe(gp{ zAnkIZoAs$1Mhscj>K5o}`bK-@iqClauvaBf5UW^>4+;2Hoi&npxt-f0qOiP1FRq-^ z;bXl>x$O(YA?|M%YpjtnfRq};-n8UZEIgJaHX|ct=gf zSZVVq_r9Q4T=Q$ay*QBP+IV2D(e+D9b5(3jRO3}jpsVRe=Fgy(-^Y;C?+ynAfeho zcjMaEavjU`Bm3*ikTtH42`DqONLPo(02z#wsZxsArnoBQEbx5#>+X4NOs$G5IlE0t zh&Eqkx6Lj8wT?Rj0%D@5aD!c9(ozSxlZgx-!QG%^w>0R_0@2J?*5xwpzYB@&9HZ=2 zscC`850Jb4x((5b8EZey2S@U2007E4- zz_g@^3}RHv=j*HPVjr}EiaLLhQG%A+Blq&WeTZO4#jnlvSwggN{)UDsHn5K{Jki)x zcw}P{^o^vOi5*5i#;j$l+AjTmGp8{jBr>c=6F-S7UuodbN~<7j&Pkc~BM60Kss={Q zo%aof(L|TIXCB2XAF|fE*rJ<)SxeSO@@-17^B)a1H)T4Cf}bjt@^5|Q!aKD{L*u@} zE!-;J`5t?lPQW|7H(~2^@Z+Oya56|7HIZ`rR<3yO-S@R2`%Ek1bF%4?N7mWKrC=z@ zGiB-5VQT&HCa1;+9$PU(mvdiXvRfwo+& ztt-EVuTnW+TYW-&Y}-^OPcfWjPx_MqJh9f_Kwh>rbdUlzVL^zChZcC+pvS_jCtso5 z^+B-lL_8P-$ao)PnsksgG{M4kNnHAdUCRgiJBEY7*O-*=J+K}~-lSO)H8x_`KQp)V zCcE9`&XnF&6fi2FR#oz-h_qtAC9W`6JgJtbS!r-OJ{2_6PIqVfu(j!2Ut4a5CO}XF zTL1Nu&`&rlW!igZY97qG0po()6;5AblGTr2`T=>0!lpb{&PTf*GF)R!yh|%Qn6RuB zq;%gj*R=5hbvtM}{MlgQ1={-FyDqfJ=jqFMfay(GPylM%{o+)Zuw#5qHWe2k^z!2v zoKs&{#Jwj(;xEo=2;uio8bH@F(YRCDjCZR6og zwClqZ$OCC>ZC_npD+XP!mlgw$I1RT+YkU+}BA=K*7Z+S}TU}l3&dEd_mK0JSBBot> zxPXkbUo)({Njyf1YLA*x2XqN)PF)GwEVrh$J}%}if2NL~-mIq9C_B~fBXUZzO3UD3 zE8mtKXT^ee!EnfE3h>p+lUwujFSUS)Yvb*Whd_}PvEW%+&z(=8*M3o`cr&&MM8@T7 z`*wxQ$D=D-V8U`>B)UvwQzx-8{;ixW`-`*m`$_#{WA{xsPsQq%+g-(=KR(1rtF>Ox zzCg9Cec>6|Z`5?9FUhm!_!oyxxnGjS`rmqYyLPLb?egH++i$HOH`GPUIkt;l2zaL@ zlg}h=y+v;}w%qfYnGO3RKVt&`za<@i& zbzszyGpDs3CO=z#@$#)BiCKuB8ISG9Gk4%!bQmu$FvuoYjooMxn18IF^lHt??MDMi zikgVe#JTE5FM`fYQsL|pM+Wt6^{%pwwnmTZhkM1S6Pp9RcwY*3>n*xW#0Ze2v?^x1 zj(Aj822$!}+x3Wv=BP@S7mY7P{ouh!MUu#K6d!W#_Wsb@U9FK5fL`@2FqqwR+pg^LpKZ650JpS@;q| z{dW6l`Uqs|viZ#76Kd1GY=N-j#sdm`l9!jd45C9XTk0+yN?BW5OHNOpS`{=btWI$Q zcSp+(E)mWV+TYy8t+ zv+eaIrE4FQKiOy`ynoM2U1Y@(XJ>kb45@nF_d8xJceshBN2_1m&}~0Yf2VSY*1qM@ zH6Ll)QIq>zq$WnjuhAy$%ca&SnO0mB$0bs)oV+*hkejzPA6Bkr_pw?myGVdK8zmd~ z-FuaWuby=9T(lB2djM$a+>Z->EhUH z0B#|DzhQ?}OQHd`^#vteY(m00&_rl#Op0=UfB@Bl+eb{+-G^0U;KQZRLFWfQt)20w zju#ab)tw!vv~04l@DO9lcpa>w6d^eap$Mr@X^JnDd`yrK&|dL=Cjc_W%tFR$jg(wi zHU0Fwu5C1eWe%t!*@Z%jyU*{ihFT1g*MEF+vW_H0YGY%%a5&MOB!%j}iRx*v=20+< zqh&x%X8BdnULsw%Maubk5Nf)}Lt&BN|r6E1gk_pZ+RlcX%%!m1T#6B5Y| zS7o}n$zKxk^8{u0ve4ZrUnOB>HEYVs;{kwPvHZ5Fs#oRBB4G9VTNDzZ^)SrYPm4^U zNA2&6hakQRAf`wTI}1ac4M99U?n!f8xFT|y*OyJpMJw0dhGx|{9?{j+3vEF~!sVaZ z)y}{nZec!I(D*x4)Yh0$R!CU*rkR-;<4wwVxrYhf*uOE&uDk{Ytu*VLIRozy7=g66 zw~t2}4_5hfaiz>}jU?X9HT5we%9$q|d=1{(Pbb^4I3;0wf4x@lag`)-l8)~D?bpG< z!O5AKjo|QyxDErr|2_fMg_IPv%E@(o=VIAEMj}Pe1(BrKnDx&M)eb6k^f9>Meo1yL zb#Z`KlG(A-84ZR#*#f?j4$%&4S5c~dHMN|JC-)q4i{8P9L}&Z z(^)j97UV$2d?9VN#pEnS(Kd=%MR!^^O5`XNXJo#A|CtzvFilr@wX-NcJwWw)<#y0e z^*0-nkXdys+1l8E8F&iRjFsoyih0J5hsWY@DI^A_au7aFVr@iI^-MIyw??}xKj8-T z+CSXuvc)JUj5V&TP1*!5%b*)w`BmZb3jl0aDz_ehH=u$xNU*yTYk!2Kd9bs2yB`IoA zX%u^W=Y-`Cyu?E_YinyeQ3M%ktWO2chGr#x=BC_PsPZVSEQ35s3??50{kO=s5Q8e- z;?cp0Z;p(M4K@(frB&yXlT*^ut}&;dIzTkwZ!z-qJb+r*i4~SAH99ews;Ff?ZI&(PMXfB?>*1=Xq4J8yV96j#NJLk8 zo4#I^se8R)Fx_P>iddfJOo~f2y&lR7BltDA(bKxdo;x?J>_bwfbPJG46-0k8$-D;r z+)5hTFl~jW>HxO08NO+?Er0mBWDRcMl#GMCh zL{?lP8fR8p6^a`vylgzJEnq_U-Zhr|=8ViuUT<)n6IWQ#zfL5|z`}$dLjTo@woCAJ zgpoSw^mTM~v2X=yWa&za7e2DR?_B%kZtgWsv;uJ(cnr4pdvaNlw@(t=WuB#X!n}zJ z;lWxh9UabbH@%rv)&eeG+d<7=*tZNo?@l%|GsEkzL+giJOKER!pIpO9*Q!@97V!8G zL&OK-)mC}Zj?l3yV@Wg%OuaKQ8bYs_xty^38I`phXenShP{Ax>-fQ=wxL`20{f)u3}C0WjSBf9i2@$Z}gd5?-BzQ(HSU>HoH-6R-y z6!-*%myk(&h1qh3rzS!3h+jtk?_4z_zPKj9tq)0xR8^e4jXaX-Bk0NNn8PDI<)Z0t zEV>#5@~3`b?6-lH(>ZoPrC4cxQh2j-RFlkdK%U(IcWm(8)7G;3%d0`0bXuHqkML); zbLM|ppGL+!BDErTrm_f}emo^8d8pIi+U;<0(JDW-Xm=H^*T$x%-jETLmPY+h?K^iQ zc2~g20b)|AHM$5BQ}fYLRyi=(UmENM{15ZqP%_nJ-g|V*+!_I7YGWxDrk>ql#Xv}0 zNcUi-0qCu{9kbl#Vl>*ae1eJC7)nc2U}Zfc-LHxhE#vE{0m- zxyBe%Gr}lkQnr68F6Bg$SsehJ*$T^gJ^AHYai?=*mVjQSr2yudp7(JP-la}Gza&x> zfOk+;C!kyLdUEj8j=~2QZVGf!mUP}O+0W2p?{fyZDtuO>N^l}q^^;h-n_Ey&J)Re? zJNDJDa<1*TZd({lQ&U%4%blr!q(tNKh^XvJaBDyMy1JhKXj^Q|oR~1yYrGYwH~vCJ z0Mi^A%AX;ip`nq@Z@e(t)Mb?1>yb=wa>i1S1^Fv>fA8~r8=0`rl!36OhFe^=Z0UoAKG~dTTqm*8>Yta*gyGppQ znJ15Ce#LNocwBlq4|Rss)jNo2$uT}f>r?7&aU`Q5NCS2I`&RXR*Yo|Fqa83}b8QSG$x#;_u71y*;y19a z1Dwbe%ATjNmPb>6blM72lB$7OkAjx-B?t;Jdv?QwK+EipB&00^+QX3DNr_|49JjXZ zf4Y)ZJSSAZeg9zYD}IZ=)%WAk3{@?wYB2R{^g9p8)`$-G=eau z0*k@wt?J)aU|gclf7H7i6u#Mj)6o}C)O>^`4^H=~%_vLymcG>2dm$R5T-W71;J=U% zFn*--Ugy~tsZkOS5@9;9Is$}ttsDynEK=pjB3x6O-PvM|3heDFrQM3o+&MUxhiN(Q z<3ShgEPJW7?NC#ljcPrK;#Ktgc(@q+o((WA6H0_{?qV7F^b;*buM1&rWuC|DKwi=a zYnILl$Da#Vr>+m~?7sajr#@gr(og zg;@P<_~lh29Wdx&55CF40#`n~6*#(!ad!S>lEWDemo}{?VjXP04#zGDy55!-U!K{} zZO@&RHdEL8#{wc?fui)#*}V&Jk`(aWXHf4ezMOAo!%5jWE(C zXt!rEPhS5FLdno((1vT0nv+565h7tI3>TZ}ePHk62GEH!qq1P*0bqlla~ow6^6J%? z+V(0>q2qJodfo8?mY?u+gE1@tdXKEHYunNTS8Yc!1G6oUf+9XuKcPNg_ou(G&&ayP zN_4-cR%a_4FX|oFs~-%HHJhL#gc=)v@VccZQ}tWorZiRDQe?3VpasU>S5$jZnS201 zCiEfu${tiIU&3zT)-pb%tFws|7@8SFUeWG5LA>n#sS6CkQh$CT^+W)?Ad;%~+;Q?z zux=1{uF>9gPk`SnPvl+Ob0S-yeo{@!>VyC6f!zm``T>e$(LKAOxxlV9`XaC^1U`{y?b$g7pPYLcmFsw1vXG&4_^Pmk^s+w>;aeDAISc~asUR& zC)oo8DHSa+-=8LM?){Avwe$yc@DC~`@QisP?4xWi7~!8yz6Uq#%1;59e{oCifs%bD z{wcEN&L4&Vx4jQYJ(7>~aG(ofAn?q|e?0RGJoBZ#b?HZDUe*rs+o>sQ&A2{Je z0zCZ{9J>dd;JvQ>d;jLV51uJ}cWm!(PpEE+^NAcBC5~#KBM?=kp2tU4k#qM{)ImR2ZWUV0;IR^uICL*< zz%#!d8}I$?6Xm}^`fp$>0eUqh+rtkO^pNTJm%Pf}-zefI_tFgoJzyk6?`@jB&s;wB zFOdEV*gtRW!v?1RZ`2E(k@&|mUjQ|`ho@ZKi(rm_gY;j(76+V{&G5fbFL>sk6kZ4@ z{E48@-uHgK_!mh3?=hVn&kuYTgZv!{#tZGHuiO00yoLNMJj>2|e@CR>FF1AHhm|E@ znVA97iI}A6BQ&;ovU_A^gVxJPPu`z3?6umexm!BkB&lTw%pIym z@S!x{PPfcZAv1CHy*tzXC;9%oh3#R=@C={UI^t*ES*jY)M}|rnSP|f{Y{jYyPrIw^sK)8$Gto$d(2u)1Ox0|Xs+{`vd-V8!Fa`T*t(N5wO{S^2 zM`{gR{UC6z#E}r?yyBWc$oanKc9Wd|22)+B|N0||l>1S20Dt>5oM3ZrdM#Ydl=$I@12(j`Fxng6 zu`3$^DJZ9@GXKY`K(bq4ml`q(NBQh4Ak~`D5{)#5wCjNNVUL%^-K9ho|Gi=*=qyk$ z@okrwc5VXcL1EgHpMK+}E;Fee&y%g}Jj*d1LW5UIQI_O+pW`e(i?;Vx$%8ZN)3h^w zq(#l=cDfNf$l6pwKRu!LW){#bd=>L2z)b~gHuSe^VX#toaGA`BT=`4#ultl3Cd89A z9_x|i=8mh37TQYbmvaSMIXH} zMAg6iI=jfa*$*MzQ#v9q6wuZpI5xCdxh3{}V<9M4d9H!50UUdZ0Iw_v!fb zv@bpye+qrY{|uy#1@ZA%VX<>}=L4S@7gidLnFHOJD+wso|DT6+uz(<-rQOL$;hSe^Xm#^!+P3#t}nIk&?^G4Z5U9I+_o zw(jm@6KrncVPRpqkHBXHd|Dn*(4YSJXtC;UxuwY+{f)#Wtvh}8HKU#ObII4j)Pq5U zB3_EXrdcj|)9+Z2yNZvGPt%VdGl4BA{VP|V!-0BQX4F3L#UHB)?;V;{-h^U`T3T9N z-;;yV?o>u}<a-J5y}nL@wd?Wy7kok4aOnJ*W-l$#SXm zWEQbAwbRl8amYsCA_lpl_dR^O%W3-oPHA2%>BHo*NC|?<8(yovzP=8nc|yiA-mg9A zIPS2$U{Npql<^Ft7%KV7DW};#ny$`Gj^h^mj@i5B@DfuxFWPU)O(XkZq6d^^QacWI|L#ct=v{MsfkoB~ z#5jl@b0l2Hw{9qKeJP15xcPE zyQaksfY@xtQC83zl~-A%5FX)=m|zfc0OPR5vkyiS{z#$S1&(WeF9^He>tQv^PEleoTAH=iSFk5>UClF$VE^D zhGU|kp|Nas#tU-lv4F2cOhwW=l`SOjdF1n$&6ca*e^Wn{B(-Yk4aSWr4=1RQ?1ygi zhLYAUm+v)KmHj_GAVayoP)Rr{hgRLr1oJuk@)|h9CMl%7lpVs5Yp|y2ppJ>M8h@qN zT;Va>)##d7UQfuzE0dzQyu0=MBy?MoRl4qGtj|Xe%Ik;<;#S=GDsrMRlQDJjaij-M zgNu3{RlF+?_WB($?AXr~@oNA9*EsWXkj7Kpd6pCD1=1j8Fj>A85h`fVpy<<)uE{i( zv$aXAeo1qDfZ$dx`FK+7%pvigPd_M9=}(u=H{8v(F`CTl&=w&4xE_bY;gZVmi<+96 zgTvulN9yYpEIS{*k_K_FJJau9o%AH5W~|5^YZ;vRdT7F$J0((Vx>QiuqWc8-Nrz8% z9aT`w5lU~dZFE)-(qy_}PB>5I#Ae`d2Hq*3!FTiwF!4o=VL}%UiH^qfO{e|NdGhPa zhpDEx>WW{l*cd?q_WStMhenJ+-Rq&+km|8$sWXX+eS-MS`~v-<03A_*ps2Pq_3Djf zDOx|tCBwQXp$kz=YVrY#j9?bKl_hRDn1<9z2 z_*(%^HHlaHaSyKA*xFU~7Fp|c=Nk1a+AsIn8<>dLO?G}Le|1uWkv!yElx6ufB6^(5I<{hdxS*tX{;_eYCmP1)nxU_i)We*lB01XDJGd^ zyttJFK53vO8Sisz6<>R!G1RbsHs?>oV-aC7kVCR_pi{Nl&M2u8!!?Mz2&Db&Z8(WMpuIK|XpmTz z8c=7_F4T&o|8{>RP3Lic$)K;;AhpiAZf;(lw7k4LBZUOPvC&7#ZCn+kKzc?>x0cgVlb11lN(CE@GiwyTP%RB*~3dRTZX)tsL%TVwFfaLx+wVrZLE# zE8cnVc>hdb+J@^EQL4foN9^k?wl!(D7?;wL4%JLz-JkMkdA3FJ$YH5c1a7O0P+4d> znC*D3gy6On0rEDcrd`d!WYz=>;rncNM`@w~o)6PiI~X5;rz_~SGFe~DbgTE~E1zsm z>U1GE_xts4PTSAUQ#TMOhhI7=P56DvfJ6wK_I>&Z3G~W-2DNC|mXRi@JQ(kJEp^hm;)u*bkvu9U@Jk3VKdPLSB(DrNx+&h_ zCA-45`AtUm>&y0)f=t(Q#MS4AB}3h{at!LHi&A;pl(4c?mXgGGN(LP6yhXp8S2nM3 zon>LFK4ERch)no-&RugE?`(13=2xZ@Nsy*RnULgMlV9ZpomtP7Pvn~x!oz79IMD|2 z`C7{_Y1#|`BgEL896?6Ol?SB&A%2H3qt9pGGL>Hj*|Rs1Gq;k8Hy6__yyE;M5t5r( ze){i~tyX)-qQP@B`^C!e1p9I##>U2`f?8+g+2mPu(aJ^qa+wr5LKIcztFdAbS1Aa8T7-+*V&sqpy1O%y_3o`MWnu<081(`bk77{a*=12^?gG zNfA!Qk1^fVQc>=PV}b2qc_z+yvV33;;O{N=^l$Rw?3e8I`Z3G(-9=ORJvl;aKgp$N zGbMk$s9TBka%GiToAn#4mReJ(3(ZmjC`Cb;p^e84-l|Fx=cs?$9UM0=olRW%og~S? zwzX0{P`Ne7hhE_DObHGE3Mt}F?Oj+QB|zRry{!P4I=8L&khiGlFZd%KGY36CHm;nS zi5w5g6g}m8d41;c#zNyzo@)_u%*?{sq;b(YWuSg*MaE@)FsZW3z)fU$sn}}TU?iGN zYW2I);Bq<9jPc{|aqxuHB&8gR|Lrw@8?wHx{td;(%dVK&$~TI?Tt<5OeXk$7a+$bE zE;;l0Zi%^8Jl)N*>u)Vw=EE&38OlAp+%PJP+B_P$m+_0!_SG^{bHAppC9JPp_MoZ~ofCb@2GTNP3&70k{?*a`Bz(lBYTj z;VU_w+=si4=%^~dt@?zDSZKFTlS|pieYjtAQOqMy@#*5?!lC$Pqtwhu+dFm_r$Y67 z$GA4Jhg~_vrfk|fHq%F(xgI&MUeIRAbnBZKU?n&>FKy&9a`DTX1d82jD`~VjJ;h3J zQ5T-5je(kOq?6zA?2^X2XHLYudedB9+BFdRm!Fl6gp$< zge!kE_O|fnv*_x^2BHxtk|^WwUu)xY1IhKR`Ldg1tte5U#XL8nu~MI=dC@s)&*sIa zjZW=3*>pGfT))fbEVE!H^dVIreuGR29pKQx@5}8#M9FI$=7P zdZ8|lZ1R(LnV0+B+#+0>Z_U0GDa9EyG-9S_XFXaJd&b;2ijdO`^I_O7pr(S*CMwagEE@#6K&B?or6km1&pap=DV z)<1(FPzlr;2U-WKwq_*Sw~(fz#SBxtw-ZYHb)V-(V#G^e34z$qr?N)`HrQ4TVh6Uu|8)RQyJUy;(=2 zmVJL@WRx6-T{DA~81<{>?@?eLZzYZ>xyY)`!*gaZO=s0Ada!&MM;!1L#QAI0hu}qQ zf9@l%ir$(VDcoE;KH%rJg1M9Q0~lZR7H&kb+3@~N;gZv{qjB3w;Hr_v%V)xM!VE-x zY`&!F&{?>)gb(x)@U9JI7RMe_|}IRVOJ z8;YyqTrZp!O|*}{I$kj zd~VVwoJLR04hc5)4&~Z2$@1LGK1+>T>KgH|S9GKZOa-!2O}(lRM#az>AUmV;E}~#m ze53}lQ;v@7F{e=LL$zaWfX3#&lQE{$vD){tu!#-@a_5dt1hzJiBoL=d_^7XHZ_b72 zb9}H{I(W%{tQ9MGM0P>n5cWkp%C8 z(xG~ZA>PuN*vlim)`MG^rJSx?NiI<~LHLq>>t@w)m$5p&YT#S+(a8c!v9)?ad+TMV zL3G*Rgh6Cmi@vB)uFcqWOT3a>^L!aS)#ij|e=%sN^-yxXs2Q?wCI)0 z*i`i?4!Q%ckuz`+b}^HovH<4{LTLn3HCFu!ko@bSO6 z@7D__!ROr9qGk+Yu&q$JUL?WE-i~TwgWzldJQY#ilJ&X5m4Pi^Rmp|-lM;8wZoR)% zjOQy084rlQ%mYF|*+68qC=#5OoptAj>u28|c4coy+oq?d&xWLBcb2jz||PNTs{{+}i9nRV={U zX|50Psp}`b2jiK6^U{^A-{Y>Svs$A*XyLZyyuQF8c7fWLw`Ae%nDhyJ5rVuX7(;!K7mcXhR8yH{`?Uga(s?iN=ijD6K zT)7T~i|{q9d|?^@9@`rqs4&rToQuuVW^R0l&-tDbdr(ah9coOpl3p|+si^3Rb7t#= z&Q>uuJ!IcbW>pX9^snV#9{+Y`aG^yiq|Ny!mOR_;q{D-UOGF#d>35ATk6nI$O?qq+ z6r}||sp6x0Ipj-$7w>wID#~%|R{YN=ApG+3x>ocKYC$0*h#Bhx?Z{#SyMf2-N>u8>JentYc; zZAPx%dD{Od7N`L1K_6+ zfYQ)i&%)u-L=eV+;uOc_DB})fKN|;mJrHjvN!ct)k%mJ{Ga&91*teSm^Dp@H0DLf+ zI^l(iBVW)nurMbippzqx!Ic_n3E*!;NMAf`>~7F8dm@bu-h;w0HqUKDZO5$VXQB-a^arU9>J*o3Po)g?IOXB+o-Go#qQ{+iN|2-Gc9v6P#!VQ#$k+sQ~gP{ zVoQNP>Zr;EZUE~E@lmT)*lrB;E`a^(myF#KV@If<(7MkXDk$6!m0YPQV|I`Qafc{DR98?44S;|)zVakOZ@*T$k6cXS8{!3HnLA5th8j5uqUr~6u^Iv{$@V|!- zJGkJWr8q#=P?7mf1%NFqREU8{mfZOt2zc&E^?%a@WGAxCNXeXl7^HcUzQe)qmw;l0 zxF)f(BYR%@gh!T7a=o)RL|;#lvjC<_ zk+#z?jNRaPZTSPka14|A>8A$=P<`oMaVCA~O?jKsqvl#i`;N1Dj&`n87*5DY*C%6Q zA1~lk#HNi@#D2{rvq)I~C8)Ap@(AVT7-AE+;WHw2K>C*W3`QPEBZ6>XaeFU4>xE6` z$O~KaJ^7Ns9d~bDnm%IdT*f}0RK{=2!5XB_>JAZV%oZesdQxuf3ZWMOX^J}}OF{ch zGbR+Pwp^9al=b`V=v}9KrY1Vk%gjzpCz|+q#|=s^jxS4`GQL?qs(u^+89tw;!O=@Z zP`mIv=m6k}K@s|GwglkmlA$8~)_JAKLJdRb+mplRKESn4o!THf zAp>6!#lHy#eOB2UnQA>0)a2TKIL>54LOLjo)n571iJ6S#o{3es0*e-88mM88B>k6! zz#@(^gEXz;O|!E3<4tA1K3`QyV-dV??C|F60Mzr?G*AwadJiydeVWDej!?l409N%J zOlH{OF(jJeAZXtL>Ehy_A4Xk%7x!tjDT-gzh?>_?;wo6pBzR=xi4d|~`vUdiW`FoO zC$*XfF+e1;3Glw29tbxy(2fG?)Hm2Y?r$D`f28q5WPct0cu-@&mt=amsg+!9D+kH8 zoaI|WC)aNlrYm{wSf4Xq}~0qlx*#|Y(m;vxB2F6=v|9ZZtwW+pWya351`BnFjqtwbpq|B z;*<&(x%B5jV}gCc+B=S$Ef1p`N|d%!-48~DZ~MKwf&N`ec|fE z=fKAsSr3dws)xrIz86j`1_Q5Mfrmnz)sH%(sna~m6Qt{{^NI@jB@*| zZsHkz$jd~I9TImenVVYPlrb$E>7BxbJWHcjn;JI~9au99m5q_Ys`Z%Zc=}c{jik2%2tj9wZGdlG_cwR+YD8FS^lF%)=wy!LaymOi;r|fh zpP`(AZ`vJL#xZdH06G16w1rPb_4K!%xXfjlMRZZ7s;XFUTHm0*;g!u&7_Pn2@Y7GQ z?15@@8cc$o^qiOdyW1I#yDblNw&$Pc^TXlU@^U=WLr&m&gk>%%c&hMiel@S<+7?(P zj8F8VS$9j={w>Ya-XPt;r(xxz3yt}rleR(Pi*8XVa$1cltTAwbs!n4x08h6S&kX|+ zyUoU&Q9wF61Z%*N9ko)(QUL==Q~6q56lEym5w2ok03X*mfd;&0ss(#Q2q5&)@2O2R z;FEl&9aUmSe+$ACwcH*fRdW*U=slrjV&RKVifAT?Y%NMSDl`UR90j-lrDOYmaJQ3> z{~H8I)R+S@$fwwqgLo1$a@3Km)zpHU9eVb^+hm+xsZm8ZNr~aqLBX+DaM!)TJm(Wf zd8(sB)cdKng;fJMnBD&r2i~BJ?=~l*Y`AfS{c>gdQ?4n>BpjMBz?}~}L^LfY;j`xu>H!Fbo3c?YNB?vIQuHJPTG^nuXt zn-FrdhsR*S*|)6!0{Yuna_hsEBS|tF-s+1bgg*3o*Xl_1gwAsD=;)+(Enm4fe&wae zBQ)5LvAlTZOL9tz$I{Z0Lw%YKtMzbQmzK4wBEZ*wbW4~5eCg+?9f0$k%&!09!6g%t zqGcHdC(+bB99X_qpVSO8311yLO7IM|A$)!%(>SrsMlbC^G_k#)oE0QpTuumEXmj5$ zwL zTv)JC+o+?98~dol)N3HgaMF1)t8m)F&8uX(_`+~Q`eEG@f+LaGI$X1zl%I$E{Yc`{rW7}(k*be1|=gRD&@v43kbRNM&lUW*fCu(5A} zL<*`yF~dv~V+t5Rzr^MMpqFhvVs^q}fml8sQq@joAU$%XV@P6VVKe!fl1!Vz72#ut zHym2M!`|3Sxigl6$BC>pRGrx?eJ8PaH9t(NGL>9Z7WlVQb6H= znqzuM6KuD?L_dhZsxiu?mtO295Fgs4mm7pwgO1X{s~j>^@pF#G)vWY1P3So)7~dE?sZ!8E9qZan9cS09;@GCLUEICK2TG~SBg1w8 z+()7Wsb0A8=`Y|xfoMaGEglrt7q|Bv)0!aoPPdBut87Afe1xF0@CgWA$;w!W)8`m2#G2Ixb9>80 z116dR{o#?tMliN1=v4se-ngv*|B!l>9ay`8YBDl1kUR{|&+ja>)C2LZlPZI(r`tY~ z)xG%(xB;?B4^%;Jk||Gret5D^Wz1%~x4ff61~h1bp57)`e)RT@0a`@@xwXGZH3Ysx zcc3$6ZSCwHgLWFP8c^LJqhMxcXO-&QlW*glN~M3hsF$=^SZn5I>M7Qx(k|6kxl)lw zn3Iuu*RL-bIImetMtXwqw`0v%@{vt}FUWVhex@1-FsCAdyUxPWpprqBBi_y>M9nE$ z4YV#P2T`Y^GRI5~V^Q?7zs52%?$d^McfWe%a3=iNfDd1&$XU$T3jnUwKGij$$fqE( zS+96KK@~L?fM*5Yzzd1=mXliE5i|h3-(0GuF4KriCnRBKX~=LFW%0NhPf;R&@Hg;B6~UgjzwF0F;=vV5zV2*PeKKJ9-7lS0-;(9xtNO07TwKK z%&U05NLuFCNP<5XlU%}IsmmP88`y<7II#8<`R|qtWi@QCtxMTgF7*Y5pu2j{xj#Os z>@Hl$Ts~;Ur*vs6b>swnPLjfjw>Xtz)R^*Tu>OpNQ%rHXD_|J8ca?EpK3O46w|!}dYE$8sV+#zydaHu zfp}jD`qcjh4EYW+Ctdc@z~&?bE0)r_8*GIjol_Lr8A>f1QHW0 zmAgCs(f&~b1{k0Zr9JZAIV%L-!PHN&L4H-y=Gx2?BKZt?(Ux&x17tD{z8g!&bXx6% z{*+9D{j5M>GpNUtg>Q%XA%m+({!&Ix^t2TTlV%dk=CHW%NZ98 zdiT71(DT!mp^4Lx!Q%w6gl4h0=9J{F7LJ28E0uAb1o$^lb6AyMrfhrbHTR#im^r^^u zVm>ss0uMo1<}s0rC}ttOnv+evch#S;A^vb3FhGt0fztM|W*82*0%(yh)1 zQt^2r)_X9r24d>t}u8XC-@wGkcOe+2iQRn^k zEcurMit}9Pu|tj+*nS0@@kfB0_|@7WvgfX^Bm5PwZ44+C95#v;o4C!7K3eqik`9!OvYE|X&C^y4f#VquD zASd;N%;Mm9yFKf0-om1sELt0$-tSX?t69Bw3(i;o((BMLI9dULv_LAiYNMto&yIE? zR=wW4P6l|mFiK-D{1v1%r~JWm5f8ItUw17Qun71*LP~6a@t(E}Eb8dWP!RRNdzto- zX8)**jKHqu^ZUG)CrH6@kI)LiUJu0VV~~?pCN;eb1@bf3SgV-CA4sf^SM{$0V!3B86D$ zF>&dAvYb6Sjc*ss{O;`Sea~6p8&1mHM)kxcy*bt4Qdd3A-n^AJQ3L`|btgVHRv0Fy zdA(xmW47mWJlowZW^dBgdzY={ylaG{pBA1_?{^)y6MpJW$H@;=mdUZ+SSdnMJ#aEYgnMP{IXuu)mX40 znB$oTI;D;i?nTkejFI2=8ay1$;&n%oaYD18BKMY_Zr!)U%LMy^iYlI|l86^b;|C@m z?2ITt(*fQ4^e3s8+P{L&cK(g11PFI|3<7&9_d#Rm#}XvM)~@%Vpk8|}+GeI#cVLS`Ap+I)H2_=j^;IjnGHHDZdxDXM@m{a{CtMe*!rhj zmfl_D#m}r?x7SqMN0Pw)(QYHrl-cBDf3IMKbMObexgl4?(c3{^j9GTAXd57q6LJ`D z?#Ai>$FWoVrjyOP)K>jH^YVG#@}+5qCqr?w%?2lFL6^SeYTojrGc}R^-C))`m{PDZ zGvVuFVy<&Sq`xHg=RHsme_r)HDcSVB;`7JRgeP+R=x5aW+hdO)tUrYMD(FhhVe=BO zG4nC33y8+N9XXk$bNi&o#f-wu&C9C{GL=eh_9nj-pZz9DvF0mzSh9S35$8#emI2ek zmcoyU;LF4}Ew?;7d)wbElafKHtGnk(xFTxERIjC6ym#pm8h)Edl_!p9js>;~DD{Z>N*X$~cC=OW zd8t?D*>n4}*K68SgT@G+HzfL;Kg0s%Ivz+G;Boqwsju()Zk)k@q3^!!-b?vs$>ulEfyKj1=ej0` z8+$~~`yRjdUU0V}=`XAnh#O5F-lJ;}8V{1e*rcI;&{i_V-4Cc$x2?E+Wy9w%$euZc zyz89?^9TBu#|MX}GYbE7k*LK03Bgho;Rj3P5j?)zE1#l`uRElZIn8YOhgR~FIsRltCxiZ`uEWm=h-lFv>fmMQ^# zNV203W8{GEiY}f>gd@m6dTNk*vdB&ug30a9E?aLWaxBC70auG3_&Ib3b zi35dGSaeAOn8en1luP*($rff&tLt{e+f;utA-E3}`S14KZ%Pj|GwIH*wkdml`U!f4 zjDej_p81?rLy_QX{2|keCcNi#{}%mHl(;a&pRY{4MNj)@etLc6%p6acdQmSI7vXJ< zm;9+6^!{fCQkNqI5+Zslpp`%4Anx_!n#bpBs&b{3?Eb+)HwI!@SoN;&??lN zDfUv;U6{~~yH*(p6SCS%KrR>Co48?exsLcD<_*R{d4upXw?lVxF#cVRnQV2eAn1Ww z`I=rk_@-KzkkR>Z(*<8gX*pU)`Bn5lB;BYyySvh&t?fN#@MU&3TP4>%u~3BCbX0=L zK-9Uk!59oj^;N<13>sRFFok0;LX&^SzOV@I$PLht_+Q%FYM&gE?a+|^j-vMpRbmv%bO zb)F)qzapJG(wVI<&#jYny2^(&T&ts_x3||?17VNRk(~Nn1ElD!!JAdq!&92F=-rJ; zYoNaWDldc49eWD<3%Jy3YfSU3tgN#RCMK=E%tz=r6i@iR9}NH*avkETkYfm|?=xUk zZ9cI{QzCJs=GMfCmlX4D=)C|jo5xAIEex(jAh&1E3Hoc@4Y}a-b22p7VCX}_JJ<|; zc>_dAK>yxx4b8asI7tx6mO6`>c!6{ylUogJ&3aY$dSMn+#$aXGFqbq$%)QO}`k*+@ zWT0AcG3aX>Q~h?vA8|we9?UX(8?&I(fN2|I+R$LPs+R|_tueI|G0Y_8rB+wP7rw3O zUP9*zzfh5mYyH7a4ULQQoSL5W7SOA@AunHRM|g|KC2kLQs7dn+*EB>A!52kZ17(vE zsSUuFnYPaX@CCZi;I6ooUw0`nOX@L!*HSQv-d-Z&TR%1xr6ov!+53NMjiaCYM+=!U z3*ge4yD~XDb``}z51_teLv1g9BkAbNy3}lNnT;dvrK(Q<#*x2+Z9oefw{ikmz}^O{ zoBz@v1p+DE-QBu_i3*Cc44%m@w;fLU8ae*#)}7%q$kz%J+nHElK+T{V!2*`N_d3G>vR_PRhY+#&UBNad~_tq+;pX+sz9?p!g@ z+n^AqLx%uXW99|%(kI_1c0*!UAjI917le^;5O}P{KRj$9tK%)?hX2lHh7J0d55Vft z&%1vBCQfE;u-eSpL?n=GU%{@&cpW$3Ln1(o3Vp@I=sbLet04JJBbs#xP=NAVut+8PIQQ zb(P^=vw`Il)Mmv3*I+zw0P5}QMCS4rGN_emh1j3zCsMwu(A3gY2-_e`too05}5@#JSy7lZm|gz6-)(C{UOyBqFb;LRq58~8u$y>(cW z+uJWLAqomAh-^?wa!6@u6s2=OkXE`uYUnUPMaiK{UiL`l58^WX+9=FV0#JH;32(CpEipHOVJz-KmO-%NZr z;HrHoy~GYiwH~?#>VkpRmLEWYo}A1XT5m`14R#~0?d~SESE3t_{siA?8Y~sIL$&?C zDn^ea4iDxnh@0-SiHGg3r5usQ=zCgu|11oxU!Uz-6XfVSE)V^+!&iOLNMcQq$E*oi zIsI;|7SJ9~sQaYv$(sT2@1APBmXjQr8mP574N!IpsohJ-mu1juZ!ah7({1zsXikXm z?u@P6RiMz=^D23(Hx`$_)a*AOy--bb(}kVifSKH!?7mQsdOZ zt=xn6fS&j5wYN4vi(U`LbVTJE1Qe%{1O=#zZUEI1Jib)1{DQ}%{!41mHBxZDwYcLU z@~{ZNdUd*|;T^M<MGHs_RljWgOc*760II`K8Y z1+Vv({pg~(jjnj9BvGkK{(KIa$$2&1haVw^UA4suZFRs+fjEiq#8~nU=v2%!TCrR$ z3Xl%ueCGRWR1F}XUJpvML7`?5k4YX9RQx z?db0(KSL`fbQQ5AAJDy)yf?HxBP&U2Wr!H^kaa^pB+|CAvGHm`Z+5XPh8NNZjqZn9 z+S|YUOd`qw)l)lN5MNiD613Z0zq$YZ^KM}SVmTCCu`E?>jkr5@q}dWrNi154FXrfO zIO@Ch-20Vsv|*$ZD`K`f0bp#253HXb(lUloUAG)Q5i&N&3HTUnV|}7)jL(7Vrl_yF zDyg8X9>X6Rsp9M4;_CYKg5Sy$TSCx+_owKnxM*(a&zB3_?Hc}JxjTFNvzhe|gIb%L z#8zrQ-JG3>96x8_EwOiQtLI&xX{r_x<>B~{^D(f+!DoI@=YCjq3hwjeq=R8lNHD82 zg@p)i0f^uS--BKEj$p&fv^y)9j_=?9f*^d}b6u+9F8Zha(QeoHDQk_G%t_7OS^1^`*{6&mC$Ka7F`va zav1aT%jz#5KY#P)?AcCDe3V=iDV=!bH04sRyj+8Qv1#*`AIY?#+qC2)AK8-d&TyPg ziG5N_l8{lZL4|pfB{h|;QW9_fHH%pNgte)*a6!Al;i5Zx8;dq>F`#(bK*Fe`?UnWu z2I9NxtX~=!y(h|#O;(``wSMC5D@r5~1c>bDy6 z&3YejKvN?39gDroozQUz;t&_#^6HMeRQ#3?$}s_&uc?lB#)pd+Mft86WKzk^=1MlF z`vza(jK;y+ZO&3pXA%_b&6YIaF6XjnNn`>|_IT?yDu6U8#Iz;lEDsiJ%D(p2n`%vQ zn1YXX`8kNV&CmhD@NBrw4b^40ZmTX1w8snod{lKR06G8K3g=`#-ij*@F3c$9;n$#( zQLZ=DYkLBaZasQSkqTTOW?gIV%ro*U*vq>2E?VX&{q#B0x|gbE3tr3dE4QV|h_lvX z=7S{+EkB)7oO$!(R-U2wWSnkMiwfHJ;7sg_g7izFAd+x^8Bvwkb}Y`;DUgw=J}B;I zN^c*j@Gai$E2 zZ@XA12=VX!V+Ivlbk! zVAdg}wD)FhulN0r&MG}^j7DY%EHePv78l~&Fm{Xia<}Z_Psz>h%m9NpUNe-@sKk^C zYLZ>6VWHod6rU%$C^bND(IO?vywy;^M~$L+`{x-r6&;v%8u{l0+IEwV0Zi52cD)y~na!&jq1 zS;b;-e!QGaiCtbW*rQ5zUG7y*_SvK)E3Xo;jnyxA(b3A=ZJ~;>Wzp7ngrJFsKI(+li9n}28Uh83maOL zCxZ&N$n=^6=9D}G6Y=ZHq4hSSsp*AQUAl%g9iNarPBC0YSB4iaA2k#alCi{##%uYO zf1)C-)GtXEzQT1#4UeX?8z{sOhRE-^cU<3@Nk5(c=(A^n-> zci5Al^E`-@SuOz|j*a#dA?=q}IIShRR^&(fr0fT}VZB?fvc2oGe5OqkjZ@$6c=h>i zEg`19uC^o!C<0SVuNcE2C~30mU2GktlqB+66ePp^5NA=Hr;?aYhSuQFf=P_49|+BE zo{VYnXFol3NzUr1>c@<9t{%`N^N?#;Kt@|=Gr`IRE zrWR81+*o+%Hg^AZ(5)u~P0mFⅆs>Zm5Iqu&fD!_V0Z&w#3BOZ0)SN->14xcdc<( zTDnEAFLtqfB>n!uBzscG(w2`vrC!8^EHK=OacK&0@}e6hnUZ@Aq^?I%K>=i z7BQ1@WjJ_envDFCcmwV_g)*t_SRRT|ikW8hw{A4%qX};(9pVwhd!@U8tgppjvE5YG z9mV?@0o}jG{YG4c?*A-ae79WciikxgYbOZA{H%M~2t17z+1?@^M}JrC7_{wADFsA= zt4I1f!h*x)qosvYigO)OvyCh%$istO-5LqM!%BXiqPYHFDB0!N$Zisj1APQ?HWxO$ zVc`Lqtee~xtGbZwxiQCV>0-L*FjOi(;?Ci+HB zAMF_(pUVVH!?ZQNXmutXv81W6Z&{nVMZn}6a!s6#L8g+^(;_SM)2}}}H%cwX zM8sY+{3RfqrYv(UbxU!UBx@oWg$pB|T)!!+hl}acD~T5KSY81E5O%3zD&AhAe}{!$Ip+To9%FjuJCrz?gL;YIJMlY_?`0ROzFMN z&O$3Pn}Txo>BCA7pj*P|rCT2bZiy_l^Kw;r*?e7}O_RMi*OqyjwzY)jVb-n4kv{as z%z=8NcrgJyq<315Zewq`MlmQP38lJh*jteoK@}e;2AQ1Ej*R-`QIM(GVm8V$LXRf4lIki~zS=dl@3E#N zl`h*SVBe_;>fg+7hfUDP;=zb5eEVxgugS*1G?;DpJXyXS9-L`8kV{QXopN4O{qgD9 z#KEKS?8$Ymbd{uv21V|k@R2Id{t3{UgU70``bnj*OIAO%nTO148irBdJ-f$JY#70! z{aD0ExZPlNq-#oE5rHndwl8xRaObuRCtKpWG~d-O;wc8)y%7={^n!J=K|;wk2( zQl_x{A)Curu9$};ywfj>I8Q0|{c@kz%k}ECFXM9hF*yOq^bKKBxmli|@@9-w04}fd z*LBnB4r=hZjU)yLdE0BRBcC`CvwX4LnRLM%4I*J#5cdg(bYrKoZ-dF%NXd2y6YMPQ zh0Bhvbd$sgS)GOmBGh`ta?Oz;f9cHk4^Q~*oGcLSpmcB|2{9T;Vd!oc&u?%02{zma z5(w&69cg8-aZ5Va-E}LguHvNr;cm1uOJf96aJEi`7XQ#}M^#1lJMBJ^4{K{IC$#{B zp7r4)_59x3H(g$QRO$?r*jOx45S^7{@#I!hQ`^N4h(uo}ei6^_ zbB~CEi=)bOlmEvc0P3||dV+(4Lx_u+80fBeXWpJ{QfV!@mt8hE`}OtJ&bf_Vb6K5n znb#97aeTa9ZTikE>UBiq*#XEvZcp13n!3I!Jt3IJl)CVvRTPI#<(+k|T)=;$o+yKT zN1KD)4PLjQz15M5WrZlVDCMy4#RgtwuJh3@%f0uSqB+^A^nD6k--)Ro5W);AV=41b zj>Jl`&-buQDehl(=4y3byeL(9BIoQwm)!T$;L=LeeK|F#8{^K_HS50Q_VDCA}lKD(P_ z;%-ah&(39wdKcU7$Yiv~((fu7_&k2{1g(-pG5MOyKHLgf)t1$_Hy@og=8}>uLF=%Hxt_Oi56pjj3N_n#NuKsFRKl~{AfY!$IX1dG z{o!C@+1dn105ErVQfrlqS_~A<{!RTc*(&}wU770Xfm0;uvt1Uk4-}=Z4>R=?D_`yR zdr+fa?b1&rXSD-Dl%~D$`sStKio1Q81P|LK)?N`B@>>=xguSGdvnsP6E^nUnI}G1h zn~L{+SNHTqq-lK!wYgBV#04?6&Zi!p+_4fsSLpVJ?_MKD6&|=6dDGMS-W03fXNtJDw(!p7G^Fe>YBBeh)) z1R<~e#yEDGSt9G$Td5|!rPodblb|YCY^iHZTzY81d_kt<740etMLbNQ zZ(`Y|z_l``$(K6gAuR~q1b2-+;Jxzet&?LFq7qPu?THkg&rY`Hj`Dwp3v(zFYGPn{ zra}+4Y!9Z|IpOgt)17Qzf=h~Sa-6JX1H()r^5UIM|ibCx7+#PX{(XglJXb^HNgp~-x|RxrhPf^K`3)V>UFSce0cWB7r{?hh%U+rUy6K- zUA++n@DMjB&Aq|Or8;pJ!i>$Zdp&!T4Qw`xZkgd^_r8qa1KG${HQ-?efc9{3jx#5l zJcT0*c6p6_!sq0Z+EDznsC~Qn=9p3)0;FOWGmIS6naI*RT zM~?qT4j>;Vsf+(#xx>+m&Q)}i#Hw7%DANp*8GqSx@1>j4GlSY7b#bgA4Z+~nN%F2c zEZ8ut{UR_z

iD#@x$M-`@o>axFalGQ6$GxcfCJAhVqVC+?i0RCF3??7=0%%Dl(; zrm!hW)^%JUw=1Bq1ST148u ziQ?VAT^lY1P@^x0Bvp*tmgPFwZfG+R=J4$0I+ax0aDRw#8(lkiQ>iNF*zY?8i%R1? z4J~aDXi3|WG)Am;16mi*|NNiyzeb3Qnls*-2`w?O`|VM^w23P+cA-YU9%3;n>9yr zNxKnZ_~X;}Y(J)*2akL31n6X9xy#u7T`bK6k309DkGr(@Rc`$kxnM~o`f#M8X~0R} zXg{Wt!iJH4^3326^XX%*j{s)H*!6!r$FO)QHm-%zr+%aNe%dD$$+Kbh(icEPV8uws zUt^jrp^TeX#!0icofN00 zh0ymy{${hSD`O23e+uM(<6vM2QJ=I%g{|A8S-?p|c(z9mt4D9y4nHzeJYszUwzmBa zFi1_C*f^H#iO@NSfg;wEg?bx;jIt&m64Nv5<|S4TZyJT12b3OS1z(i0jsN{c$Y+sd ziGGOHnzu zNqXVK$>i#uQOB$-S11hS6kz61lZUKc2-(w5r($09WXelL8)K~dqGJG@lO4>@jq1u& zZT=`7G;x&drE;Bt!E7&t8a^(06#nK7oz7Mr#nc{GlBnLhS0N$MR$ZCFo)T*cvKsykpofb{ri&(DTzy)ktsQr%)azorWeB`sa6ry019sU$a zYl}!Iu5_GiBJclou;sKecB`O5-cSAAEo7h?NWm(o)unz80^p$5&Kw)<`RSBAJ(d6* z9H*rrVUKJ$6POk84F>q!3OKz{8TLq`V zeuY~rzKW60K@s6wFxAdNLeh7?G~2L1ro8%BAjkbuH8$;BB`{4wY!aMQD{!MbUnK|r zKB-IKq~b89bXY>ogK`)-t9D>CSb>Etd>0uFbm=g4)Q^B@(tS(rih=x+6;NEj2_;uu z4ZYQSvklloB@as{S|jUqTVJY5MuA{fq1tXqBL#poAMRy<%H< zzNx&>YoEQX^vG13F!l`t!=J!~8qkR^*A#rMRSa+t{fiEwi@UBEUGz(QeEf!X z$s-OM$s>IN;%lt*^z?)SlMNC1T-))bb^*Rcd#p`O6|rmQHdwsV ziW^p=lB)aiMXsvc740(HiMR)NCYaw0yqFB|jM&2~GkDnd41=YNi2JS6Kvo#C9**z) z3vgkJg(EO>ALFPyDf$d0>4)N9+mdn6&0z+e6d3l|;9kURlKSR)BU~$VBl!9A8}++Z zmUWP2a))wrLhUp@*brDu8XP{~RDdDY1u>)_YmsW=9s5s5ndJYAqpW{PPKPS=oG90a zm@S2c9%)hvx7$DM_nAn2#@qU4`4pw5K9Po@v+&LR?%*!Jqr=g8*+1m)x1(?q;@4PO z2W)KpAFjg!6f>B~3bDR~^w5|&Fdafqx~^d<_yol2s~_dfpw_D<4MBFkqiR56*yw_mT@9M1F{Z2_LOUPR?WH7I-0TqGsT+s|l&W zQUy9+I&w-%*h3+EImf{B5ujv5TRoex(9@)wDdGaP~QO=A3_q6=-OH-$P(_D zw6FD-oKgNopc-8~EzorACLJG(`v>q+3RM~d?6D1T0;1SI8h}zuV$!vwa&>oP6QtNQ zGL-P)$vgtbA<;3rtWbgF<;Agy98(8co_nAakjyV%zbXKGJHv(1`|$(*UJ9pu=33R? z4ECZH-5k@J`@J;wFDTbah~hPE0D*Okr3P^K|7Mf11VEB%;k;Mayo6(%|55}R7g3@dfK#PLT%a zyMJC%dQS=uHq1m$P0e}f(j`)wOY~rdW!N=gCprHl#PiakasEK)s}D;2mmc?k@FJL~ z#4gEBe0Fw;~2Y{uW;>omuf9FWLZ zH3dI)kNI9s!n5c3MKgcek6!7J6g%r)>d)16P=DxV!`&R!GTpmrc^>3&9`l*rI4Yj6 zSu1B}4BUU>|R@k!;bt#C=)BaEKGvLkZx!veK;0w9V>1 zn0{)sG}zwwozBZxM)*@U{$@Bq9K{*aGL5EdeH0Y+ORNqFa+1r-#YQR($)jzhcT;~p zIgK(eOS88MmbvJ7ht9Xbln~AD|MI9F^cEPT4^zmwwv4p{BkX|7tDI%qPi$xaKgIiN z^%RncKc83gr(6+v5L8QR!PPjoOfvXOW-hq*-LLmZjxhEO@)c%WE5-+eDL-i^V+NAc zqv=8VyTi1T<7C}ofq;Rno~w3YX_j~P%Y_VYGo@FbCGkHon3%S1K5?4+BoISVs+MdE z-;zW#nK*_i4yHQc>oZ-HeB~r_6(8QFh9Ws3acu>pH*BhBI8WX&Mvl7>vHH>~E%J!$ zyU)Zc+kWR3G))m(beIB~sI-unO}3UCH)QFlLar(ZSz~@62giQ*mUig)4n_74m(RRWKQh71F-aS#46kZP2^EdOl!hu3AS6cF@PZ6R)Uo0 zPL}f^0X*1F1&Q@Mpyx?m{O-4qxFEJ2^H~(_V$nU0KBw4Ey0sTTCB3d4Ka(inG7gW_bx{{E4G zritejTz|h0*q8&{AK@KNE8C}qy;mRa`v|vW;7nF<2aD-5h9bG5WqAoQOJ=Ew=*Kv5 z$1_{<1J#oUrX|Eh$P_&0Ccbf>FpSh4ka{8b^SS;~yx_q+POJOmWC{kAo*G<66-?pk zJQ*&IfplfudRY@~$@2WK*dm02OwW^iBE?A|v;3Z&Q@`*$|1@GUqU_Tn-(op+f)mT+ zmJ4ayPnMrFhc_%6kNA(Jz)I@)( z!=J1H?m>VLBE;mYkd1Cc)) z%B0!uUO)Epk2howHtuv)fcRgp=Z50fPaM2~NPJsDRK9s5hwSEJm_yCptu}+w2RW;5 zLw2*`joVO_W$G;kWNFv>&au z8_7FbJ(uq>k02a5avC?^v0f{I5laJG$(V*!h+_a`11nMQg0dx8*JJxJpc;3}brU)H z+GMG>^35Tu!y!rXS{|T*es~aVL|z|f%-1~Eu*K13-sLlA&NP3%5QX&FyAWTKdD#-p zPXe;MPq(qIjUy-+L+)i;9p`|d!-3A<8$e;3&M=45qgcm6q~5NYOq#W>o`&zCzdEga zQ?J0wxqOEH6A4T&>^P%zytGnz@Dt^4{E#D$U28RzL%+J#z`DfwK$Wfs)-`f%&C57JHhgepujpR&h*+A>3fzi1%1`e=5~{N1{E6T zQH4?=3;mNhx2jOLszjU)JY!poN;S>fbm)HkxYWBfSYjXk<^|B|(c1AvMOL_ksDCn5 z$Fv{20v*PUuHOl9u+{CCfP8r^jN^`4bUpb7+Wm*0Lwo1a($bi?xY|Hd)>ZgOWf|Jw zoq1>RJ!fHW{7ZQNBex^BLbEw&C6L(LE`7EFejV zwQLg5t)g^fquRd|5Oh(IE0po9kOG{=Tn8d+ztqd&u}aFpUgDklFR@Y>>&cg$A8cyy zM~%w&L)VuN0=skXX~?{aqZ9Sp)mfcrV{&k@5o6+?&wV4O$VmxghQ><{{QvmAsx(1z4y+!iDnQ{PiqP@`cb zX49dP2{kNRhi{9Fnyyw6pl<@%x%`3^D~YAbfLM0j{Mg_MV*F}wNjiD1py4k#>3gOy z1q_K-b$iOPFX)IJ9UQ|oxTgEkjPUOgiy?F9zhy z>u#Ss(F^siVpxS8m z>V(h!t|y`!13ds>nd^*I zJ!ZaqQ-*JQq#RNV>5{Xc`FCLx3Wu6KhpPbBn?RzZ{3++&R&kt3Aohnhui zqhk4gAHfB{1gqa(r0ShK2-3}Cao}Oe!rbdkKDbm$vumH*QsBcgbv7j}6=em_GRi}& zL$$9Er>)aJR}f&}#!C19Y#9r$j7_uVSom*Z9fd6r<&}*lUcr6kdi!oUlq%Tz z3&%G^%$#iot4#k}Q|F#gi+(3m=TsPrUJg>#zj3tjBh7>Kylf~~hY>H$VBmF)=&xwEy;=lRd? zLE~^-*ij-v=3h~bAQ4Dq(2^ua%*1|Y9Q}4fA#~0JfqeZ2;JUuk*Ima-$-X+^4O)vN zo`0>~0C#JEscwn2f))14|I&k?%jdB5-7BD*1MDclSq2-xLvrm##8{&Ea#-E%HvC$^ z5pbS9T*m6;BdC_RM%d!Z3B8~#h7kpz+~hxqvXO@YITA(P|6R#y1bL*Bg?yGL1cLO! zdu_U3TrfA;es(zz{6liEq<8x^;O!VF5));AC{L=&X`RXpNK-c3($$l~?9{3^TEvKxtW&O$XV>Gxz zpVKE+8qYbccQcX6^sid7Zm6Z|uR4Z{MZio5^bAwaUwt;eIdY3au$;q5JstHXbR~E5z?QKxZrImYNUq(qfU$F&Mj6et0&0)Fp zn3wL{`J9#G6{=|J@=8POao3qf4f2z^|^g$n~hg0{Uw_~#j| zJi-yrSWc+&6RG55eaHfU?e7L-~25l>j@1X{D(~hYQgB-f`pT9@xo3QnxKg7N({(- zlpp6l62Olut%_&ZPkuah4NztJCLEhDfSAfXRZ3GSJ9~S|Ke5bx7+u8;ScKoR{FUih zA{Q%B&5-}5hzzO&Z!17CV`%{dbg0_r>N)(%+hZjfF{T@cprOt_PXU_nGv_9q6!rKY z`xoGMq7|pJ-;#Dq(@m0UvHi9sx`5RGs#+PLzbNT{{ncuSaC!^^zj$d!!&k&}fb&`u zEgP%qJ&vX5VoQ7+3!*O<(23+~m*j+<1GCPZ_Iz$qW$}D*A}^qlE>Jc4RMYAx zAxg~Y?TjWbE_?B{utGEy}-BfErTLS=)Yv_Oef4xG;;hi>_GfHUh-} z)N6ORu~HFA_8wmi#BQWVs{3IIqRLW}k2GY1eiC|@ZpxOCQ!ZYK{5H1U`D2pp?=+ld zE$L02$65aVrwGrVzkJaC<%g#A!1XYN*Hp_`4jX|ync+3r<&&2L@LzgPD+98oav+aP znEZ+1`q?*~rZSfN0=OR@J%VKDXD)mDI$JW}{EUoul~1JN2`#sg608kR)n~ghW8NGc zY;Awkv=)&Cv!ew@u<=DDgp1r`);yz zU%$pDsaqT!>d}DIb&k&)o@3V8B0Nc5dllPGl~#jM9J&Zaosi{%5+TsC`hTCiKJaS+ zofw;o-rpcpicxWzY?|zq`1TjX?jYl=k|bdlveb3NcRNEVt|j-r_@{O!mz1h1(868& z)#`~9`a?$E^qpLpK(rR8;X}Tp)XYm(DEjFL2BG&##xEl+dBDDL!`HgZKci1%k|} zBTiLt-ROIK-PoyAix2P1Qv^UELe%>AYH(D5;rO={W@)`>z@#NoSN3k46dULP4P{0Y|1J=P*0W*@gseT8))VWAyCbFcrP!`tzimHM z*+>Elji(oZg6L8ix<_1a^PFEE=rbqV-G_mZQb~)FE6@{)3W}9LtoxQ0a@1MynK-n)Se> zToXbOfP?vOa=JR;;F1Ms*RgrN6-%(+&}14BXbGiCVC80onpkgT`!!h3sFDC4R;68o z5~f38RFDujfK=J)SDo~B?7>+;nV??pZ&y#$XKniFA!@nBn~t6CV(J;sWh=f3LksJJ zf(V~LN?I&O{S&d^Vn5)+T{@5Ae+6!ZE-CD^@EU____1eT^@caCTqsZ2Zsi78{e^^! z<=C`_d%k}KE@t~7vQ8Qgb{nQ@NWBhHnBGv{D#jw_1NKOkpd$(8%fYHB33`x9VZ+>L zN|45Y*4@n(DLE0D$({-{?r%_oeW14b9Qyu;G6cw6 zHnd^|P`&6r-9kq%Nvn(ChAHs8kA_N;2-7(V?+MF$m8$=)3=RP2dQJ^PiY4Sd9Bl%4 z@l*BWD+;e^_++XNJqt{mqm^G?hFz}@rHui7+U1-33?rjCjrfL{!d73U1cKrcMF1l} z0gO#@2fffnn%)*oXVwpP*ix9YIU>TQtH&AeW{XZ`1(%y#S#Qh$mPNrJ?XcA#9rIUM zzKO)wCztCdlkres-5B0nTjaC8cKANx<=O63yJ^g zhN+M`-ldC*ztKc?8*@QoUoDz*?~a7t4rZbuoI&SdGYKYDnjpao6>?4Zdi~+Ph60k6 z9!=}P*ti973$P#(+UT&ci!g)oLQwB7daJAk*n)NYw@?R|kJEmKJDEFPzkb%`q_7}N zjg*vLUAyTh1?lfyc&Qq_N145NLdZge%WTAczF*CkuU}#h$ywEE2S$E;4r01_^Ug~O zZu0{UpnVRv$1gO-aHk9*MtyqQU1j@IrGuDkinHOxN|Xg%9KXmwEy#}OTV)^%$-+aZ8qYw^6^a0#>}YQY%tovI?t~#WWF!2 z`GVvE^7`FiIZO}@?_GZ6&PJcnB*1=0Nc#E0w2QM*swpEPh1<(P&z?0d4NHQ$D|$HS zj6g_8$TNAkJI~!;<5zQ;_5O{1(W=5^yqZI{68n(|IGRS`#ydP zQ`L-lvp$>S(=F&Clv13!hOrp~(~MPq84)F2NK(uZRgBJtr{4B}ia|WM%LIe3z#@KL z(=TWzi55~BZ*EW5*aT|_1tCCYH#Q-&|vzMqz=ejnf%vS1+}E>Me@PO0>vbo>A^!Xm|o`D48NrRI7lIQjmR_u7fJq9X=w<-eev4&;t* zbdz#_nelk1DP8K2T=Lb*Gh~R&RDxhujf&h%HG5x3!5H>Y6+wp)4p6BQJ~Lxkknq+d zh~yY}*0-^S>B?vXRZx626MaU9HjdrZ2BKC&rQteO149>t;&rBp>j7qzZ40( zw;O9HTnuP=(yRwS(GCE+3)-|(5Z`4(a&uSs9SYY;S+@=p@tS;9YD^YScp4-dtCkM1 z(Y@3UX}wocAtZcDf~YJ2%A4+{rsN##J3E(vTUe1cm_}wJ1puaian$@D;lODy-G2WN z9G|ews6b_x$)z5p&-la-{=xOfaOmVe=OhtDEFo__Sso!Ta_^{Tc6?vN{VP@5dlv)d zF)PW0Qo+Q%HUx2y1O}k-L?oCP-89G`+t`sVJ9)UbEQFw%9X2+R3C$}hhU3~vu5I5Np%I4jzXweQ$cdj?_ju|OT%ckM2ndir zyqTj{qB7N%z)eMDWgyagS%Z3Z zdw?3vP)cG0PDh4;U5$BbJg@QgjWt66O9)V}3<^Yat|E^1BCjl7l0!cevBL&<)l5JK>a8_eVx7hqqMLkSPBP%?%U1U( z{KtuWk=4F2{}4jC#V&_Zi!w9FzK)1sQqT=O*S#gs-E~nG(Kf5{ z?%q4C=2vl4>t-UHLMn-;^>AZ zi@$a~@;y*`o>5WAWmwL5@0}*k;R`%iRe|-vE-~{PFw-~-X3|X6>$K~fPH*+gxDI8} zPQ&c4$d%vR*}&5PPf}XhlDkE!7kUydHYa+c08fs4a%= z_tK7i-a{~iJ_15BNY!2> z{gX3#&6qL*vEAmCGUut-c4|Ttgs~2J)b%Y*9Zc$W%l+HmaBr7-Yg4jho_XAoW3vRQTSx{7if2Fgc_;7!%)O-6Q2jSVX??Vbe*Ndq`&gS%hCj@3> zUuzt0=a;QbHU6wqH0^DnWPUF{_o4n)C_^@IfF6sYIHq75OpgYmrQ}BouHjgI{ik_G zoS>ccW5?C;yTKFbp;sEd63;8w8hZekcv^s#x6;VGpU@rVxVuitYqo0Y zte+|YwL?&h;SOF}eMuXk6nj&>di$rM&dw|mnIXn&&}|Vy_!8dE_@_BR!Z19V0k_D| zfP$x^gV$q~G2zIg<03o9LOJMl^06{fKVjDZ?i{8m9WBDFoJcp>G~CbAm*aIo*lRNz zAU7Kz7&|DHnYDlWVf<@ck`>_BqAMk?#Pj-=?wQV}{W@lRFGH^|hOKtIFuRZSgrG8v zq36mP*bhq1-30K=yMLKIQVv#A80HV$`c0U*Lk+iho&wOz2S84F!aHogaVLwrvla&e0^rRLsOCKF85}E-Yzp+Q?n~t@vT7*sm{Sgu9sm&3H^l!#F6T5RYl8gYcEC znr*YfgOsg>aG$-+#$S@538L99F;8I| zYNP+*L8QTjXesNJHvyehvZ@%JbeYGeI+F!#eeJD#K_h}ak3Gpjm3hekWEU&u802#t zF6w~*q$bIe09(iW9i$0d9r%dT`7hoCmA7Tm@}Y!^Tw%Mr^Q}|9jEZy{izS1m+s`lc z-k|qY436R8k)7kzsl2~BSuvU_Wet#;%tM{y-#8GPmU^($piy(!(pcxPK7ekPpG&jt z&+p8&)0>}$5Zj)n@tcT_dfJ3x_1*hlb<*w-0*t4-wm9fdP`5zpRpolMF%cHoZ-*Qj z2W76%S)}N{K_OmR-2k0D5T8oEwAbR`wTP=XRvmfH_eQX&j^GC%C!Y(0deXQvRe5aH zCB?2Q-{=dx6r_=$f5E8f=TxYffC*{vm8!j^qHo`nR+mIgA{LIq(`C)RJTGarm#T7j z+bxYYZ5Glqoo+K&?a6pOMeT(LI}ie0oM5Y@#I;uNX1wds+`;{g ztChxX-98RyK<$q+`x z;Yem>!J7Ad2CTcyo4`{8VV{rrAW_u~)wbA<)$Q?6 zy=L@fIjfH%+*KTA&C%gJ>9V8Fr)|EcZb=?&9UZFn0;qMNL!SzjkiF^12X~jH?#5jm zcoZ=uuV%>M=AbxY9*9RbxSrpODD`VRtq|QV33W3tAt>UK#fAA8h00}XEk2?Yvs8PW z3wkvE-T9!>$mvHIfl$ri?z;~?dr7t){7*X>sGE^628O^31tW|6zMt;&zkewG7T6V9 z<?}iejbw$*f@jlIcd5znnCEv-9eNd;vQ~IiYt|H~5Nt?u(DofepC^k}qlQ#jy7c zSD-k!XP2VE413-R4G3T#!rNWpzJ60gd_=h(bL->d&?%ORO^%OoOT91r&ZzBEEIj%q z2vFXP%b`~-az6D|GcK7r1#|*ewe?!%I-GiT_?>pXi8Fs#=li9YgS}QU(gn|j zC8NGJ#Ha`xjX^nUk`eED&H}9~T-yx;ue&na8*DiBKsOEki5{=7>sgHxOD>&Kb7LQ$ zz)tkU{hO#x@nfYw(L zh!LOmq15h`C~d~;*Y%;!Qag3!OXVG&8~qiCy!EB7zH5(qSBtJVflzC;w&?j7(6B8gEhm39Ng zk!NV#r9=?39H7GlZ)*Kit6qz`wP#IFTau{Rw=sHN`vosJ1`bMto`-4Wl?WnOUi%%X z{AEg+xrA@iS^9x6)A#5AA?!4fC2&*Sgt!4TJAnZ&jjzH&B~c6p`cYk~3RQd}7)GS60BerhO#CIklNiT+}fO+9>-mLeo z)OScViCnlK!D=9a;FaZ`EAKKP^>SI}+L-GRFzDTQQ_o=y^tzNEpJCFO;l=LX{TF(& zam4Lc6LRz>U(Bh>fq;K$SBM^@EdFc|@$o0rAfip&U^<#%5AX)Nk~N8-&qfqz%+UDM zWU@IX^56_fLrYx29Xu`K&h-WfAD0sCpb%=bT==KXjn_ggv71YSETi59Jqv+EAlcqb z4gd8y2QlKIU48W944Lm-dmyLH{Xx(MbI(urK zAO#oXSfj2yM4nc}i-bI}-ki~RqvZMY`o}%F26_O0VL4p)P!)7)u)NRb^Hr(L_n;h8 z0Ni_E#3f;R8A^{mJRKJ9_rL$qRwWLsRJ4STXY*2uTQdLw0sa_}9hUFTpR`%^e5aLB zxw*9%p5F4o?zk}ml&JxMbkuapkpt+Z6WudrIkdN&@TQe_${O^0*m5li36!HsoK2FA zo(`gQi%)_b>}`N=`;B;4nl%gcUQ{~DmA%l5Sxc+zKnHKQ7yZ%5K{+hrV|_up7=uB% zi(o*6M6t-sf$S3kV!^FTvwWWGtQf=$!c2U%I;lZbt?RF4I!^l{aBffvXKVD+K!B*fUN6oC1 z$SCTzaFIA+-D4~ug85r#l8?N2x!`n5l0|Q5pk6syHiRd!8*l+Kx6IUM4tG|o))%Jy zwKsw1hI zv~o4&1BtzwD-n4D+0N(-0o}vw{!(m>wC5zSR`B9`2%SN~@e&)19&(Mnlu}UEAX7k_ z{T1a-J;Pm<2f6|J3WKR}Vq3b3bKX-eIv}4@J>B6xu+*ARqGaisH@&~JmSI#b&3Kre z`gBRE(|2&s@&V`)VFpv9^Ly--y^tfjmr-F2wW7d{M9~a4Ixh|Fm=5Om-1?kWb0}iw zRseuTTe%swv%xvzU5=C8m@ZPP_zwKQT+j7trj3py)o8B>(h~IOyow+(4M?xXkJ%8n z0_|e5nDSwf6OCwyhn#VyZICjx}19S;CJeP@6ttq zzxWLKpPT>F~=H+1Q#W}$F9_L5{;ZM~CRVj`UxS1f|E&Mv-B{sURfl4|CF&1N3 z|NQ_rmjneTLW64I6uuE?Nr}*n+xfe{FKqXrORJjcln!h>=SB#6vM6vNufNK-dCLl= z<8R&r-@yQ+2=$DuBIBQ;$!D)youeW(AiSaFsIL9 zmJoVgs+IuQp{rr6zYB95p)!jr*y0h$GJ(l88tM=ncm)jVfThH%5MXoms28AsHvWAV z_9l2N34DD-*kPRteE+|s&4IgTOpMLjpZ(4Ou*6@q_i zX0O!r2|0`)!Q6X~BPlRA>1-)P;GChqaUsy<@iqz&SXG7n3AUP1AG&Oz(nj=%*z}&s z_pT$N6mrWJ+q{4Gf3f$LaZ$Eg-|!`Z0b(Jbv~np@Vh|F;j6q0CNP~h(gGjg7MW}?* z(hMctgFz@rm$cH|Ffi1!PA*Qi``Y`ypZkpu@9%l{H=SY5^ElSA);d=Hmjl$V+5?8l z&FP-wGrfw~Z=eVvihr;^?b1#F;>p!szF@d(F$kWQT6MB_%e3l1GK%gtT3aGp2+ed{ z<8hX4bHlHXUfMBSODO6LZB6fI)XZ|u+B4LxNJ+aJVNh=EzhF}z zWyJR_lsj+_v&f(0qHoGD(iIoK#3Su81K;1tPYPPK9*dIn3V3Bz%)7o+Lu1lm7$o)4 z1$e2@VPa^Dmws}>v4x$bncFfJrvPg>p@3t!Ez1mP6wPy8Vnwv0GF~--{L$wxU;00K z>i2gn*&tUm5<;zf}`_J+0 z5l4t;S9x=~eg6Ep4-BtB=#c%kx-|36kd|9UNy#^hHyJRL)&<=%T`gtXwLG)eVGt{X zpqP=6yH3&FCZ^T6ZNB0FfBA~lW916KyvYDAS@P<0><`F$d;{OF9}@h^;9)r}{(7Qo za3eu=xr1;?3IQ2xOww$ia<3RVMiz#Ym%N+3n7Sn;RtPu7wnnC+$^gdz3EATz_q-T| zzWF7n96x(j`R>4XPI^8){`XHFvy#TJcW{8%$s2e|SFqb`SCnV9w$)yL*QFUvZpO27 z@-)i+T=TvF9MwWDtYx%`k$NTDycN8y(6h!DLGf1E%Xc#Xq6%K0I*gb8 zl#X9~{7D*fx6@{^Od_rtC**_7+gfVuLK@=av$B)zj8790l-CZ*zoEPy4dq?U3zPt> zkVdW^0ajdnOr3sn`WQs>%^23n>%_?Zr7>rlB2p3T_b!4JCDc875ZhJJD-0=M2dkJi zCmn^m|J=69aE~>hmhNl38vf}-h;#BSZcd$e-N}t!n1|zv$)4AhWurZK@K}-ayq}S2(`$W? zRW&3?3{a$Jf3*f*dh*qc*vY}_dS1IZN%PImw}p^hVf5irLGzBK;abgezv(S5xU%9@a^ai>ZUa+6+Dp+Y;C=L>Kd(lfZ7> zX8S-Nk{k}^+f5!dstFSiwE~c>$sp#=;mn)E%9>MkuAHjzzVpkx+Jskt+4?S25~A%N z9-oFHJ^x#>ff_#b4N>DGg>&g*L>-GG=YJ|JM%Pr@jlPRoG0(e%w=5#nN4UG0G~r{M zgz|6|0olBsswlqbn(cU-Jh-&Mt^|88V~rS}{OKK{m~;rf`2B^}J%*Uz_82|?Fi0`}#(@>REdgFF>p zIvx#U`*&{X<_W@|eF2t$3CY}l_sQ8hHuB5=44xtgs-g3JeWwtFLylDi3%s!(hwiRt ztev4zQmyjABK;|ordXnfa^f}KBXh-u#JR5M=!@^^QnUO3#IgO5wA)g@Go(~v`)a}! z{{|9y3qoeG`xeNRpS3HT@`VYw1f62>3v4kK7~Ro#5cF{#D!L}|f-bL;ouB_rAtW?r z^Um>Ph6!~$S29^ILKwcSkiZE|GT&f{X(C(djr`xhcp$8puAemfT6piNyr^0J{ld<3 zLN=FmSIQ6GF2zZ6| zd3ol;&Rbt3BO{9j40rcAnhK=@cS7Mp8#Pb(NBW;0ObL&7CS_X{QRkt=ZbZKX!7KIL zUL0h&0D8eaaN;>_co4Jfn-dDYkZI5?)+e|=LI7S*Cf)%6~dNMX-+m->PfD}!LaMErWAp|HWoS*C%VU}lxtOsOUWLt!~d_mEF>vCJ} z3%1Ix5H*wxc8P7vwBX3G?0gN$Mj3D^`^&@KUjvezbe5@4<v zetn5Hes%0Mgmd!l{JNj%T$IIc*&)p!WcsI3b;zq$n}G^Q7)KjCqGUOMbgN23yxU8P zXsIiIn4XUAM7Mb-m!hi2MI_xU#+0=SlDZ33+L^vXLx(lB*{{?f$0$?@EaR)t+iX$TJ z$Hgsa{H+)<0#uG4l`h8@MvgwC5i5mKW(l5klInYt&y8@ z@6TO({pjz%EsPRu@2^(2iW?dBPF3tf?3sfP}(j_Ui|!ghBozj@v% zOR2-+zW53T8s7vP_tvEx1biMyVhFX*4jv<2l_Bl1}Qs zKlIka#Fi(Qr#aPaVA>`|@6uy0pMc?1pMWDz%4+KxWXDr5$h?n3oG@eMpv<|=5i5Uq z%EOG64yMh;Z6lMQnp1}f^*^Z77S^Z?J6{*mV~7I`g7R$~kH;Nt`4ye66u&gukNkQF zo^)3Vohh(Ol?#Sgsw#PGJ{adsPGa{R(Q&<%R7AY5k>hGvTp{4qE&RCX=MUpB=j+AZ zW~Y%qo!ZMugdr?{y&u<)40WOQ!rlApqpx1L7?@0RBx|5LBWiSbXQF|i?bzPB{K_i| zGHMbn5#+o2G(YZ65L55&Lg};04s$bErJ~Sv-94&w1%@ueBfK*rXVXTPGfjhX)n9f@ z7Sx#JklK0;JL`i5+l!qlWTWhId>rFc!z&ozw-Jso`eyo?7CIDW*W4-Ctr7avU59w# zv9K(gbfP4!P0VSoN6L))+^0ID-cGbGM{79qIqG97fw3*L|owHcYk05F4{(PpouTL=UuXd6x!Ly@y9fgX7fFf(atU&s+@6AlyCMh z3kygV_H`T z#spom-ff8%m!q6V)xQtNUo19I z)S=A~w*W=ps}5ArU=zytVC9(hK9yoR`L~#b-9)t&&xMhaw z8aQGlkl%zLUav=psz9hd0(Xa+P)xegrtEzDNrlKx@>_Zfp^*K$iS&V4o}ZVaWH8JE zwtbC0+Y*FS{hh=xuX*Wy;%LF3XObQ6W3+Y?q|f%I~VN@ zMjVQlbu+Va$`4pMtDL!HdI=Ok5Dd#|x~a+Y96fb)SW`Y%U@5BmcBn^$;JA`=SF>v* z$_r&>^jwMM^Zw2v_*(^E3>GKi{KSmTFbD8z)3tQpxzu6TqI(8PmZe#dZ2O6Yc86|_ zEK{}bp`t?GA|vtU@r?_z`fGP#<;5Ba+7?=tDd1@oW@khUul}{B_zZ~G?<1`@{Fvd*{f7;3V z{bB-)Av$eYFrNLE-`apqA%-ZkI@j}}_Yy~_A9W5u-k%?p)qn25;^AtZ)pV^?;XO05 z3>jF4O8ClmqhnbLNWVQ)7gwdEy7JrC-MBl}Vtm1|!3v+Toh(^6m zjG+5momB6Dw&k-2`m;f~V>6Y#rF`zza__{183z*em$e{gaVAzVoCOLEa6DR>C%c>* zucnP>w+D!LEdUS3?*?&}_xp4V6&*WXxLHSMG{q2^0G)CDItAD6==^J^o(edG(1!Zx z>d!?sZ16;rSbt1ie!G;x(9p0%jf&|P0P`yG66!jf*xqI^6MbcRirwdCTzI``G}N&j z)Ya9shGu|r6-6v_!S^74O#0;ZNe_>gj6x}m37IgV3nvfPjcMc_x(l195N`%c(+#ZY zLABF%Zsc~o7R1t-vw1}?>p1?hc8dw|W)QJ|V%*sujmO|qKMZAOXXj4jkEY){Nk!?oXdwYF2*Q5kg3uR zw+&u?S_6dQ(`zBf8*ZFI1Txs%OGQ=`9Y3e48-XQD$oy)n%vGdl3U(8*GAQ`OIL&a; z)hZRedcI!TbJCPSdog{!hoJ&)WhSurCA*K<+0g(6#nq|LREDL`Y15#R+3{DkXt|mG za@$}?2-oesh%OCI?CXj9mZ3Yo#9o0uBqBYY2DF!`gB3AZVs|COXgr8(WK) zMUFV2DiS^72kf=so~k!?js~op6QNt>6ro=iZcf#_)>!uV|E|RvFUh9%w$QA!P=i>K zoMySyS(jztZkz0SKGLxN9MmOfPT;fGxpSE zn{yFPvw(eDw3Lsa-_5fDr#<1)WJgb25>8w|c~>PY;^QA+JncB#VY|T#@TMK0Lj|s1 zwRnc=P+rdo&qj#b8I)G|*NK>G$h|%NUQ2~xV|t+}E@Hp5U6L*%%v$q;T)GrY|Kb-A zCnp*nb1V;bC2-Y<-X(N}sRo6F2yg7qpfl0CxVGosk3 zqM?8urr&tgYfzxewuEKdsc=yt6hS^~e2i09S5MN;In|t^%Lqe{N3yejIJafCX@saD z9EMXP4-lWeY|oXQm~jp=Xm2Q#zdWY4xrpa#+krlVKNc2qX4F(2T?~GAw2CrZz;j3Y zz0Vn4vk>2om}nn=Qf3~fP8mdN0kX16KTEubEK263imGpcS-8$Hi#ny2eOZRKAq=J5 zI-D;l^*uAn?K@OqZ0N9`Dzx-u=Hy6eySN~8;Ie-hyg01YBYJs2FkYM_Z(#`RF|v=%oQ)W}mo7L}CcWCUIM6%}sJHT4QEG zp5+3}DkfY(!i!0GMmR3&vEMY79n9(Ems?IB2~4sk{i>w5o7;q8rNa*!%O+pTOumuX zrbdaUe6OZuOfsVP)H)>nYq%z*ko{U#Dzk6D7lSxYmuv0Vws)0(l5-t6NiH{BV@rll zNZ=Hu_E)$P10@FW0|NtNH&sba!htwElYkq#pLyiom?UX#_q_L5o+?NExIzMC z*6H0yBP`O?6=d=<5z?Nrsd?OVe7aX}j#dQ8hn_#Nx6|X=tp`K$*Z-hU{^>_hX7eW~ z?^0Xj62qs4G+Z^IB1_oD6Py?L_`-k<$IN1p~|hjr2PC4Z+ykqwlVeLOCTZ(qN4B30ys}I6SS{uz*F$B_dn0RVi|%=|yP_-n8_>z^ zO2r5}B!~K=CjSoIh^h00iC=zFbJWh7JQ3ucJL!16^mRpZ9)#i_ z;d$ZU$%l%ato`Z}-{L>hL0D2%t^t*&9anK|0#6rXQ8mK<97nv4zq)Xfb!oq`cEgcC zT?cisnMD<~&MCn+<)x#z4~0_H;%p zUl)pG)C*LCnW}i(a~SlXVY9|K&vsTv{*)p&_awcBI=%wN*0zJoRbdA*j4Ye@dXGHB zvBQnRkPx(hy0|A1+b-nIwM|MP3+luD^xnBnE7UcAr<5b6{#!hKO`D*7`!6S9r3?wO z7*MVHkE82kL$5|lZ3n7oZ#L2D@aszI9Iys27cPb{~8wk z3U9)P9!(Euz*1ooi7j&8gWyD4vu%m)EQ?Pb6^oBlxW?7S>YTQ_a${m{cfYq;-hF9o z!HEQ5W+13hVb(t${MSi*&44UpO;e7;=FN+ID#%@%9ea*WESrZa1`2~|6~(ednv=%A zlQQ?3dGnTgy}Z&ZB|#Y#tJr!>GE=nX5(x=yZEqIH5e&-_CHfWa^|Bx9{XU)`Ut!4;K)+i82Ix;6utzOu zM72|piA$&cp{Pz)L%E2#%Z;vJh68q~Up0;@Cq$i6lDqoqZ3{~Q+HHCEI7?v7Jl-O& z-%diw8>o#aow-9(E`8qcmJL$%DMEI%IH>*1Z~RBQYmu#pOiXvT823-&*JPBvzlH-* zJp^(Lf7?IT{;3Pj6pr~IRR6f$^T0jr&z=)h`0XH(DZqCd=Z@B@e4KnGdjGFuV)MlU ziPuam%YWlJRW=|g<&^F5sib?|>^bNtS2hoL!b($zH)`*|PvUVAQx`~U8Ac@~(@|W9 zuc(tPA+OF^u-|-jA6Q`i-EHl{zwPc8*vb{ShDRSIAtaMSzWL36{rKv0C(5fEIMhzR zP9dLxp}`ea5bqQ{ql*0}U46w(R^oqHExbG{S^MaZZGdruQsUol zSZR?BLp}XCunK?uPu<;rTePn}(8%4)YVaTL*yVS$7UMhfgK+i_yQBLLz&5u1_uFt` z^M7nDgC~>IwLx}ZF>HbE0IU_R^3ogt>DtZO~Mm0^|MMfT zHcHuRK-u>C_Vd3{wtv?lacRX1jRH9}J|Ik`?iogY=lsOU@BYu;d4ZG#KeUypD2SGE zXkF{&xw6SS2JkQ3->^ zk$YCT`JVFQ+NRu~1M2mzu6yw2+V3JN&g7THriw#e(M7@Hw36`h=dbbrsbAqQ&S<8) zsx|Y3J{%e6S}Al1wm9Ka8APyc87`H3Pwn{_G?IYpGYd3YG6i$r{en?RL{v$~ZXMTt zX3hNqht(-#$WB;eu=f}TDNr{ZZXNcG#X3$XbrTwI;2$!Ym06DG`i z{4M^OvPKCTh}n*9oqn5q<#_=ygYRyWQ$$4p%+8Oybg)JjqEof<5zFbMSaoVZ^DSO- zJYo-Jf0#xkJqy$xz9>jzBi6J@Ew%lNJrXUdHySIRtPE){q`K~B-yeStPCJzL`(5;h ztKb@p?7V#GHwr7YlVv%I;Muar{idx;JPVoxBbp8j8Nm;+4;Z{Rcd4`!b}4f5^>Ne+ z0aj8X;CPFKOjQb|h6ppGiAHWn#394-8X9qkzYMqMvoOLx(SYE&HhufQ2--{ucEb5)$t*>P!kkR|OO2@dq((=f$HZm>51xWpa@LRr_5;bgGK-KHY z=6C<%Tp{mJf{h)Gm>|a^>m|b-XOc>lcX3I&L4Hr#2?!B6%yg zDHs)>Ac!C9p@ol%dR6b z)?aYBJ*axIikevBt!;JW$pn^rd5N@MnPf1mlGwv)Lx20&`oevaX;v3=`hC25bd~Cv zrI}X@4aeetS^uKVDXGZL3RY{kuUO>q)k=5uSHf3M@Ky4{ovRiWtcQw*GcZPz&3qCv zMobk9W=IyYb>eWSCPi|z_EK@-2R5{iW2M+TC$Pf4Fe0R zLp0Jc%!RHsg5r=(?%Cm zdRQI!UItHUA4+T&eg1fuMS6G4^VX%haVoPx&7k57*0r?&NAuQ- zL2_mNygm{ON3`;ttZDzx@w(YAdWDY7f^{AI{O)s4v<;Uk7OL*g)4|S023a!d>tSm# z!NXe-J_mSrk$No&eK(N!M-qbzAG^#BKn)j~5Z|btPmTWtWqnBDsHq~$cGBcjqc80B6mc~F@_&z@HPsZlo3quB?i^6f~&u43+S`9Hc z_n{07dp9=rT-y^Z_*knoTaaKq?A4m%(0&y3b^Bqgv*W_#xS42gQ2Su11rgg8HyPV? zG|Rf&%qpB!HX!x+=KVY;oU()5R1HKk(Le1J`kr}E98DPlXSXDC8<_x`k_=lDYo+|8 zx2c7Rcbs~TRL&RGVCMWEI4-BpCPUR?;k?$Y`2k&S z>*oSowNE`&Bf|==U-=%o?ihQ@4__BtlP-uPeQnT_{JYr!wnGXzgMjZrnf?($%iJo; zXoi$%!ONSsz>o?!IvlT%xGt(M8#8bia%H|wJLl-syD1=+rC{WB*EWG)cWC~I@ixy! z+>2l|7I1nImiZ~wlXmOpaD7U6jt=rXol~n+KMqk!{Z7_jfrP;O31fJjK?YN9r>7K)2bVi(u-(i#(MsId-u#@CPH~cT?{zL}5wN!r zk_)ayTeD|isn)yr-Y`7GJ%e=|{KStwg#RAUe%o_ns^2zduJ`i=y{<~bWmdP!wN(P) zkX%gp60ar!-(4`iYR|7|&{SAX_! zPd67=9>1f}i1m=j*Cv=EF)yMZA~xWMc64W;7)h)^*c zvVZft;U!DP`PTV*9gTJSs*j}9V7|MimaL7+7@_yt8Jo5MvUv9c0@4`DXrg?~b<=M% zYIUp8emFc!q6v&U*KbIF=Y68C{zFLi$E$d% zS(x=Y2zAlVvbd#liTt?4{;s{$8b@{2b|KUh2W&eml>dyCZ{2~XH#w9 z-}d=55p?15RMArj`*E~unqU$i&&c&6KebdDqA|5Nv(5UQxRWcB{l}DznC4s@j`DrJ zM@$;`?$~^6HUI>N`=14n-M?1%_W)mG67J}|k&%(-6Z)N(@R^R=)T#n%KOgH64P0lx zmO6ZR|BF}2ywlY!uqooPt`jC>y4S`wfJ&oKo^@)ypnGMY` zr&L_X9&q`7jtdwV;CX3kV)AUjXg$y6wAu*S;3k5Fj&KJ~o7WcQ zMz!LeAl$FZklDYMq;a4!+?ng~K30|}NpGf1fp;5mCXznes#~%7(#+v=&bD-tS&*gw zaN|pujTYYTT|u#w44c~XkZe>aNQf!xu$qKs2~Phcd(?1sv^lv_L6R5ptv{>>zHifi zvKx{2>(|NK+S&|$MM|7;@5mjqc4L=(`Qwfjerl1ReC?PomxS!rZQlzH1VdbaJ*u$| z@ArfZ!nz?LDvCW!EA3d&<2}!w(Qxej+HnHWL!O@wINtpAd92QD*h3QP!&L3L1Tmje z!E;l-cKm<;U|Iz!Op$@a9y60?yJ=4B`R$=I-#82*QItkVDhPu|eSCETIb4yN6u4`=c zD^llj^S`@0TBfcZ4SNI58d*YFe3UMFNACdtReJV-teyb@;VOq8E!l7!+JW{75u$1X2oWK57{-C2Zr-I141Tn#gi( zE469@OOy{R?}4wC1mNFI#?)wZ_Nx~J%!FdHucANxMDuqA_qOLr0)>ir@tB^Pq zW!U=4U`xeWn__QS_vsglWkQ4_#Ve)9&)oR@aNBh5FDs814GPPb3+I!iN=3WY7Tm*U z1$Gt->Mf)PmP%n~ez_khXd4|5lwi173)Fd_M@F?}s}=!uCS;A#0y0le8c1aOU-Ovu zcPRPd!#ioiF2$6qZ4Q=E`1p>pD#eUsdyqZE8gM9#b>YO^U58$~@u9UymJFX$W6qQeXMCZ@Ql^RBcWphM(yr4(jrq ztQUm!pMBYf*cBtz}zmZ~^niDT?qB;wF62$k4 z0=0Tf^?)~KkEi2MCL7M;%U(Ogw*E@Md~Q@(~pY6zB?ez@NT;G7%Betka( z+k<avz9Um?9vq<<+wK|9l9|>W!{X81>^Z< zP`G0GrKVwb;!YMvHv2Y{IP;h7lez2xeA+DQ3sx>=blT>xvH&|!bETJc{Uzwd67l7+ zH=%di7M**ZaTrts*N&(q8peg{?Qgd#cJmRYJEe0t&SRt@t?63Li=5(di`JTY_8nA) zc6N3W&Xe^k6jTNyjR|L5aylbpVs2&Rn75f}EnnJ)IRwL&yf6ztFwiU=Jbz_*#G;zn zq2ml4pB@vv-eOd4f3tS)_jBUGS>b{fZI4$|G}4Yu6ilvZhlC2ei3-q_~g0Vr5_A#5}8 z(gU-Q`u2>Q^Yn1c|aJ)4*9?K79u5D!QCs@7AC<|cnZzr<=jv@cYe5JpCs(G!?D-PdWN$G zLp%S5b^RpOp#UDugW*eKN317{fNEjHLTMkzU;rOjc$#zNjq~GEkFI#k26vZGbT7M$ z%{QuO2J=f&vJ=*_Qg8d5>u3z=F8H}}e&9!M*lhdkt9>5lMRn~b@&-#&;Ya4hoabdO zXgeS3Q7^u$;DhP5sliwe42lO*TsB#2v>a(n?qM7Zr3dzU1_EKrH5!L4IuFI}m6{)4 zryR<69moi;`uq+!yR6p-%d(ScYUX@@-y5NaTybFw&x|dY>7dMuRv$|&OcK-=9vq`K zJS3yJ0t*asZZ=z%iCjdRr)p1pAn}R?mv8>? zKyWWR>yoiOX~@D#R3vd~pZnsM+`iZPCG_iqRGN;jF1|UW6m#!qIX3_F@*lZl$)N61un>sxhQH@gt0fx({IOM9OY2}Dfmx5PuYne7*Y(;FmN*B8sv z3B$IHP`lGp@VBr-bUY{EQASxC1PAZ{7fZc*?*f>`ys@W_P~6`iKLYWkx&!47zT@ z^6j{1*K(4*L0w}+6W)-$X}~Uh8@p;beCEy*CemY`5Rn;PtJXU?(KN!7>mPUajPZGJ zF8na`fdKc;uJyI^eZDPL#txr%Prh)OEZ}o@Te_vW|8>foV_|RiQp)*(w+rJQW#; zQrI=?m7hDYFR?n)%X+MVE$!ps_d{s8!@O;(#a+JmxCEbDJ)I@*BRW<7b`mI)73J2tgMGti>%+L>Y1tZV8*Vu zmNLF<&|oD^Nku~a7lG82dh=2oZUjmxwOxgq%!!>sOTpdRZ2rxJK^B*i;W&@<7WbIO z)E^Gg7Gv|pfqD%3>!iFIrzfgbqnPy-s-DR3HGcQS2b1N3&>eH5%44ZgKg0KIXdh5` zHGMK}ek`j+52N6+I&LLY#u*nDR3yb4>S)tc45rbVnek54eES53Begxncl6xi**!gX zMIV&Hh~=k3SGiPM4Doo3isJAYbIw0yeE7ISg09?N#~~@ zuzpqeX+Dx>qA$K2viOB{ZNJCL7g|PAtW+kmV=Z^jhjmgaHAlGK{76g5g`LcYS=VZx zICora(f4o*S$L*crfKAMW`UIBQR&{Sectc$lSz;Dozt&;T+ct=yHs5MN45TGER~zP z?XP_qDgs5i!-U+W0PP;IPG30ftE%j};je(zonG#?FxFFG%L04_q=eOA0z_oM_4a9-{07f-k^gmSd7Cc2)NA|vevLj z1uEFu6{qA41dUyN_UHo-h4SnGW-i3xfrWX!HZLDx(P(;n(v<_Cc|s|?mkDz*jAVp9 zb(vL2h|Kq^$*}p$)r%79cM~RBz@YB=*+MwwEjGhz-H}#)8#`iw@xd%;Fij8Sl(=-y zhMgb#u#S%^?&q;nfrjXd&-{G{hZKoxm zMRW`wx<>SkI9;df&>b2YMjDdB9!w>9tn)3~Tm7n4FJ8#X9ZRn?4Ac#CimNYc0sWLV zhEZYECw914xsn>fpH){^kA=#L7F~~9tkhpWDAct`Tx?)n|M1=^!LxDFowz(UeRtSR zX?Zfo<9kTnCD;B${TCM5T_RL1_45l3Of*qaUe9guW-97OecQk$Vt>Rre8y?GvD#y8 z@SM-6Y>TM3upreTqwjCmLT*4fBI|uv4Y~5HpqSnr6&p(~9l5w#_l1n`@+zV35RCJ5 zG>zg*k98uw(PTGQjC&CUuGG>0p!D%KbMaqoir2CR&1Y#-S8C4xytlol&xm#DN4vA~ z$3PZpPG8fIb%<^LQ*eO?!r9lq1#i@VA}-()vh4??o7&lz>rF!47P>?eZ#yfhQeIVN z%c>DyzS+(FkY>_}SkOE5WncTvCLvk_B%yUde>uO!=vNshM|g*!cVbFDm-yx0m*Qu$9MXaIou2XW0wIqm7JRi~5M^c-zNJc9LC2U8Kpblvdr3S-KO< zi|MX)@uOW%E0DE5VAXco!a1&PHdd~6zjUbch)HYj9wB0G@n?eaA9G%_)s-w4-YSU4 zNY%vg2csA%9zgF&h$dMu{Xshld^`V4 z(f#a15s@%<=5c2#Vqv|vay0ZQm!OOunc|y08^GhswOyWmOYO5DZB1wm%{^#q0!ryZ z5y7jA34|2(y&b&Sp)+z3rw_N3aYWZMDC1_qG58iRyE^H{M`c_eHM-ZM;lLR{CgmY- zZB#R1^Z)z~@dR9$bVXW~bL(APCvpuH=y-sm&o0|*)qud$=!=XdQIEqCyBvuwU5u%2 zGw-os_}5Y;ySC{?OZJ`$ddRP$F(|fh^6;!8E@gGF&m?>cNEWJ z8m)T&h}TH9ea=O3Lw~(Z9g(Nq91TtFMe4i2bgXU#Of)L>Pa}!?!W{PP7CB?>WC;fD z+9SnY|64t6x>I?6Y9jt(o-})!fMdEA%+@Ji?wmcB zs?KDqMAwFt3wJFnINao@*oz(eppj{O)s?tHb*#w8tOlGkxQ-l7#FQ_@NKF^5yG>Rq z+^f?6z;=rCO~QKS8>`PCX42{EuIT(H+QsXulf5sD+&I?;sq~)~5#6uS{mJ6eF`Wj@ zB#!IL3SaLB9MV~x2Zt$!&&kBRc-6i&pprVezMvEgphm~#c5m;Zg*NW`{NmZpS@xpt z(Q+*5svN*z%OvPiHr7Y&saYH|%AnERhh4dIRqqk;9kb)dZPp#u8=^BqRr$IM%s#s@>T$hK$`s19KZnuK7@IEy zqB?eM-pxphr|LOheB5a+Pq3_Iu*?bER&~C}<@Ii0<@37h8Rb7-r`RfwbWS=OF}Y5C!kC71E!)m~i@WT+ zqLp7QHv7`?Tk*OJ-FN5*@#z^1)Or2r#ITG{zUTn+%-k6{46xy8ouf#=rV+P*l8dft;m(+8B zG$pL|`tUvDb6cvkZjcv}$j7Sex3BfwS?1Ec9L8fj%IhmL-UTLmIgO(Dk?!>_iq`x$ zrLBXm$Eltv*9N38JA}M@aQ5+SeKrgT#%V;B30)UXMJkmlqA2{f1og#=oVf-e-p zWASrft4cuOyIiP<0F@%%I)?2ig|N0&k)2O@iCsANBSqj9X~6I}3t^vn!y}x&PJOQ) zow?ihbZk}94a^y74%hlHaLff;T~%yi*8pnTySm!0HHw_dCtLRY4`^!6xR;p9Jx?1I*5e2&yS^~+36^4pC7wG2cR{qMy9jM87ifJ;U0nSWSDb#NAu3H(rOi@O9e!+;MFM1!}755esn z@gaCCjv5YsOG*k>gT?;6Efpf8zqOf4K#2HxY&}vRM-8E7)A+k>d(eoN5)$$HY^jW{ z=eO#wzq>wACG}fP-yukOaRtd-f*DfrKt4XquR;e><+^7>J>4Rji$4a7Q z?R}87@XvYPzSUkw=4rY^S(kgDG@rxL%dT?L8(Pt$%=*6^VCD|jw5S|9EaKb_{pXVW zULH62E%K!HFlXpeh}LaXw8#Me|CTkohqFQ$60K=K7!pzm&AdxSwmc*i+f!>cN%|Q{ z@mYIJI*$d#u^i%U&^sXiMo(3h6=`e6MYuwwYRTRi4WjQ7gN({u4pc4x2>|JjYpI~9 z`>pqGNWj+W{LLSW#_!fh#_z0+_b_9MlFry3L-KP32x+)6nxGX|Y#*GUU{-Xir9T2H zjwqu=SPPCecX`}M(w-qk4tD8$iM_I1@`2gM8`@ll1E=?FWGpf8q={XdlKgLCB{&aq z<(55`Y0|_RZ`Ej($@bAS$Z1iOQiixq$ zTuQ&L5|%^k6H_tb&Ade>8LPo@h5T9$%TFC-<`a^TXVfX9luu?&XZ6%$o)3o=DdOz{XFnz`~^&BQY^)SyyGbU1Jwd+rLG;9g& zAHWR{e&YruO9YW%Fw(H=xJ1plfm-eGhU~ZH^LCSs>76&uxDr*Khp8ZHd;bs6wiTUQ zZ1AsvaA^D=(K^G|W_kW-{x!Z+GDru%|6LLM>2I~KR18aGtG$rENK?HHHib@k7Bo|} zKRygr>6|TzCieJ4aKfId<@fa^mU+WZwME(uI+TA1?P`izZF3=pmJ^ll_}|A@ z>7qUDa~*%RTTYTGNavl~+V0=(4>l>JHGVuN^Z@g$yJn`c)ufM%&!|~grn;cy(Il>c zM%7AttCznD!mn*U@1O4*W)Lkqo!@e}2;KmS5YUFeCd@bI<*2AI=9sk^v>aYyrKiK> zY}6C|(`BeC1$ixI^(a(C8I&XXaHgyI8cwB&25!r*BgFvAp)pn@CD+zRyqxK*tMW_t zCe~&1xDB>9*Zau6{2M>~TOHJC70c`G2~RapfQtd?NnaUH6{1-$Q6}cJX|G@~L!rqFUBf;P9gW70 z4e*kWNGg0{@0R5JOEeZ?t7QwL%jJdo0m+RRSgI|+QQj&LDx2z5o9019&&4Q)bsGHs#YZ{{SKf8dHhJ z#r+MpCexN(Vq}Dw{ZB9v28Zj;uKFS{54}F_E4_#>DkWuPq~pHSKRv+i{nT!>xs-K% zE-n{(>mxHV&H+9kGr-|$$bqY2S+KgWIG^gV8ggSF^kn~loGdA51CrsiF<3qqqJ+@S zC8%#BSEg2xVMHs@RP_N40T12F#s$9~4rvwTCQ;D+1p@G%J+AC&Uo2xe$mfGh3 zgg7mj@LrFo=*u7;#=O2%p8hM8Y6OQ^Wrv{_{Kp ze2lQzU&ZU9T3TAq-zhT!{r5ZvvMBwKM}0culfWsL{2Oj>aSAPvNrv0Bc-#iSP+q^L zZ&`&l{4j6R)`<^*fWmpaMpNzyAa<3`3w7*w=(JNua(4AQvpAp19Bot(9d9&zS}<7c z#hqGswhJQS7(#bb6YXG_gI;vQRR{&kpJ~_ti?{$)0Mrac&rsWv8ZJZAx5{lO1Wg19 zL7)ls>D)gq6v{B#a*EI76%@ENHe5yUh<>?*9)WIn<$BjrL4{up5B7<_eWVQ8+UpCB zgex>0w|_N0+)a~yBg}auVX>unjn;!S8=eti3R5&NkHc*SL#KT_R@f0A&>*e}sY!SM z8Ds{2XPPaC0njs=PRC>(*yLE;JVga~;1$gsP6|my>z`lKX*znSCP0TSU>Rjj+%>pj zuX~kQPkJSv4}I}s=^4P=qyC~Z^FqG_VnU4C7FlYA)6`Z^r+dqZ zZ+lj#PCZ3JcJ`fiEy{7th%>hx>K_>H+@;x4LeTcubmw^1(XF+R{~fh~?EeC4!zUHz zCyg-oNN`VJ;o6#yM+wB7XgES04HgsXe=HIGhmF?LZ9= zhtSbYYd_)_!piE(jEEhAe5R@x0pX=&E=;~vRj83vOT)f}ysw{oNg!YXn?OryE~@%B z>MSfQtYNFAxz@b~e+O`&ey{T0!dbm>IGm(fIM_MqouCqTyE{zCN^fOs5bNXPF=pr{ zVvJZmTHt;)U8GI&+;};-Z%8i|DJ8rKJ-;2Qh_yi#L#KblY_f>0nK!(kH7gFvn+6>q zQusVCsBDtyi{2e`enrfOw*#~}OXHL7^aV9x%nh;fFJ^17SZ~pZT=Vacv=j|{=J!s98{^Vl+`wU;`FQ{W}{rZz%HoobRRd z+TpTs+|yJMBBG+bzAeS#kWR?D@gp&XAOe7g`>jMtLk6)M z7*7unMw&aQu}LIc#002FJN=7{==HuQ1m{7aY*IQLs?0pg=jBZiSPH;Vm2D-yH+lg) zX*B9q*?ToNBURxSvOe=>R#r7Eqk$K>0q~D}L=!H`nx+hUlqW5~RW*&;dkwWh;;E2w zcS=URzr&L;{l5+N&@LiggVqB42l(OtK;Vb}fIa*N?BPFP5B~vs_z&2_f50C8zYX^A zapy3SE&Dx!()Vv+2ms*WYQqzp;6&C>oYQqKjnPSfkbN#c}@=nu9htcb2kNy<0IV@?C!5XmLr&vyx#b z0Of-nb^HE<^6~!w<>UXfgMURP8<_h1xMK1|o%6&>d4@-~Q&}HNcR0W0O*tkk{_86N zc3&%CEyAc3@h{fGiGy#klvJSmJNG`sQAQ&jYT>+6d##=g*R&tA4--$Q$p*aA{YQQ8 z(xbu7f9?MK!}B0{O5xHcN7Gx&w_W5Iuv`nln5c(W1&;qu-W!b*IX<6L!1Bzy+OB9p z`UarlhBsW5xNj=S7UFxCX6v;lA>eG-G>*1IAfDxGazO`~isAUzCk0OU?mmCCUlMhe z{v8m_aZ2+MKfi{n$1j>H{M1B(WT;2_?{HKA6s4UL@IEW&PRzF|k#)(VZ8M*QJ}mkbs^3>a&-AAl*P&%bHE^fq}@ zR`xPE`{|7;c?s{NBc86{EYIkA6l{j^W+3HQVbnSPd+&eMt|U`!MjLuD7NU4MKULK8 zJmr(~_bpD80SZoe{DCjeha;&yJCNmTJ2P%R=Pr_5u%5O+lMBdM4^kpMmbv|e(le8F z9F;w-&cW<%y%z;%0GR`(7U1?ynQN?$-DvwsWLBkOo7eWOt=r}~8ebLeVMU0XfVdRn>t z|KjYeqoVA(K43*q1W^8~|9$wiDD0rNgzI_%vo&%MH1LYC7 z{-w`(E5tn%#|`ZfAO49_BjZ6u!8pc^J;Tt}s|U^7@*wsRW0#33hW(!;DP%Zk&T2xn zw}mtI6Gdv(7X~=Iy+cU3atkuOmH$_z5*e^lb{GHS_(R-+Bir*nQT$1cauE&9mlw82 z#I}D~E`mGR5#lnMdA4_bB$?mi+KzElSSZO@VSu3RpaQP||`hG9|*#oGH&|_69S{7Y1M7_Z_h1h)GkhU@_+i1Sk zJubBfG4i0U>xIFfr-3H(HxbNL^k~q2$-O%=^>3erW5bE1q2k9>Mwk8As>52$AJ}fT z>j{@v$+CZVGR9%dg^M+Ilzt;IXWdBU zayDYy6E+p=~zIY@sEsFBbYu`k9EQN{Ms_! z#;lJxwvBK)Z-~5{T*MR+!#&UrQ2uN4B@?kL!O)sckexqr_Yo1)k&j`uZ2SP)$-RF4 zy0u)lZM5eya)dZT6thSOut(n64aR)PWJy!M35|_-*yibTKXopnHq7}AUOg=ihVgrJa z|1T5%F5XrqykH_9{PmHHLZ##Mq0ps^lF){%7BqY^ZoW6&&m@=>MT?S;;jTt*&WVAE zw2!{|f19v?UrqCtB^5Cl5x5$t9FLO_yb9rM@D|S6Hp*JD(d_z9{+XO~s#Rzk)wwQP z$s+BE>4mlrNksuQi};yT9MVtRmPKV{C7nD;6>qaYyy6d58(Xmf8^)j_uVt2b8M*nh z4%(%V5MFdlF9)0*#Bxh4-khBe|3J{k%%VR+^Y1o6jg9bmUY;IBAlFE49&SY{%_0*y ztn7C=H;6E;#a;l>VXj#GvUGOp{odVpeg)av+dI`i-?tPFuGZwb18uGVmOE%+OHE8d z(tMR^{COWn`w&Kg*P+(Yx`jEeyV5`$1@bo`S;MaOWeabURf*#^ZHuQpz(u~Owd%MA zi3{}dxa^=!*Tlz5#hBJ)FP?z;d}#kN1$`h5Xr#T6*w8Z-+nMLphTvVhEveQWy+2 zHJZR<3fe2fsF^?yNHXT@*RQj`CBr3)qrWvF-IaVn1oiGtsyRI;3M_hva0W)NzP|@d zf&738+nILq4a4ywmrY>_!JARF+Dhb0ufI25>sj9aQAZ(Bz@8pNH_Nn*e=wxAlvwsn zXIy&_jYK}8)SgGLP*QBXO6V50ub(bm^VTnV)D+_W$gci~fBtCvYj>^OqGyMDwzzxha|A6?K8D$D zoYF?X?b&Y|w)guT*t(th(Y5M=^@S+)X^Th zzqz0`f|Wikgq15*q1!^8sXQ{l&EHxhdc-6MlLZ z-G}S;e&~Wm>T&C>xnWKS7DE2IV|*0#=m2?s#8XLhoN|iLo=3&Im2r|=?{_<}U9O+_ zIAX)JKHPA6bf)V5FMYErMWq?d$$VQPd)!->?u$%FI0$_Y*Aabu_iV`9FaN2cmsbtA zc0ntYLX@7waO4rQc78IN|A?-R;(UeEAbYk(b|kOm$m8^kjEz!ZhkroUc;V+w&2l^P zZ0&;7+PB5x^5Y7~>SSh(4^*#T`%sd{r>3%l{(dA!rcR{`11PmGfj5YWr=6KBEiKnU zo7Y5rVbF^-9Uc0la$Vq#fOpNvubenNR~?1yC#4^U*vzUo6NW0CvT8QEs*9|)te_^= zd$FLjbf{>%uxps#outryTx_VsGRnl%Q~_N6yk41=nc23#Rp0LS@)A;dYoYhu!wW!_ zcMNnky(Lo;bzUa@nsp`p+b6k25KyT z@0UBJYy!gG zpbM0D7wo6EpBU(s>%KRg9T^ev^u;@1`rP-k8Bm~W(DuPKN-@^SCYA8cB!Tw5*);pH z3z}KVx{!s9_QN3c4 z(11TPsmGjy6{(G8fq_1VkQ+C}@2@M&=&QOHF z?vX*-4wr3r^HNooO}gyulX7`gI4`;7flEI#-%c9o=;*93j2PwP!@P zOwG&^#TT-(QhAp*k5niT$(|(fiQb1jL7CDXQ@=sh@iKK}pod3E#>J$vcAbgzt$yEJ zgIfG)aCQZ#BY%i7G07Pmjk9bMe%H!y2zx+Z&=pS|bd{XHJE?2Sr$908Z4!U$Mt8l@ zes8x+$`dr0#ZYsauzjlgtd4}l9XTZ>BGJSmpA&D#4J85h&c-3b+grBdbtyKZMVe){ z<8})!3;j%$Q~$g%J=}GGdQ&+McxUWrqbW}Wm zH+fxF=e>N#b&R34gUo*Zwc=A41|fkL@(oFT(E^Q(WXe>aNCiG_Ea7LVZpdCDU1s=> zfsU?CGDAjTvgxhq*1`by`e(J?rCx>Qr-81#&ObQ?-MPPEYwo|<0-MvidzlESyetH| zeSI-w9c|^AIzB+TENXE(e#I?bl!s5>6?6RRPwO#FfHX)I(yZHGuqG0ltIpp{%!JnG$?0?V_~ zOyGQ4?d3qs5WR;t_`f+nEg}_0%{@u=6E-&t)zY zJ}9^4q2E`|3k5p**ANym&cIuz%5|Q()M|j&@AWdd$;OPg**JlwDi!LX7U-I4@^$r6 z2YY##d1vGu9s?fh#i8P$gp53C(i#GCkNOh(!LFsUK2F#La)LsNI~#?`pq=-6y|#JF zNTrkMVTFU^bc|0BKj=lm*F6Cg7Row~J=3+=3_)XGvzJ-3*F*-Z_24UbeE&cpqmDFk zt8$SYYD>t~XTF_ao))8Pzic|zo*BnOslSsBETwLFlG29{-Rnn^LGlt3ItiPb>f66J z(E%)>0mrDTUoK+9o<4Stg&Gc@Dh)S)VcOc?IYapA^nrhoZ#fo|eV`h@y-yJAq_Qjn zN>nntB>gmQnPkqs<~R{*h&ondcygYeaBubHPNzAG&w&zXS;NFpe;CR8{C?9iz%SEz zi&p0WMy>doQWnCZc<`ldt;gX73~kx-Khi#6{b_@~CXM!yI(_O2B|kgTtC0Xq$5G8+JbQq9>AXEQtPVHBX8ZUG%C4$1sXt#| zcyQ&-i&VcC-hRiMNVy`nH5KlYH{G3iq#-qXGrHW*zCLHVwbp&zN*KNzy)))%IEI+D zEzXe%Yv|KgboX&U->+i}_psPxydyH@Z8`ce1`!mKmqOvh@3o6tY@KNx*VPMp4eFt3 z+o~x5WTQmvzMs3wJ*;_?3{f64i4rbaskMK1+4}ehZJit|1JAas5ZD-nJ0c9n%TZ6m zCcEwuD1s(Kw6ro;%F9LFR^M&bpyEb^jeLhvGPIxiMIS#iglEpL2=EQio+F0~g1wn{ za4sV^E4w_>yQr0|S)2)a(|q=t%9Y;Va{>tQ1rGjH5{}{UY(ARV+Q;S6yz54%Bf9oN zM<^SjjJa@Ropr>aF8!H!&n_>=)pB!F08j0WyS+Px)~>Xtn<3CVB+clV{W=1vD^Qtx@t8qj5U87{kJ zHGl^^^&@$qd}At*8CfZFF(LTqTGnraB>p^r|D+w~R;k?&mf?!FWW2ivXpM)UBbZE_4`ZO3Bvv*j zGrt1HBlH5!%rx!eD$D~3wFWZ3=&IdkanTRpGV`RF_3Oc2hij|}Vu-~4>eWW4*x>>3 zwjV2y<;7>Oc-J7dMY2=%=G(S1lR3c_3A+AxKS$58m2Q2ChzND!>xlwB1-I$C(>9z& za10JiZO`Q5OjiDJGCgBA`jRHRcW*Ag5a7>NA|i&= zjfCy~Mx9w492gP3Vl=8fwv{BUo2Ojx;DC4keURy3zW#de8;{M+Ve;VC&vb#2!Ud_DlBacPp!Inur zoD+pYLEV|BirU#(R!Qde-_`)J8s#UwtM7wg0M^#RZ@~R|Kci0lG2F>3Y2~(qt0h$_ z5Y*zAIVP=~S-h;_~e7RR&v&#wKlp z2$Iw^nkpVy4sFTXqFAdxhVA0S;G;3t(u+0}mQ0)2$1DQ_@dKZu9Ptx=H!4PtJ#)8{ZE1 z)<>M80QGh#XsGIh#l-Qjm*5O36E*>_|EZo=Z0MOOtYDew6qj$_mS!Y=1zi8_ZzP5- zQ%v0oDMBuauhcUZ;8rkd&7;o^k?5_ zOhB)3;P|jD|I#-N{IN4N(pQkCQDC5SaSWcOk^5Lpt3by%^rUZ8H6kKn#-eDn8a|8n zAk}M~Y0stghWkODKqr^W%Zt}ySqdt8H+4a$w7tVO9359F441-tcZ@sZ*Ah1u;bG1d z`&LB$F)Z3$i~R0s^X_Rr?CO~!9004u7?h9DaB*=J%^gTZde9Hl2r#j*D6A~>X?G5h)58*k%}lW7X! zI{&8bi}n7d_7rGJOJ9Sx8G)!$6>U@#W&fb7eQ`us9Q0PV8v6uFYiXPwA@}E}vjd9L zM1N)d+FI(7{8etxz@U-|aSkT!Kk~RI2eeUId5JUp!(9x`gbpLSYelZhLJ6GS$wSmz zN7o*-fI>nx(yPUiZKG+MUBg7O?#&Sf7zg}0aCq=$7m8iaPDg_hbzCvj?{`4PZD%AN_VRQ`(Wp^T7)fX9#Bb)>MT2F=M z(7|6UnZn3a_iY^_p?OWfu5K7)Q;1e2k;`^rF^vwm9FW81H_SSxKt^r^4t`xk`MA3b z)L?r5`+>*y($mK4=5Y+dNaw8f3twbjQDlHCa_t0?cG&kC>Cq!DSsghAU4$tw4dmqH zxL4~uQJOhgGu<9GV@^>F?Y*dWMS_9f`^qVbZnwzDtkGQqgwpo$4^9*k)(moK2j-w3vA z+2pE7>34lkcaG&^wG8PdGtkCs+x+BxPezAuxlP=U#TC!}1P|}6X)kpS1U!1>e!pPO zhAEq_d|0ZeNlW;_|A!OvMqGYYHCmPVb|a%qeSg0O(UL~q6TZO+=M~c7UyB^maP%1M z+8Vg%jO$Z_-DccZ5VAyC4KUA;tVvaFBIKGw$>Z8$Sf=ref_n!mS9)e;;KPu64|?;Z z)U~(8aOsyiEVc8yIy;wKMkec5DJ(Sjy=;OFyL(vrR2h(~z~2qAZ~fq#yZXtf&N*%z zpvc;Fy_+V#E4+aX`zb1_1$zs~6E@9{8m{ul&&ypY!b%@z-Ik_~k1pM#ejjq#qOt~b zZl2ax@xZuDjcS1AyPMOMcxL?lXz+HK!+Yl|h~#l}Z)-kMwgaENbl$u={~R8;4L*A! z8;1wOv*t33Q<)C5aoL{008iCp;CKk;%l^7!O{H;}UDpP#aW*Vui!zmeytqj)i z`F04#@9+mvF^vxzkuI3`^Cnz{Q%wiaabZIP`+_UziDSGv8uUF0_j(z=DbpPkEoM6^Ju3 zrJj8f{5=l*T`x188q98?f zzH2#Lme-%B%P{d~2>6~LpISA)zAh@+=XmdYnhK|q5fJkAwOk#?%{ea1q4axPJX<-AJX` zNyTSg^sh`m;qsnanE5v}f+^o(r%=a4!wx}^aN6Dh9a`?PnC7Tb@68QppUOo!! znmvf`W*>$!C?|&l<}Dt6H0PPHFpv|Mqh@9GG1u^<`tE%m7Jd1~ftTDJNHVW{9vdh0pJAZo2{}hI=L<7D+TPx3ijff#c zAZ<|(FnHDgb6+oan51XY&n)4!>u;$srbov_M$%Xh=0` zxXd=m=2wYaaC5W5%Qx(8TXorh!+cXmrZBkR1}LY|!%v_$c%@i(OAF`LzV(h>HmovO zkeQR79x&yIgYAShAPFdd2lphX`JPnUrI?tTCV0#cyzRFc_&8AHxnn2yG5p?JQvPTd zN`9I&;~gKlnAc*GE@i-uYrws0DD-TPARQfD0>?1KZK+ct=;dQsEyY~v z!eJNk)POJJ*vTR)s$XU|Y9*#3E4$it?W)J+%V1N&8EM~OloS?o!_{oxb)NfYyJ!S% zp3NTFdQvz+=DvoCd*t)lFkerwhx1|B(b@g}er^(Wp1CF}QqK>o& zsE92M zmrSPK8Ry8;Esu<#m5!&9IVBw*LCpRO=tfO-fI^vx=tBgmmCEeLsWT`^*+7X))O=rN zqCQ92xu@VtkKU4bI>1=UG8u>{8@TCC@d_g zP=3uXX=P>-n}izlw8UpXOWvMh?W9I5Cfj7-6&iZ)p@!U%G88|mS0&u%-uGygz=@(1zf1Ogj15;`oX` z1gj%Lc6QAFVD}?QRCT0tdB{qzgX?^?8^8V7v(QGT8k>iG`tYsTVf*S%uXb%esMOYU zzQ}a_+w4ZieIPXC2Rq|F0>bZ|;}jpp6$8d^9FR|)!f|+2&hXy0nEKY)jhSC?7fW4j zkg*{KVzX>2B74!7_W^_HQM=5;g>R~f3@pQ7ubbaZlV;Wv=488%%2Qu zJK$Q!=~VBd&NY{+oc1A<@Gz->-8~h>(>6+A zR)|YK2n1YXK@?fG-h1a~wa%w!0qzCybzgGaH)e3eRJu~RY;&6>79yg;-Xi*IGOWZ; zym9i!QBr-3CSbKB%1T&IbGxAM{b~}x%;O*K;GQA+!n$*Q{SWy1!==V!kdQKxapw?a zRtf9y^lme;>_xsl8m9CSQGgiHn$^RbJ^Fke?sVZ+qffxafln!AE`(5s+DE+MuzPk* z6_UI?5pJ`P5^K1o-?e#Qc$waioR~DS4SVKub8~lizG{nRG9HW3{Jymia%UY}yPD_@ zB0#3wW=^wRF|&qlY6f1v1H5F`hDhgmNPrtsFB8_>XN+H;d=lWE7PWG&FU2SnaTnmf z{c9D2OJ+qlFrm6GNw`<3%@FsvMqghaN_U51#;q3EVIloCNpMRz0JP9y7jKK}u2+z^ zZxc2=viW)8i&U7^;W$g5Qhh*Ps}2=vM{fgt5^p|JX`c3}TV?z$pVN$|)K%oBMbjD) zeOpFYNQA>AL;U0cz}Kcnlv=qBi$LZK7*KyxGnN31Xw08t#pEF|f`p;|2d*AoBcez9 zasb(wOdxjT0CqP8$ueex-BBuvyzjs0Blg=8c+5?Hem?+273gF34KG2+CGoN;1)1=V zu>=9E?2Zn_Vo&MuQs;G(U{JNMRAw{E%wvGign(sJQEi+&+hd(iAe-v66gM+t5}b-Eq3DRbbqURz+;91PXs| z&W(-wt5*%rg+1VJw=EyFqSOux?Ay5kMHw|@UD-c0&2sH^*ytmOoc|4C1&_F=4%?#CG^cjXDcGz4R?ay)3L7*;c!AHC)tl zJ3i4swLJey1>9F7=gB|~gU#bDTd`=Jfpne#i?*H&XeaA0k7Z3R?NDuR-B}qm^R6vhC?06j}UHt8f7qAHOjhk z^|sM5q9+|~x=>;{b0q08|4YcFN_nMv$KYUvo?JbQuzys+!}48kHQfG=*t17|e*M6M zFxh80iAwW19>Qkuu(VkJKG(DTPVs@KNAEqN&AFKPc*biYoQhickC{#lD{Q|ORFk(C zcZ)IrFvPp{U3_I>ds*ox@?oNZVMiKAL7mW-T?CCP1}Cq%bS3fIavRUNOvh-q%&BE`I0WS9W&^>3T#BA+qBaYtZdi_%HtA$i zwM#d#ESr9n28E|ra(|9?_tN*i_962bGMe>Y)&=dJ=z5N84>rT~5H6m>&4)yOdXP0B z{A&$T0j1>5+;VjGMEv&UUGDHUxgqKy8EpmEb?H{QAtu4B;~T9aTjh4na!gu9i8om^ zC25G*BU?7uBc7p-$F_*B#2u&e(@jSMzVVy?U3ZRAg!4qh!;K@S+N|sk);&8q`YxKf zPz-}U_rA+Qi3V_T8&+JGem-?|{`T$Lv{gp+tL>FhYYB4m<}%A87n$&tb04+xtnxE9 zOEO+wx|Wy%0JWy$!aLh-^tgQ!n{HWdd;0*VyktEHFDGWK-vx=XE{-5oLlCjwAvkDj zZJi@C-4^4B^Rf&*{3E-xSG;Y=WqnFc&~fU+&3+lcD17QYNYSY(qBoyhKvb#cNCe=~ zpJSWr6<-FIa+}4)E<0`~c&mK*04}Iyax(J)*KF#u-zJcR0ru%$ds{lj9jXVbw-=N2 z8S}szf0rh_O{_+Od&iqa=b$dCc)nR5EBF-~i&{*6>|7i9J?>AH3OoLev;@figki5u zn-=j?;#%C#YGzun%Xumpv~Pr6b%hxC)vDR|7BMIhivd9R`<~L$XK7}v3?N3rJloIS zIwB~;4eyL8zSAmI^y-yd_}qekyz^UjSgy$y&DM21f$OpX62wQ>9Q{4og~A!r70x?eG?N2#Oun!ut%C!=mBpX zn8mBJT!8sg%PsCN9-MWyEFh0p9dJ!5IF*!VMjV&+yb4I{y%TeMVA3jB*~wt_O@1); zXW*Ac*Q{t2)p>}iB*bE(z&e}5x%1rs8HflVFP%N1vcVPsDat8o^NXnwxi9N)E)eU~ zC44PUj3^jQNLz_rqGjoJ_t6MoxmULKs?a-2<9!1!v~?plje??+jClV-{}!;1-z5K~ zGmCt|rJVa{^$yPry-MDYUR7pv4EO8}Z94&URIu&+epDInX(}_L9=NjUIqj3bJCzI) zn}Zqt^0W=6e(3<&Y8d`%3!1i(E>bWCD&E;VdL`U(IvB`Bg&C1xRW~u~FK7sGufA-h z?<1nKH$3O(1jW^T{|;Zls@gBkY}-i`S!o>GJ{i4GBxIcw`I!@Y9+h=YIHKsfnKEJ_Aw*eRc7cS(=9`};FCpDCasT| z3X{F3&i zf!fGL9)f({4?=^)gU-2+w9!lJKY35nGoQ0JTxCkVayHKYrlYAsppj8|2~-KfVlFzZ zLkAg~6?GrJnq^+oeLUTkpFNi-AUE>OSdStp@bq=Tdtdnb-gQt;`dgM-3?EO;q#7;0 z&~XheyS=u>?s?zSC%QN(WjV2Jn7zn`_O<;%XuEMAAtb2(AVjGDPVE2Q z5c$0&bjG$`WpeF_RAu_KXaaPEMr<4nbq-dM?@7L0U}($9IQy{_@!a zT=(;amtb9El+#xRVn)>fU4L@FNF3m3;Iu_ke!7E)`JfumXM}95?U<~5FKVzdZ7H+| zHq{Bvm!b`Hg0$tgBVzukXqP+jn#roxe?lR%UHSD96jgbr3jSN-wZ&h)SQP{rZieAv z+#KI_EW1lE8poL+;d=+W9&t_I;Q&!hxlJPqq65|3hi~?~n+!?c7~dw3Ys$R-|3PNu zb$K3g!@ZuE&^3eEj;aY6Id>-ATlt4eilVxZtgpBC9-ty=XlU;7@o9q8PP=-kJP6D0 zR6_fZ1L7n)wJ$pUYN8qt8=0_fxPq}5?YPjv7}-id=6Te#SUYRH$X$!b&1GfMDMC7pVVkN0 z=WUyz3Wto^Mc}wY`2qN3!DvXEpC<;omhr($jAo~XXrUXXCfCmd#n%TC|7qk>c)#H# z`K|%D@V#rHbHs88|I_>#6(1sZO==fSREDsk;I%H7cquS0@PM8 zo5;6HU>0c{A1qR@4l2)Gf*ao9==mbFd8@KonE5|ysJz*EI&iW%3`AUynaTKVI6p@o zr)#}rBzS)sLU;pZgEj`>n|^Qbo7u?j%am)jE{I9wLy$yQ7F|45hAWUV%#hMOJ8kFA zn?o9nW{ahKV>YLQs}5*!#iPZ zt1i~8a5D6Gy`i^msk{*InmbYiRM@MRxU<8fP0(gg{lQFU5(=cpI;s!mM}~(R)s-84 z#>#$vymy0$oUNW+=b5Y4yf8ADm}O?=rUevQ+EoHvmVN(e`Oc}S@XrMz-4YucfGPbL zBU!x{-X>V8&^stft8>Z6!Ts6(>8zwQDOFyv5(V~^p<&W?V`5?GmD_04wM)G=+f|H^z*dpjrULy z*Mv2&_J;UO@S(QQ3~gS-EU-e`JVUGuPSn zwe9^5bD6Cn`n=}lqr;7ESf=6~2(@^DYrlGnWv(&lS2@>xXJTNG0V$L5LpYkimGWBj z_8PfA?=+|n!Y(lqN~f9$TOP=*>UzlEnx#;%G;{rtF&LXFMzYEq&i%f>E+Fy~NHI|! zbMD%+q5`)^r&&-$-hy52xGVFg^B@K3u?C$H_=E!c0RW5nJ$>8lQwc`udlkS^OfA zR4Q_476t%rt<%u!V>at4KzqcQ0p>$zqAsq64e-}|MU}ezI71A=O-C&=0-f6OH8vgn zHu&QzN5ST-JOjG+q|SMMWXNAR&3iw4#A7jUrVKiOfF3pJP8Eehr65(j7i7?)9=^Qj zIMs3;xbdMNhNlV&#-v26;fwSjGsnqP_Vo0fhXUxgMKAo-OSE88+$a-_0rN%U)DX+g zD{iI05`<@EXYwl@`DrU>aqFU-|M8JwJS&g7kEhoB9Bj&AE=eK9e@8)pB5)RIvVSo9b|pHZNy^T3yP> zp%Zq`m_jZ^C#(CsHc8z-81A7%J#Mvv8^eh90Qt_)>xhj@B~!CW$r!l z7Bl|;h@1xca$H~%$b6`Ns=OWmle2dx`S+Rb^dkfaR0H=`3?1g3>p;oadJO9k1X4aj zHLN3BPhHQp-FP{|ja?YDO@?3n^1M%m4+T2sV3j z(^*c?MgE!bGo)UnBS@b1K1KX5#2aqOnwpu&f-o!!HMErr z|8)7%aPJCw^e+W>wzfrrqn#kmOiv$34ioFi{Ik4}TIPjV!{Yp047gcM@Lh>?yn@_} zi-w9thuoY`lPw4z`++Q+p<;Le5|x?ADPIrpK`IMqa~^niX!hS3t&0#$s1MA=Al}s+ z-;1y+1!f)|bx@^vkB?0WWX{lmm{!a)yE@6Q1w`hYr?V}`aVE*V2-~mw(9dJu0bm1M zLr*XHk&KMOr)S?rynUjTUx>FY!=7W-5<99rj5tE zOZHQXY_Svb?2^v)qkkl*T5vYG^viAQ4b6v;%2M^A%|^gMBqSp;_AXoOb{{1srld@> zhig2#erya93shLXV5kJ&El85IdCV}GC)j%8aM@`q%H-_Pjg z_tnjefW;~2CxM2U+BEFac9m7HPpg|nt{37c?yHQRC%$vX(p7Svo$06-E(6Mc5>nLm z5%2=q)-2PtUn!CCsuEB5vVX5Em;80L3O|6OBZc2wg7G%R@qS`4=rWoPv!PCiYrO?8 z!u*mMjA>Ql81C-0)@(Gjsj*dUcO%Eie=Z zY@N=NVzRFsKd$_f;A`Asf{)_$bv!IW7(_?#FAK3Ixl%;#^F<=Px4x!3e-=Fx-v6s! zk`=3La`)~RrqDV3*agmO+StbIXFAC@GOC|*l|JI-saVwA5jwAP%OJdHAS=I%K z8q#((MF4%jU7x@29O?_s`xi!)=3UEWWx-^xUrV=H(^MP#Rw^){SG<7+SmawwH~TOp za=G^!*iRFe@(+y*Sf7-3W)UtY{)jc(Vm@%bA|%s5f|a`D&uk%9>@#9i2ddiN1otqU z=~KcQFxqEbGP6L8Mg)q?oAACny?&j3oo3mx@Jv*Xl{Pa2`IG*b-nCC+^J&W03nP7( zE9$=b-{=j7f7Ho#?!aVwtv&`y!dOBG!?gTC?l$9a#X8-+tb1wl8w;=-@=dJ+oeQ#g z^3yfHI8vyMG|!Jw{#SBY!@tUOF+)j+8!e|DNR8V%(Tn!6l0w7>b#5j>)Q^YOsbBA5UW9@d^CsSZmJPSn^2apcS z8p1q1c|~AtQgPk|D1#yE;7@+Es#9Oq%U8x=)@ve;Z44q0aLc2s2pj(V&p%c zde}!LX|Wrnd`H!O!z_PbY~oFjqW`TAb6`%V1dvE#DqZze3W4|izo+^fH^1JI>u%xB zGd512s^MOPPBd@GM}zmdK++m-fV6+ypN))1@oCuXo;&S>1{GFm&El`p^u!9h>~ z_y6AIz&u~JkY0FhsTGXYhWzgweH$KtNs17hjd8k@zTl=`n4M7%FDnjiMq|+uE9u#o zj3CDRQI&@D&(aX4VpU&D;lw{#G%8X#pKqZtnswAC2xMWx78n5gH@$|S1X%jNOMvyk zU(g=CWPc(q4+c1a%zoB>rSpx90-r4~Dck-4 zr)b0zCr|$oTh(yii)#DCb8n28zY`mIVG}Ycf(dd`*HMOI`K$eY?D7L+7AgQEHl0e6 z_eV?P%J~^x&akQQhf(jve`3UzkeHBNx74X|&C*dA?CeT# z55=DsAiRP5V^od*nX6pD_b*K_Lfq?qLl5i<3;fAp)G&?M-yn%5de~$HOzA)JK}7?E z<>H@T{6C2oUV=SIjHrDQ2v@bk@_AHCn+8!Fid zPq-kny;pnl%55sJXXifiu%5jy;WMya)LN>se_p~j2mG2Z-vc(fQNO`eBP~#ED~BO? z8FX&@eQe_2ybn$!Mm)e0uLc2V@F4omg+I$p1+mbL>6~z_sc;LGBtQS1>jy}H&{v}okWUZTK}YvcX! zVDPhvB`hmFnw28zn#von zdY1AK0oP!S723Q>M;{%orDXN}uK3UR_(*npRi#9O$8yI4@JbWY z*$UC8r+KVEhvN}`pO7o~a&oevaFW{`CS)*+mu|BR(&WBMXo91m!O~uJb~OAZK&B5~ zs1WC=bK!Rm@2B^}Y&5<@&H8a9x3BtU>vxaju}@JxLGrUz@?XEn)|2VB$h`T{D#aIh zPmEuB=D4QE`^`ldQ03vKWbok!?JaGwAssdwv;L9aQ1IqV`i6bWQRNLluH?5(E4*3h z{|BO1z37ba-XDEw{A_vH(Gy(X|gKqC-tfX`&3a9_j2g8|ai+>At7GJEYBc9kAgI-9R&V zUo^j;hDRv97aiAi<_w(2z6*?o+uhU6YLpfan;M=fWXW=gA~jonPa#6AVFbrwTAoZL zd(u*6d&vYG5l0uDpTfxGw*~Jt7U}t>15~^}Q7&tL2Z5o+nF2<9sRnNFRk2LOL~M_I zIfG^X6_`l_e>m0urL-Jx6*}gHmC0v zOl35D$JEmjQL*x>O<}fE+zK5LRrIVcRZlWmuA8?yZRJo!T~4Vx+R%HPE+{lD7Fk4x z)bIP1xm=B}Me;=LjA}pg_1*P>xmZLxV;BLdi5KAe@MU>VODziXeJ8mP`op}1D-vFu zPWBgJa;6G1NxxrA>zV@ai!$-bb+*uwu}V&(>QRfx9PK)4o?e{Rotm28l+c!@(){mT zDge9W9uw7dc7#9(4V)pz3vV({W%mcTxhLa(CWp`R2mw+g&->9M|9jCPJk2}vT};{> zr=kYxsgEIsBaU~{O&833IDHdSVofyxD7k3iCncwq8HLfl%OrvRYF+I!Xz`C9u3huf zP@Ap*H}`na0Yt*0v%iG`W|qTc9uoi&Zvb&wChcg8Q>$Yncs_K2rN#ss7C_d61vcYP zKEzW#NY*t&_As*ko(Y(WL>E&{=&=37|B1!qDnoq82plR2v0Xdc?+;jLJxj0d3vxdM z_6Kx0%3l3gKA^2|+jI+$+vh)fEKcPN#8o0IHuqGn8Xo!@-nw;sAGE-+djzSMhJ2CUF@6?8f8TuiR^u$9ElXOFjM`gg@A7 zcq!`5^DG~`%5*iC9u9UeK2bHoKR_tv1U9G^auoVNX6I; zs*AsGuQ~LR=n8E}(V?NjEnjh2K;;BD zyR%i_Z)9wb4SoF=EkKkeKg#SqBmx%r$<}c%>!?hqvWF0q z#AKg)$1?>gFEajJd67#6P-*}(mkcBkeiAr%zv#Y!Hk|X0eBa^nM=qR#R5H7oIpI{I z!ve1MjU`Y#1q=KO@j2%}R#l*og8qOV=*=3KfkM*CzPWMgkuz#E46#EZ*`{T5LHEAq zCIw!-x+G)m&+D2M#B5;O+@NjCy7gO(sPV&dAFRh1t{qDMXR;o6GjuBI$&yrPXq>f* zQ!iv!0_+dT$IbbCaEhv*{fn5vEdhA*9ZSRR>6tblem(-;gt4Hv_YSm$4JTj`*BG&% z0BickclZxb_e%#>i&*Nd=c#gdp(PF{3K7^p%LR}F64TdF0DvR#N4YF!+rFNDEEk+T z)6S}Zw%p4Z5~#>r%p%}|7I)dJIf5+ELP;3-8r}@_daXkR?SSg}V>tc0!>6M6pK3gg zOZ$e|#aM9ZP?6VV9SC+4j$z%=8G?}8kmoM)u8_C<)wKI;*KbfeaH&NmMliiLm6wGL zMZyF>mGpmjto1CN<_mDvPls{??(j4hHTlhlzMLO%Ek^!U#Sm(Mjd`efmHt%0OnhvZ z@4qrsvKVeNhWP5Qmaj)Dum8BT2Dqg6=z^Oo9Pw@c=*d4x1;6cq;_-RILjkSgAAgYp z?3~wo`LxpqV#GhocH*Hc_<#x3LONJ!u`(!ee7IN2635beG;&H7fVTpWS>MN}AeFOi z{GX72sZJKK*M_aV9MI^#D%d}cD-E>{KWT@ih)k-TOv^VbY zWyPECT7U563@p0tinCdPGCZKu*8`Xlr((1FNc_tON-cEwW(RA*CM6j;oh?VU9OE>x zk`QEI8o@DV_Oc>xiMb(-155k#*M55e%{Gm%xqm9et5v=feLF`B%M|F4Hes$&CYJ%a z())GYi^LhHb!yHKYg=BX5Stfm7?*ct7fZKfFYGSB_^&V1AvL2&&!=4@!Z?KBgg~D5 zm@4ubblA?P;Uz0~hI7Q(F|7+{;3Xy3seha_C6Rso57+<0*?Y%R{lD?U5t7QtYLNBG zOhhs=4rL^JW~V}#m6h!jDrKZ2k-ax%Zz-u`WoIkd8QI%?y^liQ-~GG)xc~7ub}*izMe^x;@K@2$3X zp|^SMooY>E@ESR{4uvs8_E_{IPgiK3A4zS4B*R;WaJ*IBL$)4yxY!;G#;cU{OB3VC~s z0MCX*$VZJpqYsn7LlBNQ%GbVR|CnNbQ+TR>>C0M{Udg_?ZJQa9Ydd=@s!wp<^&O!~ zz6V<%Nyzx)PaoLEJ3|mdxG^RBti&@idpx~;!I16kZ{*Jue1crXd-dh@ z$%Qfzn9Fn<#E~M43Q+HB%CoK_MSi2&>@$qmo*4&*LZ0I8&V| z>-rT=r;}$AwLB4Qw#pefypVdW>-m?*QJy}^O{%J_&yjkVvUl!P^0S}sb%vj-@{ZOFNdxgtjaKY;^)(=o{&k1kC&T$N{PhuPX8F(FT~}8 zi`38Ldv2CWM24S9kbiaFSi{mX{o}`vKfAeyChv`rp^@V7ch(CwQ*E;D2Kmj!hsdFc z;MI_TFFT^t7>PW!51IXr;k@2W9~=>3}0+gw>CI&z)pen@!tXO23%jp<} z;>>n( z_Ww8dO|n+IW3;#%k?j8hzxkMhmjK@wZf}!bHA*?10*5+;Z?`2yc>>b5u%6>(Oq;m9S;J<+qKL44@n2o)IZq0|)#qR9tLKJ)Vn{`^^P z&X5D*Kl|{e;m&ocIY(XwUWKu#X333dte}|KQ5S4&R#;c0{~RE`Qa8qDXJ+1U z@*;MKJM45u$A|#`&EiMgbcW)MgsZ_A ziS~77iOt;0q;w*;rY9{MbdFyzPhXiEyead!+V3RRuXox`q|2g(wbq3DY_JXOCS%H- zvHO~DxNbG}Z8UG>mq>4I75DWI`S`z^c^q}WcWdaO_v~a9!y!V}Ku*k)KRz{N+a(c? zkC(KuJn;h%TyhAsM@malC)3bD_9f&dqoMeGQf`birLa)QK~5*$U74HD?%Vn zb^>VJh!XYXUFek(O1T9FQMFeY>mzPTHU6isnwln#jp$ztkBy7{IpM@0U-Ztzq!|-p zve?5T-9I`0U~HqFr|h!x62pxxAr>)pe>S!fFK|j6rS#jqydHvUnDaA9l^yxao=T}d zirYC03$P7za;&F_)SR@PY_r5?C*B1Q4_5j2aJ>m+4Ddh2X>ido=p~!_&w5Akz_F|{ z?v#`}i)+(UZhDzaug>UkfFvJ03Jbofu$@SW<6UAtSTG|OaSI}wchW_7O4T#AwZ@{8 za=lHC(d(tRirn5FKOPF04})rqCM79S-j~N*%y`CZM>5{snbRtI+f5%79ASl@kw_~T zWL?l}H7&t5k`6)U!vFuP6`LAmlh}CII(FkwH&gHu>yfDPWxK>4rzOS}ho&D=j@PJJ z0q^!TdH-(2lUN2h#&i-}smlGxF>ZqzWM_lX>;0^zl^YZ?lcJzbwqFg9)N?|vx`sC7 z21PXjgS&W-@+kK6>X5|e=mV#M8pXGKQP|=Da{k?S&!9lu?iaO|W(0R%{9kw9Oc}g; z+V40X9#T4EA4TYhpThJ3YQ}=oY`Go!H}?mH2Akj~ysCdAUx8-1@3!^1=_cR(Z*I*o z1{O~1PrtmgtF{TkTr-@S=+N72iHXRax*JC);u>GMrW_^A(j{w5doiAb^2Z+?3*o}| z2p2xrG*%*h0M^YA-l+l{?;#fsz%LdLf!cCLn{UkvSS~zc)_1X^)<41{6g4*0S1@D| zdoj9vdHmvWG1tJJ)}oi;+L`Hha;(;rj{lw!(kWgSoEv#K6~#Y&wa8|4R0{pq+4x7B zMv)^{>K-9w=I0V{N{kcqBdEmcmhUaLPd|5u*34;j{tky~tk<)Q4_P|$^1h`PZ4-a> z6kX-~@AQ{!<4dPOS33Qq-($<*)fpYmGUwihZ?E2Hx46t`QWkdZ<^)3R1r8wF`t%JF zd`A!t14O^pH@zfijJEK0#xqQ!l8$C%L9VB~6iSykAkRb|3*Qeguybd;sA;@+ za~W}3HePFLo9T`@HsrbsGZ%>mpmnaI@eRKb`ldn@E(mB`*fhcp>15T zJMCAK(*~JZ+9wXpKH4WI6P2SfOQwsop&Y&`DeAeVrKM%4In=CWT;(b0DZj8d7|C#2ervz@dj)P~>*n76zAzWFh*CVmIezuZ zm8V4E_Y(al`i&kD_3GboWK)ieecJCD7t<)NK70y4#Y4#Yl-)C;NViw3i<2kKTM}g^ znF3QO7|2)#f`NgchSZ)Pts!^hfFI7ehLcryU&A*ah{C62$`LSRN|{iV)YMupRaOj% zcP)Y1($^>Opdj5JrkMo-o0+z{ugWM>4 z+Q;TxdH&}*{fyeP75a{S_Z}+=5B-!k?sHzVQhYrV9MO`%gP&4%g7w?QsbxyLHLHU0 zR(0hg{Rg!qYY)aVn+uI8JVCr1%ljsioXm{wCb&n4v$$Sl9D5>OcHUwBN%qu!zg?+u z7Xkm^uZb{}%|_;aiN;!QsYpvM;%?PJY;A4J2Qsm1rayTKXP|<&OYjApl1Wj;~0lK+nvwF^=-BMawHf1U1aaWt!Ft)L=1BO|sd_nN+ zd@Qi)P6Y11^ySNy@s^~35`zTE`?j_Mj_|9#QXPPwP#J4&c)}Tw{O&KQ*YKv!xvh%b6};i!^NrOQ<>J z_OaaTQ~j|*pcswQY-|>g4(DJvKicFLRb&;(|K3m7(OlCsF=C{bOhgW{PJ=h+&kvfF z*S((ZDQbz-4(<~%h#(cJ6j#@DN{Dh?5ai%c6?2}?j(Jy9mny?AUayz?^}U$0#<7)U!Z63)xe<)Ia*H&rVe;v#uSRQ9)UBS}AkDadZhfgN{=Iw} zFvs5MHMwo|7MKk8`3X+;I#?~&@^nhnA6Vq65beqA;zPf>lg9P=#A4MPm{|EsPABBt z=IZ||TW-F}$~Q2{&B~U6pjxrgoJdeyZ^Ppk<#^DhvJl9;yGx3b4JaR6KV z*wA;AQv!3pjkZ=p)&yFnUMh*3M9m)PcS=$cU-{3G(d1J{9lv_O@ft5L0e%bH%9QsI=b=joD#VAEysP(7) zR-~orG`zCZ&yY|ubs|=l!A$|G!t(t-)jj{tl~tYykjR}E!j_0gMfC*rJ<3YzBZb0j zvEu8=zp&?8qM&@W^3~uMI^rQCM#%dW70Kns5Q_G``bO(UoHuvDttsg)*I>aIzg;__ zwvS#;ZEgsPGyQSEryWDoA2f&i^D`|ga#R3=WKt)(F~It5bF4?;HzcVrC!Iy{Wg?8UsF>S^f|myQyZTcONz8pK1nGT zN`Af46R#LRN}&Hq0s@MI)V3SCnH0JR1SO#{9N)Y+OowD4U)GBFM#FyR^`~r>5AF}3 z4|Ela9gMF#FacsaZFNyh_Yx6VKHf8(<3VLkIY;X1Oz?#%&x`(Ez9}-`x&IeQBD6(GyzYq;1!_J13 zgLFr)W4}q1!1v&LzvGR93Dq>)47xt1#}@(0Wm|=jL`kvPOkl|`UmnWHjit>s%b7)w ztcsXMi7ovA(e-S95p$c$+fp^pc#1U2To^bh2VMuGOgGo3(FX)Zhu`$*m8?|7t~b)> zR7W1U;d8kCcMXHhBf6Uw4=E|9=k-t9`Jo5N-R}OhTlV_ zgVlr1a)UMbf}7`u-c;7~c=YCVbQPJMBX;n|N(1a7sjcnbW7=`vp`i+pKN=2sSr*dMd*@(6kk z$Ue^Zj`h@`5HQ7tN1yk*&dL5OzgdnrUi`S2)Z?WwYSGK)JB17oPzeJSt<7uj9D$T3 zBRN{5Fr00O1dett3QBruxOLCuG=Fw2^jNI4{dJrVzz3&tq*7zwZrJq*m2Iw`Jh8Q6 zHkHw*z}S|i&9mgovc^bZLItBkK0ES=PYR>?LAx?9UT)QyT&A_cbulR>=t^IFl+D?~#x^q&4H6F&=*uwnB{8?`@dVNU_30QtR z4 z#F!6;M-2CytMI4AnS0j6{k^BaPk^YWtK?tz5x8=ZKS5!0zqOFvf4E|Nbqs|KXR>c= z>ll4>?q;sDeWHP}asJF3zM*dU{T!70))%{Nbl=|hHn{iB_`@eYuBf^LLp5}^&wUP; zw}?G~n&4)q5u@wc_g_8zUX-M3g}&a zRao+BH3>M^9V;QJN$0(n;dQ^)tm*{ijUxPgAe|-;8E{$aFGYB~_crfN^gHG9OVyEj z?NEH`xV8xz!)C8-$~Rv$g5c2HZWg5MwK~rgxXR#I3aV?qb)oU}D;v|`Kw-i0hjWcQ z9|Y{jHA;G;xO#pEdqe9Ly3jTk*5@Kqg_|bh7tqfRN>yx{KRhDoMlI*I{QiJRLlU2! zmQuv(OIFtv?~MLBzk)tzy+;T7Q$~}^x-W-WXbyAwoeFNE@vJ9m%0KIp^zm%$QSMe z^Ve1rsVC*!0Hw&`**id)Nu6$TYb$rVSjPKHI?u96s!?<fWk)uFRr zHMKQeWva4ijatp3+%mtsEblbSd!{3t=e%GJTXsy($b_j*n${?GUMoYCBwlnZL=dg9 zQq0AFZbZgyVW9)=qL!qaYYRM-at7|z!HcDt?HMggD@;M*`d5|3e-}2Mk=LFX3{YPf zxJ1_ZmfOubq{yrlirMQjp>71xW8DwMN79REfLi+KVj!RG;9O%(nng$1TD43$jLuWP5NdvvHsyO-#jl0p=YRTrtgkKk(ENv32}fo$TGu#;-| z_)Mokgp5D38Nqs~X&MZBtcPu_oJ>z!C*jD!|CDaX_Z@TaMxCZAqkY%d*4yr0Av z%roz7PD71@QQThYG&gy{g@a?wAFZ=t(m={*wo%xS$hS~rSh4=D*6zz`+U^SvD67J4 zr-kAI@CBEO?z5aS>jfoN5$&G#r$RtJ@sd^gtRm?*w>-KI*k%b z;cHeoWig$rZxtunou`Uo7VVYyr_@9}sIq>)G(==W`=`7E|kBdu19n-SH0Gi zOk=@KUuOlktJssWw)tVgY?D~7%&*e42BTB2Kvr`;zFw}(NUh*DPD+bbIUN76sO(?Fke!HncWcpgB+?tzpf44D|R_&WC2 zbK$xLcQRU(FV>UFOQTyq1c=58+YXO6$)3vRibt?R$~G1+f;pI_#VBCWegW?2s$C9F& zesZYWfr>N!nI%AFc)SfZas)K^1jj!2+On|PH{_qfKiq66b)I>DpjAZ70IWlGEv;9w z8ziQTni?9n3he6Y>)WE=*fdKXpa+~hht9WPPqMV-gA%5%{tQAnZlBDXyD? zjXK7E3HZ{C$3|t_6i{H5vYd zv8iZl(>5?^yzvtry?tY}Qi2X)ywH^G7D{F6%`dmWFwI8JHH z3J1w}SE9Zw>nRHB!XJ4z(lco*g*A}RvYS?J(syF@P6MZjO@D?AM;_Ii3Y`k2D2i5@ zPR3N_tmu3+cI;G-lI?!*pD>VvFD6 zM1IVC5F6L#-OtgY)iOL1=^r27JaDA}UyEG5>L2Y_FU&ukT ztittKw|p8qfx8}{0SvW4t>Wa&$EF@Z<0@_EO>bJLF0!nsk=U{fH}A-tY@#Fn5wOIW z1}bRKlau6MTjG*@!tv1>cOS>w9kaJvYJYEaIB&w?u0AH7aSV!MKN5 ztA^qB^be22zp1mBAba=w!d=|fU?gTaS(?jm_IG=obuXG!XjJT`=R zk+_|xfm0>7dy2(L>XFZ&Jt2&9w>!1*z;i03h{7uZ!p7f@96v$|iFg|1UoU0LS0$6v zQHAZ+dkheR|6lene}r8SJj}ti(xeS8VX#gpFC^h-XHLFFHh*xTC?rrZWL$Bz!)6c`xY-^QEp>QzSXjcKcnboA^J)p$$Fp*&m1a#?){ znw@JKWvxm+@%uOLjurwjVz>on53+bOl8eBAG5j>SNQxbCJnSuFUJ92!A@It({2_K0 ze!Ujj%zKUnu8j8UF_UficT#1PL*opJ2&V$a!`*u^Z;X=PO4Kbqf!GO4qIv)2W13bX zr*?{-z+;bK*NG3s^AbG7)t#P;CWK8u@xn$wj8TgC&N`sTxGW zQ{8RNXpQ?);nqTPyl(t%DZ?4xuK6&R-Scgj^a$*W5K60CbPsld+G?VC4 zCAP#brCM}<5=l{(6rPJy zSd2O6+4P~zPPIsX5Z}}!^p;+mUwf4k@RetdU*Kj_F{dJNeCmI*<3v^LS%rl=O%Y+C zov>FjUu@F*Q_WqG_hZs$=5@Rqq zZCaYLgvLvEqtp+@x$pF5LQ$!by|)aU%y~{~WYqTQBp%6oNon`NQ+)Mj&5CZhwMFnG z3rN?`gD0WhCGm&ME|(JEpM@~k-TR!ED=UDgHWwC5#ux(V)3gnpG^3txT!S{Hv0DL`E2@!ipg0C}%%9l@N@x&>%elB_tfw{8Qpp5nSoc z2+_ZFls%~xYN2h7E`L*`|4iE^vslujUlLOFG`$6n%Cyx5B<*1?V!$%eh>lM=fZhkx z5bS;7)Zehhjm?hx1)1i3rA1|57Wzt{JyB?m>DXIYhPPRQ7VQcb9e$~-bky4}Omq}1 zLGLwLK;dhF%phpcVLO~91Z}hc;FI#aZr8a2Jev8-G}Ia+`^8 z9EY}X%>dMvLc!AiE=CjDcVQswr_s}StlHSTD>r4WNctJg*xMS00=ySRHn1t??dd6o z$Hn!L`(w1T_GW;jIZE8XF-&5G$Me_W|4QU29hV+v2527b;51o6|+p zn_HYrOoj#}c1>4#$h09n$?(CZu;X#}NCzs&sbE49W09DIlwoBQT0>DpnNd?r4Ax!r z8<)2OG6WZEhD36bSE38dh|Em!xDElBL;Q65w-n&IwaL` z`jQF$xt4qY`kn9~6HS&B?2lJh7HjJ>!%wMxM%%sE<2Wq_+xOB<3`^(y9>lRfl1~4T zx8=(T5Y}zvyk4i+o|DA9kLK9rDk!djz&aCE0TcOI5FTp`Dati|Efe7T{T<~o+$YlL zb8zQY=AyH-z-t%B$*z=?<`aq59^->RozIq$wsyE^)T%<|jM;;BO0>^}~|#nY5>8{h;xAu_K+-xDWWsG!{i zHKf})T&&X4>6L$CxtB6M(gSC$<%r`-=YCl4k&05%AeA&^9y%}%u)vAAF+nu&&WA7v z?0pMX0ce=kw5-F9SEmIK>WP~snzgfj>*w?avKaktL29r-Nx|3-30S}XceUTtXefjk+>CdEXEl` zbH+!}2N;?G-OjG=oLgIlg`kOv*;s^QUt29t*{HbDmu{4K(~oNB(U`}GG1qv1+z!R& zwzT0GcEPHcReAN(g@JdqSt^sddGpXyM)SCw{peT8636LwP`2$l0+~d9e=O@>2%P}m zYp$7co^{#u0nIO8^5%b126V425~*?Zc9XVWC;80|Hz~9g(0ENsS5KN;$uq}iQZ6;d z960NG9`2)pA4+?79_iIVCF^~GNd;0*Qaom+ik8Ho&*OLk)T#jp$f6(M-Y5l#uU^Xo zU#C=rQ+p@0NqTe2c?Pfg)2FWckHwctp?~BkY5Y{lv^%%qyIWCK`>v8@Sa@UZbaQ=p zJW;mPAEL7YeQ0dJ%C0kcn7A@G(tW>fMKu_71A*nl@2UjMmthW4L_yZenhz z$+CZ-x4cqguMGmePkgv=?O+_8;7_|9AW{?~J}3~(cU8uMa^S<}@vRo6tpIPJ|z__qXseF69HEJGw6uo#aouXqqLU@ca(=y9tw#v5LOGL2tNLXkUc)So@9MFk&&EkD zyMl=V0jr7Gf3+YS>b@5mzrD$cL%f#Ydd)FzGIm=Xg@v?n7xd_Y&j7EH-jTE&X(jpr zq;8Rx)b3CAy7!GKudRxzr^WXYZ zo%_9TbHg5>=+g|#oT-V_hRfgBoQmhxD;Ups!D6}6U0~B;+gK3|V9(OfSRvn!UL>~z zA|yqP@0kPdPc4ax$yOpplRm1_7OnEFIG{~cGl14uqfMq~kNS!dLhPNE+f7;oq9B;N zXzzUR@sq!jk`x~wFHh*#4M7~>@N~dW?9x;l?&_a_HWQjTruA^i<@CQem-gm@bx%BC zIB_sBy?>;dzD$!dZVs_O#AyLiUw!ia0|1v}hAt_bd^N#_E7}7gPN958=u%w)r56X| zgapmE#=TV0;lZstoz1}>xef{){-6Rk^k;_$ueWL-W~CRR?jU(72U+mI4^FL~CTO)} zk)}v)BE?QAbB{vi+<_ev5-OpPM&*>U5#q8)smEn9o(Kf2g%c`OZ`?33h%ZA1jfU3|_Fm+9Q6wdp+_xL- zYM3M$c`Y^A-Y)9$dki(kR@ee5tIM~^@CD%4sZ5Lkh$CYgENQ=N&IjN(Y{3VaV@RL@ zS=pZnGitziQueoQ)8e-w&#}@4Ahy0S!l=Xh<>o#BL=@KXgY>bXi&y1$pzy%bZAG4Q z^SaG|ZwL(Gbnw$8P(8{EOmXSYsAj)xq+X()7Yw{lFVy~S4q~Iyf~dWFoTKZh=VQ33 zPf6WF%J<2Q;WNdBXgjuec&)j(sF$jMU_8O!Ny2oi5aqo`=J_JCiZ{p^b;RD?$<#Rj z1sAENQ}EE-;GMk>X~IMLvi=S%DgX&YrH)k6{QJ-7ec!BgbpfYJ%Y4qO)fF?V2m+S z>e<6np6c+^aK7gGmUGBJ$IV52VNDotJlv2%oX_|vsTl|3QZM`<-LrS$fQ&bkOOaGT zfp`mkUs5;#<_DStMt^;b80qU|zSR!g`{r5euHVP=en0- zbbr<;CkMxi6<7&cn-@TFtb1&8<855&Ke;T%`cC@;iR zqW`+o=V3GwY3on&%okL_2N529PMl}Yw#R>YDd4hb2@bgwhsiF)RW4xD*CTG(7d6wS zy|^(tdOOdmTgxoU{uRK8u~_DRr6(YN@*ixT+zG|iqvNo%YyRZM8p(~iUAuKlo~Rkv zv4;{wxkw!k3_nD7?uJ)p>8yMPG+aMKbGG#9m^>ARixJ_=joDK8DsXMy!_#v^3=8mpKIe7obbi`0yKRHDlwL z$Op4mdhG`NAjj><_%$^ga)%!XD?#0!XQ+B0rOn?g&r>_~f9&PYaHMZ%d{bf;qT+X5 ztYdZ6Eq5(ClCZioZBx*1(V87|BuQVg#h?CSE?~$hM)Fk?Y4(;lYHK;<16qBG9?=ms z85y54$nKA5Q}th-ig`)w1yE)h4+0o6$dC%qvO(!%)P{4f+HqxD+i6+kmhi>(fPD)r z12^H52dX~b#iJoSMO|4~Ix2u6>jUXU1;3W&9zj=8hjd6EO-B+j()k-Tz|w)-yjZX- z)IpJe7)7s-?rD#WgtV+;Yz>R_J)lg_o%kS*e0Y7Q$@g#v`HUfm5eO4N4>H*3MbbtH zTb+lLsiEN^jto_n48xpHM9Ra5Q$U|7srmXqacjd-F+xPMpx@z5d%8|s)6GxcDxmN7 zm(nfJ>_%57G670IFmmNQU`POm?FSC4979ua#o-HfB<~;_04vFXQRo}r6wgB}cL8l$ zAPdQSoz`eHvSeE8#*J8+@`YF6O;6d}SVaI1KNz~I3ijQ7G$>Vus@EBZ%d#KX8F%N* zT&_$(QyF8}avp7$U;ddzH00593=`o~fUH_*^z=U=rfYWi*!4?E%Hk`RX$>F5xYEq zMS?`knSqZe=$eNy`_F3cJ&VJ8xfy=@H2x`&_D%|?b26ej+rL^)m`SD0f`VQ0OIU5F zV0o^T2q(F>!Lu#Qr7G{hBB*S4%DIrO+%6-O#-bR#;NYch^WG*w_!|YAzwd^6@E~D0 zl^lhPuzT@->t?G{phTUV_z2AJ>#+m6 z-w&hZ$bdM)&jpO(;2i!;@*kfKhs1t$QDjxIAhno8c+Yb&6EX`2GC%kI%yBhom!imt zaXr6|5uHGLP7{FjPDn`D75p;JYxzM!V&ZD%(QU1TSQt;6QM1r20BAK0(qXxnm?WXi zsjsi^J0pF#4o;%wj=+>$`6bv1VXiv_%L#s@8>YJo$^rOtMx~Nkj+&aL3k8_(x}d~# zffCb4a`^@$s7aG&2L8cln%VJaA0~h+2?A2-(Es3bdJwk0R{hy<{fFqG^AyO4(Z%@C zB>ZjKjjO)C;8>$S3B?XIkX=5`P)X9r=1+_o;U_5>s&A4RcLHrjuDlz`ljH}Q7 zvuY{8^5Q)I39ZFAppK}`nrhzO-iWv`bT7Yu|Gq|ryPLGF&lBYg4jjYhd+HEcKnjGR zhM{$)*hOr*KO}Y|n0~;!!V;X{9$ns`U?b-M8rJxzs3@}Mve~XYpP%_EM3BlhAR-H# z_Sr{m_z@N?FzK3)--6XaxI+84vjkH5l?p9IwSok>!M)vrM{c`m_@ERCkNy~(Y;>5j z?MwHC)@OZY_8L@M$72%fL<3OA(U9Lp9QV5QFYO})Mt&Q}5A{r)0Uz%uFIPM^>as@idZ!Xn+`Wp!=;H5m1Cr^Ir$#tF2BaB)F zsK!A6qjTD%yslIA?c28wCK#tE(BL6+Y6_7zHY58Jc93q6I{^Xa#o58eYy%|W`Y{-b zJj{yG{BW8bBeg?B+fiF^A1gbG~zS0kM%h&?^I?CwW!m=sKKaTwcc?E95c z<%q97l8(d>T(t+><;OeU7Ogti&?Cd3!-z4Yp)jq3(efTehFMp{L;)I#`jD3eGQ{(L zhX8GaP(7*`8N%XXdGmKFy?MfYk({oq*_OSgZj0(Zjo5A@$^HIQ>5KIziQ><4N>+y8 zXU?R|Yq_UCpH1L3VN%gzq}va2#`N5dWI_ZAXw978SWp|p1ai@KywuU0DMWZt#6PL2 z#^$1EZ-Z+j3Zt#V#N9GJCLwFDswS0gG!b(b%1Bg1p3iF2V_?QEgjF~e8Qyc(d!pFk zI`FPy|4Kygkg<|8g)v&)B#+SajBe7j>DjEsxk%A(S!Nd(##?({>J=S82OhnC8fP-z zdx8=oLz&?UxJu~}KNj8Cby*TOXafat8{C*!VcWpSJ!ePm4}9}o z$UGN!v7np?y>+wst{xB7>4FfgEVJUtR@IUD^Y(XMCdPXS1w?*l-Im(eLtcm+t`^;C zWeb~zRzVUR7bs%ga3ii!f97IW8&0&kfWh{a>*+cCOuerB!i|+lTY&?oeLN zvU_f)Pk&@atRC1EKLRO)x>B3&&h8Dw0=WX=qP}Y24wqaAt+E!)dsi$8HyJdF*sFQ^ zcvUj$xzKL!T6ml1Hpqe8aolVmUrL^V%7^Okb^*=IQ&jSLB-8WRFL%{;;o=b<`QM>d zkf9R)3`OEqg&WFW$o?Pc^S?upAVU%V87c*p?a>GzLv}(qX})vo?Wk#pqkuRZl`X-3 zSYJ5>r&BT>!+*ancIg=PbBd(B?o{#_Fw8MLR2(?G3PApTxFTsRC;1ip%JAL_VuFdK z!^RjRpO;d5LQ*J36r3{N!$c%{z7Jh_kYM6bRpmlp7>?2(a*#jo=l4>5Pj_#8uN(r& z2uhyR3qIVhq~sZoA&c7gXHjXWXxyUgg*bK#pAk*xukQJ0QPIev8n+c?Mk)gQ6&D{~ zPAZx33pk?v^XGq$YG8FH(`KpN{Iwcae3#5k+yttO7*!A^Uv8v!-lK5s!{35wo;!*A z4KoGSZw+%WM1I{>V-9bqUcme2_km?V{%pHE8 z&3_(24DwUB|G6BFk}=Ikk{4_z&f6>5P~F>zyM&{#_tem186NI=o8Yj`CAc|}&j1W8 zX3LTT$6<_epnpuaLpSeM_JmjdQ+*WXB5=MUVt*u+qbhme`RTkptnG;!Kr|OK#qIDc9@W63GEiI*ESUjbq(8%Y z!~Jgru_d_4Z~qZO>TF~7D;FRR1v%QgR^4W+PQ&L6n9EA$5#?!$!602oJgk#+_o7$ z9C_=y4BohjTrNi`g7i)P9K|w^>!yJaCBlD;Fx?wk+Xq_e$%Qe;sMT8c%CdtuMG5hy z;8l>c{s%+PPJC6_fd@sX&I@X0HHgVb6>(O_OoZpeev~?M_tHv3a1iolHWCd%c<%lW z%b3PJ8_PHVqWZ>J+<-zd(esOLUf}I^#91>4TLMiaEqnmP!WI4Nv{-IA($Fs zX&_{SebMqr3E7}E>KRs;?G3)Y^oCsWVCWviP2Zn}_dTWv$X&P#-GDrzM1C9gs<*y* z>w9Il=DSEDxWAQNYtG}e>%ZG8ig?I0eAjTpGaFV?D~0-7_my||_Wx4z2zWpsf?$RT zX;i-9)`yZ7VyNtWG5QClaC_4AL_t9OxZv*ju*lbqdV==k#lWDy66o1V35x{ zoKNxJ^(u~z)D&N-6f8bRhwX5BD%|h>j1`;*Yk3C2Sj?JNEj(s~bMCST{d8Q>?bE-`>VcN_d z!{*$xN7VzmM7*=BhoiUtS=fup;mMNT5!s?s*X=Q~cH3A+I}3k;^1ZV258Qq{U{`Su zrb>$w^%}gem!$4OgBHwS(!PEFyglWw;OW+(A4)l~^e-3P@TPkC&+!0^LG*mS8`vqS z_x_P*kaSQ@x0eWzkO(iH1`zww+G2mVW4DK(d`bdHww`H$)DZpQ{_KAbm3W<{@|9a1 z(cUSeqL0F<#x6cas?3ze{91*}C|>QIKCGM?5fXspwP%`e%C0LD%#$2v`m$6N>@b_Q z^Jt;}8BGKH@YSt*p8|=>qSD3*HOTgsaGtCH`M8I^vH?brdphg9{Kw1l*x*Eu<~WQ83#zuw!sf5|=|=>@(%*oA9^T?*$=aYpDP zT=>AKz}_`#fFnEA*;@3UOOcd{y-YrJTTl3jA}rp4Hr}Q+gviT|EB~|7M}*=V_t29Y zp*42*vhfXe3#O6XE(Q13Y{RpXy=+-239v8H*q&U)lli~Y78iTF-mz$_Lh{bd;EE)< zKZ>@1m5S_`AK0l(?UEw6#LeBqn*qu9Kaq@mc#jdI(EL62jL9uiaA~}RHUJSVEv*TP zVen>AC$E2eeTZy^(28mD7$gSluI2%Aw&f&Ey-vPlZHLXm&qcSXI~`{q<`M2OsozV2WvB42*>UCLNEPnH}7xRHla(q8s`}IZZqRH zYPtBs++AdSn0G37pteeUqq}ajfX>BK10OcBe1)_mJXuG?tY<5*1xT(vn?!yOSc5_^ z-fpMEEwVA9)Ypm~ay}^+H^LQR( zO>}8sO^0h<_EVRqhTH8C8j;0;e8kri&P`5DJ!HAhd3PtsgJ2R&!e`F!bkMk)i5lC7 zeOYl)+c$DeY5=NT%rl}2CT#O^q;%&cER!zk3Kn8YQ}N(QeO*2mrL5^V)3d z4*oXd01Z2XXsAa?d7a|$^vcT0qOvVD6;wd zHIeX$jZy*Jh@GC;^*en~D3Qq>=VkI${NZEE8Np9)sW)Kp=$4mXhxK)(gW56Z5pnc_F5IpJ0LKqtx2Qi4a zuBZ1>Bf_Jd?Oz7#@?7y7?@(`P6@gfjmV&}_XqjaO36V)Fjw_y6>f6FcU*I&z?PU{y z4B;I3sj&kEE2I}a@8Fs_^Myc_)k`ETj7q#Ky4BfJO&t?z#_FOx6ZY%wXucc7Wuh2OX8uesn} zcXs!R@Bla6ih9VqU1^+-8q-uYJq>k52ylbTck_CkVx_Cv*6)@mq|O;5vZkLHLq(fX z82_1GDbJ!!&Y?&A6aIZYI9TAs0Boi=k%!;*5$n28hjj~WNMLed;YXF* ztX8-aU}sZN(~n;-rK1mwOx$!6>Ecg-cFI2uIjHIBxf?JyaJ{#-$7ltAKx*Pc(OnsR z9YEoRNa7%`c78$m(0Qvxk}7tbW=BqhpBbzsCQ|UVg7i)XL~{{TjWsVdG6_^0>J0O*>NV-wk zxfto4t-p2<)0c`QBd`8^BO$Hm(tY=T8yk@ydKZ`yVgptr&xYf~wlx z6m~N>&?kTf+Fl3ZZ*v3;GD1?QB?~lOo9@5*y`yOL7S^)*Q#IGwvrR?3^N4$m_$FSC zeCp4vqZ?~8Knnr}(Ck}%hXf0vI(Ab$uV>z`diCs&8h>c=>W zuW45M8rxH~Ad3AHay;8t8Vd79B5@vqdCE5W-#Jr=$2fa;W<*YmOmbgf3WDQ}``;($ z(aqfpNCxZLo#SEa7CuK`nsbS;UT7}9>Vf=1mIOpRhXjwTtetX4Q(0FxiW52%f*f!N z#^^9rb8^Tk9TD-vsY&oh1N4+sT}#oOke!fTWuAeNwRL8DmQmJ{_?yJjp>MurHg>i= z>|^nSw8+<1Yr29NSuLAwU#z=B!oti85M)M^?s8%}o8q0fEF-B@QN@^@aV{r&9*p;W z_H5DtKrAxa(iq&bZdAWBF!J&j>;)&{2=d+=H#eJ$Y8F&R8Zv-tF_>HXIXXBwM#jI| z?(VM*_@qjkejs6sZQj7+y58W=hi-*z3IVrvKDYC~$*NEPcT{d$#u8J457F@lMTFf9 zn!Bfa5t1T0QJf+oB2~@`jytb_2osn>JUZANj}0?e$}6f!;lxiP+R?{jSJ%r8j4Ty$ z$J?$rqzw;Gs~T=b5^MH(6hP5PTBDejv~=|eVTV+fBctcRJ*ZS^+3k3{gJ$te3P4@K zTXY?|#T#Cb^c+*!mE#BDvUtJkJHLaLPaN&Z70AiS8FVmSe05d1-k|i;G+JYV=E%Z8 zG=J^9-CBcwMsJ~Jl;Wm(EuWyKUd;c)-djginSKq!ieSK~sDy%q;~*h|h=72E1qdQ} z=unU@>4rIDpeUhI(ny{|cY{GFU57e^f^>Hr;@!97LFSp?dfsP!e|+Ei)_VS!wd9`r zT=#YDy|3M&ginx`#iZ&Qaiuz(+H$(c&o8lgL`>fHl8RaDFvB#*@e>1!1KV6G*4EGW zi)=(fQq!h_hykLysJtgtWYA0;tN4U3+=qe8f9O)AtQ_#8u_h6+(a2mH>|>{2T7C3O zz+qjGJCd;t37|_=l42(A%Umpf;FgmEpbNuv{*zFC*SF*CcNMd%mh9_dA_77cWpq8n zG^6fp#A;X+%!li@Pt;f= z#@QCQqNL(+axHH+k17MN!@-o+LK60D1L&V7w#2^E{{Go%*y`s~GA=uAG18k5ydV1h zy;FSriDMbAq1Tm!M#}xl{i3ohYv1DZ+t25Uw*K-EN>Vy6ver$jk)!vh<4C@i!@Cx` zw!?+u9Hq`TMC@wcLUyf=<7*^;6m3cleJ@oMQ@E~T!bEOxz*ODaw{Kq>kvb-YIuTgC zLrDifClh?wGlQlsAz-L-smN}wdY>Px-lCtUOxXk zlFlZr-Mka)r9-Ehz?tnmo^rw!BU=k8L)6C8@A%g3T7GlgQe3E7;`{peMq8ma@7t-l zptSDdss5v_mlj7h0+(mL+@2F!sJLN}wwx5=@)r3HA?sIztV9tdhOnyGG0@Qk8Rf7P{}JdVHX;Ftm9Cr zdSBsHP)biy=85g5hVT+7KOU)f&89URU)&PG#p_eNwJoZXPLX46khi{lJ5c}QVF(EP z23ZKVBxO{?`+D~)8a`3BvAG2O*`7w}>}cAei1XnT3)zm<-avT~{X;us&b|L>zsOeA z1CUt<`1~);KjIR(CL)wL5lWCqN^-Ia(Ia8VUjOn~s@3p!TifxVziToV?3ftwHAU>P}02*HfIv{@;?h*C;UG2ohHd~CC@Z8=v{}{ zs!ppBx8u=uYNHj@N<(Uns9EuNn{?X-i<$jB!mueW1-%tsF3nw9EFg8MgDjCLM*rwU z%3BJRt~|aZUCHX@u@q{vti{pU#wn4+C1JG#4#t+BvR)2Ny*TsALy}&hlG2ZL<+`!Fs`{(w$r#pL8r)lBRRcj;V zavcWwm&W=UmYv&Hb@|pt)*3>Z7Gd}lmI@Jv3f~yDJxo=L4Rl)*WP8uY>FMcpW~EDC zvn29TQp$^nvcHeW1NQ7qN0My}pS0ch#LC8XhG!JrwwB0{cEWEup*U(yiatC4JQu%& zU%#Ndx~9Wemq7Vzll;QE8kQ3}A`4Zj8X0z}?o*k<`@6+zqt4iGKH0=2YtoBsv>5SU zfx2$z>B6nceA210#ZgA5+HmM74?O77B!FQQ9$Cag(S;c7w8l<%a zbbG(fF>v+8Z%w{&nP}5@9Yx=dDw+_=(bVj9nzN?1>{1nl%J55@7e}N;HU_RtHJr~d z5Rgtymb4U;Ip6VM0<%qM(T;NN3%{{6TrJj}(VzuojY}>2f{oROB}A5MoYIHMV4jxv zcjU5XFza@NcPT+vicILD@q`Mk{M}brWXD0`27baJGliO+2fu4ED?qxvI^59NW$?SUhZhcN;q}s84-@ zA=OcIQ@vkK(|Bg#oWIS|N(^oFlx-RAn27Lb=z=dUBfmUzlOLJ{wK1qhq_o%5j}LqG zEt%>(gaI5k)5M{-0`xk71l>w<%x4Bi7o^4X4-eETl)Be+ybIV#&AnM5p0r=lQQH;U zohZ=Gx8jq7ABwOah!INN{;+=E<>~zV$|NsGa=T^wqM&QzpIGSEFd}!jY@MofrHgxg zxr59gQo!iu+tewK4fj`lbi%l@5m{yf72aOExjBu}`!75~%A{meEHjJ*d+qBnxFc~| zn-`ee-sTnlmAXy85aB^^brmJS9NdFYb+T!PA-Sb>$6hK+=n7aQ{>sk8tcx-*WT5!4u1T(Ha_;k9V z$&&p{lV7gM!V!XwX{m;b&F8}IkkT9Ho^|ybd}LYJ@Htwhuc}&@CTS(6c`l@A;W%0{gPk&8lgN7O-!o^8Pe* zecz(GCjKQQ!^QM-A^)h$a(#MFepSUyylu=KO2Ye#1PY(-GPUD(tRR`9W?spMsiK^W{r3G$CAEeD;NdBk1^RQ$p^eG;!1QN$8Ym zoC_LMmJ#>Tcze}TsTp5FS1Ch8@|iT-K!}YQva~jYU(Ge|elN;9Fvx`3aJ*vs<&-3* z|J#A_Rx88NmBRCjs<)r>TXdP^?MhMb3O25WBJ0zHSR03tWYzpUp-d|Qma6JN^)m(^Gh$YBqL;$*Oxi}uu^CBf zwW>xaI<~@wN zy^81EF6lAo8}f> zkxDUBAoHSa?@ph!oqkhTM;>F69RyOM+{Dom?Vfr~+M@XQ7ic=v(a0M#TJPtP;VBkv zp`^_-dy>ymzGKT(?*1$7u0`BY+nSVwdFUQu5W*YLa3wQ1G(H|$K-^rQP0z)Xgi>n* zuy6It5sY43J8>yubEePR`*qzw>KQqoAKW(Wq0n;1KKq6*rGWt_t?iysCJjip^yOB ztsV7|wB$JGG~hp}BWFJ$Rl4+rTO%yDb_V+I`lNgve!4WlCMw!)IX0qk3bmd$I?Bdp zsn%#|k$=Xl_^`LMuAxlH_X;PA&wbOPE0_ce(-yW{c*jYVtw_(jeJM$G8n+K!(mWB` zRG%`B9lykMB&>{zhT5by&-+mkw&trl+|c(d_ed~ROK7c%q$_41bnRjsL zH_So0hrhz_tH`VezXGaXcJ4dGh=ZCDXm-Qr*(~j|@tqc8nMc-a!Hsuy6fytcl%VTw zqf&U+?G^AUCPUxr1%G4TPW!hg> zDk27DH(w%|hBVGlU(-%FPrTbO{1}RR=Ff87`gItNdtkmv*N`esbfkB@9-3I3UhPNC z2Y2RiD;|h|tfM~%km2hA z>1d%_Mx=nMYAs>RRExO*XaD;=_l5`>#C`Sqo%iM)9cc#pmL_o0h(f1pSX{Qc>eS%p zospR!Ox*CVOzWSKDR6fb~yN0xkrc84Dt*IO~jd+xX9ZK66 zlNY42)S*HhpJUn|d{gT2&Clm*%{@9chw6Br-yRMZ9JyoI;2bd#Ds#y;J)ICFHs3Hp zh!EmSD_?r$WVn7F8;6}0?Sw*!Ko);&Y&!$*Wrt21^Oy7jT*D#laUfO-U(b@0BI^_n&)7sM(sfGTjR~FrH$I<~5afm{8d-5ko92JpK@OSCdW?zdGwz2Xa1 zm7!*7UCYx+$_yw?&1500BU3u=1hQ%Pf=U>aI^{Nph5Yd{ff=0O>*Hx9_u9Ug&*(zusw?JeS%0IJX-cYcu1k$bd4S{pfJ$2ORd2uuwtG z7G|bg^-kWsB&90MD@kQ5mYJ63d0U?+ zdlk+~ynMEpRJOkEf>S76esCe2xHDc-Qbm!$(Du zSHYdIyfmF;TJYPl)K4h0y#e>%os6d}e?#e@@*8o2z{Ot0+!LVHj+u!_i2@OD@Hav-yofdu-DWM1U}|GW(BP zOX^)CKImg_+G=)Z4}d{4uET4=1Iyc2PqZ4=q1bW4emLwQ%A|+r_Ml<4q6Z2uHOz~WzZ&McErc=E*<@ZF9VH!wQoIRYe%zdER@8z zE(jPr`MKe}BqA!}%s73&s*l7kmdZtM#u60S5Ij%Lxhomf`4%&UFv^LnWJzQC98*-F zGMS8=Q!|TALnBoGW9PBV%D7y;2tKdM&#%tvcV^tLeWJjKQ$>4O$q=D}`-9nELv}V{ z2L;&o-Z9G45sIxwb>78HE~1Q1ZW3*6Z4x)OuLVlq(}mxSW|E8@bC>mz$-Zbhzu&AX zz(=C`^ZiHJHA%|UxUx&qCt=UczxJ#MhdA$7|BeVH5zXjWc~h9Wz+==9?)3G!y7l%O z-a(vmdUDWsSGBP{T!9erG!D~M|Gk-Gj}ZvQ7o8{%Me4}I}IYDoAFo9!^r1J#8Rf2gXEvd|X zy`sWivZ87t?U=sgQQu={B_7;YCVxjqNB1r*jSKL715V=GaGeN!Y8I$nP8!TP^@C%8 z@zZ$Rm`OS}C+8-4e2Z&5G%gMxQ)!0EBlX}K53ScDe>E>OMg(j8=siSzQ{qQ@G(ipp(#k_=S3O4 zMM8qnu~Q3@CO+^XDU`?N=JF}B;d*+)$&}K|)=fDz^Eh=}#^Rl(nmwq34Ee#zv(iVm--d})ytKkcMzqkN)wXw4XMf&RN~bV!t^nz6*$>L(@!bcM(o2^$F2l{8RMqht z<1VG)HROJ#ZcB4h$yNrh#%G0+T}nlX40#`87LU#?EIb?&KeX+kt*Uv#%!lr@e)~zP zL5ai9`JVDs{JD2u)2W+!#MnTaA!l{??0u!W$Q73oA*=g!x*43%LXhr7Fn{%cflqTw3*CiO zE8h_WEv6@u#_+7Brt1>h>qRF!%enR+F@ARD5xw53|1};PDLWEoRWii{cV zxwtEO(MXrT%)TiE(}u6bb0kp-#bcASR@)Q~#&gs}{7%Hns3m;g@kN;5&+m&zU)W>3 z?SWaGpt_oSG|2{~Jm$(CEp5@_nrO4BvO%GdLrPA)y4273GTvuA&R+5>v1y>Jm;o}v(YUaPh3XHk9A_y=is?hOM z195c`ZQxa{a-Y|U4^Zba^sWTrw`$6C4X);C>Y)>LomebaM+R9Ka|gdIJ8hrK{3dj^ z*nsPevfulfkLS)PFZJvdCi2on8o-2=Ap680MEQpKb3BnlWYx0ULElzJ%XQ)tPj;Q( z6uq#i)Fk0UeQa4?LYRYLs40y+8LB?fYUbxD(UIptmK7T58|)mL^q}3N_oZ@m&&vA+ za#MKSjgy!3CvFec2zh-IZ=D5?AkvTpa%|H`Yj;k6_J{d1<0=oFW?H6wlH(!e^s(X7*+W1o%?X1 z!|%DiWPqL4qa9)Z?h&1T=wO@+{<%7oO7HC6;F#0wTlG0VLSkiB!tm>t{qm~x!sdc! z63j0q{4sdy@vm=z=AsTb36pE=-nA_@j5vAx)oxdU4-`U@Fw`K z00n$^VN6|k*LPWHrTk`!XE3zI8+S2_4N0l|8hHJ6X^%_$i5Nn5{GWaaJ9fXVe^u1o z;p*DQ^E|cP;n)Dq!f;*3nLN)$7O((BL1?sSJ`b z!?Q$=6R#U+u9wjL{maJu?R|JTuC9>%JA43M5swETaBM!F+TjI&z1QRinKXZ}+e>lgky^2TgfsO4|3*7}O_}$Qvf4uV$-uY(eviq6%lK|m=e4Yf*NOsSJ zD0vacqx0ce8VM1r$o|QJF;V{+&%XN^sp9mnqap9mB6Fz|pew|$tt(3v?)&u@h}r)= z-2Y*%~VVNM?PG8!yB6*mB@~qe42fJ7y+zf_;2jjFT zc3p;pDZl#{ZGIRLS~}H~&Q+Dpca{H?7`8Q!ZubR^rUM>qczbcK`~ zk8$Ar==d*+UNk5zsc!S%egAOhK!49Wk*~Y!i{!_p{H6#UvD}EB>b0qOGLR9MD1>EJ z@!2JAk}d(82xKUj+Qm!c3*KX~amtd^)0o}&83$G;wv0DlfA=@2)YJn5#*;|S@Ui~l zEYYTL43z64KN!wLh9G{1gaLIMlcb7o@ zQyfK+%Y7a;G1|Gi&IfHxLC|2AM=gl11%z=nkkW-|4iu`V zSJnwq=>3#{v2u&gJ(hAa<1*QaA}}-dX@!gaQ%QFVS)&{4f4ExvG~lbE_Tg*r$`4gPBe;2+G3Y%j^gUxecEVKVBjd*HvU~)9dyse1~mx!wCoeJQy}itjs5VK~cDqC(NN1pbj-fxM9_un~SLM(?V=*jpwg`!M8% zGY4=yPq?-tu)zqQ0)g7+@mIUtF7jz68RK!!?-R=%tx2M$ea#UsS}?TE*sr>H=+v*b z_MrQ?K%JaoHQwBH9x9gE_19Iat-W&gYY_?&vXOo4xj%J6VYBg(U2jq*slmxB8B=|B zo!sA#sEzVPC1_hN#H6o^9xHH@f;z&e3>MWszwo&SyUl(qsnvDjiPZ3?M#O zAXQuqpoq39r;%DJvCVoHNTEeo@zP(Pbnd-=*<&%IbLB>uW3AS?GxE}Cs_VJi()tt$ z((LA(KW`T}FX8$OhEMIdC~eSMdvM*|bW`QsUdkqldr@D;4y#>9Gxe^{sFkE(9-mEf zOWJ$b-nwEM@9<;Y6mhPHHDrk2%_lT8RBBtBC!E89YjX!7*c)(@7)H!Rjpz0ea{+>X zVj9%MoTIU!VPUbEnLHGcL7dtge{x`QKGd)`wRF?1h%D*Zb)0W(Np=F_P7Bw(#E*VW z5jTrT%j2hr9UmWmx16e*e>6c_6tj2da~#OUeN}A=O}~EJMf5!RcaC?8ClPN}h=8ZZ zA{dwZkDQe6d+zgtC-!pqZF&OX$Ho`gE1cWmOrwalspD); zBTFO*cap;Kq@bXnluP54>e+gq4)d$IQ(OWkDCxlf)V(jSS$On^>rV3987~)|+ZBz@iTrWdK-SxhIe$|`5hZmt8 z@qCJsi~17Fqh*VJ$H1Qxf~riATpeQU?Uh#M4huN-Y(g&A#^&#qY+|FVO(lJ5Dv#6b*A!_Eks@v~#j#qV`wKp7 z1cz^Uyzy)2viB;hm*T~-F=aZ;L(uX{Jo+OUIJ~iXnqgu3pZ(A9!1T4DJ{HtBe7*>g zkE4$RsY(B7e2_?bxd(HO#syu_4B9kvMl0urm$@HjmaivKXU@HM?Xm!$0W_yJ*S&G$ z2KWUZ%mhm7ivD5`D&U;45!+!@^E8xFL$dJ*3^=5jX{Gr1_zls>2vLBq{YQSHmw>Gt zyapRphD5VQ`K35P+;prZK67-b10{v38|#M7{iG`3xnd6Fh=cUM#OpQjXNc1Dv!*z6 zpg`c$oo$e?J0h6FvHMfR(FI?45p%=K&<_R`p+>Yb%!sE{1zw~b*h;jGg0m;?o01J&wy2coEh33?9EZkl z&G+$;%?Kp*%N!6t1WU41T&DU-9MO=)t{CX?aTyFGv@aQ01*dinQweg^o4Sq2GUX9p zAcv5-CRkzO!h6vH6GSjD%clSs)voQ_a1=OqvF|?Rq2MG3<9dF63%+n1u>qf%un|GA z+fHNvF>k}WgF$aE|TeoJJyo30tMxn^srF++8M1SNeFY`bw^R9XwD~ zMQ?SQR(CNX&!KpFxw+GWFf~|l!dG`l(W-QbX%2?C_|E9KS(}%w8LH#evkfaP@_YO4 zmv8M`uV#eaGb7w!Q$(gTl)I?;ah>}Rp;KEt4tKz#N_c;!f@OkTe)zz8VrwK#WRS-U>#H8Id2v+NCWc?)C}%n&j})PG%~;lTk$Zx*89bisRQ-kg=($H(*5JPUO|X)a^*u zDF$JW(Hqu_&625hb&8~lBM~b;`6vtOoHY)!9*~m4Qybr|On2(*<@Y)yXZ7MOtq|^; zcOqMdh?+*^K?!f>@5Bdw)NHEEf&4vq#@?0p`;Jy+Rx{8Z@SJ~Bi=wl4aDt@87uAfe zSD*gIaD1lIZQ-PlopHMX@F*S#5MCLq%hsz4$sJJgI{n(+GuDT{h9jZd(_^K$UlJQv zG#_04EK|SQP^@TNwcLBVkI)}de$T`0q1VwWR#9vDUeof zTH;c&pbPOd z%|Lux$xnLYhP6VMe<|xw zSZ!-wnJ(YnTJ7!{seow|`m3|wx;m8-?mS=IT%Pf-5%AZr_DziPIOn@MX*B5CUwWm1 zFuXR`BEwx7q-lAIHhjBY;C!jdH{3C&%)y~`&tcvuUwX>|o|dzxT2(b_%LpEvqMqMh zS+phqj9$xRRr4iOUrLZXlR$YMRSUf<%Pgi;@)Dj;q%(DF3=7m+=(i;)%!QeyO)qkp zh~GnWJQc4ZK_dGIL_$m{3pqrOx41f44TDsCogchj^kOpKeWY_)jKi{9#4QBl$7di>U$#~P_3`(x=DtTeS4 zG$p;80*qWe7bnmtCI+p@%UoES0iexDfQ=K4}Cr_h4wwr@(f4A;ikxKrU4 z5>YzgyKPf4A~N%Q(K3yq+*YB-ZK2-!1KCJ*`;40re=oHdL0!vv2xZ;!oV5Z52A&?9 za~0c~lgsiS>#=R{T`5~BRR?-x--N`|?8d5Bk{+UEtCg|(!G3Ok2#-)Ff15ATqB}N< zctr)6!-x@U`EMX&$i?pAi8^9{Vze+AOY@?b?aj|zbCHha!VOmjlPxMRifke+Tq|8R zFD~f8e05)#4It^_*Lue5^yvc(PWSMQOdhMRRtJL1sAxS1n(7Af>yu^Gk(pEc_>_4D zMNF@enBxPLw{Nh|Tdn{T3n`d;I&oG+Z|40Y(POmkBOg;j*-?@g)U*BwJG=6Q)qj0V zF8!IVj_tL=hnz4iyMhclckN-S=Hn2LyN8W23x{Z{)^VTBDtyB z>)V5^QEPW-lC-zpL_O%&?FwyaOt>3C)GOy-Zd%S(Dp+jb4& zTZ-S5J#1@MXXdk01UuZ2rNgtAvtm|>LV%IHE=r$O}dF;fw zl>8nR!l-5Ot^P9i?3q+ff1#o8Zw5XwZI$myqD)_YGxRYk&9|eyyqAz?Gsra8)p$#` zzie)EMz`G|lKo}3Ng_iqekMLxho-!Ix~O1HPQc(=PfdG(5EKXz7NlmTLEo`Y&+j5C zK!FhC$5trivJ$1lTVQ?L2V5tut1H6=(;xWZCq@@y7#zJD-Iue~ne9OXs(xz}L4AVt z?#sRV*2`1ZL|tc2V7kw_&mWH4+8Egm77?9UDJNKjdw$5*o9xUTOyYJsLqAC0e}!Ae zeJU4N+}*}1;fXq4z2d39(_-%PhvF26?%s?l*kBdYu`Ep{kAs^+KbK~auRS)UX~LX) zeUCCw$QKnFwjtp@ED0vocT0~`BZtkyp;8XtkiB_!!)BrYkvmZv-{)6xDAmdk9EVLSyU#3 zS+4VUE~AyXMn9wOq>fX;0Tbk+7^Bt~jj|+{BW$NT25WUixkP8TR*Y^Wt}tlZj2Uzl zM=3rGVhj^-SscwXSvVATS7_~f!Ajq@;mkX_i}%De`=<}akdnE#b(WHG%(6KN;H zE&`ha=f34Yv}@R;qG9fkm6M~gYsO+{iIqD6&jVAES35;rtM}7eo|K{C_ATGuY%f@A z^z_yDT~nOQBuuLZmv0Pl&-pBry+yT6miK$8J1s7@%2l6`yIQDq(t6-FYxSq2VyBHF zoh4`-;vGOzOw5M+66WXTDo)5%Xqcr^iKjKzsKhottYla7CNyH(1O7@CS?Lxo7GsUF({pGTtlI1s zt|DKLQqm_e06RDEROc*FAL4*;5bDDj{O?3qDh>Y+~}I zEP~N*<%`^Ds^aM)Gspl+^bsRN1?xDd$CY==MuCad2^W2kB5K=BvzRr~?b2Prp*AUM zwJ}>5ZCT;kzYuxEZ?;-&>-NTYM>!1W=sfGY)_U2sA`y*0{rQ0_|1Bw9I?n<;&n zUK6$YrV)hsmxVII^b6=*e1_iRjV%9{zUsig%9o?QyN((3`;k%5Jm_Z>urv>U`0>!3 zZ@qw(S$kKgWzm@2T*M2mn(4bP75#@hbZH;$Kg@yK&Z;^ik2uu7upK7)@RBs(ZyaN( z4>5{JP79hiPP30bmm^b|@3MYX-AO*v2fs01bqXxtF5j?;8xP6t&=ICMqq1>XK%jb| zv7B<>fg{iOI<&H9AC2qz<)kSy@PTbJBq8Ou=MGL7V`FUZCbYm|Cwrcro0c)cVH}eQ zLoOs-;&i%KycwrPWVYq%!rylDRY0N?g|>9N2c&0oX|aDked&Qza8=WD@j|#OLp1!N zM10O8_PS@4!%iyOTf_qDo9|0{eT^5 z!UWjG6M15=kR50A^_u$sk(;X<=t}Fr|Aa*T5snX#2cTTPbA#wo;DB5l)EKKd%+aG9 zRfDK}7||K~-@3VSz^E_$l{E3+_|Cv@$MEYwF#wduAy0|10p%k2yG5>Z3xLs-`6oHM zz)q0n-`I@C@52aa^tDYXDc!31f&WM(`PA7+@7CWafRGEs9>*&C8Cf-kIAr&cCS?$d0NwrgS% zeX(uZ%kFbO^HszqKl7hdGw z9DEZjSzA&q!=cJ+{wAq^wF!<{{o2>;M~=%gAPBObVBbsfZ-S@<)9aFH*I8PLiNB0$ z-?ck_t}yPLyb`Er(9FjMK4ea~1;efRj>PSoAX=0)bZPqgK{N-c_o28J;n*M%yK9%r z-HZ}d_|E40?qyn?!*^dO8=N(E9_m9ar)w{`H_!T>C{e;H85{;c_=C%v!}I(FBGTZ3 z!$yC3eVr+&PDovF{Vv?)8auxhcM;MW&wJ45fji5K# zxgHs&fIs@{KXqSbz@O?q4CH#puSC*VU2do~OY6@uxld}#t4D(fI^=1J^0`>K^3;ZBMRTshBKbeU1^@TUeIDJ`a-iXPf=PL;CMI@8 zGQN5V=i4nrf0kBdNQn<6a6f7^zjDmEG4)5F=O1qNc>re3ps6yEbZ(K`vG{9j_&tgp z%Jo`U9v$6OV6cajc+*M;zE1*vdxbZCpDFwSJiy?uEF^hGxbV(eKEz;kk`($cgyZNn zM~NM`;*0?5mz?p_P_KT{VbL`f;=bW|j!IP_5+^Y2f9MLU_&JCr_ z^EIW-Wi{-Z9&-#{Be^1eleI5yBP3wQ0X#H7>Q`9iE+Xf4^A)lKipMfnnGQ(SnjIbC zlXUS?CJ*oSRB=mJCXZDy&(8W__SA}TpTp`c9b2;>y61UdRfP=y4Rg>w6c;4=@a|<< zf_89V_W{Kx%98PiCeBTs075UVwRLQ_1_y9+Qxm28`r>mInV_57TbuZzKa#7eswPJm z+#&1=x#Vft>^~xOBG*9`JnQ@6_aA%^Kv1dy50d>F2Z&6d_dMVNYqGwSxmcE6RMNCO z1GiL&L$=c@nfIOLMx=IRakg)H$$U+xXZhwkOrfA9guYi-_a3+@BO|jhla zYOCKAeJ!)Uj8N5?sh|B#$9X8QU>uvQ_XWJw;DKGOxOSj&_S+}nu$o5rbcP0?DLJtJ z`_6Sjtd|O&Zc-wTb0sZ0E|tp_P9rld#Gyf3-Wh*uxQ_{CY_HtE*GzJIMd!Ht0lCqZ zk~O=cjrrQarW;3nPVpL6#QKTQY%hE}T8)G`q8$59F*$7$V)OF&x13sKyBfv7aoXjN z*gEFL_57Lj{P+rO$KJpt;f;(>^Kb7WPS6y7(1%T91$c-%(F2@Q+XnCx*&AEAxGD)I z2OEFXO(ZlyTXU8KFP4_xG@ev+h#*mZ;qC>e1~;LS&(9f! z$pt!v>N~C^ z#<_0cZrPT$*7w(NZN4>mRHXZI7iU1Xbu~kF^@0zb;3bMgiI*o|9p?4i+He|+4<1PO zBxuqo%f7wD66rSoWzyP%J-o)f%>CPw%oQEi%EyO>lE2qD>UP6jyk~%D^8cNtl8jdV zU1RyPQ^^`G;+%tUSZW-@Qg{UhV;JxdPmt397_;iHFxmA`z z`>$ny$|&GbIbR`+m@XlYD5c&a8uU9pTAgU-f%%*?{Ahu>O% z9}%Usx3}*Sj=L*1mGdKRDjcV%7Fab86eTVPUdN@jH<>V5_HQL=21slvGCNE0=Y#jA zv~2wTHPnL{N;wi>io{K-mla7Ha6?BC;@+V{EsW z18E@nsD%)xG2El{+8+1PMKx|k0tYnz`ekq|9Ju)4xxMohL_G=~R`qD;v| z0$yZ8EACe;^vSJTle=8MVRpHEHQ!0U%glKy|NpVxEl7gt`3@@5t=b+!tU(_PU!N^B z)?ReG+4@evQ%itt{fLIZ`Vk#&)29}6d}ijSfC+zg?WIH5lDIWouz`(5BA))KKam{_ z;PvOYcj`xWv^bLRUUaI*j>x^pspQX~&|aoHMPfDp;u;n+Ed&t%I`_XILkW;MDtNFK z*~Pz?2Fda@ru#UNpKFm!?ZX(<233B%_2OMjnJBP6g*0}bAH_5x;(uq1R6z(_4+I(_ zXZiT}niJ)sCU+&lyvKq}nBK|41p9&nQ-VR#BE@eV`c8rwPDtSNhlbTvf#u1hscMcuam)ix8uBq4KL$mf*?_GeZ0SX z+Xk)t#IiS!xU+v*;y7l1(AZgUkbMNB_Iy}mf~(%$dZ7oQ%;pZ^o7ivUooDxwpkQwK zJte4ZrOkaXHvlD`7$K}~xrc(PDlJlZxs}9GbQCd8e?XoM$?ks{Sw=iO2i50NNo--E zAVqwOt}>TS$(8l?wg-Vqsa7SgYLc+>RY9&{;zbEZMTCD(5RK|_ZpRhgLjO{Af0=Qv5_!S5sqi~Y)bQA$d0P&eW^ zFpE&c3x&2}D2eze!j4;n^0OqQ0{Ok>|9P;zB(*>SiCS!d$wAWF-lFb+kEUazUr0K7 zw~R|xYd%`44|JbBP_2WPoenCzb3K}hg#DqkF1tVc_qfJ==tnj%RZA73NF#vzH@l<# z{N!$-qqKqFgqa130cB&dFG%U@@`0!qgve0!2KMf%K2u1c>kU{cf+`_OHi>BW&jA$i zihFQd=T|oMhMR+bs=_dv3&B+B2ckYjfmB8M31W$#Iq1@TMEh4BTUxa2M#)ZjqQ}2-c&zI%>E9SJWBOOyWG-Y2x{%3u9rV6Qx|DV!HjCLo3 zh&tQo5Zq85k3WNmfrr2O6$K6Vi}EePnA38l>I-^fmQvO4Hq96p`A6dl7kNKcGY z{y;_PHBg=D?|z{pvVGVhTk`uhT3sKA{N1V3%*lyc_>I1e+o9X#k(%e!F&2i7dpkq{ z{}@Fwk@_6;+KJ#sHla?+=w_(WGxyat(@957dv|VE@$T3f2+mxx zLGlSiMdlLSdH^GNMYLC>JNvZ9;@aP(NyV(`^fMs^Dz`g~b{E_nTvS2iiHP9D4u1yT zz)8|r7ebHGz$VWGNYA{KMk&z0)Qshv-~~6tudTbpBHxV+<=g#T6*Nn2=s>ec_Tb!D zwtjoh6X$w9L!S?sUsjuWoIj2NN`qCIe0CTNvQ@;NY$|9%AWAfZJKaN;(O<7kH;8Eq zcTTVFS$mH9?p zq5$4`$Sbn@ci{B> zBlOSyLDQr{ln}Sj*hP!tP$k6v|9+VdN^#p|@rkjiepAb>*}%HjE?1C$0_J~8>sE!r zp_&u2yt{UP5Ym`?{#g!m-X9xh={Z}NvUYC5$5*z>uO>g)Vb^{slT7zgE27*t_;(BE z7?Sexspgbgq{cKS88PU0pz*KRE&RWxx8hLWd{tl~H$>3rTAhc5Lfu<{{&Ugh^fLaS z%lwr|G5hovXRq-%wE3%9)y*cQr;eFRi4h}I$l~HC;M~~xPK!{$%+K$kQHPMqWyUB` z;Yhb{ft)XEM&4Y<_;j2)750*eVIQGmr1cgtbMD8llzkB3`*ut00{&;ouU&7`tK8*E zPqrGChRQAE=f1sYc+)($xtqs&@)_4s$B!Te@r3_1{RdgM=#Sa2yx9X{pzx^Da!xC5 zYb74LvA+V!kgEa?S5fi#Hv9uXR3Pf(!{gk4!HiixK%6{w%X&LUt-VdF?Mh+8Vf)<7 zPeCUhE3!0S-mPVnA{FU)xu*49Ct%ZH7D+0C6Y0^~YSL%bN<8Ji2E*@?g) zoj+Ev^8D1?3L#;*HK*1>GzYhyxfExuJ)I5)$gkI2iUIEVQPE4gRFozIbk%TB!E(Eo z{%|;%HsjeSUwz5L&)vleoT1YBd#lzzF&7Ri4EVM^C4M?t_p6UUpW5b&3=)V@TwVHj z-g=Y4Z>TwI^_;86z1B|Sh*y3oJ|VjPTq4EEqipsnPj^7L-tn$Vjt$yud+XtyD3Nr{XH|ZTGz1Uh1%&(HfeXv74#{e-2rWXb!>By)taG zvGm&vFM|03A65h&<%^Et^6hlT|5(?X`ZL+xLT0R0e;G7CIx$v${;5)BLp(8IAL)Vw zH)(evks^BeKGNF=+I1LyXnh?oLnhA>$gd_yrlFxZSeB^sa@u7`-G#al2s+SKrs|x$ z4Vp?6hif;yudJ=D-Bz|VvHU^#3o9Qp5$EEFn#D1%X0ekqpo7-B1x|MwF0GRb!;O9( zo9mVD_wK6^&is)nAFWB&619?EA4dD=z~P#YNs#4|l%DRXnX8=7Rr6p6ai#yYbxg7x zvnm6wrR6nBqV$THiaA)-$yV145gi(u5^zGMrD0w8sZURj)H8N;lzVRHnPPed2{lD~ z9_4BKK?Ob`;W4dr|4&3~={!u$S&pDK`T2MwM z#n;wB5!Zuwx0DOS$>S7J=4Q6Gh`$j!EoJl+$8oq3@^;GX$T8l6+VqG^y@pKXw>Su|fDaOiUoP*^fHUa8^9e0Gg}gs= z2BL+?z-cm=Wx!)M+BEsf9r_ZKP&g1vz(%ovg*sASsK{i zTC7Pr4Y|Rq_eQLP~9$L0bI3Ab9B+ID&$4?H`h4An~hT#X;(c_S-&NfKBkp2QB z{G0p#t~pbLm&|r`8#q)=EBJak@OL1LfHyfue+rTJ;}C*Q6?Nq$-cOeZalw5Uw~tAY z$ED+I0&UB;mI`J+T2%*Wnm0T6s_MGSZp=!Gd4D=0eEEpb?EAc##M$wr*z%Jjo(m_4ZRQSY)sKg~Pqiw+N_Ea=4ytw7&HcSyM_Fc%n*sXk2~E8+XHRZdKn z8O1-8cKE-R*k}$h8@W$SO8KdmEDLnlS!7*xO*NGz!CXC-ob+}l-{{A^GXOh1@KAdO zk)oujkOa8Ei>CHoieK*giL7`#mYU(OOtmRx4iB4lq0oBkuO$L7V!OAkKVbeyZV?RQ_Prr<82 zjO{qh5N4I9?uBk|iI;)k)hX+$w?+njL z*EcK(iYS60B1o!8gOqfmz)&)PNGl;CokNEKigZe=%z(6Xhk?LQ(j7_;EnNfO9-ezf zyr1`YkN2PNACBu9XZE?zwO8%6)^Dw?*I&*uc-@|9_ZBQ2Fo6WqiEY{FxPY?2KOno= zfay<%sqj|4GiX+Er#nN60rcY19lzWzv09HVSSnq4=1Kd=0xh=ZdxIft3*D6xH4ayb zx-K&6)KOQ&0E%c=tgP;UsXuO@iq*8~CljV>64<{^Q;;#W%CB*qIotu&u{{sH?t@O8x@`FBS02?c0ZPni^xLDjBI%wGBJ=2yL zH(CP_7lcrTy@|8O<=gr#-@?RcG5rEzHdQu(cTjoaJ3r+*yGD{Eo_tR8)PCc8>p^!4 zxDPoGZQ;VpVL$K9Dqv(Z3P_w>dB1BU^z-Qjt+KkUmV@j{b#W!Grkc- z_X`_ugUoP$p=3n|iO|^9@uNf1!tpK8gbex~WYp_)|3vSVFs#46ak1n1cd_O28&*}r zc~w8`@@iZwxZqAlZGt*=OGC>TxC($*18q~(Fq zf$r$Q;$Zdcco>>=$8E8)h1+5EOKR(LMA%}X)s|6)_cr=r>6Fyb?vc4~McsP4*j-F= za(6a0tb=ZMcjr6H#h}vwDU{P@e7F|3^TU1I+H*y#ux>iGuF-Ya`%wiXuICP#^Oef} za+z9Z7=^m1NU6`P*f4$osAc}n zLMnL^;7AiOK!Y^U3J_FUr|isATl}C3lgwJuaAFJhSZih}DoJ&nXVZ;=?!g(EQx7@D z8ob0GEJmG&Lq8X-tBE!EpY;*fS0^^~*;-F+Ea^YIQ>4tKo5c=t9(wCBbq9C#r}c;p zBZo01`imv~De?VnLPsLpJAGxp-@mvR{OzKIK;j);y6x#n)38xkSX$_wY~K+>+31zo zl>N;Cs}70D^;D@s8+Xgr%VxP!k7a3{TH^}qd6PT%0Yp}T9uVm_RamH@_E01wXGogieI|MJXh!d+>v5Xw01rDZK1cX zTiL`pY%Rc1q4IG1f&W?hVAC)$?odfkW$c+>Q}~{L@Mt55103+7ze;7M zSl!;s2HHy|@6BMt+#7uUP(mo;LYm{tQ91}fdBPeqGm@{w8LZVTCTnCSSpNRLIk~Pt zPdyF}mDjU7t8ioCWnuQdrsMyhx=%>mSGVF zmbF0##lQ(L2EDXEa=+q65qoa7FFJeCQ>x-%t^CgqDYFnt!)D3KRdTeJ}sU~4{-bGocPidi{n3N%V`_Nf2D!^V2-KxIG zA<&UK$ENkN0K%!on+N@9zQ@vG?r~s4T$osCH%t*xld-y(knKBKng`8!eD|AnF594W z&1RoNU%W-JOUvl))Mnk$zLeb%ExI9xm{U7_T9VCLH7tJw6a@Y5PCe9;Y|K^V0ePRz z=W>Pe|8Z8NNkOi2bMZIjJs$cBlwv(LDsEA%!qy)kIM)Pa%!0zTNdUUu0?2 z52>|v<0g8h?ar{}*tX6=Pj}Jt@Vtt>`Ob zKw&s8VH{LpG>37>d2V5;Yyss|>(-^xw*a#8xT3Uy0NR{>+3I2E=OXE6cN61`eMBzq z?D*@>C1jx;7d$$u#*;_)w^Fqv%72}?R?S7bq~x2TtNa-F=wGXgv3ySE20|dnT&%Nw zoEt6?*WPQ{-B3$5blp|FLO*JccER*@SWLcqmVV<+j>mkTzFpfGOLSJ0V=4ye(Js1R zH8^?DwI6@WMx5=?XJH&u_VT9gaQdjEMEP+Ks5Oa_xVH>|5N}C+>;o4yJeIQKhVnoC zl%CfgKXe`OSdbdR&s6uF`MLPVbs=|q3+702_4e)d{U7~BsId$1^aem-N0D%^{d~7y zYnxBU^SLlsx}DW_u`={r>9B1We}^as0196{eP+XVcy!ES#oGj&Q%h}Kp)|X;hoMVv z{_o21Bkt^K2&K*v!>_n&8vv=>l9d77*@!qok86kOs({uL1CW9MN?u|TQ0)>=e?I;^ z+;IWGeo9PwK1J9Ssf7i!N^IR;kunol#MA`QdkS2^K^_D#w`wP?D_FMz^m;)M!MnJT z8qB@PphPiB@k3XVj?tTB*Ad=BfP(okEw$?~%(UcNk2kmvTdvqoQS^PBn*C0Rsb}mc zwMHzgsN&#A>X47a^jb^s&qne{vfcN0^`!QEg2)Twnz)q*hvb90?p-fdEFQL`K;2M= zvRla(YLdiXDC*c5HHsS-X$$7(U*Wfqn*CEdI&;e+Z_}s7;&64bGVdZx8Q@*p9G-eG zL`d?erd;QEkkdq|I7rhyDv|2FRZ-1nlTd6ssz*OOm`@qSgRUqjTCzw zOPw_G89Hg{N`u_OES2J*B!loHKj-0U$jWOjXie0n|iU>W~FzOniV z(>CAT5;IUw8Z*6&=p5)`9{%vjE!;rYa)o+B|LD*k$seM5zOp8NJJ>yMwp{J*xKz@w z7~f@X))fB5^=XX)JF}p6soglYgy$HG%}RB*7YIFhcV*Z~xtp|JEfPa+sl3|>_Cjy= zZ%IRPZMLruA}=uTLfca$IP%*PQ1&unF3Z<@v(U;$UcX)$j2nNp{{UP#%{727gat;o zTg>F>QU!C_S?m%*A1usTcVsDy@lH`Gq6z}%@0VKZ#_w+>;TwA?G%kP@}EuI66{63HsVgcJPFYx-PzRuA4PNc^{!2J0wQW z)5fKV!AE!ls*|q>+)`L?s*-~YYrarTtmVH$$zfEkjFhNzf7-wRM!p?9ro4I@+v}Zd z0JKr}uki`SO#eJ4f@?NbP5*w&6ANDG%^6BeXve)w@P-nusYvB#2_k@wy1A+Ah?4n;?Yn>|U5*?&dC?Xu5*DG* z#gWV?hk+_sJ}BW_Hh3H!z)ej}-Gy+n0IfU{r#DbH<9SU376+?z#@x^@`(9zRBGRL9T4I{0UTLIco~Vo2#Cw0}lJOBaN#%q5LkMUS!KI<0VT7i;YmtJPx|PJmbptfJ zCt?JDK3oU$2-rE=#Bnocgow(;!n>F%$RWFY!CeIz>FEh{yfj&J-f{&61+LSRjlOZV zqg9DFb|sG%HTOHcO6#ZE2JMt&WuKqBwOpPSqLr(sov!ZNORtFPbmzCIxdn#ilDqWJ zRxao@rG<%`jE6+Qls383LD)eBjCg1(0}7F`-^eLsS{kzObhKI1C>B`sckU?73^f~y z>K-th@j&8Oo~tMOPG#N>t9BtKh8HjD7^BsVl6mDe7&3ZECn@$ z>U<;Gu~K(57M*?n!*lVixf=lU8f9R3xYokMhpL#Jp7`=&#%YvI@V&1T;2_mJM?hG; zIdB_~V&kdf^dLwJ2=kbIm3d^iVzS69iArVE&kx_Ag=WE8Sz4K&fA9K8adD}J(o3*AI5@=a zwGD?CZRUCii+zwf-1)Zn9BM)0?e^+VW@qhDqY?U5kv} zqpI#Ka;@|`_{@;{P2Kxcob^I|90mZB#JH>3800wx(fphbz;JkpF6HWx`Lo)sJxX<9meeXP|*Z0>N z!)&;0L2U)|UjCO?aPQ;imkrj)BZlIpD-to`*`0xw-iI9ZNCzEHE3OBC7ieu!h6Q$7 z1S2Rbfj3!zhVFH=PPs)9$H|~5KnKmPMlR@TUG{(6iiH8nwjHzqE}b#J>!$5jyT_5;fhQagF*iMW}fPM zkPBCiYp+1=eCfLV@)Y1=;`+O$O;|SeOFajsEe}4wO^ZE}`c!Zt2ktIc_0|0OE!vwV znB*|J1zPeXdYuD$%6@Rwg)*6^Z0-Ujm%(C2?x4Y$p1bVyo-XhzH3Ct zzaif$1mg~(To(F`e;)q)AO{}>y&t524UFwK@->|4Fn+YxmD;$oBTOykn$rVtzJmp( zff(NbV2N*m`;BYjsk1fhW#K zN$Aaa+h#Aj(Cv?jyKUD^%dzTsYE@v00XAU4v4yKl5%_Pd7I#VD8x|jw`|}*TLxh?Y z)@NG)BwK~m%oFsqVjcxRH9hpKR9A@=6@_%}&hPW_f(wEux9w5Br$41V2Ll60g&u1k z`Jf#$QK4KURn{FFI>s^6EmE;(14*J1Z7Ve*BO}eW^qt_U3w=){MQ@FgfC<79p2?n` zBNnpdLgQ|ujU2Mu{@lRE&2cpC;COu;Gd0_XIXzn~^^hnYlhY#PK6L4J|U^`1ne|yua=hNf-Bk)_*r%+%K_bn_fEel~Q zM!+~h@+RcNzI2<;aaS$!dFon-)4IeyPg*P=ddHK4Yx#%H{abcE+ zorn*1*?|q~t318%VtYJFBTb=2TgQ<31%n%-j&a~cy2^>ywLa+mmcgRtwXv#|ftD@c z{s7O4BTXTs6_&GC>%7!wxLj8k=ZqQ|Tw4j|RS%8aL?}=oE9Oo z*9Od@Ei;dEIGAoqGj4X6@H{NPFS#=z7cczF(tY*AuaEvp9sA2s`gS(VQ5n^oAoq|f zA<&h~S*e_EJYKtXruY!_$YC+1_f<(rxvc?aINd!>Kial70=GbDq}@x;8G9jMGQ~Pr zYLlpyZ=_02adhX)PvEEz!FF%ny!kHe7jUncDA~2b!EjtQ{n8xqJ>U{-j31S5@9w-~ zY3+3ISovA)zM?2E|I*CN?A_=cxxfp&3jIstb>qQzTSBhwzbv*M?CSB|oz8p`*wNS$ zH~8W`m=KYQDg&j!d}gask6W8G(r$|FC#m?L?sgXFZrV>}DzsT%QJ{K-Fhxqk0YBZGOne$m~qWzDyQ z>r#~y1GUw3Qb%9k76QLqx6myDt)E=w9P!}Dk{JZw+F?o0*0)9~3f(%to`3%1fIV~A zTf(z>luq;=`qsY+gch*oKR>3D4*-ub$gIl9{p#sjNZkE!PNW+z<_IWH%MDRw}{8C zoFP6tUa#RW8dQydI6^X(LgCxPLi8Vn?GfeV&hQxIy2XT{O18V2cV-VMR3FLLq>E1QyGV~>~hx*VPk zn2OEY0L}8T%El;#Z;(FLvK%B|ue=EgiY}W?8h-;{w{vPt?n-N{>B_azp(s2)h%fKx zEn$1kk>}=}x%ao0_+=h0>6Ns3tAwV2Xn*hGBWQjpY>W*Idx}EF@KnD4#1#&T$j1q* z27(7CO{b6?`K>O2(WQe0nijhN-_bGBQEapCN_}ThCSG*YyyD~IZ}`3`9wYtTi}$-r z3MD{aJ3ZUVKldmElGPx5Unc2nhNgxHw|^`1#E)9pb+{{IoVY4iw8=PE-1aiNjgFjh zjXDID)dub`K~y}pyR%9E?{YMZkJw*cc;WeFfooF1PnEE4v!NPD2#y(pLl{W+MHS5~jAc62P1J|Y8lb=19)4rF;A ztyi3ZR<mRin2Ic1;>)w<@NV zlwqEha~U>sw0TyYvL0KDmd|B}O#!e=PimBTt7nI0>8^8GLVzDIt+y2f=9kO2=$7w@ zwFQvSCD>`w9H_p#-T5*^N6^j|iRy?x<3>Yt$7-mDR_W6hGoT&Keq`q(8>mvHYBfj- zJCdW=V>l8|X?)8DX{L9RR|Io<)P_0OLpTCr`A zM`{@=S(xfpm%KB*u_IAKiUOG$$3{9E_~ugCY^CWunp84eXw0pfmdaxIocT4CaUXQs zCBN>B8WYJbX^33H_PA%iq)|=c+;V6#+-_X*i9*zp`$DeB#}8qlH*Vef;g!P_oFr!9 ziccrvsO7OWZyvhZZ75Z!UNCuX)xR_e2E*1Y;KRtRBw~;AaLZgx%SOO?&Tc zGBAc*6KbbaRP~;w)GeB^D$-X19)tz5g$E4w);I6`N_Y|UJKS9`)bPlE&_1eBD%dCX z#aZZ`n* zi3J8-?{GJr5uXrvUw?f5s;>WbVg1Q~@!7K|SU(@#qZsyOe{sD70U(K8)w-IQ_dk4` zOTOn(ojCReuI{tB`Lq=Dundt1?<%CZ=e^UZu(mtPF$G%mJz;786mg@C*P132bgfZ& zkbCg^d9rM!6BtP-_whr#WGFrxN%c_4ioFaYLd<%mJvojeyz7*r)X~)BbfHNDvF_&d zGYVIU^~IvdOM+&)+56GWl&8`^SRGwLC~OkZ73&x#wY)4 ziVW$6I|}QTpDp^9|L{7p^LCEBiCL$wK3_Y@+regIL@U5-how1HT=u*Z6!Zg2>p3elfDOab4 zY7R6Ejnhe2jRL-R%ZqOTNRU}G-vff?xl-#Sb30A!oxlZ8R0EX?1%S0biR<_C|M=l; zz$3vdoj9W!k7H+FH^1hIt0n4>6X^vSGgl|nWL99C?u#U4o|>M_?Ou&v{o`(O7}sDw zl+WTcn}nLW9GArP0=49!EpCBN9>7;{T*%Ee+mRz3lVR<8+p!pDSm4Dcf&DuyjY?_v zLRt;)(TTZS8O;>{A&J%qzZedkJKmM^A7Dl(Zbp)F$1@UyHRYmeqiwzEs#b48LfW*o zVDzX-lcF4GCGJ)MhbCZY2a+p3RFq&a)%H&b!ogA-p$v#(Y6ffFK?>s*%%1|Q(S&2aI-ehKe zLw~yIgP`*9ygXp9EJ#JssX! z;&YneR8myDz0E1&X_k6MJU(8xD|2#mChz8`CBN%Plp_dzC(=Rp#E%Zn7tXivw2jJg z=^1dGC8djOj>>q)Xa(HW#m9l!{?S{4kAL%jWQu542wQ&p`t@zopQ8_F+us0BZK^U2 zsZBb3P-{@5x3`75Av9wD;^iyKCGPGb|P?FV?tKYvU+|t?_4u*s(qg!}{CX>*8w1dFF z4w}cU8)buQOx(+t6l-&7VTvWb=oVUY;r-k)m8-ouy8NEQsre6?c&b-FUZCUq-kSRV zD5*xI@OJZL2IB(zj320wuONEW+}zA}n3-X=KEog%=Foj(NIW)oRG^P|_wMRCjKqJ;!zz^1ptxy-1uoN5mnaYcJZdE`ucYK}pr;!$ zhGTkAsU!aW%&XbdqB4p9T=_uMEF}2qVMl~Zp2yR(q8aY%V-dUOuPA~!d8i`USHzCK z`9_!n7BR3TX?0fd_?{8~8Y$_-aVI16`}3ZhjgrI=oE%kS;33sVB4pqz1Ii20WrH$X zATghMuzhsMAs0x}vaN0HIh(vT@#5Q5ht!e4LX{8NgJ0d-xh>!Vy-AKvLHHa25wee=`ITf)0qD1AVIFWx4mF7)AGVk48zJF6t7{mo%B<11$?!&$M1<_ zWi~wZGtfb$eddKJ^~ji=A~P1c@J0SWdA|0u=g4&-Um@C2pSuKaif=id%eP0ojLAdw z4AdA3^YV6rPF5{(Fy(#^o}Zv8Z7Z+sE?q;q{|_+!jTua7rJbBn4-*sbSzrBigPcP1 zYilPmZ6&ADQZb{EXh!1jC*;}~YubY6!OqGP+Zc9jcKak670Ymh*o?JU&syl8FsZ}a zORJ0%+?YU?QrAVSZ$efH^!10TtyWzA!CtSP!e8sb*X>9L=NL2keP}x(xlkb8q;vY_ zN2Kq~!e<=k!uDrB@hQi!y~OCYiDIDoy3Mry-qxDHblL_Ef2`tT1aZ1#f32U9`jBG_KZW^W$ltB~ zA1;y;p=~K!Ca08{lBq`i7fES+0T0v zup5$9tj9$8?;)1naSmo|yUTOssBpcpy`7W{rSC*&fTRw_=euv@JrjzhO1T2K(n^FD z;|3_deCfyGA3a7LQ@TXhd|)c~;lVG;M2Jd@5I1XFbzZ(%@_@l3^lJ#$&AlLv5jO2l ze1w2LYdgY-&kKhrpE;PDYr z3la#G{1BL;u6xkk2FRau3X#eV;w$EuGX%3_pjX0Kac|0a|20 z)~p;=r;09dG%#+5L(B3O_Itgmu12G z5K{ukUi53MVg%Cu3Q+k^&|hAAc*R~coIGMmP~zr7kE^ox937NKc-m`ij05plYm9GK zklrZo!}k&44(Rytieyd3fZSy#4OxI9w5!r$y}^b_t15FJR??VsQrVENv|F1IJlAMnJJ_Th$X`)u+GTB@A;o z*k{5Ig=?FfTHW)b`K!{3zx`JIp=7pM6*K~SOgZkpZHNMyM&OSi*QQ$#R&m^sF)_>> zI=PWt`lX6bo}@>!YePg`7FogAbHO&|n>U+g7<|HW^~)fETT2KKhkfPpZ5zXnshFs! z*SV|MGhifJ1qX^(_fiGNcdIEF=3j)PBiGsia5%<9v&1OjOUg?fOC*D{#i!P2$n1_FWhr8t>gj}Z_Y^Rd z(*O)m=sGG&p=jtjX#Sw`;{}X~(gf0%y4Ed%JzTQOU`sLu!76`~Y@uLFY;?Nwu@*og z@iWfGua`?&z!dKGEwVOTlbUf(eZZb1>H@jrwH~rKQlUBDpU<;LT0$dlNfaaWXwSW$ zTerreQnw&^*l@zIKx!Ua=+() z44TXOq$9UPXXck7d^YfW%C|u=zg1Zvz^En9cRYJclDf4t46bO$=O6~FdiF6_{CLEZovM-Yth%2Xf6K2RDo zd{8886y-aQ)i3oN_<00SQE4#7#ir4$S+XYo=bxd_1*a!~9pm-LM<10phRzp}h%z(Z z?aMdj0bMa-hDxkj0vWt-8j8YVK@xO|IJwx%)wML(b4`gF)QEuV_$%qGpD`Ig26oZ_ z^`-KNP5)9~8BqUo-`mdXScZ_Kv=C1v)-&Va5I6VN_wj#N*w{|0NDnE-s*~%uU<8iN*yq^ zNF6?;_nx}MW>j5XW9+I}QB5EK9%%#;Qft@m7#{mt80{tll6aKx^DV{LW5QD>D!&ol z<$zLSt5Ij?cpRl4Kur&enXA#b6qDzo?D>GkeFeRZ0BNH5pO&2;?}D5UOmhjuJqq2L z$weHeUY~o<$Im~VS89U*5TluW8u?^NZ#_OfzMJCWBRveFX0JhJY79~qjq&KbK<&UZ zg{$aYEO$PK0Q!82jcUee-V{oE9Y#c2j~IgQB4-;d1Rg3&zD{=XdF zsr#IjN%C5|Ve$`bn14C6arS;Vb{M2P0Y3%VDyU+)=am0C5bx@9SpGVNA4@2HNpVoL zLv4shm&G?S=X)x%7|PEqRpe%*!^}b14P~W=na{`{R0h0kG~)h6nHLT216*N=&yQEg z1JS9983h~M@<4N)wEQdt;?#;FycdFwna2&hAhKn`IS{LC2|k<>gFm;|h$qLYx(PP0 zf_ifoCU!qD4z_w&BN=@0KZ<~i2=o%mlzzzk<281L9ZbGAm6PBbMmJS+0&@FR@w=|)1oL0LuDPxLa}Z}~a6POQ9zD5>3nDWH}={cd=xY-R=rg6-g|MN~toLWw;< z`@4VxC?)1`x`c`KQI!HaKY#a2=pJbdxX+Vcp|^EaGfx%E82%)CKY;CQf?sX=@D|ppCNCHT)p}Z0r1fnrwX&d|ESULe_e0T|zEqs)x#&LCN&WWJeu z(MG7EILl!CQ-IFiM+yRiOHI^#gR*QS?;U*xC1D7LzehmyG8WkPr@2B!IGr}a{zxp8 z$3nQ_lD92$Ixp$@1CNcDoQ7pB-)fTV4)bC+;jXi zjCbRqW9|p9XZ=}FBR#?V8|Ee-CAuU-a2$L5ivEm%yNI&CU&V13cu(+(b#(j6wIc`F zH&c{ctfUGMK`p)seX+_}(J<`Y{Ppi0C<1=G}FE=LB zKv>|f#*=0w1G)m=q4z5P$u-@yz{$$FE+1*S(j91qrm7V7=u8tM5JsDBna2D^5P1c? zEIFos7XlD#xU4xMp5^31!d&5zv216Lgw16$Uw$ugTw5_yQtl8~l2^E^_^ObXoJt=m z5S(R{nH2px)V`9G9j8!_Pv-;XbcnNCY5zGL8~nF*W0phDeC52$N|fZVta@xoq(6ge z0O39{ztqXi*=GaeqAy~3;Uw8*<$+C+zmi~ik|X>)!CQ<>Dsr4$l}ry1_(RE9>y?wg z|KDX|ppGdLe3PkSQHAE@H-mtqqpc+}k279iacNde2ybnkANJ2i^?+KnL29l#yh2M%yvl~x_CC-?Op3=)Lil};l*$rmp%SCOVV{8PB! z0-E^o1G}AN6ylbtBhen875$Gu5y(CO=Vca`@&@NsVaTXKVC}DEV69|1`01WT!h2kR z@t6Q)j+o;pn^L)Y@;D4GeFlZ7_x7*NS9M)>Il0wS{^3CV6UQT-d^~yn6BqrH{4axq zh+H%-1%+9V@iK-qOR%2gRH7!e_b%1E1Hf#Xmm_Aq3CdqMgAZA;Hd0jx*k zi>!o06va9Eg|e6^O_eL_Zs^Hl9iQWGK34>9{`yK(=HG_^V$Bj-`$wPAuqvYuFCU2P zD%2q9fT@t4*a)D`DU39%{^oT)$z-dweq7<8871Y@OgP!+to?&1c{5yL#gALNWE zA1*XJJxQGUMtlHirFdh}#?9tUgz&1q?fj4C_2B|M+28VQ;-9x0CvZFi6)jEraCuv4 zcla6aN%xCvl?rg3ukN`Y|F9h%Q@Bugm&^*N0jaupVEIFxm6EKbiSeJkw19&(I+G!G z^1X^h&`Q($f}q{niJeb8!SfxUi*bU09rhdbYF(+78g9ETfV)r}e{}~) zJhJR?<6pCQWuV-$$a$`BxGlGGEQ$ZaaLeF0%N4qYF{AG$h0DK7evf&rrRX`9};hz#b*1 zGjOTTV_jY*%}59(dBvS(D#B&zzW; zn0~s7@2Hp0R|~)Rv81oK=EQOi!`E?yn4+!o{c#W)6;FqoeVV z{POq9dm-b^=_|gin-yuv;NiBuf=~b6dcXs{Si!^Pyej{B_%`O@$Y^fnI_p73I`B;%sAcV+y0rZ?x2ajC6wYTH{;o8#7en`voj2&2)VLi1s@_3f|tTnfoE z7ZCKzu(GqxPsvZxnrt-$xF>caDBSJp*nhh@5h9&6Sa+?ZaMuaZOP6dm+fhZ=4hMnd zJ7(t*zfF`OE%yY);qpZ%H|FOD1O8m~f~wugPbVH@wu>jH(30MEG%~x|UCTwH9x-@Vs%=#AK*x!ro`?x7cu1X1DC^1GjP z|2pvrG4_-81Azm=f# zlv#T0r+;$n2+_q$9dS6+1jk}YM- z81Rp#Xg?=Rp}0B6|FF;QpnXin!y~}V!a|=IZVjSzK~a+1E>UCKE^&rc+mPWK`$;kflIrsr7V!O7#Dp~GKg;1$N$OF{6|=Ks=)cw<&#a~;t?3x z${7V#Tj(6%}=N1?lY_*p!vucg1ZgHRhZpBZBlpG$j}EB-Q-t zFv045VqVFU?`99Fzvi!{qH^vW$CXQn@$BEu?DkFrxgsO2# zy*jD1>ea!CA2>h0`ZoXo6y9Z3a0Jf=nt0bnXHp$qoELXiA|v80@e$bxf)R%=6sGqM z-$eN~&;24*%udXY`_rKkYgcz9^LvsVc^d86?5jV@*N1bFYjpA)K z&l)4sZUia@Rt*6ccv>aiyN)hgBTR~U+-Lj6uBXpt9Osb=z1v);>}(A11c+ZkUlsmO z>IbWh4zz&gRHq7f{I5YG$N`?F)u2NzdkjxxaPS2sVTZ2dwxBe?i>%uD9!VIdwa@3@ zYXI5mOK`d@T9yR;U8kcR2|vh2L4gC zmj3sN;Frz&zYq+%OsG%Fu}*JT$^L7e3c(ZOzMyay;A45`AY=Ex{2|(6{D$5?)ZGS| zs*3)ozJDIli2oniTAb7DP&c|fD45-&|?QeD#Y(|Ee?1Fz! zfw#V)5d}&5hHxFYGIE#QJxw$~ATUxaAtI;h`uk7l-$S^33tX(;k^RGs{(cm0s2JU~ zuAX>2AzQl7993zwst@JZyvYyM?)VNJsokdxUkQ{VO)$NV2GECVSc5#_2{g-iKHd$? zVc=*@N<{G65a*$srV)7Kw@awaQ1=N3L5+xtfO8Ila5bbLoPY609PE`d#ieePn#egKFA`*>vxqA;sZko*$SfZK(MY`eC2`HqM|kW?-s4PoMl9L5*JkbkF)=%M;^<)V<4J ze%%#lsNqvUd*SP8d=a_K|6ChLH)Ny!?$#f~#VJ`i8ifDRF*f)fNycNd{b?-bEn|~F zlT63@T)*)Z;gF03-PNC*I>mTONnS<^TJ`MJ`Ju^&l4WGwil>O?yftZ5m~W;~x018+xFhu65ti5wFeE3s;P0()6nTW+NIY;69n3w=ZG7vVZRHwyrgllS{xE`< z0AER3F0(|R^c|D&|J*>S6~9^J{N1`O2HAm9r0h&V}ADXyb-^u~VJ(R9SQ zo*V-s+qyj{o9=bwjiqi@e1FF9^_|)+p&rtgO#Ju$?nnse=nCrSfBY!M&jfdl9OY~G z{s@I#1bqzR6uVovx1KTxgaVZgf<5)LqmACs!&+!C&YM~d2EuM(VEK=6$CqZ5;8(tK zU{^(}D!kO$`5=Vj2A$nAR*g%)=$8V2Tv~#`DroK}10xMCpc4aGZ5$8zUjDh-d_{WjFi{%GpcBM9&GLC7 zd&zONLq7kMc34rlIc{he1-i1eTf48@g_nkO?KF^UF2)kAPCa0idLoZt|$JEXdfM~O|e-zhi zV&I?x{8XpZdVps8RzrbzdyobWyh{WScbO9p6`tU3q;A@b7FT29MzVJ%&cvsao z?RT0kIXR~ub`Sx0wm_B1CXv)|r+52>7t%;-E+o$X{sJ<&l;T#+Dp)4K%LkbZ^I~&+c-`E$E5OU-e(}%=y+qf#BI=#V8;`m8HIfmZffYNhN z1;y^x7a5OJ74%e1o(8FBpq(0^(t|!O<1|nN^<|jX$QxK}Rl(rlzJLEdRjG^|?BqK1 z$jIzE4A^UbfDr#n1`IfbaPBLwHCBfJGJuFlak0RZIA^8<5kQ)7>F zOQ-^G%;C|~+b+j+@mSD<6m~Hy4!B7G%6ql!b8ZyjY*ICltZB+8qL?(}ff|U#nZq*@ zr2)nk+@pNTAQz77s4&`e)edt7He$GkbCh>tq}!$0LHegXNuuQP-?U?p*t1iRWqKUmGDM*ITC>sfsVlw#vkOI%!zh#E*hxbCxCL0AbW2i17fl}uci z6Y>WaLdw_KKi*+^8t(|G`nCMcM*=vWHpaNrn`^g)F$ZUgu`g+e$Jmo#1Z^bYvQIMO zafWrG66|0hpcrFd2|z`U7GoZbDbC$F0J(BxUEhmN9Dn>1-3kMj9{1qb0PJ@Dci7Mm zQxunXtqUK#KG|#V-~Q##f~moqAD`s^j!*2AfbAIbkiNhOp*V1Brg`;faNCi+hY5Yg zCcME3MjpmE+0HFr0Y&^Q04)=~kY6`8s@k0rMhLn>@vKvEhGRf|*$F~%7wLvDO$Ou@ z6qErrk9riK1kC|l)Det0ha`)Zc#E4rQbN;ML3C^ml?j44D&Gmlsi1agehbWrWfquKzF{` zCJ=R<=Zue!?<$;jfo8bUty{$9jlyk5EBQ93*`6?ZZXdFv_qO8zqF&zCrWfh?A}u2v z0R4$8m@U5IPInlS(Nu%HzdFGaC%W+1mNspqf4W_3PIL<~=5}?a6DyhiE99q!H*E$_T7NYgxy*?~$R;9*QON zL2kmI95IQkefMGbRf~FCCHn4ECHSE)jL?T@}z<9@%u^NEsqcnZuxgq?c?&we- zgDc&)XmrnKSLd-PRfBgd2S^U|5v+dVCt_$SEY#&IcK25 zWh>zsDL#4t_`(eEO#~7`<6cpqkwY4Yx-bER-QIJ-Yl4pO5ubgVnZx&h{l2}V@Zfv| z+6k)O=iBj@>8kbi)KovsR->;tY+U7ulEeYu z2jxEQeT*qti;kNHosLS*Dk~`|VL-{K{<8d{z)oQjbexJC1p zG8hZqR=wtVmiAS^e-PrcdX>y?sg$g(b97gdU;)!qiXy`q3ce0M-R@)Rsv7wC&S4Ly z{=Z|Lz-b4CoSFCDkFc0Chj%3_Y;TpTCkWZyqT#b7`?&cd)Ds$Tk(v|qU*u(K@20qw zKzDzoZadGNsW@qQ$9;Qr8-TR!lmL($u9*=!Q{=MH2Qc^sCgV(Lc(0aUcHT!c)@&;l zm^7FnqvOom`i)y!sq<%srlZzvx}~4><@Cen2?lHc2pvn#9Msa2 zng6c9GQ77$nW_Tx)0+ZaWTHArrA(gZV{qp^qn{tYsPI*i`v~g!k{O22^B@5(?j}1s zbS#CxQS#^xY=lk1V}xV0(p7N5wAXZddGwZm*Fk~8(z0mW*D?RFxiM5Of~|@ z)@o)9fEb;^2MWz&wz)t1tl!r21^48&KyTAu6&GZ=& zjmSaQk%23dX{1uO#RA5XB=lo>jvgLkHrcH^UPq+eFsnbFag zE3yqeEr*IT(X3JmZ*%cp#Zn(l3GbI}?$k8W`x?;GOXwZ$j~_Yhgg#{yH2tAcu~JL_ z#6n9Zj2_lsrJic=I5a?xrrvAk%l=k4CX!3AEc&ZklQ@m`A5$wlPqd zlUUS4n^C1cbc*M6yVx=qRdpt@gKpC@d%Q+p2#j+ttEml8ue`@m_wcc-DBWdU z3(!u2&t}Nk{itRe?l}E+alDjVk+MWR|B&xPksroB(3BUZx>0In$ei>&rqtf_ z+0WB2R6no#9>J_?dG3z+$(}z1knb*pl@O+liSwdc*|*A4X~;Kzi6=ZOX-7LbVu_$~ zl*NN{Bt^p0amlO8UNNk(XlcH%cV#HI$^crFu977D#p@W8EaDiAO7pI&f`eM$isg46 zM=wZQ^RfVnyl~}ZVM%Y9u`h**YU)2%BOBRKUdzZ2+|HYPOM-I7M` zKJ-4jwpVpb!6S6rx26Lb;QlZ?@aM((fBqo5Njb34IEOXBc=^C0qrcfqH`N+#Z(ku% zdDipE=Zk2=_vmP)4oOo<*kwgjgy&?V6f=+bQPLn@%=jd0co$iYX-4~%)0w2ql9KIX z)p-T(_81%2de;5iG4C1IbI_t+yV}%|%lhOI10N(&QMrag)i$F}u|?xIm&iVslmk#ze5xh0 zLiWeSZ*cYDSXQ68g!O|EX&BE!nmw_H-aaevcpVKu<#tCXgio9Es0Hx2ZaRt#3$(Kt zACUBE?JILj(c9j~e(R^`NOr~sxf33mqCSBQxuoD;2;nsEd~0v^)la2WxaP_-P^cpd zB3SfT2R{XbowIs#?G%gV#TGq}ww}wX0PxdpX(f{-y;rvQ{qTsLBvm9Np1X#*ZakHZ z-v}XiXR4CJTIRZhVJpARn5XMjKiS+&jYn~Y6E*#2u(T+XT&>@ybYeo9QngiZbA|gj z^#U}HWAwUy;1l8q?`#0v0tgUp zVXmm@*2V#LyY`ES09w)NNX$Ihqvtn_$2`=4 zrRkCrFOVV`4U6U=bWY8cBo*2`&vfn*4nw$ z$AZAg-|_x(4P_RbU@}PK1H8r=yGmE_IQl>ps2Ui{(Z5)chmsdPng(Y_8e-_d(=9oh zGyT^@b4ngTp?T0fVXHDON$_k9-V+~9-0Dq!2uyjVj!m^`XpEVy&Dbc<>%|t)*J$XL zD(9toicQx%P_kA3q(#uLgCLZzwx96@w|VCsx~sA5F1ZARkGj*UJZ-*M|96fSU{Pzz zl(MtJr%&;Mviir$O2qSLyDe=IM8-!4EL!x7?h0EnJLC2EKG75(3^)1FW=?R*G^d^O z%PO{bY2jGBnsKiAnte~{{&9*c5^%h2B?~RhK9G_7mF>?y;s`yJMaHV zyYBeGcsQQlUYw=I2Fx1>a-(1E?w^8<=f!Us!c2^4G`=Viy*L zKpj7_b4XzqRsbg+jNMea;0mf4fiIo7jzsdWbsuAaV6&2ltJu z!YZ7};P3U=%+P-pt0572RIdV8mJcHDR=TGsk&RT9m{1G+#S z$^Sjm@oh-tSQDcC>W3|ma)eH5ybilt#g(UWUu0)|;*jQNDkkH? zI;gk}5K+z1VO>~!AQBo=hIx!UH8_9$!dbkC>Y_!lTK&%&FR!a)iK$sJKjG>Ij>x#U z=^g2vC;GwnNi4;%k@a6bzF;$*MX^aKknnrM99*+8cuuOHPa*f@6^-eVr@jL=>QX9k zm|0mS@!S#PG>oLZ31|t5 zAk-X;dO{Hv(>D!OCEFnC7ucs#QGJu9OaW50h1)gu?M}sXRp-jolP&WBhihnaCYUwo zubjRvl!!k3u>2OWlQhY5StP6b7D*>NFiT?-wD?yM3iuxL4BT;GLl)@!7jf6rB;CZ^ zL%Sp-)2eG`SWbufTh0cjBd_eHqDw{@y(X{G-$q&tDAwf7~)WaLY7yHM3)H8G9UYf@Jn%tYNJbRaylP zvblv5Stk-Q-PhQ1q`I>;iUeD}N#A+y8~>Y6isdZ-7Z)Q!4|b@l)T3J04GlX~4C;@;d!PC5xy$g@v^ir`8fgVu%hvW@n53FON4a5^)4zGSw*ACA zfL_=TWPk4Ky~UKBzv4^pOWU7er(tVUX<^IC^)BQ-jBGwLGJmK>etGHMg4{2* z#5*5mxb988zV|5phZ6-Ha%oN1t#kqAAb8UGw!B=v8nwppKxXE_B!r)O;yEnnv*P(W zEOEd(0k+HfMH7PEN(H{_J_Wp;RlI9z=tS(J@}(kB7QlL?2t-fZyci4h^aVr?6N>rp zjl{oxV*yTwn_wN6_!B?{9zobp5bIK1>KI0=0zY*o+R=E z1K}eArs5E7;%@8(`;H3PcNhNbyKsaoE=J=bcf6YSbuXI2^*-jHJWoRDinPg@utHhS zfcp_<441hZ@>;o(C+@?Y2h;d{>d(~wPYC0`c0~GTY2f%6J4%|||ILQqVJa&_E|-^A z)1QQyj**cOohU}&M)DeR&moY&ejh!s4#V@_QD)pcd07~HJhQ^LfRZaMxJ zE`&cqu}RC^ZcfH+ChA)s*O&!Ul#3zAkG#pdUY%T z)!8ohzx<<5ryDXwN=_SyYDYS>%*~KaO4HwcS;|}B zLS8UpjKaqrVfTGrI2nm`4j}?oFNqB;md(85*OT0V;2YN}{5+OdA~BO|Aybbz48$kt zp<#G1$a2->4%f=f=9{$8X}rAQvoQfm&`Y3(6rJ3jNw3quQ#BdM#K6E{$xBTwDwx2d ze6Zj45d;|;V<9`V{uJ=xRS)sSVeK#>0%cdKtv1-bdwjkf`bmTudtiG?kal$<^(X(E zkgBECVm_v94FxIwt!oME`RJP+**fzdN?mfzyVwz}m>+nri;9YDKaHi;zN#XhXuEq* z714Mkh?9o)2&Q$+IS-}-kyty-k`XDXsvwM@l%|%;*m;1iiD<$+j4YP-gJ14l;iK}d z-6e!$n~Ep6@N3#NR~$w?AbwY-p}s%-KwHq4A-H7x`sFODHVy{!cTTvwyAj95ugh)C4 zvP`wupUF7<^BijIvu#9RNU0Fr8Yil8Q>lD9(BH}-fF{4JC9T|@r4$qjR~_Erj5!YY z&5u1kYYW{@WXf7qa*PnNZDmtZidThaNO<_jQr@e3r#!0zmE@kk(Jw5>+p*lD%iT=;_d2%$tg*?H4#TgFm)egZ%b6W z`BT%nI)ru}M6RXO91D^`)AQ`PD=4H;K!#o#Z{w&R(@`1(m03Eu=*XD}_xXi|;fM4I znDyy0ME~4lDt;cBkSzADEx?-mM5E%m!Tiv|_o8)R1jy~2b#UccX$tC?o z?C4MjCJ&S0#@;?(Hs*@l+VYgy^G&NQ_b5S+Vnh~Pf4x;UfjRq)NOysW{ucjw$qbEv zfDWQ7%&en?KO`81=USRArB$I` z=mUR+CvO0ZrQJe)t&F24=baLAfjxkZlo|M%vZ+{SMhIit$+AAR}ptA z=1;JELxb{+4<>B^j2`;U0ykq%nYKTBhfGuXktZ7-cwXltE;dyM&=zYdKa}E;zh#<0 z+0+)TLH=95WfFE{*Fw^j-QoRHr~5e0yCcc&XAb`2eTg7+qFZ}d(iarH$tPNc?T*P}(cp}NrC;(od zR*s7vc*Xe`tE6F#;Oz9n{e7^ee}GC+MTN%C&o3k*f*v^8%zRp;sVRO{-_9IBCRkVz z*KxAP#If=e2{8(a=CYI|6cmleGM?TBP~h)(J`n}x>q${|9TozEAMHII!gLljb|3RX zv*3uP7w2QdQ&B9!fn;BuA(I z>`$QgL1{Na#nZEVXlMxKC?7cawNL@-hKx;ueN-o#eOk^UAN6j;DLxFTxiU5;KIYmU zvXqh}=sy4oUGj-ZNgm}w(shZoR_`(UMaEQ&QS>@b57!30>>{~5__54EbI;tdhT z&8O_l%rc4kx9S=)68GbYEk45YxpewVhy7eM3l*8+{qQBxZi+an8|su)f_)pk*h$rgoGRU!4mg#7~~gKJrI>eH8XBk5&B{?1iT|hEps$J_|H!LB^x$oays-)p!** zIgaBDFgzU?yPtQeb}P0t_(+cFtx|0p%lpBL;`I2PgtNG^YkIx=kQN<|qGPPUp@vI9 zU%$SAVY5gG5L`m0tynFte;dmbd}kbb1%}}+mXvLO-3sZ0=rDF+Uh%hyZx?xL4Hg1r zAEiu@m?@@3FJ8?HD3eGJ5XL{iY2C~Q8s9Ra42=<^>4IL4l4HcM>E8s~V;MJhL6|@# z^0zR-&eX=zeItnDcan}8T=VzuBpc56vtM-{y{O4{*t4Jbq+g(9T6Gjz^u1&Rdl@KP z9b8Q$ZSt4ueC>jV*E&`3yn3MP?uqiYgCiDO;`kV=f(Ayg(Z-$j17qNi%tgbSe+lAe z_2r8Su6p_%=h|TF-hABN%>E*9`=}z3kMzmey9%^H^9xSK7~?~@=&<}qdn|HH1%Wit zes4iC4Lio^1S1aZoeWeI(Sr4TVMj|JcV4F`^UebLbRtWPrYI{?Kfbj|8y9E6sc?&FO9-49+>{c+w8y@b~@aLwR_zz9uZkb5*q6e2bYu z;Pq`qnPNv%+P2V>z6fvon;6&z`n@Qvf167jd@=90-SuA89SiEU(;htg;^d@l6Jy~uZ1G@+_aK_7Hl(4rSGN22JH=4#-<~I|ULc(Gwg1cyGKUSY5 zixZ>>=T5@*cK8POA7fe$MK9tq>M%lg)Qvp|RoKi9KbHfka z`^ZiQQ2m!fxZpF{~2eT2vsp@xv2V_=A#C}A zOQzCccdv^P{yX_V2y;Yo^Kgy*Z)Xc}K7=XX;J62qYwKw`-T$jXa{9Wl5q6_sAOZf} z1M48|e9QgBw>$O}FB$xW&*E&5&zWM)+caeBZ2O}*u<;1;^p{j`@y4#qru)C8+UFVM zOoIL46);&vR`pR>lZBj;PUP9=oK-;FVh{1z`UO~0vwskey@g-{Y^5vV?XyB2{3o^b zzkcwyV0g#UL%W*<$OM3ED;%lA0wIx?HOHU5R(zEIIbc2am|H}tkqrCg6b+M$BU)pC{c1AmQ*{(Bl1@|Xq??G}^@Co+hEwq8- zJ=~pQ{C)SQb~bttOc9u8n>%msS-4$PuxohlkUAMv#hs^}reu1w){yZJzxaeF%-ldB z-D50P6?y0PKrv-{3=~s872*Bq6yeD+f*b|Y$29uWUYp%oo8RCzAZsDqHD=!4Eb!V| z?kd=V53;U>$dX!AMp>EQkczpyPp>)IEbOoNJa=&naesDp(X0;4p%cfSO#?6C{Rj@C zcIi*qUVQgUW;Q4%G1ZTrl|^KC2R9&P^``(j3^%vx7U?CN-_P24pmi|3_?=Uao*mSt zJntw$CYbSQ37rhe^ZOE*k77L$d|ZUP{xUuvi?2j>Eg@3P88}?GSVN3ob*YBqdf?1p zC6@F49z@)jHaZ><{&@=cEN9>y{hDrF!UP}U=XQ}ttuMUJbIajx>0sImCw~U^6@QOH z9WvBdggStrz{?MV-Iwg!c6~BKB6|H!NwUZTIrZJe^rnEt@qDU;HEYOMdypmXd+oGP z_hI#oU}Lehc|uITB34sU9*W1d@0l*|;ZA_Jc@DhIml}r-o)pK7DZXT?=GBS#{)sSUS6~8%O>mOhgxefh;8w8(4 zW%ZWII2s$tX!eey%S;nxHyUxeBI4AiRiF;~s`-yMfU5wz)43r3Zw7-9foc0Zs=+W3 zrvujIU;}S?R6Z(`Wze{Rd#X(?gQ+8~U+GihhN|OqJ=3w|c&}|YMy4oK*pJPET7|HF z&;E=3Y`S_Iz4tP>3s7>Vj6oBYO~RKaQ6?qZlbzaV<>xhZ37!$xPAAaJY>aYu zy>hEir(9Y~6LRb2P@QKeU*LTm;#faX%~s1@lT%?8k`?P-`++t%S62Mm?v8(o2K&$C z7bpKWo1THJr4G+03rRpFsB&HI>!A&M1jQ)Lp0!)Ak!lh6XcA6sziG4}}^ z2ri~3dWf`8RY@&Fab9e}FG`ll2vKEMhw*YiaZ;OX>-L$pf-WUn+Zc(H=ZIKlwpO@d z^QQG=Kuzpc${r1Jq#QqMZi0ooBQ^wLQ(-0?Q1DV^_$EWymZ~AZQ?bxAzk%29_FAin z44rcH!ev3VH9hCVtm_qW<(n2PJ}Q39;@DkJ=?=U8y_3b6ooHxxUG5^5?hNZ8(L=?; z={Sr6^HyH+@f{$NUXf(p6~(x{IeZ)^<7o~j8TL%SL$Go2dwR&hEC}xgwkd}W;G9JT zY)*Qi?Y{}zB#7gQEl)QR_Fi)s$f&A`^_wtQN{vHbcNPvbi)KRhKx%_7lNt9mG*2Cn z{=-nk*Fz$0opTa@Gxs-<({b<7`(R(z6Q700XWvcNHiW9DZ5x#LmizUcYrBpPA*$aV z9U}Q0D?VW`K%vDHOa1@v}a zUjbP(?b8z2$Pd{wH)$06SQ#B9{hCBBW1bTHzB!e?bRQS{08kLc>&Uzg*8+)~KP5$O zQoa=8Q&3B`3ROMl75}QP)dUT91tldpfz2!1WrBMA6r4mU>L*D2X2M+KzWW6qf5aEL zl87b6AUjCxjW>DA%9NFv#mr;gSScsz&4s%o=lf3&%p7l7_@@Id4?ECy?GU@?-aY)1 z7Ma%apJPrHGmoFA+m$Jg`-TREKUe+E%v94zXpQJ)nC+!QRl-3i#X`wNt z_u=+~ZQo)8>xVz;pF8;aIH}}YByyM6Wch?WYq$uz>e3!b^qs>;{F#{n!`RRIMDFX# zL5D>XhfJA9uY%B@osmzMMF;V(A_9nvduY-=Z^1P`&=7*9g73pUMsWVB^C}iowR!ng|9=f;rE-(hL}|0 zw`U>M%J81SIO}W@Kf@)rcbcpH&jY9iu8u|CvvsT*p+ZFb@RNnB6`2(GkpP`d{Q;Ia zyYF8|_Cz=ish|rELt_F#@_XBiGb(3sl*=_PjD2;y|1nL<)PIpbO$UX@4dO69rBbP8 zv-oOxNt}}8Gf5)L?mEGMaM2Cd=_Rny`rSBhdT(&ALPGRtMVZJr_o;TWknLxpnjLwp zN5jl5L_;S4#JBx`675z(A<>j$ zIAL^82b8tVvj~#DfB#Oi{3Su=pz_v{KtOkMjqjWpF1caFN}!Q6Sl@(oLSc?agupGWI!YVs?;cV_YK056!)n(;TrYJAOQT^ zLuo*^_ZBJp{@rP#OvZ`tRf43nk#Xw?i&nB~Z8#O#{m?D6x<; zOpq+{NkI}>u@r(xVbd91#?Ou1fSvgo5gbejT{TB^88_#LVQ$4A;DqY&2DHe`~`6=C1gJA&ZD;({6RafRTkUA z^(CYr4EuvmA>aQm9Krt^2Y=}c%Vd9r9vmUkA4V3hBS05mrhFwnOD}5nOQtc2 zi5IFH8zX=%{=J~z#W<1EtX-vne?eAj(=T^E0=Qml@7xpm%0#=S2tB4i(p_-Nxi}U8 z7R^x9_YN`ywDkO7kWh7)x-Q}TN-akrt4_m{k@}bjo?Edv34mi@4C?M!JX!ORjElS1WjFu zdl8to_NaS2GgTDB&`$12W=^^EnvN6L|NQ3amjepbu{?G|3C0O5NV8hdf7h@q9W&|z zf*8V!3W<$1k1l%oRou2+!??Okboy1Z`E`uTj{!*o=&Hx=((D$-8xMNmEZj#(X^!(- zSHyO_HhWveZaA*uveecw^Z{DOwYC=Tv#KaPC}8I{G;n`7)^1C~sA-+TSrOXDQYCn@ z3nUNPnHhsln2yUxz>fJtHZ!6nZylbG#a)Y)3SYuu6kos5eyh5(xJ0BvP^Vi498Z$) z!{R;(URxTA`{xh{J{b)U4^J+@OO%odEWXxoCVmnLt7f(CS< z(5ABbQIcMW*XG3bP`TU8YkrlZwhdFR@jVWsWX&(MxNDc*zqkRaSlS&q2|aczy|x2> zr!jn`!Uxb5EZPiCy$*$?d~;;b$oHl&%CcfmK0_-lkbh%VRCkIHb>MDcj|6a9lO)O* znANf|zz-Doc_$IiPGva0%#D_fTOE)uH*uTS0 zOa*D=8Fk!YsjJMbFiWRIZMxj}K~c<){1*AJ&No+imLv7+8Y9^BSdWr&UK);I(V{zh z_S{g9T}h-{6tvW}5Q)SP&&28TIZg(PKRPXQ^O_I9izJ$xoBgX2EdaK2;pn-oO@Ymu zmX_HYKxWgOGNEuy__DTW&vEbA)K?j8ZS9Pl_&zc&udST0i;~) zgY8e5xVft)u71eH$;isOs8Qc@G_{M%H}qk?rowLf=QAxgllpmeoei;lmUFS9k# z;8KdyNfwP_mE2|HYQPgIPnU@mw^#tRDY3+AyhBJjyJT6jrI7qXI$tVhaLs2_gcH3y zvBgSZ|0#d+j?S^E8~naNMM2(aH}V4CKpp)}H9diHPm#`R z7QMxiAOtm2R<3T=@q)wbX$fv^@z<=xB?jhTP2e#Zj2g(qh%Q83ozo#g32e5`emD8S zw^7Sh5jmS|13e3~EwrHH+tDSxFv2bh9~CiH=1?q9Py~rV(3Zc{Mv#3U%W|SlSlTd_ zSUQXZHO6mw#y*Mo)Tz&JUg_8Sj*gDj%CH4JiQ+JhekwMT(0qJ?;vBC^piuc8gflZg zAW7j;c7E;Iwj>2PzrXCAm~)nIbWdIUDObL|Y27)^+fnkh4TpEmWiu$D;S zSSXNEs+Aojr=FDX6h(B*q`N1~T=gKwtv4qp=> zBm#f>ZGcF?kPlv&leh_0(8C7(g^_x?6X%6IeF;W6ai!$sxcD6Ssgl~~99T6azc$u% zTe(+kxrUo4RAo&~Tn?^}=Hk$21%210X6o|}$KtJJMc*@L|4?>c{FW>gYS{C0ZvNeR zs9a3E@z;W><`M;pv$l-_w(ky%p2kC~>)QCq#$Bn;ssyg4EW^s%&6QdW<2Vg%^>q*1 z&PyEq(0?LkZv4%XXC~41+;KL2<_RTDO0Mk=z2Wlp>4n1>lZiw9u{Q2MT1HNRaG2vL-1QiV* zjHk7r!RN9O(Rs6+vQM4mn+<%>_(H{Hy34rElD3yBabMU$#+fp{CX7azQ9zG{Evo#4Kr@Pox zUZoI8N%Scwf=-UKc9g@o<}ll148dTP6m&d))Un+MZwCbTnB%icO^(ac^%&y>7fs-G zQ6t#AccQhYSc0zB$k(1eb*hFUQ$5B7>~5TGpNo#%jU+yE(4=!)nGVa$DN^Hg;H}1` z)>Mz9AX|&()lj5#1Qy;8OX~RubeQlvDiNYHlM1Si>a&SM=AfugxNgxaIDUAI;}~7I83^RBc>7ML&>7f)n=~@8V^RrS+Nl zhOb0*B}qYTOIP`Wo1dC|f#&M4=~-8f6{XcxV3u5R(I)y6!Q zZ8FJs|4di>2bV_?qWdC+8X{Dj&DxmJilUlh_(jcp)D_DfgFw`|HPB#)*6eU+=qsyA zp^I(SpX3jkrYo9S{%SaMxUrUiKK6zq-_bKy6{pK58mN6wLtEz)O@Cz!HMytwoxEdJ zRzHbLI@gm|>0xr)uBkEtHKSXWtXDBnrvn{A9gDhnT4stTWOa75L4oBOTb-WApa#_`DsKcfm8Ju{(xrFClPCj2UC#qHWlO1tvwoTz9)+_sZHdn}wyxfR;#5*<@Fr%<6IIZNQ zpRxJTsqab^Ww?`po)k@^Yw16QZiMi?zsb=&jm*_#T{RxWTur`@xR zH-6`PVC1&c(erG@=`nQ)LVEXl-1-Tf?u|7Rl&kBooYsS0;gUQrYz5+VR_a) zlb}M^*;A~jYG&;6qv9*1zF`IH_2OQtc!q%Dx^@%kRQJmRdaDWnNVcXW9Tv#aNrW#B z9fIuNH+g_ERnW_p!MFAu%C4@(i!=QS+2db3CR3XvXS|w^w{iuWMz+6n-e=F%ebY3 z9x|^&FAd3XXoRVp=1gJsgHc(Na`@GkIEj@Wk3w}fp^e!){2QN>*l&HblRVEj%6MIu z(&1;*9nDdH=JjYY^AGorbIASVi)i-cv#{z55~>kBE?^!Am6#&CB5*44ij`4L`D1)A zpbEFCzWKYToO1S0J&h@R39KchY5W^sL`R&(JotTD?^C$n@KtS08i+ZV?Ap=w^cwer za{6LE*_r71$-DEIvaNg9=+2NX%*z-RhL^{vwSQR9H9M1DH9vMaES@sEwBp?HqflckA_y2=Q~T$WOHqu2S3R{v~irnM;pWYcxc{(y#XnF z1>@}k&a#@-X-G?Y>$iU`yqFnn2$Q5B({wjaILNT}@=Q=zjBF zg5(uhvaL>nWa#L8!?z4nf6g~qqS2~s9U%v#4=3}V@>ti^;5Sx?Gpvn>>E*pY^PQ4p%}y;fuFicE2*w^pTo=jfG;I)gEbB+pAZ~vQ zr<76SRs(UH^_!ulyCiL+qlSBZ^dz*K`IEi_8g7;EOC4e>{dQ~ zZOIgqZjP^htngE0_uCH!G-s+eviFAzwkXdyH8$&zw-M!V)vvf%cHoy*N32A7F?ZZW6fFc>G& zzzR`ydBRqz$j^54C+kdCEkpqX3eo&sr8%zV&!$VI<>i-o<6mY8OYf&B8=VN(vb-`A z*eAdR@l@Tb2lw$X9ZM6&IF|)X6(}+%2BKof^U_z)Q}uP2n;-6-rm!*@F8iX-*!CSf zzK=xTH8Lcl{=0jFqE7Q7skG|i;#jjTX@^Wk`t>iKoGMbiZIltqnB4gK815K8r-O?#ULOOG30#=Ec$hCae+rMn73B$nEqTntv(&A} zX0-MPf)^JRos@CV1Y774NGab11z_KUIp;oiR(QxJP~TYMPWwpOb>5AtdbRRdh}3 zYU|Lp6QfKS@NJlb*1F*X3IY})G0F-&DbDd;c<7lJ>RJAvd;FwEF22%s=fA;q?a-lX z7MQZgA3rleW(Z$?y;{(=G+QSZR8b0`ciG;O>2k?M-RCy?{Y(p<44doKb}FguP5PIY zBHxk=6hAuno_`s#LzAmYSn83m@LgzHh|On0(@^1;`x)tb$cEoBfjgT3v#h|W@@3s& zF`mq$d}Ch5Wi85h*!OTlL|>U}l=V1tnhk~?)Fk&6R##VzBG5n$7~Wc+4ny)Ve9`U% z$@X|M+xzwp|4@4|lp13d@+pAy;XR!^BM)j&$+~p&-l#^dK}L_``jl;tO_fxcYsUN! z>LBN`!;J#mBIWU1GT9VYzu?|#YEsI*@eT)~8)lA6^N58=_(izp;%Rv;r)gb=0!|BIlUL$mt zXM@JfVo~f4{u`r0+gy@EV@fV-&W?g6w_8?fm=Us)k^6GgW74HWf<+`^`Vl9cQ?^`e z-e2B}8y8Q#&L2v?);WmueTQ~UPlD3qmUwL&;a;1*Iz|2BTJ*-H89Y0^*0aX3RH77{ z>pD#MFE!oxhEbM(QZijCY6^Ux z((&SW_2n|@t&If*yA`EsGImXrXxKxd{;;4_S;Eb?dK51p@h3!-9k%@QBr4#XkS8c!2SM5{b9=91GsuGYkngbteF#CtFb#Vk#f# zlsq)GgnyDB370_V4LWY#VGrWTYc9Wc?%Wk~OmZ?4x-i@6?Tr*q7sFOjCrKAyJ_U`V zZxoTW78~+NmS9KkjlF=yB?^KH%Ql9^IF;eAbwGX7ys6wAzu`%RkK`yZ-J>I=M``&$q8cpR|sR`CdNOZGR8ul%xHj z5*7qFfRH{K_Gpg#Tq44kpd8LmT6=FUbw>U!0WM!~v(Byl`Y39QGP?Kh5QCLpQ4H<;N@?xLTSs#2N=jkFsM6?cqnDdw@ z7L8mLa_8A=c6I%#9_uxb8#s&cyv;ceru>4HToe|cdBPOjLB&Tc*viD;cpc_2gs!(q zSe;RCZvtZYr`i7!xL|{WydyT`!{6D7{Qd-^`1en?l%xnK{n+dY61++84qh; zfUtf7rIDIQ2_HS71hEF;>sVPV@+6%YhAn+FO&J@GAoPz0ZEgu9?fg&A>n{MF>}`>V zw4@2oU_fvRVia8Qw~NzmHHq{>C3Vy;+}e$vi;x43ApQGUyhhK?rMHvS5~q2qK9 z$wJwCUtHs=poTr@6L z%`~g#pVH{?NjXMHRwox4>k~plL*>el>co%Jl2SmZ%UG$R$Q-_R?at6}ghVYzqaeN4 z)@oX;^?L&L??uKz&P3#{KMAE!4t24>{wPTzTG#|piF5yH-StX8t@XL8 z3?jiLk_|c2>(ED7uSX3yN2UBmkKLEMM$u)i4%M}_p}xL2MV{Y;$J#QDZHgF`)BGDo zA-5L>j4tS^m`d<>(Gs0tJrA9bR;ZIx)gyABX@Itnf(Yr?g7hWC>d1z zC!+@$-%2;6;P|V0eFHQY#wo+5j}<4o9WPprHXG_T%emaYKA)L`GFI}USs68*TRd!x`t^`EaV@Z5@+2tdeCOzp-j+|QtMpN?V?$;BL zZlwr@+UxWH{kX}N^0hox)XW~rMEaePsKK}|qC-q|)11h>$s?u*Y>&mIR9sTLTg zu00xZKGtv?5A9V!^cDq!wWXULV|Df-$Uzx#hX^VNEo8N3=xBixT041>ccq8bC_)Kx zI^mw1*`eV3h85M2TIzHsN!q-DdN=1A*8#uLM|YB%Nxuk>!%pTLmL`9~?KpWgYGZ31 z$-E^iB}r7OR;-R_xj<6a<@;RK&|{8c&GGUg@(no0 z*Y4g=gpxZWBo9Pv)AF=|7QbFr_G_Jy5qeD7LJr-WF2iB!!zsW7)+s4C=JMez9S%MQ zip7;ByYM7!c8?RgSb+avq)&s9-z@7a&it{tB6LY|ZVZAF?fx>+d!N zB;nStSI0RJLm#|0d*^uRbVPI9^;`@Y%+`_8t%F4JW5<%`i0D4IGE!83 zd^l6Hs33^A<1Br{i^qzN_oU4-Sr{5Z+ z(6x|_=GUl`&y)&H_S{UWIg*?`(V>7=o^UyUK75)rgm0$!k#J2>#Wb+f0Q|zRoAp_Qc4AGmLj&M zHC;)R+~wy@Wu+OF=A!2FM-T+_B0C`eH_mpvRqSx&a>!ktoP3+czIEQmO3t)bxp_kIsSQA zfl9vJ4fsFVbS`YmU#iHtoi0HeBB=$VdjA>k;3}P?%A_v z=Lhg+WK2z;ua<9ZzwTH$F#(aCH%?No~AbsqKFTx0xYVG)$+cK{SXF}t+i*aK9&`D& zzcAChS5*`hjv<`nIZG_C>R(P1q^qcoCm$mwZw>G#kQui4S|BwesE**PiiD)^FnW|j z%Lj4~`*e_hRP2lU8Q9Uub)s2+mXo1b2fZIu!YgG?)i#jv?I%T+~rk_hVHL$w{j*QidM z1ZOY!QVYTEwREBhrk=2@RQ3<%GYf)GM84ubFuCbZ{3j;&0Y_UZbGe`oUtj6p2dBg@ zS^a3m)`ndsr)jGq;LmC%l{=hTQtLw^BPkumTM4Q=p)Cb&EYi&LvBNFQ?u{vY6+!35iXh+DD^{^Uks5}4uNEAjRk z;;iECKJKr5wKzUUlKq!cWVY7ELK3zz&VT-D;c|rbums3YXot$sWSbm+C~x^){hZ2< zNlS;){qtLUMTszgT-e*a2YBy_zXUB-s>B$3w(^F{Ynjg|7v_B|ES3Nz2h!l*U2osQ zCFswMrELqp{U-;9^(4L+rRqzU@Szu^^nNAkxGJo4DX%|La0uTzXHRgugmVW~PYF#? zwf6WF|MdG$6LbQt+E`_}`3XATNlvl#w|c`XWhRDVPQX&_bb?&i(|?r`m|bWen`DyR zS$a!?NI{fwFgeZPGj^_t`l(%ZkjEr*^zkNYx36@_31~ zs^p5syF^6n=LSOd$2lp!=V_2i{(j&ePYcVNWvtfYuCx_ubKP(h(_n@cAX&s6S!p!n z+fPA?c?X8A2zsc*R(RO$^{*&Ho93GWr7EUKK6mtJcw$z4c(QbfP)$UyQoMX(C@CsT zxe8_f+9-T2L!G`L8M8~`z;cgHl+nzcWy5Z1r zkvYuK3q#&CD}g78XO4Wen@f zB@Q{UyqZ+%-c(9aWwq#N9T>i4S`eC?N3S^@YpARAck7tK#^LKX|(7<6{R&5OujJZRny_?f+th+Pz zT-KAGwr$>ST-$P$X&L-1C?mV0f5rrl+e=&e3x@>4tGPV_X4g;6@&uoJlGW9L8px&% zU;6^JPHU#s^PV{vkPMAr%$$pio}w9>d>Fo#y0g865ft%W-Lij%+tyFKg?v;R-ro$V zu#E1Prrpn|hp0c<)U$?u9Hdw-nek^D0ci#i5nn)SOF23g04_J>jlbsb@NiTD#TI5I z&wp(QA&Lqc!dO-B@&0MH`UJsDYD`p{V<+P&vPph#<`p+>+L^FI6JLTwx=qXZi7}W(cuPr`#|6XJj0;C-cAVoz=$k;Y#8Y@W2$S|)MlPpy> zLO#c*2AMnAJxx0=h=T9H-u^@bYka5(XX%5PYP9LQ77ofNwHsA@`cWiQ)6uKcBy}{o zCPSa5Sd*h-?KRq@=Zy{fjkkYwy|GEUs8z1LHB-7k12N6W*6f{FD6Au1M?zz)iKpj+ z9Cz3{2lM7H4VQ~>sn&#~>FwH3N?Rm1WXuxv=bE*L-N;A=)15}+)k~aEr9S^g5QL8^ zxh5DNRtf#EOHgB)?0zld8Of~xqVseh%TKuZRP7GK(Px1I%hz-0kV0Lm&1ABMHE0*$PGGX_2#>;U&3&h5xr3QHc@=C&glO>Q9oISO6ex!$ zrqh2J%Qqj}`P$O9vQD+nngEW54l~}I@`xus$1;wWE*AXha1$dy3e7`{h#H7XEPS6I zBjY9J*6VA`3iPo>mY)IcU6BkqJ*-7AfYg-uNHIGzc0L$zwm_yivL_{pW+v#NU_hynbN%6n`FZ~hF4CH>evuxtGU$y9Vr)J|gep7$ZBFd?`8^mjt^%O$*8{pMeC zTv{`nQn!V~5<_FIPgiyL%7kBh0$!C=Zf+j!YfGK#&X@0S6lMsW#?f^E_eliYxsLoPFw=HC(JRCpy^s2 zUbO#mc80ZV{NNghl#%F^`GM#Z^KHo`mxFO}aV#KMjsTrewc#w#^FjzCSmq`J3EVOf zdKNuUb`hm;leH|KlQ8-6)Tg7gc3s0yct;yg1R>gq?9ryXfN0Z+?A4=tcjDzaRFtCW z!o_MWF8M=FISft@NKv%;wWN0?lCUV#Z^BRYI)@LH1avr{#_wl3HSN%jJrALX#2EPkQ z(b?SvZw25F(;8+*SPn|(DR6pH?tF?O?J1a{v;p zx!TWIill)g86tcy_ZqU@)m1HNwU96q7fprK&6sC3Z8KDrZM}?A6l##25C*40Rbze; z3#bqagjjVbiPJoY?E-a1r+(~*kCxI2D<7#|Ldp!dLm;}YYM{8fOk#oacYGCj> zm{zqmJTw%kzsZ@;v$lHa;*my$um;b9}=i_716mhW=#h672-@H8V<=N_1kc|*L%c)A#|OTa%7Z=KIv)t{bNrVM5_W+p0n3*B z-p%6-+3tLN!v*J?KI^1DHW~0<3^t_fDc_sO3Q-{-`pZ}U2YYWGPG#HujYpJdK$$Ap zMCKt769Pjh} z=Xbovd%W*I&;7LReO~9a&b8LL#?R_TwG`S$jmoXbHp2E4J9~Q$`yOef+rd%bfs$vb zy#Kwu%_QoWh=eFkq&&N??}Cz|Vn}o};~js0VdHX17SCt(dn%@~kCx+;*C)1l-Gn{v ze|~*C^IF820_IQQ)2jy&L}!X!u%dQI!WGgCP&TxRzBSE4lql;ShNB76tI-so13IW%8jJc z>+Mee){_^ZgER92CY1&E)T&GP;!=|kLQZTyB~13Mdwu#oJEz14AI*6{|EJ5t5<6(X zy7=#HEZ{_fFAjYh2fLsK{7R2>hF;;rQw!Jq6cx9sS*-3>n(Dj28Gr;TPydn4XYT|P zJE2E|P*imMPEgRVxn(Y9GH*ho%87O8jGqWSjAaj@zKD-brF}3S>h!mzPTeFzSnW>G zox>7o{yXH9D>$mT+^mMr8W#|o!FOyEC%TjrzNnv4OL7mKW z{WUW3Q0h@C+=@c5!~);;KNmg!>W?agt`@5AJ2PI6g*7jv9C^_EfVf+K5Ifx{N#T?1 zbt{dfL7#8IenM9GdFGv;c7SN{yYEV&a<|Z+r{h+bG#uEqBNZ^3RK|j!ida-4d1_!; z@(-%XpYyf_OP^5K5!{3th7oMN+hQeQPVF=vurcnnvkr<%uNfZx1%sT zw)ea^9VR|7yf&AmuoDNS!N{ z1bWpPXO>3%{_ZSoK+uLq-ygPHXn0L+Rn$cXD#vM5Qh}-HN=!v9I5Vk*L zGgGU7$xPZ+Og=IA(X7DqL;M4^BEUf@?wdM_<6u3SzVz-m=?hveCVBECXi&#;HE&s? zLoZlR+!i?u$tV!We%49>ZUw&GHznDHJfXAG{KdToE-=O3H}?7^eT{_&SIKU$nmBRd z_0F?}P`A5qJ|hCJu1ul4aKs-4 z$3WZn|E(@T>64H`-#dqKqcMN!Oh1{!QSRD1cB6OrQ=M<>lU$B^O>K(+BDd&<{6rb2 z9NgeJ8+o*08gZ6yW4-0Fp1qj~Xjjp(@xYo#5vVyW94_)8lA-8&uk@#53xEqlIjF{B@sBXa|vd7?XT@7f7@ zwSex6Ex!@Co^6Ajkn-fad{t}e#w`O-lau^lZhGVn>#Yt3M{fNOw-7*9U_WWrRdTt2 z&HX-L4_I1$o3_>sZ$FJoJzWS%C2EU|oxarn^s~I~!)87{pRY$1F>*vix;G8{AyYY} zs$5UpXFR%!IaTZ?DOKZqX3u089#k57h^O0;e6KZ&TbuSA4e$vSFd=;i7YcKD3Z^UK zefYUr&?_Ep62LtjKjC8QZrRNYxJkw5<6_VTZVeoSWM+`2uix26Z&y_$4LPzrr2G)n&?^oiV#%ivM1wuC+>hlTI{4;S`6iC{zVpr-Ku8XM{_zrI%= zcGV#uwHsBt2vt16jak%8-bwliSy=vmxbXi2odQ-u(X9Ue0-ZVmA;q49pV0Kge?hZ4 z&R#i2lZTp;z0z>rGdW@+e*sAB157fT&B2*S>|q@cC>Oa$Hnj4ua^pDkXRdY=_wvKS zSI}1Y|FZCY+TNMlx~S0oM&53ZWkU5OqS$tjNGm?`R?r6S+fc>O0bXVCwZWLE383ds&0-GANx=MZpUZax6kDYeM0! zIK_1;Sa=Bwir&MBaGMFWIX z?Tp^){RKHlhN%>6-dy=rlWdu`ci?soDv7^gPDCxLH{P7oUYjZucWnw*04Y1S3tc$~ z(My*G_5PDWXvApz?|WT9 z9F=lND6`4t*BwQ#`QI+jy~1-FZ4)7`2c#JsyoJx7swoGC2c92NSqMCmci9qXM~3^c zZcre`xmvck^eg)`TtV0z&=B^Q zk#x-ao|@8CapEx*{eut4jZi3 zFa_#fpFJBklmZ(%Sl5vB*M@YxiD@avnftRaBQ&!KK!DC2Yj5lIAH~3f@_KyO7Y9PZ zZOL26*U=<~7t)NrU+)?{+Mtav=Q2gQ7EVRSd{E(o#Y5zfJWD<^k?j|(+{RsVg=Eto zbFp_KIr|)?IF3MbK1#Lt{D*qK z%N-dKQa9>_${zBgBgZjy9b*Lk(w(!_ElF2554srawrqRsZQM9XO}dJsC>x=N){%kW zV*Qy>%X?Ma7di6nzCw`h8M9rltq1ndj-f+JGuKY1Y7M_8nSS|_qEj2Tk{e-WxOR}( zX+$V?Zj>J^_7t9Ry3L;-hsW*R6YNuTX0RodJQ1&PWbl;@eEV7!*D&fjJO{VU`B)P9 zMq8uP0BhJX)9?S5Bq1=fK1EGA?o%p9$4r;oO1|W8Slh4Y(4fj8SWzbrGr7^8_Vyy1 zp!Dy5nL51WVL^EIqD>;TL8||_QZC(C4tI}2c@4jW)P9fK5wUooXgLT-R1` ze(ZBdL%F5C;h?9B!kyr|+Xjz21bHDgS2m9O+doQpBd5?p49s{`WmB@kBWxut>F~3W z@VTDs9d!nRqt4IwcSwrzoj*(gKK^Zge@Y!)x_QIl z8wv=_?us8)S))%Sft1J1j$9+x^H7MeSw=Kol(ew?41braUDcQH(0I0`#_x=O7EGrm zP6iK2yfcA}UNl{jAiBg}pm=-w?m{$Zsmj?)`G8ngS3MbQp_qE;G}f%7`7rA)Z(aIj z-H8C@s&irByq^^OL9@CtmfXNQocFeWP*5a9BQ;mfip5S?@F7^W*U@_0d?dK^WVq%B zdQ!J3uHVvx@t8ORgY27WH>zYw({JN_PAt)I@d`%u4?8Ir896^Rs%|MW6!CmW6rnh! ziuF~$`sk5(pnpI>cxT0Omq_%41r%Q|r^EgGM+8hRgP2=)1b3m*NJC>AcN=Glhlc;Y z{o?F^KNJ>A*b_P@vE zo)EjZAo1Ayynyc0{NTjR{08qAtM60AYuj5%QY&S5Dkw5a1<-`1xVar26JR4O#xnnv z5ZmzOx$5M&Z9kzP&opb(W+Y$}N&`3<;&f+?^m$;4b_7&kQjUd9IO_cO#jbC`K^5kF zMI>Os?vq(vjAr*c@7B*Rar(HV&D@TcjUhb?HOAj(lrvvOpdzU#fvSyVq(faU})_&8~ zT;?12tE{|A4f^%-@WFm9D|$5WPlnVu7O_epztw@%bHTZ`Xc2U$0Rihc8b+buWf4dem-F(drE}>Zbpuw}S2NywPa@&+ zQyMC`nyA17*2}-BipD5~Vn7mWDXZ3z#YL!mVE)4PWP<}dA#4QU$x#yEQwPNR}gpco8@A>uz4dUKvVR1TnzfriSw zy)^<{Tp^H)Q+YPpouV?(ApLf-bgVqwv0~}a$t}Bn4T^Cd5fBuN>M9&~BgpF+>N88m zbo5d>l!YlNDcynk@{(=ROFu+3E5=!DtLfBCOz+YoL^NrNMn|BT2*Y;6>3jy!-I>z^ z3a7RfqglHKQrrvB^8Dc+Uluo)I9d;WD!YHd+`Oc&$n>Q=llY}*$=Tk`cGr5!O$EoC z2aGXL3KzK`zdi5j4;VD8T%jTuj(}xsF|xm_KIt}EJkWnrF5tq?frPoK*xh@1qaK~F zsjZcAQH(2b>>Di|g)!yK0w11U4tKIBKL`oV_U*f5CIq_*%mV78rQdSW(_JqYbzxfWjwR(SysZkpbYq=kfSfS zyl_n_>iqpr@z77 zg2HFeBN8ahk)o=TJu8=#l#C!`;L_CMD&|JJ3KiP(dN5me9tdfNcI%&>ZP<|!$jHTr zPhUowKqSS6wk>53brhDj<)lpjuH3ZKfT0thKsdbXz#IiuyLZHr&8k68&KGG4EoR9Q z2*D+G=T$88=yi3?>p9MI3kc-CUpngAu;2M-b<~CB=fwse24X!${mfF~)-yGyMsI<3 zszWgG`#ze8Uet4utP8ktGc>63F`FywujaUj*Z#OR8j4oQpy&r zIAf4l`RvoR(&dGK-JC@gM%tJst}`~y4t*77aO{w1WP|q1=2UwNyU5Tu9Yjs`e8h<4o>?egmfx30le=LpVt18)MQ^62xgJCXJYxi}#ghdxE- zr|IE*j~+d8;T|d}f@`8~Y36Q7x%PtuHE~YFNPfME z+4C!r0){2uH!1jv4LQ8sam*l3eG)%CH#g8P?DmR6Y%)*;P+(j+4j6{K1pE^&{JC7%BP4!sXB0QMN(5>5=fl=^Pg)U42&C9U}Xmzi3 zEi|`0)>x^Yqv`9uBrwPcBLB|2x9DnP?H9rF5MQcq!+X<@st3B@po@}IovHgB$XB%bWL{hsAT^j&yCxr+yKTYO!gS72B7kq}+5R26jKINAm!BK<|_5mB{BJ z=S!rQ!V(e$8H}6NU1mnLKf9kKF3#_>d1v~X&|%clxRq9s-?-esINYg@|Cq{3oq&Dg zK<|s2&121VR@+nXAy3ZNs4=&*v$Gc^xc|9RKLS=QKOj9RR-CV!*6bL|kbZsFU1zH) z&xO5`7jA!aZS1D|#F}~|f@$pe!7F8Rw*YwOqG2IzoMBD9@-x`; z&COklR}RRNay#l@esz1{!k1Uu=x#JTOFJEYtjA47dT#dMj7wV)uTJ(mNB7?4g+6F4 z-#NNVx{MXW1}-;>Te`^`3&9amx;~`LYxSO~JVE*bOhg*_Vr6QOin}=;nx!T$WZmz^ zQ)aY^x(zu5%@>hoY-Mr7HjIAgC_5`X*QezS-Fru?XOL)R?i_42s=OE1L`K2h?VicyzZqJ3EVCESVq5y6~p=#e7{`nd=}i zD>pKdU;jq*u&%l3|-_T;XB2aQT@| zv~fSoiHQV!5hWZhry|kt{TR-jHoF8nG{0}l@XYDcvEx-e@guIkR>DOZj=yyOk`8~m z=Y5m?Yv=iHZ^HZ1uQe4I7LTb=hmrT%P;ds#nh&k)>1;AWRNVj2r~5OMoqtk)DBG}G z?Yl<*LoLnf8_B8qO=5Y*2LuG?V_p zH0az@6RYlCWvCU;f!M5`(?^_}Rp`FyA{;gM?Y>PI+@HoH@o>-2cO(ZB$13uoWig=EHY&Jlj=l->MO{;l%nR=U$eb+zSc|`%8we zr2k~bJ^Sc#-@`au+%Q#5s8~8!>Q@op+_!x*65yi-OzQ*BruA&r?p83YbD9?2Y&O2* z*c;IfgAtpf*6o*^Et}bYx;+b@f9Nt0=`s^p5;^*6w|eWy-7PqtK4QZs9<3gi7O4g> zW-jzTI01JS(!LqVHzzNB-7|54`Luk8R-5?Jjub*+<^VZEtRMnf(2=0&7-tH|zfgGX zd|74lT6)m}r5l+fsHM(bYX>8wOAzIz~x5w(5yq&Y?DJk#{6-Lwo0oSC;y z`gOA--jc*vk>OT};f^aI48|@>6;#7eCmQbEVW8C?Kl|&$*eP-e&YACtH+kti>W%ZU z((~WXFEs|ptkf^XTJsM*?x2e@&V88y-O_IW^kH;oLaUo#c}jvuRNLm69!~IN=F1cz zT4wjMmle6RfMQXPFLmLT7h2SlKBZ0vd&aV@91v@k3TnbyeO?#~5U-uiQ#cR`9jdjN zZCPf`DYZ#ABPgU0NzFdLo#8N+ z6`IB+FV7Cd+@hFe10@_le|g>U&V(q_Ib$@$K*30lK(1|>;UxH9VAN((E%O94!IRC8 zEw$V!x!(obeS&Us2wx~#Sy?^l&bT@`G2wVoyTxK=wA;mKC?$A6p)6d1R~w)_x3Hf);V_q0$qpUHvx2kgXnJ#L2yaf zR5Kc#oMNKmZMy}RtD(G9w!?XOQP$vyzg1`w2(d|Hv>@1MAD>If4O)cDp1I3@} zWJ2*a@)5iZ(c#zG@b!P0vIvyNdR8AUU-v@(~h1LbIgE?L?8XU8@PHjL!!hNXQ}9o?9cH_ibQa zIiI)_=#QMT-ztCunWiXq(HMZdTi_fN9TA}2w)8p+g*28&R z$Wp8gm9f~Tdp60Mg}2F37q`jEF!@G9|Nwh;Mm%q__Z8ul=Gca9S!4I zyAG^oIL09>(BFNVeobR+A{7Ny`sm~umy?ifM^L|cx|hoKT#4o}bM-tTdF}L$^UZ3J zvqx{TKW)l5F&M12`fVOy|3~YSHUBMKTep!Ngq4cV_nTZYG;9&@FHu~~mXJqFg zi!D!#e}ha@vxb~wSij!Lkp9GUOe3m1chXWE3BhqD`+G2R_WK?4J;h&Q!>e@s^8qzw z-&0XAnys=HBwQ_5+8UL;8%PRgzk&;@$@a5SD}qbJr2W_`kTAO3kfp6^bxdh!Zm8#d zzo&gNVdSjN*U3kB)xv#tD~zjg=Mj$}1P%nsFg;5`3vs=$ZSbTY0HU%+{+FcQWH`AB z>9n4GW_`(3Ty)CX%Y6;Q=lZTLNoV-%9zEI`DZfhTPoP+y?`v8&sU9E`T(6;V5=5za zLWWA)_;Z0@|HZ38iI2dUYpvySlqJ65gjOHgQmNWDclrE_NIHlSl#8&}srA89-g^-< z8?%0>x5yWFq)>V~D=R;(7nW3uQ_)$>$q5~vmt^s`ZZf8okhySOb?+)u;gL@9(X|)) z4~lI6YO`>BsT^f_#cATC)84Smp(V}o*dV(dv~jJctm4EqK>~!12;5yI%ijw1KU{@K zhhuHLpl=*x3%G8#xv^uUU9TYRXx_E>P{kl4YrWP?T~sjFreJRTz)9}5!H-%2dBS>sd8 zb)eOY!W480T;(s)#GNTXBD{9GyqW@yVwZj5-v`XDxK;YrPNh!_Qjc~v?R51f8P%NVBUr8hntY;vE#@_B5rS4e;p&_ zzGYkg_bqa_ohhf-SF%pvuGv0GJlragg758{%UCqxrjysU(J~x3JT0M&OUStO`r#^k z*+0u={$(pb*lU>#=UWjN7RGPCs57xW#Z8PkbxWZ2)eQD)9@a{((9+Ry zkdu=mIE6C@iJ9ONz%cWy9}m;h6=mwSA{M|6czL?aSNqWm|377$flHKrxp5mTNB0bm zyX6rC(~?`g?iea48@#Ue2p$=EfyDB71u6`bl~v3>SNYoYdy(Lbj06(g<};9d+=@Lw zU-hlTxj${q&{A-EcKO3mh}h4t13n};_5IBrOAh;_fnr`UAma4~%-_(dg=e6Bn7G&R zT;v)(y||Hvd7}L@#TPTrl$@8M!R zFoFW}5q)OKk@>0kyabFa<#v zNvA+4^6qwpeZXOubHH3Q$rdJS+*WxMK6uK_fh2-|e0( z*{-^#FZ&Y?eWy%ulVYZ$OJKXx9Z%?#Pn$my-}IWt?fqlR@SUm1h#1&_F+0Dgwx1SE zvPggTmciJA+x6O5B+2G2-}5|Yx}6H_+IZZxdmzHj!7Fig-uPM!3`Rs|`a zN0alNU=zhY~B6gw=eF{ zHqM}s@9&vz)%<+&86r-|L>%aZfABIT2hd`GKc*#8pes0~l$W1BqNC^fNnv5(sg5=U za=hT_d+f({>^p??-(D$S((zdQsZcx_B*A|8a8rlnJH(NoxDN`bGo1;YJ)MsX_r9!B zSA{B|UMezL#laBsnHk*F@NsUL=e5Iq1|8FLcH%t0?Sl9a!?uBY4$$G}wlMMxmuDnp z3HWyPZZn2VkjTe9voQpCSi1g{aviAF*_>A_pOlm|l?)Mf>S?tM>)i79Wy^O2%ema4 ztADq+!?=|!5@g5VfJUKV76vHMq~U{KQ0BVMA8VQ7TzQ$^eKyfyv{lKtdIsRtYC~90IwTM;{sOtPAAeu~ zGhZN3HE_Thf>aX?^)X1~SSd&U$<&>U!;R9sFK_L1G#+FafAt*^F$!-W8imFn?H_T2 z0iQs$my`{5Yl_Poi{R5_{A^R=o|euiD3jSD%sf+g*pf5AV{+_CRSh@s~q zEA*X*0n!;0Q`k{pXY4Cb@@(>rm20f+bs0Xmq@_%cc0lJ<2L%UV7C*j$0t7Wpo7KUPH-22g_$`aC}=ebdXnw z2K_^1_ccM5y{hdE>jS%Yzz6?Wy;39u85Q{PpaMIqw9(!p7pXH@f6r;JBqPnm zW~LOKK{DHjDEs)3L8vnniYbgT+-Sv;oDHd&jaDa0G>CE9b-Ybv}D@dyEy~| z)F3zO?%_$ehjcWj_O8h`wsHa#Poy9#6>7Xz@%Fj|<1H;ScBZxp^1y^a4)H_s39&pf zF8EVRpKp5AlD8f;d}674#-c03@oRoijR^%APY5+j-b!~av^1;90lM1Khy$L$vT~Tz z8~-5U^Li4|1s>L(#kAgi#U}7TO;Ot;ir|t!piIYW^i$@vo@$esJW&})$|LFS^pmHS zmv3j?RM_sX{lr3XUo*ZfC!ifww=!i}H_po+s(aEBTe-QX70M)djvm!X2*mZwOcx4r zsz+wmhdm}-80_M1>8Pc1Wa7IlA}v#|9OgnvPCU!NxV8Dfdt~gDpAGfp@vO zmz}SDJ8iU=#hX6LRQ#s?xteK5PkH^QGTnBwkFm>=%FOLcE_dBTZ+~`Goov^SIE5B+rVAEL<(SkBIhqeBb14OI1|G*_gGs zD8|%(@0d5fi1!U5L93M!AQ)gEYHr;iJNlI((FIeo(a*ncKX?jccC?u#bM;FucbDnC@mxIe z3Fuy(LHz5_?lVV?S>z>5sgK7RvnMP$-MsYP8N;6Z#HtxP|LfvG$8cKNW|=rP6AqFN zM|Vr^+U9VlOuY<;demE^_-8>Ca)wz{mp(aTrH!9z+6C>|;>gYYWOskIO-`y=_?8nR zQ4Q4jnVZIf3#|I1kFEKT)Ef#i(TK!R>NCYxqtcx|^f5$`nTf)X)Oj++wD!9Q-b+pzrcu+MU^uAKV4hk~V2VtNBe+;Vv2I(5-pLit7vU70 z8eT1$NBMYE&_Y%>h!RYY1Uy_LI>IHr+r4ij(dreN1!vcNI#~K^V6VQz*ISM$?(!uL z7efV}(0E*4;x2wT8;n`MH#WijAiMje0s=E-}&Hj(?3+>kID#V}}Kj~#% zvxxmlQv(I{nq}f<%2vt+=lRc|{ZqXTpcB%@Hnp#-380QNM49Ja$(`Ry^`ovf92$@w zV;AZjEE7V%ne2!}0UI%YJO0Q{)(90uKWlClSw0jdL~Q!tRgEef8+h8$^}}7I<4sT& zyUrYO%=Y39#EqR92DSBQC*OLnWv?f2z>mLLBCwTPVIh|Mi$jVeRa^>@adPMrj6fWo z(>5V5kCKKOT7JCul#+N4ky9jhq9OiGq;2q?kB)8lBK(8}WZ$haDI=MTB6+{I4LzF6 zn}uSjei5eiW;EaiuW)!=tbu#GQQRieJ+7z*#8!g&O*qDi^m%Py8t7^Ht)H7chdW9) z3s7J%Y(APBYEMWG!n?{7Rzp*$*ihVlQ}Uy%K)`y}>Pu9>#@4&|Hj&E176O%o^#?x3gT>|`_0eu8b+SuZe35zWaz!Hr*!=kF^uqo z7aA$M{`x_V*T7)pXLMHlSiJlEj?UwD6_mw%sDJFj896!Z29sIgD#8W0%6meq&}Kk z5-+abO}$aTO~#ibQS%!))N8xPpFhki5mL^H!4hpEETojZg#6vt8SXdAK2^(F$Kom@ zL>pCJWR%00&Etem$bd*7T5kQA{^P5KdzBF6jmXZkpZ0DTVkOHk~J*vNX!~l-r zbC~)5^|c@~5a*R=O3;U`4-((_EbhSsPV5efNA@gHBP0E;mN){Wq8 z{1^e;w16`8zrAeaPZXut2k?D-r^;)u6Yvt0Y=_p-3@QGjexoBds0h@xA8X^*!fAyq z>Ayz2l7ac@(cX?pNgpgb5S}fuA$pzB$JA%o}KQf)f#JebH$RF(-b0z+|{FP3d(c{-D( z7*t8B(oL+I8Bj%w6#|LBk)ed*_IceQHy1FX`x&ko;oMr9x+T^*=}uepy$G@@8hP$r zq};qClooFzgot|6=1?$rjn%GNpjZT)6seULk-Oa`V`WsfSs+_y`nm>Ufe@F@yZfo#l?F0%^dfU-<22uO1_&6Va~p zsWRwV7f8*^a~tKVpSU0TaD+Za4a#xAJG!*fPc>YK$m(kzgTC)+c;8Dn#YohX#&eqZ zVuw2AxrKY{cXP8ruG^sEw(hQ}Ap&;>ckQi&9gjaFVj=)yLVZzJGT5sJPS&I4CuaR1 zd|*vBvc~+ihhU4y;2=28It}<(AFp@~j&Z=-N4w;N198xa7u4U?0>nR&AvmdhiJ9}56}ZB&afO4z2o8AhGdHs>9K%kGM-+d8UHWj)Z=Ja?x( zdMr0!1v;`*CAZVz`f8IFF-!>b@AJd*gv~cF-xnel13W9bYeS&K51dl_I&}~B@`qTp zK6v{0QZv@Wp!77cF1W;1DKCL9=iZT4WA%)1t`U*um7}r^p|W6pKU)|ENmu%CUW-He zsLt|n+f(i4Bau~KaCuKYGvkcz?C+|a^p_?#xh16h_9m7X`r&X=z@b2YE}5IC%}7C} z1SC)laaeB<)2=*=(dK1UyJgsVQhLGiysvG>${?rW3C#?*@ue%x5A{wKr|527T1sB2 z%f8T)C^d&%RFw-URQ)oi?voX+BP4Bu@wR8!Zlc;f0^fE+XLmI_VC z89u#M3lO8*kKqX$3&=#GP{IpU8OgNrVoxTr(P?4%h%dclMf6`gcyCI8=HYHDavGp- z&a^z~?A|22lufxQS0XLzdHHvXF3;mV%!*PA4aab!F^bNC4mDa-GMW)(R4*1dTaO1n(ex^K zjt9N*xO1`FOUEzh&5r1IJ)ZQ6oe6#lu@-)+3d6LhA#ql1Lku0{gq(~$?(yjr%SA3d zeQ9xklslo8Z^?@?zSUwZ(e3KWq_MHRuLcNAn2w-Q>&m^6m)p1twO_?gvIZ7d80w*b zX}uS~p5)X`c=G4GAUBga-~ZhDoU4?F(%9Gqryml0KFEHY)*DoW}~k#Z^>b@^1K zb!S=fZ2ib{u~ri|Sa_dX5GQ%c3tbiUvEMoy`H%HwQg%L+nZ)QM%(}<50UY5?lE+f3f(7^z~O|?7Eog#q2Sj*bv+c z?fziOWVMS|17n*Li(kDyRretwJ0$j?ujm9g0-@a}_Z32sPE0E8ulrj~|6)KAvSq-! zsijnIIC%24C>xixgzR%VuF?~0FAnv_dtV6&K|w!8x80i;D^RD26nDnyyN9OF8UnGz3FO(l{eO{e!^tGlmunWir)D zb2#XuycZdxPBPNTU%G`xY`|m(7TO>)V2uXTt!MR>9V_GYXyd<#ZzGwaDD80$8Q+m0P)p=kt;$gIkV>lF& z0M3B{2WYFOK6!BCZ)~8)RtCXNuVwRC|5@Jq_O|E|2Ljc(sXz`Ik;B5{?z+>$&4EWL zqGjQw_n76^vr{DVY4IFF6P+09b8ukPn_Hy*Xy;B{Y}~E)u3QyWq|+UC6G)T@Z1nCP zm8>ZI=dsT^hbN!7#|BZ(*qA*3-O}RFFbVRIAv2p_^XE;AO!UFh=~FUF+J3IvwP!ItbMeq||2? zCl84^q~yOo&}x|xA1Az-k>hyqy`P3S-S{@8dubh14WxtQ-a-(M@!j^m>LsTw=>k8k(+lQ4D{98x+jP;fx~<-(5_1T z&QiM~#;oGr7JE4#&A(l138aoP<6buTA8VbBO{0aIyD&B=bNlWL4P|mo#8BS@%mIZL zW^F`Yk54|DiO0-043-#1N*148t6vLLsj_Kwb90Nt2W9%J8ul{`IjI!i;0h-MT4Ja} zfQ_(jPu-)1h)+|^OxI=i1o(}VwCvq~+z+op@=S3Kv-TFvhTJ__3K&~B@5&t`?VC*r z-8@8>b^89Z;iP68UYf%!qD3=^cMp|3c#ja~z&_Sw@XgWn1#bPGAZ~=(!cPkwY;z9>|k8DqGbO`MMvvo0mLp zR6MyIsz>3#&0Z$WKLRsa=G}D|_VH)8l})gjAOV?xKP6>wgN_FbnFKVmkbc|UJMhs> zblXfIMe?5n)}I*DHHfzsoTSrR3#pts^`PjnYQZ&T0<-I`y7-$47se7L?}TwF1qMgl z_(H3c6~#9=ZLQMsxFoErsQgvU>r)rvkqUtqNReu8TARzkzykg1Xu)-}Mh}!$J#O2# zH6<5G^M;oz(y`06Z|3rX10$56$!0u#tCb4TT=owCV-pmY!7ELHS2@J5%J@)@k#5U{ zTPS-||1-Ca*+Y8&+Wrv0@gPPTZe1KIm;1V;s;m(5A->lM4vVF9VTjd zIoY_wsE#E20XO?buZJR|l6beYFRka=8}FBMBzIdL*n~M;>A;IWvDvR7BMEuhP#R2# zf1oS70!N^KiuCz)v-Y1w&D1z>AKjmv3)mAu*kTsD5e|pUdmQ-Lw?m>inMPi&gfwtH zaA|@xHI(AR9RF}B_6=F9sJn4)=l=29bmDG2XR6v*bJ*~Ltd5wtJitT1&3je!e4dY{ zc{Zi}x-x|vfj2>$x90iUoz6$;o-Uv5}x^$ z&6|asiz@4bDo))^{qq(8wL!S0#JDGVy4tGtQ~3FON0Yb0%~~ldOw5~yebQ)ddwEeN zO0J}HcS=RGh4@#>Q~eC_(PZ875UGM$^{?T7T37O}6MD86(5!wWi`fXGbE|)4yYHq1 zft!cMiB&7g9-2z;=Cd-AQ+$pyxtIp$2UcSsk=jccYj6S&81t`Qy}CW$L;Q??a6aaz zGbuO36jsD&q$sn0&b9hz}+@eyn#XNtL5p&_!orF4ScO3SfXt8gs^rM*FtMp#CljL8mVen6g_tf zHsIAyX26*Q37Px%dByy8D#1)Ac1{jG8_*2MQ9W=WnI2oXDJF(XyLOpbo`aoT(amkK zM@^;cEv$Zkjw7%@fmv@IX3EPEbWyez?q0AqrVn>%Pmkd^A7#%%Uju5FmR2 zDx9*MTMCJn2hjsG&Ai|@6=mf<4V&Cor{t7idRFr3Gf4fXiIex`56_0P7Fs<6LtHc(Q}(FN=$5Sr|B>uuG`l zAZ8DubFsE$JNF;Q6e|S1X_~Oh&`JxE=19#Q)q;(jf3^z(LcGe1X5H@(+pn|JMr0tN zyV(BWc|0b9ngzCTkMb}Q=mkv!$^PHP2{5lKj6lGDHpC?|iQ1KcZP*|k61pv!wCStf z`jTX%2pK+x99U)0W!iBV4CU`X<;ky(`JG4mA^2c(#!J7{$0?__;)dRr|E|Yq8jHYr z{+MD7DKHY8KpKO3YdoOFQ^^-Dc-8yc(4io z3XRr7->6xTxDXQNt)wT7_r}BI$^Er;UwsJtJaufaP49c;Jg^lX{JC>%fI@eih5-}k ze|=l@#$3#LP7V7GIO&GGk^;h{sYofvRn5@WEM0ZuE(MHP2JL&h0w2x4%G0Rx^FeX> z2Gq17TDcI6qL>`EdL)EN5e$0sdMs0Q(I!*ERbKrKsTS(rj)Mp?6QLLBDA~Fvh6DM# zHfZce{PpZuMze=jLJS)yzrkaq06PQ!j%yH!0O!N_SVAh%Y`7Mp!X?l7)^k{uUx2gd z1u-oMXTge?wG}aL@Q2TZ<|+Toj+7bVAwpl>a61L!i0so$Xfy_h^c9}}I_KglT3W9h zrq#O@JbSmy7mx1Z`dW7f(M?yl{Z@eBB-4qXb;;F(WCruPSLF4Vyhj^h2;Qyr)mayY zNB383A1%#{GH#TcNQ4oB08MdC{c}sB^zLb@9ui%H&yMk6B0l=<&p=jW(SWD0`f+XU`r*WRQ=7!f^2j4D^QfVNRqH@91TH z1&8wOHY_Arjp#?{g zjdTg+xEwxZ z+vSzIJb>xI4R%c?G(U9Qw^Xq?_qj3*=;i&I;HlQ=`100WVF#E9I{sp7-;Z+lm%^S; zY5?hl_weDvfG;#mDZ^kIv+1UfK_#VkYbV2@x?L)slw7wd=>YcQ6W`3It6J$L&&(?R zB}&D>%x|gcClI-{rS#zmnYVF#nl6*uXvr+{T%fMa$gtxW1dPj`0uoiDj4_|O^fV!G z-!YvMhtVISF5l{%`VqJq){|T6+H?*3mrE$~Y)Y4QGA$)oq(D3KL^Xpk@%h|j|MG&o zB8&xcD8+8hxPPTw?&#%D**7zZ35mycHl>+m?mZSQP(GFVt(1dT1wnOzIS>UFjR!Or zh66>^qCQ+HJ&nV;Rowdd2SzAGR%4(pR<`NdmjFR!H@D~8%YMH00w|5E$sdn9L`(h} z3vJHoNJt|MfC}nRPbr>}4^P5}^D5Ll`C|bJq~?&Cn*{bP~e2ksSW8ZvU18cIhaAGhKWWRA@TEM8RkPApD-HGBU-3n>e3`^C_J9fBI> z&_?MMgIhhW!Lbg_N(DCE;xPySQ$z&E6?J!&y+edgKf)I(fZ85sTM* zWHa_s$}^g!cGsiGji3uRxXcvyu<4{3O(K!_=;UW6wUdTgxhZ7c?WTrymOU1eEUidQ9IuFG0vbg0dA|2+hUcVk1yL(_VdlAN2jt6?>ovEuI4}%NHN%*c3owue{>y6#|JC@V~jwRpR(4&Qr?{y+BKJD%!4d>Ag#AgRpAD3wh@ z>R6|RRQ8@lk)6HiR8n^3P-K+7vo|f2y+>A&Jx=DaJ=aH$e1G@-dhYxA|M|!3IOp?u zk88cJ{f-ZYGx`_i(fubGAQ+zljf`eDiVcokb1-#Y+_o z&KKsZUF_&3*L1=oobRkUj&@8FuZhizM*m`~%RzMY`AN=r>G0}{dw3R4(_Pn^(|9cj3PbdcD0w_ZY6cHeoZw;zxb zefNc0sI*X3PA4(`(cbyAD73f`$$g|P0#o&DjM6O|4i1hNo6U%t2~8>9mrC5}zv{HH zMqzt9=Fur?mfj0@r9CMv(pZdICdSuVMU_oGWI)6-!YG!<)g7q?}vEUDCa z?6LSu>fBJLQF%^q)gPCI2`ty%gMmd;g-X1Ie?Fsg57dWBfAocF6gjB^nWQvan3#e0 zbI#*SiC~A9?yUhlZJyqU4F69bm^?Iu2kV;^N_E?ZP10qh66G%Rou02?u&nB8j{7df z%-a-y74D--+w(YtP3|SvUTu!yaF;ak!RSX6)WHc3`{!{UZzAHMJwerY`nbDg(Y$KG z@0ULFiH!69G1CKj4VV|{Y=AB`&y$b>j5I_WQxYD7Vg#-|`*gU(oNZ~TClX$X01HO5 zZtysCyNA7no6&c#-EE&$z@kb> zUJZ(NHc|tgwflgFJH@{j;Y#A=l)|0I5(`VXzA4NX4=i*IrexIxNvtnkVPd?f2>q=1 zW`}F-BJZy(4#?T6$I9+Xyaw*ozI&N%6}utQ%DJ8b((q8s%6aYcG)IL-RC+dUgBY-#{6 z-PaG+mn77)r7Qdy*({62ubmSR=;50Yv3YLK-mCJ6z(R zq&_Pom#)TIpDX4yxAMNF((a^;r>5lRl-q?Hf4(R>jr{Vu2R($AQF$(20fEqErV3gU zaLY-o`A&2eNkuRS*D+fAGH(>W?Z}9Zc=TfPf?-~0T46ihR_jI*Zo1yC>rirtAM|&I z^A@XJB1y`DLic}uq_152<;8q=qQfW_S}9t*M|zfclJz0&R}%Nowo9dEf%(zmOtgex zHtPP&?~u*zInWpC>xj0pdR$uitf)q8T7r^4h&F4z^n{_*g_(Kb?kG9uTTYWgB~)tA zWD6Q#ou<{B(2a0T#};zp!jCoE9aip<@{0^}QE%^=FZlD`ClNjZ;$xk7d3wHrJ<4z-HodWorqp~gin?_V(V zr$s%a_j%8~r)Jm2uhTrPS$3OxJa>Biv9ULK!z(>TeQW(cA5)k( zx$2X0;(LwyF03yO=tq{|-S=H1trK^s$>@x@j!_}))6O{|Z;VkEiuA9V+>dF|I{G=` z$D+t*&i#j3&=0{tA>My#H)IrSe!fP@ZqL%%Hn2?k#?0ABSxq#Juht5Rv^x2Qnhm}; z87GKItUq5|exv8ZXy0+dqHJv;fAQswEWGsE8qOnttaRgX{-j)9F0sfGv7(&Vnr%$O z8L_A4&_71q|K2@J%ec+Z-Cvi+O{4h@`g<(PHtr7&K+CY>sp+<)XG(-Q!xxO*df;~Q zPM6o3Ug8Dy% z?$!fr5kZ~`qhFQA$Gy4Ie5qz)Ua61%ZmMFk!-tfu3YD&u;K~C$Y*oy%8zp&kVj{gZ zMCare+&_HhyXpTtKq4aCdl`giPBx5I_$#E$*Y@*NcC)PCR8L`EcKA$xkXcXJ;!=Gk zULe)c?o41+`-5`+SED!hN;+mbO6T%R=jgsOc;LGxtT0@<#yagf9&Xz1ow3(k`qWQ& zu-(@}?Zzlin~UYj(W$KJ#7Y6wx4^H%#S%EC=@CuIf{uzK_C6+^>WE5`PiPAmzu^}9 zAgR0k(mv*+T_yOEP8V-~k@Y9}OBBNQ*n)JO2C)}@H+;#YJnPVHB_%r7@TJo@vKuSM zVplJQzZ*~~vNDmSAJ6EZZDGts7V};!Z}AsaEhXqgq?L^@v-{T<{2=}5#GG41mdD%E zJzVj{Hht4;bB=k>1LVw>))%_WnJbxGZidZjsIXv}@C)f4J&`2WMynin%}ErYY{_s8B)6&+YR`RpK~n>+xG&patpiJJkSLLgF2b&@vy=5$vrEo- zr}i_`^&;!X1}Y^Ed#sG>X;vWM{@rwAU?|M;dF^?IuDDvY($&EUF(oeD@PqR=od~%A z2V!P~w5@99=&I({le!I76hC0oX3L-$t_H`vAuT&x&R^-udr0)>L+gzT^yy!Tur$(> z4&Po(r|&xxB6kefdhX z_24bc*BXti{wqb3G#7n!ZQ5eEe}tOMBg_vncRmCr9iYZ=Aj!V4&%H)? zz41pa+jP2oP<+s_TnNo%`g6N1>tzLF9c~RWNXH)L6sxkBtrZT)DxI$lt{h+c`Pru* zY87pYFv@A`qizNamc>@R+2Ma-bFLs~Di2qhfh%3P8z6C$tw_9hWvW`pZSjRv|6Fs~ z@gny>kF6?>S$e9b{WzMCjW!7T-UNT{QZDB9kT6T<^oDx(^;t*g)LWUX zUbXMu#}pJkXR>Ayf6a&H8tPZ>`beYIFHebYKZY2j2QQ~lo0rR?=s5W1dn2A9LO^9^(%@Dv34Z8^vylR)opX zr}yuV;e1Cr1fa#xA7M9Sv0Ep1a8Qpu%G4fmCerHhigaIxl5riLadQxKWpi?OD!`C9=`x{L$XnL$oj+aCS9xh4Bb|%u zZ`MwcaQB(!4cgHXX)W^{mFs&FZO;vTi}v>?A*1>Foh_VB%PiwsOyGpS2+o(Wx9p19 zhfm9lX?lhHB#O|WHh@y@g7{Fq-eIMDavwm-Z@-D)?~Ji1t7GGSG14(D$LB z^gCMD!Y@ouUswuK%5-=EU9$vBr{~l21j7W472nz~heSh*JPn=@9v}5WGvn%E5nQ&? zb=eL(li7lTD?svxGICs$N=OtxC)npb*}E;LiIX(p3f0y@0Vfa^%E9OiqQsRmrF5go z(Q2oWV^S=9WT_*9IeoYE=*=O>-*FSTOK>phvsbW z6KY>SWmxz24av>X?B-`jSo>$H)75zcWlTi}eA5ksM^VFXabH*Z@TJ@=%S-hhN6MBa zEm_0cWZFYb(~e0UcV84?;&~l*yA-2r68Wf!>UEsb9W9Hcw&>a!ezRnEV_dAm``8a> zg*UW|euqEG#_DjbYyU2i$W9i8Q_|Q(Q4SMyHc8M$I{hE?Ij;lsueYA1MWA1RK)+5r zjSqG%v-bOQB4>PUTqF@zxYvoF3*kf-~ARC z+^lsk@@vxR@dpy+umPYcJR2Lr9S%Pmw4pr{bF26 zSHL9j?kT>2vFenq)EFs_cwMK!|@MYNeAV*EUCs&VO^WY8S&- zCWBY#8Mjs;cj+S5($GVEyrx;dn&-Ta9MhjS=gZRyWs z`urO9!p{%US+9~u*GnX(8y73X@!Sp@<{nE@tCP$QIa;31`(vIcOj_(AC+IkEy81pu zCmG5ZpMVvPIAiqpDjEyn`pilm(O`QSu|*tBlr#7C&6*NE68J(@6t9{VWAOo{In zF0BR2JYMK0bi?@T&;N@o)z&U7|#+rTZOa#?|uMkZVLxoK+74%#UutT%SbI_;P`KQuM1E z@v$iS`*yZB@d(g$Ns=xGq85HP4`2>#xI{Larq@1)vo9qmnH2h>PaN|o9aQ6Y^b_h| z_2CWZ>vPqLarlr^+O&r2G)%s*+M%RbTH>gnR4i^JtE&~ODkps)dWN%1^4}s%WPvek zPUo<|j%~xy{Cg6!z2}$`Y=0!Os-YMMPa=oT%zkAXmYnwu?q0`_Z8+b)yfC>Sdm%Mr zd2HHGp!D#{M2=DM(opx}XuZcViQ*xn#*X|CgX_^05@rP_raW$6o^bj0!ihSLW)H_5 zW!>2JXa7#NTcrDAOfpkwuE8W}M-baVDETZWVpC9Y%GY9A;sa3pQzaXpf=~15c2nI5 z;jQHgtm+Xo>j=CsCgAn;MdU@n2-oG##oz0Z{zIp4WTH*Sd4vPjC`1ZlH)3yul=qkW z%$`ikLCer#)jEZcy&z))jc0+N4&_PpL?FBhpJ&1tUchfy7GzdTr1+Vs0!!C0-^uVm z&FMHQ@gC;^yXiO4a^7WYvs3nR>N#pfnxqJks&ozS0Hq#)az!ZjGRzTl3qGGW*@H~* zo)}K`vG#OJTU?viP;F$NqED+DGZiIsv4HGyliC1R33|^YyN|#i!v7uo%$48_Nyrz`X znwr(f((`F9bG$rJI$mehRzO>^2puz?9@5~Fy)g7=@!M2UMO~4{Im4Q_IZZ3WeCmf2 z0~XRWFPu2-Ym#0izC(+X0O%|y=3o&m?l*jXNy&gfk(vV_rK}YtGO;lIT68d$TOPIi z=Sy$nsqlw|^9yB_$KoTXR;F@{QZ73BrPR*y-F)6$YH#oB@kgRFQq6wjR$ey^o9i!M zdsB@`gynjUnr6V1QNgr zk8&eDLQy9GHl!R+j1jY-=0Dbh#=HD4B_2iQ0}jI4THUfYy2H*Uef?Ot1IB~!E+=2q zC}P9CguP>x$!$)+-k0EWdER;xM`d}4ta$DsV@QJ39p&e@?QReV86EW$o)J>Mc>{S~ zjST3ekf;KNMz`-*)?~5U*h8t`cg25#-uI-R<}C!$(%0G%N%mI=Vd!ZOOSd{=cmiP4 zgH(s5u}WR)2(=wY%uQ3P0rK{WmE10vnYI9CesRf8YRAlg86j=$8>}!}0el{$5oX$i zcT^KmV$96r8|mK6+B09Oc5yzSX|+ZHl5XD-+Og|l*fpweSFjuaUmpa4cVZ$REKE57 zeR{9rb<46V{=Ob!XWu!q^hJy!M#i)ajiid}^P7SH7^EB+gfs2bnX3r?r~!YLlQoDa z4nLC6f=;6EJFP+~ZPAHq}I2 zkj$l)m0S-w*U{ewB3e&h_VM|0Ud-727w`xMTC(9xi>o%Zg1On#;d61XBm&FW{mNHZ zT7PhchmO@ePh^X)`BvCvJJ)b1goW%q;NlBDWJU6hazVM@4qPk%738QXae;_K?~ocJ ziWn2J7?jWaO3|5nIulvd9d-69)OfP!r1v+^T>pp4en20!-bu<+@cKMh8%go1hBDh| z(a>-^5Y3s)WO(J@8=>$KlqsYeqO7_y2}HEf66iP$9xpP-asJNrG=xRMPC(xO`1Qr1uag86HEifG1>E zs1`CplsWjM!Y{#smVv5UWqUjoa+Gdx0h4SIkGwG;O(yx-67sM&Y(_;}R0-J(8;l?R zF*!=hQ-NCfpwf;v9>W{-+)1Yqk)8}s>72HNa<=`psen4uH6Q-Mvq^N`%iGd{1$|qE z2=W&mBQtsdGC2Yyd?U8z6}+MXyGeR<^36&3 zSq46H?lyT-NF|9q@Z;^BMt<@WC*+-_I^6yslfQehGBcl zz^Wj2?Ly`EA)5-M1citUS)3e>j8F`A( zED2&EN9~`yd5KPCN$A{_9dGc$8}p=EP&P|k#SUO(&3%U~?h>*%PDuu(Ba$liZZ-ad z4L?Mez*u9kO>Mv)m~-&C>Y*8=eC}6{0@xAx%q#>wQNU_32>b(*yd{j~oSZ+89Fb4p z^U?mXP#BMz8>X)5-yhAH#cK!}&eoa}=tw0X)W_WRsY5ahu{Z2MlgS3!b2T-!6ThV)5kq@Ox13rd$YPoZ~#@o8*gn zO|k_i1YqW{_lbiDHrYcTqQ`iupv$t@)Jl7qKJ>}%{2o8&^8JYJ`kfi zuQ7>Z;W~wm(gXzSXkEOc+`h~ZPCz?gXBCjWbkTT|6r6yv*1hJcxYECRFgdd?taeoP z4*?b+LM#51oRQv#me0SMw@mag!9NKG(2 zp4~b*S~3gj~|H+Fuc?1lG}5> z7eXRf_h1)%5OSDdWDpIcjPrBCmO8$*DNG$Q&+xFt<~*R9Ei+d{S`_i*9v9|?jEE!c z+BUb2+qEc|Phr~vCbTj>C5dNEBdEL%sGL!~LZ_l@84dd&u%JAm-B=x;zl?lwS@wJg3{zY%uC9sq-j)=45dpbjFw-q+9| z;>!U(%j9u9QHafI71*)#L0CGrz3V=*bYocWt&sM9SnCHx_-uUM3w$S=3nh?llqo`M z0~X4#!j>4A>P)qX0)lcikifhOpU9smki06u5FUq#NkOYpam3t2)XLUV4X8lP?E4Be z;lh0M&Uk%pL~A4rz{cbFX>(TC;I(tiAdY~wV1=22G1=Le=-{#wNvG>JHV||C>YGGaTH-YTN#r}1_r*z`QI1P+{uN(S>yvhrgUay zDP`OU3p2=RRjnpMJToFER08$k#6+L1-La|!PFRTww)!rDyCtI0Amwp1=i1A2B#Le; z3#qH$!%iTGpyF=m=%8zklMC?l^V6WimNxY*rS3_5B$E1vL1y}!_#I_W+Mc-`^fQ7e zi_K3^n}>ZH5l5g*d`xI)s6KKOJEoYxMH-xtquP;vJ5!zO%Y_teS-w#TrQVx=Et> zKmwDP^WFG&O&p1HSfT|)D_S;HE*?kKli&fm!y3B=NtMgU*j<-J# z6R23*)%tDkWEVye>ImN zNJvC~-x#76Z_(+0U<%){7kvyPqbcuWay=j6v6S=Dx8xVl@$LA7T^C@97w{3wgO zE9Npnf77N>JHn^LNpe8$ZbAYEe}@L!ov(ORbJgv$4Zl(E=lA}_%MZn;-wG*K_}GN*ILnNNey8=s1ICvGocz74c~y&kT7a4P5Cif+x{Y=SWnkVLZ+(!yQU5_#+VCMCo3`tusqG5k2sJ$Z@(X z-RNCQ&Ba-R1qL$x#{MBQA@UNJiqOZ)<$D#d3kUARUz&Ijc>Fjmw_RZ_H>L zTPwP6{}hhnZLp#5!MVIcS65C1gvyW^{U9bitUf*L+V*zI3LmYM$#kAkOz=FTP|U+# z!T-GPh8(@ob*fv2br7O6pSl0#@W^EhwMU(e2aTlN9fgB%>J!KqT@FCuEWLV0`tNtj zuVBW|q7IfeOPC|d1jL+*5+~)>N|P>qcPGz-2#~}e zr=uhJ=y7yaQ8a35M3%t6@XXi^Sh?POuI3iweTCup4;2=fHl-td5U_ zT!5IdwBIyaLj@_qGGuhzC=(81v{{7i&aY=Q=Qm>cIkNu214i&fFjb6>+w!?6hXAGu z$L{44qfQ2r#S}{IZc?ghXPX77rBQWrtL*O%C(v8o_N<`EMxSpMRjkqWY zXRiu)36e4&y@3({XcRKi-MlSO7F9&s*cI@335fE&)MGidZdH0oI0N0EC=+UIUS4 zKbIY+^ncV)WQxJV-^6nH{03>;1`iAG1t9`*ecT-C(+GPZHbL|V2D@z1E&P5awvLY> zu+C>gBNVt!Btd~ZCib7Lq{Hf*Q;Y4kR(G2EzMG5;yNaSoI3;@#0Da>3UaKflu&RlHI%y!)!lse44-bbcLsQ6UTD5)0@Vm$d13KmyHzNQ?bj zOU4`}{e3y{L^8gfsfR6y^F(gifo%@{M+)*vu)a{v`0_1v3CkYn5~&;-R*6^9_pEu2 zz5_phF3twqp0LD+Xe6|@>ED1a!KIMx?iwkdbnxd>7WvDtrUO=XJ4He*K++^Pn`VoA zl|#|v@|?9iBubqUQsjx*iJ@=_butn-V)_Saknq|7?EE((1n7q!Rp)2oylfmPi%7a_P4P$ zE!8H}AD+3O_vj?a^H1&(R7H42UKL)~C?F?r+kGt-TG?1RquMupP4^9xJ&dFtqDP5I zou0&@lWgr8c3L4hVB{qA{LnnMg9Ets|0e2tW66Dg>2A4_H^*De)2It>_H$7-3$q}mme5w!8M@SUe?KY1X8)RwEJ{JB9S)rpWfYj}jOvrYeIZ>=2 z!~62!K;zlniU?(Chn-UBKc*%D%IFhB1@fFFa-3qH`QQrV%fvZ52kZsl&X?{A~{2BZOg)-_L zgLcp?6c`Pgp}b-V8F={he;&RMW_~6kft-0D@g?fmM{ZcEpc}_e1YFik(ZnJxIjyFm$Qn zQSjc*$l;p$_2SWychx-??#h=TGUmb#jsmGfz8m@=BLS!FAyTeJ%|B02IWa%d%X41W zQrZk79e5w7(%X`36tK8>D2%EtqiyFi39K;DSVBke zmNtM)hyF!08U9k{PRr{TrYJ_03#r>e0p5fcFv^V7U5Y!_JM#KtlI-=1jII1i4m%Z5 zJ>Z<>q`cN02Tj9n3^x3wH7aS(Ym1#s#tT$qr(y52L+nM#V{(yERTADW>{xOO;)2%Y zvh3OM9o4B1{Tv+e(WL#&o8kMvP{W{**woVA4^We~4aXT;I1Z{t6IOe&cbozbp?vgz z!K&PKbCmOafU|Ujg9$-AA%uci2A6ZI!&)j5>Dw9_Lqy{4(H=A5?`D5Y>t}fA&Ql`F z9pMQr7p|RZ6(gqNTJ3bdhhBi1VZ9%sh)f96T+MrSf22o%hS$PhXy3dKoFxIjOw(wh zpQavhV{ksVgU?_U=YgGbcRD+XRS)0SZlQX0rv4e5-rEB0~H4Y_*vU08rCd!h?IwD9^|yi zNZM%_qrHfkT-ICZBt~Oj3s~OqnyT-~1{)}2%kG#`may1?=7;E1ScOUK%QgtM5WtC! zCvHkiaA68RN=5_Mxkq-_uF*S}%MM5y#m8#@Lne@;1CV10ZrAt@(6Z<{F6At)JQ+s0 zoin*sWve)LrOW?0dE2p@Z?-3Z4|Y6odW_F#i4rD-?<{%MsXSc%bRH@bND})rC!5&Q zSEO)oqP;;^De^xUH3W?NK#>}dZZC4Y2^ZRURG(is=r>Qu-5-yiO`S7kYLJAyL%;WF1{-DZh0>D959DA8Hob z8fUMYFe=7k4h|1ekNM|y1ZLiA=XY+ z29s^HvDPxDcxc+cw6AFNTc*F!Sr}jXmlE6uoOL!yEnT;9cGAO=@ur>qLHzcjTf9JC ziI16K34-E1>2KMqv1d)Dx(oP+{e<7kMT$3;>6N|rkKQ~#Ml>;V_%%pW|7x;l@7+7f zkYhAA)w9AFA6sZ2EctKUNW@J@`TKFgx~WeEiZJHf{r+;|ZcBA~@lgi9V@j6<1gQ~J zv&W&qt$s61TuhZ&kljUF4+>4RWN!>I^{LfN&u!~Q@?jvbf21U<5QMnQnLzMQ>D34e z36(S03`+)B^dOmOoSlv+go80@w69U-nhPVPbIh!BxIPIH>M*8XAuhIh?ez@@w?!_e z4ycx+)aN9&s1CxtF=$Q))L3nSO|(P0F2CcSpQK^2qno76PonEGne$r2QWvtq1XUr2 zbRtOE*;Ws7l|y{C*%$2sD_wZvx}8bgaPmX{z_KDsYeP{Uh;oo}Xg@NTCEQ!*NB8kP z`wsa+q8tyNH<4bibda#U{ZxqUOMF#llQDtn#;!%#vEjJpbjtZBnZfn0qsEO-QPN&}lI6LTUKw zh!Wuf6_9mFpJ@n68+!>*$6SRZfy7&U!PGSYpDe%Sx+`0ZNn9Zf=zJI~SqhzWETtm& zU#%`z#cd1mZ=exjg|Sb!MIsT03nE45Ibcc}K255}d&#SqI@tn~>Pv1zob0az@&}oX z;v5zy;DZtVANw#83+c%qGf zS;MJqksu>7O_V>PY$}`GfHUhqhb#Mg*zvR1+lpxm61r>SGIN91?rXu_S0dYbIpjh> zmL+K+K~l;~!T%`E+*nX3qOdTkJppWoM^a#vtVi2?-SPtd_xCnWgi-&a7yS+4DXDF3 z5u=Id2+p3VNT9)-43st_0x^Ie8jMSgOWUkGCJof`Ltps(`3gwvWbP_8>gq75=F!?4 zCgI@@?#M;3WyRF)9m2ho#}Ty z636vcKMxx~Z3*|F{Jrs&Us6oZ`P`>(O#4J`a6`_mMy^#eTIZs@2Cd15LL_D5UMJ6H z3=^448Rk;BXh%@u63mgguBZNB>SqqlIpf=#@j-5NrL5IGTra(|8d%;mA_$U`mze!`oPWjY3P z!87MO@4gzWcrD^!Av#-=#c%$jMcrlbPlw@nYBW?1XoOt^Ay39vd{_@PpM7EE;~oPq z#$IMImwE47z4K|o;!X5WzAdV|hD+vmZb_gMu{WC=X*4L{*L9ta9qG)H$}NRj=StQ9 z(c?HboIStoNT50d$wU`_K7Qf;qNF!LA!ErfEXTJjGcpKCzBdREqk*#1s+;F~Y@37Q z$%yzbsB2d?`U}UMkBL2=Z2&)v&5f| zk2RP@rt+^W)T?OZM2y4vC@_nJf?u#oRzUF#4HUfjtLZxB^kj4;-TA>s$qa{mjo#rf zvzfGx+mFe6FU`U|++R`SDX&sbJIT4a>K}w)xX7D4eKC_2OP1tu891ct0SDPM)=sTbfVL#EG4^(tm4Hcah(;Z6alZ>TvAYVFo=3n*s+zx5=7x zsVi4-9cB|9`4cl-nIA{{eRyl8t_SS7`K~iTAzB}<;(D=M21)PwKR;s3r`oC9!`CJ) zjeaSVxv%L%U_4_yjoCLn!b&pNpLuPha=M7Y(l=7u(nsfd7u2@*D)`zB3`u?D@q>YdqU_5~vHkX#ItqEb~t)){*eI&n{;V5f;wWDC5* zmA-msVd}j=>C9kWM`U2DOpUx=N7ArIk(5cCL;7 zRzhLtK2f+w)ru_vgBTi=;!AMPn`Om>oae`=zhCgQXN$DeUy%NE*LLxU)Ym`1#=laO zdR&T;=j)j*sAptcnJluTX>aV*Ao3ODvc7k~eh zwvmm@Gs2#EOY}v~V<@Xrv(#;&lOKvIq-{#^y(|6E%ss5>8Cv@kjrCloZ^T!yNlZV# zF#VM>^J1@4yN*@e#o>xxmq}{q2BPhwL>i+go!74GQXVg1r*7!cc#YO*Qi(@Z^q5); zvvc^7|KWo9UysPB;}DE3mNQYoD5E}QtuJr5q;&IFGKF}GmMssGcUm}&yz|PG8jNkY zv$3{d+IcCxY~6Vx3+Fxwbu_;lfy<5yYkTxqvl;*B@{a5_#dR3rN(KZXmu%YvJ#R`e z*(tk@`sk@c0zC&^5mF=xG#;7z_NvSzG_?@v@9JBUrFjpvB(fUJ9D#)!>nj8MBo^Ii z9uB5ix{s$!e3c)Io;Qxf)=onSOk#V7iBVvkjtRay^jBpAYn2bI)fJvy1REK06fP1a3Wk|D z+V&+8CF*UAsdb73S-0csBqXLvS0WahQ$1=*=acm|P%bUnq(MzZ0oH0z1ef%QiFr-k zzKPxQNOED*^Y?Huy>NurIN1W6;l&KrT@za3dN*@X$16o0Ek8QqX5LZdWWc}w; zbxy&`RMEh5wn*Q;wFQp=+M8@8>ub0Jod;rX@D*He$y1p!5vE$M3dySMPj$>OnjcJe zJ+13(Y_dA@bg;d%Fw(x#eI>)EfZl!NN>O>D-g1+*QUMeh_Sd9)u=3{rT%AzXfxuEu zHE+?^(fIHmP3OZ8iH!Wb(!V(1@3V&A&`Wr;A(s_QObXt5>Y-R6g3kI;1awyWZ4U~% z7Y>{a1?r>HZX5d~p21OA?*d9=SX7nR9) z;bd-CmQ;JJ!|}=D<~n}Enx|INr$Z_VS)~l`NEJf3kr9er8_PU4@>er&^fk^;F|U_( zfC8B%bu?}~6>VZola}fjigIRmb;5pcdcO-g&m}mx_NMD? zEJEpFuIokxg9menp4GL3%%%3)cpts&xBfEZGvuC{6fXl>jVL5e?mhLYnoldysnj68 z+1h2Yq~7|IZd&toIng7db1hIZO0!w0m)8Zn?wGf+dmm}c%zD?2FLj7nz%}B&WftrL z->le{^x^hF%jtS>fs#<+y4+VT%+{pm zXcWaqICJ_-{QA1s-6(~W2X-`_DX}!3yz}J;c}(fLpXJwPIf++d;_35PvM-ut1Bk?! z>UEkOx`(SQTng6e59?c%biEy-)60)*sUJYtx?l6(TW8*qqPRknp)tGVdcduK^ z^4gWr-shCe^|Gf^OP58+t=XP6xjfrT!Sr^%%yzWt!eZbRgA%)TNYQIDSUMy&p=9;@ zh!nSj^=Mw%nvQ+p7-$H-Rs$6|H8|n2CG*ukNy(e)2TyLt$(40DKC{&{%i@i{zdYR; zy%*o>l0Mk>c3iX_-(D{&VBa(Um@Bm_uMWk9=#EG!@c@)jJ`Y>}z8uq3#Nf+cG)8t^&f^Rs(inib-S`rB%KZMO&*w z;qc3WVgHNg<7C6>#LF_sh%UytrM*olbdk5{^*?mq?MJ*K|TA zB}nFE=Gh@I0lqVly_VIv6)7$zKHK>v>*M&tHGKWL>%35V1trkCmSv904VKoHmLM?{ zZ_j3ZE0V(Wf>lb=#>VEj)o+E2+n*jS_S1?pGnjq2B)W+6sH9fYeiJ^n)FxcknQ4U7 zNUyw>MJ@gAu<~NedSDFt*mR|qWv%S>)QKm`^s`XfT2~>u6hkTSs=#Krg3+P(m`JgQ z7bv{*2CIwHpe>Zq(7xR$=>TzW0Cs&Rs`;(QpEa_~i?Kox5BjfXbfpy;1_)~Ba%W1d zq;dy3kH&_~WXhPz+_~c%&;|vwLE*ZgGyOhRU*?6cl9Iv6Jo%_XHbCGe^foEBI_}Y( z(HYIqd?1r5Fx-0Pdq%r%q!~ZNS=Q8oo}NaMArGsy6HGr81mRn+zvCff!N?!PDDG8k zrII{d4GBD>>u;d@QD@(}?856pTXIH}Aejem!CYpCK|nytxj>o8<^zegN7+3!N5?<~ zT+mJ2Lm|rIyfE>`Q!1~=-G$~)jFRFgRf_>7vrlK1VIB-vDzP@2n?KU;!y0~j4AR}Y zSG~gYAw{oq<*oaJU!IUry644M#PaH5gi8fdJ5NtfubHc)1tpssNWTR4h1tkTsACPy zxrL9f+!yDRG65B)#n2mLpcKl=Wo=_kqx~xG?yh~xVDXyd@@V9+>u?v3PPfO#qIA5s zti)ssEL|)U=YfOPP*Ag8-G#TLl2~t4;UbSwjCM^mta*KGblQjV%*}5%U$%SMck%d3 ztmo4S-k1Mm5MN2+j&~WBLLCc91OIV{fjF(pRKc+IRiZ@w)ydcZF3b5Ngj|6Clh{mz zECwe_`O+LmI!BKuCo*;S9U zyvaDOO>KFiRc#||zAVW>B-L!j*e$(e!P%ECqt5zLTM|v!P`Ioe`LT1SL@u_x;3|l5 zu#Rn3O5Kx`6BiBaPEinQb~=*cEx96TvSN`?8f#%@XAf|IaI# zauH$+wwh7Ohzcj1)cg=h7DQu#dy}#s#1Uf52}m5Ag!+pzK{dhh%0uU*A55)kqe7cb zzM#t>07zBb2yvhPk*M(yy!+t%urs;583({*B6h-Ov%>@_dke7>3X5sB?SwS&VdO_R zgRdQ(1J5SKDh?4!PZG3YF@tRtHH5`bvw@zJ|MK-=IOMBNLa>@F>k{ENA;jZ9I-^M_ zDv8R61Ha#S3~_$9!m~-iGH=+nl!GX1&<%E`=_|j5RrJf~Uj}w!_kqvcHG2tuxSfSK z0J2?}et?wehe}tESnRuX;lhx_z7W1^v>d@{~yTzKajVSx&M!p93&E` znH$5eh0bGg^C>!9f{-E_seXBsFSs4YLz4IJX%Rd%`+xI*tHxxsI7I(@%Es51?aTqO zHhRxuZP+R^6ifDA#kaNvOeLEi7HjL^c23E;Wy}0Qw|BN}vo;R}Og#2BvWO7d zAU+9t`fh^S4tjbll!?^PG2i0rJ5rn8d#sw?=(kXag`1aTeU8N8lD4JWb99Any7>E> z&P7IW@!ECQg>UO4mXHfJv7Ids`UtcZ;R%=E2|csHyQ0}9DuKJ0ZPAfxv@w#i?%t_} zUuP9*@d`tvNR%6hn-xjT?Tw~DPlkJ5+yBD8Q_x9EWq8SE8{w<7zALj#E-K_Mhurk$ z=xwCuj^`REEH^_*0P%iqu;(&a36hBz1$;f061APzY(Qi~zD{m5x;7HQO zUt*B@a;8$U-cDS-#r>}{6E2D=BAA3o?co3Pmxq%>-9AavXk`4vzF$v7 z{dffdf3y>b{z0qrqy&){3?eT_TgQ|T)TGjgf^HT1XN-Nf2{oL`=_ofk1I z`xy~!@IB=~vNm#7eF@fs8^upTLoIMP=YhB@9k-k(XdU_>vAy3Vz&)Xxn?;B3w>=Z6 zIk#AzvDg_ocpCdTfl4OTv9`oGxp)d!(rEPlPFDSJt1416bof5hL${W`pxMS;GK4ET zkrMvDBF~A;RxnWWoPn#L_yZGe(}>7+b!ZMWdRG~B0$bmTAh4(hA6?lnNr<3kvjWtw z5nlh_K)nH4!2Mz!zSjJ^?>A4*k6wzhXmjy^aZ@*?^m&SB;#v_e@UQ8SbM0dlVmrb; zms{KVU&9}$qd-)6Mecn3h&}P2GPMc63iTE08&lA!I60T$Xi51DF#6^Q^+)r5sz=m7fYR$t#H8XSq zgz|jdMK%Qg@5h;4pTnrjS(maI zDe$sGiv4EEZ!c|;80I8Gy$=%znK)3}7laBl8DCQ{?;Ns0$*`#K6*Zv_9A-y?yvM65 z{*ondK`#8CJ8o)680S4HEF<<4nbTc8sGAriRxS)Rl6`hM>&(@0yiBYFU;gk&aogYv zHz$5$kXaaeAg;-y#@p6+gFg@m4ME*F{7nl%+oK|ifYVvb-%Wkz4kc1u$SGBIO;;w3 zRyE7YtaC{zxHs3e6z}Ahx|wj50`aGN4%>3-f8)3NM+bd(VxfTHM0|A9!xBjxC6JV} zSEU86!jp_v5~9)2K#zx>fg#$muaqb6RPyN?!B^`e#Ja{SkVXaxjzALSA>W7zqMI7= zTP+@a!$J@;*2KUVLbnPyXvAIZy=WVkOB6l9fw5oD z3QY;Rq0f=kALx4pJw^xkJl0G_7di|&%PgUb+O!Ar`h%3*A0`?O0!DSd2R4@EL?M2Y zffHZ38(9QwE*_np?A1__cY^fCDNp+ z`~iQ&P7WSl{_Ml+9Wa#vH@q=FFoy+LBMS&YnnL`gR}}@@5Z|DA=C&9G`0Hp;|PoV4qbQi*h)g0huEDKxI>Vm?FT@l%LwRh z9T3!lOWiBcq+*P%F46T@zZgdH-A}p9P&QM=H67{2~$4qi#$;P+hN{;MbU!PMVwtYra2LIDT$By#d3a3YU z@ARG!GVAz|QUujbi{Iru=%Xe5s!GfHfvY`}Oy!`t0?b&b*w;aj2|th;3rWV*M_X{0 zr@??7t|2|!=VH(pQ>{PBP@gT**A2Z8A+^q}p`!8ZLd?iTvr79F+|9>Owwn)b9)pIc zOW<;Rz1W)W!MKmn@%F*v7tVrJe(XDkTRPOsBHok6R4uqc-RNV_4M^t(+p4gbm~gTj zPH+ZVXbou~BGAGh<%k&z)>9EQE1!tMq#k)r5=HVbCQ6RLs^O~73Ag=)wIa zJYo#8f9yBFokI0^9|iBV?{i3X<9kH7e@>tzkc18ZXRL6Q2Kq^Cu8{pE(yWJGs6;8r zcm|i5ey?_xEbLoXYSH`zb4gnt-wNlTNHj|DqA*C8oozHW-?l|E5PW`;6FO}qNFq&# z3g-FV@Qa7)ma>NGl?Vh2)qV4c)#`iKXfsK1HQi2}PVA{gWV_g=N`S5e=rHEl5G>M% zAGM$xfXH^0B#R|Rkyx?dQ%Ic)M{v!u9JkZjv^om!sg826<~9w*w`~|t3b7QX=epbK znLi%Ms4#3aNHu@I@^F48B5yNeq~RhUe|WWl%HwM}rwCu{@GEdaR*FjJJiiFxHzCAoM@mMv0Gn_aCibNIEQp9` zL-_pW6FI@!Pq+mClhd@mBrGKM=>Nmsdxk~1EN!ELprA`Z1W}YEIV({zl7}ccgCaq) zMb#+yBRrOt6 zpdy1syO@6ZTO2W{?P;F)^jwxJ%?mnVk}KY>M$5Y>4ebVtK2=x?zWYCy zd1mxKLH_1L_5WPvX`G6(?I1Fu2x*IxK|e6yOC6#BE4iH3&Bnk(!g200BzWK@$baEl z*SNV&9;xnujN1xWXAtXXA&M)=N`A)M8TqIWHYosB%Rwd^DE&27-RnUYiJPij*A0WX z`U957D3$Sa>PbLxF_o{w1#aLXdnyH8yk@i#ER&fE-X*(QF z|505r|KR^#%<1qZ`?4`}#Sm5$v);9E+G8I6O^x6juniv@Us^;zrhg1-$V9||evU8A zt?W85W`j5IR_>8TZk7HosIK3aeH}#28=Yb4+pu&WMr^f;F2+&Ke1k2ftG>ZFy2oWw zDYi-~Qr0XxiM5w%Cc8$2fEmX)b338b z6)TjjOsvI)VAmBp83 z8J+^f{^WbpjA*-nsM@kI7x6^_YX@YR*L!3Se$-wOJJ;kz{zJfRdr@hM zXf_yxlG^@Ch#TMO(N0APREks*s12%3ke>lnjStKAx&2Ob4D)JY?6qT$*%#Hr&S^jM zb!_m5t=S8y$}0UqxzRn`zVw50D4b(&1hAqRZDuHyga#vIyi;duJHmYw^X{O{;>B33 z#{Q;1UhrG%I@^tvVg7dO{p{JY zMZxNX@8RTg9V`5s!PiIr6YZM;ol|=HuTg<97=psUS1QS!X4%8Vj@jJ&+jf*%sl{v` z2LQQ7r=Nh|MuwM)L=(Lyh8vGJw~*Wh%;~hbyfN8i88ytiJE3 zixc{wCqSm>W1!coP?|15Ed6%HeKsbV|3Cr0@hvNlN5A>;UZDOBQdGhfeDgsEFmdMj zi4~~JEa)==-`$|szd(IcLywAS<3^0lG*?pq<=J0)3;9HG!6YPy`&-`@$bwK4K{GyJ z1LL^Ciycpo{h@wxn&vJda-isedDFtW;q=Y*$3Iib#_slIzBm2nMz8S8{JRv&*SXww zNWNE@zJ1pG6pa&vxG@ib(W(Sa0Xne530MxN+3d&wSl?c#!+DDJ zq!1ob^&5m$L=n;p?QCL>&C;pQ2*Iu~zWaLV)JOO@zTic-f6qVYx4xJ_+pr&+p@L`R zXJvqlQsj$8sPQiV3qs_R&Txtd=qN);H*!Geu>>OP>C30s`CsKH$>2Iy6+<)j)HaGt zKyMu7{XY@)*EKLi_MEwO01z-NpIymU}6Mm;I!v8 z#}{$^LOu}SP%&dDjcAYbS89)_^Y`*)AM@pus_E!Rm6Qbc*KB8%e#>?&s63B(`{rjH zDoX-U(R0T$f^J{fC@E)-)R%Y0W_~LD905qtcrkr|U*wJUBUHh_K(}`Qe?6rX5pBc1 zCUMey5$gRwp#1f(Z;8~`oWW(-Hi<{|iUhr)K!>OgqJg~7|04en@}F{i3Q7d#>y%R; zQTWt5V^XKRyYSa%J{Q3xtRLu4TDw96g@hPhJ{b)9YZ+Twx`OA|Kc{IH@ge#z`d$F~ zh&2gMy1If@VAWowplnoy{z5ghz`)|e*Q{`Qo~x-bJg=Ckp&D~c#+BuqGtRag$|Qm9 zstNV*Iz=dWMoTo%?C(`uQc-S>O$91=+7)r6<=QCTP*Wc<)4K3C-H!+y48EaVYSG zz(hZ9+Pj^!asz8;#pctdX`H8z4k7%vTPc!xzFil<&`VuCwto#x)iuV*pe|K$C5`zM zu{eHOK7Ok2q>^f>PI1$xL}VDEqc9`&?-f%3;lMgg8ED)lG6jvRm7)ats-El}K0YO7 zBlF+;X^HI++3Oz8B)6*c+^s#U&~R9V0qS0cW*v^7HjtP1WL|tH{X79#*4T-z&au3R zEKkWQ!N|2!->2{qc><*Fh12ZZz0>13(0+h_gfT|thqe(dq?^kJwKfPAk!!#(@~wqJNR!>lmTPt{Sy>UGp4>2i`#O9x`$Y`^{WJv zJbT-8S6XiXh6HEyFBK^SHSI&KT|^Z#e1T{q%-Qs3Ko6E9J+B!>1do*|V+09MXHe_%A=&uT7EK zo=0H;-bn>qI3*Jz^(%lM2SU$^$xrjckl@D$+wkgx)!eMQ8-0U~n{mqi%R;(qcI^C2 zZAqu+JcH>=1Xl9nefs0mD|txud-qM_T7UGqWuT;<$?>X~(M)K%Qc~xu)8F#(83(em z>xpG1e0p)>ERd`udbww-=4+BWl5*2U5jsad-oD8cGiS!#$ngAx>)jNNW^HZb$WcXSN?RP z$w>wgQO3mB-WTYV;zx=MH-sORt;;g?dKcv6a2)rh*47GTFFYl{w8CC?pR*s-91kIU z7oYpjZsQ|VPzwqQ`WZU#CSqQa?^yeh6Q0Hk8y3yT zNNZ{JUncBieV`$Yy(0y@)CyW;!df;er;#yHnt8dGwAo{s5}=dY%qLN~`eAPP)s7X7XBB{z*bDoNn* zyy)1W< zr=_REK=wsWROT3dJj#6^L0v5R4YrM%9s?_k8gL%grF#yo4ih@QElWG`Q{l8JoVX=V z=15}7vShBQ=109~SBL3&KE9})0;yM|7dbh5V}vcUj<=GuV&;_f zwVA)1+m5{Q{6czGR*U8440T5QR78;{`S8x&suMFn0Et^@Wp5B#+`7Wv*r`j-$89FZ+PY@294x zW%TtEwFDc@;XChCE~1sYz7#C+uGp!W87HVy9MmGLJIYKtNMh<-UU&$Vh}Onxnbl%P zhDNg7xG{)pbv_cZIFE?BB2_BQW$FaEN~;Ur+|*(;KD;Pzm<qqv;!lRA0;qs zpk+%s_Y5w)VNaPKH9NjJ2Hg#Sv@;4*Vp7iyQOs0rF;xLYbn}}g5~}J7URgo2Pz&1- zW(>N!YN{b@{K3qjq>`J_Ad?%{5MhnTgfSeZ<1&OPw~`R$qiv9%6fi$7O|gk+oq`bs z$Vsvo)apjD8Bncw-Bl4fGAGknr*Wh%zYfOl(oXhz9K^}R)wc8ftWoF3=f?FuLfttU zY~c}h>aw8`hW%(&#A(n0gI7zy@zByJ5^ogYMJH27%$1X(e6&4xYu8PICMV?`bdLC( z$BOS$raHeFs@ELZ+T}Y=n+~c3B$eCF{t~;2;<+yc2v}o6!|< zXtuVhu`VrnR~Y&QInF(%bf@cTjQh)+(tDc=bP^I0IyC7XT|}_~Xl0pD0yLA6UXMka z>m69V7Ac4{m_V=5aJ<@gEP(1rqllz)p{2KdL}sz)dHSVQR8kk~7VZqXemye>^17gM z>I-#xcXziY4bk2WO!VORaX^fJ9Na_8HBODll)5JX;)NDubcD`~zhlnn?~?)YJL`D{ zTH^tAG7SFgfSLD6=TCNzr@{;@ERo;@Xl-f1FI`^mk?vMUZG62uIQy%4Xp5m%x=8l? zj)ca}QO^tWuG@Pd7h5ZBw|>#1503=tPg6{KD4JJMdQMH$yo~cxy?-A=XZtSiDaKv{ zjOCytLQBR^qNnOoTwGkQ@`K%GzA&t<@YIHFypaQ>TxR=65OR?{n3HqTVtIJl@wTqB z{%VeB^}#qx&Cfra8)mp5M2^QSkM^T0HGz;39Z z`@aiGmY}e6?EU=WqH%Zei?v>F;qW)ip05-8l;nuOSL!=4FI{r%eqcc7zgUv6c&}3R z+~r#>j10nf^j2uf1SmjUc=ovnTIn!^FBBg-^{TLWv#OY|m^em|pAYATIsL#!@|Oz-9)Jc_-a2OG#5^PB6j!;T_YpRd$MH9B51(ne0Gtvu%KUGvODT+?R&*lGK>^@={HZ@FBph6Be9HF(eW9U zJcV6VEhxlm875bZ9uSUa9pv2&i;W^HUhXCbOQ(py?2r#qF8e6CbxVWxsuL>@E_`G} zxAp5+&YU!d7lb)!qP$$QoG6m+_k$v8+e>#AM0VBECWSe!|_m);o8riMT@Kq+}!wvx3Hg9&!G)Oh%`{PSH0;c z9$PYIY>2tJIs5QtM@*6Cvdg@cS(roV!o^va9u_ce0T?$ru~aKq`04o@T;?G#X~fjj zJHLn`8OCb9jaw+{fGY-~U>@y=lPLHO=H3#$Jium@$_d4AN+s^Cn1+Q$%8Sld?S2;& zmfE|v9nxlOVf3ZR&EyhT^@I+F>2U4y?OP1|)*3^FRtCTgf=Q=mWbBpNaGuOVQ2{nG zY@wqMtvKTs#l3{HQ&L3rkDta?ueav<*$hM{MllLjBAjM5RCMSz<4AtZyZ`q4$nMl| zreeRf%-FL-a-nkjmayEndyj-GevU;O&*wJw&nQ7A_;(6eaasF2<#iVL+L~Q!dppPQ z)+#9jTkth2QIrv^W&$Ew^;oPOO@$&zY{Q$HB)|LhsuXxos+h3KxQLoRFbh3c9RYWU z-_ySP8+;4S88kLMe(>_rJd?)wR`pk{4l#vMuR;5ee1i4#x4?Qau{;V8OY*Wz#=wSF`^hKC}J)Vp5yvc1D z0>B$Bf{Hb4vg)d`z{ZKD$NTlVCw&X)%=kJyul+hIFREn0;@8m2#oT`w7DMS|v->Nv zd2n#y`q;a6U()H?tlm~rCdrQu4HMzKxFS+NfVoEs9}~2n$~s#b4r<+{3-oImV9;dL zX&!>roaol{(y>5#)0FHfQD%YSI;MhXc1A`Mb(*!;th`p;Bb9CfwYBxiVK5;seCiE`2BfA) zK0E{Ff)OWGnjFOyUutMC`f@bd1BsZXVyg^@V6gBvZx;PZKWkAMhllJP`F&LGEs7J^ zO?o?Z-ra`nmlPiRv0#;9jKIO-ahjW$o~(}i;4_cinf9a>rSWksCsH19T6rCcw{<(A zvq^J2U`s`nrY-cR1m)f@9{(gU%!rObIu5kD=g8fnSm6V+Dj1GO~p@AUB zxG5h&sdh5{sJK4uO2NrrY#!8cB--9=Io?T$b{n7g+b1w;(w!dH$i;k=PIO(e2d=#N zsK&+USLc_gQ~e{~EnOgH(W9}*;gJy&OFj7Yet>|lNfl%S#s~pd&9htJ!naHblq*FU zd3d7zB6$2?tD^(JL~z0*2H(Gbgpw#99&AoZ;QCR=hJe>O;0L>j12lqEJu0|xmA8XB zO+h42N{1GrqFD?&wV8(_qg(2aYNlQnFil1Imr<)1FaG}IX*^wRTzJ@mvDR38Ax0>( zJEBK;*nJ?>ZYX`bgxaaNcKp~p1xDieyOCL|(lEhNW6WUh8gYv;kAM|{go3E~UOY{A zfwQj%Z{FvKajz*6Edv#%y4tN*QG4-)NeYQ{V(o72#40oG0hEX08uW8KA7goJqSkyp zr*h^l8u=?3cbAp>!@SHsf92(Lbr@?sA16N096sIBRVY-rQ2w6XeoVRIC^1^QZLspz z$K&9_(GLVSxQgrKlB&ej^Wjl1U($wu{RMJdzi~l)0DJs}mKX8+u1R|>cygj7H$+BO z_HlddZ+YC4Y?e3;5J^UE1+=~R%!D5k(oLl7UAaWl+R~<=Eo#2}nX$;6ZmrAc8;?Ds z4vju%Xxghdx})`vPvSPq=bt@JE4ESOJuKYUArMvQHZ$wf-u=>X9Q87QNMea54YFH< zkDDK@mAM;m=e&!j66Vn{H?PxkMNr3>eAO`zGq`EK(6N%V@kJ1kyb^R5mSR>^XJsS1 zX1+{NgbC9SpR+~mO2uKtdewoKWX8CcWMEe+5P?ZCecCg6n^_Fep^3EKwX>RVZ8fW* zsSP!a7YY08EA5-xmS&kfrS+=~wC%;R=q#JXZNw>8#HSS3C6c&Ft(= z<*KDSs^9ol&s40yoe_tfrm^e%jQc%Qb#&(!KPDU;Wq7xyr03}5JAPsizQdHKP`9CP zW@*mN^l4)|zh+&c=yn@#abDTsoRRC?Qo+>VfRIh!KnsxpX+=oLBpV2A?g0xnzd_~9 z*-8&`)R$0}?TqgeENN+p)Fxh(x`+f|SMpIB1Dh30pzOa?_WYK6OTLLkO&h|ZG$!r4 zu%%9C2u2M8Z$>U6(_puk+KrEoPlo*x>5pN{?d=wO@|HMq1&&N-)vXZErq)&erBXG~ z`OK@^?Bfx93wU_3eX9OTRbb57{FIyqlDJY2HkpMn+bZ^$jSfucbSoPi*wO_##2q$X zJ*ng%5qDg8eEcooXAr7O-_<)|zaWAFXiEFk3OI8DS* z+_hFYX;RPMtac3;{B8V6ayEm@Y=!bfuQl4}!e_!lCRf-nal~050cY9Y+g`D$rIZk5 zG*?y-M_Fi5C_s+*qL7IS&3$LFKgWkKf)j^F-zltm_dCy8OVRNH{@oZ{_^2~;w84>! zcMqA>KmF2*>>f24uHkyT@K zHPFb&SXNTfNpznxt62KTWm%~^QfJHTd_m3ZJ%-strsx9%3_kV&p`#93ZJTVqBLmAc z3tOy|4URTu>Te~tK5`x*P=5R}x=kXJlu@yIC$xI+sMjx;1;o=nW!T^(HM{D3Cnt61 zWkgx?>wdKP)Q8MxU+8;1lsx!IfiJ7d%Lg%Q13KKs7rK8?hed`bbzS4fg|lUgZW~4^v~$F^t*uc3%0a^CQ?hy)MeoJOt2Aj)Q^3XQR1G=6e{vu9==I#m(;4UK*6Jpwb zJS=wTWg1NyUs#v;*I#U2Q+%tF+?46WAbs2_wZhW)V)W}Kr`CGYd4qQQ0&hy-f`uoB zbaTu7F!sCUJZs&}vN9ZL9t5&rt7*Jz4cV&2oI%YJj58OsKh|zC$14-hmM^`xR`9ddQ8t*_}(rsKlTA07HK=VvRph_=1{lAIH;W?y7H7g)lQ6H-~3AR$-< zGcl>u`h>`R6PPaV%B$5~rQxhqQreVTJ&8OCo`_~EcHZJOO!`Sn30w`f){YJ?TzGG< zD!AB)BiOi(lFBc^vh?L4&kqsN(Xw7%UhNkcKv+-aQuz`U*fv1d9P#(zXzj(R^a&3!x3uKMh4TpQ zNsjGXUdDwd;|Uy!odFjpPejc#zta>B&l23=wtNSZHa0bt1;GJRnkYZhEc&KlLLZoD zcaCq!cmw)JlqDG#nY9@$Tq$C(M;H`%G5j0VnBPR+X<*4GzkjblGQTjDJnG;2CU5kw4urKD+!)J92^Z$0FxWn|E5)p^x;2tKYIIbOjt zQV~<3ucIRR;hO;^#eD*vh%!3bhu^9=esY8TL)pf{KqqxtVPPRP3rh!eDoBW_ow8|Q zfzJ5!fu?dgg|?Z8UZojinG-4mS%R!#vvL;mu348Wh4mJU;+r}5ZSrNlLs77;xU){4-9IR#76nCL;w_DvR|x^ff1Vx$ zZ==P@Ur=L<^a8t?lJQF%wHAtM%+T@B?EHN0;jP1kk^-Z>k#x&p;xV)PomWIC9%5GN zjdx+x7#$~^mjUmHb+C=*vvF{QuSj8A=FVM4g&86L0NdO8V44Iy%^B=?t9?-8DJME# z#IQa!2(lG#axI~3#lyGA02H4LLyxo%#Qx_OwOOgo5w&%_7wd5H930%^5c-lEJh`v* zGX`%1eX|tc4;0viUimy~N_2@mRI%+Q_g$dptIi77fwoU6E)&yC!BO zpZUW&vci>M8f9&5b9E^M0s&K3kJ2J-bn^T}V&jHRJW`7R1!9k=IENlx#J9z2KVD5a zNg;-*vyN8+n3UZp)icfUtdu??_dsq?X@7-VwdpMh$nLhaw%*N2<)lm>N0R*xZ-W4> z@X-+2Fl9XSz<}&X)yI!hwP;EpIawVoKrCp<((uz6DED-WWr+gH&tQ08oSn~lWL#sk zLMoFEo{VD|5AN<$nwy);4PM*+-R*|jJkZufTH5i3ATe4{4%om=C|qkjy2X1effgJJ zA7$E(#pLin%E1V8^QJ|byMD%^V6EIsyyf9SzP4Q_!kko5Zpv9!G=WlJD{ULn7*TUj zyul330o|K&j6u2iT5H7a+MYkhU?tm|tIveMnPGz+pSQO)@+kSu4P~QRQZ-FY`bsqe z6BF8;R1f~blUV)tOOO(_?zQ;xi=IMW*^a8m(T~}0Rw)8V-jt;!$K|Z#pqV|q>j+t*BT#{ z+mgP>}M3On}Xm6}!yi@4C^fu!CO!_>IfM@Y~pGn9t?LmG6a_LbXn z$&-hXhNf{pA>{>1FVA59cRY8Db-Qf2Cr#DSv1G8;W^9sicP9rMI3K)B=?6Ty#bE82 z^w3co8%tvR6!w1cPGP}6vnmuId#n85K^NnVMs-h&TOO6@dtHZ6AoHxxW(rZ0iafv` zqD_ytkzvuSRuxJtd{7%(s|gf}hKWu%3v1&dP?q1hKGxp{KES_Gr%Fa|huVH|msPsY zQv?#<5)%1uZr?x*K1w@@K-qw^x@-622|7PEVdc9OrVQm;iI~(|G&rK#(qbYD-ImU& z%euN>HzNfGSgu}+sISO9-;$?XQ!--nPEN{3G;PZ5x*HPgj1QkHI-@rL4}d?`>M6Rg z&C&YXaA~2YR3Ve`O^cReMh&(;-9er4>>kGKRZJWg$@*P&RdboZe@Hdy zsm^VMg^i7-efZEtoyvJ7GBT3p#*G_ciHWS#sRA4hoWOheGaXI@V3o)vx&(CoqM8Oj zCIV#O2;^nvoYTP{a)#!TjUY_6c>#Mc7Yb7KX7D+XNLa3gf$O7s5 zU8v8VX21iIRN^ddRE>Zb=G2#1BAxf_lMtAQLC(fi>aWT zT~VRM$N^p;qR;&?4NJuCR0Jvo`;=JH)MMZ@M$l(F-l~4;8p%??_&?JkD zCrU`pVCvxB0}Rfj&ERApig~A9WD;aKR1C{jw+_K>?{AsR-Yj%zbTfNmX%1&vs!~&d z&*df>211T@M^F$8j=a3iksy_z{N6R^aIc!R^y2cW4aSx*kW>wSGvA*Vr*#RD8_+Et zaTF*g9{R@68ttLuP(w~xiV>U`O&oY`kT!MWX_#`QHltl*1W;~7?@)<_e4)9O<8#%# zQHq=a_4dlmZb>Nw3Jb8Q404MljzP*gbuiFqCmp^!ya#3Gd_Ul(rDsTMYiCaxnMms^ zyqrRqz_zWmx{KUv2{&6pt$7*3!owej$;SqCv+Oy@3dxJ}!st!ih3Iaizobt6%pE=p z0;)frY=|y&%5F}Zqj&~xKZf$7>`K?{!&GA541IX?+;XH`$=t#sJwN{&b$+~fRMddM z-b63V?gbfO<$l^zrB2Y7b%^y492v z*5EbNgy1Ud0cxrh1~%R-H|M!41i7-;TnA%BK{kX>VNZd=4m&*GsawpO4O~)Cr^Oq5 zo6l@fd$6~nUAp9)qDj=afi|-E(osNBj9~VpC~-aGn+MF+szsGu_EI4IOdVCHFQKm{ z5=x_*uS;&hr9Kl)=op>4b;C+6N)+b@I6=}{#8r$8vzJ!*adTU|hjjhfPZo#M0C@lc zgz&RyA)ui3ZRwK_eFfhlP>_I07R--UV(RXWp-PvNzC~d z^BvPw8Q0~*Iote_!+BbT>okaT2_!<|t%y`BZPclJC-?HJGzVM^6aP>7>$KjYYw;OawJtUX6`dXvXjWj1>kQYh^1a| zpXdXC9d%;~B`Go3c=GbR9~kyNcrfT{1QRW|k2u9J;EP8CGwkZ>@Z|K(3J$gILr<%k z>Z3W!m?|Sj(R{9A@AtQg7w*g@#zltg!O;#K(iZ%F4%Q+3hQJEF4oGGEE_~G~)E?XM z2+qxezg}>>uvUbqPiQxmKK@+ZFKhfa5#zuE+O=wUg4Pl!?@cZKa4kN4?P%%(JkKUT z_OL?h2K%ECiW?eZY^<9~f1!UUCQN}=d65YY{e_USC3?s19OEHi_2?^8x`T1=a_afE zEwTNk5>Hih*oEZcjv8Q~fmE>5$rUJIpeWWfvpx+lA44`Wb3CaIYO1bg1%AbEWzYr~ zDagVQWad}acN4T&1M!p2s&Cpm7sFjAlfjl1mY$QHm)}>Q!E-~cUq=#e8SLZ@^_d6g zYepm=aezF)KfK{QJk3Xp0nD2VH;q57anUlA7%rXDD#=%$=i!QVD`f9U*LbVTz}j+E zUNUlXjsXZqe!(Z)zZffW9WeIAqlh^wl=*=e+aNy?)49vein-B$}agjL?jb=bn3qXcvPm}HA z!|xku!P5eugI{65oKOSw=Q3k5+P8t&PJyqCp)UQxVPcN^^bF<1Ah|U5hU4_w&R~Fy zQ=`DCqZTZU89Rebld^{?TW;=OaAG?L!{2i32f-uCo0G;)%dyWz-xfbr+xv-f*LhkR z2mb@r`Wf7NF;+iT1c4&T&H;xcy`E!5!NRdgY5$Fr*4f6>|Lu(LQwT6IQ{H27dW)Yj zK$p*XdmB2+O#Rj&HO-g8Ql1G!b19u%^g-j}BmqhI9mFe$4t5}8K@Y`Zu_25AHoGF9 zk6*g<8Z%7gG(*5uD?lmoE;^8$-s}+^aWDS1!Hku|Rw9$g2-+;kNTMouFxqE@m=4ed zkPcY4%-#8m>sJ6KMS?cTVOR)6JU zZH}~zR=6@6;Q=vE6mt6go+}`uKNN40?J@K)(s47tl_KoJl=lP~2 z|AMxi)upgQgww{-zPVZ45gxw+Go!3!=&NA+>$emhkRtF*pJb>YV)*a_bcqn$6@)Pj zcJ8caq5Q>(24Fz|l`g4wN2d>rdT!w1zb}4TJiJn(5uN{z9XGqsP!jVr!|`$Q!1i@r z79>Sq?E^*B#f)X{e%x58y{>p@b10-bb;as-c3xV3)O?oL%uSU>LAwq!4|_)4^^mbs zT7<6-H2o2&>mI2y#teqPkVk;PkkC}X{)-dXj0goS1|4o>*3<*3R`@%Tj@FYU*b;Xg zvpEE}L24NcX5hGS?%2<)N+P4Fv!O>Ut_#eL4FGu%aK4Px=6|{;FJ>?(19$NEozcy2z%?EMqBi`>Ev&_U%LzzUv-&eyaOO}kO2 zhc$hBffV=@LJDgM+-9@)5H@E1XXZLLW+>ifIYZ% zS<#~v8JTByV_l>IQZGcp92={PF~+W#&!d5yF+d(nA4hJAWTA_q&(d2os44j|#^kl4 zv%cSepgUTNzrx3vEgT|RFxT1aJs2Chl%gX}NHkS)pk@1ZME#f)ldKZCu@iSOCZn3q z`As8DNP|SOmB+$tq8wY3roH5N!|F!7$z3ihhk)`onA(4 zE-|FG1)e~qL+*ete|`c-repxzF2DwjdDR8$)(r=b4v2~d!k}Ug8?U<>{e8VwJQ8xxX*y8qnFjN_KO-sl z>`YfszQ2!Lz%ZEht|0ygP~l=cBMuM26|e29pU(=pBs20Na&7 zpah-fBK2aJ4J>$<&dIL=a4AFQ?qzR4XegZgGqz0Sk7YY2>AgnZe+}pj&3HVMoAkpkP4euX_andR7I#ypT3(iy3A+A(Ial9;o6~EO2uQE}LzdV}yv`=~QUf#+Qgsv+0ql zDW2PAidg*ua*bi1v%bwxLtMka8Ue-$h0d#I1EPZtARmCy*3bC<0D{vv-8?8n^iIGO z?!ld^tX@zM1V8^`)ZRE6Bo_0l4dgbTvP0s326Gtj?hmdL>lwX>$Hjk9uoUHh=!sw! zLD@tg!&6%JG;eX9{B|+z_JG?wc_aI}kiFY@ob-HnMBr=MNTfIw6M=!~kQDyU1LZ>l zx!ISnUh6V0u~CdAUT@1P9qo!#-e0=sx3pjB;!y!%jqy3b9(PGb93e-|ItZhbzjZPqnP3?T zujv1bAcip+hj%`R7BY&Iz)HMu`90?*3b;k%7b#Oik1Ed~7%Dz&#tTi5ilW^hf#5ZO zsLOz;drdL=kR&|1N>Tg5s$mWaRVQo!Rdvm8``r}*RohK|*Jwl@syq${2^v+n?nfbv z5*v77T6xv2s&UO$IYrr7$1J2bOz{H{_V6uR4P>o9GXlmhwDj0O>XZc3$vgOF-d3rI z94@>gj>o;qx%e`$1|}@p44pN{^2!3V3O^KH;?c{rm6YRPt`bNC0J4T!V!nSlV(#aA z+bdvzjI)@-*KlM<3KPyZ@aQnKIhLGR&C8MUS#Z~*U|tO>M{LGO@81IAVvpgwGag+b zBQ0_6pJ(TLzAIv`cVA?2VKI z3}G*+h%&%_cD>B9`Pq&MI6Mn*@yDyVZx=Ve#=QT=rh$d+8|RP_mB>h;Qi|LU?2#sx z9KVQjm+4&Y9V>`3E~<1G9D48N!3&ekt&~ah`m02ON4+iooz3T5NQ;4XnZZ?+hCG*V z|IE){0269t*~{1AVlh|`4qY9$OsAhw13RiA_0q`|Mj;I?D?LU+Ck1FQgxq*^_36zr zK7eBWlnTaz4@8jbq zLSthY&CJYFjxFQj12?r>`I5>bna%RUr2z@I9pS^BV0AjBzwUb!MW)0@16!z1Mmp3V ziClADe!P+{zdqPqa9yO>g=P3kXIKt!_bo{L4;Gt+!vw5ybEq(ginRzQjySn^+M|o2 zqzi>yGm<6;jg8EFB<8g7u{lGG(lX^NcD;7>*^X%ZkgVGKACE#+V8DnUUHaU$}D1ivBRL}N;G#iJ_$wANM}lu+i>2)ZB0 z)hkmdEGnX5*tiPW-xoed)dodQc@FKJJgrc948WF*n3qHh+zrstC#M{O(uECD z6!f<3>d%pT4aw>_=KWV-o4q^5w4qwK9~Z>0mhs6+^V)C#kU~tPl57-f7%;Tc37SP*7+$XE5CtVsm~~jzD~WZw0<3a)5n6R%R&?U{k6b z0jb9`%8BhA$&m|90%^q1D0x1^7QOb7?Z}4@}B;0%wP}_Db0^4!k)if%TASg4VhuF2ua5TK%fBR!j_anx&MF9Yla4 zHmA>Q_K)c%$+@wbDo{XDx)&9pQ6(|5Hs8|43iwa)5z{M3r<4(?;!qs-iQu<|2bDFp z1zGn^Xn)k}|{A^*0%4wKd=*MKeP(j{8T^x-XIV`G@McI<9` z#L?R171v*4BWsg5-)W%_>4cb=uncI!yY-!;v}2 z$(qo>sB2=;u_0Uh7ny_;%q$us~zf$I|y#e9}{~=izNdF#E1NLpI4jDlLwI9#=ipui)S)w|J9EzA;Z3G zwKdSqrVYG-&GhAEWL3e3*WUtY6;}T#e0}b9`)%-kDvvFb87>?zgBAa4LG~| z9XwiPb93H@vetEnmv?8v6=hb&{>8zgmiMZBb=7^ut|>DsOB&Q_Pyh=sO@m!PUMH|% zsa5U*Ayf@FAz ztW#h=_aAzeNIj>)#)Ht>iQgMN$L4Cxbvm^hOT!vYBahC*WMwUOIWiZsl&FkH%56)( zgcsY9du@d3dhMr7@|miGot!?ybx1f_5-W{+Zv#&? z>z(0EJ@d}SE5D0;;?7K_d(lodHLuv_0OW^Bq!OsfnbmO?bl-|t|0Xz4{qQH^SANxU z6!t~p7Bvn1!TCq;qle|bZm!LCl_p<=1T6UCs@3aW9h({!4L#425w~_>BTx~gbA`;c z_xoB+%~qJf@t)|q>E`C<+Hmv;ApK+Vp zV@%^8@e9D1GGXaAZ7Q{b`Ij|ge%GvMfxdsZaL`6bF<5Z=$)LN9&9V3E&4&;0LC(qx zGsxb}KhUFK?T%|4DWZCXl@ikH_p*9EIGfT_!fx80j#J$6#L<@@kL z`70fmytEm+Ot^9aY3!TsvCeMRZP zZ_%ZQ10-TF>MY(~t**$t8%?!@folWg-Q*Vylbi60?MLhbiCScY4!0zwi_5to%H14%((# z!;Sm0`wG8Y{#BYSwJ^YPVUwiDv@;4cENgprH`N$4L15u=O7cFcm=!AIU#Tt{?EkRz zp66zzsb%9c?2LTdVH>te>=gUiHjYCskDaIMFTLHDz90XDXJv)>lY5ER#&g2*EA|-e zE4Oqsu$}@3r3Og3p@GGuEbV*~9lfpW{(H&e?Hqff)yc-SSt>kPfLs6t+SqFy8*^a^ zkyc{@HdR&@MwZ=`w2CpeEe3KU6P!rK*NU7vV!1#Yog|pGb?{>8urjb+@f} z-tLiJ%SpxI>*=<6wYA?4Mw~Cxjm_#T@6D*xC7K%s=IaKJ*uhg{O6?FbJ!2V7l09Xm z1I2m5?6i3Xbz>g(A1xomyt#Gv**n><@&|Z)`Ca*t(nF9(|(by z_DQM#(rA^l9B%M;fesWF0PZrkH1FT87 zfq}!v-K{>*6oO&y#tqtjJ1Efr9TxpjTIRqL++VcT!G#YEX~(b|2kyG&bmB+_kr;0d z-2UE4QRTdHO)b9A^W2SsdwnqmQyl%llNqHFEAWDyUrA{Ob+vYDo!-_>A}a<7ra9`* zMJcf`X(1~pNQo%(celQ(T*o(~t5xHs);{cHH4{}Ex&2nhIxrXK{33s$yzu`?2CKsN_r<@fx<8&S=0rSE;d-S2ku6X0g|l z%*uAu?l@37q@uSVyxKq>cQd(DXn$m}C*P`i;@P^frfY?++aMxEc(LSijcw&pzmB%& zV~fT>B0GedM*G(ojt>3hy>s3GfO)VRnAW8m`1l#^kN$0{g_X@L-(r&UBmn;a_xxVI7qfx&VVyRRp6>}*|@F$!Txw>OWpBiafRY5 zrx&W#%ck-A<^p`b-t-{a+2~sLSL)cnV+3oT*E?ImtAoRbi7lXW2kmh=;#!ZFr;^xk zs?Nya+*^%zj9iqUM=e2kFX+v6{_AURZT0Y{&f|`z?XsaCn_Oztt0$KdoX2R6J+e20 ziQQ~=dWDmU4=u!au`nqo20%zP#C~XbRoNx}3Iw%ur~=keio zxUBbf)n$Wj*?x|euU~VsCL@+OT3i|!ZVCs*xe4>zP2p64mS}R%;8r6CJHOr{oTII4 z80SAqk(+IP<-ivXn8gB@xg!mEtT1UagM&3e22h0w)oiwA#+z?#)~>Y)m+%|m32lVz zmMViq=jq?1j9Y)M9xgJIXdhewp02ixIrtgKWQ1r_TN^3rEcQs1 z@z$KL*h>g$XFb$wziC@pm~HhSCqF+5RI?b__oR<6ZvY?OpVFb5hppv3_os zzfN7<0sCBEPV|W5w&2>qdS{&Gdd-SwoMrd=xZ45?FL>Sgs~Cs;KMCHSu$3Ql^)!gj zJh5@7q#Kiqzo+E2)sytD@5`RkKL1KBlkx zMda7-&UJdRA`oJTjGH!`!~xutM4kIL=*Z0ENZDOJ#CspPPSXem-CYul?>%n;&hpw< z64AOIA6@UknO>{s>JF|gJr07Cd+oe;g+Ey7*hrj*XC`sm3av>rYd-c6_?1^n$YHvy z%e#~MjIzVvIo3yA-P6dn%%zwY+lT8Yp~_ulc- zMsn~IufCsK8Le*T;QX`+w$m{wY-QfZ$_uR%#V+oov!mZ1}|KE z*G%SIy~ycReXvzlclWUGUixa_S@0AHa60s&Le|=yc}pWh_!gq;B9=;T(l~BzDr;#m z0Q(sayEW=HoX2j|5|THaB;*n2GNrV(o^&jyz_;2EB|JdhJ(K91IO6hU+^Ct<*|Oqi z*D;2$-DE?Qo%4umrod)z&sxK;w=qN#ZnJppZ-w@xt-I`ProTqK`Fw)bVvUpV$jzU!Cqe4e`PU1EclMq-28Wn*r#IaWC2t{Y0Ozd!j;^&Qt5 zhFMz=rTS_{^MR_X4@a}9Q+XuiVx5A6?i!Ye~sso)%W=6x^Cx3R+-l|XBy7{I-Ug{ zY|shMJ$;wtx}^o0-noAr9{=_{1JrqusKoQsmWYnBu5`Dvh69y(bue-Me3|s; zXbU;8IN9F;?2T|mizGvI*pMN}8dINH;2U8&hdq#sxRurqhp!K~fw z*Rk8|8+d0GTl#uuERuG_fva!SdDQru_rWW=DG-iEyk@JFR#vGU{RVp*h)qOmw$<_l zFNWpPXtBSaYOXNfJ#vgIJQxkK`mG=W29MM?$%NlMe>{QDyVxa$7^ti5qF&`<1)+<^ zFG;epQKzaWpJyYZ4cK{PNgFe6T35qB16DQHrM~0R`23vQ%lCd$@NT_(JO#pYbF~5? zqi$k`>5e2*^%7RS%G^H2Odvs4WyyNA9u@Jwe_cf^7JXyS$sZ!)qvPByZCKQENm60v$AP$aM_8tw{vNvUK*(-dX*YQrhKfmAg{`Y%*uj}(qR~KH-xc7SQ z+sD57x<-u3!&l3%UKWAiqo;%tPu)L$P+q$;dMk-x4*@3Lb()pZ+id;dzPZ!Ol>DUU z@}5=aEAf4s43}ZxB(LU5x$+vbuF@Fh+ca!M>2ul0)mZFVjHPtTN^sPPd(WV*ffyeZ z5mw=OQFu^$_-){SggSTB7?XHAj<_rCZ>5SyJrDQzS+QWVrYz%Ei5YGq?H3$&>To+S zoqOK-E5dTNaQ*S!B8sNgMuChFKp?~?J=8EjnA@nTN{wu z3Bc4zR&}MKiqOuJG?S7)6m&}WcdDW-wXTrrE~IDZF?h~jUH#A<_#o7SdUirX&lKFn zWn-W@M7Uvo?@e$ET4=XNJ`UU2wHRh6r2Ik2L!J*L>;dinK=24H73a4aC z3)*M)12tFPi1g2w+Vq=_)aGsk2GVElji-u-=6WB$c@NR|dF#$+6gjd`oRN*%@GxRE zb@Nm)WTeh?Z&yrO8ZLlxi^ zQ`}_)DnYH?4a-O^25Rg)yk^xsgBe~grRj_hXK1r@Kkqb()U_&9>+guhaPLU-i&kDp)qDy0q{-k z3KAhr+}~|zoLs2Tw8mfil(Um1<({WoB-j2)OD*Q*^RVt56ge=*G`Cl;_gL7KvRr1A zYFcksJk?JQ-IsgdDr2Q(u&sLbtf1-oKz^|As!8xbabcukyY&*($ zWBAKmnt|tGcDyMWUPT3JK?~0cfNfAd#!bXN5Kk6Hl8Xy!n>S|WyE{Az4Qh{{+S$`{ zNB21FRt4_UGXdUkwYjs~r3EzpBsHY*^8#YbKpyOfJ=7zalhJN=uctp%v;9(B~tO$ax&zROg6s)BOS7a z<_1n4pJGW{ppt{Aj^@{dmPz9|nM*v>dOsHmFD}qo^{-Bu=Ug8k-kJg#0;-sG=gFtfhZC69pe%fpEZ=MhQ2+9Mr`P#;#f$f>6BZquBSdj(~N`DGr}_= zV47h~Sim|9ylNmBMIyD|bkHi#TYpAy@NEz!vfp^Gwv#p9&1~ZlFGs&ic$k1MMR3sN zNtYSc6P82}v?3PXk^xT~>rOYz}tJe)_Rv`4UVu{^;h4&72=7`g&82e}-xr zgg_$LGf>a1Gv*6x+0ShXSOMioSLWfTSp`xUUyB@j#Wep>f<+$`cIp);s8i7#;@kDI zg`T=V6(;nQYOX;UuzlRP$o1Hd)6wLE)oja?amasBTXISo%4Np zMz#J?+y{AaY0txk!)B-?ppG4Ot->;3+{YD4;FOHL5w#MV%^0}Yck=jxysO|{fF#j_ z9M1~9VW-u5!h880cPLPxAN&f4G|9QRNXvWKchC=g-9x)BUbntU|Kz*(Bul~j_k7cy zBQp&6Hk6P>$j7wY&zR~pWBPnmKrf!6|Al5j1Ba{C1;E_ zpKo<*H@wo?u^qbl^%6JaXSVq=)Ke&mu@llgNtiAiX=ziIkSn^?&OKKfK--i1C0Iqh z2!HUvYY(M+O$sUEwne?POCtybtJIU)C=)rYK6snj!@ZsLP+5IXo*pLH}#TJ25-}JVOf9b$o?dGeM^g#EPem}5J*0HP~#F~mQl`aEXmgt=_NlV8w0}@#p)CG%ai$#Bi%J_Za^Pc z7=j0(aZQpV=^&C&5*D^5Nc185*0mrW?R-t})G@iZSSTfB`ry~}z*0cKJ>!|oVK{i+ z{_jBQT^so`>yk@-eOd#9!#v$>I;Bsd&Yxf7BW(_Gew1qoA``mgn=ec1FPUaj-oU9a zo6D62ycixAUKM?PR`5itd!*yNy(5YT4a8(l*2MbKZF~EG(-)MY*LE8U7XnPmySA{K z4yCzeuA7T(-yWaEuLQ^gdE+nE4bAc5Bbnzd%VwqZi$N8@wboY9F3;G#Cfn`g3`U4D zOW*a|&Vz=JK7LHRyc%E##Y0i5^LJn`p#(0H0_m~6FHOcu;0`_bu{be!f-GhyM2$sR zQ0#M-VF0WLs)u@q%a<;2gWTC`D9a6he<+!2qJ7t(7vAr290WYvfe4wx-oyMq6D}z? z06l$LMtrDj|oN(0-P}={5JT3uDndywMhN_TIhbcAofm#*Zd-{YqaG;=U z^NDT^h0h>=yCZ|b6)PbSU0q$W%`eV`gh#Ra`1sr<0vYCG-p5ED>r;KN!I(p5JVt;^ zCga5(djb`!y@WCouQo2e5_$uyY*j2&K=BiIo-D5aycc-Ko{of0bIKb^5HX*%ax1@f zF(0Z?MxdelWRd;v_y0i`{|mqWrJw)hpZ|OEqdYjMe{jum1lew}i@=r2d!IN}Oavn; zcI#AQ*#p&8lh8{u7|Dd6Us@~-wshP_v;cqk9)HEQV){z`y9*S0_Pwdw)KVr_vT`m3bJ+V zVgFV0qyCWs*?gTOIdN3WRP$%K#c+OiA!$|v#*hjj-S>v+;kV$BXniU*y2Bna-%7xZ z+MO-yInTAyGK{LP)CO=u^+q3vp+bO-nBNt5pcw`(Lv7G3iR*gN3kBkcK$k9_1Em|y z9-8204+b_YBjh=U@A3QY-EH5Ur-|H2!x@nd_FaXK9!5nhngX_%A#$*4~ZpHt81=P>h`Ez*-)3 z^gHJl2&kQN%t$-M_HKUnvOGSK_X$KDdXS`bPQ+<6?ro6W;yPFS?s|hCJln3tz9Q$L zXT@qo&RiIGSnQW7SByC0;pI_L~FU9?&C(`+8iDti^&3^{6NXGDuiC-?~u~Zq| zvUW>D)yFer14=l>Bww9v-fGlQ>H zrmX?|E6Dp{#2D$y(uh_;+v1H|*y?RZS~K}8IO}Gapy_)pGfAq7}vpT?};- z4SIxE*3F%Cwo@<(nGbPPEVDt+j`Waiw|m_qXwM{k<5_iy^Of!M$pzrQ%b8XO3T(qh*+l2saL{gzEAp37{emg;~R+G&HDZ?*PoU{b&YwQHx~&6aEK(8Izx{KlW;9@d6tz!c7{M(}pFB>JjJtKZvB@leg>`Gx*r-hq2zsoC5WDhY zW8uXY8CQ?aM}%(*&CCpMDlY5Pm+ajB)RV#psLJb@_j!B21Kf;-U6QxXV-LT!)vox7 z&c@K0MB^S;E}ltF1G(nkTl31_h1s)k4S81FZdog$X{TM-R(?p=Ti~`|Jk?ak5m`>F zccF+5$1EpWxN+cVU*nxmL#aoL?Lf~QKXV!Mlo~y${%<-4r_cV{YE=NnkORC+-)yOy zW!n=<;>`A6dvgOi3kq-v87Iw`6+pX27*JIPeh8k@Ib@-vW#rujIHYbukkC2=i^-6$ zKaS=(3{tEx%t05yp_9%)YvQvf6%jxz>-~rA>OICJhvbHIY?+}Y`~mq#v|UC1H$RXh zH(B(h<`^S66FNCN3vYj9y@6QcU|rt?!sOyb0n`S~gLmfuy!o=dqVV|_>yf=Mh-k9T zE09G(ax#Pof=bx4|7MB1Fy_m~^b%=kMht%HbWh!s9G1__Fy_OtTVL#$r)CKQcD~{K zDTC8^0tBDsUZ#v}DHUa2b6I6O>XfzcBMmm5{ z4*gP4Vm#rq+soT-F9vV~i%1363~BKQEO+371f_cP?L*|V;Ep^{f6@W*4# za=jd77aXIQQsNkeIos;Y*|TOc%mH(b+6(4gU`E?fHYCuh23kZAs0tY;kWX^4Bl7Bo#PB zh%jy(A!cpOM(q6jOadC{L~x^+&J)Xmu>+uZkQ)gK5F>Vj{2;0F8x6tPlI=ws=HxS? zX8G}-`e$0-@Rx~j2$+Nz>hE*bH^pDYT!#hig<_B={!};d2zu+3e6RX0o-B%0 zrsOdWTc75-gRjWkaj$-`9(`RKcHO+2i}T)9oN$u{C<4MQ4nm;uNF?ZU-w2gmg4xME z!#PmrX%3dVLFN%$S49YLN~--bPD#Dau{v}5G$>)IVDZZ-mOypwt_ie0s`C34ljFwB zy~#)oy<uVjO^-W<9zXsMzkx-j?hwX%ITYK!HN~X$2DBpa&!jZr8^IK}wXZQ-ZAA=*qbmhkr=E=MKrY&}yN-0;T6N!@RxIQyKAZyq-iRj+tXTKZ)8J zzyI_|zreu-X5?V6dZ?Wdlk?YQ!CH{eakYcUYgzS~@^AFvD zL=!<3z0*H|R4>h&0YMsnR=|nZhl|(ZRYqFmKJQdoB(FAt&RuiMV=K$&Q15BuNO70K z9x5;96stHfckSKpyRWJBJH^h6TMw734!P(+twCSPLLB-ChN;l%UAE@m>VB3Yk}WRY zFh9$7;NOb){;TYsZllFmLSM*&6k*kR%^^+KyxaiX}NyeCYGJUei@9n`{6MDi=XUEV*V!aN7!dX_%R_Gb+?gdq z@2z1|Fk5>(gZ2WOWCjUVKnz6v+6EyCnQ-W>XWxY$o$jmZJ z=SiDX`^ZR6R?zEV;-{2I<8@Q;G-rkkm`LqyRUfixfPXRDEyZut5XPvjj?kKENdan& z4-GU>x6@d=r-J)U&U16S{1ug0!cPZ3#1B+J^Qsr3q`lL(aB?3}fHT!NuiDGUNoiFs zPsZfBteb654mp~)hK)kPR8tK?l@ko3)JcUne$#^|xaIiR#Tme2T6E!Be7g8ko&u(* z^_jTExw(#~DWC;7HX|eSV82m+e5`1Qg@Ayd|C7zY&EdZ2$8+6T+L{HAen^0U4P9u) z^$OR;;HIXgL=yxS|6R)$sN>lCbii8=FjqgX0wrDWxOes4spQNjCLPo#$Sx=XWn^A% zGb5f_85jO?-95@>F^6AuX{^)EU3?F#C<~rfDSI5U6|kp(`SeA<=$&;bg6Z;N>K=e8@E|pD7g7^Zdwi~oPLO^bKF1ow@4DFrda<{&L+Y*5e`h05m20Un zY$T~MLRQAL%x%#wo+7^0Bn%C4C0rW_6JYKxcY!%M4)rrF3MJ#Ceg&k()}XT#+HID7 zyG48-dJTbDM~{y}Y+P~zXy#-BWIyj_U``jBmD0-f3ZuXzd)1vzyCfhp6zjJAW5*N4 z545Z*XIQexxS$aL+x3cpF1>Z|Sy05b0!p}Fk1SCaNPV6X+tp&{ zXJ*)eU>yNyavuvhN1bpvdz5I*mEQL{PXiR|qG}uqivWh9&jPLkrVW-je4R9UdH&zAO69KwL;NNt><;BTX5pT zM~4r@%K%xE@2Zh|8eWD7fLvTW_8g>2AWtbmne@L6e(_>pV7EtsPI6Q7#`~&CV=17u9w3@na8pEVq}=q6dMC&}ojz~F z4_OxMIGgus+J9PgVT4F&!rPD~a?HDv@-+f3BCsS%ltZ;Wn>Z%##lj0U9d!JbSDwMTA z?L)8<0zAwsfHy2{qC9-g+c&-tq}7F-RdSfY6!4d}%6Wfp1kRrge7&hbUw`jf_{g>nW?G1H1?8>;0h1g}w*$2&V$!Q# z1hI=#e_|J>dMlvVg$)BgF~nkNUVWwZEpR#abjAy(<$&$Kw!SIv=vZ`~np!?ZDxUGd z`B#S+_(agjp{WM%Tz$9W;#y!LgY8n*($X4T-DUy}5_4PMw9CAM%xc zqzj8Ey>1M{yzgXfmRa0ON3&w^Io3(UE9%k;XI=G9X)42gQaznPOZ_#{lw{WuEsv5t z_f@1VH_ub}Eqs^iBv=Ko zer_G&`2HE7n+NBmnHb^C#)O;rR$^4DUjbJwyyfO=b5=R8(r`A}ma%KzPIC~1L?5?H zvhS%(&8n=;a*71mUgR3HiKt%bx;ZiZDm(178B(iq(9OtQ4tgq%c<#l)G%HVloR#-c z+KH@Gi|^8qnK|2;b!YHg>?dM;5XNZ2cL$0)6hP+TzacYo{xK3@2(zj%+W+c2fDAI! zPWT?I8%G_CGg5a(j;jx3^OE1U59?Tj`Mxn(?>^a=pCiniq{EjdmmRAS6Jl<2?!@T1 zmuI8aF2BQ1o95jc87ompe}l2YXvfYmOM;7?R%iBXyeti`EAz2qMuCkj?zb$Rz+>$K8{ful zoIwmW77nPVl=zg-Si^N{?HYB>^t6X0y&Cx19B!{`tBbR*4o-;T)wy_>x zAp<2n^%^HN)hQAxwJfEl->4D9ssjr_y`p2f#|hkZ`8n`VO@L9#t>WE@Fc7nB;WlCQ zKI0laF>#MDq4QX_T$jTwL_j7q#YO1GLDc>lL> zalICRXu*FFjhY3)y>v&|-o<-frC;2=t9$W3bY>Ofv$Gt>yGit9<80k)!I6;TGK$QY zfezO2x&rFfpr^5LWJ{|oF2Xm+3?H)XaT9==`BZa*b&Hy=jX{lyVj00NYH#rq&z&Me zXqoU#%MzbBOE1dIYt_q3H?&7op{=YJQEq)d?rw}~$hTEnNSgtzKEySw%^-)QLhmA(lA@ z`aoAqm^O{Q>E8JggPl8m{{B{wayccW>{UAPSX&4ipCIxM1V$gqcx`1vlhOJDfuipl4bY4Ed^@=?A{@tXPOcl&SCG{lhA;Wcz34doDX^>9G3 z!5ttY@4UK!gMs?F1S>5gmTBKOaApVw*D?5Svih;Q)-!7B>=iuJP>dRA+kZF)*Hgv7 z9$dQ1j;HV+o>GDrU&q~Qo(Vpb+hNhBfdg_9xYR!}Z?gAKkJ&d8 z=fN2=xxid=Ff_;7lrq69IXvDE*G=gyp!TQ}Nx0ceUfd_rtP9_=h~Q>c{wxH*K;e1Y zk&q#5d|`YqjuAXZ9Rf`O5W~%8DtBD>Lp~1p@95z%JkC=fe8xwzR?`5X7bwgKbv$B( z_I3%bL70~;-fV;{Uo>v#UI_pjKht-iIN(@AbVo_{|JK#KucK&_vyxwG}?Ah>IbR?d-e_;a^tG7P{RJ$>TdefJY-s?2lR|IE<2l zmaycum;QXo{Ro;X5W!ypzqOkT3C8hLEM@OdFH0G%wvmISPg6F#??1iZgKFK%F;=fm)jgbT)=Yo_f)q=-sG0lhyckk+r)1dDp3AVyYBv~WwL*n8rBrcvjpixHx z)(iRAAREV2o!T6CEyf>$;^RsHify~5Q_vQvBtO~hQd{}P4l_nTB6qv-M~@SeA((q2 z^KRaOALMV(_Y(ujvKXX%^>FffDkNz|^86te9xN8m@3?B^-pU9x=E zpb7eE1rUlG(Y!9^qImf1bInAex!zv;jiOy@g-dxg&)cLRP)z_(MUEUh4b7>3p9WuZ zka7Fo`Y!ZN5sr3WfE5N$pZd%T7^RBQPatVjZ6R^qse|P{|Lh{7BqTq=r<+D+$FF@JiDIrZjh2QIq z9+{p43_@~~+CKW2Yn_OtGz~Ow;kyL@c-~ZG8-!%_^DjM4mCrJ?juwn^;asg_c)CF0 zRd~T|AwnH%(9-3oPG!*%Sw0Po2YrtPmr0?JDS`+!hRFXH?DKrIEjwpJK_A=Uummp@ zxR6zpX>HV5JbdgE&|yf1q9N_T> z@HbyVTfeFB03_Mk@=V|Go>tVDt_j;PxmPm4b^+H%+3O6r+l{wOxE6kzN(SSfM%1Vq z{cH<1MQ`yoJf)D1geWBv$U7a6<9xsJA$ku$la$HA-Pv(iUo8$5b_t*yUS0 z=S`;EeD(oKA9Mp1sAZ=&O$l9<0B@b-)?SxGsRoJ&qqk$mwk~=*jMDhE7!FEoAWyo9 zhu=*O3(D6_8ZBK_nc zOukOyArEiEmE?h2!>fPb&mK^xACSInIN+UrjC|qi#R&LA^6oVW*fM@wRnW_Q%$+q> z5(-bXmcxFO0OBydXs=3J(Y67OH-&Vk1t28gjs^?5h_`oKcGk@07{)U`n*K2uX8Mu} z7BuPsfC4uA=O2wzr!BcRHaM8CKU$EKxT4O6eatazV3x18yu)hKWxu`N!n&J1gpk0%73=E6&o%9xjci$VE zfBM$#X)KW$M(R(3%PAjTAN-vuK#Ls3t;oNdGUJ((+_A1oRlgNLDL3a<+TqWm|hL74x}_S**OjdFf0GB3EYP*G?_+V}M+U+j zhJV)r{Ju*pbAt7dhF(~P#%Ss|f(bdOY`>46Qb%?FVN)4WEfqaQ=pi-NA#IWhS6^$g7M z3hu?b=!NaK?+>>n?Wv8FDjsM#-w!Md$3-*$TH4zYvQssVhyl0E!&B3(0T)Tx!1yiW zuCT`W=#}N@l|SRQpo3M1Lu4B3a1t_Cj=q*AKs1#yTo~`q z-(-Ue+75*Y82q^&h%H^=8|GlAlx~jwILjuGlK(GS+yo-2#JYv%>R&sZdV5}|hXVjS z>T~j+38~;L#YiuBLwH9^!ru&1?O&~#k*rB)BpqD%=Olm*jDg?~Y!!R>S0CeJc%Sf- zvO*r%hus%DtiJf?dR~pdrhsIm+rLiE!e<)}2JiTnwEfev^`GA=0RRmW{=J)**KO}< zHDqQW|4V6szt@0+vJ2P0kOBbA$3s>jXLe|_3VQHy|9zWdc+@2CB^n^f|M!op%c~z| zIG7P~SELXBs<{Ly)g#0}#wff2L(%&F?=KA8yla#+FKYK=O0rb62g<<2xi^N07lzvv z?SdD=RzB)r*;+!=SMae}TvSy(0{gP2|6@@lu&7UHOVHnoejmgab$^yy_CalfUO3T5 zSz3=HOvKtYswo>AG-y#3EQw16|8+8Hu*h|lX87NWRKKkDo>a*-9Z?qUv~57FIu=A} zYh5NWRtT9?67OfE?$yFPTQD#8q6S%VAJO23_$p zR;w>BZ76Q}RP+059GtvVfaMU&AL@^D)qdk*lw9e4Cua<4J)G}+kMr8I<6=2FqMjUy zsuI_P|227_R~KAjQ2=r9_a$IffDK0)nhD4BXs+j8F~fAaPANXztt>WqN%80YK=}=U zFS88%+|`A$XOM7mZuzgNWV`>_BivHci6+! z2ydKm@ta)FL2;XL5Vr}q7Esb0LeOFOBXjocn<@BTn*c^$1a#^Ue;emQ9G&Va$>|p# zSLzxT+6TL7R)zg9X{zbLipm|cw<_qbG@JfQVx1CF0GGE>Y4G}Uc(86-b>$UYc+CIC zn~b4*ep7W#^+q;v&z}7aqGNbvz(we@pPUx_O|9R_y#-8KiVc%b3((?`3 zjRO-umjmy_nho0BjZ$JN;)%Lxb@L+3KpH0E#=lY#W!G^uVhZS*JCNf7!j69c`k9H3 z-wEm2Q`Je-wYj&q*B?K7osW;K!(Ql=cQF2@c;4-ulTX>b>(6eD`!Q&~g(8rSr?&Py zlo?fFWZ(8Xt2(EX4#d=zCeAWT|1lB_D1iXVXgaZXgmxXa1j4&J@xcf~HaFymql3d) z0_B}n)d2%OHocr4p9iOfgYjz~-=TN$$h(8g=QcE!e&M!Q>qjnpqGbY!w_fEf7OzO_ z{^V!!Q>bMgcLLHgJ>JOJIPjvvhpc#cYkHhFiorBC{Mgy)(2b6v_Mw}wp}pHgJ|Asa$Za?o#(=7dBr!BJ ze%&({T+S6gK5-)XJxoT9I1f`^ti&O|f=OnQ0WsONRdRiV#eWl^SG5uuh7jpO*45U=sH>}+YkpwUXZK!e<2rrheo_2X5koFr`7rvV|Z>{1=$yK!t&T@eT^t*FATc>23DKf)^A83wj&9RJW0 zlL~--RB0^apd2FKfX%;MLmC^d1Tv!w3*p>lXB)eVq9?K>zZN(=R~qC4zyfm?FaHR7 zekC#SvDr?TEjIp!a!b4xJ9zE`1`k~Ud87VWc6E8?+St4!PCgZj0@~%~(U>YY42$nV zhEbQoW^MNm3`{7g#8~tW!%!PH%v+zX5afQIYLqh*7lL#u@Nx@m<+7rYt>|c!pz>sM zdPKA=vo@caj!vczvMmFn$v)A2(+B4S<1kqd#Wu2eO^&pw4tIjDGAO+wN$T(KA8)oi zlk4G{l#ib6RKG)zyQ*XP`8$B1w<^(ejjEP1x+z|bnYsndL`g}h&4(#mQArHjL3*E0 zR82SbnLE1BBJdAwTXh7Gzu^YM;J4lHTps&6v9;`=RbZ2oIba)^&^Zl&dx3}V zTMze-#|WxU#fZi!h4A`NR)nc3mP&3W19J*fZ2m`Tk#hr^_K|W6u7fDfAcMJFz@RBG zXzGHTL@hmcyQ=x#k*0LEMN+VNH9r218CI)+Vtmy3I=_2EpAv_-c)U^r{;DMP(VDD4 zkOQU2$@Nn){G%(fH1M544+ z7}eC&MmKkfFvWij_a%pXy~jv}BhRK-1192+W0~M>ch$+12#)#PX3~Jei79%K0Lwvi8uL zg_i@}vP^7y>*yz5ED8ARqW)%|6}I!eSDh`#P%BO83(u7uqVMd0 zsR!BA7pCVT9t$za^Pm|?TI0DwS?+~^S`+TD6{lO7A+~#T_(w((Sv(*_H;+q4_H3~p z%q638W5b~@*RJZ;@~FD7bEyV?pL6ym9u8EYUc{K!EBLkx69Pt)opM;v4hRl|0qNUY z+NvNRtABLrIbgnOSu0FKWtlj*7;t(|XYGI@B=$!12wRLJLvU>QWmLek7My4Ea=JA% zTEOzD&L%oa8>XhJ`nlVE@Y3%KAH%l+2K$$Lbwo!bwn;plk@WG$`?N0QoXjDXM!mty zdhz-IWt$)QY#}*Y8;niESnIv!-)1FV6j-GA;NiQkrybe2JkE5?yN!uOz5&kb*#-35s93}{ye zNT4zced84@HwkRY$%$ZBNqH~V&_W?Mas*ToDA!{^K8=3_R2lE!)6pC0`CoKUF$?dunR&e?_! z$}Kx1`?IYFvY)L~kC`)b(SuXQK&L!=PN_9y#Sk4FlM}^hf1N^Fmw6&6k^eBX2|?8R zJUAofSd{!B*1;zV6fcLfb3S}fR?i;b=ImaK$eh1bzvdKoL#Gz9sEUy=^0Ts@`b9co zInq?TnH~7heDCGmJ%FhKiPvh#?DFduj%Epwg#v=TYjFt|9ERws7zH26&M7L=2&5O~ z@N{#Fn>WAJ;^4km$$dc-#MhMImIE3nEiQ&qmxw}3eb6tw&@#Sf&S*f4utiW3_tpi{ zLm})yzTDMqIpPB$RX70>$nb$|>w|rk?dDIM%v^efb9U2i0$d;lmE+Z4*g7YCrKn;_ zB1*JOog^7Fl`eqG=`&C0(MkV_4j4dYzCV@a5e83O!&{$cqeRf%bhta*Tdq&PKj*Sc zkb5e*SRBHMFXZy-I&O1CiKn_e8W4+bO(j4^MMa&Zz53~okpO1N0p)Edd^9oayOQ_x zlngY5`E|j~iEzOUX7@6&999+LRl66euDgVo9M5lw4NIpvuSkx!3=DH7DrxTjoSx11 z7yQ22Fy4TyZ*30w#LYTk=<2AwQv;@=z(n!Q1}dedG|XE=z~IzSFoe)@Kn#5)9KHQL z{Wqm}=|UE~h~3(eHb;bd(Ib2$7?r&{KebwhS-QSq5)Dev;t6GNdpPr6+40GST*n8M zm95tSxmC+fO_%dh)Z}E9(V0VQ>P=IKZf`BT_+KkvSnQ9-cPf{~57=sygtQ_ru9s_Y z#j-OTe8+@DhF)J=?GBC87Al;oZVTJ+@niIYyPQykUC%3&$S$+kQG$V4l^Dx`$l%~a z_vIt}lEFci1s{t`^!`46H6I=&0?WPY;^Hzs-Ilac=G#-(R>(tSIK`|cN1CkX;U1Ye zkgHF;l55od{6UFX8y7o!LwKr&Rj`q#E`tg~rPG`mzoo6u;A)=C0}-)4!tnExa^p=j z%6K{)`gXJF;{%SvY=mcv8eaD})cr_e#kfek(ka_=i&D~t9sJDk4BoFX;3)fC0Kyq( z@MndQlwbOC*P?~_omUJ&(I2H~5E8X<4uQFkEM_`lcS&G4(<)rVm9F4;xSc(L5IHn7 zqzzm5Bh(9NLDz&4AU&NY&p2Ckbu&Jl=c;m>ppYMbs--fn@39*;FWmbeddkynQ3T7z z{oVp*+9nnbL6z1x&@&1zK!Ud6xoryeRJTM~n_P5xRczz^la1Ox%&iL~C z*&C;^pi3vHN~c=C#E#GIr$|3^6z1Xri7BJR`h=q~&|Y*W*5I?9Se5qfZWi&KH&asl zw?)p<@J&DomIPuH^ZIGpF zVBJGri*M+9)$56xRxSrp{H{Ap%PyiT>Yw^75A?K(P&XEZlHKED=z`wpRUsxj@3o^N zZ4;J@e@*lWCht9I{boO0<&+&pIbnKGxwc0#G3wl5xY{DUy{eMqw~;sM=DZbUzmjN9 zRVOvoBgbSbeZxYWNwG3tHusm<_D?XC^y$t;VLNHVt{B(xoQ$F~w9m9_x_SiD;uJlx zo&%24Z!P+|*cd8}y*pbosn%n&)(1!%9(oSJejq--|D?H!d0I+hd@mx$;{b1l;esb~ z*u|;#IjV;I`ibZ%?^<=O$_LLbncozB@`}VnG1xpuNI#u5q7K_3nrpv#-+5=EnVh() zLw`Lpz06Aga%21mY};8Ycf4H~siMYWmQfu(=TJWvvssnVI2Ao*IQS-(0#A?#pi4ky zoP+@lgol|A7}0&!J1oWuzxHq>5)hh9Aojw6_cHcqzSU!(*OMV_3Qxyiq&$9=QI4)} zcU(lUA6UC>?AiX9zgRMd-u3+$utTHvP9nT^k|Nh?)gwwz;5H9hPWAYoF_d#{oaq-I1|YUGjCtb{W`S6*W;_jL* zE`<5OjDdK4NxY3+EMA5rn5WVp`aJby z!>86t#>l1^9{1z7P0fVaBb(zHON8;ZCyw*hrNo_)Eb2Pg_kAO;p;+~6HHV&I!#cIh zrC{}vxQ%vnV1fA*(%oaaz94tBi%!z=tKEgUefN=x^%ZQ)@Rfm0`rus#E&CSk&wpHKWG#f$a#Jd5fj{VY}7pW zQU-QmK2qtilGs7bY615yFav$n5!eJY_wH!hgywHEr5dWtSd224{)5FkFp(f6XYyjj z5)IHH?evJD{lv!c(l2%s44y0RsSLNu>9?0hhAwBZmW`)Yd8(^cb(!CG&!W=X8+UAN zXeo-$_uOqOvTEDEw0#=O>-peS+7uhsQ^PyR1*)%#o!&u)=Q$Mr!Gln5lu<+6aVjI<% z5BThqgTMBJ)wFw4HWx;!4ruyDobHl1bvF8cs-p$PYm${ucFDOlk@wq5xe4=4WU*en zJDBX{Pu4@1wLEeLcN-`A8(7zooQ37|Z#H7tuNS%=IAAUM+hA25)0o6UbHPJf_{uTx$=ui{!sdtv8J9HF}!5zcz6r+9rJ(3j2-^WIqAn z&O|nb#BlWUD{UAiC+KpJZOxf#vfsMe`vfpynNNju99c3}=iZya)@wHP*ci%wJlI~g zMt7<+V%20FJ@;L<^{d?FP{B!6_~6WrOH<=f;V8px654!EdTt=eXZ9xJ#d+W4^uiR& zi%omiJeD#Tf*%XLi$hhceVg&!6lL6{ZME7>ty+s8S{~ZJ}-`heJA@1J}ETlv4 zBQs8WxG$Mtww=n->}GO4;A4X`QdD<6w>PpzSDhzN;`@0H#WcPj7Vj4{4-*c%CN`zT zrCnFfh@scnPmg`H)V`mM9$9bZ)!{u@@0?rt6}^yzo*ZK+SIw?kd74#!Kl&XJ#f}w>7vj!ZUUUrj92XRJuC3t$jfX zMw!9%^~l9v1ZgDO&0hj8M|7L-rFI;vIO67`W7l_y`=xMS8#hDojzq~st=~j*79sO_ zu`9O>z|A+CV+A^9H^~grw?5Lb9 z{<-wm+1@U zudg_G2>7utfq-(>e&(0R_R50%_?t$3&|7)LzGa(+JBWj$E?D1fNhQ}~;C9K9A}@N? ziIWg%e93?KGvZ7xdop^T~JNETWqxiw3Fp!;4{AX6vJfm@(a72^ixBZl8t`$$tacf=8CL4&@;*CACyvQ zmJ^t}yds|IHxwK9OZCt$&a2-rED_WVZ>sDwEP6c<9(&*VzAKU@@0Ys7{Mzi8d(odh z<+(S`U>&*do!~abN-8fz-qv5sUzt3d8G8xxE4(}D1a;H00!L|(|4P3lBY-U+^-TwQ zu7wN9J$?<0czZ|3M(|2)+;gN#LgIcf+(8fNn?{JVwh)G)HZMgyEw{j;H7}D)DRkk# zA&jiz$gv(4&m`UHwgufgsk<$D(5}}?a#e3m?#rmZa#0U;ai5&zG^{tW8~-pRSQj&J zwjl~}Coq1#v+$TIs+msA1xdd*=OWzS&tvpu`(0sxtMLRC_dJppkV(2H0NyeSK*Y$% z`fYZOrr;jIg~$p*RC1~{d=f3F#Z&RPbfdzhCA_lVbjF@!;!_V-P*xeKA92XZlajgL ze`!Z)-BjN1v5s$_M2L>0S7ysa05Obmpo<_fBCy@{iKc0|dSZWNt{ z3Z-xW1nw`W-zg}8rmR3ND(w3)?`b$Rncidhdt>_$?OiPxh9Z4R;yOTAZ4&E5UpQ*q zP-Zi&)Q>t2CzQsg(7H90#4?6MlY1-rid8(b!b-Dh+F`6_1H}!mFE1?RSoN}2d2UfI zxKhfw??2R#>w5lRVaaU075z-6pzF4bc8eIQVb(irHtC#iuonl&b*xTxzU=>~#BdNX z6tFVIsvlXX5+~_vX!ufR7ri<$xyjr4@ya?9?>mtB*sNTnl}EgW)owL&f44imVoLX9 z^$+!CZOba4pWtQ-DMiVA;;2~@RdaD9<6B~SH8$ZD%EqlrKjW`R!ePw#$K8iQ7Fxp; z2On47jpCPTXlTecL2SE;Ej!)nmqY0N=0X4(e;^*OqshdNVy9#mK&%W4-XVck^~A|Q zBAB;#_J;$U44W!(#{BZgDa6EA@^kFOn)#Iy8To)GiJc$M70~Id$rETZOF7$?FXXS0 zo*Y|H=nrIQy`LF~g>#4tqE=~7zo?zB+WC^Ny`8Ksh^^*u*%jM^<@8($pO9+zD3vL7 z9jTyvM~}c}?R8RlnqAk?Q-EvtE07K#ZSoa9i&W;{J4G#BeG;D|C|W6&o1xS!g$fZK z5h16b0D1s`L<2dZ&)_U>2uKaf`!1}=1 zx};X?kbj~%*HmjmSb&Rtt;SC4g!H+8Vp-r0l9Mf&VbReS!INM*;^fX7aknI2qmFn5 zUi}he@y;>hUP~Pk#%Um{RD~`@w6rMneV7XRb-&M?|H5h1zA*A`k|-#cDI!_T!+65d zAot#T4RUr??`m4ZD=5T$ZeqZwYYoD^ z`uoQ`^g0J{enl?-PnZUfvbro5E@wH=)7icfbBDo50dn zJ8WP_;z|!hlMwdy_ND_HqB|d{`rH$IEO!T8QBYv@@mmNaJL5>L+{dq>7U#Rjf%WY@ z4>ZHX`x0ZJqeVFYtdWULhZV<=TqGn0p)G=Ex4DC~s}>TtJZ=28@WJyHBjLxNPeU2( z$8Wr}=_oHvN1F3whpw8*8-gBd{SNM0TC<*G?)|fDU<357ckodi%qudGc6okz>WFed z4$*ob70uk$*T+ssN+0%BV=-tifE7%R{kZGRcm?W%(K(yO9`0ic=7fU4b+@|A#N?zL z$WyAze9(>0n~cG|)5qNa3oY)$-*dG1B{s4O%lJyU*=9?^@mGdfZf(9#0d28b8E`FcvGWX!_=Do%wIffxK801G*Dz4M`_0LxQ@ zICe64gHtG%j>XENwF@L2=FNi-nMyb9Bd*B6l>|h&15~7$-dl%N)jeUuf`Eirhzf!nK^hEF`iOLMC}~AP8j+CZ zD54;e2auNLkkZm9A`Q|ZrP3|kd~4&613r3v@Av=v{qtNr$liOcS+izl&D{4a%w^yA z-H@%SlCyj^%F#OcO1!*V>a+%XjD~;#G|YxXmRm5^t~3M_ndpyoc->8lUp5j4SQ`Uw zoGJ_up5T#w*WWMX2>&*}t}TzZL?}o~Y3zk5ibl z&+7SCgT?YM5GK>*J1_kp8$7DeE~zTj`$S_B0BCP({V&t4EYA`sx)P+nIYMY|t88JB zIq?A1Jx!@WIcjyv^RNu(F9Pi8wI9|d2a~Ck#ctJHgYv7f%1@r;QapMTtOjDC=S?06 zi(;xv%m9|E3)dy%bP$f!;z*N9QYMuIoev6RhaR=Osjsblzx!_DcUKZf>h1<0d&|Pd zX#FaFct#P% zp0CxM#@GSs!8b@nM1|PBZ`MBuYOy*PI@Vu>mSGWOK&{iK{+maw|br4 zt56#?pONADg?ArNSMHNx?Wik;k&&^vNO?taCn~2h0Te)j2vNN98B% z7#d_KDKTDxf))-NO_|h(3f=oNbI-?#yNkBE&BBC2v;FP3lN*%WJbBD-|*)C(mIiP46fpYJEZjt3_#WWZI_(0Fhi2~naUB0xD5F9F=G=KcEh z5UI#yS{xfYJ1s!eZ5?%$@Hn7)=UD4EF!IJ3qBda#*}0oEAE??{I%Ve}IqlocMJ94BK@ z8my#cdQxB~k1C6czr3JoYlEAZA1^LvYXb=7SWy08aMyqN)Jdt^6aiKvGaFAK8(=}Q zpl|r9CWx`uHD<(c>l!yb40i*I@p^4g&L^|FmS%qlnqr2ygX)WuH?K>6#vtI)Ryf{X z#b6+DX|#aP>lbDqXb4h}@xKerp}nbfu>Qn{`hC{I^gHkI*7{r)0{FAtntu3L5p|oK}-gj+kifA__tYDM) zXud?Mi?WiptKS%?!mP)9_=~My0)}R|07ud)IO|;X_xAFAK6v4k&c_5*K6L12A-G$W z)xWJ`xl_IsWDVC+XKTkrvYEWULD>6!3j~L$0CSBF9OFIM4aczO&%GM_VmVTe4q%R3 zt`Mg>&Inkj`~@b-95E9e{yP{KlwrYe)@Z_GxY*%$7nF#cZM3gE;KAI2J<>;+)N@3-)T7uUn1tP@sj5Lvg2;uI`2v~KibSt7Ek>dq=)r$754_*L-N-sm`eax5wnXDEj7#$v0xlT^Z z$xqmNFXoK65KZg%B?NjzhXx(}8aV9$^lZ*IpH|%?FE}INUD>t6nqz4CeEAd(iS=%z zyZnWgv|tC@U;-X0dW?bH|Kto*e+8uZ3E#TnsFy!=7!y^+v^78={#Ni- z?9Na9qkrfAccBxSMj-Y3iphkOPDHk#l9T|uREBqI+I3l}z1z?Q>c4II{|qZOBVRMQ z%Ta7IGJ$ZJ7{_2dR<(Dahl!QG(iMGLW6aK|o}U zLl_O>kx3n3p^e80*2@qYZ)rwFi{d_|gcDQ)qHK6M-iafl zg3J|&ajmOZ*fFsZwA>PJ_u;hT8jdP1pPK8u4i^miDH)gs9v4rtKLGdF0LYdpHZl?u zM?k{S0;)S2=w@oZR-n1m(eN|C|C&yzA@GhJOcVL;2<7jTkkUg_q7Q8 z=bs>Fkcq}d-y6OC2TULEkzk`^y+$)fzkXi>s5}SRf207&3bKcb1^x6E$b}6ls&sUa z@L_Xsy0gIj<9C%FVB`cW;YSC442-+~_|eb0yE}kKmkj>{O@1%@7x?)q&{6EyNq;K_wyM|5&{T zGW@srEFok*^PexI0|rFqe(QP6W`HymuvM-c4D9zS8^NPt+&}RTJ^=j{+@18V_4udw z1|j;3>Yp!^0jHF(%D6xGGaU9mjxk1S-d+R>WBKLmAB%L1`LFf(r}#<%`mQ@25x`iH~*!90MYXwg|V_gl28h?*%jO0 ziyt7)=o>QXRz113w)lwxu*+Wjxk~W+=dr+uH2+-ChxjRQla(&d$1c`6&ItDGdxqU8 zzi%OUe@M{%GSH*`+tWUOkVsAvmFE3&kDQwmGTK^<(^BWp>RRA2#^3_?zw<#BXtX(d z^V6d$U5Rqnpk3K)rU5}$wQo#Q| zvQ+L{Kr#Ed$9*toLP(4QpE>!aH!GJ z;XLju1F)DzS^gbU!IA=DuoRaCP4+|EU+h?biRb)C=S?5x8EMZYS#93H(cEdhAC$_{$ALks-gh zi;RC!gz*%y?2Heg<+v+XC=oI&j|Q`_9WL6tdC@# z){Xq#4~F#Xae9GQ^^J|^L6^p$O!snXsTYcXXVCU|GY`6&-a<~!`bJ~#zPUp%z1v+YFN?ps zxU`selj#iptD$+fZWA=h&KuzU4x*R8@;{&$@Ea3cz&7qSp< z7nDs9-B_9X0926tpplgYHL|HHe29mTdN2P)Ou4OYJ>O^0dTl@c0RJ(AFaRZt@l^-L z6YdD*?z4QSW~Rh^wiNty!n5bkHDJM^q2eIjMP`Uecfl8das*m79)_AV_@L1i z;2O0Jv{w-_)-+x}4xQz`T(|__f~4TCPxW;FA4!MDyPJREm;V=mgWeLLSZQ@1PDn%q zU{%0VJKVU5$))~vZm^04(L51-6sQ#Z#bG{^1rqC}&nPemanL;iUN0KdqySbK$p9S< zP8>@0DVWg@(hfcx?M82ZL86TZghy|_ zLv9{S2b^`D;__e;{#F6tuV2$e#6m|9MevpWQwKVB3}i_FWS+V9*THYxUxR2xi=+1> zRQ~!idX{(x=7)WY2V%AFFX^xinA1UH3$csf&|r^u@Ne#a5gdl8!MH}`R(&b?MpnAJ z>*xg^mwDKg432q%f&Cj5e+*Kc}rW2N@C`NtOVY$^H$6)#b!TRyV#2W*&AP+Co zw{rUy_9O_wrPfYbxg3bHau-Z#HRi6^{+OWuB*?(XkR7JqE{nRnS#xaZCs))}b;!@l zt4&o&ds!S55O!7cg{a1v#l4=A(-Wzw%kw|w9k1Hp3oGzGv%&kSs37tY)NtQD3r@mk zz?ULnxsR17sr2y~v4~hT+inK_57Rr2H`?xm!w4n`<{h~P`MCY9Et*(|a#g!3n=)g{ z>NJ94oMOPWK*b!5qExO7xrR+4FNiKk=;?`u_Pq(7;ov1amxn+%n^ zERHD2H{_ChkxrBfcD^&dBItZp;*En|ItBkz1)Uh~!pe=(#rm|I``?8(7AtfmWMq8W zm%7UG?tc^xTicvIM@GhIJJk^Y7W1u3QgVfuA30-dYpYzLG%k)7gvSwmb0nwd3)Xe! zaK~UZU=I=|aQL(-q^5{hF%Tzif6vB6fEz3$L3cBGDJgH~t=U30+diA3-OcHdUo}^r zn50ynmB`S^74tmhqC6PA7owb@(TV=GY5D;4;MKM)Qqjm;5B0ginF`0VKaLiCEr?Rj zHEL*z;;nmk=eR6GqF;3B=HqHVwuRW2+qMLk)Xsptg8My=jrKswl{H|9f_TaMO&y_g zB+MVT6u`wL-)Rqo>cSG26ymq$Ds(}1d$i1cs3{j9srr(dB51kjRLMCWSqF$-X#zaQ4d@C>y1=n%a;RZ7|RD^REzGT(7Cm%7}lYMupGtG$KZDUleU2M8b zt>;@?yJQ5nWys77g>lb&fr%cQ!Uj!J6&n+K)~j!*EE z-5>D$KE`I+}Jr*TGE;EsDMkDUypO#tNrn9;`=pv)3lq^%=mb7E@Va~C2(`9S* zR?KusCLXbCPo7eS24`=DTLnS7Ve?bk)^N;`eqo6r1U~ z6?dXt$H+(+CVTuSc&KOlw9Wh4VGN)QW7znXF~)T@Y{N-d_}QbI@oE%u5xmtNR-2D{ zy0YBd92_<|9ClxLEsn>yNdar3-}d>U&o^)ty`l3md1+72J@!K6X<~m(i=yg|Zg{F} zM3*5&LkKJPgU~+E5SqS^&@nx|oyu+dYT4FuQ@hAGxE47!*1nsTaY-(v%({@6fH_-r?qXK%1n_$;{y25NqA}o~jHZ>GDh*BKs+#_N? zBk|&^9=i%=TWDihoK!6^&cm-Te|_Sr2ZwW%d)| z(&{U;w0suUtrNjaB(x5v^KlcqUa@Vh)Op02dNQ0&8+WD#pQKuSgf!g1 zMS%P6Lt_0-kq~F&opP?dH~oQ5=BaA2-6ZvKJpM9_X{ z`g^j+qy&k@ifziOBQ30*hx}(vgoxG6=+S0K6rQ}V+FXW4zSI>;E-lYfWYkf-QN(uX zc!;0T&h?Sc9KltDGs%_|g)?s8{&O8y2eE*8f2P!^qNTCAK-!r46GRu^F4V40e8|ns zX_Sn47Tv5}T+gaq(s!I+6PEa~Q~E~PBWzliwzf7OgVz^WW&G8?#v@T74pViHSE={r z_jXv~#r(ML#FP(B_t%8kwiR>R&r$E~u2mR}ys9Ch5O+m(R3e{`^!)ls2eT;^v|2KiC^Q(Xy+izSO6GE?FZxbkW^qucLhI{5c04y0`c~KuIEwCoQm}lQP zv?eS>>(u^jA8|f)x)i`u?PmMNrufSo<%R^H_WqJt(E_tq>!CLLvB>8#muzSAyGOF4 zd7gwkf-Mi-5ajM&?8Qa{FF)c?f%2p!&*>kGf4MwA)ROmr(_f>|wG3S4t#yusWHcmG zyODtP8zZxMjR_zy@;UCrlyggE5!pC{%LohyBUZl0ot~kZ-tu+b{w3a9YVdmdSIu?x z3fD3RKh!L*0Fd7UKOF-jr{yTc<5$QTXs)7KN+`sTBYK>-@LFAoCw82f7;XUD)bp-dYwAE1N6U z1Rf3s-8@+~d|HSlh(5-#{tCx!i%|O^C;74FDEj%btxV-i=Q~Iws+=3`@^U)i$$0Z( zZPjyG64m33tZCglWlM7a^k5dgt6^&5OG<%ZRk*O`6Bo}f0qH2bT&vNz&1dX`F%hlQ0*~v~jd4ZKYhfq|s zJJUqn4ga?HGFiRM4F1-JQF*#**o*@-j-S$uTKE#>=La1;D;~GgwYDqy32q-S$l7K2DVQ z6Y^e7eDJ(HW-|6AUafiIph@4vKysFdxM&@?O?Sq8iZ7N|%f5^!v7^v3W~qylmbMz_ zehiB`HHaF53)HknLF0APn-z9qeh$K1WKEo7+vU$q7@RJcQ#B*cl{jusV3 z*;>kI8O7?-)tx8u62{_=fs^H1^V}}wzkUagW0aQ?9{$tPrKHvn^Q~2`dwuFnisL*8jAW!1U7bd_4rE-2RVb~HzBkw~-16+2L zCEx3dd*X(Tk;a2T%9&a`N_4=1&wa>E*0TBjLKF{Sl9U`77#OI(njVJh+Zhb62L{Yn zn>azt?+T4+cSg_)qQTH}v{F6e@8%0N3N6YUPN+FMm!=eY+B{lxZfI@iDVa=|7pktNHAoSFEkf?a@3)pSkQc4NjPbKkY%n=~= z9NL;pjuDY3;)yofm`ckUDH_+kne4diq2%ZoUb;ACnqx7*OTyNfs?xw=N|eB1(`K(o zt0EalDwN?5Ib-v_ynx3KW8Pb)gKOrM#wvCSioVQmPV?4!zPT)VJO&^?Btx5{ng|$) zt?-Diuw-OCG8d+H>F!L9aWRyW?3I(~9gMP(EwO7$mbV1FxW*NvuV1hohflkb=4N>s z@Am+KZQXMWfwM1x>=W}rlEu4qkga*u7tjNh5w{UcgJyMpW3<7Jye@ju|o&u7SNY(LR$3Y z<3{@{^$n;Z*!^P}1G&P1=I|Yt(WJ=^O2CJXBtGk`f&M zK7a0MnA&=Eh3Xcfz+%8eFwOo~HJjZG37cJiP+O{jG>OEdEK@ENL!1}+uMre+lzaRYttQQnyhj*`j#s>ea#@aGgw5SbM&eSpDa$AIpxcK zjhpXkGa74D9}5>I&Rj;Jd>;;M+FEb-JeEeH3V!vD$29y7GF#jAk5iG~7v^)(B2LK5 z47P2v&cs7#sI7fjx*>xSa9Vx)Yf2J*Vsouwjr6vf3T^YVw)q*hoMI(Y8qq&u)kSfO~KESB*Iu1BR;nq9F_iHPz@L3JN`~2mL z1hBb;=5oiQK=dtH?M>Q5YOx{EHyC^O1>356*{6L?NoH} zS-F*jMTgVzr#BtnDR4<=!GU=qTnWnq{i(=gzWqcokBAyfjk zD#$|J5A{W2N;s}Gpn%RT{Sl6dqV_pLD_Va8<~GEFyPr7RpTV{+_~2gm ztFw?a2Z2*x^kg!Je%_x!EWqHAYD_no9efb05KOTDM?91}KJy-Y3aiBCBnB6=a2d?4 zLY)u~x^QiO2J02zgL_$LX`m*mrJ#yBO03cc{k;EiVQC=Vysn5|%m*!ixQeR94Zy#H zE|T~O*mjebFi?kKZty|Z-18?f-D?)yzz6qqX~dvp>eIVmDwk99FgOqos2jke4DMVE z9-tqH%lfq+1bl~ALYa-3wp*C0W2GgS+qNO&CHwlCIH?o%Bt9Je{ZBwQhQQ)&G$C%D!KlI> znBlhDn@dndV3-(8#WJOh?%?BRG{DDW^9LI-ji{`ExawI2nIL8Szd`Ybm*7(}&FZN4 z_T`M}7ZX|&@bbak?WtVN7Y zqB)4>98p?{r=LX6>EslPpo&DO>$!s#0y&={Q9RJFvUwMOTiDIG7u|K|(pd`J75wng_k| z6Erc?enH_pfJCU|ou$Rt9vnhoeDq#oj0OI^3k%AyV3&3Jx_&`jYu{bHqWMpRV#=k; zant>*0m0YTB%C<*H>bZEKsiuisyVRXOrYH*&pI%cNLZqh1gX6G(USJbG=CjWQE$BU zS%WF*=pp!|m zTE{2p&cL^xcX=2`NwvvEk0BKxw=&vkGYOapoMj&bM_l232vxYAu4`P6sXb>z|vFDskGjy zAP;g>`%}k>a%V;=cSZZrx^yaqu_~~1W$hC|WRC-9hIY)}9 zOzRa{67JjeksFl+jCO}rl79sOYS`#y&Y!fV-FgjD8)ZULS<|o6dp_koAWBP*4EIib zoc5WE^5MY?!7?5Jbd^FLnNm#yW8|M9Dudxnwvz*aPxQ(R{I&c6UDwe2Mcb zS+#>F;r@_+oBYIv!F5+&#s=EZtkrA8*OWm2Zn;jd7-8+3alS@LZgUN6Bvx5J<}H?6 ziugcF832VKRf3xEh|UA^SbgCSowotkf}*A8Ln2A0Syy7`{o5+*e(|i8A;`s|G?U(a zp{eHzTrXH+U6H*CsVMRp7-0|P!T10<=xFIYEqTz-5pRPPzr^JbND#GBg5~}e!-xg*1;tY zD7UQB@falXwiKitrY$vr(q_jbCOr)krGmU%$Sltz2C=7Gk;yZ zw>L+>?p)E&)o-%F@#22 zCxv|ATEQek@>U+=`)4nboFBv`iacfl73kc$fp<< zQ5g|s>Q?Bu?rs=K%1X08Xd86dO0XWSAEQJBGpXco+grebK?N+=uq6bXSwlTMaMX8y z`hf~)1;{?0kTx?*&#ig~_2nC82VrQ8Vmqcg-I+X~$ahNeWH2b^g;IAuB+6GTYp$W^ zrnnFA7zlbyNAWsN>z?4UbULEHN~hiP3n1oe^!26*N$oCb%q}d|O$p#)+p~nZq>4C7bJ-UihjVN59?N5j_rkuSnSDIhV(lAU1mw{KF!2WBc_D zsDd1bLR|xi*I+@H&B*StBKm~Y*>CjoH}1intO+ zij8_*HP6SGML`0mLweh^TH+vBMCx5!5P>BIeGNiv3Zf(9E1v4hoh7|N>S77jsX?GE zI#_JbWnN&iFY&d<%a;v5s$VB2SE1>NBh#ahKrf879=r&`z(kr(dntq2 zU5T7kXKE0Z6mzVAu`z;^kuhbg_O}gOB&6VT?T_?sYHAJ%q?HbbGx73c>i zdxz~PRe#IBO&8IH*1k-!@BLw<62KtroH!-ns1Z&Ozs!97`gM62X@ZiG#(}7gVP64l zn-^hpvY34q3wwt|MF#?CSs*Z;lG5^_DAajI&4P4~rBeY4J=l$aIwLFrm;VUj@A=nK z(z2ZMzHRM_+1c6WNJ(kGfB#-8#N@Ghd_S|azvBI1t*piUiVwaC$0zI=qyhI6nhP`T zh#Hufq$cIGDKx&K ztnBQ(?T{S*Y2EK^zd_Prp6VQs%2gv34~qjVKz5_dIk3a_a|a9Q?$Q3dYudnAFcPP5 zq~yF%?MvGYJAvhP{_BFx_rmEB8^>Tjkym6UhbMRQO?37zTVf{1{7fLfkIRpN8!Ym%UV0xXRiZOFyiQ(282le|k z$cKx+7MpbDM$MMA`#?WVNz&irmc-IrA9)%~MIX=4D1&JV3x5PBiYf-nl{+Pe z68;Dd;-vl44Ko-kqIY%}rJVh~9sL@c8MJnrSDm%VF32~T4et)Tuo9R~nsgr9^;)GQ zgOJ8aPfWmt^8t7`_ZzS(%&8lC-x`iwqG4@!g+*x8i9PGASZtH-RD@h#VJc1HkB6mg zf^QD(C}ctZwnt!^V1{lK+tTIgMR(=E#gKV1Yy{cX=CAt@xl%lS1=0@>rviS0zk@>4 zKJQyP2Lb|y@63XCWgq2B{f)kX!0>?4fYqN5;}T?prrHwh4E*xMY5sfz3`)!_PTjKm z;|(d5#ZhkcEtl7dT@c_rtlc$CZLBqo?dR+FJ9&VS9vnLNbOb;Ay;?PW;25TsY;27Lza)97{>BKUqixy(IEV+@({Ws>ENsi8&*N)`LOhUn0{q8_(bFs zrF=n$+UO!}qHDg0u>y_a54|{+|D|a#kDOrwJ2p0_t?@8n1LP2SL875HMBt_TTZO5K zx_0aBdF8s=My}bm2{2e{_*s$o1w z*UY^JXLqSeti6j>jdS5%1P7*N>;Cw0N`O+l&$_vUi3y=M`GLcd11jhbxxqxBeW)KB zhRGR1^M4AWfqHh|JdBn>Z~Z%w3&vL|3!DZw78;WthW_#@X!uGR*wCDCRLGSo;4jri zQ!qin{yPD_l(asrrT>q=GzNc}T$ggV63|b8S`l#|lHZGN1#zngSiFzQ(AQJ+d$VUEm?~ z{zE2{1H$J)iehS1`_uk2mV#z{8!AYYk{$Lh*qi#J)@aZ;6nMGUpTmzj1q8foHvsU-=^{K=}A-@F+qXL30 zI4sgZdSvBWIhiK|H5oA*uy6EG^p&4YSRBjZJ4Mm5ROE@csC)0ul$tc^+~d}_f9_!X z+t3!K{JqJ4zaMnCK}Ma}4O9Wm%`)%0jZPyJUe7;k4mYSz(b(0Z99E?ozG2)_2!f(wvhy&pj-~FZ)up4^7=6G z)zc7DQiVi+rVR=l%eG}OV0K81susOBhB7v**gSHPD6alY2U%mqtkhA#BT+Y`{5Vjf zoA((EOGnNM#{h~rtd}QeVr#{Ec!IIP7G&81nL+|B)VKpDYVjL(6rl3f!CHYV8q}@o zzJ}}=#)GVTRfe$}ZR=k)~Y@aDSj5xOKv8nCy1n%^N4Pn)Kf3cE}X!sQSf%Jr&9H} zg^@NA@?LMJzocNScEy>m3w0OZy}L57(TmbmFcw0VO^dP_9&5ItwqMz;f%ghV9PXep z7P`t_vaVVe+{^#W)|R171C1Zc?abFR^}nQRL~f3rX0Ez)AR}ZYRCP^X(L3y&GX#!p zDc~ISc-#6U+U7luvTLsX$!k$0T#5R+*!2_z)i`RJYt;Ou@WMBIYdi+z zR3x-J78aw*l!P=2TKh4&$cvXRr9F6PFS+X6R?&KxaLDZc$7gl%Z+j~C_Vxybg&99f z&Re#@W~jJ#74Ly4jGkK!gx(AVYSB>yM4{{t6s^SwPsLJvds8c$+xDi+r`$W)pe$9c zGxjESHS0U1va)^xL3~_X+_l9RAwE2%Y5}p$!=M!ZB+!V;d-P(M(&~D!`>Y7cQxTjS ztrzDjXt}slr9Rheb>0T|r8VQv2nJHqE3wH02PLx;WoVQkB+=1thh>&fqA(cl^7xJy z0Nv^fKO>0O)6=`g%ez_Hj=xjgA;_QL7zEVRoyp3vGm}~xqER5WMvlZt#d>?UPuBQhVbcUWGBkt4?cp1 zb6;-=k?@P(AKKj+n-bjdJ1d1^cpz6jMe16Rwsq`C*!B((V9;?M>zG5KJNyb3ae`TL zyc{jPw2d+f9Q{wx;yhD@RowRmDV)#~TDVqc9T} zR|pBBYn|cHoWrO=fOY)PydB9^-~>ZoZmjhO0I3LOK!bW_;uVIu?r+!@s9+XJI~GO- zk7ggOpdg!!wf@lgjQ}oNbvb6_XWm2Xt1$0pK$vg^=zP^_&4xLUzq<#C`bCu7ftf;9 zLWh_}+lNpayT1x#|H)|GhbYi&q!5t~`3^EgsiXRA2aEQ1P8-QMJPkLg-W0%_@)qmF zCh<{(00eiafu+1gRL6m_YIF~ELTP}N9*MFa48FjsDUq8bE6{C)pTAr~RWkC;vLYB{ zP3v(lY7KXW#R$4+fc^KqQ}7W57BkouswjrTo$?nNGsnH~IQr8k1~;NasN*C!Lp?LbP4f7eIl-x*?;mZf9+X-hO3jv?23(Qr3KhE|a{_l8;Obmn=D_$waI7^ac;&TInQ{Y&uFJTzzrPW zHpYu@G9Bn5%pd3gwsAhxo$UAg6&kSzPbQ>$DDIw@+W8+li4oK>061<$oovVKOGEo> zhy2C)Xn6gO!7mlq%7Fb)gE*BN3&bf%Rn3@Mt~6?lgxE!GS(dsDwij8n7?#E>Sfluc z%vM)JbzK=t>}ErZm69Dfopbr&gcqP-A-lC5!}CAG0pxcl7bSC;U@vzs#AY-C@*+qy zLv}2+2+@ZYn2fqOpI!kwQ!pV5fbhjP7ijK6RTnnH#zzgZlcY#6{ZNz6>uk1w_eMA1 z)PKFOzfA>CaM^#M zR1yZw**@FANM|Xab=OMl=0ma{ z){GYAw6w~&J+3fp(g56UHSkX?US6avrb^=_kAI47JnX*ygjJ`?leoo64OM_vyPGPn zub*ICRo~NTySKZ;HdmJnN<%~=gHCg|Y;9X6yclPlI#WAyKq*r)9mVj5oU74(P(!?7 z%GKCyHlOY3!aM3&#xteRvXvAx9+rVX#SWE~Fp23{ijR#Ye*!V*p~%(DOs+z*v$*o` zHxWSQ?ahyoysgY%Ij*(3KbRqT2vw#GdmwHKM3WF$>o-4rdU(A&6*>`8O_bEs)Qn z_igFMO6nV1^Dpoa1%g-Hwr`OMxjuVzKWRr9jS$rdW7jlnil)(ZSqYvLujtPBX3jSJ z@x&6#M|$ay+L_)bjYf|jKek>Rk(~S*`y2wM?s!+tezTVV7jcY^PPUJ1T%@ayaoc5V z3g--xB+>N;jl05j7f)_%FSRt;+LAY-7!-x0DY%;Bm`KMpU8JyF>%-o`?a_>#%5<>)9gr z)_*?OnOQa6|CYQDXi*+{ttnz_PC&JMcTL7k6tdOkA_ND<>lio(fCKf_1Fv%oI|P@X zOu~WMCx^K7wlE_=&f}f4A8_&G3FdI!W~V#9`O{Aud|U$L?jswcIh8(r`V@I8fg>SB z868N#OU`X!_USBfCP(8}W*qaD;g?ig^Lq}PXnNVN@v*P*Zh~62mOd=e1+3%8(CGAy ziFiMQu9;rLQ=vM2^*9QB(Vm=|1!e)FR4g1r?cz1;%dHREfFU**u6)@z8J#G!4I`oB zXVxyU3BWqu?5PIGE_&78V>rH^JdW7XRdL)yj?x!cH@|v3c8rseCo+cT+fJ)GjL&YY zlHB!;PTFB#17SS_-{LP@9}IY7yYObG>|BkL0}X<+TK}fdbh<$0cI4LhQ52ig)nTlf1+lV<`Ea``D>^-<9tt;1EnS{LrP6=i*I zahk8N6!s*#QTkP9q-4IFn_i!T!K6LujWn`jdTC7R4LRqG`KsIS9g=q}Pxl0t!tm%E z&xuvVSQHKz-Y^=aL=?bA-gJ+LO=GXLE=(r*Mm0`mlHHImEKL61)fkq$=)r#c#HqlC zH6Za@`?xgx52n*X{RN3hbVjI-W2?uL&52+q?czZ_IiHo%B{?Tu$2f_*1$7Y5s^Ce? z5nfhL)`bqXDgUTo+V&(_P8AOSw)@f|zZ!q}hu-Ro~sm)Gudic)!Z%+L5GuT`Xt$u7ywE1hL)<4!zz9~$g!8Mgt z#I@sAlQRecdM+Gpqkn*6_|Hl>(D>xAB5&LU45iMZCq`(+pJtC9I`P`hFn|)*SVtQK z=JvW$Grm08PPaYLy9B5;C4~Ud{*%+9uOPZly}+!mJj8Bd*dl2z+Zs>z?(8MIV=E~*k z+*)osd*HGXnuNPstE+J!5S58`o??U;%YX|XwRU=GdLvcaCP2V{Y9QI~l}BA^QP${WLl~S1aFJ~?I6pX#eE-O1zG<_u z{!@NrI%{{n)bzy4NC${znpRvlZ<9zw@!4g>0NPB9>7_*EsN3FFV()1+-GMHx$0^;k zebLpg_W+e*HGF$0bdNZi>VD(rBhdBV5$n6X`6-`WRU{?`00A8lb~JuM-et?kz{Sx? zhN$Pk@F}nChX&JK=3|6BHRAGUo3c^WEvLw3N@4OVJ#wu*^}DOzEXPp6(Gn)W>u=ny z@D~;m;`Vpk+rgz%__}sp+pgDOb*_vOaHFCu=2!qL(tyomq?Uh4r`QI~zp~7}I=wSP zpU_N@U=|~^UU|H&%!!+bZ^`T|arkfYSCrG6xQ8^V$I&%_;0$#WkPmgH{`KqEDji70 z0Z^6Ypy|rjyT?ZgG%ZPq9U-1mCVM&{Oh*?P537|s<2p=MOX6nccV?R&$Hhey$gOw`|fK)JprS+ z9J>MDCvD>LuX>{ucqAjU)%4`_Y#oER2n)7Zj6wG@tQkEuNm&N%(wt-S6*o6+N-jyL8mbRnTxv4*=FAg zWS3oZ*9M>X6$O4>?Gdb)A9Na>E174bDsd8)BEC^PA?)zDt=C-nLip^5(?N zR?};`VeEW?Qc6}Td&H+A5Hj+CxD=QaoVz?4tNxq%3mWN9nfWmV3yVxguj*c6DB87y(N(?abOc4h6vuPZwY$b^wc{ZP*-6yZL$)SOm4XsZQph zj7bYvV)8SaLEGuBV64-E_cKp!1H9K0-ihxYpC?L(HYW`MyRUF z4T;j(>(1@gMwB}{kg<)NMWfy_FuQI_4nF-U+xpdPGtam!Me%NXQd2rO5E~K)rCzJ^ zj!}KPCYo!ufNpLFsmSEDE3Q_0C_~s;weto&T6zPxHnlImy zGi(WG1kkQiAyf|alY-EURajm`MYIoj<(+=Lg4%W^`;@trM6a2TE4%6Jc#B63+9 zSX(_NyO()Kw#Jv6EcA)|Mi044MV(Soy*DZIHE!;1XRTy8a}p2EM_((q2f`GL1~ymN zT(@x^qWwHytPR-5oV+Z^KLnuNw_QFw%_jI{<1_oMkbA7aU-DZmK&XKDs|wYAMz&!m z&EW}|p!0`obgFqcc6H~Ye^~`x@Zytt8g$^?VLF-DkpFT(%oWX$@QK;%* zh1A91hm1~ht})$>nDj3&eM-zv1&P>vywx)Y#OmK zEcr=y`)%A85~BIG>kAJ^eoXL%eyXZ^&16v?6A*9}v_$a-vI!^Am=kvIuM=6N`%Gu zmFr3kajV7(vro4J z@>wR2O*yRzY&Zryzgu+O2a~|WzXqO%Yp@<(=6609LVl&io`0Zx%M!b|1)@B>ISUcY zK9+xK#H1VkhD4D=y&ObeAUqWB4+Bg;Q?w|rxhV5dkIFdn?zJ||ycO1a{7VJWakp0#V^7yc79ZGS}Mt02>g#-14K z^-H?~azANdbO@D)Bsm02b6ZKYA3cB;u;pzoKKtUX|8}W|V5^>^lR?Wq*a&GbvWqAY z>L2(rz%(TId4KvH13)dY0&0nWqIu(>vUEH3Xf#qw{3j3|QG(st+x?>?3xD?q3fNT$ z-bL}t5ZbRNk$`t8SLMEeOr*_6>cgpYa~oyUZHUX+((w0##XEOP1_}E}Fz|N~%90Fd zaq!?vr2LiMgsPbC4}d3gDKLIT1HXSCtfflr>M+XuL;9LqXb0yYBUXxwqJv$yUk?86 zYEH-|%8n6P@H?9Ew@_O?4^Kj5)^!-B9sHYX1EtZe%nL=J#AHecU4=iUOMo|esL!)m zmzF*UH>-Fn8NXo?*xLxuzrXMTqTux}je>t5CH`NkN^j}Z{gdSB{AV}39Ff}A#;nsx z{)NzXxq}p-4_WeV7NBo|fu3)By<5FJu>%u4fRHi^8U5*U>7;#Y1U6XrOKv~#$KI2yS#!k6;3nvjoyo< zIDO^YNubuKovczld7v*?)cO;Ran0kT^>0>(;4GqrP+I$6F3X77qQMPvQWhT&={vS^ zGjp#!%hz3Ho*YNco_l@fTwKa^Tmdf1t6lthg`eNB^m+-k9BEXvjU}MHIlBA6T6GOY z+QGkf=xrsy>&h8do%qzg;;A*ZcpcF6*;jUcc!(hBlazH|Bz4QbrA#Vl-s$_>e}MgA z+MiQwSQrS0fU$4owwxok#&}fmFMDelhqD0;IHS`_bH^!+I;O#5-0!29zg-L;&3Xs= zBW%zLx6Q7|zjhV<>E0Ju%u;WjSAj*?&ydbhnS$r+b7u(OyD60VXi%uyNpKlN8=L7r ziB99t0Ak17eW&$_FQHdZCs?B13qckgBYrf zAJCm9?j(%?k&(Y~_Cm@+a`)(`jMOiusSZzV0lNd5Z%seZBqhzvy!Sv%RtH3bRtt zA*Jznt+ti{-yBo5@Vl{p^F68^WY_cMh}&RbmRqpK|3Tsg{#NHtHLqVy*iSe4?ulZ` z=7o98c&l1Pt?j8^6xlxo?6zj2#_t#X(~lM-ry`$d9IeNo?aGW# zedn~RmSLFp00-0w6ELGMjQAy^k}NVhxqmB4PE+?jKDb2_@L#U*u?NCmBLq!(yJfRAeZO z7m_}j9$eo=jH=GeOIz!%|MYLbxJ2+B0{nI@VZLYKN_`6TRYQy_e9321Q(n0veL`#k zoET4rt2j(HthU??*$i1RsLC7NAfl|%H@}*&ER7FwJLy4282d;JBY>X4FY>>SW8U~n zIuS7Uhvu4rn=}3PYy({x-PF;nP@P6fX@VB58WYb4oa+y!vnzJ6k^JI5_&WFnFe0eO zg8$k~-6#=sK2L z(mxJp9~HIlSo9;rt+Q_bM^faFL8W+WY6UAZ&raF85Vyv?(fXa3jGG_wJFR4>nwpx< zFfiPJ8ue)wmYaYZa80^Xn&t*T3qX}?Cti61&kNud@RH+H5l-k*Od@Bz)1E-IWej8* z*cd5%wBm%Mc-0fpKkQ=HDQ%S(Y0t{E6t3T^$8q5JP(w+PmbPv+wEKU$b(nC=yFpE# z*=bF!HC2r{uiNw`ObY+d-8@mY#;V~o^ZMt{pCYodUWi)A_a8rA4!ceuK}rQsiR4q3 z%~3Qb@e?GNI(Nz&b-(tf5R(lq7H@QShf)v&P>98r~+82<I(p3z|nL_^D72gF>C%M*fhf&O_ie%GKij2w%P zj?y>x{t_1*GTtQi1hf-Bx`sP?y*|n<_Gssx>rOJkkedMOEccmId)-f_TR$t08mBwO z#YaO*bq?}s_O5%E*-B@$ ztBuP!;m8dZvO&R!QcTUPmMc@ImL^d#@*!zFkau)V`a7}1y>A{(uRh!{J@`2?P69{; z61G!9Lv49!AfNM9f8GbdGuQ)(xX;X#7e%5xl!UNl(9eeyWj}ONA`brmaFkC5b_`tR zy40~09m02an$az2p{|ONxEqB>&3W|iL4MNmBmx-$oyWxiJuB=Cx z(tUBGp06ytPcKc9Rc~(s|8B>N$!w&eXtK@+j(S$7d)AJ&Gz~U^wdJgsxL8qWuw+{G z@SD9Ag~Ax5pLS*-`vy|LnGQ>qi%ZQ+dS4=33Nj~%lziZ`>5# zI6kqTk>GZ$k^RDk1(nYbjT6iA(v%dk{XXooKEC;yI%3vuE@z#nOwn{dp)GYdYY#7M zTtrWd@?=Y@n#v*Qgy+o<(j&l^j~_n@ZfE-Nf|kctPTi)D>IjEzHV{gw^aPREE+QYE zz*RiVaU-R0=>^A67M7#Mu<=aJZ99O|F2QIqsq(3lR|=#I<}4QVv=b)eLCZ)87o{^o)r)9eCL)6-x92#TV=O=wlr(uPs~yZ2uYXE7Rk4 z6Q7>QCyPOczVpPsJ%|JB20X@e9IFwUfkXnbm5OGh=G?}!ZF48F1_3vhK~W}$aJjk$ zjVtV_&t3gpOS$38^qtVF7du76U@_Jx1R1^d)c1Z(=qMHtv};#YjpED1+QOGjA)=x~Uc~GgI%M3=@8xJ|!oWm~_jI`_g?Q zrG~(Lm_nwX;ss-m#9Q&!^ee{eNeD?k619ZU=Ae&_&4l&G6V7# z_cuf6C>9dIZIb_xRYi1Ly1io6;Ni>5;Mte$91b7fc-Z|U@UJfEVz1CiL6em5HUdf{ zPmz>B&oBzpa>pd)@t)(Rb$TFZVAljwHEoa8oqnQPl-w-SxsCkQm z94FvSM6O?d44Wd5?Zn2u1CK=pp5l(v*0XtQo@(eKXNmJ8jR7#uRp8Jv*Jz>sV*-M2 zo1TCZ8$STl(#P6bAfz7q1nTR2XMBVF805XZ9_qXOPNC`2$}@g^s7?IRIcmtHlo>-B z1Gd6LUvXm-)w(5-{X5UWM8wA&1J2SJ?a=m|H|xJiBI}Z!&H2@-*EuFWHt@Vy85sIB zr0TpDahnLS-m9>Z`|dOzL>HTk2pGRiiO|~@1*93AXriK`o}f!Cc4=Zi=@XXnV+XJh zWz8N0bx1;KLUyy<%s3-><)cTLp)n6k@VcdF!FvMd6t)`ePm*U%UQSC!)!&9*H}4kErlw+t`(#O`6<^YG3158jb*69==;} z_!z-VT}r6p!-sGyUd*et!*A4dHft30h=-u4t~rg`Wj)y-DfF$*#7=lOI*UERsN9P! z84kDEKPkLzj}*0Ik)&k2EA?ZBTk+?S)<3ucP3VY zFrM)7qlg*1SXn(xI}5$LiMlZXB`?yiNf}OE*C9>jx5`rNJEX>WWuH6eWZHrXuKi_iar?5 z)<7jR=srQ6{zNj@N-S`MU~0y5yzhY?&1_tGW=@fIOYZjW(YM`}Glin2+TO$bLoX%w z-xn^wpq2SVmIlk?_?6!(o^}|$5XryAfv#X~7rE762>I^H?@rMa;J?H2*d+w$JldyT zcd;k-rbA+=+?(IeeK7qA=!GsmV6XCin~j>%V^9c^yO+X|g&yg}nBKz@HaVwggv;L% z=^gnx{mK2Pc8_NnU#DqzKdZz!mQWRLkNg0Uv|rbLkXVbCUwAc*qs>O`gl>N)?E5z* zr8TJMfXb4jC_-5;WK1`$-nMAmB1vtalH8hV!=fj{_DNY&jJ{WxDCF^Ubj5APjS~y& z3>$FA0uj6YhDjoQ&-+rna{5p0S4J$q+Dx*|(_kVj@tD3Chh$z^41Xo_Sks@Bn{^+w z7GARC?3Ps1b7?hZmmsOg!{*O1&krgUk(0SPksnIeRAX}O%DFx9aAY`@%Fuv1{q{Bm z1+@yIVGJFKi0290v-=x6){5Ig4Jl-G*sXNNLzhYhev)v^m-fvRedoDSIx+GTbK#G% zTO^6)!#9g&`#OEA+Wk!o1QK6+S$x-2YfiK zl5>g$N?C_et3-ZM-^uC(VhMgE%WECUn93pp}C9Z!RyaX_LJ(M-c*p0a!|p|U@M)a7KP;PG|9p@ z3T-VV6duJ8mxX;}`13jl1X4Yba|X3R-dBk|Uf;KmKiX2|M0PbB)T?YFs}QO!^8fz+k0IqkZ$|}A<(=Dz zp2|NdY}XMATed>LA{tX7K?EM2EZ4O0@Rr3PvAzx`*QqBuL7NK(+8HI~1S315sKCW) znvvCQ4wnflsztMLjy=_{xBi+lmJ@dlv^*^jJYkCFhQ-Y-_@FuE|y~wh@q4` z-obn-Wu+1Ap+Lw1Wm}-CC5k9GucFQpUX3n=h~YWAfM>A;oe(3{C$i7nTd(~X*x;DX zExL%vXFfn_ZCCj=JSzy-%@84%Kpd1S0dU?KpxK4Ss(R zpwh`rKF!|p$}kQ55Uj2sz9Xow_kbA8AYtA2=gS<0$jcBLvx!VYJR2frWoGb?2f7UQ z*PY14vBf)-d&AGd&RzE2y6d(*gW#4Yg>Ls&R0HuStXXE8ck9-7{L6&^d!t48weHrR zmU9tV?2u&%=9Z0bt(|M~n!~WLFo!GHW*xLJc5t4v(f^?}_fe$Bq)usRI>)-Ub-KPI zmRmmW7mLqf+BBA;UwWU~@l|Z+Qkz^kVunwD-=c*GZ&m!S;PJ>Q^)PS2Y9o>f1R#-8-n~pz*7$M(pyhpZ9(>?rHsN^)vpp zn?QCn&ZHd=Q?+wM4WbyBKH2`rvT65MP#mEnjj?{Y^)7Vn;NGH2wlvPb8Mu=-Q;8f2 z`$4dj8@RY@&{wKoSy?ZUsc_WC(YDV!Jjcw$*oJN{FHa{i`_4)EH@^sGZVk(Q!JG!) z+NY&D;<#I$8rcnlDwI9jqgbj7Hv#H0*6{3)?V zL786rVRDi`Y4qM9>j<~uuaZ*_GHhpN7U9Iz_@C{7m_lT3^owl#v9Iz@c6PWkIfZo| zNp6>TE~uZ9x-22yX57>^qd+NQv&^SO*s|u(kmza@{;R=6Qx*`X4N&_47#kQdjM`SH19&An{ zL5xlnUbb(C*1{imDZxFxP$H&Ai|1x9i8G1W>k!;d*fSlX- zT-`p!?U-|{4TX56x+9%V!lolnwjbkW*!ky4{RN~TwDTC(%NQG1c0NUnc`CD=U@on$ znen5}>yCxbDRruye;l2f@QP&H+10jwVeA62rB>fZ!zNwajo8?@1mPP&$}w?@+s~`a z2ZoDijH$#`J(dYMN;M?5g;5C~;4z}3s@gcaB{c&oD)o8I=9(P_ct?rDEoD;A^p{>~ zov%nr@F?49{)emG3oB=OTjnsu*6&QrdK)JM0}N_y(}kaz8)(a^wLwf)RqxAQmO3;Y zdQHA*o?$s@jGf-6K=FXQg3tnrCq}+s6j%vHnYp@n%LknFz&gB5z*_4p7mL~b>Qh(} zF=Eaj8hT{6^^5)Gau3StuKmO8+*_iVDAkDXHZnR%u%e6tY*lrM!H%n0)+Mg4;utQ2 zw~S`|z5>Y^qsR6cZ8b4u>^QubO2uJRKnh;_1a$(9;E}zQy91>^KE4)Nn51$B=2}bZ zHEl|ez=B>!m@(P%K8stv&i*q*4A#?X9rHhx%Q(a3uhcUgyXs@ITV4U?Ut+}6IphBP zyhzoMoFf#y!1$rb9orcWCLE-YBiY@_ckRZ+MVI?KWvGlWsfc}abkiX8stpVJi^vnc zifatN1A1`mJv3?bQs=4S10mN(&uTtLNt6@wmsaOdX(%^6rSI}fV-=j4s6f7VhpoBD zz-U5Y`Jdlp{{qbFI+(Uu0K=Yfi4E*X?mAT4sU^6Ll0k2W~-OqD8h{kF@c+qOy zjep%Suir85&|Z30_=2m9>7C+fvX?%soI*oTF~6xyX>qSb;>FYh;}C{F@*dF5fK!ah z^bRk2>kziT?UCkQOkMwjQi@ZvURX)>NIxCpCX*2>MNJ<8f6~~(9D~RcM~1}oJO=Ae zb^fs({?^5a)rs0zW9%FeWQ8mOr(8K6Sc~uXz!`PM+EjDv)%L5+eINXiR6wvW!q*uE zwT;-EK((RP*C9#H-K`B~Dihg#l*d{c1`-sax{tv~q!PWZr$f?|)|J%?OEiUn6jKJ?A;b0no+ z4d95CJ+izkaJsJqFC{srg=` z#-PDYml6n{sT&=E1-S7Ch}qsx0tbJK`Cb0Tr*hd(`uLOwhMAeXVNmbTHoF~uX+4p8 zS$Nv-I6vgc_((QZC6l*nr(ot8c;be7}`6QsDV0&zwUnJz!k zBj0%8-wM^kTlxdy<#hl&#`^mCC4HBw@Ti&<#a2`gXt_`e1mQa$My2o0(3E|cdg;gW z^~(}7_mYR$UzGzjKq!=IttxSakma(4ZM^G-1oqY&sBBMk)s%biAOl7T;(M9c1j7Gv zwW{SJIujcklxOe#*5YR%kL$qXxRKhAci02xi5To5gw1=K00M*+Yx8YXkCTo#lciD- zH}}%b4c&<-kGSz(5Zf@o@&o|I+o_d9o*VS1fP<=^s2bq5v8G#}+y zgfE64kd>89k z%EZFQn}@~olPwC(;p=Lazupc;6cT;yelqp2TSNAka|GE)pD|!U*qx*WIQ3xH(G+> zAqT0cbwio89npP?{2EA>y3V5j(Mb&aa-C^${C!-ljCBmiO{2W_#Ln8=% zr+*bhddrZEU~zG=-QOD~XLhr~2P)rAB)^?0OAy1u6G$a{B7yG~S}_}iz&BIe%W`AA zw^2iuUl1X(8>xWZk8o!5z?@^0223&@8J>Aek?|=S5?(?&F>fj~?`^Dra~H(hmMVRXrFBl5Og zQQ1iN`dj|qLdS38)>uZ!7X%ZF|w39RngJ!9+q^*je~D z7X(KBu;IrhTy7g8sbhzRu+}2wdtBr!G<|}vC5B$M8h*5ozj^8dZQ7%~!xX>r#$dvU zG(f;PZ-4Jj3!>ydymSu?EEd zs{GLH1gtXSo4Q)`=}!tjtAtz=WO!h9=IJ{ zOV_CjNpyh)W4IYK81<61d6Jw}F3-4Yw%J>%IX-zM?8VPwqrksjH#5SrS8oQn`;oFu z`ok+|cAPI#{>jBhK-0&)ohh<;;TdhKzeXLhO?*8)BVjZOGWO43-Sh=($t;CIKJ+!# z$k{c&Uk9YkuxmBjzWj`|Qi3wAWN=)E@$uwbqmG@+_7%G%9B7@sivkI_V0i6=Kx;eh z(!)StO^>YZI??>@$A?7iYQMf8iN+zZpf+kScs|tnEomXl!c4IvCnvX<=bKLwo*$>V z5cSKsRwMs@O-E10{qPdlk-uyk(M{AV1pAB)7s~T@1mmo`BZNj|2gQv=SLz{YeHgbh z)NMD>Bt)&AAQOE91Hd3{ZEf6w=IZoXNLGFBQ!zTK%v?c$xs#s!Nyp_c85^tVVp6koe&O_K`Qk}LHl_?ixx z+i`n`4VqHj_jIP*o=A8sBS{jgZapPbvhwRPp?75-#z$t+^bl##Sgb)hXYy^oR|SUEUuiTkn2o62U|{u)i3oy``TH|j1{>NiZfwwEWSaR3PCxsE+B zSb4hMpgl7!KVK21(>20`%9M<3lQv1+5F0-YNT0uE3BROfYpn|{N-@hQw3<-YJJx?C zN$90x3yc+Nra$#A=$fjkYOI|EmV%Zx{-RO4qFJE88g<3{%E9OF_9=i^G~TXu@y5}M zhMyhg1tM_xz0KNA1n)T;;K$>sZuPSdoMh1`6+C(|rOgGeJhX3xz{JmATFlmzJH>u? z)?r+#r-iEWl`gO^aSPr-LCQlgIWG6!x3^DP^9jGklDW^`Y|YkdO6tn2Pr0p}sg)SS zX%y96VynbFYVV)6k3*f(v~{-Bu)A2O$A0Fu`tk>Xl!&?zQte8uN}NSV<-PIF@VVY= z`;@i~%LpG&ggJOhE38VH?+NjV*D9(XCzY)dl3R6jl7RIy47^GT3W{HMNwvCJ3DI7W zIK&wl{GWG)o{QXh*cE)T%&{;{FEu{QQJK5TI$Bb|LFBcG3!6vb@^nMcg}YCIt(FiK zb<%*VC4f2g^W?Vye*pu2C!M#%D>LD=D!R)7EG-iE%@+q7S}#5*9f46-8Mr$RD=n|Y zR@BYLCR8$RhD=H<4z%o$Rmn4MDVgs|11gCM{ZrC&d&fEy%$!yW>afEz^=tU}aGM)D zcI?paE-rx4XQ|t^?;Lbln#dxk=HK(Ibf--_e%VsFXW~o7JF-Wh;%%G*;30cegv?DP zYcbJ%ldWVnlj>){ML@~TeJ8J1q5lNqClfA@cRI;8{}eSDF5kYd`7tTwT)n$MZo6J{ zf{cxbZrwH4*ROL3L4C71+2-XsVa^d^X(v&JJM)Mh@V`_c#o9?vPVC-&d8K+Ga z!{gUhr`-K#>xw4ym-C;Q*If9Zcx&%PkHXcbN3(%C%C}Iy!aMu<8lLXsW5J1%HAlRQ zkJ6m^yYRJ?ZQBVWtr>S)(lxII$}4qPjehnNK1QEqI_xFBriIU?;U1@F9#t-}eLbE( zvlslXDzM2L$c$>V1?ed-f#$aOU6X>ZyxWJm5^v!b2@iQG+XJP?J7?B>bMNZJa8?jRi-gp1jgeuZ#Bisuc$G@G7ScyM zhx}BGai*r3Ihh|{-379zFHvF}uoQ2_m&OaP5uWGh*Q9i_Z}TN}WGGpDI(K4$AR;E# zIM=48@MG!DTNX-J{-sVc+aX#u+@I7 za5YO|^Dd%O>NeYKv~Rq^ot6Y z=35S5qE_&?jRt8Ysr3R&%}M@cGnVb)F0bNOiBde0%8pB+;VQ{8RB@- z88t{xWyn^|8m&fI5@y{~jAkW7v~$04B-_`>H(fN*87UH8B`6r!6+YU_`;oW$gJA&( z&}6wLedl`cJqx!mIaJ1 z{u;huF1G_;UX}7I(HeBl6|ce}u9naceM3nj5L*=zt5qp8RoMF$;I(&!U(*VtF8^qU z1gCHW&hVy2?dp^k#eUUuSwX{|!mD@qG;Y!Lne3%|_LVq?6m9Hx2fgeQTpO8k6mky{i zAGGP~^KXV}a5USWvXzBIPVEy=Jt5+-G$zrtR=(YKG(*_p3+<}3UW9kNL`H6NFuP5r zat`nL1Z-7G!iB4q!cFms4}Mhktw0M8A{xEH^elV}U$pSr35cUpMiXL`t+i+uS7LeHWatu0J zO*s|lAS`!K2oY()RyB7#)`ons$)ZjDmR{ZZie0uEPl1V(qXTBYkQ+bX+7Te%L*0aB zBw{jS4I)+8#}lKQ!*!9lt;X)hMDevHlVkX22(c%meHLvnT#tts)V$SK2`&7#kX@qp zVBbz&fk_m>yCspqq`qTamP=!O%%RJB4%hJTMYEL&f&&za53?1E)d{zsW?C6(lA8M( zzm{3I0z2Tk!{nP?trN_~p}IK5!0M35pG8T=pMJHfn5gKot@M4H;vG(iu9`?@_F(4@ z%5~!(PN2!FD;nswo9i&Co*TbxqCiu|Rzm|CEUX0!cSedJm4+B~XxJdNh00&U7%wuT z*1tP>yGrhEaXM|BNT_{P;_#P@=rE`8uVQAYG$M=LkCIc1WkK!5__dSZ;!ZjobgLf**5hwVH^vWn!k)?d!RvDd*N+TI zvKR@jQIgn`2W|v4;A(>~dq-yAWJQV&+3DL0^JQ!J zvMbXHBj+N`>iAU_7j106RX8DmD?2kzqNqPez^T-@aPbgiG*XZnWmt}P#v-RCLo@p~ zi3-@KhuKxyU)v4RpE-T{V~TOXof=o?Fd3l-XluPZOFz_#>SR877e!$;1?M@QG ziPC9??W8d^U*&X;zF(RslRD1Mo+7Q=k!wU~(ms{aa$_LWF7={uXM$7lY^KE_ zg|ch=_Ne@pAWPYOdHVUOl=Ezm8a2g9wZ(@!>a4U=iv+${8aBX{hdOoJv|fR{Hd4FV zu?eCHxw`>cr3uE>{5=J7XLr+R8AU7N7!1TeKy|69E!v$wj!n1bb6>RZNd6DETZV?O z`fG#Z7Z!*?`0F!`F5OJORQDh>&s^Pj*~w8?=>?wAvpF7Rw9wTMNs`CZ%swJTKG&j{ zj$op{h7A(`<8ydFsWLbpzG9u8T4*Y+%? z>q~RzPpXIDgm4ZJn!*&us3l73vkQH zY5Bnl2zKDG+WeOtKJI^g#7ro5YzKT9zm;FXk{SQlI#@U`Q$lu`)`X8+Y`Tkzf&?*8Ek7cEN39u&)e&~ozwLF zbFmK5o$M3m*JOmP=#d5{RO8X({sclKP<#`((MhvbDSrVmyoiHfqR3Mj`JR(ztBqlN zcFl1&j~Y<1dF z2>-?Eq0vzX{kBwm4n+zCN>PviD))3~-VyYIv`mG$K{?k@sXLTZ0!AOnr122*4z!Q6 zF)?M}Y69=qKQ^~ei(}9cQWUYOVO%|H$9KZq(dKl` z?aZ?&<7DRDZ`@uCoC1_L6_1_mX1fd6$QWhJrz;yycbfn))CvM4cTtG(Fuj_76sm&! zOB=u~3rZhLpnbFFh|vFg@$$bm{?28R^b(K9G(z+y>sb<%0{`L+tZi4TO)STMRRNl| zCl(4ay=9~>G29KExhSL^msGVmt;pp$R4RoYZ_$?p65zDHsdrMC+ z2iFijKC~~?a1vIN#aHXZ`adI2LQ7;!9ohQwQ*mMaYH73@zy3RFv5qD?4pUaQbSNVm=iy7J-{jCZdLICu9$VR{=i zA8xpEv67Vzg54xWdRHlQ_2`qsqE78ayFe!pT!cnO+1jcdi(0NkwD4=PpZ3jgPb_qpG7R54YQV|b((&mW4|awqP(WzjhwBm zX&Px(-HzfQs70oyQCj)(#XQS&B)^&Yo7 z4lte_r*0`LCsFPSj|nzj&U(80$akw-46k59veKe!$`K8RSO`H?BEQhCS*P@j-9H6j z29Q0+%vR2#AM)SuNr;LacELuE1Uajun0!SD^5j5`3Nx1nYAiX%UCN1xiB&bK@j_*+ zvNQd)7C#RN%N0?4GE~dE|4k6;jY%dwrM6~`S`aGW8~q&OLKhY;C8vQO8EVs@R(T@{ z)Hfe5uS_^Brl+&-HKes?TD;`d(o+19Qb<;ntt9P{ma10dCooa}B`Y&C8)W;s?5h>` z2&~y3w;R3SDkUO4Z`_q)Nk&G-Y4^)8u&l;7+%r=B*|8|l+|@S#aY->X$BM&z_tzY@ z;j_u~T=bx2c@E4)op|FogQ_>!<3p;SHXA=F7lQ06Gf%NefFJ_LQHboVU<@0Z26CED zS6$#87|p7_%xm;|xPVKS zla;;mL=tMv2?s^GpiEj-TPp(t^-7mbp9aA?Qtpn8k00?YyOIK&F~7W``wb@{JyO4H zIhy_OJY@tFfz&|cCr>#?U*0iX&kVF`g4k_jv3FrEH#Jhxzy&=!0!eZ)9>TY3!@fL_ zB?9WnJxBmr1I|iX-+=DX*R;cwXZe$*1eR)Ou37YSsPHLYgHawxYoX!$<{T22VfcwP z+lF0j+Xpf3SA|gxN2Q3PCWWGHYF7BCdyebliGz6O_)36^XglYt0MSqPa1Ali@ZlXv z$ub{0L#?9e{q^ZYut`~qS-oWTTY9sV<(Vs8?3O8#hdD*^I!&{@yuIf}(#nuRhY*y{ zI@ml2Fst1B`-`)KLCI;kI1Qw>n%8YvM74ZnX7&~?n1Q75XQMzO1f@v9Wu&wvxoyzx z@`QAjPAz`5*1AUi7M*J_f_BZG_WTFlIlPQaOo_|g!*x(M@cha!foJk&zB%ZtpxzSf%`o)3 zP2(1D)MgvS*$k>wOory#)N>psib@H?27H{xAt&s69p@%`dIDlEz0*LTS0mQ)sz&s}%ET-j)b{k#d{)X?uxYaL+lfO5y0bWaez39L1!fm)+c zht*F{VP)nxC}PKmnv}{U)&fmw56{YOHS>liG<^C#b83JvRlCbw-+E9aaE!>LKszPJ zw>LdfS8uZSjeckTl%tUK${hE4J7!=k59*(%>|C$IG~3$%g!93NaH9P+Ynb&{<*lvT z`1gU>D-TY<4r7x0_A<0Gj$8M-h>06yXhg%{Le_n@Nf6fYNDhQqIoi;{yed3L-4*eT zlsd5lOO#k3u$Gc>*Q5nxj*@@4U#?TO(5j0HnyhJBdi?;+;5$sn89kDCe?g&RCX|O; zzwzfM0w@;a9cyfqLBmTXcB<2Cq6Bm9T(btP&HFH-1~T|4P{z@|%(MrM^umxxPxVva z`M+}|YbAJ*(&1pL8}O)&(3WXyPXHjT61~MVQ+(3h4{o-r1-i^R)FO0q(3u;Va2JSl zDqeU9jjxlGv&+9aOiPyPI(*wXRetU{Zkc<-?O3EZYv~t4T@RJ4%TC!+xB0OST_gHS zD?{*1cD2L%75_N|&RSvwGe| zw*;{lOdpZ$S4{>AvhrOq35n+B#EGG=17S_xQdd%8kf4vi+IZ2exz3sTk;Jp%9!j;^ zsYtV&rB{erBTD9!Fiv?z>tSv{K)|#kgbFG6z0daYi7TktXfF=*kK#e=TDd+jGtD#` zI>~bope4D})T03hi5#?vzdNAE?G@1A*4D_V#hITHevNB;w6{@SK_eDGj!FYuwE;RF0%H5jU+LoK#t4g7~7LB7kW}Hxh<0TA6o3A;{`#vJ36bZzB zGSvK%B+uOC*nt<5l*GX~l3KKCyE64f07-T9L8f!d2My5LQ<8el0!%YOZCrK*gcknDLEpP@-_snyuCVfKwQFTXmPv_GRA zT$*tDJYrHD3CDxtU3Q0kw2q}YUR73spGTL!QGa}_e5=RdnY^rq1ph> z*mQ`I-jGcrQ#aRRo!*n%&hC6gH1hZmd2d%ONxNe%uilJUBoIrqV? zir5n=`P=u(8~$)}^Xw_IN`p8k@uHFPuHy*-*bgbCAdas99QmZsXi|3|^KuQt!|V*MGr7%-0KUcdO>)R$*Rr00S(+GAxAY8q&keEu=g`; ziwF566({L$uH15&D`!=7PWW5KQ0yy|n__X#h~|EavocPDEQz?*G5x zNaqD3?KzTef4ht6COCxNdBC#w*1OfUFB7GmO8&`OA3Bx8-A!y#ylma)ngeAm9-1P{ zvp)usEf41_sC)z+9Ymz4=1%!FBG271WR4DRdAX~?s~^iS_$1kCJ6R_PxWnMpGsjJ% zHRes%d01Ek@nUiG!KPr$KQQ{v&xlU~><3Sn9_WtEe0#1eI~k6)D#k3qs&Hn83-X_y zz1AJ!cS_Gk_&1Y40j=71+IUNv_h+{pV8t;+iOU)%a1B9;j^f-Wc%91ZR=%dDeZNL} zyk6e4=km(9_tABbi9Wz*zK@}9^uHQ>`(I#_IPG3fJLcnJ3xb!ulE#-4usGpG-WNt+ zl=rv=MnGq3W!OJ>{iK1&bPH8Z5GfY$ZV|FMb{4rBqgl}O0AFvOkgPki?-vJ&*d=oR zl8A?~^$LUxgMoQbZnbePh6rew767UP7wdB*&T$|r}3UmI71*FL`GwO_-RzNe~( zLVNGWU{8a7j|r>%r*R=iJ2@*yIg5P?dHPAi4i9Q=6TeNFEOc>muW!pg5@C|ZFa-m{ zxn*MdC0V*raMCY+Ias<@P3JB3$#gBsaPbAKe2cWmJ>ne_cO!nesBY;uVKC(ktL8(>m{XUJ(9R=!PaO#m_4@)*p5ExZGe@S)6YH{bF{O2~YMqZYKZ0*L%@nJf(W&yJj_iSwKE1f>wj(M3Ur5^vBCX-E!*B>DP z;wslX6aa_)kCG7b<(4%n6Yte7&Eb*`i|hcBgL%N`DZ?}KB}Ls1ZF9FB9ZL~>9VKOS zaq$%dy149_naK`FM@D{r$1)xLrPNgZMFeW{9E8B-PB#ys>7^r@a- zr<3>Lxw$xVBEd=<6UI#SahS15)3j{K$KwI6WGQvz4bmK390-k%`hLe@wn4b?_QHL@ zpAOGBt*MYxvt~Owe7?GCXibt=6hf)gxuQbCcRTn1fU*2X0hbptzo=-p8X|bK^);Oo zr=xI@)B8o!w{jmZX2!k9Rhh)SSm#b=ZXsv*u2uhj4ROWAam6&p6`MgA!O#k5oovl_ zJ6Y5--;;$Qm21F84*m3&@>3$6TV0x9F3}bbJ%3Lc-?P~C+mt+^u;c1;Wd%Ke8o<|5 z@oka*z=jfelElFDs z7@ziPRBl8Bc4cir7*gjFSxSZk0yLB@#<+suu67CH8=Ltft^q8F@s1a!HhK!Xrt zYfxRY5!kw{Ag+_jWaa9j*@Uc;CJrkfHPrcUWbw&ubfjw z7Atw_8!<9UM9iS!Em=JDqSX@v(@IyBJ93R%V06N~L22&9@^SKcB;Wdm6m*}lJD_oA z17w+0U31!&8;%DU10p+Qb@uNlpl4AA?k;v^P!^7WyI6-Ewoq>go|`GQ zp)qaO3xakC(k^Re=PQxr0KEg->BM*_Ba`IlHC0Yb5W$U+qdF4&GFi^~G4$AOKnhGN zTslwD8y8?tZ%=G=2*fBZ1i0ooPFM-mtl!!7_c zO^w;cE4F}Msp7qs1U)#MSw%&KZC{H5;L$W4)Tffhim)HvuE0I8m%!HEMoQ44_cMnI zu8@^OAgaJ2EsC6~RE>r!SK;kb8%vUhQ(l=AmBQgrad9Xm=9)3tSDZuX)d3h20qx^k z0DEhR6{kiz)HE=a9f^WLt4SV*({aE-oe=UHMX1E|&EUt1cxBf8;d6ku%02EKI<#T$ z&ykK4BZlD?Y7fH{&&}zypU9$NMt18r7|5LX;V`tb!3INmW7yWxqxpF1e@E+ zn)9S+4VX(oF<&%V*gdzM)1?XY`_odoiY!1Vh>4y)vN)~1l-w4}iG(GOrNQ1F=W`-O z&~+>L7d_kgzISnisZxaRjpHy<8uOljYR-0T6VQ_yQ}0HlO0Bxv1E zYYvb#3$@-g>#u8hM(ddH{{3}>4t`3(z>$aKtR6~A@=aFHW=Dsl^47T;*8!4>IXP;M zN(f(v5hHSPzFU+=bI6gFW;Ca+7!`g+S}3qd9v2{=)>v^m4nzM#;*9xWnnsT3VXjN- zgpDW>xSp%)CpmQckRUBmk}zWwb1H&_nA5doT1&^MjFtr}f=lI;-WZoD-th`zDxG^F zc8^2xf!?#Fx!v6B6^UjI@bRmbS2k;`lfaxiXo8YzpvHQ3r!44vO(ljt5>s&7(?B9k2p%G2!6z2Wf;6r6_(s3y9r5Va86-(;{b!nLLm`F&N zLI+$qV-ehA_b&AGy9R%K0&{VFR<%~mBb?M}#r6Wci zmVA5y5@6TcQTiw$TlmC*$sM4c`vkFhB(nnHBiMLM3=EZoKXB(ryx)xyUm(ETdV9D; zg^&=A&ezKe3@)1OCR!0v2RAh>=o<*7;@=B1sR4L(rX~qJy+kpn!Ye8=W{F|A*`$m* zvfms=HWQue4$IL_J-jOm3o8!6B4RNYE_hPO%BY&fp~aYg@%Z*0N?+%RBtw~}EanQ7 zmv+?$MXo;v@hJ~~|M)#exiJE4^<>dCQjlFePU z0m935?ygC$97i_37o9mQSY%eL_Qns&9}roBclJf-7*t|`WeJeF%NweO_G9_XN7i7NX71Lxxw^aO;cf&@6rdLOpLCG& zRN%8*S`=jJ(Fa~dLvXk&bcjA*c+E()aKHbKQM>1HzppvQ4T{%x&F&W0Fn{QLoQUB* zy8wd+{NLm0m4)2lyB0pj8?(_K)4x#j&S!2b&}p|%KauPYFTGv0?A;<$Y-mgoP;eXH z&(d?)kA8ln{RR*bNs!B9&l6EyW6)sKCIUK6Y5k+2XSy4%WgGE-5PU)bEa8(xBbgx- z{y~G?|E5!4w&}W!G=Xr}dq49oPeM z=5798(Y@tMEJ!6HudU;IkS#2jxSzEnA*~-zHsrBuZY1ShVIHX-EvFlnkyw$GicG#8 z_+}%qqQubsk0RBwZy5>2VNa$t>s#H{-`-dQ&yxs zUS`8`*ZZX9d%&KJ6DaPY*EK|V7^Gf0QIfak;?xMH<6_!l)p-`i|92WN55acHh}?yv z)o;J4stp2WuPM2!VW7dg7~;8!rmGHx*_p9_tJR{Rdndv@>)$fYoDK`#^RGAgU1mhE ze;V9hw(Tg9tx9>to1|+uH*Oy>up2Fg{&q^zKyNrWfezJ0!6dCJxBH%kvM0w5+r>eW zUX|iH-1y7c*4^bdWykvtm&67ZU}Gn^+(SC4xvuQA8|xKu2wbQ7KH_D{kIamX-?=)n zIn9DEPSpGwiNx*V#JRsRpBoKG1wjZ$zIQh_JrevcX9b9Kie>fs(GyJMq{nwIEZupR z;)i#%jk}DV$aZ9zW}8W+l99c{-|(XNVS#OWDkgr@lQf!L`QoidF$?9qy~Z0)^83r3 zLR>c!XA}D6ULh~Pji`k@r6>1;Nl;)}O2+u{&w0^3_1WSk!}BGbe-O<{u16y$9nO~r zHAF6?<*H9NS>#L_QL5piw_=N^xuj*AaD1IUi3^^mJY&O&6>ZI6Lktx$SJqt0as#BUR`GO%|F=A`X59 zX<##NJmY#h%O>HAM2;7t?b7oX8?f6gat~5(xLG79quXB#%iEx;){mZ5a!3o`cQUCw z`j!r_?Qov@rSgU!cklo4rT?qENW?@<^)j-ZVS{_$(M~ROEyauM3C0M`c@QJ<1|tcP z+f#`S0DcU#Cd~VC&IyriXHD7$wqMRwcv`dXACHMg9#dJVA4TW=E>(RK+Qv;R3*2@6 z1=5ld#S{InHlj;pOp9z8VUN&#toIc&PX2oJL^+SEy5ZJY4^wlS!^gI+$rq5k z(cXUYCc5^yLm;ik)}UZsZFj{~vpA8CKQWt_>@Klpu)H zKnZmz0s;aef|RsK$3!NL(h>$Or6MkrPywa8nSgYIi8KNeBm@k)yWzVAE(Wgs?0vlN z{{6jwIG$%N=RL=`9dB$MITh_}8);w&fe)H!ip@pQ*q2>Sc2R&-x^yuh`Jw_=<#0aG1$)QE*ry$&-{{9!SufR`P*ST*8@SVBW zk{G@zfGe~zRFZJ$;eRU(^V(00&47myHT%f9e1(*b(hc_Ql#Y-j*Ad}JyEH@`CZwy< zEg~>7G*-z?CxhGcct*QuSSEv(0KnY`lQz|d!&7{;rz7rtxH3XWNigB+h>m(?qi*f? zy!R%ts+-zv)M-UdcA+|KlLW6DU$>`F%oU~(k@2uTJjEX%cU3XB;RT$5YadT1fR}J} zxz&|DJ{2bmGvm6C zaS(z0j7d2QW1H4`asHRlsD_rdZ>tNG@sZ&xt_c{`Gli+nA?HT|{76TVBgYRi9ZusH zjmk`SUCz66Kvt@@>(dSt3hsnxL~^7DZS9Tv^c;uD{t6iBc$1(gke#-%u#hhIz%Js1 z27?1A0!T;NzYfm$mY6x1c_!dT1bT-ci=hO2+^Kk{6?!SeGyQo!y!xkTz!AK){OYCt zb@KIWwH5Q(hFh*8E+imu@UJO$#K9D|^qV5$vWVH~0#y<`hrQQGC)0F^yHWrS} z{Ft{Wj%jh?R)eoaW~+2{+vF_eQ@*=z>DRN3?nZd^?fXBg_b}6d=@QE=AfUtj+ z7s29(AqGzUkKQT7{}{%SZBw?rN4IXI{~^!>Q~xg}-Ik#TmId4Dle8OGYU|?EkD$R)_#6ID(AA?I{2TSKRkO#Nt&? zYlC^qzwd`W=+n(A6ZG&cYHea5t4x9C!e7>`tnONPBUn>3N%e2RnN@h8u|E{kE2qI4 z`f<_j*%yOc%a60>SNL7;fmC2`lEnJ4zMTdEh`FvLfq%?-_J9PspSC&2-Dmqg;8#OI zGh)E^*jWxfFXb9vF3i8xF}CDk6MvvOiIwXx+C=6FUNXghgm?225IRBjTVJSq>8d8yx7<}xna7Ek$HN;-$8W02YTj(j(Y zPZ;&oXhEpU$C3O9kc;o9CDhrw@#&h(zYu-ZVV{|p20=&&bB)eGJ3$vCk-~V?+(PA= z%f>Tr7t{mVawJ*6<_e_HKSQiaxv|K{3Q(@GhV8RIgAX=#t&E# z4)>P#x%G#c9+o3E#-|R&PfkHPzDDV+wM6uTO272u>!#Dr7|bj6Q6r#|gjQ!vnVApR zBlaSY;mmB>bayK+cLZ8M_XvE1gH7#De zNHA4!Y~%rJ?~(h9Nqkmj5vKn|r|=T+?Q6_2hCy z2auFKzmt@GfN=Q#6rSQoJctzBGrku@0#06ta%Tm;*U(F4L+4E3NLz-N^UZknge$S4 z{%xR)1o`S8xnVO8Z?CQylq`bKMt&|al*|t^f_(eIo~c% zUqGJ|nk=zu20eZISgZ1pN^hNh+=EynZD&QfC+*-{{uP)l^-{X~oPqe(9#CTrymR;T z(aYOkrU{4bYU?J1W}gcI-dv;6ZgzdJ&1c?(_aMp>tue?`Audwg+yzUa1c zg`!}(3vgO$c*!J#JSHn3zVb=U=0VeTm0U1I|C9{3Y{nC6SeT*YQ#n~mf5_T&wwv*B zAexMKNf%U&?(4{|#@r?j=R9xu76%Hhw4h(Y{&5L?*Hv(g$M_SZP#f}w=sQJxO-;>l z%gRasMrYk$r&b8d`|I3U(|OVBx?Oo&*((oSBB(*w^BL#;ynM~aYW0@!j-YNO2C+hC z=^pOfP_$$k%o^Mt(Be4>n|pxK(`EqQ7T$aDQ9{o9l03rnx}X=5->Xzab|AxUOxHq( z7Q>F*O*hoi`Xh1Ns@u=VY__{(4=bI>GSS)IO!D{#oOD!=R18Kmp9U6ju%8n)iBB5o zzEbv&e2xcs4BN)*{D$nJBrrSyf{#<%nv? zZaQTW-HY^OF_ll5>ao^WRLESG^joN29=P}MsLb!2f)vm{1HDelx!V&vN;tMD5C~qQtjgL>8-Q>UWOp_8#rZsas&W0g8Htk9 z@-ngVJnOzjNy+H=T=m&t8`VNTAzqp3<2_|ok^^!{WUZQ&kCe!#r?E$n4DZtBMzPU( zj9FLsDNOQ_t-{#WIs1ZWdNbJFM4JSA=p%XFa*PUS_BJ$N+aiS#*p=M-$8Nq4e*+V` zPZ(^J_C^FHeDbB&G6b+MqPty1NA03$NhI{+cru}PcQP~t?p!Ca^S~T>Y^6Q399Aet3)A~t(XFpF_ZL% z13lOJA_R4->?n{F_~woB>SKtx;P;3ws!FUj`IpN4S-YC*5*3kE-icY>Kp9G zQ01BeJAG!}Qvno`Pf?{f&mjo+eIju@blaOLS`ks&=^aTf>*$b^msN%;N{|E!SlT&PBhfLqQg=&ph1=aVj4hB`-v7_tSfU1`?srbH?6A0&bIfPLNo z1A9(Uz6OTYR#D;Q83mw@yq7b*N+K9*u<3Hp%)J{8QkiL>omk4}b|7AC|A-+SGA8?8 zRiNRwZE`3vWAbOdAV?@0?%nJGoh6!EwGZR`ali_y>ga^qWdtsh|Dsrchn@Raw)3zJ zklVZ?&2R+GGtwOLG}t5x5Mw)M40&X5G;b4?L%;B>CW?3{#Yi&u7qW3PZ%-P?BND4N zWbBVal@xDbK-?0F6Yb^U$FZ^K*}NsOE!Y*ZLwa@ts6qV-EDPgI7Ch=U_#tu2Kbf9B zkicNA3V!T~{?`m7!=sRL1QjL!6PC7x3Vy0#+ORz}9*D@tW^a$Hho(la`|-`2T+AmP zWxZp3AbUkh3Xi)zsZo%JbI`TR$F63USd3Z|ig8wXY$rLpefoCo4#~dhMN8x<<`LjT zx6wHH^{xw@#EYA3sC(#S(&S_SgO69deN6apu_(DzSh8H4D6d zAOp4oD5xl(?;x5K{O#@FW0kiTCmIP0#`$j|tb$5^_}^}0f_HZ=L)hnc+FpJ^A5N39 zP&mN3ub!6cVM^f0r| zvFo41N5g^AH{`z%tc!L0<-tm~4p)_?1dezA@*y5HI*6VpvZjhJ53P_JsC8qw z6l?SJWwt+m*L;NCS0$W~$N^H|01d@>Gqxo~xh8@}8N%yK!{VEPQh0A#>hSPbPNUBU zV?4LQ>wBvV4kJA-6If8%c~{=hySb5z#p@-MOq8ktAk{ExGLa5vsiLckkMkG63J3_) z)Yhso(*!IBe4DE!e)5S&RJ1pg-ZL;vP@cmYF#-~YlXpU&e7KwnR%Pb5PlMQX8wZkapEI~Qh|Nw{6baBS@3F}gEnPYLT*9ltAoeVu&J zAct*q1yl+u^zL5)WA#0p-k~bL?HzS|gW#yVuKjSr6>q26!O{G#jc8~rK5FCc8ZO2* zF+p?Y7X%-HbUx2e4|EB%(`$OyO&9)oDrk-c3%kEmDB%hVjv`n*iqAOHk0%Cup9Wli7q96gR(R7DiC+(1skP@8}1Y8%;AZxoX)dT&5{BQD3hbY(9H#cOW%0|zBb42dC zSBif~MB2kyev>m;gD!6?N%s+1zMhQ6=-i6|*_vt{?1^Ip)h`}pvl%6G_53aKD~0WW z&!2z!ak|%e)k=8zms;EHfh9nJF*yBtUc6DKA+4g?>DFKfkJN{akB&_VX$Knn%JW+JZR@5dxe3 zn~S6fapCP<>$36vZQNWHbCZ3IewR0hBOE4*RseRz=Tvj>Gz*J%JHKbE>*6}AV|Yiy zMDM2C)r$4;`r_3Imz$CG>S}5?ytLfiN3IG_|55|Axqtf4`bkC6^}&^Sj3#j-{|%9a zC4EqXkYtx+=j6mikN*C5#d_Yyi$LDdZtt~?Qxu$*1jbJgwrO_xS9S4V zq>EimHOpvw#m0&BH{kLrBaB$H-a*56MGMz2Sl49`vC@S`IJI?PlNT1W zZ7#n4nU+}^ySA3`b|bgVzBAXHo*Triil_IE9@WqEJ(gq|>6CvZ>+28S_q)jok#I?> zKKkJHw}<~QRd<>S~Vb`0m4P?SYe5p}6LY`(pUi869?Wode) zt2eUghQEk~6@wX3_DdxJjf%DYWx>VpyAP`Bqc$TliWYFfbA9@`uqUKHfEAT*GJW?} zELsuRi_IX-mOk8KIt0D!$V4d9Q!uIu^G=%iXLMZpMY*)UhdPBgF}c6{TX5#{skxHg zjr;`d$GxZe1Q91A@6iMF9&d!p+9|{MAX;Y2)vdJhR9EYo_u{=gTbF$OR=cT%(D-1I zcB4Iou3fA8xJgOr4L{)q-1to*|E6|mUZ2plG3CAjqEk&nWsB60&lhyhTxM|kK>Jog zbZzR?H;2vjHhY_gr2F&TdQ_S7j6TXKL6m!rJml5yo@QXF^5?^0gT5mn__Oq zajIh%hthKz-(ZD8G&BeD(y|5)4{oZO5Y&^a;Ud5H-j{zkvShM(H|cTa+3-~M%;HXp zcnW6>apnyytMJsI=xA}T4p5pzdsHY_PueqMI`_<$CVTE79jfDPFw06XybHd;t$Myj zkwG1V+O^ny*WpruK-I}U3dCW`^*o7A&hLVP>p|2xf5g(4D3&@sl00QH^WK6DFz7Hn zpLo8jU(l~8nsBzX^X)LoC~60R6FlY$tePKZ`B3a$Z_ew5$|m!z_58i@pb_N!>O>u= zRHeF1loe=r1{U=&*;KrDrbcEUoz~@+tP2*%6b3iDsX$J6SRt%UCmhU&WDhBP;>Z{vW0PO2mAU;XY(t_S=Z9oirK`oZ zuM7_x@OAEYIiJ}^o4Fl)k|b8slfiYU(Vu70ugtdxtV&Ew$#~n?_`P?3vzTwLR}C!| zbT{`EHi~ZQICMK{+FriQBK}(2%^f@(TtXF-i@I*{y*C+)AT$D3$mDG)X5+?bQ1)v- zY8qaCji2S5Jw`Udt}Uc3Cp^@J59*>-!Qk*t7Ebd)WVJN%2h7+A33(~)GSE!k2iZym z&%mFMcxw+A}pAtY?K%q%~dW2bZJM4iiIS*GY_KNof?w~En)xaz|9_89LC`F4E= z-6_*a#qeZOru&~Eo>frrZMZah&e+s+)XRP2#;b9Mcd^rb3lu5&d$;B}OFR|7*(uPt z1zs5<;zKWx9^?YC-%LhD{K&4sJGAcMQX)@VXnJ^~OgBom7LcN8-i&UNfFEmSO$twU zb6vGq_Q5#+^d;}iw+aI(hA3=PuKhS}eI)iN-_6f7>nlFB1n>;X<`=r?MK`E)UF!J+ zmw&xXKk=U2aLkmO;i7#yXZg~}@ov`nAs{pY#dDw`BB^AuxCM8DZ+NzGzR|s$neIgq z;MRE?frTpTUOefB(3abB!sIXI-5XZr&?}V$^_h$thsMd{$25%nh1LRql4njuVAQ@V z;;A0CS$#K_67mK*O~i6Lt}<{0`=!`2-M12lx%ARkC)_JL6&p+Iz6U!=H@{wAXbCZmNU_XZ_XYJ(wMo+`h34K! zNAUp(>scQ5IzQ2kOS;RW`s^o8oJhB|);#1pnQ4oaMS$rqu5q;h5O03Ng$_E>b#rQ~ zQGz+y{CGDKX)V*;L}G!yWGNEejc=$3qc0hZyyOCs8(^K~`T6y``gI!GONH6ls-x|h znt=7jPZ?=)(cOcvAUQg^l0vU@m51p-*!Z4$$C$3Y;H7FRD(3U>@N~NT{Uovi!0Lpy zwp7!`NUTR&WP8TBPC*l98f8Pnn7!1;zea27y|EfC71-~Y2+vix!-*#Dgh-m8cclSM zPYL}+v){AT^VCYseSDAdKq_P^3w9?U88SmCsCp@UBHy+HyNG;|!A_$Fl4(o3b&PcE z3(Gmz*|D>$##ot~|8R(N4Pyh*cBiE(cmzHbUR5 z{Jl7Kaa20uf&9))^{p?J&F=*g27(K!S7Nyn`Wf+V7r zB-o&XR+yfc!fQBAaNb2jcY5+dj)2%JTQl<;yBU>yVB7n%Mfya9l}K1^Pn^el@L#AO z@@xhANH4~y3!&y{4w4pX0zS-~5~y?YyEY?}yhUk(HgSRcE0RIzSYcp{ySo`I&}TW0 zq(Y7aen*xi3W>GjzsRGp_V1d~?W0@T)W{0hLbrmzE z`%K`~`5nAF(GBDc-#@b`m5yFjsUQqgjYmWw)t9d{gn#aRZZB(Od)#$Mrb4$TB0FuU{219l_W={r|5BP)VcXSa zegNO6{a|di{lV`(d81_W$aDR_t^WVE`v2SN|F~`c|FY`g`ZbMOsSAn}&V_+2{!JOf{6cu{*GnZ(vs@CiW9h8|Mc$QlJJz zAy<0^XP@z^A0rzYFX(OSFpWr9S#fq<`XU1iw8;5&(7&~7eJ+D2Ltw?`zf>_yEh(S4jW+MBZ)M!xVJ23Ct;TpC}pxs?lL{ zps?ezY-2D&80fhGDnp1^fiYGb(XUzlRy>^b=7t7jRkc|63RnnOHxyZF9d>FEQG8yRADy3O ziMoEG?ep_f5&xUtnP5E2$=OzrV=}z-)2~I_rUK7><5RM>o7+RmTafMa7g|Ynv-|Ev z6-mc8G2fmCB1;flNF+r#r{1}9C!GD+^Q||63s!1Z&m=VGD0Yo*>}0`A1KBiitHsCJ#iOGv{YNan0UOu>nEBKvuPT z>vrv0je$RqomdDA@EUwX3`1sMOt7Zo6nh>Heg!FTFr>r_W@EX%qpZ4sTIeze{ef^4IJL<|yua zKnb!^2TF(Dc~R!sbzK}Um@G%6L_iZKt)SOQreJNt0ZJtf8JDDydfJ~(;MUd61jlPR zYgm38bF>D2f4|P8zVoti#GRRHY}N(0HAhgnDQfHEHEBRJxC28&Ev&jsiP&ZZSI2S) zX{JhL+=dU@GIT9Tlm`}BqVBzTyq{@8$8gJmmJ|aggeZ9*>Xj_X!#tZ(nHK-!3-;N7 zgXA#Rduv%!L&Ml=*_4Pw4{>L@5cjp`#0cuXb|ZC@4Mvp{+pbyPYdEAg0{0<)`VxZb z&>T0(-u5uXB*7gz`K~5<`vZ^5$bcP(Q;}KdMgq$PY857QEH`+H#l<;L5tp+Yob@{5!-=R?JL3 zxa}*N6;vL+OPTlPmNzwHhmwTG?Wo%-yVP>Z;{(6)50o^8t#boIv6w5EhyaF5f z3;&?c_A`jp5r=o4sZI~DSUbl$D+E=9kmwp}e4S+dVkwPnoCmp*{`$R0dv$_jLTUP( zdW7rJ=VYCyPnnw-cV9N(aSz2PLtU}W0=SVi_d$CDYWesem4U_Y<-mN#{B-+{B* zZC0I(UhG$eX9Y(BA9ig_aC9c-l0A3RU%lkZ}ZbHk~WQh zw%}_tQ2x(|)PrN{W4E}~xvno0`-#Szs@)O;^K|uHh122+2|}mO8(YVixauDa3SFdc zu3d4cqTF3T`RK8{J;KRr;#wX2-tbY6!MMS)aq|f6gq;AIjuT^EfEj)>xf_EX6%~xF zMVE+LZW)8V*`<$%Tve=C4qGNwX2&Wx&pwqJKb~Nh6m`GpJk>~0d+|d7irt6FzkXL6 z!n#>$9W_q;VDHLlaV}wJFt~wycrLx#F^bH6bM{wb-Uc2Ukf9>W#YSffMi-RpMDv~2 z)^?E#^Bawb!oPGA)H!NiZ6z4>lIBUCnAs6RByMbTBTFz<*e4t{4UP!3HOw{6Vtdh| zb%_=>V|tLYC}lv&jlG(eCLDg;*fZqm)47iHe%i8;uVs5J=9=_q%l1AzMMLhHpYg~d z^$=D@DpukdYVI8&M^baSEEYv*RdVlk=@Q|Mez`v=YNcL2?NjFFYSIl7Z-J)WtG;a; ztG?8;=cpIcD)W6TT!mayf-}30(?0MNzH9fP{2_srm*eD5Ub9h>Iv4fy-YEGzex18c zqfh%6_gi~7&h&&e}1 zD~5)b8efhG*xvkL;nP|<(4m@Hv8EIM*tGi+?e+Y8b(1`G?I>2`$fL$sDJr(111u+d z!ag-N7JZ&)=MPi$t!nCavqqZRZ7`^Cqc?CaELcnIGZf0>sLb3wc-85)UEsH1M_sSJ zw_Oc{)0)_Ji?=lgIB*)VKbpt!sd+N5{OH^G_1~`!vY+Be&=|B0m?hG4bN4A|DlO}J zC+O~Q{^a&Ac!-??7r-c`F>iZMAcu|Vc<75zZPxz&{VrA$cC~}WvXQFY=ajV=no_B> z)0Jz4Z1DFiy;3cSu+`=%)gvz=QZfXzpbu5Abwtqf;IV<>rPzyH89n=~Ug9I~%i)rc3=qKsQo(E&C5|67AcV!e`^K^7{ z_wm*Uf26W@3Uw}M%)qtaeQm$Ph z?~;QjRNc^m)DmcZ)Krw24s09#N=}kc%7oH#hTxFgcG0Q+HeWp4gtykiN}Pp=2Ta`b zzF`B;*OYBuOy0MB-`XO*+K&~BQEiXmK}m8kXuK(~$O~&6)41zIz#YS!v#hCL09E>_ zM~#S84Q~rLLywxc@O@~m?Lz|mj81;gRW!V7fFp&%^%ojLfZZ>tBr3P4nHJIx@cfBWWr*(F)^_AoBgVvKY^XQ12G-Ti2O{VHc{Cwck zsY&FizPh&NcF{A?WpWo_Vi(TLRZzvSo5yLBXrgA6W@?MEDJT`O{c>W@NXGUvlE)i$ zlW{WLg#-S&z~B`L1S6UJ^}?3toi%JhLUYT~z#lH8I+~*0ibAkHT(7*p%jxUa_uA=3 zeI9Ot%S&H?HNzZ!L z3~iD2yw5S(b0H_a=WE-u%5`~kM@H*+^urY~m>zr3n;Z&Sj3{flEqN5tG)?M)TkXvHXn4OM}T z4#Al$iMcvaeZ&x(Gq_h-@ec>m`4f_&+`sg#EsCtEGr0>EbCW5fB_nWHhEm93AtxjTDn(jC*Iq)uuPUG^19tlDPLPT zHoBIZdx5IUDqx^a+hF}0b$qDH{#%M)Ko;~Tb4_dgY;5emnTn+Sqk)R=w9fZ(qAbtja+?y*dCsShtJ2dI*Df2tiplhgS>J-{VfCjvn7ag!x7ok3kagTPCg2mFPRM zs)?6cG$&2?2WVaJu$Ld2%tla!@$+hB^*M$4fZH47Kp?Or;q1tqVucnj2cHjHk z_qyw->85cQ8*{``F&39(lr85U^8e|vbntxI<*`>~->zR`$}Tt^U@`LEt>m%q38s~* zB*!_E`Jp`ymcu{1>h+p>vL|OOt=sr{Hy2Bb>ceW)wY4oHy1FS+0)O3fomyb88SmEG zFSMpvHr?iunqhq;yvtMlE^K+sa{HjZA0v)Z)5ub!J@#3i{m)QXLbNblCWA!f?ri2{gLJ{e_p)KUD~DUy5I@TzWy-XleU*N^f1O`Jhhg zNit9Mr;_Eu2G=X@TTTpgTq<#f0)4hbvQ*kdpC(qp0(E3yA8}31yxh}fgW<>5dpX*N zTVMLO1E_D_|L|rUOO)%CpdgL5EPG}`w~N8ulWzcwAKj)$V%%QE8ykCf@(u=FgZ*Fu z-G+GXqScw>2gz6hI<0=~PNiA{j_S~Y3kQj+eYMM&h`Ofk2782Kw~F)1vik_$J!~5b zFudThVYFUz-=MTTnO1PU^xA`*w9MX=(9qCBrnSMY90xwG?~Y*)uDf{{6MW%y4tb(I zMlSE5EZ=+`18?DSWz_!FQ!bWXImW%qhxHSNU$qm3F+grtVtp z-FsiS8VRwduh}&Z4{A5o=j=%t=-CtY(zb;+{$v-oG+Jz=nR*F_Fsis-2feFFiGLr$ z+7;XU6iv%LtgGGZT&qFWMbj2kU9(A@dgXB)9C^6VGoI?##5dN5fL4$o2RO1 z51TAiV(yR7ek_N+IdLpf;gY(=iE_a|JcOOusyDeK2Q0keP87|-3?)MUSs9Bo-6s@dpz;7bx8+Bvft%-ol(b}2Zj}{3(dxw z-&*_D7%&*@YeM%^jOw&4i?kc{83P{n$hz4m@jZ!&L@8VYhxSI%Ngcr~_l%8Dz?pCF zaSTgr4F6`3Z1-^#Zzb(8zhTs)ZC$=0$H2W{@a^`bMCiqz+WijoEkUnzljHo4q&@V% zboKNxev;p7u4YtQ{`H%L&UW4jBIrA?kDuol-`w8V%$$hbrQdVwYnF-&qix~*4LVt> zUe^MqqvNi9&#_Z;NtfNBBj=G*IrMK!&$x4I@NaBTWALjdns}Iw=->J7Br53su4{6* zX4KleEmDk))29B3Jlj3W@`o}DIgz^wmjKo%{YF?{5=YY(4X>m?b-&M$#mxBoh;Dhs zYmD+_`R3nwu0!T5OqrZT5qQJk%(JZu1wAR|Efski)|o@MCWNz!{-%}nBG^--jycT~ zA{rq>FBO9B6K!G~oveU{rK)PI^WlSLEs4#0yKdw;+=n7R#meYf6Mjh%;^2pX7@Ax= z{j$Do#nT3&Kv+j9=1@=dczH;A zojz9avr~H}L_--G|IYGg&vLMxdsAMZsq`_^gWu%PxEPx%8%*>IV;yun&+Cu{{HPjb ziH6LKP;8ztXgS+KyW1tL{L{nfy0bEl3`ZY{)zC`sMYY3V(N4mm(Ha^nZ;!?7M)Ct# zvEMt{@4e@HRb}(?wU#9Dn1-q^DSy|}^c`=QoXaa>nC;1d+}#CGsQc)Oz6mo;u$a*O zzH7`FY^}gj1yNXyy&0U|y^QI8ciP9N`)()=zmSCyeIFca_~7=oiZ|q}OyQ0b zYGI>5UFYr-2xwvHRa6T^miDA)H5}!lr`cGsGDT^wY84?VEe%DVb)~$ts63rs8yw%p zEkO?NDCEf+bA80oL+C*E;XP^jXmFz)=@|`2Mdk|uMs|U#orm{NDnY@bBr|!3Us#EJ z+4T5P6c;cRa<~IrnN>D%duiBCeOg1rGEQ{`mI(S-S7N5WI(e$eXz8!6h*n* zf#_i`)T&HNqj9|WG;EU1q0NLS*;kwW!AC83t}es%Z=lwcnb8qaQ(Jv!Q1U)DNK@i2 z)@Ef)+ITy^>fzA{lXAb!HW3Z=FP-lDs6i%lxh7>|)ik^bqf%cl$jW_1V&xtI9KiL5 zKYxTcb6+sE3w&yGR_+hK2r29Tx%z9YeL>K&@EH%&!bC-{nfpZ_t%7TP>*l>_*~R%C z+^R2L-h1aM(PhV=Xs=gEIjK@AD$wg7jowl;wutb>fp z)!hF0HAn&L(VCUY`4Cj}hL78!;#=-1ry2-4g^Mqrq_hx?CKj--3F;g z2zf78=7-W-fBm(n_;|;aMJChp2x5R}qOSdG)XOCH>TPCUQV(!wfc5ZNFh`#)rZU}!N!w~D>(*+;3)Qhcn!U>8fjeNC%~gp2vF zXvT4R@0X~V*m{}&K-VL_ve_#S@;H&GGF3vJr@ilusPNzy=~3eyQOY&63V&MEUAr?8 zN3`r=D;mBd4>o=X=&A~#WwGDbv2Rb_dfo&-23|?6qbVE=HIx5-_(CW|`gFDNaR0f<&3r5CK3dLq zq+{>`x%E}gzFB%m@8>X^T@FWU8e6mXTg96p-tAvs&Jk0HR{VLUUh~T*D=Wr0K9+@% z&Z|jGg5oLFSMdVjH~!qPyF3e_4(3x5%yZ&jW8fj@J^`d?nf1m)j`qLY8Ky2du zLxM$N;3SX}`@5QP=PFf%6U= zns#<}VHxkQl3h6DX#GQ81KTc5a^@6=)L{mGLALfECpTzh6%>NVW1zO4E;`P|yV_JS z$(B6heIVx#lll~XNL%m=oq5codLyU2T;zyI$Yg<4*P(r}W4$3aEG;bonK&lF zoj4XRW~E!E2X6I9TrS5=Bk>2Em+Wm=k}9u@V9rl^va+(ajY&LYp_7MF{`K8K%Pni1 z+}v-fZGEiP?>o<)x7uDN=EpE++#d$FJ5P9c=#z*)JUd%P9#%(@3{f(!R}+i1m>rYc=##@H4465+b`!E&WMNkpTcKi5!-dl~=!W=Y?Q=QnG|eX!d1e zHvY>Jx|dDUWUOWS2Ta(YSvqLHVwsIMF1XtqSMKl(ZWIVXfubO<4!2$`alP@*-g1My zkY6Kplst{GcrxEd?OY>;zp)srwvqXS)KqHXju$UB3Qn>;C#ZBQ!t8mB>=7-MX(Oyp zmhlL4Xpt;O5Ryzy=f{JR9$0s@`KZ##A&b(yoU%bXQC^-#8<%C8 z`w}k)pVmW)Vhh{NiB7zJ#>~u2I(}o!poThWY<%_WC;yTi;jw?jj*V|^ug5M=gCoY7 z&v@8l zQ?|Cw0GWSa(;4F{R3G!jQ z>47t&5${U3XU_98+zL`{ufA-5uv?$h8uuk+7WWT=T1zSHmU7Qt3WFHjsN) zhuI)An7%VJY=NOebIUa6#x8ySTFaRrNKYx__=n{KtD+T08ZtP_uUQnuWV z=;vatx?&nZ{hfH5a_TOdC-d?t&rW~*jd`#tTckN7QE+n#3%N~U9T#W|gK$xbE zgQEA`#$n0}Rt*&I&Q2f#u$6m=7UWV?-c!uwl&z-7_%j0AaaHAPzh{c_PD#My8ce57 z=aCvTUtju{L8f17a&i-bd?6HE)L@)jC1ecx9Y4 zY47STWWF4)Rz6Y{U}(PgVYkGEc=!F7g9m{@rvT>HXjFvD?gjk*KSM7mfQE15SZ2n^(*dkAGd#%~> z5cBYYt){j$Q!~R))a(h&zA63%kM<(a`bY~V_E7vYtB9{?3#R?ummk-63|+JsaOe=m ztTw-=!ifhEkI;ha3K0^TfQq|y0BM6tX4q` z0R$I3P(U=i4<5k_@nJ}J9Dzp^t?li#_d~{41~_zL4)?6#?BtB>4i=EZaiL)$8qiX` z`uAnK8pBf;l5GmkXkPtTt-jMA#6#>La;JIJp}=}iM>?`^88*Shb3xq3iq*|Wp&`wuXO%1OBN!x>I@%No9&zo;gLbL)L zUn`@Ze{FwI*-Nxw?+TbVT!D4O#{9qqxU%+i%`dO!8vx;!#+%5btK3akaP(0WRbKvh zZGAoby{4!LpI#c{S3{4~NksPRs_rNBB>YgXgl-;oc5U{qwZVA8%S;8;h!-6hT#Bpp zxo~hRka2&-M+nYNsnB0ckAhCp;CTSnL$0Pmunzj#ZJjU3JsgKn#5VU5DsC=TdEk7b zACG4%a(3&-jDK&1Yb*i3?duQu%AWkmV`q#tg!jnlN z4KP)+pP}*chZM1)**FSH%K7Pb%DH9!UYYwP@O+ZS4t4udvFe26?9?-gK_Q5I2q=f- zSoMmy9K7E6g8qV8Kz4R^I>h*XfiBLHr_mF37}l}0>9hsvx9R+4K&t8~CUz#kd3@c5 z&!#%`390Hj#mv1`zNCu*XS=X5d87QJ_5KxvY>i_&@sg~_PFy2mUSMxTZ`3VyVNvP(R~_UwiROB}06t3#waVMu#Ec-fJ72weu?wq z1fEm3_%i@;5J3jFQuf!V$Pi6Agi}i<;b?ki2?u~BFvWPWk>`g+2>A?rDwOeh5lg;3 zQ9}G*A3mE?*S+0vef_2x)3?Re%ed0mukGuGh|-=%3lV^PYGm7rs-9&DktYGnPIx$A~V3^ zxNJzTL-la6)eH&GjbJzx8p&&1fvR!Z2;z26St$;7NP&3J|W)$gjO|l1p4@~ zcrnC3DEtL|i&)JOo!Qz`d=}UBb)84=QnV7Z&%Gx-Jk&|)*BWev2^F+VQB`|k*CbM+ zRZ+57U7(?(YT_Cd7Lnj>Ev(t=rkQ+Vy~Of+^GOXttHq`;sn+1y_wUm z&_|I1^6dFzPm@Kq+`g@)nMO1`M9XfTK^ID$SbPs_j`)aQg#!4A&UJfIa+JR6%P?FJ zuUMV6#8tehqj)h<^!*-TvODE6Q&==Z5FuEpy<4$(bfqQtPQCQE%|(Y}#HwKh6HV_M z-D&nkE%d}iWr%Fbmdy^|f}7BLPz^M~hkK4GXk9qqW~oB936_|pB|?tcH`{N0!9f_Z1`UXj6YM-RWXVaDR+4NY~`Vva&_ ziy!d<^otvFeQ!D#c;|GEMc?yH}P!8@k^6<|Q+#q*QhT|0G)9!E#rrB)zvNm1%p{)Mbg(+|6J zm!H0$U);Q(n3D6#3nSa{(`}>vqz0C-mQ3np$v+%cRC}ZO80S`-198a5@@Oy2k9D*- zKRyT@XL66CA=wjsFo8?s9K7h^I(f1W3cxm*Lf>wWr-bH3EBlvCJ?ER`j@vstbN3U@ zonLgnYe(1Wdhe;9dCt1#*F9Tb3zH7d4 zqNFVD4!Qtmh+;fjk)H1DFDKbgbLg_N4%6b3^shu(R}83^2~Hm?6Lqql!Y%6x4v)tq+tUv}f*RTaU>JX8Wb8oZW6xaB2r8Z}h#9v8HuGN)4A_f$LMvtm`7O!MMho!M| z-yCK`a22=H3!h5JTh|*JEtHTM zp1ZM-=eAL;*~`jzT8o9T{MBQsu?~a&K=KgA;&~l~@C!0Od!l*_o_%Tz;Hk)sI%S+c zusZZ~xf83G(j#1aJx_?=I(uYfYE|h>*vBD3*cKD67WbZrR0a&; zx%Hl(h+C>chs1l*7O@QiCi~}yTV#M&+Qu8Ns;U|o7#RQP(W7L-JFkCS5;&dz-G&Ft z4SrvG0JtWipWGAjPIsMRl+82E9(dnu?bMM;ZuB24KP6*+2MN&ms5oH1rDM9Bjp39)|(K zi@;XdH8WZZ7fq2^vt}&dr`Jr%7Ji0V-qUA>hiW7u>C~sW_UJ1QTVo`=`zTn6QqFS= zpl;R_$Yuumhc&jMUVT0p>=}Tl5~V05a<&E@t%U&MLA3z~=u~W&(8- zcX?(ZGXc6mUHMiZX{;XKD0b2}&e^yP*63!?t?gI)x*+oPJ z3YVuEAZqs7kL&UQthf0sFMrZgg&a=49E@0$jicyB0oL zwuFE-`;sEONs<^|@scAy)zPmxZ|z;74@O$t*NjGo0unmZ#qR`CCBZ~c5p{9b*lAXd zr;K+MXm>4?ZG1V-fzzwYcikxCcnvqhhY*jB3>$+2WH)~*mDL73v?rXD^Y zx^wEkAe@QEJng^d9GO^UaOpGi^V=xmP3p8`$fN31ey5y%+J2HpQY2IU9$E|<+PVqv z7Z~Edt@K;;ReD0$F+4mVEb2alrd(WYWN%B-TCf?ENY zk!$pkqD)};GKY2^1p6YTOs}El^Whcz03k^x-!0#i3u5-`X>s862L=b5;QfqB%9lp? zbI^Sgi%1Yq8E2ro{zHt|P`>K|TgotOdA!mf1p6VTS3epyhCohbNupAZfzQ6ev(xhW zq`?uS!4w{Xn?NV~gN^<(RqK`K(BqT@TPFO)&Ex26coV^(V$25k7q}98d{4+)MEPp@ z_2Huofv*F{Brsd7BS-DZbU*s;f~VAs8qwC@ibP?&{~1~r*ZxWZ=)X=+Fugne8evV`t>ft*g4S4ywk+b`Ty(dN~4;%qOe*KK}B4!h*DE5h(QHGK-mleQNkii0vZJa8dMOs0JVZ>u+|vF zS_!8LRt~9HrFBPYp8-pssrbKjls-tW6j zm~WPUwZ#E9TT3!zO+Lm8R}IboX!>z$Nnss!GiafW#SQhvyGrX3mP%{@_Ik4!UTR6AB2$cMA!t5D>dQ1zJGas@ znHw^;_xgm~6XpOE=)T_jD5e}^O%~NPVEBULPeXEj>1ysV|Qq- zw1^r<4DD$>rzx$~QE7cK-79n+T#22~*NSCiEDCRX-~=6;FU3HJLN_{YY7et_OUErA zpFL%>hRQ`Wy!@ibkag5cp-`Bnpm-rB{ce(_q@aL_bS$0?b}@4c=#tnnx}W!)$)b#t zWc`NNhiO4zO{Dg5aSm9eV2h&rTxPK?hhDDl2KLbYIKTJT7{f>gU^YS!Xv;803p@lh zkHp$PtO592o@@X`SoCcs(4lx%Rb?f%<)KCXmC z@=D>K!X2cLcpkp}C9k|s#aBv0Rx4T`*sJ(ir@Oc(f>+2iK@?LUy+k?*)P!>1ZJJKn zrBXapC21}M=dk9E=@Meg1;m94!dWy>=T0$7gXQ*dhuq5g07l(gW`dxry!ldBeL*I( zNsA%I)G=WJH9TA)mV6GdQ5taLcu-n}P!l^|Ig`ykZ)ju&%1CMH9Fc~s?4HN1)xB@NE~sj!PJZ&^gU&y)!Bq=erSqBfX|w-Z?( zQqO#DdFTg7-US!w$v#E4t~jYz?$5O}F!rcO3+>WPW3=?kI?j7fo&7|-dBsF-^~Bl$ zuWjWsbzIFq&{Fv_n%VQjzzqF zKlpMX$G82FzLV$D+Q=*ZR{OSmMoH)!S(F!AZYe2(f#UR%qvx*kv3F9-(>RDVl2n+i zwhXd>ZLiu}>|O*EXiQqPq0o6(boT9Mo=M+zzdZcQb`N`h`h`-b5A!cdE*{gAt?VCT zM*K06o#!`zAv0I#Tr z7#@#RiEG>mh{N8^z8Id4LZO+^z=X5sH@l=98)40y!Wv54clAcX8Wz4$qn!@j*!)M$ z0!F3WP|0P`J6^Q86%U(`4*)_1=ZNtTa2BTED3|o5red~g6 z3ay#*4&woj@_=8u47XrI?GKgKs;75xM`${dsIl{w*`QutQ23;;r&#(`Q48s*vMWYJ zTp}I=BEKmdmrw;v^-GSiJ_%S}Sfu1a)t@e_r*tF%>eUNt_(05APSmNP>FPlR1DmXd zwW>nn?BL4U5BY@F1|IR6Qx<`JA;45GAB6xj_pSNzuZo8>dk{}#UV(h>@H11c_^_u@ z>wShiIqn~#A>4oC@H^3!amaCewO$V3Z?&Iu@HED-!yr3TzP&o4Mw)O9#H&D5XX_BP z1XoPK&t%vE-yz9@seVBxhJ7~Tdz8r#NCfikr~cn0j9m#XV<4qWPOw={@!&x^EH=F%D`+v^!;e2}E^97xmJJz+Xb*=oZ^;k_sVc+h9ySHuIw(o-C zd5vw`b|h@uMm!Vr3Va8JeqYCmr!hPP@7RAd?nyBXC^QpsFb%HTe7 zXZs&}cMXjdNAp^CUwD44{raCG58-YfLpLK7_Uu%>o3uk;LiQNuPPr)sBlT+vt-L+x9pz8qjxf!7uT4HY!1$^rX3Va!(ID5H zF2(FnOQgk5mp#x3EK9f8AcR);AQ@S5;;Zo&8~0(4)19DHpX#skUycxWv3)FND z)3CJ0Kgd`p)k@rF{Gug27){1x@nPEpE}&e+Mo>{DSba#^zwrfTWY@I=TD#-=YhUco zwy5)aA!Nx&bhu_RGPYCbI3{+1LeO)#Bi~LSv%AD2-z%5qb%b4u#d(y!jaood`qO6q zjn&0Irc}bI>(Sx1H}PbY9&{L}eeAuml+QBORPjwj7+#rkAG4YkBWfl;J=iAXOU)EveK9%I>aoq0r|9w`b^)F8$s8!1)>JvtukB_>+XSxmRP>nC(YQ^0B($iV zQbwK{RQ~JpGk@;yrSPP+)fNAYy@`j3tzsVK7h&7hIhadJtJo}~&W1jo@sAUf8g3Vf z(?j2SrPmfzQwzQ-@&0)Q55HfR#OfG(i|*KaK<%Q$T1SRSSq~dW(o?IFk}Fl{?Z+5s z6?v0iE}^2t%dO__qPc3lz;*d`MW@@8rb6zZ@hKZJ3Vj9kl!X4;Xrqg+jj`wCaGI<{ z9sE-(mR&+19siOUU5)M7rl*9$U{r+S$e0!TisJ=C2s9_+6@m{)xZd)&dXC7PzAXFN zc9~LD?zPncx-`9GIIQN7kw)69D`6XiZ6|An{l$NA*xZpy3Z?3qzMW5nEbC8lCrp~p zktH*BP`y^ZgQ?l|i?}rO?KLm0Vqd0LB8EG7+<|WMXzISagCVSLemr4-Vb?l?^F{c> zjn!Zm_Lv<#Am(^|@8Pp=U4uh0_~fv*YbZC2xYZC9P7m{Y*rQE+8ZdM zsVLm~N8~}^U4jXtFt3aFgXl5s^M|4-v$53#Cq z60t_5f)_5#ZE9jd{s<4;b<7 z*w8U_KiJjMK#l01n?uRhR|KUX<8Olq2d!co`6jQ0=|QMyFY9c4fwf?wRTN&@9m$3) zj#2H1x#gy^(&S+e!D~0JpqDcKL93YCXd1~4m$rkb-`x4%5DHtuy16AuuYgS7=S8Sm zJzWf++jPD!BT69i&TcO8dmC%T#OiOyYUbV@-&AWMaOnfa4oyU>seo1$|E~z8(3nM^ zcn7l&_$ge`#DKEC4L;YEe&|P7A4I9C*v7ocr)E%jcm_vl^wI|u6dJra-(M@irOsqz zTpd{SvHv?l|E9XFP5?iTyiP|&u8t2RW0v8JG_cX}WULIK{x3dhgXpHkE}^P`_fNR= zRpl8ixHM-!Y$)}ALnugyHTRs}GBNzus|{PspQ+wNZ2 zbK+=QwpsT(w=bYX!k%Yb_+#)Q=7FZAjQ6I6YJ34ZA#_9<-5J{J`;+o9!-SYMiF$F; zyZlr&VyTx|ZnL(3lyf_mRPIOWFWHt2adp_8tOq1LrXNk!OPBSh6pfwfsF>}rV_S2W z|0zuJuxA-B?Xb=K>3gVZg7c-?tV4c>bH}G`Y1!7q2JbVa^OgM0-$%2T#t+H*?tRR* zGG86#^eseMdi=YYS!aR0{ZNBA5>~vfL*!W5s?BLJ9*_X<*;x_ z`_+dmrWFy^j8g=G(#7Ev`!%n*O6k>!;O`!!lHT%r)ZE_3Ll#M2O&n&L1uW}d=6U@d zkX{pw_MH6u-Da-Ktk68%W@**;kPZDIyLa{vm-=dj8UoD2^o~4=9>3XW!c&asbD6r!;j`8 zr3Q;##5Wa5VcWvKu(*TQ>qPFAB)%;f9)3cW+|FC=)M|X_+3`z${3qku)16iQ4v0J7 zv~TLsw@%AF-(~ULadNJd$z-Ly)vr8v1t-1KoZ-zt)9K?gk-fUI#5ASv+-7bTZsZb3 z#~~j&Q`>6n!E5aL^MRaiiMi9)^e<+?QU`fx*jRZ|-^wKBYd0CQYteci zZ0d|G%7dUqFGRWaJf3(Xy(*CYZj#{IflqNhptv$-=i@KFx;#)oDqS)yzq4Jy>e(gJ zl(alQ^>}#(zHsB)7bIrCn^it>z1N{7b1_OxxOAq@uBs|tzEWywbblhp(iykb;vS~5 zdAR_O)rF&-ZI(nYv#B}}lk&4X`F!)AReL_aiRKQX?YwetU(XL&>c?6-M!7xCEG%u| z3e5fQoQYm@-yO5-#EgiQlp4}!mqz2rt`(2v`Nx>p%UyhVRzO9nFLeGVjW=!0-UDyT zpLnZEE?iq)9*_>sY>;L^4ux)l;lMdFDvH2{1i}Ca5UY*T%S?qks=6%+CDUw(r5+srJEwAtN*^ycyvy{0q=`%dN zE+sEl8Jp$VwF09(Pz6Mx0UDQWQ{#s6HY#E@S>NQ=)QeXm{zx8ig>P|sXetad+$~_% z^NAz)cS@;sF8#PiQ>CuJ z%FL6NqcKr3BxG@(^~GFOC|Bju^Amt?D=Pq`0BjwJd1{&@a-mb1%_9~-lw9ks(Js8);e@U-Q7;7a4aip zjK^g4cBVJm>hFgf!Cu89z-fu|V>#bc`R~TRV-zmEO)6VkUFsc-5Aws_+fnJE5X@H< z_4C*58eSdE_pT2$^$f0O2Db0i`1bmee+^&pN$2^dH-5yL@ao{;{E{&nxd-awQG0!2 z*u>9h8`@VMa3GZkSohb)ElzlmJWM76_Igi}8Xrnczsj@h_iiYkj#*pO>2w;1l5;KW zb|0xsk6Cq`SaNMOa;e-OENz@>Ih$P&GP^jE&U5$Y10KE@_u=G%<*b^X5Pq-Z1Edc+ zK}Y7UuhvVhG+lnOWR+1eXKOthX|g7!t!rPY>%Gv|8!pnNsi|$QSW5I>Vo&lmt1med-wgpG1&;GbmFw0c-sG7~^-8_p2$%A-^ z|WrdG%q$VV)Bq_*Iv4G^l#k2LB^>k@}R+hF-u>lFb}c z^jaA);pfIFwF;?9v*Z)KJtodM`pPjM?92WA#EU33l+bgp*E*v(oho&bu>0{nYKgZ= zHwiSJQ?lQqT-v$h%jQZZqDY=^#+W&yZ^_UZce#GMRJn7AS<&3QO3yOJNOSTR?nwQB z)KXi|$DW#ug1Gr^rdgu&Yn4bwCS%vD6D#ioB|clG7qwg2j~5OwvL%Io<0ILyDH_>V zGE6+1Y6zB`Yfp)D5qDx#G?%-)W7`5>`qzgOW8}$)N!~GQp6@2A4%ttr`W%#fNX^@i zV;hh0nr)k?cPSOBU;C`;=Z1r)T_TE)7sTJ<(F#iZhTVCXmO~*Z;IfKjuFWO!gC?SL z1K#yBpBs6|v#);iW$;>E)G713tRkA2bZft&*6*FBbeB4IYB0Y;%#qyp$_*@`Il6PwJlyabFyI<4@zM+U5V6fXv&8lwZ?6`AH$#0_a%5Mcpj~Dci z_e-2Pm2#9?^jFCD8v{|jk3^REgzImO&Xuisb$ZtDPJAe^H_xrXq|hs-6^|F$*NYBR z*cOvmAF{e%U+|A$Q1Ewqs2O2iSuG6aO1)XD2y{iT^sKHxH^0}Aa^@1NM^5f%ntAD| zAypVftoDz7ZD8$WsGKHB7WwOoDf zF{7o!fE|hJzK6T2mG?Pb(jkVQJ7jV2Ob0#g-dONx4RJ+cccyk!@BdkyoICBSk9J=7!Qteaeh zG>lK_>2#=n>`*T$V(d9lnbmHtb$*A2X!r6D(F}g?3I9xzrL@6pgvG~tvSiV0OD3G^ zSjH??bI19G_deRCCzs#P(LH2ib-QS=L!&RRrjb2(q=tacZPB;J4)iZxW9X1$GNQN6 z$X20KO)vZPO^ z7+5$EJx|Q=&P~hSdrR;-;q9BJ7;f=T@spszqIF48q=3CP;DM|hID6~LL-LZoFatkA z(pQq>lKjGQ`05JjsO#8Z(ZG1I|EZMh-N|y48ZqD_=Me~_(z37Xh*Qzu!JzSg*qmNm zWwxZ(^3%IeFz!CW;Ik*2ETvufZ_x^bN?U@iHbkLEfgQ4Q8&Fnw1_!Tbd9tSWt1=%K z_tmVsh!W-b!-!_2=VZn zC}(~9P@+(S#D3}3FTsAjKPT@^%<2pklt^TezErdFq;!1}Ay1y@t**9|ntFkFTfJ;+ z^9qKyhZ1e7J8{_sQIr}Ghg|pAshL~`yTj!uKKE|QkLG=c3HU{>7kz|6xbuy)-Co{W zo{)3;MBvHj{7FwOHvgkXH$OS8Fv2}dl8T}ukoYAhP5_1_oyAlX(n5dkg z6Cs4($9G((@51D#(gsq#$w|W_xVZsh>fT79 zCW7CmwrtDlaB4|MtX0`phsn7sWh-<1+>4B*S%iroh&+PC76%8risuZ#oxAP6&=>BH zDT?P{Zpez1w6C3+r3328NsTgBI|b~FA|RwJHHVa+~>K! z=^PeRB0P82Yw4I6d9p{JQ!b4^PM$E^YG2L56(_oo6YS4!9I8h#Tvn3U&P z8J?3g2xbkp4_kV!Et&J*%*ARZn~v6)EGTspTPxA5HE~Mo9k6_$SvVFAqSa%hzQFo& zGQbU=0Kx#9ZdJ1_KV|34GPZ-3$AWK$Y z^*&22KKk~%&)Q0_12`s;?_*Y{-<+Mezn?KFguu2slV0327#|!YIoFx(%GNYw`BL4p z+^|S6WVkiM#BjEMXZOO&bh}4Ji66IbjFGdR`ne~h;{+EDuQ?B*b+L%_iH2Jz;ZOX; zzP$3GL|MTR3rOKx3Wb6xgL zPZSsxNapNXw#7Z4Dx#dZxwXD#ugsJw99BP^^8EdkB4>I5YaPG4Vth5TPz$Lh0~llXgrYK0KSo2BsP2c&hct^d$Rz6de_@aFTS8ZpZIJ3~;Q%V&(X>?J1w7~3U!B5{xQttyML)t?(3$D`r z&MEVD>9F|{Z`m+Es32YRsqGg@OWVP#XMfCzMO}**=6=1x*^~U_W2wW0;pF9&I;BsZ zsx4KA><+thxmns9_U)AVjXfGda1k?txJ@ost2>+o`NCIyE0E&m?&ileUs|9pUXHw7 z*%!VZJqZ<$Y1bYhf9f)$oMi&ns^hAFx4)-lg0~bKJqSk=4;dmQ=fVJWJW$QAb9~1$+NI4rTuyt$bIO3|N8>dp%aChuHiR(j z=QZ11>}q+@S9C$;WqrC8dGhR3yEu7t-5GyR>2H1EM%vG>y?ut&JT{iTywK1K)|rQ_ zoW=S3k^cHfCJ{p)FFMSx%(HARR=2&T zJ6OY4M=hf!7Th?=a62^Sx;*TrO)OqK|2>@YL}9W|AjIvL;f@f!nNVzPN=B(Zg-oPP zsoU}j$tT#zr7Jfn#C^8SvKP;j5zrTIQhGLmpFE<&wnTUb4XfcauGzhql&N5Ex5SeY zBl!Ds4F52p%tx;T_sVG&*ZY~6eVABZJo?qy(^7lF2y#W0bP>#FOU%Y{{hfI-ax~}^ z`$)@f1JMSfxqE}A=J)d{!?nM-hl+d+}#HvXxRJ>bOJj@(m@MIY3A;XVIWpBMJiJ z_173~POlD|dJqazw-TLgL8uHx-^BLOUczdhd`^>z4D9 zCrkA6OVc93tiO_Ps`J^w*n90kOf`qHz8*<=KG~MYLzKle({|XEd3DSYZ1Qih<5)Vu zDX4td8S~wH=`18J#Epph6dKGu<};r&!0GBCpWEv&`6<)Du9$amW~{^c{*}V9N!b-o z)p~R3CB0v3^*qu64dvFslCvkIel&oA*F=2RKxU;r@w-Z`;3OL#-V?5nu`5BWOG?=0 z76iF++Wf4ZpN_~eG~U@x9_O>RYUd`ugRhWH%suAv4iV;xYfkFMb{Aj#vERfa&6Q10 z!AnaF+iAf3$XrpVQT9-1t?TV4t&>lH0a4IzZwOv`QImccJ~>CF=? z`x^wWagVLc+E~=T)LSmO5d6|3h`+zVPP{1NtEe-Q)Y>EGg?gd-P-AFrAF-Q7gAYH7 zVcrn@_22&2Upf#7_fwNT(S$4O_-c~xq&AHGFo;h{=jJ|?{%#nr+gIn3e&wD{$f8cn_XabO?pWb?c#gYt z-gwjV>Aia?g~rS~u_}2q2fY_^(q^g8)c@Fc`>;%`7I|`Zy@U|rUVoygX#mr7pz!?; zr%cwF(~shVrHWj4wrZ1nd~W7J4nq97_e_dOCAXc2!Atup=E^VE+;AP~(ft-DDX7j< zC5)17n#cdFq@*2GWbte~SGlA&8Fg`tIMpPhOdQgj>QY-6$L}03lVj)-wC` z=}G1qQ|a4s0gt}Ck!kEfs6V7ZA;z|E_7v(gU508w#BIGxeke8};fv=5`YQK2r9%1f z44lXaPwXYMKB%S)ujUn=f#L(UiViAH_4>?QC>h33g_$W5tU@ajNl2xFh0pH@vcf~K z!mc}`bm;jy4#9od_T{4}7C?A`ERq#{QW%h-Z#9e*wgWjJcm6V0Py;3D->cqg58+}l zLwZ?cwIZdhN#XsW?`~kcyItMiF`^0(GQmAH zsPwR7uGm9;Zt1T=;!P}sV#$}^RJ~i6GW!&A#C-165kz86M&RQvIyHM#B=FhzFgguxG7 zxJeMe4)|#m!QSPk$>2wWPXCD}qOR)!A8YtZ9-~#-u#4>E$!=5q4A`asW+BtbP_8Fz zO8BSxf~qcv>~~XUiCIBbUBGN{y5~^~Wb5P*q(Iq;$?a!{=c?Irm&W zfbOR}-3gWs5vW|n$#AD68plY8_SZ!nS_#*y+W9OnE2QcI$fgR#B+1KHZHgn#GMKee zTKoE3;l5d{In8^@E#vT?}nV2;2xOy2wK8Lp^(p-*R(XCXC$KpKF6 zl!NNs?+<&r#A=(h4blu^2Ch=z={}W>EC`zuLgS8Fy)X~sT8%XETAaR-5=2lV{Iz4T zLco}ThPAqqmqZ;FEr#q!bVqqP;anFU6S;~WC>shT(o@0@ zF4?57I$QzV543aLB8;gV1IzExNF7-4emP#?OU-hSqipliBB!#s3%a(l!`S{|9I^onD^ zA(8aFD89IS;TByEq-0_17WR-fNj{eTG)^XY*-ra>E=}Bh^=7K#a8&prKwq^Ox?~?m z?ZCy@_-#s5T0+JwPMPHukN5XN!hNvk&2s+IC6TVv;Iy~!HcZlz<^FNq=cLKf9lZ9+ z$it0?VPc(t*tF~x3)FH93c@Klfz=FGA1T;FF%Hi7^D{R3Ow-FgM$`vRvFEj0rSN(A z*6(tBQ2qg@#vNZIqZfn9S_|m7+$yoiV;h{fl1xSQI&63GL+ukG3bT@{^Sun+T6$AY zI25XeQ!~mx}V71jh?`meuK+GsAU3G8!LnT41su;3(@GOQItpn_cKru)geb@#q3fy zBP4_u5xSu2D*UajHt0a!9?E~pdwJe<@YO>?*{guCc=`b>BS}Z~qkP{7TpK0j~*dhW+0J77f zj5gTv)qkj3pz`gXASlPw9o8{x8}>L2G4wMmS5~(yQ4_!x_(#fSTlRp89!$!iO~?mw zz!_j!+~r?U|7d;1c3_@wQf|FZ6O1%|oATwY-+^PgWh*GCG=TdZ#UCVCGG$T^P4ep_qZ9nx^ekc7Ke)6Bl{{0$aAZ=9c5MrSaNtV3(?ddH? z_|D(3Ovp8Ta1EiZ6Lplw$h)(uaB;)d4tu-99^`x|fzen^y_W&?be__cGlKz2g z*UM0+;n}+3|0KPCtK}dPjyRcp7USzY+}J(hNWf%Wlr@*O$3u8`aD zUn>D*Z@!lu=()@<@`vm8F{|354R(n$B%JTfg6KvBvw<$*JCO|KJ2NI>0A0q0n;s|M)(6KwKgL=W`)Tm4|8WbK@*fS${Qr zqWIC)xA{Zl)W*71LI%%YvDebT$KPbzD)5e=P=-4dH=#B_m%iZ@b>u>QPqXJzTNYpr zdrWx!HRP|?V6_IG0!)jJF{@9R>v1 z&A0D&bh9*PiGQfrqKuOe=k#${-WJMpaxhEWT+QmdB@7p%x4e8eoO*`4H#V_maK=V< zU&A#K*H-7qt^j04ou#?R;C=1Zrz0Wmk>~wepPpBqmfx+v?Ph+LbK1VEXmVzK-Txr5 zInjvwWcK0yE`b|g6A-_rHbOWBGYBB!z2N(V89BGeJ3{XVqX< zNmBr^27wc!(;U3%3nL^qo&*JEp?6_w%c+ay#_o-0bsv0%U(}uN2f)>?L@RE*&=v|0 zLR{3G#ADgHWz|g=*@K6Q2ckXj=>ht#7(FgwfSp&*HQ!8h+~SR3;=w{5bm|L;+_L8p zyTHw}cuZt&ZeyQ}(lCG$h-KX}8gwBhjO-FG@M*YDSab^&V*3w>*cwWJcNry|GCY6) zD4KOlO7K#h7q^^ItUTZWg(ruZ#kWYk)}Btcfhfdv!Y}C=?u6W2Kw4fqUODE~R>zB~ zDI088v`+PRR3q-=I|W?U6Mg#s@av6ClhP-!g^ zWs>!WhS4~nQ6KidMc*zPwQ^0GvGh`Pks|z)*5jRpP%TeZQp(l5^w~+<3=4o24hX-E zdX2@$(^X@nGG|&0Txzl8kA(QXGlX;UJ&v<~SB&g*QLLjPfKLR8CQ-&H%cJ{eN6%Q>=R~z|rm6 zyN^MmF1Nx$78pcLsRX6oR(;5ANNRwy@4LASLoj@W8trJRh3Y5ww|96=2{|9dWzXNX9%+7ebfTYpPwlior@7Pd2cQCo2@~kMk zR5yh3`VrXPJ-m6za1LUlz{7Xmw1r9k8x;Q5AP##FB*E%YG7lp>lo{$|+& z@rTf+=;9&Ip~W-kjb6G38Y%RzXI{d=rDJej^2q-iLjUGGHz5v?>_sC~KqHJ|qsfwY z?LS^2y*3d%2;D%4>wy@k{ND{PMTOj_2kE?)W^HB@1=d>+lJD$J=Id(~-FR{AF(89C zv-bGru?@sPpPSF>R7~$^cD>)@{hWNKlIzY8B}yl885MxKYA;=D^P1zmix+ATOF6U6 zd^&5%wz$&wknMr$m|HT;X=@pu14TM%Eu-D~4aSF>Q*`JGN}!I5peT7-pako;IF?@Z zj8ipex!fHP%Z~vF*fN@lz|@Ug+KwS@UI^yrouxl-_g5E%hH?BvC~IlLh@sE{7P>(T z*glba9*0rtcOgzuLDFl~>loz5CbB3-dDM&AH*4usig!;0efJ8MG=-9%U$}|4=y(~a zbp9jTDy_pneIT?ZNVn*k1>TLNBTo+YS?*J*iX9C+v8egE1>@v zBX4G1(BYlol$bed;T69{gGA$smUj2$LD*A zo5b^l;M@KfNje9N-j}83yUA!XSPKh(&?|H&hc8{Zu|p$RVp8$2^WdwA?zvKt(v>LE z`4}lL#vg?vfZli>AI$e5BHQQpy&lWJ1BzZF3D0@}HT}aNZ1sx*TcB*&bRyJd$9fMb zu0nk3BZGWdL4U-Ds{q#WYZ%QlNCgz1eRttN6_Viv_&zNH>^6fE zwCF4@q?qxRw6_ZNEjR99~>d6L3bkjFc zE_~kF_4AA~;uE9U4OIw;cy-|S$9SJIZ+imQ8+vO|gyG}EReb)&5MzFO&lQ`dk0_-B*SgW_B_l z8~ge2T&Qdm>49@n_k$HpCtkmXO=M8)bCAyKa?XToZKWKOiQ$>6J2ZqW>H|bxU*x)* zv{!i?JVa>NVCqS*^C_lMnOp>rDhspgr5LFas%wJFg$THvmCn9>=uLIIb%s$+4edIv zz3<^Z|2ex{EeR3ln-cToONYhVdz1T=aVz{A(C;z>aVDIU8 zIg^f?*_YbV{bd%u(D)n>>AWRt=<{)3Ctdw&&-b#o#GZ3 z54-((BH;S_hpDGSe?9NrlwHvFDGl8m{w_Yvx1(yhbeONtjyI=J#Tf$(Opf)E?rc?S z2!;tM5pL58M~?v`(pU8TZX_RiP7WgcH^1^0j%8Jtfh{v}rF)JLEwe)a{QJPQ72;YT zi%WZQf!*Y<&zZf{;uV}y6OZQs%cJf|s@Sjc2=T7@%6k0r@G*P$Q%n4~b3pX=wU@Vt zljWM5R+q-+h<-8t{6Pppr68aF&pv^>5G%}(VVf9q4C$mr*OtFKWR&zkUxe{!f%3|= z>$vxNLlIIo`s!aC5gdrw*^$xgUK=QsxAoTh9($PKHD+ytyE^dFLB-IkS*vonUScHm z=taOFw3@a8s!t{{^*mv~{K40z8{c|9?BT!ZA)?uS*zpH8a~MPm5TynIiScGr1bZWT zCEvTEVF*-+R8rW_yrbKpLDIf!rZsSkOzM56QxD>kJI{S(o=dDr(OAO`AFqh)@VOE74%oNqq?NKq+Vdx}rC@Ew80rPPCq z<+$n#4b4Ni!vMP^D(pB7?aQNcQy}^F^gmVk3fNhFMl;X;3X%2eoeMhK^N7+nY|erW zF&1>1yoa}G36=)+8@h9T7b%-bJDT*FN49WnE{as~>LCjwXb*!9o4!)nVL&?Zai=LU z*tMPWwe}d#R2a?qreZ%&r%(Z^OZ%Bq`n6SNMWn04zK-8pT{Etbswp14c~+gu=cwxu zcnpGt)EPnj4cDVwgF#mx+k~|Hb=c%_1>NP*stF~3a_(X&=is}k29sDf?TTw5j?h@A zt;yDB??v()5H|y>sUO=_wmOpmkV_^bNA=|?lQr%SA!b36d9JMuap@9S{7ccNZ)kk^ z;4Idu!Ja$U?NKd%$gZ=+8wvNGxa%0XnIl=2r22!98)@q`_K0%w!&v<& z$J&p(4dl)&g^Q0r>J1W4r}`-vz+qRM-o<&4Ru_qt6OWM!Q4P?K z02vzeBX*%0poS8W$o(B=b6x&sEqukxlXCR{m|Ij|@1&4V$GzSRmo5gR6Vbo4oh>>4_daIDK*;C-lDVM*@GtuBbcUWP z^V^8;zNLPTG|Hk;w%VN06ACa=exE*`i6K>=B3A_s(cbzw1E*h5s8x}iY5HzDJ(zbj zmnI>-us=fa+urFGz=2cx8jA&;N~x8128UFz^uZ;;)9vO1Q5^R^$r&*pN3N_4uGyEs zSGGLac!!_RPlhuh+-4eoy9TYE6O?LP`5 zu>j`?4cttTtL2q{-J7u9IU%WPx%Ojc=I7&)@62oUE`$OcR8F&$<3z@7vg9|>?s!)n zOF`)Z!|D10kq=X7kd-3?hZ8po~?UN=$O#- z+1@3hNveY-R#SWOm%V%OXqNJF!_S8bg}uh1vZ7ec8}&#di(GljD!10DE=cTVc23rm z9izuz^W5{%(5K7E9&B0lXU>?zk!1stdzR-*m&W}ObA*_r{Da}Qcdsu+G9sAhc0=pjdR(muyVh(B`@ZnFI~Xgj9*@(gh+F`d?^0ICYm^;> z)YwGmoX>R9D|uEu9Ob+?lsTGJ!*{AL_19;==zG*+CuZ9{NIjN)6dINGHsWLS&|CSz z0H3is2VE*0UFpTEi_lo79YGOxq7_>=kY$q;wQYWrc#m&Wpg?Z7hn1i#=h>s+W$IF=Sd;24|q zGH^>UDJ{c0nk$BzeHK2!B9wpYgy!dYMtRX6{w4u0Ni*Qt1FTj5M>U`}9!EKMW>T?c zl=esTMCk(2!4k{24m*FpnhB`F>H(>>g*>UX={M4qk2zm9Y9E=Itl@9H7RB?T41*V6 zb$65hx7ZBQ8(T(S5D>>xlX?>MIJ8-%B#>r0(gI#w3cwbnZiE*@*8Bl57> zvmSj7KCA;#F2(D30O_3UTAa)LOQVIguenQyU{2|&!s60@p`N^tt_dn|Zo#RrLTXBnln6n4(gDdJW*6+b2d$V}gFp7jzM z_#z4YXD1VGpgH9t*(*18YAh@hSAkmB(~t_!;~JQ-WY9{K1`c!B=E1Y*L?6s!3jkHxY>liUeFHQuTfwMo{ zI1Fw!U(ndnFHUJ@leH?5xOhvK>5`YSJ0kQJa5}6+m(Gdm>alzxYpaomjpuSNTX1}k zRFMVZlTd1OO|;es{adj9_gX5V$fy&P$m?hpO~9vi9ZC#0g|o!>;l+bsXC4oYv4a-E z-=It7GKJbmTD~zdb>gFKmeL@IArJnhww^gIuiWZFw4T2QxDmn)5r9^n0Hm*wFJJLZ z`u{C+Go#Hf} zzMzv`I)3aw+Vi1-pS}4-NDP|Rq{`XVq|9!9VLiI@K%%>mu^XsSvp~YXUVOxURAc#r z#xkNYKK({rihW4_@s6C}c{H0*0#5R<`LO^b(bWan&S7IaRTQ^)8gWRN zb(&wIcN;VIXwS7=D~{ z_c(~s$P9Pa72x|fWB#LX0n_{8Fd)MTsjg2^3QC|fk^_wguRPg{;t|yN!LGaO?dnBx zdUHs!u(jhGN@E=y8mlTTVNUdJCdk(mQEBG`8A%TCmMH#^pJ+&S5Q?GA+x)LRLYe6f z9zt`C(gCD|TBHL%mUKsNVqfLqZlQF%D0+7hGO|PNZ4sp6F;S2}8urBQMe&o3+knO$ zx_`=|mBc20V5YJ5hqFLvV+s5?J~Mk7rBMhL5n-=YhoA%zQeaRKSu)?=m%u(2iaNH@RI`5bPKYEl%2BI_uz}*&xS`KLC z#PJDS;D5yl()w62sOmQ_kTGupJ+~v7ledb#ifCq;37A=udfy&NSp0ufq_MNuCP1{d_;$69q2{Lc(;6edc4a6i@`%1sttpNxl6)23KOwD zm>MLN?mTn}E&9E^2J?iV43$BZ0BAqDXKyY-U#AAH>8V>00`8sR3u#t|a&s{Aw>L}* zIn)PFpIDqDnJkZy+OpsDE)IKb4@6In8Yd!^dQ=}b^a#~yKg`hgQm8%AGid1X&Mf}= zEMPa@IapRJDE0hi=!4TLh;SYa@gWJ_k6@#NKEV^K0y3rIcmP~#Uv%>cwLz5(yIML( zs3F%Fsw*gV!#3d9F7_9n&r;$pn>6`s*{ta;U1mse@Z66FOvZyPSJMGU*R?1?!=V<4 zSv6|NfYD3z4C*x}voB5%myrUxfs>}M#+Dt60(B#{e{!=diOr`9l}Szo_#}Q>3c(4g z^vx;1(#&(BOVYs#m{rkx6o{uUZ}S11++dJ`+YT(ALTUSDU-k9IBNkls)XYe0#=PBl z-*V}268?D?x}(=c;Q-a}7VbiggcXOHd${HfRc0AnsnS(Vt{i;bw`rMJYYJA+-|s)o z^*UAyI}SFwwib6cvjk7>CDYmy`r-BLE6p937qsv%HJG)8v#C+W@FJ0Ca^D#}R6*HL zwzCn#-)s7+Cz5d7@tTUwErxcv46e|SjSO?i9do2BNz1G{h-7;lH!6&YvB~sGeLmSo z@m{pY0`T(R(e@W?3z)3j{-Q`>RD)R{77Of6C)3FAva2{Khaz_my?o!Q_I! zDz!MwlG#H0PR-n56X^{}hIvg0a6Bsa%w?3=@LeYlV|FDJ1?X2BvEKquvMT4sx1!jA zwUOH}nIsdiu1-Tjjw-P{6pZQjHJFa}wqGO4HRx$2c;!5UQJCjxWI)^nrj{I(n?UIalPk5)1rV^p zq+L>M9|R1Ckg7SQ%XJjaiAX!PAC9{)F(QI)gE5G*WY~Q%T0(RjLYm#A;dgG@F9KL4 z#eDZNe|0nC-SP(Z#tJw$$BhjyquLzNte#k;s}|BA0LV1YIV^0YxtC4qT|ig_>Ovw< z_(z~4B_O9Imw$g$A6sh360`z10;9avm5i-et~#W~KRzQYzQK6JFmTg<>RpP42{FgK z-)NQ!Spitl<)X=h@d#8*;f0NzKxx0RN%j^>uk50%3OvMwWZnRY6W08(97}EnrHV}G z5e#oOMkll(ub|3-)=4~0yTcIOBw%oo?vC9_5MC z20X}tGdFcBy^8+^t4ae4XNAL^QQfiztE0ET|6^Q1z$n5)s+^mW2LHKE3CE5nHA@tA zb6`Dc2pGEVgwv*;0sXkOO0;o5b{L$V=0n3<-jDtFSx3l*Yk|9iFL&6A{^UjK&~1q# z_FJe71B_1YpH|~2+yL3gW_UwdDS0hAe+-c+Kd`(E_BT+yu`Xx-G2`%`@LvB9tw;u} z`>QX0UA+JQj#ex;rC^0@JW>lW@VAWd%9|%b;mo;X4oRmRvdN)S*dn4-w7U19KHGv? zazyErAEl@YW@B4-7VI+Rp)n!=V)3((PBRbNdeGP#0jo;L``fLi|AM)TISrcz?$~#b z-oUo-*#Gf;rW9F9!KscH zBg}3&VRtZy&s-mvvxTnMN=im8xDa0{;ybiO&8g*qn!3ro?x1aWz1PjLLHGoi+c+6? z%4G|qxFPJ&ic3WCHptbyJij5=QVj{j_F2AUM3L<{bn{1-I&U$@Mbzm+j<*uXDDL_V z6iWkiVU+jeWIWYiY5r>P{?}F&`46zWbd2_e73izw-*%?$+Wuzsv|@(Ztxx|4bf5K} zPWO>C%5sSCTiavfY-K#FrNkz}0$^9D0nD9m^uO3Pj_-hc_U+S01m+ zE{*i^t=brApU30;T}{x+v<@|$|NT>Irq^Q2rc#|oLOwn1uM%6Ho2114F$o#Qf|p_} zb%QFROmc+ZaKIMY<&nOMVFI(r7TSgPe==J{#)9B^;u%@hw3Px`CEF*wgblb@&_EB~ z(U=6XDQ_g&i+Uo6Nw6S;k(hctF7i%i9(lfL^5~w5u8&wip#$qoi_nJ{v8l%T_LlSK zc>I)YXMyYTM76lJc5{P5&|zli#CF&6D%eB|A@>HJ1jF>JS;%?Iy77z!Q}yCz!%fLr zbJ+#d$Tq`dBdu^LSrpN;zOp1su$qz?L7C_Z4(eWk0lxbr+-2<;uz*>pTA3pfdB1ht z%&tR#oL!SAX^yDv!FukDKp$L^s-3bBab zFiHJfD>8;zeWoz*fwb|sYgEmvJWGrhn>BQi=Dqc^@b5h~vHfI;+pLf|jjJisE1t1d z$r0HjZ>z{$I_(u|qa};0N}M~504HDyzQ_3bbFBd2beZeXFbo>WS>yI9Yab}sH0=M; z4wUo)vvdlH=qh(EetWGN?B+1A`<2z})cA2)SCE{dUICj1-A#m^J~q0)`8s!(XU8%~m_;#$MOWE_4IY4X#5AipLR zmRGbI`y<8s?qkAGu|`tR?Lp%XH%;maozUFJbtT~IWxkXPsN@&P$0EV1V%V)2i`am+BM^umSd!7m)hB)-MFrw+n zRXa?kX@ov1LJJurxi@~2Cj+WXiYJ;=BMI;R%U7mj@LmVB{-9NAZZ$^Urmqa#(I2rv z0sa6s1@=9_ZvtO0aW}GHH5IOgs^Kq)gx;WIZ#)It=&Q#~zKJ_V<`>(BSCyk|nBi<} z#y0hQIPpqzWo#$MVn%twg=fep&@cIRCVx^y05q>TN7>pG<%BK7x=x33ccO>jph+wb zOfmS7T?HgW2FE&Bwc|FA<1|*sWd&>CL|xs z%2LhZVwjrqRY}+@^z^yV?Wsp($)5+d46rQYnP)|bKBYk=dKsKcKx~c z=)GDQbKj#>RDN;VseT;PPN}lF3GDq@+ra&^_%Nu<;J6^UCFCTsZckSb%X1_sdhEc%wG8bl0AZ+J9Fuf5B$?b3G?FGj}cX1UK; ziH;ZaUIVA{v$~qXUn2YDh)JdB6ldT3&1|JM;51%u1EhQMBnQ(t?B~e-T+4BtzqbW6sz_ z0Pc+w1_c`reR~t!2}S7{+sjF>YTv|oTUEt%Ox}nTlkW;5sroEF^Mv7Fw}1aQH`Jb+ zVhASKBC!dtm6BkPZ);Kcq<#(zkA>mXKtp)oArYm9Xvw`C_rk8&efL2+r{^-U2e4CClLftTIN}=0>B&qk#H52??y=bpl zy$dQTVMv#!#Yq4jgONeY=b|)aoez=8HBoP zbn726+pxbW{ug`i9gcMy{*Py7mXbuJTgjdwA>7fhSN4`YlT{?qP$AiS#cj`oxXqH3 zNN#&;$w(?Iqxzn2&vULi%Jzh~REhU0htyG1erQCMM1|IO*>$^ku2UCHhaaC)wTLr}rMLaNdA9=f_QCT>qD+yUp(BW_U3}?Rnp1I7aPw=sq z*_ku94If2EL|9H_3{6s`vS(TK>Z(4F`(2fgW(KUrBX}=P#V*$AxenPi=V~aUKZvhf zD)Q<|v~RCwxC=SYJc9!6`BTWGBU7Esj0txiO=cs`J4pvkKNAp}pEZnEPvg;*4#z{; zyKVX~y?o)!)9r_%p;10zTW+z+O=eRHF|TPIhoQ=%>N7W!#hrRzLURU(tn8?t+8RL@ zd&uuwptYS{5>{E?q7KaW1l!E|QBzZ#%T!iiKS+;@-afA{{hhajSvei{v&v5`et004 z7(NYBBp#?gD~j{H9b5c^&~v)?KbgGvn(#H?P> z%_|BUFHN=bq!a`x`%bOp@U{8_cX2D=KrQqRJDd=+d`8Y_F_pzWe$jt^|Knh#7Dozg zsX0VgfP&~jyqj8y#RT&{#VMLfeC7MDOMspkZSx`Eln5DTXghu%v>T^7pca4)zD!0G zRxHK@rqPYUhmH8lw}=2RSRBu|3&_=jv@6K+U>^>WOX-_jx}6MrgHY{ZcP}JFdSd8d zV07^gLX57juD*WKwzCR{Q$oC^XfPwsz6xDm2}uSMGQnnAkvTLwrK_W3t;gi>^TKTj zNWn{VtS^>a7hiS?&*V#8=m?A}HX_W;v}O$kM)x{G>e03*!j;zEl+|@=$rtZCWf153 zDracdG!4(l`(hmKd7&GDFCN?KSW{M}?fs>neeC+5I;0Jcldh}B8jn{}$bcZr^%V0a}p0j zQm1gASwDUJ7(ctPP@9F<>#;XxJ!}eiE!zT#I?vlZo$@<>)mKC+k#UUZU4)GPge1MM zC#{s}ZQRh%6cenScfe|B*cpX{MwNzaJNBsr-3l@u`aDk?Ez>wxmRw6sQ+S=1W;{7Nnn1Kk<&7ho4`JJ(W`1*FOsHWUtp}lfs@= z@Y1s<($)0mMAAiNZSBZvnfMjMz-ZSd<|}Oa7S~yKhp~vBU2ql>B)^~wgVy7FUHg|x zgWUxYCocJMHrL-u4%;|S>P@a4%y3V$^_8&lXHDtwvfu)eSCL0mKF)W@#R2SbjQk7& zEl#N@IjA^0@VKQg01xS+wgKe|A$l**8X5XHvGuneQ49G(;e@q2I}f?)x%Q0OYCI{~ zFXfp_eZ_IRwv_A0M8_bju-i%e>WsZ{m&4mkJFThw!!m11WIUz`i{KBmLRnBvbg?L$ z(4!0XK6M~NQ~!q7+~`P~slN2o-dooJ-`;lIC+WCL{s84$*0kb%Dr#ymOniFrOxjYZ z#ilihv)jG)W9iElXl(r#DYRK-^B)$wcg>eoG2GQf6igBSygaI47(v0jNlZm2rGpj} z49~5UhtXY@(P0hVn5@9(>8Eb0rdyltlvxO;&M9QbUZRD$0RivxUHZb~YZl=(<;Z1v zEsI@!ZE0441}7HUDH^k&$}=-qf31f4n*Z9+SfX12Jn0m0-OJeM@ld#)$tlS5tk4=? zx~!Lkr*Q;QCeC&0VQ)>cag(s9mJL27MM-}_N@H8w0xfZEiI{~!N6`>p;`lr>ZsZ z1f`qFkTxh&|9~gWQ;Ooem+G?coKfQ?Kxb^8-k>;!sInIZd@=Hd>{)y%o>^~!8PQHY zmq5^d+?+-!2lh2`VZrlphKfGhRBW)6>+Ja_3@4{>QL5W;mQk)gIhGwq9-MSH___DQ zQ@)Z~Lb7C*$J^rzg*-CmJbZkw;eZ%{h4MMX_EcB6jtnM?XYo~eii5`L5?J+IJ0-)X zLYAE(eK~QPaz_ZEQAJ-O@6o6<^lbtur*vEF9pCzxVkBG(;y14RQi@f6vevb>=qGe- z+0*O%wfO=N*;#6@R4B5D2XZizKH|k!k?w4_PXOMl7kMi`kkC_6XkTvo5=^wq$`7GRn|W?#mhl&>v{Vv;!X4&36Gs=wIqOONf!I7#Qq zln0(EHB}+Y&ivpk;jJQB=8YSqoj}*WsKZD;#bV&QBf7YXkgi5n1`RO@7>$mB)%J`2 zR`vei@x25jnazzyP@+`?6Fp`8WTwl77HBvntAQEA@oQfZiTEwT?oVDT2p_vhbIhN(4=}4Rp3V}IBY(SjB;+TLFyvvCNmzF)SBr%HP~FAC4a?7P z1NIY@{mC1|QDfZVw*~GIA}5MQ0QN0u1Rd@MeHK;b4M7OcU^XhL0j+RWNdc9oi{SJ7 z8T)dE5uYMvf*}OzTzk03Qm4u31tSs{9E9)j<|a@QA3S~$_U-k)w1FeU`K90Ob~s$h zi2KaGo^*G`J%nKeBsK<>akyJ+gXS8gm>015L9+EGjp*jUfNjg(;8r4e3ur` z80L8}OjDswqz@W8?VvhwP*GC&D1KvpspR1XDh^lF+haJ9jZ7mI@gtCFB-cK5{?ZZn zg#k*~+9JB@oHvQ{b@~k4&-=v_HRD&#!$6a~th!-D*ebaE9nFuE=)>UAbHrQW@BjPg z|DBNkm5~4cwhUknBAz`1v`=AlTbrtqhDKa;^d2Qe#qg@C6Z7v-hl~L`ZU8&C_7G87 zZ6iHJ%b-Z1)_fn?)vBOHn{^};=!n~zfeBo?+|n){;tx=n&mqm5UT@YuzWm}yI6>p8 z!h6vgAI1k-h$>^-3&|U|@B5_C%b_!nCvMLTOH@gjF}MLC?aw8py!A_imK>Mv-Ou`7 z?NQhGd>=%if$`ul23JQOV<*~-#!K*kmRC~@XtY%va2`&Dvx{qe`mEy4siT$qkMR6D zv?R!OV+>M*FtF_;PgwK-y z&%DhJRehdt=Pcs`$vU^?b>Wn`gF>Jb<ptr0)FX*On}Gx|;xsTMVsT`7_%{y- zJ(|7;^Lg`FJU@7RE|uaf-~D3`T*MFw22#=a7J_x>~mV>owl+dLw58IdhMQu(@22UxuxFeX~(Wp^71zznozoM;exd^&I@kB(12`eVRKZ7 z!ioX97~F-zbk*&|^}37O7~>1GYS(<7!Yi$QukRORLJQepveo6d z$FK%=|GxdJ$3bR>Q(E}^_7h4Y}Y0dw9U)}HDni~ zfk#eW>hd&)aiwbvbZu$4RUSqbZW- z+5E;y?mc)QVdW2}k7NOv<1zP-ihXT?frzSk3VV@)uld@hnmY%Y<^2dMi6Fa;uv`}J zmbF(0Y;64;n#>|V22MQ?kCd1;)C$=v5NY!|PQ}~1@}sp~5|g%FDC7ke(je(|b~H&`#oueDs4zU(+R`32|6xvuZA6S%(QV^*1cscXEviKvGRBW2 zhm2=to%=~qSQ$s!)!#nV(8z;JPshgc8y?m-_tK^R0c=tqZ|;;UT=AGQt3xu9^bJ%S z;&=KKY$}>b&wE6%eh%KTPAF6K6slt*_P9xfm%VwQJhdFoQ7I=BdEQBL2rr*sRb}w| z`!ibizBzv`;HioQOM#@DIgTEEwR5KT6%d@-{4BL3WS-kOP-=P8@5fZmv58?1o5pRI z3x7Diy;aRZLhdI7V_DPRwhbMNGiaw$Y6s%_GJJaw&=nY+dWb15o_#7)&W-5@uFovW zw8mS>%d5iL#^x2IyR&Rw$4+>>YG!`DATbubzV27O7;EhKLgw14Cl9Y+?Ed10QC$y9 zVMHAQZL;=L?n^s~yFQ@t5p0qxa;O3$zp>Zt7&2P-p=oZ~nUu?8;&x{izYLsD^`Btz z8UMX@6iG{7eUDR$jF0EmH@kG^{%lK{-(f!e;%MoX2RjFo_9L6(3G9dJtlgn#qVHQV zsLIPuEich6(?XF}pu)JYe~*3wn~-)2{ulHW6`6 z_M9R#CyOkW++)l-xBT^(ZQH(GIgUR0&-zE%p>CugFVr=7Ny5SErBi zM~-+#1vKt+RTLdJ$s2BwSXO5@ZvGC9r1^-AT>^ z^31X4395;y4nVRiI1ZgDEXE#WAU&^Y7pSef0MpEi=jDn*!r%WNeRN-6aZeU@pk`ncFGq#2-lJ zXzaOlO-%)2Vq!A>pYgHkw-s`gnSy5Yre+aIn=CE9pFp{&mf#2oL^gO(#pq+D=hC`KQw>o`*(ZxfPmK& z{RZuyDBK6WEsU)_%Q)=Nog1MO9hVfNwW_3~6ai(hM|z6Y&i!<#A;dP`2C)_7r%^zC z*SQ5(NAvtBhhpZ> zD?9=M;sqH50zq|ORzap1?)`eM+wCoxe8ge9?%1x1PS6l}q03rf(b~dEo?nysJoNd6 zZMR2Iy@bbD_$0sBt5TJ~GZZ(6E{0l>= zJP&>9f)&O2)vHbgvZOrHI0tkee!ByoFE`!BzxnwTqzXLr*@YSw`7;VbJdNQFE6Ms53XS|It*Xl-qEc3u270V`zW z^mFcH=CK(>Rmla!!(4J|qazL(k#SW-#uXUe3asfB88JPJdMbyQG$>ZNeB0^9MJmXE z@pC`5Yac0bGz@^u&=%2A&ECv7!IwRx{x~tw3NDoV)vDB-va&L3XrtWakaU*#s=u^Z z3G6AKEbUOnzm?mDT{_IEsiVUIDE*k(*%_LsC=FS|L@|d8SBJzlyh-A?sjeu27pc;7 zp>Sgw{{9bxNFd}{TYr3d?c&k^m{CH$E}!ubPGrk|1IH=^zS*ph)e7}8;KhM=sqDEI zp-WM@$}WAXHP@`pch}i7IAt+3hl98XW{4wwp=TeG%|gHAv?}(=oN=A6*GoI)sRXT& zn#*=c^>=meZaR$c`v2smw9W%%XO6oJa%5#?omz}ZO%((>^SDZvAxbYfiOqFKUgp0W z-hI9zfp6=(#SGHH^#T3W9-LQJb}TPH|CkF0C#SNJQQ~B9E_k`G-n?;j8#;-8?8ayR zg#1*iP>gNrmQi3VLK=aiKusE;k(F68tf&pzSe12f|3BT~6+O3gCQrzxm)07#9VKD` zO5ZxSTn3q=oGLV_CJbLEC~=8TR{yLz;gB4`&ceb%?;Do%4+#h~V1StQHt(_RTOUiM zYytK3vJ1^LE0;#_=^a7&BW``JBW-cL{(r7%UhAz#GW>*U6=t9~Vt%Kicw6quF=2X{{i~Uv^TLlo-Y8C{0)(rdHWWn4P$wp2s*1!H+p63 z39xujN`u?XU& zQS22m<2M&Du((>|GE@=O-K{f#w+V@ki5VFDoh$k#{Od@~&>-h#IJ_~bt{{5u3QYUZ zTmdrg{et01Nqpv?Ck97dXL^gWE}aefGWW93-5}LPnlf@n{kWUKLc~PJRk(_HqoIA`iBNxqK3O$ z+gc-G#aqEH*u0)-_u6qnP*9y!!qr(8UzApilLGmzi#h_Wo_F`7E03s}OqeA$fdftd z&~H|>2l&FJ9$mdG`5{!)`c0fUq9q^L+fPE&0yc7`Bb24gYeuhnV$kX6kt0pR`rz9D zKIghxqbEQv;@>*F(>H&WaVDf~d8pjs$Po=`HPGvhg90ED!?$T|dh&H!4u}Qrxrl;~ zklA>ikF333tj`uzHtrF)s;79rZt}20Z()L}|EzdkZf z`C`Ixulz3~HTn=u@O?IS3v5dfJqJRdXO+W;BPHYcb+%?{_UO^0XK0pZk;pLNss@Xc z4iH;f>6tPyGas@YtGjv`@d>FL!@PGXt}J=kyx%h1=e4jPZE^9`r~^TT8P^E3Amtfx zpKC2Bj)b~a!s6&v_m!$klr#7H%;Vr>klw}~CdH{GzoG|nqr>OJ(}XA}C=mTCx%TC; z4Y&qByj+WcBEKnFlIhDC3{&Br!|p7@f}r~>tNdR;R!|NcG+mqF`iTy@7?`z_wYvda2Z8G6AWxwh{(Ap9_T z^oegz{*lxYnOzV;DZf_RGEB_)DF^{}?!C{xW%2{Czet}_Y7Y`909@uWSRNr>px>9w z2v{9Lsl%_;#dDq}fE~F3uPZbcf+!;rtT9)z+YQMOhO*8t<>pZkVi{<@TNO zWr@edJN7c|O%%=YtcdoaXFGP9l5QU+ic>xM{rmS)1t694aj{cdCWfI2q*BDhBpWTv zfm%wVNZx_#UJVuP5CgYn$*-rUM_W&ibM1Aj>bAwMQ#WydsQW<(5lWov@d7zpxo`7z z%K|*F1UYl=iyPP?3FF2{SsH5YhINj*DXB=>9h@B%*w1R*i|rC)ib_haESJF<>UJK; zak0nP+}2xN1My3|N{#bd!ymh}WlAoXf%7_{(nh|;pZJy&FcPS9_UsEScKu=#p0w*r z2`m0U%541-^jEmU^4F2bxHzt>%U>7mcEx+CQX`=w08_y9B$^j#z`ibb9w4kI&~7>d zftir{`|gVBbQmC3l}3ysylg-Ax?2ffhS>8#b2HaB(NKLnF88u;&M@sPHTCY2w4YaM z?qIJ{oe+Fm>*L`OYXn|BE<0OlRPNyBzN<0@8$YsW>A7XvFbo+1rhz&}zIY_ORaOo* zB+0OhG{g6p+1O-7$Hj%Xe%9ABVtudpXHKN@3vE(31;O6Os5+Hp{F8p4 zaHE=nHUH+vYay;8sg&vF1j1r`q^SS3WW4etM2NLJB6Y>nWTuziH@i4#=RqkB>C0cj zLEtGXynwPqG3QOn{slUTBjb7`^jXI*j+%(p0(Du9S8nL$dN-1Q(%2q8MY<^g2+*&; z-X*E_*V53b%g*}ynEKy^%?|C~qipK6*pp#Q0Z;=z(lcky`~XhugsJk2V`l0=DQ=L! zI=|_o*r&s0AbVPMaO-nxk9GVRjJ$AvlPqZ)3Ti3}z?3zNMWufepsWrqHO^Ryv+TRvXZK5G!PG;`!birb!i`3 zDHsQW5}vd@i4I%lef(S?Y|B=FMc9C-oJ*;9jp)m;d42cCm%$1ZuuIa8hX9+Ual)l{eC4c>g;24s~s5rg|WpRgqLP}cp zp~7}0*bkHGynK8%AA;z;mLd`pd6~lw^0g<5hfMCXKM-h7JL&k8f_CpqIJ3$ctZ8Iy z?A}@SPB~Oh2i$~t+Hs+aiTKMnS77F^Z(|yiZ9Oui05^^RIOxy2^Ed*bD+|^kjLvf= zRsgh~w}CnQGe-2>gV?tYMg*EC;mby0E6A1QFD^kKk3V-N#_g7uAy7_e{_=0WJ`r)5b_TJS{43GY3J%6#rRVeSNBe-eQIr8*b zy(Q*Ca_ir2N-8LKM7~F}V+{Y!1{qT#3+J(ZJNWe^+^3_TK@VJ_EfXRPh{9ZBzG z^okxl5`Zlwy|aTYIwRw-l8Qzg7y{dnIvkFJQF)3hx@fJ^b;R+FyVD510%>6Af9Q6I zD1`w5EeOco3>)--=sKJbuqX!FD@@4zIo+us#!{7p$WqbXA%}w`!+8&c-cXsOd zHM|tBtl*n<&4>*}i1DUCvZ1vZ^6yV`$jFS`(#Bs)tMD>cu&uv1CJO!z4)(ZR;UBY50S$;R4R z(b3Vdz4sdZNM%W3q3Xn&6sJKTT&hwKg%b&h`T%w|BwuSt7tr~+qS!cCtf8+6VBdJG zat9-O_z%rpEW9wI3^xJ*hH94XI+nwis?IJ`?ZPLx6h1QW&WcoGqsE07v& zT@$yaBt8rF8Wk?Xlw=h(_a`|ZA@uNqhz@*i<5{o~`$ZgRh&tz69?Yl)ZAUpeqnhw7 z@>(BQkgL~VT%#rIqNst)5P-OBmgX(0smIw7@0}^+AtGYOp&mJKR|x@w{iR_v5O|u= zmF)Y(-Es@5k_5AED2q|R<^S-fPar|Z^)J!iiKxh213D)7+)^zV=~>l8bnp8??fg^M zGf@}fGGO+=*3s;~LJ3!YgY;|kveQet|4K69feOtRa^Z6W?!!orUmzeA^^I>IKaUvG zy{QhU^Zk(O^x^Q;4~PD6!yd`Md;)gxSNs&GVU72!NKPVD9)#)^B0XmZdzd&Ng2_dE znLGE7LM{PGvVh7683yWVLb0i|eyA73@rVWyFe<-0d4-0C#=0f!AmXLgx{7hY9RLe2)!2}lLltje|h;p6D@~?#FOka z#f5`>P*z#pFYXvkxBqzID85Q2oY2tp;l=$Zq$Py_de--I6a6TXus3VphbHXDkHexp z(Y^H@wMBw^@9JQ(&il{REq{D?hb{l|65b{4H%4wSj#7KB;ZHrJ;pgr?oa}?PrX4=e zi~R{YS{^KEQsXkr0>5nsS*>RmxCL-jrqn|ks3cI`g-~NJ`VK1a%U@xYx4+Ap$AvK| z7MVAg0VCkNl*$@Eeq3k+T>Eo?J{bR1@`Izk*-@I;Qj-;0$SV8|dQB7&;a{aHCQKMdYy`xU(sGXccKGt9HPzi2OXD@;lMwtz{MCS>Xl zgYk)@6|8D>R?97T>Iq#>3|%FE-ZM8a&}&UkuRZRNje>(2bs(j|c~Htzc-b6|8@%JP zm^}~Oc>2~|*=mFmb2-s^xNeB9Xo)7zWvKFAufp78y}%v`IWHh!p0|NW?nlF)wT2(y zmZ(6Q?m;}heje_GTEWU`#DRdLFC+F}tknWW8LO`&P>-i(gWj~U*HEQzpDqQYcQu@! z*?vyw;8@!41ukgNzpDBze=cD3Dx7?sAerJl=pZic1C2A*pIT#H*Z`l6d*>NuB}d2n zN8JKzW>?-(B%HXEQE2e!S=AWuDIm^t>F7hZ&$;6MKwa7{Jyc{Yu>vRGo6XhiS&)+& zo&*9tp1$ZC8}Nz^Rgj8kU+1ZPCs55$i@<4wQnD^t6$V4LDIc3Krruw4_;) z<^e6dd^sDih1EHa)tdt6EGy%ry#gMX#iusMoUzR^CXcFU){1km& zRZ*{IuG-^sVz}x}aZ{P>r=5RyavggZW(L%yA|Kvj&)$@FIp44ZT|_S@J2Q9E;=I2O zJCGix?-7gd3J{84aiGFgj$K<$nNnza3unL{6j_%0v(mwNnt&|?u*#2jcMh>$EJ~6s zc^5GVeRRFI6j=}ZL$LH?vCsT9@Etgk7D5^^p;7JTkzaK|n!dkv$62&lLme==^{kVV zKB{<9jhW)*>9vQkdJMVCQ_{G(SLY60+w(&j$GGEi*mU;X4a&;^NO(lu4=f0i>vEb4 z`?SCa-2Fk=TrXN!QuF8pCDaL8qB<=VPSEoGbdrZ2Cw8|Q+D{za#ILLZOx(LmUV74y5F=}sd?~2;zQAx8# zr;1HUx%QlP9+*mBn*aX64D$HfN^cuJ6zDK?ckJ21oy>ET>SEVeGwQ*>a+Iz)fkvm%bt-IqdCj$UoYffE*vnU>n7 zagrNm9Ki&;wLc&o2CW`%SS)x=w6?z~m*h-85lOtF(3B0ZE0{)azCw!!&`> zNd-;)MAJ)h5vd+#s)z0-dL3@J0~iCN)w^jwD>?LMk|>WKzldZl#G`_^@z2iPWUqrG z7|avX74@sg%~;`ZrUOnCp_DuD`P@)(9?l+m;;;>8JZxy*V1PoM01G{-Wc z;&z(sawFN!`1I3cqIINXc@T0i-ZFvH2{`*737XbroeHNsf{&aw=!5e#+Kzj&VyBMZ z#Pg~gyaDMs@11NX?JHk*F=?~*#zaTQ<7fIH8_iJQAqEZilqzCcKvqT%IxUJec6 zwF=(t5!hCyKc~-mGJrw;l!fNj8kxZ$*K>&wn3-N#%%XD~SFED1;9$(kxzS(Bmr#z!hQanqmi%!(~8bx?!`rxaJ4Tn|Ek z5_HT&RF;7Gjwa~ZvDPD`jOwEFIDmXzkQW}2)gY6Zsm-?doCE!3nYqTyY_kLba<66s z)3`9>rW1VOWqLe@%Z}rHHJ2}n9tT%@b-MC;uMGuEvhwwkhUxr#ykJpIszA0evr!!7 zO;$D|W0s&FI|jthLD00$_t7~G`fGf<_7jyg15!YKWS~2N7VSpEpy6ngJ%^n<}KkKTk60?s~pm?Ug@LsI3OzH)_qXU0S*uJNqbr>N9VILl`c zPPQ#M_v)HsvY_#7n<&_?rWbh+V~WQ+1J0E+Vq0lM#1=YrB`bs$%PZ??*HbAK@rjdR z(qDz`$SWLsl=ljn*jFCy_FtgOv4EYrEyGTJ%8^~hT;Z(S9uu*Ykt%V5;+6@OOkdVPUOkOZkA!JK}c(R6~APhbDY z`l#NXaF8yFZUL4>KYr5@TT}d?ioVj+H2+9h$sW35C!9+NCIY zQT@T+UT*-l5IpW?qcaI85{=<52z=+%MrO_B57K7&=k$>+7H8BfUB7=C zW7Btl8khW=`Q^%Q=y8vc6lJubxShM{h)-ZTdkn}veeHk(Vf_^3!_LoL zi>Q4Eb5wCAshCn~u6F)8O|DpXr|{XPI8fI;$;?>=N#NN342LhX0@5Wugzt+wQjDW> zT>id{uT5S3qS#xv;Xa!92|sbYg`NYv-lnpD6r&uh=*4`w2bLJ zo7QuDf&Ym3TL!JqZy#Bm^N5Y=odB8_5t1-U#fr6FmnkvL?)nNjdW(dEW2HnafG3}n z>Cx4c?MssHo)>bxqX&D-|g z8jK6t1p*ngpB3){y>#U2tgGE$jXSV}#yo&?ELZ;l46=l5|0N=y{Rlt$N?s~7+GV~IKDmO(( z@-?2U%|NnPvk8*2Hzlp|5d^D0y@psJux+Td&-?iJM5d&edVJNMt@k5fOQ^z;!9D`@E_<|jz*P#oT+=rc9U zeW!W~Nvylwhbx?vpJGvWqXTJCsPv>efVvxInBDM{H}~Dm{-Oc+pT0)&Bn5sWVy8mj z$mC*MQc)*>e`#@! z!fa^7-VB!r3hq!qhHx0tN=&Cr64A^3AQkf|N?ueAy?h5a%F=r_kapivk@Sh<3lvpJ z@&pV+bcldUC*-|(95~t2U#Amu1(Je&dT&_XWE`|<98ua}a zO&mSE|9_|bf2aNbZE0_W*aufystL)8qmYmwbaf#Z6~ORv2nxROV|9m}Hupg4Um8IhBg$u>ClYyT8vyX|H@JZ?gWdd%p^FL9Hq# z3wu^LwGov5 zUvT{Yfc%6pu=`>D1)c=)bt>J;nfcC;7dpGJjb5OLiutI?(4_Q9M732%idYbJ6~>oT zom_jnx1Zn|^Qcch$A_-4sD;i$r!T(WXmb8(0yFnnXj>OLRA)q$kwkE!%BlhBUEA7D z7rzs2r}KYkhaf|-I!MyLRpT>p{;{f{f16LUB%tl&kJI<$4Om(Wyz?#e<}C? z{}6l6N=TN}#Ygs-=6oJIM|B~1Kmh3S?`)`RL3N7{EJrbB6DTcD$5>*WaJa13ffa zb9Ed2aR1{LwEPQ;A==dwS-$6Z5DtNdcrK77YI{D)B8%r-8`=cLu5KF@W$)oW8D^x^VfCXYaY;Yg)^uMGNV~;$+ z*FTz4lUkCjEk|pfWOv$t8fiz2va`fl?Nzx03-Q%RhX@whpGfn*(L12`eyf2EGd8wu z0veco#eYrE5W@g$jHUy1<4lYR5nEposKM?Qc4{H3?z46@LB zz!YT!sK=oT9f|~O2B#9xu6qWhjWOP@b05*kGx#3861!jjoLcI!Gn5N+LJ&b5^BNRm zx!!WnwotCnm`kN$ zJJTJ3_{07EJ+9VXm!Xf4FN-QDt|hEXeoOp4k%ZuiCI5Vuivv_;jg8|*)6&1(u77V; ztQcutq+!!XP2GDO9~a`vElcoc*JjRya9o5QrukpX2$CiEmXoXcV0tIfNVQmIFPJVOgI7BKLXOO@jW^@Y2JwoGkqQ6^HvyS9l&YWGq(vy z{a3%!_z`G+%e#4dOa+>FS>C}%D9XRtrf)y2o9{$i%&wZN0%!ySJXOF-@9^4|o{>;J|*{YSfXqfHKJ94q+PA@ir!1oHUW z(93`yoSH5umipq-4<%~VWHBXPUf#CpoRAk`;$wZ-ncLKiA8SRd+N!mo2Xaqf^n>4Q zBD&#;W0P_yhA_vjW#m>%HRKMaj9;vc#(%1=H*;tS5fI|7Vs*>wA*bVhyGT$I$5BGTZvsR=VA zDIW_-`9>{}|109CZX|yO>3JFe4xql;A!?w9m|D@gbdM!cc9l$@N5gkke4xT9PDfu~ z1sKziw7OBHvx97$iQl7-pFgYk0)i_$yEk-gQDRh>FRyr?#2a!=I8i8r<0xn1+>E3S z6xf6dvfjwf@awn7JVo>(6ds$eZqaGbL#I=9<0QJTe=0Vdgf30yh zDbR!BgNDy)g5Af!wYfOJW6#g_acacs0csdB>rSI#J7w23dy7r^B!2yf1KPi5O{0k` zw0jlr0OU~6w5C;K`;LXq{mqEgfm4;W&GPnqK;7SAP|=@82ZfKJi{eEJ{dKVv#zCAK84>Yrkw*jwS-v45%7c)OZd5vwKzy8U z;E>|>MmfH5CrqV(?lBK!D#M^<4m^FXI>CR&|Cj94F6U{$jgJHi!29uHXb-@1Jk|n(^j9`FH%CS%^AEHq zHm`OkAn2EIClaUI(AOPfZEFkRI-Y}zO9e7~&zqYQG!%+~KRIa#a1|rrEma6q;_tad zu&Qi=YznArlf1W-G!O7-!IauZv$7%?4k7kPedq1p8+RPo^RlBOj)1hr6h;HhWjDDt zV4eU5)(h;Z#8nYOz!cTKp(sG_?u~#TZ3OXZXvnjAy_I>-9!02wXA1AeZ|n{?c{o3l ztjuBFR!LoX_pfVb&j!J62bMGKcAC7Pu$xTU^h_U6?w)@G9u6?Qh1`>(!#+Sc3w~l^ z($+I_{QY31>gSbnE%J6$n73|$K`w>8-j~Yp=?gQ%iyl{g?V86eWENzL<(A3w{feO_k)VZM zu*Buwdn)=-2wUX6;z=^-r728Ty52LcG&c4TU|EkUr&Sacg#mxUjABqWr0)uXksVsJ zS|ExkR)@T>Q3;9-+%^NS%Uj}Z4z#Bs57K5;HB4(14rbEs zEM&O0{Ya_ztP!X<72zjA*EFCMi-WAW046#@7YfU`W;>U#?G@AzdyCwvbyZB$OpYqqmYKcavb`V*Xh8UtC}ktN+* z-UG{1UFV=g$n~M+LEPEyyeIEbq<&IRHtr<+ubN(b`vn-l;H;t&$j zprNJB0@R*o#a%OSxd3m=i9gKC#dWUi@#Fo&$9H1JZ37XGUw2^it?{{g?%)tY-S=eJ zJ%p>}O**>a3_uowds>eP5k(0R?7Me2x)E!js1l~QCKe1$R--33T2L;di7A@4i3%*EwgN*)Nn!^b^o95 zwrg|*K1DafBS5t=sq|P2Zmu3gm%yWwcbBp2R5Zl`T{fJ|bk1kblII^N(yPG%^2e{T zW-_5)9#{%y^x69lmgp}qmTyR^aE$kB!%8Z!4@V{??Pp|^1E_>G94jCq!ps>6U%9cM zR}f~D87AxXt*;-?g}XC{Jts=BN=o;vt*uWCJ6YH8@$o^UTlY(Ec_f1S`vHq!)O%E( z({KI)|JV2jg1PUFOXXW^`Lej!g$rcWwH{_j(=h5kAG% zbSN(QTPO_6PPrLNlmp~Bjl>2&=van;3v2_#jyJ_z26X_k&ksoT$6mgL;bk#VXuo4% zICweo*&j}AeeE~I2{}~oHBIsmRD0jr18TnI`95I!g!4bl*{&^URRiJ5QRpWFOmf(2 z8=Onac^x1$9DIBQ6REI&Umd(W%uc(PKX+vikYzY1>p-ytVevi3=7W1P$EdjS`Ik-h z-?KdKim3R$JDsQx3x5cB4RTia54QDv3sBLIl zvgCOLrIrA^)P+VBt;vfE02NaKcVgvNZ;`Q@9IN7|PoEO5&fo!c#RYBi^qc&7 z{otY7lyDVoeKR%`oSEh;f!Ac~EJ*X9bgB*v>{nFt;2*GG6v4`50h6S*si|q#C?LbE z-#xqS-lZn->a|dV38UgQAXWYWCyHl0Wx8-%=jN*`8%E}@4GG(5EA=!YG$?he4#XzP z`i2NuH&BoI7+|tK`~*~^y?h=Z4(~!ZkEZPJ!YOHa`*=9Ih|br>!r8%eC11*po1{9y zqWBB$3yv)ybje!-XK{6N0p?v3jO$B@SK4s zQFNT)yxiR3k&%%{LhIqwheUzJ8v|t}fZzTB14QkZJ+5CQYgwH zw4$G0#~teI1hN1dC=pN0z^{5_c$+apyOg6%cXq}>h1*p7{CT8{?wE7GFv1;Etwxsj z?3sK5FbnVc<>RL!H{ zI2N|9T=qa63kAI6^q^Bo3_#t~;iN})5CQ0F>@VwhQgW2YW)ip$GM>Q^^2d;p1iJ2S zKuO%nV&{7=3?UB#1NR9?HzNU8cHXmDch(8mRguPl&b5X2ba|7tI~UM?`F_Zg+2nA# z{6jd~5aIN@cTMILP@w@h-eU(aY<7KwT6vymcs`_vB+Y}dt$ig&qyF~q|GSTZ-4&h6 zD1QC-y43ccU^QRiy=ENWgs=9L_#cHT_K7c}Pz!8Lx>(PHP<;;rOzB6z)q__X9L=Yu zf^!k3^$AhSXXNvR{uiMY?c4~j+v0T3F*u??s^vM0cBfC=BmxxPn2=lmDmP1`>Uu-( ziecfP0TP4ZX-Vj!%(GH+1e)a^z_{KA2knm3IQH27V=N^7A1*6dlOIya3T=8N$+dkrvGHnMANB_f2`(Y8w>L1 zR#_yf|=P^EA1HMal^$)1n$d$BG_&Mehz5mkJ|eml3ZHyuR)*=`nH|D$)#$ z%2FFCDfOSv^D}>j&Ezo>ms34D)=p}$u}glIFl%63Rk*%3O~eA6T<)5i+tTrheF=gp zUpda6mfiZ^H zebI0b@%jSbVhZP{`&{eDvsDu=z>%wYeWLyiK7a>3?lz8X*ctU5l}bZkWr|t+XD1;R zlK^JxRX0wcftuf>>Mh9B#1qS-VyQ<}V*A17$7=3BiIRz8!Vw4K{T6~VL@wY!<#3wL z3wJ#8!Re|1du!ADMcQ-H0s@Ej;A&ws`GA>(H=Qy+^#aZFAa^^!ax3#mq}X7=-w`Zr zVY|vtCd1Y6I^xK=L4}<%(d$7D8|mPUU79`$k67gVK$OxAQKdp=DqdgifX5*T*W`n6 ztcIb;05v0L|L?WAG$s$r-9&YXeG3NkM*WRY6f1$;Pk?MxjGn91>+nVZ5FYs1ngJZ- z-N4(6}VVM9Kr@qKS2jq^}tdk~OqgSMgncwmR*M~1bJQ5vL@ z-jrx6-x@e!bt;Ru5MLt;7!3)CtXnZ>uW`eH0F=_uvHk^)Apibu(pwgXq%PrjC?6;2 zZ%lvDZh^{;Gx*u9OH8)@#GxTxQ8@5P=i%H52HTKR=+tZAZf8LC*0Z_5W}gL>SW!@n zZ|(bF?MA!{YXB4S4F97IB_l*83qDTgCqA-_5A4Cry{c6->oUsn)B zbGJJDPy{~KaZu*ci{0lL9YgLAKahl68xd9`bEAI z0})N;x+hxhLPX;fm^rC$q7BjasobxwfdV!+QaC&fkMSb}{t|wuJ<4uB?_U=7v z`yD_vRdP;A!gKk#xut+}A@|FsI~2G8yCth*3)6T5Qf9X~x(|(F;k8sh)hz(VnvKoJ z<9*|-UbnYb!09Nj!LWU%=KBO8*?cNhW(f=mB;WHa)>kO@nxQ0G!B$TQA!}Du%3rA5S`O9w4Pvf6w`e`BS3Aao5e^O8=>$7M7H>M_3Os$>CrMQd#QS)2xQga zQ?@8k*Zc*4G@zvXhm!Z-+i!^6;%_GYV!{sIB3H7*3ROYcz)=^&s&9k_=^Jlh%q>z5 zp3dbrw$6@%4uZULt*%|fuw;BcJY$TXf(*@W!!0Covo%D|IT0nH4fP!%WyvJd*I^z=pu zBa3|ICwlQ-PEI}fF%4YLCKix*~p*P5GnGCx{sJbPJC zDA@Hai4}6>Q*!xQs));lyd2{|%E+Z2y4IG9rv#`a?GWS#rt$aFjxg}T>of%XnW8{As!Nf=VN1h#_yKs@#}fpatzt{A zV*%_DdS+&+gidBArU6J=ogdr|ZNo_26jQX<3Vn4XveOQnGuqrXx$LEIkd7+Dx4One zaVKZ+u^m`G!})fFU~wI$Lev=)g96@QReH`~Vt5TVxv$od(#BYYr8QCAU@gcqnz(M{ zHuCQ$6Mqb@cRx^_5H569IO)&8F?dD@gIFXF!$H-fe7M8m$`dr5dx=9}po7n}C}hk; z3nzX&u z`$TyN?{?Zxv9ydkH4*{?0y^_q z2bBrjEY+AzztMt^A&4oCQOd@?g)Ue&{~<1Hm`c_)XKvhB1KRpyTpPjB0C(Z`$l-wl zbLe*#T!@b2Jb187a*IUbJSV4`1j7T8;^G%WeRDoGXWS!77#&l2gRL2oeBF6i?e`D1 z^Jeu##pNKgUZWa+!2?MN(f4qcvicyJ0MLTnv@iC}*jd5z#CmRZm{@R9uhX}ic zw$lO}KBwt27PY!MW-Ntcz~!q0#h+F68QX$slW;|5x(#D09piu>EM5}*TXBKz!ROdG z!csN|f{>I?h0{77GM5hVI;yF@B0M9ibn=={?xQtFN)V|+uCo`(z|PV1oc z@S4#NF@B5kqGpZA={dhuBCc!@SWN=$l_HR-gRnE%;|@x$ZffN5Gm`bAg-PA3U>EJ) z@AP{_p)evo;UEGwq9HiKUrWBRnLhqe?3(R%2fJv#AQ6f+n)DsmEy0CIvxUk#RM9C{ z1mih6kGTh1?Q8IZwWn+&uxS1joD4$ot4dLR@B*@V+~~v(=b2ysyRoM|OX-Q{ARMN6 z{@2^#Fr{yRYj2~7ZwK}o3!vNPV)^5pGkZxO9-b!a(q5Dd@j!1wqOSK%7j_OSp}5O% zmL!#c030nITLfRCqvZjB7yXRY1F^V68G$eJ51ABWFGLo1_hN<^xL>_3DtZpNLV<#D z@bs^fkT1kC0W%C)%9jp5C^VQ8fu$W)NAN*(-+Xb`?hIgqfmvmedJ|IY*`Nc%EPA#J z%ipd65ntlk?GoRaanl`nD}+dgZk%k%iwxbY4TZ)%|!xCj_1^(Ge5D> zD)LkS1Znx5I^`! z>6-)64DMMMi$+er{VQnN!GX9O9U7g6=O*Ax+v#ey_Y~SJF|gLpRjhyW?(<6EU3Zk5 z86uRkmXppw{dYxss(KGti6l%8=C-OFJGTBhQ0Y=F;?fI78!WbsWj~fSX#jSl2{?tt zjC5CSKHuwTnKh8n8xt0m|8wY`d*872o?IYmjsolHRi$Tquuih+eg4`Ehrxkp>y7e{ z!1Jpv@!Z=BrHW&!$t?Mhc(X@dIlsPz{HjA1D`PF-A(K(E!}_Wc?Cu}wQg<+3H6N1Y z_R+lk9Gec2Se8nV53ec|w9GLr5?>CE9fD-40rmJDs1m*B}L2|hnR&qF0~w8^G4 z-5lPqs_bOkPr*E7M#t*iFn4QjbGged>yNK|$4*yn7jlJ!{IW=81-N4BKI-O~IUEYj zVK>H{KD`Os3LCWWLUhVrLti;bs(zQ`U$qeOSU?=bK~>I6Ha6=IeBq7)B4+uCecz3_ zS%OlFAyH1_A>R_c&g2E@|k zrv@vKw-V4!B3#@+%VZQZ)mjm+F!)!untRX0-oAvF>%RF#ON7OxeZ)<|-&%#ZO|ZJ} zNYOkUfsd+VXlQ8sHXpos^&mo8eKC(K!aM`IK-CkI~%E_4j zh+>RG8x*>eL5ib+TE5!-$56!B(H9XMI>oO7?6#gp7VI-E!*?=iYep8sMO!ioS%c`F zOANc7DznI6C8(vG66pj?<2=xuYHN|))5|uCl5qs`qeGVqaLY$Qjk`Y0`qQbAkOJmN zE9}4Zt`_>q^D-i>KNXB-54x6~*wZf9TlYM?T666P5JY!}0C_QBAULCAto+EDJw}h; zo~V&)x_F>wO0>6g0SHey*{%3Z%=$AFTkG?VC?R6#d*i_^6&6Ib&8II99TFxzb?#x+ z038et%6h|~EH4(wo$3Hzt{;egwp1!^)o^H5NnpkNpE!kKo0Ldtmf$||Gv)50yG+}Z zrFex-r!l-cN<#*fMN`7@k>~MDTB~5xQ`?H8HK6w-EYVdF;$VN>w*i@*HY?%;1>K?y z-k+@Al@SO2rNT|(ed=vtXAbNyg1B%n-&4Dxtgb4KdsRy4cG8P`4eEtq>YY8&@f_)r z-RsY?%Sf`gG22}3Sb&VBeP^xK?|f?G9Se!#9*ObFl_}7@7jqjog!8V>&=o1)j>Y7! zocjLA$a@DhH5-`zqwwz6q)S{r=@>@*Qln>O#}y>ysQ@2lYgl{#h?p4=h`hH#e-wz! zauy(0$R9tP4Y8`i8eU^4+t__0Kf!qzGv}y=R>ixGNIuzR_Q0mx6_+U3hh(~uF>BhM zXsc{#bFH-z9n7%^&andBZ$|eNYk0NI^=L>Pz#iI+{b!;av`@=S`m;*>CtfUZYui#i z1`OK|1N}|uN&F854;Jh9GRwZf@nQ2b@GYc3sR{>FjDEtVG@Dpm@x!)SMu|5U7xtNr zAJ6CCW;?i9>)-VPA_wl;bG@^=h{UW7B^<11=OyEg3-0cM+HloxgvtSP2Vo%gC_~MgR+2W0sUjCg%z#TtrRU#VKKLqi~Mq2$e8_gNO|S9iw~aH zFgt`+lUQGm37LVJ+@)#@HV@K>SmAWghQhpmWw$<#As9?J_^=w<7R}D=Koz5MX0e!J zqzSrWYLbEc+!*A-3}J<-l*r$X>DY6Et@7{|`&Jfv*WHu!JM5M!H(D(mjhzKuGz(U% zfu{=eR}4Pu$5_1G$NQj1!_E0bfU+E~Dek_lTLbvrb}DDVO{hecVY0Vmx8fRiY2Mv0 zbi(-tDhKvo$=2@JEGp8ST{+o4<;H9a*%R0VTnE8;%o@sr7zQ`*tyzvo0_*6;JY*JM zc-BS|ERCCxsp*qMphaiI)=^f6(dsB%VdiVM`H)k*B+h0Xqu*dN1$PrRs0+PQ9BWEy zZe%Q(6cYc@A(zW?z>h$wJ+qj(WZ!rmRl%t?GClKPH;dS)2PaMR97lk^?vPk%{lX*Va$DFA?!^0VDY* zJJ_j>KA&SlsrKd!Xqb|}eFa9GoZ<(axUWPbM> zN31-rY~r=w>3@s65YUDBR5^Vx(Y^0t^f*MAL?BfU;BxveLr@a4ih^ht>kM}^G@e*KU_ZqO!J~d*F0# zr+%*DoD1QkRNA{YxNV(q9xgwkKcYbsA~zf^<3DHqgrybB4C&TaUlD39lER{WwtZc3 zogFH;((FQ@0Zj{x%-?@ubhHYMMma}wj_LIf?y#Jk=#=4AS=+5lqGMxwDE$n(N{%zz ztAdH!McW@~lf7%XemUK@M6)7LBBpA&a|_es1ihXaaJq+cEJlPx@S&VLNekdCq^zJc zGF9ZL;%3qNN6JBrLF<nQgTDkms7zmfAX3$Wgp4%84-U z6({)3?X(`A`7JnEF_;|)P22PXdTj3se`_3LSj@5W6i9v&_R7QZH;+1$H_mqs^%MS5 zwUB`j4<_xjMJp8XRHj*pOgymRQ_qDLu)Siy;x;`+!|wrymtv42Qq$)GMWF%xvPo9k z@%>L5MwPd^8syHG{}tV#!1US?+kQtx`jn?{&7s`6?8TM#S8$28uXieOv)=t$vWQOU zsP$NirEvQpm%vTTcEh`ij`m%jjjxlt7l!Y$527>hDtbLmdLf6lUF9b5E)O)?LigSG ztagt=OZ`D}3(&ZcQcs)ciPmomB_1GRD~Li3)OP_PcmR6AAXi`- zX+mNpTI6|f#cdlTp9#x5%H>mXp4`Rwa>N8@*0`U_b4ZJ~y81e|qUVNkBaKJl>~-~o z7UPGmBR@#;vBZ4E`MDE%8DH_nYU$3DKi+9+{ zy>qH8T7|qZFkew0ba3pZdL?VNPNFa%^?fiqA!|FC>!Cz?)|~!9_g|TrZyJl$U5^Lv ztq+Fm+Mn zC7sTDR(4oO6?fd$UJbB?v2aX;9S^vCAYY3CveFGWjqC#5aC>_oLPj#_miU+nHl z6Q1scn}cE*xa~pNj1Y_4N;JDpDyfLXV9qqd*e|3Fzb+X&}knLScdn0~t4MlaVbn}6K4z;ADIN?6Tls$Jk!_5<7M zT~(PYnp10ZES?cn*Y*V%xOJCodKlX>H`_?wNR>*#O`#m1Gs2GQ>C28tt~RiR$a1b- zZp{e9_?Bv@>fcewdzNs;)Yog-ZpvSxCvmy-xFWz`TI zr%pY|zuF+du)W82r)*?CQ|<2&p^6bsu|NYtF+5%T+DVUa6Tu6t{KI-v1o4Tst4mJR zMVN1(Zto^Xg(+FM?B~^im`5>OcGqF5s9A8}y;Q%TCbyy625HjwD38Mjdvl<4d5D|f zc@FngFh~3|G8BiVl7-aX@)f&Ap@yINTw)=+pB<~LG8PN)7$j=-Wal{*MuW$(W-Nkgpol-A>hk&=h*uKW?ASm1X&`Lxdf$LKR;h6lh-S z{qDC2BoQUJ33g&?Ov&eblG;Fnwy*3yNGhRo|l(-H{do2{uK9M zIdzMT=;)=W(SjtJ0u>zM_)jJ`2bZk!YOmm2ZeXi%>CrmHH%2d_9T$)9vWd&$2;~!e zPkKHm@o1?3Vf@i^PsR};IX3=bh{T<&{>ift!3?913!JXZ6$Mr-0qvx>1l6wciTkg(7X73{Wex-QP}r=Xcx_6spkw9V5So0 z;UNNI;h0LB2k{*@3yyS;iECuH1>t9}e*#-MBEAhify-c)Fyc6%EsE#g{%yiWe+D&R zA1@i-b$4*ZjrqHm67dL*pJ*oYn1ANGd_6d9p?9>=l zo|bP}r-AiicA|3I2i|8cSeQiO?&f3IFIQQ5n78}5A^1-CAcAo{XO?6G2{l_L-gjfo zdA=ATu&e`-bLtrbk$KRW)d7aI-$wqTUD(UI5M?d`A#qqe?b!l|1%!58Fpbsas1{LX z74#w)t}CazAvY1&Rd(|L*6I|fgNmM@)$f)qOehos&x);>_ITxEpk6XFYZulVzJ@$b z1>e5gfPL*}C_ip|b6*n%Mt_DnH?-F)w$038n-a7vf5k3XkA351)I(`x8lFM5H5JtC zEk5=MyF0{T5tN_5Q^iVoByX6SORLOyp`65rECI?i?+jsetZAE+*1+xSW@h_ut0n!F z^H8<>|6=fGg+WX{0SeZVQc~ViYX=U_p)*ifHpq7#_Mm0(aGsV$kFn;dz~4Qxp?!NS zYPKMW&J<`Wb!?K#{c#CZQlZ47&|$LE$%tn21KiB}{PirKBX&YdrkJ909ZHKu0Rg<} zhDs~nHPnJnK34h)`!WW6*~YsMu4BvHhbp7LR<3dG3bh9!n1H8DCy_x66hxm73e71XlMLAy<7(~V>Bov1tO z`?iGf`#Vu|IvXU}2bFAh|{~E2_zKObgE!s@``0AD>h4NX#XP9XL)jTL#4Nj*G68DomTL2I<$bJa; zY7-<}h+Z_h0;X%y{4p$o*uo<1J$xecuyh$ zv}Pzz-gm32F^dd3pW1ByWVQ9Hr8{zyko{p1bRSf_*T-V9tRd#4~PO!zcr>Y2*lhg8gvc8qrgqDvFed-6*ztpJ@OWYFxh1Vd% z_`-sAx2C%K8Kvm%O=B7v+1R!uziMbs_-}D`^5pK9qrY znk88DU7CtI?s+03tkfqEOhH5sbe04)?-pE+!r{^Hogs}NxTe+!x&Lv!ABrH6VkwDK zBTGGXaGtD@HcZFi^RKJxzU*r%0KMAUj{ixOydQ#tYY_K)A zW>3wiF8et3L^cHBHPD1}&Pi{Aqv+ph)EtSE{)c3cr)R z2ETfKp0-g?;5D@AEJ=ZUe_O=>a34SB<2`jU%#jHLVQ&SqC;GtRJ+ItA6Ed^y7`+PV zEKXL2{4_@3-%M1Qvwu+yUnRuqA&*C>Y@-rTKMPd94+{HF!E!ZOdINMgLHM-e+GV7E z_FzMY_BT(;xmqZe^cF#I`t2ZRMyF=p`oi z=S&VPwWjVyvM&&=nQ!D(bm@D3Gy9E%0{x;KS@q% zXyrjSAbV^O-q&s7(w`E*&!8}EJ06=H9ypl?c+G316b&e*=yehJT&6~9W0RAs5CIcN zW|}%W>2IOexwrey=0S2=cuz3i zXpKlgQ>oSbj7jJdw}>G^opaywH{>7ol|XpvQvo{i80Hj4#3L=hgS@}3&-ehUQspkJ zNB7~BXfP>oJgu|x;C|H9bV_(rcPEI1w%B*BHWO9gJz@X@c=EbTf-XCKF*-&+5hRDlJ}3SIC#1} z=1mr$pzBw8e3=kN_v>UYXRMcA?#Lt9&HE{l^W9H-(pN zzuqig4rA!-_2iBNgv}=O9w$Npj*h0WeKH3{04 z_Aa;Pkwq>ycf$=6hFWl|XD&xBo@EI6Ncl~@r3=9QIpy%&&h26T3fh~bmuuQ z{&ri`#j*7E^z_^@pDfe4V(R=Fn|C{8AzRYATL2KR#|VG;R8bKdW<82fw@Mc6ommz7 zE{F{KZ)VwclcAH=IC`Ba`d~_kn1+4VjKv~+#S_#nNPGfI@_p2hrZl4C+C$WHC za8=WrX9>q6^(1qW>{kU{&r_xm<_V5*FpH6kg7?Fl1MABy@%P7qmjw7S&vVSjn`c5# zA0Bw&HsC7|uc4pB!iN1QZ1~!G(R%cLB$V43D=XfvRt7i0gLZv(0jM9os$fU8LhpYr{-Ld>O>q{gC-&vMTdk;y;va!#Wb z?C?xn6l{dvRca^P{&I+*oN%)a8oM+tB|-cMPjXAN0)y-cAOvB;Y<0Y-8$|Y8*88M2 z3B`Ms)a+Tu4)59U5kaExEHriPzYP@ezVL(4Q}&xMDCn!rK0QP>=UX^s5!0g4Ke6!H zlT}KAJyGNSK9Mj+dKygI$FrZ-&dlQ+x;SK#r++*C(I4@WL0sX7IIp@>?2WYed9>@= zu#=a&#!=h?{)#DY(>p6B{dW?(0SvJH($;RpHnt(E3{Q&Y{g{~?y7M$Xgu}GGQ5+fA zsUmcDJhgqfeaxFE4Hpa45yHdu0hYsOzkmPE>i4OEe@9;k2hM-MS2093w*4j05UXWJ zi>-p6zn31cRr+dVSM?Cu`UmDM;Q&*sQMz=W1^6R-iuPXdqbCvYx0$#vI__qfiPOu_ad)2eSR6a<(ulx{xcgUJa_rlE)>pU5_c^6{h8V;Z z7pr7WL3V~5o(tSYA9oL~_m(e4{x>e4%a8PTLG>CgB+i)^+>>n(euwdI+u-~4?Z+L9 zf&Cud2pDjm=!2f$u9`Wv6O7hE=dB>pMO-miw2Zm&qoFjtA~4iZ~u(3FW`UnpoX*919=; z`3)Qk6ClH;A~LL5Wbn%F5x@qdWX)UD_og%W$*cQiNO9js47U03?#ka~p!cwM>$5W6 zp^ITUqa`K6cM}GGi04v|IK{YUPFgBJBaj9SLRsh(D~vt0X@aD)YyFe$)?xZ~?S4{^ zBnX7(O0Cv6P~Y9n`g{A)(?ZjLEHaAdosFEaL^%lcRzp2Yh?bnrhRK zCtGuS#~$u}_$rX>Ndc+eW|vl1`+k|)x~P-k;ER6VzHI+|9dHyzi3N&v^l}Za+JSyQ zVjF{HR%(8JKFQRtj?WRv%aIVK%sIOod#XYZ)nHvXHA|kBLBcmf-|Sv-(Kb%lQmaVQ z!$UHYolciNGsTg2* zjlXjOG}0fWn?$5!D5`mX5B6r7EhCwrr)^K|5x+N)QfrX9xWBQ{gKKWzHizbOxfw%; zfkI%X6byuQKYzdambvo}YaVW#TqG)A1$q6`i0Uxp|ABXcB`Zo|Y@FGscm(1y)OYIm zeg3TVDS>$S2<`FMok4c^URh6dd1>?4#eQHUwo73$CTU$*>$@i=sGp|q^jawHiaCId zWzD`CJGfDx_378R202Vy#{S&3uOP4Nffis8J9{G)th7LqL z6lZv?XL-oBZG(5wJ$9DX&E>7|RmHUeI~JelB*p5dmNcYV2!Hyk3Dv^JH6Z>7>CKOt zxd8qP%GwY%z`|{Fno&q601(Udh4)qAflJYHN~Px29aVz9^RZ)?Y+SWO}Nggb6rQbUVNakOTtB7Ig`s zkQ?d%ntzgA3aPia!z6SGd%mq0!@@^C9x%U=$eXPoVapHQb8zk;_((`@OU-IJ1tmqh zj2p`C)59_o)CLZOpBAOgzgWcrz*if5ir>HA=%eyUzU=p`8^fgGtT#TtbIKPD=dI3=qY?LN8p zzCQQFnA?G)w`5Gq@?@Pn zwyv3u;P7>@RIsk9Jjk~s5$eDts9Ks|QeyYv^r zNhj^UI`4Js9JO^m=ef4|lD{yvZF^J^k{vq%5REKxTMSqE=ay2%9lSxtMP$WyZTG^l zRO19(->lp2FmOsQ%h7sE>ZZ$T0aE%gV0gU%iIOl54YT%o=k_9kiO1Bu(wc1pLr^IPuJk7&zx2;UyfG~B*}4;e`S;pc3c^iMrlLmI#! zhvf1e@)@h+o%M1YQ@f(~T!s@%YL+a?AIDZb$ddT=OFmWnR_X5w%xabHYZGIGR-ib1 z!feehZ(<_v1EGD@vQpeE<9M)ro59)tgw6N$*UBBrGn)^sA?bPEt6P83Ko)?|%>?EV z=hx54NCs`?A$%09?SB0|1;4KsxY&hqSF8Pg-yy~D=L27wIw;3J+$TzXvEkE>w)sSuJ%GZUbRdQ|BCd~oG}zVY0vYikvMBaJ0tod9UhgpZ zyQmO2@usrU{)3H}sEyYN^_2)mc;x)3EpA$mbZ44vGhw8_L3Dz|{mbRtcY*0-4)iYG zxJLMv+ySD~n#N(~1y9r6$iq0%Q0OtHKBo>1AJ)Xb^iZxHL`)xqF9mJpdu9b-d{~1h zGJr!<9kcn1``^`VKE&?S)(UpQ4g=USL{)C+T|9?fRS%VR1e%63t=R@lWi_?6P0?!t zSGRVwX6#w>dyoR<-649VV!0C^nvU_Bry~FHiQL?meS+tR-CGAltRG@S5?C1W0g@+N zYoN5z?Aa#~J(g7bmG@~{_H90P4VJ;x=V{;l7&G}md*~IU!b11JTPh(N=$2Vau`Q35 zH9xiE9VTdju9sy3K+fd(;wVV}CEPZ4^S6lM|7O_#kuCqxLqg#y9!0Z`U_(Xk=N(u4 zcoz#x@`2+hlp|wOFf%e3G~UN!&KkyMk2m3bKXTEqaWj8O{Qn;|+|Iux#qi0n7en=( zH(@~$n${scM|zdvjn(HNgBsfPLYnW|X^%5bN`?dhxcWCy!ecK94OcWc_#^QU z{6J6hffM#JqV;rAlqb(%0d#r7lt^npksh2;v?EUhT>wlT>DVvZD@5cfdG4jePOM7s z%njypjH?&a{(Kl%dq<2!gPu}(i+bbyZt3&y5}3yVucPt>tzF){A|z-}d}8I$le zac6W3CpPW~XYzYSibZp)Uh)Nu?+*q91RVMK^vM$oXsjTTO>ceD=EjNYV?j@n z{%Bd*!Dg$by;?nU)}YPe!^@32yC9m>7$9vDVJi#Td^O;5Ug>W4eyS&0ce2r?46o4j z>?-6)+nAq1t^W^+S}u-5MYm4`{k>bm4d?rSx>RYUh#e zhWb(0)$;bqzy^^i&`e)MZ-e>bb)RKbsBVC+TrX?P2N7LBJcrx9L97A+tH|p3{3tO+ zml_cj*TJ#_G=M0Itd= zkxVo>(!G$7tKYzhcS*JMuYE=r)rCOyhM4`MesCLc6W#e~KfW72>gZWST*(Wpm8_yXrk4zmuXkf8kA&jJ;Qh&*0MMPC2!3`ON+y zA=gau3Nx(hgGTvdQ(Gs|+$0oa`C41n6+A=~YD!Us)Xev^!8#Lu#VuNoQTfpN@bK&u zAwknX8$1-7w7}9EPQ^N4liNSKE5XdL?Kg)Dcfcgmu8-tN;kGCVe}RaNCAvGvGf#xq zfhQ_@z*s%=1GLM(_~k)6uz7MMY5l#u6^Gp?SjXXvykWg$wd_0Su^PwceDy+zk`jeq zmjN=<(*0x8oi$c4giA_;Rjh~ITcTh&j|^;+luWt>>LE~_vNt_oa@4N7V&gKEyDN6& zYk4o62Y5qRX=OiIY^B{{Z+~}jU9o!RnWtkZg1VMx6(KU%9Ox&>n?oG)LDg$j_o4k2 zIwm1B)DXMtJf=V9%1cIP26)KT$Opoy+ThjxR{xN1Fd!Xb-#^{)a(HUf>(`vtoJn0U z^#-GumIMHE_LW^PdC;ROF4U>=OZiQ<{q4e7T-PQGD z<`y}(4}04h`U+pFzCa44gygu=pba;0grf3&`1M)sqX_ zJ?!LU+sx2WxWNVG33D3jWiF3jl-w$Lo5%1P`FWh|7%w`aO(hE)XO@Nj3MOWm9D{fE zw|@yGZlP14+8E?ovWEkLMJ~PX<@)bPm)c4@{Y>wS$;ilPp;O{pvipHl^c?UmCHq2l zmjhw>Jh-dv=v@UkrU+Rivm@`IA{;s9*eZi|` zB(qo0;C{aJ$eR9=8x-uhqDp94pH7l_iXNN*Tj8=s5TsV6p@Vt}XXwYDZhtZC3T1UDQ)}Rv zgSnF>3JN2wI{0=^GTRq2%k{pv*P>6GA3~XJVC0Tmr~pCSIC) zM6ric@7&nLPKB9G2A7q?tXKoW#r5hTM2UKFpvwacieKYqigo2Cy;S>H&{|C|v9zbI zZC8xJv7mUoF446W6wWN-h=UikBcrD|GZo0d>su_H7Soeql+2)~i)VHvl*wS&mlv#>3?1;X>d zb(Qub&3Z>m|Gh@<-Cs$)webeo^O7#Lt7vTnVdxJf56!_<7~$Ta4{KgVPOFykIGy>>hkDIFb?%B~u2b&Q8( zDbt4Ozs=6stxkUrsqsm*#B94m!Z9W!Vg47TFJ?kJLznwoLZ2sT!f8uVQ0&fu`P*J_>lIVHp zPy|kZ<`9V!7~C5HnA_B?!TG@`orsFMnR##S68S<<<6k!RZSPH@JWrN`8-QE}n#XcL zkKO{eFMJ!XhN8=;ZR4RDdtjg#z3##=R$riB>6=?KOEnpujfmrEaUWECB5iUaTh|g^ z7a6PabsehbeZDs0c8blsr1%jy30QIwSh6`CH_`Jtfo}q3!roQ4BtjdKX?mUhMhX_DfR5t8 z)@{r(tCX5726Ql}$~LrIomahQlO+*P;$|;@3J%Qt5w>Rhxq(6+P)^i6S%8TmZa4y4 zV~=<8e=HZ5Kv~UMY0wUWP|E~zd4)S^0G*My?R(_=c#B>}6-W>`m>$!6gs?U!K&V|_F_Xh3;P&p=V z1*x73P;s-Nb#y@B`SGlB6a!cJsFiovMFunx<=z2NpaJ*}13y*q?PGpMmuL1E@he0U z53E#f&-`HeCfH5~>6Wq3bm0>lEyf%C2R-I4-cCJay;eYzi)OUPdDv8L%5}8<4YU{z z;Du@e=rd(OVic<3WdBgbbUe_2H#|#X*2EixEV~1J&pNOu4|u>a6NDzg<*{Z5Sva7f z;gC9a$=>bD)DKyG6825seqv@xq2Bc0s;R*jz|0j*d2y?)*V<63cY5H3s6lvXro^-?DfLyi&qC0OPPvt zwep+x<^Yqu9@4+{MzGJO5_b@11_c^Rkb;CW*3SH34&9V)9P;`q)T{-xlg{4-lGYxf zgUdz~#OU&hlu$Z|5%m@YjCI8UMTVK!gdr0Gq_@ zc~?V9^hkfB+*a4}1>8k~Hy1}NTf`cklyw>HEBpd0nNCi|_RcsGU2pAu*@c~o2K_!wu5p7pMwA#L} zEWR$SoE^>P3*DKq)AqCh9a4v?vHRBs24TgNOTTUB?p|K_{%z9XMWPw*jX?K5gVX%> z_3NqKLRR7+GJ1Iu=*9~e71@u5v1W}i>i@muCyrs?FTgwef^kLM)z8;o*9_WZw1z5I zVv#2ZkTjmnzCQ_9j1hMuJ35xZc!j&|6|*1YlrGejK@b6wMDdQC0lh@yTdp9P0G(Am zsyud!>_qBUA`Z@2RLw2fMm<6U$pzcxg~fi7v0#=!4_Y#Jx@B0G;_)-v0CYztmBhNt ztD^4nGbuZS)ckyZIvDj-u^{wu#K!xN9H%PgvOuB`0WNT-Le`b-UHrc2In2%GhAn@4 zHH~YZfpdrh-Un}YpdP8PirM5otKOW6g|5&~k+uGK5Na6DenZ`$0>nesNw}$sbu>tk z9;x~v?C|8f4}Thbg;Y?rQ=kh_(bHG2MNM2vVg=d3pJHwO9K~FTb_TAg{qU9{1UuZ; zPK%}u8vnliz%7gtq2=)t3uWdk_(K3m_uzGO{JvWIUj&dg`&N9vy5{m1P&!%Fo3|dD z5g(L5X3a8$ASHQ#IMK_4ykscSfn?z6xfv*V-w7YeHhwuTRo?LlG= zDdR2E&2==hZmqDf%pZj;eXjRP>C~rz5>~q_@KVohO-q2 zLNuLE36S9jK2m!tu@~_pWc6N0?wY{)_-7H%#|(a5HGa+%HW)6H^Ov37K|wqG7EII8 z*)A>rZW2Jp$;XS>z7udDD`CHk&2-*WGIfSiPPtp)2w~b!X z2H0xAhUP(A)gJV`8=E2HuQX~Qe)hTnH&815ya83fP zB7J|Bxo*woh|=AnxwJv;`L~s6u#JJj^8a0P3brO7MOucp#)03dR-GTv?FO;ZKE_`J`fQ~o=&;DY38PIWyBb7n z<0bzBE))$=M+yrMwPt?wlEe`7l?OKZ6p!P6Sj{N{@c6FP*O#q>%_Fe&ZxrtI^-D&T zlXcpG*rA_z5;WF)v#!_%gJuj1suYa~{;o0p>{riMj@gsFPKgjf)^p8Y)y9#y0O$VX zcL0_3LA@vmDfo&xeO_8AO9MHNT(H1WN-8{&W}q`akPatPJv_Y; z(iAeAJU|PG+#Un>OI#_^mx?$MWR7rXYY$wni+7*07;8ehdK_yc{j_+seBII`tCouN zmbB>KJxVqFYm;gM6ml9MneAshJaI|yFZN1RAu?N_a?Bl6lAcI7nfFct?IRIsc)%~7 zZ_adZ7y}KYZfFOu=+^z_H2&cR4P@#$ptqGav>L$c1D!IG3?RfPR62LW0NzuE-9)MT&rj?K3X_4`G^h(E2D22R zQW5|cxnOIkyJW>zemsvTY;rC2}L7{5bDm)8u2Wo)S zs;T!@Zl5@7D7<p#gNK3J{B&(Nug;$Qh~*e_==x9$A9BNvXTDck05>Z^>O9&n z;R7YK8>$8~G#?ha zL`4_!8{j@zbHMu!m@>7e@OCviCXZ`AfmF^ePrQ6DiSEt4-cuEqfYf?_M$}Nt?x&XozFEdmxc}T`H@f{$-;T4m0WwYmk%1E_TP-=QfE$DIvdeSN8 zd(bH8%g5=XdUiDKD`!LlKLSjnX6nQ$r_c8Xf}`Ve8hGaeRV`oWq5c06wKX-_Mb=UjKXMA7i~w#hEJ?gMIVGc*V;bvmhUMO$8dvQK5af>$YYV zGQ5Y_%e`_0by@PA1)^5ALS!6+VqFOwHisu1H;p+Al~sc-$O)Z)t8FgZuEqVAtA_Sx z+K0$aw~=UrboL6~^BE9=p|Zu@r^?HC6Z#H`6K@TEe(Z?q+2wf{2?JU5LrJ@$#*JMC&#$U0#(XFri19KxMK0{r=jBDe2 zX5tnP;=w#Cy00=9Eye$qg^AuM!I3Of2@D+7&P4?AlX+on49>A?b@O9f4`I3v`8u%9 z9(5nPve8vZ-Y4VpgJY-g%k*gs7s1P{Y-rzRMgV1wIxfDuzP_FMwdzMYJ2&}Ihy+XU z=`PErI;y#uOWp(z8P}KW7uvz_I9h#tCwUUqgTQ1JRAlhqeibECRwOm8dkP6E3Q2KaY-vFv;?mT>Q>W&2N*Vr5S={rlJ{04-!f3Xc4NRF;^&Z zwA_fQ9-8!25U&VZKf)tFvj@jWmI>m11nf`4%x=kK5GD5KceFh;pUk!-^ZF`>09ngy zzO0jT6e;k3jpj%a(W*3=sTad&GBk7eo zbs7-Fy;>4ad@5URgNxm@FMADetq0z1<$VCy_iZ`y(F$@QYdi0M>EnZ0bDcj(5=I=~Q4{QuWiz&}xlOcbjmr^`vYW zM9I!7$*C4c@MFvPRn2Gb{x8Vmf0Let1Cq?gOxPb<6(>av7r%4!=S9WlYniYMK3sai zEBuJ#Sh+`0-o+Gj`{T~4P`76Y#+h1V1K!~g_ia$};N7F9IO5wVtJW#$6maDZ@Wq>H z-y@?tM94TJILu0nzQ#ecli9O|CesyUBSZtko}X2o8-KlN2_kAygJ`SVrI#&JzIKqv z>w8pC;N&wrZ_0^s`Q#e;@YTMWv6{UxDOcU>$&C#S4Z5@-uZ9}6Sfi8CZXWA)3SK-T z;J1J2hLa@HhV`w^oZ#V2^DYf4I>?Xx7}M2J9uOJ**}pnNGdRcPZL`=>vK}3hZ=yuFwg%$={@Z%S%3FWQ@0i2qV*} z_J`BjHn=u=*qpFfAFuO^APt@{xY2ic4V_|NBKaFkO@=zNp9-x7E9LN<0u4=Hwz3#d z0Hyrax$CsHzdo9A<_NtC>IKalSN1&eiVwULoSmSq_~mq9bT>KeXInOaA<{>Xn6rNh zS%*EuKI!s+pGuM{vm{SxkPuGMM2k$WkeVjByZB#u2|%Gbh-C)YWy$+? zX|;$LuU@oXk`bme7qYU6BY5L`8+~x~*Q8HjiPQp=uMyktW0@!iw?W#6Y&~DMT4@iXlIEH+2!;7Bd5NURaF^p-MUrwOx_%=JxrS$RUcVC6|OjvpmUe% zde1!*6?@ci2eTrQSb`plR_!k1J<)TOdlTfXh+JWLi+H+IY zh61(Ynn(ne-@QtH9+{m*_5;2{j%Y|pb&vUFI49(V`@rrk6+GxNy*7d5QCVn2tdL!> zUqSfy9FUv}y3d^oRPcIFs=TPm)KVl0>N8y- zLOPT*kB^Ztq2*Z`js?XAZ<5Zm~s?WF@~5^rCv> zv>q{^p;|6&%&IA^y!h?gMu}MY9K9)R&V|Q-ftJpLboC=AQ)9%h7C@!O5Qq%e^1m>Z z7cCvnaE?>n^cbpw={d!E-$d$dbNtw!Z6o}+bG$ zYk&vBfaG3j!a(G}h=e+jPsv?eIYkF?ZFR#Ta6@0cp*L|HadoRE+%_XD|Y%p=U-yHF9+75Yo9A*eV!LP6l%YLt*PTD)C za8yV8V+v8_VCDaO^zS|OKNIq=m+XHg5=kgiMI1yhBClhOVrz`vp@jOBe7wj#=Xs!4{_}l%# ziW6Ae&(OwG>6ByDm!m^u`lZ7q_k8AhyHzy!LG(+4Xzq2_lZ{f`3%&S?18FCU1; z4#iG36m6qSAwx3&wf<0?|D~lg&o?9kjhz4utL4AT)e4V z{uTNg-SWELitXm7XIS&I4zMpsVN1(r601rGECBP7h8l{6o|w`XY4(L$;V{nvb&x#! z1m&ikmMUHUV$B~HS&bE~D>g$}nf-mLv;R}THcPp}rjPnDjITw*i=N7%O7&Ufe*gDr|(CU<>V=I&jV^!MwYP#CNP@xb1z>imxA=#9C|VW zZuo@+V8w48gc1>|ECl5SIN{+BdKLN@c8DD(g|gLD?%78|s-DHvWDQxSRadq|j+ab1 z&OBe@gjl=Kuprd@mWcar%K`H9{VyjEZPZPxO^t1A={#t+Rd^b?Iu0fAubpq2XC7w` z_j$Onxn~w)4n2zZ0Z1%!v)yWvr6wP0l)Vfh_-Uv&w5Ob!zI59Rpb470Rt>vO@&P+6 zG%A!gj;+QD9{2>AEmPq#Qkk)D#ZIoS-ndj4t^ER6b`|l>OE7q+GP<>j%}g--2k|mO z8p$gtsXzkW7zn9D#+x0|EN?F>TsrE6-GqEqLhAox@6DsBZri`%h>|81Nl{yqDO8fo zn=+P++dL#Bgk+xWN`onhM42+gHkH_AmJ%WJ5ZlyX9?KMx=Qy{^)^*?4`rY?>*Snte zzUz7ZX|3y0+jpPe^E}RD_zWj)DB~H1I{+oSC`{Q|bZ2-GE~;OS%cnARSAWqD=e_3e z8hC%`r~I|2o{kAHlds*Mhyi6=v4ipg$W9ENv`4*G76Y>mZ@ONM6lp1`KG*bJKP9A+ z0bYtD-YcWW9swK~wWPVFeQ}fd8eNNiPp9Pzvy=4dexw5kN6rB4S>TPh;kE}vC z;QcmillT1fV>WGWky(G=*)6Um)}O<<(qFu&_p*Dt*{PRF>(dCc(TT;vA9oI10crZA zSjz^g^`D>~GaE0OjfU2aiPQV0l(BLD@FT~D8RW$ms|8M8`zF8eMODtMa$*4W{_9XS zbCI$~82;(R9tdv#@sp9%l3n(L`@Qb>P|@SE3t`AQZvDPbS-n-(;8`@&;LqO)~;w;$Mk@`-Ez?hz!Km21wQFzVOIJ;{6XFJa}--BmqqeR<#o~^eTk-|jB^Qw05 z-hE|harRYa^wm;xO@E2*+^3~M!hMez(hs8P;xdvmpni4OHHo61?fC(UzgqAM>Xa=B z1(Wf9GsP|RPLg~k`WoywJw2=9;%QCz8fUHF2e4?umV%ac7Le(QUfg$d0b58awe72p zaC)~*?o;T82PBDZn3p+0_w*A}xRDJ^(^v!~L=bYv0U+@gl~xbqPdM;Dcq&%uwRdR9 zk`~ENuB-8+cpQ%p9nV{^A%VGTPImTd>lx^=nuFr4qY+1x%TuU8(DjGNKk3~_Lm@Rm zWJ$E!VxbG}$SaRe+7fL&7Kd2`B}9-04R9CNt(;`wo1ro6W!30aFv1HgH&Qf6K9?Hw zBWd=&_wPoh!PeTDHuHT8y_sHS-No~khYJ|t}w((bMLuy{}|O{+L};*0EKNQkA}EUWnA~Jv^#^#fI*r-6l{(x zy5{fv@l-uz7x_mA2|StEPz5(RjWw2Ud35SUdJI6TbBfQ$*dPaV$T=c@OI&+LC;I)} z4pPmdh6pu#BiFJhDH-x~A5oeb&F}oCa3La)%)^}hnXQydAOLDGOxUp-K`#$vfex0s zx(PIQvl<#2PQ|>lMo9@-e_e9@)bj0zM)k<)zRo=OH|35*T5pQ%Co@sBKaQ}2HxA#( zpe!;KN+Jf{)vwO|Q8hNG(jWDI$j9H=lmHv&v$(JqpMK;(?&ybiwmR$_=7Di zEwi$+j`M&r2l(dvKT07DG0pAmmh=h4re+;On+#C0O333WAcHJH93Kv-rk0VdQea>U z8gOE{g@nSf+`f|~sVfH&j{yWNt?SHyC}lUUqw-aQ4p7UdPnYMtE48$=NHG6wtlP1i z=LOT_`}!{F6TA3Y4!i!Hz}N(%Qd=@AI|D0+KVJ@-kE-TIj0Q+-3uQD1s}%5*lq@% zeI+Lu&JMFgSNK&ykyvicV;PhKd>zr9e+iqeihwK97FaJ#Ern=>g-UY?(yH@*{K%K~ zl%0VQ59TdGi3X$H#omhDV4lU9UOpLAEm_B8+n>ykMqPf4aQLoofIu0FEjRHSsOphKA+^39a zm350jS;5|@OVbko)qKHz&$c1hhxkg;hkcH)AL8Cql%dJ~LQ5|3gCg zY`+T^^)WhR^9wua;_Cyy&sJ4dq5-S_5>>}ttRF2f>EApkD!8ENJwqHi5Ult;VPd&h zfSV6f0%wsbS}bq1!cfN?4^=zb>nU?fRYN|}{+5gL32H>MgNc%?eag5Mc>i1mfq}_I z*1d4lX$oRLY)oXt%6OIK<6>H!xf9fm`4>=tn-xbOt*VaP>PFEYqfrF0f&H%r4&0<~ zV!T!K5*c1ycym4U6apl|MXvsX&+s~SKkfck74_Vo_@3HmcORm|f%J=yY= zF=6jF^fpr#ITEhl2AWzcN=yVJ-ba-)EH%;JEvkyZ3hF@0+TF)4-rT(FC?;jR=QG_w zU5x5yb@N3qQk=T-U5xT1lL#Z_9W=nca*9wUz6|mvS~Mml6qrHIkp(8k2YcJZ00;`T z2CZY?z-kW)5j1}}f&IuIAE2{e1%fh2_bL3mtYLf{@M*wdG%t<$xON*|7X1BS^Ls^< zNcuIEB!`E6&7D6Nq~!LRV)*xGw~&Qr7q+W*3l|1;S@@7IHF!rx(^O9v4C z7_C+>b24fDS@f#NBRn#Y))92hZYwo#^@T6WP#$`j;POP^;>v@e&zWE^;cxKlvE!kR zp`WmSr$*UK%glaZ^LKyl#-7tYMhOcgUo~O#Xj7DOv6tcKNQ+KyTAc^ONB@OWb7#2B z59`cB$o-}?$0ynpmurICALdy09_ zpO4IN5006bWycMyJ6h*$D?j`9r0#F)T=I%ZO7&~rgCkbGX2`6N+p>sCSyc_aJ<)l9r&IkSQV5U0y#hBarRsEq&b z4kNNXfT+p&^5qNhtX78p;BPU9fjZ)Nb89O}Vqs**$FHwJIHx+`Lb%!gyelw@c(^Mb zQ>V1Fw6JyE2iQ7NHU>****R0b)0hqvl%l;UIzpe()!bhoK(?!0S+zTA7iLDU(WMfsP|iQPm^2ysK|$N=eU%m;cB@-ozrE4xsc__sn5 z|Bq+u9q03SZZ1On#dqJX(VRN{$24kLalWx8_HP?%Cw>&CpvuPNzrS_=gb@{Yg7z|8 z6<+f{AN4N`18K-3{S+pb7X9_raK?$knegZ)ik=YKK^K`|5_|(0gjky^fUwo4iu(tI zMY%QQGa&5$$EVwiuRves%eHTOX(YB?sFKk9pCcUp6s^XgoXhq5oe{<@ImoZ^J_+^U zRLXzv`a8)gE%nCdH^WXS9Oqsqg?jhUZl7*In8P#i_wD@oaK0l1+>DKL&JHu7DkblK*}DIpMxsM~@EoER+QqOm<2W3Wn))SXb2Iq9 z+S5oQjw504(({!|%m*^Qi|mwei1vCiEh4yq*0-$MX5_>Qsh0eZsLLs8DFg&>xKgi0 ziHOG_1l+az#sIYf6*4RidFqJ})!MpdwU(OLNp*rV`@t{+pLTI~(X zQ}KH=cpoS}p7qj!9)F(3(6yHd?JmVDZqq|%pya9iA>U;K^<734I;Ocq^M%bxFnSO^ zEk-7Vpu2{O|0fRi%;zc#7&>~Aqt8`-0dpKi*UQ!CDF}ir`dcz7w zC_YZ&t<%#rp@Jzpbm(DBxH;6jFH1|MnH2|ly3&y$_{qeA)uz~ESf=&?S4xV+aE>Zd zgpixtwtLT>(HmPOp1--Ve!czCDRNwmJxjIdUVQ1}?pbd!6%ekz28v=yU(!Qh$P*Gp z(HF+2!49v?<1)iiUhp+qM)|>NPV2^JL&+UaSb>`(KX%rYEUbjprG+Ztiq+{Gy^l~= zb7Nw*XUr={qco5y@xuiSQ%>Eo_{kP<=K1SmgVm^P^CfU{7JE1ri@$-AZB&EA#Bp>| z@J;j@-aq54Q_>yH6@WgjJ3H1%B98f+lO({&xMrU%WzKROl|(x(;Uy^Nk!srnaai3~ zF^rZ!@)La7unHsf9;$yLvE?jsM(#Tc|~dX{nNk^ zx)(W8e63lC>*6^4(qcywmD=YzsZ0#b+j zxT9os9WWcttW!f>9NF7 z@=3wGg7UTtP%%?Uw#{a^0&(I(?Y=@vzv!P<9D-cMnR+F7b(lBsZ#S&#wWE9(S*+{S z;3kSP#~lQ{HWVI14{#m2*-RsI@vBU_!)T&gdZdmr*I8x|MsVh#aDNan@7~0UZCN>B zbY!!5jwp7@IsQ%$s6>PmGzH-yKmcXCSwN*N%H27EtgOC~6LR2v9* zporNJ-u|k1(ONo1`>-Esa^PuTkq_+(EvM`fc9gk&P7t8T#$yce8nkNnjYC_tq*GkX z1JS#oT7t#+z1ej&?I7!LXRdiq!2rF37l|djJnE;yeM{ks8d|}B!=I7KdM7_`q6F`W z1274+lrz>id>eHfXKF;pKLPdf%G&i?K*cx9sd`@D2pWrCKLz@_0PH;6RhSRTG7fFe zpv`Y(X?e}0)%C&&2(d{h#P$aoQr0d4QBM?JN*R%FbhNuRG0R`VFe&W{vxq|{s`KjG z%`@Qpqhn%XLK;C9gUB(71U?I$vtvaIHu=LD`6FNpqCB+8O7ATKbY_5h!p(wy@cDfS zypdrin0I|bwu?nYT}5*rZQB8rI0_EYIWQdR6&O#+$RN&kdv}8rNUy|Xv|Tq03_*7+ zBG@Z&o*j8W%uEt^}BcHkv*~baMWh4O5HwZI! zMID6wd+^N>f&cS#vE+b;w_u6GzSE z;08Pr#Ir;;Ga#3<aXu_BO6N~wi&!w*~lkRy<9S{W{@GF&}T=iWcEyG_}4uJRivm?Fy z9Knjh!u+eEYUg3g4=06EQTE=49rCgmCgokdffIV&^A87k*pzU}uR5;zFV4Iw7R0?h zLxhDkLZlAlG9l5C>my-kSp->izbLH#J^^ zSbOv`N@I! zdyz+wkB2CHH`09i5Ygz@7iK=wM&eDvP(!Y^(OjigM|i=B8K~SOfzK`pBh)90J?kZ} z)_Q^4%agBYHdYraWmC{zs={Pv8E)Vd@i-jOC2;kl1LApJFsqya+6oCAo6QkzMM-Z! z>Cw?QMUzqEp8#`fx>an#2PuW)^et+x+1q!zXSbZ-&sv1%x>Eh<7?Q!(s!wVGL&p>E z<;Ry6yO$iT&f8~H7K8a>t~G0pV|+`lZaMD)0C$zFq^&fEm8=Y` z9jHpc`f{X{04Z_)_~JJX$rn%;IpLc?e#ziy+;i;bN7Cv0mVTD=IjA;kT3MxTeCE*g zpp-$p*u-D#v?VBA%z&9rUfmg~$gW~A!^z1v>nearfm*Rc;CxCf_yD@P=8AR?fl|R$ zs{7JBwER$_2U(6p@j6>?PM+nWYdFPpj_ZV~%K;N#clxv`FJD;^(!gDg=;z2ADM;)` z1#y&S{ia<#5?X7fyq9LZ`A#4|Q~jQ&<`!coY~@((ZnA+-(@7vwGHY9WX0k^PH;ZO9Rr7oW6EEgPf8{ z{cEOkm1=P{i1Z#=UuaP1?rt(Nkp8kE`#k)wKI%k}KqQ^sDsCzwr?iA)XgwC(@aytN z4{+Rckcw!zJ?{qWu)Oas=h5tWcpUgBSsUx73NCvS8zyQmTsBhpd+!cg3W@x7*$+1; z@qdI_UIUW-qm}B)W}JzBEWYBc2F_6nX6{-aNnN!Yr5y^Tw=OmqG#@5tGVr++)mKSGz6ddSGgt9qlkI{gDG3DM({nhokt2a8_fy`Y~rUEamk5E z&j*mtvA5RI`WG_m)aE-#S<2=Lz5V^pA|s>LZO(A`NkFRdbiP+ASfO(ybZ8hFk15`q1|OjGoGewZ&!ts+4n zrit-6t3#a>pUPtqN5X<(`RE8^cCy+z5P)vfRmll0Wy}F=D_dc?-T}hp#yNevO;JJ3yq)xj~IKVN0t&mARr5!AuY_3Vg zw*wch_xiDPlj(R9%ppBt7n0>r_tuYhsfBEL2PVN-tQqI(8kgL6_H(+|-pdh)^e=2L zrA&DV|2FmrUWY#e!f$l(VtyLFYVGHhihZ;=V=F^5BAHJnXUT>gvLxJ83%kRNO&%xs zs0yAp6$JxS1Hlktr1~R99k%#kWU2>-+m595mi}VkHN?&CY1E7*WdDdP-G@8Obw%|; zTxBR*4kW7dcG-#1tza5PNJK_`%-SQDN5H0N+B`2s5n~-Qi@ekg5+8D3(b$|+r_!vL zwNLn(DQS^DzzcG)yrHAGy{@DU+y}o$ma;7xc&d}S<`fCXAG`!gRrD1^?^=`Mh>XeF zyW9%|pN@`d_$DMx^aFF#iL};@Or1Sv{6tGNkr#s#WO7Xkr#_di3g~eA*YVEdmjj~j zQgao`El!rIcqaLrYc|s@X9FmNA#E_>onDbgZvJ^I*zS?{qbI(GSl_! zYM3ijKFN*cpu{f~=uKP~v7e$Kr{%#5powFEey_%%r}X<4j~Bj78vV?emCUX18BcuH zIOArB4DUL3UhQ&nr+>_7XPt;fcLd)ijYE;wC29GA zoZvLIH+|c*0+Xttx>@M&j9C}nHEp*!yrevMPT|u2k60I7&e9pSUBwF)iDVK9-QLf6W&Z1o94zU7~hi6;*96r zT$p6t&*(D1$|KAfJoM>R2C$K&=u0zl`*u5@4DoP0-wK{#!_lcNI=)RoU5#zK2f2gQ ze52oI+Gm{Tt4Q)u9scn6t#IdxSdWoz9PgsOCi#&9c`;l;fVv~*~A3qZ&abJl&xRlyDDrxfG(+vrbejV4sKeY^jHpJ{HS|t&y z@{O;ij^IuVR%0?PM(EQR1Grf0=F|xzs=lGp`>eT=pJS!Mq7!+S80nH-&F7Ps46zKt zK~TUL1Qx!u-o})`HK5Y-?5c`Vm=%FI-zQXT0rP8nrYl{nE??n(Oyf*$AUeHRrxv*b zcg~_p*414pu9ARDb<$=J8^9_`g#rbZN$nfU1rechR`OvNV4G)WFy#$;aOBL-yE$J9 zzpjQGhaeA1SPpu}2!7TbukFU>0Ux1tEIG4+7n&SjewLrw{0fkzR8d-#4v-FD@50P> zR9>Y-MpOEOu(Kt1Y*S1;5TMrmI5JWncl&w_kXbTE!^cE86ph2UB{kyWcPe3WOh0UA zPC!oBd?PBa{CX$|8r0MB5#HB}PE{?M1PLb@U=nBD`W?x}n}`hA z9}Wai=VV<4sz=1L`9Ht-cj{o-^u$0kC0%Xcz*^sfwncN7p2aDf`f8jo8UG}N>!~mz zedlseTN7_5Ff>T_Asro{5K zV+mh(iMm;(>E4EfH#Rl7QRlMmz4l18Zmlp~Qw+G*9A@5PX<$(}*umqQ)Gn=xj~>It zOLIpoUF4W)gP!E{Hw#KU+y(Kl^wjXGn&usKOg%m{?=wfJqSmh7??BLcgG)YRQ>F!3 zH1$SYt&2Ic%ntd%2;^4l9$m^8l`C+eWR3cCu$M(W zg^lZxTT~JJ2l&$UJ(#R=UaDTlJgV7=s8axm z)~I#-GmJXU!;;C2W{mq2Y}#LF(?V7C zA2;oRU^VZr8xkAXWMxFGL<_)?m!znuh-!kUTcY(f{?hw#Ok5XKeeb{WH2StkkZ3D# zeYuh5qBVh_YBX(x+cwC?KD5)zBd^Y9hR?lR3(QBkrwjZgM6yu7SLt6#59iCpTiWsW;u8lbfIgYncK zz}~w_TRP<&ef;sOkptVQH!uUTYy0o3dw0=6S&luoBZ^Yy9!CN&@y~A8P|DnhL&4Qp z?sgTwqueiBXbLynhC1X_pQ~K_!9PbbbpL?F1dz5P6PR}UUVd?`DPX%cqyi)Yk|wK2 z_NtFqwjYcXqWq#ZWR;gLP=&mD$bBXJK?GQDH{_Jr6?St2nF)wRE@-OKcB?wZB~I{- zwOLor%o=LdjS1YrL%ZPj%81M8BaPvMNJE4xO^lJ!tpW)VjpU@qZzv({H;u@~gug&; zi{dV#&fSnL1Ju`qKH)O?qX(fEs~970OX>YBi>zM?v7>Z6xftXfF=5x)ztf|)fk!^v zPqAONue_Qycs7_Dy}+(~J8cYQoD6Kh5X^LGy zs2lsP0W@~%f#zLhCT5n>GWy$8@qfcdb7wOXv$G!+fvL!8tDemTIXTV9lL-u^UqY>L zyKAk_f7=i}dUyyVC|<#Z1Q)dzGwwDV2}_9LNt;=YzXL2=e4e>G^CFVWLG6?oP?ni< zJ6~sO2%{0`Z@8ikJ+!KdH}5%_R>cl&C-0YFhTR5e;;$Lv--1t%1PIhTxApkC$Dpf< zmhK=ZtZ}!Mic#o-6<%-xMq*54DPq(Ikz%oNsDh_T8XgH*j$}8Ue<`^%S4#w5{QS@! zNJu@vzIJ>R%H!-kHm~1A$f_Tc#q?SY+S!M|UJTh({gv|07~sA5UI<~?Pw5JS2Vcq= zg~PMLP&iBn_6;sgN-mio3ormU@kds53c~(Yw=>?2-o8%_59O1Vt?@RPouX`z<0Ehq#3U&VA%^x-EYgM*A$7rLa@vzcz*y!oWb`+!lKwrA-y&Ep_w z(SqDoqZbOtJ!`?bY$W=7s?lO4f^$Mg(1zr0=<=C%VWE4;=2e%Q6=}8!e94PDr>zmf z9gNnigTSFXS<(pP|40ogarXlpi-l~&zkw@}v;8x#lP6E+IqP5haL6VoZ(g4?CJy#= zHl#B;RuVh;^e-b_p{SfzgeFIIxPeofnN9w?QChY3ym52Mg$U14E2Ecdx15R{{SDV! z*>7+R{v_C{|FtjV78bp>kd&&Ils9`7?Gck`mP3?1!T@_@={UE8N>9QX1^lh+T)qcT zt7+qUMkmha^Uz_lK_rcSYH`3$I|0gobYE`o;9lg}JPgG=K&#u3*Ek~eBU5#VWJ1U{ zaHIEBAtX7uN0E`QuQYuLs9TPbTM-G!?EKTG7bcx^r!Ap$D^y=pA9#AGapeKD=kmPR{ z64>Z=*f&k}k4CXiLyz`TUrp3-X&5xVna^|mQoWOCJz4~3HUCAYL!*-QC;E6VNT>1^ znvnBdxS?ALQn^8jc8@{Pb0K;jgn8O}`w?zjG+bd(?DNeX`tr|me?ePuC_44I@@EYl zorsN_1T!N=qt;H7x_=X^YI{@r2Xl`jE=ecrAZ&$acFFtP?!Cf&nW5&=A@_F}8+R4X zyxsS^j@FO9=ES`dG$Dw@f6gE}5bg|eRKIx|LILY!H7Dg=-Gq1LS(;oY&mM67Iuf|@ zv;}F^3~4!Ut)7JE1E^(fWT>u^4Sf!+&53KI@S&wVzS;l+>5J-3Ah6SlTS5u^WaA^o z%49!zd?+<5Eh}mXwQ~NNg9vAdv}r)XjsRINeJpg;8#D5TxS2DOk<=jVF~a4Bm!crh zQ;XwD3_e>MI8scAYzjx>O}Lw$!+PCWwqBEu$3kG9_1Zbv@3K35ekQ-ycYnU0s_L(u z>SdU7i;*2JSae&dum@4+lWg+SdGFNknilsp6`lVjR6G}G;PJf->5MVo`e2}B987r0 z_|6j=?@mK0&+@o)_&q*v9Ge8&rihyIhBg)YWT&az>w?y8voQI1O@COhbB`@1apD~Q ziL?yv3S0wvXV3a?JeE^~O0dJ<`XArMJU@WoViX9$zcYz%0t$cV!3Ry+>aAWAYmsrh zCCD^rk?2*{#94CS(v#hK0YpgzgK47Y7_A(=G_)i8!9Pvg6@R^yh4v)9>r`SNu0Hv= zTq{p-J2Y+$Xdku~ETEo=R__iS_C(A#c-U;@C~uuF-1#hhDO)Lq5D5i5SjS&|Q@2^D zqt3=(0(Xon78+?`33W15cew)#lH6gq&^x+L4RElLh$>;TN1FDcVRBz*H_kWo`cYcl z_P%jw72CRJ78&X34HHsfX^7{iSf}|iQI<}tvpa@(u1SD#C-(&nriZU^F&SDHa^h

dbj=9pM|D;T0w_Q0~#&KCvMM`9u6(Os>O@98IUO(3^)uZvjvPw*{?YGYN z({oLz3?B(@hck8Vv%0DJp?d@;MpMY`>ECNiH|jJx;YEg%O)%3S+to#ui+#J^J;<*H)#mA=wK2n_v0iiswAx0l3%{I$?bjU z)X(MWIWT1JYfRv7H=L9fpB_g-MWQB(dWS5BrE$iC1$;Rf688=V4-FI*@-AqwCnouw zNN1T=#Xr4Xe0!hQDILi%F=o6IBz{LIxYB>({i9aVgY-&H+Jp3F8tLD1^72Gp(LO2N z<(ctZj#S~Qq}Q2pUEcin2*~2`>4PraM*ZM~oz|E{>p6|MUcsm`hY}#6q1Gm|E;QWG zjc*`XXiaq>Je4|D!gJo^Fifp+?O&8}Iv|EHS4|JTDbDK%ErXY@PB&}ik4_MocJ3Y_nu|6=1YUX9w1c!8xChQIxv}(blCau zLup>?{7)}ZN(rDpJW6VRsn{-f%0hD?S{!}Gm(2+pFTkESlNSK{ zIN45+1x^}Dsem>^laf%U>1>DnJ<<3NR`fzsthBq?cpSStCY6{&ECLAhKO%`k>e`7a z)*yuK^x;r=wm_XD5R5@tzrg~Nm`=+SX^}6ElTEQuO1WqOx3kdPK!nJ>v+RMbjA|)A z6hKKyGJ-%*jEiVJ;e|`(@*&mt6VlY`Af;J&RP*3RBzL_=ZsJR@Qzht6926Q4;EEz8 zt{DK;!xy7jReYkq^o>=at2UW9`$5V4T#ALLjHk>VdDqDV34(1`?!^s@?ES`cR}hjd zk%D{t_XL|A67+e~EZqHs5?OLX;d%UMCu2);rHuL3L9zW&9FAWDh4Sn}G&Uz-U=RoD zz^mXw0BxCnL8;#{MOoy)StjG%#n-uUuSN-^v+W!_k zFD@#vZXD!zo%;=8AuUEk4xH;Zvj~*A6~aDmekU#o#NN4;CJHE4Efq*x@kr#kTNLeW zl!gx#ms+)EI7-#Q=-Gho1n@gy24JZt6Dobc`t&pFF2;6FI#?un%(#Av%i0vGwd)>r zWfJxZ;$*lEwwv4&@8~|TmTS@TL&%|w;|e$l`dXCunMXN3ByFj&A`GY$}9|KHq~DkM-ej za38Lq)u;;Rcdlg>bxK2HKO0a5C1Mq42cD#(+;jTuUb4uGTN6qUXSgn_``+)0dk)^8 zb~UKiF~&mw28qkfnopl)PmspiE)--)jPH^k{B4z4*kb+a*Q}*Q%`;wZw&v-nwK#($uK~8G zsIbKJg%jSp8)KzzAP>w@!^Yfw!>S@Kd#vkNGPlG=2o& zAC)z(W~;WdYEUV^m&!>09J4q=yvF^c$zq2frpYD&5-XUMXq}w$S0_E0hLZE^DXzc5k3mXdn|2n3h2|`BMQBpfcw$(4h0x+J| z`uzYuL$q_;vQ*JJ;x* z=r5OXx(f5=u}p}J3Zp_>DL@~F3Rd`t>WGbQl;dMs0Ndid@-{Zqwg~|uKp3OuUW(HF zO(f=`(fIMgO4dr{jkFJR34MBtX%;bqS3a7Glu#Z7ZEVCGeC4@S*ZZ0 z51k4MFdelMi9A8PFHS*umGn`|_Itr8d=uH&rS! z89~pv zeqSru$Uz+TcZ+Sc_5xSIo*gU=V@js#6kPOKH`7VFsjR^RM5NGvBM2Uk#hu zeCN|tn=}2z*1s%UZv;WejE$%QC~cEFQb=OpZG)ul z*DO-r$hKxxgY9j)YS4qlYWfu^@S)iMsyBn0pDnZR!y3~+H$U!>i_m6stSy{vfBnKF9kAs|-Oe$d z<4^tdjk=L??#ruj%}p)sB~)v#0MZ_WRWY*>toyuv8e4S|(>sHqoi9JEsuohs^{ov( zfIcj#-3z-ND_h!<{}Q+ITB2<&4>`T}s@_jCMXM`UvW+^f z-avlrCl|_?mAo^>zR)2NJ+9YW0158Mw~_ zd_wqNeR#k@Itxm>^r15y_R8+&&D@Rrw#qOmC;sl5sxoT-Y4>#`_QsYhXyQ~|5?joU zavsZN5!g$X0~mp7(Qo>H%-WzQ+nnc`+br(vw}UVGT7EAspo-2qib>G6OH41@(4^q_#yfQv^pw5Fr%+B>=KFC2BkvB zBf#fxhWQTC5%&Dtb3@?L69;6+HvtD&d*gpv0})B?XR%F++%eUhz4>EBB-B2Ju{^Qy zyl5LV6Vq(Fi^hf%pyx!IKrW>SdOYvBw07%jMZ#q9WYqccYvpXt+7`9ZPCpbl%$l?Z zkzW3PAzT9*-p*bcNjN#z#>EQBC5!y2VROKb-CO*jRh%_$2XVx>RcfYb8#8;&<|n!57<9ulrd^`=d(vYN`c`#nx-WO@vJ8@$r$erUDwq7c zC~qMGhF*dV|kTOXnP>i1{RhYZtd2R(30(b++h_2-^^ zB5nt9YD@1ZiOw#s1#1ARA7AwRc4wQ@m%AK!0!i79F@yvt>AoVGl_rv(9<~2ke*3Z@ zc_BhzA%ZXY7p*P?%CsUTr88F-f)Ob=++TCdK~a-F132JmfKt-b)t!&Xm;C+Hgru)- z!qnRf^!a^n8*|a{MjmlKEel;KknG?4x?>I9{`RN*1c-jjg1FP+RE_j59<2$Ahul)ZLj}NU4Xrya`B#Uono{sBy zmx9}Ydt{Zr3L2{atLgCn2Tcd0zDxqg2ZPpArz^)dt-97Sph}^qnn|3Z+IU>HghZ?* zfW@|s%!-VT{0XgEJu(HWfVEcI6=*UJIxjP<2vV} zj!{?t;K+e-SrI_w)N@P6eYINV2kx5M|s&it>9e~F~ zr_uJ%O)gN2!`S7Z(*E)K(Z3 zD12ZsJ7^0^xUTt2NGG3r!Zn{Qjt49Qcp*wD`T&~Qio*4}Pko;>E3*#wy~qS2bjI-) zkn&C0OHnZ040Ov=^axc-AX0$u5C^rZ;>WiSFh|{IuB2vWDwjT3TBrc~5HOdxrq=!D z?Kb&`*l$FS?^o(uUl{QhOk5XrzFOi#b@Jl7JEo40`zaqrXNn|8Zz<7rQkD(o)fc$+ zE*)PekKrV=EDheI-#s*`yQQfY_cWs|N!~^bhXt;Lxp&7T>XWIr=shLksK!Vc<+; z0f)C8SfSLy>qIC81%?4}a6N1~DC)~7{n9!79E5xIz-&!gE(b=py2W0L+vm^iy@gew zMUH$hb9L-&jj#kMZz(qVMM|~Ea0g9&ww$n`EFHQUMi^B%5p>D9C@^M4OJYvyTUXi+ z7ifYbiJZT7kdBbVI&=dsXMoR5Pzgx4@}J}{%fKExx}Z_EZ9GCvM8FaTw3i-BXflC} z8l;q{Pc<6_(+%CF-;3W@pMWj`zG21TC!hbeUJlgILCXOhVZ>R~5W2kZ0(EfKZQ8}q zJgt8d`-rCCWjv%(m)7s|xccZ;jrQuRlK|$@A6#i$foY9Rj{$iP7IQA)98Mz>jg6HD!X)WuhfoUlF;`mDL@^`Ul%s1-MBZR&cECBse z!zbdR@r*#IvAE58?at<1r;f(Y%aDDT04}%yQydKaAgrKH3<@L0W0j#7mM*GK)sW|LoMPC#|e5zLel|oBi&RzvMTkA zzYH()sp^;A%P%WS1e8I6pssQ(Qo2YrFl=t6qbTkLX83$U3$W z%(ve&4(yOGJ6FD0hZDOi%=bZM@XE^J4?@~_Xj{14@_iJXLhZkkH%mvr{F3FYL}Mm^ z2z9~3d2OSS2>iM>o(brjlYq{9786#eUS08&5fk9I-LGop)1di=%BM}s%XL$w$9tbg z9RLlOAKh1uJn`Xu&>rSTzZ+C(7%I+F;ld?g?9$TSt_VF$_3Gq*_$*lb7k?>$(#4gG zd(Y+*jgr?H|AZ0N3;w;H4h(sU`#{FjpBDM_Wc>`{8y9;a3x>kqOc z93Hx4pPIn=Nj7I1!YoX%a~_ukvk)T_xt(zA>Ut{s~YlV zt*io(Y-saJuRh)1OB`xIs4_j@5T6f^MCBR2eg2w?92Ky_e zsgI&Lgq?vGX*S+*oJ@YDq7h+|cgEnfwJ)2QnIS9~GE=#A>lUB6AAJhn-PdsbLJrn} z%ou{GxX**i7$g$LeT&zk=~E8IO@0d4jtQtt9*kYJM~sDL0JXTM!*b99sW2x-dE^a<_f814VqfydKsyttbv<_zhgIP{%P5ukE*}RJZB^kV z$!sVy`zxOKW3}+1?_IxvPZUfc^uwCKcDbW&VQSC>8DpbaC4?@LC;02wEH01?Kv(}z z?W>|iYt-}-7dMg3w<-r7nlx9T6^!hnByM8~XASuvgwSkA=C*_+GRZ!^331H!95=m_ z`eSN0UgP?6*K_aTaF~rW)gAlm;`r%3Gq$#fF#mh$=k1#`A=q6T9{XHrwpO$E?Kf^rxPuQlXchEh$QRjF`Y?0g}rr-W&6Xlo12Yk=x!dI@b)Mg4HRNO z*x%(|Q)pgL^Y#Av;3t#f-Q$y!N~K?m#%J9bCP08O^jVc$|MGQyN54c7gUd7&XA!mx z)%h@0#%%QH@e}Viv>_1@TuZE?nt*7n?oV5%mPhEB-(wTJ&-<5Z(cJtneN>D4^hopB zo&9~=@nUm5l4)Q3Vz+v z1cXsf!~Fw^;Cpr)jA?YhaBJjuw||kQTP-~okKz-Ue>HEo99#q=r62de>2h)wJkQPo zyL&DXyv-RFBjSxU23(!PNQZ(iX3XJyj#g%dndz@=5g$w@+@`{QfKv>kC2@jQbbIThzskv`)p__@X5lg7L zFZa-PSS$CVa{0Y*fYm%w9_GFwP%BcEmepX=AH=ql8gWGSed%8Ptk5JHMm_lx|v&&jf1FR;MgLxEKo;>lWxV?_cOE}G@jd^#b#976dlpo*a_OVGbe0b=I zn`_QAGMb+r=ZCd<@ZrH>wv(SOR!J0BOT5SXNWy#jr79=;-H57`^Ad%v4G{@`@a51) zPx7wY&K;{amadyqc~dn{TE3gD8?3Y^&mCB#YuE;8f?BTztfJOYoCIw6C{gE!zt^s- zSU+BD8{M|ut0_fYE+cQ=QU{=;9)flk!xE7y$R@Kiy4Of^dQtG{?G_qod!3l@mQ*c% z;^52o?_> z>$EN?D*<~WqfoQ2I+_>ytMDtoB$!syxd6(2zSq&Y_RFqZVR9!gpc}gc90@}gd_x~!V(^6ef|{$(rxh}`0z;{J z3LD-994smyJCeN~)==-HeaL5ENgQmv-8MVe$Z?f4i7PX8#yFa`X53DPvRBk}WRLBm z%+^#b<#k(GE^0pW-3OP^1FmjQ4wyj;UlFBI+sPsJj2-3{=slKJE3v}Oc#ZDirPX@G z5(c@1`*)V5vJ1G8l#UKm=7U8N%yBaQI}O?V(iekH1ZPe6EkTnY*Wkm45100oK~!jU z*+`wT`|c^2L41K`9h2M@8?#ghQt3}ltlnu1NS)y3g(qbBtDenxXmLjX-*BWeUn|dH za6jUT3W@B!ZFpD&JbpkyxIWo#Gd0~Qn8x>p9vKzk!tUx#;IpQ*8|btl_0M|xPMCZY zqIV#{9Z<1U0nUE{bgiR@iyyEZ4!))qPK3;g4pL32>MTV3BeBvbcEcZH1r@i)@98-h<{r0vR3Q>cymo` zI(vHyo9WL8bGM{o2WYPTf^FA3K0j~aa8uQbaM*-WdlmryymxW;ak7FtUXdD-#PBd4 zEyeTagTOy;a|}0)#IK&U_12pUudxC(yy12_bDqUl@$6Z6+1y$$|o6!NXb6Uv~&6JMn;NW2IUg#%mH#pRsps?dZb@hpuR_h^9 ztMP4HqUl?lxPd&#qrbm)_$F`B@%n}N{8_ne*phBo%-J%^gJ9!p3X?ROwaY)+WcIm5ai)TMv4TV;Oedb+>W-eIgm=T?+g-tdCL zdU$!{Iw2*8Sx#|RZyBN9eC1;?yWnHrBn!l&y32$2C|qJdlUB|#sjjF9mb$TSuARN% z4R6iIFz8~)y6NcGq9EYUpPS&3sHbmR^AS!v{w>ss#{@gLVRN-q*72`=^cti(d~q+i zu5>ZPYAK)uDs4VxDA^#N2+7)wW>s9zxtNnmmujO&+l8-!;iLit0t1pHf*6oRMlW@C zN?4Y1zS8S zG+20jkJj7lfTOA>Gq9C%O<{5H-K&?K9*pQ%ZNeB+Ns~++`ebWRccWDMabvhOn z77c~&&cZ|^$@+FOMZyM7_%##UbrMHua!*V2eadMv1ZKq#-Lhp6MTs#jLHAJEP;$lL zYH0PCF6KFAnUrtg60Y8P=YG!R(Gh58C~9gx%(m%lZ>N2N8a@YApajPM?8v*m#+Y#j zMQRaSau%M`kg#*Pg_W!cO9_)5MUci3zSpdJZWnpMIUpiEQAzwL430o~!Zy};%2Tqq8pxhPXz-H_v?Bj4eV*9V z1T@N-cLpyn1+Wj*Cuxz9AebH{2)(u~ANdOp2mCmD=nqvbG1S9tUY6o4V(#&k?hb!M zh1xzFn0jWy-S4HvX(sfZSLKVpzn8)``+rhkK8g-FbU<&R1R)QO+#He39}QA9RxC~%#0amFuD zfHsg2p}uYP%@e4bgJH1614&G$z~zO`Hl~kpJV|*@qudb@5%u~tg5&@}1z(E(C(WJ7 zi4E~zHr0$S{}%KxtgvCO1w6b(Ui2pnp8(=@MEf~*%U-cv>XSK^&D*<-S$D8AqvgTF zS)#u(_*LR+Y4Ym__NOVYmufxiZq|2+7UciqPJ1FCQqsF9J#c2M^Rcz<6{bX#*q1D! z;F0-ak1WLQTimN!IBTdx;h&E*CGe8}c{z>4&Zef5OssKufDJafo?CRLS@#Mn1T~7&>FwD+eCj)p0(j2Q_^CCREA1-*9 z{58MqKMK@`;|x&UnF4pWl7r4W97a;o2;?l- z3eACvg9PO2-RsCgn&b?vz^ELQbgNEp75_%SYix=C{j*#WkxnZYT);E0>cBm*F9eB3 z6hYu!k^k6_&cqpid-6BgzCV^U09wcJq2{Kh6;QLW7OoE@@8zGUCrolI_6H(;DN zH)Aa6^zs?;rR>6W&3ZqTOC<3C2?{6R}(6%7T9#R)H%Nw8Dd` zo`Xvn50ngcxy(XRC0nRGsUE-#?h9OIOy2hSW663`&|tH65;Q+6s`)m#?xTYlFgZHS zstPU82>Y*R$GbqWS*HHjojn+fpP0Cd;l}&+v~1gW#2`-tddNGzJJ##hLCOz}sIw=+ zuWg1iO1CwME@itez0F==ad6r0bc00qY4I>9Tk8w>$iGciDc4HVW{1oLl=27uYz!k^ z*)&eOE!2B=()lXSoBzCh`}UdEwTF+w^u6tciJZP{C!F8G)=VS)u`(rw=jvFax=l-U z#0^O!j7hvS-0-BX_Ocy7z5aoOHl*7uPkI{J!rs?4ZGG z(@NvjIqyJi88UINuHU3^D~w}G;^4q^Jz+w*J>;Ixd||$0{uNo%(*kDHA!{dtjj{8X32l z=F8#W&?iS6hntQ`lHf$~?oK<*!SVPi=r-Ay^~h48yTtI#D^Na+>_78hR9iRP)RcpMN9FIu1)14|{V1Lh-I~(%T5qc5UG&4LZM%3)gnB3Jk|UVhkx<%=JLMsa>}cl^eap#K0j^Ch zGiK5}l^<8{qWvg>Xar1doAB`gC68*(&Lm|mxkJr_Lr~K19T5Is?7eq5*6;fVoK;4O zN=n6z>_j0U+?2hF8`-JsjI6RpR3A|iviIKEWVK87EF&#Dl)XLYbr;?Je#dhh&++{I z`~K1K<>S8J*ZUghb&l8TbsFHa#&@+YL1L{izx<-*fAX@jw<%H`S87_iJX%ZNgAAS> zl=ngxOl5$kP;cD9wElAkWdBu^gGtp-{JKssp}%_;HSyBg>0&^oBJX~ib#)$SGm3gR?%02`h7x z4hotFE60jzG6MLj0{H7HpYxy69-ce^?OS1rWkqjH9!p$G%GLsDM-DZKrK?LOm5N!w zs=8w>_aYnWECu!XkS4a8w`1BeB1BJN&3=TW93jndP>aaC)RSH#-q?}!G@S?Kr<3Ab#;f*kC>}JPY8qu9a6v} z~AE1SHrU-DixT*^ruA`{_G1Yk@ z&Zh&e7Zwmk&7zTo#A&3L)z8qlIGfU$_OsgZwDK;t60KLZ=G|umKAz<8jhj>-FgSxf zZTM_m-39nAITwq=K9tBj8yvKYbQCn^8>h$|*D6ikkGt3=>4f#nwX=}S7 z%q5K5_DvXhxjO8fFq1?LG|F%AJ@@xIkdW5HcB~RU2pKR)=9)eouYUvLX!T_s**5QM zz$+>)#;KnELJA>GDCD#vB|IuAvK*D_AaffwAWf19UKzqYF)wruKXV>!8!Y&6?c;E@ zi~NJl1MQOlk0=&sedsJy{!b&TV>{)Lhg%p2O*^y1Juv9936p=PjBQ09ylQ_vGjd! zd)#()G1%xEHx?U}6cxX(uS`J;vvK7wrhgYq6|NhROr>7(qmUQkCK~BOnxl3;U@WKt zu=K>>Pz+Y9!?r~mq{uh3GC2#IWq$w!>TW<vOCZEc_t!9UK{L&K(BS9tjHvO zVQ7yyK_S)nR?_6CNOmW^Zs#p}o9R|nHJ|^N2<~+b}2CLtF#$hxy56l6p>n-#g z=k;2A!L-ZAbtLi5Ig)IUWK}dYWCRPA_Rkkf!542ob6lnl;fHK;C_T^@$Dl9%6d?x6 z{rHu)V+n5KU7D>p?>chIBQfj(+Px_5II{t3l|vl9UA-1~Z7H5>%gD)w4XVQC`d8+j z2Bd3nJ8$X-cprjo(RYz<8C8W(qhPw~#0`{8d+Gp*+tlX&qJZ`gcB_L%8kV@V*z zrgD^BWH`p5p<-D-13bnEIyG=EYhr*s1bsM2XOJ2ns!9r4_jJVM`*eU-7&pCv?_`n4KM)S)C^e9o+m6GJ#8ez68LW z0wg|*6a~`Uo?XuU?;x+-Uws@z99)oRN0QlcI0G)f!yu~_^6;UtZ#sxxMVrpL;E*~_ zLs63S8wlCHg9bzhVqp7SbT!9xrl~}~__PcbA=GGXOk2}47F(b9QA+IZM*0Pl9q?Fi zK?_NEgDULTwhIu3K2TaZbN0n#+`SfR>bb=cQN z!5%s^b>C#pWAM~Da#;GRiAm?_4iIsahgcDA`hc3ZuY9n@FuKqm$mA|qfE zKEm?@)CnLqIbjHrwww-s>y&?k1AWZrbC^`Vym2jN2#>R!{g&;9Kr!oC)!q*3H!vs1 zP%Z`9aKDAN&(89X9nVy*1u&u>yN*9Tv{LuywcG*vSAE8XFiDjK|wtf``}kNXv^48 zC5PU^a=%u1Hu!hduEV|w5EBtTSEob7LCiJr8vto!6G z?k4SikXN;QZeGk1IWfg(Jq!w^M14tD)ePoIYb} zeIRomLrk6}Pm8XckIYxvhSkmhD||@isJQPwd4K88U^ir3L8!LHb>-I(^#9G_zG9yZ zwnvZ0VbRlHa)7JtllHD;PmoZ04Ohdee>1CGDn8QCC-QAW1U<66!P^SEA<{P`USc(3DIL=QB&C ztH$o>A3Qrb6;7w_>?f4>BDaHC>~%S4yoi9*%pk0h@H3p|4xbJ-Y0O~54HBPFfxO}| zhhbxT~oZ%jo>iR9|(Ri9H=*GPq;OIxKTk3~yC;^6q{Rz@NZ=SRzO zuH{03ZP!Nv#=)hR6Fu6rg^|^d|0LavXEReC*#MP@;4;)(K`-7AxhfOcr8l0)=Q&o@mdjsqq`y#Y*#EvU zXj7Q_fAOa`XD&0xN6xg^8^hpV0SVH7?s18C8j&)`XuSp9hx^|t>G)N&OUOlsnPHFxt9-@N09zh+q8T{jGbY2m~mMh2|8 zcS>)O#d#Ec77;^L$#Bs45dcHD&2Q3*3I?`>2_)wB2u3VHTzhr#=NI;Ktr*r~N)_#o zBNu?xXl-7XxYlw>D!-e4PN=H&y46U+S~o_DH%%?xrj&0LI@@1+y|3r^aY$si8=Uoq z%1Gq-?}LwxPCW}KO=b40u>;^*`hR)eMPK)=@8qJMH1wF$EMif4v71`P@ds2g1f)W5 zGr2ZFjgS+nkHK)?NAm9HP>#SL&n;K4EGkS6M6-pQI-7Qv|=Vo>8&338H2y`3RiTig$-v5JiDKczG@c8!B|>B>DV@PT-_$ZEOR zA`d$vdC7Yz_6;o)(VDoqNlESe>qg_yd9{t*E01ee*(B`x$o^(fh@#;pzvi2AkhG8G zvm++;+iX4FINiXE-&4Ww8-M&q&ej*_IxQ;6x7;axCdP`E zcVFNrmG!d@gbE+(Y&M&vVh9+ zsoCEITPQ$30k#UGvw!oK(jV=*x5x5&Wi1krfNwq9WBtn(F`8>T+m@0OL-HirS}yFS z)^`%>2Jhv)cH}5Gr%=}u3;r|*eWQX-5vCqW`C;$8h;~i=N*3i8=VGnEt%#di>k}*4RFa!Iuq$g%Xh&V8G#K zaQot-o`_W>+2zryN5at0qI&BvoF}pt@ELi45Vn+@9q0J!ULIUiuV>F3DPml{TwTMT z-+gD7!CN4Q;rh_+@YHqqdpNI3C<)cdo2?1q5ZdK*!;# zi;?3Y34`k?dMTq>$EjU`25h+QM164fl^69<$H5EcPs@MaFt;jC-snn@dGJEqC{r}O z-X}D#YZ>AiHW87J#hD9TQGUc3(AclHY*dk3+|mCd2>jR<$>@(bEZ@JBYiuqPmRHpl zrZ6|w$-|U%%+d_r%#R}NktX%WfJ zPA%SEX`hpJU2CpLZMeD4hh$LAYx&WVJqVVJX5Thvh`PONqRb{feMVZFYxHopokq~v zJD!pjG;_ei5A{;j<{#bv(6xpx9!4w?Xt46@E$agu`On!Eg_R^POYCc76$m7v_L`At zW4*So4bL>)oX54G1he>^=#;O0Gu*pqKDzmSRzyi!v^u#;Id*alNvmeiW;YkrZ z+Uh<0?SbSey+Vuf6ul`6^L>o+kVWau;iNdi5HVtT*uW_?HrBudqv>K2n5W)4d}?(5 zD#N}JF=rvtmTk`<@ae4>)pD&|)8ovc5bml|E_=|fsn;{mk~p=q`;uyHTC*`K9nSGvO47<@$fcNSo4J|)w1KXqR&aV zsC^tY)im#PsggWDkD(hq@S?Zlv&x&~<}^wp>$KsK;SM8`vWvu-_0N*>%G+)-O3Q&*_|h>!Id4g6y=c!BjL)m;yjj}rMA45 zrKezj5i*X2Loaon(cN4t>25fcX>(?FDM(x2#bl{oQ+U2r&7*B&Wz>O=hslsUd3M9@ z3(wLTj{fx)l^63FPqyripxv&F&P`25PBw#JLFQ!3#4kr7|LvmxoqkS|d7d+o&u+Z_ z-uy&wwDl*!28!J&v;JOdeMlgwbhiEc*%vubX^a|P9!ccuN>5AEx+xJFhE;q)*Uz95 z&zwqhC+`@A^@B8Msd37#axHFNB|bA*&Iy*Wu0>ObAxFrfEhXkApsk0jVCDH5@Thb-Ciz;JWh9Z;r=0{H1R7S~^ z*;4IJaTGgcK#|gXlyacy2NK==m@et=k5hr;xgt*jr){lR#bbZic6H!a2sPhtqeGI< zLT8q9n5b!HU({1_8T6-0Va=n3tk0J1KP=&1uJ6>T*_NrnF|(7UzeZJ?#eWy|Q%Ais z)LFA+mGUH92E3-PxL{vwzfhSQpC>rJzqIpVmv-6qjvKUhp1-|F!WB!u-0tLI6Py?@xECXdh03Y+pJ%qFNCDjqY^{xzp< zO#E>pkziz_C9cSqg|$zNI9fpgABvpDzR4(pp6fQUjr%X9S+HedPVh%7-3eD*nY5y| z&gcOrvj1+YipHI|@;c(lsA3L4X`_dUM`xh;PXc=20?l@9^g2i$sHiihvq07e)6To* z=oDnyzTA0Bd*Z?OZp7;`&k(_k53^sWEt5$Nk^^>zRR5JzM(!Iz(}1q`)T>O z2{rwkn{=68;U0O9<`3HgJ+dbCCHXZ)iaSpE z_T{JE>$^S`xs^>!^n6TMuc?`@9RG1Gr1Ti&$RXxg&f~{V*><&V{45 z0>F;&1V{oRU@0*mkjRIhhy(T+vm+?4bdSWo9hUXKk!O#Yg9Zu_G_tn}Tf%RG(WCYg z+{w+!NmFw8%*_IqFZ%Jh$;~(0!cJ=uXF@G2n!X1@5=-AC2qEQxxzHH5!5}}H=<^aZ z#TxH1x!$+wPUmYGKjntBy>$8^H-{%pB zIOtbl5|a!|^IzVKly)&VTMMn*m!Mh zXC3d4&HEhgg6v+7-gVQTq;W3G7Bg=B6K{fq`*G_6Ri7 zx_0ek;o?51tt$i3yDFKwp^HuEk)M^*<{)Ph^5~Jq`YKO9rCOQQz1bsKl`JW$v7&Tw zU-o^Hv(_l18T;@gnIdqug??nt|E9t9D|0Qm-yloDeMSkqrTcQQmSG@u)6h`dbIpGS zaMKM%`Hp0fjLxDmorwka1aYlDRmM~F=ww&=3hS@rWT6%%?Ato%a|G-Db5;_`Es|j6 z3K^eZNWZUCcC@V`y_r6HY)PfH>t(=$?WLl%XB`ZuQnOP8aX1Zw#y7MT5J-ME)u%n| zlfJQjLv82$?L)TTKe}Ac*=LM9{G@`8Al0(`qwAL8&1_66BwODTtAdSjwFx!hRK;Ux z0I)q+6I@|6%Jv|19g>oqSX{ z_Jlguw3W%h$47{Nk*7GO7UrdN4X=+{wwmwKl9x%|za#{uPzc!FK7{>vSk^%IH;n~J z&sa!$&X5qrQ=EoI$$@vjpn43x7GnGRu7Oh~GMB>6cwN!;mAY^#`o zsWkW^pF7xcAn{g==kjP$@1f?16K6}WeL9BlHhCUy2uNTu9?pwO81Fw-yYZgbBd>Eg zVEL#PfT-X26TJ8b;Junqu?As2GlJi~(BT`0Ui=pn;R4c6ElfvYk3t)i{z`R80S%NM z(nwbpxrPY?9ErA}Q`nEb3XS!-FLz8eaf_`L4rT|Pmq$o}+ABJUrPCqp?}CNg1lZ zrw9mwhPYeaZ2@$XuXk2wIEQ%xvFv|y!;>%(*d& ziCa+n_(5u#t%?+1ZlG`;+)d~P)%8AcH&2z1)#KZ zKy4ZXV5nG*^kdcsp}@ayj48VQ?KMLQAeN67x)bvxAJe$LMQMh&y$()qz#$=FX^aHC z?yu`Z$Kn0GdtpNRv}l*VvHO^lWI_afZ@U_Fe}2dYC|L58+wm@GfB=*>bXgjFu}f2X zaF&U`?#x-mcoofdDU9Z$;FA2JlPHuSL=4$NRC4p4gCyx;I3)H5B8Jd=KL+2eqL|Qv3l{cCV;>#rM%+NS`H<^7@j zTAO!(WZ$Dv!tvxJxAR%uzncVG#|6`ve$|2=p#Lz9}dMqT6q7~pnrQs(1ivVLebn03#qqyruOLJ&l zWDn&2cf;{s$Dwo|p7#Yw)z?wLfH`m$?R>;fNYyQYMYp4scX@X4+H=w+NL(}wAQFVu z`O%Fdo)Kc&z~tvfRsuP4u9gtVp8V3THV6S}I44EQu@jmu>WlT9C1Bf(XM?V9Ns*$h zeHu)~AURJEOYmt}j<-K-LDY&1lCU7M+N8e-oRjyD)Fil&bVLV@PbeF^s`NIW(})O1 z6sdPp3)6*F+>zHiR|45GX-sOoEizspzn;XCCjADW4<=uH$xcE~r`C;V9dQKc(LBTF zZqngRM3Mrv@K&Lhnww_}owCmej*wg>cptlprc40pk`4DjO0}*UHsWM1wYXB1cPExR zJPz9Z3|t#6gEITa8V|Q~Qn-;CQuT-00CTe!Kum{C1B|(VOhU+T4f$y(63q!*v#`iS zdF+!;W4Iy{RfvfO7r#AtjHEteX456t6xdawu9mir_Ei+^WDt}`8BVB0<$m-X)~;O+ zI}E|KDOu;h`n+)DDeI_@x6PnAll}VAuoCzVsabUDh#A!oEvzdkrvmIDjR^o50v;%HdKJ{fP68R&1;phJM==Wm8|~lQ?#BoRWO4)iET&eP8mPc4yZ%B>LdqShj z{GU5B!LL&Qg-nwrB-okP{S9Oziz>QNZ3l|=At2P(aAuo9b7!vCtjIoA*+71u$n`Z4 zW)21(T<=h%lmo2n4cN`K+7Z8A!FHp&7blj_7HDr~Fhb}-bi%j6MOu)`}m6?;9*Lp-9r~uA1LUr*&(`?(hMS`lTbzOpkL_ zJSiaHaf;{QF5sdfhA?A&--~SGW{H_V9omWcZ)wrC;ZQXwyCLvp4eoltA%?*2o@vPN z)Arki?$$rs_|l(@4fAK{z?gYfDRuY$0cfs^5M>B+vX^uXw0H$Mx**>$#!j8et`?{N zser+%B}H#?G=QDD%8{-U8Xz49<5JQGUEl_X;YIIFk7egaX=rqsZlhH}FIV)=fT^*%qJEcM~jE%q2Bepn9cznkl>-F+ zcc^wfgc_A1aCvmzb->}T0P=T(i%@RxGKhoo043oe5)!8iFt~V;6D(q(-52R1X~kRV zkRy+tSaQt9QWwrHf-dsqxPu5)aJZ1{fsH^i^M0Sum6``5w8Vx8sdTw>#G#5*D^H&* z{yq~^ey@yEe7l;YfvD5u;m#7N^1J-p+~h(=GL>V9gByq-Z6f zt*gs@_RcOLCMe*$LFCw|<-W{v_qLvEL!7u?UhTSTktMVxPFX#u4#s~P61eZmuYbdv z4iGqq#EgM!E5K6%MJFu@Ce%l*C`z$xfi;-2uZ)XCwvHCgmE1*(4msjVUzcyUsq+qB zc*L%9_2n!2r-imQBm0a)4`pGQ2;8N+;4b0s#yW)b-r#+MC>~IDIeGad`Cdlo5pqFL zzs*bvNq3tLhA<*!YE<+BpaCnCtOT48K>S@sEJFVK*b>uA8GS@#D&#h(u}*HZz?AU?lJ%px#rf$&Mm%x zi#sXUcRnW1pHl8N`@a}?UZ1RhsA=yP&1a`$`MD1`nTGzI`Df5>l2SJIpourkyyx-K z+lt8C0aC1pL7{9s+o-k%)t2pnc3cn81#Vyg3iM7`{G5f1!h5JKDtm)M6bEXkp`((D z-bb9>ug&Z%^#T66m}I?Kf33?NVBeE?Qf3#S9ytiY+ozs&0rHj?^n`;EP!{T_%94)R zwIGL}i{jHJGk=_SjnqMI;#~+sb62UohW0HWxboRm9XoH%2Avdlop;oX?`t~<5PqDm zC!y_l0Jop`{bFBlD|i>~aA^{D4;#O{i*5W04-h?VSi$7#)d;U~El-A1LNXfb27f&Og-1IS{LTsCNF4~lZWRK1ln&Q8IKG;`+;xhN^Oxs5(Pk<}ZEC(s&rZfCkx7v30cvNAsbuGmX^9&ocF9iBQ(*(^nchVHZI z$asjrG1Ed)XHJ|66a`SUjwa(vg}R8pZnHarg!Q(aEWkJQDw#$~g}wkNqMJQfxA={V zhEfIAZGUs`^12~JqI@Sv@K{N_<3NrS2kSVty;uO*iO>zp`n%}x@DL-?6Tt8SY-G9; zq)29B&h+m(CL*F^*_mY`0X*tD6ll2}exb)4SU3>6|L;&}>_9~=w3l1ji{>r}A8^ZJ zkE81T83>sMTc5XDtHCz;sCVi)C-U*P9G7iGWylXMIXO$^!wFNBM_U?SlApAPH?*IKqn!zm*?CD&0R#CkmgrK4|7L8-XrOgJJsNt_^81S4?Ao@ zSjNkT-@Bx$&+aAa`>^(5+cwNL1#qhF!Nc|^o<^fWmvU$`Wxbs~;;*^6kSAXjP9fWL zv)~a`D8w%bXf-0WgcEr=0Bw&ybd`fnmtj9&cHjsMXnc@OFf%{1;7hf6Hv&>RqMj*y*J@8 zb!tT0;7&_`sUhM$^FkHHVOM|rF9&VYjnm$QA_JKJ59i_1;&sSq6gH_GFzF8vAe;`g zb^|;Oi^M=bp(_s&xP(?5R^|jP&0Vw^g{+=)TB+h`F@MYk_B@QuSKZ?E!2@V)p;104 zs-c5lM$nMI1PE-F={U>=bi4sb*M%9G7=rhLLQRL z>>2n?RyTWK!0@&2hJURs`ArZ~t`{pwN+-Vv$S%=Pz{)kapM-M&Q1PQ|Y_CGtI8cOV zxaX2TK80Tmht6q{a*wQwhjY6Z!BWJ4>A+_ZP$b)t_`^2v2#?3g>_b36xyC6h+#WxK3QE^n0j0*F@3ks<;{_k zCS$l(uiau3f;!ME)%?5@uq)p|3kEK$?%YQZIKRty$l6#-MMY)OFw?BGVAG!hvVw)4 z{h~`(`%YIZr9}fQl-(!p3KB2rLjd2V$`&3kIL$|NwV!i(H95%=2-$eY!bWnoY}-$K z9FEO$1-XD(V+e1w@cWQdB^jnPaqBVMC?o_CaZM}Nkazj(1RK4PzUQ+m4AmlPz$1=9<|xg5^Z>V-nBC%lsMX zif@EV#nS-|=vbt%R}J9g6r8ofb(o#TxYFg@O&e1@o;s^%Yw^w`zJYF1gZ&Gi9vKa| z7vZCRw>78HzRX7**+xcMx%ylP{_VN8qEsEYQ@bM)ubdbL8!BQieou~>!JZsLxt`hC z*+n{EF@l_cw>L_SozXlldJo$OQ$rUN=RU@D@Wf@mef##k1#OYl^b;C=PHP{pB0$17cwL4Z+_%QE|>8NPWV z_qcIryqUgP1n<(oyHRQKwN$^1|NcM}A zM;OjQ3xsIiRdC^tp|$}r{N}-Z8+9Z@RRaK1f_#J$2)&&7_5BgroFX0{3jDevqEUK4 z6NNc^_!A9T)K$|%HxNAaj}5PrgrTixvaw2`gTHozWhC4U_>v*OX|;gFWR6j-A<#ul zB|Kfe_!ojp_zoC}2xuQUGcPt35rz{UaC~%Ty{tBpccn>U<;Qe>?abs;_7O_2ynXGc zowwaR*!X(fQj)$Hnptc>*afMG!9d!r$8RHAfpz*JoGL@Q2QH{Nfekq(uVcJX!jGZS z6y?*16VR>5FSGIB2IX2%O=3y1xBV_?6}E=*gW`G}|^`RW-Gct{^?`@x#17S;_)QlVhzs5=#7dX?Zpm&3KYPv7tgnf7Hje6kPvZzFz3j4NwCujakgo%x}t>FSmj8O2=1J<9qmD$(> z{42^#F7w;)#?k}j$dfXVSxP|wagn8~0Lzv?oc%5rE%+bs&0gT!_#Qx$A!=2=C3%Fr z5jZm>aoPiC2tB%U2sKMf&%yc`ZTf}oyNu}SP=#G5lBgI>j^m|C z!3OXLOyP;an;WD+35If9p+~BY4fg4AF4BH9%CE=ZtIX_d=*@i+NY(wI>D|y@*i(Zq6*>)7^SYMd#6TV9;Q?0dTC;9s?bZNyD5^CII)EVS$9C?0!Q}&(^MTe(r`Tsee!u zc7niU{Y|l7x`(}q(bU&J2F>$AIz*k0W?#Re*ON|*-`+QXX^{zO7-T~L>L?F%|D*r< zkCNMA?&ce)bqSCgKqQ89a6$|mFf3=VsNH98b4-a_Goym4VhCK7@j;>Zk_NdS6=H?X z@1s+Ax4s6_AUcflP*0$hKcPuepi^h-194#EUcVs%PZ67-2fR_YJptD@!f)U(2yh6rMwl<`_2#9k1ryzbZUjFGpG&4;$ zHW#>Fv7txZ=6{^XPHJm!S2>WHoh+F0b?L$rN(XV`JCuveU>Po(5@d8issbMMmA7e) z=I$e`c`xEoEuZ09YthtT!1+t_tN{m6m9u&$WXR7A}be#9IG)TxO$ z&bw{3<8mY8afc2Z*%edQSK*LaP{4ouTbDKO1CgPK^1ge~m`iuCoS|)>6(psfg|3Si zYclzS9%(D~!O9Tv?Es2M2WZr^i)(VH;T$0~j(gyTX%K z3ATei7@NVQ%Pn-IF*M|4s$cYGX{AM&RiafX{#@%ZmNn8(J(g!50{7zgYoucr=RLki zg~cu;01tOjr|uqX;(Y=KHcb&SJX@6)-~iAtO4G`}qKNJNz>Wy}kiss^t#?< zqXBWl+dn=$d2u^@mvs`PPTFd{yySY)F5u^CgW@I|x{U__>izoC}_&`_JGh!bt?3HDlJt2kv90m`hGh%IM9PrOK(O9%*EeW4g70wN^{PV zOV4~Gv=v9|GYqR;VZ|L8Ph5ky!0aayM%(!bF5HSBw!zjZfVJUpvcR_tfUH%2jV(xy zUXavKj6c{}Vx?UQ{4-HObgUPR>T;32+8AbJ{Tr5J>)yi~80Im0pn#V6cyN3?A4>KC z{QP3bTkwJq83=OOsWT$K)q;JpNc+&8dP4i3VNAfc*yPi!;g4Fzg#=)nAQfaSW$3G> z05E|Hb~ZK{Fb6W)=SFq5vviRDCdRs$;!O!{#RiTM$-q$k-rRbJ+i)e z>BQVy$tTdFLe;K(bV2#%0U^hc^E0M9|A7f$|6wT6+*PPk;oJ9Gkmfj^C1scDt>@WH zBU@qb+QLO}m}ve+%hvn4Eo z_TxY8KhLp#zD-Y=JSzN~8GiFDrnS}#v|>)Ejr>y~!a?HbvMl~<7F98=eEXJnh2qJB z6J5fp znh%``9)`tyf?e}#|F9?i8TY9W`AQx1TcA&0NMPX3H&bt@@#FAiqsa#kf&1c2Kr6xN z+bVt_uYqV^gos1hwSgLgKNNPNeV5+izgLy=B`a(%`$FI1puZ;G=6Lyca1&^!4c@FLZXiyZOmV z3qM+WEI(NcC2}`4)WkL6()Oij$RM1-y2mhsHOF{vp;*V4_dHBKw6_lfxY2p2yK_Qm zgX$D{GM@HQpa}pFaI?Dhv>qVbR^^b;s`r;kRKicz6Dq&biE$JfkF+q)Z@2i}rNC!{ z;=>Vi=u7bH@#mjEDm^E!pcy3QEU@l96)9vDu5$#CF8II@5DZFnP3WO{SuOt@nQ{a! zn4nAY!awu^l{*9%g$~22piuM>+!LApUHFC`Ftf)mX@l8(RYefYZS%oEtVfpF6G#WQ z7I{P+L`hen+H2ZTX&rAf@aFd=jLji-Mqcw1EuY_N5PwEpha3RI>;r3fk>0!Vm!Pk3 zp=BqxLy%2>y58cSD~skHHV3RF?%1;aU-?~Fbwh-ju^b%1XK}qvd?E$R>H%NcxP%(O zr=+Ip)P(Q-y+9eqXq3>%-TxUmLE;ofj$Nek{v%yPrtJM&ruG9HjWzQ8w8_kO5MIhv zAk?%ar{j}Bx}VSR7^1uDf+A0adQNyiKnQ|w_+Y8d?M1GFYd!x>LhD9D3u!%krxI)e zDX=P7K=3pa9A~i34*_-nCOKTts!Lg2LxaTR+3zkmNqg@K!pR9}ip(Zl_c|k(!SyVT zWV}ONfGGg%xK5>GCeW5MpMOlWQ@q8shA59q8j?_7;4N<8!mqLv&E2EHl)IBrikOt~ z^_E5&-U8wvqx0$|az1FtbLt=}z6zRrPX~R@N(T4Lbk$hmQ0R^l)IS#y+%lM=V{&nCV5NnzZB3ouB@gR{Nq294P z43}jJTz$_Mg(AjU5^r5KHPsqbM}GX^%IM2&ga;Rc5<{FV7>X`y!1H4JVPdEDK2M`ngM|vIQ#2FNUE*|!P<;Yq7A&?cyj)ogztf^lYmQg<(S1*lLGuwvKQD6NJN5Y%RxX3gG0ST zeQ9YaBs$uv=2M}G60+URqzC>nHJD4A^&djxFG2SKntuVPpgAzlsMhl&$c4<@=zned z=LQ2!9s9oPZ)*i#^a|gBnhOG7ATuVQYrtCqGKUJP zs^J={BCm#tcW!l4z)$*JsAqGZlFa){+eSAu`JW3AC(#4agGvCZ5VZZI50uR#G-S8` z3O%FEcn;;VV-IN)jt*N#3Yv4=zy!mLE^ZNv}3e98>H`nb7| z(ZtZ4C+g3d0tYyse;FcRSTHrL%mG4h1Ucpsvf7n&W(0SzH@1!pC}YO~4k?=m3T!9s zK4T$yMqW<&;@>T138yFP<6QwlL$ZyCwZMK*QK!beV#y6EW{u7s1TD$&qZ5Mp?!5N$ zAmLEGy=ni5$F;0h|8e%O{`x4gZ;XXa7&Tr)jc-y_cfeY4f{3%@C`gq4CV$1>(AdOfjJI!b3NEGQyKg z3Kb6Sn?hzU|M_bFx-VJ^Pei#Xl?fEDVB6NA%Q)}*&VNG4B-#wiFx;OhY88AVMEF%u zl0?JNwAud8aGsFk43Uc2MZt=#E{N!~_@b0rilu-S;bPuZz_=q3waZE0FBATr9BKI1 zQ8w8Tt_kLpPYY6Sdo}d7lW-t3s1fX?&S*lf652u$gAxVG0)v3ioqcq4=+aQ3%FN6R ziHkc99n(YMe7vi#4=6CfR{{U-JYQ5>i_sNOCmhgSEDCW!_lOm8B2OGO!EzQ`_iBMy z%dyzz|FI2%VOo4~)`V%8ZNx&9`+)TO_0_$`fDH3p1}9Kh2estDA^W_4ZUa(xR26w& zc#`v<$ID*&_ByEW(lcU_n?ElJK7MSZ0mX(<=xhzP^Ajbqjkw?a@!#;q z3X5SUqD}_pACtzRFg~b$3nzx=CJFvy=Kt}FHVy3u_JrP94{+^Htw zI#rabE{J3uwl?Vh%ZInbyEtb5hj`cKhZl9hAaxI#*!}%304G1ff`;e!p`k8EU1g)G z-)V)H9ozBRW`FQXK3yDN)7#e3KjB**V9Ogz$6P-w#lw9lR;;Wn5^=SjQB6;{w@ zx22L(_Xs@TxMPQ6x9;yf95gj5@itDSB?)y^RuVH_d|K>zW_<_I6;MZkRQrl3PYJQf zK$go&W3;Y!6AK_A7mfup7=;>4_-pSbGv6b}EKT6~399pC2 z2?afM=g-@+ll5^-AOs1ZRc4T0R8&$_ZimQGAUg$VT5)r6Oe#cg?gB_;A)Oa(@q?iC z`uhNXE=M|9KR6){AydrMR037ZsYQ>9-=W4=(phS9l+0bq*DD_5=AurKZVpk@Z!Z5^ zlknCCt5>DYwY=rwlw*+^Rt-i6x$W|!FD5Bc^v@rzM1Id{&IHM+h5dAzKw0Rm0rIKd z0%4MIlbEozp$cI#O}KxvCD=em3hL>|Nkd93ajY_!!R(U)zcnqtipK6NX72sH<4END;3VLb6+T4?p?GdDXTROIAp2)z^yl;g5Y!rxI06qz zej=6p?@ZR%djx9$B&$8Nw%{nV>Vr%rF)Fxz{wm$BL+;@6OGVgAG@eW4pO#;SuS3=v-O=C&J z4<4sC9YIT?C*YNfTgzwkq;!rf)J=m z5QR62czKO+AvrXJUAQkYbO1$rt6%#Z8oQzAA~Rq0V$w04N?Zsas=;G>KPTLW0r_`s z+l?o3OkqR3x^ERYVy{jii;b#GC74Jz&?ba z2G&M#>nj6nyy6CVAT~3-($imdafl46A>JD(32bylb}K$P4d|c2V*bAgPl-Kt4w%#i zdP6&(P|$9ym0W(C0i+2jo29vY6R4D&gd{$Yksf8Xrz!B#y39U#lLBzl>17a@2Go!8 zqGLT*`djaB_XUjGpg1?!BsLig5?N8fmQytzLsk7CKxHN}>X1F#GAzc%#__(?mv~0R zBdrs(2OFxVs;4AG0IS;QB4E}KEH+tw7A`2;9zI?k0jUpNyn5fK)FiFryqwBwklsVT z$4u)!6HW-~p)+Xc*#g8J_`UN;p=&BP_LXVI?;jzi$|1Jdonlin%C1vxm+1a$@UeQj z>XC}6Pi`jD-``C)3lAJK>P(Spb?P?cf#CKL0zxroR++@-rBp6wWnWdh@bDus|ExY& z^}Kes0Y|QGSvb&bLGTaNU!rX)6=s*TT%r8j>31bP{`zf-#M#AmlHG4X1$OY(Zb?uV z-8WOgrW77AFMFSX4O-Azhk3NB-QJD_*r3VeVQC^ z$+ftKF|Ipp>PkiLlzEwyvg3^dGX2wT3tSGMWT%%h^~#^}JhM>o+23uKS^i`10)2>^wzqX;tziXIqM4?5X+gbJI=as!md6u^bEdJVsx;C}U}BJ5{kT zl6+tB#qHfw6nT@N;re4Gqn=xz*6xVQOWIMufUCTb>{c@x)|uOtl69h#-Bm^fkPqAx z0LmlH)&WQZ4F>CtrGlSz&7Y`*fzUtt)%iT^Cz8yJ-~fSS&(%lqDWC~t(mRLL$1JjQ zOLeb|0hk-B73&BM3{tI2`{!MJI;OlfR%T!Exf=)ZE>KeI+rMKQ%@Jr;Hj8u8a!$kf z$!%#%n+lU2n1wbDiS=J0#F>_XxeA7A z?HFuA05NeU_gBlPKl9hZ0zdE9F>eReL;SCB(wJtS4iG1ftXVI~Puu>&Qf?V7)jNJLzLWaku$Oz6nwQ?Zrt7t^ zn|#Gm-q;x`@{}mApvK_Mg|;U0!Ik)zsQn%$jX8@CXn}fFuP@IoHG4@|7q`le#!Puh zQZq?Z4e!i+a^;OFWLRq?=35___71LrkWrCCY}YQI%VO1Khh45ZuXjAISsjd%V|^*Q z8f2>sEJQ`g)z$}v@$`G;`#pQDN6Ww6R|0u8W!Dw4Pp$2r;x|@@XCpP#cr&H5+OAk7 zb+_ZlX)=;v%>&A#*#Ask@m=^?W`B<$1=_4I@-UjWa06y(S91q33b02vfk;kUEtBVI z1FyBY%%UQJSf}}q7LeBz*H{~UMW0^OEFpHp<@>|Y;Iq3FvbFM6YinlPX0wgfveHAi zZPpuYJs;J$ERT+USg7Kt{$awW#CP)nBlT&C!>SRL2~SS?y2{W7OMQos=f+jSV9uRoC?GgnSbIC?@#B z&%DJS(iH!^3#WEMoDWXq%GBhfDiFrh_G49|1i74?oaR3Efg|z|Bpf1HZgT6-#NTA; z2R%ZI?->{H*5%t%^*8%GZ}dB9gG`enNR+xaf1_1@6_G@lWj7}jUb2$?{exocy%h=? zb6(iJR=H&#_x#=$q*=_6a=o2(YICEgaJOXm;2s^nV?hhE4Xt7_qb`i!-8`hl@N=4h zF5ts|4;g0&5MCDzUih{IT6mkF0>#&xEAtlY5ck0N6~|4xqYoz2zU1)sv)+IbhW~FV zo6EXsPTMKrlsQ|d1a6)(7Z~TDN(p?Kk1W_Pq37HOS^vx%W&lRvp8uc~Mu;DVJsT#t zzSI7|PWS^$c6gtICHFUtp9&8q*s>>8=)~re24Mq*33sx<-!e#HF`eYuR|7Xk=niLn zx>`b3?$3g}4TD$Ees9bVe~=Lg8_l#slx1_H<-*SvkGo!OJ}HczMqcw1?jHQDIVp^u zH7Df6<}6S1!Uz|Z4;M)0@A(d2YyQF2+M-zasT#yJOB5 z*Y)^xAZKIDEM5i7FJ~pSFxtb|ZxoIsWb#D2(xIp`7Cq&4!F0}Hg$;?e4swpQ=g&HPS_Wfd40 z;gm%r>#fdh&0h}Kgo|7YTN8Yh*dNQiZhW$7&wt#Ri!V3Wm^3wh%`BFa3;Nc93XFcc zF@$qNLKA9cr1i9SYrDS{nYSk8uvm_?B!0~Qb?~&^B{e6UpZf7X#tRJu4CnIRX=pV1 zduHlpNGTI>I5`hZ<#j%BGsUkrSsIv2vld*)N#nw)cQR6bV?Ppo^r1x zkDFWH<1Ll%wRvi-vfM`DV^2ycr2%hgl+2QKgN7}TTkb>A=0@q-MfbPhwT}u<~5q~&QhPSy7T82 z!X`MurIuUNWx9DqXGGQY5QSp1EISzTeCr@~Yy;+QR?GB;5D-WsLGU;}Yd-NhaVO2i zr+eVFg+fad{%j6&YIO7F6zOc<31cjnh%Bn7s!IFr@~%u)%{1+a=bo4c^~H3Gz3id$ z!A~hVE?|G+*^Qa{>xSIldJXa>H+qILP_HJ$< z7?!yW%&tRz{>QDOM}sNwL9N(TV0skp(eoY8^3Ti56TJTQrJ(V1zof|6|^AL_H^Gp+pLdFacB{P|4-nHFbZujs!@9%y8c>j1m&tHXeu4`ZW+I#J_zU#Zb zOCNl&q6j9;4?(jb0khGcl*@vx9Qd2ECw!G&+y`5J@T=-Hu!I4+&f75O8ODC`6s-82 zkv~~hy#Os;n4CWAn=`8~_ZTjBfcMy{UqKIdsAObZH4ZlATkt7r?(9`JmHu{o4OAYI zur2oIia?#}ZB{P?7)9Hvxud4><7M;3fBm>^)og50-q*DoGb?D`r8mL@ZGHLorQZ#g z(p$IcacKP5;8JTUl2%^|M!w;1BhQ18+X*OPhXneYw1=PLs>O{~^1sI&iY5W~w@dxU zBmnmH_mTI)$ZI}{uN=i_HR1j_1^+Sb>*wK8#Q(cVfEoY$$Ya3MRX8?Ay?TlX|D1yV z82A5qd1xK{|L5iPGv+Kzwp=haHm=$Y+AP+SbCy|6FS?D-25_Gd8_d`yw|d`f(YOol zV#4Y*O0uT`eiWY!TPE}ooM6q&&W;7M9u1|MsTh#6yn{%RXct13@vn`MD2IC2n*tNP zUx-!MLZcaUERL@>6gOXqqAxN0{Yz|=Xb^3Fm|@dZE;-D4#9&!2WIlXK43R@m zZ9tW(*bW|phJ#UE^IEb(Jc!KJPP*c>IT`-9U;X6nnu>7&mM0nMF z@az|@##RCX^zcDiaA4O}nA@zH$nnD{S7ZkrjwT(oHQSX!#gBtdT12Ao-=9_%Ic%eS zETB2P@?|4bSGAuo!scrXFDg{M>A5R0+zuXa2kfXSG=1R#l>^n)dG@lNz>yJJsO)oagsb zghx_&{Ni*QT!=S0%(`D$h6Je-P6=T15eGV!g4#@?9@Ok{8BlprWOp+BF%{#6ld`=!9>P2Hg+QiN)=1dv;R-C?fgmxwx-_m{<(xe-Lu& zi=OX<_^sKxc)_gZ>3JGIE@hfv+7kp97ni;T&iR5?H*pL?W~&xOSJyNbIQZL%B%BL( z+yO#Il!3kDPsPX1X%(9JZ=o2Jvr;@>fpm+8mzDGE7n=$m^X9NhxN>#d=SQCOdx96f zN?}@D`MHGVO9TeL4dm&2OuVY8)6@%wRaStI1KMUEvB&%30S z6pwBecV>)VUS1xIFl(60;;VY&>)v3@9)$0MIbcXVw;qeh-up;j%7?3wErUCk9`6P0 z)NQ@V0W@FA*GTJ>B%g)C+=!hu17yV%LUIZ1siv%y&Q?}z5eUYBDdv1yAB`>GdPWY5 zMrIsBWh$uRMU+mn5qDcBf#qW3qk;-KCsL}bzQtE&qUy+$d&Efv4*#eA{F|`na|2{@ zMtA3a%uxO~AHGE% zc;xaGY!F~MF}h>d@8!d$5AXLz(%sK!DXGE#wa)Zo2WfQy{QOf_TL2q4K?gSRHB|-} z&cCNT6Cl;b3d5_|&~5;rF`BtY7NNpg2o*k`T7FtVg|C5$DLEsAP+?Dm z3curLIe?9@5k{fI=kppfrK1QHZgk$k03R@e|5N-k+_3lb38BJmnL+~Col0Qtafj>K z;IphJVe+H|CxxJ9+z{d&R>KhQ$G>;f zzfAt|ZE><}pxGKZ-ZoWq>?fIJLecH_2{459tW~aMs68U!1Zv3-c ztYgtwNdK;GsG_Zfba06vct3VCT~A}HT!(D?3#JsUoiEI$EX}5jKYm(ppm5lA_^h={ zON&B~dsN#EI67Y-A4gHRDOx4=Vk`A5Zj1cH*&pkFFQPw4ZpdF{T=_9_9feU|rkhc= zuv=pI3~EB=T(v5aQ zRgOoKL9+e@N?d7PXPVl6E0TdBn*ALs=tz!v?jU`ElkQPu&>$}5x=b@bU|yjv``f3} zo)&V`O#(+GP&U*vb(;pP<8rzch(b9TmbK1_D$J+Uk`LD+5w_?-$E#i#YQMTb)}Ys` zsJ2Ex#M1C_J|IEY3;h&y3`IZ+(S0(V2G7ocpM=~i*xhiED0d^jxos-eqlrwzcj+M$n=piBQXzy77e{%rbCh z{@h|D8`!#Cw9cW}NpzB`o<90k>Z8ghWPDUy54kV8s8XF={WH{M2r`a!v1yd(9OSHd8Q3qUVRZh zLKO$Se!ptk6M`?{TuUeB+Lt8fTnYX%&qvI?4^lpNLKfN?^dQq+3|dnMFMd2qNo{CL zODUGd9#c?~db4t|ifh4Gv=y>(1+627`%J$(d=y4WoaP}=EgQZNt=l^gr=hLxvar1uA z$|N?F0Yvt6Vk*UbflCqmyp}gtYZZ?T_6~!R&YAY<(qlEC4jvlv9H+h64SM=5pZr6b z`AdP{>(%u`7J)_)3%WM3U)p~8T{v$VQOtNQ6QwSbGMay4pkmxZSP-J1c!Sx!80pNl z@v_I2@F&9yLGZS)gTea!$p;3>2r+BPlYkyLO-@RwgWsSLlUK$_>CV`_^WQc=4>CVy&hq9SphN8rDdW%E=MT9IL35+3 zH-RUw<2uUoDt*aE4mCF+56)a~EXbne6^&J1e*W1_(avG}?4iTei~SEp*ms)GOP&m- z`GC6082MX?4HwvEF?2wGARoKI%*JGuj?Bp)QCqpG@@bxCHJc?^w7da}#N*mQr~m#< zGR;r+MB3YdN;#zt9{O|5jcMOFvIycod{5PYFl=qiQ@tRlEeu#_1^_tpdgp!aEnahm zuARExzFb9K`WxtX_=fn@=PzvrT7v21KvOUH#FbRVfpUcCTpGbBm_`=$`e5w1$OMy8 z59=LU+@4Hv4s1A)2UkN0cXl&coMzjKJMF;*OWQWoS^wI@nnTYm9ut3}#$1}x+au(3 zJYN2UEWMdCv<(bhr`j)e3LnY|zCn-Jt$1j|el-__I@9}NloZ-Ef{b?1v6O1+Gd-(eNNOnENdMGQ=9OPE;2x0g*zEl60RUbAra%w#r%;l~44kfuqi&&u zee!r}+`3mZ#}IZf;G-flfwKGc0;&Gm)G{7YQ|o=wUl{Zk#j)ZK`I3#l?~4BtGz>zO zHcY5D?V%PX>#lNtO_8nLS|w@@jPDD^LWT#LBCTCXgx0;66z}kQ^n;FRIptx)rs&Q# zh=r3z+Prrjp2^NUXcw2pvvEI1U!jct9WzGZl9Z#dnJGK8gP%;m ztH?6m`HrTA-LHRlbcrqF5t#`Mi})Q2@1{~^E?$~@mvb1O9a)3lWoV)DXfkB@hVcWd z{r9|Pf}Q)~pM7dxDEmYeAGt((&2TL^E3DT?=rK6LcN;hz=b7Fd!B*GwI{uZS7|9BXlx|ys<03 zc)p9T7n*a}GqKCqD_=^;p$Un6!}%t_@Zs@83E)Q$c511!+1IJa8AY76IKf3={{g?UCIj4(@BlFNNv)eXTbHAhTH&ss`0^ZiPOBdBIC^Z`Vo!6 z;h`F}DlD<~G@h+4`l(+HEY9qRxa57jGQ_ztzb&&=VkA9|-z&X%wol56NxpuzSbCxU z6gZxn?OibkE9fk^aytE{!q|4A(AGf=!7~@>e5mr5X8S}Wb0J3v$eT84o}0+ggEpG6 zh_BPqJYioV?3^m2v(J}Ic>%qssr)iiXv8BsI7CCkLThjO{-)Lo7XgZV< zJMut;DxGH>zgr$xy5oDV?jxM`gp3AmO-*x$s&{;fbljGC-Rm75roe)fF!Uk6xQbdz zhGjC#A~(jtlc=L&Y7eJqEDTGu5KijKQpWy{L(%vCscI&gbLEuz&}wlKGh zKG=1f|5K=h7+u60{H>=aJ?en87GN1MRWwz|M<*3I+XK0=Pk2XmYNyw9dcGkKw%g9V z-t6YO45JiK8#B%1o$H?`5Q%*02NB3*$>f9q>govmUe~ zei=&t1E807gtL;5%ylxHCUFlm59U67{M*g74Idau3WS9lW6#?^&i1>?)DsCiCnTlt zMf&>7Q1U=HJP-nO7(;9Rt0GMR&RkrWb*5q;Fa+nGsh%XwAAB}C-!hU z55unn@59e$m}&&E;jCiOz6aI}-rd~b^vZBhcD>&gve>fSm9{Vg4d{&F2A0;bh;5uE_iry=HI}`YutoG6G*dzfXfQ|SkBOrX$J^7u_aeu*@XP@(KYve+^<5rn@*B?UrH>pvro zJ`O;1_7^3i7yj2hmgm%DD}43|ceE+?!p#uJ(IZU~#_uZye_L#LcMp554}dRdmVpz{ z!=7L_Y#{r0jfg(7>K@BCRb+?HKK2mAGE&k!5EW%AH=xYGD4><)?Lj**f<^de_}hal zgHmi6u3BKytL}lu5q<_ftC;5d0?Vw$dBEahDxXEOvAuS{}t zeE-d}s&ntpJh*RM2VXI{2upJ~?8)EKf#0n)(-T%BaLmnuAz`vo@j~NxyHG(GTE*ci z$ZN~9DFrLBJkjrc;LcL!mzJS;SmdNu^!>j6`MB3&uIvoWKa(UR6P}7ct|80ByZ(r7 zea^xL-wQ%?Uit)+P1q=Akx}bUal}S(Y9kuO=u^j7;+VDO+ZfySz0vh&_b4X(Y!6nG zxMoY1R;VYODimE0WzDxy9Cc$2L)f1qV)I=KZ)X$J>n$sWgI(E6+U#?RBM;fI+F@An zcDB2|%2eKc^!akI8rzTUikQ$?kp*-nvy zc9*ZqJGu+*U4E>N>i41xuZQVLT3jC}h5dq>WCqO7AyF}&rN-k659RF%#iy;1v5`I| zwcPUjF7}kv&S<$~Gm4fwLClvt7R7$EZ-d_7 zlAR>(Nr>W|AMvTJ`|79!DI-N@-5b|tA+$9%EbMM`scp9|6td^j^2-W5vd=PqFbfgt z`<`_!Otptu~n95K6l*M;AWsqfZ3w`|2{r{5X3j-4_L*@Sn?d`qW+paQ{D5 zjC-SVRDz0%lMjoAZc69Exo@*h0*i)B_K}>aRh9H}t(_f8YU2$DhT?78ZEd4mYugtC zLa)z{jHfiE*MfHOlSSu+3Df76S!ej1KYP`z-7FbMlq~Fezu%>F?m?}RlFPY}ph*C5 z>|T2?zknu@(T#hZO(tD)+@Q{*1^}qO@lJ`!_n&q#+<`HzL+qm!zE`*oY^2;V3wr%=-gAdee;(u9`#N zOJkC`E5M$tmZaCA~uEB|hr z_xo}Kqd=2QIy@Wko|iWpT1o!_Z#R$#9rJMoL^)i*ymtGdgJ|cy{WXXJ!IRzkxXoew zvv~o-W{Gj-+0QfGv7qb|g8;+A5e92{kk&aLHZx#c3ux=JL)OKvRSQzNJ&`D!ekk7Q zzE%VsCZh+yw%3~Npu^VfQDg#htz@yC8s~+k<;{%BDF-nghTy=k@`yNJtqhZ%fc9#P z3!pOF_RRQ&l3VAtUg%PD9vxhKP9M(JK!(=2;n1zPT-$D_J<^4`klygyo60NwMZ4-Q z)M~en24uY5BsSja^0|cBxMjL*BCnsoN`P<7X2SmZ2tH%kmpmZDS zMA7yKo28^%>;9Ch3yP@N5V~txPa%RZok}mlm_baWLeg3kfPVMIc|Iofs#`*Rk3R~iLec(Pqj(3hq(;pnwG=5F5z>#mi*J~2)q@@mibNnJ`muI z{d?K)EYFWq!b3dwlu_}FVzV9WQ^=dd)E3Wt8t+wd#RDD5SYQ7tzzp*_*Gy-}dnK&P zhLiK~C^6ML?Q`Qmh)bJOQ_}@hVK^{HlT|bw!xxiXIB02Faete3&jWsF)50nPrwRv` zQ7~q5=HXNs%@>xH#SW_wX&8x!lv#-@b62t`$&zO(J`#)9XUn7(A3b#L*LG>> z2chiq?z3ZIwW-5yj#>Wgw{3q$d-3LRh{^R4H|z}#IX3aUf=_AKwaTRil5hcw)3H)U zQeH19QvvR|E^FvPsXqW-M&>}xa}jLK7{Kl(tC+1s3-eT&^wFWZsT?J-g|_LfuX%xW zAL7)Y*&7Y;DX1DbHD8CaD?OK?CV@&23waTyW2ce_A#p9}(yGoo-Tm;S7WBK?wuvkk zRsuVxDQv^0U4b6jkR@>%`e`QpKYS~)#taEG$$-Mw%I>uE^W405v4B%z?4v-F#I;ER zR3JntHBCb)k^vZkZG6e`SWsdHdxFB4VTG-}PXO+ic@hOT!0P)K`_mlWLILCNck=(# z4TGcI_NzCF&br_-<+yQ-C2BHUH zb~~+*qev><7AWQJ1`7UXv{G+4u^u%zt;AN}*2e2=R?sDAfEfZ^m=60(jnLR{`99&- z*0K9(WttJSif%ZOmoB&=fTKSt+p2ZrpJ-&F`b9v{O)F1rhEcAMnO;CiVU#{WwhAA; z1qo%5iL4`yh&iY+W^8weiDJ0f>%{XKlP zDk=}lIiP^};NxjxI>{H!>H+T8=wh$tphEDR;@!NNpU)dJq(T^>MlUI9KZA+25^%~Z zDUkp_r60jlqS&Kt+z7dE{yNrBg3P|5`5g8fxNRI3E$V;9_llO-ATLhH0(YXMaf=KX^w$osBf1oeR6guV0g{l4GkrKI3fq-gATw?`m@|&3kT$( z#YNhcKfXtCpmCy2*W-}v*ox+Y=4DMz`9Aw{&@vs*u@1( z@4E{5kT7636|hoB%Pd1UVpVU4sy2g_t_9KNW%?9BHGFE)weU7YVKRc}_bP<)0`Mt? zmRO(f!`5LRRpBWP5}`g9k`p8rfh*C#+6OL{(DVL*fpc>M=}N@8Y7vsz#__g*Dkj%@ z)dpVdoBt{-^}2ZxZSb#ukiMi1LoIXb&BI>qmjSOfeRF4HiPX3ARL8e$k?gw2NRRn8 z)u#~zqjl~A#s+~sckwOtmCE2}p^&FxaLEaag+5jOAWNX;p9O>pFhIYzDM=Q=Lgfl9 zs|yB*+j^i9^jPcFQzb1vv`lRNGG7}jz_Hh2U0i56OUXLPy81)^b*K7ut2v+qeH3#eS|7}= z%-7*Vs~(0X0~H(itF`E0n+aJzO(@P-*L(kPs62|?5n&mk_p0U{f+os+@UoFN1o-bY zpgo-XVCk}IuGdf{At1-!Us!3?P4MhjC+gLW2hW8`7P1eTBFA;bgeIYr$b%@nnhlLd zg{C`VJXeegMDY9IM5E)$ieEKn%0)2r8>e_y%r78y&M=J)+O`6#XNVrY%5r@VcATJ@ zHA2B#{`hK|@GDQ)n8K$&39Jl_nkEBPD%7|CF@|~6=(`8ta%Xg`R^8#IGz@r@ebqQX zU=KdEQNwE0O>e%kg$N=A3q6--O#xyq|C?Q_m)GAMTV^ z%U0O@2QTJgk_pR;w+h9Vw5uLx3kQVpM5+MoRqq<6e{|E|Ms5cq@4XWG+f7}*>rGnD z;ngpV`oG34j?O~--!AnZlkhh$0FAr`UPa7vr(3J9k6(SLqbc~0asLX2OC>Bn=V1@W(!x46y<;`%x$(6jvxN6OQMMGp|& zsH#FFpcm(!)wmlDtzJjcUbJz(W}iKdS+1J?S>{0KtC$D1619Ex35_ncK;vbSf3Wjd z@{;UV47NpAAu*x)!*7w#`B&MG5{y87y>K)APGRmrpvaUQ>pQ>d1~eIgu#HQYTJ2V? zdk)3b)ed`i9l@#{{7d_+R()CP9QaHIbXIw*_K_d&%OX_95aZ&!YT1$+Ai&FP3wnNZ z)$k6|CMG~>1mV7~)oL5^ANB{z6kLgC;veE=stZ@$D~)^+f2)BT95Fd>>Chr9n%c-14(L?7@SW%}Dj)gZ+^h6YS(4s*Qu1CK$DT74jD z2+M1sPfDMqgE!aPbqtGF(R~$g%T;%BsOqjSYG~C1-juEY?_bNIS8;_Q4DZiinW_## zmSO13&ba*HF=8+eq(YH$Ol4)Ipjlmm!|uR-cN7`}!2N9X@{!`s8x-xgEozA7sPA|4Fk#4^>R{_3PJOV4{`dBZYsE z$?-tmk_11%;MATeq!k4f?aMd(>;IvipKBYmP>V@^;B+VIC$5w&B-`|AR{A$MZai-Q810H_Fdl3 z|9a0P^2T?cA(S z&HpsDYD8O1%)tC#;7j?iYVxYXP*0XxD8^`Nw={Bp&=)XJmx?q7Dk#}BDHlqVWW8H-&r3# z3n|iCcyu%VQAFT`=3Vv6*NB!LzNjEiJfmreJ+BrbwrKTRX8nE&5}9`Uo7m~hso2O6 z6K`qUI;*_i7pN$hn0j}~+&SujumX@O<(7-56=+Y>)X#0RqHqNfPyT_5 zy6WaGOgq`dX;C@{SQB5qvTxLV3ff^R9cpt{R;Zi_fVPA)`l9P(C{JE* zuVDpGcA}}f=zh4ei<}%QKg2@K|j2DBM2TX8;O6He6UlEY<|Lc zx+K=+b7V$bz8Gv7_PGrT%p`+#p*)kaP^7PXjARU89c-`o^aL)3o*sE<>31IVh|5pL zPk+fvu{s-N_`mQ=KLSu%hFw!yU4Uv|UmuL{OHs;8dwtyvv9{O-{x>IHippaUu7=OLMqWDW zHs14jh9&&bvZ*Xt$0R;;+1dGX(VgOqP)ks-TuV?ubD9m;y{>f9HPv39aHgbv$%B?Nf}p2X4h`#J zr^Ab%0sN}V(b5}Z^ZSY+kqRhs;YPsbBWb*2!es<8#T7_XtA3?pzS5HUaM$s)!@hkz zJwUqZ%0+50%j?HP0quX@gfrNFpzN;}^F{c8GcSvY&KsOyDh6BfybK`)Vx~ zFc6T-yN;lU#XCX7@Bk9wj>^dWe&EihC{r}`@nh`&qaqN~rt>W-@7?8#?LYp59ZLzEU6!>^3(St~Huxw@=tF@ya> zDIDZYX5Vl`5KM>P0!1lp12jOS#0yZCG@S)@tY6z`Kz1}D zfJsPg&Ia;+7fQ199%oKS^yvBC0lZ`Z*!9AeX&(+XW$#`5br<1dHOGoZ9w<20j}G$a z<_UguKdCU9pAJ`|zQBiR6{##{nIsGgO3n0lQe>lWWRdivzwsvuDxP5H> zyQ-VGXp18&Ca%8o@j-<*x@LY{1l|XdV8XLDo^_6P^;D}FSZK@{6qk~~`sKfF~ z4)4aiN}dDC52Vdby@{i8Dm)nv4TSi2+f|?F-93C=j!E<#PMA^L0*G$CQ25}I2TBVr zlvq^lGTv0>CL99Jk0}%$5}gb|gX_{@`ey^G`1XY%$6h!j6;b^`EokoJMMX#ind3rg z(O{b8IkGYHLX&s_2G;f0z_h|^K&a~yq3~2Z$he3j(KiY0Ux+_gIFV$nC^h|ha}5** zEZQ}j#>POK1mm~fmhss%X4U-+wC?KoMzfW5F+(YkL&vRM*U51@m}Z8AM929dW-(?1EH{cJ7n z2yH)%yO{=ayF)c68X+0bFe51eI&4j9cik8I^^y8ux>MOSWO;n-CDS7o+$R$B6#?jR z)ylOoy0X{!_#pT}z5Dmh$U{rWt4i+2zS><7?GCn0gOZ8-w~Ylqg`U|%yyT#CgL&*Z zzmb9{h?~`dLmOn3)8T2sa9AeD7LR$N==%;Tzpz zy|eu(N?uGn&K^^NwBuI6gYcf|{pp+u{(zgB^r7XtcDN8-w zxA)Fp%;I&Qtp(~qmH3lMsOv~vc%#!<+`dDdFtPyc7S7}kq@7jEWFCI%C5?Dei+65d z`BJuOV0uxc_O)Y_44QEo0>3ZiG;DPZ349C?qEUTO@6tl?($j_8?$jGb?z<1TSGlx3 z@i@y!UxI7Nm+?RM@%YJSG#u>I_redKB-5C7&La7|1=dTaskaRSl{w9~2kK=EnGEKC z-IY2AROwn)>mSIeIQUfOF;O2!71~%dnW@P(fyy}&TAk|?^!(Sc9c_d15Tgir9aLcB z+%4Ar3?Yk_oICc(SP1R-?q%!KDGEHx<*Mr4j;)V8&a3p|Z0`@Q*$a-~veqFw^!4XE znN7bxI95rOOY?O$uk+bDI;P8G4_#8A*a8(u8&#c$8sREq;f$qYkW`D$&llUNJx2Sbj)x$QLH?Jp>+v480eUy+$R{SDK>W$}g z*;1Uw{qh$y``P2j`1qXeWeWVBceoRu5v7=$?OyoLCt>rKnQo0s-tGJGMCm*r4%$qA z0E;)%NS}Huquyzm3p$8d&*XOc9+Ns@uZ#%}C*gq)in}%Y^H}jSgNj@T87`B~5?D&a z=^|9-B`J1pu+1i@Sv-y$#6Qu4(l;sVdyEbxU%tL#EZm+8#T?B;2PcwJ>8(eZcS7J~!A8)#bs5 zeFfT{L48&KS4e0!$R-+7>#NM*a5f%}9B-;=*uU?}2#oc5H4B(u8=?v>A3Fb0tmO~7 zs-XN75FQXg=-3rc!?Nl44`1$_`;^GI()*M!R9HY45=riH9d^-I+l?cs4s$i%vutKR zeQ$7v{T=yN52^-oW77UZ_9B?GmS}KUCW=g5*QqK&eK)Ii5w22*T!fSpEe|tCoXf!_ z@36LLQm46Spa*&rj%umI9Ci(_BL^vI&iZnDoGz;|WH=D3n%DXa&Kk6-OiX|u!$+4pGm&Nu=92WG`TYu2^TRp(I0Dn3~(%~i~ z1!~o6hm;6gh~LTK2P8A|BJ&Pba*}QDu-9=?Dj&`r_q2 z??W3*V+2Y1psZG#io{znzi!--P$7*=EsaTOdJqXCyRLsDH91N3Q-XTAe97g(aSu6l z7*ES+Y#)@h|2TWnhsF|$XK1d1rT)^Ka#hB6o3R3vP>4h|$EI*q3Zn`?Py*G&DG@kj zF4h3Ud*6bb$hK~Y5^-n!j_t2CEz+4o3%LS1i!}0S>Lq`XHea@V2!$4UY7rp}8$mNP zl_tYk-B8Abu}}Bv>vc`J1W;AWy5h|<(O?fH7i0mbZsgWU-Gm|!&k#UuH0!nX8+$%S zrAybzTyzCMdw4~>;Xf!bFk!EW50ohlmk1yCS3ZKs`FWavQ{?PHd?c;9#a(7nHF6cD z_y63bPIz;=s~oCg!aO9tm-#5ACTSD;-Z8mfyF%z7U+fFewmQT3lT$=4a8(*=6*}9ix#GH2ORDDbz!K9$qXR$Gwjgq_#~La)$|;XgX{}NB ziKN1ki^2PGI0FygL{$=@U~?*ip~c28bIXN>v@sfUHb7M1!@tRTQx7bzsY6+Jym@xI zsGF1&GWwM`=g}lW?zL;-FE{7k{#U#-{ym;Wp?<$N`S|wAN6iLaJZa?TB4M#tOQhz@ zgiS|$mKYzN7CH}_sQT3VM|3;L0uKz#b5DY|qE`DtvHy5F$B-A#5B6ZP%WR$kLv&;x z{!J)U`Bid(0`vRR_G%VVA|TNv3FG{Z$6KR1l+ZD93O-TK7OXTmuwEwhH)x*sD-NxK}C!q+>n;e$HWG+l#{HTD#M_J3|%L zskYBlI@X{HRg1-)mKiElfiV975T|{683a@2^SR7}SuYTpm9*Bn7dUoo$La9?-?L)C zDWJ_#xT88j8)YyLM@Z+?a-rbOsH-@~ItF%EwJ!In-d=#Q>B z@ezEz5X=5aV2T`-Au3wzW$qT0Ie3A3BPvUnyYbzi zcDN8WEr3Iyh>jHGg()3W)W<1!2&A#=c#S>X0|K-b{rMu>@IQauVlMdRWLN^d5ehRnsb@| z%xd%?&%5NWCAsW*+v%L=AXXir++;dYj-n8uMx8OJ$z#89PavAMTdqVP)l%D{Rv6?$ zxc%-W^&7xc^mE+u{1Tc14h(oh*EI7P!`}tCw^*brI_#+fzD+~7b4l(gMp~InHNxBN z+vH0eZZZ1G+}mz=f9%PN^C3YY0=U6<_3CWfrHTjAD$=fUHs9+$bS}_$og}08xV;Qf zgZe0=RtaujB_{|0hnN#+JSM?G?v}_ylZ!JX`*OZ{ozr6SZKug5Df6klC*-K5pfezssfmij zcGnU$8@?MIbY5=4v-wb*oOTULf$r>D&^;PPbBq0+SGrdx*_W5{IP!6vpSdecLMDVd z#-th)uK*sFR%!c~oyPm9KjX$B!&9?9Q{4D6 zP_5|A7|d#!)ci^u&}nVdf&;NZ%Q}4phd_0I3`ENn9D;z#)35q(RS^lHysgz|{<7JSdqti`W$yK(K11^o8=VFW9#7jHRU| zCl%*1!@UmdKT*m>0tWnPfzI*#AF4f|4ATP#ee*#lPC=q;4iT}4$w9t3i>0d*lGg2lNVa&pUf-` zeBI!uYm_Usc=(y%*2jNrJixZ`)^^T_9Y;=_V)Vavukqnc|Gl*A!pZAe3LUneNd1GV z?d%hqq?>UUWoQnLN7|W2cpL~kFS;}_P;4B0VC}PKwN*0%nUxCs=~LR0!=W$Lio}Ok z3OWAC{DR^n%JKgR^GgCq!xMq!4~W~Z|9ocL34VkRbS5nEg425k1kN~@1ov7v`5yoj zTMD>OpVW^1Cfe{uTX+laW3S|&w1XsIS(_~gS^Z#6v$u3@jF& zyq7P4g}&^|#znxidVa~npl88+__;~_rBhkhiK;n}7YT$82)lsNdlYh6*P-I}J4C38 z^X*Fu`UN1jao@*nJgS6xj#VB=NtV~3AK3PYYHfhurau}>rn72zs)Wt|IQ$)IF3Cvh zfr(dV2b>FX-g~7a-Jk|`dqmyGX9C{=qVj$q+-#C*oDISRBEVr3D|VP4DJz490!(1g ztdTGlk|vF;LJA@!5-1wqu?Dp$6h@(h&6`^Wc=6yAClB18V54*JQM4Gp|T*p6O1GxhS zHH)O|w=J-eMi83T2D8sJ)!kY&Tc5(@FWcm%#$?pMn*~eQrUSpt({3Y>W9R!BRgwoY#8khkC z>Jh1t3))w7E=&(O7HbDT@b6ITorUvMkDADGD@l_?3<$JXnhqK$s(BJcVcG=qadR^Ex0Ax_5ZN27KF;FNC<#P-EX}FnTS%m7IWIZ$u!64F+G>#09<>ru4f3+=-vf@0 z!NVrK#l@RzH*rwz+Y}&y9ItO(N!G6B^Dq)`I=+Gg)(yK**3j8{iC_Y!zHpcI7GVpeDh+7(6Ve_Mi}CBlzAtOC}N2 zeEqYYRa6gw8V_ePC(*7eCq0b*k%B+ewtt%`Ox#jVo7Sqp*Zug!`AN;RkH!k5I=Y3M zKXT9Mu8p^Q|Hsk7QKVv}P0%$GQuVy~RhQ*}(R9GnY~v9er0otC%J;ZwqRq0U=+zI66VneYa1AGEyseXxwupS-*a0@#s5 zfGXJu>t=du8<))1$5x-X5`xlf4y}FI>TKEZ#zUq{S&v2DDE#pn+1~QXh^4;T&AoMvDsg>&lNBUnkJ|rm1pf zf2gpW9bGIq_Vy_#5*!^Bj|nb=V|F{AOH)PX+r5id8OcUl0=h-)3;6>-kSTy%9eXIX zIBoDzvx`U@ofkTXd^@QQpa@Uc*zBWwfx5n4*>Nfc|dHEVvGG zDoFu26{jwp^g`q?$gEReuR4>t%h>As(-T^pf#oUPS^=RI()?>v5jvSL;Rr3&ws)&_ z9lrpg2dC=YiiFO6^Z4ImfwJ&A-1!_l#gK6pTkAbv34Dm}sG$&YL1Z`{Y5z3hctlcc zl*U&bFE7o3;IM->S)>fBqKEWwzetvR-sHSan^>M^mt0(GtqeZQvN3y?G zC?7l(MxQbItbl)e3lhB|C#lk;U19ToEoasA^wK%cQ!JyGeIFYy7Z1rCdEzgb+oh|g z+2u#PfN}@qYgc^vfl$jH*Uu{7#bld%@RA-&hLKF|n66WRn$_3FTCVJpis~N7adBrY zv_L@V?CM#U0tjxW1tswto_MP3h7H&2)-1k+v^>!;n{rMW|E7mxLmGF~n!4$9HJkjc zSX8@Mjh^dr)sHs8kznoNXk{As+MtnZZC+~|U)4HW#<-{80O^g+VnI*FpA7SwbJ$@_ z1lHif^PGHX{HeR*?VMct{M_Zz_yivt^Q^Ocg&Eg#%yFvmnL=yhYZ}9xem;w2<+x3u zj|KR;YJ2z5t^j8Q=!@QtC@9{}+x1M2Mej13|C-W$cXz1@Ha>ytM5NUmUQTxv(0u0K zRZ$)Xr8Y@%iRHPM-v`uRaI#XhN_lEqoVE>9xibqUhTd>MzC6#?zMrN}JoTfMD5co)_Xz;=BDjYJ*N_ zgmT$~0><_=x(_)asZ-(*evOL0M0?$sExd0N#09w4=HHmS0R4ozqpBq5EPmuD zkPLcvYBC0_QB&*mzxB#~qI>RNt!@TUOp-Dotc^J@nrH!zCBde~5!AMH2|Md%M^-3v zBzWhk$@^!OaAh{Y(+qb_y5@e>Suf_~UwNfGX>4>?{D9c)2jWw4c1GX)>y2GU_VgI(du%JpSqf&k?$DNKocqBOcB4pRTdD|o#0zO zH#*0X*p;gq!?iZEwe3iEb_tVq;zZ~b4>dQNP$%IFjS1W3Lm(VJ3MiQ#QNByn{A|;_Ycj1~4zoO%1Df5Y!GE8C9vs?Izwi>!hZt_JE^WqepY;b@<0WST3Y>a-_7fAIYZu_y^uSOx^Q>lhVV(WizP7 zLHDk%lscSQM%IxzMzwp_1+`738mqm^KI1b)Q-oijX z&^TAop8pq)))236dHBBDfyZrsZYL^g_C9W@F}nG3(s4Ho3yG zC9N1GLS-}_)eC8o{1%L4h-$_Fg;L{acP8N0Co5 zccBAfrTjv^Q#s-leGt|1Rc@%DByfUBitwG zQ%AmfC`G*36eti!oyU9ZkNrv!gE}cfFr9z#m1;sP;Uvw7jCfZr~~Dp{3q zQwVSs^X=ASX&jRs@VIZeJxJK&vO*(=`f2maci?g3P`3tFN;6iwpMi{jVMB`r#)U9~ zJC%2iA#P(3>Xnmm*7zGXO`fQhD20!u;$GHDfLMTF}RyXsK^A}hM-%d>_Tv75d?H~pl_!hzj% zkt&lmTCK8(lSzMplzB+pqSz~P>HT2e=1bJ@9TNd~`sX}3y%>H*0g^w3igE~hz$CnK zg0xxh?)Ha9OF0*XO5N5r`b@N6wNI!CLRb|mlDMv3r6cA{x#r3V{+bXhH7cI4JNUG85vT zksOdXb*c@!LlqV)-_Un#PX?W7+enH*L>HGJ(=+OLW)ig!J ziC_JvGz{Z+43887xmX^@Bpyzy!C1dN{MUGRKUtb?gBz8n?b4Q~wS3N7y9KbiI`X`>yet{f56Ld2y_8nQhCy)x_;_4Frp-N%IuVuI=BYR7~n;hTPyzksBdXdCPTE<*3%d zIu2{lA)OB}N%I235qE4Xd`KpMr*KX#bs)61@i=?EO8)^HRN{_DU<5~ODdzuJA~2%D z=oluuAl;6>Y47MpP&?H%(K_l8a$9eSK|TIqU&~f!GVD-Sco7r#KmFBU1%Z-!sND3= zWc3~-c2GVR#SdZ!g)Sp3FGq$xyZ>TWYK3Gxm5kh`DkBXTOM-WZv#rE0o9ZA|7)=WCdA$U@=vjYyq$At8!CNb978p3 zBrqmKRZ0vOd~xl3w*xfvg56)Q8@cb}Ua+HoVYB#_>^7UTAN60dmHO;tM!63QkkK+% z96@9Ti;+&|vdV3T2)4b;0taa@6-FaY7~NHxjs0(;t9$6`_WL?d&MLhlA5P&e6@kr7 z=9y>hLh^4n`tNM(%mIPn7rM5JKf+>%iro=@^XNo9*JP`J9`N8w4Sl5cu!tAVLG-v7 z>`$0#b+Hzo{&xE)$nkwQCa!5L7~QXkZ9YDI!K9+!&sKCyY%e4Yxi&p+BA|S z9NHz2WFIPg)p48YDw!H8>JI$^UsJvG6$7PFMC_qUrN|Sq(NHRv84?_X=#QM6p*$6 z1!)i^1*A*5;jE2bIJftEp7%W;&Zl!eJip(AH^X(!jmO1jy)DcqMc6|upoZ{z zXsSsc$nm^Rb@7oW`!iA<&ztdGJ!h8D6;Pe3TiEfq0Wke6%hOP8k_Nm3Dpu8ZU#oE_ z*op4(>p``3=06!&70h0w~T*3}|;qsEH^2v?SOjp%GE`mT0aokZ1+tcKK zD-bXv1p?TUb6a+?ypLVVeEy_Tye9+_sjEp^*?cGk1>njdJ;*tVdUjj7JAVdD-rX(C zbU;Sd>3Pka*Bcr6sQ>9U_v;zi&<8Rx-U3k59yq!j1^?3{`TTI9d+LpVP198{^XRNz zZJNG5R0JPBuj!GP&R(gn57|_R9V-Uw3&pq#LoOn2^SNzBsBXJw`D+QBG!y*#L~;$( zPr?16R}ki4M*9s@4Y62PyRnWBeY=3=&V{=mY{02;SKjez-RHP)A6UAat#)58hYmP` zm~W9T_!^5}`#@c!;&}jvv)ta^$G+{K3K7k=2?1*5gYXb{x0M}w<)hz6iILauw~kI_ z6}o2d$BwPloDysvV*+LR7DNlA`>)sMuQkaiBPe33VQ@_l!0cb4ZJ-az`sLyWIuF5$ zg(Js2ZzdK?kK&Ql)k(h~?0kE53x3|M@@*HKZ!a?8%V}cev48RHQ8lw(%F~<(uhI)t z&oN;v#R9Jc5T#MAT4fC!MQ3rfUNC}-lR8cjHbJV1yPvRH*iM96xHY3XNw~KN%FjK(nD3BuMnCzQ5%) ziSpKP?e7LndO{}MVPzRk-2zdx%b-E)2|55^03kgw(2xpNgRAeE2O~;i_E@D)P*{QA zf5e-#M@m*#7rJ|~h~<=+zg{`fg5)lNT5+1uXop&XnYtJ7j`{ui+X@RI$q1O>k^XuN_k8m;ZM8LSEH6^baB-E z^YlPlI6{AOUDD5>(2byA)>(3uuv}VT;JJk7&`ytz_bROfOsgJ{RW1_!OkP}O#>9ed z;MbvM@U@FnE2>RsoIjGqn9q+bKdQtfP{oXuUNY(Opp`^I032k#VpD4W6avtdmZs`$ zlR$S4CCM$jgRu;d-R~*#|KW8h##@K;u8TFEyF2G0F2|q6rIE>Xj&zW2$iO zcGN~!2mo=RA2H`lNjmrp+QytYH5&-&>t#n~_$_3k{W?4^22a65KX3HBb*16nvQ@a}#I7tr+Pxau}U5Ffc3VeTyWh)IYZ$)vW> zIrxU{vaHH>7Q2I0-XC z_fH{!2urfsI5}U?`}QM z?2b}8h79j~`tj+p{)hY2w3eF4RsuVUw;LUVD;0loKpOT{;J?WW5>Q9Q0$5rg1W?A6 z`{8SvK6_*AYSO&&OfU4zzj*yPGDg`JXvAF{W;9Y~%m596%~8a3SthLfh~Dd$*yuk6 z1nSAH=L=vx*!&^q?9M@sp!?1rXdzg-i{>X5(+^4#k!R*^VjVOogYqcjqj%o z3?}(=tn%nwq9k2Cy$EeW|Cbm*AxgfntJ%s~G;tC}e)B&a9shyPKyNX!9{M%_-KPif zl|k2a|DfsPnGwC3>QW;rf9(2?Lvk&&Zoji7XJ-AGYoE{QQCRzevBq)3_StF zh4ldQ%U*bbR9*oeu?3x~FFwX%bTRZwUF7fqM2YzdhPCVsF9Jw54r|prv|n|!6fvd{ zTHIq~F?bV5wY-5+nmxALh-ALkl5wIN^IJ*510*v}JOp0?)lxvr$`Fjv;+;Z`pZz|- zSNe9GNOt1kAN^4D-%R$whtjhUtp?S^8f}y4N&Y0IKpM=-1NzD;lF5tD$2Z_jz~LBF zgW;GT+7L;qOF=2{OGvj&p7bMy_#=J@r_l)t!iHuL4S0e5JGbpKlt%5pMJ$Fj?sYXoTnNcuxt!xO}`p za%iDXw!mV|WBlhLL|+Z^4lAIf(92oEiIs+MUy%p?VIdmf3Nt)JV#|wWcs+Rzg~GRH z)Ha)LanP+E`@K98@!UcGcsWy8Pa39T<#+$g4FR_~3CjKsh~6v;I2y@H)P+cbQlT=- zooe%oHfYE)=w^VVpt-Ov4e06VIqp#D z_2@a)XcT49bi{S}&hV#^u1q(8!P*UGH0X?GX5}X*@&38Wqrc+~9b}UUT0U`-#Wu%r z4X#eb2$66dXq5BKQk*QiKt06;8el&9zG9hlEq$vj3iL+=p>$IpqIHjC29-1~0W{PK zgvURiE}n^la`n_Uc+=NE-)%<8KCQW`KFP0dkI#bj-O3(;ReR8s;BY^oPf~=iNdOs6 zG|J5|F#|sK1NPLsbd{FA)ih`26;S?pTm2Bp->j4U4%Rb(yEz`E(xMy_juhlC2z5On zzDmAG@@*;W{xS+YlPqfRLBiRy2BnOem>akKMdXdTP z$Dzj2ne?)PDBVCiGJb!b&wU^qz3dn=`G;7~BoeSZr5#T4!b*~t9-lw@K>g)a<(MIj zW5S>=a2?dtO~fZg8E@+K9EMo|Ghnh5KTD4ezx{ppo|fd5m4 zj03~_L`lQ-zKu{{LToZCi+aG6G5Ctl8Hp~)MHCpwt(s%OS2M72r%}7GbNYOgtta z%>@tV++0wLqJzv49@{HcMJo8*E)nk1B&-dGWUsebYtk)bq!#W8* zCVZfO&!B0Zp$tWm^q2X7C@(^58xdZRcT7@z&5}>K};oY6h4Uw}jVU5`_I&ztV%%Ee3Py}g!f2T9=V!VhV z=mJ0zxy3;>YGiQVx&*LoDFVPjL%%~`O$-8?iH#^2u%dp|ek65juX$mdH0BpU4B*U+ zi2aj&MQE>w`PGKrq7@JmQYCExQ(pwII!%}SLjj&~Pt~61ko$>9%gFT%9S{^@ky_NU3k^#3m2^TLcF|W4!_hFyJbl z=X}4pxdV~DvIuqQ24%vPfw*ISjj&hrA-A^z9BL7iLX>3vCj+jp7O5fTAid)L1F5=y z))<^8uqSYp4|2MLOml{&fiP-=&dyLn8CSqN`hZ(!lKlwkVXqvm2nEqm8@^JbzL1mX{9}hpe9jxh(0$5t`DFckg24uW{y5}K#BjU5JpX9^F(4yg6LWJt@lQ zH)v4>o28%eViF|Azq9!>!M)JL8xtpu3kqZicAN(o?;+9PC{fS8z8!bKJrJ@bvNf z%K`tlN_XGKga^t_q;A2cnb3_IxYKitq{(^8FOVw=7H-E{h>MEyUV! znp^~gRIq2v2uM3i1{RimzixXgj6r&p<P2)(gg}Zl3H41 zEeG=mIobS$ti4`*)r1pkr}rJ%3LFtsO^1`1@@h`9kY;(0!D^*OORS5(Hp7hmcZ~ zi9o(eFj7lL+w-7n-)-1EV^ptXb+cORHIY0m(xktRXnK9!8Glyq-{k@UPkh7AGu!Jq z60e3FxmGDQ{Q{qe%)Lah)vZnesk&hAI|gVNtUM8hPj)R5qKX`do0!~HXp$hM zE7_UbPfSD?1VI7=Sa_p^ZN+H3lom?VF|0)Q<)!LL#W^S4xlgP!qy?1%fp(1Gw1#jH z*+;cUGGao25v^p}@8kX1Rq2)^3TM6<>VwAc$#^GjpC#u5KOtkE?q9ODw7+@*wDD6j z@XJ0v44`;5x}tc+cB>wa6Sk0k)5DX1)h>qOf^NuO1LiV~)cDmq;v}F0>MM0Be~%;~ zmiD9j)6c9piE(<4`|F_wgN_gP2wUpjgf})~n8A0pa-trDQ(oJzFBqz-FPfzt13zB2 zC#7<_nZuwIQPP3bRLnBJUF8KawVd+vC94yafo?sJ!>&G${;;w%Voi*3_#yKuWTY7z z9=K9G!B3OTPA{U>u;9DFaSMR`DPz+0h}_Bwvu)mpuZxPaAd2^4_5N6O5JKZob)#CW z6sRN%?H^HoTvlIMfBe$o9PM&^FAAH4FSLjW#G#%eFemu|L|i=Naakkm<}D4u&niPj zjv?JYaxJt^Em`a^gQgq*>TJtzBh=Wts_*u1I^MN>ps-qsxnBS99C|o`Y2#-&J=9)b zI$;%12fEezkkt+}=cHyeO(BD}l!CebNN-ppxl;U9$ZUEg;^FflN=@plUBnLiAeo3) z+PW$-pyBfh1mux))=tjI=TNJU*ha=E)8$CWcGXomYT&Q5w5Ut;>py?kzh@gTsoXg# zBAm)ib!zWbUtbla{a58Z{xKBzO5M+W#seoLTAs5H!vd@aBdX*(7BCC)X9-l%-Ic+r zW(~s7|EU0&a7;nSKD#1XRhswV!geN{anDy%pMRM(z1(QKB^nencYxR~jf`Lu8xtDK zIaa7%TIYUIVD(1|TXQ%1F!y78FtpYhZQIXdJWG;lH745}v=-ZiV2+aDlzL+ctF)a* zlE#rmd`d8yO7f63oj7+M%NZJ#po$i|*|HH^cm)tK<|4b%&J!qv9B8(oiV8b*CgEtW zcV0h%DZ2bN0}EIg_rII0v1rL@U$4bfb0<){o?Z~$S|WbQL*Ko+nppl-xWey*i${=A z8WpNi)56wQ-ma*Kz2Q;VDj9w6f{$X~mm8i`5bua8kmZQLw9yTetq7Q832Ity%>T^acx#~w`(CJORn5E5c zxoVD6aM#1HhviE9p^gT7!}IX7dCt#R?2zsCM80u|CS~=_ATZhHIHIfU1}09G@QCR> zX3(goLlDA}`mbc5G2wyEd6e_5qo6Vxe9N@^zlU{zLAeHKDDDFGh80|#^CN!1R_g?D z4_~N_XYT#L&pHpfIpcZyLg1RL2kFW{wb}^e2k0td26|ayIm^h=8uGP04^C|rik6Mmh2%U}p>TcKqUSLcQ z8$n7yvoR5r?87eCZ2*lY5YcGg>~r9KJXH)|2yxn zHM2cM#X)CVXr4=-vn%XF1rPMA58Ho$lU*K>woJaPE!l{NWLD4ZlK zOa8rvpjr+aDi8Bw0;dH2Kvo@KQudBAY( zJbGmvs&FA@n$Kpg*AY#?XlAnhM%C{Ksfx~@EcoBZD)7;Ml=iIRalbLE|5ZjAptrf- zM^ag7a8E7X0CbVB03}+vjwA9R+{l>V8s&}Xlm#H(QW4}dLcj_NK?>RJtF_Y}i*N+0?oqhORC zGxH<`^oZm}q52_?I^cR1BaW5MY_~FNCc#zs17f72sy~9=J$)}NF;@-Bs;8~WXjQc? ziiT@8F9K^#?#I!)PzJ_zKhw|cjr7z5=f)yYiO~mgr^Cu8(tKSxfZwO_^~WUO=rX=C zal6{EI4%M@hBNbH87?NTX78yF2)u*ZI~@hcfS%X3x2j{___3kQP~LdOC`{Gy)`{3- zMNqDqdpC#taZ!D>X!?*`n3hrrIxRIvfJ>MCR8Bn5bg56yJ%=(beFUVu3a(!*#}l($ zUsdah#Wt>iphBTWehRy%2_XNkPxMtkvEYzF17_0o=X%ae3i!=6HWa9kpG|cvH}&xA z1V?l2E5~gRVjLK;8swZX4!**-B9hjW@$9?hPbE7R=CTCU&?Cd;FAlvAY0l)i^&Hs( zBXAqr;ZHC6P~k8u^#ckDw3o}EVyi~3wmbs5Sl0(M+ceB*kAna%+x2gddwY(euJS1G z^*G=*MUT2lD`lS1d8%uC`%Ay~z=sc$1ygBSyQpt@V%~k7f8tYr8v4WD8+RV0dENju z-CdeyX_C}>UBZSkfqUhbgyDX59ExNeh-~|CpL8))JjZ$)Qgx{hcJaS7tmNu`)>$yq z;pvI*fAM~+Co%*_wKouHbCdrp#6D=vfpoY$u5qPOC8vi|5zvXww&t_^Kz*v4ohX!k zB!7ZDS$+y-^H}NkUPxHk^K1$nm*F0!bi6!7=p}=DW1O5*m+)350VB?F+s}fZw~qmZ z)A>h^j#FPu5u*YlTQ?A45H>P(KEA860G(JQjv)U=1p#jLfWga{58FylQ&C#Y$I3m^D*dpS?ij>Uyr@F+%2h0KCQ{9ELVgI^}6-q>m znodu+yPFHT!=fv*BtD=47Nxw`fg!%;{^3$TF80rSPs`X#CS0ITK5rCN=yooH#3*#- zDCb1d{sc(@tjUc}M&Ru(t)O<%1gdCj<^n3kFL~C?uc^$^J9?nIgCjawd*;>n@0GGR z6R6qMg$PdH4`vO`f0A?CfsRL!@K3E|>u20!_r z@0wxpX=siGnh}xd=qNZ+(O0^i2>4i6gonINf&VI6}~Nhe|yVw-rBPe#dt})(p)1FBx4gOn+Ng9Li)Gb zD(c>Fsry>Mo#lGYvpJT#obOE;s~I$$`hd1XghV|j9=IsRKxixy2?SD~P!G_wj)mIH zeBU6UretVvK(k@M@6^^KnZqEVBi=CNdkN~v1ydIj!(A5lv7{eUoWX1`dIlSxa&fBg6{1XC`q=ygleUocrZaN%-A0oe1eRFKNyuA zx7L90lP4}twCu>O*Sjp2#1o5ibY?TCg2v2Zsh*}kI?Nsk50UB$=g$7|s3H|!gHNqA zdAkHiWlB0-y`yYl`ZTN!^aVPg|HyeWHXPIvipH}ibtzoG=~ys7t-K`;Yemoz zlq?eL5gnZHcC$8uCR-g;px6Y1wL_*W(^`G>$=)*-M;azeH$^JcUjU-dy2n&LK-P%@ zrrCPM%!h^t4caA<`8r-Rd0=A}Ea$wVtfo2TnrnA$APmwTqWU64+%QELLv@%^{*}L^} zfUPFQNY*`dM?K$P*(f_-w-118Iux$ip_js3{VT83e?ig`9WHTs)?TI*3XT*?Daw5z z2`K|l35^uYW>rJ%Um>SSb*<}cX)ts~*8-cCa%8@QQXBa*kfk0F%)lB;Mpnq7knyAe zga7k7U`E9jS zdijZFslobkaI#_n<%4+~olGcP-z2v`@z;oX89EFn?sX7HC{(#q2c>VuymLVU3FDt* zLTZs3D_clu#G$P6vX?Jq{bgqtq0S$9yx~ZtL+PdDR49UnkDR=FlJQa3(Oak$fU1r~ z&QF^5b$?CYgbTIdnDy~bp_)P+S$e=J@~5ZI4MGP{vFDlgw^k6EoYf0{L-i#m*J-EB zWQMOs;q;uTE`0gBGdB@qWu9paN{du&gcv&s*_E--*BG2Ko!AoHC9hf}>3H_EnUBSshfodzi86hg!Nx+#y;8#{#9W@h9e8&t&-xD>#Tx z_-@ZbLZhwZY+!d$h2MbEp9>@hR69WM?8p~q$h2IyMq9JzQw^kdaAb7=v!EPw`9KKP z2SoE}>osOgbyf~oPI9^9?YGs^^dznBs#-jJdRfJXmpwTLSdW}k{8Xa-@lhUlc2_q@ z1?hXt4L(jq(&xtyqLrgGO4}ens7LuK)}C|BA<<@hAS zIJJhKIHgh}3T-dR*H1KuyVPY@*u}wRFCX)L|M=oaA`xCZ>8T^sQ$76lSK5{GbfHs! z^c-kHHiwNMQAg^eAO1~y+@So$QITJIqc8gL1sqv=QmNB(u$5{;9b^PryJ+mM*@{AS zQGhe!_AckgJ$eS)11T6Oy6kT=s&qAv^_$*N5})^R$lI6hkz}jWP!n_3bBJsj_~LqJ z3u^q=YFX?>S(4t0O;MUbJ7h_!Wxn_Epi9wRr*2&srWUJ-vmoDt`{T% zqtSIpUt5B^KrTW7Vvg(?6AU0xRe)lUwlhBlp`Fk`vPdsOnCnenxQqF%Ek;T$Yy#h) z6_X=2jXM=WbwB-PoNZU8J>a&qhBy)meA@4X1w(b^bGSs|@l!ZGGe$)& zh3XlSa`>1D)f;Vc1=Fx#e^(#_?^V5PY3f#ZXz_`&98(*}kw``;3A=MN9LS>iY*kq0 zZ)yv5S{@N{n!}y&zKrNW~tirpW_sNP{kRA*Nou+&(hUTk7>eU-;wK2FPs8_?~?xh9; zYFht|FeLOt&PMDcf+OI{SAD@aQ-K&y8mOrB6zA1GA=mF8TSc$WIt;6ZO*-bT`tNI8ll3DA6e7=g|c6Z z$TPp=J(L=JVP?f*t&vHr2C__6_z#xJHZaOT{}ZpiDt&lA--KoWkq`n9sK3rS2m?z* zaKV`8ycobREL9=!bGO#9C^($|)`LXD`p0T$Lhb(#>;E6t|J$n-se$PMYz~no7=)~^ zp#IKpPVNdltTuSSgFWT21uD{7ve^8GBDN`Pg5;t}#0n{f5F}VE%z%;BBA&svE6;N( z#!Bq*X~+&7u|bPe-7h77+tM@=*(+h4%T%f1fWpi_Ho{*!ns9VQdTzqUvLxMI>qU?m z@H$K8EMMn%zgmImdLt?RkPMz3ShReJ_A!Y?jQj?K^zdAAxt0{<&}PEF>-bUx1K%jS z-O~&%6jA;GDgIjr-h4k;Z}(?+ZPsfya88Xe$t^hQRDI5W4dE`dKm?l~F#s27B~bph zM85)Ts9)hHJ{*yHY2}s^h_;+AM(*PXb@2a_zGPYG` zeZAf`?WvD)Zdn29bU{J7bbMUk_gA@rzYUxztbEN1>>tRp)z<<+cw3T<=psdmZpe{( z%kMw!S_f7@3x@&Kt6cD$4m-q#5Mp%t*qa3`;OB3LYEs6;@SdV{=L@<$_m!l7AA#`* zm=zhqgaHv=#lX*;fi2P4CtY`y8qD8 zZCJ&h(iW=Pj=Qlpf#Vcq#g)FLYl!+2!$pQ~igTrxA2vxg*u+ryNF2U^V=r*Vq$b0Skn|}LvJ9xjp6NlgS zTPDK4PiKP3CLj*?TMU-59G3`ab<`V8mP+ywp3WQBn}*6II6_!0t)~Z2#?q)>l3aNR zV}p*(c~LP_6)G0dB#?_lF%b}Cra1tN_i8BU7OdAgiSQ#4aU&L^4$l+qz9bHhcfc~gu=(Ur(rk_=Qcm>7q zh4DJ5qyjCacp5A}zCzZi51mtA)G$ot&gFpWwQ5lqKvaetnyJ&ISSRNt7M{Oep4_mj z>ToUpRu~Oi*xGqizrXrltWAms&Z% zaI`Wj#-0P?Qe>cm&|>;fi?Et}Wjs3S>zZVfhZMw`?WS8oX_d4OJu+``7|FK+xf4l{ zGh({x1LWK_1h9uJ&0YQO@+q+1v`$oFm#RjYh%baXqT_UNq(tG%?JPMB&#HNyrtel& zyo~%eI~SML)O6+ZQ&a`!(997y+U5c!+A!A&AxU|=&-Wzq8h0TumW1%)#LP$Dk`L&D zyM3G=T}zVCUcK<2_NpDLvakfPniwT})@^LMfF9Wz=mTj5q1{WITNj5jTJH+v0;FtT z)(_{Nw;M_j)T2?%Fx1uFOw`FXuYHT9QPi$?8?*H`Y;0cNh_iK3jhoa@-*hfSl%IamjD?LGh^R=DI@y&S!+ z^%+rc`~c8+fgp7KC&yE-iZ9wOKr!fkB>=&Bfv

Svb?-?I7-5i?j+ zg4p(^9feqCS)r`9;9or5^siSDi0(c}-qV2I9w^|cfkQ~e%q+JXHG;b2fkvC&A|O;v zw-$oVp5AbtW}M zRPXjfQ1l#~t#n1;7F`z+_Nano07DTrurNG6biRMeTMfV{E|aFZp3Bgx&mtuh*z8NMYF7W#q*PT3><)zMLogU14mE5 zszU1tUk~S!@}V!Q{Zcywy#+Oa6F=fWM1X1QHOL+$pH6)1^zj6#CxN4_R~~=08T(OT z6$S?9R)EAv5*&u^(7O1%6mWKU>h^w15u*}92mT8b=#3t|Ajo$Td-Quspd_0-J;O|i z4iY#+&SK;6{|4`tEI~#0@;IDjfMEd3&p&jPe^>3Hz6N+RZ}8Cg5b^ewew`F^#>1P) z3^rmB@nJw}NdL#jhrDJ0wE$d-t*z~8B*`XcnF18~$k(o5Pm}NX`H!#Sd4!klDB`!p zrXm@Uo&c-Dwl3k0C!M79@)FX$(by*Gj+Tl1DZ;mxh9!|jp8B)t2E0JkslXH6{U^Ql zU|4|VC9(vjlv^p-Rw+jh=&t9t#~!d709{B;oCEB=#+ILi1CY-QAij1C4_1=02s$#r z%HEe|aTTE0#zZqa4;CUNPz0j~#BP6*U;of?C7DT;&x=?H`t8pAr_CP=KnH_6N_Q_J zO8Eg`Gj{-Dc3HnbcX>&0wzS9&Ab0 z)JAj!ATA`uo@#;SrDNbE#^_RQ z#?{j#2nAXf)2kn_Z<(|CN#+pXO#(qh=ul!TUp(%P%50)1e&1$fC43!>y$u9E0n-yR z_TCgU)<6|Dwqoo(dc+(VdtW41aLtDQT^wJ%vSy=fJ>N|V11`jS;*VS_1-Yge*%L}j z;u0|<4F=bQ4^(X?Xj)_+0Hy9W&qH%=10d+54^d~pd0p6kc_4Tn_J6DBCi_-tso<4z zIG$MS87YE|*x%X?@^XZf=SmccF>(#a<6BHsrcI3cHGrJ;K&(M5J7drp+=uoc*^qBT zMmO-B&f_7 zjdz)Q20^&JqdV9#<-vQ@&INUh6^s?`NR{1uLCOhbAy-IWtH&W4t_*a95E_tdi(lms z_$Q;ogp|Ec@Wkf<#h08|c|c$kiN$Uk9-Qa=P4S(`Un{pGJ_=EM=W-<5g5J~1)LWgf z!w?Pek0Fd-_?d$t-N8rs60u(OwOx0h<`k$OYb%FVZ50{Z-dXIOh^!#xjR~@M)ZN%7ClaBLn9X zrDmXC(uUR}cmXu!lZ}Fz_El|yPpha&+F%Xhi3{*)5pD-8QG&PtOvr!Jel=#ac{9eK zs?;^>h}G?@{wvO~30byl8}$EMdiZ0;KF5QoN$XKpWzD@?vXHnEtxEMSEcE2VO>MHG ztmXG6LL>L;!5c3|{tm>sfgb;)Q8AJ-0O%mw3g~ve<#a?SEP0E$+d9g87|E9Q=2MCK?wARL-(58(hZFUG|GSwXZxHyp z`rVzh{_Gwn!7OO@XS{Ytak1V8#0h=dfw2@N9n7;a18d+Mi)q*2@pTP>0##t%urZLD zsh6X|NLU76P3h)y!AChQ^1A{`k7-GHK0YMpBL*fTJ7rja{#03-x+*w^&cQ?qT)nu zii>mQd@0zFpmx|@sgJmXqyX#HAR-V8L&4in6i@m&dHCEdF0aeV=f6X1%|}<)$+*5T z^~(E^<1^nGfF*h$xDEr=-oW31H>bT>hn;3Mkr6d<4WM7BUQP5r`TFgvYMQ=i7?F6E^7TX9^6_ zZG?F7xk;}avAYp`4S8z#H%SJ;n*C(RDRE)RgFWcVtL0^$wuOMK4{!`EEvGr`k+)ar zTDsxDXM6>eNX~D39w=kUra(?zR~Q)|&x)g?$)4I|pSF35EFh8c=BD_=hgqk|6!t&g zc-sPh@;vJUKPfN}7%pQx^nSmPO=-w@`Lv5^xopU6X=~;D`GA3i>(g9yPq(Z}15&^n zF%r#uNY@+k@#c{|hP&}*OM`AWa=#(-nvginQ#48{nCtvSOoiDb^%1gnGGzq z@){t~kz1h)P{JT#1KAva3w$|FOHktUx5u!#5wq|$yP2Iy_vJc}3=+KIVT?1SRnxpz zXR14$^9srlG5k=1K_1{K^OAlOu~EJkfQcy=sO4g{Y`DvJ{hhpPy^Z+LEz#t2@ zd{NZ92q&Fna)?y}+l$NR8O!2iNRg;jE~refi^G^=%lGH)cEKKEx9PWOG*&GZ&bZ zac?nfme8!Mg}}jtFB0(2*p$TS=fOOf)#hd#7wT}qFx*aM4&aiZKq!5x<2uvcM+8?R z#3XLuk32;T!uQ{q9}WfzWMH!$5_wWCehqrPaS$hetTD5@hc`(!u*1eZ;sDG;zzgTq zfCuYP5|FaA8P>(x05>Jn0h+s}+S1L&30RV~cj&eJe4t6Z5Z|^i*I*1HL(p~3Y;+o! zNDs{C5CecETJW_1G7mxq)ssKhD<~@pVX6&Psqiqjt|=ZYJj0szfRZN8X}xzLH(5QH zrWKlJeml4upLdKDf*EVxwBqzW;b&5DrcZV#JS}VjtnV1#R8LOM7`4Y01K;zHp?r!3~omrIwv|uJn_2FBMz){>wNN%j#+~e>hdnSPSD1FVw;>8lm*upaot)3FwS$WpLms=NcKUO{i z{n^r1IRN2Z2okipT281N0F)gdQBE1d78M_0;r?nE{t7N$(Y4@WAOI^vr)Tf~$!i0c ztRZhI!x-)fj&cbATXOPmmtxHTBx>xQaC;38*ElB;xIrbnu)z|I#Y1rTNtnuESZO%b zFRg)~M}en4|J;NiwLt-(?B`adtuh=$nVkTMQv>(3n#-w9$~ntR^R;zH6ct<~rhFUW zrl?4+FuLf;onw??1K4hDokLh`oKuFFo!ZPIwHiim;H%O0O^q0x21R8;9pI5v=VuTE zRNL*F!E6tl^%v&ze%>(-wfoX1EFl~@3^<&LEcO%`Xz$a@Ovd+;np`62&!j_4@C_FC|Jtxan1d z;KmZRoC8{2cCMD-OlAx`RF2XoUXSthWXV*~M3yVQJJ%~@lxF*2$FvrN4I9^%Q0(-8 zutByNk%gcm0fLr-6?))i2SLML7V#P2Iy+0W-;(xky-kw>7bPSF2&T4V4T$&l=8a6!=9z%W%1P5^7L{I z;91n;d6`%5oKz4q_>@*8=dfrUfA-ROZH1hu{zyBk;LQje+LvcjX+C~2MK~|3U^3bG z^VhUHOfTPJ%cB(fXt-1VR13->S7|s9BSPd-p{GCneL{DEtsL+b+oQZM6g3pKZ@I&e zcw+VAaH8Whi^>B@MmdPwY2Z=KZsnaZo|_H=3F=t1DPa9hdd(GqQz~2+weF`e?Z@Je z8GMCw}NC-s%_0Af2a2`ewyn@%SG2n8|%00S)i0TaSuS&h~UC$$OmFhwlk(Wk2~a6 z^H=-|`0FK?6bAM}M;-H~(}8v1?-3%M3Gx%sUsH=uL;xr>urbDc(bNe9Ng7Q`(H&a& z2iO+_?xoR03#sV-`hG8nQ2A$G6#_(|PMi|){AUM|OVKt}A^$gTwj){9AnT!wK4j3y zu9{-j7Y&k-0k_(FK;-3YNqhV1nyH7P1<}TOHIaqK9H2#f)>e_8Plv+Kp@;z;l(HRA zVmKcf8fpwxTw@S|GzP5y0b0HxzD*x$fUWAF>tyyN>D8sTHz$C=F#TX}z#6Z8Il*(* zsKMjSBqoeNkj9YSoEt6Nz54JX$f#(eE=Z9U10*&h)kR~dzzE$YcHh5d0ujm>-{t#o(zfN%R01DU^oLj!+$z2%KN0`YND7&*B1eG{| zWu#JI3&jN{c&z@99vi%tn)e%E2-X6yzpd7TQ5^ZW8H!DO?fXS6rws?#M*DG*QrYFsM6jlbi57Z}&h;M;ES__4#;5n*ehvfIe z$UY<*B>kQ%LNS~pOr5=4t8+(ANu%_=KQZ+JtPr#QUJ((IS_tY*b%w8n2yF0N4<$~0 z?70F`5cU|P9ah6$@7|xVO!)U!O_70h#~DO%EcCJgc7qI5N9QeNaJ?1?e4pp&FE*j+lcX@!}ZAw!Kv{ zgyFYJQ73T(rG4x_bg*xv2j9r!;-M%ki+B}-Kj7jak?Wq(b!m$So|_CBBHCy>&J|q+ zuRvqyDGdI4vrVTd>lfLFwJmuL_?cX}(~NOp<*8uMc>AwB!5)#hGoD-?w%@syLR_2g z+JOL*+;m3Z-GQzTA9DTE)j|%mNNdB*G2q_zc-4p<$CYo!gBU{Gu&)0|!`viOLj{{xaNNQ`|-k|Q+KJ(P$${j+Wxpk43n2-t@ki-I*9$%3|Meq=A4DGpZ&;2 z-(DfVI4TGdlLGFoc>)mV7S_hx!e@}lsX9lF!xj74n_70&SWxnac?cmwMp~Ll+~qpc zQ8TrzF&&9tV&(y!#h$PMt21e!OB-YU>dziW# zW?jm62ejgt`}OUJ(rJB|cDG`N{h5u?UrL9`e{X{~Hy~Tv^7>KGDiR`_3~aN*E~cH+ zwUyq&B5?RT_!Y8#I2hP?+JW((-G~61aH(O9zb=Tv{CM6w|I67&T{THAW(2%PCb0x*@)g=hQJqX&!J^9gq4-5q@lF*cx zc@ye&x*8XgvuaN}kwc^c3DR{vs<` z!dGsdfDzA_`N*@lrNvZRnMuJXJ7ntBCiR0 z2{YIsX#<86*bcErcj{BLURY3)-wwZUVv_;-@JkjftrIO+ zA}W6pe%|P5QHqVC27H0viE0thKWTISbWw~p!0(DEy=A~=XFVWGXrtxt!g)fVfKg+j z>bJ-K&JGB#vTC-92Y;{3I$V_(e#Nsa2bhEn!qLd`uMfB>T^f}(Czm%O0qXJ~LH6Xr zr8(n|etQ?EzYB-I0!)|7Jt#hZag6(-%OZGx7KuDf-r~Kv7LsA6sxCnxY$FuHq|Dv< zb_#p9b*Ca233UszY+-s5 z1{{r8IIo3)k2P{O*doWcUSAv9B69#ge})KX0>J#O*O>-th(wW10dOBxTt}{kT!-Ku z1AH=ZRJmE4Ybd;c^lT7Sv|i2EJN?*n%xcbj2V&9%IOD%|0$PN4uhBrnq?@c4E??Jyci9h^b3O ztS2j{jMihKmdXc1GTF_bKi-+d<^@dfcL^$csAYiv=Prx<9&_*R5J!3?OK-$aM%h#d z9r6YVSK{-#Z^5RJ(6_9tk&Gi*OpA=&x7b3LF8JKNhBm4Y_-ZtihIuMb37P{}rE8GRkeLm%r^ zbr+MKf0z~r5?d^S{r4e4mGY_NqkhExtBcoakP8>h+7BQD)G|;@u8>cEnbko?Qo6|$ zjHv}6JrcP7^Sj&i&0>)fuv-=rhSafDPXH7P(^ES^cI-_Q$%7bWif(wm3a<+yOMt2b zcmC33YUSC4qHrsv0Ao*sa)2`+C(+PA+%7=P%)#<}SO6AQJuzLGkZw*8Rr7JW(?A|Q zo)2J-3rI(K4(M^gfqkCexrC!5qd0ux&)hx<)hpwb(h{m3*}}OOd;aLR{haFQ`(1la z?U4mZEnVTUkNa|4AE+H1)!#F(CfsppaXYa@vgV zcy^hg04Y;6f(}~^B2%SoO#njieutNme(CSGibR7$o0Y#$rW(Zv@WEuE_Vdxs5y*0W zVZi83opN9gxaMVp3Vklx9Hz$|$9~X+>M&d8Srw!hvQC0(P0xjwh{c7jxW;f*kmF4O z85{mevEo8h%s_WY?MiRq5;gV_m1h31Y1kJM68t86MoPe9vDWT9$HrOM+}zwl^pn1` zQbsx84`mxV4vL3A45;FuKseptF%T7O26|z$Az`}}M%|E#Sj9+ZocJV-QK2%11xRpd zyRMrGU=Ww3<)xA3?&%*u{4CY?5SGjeih7E|@t5-W)o_gH_;Dr-nA0!dB!hO#&>Bl5 z2(DKcee3E1+_OSikm}J!Ig3syTz=I11i|G%#~MjFo<}s^IoN|iS1UrEoq9kSz_#Cm z=MdS085_9H^np`$a^nktC&=anl-bk9aC!3F@fD~9;Fyhus z073Toz>r5pN-v-1feqo~AwAI_u`HfjCu=s&3%*>f3z+bE^Wsoe>xO18vc;Skv$BP7M(`o zKEj|zmvb|W!Sprc8#WQVG=gD-4% zr)N$H^%tZ9I0uB_r>G|6QmMv<$jUmxz~US`zK`7Fy9G3{%EnzvL|PxVdFq2#gzvs# z>b-h1A8gndJl}A(KD#dcet&Dp@ncK7_^y0}9KY^>33aIJXiABjvHu!@05z{U$#{lJ zZyv6x91osBI2Ifm0rJ$TkF19TcoO?9vwnej5dFB*}ya0Q_uJL^#UN<;Tz6&gvh;fvNy++wa8Pah- zC5tkR&C4_5(C};lAk-2)aql8um#Ao(`|G8q_G*cMSV0Y9XEj&Tl>kB4|NRHbdmY+7 zyr&uHPH5eh_fNa$s5Ots#q53_LdE=+a7|mthg-^^`mSmM{d|JtHFY69_cY3nxDk`o z`vu=t`njCm1T3rC1PwvlxdbY#r&8raSc0Q4K=P{`PW*#!N}y~6b*B$2(()JL@z}ms z{HO1}06EV!tipCVd#E)edlYToCUN;WwQtsaDsmntJ&nh`yMfrWeGB82mAm=;_r1HL zw!}>qsFukk?8J5)oocOVibg|7Ro-9Y{})6wI)nW=Vxmn?Sp?1bdBBDvCN&&+6N_+-*? z30Sgte~Z}TM{brtWk_^`L}Jq^T)=?mh0NDSPe%7vcvz%R3Pqh_Z;e?7C)$3Z?t<9O z6iC23b-+p>r4zPpaf!1CcMd8#IcDju`Ii+k$9+w1#UqzNB)a+HszIaEaOs$?{0i^<)eBTgKN_%w6qkg?YT69wr z^siFR=5A1+-f`Nmrir@!^lcie)A!DDG|;U*cl*d?I``sMe0^(F5C7Z_8D;+E*6u1X zKM&UkJq|$h@rM>37StgyyuRX5n!G5uUCIIB7M>`!=IR^gZ(N&Xiwm%+f-1 z$j^!SQbx0pdxSek=&^w5R~g|#CH($zudV570o+q`o?P+0>50($2&ZgfJMJ+rwVh_S zRrPEpXqI;4aZA%rjwq^Zd>i>CEe@$U+xXF5mM52K@uifB8pm}rKUbV7-r?NhJEOyK zV&>MK1y)cb=*ZtVt#*_*fM;;%e%r0yO;nYXl2I=?TPI)Z8psh<7FwOI{#C+Z{pk*c zC`+s>1Yk$9MaXe@cD5WzyH_6MgSs*!4|fve*nI?t_9}ntJQP6i%#Vo7H2}@lkL_}m z`@{!zq3LJ3DH`&tnEa#v;(J=nvlfQLnp`~3T1E9j_c&ZTv;j?u~v+*$Vkr6?v=CMY!3Pn zl}sA8(vlJN`ZIemO; z#N$TlJoSh)x$*@wwP zy-SxD8!ODeR5sAaoCig@dmE~$Y4`N1k`a;0p8HP_w4CnQ8rU2AV9odJN>_^@z()_u zKR7TOX?jq&knM(gErgSr53LgLj;Dq%J-EgiVCU%?qjw}@`0^Wc5bcsVEl>Ma_5i-O zOw5U5Yg$7M$eWHY3{k3F05RR>jXR~M(^MgX^wYdmCwHtirgOF{S~^et=5$pSsM!T32WbS$j_mS?A*YG?gh< zPs5^lx|VAI{`~Y@{(u^hT!FVZeio`*4@F+-HK$!^+pP2RW}cQlxg)igkj!7KTiX00{3`KX11L`N%c=2Kmc z1O{zwD;@HvK~MPKiHA8Qb9xIg#GaIBbr75EVuFAZgdsuH+LmB6gB#& z3^Uienn5@L{lDP%5lCc){jkvT!nn=P?Jcs^+I-L-X%?b&o>ubN=JI`AA5usgc6$(> z44v`;w!sG%62HF0-MmYALT^t5WqQt@v=17$DX8s>W?OtsMyeNs3T$PH>|kRU4!vhP z`3N}XZ1)@;@hjxHXuR@=R zrvrD+9bC&fv2c0_VO=z#&edD!OQ3x@X6;;kgkE}jYl2!BH(4a*!Or{J$N0l%&uuNl zz155vICAs31Kg5lL+|$}`5fmiW_&BpahdTTZ|n8I$Xf~Xj?_GoB`UTKMXH0GbnS|} zMss&N%St|FY~Y4Y_XZ6@ zv6O_OjG65Q3L#_0WS&J-W+^E$WJqMnJcKf2ir#anYwLcV=l6ZT|Ge*eyvOnUb069F z-q*F(xz;+@IegB~nV*Y)N}3k`b-$*ydEeA?*? zgN(~IU=thMGpmwNu@q%t_u0S|_QY3(&!YV^qlWktY7=sz`qOF7AFDnGWB11xhnA*u zGT4P?r*yxe?o$8G_}Y!-;a8{E4O~;kw@;UrUO47I^3B(icc}Ao)9uzJsR@&SoQKAC zF;)EIg~kO9_C~faySnT4+L&61fWJ-CpA}+p#IaqMrI|Dn-4ezIY!^4|8DW$WbWYFR z(SqVD^Qk+>1oYZg(jge7nJ_^A=NTIaf}mSU4*b#GB&3>K1P%srHkGMro)*asSqphM zRiYXajxZ`eR-Oy*BsLSYAc&;*crpT0_yk}S*r)SX4^MUSNT{Q>udq^zJ3x-Sj1rBt zbLS;)kGwY6eYGws_xJKApP#osNa_Z`zd6nKi^MS?^384v;t12>&p#-OjgZY1jH@x{ z!(JVRhEh5C82j42OY1C&Dyt433z`b-Xz08{i9n-iQ z@RPpQ_5PL`J3%lFPcza~Z}lfT;{m0gmiLG0=3~92!BHk2F3u2LnVF)b{esQ_kv+`bBtDI0E^s zg{y!O>3AIwqcS*;JRW^`!Cw|}eK7VTEE4ru`UlmMuoq9jUYu^}P{8hwI;c1ol>g|4 z{k;)53+FtffVp118A5O|2xmaQ-4Hz7QJAZ12Y|DiBg|qW8btd2_?sXz5_&oriZ@c) zN+<2j0m=4`qzR=MpnG$8!!im7{PNqtUYUHo|4kBV=Tr)WO)@!d6PAzWcDn&xhBAt2 zMndxkgj8vU_{bLll*9KDDq&WH++XPs0F0o6R73xMs4iZ$h1m2cTqefjBGl)QRf0fF zrG2zHGGG|#!*vsdfDjQt_P9pwloVxMCej5sgHaR|jXdEry}`9s@!kePH=L>NEksq| z3`cH`vWS={VSz;NFWP0`hB+(x1F&ZcyO>+nOqNd64Rmz6mbc+#BVv&gfb0vf9kC7e zj&T_;$}PP*uo@^TCN?9!3jF*jYe9DCo*;*UNZS(;pY<#R10=i^s9EM5&M?u&$Xzc- z@wrFSK!qpXGYl;=<=q|V5zKRYTzoBO3WoETE3ow_tcM5X(t`lkLsPA@$jc}l zVC8++B?}ga$y%_JWHWtWH_+b?Rd9s$>Z3?rJa17Pi=UoZjC~X28^RD;SQCOjPmw<( zSSAQ=T6NP7i0iu=eKnC#$;E za-)0T2!+2&t#OC&4KHxBjDr7pZZgwn@Eb5A2W^Z4rbDKyz)mNUnGQB0^#mk=f)0l9U}2nZ!5+A-UtZYxkopp zQ<{;nJPQmpYp_>u36vgRf-V&yD0)2$P7yBy5PU7()al?Ajc}h1eq`6x3rYS4L#3|p zuNi`Y&b9j8K>#X@t``}O&R&*;$hMPi>BxYO>3q7#Sth{>_w$P0_>FL;w!O9^#^Pn+ zZ&scXb8IJCfW?rNzS~7e>L_h(yVSx{fU44~pz}OcxMnqPL4o)b#PBVJ69fidJD~kZ zLavfIkp7CC=`iu-85;|PAgk}Rglg`^bAG7!7BSq&AsgG>3X;L;Ly&jpDW}b5R@n~O zGm)_?Vc3m+2^K3dZM+-%n*^?8y@EKPF>Gsw#uriblD~fDzdIZ?aNtduBBI_eg3Qmf zyTbJo01R|8FJEwn{#8h4*?QVlQm`cgYiKgG4mq*;Y=MJ}lp(5qo%IEHRF5QSE<|)B zV_c`-6{>UjThvp_YEV%C)xX*_)%h_j;p}tp z0?Vt!F_vu=l#?X*nvH-YQc+)_&9U;>mLbc7aFH*T-DXlLfS+1$BK+VvJlJ=eG(;4M zP~3k3NUJEoV~>qrYC(_vmvAgnzJDwq$X))!4m$?~m7@r*1l5R&Q2n!pRD#Z3X>dCt z(5lDWAfm6I9)+eOmyM6uVqjHIJOTC>`H|Si*#26Agl}t4Uo1*0V}Nh0;#URmGa3&v z%)Vl)@4kB^2NLaH_cz67_`7}lD!OAyao-7t&+f4W)hJwvqGs!2Kt;4hC)=<$$sKAm zCbR_UD=W!QiM!CYpFDjwNj2w1`k9Vo07esjz(y}n=JCTAkX2Bt2vsh#PVD8oakJV? z1>f?75<``{pVn;kwpywYFqse5J8BuQrV{@uiowSj!LLhiW@GvB5Schh(zKNDI^``# zI)CY=hmCW6@Vx}>WAkHRloN6$cb*Xny-X@IT&CR8yh+OMf0%8je$35 zGmYi>R(-LM@h1d<{*wEfPy)Dc(l#*_5m`C7QLt<7nMcbv2FXaTt8>XmhC+QAWzE}v z3f%bm%=EF4GN{IUM0u>{z5^TYRvhSZPxf_2iKVk>7*g7${8}G9;bJUjmSRe>O!u&uuv1VZmXH(w0{=uT&}Vz9lr}^0$M0MBiE>VH2wol;DTp0k1E!=R_(=I< zF)+H0sr?hqLg?XZADC%B1(yn zzgoRtC9T_@==@odv*>Z(4d?co*(U>>t3rzsEVv$LAfyGV^*elg4;D4Y*#SQ0FGh*< zwXoRoS*Z=J$Ib`*6uh`1-qf4>IeBtfZd=!EsQK$jHcjzMYnWgB3asGLwk{$@!vXeE zd(Va$Y;k5!#qVEp0*Rsf(SW%}%_%7!op$PxLLTlNc73n&p|L^=MAAzvebkec6j2QWK#i64 zuar4~J!ezqjoP|Rpq7T!>2x%hKcxc`HEFHAj43i6+RIW*b1fk|l3>3-818avw4UDS zK4HUcSR~-KvcE@$&9#qabj&ha_Ivpb@qs`@^Ob^2|KapfgOi)-bxvw7rc7b+*s2izqs_fL#xmrIDRe!2iKxG5z_T3atI3$`U@ zJ?r4S3N0f?jputF^}YI>;C~{|vLpqFNCD9HLuNDmHT=?tw3Os7hc3YhpmbjxR+d=2 zxcynTZRd3ayS&POb|Zig@W9zMX!vIr|GR2t-8nLaw-^j|Ot}+YdTdKT=Tr)ejPdGY z1{WzqkCnO6A;6&mv`?AlO+W*K8n4JgZ~jY&xU()G3`aR+(NcP1ZIzsRAme$w`$m60 zz^StzRrl}$gS7w@y3W3%QC5I%z*fE@`%v**5h$6G9mHce2e993WJR1 zj{uA3lc{p=%4fQ!l2Pu{9Ec}Ifumc&+G!?A+i5=|pcZC*o0XLzJ|_!lD1GNHOXK32 zhMc0MF*|5jHsqGrXLjBHf4Nma0_k}kEqA-h0=<+(Gm~tmR=rX__Z3kTh6IXt8Js%%NsSC;S{(3P4Mvd%V z^ml|v*WrS?6Wh>*0FCiN9I^BGpA=g8#L!o^eA#<1TD4nzzRV1Ld~dr z=QwzuKj)SX`pW=iuo43IB7FY7`5cd#s7_hh)gYmvifDs6uf3P&IT^7{6;3bp@S&`)N zVabIrJDQVe*pgpuw|u1ZWM?V5Eh~`CV}ud$LrbiGb<7B>TN7_kO6X%)0Fz&-rt`6_ z4qd9DHfM3PF4A=XJG28%l9Ys=+2m{?$Oc)-gd1O%68#Y~^kfZ&ZxU0ZTZX=^+0S6P!bo6xlu_0;DIG|J&#-4nzsDtF1C#J-NUO?4r4$) z){>|XN+&M#G(?>cVYvR9+9?3FVM^xrn9JA&DdIf0+}R%F*=z?d;j>ltCLl*5fY;%) zz&lW4Bf7Ycw`+G=3z2)7@;7!*%O0pA-8 z-p}q2Yb;#Ar-mu(TJoaJYDm36Fhcp2*AC_WHvOEz3;Y|<7cR%*S=TtS_lY@N8T>j0R9c!ZJUP#?Dgot*`Otwe5xQyF+sn+^(~Bl9aSpj+ zl0d8hRe$wnSkeS&>qwx_QPhvj{Cg0qIaDt%mOnfoaN}CJf7L6v2aEANyS2ubR}7Cm zA?xc|W*e@PN5EzI-MsZN07nMC4*}qn*BA{P8_y(HbECB-l9(-^E%{edj1^85-DkY3 zT#F+?0Fm>@C2MgT$G+m+42KjsW-FpCfV@gHel&a@u3Ng64-dSyGDbsV+lR&R(*E?2 z9Ut-c2}}=LNib1>C@xn&@iP7nil-_gf*LdG^^U-ca`Nnqzp~L9e-NZSsmYq}BgsJ4 zp^NHM7fUAs4i?EG*wlP=!iih>F4E9Aj#a;2j_w{{78%Z|QFDX!7YR%sggZZeXdfoL zTqL~gM<0l27L*eQJd1` zZ3eP&kH|S6Ymg~_*Q7}9n+i=@0uY?Rt^gvo9C#l!d;9hhQQx7YU8mD<$(+Vruh<#X zvN8kBv=5>VM~Tp2^hu=pxP%#WidIDViLUwU8%bA~RVX6S3skzwEez9h_#7D2R#c@L zFq7eTho`ag0@&d`MWI2O0ze3g$CR3tO*Gl zCQoXLH-JbIhV?L!977_>j8er!(jgb;f&)B$MiZR^Eh%btsh59QmDcQ|dks*8pxOle zH8I>F?Ft{vu)kLp3+xyLPvRIcc8trYi?q}?My%YJZiMt^8o}rbfxlcQZwi%2jNOJ> zqiCoD{j^r)AiYI^({=2s0W@{gu3f?O&IFg?wlumF?IjQ(4Y3cWDXv7#RXfpwqgj#G-NueiM;lJ^6dKcwN{NrdcIUm@r{YR6-Fw zMiZd@ZL3>Q02DfFPTQkmCg7J-_&|+9L;}E2pFTN!h?Goir;O7UY$XT5V+zgrCpiNH zsf0|<#)c%aSn6*s1De?G4ne8EvVRgu*y9$MO1GZ~N7g)%GCm1zrO;=yhcTu^G)o>3 zqh5=_>2sPSim3-e#8`&}h<4H9AKV-*%)Pf}MZX!y_3nj{8W9@^{7)lAhAQTH ztLVWq&E>88{@R=^h*VdqPLNEC76f|#ePb2-Cm?K0B7OA5tO8AfA zf`(N9yU;?_b{j#H90Ypse05;Y4& z*$zW(AfXfg<(854Y;36;-S}X-eey0A4aFmdxxwu6_CL4ZAgWV)`p>Saw4~7fL4jH( z%b?KazS#~aUPkr~%AjQSWh*iNgQfXD9e+0})E~PUHDkX~g%$Hlbhf6E)j;tRr{hZ9 zpKLKZKx)&Y?S(MB22v>LyY3!I0}L5TPnWcD0U>sf!>99`yHquuMepO`rYhNtSf~@~vkTQc$dS-R3~^%=>!yZ_CQ~PeDGfPd)3m10)P;-D?!c z$Q=1kxA`r+HKG8p@U){q-^DIaJO{ETxQk`~vL_m~3A#@&B>{jf%aS(@%D|EVF6s2c ze~c?}27!AvVpC89-&s!AA^7hp>?TaEy@%Rv8{rqtlZ%gp{>NLM9oP;K6HA#hfFwRJ zXeK1oA}JAH@t>r$o#a4b8(~7TH84dl={&DQ(Apm0b54l8a) z#W0$>Qo@4fO^FD)kY4Y&lfZ|bVBltpJpm#uoR))iSVKwl1S9gHx~OoJmhPn1tUYGc z`6B;MfqRQhp(QTl6xcXEd{G!1!Z{Qv+=Cf)@Bk8+H=?ZQg2dnGXv(AP+KYc`+~rUS zkm3CGV*~=ccVB9#Al4hRVhonKd;4EzJuWeX#jj{EOn;w6E)D?t7) z59%_WilZjY-K_U?JCGY+?7~Pdem647y8i$R&rlw06nEWuhBo=irbx9Si0(H7o7hs7 z2_i>;Dx`@&h3R%XlK0W7LAOI)=6Ni0y9;G!{Y3Y&Vl(6+=lr7nvwbClXS1aWnKSi^ z$)fQlDDnEhdmK@!pvJM~Cu&dQ1k{*LrA``OpK`v%@qbe~AA@K0L^P^ntD1}MTXmjm zd=9PibjBGt4Thp4v(m>0ftq}%Kbfz6dg3;|lr*#=ZReS7pkD2NrMs4Y90n^q)RqAo z;R_IJ-^cp5m{@seMi`}0qg{`<@{zQZrW#tV+bTR6KAYQEu0hJB%|^Gb4R!1lG#)=i znngv|`Qd@|)&sG>t{wma6rXbikbUx2pS!IFWRM!o{Mb{oz!xj{*wc*teP`F*9fuFz z^~rIX8BSS*T6SQK7}&wiK$cE>qo{)>=By{amMqo?N?xI6^ge{^PD2$S;69oGCZ*a9tdWyLWa(#Qw?PVETsZxscCoFgK|ZH7)b&9Di=o_#X$HBoxAR(5tSi}d@{ z3bbL zg`9yl@c-QzZh52ai2p_TK0-{0=b@zJ6szE$sGl8Amv(KQ8)@2V)}s_`({@0+nbz%^ zM~PRwQa@Pv0C1OV%I|q0@ zM==XxiKX!oLF2aSciL*G0k?XrVN5w_0KXJKeQD0AJjdddA*e@kWqcH|*SHp871}m> ztA^%MCRt=fuCWauf=l<)j@U&IVhF$a@mE6!H>!~UNHHIkV{i3l5kbUCijXG}Bx&Wr zbOI}i0cG|kV?n{xvnbUaS()mvEeS=&836<*0DLpRZnHmW+wo85X#1e(CfT$$ED7S^ zgDX$;+%iFLRcZUBbR_V3Ly%Y7<(;Pp?~nxacg=?a0z?!iaK#9c(+yMa5uL;nmm+Gy zzru|E4eE9#E`p#TcwWPF=R}@s4*;ryl>mB)SjLX@0BvFlg7&Qu*YrSM^K%ol>BY`N|wLpU;Yq3i%?_*4HUz^yk){GP$i$^%#DCh&>plqG$-ol`BR#0 z;s72LSwN_z4AJrjYzQhU4m41RkScZj8DtZ+MOPR4ZLiHDyq}?Mo!}_ozLZh6yKL&@ zW`>Y%Xs?*^92#V5O0IDVK|yv~6Lh?dWeHi!MS85Xc_h8sAz3o!BK!c)1#zz|m3fRF zr=kJ^XxlQKBZ*{&X{2?OiAy`BH4lFpQyHrPHa^r|7o`p(jeyH888PT~L3!(_SkI!8 z-ivGJw;zqyPtSy1Wkc-`RqK)#V`A-}>t0EWA=aFt*cE_Z9))Ukr_udA3({)=Qm6t` zYguW2v}#ueKl4J2T1#KeB%?rsHd{jjSNho%sPR`qIb*|q`(yu`_1X)Nvhx~Zx77|T zf2wXm#qm(sAejVQFOG{^q^Zh)m_r4`(7>yL(1L2&4f;o{#wSKBy<0j9ZJU|B>4TI+ zM-yjJL2i!?ke!V}-dG8iK*z_i=46~9*jf{Md;5vE{vXaX4(v`HB)z{qaf~8Ck3p_< zkjGjUQ8`Xt8)cNKdSPOeYtV^mt!ZVXQW_CL6mc;lzDc{+)Mpd5OUE<~1@F71Dv1n+ zplm$Ky0}h2d*M}-O>(Wjv&ZP+>b%D<#Maw+2Ra6s{^2YQGpf8#`aZHj!6*#BinzkatbL zem49{L~veS3c3rfKxOdo5p^xQw08@TWrdUfB(H<01z72h0ktH77t4My&diWtl#JwmKPAb zJ#(FO+IH=w&=Okd(ZXvsy;U)*4P;v2VN6?L*EsIqQ{@8Cb>Ix0=40!sX*UEYw7pDY zsFLH-HQofhdt*S8&SpM;+;mJ3qSXT6HO$`JQ^Mq^DRpkT2YLlN<)l>~@HkNl4Kvm~W+TPq_>vF&jwQY-4AlPYjK4`#j;i8H39-NqY^fn7rP?)P7Y@ zP1;`rl>ih^HC!k}-ZJ#8>|O(wUIi%jsJ!u#8l!fn(0g70Y0?L-z$vMl6c1Q%>SP<* z{pAY?xyIl*xL|6xfR+XfsTp^*rRVYcXNr?xvU?URvmROj9} zpY2%6RSF>0hIs?vY~3!8*tsp4Xy@*mz3JAb4m?w_+feBMAZwch+YExM=}6??FT;7P zG1L#8d@{1jS1I-3>D$)g^MUD?{K06lO}I6J+Q2i~+Jzthu81AN+S?AdzyW(&)2;D= zb$6FqXkgYb)Q7k4Vz`R1&#@l#04JzFuV;5(YD3#+>KG$bZT`EEuAi=F3;@ro@h%gn zN49o_pxe?c{hO-J{+JP`*AFjPp^nJe!ME^Y;H-8OioPM5Ltb#((%JK2sVlrbPJkuQ zLYhwVrMXm!#_jD;ebCbk*G>R^?CYQ#)FVGZqt-G=AVG$Jx_+MFpKD-j_Zs*Cfm=b; z@w+SVALu95f0(0@pO+d|Hr|+qe(W?_qGNJIG=j4lL3&X4R-=t+BON}uvs+b6(kgV6 zj*zAS_=`7y<7URUZ2Av-cXjFI9y0tI+`_*mv4z)sp2x~`rjPhT`N8mHiq7FFR$eFB zwiy<7-$owML>8RS6CTmHzLC8$cMR=}VmwwCMf@`8k2L_}OG1Wi<}j}=Fn{7gOem@W z40AQ~Gd-99PNQX?)H9c<`|m%om>zh?VbRCbI0;USLr&m#qBRUyz}D5j`iy)=@>zoZ z(b3^YE#FYPklOE%jr{H>*u`IzY@+)dRgpM(JjU(gB(xy>GV=574H*rU(XF#Rk)`)u zZaGv%=nVe&UaC`ef}wdc=hjLT~oeZqoAC8RISTEd#oT;nFacILcaF zr-}J1+*=c;k`YmTL-?VQoz$zNQ4ePTY4%A6jglT-@E>l+Cl*Zuj2U*%F*%QSs zG9P=UGKZ;CQRXEp1en79m}38;3!(f8d>F=$ekz=z8cUY#Poern7!mr^%C}cFxrhho zuvkNWSVSO=OpSUwg0mT>0P)mFbi2o|m6@IP;^F?jEB^5roMBJKc>)nn&CImZhx-Lk z@R^zCt-;N+=cJZtL}|^fey7|{BWprSzIpR>w@Pl0njNeC4rLaVdoEJLYIgY289@6i zpPoCxLhoa`*~I}$(W_(S`>IM^HmOk`k$Ss(`AAjtK^33+yb&_rqeuOLZ3Nje)1Lq^ z)nmtVOlPknw>%xg)lvrFDK&YN_Cnb&XPEl2$^4Om1*ew7qT_v~*QnT0X8@cgpY)%2 z3f=`Bq+$u_HM9n@k+}%cPj%LEB}F+7U4-528L8(@jp)XP};DR2Pg*TLXP2 zd!Ru|Uhr|TpStaP?HiP98(;O-AX80=wviKsx}NEsPN4@+J;r_No{62GU2^#tjvqrc zP(@(qs&iZG=vo~udS=q|UP4=3Z^qTq>k!zawv{>_*ESN}dL()(KzO)Br>l9t5$ z(sywd*|78q4?VnKt_wnn^7oPwq1g^gok_iZQ!i;HQnS0 z4Zi4^q*Zna`k-p(ijjq}i4l1w`|+&j$vBn(SQPq)Quy8Wg+q~+HjQ*cT>&F~MG!o* zO$on+rv{T*DmCaB7CP%dAolLLV{0xKa@qAM1VjVVg+eSe>1g}?RSs5$jg;N29YM{mG^9|_93EJd z7SbT&xvq5EnA%8+trh5ZBCGc>YZ}bFrcq9Wv&ua+lmARai$D}+xq z5Tv4bmM^47cH zuI5(lMm2SUtvpcc^uWY85$6#9Ic1o7_%*+aLuckBf!eAIngBZ)r|8J>{!joGQxT~Y zt=l>oQ4L_qt8=&RVeW)_v&GEMZ=PN#IrgYVwT`~+co}XOHWkj5WyI&g%bVm*?XPg} zIje!AEEc-Z^bFE5tJ<+v6&}l}DX?@gGIlQm=dH7JcY*I@X3eylTcNitMScQk7KRKH z1uUXr0s(g)P2L0|fKDS0PO?He?_-VP+p0V~Uf$q#Ls2Y1f$mPIV!t9m;orDBf;^al z;zxW~n)~G_5+YS~=b^TsA`%6Jss8-`|Ae;$LIBGxNw-y5o!b!>@)`JW1)3sTv9b>p z8Hl|w*IsJG-uV$XdzPu7NJWmWH8RqL6Py+ZWDkmCp8LPmf&kz+2cK@n&g#ecL4K`n zVXft2t%(Zu#8WVLO3fp;h;!G9dycpG^zDl|ur>;so|9aBr`!Zh;F_Q%_~(%2;x$J} z1Ht|4-(l2XB%~Pt$8i!P-dpLr5z2Rr@S9{k5(H(znG=P@F600V%PAG1NQ^Mi!7MM( zccHG9QV>X>%`$m|1rmNYRB3&E7klD9y*1WHm$)i#htk;qnW66b-Y0|z3Q36<<@7}TE(jc{?9BXp1gYGkh;L7r+vqQ zt0P_p|0DBC;097%{LY#a`{o46pX(t z7LDa9{M#ynu3rlKdNdn+y(ID|3-4kOYN0K#8w#EM7%%}o(X9Yl z*h1IPmLscUvQKM;r$l7mGMdk1j&4U^@x=QGdTt=aF|GZFDhn1T|K^DR?2`o<^lSH5 zubQ6NT5+{oy%SHYX7zPTtkXav9EQaeN!jg3hP~`s28>6atNH~teu6OW6Rk`ucZr<8 zww0yetAUf@avg~-{YNc}){Y8Opvku1uSV}b1E+vCi>cutHX@0gPYwo(e$e4LYaHVq z#92MJc=_=$O_+Byyr*BT(vvvvHgpQIFK(s7hI03jCj&vFnecqzQ{HENMLy=zM;G5O zo&9-OsR1VI*#KL~wQR#f3F6d&r!|d^sfi5xpmz_67-`y%?gOEb9w~`ii=W+DyfNYa z;Ee@{Z*-6I&^;LNYfVo)XZBA!e@tFCPQmG-F}=9+k3c;=#Yr8YdegU@rEV}oUy*$! zTJr7pj*U$QWpa_VTK6`oeT~dZ8JfKb4@liW*fowFGb%ij9t`L*xf3Hcqi+w;jOKdk zak2t~v-=O(x7=s$s#RQj(+8No)Npk(_Sy}kEM#h#q}ZO>KnNty+@5H+S!1Fv$3Y|( z*73bqQW2|}gA=dNn*7i3g6K<`d5DYQz6XL^%arF(KAB1y(Z4mXdGO)B>agX^@LID%Q3T@uO4 zwK<&{lY)+qb_Z6!zyDhna0H~RWwu}g_w0eS{#i!)P!fAOl@|=B<=&gIUbL^#>K%6v-ADD<3tB*)N$*url6gB`Rq~$0vNbNL`1a00-nK%BHV?E zuq5}NTwm5-pxJYG5l;cxsoi(aGTC2gzuIKidzJr<-%Kq3*#(h7i_4b-Hy?18nJgPW z!l9RUX13hS@Wx|$5t}paDeCc=^RkoPEMZZGH>NH^lMf5 z$ntx$MC}}-Jclk(r>W9;g@>U*L46^k$F{>r;-o-_RAEaGqWX6o!o)~u`JmnKfad;L z)?R6DV#NH04|{IhF$aSXiI-Oy*nuxr za(0;~O~v=2YdsoW`uRRb8L`ExfUat4lNoytN@Hid@9;TCCfXYwAzAH3kWS=Ox8gBHC43%RM}FiygAKjdLsM zhr^?y#veNIQNdi9nD9(hdT=@XnfF~SP?35kW7qACLon;4serMtXpX&4SHG~Eio53| zCZ36mib^tTh|L4){L#qC zf8JPpovAz2&@%Vf`#=~!n{pT+R~l4pO^?FS_e3XS`})a_&774ti0_<7cT&zJzx6vQ$}@%#QYM*xeb|`( zxfrKs4s(nBQ!{y4^R!I;=SmVD69qi>PA(rdaeY!B+RXi029qDR0+?L+LspsjBo_Ws?p!%@jH(Av`+@^|q zLIGL-HY2C>@aN~&LdEI(_U*ek)@~NXplN^vO#?5A)}eiK8@mKw$ipRQIA@ZNX<)no z`PZ$9eWI#SqSjZggg`4xnW^ql{n86H$&;g-Kz2A?*d!M@t%&9`)d;dok_gx%nW*x> zGI^`fc^5vpAqUS_AH2x7{(LfAVqc|F3ig4g7>ub?S4jFkeEr|73b0yoHxX9}bS6_E zWrWXuv@?`p$(+)o70{s8_V8U_c(1{y(OuXF*HU1a#m3*HB8B{~G6uJh<0Em*p7^)0 zCd}&B55oEE1$UG~IW+hk@xr)H4Lfp+SPToMJ161Vv@z?V6NIn-n-)dKYTx>?!s#*z z2d3xbgpZ9`$jT~)Mt7Hm@BLtN38 z5Q!N20f4?cGj#LBSL0sjfK02ZE{qUG*hNafj{&AB9&~r)K3N5sK)A$;y-#_ped9P~ zNO-us;?*pH;{q~TT3Yf&})vk@#^4Ci*(uT{pX#dV#BeBYc<7dEyEw?ZnZ4 z-XmP3+{2b+yu_TaNt4hh=P`Jy;vFeK4TQ!&`pZkYKH@X=VKDr#nN)QP+0DZ%nzz^t z%hS@*hPbY27=ukikyu%po{?cX+LSajQVu;Uy_SXNiN-eW1#%6O?p*kUO&ouMoRkne z>D8pdNp)s)YL4sM$_@VqWz;ySbI>F}O;eM$CQG#^7`z#?=;J>3!0dk3%-8 z6LNZw`Y@cDUZZA&)=iQaAB29;>ZXU=D2cnQ_)1@10{?po2 zDokN39^s;UweBUeQ_-KImJ!K4<(I}!h>vGU%gQR)#UU#8yFsz|Fyc3weR=@aoKUg3a}{W$5gWk@w^%XG)f&RxbSs1VJk+c5vxrwi0#a)2FOr6_2N}BpwR7IKF@&ND&(6}Gz z)Dn5)i;42zJO>!4XDxYpdinq$0q!qy+j+~LJW04{YFbrtb>Eqa`=l9KSv%bvKLb|v z2rvLR^zWkM|FbM`jopS(QCEJaBYpz!xgp=%`|?(v`^wToB@1X%1$W|}=HupDNuE>E zOStMlQ7bbj3BIcx0yA8Dh(Gj%mhy=|)h#diU_(VqZwM-=;QXsi_kJ*3F5fSS;CA-XXramlsa7M{893`qIK|?~=OAPlopOnS9vMbh;3f_51n& z!p6;BHe&Nky<7x99@PNgI?=kPjPHCUnQ>jryY-*Dvcr`iN7R06%PLBpnwlCoJ#F*! zLi)33T5t)}b-jD{E+{tE%E5VHXh=>;X}dodi~beRk=hhC+t9Enq&J&NT^ytT>{i@=?B2FMug~ z60#0tf*oFeEc}ab6r@>M(Whm+W#oFel$6w)a|_?T0L?p(Q>q0OuslMEs($SOw;@JGyJ`3HB{imR{9uCa z*emH?GLnPLA8djDX;b_?)gB5e>BZ~;1)>@F@74}l#4|8mgg>cVWY#NI>-m9 z-?tKv20UazEe@_q$roq}V{!!@Ro1n8F`^g5<$6zJhiGMA={t5ic^X{%ad!Tuo zK8$r6?x(irQJ*BD1emDO!B$FD>-5HCf}~Tn=M(6tuU*CA_?mexk`3aqQ^4Xf@K7S` zFE{NkJBj$X1w(wmc=Ltj***r?3)@y>Jg(7&K6tRN0c=R*mK2pdqTeD>M+RydUZR_Xe$~Bi$!$&QALRE_?&U zH;nf-oYy#HapD$nMpRS~vRaRltVzcZN9J&rm6cUiT|Kxk3h!gu&qh+oE~yz+NIa|` zL7KY#av6V1vzM7rF_{Wz!ME9l#kj;18v4mi1@OK$>CW}_ZY%(q{^Ju6ki>5G->Mn-o5}>b6Van0W>fiKyOh!G%|}2Ad zuD(kB-d`<$=~A+?;KSp@Wx;d9gG?UF{I$uDSxk8IMq2m9wZ{>`WkMF940vV^22N|F zMJR~DQUKxEuOOhAk(ZYCqLR*4SYIm>bR@S(b*vv1_*Vl?Ku9QRM?c);8R60PA9b^a zq?raI)cC0@+5fW3J@3PTIBwEROB@@ludseERM$^Km%se2HgK%iwmrnxv|f4_9;D?g4^IB$-3M?QT3R*WH@#N~4hkB8)&tg#AIa1tbhb)Fvz!mv;aeX< zRE<%fsIF{E5hDs2M0zb2@8ndNX;j*=l^bkP1gG1+Sr%gLOUL4YlPw{Brr(_S{r|8i z2Pol?X>Zrmka2S>z4}yHN$L0$kEngch7Ucqy1Y-ot!{sDJzigFs&re9cm1 z<1IHh7C&^GX)sarI>KQp&)G0Ui~%z>%Ee`8D`{mJa6s%QRzN`DwWb;LaN@h(bcjaf zy6(Xz5GQIcvd=I-0S*TxC1ugqyZCf@7OQJ;dP3wWtBw-q9RSC`DKSvtuP}u(Ax6xx zMt{qm8US|3TXTEy0AcFs>FWEw=Y0i|NIyTj8VrqSdd>|D47`PYhNo{b2U6a<7e#*r zPdE6D^wft?&QLbj@j2h{%@*wmvB$Fk&v>FukUFOCMCzQ z;zS8a7l&x)dFki-k6#G{hx*~Wt@{LI0C-0G<2Br{hx$LQL&YI1%v>0R+JF5TR{-L9+1UQJES#2LEH-UWmEM0_{I9ZmWl z3vanhS8(miDRV2U-44=Kg>-hrO|pQ-oN~vkV|~mAD7iT}g9I%vS zeGR_gjk7?45oSmCJq7|!h3Z?^cQX0;(46QZDlS|;T=ym?*G0Ub*E<+)6a-a26@r_J zo_?t{Ui7hivwwe17Ce;dL_)6c_GtEyie-$EtbzE#O_eNYU@CJ|m& zBd$D0heuPA^75KAH$lkO_t2q3FD%}Fr~3*kb*5*p{lHu5(T`bC$TTl^Ux{a=gmyHy z1n+e}m(zJ(1o9hZDd~iZ*>tQ^_pozCewHz`|kx%8$^e7_29G2W!8%NM!&j@kpW5v_a@;WUM zJszqNh{~jMF_#gy1XHg$!Jm|4o3Dgpo#4=m=Vn9iAAnb)wH;Dle9J}SiTR0VjNBJZ z_X;}a8(e!y&Y(By{knX4!dkyf((3084tDlHu%^Q#xi~l;R85r}+`OHBqy?Hex-o8x zhm%kzG-s#^fvGEl`!nt+Fwt_!cHBePXQtF&P7YHTXocLCL>^2{Y#?c)uzPmeqPK!D z9Z`EEc(69S)@QI*zi#4Y1ixbM_peVIY99OegyAh((>2w!wH|QV zjGQnyO>cwZS@;VownGDPXF2e)L}Mn|c*}J1x0Pz&O0Q@Y;#CIXF*zs8FQ*m(l+=8F zKXi6$LT=J_#uJyzAa-{Myin+@U+&HJg-Dsn^}lsPTn1k5I5y{Q>T1tYHNeR2lg_htE+=F!pQe4+~l|flQdcVb$y}*hf+z>M^dgOVVI!s-rcpHZ5WC@S#I*hb87k%r9RN5Tk-f z`(SAKN>=Lx0WTLYw?)E>_geFqX2wM*-5Zh=lqm%K*+2`)#`hkU6(~5~p6gZ&Et^lz zo*t^t{&G-S=DAhZPnB4Q;nXj|UMl;f(~`RO5JI~8X4_&noZmH0N<8`hp39G?N=-|9 z0Jb0p7Z?9j&zGGPtbuAN(BesRb$Gf~QDy#XXCd1nIcXZCX6|~qUCj}%syb{(SqAZu zivW6S`qiRt3I{1DB;;bZ`dpJQufq}}rzDx0#pCL!q@<(>V|8`)x~VyBd*5NerYgHF zX_2hBj7&W583OZvS#d1MpO#XfU5PVCw^*E_&D)^ z|5w{-K9)cm8~YN;Mi4#zZ^k5D+mg;!jUICa&pDns#C`OE z*>~Z|_vUvfU}yiBffDAHpH4F@+Y|GiJ{?qlw3^RtRHEYm?98$g2G^@-gJK^rD@)Gp zf^5L?2iNyPiUnJ;kR;%rH)1JNi`bRdX z`-hHY3Q@-u4=Y6;%Fxc*xow+$o2Hh-Gr!t~@SoTF2PU3(^A&f9776F^mT^VkIm=ev zzs4M`3D7jFC!T_NSkV$~^-IL-P)1et0cdkN3O6?D;&@S`UAfy6MfKf5K|NA1v_ZCw+Jft~ui)h)I33vb?EjQpRE18J_1dr%v6>c=I*sB~T-! zMb<}cIsZ?z&_A$CYlH7QqN1SzX#_#QUYJEiy+Vrskt*F%=K_%qbHJWH`!VsOK5Q55 zJ6L-I{`<%?t_n9;f2PIH;WKo!zxF|MW}-|j!IR3IOR~p4sn|`((tlnv*;Q-`NNFfi zR?%OYm16_jA#jiJjhBMWg>dxt3R;9%z8S9~fCO^WzsJy=*Kl1KU5_JGFv6m{M2{kj z(%Mk(rlELQ-G{4$4AAVLa8NKiC^Xb`^#w%Pre|g@bmVC7kCL>G9T9sG?LPOlRUWEz zCuYw(yStL9#q#E6(H!#23yrELj+?9xVr;Z$U5kj>U>0iO8{gtCGugwHr*uGBMkWwi zCCK)axg8vRqume^8v4$*L1KJC#ACY8x1D6zlM}+raX7}kq~}A(pEbif zV~_9#BWM|#4(}GbXYxK>st>fwetV?mq~%^-UT^pNybMl|4hRE6RoNV)Qj^Agim$;O z<D9vPzSO@am!0EbVso3kcwMHO^pTU-d|3+bWdbXkaK}&TAbD+wo{=}_C zYzFSOfb~2dGy)hCmeJACrl)4g@9OG8qoe7KZyc2+`wF&Sp8Dq)H)`p^r&fOZ)^{i% z9yl!B%!%h1PHlIoOVW!MI*@!jWg!HSk4-xmxxriBI_hq9Y6Bq~lt&U&8UBxYJ#*ZBs~uW%s@<)4CbFpFA5H<$yMSN1Tpqp z0Ayqkz3*!;Dj-N^`pRpY4UjOWN_PP254yQU4-5`UwQk>W@K4;u^T%+{aX(fl>A zY{>Glx+{ND1{9qVELIa ztgYCBT<`09G-Z*z!S*S5DXBY|dIdFMFUQMA8s5FjP2v?j$+VkvX?y++W3WfE@vh4V z#lR{b264eM(>O=$?%6=H2cipwPcCm=Q=3czgx+uWm^cOaCvChcAWs52@l)8#t&Ash zfP&Oq-q`LYo}2vUEso;T(2Z6{tI6;xC>KcA+6+aQ`Ai-k{7VyJd$kWCt~QW_Q;=1% ztq3mEnl_(%A+cL0*W?a>xnA!kz)D2y&?p3Ct*4jDOJh;@;+q_#9M7}DKKX?og}1vNxyV(RgAz&)~Zz7YjA0a`7M8{K&xoEMY#k zB|EXA_#I^NyK!Vn1SU>q=94$eNj(_t&l(Cq=D*;{Ob45vjgcZ9HTDWm&t*90o!b1; ze(1H01pGBRNdI4vXv`6JQ1BNLqB)goVZe&whx*maxdCqPKdz2!h1Bj&$eHs9w*Ksj z4GB54FZ1x>!;#l&{8fDLoE?-!<4%?Aj;+2Qh#LtftPT6Vu;Bc~wW*z_9N8Sa@64#S zrhNfG+TfsuEqVrRA*hfm-F7}W&+LisBvYc7Jff+oiA;6bd-vj}rXl}&>~V;@uAAKf zf<~vDwM#X`VW9D`d{cAt)dQOu)?dcdOOE!Z#siTxIp&verKhFIf?u7OpRWNmy%$#p zPpml;p7Uh0Q~wut?;TI|`~Qy@l8T~XWtGaxjBHLRBq1Y`RgzUQvgfH@NJ2$MW$#s4 zg^UKuo*7xiA;ihv`97|bqw{)y#_jXh?~mU<-CoY?Ij-k*J+8;~8288hv5caO-Y&7a z`ub7Zl4kIp8O~?ulwEJi=8JQ_=k{)my!iLY9RRI1ixHD0;3)ODV~Z1Jo}XX(_HZId z<;RzE_6`pGKOZI&r2RX;hLMo~KpdLSor0vHDtA)V{Fb1JTr03PE_{|sF?`QG+9 zBcMHNnmjMCeO2PXjfb6P#EmbB{Eb;-7eMh>UTpbhsh$)VPK2&Sg5qicJqm(}X10pMEzi z6g~lBgjpFt9eb1uOVd@+=KrCOAx}%MR&g+}c5-q8@JU33#fW<%sPpUx`|*vAdACM1 z(=sxSt;v6f2Ir5!JQY{_NBA$)fumm;7E$TRKPL#2eV3D#1;PNz5JNj0vVCg^0e>C7 zoq~)e8g&n?VlQ$fZEi#|Az3HD@i^%r ztnx}D@h>cEGer?7($Ow|X@YqMVQda!7`yx+JnO!RXY0|+p}_%v5Y~TG%Xg$Y=XVQj zLVuEij>?~dfi#i%R7>$3BQ8`$=#O?F+*Agk_Qj;;+C4~Bz64e2cfY0;-L3{(QjhK7 zc3Q>Lyj2eC-+>&SQ|K*)tm*`TlsE+fbKoBnMkFwG@Rs9u+!Kp^eJNd`-+K}mUz%E4 zP^rsX1RPY zTj3Q)|4dUm*dv9dcM0q4uMBq0!Q*{$;7ojNKDL4U--N>3${XQr4toe{ej0Z{RR*?y zP)FwYj%^7)XOqSMOd(;myWss-3<*PhV+7wfd-y6^$aVDb;zV4(5bxo`ry+&mVjhaW zuzAmhaZYP{8>VnidO0KELGfT>2LuHBA<1t?I=|pn0gb_jQ~=F=2Cw?AQ1x*qDH8P^ zYY0<9Pl;aUGX_S-cdhp*sby-K007`h^G!3%4#*YCwdUaDWH4?QAtQkBvTOVFTpHT|3wDfXCez~(@5ONNoP}Q#BHb2pma|8uep&rWXV7r0C zgKnrF=l9OG8IJKTg>F%*(JtS&MM^oQce@NcucO^ zL2codX=@2xI7nF}Y%!HVto!Rtg$rMU)D+z869B4S@E2$Nzh-7-g+WKO-quw}x`|R6 z1J%b>X!|2_%L*C^8}Knsc&k|Bc;>t_eZ4Btfl9AUM70T)9Zo zc<|5y`%6(#7scjrLr8@Oo@E_KdeTb70`z)JpIe-8F5?T9neu-ItXTY}jq)vc8g@B@ zXwSLMC-Q=jRfXP72Bk}FFRFpr%Y-ZmdT?P-dnJ9im^2iI;_qUL~r zUtRG3+BT4BQ;4I_^}1I7j3+ECY^rQ+xooImX?9GBW8bTzyY%@9N2~N#I9k`CfoQLS z9L<9qy)`zyMnFUwA&503J*BCQ*t}QlB1J79jZgUPWPJo}vouP9wjzq-gkXM?&t>SF zm*X_9e-U^JY9`WvR9k1FaF}h6jB2z@VVeslAcCcXfuzH`Q*Pc?sug1er$fAS)$JFM zt{9kuZf&0c0z4n$%;I_=WC<8&4y@tVR^?rxMQ#%4PAR@-DodPTPjse@2bEGK zbf4!^+<;wi^s9sPdVhI-kzjPdE?P=`2DCE&%#60xu)IrY2P+BJW&I)y+W+lBz3>dZ zpfz9(r15L#XBg#al0@$|GL(Q&^gX!`(ea-1Ob3;-{3y!b{Z%p?5zAnT1R+t=6v-Fe>|v zif*Mr6O}$u>DwrP-lE%|TBMV4;SAvBAjKXbBmzmo=` z-=xGYrbIq!BPCmp2VM`ccdm=*a&3Gbx&Yq)At15ZtD|dpSSwl8vR$p+ zM}N$QPqttZI_hPDCE1aewR3fOUf$9#G;H=>QMqV8(BAPFhZWa+-mU0(<|7SA3h}V| zSFs8$(BY*8@12#^Tw+T(eV_ge1ckOq&z!x(>e=_0k_pX!9l2ZUQ%Vf>S9&ghD&3jY zP(uC4-X_*l%zH<&<88^)`n`Sw%S051ib5W===zL$D>?+mvOP`l{6TknX=euNhl@hi zdonHccGtCCM6nIKJ=F$oBS}+`VKtulPzRI^X94=QEda8t=eV7#c~T-?Wg3_DLizLQ z)7PBaAYy+NLd@6Lq>Os9lJQQ>8fSvHd4SB;&aXim$_V@j9;IdW(5Fp8OZmZI@0EmY z{WA*~8b8syP_-audQ!ksDZ&VvuRKPU*xDDNGk26}c8eWq?NM`EiD&zkB0U5`#|2Vd zhQn@U6Nz3Dtx(^$!(%wK*p3BYL#iM^S-x)f41SJw1_4?J7rGPT|&K zD3186ARPoP_1aqInte`vcv7$mrkrQYf^3Um|Tz*t)&bNT-`^}wpLpSk0X`YZGpi`&~ z5~T^f6|Udk%&N;g^J5|z(?1O*<-I?pb{KTM{{8xk;6iiJD2v#N+rR^H)t9MCBl$Fm zWccImKjQrKS({SuJ6n8Iyz4%Hmb`cP8HV@K(k}+6vOL1b%$iAJ1yjthJB&;e#dOP3kfx41{#`7FW#Wp~jaKv?K zB*hGn75vXf>>P{6cwGFnx$z-Z?pI?b1l+)+yVTV-&ufWk?oIj@K`C%^=GDLzBFxmUrFtXEmLXfiula(rn@s-hXC!`^sd zOO~cQIeazq#E2y*t|jD2YVy zj!Pf8COBoF9>IIb_QmuC-Pr@DF*Xi$B!Nj z+5U5B`%jh@le5b$w8`UPQBl00Rb+TVGzY-=d45YKn(}JVhqJ+|*WC{p#g6x5cxeR? zFYA#*5Zd1(tBHTww~}m`U|iv#tyV)_s5*1*L{Ky5Vwcf3K#cI)O^W!SANY;kHDd>LWdOBw%hzklx(EKQTbU)FP$5%)Ua znDO6DB?z0!H7=kQ)zJMa#JnX-+vMKQs>*yt;@kGSyWJ>y0Tpc7Te0_z=wOqbRb#@p zDqXNtp5Q?jjbyX*&?HJ{-x^lyZ|)njNrD8CRAmg1ZHSoHvjE8A)>-c*wUmz^Pc^YB zH=#K#+A|7NYrYnGDaFyEwo7xb%lP?pv-i@Z=iMxsQP7a}x(SG?BQw^;3MwCBfoiI< z15W%5v(#_{`+Lv4mPW4G#8GIvCB~O#@VOYGmcv6m7g)zbx=KBZf7sn-)*o?yLl(}~ zmNIrSc*=VJ)QBw1(}i}fsIIBZH3~TDMejCyOTarv@`5R zKjbr&&zyM(9l95!0-^G1dUl<39#}#4N<(44LSITt(uS>8G5b*hbh>VRTLPv)@P-< zqi~>vfCct)>~zy-R%YcJojDaOhN1(2pwp?Od1jR08{|GU`PYu_+4>n*wDk_Jz>vwAQbN`RYiMhudA_a+y%f zC>*{?Z-IL&{(!cPO*Z6|I({l=WM?1u9COdPRpm!%$c!2B>jcm%(73&hVATh^D8BjS z2yi7Fs}iH!8u0GapD9iMKJ^lh68&BaAK0VH#Jg{eM9i`}8H}S`mdJ+620!Zsctq~j zRi6m%|8G7MpnCwQ{OfDk zppHYoVkyr{)%RON0$K#&3MMG<)y?j=bpM&KYJRS@#FhNP@>$7l=|TT zY>-yB6P(Ua|s;Io>|iw!f$Im-{Rv!eYZF|I@-_tIPcJ{4~DksPy+iz zA5hWJ<)`2+1Lob64l=t)@3Q=qBz@I)7rOui;a*umfA75LrD*!Bl)02*@9&P5FB7Z2 z!9Q3Xjvw3Df+*F5(enjQbzE|V?5+)BeJ6q{5C zz?7%9yl-~VjqcHmu2qUK2ja~;WDT}`>VTTb5^Td4VT>cA`)$CgBP1ngtWhF!%0x7yE zHJ5^H_rBRsMOOz<p5 z#G8Sg7lDTKjMhX`g5O)92)v-#h%mqe$K+<%Q=#fhvsaIkY>Ye*$>*LPv8wrt;e@+;;RB}B_#?NW(OufiN6yn1 zFM=XW$! zr+33apL1)Z84zm_M>uhZ(y^l+8jF*=0>xI>YAHJz&wFl$m6yV&NG9;h00%R&)*k8?uG-C+O4ltn=Gm6%I#eV_ChjIF0Kxj|oG17QU>uI2s7U z=yLB|@GiUAC)W~8sfn;>y>r=6d2|sptROkh`&5_JnMOe*dFu}092|X}H`Rg(zX(Gl zDL|OJ4u$Ci===|bAcij-G+_RD%NLGj!LpScRj7=Da=n9fb#?sX!1#U|>Hv<2ciY~P z0WN)h2=OZX+F`tKvLnZ+_rPh!eRKBxBqlzE0R%E|qf^2zgsw4KWw5k;GhYq8LJZOeZ0R0D+;YQ%sQ*@L{wC z7#Z@kzSRk5d+22L8LD#yf@S9-u6MkAw?ckzPCzy%m{pVgGpdM!T?mmkMM&|QL6?a~ zQBllJtF8pon)pvQC>~t4o3K6_FV+bKP3h4dl;3i2TOvT$2BDuK7nWZ?FBPX;q7n47 zrn>r(>-5lPa9C9@Ed`~b%57la1;pL{{g;*+F}z${N&qNRAJui<{(wa?=L4DB_@~l> z%i5PO$0a5vE;wvHW=$d(9tbLud;6Fn{8oM+G@?-^uLIJkMf9*ZZnJH=X0RE!#7g1F zgA{cddGFBVhgW4GRwL~wm zH;Ak7=Y33oQ2Lly9qV7wpmKqN-0GS(GaK~D>hSR%nik0@jFa~-*=Q93ujS2w92UK z?DBXHKP>gLf^gzgg`n4~9%#KB7l&Kb^xBzt`$H;}eL935zz2RG-eApvv3Wz(YB6`B z7NwMbg@SdHQvLZVTKy2T<}tKijRztv4zxRM6^cOt~7`F`fUF>p41>gR< zje2SPAum!eCMM@ATG1?}Txq{t&aLN^xJ|aEMd5rc{BVEj2=G3 zo-h0>Qj@Qt{$#ROLDB-piqF8Q3|3 zF-ka+Xl-A^5*CkD{UH2y>Mj)KAYoh3ioL;+?=Y;!bM)xU-b!DZ{fFe``z9UW%RTNf za==rG3epZJPy*byF~UtSJQ6C2el<8MwIS6E!Sveak4H>eaX1|4l7SzR`7{YAKn$i@ z5Zkdk|8g}@74c8;6s1242+FsDF?0wGHJmDsCJ{{Fs{jnhF|FDeUK=}oIfz+I1!9GR zKMDcHUnE2Qx7u{mW+jLaNT#z;6ROlXpj0?bxzz>zVOxf57oc9{+9kj8a+!df{cZ%Tb5V*d!K7zq)`Hi(_O*Wq zAlPS6^(*p8I8#nA;y&dFaii~8*YGSzx&N3Fk|2DW2CVSO^WPEkMY%f}ib7Xct5^aB z$d%j2OC7*N;mXP%#QxW87y-U=(vkHhoPe5Kc5S%G`NM`!WhDHv*Ec#yT2o> zt&jK?Fi-(ej|0xZN5GTZ9k!?a)fxo%9R@psS*4F403ejcHyIj0r||H>!K+F^VSjRc z>&xqt3r~BdvrCa6o3vQ?cnS*{lxK0l#O7ksp;~?lnA9=A;vMtGDj5YtanPsHaWDd^ zHHdTeM^bzcu+2b=my!^wX?zH{4{L<`_?3du1^+@5n0e`Cf7|rFbq!KP?&%=JDnh`H zl(c_#_k7UN9d}4FMddmm-PybhcL+PsLLFfMQJ!o8YMn8>91i{En|XM79~l-q-76*M ziLwS8b!Zao{L?Lgu6=C~N=SP7Qe$drD&DH5+HYGzW^2+7l66|)g!zooKZfkM@?3aR zG(Z0yB&1UN5IpiQ?)H`)st!QD9AK6kbp5_i^+U7E8h5!^}(@3BSFA2V`zV zkBWi+`tn6qB2YzDH57;vbzw7PjfZ|A*^U2xAL&3i5cNROY$L#4z(_xI`0&N{1N-a1k5# zK`kV$2f~V4gjD6 zftbP}Vd3*Y#(n^h39l@l5vbla9)u;~{V_m$WNEhu`g{&ZA*cCw=*t35l9bE|292?R zX^4}w`vXn512d{7pav1cMTOPyi3blJJbL!*Xa9B)QS=lMc*>`4GIct|e{)KKi3OgO zwu@0WK{@wh;JU~6MTR5IuTCYNL0LlYNNHW0;@JxhE$<%fzF2hiUg(psGf<=$$Rd0a z(yE65Gtz1Y+yOb3)7LDoTZCwBr4C6mkKu>7#Li491+)=PL9LPTmb>R4ew{o-qKv6d zfkm`0a=$tut1JO|;dDn~KwS*J^J9Bdj4wJH@Z>1nD*hsa5jRw?KQxwKN=2M8(BJiF zn~u)ZysmK=BnJlUolanndW`X3EVNHDaQXJnqn6^=nffLAb9)(Tpn#SeuzfqzB^1!X zD+fTcfa`}LPd-$MNU8`r6a7Q`946tGm&~6@0GlQ)IN;?KoC*&gKUB-SRsoBylSb@% zhY*wSmAfpmZrbz=`#xv&EnTP~-$8#=NIL%3)-Yc^X6@(Ry{<#c5CQ-d^IJQ+1o&Je z?Gwp)>u5oSv0q@lzP+FV)KZk4dQBDEl`f5IkgtKY&>Hh0grJeyTFICvg* zKV!*Nuo~LJpd3@`d6< z5dzo^(HEwDd0VzL`vQk@$^ik}5yaO(+s{A$t$h{b>i^9vL8XJyqbM&h6@!! zH5j{RE&AAhsC+O5{%7RCia^PX=2>gy0VKPqfH^LMPVpa`isz&&VFF}=p<>y21jTDY zn2L@f1;_yFd(AKR)x5^P)tZqgg<}V0yTQuN(@xCHR5gkeS64ZE7MB}t+-uJQNtNY6 zb?@J~g}TnVVWCe{f&-}?0%O?Ls?f100gyW0yZ~Coe}+C9{_E91a}}Cjnn#EknA}0D z@X2k(2y$6af_kkZmDZRoI&Wf^2Py0Thio`8i$CJiuU%kgk34MOR+DE>jw_?JsKJ;Ucv)7WtLqOPH% zj>isFJX&Z317Q`UdC%>2o%D6(mhih;2Gs!Ji>V-#HmZ;VM#bW)Y4B%feCeg3h8V$= znGsHNhP`<%^{zuq4lKrB&jyb#_d>egZx{O$a7ixq@D8*Su>ibal|at&3@WVJ(Qe2E zK-0_ZcekRKB20ak?vcP8)7d6c2qo2BL{FH__=hn?0=y62g2PQfJ%W!5xKWdb46Bbo zb~Soc{e5ajwy-{_@rMOYY~_mjM^6Y}_5Bb$h|8r2o$=oR58YO@3BoHzA%Dv$k+yjb zv-%1{xZ%I(_}~tzgoFAgWj5+7&<)4ohED%;x&$#LsW|s(0c|grNqaf8MVEJgbXX)1 z$o~R};qp6=@FGwUd1~-8sow?GR~RhEh0$h0ZMP3U{81p(LI|TsY%bfX3A7rhg4EFP z#!2q?+*SPNDgQOh6L9@eWHtbH2K38cs84wVSn=AY&ieWhK6?Ehjv%<+?qdqUI|k-c z3LqhzogFd`NJ&gqQN#DX8u9saII{5kkF-ZM0f_b}xf8f6E;f0D1B&E7a^oE6EaTZq z|IdLxpe4kh1T`4~%*w1;X%9c%r2qsn&5HvQgb1H)7^>86ZT+HRs&EIYdGaB3;qhD- zVl3Rc@Uh5%-Z(8tK34s|kRJhB@DLpD(Gl#Ak)=Uv!Qa^0dZ@yEPT5K&;0ONLv13V4 zfeAs=<{X7;-dvaQ5P%v!1kmqvJ$J_Tv&Da31NdxI-JA4Q^p8FY_o37*LJ_c{BB`{D z7vWt|%+rEH#fJ}dh*1Oo4wh<5rlcPK`**)02DSi5u{xc1I(X;k*l2A%_bRBy$6zpT z1INnh;3QQdRYGR^5fVlkSbsxU5~njQyU>UFB#~i(rNQ_!Pz%x|%`}^&7p8r_3)En5 zPMd&kE!gP@M^C|=k~t7@HS!Cef3$n|DFx=9ePO^!@}9egHR(WD7{C!b#&^P-;thpK zSdc)b)xco0Ke>;Q;QC=yDafkk0O;5s%N*v!FtDXsCd6H#^NtYQ86ol-h(zz55YWR%xiVr1AKY*l}zThJUN{?`f0Hk z?xc5*y|&!uS@rBsm3u*<2{m8!BhYz8$YGGg#)qZuMyTYS5FvIw0|d%Dx_{CH zG9o$PC2{NjSZZoYP^u}%k{6dgl%}-}@#*=d<*xOb5UprDY06Fd?X(VXXhuA4<{)lD z+WlBm<(+h5MKS4lLUnSmPK3zUWc7a0k?s+3)vD%I52ecC**hfx$C{%R9 za$kj-s@-GHJ&QgduFjmC92O}D-+z2^w_IU`7>8tWZy>3I{%;!%J@F`^x(ARga>+M> zfm8qv!z*1!9vtZB!s=1N5WMsyYe_vAZ{)!g|E?vnzZ!7RW@xB5D?ZpS9wbz~MaePOMaIj=K%-mHGJAsfZs;E)Fk+{!=tL6v9bD8f!T7IlT^&9m<|053 zAm$>O*CG)bG89+nP`D<+e&#P;3wGcnGJ{j(JU2YD%LJkcsK7ogU%L~BDvF@60j-Wg z;d6H|4Jfb{DBMgNQn*n+g=Rno5l0t35;?GL#QeI0koEwAIs*YoDEUxPP`DH61a;Jj zDJl0S{Hy>)~BTnz{M zb+O9cy)%aA$J$>ELypN%qLviz_Y?faw&+vt6G!Eo01S zG5wra4fG;CF`}3fv>0$af=f=hKEufMjq}1xVADjlP<$7lt!}tv%a}wSEoOb8yQ*%} zzdy?bMHIDSN{KEzmT}wNsm-o|Me$4&9)gW+4f`*L;=`#nk-o1HLPmRQHk^}RJ{Vn? zLz4j2&6}&JZp}?AGU6gcglUPxK_6xt0m|dU_V>2Lw_}wl=miY8!2?B*QbfIW=-e-; zs=3Pz;1wOQTp%D&-GVc-Ums;Z1C~|V=@XP9n?ZXC z5pW61RG+#Yq-8+yLrY-&G%WrSXa+4`!FS#tZr8*^6lC-;j{d9gd0e`FuQs;yf$cxP zzE+1Ylq>|s9|Osb-vUBbgMai6+X~*)RYY2F=@Q>M>Ah zyi%0SIUN~Ebo>`itP{Vveg5=Gs2BzOR)ua1`2#rt7Gni%j&sZ#*qV%$00gxx@q?DQ zQwUqg_AyA>)AS0x4T%<@KumGq4IF0=8uJ?j_AXj?C@)BoPC#)4R3`vVP(>-H{;B@8 zTxTv@rwg+^f5cl*_L7dl^?C~25q z^qAnfJR~_RIlL@??}nE{y@C$}6aKWj!0do-7y79Y$tTx;TL3gHE5c_(RG+CrfQMl- z*(?JzOYNL~Ch71UxMi}|6lRqFK424;9vW2S>zz2~xBgIDzz3ez)zxLO|8&6a{Wh*m z2QabqWaQ*&E61LAe=%5Zv+-vDFK3zg^TL@!OrP(?09_`vuf6gF((;&&@ifa~9 z6qUNMyOmLEn0lFMRlN27K6@9)5Ntf^+(Br8@#rKIq!0+d#WG`|)3G2>EngIsgrviO zaImYYSY6LqpK>`0=!yl+R0aT@ckMLEcWfs604+Re$UpP1KNfp!?;FS~4*(kZsIM1* zvp<4hMcFY|s>Xgp4}lowce`MBgAWfHe2Bd`(5;RB(4I&!GeDS*14DTJ=%HWG5Kw!trB~RTRKy%5X-YSv zvG0NIf)T=|isXTxX#X|#1sHqfi-&Z?hCo*IpM*vsyb=^0%@(I!7bV4Aj5!?Q29YEd zAV}ku_FE+OFhP$o(SzGB3m4v77lpQ~psx&(|I0GsJ7)KE{X8)%etP zX5wT=>2f$L_W=0l6=X@T>;?>m4Z@tea$Oyys08vcvC4inV!td{AIw?k`>r1!c;v+T z{HLnL78gqcIb|=q%5%5TG-31lXQNVf;@C&1>%6{8%aK2eias~?2#ooh2QzUB;N8La zOVG_4khNtzN9>@(P}M^vw$8VEMC{2-55e+qS_B^;xjzZoFY)WBJtqF9Eocjc&Xs}y zg^B+LLTdW${XfD$lszild>eBHEe56?16wSpd~7y$LwA}dkHwLjgReC7IPDO5WJxoH(?d`LQCH( zI)OxKhR0!xw$IGY?o-m3=y;W|kU!-LAR$ijcC0R?RoNp@8H!$9JJFdEr{1zBf4vfVE=^5F)lp$DcN-eUq$qYX(;?9Aa z8{fiEhq9hOB>4>*fJ1`q0kHJsyEN~K{&n}wH{bmMeS$zZOC3EyNAi4H3mVu8)~!uP z|Bi!}@iZ2yF{BY*paO8jrY*_mU^eo;kjj4+56FLAQ50~kZ9LAA{tYxsy8>p(YDw1t z9dnZ&k|}L$hH*X-c=4I!Hw{5Vp<0O&q9N%Fsa_;w;0}Yy(8e9V`1kP?io798vxeTQ zvt(%x$*f3Z7n26otV%$=Q5+^9M5<({!4B%eSPdJg(N76d#MBv}=mZ3eEmun$Gv(8BmbQNuaXhjOC^ zW`R25<|GgC|}xrmOpe0*fr)QPO{N3v8wQiB066U zNIsEKGd3dw;A?v4fBG|j4wFtsedEEpsZ@@#CNXt4VV}Ty=3l*dE`a3a52>K)>xd1s zMg?nWUO8(1wWYQ7eW+Bbcim&8) ze(RA&dUm`NvD-Y7jf=3U>+~fDNG%5&GFR0;=s9dWU7uRAHB>sOUSfc{YQ8N?Q;OJ# z`+vR_m~r<{N+7!Me3} zOq>JBMO30WFgFh~Os}s$410uNf9?tHZLB$n#N`cez*Jo=0t}^oEzq5*M&k}pj2;NV zV;uf2aB4U_#OToy(I5)dGcj2>divK>1;&>{(IxGEaT}Hju9dZH0IaP^ ztj@Gl4PInB85>Q;bdqM}YTxZNx9wy1*Cj<`C(Nki==CSWHx%vACQAi$L`AteZfp@# zoHSaW{Q;_Rpi4{B*RPj`jke-#0A^!1*J&R7IalT`CW|brJZ<->{MWCm&@K6LN&qVO zvp(10Uv%vrG=XuP<;Qd-1yk`-;@gG09-}A(2XB9yq@*kO~J`CGVx1{a~@p~AsD}JA; zrQK|n)g57^8! zs-&rbAEkDD54IAY9;F6CbL;Rill3nuU)Zkgq%_`Lc+Abs?R%UbTL6G>>^-*PM$i`v zS&=QyuOb6vrT>Hx#7KEgrgaOOg}0`@8jDyTU!y%bWckvz5k*5$mxDab!(5xKCA>JH z>uc8)=<1uWtWko7Q2u5+3V0UaJLqoEHFb7gysPQzVT^+@vOe=8j*&|A9}q2`>Z>8d zS+Ar^Wod_}O);jd@GO$=l!&#Xv^a$RuZA<0W|ut6rQ;bXFb*+mI@8%JU#uTGQkgD3qjNK8;3iY{J$Tt~8Gm zNLyJh1Kcoo8+Vw<&hY>QfS-hffI<@>eDum<24U3xFg>#jpMVs& zCHecCF967#+p5XR%G%4R<832LbPV)0VL2X|iSZDZ;|CQrbt05Rvt255=V9!BgORE48rbER47YDkK#*pm}Q9p`4fmL}mdRY|a zosn-dwpH(pJ7oC@YZU7U7iV3%bc}d$t05fS&YG<7p|LzLqI2hu+##A9qIvM3xEfPi z!mVJsR6^%au?w<+zAy|^5PxPq%Lbxa$;*a|9j&de5ic%+lXg@sT>)PFU*yD>9v*bd zl{$zho5;znO!sR7g=>-t!!SKOE=hdQ7w};6ZEn;Bu3xO-3_{X#1_=!|85|z5(~;C0 zT|OJ(LB0aP?}$Rqd=?f?Z&rvIh7lMBer;x=EHSFmSOgb;$;yf(UOWn>U%GVKPPCMJ z;r}IbKR!W}0A_u7P$N!QVqF3-rrQD)IcCe&=GTJwvfo_!bno{E`4xqgZ|uLnh0Ke6 zr73nA59safMO!?VrpIL)EjPH;>8C1=15Avt&gI;&>WbSg0IHI3&R{R>Wqg3Kf_m4< zYTZ(iiPGf>&qsi$^_m1S0FfZcp$OmD)rPf|1{bJe+`qQkx5f&d=@0*^TYzP);xn2I zSm>QEWpEg(y;rvQwCr9%LBRsl9?5){o40X+LyF#${Z``%$1#Va(##o?(3e0Km4|$U zp3of;$8YGbKtJYS`PCNr2MwMR4tCvkRS$5XviC6`V3f?+hbT`GPs0Chl602qeR+rh(v_rgnlnh}RG zEamZShcRQ!Vy*f2#K&p@km0H_3pb>H;ntR6wVk!9xjL6B5QN$)@9HeHY!%oc8cD9WW=@Ima$D)?TQyvJ=vhd9)L9u9 z^y)3L^Vk>4w|-BNU$s<4!8kzBFAT{49&o8OWz+KThHU(#@!G6$#e8vb@qIZ#a4qBe zt}hq0mk0p)z>^5^n?}!^x-2KZye`eRa0Vdo-r~9`|00=c{I1{qy8;X^j*pL5%;)w% z(fQ9S&m`MrPTGPgS+QJ7a5=!cVn6}2cBpc(8+@oFH(FFDHVuGq9o3Ee~@&Z)B8wO4@ zHMl4aHhJ|eeR=&Iz~RB@Jfv@Mt#|nT^25$C_C7eS*g=w)0|pk5lm33Xu))&?AxkIU z?ecp0gL8N`(_EI1UeL(EgP)(*6XCN@FGI<+EL09Nmd(4D>9XWTG}Mf7vM(xsyVZJL z>GXutG77a;vAJJ=JNe*dAXImV&&1rk!}(GWVxqIecoc^Q@)s_g7$+LMhj%lMW6~pg zx$>Pk!oGb#JPuVrSU$j`?y5q^Xr?jq>%%T3UmZAC?`32c@&5jeUy}pRnQQOmGZWiu zLXtBwtQ(z`ljdVqKF557AkP4>*9JiLU@tzinsdh*EN23h*%WsvaIx-1=pq-|z80`gd)>%(V~7m~T!-CsHT%LI{k3 zZwc7xgQ2tDM^@)0D(^oo@u&#QkRy?etCe1X!601Y1U1aJ}<-f8;! zbRO^98ur`O6Q~uAdezyE1F@Z#ojRo&Q>Evybl<%`&_TfrWeXJ*t4z_dc-IELp_tA6 z<<81x3-h-b-o`S{v#&O>pU!T7E8iy`R;Csq6i1aJl36o6EYmzPRU;@k1l}@n7;CvjQ948=;+ktrs|mJM2{=s-zWHpz^`iTq znQ-sL@JSe(9NYYxs(qIgClsrf?HROv_Z5El0gM#-MH)ZhaY2cA@3rO0WbqOn zxygI#d!?hNs@;uOM|BxCH$zC;fPxb~!aX2_?*&BK_BJ$d{IFDa*PqPCD)pMtIIw_b z?d0V6Y#PZGztfJ$RmL-u@cR}!JnV`%AQC+v>(BFOJMNcJY*Tv%_6j2?kkIZofF=_hrPe| z;Juvb(s8q>YI^~H6NpMyrL#n?R}ZlA6)di@ul`Uv{VNa30~p3dt}b`Am(t6_WDWp0 z8^?wZsW#Mx2~Vu_ClJOJ+SSxj7lUcT%6JPXsy8SzLhQ zH1|UN8{%$wzzGJ%GkwNw#Hs(brSf2i%H3-&XzI0nd0Y()CJd^r0akdLJG81E_v%KW z1DC=BF6iRDnqTiTNORNWLo8gV!lXh&Es{eSHn54W>Z6&ttAR1wu5fHy6%>;n^#9zW z;YvfDXdkWt7e2eHr(I}ouIa0|$o8UJIP_Z!lsGftJ%**1@vd+<=>1e(8Y}xfc2J|5 zRd2cI_pI?+K2@Z>Zu`tg%ks^0cVw7fr*?_s+bfm;c;^P2w zFz<4_m_*F{#eP*Y4>x(6B{m^y!Ap538liED0z)dv`mI+QMGE z$wZg(7*nHmHuZzv$sp&w_#4%j8~tK>9ARSh?_`9`4lRA4&KA> zg0G^hs4=D09m7It^!n~^PsUpW#$b+K;LbmgjHXVU`caCF)14TqrX2^}ZuII{-RW2+ z8Om?MC`c0}AhRlZVSh3p%e}6$(G0GV%Mf z=_UvBmhuGht&~!TT!OCpXNeY{^H$t)81IQMAkJpAh2%WWx6R5Qebb)!RXr~-?zuWG zzvdwPLMA)Aq{K7$rnyg86~j>5*RT5p-J0$P%%3-V8TzibywOGit6j>)>+FD|yDd3K z9cv%RM2ib5mg)TkO!Ps(F*sAk#TWDZo&Ln5YE}aU*3R(pmLmIB6SI?xUYQ;Yx>3W^ zQ=aC3tEnd+oAFYc1QEnEHi27t8`ngg?2n;n$ETM--m$hHxcafSJ+3GVv>w;^s(~IG7z@BT$@4yZ^dhYmL!dPK2bxH9CJYi?D%)0lYo+;?C5P z7u01UFQvZS-4oEGP`EsjVZ3TZCxa9AWiYTk0s1A!C0u9Xmm5UcS;hN29OzW8r9P?J zI+PDq7MnYJXSmX~p{~!gyu&VFg6@@W5E-o9#G{bM4#n>OI8Xejp1;}ywdfVX*hRTa z1Fgb=qt2M5(?!D*d003bm~p~)JC%GjB+IVHnAV#+J2`DnR2*q|YExwlv-?|2h>U1Q z=Yk6tRdTzMn6O|}z&61S*UNuhwmPm*e@zCE&$hOl+Y&{TtA$JfW>v8>j#|iQZK<8% zfD&%?B$Mx;ofA6{Al$FQJ#;Cw=KeYq6z9>Pb(prA^+e}ybT&`a4eUS`B0c^_I)$2R ztpOW093Lq4^W}$tf$5wV)c)C}OQZ1()Bz}@eeh?svosFrDAUh|noLuJL7CM5OqDv9 zE%#JpC%?<~h|wwdJg{J2@7iiodWWY^9csnu4+d6GUeyTetKlQhHP}^X&D+XF4?>VYDcpLDB+pkTZO|t zQ=001@vc(7!@(P*XrCg?1b^xChI*mv{Swn1CC{8EqPmuQE_4pTTHc^D(g~vOUY4|c zj(=MHOJJOG%#?diA6Mgb

E@Ol~;A>fi*shzTDgO2~)p-~_j+;vZObyk|uDPDKcI zidB~v5rg2N7>F<2KKOLQjx!=lpi>rWaZeb*T%mmgogn!ci(_bS@AD zX3%eqF9~=2yh=j|04%{-LJtk!|6C3+K(aLbE%_U-Q-;^YUwI0hQYa`P1b7rs>FeIL zKHQkU-HIs7q~192kP{!c2`dF>_o#mwAMp(tJE-ZE&qc{dUSqe#WT^M7!1FY$HcKa} z7zPI%>yq7`oIdPGzAxOik^t=wmCEQ^bWp4YwjDs4Y85ei15BR^aB0$;Q3xIt> zg{~vtxXuw`@NINjy2LNNzyJXgw}0wT;`PoBAnY_F4vVUl7a|-w8pJp$<{nCb^A@DR z0-N|iV#@xH8igmN>cAIe#Lf{Px*H61747R<5Kx8dnEzgf(nLWKMZ^$$UJ?A=#&_Kd zZe%nl-^s&wXMG_tvB=WQy1fxWRe|(9@A+5f!r%gO7|4_V)3QR@81aEV7*<$R$B(VV zOk->t{GDZVc^bl7<^5z%$`_f|$N#_1CL;%A@L2xH2?&A}Y~eQERM~Zzh&=@|wtL@K zZ8&7$I?9dfM!8`!Ig_)AKV(7p$ZB@`Q+6bL3@;U`tN+f@|2&)Jo4_~45l^)L#y5q8 zS!zeJ3LI}xF!T31C74WBVMiixz`_y!&d}{Z;wkjThgI_eB~hmTKiMSUzLmTm0>cIS zZVSNAMTnE~zs;r)C0>uu5W9J?8q)&6$HIYg>q%|5TepyQc~ zA|yc}r332DZj$=>x==TAp!0&~?q%ZVMx8LpBuis`T_Wx_vDnOZ=*FIusu}q=$xIP} z58)nu$Ua*YK8m7UUu~0G*aD_%6WH~^Vu$uIW?<5ny^Uy#kN1>pZTX_I`^dPB z)46TX)v>vkRxwVtw*(e#T9yeJ*(lf( zZJA-mY}Th4GXM&kIfY(v1H0yeeMOZ>>F(V+xW}0Nagf{jvWD!eU5Ya{L35Ei_V?Cq zf*sko9p>voYW#*6RqDbCRQfxb2zasJMNcU(nr3Kv{X1FKAX#=q>y`D`&G?(E51L+2 zRDQx#XQw6WOHo4W^T){GdF$g#JR~e&&uNqIeYXMVsyiq|k8K^g`Ap$K?*!RP3E0@X7pAo{l<4Mh2Al! z$O46nBJss>Y{c0#11%orxg|oLsD`#8v)+{y~W}wJ^ zbR#~l0)ytMv1ul*=)-M+P8?z#%L(@4+D66huV;3-EwLNiaBlsil8Q8^B7#xTJyqNo z_`j8L`AdS+F|TB{sZDq|@B6WD;IU5d?r~o? zqT&lhA2qkn) ziJ%GcSy)A^9UONL$cvPSR*1eT2+ox)Vyx?eQ*N=H@PQrfUW*kScFW5FH^shBq&5KS zpeK^-oub!p->J$J z3sI&{Hr$B$rpJf#5R7)I zWU5e0FTRi+=#DQD2PcVM-FvBJ;0$o|bGHyuTPs0u0LO2<{=Xj7fk5Yl3*f4l=;dz` z9&U}8OH>yRoTHInzL*K@g$MPd#xipQdNh<+9kp2?@BvuBCvUEeG`rMg8289SJEpfH z69%v1J5IEo4#zY9tBFFzl%QB8(tlE>qnpWi* z=-;G|G;EGI=I-=LVKfcGtSq9=Ho$Sn>E`s)AK9|r zZ^OOka!+f_wtLU&y4QYNWnaL^eA}iDy6Kb|4KO+@p@_@=4Uzq?5f|uE#ETEM%Ii5F z_Q?Ck2lgOfa}zp#y@OV~=a$ynnZtsM&)Y(-0mt$=kF~Ax{yU6+-If4<4D6w$W2Wg8 z`e4zu@rH@+A`0087(kT`y^o2m<~c5*FIa8d>Uk};wYi8l{gE^SVbY0!NM&JPUZ@(t zgB$c|U;(&+nNX~n;qj4kqwK?gO#5C|wpix^ERx>~y;rJU*?z;9u2t_$^X19F(sI1q zg^Yp!ePVh0*xQcVmHjZ7>haaAADI7=ZMfgl(^D9#n_Paq+iD8&#0}^QBcVsFjDjXCQ4=;Ip zaQS}kVO;amzL{i;n>PhZpGzmmO*I8q;@5uTtC;RH;2r(}OL1oFC+%(jr?Z7g8MmC^ zhF`q$0bbI|b0^WmytNDR+YsjxGg^sfm<|8MrE9qFb+`T5HJh|*aVaUOE5OI#9;(mL zM$Oj;2hqQb;r~Vus1u#$ZGu+v)ZJA-Y`Y2Pz1;76>K_l^^f2`pyVMszzDtT5ZM)Th zmF{7Ac8C(S;{&CG$K6{FhojV2Jmo2$at+Y2ad$mph^D6rH^iqkPL>i+3XVoWp(ohA z1dN9T3n;;X*7wRpRbB^Hx7C+wCUN2!%>vf$fX~E35a0iD#GFG`0zwW7cRU&BQxy@SxKUl~RlDd^D08^ixo2vx0VM1>1F<=E?fjm>w zmoFDQNPzEikdDrgBThJlFTcjNM5pnteN4(XMka!S=H?=x#Omd;Ehm~)(U@{@t`pqH zzWf*;xd(ZvnXQ_j{Q)b0k!V4)-_0PisY1Bzm)h6jTAu^I_PiH|7 z=_nTyRX;b-NI@ghGJ)VN++bxDjw_KZf{df#c|dsby-)3C4LcAvuhhnyx#1Scz?PV5 z?NTKwM8`d;EMIjciv;_)!eY9`!cOQM&Z{;yq+q^ifqtwaj8cec z*S+GiKI;rLIV&T*f6r1m> zGF;FQ+w_i2IDQp-)By?7Ea#~~p&6lD*au9Gml$!AwT2U1I}a(RVUC)n-cx13Y+pQ+ znyGp9S2D2=E~dcDe&aRdZ*mys=*|7N&Lh0hYoYy{JRl4B9_lgpHY<6Z0lHK}2+XcN zQpv-kd}jN$)WNxJxHaE~G8YfyoU*ua|L5L%sL=1*C%H9VI--5kAlFMEt!pWAu!wLW zjVDj0uVv&(@8k1^nP_tuh5sB5dcfmQ43xE82A%6LCXRg`4ow09 zWcavfCLQ5MNDc}57~eDaYDlWli*+NW;c9VWa!1lL4c+HBLG~UTDpE`=7qoKt3^xr{mOoJR6}3 zL1jZf(WaBQIL$*$YuW?G{%?>1wBmzgP!#72{_?&N5Lsx3r+ldGG+vnLfiJKUttOW zPRzkK`_c*-)-8?lT^P`2k&A1p0|xtdm{@7#Ni!~H&GtOGy( za_=C}W%275^n(UCv#D=v5mfEh^A95AHr4On!ReC(|A-<;cilq#HO2(r{hL|^76@|u z4h6v|JUC#!8dnNYDDBtt{ZIgu;`i^cQV^C*C96#T^%3~tFV++Mo~#c;Dhb)U{xcBE z`W^9uSp#I7EQRA`$J*V97Q#aYh7j~0mwbJ!m9%+KS(4g$0s5%^S|&;eS^kdpparLb z1*f~T9vy!B4J#QLyMo91`TpIKua6d@&!&P3)UZy3K2X2k2jQyUK|QqKep%{q2(fB_N2lU=U2j z#xS#A{sS7X@VekOX~F+S25y}P8E0QF&wsb%e~J4dDVPE&7_7=&KTHTb{tnNQ7W{wd z*uC88fqa!j#fUcda)3aoEiOY(u^TJRP~*1uc;v0aP#yhSKA_+M?Z*0PddTd$lw*AH zI;!-|!0ktv;8-c|Yv2oUtv_3sD>U#;qrZF;N6DpE#0SRCj2Ry^aX9ni^XaqekN@pA zap)jH!R+r544-4c$`RnA%!0g%#8@bpWZ^g8ZgrH=mRk2InieoJDkj#i&l{T6Vuygf zHKYsruLr_#o;y&u7IQ;?dP*(QhN=wY@h2|)ay#JfS3#uiU+j}!H=GKt6D{bY6|WC} zUW+55N0`HjY&0zl{(VS1>ZqV_S-=hYLClmYm?Jp#;&{0WR^3eN-lO#j+6UC&e(srd z>!56o$|Qz;Ii^%kIIVkmDr6rtw)U?_w^wlb7sp$bOf`}H2_>QV!l|zn{`kCZ8f`zm{(PyKeKC*b3CJhng}Cm;rMB80xm9p)StjgjroY zf--&%<>!QW?jBT!#_YTP;=x>b4l;XHve0MUn%HiApf*?SJx~1JZ`{0VKM@B{l^zoC*Vl_XaHTqm=y2TJx`m&m3K*Ois z;_$B+Vl)Ej!!M1iLJ<(`8uWf*HS6q3gaWd?+&Z)X15Ha|_F1sPvU^37gr@5H+@if zG(f25@oB~`tpa)CTH5V@{wfzhp5Ko>-fvDbr3P#@2}rCOQFxnOjf)*&4#z4R4Yax191gQCtJw#mg}y-_G8 zwSgudt5pppn2bP%UD}mN4PM(E`~U28SqVu9{VyuLzYLmZ7&Agtn)4|F5?XQR2wH4 zEq|@zzZEnHdTa~jkZ6Dc&$y(daMIy4t z(U(qGkDiNY0r8xTQG1c+V5}7mTG(oPZh;9FF_Q;mD$PtOKK&R6iRN(6b6JBAO$i%iuc6G*;|={AoCO&LDmdC}edWPlvm#S?e*RDD#KD4K(3>>JSU+vq^^{ zi!OLV_OId!^7~LQu|FeV;nxi<$zrq%<`*3fC)&1&@M2BMr%f`-T>dPNBlz?_{9IqiAyr}%3qf6KV{X|o1@XbuoObq2G=U}Y6jtV&CHi`pfRu9 zL}uc)Ux)P{uoC~pDEwTdf6A(__d5O-qp*ujDyUfd^zYhZJX^FlSp z%Y{k-)No~|+rYVZR;N1!9UUB`me2hFh%+OEIeSDIzZ}OzOTdxauCwpm+5zT6-dze9lfc_jIXszt^XwR|t3Q)&UbOHy(0gt!6LO{Z+GtG}Z8lWRf%IsSR zo_FE9y$;_-)rbEvMT8#C%DiM64o1uN6dr%`kJE@Li+oqud8cls7V9|djqdY}&_mv6lb03i2&ajUkQPg;7i)BQ~1Sb+hU zlt=KBA9xX8cz0CSkI2~p8L{1JNf*6KXT3`YN@p^PN4=EX2i2aG_PfL?iuDED`oO8b z>&L;?ERC)4`cC5?#`9L@GcN%oml5h8o)i}?e-HUGJa)WXzz$L_h_}OFsY1(ZK@qws z-0J)h#r%NLR`&8VR>K!|I_jhw<5RaWT}oQuIcu_JPr(nCLv%taLqtoHdi`F}SGaTmhnM4nxgh zvMO3xqcaViwYzp&Lu8s6XU_;B-7F{!n60vQ+he`(z@6=F^y^c~p*6KC^C?Udl!o^X9_#&qpuaVZ>A7;fdztoT<&V(uo+irAavF6|CyiBgb zFwp_)3w4EnnJ)m{1qV7dmbMbJ2|S8 zb=VCsy5&c$oz-@k_XYN>gsn`KUV~dz>JpUX(KjzoCe`lUHHPb2=uVFF9ds{K{;@LL z7hDb<6zLFrU8Ij)i9IsJBLZ1x{|QrtVI@~hig0rt7Pn}M9{l3klyj{%R%*%PGn6=V zXD$zBcF*zNk{HiJY!N>q7dmdW)kht)zV+^aSEdn5-b6;RSA=@ztv*f?%Z>YjYf@dQ z>#*Smp7`LU)+nj0)5NZ2ZiN2sj$BzT6Fl6-KUIw_;e@_|!-q{POz@))ncgO%3#}hS zfn#9&g^Aed$nnP}@4J?ky2eiCH&_)pXru*Yv@ z09c6!s;r$9YNweyr}JMybEqC_gT-rEVH}y;QuN0sg6S>0?1%{(Rb7BXo7~c(zO@13 zMyVT>ennh8AgW+=2wm|cD`cB)^e(cLZI6xt8`QvaRP#_?_${KD`J=rxVL$pc4zA~w z<>1#)&9MsyR5r)aN;u3^1da!0y7BK28i-zA*gWcA)Z;7M&1*1~icq=T-C8B7E0K`3 zpqKd;0lmP+?|tw_K<>1a<$l4qbnY3hrP3i!dOdZgWm5!gtd> z`Kr+u;$#56qHA|{<@{K2KkN}VY}qb8qd!qCLsJH!xCd3abn*j9rs$}RpEs-TnQML~ zi-TIF9G#X^AzxgN`3lVs9QNN|y-1;Yj^`+#IcQWEPZn81Vv0z71huGp-5>NRRs$sB z@FnJbZ#S(Sf3S|9Lu8?7ZFd2KfXSgyMgFdD>495-XwEChTT*<;cfxEXKm*Q2zwl5$N?A19?cEbgkAGR(0%8SN zY_0ci4SgT=_=+#9oQrm*P=yY2T%B}N(3Meexw&hx>Yz7ImmN|AfP>}2^Z0X=N6F7nMZpa+#|0&XLU38k)Gm+hjw5t&1&f!mx|ly)YQ>RI2F*}7m59v*M#h|3lU<&V-` z8G7SBneL*f>(mE>r744Q=#;v6$M}^;gCM{LX5TDyG4r~A;Ou_=quTr2j-V0%@jY` z;l$)HS!?s@Xz+U#8K%51G|7=*-&bMh`hw}NURoB*1l}%Q{mE|na%kAQ&(hLzfw8i4 z%wMP2_~OY2&^YgS}lmzrF>J;e{C`P{(+q6CsR8Y2OxI zP;VE1ski^)T7TCXfdv0V3I7+@x^|5J!J%27koX($_x~4ht^bd^hi~3s%*%b5o~&S6 zn>r6dOL2oov=>k=s&CI<9RJ7AcoUe)o0jtUB%= zqYkJ-==ykm^eMCpQ)9eUBT*%|ixsIQc#lY~qa|2GSN$;N5V~3tj=xWMLIN_9tR{Jg zDsWg5FNTv$D7bV_c>tDZq)h|heg)Qk8C7AdD=Kw7DNmftA&3Y_gpULjFlfC;fbC5t zS20RVH1R@+DinQpc8=~i zw{U}E>y}bsj&q2$a_uz5KrHgy*10u=((N~6l3Q`<_WDh1BjewyPL{YW4xn6KSed?Y*JsC-c-*S;!VL<9Q;!+{ z3VJ6XC`Cr^v0qRMKTIFg{fHP*YRsv>O_n#+h)N=Qz8RqGfDWEda(cLI*RTKxiDm&Q z02}B^{`fQ{vD{O&(sJn3pCk;PN4bk4RHXl_~+n{0fY%QwapmpWXaU8=1 zqkS54Iz}b|OsZ4-&AK=WM9BaosSY?{TtMdz;o+BO<_F?dDQ@<9$k(WEO_*rz*u{V1 z;cn^1!!NjhF4(`tpd9w>1G#prq0r&IDYwuq&xR@bWcAd;b z<8>JpOdvYph}}}7)qJ4cF8C8d=AJhGyl>tZ`|Gwxfjv*~h`BFcR{L!dW3J31hWAH6 z8NRdhj}xOJVDTfQ;Ja7#+&_1kv?HdLa6?)&HxK`c^r0MVw0?~G=wqE+(jxZ8h?&pIX;4n7&sLHGxW5Bv@7DAx`4e=*Pg z<^%oy+~-2tPwZSERgznqd+py{a1P9My!q!tqYEUgs1eZPr3p&Yks-;{^z*lH6nZxC#@Go@>KU5%!HxokD zdWyGQlw1aQ5g_wW%SACGLx^v%4oLlV8=+iJ10Nc;o{o%__9ycgeR`5o)In(I-B0OK zw^lnqiWc-CTu)l3vBJ-k0PNQrN(zK#F9(u=gXvL=y~oR;>!EZ@obmbv{#PCrBueHq z2%TpLG$ysRwFqJlR9**Ad<><_`6pA?Qc0A6aCU$9Nj6az6MCMhkrI7h`(t;g`tAB$N=Ny$$+_29t#udo2T*$9nBS7*<9 zJsD3{$jJd0Z)0aC5&+{1VFH#lqZ9ZJc7&ejUI6mSn_Qp@dz!vaGnJq>p7uY{0Cceg+S4{<9N6%~Q<6`m;lQKA%x71v-xW{92&G)Oex zbT%sfKE!pIgyF#GOOy>;WIF*O2}#HrQXQKo(c z?%pgQ=IhRZ4n+e)L+w4!R`zAhh|4}EZV>%-$gU`R06EiP+KQg3LEL-PSGpTaF*eDU zgko&k&$}6PC}y4gd)#)eg>fEVVsXF4em4aedc?tqI^FHYcjTAe^^?5g}HB4#tpgubT25=>G-kC>oP-@B&9tART4bMv3;-D9v+rGyoG{J z`9!TMr!ez{i^AgCi6Nq`^*_{&Wk#Yk9aT@K^W~KqC8RJ7L>sfk-ln?4;)GE?%fV$5 zy|NNd~yJtad%1l*1S-v**a$4MFtVeysdZfn+HAJnB73tAydakbEZL z_!f=ux_a*|O!oeq7aXRSEI+7Se@|lYH{0s3YbIwG{uIC(x z9WtN&{`JM7u;(X)N&RMIRd095t3F$8X`?QG1(LL32aX> zx*|sfVZs`2Y`oDCh$p`}B_r3J%}e^|dy0?g@8wz#p&kVoD#SFL_kh{0rNmu6O=UnD zBY-}%kzA6Fr9d)*VV*8~14W9z$pbvaApkNXPQJ*YN)ThKyPLOD#TwYJwx{rzCjZD? zO-*_}7xjSe4@hn_Z2t-*QaMOKE8oSS{$m@+&eF3K*oytJjn@XI|L9rvJCUuxP)z`e zm45wfVcTBWnLB#_GJw_YsWO-}wE?p(Akb_BI{Fv+`2yADW~;5BFsZOgsU3`5J!G`; zr^Gz$OS8#PvtZCU&Cq$E!`q?tr(9^??x1pV95_IlIim*@6|}&mb7OL#))CQS&#_sq zHZzdbgMEz%-(;+Q`;NNwabK$>))RL97l1f|UqLGVU6l&yc@?xQ1r_AIsDs`HvOg%# zW5Z@f+M6L)NPD4lfO541#0ZE}I6dX;R%QPQyI75l6aa^^2I9@q#)gI#x#JPN%b$L3 zbut;Kr5wQd!x$az43N5IV7NT``;Chs^mehbRxwhfb$*h#XXpptY9kYtiyLh@FIxHr z8o^p>M~cqtt9XEPw4%1i=k9OI0+6=)y?xPiC|PPEHxzzw^1zhCq6!JbN=cAUWl z!5rjK>TLx(%X|)44!2}c?7I4#v=E0t5D$IXfjfuVkqo@RnBjrAqX`7uti*XL+hfy~ z{NblV+0}y+XGy{m55gEP)oRd5!6w^>yU!36{3hF|^1{a0K9=cRvsS!KPg!2kz6qfX zKC62us|;I1^Gxp$8YDR@22XLC&Ym1i@y)s09TS+?tz?$uY_c};EZ@D}04eVcz+$^h zCTC_Az-4#k=UO+yOH-9LG9fvqNrn#G_z}3U9Kk`*{BvOV=ZU%nQYFHx!-|pcvfJRH zMQ*S44*J5Ur=+ClJUbma2pzdk^8K+%vK!ZcBGd`jmCT47o^p(H&JYx0ZY#6Jf4?ks)K7MCciyD61 zUj0P#FWbc!@uhz)lcI~-GTHudQHxvdYw8myO(nhmrT*Ub@y}%Ilwu>;)4fEBWBn?rE zT;9&Rxcn?PX{r;4G59{CV+^P}pz^kjwrTr*d}gcM17D70j;c<%J!*anS_}{dfRPUA z%PWd96=(n($tPGaR()6ZGOTtp)7?1XV@Fa?EDA7(AY*U5rUJ|%ulKCgcQPpZalnbp z^**~h#>uqWVC8m4H{sDbN9%x9z*Kef##a`?$}oKCcK?V2UArg(NGW6Rbfepgq?H zp~&Xbo#ZEnBYfyH87?{X4O|{KfZRC$>buREZUYgj=N|0HgZu4PUeYeKKO4y8sQh*1 z%zr9#W%7>&%EouxND?#)J0K>XD{(~&T`qK~`Ckc&zed=84X!L>vP z@%zDm)*YIif_}<+Ws2Imv-t1YIKj=jM@o>S1jFI@gJspR5 zW=)hu_QY#2^&E-2n*;Nh#Yhjh{U#FK0y{}tDnjLN?G&z2hI$kBf_znsb)3qcgrk{Y zQuTyvm+~zUfM7nF?g!ewB(}h0Her&&c!(ZA@jpMn9@Ip_P*rUzS9G~Kv+MUivZEfG z3vUx;=XaX89yFFVv1oe>zRh9{8{TOgu-c(b7DQ2GbtBe9F$S)8D%|}6gIF>MTntPK z#|aHS>}2N$aGY=G_&3rzQ{Dnq)~U`%5{{4lAQCa3V$(?flD4ve-dN#qGxl<|s{Kg@ zo$IpzDyfwl4CZGR?3ViEzE#B=y$?omvOh%SFzlSv9+oaIfu6_67WkMCGBGk2H}e(l z1}baC0ToYjxCV`(ky3I^=Soid{JeA6DI<9)zdx!;8{%~cV?}2e$#4{%3cigK>87Wv zZ^3^&Zon{GBgLJWBQdQMDL`p>Pmsg;9_9dwVzh&0sAdy##wM1Zk1yVqYsVeTZZhXB zI!^>_(`0iZ2w6{cTO)*>^_@Io`+_pr=K49Mip^o?8XLZ~#8A_6cYRE+`64@ie50-R zj}0CKYI}i#YjpAQ@9zBhr~T)rZ{B)RTY{{n*gHZ0B>~&skLtc3Bxqz+qxoco4sgg# zAAf{*{J;Ox%QrqhE{Xc8%Zy!0okoFzPEgj&A;50wLns&e&CtkhQhwM z^I@^n@2j{o@2Jx<&YKXGYO@&J9m#=5^^h*$$2pirp<@ygRC%Q^df#R7kH1Y8KPj_N zZGP3OLw@4(6@x|^+0zAJZJVI#Y5x14PVQn;U{NaUqn5zW$=C9zgP1pj#26gf+RF~} z^RMQbuVVl$bK2ZB(Ui=_F74eNb@khAcwBMd^7$3LHzM2`x%FHwJtbrKg%>F)?18@6 zp{6QGlg^T6%cjM`aYpK^ikg~Xf_SYv@5~u9x5y58wJ<{s`P&_-0bC1JMVNzjl~~1( zf(Gnuo?IBbr-<-mdMKIGXF=PvP!rm6Mfjk+{L`i0i_zg7ZH5x5d?KM?VFdd51A>;> zBUM$jF%yn^`&>o7h%MYmWn~n&aVfRD=L%&2r?Q%^g{aHq&C+(@l{Dvg(bUvb)U6)m zrP`}mXhIgXQwod;qhkXy$z)ESxD5;@sQ3$zzGq@`cVdJD}N_3aJI zP$RHjO-$)nl*{N@Y>!7iSb{~d0g=xu-m1ZDt&}cqMwfdor~g#PM1&@3rf^g-V&vJ8 z*1eiy)#s#1ecq|wSEY;Yji0P$~MIC8@vU%8M9RHKcTne z4nK+XtvjVyq=0u{S;pg{S8v$O6q==zPty$ws!J47wKDbdoAq7txL~`pakberaE&X8 z6d{FbugX$c*e87bA7A50t(w5g+>veM%_&R79j1+UO}dTdf)SvgWpOr$K3LFLhjW&f zFI|Z{9xur)|3tS{q-%g5DUl3}CWvK6Z&)Vn2)e*sw_fLm1K}F+;PGbAP~YhuKGSvK zk|l0sr;CR|HW`Tuttir?@57^gESih@bQYjiUDZD|J$?JUsA{d}&ceX2&-^lw4H7}~ z(cEfoM~Ut}?x#9Od0gT4 zF+Q`1=i}!uRCF9_;$Ez-J4bGN1j%^>865l6S0iu{Toi|x6E6=Ls|?EnGVLlsTh0f^ z4H?dL7nh&Qq`N*f^Q5~!%nffKep%xigfIvAyIc)%he~y3? zX$K}rt1XN-Z&9!$RYa_4d(9YF}0}qfQ3`vg}deyZyKsR zfX*nEy!hEzCdZbm64QQ)hibGzeFTl&`cx318nw{zZ5Rmo@&H>q`c}|=*>&O1E#jtV ziX(ud%qf|yQ<%Ol`1)!vfNC8afp4ST!eBwCS*&dt_-QMV>54l2;gS+#N9@xb0mPX* z*fY8#dFahhW@#r(Ez)Z`B}cgHwNnnaPVPtjsZ_0yMTjB1QDRA(leQWOHz3?xfiSyG z!5+6(qu^G^IJOUl4gj~t3UUXgdze>R#?H$X24*+~1S447Yv0dUKm7}Qk}UL~^*HnH z1YFm6EVMA3gEXJZJ&0mSvC}1`mW*VuBv41h`3hAySVN9_`t#{8EtUlYWAG&szd)3N zwK1a$+l3oFeBR?*j^{xt#M7cjY2eVPA@(k2I~nDXBQ(b`yM?YFE>3yxsibMAK#_v1 ze}aAV#Scr+f3nHweMKPW2=E+d?NJgrxogJOG5h+b-3!27e+@duWfXs9&E>XQk>r(K zLY(=-3tcPtDjLPp{f+L-JGH zutbvkO%r%rv!Cm7$fi7>K(lP51$(9q*pcO2mgm0d?X?TG%{Dnfk#b$M^#EK|Xy)Tj zR%c!})}L<>`bk}B+t8;7MC3iXA%-sA^~=t@I2Jk??|jPZGOJ=DQa%}xsF^Vf&mYBg zd+Pg79Q??+eQxw*#=enVA2Z;lk}qL7+Qd~7%&I714vCY|?tX8B#aN&NA2XlXR;Oz3 zJgJGz9E0uxqtyjv;LC}D6c;CD=HmKKM`dC0KO*w4eW04* z3pyCsxSZ?id2p^Vab?fV9v{IXUZ$y|y%0F-P`z8LXGY}-G)7-UJ>!e}1uffpN8i*x zz01$fKl&&Wz=jP>Lp$AP?}~nZvq=B~k_*sC(HxKzSVQFlQzLJwd2^SS77890#GM?> zSehvr!%YKUcl$ClCMY&c69;Nk50|7yAl$#P0)HadOy+jL-izYTRE>_YI!B&Fs;{nw z!|Cg@ylTr3iZv`iN1L96d{51oE$*zAvzlj6Y~v|AsM-X=fx0onJR;bjVb_c*;e=}~ zygx4Xb=0aUTNa}JwhXaLsOe$8an=6dL-V2;+iDY&vfLKhyNU#gSaFb(u$qe>Aa+9q zTsxiC<*&B=C?YIqXCL4`5@A>SbT8na?HNvi?}(+p1}S~r`ISufrAlsG{PBAM!On*j zl#I<%^el_)#(CZ6yj@Z+D49Z|!cHr>_PXVi2p+aPk&JmUx5Zn*U#*?%!#c!b?*x=3 zUyIIGuIxd)x-WqQpip3c+&n)-HiNr#q{krZ;#g@vP%S%ku5vj7ngXORyPq#KY@p9@ zmPBN>RtJ0SfaCxEq}FphON|*x=iNp+PmV4=S4K})bn*MUX+QVHcTCZzDcGy3pnCx) z%y!wBw{$VPG5|H><5pUdZdNl`o(LvP!h8DyV&epG+oDfMSzPBZ`QNYt}oR}l0n$FdRFl)zVmU+GT$eGvW zdVV8jLjx{nqbxF~@h<9`#H}dNIt)EafJo3;^T0S~{t@4juqh;XQS4Uui7EpofFT!wFs z>zr+~dtc~uW)J(GK&HV`e005P5eLimgCZ?-6_akefGm?mwJD7z;q8+$TR@-`dY9B; zFPoWNHp;`3t52I39$zXzjJp}h@yooIUcMpF#2Vp@QuuouvXZIsY&{OA?+4A}fShS? z8)TM7I@4lqGzR-Qi+fF6T52lJd%7Z$Uh*xn_y3)7ssCIkRuh~ z8S!btwmdm(Z(!m43T;uVWOG)n4?Es{i|GT53PpA(IBu`+fZWICQ?Tn{Q(h*7RXX&9 zWzgB5_RNq75FfD=>#Cf)?2P$Te8Kv8%gG#r7; z+u(C8;lq5kEY_XaElGcXBk?@;VX&g#C{InWhE5yryxoWay(ATb=*9%)8aL2GlSWTQ z9n}uW8MvC&XH6Lejr!M6_zLJfJWr7Vgl~nCzElcDte4xNT?K(cankm(Uhlv)DFbDq zudSu?yd3?hK_yx*jv(R=Ny{StnkcjFH+`hq`+^NdN5h*VJlb5#k`0HbB}RBT_=uI_ zOuE<_vmPeZMe}pfLS!~%@j{|ER+0np-#@8Zjij(7*d*^u;H{X9Pm8?QNN-vZZMwA- z(ybMADU-zp4AHK0wSI2b5exK%vF@5_@s%IqqYC^+cbdeS6L}k;YR4EQ3<=xmIcUsQ zIIfwg38YZQ@fLK>mI>zT`VWFwR^x4z3u6u(<2z{*d?N)VpU^e@c1Y+F4b5E?x2|oai#M`t2MQ*4k#? zZ3D+1LjbhZXAjV-JAN5LO+AM+ED8yE%qPZ?y?f$@K z@9OJLs)oHxs(ANyvj-RplK-1$cThvNE-%RHqg636Q53f`Kj}_@t(4&50pm?Z61nV# z_N)fE!#CP-3$DD)tz!qL3X@qrVEq=GBsX}dB5?!bQ7GJVRoo=Kf&{z-^cV-O$tZLZ zw2qXKQ{z5q%}bsmG^XtnUY zMnrnmC2nXq<>7qqlEI&Ik5w$~Wr~9oyaap=65TUewzw-BEWsXzTL8*@MwSR zN+K_ngG%glLRipH{nPXFuknlZo+0>fi?OXKz7v@v!xkx&qP6kD?-T^N3zB#b#R->d zxYjES#~nB^c|EvnA6;wg3#}NoB8K=}_f4C(-Bc0{6x*2CL(Fgx-I{PbJfKUbNLhhf zDvSzu>hXlGrTtymlqd74yet|6UIK)XWFyB$v6Pdl{!~Q4y*N2lmbAh?3k-fFVDN&3 ze5t|IeszD-d;35$$HBEWssAP0AX89A5mSz%l5n=y|kc7 za)j-r6DxD@Vc3t(10jF_*Ys zO-WhmY;y>glKEo@NUY@7@9=0MIe!-4LzRia3NdV#{Rol_CI z#ND`gU*)bCVpMIKXzY^Kd~tc*9ne@4y3`xV<42>RkQ+A6{Q4QcLe?=|^93 zjzdRB&OL*AFE=5Hw>MV#@n~v&)X)xV0$t|O!?D65@C}{$PbQCr@<*u}o@v%5-fj%` z6v`K%Qf)lbe)brdu?^XgBbhZkuBjoqE*!GNNBTw&BX`v8xj2t|F{3vy`nvAo%Eh@D zN#BXSZ{jOXm1<(J4KUrUZOUg!2-_EMNJmrBGa8sE8wisxlkTX?%r#Gkt38pG zikTJ=txC9Tk-5S_MI@$}7K$2`1cf~p!#P)G$n);#OH6t=<=J(zoUwj%ysgrjE>@k^ zd!o2Rph8mABjJEtENo6-!#;Ld&&dPc_#>pS6F*CrqdZZXN{^lZoS((tiDd#t!Cn`1 zg4C75qy-m#Tor~uzW5;Fwr(K_aea>77t|*JZ&WD}TV-Kwc znzmCX=q8l9aB<6y6Ie_0AX^6!FDs37mV_0J zV_-_;Daa2iOX_19$xjImdfxLy&!K59&Zdz64>NPR9iX)l$sBe0nxc~;iZqF)9w3QW#4ANK4l4t1DcPr5HHy17g z?IP#%A>8z#PJ63)!M21~NzmYxfd$i>~-ERfXBDf^*nBEC#kqGHBc zc!b83+rJU=7mn42g%s?fdI&!=MZgLtn6jjw= zmz~2i>aT3kH3*fWcw&CRPL+avN)MYbUD(qPx<<_JS*4NAEfxPIaobI0cHzhVb9p>-VVI zz~PnFRGLn$*~?v?MD_%qTOW+&cyUz4UsY`A5l8yh4DYw5^|sEo4bRj9Ib@IWOH-*5 z7kRqbh!Bu1a839KE{o1nMI}Dsr`Um#i?vaMI`V1U1JYtfpTH2F{|x^7w@z&GwI}(n zDA?&@?KgQ+UDsLWZJWHFH6g3;?6`)1U0zs5U+%UmplC0OdcGJRjDqQs-t#ZlX(hKT ziqh!$5ryI=%?!93ldc6?4O@*ZO@ZC!F#T`(51fo5;d!Vh9=zEU%bPBAN#J2rkgSg@<-NLB&Ht2dEMhrimHio@UR-$_GhrPX&i`sQc-A%xPwk^Wr@oI1b9EcAl4pyQn&T5E`e+vq$sl-n41x3!w zb#GKP)yIjQ1o2Opb`6-#Priw;KNNy~! z?v#@b|KXH7>h=#_N8W65i9z;zaHI3gL$}O=U^_XHL!exz+~h=0riV8?Gi%hDdp|SA zI6^}yMRFpKYWdei=3Y(<`daTZ?9BW+$h&do`tk6acZwzAN~*rO6jr;MK41E3lla5siO~RcE#KhySlZP)GSr8*SZ0m)$Oi_f|$_dJvrfAXW1srG-`f)FS zM{&~VYQs+4Ts-y&kxag{9-5$xg?47e6yxKHD{&K%*9=1I(7YFrMOYm z=sYv_lURsl$E#Z0#@U(D6~c&Cc`f~2okUID1S-`w>~6z`J+>SjfReQvE!#&p`{_RB zAStUc-K%TCPA8}SJmjohVkMVl#Xj!4NnJLzO)3)dg2185Y80){l?k^_ucdYUMOq=_ z_KSks1|D_L8@SdQB?n103p3=sPs@*omjv7D;54dHT)5=8f|9qH)Du`6`;H@J$x8z( zVFUA{fO5k!R6)j#X*B^8VW&H~N44!)XQNxK6n!hg%W2-L;g8VFd8ip{>LM`b%KOc3 zq_J~h2sEJ(PnW3UA~s|%C9TwIM6aS^L68F%J3uCK$mOYd3_!m~TZKU)u~lAd zDekCaV2txM&Z@4jay}{wM+QGxaHo9yy*$3(@=tTa;TOaV=ve;w#zVhYw%g@w=B5ya zF41}U+8rK?C}Y@w!XGQrZc5vwQ7&^>8|jhj+K*7?F`glj7iIMpNU_MdBVDcurYK$3 zt3Wz5eM2JG`QZPzGf`MEoh2|~#(Gw=eg^^?gn=c#)oeKM)prDhyh;K>D*M;%Ipw@t zX6!bn2?gL}N-v^^&yrmZ9tmf)=NWp4apvHp)9u1!K96nIPo_u1Yr?3E^ zDCG|Ax83mX)o*)>%S_V1OEFiHNSU|~At(>WQgawZU9UlawC+X?JpyQmqR>_*4Z;Bk zqu&ikwk@Z@w?lCfkRovfOLZ>=yMaa<0(w!l%%d_|R4op(OOl2V{P}s+L9zhHK`}O}W-G9aAzenc3>H^&d|HrCQ- zuMDrW98xPa=g;6FOy`$$&GU9;)uHO99v8gv{9D!FptF2#Jf63KWt9 zNRj`${|E*$r%18n?KBKKxOgG$WMjjK$<* zeiarc`Yi1FCCU!o1H#ZfWKVPwa!>7um|zWJY?FR(lm*Yw(469&$NO}Fft zjpfe_HLKz@38hjM;qMb3AG!Y!*n{O5Q z&A*!3hx66a-A@9+2OJ06szO*bJ4&(V?Sl?^$LbbT;NX9cgzg&tXZc_UbXT&^%KW7V zJ;XXo>lwuq9)hz&OVDOGz#GW=kl!=m7u0c(1BVtxP-}I(Yw^&3FnJ&?(hzjq?V2wA z<@&F;ZV9EHJG>t~@(~q0^8C)r{neyL2A-90MFk4U{%Ewp|12OJ6e-i4?_!c-az{*c zx=vM>bU8CC$;?#?kwlLiS!QGp6mHN%P6G~L7>6TL3`aQ70hIdZ11K*cKlW95W2)nu z^E34hQI9n1P2vObQE}}a);W=T@T0=UBs-My2nzyOoVk3hIC&C*-CESMSkVzxLDnoU z**{scD7h&d+B7oJtJXea*ATTRla_K|Sh(M-z{1MPu{;@+T4Lfcr~%Ra;P+`GI^enJ zEVbd<>&Hn;<;mAhGB{gE@yLjC6P8-+8I`VI4#LndL8Ls^-on7XQtTvv<%D=?ju)h= z`kPyu>aO5&EJGHUW@HYDF-=t-u+9aNxR%=+Hx2g#B^nPjg2ytHLF3e`E{%!W&beEu?Z}ozCFIeN~I^@G5iu7J+T6 zx%%!#M@v@Lx4S#hMw^k`C)~#Zy#yf_Jplmegq=3=Et#CCY%0cD3!8VJKXBGIeoVav zDLL7vG7KSWSOAUHFhH>G&g$n^f#eCbR<;yajJ|sV@Is@)a;QFt+jOH zY|LkJ;nc5x9g4O+E%dbQMls=vE<4ZxwbQ@>D*II;Sj|L|dV1SxF)KMb+L6IBu zU*3!%8hfGYp|H-$V^~%SblzxENh%K9MQ&KeQ+f{wj_sC?pL;)zQkR&}^X7{$5tSSP zThbowu?d$%f}3K@SDl`ajv{CvZ`uDsTcEGSaOC!;9XD4p#`cKY{Xx;u8`;(+xdQ~* zh8$w|fJm9bGMRuJ>5kmqs)_Azuqo56&EF}y_%i)+)?1u}piu>_%b&{&BY)oAnUA=K z`h1I^wzhrDy0~h7W^62IQh16m=7=l$8eD3R?J60H7_(o|{bR8)6Iaza5meApE5oEw z>y~4O=6xDv2~RI%HkhQ^e0^5lVGh*<2)AVw8VUJeVA4BJr5Y$?*2)W~>@W$NDKeL@ zmKr{kt?Ry^J5*azT(UG`ZQc5{QGD*v_D*YYmvZ6Gufj|uU8uU}qd6deKlL_gXc<`c z_=(g(*O+0)SB@h(*to^QZ{dari8dnAivd+ca%-t#S@LirlI=HV7_3|!%JnSrHXWPy z%>xWq(kw9C-tZHfehw)2mfQC?&)f?L>TSpVi4mUF$h1{bSn3V6=ulIc5&wRBNJ-tl zsN0Kkc(%u{VC$Y^xsyM(h%d%4@!hzT<{jg;<4y!ZubxE8wOJdzm{V1H-J|)@ z8N3NpweeA;ctw>kqAPL3&}gx9x~V|Zk)%%6lLAQcz78ub0WI^XSTt5>O=vs++ZzOt}=|8*#b=Et3#`9RHkLpyT{s+~`8 z&(T;G8A=?oX^DAI(Ce$@Wd_@-*n=F6(Pq24WiOf!mTYY-6a*+&9)dl4TT|SF4I8>L5 zTixBVQ}L+}si2l_*Plf%44Yo}2Wc7=O=edPKL!-hjL zsqCNX3V)lM_8!VCfO<$xPOX9PI(G!DaD&aFp?JkJbW0PaUs^b&*`90mtYqf%>2!r) zp6QQqerALyIEO`OBkWVAwqUaS{ zso#I%rc&M7lS3L^CCW6$+t~hZ#R2~h!-)TX{<`J^ivNqfHxH-!{r*Nv6q=NwBH8hg zxfD{y-5?^F=P@#7NT!fsODZWUBy;9@o@HpDBJ)frB{OBr*je{xYkxl9&vSmi=ee$P z&UK#a`Nze!-|u@`_qx};)@!|15}X21ylOP{KV7NpSU9j!U!pBQ&5W`}xvW+qYEGFXE(#nA4Q zm-72_FtP~7MRb_{bqr-2(H`Eo+@HgY0ziD=tH@QFHLK+lO6QVx>`&UC=QM5H{nF@x z<)_S7J;(dv;;Rb8!4Sf6Qg{_*Y6kM2vbamK=vtni)mRLvTv{is9po+yC%|5S8-d`1 z2>+4mk}4Ka5DG}~p{{tbhh53z6DM`1K2!ZUtA)!4)@~lJX)t}S!=A~z1l~pYbfP7Y zM(#%PEhv&YZIz|rIleE4qbZ+7JW*7T4y9D8?anW{opsos76&Qd@m;N3cAdhsezoBx zt)?AP)Vihv%K+)q6G@QwEu`k#)U3d%cxQPv(R8eF3euE{OtwVsJ_8wMSLlY$y(e*c zPslLSpu+TJ^UBO*L5kaZe2N>@yUUu8;-(p}G9VkpSCrT78E`%NokdLC(u^3#%1{!A z>z93Zd?6Pe`ySZQV`0jr_!UHMR zJk_gH%<`8}o}161JQW2_&hx{4v(&V)QzRcwO>yypC34Ne;*ybvX4{SBUq9E9485>4 z%$y>_Y@C;d`(ol2vz7gs3!a?f>X6JMYx23+ukC5Nj4RrRd)NR>qU`v zqcZc{?Ft^Zw%e!6GwpR)SL;RRwK;E}1}rwp&c}BJ(zcXMea@aIOKghd=5B3o13{Qi{XBgbQY=vl zF}VW9uV`TO52-*kuhB5mmXwoKzL;B2HE3w` zz2~P9se9tP*U22T$RUrCM^6p!JUI-htB30-T`4bO{9q&AvGZMm5&=b1%GCx1G-$4oSI(aZb=JlK2 z?N*601;N^l7p!ESsJNC$sIcneaCO62T@~_i z!+st2^(2Rz>l;J^^|%qV9O8&je(ai~gx5C)kj`Bh=6K;DD3otH9=B?MbwmvQ10gZ+ zV|{Ol!ihr{5b2t2{Tm@edWkKxC(K`(F^-a?7?Su#E! z8)5z-VEgis793Ci>q+$FFPSr)XU(-BE!4%pd_CKLo((dx!1@y!ZBFnTz{YiRH| z0MiX4RM{tQm8MNxmXM-h^UuF)b7J52_E=R zv{cB*{Xq|0$3GVg^L&Xn1V7DJ&w@O@jU$>D9}IasE%&_P=0bwM&E6-H%X@H76o(m+@Ih)8h>ZnK^ zSgwQG?SON4+>82hCh$6ZMOSi&Xf%*O_EiC7$~@LOQ@=NSjj@0w)2N271ROX$v%%># z1PUU8c47zqgtN~n7Wafz08sHNO4C4@>p%lj{&`XI?%MjY!-hJ=g#Uf&2$Hr?KyV-; z2~ZRP1z(OI!cTt~Ea>S_d2gjXAS|?3j1ruvf`N^PN2j<2IIobqaC z${jt2x=6{HdGn`%R;E41+^c_VFu@uvkz;Np`IPvO9xNe)>&C~S%YuCXd~ z=VuVIOMFN#z&TXbglB5mjF=hF@@~StqyVDHJ~&hiST6WxetC0u(DJ75HuOJ?2`qQr zk$^AC=Rs#lsCSwjA}AQVYX-{TPV@d%h2IGNhS2!Cr!@`em7bKQMPfYec0jG)9d+h5 zWpYI(erd9qVX=+khfD;3_(4S}(r_D3)V@8y+S)Ty|MTm+ZXltdwsRjoh+m#87_>pX zcnlIJn8zCf(xIX*`Lkd#JUab-|GeA=u@DpjyCXXFp5>crBK7%lPhe!B{ixjVn2IdI zd4yvLFgN2q3Y^mTdm!3x9w%fvC9Lj<$jt1-%eN%9lAShgm)I|Tm(~>Bf$2S6Xx~FZ zwE(aPn9m$MWeAIY;^Y-OL7mMLC*|5hWAN%UfDO+4!FLJxfxV{sJeG9v&M^r)q=IM_ zdQk2_mN*u}1yZ1D?BnMB7i`4X&ZuK&wj(mC2-i7{_II#sCHty!)=n7knwnY32J^lG z$`mSdwP8H%(I%3%jt*0xDs$ZXiS#`Mo==7fC{$<{cQlsEgCN`y;+x@;!kNmd+fSe@ zK&=a&_?6j&lLrxyH}Q5`n{Y}YI>= zU|AP-nkNR7{?qM8Dz2}I{<@yKmWWgcV&ZyP0hWqIZHPd6^5lAKv z%!_M`hE1<==GejZoH-Efj@md*I-?vgaiTpR7$`b^{rvji`1K3-@fzeJeCuiRg@i4@ zJ4QS7wjpf{Rcb_8{ewax;16REb(6RkeP}y-CL}u+ z%sIhL4x$q^u0`$T?!QT-d9SYR8W2;BVAjQZNa$s-5{W1g7LjkEJjW2T_x^_$=>Nh) zji}x~1SXcyq^lSlVq&p4J9OEB3=Z$nhycw3E5?25o#7Xp(cYoCfSo)OChjg)q!N6< zBnr*TEGg20&hu4Z)fM3~oSQ2i^+Yhd&uDi3Q*PI*sm<)W0w&lUp_G92hBEU zczW6*><|`n6{ZiJROn@5q|$mM<$Z2TMXZbJ{US`ZHS9<=0+EguBGRFGf{56RZ@%^=z+a;?vhYm|=?l_F7oJBXGGr?lV*L2rh@j_vYoh}@vkOQy8w%KhM4 zRB&ryD#(qWpFcP#S>7fYXcm)KzOESrd^m`EVxi|f1i2uTLGy}3xLd5l!;9EFQ2lkl1bgM)a}b1U73dJtl* z)lxtlu9Tci+qI|1qrJdd?=!wlszex_ih%Pj-wG=bNShlN|7Z^%g+_ojD^h8mFp%}Cb0`U&{X5+8-BpK<*AI=xc=5oKS_#eS~f~j*9H7? zP(rYBFx0cTZ2_*CtVi>RRT1KK&5GX?6@Yz9*Gdn>z&Gz0{hD$hyxVCnkgFwhUgaig z4kI5_0cB>jZ8)7Xlp@7k$L_H_x-L^X23chvA<;4sWHyvi0sI^}dsr?6v=X?i2)+F# z0ln2Veq!@y0I*k?Ni>_}D&wlEs)G8PvfdrK21Enn6Yc=dNB6TJ=AfWuVK6X+xeZvG zH1I%>KaXEUwh=-76FQ15CW(`i87`H}a2>zaJzfFuUPEU|S~-b0Vex~11Pa7Gn-zAe z*0h8*Uel~CJr*N@8;o@CMf3`eZ_8Ylx?(Rr)nwF>yC5N_h&UATf3GejbO`UllPMBr z3o_NACl23zBL21#w4`)LwTF7S;$+F#Xd`kFjiT<&FJ$wR=n|z6b3x^W{b?F+98u|zn7bm3%OaV$s2d|(^O_M9w$Qk1uS#Rcg9QEew*w@Xm^${R; zDS7|?wL2aDt>}jcDHLFG2Ugf_3%HpgSD04z)%#0>_t_$bewu~+nN;*!CEPJo#uiLw z2$PD|@G}Q;=x7z)h_fH>Y8B-G;>8wo3i0}$h8=|N<6C2og)yAHEPQ*7TycF2g(MKQ z%0tA@t?w=i4gaMUWq`N(H#$f~xHS-lfnHjnq>sE9z~I*I4Ef^usPz2wQ~tj{>B9py zcgJ-75b-)jZNWj|sSH&utx-(@LBVb)K=-NqT4!0)?^PhQ*etU?;p@%A6%3}V7Y`>LXO}OZF7f;BvGUrFC}+%pF_5h$yaq1W zm|zLS-S<|*_Egr8}r*wk?Sh$lMvIt z(1`pO8=w1d!FUU8>)#W<0uzrNR#F6(Lu$Y8#7)YZ!g%jQxNSw0RvYtcLl%wiNBY5W z;+I6dhkp2oEcyPeA3`+1ubr2snO6-yB}1U_&xP~1xZZBEw`XKzB-OgF?4*9hrfa6A zL)Z2AH+qThuMb+9M85h$;#Tzi{^l`>9T^?9M1*cv-&1AG@#Cp(H{Rj{Hhr>GPOUoe z3!={9s;Vxy^xtRuM6D3sIrFwBB<}P`C*N zUqRx9rhf+2+YL8W0=K9M(9CjP6Th{ec)qFLKY-2p^5b7$H(m>G!)22y`#J-OXLXlk z_iiR&ET)OuOKW8EXOiI*Re{OZ2tU1uzyA^x;e86z=Vd^sojJx9)8!x~Ck>nC`M}cN zP!2qVXk(Ey5V>ya^O(NBy)qb?FC*U@;q}n$HE6adLU$|P zgG2b7kpjvdz6Bp-pF&Rd>MigQ!i@W8&%L@!Jhz*0+@Kh%r^Xr`i9`;NY3n-1J9|DS zfw85%y&L#FIGuMm;5{6KHpn-eA%y;5tH^-D@$t_+4J$9VBTK@#F6?unH$NCtsPe2Txv|QEO_}~m#7hMGVdD@xt?>}emJF0E^VBfLJaf9fHc+4Uh zk7pWGB(dDCM3emFiIMomb3Y*tOlw_t;5gyk{)rwwa*cit+KZF-58VqtEWa6d_mJ~@ z)$ks@&uE$xeFcc6?6IJ&eUSw3(kCaX`^ni3`s(2>#o z%_yQIURzrW;i4f9j))-XfUs~@?(0B{t)Zl(^xDPJ-4RIdbH4hCiv=3mPywRDG-H#B zmew_NNl3_*QmM1~#ZBm_2Q~}!{aV=p9>Pcd!5);d3Wv=BpM*F-yMcsl$(rWHUPEI^ zTDqHaohDqjyxK~bHu(BjqWYD9D6i)zgm}89lr)1mO@7}(*Pk^p2C7xq>;iqh8y`uX z$2gymmOG!cDbHX)`dV*(t@F%SXLha<^ELxE{G6&#H%u<_gbHds13R<1q+s+erLuFE zoZO|KvC6IS-di?Q<8x5pfgj9bnm3kWmQ?x~u(z3{sAf1g*3P>P)Krhm`mSBKl+Q+i z-78AgU8*HG+L@EEq@dt4u*CVIR%~O2m%-hNNIg$%bf1|7GL33xpa$Ouu;GllP5NB9 zZg4x`9gtMs6+QzsY2ebgzwmpkG3IW`0bD}t>tH5lywQ!s_39Z==XA#R#Wt*w%@pS+ zA2sz%A!g+7EKSDYdd5trSRE*`INh{&;lC{}y1B(-w-L0D}MtSSfq@4D>%i@FaEPLaW=b`y_dc>y30i3YB zgw;m`e2`bZmPE9+%k^nuPf;K}Y5*(C`TZrIIbmfn7oj-<( zt=62*cu~gPfEy7CZf%GP2{JbtuJS3Pc>(K}CSm;oiUwN*ud1f~HcjXm7KgT(Y4!n5 zm}T%Z+Y+n_X!Z>BgTf%2YolY6@bHw_8(-89Q#}v1*i(Fe&XsC(;-_OG@$O}`#VFC) zg?(Bp4?V-}g?EMRBD4x%S2Suh|N4y`Lk26P67|725q$^Ta`?fmjgS;MAqZ5>Xvzq8 zToky8a@`!^-~aK?(Zr4dI7Obf4iVnK4sO0A64{gIB%o8$FkBm-rB=iN^7qCX#{)})h+SHgMB^yWd)KNHHC;2}9LY?=LuS2L<^EGK=i%Z(`NNBb4Y5tHjsD+6GFijFcqBPxti9k!Hr#fi=%jf|qVm$4S0LO6VS2xOBoo~@)w01><4oa`EZ^8joaA2e{z5CFlUYEl zSKMd~&d3O@mmMgIo zn!W_dp#ImU-vE9xUM|uK)d@g2O+2_sxNr98ya}W0$;IW~Qs+*fQM4!r{G=Ax+OA7Y zGULL}^sHPL=klIj7W!bdQfm#S=AoP{!*^X~36WMyljY?r-$qg_=f*no)pWwcAwcX< zb-*NdW_w-T+uDEjKRowhw|hse+HhOv zPqKx5K9>*s9|q|=5W-!IKdsR|AVt#GaQ}tY#_ZoCIlM3Sn|)VOLKj@f$MU7FKA&PCJCq9vxA6~)1w1APmR7=fPK;mvG&H;^sLshx5HRzQ=dey6Kwoo|Vy z7$$CN&dYD3jaE%n|3WFh&vjTPejb~2Y;mvJouEayGfNuR=ey2zzC&E<5RMBIZu10q zCUSC=UH@`tu1c`1akgY!ICiG|n)$WyxYm@OrRDj!SVVs<(O9{0u z>vVIj6+mE1VB%X67X~oJ{7p(R#H4no-o1BGkiWx5DZV2I;>BYcIof^cr4vHP=HV)I zg@Uj-uJb+Zw2LP#d&g4SGqeVK{o=ArUETou;qCdpK2>f#E9xVcGLg$=%We^U1JJm%gxQ8Fo3GW6|1T!qGgo`kS|pDTJV zhoXb(M|4yQMj|wVf9bvZO1pamW@({54d{+1{H)5yPc|=Q94-5{cm8>f z*wmixOq&?33&))WpDl~K&2{Gg-n^}&RZVYPECG^5pa2qWyYi>z!Nw8wHAhBz%AIh9dA{r*b|s@?f8?DXOlqGFlqTsKHpad=+#o==IU+0)^$n>tvbY0UanTzmOyfWCPWo>`wx#V#8NzwiM_ON%&l=`KPM-Ye(nY&|HT^j z-|epRof7+WzENJ~41lF4?J6_8tK+^hJ0YH@=C6nwOje6v_Yq5o_V>9U2&L1qszz;J z4|60YL^@YPeMYNLA^T((W|^8pZUZTLdC1{4_YgQqx0nBtn4d_U%TJUYe&VT6qGeT7 znO-)+DR`(<3Fd%;nyss#Y&K1`WDyuvO`qvFC%I1gaHT>4o8IYRJ~4>GVnslU{d{Tq z=XRf&f=oBc4clY0HO_y#BIn1KU&pN-Cpj0Jo|TXFs>}==bNz7P(ZS(}GBfL?U#AC` z2g4=T&rk`uv9}8#A_6+a9dhYK@vVoImCa2}uggqJXhAB$SaywO?}J$JX%4Bpo@Zie zn*Kh`gZXrDZJTuOvi|Yep^q`o=Ie!m)XxY|a7-zo%d-4;>F_Y?L)n_eyn>bQg5_CU z?#qUQC!A-7RAr;*Rfa#LAI|{E>{yJfcgt5P0q^6xvPGa1-t9ia0tEOE=WjVjHlVTu z)-YN^fdaf8_D@rMZL|P2f2IRWwGO>(;&4>C74twawv=n6MM=(HrZ&*Zc`>1=s1xCd zS8cmJmBZ@274d_h1{Rc)!V5dCGaBHsBrUb*8S>=daAJN>AWkaTwM83uw zccC_%Udj>9Ue{l5nDXr(K6F4JcvN4Bum02ARmBzL^swpH#^NuE}ke*4cBs=p!Mc(&phZp%3YF5(2 z`ko)Wc6_)L)Hmwl_G$R9ODE>*dg_V>U3D{-q)*t^<-9Cso0b%FieMAYFq`;Pbgp?B z3bq50(3kDQtr>3iLQtu*DZVx|XZ-uoqHj-L1S;E1BUay;`?hr#6CxZmg@Et3322;K zl*e(=d;9UK1u43*ek~3p{%2_cH&L*IqNN({(@#BzKt!_-LDfpZ3kiS+Zj{ z&p7n9lI_#>cbodkl(5@v=-hLA?LATuRXg0hI+>ySdyzZUr)U`!c~>1&ZsjX??sKiD zW-sx;CXZSFsZKevFY|1&+c_RWRX=GK|GQZ8Qx2(CKGXNXJr@~a`^m-(jF3;sbXfv@ zz+Lo=jP>VIA@lXq1IK=!2){M;At@z=YpLrTmuf6u-6@tH+j`Mqqhl@_&ZFJEK|Ol4 zIZl+Z$&Ax;x*gZt7HVdm*WWs_0*P&XBS9K+&Wg@}A_=s-qh7?k1F9a1J$CzXn<@6@ zvHmWXNY@kZ;G7a(nuZWU5Sgp^VxymT#DfaXTTp)I*NY4ZjD1U^WP-h)SV(&L>f+d_ zLie-M<$>YaH~Ctrj&5-a56q)ULoiSgkR z2JlUebXedBcS|ZLaD4l{KP(!82qr1FIMwp%+xW^Zh-=jc8_JYIPFVt2yyDwKfcrCi zuIpMxOLH?{Kd)h{Qfjo%_+G=5a_RSi%ilX3CLuw{GDOVqg7ac?WLco~r+v7VX&{81 znV5gc1}<#QYt|EoTw=*zUnm}Vt{0P*CmHq6La4RSVS#$pn)P~qxJT6N=9pHSJ42Zi zJ9ozlS(wM4i!y{FjEqXs)P(YQxw25a`J^)=q4uN?8&v1it@YtGz$x!ZzUphV4<=z{ zC$IZ@l|<|c6zW^tnTPdQtL?}B5QKz3&T9BPSh9|>Z*~cDmwpdW((KBpgR-o;Sd2<( zpfF)ZNiWb*NjdQm%Bw;NSSl$M*?|l2Zo2?@PfWGh2}0-d$;o58UZ*P&+C2`nA1hNs z6`-S0x=^FA)H8yO&KW8`b5poU+x}~2Fy%1r+*0VmDdfFNy!X1HYzM*&ES1; zJf-&uTBYg;6%JvYaaBa%zxfbNjQC)?EQd zWFy9yjyzD5`U>@PE7(bXPK%vQ-(^g9I*yO+) zgqA$8N8~AD`<$kQrN*no0Zz{{2v+NMlJ{&XoC$Ktr7{9}vv$tv0?n2Zd+^?cT zk&uyQ%oPp!xnV2xk$~UZo%YB_z8Xfj-g$lg&A1lRvt@FGPkxZ%q}gdxVweMx!`Nuc ztE!WJIkN`%xaa^L9KfjkV~kdnw7)&d^kT*T$5m@6?h%n7)S7P%?#(?Lb(%!5$4<#-+D6kx zHd0KK(Rt`a+K@C8=?Gn-m+YH!N#ybUN*bq)jFfvm(i6(?21tWSPreb#y*{L~^;McJ6P>(r!>HWIM7v=rJf z^;_VyQFVab$K&t#^L9U^HubK^=X#OqYwn$Wl5lbjKn3o=m^$N&>nmsaz(YToXG|zf z0h2$bRcvSWP_ETs2~t6Wp~kFI_qmB94Hq`QQeyaNFT4K45CrU$@6xs95(F29oT!UX zre?Dvt*zqnZ^9v?M+!&~6TeUpmu!cErf_D5t10pQ+4!gwG>{s}lhSOA%w9>BzM%8mQ%P z9*qCU*kTAH(PsjbZ|7XWa#{+m5AflOK@Q^Xnbx5R2cq_bw7@LsoD~oz`mBmQ6993! z77*71Xj-!7(D=A4)IN}fjEbZYH$gzYZ;UnS5@?AND&5+I^+S`5mmjl%>cCE)q}A0` z{!^!d^NzbM|Kf+mr{RhQB^L-GUJcvsLqu=#z-qwk8ztpB?fvs<0~L-dy^#5u$(Pr6 zcACktY^V_Uh5a^6)DD%Cl0-eHKLVEJ{y1-Hh zvR-X1VJD+i6oL-fe|8EWTEr&UHqu(o)EgEN2CI*(!>mLnZ=$bdLp}TI)vdwe#H&F8 zHSYUw@DY7PdIFA>eYiglZYB``Ys|dj2JzC89)j*V(GrabBag{9-$G0X%#%!Gh`Q6OlWO&yf@o67)erxpPdlMc^qHTeHv|Y?{tnJCUE;MMZ-EO!^5&W};-3D^^n|&P zN0%lCJ~_f22~AH0Jl zl9Kqbe_Laif?a=`0tc9aapMSL0rH^zXP^FMS#D~B+^G;hhW(c{hAD6)TJp^#G1~!Y z@)rQVjfSegoy4}ZqU$m)Fq4PW1q6{A8Em%^Plq(8{vG9u+pW8Z#^rky@YX&vqk6xE zETLA-T|q}jM-yDjSZ9u;bqgcW7pd4^fT(y$2pSQILGnKJTvG+WQ}^s*3Kp_AcW%px zP;rf!04ru=g|Qz%>{+=AhlwBtu^O9j=A^1=nt@Qc`8ibM3I~&-xuOC)*WpD$ z-2_OZCICG(L3U^p)E`MPs}ucO>v13f0Y-vmL=td;TD|O+lV-k!29g5P0^`2P|G9H+ zze-d_#<3o^rSVRm#4PPBgAv4i0AWjpny(QXwh_z|RuWDPq3qNne+*QQ3UyLs4ggyJ z3E-_y1iiZ(F+4IN4b`t@pt8s{o$;GQClMU)%y7I1NQV&b3VVw4`|WFZ3R+sL@^_=s zvuBgMeaxZkAYqWWXlU0*^YmAOkq3(#b%i8Lwhx^CTJzP3mfL8!;vR`iNp;T)q$<)A zn>~r3sH0Wu3W*K|)8GoITlDUhaf|8gdwg+p-0HktmVZoa*f_XH$nLRol6^$fiAGYW z&KwbRR7a@G(%$tq)H}L_42hJT8&)(@-GD13Nn%#3?;vV0QA;0U)MkK)vMO4 z?+@*G^IM=4YF;Hk6gV1hShJ8Zd(p4n&nHuQNYh3~=*K~rl^ZRc+=N-#xi67a9#A!x z--rihNZwVI5eU<{y_2qRaU`Yr^Jo3rT8u?Sa34wl?_56qwWTD16-j%~+dDcYe2J`X zA02-;y|FO{_JFOO&}K|HjbVX*@S1}FcZv_qi_fWdy)=7Dm3*a|-uzAlLN)nVc`x4V zYK~~b-^6rr6A_R|)c&7|psw$07P!R6WLH+Gm=KCL3i+}aNAgqGAD*-o~AGLlhpc4;nzHf;LeB9|+7 zfRA6=QkN?Ih7XMr8Ex7hb`Z8ogDwu#+Cv7xcpMHlg9msr3O zVboB4O4zRal2O?@da3?hnODxyNmV*AlO%n=c@5cWPJ8ZQIqSCjjxQOEmci9p{5Ka@ zte2uwQh*IX&rgA#t+uxGC8!O5VVpE34_1ZSUlW)vv7C-7Comx1{JI#Dq%whP+2fiC zz_39h1zwU+*&BPQGJzEMz!E9&(*gz$x1%=7FH$wBcr* z)RCUISE}-~B1w{V;0JxQ|Ir~=1lnVuSY)f@`ib}cnFp3rZ%DG1z}hWT0i7oiAd@KKO(1-3<~ z5r#nsl$c(%7T`_!6nxUUH|)rzVEGn~+^e6!1E(SW^_`!!v^xY(Ww&hEVg}cHSu>Qs zG7P?-%TNITof-gQkh78&r)O<2g(Z!V$Rmgfdn5?oEdfEpb#bT&CJWgkC9&x`5CQO$>d% zs?a4lq|25MrwYfKCQrIJLBIz=XoWK3jnA*|4$}}UA4$@F3oixG6q?R6jgpS1=E%Xr z<#Ro`M~zew(iY8}Ctdo4`2&6wLAFgZ#68AozO*1rL|nLIZ&C7#d`|yGz^yzMgOSGp zKtoL+{bf%}Dwb3A=*n>9s+rIiFY0VZ8vqcoTz2KgDW~4^Y2Z+`FCE~qzKAT9dB~eV zAhafY-0kI{=rLC)J@D-%=<86K z@0#VRSCT;juYyW0e5nUM%N z#vR<%D-eX`tXf9b095-8Dd?``VHA)XMzvdoCSOidmYAm%R~MxWfhLYtYxqUz#5mko z^UAkgShpLf*nP2lTavKsO-_o!l(DF2W4s!a%^lX6bXJ?YroCI_2R6S}o0K|B@%vDW zU)}3Kba?e;kSe+_6}X44PK*EME5X}0leY$ib8@`<7ojxdh`J%CFD=RCV&$U6i{F>ox#ak6K`30ps;~=7)u32X}Rc#m{W1v&@K7gi%sC&y9 z^Aw6stNvPk=e{giyfW9_tQ0X7FatF$-A&VNvNY@^}KH@j-O+^@qrt(fmCsPdFzZdLsqj=e)b7YG%Yc~P$K})YPL~%$%NIiT{MNN%kgBXscK}fep&OJTi+w65b~@a7B1$Wl`l##P zbSU%nC8*Xr%5PZZJ2U9MIyekvFAdu!^p-32u5Q-U&f@uurXfLmDMwu9?!g;UbaTq8 zuPUWu3zo%p)u<;y zGQ21Ee)?hhT5*yr-qmWgvL|F$0SA*)P$F%96GLlwZ`1MD>Ft10(GWFcct<{bwCqF!x!tHbsZ)vsWSD;k#B~(E;yMZ|!UEH@P z^+NFU>Y2-=idk`5Ud&k`?CI4bA%dmDvYkHR<|IkvmzWciNY6o71pfYIo4T6xeMeGb z*S$d5J(Ln1tvx;A4+UQ5sK27M4LfaXOxN(%C-IaYNBT`i=CS)KSkPZf*%=bzSx-iw z((A|9p@nR!0hL8sHmd4jZ)n@0tZ(tywJaZwOV)*7yt&7GT9s`oDPzbzV74M3{_;`# zs@Iu431xmQ=&UR!=?_U&a^@!XJp;~AZo3DgfR>cWxLL`SOpq|4;$QR z13mtnjQ@DNIvI_c*Rgu=Vl)ty{vj#8sL*BfOef-pnA%ryq)DOB@=`fRzHBO~ZKD&ZRaO%hNzL}7g_!M4 z{bl5>7fLRq^qJN#iQ$ZqOtGfu5M;^;U44@Bo^Qw$-Fq#JJyb#5afiWPF1>1Net{7f zsrUJAGkYySedj00VBW-5N98l#>UG9Kt*>+P5gMIPAeGTiEPR$>LNaRhV?0 zbjcb22|nt)R@*GgD*~&A5S!x8;7tqbQyD&G{tM_Gcyw%Q1v-<{P{rBj5~=bG!#2a=r#B;c!fj$m~D({VkH72ZEllqt9?&Yj*^+e1 zg=2L&})K0gxn8ow>gs%EcaP1gQG%k_ZS-)B17pro*4 z>ZoUAA*YET%1_py;@8Be$TIBttMb6bELxobpH`i$Y_@z(?L2c82M6U;nhIY}}K{rledzCDETa zFEH)RNTvv=E$eK{rGD)g@^CjeB#q1c{8?8IzLH6eLKTd&7pn5z_DCU9sX9OT!Do)M z1>`rGQwx`;YMOJ+nzN}UQuJ2L^H=mzF+Mp@!TQO#s@1QeDkVWhhg0>!?CC(LN{uMm z6eojAjjF%Eg3zm0)s<+-85huG0M>2YlR^7!eFatZE6p>>!|^B6{s%cx(dGN!`OtD@ z^A1A=<;#c$#Nm*tc6YkJPe$cD^XJo}sX0wxKR-3d>r4P^l>4nulnEG|_}#~>?5iSs z49t@pOnO2Bo6gNIcRK0ZzEB_5*Us9hr~cL_YwfhjA|Ge=LQKlprzK43+D+$bZzbf( z>PsSxz2P^*mV%ApOeRW*46{E*HeW~Y7})I%i6P@6g66+IgDk74o~#^+QfH;H`gzUk z;vUWO*QaCIL^-zWtbUVQ{p;Gv*Wv0C)UTQW#vIr`7DFD?A0eIj6D|wKw?BirUv;VB zC~C^1o{8Cx<-{p_oy!_Iq8eIx(h1ByjUUuntCgKHyTzBU)9saz+Ur_1pI>_6n&I{9 zyxVIGQi}IWk{TRuKlRQGXwcq=JgDGO-CgP6Vk2iEvrlV6qR_6IBO&$_!?jq@)(lsA zzzX@A8V;GNu_$e@o0&I#L+pNPI}HSO-ZcEw)6>(*R@dnB+2$AW7+$^74R;{XnSn%W zi?4;?eSMMf&{%v#k4lir^a)&~E@p-h95w+`V7NycgmMyWG+mrAnWDsL!DQWX_0u#d z2?pKy?2RtZhuP zHy%hKbO|o_SI7hy2`3o?Xd_E(J1b$ti6ph)Mzyn2Rv0z@1ls(cyAdfbf zAuL6%3UpM}EgU@PQUCROc@;4NSHN**`%EXKuLw2p-+Ai)sowl=`QGQ#Lh1x80RF7{ zpIf2-E$8I_%)|fkj{Sc@9&nKT@mHEg&Jlz+0~~EaZ*MO@*nWVOeG1g!*?xaQA{CF2 zUfaE4lqG{vrlM5z7#5h374GecH$rw0G$aqwa+#w9poIJ-oGO`OsA{kOqPyD&wZC(u zi_J(xncnfAz9H~98Mt|A3vYT8f;jK*gPWJ_4(|?v0^UQaNh@WkenXYMa47X;X?D-Ugwx4~8LlYilDb|4CUFS{TRPG~30Cl;`s zaNDqPQzn%c&G~K;X(JaBS)4HW%sY}xz|D`kIrdF`s`E!H6!pL@qKgWHIpJA(1fuBd z+cZr;2en`t#<1o!pS##nZ*|RSC-vTWmN3Cl(#kvXy|);ghpD$CAiM?es473EzE8XI zU=eXA5ggkiU52nGcVV7|QlsL}5!}A<*qkj%kE_Ifgl=#4){6{x63sVo2N$^ZMu zn`RUMzXP5yRFuL>;30!m;o&srZ;x|-+&T7XWE4EW*3C`b)^fYWXXLwVGfJEIb_uZ~ zaNqNR=992^Rovk3;0xbIaFPBKdz4IPDv6ox$g`GVU|KdiS=BqJ8)o_C*|Tf<`WV-- zuS{~2PV*(r(R$0wm62Spn!!9<^OX;%sKr4nj&G%PR9BFH45eG>{Fu#1cvdYk}5KnSG&YIuYlX{?C|&)*>y z;%v+q5ihb-Q`A^Cu{heybja;gkIi5>x+q^PU#>jX1mxl7` z|6aA2ZTW#65$;>Df{>S`bI&!s&{`9SIuE~LT96VN&uwmM{$5vGdvK>0Y-3u4Wg)Ei ze<0)oq@r2@fGgk_Z?6^+Mj_`k_e`-qb)l%?QBE{Uh_IUm>$`ibHsmy)*5O&tL2+?W zr@67*d0m&C52um8dIajrrC`m6o8pEU_UVNo+TED|9Yp57-M@u zjGa>M{oL5AC>E+)>$_oUp2VqcQw*GrnaUSRR`if_U2N7!%mu@~v@eI7g)Av}qRJBlm^}oJ1rEE#6UQl?tYe}A7d_MM*)H}+gjvL@? zThd;9=UB$4V^c|sVAaFmD|dT+K%Rw6Q5+mUO#!I$buG2gsJ) zae&2)gM{1IZHI1RY9mC2mtIcMW^{}^hLQTYE`J>cHtNgAGz)o41hvK8+BAmmElf9~ z;EZ-{D~duwsFq{$j}H6Kt0EVE$WB^}Djf5U<@2Ru%LyhTUk?n2$=zZuoh+S{g^QNl zO@{oPv9Et@VOrLwyHM$qTx}0Yl*Tw!i=M&%?!s*a1=R9cbl-O?du1~5vx)7cb9uur z?lN5#?7L;VSfh0LK-N)~H2=kFwepa~#l`GaWjUv6r6#o9%Alsxut0{Btk96$YOLjK z>v5RYd=QQ)D}tzyw?NQ0S*>9sO23yP_k@4fiNceW2`<%EMbx@E#>Z;ns^wv(Y_GWWXo#xV)_O-{*5UK)Zz>;a00;d{NeDKeb2kU|kt>LZsg@i}&~ zPM#AKLlc#FE^4pT&Rx6W2}T}ZDE?bU9w$D1K#5e*FJ0@Ib8!heP?D|QJVY}pFMHwTV!^WzecjsuI}1>1My@eGbA~<;>^Ps-+&$$kac>Rot`%i@;J^j%FAM6fs=+T z{*Jg%t6~l)VVZX}7^scqAk1hgv)Dv|yFjjdHiUKU$hX&w2VUvoq#Kke;+Q??SF=>~N?&i} zmIcUxU0xOviqsXz8Um^XR+#;wb3L2r{nH$<+Q7ysE!cb0aJ#egFhG0c_)O|7F6s## zZji!#>7L)YJDI-oZa#VvZzu`rfwN>m;N&@i+Gr;8zAI0X6mL5k^@`*H9gj44;&xg= ziZN7lcmj0X!SQo1Y)ESN?l0qslz5WsJUfylDpIYq zo|9lI-Azx}I%q5)XQYY}0N5eKRbYe-{DhnY{+BE2S8jZJEEx~hq`*r{gi=|z6JZ9W zV81Y{)TnP5bFe!@D!>if!~>);4RgE2etph`K-9@x*@u4v_1{Aes@4V*Kj?$?Qj`he zzBn6!qvMK!6eBiYbLl{S0(J~_bq{D;iPVte1p92Qs~u&N0GVT&ey(U^+_HJwLH*FO zconHP>l+NMHjM%-{oCXN#L#%zeMIO?9TnHvxw-fv+rfD7b1K`HhiL4Z<=EO!$m2EFn>GCk39-@~I+ z^K!sX>YbaghiD1O0}y=Pn-iT|8{_#$+z0*VpH5V?ME|$|p^pYo9&E;UV}dG0bIJ%y zA@oCpc$)tO1k6hZ`A+IBA{%-Pp6rCxFmm7WaYJ3gR-c27{os$( zz_zv3%cei?+zD1HZ-|4ZrsAnX60J)r~3U-F!d zSQ_>3`~&L#-^=L8+=7FOf3ZMbvZKca&d00eec(v}c`|~Ptstz2YBW?n^1qV}p z`;nHJR1?t$#1c(PZXpTrs8%A~;!&}S)F7}0jQAkLW7Dq#DT*@N814L96?&P8I!Zo< zg(qkK_9Q!ruqLaKeLy?G$j1v`3@qIR!5bTa8W=C@zK&i_j+7YbRfAwLqT#E+SCixa zWI@7Ljp+891qQS#7`d^04F5A#I86}vJkz3QL?1O#{v8G1R7QD(;5~tUR_upI46)PX zL=6tm>@P!T{2OIkj0tur`f3OIs_irZzk=k3mFAv`BC^s?P6J89UvLR2@uG|;+R^`( zNrKzET^nvoonydTsct}~MDQQr4*=xq?|S)(s9nfQ_!l7j5l9d9Lg+CBPyzbuRDJ-= zJ^2uPlxQHN$pCp$u^zZgv_#T>{Vm(exTm{26v1jxeqHN|6~ViO@5^%-uu*b;5z#Tj zn~c@d(?fuy99jj#B7;h#(KEM^|a1+fGm z61U%O(dO3HKoH<(4n6km#a%yniF+?30mmpuApeF}68<@|_a5&^kQPLM9$GTNfp+_j z;!fJu{X~!b)A0r?hkZk85LyNsEPo!Wu)S!F;VSA2PnMm%OfrHTS(dqakSJMrQF>2HafoF?^sy6&$ znH9ibL@DBY?%0D0pigSrDfp@3$#7kyxcEjgCktu+4t{j)UQ=MW3*c*_XHD9Ogxv?5 zNzOBIZ#g+x*dl_Oz#H41JgyHH7DS8;Ji{_!PJeJ1=wifuY3?zzz zw(OBs%^K&ATvz&!?MbafDYnkwxHp}ZH{cXR%k4dA{_W^6%MU6+VAfNP(i34!4=Zshp2`+5zqt_d+k!$}T7z2_2?92tg z_%v@~@yba?Sb^@5DRAKixC<>8zXFMFO#0HV^y~1BPp==?zPd{VpmlcR<+40cX`Jf`TDiut($bcz{*~% z#ixJKkgHqNla?rT((uIY>s(?Se@O<~Z8v}on~ue{8UEvK+`#$X0tgdPa9?oSBV;I&Ya$k3`2c){l8-i9`DDni`uhv}H~G zC5|$)#=w&hAyOj8wEpNp($)){bXeVZ=0k(aZ+d)-)cE{14fIv0(iSkhNR081GWr7W z)Tq&cLo9!t1=J0)C^S+DVTdXN-af4ET=q3IvUs&wI)Kj%X9K(gXVd5^0oOol1phh1MTre$@fs9Vjxf2egbEjvQ0P_v9t< zHg^T>(d6MpL#&|z)>y1={j`}V^8P4ruJ!P%M9wH^Vefx!<^RJ0+jyXUz7g^}4b2VG5MoJFx<8|jfYGbzyL1vACs8oVyUBIciNYqW zmlOpc4DBBeW=cCXn&kwMY1%;kC0lmRoA@Jl1o`kJ+g6acmfU+w`NCO`p3_S|9%<)# zT?|qaST@9ZI{Mc)z=(%snr2#(`D=-jln^-JIqKBA7%uM*7o(us0lwgBcrbu?i!vfr z{h6*Tq^kZpBv0bWc#bOVt^OKbCZY_|fzt5| z0wXpYyNP(5w^uW6XJ>_GpK-Gwz^#>bd-o2a2v5UZ)UBTR*Q)rVy~tykRJsqGn*hoM zG#?qZQ&ZmeHS<`X#Upi}Z$;+^O~b6n1sxN0ckOAXNkoA5hNz#_y>`e$~7+1{|jarBj?7DrpBMTF$aC@=^| zW+xyg!P)93?0fcXHiMsAH+q_Df&&VP^aic#m4JnJ?0Pwe_^R3T^I}yy3J1~e@FK-TyZkR|z z5oTaQ6#!~Fk%9;FpDmkf^ND%wUaj_5N`?j25IkPmBY@TuW}R>Qtd1<##{dhIX*w`R zoTwY8byh(t%(i~8Z$18$fV5z(TZYg!)NwRxnF8Cyu$F02>k!q6`0$?wQaOABw*Uhc z>v&?h)!9#Eu->U+*z-?eK#x<)IIpIcn)l{nV&avRCWE=}1sb(Cm`&WZS4X!tMwbw@ zRNP`#MuPO0Zk|L0r3bBjPrjKh-z!vmY8V=c6OdZLKUn%A{rrxvN5$?lVUSvfugq`f zZ*Q$3FxEt9EftRx1~!{+E_~|*XK7_?+Mq!VDftNY|As)KJArB8sbJj_{^a)~hYqO( zv3Xt!zF`i1u=-EQK|UfKfT!sQfK2i8>ipK`JmcB!M}AAGd3N0d`IwdhG1$Z&$(eh9 zt_cXee1QLJCJR4y?^ZA`e8evr;cK}@~0r+=*=FQrm?u9|%x;;AutQaBd^}+1hsz9N*jVHK;w1ML=;I->l^?(A&KUPN%H> zWCB?5Aa=i-R;y6IAi0+SG`I=(^ywqscv;dPJXa}&XR@FfyvdAU5la^e?$oP6Ei9jE zvicL^o+yD1WVkLy(utzjbGtF2G^u=V^Y+2{4!(K~Dp)jm+;VAxQGEIpP^U8g;Z9JK zS~|jnQ}>CfK&9>GTM>N2#$baUn~LvOk;D%Q&nbOB1*4DYzq{=6a<^ePV~&gYZf%Eg zeM4o2v+6R;*pCmdETx1^&GIN0aV|b<#vR!_uBZy%SF>C$@1hkI_1^py?bklLFVKDt1p989WBLA%AA;)N${Eb@X?NX zM)Gr3Y}F%16{OsXcjQ?mprwo8ylwfeHUl>Nn|))&w}(tl*Tr>jzU}>7y}3G5B9bBp z>BV#^25yH5Mlr8J;E2mBKLeFBnA}Tl^fsk%F?OU35G&&TJ5qbKg)9`X;PmJ8xVxIP z_+H(kwBc;&{}mi1NG}Ok^z{p#ZAj%y@(%8~P(3Aj3P3@21Mt&v?o&$=x+r=;q74#d#Z?N)PjbC167Ndj{Zb~r)OwO_3W45)Diw-7(`grbQn6VlKDucTX@epOdw z8M26!^GE^9zA_g5ACqcyk}~1JQGj90)p+R0YH`ny>)H{5kn`R9^zS#IK*YNIQwAry_eluJ$Ge| z?^GT-JXrWf-#Lo^PO_xMbR+ww%fU^hzQz4p-}f8eQ@ZZ#K+nw45vC8t4e8*93)xGr z-k<$#{;;xXx?mj49`tp;&hL7rKQ5DN(8s@4OX-sqe9Oom{Au|*Lh0E53^Q26`ILos z=wV5W`OhvDgLqpe{t7tFQ17J_EI=J(TJ-#?gYTiAxmI(K!)**rou&K=y(Y)LIpkLc z_MX{1GU??DI=-#^MhKnoTQXWz_R<6x+U99Gl}eJu zjv!Qi=J80C3%(g3@F!{?o|!Gx@jTaA-U|g09S-)dC9Sh+YJ75>&-XD8c8WD+6jPtn z&!=rLS2nooRupO`=Elw&KJY7~u!Ag1ZA-h6GQ<4hk2T8jUw|=49{;(#Y@IV^&NcAe zyK5uHWEXik6k2<65luAmX-IK)^G|sZjqL~ItV}Aq4UZ{i=?7__-h`r=K5C(lH-q(L zkTcjGcVH4d3%RC#L*?spn&fPa74A8Ab-O7rdzl4W2JV+U_(Ol`R}a_@YvXY-VQ?vu zIURyU;sc%c-z22Pq(jxA$e92;=rZD~fMN;=p8WJJ7derN79pq^q^KfTPX+jWd|!>G zQ>MHktS`2W+MTKHOA*rFcdx?+t6PR>nuGq=fAt~=@gk+MMMO~>&oWI)>xnFT@5(yt zTzh(Ng84`k-Q3GP>@9cd$0zScO`U&~^%bIjQ30HXh>_K#F*pr(nA^V-r6G^e<{GLy zQ!AUzOt%c%1&r08l`QZhI^9YZsc_p;!=y#Nz}Y2y;fq z4y>5g@?*JoH4$A{@P@D8=?!xE^H2@aUhaN+@-Y5F_+4 zDtMOKqFYZ4l529O^Dng?{CQu`0pS2GQs6Jw4=Io*sA^{0%|XEkQk!yZ9)0)L6K-`i z?aoWeOp^w!Pfs871!ncO^6w9qPmnb2wKyPvx6M3Sl+CMfPcn#C;nAg8M*gr*LmBW@Af3**B*w`9fb)0o z3{rOSsz8!~k1Wiw0I5W)gLpB!Q8(i#yJK@bCGL|<8f8#^{p$3edi&$j0IDc)T>o@A zqq2OsSg8KsxG{jLTu!__wD=sUeh9-K1^az?*$p^V`}OY@sqrK{Oyao=We_>B=xo-+ z%$JDiyju>zeH52lbnC~rG8*%|)oUGk2j$-^X4eG`B$XtYZ_6zYxs}Mh3q2fTzW$@$ z;NzF|@J7NCU|6i&9*ShVb)9{G0?w!4JW@*;d>V1A zhUR|1m0o5Gl~QP?OaLH5?C`;y#7{$+lKe9SIA&UX6472hf&X2209-oTD0p-Q+M(>0 zLhAyL9`01O-DQb#ldCsT-M?NQ+JTJ+@77hHu94{UGirg;@gjvqnCNwykhRj_vT4)q zYR_i-O)m3?Pp`AajrW05W>K+7bpQQdY(ebTi-Dwt0LtZw5;NifUbt#qry~I`kN}@! z_l+*?^P%ImkLacx5ZAJ|_Z#sSd5{q)Q!r#F-dy|W5ujw9mfE3i4xz`kkcdNK9~{kA z?Zj_fMn*bZH$5n!@(yLY+$$!Ulp zD0Vl~z18N2-}1!5J8hUmt`Oh3 z3GZCVc|cEG8drqv!O@lmsjyXtTSzR*;4|@^7zk~sXOYcz<` z{)W*;4>(aKXtTB^Gvsz=EmtvT%n{a@7}_%7D_U3K@M0fYPZ1ANJRBrf3}qwnU5sZD ztry5;ord)h90TKl?znmh6r<~C3I6~a0SQ9b zUqq@4#5cx)XE#z$=bpC*P4o`z9SD9?UqLq#)2Cnl+xp}|!m~YolkM4(+~00{$KHH# zIH$T-{m*m|0uecRP2w_A;(!h9AWfc&>^#$Tdw)MaSJzAX z=jRRZ^KFdnO|Xf4Ylp9H66e8+pwb;HH}=|&g}I$)d)%#^dY}q{5z``SI8w)g_(cq; zel#J|Jg>Z?Tg2Y)7t1nkCCg{k&-Ql}=JT@TX?5xKmh5-m5N2??Ot?4o8j=qZ zfBP>=a#|!H9!u`O!a{}M|A5(L(=NcZ}7EwG95l;Rp9Qt3~p%K0mu1dc%!|wU@Tcvq= zcC$(PGna#;ufCyDzD9TVJ}N+1DII-?j9mDMRNLy@P3aFSNw|Uvggk{4SLDX`5 zUBg=0{`GO-&o4GkGg~IpvB0ww#0sp(yLNYXe@Hxf6FpbGs9{)p?ZH%H-dI*r654Zq zL?E#xQD|drIcCdkwoJfsrVYr{1OcuW6SCyK0-cQeuUz5*R9ve2bk_&o#?*aCyEkQj zba2ehox~O+D6O4jS?Jwfq;7BD!_kstSxq-isJi*4y}lL}{aSU)HRRW1b4+u6osVVX z+fd=_pOjV{J{({iPl}C@#qD6RJbS4v7|*1UqhAmm5<>H#<^3ssT>5jbboaKVh@B_m+g;bdap9U^VhY-g zSswB!h`%vc1+7YK+)Nb}1J*a|*RDZqSJ?KG()p0boJgw~)173zBYTJ=*?~pxro@pk zeIYfSd!a~{ybqVVm>OR$-4wgfAhVj;5-+8rrlxl7O)!(|tXS`nAL6A<04^nDa0v=( zARS;HJb3U}%)YlNr=XrMBkb@AB(f^IbnY}X6m)sG0~={<6)a6`uC#NKnodRPhEpb~ zzq3m`I&&BA%zCCq>fGbXp+&aO$^1AzKE5yPk7T)T4EfdE`aK>L5gW?~N$i;4zkfGQ zJMf3Y-y<>-z1|MxcLDhXjYMh=MF7>OXxv{MX1SaYGW; zx*ZmSkWCA-AQ?GJ_RV{n@>5A?jZf){HZ{EDY_x17E+S(S|_X>V!Y7$Ot z7OX2BMyomV2na+$QtE!}bd@&JnJgYM1o0dbna|P>k<%5z8*VZaoB8Y{Cu2f|Q|pG4 zx-9P8Pjy!~y!hiI*MVss`|7Q=UxWCP^ZQxE9iGapzdyFnTr(d%H8pi?B(Pjxh49Od z<=Hd5ghcO9K~CQ0(u-ZLgKd7?CN-Wv+Yi5i{)jIC4S;ca#yd@F=^f7xLN-*DOzQXf z;yPI}4Q^>YbG21S%E=>AjF(k`@JzdUcm(hdEnZrVCXTx?5aD#`&GZu5$j+*ohp2rCyLBelo^^)uO<({$xr?oO*pFj6sl} z|H-?fw=er$?==yI#@>XUx|(=tr}$B9*UNxCmJt2LxQ_WBk#<+9zA-PjH926?#?tXJ@SL3R5E>(o~fx&R#sL-WaM!wDyjnv49B#!wZAr! zx_Y7fUlbu?FHd?R`TD^^fEA~6cc8P2v(?N~Qn^G#I_JeJ|2!1*-rDkfO!l;0Rzc2_ z$jC^bSdo^FMK}3&s=gua2>KE{^3^Mi4B`j=KD$LD?Hn8;tE;6uwsh)oIHlF)`T3EZ z|5>;fr+2fmvf^CUJXP;MV&3qL5j4SpSRY_#A1zj(Rv>N#EYSc1*piy}=SixFd>=zQ zTFpSk_K+Uvaxqv46Ftk#M=P0AHl@%eew@r9_v?2m*Gpcj^S*{&Rj=Q^RdZAiHDpOk z)OaqfdiiqvC4Sryeens>c2P=dfvjPlD5#PK|73Tr6h8EEHY=fh}JP2KPKvytiZq`iFNmwQ$1wzFgRd6Z?4 zs3U2KMnIw$-pYumk%sTNb5u($fOqEe;d4a_O`e{trG`n!b^oo;%q_=JqBld6okh~+ zs>*5#18CL4JKX${_#I8ljrzV=>czh`kt`gB`Btf8q&wAtp^)svsK6>^vcu=JWI9Ta zxAy?|R%n0n9@?LC9XodHxNip)nJ4vcr_ss7y8Zoo963mBpOor%V0FK=ojyiVuy+K< z4lB^B?0z1%&*9*u+M7kX1_pye)8nmN+}usCA20+A>b;|c_eFEy2t&iuch z^@r7(Z3sfAz!Oh1(8-SQO^7OaiEJtv9dnD-UA-P z(ed`{`}FwK^ZShlai@u+{iBdxgn}G7HPZfGB4PpJ#q3Di13CknL}|kVZ9Z73mS{vx zSj2Aqc6pVV)Nd5g@4;x zQXZ*5tExWuHrgn`dF=_m;FA`p2B0FqLI7?h9%x*4kNXOv5!RV7fZ85##s9qL+8lRjn$Du zhY$1bqSzNnf9#wJ^gcb)MX~?yBZX|66R2RX=xjKGlcQL@|_Q}qyX(eGJ zosBItq?9#ee|GuXr)-}n>?r|+N+XeD8fjfj+%2sC?h)TfwxaTZy``tm?BdOvc+H?0 zY1^5x$LQeSn)8nUhaH3wEG=mr***etzEjR4GKR}Pd$Ho33$?@8NO2i3qFLn4?l_9! z>9&6rH3miAycw;OKS?SLp6l;OW?b&@czMLPxBORW@>O!oz#Lc16+Sp5rDgi8+s6w2 z0N4N%k-=Amqy=Fg%*aO|EL6I?09};AJ92|`guYJ77tfrw6Ham+){bQx* zoWNjlY1^@}U9`|z8|EL}NK`1MJl20HM-`?_*(!!YA4-WKoiL^y>C zeY$=8S8t%Y>wIpg&J1)HET*QUq_n8Gb!O!@pt>BhCF2 z&*AOE3lnh3MNhwe8DKe3YFlhGu3!iq6zOTz<3&}W2_~;|Yb=+tva;}EF#k1(2;ke> zQKPFp6*#DT43aHzAYcsZZ&j@rdU}>$l=@7gdf|e7RYq|!W+6u42{dV9E3p9w&~Cfv z-PeVEQh9FpcDoJmZufvOhsO`D7!_~t>e}z?ix^|$!IZSKcs&DC0SIqI?4N8oEiZ2| zt;=xn&D*!ZPQ$&c17-FxjPv~#`bvb7J^PM?7xd&aZFsrH2rlI5XgvNFf5glBmqR}^ zC)TzOL^pjF5@;l~Lq!4%pyxSny0WltTh%KEZG^&`-h zj0)BBfT;v_p3ts6v=N|%8PxO)^w^?2;64&wDee67h8g;);_=aIVBvgOlNh@CiiiJ; zT@F1NuTVo#2;1LFj(rcZ75r_*(tVrQ-_%d4L#vr_tH&O1JRcGsW9qHC@2Cuql$6xM z^Swfmn#=+bdO7+mXH5DdpFXvb%c);qc$xr}r;)()*`HgTotY{5Z3OP6I3|5of3{i9 z@P%(PO)s_y-2I!d?DrGRDYo6W{t~;_sc`N;JG*-?A6xr1`{c%`*ZKU)1+{>m)BFW0 zIyz65ruua-7)%RaR!ayC)Iq*HeR>bg5gzMA-|}xmRXT7KVuovOT(Gc69c2JDBf%uG z{TTT}mpEO{(7vDz+B_C}<;Cte6%~D|m0eh<)l*>H`*pFN_JGQYM8(iH zX#!sdQT(Iv+NZZ|F6D2IF=teoIug=~c>Y}Aa8E%DRJFx2Y5T7I6se1Z)t-#^$p;+f z2Y}j#O&J2b{k53v`FWooNWRt%FEu)XM$*$$<>gtwC9fUW;nmcVbly)+MAyQ>i z%)_*O7VFHCBWOFIZZE#};Xo%gVQ-mNXL|I1@k4GnQ?H8BYZcKuum3|Qxp zx8;7^wQb0Ih;G_inb7#h3}V1Ftoi!TZku?bUua@K)8gFiW$UKx>@5e&9fN+RV0HEM zqH;|u@>@stACW}Wc+N%)4PBPny0f=saiux>!RF<*N7KCpi8iP-`NYMSd(N`~K}6z{ zX2)#@3pEC8GrYa(EW5Yg3*dBYQeae7Rq7uRTeD*|ryUeq6}!A7>wMQCNXC2HD%xk;t@^()0X>mZ2B!#j zzAYhLK(^O*Ip1Wqe5Q@|^y$<1GJ69CbGGcP#{qlxsW>`1);v0(Qg-1r?LVe~fhojj z9I@O!g%?G;2lnDXzvYYlY_DpKaGJY?JV{tkp4n8D9iXyGqaBijk1h6KKl=QCY2oY zE&txHZSuM4xkqJ>i-~ow=T=r;YErwvrnguHIvB#RH+0n*1O8#M_Hn?of;j(n_h8ok zpUDxZ-{Sdcuczf^`xsoAlz)hrKErmGSM(b zsMAPeWMWcPP`H!j-23r4#?X-P-Uy(~+$Z)O{q}xk);DV9)PU9{7g^@Q$h_PC^qR7{?)) z>Uoe!)z&uavt8GnYR_3d<}2=xk8^QJ70U%9apb?{`WraW#fp!`|NaCF6A8z8ueFOK4fHOzF?^r zB`P7tR+1kZ%gPHO#q_UV#pfS}1xJ8ICcd`di;|WexNBi3>#fq@w{ger?C0%=%iq5f zF1dK|V_pA{&36J?T3RS$-~np;IXh?oaf`5;PzzZoJ2%hD&bC`b#PZoGvpabk9f!6b zOB9_gOyjY5YRH~#YqpP~V_@T&PDtezBYJ9T3_vD4Fb{q?>zR4MLfWb2kLa?_>?i--hp zxA*Yz>Yv{o8ut(P7WE1V2{gWlmt;_%N`Dv}G@$7Z+UJ0s9?r$gS6 zbBw<|OXmckJ11u8TfdI`Jq(Y~s2(Oaj5A<7o&JsDV~!p14KC`*%$jt*|}_N(Z&=?>F8&C8cBhx4a+k;ilWaklS( zvpt^sD)XO5z@-qhM8Jt4Jn>9nwWz-h*BFR~fF*Zo*lw&V&sbvdLrV*dCGXNb|5S3w zh+I@LHZtOaeAU;>{B=t$e6%*5cznw!y=+_X-tB{haH=ER7b7&p!S2`zCVd$+hI*$m zb^B^tbMuqA;hJLs{u#R=>cw&I-aU+--b9Qd1{3k+>sQ3LGF^6K*uGP!F(BmR6>1f? zAjN(M=nBi(I}4yqJ;$+gAup(QYVM7UiD_Q_Inx@P8Fsna+zu`RIQ{s?@4Wsw_4_J_ zAsVkwL9*C>pGey3@CEzx>sK8OsW~>EZ19Snds!9qKn3>7LB6q8j%BzaF zUVlwk3F5(fNuNEU{x(>l2~DbO&&hi&TywKxWG1_Eu>F);MM3Ezo+;=q#xodyaQnAqJ(q|`5{EyS)( zqb-v4jHiQ7#Shu-qe9VjfD)jWt)tmT+*nCWQg*f)R9u|Ae*L=ZbXG>O9=p(k$v-=c%p z-X+GLqLj6ZVi80w0tz!IO7;%?!zv^{A^@jgijXWx6s#A1*f#mC%ZQ`$@=8(1(2&FJ zAEo#GTgkY%xE9_poAwRa4Yr1|h@2A^7FNJBKSx~+@=w72!|?;A4~(ZOo}^R8$gl$g zM&M~+v)r2^dBNXuzR+Di&TuwT04I8Y6G8(LYG!6;D&Ebltx>hLwc$(3Cn)=P#|~el z$Mo}FFedJVe+6i(TCvfPgMY1{j9{Vfnx|odUmY$ZqZ!JW4ipA5$q@?b6a5dT?<7|^ zp2Saa;lc$)ym4>7iQ|e7bA&m8d?))(+T>gEt4uE$3n)oD^x_9t`D_J;mPzKA;6b>s z0t{(|!EYgqHrz%ZD6yzq1Zprtw?V1hxJB>$Pdkoh6d6gB8G%+9rI)@~uPds;zxMppAco*Px`i&q;F~e|me+!ootm zkd=YK;uWt#7TRN5dK#b{kriL#I{tFw{NEv+Q#p`4igxNbRR|tS=O%BNVFGwIA`Ns^ zl)b8OINZ}M^oM)?4P>pGBkz6T0ElD1rgQTO3B|m|9e)t|;PKtNVgprm^;s>&p6SfMKng$`jrp`Dl+fP$zu2i>Wpb*28c-BavIHg-)d<-X+AZ$1J86F{7)#cQW0&?+tbyf7I_~`qi0%b z74s$Kb8hc=G7k_>CK?qFGCbau;Y>UhsMlodx7UmMt>#-q+C+^7JiZi{&vbTcR}ZLd z39T$GErp4`5&5&9g7iF6E@(b}z7|6al&7EG(g`T@U?2Qdb?pEz1MvlvC7@8Ap75U| zx=V0ZAW7=<8lYQq&os8Lku%}YGd8v-Zort{ueL&j@jnTFL>R^E-(oyvH86kdxB-)n=? zyP|JZZr?3JnFm>{LDw+d_Zb2Eh-3P<=R5V(|2gEmmGuk_RZ-nVS!2AgJ}>kj(U&$@ zW(0pZri_}%w#8i{En6v*+UvT&{AZ5@9z{L zec%cogg@!zfDh<^Dh5M;I+TXw#!%+KDqdP4kP?)XdGLWv9f20s`97pVvs9j`z9m`h zcQrw9Zv9#!r2+0N*9j>kZkK$eBdDI`$?1Rbp^=fG8s90BQ`E4 zfI|2%RuR`pLO2eBPn{?$OF9W05CEr^l43)S9X)t8O!S@aQN()5;Ns&`a{^>eyF$ldWE~)NMvkeaBPxp>WLWs=Zoc=6#83Pmk`FOL3Nnqo z4k>nex}O>O8Tuxy?yJul1;nqR0phBnjCT+|NZg$yww)E^n0m8FvEvH7R}fi80e2~8 zyd=Y#_?3U}(O8iGVW6jd#iPJ0&mCiooLUqzAo`ee;#_tLPzz|fuysDO_Ius#`@7LGd)75nxsI!o(;bSB9ayJ;Ds~z5z0|(nz@KwQ~ zp|n!k%F6eq&O|+aY-T(P31^5sp8y-Jyi8Sb1Qvc_BwoavIOZ1+HRi2Rw%t!WZ7zlW zPj>O%e#Mh<4+AjtSeeb=pHn#Qc+j#4D>*f6cp`SlN(T}jfI^1nwSZm_wrNjFs%Mkm zT4_tGt~T0)22|{2>>dds)?qCGp~@^P?fw00c2NBkB#;_@IXSLug1;7%k>HJ7=iin^ z@|xmdTX&&!WH^?s6d`}#TyV_t`O#F z0)W5$<}Dzsc@MQJ$8^#!KHkHAtNqsPPIZY7Q3h97wAg@+t)fJHl1%qGZ7ZRbg4&QM5c7Nsd)OBbC@;E!2 z4;bzZTI_gXhqqj9Y%<3Cfo|;U^5{{qMETqG>(H9($J(lzC6EOIEIo3el#MRRLb8n1CN{ozbL;yzFQ1xU+J-3+M9mv$HS?+ zP0O@)W9mQi3JOL;&9A{xzu#sI7yG^FRr<3C!{uN(oLLSbX^KL4dy}B*0O?k_j2bIN z^M#+{8%mDMFO+hh3WsXoEvZiqN7;JYlNDQ=4)Q1AqtJj0h(he6YIg!BbOg&n${7Wm zLlYE#0$=6_2w%5)$*<-*3B^Dnbj}OvQ7xgD?gG+bq|kb><`Aly(-xX&3g7&GwF;QWTKZKQps@NHwD(S#v?quMLecB}{12NE961n7h%sj6lIG!LAZ0oAwMbz4hZB%P6$RRB9{%1Vveh2N*;G zZf>6*oQU=6h%$8OpS*KBiR}s}HnQ=={RN`7-N_6Jsp@J3&mRy85(p{0@In=0I%bg* z2g0H-tms;(+vIksgywbE#$I5#r)+!;v5^#~SzY6yGJ@Nkmyb_)u!3NygGAI}@I$u> zW(m)9S^aHPQXAev^1_=S?yp~o+khtTZ^#e#h`Z$N;vJUz4qTtY$zc>q&b2=Rc{Oj} zE=8+Vyy@(|z#42bmOLp&Xv;+_ZruW&-VaNJPD`L9NvEJS6OBZ=^4JdaqSOQEhXb8} zIf(nFH`L9vToQZQ=@xP2)(_>Zf&z&$f~=*bU<3RSjTyRtbSDHUl&@e*oY}B~9u{N=>JQ@Rb+%s`Uqh=ON12p_m zZ)I&E91>l}@6c8}^IXI}%+1xc<=G{RcVS}KIEouvu#LxMWrstQCouuK-ZjPG^EYifAfEX zoqfTJjeHKfcywAzt?dC`1P7+AnOZyD)i3WK3wuoKE_TqV3i0Q*kG-LG5WU>qJ`My7 z4-D&4#-js|um;*tru70jlDbM-POxaE6vV>kA>0YNJT3~YFR5c_X!|PU%a%KOR9jxRI;&D0w2|cOR(a*Y-y`ikq=j#!!vW~Gd#Oz|WZBNC9Tp3*(S#Fu;8;!bF ze_O(LSJor>&A#7ubhxumu2d_iEArXbyBnWl+k%Rny%rfUftJjsw~DAjMafIQUNR6d zoHQn=iEeDB$2mnnV9aPhT2XCR2GkLDlsY^1FGEk0Msg$X6$%XN$?2yfw-(hI?hw-W z8%0$*m(Pz%ZRi$qcXWPJ z$Gliq2i==$@P3?L#R3P2k;}z?WpE zCHZ(frlc5BBZ^z?du)M@=Ios`Ly}1XyqTDzu?~U3#0UadOv`NTdOEBLGQa_1Wh_p6 zJGb!D=+a3y!DYYK3rfd}Ghxs%?)TUDTUoScE z%&dNSqIpqE*!tsNhOWONn$6vKYeA8k9K3 zV~28Z3RTi-yBK5#&l?;d^!Vfn4RaO%hR;1Jf=S;-QWR{pXk$1@jlmzDoQM;-eaoPH zDzv&-*+6gOS4D%PNH~6W-hB|wk6NI`Ewymd7U#~+<%X5Xn=o~O<1+pzU(&8F_MCyQ z?N!|8p4rJ2BT^hfJ=t(+qf2nrJW!M z@|7kN2rAUwLEK7_Ho_}V#BcoZLNU!CHSVC`Wt)U^U1q!-B`e1^Pm&%&O*v7C8n;X@Y>x?J}rh>(%ZH ziVC!e?iymXT~X$6lSt|Gq%G#ogLn3Q%QtlCD7cKifh_FA`+@EjxOroTJ9iO37(2A{ z#BNNm`FS3u=~GRy7l*&9D+YsY^fA{7&m>blaIQ@d|H$c02EPuHC*K{Gf2)H|MUjU# zP;|@?5<2}?G~l!|4^A)}m(cley9LHCqe8e)*=O5$g~yPuI8 z4$Fr%dY7L3#7Qxujpm4CyF*OIq^a%q^v_*#9%WCQE@Te=n(ZrU%r(dV%3BOYUU`eP z5OF}h-r}Jhbk7Ayb+jLA?FQV^qMtjH@^5c#mKPx4bYVA~@rdnMDu0sut;NYUiNz$d zM<4Gc{1AhLfJG8V_{V|-eh;WYe^%I*h_(YEe5>gw`VGHW>Hbib_LFG%NkKvJN#~8v z>|3XdzY#1QUuIyxK=4&5Kx4+wWCgca59a3QRJUy7z0*FpL5}Gaz3MlK`AMDOp#p11 z7TXH#_i}{0&UR^&B9E}JWW4V#?!HHId0#TS0HK5p4^#drwV9r)3XO~=XH%gCcn$zb zxUaV7%`YvS2)A=`5;qGAJW{=ymYjSRNC&JGlA*r(LuqPGkf`p>`MTwnM6r|j*+uub zT3F>eYoH0Uii)JL9LSe*gLcDlW1paA-ovAes!?w9w?(HW1hc8sM9DjIYHNqcMXF7b z0!^k*xqeXr^nOAXE=C^P1yBa7S5H76Gq~8+fcKH%FjU#mHBewGzgS1%!}`@m1!sK` zpkX=!ljbWF;?Y|_9QrfbTArWjt(f^{Iu^QFp#W&O$ZwY?PB9*4cfz`d$)~%u0FM zWDKE6EKg_clfu8@_T@<6aWb*vuaJoUJMwtALPd{g@=QdYYO*NUkKoSt@BN=GzCTvp z2W(_RGNW1K;So_gr5#umaQTBvSuABpv5hH66Dc@rJR*J2M;?DvrHomP{@lIU?qmyc zy6=@Rns=r<0!f*qKFEMu?&4G@$+Hu^iz3RSR4e#YlYlde2d6*!IP8}4r(9uf;`VHh zU;Rm_qH@WcsBlI>n7i6$zK&CfvZf>Bg^FR~2LHQ0Mw#p-Py;X=IDSl4mWNtXZUv{L zto#A^Bf9HV4rjQ^I8*zI6LF7XRRlIEM4)KBB8?%A0pV!>~ zhLjG-M^OK7M72ps|ErH+_OfB6NaFq`Qru!M^6@4qUb6iCw01kk+N0I%LiFC~GLB=zC_MLLRR zFdP3=c=ZukS;iouVN?m>-6p0^rN^YX%EIe@NmA5A0YVE>r4fC7eOGTVmHs*mpnXW> z<2yS8diKyB^G8F;C{DpzU6c4rG!EIm=@wx@;>40@VWn==9z@J>F2L;0)vq}XQu~3$ zKLNy95x_*cHvAO=J84Bl+K~5}TowTj%M}_VHv`9;vSLUff<)7cwO^}@CBl@U_ZldOCQbqHE&XU?LqAl{sQLGB_1y? zFV~fcm}Wqa8y~G*`5HHoos%B{w6!1LzC_^p z4Hurz-+GtJS6u$h7_yo&5cv4Yvf;6^F!8mXee3r-VTg4_*L%(maP5~}3ePpE(FZkn zQNCix^&yg~@BzEwg!C44DfM4*^C^RxLBD9rgM`uX^#K=7G6U zfr%<`+JM-XH@y`Y(%wUGZqEu3x7pWs=2TS~!n-(hGBlzf{#N3vI|mYd9+p?i)#z_H zhYK(fM&_hHG$$>|3y?gr#YNv$@TnyRM?(*tew9mYRAv`NWslI!m2j#E(cTl4L7eil zoe&j4>X^7MuEI#|UnTtU$&G+MJrWQx56k1i!%=Vtidd`oLNqvKaLo1$bS8*o(2#sd zuD~kuC(s5qK!1gEB2}a4>*}eLhq#m!g)4q5mJBFD0bmC3t29}^?0kR;77&c4k#KC> zHlOrl%s-;gL%d9!HDH#+X(tlAzOq2|*rmA2YLiju9mCI1jqpJHQr{uK;g429G-{K& zHR&)ZA&2QpsW1=eFd?BwpOFxNSX7PO*?SGbxmL>I9=0x}j)US}vt_+TWLZd1M@vPK zw@$RBL+=72$P>_3GaC5hn#rXbgZ4{|+PC94q5{#-Lt4m~EDLz}6r5^i#oZqLD%hzF zoSC_5s;q?EQKa&O5x zBc&cnZC>C!+^U$;F{RC1>V*Qz5{2nl`~1fUk)Z(F%(AK9N*WS7T9`52G7@*_Yd>(+ zP{PEs-_mL#${96r*ofc@Z2^)H+afm_-)*2TIdSGy$w%qtuB469GKJ|&WwvMXc4Yxy zTi;#nYT9uGo4SjFCOk7UQ(T*$pI_ZZ{M!5QXh*WyjtnM%9Rm_cSF(#hN+jI}>mloX ztmZiqQssya=+6Y^FTf})ZrsZ@i!aPFZSdo!LAup`Y2q(%sM1r+g_QR*$RL&J0zklU z;)@R(LLF9Wy*omSuS_Bl8c$K{%VR1@2GG+I+)SVZ9i6XW_*P{x6`$m%$>by1fs`YyTSW zzhUScjBw%YS%cQsr#U*I`vWI519!ZTI-O${6{rDuiCGE^5_+X_$Q9TuO@8%C0pTiq zB&n!oa2TqoZ3TRXZ+;H7s;Pa)etW1ZX;RJ5+JK;rU?CUVYPU?f2OyHaMuW!6C+j^=X=+eOn*@%j&vN|Tr>N;15lC2_``~tD-G8P=LBbrC3PEJ5{&B+%K!&v46{wcx;pToTlRo&B5R7~M zT4{0e7q}7U4Ri^7sen5u`J_4sR&XR--3$)4J8;H72z)#y>PU(S(oj*&f;BC7&w2yO zHLh@~-#SsO48X`LNR(0q>EQj$NBV#YA=-!4Jt{gn7RUndC=G+_ghM}%WbNEV@zmww zF8OCKZ-qO^glE=+f%)~H7@`ec(_wl0a2fI z-r(|XZwTAX+QoSj5-S|~IgylpOUp$DmHrORBoCy81{(`D?%P6XD66m-riK8c9H z!Ik}0rUpPoi{m6q3^3G}VDW3&i6;WgW~kK_?WaLd(1qG?Ud~;NC4F56BAyc+53KwC z`udnUk{%6RYY3m#be1%ai1>I@FGXjuR>~^`!Gcq!f}|e$K_KD6??Vs7EXrppfuxM{ z?_*=p=xoo{08GWoL}MT$Q_RT^lfKh!r>g!S0bf|b1sZqOmV^lU4t87Qo)gbGh#u38 z-9rad^n6{bM5CCFh-+W>trvKHZggh&gT)sZB>E8OfLHf5dx`Ty-$nH5dnI8KPV5Ey zP6=T9`pJY@nfr1qu+h_Zv*pw>;_vhKaT|Nzj6TbsCWkv{l6sldo7aa4IEya zXfIA=6F2C1Aj@U@b}b=Meg{~dSQoJK?_EgnBiTUj;eo;NRo9M_MpHxP1kD$v<@wC| zW)H}ZWk>%I)0;n#RS-VaRqOe#TNR7{&2XECD!_SZ=8DrFA)venr{$D_3u~2cbcO5@|?imvV&4NlF^psI-d~nhqjq zYH3HE#>pw#+D1h*G_@)1rM>lDclsTk$2Z5!zXcW)d-9;GAyUvM96Ng)_tc zHjbCFh|;hldu%W7q`>T|f^OBUPVAoZ;82swkW%L{DRJBu@%h8y?JbaMHbrC(C{%;v zea2!LD*gvRybVtC*l>%0H70A(=z^JXv6eOR%DGeQ$A^{A=^h-(n@>Iya^%!mR*|#y zE|Ym|Pm*jN) zkzj*5{!F*=>F^2uQe#)>&l+sbRTnmI;eyyeFzE@Z1*7g8$Xm_Yj$WSaQ*^0TPH9Tf zDr|ce?Xc)2vX@;-x8m5+LeR)=*NzQ+b!qXabnU&9V>z7%Atl`i<&69%EDd{BWvx+G zFk~k7`-jMg{$v*^+1liwRy)@9!4S~gkNo`DLw4@G;#Qju)&F4)jVl`qa+);XS5#O6 z!BbC^$niRbrSW4|PO0F74?c>Fv@EbPHugQ%=2{5VZhVDg56l0WU*r^(<;MSsUqnzu zeLQx!|XbI|P&qc_za$I}4gZ-huNJfIjAdj$r z$$8$Q5p15e^=R><;OjH9>P*u4l8%|cFLOHivDkS4roE9AoJ0Dd3EYB?Vv4f))1Yea z{gMejw-2bCJ*NfQt_P%A7OHD&AMo<>dK47IiQLC$&kl^g9ITdCAVUf^P^8W2{8{n7 zy<$CsY5T;)W}hE+I%MR1Kqp6~;_;DFs4op-ac?G$Vq^~rkfq#$DU1IKWu(y~D`o*y zAgwuLiAFxVj+lQwbaTc}_FM4vc0TZXyUlcVPBuVbUm-cIy;H<~aI2NO&$Qoq_7nQ~CV3sT(k}=ry1lqJa zfKUgJx7L%Y>KPxGZo6&lf@-|E2A`qxlcZ>bT&|RwMt#&}F#K?{qtOJktaQy3%Fwyr z+7C+XsMyfo6m$KD$_?lH5{DzbERdeq9?_dee-ctZW1l;HKJX9c$b;X_*P3%Z_^xn0=TzX0njH{+RY`zRg*kPyo??mI03oA?Jdmv;RI* ztglbZj4OHOS*;j8?#Ov#gy}~MLZG>D7O?;|^NgUhNWo+p_;!<#4@}p`c zJm9;Sn3+y4b?##X&Im3Z9vYLx#>Pert<1wIb2%mk(I!0ez(Y>%Qb4kIHJU$6Mc@64 zKuQAbc8Hk_rC9FHN(eZj**vA8HQjepdF~UG%~krQ>(|*+had2bin3~JR?^N1H2_wI zC%qn0wCgVv(S%N@Z;G5)RFIQ9wA(DH;PK-f+vToN^5bweQ9}F}zJ-!EIq8nDt!vNb zFyR5s;9lK6aQ_gGwC;{Af9rRZ1uE<6?t0`0rP{K0ejF!OaPRbZlkc&+c^_A|YiUga z&Wv4wnWE1`Kzj2IS9($~#fQ*#GzHO%n{ai_k8X;YnATn|it&_eeY9`qea+w;#43U(D$3%ALMkS_O0kya8jI;xFv%`WpO!c!Hms z+mD`C?QZPcrx;mz85x;n;*&wT@2v%uA_=K!Tbd{#53M^YpT3LIm!V|m)7O7ymDAWX zpM3YSDjk1#Gc{^ZfDV=8d=iHbpW{3mzN1#kn1yh0!;IyJQU>Q&%5gdrX&6I}qO12# zc1&l`PQdWm%eT38k7lj!4RS_Z4W=)DvXq2JPeIq!XFlAFK^E5#WoO!;k$P-uLBL_< zqTe6mo~y~-^z{2G6OGtt0)m3p8X5q())8oQiB4CD!B%|v@ZW-=S+Olg&eu|O0aoNW z8H)qNDcHW+sTX}T{xDnWG#>9UWKqM0Ju7n9*}iask`pOs$e<{>Rgm^vv;JM@R=(#( zmAg>a4OyQB@FI}yd{ZxMLLnhrK6O_iCJbOU@(RVy3}G|;xgD){=~0g8C$&(2-CHG4 zWouab{p*_zF-OO{4^fU1I<&@sP$o&T7hvH6^&UBhNN#ibKcQB@WsPVRx;Wpj45$`} zfu6UI!p_IT*qJD%1s(hUst|DFqd%2|{h%)-qM%c4%xnR=WDy=!OiawBwNl}qOBjqK zSFqU=>l8i;>6Wfp^}lXyUM9c+Rafqj2yJEvf<}H@Tznb;ti2uyka&3i?p-f#;3y?g zvs_rafqE91$3JpmOR@@-Nby6&pN!Hnq%ypTsio9G21$K9za&ThjpW{5W9U3)&^cX9 zNp1bS(7(!7MKz!%A|qYa^6xPu5>sKWRAah{KQutwzB5qLjl7wBv9n~eWC|~7?cXfM zRD7=!H*X#LM~7%OqFQqEmwAu9KTa0pSDdHR#*giL@mNj}!do>j9 zS99gA17=$&h-_AFB^8yu!1rKiW&uUV^dgx0fUg!fVonbH<%2Arw0MY)#0)tTC}e5t z!62)w_w9RqjtW@wz0I3*>gq#p)5{^ybR5);$QjlD>~j2*dyE~bkTk1~=!nWh1ARoK zbN9~XfemVG^st!60G0?q_p+(b|A|95k^;0pUJYe@MEPnH?mfs78iOPvxVo0FWv)22;d$~vVm29O#Xwn0Vg96QF z@B39Dl+04v5 zW>`kIQ{4P9+2Y@e29#{v`#(|%QKX3-HlJpzV5_J!8#Hr6qR+s7fOFlJT>;LH(@o-P zRNPu(|5Q3Gh`J~GeKZ|K4S$A%@rohNdH)7#ATO^bKAae=lP4vSVxg)~&MtfE)M;Qj znFU@Ec~FTEDP?^)!B%&0s|e*8;6U7xhqIt9el5TYlS*5lwIgwu9_>^k=&w#G*%N+oo21a zoquB&G0FOkUBurXy7#P@?I@W)co>``ywT8xUmbO{$Kivmf+2qsbqG^xaym}$_dRVM z$p?}VPVLl#n;s?S%$Xu>;3R6~J^NyxXL z`*fla6-d?18bYJ?U+>$~F5X4=zT&;#^(&P@7R{Ng8TM3(_VIzt*a2I1u!!&s2O~tw zC@NTd4OeIva-yOl$hC0hDR3Z!>^5V|NK24| z(V%8OSb+7&+1jQ&1xg!8BaV*)|Ixc|HD~=9^==#oaxSf=+AsYS0+J7b|JNm=;I*-~NKCJ5zN8!~Wc;*IOjrFN#vGHwXbxB))^nXZvuJ=F zq`0*7!@oI61X|SfZk~dmS@T|-8e3N`-gN25qIGoaNl@9#ge1V30q1G3Enf?mj21b8 zLpaO>itft}?oTh*5N$%(p|W4ub(Gfx2E$g)FN$nLeI`L;-;bgL2W+GQe*7pGX**Rza1wlY=~`{3i>DQ)C?kbOre{m zI4@ffr@|`#ceD!(-$i_@*YfA}?tu(Q(58Wgtnlr1;=ZW)1!~SLp9&)dP-m?m`R$wTb7;Nq~BA z8cPU(3Wei`1PX&CTHpngqEq*n$3&h0G{(Ljw@w?ZciG6I$YvO^IMHO5a(XmUQg-5# zE*o*n#889c#2KD^8ez+$Prc3q)hZ&iwW*Zih2oQi_Z?i>NM9G=7k=&D)ex{-A2>a& zu^lDAP{`%pkgN@N#eJ2dj^Dh=cZPg|ds8f;En0Hw*kEFAz8CnvHlE7I-X5tZT3^uV zIH#kO&aQ0K-k~#oDub{AyxG1+rGW;rSy}=*e_xLE$k}6)+C|YPEx@bMl|1{j zsR(T>&9iupC~q&XK$pdNc_7W1O}*MIoJb~HWI;lEC5=p3+yCw`-WBjw7T6Sn_`!gl zX49ns0b-N&K40sBW*JJ)G+NcFNLW=zX(tL`>LglbY6Z>{ChBZ0gaC#F2;Txc9y}Q3 z4cO!Rf6@nl98Z-_ELfa-VA&bp@Ino*07O$e#i8@@ed0futY}3^kecNGJrJkj-l8CU zB2Xwv{ljawjjZgz^=mypWg!wEJ|AvlP;_gRcS6WAQSq;}l>l2dSR2cSeFDUskVc7O zD@#+oh}vfc%0(;yCtM;J(C;6{3*FdpA(?7;9h-8YNA($IY^~q_L9@d41=`)YWzTLr zMLGCbF-2VcOP}i^*xDr4^Iu*_CxTP_vZIWb^*rx#n)R2=+JjTmn0Q(X`{dRectjSd z;{iswMXA7#0qtbXZI*1C`Zbgr#l%owTqvv(svUz4cgKZxQ=sKP)!^@dt>qIo2u^8g zdjLZOA7XO=%IkJzHMQ;pX$7vp2tJ@{jY}R&J@RrQ^#hCQ&-@?uB!2;)<$v*PjC6#j zPxst}S=iC(ta339K`JS2`TM@Qo=AkQRqAS%Wlq{(*ZG4e?_vs^_x#B8?p*|kL_+32 z$s$TQS^9{`$b(|ebLq9GxVjSho&XmzMUMZh(uJd}*Tl}J1s7>l)YQsSiSmYvbCa(I zOGYy9Z`pk?-g`IyrcIktP3w4o)#Xs-HvFu@JFj041tH!Zl*dwFAW}j+tfA76ExPBl zMQiFQkB1LWogj60cgJi-$$!|+MJD^p%8%Zb7PC&aL4X1-%|q0^I2U#GHe`GajL$B@T_1LCl=0Tr>leNlC&dnG zv)1Kg14qRBdz+X)!UVX{(e6R+McbjKj5nQMj$?OUUOhH#IIv$I#p_|8vi%JoT*AeF zSZZ!_#x<(eJ9aMZV|TNC{P^xRX$WXf-DZ;s*pt9GtEJ?Zqwhr!LQ|QXa zs~#V{eL+cyHsxtG)!kiqwh3Ci_+Iw>{DH<1$?>SWgpVH^dp=4TxlU;s?fW>m7*IK4 zaACly=VoNwR%5F`6+U?XHCm|#r!(E!KZXcs6}D7YZwoU|Jk`l0UJfVVX??P+ic!Qql~Ra9?! zZ3Sc-pP;*RFz`q2SU+r8!~Xu$XsiG>2cs4T;{{g#n#$|J12Ym#4Ly_2Q8y(&B2D%u zGzgs5nk8Q3$p8<%ZKBQ=%DDP0vb^L= zyXfV5!ieO(_ct+fhVzUx7k$L$Zlu7hoUv}~;R9fNi0aeJVW#EO3lgNASxM+jF3JX_1F5uE^YMV_jaWP5NO0^IduXqwC1rz@Kb zD3G_%Q>kB@aE|q5t0Z-(8rzyIAE`NGhBHK7w+vvMw`!UV1q{p2HN};}Wm#>ku_^J< z-0-u)IT`GyFSrkQ<+iG7ky{5DQPwY z689^Y>w!Oy7`GO|p7IHdFWICcbtmOck>^f<4j3Qj2_mIZr{%Lt@-l=V-hLdiYIWZC zHwfn7Xl{&TcY2#M!Rl%Z!XRfasePT;tPk4Wrx5Kuyt<2HWyuB6&s&qOe4N}Scd7Q< zdw-iDO8~!b#dqBSU?*{!mk5|l{^seMOM$u7v`>9s`u2-^jsm2S7tyz4o`) zihlCV!jYlT`>Q`2&j`sRC5Q?@G+rh(adoK=>oaA2cCkX^Cs|%koZUAb*L;!3$G5+P z*~$|*D~ka|%nIe^GMj{^J=mG#dJYm&RD4(v+o?9Ho9mPVzjH4(P6bY9XUImYQ2|$* zI?NB`%`kN#+lw?A$H2^L$^Po#v+KWc`${KdrqtRCy+UIPX`zbdX_3_`oY{CK?C5DvEvw>_R0K$HnQk`{BpS#%|V$?BOy4!~@^Yfk(FXo0o&Z8$* zlnq2r+dIkFPpgovb$iVx*P>gWqt#P-o3pF{_`QE4u{w!YYq~sAQUV~!1;!>O4*-#Uy}8Bq4ECN% zdN4i6Ie!wHQs1jaI0}PJ`V(NHYzfr)^&z#>m?_^U(zASss+_3$dKN(vgBLrF=Kx$j z*iE^w$3ds@`o(S*IkjJ9J(PeDS3x6k=(cK9j`CmNQP)JSKXfw zDe3U``K34bSYr}=pDU^ehC5&GOEvt&u?O%CzHZ7U^95z~&JkNR!1~6HH!CxvY1R_s z367YNp=P=ODVU;S0b5K6jn<6O#8#_0o7kx|m2fWxEr1BOG(O3WLaWRqcX2rH=4k(G zw?++RkY^8Q!gy{sP*7pn9Q(uq=<%Bwz zUp+>1vrZG>PMKz8YURGaxnPJCdn;x1-U~R`Z;M6jR^HbMo^!0O#S{L@_da-?TTWSE zPDvTe8|1mZSiT~|Tp{q625Urs5o-Ony)Z~?gR;QNvk|tzImT-{onNsyW&7bT^~%d1 z!*bk2qpy@|*J2CY0yng7XdnE!%Y;WTSPQRqwFbrr;?Baa!r6qdqssOFkNU@|k`&6- z$(r<)N5{_`&`8~z`T6q09Y+l0EX1pMV1aYM*wiU}&%tIg3i`p8J@7E$!S-nqR=a+G z?aL80Sj2( zYcOrMq(Wk(Mdy4qKOqk0WeT0zsc?Jcz*Lc8?=8C;#E_Vz-95&JVF5rGqYJ3KcF6H* zXCI1$sonNZ+Qx#iY8js^SeXdHJWkd?vZr|WWBomDN?;z`QCGs~{bLL45EAWB*S>aY zVx;|8*5My8_}*i@LV_QFGPPfY;}xTJ0pZ9wr>V3kFDOLhy{WWo@L~t)366i^UGM9U531sAYsL@i4vdTUVL<=OQ^MS84vpm>>UkEeb<4dBYQY!paZxEyn3Qs+h`IkNimjT zFnP1iNk|AXw95~L%Ll)4lA&QYcI24h=h-hQ8fl!HMZetod?n1H~^V|td z2L1{iF}oLyrxt;Q;4ol)TFmJcq5P6YI{;)QPJiz@Dmw2%QlL2}H6BuFkQ5EA#-Gej zoreM)L=Q4Fdde64rGw~R6MZegLweYlW>ktsOJ_qnls@pOHBN6n`n?Ew2C4SIrn=m$ z)p>XO*>@FL_)aEqTVwOwp-ew%)Jx0`rkW8@|JL9J8C1qPf)Qc_r^QPTs4Dz2KglO~ zSJ%6mWYisl!Lq$D=F90D$Lx?W~pesP*ui%Puyp8J@!n)Ki++Gq93W2Yq1cO2ZjIP+Q z2pTI1-xG|BTKKkK<5pdrm_4U2USCe@Xq)v1zESW?$@FqWaTbT(CmL13d5?}CIokl7 zM$O{Wle5pVzF4wV-Gx)jd4R-?txZ2Tr6hsuVeD|Ua>H85E&*85XKBV~$^E>dq)^** z!8AGR6ZFmSZuIy8#5`G%+|a(OXvnUr84@7#%4ibPSv$a$N!9AEjEcHRJalj}q(rrEsal@DoGL5KGKafDw9|9YGX=s& zgGwFO#mP}1n&3@Rq^Yb1u}W*ZolC%N2UjWdc|sgE6*eIaRCC3b9L)2zjR)hqdog{e zIbLcqQFQ#HKw90If!u1-@G|?G79$FTb4@wRbCntDV~2*TfvzAo*S0)FVE@Lzg6aH` z;#?ruX`oiNXvTx@GBk~#9iSmx7*g|q3dTwV)LJzfYhGVkGv8sRH?O%cnd0i@CDJCk z(NMX_zeMGw6r3uf<0|4=N!G-dyRF}`H!eblh%K@*&DAMGfsyiB)6SDgdSnOhKzm+- zisq$y5ca_jeU<5_F4I(ai}xpdyxNK*4P`4w2jwZh3+|3+I+IjgtzF-fR^Tu%MYsa) zi;%u*`GXae|EGfrnpJ86lJ2INhHZ=m-`&i^a;B1jD~e;IakVqIEuNR8tW-UP*OS+p zAhPke9W&Wi3A($*L7v8~y6h<=>m()Kn6%O>_mvKp`_zhk!*19?o?11IP;ul#Wocu3NYfrL&oohBDHLezAq z#G92F84O(;8yYF)TN9aC`FzcLEP>eMJ!r!xip{)h#J6*vaZgv!qcN-2ILm#Jq&=`P z7APNfq1Q~yJby90PEE_uNIHLU$f~mGS@@Fe+pV&1yMpy1BPIi0$Js{KKxEzAr07Vf z&6$424~=+Jn|4bb)f&ne4wTM%a^k+diT9A|(Upm->_1L{?C?(NywMvOSJe}ZTEg(ux(7o(!dGC#$-OnRuaarkB%(; z7_rKhCNU6dU4QhrmO$?kE9m-mtt^%^ue6(J4!PNII}MbvH1pc3uTHFV>K4$r*f6!| zFI|)_O&+32oSe0t53BrZz3m-1l+0Cjr&od~<0BxF{`9rBm_D;Yx_@Nx#pPm;19EVr zUX<=)hOAH}Qz3xE)1LEK)Br<4kD*>JxK*ivC*s4c@eI<$@krz!WselhcjOEtKLj;l z%k}IfG#aKwb7w@UNhpL0a-S9bde=OoMxt%h8x8JFrN>oD&6{U3@sc$iAf}Aj#T#2K zj8Y8-u~qxmTs8T-FPvl>r%KZy+-#n9u>3GNS#!GIlx_0O?jMK7&$6pDg&wNovDlY= z_3LYMPZ$cB0Zk)|+dnD$g9jM;EIJNzvU}IUD~d!9P)2;~Pdd=@#;NDJRg6> zPELy@F8Vt(r+Gv9!ocp#lPC1bI&(c=o^ZlsccGgE1s_c9tb-S3^|d>`vd3H=I1UJt z@)GE}ZM*PVy>_K9m4W2R9RTOzT73c1-gw%KVU}uVvv^U=@Cj(^lFtYLikOv; zkB?kg30hdWIdNo{q=SJ)-1mJEeiIJ*eafY*H;hL+is4)<8tBU>Wh;NL2{daJvnP5r zI6{IV@_nW#K+jIv%hOcqI`k1gL&9x*P)3V76b}xFN|)eH%mK-Q2r9=-C!XSA!ccQN zpIluO==Fl8kx7Xjr6e<8Ol{qw&><@9k6R(_U>8%5rn3JpF3e@k7Fcn@VG>N?Y8!AN zN};cN$o^GzLkcwcHaJ-UbD@`Qh3`YOmSgZ3U7ZQQAMn%b3;{pMFuCC6%A*js!^MPL z7G~@RMuW2Q_8olr?U8-qb!gizb)If*7@h_Ww8-kZhP&_@O1!WqWP=O{v6p>TE+06D zM>B-aW7mc>!v=JhXkK{V70k0Q4hS2RgO7h_(yxlhXW|g0@@hYlQn`2e(qj&Rwd^?Y&g(sR#kCwZN3+;Pi zz%}dztRbH2x|Og2ejA_!sn6F>!;bv?Dvr$v7Plfg6!SFbG~oB&`gbt@|8@U=9Y9|G zUmkvHoqw(aOn}RKe9YAasH~0x$JI8J^LJUCI|Xwyo8 z546?}yF)a~M-+~?4mD}4< z&+^|R2te?fH)=rdASF@;kr|IsYk4UAPzS#v(N92=)Xy)2N_AY(#B54?;EoSGEKm~n z-8rabaKy#^yy7aVeUSPHO#dFI@bk+7=RvVl%|E*N@3Sg`}hLA0-R z1&$K=T@E|mDESz2ZT{_p!)8;1sHot{D!>UvyOdtY-%Kq^>{swWlQw|SWv7-^hU(z+ zH=8w>55n8hfe5I+CGFV0vhvX{V9mT#`D3tCpt28k$zw!l3qKqj7*RMVItwmZGv`^) ziS~7@H!h;A$fzsIfB{X7CloD8U$5ENq1d3q2t3GEc@`=89bj@j9EbBoIP(^VUI6`s zk!utb!NR{2`HQ2E-x*_#t%vpW1y`MC-ARR&m8HfX1i_hQE}Hncmjr9ry|JWe9f$T` zn0Tk#H)1kbdt!?uot|V@Kt12$*v>>X^vd8B@$8l*W3OC>Du6bV=Y3F%J@0f{SNV}rY0(rzy=;-6yJpZ}$GVnQ@=I8&$w=7X`nL3XP{n#SG7J{%p1%;~(_Azlj6I z$!Fm3hyf-9a>PfdP$dIJ&toAoH3m^HRtbCZssk6Evq6v=Y0)(eWUD3dKH@w8jftpa z%K&xwzd9GSk`{#`0IR$Jp#h8l5k%qP4)CR?=6YqN9@#z0{4(EKr(WtUF}!2Mal}y{ zSb!TFY6NV$E6Oux2Y|_9DkI&Zy|E{JI}iie*ryJ_`HVS@+Q$ zQw};%oVE)Y7TOXQs2JwSvJ)j{JLiwh9CsQ@(zB3U;wF2}rR-kh`q8ELW8YL0l=veR z2(^7i;eHnFBH#_yk1WnCjO#x<7t`T;V)J_|Uro?Z|C^e}f@!35g6);sj~Zzm0NZd^ zTo@?K6n3d87byjXqV^n3(wJBJ9#ep8kA^{>FzA5Bw)?INozO4jlf6V(*RjQQ=0ttl zRI^po|3!kGK=`k{a$_vv-XFyRm)qT`@aBGL^Hft(#^?vgTi+ObQL0;`(Uduo1hYCI z73Z$^W7<_#`~;7iib-9qMEh)o=*6YQ@tx7jvJ2@h9wVi4ik?RqkxQQxLRR#A3TREy z3`O?ZmYd_3XHyLin}2@Z+mNDnZLQH>I9L~C!OZbtA=@8HmI(kTb-3aqFkxyv9Rj07 zU*183X{h6%NjGVVzF9GR>upcLm+6HnkzD_7>2T4Su;UrGBQe;7pf5ZW!NU+03%St$ zam9z|ero(%xI17onbNP`Td{q#y&mudUeib@==}vl?kL9Y7A^yfgXtPc#TDCO%m#N^ zP5(g&84L7(g2yE;OpUJvvngc!_3st)$5!>bz5mVL{Y5Z^x2mI|)R(JpR4Czry4zkr zy0vsIvw2mYA4>UGn}H2^0aVrymt30YYZlQIZp*H*xVii|OtR72`|0_S-d zii;DYZVHT(GqO`lPbQW)ejy~pK*e<>q-kId%Mn7eRiWfYzbUACpqM9Km4{FZ=&3YZ zf8D8vPt_|U(RQBA>RR3s=r=>Co~OkR^`S2Z>B4#(D&9wIj%7G-ffo2fWih~m$mZLA z*iF{|v@Dfxu(c}LhB7LbVVK+tpg}DLXi=`<3?ys2J_O6o@lC_%$PxxE^G`&2bseT# z_mK&XPNp(397^wrd|2Q-XOLuG!!KwK1+Y(04XUSCj@VfRWF{SutFCkjxdh64~dPU@IwHKCJOlE1h04sxM%{BXzimXFhR9d`vMf}-VnL&$!xLyumdI*8SSndPBCu| zc9EANKf*sz$x%L(VcJ!8;F$w4h6|EUv_h0S&=gexo>f(hddlZ$qsj~E#^*A5 zNWfdFu_I7Tmgq}L>yagno{10_iiETcDji)0f^)LHJLQzn8q>nc+@UKwgssfY^?5*$ zGzuL0#egll3}YCEto;Km=7G~V5I_Y-6DROVamq@n8_3mB2dPdmJQg%jo+==h2CDfF z!g5ab;&)S%7!s%z`YP#;5~l%7@0_M?m{b7tV}=A3qZA+pE(JUkav=U@w=kM)p&Tu3 zc#_Wgig(zPL@>zpNVWo~q0#DP{GD$#_aErIVNt+Ol z6IZtYpoLwZHDJ9PXDtp=dF@f!K&)Qktxno@hFGYc**}11vx9pYEDcxBp6g@z4HxzA z1EIMFs&vUWfI=_LMxuI_RVTmco-+4iQeM-&b82#Sstq=i+ipO`M}Kaj&#v!aL^EJaiLK`nZlpsI8t9WKM!4>X4hl6TkPY^=SPXVKyeFd%b8Bh2pj=O4u@jcZR8kUd z?z=NE;Wb(j*wGqY9Cpw(Hy(vS1fx(QI@Kf%?622^`pzCw-LB?UkBd$0>d$i z0ip<*RhaxJIDfsne-{BE9uZ(k@#yHua`o4Cw)X%U>xBvhNJkDbt}eSuRCVubZ$v;G zR5tzk=6>*{rf#_vBf(ZB0|sx164xc-xDG?k7+!LBXD z_V33!+&Ma8{m*&;Rb0U?o&K0rYcOp(%%M0^2;BC(2w~*d%;cm`0AHIQC1r!dPP=Z`jf+o8HHNVLx7XpBc215(0$MX5@Hs{q*Yj? zVH80RvBub()qyHjy_wgHskaJurYvV)p9CeR+tzD5!LR_DhsaF7aH9cGY)~x-4LgkO zpemcixu8rXyn0jHK@0XezX9+ry@8LhfFp}xI1(ltaG(hXuf0Cp@?iIsP6R5;LnO)7 zd}L3&(YN(6{dx@(Bl9rz;F)Ww*aX6HmC~zg`<;+4HbFMVPc4ZkkJAdz*|7n;p9Gk} z)+fn|*n$wKt7jEanppVh^}J5j0ZGMvfMh=0crZH}C(yf~lw2^^KT~yIs&;mrD_7lTn()RC^jmS z@y$E~fr71wx6ChaP%D6S`iE(Hm!VK#?3Df@05D7fXvc!R3!eEM5WZrrst!;EZrNPpq&wp2 z12K(Yb^p^V*#~n6QvplD5qgQITS=dQY&F2cQt8igPh0@-alJl`CGej`Mcnt7x@rX@ zP)Fqimt?4p&Ai&u0qJyen%Ed0De;2^GadIL<(rq{SpcH3Ns{pnW)NxLfxj5&6N5a@ z=0KlF9@m69$qrfLW_$0R*etd;84idHQ|b$blhI?xbGI~Z zRQ6qBExEg4`(+s9QOu;mDC_^aobI-8zv`?=H532VUz6szOtY9^Drlz3~BQyoXba9`UAY1{gXpBj>{+>w)J?biR1SBnRs)!q*CNh%em%YFGRh5FY+>1t;pi7A~R|PL0v8#rTDOj z9g*<-0o0ZcKrcQ^Oa~Y?1K^xZNMa#phG2U#M25|`@E6QnHU~szg!8ki>2{znM2;h) zgXh5JQ58Xyw|NQ2mm# z+?F_gOSt9gn=7G@Ue+FmbGq)^S^LBA2!L1O6Q5OiVYLLc*KJ;L)AR}lMI4F6mR6u^EF$dO4JsUuX&6k-5?HoFZ->B;h>=6 zP1<-b@{zPFpPSyLS2n2t{B3y~E%#lA@v!y-o;+>Gws2s=LI>Ji^|A7f^_VL8Ow|+V zXt~hi`ok#q&Y35lpq9OOZ~Nmzm!!{ttsMq6av|Tr4)P&Zu5adHn8?fwu+1_wZ-GvRY5I?uS1&l}Cu%x<WNvqd3Y5rZshKY`P<9MwC*t}cB7XolH?mIp#Q4DV!g-zC zc3x9}Q1;5(M2T4G3J(uuHXj7{XrLpX+tZ!miC=}-?seeXTiCHIrt6hsvxE9=iD9tL z)V=NS6Jp?$LJ+XQ6BU5A&dAJytu6t0@Xk^en={(h@ApA!VqK0%tL^!P=E6m-_^;3e zz&VaPxjxooS{N=+=NGk|bwjKaj4vw%pDCEU-T`PhH4j%a#4HzN6W(k&c68o>CKfp* z#n8SW;iZ<2>xU|TMJDH&6bOe(Z>?H=&wpF%`r7$q6`j}$OE2vsHohqcNkfpt*# zN*kAJg8x@7BXN{?oG(D{x$RELpINuJ;b93zY<8f?jI{2@1s><7wQ?k0%!8<*(cY!c zbOOh-xZn(Mzf@Y&;g*-=^Q@rj7-TFU)DlxywpnrOR#BBhLdmqdKNJ%afm{V<^$nDMq0L7{6lwkHRLIp(f;=J9M z0mGeMgXE??+7(qnIRd1z$>xa-eth%bJ+UBW*vvZBoa#pYEbx`>>+uc{JwMIxp_9u< zPk#$GOt)qP>~v~-hig7>#Q8c1Egz|+Yu5}zHfEx~Za^p{yYLRzQx?(sDWha!75x!Esw8@jMJEZl#`C1_mA-2cR|jH{^`IXTe>?cKdQPu zs;{RB;LW}k8k%BS+^xY>iLQ$ct`?HxmaVH0J+de8;1;%Ci*lLkYpf@>-Xuo(aNh!0 z6rh-LY`EsIR0ypx75LiQ=|0h60z65J1i00%p%}VC^aR3z)As1W!iBNH0T4l+O|g9Q zZR3&CZvi>F9d6;8DOn3@k#^)psYC}VX&-aG=!8QUyR3a{zYkkY~db z?*o965~%L8Fk7U5Vs@En`-CHHlZNsLZ#90q`VciNyWO{*ld`K51^pF7S_KhM%<$Fh zs&y>BZo(!)pDx{Jt)Cm`TBE#srf6Mp8 zS0nee$x3nw0)G`ar^NMbpnv$ z>Xe1nlwE$Dp~Df2*~e<^J8o-qVRkf{`0}S)yx?HXh!|DiH#l! znd&sT)%a%mf8Nu$-I+=)oD0KWO0 zgCoCngs}o@!LFq&V&$+9lsDG$`ZhuOwv*p=RzCdd>kWQt+GNL8m-(T?*5BUAO%p-Q z_h%U<`zt0rRu&CZYbOrvI{yybTyka;PgC-?n=v>Za_vn}*{K$@FfuuUoQ-E!(UjD8 ze5d^(Lrs73?^uKx1A_Kr9n9@BC1#wqU|rv$IlKtd2s-O5n`-VOvtMhv3S}WK2%f-% z$@V@jpDJwMWuX|V^VncwMD3Lr>9jMkb1n3zJ zTwrp;##m%}58Rbg*SwTbF5GO;d?v?~ANpkaQ7Hf*UPmROEL+nGmD%h-^OZmmAl2se zGhdSP&?FWivB6Mfz+5E;Qu0MPs?i(>x5PujELGO9%I zZe_Y3&*zDolDm!nbm!c85j#Js&> zxe;JOq#Q?xW-y2I8btC2u8K+O!-Y#f>dA|D&$UiVUC?7wedq`Jm%qewr@vbOR1zMf zGmXPY&i7z7#^uA8h&2O7k;US z)3;)eJo}ZdeyG7c)6Eyx+UNh8TYVY|Svi%ul@zlH!`vX$O9+_9boM^RWv>-5`4`S} zAAre_WC2pBsWqp6F0Sbj>YdX{Y7GhsGG{)fK23vCb1?Zh%x;9udUz4FfI$u6SdW^J zES7q}MbD$a)+ogYd*>4yV(ZxZJj1WNl=0lL6#{wVpuWeltke)(G9tvHreq^2W%GB| z!OM3x3A=-nWA}Zyqg@!LGVBns)E-@DdiS@7hs1wBTR=1R@P>>Rp#KLz`h_MtHj91p z&4wyu*cB;G<=uqL<|!iId^JtbM10cx8lWnt1=gm)AB1m*Zl{k~R)mX*rN<(`%Zh(l z40t5^cm|o}nmT;Sl~)9#zL;PVtlihrM!!|M0KmQm_($7sYSXmF^fzE0Lnkn1l>Kmo zcFz|OC{=O07a=&gC_uJ09trKgcMXA+;Ph+ja71ES4kGJAU^8FQTozrqGhxq0G}RNq zB2(U-7_9mXLbV;7|DmdU%RN29fOavVjx3=c?u`$DOG{ ziU7;I14g-3{3rnY`-K9hn^V&;7Bteor;Lh)0|-}yP)>Z z*ZX(+?de7qr|++>ElxHtIzJxr9`O{Ya6f-mjL2SUSvARsa`57L9am<)e?@8dI#*u@ zZF#oEc_~0JGb?vNQ?w6^fq06(ys}>4?bSnnkY<$c2&G7#&ifsvLWqM&j1mf{fEC+~ zbnpqU#*4XnUl62IT+sc_X7Pj*(=QXJs8D={m~1jexJq{cPMH5K@{9E!QcC`?Ne5t) zUi4oQ#5U>Pw(Rauv(zn0Rt2-&uf1~t!-0h1?dkmybddCOzEo;*v6#O19S?U>jE8!m zN*2sj*`J)#PwLo|T<)&ydlRPnzJ==Bh2CpSELh<9M;Qjk770T)vLV^14{?}ZMK$+p zA)q%$8TsX=n2GC*1XJqzEIjn#ncAAo59Zw*?+DVee1LNIkY~|ut`Pt1015A9`2cvZ z1nThFEY&6aOU}I@(_=a~w^Nex6sxH0Xm7-*DyzxXJ^3q#l7j#d`ig9{o-}2h;iyFK zqDoo5zeDf99W0Q6x~mMrNjj|Yq9`i(EN6ZC@>g@J27YgY|2NnGj4)wteY(!RI&c+4 zzZb0@sCl7_NiEudsxL^#@khg0ZHmEGI!4G$ihbryipq`r?YqWKuyLIYRe%5X85B+o z0|U}x`rVUxf2{*GlP(nUzV8$KZ5^mhxer0v`>}x0Sp+mdNoaHw>UCiF$Ww?<4%_xt zAs_^5w6)&R^y^SVCH4gLurcL0t;MPd@TicpMrdlF#(D^&e(VwubeGZ~p3|=IOQJ#D zK)IZBrcPM>wpqd%wfvf3jNN=3!M*OWV!4F#cJi%}H-3lw)C=`>a! zMT0sb;(wegi4Dhe|x^=e&Nu2Wo_uA%|c4ZDV}Ha7}R|(5dyz!LT-GH6H8c?o#94 z^gsS-QS52|9H%R_b8G!70-y#i*>FAV*D*)pmk1)Mprh-L!4cuJi_TQg&f^1t{%wh`vJh#)X(&KVo<7(T(Mx!?j@>1a)Y?T?UUr0eod z;UZzFjtXU9StPE+qMTR$Y@}GLyKBRzfPV>{c)Ojmh(7?hOP5=d$F^M%dAv=fYhM!U z%0~UWg`V1)UheDpu0STpcWO&i?;tR(Z?S9883hNrHoB`p_~j=V=3*#hoI{Vq#!sNb zsY)l5wYw?b>@!_PhQhNc9fWmx*>91#A`1lVH9TKyp#I8{4<)xcCOK8L(;9q%ye~_v z8J2tAi#_PYvYK3Mz+8Ak#wz}xbKhN@5Y^BcC4@AJlytn3lF6D)czNr( zW^-)mUv7wvPTY2qto`x`@KNkSt+EB2cgwsqP6#pFfW&}V%bTWhD@xb&R(MG`f~lOs zpD*62S8u*Z3Z0U~(7yl43sCd$##DPG(BaBMB_-6z+B==+C(T-$xP!d~e?sOseO>DL zp>palF}U-@+AS3&epICNCVukcRAo{#K88}HIDyLaspe}bWqK)aD<+8KitdjQVT<(( zUzQf1r_Rg7E&DnNZp*X{s?VJrroCMj=L}Qm@Qnp23{6d#Ln?@H3OCKnu3$?Yx?TmE z%M{vy+_3{PF5V)WcI)~V2rgUkV%o<-Hdj#pA@iBJG{~ej@^f6+r|LPkW6g?eMsEdA z%S&k=g)V?jF522&WzJ$2MqZVW>XOLbJW9@gyTLYO(8?vnswH3W6OsgjVjif{RFIO2 zCowpi`cpRPC0wmsRWWTDg8%|otIf7Xxoe5@dKsBSNR?`=A6^}@m9Dggmo|*A0+(hdCrg~y~LXf!*&>}!*z&5n&7~T%L3EdCai|Zwt|Igp?J73 z)6WV42zQDMZNj{N!I!Yx?>Cw|z~yhS!W(2^UCe)=I=FsAUZ%sc-ISnc z_kZCQf5#R61Ag*v+@fGE+`W<4+y%XyUJ(uV2o{9=;dcBE(liD%>6ksmwEP?5_!|Tf zZ3!kje?T0K?O`p_)ITr4!c-O9qE~L)xgzs_;6;DObN;h#`3F!35B)Pd=UylT!hQb% zXZaTzvT6|Y&6Skrvmipz&Z~H1^90ZaEr%%of|mXc{fzd46>Y{akbeMrFrFIJD*YSM za}|{sXbJ1LwRG6AYy|Nv*S$0jHVQXS1&qZ;*vM{J{rMk#^x54elv_nBp>I zHrgA&Jz5j>Lol<|GWU_nTR|`>O1nYWoWm!v(9IaZTLsh`TChzQ+ejzmi?4C&eYLK0 zrqjm<*gq7*fj^Bb;0lS~j{U*f+k6xvm?Rx1+)=_oYP_+s1h6Xg4wWwfxOWPA z!e$y3U760uop}J!@Qvx*cGlf9U)D7!hXWeHz7n$NEU29p3KBw_=Vwaw0Z%7pW`?Mq z{vBBwtH9&Ms8wWR*07aL=^Kvcn$x$c69|DddfzPhy)7c)Yyf|5VTYTqTfrz6~^(hGQ1GMPzF5elRh9AZ^ReMwAMLv_GG9;6pOhDnw;)u}D9 z-p7WsZ$KWfBgJ)IYXUmCyv4`fT}Z!iEz_$VTvM$RM15~5ap7jC@oX53skJ&0NMwpp z3aihP^t0nMyKTH}x#OIe zLKf!#`fKy!(;?$heTbZMT5(TNYxaySDSIi~n1`zB4TVbvWdSj_%@dm{ws{2waANYL$0b$fUX#wf87toqXwrdxtJh~lfpBEMejgCFESh~(!6#fn| zU=XCC_(^ka?H%mw3#P+yee%KRJ9b>>Xz0YCt@qQ?b?DXAIM+S{8v&z86~dP~cbA@G z)MM!^@q&5K9=yr!@&^ky)9esuONA)p)ICw6qiw@}Cl@{^@Q`*#-Pz%0tTH4di(78F&0{KTZM|A8UYh>7? z_7YhePo(>wk;E|fp&tSNQ?lAHWw43wKia$YXsFXLEQgIOlIdb3(#fT$+&8r~UD(-i zo9v8RF_lJZ#OfllX__uJmx)ALQWT2Vv2K+zaVtsr&9a3TWfM zp5-Jh#XQhmNBzFr$tjl)5KBb&yIz0b3OuS}Ph20m7`GjgwZhpe`|GU)(YhfgCcb$u zLT64!#`M=v`nLRZNWdM2w^16SgK6OTNvH$y8NLUYTlPJ27>4(UuSQ^)S6O7($L=>( z2_PG(2xEH0Jl6p2fc%Xoxe<{gLB3W&06vZyOyKCvFAReBh?k6H)h6ici`&9GB_Zzw|GV0+YZKjohaRH)CgE|-A+3W;|1TNV$Cw3&tJC)ndbPTz`i8J z5eN1rNw7W0%`4{Mv#uKMaOLHR-6(=^gcU`sX5n;3K3qa$kSEh}K^McSuh2mv7PR0p z$?&Wp{f-x2eae87%)Uj6Mz=E&$qJROdgC_bR4AW^D%QEsKa2i=COjHLcs7=%?vI0Y z0&*-HQq)-h4S)WF$_H(zExDlX;aTWkZ9)1bd}zg@5X;>r9wiN^EovxCW3}3j2=p9^ zQXPxZFr7m_Ad(Drk^%i?f~CTsFB2@)as7uCoCzKXz%(c8Q^!QDR$r+TX+x)U(SlZ? zEuyMs1Jy(e9Ij#jMcW7%CvcAakVs)bh(pqu21Bq_O~snh4W+=*P%F?SoBNcSc<{Wn zk51Pd4Al)m$vCH0+pB2nIx|MOnLBuDy?7(;gd$Z0(|Wt~QPMRyASzNAy?DRXYLl~? z^66KR+tI1NUCo|bAB+&V)JPN_nRgUR0`AAF13*zo%17FjrP=n+5_R#JszgB&+~7VJ z8L!QTLm(GInMN%eTndP4bC$)AW@XdeeMd$m5zn$jkMGREJmbtV@1)>I_K>tAJ;PW@ z6;R#F`?>t(;*^vd}bqV|kd3C|X_(wRX+!oTAdL)nFNauTa>i{jE|H9{1_5ns@NCh`ILI2mcA0L3 zyqv&=Dq`I3rd+{dnxYHh5B2n<5#^rNn|s#6-_iN}>Kg*heO>pZRO438st%l6N-q4* zjeOCG;;NEOeTh6)Sr67aExiOd`_64N}k<9z_J_r%D;ut z$@;=6hP)kx3l|A}#5 diff --git a/Packs/Core/pack_metadata.json b/Packs/Core/pack_metadata.json index 5f9cab302c6e..cd2bf5f98bc6 100644 --- a/Packs/Core/pack_metadata.json +++ b/Packs/Core/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Core - Investigation and Response", "description": "Automates incident response", "support": "xsoar", - "currentVersion": "3.0.2", + "currentVersion": "3.0.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CortexXDR/Playbooks/Cortex_XDR_-_Malware_Investigation.yml b/Packs/CortexXDR/Playbooks/Cortex_XDR_-_Malware_Investigation.yml index 3cfb4a53d455..9b1afae0e425 100644 --- a/Packs/CortexXDR/Playbooks/Cortex_XDR_-_Malware_Investigation.yml +++ b/Packs/CortexXDR/Playbooks/Cortex_XDR_-_Malware_Investigation.yml @@ -1,13 +1,15 @@ id: Cortex XDR - Malware Investigation version: -1 +contentitemexportablefields: + contentitemfields: {} name: Cortex XDR - Malware Investigation -description: | +description: |- Investigates a Cortex XDR incident containing internal malware alerts. The playbook: - Enriches the infected endpoint details. - - Lets the analyst manually retrieve the malicious file. + - The analyst can manually retrieve the malicious file. - Performs file detonation. - The playbook is used as a sub- playbook in ‘Cortex XDR Incident Handling - v2’ + The playbook is used as a sub- playbook in ‘Cortex XDR Incident Handling - v2’. starttaskid: "0" tasks: "0": @@ -25,6 +27,7 @@ tasks: '#none#': - "27" separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -37,6 +40,8 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "5": id: "5" taskid: 6496fddc-17e5-49d0-8dcc-2372d4b75188 @@ -53,6 +58,7 @@ tasks: '#none#': - "118" separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -65,6 +71,8 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "27": id: "27" taskid: ff288863-5690-432a-86ca-3a86d8350faa @@ -81,6 +89,7 @@ tasks: '#none#': - "91" separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -93,6 +102,8 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "45": id: "45" taskid: 497f868b-82fa-42ab-870f-0af527f51cc1 @@ -106,11 +117,12 @@ tasks: brand: "" description: '' separatecontext: false + continueonerrortype: "" view: |- { "position": { - "x": 880, - "y": 2910 + "x": 720, + "y": 1890 } } note: false @@ -118,6 +130,8 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "91": id: "91" taskid: 638288f3-a778-44ea-80fe-8bc2f2eda778 @@ -142,6 +156,7 @@ tasks: complex: root: inputs.host_ip separatecontext: false + continueonerrortype: "" view: |- { "position": { @@ -154,6 +169,8 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "98": id: "98" taskid: 2e3adef2-12c8-49fc-8963-78b8f0cf4295 @@ -174,14 +191,15 @@ tasks: nexttasks: '#default#': - "113" - Yes: - - "117" + "YES": + - "121" separatecontext: false + continueonerrortype: "" view: |- { "position": { - "x": 1450, - "y": 1580 + "x": 1320, + "y": 1360 } } note: false @@ -189,6 +207,8 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "111": id: "111" taskid: 511dc88b-b3ce-4b77-838f-dfbe2d911e27 @@ -214,6 +234,7 @@ tasks: complex: root: File separatecontext: true + continueonerrortype: "" loop: iscommand: false exitCondition: "" @@ -222,8 +243,8 @@ tasks: view: |- { "position": { - "x": 1450, - "y": 2190 + "x": 1520, + "y": 1720 } } note: false @@ -231,6 +252,8 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "112": id: "112" taskid: 04e226f0-5092-40e7-8312-1d54b7da5d42 @@ -246,11 +269,11 @@ tasks: nexttasks: '#default#': - "116" - yes: + "yes": - "45" separatecontext: false conditions: - - label: yes + - label: "yes" condition: - - operator: isExists left: @@ -268,11 +291,12 @@ tasks: simple: inputs.file_sha256 accessor: EntryID iscontext: true + continueonerrortype: "" view: |- { "position": { - "x": 1220, - "y": 830 + "x": 1100, + "y": 840 } } note: false @@ -289,8 +313,8 @@ tasks: task: id: 334523d5-a1b5-449f-83ac-fa191aae5fa5 version: -1 - name: Set the user"s answer - description: Set multiple keys/values to the context to remmember the user"s answer + name: Set the user's answer + description: Set multiple keys/values to the context to remember the user"s answer scriptName: SetMultipleValues type: regular iscommand: false @@ -306,11 +330,12 @@ tasks: values: simple: ${inputs.file_sha256}, false separatecontext: false + continueonerrortype: "" view: |- { "position": { - "x": 1190, - "y": 1790 + "x": 1120, + "y": 1530 } } note: false @@ -335,11 +360,11 @@ tasks: nexttasks: '#default#': - "98" - yes: + "yes": - "45" separatecontext: false conditions: - - label: yes + - label: "yes" condition: - - operator: isEqualString left: @@ -364,11 +389,12 @@ tasks: accessor: filesha256 iscontext: true ignorecase: true + continueonerrortype: "" view: |- { "position": { - "x": 1220, - "y": 1170 + "x": 1090, + "y": 1190 } } note: false @@ -393,11 +419,11 @@ tasks: nexttasks: '#default#': - "98" - yes: + "yes": - "115" separatecontext: false conditions: - - label: yes + - label: "yes" condition: - - operator: isExists left: @@ -407,56 +433,12 @@ tasks: iscontext: true right: value: {} + continueonerrortype: "" view: |- { "position": { - "x": 1450, - "y": 1000 - } - } - note: false - timertriggers: [] - ignoreworker: false - skipunavailable: false - quietmode: 0 - isoversize: false - isautoswitchedtoquietmode: false - "117": - id: "117" - taskid: 4d74b54b-7691-40a9-8ef7-1e185646bda0 - type: playbook - task: - id: 4d74b54b-7691-40a9-8ef7-1e185646bda0 - version: -1 - name: Cortex XDR - Retrieve File Playbook - description: |- - Retrieves files from selected endpoints. You can retrieve up to 20 files, from no more than 10 endpoints. - Inputs for this playbook are: - - A comma-separated list of endpoint IDs. - - A comma-separated list of file paths for your operating system, either Windows, Linux, or Mac. At least one file path is required. - playbookName: Cortex XDR - Retrieve File Playbook - type: playbook - iscommand: false - brand: "" - nexttasks: - '#none#': - - "111" - scriptarguments: - endpoint_ids: - simple: ${inputs.endpoint_id} - file_path: - simple: ${inputs.file_path} - separatecontext: false - loop: - iscommand: false - exitCondition: "" - wait: 1 - max: 100 - view: |- - { - "position": { - "x": 1450, - "y": 1970 + "x": 1320, + "y": 1020 } } note: false @@ -481,21 +463,22 @@ tasks: nexttasks: '#default#': - "45" - yes: + "yes": - "112" separatecontext: false conditions: - - label: yes + - label: "yes" condition: - - operator: isNotEmpty left: value: simple: inputs.file_name iscontext: true + continueonerrortype: "" view: |- { "position": { - "x": 892.5, + "x": 880, "y": 660 } } @@ -506,6 +489,58 @@ tasks: quietmode: 0 isoversize: false isautoswitchedtoquietmode: false + "121": + id: "121" + taskid: 65a8eae2-627a-405d-8295-c9478a445092 + type: playbook + task: + id: 65a8eae2-627a-405d-8295-c9478a445092 + version: -1 + name: Cortex XDR - Retrieve File v2 + description: |- + This playbook retrieves files from selected endpoints. You can retrieve up to 20 files, from 10 endpoints. + Inputs for this playbook are: + - A comma-separated list of endpoint IDs. + - A comma-separated list of file paths for your operating system, either Windows, Linux, or Mac. At least one file path is required. + playbookName: Cortex XDR - Retrieve File v2 + type: playbook + iscommand: false + brand: "" + nexttasks: + '#none#': + - "111" + scriptarguments: + endpoint_ids: + complex: + root: inputs.endpoint_id + transformers: + - operator: uniq + file_path: + complex: + root: inputs.file_path + transformers: + - operator: uniq + separatecontext: true + continueonerrortype: "" + loop: + iscommand: false + exitCondition: "" + wait: 1 + max: 0 + view: |- + { + "position": { + "x": 1520, + "y": 1530 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: true + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false view: |- { "linkLabelsPosition": { @@ -518,9 +553,9 @@ view: |- }, "paper": { "dimensions": { - "height": 2945, - "width": 950, - "x": 880, + "height": 1925, + "width": 1180, + "x": 720, "y": 30 } } @@ -558,7 +593,7 @@ inputs: playbookInputQuery: outputs: - contextPath: Joe.Analysis - description: The Analysis object + description: The Analysis object. type: unknown - contextPath: File description: The File's object. @@ -597,7 +632,7 @@ outputs: description: SNDBOX analysis. type: unknown - contextPath: HybridAnalysis.Submit - description: The HybridAnalysis object + description: The HybridAnalysis object. type: unknown - contextPath: ANYRUN.Task description: ANYRUN task object. @@ -624,7 +659,7 @@ outputs: description: ANYRUN task process version. type: unknown - contextPath: PaloAltoNetworksXDR.Incident.shouldRetrieveFile - description: Files hashes which are not present and were marked as "not retrieve" by the user + description: Files hashes which are not present and were marked as "not retrieve" by the user. type: unknown tests: - No test. diff --git a/Packs/CortexXDR/Playbooks/Cortex_XDR_-_Malware_Investigation_README.md b/Packs/CortexXDR/Playbooks/Cortex_XDR_-_Malware_Investigation_README.md index b71161e06078..02ecce9ffdb9 100644 --- a/Packs/CortexXDR/Playbooks/Cortex_XDR_-_Malware_Investigation_README.md +++ b/Packs/CortexXDR/Playbooks/Cortex_XDR_-_Malware_Investigation_README.md @@ -1,28 +1,33 @@ Investigates a Cortex XDR incident containing internal malware alerts. The playbook: - Enriches the infected endpoint details. -- Lets the analyst manually retrieve the malicious file. +- The analyst can manually retrieve the malicious file. - Performs file detonation. -The playbook is used as a sub- playbook in ‘Cortex XDR Incident Handling - v2’ - +The playbook is used as a sub- playbook in ‘Cortex XDR Incident Handling - v2’. ## Dependencies + This playbook uses the following sub-playbooks, integrations, and scripts. ### Sub-playbooks -* Cortex XDR - Retrieve File Playbook + +* Cortex XDR - Retrieve File v2 * Detonate File - Generic ### Integrations + * Cortex XDR - IR ### Scripts + * SetMultipleValues ### Commands + * xdr-get-endpoints ## Playbook Inputs + --- | **Name** | **Description** | **Default Value** | **Required** | @@ -35,11 +40,12 @@ This playbook uses the following sub-playbooks, integrations, and scripts. | endpoint_id | the endpoint_id | | Optional | ## Playbook Outputs + --- | **Path** | **Description** | **Type** | | --- | --- | --- | -| Joe.Analysis | The Analysis object | unknown | +| Joe.Analysis | The Analysis object. | unknown | | File | The File's object. | unknown | | File.Malicious | The malicious file's description. | unknown | | DBotScore | The indicator's object. | unknown | @@ -52,7 +58,7 @@ This playbook uses the following sub-playbooks, integrations, and scripts. | Joe | Joe Sandbox analysis object. | unknown | | Cuckoo.Task | Cuckoo task object. | unknown | | SNDBOX.Analysis | SNDBOX analysis. | unknown | -| HybridAnalysis.Submit | The HybridAnalysis object | unknown | +| HybridAnalysis.Submit | The HybridAnalysis object. | unknown | | ANYRUN.Task | ANYRUN task object. | unknown | | ANYRUN.Task.Behavior | ANYRUN task behavior. | unknown | | ANYRUN.Task.Connection | ANYRUN task connection. | unknown | @@ -61,8 +67,10 @@ This playbook uses the following sub-playbooks, integrations, and scripts. | ANYRUN.Task.HttpRequest | ANYRUN task HTTP request. | unknown | | ANYRUN.Task.Process | ANYRUN task process information. | unknown | | ANYRUN.Task.Process.Version | ANYRUN task process version. | unknown | -| PaloAltoNetworksXDR.Incident.shouldRetrieveFile | Files hashes which are not present and were marked as "not retrieve" by the user | unknown | +| PaloAltoNetworksXDR.Incident.shouldRetrieveFile | Files hashes which are not present and were marked as "not retrieve" by the user. | unknown | ## Playbook Image + --- -![Cortex XDR - Malware Investigation](https://raw.githubusercontent.com/demisto/content/1dc10defd6cdb3b9ad7281557002457724d4f599/Packs/CortexXDR/doc_files/Cortex_XDR_-_Malware_Investigation.png) \ No newline at end of file + +![Cortex XDR - Malware Investigation](../doc_files/Cortex_XDR_-_Malware_Investigation.png) diff --git a/Packs/CortexXDR/ReleaseNotes/6_0_8.md b/Packs/CortexXDR/ReleaseNotes/6_0_8.md new file mode 100644 index 000000000000..23bc625d3233 --- /dev/null +++ b/Packs/CortexXDR/ReleaseNotes/6_0_8.md @@ -0,0 +1,6 @@ + +#### Playbooks + +##### Cortex XDR - Malware Investigation + +The sub-playbook "Cortex XDR - Retrieve File" was replaced with a new version "Cortex XDR - Retrieve File v2". \ No newline at end of file diff --git a/Packs/CortexXDR/doc_files/Cortex_XDR_-_Malware_Investigation.png b/Packs/CortexXDR/doc_files/Cortex_XDR_-_Malware_Investigation.png index 9e223dd2ebb90405559df58694c9c928d8411c01..d7229ddeceb4e86f66496921f1f7b3b84f7fcf87 100644 GIT binary patch literal 180523 zcmeGEWmuG5+Xf8NDFPxQC?%m1f(X(fDXqjXG)hUg8X8s+ z8X9gk9uDw-TBs82fd8O7sK|(;74+U;M?<4Sla+j-=AySXjqf--GJUzn(V_6ZoukL_clAs`tfiG*~`RpLsfln;<^n3?0E#KR*>H&lEZk+5bw)s(D;L&-Z{m(zo z$?r;e84pFh0sn9RD(!{#CFuY6Av`(*3v>)NZ4P1|2{d#p60!gOL)Y|{_`h!`_i`R+98mA4NB9Q>1>%XJ>!@?izHM7Q(bHHf zpmatO@`S97NmfqoGr!wAY)w$CG4;bGF#Ww7*LFFl02o)VWKiF4m8RMa zIo5pcDswBVsGv#W_AFuY5>tJmuTkt8!7u2L^WY6UX8rq}UH3G7ufT|8Xa(2CF7X@qkhbxE7_a4seTJ%*!~$$>6rc?V@JZ{F=e^4?#geC53fLqt=fj zf@)b5I9N@MBKeYDOVp9k%Ag)wlNVzxEn|^)H&tX+h*^&)Vd8k!fu#vd!Q8T6@GI@s z7l`k*pK{&>PUpwFJw0s#@VvT)Mht%8#>R%x(F&Jlsd3}*bM6Gg4`Bm#754>w#DT#- zC^iw4sN7mGTFGFGd&;jmI5?;fnkhrb(^3*&Pxcmja^o58mA@J+0sA7|8_kLoYZ9!> z`TjjDK3-b0!8#^y0xSn*r9E*V1b&(->K$BhXXpe1vJ37`iRR$vH)P`HANK`=c%pH@ zzThqTtMSmhz41s4h$I8xz(x}kmi0v)*G}ky=xy?!gyl1ltLcv0x8A*tf#)0Vr5?m% zHU*9o6jmm%SM~*`%Y-nu5R~^cd0aWWH$4F`6lrJ(QYO`Tc_evIPP4|mcI$C&=2#Ro z+P4;EzYqd2J;?KYI9sCTqf=M2@Te#zz?Fd&QT|;KIw3Gj>}TEyDc}_cJ9F7<<&4KW zshR6Oe-4f)vh~;f*va=N8cDVYwg^B$-rrjuw7j+W8$)gYA<%+Tt8NU2F{6BMc-Q>$ zg2naCsfmMSX!Z>R#Pu%fr1}fJYI9X5Cbf*->c#7LD21&DM8(H%d~YEjBz$&Wv=-3H zj5?fu!rq!Z5R@RKuP~?#s;8}o4st3gKzdrmJ=~TL>j=IX8x`Tvk)&aOm_`FT#_i|F z7a18CBve#Xln9E&BmK=#Uht0}C5i*%Y?E?g%qULg=H@PMJGn3UEo!=nzr7>EVmo8LzKeZj-WVqUGk@bJ)K={_jSwbKp|Ds_w) zrnQc0U#s$p#q^OxEuD`(l^!Inlc6Kf`114qGe$u{?FS4Dt?P~iGWg?6e?1$5PhwEa zfg#?6Tr+?`>V@_?1;&dOQ(Ib?uv$(i8BuE&tMnQnw&*-5wm)^1Vs4Uq`Eu?NeFE0i z{)naO1G(k7|2B4AiomxK4V%0vHf6TyM>kD<0WYec6~+8#L7HN@MN@6l_N~=YTo&fZ zOG`^H)zl)tH!nP*7sUBHSS1?z9rxyA4A4>3M~#W9^RE=6?a2@xHT`kV<-2sidThelJD? zaU}|xw5m71aTA#EZmidlT662FVpv@3cz8mBJo#wTn#*r2s z_{B646Z*m7kFzbc^)36ZA2|rpJttrPj*}^Fvv&e4{!}4>?ZQgVuPtsIDYC1~{L3tvVZju$OV4=%4{>K$ z`nLVprLZug&xJ_hZCch#WD;=~VWCZAo1T{N132HbRQ^+;TE}{!Q&@Snd+qA%kwdz4 zkiarBq*@?o_WR0Z2eHnh&B~n!W0)oFZawB+5cF(5zofQI?gDPZfxECv`3%G7R==UI zLzc;x<7O5%wn!k8^$p=2A%CqmIN#VXsiVAh7rHqhCtz52h#NM6yhg^yA5$3!BL)S= z>o!yMG4kxjAMcCmYuVrOSe#GaAFY|*U$~c`5EXdzplJgdaxvel%_zXK5Sef?t?0f? zOw7Is7j7jhSvpqMWtu#W?BclCfBWjvpRS2uW7*ig9*et)g(`+QCPjM=zbGv&t^27s z23rLoDn$Gf;{eBPipBt8!h!q{kFx`Hb@Wpkr4DOf<4Xw{BPfc_pJHYmgN51Vw}1W; z_MNQMcs?`@JoV(@X)SjUi_x{jjEgp&Ii zmxE>6FfUD5uwjzOEOA2}J$f`pd38)9b{R29>uniZwaaI-rR2m!Hjo$jojcOl(Tx6$=cXYE+01p*gVdIx3`?iHeD~*?2m4uOOCTj4l4L z^Tn~*V_~qo7f(CU`B=&nv-bO#E@9~ECmnr9t>TL8ym$s*%-o%?8=4tvI^uFDnLiw3+QJ(b91nw6! zi>k=#n^&7iQU!RZckTNZ!uG69=I`Ex*3<}`4y5RlQj+h)JS5Q~2Sc#I5rkaJ2`SZD zJMM4&>h^YmJu&mXz0B6}ur5|$X%9^dG%~Z=3@z7&cMKI49H?1OAA1wFj*LHsi=K|k zTI61i{`OEyc5w}Ifu~HAHcCGcE(F^@Q|%_MEzF;I0<)fSA6$JlbZZIGWzuz$$n6j^ zjm%lziy3?AAU`P!OM1$$@kAJ!W0d_+_UC+hiCG)E>qR+H*3~ViRW!q>&s*eejc=2o*j4OHrGMU ztkWL@a+|h2we0AVeP&VNy82@1psV(B{Gq6=_tumA=Q30=I!|S?l-i^HQ`}_^A7wO{ zkcULb_p&}uE(iQGCf8fx<};@ zrz`A&YP@Q(32jEWtdfzbr6aOg!PR1W=UGj^e?js?<+>73*=z!wl~wq4L7hQOnNw9p z`cEda4#TA+BBl~g?Qt)d!^}9Dk%rk(k?`D`x1JvZ3GOio!a+A(ZkQsZiHe$=B}MGE z9mx#Lu%k!Xlh8I5)K5{@lRvISA_Q2)kJ9KDJY+;ghxoo!2I}hS9U+(dIedwv6@*1A z3imitF4vg$6OfnNr}U+T48G2gWgJQ}3if-Iw4pgQ%yDX=W*_drq_;pkW4zGgPs78! z?xPNta&>20_jo&elpERQHLMS?z(k7dS#pL)St>(^9=)22Qa(A2qI+3v&`LqN$H}4W zmyj;w!QWFXu)J9YQYC-3*k=Pe`j}sHCYbx`3+i2>*{VG%wpjAH-Y9By-qqxEPunUK zViZN3mnP3;6{2nC$@1?U~N6qg>bVCk11;OM08OoL{yIMgj>0@EG1H6 zGaF45K^oP@csjaltiyiFXi2$Sox|B;b~shc<<=S|ex> z{x`?jjYbar`XM3y-S{u2o#9<8?Sl7?W8rI5W^1P{tQLV0M_Tsdmet4MnkpdAm!mcu z&xncmY(}w4LE6r=j7?Nc&b<0K;8XtZ0BpOU6qbC^NUS3S{Va3@BSQ|jnYBYUkreT- zEV~MPR=TK)8lZdkU61nfOW;ib1bsvG)(tBF8RgWx$0?~a$odGcs#e3 zCy?7ZN`dRXs-E!If*RY8Ys9Pi7xO+@Z#xN`xwlS^&I><1j~I&q(M_K&Gc7psEp3WI ze)}p?d7Z6U@P0;~*i|3!Dt8Q2+&s_|PIDa7unC3WZZ4TZ-DW%#F=GWA>Lf>P*dt~| z%esA^BH{%hbsjrEV`9`~D#Gng&wb>3JaF~}biFdis^9~>ZfZ4$ zN4KSk`Wg@bE`Qbksy}{_qv7ZW&70S1zN#0tW9%hP%6?N2SOCs0;#G^j$EJje!?$rV z1%B%J{l&uBN99K{OEK_q59|B#>$!6_HPr4!BdxSmO3eRi#*2d142|in|~>Ae#wRZRZrQ>h?%< z7!}O5(|92k>`?EYtozu{)o}Skbwu}Nqab#ZEiL2k zQJ>lKsZFdy>Q4%cGME$hbjsr`CR%h#FSRE_IzEpGDmu-Ht-2x9H&1U873olK@2@kJ zG71Y%V}U`~AQu-t;UXNuPUQ6^kB$t$0wvf)(d)mTHUU>fc4OR41v0oVfHeJeh(2BH z7xEg7{My;@_2#x4Gqj|w-w|?%+-`)q^^sYklhJ9_vyPeVs7MM>9e0{ zN2TZ9x9^hso@UsZmI{#`M>5259PYSaj{0iN2Dsnm((hs=)qxQtc=-GA(mDp)`BxoG zMwo{F!5BjbZNvKp4>*)IW`AR+GlCYnEv>qDJc+Bv6Vp$-!^2jRGoH8Ud5AbLo`E86 zK`x*>y!!DX{9|en=Sv}dai3W>$pI!~cG~U>en(#D>oM)0-8Sb7`hydr=iGAnhl6qn zedlu*G%`2KAM5}?%Iw2WYIoLUOpRp2<}lhbgskfJ@_AYSvZ*oM6&GCmG%T&n+8LJ1 zHE(J!o>&JPEL{${)G-lXl3jeZ6n>BuFUPNoNkn>d@*PKw3MWa}DG@(CuL;EZRm8DJ zs5FFoD)A{3a3>#HIvwNv+%;mx!gBO2iH2i@21F$SQsX`5KVgdL3xgK^e!!kT-3B@e z`oaCDn)=S#j~f6>b@d4)&Xy3W7PblrE?Y4mH2Q(B~DI%Nt3 zmG$(?by+MDmfl(TD|9Q1E>>?eG;E!jtssYLtc(X|cET6Z^3eO7=5n1El0aTZ-#1O; zcR!<96n&_py#lIu)&SC;)0_25N}|SO%Xbv;$mmgHcqhst?3OK@eTb_E(}1E!e|$)| zs=x&)Dq|5xcCHOnUc$R%gxgMfljAw`&wghn&q+de8<3N{UHY`TJEuR6)zC+)pAjm~ zGH%1mOys}6I~onr=#3KeJcx9iNP$~i6U8dyQ8K-v`tlBUB*WDU3I%^rM#4#dEn~stPKE@@tQ)thb*OfWBTta z@RL9`PlS!VGGQstpSI~puwEQyLPeZMu^iZja{@OkmZ-eUqtsw5tdK$+?FpEI&m&lj zCvm@*I&dC20_t9wDMOb-h$8$=y!ltFIl|S4$RsCU+f)bYlTN3`QXqSTkVs2P;*o<* zA9R{tF~Z(+w}6mPaC9Sn90&;;xdHC_a}aDQ5R~m5tyB?#y9 z_4%=G;_TT08kO((`>ldBd}dl&>{&z;jr-~T-CPwI<>D_?pW64NQHG}^G0!4L7FA}4skw6eYb+$rgpGN) zOtl(xDh%Quwhukkww{QcwTCBv`A7$fI0kUa(Xe40$l-G44pp$(w{P{ezl<~6R~w-E zA=0M^PmH{w?bID8>{*i=$KinU`aqA9_Hjo6L>+c9o-G1-L0W8>n?+zdz!k^-1hUR)7XA5hfv$td?DliLdD(ITfXq<&p5768mf zr>iCfc2=nk;&zul^REQ>>DL^flXb4C!ns3B^s)(xtaXGm3Tobce0V#7H~rPc=8BYX ze7E*kH6o32|Dx4l83`An$7R`Ej=py%_LZW$y(_KX5FC15!P-N1<7oEKIOv7Du36L< znj_@;Hg6p51oU{7Ot>6ppQ->&9+oLXSH4%%{zz4^9A=Pj7MZVXdI*H=k+v8%PJLxr zDyv^-gZn+n$smLtHQjpCJzOVt}ISy%ZCV`uZN8ZwJjVbgIo^x6B69-OARi{P6X;;a%{I{ zh+;kb)fWHo?#_(Hbb3tW@g8D*o0e1NZaFTE4)#LGbf+QeoKB zcZEsF6d}9Y$|)=G@dSS86D=#Jn(RU|zk~@hhOG-d^RpqFDI>%U zvnJ;pAmom2nVs(Yh3J_hsMm+cknU#7Ju)-Aml+JPviNo@E(^!P%iMON)6xPyC>JH` z8Boc8FuYh#^=PwLMVL8H@s#Jrs9~}j*6W05i-Y&MG4V8-Bhou?k(#Od$nN_IkNgv~ z6;(Zn60B?2#ZS8!3KM>;ovragK*TzBItk%>VU$hHE}*+W}*!;zZ@P!)HJ^&#%d zqh=Q6waogOn>-cmlbi1okQ=k*n)ObHuL{4mf%2L6+?H$}Ip{j>+*UO{1t^W~DqOBH zbT*9?n_`T-$%2G8IfZN9PFdj|D4OpN8;GZb%0D_|UMW%J2IXaC?LT~Qmsg<>b%9#R z2kDC*BD@f-@k#iZ_i-z08BNPP2Dgr*Jy(4E`NFN#Lhp0C;cK7AQ; zcF)uiIPO>;F-U#6HgI>EpolwFtHwUT)h%9xRMGw9T~y>nXuY+CGc9#~`ylPFqu9B@ z%F6g(2V;6%T|$r^0rNG;>_Rh}>&8fVi5(K1GJ#9_@VhBO;MC-%Z$tEqQ=y0Kq{sWoG2}LpwtGD?wG__OKeXl$Z&O_ok z#h`SBHUfK$l@;$}TvMDe-ExVeY2bq-8!8{pKs>~r%k0WMSad)2CpY-|cF7F0cC zxaIV9fHRZva|oE0a6hk%m&+e+8Ca1GG!@W*G=JNXI&UmHu7|N^Cv2{3Rl{i$1$e+sniOsud_6&s9b5pZC1^elFD zOVZ39z3IA~&%VDkNG8*Km`U$_{CqG}LSL~b-=y2^w&D^W`sn)eLAuN7+T!YuzKBR= zn4$aVa@qdN%f=0O`V0qAwWIz!&J3iuJ_3Gh_(XZp1=hEAd0CINSQb-1HA21{?*!srRKfmt)Fu3xT3clQx?>If07t|btx3Q3}5;EFfBxQU% zdcI`KSz8xmWMstBfR(Z%n0HJ+cdlMT3_29VNNc^3^?i+4*1A%=3_~6>51=I~BFAX< z5>W@Y}-uSZ**#0Z+(3}4)-)`jXWM1 zJSt-;#4$`W97vC)`uJ`{gVyy^wNCThXxbLw65uNYrh z0XDtH!e%p08$G&fIUIsK?l9!Yj{&NAx5#1)HtmSV<{FOl$6m_4O>B*B`Rc|0u-_{iQa#aVz z0?P9s+dRYmo@Rm~0YO1UukypBZGedjPrX@m=<;Utx8#7K#eu0}sHn(U{OWJ*e)e5X zDI03PruMx`-1a&`Ctlm2NZV%kt6^V1nE#AA%WXn7_ zg1A|3);7AG1?J>^bd}S&=^aYekG8qBz{a1=C(o=9Yk-mW?b{c$7O{^ZXWcKdO91*0m0Y zIaP+C(R1?ckWgbqgC=lWQoz=BGyjkWE>)#*Gs#?6%@A&AI4PDlo@lv0FatJTcFN)a zd%n-v`mJpyUhpw1+Iu?Encl0Z2p_CWSLZl`6$gr>cXf5Wb?@FLe$n9xoeZ9TPy!+S zf2ej0bf64K9@=&1%%=h)ub|+GnYDFvz976~HrYixxVi=-i+I#PL-uD>%L$l&*u|G1 z^~XX$EUooX$L9$PId_Bg2pl+dUIf6BDc8h5m+$M6d#bEq$v5>jc^{-MKl}Ze!72mZ zjW1p};5TixO9-jfl~1P9(jW1QfFhzW(G-5sN5A+lSG+$4I?C>f#4u23_kehr2cD4y0U05VGB8*O>yG!)Dx4Vl=6~A~p;Z=ebqbmdIO5*P4 zR>JQ2&4a*ggETrOrVB`#9Tu=1f(=983Oy1Wf53IFJe$?Ck$W9;~1NxyGh2`n;U+0%uS29Rb4h0C z6sWIuZ5IfQZv}sAH3>++6AmgWD^pAMgycqUiAs`3=W7K2K$%N6MgK?>tx2?z zscFInD=eGX+yxkFNO1q=by@E=P)HJg6NTv#Jky4k&yqKi0PlR(^<3Vi%0~~3URQAg zm{eT5DW^fpQOUbIK5-GhFfBb@@hEDfE(wjb431y=r&$7pw%7nt^7sQ#4^F7&<>gIy zcuS_SgzEIyH!2pp*Pj27Y_EXo_=O`~P-|y6}HTv1>BNW9+ z2MT-fz)S2KA$Wcya?fyi%4|J6I@%rhSEB~u2s z9Pv5b=WEro*k@OiFefK~biMiao+RM8&@v5^$cNmDzW*(ncPz5KVc(6V*s?_F1}1O< zyLW7zo#foLzW|k-_QVB+$L+GuMl?XPtid-+^sjO+I+oHyF)t?p`ip50#*7TUprD|X zMBeAm1moHuR-1f|ut5TGHf{F1J}=O`Ln(?_3hjUW>KczIVdQ0fQBqRUUHqc~p=amF zxm0-r?aHOZQh?}c8R$i}DU+?o;3RHDY?*q13dCYCkD_sBsV`1|#X(2qr!Un;hYm{dS)Y0&dcQU^x{ zCQ)_fmDYqD*7M9CQ6oju^S1qE!eCzXgX>NbX)&NR1?yFH1`Ny1AN(Xnp1WmG-yIPj(DX(V9ptQV-N;rNYch%>>z}wkF zk9{@ht6s!%T_3w7aP0IL`*xRvF8*L$UEMVL=;Ky%Gqa~JMte&H#$RihVz5K_8PXYr zy6NA{-@GJFCPl?>bhbH&+NrrlBFPc|`h{{}l&rPJG5< zY!{hH+^a51o;u70bHE0~LJ1CU=08Zh*&!PeQ`e2vp%lzbG(kp2rc6)(Y-Ldq=fFdv z{jwi)({u{g+2Jld@OGphmP;Baip1H@r?=lHkaP*Qn_F7mwmQ~xU;DOIXdSsfVe&o4 z;*N%CjA_w4Ox@Uz|6A|=If1-xlCTUljlcFGRB@FW50aIyzX z%*?-hHGrD+^AQlJH3~-q(Ir^*psr+6?itNhcx<`=?BQ6SL7EQ_ov858*bl4~w5%JJ zNgoX|;o;$lv&~)qByXM&EGIEU%0D$l&z`?MI5G1$pSmq0w~JkOhiq)o56E4<@nSB& zAK?=dN37vxw@3>zJ!e+=6&M`Z^3*Q;7A<>vx=dWw7L}5jEwJfFpHgu&K<|vHDax8z zc^K;m%9C3D_FK)90t6wAOu^e{-ZLX$t*~Wk6Ehd5!?o9D78VhsqaZVzv9@|=*AECdvrOop5q=@q{w757>u+eobsaQ2G?sjka6W+{`Fq0Ta=V85WG zB)$~B;~+Jn-fvC8jA}#qgDp;g6y9YzJk_obbcC|OKEgmn#_Bq*xVi#*7_88IE!$~$ z$MR&x!mCnc=BOwx>1dr-TM_Pd5&a}Z%@5C~39{;Z@@DiaF*sne5)z*^|8~>_W&kas zFE{M1wDDd1U(d+gKoV3T2nz8^Ez1+pd185awv_+R ztIp6z!^yDnMd6+~bmSU8YI$QRuUv4B1IT;O4hQ{4z`{%OejLJ`8gE7?;MR%Bp3=Lz zwcbqWUaY~6$mA4keF$G*{>m^%{gP;@?<>Pkg=^2k@?aA4T4pudF|$+fH(LKm&7 z2v!1~e$EeecadBTkGR7z#{MXJ?Pc4i8UHT~sTgXS#l(N(wFiI;m*uT?0BfUXEqZV2 zS6AT)`_u~^$is*eerzEL`_cM$GSp*Gpa<|&BFP;{TkZJVmG9egbK&hXogYc#++Uc4 z>j*f12n-0gAGYa$>Rr9!8i6iWR207$UY!9FlL|&=6j6zzRRDK+8S!Qv*+SY<__!aJ z$TKr=VOQ(FpF%^g1*RJ}X1a?DID>CfRyd1h@plC+L7ksmv#~F;*{=E1nT zv~RVdB>&{m@c?x-(SPpa*HbDOL zC>m!|Ybivk?hld~+v{zZ&34`UuLR|7fMOf7MvR^SiLD5uYjiv6C;N8xeW%`tQ%_l@ML%D-bP2`7*{ z(M#2C+y(>yx^rsk0CjZVo{AO=PKWZcO6F3!Jmz=p|?G`krAwEMs{QDPppMWNDLexGb;J+guO-ShM{>B_4zu4jPT$}dee+||^0Ss2p z?~I~hlvw}dFJT~miEO*OV*Y#WbR=8A(tb2FcN3#yS#tD`4m?I$P-W&^d>Z~IXL89& zK47>%=$WS)zGx^Ja?6A0I(Rt#ZM(}@}617gwL}09+-#f~IC3?TW1G?{w zCL6TIiyKFMH85SxKJoB#D1JT|ViXwU4-MJ92KB%afg9W$kozz^@#BDju+qe2UF$7b zzK7RG5t(wIeduP4(~G6|8}BeZbQSq4@<7du1*BIHUH%{0EWHDY9=%#4C&I zM0T_GMwJo_`a4pK1pe1n{sxdj*A8pT2{83Htg;RB)+{cwZCj$Qy0;IKN(>NuszI&S z_nv=@7z7xxfv)BXfaxm89_3qxW?IO9)Nvhgf2$SX)UhQ_nG$DI%m0k--{vD`zz5{_ zj}l>jv=P~)@2s~&H8f!Si^&?9aHtC<)_<-5Gw7GDAWqUum zMvyll|NkJ!m-r~?GsIfa@nhmAg8(eC%%$4;MX{uefb^k=&VAH=|JiiZpWSi*l@zvC z(*j5^u_<|9Vt+Vc62b-Bq)-aOAAgL3+V zjcz$Gn|4V(YeO#SO)-{XO9xSrPoQssAk6+Y4}Yg5Q~jb3Wv2)N1Rq z`TB0`=ML`fwWqrJ)YQ~I_1G|(IYxB&-r{~!*S(C)9$w_*Cju(gnnGWq#0-98J$Udy zQUXPE9RT7so4IrN#fSVi_wXqGVo5wRRKU`^=#Q-pqF$yU+deW{@tIeW_z@NEd`7|6cXIL%U^V9iGYm+~;O70kSYI(fL*83y`B@8GhNJ z^Lb@aQIW_`wqQz})fofORgCZwMS;Mty~050{r|0=ty1|{ry^==YViXJ2+8~zbQaPQ zZ&8pv-ZOm5_*g_sg=~?D!K{ptsr4nm^|rLNB>*+>u}1jKvOKhI>jOift3?2I23&f` z!JDn`a39SbFYayA|QBb zHch)OxEpC`z~PpCbQ4uOpQ+Xaec|C z0Dyf-j|yk#R{|FeU9(JpXUGToK!Mutcv-gi@m4N<85Ijx3W`Ln!V^CGBRS^oD1}&Yt~mQj9QL!loR!=#2OemPT_@o==#HI ze)A$X%4BTm=$6&wGPKXi$jpqRlMlIL{>hlf{b9@7zU$i#-VHT?6H8U8>x;&inO9d- z3>qHh?%a2(1=c*d7)Uy^IM}j&B)hCUWHQDP6wn|UMF8MePG0`FJ8C$(YgR0Em;FaVGn+`%6cO> zuP(;U-~%Ky67nLqw>`0m>=enuN?crAfN3vhkg!U+#y-Cur|B^eJATsuy!CWheNBzl zj9#UT9=O48m&E`S>W#Ad2ctvy6g^3FrP(VlO-!;-A%KKcNGOqo?K%GSFjsUi$*zdN z@87>4-K&ghedp-{e2n;6t#LxK>wHMxG7*ubWTBJHN558nP5|t<^EoI{3Qb|pc~Mp%Eo)4Q z22f4~RIkCeN@TCB9i{97Y6cF!^_r01eY7A)zdC#NTLyy`Y^6U9Q5qxno{9ZgPy}`v zK^J6-T_aJOu{3K%R!J#XQc4OCqXB~%{vFH>P&5`lwB#^Q*Ee&?44R~MdlR%Zt|4(0 zwXG41j#^Llop)Ad;dYv`_D3HcQ1V(Qes3O3_r2-=(;<>X;>r$yumHHq7YHEahHd0x z;@)ikXob5p5Hr?aH9ea9YYw$V-aze;NylU6cARD+dv$fS+8d(4V4$e@AN)ZNQ2FHc z@-$$wooVF80L576%JedTJV&{>w18;<8DD-gOQ&K)DXORUaro<%DPOeTo^u$G@G%W#5Oble%C}v z5NonS8DQVz7t#H+8PEpDSEqbsqP>2n59$DQ1J-zsw~~nt($I+E7XhoNJb}6#I<4Qr zZNv33u!_R~CY)nWZNsCUZ(GiiM_LplT=fE&v@dlmDtM7oQ(GlVzf*rhe@$M}kxT%N z_O zUzX1R&hDrqDJu7J3f$d4jWAk?BvWP>HuP1>9vbSN9wjqC2?zgktPD@Yym%H`rsfo| z>X7*~9|PKN&q86&fY1&8%Vo*_0_)riiFRYjf$6k49gFpeHhN zOAyR!Ikvqij#7RB5{Qn7!n`m*@*{Jo*YJM0L#M$YULhft0oA^0W^HzF_iUvvo-XBL zPRbr$&(Rq@y^MKr-$oM6d!GD%k*vu86%53eYe}V-*cx#1emfJBZY%#ot~U1x7ra=a zx&&<~%h10^Bm*j#eP;Q-;YN{ll}E6S!=8fc!ZOePl*PT?cQ;pi*&?%6K;y-g`;jT| z^7NZ4f+@8i=0N!v+KU~^$K(3X=1#FCyq0Z!yV4x8+q0-~GgkWN(fg8k9~eADCo1~< zE3;#H^^VJ*^1nl1C|Z{iYb*HLWiL^TXj@WkvUHRAoF_o34>g^0gcO8!)-c?nq~=X~ z586d(hDuBv)@9)W;AsPl#Cf+!5gBzgFNWa?dW|Qe{zeDAnEN5wvox;& zQdfprK`lcye8DiYq{8f#D&a>oR(^V=or~k1{aPqn6pyyjOr;OTd=K7TON3{K5-tJtrs-+%&O0BiHG7T4$vu)*x??95Fys~5(D9*41g z7bMTmD)LhF=2rv z#_>ExVSvuLRa$WA=a=j_8Zd~#dD}4%JGV!5ADZlMIz93pWSt@g2a0jYsyIRBbwdRwm)Bte$3@I{N|zsucPHrAq!C zr<0ePvcg5o6egWf6uqIB?sK#DKc-~4R`d1%eTww4#{KYYJzZAgWq&svjgZlIB+uQo z8Zwwd!am1K4|HZbKaV_gNpYHfsHeAG{qd+=|MJ{84rq?Q(;N4Q>f`Wz^JqY6VYc(V zkbme`S9K{t&;88=Eg^L!Vv(b0Kn;~r=F71BuA6LONuQ&ERsKl=yF+$J4AJCqmncd% zHd}@}Dh!2c*3?WTKb4Z^TbhtJk+pkM!T77K-8%>86#kjL#CYt*0S#*tVm&1}2KcT6 zO8&HV;(l+I*xs1<+KrBRw=&FlneBte2hHhI_Ou0lthc>#DU`1B~H%O3Xi+Pr@DRcyX=;Qmz`P)q&|5MRYH04lsKvTO#OUeVf@iM_U`1F)1M zEO`V>ztO4~7&BV^p8S%SaXr2ice^IgF)6g>G+bCH$FOOU`#iEe+PX0m4K!1+M>Q0+N zkrCzAqwkS{Wxk$7bw3M6667-JI21>%#vhWkna1`jvkpzQg~-3z0gqQ1Hg?A*nkHL+ zdlQFaIm-G*A&@enA-bVnec^4|(gz3TfJunX#ViMHRC@lyWM95lF&1}vA|I2L7}>wb zT33AkZSPZ+jxMw0vY!|oewEJl;JN^FrJnG}efsY9_RzJpcYP6fW(zbgb34FSB$M|% z3VeI27VzD`m;qY845s&LDOxBgmrKzsVBT7)Jqzc9{cqi6{Z{2c25IQ6Kl=*z52I=} zSz$3-hmxnm&KE2ADkAO&tz6D--e+fheeP7Lo0#Py@6S)|2kIUJE$TM;)9i53YH=Ny z-&1}{S^L!(8&32t8(NolGwWHOp)>S3ae3l8I?ehp|Fcg%} zRhTpJdx#R%=(t^|own-hg<82Qb!+}ioxPYdEU{d!K&Pd@Z!OcMBT)vMJ@9S&Mc{$z zgLnMlV5$_VKZ8vB9$unHMYT@G1PCT>v^0^u-_GYISJJY}k49VkDh zQC~*2g%T4vz%FZC!|(-o#7c7x9fcZCFJzYec%R2JBWDgM+b;$Qs{5daw}MG-{)E#! znHL2j{{N6RMT1yw8JyZ!Rb6*Y7~rDnOL-WEe6mfm=+QLW7S`*oSg+jQx{7)i6@I2o zY6tq&L%*yjMo&T!MZ-MzNrjt_+iFGV6W(vdxbL`Uw&@_v7d&&46=o6LBjG6#%qgck zv)xXI0Re{6GF{uEuHc%f>9!Sa%bHbp+AwF{9dd|$n)54%f0F3K=ERE~r`|w}f&T5n zkS8(Z7S3_-WLYns#Ne5)O8UxFTlF;2wIGS}nwVPngB!n68{t~s^Kj3js{487yE+%F zm3nV-#zl^{-7`zO*k6+>o&MCV>;(KH$~3wFR!q@=JcY*rYF$(ez+ISS|Ch7>orv|*w?c>_hv=cmccdLF@Jlm{p$Mdgb^-Pp6Y$#yn%{vOIe;XQW4C<4OfI;^JT(>eu_M12FA*Ykh{Zt^7 zhwzzJ3Wb=20s$GoXi$Q(A+pWV*~UIK3(c`%^TLl=$ub;Hb)-O?*$BCG?L^CkUp#1{ z`eh@e(^-fCXrv**gI&>I0*ehR_A3*3f&+%{OZE4J}Ku($%< zeEVA^$?Cj5`As$3S%iuld4QTrgnwlt98firl~_-TI5_6PH~sY?jeJQrPgnYA@H^0Q zUBoMEcfr8j`NDXLzteQ^>G}M+_Ut` zRDbUcIMKbDZae!i@46I%#ff*dRZ0yjBW@~eq%9ZV9)t!WFGB`=KH z{10%e7rn@^{O!4stm4M8`FqJ$V8aPX=!8I4rg)rVrhP@}2tQ@NscFy%d9Y5i*_YW! zV)IP~@2EzLGF$n@Stl{=*3+z+OI#c>14Z`E=)&3enL=k%g8QAH**zp)(9r>30NAY9 zG>P3{bu++T;^KODohMsRc``7XkXWjTph!zgYiaI>&;CJU0}Fz)0r0CbvK1=%BQXsEUH4@4J^|ckY-p6GH44mOdy{?{zw4 zq}9CMIcv;r+1?TTMyYTVc5|mq|I&*wI3Ns}41R-f=i#YzOI}&s=2i*z0kkmfGh;Tj za^^Rwqucb{G|V>>jGL<*t37^j53%XCiQe^@$15T@_|@qw;+%i~TV70?z8*tVc~E#b zpH^>*u92IQ`WQ9M;l*I+&W_D207`@Q`=7BYzRXefT0-Tlf3?=LhTaJ-{&Sy38Hot0 zh(O9+NtuW;kk_y2;X=FdWo0!UcMOhrCr|>!OOKtT7q~alr2}*z0}8IQnWkSDgt~p@ zsKV>3O|m_X$i5(N6mi$ZyMw$lvVSEY)kmLq(9&p`h_k>n0Bxkl!Y@KecdK>C;Y9B9 z=yspJI;;39?ZU4hgLS8}!eI&#w*W~Qso1U=K+(ID?^LV2Py&Ro_xCNmoZfb8+IJBV z_6*2F%&JNcxAXT8b2l>3ZgvJLjd>0V(8OlUC*JW#OK6H>Q#Z~(dmTMwJ;1(LY!h$E$p60ba_ z2@kmG1kpW-5pe+W&y;oLJ8al zkj#w)&__m2fh>SdFDNAoYlDM>!ZUpNzJC{F+ipY55c^QRvvkZrVP!wZTgH_G z!;_*P2rqBTbR1rU;TMHRM4%d>u)tczovL`}4U#ti%Hf}EunT;DCR+cr+7FjZyEa{SJ@~Tm zJ!72v<$SnjjQjt>z%BcE)|zXsxn}(4Z(+c^r)^80j#qhX{FGZXTJ(xaXaGz>!kS(U zy)Qg}%L8bqxMo6Ok_^6`@>I9Wp0c_+lZ}l{96lS!YL8LKqtfwER?8d{aAcvwjEz(9 za>A?fb;h(+#J!DL`kp)jLagb;x?3YqeowBQxjh7rl;IN^D+`M(B_R%(y2R}CpX>nm zGXS;#sf0rk>{-B0(yd3KKYzKF2Ow7`vk?)gbNBErI$_Qxjz^P`so$@xkO#%Ved3%r zG3WUTJg!V8iH(g7I$mB7PS3C34cQkQYISUYLbhJjy76s_t+?A z91Azh%JN=)=^%i_O_4y(zW@!^-D&T2r$BKA7qj#nFb#ReAae#%1J|z2n@lKrlTAf? z&!dttDIgvEB;Y4ZEV{(Z+la^3Yps+=*)@lQF6i=*+xx?=+nT;f;5?yaZO|9?G)b0T=xcY}swt#1|vaYUWdmy<(3&_Bb)fANUt0=Oz7l43} zH8p~7jnSBj*1lAG6=0lI<21`2#{@tAZ7+#+j2Vdz#!g&|(cgo^8K=brG0WY*@ALh~ zk4TXFh*j)4czX=LS#kf9z**2d0cDIFPcti>t`r6)CTT)P`!MD~uQx1gTG^DR{D_L2 z34QR=YwNbZTG^V~+j;xoV}K554LmBvX$pms5n}>*0^eE|oHfcykS0@8&){1H?v_RP znl(;k4u-SEHSp3`Mc!&2g>x|&kv#kjq`DBh-~wxgiy%7e`6}tN_h*v-mzU|HGoPK6 zr6sQtox9~8Y_P2SEhEX0=hkVpv$NP6rl-&-7w*fQXSDP)H*O3b92_jZ>F9Wl3lf9q zAhusEW9_Hc4pn9=$LUomL`4m!)#e@Hb3s|lgcK-~{?0$}gKz#uBGbu(Nk?IU=UY{v z;!Aa2PXH34#+622WnuHUWdPKmqTD6EqRf_D3h#pL!)tfJtkS(5?5&UAX-5i({6JR8 z%F2=m3#2MhC+@STI$>|3)=!aL4C^03IvPv_3meE74qeQss?s$zGn)=8c5L#C#c^RV z5JTJogk?UD$a88lm?s;WOMANM+1cADZvfQUWiU2jmq!P>T?Z_^P8T;(0CQJhTXShK zBx??se&rfAOm%*iPTW8tsvB%!Bi3alqOV znr@Lv;YipR-!}f&x{2xQ17mc-?zax_P7yZ+usPuvVN2KzH&}Zq{h$;X^ep-!6$Kl2(dZR7ciyxL}f*dr7qodQJcqB8=7_#+86i-oKPJh>J#qrUp1ymEw}EGXBiLFL+SObJTYmlhU29wO)> z?=b7w)-y;0o<%x3IwWrPJ%Ow5GCE>V&-?|F+!VS>Su?ag0Mpnmr&nYEU6o9Jv`dDn;m#|it( zcQMrfd5#?!hid_deK%M;EHe}5lvHs;`~tHJ#ZpFEZIOqXvB;8TO| z%e`dHFetD4m0;qQV~GLPx&IiXciy0ugPUM0GmeKO%+=X4-x|wCcNKU2@(9Dp5 zLMx_5mDWEipfrDzNq?&h|2mH>zHR8!Czg3nlLEs*vX@lX#2Q#&X2ld0+-z~{m$!{j z%l-x|y9DOcS??3Ba;;d_#y9 zS`ZBNnuF8?MTvMW^^Xy3liZTgjF%V~8CyQxF_gDXQlfy)^h>tpx4p?@Kcg`IXBZ1A zUG&uyQqwm{ZKFJm5WiDU5Mf$YR(Re5t+H)`E}<%qOv9ZB##XM+;oPRqIN$rgdil_R zYP06UdsHEz)SNDncpK&iFnIOkcEtJ zvVQ1nR2=pURn_%A0!q77E&0xx7=uE0z6C$GfTE@RmYf7zW~-^GDc3Jp&*g|-UaBy^ zWLn#jQVC7X;iSS!6-~h)8F++N*$87+0|bM>1Q$hbdl!sbJ3-aVbLE1l_ zVN_=17TjtPZ0%lKnCtr5-QUjuO0nHzS?}FeH!$_~J&%$^pKE;n)Rx?6jqxA>MAS-^ zrK83N(mP9m;D#9Ou_otG@DVlDVZNHdD(^KJ!J;bbpd#zStK5nrs)62>6n9Hm=s zD0{CLNT;CsN-Z|eIh?U$3uyWnV4R$F4}j#a<*yONJ;sUp5A17g$Q-szztk~PAw74NTZ zlUZ+(>0W*|Xv%-V^tP4d2;-t7eD`UqF}YDw?X~|y+;mOc%hywp#g4mAsaFNP^5h$3 z)|)CzWae<4ag+g>@Lc0hb$VgK6AAe2e!}#Z+ihJeJm%j7S#=@S zx!jbu-;BKsK<(yJ>vRT(2dCEu(tAUW^19lETH9(o?;1xoxkIL!T^^EL_xPP=Q*mZ; z|Jd@s@MZdDK9yty8~c9BCeJOY`fV5j{euIZ1x36-BpOt5kfSP8rw>@V1!D4uFnvnk z?~q_b%cf5S5*#Gf_3^W92HFcu)kf}dRo*sK&uV!1pZB2)g0phaM(rvoa8C=p{nX7I zVV6ota7gI?a0U=Jnu!ZOj1gAcP8zoNbBR{!+5esy8oC?smj~TEu2KOH z26A=Za0vCFd=>Dg|DLnZPH!L zOcVUi*Z;p2-La^f6T0q?uw$FUz>%wXcsKD#XrvRK2V*4l79~lJj(U`bWiIy{v1%1( zf}X@w^H>)4q#vWg-(I{T{*8BX;x_jx`h%Qh2rIW;^`?+Z!fo!^m=6Bs%_XaGJ3q7* zzfkdrzqN|S9GtTTUsDW#Zr4DN`HXYy2BhXc0pIiwQ%FV3nZO3Flld%nYCZn_LCgzw zK~7iCZAf{wKykg#=gj#z^(dD>&&?Aa=vUq=06+9Av6KEkn1T}YvKLCE{W;oOadeiH;XQT<$@ z?=jo|XFt?}{XoX+N&)R5cd)l|1^$){nhzBa4FVeyj34-oH|9#&e;||w5S!R_VFJjk zR)MXfjtZ?#MNmTsf*BYD8r7Eozg<_v*Ez?@fz6r&48Ct*oF8O*#-TT%dRZa4i|K-1uI%^!MatasQu6`K1;*lScscPhO1liJ_L_G*RBU2f#N<;-~(VI za6&!z-r58-LXPar-)Q-lho$3VS|wMfAU%Y^|B*b%;fiSPWoW_ARz$(-7&FYni|w?Z2O%jq#>E z<3F#s16~mn$s+I;4a1WBry7Kowv6|v|Ig6NL89}C$LWr|yr$;+a4SrK;f>|_%>Jud zHSHJ#Y6hSoS@v%%tB*9O>Agjg)$CpttASx`Wq?dfULUgaoCqCgFm5Oi(WeQMf1tfh zKcNF&MYebjEQ5qXe6!{W+38S70T*?A3MY5vLJv;>C()3(=NyVt7EFGv;3ko56kLVV8$>hGx zWRlQ74k0FIO(F{mi5!y68={kQd}cO3^f~bRkNTgU^7c@3_xY;ff<8MK4UY?ywCcq4 z$xI^Sa@rG!thTMh%RVf<`+X?W&JWqt6aw?NITorF{!2l?uABrmfl|~L%0tF5<=pf7 zDzA|v8=f`x6S3m7_<=*h)!`%c;C!2F-0Q#I2;R*I3+@|I){0qg!Rp z#$wXt+^xmflruKSb-P$1V5|<>`{!EeJqq5pBqD(XUbHrS!mqyfDiN|SMrva9WUKyR z)t6Qz-;fb2=$=E(z;_)%5S_Q!+R2GYY#r-udHv8}A><#pZr|%JS;PfwCu70Si?B-< z{x)0a5Sx7A>5_-M({t$_@~X;T6fX}!IB zFd5ofLRVAR@Jx$|D7$t1wpXt7@;dYXNAZb);Y3)c_Ap@JKKLm1P_3}yq)xtxlL>#J zB%fQWMF!{6hmxP45{l|tP}MN#eLjz%bfRX=HU>kE#c+{#WdQk2VtF4d)`6CW$r;Ri z{~@Ovrx*%Hih-wH0vM*)|B3xn7}wY50U~xnZ!u zl}Z<}caC?sjrPiFKfGgQWK~cUuonCG5ec8ecHUP-)3AQ1tw4e1t&4!b@@G4?DvL2P zqM|6)kJkwculR_yY{`A=y5PRjBbu04!9`~%{dTAEhZGT!jMm*3VscmrZ-4>@lm;LR zE{Po2H-O0v|8_ZF2xA}}ez#-oQMc8#^z?LD78VxyM{1fdN&V@CNT-2`bTiYZ%`enQ z(rJg0OrH(h{X2C6m@p*28iX|}5X zU5mlIhxmL};Q*0n687=wut?7-?Yd9$#W}B4KC*vgWo`5DvVTub0%8@*6jMZUbtL1t z?vH>7VLCk0e()Y*A!A{|RK=yxbjx%;GI}xZF&E|OOym*(Ma0I&COtb(pZN`Wd3i); zeO?ji7gWZDhPV_AC|Gc(h`JPz*PS%NVX)>Ib}c#v7Fm$ZHXk(>IJJhITs~ngF3(s$ zAIFntY8G;-6_+J-4$1z^E8Yb8!GE`vcPLPY7$G-~m2zx#*p^yXI6KMgx-`i521vDb zo(`PXa)e3iZGe%MLSQ1G|6ySpl}$wtKej$Usvl$l6Ef9aX(6TSb&!CqzHVcKsa_O& zM*sraVM+opOJ-SST6#!-rWWXsSB}lk!RW!aI=8mgUw}4{8n;b*02aOGmX@}Y>q_3! z8#2buV3^)-KA~l#N~g21DtIRi<8FyL9SPi=)z5u!CRLwC;1<1I+AE%(!^<(}XSc@( zONU$LO{T8~Qw22%e*Q=_*13hdC_8cw_zf-BHm^LcM1t2fHzztT!dP-{nPS}rP@Ffa zKKtn54j%-`)Pu`zUFAEI)E{RYeg2dQY4AQN z#prTC!85(GXJiiv1nOb#KkqX7^KZXp;4GQ*(c9xfv-bxJBK^q(brk(;pxQ=b8ER~I z4!Hz?s?|U+T(fgm_|L!V9KooHqDcfGKk(H9a3s;S-bESId&)p`!96o8ilq9bZl2db zm_{>kYA(-x;y?d3IFr=d+dey@yJDL3g&}oBH>i4pBf`U>dovzL0cs2?-4#kOo7q+} zVW_p~bVvcb`%*SGY_D<87|w_EJd|81gvT0hY;GEjl;}Opu9TDp&|idZrKacp{Oph$ z*d~c`5$!XpchS-S`6I8+Oj|Vkpy5vLoo?RBOyu&g)KIb2D*WWuUb0=guu|{tuh-O< zC?pIFKF7EY&F2kUmN!kl7p5q1bk5BOVvpg`LqaaV>7k071Z2-tXwt&zqmQXRv?e&- z_JPdo;`Qaaw6Bg49LwDlm7J=4A3uItg1>!u50ZR z<2aOtzT8X(*QIBSb$+o_Jno6^VI{#?zPv5?v^!B|qd(e8T62hSQ_HGcVWvHn(W>G& z3M7#mSF2Ar_(q&V3(N-E4>!vk79V6d4HcNs!gXAdma4r*t3(c#>^9oVSEIZ+L9y;G zn?|)~Wg3!yp^`a!PK`?2ALqZJbdL?}`^-9MbD1o$w= zTxNM)*eIsPY-X#c#@tqT7hkkMfyBxuDM^$bV1ix7dNsWw{~^XVK)qMdO`MS{SI0__ zyJS1+zRAAP@ZEo7CnGC_Ht1eOk=BjCYqb6+H&)(JQLRUK|+M>K5>=)lW;+wgN%%2&tpX4igwF?(>~T?4h3 zc(P(FXb3cXFPvOd4JdE>BJ_G;&&jS_X>8%FzNP266*jWg;nn>4H8lxxeQ&r%&8u3I zi<@gIT+4EMCpck@{4KbE;6mry?`B!0FkP=@wfWvO6*;|zOD zURBP)U~_O7g4H&KrZhSX=vlGY9cC5`TcVKkU&<+|jX}_g-T( z0)FIiURm41TNl_C9}b;V>v;N3O;1OfW&)cWU2V!#(=9qcyjalF@j-%6ME!XE{i4=k zb`;D}A(BfCpO0Ktk$klMs_|H4NVle~t>Zg*Wpc--n|*3(-PwAgQ2lLZUizTW_EB7y-L@>!`;dE8zY+?(Vf{ku<-e8vZrY~y=grUGAdlR7MO+Iw$0bIH(zu@ zwZQsF*x9*(&Isadew%*nu~~g=b=lcO;zd2DQ6oUhHRh#6LP~l)c27y zWX_>J(zq$kjWELSJ-;MJ^>101HJ<~cxz5jp9_xT%k-+Ql&f{a3Is)5e9{2z(a1TGH zcXCQak!Kh;yX5zVq_C4i-R`(&sM|^@T!{L8fkiZjTsRw#Pc*g?t>hB3(}-uei}vi) zd`f&U@H3d%*+~h|IV+JQ{OhkspVq#@vz=5BgzHr9)h~8~vR!OcHUjaH@pv=Q{djMd z0nwHJO|#I{Xo%wO^MumzsPXdE{fG+WMoUOU1m}Ltv6}<187*lkamoj}!mpQpNl^z| zRa2SGsIsovx3{#kB&wve7ovx6wQqKaDv9h(sdUXErN-U5Wf+@{ypGIbtM>B=w|r=W zgk-nJy}b4swg!08Rw;5!CT2XS+}G|uV?W+#$+jIBb&>-uR)d=Am$e4C;ZUWfCHqs__jGs7;F(#xA1?*V{52R{*T%)dIuShrR#maRz{;RrI#C-S?-1z6 zTwW%!KS%4bk(QFARh%`mwsx>up54A&j-OLt)j;VM6Jxv4#BjAc<1?CELyAxPb*l>I z_rm*cE>V^UubH$b-5ir)jDM2;6M2bYYj-LCq>1!o?|m9&Pu=uZcimKW)eHq`IF;9k z4Fl5UDG$(uryT z(8(j}_p`nYg74kZtV|iBm@#>iJ}GeYj+>5~y9KFpq9Gx2bdBq&v|VzPu{ax8!Y9^I zs5Pae0}gaT)7y_(ez$6Dn_bjj2a1fm!YUqjH2d1)wKolK+$XpW&OD?SU`M8XFTxV< zb?ocD`|aRabQqcBCF;A<)SkPa1@8O9F6&tT@^wg$L<)0O?0#|IpEpjXkgMZZ>|XX$ z3k%x-CM8l7oSdQjJ+d$FjA|zPv}a^jjLh8}E@NMwGYsOv$u~1nKRG^HeCGs54K)4&Q zr$UetB)sCxzxj@P>K(TtpBHFr*ThR9GwM(J)$&;Ch9L&u;+ieh!J0vxqYHL8%yRyq zgMZeXe-gR8Iv~e7nN_jC;xhH?wLE<+Pc?(w=MT z6welT8;7l`+s5aoM6N?_>T|9+{4Lsk?`6KRHKqK@&VvnL z+DcVjvpVNfVqvq#VAV8cT4T+M?r9E?>$#g0B_$;$Ha0QF7xZuw1Wra?e|}=TYv%@Qs-l^jl#&Os0@pO=TB~X0vVYV5ApO8Wm1Fl z*l<~|&}!T=<+j3!GOMei=wzz^ppCVrXw*>Yq%KaM{Yh?PP>Z`H)D*>FPs!zUrosKk)%c9B`U3?S|c(D7dQas1EH1yE> z1y?IrJ4AM3(sFuU9_3q&`=Yd#Z!1EXE=1S4N3(`;Z_ zYqBCcF%f1vUcH)mL@WI2;7dTU)wJ7U8(*TtYr^uSau~<__JhpdP0g)b!$Z36zkCH= zC#RSg{9sBq>$W;b~IJVWQgE(-}*|Y`tBr`zL-}$`fHI%)|#@taIJ^MZJ>KNZf9ySuL?i)brh#=#dl2IoiV!(4)R8` z>`D%+ioN8){Zzfny%$E^kaN1Tln5OxbqdP)Uz6XGZV$XN)y($H;Hz-*lqF=B~-B|BUlfbhlIDi(%hZ(rlH@AgFD$ zjBQG+o;gT9*1$pXRf#XUegzlw7k!i%*^*D=?hqI@-zz(*@*41zdGyQPZMp!2WZ&N` zhtX4X%E#Z481tC5u=6f+7`5MQ<1(z5xAP41G_iz}sb|14xzM|@X5%@H<6I<{1(8d1 z1U<+Y+M|tx>=praEr~BiE#XZBd}9SI#s%qe4Nk}|DSvEk*LfEmBH_cF5vTELqmEy7 zZSg>Z?OWnKe<*d>Y=|&beU=#EX}!04xM|dzdf{P*t!Yz|nQDh;*>;qf{PZWw$$Ub| z9nb8cML3;6>$0)FTth(6n{3n-VF=stQDC`jS1ZraLp8La|SjTVb~T0L^{z z-E9Kpv|7`qbfUI=&{t@aOooaP{6T!A7{e2>!w-BB()Oy2xZfv7t6no^R-g-XM$SgZ z&i3hg2>nKvl;MNwniRdm9(@*0PNnwh3Gw;9j0o-R0lBtos`2joY3{qfq-^`b;8C02 z$RThi#4lgVhrJeFe21GiW@;RdYNO*;6ZNk2N|bM9yevCXxbWeI=i%dR>e6ES)v-47 zJH46iuGYK0}@cNzKke2f+DyB1cH>jc>1SG^;2bOYI}) zdzQRH@5*p0i|v?o=op8SVvUCFkxt6C-2pIf8(s(G!Ed^O!pB740m z&pcvW7nr&BbLv_h`yzBbA0jK*g^8<<;kd&ECWb}Agp?)aY`PWd)E-MV+}H$cnYp{= zgoQ`pnCktJ`d);=L6;&p@RXVFjER3@fIG`7SU}MRNs+^NR z(tuiYf(eTG)H(r}-V2Ov%Q}S5yr&D+nxhuyds3n~_t|yIS}8wf8u(B@@;q`F=u2CQ zct>0*17(keovTO>h%ppCebyW6X~8c<(pU(88b0Xu)V7^Zvi*iNJFu4?H^%LG z=-g!y0N1uDmx4nTg>u{B%Kes8c;B1Np8QR<4xJ zT3#z1&?Pv|I6m4DZB$VbwIECyU=?3XM8? zxJrBFP+vC_J9`+9S-|ZKHckbx5+tn_z?z|ad#i#=*YJnO1PdeWH;nI zm+b)+P6YXos4JXtK_MJgV(h)`M1m{nJ>8r6l8wj>zvAQ@&Wuo|m$p|drF9K@GKEaW zXAuf+$vC$a7Z7F%K8^R-E;62t?qbD2JWE)YhO%E#Kk6mUh9~v_1lbS2-xW0b@C}TU zUd(ElBVqUmxx^&wCDU=Cr|uh{`OoJ?xjNRzE?l-#(&a>-WsZ6{Wp$m7L|f6150)D= zloe_xXBdFD$>SdoeOCSOc>_v%Z&T+T>-F(+V(us*m0S4@UHg@d)WYnakB_;NeE^4d z6u^7*xeLajuuvnQ?Rt9qn&ZSSs8ZcCv4`&DJUiR5&ivR3W#Gp~C?Y~%gEMYw@arm= zi`XU*SCmyl=-IryhrtIUB6Wn6H=u1F$N^<@(LpH$AMIB5Y1$9^q0Iu`*X{4H0s4hN zP8|uc_B^iwa^75aCP6uEf2wyseI{vZY$p=CAh071lp01Cn<7KK@82qoBK1G$;i1Ow ztDyI_fr_MQ6_pYSE@ufousygWXzh-vP8f5y48jOtih)gl_ND?N6+9i7bsDf#a*X{= zbs%8cSn6^DpC{~r_q7#I%Ak&?W$=Mzya7(od$bmxP{{}&cpo&dmRM-Pa8w131C-Ki z=f4ZMsDraCPIx~Eyzj1_H(JJ?qmcjEE-Zn_la{%cYSw}4WZgXn(ccoIfxI>v%?3W| zeM#Vb9I@(*L;+|mP5Dye(EDaU`G#jai1BRE(Tl+cr5=7%_e3z*a1<$YAP@rv4TuQQ z9_XU-j3t0`p(TlQamoO^&t-c~5WKI`9jYr2ubRtM5y=T)4`Bs{lk>r8KB2?f!jqIM4boM~+k>OnTN0C2b^fznZPwc0T23OMsjf1{Dz22uD>_7^>-zWqLjWYP)mcxvN(25wAx|&&o z+>hFU#IlJU?{~Zmc1r$>E=Avqu3!7GvrcmQ{W35Y1n${P&Z{q&w`$Tgw_;UWy&k7u zoW-_xzhmM-XIXrau4ppVyDB2$w9NGeAZPGVx&efsej(`ca})2RF!*#nb#T;|ANQ}> z*)LL)jGs`jrtYP$ch0J9WFb)UNg#s2>ozD94RIRy zAXs3Nm)gnh0^6v7I`90m>S|tqrUCQP^qKBR(qojr>Pn=Acl7NyM9Ee|1h$drhZ3wa z)aUft*08)e`-HC+EI zh-nuBYgqhLOyK{cqyopbY0Mha1I`ozC+W<9?wqzuhKk;1DwHI)yDi(X^c3C%3iLdu zB0c@lX%9w`9KHVF16CBNz8c4gdUNu~yi>>T18o+YO3pMpuOAi0N$x9Ni-(ceI)PMk zakr-&*QY2KorXtFy@$>mG%|I>r8CK%E5}{N8kT6sVpWc#&ehzz_QzqCH{P|4c&3(< zS?;NXP0u^Npu1G|W3{OCv|RkZj0$QJO?I(y!o>um3OjTzQniYjcUpz!_4)Pn^yYLg zJ^5(#5G46YmHV6%&gnDWhyfM3W!-%ZGMlH9n@9onJO0tgKLS1sIO@acNxK>I4EEpO_IRq8+MOkj#zogtB{=V4iXmi$d?l8kI zZZl=S*|mNAEr-{B0|f36O9Y1R;X*67<(V`RY`{F~150SXV|*jbIUW7YeHD*~-ekXj z+_wX^)f6ZNT#56vFXwcRXo4hN-z^bpLO(G(AOiE71?fozwX)giFJwRy=9rr5G3A(L zU@ZHqZ|YbTfEDW2V{m4X7{}g$PPx44`7F3U~?32~73H@opTBR!pE-B~EG(ytn_ z`{uy0FgjrV^77v$@kSxjs-UI)SK$WDRafnDqm(_82pBGv>Im^S@Rl#vQ@bAp@=bjV zRSIuTXW2vcC`}irDDk`pSqP0PDnS^yO`Tp)P)ku{o=ygo2)y8r9?^s{D20Pyq6M$v z1}9X!KwLY9;Iz2Fae)0y@g_vAY7qo&S?+yc*#Jh-XRg7LG|3qe6{6PmBEP-b)O1VD zURg?paxW3G>9F!+A>{7>&SorfZ5nWC371lg znb}!GLHX%Nh3#~6Sf2SH*PhGBJyQKGP^pSfE`bR6aiQDp)%Q$LY=JotQD9~YBbVSn z44Pb0bMh!_nB2G(SJck-w`7=}OIa)(-b+hU+vsDV9Frb~J%>Z*NMW}k(LST#%1J()~H$@2)8YgQx}0 z9oaT>!iBR%@wNa4(p-=ycsO?kFlT@RVK6b;Nb8|N=o+|7JgpD@*v2H}Hj>)kf-g^I zdCx81Pc49)llNwS>f^6ZL8dn(GT5M&O_+Rf*=a1;EW5P6A}cZR0k!+w&C=a30Z={+ zuxa1216+td0qa-`tmnQl>O|0jvZJN~bMNr)g22?c#aNhy?4q6-NutBCno36YZ`U~X z^`mS{Wi5qDm#u|9E|=yj{2Om*r$UuP!!FZGN|z(pHlrHioy8#{FGfbGf7mtY_V)H{ z`y-8IBRF(`Gm77K1W=Y2!B*3fzYvRZIn6Gl?e@U^Bt|pyXmt&fn`eS-w^?qRL ztR7F{K1ax%Mo&^w(gvu#eiCEh>eK1#@u;m}eBAs;VkIF5)qj`ZXv$v$cC7JvCJtkYj<;V7-vn zG#MOVa9qXMoFNuA;!D5+>!)s@j{cf|tL^Z>TaVDgzsyCdhqcs8Pj4ti9Xg0#RIBEl zYvPv_(s_SzArjse`TcjM7Jd6k(rt`^%E!6TW=Nm=#Udbj-V;egjhGy8i16+)L2`qfaejV&h5FuCs1|ig8!!*Bu(BjNEcOGQL$>wxb#QXfK7Rao<~1sf zEJnixd4P6f7Q&`r+bR*oLSKEs00MVVVPdE;?Mo*^hjkXX+(FF%x|YYd4gMWj1k!Kd zY)Ja@MZ5q%Be6hLz{pstb@v(*G;x27MLzS}YQ;QiY9S#ZPcRTACHH{WU~}j8v$HuQ z!~t-RTx~dprtdU#`*kY7n3=Uyb)PD+Px!@;0EDCKS@kh2JZeqW3yggcQ=Q$)mk)Ke z;NAnAYb|Nqvm2gffXzZ3kd`UKU<^q{M#|dSY!*WW!Oz>pZ1$G8g#c#iE_!BOADUc8 zISV`U9b-L{Ej7UD=`2L;9~3lmm?5oo1t?7eB3J<(Wh;vH4IeM-Iz+V?cT(A>-RUk|uk&uM3|C#W}s{GhV7obK$LLAep zexvP#vup~Xq-PFEuOmLgEt^bztE0AiGv{t+w|)zL>6QCl9lqXFSa;1mcFM2i6(VlY zjhclKGp118y?qLlWWSt)!F;5~ia^S})U*K8-T!K=_oKc(s+sl3jpIzHXeg-J)?6ll zBIY7Y*^a#Cw;BX%^0vh0w7*|`x93uX(5$AXBc$S1o+>%o_f2G{xK9Jx>mJR&2VlLg zpTo8cEvP^fE^&7S3VQVy8d98PQJyW|BPZE!fpwsxq8xh{psu-$?t4mO^CZHHmiTha zPH~l*fDBev<7PNEY)rI2zBrL8?jg{vKj)D(fYpZ!&UE#C%_+iheXU`B&3@}+xutc$ z#wkqH@2Pgf%CMAeKDT)HKY=vF(&(&+jWJE>X*C+(Qxx!@&Gbi@dJne71RLL``f#f^ z0HuL9F;=&Rhb{8rIIzX$D^Gv&*q3?YZvJTa*EBAsT#aA_KJ0o0YOTd;BEe2-kKuD| z`?icge~l*}6~Q^Kq(RxMd*fc>>r2bARHw+;Z^Q}REC4EmA_%nx(6sRKnb0m^suZx^ z$~I3Ai~iI6TkZPG?mB9!p6Q8S!buLw?vKVgK%9k|HwY5XDi$F6`hppb7-BMHWDlwR zo#!1S$j*PCkRpn8R4^F_Sy_R~gPndoCjh)p=h+KS;Qv0rmDelKtXI%upq~yyzhV{5wGXDWI3u(&R8%y?o9Cv+MZY&7EDaz*4L-d>a|Z@ZTAALN%EF=zg%YKAJw= z8?up=_OY!xRf;gHpT8sIUl%cVGcwBUJG6v+cYd$eVSO6u{p&>o-yB3nY$+WyN5GB! zvwjcgmWASX1hC05{(jF)~k28QYzSpLgGd(gdPC|3#7 z5eoPoLlXI)ewqI(`(?md{ZE_JxxPX>@Ba^NQvb8;|0msX!&v>~mSHd2=pF9OaA+AH zmnsb)1ia!Rqv)=gWG0~SOQ&je3&fACUy>o_amXpD*>~B`lPnMaI1wDPZIP&?`0VSB z?SF4#m|y^QoUe_+5ZKxVe0M&VTyqYNVWSi79?hnz3*`ci@9a^r`00uE9D?NAO`qm* zaTCCe7e~BqNvbe4zFinWw*4Ya9~}L`tlHn_(!^EpiUxTyD&R;IUtCJZ4_II=?hu*$ zd+0toAkNJdfhG}+yPFPfp=f3xeZcqkUirJ(Qs3CeFCFwvJxTiO`~w*#kk)^=kFS3S z0$Ns|{nL9hOkL+L{e4Wnk^v%;U%LxkNxMt(=fVpI6b$|Jaj2Z^>4g^^JrR+*Tk}yr zB5*8tMeWb82?R%yILP0Sx!P$$g&_*E-MN&(nYhWF)q%N6D8l?p2>;eDTEWE+HQN|T z(`tF{%M2Qo1_4*DScVZq%hAa`_&xa~3GqdCD4D_El76X^_o3}jVKBJCb@;tMA*wKQ z`bZxTx#A}>tU|2eyT0APCe+P4+l41oHw9ALMws7gG}z05+Eu^3^|y^$K23=3QIQ9k841Y zJK=L_cco$3a=rY28^3(Spqi3+uoE=cK-?=~A6tsO*vz*h;eqIjk?J@^tIV09zps~v zo#x%nWkLy}hUpUKub>@l;(?FM=En2^bHK}?tqZS_A3j&+zZ}Bmgc5b(tkAO6||LAy9*4>d;qv^)HbO zVu0{4n4o6v+`$tE1w%4rON#seZzuifj@9LEtNmZ{K2BB9H(l7n zXL7aBLSM~kjvpU(q_IEuUTbopST$BaU<~xF+z&g>-}<`RJsuGj7OA%dLRTwO(vkNy ziWoe@MNMXU3SqyyI}s^U-<|oLki^e0e7x}h%-`P+2Ex}F_@dPHwPRzwZ?GDH+JJLO z-hv38zNCn9VOwD-_h*A7QK3QDaaC$+DsM^NvEphb00{q7C#(y4r$$ooxWCst6kZiW zS%FRAytyZJiNM6|?u;V(kyS#&!F96OP)&KN^SHdZaKoX^0 zuOz_xC>IK@k)W?m$a-b}`Uq3E7^@gOtODs-UQ4#%!x!Qj#U}aYY;0i)(E&*%iP~>l zSd!AyHH-RsUnORrF3?W}8WsV~Cx(V}{NHGsWY$B51Z28ZNa^zx((R>{f{{o%z?~ip z`1b*?SoVI$)&+J}wEW@Sxxf14&Kf)VmC#q0ePHU~%1}QTE8HrCo^_yU<1jGqNgFmZ zYj(PanS5)|+l=Sw*@wL|fK$XeUreEI`$Q53U){Ab5_d<~H=EMx2owd!EM1!K<>*sI zn7#=E7tX$5BPd*eKPw&d&pqG6m~b%plBx>f?-*lhaG13kAZODmG7sht=x?r|&oKJ7 zQK$^lHE~V$31j5A|E2Op2C-A*476BMc&f1Q$YWTz)d`OX2h3K`NVdar*{C>cJ|sBU zpom)YemL1PjbXe&*j(y-a{igo^R|F8LEL2aiAm5KHBFMfsmaLr%SY#nCv&z&_{t5C zXck_HoP~6j(@{2C#)Usxlb!Wba=Cue(a>3#A5qCsR8m0cK|mI&p%-6+J6!3#LX{ zAz*A;%yAND>pwq(ysN>+I+nGGXUD3j%K(^;=Apvqsg$NoquK)c7%QWeYhP7>kzmG{ zPWmx3v2*iCprsLgG|_I>vAf7Zi}Z;`pE`y9Xtjpp_9`vb+|$E+WX8Gm|qYR-DfppU|EU52YU*93&wp zmwNL9|2$q>gCKuaES3ep{y2l0ANMS0@M?Vr&o4FcCwUJVz7Hj3AWyRt3A%3zJ3de+ zlLQb4B%w<0G@VyK3J#=ut$t!vRP(0(>f4yknBI(k_Q~R8v1UI=bP*aGi7x*$?0G1Uw#?LFcZLO^dEybfR`W~P==n)IXnc?YX>XpJ zFnRe)YU*sK_2bj=`CvoY#H&HXYhwZ>ppFsA>lWgGg^R3wFdq8MeyoKoEhZIy4eKF(J*PRvCmj@0Z zpl|7s@AM6-^H$@_;LsV7dEqpfDUVV zVjZ<_{l^#@0x4)p`IjjWwHqfEBPd7<%>)ccrMMk&v3|PJ!y5GIZPdLg-B{i&4f*hi zt?N!M$JLt>K+(ZHa8=UxZ1sbd1n&-Ds>{g8%mlomoN3=b{l7nd04?~%BC?z!qHxdx zn68#Fwe_B{@x?T#hz{d@H3S0}d?1_xIVRv z`>`fZZ>$(HzoA{gq!j0}ijx+uUPM%;Z+Y$C+c1W44GoK$m~jX~L_Er(&{*%>>2eS3 zOs^G3Jxh!x56V%y9a{*y3LnT`Kmf2@10k6=o4wmf zi3Q>?@+-|mq%)12q5s@Q<(qVL`TxWRweG}zx)Ak{2H3-EuHyxjTlm5Ab&VO1nu{JYrhM3IHIGOE>r zuiJS>-dnBJ?L1_bTNe-vL?Pg?sj&f9V-(813*(j~x^1klfm6E355Q_c(TW16H6ti; z!PEu|Kap5*n;1~#7TQcoGBYuKaEm+8q+?;2(}S+YptzW`Kjrwb?u1KPFx?F~3+ z&r&(iEnG{f-glRbzTz_LRo!H8uxvTh<)vF<9$3LULq4qb1?%_t%`qQ9XmPjZZO}jb zCv!dwHQo4Zi!@Fkr`*PHgsM1TK=HM+%GgyjaB3qjzM|021g+L99>-e#Ti*vkp^FIt z_4jCKG~D2l_lz#dsGDk&OcJbQIFYV6`$Vjk|z ztQYjl*e*^tM2){catNnmq;EWS+YXP4vap?$Sd}r+@Qrc$?HMwh6l>oo8;aNSkBpI8 zAws+Ge$}2)I9`2Lxpe`uZTac3VjVp}EpiQ+J89frYy6?{BzU9UhnL0eKPY#TlN*S-W6A)!yL>&;zn)KZv6r)X zZDgO1h%E=(`VEN>{?aeTEl-(A8C?yy{b(h4GiE!sesjsn&U9-jB<0F*Q)l4Zy{n^> z0X9FbZ;ySN5ajU))}pv;Y}XkWJYzD{Q>M&RF#ow?Z1A06@X@+lx2oHoNxS{7xz2zZ zFQ|6S+?cSAhwFq(GaDeQ#!mlr>5u*>=DsT@Kb3<7N^JYpYWHPyq_5C!`mjvkmJ>R z@`9pA`C`#_2OlPwq3G`$zJ#HhvD-s(+WlF*gNjF$EadnL#w@>9ix0_gdhl=YH_XyhspowrE9W-KAHrCH>O$7`oT2 z>BhD1>F@jl$%i&2zsN=`*kWc&nltzhI(ttQ`Nc!)+ntR*d5pK_F}7Q!Hs#N*+ibg7 zN`Lw?H+&v&d7g+vwfQ2SMFwsTHrv{2^ z4_eoz|6oYV0lB?VRGC?+NEld~5e5zf*^^JfPKeaF5N zzOuPowOAiH6y6u1;L*{(1EX1fS9M-RaXICGP-|N%1p`gvj0MwAgEq?~E?=<*j#=?Sz%y3>hco`ehGefquOA zpHbOY%OmEtzCdl;$*^vPoSK$%B0Z>>o6_DX*5YTIyj;3BR!VpGKaTVBO9qRxNsH|> z_w1c^=1t{J`!gx+IPUU~FE}geaKoUB?vLH#?-I{X1uVEl(sPo356_tNdc=PJp*y_H zDV?9^&S1~7e}jrU*=Ij${s>O!1fLazWXrw{gw821$je>`GJaEoWq}KWc)EhNubgaI zoSl!Vs5K;#-tNnNzBRgIpO}zYOZ9E1o6V@U@{IKN4?GVEBS%LjFBp{_8cyx|dk zypp1^VrM&V-Plj%(zLcYZ>;xkmqRholG6T>#K(OB)kV``mgbI2)fpAw_n|nnL1rk( zVD^1@KI^B7sRUDiDH;U|XB~d3e@G^KeoKasMW##cOu|!79;Wi?ffCPttEtmsPg*q~vuQw$DKU<;$@^)08(P)y1~u5y-c`SaR4Tq37Nt|e%5 z^_SR_*W7>2s_h?X+}py!I@9VoU{^Qdqe%JPGo7(E*)CFsa`VI-L+tJ)+0N5uSMsJ+ z?}kQOzxvR*v0TJVcZvbhNUstrudc7zF-ZgaYw>oE<#^M^^5g|3>e6?JzrE{Z^P;`o z%rb+SRK+AyJ#Te!mS3V_K_Hn&SF|a${Dg!MW1jpWD9isJu-Qbn|6pb1!}Ls@ z=F(I|i^DM$=sjEPHXV|-mP|@L!g|Z>MZfKwWP;K4ftBxHGaahxw68}*`WN(S(8G?xGGpnQL!VlFiw84(=6~DV|~C;=`OBcVcsfg@kzR&S`=0d z>X}l58xM+8G)lJ3SO-oyRP`LIi!0?FkL|MTrR&<>G+){TqinMyxfxl`#v&!7!>!v( z=Q#RWyMcDTvm*#vO)&VEx=Rf5EU4@GbIxs)k`PieM*8G-!i4V3i_loRSLYck!{2H- ztckB1EI!6Ll7a|P9rv!W4$Vcf3+!wmmHGF1T^_hiwI=!M>+6ScW(b@;`82=CVekya zfz|ky4#%QQp`Tn~KN)comBCf+v|gdjU^x&HcT9ziI?DmOg2sW&Y(2zTD{{`l8}BpI^vEK#+hGHA#AGoBdsNis*V^P}KO& zCr$)Zmj>&oln*{bo~<{PKtkmA@o^~|8yoYZWSC0W7ms@%`pfMkP_LKlRsb6WpjtBS z+^c!Ki%XTF0236&#)sr>vo+wsu5B39#cXFL88yW)mP<)Uyz1^&VaZTy{ENK(cU5D6 z7X#cxafn2OuUdc6TmLr0{5y`Gr{a2pq=M+~mTzDUf1-D)b%z8a^g{yZgd(NR)as2~ zBC*L4o$iA-EsupP9qZ9Ok_tP!oYSPFH7SnLV@W67f_-XD`eHo|q~-S>v0DWmaniiQ zrr%>b@lhx%z?696W&li==}9Z5^30#ut=tEhBN}YDCauuh=i|7OwDS~55K;EC=ca0A zrn~u*hSBdx3sre8R-sFV?NcsZvzvL*gjW8~pI=r#Uhr3R37Iui=EP9vn=Tes0!T~f zYH7v1*tW}c-raQ0CGK_VoJ86}nz@jiDl>{LWO%!%`m9TD2XDD%Q&}s9?=<>txXmH@ z)Hg9mK=3psOMm(9@@f;Z2Kt{yoE_%?Ce1K1<7G30ZT%(W-UHV!CMO+-yrhD%I6& zU&Nu>0$y234Gk*jCVd%LbQsMkLxHNm$tha!swpM#4~)fX(`(S(`yxkj%NZKKa2wCj z>;bXUsg!SQe0x7!kg4AFV5;TKQ`pSN^pj2kXKhzWC$vR>VChaC?4>(`M^*Q!6RY!z z@QmpbKrIRIcMD_i4M~58SJ%lYj$|KT3M6|YS^DYS^}26n0Lb(DL+Rqq22k!sxpm~z z?^TudE*F4I3E^hVe!J{sNuQmZu@m-D<@&mXH?T9?kcD_ogrw2C3+dylbSNL2?-B7{ zp3qv&=%VLLlJ0D*9Bp4_@z}6)~6m{(C&rPpyiJWwD0Ry0_0L zs^rGr;6oB;?WBli>P#KcFQescMfa_G_SwzE*{zaxD5v~$Af7Nv#o7rcycnIa?E3_U zsso3NSc5IUHW{Jf>5YN_f)HBxRn(7(6He1@7a4_RrMI@ViRKYbhaUS->eC+lDgR&- zA(JQXQH5vy#9h%#5%ObBWS!mwl==gOc8e?QO9s=$!Op?W#90zBkVVsq&@@=CJfQ<$kRnTnx<}lGKmoZ1|*l2IO=6!+EHP zV?hzS$@LqMU@oLSq0pOB`Yej-tZpJ9uW2nNK-eE*CJ{WeZ;a5Q<0&!s2vuIss7FO6JWzIMZHK^1vdL@ywYsfgvGEOvQRL zag;`}mk-N99lPv`{Zy|YXe_opT6Umq^LX?to%ed<=h|1aRX7_x;=7M9gpj@-c%PZJ|3QaZ*d2Q zohyKE_9OfcM*ecN?(XVGQ&lj8`$WPTVYqzVYocz#p9q&gc@ox&2>R-+lm`~E zEWFfhiFf)OY=s^{#p@wn8muQ!N4BsNEauz@y-4JJSnk9|8XY7uimxnVDFJgvXM1}X zQ5}CZf;=;+yD-yf89ZisMRKr^PE}L>e6V6iPV~$5EEW`B$aG3`6Ac@5kPKj(Bqy5` zB_7LE4`sR{)@$@u;%RP8D|1#(wybaH9=}Es;5M3|&?8cwsO_JGX~)xNue2>6wn$`@ z!SULjcy{*64WSBDNeYoP`eQLFldH0|Hs$kYVG;{ciw{9|Ug`$-hRI+!;9?bnfr5e( z(2bKq9*Mq#yKm?#@;Wyogk&BB0YAO8UX-{RgHxiSLUFd-^H7i@272z>3a8%G$Inv8 z8CxZ(LNpcEWMgocv=V4ZL&)WltG$>tf~SD1Dpz*p`%{_jMJm(|W$Ls@C`z!3jf> z;=VDgK~e=Z*`&~&a97c0ypPMu=)&5f+FHJ-k{w>zsyAkcd(5G%X= zc*VtTFHbOw{i#?G$$%*9OfOof<2pROJ*a+y5-*NbUEd>$Fo# zXG<~-%5DrGt-$%pajsQC_Rq$)kKUMBTPb6as0x16g+qVX0rZ&xtm;L_UIMhx_NBV% z7wLj0O^uBEe`4V)r-j~f4W|sWrpmf?ZmMSwepcc;LISa~b=^k)ALfHab{BdNI!Ks7 zmOqy)uCTVVZS+^8;$6kMO~Lx0EgDPu`bIN0ChAKRsmviD# zr``vv#-2xRF$AVRZ5M!kBH{(iQ&O>I*lb@}H~GZUlWS^ubF(K-t}v=|Ox}1P`^L?o zy1L);@;jOS4o(Pf(kY}kt3jJF+4OR8<#9)5dd3C1QCVrpkUK@$fsN)A;@@40445_Y|`g$v~QFev4e@_fM%O3sj-XCGaY%0FkMDz(I_Vuum_UzWpAipcw zVt>tnAdi>@VN#UlIVXV2-5YH;9zJvBP*6dm{X*OrJwzr5p_j`>=k~v$`EMf7{3iR* z{Mg96<-E#~q6Cvw=H2c1XUOLfzaD0z)Wd3$I#0mSz{6ad&NB=|_aBmuU=xeGnLnMw07!}6K z6aGz!@GJuMx_zG#;W!kvs%H0<;cwx_mV$i=L*`iBk061p%72g&+=hVEhhm?UzytXx zHGCAg?f!p+0Puh;3xQ1E2Wj#B4>kxBSnJ#SY!EaV$VZV5hnHmNrh{I9KM!*O5r8Ym zb^k{I{!PvB|2YBppG^lP|NpmB|391le{<8X(qtHXJ=;@kYk9`cpeM54&HjG4;`jvT z%vP?Bw6{2ubuV%Bz((v@3!!}Y!tihQksFwrUMt(JISMLw zXV>=GN0hWhiK3PNc87%O!SAY)`7jCXW0gfh2IveG7t)0eqrdx&Xyn7es4O8y#p;<* zoT5rfsf~okUVh@xNd4_O+&%px56`zlx&HLu=KnXx2gWG4HsZKJ+Fn)DDDmK@jsG%q zL5LN`zJ)Y%3ejK=A-B?t`TG+XSajf5U?DDuE>(^pj#k7e1-zLA@ z70mc%gE0bR@m}GZXODElwUS#?Dr5iIBVUQY5ELu#v5$-%#q;rDcr^M@wahWpthZGC z%0fRqZXgY}!fS@~IC%~jj!oIfNisI1HtxwUO=M)^{V((*&wx5Z>HI$Z2+`y6m|`r| zkSs}8?V_qD%AYhS^r-heMur@dw>V43*Z%!>myyPUB?f(%RU`7nLUmcb1`oA*`eone zX;<_Yf<)6I#@0e(&y1J}+P@c9h$aM9PVa--GASnZh_FseEalk5*o;A6T1f}REl<8F z8?()~tp&29CM8dw9z>8ieRAy9f5-F|H zO)f`dX!~%p_XlZ%wp1zx08@}<_rn=!p8I#c2Pugw4+#3~I$ zJDCwRAL$cZ*A?wH(o*aYy+(qb_&ImA8)6LCe+|{?0Wd#`u}RTz<<2I$3T)V6&Lqjh0!hNW~b$#!Bl>vVQ0YgcXom8-_J`U zgPng~1w66=I5Q7@+q5dNR~LrPeYF2chn;d-<>NzNXRb9KROFA+&ByakrHjT1%#D4; zh@J%r2@4A+YE}I;-!KA>ElLib(!XMnAmw=a$j8q=`QN5bqzA^jX&cpH_+Lv2kLq2K zS4S8~=$OAz0t1QY-wY%_k=Fimb}wdb-&YyKO%d1y-sUa_|DsQ_F*!GFuFPc^Xs~5Y zOUAbG_w3ELN@5bEI=f94;bzh?*B2cuvqv|=8Zoy~<+5p4TkJhqrW@y9cB zSk~?|ZH=`-o??KF3w-<-i{$Ru*aV46mEG8=sZ|vN1BY7`&c~VRE7znZRZ4IEqy4)2 z=$n=d76#s)C(6vs%z;~FZfgXY8s+6ge`JpZ;i7iBs#KmeB2|HguC|_!w(r{C-xe`R zddHvJv_BC*^8j;u$#v6@I`DQ;E^c~jYwLOF*8gmh(mYiESLpK-NJvQ8gI{D>J1A)* zskC5a$}1K@x#qo)%5*1p-!aq9lqt=ZV?A=u4%tiH-5-JP z-LL*g++X7e>$c#cmzP&2Cy#RAsZ)u%72baHoO|Q$MDJtDd+lcGm4vrr$#YCPIM5b$ z((y(p-Ic+{wm+iv5dnIx>+l^dHFY0Tb;&{TC@b7iNW9^RV=bWPjqr%j0OQS-nt>Aa z)zBd5_w`mqx=y*vThD3yxyn5F>o%5i)clK!eaE=VrKAD7!p5v>5`hRHIs;X_2OZ{; zw*vskUmTL+bx~fV;YtpFbuF?&s8prbF;d)AirHD}vRS|TlBwKhDFGRB7ZSQDq1tvHM5s4LAXdR=@_7y)Wqo0rd4-v_J zY-JS%IlECQ;irf^t78jbDt#(-QOL8L-{0hu;f^uYv*i8vKM1dFouSb3LDBke2*?Qz?V2jDF8ZQ5)D;O>HrRVFnu+ zNw9Sc0$!N7o9@afn z1u6uu?*~@PwF6~M;{zYRUHQ&<7waL83We4>j>;32dMWs48YlRdmaKOOdfr~xSUv@R zkV}7sziFiGK1QkK7{*;rS7|exc&{3Q*yHeS;z1sAhg;=`1oZl<{R7PW04Ou8nDSHw zfu(i^-1OGGg)s%R5}P_>%Y?QwEx-M2&~=xKgda)(i|6j-=yV5qtfc0(!Az&QjYgh@ zO^axWh|{}?@%vYQJ-jQs%sw2d>13?3?cXWFz`(G$vw25fle$WGMSqGUJhS*GHbDo&9fYxVc`}l!@1rZoBL>y zvF>~R0l?Vs2+g;?y*Ack#8h3hP)x6?8lHRi(XVT}m$$>0d(k)YfKH$(GR|cA{cW4& z7R{2Tm4fdI%%F_s2X2MHF|RF{SjF3j2H@3-PkAofEtlp~d4`UocUzq9Z@f6OSV?kE z#v$xBlL!t0)rHrLC0g-HANfk}7qnX3hc%9OwEk0;+#5?&#~$6!$;d5%EEZ_XVY(mcpGoNxODkioInj1P=4-O(mJoE$=us z7Fs;Iq>L|*$9aVdVfI32*OJrDzJUWs#(}x47L9&t)(uH7Ow3m=}d)77J8-Kej^qbu4;`M z1@SN#{ql1BT1`z&rsI;Kqg(B1$Ayv_4!z2f)*o@6#bx7`DS$bgsaJI_(_%o4H{bdm zZ=tF3(%B|ORref&Ix^L4hmWVpNhQDfQKRy=R{Jc!2rCy(g>|KD~CB^#f z%eX9@Gqz@?(Xw|yIyq69wb~|`hO&Oe*Np=wRmfRYF5o`LZJq1B$3Rd2rhbmED=RB& z%wKRfC~)M|RQuHNvK+Mnn}k*em47ksTrb+;AX z$x)a2Pv*+bdEz_}r)mN2i?QI=xEn`CHl5-%PBbxCzb}s0g+m<9(P_k;4VbaPHHjl{DK{i-9 za)QgNbA3$4#>R`?Z~PJD*pepG`^)8?^kZv7ZalirV(xXkm8Eq26(3+A{BCz=&DPOy zR%Pid0rxWRz{orGZ2?{Hg)=HuRaG1g)tZZ4+LU8GKSz_aN}NbHG_LCut_>1%tVLSZ z_OA^eyTc-Y_K5VG8J%ilU}lyy=}I%l3IRqO;TYFxNl6%#TR09qXDsa3=z+Yb5MkLU zSMlB?)jojH(a2Tw#Xa;jSQf-fHL>F{99!Fu?OdaUv=IkPF)i zDe!KZ%>N=5=P38N=`e=L|KSdP%ejYI+i5eFO6vmrt{TA&PLC-G_`C_IS;WseCbFtz z2zmG0K6- zPMi_wPML1axVIF-HXdhLQk!1hYMX$7SDz8INa01-4JlsNX(bgp=lUx^fM54o}nV@IUJaNI6@RJjQ@H6w0_1U9q_N~`q6fh5)$v5 zWx3Y@1Ybty>aRxrdMU1J**kEbz?sdp(7KEKKkPmW?){H%YDeByc@?+r4(k)L70mNSI7NMz>ti~V;&~nHmlsBbi zAS%6Bctgw8(Q9XVfv4#gFhv<|q~sPRH^e5DVa#-NX>rE%T59&Z{gi;CM)7JoSAK}p zMo~`R!U{opL)SHZJMc|C_Oi7!ek9NCx|7!YsP)vhf41Ugv=&4nclA?B?T6{bCj?H% z?cqol=V`lDyfox)iF{d(7R^#d-IMTxn) zs$`;e8~*7FVD<~uOxq`03`x7JzfzND6zvETUu!a*?Y2gUup-Qz;x#6;t>ST$(n>d2 zmcq)`hHPfc4Y@leZ~HrHr_weROhmJXYS}#3ux%)-Zvs4{Pwkb;T4@_?NA$_HkH`pgA0VLGVZw_3-vAjz?P7%)Hj(L_cbr zcl1N3#B91=(PBofV5?Mk53=PE{Br@Aiqbj0eXwv(Lcc3rAE#8!buIvkEwvCgd zK>E2d>zii&Dc#+9q?+Rt%sXK+`lU?&bJl1BuTJlpuG6#KTY@!bjG``1tnzh5y;kf< zYTD*-D`nNlmsdi!q?bh~D#ZexP`P*ow1@R)L|PVf07`Mh*nH}i zV1|UVtM*fPv;!C4YbPxY6pk-w5oB;ZXfb~XKFOsC&XTQG-_~NsCHH|;IrkNy9f?Tw zmW|*FIXm!3BJxV=*au)w8gGcGnQVC@6FD}Nj&6G3^~yrFJ=K1UeZZt=q4!ANl8n1u zEi;Gyk7&|)w1vCfm|%J!*;A?!f{bi!r%PLa7ydoyj+4YYdcK;s4Uyk-x)^KnKQ@J> zIyg=BXvaD)K6n1rBF>m$>ej8xVb7qcZb{9UYTM7Cf`N&SXN2PY`Yo?tDSkyx&>7 z^H{9Zair*sSq+z@dtpENZO3PvNf-r8AN$s(=^SBga%mFe`Q$9g-khZCm!_6%Ru?r< z%rro^T3vB6JS$|m&i0m{2EUpA=k{Px1zbUgRl3XjBxHZT`lMW7PT^+~6{v;a!a9zznf`x+0VH z^qgaRR9n)7S8y3u_Owe2wDsI!vTZIk!XG8M7ZcQUeX|}=2b&hB-L_Y3fMTbbA#~Y# zIhO4~BLZ*Tm`;3cZx|Da4-$~dH5*i}FA#meK(*3_3=9Xax^1q`C7|qkbInZ&HP){A zvIq(enGy5v{2F~}kO46HO^G+!z*7$FJ4S$~^0a8aRDGF>egJP`!SwM)9F7X`nsK8l zm(lKkA{l~tn8w+EC8n3MWUqJa>0(o30tI1W!<`H&<`~WT-Td-$cB> zLZMN*I(>6TUnEWqR-|KORQDiUg6i+_jFH0PkG%O3I4S{n9}|eR9FuumHXfW=`hKSs z{F?#*NlY~GCCjwwU|9zz8BD7t$5f7TLr59Oh06km`?qH~VlZ?Dg9F35%r<3>0e z>E#3ShU~($o8~>Gb&b|{{z$_Za7`JsaE28=oPskWfDVg+mgx0Uaay1aIiJSonf57J z6i?5-vUdp;5JXV6`Wwh5*Dw}5~ zD6Td~Jz5zCb_=FhSCd>vF+KeFwDHzUvkg32p)X#X;M{5w+|@YixO{o4XUWX=LTT^T z&#&h)o!1w}XP#;t$3}tlrJP^cC#hP( z*Y|{+BA?3cuF)CiiReL6(Rgf?!Va_6#4aTA6g?^0B`p%kR)Y7@zq?;lrt~_{8<#c~4l+lGhUKgIWj4qPL@(N~TT6UYr`q!6~=K?Th05bE{ z=Db@u6-PR4{6qxz4C>78Y}PoDMahF4oph~<>IR;H(^mW+Mt3hIc;+H~2Xb3@g(U<hvG(P zZGZm&D1J_o+?z|S<+3MpyW|-`^WB2BKio&oc|%j%g(l{8A*rp!k`L zv?&OuX_p%!f?e&J+rA9B?Xp4s?CsqBreF#G$Td|+Y#WqZW;?WR9}%Pwbg=KJD-z05 z=<%`@`-}#1a>02>J83DpkicV1eS7e%7 zy}%e5g0^}A?(99O8{&uS_Z3%xGCb;_7XY&TY3Cn2`<*Y#zXQ3gXgj0!gWC#Sf<^sw z!P-9+{-3*#MY<296!h5daP$0-@7kmU49uZ>BoGO`p^6?q%+3y1Dk2FSjUmj_M05yLw4>{3-3MAClH0BZz`|lf_d+$ zmAwalbiaoz%pE+wL(GiB1Ra!ykYy>4h8xYN@V_~P1UhgR%pjeb865cqS(~qLY2LS| z9~|}*9cCb*0pkdABYq?utZFaz@*wQShAIZ>i&JaeAiD-Ao|lOF^8-)BMuvIvkSF=u zLE4d6=khV+M!#K?7Zk{|A*%)SBtRs~F#i#mbyKpS5P?5Z!KKH-6q^5JIjxb^Lg7-= zmFp2A3qOw}_>2b5{6Ue0omRRe)qf9}o=@%PLUPJi;nH=Nlj7(P_S1b7SuN#LeEN^v zbIN{UI0>KnwfAqg;c`B7*JTe8$_bG90`) zd>%L!cE?0oZ%*X=p7E zHeET(;8xb@v|VAJE6&WDYvw2MxM)*L&-3u!QHY3PkPQEdvvPuG&zw9#N??DJg8W2q zu@^}FKK&HsC}-)3ruXVOC#BnXw?{jJp7rIEcBjDB5obwb$N2M|7Q~(W4hUbgP#j>m zrzF43-vj&D6VW}40o1}bYjKuxmW@q*=3n;$Ph0L>rh6k>DyVm6V_2ec37;}mQ035S`?Po@)Z40ABHan4sKWBt<6P0iau=_t~|8_4b>sU-`e;AKhAct1H>Yh$<2X4md_C_Lb?S$ zHJzmM>NsugDICwLJ?MQRkl`CN)`ta&eQFxA!I}y}p7L7lUm2&I#ug=vruogDSizwXjXyP?n)^dHOphvD=QpYu0o~>6pq+W7#54rH+y|u}+Tw?|pzK89~6e((3BI9ju;*37A|(U;n46 zM6erpKuu_r6O@+GioU-ju#|LTNb&9`s=@g){OZS3!}hop`jG~_FUg#T$j~&Pa8tfT z<=2UMygI^4j5|hTf9;6$5tbqJR)NZf=;y^XY`Skm_LNM=WNF=nG{Cc}vU5Chh+!+w z246S%`7?tQYZzN)9ba5(c$!(){wohW%u4W;u;06;o2S{~2_-EUY+%I2#f8iz6NJ_& z(*Z1QnlEAOp#IU`u+(3Dtov_h1-R8AOC}>5XT3;tNXMPeuP-f}>}y=pNRe04HumH$ z^m`RVM*d{rq2kHXoiCI&Qw*UJy0-&lBCp6^ESu$6ss_SU10=JQAnN-)VX!0#rsM{d z6<19Kcek>fe^!wP21c*|kaz3aVqKE!_J*RJr#4c(Wd$M6j0(d!T<0*beLg*{RhC~X z{&jS8KRGm(;n}Sy>N$~oa2&ZRS%05YspyjckRY=o#G@z#uPCW(n{jvH-0mfRWSTZJ zE6bp^xlA0RLW0a3{b2`u$h!XyseicSrDhN?nR@tC6t^kNdFZqD5HQ zhvPI?mBCCE0uJ#zXHZJWfmc3nwf@q&(dA_J2q%s(-RFi@Pb2Dl9 zZ>9HSRRyuy%z&m`2u@@TA*&mPD9LZahUxWPi36Vnd*Ow!_k zp2XZygkJ%roW@1l2`L|1eDaGy_1*-sVI7dVUoaJhIZfJuK$SOQ1SC!kVV6bJ@+{cI z&$&Fv7#O(@2dkU|>_^@GKgj4rOK?ywYk&SlDFn(?YIbu)5-gH}#D$opbYWP7-c=S! zem!{!b1$bQ7}yvKU0+J-;+?2&H*Wh5RKB5Ns;UNBBqr|MmV*K$K6CvAcc%6AA%+-Y zg^GLp!U=3#t!n=_Z+fNJ3c|0maRxJt44p^ZNW; z^`}6UBGKl#Cr+aXdpi=jlsGyD28T17cBTcx(?oJ+K z2`I#=V0H$by#DITv2(0UF%CL?_h9fz;Kw&lnO0U<2aVFo zt7(OpA-Er})CWBt(heD+u4CbD$3Uf4tR#SIrL0gw80gfU6WIU#g^oq~>NU>m>o@(T z`&A>Zn6m)Icp$KSq<`iYQT5=448_vQXDF~s>FFhG<(h>T@9t~@xXA7}GX0qVjytKW zOYfmS8pQ@WY<43*(>~yMhRm~-HT!Xal#vEOvC7NLOIKTL(^L4e2eg@noM+eyemusP z$>%btJzX&3gDTE5wgTw3i_EO7K`;no+hm?MXhP_4a@n-dX=a=G4nlrnSQQ-O*|GT< zKS{IbA@SuA24n^7V9Ar;d__8|KyAYxoDn@}?{d%PK>)Ci{%~Sc(p`P35XQ;Gh1V5Pzbr2(|B-nRqImv1K$LTTQU+78Ck}?$V*{?GjN&rK)w8l(uis>>NxY^ zWu%8U*c0zpgl4)8t;T(cdZnZt7#YRPEZY>ASbxvc$$Q_)_>36izc|u79N-T=Yj|J3 z{Yp8WA#j4B0G;G8gT*}fGcxGAp>)kWH=S3}$t@cxbIBB!XXg#GgA$#dO1Iw71g})_ z1YYYN``i`SZ@nyw%QUE#<>C_-YIyLr>X*o<$k#SZ8K%ZS5 zaKMzcXPdWu32;f;4^cbFt0DJbH`68UsuhEqzAWAl!CeO_xqneER3<|NkfL<4aWfS& zB<(W`NbS~^b4^`S=s=OZG{`E$Wm?)s@unZhE$wk9S=1p>UW_g-dDPIOT)2@e_L2gS z80i4oGRkc%jrr64Lq7)(-ckln9M7Tg6Er1p(1z?(8A72xFf2%4$uM|!h&@3tpU5iT zU9PPP#nanc2g4(My=Pz2%4=e7%Rk-eNpowQNk%U(FXN%pua=h-)(RXNr^;M-XtOT% zv`6VEz$f)en$R_lOZpVT^j!ga+x{YU)P*?RnIcZ|x|l62^+IK|Sh9wzq0wG6u0<9C8k4V185hX zTDp%-dNlKP;X7Y7`e4=_XzDBS+WU-+uD@R{%t#%-DJ*n^Wjh`duG(C?RFP%(szW*8 z)%fAGfRGt-s2^^Rl&;0RsA9|=@Oc`YpYH5TUfd&R)`^zK7txL7ZaN<$1iYLWu_rI2dn(^_SgKgUPh1NEW@foKILC@>?fFST2cT0 zrl8L3OxMu?eu>DpzkA~n-I-Dr2h^%-(Gqw|hi^-hi=4(H*R<&p%U5H`9-Q4_3`XR~uhYfZLkxo)D>0iVP&)C8E{7Pne14)Occ(c7lw@QCa zom4H*jbylHHjwBM)sdRoE_o~K`}Q9e@;&i?_72T|$ zB*wZMc5Mt*Jug`)+&TZJw~$9@RmaISn3aF0X{dgp#);c< zkG}`{Muf}33}AkIdFf(pEzRHC8Akz^=_nt)jqD~KW)tQ-wVGjg>Ju~iY~gVGL+2B@ z2`juxl|s%W3i{1U+>KU(y_Koe^zpRmv(vwWGT?fdy8h^C(#x~0?_;={l1+^%i~oXw z_i%s|hEJXk2T(UYGsYb1P^Qpv#9~v@RaNe^4E_FWCu4IFTb0SqMAyD88)@kKEhR$r z$XzvRCNIHVp$oA?ImSBVWX_1))z^tX5@nz#GkB0W>-mP zU4EL8KL5yTy%KDs5gOYQeq@mTw*KH>iEMlLinX!=4)`G-&l63rmKXSD8Z7x;`y4+% ztk_dC9Bg#cjNwFjuE61dHVx4beCK!1BO&?m3HOJPuNJw-uY3QfpBIL&qDp*6&>vt7 z?0#rZ9`oblgf2y^ICrLJcoRCS^2!#xR=;jfweoY4i*KVn6$zp+&@8lnwQ!fegqv8T z@ZA%`@OY1ZQx8Q$t2AlwU}Si1Ox#-G9T{Su{~RQtKf{6DtVGX$)V3K2r!@PByOTzc z+aIPVK^*`-FYCLz2(OJh3Y!k9Oy#+=-SjX^5xM)_YOVGiF=hzLHS)5=p_qGIMG~DA z2^{C)@!z_W4hJttxSX^kOhs+g`a+3EUSQk@+0L3xuz#=5{@w_r!r zKEq>@Y9^Umh0~VC9r>kP#wzcG@A0}Vyt0dY7!i9*f{3@+fZjMpQQ5~wTE8MhGhujS zXL}Ppd;V#@vScMPGx%GMFCzJ0-4=vLvztlB-eHWrvNiUe^e|?4GFD2+%Ngm|JN~c8 z1$R^*&NlKiC7x%hC73wJltrEvQia+LY%9tQsZckpNhav4l}RKu&8v=`$%}|BirXA! zENPy7>$`>3+I==-zOlPpB@4Z2&mYV*YiRxY#l+0qV+o|2#|)|?wON<> z3t@`lySC9ewuMGDR$jNcOKX6H7;$8k$D$!s;mLnaRTz907nE|n5wI+{2HcK4e5yab;4%^sP%K z1&5#Z+xH)}_QiE*sNHdzr7agL8?aLYM9=M;DTU}OCg__rr0M{p_f=E={%F9@MDP^x*y5kiJ4^fJGJ0)Y!?j~sLJ(J zEaPUR#EO&}l@aTyF392^97=amcub`|8bd2DjA6yuU|t1GrL2@fj=9L8S`3)^t{dDE zUJCx)DN9-1g|GBH=A|Np3sm+Fw#I#1G>%iFj+snlaSB(JbW}Ohokducq}1-!s~-e8 zm?*@Mw2uwI+UH?CQU0jfD{)k1?4-3a!FKPr<%JMw8-)aLV`E zYonW+`TI^xYO_{3JobU^`cuv(LL)DtR?zB7qEqEcK+lcU6s{8Wl$81QAd*ks`-Tb% zG;k`rB`DUb$oBXPpVFxkr>5ujIk0UkDH6{Y!3o$`Q007J6lTmEA*Qc<4%-lQTH)qk zc!5giR!K$65$J4i8T+|4Xh<63GMw7nO0yiN|qiO=b5(Nt}g03IBSVO!${M}Sy z=&anlR{zQzGBOsX;zeqoWFWNvB^n|l*l}wmd2e{w01|k%sH8iC*}o5%+?3ytD|l+^ zXPd4FmrC4E=TAK}?(vW<@nZS14JHf^^E3JvTh{A5;!Kz34aaw7c{~gKGv?J>Ykt=f z`i|GRy}XoV!KZy8yYzha!2%w~M*4kDlR!BG7zN;Q%X;Mm>Z56i!87mN$%QIdQS1b%%XHb93cUID$JCIoeA~)DWTnhN zF#j#Adm*S1$0gF@O{M}CQ1zo*sh{;$f>RmdklOR!$)~vw!XNh`A0`4vWI=cbS!x}K zj?2bvv9Ky>dyRiR6j*npfc(&;4Mu~Yp!%bBub_HUvD}`N44s~!hDUMe1strd`wVP~ zhO!OL3n3xQ9RVGiL(%_;=o(79gitudw3s`Y6togro<2Q}=(%Dr`9+5ttAm;z>YHS78@&KpHTjRwU>SdI4y@>3dvrJc zTcrf9IEqX)(@C3j$PkPZ&mSsHq70a-siRZTf}p$+j-`zp+axYl3z15J zYa|$)8%mb_WJ*h^6g;oe<{~6!-V%Ivih(YT1D%@;}>n~LHbu-zBE zLw%H+vANKP%a%-;eh9z0-*f^I&^&V7(h^S`_jrZ9T)ukCRfQPXeH6Lh8tJVFlu{on zQa)Ohe(0hSBi<$rV>%eFNqizL(K4K6r2bK_UMgqUplx8xBe&r69?})zd+CaU*w}L8v9ZvFAIxf zg0%>a!c`Fv*IvHap|YV~90z_Z;#0pT8S{>pq%L-8G;doOcNNF8nYSFr3OFSpA@Qso z?eLo;=1-4>4r0u{E4my(eMVPrE{e@ym&TMyx$d|`+Y$UKUhl4msQI9IGA9XP0u96} zr6u!FI&ZMgwCNrU0;~iuJ%DDT0UMQBNulJ3g=#7Td)yh8r;57d*m?g_CH^k}HY*YXn!m6L(itmb%xg$@in^>cfe z(!|&oTP?tD!aRV~LAUo7l3>x-rub$KcCdA~*kUhVc2~KaMBec+8X%m2i~Q8K(fTEH zq503>{HlLl+y=S$sZDQXQBhF^d3l}3$;DgFSmZ=)%WHQZX0*AP#@XpIskF z$i`v5AX3adscH?1(83~Zw!7et36KTkw6=|!zkh*%SXt$`?>LsZd?l=Tui5uR8A%OC zM5yUawDniK&xF_8<2btn+1R5OzbjSPFA6B(2@PsQ8^GUqG=8SIjF+YR&>&z39Z>SKF_)!_+QZ3mt|7 z*-hml8(Ri$22n_W>u7rJbz}+AO#d(5-ZHMLwObzs1SLdJBoz=5P*Md&8c{$R=?0OI zmhMs!Bt%*oq`N!CAf-cErMtV{F&FOrJm+`*=j;1r@4eV-&3WhO>lzq9tserRaea5O zcL-&vqDp0$EFdpGpSr5R)2`wh?$J(FGBs{s1G3DNfm5bl42 zAg6q!yKzpXz6%l_x&YsMf!@Gm(mHWPXKA>s<8a&ogW2SVBMg zn7wgIsB(+_V4WW$OS6wszp`2gx)2o8d*W-=g|!@*D*ab_Q2i(#qsw?Gs>teKWJ9-c zA|0***-acoWYsf4$(A07K2cmktwDK`aWp0Y0d2dL!7sSX&a*~9jzs8_`7apqlN!mX zLP>uNFPcMM1eQf%-VNvquG(`68R8A(Mfn!-y*cUwz@U!7%%J$L7Ipb|kt_@~yz(j7 zRomgO{|)c`R~Qnsst#C^ufmW_ByuZTtp4EQgQ4=5*oX+$C`K0RbhiJ6H3|o9sw$#B z=ZBO3X+k;+j*4J0Jm-@p`VdM1Vnh8Blfs>4u+t#Xs3jc3F-r=(yi(tg@&-W-B<7;X zMUKStz~;eVRt}APcpc(-4Oz4O-LFNjan!R13Ay~Tf-gnLpuI&LpsxuK z$vRIGz)DNV1~co*OO8bkf2&-JglIMwWPrh`z6K=CatD^D%- zKzyC7445vr;L>Eykj|y$T*zm{%Znk=H5(~^YS0l!n-%dNDg z51;Kt4oCMJpl5e0l%_XjRY{Oq9Y>iDe-*xJ}$+bV5n>zY?=TKBBPm9H( zX74TC(an?Y=9N0O4t}18W3Drl%`Gj(DL+~$_U5zlrVt>RVVs*9w=MVe`J;C!7hddU zpwGp-AKwZnEKFV@c1<~GW@zjtoXrY^1W^xC3yDDVA;zDhyGiOvhG=)Kwe0ixuW<5W zF6%-qZ=lsq=Q9M;)MPnY>7|*iZgJ(BD{F0fgE&*xne3f3$vY3bys0IF0J9Ty+!3`E zhCl@X;_h{m5%UV;ecly4wpq$`l{U- zC1C4#qb!YGfPtm5Pr8MLM)_dMnRIJj3hIY4JX=a;)JE-s$ADs5)p_2-+MhJs!xCX_03=)`Wh z%J3b9IrnNJtx7RN z7Ty4w&Z2ft2>^WEn6v>D_ksZ1!I5;?sTah`wn%OtRH?yZsATyw}?)LEu(r@fDlsA5I5k9l>0!+i4{`gHX|pzRh3<4#FS^E<1Dpmok);qJwB zrRep)!l}g{$3J>#513i0+tyz%iZ=Dg@ZExx?N}*bX0H+OK9I9p9x=io!zbslUuNFl zh-1$mbJ<{V+zV5lj4c}v&dz3DDFRZ_a44{sJUi}~wz=qNhlOD~Qe_{QQ4oih@;kIv zdwgw{mLR&Qi8rFZ*8OBb68oP0vPOn#QL1G0e$bq|VhJl`ffLiuI;jnS1QZ9peBQ&( zM`Jn8YIu}0P@-afA$1@jODg*Q`syQEsguoa?&`Jg(NH7uZ2ec0x8$`di*bG;JO1ri z+V8?YI+h)!y$bf(J2(0eXtqK0vw_@m?aC9rNU7M*Owt;Zmq18UuS)_VMIS^;c$diH zx1jU+*8y~LmL!0%RokO)$Cv2_JA3OPo#rDFe7jBWy1IOm&efTgFsq3G&Pd{0d>#Di zmo8nZ&NAir+IcP0er3$6Pauz@ZhJCBrg@;qu=R~$W3-~26N?5QT1MTfMw}K{x}mH? zs_C}l`oVh3*LQcQ7Hzj1PqnBCQX|55+E=17TIMYaPm0_d5aa95I`Gh-u;aZ zfe2A5*S6kiAQHIO4!D_MD!xkRneg@q%_=J?!oK`xk5mDbjiWVOY)-o~!aj0E$LMC} z!^O_3m0;RH-fm3CA?+iz6o$uJZ7KS#;f@6R1Khi3UsHVCsyjYA*Pj#ZNUCfKHr6+T z(OIPO`j-J1DV)mj1++Se5TNiXzvyC{jFJ81t#TJ`0U%Tm)TYf+x3GwRIp@tSD9>mu zIofZgEF)NVKHCrQdU=Db{+;oYYhT_HL{z;!A9Qk1cVakHKGi?mh8x?JM72?x!Ia$2 zx8hQ<87wgwWpX@K#zwLJ;^yWukA<^4-$yiwM-WJ*T?E7Cs3_%>>keR2n0r!PO_g$t%BL!9u;iWsnE7Z^ z9{nJ(q`O|GF>!z?Pcn31+~JXy!*RvkVg4h^Ke=`W3nM0ZPU8YP^@16(LBB^ulxv@X zx!pQDY*C{+9l^UaUlqk^VeTgNMPiio!CF{^ROeL1tBew=hLbk-=Rb--J7(VoSLX2g z>vIG_mJ{E_MdO#Exwm2TQpX2_Y4nnty}!dEv>A)I7x%B2b1?PVU`5Ty5sYrnI-d=< z_yVv;^EgNIh9U#3|8pCHU>k(ovotlmIs`W!WwvV@`U*WY! zgvf9=uNdEuanHhqE;&<|$?xt;ThKv~mPN(ldaYGY0H=67KWTK|y-KfzH&9*&$~Hst z+r1AjhEr{XrS|3s0a^O++mEsl<5%$pQUop;vTUQN_l-ASkaN5g^t#<%W_Bd8y2xeS zmKl$Lnw7FuXa;sx*djFTGAdYJ`jm=~ITe}iCS`eUj%3wFXlofb0O&PnJe-AzD1BBu z5!8c7IEyyxe63#dCF={}hIB!0Pp!7*71x(}&XvA&Vs%IF2l%Gm>W8XHz}~kxst=c0 zMEJ2T)9#$7HZNt{ufm9>+aBE+Z(aSp^U>^0Bc*+eWAD{p<4NA<$?yI=$kZ{(8NOsu zJ!ddj<6IWwY|h4&X4rAp(5mKtAZ}$VUGMTRsM|PCB5>Pbp`*TsJV{L5HWCZ|bJWfU zN~#_yhK5ES_YB&IAh&{d?C>Xy1WHa+&$lh0f_~SL0s%`oEgz36EC?=V9b>AbY~kAY zROP;O+!@`OjL>!qdVPWWi8(dL6X^%P9qPO;+^g@-Pwk+KaDw9azE4?+HdX2d248T^ zW=r$j2DBE+mi`L_dO<=)CQtSEDCt)16KSp#QLp%cijB>ljwTd{ZQYhx5-tNTQ^bxh|?!$Uw z5l;-}4&R%aCHC{T(ms|Rxq99WRWoteYOh*p0WE3JP|_pK(`Q=Ht7t4Eu;DKm%PsZ( z!Kb8gN6Q^e`^ZP5XRuTP1=ilAi$Myrn1nF>2JBrCc@YMG70i-SF+kaUWDk| zYRh#MJnbv*&?Kr1zcDiNC~MD=f#pc$cBD2o+el5ycV!mfdplI`m(=6t!G+J&nu#;4 z)l2iX@wW1UW)qni#{=4IoMSIvYgmcJCq(z2Sphps@(#LZ=Ts#Hh@{cp@Wg_$d-?1;g?82HG03M{W#0U^wD){nP}q+uXi+H zk&a3@$DLYZ&fK3mYBs?FPsLcb-+30z@X_hG0%scUwP!BmI4COT$yJVP&y#OX{uU8MfI6Sf+hCv^4NOqM zg!$zF&;piMt#8wdfYMJ%3e@w_hla05JES@pfmEf-6}&S-M&*+h#7F~xNnfUuThIq> zT>kJ%+z{4-gzYqENlJt zfbI_~pa+TVJhsN1L-ZT0JDS~>D;R$D^J$`Um>)V2aol^+S-+`VC+Xlg&NTU9`Uj}G z+)GXeOZJk4v+7wH@@Y|hYH@jlPG=Xn+K$FfMraB64t=A%d8S}ac>A@nyz!xu4X5vO)PDmLzC+1!_Zv!c?InUk7oR|BJ zJ%{FzeZk&A)!cfBv<^rkDMLjB6wrIx6=di{Pa9hM&Cd7Ar4p-KhWZ@ zZ)t80O8oM+wJx_-d~?;7&w9=as2MEkj+Dk6j%+t)%2DU7?o6U83OAJdxrD0brD!bm?rSPANm_b+?uK0#p@ccxRP(Jq~j&C^odTUeD z?YuRYxm?4Jq8|^}C=8DN!bpivD;XnTABK-7AYSR08X1@sLARMAN_AG0T`VCW> z-n>iiukL-=rCOwVu@&sryf)-E5Se#xUiqADYqDG9YF1udc!)G_v&+&;s64dVs>{8T z^^J9|r}2$2TkU2cmyHI&$PPTFPltkjzO(~)x5SgOnfJEAz;Jv@F%(9SZ=*rGTs5AZ z-`df^sZG7EYkjIM(n_<=?bA#)bl~{N#zK!^i0fqm z!=t=_;=jmSVKa<%OvSO}dzR>S(GntZ)2)$l#0K||gM{V(6G4Xao)4I+RuTh7eLVo5IU16qbP;o{+V8U9oh*C@4%hKHJW^2N~db@rlQZ^1+Du9bRDK8WGsFR3@ zNPk|GI;xNHSm?Yv;AKU>(2nM&4#S1s- z+Fa%FK=ifw9vOp=vNvTtQdasOwKnqZh2r3D)i{-y4U3!|v5U4@bodpMwl)!e&(Ok% znnR_l-gGVaTcK^Mk_8~^jnY$pN4_<7np57-t(c~$uwK=vLl2+1y<^=zcgudvQZ%Km zf=`>KS5ZwqO^SU>smLVnsBE)h_s`vqv$*+Sf|zFj8eoH7rDr_PDb{6O48aA|sMFrt zjpmrMb+lO5BPyOx*_a$3(4eIdpC=agNGa)N6PV}il@Pd{Kuysp@u;@KdZq;^44QuP zYx8Aa_S3dW24VcaLJERE!Tx{N!!`X7khzo^51kcp(LLdc9fTdBZ%tULR5T{9ByUWFiD06)kF%2ZUhShg|8%D2 z&0iMyzcMR1UUnxm7YQ|vA5rA%85%}^XtkFx&|m4lCZepYZ(!i0?7KIXSC@;fgK#^| zf69o@eVe6S=a#a=dbGq@F%_=^k8NEW_GU-7J775)X%xXn;V}dBhB9(ny(t2bVNiIGx+C?inm| zt|JysQXv2JM%x9YDOo6Kzwzg+H&`HC)q*xC@|}cN5R(c4RUvfgS~c#w)-_IbaKwpq zFKThQ`F?dhx78X9Bn|B6RSbIl7UVF zJrW^=x(PwGPlhtB@ZZpu7M9&>=DR$0Iiw^RYbDGe@jf2qkJN+uP$GV51~DJXFMR;5 zg1$*Y(ANXm5dkhJ;H&%YkMzb{1-$LIYE(+j2Vq-R$s#)vuBV59X>>x;$a!?7P&~m6 zlDVXm4hdrq3PQkA*vFjqueuO@*u&_V#o~6^m2~b2a+-8xb znadjpSzkZjvVe*M{)>uwSqg4L(ZX}v6)3SFnTEW)hX*@+^Pdv?Ykw)|k)qQ)4UNMS z{Mi2oWLl6J*5;el)+`T3AG|vAtkzXNaSvkAZ+bV8S7XEAX>=^1))Aim51#wt3dZ=! z1DV;J&;ssL+qHhMN#hlqm?w0W|ajnA##| znlO?S@tlW~q}UOdb`kq#LRKzEx$m}dmX1U+O+RJXk^A=Y8D3xRlZjo<8jM6t%w#cH zLOPFhmHfoGYmDDssVrZGrVcI$UAHVNEj4rDllFg78~2^-Yd zJ|YWRjd{L42V<#nn%msCXDqHkoVihvr4Z6I!qbg?$Xd!HJEg|;9YJP0K&q{^s>E=b z1o!7r!RPO(TKNVUUUxanIKfk|Qhc+9T%InFFuw2EPg^E^glnK5N5?{wfb)Q>T5dww zS-0k7`*P;oMfgSFp-%wFKGTu8z7&jc zR+XEyA^~=Xi$Bk`uF-MuqO+gL9^%`R3**$xTsLeQYq|dA`6}NXRxXKP?pQjpSZ^^G zgS7miU)NEC`~?g7Ip6^bh+VG*AGR~kC0Ulk0r-M9`}ub?H1xBGWC+XBj)-c&O1(+1 zM}4b#lr{Y8ebMM{ssL1ys}~?af8L|y)=TKL5Z=T1-N6hXRQe0+x69Em450WJt0;MW z=9Zj%af`yln{29Jm(CYrrktI)ktgq`YAFiBfFBLO*t6_7@)tz+US-4lmvc47L zxYe#WP-Zl09B(r2>i*W0@#jeTHD{f{&9g;1DnZ%xa?VRIOZn)O_ z9mFVe&)m%zEY0s)AR4|(d#mPq5rdMfzBIBV{&3{T%l=3ri;eCKzS3aQ1^)&*43RV0 z&dX$MU)rxS7u80|TTD~Cb4&2YZ|S3F6(DCVJ9pc`De z5*GBxOPTTOx`1!m&K;|YQfj3Z8cs6qh!A8(pNWcVTemDgu=K7Um8B$jOA zi}${wlOcMpm2}K}*X%X8;3ezgIrVp~(#wcax1BviaRPKK5pAm@2$BKqQX1+E{S=1} zN>e(wrAd91JZwi5Bbw<*1454(&WEqB`+ArLVCj60!GWAr#mokT9M?0^udYsEe19jD<4zZy>s?>}n@Xm8#4xKOpK+=g}ZEoqt(yZZ)S~1c`M^;Fd*aIw| z9mKQ%B4g06Bk~dkx@SCPF|u1(EAq#Dj`HwJUx}NIxvdD$H{CfRi0G@!4NIf1yV1kH zo34e{zwzt!{MOo6`Hq35pguBE^l*Ih)SLLo`x#Hp+|srQ{CzQXlZ>Hxw6UM3Zas}O zS+{Rv>sS&?^YeWhnI-3l8@3e24D8$kITG#y5VWC;aoYo{saBUhPygbGtOx2 z&KwJrlsKmp78Yuu^>xxO*J68L9ns9Cvd@Td+}EDeW~-yI7g#OdF2Jp?JvNBrJ#I{0 zp6|%a%1o(DrBA0pSCYLx5Cd>~#o9@?3^mRl`41D0@_Hv;zZ1gc5sFaG>l92F6=YUI>vxDf*zY7JW1?P zgd+@F`j#_7_)#HuJudR@3^G+$VGsQ-DZwHzq{ToG%Y?^@A<>Ta2uroi9$ED$ zrvF(Lg8&{H8ZGX{x;oS0Qoh;DOxgV#^|->VgEMad)xD0LSgR(UlP@P~`&(#9>UC{a zy1(gIF4G2fV$lkx2$UXdBOZ+m3mJ;?-s29u=ecx@mj{jKi*qV(&k}zZ1Jf&kYcm+d zHK0#qUve%SH{FHc#I>OJ3eHi7kxz)!2&Gff9aHe$V_|ic#2Y+L#URLLOTTM6pWu)0 zK5`Hfd%nZ~IkO|tSNWa#k(udgEu^Hg@)V-QG)0~mukbJz0a!gEH1zU2KfjQ|!n z6f{JKkf5)6Q|m!r;k&xKFCitOt|^c2nyS@u8@Sa5!N(=h*=qk0CNIt9b&W~o;x6EI zKEa@fi4C|>wS%{TL8ihar@u}g(Djn}89ZvPim$cqD{dvvN(eW<0g)H^+ zV>Qm2*7&ZaI-fD#`2|LNIoJyM^GDZlEhR#4H~$&*L$;mZyery{j0XCGlkA|QWaPg$ z$Jw(;G$7m&Z+>O(`N6{j{Fg(+@{{Sb2V7=9{W;IWCNcL(?FFApF&^#x;JoSTa=W)r zSxmD%sCTT)Ya}fQ53-xLtY?0NgfS_Lcf|3PXfFaHRjvQ;-JBCgN z0j{a-d#hgvN(2`+Kfew*|IQjY77}2?F;AsfqV^9#9WV=~h*{v3)6_Gn6!i`ZZ+0#M zdnA|xA?sdctz#{pJ```FF~JZln^l8{R?x*vt!>3%_9^o!N`)X7}w<65Bs=VlRu(4TL~a}{-H-Ef}Gt@ z{N(rux_0+(Md5JP?@vW&PYU#;wFYpGTm$0f#0vo%h>Ylg=}I!BJVZ?we5-usv#E|2 zxV&q<8;Gqz$>pe|%~fdnjDR~BEz3@(R^ikZx;Ih>iVtS}&g^|qsMZ7>e^JP9Hz7XD zz4fWP?#C{-SeQck2L}t?zMM50F3l-DrvwS*`6xVwdbvOb{*wm0p)u8SR1P}nk0xB; z)%BO)T1%)HT}D}iLhu34(r9QHL)s-2YM95W3~6!lL&Kdy^L4*H&KRwszZrMDs{?oQ z%#yx8^7wNqbTe;xQ1o&eD|($RSg`Yw<=jyVF8nmiC4pXaHUv$%dZPY)yg_oT5`%;%Y&+hdPTeRjUKBD92 z*Mj&JJ*mdahoeS}=Ed{gT3h2_w)Wu!;Si~Wt<-D}>BiGNZHE=JJnOKdo@8o6I zv7?@VOy8^Ke$v}a^>R6xd-&`ThbS$D*duuc{y(2#FjgbI&>eaDuQIeYi;yPWjsews_bcZ{Hx8Va`bhxID{@*e7a3)hl<2Q; zngy>H-eswl(}wz~EeI^UkF`WypMS#-^f0POk0(TTNM+H()x4kyGu_nGl$??lE2IX1 zTsK;R*E!*9HUD{JbhqUNa|#vF!-rNfvx^mm55#k7#igXefYJk0yWt5F`)4B*zM&pE zDlqrlG-@(|QEFwCJI`dTyjIlI%<)p0CynmzmU}1jq*KYD4{EPI)jlB1ukfgpipUwf z+V^yNx;Vht-R7-eGRC|x<@}1>)=ssWZCG4fZO1&*{g;6XkqfB#Wka;BP$=xaCg206 z_Afb`zcR)OKhaV#7GNfRk)b0&P;uFR-~IyT;?0DH{v89Bkl^)}^z&?hK4=%<;$(E~ z!odi_p7jjfPg8rAGRBdvq@JOuGB2^@3N2;QbE@Uytx-nzH62ly36GN3ok2AnMYqK4 zmSM(0Rr0&n%8GItTYeGVW=uGz;N+8%_g(IUt!5wg!N0WG5&Nr<&i-PUTz<|2M$Iyl zzQ=DV2iQ^XG{8>x5O>W$lW@)G6hG;vrqtUCBkwLooh~R}hf;vd;yE>RzG^ulUe>ar z;+B?|OB#_McQ7|Uh>sIVIJ@MRh9i=m_$uGTpu~n=7hCkFyWX|uN(YY1JkFq3;Q=cG z36DG0J9~bF;Ge0N&aW9+5{A^c6$>wY*r7m8~dygZm&BimX zUzn-Li`_@be#c|fnGexZx2X~n2Pd9!dLn(G^mNWo8rgkCej6?q~KdMkU+1OVg55Zm10r1kmb) zd005;D^eGq(j|CA!j(2K?hZG>`nl6mlA^DB7E8rTpU}6*lqP>QO=^AW)4lNbQ^~cO zDcU>R;oA=<0AE-y&cvi(M1&Fv2$~z@3qd2^Y*yY|>JEdN_iXe;a2W>h7FlyXbkwP{ znBdx}+#SeWQfs;;Y7>$=cPqSDCJ7}1QU5pqSz)PsjqtIcw(GZAAXh^$0r-NLmkBXnVZ-Yk7Os^c=$K#3o+)+a z;an0M$;F>qLOs*cZZvz0v`upS94Su(Y6CZJ{I{q@CiFR7GHb4J!# zxqf9TfKbmdACGum?m8(VE;x~jqfRyJL_if z<@IJ}#T=xx+6F1Q?>chft@(7C!OI&hn zKpp5`E}n(H#?9k}@^}Tfe&TuuxpEol+5Pn4!7(>kqEr0#owdD`V~02*ibEgI$V8F< zJ1bTM|MT!-L_igKP|F;08S3W!)FdN^%WI#o}WkF<9)GJR=?dx4_axfTw`rl2>?;_u1`)_;Vp zxWmxCo&f(o=hq$zD2@>LP8>5&$UjU--iR{J);Z7VgmEZD#Ao7!$Zp+R_2WDL$CK(h z9r9--fzp*1`O^Qtk4iXk?NB#-u8Ot)&+sAe3X#bR4-?Q~vCILrCRl%jG3+a@x82Qa z_6f?<^Ela20TH-7|9Z!|@LfMoBc!||-?KjRP)IebO!11CozmO$O-rV)pWeazX9dyF z-Ql~-IG7Z$kAM2%A($foqnbLVV1M-YJ1@Oqae3yOm?8C1Ux*e)j|lZ>oHo@c1}|Yc z+oV5tgrbRke*b$S+z}^~>A&~c4gF|kpDI?}B=FKYS>l07`+1aJfTke4k^I!N%T10O~B1_vS}e16CwMe>yW-+LCV}~z_SwQ{@oZd&4V)UxeK+kE7P=3 zhbRQzIc}ssUNty{Q(@xlGDy_GV`ZL+7^)aZvhu5)L{&H~h}HPkCMQ37D|s3?^w=t6 zKMS`l`P&O=18!tnQ8HZwoRx~~1W8of;o_>cYl{0MwXr9n;beHXs!6m4k7OVAOAWj) zI=D?vjq>rl!NK6wa7i8eH)8Tj%k%9k#__UC^MNFl%AS#`EHAgyyGk`|`#P)p#ItwC z<8<%gEun0vYlPu2ZxvIGNi5g}Hibwo=uJ143* zQfth94+_WUfsnONM|XdcfPrhsJxN9G@Gj8o$bSi38BD;ZAt{r(fnnT{bumdqwEMAS zUhMYv<@*kSMp&~bu8V6Q5GNH210UHc6J+O>FJW)3)g!VmKmGB~-cik+ha3hI;0;yc z2VN4HU`+(B8L-e~VYWiV6D}R_L&wx!N$_rXul*~QC|bspK%?bOSPBu0+@zN(&>YYR zQS;Sg$1(~3o@?!NdZyuZAOQZy%c1Xex@-fJ>vm%9h*cm3JC1TaJ~~O@#kcCNxhO%H zkAzkkRflY=;Ve!_G@YG$X|;^^9|NDs|)t2+osRekrWxW$M) z8_RwBnN++RklA$oYg^uf_3tn5&P2Rv4cW)3u!3>Kx2>lXuRR|BG5TdtxwXh^t^O-c zKCi4^DggW;yG8_=wvYKe8K+Pfy6?ze7nyWy9a46hXuU>U0c4e5&UPyD^AV0+3S~80 zPna&AZ_{NMi#0|U^rA1|wKpM;%kP3_N7W~4HSr_tIJhQi_OwraeroJmLusjt^IK33zf>lcMncM z7A-Kbr)Sf6W?+N4(vp~s|n1dY-$(_SHN$~QGlVkNi6BBxaEs9(9adEuD z{kg3XsZw{R(&((Gs{I;UVk$Ov9xjDA`$)R)5UUoNrZ8(%D_B+9grhfZMsz8UUDN&% zr)+;TU|kzFUTU6G{-3@B;xSQY%nmR~kASK)Td^!f%NilP8F z&jqSYzjeQ6UW$(`y!F8w6T;!OyW^&gdVko_ZC_!jun7o=sc~4aKI%A7AKj|(-VTjd zK4F}iB7S%#Ux$vS9+&>>%;_ls!Qor_;E3y#(^xkFtN=@N9yla8y|pUyDq%Y_zNF)~ zC61i!ifoo*lvK&7@?v<>sB_R3Y6i4FbQj*O&|BPk2626W@4v!X<3jnDCyt%nEge|{y$f=6ZX+c`dY>DFZR3}IKD_}hz~{FNuRACb zUFSr%sXenSRx=w^Uj0l6J&oh)1j7Lm`@k{54=cFS7fMd!;ZcRTcvWjp+=7WQs6jKu z);;-Hozlzwut!tz*?kDA@)7W-Q+-^S&(T2-uY9?xeYRzZC^v#NmdE%&kB@tfYwy`w zw-fqDcj0!bdur1xDrCj7$LLDWNz+}&dp}PUK2+s8JxLgF-mzE9dy(ds%eibtaE}e~ z9?(@=mEKJv5WN;Eid}~ayH8G5nx979Q%?i+`@(B$Yj;<_qFWs)Mo8p6x)5G4Fp^yp zAWKlsN@ZQ*vaw`u>#Crn^v;RsS^k%kiw%{(`q=!p2y`9aJ-n^Te~KGZhLfYgm1|uC z^Iwo?!vw=15&WAAEHR>QDItH}Ouu{_!`S4s^eqj-SQ1=I*&DC??08+5H?LoO;ww2-@nclPyaHN z(MbJ)b3Br9M_|3#vVe#tl?&27CmA=7gl%47ITG=?0MGa35tH-*1vwGdb_xzSV zn+wD0%T?B|HhIgdZqVO&;cQs5*M49%a1>}{LEd{NUof}vJny6ashl$AdO7^86?J00 zj7HqOTHDsqAH0Y*`HA@Z{qbXF(8yAM;?Heh=3n)Pq6tIsrKool`1x&7FO7|Ti%0VU zN^vEylnp2$dD-3g>)@z$;*EjgTRTKpuD~-K%eLEieGsjJWGo2Pk%Eu?9%l!TTlo!F z^jEXmu=5qzYR4NJr|iPv5`X5IIZYe^wkkhSD^Uu&op8z>Cy^15MQx(x+nT;7zKU1Po){sV;j2go${F$YHvuqe@~}Thi_Cgn2v2M<8{N8(1k`c+neP$Ho*+~b8QB~N z)3*bn`sAk!3KL;4g0?i*Z=R1p zBqbF{xAm86kxr1lR~ex}eh1|~d7liWWcu-9_>7C&)bl&{-!spD&c+`(@=g;FX}W^L z!g%!u@?%yoJFOf&Beizn$G?Xy>5!H6h3cG}YB39#=1Lv@dh#rwfToj=&vgiMCynbDTMMvr|eC3sN zRWE8~tY@ukSty%-$efSzuz!90fF>(%*8r7Vz@~>xgQQOf9~0b@!ESa4qyH^FiYkls z7$TA|n?HuIvKeP-Qs5#3V>S1DlUsN|P65(cy3jxNEn?~pAa-SLvSbr8h~c6eMu>g6 zEAO%DTlIMX!|5Zj#5rQMj4v&nE%t8s2&aT1^9lya1BhXOmsUsJ`EwJVAdC}b4(Ej( z_CD^`JtAQpYEMC=oA$Q=6qn9lSZ&P0EqIAcSadVklHcIFBxibfG47MDqWWP+lllX5 z8yd!aIKhR_o{|Ogf!VS6^qdG7HtnRV_+WLLvzYcT9!A|ggV}I#RTH7Yc!^nY7CF68 z{~KPm(6M+0gy5fT;OfYDz433S*3C}!R<|&$otL5(# zFNf#w>^%9Md+A-s12HM-(83nRX7g~GoM=PwgGFdOZDuVdE$M-ZE};GIqk=611#P^X zxkB|U7@T8@~nXlFN37=yAeRbYd;n5{Fm?1;yy=VZos{88+vHeDr0D>>Fdj3laa^<;vZYA4f!Z*?b)X*>Bjz?L8D^e z(7=&K+{h7xHh6jeZWT71i|h3h&@|w$NdEB{DdxIwdg5@*_H4zG*k5t!-M#V?Pq=93 zeLIl7B!IniOlXq4bIPPq4$x87xi^NV5>07s%p~8pOk69DJU(D-yW2jiXkEh zoBWC?agcbL)pCXq`Ct{lKkHkV@|~|~CU8khK$DbA4OZFbl~8taW6RxRkueaXHx#S>RqZ+FO0S9YM5DMHp5)i;2#T1q@3VEbRJ5t$r{Nt!!@V z``|X{`@DlPmHJ1pf72xDUW!gSDJMMW;T7MD4RY#x*&-y4`>&hu>?LhU=M+uGgj@(f z4Js0Yv3UJR&I}mPZb_BbWwx0Wd-iwB2T!iE2l^mS1y9yVFy)*wm{`FdK3toRKYpf^>}tt} z@&9^0Qe!#tXaB8oUtgb`s%i$7qW;trrqZ-rPm~wNy^@l`*$9kx{o!WDOo?9{i4wht zQ;e7}6;#4PKc;&rL$B}P-Nw3uv#Ls)64C$A`0Hz3gsl>md~ya%Z45;7`K9NT%l%da zIOS!iRfbS|a8R7Nn_=;(*Tjy#wR6<|>AF#HWQG^2(|1fvb%$~GNBj@(FTO;=KVNXa zzf1x#NqidGaRzj3q&BJRmZFqYK&W6EUc*t`%(bEU&;CVuxd$8OnMDLzSDj)yH z@NlIv3JLd^PLebFgxC*2xwN7S>-zkYW&s%r5;8A4<27!6?+L9ogxsrq{pe^|r2z@A zFJ)MaYDEH11x^fO$gZ7iT&Jadq;8u{4hyUwCX*%CGughrxJyVQ@526=e&lZRV81}`UmlgyR7}BAnZF}cl33-$ zLvx@rm?-4``4${W>5R)0{*@5T=xv^ZLSWsSaBKLWifilpCWs{LpHGpD3nNnr8WTHv z2wLlVFI~w}Ffj^U-;wG3laPaTF$42!)(0r9A+b@Imi&fTr7JOw6wIV+sTjuqEeL|v z-nwce-1Z5u^=JIPe@H^;<|z%G9-_=iE#Z!M08RIAB2xIL7`&5_i7^=<+_o0iZ`2pc zhmraH>ufRP~p3@3a{ zr76;u%<7z>Cy2`CQXYZ}@ew(6)u#bM=fyYx2g9?zn5D)4}Kss>E)nX@c)3R zWQN{H#Dn-|wUv`kiS9Stz3t(>yT-kHKoEX0?3LU0-b`WEiwMAL4bp5W16N!J*+7mu z!$};sVyVSA4N_X*Pj-hl`F>w>Ud?u;&0M$Yd!FU;4|xHb82X8BdsL7de;6ILe|!K! zga!bixK8FAGB=r+LXa94s4+Asd$u*@PT=*2I{S;@j$yvZ?g$cFu)Ye6DG&xl|4$ec zHePEm>lJhu3Gh<3yHEf<->x$z59L35eYJB6jq7mLts7YKEB|E3PFBp&w>kq?M2@)J$ab-32p`eu#O+r=!I^d=s0L(Nft^uy@=g>lv(AOdM73KU3tD&Qzp?MJ<6ep{oaD%pkn(iE>%?IAS4zZy7q}y9+ge9(`^$URy z{=DS+<#FalC*NgX_vf!oW{=N13u%x+d_d`mMvTAUYuMb8tN+n^(tzqJ)ZT*hum2n6 zN*_%s24=|gzawI3&St9%g^s#n(Bzp8#W^#^@?0b^e4~Rp1Ap)qdVhrWu}rG_s^_6= zg9DIh9F-KD>@Vb54Ng6uimO`jeX$iPkCHE3W}P~~3ex>5XK08*wa)D|$!x}LX#Tz& zVLoalv~O?(iw7V|fgHT%SDG5Cs<-S9C#2`PYN|A>n#W(onh(w>Ygndat5zvluL`i% znfk}PY{0oROLdp29=EqtKP2V1E1bphTZFd}g2}6*YL2X^{h`}O{E3U) zn9GE%(Ri)vPtMeyGuc739U%n~+POdKGBd@Mjy6LiKd#yvb$zO+KI&JesiAo_>cSk5UR(8!acyy~50o^GIasr(JCYox+i)#>l`^$k7P{3SyU zdZc+Fua3r#gf0Bsa-B?-i0fFjqxDm3C2gqINhtM|S&Ht@ux6NZ>wLIA5h!4sb$Iyb zaS86r!9x8{`wD?M+t9Gq{AwoKJ-4md#FGLbOM#jLqnd3BiZZvHAhgyKD&w~CS=Zbh z>U6WML1-2I_y+?EpQaO)Oa8V4gZDp?dQRBUYE^p!GsMC`RSbLNfMH>(_}=yGb2|@W zF^3caR;56qG3RmDLY>d{LyS?y#l<3cY3EeR#+>|kH`&(soUM$j^+i`v_t;9}&FgaKLN^+Ly(Pn48Jppq` zM9(gcd&IcgFmngrK{iSEF7+|fx8>>$*2s+?oLkb-$MHr78d+3nRdds8Y9D|=Mf4Wq zP|6bJ)~_=JO^M!ApEUEppzv05bgXEL;}gYe>J_Ia*5Nx`eYCYNn^j9MWy3yQ%&fbJ@oN-d!Vibi`2jS@NkDvz1GDm{Xn)P zYdRmmU0id?L{p{e7JWhwOS%^VILCUIpV|h_iUL25#>?NrLvDKejGw=M&(Su7;?Cls z+aKz>4n|0sWQR|j)`WjZ^0jA7SL?SbLC+M+C{FJRke|~|-BI?)KC3$$P$5iP>X0># zxdE2YiE$*kPUJ}HicsmbT?A(JOLtQ9NA2XtvB??)^fm(;Ww%gdMd7pBT5&NjVSn?2Iq&SpDoB{7ff1?(t1U9lSY9eZ;e?1lS6<@44=u`}8VGS=&(+uXhuz zd1oIw0!vak?Ot@;4Dz0W(m_(&__nC6l>7Yp$rp(0({CH@uKu=K6DBpzO6tW;&8t0D zbG{*^&6lbHon#HT7TVaSfY7P?6{~Ig8DKN|^7cX)(k0!54SM#rw6e8ETh!7iYukpM zzj9yUO5jk$JT!*xR+7R}_e>Eg@nb#Cnw+%h6XLLCRxMOeI077|F*(2KM-tXd{9oE` zQ^bx_QxPREWsU}2cLWl0$htYhl(QCkhq1!yhSD|qTt|KuM8$I}+@7G;$sktCbT4tN z#I0Ajf=9yqfoG*sJ+}rPcURBH6!@)pW-3kc!V({KWHLqK?rOPi-Fx~h*@-DN$TG|C z2PnCbnd6=GlcNlbstu7iHd22Iy64~hbF&`W*=6}q+2ilyFLeMl_tu zH!~Jo&M=p#Ep#HTxx6)cbt}kj2H->+7Ls zzuY0NN16wjdwryM;6WT@9n@s=cAG^eSusxy1K)4zhcutx!z3ft@}b| zivt>2Ib_a@U83{;eT+ry?Yt80JUb(m_&*h!lBsYu$InRYoGfUw^($%ZQ5~cAOUS1- zwMCvlxAdLdZIHE*EB9fI+9HR&+D_Ie;j$@1LRc1Do6iVnAStWaCZxY#iWoKnm z_V&A8-tYJ4^Btex_xH!|uX@xu=XJmC`?|0Dx~}{Ad|r5aNSRml-(}vLci>Pxt-k9K z2*e&V#5V>v?q-mi#(iEAN2Mq&A%UCY6ya~sryudl>@BoHH^bMP{+qcZaUlgiDe^qeILAByx zTg+_@H;OT%Ad$38tpJwl-MN{#f?mnWppLm1{__T@9^c+q5ast&8p+W0>MxhBwUy#1 zGwdlJ>@_1QFt&>v-iu*tGeo5ZxM4@JT4~q4#0p%MmNfb2_tzFS62XBc`5AF|!x1+h zL_QCh<8O;7ke65Px7h zL+o_p?=JIIM;_`I3`BN%R6+LazR=XWSlp=c=@qYj`U{r?+$AgOlkj3P@HjUjKDgfC z;^I;tqBU!h=aKUxrMq~^1{#}LJn+?6fp#>T5fdOoGgGt$>(8Hd+3c~Gd?rN3v z&Yq^L1vA|domFDzk{D24`^wre{10oM(l`v7lM`S-C#93VploZ@?HE(Nko*a!*_mR? zGP_I>a^?;^DfP3Cvql<0nrSjW_RntoND)o`30=wDZh<{}hU?tY8v0#fKcl#}4%jy) z=+ypkbB04lcrV(%K!&x~=mm!`qSTOIf2!BW?^EDVh794G;hFhqf%>45h~?P#rED)u5*n zyFS+~L+|<BiV@NsZhsXY(BXio8IM3a=!AafuYv&A7 z*Lo(MEF41zQ7u~_QI|ax>$Vb_9P6&4ZTwjvTqCL_{p0toFS5+Q$uL-HO3&(}Ur?pZ z*rNyQDfn8c^&}~a;r8ZgX|rGSlce=|$CN@B4Z21o2k8C}l{Q``NS45LN4{ubL9&FxzGzXC+ z{b$uXFFaE!azP^|YiTC|Es|Q2Dw51yv3{;(wuZQ%yC-RFzVjC4qZ^x4H4_tt*6JaH zEqV-brFu&mj^k1nXk3ZMzXb`$TdQSn9&|A{s~V};%JNWrC!=ZCh zVREGB4Tm`V)$W?^nYeJT;U|8ZzrKEdtEunFepX~XXMe%>!lM@B@W#m?5e{f`m}zSH zXxM}RBfVmOBt)?Kr)sNb@&ixRzQ6l^r{A41()pGuUn4;apneZ@=aoS^HLR{=ViXT^ z4fGN~6(#|sH&U8r<7La4oSvVpgkOLKKlhu#bNkc%=yfFk<#!6?E)S=MB3atuTHIXx z=((+3%WR8>0i8JV1$&^^*mxn&q|w;udjsqOo{Io!k7~ zjA;Zi`72e{I|>3e!)iR$u7(pVJCME>yct(_n}1+ytY)1ibE22|_573X;rcG>Lpr*d zTEv@F5*ypGMAz)??HB0#(`ns`Z0zc=8nX4Ibos5D>K%!rA<0$2$|B#B(f+Bu+R4%G zxm1U#t}kF$<=Cu8H0KN6PAei!lR2+`ZL2D~GQ{Yus5I%#pY7oUDIR4ngKlaQFM^v_ zJvz{?;H&+Z1(IWW`>AGa7!bLnDddI*8y_T6(IM&&H3*pk@%k$rn?# zttvABInb4I`vP?li0cb17UKhsIQ+I2t~if4CY$2|?a&Axh-C|Ti`0{ zSt2)fAP6hn1VN(^KL!`I)wQ*P!XCMdCq_KsOm|=Q(B`?K#>L{m*SI7;t67tI`<`3( zmSt4MURL!7F|W#DkM@eL3ODDSnS|F`v{)=wYourLtwqcHE-_EBc%LnXN4tpXBp3(n zt_1_-#rgClkSWdVHQt!lFYr{mnK+7enI!4AbX4;r`p`3k*IP3Gfc8iFo5j1Qb9x*t zyik-M(@2(k^&ZU6_HoG&@49YgR0Vw?qUjyFx>30wVEbrz{3OO_|IO%3<>dO-K&fN8 z)0hWjQ-dNONjD4$Hnvl3y-j!ZU(j2>`zyQur{re?_h@$VtdXaXE1PmVPdcDgzn24f zk3}-Q9dv$1#(mGdB|+;ov$6V`n#@un79b^EotrZciP81CYda>;%Y&_}b4$4EcThkw zWaM)7M8QM~DCan$VlLAJX-y}fsZ-T;4}-4GFQv8jrp3RdyKRALzj#Z{EJ1*C%d0HL zbyzi9+o<2~*4Y9)+o8gxF6gJ~8WcXil(NEVoQTeHT>SCr>kiGF20;vPUAmSjJbWXA z7w}>ztcJ%6hmd@z{EMgh)5K>w1w=}|-$_PL<8NaYJQ2X6;(t1}{zhPo+%U@j+`R#ZlP|4|y^U|wUM{z5 zKd8MA_bJFn+fpf+3yQ$5D;B=ZLebfq@~(R+6uv=xze!i{SuZX+2NB26-J-~Y+uVOp zO+BOV)y=H4p97#Igg*0U4&bGr!SM8~By+XJRpb%lBz5oM5r6fQr#w*rU9ZAgiEDow zA~y}U-CU)s7w|I5?Plo6GI5&4kZ;T!)MosjgR1@pr}i?JClp#mYE_QZaH&oqmtW$G z;8qPymD-o#h6i9Ek#AnZ;Mfei&f^hMgTe@J?bMIZcsc_iDt{jYguqP!AJe=Osn~*i zPg<$o2`Qty`BF0gi0>Fka-#JmPV)i3$xGzdk*4Cy#P}^>YP|KqXdRfM>6&<6R(vZC z$Vi^q z2QLZ-Z@?Zdu04#R(cH-8V8*cxwTw7XWI z+?wpXBKu(ifvNbwFcDOo6*N9D4&c2;cpDx*@P#ArH0~DE+e?zeq)nlguVc}b;ML^E z;K7ntxh=fi=xLg=5c||H{*p^Ac~^otMaeki&)=hL!boTZ8o=!{M@B|6711mcfQab( zappEq3$2jkF8y8eIBNVBJoX<&2}7vXQLdf4hEs+-wtzQ~7gG&Rl6)9biiLwppnzp-OCRJZ-41|uHW2zay(@&+51Pv^WOVPHDgrDFqfllJeooT9*7F*NufQ~eMO zh7?8ptsoO7##;VcwIST%QZ5j6h#`X1<#zfCcO%Jh`zp1n4mP7WwF~b7e zr^ZtZ?qt8o5rOB%AhE2Fq}C5|*>}%kp~7oUg4WQG2W591h;-~4m_!O>HnsB2n4r)Q zy1&1n0!12x@TNNhGH0JRHPPs>%^fKC6|D7s_VYoT|Cdr+SDvX76ig39DU^*cmF^{0 zKZ=!0ot8N0Zaci=YrojU{Nj`Q^T*tH+z|2FJ$VwTr3Sk{zDdDU5!n+e1=J|KO+Xst zdcDb@2WGa%cq%AM&y!ab7vF4bXm|&7Rjx}~6|RmIIP%sthdm(I2Yr!QK%BD5YP4MQ z_R(_La>!_fy)lfO*R{oX^73nw&<9-Zj{cTA37i#_TXfz)?3Kb627#cyFjA#)<$q^UOSPDi;4wg#3hIMsy zgWs1Rx%a_op10)~l&NMy7Kr`)w|oSSwj^JRV}$ftLAmToReK;#A>I5Y-{tCE)un$* zyVaqJAy7KG=O+KtpAt3o)sH>|gf9DtbM!ox_#T`Rvv^Y4e>65`_}XzQD^%P(h_@8>$q_bA_98C=MMR;;U2kd23ldhD9b zRIGQMckvp$ftT^PQn~mf?mrHIoef_0`om<^D-ekbeUb|#$K6BjQmUjoFEZiw#dUG4 z59FtcYtvvuLR7YVj_5HKb=@5gzfEU*RbaTO`O}umr<*m*zIN7Lq3@Sqc1)4ke0yvD zYRN`eRewzX1Ml8!eX)|6<+Ay#PcD=9>i%JFGn|S#5%JJFh+Kc92L;{D!WS7}C@NrqT+qNPxHp9z1aWlPie%>-4 z$MR@%uRkW8UeJC0Oa0VKFfIsPUR*Mu^V|3sHeBXxcC|4AHsbuo)(DcaGXgB?HwL3Zx`kv0Yzb*RdH2&Xx>3Nee zFtv3OF`{(f0HiSMyU9slOn%&(!}Yv#SN(VsWH?6%w~ zAg!dNG?eVb{4(er6uY@6V8ire(ckGg0eaR>=BO%Az7}h2vnf!js&L&1x&B$E8466y zN0FksCT-i|A8wd~U(H+Lz9n7#&k<_>7HrzyqE7ZRoZytkk4x_!r>EQ;Nv~Czs(0yB zg`x$_a^R{?DmHFk=QD2Kd~a3Lv{8K%<>dFql9||UGkyt|7ad*%VKA4sF4}#M>`L$d z1cmIgH-4<#UMWW*Kc|&Iq6vW`8UsYpR|i?HGzccyucHUsJuA0QCai8jL7oM zd6Y8LXkszMRPI++D)!#yTNJEtaPmj2RPN~=dNy-u6(>mu95l4Ihga#^u}2lx@0Y#B zWi&VoXRBL}kMd2BwQ1hre{_-xj!R8^`8>j61UgYy$N$g*ALDh|bFEcpr#{BHDOl#x zCtqPWMHyNmn2_qM*^%f%K>LE?;bLC<)F(fN;IGe5nMWn3U$fkp?_GtdZ}z>Q_rN)J z0F?vz$kp(-^vtK67T7d&TznlCJMO><^QbR_$G9b;6VTronQUe5i#G@0j#9^Yi9ep6 zYkxYtcXiRe{q?S|y7jter|*RikGDDi^>`DI)y<8)MvG1`k-4h;)B$iAkz=J!dh)sV z62x0p`tcEGug&B3jeZ!LxfD*eR&wfMbs!DjBZ%E)fsqNGvFYBG*sCLM4&kP;E`@sD ziCG7$%}2ey67yBPQN(^{gmkk?SLL{VtM~yh(L$BLI7sBMI7Nnrzp41&u*ZNmG1}?q; zxX?yPh;z#vLu%+bobXi(c&pR6^sev^U65Dk3{ugKzEa@U7ofJZz|{ns2S#tKiCkE4;x1%PRnn`9;DaD_`ck5(ej({NCnL{%_6>Ww>Dl zad(K5_fp;jyoD%;2Ao}63dQGq=wuysU|CCO1b81x=BK4na4G}d7==0GX9pQ-VJW-~{Q9`drw9CKOJ4#)2!IEF_bNw`{|05J2~Y8V(S8Wo z0CfN`L=OT;wJo-$Rbqjem$rz}3Sr%7`Vg|LJBeQCiDs1et~q z1t-zbuf>gEp@$j%eLr3aFFt%Wm`L)RfqF(n0&v!+9*ko_pgU+{&LdDKYsn95*Ff^J zZ5o<_0@V3m5>?FbJJRoO*8hv9#`qCuoKo;54IU(s^POKof`Qg^$lxQ6JTO~PIf0kv zmtLeE(En7HV8%ov{p+X!-N)-)%l@ywi~_1-)np`+AMX$u6NSm?7qkXg9+wAceG2@- zfo$KXR_wEa>rZ*`$j#fmP1vk#eH<5kjIQd)0nD`XDZF2BoJ3B_qPP)!$V27Gb9hWp zAMhpoKKF*`1;w$7SgwnPytTOx(}*}IXyoq7t+4!CL&GpdACdaPhk;Gdi&tB~l%@Nc zk9~nReal66LZ6>+ea zwCq}J{745`PN~GUB?2lEI5b_fa9vY%|%~biJf3#hM5g9@~kRkNFgD8i{Rh42a zoVW$8Xw8n&#V?%F!cKeXNvz#vJ-|1z6}=%WevFqCz6vr#XQ^V?wGow+)2KJ4cfjsQ z)E|)&zCd>DhYO~DY-D!c1x3=E?!2;_VHYmWU+p;5AkoDLS15G|OseFu+IN`VX`ei% zU@!~AEX zV_l*U`Le>ROC<=og+KApWkP&78j0j;PqPtX=nO#phod9sO-AMAYTi#jZy-7NK7 zncn|92M5nogR%)QI}O(G|E6!__M7lw{_>e!a2Q1ZX)39xY2ncV6X*;{VyK66Q7G%t z8EPNUlgkD@xo3p<5~MkjEbkSDd+9M8A6G^8x9U`ES=PmpKe2y#?S^0X3y`Pc)qvax z82V31CIjx+@A<#zp(hydIVlN2K}p}PN-Z;rYO~n=M8*TOeky5bY2dq_QRf#U&N;-* z&CTGsr6wjO;PUu>S6A0FUBlV6v@{MVHueloBffVLFrUVL9M?_?!hR_E@y7dB@ z@kh7E)iLjN9z8>Lg!P|W>`~4IJz-QY`0+fB(jRE(*CiK)=6{Y0-e%LSneT6qQU&Rb zPKffpzo9jr4ian9R}@h%vw~(^A>rXy@@85(@iHJq=;!bMVcK5x`x%u}jKjoh$o!b# zYB3ycd^;K*9IG_tAjlOJy^CAGEDZDWZ&kYsWeTF!fIRYRmp?vBcdo=(OsUDY38mac zrKXOg7ql8Z44_-t&v9Pq(*GQ04`+0$f|3JbO`XrG0(#Knz5d!@ZPZI0Q$Yey**rr=>Z04CPja zf%sqKrz_Ec5l$1Bxc*B{1OMDp=RRJ|s>G|mZgPD{YVI&{%b8JcL5)}7f(Jz;1E+~? z!z-|#JdS2@(J7$K5|YPKFm@v3$1gK^|Ad+}P%k!P>Z|rSVcZzP8ZwfGr7|fn>x|E8 z2ObY}+L6`stc(_Z{1GXBlg@TYA&Ak&?PEolzx!IX$uJ(f;FJF_F%4q9b%6&dJs(^X ze8MeK@Q#*5HK><)CtLJ;i%)rfI$+tLBr)uMR~-{oz%ZI14U%Db_s|vl*dg8)^Bp*y7l( zSPO-uRb1bMZ{J_26b$3h=U$s>4+nmnIdtDy5VU$%Xgy@%W>5es_%@!vDaxzdSLrc& z5x&1?s+GEPoihdfZpa7&e^ALsU7_J3O=AtaEXK6Z`f?$^Yh)0 z%}q^HkW>dF;59|Xx8-}IZoI4IYY8x@kcbFsxF({%8x3i{j@wef;6~FfgYzhR(Xd^> zBa=t?8xx3su9gGeigGj`l833%OB1jsxd)Lb3%8;)<45lidb)K6mY{QXlhUe;T{!YU zq&K-Y-L9IDWTyW4t_ChzF6c`MpdV|Hfn*#ENL*4j(I;7g>184T!?%M$_U z)kp8)R+#w^qIq5Vev-C8WFUnt-J9Ri*mVs2l_fTV<2NgEExI?wpSwfd!}v$Xr$O2i z$^RevIzLP;jGh*J0J)UAWt-*p?N}%#e=z(@T!#go9X$Jl3-5n0{DX;qh*YcaMPHjQ zZnz>x3;_$GrlXts-_&%@s{c1N9h#5Vm(Ck!)bMQFj2|QpIHvhL2Lqr>tEL_X|2+MY zgZC6tGvj=isC@P`s8z_1?ii*nnYM^x3VDJpPnwy4R)5cVPagFs(eU|aJdbSa6z`&+ zu(z^)8EFjZIXr)_L3Fr-Kl+%aK~@P4b=yhjwRbiW6P);G8OEim~8%qe-^Nu8kVAntu zOeKoy#qOZ` zo8M0GB0Qb|r3F-h+g4NQGrB>qnS5JzVy{sa`|z1l{D8VbVwKa|CozefdAQ*EBqmIQ6YOC<^@gc`Ml1;=td1{$Pm;OCs5o+DW^=a4G;Pf_t)B8-# zS3GIFjQsa3G|qkGtAF)t}{i{k_iE)sN5c5zh2i7MPAuMstK6^*F+t-T-hc=D28SX{hdg zvuJp{gcPWQZe1gyMJmNPSI;ym!w5L}KT+&nVx$|o5!x@N$=Mo}&^XIX>XX{%;f@{$*2(;aV0 zf2tX2j*sYvJCM7Cf3Oh}3KnSII1btcC=uB8n<#;ME}D^4da2ofW^~03Q}Aoc`L}4{ ze;-ZH{z>{i_1rw(1ncIc)nBFo1th~8cL^}S@#-^r;HJH^Y@3*+ZtY+d$~xp6-n37- zU~D{!zUzRGc^PrDkp-910Ca(X5v`)9#|=c4T+?=X^U?AWK%>uZ|JRFZm_naZy^$F@=A~{onFSN+LE{hn2s?tC#Uy850jv(U??0 zlC)m51!dT-ikm*Pov=V<_sk${6eO@JrZjc^hccH$ED3(Ts%QHMuh;r0jCZj(c6E4t zCpS6ckA4jh%CFTU%1Q}+}FxC1)4+!_G8-)Pag2&f&6W>fsZ%63ebGb zgUL4OFAYh%q55WJIuoGdF2^aacW4FMLK^uqs;HIs^tT%l~ccr@8Zaf8k z%lVFP9Ah%Xnl8pk*Q{M20%?}-HOXRv9Lu-1u90w&naskQlKs=}!)qu$b+_mTnJv7o zf6cp-BskuSq_pzy%~9EH1v!1tgk`hW%nhgb2765KkT8mC2)~)>hEXAD+>L-7mB(qq1uv zA4xEG^#`yzknG{?L2ekMRZ-Fxp~RDM^?7&90{nxHh6)>UgyWybXy@Fm#B8UZUt$+j zmldJ%w5z%#^ih{sbtv(#w(O?hdxi3B0&fw)eo+=rBGv#Ig6a>~=5K2B`!phC*iNzs zJiUk(U=OWf>rJ4`JrcJuZEQ8Sl(zp%?hBY|f00-)|A^kn|LiO>9rCP!9mqp|0+^G2 zgq+%I(51XYbOMX9m{vcErAyT4Ke)te|ME4AlaUO>jxx-ycKb1dxm?l|IBCu2<7~EE7lhd{0sdq8N6YQR`TR;a}Q{5&u+;inP2Lplw2u2hZsrOUe=uTX&7r>yV3AE5fIZlP#`MA)nTS zQMaXC`1~dwN92n}zLr4Bh;fJCu4~Ryoj=A3-hXcPVg>T@FYM z4q=YPx8d7BZBJ|_*v36h4V5XNhBvq;Nrwmp#0gqaY+xSV7*mveOj%&pjYM@FDe(O# z&yUZN7bvLoW?kwp(Swod=o_+86W|{GPE$vJ7p+LU*4*^G7mc3p5 zA;ID~y}542TK}AnI`p7^7=JFZ;)ar?>GmHHW}Bds$3a;+q9>8*$~Qy?+f<@@LJeQ? z1yrtZe8dPAsr2TUZy!zRjMtqUPW=M8i$7NQ;4=CBft-J^05CuQlfIl_NwEH#<2LFp z2ttL4+tNBLO+`|JP!y8qaOvJEYz%=^dBD!8G$#1xiC@SV4bUO*1 z4^GH~^A_r7Gm)$7(Fpozc7rV(`BX(}$7sGMGzCTk?i%{!2112_XAn`QSE-P5+~1iS zZiD%E$|5xi00Ogm21@+Mi85zz@_8w35c%K+sohHP@z+X<+FH&aPXmr%vz+dr(?2?% zT(G*iWZ_A4kQ+>IpX0?P#@|Ptqv?G=6kf~w6ucIqN<{rvM_HX|8>sC$_lFNiA+UxL zCaz+6P!^rtcHNPo@a1SVuJ0E~5ZWMkvu?!y=-v5lTj+hb z_Wm!?F3(C{?TAgp7*-(gc1iAQxgiPcej@U~Ze1=grTJA}Aqx23{n`X}8Dc9G2YJD6 z8puwq|CUpD6_DX~C8*X1b5mhvCu;4NrpAP&$d*{q8faY zH-p(3Ja~Z5-#B)10}H@}fm|b{3S2l4^qkIz-?Olb*Kya$)9H49FpI(Qc=>|cPPA(qN@6GV}ZThYdS-M0aq(>4 zPza=>JW%we<*YJ|_~U!oyWG$wfdhAexHNW*!X0}MqDR9pGFtRx!REC3fO@*LBhBa$ zj>}}TORmy_RbxvE_ln1!_DBD$YOOC$0WI6sQa_yur0P^2V5|=Hs+<&PT;0zymsds> zwM2VSHujc3(e1<<=#ag_db4Kc$M~alu-0*V>6q854DkNq^DzC1Hp?_F)Of=N*QHc~ zaaK7f^I`{$3Jb;9ePt!puUa?}g!PHJ9u=CTt9MH~PEQ}TaragcWh|a7katvdat!b5 z6@XdN7qA*(7u(O(@zgEsLraij3a=?&edXO&WN;6w&Xd4=bO#4{t|lHK z=P!JG39_Fj15$%6@ZV{qhW+WGw@tBkd+#4RLg7B3scwiZD)W8Nyr6p0k+LtOH|kMS zzP|iMDxT%s2Zcn^M?CBU#-!FfZv5sCv`L4P6CJFutbAVjtom(Qmjp_zn9c;e!aIGr z`au0zbr&Z-BaY8`SY#oYLUC4`qFk8gX9;Jiz7pI)VRs#DtuOjZ zs`<_fo%2bw)^X^<<+c5zAFp)bOl1w-gr4#d$Cvffev@On+&R71)S?M9W`B_u7+!&= zES@pPMcyn8nNf>hG|m{9QC}%Z+&D6Ey&aa|GvBCiEh{a@L0+LbvoN<;men`<9LDu! z-`nzMD#7`-owAC{-J0}qtIw_4xel}j-jQRzn0(mnJoodEL(8t`IS#x6E zzph7?0Iwlkt%27lpAdt}UKD2M(z5t-9+Tc@i;bho;G}G7+n2~IogenvdN;f;v9lb0 zNwdt{?~z~%tIUR(WmDz)z+%ogb570Wc=2b1kG-&rIX8%L3B?%+2pMx!7#q)AzXju$ zs(+(3%H&AjHKN)qM$Xy(l=}0wlvuHw0+|27Rjf+{`cqlDN!VI%UWgax% zuzsD~yIo{Is)Xa5bFC`y7JPI~2 zD{SDfOB?P=uz|;tZ%&_lRW4WZp3i{%3w{_ydiMEk{{ro)0-j%`u?LRN_liZO@z$^4 zE@$sYYDg2n{8mH119I9nQrtz4ih4O4A~N0=c=k>t^S?&rzoyj14jjL0MJrjcQ)T>LVIa`So~x2_1R zyvx`vNO*Ff<KMy;aW_|lIO+6s(1h5CZ?4#dE;PSAai1_hXZ9bU`AZ*LCZ9w zFBPRZU-ukF`RAi7?eR*4!bU^##h%*Wxru98& z@c4xyVIt3wl8F9u?CV6o()1R)-HF%F6)BRd z9>WeHl6lq7goA8FsHjodpZI&f|0cqn!fNnJMJtl0m{Fp6(faB)^yE!gLww~>6__Vj z*`|CtE_jJ}RvD4wnSgWc)bY9YGy*2_TO;%O3-YUFM5xI0>~jLL7hggHA;uix4>xOG zBCm`GuY7^Uhiv#B*tPR7-;_hx_J#uDj5mCKs$*=RCrKsvAM)kw2m<8g5X}aBbpBMz zj2kTcj%ZyhJ>zOq_Z;)nQ-t_cGPerasFGuaXRAAA@$h2Vst>Tq-7>$CFNVnB_+Zuc z9hObtdnH1*Q|V||ISSU=XO}2`+7FAO;_X^8O4?|Sc{R;K)AkvT4g&T7rpG)(mUh|%${!!S6 zu7n_$(KK`ai(y5uh7&gyL#HJWrkI(Vh;E&CN_%h;Y>fiudjdbi1ZIXXfe|Kzh%JU` zh#8DVMDe}dOPF?=w)F`vyZ{aB_nO2S&0YMopNYy9x?gq~t(bHbx_nESS3M2C6Akto z%=h^u;^GMxAw)1_6KBK+1CF?81Iu71&-Ut@0{*YV5^2v}53JR2DPK~~#lF_}dUR3p zTTTi_7Jf~z7e&DM1|}uhk5~Vy5{^$@24pe;LO%^*yI;8C*AXHuKHaO47cS@dP+7;Y zK~^c0dDHTFtv|8CMIZ5L@W(A=|8WoXpM^cNd!F3j9N}!?*P~Xwb8AiMxt|u~GMKl9 z0+wFfYhc$+qJp_lL5&4cAs$&6Ol#s^Xra3lSd)HYxBc@wdM@0?_=`BWA~^?>3{=t{ zztoG#HtuIko*j&OKJv|H!jZ66+~);Bu- z>3FBXtw{Qb6)S#6`Ahju)lRO(NZ*U^onRi(PLDKFW6@ln4mxh)t6*U*Qa`wSCqZ_g z6L`)aG+ob>5NF+8Tly69bu~?O!3yzZ`UvukLedj`f+@ zilD`j+$TTm&U<@D5vrxC)G3U=2=v`UDJ8sSJhrVoGB5om;Tfwy71WSsKD$j zrlUHg#l2}W2o02Pu;D2-ps?y;Ik|^{)&A_(YEBW=QTlD+(FIX-a|P;79zshgS#Q^+ zu8_UDf{R6e6&oxZlB5Dh+;Y4G_H;y2NygJ^j2S56~2Hb3%+o#|x zaKItVOzD=DIz=eFaTt`#SJmMYE6K~(H60&H`Z$5-mJhVH;Jjn}Ivwr{U+30LdX6VQu|8VsT9dblgou2yjtEovnJ;AfW)nv~A+Bly` z|B|uvq7nR}dM=;%5#s2|<-yU743oP&15?8qRI?A3tFFrZNvrPi3g+SDe9tvhc&~s% zJ>kjZcXqkhhj)>MBEdtUvu0vO_qxc&0-PaVIM<4K9Mt zlCcKJ0ZsjwNMI$QJQqK#VAo=y&{{=AME9bARm8I?8eU}E^f2W-nUo$V^e9{8U=N1= zy%Fk|QtShQutS!;iT`5)EJbNnTwRm8SIC#q7Y^2`2_4m923+wih zLag#pV|p$giibz3aOKBWqKw+)XnJI~vBZdL`WVwqwGm|`B)`N#{z;rs8ukk{uF6Oi zc+kVvObTZCq;d%Zq2PzR$U*s25ihKoqoFBjTS zkeGaVQU9d4F-(In<0e~Z67tJWL4K*(=rps=u~W`b!0|Drr6f>=BMa5bOCR^A^o|}= z&P1rZmJjk6DLBA+Ox{EshYr=iqzR*wdw=g9jP3n>xBJhX0$@ya@1;2q%lUl+{`;R3 znehQ=TT*o+aRwtCIKgC(L*b)RAwo?O$VV^0N2^vF&5qyoC+LlHnw&t63Lomz#R__? zcMUuQ#p)jj=Ub*zo2wuOkArW>1TnHNz2jd)X@yVQw2^*c#X{S-5dSg0m@;KOA+8)X zJpy7*mN3&K9v^s+C<{#eLlv5H$U+fP!(#x#F9Cu5b^aRi$LZyEDh342sDN-HP8M|W zz_$hDIp^*|EJ2->PjtM9jj(ufo}{m;6XAi}3W4%9c6sG?at7)w+2!0{Ja?uq>>Tbf zJo^2UFA=1S-nJATc^;Nn4U|hM-d<9Z*_D^P0-OmI4CX4oMUSlHT0RYd4?wRKE4K~P zrlx0_t9_DX+Yh#a;<2-7RzGs?jJlZmUwQ&09^k9ZUi^gafu|~e{(Sj({Ke6*bknCV zmrp@?fix+F2@?bRmhbC&Q+ye2J}Na$~+lC39VK2lmRH8s@$UD2kWJ^VJ+!qz*~UVRHFeVdTo|QZ=o^na$f%AiNX; zDsuRxcMMqliz}SSF`GA)|Jn)VNSIdB#{@T^1n*@4UPj7u zf9^_&-IT1*_>0LCdCM{EstG1nx*khU)9GQ)`WTbM@u<)-*{dA7oliG< z`y1qWDjB)7@?jC)7an|vCu%C6JAVCgDR^S0J9*}F1Y)dL&>kX(U%Y$ zzr#wO0;nK0V~0RVXdl=;Nn9cnDMs~geRwIYnTEd@`Elx&_GDNzHgQy8mD{Pi;wrXA zwbz^HqlN5^`?Jo?4HjsZWCjTdHM4SMet4~46xJHarwu&ZYH=am7y;W+VNj{67*HHY zRZSMRx@Zp!2@p5xGHM6l8HgOwm@8L#dUT3{_q;FswI76*T8hJGF}Zn&zR`3Wm3E%V z8=8PhDt9i;+}eFd5HKU!*BXlAw=5jUiWp(hE_Ir_>^R?(x=!&3&dA)ySFUk$ z^$JJxb1I^6nRF&DL7V-Xs)uifj*NDD506|#WIVNV#4R56TpJ>8w!yYGH;0NH?RU2* z)2#&3hvRY`%&ab*{uR|CgsD0@EaTM6 zt!>F}+gnt9Sm{uCv^j*As-2zXurSE~2~{uryDBo zOPnmi4~re)dst%x!3raXr5fI_*BC~FJ5CJIxG z^VrmPnd+2LxZR|`umQ>kHb?Dd-DpjpL?K$ok&V@Ueaopo_4Iry9~Tp!h#u_||H|39 zp!c*>mI?caqur)_+?AOmLw=~eAq8m1&S5fFgiWSei@z8JmPd#kT~HRiC8PEuQ@0Ea zJSEwZx$m^C=;~k%Jyzg^h0VmdWvLM|c|4j{!htTR@r?9 z4kxfJtArQ1B%%)>p{K{PgP7dWo}ERiD0kUD(b`r$o3O>9HgFI6b#6B`6rwXX-?v5; zMeKOAk2q^Qtqg6FY8^kt;A!?f-qc<*-fF-2i%NlodUsZ?`_8n6q;YeM^9UX9%=oUD z?d$`X-rzu&?N8M=zX#Hx7~Fq-_pT}*SxYK=ilOg8X*ILyg8(ls{x^9Fk2b68CkL9d!^d67OhnI!_}i zX*4^DHA*vUUeZAV6A>soI6@mDl~4TTHh{N2{YIGF7+PlMgy4+$>bffHv44L`l<~9y zg(_%#hq<8hG*~TLPnX`yO5z8N$!ShqY`lJLnd1Umo@sm7Le?0U?sD16s5q^Lu1A5@ zNNMY||MA~c)%9>>M?(>@^MVq~xp zF84OCT}XrU=Ev~B(oHSqDia|86umhN3M`(mo9oYxbKmZiS^fRZXsX2Y3f3REP8`?e zxz$;6)I3vr%C=(567TwvN~Z^tdL!#YkD;1taI%qrQkth>HFKy^?xO2g-y<+P_@z%}}R-8&+cPVL=N3HGK#?cR> zpyoXWcSZ)!-<}4Pqd%EUBXdY+d*!pr?GkqKvU*AlYa7JRxRPok=8zCCj80Wa?CDT{ zpY}>S-|SQQb`5cSHY#o=)@$_Dtr#8aiu_;yxki@@p#uKtR$jVw=7Q*TU>kgwlemFEf5;<~U&avv8WkvhP?A%}kzMBF?4d4VVs zFq{Z-*Gk;%CKLe!j}N7ii?IS>GHYK|&}}_Z(QN}7kD<(mGYPDGu`%m`F3+MINvgKb z<<-n>^y~3geb`xR2USW(-iI}x6AL9P)>oTNjC)MuJPj+Krl(*kTnjWK&zJjh-h5}^ z19u?wPk-OZ^IxbwarO*NHf8d63iqd*8Jc-59Es`KrE-eGU*b};mp}+{3l{k-O{9@- z`~43rD^*86_dO>anXhKZFI=FcYTEuY`3S(dc1_i)t$od(W@1eJQ(oQLdGBKfxX=dn zD{+@*nV%B$wM6o@a^zZOmn8K>8kN>qHfWkQBTOvNLM%zO)G(NXhK$dRMz2yKZHXlUcL87Q4F#t2tZw~Xh_aqgV5<)wQgTb_%t>?(63tV zMR{)5VnXf3r}O5&7U^`y$(M;X&e!ZQJQYt;*pn9B{e7alHa)w74ak1wffpS!)iQJ4 zP#^S~?ZO&Co6MrJV+D$KD&A72jo_eKO9)By~(FN}x45I6<3xLxm>S z-9^!W_LB{R`_mR`m%U8E6GODkpbR5gS}Jpvya=tO8Kd*G^D*-poAB% z$vQ7{uUcEokP=*XuW~1Fd&cgwZ!-nusz$BvipcKB)<% zOG4>B*L0myInI4QSTmLK>9e0C{mpPvYR_r2MOSw%#n*2x(VE>QSn}8!<53dXc_9?u z>@QD%4)}F+2`^jwuKJXo)^&1k-op4rmCbsKq zd}eH^AQ_`&DxZv=KHKS}Tuk}$S@rIzW~_#;wd9)uyrkS=-w>L!BKtY}D_;5p_!^g-cO=b^ozj#tG1cM1yYVBAP>;SBLWrvGbz*GKf;1OWcKsv|vA zXski8ViiIbwVQ4rPtuYa+FRec+s9%sc z>gd;y?R4Rg^eMDx>f=rnhA?dD?#}FHZu`-mW(k);DX%58e)Z|S1GjLSsjKrFf}_{8 zIUSo5n(mAoQkOsDe0q)JokIYGbqa|}E23Rly4o~?hveo1@xH>_KTjm3j6@I3>1#|+ zUzloU2D#3qqA{jc?Hl35FG)hXPsK37IUBaWpnt?0vM@3J&A8h8Fv+XTg%Dfs&jz6h zPfv;xDI3k#f&4l8Bf<>c)zo;;%aj;>_v`A*l{2y4)wvTY zU!x;658X?BlF!^o|6Y6<(hUE=3yFW_g12FHMjI)EZ{3IGy7oBSVdj)e;?+r}octKc zj2b(;4eZ;mgM~MqOiXrtx$7rq`aw7HA=Yj6_3P=_@(aU0SubyGe|*lNtDI>`(rUQj3!HkAJ4-JL3v=P4T&_Tb&_cs!ja6UwH1nlt_2 z!NJ02adMo?_vq*Rvw?iAh3c*8SwEYbTlw}KwC4hNgc-=*JFSrgRClcntaIMPdek#` z>7;H|7eASto>UUOzONpC5^W&Fn3GY-U9vr)a;mXx%Ij1t$qAq7fgbXk$2sN;$g&On zkvcIxdR~E~sv#YTLgYD^;ifmlfF(*(pMH z$w*fA<~ct4{(isve(w8u{`$UNeO>409LIUg_wha@jXYT*QfAXFO|{o~C6uloK)`Y@ zFiwc#1Tplp6 zzoAB3u;A(5h1vP}YQp04Yl+qGk1w=Gxs7vfNVk?cTKs4VOq+e0?6y=DP?lBhGr#4T zG9WO!;ER)LU-i}LwR67)#426O>k2PBbbAy^iGp?63^s*X#zM27wdc#Dz4S;`Dh2h` zCcZxI?4cHx-n1R!HVd%G_M7%TEIvDxkdNgyTY9`T!85YDuHa2Z>t%TQyr5B*ay+9$ z?V%^VVU5Rg8F+?mzM4>3cVv#zXdrWhw&#{pakK*{-}VJb11v;dYNTSmWp*x& zY7fW`kz;nRO21SJETmoNA&0a_!S;g;^5aa*13EAUdybOQoNxk;3XIf*AJkSA!&_|d zVgkizQ6&)!*n({_AS0#ZaZLjMUsYAq!@u0VUlHh=&4>mEvK!}uFORKS>Y7^BToC^A z+WUq}o}v4DJjd-H&y@P}w52bot0^g6z-JI~noIlfAyYeFWO}ueGZLO3M*7CPT&0cd zGM`z-`VhXU@L8_gYF}S&;5Yfru|vAAQ#`4~#&7#=r?*zmX~%xoZDurg{22{Py4(cC zHCjdQUmbaOE*ah@>K(`?`rWs+?!S2i@fEda+ndrs<0EP_2b#P>wI!S0s|LUTw;r%f zzVXIe^l0*InbFc`sSDvr)1A=fT_P(v_YNJNqvoMSlBq`c)z0zl|i)ha8aYflrRMY2;}6AJX-0;S8n2m!a;R^L4t zbn(Kb-|*byt{7SJkO6j{=p0W9gU%R^?l(t+M*QqybjK%XWjUaEaYLESNF_El7NsV- zQT`(b=XT|a40~|_PeG{Y?`vf$u7jMp&R5Lz0?4Uji_Tqf-kp=Z2N?i)-=l*I0`Q_0 z(E(kf$rw~Eqt#?j9Vd>CkSx;`dSZCM1m%+TbYe=I5jUoSGNf5CtG4vsDv-x?#~|@D z<@;>Z-F2&n)rB2`_k{r;F!`h9l1W6nLp@t{gbWt+M*EJ`vzXzm%+*rn5YJ$wvYcN*?EF9b@)422C8d#@yN&&d?eDK9!axswFP6 zx8TGgYLU4z_hT+y_GQGvLho$H97PSd!d>O@(b3Faj8E|-xF&$boX&GZp^|gMY z`X_Qji-HsK2ez!*KLDxGE>(b|w5J&a6kKF4%lq?XLS|U##;RSFF65+cv@ z6!*%x$xezH2EwvKHCnIzhw3Y7u^rvM2dZJ6oOR{B+4NbTjxrgqu>HTiugI^-bcpx0 zMTka;e33`V`PGNND4mL zb*C1+I6Izp#mWnO?Mgk5LGZ!jCYZuE7qeIK(P9>nB}kFlUmW~NinWu+Dc5~5zI}Eq zuM;GnhF!0ccG|6WaFq#uRlL#g;?+a=>n})hx+gT@Zvw*}5*Ti?&wfS7Ljps3o5*?5 z(j)qQfQ7CZ1D2FOoCFheSE-Zuk07Y1K_2=2;~&AJJUAg$Cj*GV`W_}z`Nrz1;ukz1 zJ?jzuZL0^NCh8G8dL-a&&@(pq2;5#%1QK=WINuAIbYhHeH~MEVQp~>hq{x<@d@5QK z2Nl&UXkpvLUc?5iCL0opn+zuNUs zdL4j3yg~-;V!w-g?8HeZrkK$lo3WUNELrw;R5o4=bIE!Gd-1#DInaB+pSRyt>p5Oa z7zR{v^J=Ec1=tpkTOJmYYJ48i=K`ivhnnP(zjsfB)a%F&ljpIn#)qtV%Ywf+yvc?3 zQ+}xxr3?SdR$hnrg5s z9_&WA2uS7x4hiTCnG+#txkwsu(L1{o{?x;3iBtssGysDXAK%Cs{k0ZQl!!?zld@HS zg(|Wi#tEvqcmy`Gi}^r1A`4gDeks}@h6xNT!eJZ{5kblZ)gCH7Yh3o)KTRRMSt>S= z2vAdYx^6g)B&>hMcJZ7(PpBJpj1iEQJ`q4p!bylE_5J;y!FPqD(2_2If#}p5U-^CB z<89&;k^@wOmrbUCg#5pxw`y;D_*!V7%UQFaQMDbRgb-n@ew@cD z09jGDyXr5uG-}`NAC6-=He`bJi4IlTF`P#1*!opR!#%yX*3oE_dPyMkWbs<6vaG6r zPD-;GsiAz;WI@Q6>Md;{c|1sHDjPuQE5xRN_cRnzfQ$ik!_W$;^#UjWiq+Bk)WiWw zAU%c&af(fn#s{a)1Z-S5Yh=aueM)mGF8x&u2~!b%?H^#{SNOC_U9}b}lmX4GDHK4M za?G@>q;+c!qh(0z_~$*6EL1}3Y$3t`onG@e26%hFwASM@;Zhd$Qv$RN!zM{y8 zRkS<_lY5nvH0?P4`HkZu-(VX7E49g-^Ts4$flA`d_OP-~G4-v~Ou$R>ltd@hcQami zr8&}ZI5)c^GuD{&@|w1;iQUuyB%jz@-ay_apx;B#jg!i^1mTLZub*Q97X31`aV^Fe z2&k)e^YSw!9-p>%?<6|~WiBvOA-RYIpTO}&N|84AD0REwlH6c&E`Tz*$5;GnPzf@=na~M- zXSPz2&WKW*heuOzx$G5^#|#jx4t%h)O6@V%a>)W3v$?%CsdF{n22+2|kNxFZUpff& z2=MV_;2}U+tHFvwV3HBd3A zC_IRaE;f`#@Cgko9$YjxxM)=0D*O-#JXvSyvp+*@~bO1G7_n^^Lt2 zUD`i=;EgZg zk!gy9ootw1=DodyYZpmHr2zH>0Yc! zgQLRj_s8)@FqhIraQSshOR1FLbWh>fK)8gkQ&PGt^7UpYkj2C1udes?#4Y+*CY9{X zJz;-Kn|xhDRbc1hkPY_c3_9<|-H#n#;gyZ82`^n>Dv(rt1VqL?>u$>;Zf82E-S!D) z==b3MwGY^hWFQ`Dv+sdo;jZBPf>Q=`$a6b3ldnQh^PKiv!=SO30#G-S9;RfS0t@jE zrUK`958eUlt25byf&CIF)GB&{=qLWQdBS4&1%BHI8~anE2LXm|W7hCun`fCnJj#u~F^o*S1+aF)i>2i|nI=^3gW<;+WO3eUly4dUL!<8Lx z;2jh``ZvyrW({O&+!2ewigh90)JFK{$Iu%%1!+on@S?;R2Y6FhYWK#ISTarY#QyGx!@ak9_Vz__-*z`5ZHnqU z#^}yTpE-$-j}xMR6o&uD?Nr8`YRms~p9Hf)f*CaOdn~YJ{U_cs=8>q~Fz=4tdmIm_ zFil6iS#YS{q1XW`+G(JsjUd}gz6P{dY}!SP9$9#wkl@Fkh@j?QKPKX~(AJu}sc1Ch z@?m4JU0sgGLMNbZ_qWYzFA(J$xs5YCqxHPMO(0JICuIdXML|lf^{?SI1vQ9!D$4^w z6jbrJwV}K`Burc6OwWt>#R-_#!D9x~jh6QYBKDT*vYVbnMMbs2`J*+*eRQ2$qG+G` z_NnkEoSNDoWG;5zGtL*;0&HdX&+V00ZLO)^j3S=vVW&JdqLAR*&%VKk^YTsQr{^dQ z^ZZ1zZJOIqGL@pDJI&3Fdiv4b2}s0kOXj^i#+DUFSP-cySn@TJ&~4!x1LPXfr%tcO zc5>BpjbF_`oD(3hEXXj;*8FRW{XyDJwmJVm0DfE3=RGXMSRt^(N0X}{bbESMnE*_5 zn!8!&wN%%WB($;b)FXSfcsx#6FU8|t1XL`3G_rG&TW6=ZdI|(+LoK9o)HBgTe=_~m z3w|}Fa;LdF%SgS-d;P~5jZ8)IvN4VM-wYe?V^i=d)Us6_f4=1ZW);H?S|9@PF>q7t zkFz55KVY8;L4+9+iN~_(Lh1Mi_78#NE2?tBqcy1~Q_bkBQmS`O@4~244_jq&FDDrS z+x`SsRNzCr@v&D19Xj~v+4#P6IatbQUR~1M5b=9nKzaWLfM7|Ax-zdxsx4AW6{zP?Fd0y+^JqBqkxUW zGju@4`SXQ1%zTO4;m|w&)(U}MrG4@_p(F3Iz}uB5FabuZ2!|l#rO{(GZjnuCY2p}; z1pZhe8o{ee)HJ-Iu#s`+!_#mzd26`9pW2#lKIkp$>3|e3`)ra^MG_=DSlC6jy}Q0WTpe?ppw!FIh5Wkt)N>Nq z)u_7lb|11-ca8dkO#`OJ_0ozdy{673N(}oa`-Y!H@d9g>eU%mIYW%hEY{?Yp*B3xE zd~}KOhNHRsqh0CuC@i&A$~DZ*qJ;%?)#NH_s`!Hw1WT&3L2+DWqRcVe$dmrFOX&9pX4z z68$10>^d{d_Z-8U7Hb}>U^%pHmf5uD%VVrJw!*DnZbs(0bYL}tea(ZgJ6jWeiT%13 zx>R$0+mJ>pC_t}WZFmsdfg+axxJ?WcxnhSkE*IGk4Qi+5HU_u;&K?~#)GM3eYVRsw zQ%T^><>eG{P`dEcVW2=yc|}gpxC6Y}|8MZa_^3Acr5_`%&PsJ^#)JM@jq=^IL(vWG zI{w<+RPy>|cdyoYnB>Ovck0j({%t#0hn0RQOK16Odyq(BY=@!xDrhw33!@f7w=#A zQ6_l3aU{oD_PZ{~Si`-Thb@pHCFf~+ens3^<^|e3&>g=ZtzR?q`zr;FS`UeR9I|lh z4IzaMq7PRKhrT?ti~V>kqT;v#E$IKX3?=&&FyoAdch0u57duaDA9CHzFrS|+_L0$i zZ9P^I@nzat$4utbD?wxy>_}$O6IqqNzX{B3KSA#!`Cn|69lw8V>B|n+_ZaX+Jfg*x zCD?ZNYKjlEZALY@y~K=)Mn5@lMon(;pbAq5rf#?Yx*5z<(xj1f9O>=B?*H!qj8BcS z#>`Kh&^V~0*piu1ln{tbG{ypJr@2|C2_=W7Hqi3a{B|O)Wnna*NJjR90=&) zus#EqlJo+lNA#_aUkK4-f^qz7_eRvN6v&&-LD?a|VzxJ%Y~Ys%zX8EwW7;`H0ItAv zZqlp&#q|p-Kp+Qj{Bkn**Pu*57NRHaVq^TT-oZDAGwV9!^UUO_>fOM5SqKSm!-c{edN^F^(z=OKly`!~l)E69%?h zDiX(He+)85oE`eNu>T1D_a-380f#ztEx5MyBwMIV8VN?IK~OH3zq^t~MrPJTTdOKf zThF3X+vc-2_p9QqDXEc@8pI%K;)JB8c*h9pV{jvMx)xki;QjCdpj0TwdvC1iv6HR6 z_DUpY3yfMy5Bh$Z>y8T=7-=~lYUc!xWG!5(=w|0D&DeZ+blxEJ_^Ptjy(NXSA9sJc8rSE0RL|HtqsIO_y-aG zKkwr@ez@+JvJlV&7)>;*1duFSd=p{qraBmb*oYDXF#^u_398^TV?(m&|PCRW% z$grihRv4i=MjCR!?*;dR$B^6@L0*0boFQ5*>*edeWgeg+i8(KSQ32eng0{8L+TbL; zG;7#tLZ|WQTD?j+8jU|ynDB!7UZQ_QRC>(qT`-ahIVX7F%!X!<0AphEN%-eEO$#LQ zTANL^SQ@S3{u8B{0rmZWEOsxuE_j&-U{&Hn5PX@0iY>i+aOaO8>~z2rI3s528#KrF z@!y`-7zFR+dZFN3ttdLr{kPjFnD?h(4a;ccqs>505!E5RM@o{Ho2Z78ewj%{GRL zn10`(W4CToXeq2_skYBnVG7ByeP@Bw;kS5J>kr4NQU3QDb4CR=39XnfYca9e(& zZnqx&)>Z(|E}TvXk~Xy)DwX*ddWH22opYG&ScQsyr9H>q)-ML_e4V#fD5jCGUq#C6 zckWwVKE9z5VC15wa6i|1Au4_LvLda0r`s+f0t-{hm>`?O0;gkyq7?7jWEh|#1p zDhkfQ%AdvRmC5?1@G0#kKX_ETb-3sFS>lXBu_6MDqR>kk9Qy;Ei`QBk?fAYzY-`e!wCE)q^zSeEg)fBK24S zJ}rT#7-Wa^J|}5__RXgdL3YYPC{#J>?UeCDofgq5qp;w~(5TaY?+Y`W2&V$>op;c3 zjB-{D(_Ko$S}+C6m|7WBM_)gRy`fR+^6=Yx{gE?FdOq53?G4(0Il44e5a~;I`WAP!;PEtxjdpqdexX#q~Be8GQQj?Bk80nuNq-sM0Ww08c4LY~`Y7OU>i z3Qge|?rK5niKVejkF}XqK!&#AT{65~)Gd!2V^3*2Qc+lb|BIxeqT=^J z#79@BSbrcOZPu9i_vg*vU0k`QIb-f+HO7q$Cl7jI1^l?`p@J zpi9~Ilg!1u)FNd0fBi|W$!s$H4_~s+XI1{@nk!UO{S~kKu*ou?(ueAfzJ9{jJnc>$ zk7G~u!6WfnyqMtpXRT_ylN~Py`IxvQ%&TtPXhu9BXf%R&(O)t05Zb$TSzooGmb>TN z3DGv|E%Uw+P1>nSUw(6$>mITg+|D!S4J*IbD(|^gufbun)ez_O*AJe=Z`OqO65GgR zjXi!yntL!PHRB^A15rf5w{7*2R`^0q|u$8EfX3p-JJ6a=U%0N*HtB^GI*y#?J516*#Y$k$JL5bu@Hi83eq*oH$QdHqnYw^8GF|Lwwd_~l zk@I~5=yWqjC{hGykz?9WeznYx@N|5A>yhW{xbt*lK?CmI^?!kLtku}Bni3Q=Jpv$V zWzkmvWN>qHBbjO>Be149Gz|hf@b1>x5dJf;2`Bx)Htg_VU$7J5YN(qsU?;CXH0;I2 z>0}O~KZi_;hzxob)bG53o(1cEMS*~po0891X~vLagqJdKIvGAY{}jQ=WhoBR9ZyXE z!N|$R77kB0v0b}HY!vvGhhJBp*MYW(3j0rmfS_Qa_^cP7^1Azi zY67243@PTvb&rj?#}=(`Jy%8_NKLyOAKV{!xH_hlRQBB`5_xhs07rXOfw4$Jv{9fo z!0tUfJR%ZfS>ZK-Sg6y<_g}YseTxQl@K<1Mah;9DgpQoPwG$T73 zDVTpq@yjFuP11Sl?O%oV5F`t!gVC~v5#pTnm|jt!V)34*E=WsbWGYz?>4qoTGOgcQ z-?PwZFEV0;rq+|OWS^}B9agC1(ig^ya?=mKP~w^~zrOJMbC2sm(xA33yvi}HV-hIT zNE1MALy>aBn`7{1&NkAyxl$*WGHN-b=~ipm$=zdXIh+qI`N^7gh9XV|LRmO)@hx z zSJ$Rzht{U*E{K5)M2H_8Y%S^(Emck&UE}dhAa}j?w<#Wp1%wg6eN_}mu_o?58e~Vc zJ8f#~E&;oenO=U$y2;!IE5?*rOrOzT{63Cm)&YC|po0^xdf7*psVUK9n&V!y3pngK z>vGTD?0!4Hi)g zBZVRBVh5vy&$hdM-ko}VYBRPc+n2e@W5;po$1~`YvYA>h0rR?GRyO zB)x*0)osL5Mp0C%&b`SfvT4uhQ(YNa$Dr>o{)hlqiA~8Yx0vv-#Mgm8N*;IMwbRp1 z{)vOzclx3U3VZ}z!nj0}(AlXz;od?%Pjj)TkAg1uS)FDMtd;x&uUx=EQ8WB?e?`E- zTAqIKoQCnc93t5FSKk$1vGFo3?lS9qeU?l{o`GP$%DS$0uNy}W|NO5pg<(F21$h%^ zoB(&yVsq_31Cli;Y{9K0VocrU1YG3(N9!Uh&N~~GVvH1~u5k>-3%CEqtPV&O5@jMi zPk*w307UL_WNV8NUI_ZqGll!a*W~E=8|26LHg)w%T$Lo}%DakK4=&83`FMIshcCR8 zf>`&_v^K8~cuAbJ50ks%c6vOtuJGI6v_${b9wIDQFX!D^KN!rs^Z4{?<2QoUPhNB( zDLt3HtqzR$mRY5^XeqZ{Bz)i44%ZG16cZy15BP`!m5m%kH0L9i2>(=EIEeQ6pM~|9 zK^eq2}ks;~!IiMXti3r_PyHCeU6d+Cf+!^{RE;Eu~EJkj*{J9=4diNeCAQO-3 zE0(Kr%so1Z`*kXyqg7J8R`}w#yUs==CSJ<%`|-I<(Pib}MLhR|Ki3U_R^We`gURt6 z^rTF{&tW969gF8mJ$ffkfgO(vvmd@`1Ehxcxmy7V@|>DpT*ee(X-gFo`$4*2L6GMUNo*w ztuq~)zi2QRHzc44=syTjADjz)s@u_xqhf)67_-(ExK{itzuU)k)Kqht~ZmHe{G zf05xBQ-I=6RhE1T)y5}RuLBjv>IZD+UE`ok6qe|BZML&b&6#poHwk$EFKag`b{@_w zXpHJ$ca#W2f?xOx7VBQ1^xetPz+xwg)r)F&x#zsJ=&BAMmYE%^&u2vsw>ydOr7!(=HXPNn z1=8=4?ke=+apf8?7&@!p`pP;9+!esLFcgi)2f_?_!joJ+p{#hs$&#;;w*M@=V>|v1 zDMuE@GZbZz{pq+whq&K_C&9{bGJlWmc^Es%RB#bNFnnp|u|gS%sY(J1^XA8Q|KT)xg@XYW8-&U-CN!wlTN*B>quI?Q40R2z!HPE z!iD}qgP|8~f;q9+${fVkUj4Hjq>y^*3vT1@{C{94uv^go8qS)gjB~Qm2Uf&O3zO~BdTUd`a6BY6-4 z9{A3EjT;wX0XJ~w`Ip12oMPh-i7}yfUga`zb)aa9Cv*?o8Mu5+&R^=g5^~&4<&Eq| zx;b~$HtB=MFhC1`b~$W822sHGGse!=$sBMKGCzG65$wHZSL4O&7+z_TJT)IJ1{6BG zhtEh18Uk-)SWq=JMgT{4eYz5<5K>`=a&gy?a6+_MD;J&D`a zK+vzJH-Abup3V1eI^T~qAV5)7ZkV?{P-gcOaknt%-FQnhf}8#i3C1{NW>;MgpNj_I zMzDdKL!gXS0Z*7sf_~dc>x_5Dk7P}=QDd5nOBc>@bq+7*7fzqV=Up;f$wf-W`V5i>yQcxKRj$={1J0NS&bZRWy=G&lb&QC| zgM%5Gd*m_3;1$Ju+_2esFf~p?iqlzB6~f}kx{OT=`dbp9|85MLVr%AUTZD3B?iH|X z5o9V`aNV)^QAR!%=Q+1?pU9)#GN}Wmi@dK2Qe`h;Nkxc;kFPpV3ep!RS*pIGW%%BF z9vlRw$bjoG1vTQF`y1L1z7NcM(#8~hGGmSr>J4sml%q`wZVK8%Wq*`BrU0S;{!ia( zw-hd^4{`>d&FP^d9M0g8E+*O0eKu_6wBM#93;f(#*OcbVEb)-vg#GlR!_7T9i;rq$ z8PH+t*wQlFX`m?@l|+t0Q5)vRaG1AIp32ngV=4X9!@Rm;sX5)#qIAllNARbXRm9jk z!?D2$Pc@xFV@Y7uPge8pzkCl9agB`uqO7Wgooxa@n4 zKjxs?Eu0N2hIp6kJeEDtu6FuL%TgC2?!+21o2Vq(claH?hx*go;I2IviQL^+s!3Os zVrC$VbX|%RB=*^#`+uWPLj+nsIYq4RNO1KxA~U14y+DcaoeSsvnQ}SCwDOeT0+&QL zT>tw%Oy&9(J7*(0<;a2>hbs*(&H3$Ck%wMOYV_O;D(NkjI7NB=SFQNLl95m+9dr`c z*6u^TVbZT}>hJ~`W7bDPv{xG`NITZ;pKXanwgsM|Q@a)*J!-1A8oZ`UnjlC8LZI>7 zf1`>jsFv_!I;oO{PH|iB;D*z%AQLLzI4id)UN0yfqe@V~Z|tq%3JI;xKXji`KQC&O zG-YP#(a8@2z5v_iawIQs0tfg|;JH%ZLvg{K^m$B<#(KIrELN|O9v4oqB+s{It*^yT z^Klx7xP75JYrcQr_Vm0#CGqC4pBSa*N}Kr5qkYMta*whduXp5_gS`U-me2;1@q_PV zltk0C^XjphH8x{L+dA-nfk(&uF8}=-&d*2e+9> zFqeo#^0g}8=T|lnpbOpi8$x3eu{9dQ<>P%xksFQQS|OHmI%SvF_`6o^nTC(>KNjT9 zvqW~Bd~RabiXR`>4%uxrj(wC9I7l{kRa=l!S(u=C{xs@~N$I4(z2W2ZFCLC}ktc)F z=G_8*5}UW5%I{-)yJqkYu^ZM{p?*Vb2j6AU^ZQN!N-?V69+v22l><(>>E1d(PSwM zG)Aw&{z1H2fa2k@eD#e?k$&I`y55|bSA-X20r+-Abr0g5vvGC6kJPKN_hEbPSv2rP zZawBhr~p9#dFvcGx^%s(;Cq?a-MWV0yK%e-{}wnd$ow!(_=5sCC8MS*%$-%jU&sI{ zLWR3+xZ#ij2XkigH^T=mI&H#_p~*rP2TxxHa6Dnc*2(xL2?*WJD$bD)4hfm6$))Q+ zIn;7sRZPY;LK<1IZd@&8l(GLpT10NqMb@nG{9f% z`uP1BBd!D6i|NA-)rKg9y8-G-NEV2{@&#HJ=gT`G&=LG?GB;9RGV*aS!=!Htlgl(tdF1~D1USFi3IE||_ zBsIDbsLnqD0Ng{@%pmw}Yr3U{N@7h{t*Ju6{blU_0jH_+afQ$n%v~oDb4SM2fcy5v z+Y!+bnt>8vFbS?U&RXOAsLrse!9f}S7|01{P}#a~rgKMclAYF$shBdRG&(XF%?te zBv08tni!!X#6h(ayzx4g5`>S!v=@Jf62}z@DB}%3pFI{5U@8os4VE1$uygCVkizlg zhvxk;1BT+JvVRKFQINeh(?L>&55Svm`HCDcu^4dmZI`T@DPgwz}KQ*46Sw8Z6?v*_-l*w-1-x&oaeB~aDg4q5i|4v%o#zAc>2-ek9KBYVUKh5GN zJjhQ8r)qDkvZE_5=m=AGrg)KCcVuO2M?w&#kgcO9n%IBtFEDx%D&yp83FXr$9C8A* zlJT7Qp0h)D!^K_ppXZ=L`XB*luB;}PmU{B@!4yXKU1ef^qN_6;@Nn9qkfj9JNQ$02pTEjdL#7LbZp5gGY+WmJk3p8_*5 zATdQwc3k?k1*)-<6{XB!dvZNs51sCZxIj76xtVw1c78F&hn!4@9Z9Ro3&3}ylmt#y zC^Z7=YM{Tos#BSdcE>iB_PFMS9G#htw34`m4mVe{jweH5T92g6@dzSn*2jSwkhc_Q zbqU_BkfC?){0?o4f&ID_#mDIt@j%>La$!Ly1HQ7{c15PG;U#+g7~K8^!JtdM6l9Zt z&kmUC`9zaiS%!hP3}m@j(i71v4BsVi-Xq_ceveCf%bd5;s)ue;Pu z77iP0ckJ8NaD(*!V z=vQhF*bj5gS1g3FYsgq@sYQ-Hl5Ee@RVuymHD*T7CDWzvw1!Aw!UfrGVnmL`A#Vlw zTt=mu6jowy5Oy8C6uJwi5GntD5lHbgGv?s&@~g#6mEsgr1<_(U1^lZWpE61Fr8+sH@4$AAeiX?G+vs62CTiT@$=Rd`@ z@fIYq)d}8=U0O`|_?0Lc$qZJy}Zv|eHs5x-0WZ0 zHF-)fj|Tn|#_MZa(W}!1%mjGOTCeIdEL$lE79W57yZi%K{!$MK2@6ot zqZGc+0b$%9TsTJ7UgAIoDfI1au7CXNI4sVcqJ z@$m3uwWepL844yt5(Y@+U%$(cMs9~H%}|yc!N#P*6N0X5Dy)zEJMtiP%!CEr8|KBM zBWiRh=@%|L$^W}~h!>=P+aF+PhYIC7hPk!F6?TcX17l&nyEzHg3p}gH$_)$^c-}&6hS1?--^qnX3Kv*8*R4@l%ya%iScmnh0 z?@QmZyaRsSOwD|>+v(qLatiu&fz#>UbpLNYn+%^CS6Zr*$1NTH;#YAUot!MD^RzV@ zj77?Pis3n~fPTz?Ym@wNIvQ8wKh&LI%pZZ2*6X96aNA7-k38H($C?shekyrH%~~xK--H)^gC*(sOy;6 z0bU{x%307{K{m+1f!Gz;2m;&Dcj^^(6Pz`QiW$&P1ChEtvsOT+m?4}MQgrZ2x)%Ki zkeO5b z86Q0+n{%dmzK=lQOy_w@#?x5PLLSVT&2zV4r9a!|0MjMU2<<47z%oqQ6Gw}v@^|6> z%*BLf312kk8P(jx>3kW)$TA2vsY+A^Hx3O(&^$cb1XQFIcmkHs&zvm)#L-aw-80}G zNvLrldMiTlbwOh(k)tJ^jz*v4EbV{XG<>w>tv>7LbN{Fs3#PduSy5Isl{8VleXNE2f|t!D8fs^;I(<~;1N zaVFCi)4#9)J@hNA|G~06I0*`DO#w2DJxR338;%TrUXT8?7!1F|5b}b70Y)Hrub2)8 zcNTPfL?rINw);eYIbxQDPOUFrf+KA(k9gP&i60a&{K6h0Lu;=_fY8u-c_OS7Vamup z^=3PW!A00%OMJmx1VbZ~sQ(%|5jPuez-`T`%m2dSFniUhY&T>rY>4kQN#_5f6=9IG zzh>3u0KfC?y!JCd+?q_>m|5&dl@J}R`yS_PQ1t#j*nIl1YWR!XL@!y||Ktkco7dvc z;UU9$OotMDk7^{0(H&^hHf1Ooy>a0=Bq8KMFblqR3NWd{+W_o#_oDJPV@`d_uNxw-=sW^;O zs2F?hSm;%tcTDY(?r6|tBtwg zr7(N8M9BxhoQkfi zLxWTb5H~6u9kMDwE7@3d7x5Rg{(80{ulKuA_n+q-Z71q)wAkJ#r9v8^zG8LZsY5Fc zujM*7WxJ6=;e);9=@dYa;vGGk=BEee1mFSfJ1zOQyCE`{$u-@B3BgzTRD5&eX-G^g{2T zhBoxsaQN+)T>oR7z++jof4H}t^@6Y=t2?11g<~r!hQk0C*Yv@u_tP6&{k?e#=}%vp zr}_xCLj!<%9v0~(^j>Mv0+t!Emxk2B=Edux3&rwJCp$~=(I#2Z63igMD1y&(y$DQp zyp2p9E(ke@NtMIBs~V<5;kpzg{I;w~H|{Wb~*Uo`okk!@0J{n(D1+ z?DzA$RexUe#Y>ku0VrlMWeDK>>1y>s#TwU4-3$8D+Ap+oHDrJp3k^?=@|Vs72!E;r zC70m(w)>Kacl+~F0Dg49EZIQ>BUgTYQ~(x($y@r%e1VOt#-E;lONPB$>N=}l7XPh0@}f_`JyY@s-eQr$-Vmi8C?QbM=obE zutgb{S*TzaM=CqN=4x7uZp%$g9393Q`i;3%%oYZx-rc1|>6*A?uFuaF^-EQpVPJ%2 z%jw!TQq#jWMd4(sw?xhRff{0K+|L9+_*`5K>uJ2eBNy?2h9f^eb*XMkwCZQ*$f@OA zeipSDSd46nmum!c3zkMT?yg6^>aI|V)%PfMA~^&5Bak+V zUrLp8b9xHZX>8m2rRG69^Uw;Y{d>!Ev$rWQ#C*Dgyi~3)tJLomZKlqv7R?0A3jkD} zPX9^gdAM`0|4Tl$R)byC=*Gr~!`Te`y6RqN8qI~9=wT%DI&?0}^lSnwaaUhPLZ%*^gZn5vgl(OI}Tdj*zOKpM)%cwFtpHQn95! zoWH!@FkqO2zC@Kyc!lP15j#NIG~3*&f)gsoeGORDd^KfX)vHkPTbobn&ZXO~_asD8 z^7!)FQM-P76Hwvk=r~o0cQ!*-_WXxyLPGgkV%2$^@6JzGdGy^I@;jpKeJycH(-nc9 z0*8aby?ZJGe;Q9^LOz}0ZvQRL`Y8=)lZ>=vRpHLxT(5JU3YTkZBVoeXU?mkh!gk%)~WXSKabS@+_jnjhWSuZRA9{pRCOA zQ9E#H+IvotfXxaA4_fA9=Und!1*W78WwX$(A7s%U|D|$_eQVS!bx0Od<7!716Z{;Z zx*Ig~c{_Rp^TQpe-C65ayiCsb@(O=Up+O~;$LmFE&tGDb-=FxhcIZhxZEFfVJ3VjJ z_W}*w*1SN=5auERFP(BvkGW0znW%E`(QwvyZw-_mliuY=STsFp?aI4OZc3HUT)!St z@ABXs8IID=s{7k58is~ff%)fSbM{@Yf6>Q1%!rV$q&c))zdr=MORLRfYQaU#1ofq* zrRJ+wu!$yY*bvU@+u(9?On9%o6mVKN*cy*!R*KPa&x$RQ_uO9z(tzr`lWIKSn-DHq zPK3$k$y9sxxhTJ*d6R%b3!Mg7{PIzW8_NSh?IXG)Gm4L#vgbbPw{v!o2Hy-Szn0M* z!A!!~f{iY9U?W(3b5$vv&_eA=iMdIuy*Uj}*W}R=?N}>Mk8qFhmZ(##(=tGuI`bzS zW=6|u8!S`SMz=&}4Tozz&UVKgzWf&a5oapd?b&AlO||GLuB@z>P4{?7JtMB{;XeQ_ zvGw=O^CLgEx2U~Dc~kd3LvLvbUa0144CoJS{Od77>gwvwt5XWr!|V2*2X6}@d{y-*LhDq++rIl^dN$K5{*3@Q7BlHzL zcbBIp7cJCB2Y(3p zC}Mf;eY%Kht;I8^XK0yzCen@Tl)I5Gc8ryP=T~`f zOe-2@s%I>TF+~J?g4Wkh;-ep*On2WSg}BaP;j<(01E!O0sGanpYyb-yvo#llVS*bI z1nvr!pgp1geeMkfhjb){Jz4RVj2oYoq&KD#2rKG;0FM;gTdTEq81w(@gQKsO-{SdDE0|m=?r;O)5IKB*| z2w{l1l(e}prZiTwMU1*bYddauU0rAGIv0iUbZ0bKZ_qT!)|XV=$y0TE>x-x-E$Od> zCA~kA4j#-|rhc&m^H%Zd;V9y%nPs<8#0Yx3YR^BT%K{$Cked$$W_wIt|M)O|Nz!q7 zyl#Cdj6thJQie*{{WgoOw=o&E_NVXqV&5~wik0Yx%-?1z#<;Hvs8>!H$L=<)!YdB~ z4J$JSU*|JZd@FTI-NBRL^a1R&&*4zEWcf;kP~iEpNpe{*eq;t_@gtV0eyU)p&({gQ z78?U+OVWS!rfAG_sb{rH=c#zxt{ZPxi~1O6-BU>n?!SLk`3QZ zBwI7rP4}&2H|~PfRsIT0wcSLClsuR5LonMT=Y~p2G2XWh6CLVQfKVq2>6I^9i%k{l zxivG|^YCu#ZD0%M{`%fALS`Olv{bR@z4@ZVPRbbpDO1jaG#&~>K!`>2ViHf_#*D5= z%!{AEEh2+)yGsm^Uq`mr>1*c^3K4=Gs|Ph@a(P59Yb3 zZvEk-;a9CveK^?J zQWSIV)L%P8`=?yuWn+S%9aVSgQ98!sW3RkI?OSd>=0ND%p5^~4{1NyN)4rAJr8U2; zTw=3*=a(+`ic~TzlJpge3RU0hL6fbhY}*6#_n8GrnjPO4eF_c47TQP3W})kLkaPFp zp|F}z^y4WZSMQXRrOynV7evNS=QUd`CDC!)33Vx&maI?NJx2@D0pHWt^r_jBPm5}| zlEnf0mIidbL4{e^^VGlQ8hVRk_twc9X4lFw+f^bGrd2+;ua7)Q{2O~iu68`622Ic! zc##I@q#P+6s~Tp57$e(;3Va<;+G$|A5>xic$oO?U&%MuYq|UU&aF1)eb6<(@#|dHn z2$e?PCBUkSe9$A$`M$q(5^^E0!pn0mB0whH-d|B!38IH-LP5T+RL zvGdoByK}K7zHdzY^rotkbRY87%onqRv;14y??g;_Y2zwI+~!Wk&8$pf%*O{Zxl2rt z(X5Y4Z)GPCH_gQjw530R6GH+Abdz@P(~@`h*P0_4&K3lo^`jVR zQ;b1Nyu8Af6-2a2!8%e;eq7Yu#6r?{>JIW!S3w(AV=^ zl*sEyMD5U`Gp5hLp@D;lY4&lwPv6~FqAVCZa*Xk;9Gk`V=ChH;{5p3TOo^EcPd|dq z{ymx-xh(*Nn!V+QzJ+DWptaQP>g*Kj<#4&5tje#U<3h7PZ_sQeal6~qJEz8>Bec=8 z{w^y6PG`)^ZY_H)t?_e)bv)*5#l}~z5#7*@AiY3K=3-yNAtf@QoT>_BA8Q3uguKSv zqxpeiM@bT<4<+3A?I^TNR}?wMt6Nd)6o<99lTe#2v#FN1{tshs9adG>wU5GP)3qf< z8fiA5NOz}nZ9p0XK^l~jkOm2*q`L$pB_tIP1nCk%KpHH%<2M)2`@HA7e&;*ab-ero zWv#hpj5+2Q_qfNHH>JQLuRn>U5=&uKKkf7A>u|a3xSE%)+W)I*+S1O@z2qfTArIf$6S@^t3rt1&Dxz!D4(@r&tTF@8?noXC5I=5F-< zm=rmL-FB)qHcR)OqsER&QB`e{$`zN3A$2DY7&O#Uc#0V1!o!)XQMKD27Gna;UR!1) z{$>0l_T*PC9q(Zw<$KS(1}8u>-1AWtqTqdNZ1ITd-Q`f{Qe81BzXmACF*hA%WnfJ6 z(IDuQ&*9%>H=d!rcdwNCu&Xs-px5Rr;Onw6f^4a?Ue|ClAa@~L)qg@GCfREG(yOlh z%8Uj+9Fe@>Ij;U@)JDl-heA=(I@-_}(|0_tBODZTKyvsfFy_=8EQSo;BP)sIpmRYw z#3E22SFONfeRy<&L$^CxD84{2q z_ovHxy3}DUiNRIgDE5Y^NsbTPB*2`o5xxqh6G@DIi-8MhA*0(NPlC~Kq|IhL2sS{) zwG`CD0j@xB%}mes7Q0#O!Qixc6xtan%717KB%QMmZ5xbf;!})lj9SZ*pj!1~hZWNA z1c(FpM4#-l(7ZnuqKZ#vUbc@*l{Mfv52ao>SFxA!_Q~&@e7+*J4AyFImhnAWvFIne z!JFp|qLQT<3vk0~3z^fUy7i zr6Oqjw|xyZ)9i8ze4ozAsC@qHxxI+~!APawNR8V>GKn$!!{z(B+tux7&J^mW$JVC{ ziyxK-LmUz*fV2g>iF+qcf4yrhuD^Y#JO9!6?PH^wcRUF5OP^A%>Lia(D4waRz~5+x zd4JoK$_=Y-M4V89IvD53gwCZ#Vn7O~H2=jo&tAqHcyfXiq>BMa4vQK0dIpbK>xNHV zsqv7;5O(nD%0|A+LvVcaB?@lUl7k603B!-YM4v_g?cq{-K!&<66Q7JS=;Ly3`HP3V zq{>m!Z+KwjFj-rKQ!5pGFx2u_=fT{=Tf2Y6tT3nk2A(q#ov#TIh1Z6;E`N%hXk6f0 z8hn1<@NvB4iri)28uvrK>J1dYeDdvb{LCs`ee>0+Mcr3$)YC*`k6R1Ay>sw^Q^W{M zhGq|!En!S13vGw-IbgJfX}u(ypKT1dI56}L{OVe>6hW+GmjM5|?{ zIo?8Z6ZS6CnI8Hw##Bv2FL|F<%&RzqQ$PQY#C!bUUiZhJUlmONcas1+e6JZQokV7W zljF1YNb@l{-EGAeg@6wmNiN$8LxSwSrQczemOs!j6ODscc`4?I=HK>XSMHf$`wT3H z;Zt@CJABQ}6Misn4!(5k%R=XWcrzw-WUOY_96Jp9eMc3SEB? zM2yl)1w3f=*#SsZf#K-^=>ezgR@T#bimRMPs<-Bi*@DjBnCC-85qwSgF=Gek!SG**N-EY?=p$>_CEqvb^CF0@WzsN)=DU!&@E?{qM=tj9sJx+z= zlC4lIjeu%*FeyE|Ir#FU>fA2G9~;{08FM-Zcxc&rqBz@Vn=to!1RW+_F`We1ouqWb)Rk* zsCZtU`)EHX)44m*5g7Q!tTMgCTLP29C2Wt>1$7SQlY!; zK$P4%FpV-FMPdPU(H}i*Yt3;w8bK3!*DJ~4(8V$bBgce*xsgkrT z3|1o!pFHp6}4cXXmu@hKBBLHCaBJ zWT4GYB=6oeTA%F*>}V=m*VlN+7BI_H)v$yya#4w9jo!;uoL^9I50|CV$yOvW!8IKf zRDB0uphh`5UJ6N+XBSm!hew7V$5K_ee7d_nTxFM>U3=_u+4r&_N$jc3$nTVJ{?2?^ zqlDcBy=v}a3W4EQ4mDvTB)>{0f`LY*xvA%=^6v=+?1dRN5RrKn&X;77)H%jk^NXj- zCX(eF8Vvl(7)RRTQC?Up1L8FroI(*?a|U9bVR`5<1_lh^4^rjlYEr)-LpiWetRzd; z$a8>K7;-_7Cxybe4(IH1N-dHce=7X=ytksiGL~nuH554emr?`q=KENgsfB z-m(B;{x(vuEK1smhs+Aj7hXpITtovoN{Xn498WPt?w^7gjMXp|BnWfFvhCx*r8_0T zSbmXm)$2KfFS++(SJowfPlau33*dmONLG^XVFww(1`Mra%tSoI^9;dvKDj-lEUD|!j)Q70(l zQT>>NonO}%d}k~Ihp;{xj9Pz1n-`}k28`Noi782&Okd>;(Fh*&9U zNgC=L0q1)-?A49!6vJ4@q@w(=UDYXBekD!tE8j7BBj`N~NIVXsKsJ{U7)0}O$dr*X z0CQ!JOK-s+NP|IO${cQjf}v+tadaVQI6-J&K0gYhp@XDWi_NYZMZ(ZZV1z{T1P1}O zNfk40=;uLj(ohM%!GMOW0v=N#!Qt;Zga$(|>)FW;zNh$70VIt%0~z@fD+N#SvyRUO zZ8t%lWy^B>{7)q`n3_}y`)5n=5)FlxCpMg!0nLX+27!DG`_H-uq2ZwZ)6s9*&|~Bp zo{IltU1d@H5E7%$TDYaFXw!8C+>IBOLROZy2kY3GmY4(DSU|%Y5j3Z(ISf1Zfybl|=wHkpcUJ zD?7d$*dK7t2d)s+F`*ZCp`8*T*IIQY_yU2dNZ#BkOu%2f-Ws zx4SSI7NJ36VL_cC2nza*TV2g(Y>fF_uh^TB^OY2_>HYUiwft|jQ=%#Q9sP|pyOCp~M=aV7sL|#7txtj} z5X2dl$e%Kcx4=s;;MW%t;>%&cS6CRzTdl18Sq)|%POgSUq!=lJwcy(?y$Pu%B+#0+ z907WN7{L2Pc&zX9d7*Fm!sGFhkw{WtXhE~2vb1!&QBL;Eh&L6j;Oqt1EhoD5h{8nXMI3g)1h z(_Q&T47rq`3vJ5zG<9I^)6{7WfIkovL<62%iNr9r3|#xwd_Ai!fGo%tw4A1gXe z#ba3aD)5OrYY8Mcv7n8t2CZB)eX>|2_-x4YsJ9zxVA;*H*$Mx9vRey+ChDRJB*Ei| z1dy_nLgOaQ^$Tpcfy=w{#00AwU|1%Z;e(aeJZPx&buM+7PMAn3dYLD5ramq!emGYtRB z1-Py1#sGSUjYV$i4o4S&mHU5Y+E-rYJ#>1zcsD z{B|b|35zloVWESglwco-wr3sE;__1(PB}@!(7tOi;?B@1o4>}%|RNc_UB|VXbo9`Z@(i-T+RU8}W zNbD>gsUT3s_RY6>fu3G^VfGxFNN8`q!2MsBvXmS(H?y8TO=0&yfpSPGaeZg2+|lHU zEO-^)X6@CW=SH{DaJ&nrX;S(GQYmb2{e}sl;bTc+PEZhJ9_{~#)S-b6#9$ePR2muSm`*G7$@im`^`2d3#vRL%C078&zvwj(-C(Ie zxtg{$pbaFtuQ0sP+QoWf{*K@~ikW`Uq&e$J4;$PTu*=C_{^SFv1JBCF9q3CS5f*h5 z=YO5S5vJ;0B?X|-mA1-;~G#gC-s#gnLG_?0T)(z$;}$wq*q=a&MQV6z=r$5o(^SzI2E@Wnt1h6YWK7?e8O;Hajk zm{C#EFqP`gDi;sjF<%dUl-v)Y-;#<0g1?Dx(c@I) zMm|VIhjCf=m8fSZW{G;`cSR77Hw0eho&9ZzCm|uR-(|}gQIqhCCO5*TKeD>>c?0_Fcd`U(_Jp#J?6H`=V`1o^uP_*!+M40h}Bp)7GWJ^KxbeQ3<|^p_2*NeO$rXLTwBbP6nBhO!hz((V?>@oq zo2N#}shtl8w43N9K^F=WY+_nbd2AxOLcw^cKNZ2x=Yf<9$APae%SIC!$%A!f+AcK+ z03F=z#o_j3L$AX$C{1FlmStI=`w4P4dk??XSnnT&6YgupQ1FBLjo>C#I`a593aU?< zucg6NbwyvlqH5H)`(EDO_lzLYE51*)(_weD9fB}Hw)pOE$c*+xi##34wFBpF98kTh zk$3V*Nr3Ks#eie~JQF(TUf>&JLi-Nm36M4~Zg+6kSsu7XE|G_Y1^2|0UDB-L?b5yK zXi8p<&CShv0F;P6y%g84)Cu#(xBP3?*8Sl(y?VMls8nC%f3iCooy_$Jl)GMf+S-P| zg^UUtNQND4MtEAF6Vs%7#B3bwwzTkDlb8tj~B2g;fLYP7T z36Fho=^&4&r)1X(`uOo9pZu?tGF^V3U7K6t_6c7d`Xbt%dT()PW=GKnuoHRNjfP#@ zy|qB+z7pWGPyG&UX>Kd~sz;#h`*N|-($b{C$BFCqpO%Exr%^AdK*6wFo~Ky|)bw(l z#ShsX)(@{=-%Ji74?cus>->9Vr2{lWcBz4v+?4&UlIz}Ah~t4R_f zGi!2{$&8;o2&0r20VUIc1N$$gI1>xj_d8SgVLD`7@lTZE!1-@fhjeo4wj$m+8JOyJ zB+Q&ZBkq0OGjY4pB*rNiTxwQaa%rO9Q(o78ysKs<;sux#@87xGI?U7-+1XCjt`77Z zc2P%@jF5eOlA4g5WV;YBRB{ufpVA;^|x<@rjZ#BE1e0lYMPgVr$8QY@Qv|Q zHNry6cc`U6WpF1uuuCqyn_j?vTz}QCKNGBq9}%txNcHVoMyz!%z%|Zy_moF-toCCgM(H zP=(9w?jOIgFz3*F0E){HxdDSZ7%B~jRdD+zI2=^x@BCQ(UpGNI09LC~@#JVCcWe}M z6+42$7;-lNR6z!P3dsgO<%2VV_FvcR0?gj#Fd579plmqF5bM}(6JQXAF`pitvq;2D zJ)oEuEu~81;{A`K16gkjU{J9C<=nN#Vc(4w)2q-jbI>b5?l>SNsRt^$z8e|4E#0fC z-s-L2;U7=M*z`Wg`jEah5 zzA*i^644GZ*hvh+KszqJNa!j8EArr$x2K6O>~ba9rNGFBDvhDyMd8o6TE^;3YLk5e zsI^+ATtFX80yPtM*9P%}!x%AOj9{Yh&~Nd$fmA!>({8G^dP;PG-F`C(S;y~+3=$Gq zpg{FTe==8hc{SMk+GVeAHd;ytUb{m2a1xCiigM?1U0sgA%X3hiPhQ>vGo@S+U9=o( zO@ck20EF{8-EB~#9Mn*_)@^&llNj9$;A7Rt#l<>3(G1u7lVMQ{rlO+adE9qHRYR3z zH~MPzb0S+vr@Q_1C^upx3+$Xf%G$Z0(6EIF%d3qDQUK43Fh*}+kXnGyShbFh4!ej* z+N)QIo8YQHJy5N#KkA;=9p&rk(}sH|bK@f=|8j1QvA7+QSGD(Ni3x$jUKboGZkNdg zOmRau!3G$x|H!`30A}$qwJ84_aQ>@+=%zkZ62ayY5YSgfw%0U!Zj!8iNmi@)qT1n` z%$+*Gk$3ilp|i_#Z{E6C@SS20N%2%fzcfP&{8)kZd}b(TuXT$P{2AZkqFKx~?Qfb_ z2hGosIqmC1lC0j8Km{jY1dcS00hz;HbhF@9KMIPRh#uLPo)o6$rnK{pm(tRTFr-O` zX>A%wV%6)h*4F0RrQan4?w8>w2T4D{VV8}*8sMrpRu5_Y7Hw#`BPDspiA3J7XkA*k z4NRC)Al60MO3j?$_F2r^+x_Kg9T2o z$Ux)hXefSo(r**{&-o{tFF)yDe=LX&j?&tZqClO;7bWj%&WJ`%8u}(EQaJ+;WwqG8 zpeh}#&7+TDUl?+^0Ged#mVXBqm;IHh2&vj*`um!_TU@x-VXT;})#889oW6Q>lgYnx ziO%~Z(4VeD$%!8P3$dM|6WwiPxq6{_;`3zd!#k*~54hX-h3IJo1Uzxx?}NkM0}&dd z<-kiy3aXVDF?nb?kX!gcw(gwds|R!N+S{+rcv(}ioVq=)^NT0KRHdagVbK-4^Tv_M zhQ1_&I~yt2ML3;Wn&`+_g5&Y~Qe8?eJGTC1b70v+S2EB62^H z;&_ya7mUJo<-@6riSe+}3vj##xC*wU0hR<3no!P>e5W@_z-COS{=tO6Nkd!F@7r+A z>%y@hPw9efZU3oQa0^Xw{_1GYn*ppvFXyPc^+aSuFhxYCD%b7O{QE)x!g2T5A3Z_> z)ngeH6yyU$@QZb9IwZwlDC@kY#S53;)cxWw%k65iYdOJX6i4%BQF!tSw{#@&uKhSf zHRNTSb>ndhKyc{iPVFp500T7(?r#W#BS8-5m)I#Uw^>KTklFpIcS>QqtHpj>dWE|z zF&oA_c-NR2qM8jf;rEHKQV@U>DYyyRVLzcJ0&vhE_d*V*`?rW9*Amf4(E!K$eRfX1 z%v+P}Y66@oBSqq5FvyW-u=syF$j9+$E9BwVDq1+EbFHm+bJ!`Owv8ml&Oj9mgFgmN_CQ0PTvseBQ0n}aNq-Fhoa7uUehOfQMG6>jrtD`g6YDP) zRYaehK7Zq!+QcZO9~WE9xthqi$?aplK`#GMj&VtUH}l#23^MET3x|l#{mFY)5C?HB?3p_YJzk=^(kp5IG0 zECA|tvLCsF=#vjJd{EO=>)WGWJtA#|dE2IHVfie%ZHYzA(T->4aa7apAE~N7tEe!2 zquLjE^eJER!&;eXHw77sr2)RLVymYf=_+u*-eqTWYb+rMmc5ZrVSP`BNLL*1`lg&fx;iuJQ}(1NhAb;}Lt_x%^v97Z2yy}k`Tpgwr;h2Q^VhdmK*{Vs$i z{N;PLoX&|^53C&Zf!&zyX;5|SNOlc>!6X9pP)m`P!9ohOaTr5o{1_Yv$VBOaTP6@! zM!#tUK!w1B#t-?32b=eZsC9Bxm_x6@!{@!KW@6f%7V-G}5EA`;LfVn`ntdmE44F<9 zAXS-U>iY_Ypw0J7@|HvZdS4A<$j5&RPWRPQMhnp(X%B3d+bjC0%u;;}-1pVNP;om|>w+5#S)c|FY9qVG7SGD`&8Um`;bqZzV z3py9@(zQ~#1gm5DAV?Yw`j1=CqOXvHMHhxpLJunrKTYp2@?rW94Y-^h1i);0UJfn{ zu6;`Q``&*J4osY{P<)0kB%Cz^*L!|19&6URb&O^1*r|E+_$8R5JT6ufK6lzBeu>*Otq`uFubK8OzgTa4YSt zY4aMdaf`ED%J+|qe~b&90|Ndw%MHr>?)O2>=>TaBXtk-h`?|BA_J(5PcN)3b!<^hY z%0vm%NCM&l(Z=qPsS7rC!yy_y5kXPiBVj4?lEVKF)UOE@~+<7N4b(&KpMjCX)@QRwdT$+op<}Mt&h7oYwzQ#F+!$=>A?#i#W@7 zH^)bBjLP8Z0BF%?HwvYD^gyBS4PbE?rnvIFy!;k`I?wGUJSn?q6WI8=iSNn(14jNi zC&J1FdEdkEalu9J5IptIvAq9udz z0CKo((UqP~0uxJT7*8bYpZKV}i*#p35EZQaD8_W-q-0j7t%a^|Wn~}$1MHR#x6kfT z<7FPx4F)?`>wA^0x}{6~saV5u!Tp9qeVhh&R3C)jtNSICGEt9;?Obxt_Q|E76?Kcd z{Mr=%Cb{F~p9(s)oG(`~V`EisNKl%Bm5PQs?y8Mv z)5s>Y%jqolhv~t=`T`$uCntyr>-g`m*hxRSgz;3J^;vEYy9tgDroMym8@8(`(&^dM zNxX_$Th;L;%sTt&>}UM`U$E=_S93fk?G7;TE8aIw=C8LL93};>y5nVu_zBvdaejB_ zI-t8FY%ghZCnAWc^2IBaV4Dpdu`=sfkFH&)f`Xph*o8Y9!=P!q@u(Y~-y&fHb zFWgHnP&e@$cq+moF2FSErv;m4~b^Djh6G5$_MBy2DUzxX!p+k_9Cj; zCwS4{!D4s=-ugIMagdt|)2nCqmRG%Xy3hq5!n|F~JG@9l~Up_?2`nUvZ!#!bBGx!C_)Vm@jjrxayg z15z{VZoS(a=^@21V{}{XKS;h2{5<4d^?mw=QUv@yTkaElMxhs&dOsB#$HoZ#9$m!U z&Tim@InGt+QyEyCh|O{;5#{5txa6Md4~)br?2ZEe`1`btn5b1_b1>yr|SQZ zAsAw%fQ7&TkUV|}#(%6IzNlVaN^Rnvk2jn7pu> zj@$pn#jCw){B$fVCQ7*b`__lZQyFP@m@(YovQ&9%{*>r+ZCbsXt1+o?4e`{R09i}t zsFR%Ut~8PwBM2`lTqQuZKDx)QVS^T&3uO8^lPp#vgaA0Me4ljb<9gad-S#f7Gr9>Q zyYjh# znffP~ob|ES1HI6T5EtD>UPWua8FLIL^F@WtVV_^xBd;dAIGyvmdbswi7 zuoj_pIkoRAXY%B(1NGctT%bn{kL8MjqX{ zB->`LVX-O~n@cN?g#a!AJOy$IR)7P*qKOtlq{XL_>GP1zq;{`-t5h$iJ?+v-~pJQp;v{lAIy{=uAX% z6%G9Yxsp*m>rClBtod|vT39%*A(ZCvQt7ZDkgUg~ocwwi=u|GH0{ryABQby{`N$Wu z{d|arEO?F?Y)fX8gb&+A+%d5T`?mKB5BYZ5FGFOg3r~QgX^0!VKS%OtU-uq3&j$Nk zgI6H(2r(jkogG%|M60(55JiXAdG{C=Q7~r`6pj3<0zIg?`js&@ZWEYqYHSJYpMZB> zok^)HbOe%a2S=3_Dj9Om2S3-JMvDl`SRDNPo^^V#^-uw&4RF&S75FcP>f_F%hQT*K zW#vVP@m*LZFxl|jp!64PY)aDsI^Z?^+Uc6y1*FJVY!voUemH%i5#sahq?KkZ^HafK za=ng6yb)Ro3;>KsuMyVJH!J58sGv|g*Q_f1LX8S5qSQ`WmWND|7o4Ys_~=G1lAfD1 zcy5GX&rgTmqD=;fX?fMnm!$BiUz_8lm$Y8Y(ZcD#U(W^Q9`TTmZ%_D<<%zRFTh&T$ zl+6^Few)v4gaMYzZa<*od=r3s&-Rvir1I?>p8tBxv}1tyE2K)!b<_5Qx_GL>R5SkF zUz?xDG~c<7-Vm5{DJ;uKGr@qaO)V8j%NYBUeM?XDy+xnXewGw$koG|^!JbkdZBH0O z?*A2X{XRtvRFneE#k=SrcW0IA(*pMh-Cwa`WxzhQFe1Ea%QCdIJOddq7{CSMhZ{JF zD4%P7D(pR!5gVfC`vh}xhcIqP$xH$jpoW38Nsb2Ancfd+>j%KoSn%7N>sdkiagKjz zePS9m2^`SrHE3 za!3S-uP*_wowZYQboy~jNzw#=$Dm#VNq_aJ>Z8RCT>9~iokW{Y>19sBXZ;30WUXbS zDPersVMPD~!;GU{CpLw}$VxLnYsL7y%XSE|;?Hl2RYrh9(ZHOvW`h|?D5O3*NEXs< zQAV2i^q63~xwd3oGL0A@MpAs z;z9Q9zj5Kd(LBprT;^YEqmdMb2R|o^0@~is1o-D-0GEA+trMUyHo$ZdJPUio9^6B& z#+72I$SgKYuedFp#*hF}c3%+x2d(b{g`=u|k#N+HZ^F+(H@yz@b5Ye_YDIC~yp(9m zGlC(AhMCnOyicb)nd)Zdoxs;0aJ_uazcu^|z~VsSx#bv?x@+T9-@ zMi?O^p_&o>3q8d5c?{~tAl0f1bi@#yc%nhY9RG3wkYe(mzdMD3aysXuej>QuQVNZ; zTU;Vh`TAfW42wjt*HUvg?DqNmz*^Pz5*vyEHepIg$j_j+fSU(G1kZ2dZtL!^x?#&N zaHhtxrp=3QC@*f1L5PQNDB2n^M4Y;l1m4N>)^5rInrueIcgR_6CAn@nW_~6IJaN{G zkbp2MbS@l=%j)N%TlEl`{``|FMn&$n+)*Kr;hBH=8FsGn|Qh8L9tqV9@ zvT+1b8Hk~A1qA^F^3oM0JxZ$!spe?v9 z+1)c3-0JSOJ?gc24HEu*LX#IbY~F7$8x43+?;E?dVxw7V^@(_{$uWp(Y_Qyik)*~P zLSSV7ll%AWKd{LPW2X>3AYEvt>gsqs(zEft`CY%9hB<|YUmFMNN}n3qUPNn+%)oym z=tZ{u!U>h z${-{MMx7%MHo@$w&@=ImaDvG&c&XF|aR3<@D1#5gh{neV&j_6K#=otW4RIF{RAPid z@1o(nh6d2ws-3Y1UKWx1v|$+uJ}(Q87^npv3a81j>s_1;jYU<5TZ5<1@PQPW9o4qs zzu+(k`Zi}8%keVb4dcM{J3|+LH?wY`n#%7GLM6*X(=3Vk`h2vsV!PZpJx!Zphjv++185tE&+^P zTz?P1*k<-#EgW8XB#1s9bOkLAA$o|0@u1oL#?`dp!$*~BX>4}_?O7tu`EGQcGwSk> zP^975*ntte0@riL=z+;D#EZC1y-eYgoSv>~`1Zk#d`=D#s*n9I3ue-?RMj*~2wUP_ z87VdFXv=!-u*%vIv0@)ZyU2g+`WV`ZM@(E&eRbK`*f%!z%*7|{L=InMB{>R=C@nv@ zp-+_|=>!9&Hf5i0ngU$dT5))sb5PWXQ=p_{_M-N@| zS7vdx*DuoQ>^K73{bkJ*6cu&k<>iYfQ4Y-(ms)CgC)eQaJX|(S3NRXJJ?iJBf#_m= z^zs?iNHy#q-vc4wn%%998f(2WD}_`g+V9wq=36IGR#naKQi{{cdyd(2_(9xf*W19F zV-|OEe}3Uyo0C;B34&H3g)9y;UI%is9*e%O%m&&P4VJ%4g(GZg=4N+-6`E68SXemH zj8Dl9Zj{xlx7P-Y#B1G(O&TfXk9y3q5N@%cO&0WaQ+@Kadp`aDR{)gMs)$|Dp895!6!<47u*v+wFRS}zJU;8SRdAPP>n{QT4NK4J=Ysa--ux2??wC! zC-{e~_B<#BNCSQd)_?rEk&vK_6>@kA-EAz}YmF~~%Pz#gVfYp&IGNX65(IO?Nh+^( zt}d=UwAS|t2|4TjIk(h?8s0{VNtX<6chw;i~C+GDz`G|CXWyR+G>(`OwDA8R7 zZD=Tf%CJC0KEPSJz)J&QEZeNfQ}kRF?P&?Hz+Q#u7BSKub&G7ytAj7x$Dq3 z7S*l?7Pf-{T_tH@X%9H9K3=gD4MFx)0wC`IJTt_Yy9(A}K*UW+6KVs*ey_hVQxyA? z779ew0WUl#hiv0}>&)g%}VhK6wJC>s=!9&r2(jRK|>q;3eD;CZj}#Dn4vDOs!TX zdhJ>iRG=ZD7^@ZUo4<{c2X1Gn%p_m;l>!Xf$%s2~*Hb^xB%EuL0Vx(AG(u;|mE^!q zpa+OsA5&cQP@3yByW5tzEq|Ips{9$?HGMB16%_@A*zxf36I*KRX@Thk4W|xs>I+N8 z=15c><4d{`U@fIG%6w2rAyHOSD@aNr12Ol;qTe`0?%5fj+{w@8{pp2(+n2xW0huh1 zEW(jS_Ij#U6LJectPA3@m+7hky-1^S8$R`h8$0R>Q;o2^hvX`eyVA5JWvbF#lXA#B z7w~~}z#Vp_pdLaBe_f9pcbQ5eD}U}4SIUHoLD9XAixgJP%TUQI!DK*Surqj9iVbSn zNe>W4rom!*$nh(*5+`Af%f;&T;DY7o`1q3D)&3ZfLXb+6_oR3CCy#mieUG&-MSL~3 zr7{<%RNp*S`feE4Sg}l2na5jMTW=Cw_PaQoc-8gTY=G?lYXnM*MIdWwHsdK&N`QK*Am=1m-^NbD5VY(-gUoy zPTm$4^JLGqvQpJa3U5Xo)yUhfOz`Qq~8hY%=<3gqIFf}3m&rXOOa3wc(qbbOrm z-s3jz2xvQg!K1fvN-=oVwu1$Tej)9bTWU4$Bk9oy{eOFLnzc3^U$JRsgQJAG=6%D{ zDzk|~l~0py=ZnwjEvgp>0LwEAWO4x}BfH&D=EQDZ#Kvl>pIwU>sMe5sflZ{fIaZ`# zgq-o#hnS!nMXA0zAfbLlFCwMcl;ic8&-RFnFQ{q24i5D6t$UpJJZ4&4auR&nH^X?c zHs7}V$uCk1WXsMmrya=wTuqkRG>+;9mj#W#L{zf9akP|k-YnE=6CXmbqmCJkl&)pm z)-+SA4ge0-%)|+pgCVVWMBhuP5$`ldDqCl^i|VXaReix-)|+LAzsqz>;+6*Z_kQrY z0FK@Mv2{Eq_Ez$8-LO;%(4u2Ub?pPYqC98Wet!$vL0txLxj4I=8CZ~oz^jmXpCeP_ z?eX|xi5t^o_ieDyu}MbUF_x;%6bI?&iKQpL+?d~s-PH;We0XSt3c(^Q?wG19NcB4^ zrr@UAXE?JQqUqneaxVer@B7&NiZ#OToI9Kw8>0pLzdVL@K~CI8Q8sV%!mqE*iKyrM zfve=c+aDaC>B6U~E&qdjoDOOEK?1QDK$({vs}p z;ws5=XGvk{aBmC!ZzYl6(I4`YJ$VJ~WD}QzmbTldi>vcJ;$)@3dqk8U6;FYjtR~(J)oH@5-`WMKvp{JKi+i??jGG}4sD$IHQ#2kA8%dA9Plmh z&zy*M$*beF#KxPn!roddRoZQ$fIQ_F5O})(Xem(WyJsS*tp=3PATtr1y2tZ8R{fj~ zK7qIvHt~Wr;)Sl+kSO-Qb+t*8hR6?J=2VZ57N|FpFE79jGS#c9U+UQ5HfbCy>Q?g{ z;1-JEHkto?wij(w1(KVOy}e1@EDM6v)#>8aR@(Ye}E?gKX8Dx^9Q* zOOE${=lvda23f)lquUjk0z7~q# zgV?#N6T8#Jp3=qU+zCEC+?3-sdH4W#70gdcrBx3iFnHx2zjucGc=6NmpH*$FL=H}u z7BTl_wgXfv&tK&*2b`IHA~)`dCNKEgp2bmH-RUr~p`kszyUNu~smzmuNg?&)P-Aax zxFlXOT|Nwt9B57(H;nO0lj$I?UepWmxziiIhck8?&2~8lWbeSej&9a`pp?!VaN*wZ z37c;5$P21_9HQ@EBkb5TG7JBFZ?R=JQNNhWp)}iI>Ye~6ayRMZ$=+IYM)D4+WG+~2 z&Mh@{b#k3}Ov}fQsYLw_GZBh^329Zq+75Q7xWHI7&JzO8H`zud+i{n9=Rx9p5h(T+ z{hK}W$=`Xo^VO$)Eq_PAHDQVo#Pm1BPyXiq#OKwTZI~u58hkShIIonN&jT~1hCQr5 zm~eZScNN4-ZW-ludhMz^`JU=SC0Xn-jt>5KHh3aMga9%OBc9$7eNjD}U%n z8fd1GzF*VXe{y1prAB5JRh~&++|v0qQ)y{f^h z%=3e=^-)~<`-R|eiL4AqwjD1XHO~7dI!sl(UGv+Cd|6-*vi$kiBW7l(D4GN_ z{$uTi#tvjb)^2mn`tnr*T0XrBln#;Ts(-Yy zHhWF!Ox@F}ui>NR(`x$`duvN7Pvqr8`#ye*P#{x#X_x(nAwcNKFX2<`8NM1?S)<7= z>>r1lvxfeof%`9&?;OYpFBho! zoqyeYqrLns)#Fm9?a?@EbR*tYMJzSaO)N#?(z`lb z@}n!h_&_-zE|h%)ToaS&W(O#F5-O&OmJ`?<&4j#vZ<>Qa95Ruz3Q>zT+ngDM~!vM9n!VydQj8V{)_6@EY-7K@ag{?YjlF~jNvPTJpr_^-yYL6U^>jBIH| zlND~UV!)<|Af5ds18{`QD^hS%e8D*jQNc}eTZ{Hz*I4&7N7Z%Yut?G;4|7rMfofCz z)!%tXK%6jOX)o;fJ{N^`YnbmxZ2HK$+~e(o3X7aucjZ3<6JCr63XHw3I`-yPl!;bGy}qpy-&OAcvQQD5+{`a#J|Km}Bi^m_7! z^3;tHK7ceDQL;@SA$0yThK=hULzOH>#Sx)$uEEzwT#QG-Y-_-Vj=`8Sa@d*To45KD z)i}LlMA{#Ht7sTFdX$^

_c*79#R3#&x0J zoL^R00!@h7#bDFxdG+x~(V92Avp{9pXogyB2PoW#Qfj~JG&8O^QTjJTzX~{6HM}M0 zFZ_(}#QKe1*(-~5{hX8c^SnntSYF7YcHgwEX9t=+=2$7|$`XA-=Dssf)t>*iBZoVC zdvB|G^WMYAuBfx4z%ci0EBhBdVl7b8_UQBEhYL)4Xy9wzlgai>Y+TsnG|X z@|Q~8Uz;Jg2*?p11dwbbK#~9?QF=0!|^N z*L)ScwzQWy?6p#egPebu0*c`6OexZ(S}VpMwjA6qi!rRplDw!Y*`jtqW~&r)bl7Nn zuuIO@S)~oruk5k2y`cX)L(%IqS&PqF-JX?p;xTJzQI>_DB+NC7ll(j6sbH&aMbi}D z)#<0i=1jn}8BcRM&yq2ESD|RZ!SxYkksRH8SS+j2S{vBi_i|!=bw15ZYgr;3<6y9{ zO`ONOh@naxga&`w2|(H^-0;LM*TB-!ID)?=h85>-{;-7+xXn?TV0*F=v};cwe#guoYt}7 ztBY}ZIn*;m1-d8>fQ;lE^*--#oTltnQxiVNU%9m~}LyG1R0K}WYrYSyioYiDxnH(%qzn6$mw<{R|bPP+-Xpr8Vz5zLk z8#Oohv#Q-JYgNqFXZH*GCMCDWR8f@vlm{99OzuaPWk!j4;-71QnVE{OjWR_Dzkiql z+oIMr6dhePp(rRhG4ktjZjDg!`DJF>V=%Bd?r%1RK$W0+>^cK?! z1^epIk++0g+fwzvD>S@U_lI`t>dSZ&eKs@xM)dC#kqD${dIz>R29}f}Z_3}ZS--X? z{u#P|opiuklMRS>D7F`{kUrx}oBgxGWg+R~@AA&*bIC6(@wCOo4exc2cblGm(Rp7}S2Yx%iuhrHSCJ z+}|JNmOg7Q`*xZfsK@bt^Xs2Y9A(PRCWu_^I6=4Xsd<9O$JT1)^X%I{f9eDEmn6#l zF7{0`g*3>orL%S=kV0w7TjO1zD=mEG@m=<9$M#n19L2GLGT=<^9i^8+N~A0AC%}f^@+)EB^;=2r&k8T+9H0qBn@|(k^Ykl$0FBkQG zitBXkKDU)?kQG^<^n@m{_rjg^Y4R!RhSkz1WLX5eJGH{D0&sBXB z>7*t&wL~%E{Vsb^1Y4p7?dql z8BXHAC2&ijG?Q_V-z#bof(~AH34)%(HEJYHRv-1D(k;3EZq4>a*IvB?^r8P#tM7fP zsby$;MAv(cjf~CW$NDa-k9Hl=@eI#xM>JvL!*e#x`uXKAD4T6i<4bm;iDX|)@!WR5 z)*2B92s(OFoZtb|J@A7#XIMYug!59n`PI|apGPIOR^H-Al$_f6n*Mkx%5LhTIkc)) zd6<6DA;q-BJN{y)Dm7+L$!D?BEh!GL)Cwzb%^P}|*8e&U&p8!sWYJ;-ymj?Dr(cMN zkkRdpMUS-l#M_;Iub3ni^inlx1_bZ)W~LZhWz2|uViJYt zv?IB^nafMk$Jg>cT5$d8<8yeg-xtDgE{smtn1h0Ha_xuXtwP(CBYZT{eAh_t&Qe)0=QBKim20&88)-uI0W7$wWd@b?H|@r(BGGESM0` zMJ3-7(!TUX_{DYVW~Wn)=^8O}4s?c6hdT=7239Xw#3JF<0B%EH-W!+QoR*(biqi|f zx{m8H*PnmGHkH_^dV!=%g2i&FTIx#W`*6x_@IaSRKBT$}3DeSWTD*F4^EmE66M5mB zLXJ3s=zq#K({-hZKVJSs;$<&`y|Fa2y@_eK53i(rWxC+ru+Xa7`)>g5VclP86lFhi zG5=Bd){sYrN6AOVq1Zqe4&zf>#?yS&@9h_)18^O?AZE*eU{izb`jfFMQ-w*1Jd(TbeJl@lf+pWv0 zKXsv8@1C1SIA}?+8?316i&Owti~=pzAbHH8t(83_ zJN^4(Y3arM-)@Ho_MOgi}(6o|K*||dNI&mWGb=pu5MS*Db5yN(y=y`VLjU# zc9|N}ys`HS?yXCfFBJE8O|CSGRXT^R5dg@Uh$Hv!A7ZJYfjxz74~jE)-js~zKbYxR z=r^|d-1jg+-l@XSHw7eVCo7xb25*z?g`HIG$wO_zownrbs!$C)45@7T_8ObNJx;oIr{1R8=lZ1foS2} zXMeh{*fhUsT~%iaqHk@{O52w~8J%|X?ns2x22`GI^?f}t?S63Lht`AbjhW^j!8Mg} zA(W#w`ClcheXC#J$&t(QUNPn(rSb9f%AIgsrg47tmPPe`qGCo+gRSS@^@r1fA*^Sp zMBXChM4$VecMqBtH!ss+;!2s6ZpHlQD3LvwzvR7F>e{YkXxe1Vv|=lld;Z5Px16?5 zL9E1+A6kZDVPywa^M&6RKJR2qnZ29Zduvc({AcCy8JnWg#}?jtqPbM#^kK{Rl4opB z;EryRPUP>5jyg*vjVl4dmX)o_Uf$C*b<^)k-;%E2O4PU|852gXPMS=-KQ?)? ztdYrt7z)JXN8aDIo~cR%3l#>GHW%NC)#hj`2KKxzdtx1X>EIbgwWF(yjK|8!=MM@j~cRdFUiP9=&L@a>_It3{eQ=K|WeB2Ix7=bhslN4)uZS?gk zExH9$eU=%S<0cmpUSIWXu*otnI~|acJ;mF6%A=4B`CEY^&cj78ca-+DLzya$-U60z zgVfhX`bHPbj)xXSN=ep*wSQK(nfNWP(W?FFHp2Bfz(Y?`;piGeL(^rg2s;obH^FlA z#9jLUIJNeSPcQzt2A}P8iN{zAN?>FpvG~Z8+|zJbr*jx+N&N>d;|HXFoax96PjW;=a z-gnzqrw~MeJP|@eK-L8?9CaXstQm5a|3)oVsGtA~KS89V2-WoSwH@d9|LH=7RPF8|0p`t%4qAi7jOWvh$B#eF(dC$n=8ko(Eb~( zRG~5l@*zS+MLpz0qHORXl(x?NXv2?i6|D?O2LH77I2DWMmV%1(HD=Eve-@O4BZT!4A?%L?m*?tJ4B()mwn5nM8^vsbh#)OJY-B4a`?o8yoP5=U-nF#pP& z00O{c_dIT(Xkmx7Q7|MCpkYfU#VzOc(Tq}BcQevp?ttO4#W#9R z5`k^&Cv>EQMjD`z1UGBsT9#34rlNZx56tA%UVxbwfvjbOvK@{mg>XgZY%*WK}2 zzGMTA=8H-6ei*n$4)W5he<0Ilr@^4Nf$;*{Fz#5rB76w5v>yEF;i{$D<4_rIXjYFq=(PW-t*GP-@%wp#R! zn2&L@!L(tsv!Y;gOii38wv7X!*n_i2w4h)nn5IKM`waL1KqOkUmDwM75*5?az_{9c zY4cakFF-=M++j{(+J31UB9xjH^)vmB^{b{YCk4Kb0>zNT;{-Lk zO>#^P_n9MW8rhi?axe`y$z*FCr9p!Em{hjiHU3E37BEu-z2|gEMC4G0lFM$&O-LrokdZbdpEXX?XP|tB3A{#pbhKWAD z4cEV02GaZ2;hiy+sJ4js&a(^iF6M7zvb1diOUr1UN8C%jTXq)L7(^a>6;WzBWpW$? zj{w`#aDPZ$CHivUlSlbm4)@AS z5xm^nwH~Bw$!=W@^3F9mee2U~6FxuO#VeWs~*~nkmg` z>nHQZteTs&KkqovW9#OHS@An*TqW09PpZa<18>R8;Bp6QKU(+RS4TjJ4k01i=_8%F z*RJUC0qGXwd6q3V*!G^w@n2=AvP$Rdi(6{ftlb(;v`Cmo>#6^k_#>U&lzvi<&gINu@o6of1HXlD3iryuF{fU}z?^4ytk`jQ>+~bF zRwvZHi9&c1b>vsdZfd`K+Yf4EXPdf7+QeV(IoVv6Bnq0v-J&Owi z#8twi!o7Zuy`JXI@l7PSZBj-5!{;;qS3chYJ~P%CMCvM1V`k_#^*Uw~-gwWXXWIXT z=YLyf`BTE;bhvo6p1uG@k~G-hz&T0m5r=WgS`A))ed0xj8Ir&_taXrc4J>B8$V>Xs zOgxsak*>4m#GBi^zS;za&7aHORF2;7UU-!~_>#kZCYJp$f;oIU$wPctIk1zudH!65;j0f4w3jr@ar?ZJ^;*c`eh6B7Yixr1I{Jfd3KMo{q0 z>DS}e6wlfm-s?7BeSARcz)H^VvY`D~$v(q4g4Sa3T(h}T-fVd&HEtrf+Xg+7ktyYo z`_?=8S5$?N3*eT^?78bVcs*3#lVq#=NGsae7N;-9)~x03na?{IL^@QPJ zv7TxM^!xEXw9{Y6obC_`im5DGzscRsg_Z`$T{KXFo+G8dejYJ{cqC_!%ryfb`G5n4 zoBl-O2AhoiInT5SdY+f{79V7&9<pl;43tQVQevl!PVk*9@6u8@+)}=Ss@Rq2`NGC(G(tI>n@RwcC`gY<%A<~qVAe-mNGs{}s_Wc0Tq(DYKZg6`r&N1SauhJD0xN;_zhtYQ9 z8FtG5`|??}8+xUIeNmIqZJHP+>pq&ym|3t3=dM=&3B_n6j&2t8@({$grnXYAEL>lft_?AXi1c*6YE=cc6M(P5;R9gM=!5& z;MfukZXJxB;d1)3OFqle-`B2SFqmbv*SNi$If^pE*sP8^p%pd|uBx3DPMf4qvPxl! zQ~!2)h=TFORvE^`(DLE)vb!~^qxm_CAEo-9|KFPZsl&sfN^^$?kb?X(ov*^00w^)J zK+^RJ=%yDSO3~0rGu&7I^=shj`fKaYJHEI}1@am>~ zD;*ELwsZi#tYiZ~p_JpNB|6~kC_DMX18CbtT}j=9iMTQ9ke49)n6w;q^Kq_Yq&>fT=&fKH2I4@~JD^PEY4oPmbw}snC>~LrsUO zZEoNV6&oTP0ANKhyWE6?-F--VzVhhH78zsXk!J5n1a5`@V?M>WmlmFy7+F4#x~o`r zxB6q5<^}pVNhd$U9E)oM#rKl|*F>fD9XdOvDnA~Ixon8MvH|ZjN!R^+v-)X=dCEA? z%D1UMNr~*jHC(e|Dv>uwF+lD6wi^c{9oz4}Ey2QMEIr%x7<0$HeELL41QZWXXd_K^ z43FG+&ZE#_q~Gxq|5K}c7dcBNNDQn}5-``k%@MbE^V?ovhwH~Z-A0leq&kb26nV2< z@vm)U{Py+QsH(RvunFXh}H3e#V!I4TU~| zdK%C}XrGg1kX>PtW0(W&1p7A~Oz&p(=%^Is^cd%u*qS@@^QAX5ys0|DMsPxzgnf;B z&+=#flsiq>p!4STU~f>ATC3OB-L2^rZ?{&br$6dXSY@b?cWY)-+P1!d_pMBc=xLQM z34Bz97j-pg0w(cEP=>=cB7Y9vn;1#u%!=O+6Fb7rXlXD;}fp zhMmpk{I8C|4i2T~&-*{m!CS}ujF_jyloaCh_pvE8`BhcsWDRI$X2;1GTV*L}WNifG z^#71-Z)Hdh?TeLOolfqj_nMv(nysR?VyvFGqk=(H0h0%pu{L-Yues`B@v^qcPguA) zRh_<&<%$-#K(ul8`hd}6HKVc2JjD)H*5F%P2G*^&Ro^~{unVD>eQIxK7aAhFa}}Og zPN}Rk1LzE+C^cY$s}M|8tHa|;nBAjxwP78{Kaj`TJQ z50ZCH6DVVLxKz*V7;-Pm3WA9HR4 z!#g1k((7%Cj-$`%7kh4<2fqINkX@+1JNdb_Rr5Zvp}Bdynd3^s!;lCfDtSC#SHdIK z*0>04Q92)b9XzN1aD6~ra;b97-K#PVkAKLZb(dPcmfZLDA}cIeA1f}yE|2Z53Vvpk zfayuq`VxSrPL?n3l@#yaZG4!)enXRQFEZUJ_xq*7s*=mH+g*B&tExPz*49az&XcpX z&ig4(vc7&*UeNj$9u`)3SEy!QbOF0n?Op6VAnrC1VN~cKrXLb8J~`gRXq%8Blhj0p zBB07MWs9X`Bf#t%@kj19W_D*y07(8#SC{?*%lpN~*%THrRui-A_{4OJS?Wj5Kd>nL z@!7181s=cJOt=ZA``vU<+fPr9#imi5s z$Zt8&=NbpC2w$!4euh~7rA&)AuV$l?4_p+yDrX0X^wetjd2M*!x=$K>kX1HIdm`-2 zX~Zh)%8tcDYf|HcFj6n`>qQ_dYL_sn%!kVAm!+`sh&BqHolB@bYr0sOpYZQ&;&1A=408|0CSU zBvED3=2ms{Q0sVC#r3fED(g2f14KqGj%4(gDZe|SOL1qYe(XQRYf+83A@J(NvIn-I zm0v|rrI-Bccf6JhB;+TNHN2NU&ni!n=UFNrEeh0a^FLZsBsJQLd7qr~`g1_DT2I=v<{{H@(Dth4`Qc~5ty{jv@ zzubmrHc0k<9WiCGd!6E_NS`}DG+-KEZPY&g)pyB?WO?w^B}pEJ1Ga;QzJA2p=M&@T8q&YK zu;JA?J_*|)b93{KU%z-478a5YPF9trDEURaiSA^~;eg-39<0_P1^Yh^e1tq0Im0_b z40JQ4UaHj%A31X%gA_U z#2=aTU4w$yZ-Opjs*SX1W@hG&{(e5eoScrXt}_sBys3XiP>B1f^qF@qzcMM=W-GHI zCvPpx^B3*%$;g<4)jxCYoX!c3JqNihN=iZU)F-gPXVd``U||~y6rk&NE-~hrk$~4H zf_0}nFv)b*8IM(qTcS(Y#RoI{z*-W7zUK7Hn>oySk*!Cs*SB=jTC^>d6& zAiIj>n#j`ZrpQjPjY(h2(|?yD8$Hb)rJ&>UlMKZ}nx3~2vqjg`+T)_`7Zs7fXUk%2 zr)v4=iM%x0oh{`c(*?uD#bsBK(vvV(NunVLrqX7;(j`o5m0`(O*x@r1LZMu~tHw&XMajvhcv_PRgyI>W z2vHhoz55|st>Yaf#;66f1$iDx?mbJx>QmSQ_A7FoS3ErPvVwjaRhtklCeDA~HW0OS zd&xx;BVBwY)gaQigFc>(Dn$PF*%TiV9bbcK;r*=}Gyc0O0(UAK?a+gAafZ}i#|V5~ zm%y%TrgPkQ@B!P47Wl%iA|&>cQq4zNWWA0ggxtM)J|T9bIrhhDM>bdF_n8kFw7M3$ zRtV{^p=fsu?auA1g;Kfhul#rYLur!)r3ipS?==(cX#zGu9wv%O#VlF~Do+BPjEnD0 zr&Id2QF5@ck8t}&7Go>-+BuAkN`7};rxb3ESYna35bX%Nw&4GjT11`ge5GgssQHI!MoXkr zR&FK5-vu;LC5YTV6v7*Ng=hpx_E4U|(7tub`SV4mX2YW5g;X?oqjVJ4j^B^^iqo(- z_S*eAMrW&&L*Rf`m6>CnA4A(yAiKg)oqvIcuBMN!DKNbCBR6cam_kuNv{U!y9h(^a zNcz(qEH4pTL~>CNyX!AD_a%LhM;<#-9ed6?h+q&AO5;NLX(AMXCvTorw{lF??fZjL z`CYA9`;8&5tCT5MQaHn5n*@8@umA^I+v-~+R8}$X)!rshJ-C6TJ!Nq%OCbD7rGQq~ z6IJ9pnkO)2-a%gDZFK))0n+8Jg=}aDI8R3OI~&N}dmWzIfWhragKp&Dx~Rwx4+|__ z%Np0MC;6nMf?y;Ai#jSP!MX=nyi3VZq|3<&=jwLWt*}wKa{MIaDK^>^B~kC2p*KII zTv=xkQh>EVds5IjhwkuS7=C%IO^!rW+11)>D7w*zAUZllB|MbYvBE;a5AL1fg7ujW zeY~c{66&TN@^5dL+$kV${_*BZrGU<;!OVznSZL&Y#!(RZ4K!>ft|3A)gVwC^iKdVz#<`Aj#~vI8ym%?G zeHF`$k>wNDd#PFbO@iu6*7Tik-N^6=v}UyrW=7r;H@qDg-Wrs(kMOo8R&0!fFwPyH zy)rNlYvu>5=sPpgwd;S4=@GIdHmdh{TOlOxOTU-Ef~y5(XefC`>XEgSX0A9P?!_C$ zGbA@}be#Y<`6v+L8O@(5Z+Z~DT~ez9FVc$(L<+7A)<9ZlTq3IRc+NF0O|lyBy&_@pv9Qpr%*cc#nsQqzr0(!%3633k#<;jxQxe!iO;I z!SG^W0Y}DJ!ABi!3}na-z}d_n?2SHP@$-k6Jf8&FMJo`8w&eu!lQfu0YVK<~vI!oN zzU}S0V{5kLB+qErYDszOe|qs-^#bpkOVnSz;KX8y2@sXs@rxJDDbOHYEsz%BOhtCZ zW)*=oPn64!W!-0^%Edz&Rz9g5{)BcxHYQyW7tMes`76)1UNhQB$++~CQA`OZJe-8{ zfA_AB|Ft87mh&We-|14ldPy-}z-Pw=-RmRB;<;@`{Z9mPeP%<#7FohRuLgKg3Q;zr+UB3EE3YE9IIa9)kIb{{Go+|2d$t`n zUef1cdS?0O8P34M^WNfB7Ay)0 zXRgB+Xd?s2a0<^smG@^&g`jTa1OXF22x?!4h)4zD_iA4%i(lr~caXU94?W58T)yVO z4@re02g-IRSebln6#ACW!7>+L_~si}Sz7bAo53eV)?gzxH&broqJ9-Cr#j6T$r`n} zxaH=AQ*HbR|G7|Naz3u#UX=Yc0s~W1WIK7C;CnfIEPowYjswZ`*0C@A4qf5Kh~aV} zi{99-TXbueLn|MnvSQ>?l}exy8AHfb2CtyQGSbjHK0lA;dY0owiz6(2f@MsU(_rAf z#$ojq)^&gV(flJ+vIB^+X70r?jU-?etGpEa%7t z6dD5bHxQs(jUz{-#quOQ}h~63}V}B<>p427vTNI7Cs>0D(h}QCYZU zztbQ_WceMII#G`4qM+Y1>~*jNemWhmdkOwj`9AaR1C4kCRy~*c94o?sHT2ulF3n-H z?ipY{e3Gh5cOnTA@w#vZ3pdg&B zfHV2Vnm@|ClK}k@Y=)y!48sRzbUvai&?4Ro+4)yeDhtLr)w?*k3_VuAy3JV-Sw;#> z2A7-s>iZW0-`mLi+$VjxkvW41Npb~<(xhM$c)suC3lrtuDb_jw5xlc5uD!&t#Ukdg zKHDq+cyQ4WyWE_ga@`79yD(%p_D0F5xL?Rq!j2;e;4E_mF}2pm5biG0vsF6!9FIXE zta0(ZD(6$`l@QG8`|mL)fj(dy5vgsPS^_vM6Qkdc8Ymfu>c64evFg#F#)-QfIuz_y ze>5W{+7KcJp7Y1O?f`?=mH!sr#ortix(Pl`p?u>7&Yc8ywIr~9GSUuG+ z()irT9h^}R!NAU~v||xjrV22{;_=%noLVjgVQ(b+zHUuFy+D-YZ7H{ z5Rl%tAibaq!N~u#h2Wv+TJU`jz+7S2N!Hoh)`(7=vUu1e+yWs7VogUQ{Cd^+8}31=vM*!mC%22uAdi3mL}^ZWx}=|dU+$~>3p^0qcR3q5yFTm z`T`N0bsOXWlNPCVPV+xDOiNICy@S!7-*Aj*y9SdJ9!<`TOl}aA-w!zw8~;mQD4hx?(!W=x`XFAiy6kstu#%HDXsIVFe|#-|oTR24De0 zAB8_5GP1`8B=F}GYjg$f{AnMnN`R!}>LWKC_pSo>6dP{xA>0cAdGIvzOl1iL-*-jB zY+MDkPxOzE+`C#Ehp1>H8I^@(^%ZjDpfAs+07CJ9hAc<+4dL!4DF3fHttFiDgC(#+ zEWr>BeA?m~;2_Y0^5joGAVFO%0muZ6wjJWh!FZu$efpZUri2jTxE#um1aZ1N5~m~I zi^Cf=xXA8}*kEXO4Wd^XziAi&_&*0vImR5;>Rf)3dO{1>so5{QiBtK%2AtQ35by?ar3~CPV;VD~OOo zKwJfiwG@SihY)*;Kp%U-$=jgM%_cSN>db3jT^$pKO%oyc+Bx8>MXtzNkTIzCtxH3Q zwS#OC-1Ol(j`LL)HAbq0jlONB_IRrp9QiROaYwiVB?G_QEbYu914f%^pYelV0Vn|JS7v8`PD$41^zVWcW^bfQApAaG z8Ea_#)yVJD8JseEvbQbP(-!uJiyZ&x-TYd%O9`*a1ue-aSRWQt%kZYeCj zZMezPh}LI4LHVY71E~AqD>gLJzd5kjB?6LMPa{X}Ba^5ozwia;5Pw7DS?%_k_6cCd zfEZ-B;N!g(Bkq}hge{rUEz5klq@1m4_9I?A!>EQcbot2 z#9GRQf}(s$q33&X8owT!y@1ngV>g9^a_vi4xPA7i8^u>ZmrmTebQurD3L1o*7HARv zu$_JPC5v+MV`%X!EIXea?>EQkAiYyZk!G7vLRIp{88 znyVqkz%b)j=zUU~xVT2v!|l7R1q9Q!*32b`7z!6k;)b6xoItx6T~X>}AVM%*iVSFP zGH5SrRx8d761=IUSMO~Jmdv`=aM5%1Y>cRVbcR>kMaU$B*;3(f}ob#%kSHIUrNgC{_5n#@`TCWL`a z1tMp`C%=G?tCKc}P(O&N{b*icCT{IFXXHCEC*Gp|iOy7XKRk7j_l7?`2FV&(y^&W? zQ0TfwZKZVW>*+nj07a>ZX%SF~n1Hpvt<$eqTZ4Y@OFJ6j)9ZWM_TY0|_v&`RMkKk{ zu#Dfg_u(qI+>_M@`P%`ss_&GrHXmf~yQu*e^(JnLLM#!AWwD^0v{6;EV;>g39V+#k z4T5G`!x`U*gDo&!Sp_9iYlFehb;slGN5Lnfc$Wsydna zbI~+wsD}nse@f)?YCncvA)Q7=u$XaibF1mASsU87~Z{q{J1Ealqp#*ycBfi!UgA&-Qv=bN2j7j;%=X%jo+A^v1eexP7!c`D-FbZp$-)21@l`iBp0qy`v3*mOS#ac>FL)C zQZ83@6`q_td6Hp>^7v7{TgB@4&PIRovsp@ENS+s(m+;khuyUP&m!ESOUOWY*U@~L! zgCs^V*u-BJXrd#Bma1ctCAiSXNC-MYfDyZ2W9)t6>E=XvUjco@>G+*1=%4J$B==FZWDkf8N3{mub zG!%C#>?_cyZ{NO!e*ga6-u5~*lxaAXN05^a{mB>XVA&^Nlab+_?C5F`DWt?uDEE@5 zc2#L62F}WV&E(1QPMzjzYkyCOnLVfA{H|ihJO z&K%T$n3ReHqP2W@GE5$3#Jd8o>7a}tm@6x|M}7)r1kzbn?n%x9;{yJTP--P$%h^Q# z+eqeF!jBJ5iQsCf6!1Z*u9;3J7?!}#OQV42EArnV%Nj|BVZcn;921L2T;?kvu%nqO z!|T(C3&LFZ3a%#~R?xuLxC=r|0<&?Rv_no>4-!GUckg@+V1^UaL~WAD8L)D2T4+9L zcuEP+_bkD8iadLdJGV|IQ!}2ss6`PcqOi*^jHnE14Gi@6PboIwlyE65S`;hD@^MskAp2Fy%#2AIH%X?UiLOfp3w#2qws+qWsQO~zuuhohy_2!GYIMj0MgATa((dkVRdw|s za;A&gA4~Tf1xErVoPSLiHDwG-HJp=rssDPt;|b&QkojF)z23l&Ep~UJK4TzvE(=#{Db#ARr+@Kf7KcO4}M1 z3G!nM_MtVCI2m-A`V%_4t&y1X*awBj_cE5%s#Nw9B5beEpn3#L_H?R?hP`87l6ov2 ztjUNzUNjS|zclk{+u7|UCj1J7^}JK`#A3%yRg@<-@SAL@XzWhe{Pe3kp&}p zUs5bNJ?97zf)rs3vI@qZoL$+sJ!Cn=yWsp1r3*kgptQxMa8Gt z7F8x654JBjew|5cxlGJ__8Tv+sC|gcljr*Pg-r^t8s-{vJ`D=I`Q_QMiui~6=2eDa z;o;Et=1TFsUmQ+Tt>Mq=34S>Yd)d@tQ5AxuMNap&S7{5J2Mq7~w*E#QV{2hyQNnf?dfAEkd`8cZLznZvD<(BwRUF6jx|sU=O>E}-@;|5U zkml)6Z*?14sv0;KkuzV?=iBO6hoa>li#_;h6n}2HTC2+hv^zjyX8b@%qRu-aGZz%_j}qT{DN z5L)o;`v)W=e>XWzENB0Lysm!N*MuAfTSnMNl6@TBTHMv_+s5d@sEEC z!uyvLM5a36He64*t6zP?51uN$nHdS6^63RS{zDP}CgOz3gZ3CudAr!14HjcbBQ&Nek;|Peu#UR;S0C%oaIz^KGw$2uHLC*J!+w+Qi(CdPVxKYc4R+ zJcIDOPvtiE!X6i`xVg{%(#>C>&wX+%w9WyQ?itG}&vj{dG~e9y_AYWseRJvi?q_1w zS-P-vk(r^IJ*Ct{X>;Y5r!tEx< zkp9I~@6;vj^7(?q=Jjx`9tF`0a!`5s+QvJl(y3)U+@iCRS*Z_SUFHnAJvUO=31#~Ci5Koh2A{f+ zIUMgqjd~C|1)f^k(wh4=#4eGv&Fc_A8NzAY_`L=z5|3cpQHDR^s;Y0-a#Aj9#@t-d zNBatwp$PXG2$f0bRR7Zc9Q3Fzslih>_n3d!*y6prz$3A@=zia}LzPD>igjgJdMZ}-96?tDf9HP$wQ}ic7EjMc2@t^ zN>nUm##nl8rW@a%z#$Dnpn-`|gA0H@uFWFMR_1p4_Ew1AB!bAz^@QpA8W2$6i89s|ViAopCop<%rKK>5KO(@yuxr>oJC>;aHRc=^A5dGaL>kPcRm~Rrp zB)t&rl>GLtFx&pbU#N0?mozV7r?;k%S^uZZuEvA3h*$4iNHgT8g|~(}ZT}{FKbSPO zZAlO1oJf6ZKd+oE`^NjCQ);n?DxttEcD1eXmpfTr*ClOKJgFv{hfvo0{`TOGsVN(3P58kJ@pm50O2;73#BOP<5V^V@|sBi{IK@5cxT@Qe~iLv}uI{e-S(D#0W~n9N8Yh(lI)PCML|O57ZH97ujj z|J}>AFJwZmKm9y#Ps2E%B1xZg*|QXxrsplssn9E0dMp%0^(g<03Jsy+3rBh~Np6K|B6XFi>k z5;R9cXFneH(y}k#p0vW!I(Xd4mch@al-<+rD&fmycDh4P2bCBoi3J)4&rw6x9xn*V z+S^0c$kAzoK?;39^FSAyA}4#haoZ?!b)OKk<2!%H=*^`iHA= z6T&|GS<>6}a*xSuTBQy>1zpR>v`X&&*aUIf_Xb8WGvrdZ)vUdey7{O6SieVinc1Bw zol-C#SuCo9cXMAju3eK*+7o^fii%`u+uJ|bE%!3LUjOu%)BFDW8|z{}n=B6<9ZDQ- zbq&*0*}ZVfj}FdG##jw{ID7>{bj+K5 z9!_W6qzs^mBdT&Oe39$}+kdTmP(6cXP7_9lkK>D5l)MJw+>1&|TI|vi-+SS|yY!$c zw-=fc6^i8u{T-#8*d3OWa*f%<40Fjvu6ZxxFPyuwpK^GxJr&P0mEiGeb0CxmQ?tF` zkW%iRBYn^(_hcc%p+RbD(5ZqDlUsA(H+YaH_hKit;uuXeMS0iU;l~P1B+R)#73Gcf zEWLCJmgZF5RdOc5_0KWK?g%5lxl6N&Sq^Uc?=6k(G6r1+aw=qQG5oiCz3_!HeDz<6 z?)@|U*B7?-7jktxmWdFng8#p*%Kx0M;UBGTVrh34p0-o`ScIg5>jpE1Pg-}1uG>C4 z!bUyno77S@|HQO4T~zD=$$RhWPHKNvA$ki}-}!znT{Gz`Quwp} z^k!#oGzN#VTJGFnJm*=Oj<;B~b?bKT%y0sO$$%?5+o^Tmmz>!|K;mGOGAu0Y#Cf-^ zs;zMqdW*CEOpXC(xVf7ED1Sy$Qi(!tFYk6#w|#HT_N3`*n$%+3>`Ikhs`_^HxsHxO z0kK<^!VZ<&seALbMoo`v)|eN(Lc1h70F%3kSi+^53vz(;oyZpZ*>&gq*ghlth9k;i zXRNg9Hq>tjFi8F8(^Zf^j@#vMRH=h}HF@#}c8EtYwdpWR-N1skrwClPRTsJ4#>Ob= z_yHQk-jv+%7)Ap1-n6h-e44^-kec5oHmJ7XRoJva1KUX6$y2S6_%e%uZ;AeRO zEZM(pCRg#tv1}#v?L<9|CSssQO&uz(=|?A9@MY`yzs!mv9qC#Wp#7d6b*d9Z%*1A7 zzAdK1B4fEifT5II4REQVpf`YGg{e!b!XHKaPO9eU=vcmwc`iQt`tO%73W9xsTPZ9NdMHD0 zZ||CG8I-wjZKBiV*-S;%y2N>L@#e`NrqCvI+FmZ`vFH0GBl|mB20!yNS8`2DETq^h z%c56wLpCy01iIgE;1iKgmjpf7cqX7?6-I#*u@Omp@P%#>3;hw7Aahu z5cmP*?BCM1Vxtx zDXT#wk?6;FP8pIrJfO8HJC`1O33y=cvRig(SIy_w#==vb?VBNFg=gkJUj%dJ{z+oV6dHp zB(iFa-_;KSoe2kcoie zO&lMrwyRl02vST2wM}^HFE7X6NO93?SkH5moe;Udx!@d)l(RFK(b)p zv{_6`Na1x5!Kf|noOAaFl1hG{BF9H1A}JjckJ6N1=^!W)(SkGZkLJa2!lGEnV_dN%qYyk3YsM<*h z14jg4fNl5FcAyGg3yvzT|CH0X3EhlYqG|OI((iz3SUV#rw}X?g8Qb46MgP^CuABiS zp{Ai{$6_0SPSS?jsR*p@3S`=7*-u8Xw?XcWZVs|=+2G#`OyUk8wZaQa(99qhLnhCL zK%k)K?T|E(WTO3xs2~9o!q>JhA_8E;{;LWRFd_K3(l8OWe{1E8sK-dY@soWpq$q>` zCvgMCbPz9GVJIKI^GfhIzGAH&XhQ-YPxxg#Uk2bX0wYB-#VzpPW)|{(OXLV4x_oum zMr?pm!bVYL>{$8p@bmWD4+RlQF~fkRuCSOs1cSjTYtA`>4+B|G#_)1r<>3M*hFb3- zJ2H?L25Lowf9vCdfl<=?93x&ZaH%(%5e7a&W^{Xa0U1aO19SDm-1=bSHvDq&oFm4* z#%oz0s;{Ss*Vska=)R7c_*Eu)4mi&S6|U^7DWw#U%LKgSQT_fNaJ=AHf<5(e9)ueH zK`mV{PzVN={&f{YK41bL=#6~kE2Rp|RqeJCASty3;orY-lL%x4sXV(C7lP=JT!aK| z%eU_9_dX(JscRVwXVI?^ER5$11p3e?0PAx?O(Ut?JY*_v*Yb^j7eSQ=BG@eCwgYg& zf60#2?L;(T;6-(l)qfLf)FKFmfbD85_^6+d9CoX&*Few#(*_X!J@@@D2P#X~R+j~+ zPCzk@4-k1((nUiV@fj!)sY5+2!ZUi{StZ6`@@5(AU}F4H0M?d30eWgh*d)Zz(;%7m z??4$*^+*@QZrH-NBr9ZtTe*PrLcAyIuGC%!S)kx2se_?LpmJqN8srG5Km@T74|Gqh zC&RqB3SNK~sF$qV&`S_}1i|I75CgESzmWQG8Q!qnBmyyGBv2J2`FjPn#`FAEEH3Or zMIMEHBo`5E>A~D+rSm=XD~0 zO{)sn!vdETo&}NsQJ{^%M^7TS1gLQRKXqMqAeP_TH?s;2t1>c59$O0;Q3;{!J+qaO zJs(jTWUsQ4N8vFddq%P%S=m&|9@*P_-HP;m-}m>I-?#fY_c_u&j z9z%!VFW|!Ni39qt_!*9L_GT$XD1VXlsFFYZu^|NH$`He*gaEsCOckk%ze1c9=8%6? zJG?c6o6$$A;s`F4ZexrdCRfhcn3OL7VvquCmAj^MG6=8?af2I&aQ>F%;hsSkxo02% zPmY*&$unLAXInuEvqOcAR?We{aXfs7FEbh9R;E2nDL~ZaAt)dUAf<3$N?d@*cY*B| zo;)I72`XBAyhU)FU3&O{D8T#ccfr#mA!B@x=hWr~7c+~;?+&qQ4EM7m6R@#i1&zP? zO{cU0fgi2y)_6AL*|V`s!Vgvl#Vd9k;oVSp*YnhB^@F@uL1$^DG!c72&SGQSi!)Ue z4TLn>OygfNBdUk`LTlE&)G%49C zTc27TC&^0GNkHy50sW$npkF*;{H#d&qLDzr;mR{YJuljg^&^cdLi> zT^98SPd-3U9a#vf!|DOZgD&;$BQ)IeWX7l+z6y%9387>)`RD&ZqAcIf%`uk8PMo#A zG)*jUwIU7nS2vw=E*lA-ig$!0E2zO7wK_);3RR~Z8fV-x!+W2-~T6`w%$s)RXa)Fqy`CIL`QS6j)eUg*|;r zE-fR|l2N#x-S8H_e{D6|bxvfdKP~rje?K==rup?Na0*vb(_(JABT8R}q~H!K(Iq$G zy;r4M$nlzxlu4e87VdnRD3M&z6-gP^5yZo%A^}U}hI#)!j39v(l3Ntw*dyTadC2*y zXaAq)j=*yV<1-*KcoW0?nZ>^yLVS)7ypVyDLn#|^DXw>2FIVh`jTBHeNBDTWh>@!+ zXl^HKNIr%D1*MRUBvit$3kzNSA#0|52&gKQqj3KtaX{!jsYavSz~%I6310>L+UAkpSJQjgZ(^6C zw$q2hxFQu}X4a80F~{qgnj+wnVj$`eUtfaB$W56}%oH^+!}QO?e5eWWreN82rhT;V z!`DtxEI7`rUZ9HP;-?imbZD$N#bLh z&(9K{AS3Y>1%av`B`%Nx&n1#;n1py(z3r?1EFmGGq}*H;O-(IKN{aM8^5g7}PM9Vz zA(%L(K~LP=235Gl|Gx-sZ+ceLEItsZPh|=V@FK|#tNODm75cFGK9|gqbSq0*T#N`s zNo;l^VpYGjx0mygv~+h9mfOLer)H^JnZ79CsyJ6GVVcED7unt~Kyj<-+joFTAG3$z zHvWg=_JXM3u)c-{{iS!Vlsi{Hx{=*7wJc_vtCdj*7YM|@P2v%{#KeFr5~S#*B8+W2e;~C_)q*Bs z6~jOe?HW29byMP(+~44%7(DvN%|Q(mA|vZu#6fiUS8kCaqNBhSNobMe^f(`}s^q$W zI#Yp10mrbC3wML9I!mfTPLOlaGM!R5X1z@UJBY`TpjfVq#(1VQ%WPr9ggWmog^xwz zG!T1q&m_TePBqjgT?FLWk6;OY1VWZTgDaBM^67mG1LMS);SyC^wF({(J?dh9oQ?2z zne99jt*T-2hnn}|MHqu&N(IM! z=FvU7!#>zMM8QET&ImClJV8zYIYKA;U$0~VQ)4*I+KTura7I#i0gbn3n@mx+ z+8?ARe{`L1b{DiL=L-pqHj!C7^BCONK~N~CWYY4SBo6;Ks|suduT5$ z?L%yI1T#<}lCn!WgBHyQaPyJW8KdamY6r7GIK6w}%%IPYEAFWrGhR&0wVi&iD4e;- zC?>IZROCJC%tw6hhv2uFlfOxngKJz#|Mu~VG)O=`b)ONEjUc|0g+Mi9fZ5`_D%R96 zMIf^+BW>2e$Dfw`Hq)RGyzWc5Kdu&Xz6w9H!PKk+$ZRSIAKSCmr7|-g54vJGc1zkJ zw(U;W!Ov%&5FH45+`>#JmVJ%CMUmN+g672F6&Qs_HC&Jm!IKcP1TayC!_B#}wl;De zLRQZW&@^mkhU zW{Pp*#n#L4qP#A^Va`Tky*D3#$nILMC-1z0gI@KZ{ck)Y0AP*)xRj-#GT}HYM5P2n z-Xo?YHu$!xBD4YLK{HD<)Jzb~MBe_HY-WYURiOXtPNnGTiHZZPq@3JWnD!y3&bN}X z?UtIx(MN`itD8x!clH4QWiV;$wqT7YWO;F1T*cZj=?1de8G0_T%aK{$3xB4abqW26 z@mxYHCJodR!B<;iaL!XAP<91aooDK~yAbz~XT7fxF0UU<@?9a<>o>cq< zqSjr{@FPEs>)Pu1^Y=fuW!6stMaT5o|J(uW3xTTCk5U=BZ_5M{QUJ9?#IDXyQiD3= zD?hdcU^UuUP>|kLS)3xXEuLL9jC%IA4@0^@D{}rpCf`X2XQPIYRG}1hRLiEV_1b0m+#qH_3EVa1S1%mu-F{T|mT|Ggsm zZTk1|+!t*OKGS9+7=Hk#z0e{kcvOH`*(1b4u%t$R<^f#ithM?_DhAi(p(JBxs6rdc z0&+iobKkzN{J0J{DXZ~WfJbwG^0dLC#%8;K2A+ihcjGS6uwK`9h0H1BsIQPtn^FyL zqV{Qx9VeU@6Hz|=6_uc)Cx3Fs2~ZRJZf>>COMcKo@Rox}v2Us4Y4CI8{E5&%Wtir@ z%9dLt6~ZIxwzV8~O&V`~D^xn`%(wK-4<&zcBFM=%1vANy`_z`Nrhd{O;0_^~uvTOQJR?2xCQcKlq_r;rSTd6CX^Ui+ka!j(mNRcOdBL zA07CuXO7!1;hoUUFJ;|d@e*dqz{T16ST7+HCoOYErrcH~jM{NrTjX9fLecvjm;P)Q zbgO{v>3izrs-2LJW7)Bu+81XUud0zOO{whSeu)<_(EmK&18QmY@)h7!=l5s1PL-sx zqe9|}(_=(Wec171f2L4B` zLLGd@iNH_WtgWXy5U(^DPd1mG#KePI&Z+GEcxTIMw%H6R-2Jm91E9+*o+LO4f5;{3 z{saf<)Kpm~YDs0Q3HQDRnHbW71R<3a>I}9AM#=ywWWb!2m9@66bM4{TwZ8#UT;DUtWeM=9G{z<&pNZ%5$e>ZeXJR{~V*AfiJH#Re%8^3k83uL^ zrGG>Mbs(e+lh#l(*m#Jz4|!Kkm^mP0|B;+`E$koj-ESQ6B)(IXpvm8!6M3k5C2upc z|GsdytbXCz-~c0c%TYq_7yuk7{(*y;kt|W*wpH|83NlGreIhJ=; zdSfv*goz|1?inZ7B)wwPbG9q^IhZ6~srtu6G8T4+p8jWj5Xyj!6>+86{`+#scfzkW*z7YnM#olDyL@X{>u>SKN!yCpZ- z5p|M3`-0xdKzfdsva?36V!jQRGjMPiN2M=cQnua+L%Z_X6-^+?M?DQxJWqOXdO)LX zBd6FYrA2x*=I|fYwz*Z$|6_V^POt_=R`r`EP?4QXO(Vfhk>f|ir2aK!aVDVQVcFjm^p@i3aq930{KTGfz=K{BY)T&v2q3Ba zf1dwCKP^xg?g0|daK9e=*@b{)(y${xYg7E>!rF#dmDXO^{&ywoNZR(wV$C_D;mhra zNE5ES%Y#WNZuOmCf1hLi)nVf0OBH;$9YE_?A8b5+`;fC&lf{brsH?2&fKxB8pw%op z(saa&3~Y1x7`kh(v7xOAtjM6dOxm^0{_|7@iOIwlg^gZd``YwndPI)V1LRp=*gX+A z5|6y#B#;VEiSd6#YFN8A0?;^fbi2T7#VzcXV&~YjmX=m-d8(S0)^kRSisM|A&da$x zNtpDidvTW`#~!-({T0G7S(aovdsao+EIcA2c|&CjW5T%l$%9a9^M+x>-aUdl7g;<` zk)W2X?)G-7{b_9j=g*zn=Y!fX9qUF)Nb>TF*3GQ z6{Y^@&t1Zuuz4&hBqUKz;LK~qOR50GqBct@PmKqr$Kp|wUr{f83n-nqB6d6RN2ZM`Su(&-No+t&jt z!Atp`2Eu$0AvkpCFq@#Dbatx}tFVBa-Cce*vGbCoL_cM0H*xAdeF}rG=GHYfw!?L? z+QKIhd@d0jeA?ajBQvo{Lz_cz{_gFnj=6`T(o9e5JDK*SUD}~hRioJU$=f`_d!EwL z0}}-@x0b@SzEB~|PJF^5JiV>+**SC1w^Wl~u{C5Rdh;8Oh@a*<9c18hHyW5_AG~4<~L$@DLIbcE9v< z4Z`?o0E^_J>PTgxz^y&+bLZBFI9@a^Gx=8Woyy(2IUlu3RDWi^4yLj^XWr|pDyrvj zoe^P5jEwESW~#p!{Yd3Anz+@W1_s&lXP{gX@J8k~|>A|V|k zExhb8yZqH|@O?19`?5aW8M7d2L%zU>m+)wnm$yL-P(blG-%*hLE?dty#h>Aq!^5*sf|bA$A1DO&++RhRpm``* zF;+NdQ9X8Gc50$JJ2CZXPR2wgiUnEkJv`TkXYJI>uJ;scUyY!amX>~$l$?CX@QwW6 z5kTZrczlHFFTRF%yX4w*S-4DxvS~Vp#|3jelCH~$y6A)C|Le?@M-AyOy1dOh{DiWB zr`uaeJai>Iy$IKj{lKWaDzFhhA2<$ccbYw;dC?#6W!NFnn1NKU{_oT1d9UVOX zV=x)kgz5Lsl=-fc_r1Cf=MPLmf_^?_gTl#=+e}25?)LIxcqmoSRIX-g9|Dg3_|BtN zYstvXT4LuJONZS5QXXk8kDZy>_)r^0Qe`~S{37J}^R)ZwAft&&Anp83642=H1kB`F z5{&e{@a^G`T5lC~J)O#|y81cI>AIdir^Vk6u_IdI_tjmx%Z0!U^eAV| z@iVGqS+ldV&S62}+f8tG=JoW*L-q>NjgCvXYhykN)U{;OO`$_!$}oMWq4%^$5aWPW zITkdkUoyB?7IBS?XMGjvMBNLLUcIs`&Vu3E{~1pH(8CKr#mZE6#*p9fn$7)WT>VTA zQe#CnI;3F>rH}YsC7-bHp#~DA8W|0Z=xxSV6qK~x!+0NQo(pr-WP$1t$8QP?llDo1a(zStS2 zK$*!3jj2R!{CY?DM6JPy$AdXGJ4f1osJT3NrlMXkS_q>}mIaP5 z*P3;R*U2Zy9O=HWJJ`2F#K-hg`qZHDS~fI*T^W|mF?KoYmtVuyw4H1bk(&7x(olpQ zrl5Z%ay2SG{*%EJIrgyRo&>HU6VCu23ymWudx+o@O*~5?Yi0H_{DBm!4!OM6P|Cxi zUHy3l%_Czxhgefyv$x`5{r&e(_7E@VsK>=#JiN!k5a$2<_Ix-hkPno*3pue3h>k4V z@r%Qpna<&E@KqX-A3x-fe^pZj0jYaifpB(rpolM z+zNJ|8MSLI_uv&gebbKU);`mY-fnKL^vPeJ!hRQ7R;g|T9-I<3hyvL|1cac0TE6W| zLPC=0`Rm`2Cn!N+gm}0&aXWIX-A|K6qzi~ta2!)*Dlc|-J^$pv2NR8Q+q9DTrpWAU z*HC)-c_bt_>xvVq8#O#0io(B2gpWm9OY%uTaU(LGWRHFgnt6NTb1o2ng~q|T_`Qto zjuBR`2Tp)JC(B=>$TC@Xdh;T*1Dqt>xY~2E5w^DikYxX0v~E zSSmz12$FgR7n-6=LM5Idx8Ld9IO>5D4{Y z-u(a|0>F#GwBKJ2X7qfe2;fL^&J89fs0AF@wQzW*^K`Q{8dK(dgHRo=aP8)Nrmxw_ zq^9FW+$&lql4?kLtXMcwC+F5m_^PhL?wtwsB3F;($Ueq zvt}NmbgHUDTG;+IY-Yq0D+*`bS%ypGkcc~OXosJVh-&$iPSx{Rd#Rr5IB)i@RZcCQ zL#NoWZhG3~reoe)b0waSpMu4-9Ufyf)OhkYH^lnzu<1Qc^*VtibovyjCFfk zvf8f=0V4C$7a3{!kmp{WscpBrPI$SFINThlf2|u@6KQ^;dy=Az`-v(xFethKnba`Z zYn-%~=_=gML^U1&!v{dw3j-QRAve7|1R2qa1xz$X)n#3vwlE|mh zo)8n>>Y42)B<7r7%=_%)8k zxN&v$P7{$l0}D;8ZPfY-qjg#RLW8GxqE-qQRMR47%tX4=2{%zsK@2qG&QU< zS!$Zn(T}fCKHXNt4?sk5CJXO=NcxElEG$y9@KF}>{X25mwyAxj1>6;@)zzo2xs2+A z9!kBfS(O(w(G&dju=Gcfa9rp!xt^lW6T-G(>q9XtKc=_fO8~LO{HZvy)=NGLk=JA` z*X|6djGu3KHK#_WPWlY-Z4*>*N!-TbE9pnx-c-R{k)6*yzuo&}=grI+q**euq(cu- z$qg}ARO~((Sz9jjcqtZY+jV^H7E2qT@E8p|wz)V(b8GSe*G)q8wP_vh$QYM`^||W6 zq0%jGlkLPM4i4V4?vJ9G_E=j66=-SqTl3KMuVv@0MBbO0-FT|)ICYc%ty#kQ0R5-B zF+R z%!t2j%CJ)RUZ0vBogFPv;rANVtgCAZGLW1#u74lg&EgYSz8t)GL4Ra?x$0zH3aIJE zW-+4|#zWw%)6*DEs+WF_J<(KhXiWE)Pwx~1Ny|hmUz|CYTRZdZQnxyT=al5=!~}o) zy$?vFMiDBb!<*Yr3^RxY<21-P1OM-@8GC0T3CG#9XYH203nZl!R%PSJG8PJX$;94P zDK&UfvblM2a&WO<*Ke}?Rg7b=XGm~d>W1_9V(jcPSV{?-rB9?3gwyl#eNGgDlLgjw zXsmrYeQv1bVsH3t=GMBJ|0(_DDBx#U8EpRt?L3tzhGPkRD6ozbbEK7IQ5 zx2Xtbe)&DdaFGLiB=B(AEQlgVvlu+S8foa|SIy&~7={5sK&Ksq0{3mz)#27mWw}O( zPjt<~B71R!Svb>BWeD2+4&H*c00$VNPMl)kheQ%sh^*1k(Qxk{6~#VQ{^oa2+Fe&B zOi;N`9q7>6CXGj3rUC?K+v|_keQe4xirJ2>O#0c|Ss(>Z(91=})4&7>iH)W2^@ffT z{GyF}%NXM2NTMRn1bua@zxm2sl{zi3S@oJn)QVl&%Z<)=osM@NJ6;z#;S2OcyP- z`1ozD-XL6SfJpEHU58?p*nl8N`=3H(GO_Q0EFocG48jxCEV|0z^3}+Edc=NSP(7Lb zGtx$M&=%yyHZ>L&O2NqU^6C+3TU%htU@#a$3L9uSu*|IQx<{uks3!n*B|wAzTLvBk zxTRCN8``RwX~TRHL^NS9kn-mn;@34qel){%`Adw2J-Ablo_DkO{zvS^1gqO_0eT?> z9?Sr)Z~umK@W*9)y1;|oDqIL)li)ffa`3j44V^e|;5(tjR{&#;t)r;)p^FcJ^Rt~B z8bop6&K7nN00yL4=YS8}pw?ddJ=6W9PO)zdG0VxH67Wn#7v9*fOCmk~(%8jKLc7)7SY-{nNMs{jM4e>^{L=+&SA=45Oz2LgcBvKuJ+aNpP!vuHE$B9yt|ALK-bAcZmXle{3$@_JxMwPQ%hNnngftC^m}l z-){9IHlFf)ao~vvlA+)-0z4O!ejvJRZEVImAfk?{%IB*JLLXd{5i5zs zX^30h?t-}EzoEwjP%KD4qRIv^V6$SYp`6oDxnHY1*Sno+}t&b>!VE3 z=ggz_GhDpjya;HRXEx5ovQO%>_EcSGUW>oqo>RjYtDr6Sf@?>QYIWWJ@wxgP7)eF( zwhsvn=V(0{S>G9~$Jm>}K;QPM3|cigS$_JsYtm4@dI@Wbc&0uAosW3N+YY zCsB}(E93Rg!_W9C6BlKXKoovznwntPKRGDCL z6mQzjAG*_(ePwKHY$!c2qOKP+zN{)y6A|T&X#D{3$k+C`m-`xU5Bpuac{6x%S>MDY z`Lz_$f;EHku&(VQ)ql>z%#^lh%swm_(ap-mMaQlZmmKBvwBRLCjT5qI=WH3Ek$XMT z$lY6)V1CBJzK&@{^~Vjmb4k3kx+zjb?NcZQ`dg#_9N7;OCW3ZQ%8E7X+*cpFSs8A5 zzW(DUwfbiZTAh!6yyp-&3BIUQT+LKmQ|sBS&Y+83PU|=5L`tspcwpk)s$cq)=`rK% z84*qlQP5fd8d*P7QBq<_OC1|}DTp$5IB+83C8}uegRs|Uu znYT6j+=Q1NOA&eGUykC1&EL_Jr!)_RDij4sJ;Hb?i608J>4?Y|xO&8Xj8o%kNIUoD zaKkT*DH?Qz2zTMOPi!nMokj>x=!XNrUw!715)#Cr9#C{&?V`|#Uwg&zJt||9DSjPS z)%rw)=SkItRn6#9{q&Do*>TpV?5B(L0lqwFhr3X#FXfg-tsB6@$Qf?*B#Fry4cME> zBGNvWD*&`L6ab*@?vd4FY9|<#w5}XTZ zsU}Z2wF_@Xq-TUe!JIf-{V_a+euTHGq4tP`gx~dY*#w_qP}q?JLF?=805yAuSPQrf z=(hRjeuDX)*#a({X$mLJ^kF;DTsht=4jV!^H^0=;lIp6FU8GC)whhI`r4w=}l#TCn z*9^&LBs&^B<=rer*k00}zkk!qZE5kC3RN|(^Jg+iGOjS(q2$_XvJ*0i@0ahLygcxT zVl(t;Rq@rt5?Y^=w8TfBXb&lpy_I~?N?vNV_+IiU3$3E*gVBjhX@SZ}?e*OAoViO*BCaN;czAm9*-`#FD3qZ%*>(F%&yr8{QLm+i|2)tQAHCkB(x%c;!^g)Djyp4A?xUm5sYD5s;y6$?Ck6x=+HZ%`($n95pk`!b)OaT? z@jC~h+Gzf9ZIaB6g*=;CWVOHNkbT(960PE^UTyg~KxL{{=7j3l$JBOGq)meyt*E|J>ipyI2dK$dQ=)1|cMee*uz zHF#KGB?5&XOsGOyD9PcVgo&TmaDA+Q&=B(_u{gEYSfw|nbU{?DC}Y*Jm>n?K+nObg z7N^FeKafTGu7fG8Yk8>3NGH01 z)rI)TS0z`jdntB7?W-;aox}C!f)v?y2859}IGV$8($3b(ct!H?xocLaxWC#ztyt;V z_aHWNyoXHfyPw`22hYTZ&PxFvzux`wK?dDGHFxu=kiV%{pyce&7gf1Yqp~%1ApGF2 zO4i;?NP~h;QYp%UgU>o`>OA zOy_ZNRqvqUY)kJhTy#53^lu-a;( ztwmnNB8T;2j~6t#^{2lM{^InzF(KoRBGqH?6}=pU2$~y1~tyk z|KC;qk=yWk>&(C$mjC|KEgq(ddQUQ(-A8x+n9r-w!@vKu^HF2?5ghoR^cDHb84~*U F{s(SR*rosg literal 190479 zcmeFZc|4Tu`#&6!tx&d`?Ah0{W+xRI%S4v37ei$$Yj#q!+8O(jEsSk!*_8@2mLj9E z7ekCCgb;q`i0(e$=kt4>*Yn5o$M5xe?myhqbzawb9p`Z#=dr$z>oHVc>jX6$^^qe- zPUvV~G(2+TDEi0|njFew;0n~g@-_G$iHD)qg(Ias?6XIXa39gRsB!I{_53K6r{!Sa z%%&Pth|!y#`_c1;SCALXPf)s@v3eyH%$P)YJ4Q%nxT3+aenvMj(qEvz;!OKO@+&*R z{=0I5sD5uTOoce?RGxN?oDp+%w7C%ah4$4Kt>i~4=-)cIE+CE^|5ok;FW<&cn& z(W@W%>rd(tjpQ$XJ^gz!jpTFx^P0Lli9wmlo+{`%lOp4-;wA@KBs}Ct04qud* z68ZCvP$c<^T+aOQchfBkYJ%q-M>87%1y8QEaz5+MOuwG|-7+`bpz?sCRv(h_Fq8`Y z@Sd`gl4ymQu7iUEA7_+>4HI9wHFe2AL{OtWkU61M#I?SqRsAKxN&b#1m(aK}Be>;wbypzdO_Qa2ki*IAl?1?8y#asQ0m{<>k8{B~NrJIw3VSOY8*m3WCkH zC@#ZqIvZYoFTk&uSBa^VGLW#aLOUYW^-a^`42OYUd>Op)Qc}D*IXO})D&m@&b}K`v zDyWuX(@1tM-A}KO^FQ_`bT()6!W;J~)h|QE;Ocx#hu<>rVU$wrM^{V~Hqzv7-7c!W z@1dy~_Gxg?0#hX`qvV*peDTlbcZfyDWjS9!?e?aJPZ|~I!$^GhhMQ0`)e;K#UJVw( zgs$=6nV1Z%gSLXdT|ECz)&p^uoRl)YrZuga&C%QYvO|e9hl5z8SFt(%#dD1P=o4nq zv+}aCux!}TO59|Z`+Og#LKWx1x<+X3vBh^c-#F1>WMm{IBV#XKfercf> zH@pfH{sPUTtbD)d|3nn9Fw~yZkN!r0xkG*d+||`2v0A>GJ0)T>~w+tAs?VNiAj_GI+(qBb_PHD;$@Wnr`S{+?V!-^iQ`8SjqPtEJ0zAbx zfXK%(C#6@vaaZPyqmdVjJ6&of>E-3sH#Brx{2kVVXFeh@p^E9b*5RhIlhRP51^5U- zQ@guCALB}vg1%kyC1__pIAeT@)|4cY$f{_qP&4N%H$Do(aCK&??rQ?KoSmy26210N ztM>ECCUF*L4v#)L|Jfy?gk(4betkoaOl=2ngan^5dgFxqeA8ggvvyVz16^8 zb4*FHPLG9}yB(4BIU!USQN48oXA_+x? zp?UWaSjkaD!2D;bO|HF_+^#Ei7mJ)| z>Yjf(L0o(*4}Cg2Lh3QbZ9L$ym{tA7L~#r6_d)P<*!06g(T^_*A!IoxTGG+cVOm>5 zMk?)U8@<21`t(WWd)kyChf39H60-ZEXO%=57|x)AE)|db*gb(2{`{0hvc@4{t>UWK zYg*SqLyrR<nKp=Bg8G+EP-!M_I&?!BT?9dyh?l8r7k4@RNM|O&CH%u*3 zWFoY4FJJhAzJbaTCr;8y_13N*P}9-9q-NSox`d(Js|=NFjGYl# zb;k34vrjoZ9Wbg_)ad1VmRnm}Q{O&XZ*J`cJZsm0U+Q{CB&n z;;u#9&CoQei-PUBUU#351aut@UG%ux z8x(Z-W!Xk!C$3^5_TeL5?3wSupzvmtt{CO_Xee@VwtF@^$P50Re zjK5r2vl|y&+FEqMnIKRq>rbzrN(FEoR~`EhRWW7f@hU-YB1hix_RgRI=jijNdfaU3(b|`ie_{1fOXA8b zEG$a0kb*W0@vI{M?mTPQ%7+ipKQ=Znrn~FcW1f^hXftl!&ZR;3jOS6ycP4TSBmPMp zcbZJYJl0DdFiyZO{eZ6vE#Z7V50yD3K2$>7KP@)1vh0aT?AERGEem`<@=MIPV`q*l zNLO(+J=kZ0G&)ctOlhN;eM_0=l`3a`A7Hb^?K|bSqQuy!T zJ^@pKQs+*t@dvmz+$(Xm>=%wwSxsSIP)If|PV|w%RGX$rx-|}n_cjN7d$uvR}Z8p44?bZ?}IK%Wsy|VY|02wk(Ubi!gH9cygBsC+aODZ_^$aX>8VA( zbs|N$R(`?3Wmy$icigr7<9-?(lwgzOj2*YqjBr#TX#?h-a%c& zA2WCk%N|r^aF)d2sGEH3tkz)C<9@yQm#QBtrflGXOQpM)f_pFHw%^CR6|20pK~vV8 z;3-#MlYe{6WkB66ph~rjLs@`gY|(oZJMRa5yDJ7y*8~0xOW?(Li6#Ld$KuYlgX2SQ zAF57)x0il}dvJQjImbI!no*F(fA&7ggIQ)&tZa3+bI$IVX+3nWX*)A{@Jz)>myn=8 znMqMrz$QPTH-*RNm@UJV?)k=Bnf+Fyu?aKtQJy;sV*Mi+)*7QaN9n}-zoJ4+y?lVw+*UEw=4{`Xjik*e!(H$XyLltnmlH>f6b?8r!W6_ zC8KJBe|`nyx0X$XmyOaw1vK$J+gPsqPp&S-#x!If5USz+lx~_A7kzXd$}4G<{5^?WToAXLIuJa3n4`+ z==J&nkIGtMBWTT%qdr^%x;~vLCwU)*y|_W)cshP9knN^q(*!%g(?Qy3!5LNrAME*l zJJ_c5KA=n>b=JEdyZJ*z!&mio<6&g{vA0Ls7s_4AH4ByJInBO~=veXWe#RoOdL2_of#>2)*ef;|s6t!JUFM zKnHac(wf*^R%i%bX{1C?f12MUgBw|-%X;@Xq>ksAdzZ8r)N0}85&9-IO{0a0*8U1P z0q-d;-5N@}yn=yvCS7n6S z9^z7h%X?X;mbyBUJ*-X_R^z_o-wG3vzwhq7Hw8Z(zfho~WPrf#jg{ArnqMg?=KqmZ zs{M+$qH1W@e>CD(wo|S4-o&HorO$O-L!4Q0>E13uZWmlV{RHrULjEC#y$S_oG2E#| zdl!!y6)TGYW1DF{S9zE2(wU&Z>SJ(~wJjgFhHuZ>H7m4yn_o229eBj|MTp*?NBlPM z9gBnav^7+T%{awce{l_Xiu*FP6} zW)CccS|zIr-Pv}YvX@5ZJ2zMrwGDYr8_?CwOC6;=BZ(>v?&TFO}lM3Wlg293_ z<`ppc0o%x%5RayBE4Kpks7KdVx}cXgkm-O&}cNXq4J^EPC`a{2FRa* zuI_$#m%-5h-}?drpb|RWNoK>VCwvM?M=zko-)}gi3{>|DjW_P_>Uf>19*!%0`my}e z5M%E5S09?G3@rrPweV>@m)u8d22g%$w{P9PP4r-$E+=O-eu!z^CT7CGYPq#ZS;O4L znBz)IC4A>`J1b9FXs_s5aWj%ahgG7&;7T z+9xKKGRaYBucvzk;_u(!m4rBk*XHBRhIUYQlEK4i4}7@zC+g@dVB(v-X!^@Q4oL6G=Z`a|`)hK726oI=eC57z^EBal3dllJ%{urSFVVB>^ z+K(SqjjKIMM86!rJTo4hl5#9&#eKu)%YHNy`i3bfJ>l`=lXdfrc#wvudAn=BdQ*sY zMP#Hj$Kk+eMV|)o4$LuOO}%Vv%zAciF2-%FG7djjH%oJc80D?-+9p~Be;r!2$D#PK zIoVwxW?fE!5BknByFNKk+`f$3r{k-w6?2?zf&zP6nuH?ikLA|a@I(zvWA|TUO$EZ8 zj+OOebzho_OPV@+;Dd@eU5B|HdLe#518&|33&ZDVMWM&!BRirveRX(a*r*f z2lIt)(lq+_t%1-GzMY3D!A)VYCWIL1*1UbX-gFgVb9F`kP+is#lRo3c0l$9URq#d{ z?9PtO*qfmF4XsW)liwyfPVq_Vp6-@tK8aelaXuH9r^vX{xCK3I-r(=NF;Np4GJwPi z(>v8-WjQ$kwnU#6EPvFlyIRy!k?O0O{vaRrfpq#V)YKKmKT~QghDj8U1M&MgNNKVj zt>=cJ?*S>_)j@^_>z~|&t|#*cS<17(=x=e>Kuw|YXj*jExMh{CQ$jHcx+TNb zIfOEpL80E^@Dp8rZ0i#f6Ad;wD?cz+?%%aD;}ag{qNI4U@4zRbU!DaF2cmG#**w1> zM@pUrAq!!_m!Gwh5Qp$irC zJTlV!I;@3D(a&(bG3c7#*5zCz(o*EdL=u!Af?EAJIl=%cQxIEklN-yol9MwM>*`>) z+zJuhgduylMY`9E>SOj+w@WHJ9Mn)fe5w5S<)kt&l;*6bEiv?3qivtvATxZ1q!&~s zFk4n(s6cNR!p_MSYg8d9D2V@5s3R)VG9Z1kTPhVH(Tm*+jaxzWkNfTy3(fX2(DP|) zRtV!%L=R_~vjtzV5?gL_b077)dKMgOwAV3Q7jJ5?MY4{A?fwJAB^Ht^pFmH``LWd~ zoE+v%@(PC`ZV(1Pe>VGiq}=XkoYYwv3C#k5sZT%SpBcQj_fr&DPF6@3P0iUODw$YD zp;Xa0=%wTbqN2H_^@eOtGL)teh+Va(Or~lyB+SjqDt#>vg6!_92=X~*f1;giDwh3< z4BLUVLos&fK(UHR<<89nLygru|0G$NsHi9mDDG8@Sr~N5wWz5$xhp!SqEOB(h% zTca{Q3kC&Fy*N#&>b>URcZ9@%Ot)N?$26>>hn=u;d#BF`*-eEN_=jM^yb2%F(q7M1 z5<0Z4S1uAOa6c7}R)$aXZxi%`Ya<-3UbxU6?O$3ix8&W?koMsF9+tV3(D`|`DXlKZ zI6`zPZqO=;FboZPOnI|);12TjU>7qXv%7ab`}41^W{TtxOWvao9f&Fc?0854sRA9k zkhBt(;$ri{#UZxaC$KEpc)eG3xGvJS<5sSpW@sz15ktJn&Yv$25*JnhKM#=F`bswVKej z^7Zv(bJbq#8U$bT)MVRT($(-6>3Vsp7^M=zp_r1S?q@r>_+edYg!(6Ee0rz?EJWW+ z&sA8cDT%z^FJel|pm`d?pjNXJ0K<(VZ<%RhLL#R)-uIP3~G!UmA30 z%Db++u1XD`AT3VqoUH809l~v2!`U|HyDdEY=%}^0VcM6;4>lKwu~O)LYV?@w(^&fR z787{+2K-C|9X@`#9x{l2M^M~<;wqI4b_Z-(9zP;~QjU@l3sn69ksr!6EM)vp%iZi_Yaf z(0BVDYe&=(4F$Eu5!onGH_tW9(cbxus$*RBH{zTv>)!TD2_N4l-#a%?k@YB-c?#TvuzJ`Ovr_ zM#z|Qswsunc||Lx*B{6VQD7!6fO|-uo0Hr^Ec!OkI8p}i!z=>I@fTkMPH_uulXbh?7gUGRT4!D*mhBEFZlvcH^3T?0 zy(A1sK)dE$Jv5Gh0rrgCLXLc2?;A343n6az_PhRhF4T|(T-u_{+7SlpK2G~*fQ0Od zQAn0$%8q`q6(xPV7581L1Dn0SP9gA;H~M)xV_>Z5ZZ6|r&)pXQ#F;f`N5no z7qg@u@_`?@V_6b^?Z8j4W9z*sO60mBS?uMsIrV>y-2?ZpQ^wwS0@iOC5P0S3Up%=3 z&VzT(TUmZ0!JV!JAOCvpJ3IV6uquGcXD9yRG1xa&eBZo}`NDzJ|23V^1(N&jC%r}V zR){=%ekO1KfdBqOF9XIt_&wX&0vovgJmvIXEQUf!$?*5*Xhn>)!H)}bC+6-Sa0Jj3 z5)7EJhpaPd1*DJ=&K5oWYfKA_MR5z~{{&<21`Dbv|D3cVB=TTP{)(khESNKP-ka^P zz)f6Z?^TE6+|fW>x<3CAad0|i$dj)A{~Pze*|=$4+xAlV+`?wXtGm+M^++|F3SanF zN6nl#_f`C94-*RN|4>7}Xz1ft$0+O@n4kO3 zL`R77$}f$_?;T=mb8f9;-ftIECQ4doVfeczg&~Yx&Zye=@!|gpqdE_G z15KUJOABkVv`Tb=W85GnoJribkWT*43D|#QFi?fNejc?Ul%E|FK$NCka8>UwQj~!f z_9xRh_l`fS61}mv;#GXLwt30YA?|6h|E&{$)^mjP7Ez_rlNnM5EG*iXZO69&V{rDu zp~5EWnp0pZ1k|zr(+|?6AGDoc7I|h_*%RW%1 zv-tw!rj+4cL6b zYKD%**{%G{&~y*5wYScbaJdx?OlQLSbiHp=ru<)=1$B7fEYMWiyfls^ANw|k09F}M zSNCxAB~o`P5hLIEJ^}K7v2gc^R!r9vda{K~hEMH#SCE0*Mz$y=CgZ;0KYuO37pU5q zlbIIVl3AFN7T{RWWaxNfEgch=UR|fbl_7I^86w zVASB*yHZfrBGeE6b%>MNS9jEwKwKs`F0M5)eCRI;Zr+aeAr}yy1^$pbo45W$VfKI3 zQ0NGd3Ju~3CH~hLP>%Av#1L~ACAy8_ABx2 zZM|(C8P~q38nosB_J`=y{cR>G?@2rWB5vQJBoajW1C62nWuja`jTrCBL zYttt8{XpvYSt|EG83htDci!mQtUs8)ncQ9o>I0YZdJ+2)*LvOp1R;YKENf~-_}`7| zJ6TR)x9aF$;?-fuX5|G_9r^o5{rw901QZ5Pfw3md$_Gq zt_LA2CDmTx1$b!w@ zSSyDqUNbwIDbdNvsYG(eZRVLY1f}xr_>%*Z5*mA|0|o`5K-9Bm9pApa)HN``eE5*m zxb6@&zciO{rk#Re0uC?OqcA`lNXky_V}6n` zUjT7!*~{pamHs_V!8gLC$qmm$fw`+9pGFRxudI}oa!Q{)Yj+oEF(AU?Vktl{sWJ<# zD=h4!?q*Bs=5$Q7L#%gX9~LzytXuoDoY$G0)H702VzaY(oE}#nn<}sg=uc6R5EVr{ zL0_SY5V@2j>pgB{N!(mMh7V!%ll@ZCD&igr z;^Fwu#|01dAa`{L2=P>(f?9*~!>QM=Px}5y-dP#So_v8R5*0mjirTb~YhM->KuRMY z?x!f?;c*vNRc}>eQ*V-zNmy;}CT~8jl^UklZxHt}E51oW-GH9-=%@^mE+*Cf?)Cqc!dy(UTZJgQI*m#=Z z9Jrw=iMG(%;$tt2z4MCt4v|%%%G7Uf7@c~m--+&dw-QqjYnnvYg17Gc3P7$`ExbN_&oYFFBazN}*8!vaKO# z>$5dsLgIou)idT4pxQ%O&R+Lj-O6)s!xKQEg}<+_k2gm9t>Vbja`vAR`6LJQOoXbN zXyC-^GSbrGGcq`RgO-Nf_a@8k+(A%qXq*H$h1ifzhm;X&T%w=Kiznnk5X3~GY-N|u z=b$yx4UOL>H}nEC02~r@Q9-lK00pPtvG)@p2;a~4T6DPNy6(S>HWbu<;&m*8wx=QX zvwi%aet?o*7bSE_Ngj%R)-`fV3V7v|-@SWg$BrGF0>vMEwPt%>etzf-A7buX_9)1; zS%%_Z$w~jjtcjZA^Ecee^)F)n}fsUNG>&r zGS2fN1pV?+3M@QnBonqzMXK*)YO8)zk+OdV{sz< zfLBm;($X-LLMy~EZg080B|c}g0MrqhLsBjn?^{L`QxZE@!a9HT$}&ODLeQ4*#oDi& zr4o(1;;wQa*^F^S@Z!1vmy)-xHEx{WN9||hMP6BOrkUf&U5MPgqR-8lnt0Rmf@{!T zo%?RRKCI3?4=fH+?zJiFp8#>y{$P8+F8UZymk?{<FrEi`k~|Hax`S0 z;7i<~lE5p9kn1d28o!wyQsSS`jYO%MCOe9jgB+b2QxR8T8w9X+@= zW2a0jB6>rD=+aVKv?@!?)w&JwikejM>$lb{8B5GFLzND9tkr^8pg~v>c&xP|*<);! zebhNe*F^Q}*K6p6hzQY+vepJc+m@v_1Mair82j!NSwjnp)O)2;n6lMjl@X2uZ{ZgU zDAIJJ2p~1=gsbNK>ec9D#yjA(I~cFDpKX}ZC;?@Wb*G+6hxqOlr*tCPu;;Vz zKL=A#U*om|fE>8Wta;dq>F(~yL@Sn?T883)R9hZWht0Jaw_)D&^mMF8LU+!Kd-*FD z?0qE<_62~Kz_UA@qoboMU!B}Abl#1&-2xF8m^7S4z4l#uZ65ll-bXzmgGq@!lI&B;OyLY$EFZFD)tY@eX(dcA;RudMa8+O$ zJNo$N8>K9CQaO#$uUq|BMd+XFYv;bu4I<=sV><^+N=i(i*tjw(wC@6&>pn0Ys0vkL zT~kw2vu}J{(q?lw;*!W4fLq5`J;9MFkFE|^*vAAAA`H+Rwbs`cq6P+a157xBR+#EG z9Q}J<76-u>B4vd)yXMNQB%6fS{gdk#)IOzqi}6)@DmACM^qQ~FSVxJUgzb1z>+|Ub=tt^c* z>NmM3O(KlzUD&?2K=PSPenH27LeJYQfodG!ARlKrpchX6qiQGVUXj^ zmvXfx;=697UrG3v!f#c|6@)cu)n{j0DucDJ&mq_3HL!KMFe`}``=+k0xA>{Ta~QD% z4ODZ*c+Lx6J_i$dW3?ngcT<&X=a#@}7KiwwYfGF7dOTSgz78THncLrR8aVcE@e_P@l7q^x?{QxuO#bpMYSvr#xbH6f%LDey zrAiF~bBr4v9=^nNG7kb|=H2*S)gih(NE}+Op@0K;9DJ9n=4}+~TL3{~$k(0VWMi$> z&&DF8J?qk|b(v1Z1=^m?%$m>3sgX|bMUCfq_%OuBvF5H^VY%H48}q|Dd!qu!%)@ug zYbPPY7ogLb12^c;YHWINDR^A2L!n}`ERS>Op58xdAZcB#{`wePzCgC&gw(7EyH3IxKfN{{9a!qyOwox=~8p=hJ7)MzQ-R&H2j3=j3)#S6694q^|Hb@8*HQpo~}7A&1X=F&{F*JusaiF>)nhx|lH2*6(C;(z-@> zYv1+)dKB)}<5un0_=PCu##Ka8LAtH$!=Gf8KFupyw9W2x8@cbC7fSPGnufpt6&iO8 zZ(ktfSgAZ%oR#KWSnHwQV6~p+!rkQ%g-T4HqpuDihu3pyXYJgDw8U zmmHNjpQxZ84%z+b=5Xi#Z}_Jgim&#)O9SJA7Je?{WhwLLw6;{sIO*_~)9GUO@@RfN zWQ*5R0?2L#ij2ZM)i7A*J7llQy2oW$y5SmrX{YCed#?Z4<&I)!RWhA5GnD1dyF5!W zcOKjS2|2Py zuUI1UEK#?^)`$rzfF-J|td#nnV4|(T>w@>Xy-X*sNvAE2bsGbhMg1)Ki@3?Yk$+-_ zYuuvo7z8GkA96~guCdV)K!on&&ffl$#TK+*Yaz{%EIZb+AhJ~Rr0!lPCl{QpFM+0-P$lsoL=+~1Ua8vwx1MZjvCpZoT z$7)yuZ|9A4{L_M{TZdVgS1iEVu1yhUXK(q=r2E*<(72%|ds}#9Wl!+p@rz4u6862& zhX;*4?l@lz{;QtL^mzapa0SRpv{n>n zLX#VN442AE>~H5hF_y`Nn8$o_=$x01*XU!*ES=N6txQc3_kvIg9mU_+^urDobR<-U zXncHiKXt|lmhgWb545diS3Ac$P`x&>@2ZiR*}4Z@8)6>p&@)Z5O9yCbY@(TWNw0we z&MQO-QFIu=Gy+%`TpWh5A(+arC7jWU>}U>a$G1n#A>E0seZJ#q^1t0<18&ZzS7a20 z2VE>g35oK84smPrk}3=42upw)3f^fWf_I3V;tu|86`i0N$;mOq1cu3Gb7qUkHr<9h zsrT+yq!RJft1S06atTBr!#V_EQP~OnA?%s#AGl7%)UI2Dt26lYgOG^cnPgA{*KE4^ zb9vHz-YoN1e^YNK610}q%YCN)M9dosojVBoT*sSrhK877f>wgVsYpoK?{Ys;w(|rg zM1(}21e*9dJL}4bEd`Z;7Giu5CyVjzobYwt5cMqbuF0&@5!96)t0pthU?u<(T{jXf zrBm6zE#|EpkTMYp07u9TDSyyawGP_Mh+P|PN*kE5qwRc##-iCz$|;OrP!i2hs3p}~ z#~Y{8*$~f*E$~lh6p?tWUkE~?uC%D=iddb4n|rBWi2EVKDEFJ-jO8HZ1qB6p1qE9A z>5BYn0rq8{UUa7t!#+%YItijSlhy}Qc_q)?ci^H(n0=rtXvqXq`m!@ZN+I4!ANDgA zfE)BN05bF>ng26r&C1Wu&jp=HKPs+nD5DJgD8i{Q$3+2sSx3lqwOwx&#htD#iN5rd z83rjOCfSk!YzU$$MRAYGcIGPofjRwd#SKtabQsW&EFd6&OvW>WwXO8GQ(~GoxIs@c z37Hh-XU!F_VH3>PaP!&u`S|egW1@TnUH9|s0({c3f5g>?e3~OZJ;HzXOip-21io2t z9TSrg$Nv4@@BT;iR`wA9_bS8Hf1+;Z;NW;1Js-dbmPV7+|C02;SWQ{kT5I6CL{iJ0 z9TE-F&hwl(b7tkUhg)YcMHEDcF;P3$JhxGK=|mp!esvwHt{$SiF5l}?eC0H}>0)SO zZ0 z@kEdcmS=%(@Rlm+`ZRhN+1dRbf#Yo&C;SbSux*>)>``2koEMT&F~d zM2LJf#Lg~3MqVBQ{`>kt!lPc6M}e~G3df=FaFNo`qSwojy)bMte1{E0>Tgg%YMwuG z=Y4lx{`m1+8wRVp_U-k#>??`(GdbKB=?=0_*O4o*s2r((6@IkjAOIzCBU7eA_mm?;VH@HEghU&*U28TcxBsei{~;D& zOi_++n|2KidK*fHKzM8DxbErj{0V0INwFY8S21=qGz>NxS z80hPx3ytDTZUz-Qen^4KNm^x;>>U-v!wXtg_X{ZHyDAAd1ww;Fv7BVOiZ!lA+r&pk zJ1{Vh>4}#lN}8K+9F=@YZm&ivuB-J=#l>*HW!vS4jI#%CjmlZV@k)tz*s_X>ink=T z?Z*V*wl^)q_4PUmmxWm~pLPE5)cq>$0h-{o_K39d3q$2h1+t$=QJI=(TY2TlU~kfw zCMLeWJ$q9%kQ;GqyuMzM0700gCfn^S9`9g_r0U>Th`%XwAnCyQh|5BHoxP3=7|gpr z4cR#Bbd!^d3-S0dl@qKcBgrKw*bh79`B@GQ$4N+NO&ky9QmHWbwbgM+o<3lHuKULk z(hSNZTc-=9$L!J-u=s(kyaKaS2Bh9uY>C)3rZFmdUdIPYdGNOQN9sNIQOh3398SD0 z*ceRTb*1aAzc|c(EPs6AdfmmXFo$XF2@17w(YT6!e+7@7B3jc9!Lo+4gSFYePM!P^ zQvAg%tSng^tCpIH)2!G`4y2PJsk;c!IfwND19ErHcq4L$N}1v2i^E-fsY_ed(#7+) ziiMF=WI-#R%5wd`4{m?)p!!hvN<(!kbk!YzXe7>&Y$H)rueU}6lFu%rsW>EiJwCyh za#)|vp!&%izYvNev)%5yJ=0aG!p)GVLRg9wzd0isfqxg)9(ZeypMXFcvy`mktw(Zy zlFwh4htYdWbeo(cbzhF6F+Z$M)iHfn5mEwJo+IgVDIEBOj@e4OmlGsQPKG4u1>scFTyd1HEgxX{AgUWn3!r-NSmPaKwQ zh)SmpKtE=%h&~$KiETCiOObR_)6lX!@e?bv1WA!{W~0AhCiER9Az5i9{|r)?XKhR+ z1uT6;OpR)J`ePGOQZY)dpLrL$y)qJX{-A}4?}_FD=z*Y-Iw#KGMZyf+(ybG!p6>*3 zuiPIO!2hG{M>(Yh=I8QROmQSRfuUO*YMDp|9o)@$_Y3YB4RONMpns zowL|?Dq=S|4ulnGb}C}6`PJ&Jt>phwcxAb!^`>tGdWPdE0q*4(hrI1}|6hO*(ZMnU z#l^SjkbY)?@6`=H=Hvlij7-Im++%+{e*Q2^4=htK6nfJi>O?djcSMaB5DAjAwzsv?@NEJ2(Wyi6>&f*ct67!m40wc}-aSk0u4# zg6ClD`KiJ9TrekJL;B^vq=cIcevE`v7(h&p{|_Y0|M>`}2?g{s5;8-;W!BSw@fhrz zG&&ErR5f%U^?$J#`hWd%r*X1J|D=j@Z%Q#KvId%W#n}Iqt2ZGKA=-^h-e0DRKG=iHs}9%=-K~Q8`quO z8foRGZ4~JB;+NyP7c98>#wz-4Z}??F{4_>>8cEA|_>qQvaoGd_znK=gml`CL?C1L= zmApBkf6hA(4Lv|(i1&AdGeM}cuzz6i`})KkXqldeBJg8|6QvRB9TVR#4%JJ#B4c{T zs$`=Va{B&~L+%NEAV)oqi?66pw8oJ5PHl#rdfp8>CHO3PTJGW$9pWIiVjnL4(JG;R z%mDJ@z1Qy-prb=I zKK;8u74ED}yONwN?-c=2TC{#n%3llngUW-bJ0>jc;Rz-=u7TrqT>>no8+~kl)Aej*?+yC=VJmV9iMBerc+vrqcGh@h5$y%byJ z7?gtw;-UH6Q>+v*kgkU+YN9&)jsj5!(+k}Iy6~irgr0}s_m$Mq6=2r@8u-o{(KkTB zH47{oOZx}bEdS$$uZgCoxaDO@1ZfjU*(|F>O#N)_XuM)I)W;1>rzo)BtA1*3e;s`Q zJSD;&9a^Bp>@i0YsPOJ`JT*KO1h7Qw)oU{;QsN7nU-jo)o!PQ1Q7o;L!5(|y4s z{^m`4G>=DNZD5FI&&f9VBKWNYr?EM-Uk#K@iAG1I4~PJTC; zC?o=XC?b6=Za(Rg7%kUTEyuIlEWXpD|8AJ2Ymn!^0pF`cY-EWY&I7_Wkc**uw>7%U z^x&AG7TL9ljCSh;yQ6K*wqj1V;teeQLnSx93Q*n?&ie9sHxJH`)Wn#7_&DVgkb`xm zdk+G32S>*e$yE;*p-PO#>|$TZOzmQ@hCseu^N~;2!ttxM&F%Z-GmF^XFQ@9jxoFn1`Mj>^f;O?ydQn{Tt8no5pV zbrm$+Jx$hlQb<%1QKbELYeJfx7INv*L#9MonN<3P?sTC)CPXNJScE+a+DM*7qQ7-K zl97=y+nap54}Q+NNA~0BM^IKREG>+=bLrtl-jjt$WYrr~vXw*zw(pNq!rcT~|C}A- z9333&{rt>{-;GK0IG^>1gjf<{ELL|0HFQpe8-d(KWpi_LZ|9{d(eH)`RfhoUSYpOg zu?>LDyyWT{k-Ff+M9}>JL+D0mXedeYlgpQC=|5qyS3pNEQ)2h2d0tmVy+8Wr6p<$q zby(cg$B$PD!SSGPCVPJnJPk@v=+B>%yl&coT&rxcbE2&WsrN}A<-?~#rO6DB!9D7| zWZ0_jqjsZCX(WFnW;%hddJMiJZ&N#Z6N-hwN6Vb`+awmT{fFN!QJ<(%AId^XquJuU zyhF3PqKT&biH$nw*PP26cJ(YnQK6^F=D)IJJv`K1Ay2cEWo7v%Cnw3^muY}k1tleA zBUT)HDbe)?$yt`9=?35{P5a7{nq=LoZ}P z(sF;r!mWuv_-E#xww&vTHn$}9wM>-v$@rPj_ZA0i$@)fYAo)1Uy7_w2KhN!^viJ?q z!mR4sP2M+j%@q1spiz16*Xm=x60?d6yK|B)JRm=qG2nF*sLrL0J@wuG;9uiYeGtht zaVUU_eUA%v0&4D`|a`L;l5aGmj`1>h}s3wt*pLK^gKSU$1!!$j38g;cj!!MjL zEt?-zDvOROvI;r|FA0;TC-mw5<(t8vOF*OXZugWB8?@C7YhD zx)hb~6Ja+b3+T6AF@~*N7^OnfFo|_-Fzh2siEV>Kx%nwN;RMCzH?6Nz`Tnds%4$)F zDf43WZnkm2uGKF7v_U2hShoBEOW|~!Fkp6%BZvFHT%4U%m^>PGO+x`j*;`$hx5^q6(GCS;$BnvUf>(2g8SRK5_`z= z1rocZu_o*(xYhf>(dxkttMT0))}{a)9Fcx9F%6QkAYIw%;50g~SsnaOdEmD9|Dx{A z9i=Bdn%DI7At z`#L#p_w&5}|9NO`i{sv5Ld`~9hi}ppiDv#}`xWm=cxJ$T7853M$ zDn3;Aj$@_vASbuOu*7y_docJ%S4Of^J4!$GtfDIY!6x&8spW#EsB3ZOFh@-<{Q{<8 zj4@?`tXkPbt&6ag;IQ%2cAP9-)o!amU$)e>(GG*#WwJ~5L@*_A|tC39s| z^4ARz&fGL-u4d!y^r5>?F+PWM5rDf(l4}#frN)(It~qLN9&DfvX2Pa0t=sbGwRnHb zL2Ih-mYVwJTBqgkO3F8I^7wY!2HXx*0YeCv24feu@FLTmCc*?QshNbA#bUm~G_g;W5SFz8QRHZ3;CT$yT^>B@gj z!5oEoz9vy2CysLMm|D%=?i&cnmVS1JTC`j+8TL<9xMsz~Wn&GuQOrtp2m(i;rn5V-r6kBX{2<|;c22G=QW?Vyv4d%c&ewQ|RE^|$ z9qXBKb&&^F1po)4<~CpM8|TF8kJrs8U=bIdg{Im`F$Z#V+cuEQ0xp>pHhbx3imt|@ zat36J%%5ldIbjloGVX66@(fq8DfXR}uY7H8k{dKag= z_QTT$A58}M>fEUO+WC?bZ5B%#=Qe)LM>obic8GsYu#WTTAmx$wvm~VG#Js6y4Yr9BTe9VAx4-nGIQ#U z@9^B$FexsZmOG+rd2sQz7F|%D>$K;bDK++S$Fj82MnywlX+OjD(7KPSu{g*L7<%pf z$$hsI+g)dvXgw9(XY{&4LB2}r8?UJ_GW*js%%Q<<&$?ZF#@t7=$d|+pKukq0S;>sI zGWiS(w5cIX@ACT>J7-yTYPu2i=`hn>qu_9U!w+&~1}Pxx|0S$s?L=^EYin&M*N~LT z-l)d}S?Bi1h>V?)h$&vss?U@M^Wnli7cFZNv^v*RYf`?!o#ie6iF&owM(~Vpfm6N7 zoW*LAt5c0w51@}plzP{yvhY^lKh-M2sl?!mxp4BpH@|t`5vDwmF+Y^oK`U(o8?dkk zA&@nNU$G|_cCK+^8In!TqgZT<*XCdBw3u@(p?Em_@}{6gOmbUsv@3w7qSqF^N8@3@ zUAOn;#zDq{Sb>%^yl=i~CH5wA)`(~!iPhD6(6Kr#iTk>Es(v2asz_qFc8v}7Q4N^Y zL?;rr64^w)4;e#Ld7Nziz@qQa2a2Gw`=)QrJdqY?vHPRc%Q=`O>An=xo+!qtcFzq6 zhN4_mVDi+FUJ2Y(*40HBC?~bc5N0!_XLwgFGR*;#KC2P12TR~S55JDCX$ojl>_nD$9AUCz64V~0M76G zzs8N9i`dRoC^(~tP;1duG$P(`mTC5ejg(x~cdz#z=$je>qxBhZ+yXKIi28+kC8Os7 zl7Z&lfMRLDRsa4^6L}4R;d*Ywo3k-5@)fKo4i)?x@X&BDB+_`!F-(W>JE&GyP6T?CC5C5;%C(fw{gK|B0y?<6I%es0*?L1+_Q_o zf5gMy`8bzxKRAM)CdRr=K|&9(UL^Df_=kU8!YGoW^*4`jM*bxD=PwVk87Q3-W;k*o zalZwanSY(Rjx%NvLMO0UFBaCuFri=^F7J%l?L#_c@b14iJ$g6ND1aV*`>4Y2=u6;T zP$G9Y*8lf+L5*2cE#2SH8VT?U|NrUcu1cm~r@auLFq*|S+Mw{OiP+q&7G`d-?vlYX zpHYj@z7c+bt;{@Er_5g#`KjE69(v{gb>Lw`<)SzTHI2|m@|%s@q-uh+OU37x*I9(b z(Bv6;MxS`4*V8O+6I!E9k9S4F zbVA+dhD8X)dqNbvUu0;RoJ}GYizC(rC!h~fH|q}X)2NQu8SErV>@F|x=Tf%OTDI_@ zB<+RhVn+RHq45AgeHCojr4q!OYBGP_I6O*#fQ>qIPGs`mohYcXF5G_`BUT_YvEBcQ z7(V|+uv&29jX#_OVZ$!~jcpf5M9{MyYABH1J0{DdTKm4SjO&ykO+kEhqI-&KK44ni z5PPEUcQ*&&(~6R+!WL2fXXOZyc!**(q&TF2G9j_uMIF6K%{Y{?T{m`ZVsPL&6TScX zZT)3+BON^fSFy#I5=T3?SL%1o4j#bfJH9%CMJaZPfIBIB01r zC`k63U}md6Snf7~)jy2xS^dDJpMo9v_mEAI{`bC?F$(TJvTULY$g8Ne=wydp1$huT zs_K8Z?bH;m<-ev~u+%P(9qVimWC}Z~c5ZA-+wE31VxFWPSZ99kG||vGy9`PUdEVz4 z&CBfG|GHXd}* zv59`lmVAxpR9~uy_QG(*_5E2@A;}+$IT6>swNX>iVt)aii2nIsL4mYNvW=zSN6Zvc zW%))sR?ltsJ9{Ha->A}@WunlO&DA=of#RP z-`vm8aq(&NI`~7CS`>G`##h&FFZ6Nz*yP4)UZMBo4~3~urv!>dD>hO3Q)2d&AGg;M z9qPHqwr2bh`?dF)h_)swDtp0KtkvBY~RU z%RYS-4g7$y#!_cyI?*AHou7Yo8(qj5^c%#0b|*&xKE7gv!__rQeW^Dx|DIv6h%nOL zI|dExBuEBM`OG^z98N9QIbbYS7g`d9_Wv}O+9wXACShz#p7ofl6>5z}*1+4($F)1z zB(wJh1ZhBVViai1QOxqtmPEQkW(dJiy?jB) zch=iL$W5 zHOvx$FHQmokYJnVJ5?zxZQp?LXt#ATfT#BuZAFM1JK6Er$H5AXs)QbWh~G1}ac1<6 z5q1*+^+vM)fE9x`%a(&n$&1rMj3@c{dGnlFL{xzpYS27OkvaXVNuj%{UA<;j7!ocmb7n zdVqNL#+hhr^&yx>mLh!dQ%Ih7!fg`TN%r(^29+l3Hg4}EFTE3}C;*$DsYR43JjG|8 zyUGQvN6*M8H9?Qu{=g+Q$hwB_6@P|Hcx*^_Qz1n|r1s*5z&niTtfQPwm34&?SBeXrgqaJk6$p2#lP3 z%(f{Vo!}k)?X>gKuyZskr|`^agPEk(;e^)6*2l7nLLmeXgy=q5G=4l~am6f*3;~Bl z@wb+^l^gOW&+yksj~np$HQK(L9Xo~Vz? zSh!Z%_9*=(7Ezc843KEBHZIA2O{+03Ezhe!FTR;V+GAP=oqgv49XlRLdyPCYZrC2p zQ&Rl(5fu0tmjaex^J@$f&XHZhM-am6th9gJOPKZ2yFXIH-rHcx5h8hugQ(M|rtCJp zt{r6_jN{{Uxz?alc+BG*r)6q)?DjPYC>T0kgeM+qQ{w}C1Tj2f>jwmGXw(MQPMwT1 z`7jw8cpb>=`RUOGNCbHx0?K!n>|@D-@z1QTh*n-;VR0DrgAHM8^cV*$w@ zsIsLzO~eiWy9m>(NA<`p@}R~C)VZDG2UOC^m(N530G<(Y+7N3m;z`!m*IQOvo~hhQ z2mLmvD3CmCR58Y)udm{gv8yzoBqA#_la1y@>z_ZBh?4I^L%e_&8(DMF9_z|EB4l0e z-*}0ru#tSm!NF0MW~8b4cF!Q6D?TRXTFr@nnNTj@0fOl9f;#}-?A8z44D>$`zlw9r zqNKk-V@-Zm<6tzGzwcw0*7LA%E8f=mQh z@RJafDcAzMU%BoiV6|74N<(Li@2LmV<`*+P#ZSBrx0Ey2EIAtdG(ok zEGJtF=q$&?Rkbw1Q8hmJaUbv@u&k(p~ZtH`9Z}JwaUKpuz~?M zyQf0%LuV);k)VVKPW@PyMepNXQ{&zy=U+J`i4v-?JSMpX#BJO7O7DW<7T=V7mY)PUDw=GzT- zSVf)N-Hlr3VVcJxGwpF?xwQRSw6UN}Q`QHK8OTR%&-HHe2(eaa+*`sCJByK;lOetC zs*$(bR=G_$?o_lZRBunlch=uK)!1B6B|BZwGX!13EHi*9l&a}UCwn5dioxO5FiwMa zQ_f&n<^DAet{V6=t1N+)^kz5Z<;G_jEaBy`t5u1;hK9sXE}6y3-sj?Afn})R*yP5E z0+WJDE=b(Ea8{9X1sO>0>C`8u9B6;H;+BBPpoJCVIowejd#hfsuYwLOE+Hh>S3c)D z)mk=2>9yPE#7f%NwnUY1<51DqNn8NF+>oWJD*2gN2@$qUhmlK`rhpv#g_6>(rQyok zhUarsd8304=Ns#erCkH7^jD>}%~`@x=`Q|6(_u^NQ}$I(Pxw;DY^@W{;STXwQNBQo z1kK5YFZj|vt)>rcQrDK`=|wr1s4EJrI%*xyDrN$qRj1xx79;s!*RQ@P{d!ZlZ9ZWV z-6wFbraX}-8F37-VkR4qX8X@`VvGQ2Y`njcW(Fs5-=ZumcdqXLlit+B3rn3oJJon(17F6#x2*$l|ZBn#7& zeZB`i3n4q%ehd=Q$N?l%{jM_sP&XwzU&CmQA#2P)LVn=1JaPq~ZU&;8l(LRZKnuVb zbtru%^aIec9oNY@oL>OE`Y~Wz{ZjGPW%9wXu=OYy06vicpX@WZd)Xb1+_CGeq=9<` z2P?&Y19O%5U${{vgjPYEO|L@$go#~x=EXz*2{Nq=!0Nm8IDV(&1fL~eJzs`9OhDJ( z0dB#Dfp&Bocon#C`3U<5lp^2`7>j5Y?yuh9bvc|{>R3L!@fnci8D-xefU{a?yO-5{ zxOAW_#Ywq@I}k%=kdQX6s1Lf6KhT>!@ul^_0Pxd)DB}-p2o!!8mjfe9OdKna05ayH z&95K~D|Bjx{y2j6Q3H0DZhPB73*ffu-}A}e+g$_vHwzzrrd?43Q!8n8^&ynbgG7M- zY=Ea-EY0MI2d~DWW=C59blGU|v>b9;VVmG}^n$h*?i2!k7;qNIa+bZ|cLum`e3M$% zq0@$K z+MsQm4Tygy^4!G#@EV{&F}np;J(??+(Mzr!0F(L zUY;jEKLLpveLEO&G-W_U2>m8)W9^gxUg0NhJ0BbU%YYNhmXhs@2gHL_cO^sN*f7(9 zC2>LX*LhQ*WWM4HE=RNhK$g+;Zw#_5$zY{b{dc9^)!dk=?6x@p#6O{EbbNq`!75~8 z(5W_m3B+Ld4?wKZ4t%{LoNlpP#jI_kBBMU@qRIXX?}&#D4Nj=tKYiOo3h?gjskrjM zpkuPjru~78aReT}V?g8nhW$W^Z^LH}PGJNG-N}|rOq=;Ytp#z}8;)Z`5fDHP?!>FZ z-5ra+DTRP}?I;K#>WT}rma47td3O|!(|E}?0#2}j*HrpjvS$9?5!dS{7@yzb)Y=eb z;EAO$Ld2lVnZFTM<6M8R;GolGLv!jVCyBYCu7ya#-0`QE0TZ-OXX$07!7`E~l-o*# zSM`^W?(dqU0IDE$`I*Z{qd?(YWYa}0O2OACbLannjPN)?+$Qw2O)77$Wr_JZ~`28(!Lp$^?}9u?DJct!Y10j+rhMunH0ZmCz`qMlLdz zrGLmec^F;w+hT+k*vg_`#3SgdQ(hc1TC$DCVD8+*Y4b%i)6hMU*UNX(7?$Zq*kt=wa*^d&-|vfd%=aYOG^EOC3V zi&srq!?!xZZTg?u9Ykv3ct9Za%LFs0%9$a{c?xn$JY}Mj@=fOxrhrevH3auz{?GjZ zY}W11KR>Ro5%kRUsxL`AGzsKZs=hZusn&$hdHw0w0w^*8i?{BI$hBMJ_53wt4fs4` z9J%@mBjr|h^%c&z3>8-WuYs*^AwVvTr1uoV(tNb(^}4?8&|8xeefd#fW)MB{$L%YN zS$#ly(5lYc<@qaPA(T=VSH7ien)eMg+s?IDPdQHxioCGRexbC>tMN`Pa^m0psF5=8 z9pTiZM&5z=Z#03W^4H<`C;JN(g>Ao={9xPCHC1Z+D|@tqz(@R}z;cBS-Jnk1_So{^ z8?hITk-C?(pDBjw#G_x!fDV-%&^H6F(9id;EP{@Ai{m@lE*PKHS&yDL0sWXK9%=(L zR{lEgJ~^m|>JXi;nhEV+?+pPW2Bs~$Jq1K6N2 z;1CVTt zyf!pWiOHs{`4#>=2U|@3nngoM_hLo{9!Y%2dqj?rg^s?WvvzpdRTMI)R|4d7g5~)6 z0K2kP>U?J_Z-;HG=)KF>4rR~|?!#_oprK|W#Y9IJ`SGJ1J*cs$uV?j~kj+|<>|$SR z_MRALXSduB<_r{uk!?Z0ICHJE?KVeN#}eZCmpjvl-nOnP;i+BuQa~M~bgBc8C4;kF zx?Q*4TXD}=diA6A5V(LJM*x>%%RLy*cJ$d^x8i46_AXR*Yj|{PRJCa zdVIF8Z2I_LJ$-7;&zDPWvG;l5v*m04heYy6Hm!j6GCLQV)xeH;VQvnp9~{`)X5DHp z^=3c+;?6ZA){h$fn7b}m?<-iAFK3kFGS6Exje?qA*9}VVzuXvJ1$p1HqP#+ZQtBbH z^gDk!$^rb84j<4Vg9+%)_4f8Ir^;srrQHL2Us*|rZW=0Dyl}npG*05IY-1mObhP2! zmtWqMcnvTNcuaX}85{EpTXysy?&mtQQc~=!mQyF=PI3fM1f--$FGao1OYZLOFC+%G zKQ^1hxeuu;aTy7`)es-YdI9pFin*EXJbm<*UHIxNG$;r%PDYgErI@No)7Ly}e~*pi zL&Msri4UlIAQ|(Z^0pD*6RVAvBq#qo*QOLGj54!o(PYfH0xlU~N_d}2^LZGVva)uv z&!4?qbBmk#We9{dZ`-zWn{CqudLeD>&;f~5Vkt~Z`lC`p+B!d8z$~SrXb}oUO4O(o zPq(G^djz^w>I1rznE3d$ZzbBq;cmDv$`687a^yU<2B&&T4+3`ZN57#P0V|C%Dtq+) zK9H3qH-IT_rd+f|!J$%ClB^~pLmt_~yK{qe(YLKul!y0-M<{@Tz=<4bEn@IwvO7!N zCd7SjyQ0vF*!^sj?`7C5pb)Gyk)>$M?MURm&?gu>J#7K?QEJ!9bap!aHvcA=AFJjsc_JVM6!+jyp8M#U-uCRbnf--7WU zHwkRLLr+g1xi;M%lQ>$TB1u?NT&xMx)hi6Ye+uCp5*K&4U}b;eKMg9WpYpm7!aER; z(6S5vFRhNJOR_N(#F%~frcARA9nw~kW%(ooUbQ^4 z^%~o9`q(9!Amd+;$jL*PU3+ zU7==D@?ZmILL5tVg%%pd4w~<#w3vj%-j-U=(qEiroYJ`q3rydSz?h9jfq8NUb~Sn- z9_1AkZO(#=@%ckzlkaVun*+MQvhE(jP447t_w%WQAj$vdRSpI;I4-@am%s2hGsp@sV?2M$NmW}%O2EnU^Bj+`oEL^MZw|3ooE9L`WAkAQ*epL#_6p_U1j*k zAVQ%BUr%!j3dVPJX$6(6g+$QcR?TxL#OEdL2~eHYpb_JN|HH(jS^6l)FI69ZeBOA* z6f-8?BhH^kpWXD08ZO0<<8`n#(+SGu8M{Aum>#T@6<)AP^$Q;gauV>J05M<3LRoW{ zyXWUWtrl;l3IZF@O}^e0EY!(e<8EXnei#gx6acyaDClgKHR?C(In7;sv_Abr4%@W; zB+nv-qp0h`IlZ?hatFj+G>S{+h6b(#F`yVpLOTisd3k{+X}_j$-3^o7ORXQ{~#*z6Z5W z@@LldjV<5T&F}Y4(+~3OCRdnbOD!iEg=A2@08TmBS0uK)tnV8wZLfS8gjxV5$A+Cc zJXSQOLsKO2d%GuFdl3D0X)872j+JMBtem*`B>dDz>%3CqbmHaDXL5;uYG;KANsA@h z%NrDyzN_V{A55~xNL=}Ywo`O%UBw14Bs@(BFMsFLNx@V)#fY>h=awQvOzvaMOoQ1FZq~3FIA0=z4d<}HwTzMQ<7_-McCML0lb{lee?m51;0J{Q=cv4ok@_-SxpW;%D&}A-VSoQ?@fX<+2RcL^DqF1tEnFu z4mjWCMZiq3Q+;Qn1-L@UJviyh))P_7z39(33&V(}T!?+B&&Pz@)~VSFg5hk4GkPKW z2t)_IJj&9;jv82kDFHvzcEcME!g%k3573Ke}*g=C0V9V{|=YYdeuCi=UsX}eFS-`B5i-y=YE;Wg8FG&&~}<9<<;yTNlB6|>3qbma3+ zk5ov6Ynzz=iehcv=S@;hru7T~Md<)ORNw=kc|3w!X9Q8pru)rmTm8g>)a6p!z*4t) z)I=4c&>dw@MijjbH0^{IkFWrU^+K{Im&`(C*@P~_GcLOOt>7m}c_U~bY8wx!81CwG zxG0Z3C7^u)$5yzbqXy`OJ(cRWUz;?`80Yw9eS9{vqYFE^f$R9MegMwcQ*CyA0?}2@ zGoXXH^K~v_d^~P$?m!$c;mpbt+1@nhtlAvG93O&M0L@6$l;m~81b^7}xPAj7tx3>||$i zC%k?giEZcXz!;Z$U{L{_2zEL?LTcEu3G^i{vZm52Bl+k}k-jI-kHF(Ok(Tms9=${vPz zW~VWbhp^L~wq{L8TX>6?#fw{LrW$(g+0=0A7*uN?57z;@(2tXmlek{X>tnIPtvu+a^DtI9#-Gi$& z{X%v5Tns9-gcJ#2F;KW5pXXq{wGTe_RzR&$V6rhAL*qbn0d1#!j7?uVN-x^7 zBPqL%QmIZ7>{`x)uKTsaII8I-n#&9^RH?ese!G_ zAIM3LqkP_~P-x5w4B2YZqar{mtli zyP`I;z#XnMl=WxqLD|r>Y@NCQ??@5{{4RpqaW;C<#!|IcafIS3XMila#@nSx>r-y( z>Jea_v^gLaqx&|Pqa8hC36yVgTz&pG6P-u-O!XGKkSJdpZAT2Rpe+gk%RN!s6Ng@1 zUHubhlcI{SCg8&5>W5h(wITi7rdjy?`w_%@0}i)soy`8KFJ0Ct<3=w3Dg#vjKD=om zlLNx&$**nGR=F+nb*&&)02;v;2H$ThcgP}P#03)0wsLdvUhzHU2Kod-{FSq_XE1{w zLYT&QjivS;!!xm13t2oVHZhcbTS&ocPGO60-w{yLFerQfk05oFcw<{&utGF$Pj?GU z3U<1G7xb(W5)yis&zCy87;kzIS7f_$QVT*nM9Q;VVHFVwKML?J16%{@Mv37a z@+UVQn_J*oe6cv{u`H)0`BcVx!F9k%cXxiyw`6MH^6T|Q^Qf*ljvGvMrOs3<^2G#QFoo2;#J z)za6`dSdSC7;h-AH}JNP`Y;(Oq3SmvZAeqP9wNKs-xVRu7hs;wjm`4yLhJ zy~3iVydv|&Q6j>bK!pU^de4B+0yA8)tus`FLZ|oSz8{t9<@Ba-YyJ74&JZ2^QH$i^ z!9B^+J@xmWlT0+BO=jF6kXy6Hor9Cp-0A*}`^6;rS!;%tEvtm>LhcqB2q%D*K=G!n z+x5=t*Z@%1jS@>vVn!TvJ(@rTxIcIG8gkN-Dy#Dl51_&P0!47TvlPm|@7h}yB9M9h z9~KAZWgIEF#MgNL23Q6gvV_Dl_Hq!qXl84S$9^7tNm03;wKcL#BQHf>jl9L0(7;r_ z_rMO$p70!ZvN`#l_Ob{U8ug*O2t!p&b)wYpo*t|iHS_(u#x7{mC6(UQEym}Yr7*d^ z^7?edZMe^Mp5o`+2|Nk+ccB?EC5=&uRV*sIbpxKEWvt2J8q0H1Us2omNttMpc%(An z*!;ZpqPAUeul`F^VJn`&lLz=Ef?1Twhiy3ks+o@jnL`G&++P<)h*8I!E+uUT4eg-y zXV<33X@MS-DYbUuutmeC`UM3P%-%E#rjGKu?X}2D$*vTm^+1W+>x*f`FsaELvpl_* zs10jOwpwwodQoq1u~&@zLC^9fwnQO@BR@&{Y!M$9+OIXx;K{gfXJ7J`$d&84{Da%~ z%;x((7cE5pPD`XA*2g{E6yYIM$8JBe%SJRRNE~8@ z6qc7$LnjzP57Hv;o&_F2;4^x&a3z?*!T4ANJ zC-DY$)`FOD2ljFR5u2K9OyZHvs`+Y2stv=z{fwk#KY?N$hg`{{<^ln16u;ifd`8=bc)zi@kuJ&0_qlIAu*(=Ox603O1q_tg zH-va_8~8u?()J|Tdj&# zzVo~#`9hzf^38H9xYn7&F~t7p98~hl;BL+Tu5n1A8ou^oN5u{>_7+4=ttG1RM}Iop z3b04WBe=~gLY=#QE<5!>`f(_w)pj&Vt2~oh4sII)rm0Z}WM8wB&P{XRm6Ppcj}Wi< zSr|w~`+&TlZG~HRS~u=&1wG>Fzlrzf6@)!j{oWhybbhWeUW7ew;C4y&i;Grr%m2#Y z1G;N%{2uSd%;AUBY)@(^q`GX7BeMg~(udzFKgIKj74(0I>HT`%pkGh$l;Ql};%w|N zf?I(4;(k1^g$e|8rQaf%gULfUtR&#V7hXmIJSxtR1+VFDF`^q*;)b%isjm2;< zfQNGa8WeX8v~XG|!h0+J@0_0O2MiAgk~h}FP|KUK*FT`>_Tjmk;2WroNd%3#QXn{i z)7`mq$0oo4oOlhMS2h-c`!>A1zISK{fPG)70SWJA;eh=tfUXf1|MzldR!Q%j6Tq4t)Y;pk%*@gdd5nYEsx8rGD?9SkLKKis||;@Avaz6fA2?>>vvgBjg%>Yu|=u0fAdtB@cbAS(gDLC!~K0H6x~ zq($!*Iv-{A5drau{?l*_j{;yiq^^B%X@xXQ{ACR85DU375OT);!j(ZA2qh$H&2t>0 zqzRr#fs8o(5hUuJbU9pj6jHn*fFZF>6%na|l(hse9S7h85}tewlvR`@>V7TMlWg>L z*YO5zVPG|eb3F=YSf0J5G(Y%iS3I|H)Ew4CEggi`#w^ z>cML|?0suzFE)3&xuI9=8c$-cpu30q!y{^RNL9~)l_qd2!dvQ6Q9~UJVLK*R+}axE zOG<=aVznn^AX+#e?3;Dzm?37lYz*`>Om;l4(Kli-Zgl@u7*n`wtW%$=%@v$SiPa_C zcEB$dxVI>^`sbxP8)dSh=YwlHJj|80+_|k)#ZK4*K4c7lCHTS3SN;a2QJ_9Hz+OYHsTiy^J9aZUOEh`xaoR zZV*M&jPYAh(Ox|y*xw<4=VqVtaa7>RN@ZZL3Vy#U z=OA@SJ|C6k#vC&tb;2`N0{A=yrZu+!40x?N6$kLgZn2FCU}0OnJe6N^cYN{E$m;Bd zuaJoDU3qr)i(-YQtZg%5w0dXUkFEBAfCoUXm-M9P@5cv_wqkL^t`$ai?ut^!9QSy* z-hoQlXMc3;8UhCGeGhu22n*RbD~$5_#;P8X4HYdiYgr$A+C~>(SLWWIn>7z4PVo>~ zwu~ypC`*<4G>6l|Yr>ZQbN?nVuH?)tZ!A*+Bu2JdjfvZNFU#K%%Y%Kg>W}*`ZBZ|9 zTk^#+i9${eSHLTN>dQ_InPcWZ)QIM{Z@Ml0N2Q6uoHAZMdG(_gG+V1LvNjD(A=091 z-IBD7Q7kK;>3zFFC?6u0Azc;7F0BO->{qX^*<<^3|=5PF0Rjtr*?XPS=FK{eS zUL}yym1kri;`3Od0Wti@E3!WWf<73HJU`W4mz%^^m++Ow-;UJ_G<$8^eSF=m!Cvw&p2SAm%*(jn2fzTje(JLs!;3HGPEJ}oJq-mC$oUf3)1ijN-5CWp zWQ#`+O#rea(&u-tvK;_9o#E1vrTF9}OHP3QPCEGGxcJ+u@70w@h%Lt#P^>QG9(9 zQweFi*E7*9j(-XBk_182Ha8$onwW?f?r0`!ZDUh@aP2o1XF1M@hdJ>BByqDpb zWx)DB2osSy1YUx$J^|bU8w8XET>!tCADQ8PuXYCPKZ;PfI^)q!4}3MOB>`Xl`#JQb zOp+qZ8xrh9pP@CAPiTeqBdq^Y^zQI$;9c>fcdt3fZ+)p#D7$T3Wi8!=O_OWf!qba+ z@k|}{_jfGgbb;?2>hxH}uW(VtF$#-41njwgApCTbTvprRcN|~JYJ!NAVlON+Na$Wd z0<=BgPH8w~sU-=h4g&Z#dx|y+ncbq@$^BHMd;K220q8Kre`&97+1J#>cTr?(f3uz! zgTWA@s%-iMs&)kTOZC3O-y+xeRIYTEDuFEE*f zPZN)#ap&=df=gaSE_^OZsvXQ4yyh@kYxOqs@8v@ZWws^+zuYV~RNY56Y&m4+J%vrB z4dzSNuf_^m?w(4HxKn)a0TG+y$T2ycH*xagF`(}>DSsysZ6&lu-zt02py4# zEu1Uj=bE94NtqlCo1meRX z3kZ0|59m-MjTVZM+UAXa31`ae|8B7A#LJCvA%4Kll#)@PJWQIuDT#_({*2ZtS1+IN z-`}HP^CUD96c%rpAM(a5_n}Z3BSHBG<7o{IGW(mHRU>mjPEMv#6$R+dI|skx_Z4|z zjC`4ct5XL%2T`Ev_8{`JgmAegX6AEi^eV0ULDlYJ-B>8|%UI;4s^wNYt;O#{sL|1a za$fC``JL>qeBD1EW~*QjnI$S>oY6xDErGVX6SIJ4rNqBECFO7v16fOev$S|TdH)Gq zYURUrc+x-l#5%5Ze)o%+Oau(;wv+6JI_-vNDBfq2cXyrWS)FQ|z~mPCF7Nnr9$+qP zKFl)W4B?RS$&$QcP|mOWN2mm2=+Jqv6Mvw-dv#g|lfh%!u<3h2^fO}=MPV0NPHwJw z>o4~1TBngWd47to=pJe>p8kHKTpE%6RTA|lTl%0d#6Q+a?Y*^SwRq$o3eD<$dNSnp zHMWB@@_UVqEyGjH@&sUa7IMa=InNY%$PavrGzu%SWgBNxd*{NN-5SWJJFYYJp=fPW z=1<5UynDCxN~sFPJyy~Xq>0vW37BL!!IX~wJuSjom!AUSWpkS*)%N*_e5q)6kci)k zHMqU3?xrZFSG7O!YW|i@X^>NOJ$u3TEU$K*0^e~jf3P?2UFlc{Wt>>EBXsI6;+?I$ zB0`cckv=AxVo%ABEOI`P6u#**(SYo0*f_WYI@oPgXHLe>PX6o(E*UJyQ_EK~DpnO+ z-zwnZjEk>@i$8)nJ8dPHNX7mcE@qT7z_5Bg5%EMj|59@KB|2{_6QH=EHfoq^4Xf}| zXXQoCeezkQxcH~}4Bp{M2nXdc0ac8abU%F%CI`Thq^$WktRfwqT2yRU1|?ki+_(28Vnj~7*mzqHqrxx#1JlS~ZFSuYQ%$>ExVXko4E-ymVo}%dSk&jR+7<*);g=*=U)V6llVSf(j}$ zjd%8zef7Q7uA?g1mkEl5xDv~yuA@zf1Xdt^T-qiT97>qwMF5-^=~ZW8|FPZ)<)fME z=J)!y*N4d>JGTB=yfV;h6VB32))kvP=c)(Y^a#rUOAvh|9_Lw)v-#w^JJsYs+M=RrvSNGqe`v5uPWh}I`2*7Q?d(XIo-)#d!?yTZ2lXT{yF(U znch-5Is8D8R>_d9yvXOB%N&F6NfWcx>hu-|5O#@qhUH4Ig!T=U${#4-OL7LMhBtj~ zUizUQqivU&ej}0obnR$$-&uFdwPiU3rfs00z zK5$J<7!9^@5%H>%{gg4M$lAV~Zf(U=^p7vt_HtTjW#`J>(UyX3x2pTykY1ZpZw^*n zt$Bp<<%!8b8^U1P01Gk{yarN?OP?)WF_w;E4$^D&vxPoWZG(kgd-HY8V_O>)5I%0O zPrJ_4V`;c*aOb6dfl-187w1^&(f|xR!CoZmfL_(8Q(OD*6DXY;6kS~pSIrk3FTl#D z7r))_XPw`iY;bJtG|zR*@#9E&nBt=@5aKyE#e491aV&c})JeB+P0RTS1;Jrl1J|9| z!?+QVmgI2P?S|sUHd~rMn4O35vPeZyz?`cJ${cb5 zpT?+?mHklCfE~h6rWjCf>ZdE0fCWnj{sNoM3rqEO+)mAar$7Loar_RkXaY1i0o*@A zrtUCY8z>ApOW5uh|HD}V0Ryb93M2rQv-`+$0>_CMD;w@}=u2jA{(%)HoWb7k5%75u zP9NSo00dC}UIu#ih!gVY-M}6YJQBv03jg!(m%zJ!Zv)-y=%>fu1+`oZ(_j8ZqMn@s zzS=Pd4fE!&Uls}K)hr~A<`mR^{q^DGj`?jWRAy)qs=u5=0*#?U(MOMZw^vp6ayJNgoM_wY7AZT|1?f*@K`?d!iKc8~B7Cc^ZG)BR82MccZRQ1Z50 zeWjG>QU2onJt6U7R-r2%7JN!JY#JzzkJWHWTNB<4{yxP!A3`5tRWaNpVFfgznf@I-`I)Lb z@M|aw^U!LF=)jg;@V$exyx2KuRS=V^enWQIK zY;pVHPP)*>YF}9Vqdmd?AiKLSPJtj%AYeX(Ti{w{u$Zk1BOiD#y_$VxdcldG1f__{ zw3{)qF&}dMrTTV@Ic`o=hJRO$tSDZ$UQE`zCZY9yqF33iwyxG=f_8O! zJOT$xWj34&5^xW6$mtR0h7W8kC^5U}C=Ffv%}3ZER--ty&bW_ej!GY(pP8eJM-ILe zS>?<`U-E9?2g>p+{_F=^DiV~rRDZ6|q8R(tO^zm4XDqvctTiwL!bc(P%U8H&N)`=2 z>YMBdQrcFV57K?mS0dzrvG>>N^*rzA;kp30y>~>kA#$k8{|){I)DWr+c}eYlTNLv2 zO1&5UCZhKK?BMT;gF6>@_ODEo2h#Jt57n2aU!8=Cd|9GF<=fU#UE}M@ch@VY&cAxt zz}oGytgcpXP{*SrReGJ8@tcwT2Q_O^DVq=We_P%w3IgqOJ5nYKqA63;`+rypS3(c8 zk#Psi27BRo95zp42;NUO30m?;`~`>#0li8%;$xD11(1p}(Wv?2IM17?-;d}AOIUZT zK~GOlC}aN`M6N}{qi{v(jbHFHrP7nydTlU1C8S@AQ$_}7Zf)8xnxj9@#HBArAp6@) zg>Qq8AN*xvGY2)D!Z_xWfAGMZIE#PFWz%u)PqZY%$qW^?EhE+|l(~w@CfG892S?{@PbfWqd8)Zc%O$UHS&j z5Z>nIX86v=Vu|0L7lfO0*<5eg<}LWH)W2Ud)(U!Tm5p%{Pq~bNw(C(4ZH;}^6pfXg z9X0hERJs43R&^x<0|RpY2?)&9=mX9$TbVJqaKjQ65G1!?re;qnEa?>IP0UQRvxzFrs~ogH zYvAA7;~)*C-2@C)++zlXn(rQ4|B?TtnZ6j!E70Q2rAh&Dzylo z?c~Yj@7`9BmfL!z!1Rhy(%o8qCCo`W{Syf9n1OZ-13U&uT(m)q1eizN8HJQ8HA7#hGX zXW(l8&N3ow@sD+HQC^BVIe&fAiZ!TYnu_<;S4!;dzh7zD$;96XB491r>Qd~?yW_-J zjMcFKImnBIF?sXV2PN%V!X&Uong65c|4cC-7q3w{Ad(0bwrdg~K|R|}Vwh`@V6v`p z-D2PDFNw+%n@+Gyjdiu@LynJ+m$`HOAM)NZAj)m;1BC%(5Rm}|MN+yEB&1uqyO9u- zMi`JrP`XPR1VOr_)1XU1y1PL@K>Du7*yp_OIrsf=zuqtV*_%DHW<6{D^Y^a})aREM zGtE0-7^>>_$>d5lDCXhE;vYIvUsaqOD4O~7)Ny!j1qK3mqClskacKP2=?fUlpy9{P zKJP4(PG7iRJ&CX`Cp5mb6m*8LX1~|^$2Iq1Lbt~1k`*grjUe~<-jg@17Sm=g3&T%x z35jK?of_6KGYwmSR6j^I{U1#ad?ztLVW!()4p1*&4+=lmxyTiIH_Kml36#H{3Mf%0;WCzh5ShLl>r4z5O11Y-#xv_TKEz(8*% zFz6otSMsVX1;XB@+47(H0Fe-MEWpdlpsP$q7H>>J0eW-S#`aeJVldVltDuT-E($L( z@F5uTP7Am}8Z=I^zW3yB=y8z+;G{|l3Nj$|4y5wgm}gd3YZ0>O#=1yO{t`H|)_+l6 zBtk)6-cqy{lw6%w=&G5P%$^-`J!C>O335C^s)q1Ip}I=7F=ayjtCEb8b%Z% zVa7pt<3R8rPw0mciyaFAMPzQv1}6Vfk9FmRcu}oEP4>`9@H*2#KBSx>` z;#w7SfDUfsC5+Sw@$pd3uQlv}dXe5sVR~fWWk}Q5VD1*)`$hTeW`0*7!B^u3xta z{=tIndU}!=}IDaLfj>yX;Q1H*>YOYg6J=2gDslPav z?e>R(p-sz!O(%EBJhH`Co+wQp_q?}b5f8M;NQuEmq!kYipUq!&1PP8m9adcRL{eWh zf^G$KT2gshB1JmGZEM5RX@o!iw*CYkg_?nq;|dw1v)b1bC|!5{Ap@E=rQEq4^;KHE zK7*1Z`qjAX6VSowrOg3|l9ByW>Ib&;uhw5zZ`2%pu+c?znQ6-W-#rTSq3$z7_FuL6 zf%HN?Rr?#ZfzG%OSa|#v%$7l)fE2t=j7a(`1tH0(0Ctv~k=F(_J2?s?V)<9@j|gZ? z^`e|8ICf43Jm~`B6#wl4B0-PRl(<0bGthnKaHC_;?q7%43~bkPA+%L*U0|!n{9~(w zFz0{70}B=lco zSPPbVwm<)r9BWndxu{$t6s{Cn=Qa4Z-}?u%=%@HzgjwAg8ynaWd-ma!HL|sW`1>E_ z@%wklfy3l^ufvI57}Zl!XR6T*nKgOX6n9MU+2G%Zo??~}oNK|WkhXD#3=pAGD$a*@ zf3ft}Fz4SD)F1h>T0^q2op6!Ko*1a0J3Y8puKFZNg=XKPx3qzk@t;?00J#Z=UD5-% zgBU*umYB496K)-mJ<=F+dgM*;?&EH;XZvDH+4LJHeT>J>Zl_C3E3yyNbz`}e8UFGg zXv6iQT<>8pa-0<^tnyrRJg#mx`l=bnQ)u`O14jtaA!$5e6|nf0Ct}$##C$|kD>le& zX>5KhEPhDz!{7JunE=OZOD;NYmk925r^(Z=0a>b6wJne_Rp8vbQSUbYL7?_;3rsCbf%#p101&?W(Opn!g45@7tDkW`MhWHg`10uGgn?9)I za&4p>7B(BF={wKC+N)!({F4oV1ZKwVnAe{BPB%T{y_*$CEckSMHH z(mX*EvEwSWk?uCt=WInNqhLPjeE#;sG8ULV*`-v~WMb$`7@w`!*kpA>bWF@7_^*t) z1zyMCfhFe{8ETfOPUZ4!nc-OZxeZZzpv-zBD~H|iHTOHREa4#Uh2K`%@}IQP zNZ^q3(y_80#)zePY^Owcl5Di@Rl!8=YzSOKl+o=ZG5>Ic7&c=azq0G}V;wM{0h zYnLff3{Y@M()k~tkI7=uC%Ve`A_F14V!evdkD99QZ-CD!k`RpllkjpI1Sg2A=VjBe z7H`Blze$+3POvE<9loe>MP?mNI(jO+>_0eP+Fv1Ddz#Vkd{u&kd3Pfr zU0CbR24nvRc@J){rH?v}pT=oa39mjKX{F75@A9De`$;12>oq@%*b1y&&p&eOJLt4C z7Llcxj)Qd*KUM<+GverJ0f^Ss#Vwhadl<$rrwgksbME(#-FhXF;2fo5fvU@6|r$?I;e}E^kAT1ZvB9+xLz693X5ek zTM1Njis}0+)}U-rSzh^YSRjk%&uJTjR#0Pnda}q`A0km5y46*pNKcU5I};Vd!9h6G zq_0O1AOGr3UePr<1r6=>{H}fv%>=pUI(gj(XH#eTFC6Eu?tP6pA17S@Ot5S%dYq4a ztHXSyf2hiKqlBSbGM!*a|9uVNABsMMgkZPyV1Eim&$TYMB}VFk(n7I{tNk9X>c+AX zvY|%`MT}Znv7NhVs5;+t$&Cy&Y0R*@PPo>2mouX}-n)lY`!L}>(4ru@D!VmCKD#E| zqb59RRa}C9fJXSIv-9_I@IKvHax+))ODXB;xTS3>NJ+vwfcUr~)n;a_eeSm0zwlLC z)MjOw5_=Jhd)JsV&XB;zU6Z}`AxLn2i=1~Q(YzAl^kXZ_xcSoyYI2088D9R;>z1CA zr#kG-I)qhR9X&)EWE-SYze7?Y{uw>YA{1dhL!v~kJ69J$cv7pw3074{JN3x0GuUl4 zyp!pK1B0}Go*hN-=J6xHkIH~@3<{nP%z9^{GlsDnKNv@9>G#77NWBU2W< z>o}bD$o$3w`$8$h$q6#to`mApR2yus$-PTls!orEeybuy5ZdQ=P`8Ysg7TtnU(w?J z*q4#=w7W_-)z+r)(MBbcMFc-FDN%altr^RNDWDYiGSVJhe0DC#rX+E+2(bKJ3AY1y zw<#TllKm@>a*yC1KYhWCq8Q zv&n*h#cwU|m{SMo$;V3Z>3?&hK4|2ITq^x)$qzP$q<60f_juu0Mh%?&=p)<4@%YPJ z!-UE?vhS70FJefBn7y^ITXJ%yVRG(b6~7W0&%g!_CjtkJK7k#5 zQrCYiCelc0(XJ;&YPX+=TO6fxFcfY_hvQVzvcNwbH8Qgm-L2IZgOlR3HSL=XMLB)? z!7T|9+t*ov5S8_0FjGIl?b|^e!h+>$pouL>_a}E-Qhv^2yV3Y9J2@b@hj9<;-W~BN zLMn&X&Q`6#?rD1~=oM!$qs8~jL77zm1`Z2@v%mZL z4E@PE)lJ{~by-&d?cHMRI8Oslccf*=cvJ+JdEo}=lZms zPfzaq1hxhxtv-J9%k!%N*wW@Jl{aCMz(2Y5G8ObBXc325XvPIdW>ZfyX~qb0wmALj z&+@nT@m0Xmx0c(dz%hvIvh&#`Rj{mxUB|D86c1(q>jm**_M z4L)n~P7RElcU764#!MefQ)@as#4+3?`wbiYm!_e!!vC4AdPhw10X0r#+yHB8JwJid^}Sy~$rKYK@_|^Ua4>cR|kUSV)#^I^Y=Qe-c?MMgMmqt1;BSl0)|@ z5-L;KqLMxZBm^3O)g3_9Od1WE+c+EX_IIk@e*E1KI1)rCd(Qr-Cn%VcO;}^sZTqRj zr)xyHk#D_N!D_!T_4K#hPcIE3+z4_WcaSCWrPmJj0*k%ZcvG3G3f}u7unY zejL(YXZ~z4>30J?#67hPiBwsaL#o}Q$HStak&ZDWR&|YJUCO|-)o*1sXCqVlJn84! zEbSmCNDmbFF)^~Ft<=oI_$+CCF=nUv%kK`*80rrc&(y(u&R%FfXCbg(_3Y$vSOKHf zJI#_zZvKyi*QCDnazD(-oF}l$vkpZfqKNS~DmsMGY}0OezmTn$S64-~aXWlPM7~+v zyDdP+c}w@!5f#+N0o{BfEbqfx@JzU#BA#6IA9=6h$qE&S2U5l(O{N^?F(Km(b+)Y} z$xpNHp!eX>W1(jYkPLf$C%XDF`~7=$>~2QRjl1J1Nzk~?LSPQ)<;jf|Lvu~sev*v1 z9+1-#L=LUA%w}A>eoflOrs$BI?w_iDFABbU_b3SB;_w++;_M$Vo12^Kf->EN#z8%| z7d|dPrB0LTxoLvtzO^DEwh`E?1)ZQooI^;66>7pH83M+4{z_qY)u7;GzbiE{QAr+{ z9}yfJ{Bxb70OX=LpDb|!Iv#l#d+|HqHgJTI2Qbpx-;h?7NhI_PQ2>*jsYiiShO16S zZmv`tC7wzILR~`xBsta+f;_)b!)<;~@fK`wSZtw`o~2NqSgZmz>>*I`KePy%_H7Bv zf);g6?=zr2zdlCjim7}w;^N}txUyDHpT5^H_r&I=Gd?vZ{G!AIFqSC+xA#-3U{7xw zni%zkr}*%LEJ41CR8Yod0fUGIV1)n}BYlDQ{*WmTcxspfXw>UY6|T%G2do$}7XHjB#Qs4sd&ICF*kKi7#6l7z?Q+jL zL0K!mvL<{sz;}zu#rXb&m@ebwln-ZK4?^=&erHW=LnP;ZX4&}LJoeP&6dkibQ*?oJ z-mff>8qj8Q^W<(enkKMyilPsUYLQo#0PgbDr$nD?#{0_;X#ACZBuFs1e&<@!3lTD) zJ_Nqhw336X_YSQfZG6u}Ul5scI~J=O8OrJmsY7TKOwTp+NigsTdGzzE8#eTU^CyLt z{GhFj^zd^HWm@J_>+-J#VBt`3nC#-B;)uU7k7G!c2B=i!MrdL#sox#5dsJIeqSSO2 zSJEX}pw+F_v}fLZ<zr>5VJTtL!>C7YMb}@>3wJkqpU#+1)j5x`uAIVMfx*8ymig9H z2&j=$vy8RJ+mKf6t)Z&)0lkdWqz~1!tElJ;P=1bh@6Y65s0u!ydnNXQLzH*M8~cVg zB4#as{W!kg^AG|y4sy8B|Cd?{nZ_%40p;Rmms+>UW|0M6{*?3Pw5c2j&nOh@35uax zDrvgl0zI%sEDwxhYU<>bY3VIarKGlCqqSBp9;{(tXn@hwKF$`mr&r?c5se=I&!$Rn z30BZ(yni8sfF4Ns+PNl!Gg9QFk+Ry{3&IzQ*j;(F#G;8ADO=>3iy0~FZh`{+NxXvt z?O5fNaXTv@{L?oR&W~sR0^9~xmIyHk!}sPf{u@6T^D8ceb+E9o&_A+LSc#zD6upVz zQ1YTiy=Y#w^7OE3{OM`cPV?|~L6u#l9nY4@hGv0AX0WD&1VZ$tiVnINrcSTy;hC^S zbWlupW9|K;zMj*nvUPAc4$Af zc*IfR#m1fPDyGw#VaPN2-N7#;c&biNAl|%CL2WbXT3k^vE8Bgx2WlikRj$tQdRR+X zH)wC`1s`pWJ-az$CU(#8I%BxD?Xba>_0x6AvNS<=WC~5S+J<)D?$aCmwDAE9Ud>(; zMSC&n7xFz^HkAZ+EHt`VqNga-Cc;$)GPg1}uRaVFp#WUoMI;`vka0tV9G~7U>|0FC&EFC z+)>*`XTvynM}jLPA)U*6|E&5z{Mz6!=u61ox0fX3{)0YRg-XhKJjXhBc-K*_DFBCf z+@YZM0V#MZ)TE! zUNVgr;3ZE+BCiQh`Y0d5t`cV(E_*?pHY!~u5RJ7o+AiKoOsRmw@TCk3kLqfLzoyrj)CXK z83ldsQ+4T1BeR(@y^jQ&*M8d5s9-+$N@E}7s5JaU>Cn!92QvUgjQ2q$1wK4m3?(z= zD%Y~a3-A|w^Fx|Wr7(L01r8Vm`O#SBv6^(RKozjc;+cBRs<$3q`8;?}}2MmQ4*yd>pVX zQgCNnaqWMjNS!^@z~6K#SbIKk+3)J*tR=>a3=q{KT{25W8hKgHeFptV%(d>Bpu>o$ ze3bicyOCg~f(@<`4A2SrJL(lhJ5vnZ-l!UKB~a9&Z|8TnIv9*IR?-0fYGHklxVl-Q zL6Pk6c2FgpuBOOAyZS*gY;3ZvxGk@uZ5gL$x2iX}YJP~9dt2h;znwrn7T`*BAgUknCgF>osslAD1Mxj^AT_ zlJGn}kVS4(GH4E$7?D?3dkf|k(D(ax1mR#Q*6EN{xTm|t7Cc5SPo0If4R{m*)C{i?_Yit zx(i}3SQN31*&#MX;91FPl<~qvoW7nV{+zHg2wmGcGdieCB7uYkUv9T;0xx8jP&r?W zcW7m!(`sj8CxLJSEHKz2Trioe-*B^Ni7X|La86=yRFk@6$vtU@cY8cpX1aXHJ$RU$8Cm|GpzTl zP$w_AA8p$Ru#JW*YjV%0j*xPg1-`SGWh}eBW3EM?JTKpR*j>N9iJ0C^%PjE7Tft!} zOYF!!AZiu9_=>xvb$M!4Hr;14uF)^R&6Xug9jicI)~}*jW_a;6qN{SmaPaO)kA-G( zXu8K9!-D(p)<79=-m|`SM<(Y^jfQZC&8p?%i_9cmea|5cNT|LywJh|JN6I;ARg!U9 zMp}=*?_9OlOOGMlDRgV7Sk^K)U_btOFhWf3^Z>7G7#H@|l7I&?n3NQ!TXjpb=Sq{ejhm7wRO-UY&DB<*|{*EHpS&y_0uP&LH5JeTvy};7x7_Mkk?3<#D6|X{2zP>KT`$Cd#Nf}Rs zJ|I7ZdVv-&PBLefO}ABMiZnA-bXMbb2N?{}!3>sqe7rykTLY>#S1$56lg3B+y3G?$ zr5@Z&5@io{(&9E9WH<~;N!RIxx-WHMVljNVhDx1bhH5kr9?d|Fh%UzxAMR~5j4xts@1 zi-S+&&OPkm6yr6)pfiA$qI{wJnCQQl19)9{Ob^zeWx$@UP-H-2;gE(JwFJ5iN@Br! z_|oc7O6Xk_RQMN_$2kAz3K>~FcYJ&f!Dhx2BGDTleH3i{W0NvAOY0fOD-?7J5vfEj z6x2rWx(CJNU)`m_J>Q)SOngW$RXCfC4PMzNoWlwQHV)Lam5~@e$V?X-V=Dhz5uzM! z*xPvncQrTPlH*@Whg7 zVFD*n(($mLRgBk-i_R1}38()me4qF`e!i+$2VKwV|Gy8S#NQDNZQ$H8VD3HDl6ls8 zq2va1(3S6@${6Fbp94E7|uEV)xinW)#@Yzd4 z#S#Zq`vFp?1cS^VJct;i0I5|l{ufqUySkKvR`Axgm1SUDd5*ER@GMRB-j-q~OY&yE zL8vIic0O>iM2-JK&Wcj>1&WSaa_No+)X6l;Cbjl$Bt<{c zbgzFHxsg)N@M<>9bBMW4R+o|6sZ$)J`U&j&im+4NhBjRXHoajeIv>FYM9w!Ylw&%` z*mtOrq|nIRT%0eqy$@-BA0^*Mez@Akq>tKaAevB*~)TsdSvdukhxt+(vD;c1m8v4!wQLhFh5x8eWS ziSrR;>Q|p!e=>QIo5{{}OL-h?hUg11+(< z9<2v@4|hG8GcAAVqm~IaPBn!67^0Q=*Zkk**Sxw?Q`@S(ZAT@&yfvOQ!%okn=hkCL zsq#AMEy_kf@F*(c43aJ)3`KER&ChtJh1X+#Yw)HeneGoA1Q6< zFc8vsHOIqf?^RFLRdJ*rm8Gp&_WsSZ|-P_#>5a z{h>8Y?3PpFm=|eTs|*k&J{I7W(lT4`p?ll~vJm6Gq7yjt;j*V6LdWuyi=RJAd+$-& zhvaBYXtK4k{&X@Ub6z)t(PfHVd%E%Mf zciOr@o4WX=3s|*-u|;BesqFnkD5@p1SI;B(UpW=z5@GY7H<%$P$ZAPv3dK zN((q18rdZ_X7gs$&!-veQmLnDO2|o&)BdJ{JZdw#PcMxW^Gho_O?>axaK7ARbzxx)1@Pnwu0NacI$x!) z*Wt7V+`s^&XKrYC5CV=4)}-hXL5M<<&_v@$C<8%eAxF_~H8Z0!uzb8&H)5Lrl-77! zvhX_J8uuLG#DW^pJOA>NB!TDUuPx#*uak^EVg#PpW`5DgdT9C3V@3xKOh`HWp_nWG z5YhDq;OAPfvsGO4z(JX8Vee-j`#D!tXspEO5f@}Xo_krfviRc;-AfB0V|Ncmw4#;J zqWz+kC^dqvp`oF@0O1Rj9EIeEJiKx9_rNcF_XiYlqww}iACQjM)s)#51#-~4>NJ>Z zc5|qp>~`njn#xSdCoh(d&FH2UA^r7W0XNOImK%+yS`U|)yKq63Z3Aa04{k2uIAHz( z1ujAX(wn=8U=e!o8VPXA_|iT8(D8e4^{PKygPRjP8}uDgt)7q1Hql8{>LY$0wq;w6 z--$7}9Xnax*_5Hv=vGo#uV*1``z{mdg4VRkevCY{j}y z35w-JJ=h_)y1y}~W#{MT58jVe@C8$!1Nz-rnVDmiCY@q_tPQq5a3=vnYMM@-wuApq zzAVtkKxY8E2E@7mFdGkV-&?*r3#h5Q-G{w|4LqAFv2_=1;pX>q)meWAFU_^L8i*F4 z?m}Gm9pXB>`JaA1_26W-_de?e0<&0Lz2{o)e2%ha-n(tbPdS+5ww1OvWeEnFRf{;O zOvhQv$K#S!w@9)e!TIL^X|gPV%`a6jZMNY9mPBQKg_LQr$+YIP0(qc0jUjKJUot)^ z9;IO6s+Ua4A8$(4V;+&sflRgS6g3^4RCz^37KWeo z-3-X4eICOMpAO}+sw=ltIQ+gZa1IWtj25yNkP3%y@IwO6V$6^N_)mYt$+mk1@+)cSn z-@4E4H*j{yyTI&h$Ej=zhE5aKYZXYizPL-d`uJd@%kL(~rP`2`<>lqE*LA#n`LZot zmU?A*`3@yf<|fQuUIYvzhMPyAni?8`r>E7e&mFy6Bg;TKfPu9PbA=a*&J>7F(LxgT zR{Wn6A4lF6XLjDYhjCo%xOGf-GLKD%u=n%9Z^<_;tkPn7RLHucYP1}0Rb@~wN<@tK z4*cmc@;=wEk>GVcy}@{3R$*m5?PG&Xh?CYd8ZLJ98KmHZcbKv@vAAE?JQg!CPB*FD z4Bc(|`4J0!lEN4n5=X(^TE0%1%wsU9fb`?wrT~rW{mX?@cHjJ_0&LfgoZH;>-ODzk z){WO)=intbd}*wzy4J($Ju*3-_ZTPgu4x;2%%KCPdv(-ps;P3kVQPGnk}7(TrpE*R zQx0$ln_a^bz$t|)Wt>-s+z7`QQ@CV(m8lesC#FB`MYP%-i_Hb=w0D=HzWu!~YU5y& zf(Og`<;nhK7^piy;Wt`@Vk&?q7fTB5BfWmAXWTk5Z}1*t`koRNM*GE8rs1!tsnYZG zrp@Q!hKd89Q&S~W{6d3TltyiT=8SurGV+FGfc;LuR$lID87G`-qRHS!fjQX0B& zvPI~7K;8fug%4o^+!T>OOeDTV1!gh@yKl4b>8njXDg(c!83}PUj{70jkPJL&T_=2&$1PPQq9YBTw2H+wb7T(jOKPEE%X}i&o?6g zO$)+8bk4z>9hBT90s?OuU%T0+S>Sk&Pb;-Y&?Y66ba+G~`L^G0Bk%#hGmx^OyHUWH z4VTZ8xd}r^1LEjbV$n-LTIe`Ovn7Q~D`wr4hhz&1>MgLYfqzgQXcJB!P>^PZh6;C; z60!N@wP^wv zt(K%cv*sGys|D5!RO!)9Z+3qdee1aCqk8$``6Q~~Yn zg8uXQI;kG>uUqlq0qalOw?2i#zqhfXOHyON39uCK|K?oxnXLEMbG2_%mQ zVs_;TWYJKTKN}&_sXW0MD|=SW$yqhkmKLOiM8;oR9Z{ks^G*pBE*7|PclHLjL7;nk z@O?#Ku!b_zC%>*C07Y17YA!JD8y2&hL*Cg%)2VsqfR-xH{MR0brL3h_8^zHZ#Z8k` zxUa!Qs{&$Be0k>?r6|~F6#ab}uu&nzJ?}KH~#5DoWsbOP{k-f^Xe{@cO1MqfKOBKxoIJvWmRGp+}znodUsfJ{qDz@ zY`YRlxM&LxEd9JhZ>bZb|74lXKq^ZrEHdC?Pmkz9hId`gYg|-#whUNiazi3{e7v(p#6?P}RrXS2D@(e7R@>Bwt}=|T!*wUwbA6G>k zr@yJB{ro_WUWjgcaZW^3MQ-?+VC0V1~n!F*Ddbo|HYLqVr}INO;p z(s^QY8dmu1S@}}8Rthcem=0c+NS)UW`gBf%{Cul3)jycoET8Xq-Ie40!GgCZ(tba7ro^X()md((sIuO8Xs;5rQOZ6lI-7bx zyp%GgWvR4yTJ0@vYjRq7=uD033CWHk(kOS}#BZ`2_W*Xuq${0ICEc4R-s$}A`_^%? z>^!WZtNl8C98-T1;$%|h-ZOMV?Y(mSXA3L$Z~4fjHGfY`Uev4h9HX&%4P34i0Qm6J zwEg@G>Rts>LnNatPv>Iq$5UQ)XNl!BZpDYBgHqcDrLv6q8)nPdrc1HA;)36UW#EAV z)s{gXXKF?RWUVVg2M)*HGc}T@0@4670n2Xa^3ETo0G0LZ^8+Ah#pI0-+NSo>HIf%! zHwl_g*V?Qwk62GLVQX1)UYt@5wsm}tLKBns`Nkm$D2ie4=Sz_q=o&PX${nJ>Dw3~X z1A~lGO2j#4M!2w#IwA^-O6cZiw!&#ESC7ZrodXq8qKl)ErPYuC*=yxPe*>Ai zak4SFkXmlPO^QGEZwL~Onl-^h`nRHpBJ5hSH@yb@y9y=;I9hQR!ojCp&@Br$G* z5>QgeJ$4LWU;taP=4bXa7pgx86ELZLe4fG9_gI~S65I?NmeGOxH>zdhnI%weS+vQo zZ{x9X79-W2t%8=yZ+ZoN9#P5^OAhGV5zKRx($TK7eyRU_DtBp5Zlwcv=Vy*U<*d%} zy0xMQlF^^4@&Wh1EJ9779yLrz$JgHvK?@{eH#yK&cJxpA}@$CTzYY{IzjRwIu zv-5~Mz%Y}B<%bm3b*^)5e8zL!t1-oI8~ZZK+&w)`TT(pnB$R<%l~%2tl*+G57M4gX zx+dNdq)f);SaUX_)l4Io(CnuEqSGHZ7IgA_hE2~;ahJZfuXL~FrZHchhLCsU^zIOe z={3eGb6*H*f37fyhMU)C-^TnmnF`cRMqoBL*`E(H-sC8H9Z4jQ-WG0X?h&e-jNdsr zB#B?Lvq?xjWeVN(l)Y*$eQC&HqMR3cXRzsi&et(JF;Bil%6;bX}F*;JUYJ0ZbsZ^FeDzP%5# ztBCL7^h`;z=m|HEq(`H;+usSV(MwsJM?GcmQ zWCl+4ZB;2(`JJAN50#r5y=hWZt@rz-9t%W z2t&alV9!u6pbmXKITqiVC|aYYTWUqQ1Y@D;^~j0hurjUjwb}{d8!HWlt;bEzG%g3o z9G7%%WCI)JGUSC6+!EM9g^#|%$G`|*bMFTW7%;?_0H3~ z_#1Afwc%o=$^7& zs=6r?>q@v>~onmD#fgSqNj!*|&jL%X#<9w@FHuDwk-y&ZL`R_xRxr6<%2> z_fM~G1$kT^+I1+57;U+ct|zgA0u6VCu?_v0-9 zI}eWVZCfU+E%2UgdcJhazTA&XXdg`&(n59+7px!z6n`pkvQ&+R)_UZ7P z!+Y$CN`%`6NLRe%ws5PB#oZ#NxZ@A=?E$ZC@rvJ&3mD+T8PfhBP*EcW*$&%oi{_s+ zy==ohFrqfEYK5A`x8Qo6Fx9TO9GP13{&1Q4`f3YPB2}T-&N|qtUeB=D!))BLuCq9% zJ);;fOPywTjUXLBsYuwb1L1e=hNb1xc%uQCK6?WD9WGzHsa@0KK_l`X;|k-4{r_f0 z4^+ikP^N8QnHOMcGx2gUrmb>I0uwvBe3aZo`Ki!MeCfW9Pquo%NX5`-2gd286PV!4~& z*%DI@Ccp6;KOZ@C?c{U|5lk+&6k$X* z2IdE=g@xCdoMHx1y1sn@>>5z@o;sctP;VW2BCz4nqkJl3^dr-mE}eNPc>|p(Y2mJt z6jcS2!wO_nOX9*F^08V?W!R{xfPtLz3Cm6ZS#2`erU1V|2=UI>KP6uIIZ1-5BO< zjgN>3mUexYQw*9e^~Wv!c;5jdy8c zxfdN9oDaZ863tP4(ZSc4ae&~thQ59$Y0-P4TF+%Cp3dlGHSdvh2nmp30q9lRg3LQx zLd*ap>CEiXZE6I?H_$*c>(3w}nAx7Y1OUTNEZR zka$3kD&hEWcYy@vOY!}rzTW)c)s$mt`LLz{WZeLdnb+Y5h28=Yx^F3T(v{_laope( z#^LP1L^6v+q2%@Z?ttTqf*5swr<-O}DT5?^C(n=sK@EpM{$;pC#4g{*`X}gk6bgjG z{r9(lCo4dkQKfzXJTx4(ms5L-A=cH0uOBSmMKHrQs<#qyb>Y`qo;)Dp zFSK)e^%@5i2XGP>^PRh=z|G&pwP*mGw2l8jb%wh6!eW9d<0>{-DZznu%;2N8pGYYd zebm`v_l7=>H5Xw+oSK*{TGPD=xKl9}Dmm--_)ugg*D;y(FH^$U8`V#E@-9%A3zEJBgWh=QBR& ziLfLR=VuI<6CM5O#+}9Oc0=~2i7fXfk2FOND-2i^wf)YSMin_~93#cS>N};L#OQUW zWl<3*rJ<-xveXOQ=BW&^5fJi>=!L0f5{``MiD88UTh#R`(Dj=#)wsImM#ePj;wp-9pCn8*s4f$q!(BdHOs){GfTTvfBgh zs$jgk&Qk99NwH+=_F-;3IaLL1#P`-)ia_`IGCMOFoOYkg1bI-zPGv_F{mqa;^Hs)s z$2&lAB+!Snst$e{Y;ur$(9Lo>>gzLtPIl6tT)r>za>Vx9X?yHJY(Zb*Y6x43NQ(kY zmPD^PcB>fuzSx+;$>>!AK&0=wWH=CT98|u}?f3!4&}4w%zJ1&JljG9xc~<=<>$AdI zrP(8;2F6O9ux;XS)3STQNAiHV8d9(Le8vANZ?=H3EBKf7D%IHmaHpgrzg zZvpUJ7GiiNMOsK<&RVerXEpHI`=#*kDjM44~^pQ$b(FP?A&j%~AFJv7CK1(4DJ|micrOXll*2u8FSLFG)|D#6_Wo>^E3IMT4e&XY0Tn9hNryg|s zZU#9p#cP%N#g0E)OE}WzuO=vKQjRgk;&ms!;}(MM;5|6R3Ve!L7?9Z52zCIiJ5k!# ztOuUW?A-Xi9taI}GIZSxPCEHnmE{9m7gAEm>Mii*5E0WfL zyl7Diq;q0Yj-BT!mBZWb?YXPXuOvvPm{<6dQFBTMc)x?bNBs z%E=Ax)jBT8)^2Ug+_RQX=2mC|Nv3ZB+f?;_3c&5wvTc%7e9b9i+jPuSwNlIVg*BwE zj_l}q8k;<7o4R`k zk(cE&yAr!ex?q?BYwj zwlsbHPZVBiz@%P~X)!jkW| zPUWL+Ox&naR+Oa16lG2pTRYh(R;Z&P$}DUrGOsL-edq2y(-dxNr#1CmU04DL<^2k* zf@z>>-MepX;6Z^B=}eg$Ffv3&%qFUOf>yreB4M{;otf-ysJNi5YE1a@n5~W1 z_(0Z)J^o;inTvH=bI?`qQH+g?hQry(wmbFL_&IG+JKHQSor0p~AXe&-u(71%gOvSj znV8W1Dj-;1>1;f=98}swuDE*j;xa<@Alna=ik90?l_^z<N&dcHk&>kj2|O*^%`D#gXuxzeI-wwKjDxoxe_JmsKul{=?*mo*CAyy5>9tf zAFMZ4HKBt1IMc^heepBcVxmvi;aJMptoLp#m7W{EOAIgz6_Q3@h&aK4S$r-VviJ)7 zK@7>~^?I7vDFjrGfRywjO4sOlEk>)7s~S}ItI#2Pmvu0>dQ0nk%Aoly&SR(E<#x4x zd$71#?B^Rf!w*dDR;mWM!YuTT$+@lHeYL3$CMxg=r}OBU?0d~yv2a%MWadOvq)v=C zO`$?@SHi1-xZZRj;#U2EIR5_O?r5o^b{@O@4UX3?JBV{l0m>xZYY9v;#jjuh{YlpI@ zT^rQOpGeWS-|!obiwV?f@VF7wF`6=n*A*mT)X=PS(_J8wlnpt!+^Lr9Wc^i% zHrBNMFbMrogWPc8M4blCw}s-9qm7ZZ0rn-M#-9I&t@n<{vi<+ZkwVH0k-bLxzk;T$*@%Te0fl7YfctJVy;qo6R;X(a!umaPmIH5Z6h1id!$7g|wcDnM{_x^GOZ>N?XL}o_=I7-q+37Zz<*;!zwC}0)Op@{e ziPGs>s~>6Ni(HK;(g2hntv1I-Fo$$UzGSwJQ31eAi*4F4w)YGGbLFVFOT0SVR;3?2Y}?4sllTqR1|Ier%Eqaj)C7M z|6U)gJK$<%|hB*W_yAnz{joOI0DzbZ%B@wcDDimEY(c@nq+t*ah zp=>XYZMa`8xumKo$R$3E0pv1g=co9iUm?l{X3cLB2>;cn&Z&;D00-JcC_h;?X|!Jh zHi^-=$7Xbqrcl{x**8DoT}S6#VBwzsuZ62Y-@JY=d3CS@0tcw0?6OJ|>rzmfCd#W< zmM#-xGsb$vTfDwwJRrk|+hgUsxo{ba5Ukt!3VjL*p7@SC53j#nA77bGP3KPId(b0moBG=w^ps+ElGf5%GdtsE{K($ zYlcP`zj z;xocb#bL)Toj0JyHw$pu8^|bZAUCQC+1+G>^MK3wVKO{!*4+1!%rMz4;Fo z064*$A<6#!ov3rdx~zVd!f^sMh2q68>nl4)1^Aqs17S>wqgk?yzhRD0Sq|jnQG%Ib zpz%%m!6^1NDk&Z)WuP6i##r|w~DSP<}(6z~C}O$i39Zji7vWl*m3t zg`IQ&*HRGTyivpc5a3S% zkj)%N9)mUDKxIKCrC&l%?O!kFZ zG|deg3Sj1yO9kor`uZ}zo41B~q2|lJ^EE}^hbnmrE+%b7U;l|kYp?385wKo1r{0II z;N1K{-;lmU3kMOe<{>2sD7P5yd}Thh4wl}g)5zi)WYL(oivy0Uo9Jm-7kL~*ruP>y zleAWk%d^A1@T_Zj$tcpbX<1M)c}pUN^BvF&w8A-YO}>N0zR{;zd;{8EU`Mhqz2Iu* z06diUCHQ6_j7N0xUdQG6VO*O1RoIXAsh3Cf^$|*AOY<}@L|ectchhF+C591jWU|@V z;m<@S?8vqxz;{t(G7rqYF9`3zy*)%YOLXq5470ZGyGR4+=m(IulFm-W)&8x@-a|zZ@mFv} z3d4DigVST%A$@Q^f1+8D*1ss@!0X1QIMf*R0J3OnIHJNm)6p^a2{c7P8l%y`4#)rANuR>m6g}b@~s!# z$bM)PHltZaq9~H~dYIX82}2$5Do=gAQ$OdS-UkTRH(V{lOpo3!x{Ykf7vHg zZgqLDd^P7we+p{5j&##SHnY7 z`)?f1@m$yTk?52-w7?Wls=d*y0H$E9${7_a01H%t_R4O^A$quYvG)|d#9W=fs>f&_lekkEwwxZ%}HU`}4*CMv$e zj0_IcsyBh={)!boY?iA>AJf!Sc#asM*=*Luf7EHi*He5|{`Ed;1!yyjH3ib*phB;t z8gQTT9Z3LauOk9LPS%E&2=zr&ZV)eOp(CmmJL}<7@S^daPOgE6@ml5mkH~Qmu2Nc) z(I6B!JExON><+}h2l^ltZ99PV%}4&AqiCG!3QgV$M;d@GcqLxRzwu81Hs=rtSrB7$ zMuQ6bqHB|uCibxK!|@B6cwrM#uPe=rbHU4l;fPi2>%C(ByHr+9Mp-$9SH2e~yPf-C z05tkDR7qXv_rKY7zoXhaoVMe>=z5TonRD@G$4_zldV0R2fo%FbAqWllkZy4Co)u%2 zSwimZ`DgTdC}gOvn+5OCrU9<`StDXk%ck1Qqn!be4gvMz|3LG;?q*Hg{O~MxxLnuq zOd)0lxtx}zBm@rvIr;l5f~N}wbUv>EmZ(k70ES5cs`)2Y>!y;x&q6@=m%}%PYA$7B z#t6N#%}wRzzSqVITVWt zSdfQxb&DAb>1EG28&-}K)ktVRVAeH_O_*1?{b`n|)-+D95_AS3uY&W8vHbRbRcNrG z220MZHp?dIk1%J0!+Je;?})b4rnV#L0rM_-=Ty~3-G^Ywjz`@ zs8w5+BINobz%7k%_yFiv$nt_ZOL7dz4y+B5&8_QQ6ejP9{pxJ8BGjW}C3sMWnp5?X zDDzb0(GOe#C}R2ld!A&}pS0zKGnDVXD7iX1XjF$*%U*SRWVG7a7ACHra@pjz+%%|q z!~s!vKyelwOozUY4qyx*{=h;V%qn3E? z_5&|ZyD)7bU_~BA+*$_uQ-U6aDm@mdAg(J$UQ-5_z0c%K33^YJz-_~Ip{c^_ajomK zX*S!1f}vLsW|=HXGZg9swi6+(nWwjm2?ir@#T`30aK@0pJEjt?$n>IZ*eo$N9k}Qi zKN!1KSRcQv>MfgW?3BTc4uf^XJ%dhL9dyWi{_EYCpxCW9I1%2F=S0sd5ic(%(gJv1 zslsv}%UTHs#0M0kG78BFa{C`vKT&tF>v`3;JZl0B2)7wEbeA>3ksU+*ukYvIk~kZ@ zJlJ7R%mto-)b%|c{V8D&R+WCiK3w)b4~3?wH}{r->5Pr7VD(JRCDUiGt?45p^NmVD zh2ON!cK|b=LWhF}>JL+LUP*R2lhe`&d{?PVyBT zHfs^7LFKu*uGK|9Yx{Z$>3=iXq(P@Q{T}WO%69))5sqnV}m{&r$5HEV+VV^`^+8MHmyQ2x<|%Yq9|SJVj#rH=u+ z&76z$)v3|6>xM(uQC#>Znphv?Xnco%se^HxwcB|!bhS6kiTAAu^-OI#s?M2{_k7?F zIH$K?buDFT)hN+FPq*mP*4bg6w`@vTIq`cz_#`OA$f(qZ?xOrs9xTuYL0zSDE={5F@5Qt{ zU)j)X6gX<*Bl+)+T85-HPDg5fa z*a(|WlkUnumc3>;L64r#PAEg>yQa%CV%PY~yewbsexY-lwZWyf@IKPOZY5~D{(->0 z01hL{@en?14Q)BJPrS~tjgnE9_kpp1rDm=lZER*Dl%2=KBvC8beR^sZdbfLfZO6Ti zHeJ`BxTmB&9Eu^&Bmvo-S{5`u(c{XewYjm{-v2wJ+!t-{i5m0Ao0TV8!FrR#H&Hrx_n9YBYzyJeu)OB;T zq?rwLX2^6(mTae8xzHdo7)~jOByE!JEm3~I39eu74U}zsaEZIHci77nS>5I_2&oL; zh%k$4rTjw+dmD@$oV*&hp!q54eyr(2Ky3p zn<)<^avf37MQ)mKkp!IH!iJHiM~bP!nld|7}SOUI4LULnW;`C);5WQdYxA!u%s zVZVixM;(8>GtEF`;9d4o`J3N`!F6m3m)ZT+6o67g`nLrv1|jTIm1Cum&>QOa-wVvK zK`Uk`S46mOAjQ)SQGt5ZzYH=av3+k?oSmb(uOd_WE}CMsZdyRvbP*7&8FToYbZAqi zl3mEx-Los3EeIH!VnoaGw;vmReZIZi6{b-kvOVC|6Zg%Oza^^o_{c zxUM_0laewH*u;X4HR%9>bFiV42qU8x6)^|Li*vfjrP!p#2#}&#@SdZo%gu)A#Ds1_k>CaKT57$Q}^Q!-wcc#}0_?cZ%(FFZXv_bgL8U6$KilHs_ z=v6@ETod z4;1_z~?Fe|df^2bv(fS?PtpyeR@U3R_U!;P za$kA7^Q@gv&n5hWacsNmw=?dSqtCG8PAK0!35ev!>TcHe>?-AY*^X4Z5YJ&b-HwDh zL%r}8v{hsfuS+HbE^2CeSzRXpnws)GsJOt26KJ;M(J$6Yu;JC)Cog23xVYE+njFf# zuT*$UdIWu`7I=Y=&ZOylmWm3xm(2G@_3S1NM5c?zik=8peCtVU$abRh8xb(5@3#D4 z%m+DUTM+S8vXTYx)0NtEFxPs|F{CSCwx68uH0tzca?{|H0WQQ0?f2Ta83Q)M`pPu- zG6WuSbr6hL{r}Jw81Xfbv@0_qx*MCGiHIF`3tPrYrUTS&Hq$_2=-c5)LtUQ;oO$fK z0pTSVHHF?=cUkv|{d8*ujz?&;I~Bg;NQ)b`9o^V#A3E9^qe1Jw34F>oD-3#MAZGBW zoR0bTQ?2R;z`))46@$hceDBrm7)rvyxuZ!}^{(uE4L&$wIM3GWbJfkgtit-;o zGZOM&uFRw%?#Y;&FRfqQb++M6#G_Oe_B58}i^*fsexs+Tucbf`mHF7}eYziKbv;^% zthfot&CCR$6@)-_fCDRXc!aruYh**y3Tu%Q1(#LeL;aJQFSIu~nKcg0MZ$l&Rwq2bv-{hf4(gkUgc>uPB+0mU=`JfN14 zkQge`;eo^9F`Jv43MuB5RaI4QlW%?wN^S`q9*8-fpD%HF+aVZc(w1tfy(;o+kj`)m zLQK?ch>Z6oD5)E~RVw}*lfG#K4I}3!Tl~Xvd4P%q1_E+dRt}9!Fm`lwkO5<85(vBN ze`oLwSYI?BuIW<@O^H2>9JC$}6<$!6lMUu!8D+4rvrByY_Et{$t6vMxh&hbJ-SO!G zivtM-mjM9oX!)z`d0cV0xw(l&YXOF#^SU6)QC*#o3=vWi^ZjGA64rAj8F8-P5F`cz zJAMGi(JEiWwL?Rui&vA<3S9<0Ro)LxR@RY4?qzy6OaG){bEqQ&UX=(w1|E&|jr9lx z*cme;jF!0@mbu_&aRj$7Pp73txI9$$(GF*S(7;SL(%!Jdsh43j4V$F^_}Y)4lG? z=A;)i!M%PyhdMCl(*h~Fd)8u&*>&e`ez94zF3}w7--Lb6Dsom>^{PaR8@7k_P!=N` zSH`e2GawhINGhn*4-!15kUsQ#$WG^#wKsJ#G}H~&R~ydwM*~D?(Y~0V#`(9*6E?BA z+Z4c!FoV=kjUU^0AM%ABdL=?19dQrT|AP`I6>EL+O_DyF(v82L0JqgKoRe$ zU}h$iTphbDc1|WhB;W_ubL%*b%_oCy%O56JCkdzYzCL3#H(6VFd=rW%LXB_1YgHt3 z4TG3)&CJNY!fmMdh)ChUC8q?p!Tuy ze0;YK4&-vWjcJUbZhqN^r}{8B-w-+?f)$svUVI^==-lKA28#E<1;skyz}aFt9lL@Ji6C!9!#%~&$>UE|J9IB!>>nK_-{(u|rY$TksXhPOb$wjaq^*DT)uP=M1s zj!XM?dY;Ha)6IfqLsQ$^Tw98N`HDtB+fv5g zL<`tChin1jcf!>HXsGivEvZ|Pf+~_4jjPjS-*p_7RDF}Aj%^2u-GN!J|<+;&#jF|ro<(G0H zc*g_$DnIfD*UoH@>9*yP$!2MjT}m4kY6Zx7$3DoT5=VoRpryCWZDDvFWjn@@1*DqLr9U{rz*Cu8?NGQN2t4x*R7cxL2SvmR*d%TrAxZ)fi4c0C7f(B61ivR8qm5 z!uvz0u(GjTd@#&p{5o4utXbM*J$06$+$)A1gN>t>$fPS#pS8*B^gs%THi&FLS0V5s7_9UzW6 zH`AbzsWn(Nd$#P*)m?}WN~cy(6;2Rhb%`vn;>|>Em;7mvv44qi^F0vhWQ(;Sa}|pyuG!>HaIE<=EFd z>0+MZYBR>guW#&g2-F;XfhR>*Rk!AXI;ZoE@Zt%${iNXCFmQw=KXF*f-O^E;zCBJ|P3 z4^=v`j@pGJsTM%P3KDXY0x>bK6#@3krfdC^2JgN7YKw$PLAOh3whXUqbq@SOUsS%( zWx!hi9Kb`l*CABz=#fXcua5Wb?)8uPSZX_(*R4M^cqLmKfB4Y3i&CBP9ZJAiC;jQD zaAIgh*o^Dl=wMl7DivzLwIvOpmZIta?6Y2;t9fjbjU%!E1-AwNtG%2ZU%7t%^9YeH znOA4{@8f{b0vtd;vDrOUKxwgs%$QA!iMczDr9YkWQr4@+1eXivm89V{8uwnFUo(Bt z5VJv6mlvM-!F@6yK8eUzlPpn;R9$y_d^c1Pwd@J<9QrAgPB)$SLO@p=-1V zw=_o_>YTe4gBws{}V=fjLSjNn}`YQA6PGmB* zh~a***xmrqJSS(PEjbwiJwE-O3b02C$RsMS6&H%!#(F#5c;rk?6DmHrYxVl6+j8Ow zn)l?##;~?bbk5B~L86Hk-bMjwqYWo-wW*gc*Xq`F#s_ z-5EFJm5MUZ)rcW zj0K*F(13#<877f`1uo%v?*scaz*j;8uOY9H_4J|Oo4&W8(`vQx0I}`IHctIU&Wx17 z_-(u;F3YpGZ$wm_!Y|ebO^0S?sMl#ybtXN@qFQ5v{u%|tKja(uuho|zluh8eIHYe| zMs=QWwKe-Hhyve$qq|`g>NczBYc}S#G3u1eBElPGB0rhhneGTV9SkxMk@Ye4WK2ctT^;53LI>}0v`j# zE3JJLNy>}S2X5gWYcszABoO*HMAJ*-WU2vw~ zu=FoLX?5PL1AkDxVv-2uBc2z@WIz}SfkULRKk}2-T3@8~_%A>9dxZbtYySPgfQEs= z!jQlXez4-5ZijqKWZ!_F%AYMdPQifdy$kEK$d8IykK{jrWI!9!-^Ld7v!`3z--rBd z2cOi%Z2dGo>(1rsdT{;iJU!$g(vUphIP#i0%irM#&kAg8JwuoS10l4l`GQ9mYKuqF z8-gOgTt$BdXV23-kDb?QWRgbLSNP?5(pi~7QoLpQ_di_;D)8HdESppdV%KJuO+F>r zJ@VRNV8u3%kE1pcAwdP|3Njm@wMPL^pdO`+VN(7IdxjSe&fS3gNRpbo&RR0HR;bbbr>*D= z?iXkA&Pg|WdAh5Pg@5AFg9M?HaO9^N(P;+>QcB=ISOA`??xSOt2pmOnw+MM*-{j?0 zgmYludHQ?x=$h96SxFi%izBsw{tJ`#6MhJa%1cNwTWPc79_tfX#ONVZIM>FGQ1a_+22 z+S)O@aHU{tie+w+N^X8;J(*i{k^?5Km~U+n8@A5(IsY@)m4L2K`-xLm(``#DyEQ|u z{K9seE?HW0^GY&|5T9Kkh9SAoWm|AKr~TXCS>P=YNk85o|5&I|G*1_ zKt))B;jQE%UbTJM@-u35gj?EJrJM?dByB_^?(vgqX*oIT#YZF6i`H*)R+9CWfrd!$ z0u1l7(2${XQsn8AKp1bc)Jq;-%@=8}!mGynO0ffCTkSY~#r=qR^Q#%N(>FWL(@g?T zd`H0IbDB`Pg{i=SD}Bl-V>o)20kb$HqzO!kd)v#j6l}st>Mhpdgd%&-e%4EKq+EYq zc%;hqF(T1W>51M&xNTDc-T> zsW3r@Wu$4Nl%nyMdXrxV!jE~smf+%=C4w_vez8k#h;o5~@ybDzbgJi&9}#qTp5 z(5l=}geWmrWfnyZ^S)d=fPfyk`no^?_Mn6k-Lw+F{j57*+yfx?^PfIZrfNA)SIy^O zkOlYh#g`|weAF%MI8rtD)9FFxWQk%@r;d7cx;PE<7=H#OFJI2Jg(~_+PcHF#%owz9 z+WVNn)N3$ z&z*xD52axMLxxJGjSKkSf$v6|Zr~^lHopEEISou2V6@9zkj+vB4=G5^G%_bo9IDd=J#K+;Of!=TgT-C-FUmw~V(`4f&bBR*qS zM`UsOhV-RBo?&$Y+#*}>&SjBd0l1*(7G?26hMyN~9j$pgx;d)8hk5Wr%XvGWF&P?D zSzhW%;%AZ@vWD=~qRzX63=!nCtIx?09wY!}=XUK>yXrgh>J>a<$)pd*jUpN$sXKu# z4E8jzxzi;1KW-CTEe8j#ciO88U^iM_H}0q+C;8$gH`_GE6T0oZ0y6l>lh@B8Bkqsr z021GmtE*R|xG7vdh2~V3e}kaRNw>CF{|SPs$y|AiIwVife+e;obJNkdfrC4X2(84y z1?Dp(Eaiu)zK2)vL#<&zH!W8rVPY5rv`~pxJ9Gher;mFtOdou#&CQkL;hmi1{6mV} zka@~y)12vhp~UO6SeCgQ{Q{kq23)iM!zO}C#KqRu-cV{$hzXCOk=O&2bq*yo7OVP* z>ffA-O{UD1gTEpbnP<|Y?#)BgwLf0RDQENxpnrVsf6Qx1(=PH4uUswzco}8$uD&Ob zbLCZ$gfDZv5xEf{jWbbt>F==N>|?Al<2{ zQH2$ja29;9dQtvqw*r<#vxp|iXB^F|F;|bzVo-^c;B6lUc0g6JV`PZ8dqH{D?6Ny8 zw%S-v=9^JvEft0@)0+r6Q@ua=)z6x(X*s`%xBmFxC_9LTm%RX2ILc@gK1m3U@D`Pya~Iq|2BEh^L9zXw(*^2}t$?@69Y&l-z+~qkx5?X5Vhd`G+RYDGLlAaYsqU ze$u!d{$Z{@IP9$8(C6!6q22+i+khOKvQ6(5L-B+PbPMKIe?l@T0B1MJK6Ek|1y)qS zqSc84xGo$APsjZI*O`UO4#;SR!WD(1>|nRJY1%EoE+{-+mrwi*^4+}ts1z!O7WQ}V zh$eCm0D}w_k1L!0*D#v?<9??3C-!Ff`?S31KgGe3;ZqCOGybFJw7yqJa~LUUGh2_40VJU%qk_NW*nrR!Aj8BB_AOMq z13u0K!c`Tci0C_D-^4$SFwt2Nz*n;bwCSm0RTjHHzQT3CoSlVvw%PG&YFV?C34uyO ztv3$Q{N#rYO7t2z@N$sY-wCL^w`r(wI);Lm(?uZ`A9UdU4>+u{5e4%Fo3OFRL#1KtU*Wn|YczusS#_);7|N8GRjrJrC;1l5Y&sunWEx)O2UAclAgsDJG14M)9 zd0$CTQ_f>tTu$;R3&o{B)O0aBP2E?JeiE?*0KJybfg$;oOo9QD59#<6S`{jAU{v#i z?4v-{?~fa~{zWGv2_(TpX6-I#dY)sM^FHw19(ghIcIyst4%I>k{qo+Y0BeC2%2m(I%OE!+$T=`FfKd-3A1OJNCY&`b zN|dL4b9sqhB5Ny_!(L0YvI@^*7n+2M{~~p$@>Djrmp3f1 znnqp}eCFJ>zreqJ<8FuHeft#R+NI*D?w%D#E^HPIK&8AF z-1Ketpjb=d6^Vk*#hKUMdL1ZnnkiDSEJbgvdJ?YRjl=6+FMxfK{ld(W`|)GD`%*jL z`-8e#tC)xnr8a1Q&0=EGvGZuuxopsb4%u5xAT{``JMozJSw0E}DwL;ok5W}dK>3U0 z?)l0LXzu|JPP!T+tu9*o`LhfO35f}4;&K|H65TshHz9?3NxxD=j8)<`Cz@tYL{uB= z+;-*$^{`|$QjU3r*l*8R0!86MJvjOVJ2)%5;m#`;0OCfJ@kG7zu2XYdA&je9w*ZLO zrln^j(1EFDDRQI(&`gEZ(Z<

oejNbv8itrUVOFgo(>eg34vFPH185dd zs10E^20k*D2%ghl}1cja|b!ZCdF6@NNzE+A*MVIJ(K(mTa+LF!^GtChbE_ z&BRaUG@a5nuWmfqapEjz`}GCVWE85TR?dQAHS-0by7Dj+c7C{-?8?>{kog4YK>K)r zVk9KhfZml8@Qh6lxeUnaUx;eCB#e5P?myYQ6F35=1CP@~zW6(Hg}NyM3T!&Rd##@Y zjaP@%RcbV{@d3@j2V>(Zemyn+a&eDHd4U!Nc+2$v<>I=2y0Pq|@PF7O&jHeA5X^)6 zO>e32afJit7+Q=C!GCDEg{_c$0VNJ8iY%jss;V=9ZKMO`(5Kwgc<9c6@zr|JsoTdSY)tdPofIFi7z@_bu#j_?=Kv1xcq;V+s41xj@k)jMS3!QGd`+T&r}xVp z=h$zLaeIV_NZp{lL4it*{?s@qs6$X~?gqI^8^p$sI%D&+Eiat<4yw?L!(B3`N;?Cz zU9n<}!N#mHH=%FD0BnJR1qUIZHG_|=|2%||68sA?lQ_vs=m2H;rpIG{>njh(?XkQU z^BMZ7#}F>K;#J_?005&gO+-P(1L@jE&*-_XT6Tf=4!g$M6aF3<2jZmhN)lu z*FL>{CmTzILdy>KqFTPBkReA^ro{LdBYM|x25Gn~(yPRAr?Dr|hM@PXgm(y6WBhnM z(`$#xssD6aTi?*qY+!Dl++!tA(7Zov3-+NQ*1N4{Zm2PXhg$0eAQF4A{Sbs&4ywQb zs$@%2p#K^E!uAXFYSB%<;l&2>Qxr|mvpk`AY4i_Q|Lty*9o9HKy z{_p&0n->}|YGi>M{%f+-9^MpdV^yIyaz2_3-OVOtiha(Wpd|S)FOka=y8hCT?4aK3 zgJAzZns4ULk>GE+6%^vF>(pbP^JEbAl!?RUJN9(!8|ki3R-2bK6a|^|>YN=+IfeH7 zN=y$^x%W2AGZQ5vNoqOi-=Jpsr)qGSf8#{CJgO#-2Xl4m2oC_nAE*S9CwOf)^^Q8| zVJhth0L2#u^y5Fep-d9F5)=Ww|966IrnX(0pR~{}sJql;P zYFy;}h)W~cF3@SE{^i?!W4+XS8{KXu^_o{q!oJ6wPDE-g-yBAclh}0Fgio$=_Ij_q zl>3&J2c_U@UZw^<09UAgx-B*zC+KygS~mkH?X9pS&l2+3`#9L7R-jJQL4MgA>>iP0 zE2VKTnjF*jt+!9!Z2df@D>%oat2dlDe9hd>&aOlF;UI5V7iZ#@`%)IaTfZUqs}_G* z2Ex7*n&^*dx=WRj{clc>#XVHFf+qD zj@nDy1QmtA4|gtBL-U~F_H#Wz7m z;aEUjJa1(jEro9C_0$M3(STdk9rqfMvg5}Zu+FOxC0fVXX?I*-@b&oGC(>u$t0 zwvqP*@9P)sBIa7N+{elnX{~lArP&13%zXXs-bQ3^sUqy!X}VZRo3uo@fsVJo|3m?jCcvi2-YWhH(W4cGs9E5?`0y|zF!T%~ zX0uAON`+A>?3?=sro9QPrOrrW@~+6tAD@tvKZrCAt;X&yv5?J29^&IF&UA$FWVVE9 zRH_)!Yi~-;y(g6;?Wnu=O`w(h)b6Jyfo}m|V7&^Hg6-5sdFPd`Q)nRyWf`Sb1O`tA z8E)Up^8{Gib)si0mZ9#=N}-3n z_kGlFT?#&9+{mI42ozC+j661aJ9Kf4t@`xp)W+h$^-q~lHKE3CqjJXqbp>m){suI>w=9Anym=h618+|iEkJ0%3Po!i&hWki5b$YD`@ ziHLrkh)S>CmHTSG@H<0XurqUy8rf>}RVJX8o~7*k%!(9eV2M3heWdyvwt>%$QZu#7@xV|9Cj5ca-y_>@o~;~ zG&%@3QV^OPX-56`eAF`sB38{G#>Cl3@J@AguV*ryQAZmU9I3aLSS2Zde=Bh>x!|1c zzzc?xHx_?+{lMDWN&jMTRk7RN_ng1hay_zh@MU?J0I<45jcyaNO~xF>>#JQm1g6zj zw&?3m0ffLTv8EO3cqGc>n-76)m!T=I6vJVLyWTdf?|@BHYn^7v2lahXigGh~?8wRTTEU6{`YKt;xvkf~HSjx;Ms(;&zw19*A|-AD$&> z=qE^#duT4|4c!~S<|5y(TGTAL3ia*e%>?Qp%LxPPUOs0BpOY0nA#KhTr7a^?4G!w^ zHI2phLwWQMin_kcswiH{R@uxl7wJ?N-)A|SoD(0&>cTf&SJVD1kYi)&&DF_et{^wg zrpJ=W&2!51{>?3{!h<_?qXM)}oYd+Ge3LpQ_=22DqwLv*w@poH5)IZjb{cs!=;dqL zPl$iSk%BnMvBBal@+>$=F1_ei7LYpEb7tnyWw~>iuEZ-ZdfwFZ46r-}sfS)5=wU0H z<9KlCI{}yj%k;vrms{2I^v82fiXFFv$7*ErKfA7zb(EnhHE0M*+%|RLKOS#B;yzv4 z9|%9qT+keFrpMEaDQQTU* zchwd(Nlo^YAFjB^3=pRYE6V0~z;Ji8)-;7_)`_^+1^d>`0~H;?Nrdly;6`-@LG>6b z%}EYKcs~D(u1z;dYf-JFp!RTsGIlmgtv@O`e{pm3r)Dq`sxwr2;pIQM^_$ZZN<2vY z5jH6H-6Q-4-XB4tyLu$PlTAP#zrW)MzJPREx3U{Xg0^W zZiBS=j)+Ar96(4kn?kz7Hb=eT8sCVre$;y=cTV^f56;ZS5Cnr6B!H25{QS|lJ^hgK z@C78%yt?^=A5|QfJ(S;O&(+teq1?T^kiCQ!O^vpmDt;*xkhS-nl5wGgs~zl$nVm=r zG^F6FpJI+5(r2gC#q}^BG}CG>->h+YCjrwD<<$m5@G>%*q0OOu2jmiXajBZH|BPYk z$DZ?m{)+UXR5kYbYXyqNsJ?i|TY;ja=LEvm>nc zW!yleAO4ja%ImOz5#UE9EXR2j3SNxv`<*3W@Q8EAC+07~FQ}=@WV(Vkd+>T`Eam{G z=ja>V!{6CI#9c7p49da@f#z@Y`HPT(zw-Ljxf#R@8@vaPyCpqs_7%k4sidN(nAFqN z_DR7M9;%K`PPrgx{wMHP6LsBNmiZmx1>CsR4IoA5+Oij91T62OgTv}MPdO;cB``>HoOOxPm>ND`%Y!g=;0vap;rxQeA~x>_ zA7cT`M;=y^tfQ$b(CrcB9ecQ6p!CEK_Z9qPmp~Mvwd`F|T;z%0UeHW9bQiWAlxq9d z)E0cVQCcbQ3SUkU)Js8u(Uc+I2p?q|e9ii<)EI9FNv_>$#@ZM295FyU@6sV+Nwz2p zlflU*1@l8teT%d!!KJAm!j8tP|0hvd@=_0i;Z0tjw-2yHeat(;mjOz$e@6>)v7v5) z0HP|GMjetBOZQeb_i2)OvL$5YJV87&fP_SeBqRPzRh-uED|YrnJRfh(L5^rzDUIg^ zUl^sPLtP4a9akhNg6zJ(e@6GiGHimv`})Nx;#!bt9lhqPoo~)YJ(y;TfyAIvO$ack z3l>`+6{!8N2*|ilq!k3$haJj`J`POaNJAwtpSPO7Ct5m&W*mA%*-Ysj-OjHsA*C%! z9g*u7@zH!U6)TBs6UDLY(y7%@h@;#07Pu<8RfUG*sQbnFrC_tgt-J ztl#re2eza9^??cQ0w^Vhc&{5H5Cm$Qx z+MCl0M>PUO_mMhFOUwW#i*VEV_hZ_#pOvFl)s-nS(DP-WbGl~q0Hq&fll%k8xZZ#k zr0cS1_HcqWt(OIUtjjH}{bVI&*}Wb5G1JlMsPG~qHTR<12+aYSF8m&K=E<@Z*^lh& zN1ItfS6rdKckhW#=3(Bp3xiMR0}^PPUBRy? z7j(c|&ws+|qA~=fB`)0Gny05mkAOrY=l*_rnCxDo26iH0Bn~{(Hw1WEuty&_#sK&G zOI@j)Pl;ld5K%7G*naO|>ja4WiW#Nmbjg@Pp2v`G94hxbD>o=mFJczFEt}cAu*;(rzIGtOBMT>mVrAr1Ft8ymCgA_fzYuv~=bD%zNx=>(eBz`c*xSfV4VFX zbNqI>pKhUE01v#mbMd3`4QeZMyxa&E95(@|q@Kk+1oPUM;pVG;9j-AplDX}UTMm97 zVClZ8WgzMic@K0ZIq^|Yu0W`E97$P2`hPYI z}C0@@ev`p35j8r!;*Ue>_?>a|^wO(~~Xq-0Z*|F?a z_;FwCYXadiyCvB8|Hs!`hE>&dZNsoZ-3XEjQc@cbDJ7&sx*G&(B}7UHnjjH#Fl8I86thQD zre^#5>umCS4KB{_2~|Q9vP#_g&ab_4pK94ocEt^t2zqO*&6wPI=O>$ak5bEhP4r#- zHrpAMU+^5fQP z%$sqH{d1<}N;8p>hzeD2!Bjb&ISsu*hEbJ!_<4?F?$)=r#nOz*m)O__wzQsvg%0G& z7R@tP^|5=;9>=_Qi{Xq=l|B*ue>}VY+AjYXDbLN)$3<3yH-sKCc6>(PPRfVI*J6VL zF?X`Rx1=&DBC6xy!td5%KQ>TW&|KL~x^y43wdIA@5r{bRTo9da@9!U+PDd{m4e5 zSq#&DN!N(Fgz$?J4Yl91AHBp4@Ft?~w1!E{L~sc>l!iZasPO3EVAEeEvz-<6vJWH6 zLqaGFWO=Nf{VzG?%Bb?Fzm!;JmGC%q;Laz{OkwBIUvZ9VrHwp#(HB~pjiz-ub4O(3 ze$URtug|E(<69Hy!^99zgD)~ni1^{bB_(5gg^hc{0T31woMFbU3@rLoXS;t?+tYKieEE~H8&-?a1Jbi$ZM-w`A}|FT~%@t6QZfgxhM7D@t^c_WjS3& zZ-&gYVZ8kENrb<#)UM<5`^e1fH6QF1YoNpyWF(JjAQkp0oBq0(K)x}_7rxUy={TLJcCNT{7-8wXQ>U#9O7!L zcV0c5tJ%*&{$ba+XQHVYRka35TF-Tg)v$}=M)|czds&CCPP&Cv!l(XWc_s#o4AA6U zj&kcH@TqHQ*4znX*&Ta~Yu@=(7*6Wm^(O_s&OC6FZzXekx-=Np>9k!jJrtplT zF=Viwkuamx{Ydam#4}Z=)p_0?w9?TXaym$|&?wK3Q}ZJe(A=Ig>M+{94*x zzno}O;TV?huH5cBT0A5k7X(ac3BcUR*A1qcn7Uw4E8sLbG?jY44aHg?HvTD74x{4N za*7g1?y()>NS|X4q94Np_lC8PvYQC0JuWjIFdew=NUwZ-DejbQtw)^BWbcJylIlT4 zE4hzKJ8R#`TasmyEVswC8+vO+J>T-#XjHyxUy{zA{20-DOX@psOZ-*l;mc4ne_D9I znU78AWAoaJ`CaIl%o{DSP1WkdL%kI}KxSHstQVjm`K^eDmxK&5X#NBXKRf)X%-tNz zrtM)R6o=_N1I+<|)7h_=eDU!=r9{?}wZ!+eFT3CE)L@C2XJ}MU%O(EUX-Yj(3$-%Lz9EfCTQ>ln>nFxXXv0k-!x+Y))FzKbkR?zn#G zm%;(((*{&kHr^dN)OVyj37XA{vy8z=(iizuoyK0Jjx0##kJ{~0&Fu2iKdpqCbyTPHckB3++`Bqst(QM2s z4i;TfV(x!19iuK02Mx)ddF2bP(YAaT2{x*9v)^4i+*XcZQRVWwS+qAI=03{lI^P|I zK)zM-74i|6MAMS5uJeJM4MCF@x95Bll691@W7g0g75679y7w79qsX5sW5ko~hss6LCCkOi&V%s&fE5_Id z?g(%#DW#GkK{y)sq%GYp=H&_mS;5>hGImk^6jJ@7;>Jwu+E+}!=(5CSa)R*|V5Lqb}>K3tv)Gmw| z)-p2U*j(rp7&$a4wo+|wYl{sHCFt-eu}z!sq!)yd9`D>GEuM2M$mM@TIc4mLh4P^5xpKajJfAj6ic|warmGwVcB60Dm>5 zXkF%&jQ2-xa~_el&U{bdeZ_g1BNm^TxnaATZu8nPwHZy|vAy~`o-_ETXI3GA*#NkY)pQ&z+?i(=seZw1s52EjNoe2;pcnvlvvNsYuB)~36g#R3Ck|rgw;wO-v`}hSgfq) z(7*gl`f+7h)GChfC*+%;ujB>!g4PJVq%y-KU5gZCmh!M&mjnTPiFp&xwKp<#Y8h4A zO>CZ1^&i=G$K|rYEH^Xbh*VtDnQaVtNG_x$7<`EU>!GySc1FzFvU+dj?`2N1J*D9I zFeA$6H|Wh+v9-_3Kf6PlsvI8L`Q0ZxWwG!SwlUll*JfPbyYh8Qr!2lrAFg#i`!n#Z zKhK`5!bwz~dRR?ma=l43Y4N&GgK|Qh=`Z^u!dki-#lr#TBRRTFWP^j{Kb|4HY<7LlLhzIM;|LcVt18k<5yVe5ZNDmCIK5thYL&= zdOD85>9@r(L9TH(hHr@opKf3vwnC{bx_oJi>3jT-!i`eJT{MwYn@WjEOq*%Sn8=n@ z%6V&8hF~r-e`E^-5A= zS8fa4ec+duN|FxRFlbQk+JI(M{Ge7QY% z5N`d}%PNTPeG;dAl0al>JC&gLB^*#jpIOq6#P(-~;8o(#C}G(wZYZC z_$dQgatx}+mR!d015RdDT+97xfsb8DPOPh#dd)9}M%?Dvit|Aez82Pww-Y@{llNtrDWhm! z;>n~Fqw%nrl26Yk(?xL{n6ds(%3Wu0Fg|um#{bHJ-&V|MBWxPx8zbnNH{}p zhCpHGh_8{TpyoK}l`tLpg__~XZ31KT(T|1XLxB4ARz-3+sM>iQyR{%(tH7UXD3ia; zkT;5c3_IY#me8g0)=1*N)7B;lW+_nbxae8c()b<9#I=r8*6Pb5V%i9Z3d*RfV2-g*rfITgdl0 znIA(WG|qI+nVhBYK)vIjXAPa`G1ZBttFeD?;XEX~;_?KG0V^N}FKca?O$Ds1HQtKL z9Ea)qeWac0u@D9ojK);@zs+e5J(V;$`>trBhiFt>kB8TTr9WfCj2!r-Bmox3Vw;+G z%gJ4G7ssrsKxUWFmZV=w~yNNiJA zQV<^+osP}$APG8oL<@g=?j%8`P~uO+4Um`qE`n7ZCfh%R)L}9va&}akwXxwkgjUQQ{0ShRODA`ZevDF@in|c2J73Bk`kx`qxl3f(VyUg85BGm3zNhB z%}Kv|N_K6pap4Nr(%w$JmWwlnSJD>lEwqHTlrOx^CkgipTZtv3Pnq5sySbe`vRA@@m9--| z#_3R``DV4)b% zmR8ufIRKto1xeBqV!L2hEIbQnSaSbJjqxtH#L-UG^WjGl3&h$n@JVVvzqt`3`Z7}X_WeNr3V(vRPB}fh5pFPD@vXsb zt`;1KJj1Y@0A}j#7VBJhrEI;hEQh?8MGlP&n#XTUu4gF|*E6%Acb>s_-JJVkKm@N7 z^Zy=sL~q7L|FO7u((c9wl_Wlm0cXQpiRj=2_~jYgXB`Pmqp&vC@5wQ2cf1tAPnnz| z>QQKaKQE`7*d>&jjXv{tEFPZZ&OeyU4Sl>9_#w|~@8rrk15?CY_QnvhSJ5nm&aK$H z_jj+`489M5U#gpxaQV#A-0z|zw`IdUapr-_01GWRZu_vXKhWvP3`FA$Z-I;@luTtj z{1vkFGwtTfKFJGYz--k=zrD9M9^>h}*|hYtz@?u(!|jqN+wqY_N_TTUgS(NqBtV-N z$Z5XfVgG^GeN@IHv;lnUy@Awyc{VzMBIBAbjH?bQfWQ!BYlq6iltGSWYXG5224p322;gP`qu)Wsd8hmBKt9oI2-3HK$bKxEj!Z_f@54`+ak zE1}{mJYG-uA|9vv)|5TGTUOkjxf`(E^u#KtirrId2cfU!?)wOTjBL)#$v@9MQYb&2 z*Kb+kH#U&*v)uQO*&~K4=(~_+dvA05zA`dA!(J-@t^_QLx?z*t_24DZi8K9`)$Ay# z|GhcwF61FNGG10+mA}3ue7nSFBYagW@8xR;1n{&2D_II9mMDbHJ-b0_B#hg3YVx1F zTGusMQ$*kcm^H32s@I4XFxD)qQ#%Uv96Vz5Je+WK-q5M(oEaZ%P_nWLnmXbG)AMig zrykNYG~uFTmS>Uoi3mi*gBPk@C`p05?=y?Wty@>rYj{S{S{EMEsY+pzEW&3};}X*x zbBJ4shK1#dJX$3SSqVFB{>}E>fzJ$!d2BmEYKFZUFOdnV#f$7R=LOHTxFRLzkN18} zf*OClxbn1X#$tMgda9|psD-CCU4@dFmcc9$YoDg|?cIx7APbQ!sfA=@X4r~tA><&H zf_QzJis3Bo^KC+jtGg@+2)@%(=19f-@t)Nava6cX&}4Yg#mK*nxCY6pxbEE_QABaj z!{r8TKXwyE!4=!0T@X)KrdAwH(=IujECv?@vAU~yjw6Cv^F2A^H+6Q-Vdvo$c60*f znGJ|T(P_oHQ(}09{eq?2VhW1qu^RUDh{)xl74>33NX#3Rt|Mq4(CB{=AcjNp6a$ zaW-ec%uA;G?4bWxF&GUC#3d*Zv6>e#ix-5)kJvlIfFQ zPVN56#Shis<>kSS?xX&f3oto8*eHCd)XO!NwADLelIo7w{o$)NMg{Q`6Fl&sl)sOf zK96ehJ9uffQn+sbYaNPo=R6rb%oz@lY<{A(s|$8Bk@DB1`5E@+&ZT5_j(AG^>&>b4 z*`ba;o@*L5KhsN371)4RhheM}X9YG69h3k}6?S0#j!^bL71#`;5du>r6`Nsswo7`^ znTZtVQv|NGRuZQ0)wquSdi>fm^OL#yxm9U;d-yLVu4(DL26RIfqW>uAo;3(sea?GfVjIbqb5=M`1;Wb$AoX?#9yLr7MF| z`Zb$BeZetg$~*i9m5y@$KH(0OpXvTXtn)u5lcX~SjkCwD2K-)UUTa%Oqt5Jpo60u& z%LtPsctV(PqvJpFI-v@?-U(JTzl8eC07ofUfgweBPATKheqj-tVdF`X;$eexpde`+ zz1g+^$tss@GKE)*5X(k2S>m%p=a|Jr__`$UJkZ!g$Uzc| zOYcKAw4cJ}3ovOw8g8Uq18ERI%jiYhTInVnms^%l*9(g`cmtVr;7@R<6N0vaD!>0w z<+Q)QDe?~6>6JlF5QZ`Z-tc8a7`QA2VG5l-J+Xn}_k2y`8W)$VGDVboL$3`j+e;re zm=;j>OYgbKaTvZJ=fh*b-V$O^5oTZo{&MnpE~?2`vZk2F_xW6SK$O z#eoR$i6nw^zBx#oq=%hYUm0JsF9Hu>q7{P7m>a{yt-gu5J9C7vhNb&f=a1o@?+dtl zEM0{+1Y_U11Wl^LBrTYQ2pIcu_aPWAy1ni@QIK$Mj#1jH#3@V&=LWFZ7F`~65FdFW zDQ?%(7flU8GzZ?CZiIuxpaHK)7zJgTugj}kFbw za8Kegqrd+-_>4Z7#1eq;5+8WsanZty=6+7<`EYEDBn*9(=J!u$e!0f5^a~LEtg?JL z;IFjk3=(T7g9;zBgK=0EDctCuHnK8Z5P;mQyA;B(=nQ2cY-xI8aNAQ8Mym~g`83dP zu$K33+>1p>la%89FeiTR^7WVRa*A@e)&nFjf)L@|>3J#yu<(?{-OlSexcZV(aSo53 zNYW#6xM0y6c_urYK*q@JOa>&w+va&+xr%}9z(*j1mw&265~FbgieV${PQs(SY#rmJ*Ic_=berLpoB5XTBtG(F zGoRBNq#5=Vp}kY7@Z^}bivP)z5c(_{J`d9eqscIu6`ibO^2;`}dm*#i+N?~^`CFlb z;%4?W+yf;zKvUk}Q3r$>C;QUrp}ha8ukLL1=IFq1kUq+&WUsx1sl^y|z4)h7*v5v< zarGpv@4B+GP0?`ul;5m$A%kcOnt1cKVCPEINeHFryK&d>pG{V*DLGdU@J~?-grfN) z9y~Vv;92{yVF;3WH6tfq@;gHbDxwh?^yD zVmef3%0CXfm`}yyticTm>K9LW**d8y_U97HoA^f%$PwbOoeT$hd2whB_8{ahz6-zy zB->LiTMOF?hMOaD>9ta_IcXND!u>_3;7qNcrL?Ob}y{0wO6E-!C=VN>^ zj)8vc|Di;nzIoX$HI6j6fXU=7pa@SZYEVjPJ9Se@ z>zOQjG92QSXgEslIo?t_uxy8s%n!kw;D*FMQ@42ozcB2q^v;6?FAbl=zQ$|(l?x=lMruan8BhZLjH)~dU z{tj~GeWi|=HH>CC9$+X<5YW$9$I~K%Tv;cp?(KZEF;DoFo(lO$)Q zbebl#{t;(ID#Ku+r!!)M6~UA!o}~ywTrhNU3wtC*OPZpCQEjQ{{Xai2UR^pjQTyRn zJ|r`F&YXR%*UquqaE>VpAkzG$-#42OwZ4l>e-H>-1&^eY{ynVc%S+GSLH@)NJ5h+pNIY0CIb+aA7{Um|VNbu&Cgg@UUE|diIcuIi}57;KoZ@bi2 zbYW5Ez7Tb}kqLTECm-18^*h;`uvrKg`z+FmN3l9~j9#99Rr-FOaxIKnPRT87eoruj zm6(_Wjt1wyfGiGr07WJ1)KF23iAqH&7Mmrm5dNv8)oQAx2(cz6Qp#Bx&^Auv04@%p z4l~(K#z_b7#LwIvpr<@iQ8fONW@w#!OmFm?@W z8r%I{jw6_HR~#Mf6HXKz_&gPEr}wk8&#o+>V_n=<&Y_MN?n6!r$xQ{-t5Www?H5q~ zrkh#ivq$B;I+%u+iEh6)Uq})NkNouU-Wz)g9Hg=p=}YiaVivacM#t6F*DB!sSw46G z-d_t|vY?CFk50W@7P*OWeE7)(&|O};hpsL6ZS)01EWIBD zLi2&XnJneVqyNf!fWT*FGT}<8`ztxmW=pDI%{=?wx%1j&f3ak>dY_f(+DLBu8I%L~F%vBI4Qosg&C(SIb>xFj?{tb6axqtNyL0`I zw0tXFftWirl1tnipqP&nV04)??xwgA`+meURnIS3$9V%capL>WL4hKEuqhy{hcAT= z+>&8I6CsoUIWR~v3tfHpKr9lTV)BlNeQN27x{)F?h6CO;8mGc0-er(cDeFAF_vxwsA)21UTWjcC(8e}R)!6I@s8 z?t!1pD}H6!1o|qFV>}Q);5?e9RgB$_(~qUXa^jOSQDdHVx&npl*k(j;bG|g|xr-3o zDcll}<>2K_W(EUfP@}&s0ef)lqJT>X7tIOHVZ}g9jD+FwVGGS-H_x3_um~K#5a8!m zWCD1XIe~=zPb>sYyP1F00S#Y*cOx3_8pH!rB`cjmO>pNQB^%#QG<0AzZpm z5^^3;>O>|rVh=!O5rnpW<4?k7!WJi$@HK+#(rT~`O{`estPlyPg@l|o2lYt`-l+iY zZ?g30w#EC;>i|TxT&TIzaKB7tku~KOzq9S#20T2_+6;<(=5LU+H;=IJ=@c+qKX_Fj z&I+%Kit$|gUCAD%mY38WQz__>LL+&LRn-jaR*`3iX69%+ zTf|xIC|O4=Kn7x%<@SFdQK@PU-g%T09u25PKR@W#&mU)D^(+{7nqz-iPq|u=_Ha-4_V3{)ENgemd3NNb~95**_A2MMW0jKzv7Hx`DpwAG!IZ^B9* zv=jKwL0Ir!nPo*<1fCywjT=lqb{YFhbNKIXc=VY2Y|QlNugv#Xb|`meh9DyO^HLyEglndpzv~+vuDDT+s-A<8 znV^Wx-J6u%)gL8j8kND&bgYV=5=<9@D>;q#MGT3rJsMM^7{*uvq#HY$B(BIfOIJ*+ z9XSwo=mRQH*T`Ply4JpbP9%YFi9_1ERCSQ$^doh+7b`9*fpZXGWH&~PV1w-;9h)Sj z0&4-j?O@s6%VnlP3RccLF?Ih0r$Osvr(NU6tBG5W+OoV&iaVSl_?dQ*$2LQlbl32;iZ>!Y zD+Lgv-4G}CIhcUjwI^l7Z=cm2WoA#kCTfW=EVH{@X58|pr|rdkVh#DiUz&EClmnSz zM#5Rjf+*IOKoDJwjLhRmK>LCpqKJJT!s3C%i~G3l=nlMM%{p47)DBYydCZGXna{T3 z#@h|Cr{#^uc=a|W1kuJXbZ?)fM%>^=y|Bri zr(k1Cg(Ryial8KwO?x3UU2#aqLws3=G_1fhq_UZTkqX)>;w$L$st?^@C|tgqUv==A ziYZwwkE)fEZ2vSf-*10OCEWO##h8ej5T+g(-)aHkR<=d3+Gl!D2p2suXJ=q1Q|>&s zOaqO!>WOla=*Hcm731Va)XFeUV1Xko9?EZkn)BG^ZE}#3!-dA9`tk3ed;x zage|)bN1hUm@B{k#`&;s#Q!WMvM0)d<18Rk$$UJ*fdDfrAQ15l27mZp=^kSck3>epn>;rfo1!%akTxx$!T>DiwkK&r3X(re{NiOlIBhyokDh`)^$5 zxBTbGH}Z z{C4iB1(TnfDsA1XXBz`4#6_@Xq@Zj7eGNw3a?sys=Wsf8;-uLovG8n0i{HQt69n#P zz@Pny)}%E1s|^lNBsv7eqUr}`8t#a16U>{r1I<|aYb)wqf)U?_;Nm*Oq;-GEqOIYE z?)HN+Z^Gp<*#R;6#Bb>f7k;pLRv%dBs&?)1{CO6jbxu4035_Ccm@iYqXV?cmeP;&F z37($#Qx-v7@Qhd!WL~jiZz??YTB?Irc~)(S+3Nq+Gb+nah=dub2WJgKlQ0%a2-T zrpPj=7j~Y>3eW-qqWsNOHYEL`)sttI+|FKa7c5rTpdf#Wy=SLyfY z(75M)^rEPT*3qFN1XWj>KR2^S?L@%nnVCt`<$~x(uhxI2tCbG9PD#FtF|PLu7;`#> z=*ZLmekcd=``gBz^FhVM{gMq@?rH6SGBo0|!^TVe2P^``|>Xpp-Djhr@Bv z?)eHuwmJ#k1ymg8<{9G;uS@sM>~P-MSpZ=#8vIJxA%M6)F;{3{nDLcnB%hD_vJPlK z(i~~xhL`z^b6UX}=Hc4=JwXR2dJw}dx{2Ue)JviBIB-qG6-c>GKdTGJVVw+9@1?$` zsYs{;W02Bu&pz)!DlcM(s!;Dz6B)Km#PnZw7tsE=`uyj=sF!@ zDWO8RC3F(g0b6mA*{7lBC1|^zxz80?Bp_tl^FNI8sk?Y3J4w#sLQncHkjh#RX_c*( zQu3*J&`xaAQ>eCrv+WrOu2`z%kUP?f-03R;qz5_ZecNe#_n+2n9kNcgceI2XZqI{` z1(wm4_R-1(R21$Jk97r2hnVd{8>0xhXurLz^W@~7r`ed8q+bfyGWvLJ#x5?tOx?{` zsQbToS136IlUcI@%(YsWFJ=K0TOk3NS|6H5+*ze&-Bi6f=QTd_vP!<*xGDdfR)zHd zCy)8T-MoXfpOjldCO@t1B;cX~t9NG>52OjINbV{iII_399TxyEgo@L6yl-($y#A=} zE~g!8ojrT@BjIXkQhow!nukix&5rH?b%EqNX%nX{8&-Hh7Sf7?m%~9_JHaKBRxukq znpo?xrX~QjO{|V9MMMyg?YCVey16jA&yq?~f4WuK@36W%pLVI&;6ul1d+ayOzay(U z3irV7bxO!Xdq5L6+1Q_Z81@0wjEKvR?-Y!9+8;5B-;Z3?REG?$TJGP^{_Sy9S z>SaC6`!D7gIWgFBTzI1Nj|i7zduDW7tiPlNdNNgfD|DuQ-o!ZJ6`4jL_kajMkJ65D*WT>K1{G? z9j`pi51;#LCUJD+*Yw!5auly?V9+8h)92a!A4uXnf~;<3500c$K)_>~2xYi+DW+`3 zkuUjAZ^dgP@Zb^O8Ir;b0l#bon)n6Ol>5}SPj8QS<{lhaOY{t@${)b_qV+;gBRvw3 z8|DpGsjrpHcAOESbfaCCffW+{(%T=6{1&Qfhz`OH9b-)o53*|_nBuSi^NlOC?xNPL=|+q&6hqR zD#UREGW-%1P;+d>v`tYFpdX?p3%e9`(zroCN% zsWgj`=bb0*>N9EyOU5Fmd=2ac>JheGc5S>ZjH7ASN2;IJD*zJ??ny-SliVdhw<=qc zIuDfTtvfVRpEt@dK4}D-;KEo66)|=s=i8-J z&DK*hc`}VKM6&~0`83~on=?|0ap|Z~4rnNH79=+dbiUUW?xS{ZX!gP-KqXctUn&63 zii*ZueHnb#yRHc9pS}P{ss)5NLsafPO4R&ds8ahKpof z>ZR8iuXYXVCwR)5?p)yJlMu^1IFe6mc1-oYp_gZnCi7;HPE>iLk?-8fAJsPeE6ZpabKf zg24d$rhvKpv*mRBspH*mylcS{)w8)3Td%zx5{`WqgKO3(tr>`s04^E2iy*bEfr!)k z_)}TDqI4z8qBIl{z-Z|z@|LKA(6dDvsn_JrH2=1fJo%0`_ZbNe*fpf4j! z!A1ZjD6&;Fo5*M4@iy;wS~#JAhget<0A>k=t9B-nA1(S@p1HFmb?_CK6pNo<*1Y7s zd%pjJOBwe}lGmGuQ(uT4&WWf&Po6fwe=pz)dbMx(`=bF@!3Mt5b4j3T@9}V3c2wE5 zp09CT=zhl+`e|h$Y_52!Z;BooV?-;RPNvV$lcC$BzEu5CoaxS;{Y*h(%z% zkaS->h<)*3IIqb3PJeB^@8N^RA136!qOAo>6YeKn#Kp1E65>!*RLt}q*?LHPM?r^V z^OUn+&jpkt`bItcb0+Ik;YUj#2wtwt)|)fFgxI6f$k4{$lVn~eC|=}M#J45-(=W$G z3-#!s>;5koB17t)>Do?yN?KOzR@q-xue8q*-TZpz)}GMajVb4y6-`c`;(6%X>T0q6 z@`+wj7a{5vxXiY3gvp)I2gV@VZtOWVZqKqP$8s!P*_-Ia(@qWk{(dltzFNM)$ScJU z=koS}$mm1KqxEq|Tgo$12CXGyIw7E!rDN@+Q~{6>5;7^-5(rR=o4jN{sTFRxFOuOw z1oJpHF7cSCrL?%3V`hRhC{*9!XFoUqW_;UO@h9-ZLMr_%Jz4OYm@l$-=*a$N1Irh` zyvPt6Yoj;+LSuL=qL1sK2hrs4H^b0lx}M@Z6&VaKFYpnc;~pF(ui@>I)TjW= z%0wEZ61F;S`cN3QlDALAxR1u3J~wZ>;LRiD*^|6IHBNWLXT_n5XQ_>W>tcdf61ii< zRyq$)vUA}7$-!cb{g`4RXoYZ&P?(p2NC9=SCy{cuPIP^=&F?_}b==rGtzWVdJ|>>4 z5zfu!nzt$!gEYd)zkTq>M!|Gpsh1+*jHi1P|Iz|%cG!_ z$DFtW6YMDtBK?zDLq`WgB)%b?xIPj*_tLq_ulSAXWUu;BgbIyB!|I2hv~}cAo_eL= zctQQ=$6{fx!_4R5CK7u;9&pm{Jc9; z2n;vFR)>8C@h5|~@38_%h5&w2SSWMMN<_jjr{6)>sAX?z^{pVk?GnSu&ShWim)C9H zzxL}?>t~2nmYp2MOVvDju=HSV6PzwfC9%GSnT3J{qxc&L$JTJvLHe zKI!W;T7Bbf8Trm2rw*O@g~WU}2(QAn`^Qj!`O#x1av3mEe#V({S2QaYgEakD+%3BH zxCC+iJH)dCZ=MT%9FfoE_z?mG~C2ii2Z&GG8<07hBqE5 zi1Uf#N)7{WGLa4Ne@Xi50Z=F10`<}YHT|WYI2AzVdKZ(IrmrSAM77pmAg#E%6$ z*Aiz4#;JWM6P_JTs8ciz7LUdmW~;s1IOOJ9e`$a9S+8GfDJ{=WxutBYl*5qJ0+B^?oSWl?*={~xk;a}alf=#Y5`jn zNoOoHZpM3kw7qxX>4l8^-Q=Y23+3jx0WE*2_%!I5hx(_7APC#?< zR1nsMsk$tl^8xP%yd(i|Zx3;OFiHpoqQM$pRU;8%H(Yy-2PQ`=Tcm7%Gx_n4HC$F5 z`Z}5>d6E=*a*v%2cm>43;5p^2!ksDxq$O6c&i($j>Ux;qG&9I$Z|0Qh1J@QU5F)^Xc8Ts$x9c-`W}> z5k)Qwe7$6*vLJ|SeUx>rT*W;g$74k;_HK+LO~8bpkmw(dfO8kK&uiH`j$hZ9B)p7F zeE)E^+kA6dZeZ(ea_Kl2N~oFO!#xj9!a5ep3Avn9pGecA-`iTPK$mwkX#jjKBSH~y zbBkw)hf2B`FAoS)r{<~OH0O(X8`FuTU>la)Wm#7BlkN6{#9#re48a*hz&tJr-af4m zQ1`5Te=76BU|8y%eb>lNAO!_58Y2~!`b_C2w64%^Nb_PnH?vYyTcJ=-4p zNblM`S|R7j7h!rSyuZ?K`0VcE*T#)YpAiy3Lmxlr1XzS0N%kLpG9Y$9wJWpw5dc7GE{g75-KV1Wzji-=s<)N@+M)7Azhi!yptbOh9 zvDzo)&|IQ;1LXfQ{8G7m%~}(XUdpk$eCY zbjQP(G3I`@mOdyxppT>psQqrh1x0mKDGsSWZVH!eW$Rm|#Tbp)(264g+Ej7~C&cz2 z(9f*GiS<*9)x}LJ>I=mnB|{1NjA_CQ*hp~YqghwV-1V9|wRh#@H|O7S*&ndR_s?L` z+`R&k8gL|t$3U72VTP6>8qAcZFeY?1Ori9`)du8v`y|Jfm-AxlS=R`Z1wt1%fminN zbB;GlAB=2z8Fhf*W*t@IAMxQ^5Vkx8iGDmRg{=U?6rD(qEMS9WrK2Kua%`11D5f{! z52x6`zC1^9N2j;Lc*?)s`}hD>ePweSwb)anx<47CYuT7b(u}RfmjT^*0vK1;&g5E- zb`}k0XM??l9yRN-4*_wDVoBaWswM%X&l3Oyt9qS`Zy7*t&djgCX$^ep@Ac~^LNSm0 zH*M;(v*?1*{=AUJl1`|LCZ+&N>`k-WP30UeQ5WYdz^MOI$WcQ46saeZ9K)+RY8LKy zUCAPu0T3!nJ)8ViW843c1^8(C*UvETsjgolVTHuaH(I$?fqG-kw9=5hVA&WzCf9c} zY?kY=vZR|F8+d@)kMFz$-ESL>9{LdhXos&5-b?v7_U04|4{nDt!dv0U@1yAg=GL!6 zPpQVRx&oRJ)zc5`Uo+!w3Eg^gDw_|0m7dF#<*z7^FJB|!b393H#odf%C7kD|2QaYY zJQ>u35Z^}elH0|$dxulv=3j(&+`A0NAL#Lj^b<2kt@4Yz=jC7*%-cSRT$9&>hnG0& zz1CEUL?$UuA(b}XxK`Y4QDK$g7jaC)OL7U8Mh2=sbB2BuZ$!M*lXwKf#NW-dNbhM!};^kuPpuML~5JrV_JhAL@|hM>uEUUywM0~%ptb7JCGidCIqy&OR43n3)pC{8kjTQU9^*vDW zMNa$%D%8mx``Fiepf9OXS*E+&w-8#SWCdtqb@Grb2E7_4H*v--I_lDMOURe%BkKD< z>CW@AWmm3A~OIUV7q=%$RnEPePeoNB7%Yr&{_>^6$yyy_Sp<~=C8nG zH=WKn6gDZrc)a^_kS>SEY)JGA-O4zOY6lB5a-d<|;ua*d5PaSdF%qp8k3K=Y$XEXE z0P4Hrdtyaq_7K%WHCoi?;Z09kg)uWSVx)K|ja0wHH=>Q(l)Zb(WImc(Kw{BlD63uH z7pNjzcY0R(FMzP*n-LDtM^V#VX%0~4#zs!3FivukngmLqz|*fl^h@7MrO;FVY4r@K zVf{4~J&23{sag(Zdw3hsa#+B;;b`q=O?y9NzCi?MXox93{H@kcL7o`PoW|ETV%gL#yChc3c|DsBDB&N#0D-FkUrQ00RbRz z8<_$+${TVVj&O7c?8gYS6$y=$@X&~8FW~AyhtFm1!F!=1<=(cM5zB(R=4lfcW4klp zj|ia+FsJ1~t_2_Q--$y{Ss*>*1K=zJ+GYAJs zoJGoz1|5PnT(qX*dmbmVw&Kw6Cg^Wv7E-9Q;C>0xp7z&OHkN;CLGKeWS{JANq7Elq zb~zkKxzeOtkUpzM9-pG*vyEch1w_&Ui&5w<8w(WrV4(mK1wu>PtrvGfM^7MO3!*_E z^Rzo6S_G$olq+P0$4s*itL|&$xf@S@!XZz99_~{iOFZeyt?5q`M3McXAG;R7=^fEL zxGq3tvN6{!#S&3;6O{6*;AesY#4c~KeYsHpuknyIS#|;{I`jM*mo!FOu}8$f``H%>eMnN2N~1+8#B_TpJ^v7IH!l=bHjMwtHa>M*TTCI`hv z@~>7U{*m-gPPCUw%?%QP`E-NIInXd79w7XmU*udIiib$ScigQ@%?L&9PI+IRv34R4B;&2DvKD#vlVdwOuVLW!Ae<)_ zbx1OKTHRPA0Tt(EK{VG}Axm73VL8zeE7$>0J>Lpd^w&lIKu%hPvdge2Cz}N>!Vdj- z`7AQrD|?61$Qmw>uyrHtDAe^aKYxd*#7WXbl$2y0>0g@4bUx33o5OIQhgF5#ri!u; z6ZMAXy>~p;{rfj=hBA|t9U)|glZ0#uC42A6%naF; zh7~8086tb{*)mQdWM!6QXT&M{KHjSD{kgxt@9%!x|6JGgaGmehIM(Ypp2u;#UWBDH z4Fl4)YpspSHy8Hf7G&c8cw#tsQk0TzB3fqmykC7)Z;Ov0EloDf^u1mLqdOIl>>TbW?G~XZ1uE{1*ESH*A`g}1r)J$ zbU{ivi~JxD*TEF;7 zYZL?aS9&4_p~LvuVjDKTbyJYGbIF|_@0H?aj_VBjH~H#YOx{>qfl zp`LQ30lC~7Cm2J31ex8E z>rdxrk6bzn-}UBGk$X^A@@t9Biw{_*$J5J&1``#Mh}F_tj)n`7zAr*yn;G*9LQ(Au zsKbYOKT)>}^2E;*-NlxgiA=UQ^VEGvT(jX=~#FTTJK5*IER)|$r8EJ@($ ztRyZyRwXx!d5oB6C{3jr4w$;%us!cP?EqJbaF~vY2_K~SlT#Do=|VIws(|1>ADDjI z%#a(#>tHq3(ZVvXxaqtfoLM0t0i}Y@?x%w*&$b=B86+$wrApJpUMEFp+gZu|yZs4n zqV5Tf(sxdnxe*N<6Y>T_Pb*+mg3_0w$`cyj7jfqIJY$k*c-#5&CL=Ni z4sIc#nW^Eq{OX?x=d6!mzFz8O&Wg}JPKo|_elbHg z4&1N+2RwM@!B|B(5(kf%ZK|oIzqmLdg(%WnysL2NCu6^rBmptz>uZkkRXJEOZXU(e zvX~`&5mUAx_&q&eiSw?!&#i5}kg`%5o2dX2O7wnAHtRHe(;BC-WMBNb-KEhnBz(rp z;n$P)M^vymf{QdaotEeQ6t`#R~3$l%>5o%k~YU4$7G37@`pVqVt%IIb| zH*@h2nH@itUWy}cIQ>ni!UER!W+!KHKaK__tkU7@s5ZTHt(Ej^;&%_bd#rz$eAac& zAZ72zs{sOAaw3B3h>%^RR6Qf7J-GGhuFnT?LwDb^+t|*Y*j|O5IcWpshscaUL3Vf% z9}Cybo6Xg=2MYv9RRnQE%FH$`#7+b0FYqdNXDgW7L3CkZSfTH%_RpLM?y{MjQqsZ+%BOWM;_&^U__h?Kbbnd+Xv(Q1ocVL z*Nk~K=FDs&JjZ}AhYgKqGJC(QKm(%$^m_VSj79)iz~}NSs!g|J!kOCP;o=)1@IDVn z^IQHFPtE7~onvE^Y&`WZRT*ENnj-iXXlSU0olIsq`bow)_=(tJcR|VtN_2{GsqK3p z({JNdS;0x(MR=|qeoB`H*HOc0XSm^~-_^VCi=JZRu_tc*(MtuRnHL`Jb<-LizG2UQ zS6}pkpW|5SjQQ-w5#NI32ncJsA6xV$x+&uk%!JnrORD1~%kAZ2( zvn?c?eBvt7r7=s79!DH)k8)K5e$jLDmLw-$0Z&*~w8lGsnE7W?9<8}am6CX}nOf8C zi*q6cfr2hl8SuIeLK8|=-WE@CA|kw8MD5u@?SUi*FW0`6eJrzVv&^@=T(;X(aiowz zK{~M7Wc5T_?gv2dt?Hx?A^{F2Nc4m$eGvE4wG8V86CpZ;>2nZZJPVO?L-ggz1^Ha@vtM zY7-r~fZ!s%>P^chu1It$OLLk_D?P+cC)#-1+#>w*$rA9WVA4oT38pUHGx%q&*1Jm%V{p5`|!r9 zhMRN7Qp6vFkW~XkXn$(~{6KDN?A5M(1?dSZFY3Y&0(D0?%3_imnf=Zj>C03Y=y?E7 ze^>{wJ~qE?ScYbbAclG67c4!yAKo+Y8^6KOrS9exz4YME1W)l~{he#kTRiiQcY40w zUOWu@&|p!X-E{4ef2WcFR$YhqIiH-ic(qsfm^E&Q+mDu>=0;U+c8Fi^7Rj0) z+dSV{fLo<}BwjeUJp=)(pHJR$aL^hFke6?|_qE6{H6r*Sm5^Fcy5sdq`ut+p)a=-a zi3!f6BQZ{?F9lQup=kg~Lz8b^@T)y!eCKE&}oj&H|~emw8YQfb;xua(Xn+}T?6Df=#mTyQf@~J zYrzQ?)sGvvy{=vB_GRQ)cq;pusWh;IvJSo?F!4RRH&RkkHg86gr1fKD1E$3oJ|#sv z4!`{9dSsZ+2vF9;dfnbr9Lr9-5tQEbCK!hg6B!vCN&aj$-Vt3`z$v|Mb>vaN=4fD* z4Q;0ViocU1RtsuhJA;nr3PWDIgEAS@$_pUCY zW(0fEQoM}C<=CD8-FWm;P|`r}G^^V#`qjpP^f9t`rp4xamIvW#7V$qsm!k_#A&TmZ zgd1F1pz%qspN%`osNkjNiXNvw=8CQMqzKB-)rA37QZ1lh$3#rPE2mA4PV4prPvU7s znwi>!*N)es*1hj|^MQI4DV?pue`&_1Jk{v5Yr7f0?^coh=Gm3W_3Me^&LzpRUL~2! zAdn^CH@q`4{1I0!_c^r8=;%KBQNPb+&`&?B@Z{KEalSe=RVrmzQFa}xJ76;~8~wzs z)^~@Vp`F{*|c`$^YS1? zSFIec@0x}iP8h4{ABzxO8dNvF^Xx&syO~<#ia{a&r1!p<^SkbvGfNg_AWPpDguS!~ zGicER>SexMwd)(A9TZ)O0yK^4G8eM%{I$`pT2rM7LpJ*wZgtmQ+sCieI^VAQ`1=yx zOYqUcve6pvoq~A?X9mSLH9$O^Srsb6{umdy{c(A)xZw3hMZJT4_*bXl)Z_g%ny~tm zyf+3FCm*S6>#-Xaa=J`HOzk({RYuy@KjZ&=mZNq_NcTYPivGs+nIZ<)t!>M z{BtQR=o);UiTPl$e`-~fXXvwpn!7{NZ2zL(4K~|X<5IgQniz==ESS3d*fc4U^*>e) z+!UmM*d#T;sZkKW=~tebh?|9r`A!BkK?oRAqFk*>qZ4Cx#+|6<#7^A#v zy-8GN)oCX2LVdI~{EouRlUtd6&TYqt=eVMCCe*!m_^^ku5wYn7#)J$};&^6+Gu9W# z%5Dx2l})$g2A$s1Prc{%lMwNMh!GD6mt^>*!M+4mU+&#YV*(M{yXymGQ@*tjjCm)fuIypJ@O-wlNmmQi!gbvs?=gG^C9N(LCUr|?Zzfx6i zUtxah&a=IN^K^C<6pS2{=pg3%%R$L$X@U#-^73yOUZMiR31-ssl$*bts9{FuFEY+N zd$6LWkSWVurV%vY-nnHO*tD@^mfYd&_!O8+f8HX@k|tbN)%n(~XAfh!Url>xi~G8f zUb>FQC%zm6_F`a`}K zzl|j|&wj}j$zrXxm=#bvLClt3AJq6_?8_J4j~_omWsoJqg(q~U=FKEp5$U(#`_%V^ z*UxLEDu6Ao33=wZwl4XmZlZBeysCCf7?x2O{o3E zBmT~t9#UpxsanLK^*g>FBCx)v{Vbm{Qj218F z!V@c~>MQt1N9fLRCTTB?g@uIzR&;z^oMAo&dwzJ$rG<-U5#mSMlAt8{5of-sbFY@0 z*ksL{gk1E#EDs|VPRO(c+E8_LVrkF=4^GODY~+bRDT5qaWzccV!sNZp;fUjy+q#A_ z#g5Hn(q1kQ<55HKHFg|R=(N1Ps&gg$&OzUJ!mB+Elr`5|cv=rYYCLRGk*>C0{t1Yl z5TBN950958KfyP*&G~aV#!I_uGU%!{`Jr$NsVU-@2dPrS7J{q`F2ntGqFZK2Hy-6?&DBF;-BuoX3FC1)hSGouQ5qJxy6){~}E=Q1@4IInQ&dX4H zgR{7l&Es$xJ=qDVd4=P&N{IYj+0vOjllLm07B(c;HF=DE#j^S9IAsO4|RspRUQT{ zc*w+hzkmNyz>CC(-xM_nZ0X2ZUVyi;47>l5@CX+YJOGv$8uhUYi|71~-qZi}g? z%K2rasikIh#zlv9)!LhHg%$^${B))Izfhq?X{`NV8`oePRs;0#Rx?|45^O_47OUKH zlK2cyet<6h&yhw0I7!=I%Qx1K*`)~ZYtXGmChKWcBt=em-1O7IuvX?_xO-RPGu%we`6B1G_}o1%P6R5}x5jFS!xnxylZ zoWn#b&})ayIfFIVv!TULAERk?e5R+6$_GC7zIqqwp%(OAFq!|S|W zfdRYu0Y=uq-^8O=X}vP6iTCW;v-1xzTT~@T5JpT~!$w(^&b0gN8p1|OgpHYm4WyXd z%OaK|Y42K>U4Qhvj@_~fdxyMg#By(SC6py{Akf-6^WO5}WHj#nu6JaI7prW*J^LWf za@w{i)`aH3)n9I%A0^iCqs3I-Pz3&FEt}e&m9E~Y?+G|28d64k=q2=slK442ntHsf zQ12zt=K1NtMM|bv4P0D;G3r%b9%+&esRy>wL1&E<%R?U<3GcnxYUa*ViSjBYW~usa zC;8O$O*rei_u>AeO=~y{PZKSG~X0e}Mb&cE6cZ zbyS*Tq<#W9ozn|TCBvlaLX@$D9%Ps`!C%)~Rq`3X55&dwl~*Jsdt-wH1oyt#nsKo{ z2xrD6XgIlghR6P7j3-Game6DAfmeY~-HM-Xn#riAbaJk-|FnW~o*er2-Uz{riA=+= z>@{u8&rze5pJaIWLVwE@9PmF&ka`%f+n#9}5}3g%K3w#;s(M!^zpW$0HDe%9Fp`A& z3nx#K_Sx3gjdIcQC{?D^Yvk9{nyBPj1aYfF-Ne}q!%7N5R-*#;WJPX%Vyks+-4J#D zc!O?le`hl`!Q4lQWoMyT(N_s|jriK7Fml%JIh0|D8#b_WVD0v0?J9?ho|sdMRU3-= z4eIQMtCd^&fr8d)Z#1j?>)4oNQt?1ih(h6&?a~Y+D?3z6Ap~-vz$cC z@yqG=wi!9Q(`Ma)W!)}CJ`7fU;zgxHefVhV*3a?!!ml4D22B#iIxXF^2ZQUAP z`on@q@j~{E%118T1BGwa+KdZ64mGb`T_i#|3>8&6`$c*_k~KTo=%L|6J*ixfvlDnh zus&Nebt~e6-dFx>En2kqVjs+T$Qv#v%+1*4?ySwF88{`K{cBag4bHkPtcM&lqPW!| zWsK~o_7cb9Pr0)i0~og@_wt2rzC%UhA`XME>`lJ66=!iBuPhA~#-6?LSm4V*8j1w- z*xCH*#@;JddDK98dZ|3`1n?Na+*BHI4s4Hp! zpD%xQkib@E@$G9;YF9y?>W+6>jZR%l&3CtKW76mjA9uBqrUfHbKayaK7~}l#d-_{9 z$5n%psn3jV)-E)S`≫vhHs64)-3ZdDYvO*yicExvW-t?Kt=nC3j5og(T4pn5`&RU4RqOIw5qVjmiN|8b0h935Y zJgRB1W8v8x5mU!on+(<|8#l&s|0T}dIev){w+vRP;Xo}BhWyMxNre(Bc@%+?&G9!U zYQV?PUS#V@j4Gzaud&r~2hb2v~MHc$)71osI4>}iRob_Au+*7%5_C&H*bm_Z% zM&Rd@Vz<)3sb@Fqe+Q+sPmsSY4VF4sF%ghQjg*hizxCmQpLDiY~qrZcDLeFCo0u5plSh2GZ)H=^OXG-E%Cc!>Wfng_9YqE zkaII1M}8Y^vGiagnq8rw=Ywvr=D3?vSmBMYivEsh{}T?`e3+4Aw$f~)J=nZET)P)1 zZTK*`cmaE*G|d^wbMf}0B3RUtjb&>@dh#4^= zsQJXV)o78D5=^N-)twFW>QB!j8`DlQ9`D$5$<2DtV z`av3-bED>FvO}J|V=SS@=4`HWYy?H9W-5DC)XQNy-Lt;AH_B*cJlfLf_%QQ3Vz-n~ zSfW#lL&eo*b_sK5z1CPMY#BNI;$;JN65+&n6^J6+=!a3w<2e)BR=;(lWJg`Ai3m&;9}r*g!xm9=&VrBGGO0;lg-u+!F1CVs#@|Jq`9% z0xgC{-$Vd>3N`&mQ8G*iUf;J5Pi_0M)cWAnqwd_?pv^CfE(Xob3mCqW0cKd_yxk@i zy1-I-QpyjzbYD?3)Gfn^(+@Z9wvNBcxA%`pcDp!vM%#*vIwJfZN(_wSIFI?J{Ive~ zjTQCCoW06)VDi;(y4hITW&e^Q$MVG$!TebBbSEBpAyg0ry{5Tb9!cjvaI* zF=n|9ElkPyL>a3BMH?k}EN{v?HtanzgVf%wxUn zavx>XK;b9sJ*TkW+oQ3XUR~M7!FnsCzY+gvVa2>`y8m}zgL^W#&MI8!?t3R>{IeT-lZo-5Rxzmd<`Q|N%rxfq#Xg0{Y3D`bU;}Rb8ZXK zS`#)9V+J5sITjP)wrY^_Nc|&jfZ3f}YR^nW?$nqFIX^1BU$EGji{1*`XBMAh2ThTO=zeGPq z>H8aLd$ntpO)l;)Ar^wruL#fV*o=o|Vsuw85(yJ<0PNSAVy3_~rKhdO*8z0`YUIqt z<@Z?{eqBGu%TJt0+m8fiT_;zic(_k=-nS`_q*ex$;VZz8Vfm?DTx_@!A?s^Kp7ont zsH{{qE>5BwYIO)Q*L`Z0gQqRb_Ogh|8Q3;u0c_hK(3j$|T#@|9@s2B(Owmdiw~*B-R8BKUqd5OqDGmz2I`0Z~f-i>CJdzc9bH~ zF&%lFU~S^x3}^-1R!(Gdlz~my@P;@V22di%nMWH;FLb z5fwBcMM;E@tV#xA)s5TT;WCu%Ts*Ah&eaF5XSYvye~iI%uEwTIi9H4)edm(X?*16n zh@igI5Xb$o$3_@d%?by zh1ljKz<}%SE>26N9p=g2iQnDpD~WVps==aKm?2pv9a({7RiAT0Mj+QHT-O*kM;;Y$ zcKfNfIoGz&#n=KTO9pyacFPlyHuxPIr5Y@sv$H#EoYwUuI!Z5pv`|7_*E4irKjCNU zc^jK*K6yVxt9Kz^RPUnx6!~um&TPl|-v17#RHZ{lr3P@-E&wK3z{z+`?-;UM1Ni^s z1h67DUkKyo29g>4*rIuP(rRPwC4MhOFUix~JPEs6RfaG=g0B#9ZKNQe^(-Q{7FA|5 z)Gl&yjE4e^$?b1N09reBCDTI}9$Qe$IiR@;lA`$!nyb>H%?;`d#eZIO+*DP?;-qpR zG-ie9>k?Z(lFm#|1cfUP5n>W0JV`j?Exr{0!NJ>zdZ)`NK{YDoj3{^8YXs1E1PkB@ zz!CBXYG(npV{GmFoKL(bn!)(1%p^)k7>thveDD$Rb!Dxt&yqnz05=VpM82O4ndBKv zl4&J$%AL?E)Xmd0^Wy%FFUrjC`oGhmmfHF|Yyk)FVrG{x{EJvo8^rQWhN$fpe6e2s zRHD7AQDr9Cl4iZPldEQu;rtOc{F}GsNm=oj2a2?E&^+s}>=wg$dkJt-67pkJ1!I8sSAN;K@1$7ctz zG$GUgG23hPu%84v#q}$9gs&+mh>2z&6(~U7l^)nlkO7JLNVAWLr9^;Y9n9HMD~<Tu(%)v&{hQ=aRs)x zAZE1eR%zn(>n6l-;|{F*5e&!9%LUd6mw*X|W4>IFF7*ld6d(KP6J zM5M^!*W}T|1i>D7*e4?LsFYKa2oBi=drHz5RYp>+-yt{CtsA{hMM)JR5{8R#+6+YF zu0v-RLNOT4Hj<3M827(#c!uJ{ufDerL~Pe>7AXdcjJYLD z0vk6EN2{P(W`AdB@Gy!|Li1;;gckHi7EZECy2=Htb(*UyD1@Tp<1yTxn4$?4>W2S0Zodc6414C=FSq z*1B}-fi+D~n%_^9!>+M&?T0Ta{#s5FUP}fJql71D+hw-KIAr{=pDVr{(T9!4os@0r z3B<-U%22Ea?}-Ajy-jH%&-abhy1z14df+%#(|f#iA-||d^I)}0)NR+P+ORorskH6; zk0h6>%N|Qx#26!%pQIpEnkPy!x?cWI>%DzpxM|#XzRXrnPA~uc!eJECr7;Hd0PlKv z;9h1|(~<}u(`dD=xyRQBDKu3ImDy+Q5m*^Wyl&>8KCRoS@a1Pg}NC@ogf<9$m9Q=OSYwY5z8fv z#@ULNzv~=|;}pUujQKDN4r|6P9fhp>uQ%NUE9>??_iO#SEO<4_^C83ytRRr6(*Upj zpE9aN(+V4V|A;C@aId(0p>H%CR!VcVy^333b7MT@#`Mrl13LdJpd~ zK+S=8o(U-}@UvYN`1!N$`c13nBj%_ZJ7}xwV zS9&NcG>lgW?u?deVT46V6jdN|&B0uQwNl|9>EUm}udLD$L)Z#tF1%wHnM=qF#=S?9 z7(@;WWzK7%M;7G*CU)%eXHHK~Pvk*A|DBDsY*C}5tnR1Fa)dLGJh}xbto3!b`QFSh zkHx{OaBB;vtZZ{9{Vzz&OI6Tc2$ho)g&FM#Euoz)DCjAY#xU2@E-Fq4*}Dg69oJH# z7e~hX(^Vv`v%q*dtMZi+pcGP}Wyd?f5z6~;_aFL=9Mj+V(+5eueEE`9TRUQ8DCxWL zI{fqn-dQhbgMuB)X$8j*>W!59ReKU$b8yI~K|>(tyl+;>GdnZm$soyx@g012?G{4g zbYjvY8mr0?+E!*1Ty_IgIQd5N>C*+qYv1%~E}q8w_{T@!Oh0JUuQs7OMXRo3omm-E z5D(i2brWU3%xND1s>XkpleY)7j)#zFA;)9q2ey#s1RB>EbTrAZ6-q&}1v6+{Xj+WMF zlnRZyN$Cn;yBF~XJA{NU@vzH7keOQWvE95vXuoNHn=mBW@#Y;4@g)_yCT=L7YwD`Y zs?q-0cyRA1!8=B&jcZUypFf(fE2Jm5a=m%UxQKe(%jtom*^ilHvQGCwNtjymM7V)~ zQwq3#1H%FMRgHDv%4ggC7mbP?d{kmbd5NC6qga)ir34BSW2xA8@f! z5Unj7vN&~Tdz^7)R|HDzB(;=DmzJ-XdxSu~%Zn$HtZl95Y#X+%aL9R~U+*<2 z?Mq(nSj33;9e@AOI>gOLK>U-&RDxg;I`aZqYGj^^Pwqt_`??(ePm=J^<@<-`(z>MLfT_A#}4>kEVR_r20kndQ({s!vK#IdkPKeV7->!?OC@ zAVh_Lrfd&dtObjo`RiUtr6zeT|^(TAFe!wz5o_N3d&&m5k zCAO)^AYVr8!ueh1Ko2z3h1{Ax_RGt``}eI67GMwFe6XIIfMcU^^OfhH*x5BEG?g0Qjj})il65>h_F}}?T!0EV7qK1p1%7O0PJMc|2U;UTq7tx%T!{ZzyH4nm?Ah?AlrzzEig!sHx!xO zwZGE&6}S?X8QJv~ABxOa()&37Fb4t!s0yXEwV*r==Kq2Kxxxv(AZpcr#h5V21X6UD za{hdn0_atwl*kDRC~vzPq#pZsiRlkuiALyP`J0GMu8|}?ZvZpA+3A=5JHuV5l8p4O zs$e1q=Sp&+o&O>wlmz1PUOh5MV7I66$gZAW&y?jaZ(W<&F2`r3z?YL#0kTHwT51@< z2~^30ANoi5aBvd{y;!B#wFHb*w7o{+e!PVfmRw&ZG2$r@kWTp4k;4n(Q$cmtWi-IY zR_Uy~VbT*JN@h5ar1TyL-})ODAs!YoqzUa^C#djn`(+kV)>$M*Cje`#S?F*y0r#W+ zk($oGO-8hcx;RHect?Wya^rsRzjUG630NjVy?^}5kb`h|Z>J|etFbXOeJO+Q>H{sH zThj{>js(Q_l&j<5Z_cTi{$S*K3$%w)E%{*iT8KwE;+spLCyU|rt_G$Y+_*6988!V(iR}qy!-Qz zdOMnBjLN{+M~=3s{wlBUX0&wi3r?AOI%@Rz%U5xfAZ`jKCfV`-lFLWN1t)ll5X+Jq z-)3&;KxT7LsbhPy*=_N#wwt6$JY3ENh&{1s>46LN&?J;;MM&@t6S3I`$ASP&1{&B^ z{(5$$wF5HubB?i#$;m#q*uEpN58d;5TR|u-^^?XP1)FfPSr8hHewq226K@boFVT=T zCbBptfd5U3dwAzl{Q*#F-{Czm{z=d!%8T%H$&oI}Y2q!o#~jX%cuS3{ZrC{#xx1aQ znXF#ye94Mx#6>LTw8J6G_|qBDYO~~u^F{7uc6M!#ka@1(%ucL@ zdAdFh|E(q?2%-9IaVWgK&$wcovL&!65a`n%j>i8g#r<3gqFLC9`|S^^{nQv`2&|5@?66L89z zL#M+nGWXv>IH3#u@(Q}`!dcJgYci(jwwcV@d}!6A0;Eyp z^{~bTQQ%FYPw9n!W{hvOerTvO62GlbQy@j`?M~b>-4JR7Q)+$#6#H7P*sm@Fu$-+n zOMhsLgU3R0vG!)l(j||#xA!r(GHqIazeH`m_tez9x5R`CBqMmzb*daT6O+Q|_m?q2 z^>|VI_q3o6r1Es5bE`q3l$UllvujGMC_CAGgfZ)QqK!+i85@_j)PFW7vZeU2!HAr- zxcqdIw0naF{m5k8!`kjU51uJs2AfQN=T4%LGgL6U{j!E`)+3#1H%qT9G!59y(RFLU zW(~AEC1|0A6?W_-1-cN!PK(z^Xj;%1W`Zwi!dU7KsRCJpjbO~aZ&8URy)9Yqajts zkG~s_a%uS*Z!#-+->SSF&QK0xU#?V5prjOgQ`BD2=ARqH0@ubGNloGwVu55my1hP)3x6G8$WBE z^E~)?H_%TOnY4UvT_gZ$q&)TP++B_qlK0Ta@TWKw!IPi_j7_k3*lzz#dXuf&%I55q zR0=th+227Lbjo1#A_Q1Nx2^+e66z}c6ouo!Rl-ZLO8HgBl<$a=&qDqG665h9RMWNo zXD>m26;8C3G=iRdYZQjNP5_E0ZfLeFFYpV5CxqSJ`znjQF8-ErhT)RqBNNvH8wM#G zSM7J{=BxzqE@K=nMI)A*V!o=ZwfpP8?#*q!6996>C3Ta+@y2K%_HZc*8U&!r11Wqb zzCKkQb*LGzIm&I*S*4TjE9Gw*FmiT%p6F)+pIy)ATL$4D2!pGKR!(kS@sD8b)pBmy zFrhR0SU^(bF7nH2@gK^wqz#)xuqv#Mpp_}Gx_v)f7dr}XYEbX$`;s{W^({y1_GYE$rBtH;jZ;aNU^mfFU+icso^WYHHcat~aYX0PUrIu8u zCSnAj)|oSIH`0jA#QQ7Q8#`^U2%i$LY~Ul>{EIa1=m1NTUQ{4iRRY1)a&sA83jamF zHx!(0R1F7xq9V?Yu7bgsJHMX|H@+-YN;R)j^J2be`O&+(Yfa>iO<>`VZqG=)84ID) z2-wGeT%k_^24wNHIE4_-7;kc~``vnM+F@(q4?Kt2j>)|nc0F~HB?t48m2#f`nGH1_ zPoYEZywU?g5$_*&8Kf(Uy&O$uZ|a{smh}&?_XkeQ>6}nTK-e1g)ylyAroBl));pQG za-(-Q5@h4^1=48d=;tn$wv@hzU4L8l(QWl+Av*q4=UC#j&G(iGBey##nYM=XXl2m3 zh$nBfH{kTo(3hb{AbTX0kJ6XNYMm{CWSNhr?W-HQ5~{_iXGLaX?ub;F3p({e&sLQf zsRlLpC|nOL=yynvo-M9$V$iI12&Iyrvg~G`)J}`qTfi*$4NeH`cQ3HB*4iYK&W-Ch zh!we42vCIf|7m`s4@m{7-+*p71WPCbOKi{A7LZF|X5471=R9HWBw}e3xX6(Xxo(H3 zR?kT6S*sviFfI53IOB`Jdd0~vLL#6rY>bf4*^YS7gF#s0?G%ty-_>)8 zk46ylJg^CCSMT$rb4IOx8NSlI>W)U8z{FdechUH+Q~0pv2o^{pnLoFVoZ@LHJUk&FFNA$ z@wMI;$52N8JNj2cX~GBWIY!O*{kEbZ!(Cv$aCmhehW(5Yc5VjK6QI@~bq5)ij{zS7 zRtkazP4Uhu=tfL!yErn&OBV5Qa5)SrL(MoHL+b zRc&@SC2byCztW&Z(6Eq4Z$- z8NOd9>K$K!Hq*mmwve)AT0dzCc@(Ki?6&)qRNLNZ5quZm{=`mS-5XdXsQ?Q+0va4n z@VB$K8k;C~JH0De%*1z7XytsPD))UU=+O6b{u25zs|ukD!Bf{f5Jefe{V$V@WI}}2;Fa{ znGzP0W8F^|ned;sM*D-_?_#dnbAcrhhU_d2m;$Q1HedbRrfwEiF6Ow@3Ze7cO9c`M zW_~C5waqhjoVhZilCZ-~Q>-?XPbI28jVs zp@0)yKnST^enI|merjcGLak_<{dnYK>40C-6rEZD2aMEV6SiGi2S0K|{02X?_JooU z@Ik{SU>ilv5MU!?1|jD+fmSutU*xvv6c@&t5^1$BC!}#_hHb1>2#%jV94Tgr3v1ex z8GjhJcGoO$o`FHa%cFI-6d$h?kQLX9Y|+s6*F_Z~cM|+$rqhrs6AyOsi^4#X*1)A& z&!sl<%Mfw_X}q+o^G1c=pVL>wmz>m$0_d^v8b9+Bp!o$ZPV|N?urWL^;T&+e3Z6^D zR&Yc8tzr|YTlY8lo|ymf23CZ<7JjYNU2QsqS5lc}@rP7E1CXE|NtY}d(kZ`!ep*Vh zCoOP?2OB(9!0)zF_A|xFaa`xDist9e=j{Hra%ri9X{^OE47v7kfd`9i-}5K;oHdK& zf9|b^<-0NF)QFTRV>*N2oQT8OJOynHF8IBU$Eh-<&dD>eJE?THrK)w^D-A%G4 z0{q)#(qgJ74K2q?SG@y&scp9j26Wfl5w(zkhRWV@fpB$JI2|ulT5!HVPR9Z^QfR{$ zq5b{gDc{UZPX)~W4wg4gt2;6E&M4PPiOV5w;?`Po{4(p3nBD2>u15KQ^|V9huDcAc z4}kP@<{ZlOe~UbZAo6Ws^^U*WC@qpMZySXN0M zihvn*pT%WwCc|U3z4%*`=O=yVSVNfb{KK?^7LzGyndB3@}OGpCFH|KyQW-E{}b^!q$1vV?Z9KE6WunUrxgf z=rxTkC)$b!!_EPfMO4(VAtciOo5c!y4Yv2O`m024ysy*<6lmCJ+sssW%T=tlY37xP z)0hP+ke^lMJ8^gfC2=qynCv`fbXFndx^zx3A_?Ic(nv>;an2R0t@w=$&+X>jF2ke0 zeoa7Mim28k#)p`RPKgFyfApS-7}l1taI_*KNQzSnoP zulE_Fx>;)bRneZfHIAK`K}tW+@j>A3O;eU*Il*9z5DLiv59UCJ!OONk{yMs0YWZqW z-`Kr#mLs~_rxoA`DRLL%BYxKlHA)4hYV^?pU@ts!38n$fx`DUgwFnS0iPe^HR8rpcX=YS=Ve zmpd;$y$hEMqys&U(MGWEf+k=gTGRly$_g5G`S5yAX}eSh*ebosiEZ|3rJs1XoGTQ; zK^YDoys7E`AK)fP${`TgbW{+gX02cPbyVce_p$krpWV>70U7uq)C<~&mbbuF9LzpN zswe^SU8j404Wzc9r8~53W`1aJH^gmLHx}{Gn>LiVLBXTos{_gYr?m*S<OIetrNTU{Er9}`Z%2az*KQwO z3fok6(DAm?<{P5~KXl##Y~qvEt49xVZ&|?W?xqALi7(tp{3K&Ibf18dkMGzX)}9v2 z?=*^!l>b2dw;}JTAlIu8O6!o4n?v$Faz%JvlvVg{0Rc^~%?Sw!?eG6E*%k2#EOOT< zVzJ%=41Ot0#Gn2g2xxoRE9MI3hmZwhuYL7O>9l4lIenn^A{kSp*a1rI1;XsB5_SoR89(H_W;I~VH3{`$3^m67ol{Z&*G!G56cKQAvYt29^bGY5f;??!Y?%t=1} z(P|6(UK<{-uTtEnY;8`mKsYM%{?)B=(7flS&5D`TF7*INR903FKDeHC$^WgyHM^sG z8$O+LT^bh7h0^>0Z6nAU74pJJD%)hkCbO#v1i_y{6eB4KV!-B*Oun>i91jGhO}@%TYax0?6&)&1AtYi9-!2pwht3*LIWLie@4&JmHa zAbUZL?q}w>#~Q4N5Ckr@ycXFd40TW%xrs{}I`sAdP&s9X8!ia#7+Lt(uL1-T=pb6YtDc2 zb_lE*1)G8#Ci(dnWVNuI?}T=~BS5Y4>V8kHkh0V`RKQ-%-hOCWLat7Bdnm<0V``|) z4KTOh#3ZIWF1_h&!AG)x7_Heq1&*3t*6z|ghu}~91h&1b2;FY~F#WyZ8h)QM-2hp} zDRi384~Fe!jwlR8)1eH5jIYOyE8PuLtGYqy8rs;+pv>}5uxte#b*^t!09QHnPL0BF z5*Mm5)K3R7P}X{md#Df+>rK988!O|YcklOe+=On+V*h={vU}U>-NI!5(ZMEqI_G#G zbb6dK_nXVVe*Jokhq*LmAXYSxPt>k!ZY(lAnM#5Yx-K6A<3rpYhLI+5SO6ZPrBISk$dMF8OJ_(8MinUg7)B%|*baPdeN&pn~xgXs1k zEj%J+t0f*hYQZD1smA*cv4ILYzH&Nw!*h*r&&qbcv~gcZ?r8CV)3AJCt_9Mv-aFQVu!h>ZrPH%Ex|9bitot?P zn92REz;fr5D*bHe_#K}iE@@`n4O?@1ydqh-(%xsap3E4{FzU{q2Wo7TZ ze&<`Cp6B^J-|zP?uh;Fq-|uUl*Lj`iaU5r21efP3UP5`+$VA~;<0{6gHy-<2i#kEQ zo?hES9riJC!_)KQJLz{e`n=wjS`0Y$b9K2ZwrNnaTlD8Iu8EUY9k-ZtEUm4T-WzG` z;P8y!IM>}>ZVr=I>I?MfP?(u*#@TJyv&(cm}n{Xa# zN%A1LDj>wl(S?G1kN_p`)+;~w>u$8g&C1RZo~RbA7a62CtF*3wv7lFXn85SJ{vfa4 z8hdIdB*6AEdNI`TXVC1qhP0mK_-oBgN3v2k2X>BlTm&>KLzgFQ^ix93JEo5ImxK&R zh04-rr>SgAwjIX4zFJ#jFHmRipIaPVU1YT2KkBy|!(96C#WEa%f-%YQ^EbX8b%8aI zELmzD1{*qr5vCsp;sc}sW*zKJ%k!Yh9GN_x$~h0g(ansh zx019Z`vD}cFrTK({4lUNr-l)iY&j^B;!hY2o1br^(`fMD0YRAAa=xKpnVe+zty80nIU_xYZixK+WAd34+mA20p!%K)#bGoe!O__^WMP?BHCXD z^B4EyZ;ARtzfi7Sx4@LHejmp55=Xn3SMT8?fl3^7zWE|#e-Evig%h#mpM8Jgz})au2q}yt6hp^C7fwZ{Q{I86>TQGuB{TgOAS8oi1&6l@sVwL++IO zv8WVbHGxbnQh!7YV7K4MjcS$t+7J(VbwX~VY~mhBEudqrsWT6cnXx{)cobi~dE4{* z>KVDc4kqAEDQ&*}9b?SzTRbP?*Tbo4SXJ!ebbb0fn+To9)vS?%^9V*WM0n{UdskAZh_yK zWiM!AhZghJEKE4nv86+$$As5AVz&`TKA^Y9l;})|2$zeZTUw^##&;^GEVp&Ev=|&5 zHci|)ol-*RmDZJPx)X)m93`6Mc8++TNO+zc)Sfgp8>BSQOlNbHj5Z(zs_?VL>~yh> znz&ZFe^*T2>j-6b^@*eodmg6{x zsy2t0t{uhbZq79L6Oe3bR69C{h-)}H6y zOX`ZxKepE&potrn6I$O-r9BS$>Uqhb(j>wl>3tai*|l4nid_3f#&Sstj<-z&lbgI6 zON65A%U?J38;n&~O-^i&+l+So*a*0G`C$Ds5kB;QB!WQLox;@{Jcd)NvzmW!2`FQG zT`Z%XBDC5<#l`~g42a=5EOZqN!MR;B z-}GAuTH^MSQoaXk%KOJG0>;7tTr~)2tgNJ3_`F!G)v-68{NYaQ4-$wCNm^DSZsN_8?(qs-r0~~= zmN(!wK0O5YbKhi9?Gcty-G^C3-?0;r;4`Mll;2bTmmvbc$M|kL` zlR%?H*^x$RPepi%41 zhRT)T96A&bP2eH78uA(wYLW<{)HHphQCcUB8u1PHF#{#Heh>rXl!6@;x;M5VE5Fqk zsftW;!pUiv5b~%oy#PW8kn}0`hL14F>V22aq5r{nC4(y(lbpLtk6yV6OUgo%+@BQT zeC%BQB!v0AcqHXS+voR*i#6{R!F`t+9`PSYseHoc$qQ^OZxApvuHo6oesi zWYQO{gpVAu{M;sBTZ5DtlFqw|xPZl1o7g6Lr6E!Q8MHTlQffcD<^P3%dK`M<^mhJ4 z%kzS7W}%GlpArq7C~*CB<1#R|Uw=e^C+|)cXq>}WZcQB+?n>q7&rBgP+@H@VaQ?)sJz-WOOnZ9{m+HQ(LfSxp@ z;!&mSp1Yh?A)?6PeG=poi>YJ4F+91gyz#gKkRrHAjpCrqNh_Z9iFZ3b31=6@Hc4P- zB6CmZGg7;0h6T$HVDhm1rkAlXhhXMP6bzE2;BSN4w6?FUMW4Bu_L0l1X}%*VOTnk; z2fkqr8<|9Ts{#IJ(!eTH*ZlsXrN{9APaJ1T8R_@rkrXR<=CF|fOv6U?ibrx zBM}250rvoExY0pqA6&L6@AG1n{BWnbH2P}JNTGCr`*)j5d&ryb!XAJldhe8pZ6eGyvPu3V5ms7PO(-LHT%M_w zqx8alb*)#~k98@sIB;oC<3y0T3!Esjh}HwJJSKTz=dr#x))QDpRD^$B58&YCXywn7 zjn0y%HmN*%;8|c-X*piJ?_#FCsWM}weR#9{v0(p`6XR8iJfwA;7?Ln>^Gj_Mev2R~ z3tB-tqOngeI!edO-tVoNGPBSOr?7z*OSw+dlJd=8sfyf-^pYOM#K^3{wu>`>C^Is4 z4`J+BRpOv1CEW5EI2ribZ?Zal?3Er3EV+Msn7XatX=h~j;je%y%aO6CqH|=PU%QSH zD5s{RI|Krm3Nj^)_x~W1>M4M0$0E%7sr@Gx-hYZNUZ@pk=t=%wJagYnd-s@1oY7Ud z!t8K6tzxaHoo`M0Y~aPnG>;-R)P~K2u0ny}ePg7Tr+mI5>yg`wpQsrKckyp7@87!% z%d(c+ik&u|kr9gL}?|LVqE2DimoExHi4u^ z$;qIL+WvV4?f-ZNA=<0Del@VVGGTu}@y=0?Syy~6v(}r*Dd{0ewKS^`0>tv4Bp1)2 z52(c;oBrIE&wPR89Q@ruFBr+oZMYX}3YBr&D0IlRR+1TK=mBCpVEKmuw4Df`XK*48 zewJ+d57bZcLYnn;D-)^+o==;aLP@#LpK0|yoL8HF8`&S1XON_2J#<)oGk-6;1Z6j0 z%ENLZXxM#Xbq|>Sy8-cL^6isGx-R#POmZ(aiIi*CJq`ZIzu<(`(o#)zqX_AIC?p|d z%mRyFGz_G7*NiAB%V^Jz~zN&AmB3))Jozd7!ya35+Z z-n0zvY2z7NN_&B4gq}q8ds+pyNf zJ7qYo&`azsZ8Qc|Sp+942fuG_l( zMH#Zm?N1J!N&~-ThESj-wLbHK^d&56!Z#pxp=hdkTzFGWIE?ruJa{5I;DgaNX4C$q zKSxmY#A3;iJcKeWhCiA;5y`n@+L_#*UVIJ>teUlwq+{)1DuJ+-p=rxTlrZdIZ%X7< z#gt9NR`(DfbWJReK>&OdAb-Xx%1T~U$f%dT$;Obi|xBuTb2vo@8bB`OFj=(Obx3|)K)UUt2M4=dIb1It_*r22uQL$xmi zn9I_|>YPV4gIy>!eKDVnxglBCh?Qaq7F|mNBoel;cf<7$OYuyvJ*Sw)=<~cp-X+s~ zIYHO`-ANe;CBJri0EgK6MwErykFCXi28p2G?pbOJl-YI!X!BCn&(E=KJA}5SKn|wI zwFn_d{zwy5_g&jMY%)CD@-6llzX7Sy?XZ=gGIl`ukVtGq<24dQrF_BE+fU~Kkv{NL znPf!}zvT_P#xTarg$R|2Je8cZXS*{!{zjYbwq3v7s0x^KLbYwX8Wh!Ua4b@NAAAhd zu@vi4PImV2`+=8GZ}`Usr&8m&p+(pgddEjPWAQbfqqi$2f(1W-4xBZ93?DMpx!7MW zMLgmwMYph*p`u15i}{{eNJ4_B4?A`8JMrPDd6*+nCs^xT*{kF)tzl+H*~0dnZQ-d{ z=0+NM7c(je1Pd}{dJDGv56#ZzS(kHG{FtxJWgPK!`Tt30i{8~nEdfc}+EDc^$^8e$ z>_~aRCiBA1@~GFiM>io8;u%56$^&j3KdHdOtCUAH#` zH0ujqpG3x+W#C!6UC{&0N7=Ehr`(74(xsb9iWkCpM|Z$a+G>i?{eyh`cvIYwhgIuy zm2n)bbkDiGerm#`^DQmWDL?t8SKsZ{=3faYh&_4cQ)Z&5>_lw^N(T?l?yEi$``M-ISUjkZ!kdsCh`wLM- zA7!4`Mu1Uw;%BWqU)H9Dt0pbqNCL3Ccs;KCsD!oapm-TS5d4U1kq1v{Ky7m60dm}m z(%r$-$3a`LpKk`#qM6>sO}>S*!nQtJ6NcV6x4=9JDm;mkf-!7RbNqvp`eOy)H(Z<} zS128+9`dVj)E>u-a8BDrm1bi3Hp4|JK8J2U08S99+U^Vg5#`4bm-jq~EG^!aa;VHQ zUp;gy5Y#)P7GZYd(itC7PH=0qHwO73BLc2rH2fBr4@d(OM9H78+32}GBBT*KTne-& zA>7&jqjVily2ARK#^*bjIKUa-l|oD%doFcETx{$IprS%XDGk>1&p6hT1Oa5x<;5x> zTmcxU57pJ*_ZGITM=KwQiTO;<%uv$bm*-27!RI!F*CUMQPjFjs>`;u3QkGY(%T3nS z>0n zS6%?-S&F{prg|bN8St^R^nsmSNon!Zjo%6syynXOd4&Qe54(!Vk(XC&vTZ$2n9|>` z%Fc=ejrVFa71~=`c%HE3vQjEApP>N3dfR4PwEcIuu~wO6NlOFAj?{=W3{o{yANKk> zACJB^L1#bbj0!?9{+&9aFvQjsoUGR((i_GxW=cg?|5-rr40+j!xPG*$E3^5m+QFWq$95}6M2Vfq z&rpO-jJ5*zPUVV_nWc4GDTU;I^hGjs%|Oz!sTSW|(X$w&-hHo&Dr+>c4K~*}H(P3_ zhChttM`rYB71(_GO+_J6om5?1+`adGYG*tH4~-}*mO@}~h2Q(eC%9%giofN%3uiN- zk%pk!n??S|BRMUQ%+M>!LI1q?SXH0c86;Y5e`Jc#lJR8P#C&(${aV<0BLoL$Fy|W^ z(TKiA-jxxXN8g){i}Cc_ZfL0!o}?}5@9NFHjl90C zk-S9}!=Aggpk`#1qxx2oV2(p;OBv<&_He4Sk5)aWo#oCaWO^xdQBN`$3;bFmc z=dqy&Ryb(6h`~lIxayx%c@pFUYvi>4c3#h*$y)>85}VV>3|O`o2OU;E9W1@swzK>; zwB)1>MF+?SM}`_LUwBLWVJ@cMiKc4#z0q$`8sf2U|4hNh-s9Xr)(OP$p3ki^g1+g> z#k17l3zva>+Xk8U`$>qow!aEVXh66Nb`B!(S_|vVcjBnt#0Ho})ww@Q0~p7O{X>ry z=_wz9o)fO(%0oK7i*e+kR?z@29cCG#EbJL|rPe#Uuey+!HcAD`kHu<|Jd1m9kKEFV zKl&GI8AL+IM#}VbH56uN4+;`)NVL-m4)zF}QXy`?;pK=4yXU5UZPAJB6OtQtrLu61_gTRDj(;MY$Y5@5RwC?H0f0+;cFsE!FZ8Ng*{dpxqW}L; zpmYy-Hl2bAQnOQ!!Tv=Wbm9~cyjnPdLR=m2|&8mo7t zP|ap&c_%fsS5j1#lK&l)@sPjM=q-u~cewy;%p-8Z5BW1B|DyV@cmv+!e~}-zs&Zlv z69&8wY{Ph=Pvt>WgOng+(y9KV9B(|_SJHx)=4XI-)jvfH7#h)Z#8MD)n%)tG$_ZjI z2$u82A#?*`oEm89i`uU;*S}&`5hjFY zT*~Wl^e2(riWcB$vJezL<1Y#!vMHHwgTmahLX4#&q57CFL=`i=c58QdkuV1RhTAG!PvAdNLyYG18gRi zL?@)IId40?)4uae{jou^0ai5+NsGJ=HDTKn-OHEbn7Ft)R&#+&N?P3ay0C|9bM+BI59;)s;7L3KEd zCG`jo5@P&U;1M4X7`8-%dMXSdwbc^f_q5au$hN&_as-`|>p;dO@n_>c%LTpBo$D^^ z0*piu@O=PFe9H%Pg>3$N z;LTla0sWzv8G>jyBmK?HTY;ogOaw4DP!xWJ$k8ZH85hR@<{>>&x(48B2pJXh!!)YGuG8rNaO}6@xkd=gR^SdMRk>~@kJ&awhTB>N9|9Z@ z3%>7{{8Hw#5}X$q)iV8w#5OT{!|W{CDP0F?!AsVGc3I$>9#!@>zA1-7JnXJVq@s z>x<)jc+1O-aXOvc^66*N!Z(zBOHmw*(#3|Tt>bEj5OSSyH;0x8r?K5JJNFB@G3D-w zJ~2sSF%{e%%HxG{FP;I+P!a~f8B4mP5e)5{t4t)%v;dg)C+zQuqukfu(h-$kT6vi# zGvNDmJ3rddZt#o!pzuq4C~45oJs=uyCBzdp0JNU*TI7>>fUDrei*T)tHmPYI59Ud~ zbzj)K`U8p4JOhmH&w41z^=B@z{=JmjLvtGsJ9X?DZn`51&caa6W&*gVFA%M@%CH-c z>tJE+z`d|d^) zkripA3rT{`+l+zkn{ujQZQ0jL#6TwmfacHARP5kNHr*Q*^9g}-8p+2(D0u+8JyD2d z{CLqqwMsx>agyDsFl^yAH^G(1nSd(vzZ7Lw0pe?pZ^Ha#fSCD2^M1^EOyhGm6NFeq zJ`shD%uF^%FTXSB$BF?`kTVpz2}TzBA2Jv>whi>dc>)ng39S(|=+SW5amvZ{w;h>j zj<#lDG%0w9hjULF1{T4>r9;9+Zahfn3No-)UKq#1m?sy_#@{)pnjXnJhoWbvX}B-S zfIvRk&WLv@!s11^NrW(}_J8zPGU{U*OV%33`3o3lrpltv+QbnMAtArF&=HEFA|*fQ zJuw@flI$bkQo8C|0@rX1_m;S=r>@)Xmpng1n{Q^+7$q=iH>zq|Io;q+vgQ8~hJl4h z9Ixdg5zc$jh8X7EZIRqE3EfV5HDRxoT%z{p^e`22FcrVS&qzrH%g~g4otXnVZi*;A zh)!b9b=*XG5rr{$QJn%QfB5Dnj)!jPaBY``GxV7(OqxZ+O~BMq;Ko~qJDV0UHP94_tBjv~6fjTAUYCle7_1qu!V zN=PB`{kybMHwc$~CA+0EKzF=++^;Ue$Y>VP63$7mG>T+uPzL)aPF15d8~t_v>BNuv8bu z>lQ$Yhx6-}n=4@e>|!dQkzgQ@$x{iO#4o)?r?Pt1##{O|csSUXSZPg|1Ta-hUgP{m z83x}Wrrr;KBbcWh;Xvs`FQ-a!lJe9_E3%{V><87I{JQP^mNa#1^PcBF@ zrB&tvh8~t?z~tSE<1?yZ9zGe6VKyb+*-aW~d6ixH;fjtR8T$0W_N&x07?2um_4&u4 zJ%dmdvq=TRFy_6FQS_AO_+uV)IbW$X9LS|p&-;`pqicFjqEe0){d6Qd1HJ7 zUI8K1GCp;POFRXBw;56OjWX|G{vpoG+EOE4bS8A!RRDG!;D%4W@Z443S8Jt^cks7jm z$;mRG5e_Cx?oIRO5F_vdcMR)*P#dh9Og;xKt>@M>{A@M8 zE0;OrQ8NuOBo!o+n`LhBz-x`I7hZ^7M0)7t@(P^WudLkHO(3=Pw%*Be{q<)2nz&ON zL02XP8|D$1x5JY3j8OP1u6o@+P*fB%;8A>-WHcD(?OD|;v=y9C!4i~0o!*0}+xnT{lp5D=@=hO6*& zCd^_PVn%GX+ieF_NQQ@BBq1soVWPNA*aG| z9(uATqxxQc{B32|CBgof4oOsK5I z&G2iD5dQAE59egYWFw@{euQ}Aq8{Z9Pn(+r8k0onV5b$y!vYdV;%5lv565Be9_WGG zJ<$Wfxu+vKYJK>7jXi>b9sg3ZIom$%y=Y`iS>51xtrd>Sk5cE*}5jVGgnpiZl^*FhR^pkO8GmW zC#vQjSm5|+)Ki3=-DHc@DxhNws7QoD10>kJBY8=BgHVs?K?;0KcxsInq z!ZDd+dz~B$lVs3otJ#AJr>V-5E00wLy`F47hQI7iOr((vmJU+DdqB5*St z4L)5fV>tY>)^>OD^FKU^PPv-Mr7ump$0VC#@{USLWkJvuN)YZPYZl zon$okOP+ngS^&Dlz%Gk+$>Wa-mz;mS;IK_jL6beNol2Mr&e>UV)+?O-s)9ipoZzKA zfx_ew8&dJS%yUu)jyDF<)_4m-?uwqr-CF&G4SP{7vUZXgwLDt>a`hBJkYr(>X-_CQ z8uTh){yJy-8-2L~<9MLERM9EDE82z3u{r$FwZx?p@LW&8DsU z^6jcghi_o^D77@1{YCHk2nDcBorl`&GyJ(WY89^{4O2rd3F7BG{-c`Kn;^_F!v!^| zSUM(yE~uA7X{2p4iMi=Mv(&x4UdmCBf)cHYr@GqQQSP}K6CKS`QBk3)uKIq6unWt` zDc6h%6Bakl#h9yCeh>|Mtb90Fjhv30{CS9;YLwP^z;}2`flP*tE=QyNTl>+5Oa0fegRWopsqz?F@QaRx)MMgDG@xKj!i zq2$IgbKp!+x2Zk;H#`hC-ioZO2kr3!3{An*;hu;4T4eI>VEPepPg6_tukf zVQN7~OAVdi@@yy>J57DMwV4T)mUQS%U+-y%0>p>1sMT7%u{AulE`AxB>+;h>M_bUA|*+=f#a9N27ZY#(ahivh{v{{8!k^74;g80}xOoJl^1){F`joBfym zpA8sNmtJq{;-`GXY?e20H~|qbcG({&s@y= z_$*i_&TL2QM&l3Ys|V53LC-{2?2#&6SpP&D+rVRqg95D2>&v!-QDCPzUapF}q8)f} zPzoY!5QGuIe1{atK~(gBM0?jW?f4J}>sUZ}boWfgmYlV0r&ba2AVkr9UxsEt)@8E$kc$gH&wY`W!lz z?B!3yucm=hLP#_X^;eC=(jU&KN0-O6@)K|O2EDq0rv~mY$kZUR)OJUo-2>R>vL~8Xp$=WJfT#u>?@An?3ugBaj4rz^RU5yQ< z7(o`rETqrrUK3%i$0W={`oo+)^2@rFaE`@ z$rtzABMvR*@!fK-NVA@FjXMBI3=UfAJLP5#I=|9UNx5k)ygO?uc;hv+exY2Y5rPHY;4;6{sOIXIhwuU@#Y!feF}|Y z!&igHRDx0W@yO7==RH?b=!JJD!`A?$_(_d$^%&pj&0_ zf!@E}^aDRWYh$X952dY~v~_DS*>WHngbwe28GxD|?z{$HFT)@rnj?4VBp&y)i?4mJ z)af6WqwQ1UOu8pEP4_^yJ}~(pdcdh!%PmCnv=q}$HtBE4#G%Jl1&NPTJFezvl^1O6 z7GVf7Hu~S?QvGp&k4E$I5#`jCG^mCwjcVO3tV!S@8aBww&aPxV$nMSdM%xEzdR)OX%6mqXHE>f$I2e8qprz{m za$}(x2Ru6UM7;s`s?DIT!^z@TzE^mhm}6^@5&_`o^knpxRW4R~g>XJN>-w=c-DrP* z`cc#YVZ~ZWn#EKwdy}-*zA;zl_vbZpuFFDBTI@NxUI&C|bKxS4tGdl^$RZNn@2&i7 z$a`*Q7qxv$D19Ng1OuKYxap(X$)@L zsI=g&Vu`)l&_Z&R*RiLC`>Hjss@Rg&_>tspCp7f%Q1m>!m;icx?7H{_aPhToG-BwdxkkT7sfpi|-52bsjTSQ1-ignN!N%{p(ovQuVhX8p-OBQiGAe zn#jt$kwYb@8l#qU&+gSGYNLP4ey*kLue^aT%*`3n@GNpB*cH)1vn+NjP{CZ;$0Igq zL~KadWRSihZ{|$`)ZjCT>09jg(%dbh%F8XiTSA+pEG}vJquO%md!V(3;~6HwcU!YP zTKVz(1uAs1A1|ASe56#JOg-BDU1VV8uPAs+Hi7%T)c^?{pz1(SZ>FHi)Jf4=n*-V{%+!vz?E$4pLdRgS)FVC;nXF=nQZ;)NI9qo zR9zoyMoohK#rY?5F@PgCu=?{n~GSHi4p3ls6^UN~1N2&7H04j7M>ow-ru7 z!51x`u@JI$BUkrAy=ic>T0#2I=MvAo@^IfM9&kR9MAgon?HMB!Ft*FJ)5-PJRc$E z%_p2QbLBNUPz-1cv`0!4+E*Xj#Qk1uU$u64)YlI6cucJB+psD8 za>m|Qw-M*!a^0q}BkKL)Qe|;3Eq$SI*W!@B%8PeT)Yza>`ZLV=a@tTb{)M7xUJFaF zn1+YN&v>`o?m{t`(%9TF?Sxq;mJsS*@%$u#yS+T^Y}ax+7Y11R`UH3rmA@1mwpy}{ z+*V^8*+VA{&Zzcyte4m&8Z-sH6**W9Acc5RHKdUejUj&$TmBPE%(fUl_h zP7YspksTDt2p$)ZGS#I{z*AWr8&yaX9y&Fx`s@qtZA2->1APXmU zEQuCW+zjOX4onDb?{q0yXvlS30{UhXxVg)|S;eVp5xWl^<6Io}%4bpx|O1;r-p0qn2Y*tmKj2|0el+KhM{qrLDz5u9^+S9Fvf6>PM(n#ltB%HZg&o z@&FS}rL7)dMdwOVlizQKqn)0Mu7UsVXE0(cmyqeHk#o3rkK z`zkA|REDJ`B_v{Pae&~kiFi(+#9^9WAL}$0t;V-l%IrMr=fiD>&yJc_6?_*{K^#${ zBb&(Y@=}I+NRq~7T6SJATE&!bj%2yYal#|RDtkONSJl-3kQ5aHNsr!m2&gPLVdNx@ z+pf3Sws7#DxH8W?JtC+(d-Hnd)*Ax6I@z?D+^lbH?MJILEBRdA3jeJ!R8~vFru#`Q zqb$o^NLg!K%xYxRV_Qs!ekD zH|JUA1QYtWB%g>3VHs6TqrbW2eihtO8J`nyb%+zBErBz@xG#JN>x2xJXwAR{XMr6H zVVJbUc3}0nQ%iWCh$Cpd^h+`eT+kcqD7^9L+*(aEVOvbuH&1Y2Phna?plyT?3Xc!N zC87Mm*E2YuI9K*Y_NV&VmNgc2h0O|OX!`~>g-wYtn4o6W(Jb6mm?sPv2L~}y#JPVb9u;Do7yw!@RI~+5aHrY zt^LVTj{RK1f_FF7(~H6uXg%+_*)p)^EDNia>vqI(-%~y%x2@!r{^022n$o>xo`D?K(s$RqG1tSL*KM}B#e4?c zOKJCQXCg^3T}B)leT^XyBTDxHY)qp=v=^C^9e}$J9b*Pw(-v}V0FQPG|K}h92B_J_OkiNxVC#-l zK2p`gL8-}6Tv3wPSS=IRl&q)!VJv?JAv%fDQNb^s_P$auhpbnBwJ1JUFJ^(Y%OhPc zi#pzboOHrSRD)Z9t1!N>JA84aFNhckzYW2#m5>^GVcqjfZq@hp=7-pb`{u{@+-BtT zLzHG9B7OoWfH_M6Fxo#QL9mR@%bRhpVY2ftNAiz(j@!~PN*+DMxd;v*)F?q7`v+~4 zf#)!}^cM@D)B_7KT_s`{ivt$mfDA1&Nx&AatJDVV-wPq6VT++@%~6T3ssNzms1#n7 z!nuM@uPL5RfFOiL#`)-T;%*WNe!FMkD3Yr?bzbB^eCVS~$-&A`S}72}-y>igO8v)w zH~i&yZtaJ!o_*<}^5u0~>#U6qJ|r*)K~-84*Be0ZvUK)|NwmS_vKeN#;PRVq0rd+s}dNe;Jy01Oh?F#X_(q6~Hy1opzEIQ*GgL zdvd@_5%p?6+yC3jG05mIG2kDkjY`g}`QzU=g7EU$%T zupb4F@kc+4{r;s6k1Za^=Z2|D25Ocb^`+L8S+By;XyFnw5HC=oHA+ZRHJo?3D9LQB z&a1A^xLWJmV*5hhv;8D84sGWyyoO(GZDU+xTl7K;6nvO(VUQ&OP*4vrd4xno%pSDFK{mCd!v9#$)b=!{mL9v{s&E`iVPrZDbj7 zi1iYdc^x}>jjU1GFN`w*i8rO5hO)ZP@=1erwP&B>*7&$v$0$e6_jV7b#bKj7(GpdKuo%5KwYq@+>}fA<4THFg@Kxn!RacYCc~Vmq{G&XsidP_J7{w|aFY_0K@3B52PhXsA@G{fjdQn9c8TcJ$?v|+4JaEU#!3nu*p%i z>D$1`pPi< zjWGp~*>WPRO=o^M|LpgacBnRqS1D9wNA+_JT;ej{3@TdB8)zS?HyGE<+uEGS8_1@e zDd`gT$A8scM+Fsv{*Y3mvv$F{Zgs>aeqmZ^rCdh$3qgF}Z}MqhaF-{XaPWc=3>Be} z18^Vc+9L%nA^M&n zGd1UbXMg^LJSiFrzq$E&kjlpy0xckoqKS7fwMo6!KbG3BH|D;pPSIV3e+BCc zZ&#Us5Y4X0DbT6)X$I$k!3*cq-|9Hm??dRHs%)B+TEIRE55tJi@rWACU$tU#|S^7!q~DyS@h?=1#8sI zU$^Q2?%hg;ohy=zJ7LOQfSS~Bj$piHzKb|L4H?ZtBY7{j&ezw4_(jt&X~ zyuYAcW*%ob;`IIU`r>+Hi+7^VU0%;KfuaC>=59h@*Z)zH?Vq0z!%u+fhD1EzCn)d4 zJK#J$-j5;w(1IzgH^M9kcNmbPr#q~4a;!KTD=v!gkpJq@CczAel+L!O z!)HZlMo-RR9WD1cO^$A}=O&FgY+}uhya{dn{3IWm^Zic|9y-L?F*yCVywp8YEF9E( zP!M&149CJhdZhG7CMQ!JUqufdTU)AcxP*IPHZ@YbUVkp9D@0pJVb7lZS@~&AaZ#ig zmH&NxDR5%Eo1iTrK4!v~VfmQ$3e1(*`%hLC#4y&h1g6S;IbeVl7%cTZh8YI+2P7}; zZqfZfvYy!YVmmc|pwz~qbk4@9g)LV&hHcC}lUQ5hx{Ah2me`54F&~O+kokiN|F85hUKX^7Vr?3*h>HaE(FQr3oWo3tPHDObT zI38Y{?N4LS@;nh*BVV*;fQ)jae9 zm6E4<%8|C?{cmmG<6IdbD@WHdw3Ta#JZ(^(9j@ryzR^jKi4cuNa?vF%(Jg+f6M1!m z)kcBZPK%`+B2ZK-<6!NrfrPQM|N{msp z9{ZEd_g}Qe3iRy7@N6`mnKBfyqro;8B+Xo|o*4egAl8JHm>Wr1^%Go{QQILZ z8db-AU(6IWzu)LdA3Tp?0At*irlLPoJF1y?B6el5@YTO`^iTd8!WW zUVD}<2I7TBrI4EV%VhrtXm;PTK18VQ0U=F68I^F6X{`P1*N3)~=W$P6fRWJ>@m=t< z6%GMXrRq<&shk3|EdN+@3F^QNGV#N(_Dio~pFURtarxH1z_Gyu`rYur4C$FG0Bmu( zczwbiy5FV=RI$@%@J(H^qSw>3fDC9|B?saIT7Z>--Yi7lJS2zF;j65ckX;(+unH3= zg(E7d@|l0c#c4`j5oTX+GT3m&eFT(z>RiKYoSadl?5fQNyX#tcr${1dZta;uosZ{W zM$R%ls*`}l@`f$rZMcA!?!7$5a=*!MJRd&147D^Yiiwy#310o4}SKmtek0 zjdm0rD>9G_tU2^()~RwV9rL4JHrZNllaA($v>vT0uNE5F#6+;{bfF+(BXIhrqZl2K ze_C(6FF`BJ*kQZ98{#5iQFxC&(GXARI2rDw{~1q6Prbz znWrO)Nm0H2VKIu=#Ci+{sHP;%2=>3I8koHNNPX>pvgwWI`S=*UmZoF6ZzM$;PT+N5 z3BfJeO+vZ>F}Y>%HY@3d`Y*_JU#YZ}#v)bofo`oruvcew*ukzAlwA$bE@5d~AX)+R z&BBfAZHRsRn`OXFg5J6F@;v+cMs_Bb%t=KX2ZaP5CufMmWOI4#*8UN?MDE_Vq1Q-t zHNatu32ZRoA7ZuNOf0>-_A2|f1*hI8qo~OeIBP4pF@%uHWu2XLu=Bd#i=Vy9&fa72 zH0Y#;O+CpUJ-4)?B87(!AAZQpltR+Rpd1wz9^RAP;fP>JmQk#x7kxs(F%Z|S4?Qme zyZUL7Xg2w_Lfk2dXw!i(acOC{FpDGzylhg?F`U%#c&d|}l5*F4e(pn7kpfV$ zv=Gg1ETe%6vrc6g)U3!pFI@t2CYRka0vaB}mlu4?+oGzq?-n0L8u;m7ke|mg=}3&^ zF=v@T}|pI=rmqGwDbrIHK^ePiQwFk;htYF_5pK zl*^jI*5ddUNiF72YRY^%k_q1=m3Ndn>Rz;CEcck#^7%;4>MKe&iPR}WI8^iV^HU%9 zl+;W{Uz1g36Rl-&yCVm{8s=Qx_FUBbRz*d(yq--SV~z-jD~3f!n;beNB~$G-V0kOU zg35YWl%R#l#&|q8M6f0%Thqr#Kg6LiEcW9G400cBX?F6Lwb`CFr>DLAH=8R;O!AV3 z9%ZaXT$T)7g1jO1rMkp4Wee+xfUWKXzg7Cj=LUb4>&OLfzLd4H$}4@Xt*&l*Sb&QH zz(Btvq%<%8D~gkk17Jvi3)w`RH;?7&uXAro>lV(~5fds>YHO;t_R zOZlm)SB5Gb4vOl!K9Rg0eWvHoT$7}S(9h8UxwTaGJ<)p7|Kc|_)lS_Wvl>uso;K3W z-|2bj0}K3gVD@ap+#F?IsJ6-oEbB-?uE_XzGln;*Z#Uef>&4v4E;>A8>E@vE!f>;x zBAaUN6}R&Q$Y4%c3Aq1?;96e*@KuyHU*rE)IIT(RpTcR4$dSX5r%IBOBf=2EIet&7 zKbsAo`5~qwIUpJq%k}N%9U_9CuXH#}O>Y}ERGsyRX`cM)VYuYybAmxJWbd?{-+ZB! zvskV*lGFU^E(l0zxoq)+P==+wOX)l9JX}@Di7i1E6EC@!GfuN848n`Ci$be+Sr#vOb=ND*w1B<=W5U9~6$7?)IZ z)~I1Ty~d&BUXGJ)_9!_85hi5fg+p3PPzpJoJ2U%%A_dVTeGZ9o9{^|tg>#f2?I%CO zs=n~l|CiyvimdVf!Ai-Goa>FZ4%HK?QZScGDpC#Yd&o@->k%wpG4bH1_0T(Y)@ppR zA1jvodi>EJ^lL`G2NQq-FZAy&X^bzz@_3}qFm5WV<9lGf%dDU;z><;RK1HYs_*(f> zU_o#`F|G{S#Z5lGUn-qfYMuVb<(2zn?5o6&vZ*-#Rio;^ciNSX>>GWwtu3elz%N|K=NrM^A8TCJ%F{mS z?Jm`Uek~BUrWYvp2zH-!yj#4)Yv7LfP2|{R%YvK;ZfmZStc`|=;jH}$??}`MjKvb^ z6L%l5%BNHL^9@MD`X1Wqh%?X+eVXH@M~t)x25D4u-dNNoLNe056&RYU_k!XrExcPK zVwT|#%2c*WOic#|l|gx#iL1Qkj`N7+Vq^24%5<$H^5yyk>UHcBCQ*Gn5aXjpFZNGU zUv6c+4_?!2dCN;Q{T`fi-uFH4z4yQSx%YGbaz35? z?BCvNt-aRTYp?HGJ9#|V`<9P!*#-hqvjX>x&u4+*>EC@(fCs$yeqaWyVPetfsg*mA<6@(;5aw9Veq6}BVc5}{-2az z{y_%45r)3I3fqx|)4JaCix>6Qmkn4NR}0jVS^XZrim9zNKn8#sJtb`(2m)E?E4+9v z2TRj^cs1(IqTYoKl&Sdwh~MGUy+#MjX-`2`MViqs*5j@`XR3Y zMA9;VD~OEkW&H?picg;O4%57g_$~nzzpboSvB&F`P?OKp<#3f-+!3zItIS+a}NG9ih$UV&QQH)<@`29+iPcl z+1zeCfna=>^0o|bVMhznx$i0Ro3B}dg^F+*;>*c&B<0~ZbtmRyb0A@TMwOAaA~9-g zlIBzkAT)_CsX=jao|&eseIT`roIlbjAuE|paRT(AkkcI`ml?@`9wS{d=Gi}+A3@X= zU7#b{eq}DjTzaG%#={F`LUn!(ndA8ran_~t`r3?ZU*I9dHs$P`<&Q-r%a zaz?x7Ffp2Iu^vMj@z9NA0JR{MDR$qWH$@I09|(EfnmsGJ=_{0fH}IOoje^#wyA~M! zSs}O^07<++-XWm?c*8Zo5ag&l=xeWjP1|S<93L8IvRk`$rkILlU#d{G1aNRG;dDm; z51G{?%HD&N)Tt|GpSSlP6B(2pW6(SkUd&G9hw&8`L8hqMo=t%_wjVcehYH4Zg8g(l zUJEv9+w*DJ-9(#C3m2XBuF*ICXy@A(b6*5B2aVtTp%4jG3RHgghGNX?Gjmeb?x!`I z7GPNiIm)8FQwSa&1@RF;#UM?Dps`4nI{&#KMFbU-A-QT~>p!+DT;52n8PZm*qK%kY zP(G=Eop@AabF!ZgY>@Rg2U1?x_npk!KYt5|FZs~uje-5*|7^mHArb|^G9rj61#cp& zd3Bek>ksI))QPm2Zg;|jNYTpe=xahZ3Ubu%>SBg_AvA@{^kaA`rz(LSGQ%)@U2;xK zs^T;Z*T+XgGIx{Za=mLe`6-O9r6Xd7<$t`zS%3Z@kNMeO-F4?3RsF1fR z^RS>Bg*yBgt>XZSN~)*n64&1tMkvN#5uSQAIRSo^gpX#^!qf@!K{0l~NbC5bbwy6Fb^WcTQj;)Lj7G+GMk6g&Y(+1l?^&M9_?p$d=FK6J{aDFkbdfcva;Oh?x zA%^`fYIH|{MA)eGW@Y$^xH{LdnRGY?qQyK5<_)_iv^HN-hgUR#u`mrmCt^PG9J&s$ zTuHl^LIEBp&m$wgWu%n8ff1~JC|B32GBV0|C$k!r4ztF3TQsb$3--s z@-DC7aP`7_q2dQ|#e+|G2aO@PZaM$y*#0Ky+Ar2R5<=GoXGMuqn(EYnU!*ftWH@Rw z+%Vz^QOGT5b@u~o1Bu6A$vppsw#wf**TQW5+?%%L{P9FtB@v$kF4|b|m2=7xZ${pM zTcf6b{&XQ61jEdUljzYWetrH);tLaOF5uJav;=fBP9~paBO`XChoA0nEiHhBpYD+j9{gM{M zDnPkiGOvTgLyad9{%g^h>4Yn}_HG!TjN7eE#jG5t0{y3(O~hYGT8&#nY|*XgGsS3<*Pg#|F30`ckS zEpaq@udGI|P{l{JyZ8fKj;+1z^%El}NmR%2Y zF$VkuF<4@$)OL9uPoT|I+~@iH)r7V2aRvA6n#5~PJ}nfYbX$`5k>2YFZ3+Mh%z~g( z4_?Rhe}NjkQmW>j<2vE#n#RPq7Q+vE3$JNtf5-1xK{*D-UNuRDBhU!lb@;%380So$ zL>D%kB3gNJ`hYT%h=(qNvKTzf1rRAVWOM^%w*pP#I#95adpB+Tjf(?>%q{j>&fi5) z$%vX*1RyU}o7w$dh=3Q+A9T5t8UC|Uy4IW-H(cn%$e6y+K(oJ?btd?TLC2pne}k@o zu{8NSj0OUCl3S=g$=bO+L~x|Y;q?akteYw*{eUOICxuo)-|>Jx?-*)!yS-c;<-pM% zc;+`2{&h!n_ys5C@Ibb^Gl+r*OZulnoYYJb9QbcpnwEns)1jNX`)M$I#ngR=U7WEI zxFGcSK4{W;H+C0n$Nm0Fb?L@zGG>EUvo)R*22LaYb%QWfdYD-fs+ zknuA)4=+PBIe+%o4)7J-iPX=Z>xp6QQpm|eJfUX^`u$6ZSzhKf#UCos;>OdBBJW-m zU=%d$*z8~1WP5n8ba1UK<$$`q{U&7W#h78}EjOeTEVvz>u-Ohiqfj%jVXxJ#@5TAU zW&`uTIWuPF`l=>zq@R4w#&BCkaWw4ifw?Y1dgsKcULrb-dE-K}%2dZw@$?%R@5D`( z7Kc8NKO;UAP)S5U>;BQNRv0!x>sD28KQ{}6ZH7B1k@pt!DF()L=c|WJY~8@Sd5sig zJuJ|16+FfcUHlsb%y^8SFcO2Ry$K7~txIKN0Q)Ez9VJr+xXx5Z>FRr%mtI^iilHpR zlx9VifrZ>qY_KNv0X7VAYQmxCfd4CLh}q#iAa19g2X7?^}b3 z_boE^$3S>bVY^Le+fax;3Y%?Jxyi9FkCXI7<1}8lK0chQs@S}p;ljru&o)T_~Tf!(CdoU#=4e@5g%hxOTvL>SRJ?u-fhHcyLR_=xq zUvaWI%_npJutoD#;-^0yLzw@ZWMD)*R!n1vHn_?n;F=ukil$kt4=42tY80X{!a`d*$>gM|t&;8##Byw?Eabn|~@9kL0$ll7@6LlZ(iLS{Ma@78oU;>aI6l5Z) zAlTAQzoq3FCv<(n7kbyPvnp5YP<$b{`;!n|QZ{VZ9bNh}O>MV2P?lO~o)p1Aa4$HF zc&Ci{(&8mU+55nuP8_4$b`2(H%rEJ_+5uNUDneBm&h(b zd034|ethWKWcWZ?zuGC?V#u-g<=RjF*X!Ar_Xzi;mI%w2dW&PM@7jW_xRKgG->->r zK%V&9>Jj-G`LexXt_`qzplCrRhIPiTfQNC|Wy*|VC|BrVlu6URL`bO7^<`YiM1K`x zj&;0?JV4`NAIFg=X!<*&;K5_L-@GgUpTLBjH|V90jM$4Xs^Zr% z8~Z*0kwLPndYOi>Z(jjcCYp-#5NcVwNH%Ud@b1Z)DQL5$#TtT6}Wh`~{4COPPZKL?|;7S7ywk;Ses;;I6Rsj-j@tK-kLAjzL-&Jj%x!5EY6Q;)~2>6BITAw#kkgaokfoJ97wRrwntsWFqJK`-{{=u>+Wo6?yk9EzNvpG}uXI+RC~ zHjNQinRMh0v01iB;>SWSDc<6O77laYJlt`U%#!93&xS15VG-;2lOuc|wP=rC-FFL7 zw{b(_v!0W|0r(Iw9rULCA23ui=($BV3kM|+(?5{tP4etXw6iY1{^pt?Q(xgxKmUC_ z)2?f{RXti@vBJymEmGlIV$M=v(~ZdnaypgIhfR;ztUR-meYC!LI3}QbmNSlbo3MiBvTW$b{nsq>Hi*-#9#lsi(P#ypg4M+}Y(v1wctTW*js6DvN4J_L$#x)hcnLl`yG~^;G`1dPx#$lNTgIw#lJFfN=E(zvN{u@tsLEF3Zkx$1USTKk9!!NJmO1=o9J>Ukm~JQS=*Ue-Wi=Ct@-y4Je-2__^`3? z-`dP>zxEHicnPZIvy$lfi=&<-4>+vG7l&7FjmQwpy@uq2&<@2PM~ovu2chtB;yR0o}H18msfUh zs?%=whVrVn#Gj|Adysrj9k%>p?&YffJ{t8+6|Ep0QR;t-MjfZ)kQjbNf`5gTk2j&% zsUMG>1SEwzB>F%|AD@lMUJtH$MHMOqX=BFQ`BMd`)HXoZgIu<)zyck(I zpo?y6iy@>IxP7NjUk{qcs9E3pnU7Ky+Xy;=&b5pXe)7_~v>FO0s1Cgdo3$;w56Qq6 zm<@B8`L10&-Xn$o2M~!4AOqv_7ub!3qjXySqEx+!9^sMhzjHna#g7qRLjj zR~q?Hlra)XfV63O;(i1s z>L)%vAF#>D$dG!D)5H&vhi%j1xQc1HdLd1T>+|D+`H!F zgaoYN8f92B1#r>ga=89HMZ#_^|D_uk)bQPCIKtx~RvVg3MHw!dZ&vOwb!+6~W5cU77|!B+})TLr}k8q_|`2l6(%&UT5 zLN5q@w`-=5KkPyrX|9y?JYBk=b(B0ba1N5-d{q#_VLsv=k*s2=vu3^NW8#ea{~0M#hfp%v1%{4(Cjr*|Pi zzzN@2-vP2{;7WZ%`4{Vd+5+HqI2da-L#VRM2+>J;SJX}rED4>vjQIwBDp)>6^?*4< zQ`>_rM@kamutJ)DPL6q)Nv@^+qcOSEJfEnsBh9ishzNuK`U~}+zR-7UeER#b8K;>~ zEQ(sMw+6oOq#22DplKoln8D=v7U4n*1NGvSr8)u~i5+W!q<0Kkjc|+U=!14U$W$F* z^3spj|H7|314Zu}{KwjcugC$G6C2~9BtP@f6m$I?S26yD8jt7YI19N_OzTZtin(UR zO#%RCH<8nBhs(!b5~J~04BR{&OMJmF8B9`b$`z(PT&O^dlzS;q@7LA{ud$iAh;CzG z+%gcuxXdI3z^;D+RVQipfvOQ+*iayJ>5H|ePKos}*YMtuvq@tZ{SC-US46VXT_5ya z*=ViV$&`=d<=i>ed(`(F@b(D~)BrPva>*F}2x}Pyj}Vl$gnMX&>%BdufH;}+C*Xto zH_DwCS5lPXoX_<2J9Be}14Po+Ih?Ji#A;B$b<*71{%dsLS*{kBu1>;7NQQ6maXtj6 zYVEm2J5Fh^hsRNLZ#jRW)O&9?@Z}WXPsxI|{!AI+j$bqHE_zf+=T|^I(B%?OJ9zXh zb)+ct=V}aRk}F`N+`4ek_sm9&ZZO&6@tEfD^Vd;d=r;mOTcZhG=k(4U$E*|oJ?F?x z<=y5P!LjTrsq9y8NIbeu{9%Bnpc2hCmduIBuIzqIMKo7qnvn^fiK$`1Q9USB+x);x zz*3TlHQk-SQCX}n$99%m^kHfuuRc7_H9D0wC(x8D*vWZ7%_74h|j{Y6x56$%hXm;T=fd@uV?1h&@xv~PJN3K zDRwEZES`9~JswP*a>IVDL$Uf6OJBy_l%&r?ZbC-&Cl4^hxJzRZN=>0&+YuT@&bzuh zbWU+DrLLJeR$UX-TOtptjx<+)0p#RwD_ZBAu>R5o0laYwmerE6-JLC#opDr#ujWd{ z{pDZLCE;`Af_SA?*Fvbp+40m1HZyh-O7pFUD$CM_RxKy;OG`{U67~FI^xb5;FzKo=&9C~n~hk8QtSfz&tba0pMnf#fkseCYKvXYWrP z-tRWl>)K!J7L8zd)1$1Lzcy)eT-{ocIU6~OE9mZS8m4w<7NDSfL=}zx zYCw0&Ey@(xSw7J*H7o9~T1%|ZNz_yy-AMP|jnNR3#r@rDLuM@~_~&!Z`;46!k>ZPY zZaWFGHoWYegJkwgnG<%FI@gr8$SEwTHK)F54!)#yr@HQaIeAkyy-LK>tvPD>SMf_| zLzyu#olrBYytDlqEt)3ORzkI2w%=p5xy6Ijj04dc+{3o-irVf^jN(sWVl;GWSkS|2 zv(?zKxoAhFRAFsqh<~bmNK}JqE7Z%-(*7XLTV;Y;@T#dmuEUxf3v2&}OsTc`Y^%}W zsxAQ)WviKm1gz^rvSul}MiW%rX3Qs=^63qVP1blkzkho#*7YShzEL804Z(yKS-U%H zrwS;#CppZ_WW`ViB-9i&mI!yYjsQAz+8oE3=K7s%)~yYX0&1&o)4G-Y8b*E^ zDaz!O7tdJ6n5FURuLGO9-WzF3k5+Z{m3;@KB8yI0vGq>Knr8!g$c@^)*%{iHv0Sko z@)S~B;Upy~HKyY$2`UkOx?g@T~~9e`1K;;*;oKWB5cK`cYB z_RVpyd9|ikrO@wFLBl$y^-o1a1K~7%Pa75eG=(Wyw7S{qaztx@T}p0vK|{aBi0o>m z#cZ4EsisyRi{XH{>3{<2@^74VzeS!^U*PD9`hF`>C1h>8NH|)eZM!~1@T-$$c6Gf# zn$B>^Lp#ixD&O_D?Fq#8k&E@UlwaXU!X?2SH|>VZe`nf!$>lD=i4z295pw@|#CDP6 z`~&ML@o!kq2@`#EqOem)UmMxDOIsd*j(I%K_I?2j=W=@=4FTGVpIC6uVWwY0xwWLq zMU20Tx6skZ+aBUfzq+GeY_Jk>vsyzbqeLjAbN;hwbW3E)Lm^rz2~E&i&;#Q5dvK%H zXllwv4eLK`e&j5y(~l|l5@^mWG_1ZA$)|6l(2%mypaI2@9ep@kx=&3k~h|YRQmSr!} zYzcolfM0&z*`1X4vr8E{XPzRYPI~~=yytnn_ZlG9h4eYq-dSI0c4<)MMFeYl;pZ2r zok2h>{H#bR6wz+6hBrd5;1{n>W4B^%eKTdoj)8*^;BIQk-|;+$rH6^exFAr&R;O#O zLu2$;9F1vR$6oMdFX%!gn+2tm3F$M!N#;+kPdHO%)==`?3woRDr^?|uJ?as{yGrr> zR*e*Y6!ZkN6Pd`YR-8828&4V^-W!!7+3J2Up_^bJNVag(aA$KRB3Jm2y19OSl04YU z?Qd)HEGM#CtLNX3I&Dl=t!dYIG_Ibp4teLbU~A#odA#Wz6*pSHoou0dvv;()WMlp4 z>Bg0ww$QESV2hpJVJh&@_=}C1u})m~Tatrv=jE1o#(+#I``z&sD$1-pS5o4V1kn2%uS$7t{h|LghJd`_@y~g97-%9^3 zh@_ceRxNl?m@Zvy9{W)>4zXJ?Oi1t&sx~+|tM$zEOu{#vOtl?S zhsLP+v;=Kl&CCuc?PfQ;&GwG>gA+#D4<9md;<2G|Dn}#YVd-fqMOF{WqA>49`;%2~ z-5zukwr(O)!MZ-E1PM(WolT|LQ6>j32R@}B(eTzId;yuIle#zamQ}@FU5R_GR}o?@ zBfFc)d(kY!E~_;1?FpMTJQ%`VZUSVrz=ovW{h^w(CEN>8fn_)F)1? zkBH41Kx?x;18X;gf)3za%qZj56S=_C>OBb$YEH_#+nj}|$>LnMF}yqmQJ7Qg%xcJO?JwMJDoG@G!d%Lj5&p;s4%SZ0 z2-sx0PaQLU5tCsqG~DVB|2cttU>&XwKQbv8kZWK8q)nT0H16U*#fO&7@DD_nAg$QK z%JKyTkPOq(CI2sQ8gl7thgagP`*+TrMJW0TC@QY|G6a(6`2~vaz4^y&36ToG=pdDL zq2UH96){Mt!*YSJ3ZEw+P^WG03kV=rzHcuf`iJ_1Jg8;zV-l($QhD?*$PgkShff&@ z`DuVL&~1Ba66SubW_}N@Q(uwH-rQd;NDLpMq9^G_4$v#`Q=G$obx5*{3mmUiqL??Y z0W21xn2kiD|LP|LYdkcmI40yom|O1u-|+wE@I$*l4_br%Pl&Yl?Pb##?wI4F4LaWW zuFYr5=D(Zkc)houP}~@22yJYbuTb(oMcF-#l36Y6%B|tzu3k?Ovf10|09el?wIOmG zir~U-u66bp885tr_p;Z!z&?DxfvfaI!?ZR2Ih4p~&eAG096ls5orLn?CG`;$>Yxe{xGehx z_HkISOAEAt=*cGbi_mFAYt}R>p^fxRWa0J3Ucd(wfqF34BsoTUm_mmk0_dCUBr&H9 z{v@gY_0(~{XZy49PM&LDQq6_%WlH*`g|}h1 z*<0J&4y6+Hsx+yAzBOnA&+XBUcWNv#8B#ommcIvjwPm1}z*htDMe&jQfG%*Ttk~op z^1m-2+W8o0=M1jJM~Arp|F>&uFu$ixol;d(W1tpr2rDSKq9E0rhjA|kh@jU`dAas^ zO3JjHE5_{GZ`0^!qN;?SI9x z_z|>y`>VJom^el32MHrci2qj$g}KR(x@TvQz%{!0OV|C_Ak6zvEt7Bk8)jE1Wd(hH z-n?OkK0ko#-ZU*v8OYJA&=Af~nI#eW5(|K2-rP5sCQ^Aw0YZ)@c1EO-!2Ollf z#SHv~TwQ2i2;ND?;6D0J6b-m}{^)+NHP^k$ZkG}!5A{J4cY@(kK&hwC`~-ZBq7%*2 zw6iuXvH&^l#rX?A@~QfN3qOK3Mp(*=8{fvTY+)CtYmxk-mV38SU-4Ftt3U=MRoemN z^q^}^Ek!^Cu5pDow5N$mhQvt7b~L!b46YJFeq$Woc_Bv3lb#1W=|L{X%-nt2t06wn zW6MO3{loP`?TGQE;YTt!NKId=thcLmZ~rGi5JMuE9r;993R3TP3CiZ$4UKcFTlFZ8 zC7QFywG}9`g*^H~gbyv2__wbaAEN>9RQO?<79y)~ycXq=$5kY-ms3)+Ut}RJ(-I0Q z{>OgC!qofuu1ISX_KVy)Rh%Y0ypN3rg!3HgWoGiz7{~iFOx3>b&C(dDBzhYwH@qYB*e#!a@C*uiR$h& zD}ciyr2hPx>z-fil>P6%;QeoJ-w9AyJE9=`#uNaXj;(M-`3lSJP?8GMCqwgCtf)xunQqzaR7!g42+>eQee;RtylErg8cB8e19ByRd1GXTUY6<&_#{yXDp}vkQ2PDH`u~~E} z7FykAp3>95;B3Hi`MqyD5B7Nw`)gc;;shWFR9T|?37??m_^=@g^&E*ty~cBj!7Y?@ z>pY%)fyfU0p+6M19}t1*K)+IHX%i*kjr=c@1uT{_`(eTE&CW2)1#1= zY%;rpJFT_AD|MV3kfliIibYZF48pcxai0R@9TED6#BbkbL`WsNsx7JgDo>3dKZ zs_^CPDemmU;$jT|aw>3-E;`f+9|(k&T8=?z{nG=x#WX{l!vOtdculdpH2(+lqy_Rk zPaw2hUs2%LMoiINnmKSa#x!D({LRfy;2=_Q=slQMq$|e020+oFu(sSIf0uTR&p9)-Ico{wV8;R(&~(Y~pXiJpEvWS2eU^aX76VGM>CF0xWZ zi}FZkbl8|UPR4_oaZ|Y-?LtIh>t1r|*sH}YlfHu{ zAF`gm1(k_ZNw}KVdsQ3$B3(B2(<%%DYB!cI410Q{T}!ai3m7YL9Zdy16I-Vd4gNZ$ z{;ocLq4-Z97Rd4SEC7+?J@%gUTzs^|b+Z7}9NU8KIZM)ep{Qdp`N{TPCgfvg-(F}P zegp-WrzO8(-Y3SO**NGK<5UfP{WyqV5I~U#eu>X_-|mw|LKi9)RKz%i-z=0O z31{$W5o#~7z z#YD4Dm1Fo%d;2pSW>=91F)`IKLIJc1~&9v@;eAYwPB-^IS@UG&}LQCOn& zhNnwmNUY@1E_Yyu9(jM&+r0Dm9qducST>l!{BxxZDlKTrMB6|L^({xO9@6R1+ zs2B73F?AjUP)@@#Xp%cpDS(JP(~TDoh$xm^o+IY9>203%?hhOH^UwB@GU+$0N_k(E zw1^>D?um|fZk>m#$Te1M@%u_C z3Yi!)qsAT*mPvkjj;13z1}FMlM%}ri5D~-FfW`1hLStkduXw4s=IWC%-zr%XNG*Ic z)<|^#1Co{oT%y^h zeG9aA_!$WZSxNJ|NL_tMI%MRIi85Yh{}S{OG#8=H=X1FSIKq9Y^p!qAC1NW}Q$-a1 zTDY~hA@)b0zCWRQe7J#VPi44JYN)mh4QJV$y?i{o{SCT( zTq@H21Qdz*3z2_1eYFD zFnnM3*=$B`M{WOl47tSekHJVhdj@eg3c zI-(n!_iEgmKNOVoj&rsZb{CsoH40qQGT+H@@8hX)<#q4TK&j+p=XM<@qC@$htgsg< zD>$r#v!GzWN87JAWm@OXH|mgJ-7I7DvuoKTU~O9AD`mjK#(~67b;B=j5^T44tTlcH z3ltk%jWRaC!6(&3sc_9(#AkiL4zTmXGjvCW(uF;(omLS18De^t75%J5El3E5bX@4y zMH4*uOPK8X=m=)Ubz$EwO6NN2Hr|-Aujwnf+liPN4PeIIp!hs7WX2IoIUi&+3GwaX zJMIH310Q8yUQS;Ljf)(UVCIk{gfWC_(fQ)=_ermi1ZFJ0L|xNL|LFWgoZM3HtD`^b zmm6&8QOOc8=9&NaTks(vJ;o9YG_ulw+JKe*pNSL0s^MxBZ>h9Sur_Ih=uMX3vo=|( zEP;}NL8uWMU$U8!&%)eSW5#Sh9jiMv;TkdPPsIA#Cq=jZ9lyOE?5q4z|Ng!h8S-Wm zvTcV01KC~cPg4^0aG=pG8e!WoX8RtOEhR4LIPZ;(a~KlP5y|yf1#cNV;6k5K6y?tm zbiPW4jU#(8nKj16B}88b7*SHK!Gc2e^$!1{Rs|D{%Y9pW85%D;UFVSS_$G_-M&LlJ z^J+M)7)r(ICbC+eBfbpBFY51D39T=YFl|UH@5ZCh@b&OhEw(c($*etX-xV?2N)Eyf z)Tp66T^u>~jNw>)v1ur~(MeNg)Cdm_sY%a66bE)dL8jO~O^cWpyZaaFKjmJnkx9II z*HHI0W5q?Ba1!N6sEm85i&Qx>^WA;UeVT^UK2(qU`Bkf#-IqDZR#w-uyV2pJ%ncvZ zO;{o^e$jA{qO2fJ3n8M>X%Mw2wS&8#Kk#EqZIJrZoU z$rGLD2du~YAq2oAM3m0N)_8~u@tfXc>U#0|*k`iNHtCD6uH)c)Xv17A|8aTSCX_$X zWwHfvC^|l@oBXBEn)~koQ@-31k;Y6GP8wTkAuiOV8lE0ZLlvV$`P^9X6+Y3rIM&U+ zY`T%)0znM#U~*Z*`S6wBEtOGG-kFRQG&oCVlp~kp%IYjh7bVMrl|}wqT%oa^kf60X zQ&-Ss@t++$PgtUrsjzWE7?W9PWg3%AIg(jT1>L|Kr9;sf`SJ($d@fv$8VkzxnZ#iS zeg&eE$>7^vh!|jDyB@DBpG>zq(=&X1%)&sY_>x#l%0iAuE;4 z1N<@lBNSKUlM?^O0YumlbpKAgi6kaFYBava0vo)E1na`BSd>fK&2nvmUR8<%iZ5MVI^%Kkvo35DyN2{z$Gbjpq(9Mh?15SPEpOgW@i?mw*`X*X?7dRXDBI{`P46@r#RgO)PGRwssY_tES*DGVY_XFr2sz=g%J`0>l$8}+gS zfy}1^?JH$kP5#)CybS=k^ZpP zwSL^(&pu}kXG_$0e196t`#o-qYQeYVUpFRwYvjX=K%?I;Ic4oqmdOH9uVG3_rP|%c zU{DAI&*L44Elq6M_2{C=F^=>kVl}B#O}Y{gQ_kQ_X4TaB=7t7Jp@US3kR3@&k5rSB ze=cw?(IC;|9}S8XP?b?Mt4twc4Fc-Ns$7@;3R*iwq0SXUerI2IgWIIdJ=bE!GF#76 zsI^{aawgdTUOk7=47Z!35yQE6k_lq~9B}46e`MdTwu%dnZzj_0uV)dw8 zSPmp6=B_-U4CbJn7}%J7=;A&aB3o|WMnQe%Nm9I-YCcSfh+o~i>uU5sfEz&{=rIHk z_w7&e;_0>+>QfDu`ds&;dQjk#Io%asf7sHg@lx04z>f<`4Skrw>c0JnFt{XgY^IHx zdQ@qRnZHY``DSt>@c()GsKqH@8fBBUJw~*YN4nF8f}Dpey&?d;=Yl1{tV{&JY!ew4^y6cU3wXzsxjlDfl?(6rMB!+@I+{EzWA1D zq(0>22e8A0j#pZ{Y~V*f7;KJU1V(p6GxSTSLjQ1PYUR{+{$)uSMUS69iCIH|T!~uz z_Y;5u0)G7=$k{3&S?@AhzT3Gf9Mxj*-cUD4B-=n^<1y&GULZmK#Hhn5Fxr$)t<5o0 zYmdZ)wg!F?j2ugSa*@h69F!~*ZSrW3BDjkQ*-;pCW8k~z;h)00v9cH}<}P=dB7tRC1POJO>ag$` z`{FZ#8^Cf!`f>(09F5^`0T{8#t!<-Cr0jQ^3w&MflwFA^nks_uGpv5FLw`1YBXJN2 z|GfT4jP@X1-w?Mq>YslTKEPCM^W*(>Bb#9ywEzhplq@Vpwlgv<1OBS>b7E}kixb=Z ze)e}8+!q?YN;w9{ah=O#G<7>&$E?f?G`2WnKU5BkaeQ4uj4+0geX$VlUPG(!76((= zl)}7@7??G zCU!xEOr@?bc90yuO>jGwSE}gdM|{cSqe!BlMK9k#>KPok{tRs6nU& z@h2{0gj#=O%ef`!w1^O?a0RuFYlM)5jH1^sY?4L=u)LN(mrAriEAd2~KJXFt92#1# z_o{}+4KbdcALe-dCxwJAED-3{oH}k%3Usr&avH;vpV)gg{eiZVuR}*4%{QnIF>;`v zoz@k?rT{KeoHqE=28$WQ=yj{=nZVaxzwK5khZ=kGmk22XtoqtQqbM{2kB| zYr}AZ9oyS^Ch+&~23o0Hng)c^&%}11#U^`UlplB@aIOYV{=*9y<7&SZ5(g5bxd5Zd zxz14@-2!HBRfQ#?{_S4$3?JMYrP)4Ct8zp6le4cGS+3|`#wWTC!ZsT~v?$p}z3(&D zu(bbiejc~0XxG{EOc-bp8W^$lCl&5iz7`-37LuH1?zojIR=KhJ%RYfkOS8$k`+GHp zT}4sgmCiW4$Hu2JreD&bz$Y@RfDJlvB(=x`#VtmDVkkYn#=y6eIQAx2M1g4ouAO^z zG{y)~5`ZX!jks2s@EZ-bB#b>J#Szg9uW|YMezHeLM)6L`6(YKJFE~^?_YxZ=U{2%q zyO=qt)<-_Af6(LBWZYbxr{OcWF0%P&S`zUx`oKK&h3GFbz=4$_S(?D;nTNHzr$vIi zMJgE$u2wHu_EaO^FNE(e|1sIq1s@rg9#P@naEC-~E_u1EaYV)LD9#cal$&{sr|WKA z0NpkZx@DdZwX1sVL9d2KKw19+eaRYpL${TR+V zwgmOJTuqPh@Z*T)n;_DYgpE1K!Y@dZo~Xeu)Dm+n;1|*chW+r1DMK?Nvi-lbb{=Iq7RcX<~T!7IBT{y5v9Di19*v=K=-bzoU?WKI!4jiQ!_$`;L z9djpn#1UU@U~;i?@jVg{QxYT6hrmfRfyKb8{`ThYji`8WC6W9k=00-7AUS}MpN~&U zKLa#9Lz4s5jftcs3_o=b{s!M92lRvz=n2*kFiP=S*JVDy_aC0Bvqjvjku{ud>p|+8 z`)ue>iu`QVZc`FB;Ma7@Oh6gguxJ@2pp5k!5@MhXnXmKEAX%x%iX;;fxwth>hf0=) z#XW!XPcI5?FKUg*>O_ z*7tK$d>pp^r>D;tXh8fXn+hUQplP^zQB>*IVQ$-dKOj0rL`Rf=4+dAIF@~NS;Ik@o z5jqP~{F~O1xSu01kbs)IqaxzZju=MsLKuWC1l8bO_)D7Y1XF^Od zDR}le16wyB66E-xX8q@5Pz7wr?e7GH2gseS5_Tj0{?{{kqVR7^q{`vT@fF{IHgMzQ z>K2NBg96(4`u|{s?=?yoPJQRJ-IELCxG$B|En02!p;taU5FB*hL*JKF8h+M(iRv+I zgJ%a>>un|sS~WBKBEb>QHlnJb{W_rLo0VU@Kh zU2&tYVq)0QXeDhFHck_SJYw!^w`yy`UUCL_!5*NZv8}7B_-VY-${0f_dFiaKx5bTJ zMol{$gt5zvf?^(_#-{lj&QQD9bmTkUaR3OudH zaq!j~6~^$zjQwC~aGYR8v$bk5!=m9P5aaHpXaEtQGXM9{a1%hi!M4uoJr~M>exYb! z@$dUu!p`L$KBv@j-z!4MwyyU5>Z}Ud^lTUq+ypKv%>w)rIc2a6`@58glA-i?!Nfp(Ib#2*!z|%4?0XXD7pERAR8lVpcUYoGuj?`m zZlNoFifjyA8r}H~e$P{|vGYH*U&7a3;8&J7cnW1RnqINId>rb|?Q6DM>fmFtr+-Ga zo=_YAdFE%|Mkae%dXNxP&dVPPc1|%ULx@{~@WnVe5bB%5-n&0`L);Qoj$KHe8#oa; z=74vR0#QM5{|&ue8v;g|I%=5;q5N4F$FG9Fw`Z(1iCU?yvF5~jNeD82)1$j z$*;y0P=hn07UameXG~^Hzp9`Gf(y=DtLtWgcMdo(4>5k3JC45AdtN9B;W+;M{%gF3 z@lMI23ELzvw?}-j!TjT%_kVqO1`x$^^Q?>OkMAxrGF(ef#*TZXH|0s3#90cT?JuWL@e2&B0X#kvFa$ELR#6`M${A$%rE4R2TMsjm5 zMRE9-R@iC+*&mMr*i6A|vLN`3I|;I7|II&18^ zlzj7y%a7o$%b976N!OgDb+5q1iQH1M6*DIYZo=1Piw>BxW0VZJ@KK+2vD(dut#Z*D zhbG^jf@lzf_6j(ABedbic{b25s>4GF*Wc9sVA?nc&2j${O9+4;;|M^Y$2p+w6C3b{ zO-Yj%HeO^f(&w6aw>2CSMA_OALZs;mtkdLWbYV9l5FDjnKp>ROd`*942b6&UJBZVf zZB`OWA<8iUVw{2#6H||18IPWDoQDs6r(c9@tjpGY{!M3O?F2_WkgFUM7#=wxA*tMK zkVqYaOoaC*v7f|@Ei)4a6EG8Ue#%ckToD`r*oQMo`{)$VbgEV33bM?bBWQk(ySq!U z%n2nb?TrSEO&fzi!^CA%HbGF<&PTpL{c^BrBflXs6--9Sai1&p>c!SL8|@3|I!wIe zAm0DtBCPac1J_mf*3W#+n9mS-W<$?oY%Q#jho*Wm39hRZ^e|nc(#TgB@el%CKgRCZ z&bwHLFIV7_z}o3Q{b-EF&Kro`k+fsR~B85&a&h}$H-IDmJ4NJ6zqw_VRJ{Z-xi((x@&dSeMX9Y1mIC)NFz$3iL+@WNap%N)Ny<}S z!#@oyfS~=p-`@^#(%Am zp^AgmaKhL^It}XwUJ)K$S`0=_6zO@0H-m+3iRhHNF>!ua48Nk@Juu(Ih~IK|?w6jd z9s5zZ++krm0;6Y6T2(B;!5)7R6#@DM9-VZO+!%&jOUoDy;0YymR-u3Z6aJlpJ8u8+ zU!xl^c%wyI6>h)8>vL+>b>$$7U;19(?Re@t^(X@K95u}hA==>Yk|uBzn|Uu!Frnz2 zeTPLhB(wTEkY|$C9o|MIAXO_I?1bfIhmXL5kDthb!Slu0oq4vAe`m%$O1CGGM}V17 zl)o$px`l%1?0^rrsn!3^7)GOy{dy09ERMyQhKYuH%cRILmCLs8txH>1uiz`f%26ZQ0n?;jkmmG$l3Z>r(BqRtLMqJwc`f8Ja~!YMLYP3|%Uxk@ zU_>OqKtzC>ccE7eoeP3|3K3+K0(}2vp7vE-aMT~OHNn4RVDD{An*W{;sfu#pi|1pm zKSde#;8q!kFDe-ezI?RZQVY3-QQ6zc!nr!L9xA0D$SDX>s~DKWZ-$SfAFs+Zg-$>AA_Yx7Zj z=n>xmoZX#QW%-`Y_AIEVhB*(y zn9CR7WZz5-f%3Cqfwf8tNz@gq^PyaN<#k`kLjrjYUI2g;uYeTd8ng*$QCY0LEjz3Ne&Cr~Kkte6^KFja zC@h-|?HZ&9RK+KSxDHnfD^;o)eC8|jPa(L7URdN_YYh-y@FtRSoFggKy+ZGQN{B6H z(hg%n#gNOy$&Z%<;9Zj3npqKIcbgEDGS!$J+!Lenyw!tTbuT-NJeztFjd(*iCy;?w zjD)vHVL_}BHiWPP;`Oh>g?A0)WOkd<&Wyq>%KjM_3qr$xxeKInFMg`f4_OmkzZ4?8 z`L?N4hXXy;rh5Y!4Gsm@l0$s<0g-_9lGuA5Jb@jDfyBjcc>aIgw zAor0DM7{o3cM2rxNxy!8IPJA684-bMr;V|5Hg`iSkECK;CRJE*+PMgE-h<#h_=8#_ z3s#<&MRwOmkqE)>;%4TX-c0=Cw#^V?^;Ly6r_m&R>H*s1q~#RD4i!cs_LMBy(FQdh zs()tY6zr^=k;g#%NN_B4W#QTX4>D1m5Ao%rAi&)7 zxQ`hL=C=PiTJh4$Mzgc$_+V(DweDqp#aUO6l>1;~VBz0D3coS4D|Nx&3>9rqQ7t$x zy;jsZbA2{b8NHVS&|h_AT4&Ebg=7R@JJ{uTVp3<1GOUF@Ck?2gG2(an^yjsOSS@r< zX2b8_!5qvt7ii#}TF~YLVn7e<*>olF$W@#J{w1as4-ff;1s7Ujd_7K6F~_67m>bzD z-M@sRkKqF#AwFF@ zO%;TMVC7^)M5;ZzzL{-$qLC;U=t?ahP=R7=nK>5_D8Ba?5Qr{sq4vW%1Sv(P9$Ed) z&U_=WHX1pGBguidK7YRjgX=?!SV|Ays;$%Yp$l+b8JK_{%w?w6|8Ai9AJu*LKiA#= ze~C&;ilP!KTL{^+Maar5GleqqvSsvYOGak4vUkYJEF!xSFPrSW_xwJduaVx@=P&qP zzqoGKbzbLr#^XH3{c(Ss);?O zngsc&!C_73O&o;(a@kF^88<+CF z?_ZW)yss~Tlc}J`L!6yybtL90$W{sk<%nC<*{Im-C!<6EF{#etKI9f z+53jo6x&LZ81-$8X`6H8zbH*QBD*COeHSFSs#7cw4Nl7!-)oFg(F#PO-H#-<(&88o z3niJj42LHD%<=T=WER7I1$`47fjHW*D;NOq(_dzZgHQgsY^iIys#Nm#2D4L{tax7` zMv-IfZG;bYIc)(opSt*-Ccn-Nhw&9%i=Ajzh%&A`gw}b4`Wa28m!&oVy?CaoYbR- zYE?)nMgqzzkyenx?sY5f)9z+;sA(!khN_I<#2b78(bBLEUIv_yEPfAgRom%Or@6(N zkQWQnr+bP}sP_%S7jQdy1lpbZJ$dT@{Eq4_>N><5XFgiirmsx;TR}osZ?>LeGh#sT zp))T11hPVTGM=>=wk2i!0Y88sOfwCIg?%jvq4IN(n5Ys=pJ6W0qC^3c6c#lW4*zx6 zN7TsfEI877??Nl?Pwgt=vwXCsz*Io_f)1;5Kf&4jG|ZvP0uxm1bqd&p{(2y_?GvA+ zdwc=oVe!?9mG(jZ1CKPY+2-9uUNDGLOjbQ#K`A|_f4c|JS4DJlm_4wn&MW(Mj1Ki< zH!TV_t*4I35(rD3(ya97q@t;aQUuI>3L~|(gvURsDgqKJl1Vje4|9f<`>`KZ;KyaTK_w7a)eP`+H>JbmIwEJ&aKjiAo4$%U0os#!ByRaFWy6 zGQQO!q$Vfl2C%CBWpj4g{oT~Z)i2dlbz&OMEe;YCTdY3_Zywa5$ zC}KyRu2*tW`zW!5VXp7FvvHn9xU@UcIs#gYT_Q($lcWfIi^&dB-|84?T0`kb?)G?4zcEj83oM3j+oaC+mw2KM0dc!irTAfs<3LY7PGT{1A-wg{& zbnwd&FdE|M)mp&{e;W<8t*-n#d-`6?7s=uoYf_xh>~`X9K2qq?gXh2{h7)**3mo(n zXzPqeOkoke!IF9kQnIkWf=~Ef5&}xjZ2Pap*#$EWj-&su=nz4TegXS<$eL5v5(KMr z-o_bNbalE}5|JU8n|?2&XfY8nj0wEj!q~R|H-k-K6O`&{GMolMT`FVY5$yD%EuqV< zL<=>1)>x0|!C#UU$9raP8X8QbID6XTUx=v%*a_KqI`0^M*fPu1(k{}0^B2qj?z${b zpwSJxoW2J!%`Ws_aJLRg(7T%XAgtkjjj$LVNho5ZV71UIxy-&HW%6V#6}56GV^wM-gdu(nro^ZRM1XJPxD#?2ug}4>OpYsF22lnu>rH`t3rBU*K{c!_Ux%$zwEy(P z4*pK1Mh}xx2JA&C`mc>pZoDh~+HJOfj{(rO{cAd6-hPJgvpE1;GY zL4fbDyhZph!wC@c5S0TrEnqh7A6m}&CY1Tx1XXPeo&siF6*oV&OFX(zxCC8JdQD0( z*r8dBxqUF2z(TdDj5tZHAS}N4eGUo8ccB?UXc#M5ui_7qzmx=#Px0sT-8u!bkb58S z!$w<|p{L8`RB@l-ubp_BGy@A-#)Q+8Bn1psLBEnG8Oz~XwvtqwoG(D5Q5jaLG~{Sj z-wu{)C-SMgeUePmBK?_|)z=5sUl@VD=OK?p`q;oOvni^_C&RX=-}$s3ok~pSWc1*? zOJM%KjU34J> zQrkdF*Hq=`AKqZggd6b@z}Wt>HG8v(r`+7`r0SFw&&lARuETpF0f|TgBi=JhhS*oL z@s}I|Agvbw)OE#1w#0Dlg!NG3rKGF=*c>z@^uh76Km8Yeq~*f$w$uSyG_Cypj(3hq z3cnK{V1qwAJ(hw;-H;5OXp}CEm6iEl3=8lngnWPu!X*e`F+Ds_px1`j(tW62EBk@T zASISL2KNS%A3{pL%Ekqp3NDTE4`8$-Qu9RU!ZZ3v@nN!->4PGy2y zCRYa3F3Nr-dS6SeYOHYWLQ5i`-~qg|Ps=eRQWRhm=4*kilZO2hZbowtn`FI?^5#pZR@u<(KL;X9R|-$sU{ zQ8TSO9@R6gKFQ=6y2vEFF25VQUs>P~W}hzZl>y((hjE~hH1^y~O4U$R{3Ns`qkiM{ zQw}9k9*7%-InVWbEVX2hbw^h(2Gn()?oWTxKN(TD!PIO`>1HI|V zLl)vu)=2k`Qgj)ps9S5t{QE!cF6NWvV#W#}!w;Z>7MwGUtcFOU!LaVKF~f}iy1rM} zqr+-`ZvC&Tt&{!2zx;+k4H>|HQWUoZ2z09eR(#La&~v|i(xHE5WBfFrnVLWDa(LKII2J% zi`)<=L(WB0{+CEKG^_Sfi@rhZX4}Y-X|?@Du68ki`D}jx68ha{ECxz86HcrhN$pF>~SoH2cBRqxJni(<4kx3#d~BW zmeB!V8BFAfJ&F@=Wl@mp!)~4_Y+m#696eq*cDylEjC;`Zox*(Nv|?0%-rZicAK#Kg z?N!C{LLkJ0lq*6Glt)55m&e{wUS-SE;V0;U))u_dZ`Sz6tr%$M#w$;-a)~|(^W=Y$ zW4;RR<6NWilLeBkQST7zner>v3o5$(g)kUbXFDayPtWiQsva7KQg%eA!eDN(40jgn z-{=Ph)6?kE(d{=xkg0qPCM(6SE5YXuI9JB@cDuD6Tk4SUM8IU z9YO*)VylimSom*IZz+e)%>1mPuj=VpGh{MH@IJ|csk)K2`mh19cy1*350NC$gF9&) z3WGp(aDDNm<#9q^c`5PQJ%2NmjA1FZj zNDuzxDhDS&*zz8E_~SA(aIxq+n|1si*^3I4IFv5{;KL-0{`nfGBjn(q1e@xRYb(Lp zMz$}VrO4cVdbmI8Fh{k!TmKuOp^=y$cqK_ZhG1F|oiB_4^{M4$8@_R=cXJPY<>6^d zfT|YO--gM}0sB+oOeg@h$Zw=bVU|b9>)(#U*}zn_aS<;~A+)TeyTKSxbCBWgXktz4bS9& zN;XR}vmiPGS_mmjQ$A6hl7&ZyD+t@kICa#UBzH1)_X;k^b5RzKK|*at%L@1fmgukt%b zkF*w;xNl6LAyvu}@gr@nDa{q@J%U)h275?takfE~2G;mO%tPO+#P&tYZU|+T{lQxJ z56-O{vWoYz3~_2=0eW08W>*P>zwDQ8zmU3W-c!ttBtGP_I&hn|KLFG(*SB}HS$J3_ zkR@DHk)hxYFkp^i7|AE7DR1#H7v7KmsBrF5{Z|LY9e{vrwk3YR`m$9JU0-o3?<%a%)xB)egdznCB=)a% zb*`k>?^i&zQwHM@yI4pzC5UQQ6VltaNX=V6i$eMh!x6G?Y4k)75IjOlKjM~(ALf?h zQKJff3rqu!%jp<&1?kRqu=FIxip5Qn&dO*iDTrm_z{$r_V<3QIltCHg@b~4Y*t@r7 zqSI5awWDtO@trJ4#Px``s%-?jDQhqZFjg+GW)k%?R=~WWUUPF`RS&~|X~YSfAB~&5 z^EX3C0)6FB?b$)N2@L=vVpzy7qysEro=5ddUMj8P2Qr;MZ~E<99zWJI$1Gf~&A^N8 z^13$oi;qfv*@3tqR6ze@NI^jUd>aTULbIaMtF9oG{F_Gdx)iZ z!Z@}-m)f%toaRsxjnt0g%SF+Qg-~vcRTC1heiGS1pCaI|=oc3;S@a-O1QtV4+DJ7^ zC59_109*Kl7}5VNQHo;wXgk@Gza4iiP*T-T7vZiU0?z`wnDC&soeOA~2;;eMGPqK%hx5c*xs0B*^3x^5&Fe9iTyP($9OS=A?RfWF zyrYXf(B6b&tvXW~6C_Zp*!_VUSzyC0p3PMSEw`vf)2-$20<6kVPCj0rpp0K)p`C64Z-A`dn|+*kFu_69&F!yh+U1W2{$x`M2n9WLg;}Vjou3bJfzGS@&ZEIN?IF5o^dGX`+6#c zgP2n0;2X0>x8ZY#3G0k2tYf)OnG5-dkSFD3T}v` zg>!T3oZ<$zi|w3}M~d;A8ywLW2}2NpHg;0E*Mwo?Pz{{Js)EM`;y-jQ@Y@YU=c6i5 z2-|!IjsaGxMxer>^Nz^jc<=xcB>sGw<9AK5Ys%9RbX7PdF2ofjaFzhdLGv+CP?#ef z8iSz6Yxy(6l{yx#K!VUQ*e`sZ(>DUwVn%^eAjkABjRaT0KNfLYD{OsLC z{9y9U9-CHQgtfgm^v?9P$#BMNVL4QCf1oF>zx&91dUv;$;BZO*_3B6`3!^&S&m~_U zHmo%DeW)%+vAm7KHU2LbdGwysT2A2XZAj=jY&@`j4^?0f@vsB&0R-$arXs(25l-QK zO6$mkq4ZZkC{$x;h!XlV=YvZ_!d{`rkZ3?K$M7sj&Dp0n7%Tm4G%H+~gx@~E)!9KB z98Y}6xC2efM=Unj@EDbO>P80{^C7Q!W=H=CKZ5o#1qsF6#I(l&kS#A>a*up_Wnyqv z8cTZ`wQg8Z^{-~$k6q3GgC0JaI6TvuQrlM_7{*SHKwk|f5*SU~*>>UkwgaIb|7z~f z3wppP{I-aR8-V9p`A}N;0}trLQYzxLF93faPfreipFIgqs9=M{as<7b(SxEz&@3gk zV>9pGGY-2k4dCT<4E$!yiB9`L#HHj*2~c!)lr1rbazP2_hjO#`@CdZZQzj6a9?<{kQm5Fn0>_|$p4d+{Gg*b zl`2@c9rrEM)&f8!I4y7B)Ks@$am1_3|5PQ0#**7ZCAwjos5T(!SYDDG>gJx~_;bq| z2QpieDQqhaV(82|TwGPmU39D#W0At3W3!a_4hp?-R7~s{I{*oF>U$L4DqbGy>3`y z7Qzz0h7(3@MyIHXE4#Zs!s;NNcR|CVRZrG-v*51b#^|1-ax4e%lEH8YjHj2doXQ>; z$KJ#cZl~dFvc5?#QT78k>W``)U+K|4EF1v|T!3T9L};o^k?i}*iCEhwqLI23DUdJ3 zSKK8~Dd9&A4@|(Yp*l4_6#nw_&+ConCiJ|?33Je(fT|huH^K_C4eQd^m2fKOKf>?d zz5=aZL2GqhSGZ1rXY99|>>wq6sev;LI=4^FC>dLaTbW8-u$Uy+7vTW=f{=9H%As18 zFX6W_S`5DLWIPy)HkH|0-UX_Xi-EfS$VWd`0*~L^Nf`P$^v${i)nyP1(gkdFG0lOL8c~ zbI0+Csqc6TZ4aR0)I044rA-9($^<^l;4csBH8z&Px-+7L1N#Yjd>}L2n**oYj5EAt ztrW^2%)2uaj*g`SE4;b0Cve~s^Z7%#=Dz;098I5$ETAT)lPf({aw7@~5FKD!FkE3Y zR{{r8r=QN?%zzXDF~A`R3g&IwkjZY%vaw=n#$>#sO*k|Xp>-KskbrE=D&P#O^*Vhx zkDzAdF1`ja+k zqzv)fg*X{|uN=?33plJp9cN$y4*n_yYW=e1J37}#Y>+3^z~)w9t;*hl?m0)gI&Tg- z*<6O60A(F0i|V={zQ$U;s<*cq4^QFgxwhKylU&xgO*etKi!flqx0+YhJM`Z8NURCL zt3F4!$A_|Gs%GU-YpTIm{u^xCLm=<1ewUVb3r<(~Qt$Rw3w3{tkEC~cpr4DPt>o6b zPkRXNBe>f5>nh%XcM?8Tu{{Ni`=K$^Bzcvt{Svm`$dn56X-p^;1^Br2H#(y|0dbFb(85v z)2V^dlEHAHHC8LXrg!O7IFZ|hZii!*W1VA41jAl^=?I`A09JJyy0Tkg+);1&Tj%*?>i% zQxf8e>e~a{t-~Y=EOt0%t)sWnVw47Pfxh`opc=Ee#HQ=N}!Aw_Et;l8>L zoGfj5+XfpWkxJc+^rzizJgxF9J;NIRO6dk9%qBE&Q)_I-gHsL3wE63^RTcW~)p^>% zCeDgD{26*js6Ry^LMk{KX5aoQN2?z63T9nT-LIC1D*=zu|JSwY$Q%B{RA7>Kx8J?X zMREQ3%me(%hXsoQ-aXVo-G+Vhbmh07Y@?TSHLxE9a3IrU(3Y@U1PW{m_{!<0>xuEZ|RRvSSCx{GPN}0YXS=b zuPjbkyKDf7DRs9n-c0=$nu@q(fu&vn)7r4na+X@Kexwc+iBNZN>Tjk1hDwGl+$^Bc zyh}i_gzG%SeE=SW4WPcutB7N!L9z_cYDI@!KRaMdPB9uBqjPttid<=w8CKU2L5O(6 zg3kUrBpTRCaO?+Yaku;+SLg^XnVNT(u(+*i*~m`WT+UnJV=BnplS#0~@YwS;;g~y~ z?GmtPu6oTI3-ObW`ZVQG{IY2Tgz$d~Q#;=|SrJgDu;s~SaRi91q^(HDZ`yw=X_L32 zV13sYr|8_Bi~V$5jW`H#=zdyYcS`vAN;U%WoIX8*!E&y$Ruxd&l#eQ+bOh5%_I<>X zoUw9?2HIkqI+jhOQWxv z4*2`602JT12q0C7soa%@JF0}1AlhIiyGTL5bWN9aoXV?$3ocS8MDqb63-Z%hKG90h z&r;ELFv>|7C1#NvSNN9>+^x|b1fmkGwmbb8DVxDbj5oxg^l!iKLmit@%}9}44Lp@w z)y0V`1wEyCBYlfm;~%Moy3_*y$8<^{HR)64npli#M#Jc5lcEGqiQ8)In56;G&a>a3tKv+?qsO>nx8Nx%SmH?RE8Y*b)2eQM!J z6fm1Pp|7AD@=v42vKbM8KkTct#7~ICR7B< zp?H^da91n92|`Ok$kTNITLe^pA%n}ACDOgPfKdqt_kNjVC>A`@-sIgAX$@`sJNuQ{{7!csU|`6|gh+xWbNUn)9E>O@9(;+BkQhc`bCWx#aV;nUIh%OS!N*xsyHn$3GrJ8 z$IyJ+{sFB3eV4m-MRP6fHE$YExZl>f=%ghue;i9V#WpWvK};dgM$nzF=g6#5y>G$6 z>zqya_FOJ&+v2ZO?0Bobsw$Ri)h!B=e?E_n7kOOif8ue)=imV4->(xNh0jx-PSuK_ z{vO9FxamC*-xJumV7FEAKG6LiXJx0}Qi}ZADy}rp?$}El$irH_WwIkZ5O?f@xWm_3 z#m%@o`CSKGso{2Cv+3~k++WKBM*Z1`iQ^RCKe9^Bx7WNYv~^`#z2>jvV^bM5M)!9f z;J|{ZD?C8V%Tc3LuX|)Z$RaVeXzP5@l2lR6p{r!jM zimd%M0dphXzX2reiJKJPV_7A6Oq_~JT<$VW8Z}8*Ec|?0PjL5;&Kd!o0|fd6)nJvL z?s2R1PBmHQ)lWxw6lCqEcY6B-AweN6@loy?Na}IK`@G_lfqMb5ycOK32Ws=RwoL}# zhbnHiEm>M0lOX~M4tC zv;FIX)@OS&lCd=#nW~j0rF6;A(>v?M2qux`!qp?D=al0=xZq%^dZyJE^OY6A2Q__a zsJ=7V6QCwf9K2QGO&So#3Vw!_n7jF#)9s~q(c=Hg5Rw-_ZWL60@xi5W-s&4%=EzP; zfNJdD?|j=9Pu}xC#_Ft6f-4kUdc6%CT53e#5jrzc2f8}Gkc)aThBS&M$R|t zr+`9+M`@C#g35Om3ycugl1q3xn&=v54WY6S3id8?Nt4eq7oaf}*rI;y+LD5XAthIj z9otWp$=Wkp_e85W3CKpM*=IC7`AT+QZzBcv_;ZPOOdxc9tr1{F;97k`ZqGPKAIn%+ zv~zxUZegQJV(nR42+Op$f#Nfy778q~+*d8^y==Jcy$1TyQ|Oop`!gw(*K=t~#Yf-* z&=kYD=33^;k7zm68Ln4X{vJL?NK3Ma-u@!Oq5SN_24omt*&$Rq40jY&LWGN<$z7*^ z&&*#Q(MjC^_xS<1_^Q^DsqN5?YrI2^kUHl%mq8DxQ(m#=m$gbD@IXqgcF%C^&ZOk< zoDzLewDd7VRP)lqk3L;rPS(B7fk#-7#xwgs9m+#wfR?5j)E5_!6tJ)YIAk&45BagXdQKZBp|j+L?NA+hrlg(V?pQbtAp5IKSfPqstFcX?L{jKNmO9 zP48J2jDqKu+}vB~zQ!H-{tYJ~oh)0ShE=)t!-m!229MLzV6lPRAr2Sf=t-Y7!DY~q zMe_xoM)-i%^W+y&X|LxR>B1>RCE2P4Z}^lH2Mn0j)#C5wM1*mNqxAa&>-GX5NM_Sp zubZQKgw7#%{h%zd^`JPhWkrJDB~lUhdg5dd0n~O%=A&tJjnj5te0E<&WEEy&;`q)W zq@w#_L#iglLh_~fJ?BchmraZElw=h*YF=R(rPzUjhZX*v;ag&fRL<);pXrEWaA!_5 zs*HfnB)emom$p~7B5)(p9HleNaFUc23XzwIa1?cVg@ekmwT9OsTW)#W1@f4XoD&nCm_gdIwM z^to%R`y5JW_mM-^Y^$`yMUU2f;^*`FVS}AhvEK!lToc9+xJDOWTU~c(cypMX?xtTC zD?x2QEj_p!@)A;284*&CUe94G0UbwTYVK@BWkk|f(YdNkk{cWCG$%F%BZdjU^cfw$ zZ>F+^uLcYr*j`Q?xt3&okdHEp@wt)J{#3-~D$4J0;31MISb*qxg;1woBaZ0FS0tKo1I* z30D3`GRz%?%suCW3kH7|VZzo@81?Lq?v`SJ+_G>c`n9S!x{xefx4W;2%+UO*hm>c#RI-ik4aO$}LEB0VfqV~9OKr4}kaO3RI=i@;w=e14pod&! zm;ljE_`92k6v8Od!(yz>l~~p&o_xsU_syQxu2B6)fCG?gTDrc|=IaqfQ4NmXeNka# zLY{%iUD|QgrJ}#U%01m@u->;HJRJ#opdPLj?m4|S(qH2~)gC7gw-0V)9Clq$*_agM z=4yB!fuqu5?G`#27E_%i$KV8sn=@!2vuU)z>0$?;{yy%~hxTC-<5&J23?UaHP4sd* zV7#%T&#Kf(#Y@rPZ&U#De+^y>^_>F^%KOoPw+q@&b}bi}%nB4x#Gw8$to)#?&1%eM zvq))2)3WlajlvS4z?&eu_e&vWb>mZFJU`=P6r-0ItPC?#aG5+){yvl+wpfg>UOIiVyWHMOp_wj(L-72JNuxVceRr%h?0F8$a zuz?Hi%&mxnNBsP|p261KAs(yI7p=LE^ux}tEsfEcc+*j-%8;8j4ZFVj=X|0-nGS{q zH)*ICz*UyB3!TR@;n=X$dC6ml5iLB%c!O? z1$W8S&BNp^OsKrOKC{aK<7XqPm=y-|#rcuV;thg{>14b@RR zR1@6qGVIZRyY82i!leoQF8M1N=dBC-E_!f$XJ!ohsH3OHRoasQkD|pfM9@T1KF#Lv zrD4RsjKbh6jefIlaNx0+s3^xg@0qsLlVQ;t8q-XN-rO*~XM4M!?~FqIGpb0zlv-=f zpnDwMu_}RA&cGua4=7k~oqvnbW_K@8YW{+1hPT^)YsIxxnp#+-SU<_C>bL%ixcqo9smdp)xv|;bzXReE5{`LXy(l3O<8QL}cNbqGnd@Eo zUM8mC?I#JpYU5sPFdz?p=%i<BbGA-39BDmrhHz#WW4?jo_GfEMi}D zR=@4M%58g87j7oum4N4Er;cmcCR_K-l6;GZBqt-U@=mM&y!t|MvbA%Bc4F0SYP2<& zqY`cyHal+eePe-VJNs`(n0Z>$Bdf7r4V+$zZ1%3M#j2qZH1F!~ zuvQJ(;~rCi&!ltt=0=C-zZMe~9(^{DnaL);8D<$F*1@8xp{p?zT%}p*f}Qp~DTd=- ztVc=Bta;*fb<;#1uG=?bG)3;TrC#XpZu4loVA9Jg^mq4_XQ1k^Mu0I4Rrd3zN_}13 z$cWkS!T`6P=EdXwJ@md+!`zPN_ae(l^+f8tsXgWX>fzaur|S-;J?VUeb@AJ?dPyw)2#pS!0bx6?+p(-uJ|CEvyUIA zkn~xzoUbxe>9TcAAnz(r4Gau4wY0RC%T&;RRbi~3o@+Ss_YC-zy})j!)4@RwEc!pP) zpCB5(nnW1d0E_DaU8yf$ytv3K5jQQq=C}5Ot6HBfplZA}1&!i?FF)2MF(gxYK5Ww5 zt`+0s?wAoep3>aXGL(A0V>pPd+S`1cuQll-2U`KW5SsqeGV!j=d3 z`kBms_dq0tpTu0NyHg`$ANiE^=R0}1xyg0rZNu}z>zvsZzeC@+;3N=U;bHJaDGQ`j zGczKhUSH@oH$j?UO?{?~#DVO})m`W()F1CSO*fFA{(SdkXlUr~)>hWip6QFrXU|h_ zQ1R`;kLLPQDY;8+K{_ulpE-2!;7A;$)i~^3oVDgj<|kJW`D#1*@lXl*RHPu7nd=zn zBGckNe?BoILn$NTbKu z8L98i(~v=%UJkQW0ofFV}dxfVPdLJENU{GG}`R)i1$e2cV5Y<21m`UJda#ovWNO7R2f!_%t z{QATqnDowxY3 z%10!nn$9PWqN;`;J4Bsp49B&7Z>ev6*Dd_CEVn$4SkyVQlg`%T*ku5H5k{PTGQgrO z$4R0fAwj0GXy%36>@PNTwU&3rZI---sW6SlWW>k$1^JR3rn^!%r`rd_5_E3e8nrE5 zauf^DFYF~Zc!gV3K%~(8Pf@H?er=MgAp8rJ9ajzzr|^zBY>VfOp4(>`gi-xGAvXUf zv1I*w#^P5F6JBRGa&K7ee07G4qG=YVbJk*(Cx5i0X{&2%r_9ZvoQn0HWNBL+sPw{a z++%rUy@yr@LPAa)A}1f~A*cWOW8}>S+CVzVTv@`^Qc8bwh*Exdt)@pTaVbco*gDs$ zZJN)Shn5zx;cumcE~c!VET!9+@oFz}%5M5myVodE)&8efnKE7{N}25)gwtzscre3l z+~mNuzPWV{-WvOyXmiE2JpCd~LCfhMZ)2>+IwZyXevbF{BCFFu{PmCUYBAGVUGbxc z226c@y`r)}LLrFs4N&1@xS&hR)$NNT? zKGy^FG7I%DBQ=-Xw&KiWx!UxS)H>X@M?CT_^6=-SRusD5*KuFYdD+90JJ9c~)KJpj zd4l8*G61O{;v2)`-=4pc*q+r6PsiAnG#nL6K;BzNgs6y8i=Q>j8xzc>i^_eu_DfRo zj8%bT!lky6kfRerl_$klH&WJS8@)xNqaO8gbuCVv3JNsJSP(uHP`fF?w6{AYO|7G! zIo%+vzXhW)S7h7WRRcMw{pM5_NQ{Nh8-K^ z-mIm()po@x=a|tR)60_$>A7*y=H=6I9w9~?Ukh{d#yz7%dh5`-t|jdznrp?IT^-af zgT*Obb9$)1-m~$7{>n^=JRY%yH4n73XoPTnxG~CqDdZ9I5-xIhIvJIHFA2{I4+d(u zP7+%(s)hA;TaPywabSk>1s;dZO$W;5blJ{d&>*H@<=TBJpmfG#kfX-P$cT8bFVs}} zDP9|x?Wek@tf-@+NM7#IuR#7YDOI8aHIcHaI~ig;B?O;}R))8;o{QM%2oltXc62Ye zgM44dNo(xolhmG~3>lOJ#j36#CtBfgbhs7Y*G2pZlS(H(z|NZSd(k=V*LVf*q}r1? z)2jOBd)9i;GlM_8w0C0+WsaK=1uG-kZr@<(_L{%&v~%%IhcUIURw5GG*ZpgA5apP( zzcn4>?z&xHoBOiw#Go40>UsQ#sGgREUTT|&5d(FY;nJTJJ{4mwm)@a07G$y8h=rkf z@_kFwnGV_xI>A||drfuY{x2;tK9Lf+=Jdmc`6p=hz!}son~K>e@aaljTC&gi^y$Z9 zdsiMY-d`-sA;O&uc+Gf}zH~nI^4t84t=Df1+a})^MgB4xmhD`2j3c|g)$Jm*=3VTq zdP^mDSZma|F4KorG;UgQ>9RDZkPwX3R{;$s!boql$-PMC^y$-z%H+gE=7$68WqWn- z;^RwAl(KiwQ7nCQ^Z{bgd+65!UsM_o9wwge`&xkY$k7W2o?XdK&X^tF+JiA`idQf- zHNAbHCN3_HosCU)npF5CepwiN6Oe%y6bLUaE{=ju`t53|g*H%+B!6Cu^;274A(ju5 zgBk1H;0FizHD1yVD1e%#^^$IGYKk#&??}_96Hj|xb5b^y zovQt+O)(;^zVIjZM3Pl$qyC&O9Tnm$vlf$DY7M)3JI^jt}#I`Z?vZK|X&h_gg!{SalTT*dibQvkWG{}A`PY`9cJ^{;tI6n5en7&ljeNVr@$*DH@XLlFAoYU{llSxZU zQ{>~O4A^ul6{GW^^dqggcJa?a?0e79P~%v>sj@&1WEq)R!x}KmtnR~ady?H9+i$54 zVNY7LBXON6N>x{i-gVpF&fZ?ctB9SQy@Iah8(-BMV*CoVaDOyL)ZV$buNtBxGtS90 zjuZrUt6jU6qxRWlJ$^CDPYG+@2Lh$U(hCaMicOZ8yRuS@Mpy3@@>6*g&6(!r)8J3R z_a}%jr?Q8=(0lsy>DcIrADF}R?>9uqD9hOpon}tjnl&!DK4WQTFCeUar7g>>X*M)# z+`OK6n4tDtjv#8!^CCx$#~|kA_OwyN#q_kZRWQ6} zjB3ldrGlF;vUm^uks(MVm}>-b>lGzZTIu~LS1LYRT6&pIKO`)bh6C9rTcXVSSO3g} zPqmd^5zV_O)RoS`!4bTql^B_B!7NVZgA^-Vn$O57}Nh?0wd0u|zbZ4oqs6aD!8gm%4UVKLmTS5GU zh{Jq&2;SH+I1r5=s4>3Q2AcdiiI?<1D5=6j!Y^+maRu)+onzaH0eP*!x&C;)f0xVU_+k-juBUk;8f znKn8F2|IO|aUQhzLxbSkw@o7yF&yGy=5iUU_)P!eNN4F5 zIG^GoBFPYai95w=vnVdsU}Giuawcn>8o5DQas0!9#>TN1>Be2F=>iFz?H6ZwnJ}OM z`TdH*s}XXyb?Bvp)eu>WZGe7AV;(KFHhFG{5 z7b*ViWpP0urFgLR=Y2IB8=HojxgV{uZgc1F2#@o9Cq?#1Zry2QdxG!JeB;D=#OTKsoklfj zlD66}DZM+|+k-Bn<}{Q8bcVmgT9e`z$=3#nDecwUUKkZ-iCw%Ho0P;RzTT(pJZT#x zMi&Lqi`wnbc{FM_qPa7szZt3|SYx)tIYD2dmgEJdIgmFib?shW(8B8jt!urZ zU}CidAl_1J{qs<(yu4iTX$ED&-i3{yeCzD`wYzrh&5^x&N$vKlZxJ6SW>-US`+I&r zoCFreN8)kq?oGy%ooX?mp(j}w!zy)+kF^D8hgn45?+$!U`iF|J#}A249jK|k(?)FE zbm)<}`9zJ`?b0<}A4Po{4OtHvBO^B_7bB9F6(q<$K4+ltl&11{mXlA@lt0YC8 zpMNkpBSZ7<-Ts?RTpeAZzB>D}YxuEx5BxMPVgcF!%JQr>lQszPF$)WyD1++P+dPA9 zH@rMg(nQ{rl}##&w|*ohf&Ok*O zGfH2Dq?}vVavRTu1>S>ip~m|@pQbs4-^*AT2F^>u!sh|{iPRS0R()ZS>%*%pTih&~ zj%g$xbD4f;vq8$tGoPk5;SUFs!FA^dXS{9shyLY zTobNr9(hfX{JSwpTl(3KZMed{&I>sfI8~_2kanppveLFZ_jD%Zp6pw91maqU`1$y< zfA30lxET9$_Ldi1C~s)5m;FBR?At^`GSA!RZ{6EMG{5G7fb&7$`#Ilc)TPu&g_yG6 zpde4oWRA{Vt36b3Vqqk* zg`{ZL5R-Qb_ah@BnmaqgRf8-0!J~#2qFNmW=5$7x-0R|(QMcotKE=5Uj~~ku^BxaK z(?=NyoLQNhw+rr}EYD{9nOk30_sCGozS`wN-9gfg-Vn+I*SIBXLq?+>H>OBRI;zGi zmCx#)H6ThStzuqjZ#JAaSudnRiE=h$FGTsqZWmJ z<~{WelgX&tGWB0{SY~4MH}p2|x;xTI`0tuL)VwyZ&)#H?inhau$RnjjfH=%yJ?oB$ z)8ac`v*0e)g9LBs7qf3pbU4jBi(QK6(-ifb6c2uXHu$MN&+M@6K(meWs;$08rTcgT zd6%7yrbfdz+1L6EJQL|u&-~@Hz4q@eSeYi123?BX>X2jKos|{I>o`b8Qe2s{sc4Je zkvQ+ITAZ0@$>y!tcX;AwP|N4ka8Lhy83y4C8C0)GzfTp=)3D(M<(>wE$t9<_JDI5P zwrczJpQVc{)?NzrMgi~Nf4&@5I-UC_^6AraA8%flCU`^Ole-c*9Sdj@Jn#LiOq9gU zAzr_cRy0f{^l6?IhEuei&zT$>v*LGX7f}d2^lj1-95WnJw(Pc)ye7@p^gAUc^R~Nn zW4)7rAr~Q9!MYtcp>YCx<0-|+s?frWqC#;QZV8j9o^*NNf}t{3#1WUPi5&EJ@NY1yGzV0T7A z1Vea19ez|M0xvd?OZA=m#%b{RPAMwcy-Qmrgfn_cw@1-oysw0l=Jek&KlX%hi7V3O zMTt)DMsI$@qK}z@`R(BNA*us15r>I4B$_of6Vu+y=}y|Ux8L5k^F!Eks?1%N3SO}U yzsI|{gcBbNuh%Pfy|LO^7VN+M|J}T7dyl7}a6B2e*VZohNA{ZH)%42-PyQb+2PWtM diff --git a/Packs/CortexXDR/pack_metadata.json b/Packs/CortexXDR/pack_metadata.json index b8d22c7f0628..8d88570cc17d 100644 --- a/Packs/CortexXDR/pack_metadata.json +++ b/Packs/CortexXDR/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cortex XDR by Palo Alto Networks", "description": "Automates Cortex XDR incident response, and includes custom Cortex XDR incident views and layouts to aid analyst investigations.", "support": "xsoar", - "currentVersion": "6.0.7", + "currentVersion": "6.0.8", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From a09fcc8becdd2fc099f82c79500993f714ae5023 Mon Sep 17 00:00:00 2001 From: merit-maita <49760643+merit-maita@users.noreply.github.com> Date: Mon, 11 Dec 2023 17:26:59 +0200 Subject: [PATCH 05/50] added the send_data_to_xsiam func (#29709) * added the send_data_to_xsiam func * changes * minor fixes * change * edit * added RN * added unittests * added rn * Bump pack from version Base to 1.32.47. * fixed import * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * fix headers names * added rn * updated unittest * added to demistomock * added rn * fix rn * edit * Bump pack from version Base to 1.32.54. * Bump pack from version Base to 1.33.1. * added rn * edits after cr * edit * edit * Bump pack from version Base to 1.33.3. * edits for cover analysis --------- Co-authored-by: Content Bot --- Packs/Base/ReleaseNotes/1_33_3.md | 6 + .../CommonServerPython/CommonServerPython.py | 241 +++++++++++------- .../CommonServerPython_test.py | 91 ++++--- .../test_data/send_events_to_xsiam_data.py | 42 ++- Packs/Base/pack_metadata.json | 2 +- Tests/demistomock/demistomock.py | 15 ++ 6 files changed, 264 insertions(+), 133 deletions(-) create mode 100644 Packs/Base/ReleaseNotes/1_33_3.md diff --git a/Packs/Base/ReleaseNotes/1_33_3.md b/Packs/Base/ReleaseNotes/1_33_3.md new file mode 100644 index 000000000000..bb64cce64ee8 --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_33_3.md @@ -0,0 +1,6 @@ + +#### Scripts + +##### CommonServerPython + +- Added the *send_data_to_xsiam* method, to send assets or events to XSIAM. diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py index fdbdc8d1aab6..66f0dc95336a 100644 --- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py +++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py @@ -45,6 +45,9 @@ def __line__(): XSIAM_EVENT_CHUNK_SIZE = 2 ** 20 # 1 Mib XSIAM_EVENT_CHUNK_SIZE_LIMIT = 9 * (10 ** 6) # 9 MB +ASSETS = "assets" +EVENTS = "events" +DATA_TYPES = [EVENTS, ASSETS] def register_module_line(module_name, start_end, line, wrapper=0): @@ -456,7 +459,7 @@ def is_valid_type(_type): ) @staticmethod - def get_dbot_score_reliability_from_str(reliability_str): + def get_dbot_score_reliability_from_str(reliability_str): # pragma: no cover if reliability_str == DBotScoreReliability.A_PLUS: return DBotScoreReliability.A_PLUS elif reliability_str == DBotScoreReliability.A: @@ -932,7 +935,7 @@ def positiveUrl(entry): return False -def positiveFile(entry): +def positiveFile(entry): # pragma: no cover """ Checks if the given entry from a file reputation query is positive (known bad) (deprecated) @@ -981,7 +984,7 @@ def vtCountPositives(entry): return positives -def positiveIp(entry): +def positiveIp(entry): # pragma: no cover """ Checks if the given entry from a file reputation query is positive (known bad) (deprecated) @@ -1017,7 +1020,7 @@ def formatEpochDate(t): return '' -def shortCrowdStrike(entry): +def shortCrowdStrike(entry): # pragma: no cover """ Display CrowdStrike Intel results in Markdown (deprecated) @@ -1056,7 +1059,7 @@ def shortCrowdStrike(entry): return entry -def shortUrl(entry): +def shortUrl(entry): # pragma: no cover """ Formats a URL reputation entry into a short table (deprecated) @@ -1084,7 +1087,7 @@ def shortUrl(entry): return {'ContentsFormat': 'text', 'Type': 4, 'Contents': 'Unknown provider for result: ' + entry['Brand']} -def shortFile(entry): +def shortFile(entry): # pragma: no cover """ Formats a file reputation entry into a short table (deprecated) @@ -1342,7 +1345,7 @@ def encode_string_results(text): return text.encode("utf8", "replace") -def safe_load_json(json_object): +def safe_load_json(json_object): # pragma: no cover """ Safely loads a JSON object from an argument. Allows the argument to accept either a JSON in string form, or an entry ID corresponding to a JSON file. @@ -2260,7 +2263,7 @@ def headerTransform(s): return stringEscapeMD(s, True, True) # noqa tblToMd = tableToMarkdown -def createContextSingle(obj, id=None, keyTransform=None, removeNull=False): +def createContextSingle(obj, id=None, keyTransform=None, removeNull=False): # pragma: no cover """Receives a dict with flattened key values, and converts them into nested dicts :type obj: ``dict`` or ``list`` @@ -9928,7 +9931,7 @@ def get_last_mirror_run(): # type: () -> Optional[Dict[Any, Any]] raise DemistoException("You cannot use getLastMirrorRun as your version is below 6.6.0") -def support_multithreading(): +def support_multithreading(): # pragma: no cover """Adds lock on the calls to the Cortex XSOAR server from the Demisto object to support integration which use multithreading. :return: No data returned @@ -10279,7 +10282,7 @@ def signal_handler_profiling_dump(_sig, _frame): LOG.print_log() -def register_signal_handler_profiling_dump(signal_type=None, profiling_dump_rows_limit=PROFILING_DUMP_ROWS_LIMIT): +def register_signal_handler_profiling_dump(signal_type=None, profiling_dump_rows_limit=PROFILING_DUMP_ROWS_LIMIT): # pragma: no cover """ Function that registers the threads and memory dump signal listener @@ -10378,7 +10381,7 @@ def __init__(self, response, continue_to_poll=False, args_for_next_run=None, par def polling_function(name, interval=30, timeout=600, poll_message='Fetching Results:', polling_arg_name="polling", - requires_polling_arg=True): + requires_polling_arg=True): # pragma: no cover """ To use on a function that should rerun itself Commands that use this decorator must have a Polling argument, polling: true in yaml, @@ -11124,10 +11127,11 @@ def xsiam_api_call_with_retries( num_of_attempts, events_error_handler=None, error_msg='', - is_json_response=False -): + is_json_response=False, + data_type=EVENTS +): # pragma: no cover """ - Send the fetched events into the XDR data-collector private api. + Send the fetched events or assests into the XDR data-collector private api. :type client: ``BaseClient`` :param client: base client containing the XSIAM url. @@ -11150,6 +11154,9 @@ def xsiam_api_call_with_retries( :type events_error_handler: ``callable`` :param events_error_handler: error handler function + :type data_type: ``str`` + :param data_type: events or assets + :return: Response object or DemistoException :rtype: ``requests.Response`` or ``DemistoException`` """ @@ -11159,7 +11166,7 @@ def xsiam_api_call_with_retries( response = None while status_code != 200 and attempt_num < num_of_attempts + 1: - demisto.debug('Sending events into xsiam, attempt number {attempt_num}'.format(attempt_num=attempt_num)) + demisto.debug('Sending {data_type} into xsiam, attempt number {attempt_num}'.format(data_type=data_type, attempt_num=attempt_num)) # in the last try we should raise an exception if any error occurred, including 429 ok_codes = (200, 429) if attempt_num < num_of_attempts else None response = client._http_request( @@ -11244,31 +11251,132 @@ def send_events_to_xsiam(events, vendor, product, data_format=None, url_key='url :return: None :rtype: ``None`` """ - data = events - amount_of_events = 0 + send_data_to_xsiam(events, vendor, product, data_format, url_key, num_of_attempts, chunk_size, data_type="events") + + +def is_scheduled_command_retry(): + """ + Determines if the current command is a polling retry command. This is useful if some actions should not be performed + when a command is polling for a response such as submitting data for processing. + + :returns: True if the command is part of a polling retry, otherwise false + :rtype: ``Bool`` + + """ + calling_context = demisto.callingContext.get('context', {}) + sm = get_schedule_metadata(context=calling_context) + return True if sm.get('is_polling', False) else False + + +def replace_spaces_in_credential(credential): + """ + This function is used in case of credential from type: 9 is in the wrong format + of one line with spaces instead of multiple lines. + + :type credential: ``str`` or ``None`` + :param credential: the credential to replace spaces in. + + :return: the credential with spaces replaced with new lines if the credential is in the correct format, + otherwise the credential will be returned as is. + :rtype: ``str`` or ``None`` + """ + if not credential: + return credential + + match_begin = re.search("-----BEGIN(.*?)-----", credential) + match_end = re.search("-----END(.*?)-----", credential) + + if match_begin and match_end: + return re.sub("(?<={0})(.*?)(?={1})".format(match_begin.group(0), match_end.group(0)), + lambda match: match.group(0).replace(' ', '\n'), credential) + return credential + +def has_passed_time_threshold(timestamp_str, seconds_threshold): + """ + Checks if the time difference between the current time and the timestamp is greater than the threshold. + + :type timestamp_str: ``str`` + :param timestamp_str: The timestamp to compare the current time to. + :type seconds_threshold: ``int`` + :param seconds_threshold: The threshold in seconds. + + :return: True if the time difference is greater than the threshold, otherwise False. + :rtype: ``bool`` + """ + import pytz + to_utc_timestamp = dateparser.parse(timestamp_str, settings={'TIMEZONE': 'UTC'}) + # using astimezone since utcnow() returns a naive datetime object when unitesting + current_time = datetime.now().astimezone(pytz.utc) + if to_utc_timestamp: + time_difference = current_time - to_utc_timestamp + return time_difference.total_seconds() > seconds_threshold + else: + raise ValueError("Failed to parse timestamp: {timestamp_str}".format(timestamp_str=timestamp_str)) + +def send_data_to_xsiam(data, vendor, product, data_format=None, url_key='url', num_of_attempts=3, + chunk_size=XSIAM_EVENT_CHUNK_SIZE, data_type=EVENTS): + """ + Send the supported fetched data types into the XDR data-collector private api. + + :type data: ``Union[str, list]`` + :param data: The data to send to XSIAM server. Should be of the following: + 1. List of strings or dicts where each string or dict represents an event or asset. + 2. String containing raw events separated by a new line. + + :type vendor: ``str`` + :param vendor: The vendor corresponding to the integration that originated the data. + + :type product: ``str`` + :param product: The product corresponding to the integration that originated the data. + + :type data_format: ``str`` + :param data_format: Should only be filled in case the 'events' parameter contains a string of raw + events in the format of 'leef' or 'cef'. In other cases the data_format will be set automatically. + + :type url_key: ``str`` + :param url_key: The param dict key where the integration url is located at. the default is 'url'. + + :type num_of_attempts: ``int`` + :param num_of_attempts: The num of attempts to do in case there is an api limit (429 error codes) + + :type chunk_size: ``int`` + :param chunk_size: Advanced - The maximal size of each chunk size we send to API. Limit of 9 MB will be inforced. + + :type data_type: ``str`` + :param data_type: Type of data to send to Xsiam, events or assets. + + :return: None + :rtype: ``None`` + """ + data_size = 0 params = demisto.params() url = params.get(url_key) calling_context = demisto.callingContext.get('context', {}) instance_name = calling_context.get('IntegrationInstance', '') collector_name = calling_context.get('IntegrationBrand', '') + items_count = len(data) if isinstance(data, list) else 1 + if data_type not in DATA_TYPES: + demisto.debug("data type must be one of these values: {types}".format(types=DATA_TYPES)) + return - if not events: - demisto.debug('send_events_to_xsiam function received no events, skipping the API call to send events to XSIAM') - demisto.updateModuleHealth({'eventsPulled': amount_of_events}) + if not data: + demisto.debug('send_data_to_xsiam function received no {data_type}, ' + 'skipping the API call to send {data} to XSIAM'.format(data_type=data_type, data=data_type)) + demisto.updateModuleHealth({'{data_type}Pulled'.format(data_type=data_type): data_size}) return - # only in case we have events data to send to XSIAM we continue with this flow. - # Correspond to case 1: List of strings or dicts where each string or dict represents an event. - if isinstance(events, list): + # only in case we have data to send to XSIAM we continue with this flow. + # Correspond to case 1: List of strings or dicts where each string or dict represents an one event or asset or snapshot. + if isinstance(data, list): # In case we have list of dicts we set the data_format to json and parse each dict to a stringify each dict. - if isinstance(events[0], dict): - events = [json.dumps(event) for event in events] + if isinstance(data[0], dict): + data = [json.dumps(item) for item in data] data_format = 'json' # Separating each event with a new line - data = '\n'.join(events) - elif not isinstance(events, str): - raise DemistoException(('Unsupported type: {type_events} for the "events" parameter. Should be a string or ' - 'list.').format(type_events=type(events))) + data = '\n'.join(data) + elif not isinstance(data, str): + raise DemistoException('Unsupported type: {data} for the {data_type} parameter.' + ' Should be a string or list.'.format(data=type(data), data_type=data_type)) if not data_format: data_format = 'text' @@ -11283,12 +11391,16 @@ def send_events_to_xsiam(events, vendor, product, data_format=None, url_key='url 'content-encoding': 'gzip', 'collector-name': collector_name, 'instance-name': instance_name, - 'final-reporting-device': url + 'final-reporting-device': url, + 'collector-type': ASSETS if data_type == ASSETS else EVENTS } + if data_type == ASSETS: + headers['snapshot-id'] = str(round(time.time() * 1000)) + headers['total-items-count'] = str(items_count) - header_msg = 'Error sending new events into XSIAM.\n' + header_msg = 'Error sending new {data_type} into XSIAM.\n'.format(data_type = data_type) - def events_error_handler(res): + def data_error_handler(res): """ Internal function to parse the XSIAM API errors """ @@ -11319,74 +11431,15 @@ def events_error_handler(res): client = BaseClient(base_url=xsiam_url) data_chunks = split_data_to_chunks(data, chunk_size) for data_chunk in data_chunks: - amount_of_events += len(data_chunk) + data_size += len(data_chunk) data_chunk = '\n'.join(data_chunk) zipped_data = gzip.compress(data_chunk.encode('utf-8')) # type: ignore[AttributeError,attr-defined] - xsiam_api_call_with_retries(client=client, events_error_handler=events_error_handler, + xsiam_api_call_with_retries(client=client, events_error_handler=data_error_handler, error_msg=header_msg, headers=headers, num_of_attempts=num_of_attempts, xsiam_url=xsiam_url, zipped_data=zipped_data, is_json_response=True) - demisto.updateModuleHealth({'eventsPulled': amount_of_events}) - - -def is_scheduled_command_retry(): - """ - Determines if the current command is a polling retry command. This is useful if some actions should not be performed - when a command is polling for a response such as submitting data for processing. - - :returns: True if the command is part of a polling retry, otherwise false - :rtype: ``Bool`` - - """ - calling_context = demisto.callingContext.get('context', {}) - sm = get_schedule_metadata(context=calling_context) - return True if sm.get('is_polling', False) else False - - -def replace_spaces_in_credential(credential): - """ - This function is used in case of credential from type: 9 is in the wrong format - of one line with spaces instead of multiple lines. - - :type credential: ``str`` or ``None`` - :param credential: the credential to replace spaces in. - - :return: the credential with spaces replaced with new lines if the credential is in the correct format, - otherwise the credential will be returned as is. - :rtype: ``str`` or ``None`` - """ - if not credential: - return credential - match_begin = re.search("-----BEGIN(.*?)-----", credential) - match_end = re.search("-----END(.*?)-----", credential) - - if match_begin and match_end: - return re.sub("(?<={0})(.*?)(?={1})".format(match_begin.group(0), match_end.group(0)), - lambda match: match.group(0).replace(' ', '\n'), credential) - return credential - -def has_passed_time_threshold(timestamp_str, seconds_threshold): - """ - Checks if the time difference between the current time and the timestamp is greater than the threshold. - - :type timestamp_str: ``str`` - :param timestamp_str: The timestamp to compare the current time to. - :type seconds_threshold: ``int`` - :param seconds_threshold: The threshold in seconds. - - :return: True if the time difference is greater than the threshold, otherwise False. - :rtype: ``bool`` - """ - import pytz - to_utc_timestamp = dateparser.parse(timestamp_str, settings={'TIMEZONE': 'UTC'}) - # using astimezone since utcnow() returns a naive datetime object when unitesting - current_time = datetime.now().astimezone(pytz.utc) - if to_utc_timestamp: - time_difference = current_time - to_utc_timestamp - return time_difference.total_seconds() > seconds_threshold - else: - raise ValueError("Failed to parse timestamp: {timestamp_str}".format(timestamp_str=timestamp_str)) + demisto.updateModuleHealth({'{data_type}Pulled'.format(data_type=data_type): data_size}) ########################################### # DO NOT ADD LINES AFTER THIS ONE # diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py index dbce65886678..f4bc5adb3d93 100644 --- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py +++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py @@ -28,8 +28,7 @@ url_to_clickable_markdown, WarningsHandler, DemistoException, SmartGetDict, JsonTransformer, \ remove_duplicates_from_list_arg, DBotScoreType, DBotScoreReliability, Common, send_events_to_xsiam, ExecutionMetrics, \ response_to_context, is_integration_command_execution, is_xsiam_or_xsoar_saas, is_xsoar, is_xsoar_on_prem, \ - is_xsoar_hosted, is_xsoar_saas, is_xsiam - + is_xsoar_hosted, is_xsoar_saas, is_xsiam, send_data_to_xsiam try: from StringIO import StringIO @@ -8498,9 +8497,10 @@ def test_content_type(content_format, outputs, expected_type): class TestSendEventsToXSIAMTest: - from test_data.send_events_to_xsiam_data import events_dict, log_error + from test_data.send_events_to_xsiam_data import events_dict, events_log_error, assets_log_error test_data = events_dict - test_log_data = log_error + events_test_log_data = events_log_error + assets_test_log_data = assets_log_error orig_xsiam_file_size = 2 ** 20 # 1Mib @staticmethod @@ -8511,12 +8511,18 @@ def get_license_custom_field_mock(arg): return "url" - @pytest.mark.parametrize('events_use_case', [ - 'json_events', 'text_list_events', 'text_events', 'cef_events', 'json_zero_events', 'big_event' + @pytest.mark.parametrize('data_use_case, data_type', [ + ('json_events', 'events'), + ('text_list_events', 'events'), + ('text_events', 'events'), + ('cef_events', 'events'), + ('json_zero_events', 'events'), + ('big_event', 'events'), + ('json_assets', 'assets'), ]) - def test_send_events_to_xsiam_positive(self, mocker, events_use_case): + def test_send_data_to_xsiam_positive(self, mocker, data_use_case, data_type): """ - Test for the fetch events function + Test for the fetch events and fetch assets function Given: Case a: a list containing dicts representing events. Case b: a list containing strings representing events. @@ -8524,15 +8530,17 @@ def test_send_events_to_xsiam_positive(self, mocker, events_use_case): Case d: a string representing events (separated by a new line). Case e: an empty list of events. Case f: a "big" event. a big event is bigger than XSIAM EVENT SIZE declared. + Case g: a list containing dicts representing assets. ( currently the Ideal event size is 1 Mib) When: - Case a: Calling the send_events_to_xsiam function with no explicit data format specified. - Case b: Calling the send_events_to_xsiam function with no explicit data format specified. - Case c: Calling the send_events_to_xsiam function with no explicit data format specified. - Case d: Calling the send_events_to_xsiam function with a cef data format specification. - Case e: Calling the send_events_to_xsiam function with no explicit data format specified. - Case f: Calling the send_events_to_xsiam function with no explicit data format specified. + Case a: Calling the send_assets_to_xsiam function with no explicit data format specified. + Case b: Calling the send_assets_to_xsiam function with no explicit data format specified. + Case c: Calling the send_assets_to_xsiam function with no explicit data format specified. + Case d: Calling the send_assets_to_xsiam function with a cef data format specification. + Case e: Calling the send_assets_to_xsiam function with no explicit data format specified. + Case f: Calling the send_assets_to_xsiam function with no explicit data format specified. + Case g: Calling the send_assets_to_xsiam function with no explicit data format specified. Then ensure that: Case a: @@ -8558,6 +8566,10 @@ def test_send_events_to_xsiam_positive(self, mocker, events_use_case): - The events data was compressed correctly. Expecting to see that last chunk sent. - The data format remained as json. - The number of events reported to the module health - 2. For the last chunk. + Case g: + - The assets data was compressed correctly + - The data format was automatically identified as json. + - The number of assets reported to the module health equals to number of assets sent to XSIAM - 2 """ if not IS_PY3: return @@ -8566,6 +8578,7 @@ def test_send_events_to_xsiam_positive(self, mocker, events_use_case): from requests import Response mocker.patch.object(demisto, 'getLicenseCustomField', side_effect=self.get_license_custom_field_mock) mocker.patch.object(demisto, 'updateModuleHealth') + mocker.patch('time.time', return_value=123) api_response = Response() api_response.status_code = 200 @@ -8573,28 +8586,34 @@ def test_send_events_to_xsiam_positive(self, mocker, events_use_case): _http_request_mock = mocker.patch.object(BaseClient, '_http_request', return_value=api_response) - events = self.test_data[events_use_case]['events'] - number_of_events = self.test_data[events_use_case]['number_of_events'] # pushed in each chunk. - chunk_size = self.test_data[events_use_case].get('XSIAM_FILE_SIZE', self.orig_xsiam_file_size) - data_format = self.test_data[events_use_case].get('format') - send_events_to_xsiam(events=events, vendor='some vendor', product='some product', data_format=data_format, - chunk_size=chunk_size) + items = self.test_data[data_use_case][data_type] + number_of_items = self.test_data[data_use_case]['number_of_events'] # pushed in each chunk. + chunk_size = self.test_data[data_use_case].get('XSIAM_FILE_SIZE', self.orig_xsiam_file_size) + data_format = self.test_data[data_use_case].get('format') + send_data_to_xsiam(data=items, vendor='some vendor', product='some product', data_format=data_format, + chunk_size=chunk_size, data_type=data_type) - if number_of_events: - expected_format = self.test_data[events_use_case]['expected_format'] - expected_data = self.test_data[events_use_case]['expected_data'] + if number_of_items: + expected_format = self.test_data[data_use_case]['expected_format'] + expected_data = self.test_data[data_use_case]['expected_data'] arguments_called = _http_request_mock.call_args[1] decompressed_data = gzip.decompress(arguments_called['data']).decode("utf-8") assert arguments_called['headers']['format'] == expected_format assert decompressed_data == expected_data + assert arguments_called['headers']['collector-type'] == data_type else: assert _http_request_mock.call_count == 0 + if data_type == "events": + demisto.updateModuleHealth.assert_called_with({'eventsPulled': number_of_items}) + elif data_type == "assets": + demisto.updateModuleHealth.assert_called_with({'assetsPulled': number_of_items}) + assert arguments_called['headers']['snapshot-id'] == '123000' + assert arguments_called['headers']['total-items-count'] == '2' - demisto.updateModuleHealth.assert_called_with({'eventsPulled': number_of_events}) - - @pytest.mark.parametrize('error_msg', [None, {'error': 'error'}, '']) - def test_send_events_to_xsiam_error_handling(self, mocker, requests_mock, error_msg): + @pytest.mark.parametrize('error_msg, data_type', [(None, "events"), ({'error': 'error'}, "events"), ('', "events"), + ({'error': 'error'}, "assets")]) + def test_send_data_to_xsiam_error_handling(self, mocker, requests_mock, error_msg, data_type): """ Given: case a: response type containing None @@ -8602,7 +8621,7 @@ def test_send_events_to_xsiam_error_handling(self, mocker, requests_mock, error_ case c: response type containing empty string When: - calling the send_events_to_xsiam function + calling the send_data_to_xsiam function Then: case a: @@ -8625,7 +8644,7 @@ def test_send_events_to_xsiam_error_handling(self, mocker, requests_mock, error_ mocker.patch.object(demisto, "params", return_value={"url": "www.test_url.com"}) mocker.patch.object(demisto, "callingContext", {"context": {"IntegrationInstance": "test_integration_instance", "IntegrationBrand": "test_brand"}}) - + mocker.patch('time.time', return_value=123) if isinstance(error_msg, dict): status_code = 401 request_mocker = requests_mock.post( @@ -8642,14 +8661,14 @@ def test_send_events_to_xsiam_error_handling(self, mocker, requests_mock, error_ error_log_mocker = mocker.patch.object(demisto, 'error') events = self.test_data['json_events']['events'] - expected_request_and_response_info = self.test_log_data - expected_error_header = 'Error sending new events into XSIAM.\n' + expected_request_and_response_info = self.events_test_log_data if data_type == "events" else self.assets_log_error + expected_error_header = 'Error sending new {data_type} into XSIAM.\n'.format(data_type=data_type) with pytest.raises( DemistoException, match=re.escape(expected_error_header + expected_error_msg), ): - send_events_to_xsiam(events=events, vendor='some vendor', product='some product') + send_data_to_xsiam(data=events, vendor='some vendor', product='some product', data_type=data_type) # make sure the request was sent only once and retry mechanism was not triggered assert request_mocker.call_count == 1 @@ -8701,7 +8720,7 @@ def test_send_events_to_xsiam_error_handling(self, mocker, requests_mock, error_ ) ] ) - def test_retries_send_events_to_xsiam_rate_limit( + def test_retries_send_data_to_xsiam_rate_limit( self, mocker, mocked_responses, expected_request_call_count, expected_error_log_count, should_succeed ): """ @@ -8713,7 +8732,7 @@ def test_retries_send_events_to_xsiam_rate_limit( case e: 1 response indicating about success from xsiam with no rate limit errors When: - calling the send_events_to_xsiam function + calling the send_data_to_xsiam function Then: case a: @@ -8754,10 +8773,10 @@ def test_retries_send_events_to_xsiam_rate_limit( events = self.test_data['json_events']['events'] if should_succeed: - send_events_to_xsiam(events=events, vendor='some vendor', product='some product') + send_data_to_xsiam(data=events, vendor='some vendor', product='some product') else: with pytest.raises(DemistoException): - send_events_to_xsiam(events=events, vendor='some vendor', product='some product') + send_data_to_xsiam(data=events, vendor='some vendor', product='some product') assert error_mock.call_count == expected_error_log_count assert request_mock.call_count == expected_request_call_count diff --git a/Packs/Base/Scripts/CommonServerPython/test_data/send_events_to_xsiam_data.py b/Packs/Base/Scripts/CommonServerPython/test_data/send_events_to_xsiam_data.py index a6914a835392..d7a953af3ffa 100644 --- a/Packs/Base/Scripts/CommonServerPython/test_data/send_events_to_xsiam_data.py +++ b/Packs/Base/Scripts/CommonServerPython/test_data/send_events_to_xsiam_data.py @@ -88,10 +88,25 @@ "expected_data": '{"name": "Event 10", "data": "In three words I can sum up everything I\'ve learned about life: it goes on. - Robert Frost"}', "expected_format": "json", "XSIAM_FILE_SIZE": 300 + }, + "json_assets": { + "assets": [ + { + "name": "my asset 1", + "data": "some data 1" + }, + { + "name": "my asset 2", + "data": "some data 2" + } + ], + "number_of_events": 2, + "expected_format": "json", + "expected_data": '{"name": "my asset 1", "data": "some data 1"}\n{"name": "my asset 2", "data": "some data 2"}' } } -log_error = \ +events_log_error = \ """Error sending new events into XSIAM. Parameters used: \tURL: https://api-url @@ -103,7 +118,30 @@ "content-encoding": "gzip", "collector-name": "test_brand", "instance-name": "test_integration_instance", - "final-reporting-device": "www.test_url.com" + "final-reporting-device": "www.test_url.com", + "collector-type": "events" +}} + +Response status code: {status_code} +Error received: +\t{error_received}""" + +assets_log_error = \ + """Error sending new assets into XSIAM. +Parameters used: +\tURL: https://api-url +\tHeaders: {{ + "authorization": "TOKEN", + "format": "json", + "product": "some product", + "vendor": "some vendor", + "content-encoding": "gzip", + "collector-name": "test_brand", + "instance-name": "test_integration_instance", + "final-reporting-device": "www.test_url.com", + "collector-type": "assets", + "snapshot-id": "123000", + "total-items-count": "2" }} Response status code: {status_code} diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json index 72f215987fba..4ca07ab9dfde 100644 --- a/Packs/Base/pack_metadata.json +++ b/Packs/Base/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Base", "description": "The base pack for Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.33.2", + "currentVersion": "1.33.3", "author": "Cortex XSOAR", "serverMinVersion": "6.0.0", "url": "https://www.paloaltonetworks.com/cortex", diff --git a/Tests/demistomock/demistomock.py b/Tests/demistomock/demistomock.py index 2f98cadbfd8b..d6b85beac3af 100644 --- a/Tests/demistomock/demistomock.py +++ b/Tests/demistomock/demistomock.py @@ -1333,3 +1333,18 @@ def getLicenseCustomField(key): """ return get(contentSecrets, key) + + +def setAssetsLastRun(obj): + """(Integration only) + Stores given object in the AssetsLastRun object + Args: + obj (dict): The object to store + Returns: + None: No data returned + """ + return + + +def getAssetsLastRun(): + return {"lastRun": "2018-10-24T14:13:20+00:00"} From 71c8b94d499dd214f857461d98fca582e93c0656 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Mon, 11 Dec 2023 17:35:40 +0200 Subject: [PATCH 06/50] EXPANDR-7181 Fix issues for AWS rule logic (#31401) * EXPANDR-7181 Fix issues for AWS rule logic (#31237) * Fix issues * update release notes * updated docker image * Update Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_9.md Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * scenario 4 and 5 changes * update test cases * Update Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_9.md Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> --------- Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> * Update 1_1_9.md * Update 1_1_9.md * Update docker --------- Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> --- .../ReleaseNotes/1_1_9.md | 5 ++ .../Scripts/AWSRecreateSG/AWSRecreateSG.py | 51 ++++++++++++------- .../Scripts/AWSRecreateSG/AWSRecreateSG.yml | 2 +- .../AWSRecreateSG/AWSRecreateSG_test.py | 4 ++ .../pack_metadata.json | 2 +- 5 files changed, 44 insertions(+), 20 deletions(-) create mode 100644 Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_9.md diff --git a/Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_9.md b/Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_9.md new file mode 100644 index 000000000000..91df40fb841f --- /dev/null +++ b/Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_9.md @@ -0,0 +1,5 @@ +#### Scripts + +##### AWSRecreateSG +- Updated the script to fix an issue with security group rule case and added a change flag. +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.py b/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.py index bd60103c8b18..66e428550152 100644 --- a/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.py +++ b/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.py @@ -76,31 +76,46 @@ def sg_fix(sg_info: list, port: int, protocol: str, assume_role: str, instance_t # Keep track of change in SG or not. change = False for rule in info['IpPermissions']: - # Check if 'FromPort' is in rule, else it is an "all traffic rule". - if rule.get('FromPort'): - # Don't recrete if it targets just the port of interest. - if rule['FromPort'] == port and port == rule['ToPort'] and rule['IpRanges'][0]['CidrIp'] == "0.0.0.0/0" and \ - rule['IpProtocol'] == protocol: - change = True - elif rule['FromPort'] <= port and port <= rule['ToPort'] and rule['IpRanges'][0]['CidrIp'] == "0.0.0.0/0" and \ - rule['IpProtocol'] == protocol: # noqa: E127 + if rule.get('IpRanges') and len(rule.get('IpRanges')) > 0: + # Check if 'FromPort' is in rule, else it is an "all traffic rule". + if rule.get('FromPort'): + # Don't recreate if it targets just the port of interest. + if ( + rule['FromPort'] == port + and port == rule['ToPort'] + and rule['IpRanges'][0]['CidrIp'] == "0.0.0.0/0" + and rule['IpProtocol'] == protocol + ): + change = True + elif ( + rule["FromPort"] == port and port == rule["ToPort"] + and any(d["CidrIp"] == "0.0.0.0/0" for d in rule["IpRanges"]) + and rule["IpProtocol"] == protocol + ): + # If condition to check for Quad 0 in the rules list for matching port. + change = True + elif ( + rule['FromPort'] <= port and port <= rule['ToPort'] + and rule['IpRanges'][0]['CidrIp'] == "0.0.0.0/0" + and rule['IpProtocol'] == protocol + ): # noqa: E127 + fixed = split_rule(rule, port, protocol) + for rule_fix in fixed: + new_rule = (str([rule_fix])).replace("'", "\"") + recreate_list.append(new_rule) + change = True + else: + new_rule = (str([rule])).replace("'", "\"") + recreate_list.append(new_rule) + elif rule.get('IpRanges') and rule['IpRanges'][0].get('CidrIp') == "0.0.0.0/0": fixed = split_rule(rule, port, protocol) + change = True for rule_fix in fixed: new_rule = (str([rule_fix])).replace("'", "\"") recreate_list.append(new_rule) - change = True else: new_rule = (str([rule])).replace("'", "\"") recreate_list.append(new_rule) - elif rule.get('IpRanges') and rule['IpRanges'][0].get('CidrIp') == "0.0.0.0/0": - fixed = split_rule(rule, port, protocol) - change = True - for rule_fix in fixed: - new_rule = (str([rule_fix])).replace("'", "\"") - recreate_list.append(new_rule) - else: - new_rule = (str([rule])).replace("'", "\"") - recreate_list.append(new_rule) if change is False: return {} else: diff --git a/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.yml b/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.yml index bc87077026eb..3731dd32091a 100644 --- a/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.yml +++ b/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.yml @@ -51,7 +51,7 @@ dependson: - AWS - EC2|||aws-ec2-authorize-security-group-egress-rule - AWS - EC2|||aws-ec2-revoke-security-group-ingress-rule - AWS - EC2|||aws-ec2-revoke-security-group-egress-rule -dockerimage: demisto/python3:3.10.13.78960 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: AWSRecreateSG runas: DBotWeakRole diff --git a/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG_test.py b/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG_test.py index 13c1ddd6684a..dfba73a01eca 100644 --- a/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG_test.py +++ b/Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG_test.py @@ -20,6 +20,10 @@ "UserIdGroupPairs": [], 'FromPort': 22, 'ToPort': 100}, {'IpProtocol': 'tcp', 'IpRanges': [{'CidrIp': '0.0.0.0/0'}], 'Ipv6Ranges': [], 'PrefixListIds': [], 'UserIdGroupPairs': [], 'FromPort': 23, 'ToPort': 100}), + ({"IpProtocol": "tcp", "IpRanges": [], "Ipv6Ranges": [{'CidrIpv6': '::/0'}], "PrefixListIds": [], + "UserIdGroupPairs": [], 'FromPort': 22, 'ToPort': 100}, + {'IpProtocol': 'tcp', 'IpRanges': [], 'Ipv6Ranges': [{'CidrIpv6': '::/0'}], 'PrefixListIds': [], + 'UserIdGroupPairs': [], 'FromPort': 23, 'ToPort': 100}), ] ) def test_split_rule(rule, first_rule_created): diff --git a/Packs/AWS-Enrichment-Remediation/pack_metadata.json b/Packs/AWS-Enrichment-Remediation/pack_metadata.json index ad9b65594f48..a76815949fb6 100644 --- a/Packs/AWS-Enrichment-Remediation/pack_metadata.json +++ b/Packs/AWS-Enrichment-Remediation/pack_metadata.json @@ -2,7 +2,7 @@ "name": "AWS Enrichment and Remediation", "description": "Playbooks using multiple AWS content packs for enrichment and remediation purposes", "support": "xsoar", - "currentVersion": "1.1.8", + "currentVersion": "1.1.9", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From f82b6d8958d5f4b800a69e8531fa6d2cbafadefc Mon Sep 17 00:00:00 2001 From: sharonfi99 <147984773+sharonfi99@users.noreply.github.com> Date: Mon, 11 Dec 2023 20:25:42 +0200 Subject: [PATCH 07/50] RSA secureID CIAC-8811 (#31392) * New pack of RSA secureID * Update Packs/RSASecureID/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/RSASecureID/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/RSASecureID/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/RSASecureID/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * changes to the README file * small changes to the README * mismatch betweeb dataset names --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --- Packs/RSASecureID/.pack-ignore | 0 Packs/RSASecureID/.secrets-ignore | 0 .../ModelingRules/RSASecureID/RSASecureID.xif | 50 ++++++++++++++++ .../ModelingRules/RSASecureID/RSASecureID.yml | 6 ++ .../RSASecureID/RSASecureID_schema.json | 8 +++ .../ParsingRules/RSASecureID/RSASecureID.xif | 0 .../ParsingRules/RSASecureID/RSASecureID.yml | 6 ++ Packs/RSASecureID/README.md | 57 +++++++++++++++++++ Packs/RSASecureID/pack_metadata.json | 18 ++++++ 9 files changed, 145 insertions(+) create mode 100644 Packs/RSASecureID/.pack-ignore create mode 100644 Packs/RSASecureID/.secrets-ignore create mode 100644 Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID.xif create mode 100644 Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID.yml create mode 100644 Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID_schema.json create mode 100644 Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.xif create mode 100644 Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.yml create mode 100644 Packs/RSASecureID/README.md create mode 100644 Packs/RSASecureID/pack_metadata.json diff --git a/Packs/RSASecureID/.pack-ignore b/Packs/RSASecureID/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/RSASecureID/.secrets-ignore b/Packs/RSASecureID/.secrets-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID.xif b/Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID.xif new file mode 100644 index 000000000000..bc1360224ac1 --- /dev/null +++ b/Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID.xif @@ -0,0 +1,50 @@ +[RULE: rsa_common_fields] +alter + log_level = arrayindex(log_array,4), + client_ip = arrayindex(log_array,7), + server_ip = arrayindex(log_array,8), + result = arrayindex(log_array,11) +| alter + client_ipv4 = regextract(client_ip, "(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})"), + server_ipv4 = regextract(server_ip, "(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})"), + client_ipv6 = regextract(client_ip, "([a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5})"), + server_ipv6 = regextract(server_ip, "([a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5}[a-fA-F0-9\:]{1,5})") +| alter + xdm.event.original_event_type = arrayindex(log_array,3), + xdm.event.log_level = if(log_level ~= "INFO", XDM_CONST.LOG_LEVEL_INFORMATIONAL, log_level~="ERROR", XDM_CONST.LOG_LEVEL_ERROR, log_level ~="WARN",XDM_CONST.LOG_LEVEL_WARNING,log_level), + xdm.event.id = arrayindex(log_array,5), + xdm.source.ipv4 = arrayindex(client_ipv4,0), + xdm.source.ipv6 = arrayindex(client_ipv6,0), + xdm.source.host.ipv4_addresses = server_ipv4, + xdm.source.host.ipv6_addresses = server_ipv6, + xdm.alert.name = arrayindex(log_array,9), + xdm.alert.original_alert_id = arrayindex(log_array,10), + xdm.event.outcome = if(result ~= "SUCCESS",XDM_CONST.OUTCOME_SUCCESS, result ~= "fail", XDM_CONST.OUTCOME_FAILED, result ~= "warn", XDM_CONST.OUTCOME_SUCCESS, result), + xdm.event.outcome_reason = arrayindex(log_array,12), + xdm.network.session_id = to_string(arrayindex(log_array,13)); //validation returned type of data + +/* Extracts all the fields from _raw_log, fields are separated with a comma delimiter +This mapping refers to Admin audit events */ +[MODEL: dataset="rsa_secureid_raw"] + alter log_array = split(_raw_log, ",") +| alter event_type = arrayindex(log_array,3) +| filter event_type contains "audit.admin" +| call rsa_common_fields +| alter + xdm.source.user.identifier = to_string(arrayindex(log_array,15)), + xdm.source.user.username = arrayindex(log_array,18), + xdm.source.user.first_name = arrayindex(log_array,19), + xdm.source.user.last_name = arrayindex(log_array,20), + xdm.source.user.domain = arrayindex(log_array,25); + +//Mapping of Runtime audit events + alter log_array = split(_raw_log, ",") +| alter event_type = arrayindex(log_array,3) +| filter event_type contains "audit.runtime" +| call rsa_common_fields +| alter + xdm.source.user.identifier = to_string(arrayindex(log_array,14)), + xdm.source.user.username = arrayindex(log_array,17), + xdm.source.user.first_name = arrayindex(log_array,18), + xdm.source.user.last_name = arrayindex(log_array,19), + xdm.source.agent.identifier = arrayindex(log_array, 20); \ No newline at end of file diff --git a/Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID.yml b/Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID.yml new file mode 100644 index 000000000000..071b43523d80 --- /dev/null +++ b/Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID.yml @@ -0,0 +1,6 @@ +fromversion: 8.4.0 +id: RSA_SecureID_ModelingRule +name: RSA SecureID Modeling Rule +rules: '' +schema: '' +tags: '' \ No newline at end of file diff --git a/Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID_schema.json b/Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID_schema.json new file mode 100644 index 000000000000..9ad44c356144 --- /dev/null +++ b/Packs/RSASecureID/ModelingRules/RSASecureID/RSASecureID_schema.json @@ -0,0 +1,8 @@ +{ + "rsa_secureid_raw": { + "_raw_log": { + "type": "string", + "is_array": false + } + } + } \ No newline at end of file diff --git a/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.xif b/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.xif new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.yml b/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.yml new file mode 100644 index 000000000000..5de58ae5390b --- /dev/null +++ b/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.yml @@ -0,0 +1,6 @@ +id: RSA_SecureID_ParsingRule +name: RSA SecureID Parsing Rule +fromversion: 8.4.0 +tags: [] +rules: '' +samples: '' \ No newline at end of file diff --git a/Packs/RSASecureID/README.md b/Packs/RSASecureID/README.md new file mode 100644 index 000000000000..f28ae524eb78 --- /dev/null +++ b/Packs/RSASecureID/README.md @@ -0,0 +1,57 @@ +# RSA SecureID +<~XSIAM> + +This pack includes Cortex XSIAM content. + +## Configuration on Server Side +You need to configure RSA SecureID to forward Syslog messages. + +In RSA Authentication Manager 8.4 there is rsyslog instead of syslog-ng. +In the configuration file in /etc/rsyslog.d/remote.conf you define the syslog server(s) to which you want to connect. +In /etc/rsylog.conf define the rest of the configuration related to rsyslog. +1. Launch an SSH client, such as PuTTY. +2. Login to the primary Authentication Manager server as **rsaadmin** and enter the operating system password. +3. Change the privileges of **rsaadmin** to root. +4. Enter the operating system password when prompted. +5. Go to **/etc/rsyslog.d/** and make a copy of the **remote.conf** file. +6. Open the **remote.conf** configuration file in an editor such as vi. +7. Append the remote syslog servers in the **/etc/rsyslog.d/remote.conf** file. +8. Restart the syslog daemon and verify the status with the following commands: + ``` + rcsyslog restart + rcsyslog status + ``` +9. Configure Security Console Logging to send to localhost **127.0.0.1**, [Link](https://community.rsa.com/docs/DOC-77156). +10. Monitor the outgoing traffic to the remote syslog server with the commands: + * To monitor all traffic + ``` + tcpdump -nvv -i eth0 port 514 + ``` + * To monitor more targeted traffic on port 514: + ``` + tcpdump -nvv -i eth0 "dst host n.n.n.n and dst port 514" + ``` +11. When the configuration is completed on the primary server, repeat steps 1 through 9 on each replica server in your deployment. Be sure to complete the tasks on one server before moving to another server. + +* To configure RSA Authentication Manager 8.4 or later to send data to remote syslog servers, refer to the full documentation provided by [RSA](https://community.rsa.com/t5/securid-knowledge-base/how-to-configure-rsa-authentication-manager-8-4-or-later-to-send/ta-p/2823). + +* To configure RSA Authentication Manager 8.1, 8.2, 8.3 to send data to remote syslog servers, refer to the full documentation provided by [RSA](https://community.rsa.com/t5/securid-knowledge-base/how-to-configure-rsa-authentication-manager-8-1-8-2-8-3-to-send/ta-p/2525). + +## Collect Events from Vendor +In order to use the collector, use the [Broker VM](#broker-vm) option. + +### Broker VM +To create or configure the Broker VM, use the information described [here](https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Configure-the-Broker-VM). + +You can configure the specific vendor and product for this instance. + +1. Navigate to **Settings** → **Configuration** → **Data Broker** → **Broker VMs**. +2. Go to the **Apps** column under the **Brokers** tab and add the **Syslog Collector** app for the relevant broker instance. If the app already exists, hover over it and click **Configure**. +3. Click **Add New** for adding a new syslog data source. +4. When configuring the new syslog data source, set the following values: + | Parameter | Value + | :--- | :--- + | `Vendor` | Enter **RSA**. + | `Product` | Enter **SecureID**. + + \ No newline at end of file diff --git a/Packs/RSASecureID/pack_metadata.json b/Packs/RSASecureID/pack_metadata.json new file mode 100644 index 000000000000..98c33cf4f9f5 --- /dev/null +++ b/Packs/RSASecureID/pack_metadata.json @@ -0,0 +1,18 @@ +{ + "name": "RSA SecureID", + "description": " RSA SecureID is an MFA technology designed to increase security for network resources and help organizations maintain compliance.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "Analytics & SIEM" + ], + "tags": [], + "useCases": [], + "keywords": [], + "marketplaces": [ + "marketplacev2" + ] +} \ No newline at end of file From 91e3c76b2adb3d40990219619d2b80f6cfff4695 Mon Sep 17 00:00:00 2001 From: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Date: Mon, 11 Dec 2023 20:57:15 +0200 Subject: [PATCH 08/50] Update "malware investigation and response" and cortex xdr image path (#31403) * updated path to image * Updated the pic for cortex xdr --- Packs/CortexXDR/README.md | 2 +- Packs/MalwareInvestigationAndResponse/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Packs/CortexXDR/README.md b/Packs/CortexXDR/README.md index ca9e01144720..31922868229c 100644 --- a/Packs/CortexXDR/README.md +++ b/Packs/CortexXDR/README.md @@ -17,4 +17,4 @@ As part of this pack, you will also get out-of-the-box Cortex XDR incident type _For more information, visit our [Cortex XSOAR Developer Docs](https://xsoar.pan.dev/docs/reference/packs/palo-alto-networks-cortex-xdr---investigation-and-response)_ -![Cortex XDR Lite - Incident Handling](../doc_files/Cortex_XDR_Lite_-_Incident_Handling.png) +![Cortex XDR Lite - Incident Handling](https://raw.githubusercontent.com/demisto/content/master/Packs/CortexXDR/doc_files/Cortex_XDR_Lite_-_Incident_Handling.png) diff --git a/Packs/MalwareInvestigationAndResponse/README.md b/Packs/MalwareInvestigationAndResponse/README.md index 3225ab485e95..db0bae9f0e10 100644 --- a/Packs/MalwareInvestigationAndResponse/README.md +++ b/Packs/MalwareInvestigationAndResponse/README.md @@ -23,7 +23,7 @@ The pack closely maps evidence to MITRE ATT&CK to uncover evidence of: * Supports fetching malware incidents either from the EDR product or from a SIEM solution. * Supports account information enrichment. -![Malware Investigation & Response Incident layout](https://github.com/demisto/content/raw/515f1705ecd1f769fe0ae63e4fcb8066db4d267b/Packs/MalwareInvestigationAndResponse/doc_files/Malware_Investigation_%26_Response_layout.png) +![Malware Investigation & Response Incident layout](https://raw.githubusercontent.com/demisto/content/master/Packs/MalwareInvestigationAndResponse/doc_files/Malware_Investigation_%26_Response_layout.png) ## Getting Started / How to Set up the Pack From 7f7b4e934814b8fcc8e17e8ff13201d5fdd9846a Mon Sep 17 00:00:00 2001 From: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Date: Mon, 11 Dec 2023 21:08:13 +0200 Subject: [PATCH 09/50] [Qradar] - add timeout param, update test-module and implement retry for connection errors (#31339) * add qradar timeout param * add timeout to client * add docs and bump rn * fixes * refactor test-module * retry for http_request * fixes * elif * rn and docker image * rn * bump rn * update docker * logger * add fetch-interval and set default to 10 * README.md * readme and udpates * rn * arg to number * update docker-image * ut * fix uts --- .../Integrations/QRadar_v3/QRadar_v3.py | 76 +++++++++---------- .../Integrations/QRadar_v3/QRadar_v3.yml | 20 ++++- .../Integrations/QRadar_v3/QRadar_v3_test.py | 29 ++++++- Packs/QRadar/Integrations/QRadar_v3/README.md | 5 +- Packs/QRadar/ReleaseNotes/2_4_45.md | 11 +++ Packs/QRadar/pack_metadata.json | 2 +- 6 files changed, 98 insertions(+), 45 deletions(-) create mode 100644 Packs/QRadar/ReleaseNotes/2_4_45.md diff --git a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.py b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.py index b31d47f8e093..937716e77953 100644 --- a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.py +++ b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.py @@ -16,7 +16,7 @@ ''' ADVANCED GLOBAL PARAMETERS ''' FAILURE_SLEEP = 20 # sleep between consecutive failures events fetch -FETCH_SLEEP = 60 # sleep between fetches +FETCH_SLEEP = arg_to_number(demisto.params().get("fetch_interval")) or 60 # sleep between fetches BATCH_SIZE = 100 # batch size used for offense ip enrichment OFF_ENRCH_LIMIT = BATCH_SIZE * 10 # max amount of IPs to enrich per offense MAX_WORKERS = 8 # max concurrent workers used for events enriching @@ -36,6 +36,9 @@ EVENTS_SEARCH_TRIES = 3 # number of retries for creating a new search EVENTS_POLLING_TRIES = 10 # number of retries for events polling EVENTS_SEARCH_RETRY_SECONDS = 100 # seconds between retries to create a new search +CONNECTION_ERRORS_RETRIES = 5 # num of times to retry in case of connection-errors +CONNECTION_ERRORS_INTERVAL = 1 # num of seconds between each time to send an http-request in case of a connection error. + ADVANCED_PARAMETERS_STRING_NAMES = [ 'DOMAIN_ENRCH_FLG', @@ -359,7 +362,9 @@ class QueryStatus(str, Enum): class Client(BaseClient): - def __init__(self, server: str, verify: bool, proxy: bool, api_version: str, credentials: dict): + def __init__( + self, server: str, verify: bool, proxy: bool, api_version: str, credentials: dict, timeout: Optional[int] = None + ): username = credentials.get('identifier') password = credentials.get('password') if username == API_USERNAME: @@ -370,6 +375,7 @@ def __init__(self, server: str, verify: bool, proxy: bool, api_version: str, cre self.base_headers = {'Version': api_version} base_url = urljoin(server, '/api') super().__init__(base_url=base_url, verify=verify, proxy=proxy, auth=auth) + self.timeout = timeout # type: ignore[assignment] self.password = password self.server = server @@ -377,16 +383,30 @@ def http_request(self, method: str, url_suffix: str, params: Optional[dict] = No json_data: Optional[dict] = None, additional_headers: Optional[dict] = None, timeout: Optional[int] = None, resp_type: str = 'json'): headers = {**additional_headers, **self.base_headers} if additional_headers else self.base_headers - return self._http_request( - method=method, - url_suffix=url_suffix, - params=params, - json_data=json_data, - headers=headers, - error_handler=self.qradar_error_handler, - timeout=timeout, - resp_type=resp_type - ) + for _time in range(1, CONNECTION_ERRORS_RETRIES + 1): + try: + return self._http_request( + method=method, + url_suffix=url_suffix, + params=params, + json_data=json_data, + headers=headers, + error_handler=self.qradar_error_handler, + timeout=timeout or self.timeout, + resp_type=resp_type + ) + except (DemistoException, requests.ReadTimeout) as error: + demisto.error(f'Error {error} in time {_time}') + if ( + isinstance( + error, DemistoException + ) and not isinstance( + error.exception, requests.ConnectionError) or _time == CONNECTION_ERRORS_RETRIES + ): + raise + else: + time.sleep(CONNECTION_ERRORS_INTERVAL) # pylint: disable=sleep-exists + return None @staticmethod def qradar_error_handler(res: requests.Response): @@ -1734,38 +1754,13 @@ def test_module_command(client: Client, params: dict) -> str: - (str): 'ok' if test passed - raises DemistoException if something had failed the test. """ - global EVENTS_SEARCH_TRIES, EVENTS_POLLING_TRIES - EVENTS_SEARCH_TRIES = 1 - EVENTS_POLLING_TRIES = 1 try: ctx = get_integration_context() print_context_data_stats(ctx, "Test Module") is_long_running = params.get('longRunning') - mirror_options = params.get('mirror_options', DEFAULT_MIRRORING_DIRECTION) - mirror_direction = MIRROR_DIRECTION.get(mirror_options) - if is_long_running: validate_long_running_params(params) - ip_enrich, asset_enrich = get_offense_enrichment(params.get('enrichment', 'IPs And Assets')) - # Try to retrieve the last successfully retrieved offense - last_highest_id = max(ctx.get(LAST_FETCH_KEY, 0) - 1, 0) - get_incidents_long_running_execution( - client=client, - offenses_per_fetch=1, - user_query=params.get('query', ''), - fetch_mode=params.get('fetch_mode', ''), - events_columns=params.get('events_columns') or DEFAULT_EVENTS_COLUMNS, - events_limit=0, - ip_enrich=ip_enrich, - asset_enrich=asset_enrich, - last_highest_id=last_highest_id, - incident_type=params.get('incident_type'), - mirror_direction=mirror_direction, - first_fetch=params.get('first_fetch', '3 days'), - mirror_options=params.get('mirror_options', '') - ) - else: - client.offenses_list(range_="items=0-0") + client.offenses_list(range_="items=0-0") message = 'ok' except DemistoException as e: err_msg = str(e) @@ -4211,6 +4206,7 @@ def main() -> None: # pragma: no cover if api_version and float(api_version) < MINIMUM_API_VERSION: raise DemistoException(f'API version cannot be lower than {MINIMUM_API_VERSION}') credentials = params.get('credentials') + timeout = arg_to_number(params.get("timeout")) try: @@ -4219,7 +4215,9 @@ def main() -> None: # pragma: no cover verify=verify_certificate, proxy=proxy, api_version=api_version, - credentials=credentials) + credentials=credentials, + timeout=timeout + ) # All command names with or are for supporting QRadar v2 command names for backward compatibility if command == 'test-module': validate_integration_context() diff --git a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.yml b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.yml index 100f54650d4f..6559c6f5c655 100644 --- a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.yml +++ b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.yml @@ -69,7 +69,7 @@ configuration: name: offenses_per_fetch type: 0 additionalinfo: In case of mirroring with events, this value will be used for mirroring API calls as well, and it is advised to have a small value. - defaultvalue: '20' + defaultvalue: '10' section: Collect advanced: true required: false @@ -153,6 +153,22 @@ configuration: section: Connect advanced: true required: false +- defaultvalue: '60' + display: "Timeout for http-requests" + name: timeout + additionalinfo: The timeout of the HTTP requests sent to the Qradar API (in seconds). If no value is provided, the timeout will be set to 60 seconds. + type: 0 + section: Collect + advanced: true + required: false +- defaultvalue: '60' + display: "Fetch Incidents Interval" + name: fetch_interval + additionalinfo: The fetch interval between before each fetch-incidents execution (seconds). + type: 0 + section: Collect + advanced: true + required: false script: commands: - name: qradar-offenses-list @@ -2539,7 +2555,7 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/python3:3.10.13.82076 + dockerimage: demisto/python3:3.10.13.83255 isremotesyncin: true longRunning: true isFetchSamples: true diff --git a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3_test.py b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3_test.py index 6e45ed8657c4..5e65bdf5a695 100644 --- a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3_test.py +++ b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3_test.py @@ -5,6 +5,8 @@ from datetime import datetime from collections.abc import Callable import copy + +import requests from requests.exceptions import ReadTimeout import QRadar_v3 # import module separately for mocker @@ -114,6 +116,30 @@ def test_get_optional_time_parameter_valid_time_argument(arg, iso_format, epoch_ assert (get_time_parameter(arg, iso_format=iso_format, epoch_format=epoch_format)) == expected +def test_connection_errors_recovers(mocker): + """ + Given: + - Connection Error, ReadTimeout error and a success response + + When: + - running the http_request method + + Then: + - Ensure that success message is printed and recovery for http request happens. + """ + mocker.patch.object(demisto, "error") + mocker.patch.object( + client, + "_http_request", + side_effect=[ + DemistoException(message="error", exception=requests.ConnectionError("error")), + requests.ReadTimeout("error"), + "success" + ] + ) + assert client.http_request(method="GET", url_suffix="url") == "success" + + @pytest.mark.parametrize('dict_key, inner_keys, expected', [('continent', ['name'], {'ContinentName': 'NorthAmerica'}), ('city', ['name'], {'CityName': 'Mukilteo'}), @@ -358,7 +384,7 @@ def test_create_single_asset_for_offense_enrichment(): None, ([], QueryStatus.ERROR.value)) ]) -def test_poll_offense_events_with_retry(requests_mock, status_exception, status_response, results_response, search_id, +def test_poll_offense_events_with_retry(mocker, requests_mock, status_exception, status_response, results_response, search_id, expected): """ Given: @@ -373,6 +399,7 @@ def test_poll_offense_events_with_retry(requests_mock, status_exception, status_ - Case a: Ensure that expected events are returned. - Case b: Ensure that None is returned. """ + mocker.patch.object(demisto, "error") context_data = {MIRRORED_OFFENSES_QUERIED_CTX_KEY: {}, MIRRORED_OFFENSES_FINISHED_CTX_KEY: {}} set_integration_context(context_data) diff --git a/Packs/QRadar/Integrations/QRadar_v3/README.md b/Packs/QRadar/Integrations/QRadar_v3/README.md index d261a53c52ea..d7078e2f073c 100644 --- a/Packs/QRadar/Integrations/QRadar_v3/README.md +++ b/Packs/QRadar/Integrations/QRadar_v3/README.md @@ -8,7 +8,7 @@ This integration was integrated and tested with version 14-20 of QRadar v3 3. Click **Add instance** to create and configure a new integration instance. | **Parameter** | **Description** | **Required** | - | --- | --- | --- | + | --- | -- | --- | | Server URL | \(e.g., https://1.1.1.1\) | True | | Username | | True | | Password | | True | @@ -28,7 +28,8 @@ This integration was integrated and tested with version 14-20 of QRadar v3 | Advanced Parameters | Comma-separated configuration for advanced parameter values. E.g., EVENTS_INTERVAL_SECS=20,FETCH_SLEEP=5 | False | | Trust any certificate (not secure) | | False | | Use system proxy settings | | False | - + | Timeout for http-requests | The timeout of the HTTP requests sent to the Qradar API (in seconds). If no value is provided, the timeout will be set to 60 seconds. | False | + | Fetch Incidents Interval | The fetch interval between before each fetch-incidents execution. (seconds) | False | 4. Click **Test** to validate the URLs, token, and connection. ## Required Permissions diff --git a/Packs/QRadar/ReleaseNotes/2_4_45.md b/Packs/QRadar/ReleaseNotes/2_4_45.md new file mode 100644 index 000000000000..613b74f63309 --- /dev/null +++ b/Packs/QRadar/ReleaseNotes/2_4_45.md @@ -0,0 +1,11 @@ + +#### Integrations + +##### IBM QRadar v3 + +- Added the **Timeout for http-requests** integration parameter to avoid read timeouts from Qradar api (seconds). +- Added the **Fetch Incidents Interval** integration parameter to configure the **fetch-incidents** interval (seconds). +- Fixed an issue where the test of the integration reached into timeouts. +- Added support to recover from connection errors in all Qradar commands. +- Updated the default value of the **Number of offenses to pull per API call** integration parameter to 10. +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/QRadar/pack_metadata.json b/Packs/QRadar/pack_metadata.json index 81ced7b9880a..0db856f45be6 100644 --- a/Packs/QRadar/pack_metadata.json +++ b/Packs/QRadar/pack_metadata.json @@ -2,7 +2,7 @@ "name": "IBM QRadar", "description": "Fetch offenses as incidents and search QRadar", "support": "xsoar", - "currentVersion": "2.4.44", + "currentVersion": "2.4.45", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From f8030a9f4c0176d2b5483fa030b76af32f0f560d Mon Sep 17 00:00:00 2001 From: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Date: Tue, 12 Dec 2023 09:22:21 +0200 Subject: [PATCH 10/50] [AWS Athena] Move From Beta to GA (#30694) * Remove beta marks * Structural improvements * Validation fixes * Update code * Add release notes * Update `defaultRegion` param * Fixes * Update context output for the `aws-athena-get-query-results` command * Update output context keys * Minor fixes * Add `query_execution_id` field to results * Fix `aws-athena-get-query-execution`'s context output * Update AWS regions * Minor improvements & add unit-tests * Format YAML & bump Docker version * Update release notes with BC message * Context fixes * Delete test-playbook * Disable test-playbook * Release notes improvements * Fix test-module * Change version bump to major * Add safe code to `parse_rows_response` * Update unit-test following previous context fix * Fix tests key on YAML * Fixes & improvements * Revert breaking changes * Update context output to `Query` * Fix required param * Fixes * Add polling support for `aws-athena-get-query-results` * Bump Docker * Add missing polling parameters * Add a `QueryLimit` parameter to the `aws-athena-start-query` command * Add output fields to `aws-athena-get-query-execution` * Move polling functionality to `aws-athena-get-query-execution` * Change output of `aws-athena-start-query` to match `aws-athena-get-query-execution` * Fix validation errors * Address core-review requested changes * Fix polling condition * Remove polling from `aws-athena-get-query-execution` command * Add new `aws-athena-execute-query` polling command * Bump Docker version * Minor fixes * Update README * Update unit-tests * Bump Docker version * Update `aws-athena-execute-query` command description * Add `aws-athena-execute-query` command to release notes * Code review fixes * Update Docker version * Fix output of `aws-athena-start-query` to `Query.Query` key instead of `Query.QueryString` * Fix unit-test --- .../Integrations/AWS-Athena/AWS-Athena.py | 507 ++++--- .../Integrations/AWS-Athena/AWS-Athena.yml | 345 ++++- .../AWS-Athena/AWS-Athena_description.md | 2 - .../AWS-Athena/AWS-Athena_test.py | 111 ++ .../Integrations/AWS-Athena/README.md | 232 ++++ .../get_query_execution_command.json | 36 + .../get_query_results_command.json | 272 ++++ .../expected_context/start_query_command.json | 4 + .../expected_hr/get_query_results_command.txt | 13 + .../raw_data_mock/get_query_execution.json | 50 + .../raw_data_mock/get_query_results.json | 1222 +++++++++++++++++ .../raw_data_mock/start_query_execution.json | 15 + Packs/AWS-Athena/ReleaseNotes/2_0_0.json | 4 + Packs/AWS-Athena/ReleaseNotes/2_0_0.md | 13 + .../playbook-AWS-Athena-Beta.yml | 91 -- Packs/AWS-Athena/pack_metadata.json | 4 +- 16 files changed, 2573 insertions(+), 348 deletions(-) create mode 100644 Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena_test.py create mode 100644 Packs/AWS-Athena/Integrations/AWS-Athena/README.md create mode 100644 Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/get_query_execution_command.json create mode 100644 Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/get_query_results_command.json create mode 100644 Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/start_query_command.json create mode 100644 Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_hr/get_query_results_command.txt create mode 100644 Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/get_query_execution.json create mode 100644 Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/get_query_results.json create mode 100644 Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/start_query_execution.json create mode 100644 Packs/AWS-Athena/ReleaseNotes/2_0_0.json create mode 100644 Packs/AWS-Athena/ReleaseNotes/2_0_0.md delete mode 100644 Packs/AWS-Athena/TestPlaybooks/playbook-AWS-Athena-Beta.yml diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena.py b/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena.py index ec21dfb74a2e..2c949cde2124 100644 --- a/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena.py +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena.py @@ -1,248 +1,303 @@ import demistomock as demisto from CommonServerPython import * from CommonServerUserPython import * -import boto3 -import json -from datetime import datetime, date -from botocore.config import Config -from botocore.parsers import ResponseParserError -import urllib3.util - -# Disable insecure warnings -urllib3.disable_warnings() - -"""PARAMETERS""" -AWS_DEFAULT_REGION = demisto.params().get('defaultRegion') -AWS_ROLE_ARN = demisto.params().get('roleArn') -AWS_ROLE_SESSION_NAME = demisto.params().get('roleSessionName') -AWS_ROLE_SESSION_DURATION = demisto.params().get('sessionDuration') -AWS_ROLE_POLICY = None -AWS_ACCESS_KEY_ID = demisto.params().get('credentials', {}).get('identifier') or demisto.params().get('access_key') -AWS_SECRET_ACCESS_KEY = demisto.params().get('credentials', {}).get('password') or demisto.params().get('secret_key') -VERIFY_CERTIFICATE = not demisto.params().get('insecure', True) -proxies = handle_proxy(proxy_param_name='proxy', checkbox_default_value=False) -config = Config( - connect_timeout=1, - retries=dict( - max_attempts=5 - ), - proxies=proxies -) +from datetime import datetime + +AWS_SERVICE_NAME = 'athena' +QUERY_DATA_OUTPUTS_KEY = 'Query' +QUERY_RESULTS_OUTPUTS_KEY = 'QueryResults' + + +def parse_rows_response(rows_data: list[dict]) -> list[dict]: + """ + Parse and arrange the 'Rows' data from the response. + + Args: + rows_data (list[dict]): The 'Rows' data from the response. + + Note: + The 'Rows' data is returned in a table format, where each item in the list is a row. + Example for such a response can be seen on 'test_data/raw_data_mock/get_query_results.json' + + Returns: + list[dict]: The data in a parsed and arranged format. + """ + if not rows_data or not rows_data[0].get('Data'): + return [] + + keys: list[str] = [item['VarCharValue'] for item in rows_data[0]['Data']] + raw_results = [item['Data'] for item in rows_data[1:]] + result_data = [] + + for raw_result in raw_results: + current_item_data = {} + + for idx, value in enumerate(raw_result): + if 'VarCharValue' in value: + current_item_data[keys[idx]] = value['VarCharValue'] + + result_data.append(current_item_data) + + return result_data + + +# --- API Call Functions --- # + + +def start_query_execution(client, query_string: str, query_limit: int | None = None, client_request_token: str | None = None, + database: str | None = None, output_location: str | None = None, encryption_option: str | None = None, + kms_key: str | None = None, work_group: str | None = None) -> dict: + if query_limit and 'LIMIT' not in query_string: + query_string = f'{query_string} LIMIT {query_limit}' + + kwargs: dict[str, Any] = {'QueryString': query_string} + + if client_request_token: + kwargs.update({'ClientRequestToken': client_request_token}) + + if database: + kwargs.update({'QueryExecutionContext': {'Database': database}}) + + if output_location: + kwargs.update({'ResultConfiguration': {'OutputLocation': output_location}}) + + if encryption_option: + kwargs.update({'ResultConfiguration': {'EncryptionConfiguration': {'EncryptionOption': encryption_option}}}) + + if kms_key: + kwargs.update({'ResultConfiguration': {'EncryptionConfiguration': {'KmsKey': kms_key}}}) + + if work_group: + kwargs.update({'WorkGroup': work_group}) + + return client.start_query_execution(**kwargs) + + +def get_query_execution(client, query_execution_id: str) -> dict: + response = client.get_query_execution(QueryExecutionId=query_execution_id) + + # Convert datetime objects to strings + if ((datetime_value := response.get('QueryExecution', {}).get('Status', {}).get('SubmissionDateTime')) + and isinstance(datetime_value, datetime)): + response['QueryExecution']['Status']['SubmissionDateTime'] = datetime_value.isoformat() + + if ((datetime_value := response.get('QueryExecution', {}).get('Status', {}).get('CompletionDateTime')) + and isinstance(datetime_value, datetime)): + response['QueryExecution']['Status']['CompletionDateTime'] = datetime_value.isoformat() + + return response['QueryExecution'] + + +def get_query_results(client, query_execution_id: str) -> list[dict]: + raw_response = client.get_query_results(QueryExecutionId=query_execution_id) + parsed_response = parse_rows_response(rows_data=raw_response['ResultSet']['Rows']) + + for result_item in parsed_response: + result_item['query_execution_id'] = query_execution_id + + return parsed_response + + +# --- Command Functions --- # + + +def module_test_command(client) -> str | CommandResults: + response = client.list_named_queries() + if response['ResponseMetadata']['HTTPStatusCode'] == 200: + return 'ok' -"""HELPER FUNCTIONS""" - - -class DatetimeEncoder(json.JSONEncoder): - # pylint: disable=method-hidden - def default(self, obj): - if isinstance(obj, datetime): - return obj.strftime('%Y-%m-%dT%H:%M:%S') - elif isinstance(obj, date): - return obj.strftime('%Y-%m-%d') - # Let the base class default method raise the TypeError - return json.JSONEncoder.default(self, obj) - - -def aws_session(service='athena', region=None, roleArn=None, roleSessionName=None, roleSessionDuration=None, - rolePolicy=None): - kwargs = {} - if roleArn and roleSessionName is not None: - kwargs.update({ - 'RoleArn': roleArn, - 'RoleSessionName': roleSessionName, - }) - elif AWS_ROLE_ARN and AWS_ROLE_SESSION_NAME is not None: - kwargs.update({ - 'RoleArn': AWS_ROLE_ARN, - 'RoleSessionName': AWS_ROLE_SESSION_NAME, - }) - - if roleSessionDuration is not None: - kwargs.update({'DurationSeconds': int(roleSessionDuration)}) - elif AWS_ROLE_SESSION_DURATION is not None: - kwargs.update({'DurationSeconds': int(AWS_ROLE_SESSION_DURATION)}) - - if rolePolicy is not None: - kwargs.update({'Policy': rolePolicy}) - elif AWS_ROLE_POLICY is not None: - kwargs.update({'Policy': AWS_ROLE_POLICY}) - if kwargs and not AWS_ACCESS_KEY_ID: - - if not AWS_ACCESS_KEY_ID: - sts_client = boto3.client('sts', config=config, verify=VERIFY_CERTIFICATE, - region_name=AWS_DEFAULT_REGION) - sts_response = sts_client.assume_role(**kwargs) - if region is not None: - client = boto3.client( - service_name=service, - region_name=region, - aws_access_key_id=sts_response['Credentials']['AccessKeyId'], - aws_secret_access_key=sts_response['Credentials']['SecretAccessKey'], - aws_session_token=sts_response['Credentials']['SessionToken'], - verify=VERIFY_CERTIFICATE, - config=config - ) - else: - client = boto3.client( - service_name=service, - region_name=AWS_DEFAULT_REGION, - aws_access_key_id=sts_response['Credentials']['AccessKeyId'], - aws_secret_access_key=sts_response['Credentials']['SecretAccessKey'], - aws_session_token=sts_response['Credentials']['SessionToken'], - verify=VERIFY_CERTIFICATE, - config=config - ) - elif AWS_ACCESS_KEY_ID and AWS_ROLE_ARN: - sts_client = boto3.client( - service_name='sts', - aws_access_key_id=AWS_ACCESS_KEY_ID, - aws_secret_access_key=AWS_SECRET_ACCESS_KEY, - verify=VERIFY_CERTIFICATE, - config=config - ) - kwargs.update({ - 'RoleArn': AWS_ROLE_ARN, - 'RoleSessionName': AWS_ROLE_SESSION_NAME, - }) - sts_response = sts_client.assume_role(**kwargs) - client = boto3.client( - service_name=service, - region_name=AWS_DEFAULT_REGION, - aws_access_key_id=sts_response['Credentials']['AccessKeyId'], - aws_secret_access_key=sts_response['Credentials']['SecretAccessKey'], - aws_session_token=sts_response['Credentials']['SessionToken'], - verify=VERIFY_CERTIFICATE, - config=config - ) else: - if region is not None: - client = boto3.client( - service_name=service, - region_name=region, - aws_access_key_id=AWS_ACCESS_KEY_ID, - aws_secret_access_key=AWS_SECRET_ACCESS_KEY, - verify=VERIFY_CERTIFICATE, - config=config - ) - else: - client = boto3.client( - service_name=service, - region_name=AWS_DEFAULT_REGION, - aws_access_key_id=AWS_ACCESS_KEY_ID, - aws_secret_access_key=AWS_SECRET_ACCESS_KEY, - verify=VERIFY_CERTIFICATE, - config=config - ) - - return client - - -def start_query_execution_command(args): - client = aws_session( - region=args.get('region'), - roleArn=args.get('roleArn'), - roleSessionName=args.get('roleSessionName'), - roleSessionDuration=args.get('roleSessionDuration'), - ) - data = [] - kwargs = {'QueryString': args.get('QueryString')} - if args.get('ClientRequestToken') is not None: - kwargs.update({'ClientRequestToken': args.get('ClientRequestToken')}) - if args.get('Database') is not None: - kwargs.update({'QueryExecutionContext': {'Database': args.get('Database')}}) - if args.get('OutputLocation') is not None: - kwargs.update({'ResultConfiguration': {'OutputLocation': args.get('OutputLocation')}}) - if args.get('EncryptionOption') is not None: - kwargs.update({'ResultConfiguration': {'EncryptionConfiguration': {'EncryptionOption': args.get('EncryptionOption')}}}) - if args.get('KmsKey') is not None: - kwargs.update({'ResultConfiguration': {'EncryptionConfiguration': {'KmsKey': args.get('KmsKey')}}}) - if args.get('WorkGroup') is not None: - kwargs.update({'WorkGroup': args.get('WorkGroup')}) - - response = client.start_query_execution(**kwargs) - - data.append({ - 'QueryString': args.get('QueryString'), + raise DemistoException(f'Error: {response}') + + +def start_query_command(args: dict, client): + query_string: str = args['QueryString'] + + response = start_query_execution(client=client, query_string=query_string, query_limit=args.get('QueryLimit'), + client_request_token=args.get('ClientRequestToken'), database=args.get('Database'), + output_location=args.get('OutputLocation'), encryption_option=args.get('EncryptionOption'), + kms_key=args.get('KmsKey'), work_group=args.get('WorkGroup')) + + context_data = { + 'Query': query_string, 'QueryExecutionId': response['QueryExecutionId'] - }) - ec = {'AWS.Athena.Query': data} - human_readable = tableToMarkdown('AWS Athena Query', data) - return_outputs(human_readable, ec) - - -def stop_query_command(args): - client = aws_session( - region=args.get('region'), - roleArn=args.get('roleArn'), - roleSessionName=args.get('roleSessionName'), - roleSessionDuration=args.get('roleSessionDuration'), + } + + return CommandResults( + outputs_prefix=f'AWS.Athena.{QUERY_DATA_OUTPUTS_KEY}', + outputs_key_field='QueryExecutionId', + outputs=context_data, + raw_response=response, + readable_output=tableToMarkdown('AWS Athena Query Start', context_data), ) - response = client.stop_query_execution(QueryExecutionId=args.get('QueryExecutionId')) - if response['ResponseMetadata']['HTTPStatusCode'] == 200: - demisto.results("The Query {query} was Deleted ".format(query=args.get('QueryExecutionId'))) +def stop_query_command(args: dict, client): + query_execution_id: str = args['QueryExecutionId'] + response = client.stop_query_execution(QueryExecutionId=query_execution_id) + + if response.get('ResponseMetadata', {}).get('HTTPStatusCode') == 200: + return CommandResults(readable_output=f"Query '{query_execution_id}' has been successfully stopped.") -def get_query_execution_command(args): - client = aws_session( - region=args.get('region'), - roleArn=args.get('roleArn'), - roleSessionName=args.get('roleSessionName'), - roleSessionDuration=args.get('roleSessionDuration'), + else: + demisto.debug("Response:\n" + str(response)) + raise DemistoException(f"Failed to stop query '{query_execution_id}'.") + + +def get_query_execution_command(args: dict, client): + query_execution_id: str = args['QueryExecutionId'] + response = get_query_execution(client=client, query_execution_id=query_execution_id) + + return CommandResults( + outputs_prefix=f'AWS.Athena.{QUERY_DATA_OUTPUTS_KEY}', + outputs_key_field='QueryExecutionId', + outputs=response, + raw_response=response, + readable_output=tableToMarkdown('AWS Athena Query Execution', response), ) - kwargs = {'QueryExecutionId': args.get('QueryExecutionId')} - response = client.get_query_execution(**kwargs) - try: - raw = json.loads(json.dumps(response, cls=DatetimeEncoder)) - except ValueError as e: - return_error('Could not decode/encode the raw response - {err_msg}'.format(err_msg=e)) - ec = {'AWS.Athena.Query(val.QueryExecutionId === obj.QueryExecutionId)': raw} - human_readable = tableToMarkdown('AWS Athena Query', raw) - return_outputs(human_readable, ec) - - -def get_query_results_command(args): - client = aws_session( - region=args.get('region'), - roleArn=args.get('roleArn'), - roleSessionName=args.get('roleSessionName'), - roleSessionDuration=args.get('roleSessionDuration'), + + +def get_query_results_command(args: dict, client): + query_execution_id: str = args['QueryExecutionId'] + response = get_query_results(client=client, query_execution_id=query_execution_id) + + return CommandResults( + outputs_prefix=f'AWS.Athena.{QUERY_RESULTS_OUTPUTS_KEY}', + outputs=response, + raw_response=response, + readable_output=tableToMarkdown('AWS Athena Query Results', response), ) - kwargs = {'QueryExecutionId': args.get('QueryExecutionId')} - response = client.get_query_results(**kwargs) - ec = {'AWS.Athena.Query(val.QueryExecutionId === obj.QueryExecutionId)': response} - human_readable = tableToMarkdown('AWS Athena Query', response) - return_outputs(human_readable, ec) -"""COMMAND BLOCK""" -try: - LOG('Command being called is {command}'.format(command=demisto.command())) - if demisto.command() == 'test-module': - client = aws_session() - response = client.list_named_queries() - if response['ResponseMetadata']['HTTPStatusCode'] == 200: - demisto.results('ok') +@polling_function( + name=demisto.command(), + interval=arg_to_number(demisto.args().get('interval_in_seconds', 10)), + timeout=arg_to_number(demisto.args().get('timeout_in_seconds', 300)), + requires_polling_arg=False, +) +def execute_query_command(args: dict, client): + if 'QueryExecutionId' not in args: + start_query_response = start_query_execution(client=client, query_string=args['QueryString'], + query_limit=args.get('QueryLimit'), + client_request_token=args.get('ClientRequestToken'), + database=args.get('Database'), + output_location=args.get('OutputLocation'), + encryption_option=args.get('EncryptionOption'), + kms_key=args.get('KmsKey'), work_group=args.get('WorkGroup')) + query_execution_id = start_query_response['QueryExecutionId'] + + # If this is the first polling iteration, wait a second to allow the query to complete. + # This saves time for most cases where waiting for the next poll (with a minimum of 10 seconds) is not necessary. + time.sleep(1) + + else: + query_execution_id = args['QueryExecutionId'] + + query_execution_response = get_query_execution(client=client, query_execution_id=query_execution_id) + query_state = query_execution_response['Status']['State'] + + if query_state in ("QUEUED", "RUNNING"): + args["QueryExecutionId"] = query_execution_id + + return PollResult( + response=None, + continue_to_poll=True, + args_for_next_run=args, + partial_result=CommandResults(readable_output=f"Query is still running. Current state: '{query_state}'."), + ) - elif demisto.command() == 'aws-athena-start-query': - start_query_execution_command(demisto.args()) + output_data: dict[str, Any] = {QUERY_DATA_OUTPUTS_KEY: query_execution_response} + readable_output = None - elif demisto.command() == 'aws-athena-stop-query': - stop_query_command(demisto.args()) + if query_state == "SUCCEEDED": + query_results_response = get_query_results(client=client, query_execution_id=query_execution_id) + output_data[QUERY_RESULTS_OUTPUTS_KEY] = query_results_response + readable_output = tableToMarkdown('AWS Athena Query Results', query_results_response) + + elif query_state == "CANCELLED": + readable_output = f"Query '{query_execution_id}' has been cancelled." + + elif query_state == "FAILED": + readable_output = f"Query '{query_execution_id}' has failed." + + if query_execution_response['QueryExecution']['Status'].get('AthenaError', {}).get('ErrorMessage'): + error_message = query_execution_response['QueryExecution']['Status']['AthenaError']['ErrorMessage'] + readable_output += f"\nError: {error_message}" + + return PollResult( + response=CommandResults( + outputs_prefix='AWS.Athena', + outputs=output_data, + raw_response=output_data, + readable_output=readable_output, + ), + continue_to_poll=False, + ) + + +def main(): # pragma: no cover + params = demisto.params() + args = demisto.args() + command = demisto.command() + + aws_role_arn = params.get('roleArn') + aws_role_session_name = params.get('roleSessionName') + aws_default_region = params.get('defaultRegion') + aws_role_session_duration = params.get('sessionDuration') + aws_access_key_id = demisto.get(params, 'credentials.identifier') or params.get('access_key') + aws_secret_access_key = demisto.get(params, 'credentials.password') or params.get('secret_key') + verify_certificate = not params.get('insecure', True) + timeout = params.get('timeout') + retries = params.get('retries', 5) + + try: + demisto.debug(f"Command being called is '{command}'.") + + aws_client = AWSClient(aws_default_region=aws_default_region, aws_role_arn=aws_role_arn, + aws_role_session_name=aws_role_session_name, aws_role_session_duration=aws_role_session_duration, + aws_role_policy=None, aws_access_key_id=aws_access_key_id, + aws_secret_access_key=aws_secret_access_key, + verify_certificate=verify_certificate, timeout=timeout, retries=retries) + + client = aws_client.aws_session( + service=AWS_SERVICE_NAME, + region=args.get('region'), + role_arn=args.get('roleArn'), + role_session_name=args.get('roleSessionName'), + role_session_duration=args.get('roleSessionDuration'), + ) + + result: str | CommandResults + + if command == 'test-module': + result = module_test_command(client) + + elif command == 'aws-athena-start-query': + result = start_query_command(args=args, client=client) + + elif command == 'aws-athena-stop-query': + result = stop_query_command(args=args, client=client) + + elif command == 'aws-athena-get-query-execution': + result = get_query_execution_command(args=args, client=client) + + elif command == 'aws-athena-get-query-results': + result = get_query_results_command(args=args, client=client) + + elif command == 'aws-athena-execute-query': + result = execute_query_command(args=args, client=client) + + else: + raise NotImplementedError(f'Command "{command}" is not implemented.') - elif demisto.command() == 'aws-athena-get-query-execution': - get_query_execution_command(demisto.args()) + return_results(result) - elif demisto.command() == 'aws-athena-get-query-results': - get_query_results_command(demisto.args()) + except Exception as e: + return_error(f'Error: {e}') -except ResponseParserError as e: - return_error('Could not connect to the AWS endpoint. Please check that the region is valid.\n {error}'.format( - error=type(e))) - LOG(e) +from AWSApiModule import * # noqa: E402 -except Exception as e: - return_error('Error has occurred in the AWS Athena Integration: {error}\n {message}'.format( - error=type(e), message=e)) +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena.yml b/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena.yml index 019a2704dff5..0e0a4f74125a 100644 --- a/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena.yml +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena.yml @@ -2,35 +2,56 @@ commonfields: id: AWS - Athena - Beta version: -1 name: AWS - Athena - Beta -display: AWS - Athena (Beta) +display: AWS - Athena category: IT Services -description: Amazon Web Services Athena +description: Amazon Web Services Athena. configuration: - display: Role Arn name: roleArn - defaultvalue: "" type: 0 required: false + section: Connect - display: Role Session Name name: roleSessionName - defaultvalue: "" - type: 0 - required: false -- display: AWS Default Region - name: defaultRegion - defaultvalue: "" type: 0 required: false + section: Connect - display: Role Session Duration name: sessionDuration - defaultvalue: "" type: 0 required: false + section: Connect + advanced: true +- display: AWS Default Region + name: defaultRegion + type: 15 + required: false + options: + - us-east-1 + - us-east-2 + - us-west-1 + - us-west-2 + - ca-central-1 + - eu-west-1 + - eu-central-1 + - eu-west-2 + - ap-northeast-1 + - ap-northeast-2 + - ap-southeast-1 + - ap-southeast-2 + - ap-south-1 + - sa-east-1 + - eu-north-1 + - eu-west-3 + - us-gov-east-1 + - us-gov-west-1 + section: Connect - display: Access Key name: credentials type: 9 displaypassword: Secret Key required: false + section: Connect - display: Access Key name: access_key defaultvalue: "" @@ -43,35 +64,192 @@ configuration: defaultvalue: "" hidden: true required: false +- display: Timeout + name: timeout + type: 0 + required: false + defaultvalue: "60,10" + additionalinfo: The time in seconds until a timeout exception is reached. You can specify just the read timeout (for example 60) or also the connect timeout followed after a comma (for example 60,10). If a connect timeout is not specified, a default of 10 second will be used. + section: Connect + advanced: true +- display: Retries + name: retries + type: 0 + required: false + defaultvalue: 5 + additionalinfo: "The maximum number of retry attempts when connection or throttling errors are encountered. Set to 0 to disable retries. The default value is 5 and the limit is 10. Note: Increasing the number of retries will increase the execution time." + section: Connect + advanced: true - display: Trust any certificate (not secure) name: insecure type: 8 required: false + section: Connect - display: Use system proxy settings name: proxy type: 8 required: false + section: Connect script: script: '' type: python commands: + - name: aws-athena-execute-query + arguments: + - name: QueryString + required: true + description: The SQL query statements to be executed. + - name: QueryLimit + description: A limit (number) to use for the query. If the keyword 'LIMIT' exists within 'QueryString', this parameter will be ignored. + defaultValue: 50 + - name: ClientRequestToken + description: A unique case-sensitive string used to ensure the request to create the query is idempotent (executes only once). If another StartQueryExecution request is received, the same response is returned and another query is not created. + - name: Database + description: The name of the database. + - name: OutputLocation + description: The location in Amazon S3 where your query results are stored, such as s3://path/to/query/bucket/. + - name: EncryptionOption + description: Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys (SSE-S3 ), server-side encryption with KMS-managed keys (SSE-KMS ), or client-side encryption with KMS-managed keys (CSE-KMS) is used. + - name: KmsKey + description: For SSE-KMS and CSE-KMS , this is the KMS key ARN or ID. + - name: WorkGroup + description: The name of the workgroup in which the query is being started. + - name: roleArn + description: The Amazon Resource Name (ARN) of the role to assume. + - name: roleSessionName + description: An identifier for the assumed role session. + - name: roleSessionDuration + description: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. + - name: region + description: The AWS Region, if not specified the default region will be used. + - name: QueryExecutionId + hidden: true + description: ID of the newly created query. Used internally for polling. + - name: hide_polling_output + hidden: true + description: '' + description: Execute a new query, wait for the query to complete (using polling), and return query's execution information, and query's results (if successful). Either 'OutputLocation' or 'WorkGroup' must be specified for the query to run. + polling: true + outputs: + - contextPath: AWS.Athena.Query.QueryExecutionId + description: The unique identifier for each query execution. + type: String + - contextPath: AWS.Athena.Query.Query + description: The SQL query statements which the query execution ran. + type: String + - contextPath: AWS.Athena.Query.StatementType + description: The type of query statement that was run. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.OutputLocation + description: The location in Amazon S3 where your query and calculation results are stored, such as 's3://path/to/query/bucket/'. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.EncryptionConfiguration.EncryptionOption + description: If query and calculation results are encrypted in Amazon S3, indicates the encryption option used (for example, SSE_KMS or CSE_KMS) and key information. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.EncryptionConfiguration.KmsKey + description: For SSE_KMS and CSE_KMS, this is the KMS key ARN or ID. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.ExpectedBucketOwner + description: The Amazon Web Services account ID that you expect to be the owner of the Amazon S3 bucket specified by ResultConfiguration.OutputLocation. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.AclConfiguration.S3AclOption + description: The Amazon S3 canned ACL that Athena should specify when storing query results. + type: String + - contextPath: AWS.Athena.Query.ResultReuseConfiguration.ResultReuseByAgeConfiguration.Enabled + description: True if previous query results can be reused when the query is run; otherwise, false. The default is false. + type: Boolean + - contextPath: AWS.Athena.Query.ResultReuseConfiguration.ResultReuseByAgeConfiguration.MaxAgeInMinutes + description: Specifies, in minutes, the maximum age of a previous query result that Athena should consider for reuse. The default is 60. + type: Number + - contextPath: AWS.Athena.Query.QueryExecutionContext.Database + description: The name of the database used in the query execution. + type: String + - contextPath: AWS.Athena.Query.QueryExecutionContext.Catalog + description: The name of the data catalog used in the query execution. + type: String + - contextPath: AWS.Athena.Query.Status.State + description: The state of query execution. + type: String + - contextPath: AWS.Athena.Query.Status.StateChangeReason + description: Further detail about the status of the query. + type: String + - contextPath: AWS.Athena.Query.Status.SubmissionDateTime + description: The date and time that the query was submitted. + type: String + - contextPath: AWS.Athena.Query.Status.CompletionDateTime + description: The date and time that the query completed. + type: String + - contextPath: AWS.Athena.Query.Status.AthenaError.ErrorCategory + description: An integer value that specifies the category of a query failure error. + type: Number + - contextPath: AWS.Athena.Query.Status.AthenaError.ErrorType + description: An integer value that provides specific information about an Athena query error. For the meaning of specific values, see the Error Type Reference in the Amazon Athena User Guide. + type: Number + - contextPath: AWS.Athena.Query.Status.AthenaError.Retryable + description: True if the query might succeed if resubmitted. + type: Boolean + - contextPath: AWS.Athena.Query.Status.AthenaError.ErrorMessage + description: Contains a short description of the error that occurred. + type: String + - contextPath: AWS.Athena.Query.Statistics.EngineExecutionTimeInMillis + description: The number of milliseconds that the query took to execute. + type: Number + - contextPath: AWS.Athena.Query.Statistics.DataScannedInBytes + description: The number of bytes in the data that was queried. + type: Number + - contextPath: AWS.Athena.Query.Statistics.DataManifestLocation + description: The location and file name of a data manifest file. The manifest file is saved to the Athena query results location in Amazon S3. + type: String + - contextPath: AWS.Athena.Query.Statistics.TotalExecutionTimeInMillis + description: The number of milliseconds that Athena took to run the query. + type: Number + - contextPath: AWS.Athena.Query.Statistics.QueryQueueTimeInMillis + description: The number of milliseconds that the query was in your query queue waiting for resources. + type: Number + - contextPath: AWS.Athena.Query.Statistics.ServicePreProcessingTimeInMillis + description: The number of milliseconds that Athena took to preprocess the query before submitting the query to the query engine. + type: Number + - contextPath: AWS.Athena.Query.Statistics.QueryPlanningTimeInMillis + description: The number of milliseconds that Athena took to plan the query processing flow. This includes the time spent retrieving table partitions from the data source. + type: Number + - contextPath: AWS.Athena.Query.Statistics.ServiceProcessingTimeInMillis + description: The number of milliseconds that Athena took to finalize and publish the query results after the query engine finished running the query. + type: Number + - contextPath: AWS.Athena.Query.ResultReuseInformation.ReusedPreviousResult + description: True if a previous query result was reused; false if the result was generated from a new run of the query. + type: Boolean + - contextPath: AWS.Athena.Query.WorkGroup + description: The name of the workgroup in which the query ran. + type: String + - contextPath: AWS.Athena.Query.EngineVersion.SelectedEngineVersion + description: The engine version requested by the user. Possible values are determined by the output of ListEngineVersions, including AUTO. + type: String + - contextPath: AWS.Athena.Query.EngineVersion.EffectiveEngineVersion + description: The engine version on which the query runs. + type: String + - contextPath: AWS.Athena.Query.ExecutionParameters + description: A list of values for the parameters in a query. The values are applied sequentially to the parameters in the query in the order in which the parameters occur. The list of parameters is not returned in the response. + type: List + - contextPath: AWS.Athena.Query.SubstatementType + description: The kind of query statement that was run. + type: String + - contextPath: AWS.Athena.QueryResults + description: List of query results. + type: List - name: aws-athena-start-query arguments: - name: QueryString required: true description: The SQL query statements to be executed. + - name: QueryLimit + description: A limit (number) to use for the query. If the keyword 'LIMIT' exists within 'QueryString', this parameter will be ignored. + defaultValue: 50 - name: ClientRequestToken - auto: PREDEFINED - predefined: - - private - - public-read - - public-read-write - - authenticated-read - description: A unique case-sensitive string used to ensure the request to create the query is idempotent (executes only once). + description: A unique case-sensitive string used to ensure the request to create the query is idempotent (executes only once). If another StartQueryExecution request is received, the same response is returned and another query is not created. - name: Database description: The name of the database. - name: OutputLocation - description: he location in Amazon S3 where your query results are stored, such as s3://path/to/query/bucket/. + description: The location in Amazon S3 where your query results are stored, such as s3://path/to/query/bucket/. - name: EncryptionOption description: Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys (SSE-S3 ), server-side encryption with KMS-managed keys (SSE-KMS ), or client-side encryption with KMS-managed keys (CSE-KMS) is used. - name: KmsKey @@ -86,12 +264,19 @@ script: description: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. - name: region description: The AWS Region, if not specified the default region will be used. - description: Start Athena Query. + description: Start an Athena query. Either 'OutputLocation' or 'WorkGroup' must be specified for the query to run. + outputs: + - contextPath: AWS.Athena.Query.QueryExecutionId + description: ID of the newly created query. + type: String + - contextPath: AWS.Athena.Query.Query + description: The query string submitted. + type: String - name: aws-athena-stop-query arguments: - name: QueryExecutionId - required: true description: The unique ID of the query execution to stop. This field is auto-populated if not provided. + required: true - name: region description: The AWS Region, if not specified the default region will be used. - name: roleArn @@ -100,7 +285,7 @@ script: description: An identifier for the assumed role session. - name: roleSessionDuration description: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. - description: Stops a query execution. Requires you to have access to the workgroup in which the query ran. + description: Stop an existing running query. - name: aws-athena-get-query-execution arguments: - name: region @@ -112,9 +297,112 @@ script: - name: roleSessionDuration description: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. - name: QueryExecutionId - required: true description: The unique ID of the query execution. - description: Returns information about a single execution of a query if you have access to the workgroup in which the query ran. + required: true + description: Return execution information of a query. + outputs: + - contextPath: AWS.Athena.Query.QueryExecutionId + description: The unique identifier for each query execution. + type: String + - contextPath: AWS.Athena.Query.Query + description: The SQL query statements which the query execution ran. + type: String + - contextPath: AWS.Athena.Query.StatementType + description: The type of query statement that was run. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.OutputLocation + description: The location in Amazon S3 where your query and calculation results are stored, such as 's3://path/to/query/bucket/'. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.EncryptionConfiguration.EncryptionOption + description: If query and calculation results are encrypted in Amazon S3, indicates the encryption option used (for example, SSE_KMS or CSE_KMS) and key information. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.EncryptionConfiguration.KmsKey + description: For SSE_KMS and CSE_KMS, this is the KMS key ARN or ID. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.ExpectedBucketOwner + description: The Amazon Web Services account ID that you expect to be the owner of the Amazon S3 bucket specified by ResultConfiguration.OutputLocation. + type: String + - contextPath: AWS.Athena.Query.ResultConfiguration.AclConfiguration.S3AclOption + description: The Amazon S3 canned ACL that Athena should specify when storing query results. + type: String + - contextPath: AWS.Athena.Query.ResultReuseConfiguration.ResultReuseByAgeConfiguration.Enabled + description: True if previous query results can be reused when the query is run; otherwise, false. The default is false. + type: Boolean + - contextPath: AWS.Athena.Query.ResultReuseConfiguration.ResultReuseByAgeConfiguration.MaxAgeInMinutes + description: Specifies, in minutes, the maximum age of a previous query result that Athena should consider for reuse. The default is 60. + type: Number + - contextPath: AWS.Athena.Query.QueryExecutionContext.Database + description: The name of the database used in the query execution. + type: String + - contextPath: AWS.Athena.Query.QueryExecutionContext.Catalog + description: The name of the data catalog used in the query execution. + type: String + - contextPath: AWS.Athena.Query.Status.State + description: The state of query execution. + type: String + - contextPath: AWS.Athena.Query.Status.StateChangeReason + description: Further detail about the status of the query. + type: String + - contextPath: AWS.Athena.Query.Status.SubmissionDateTime + description: The date and time that the query was submitted. + type: String + - contextPath: AWS.Athena.Query.Status.CompletionDateTime + description: The date and time that the query completed. + type: String + - contextPath: AWS.Athena.Query.Status.AthenaError.ErrorCategory + description: An integer value that specifies the category of a query failure error. + type: Number + - contextPath: AWS.Athena.Query.Status.AthenaError.ErrorType + description: An integer value that provides specific information about an Athena query error. For the meaning of specific values, see the Error Type Reference in the Amazon Athena User Guide. + type: Number + - contextPath: AWS.Athena.Query.Status.AthenaError.Retryable + description: True if the query might succeed if resubmitted. + type: Boolean + - contextPath: AWS.Athena.Query.Status.AthenaError.ErrorMessage + description: Contains a short description of the error that occurred. + type: String + - contextPath: AWS.Athena.Query.Statistics.EngineExecutionTimeInMillis + description: The number of milliseconds that the query took to execute. + type: Number + - contextPath: AWS.Athena.Query.Statistics.DataScannedInBytes + description: The number of bytes in the data that was queried. + type: Number + - contextPath: AWS.Athena.Query.Statistics.DataManifestLocation + description: The location and file name of a data manifest file. The manifest file is saved to the Athena query results location in Amazon S3. + type: String + - contextPath: AWS.Athena.Query.Statistics.TotalExecutionTimeInMillis + description: The number of milliseconds that Athena took to run the query. + type: Number + - contextPath: AWS.Athena.Query.Statistics.QueryQueueTimeInMillis + description: The number of milliseconds that the query was in your query queue waiting for resources. + type: Number + - contextPath: AWS.Athena.Query.Statistics.ServicePreProcessingTimeInMillis + description: The number of milliseconds that Athena took to preprocess the query before submitting the query to the query engine. + type: Number + - contextPath: AWS.Athena.Query.Statistics.QueryPlanningTimeInMillis + description: The number of milliseconds that Athena took to plan the query processing flow. This includes the time spent retrieving table partitions from the data source. + type: Number + - contextPath: AWS.Athena.Query.Statistics.ServiceProcessingTimeInMillis + description: The number of milliseconds that Athena took to finalize and publish the query results after the query engine finished running the query. + type: Number + - contextPath: AWS.Athena.Query.ResultReuseInformation.ReusedPreviousResult + description: True if a previous query result was reused; false if the result was generated from a new run of the query. + type: Boolean + - contextPath: AWS.Athena.Query.WorkGroup + description: The name of the workgroup in which the query ran. + type: String + - contextPath: AWS.Athena.Query.EngineVersion.SelectedEngineVersion + description: The engine version requested by the user. Possible values are determined by the output of ListEngineVersions, including AUTO. + type: String + - contextPath: AWS.Athena.Query.EngineVersion.EffectiveEngineVersion + description: The engine version on which the query runs. + type: String + - contextPath: AWS.Athena.Query.ExecutionParameters + description: A list of values for the parameters in a query. The values are applied sequentially to the parameters in the query in the order in which the parameters occur. The list of parameters is not returned in the response. + type: List + - contextPath: AWS.Athena.Query.SubstatementType + description: The kind of query statement that was run. + type: String - name: aws-athena-get-query-results arguments: - name: QueryExecutionId @@ -128,10 +416,13 @@ script: description: An identifier for the assumed role session. - name: roleSessionDuration description: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. - description: Returns the results of a single query execution specified by QueryExecutionId if you have access to the workgroup in which the query ran. - dockerimage: demisto/boto3py3:1.0.0.38849 + description: Return the results of a query. + outputs: + - contextPath: AWS.Athena.QueryResults + description: List of query results. + type: List + dockerimage: demisto/boto3py3:1.0.0.83094 subtype: python3 -beta: true tests: -- Beta-Athena-Test +- No tests fromversion: 5.0.0 diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena_description.md b/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena_description.md index 98f92be844c2..38401c6e6eac 100644 --- a/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena_description.md +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena_description.md @@ -14,5 +14,3 @@ on your AWS environment. For detailed instructions, see the [AWS Integrations - Authentication](https://xsoar.pan.dev/docs/reference/articles/aws-integrations---authentication). Command descriptions, input descriptions, and output descriptions are taken from the Amazon ACM documentation. For more information, see the [Amazon Athena documention](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/athena.html). - - Note: This is a beta Integration, which lets you implement and test pre-release software. Since the integration is beta, it might contain bugs. Updates to the integration during the beta phase might include non-backward compatible features. We appreciate your feedback on the quality and usability of the integration to help us identify issues, fix them, and continually improve. diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena_test.py b/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena_test.py new file mode 100644 index 000000000000..451d887e0675 --- /dev/null +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/AWS-Athena_test.py @@ -0,0 +1,111 @@ +import importlib +import json +from pathlib import Path + +AWS_Athena = importlib.import_module("AWS-Athena") + + +class MockClient: + def __init__(self, *args, **kwargs): + pass + + def start_query_execution(self, *args, **kwargs): + pass + + def stop_query_execution(self, *args, **kwargs): + pass + + def get_query_execution(self, *args, **kwargs): + pass + + def get_query_results(self, *args, **kwargs): + pass + + +def load_test_data(folder: str, file_name: str) -> dict | str: + """ + A function for loading and returning data from test files within the "test_data" folder. + + Args: + folder (str): Name of the parent folder of the file within `test_data`. + file_name (str): Name of a json file to load data from. + + Returns: + dict | str: The data loaded from the file. If the file is a JSON file, a dict is returned, otherwise a string. + """ + with open(Path("test_data") / folder / file_name) as f: + if file_name.endswith('.json'): + return json.load(f) + + return f.read() + + +def test_execute_query_command(mocker): + client = MockClient() + start_query_execution_mock_data = load_test_data('raw_data_mock', 'start_query_execution.json') + mocker.patch.object(client, 'start_query_execution', return_value=start_query_execution_mock_data) + get_query_execution_mock_data = load_test_data('raw_data_mock', 'get_query_execution.json') + mocker.patch.object(client, 'get_query_execution', return_value=get_query_execution_mock_data) + get_query_results_mock_data = load_test_data('raw_data_mock', 'get_query_results.json') + mocker.patch.object(client, 'get_query_results', return_value=get_query_results_mock_data) + + args = { + 'QueryString': "SELECT * FROM test_db.test_table", + 'OutputLocation': 's3://athena-queries-test', + } + + result = AWS_Athena.execute_query_command(args, client) + + expected_context_execution_details = load_test_data('expected_context', 'get_query_execution_command.json') + expected_context_results = load_test_data('expected_context', 'get_query_results_command.json') + expected_context = { + 'Query': expected_context_execution_details, + 'QueryResults': expected_context_results + } + assert result.outputs == expected_context + + expected_hr = load_test_data('expected_hr', 'get_query_results_command.txt') + assert result.readable_output == expected_hr + + +def test_start_query_command(mocker): + client = MockClient() + mock_data = load_test_data('raw_data_mock', 'start_query_execution.json') + mocker.patch.object(client, 'start_query_execution', return_value=mock_data) + + args = { + 'QueryString': "SELECT * FROM test_db.test_table", + 'OutputLocation': 's3://athena-queries-test', + } + + result = AWS_Athena.start_query_command(args, client) + + expected_context = load_test_data('expected_context', 'start_query_command.json') + assert result.outputs == expected_context + + +def test_get_query_execution_command(mocker): + client = MockClient() + mock_data = load_test_data('raw_data_mock', 'get_query_execution.json') + mocker.patch.object(client, 'get_query_execution', return_value=mock_data) + + args = {'QueryExecutionId': 'b3c194e7-6580-421c-81fa-4b409e1ba04f'} + result = AWS_Athena.get_query_execution_command(args, client) + + expected_context = load_test_data('expected_context', 'get_query_execution_command.json') + assert result.outputs == expected_context + + +def test_get_query_results_command(mocker): + client = MockClient() + mock_data = load_test_data('raw_data_mock', 'get_query_results.json') + mocker.patch.object(client, 'get_query_results', return_value=mock_data) + + args = {'QueryExecutionId': 'b3c194e7-6580-421c-81fa-4b409e1ba04f', 'polling': 'false'} + result = AWS_Athena.get_query_results_command(args, client) + + expected_context = load_test_data('expected_context', 'get_query_results_command.json') + assert result.outputs == expected_context + + expected_hr = load_test_data('expected_hr', 'get_query_results_command.txt') + assert result.readable_output == expected_hr diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/README.md b/Packs/AWS-Athena/Integrations/AWS-Athena/README.md new file mode 100644 index 000000000000..374c14fd8720 --- /dev/null +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/README.md @@ -0,0 +1,232 @@ +Amazon Web Services Athena. + +## Configure AWS - Athena on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for AWS - Athena. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Role Arn | | False | + | Role Session Name | | False | + | Role Session Duration | | False | + | AWS Default Region | | False | + | Access Key | | True | + | Secret Key | | True | + | Timeout | The time in seconds until a timeout exception is reached. You can specify just the read timeout \(for example 60\) or also the connect timeout followed after a comma \(for example 60,10\). If a connect timeout is not specified, a default of 10 second will be used. | False | + | Retries | The maximum number of retry attempts when connection or throttling errors are encountered. Set to 0 to disable retries. The default value is 5 and the limit is 10. Note: Increasing the number of retries will increase the execution time. | False | + | Trust any certificate (not secure) | | False | + | Use system proxy settings | | False | + +4. Click **Test** to validate the URLs, token, and connection. + +## Commands + +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. + +### aws-athena-execute-query + +*** +Execute a new query, wait for the query to complete (using polling), and return query's execution information, and query's results (if successful). Either 'OutputLocation' or 'WorkGroup' must be specified for the query to run. + +#### Base Command + +`aws-athena-execute-query` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| QueryString | The SQL query statements to be executed. | Required | +| QueryLimit | A limit (number) to use for the query. If the keyword 'LIMIT' exists within 'QueryString', this parameter will be ignored. Default is 50. | Optional | +| ClientRequestToken | A unique case-sensitive string used to ensure the request to create the query is idempotent (executes only once). If another StartQueryExecution request is received, the same response is returned and another query is not created. | Optional | +| Database | The name of the database. | Optional | +| OutputLocation | The location in Amazon S3 where your query results are stored, such as s3://path/to/query/bucket/. | Optional | +| EncryptionOption | Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys (SSE-S3 ), server-side encryption with KMS-managed keys (SSE-KMS ), or client-side encryption with KMS-managed keys (CSE-KMS) is used. | Optional | +| KmsKey | For SSE-KMS and CSE-KMS , this is the KMS key ARN or ID. | Optional | +| WorkGroup | The name of the workgroup in which the query is being started. | Optional | +| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional | +| roleSessionName | An identifier for the assumed role session. | Optional | +| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional | +| region | The AWS Region, if not specified the default region will be used. | Optional | +| QueryExecutionId | ID of the newly created query. Used internally for polling. | Optional | + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| AWS.Athena.Query.QueryExecutionId | String | The unique identifier for each query execution. | +| AWS.Athena.Query.Query | String | The SQL query statements which the query execution ran. | +| AWS.Athena.Query.StatementType | String | The type of query statement that was run. | +| AWS.Athena.Query.ResultConfiguration.OutputLocation | String | The location in Amazon S3 where your query and calculation results are stored, such as 's3://path/to/query/bucket/'. | +| AWS.Athena.Query.ResultConfiguration.EncryptionConfiguration.EncryptionOption | String | If query and calculation results are encrypted in Amazon S3, indicates the encryption option used \(for example, SSE_KMS or CSE_KMS\) and key information. | +| AWS.Athena.Query.ResultConfiguration.EncryptionConfiguration.KmsKey | String | For SSE_KMS and CSE_KMS, this is the KMS key ARN or ID. | +| AWS.Athena.Query.ResultConfiguration.ExpectedBucketOwner | String | The Amazon Web Services account ID that you expect to be the owner of the Amazon S3 bucket specified by ResultConfiguration.OutputLocation. | +| AWS.Athena.Query.ResultConfiguration.AclConfiguration.S3AclOption | String | The Amazon S3 canned ACL that Athena should specify when storing query results. | +| AWS.Athena.Query.ResultReuseConfiguration.ResultReuseByAgeConfiguration.Enabled | Boolean | True if previous query results can be reused when the query is run; otherwise, false. The default is false. | +| AWS.Athena.Query.ResultReuseConfiguration.ResultReuseByAgeConfiguration.MaxAgeInMinutes | Number | Specifies, in minutes, the maximum age of a previous query result that Athena should consider for reuse. The default is 60. | +| AWS.Athena.Query.QueryExecutionContext.Database | String | The name of the database used in the query execution. | +| AWS.Athena.Query.QueryExecutionContext.Catalog | String | The name of the data catalog used in the query execution. | +| AWS.Athena.Query.Status.State | String | The state of query execution. | +| AWS.Athena.Query.Status.StateChangeReason | String | Further detail about the status of the query. | +| AWS.Athena.Query.Status.SubmissionDateTime | String | The date and time that the query was submitted. | +| AWS.Athena.Query.Status.CompletionDateTime | String | The date and time that the query completed. | +| AWS.Athena.Query.Status.AthenaError.ErrorCategory | Number | An integer value that specifies the category of a query failure error. | +| AWS.Athena.Query.Status.AthenaError.ErrorType | Number | An integer value that provides specific information about an Athena query error. For the meaning of specific values, see the Error Type Reference in the Amazon Athena User Guide. | +| AWS.Athena.Query.Status.AthenaError.Retryable | Boolean | True if the query might succeed if resubmitted. | +| AWS.Athena.Query.Status.AthenaError.ErrorMessage | String | Contains a short description of the error that occurred. | +| AWS.Athena.Query.Statistics.EngineExecutionTimeInMillis | Number | The number of milliseconds that the query took to execute. | +| AWS.Athena.Query.Statistics.DataScannedInBytes | Number | The number of bytes in the data that was queried. | +| AWS.Athena.Query.Statistics.DataManifestLocation | String | The location and file name of a data manifest file. The manifest file is saved to the Athena query results location in Amazon S3. | +| AWS.Athena.Query.Statistics.TotalExecutionTimeInMillis | Number | The number of milliseconds that Athena took to run the query. | +| AWS.Athena.Query.Statistics.QueryQueueTimeInMillis | Number | The number of milliseconds that the query was in your query queue waiting for resources. | +| AWS.Athena.Query.Statistics.ServicePreProcessingTimeInMillis | Number | The number of milliseconds that Athena took to preprocess the query before submitting the query to the query engine. | +| AWS.Athena.Query.Statistics.QueryPlanningTimeInMillis | Number | The number of milliseconds that Athena took to plan the query processing flow. This includes the time spent retrieving table partitions from the data source. | +| AWS.Athena.Query.Statistics.ServiceProcessingTimeInMillis | Number | The number of milliseconds that Athena took to finalize and publish the query results after the query engine finished running the query. | +| AWS.Athena.Query.ResultReuseInformation.ReusedPreviousResult | Boolean | True if a previous query result was reused; false if the result was generated from a new run of the query. | +| AWS.Athena.Query.WorkGroup | String | The name of the workgroup in which the query ran. | +| AWS.Athena.Query.EngineVersion.SelectedEngineVersion | String | The engine version requested by the user. Possible values are determined by the output of ListEngineVersions, including AUTO. | +| AWS.Athena.Query.EngineVersion.EffectiveEngineVersion | String | The engine version on which the query runs. | +| AWS.Athena.Query.ExecutionParameters | List | A list of values for the parameters in a query. The values are applied sequentially to the parameters in the query in the order in which the parameters occur. The list of parameters is not returned in the response. | +| AWS.Athena.Query.SubstatementType | String | The kind of query statement that was run. | +| AWS.Athena.QueryResults | List | List of query results. | + +### aws-athena-start-query + +*** +Start an Athena query. Either 'OutputLocation' or 'WorkGroup' must be specified for the query to run. + +#### Base Command + +`aws-athena-start-query` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| QueryString | The SQL query statements to be executed. | Required | +| QueryLimit | A limit (number) to use for the query. If the keyword 'LIMIT' exists within 'QueryString', this parameter will be ignored. Default is 50. | Optional | +| ClientRequestToken | A unique case-sensitive string used to ensure the request to create the query is idempotent (executes only once). If another StartQueryExecution request is received, the same response is returned and another query is not created. | Optional | +| Database | The name of the database. | Optional | +| OutputLocation | The location in Amazon S3 where your query results are stored, such as s3://path/to/query/bucket/. | Optional | +| EncryptionOption | Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys (SSE-S3 ), server-side encryption with KMS-managed keys (SSE-KMS ), or client-side encryption with KMS-managed keys (CSE-KMS) is used. | Optional | +| KmsKey | For SSE-KMS and CSE-KMS , this is the KMS key ARN or ID. | Optional | +| WorkGroup | The name of the workgroup in which the query is being started. | Optional | +| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional | +| roleSessionName | An identifier for the assumed role session. | Optional | +| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional | +| region | The AWS Region, if not specified the default region will be used. | Optional | + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| AWS.Athena.Query.QueryExecutionId | String | ID of the newly created query. | +| AWS.Athena.Query.Query | String | The query string submitted. | + +### aws-athena-stop-query + +*** +Stop an existing running query. + +#### Base Command + +`aws-athena-stop-query` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| QueryExecutionId | The unique ID of the query execution to stop. This field is auto-populated if not provided. | Required | +| region | The AWS Region, if not specified the default region will be used. | Optional | +| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional | +| roleSessionName | An identifier for the assumed role session. | Optional | +| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional | + +#### Context Output + +There is no context output for this command. +### aws-athena-get-query-execution + +*** +Return execution information of a query. + +#### Base Command + +`aws-athena-get-query-execution` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| region | The AWS Region, if not specified the default region will be used. | Optional | +| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional | +| roleSessionName | An identifier for the assumed role session. | Optional | +| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional | +| QueryExecutionId | The unique ID of the query execution. | Required | + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| AWS.Athena.Query.QueryExecutionId | String | The unique identifier for each query execution. | +| AWS.Athena.Query.Query | String | The SQL query statements which the query execution ran. | +| AWS.Athena.Query.StatementType | String | The type of query statement that was run. | +| AWS.Athena.Query.ResultConfiguration.OutputLocation | String | The location in Amazon S3 where your query and calculation results are stored, such as 's3://path/to/query/bucket/'. | +| AWS.Athena.Query.ResultConfiguration.EncryptionConfiguration.EncryptionOption | String | If query and calculation results are encrypted in Amazon S3, indicates the encryption option used \(for example, SSE_KMS or CSE_KMS\) and key information. | +| AWS.Athena.Query.ResultConfiguration.EncryptionConfiguration.KmsKey | String | For SSE_KMS and CSE_KMS, this is the KMS key ARN or ID. | +| AWS.Athena.Query.ResultConfiguration.ExpectedBucketOwner | String | The Amazon Web Services account ID that you expect to be the owner of the Amazon S3 bucket specified by ResultConfiguration.OutputLocation. | +| AWS.Athena.Query.ResultConfiguration.AclConfiguration.S3AclOption | String | The Amazon S3 canned ACL that Athena should specify when storing query results. | +| AWS.Athena.Query.ResultReuseConfiguration.ResultReuseByAgeConfiguration.Enabled | Boolean | True if previous query results can be reused when the query is run; otherwise, false. The default is false. | +| AWS.Athena.Query.ResultReuseConfiguration.ResultReuseByAgeConfiguration.MaxAgeInMinutes | Number | Specifies, in minutes, the maximum age of a previous query result that Athena should consider for reuse. The default is 60. | +| AWS.Athena.Query.QueryExecutionContext.Database | String | The name of the database used in the query execution. | +| AWS.Athena.Query.QueryExecutionContext.Catalog | String | The name of the data catalog used in the query execution. | +| AWS.Athena.Query.Status.State | String | The state of query execution. | +| AWS.Athena.Query.Status.StateChangeReason | String | Further detail about the status of the query. | +| AWS.Athena.Query.Status.SubmissionDateTime | String | The date and time that the query was submitted. | +| AWS.Athena.Query.Status.CompletionDateTime | String | The date and time that the query completed. | +| AWS.Athena.Query.Status.AthenaError.ErrorCategory | Number | An integer value that specifies the category of a query failure error. | +| AWS.Athena.Query.Status.AthenaError.ErrorType | Number | An integer value that provides specific information about an Athena query error. For the meaning of specific values, see the Error Type Reference in the Amazon Athena User Guide. | +| AWS.Athena.Query.Status.AthenaError.Retryable | Boolean | True if the query might succeed if resubmitted. | +| AWS.Athena.Query.Status.AthenaError.ErrorMessage | String | Contains a short description of the error that occurred. | +| AWS.Athena.Query.Statistics.EngineExecutionTimeInMillis | Number | The number of milliseconds that the query took to execute. | +| AWS.Athena.Query.Statistics.DataScannedInBytes | Number | The number of bytes in the data that was queried. | +| AWS.Athena.Query.Statistics.DataManifestLocation | String | The location and file name of a data manifest file. The manifest file is saved to the Athena query results location in Amazon S3. | +| AWS.Athena.Query.Statistics.TotalExecutionTimeInMillis | Number | The number of milliseconds that Athena took to run the query. | +| AWS.Athena.Query.Statistics.QueryQueueTimeInMillis | Number | The number of milliseconds that the query was in your query queue waiting for resources. | +| AWS.Athena.Query.Statistics.ServicePreProcessingTimeInMillis | Number | The number of milliseconds that Athena took to preprocess the query before submitting the query to the query engine. | +| AWS.Athena.Query.Statistics.QueryPlanningTimeInMillis | Number | The number of milliseconds that Athena took to plan the query processing flow. This includes the time spent retrieving table partitions from the data source. | +| AWS.Athena.Query.Statistics.ServiceProcessingTimeInMillis | Number | The number of milliseconds that Athena took to finalize and publish the query results after the query engine finished running the query. | +| AWS.Athena.Query.ResultReuseInformation.ReusedPreviousResult | Boolean | True if a previous query result was reused; false if the result was generated from a new run of the query. | +| AWS.Athena.Query.WorkGroup | String | The name of the workgroup in which the query ran. | +| AWS.Athena.Query.EngineVersion.SelectedEngineVersion | String | The engine version requested by the user. Possible values are determined by the output of ListEngineVersions, including AUTO. | +| AWS.Athena.Query.EngineVersion.EffectiveEngineVersion | String | The engine version on which the query runs. | +| AWS.Athena.Query.ExecutionParameters | List | A list of values for the parameters in a query. The values are applied sequentially to the parameters in the query in the order in which the parameters occur. The list of parameters is not returned in the response. | +| AWS.Athena.Query.SubstatementType | String | The kind of query statement that was run. | + +### aws-athena-get-query-results + +*** +Return the results of a query. + +#### Base Command + +`aws-athena-get-query-results` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| QueryExecutionId | The unique ID of the query execution. | Required | +| region | The AWS Region, if not specified the default region will be used. | Optional | +| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional | +| roleSessionName | An identifier for the assumed role session. | Optional | +| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional | + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| AWS.Athena.QueryResults | List | List of query results. | diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/get_query_execution_command.json b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/get_query_execution_command.json new file mode 100644 index 000000000000..043fa85cab66 --- /dev/null +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/get_query_execution_command.json @@ -0,0 +1,36 @@ +{ + "QueryExecutionId": "b3c194e7-6580-421c-81fa-4b409e1ba04f", + "Query": "SELECT * FROM test_db.test_table", + "StatementType": "DML", + "ResultConfiguration": { + "OutputLocation": "s3://athena-queries-test/b3c194e7-6580-421c-81fa-4b409e1ba04f.csv" + }, + "ResultReuseConfiguration": { + "ResultReuseByAgeConfiguration": { + "Enabled": false + } + }, + "QueryExecutionContext": {}, + "Status": { + "State": "SUCCEEDED", + "SubmissionDateTime": "2023-11-07T10:01:03", + "CompletionDateTime": "2023-11-07T10:01:04" + }, + "Statistics": { + "EngineExecutionTimeInMillis": 1074, + "DataScannedInBytes": 86996, + "TotalExecutionTimeInMillis": 1296, + "QueryQueueTimeInMillis": 192, + "QueryPlanningTimeInMillis": 493, + "ServiceProcessingTimeInMillis": 30, + "ResultReuseInformation": { + "ReusedPreviousResult": false + } + }, + "WorkGroup": "primary", + "EngineVersion": { + "SelectedEngineVersion": "AUTO", + "EffectiveEngineVersion": "Athena engine version 3" + }, + "SubstatementType": "SELECT" +} \ No newline at end of file diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/get_query_results_command.json b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/get_query_results_command.json new file mode 100644 index 000000000000..fd468e25eb31 --- /dev/null +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/get_query_results_command.json @@ -0,0 +1,272 @@ +[ + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=7c33bcd3-0252-4b28-b2c7-7f38ed881796, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699342808000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=5AV2YZSR7D9DFDW8}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=s3.amazonaws.com}", + "src_endpoint": "{uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-40-08-CD1B1BC0934C71D4, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=CSwJV1zFxiBSHjrTGaIUH5FMMVcgl05W, additionalEventData.x-amz-id-2=71IAMvFJ3O5bJRBlpJCB3l0B8CzNy5sG7BECw2I1R4oHyvkV2FKixZqmYAir4Y5h5ldtxWA+xlk=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=6ffdc2dd-05ca-483e-8baa-842949fddced, requestParameters.key=2023-11-07-07-40-08-CD1B1BC0934C71D4, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date=\"Wed, 15 Nov 2023 00:00:00 GMT\", rule-id=\"Delete-older-the-7-days\", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=480}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231107", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + }, + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=69d54eee-2c1c-4f51-b89f-45c7029695c6, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699342833000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=BRW2SJ5SBFD7T91W}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=cloudtrail.amazonaws.com}", + "src_endpoint": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/07/654338056632_CloudTrail_eu-central-1_20231107T0740Z_dimNGWjAynOPPS1e.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=CKIV9mfKLdZHOitE2UvDr21Km4whgr92dar3i5Ew4/upKPfXc97MP45lpxnGo1mhPW7RQgvuQEs=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=cd4f5d26-4491-40fc-a7d9-cb10f3e99ed3, requestParameters.key=AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/07/654338056632_CloudTrail_eu-central-1_20231107T0740Z_dimNGWjAynOPPS1e.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=2347}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231107", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + }, + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=2a0b2b1a-bff6-4a89-93e5-801e3fdf3b92, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699342772000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=55TVMR6HYD2ABTWB}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=s3.amazonaws.com}", + "src_endpoint": "{uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-39-32-43DC7FEEAE7DFCA6, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=LXBDlV4KJJB56OUOvwPNlb1v4Re5gpKH, additionalEventData.x-amz-id-2=0/+WsTcJgOlNKdHK/L2FmlK7IyBHUCeZDaXhRKtYAlWrPy0oTMVVtX41yxCh3HE5s2YMLFpwyGc=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=ae9c5147-998a-4a83-ae76-dd1916795763, requestParameters.key=2023-11-07-07-39-32-43DC7FEEAE7DFCA6, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date=\"Wed, 15 Nov 2023 00:00:00 GMT\", rule-id=\"Delete-older-the-7-days\", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=480}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231107", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + }, + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=fee096f2-611d-4b3c-b092-ea06e8a527ca, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699137065000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=5E1S778MRDJEDVSR}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=cloudtrail.amazonaws.com}", + "src_endpoint": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2230Z_Ei3HUNUHdxFCuo9l.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=RITtRiXX1DGn4aCJ1AguFwc0Ux/HS6LSgIjiGlJBFdeFWMwmqQk1TlibDKq5kIA2xrSZc/qyl8w=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=150e3c90-ce64-4311-b9de-67ef7077751a, requestParameters.key=AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2230Z_Ei3HUNUHdxFCuo9l.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1317}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231104", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + }, + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=68481d66-4a3e-42fe-a878-a1e6a7176c16, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699137170000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=VDKRDR9XNA8H2MF8}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=cloudtrail.amazonaws.com}", + "src_endpoint": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/04/668688824393_CloudTrail_eu-central-1_20231104T2230Z_cvjIkDeGdNDHOgZs.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=p+d+4x2c5Cq78w5YiikRKYtXsRxTFKFiklo3uPsWV9VkYTbLqxQxlKSOvJ/3pyFMV0ghlX4jSiw=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=f7f916ab-0dd4-4e99-b522-b415b9c80458, requestParameters.key=AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/04/668688824393_CloudTrail_eu-central-1_20231104T2230Z_cvjIkDeGdNDHOgZs.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1199}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231104", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + }, + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=6a5583e7-0463-439a-89c6-5431d3cd58fe, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699137247000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=PN8HM14HVKG8ED12}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=cloudtrail.amazonaws.com}", + "src_endpoint": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2235Z_yvpVSHH3613gs2AK.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=xm6fkjpc6B9awVdyl1jxnkfp+1boyZ3slsj3MtybxFfeJ+fhC84Il8k2jKEVlK91DdoRzM+RVIw=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=083a753d-7aae-4dcb-b5d9-703cfab873b4, requestParameters.key=AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2235Z_yvpVSHH3613gs2AK.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1556}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231104", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + }, + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=e3cc1c86-950f-4201-a362-3f8f68631a83, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699342905000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=J3HPX1A1NNHGKFKH}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=cloudtrail.amazonaws.com}", + "src_endpoint": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_jtWHnUtmZvFb95ZI.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=o5fB4Haj65lh3PSSxZ3GImGDkSUUQ2Vy0qEH2kifNcpzIn9KWAL4VECS2HMMq8abRt7X9q1X3W9r0tioo1ytzQ==, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=b1991000-4fff-4444-a70e-c615aae8db9e, requestParameters.key=AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_jtWHnUtmZvFb95ZI.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1580}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231107", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + }, + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=85ca9b31-7607-40bd-8f65-0e6f892550a5, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699342908000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=0J1R23EBRVY6T7ZJ}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=cloudtrail.amazonaws.com}", + "src_endpoint": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_xvmpLIGhOzmt4n3B.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=iypPsK3E1swmRKTBokcowNGxPCNWvgnjXmMyOOvajrl8bGqbQVTmPUbXGLOYR2z553KaKn/HZF0=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=d0089b3a-0175-4732-8726-aa8b83557c19, requestParameters.key=AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_xvmpLIGhOzmt4n3B.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=2276}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231107", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + }, + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=a7a07526-e890-4697-85a5-3d9cf4ab1e9b, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699342917000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=BW3N96A9B3H9MVBS}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=s3.amazonaws.com}", + "src_endpoint": "{uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-41-57-110CCCE05A2BEE37, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=193ieSvoNFv1o.tUJKgchRloNHbERbcu, additionalEventData.x-amz-id-2=jIV/CP92IrpLpnNRe2zwJj9+c9Rg3EsUyM2AIRSYR19hm8Umi4gnDdP9NrDJszZO4EkOgWiJQz8=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=80ec7a41-6396-453a-8ec9-993c46b371be, requestParameters.key=2023-11-07-07-41-57-110CCCE05A2BEE37, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date=\"Wed, 15 Nov 2023 00:00:00 GMT\", rule-id=\"Delete-older-the-7-days\", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=480}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231107", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + }, + { + "metadata": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=8f60fe7d-1b50-42f5-956c-cd0f60fc98ed, profiles=[cloud], version=1.0.0-rc.2}", + "time": "1699342948000", + "cloud": "{region=eu-central-1, provider=AWS}", + "api": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=8A48J06NSTRZZH41}}", + "actor": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}}", + "http_request": "{user_agent=s3.amazonaws.com}", + "src_endpoint": "{uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com}", + "resources": "[{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-42-28-FC0CDE158967D4CF, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}]", + "class_name": "API Activity", + "class_uid": "3005", + "category_name": "Audit Activity", + "category_uid": "3", + "severity_id": "1", + "severity": "Informational", + "activity_name": "Update", + "activity_id": "3", + "type_uid": "300503", + "type_name": "API Activity: Update", + "status": "Success", + "status_id": "1", + "unmapped": "{additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=IBZgLYMsVU50YUHYOt9rQ1R28oTy_rHd, additionalEventData.x-amz-id-2=TCnuNhf35xx4buXCo34P8TdlAV4hkDit07I8iUuqpjcyvWOXRGuPAuFGd+5tbmPRXN5+MbY57zU=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=93494c71-ec89-4b9a-8607-6f8ff7460ff9, requestParameters.key=2023-11-07-07-42-28-FC0CDE158967D4CF, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date=\"Wed, 15 Nov 2023 00:00:00 GMT\", rule-id=\"Delete-older-the-7-days\", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=960}", + "region": "eu-central-1", + "accountid": "654338056632", + "eventday": "20231107", + "query_execution_id": "b3c194e7-6580-421c-81fa-4b409e1ba04f" + } +] \ No newline at end of file diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/start_query_command.json b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/start_query_command.json new file mode 100644 index 000000000000..8e6e666cc4ca --- /dev/null +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_context/start_query_command.json @@ -0,0 +1,4 @@ +{ + "Query": "SELECT * FROM test_db.test_table", + "QueryExecutionId": "b3c194e7-6580-421c-81fa-4b409e1ba04f" +} \ No newline at end of file diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_hr/get_query_results_command.txt b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_hr/get_query_results_command.txt new file mode 100644 index 000000000000..dadfbb63bbcd --- /dev/null +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/expected_hr/get_query_results_command.txt @@ -0,0 +1,13 @@ +### AWS Athena Query Results +|accountid|activity_id|activity_name|actor|api|category_name|category_uid|class_name|class_uid|cloud|eventday|http_request|metadata|query_execution_id|region|resources|severity|severity_id|src_endpoint|status|status_id|time|type_name|type_uid|unmapped| +|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---| +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=5AV2YZSR7D9DFDW8}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231107 | {user_agent=s3.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=7c33bcd3-0252-4b28-b2c7-7f38ed881796, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-40-08-CD1B1BC0934C71D4, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com} | Success | 1 | 1699342808000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=CSwJV1zFxiBSHjrTGaIUH5FMMVcgl05W, additionalEventData.x-amz-id-2=71IAMvFJ3O5bJRBlpJCB3l0B8CzNy5sG7BECw2I1R4oHyvkV2FKixZqmYAir4Y5h5ldtxWA+xlk=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=6ffdc2dd-05ca-483e-8baa-842949fddced, requestParameters.key=2023-11-07-07-40-08-CD1B1BC0934C71D4, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date="Wed, 15 Nov 2023 00:00:00 GMT", rule-id="Delete-older-the-7-days", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=480} | +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=BRW2SJ5SBFD7T91W}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231107 | {user_agent=cloudtrail.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=69d54eee-2c1c-4f51-b89f-45c7029695c6, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/07/654338056632_CloudTrail_eu-central-1_20231107T0740Z_dimNGWjAynOPPS1e.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=null, ip=null, domain=cloudtrail.amazonaws.com} | Success | 1 | 1699342833000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=CKIV9mfKLdZHOitE2UvDr21Km4whgr92dar3i5Ew4/upKPfXc97MP45lpxnGo1mhPW7RQgvuQEs=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=cd4f5d26-4491-40fc-a7d9-cb10f3e99ed3, requestParameters.key=AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/07/654338056632_CloudTrail_eu-central-1_20231107T0740Z_dimNGWjAynOPPS1e.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=2347} | +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=55TVMR6HYD2ABTWB}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231107 | {user_agent=s3.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=2a0b2b1a-bff6-4a89-93e5-801e3fdf3b92, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-39-32-43DC7FEEAE7DFCA6, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com} | Success | 1 | 1699342772000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=LXBDlV4KJJB56OUOvwPNlb1v4Re5gpKH, additionalEventData.x-amz-id-2=0/+WsTcJgOlNKdHK/L2FmlK7IyBHUCeZDaXhRKtYAlWrPy0oTMVVtX41yxCh3HE5s2YMLFpwyGc=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=ae9c5147-998a-4a83-ae76-dd1916795763, requestParameters.key=2023-11-07-07-39-32-43DC7FEEAE7DFCA6, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date="Wed, 15 Nov 2023 00:00:00 GMT", rule-id="Delete-older-the-7-days", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=480} | +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=5E1S778MRDJEDVSR}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231104 | {user_agent=cloudtrail.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=fee096f2-611d-4b3c-b092-ea06e8a527ca, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2230Z_Ei3HUNUHdxFCuo9l.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=null, ip=null, domain=cloudtrail.amazonaws.com} | Success | 1 | 1699137065000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=RITtRiXX1DGn4aCJ1AguFwc0Ux/HS6LSgIjiGlJBFdeFWMwmqQk1TlibDKq5kIA2xrSZc/qyl8w=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=150e3c90-ce64-4311-b9de-67ef7077751a, requestParameters.key=AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2230Z_Ei3HUNUHdxFCuo9l.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1317} | +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=VDKRDR9XNA8H2MF8}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231104 | {user_agent=cloudtrail.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=68481d66-4a3e-42fe-a878-a1e6a7176c16, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/04/668688824393_CloudTrail_eu-central-1_20231104T2230Z_cvjIkDeGdNDHOgZs.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=null, ip=null, domain=cloudtrail.amazonaws.com} | Success | 1 | 1699137170000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=p+d+4x2c5Cq78w5YiikRKYtXsRxTFKFiklo3uPsWV9VkYTbLqxQxlKSOvJ/3pyFMV0ghlX4jSiw=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=f7f916ab-0dd4-4e99-b522-b415b9c80458, requestParameters.key=AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/04/668688824393_CloudTrail_eu-central-1_20231104T2230Z_cvjIkDeGdNDHOgZs.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1199} | +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=PN8HM14HVKG8ED12}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231104 | {user_agent=cloudtrail.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=6a5583e7-0463-439a-89c6-5431d3cd58fe, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2235Z_yvpVSHH3613gs2AK.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=null, ip=null, domain=cloudtrail.amazonaws.com} | Success | 1 | 1699137247000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=xm6fkjpc6B9awVdyl1jxnkfp+1boyZ3slsj3MtybxFfeJ+fhC84Il8k2jKEVlK91DdoRzM+RVIw=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=083a753d-7aae-4dcb-b5d9-703cfab873b4, requestParameters.key=AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2235Z_yvpVSHH3613gs2AK.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1556} | +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=J3HPX1A1NNHGKFKH}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231107 | {user_agent=cloudtrail.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=e3cc1c86-950f-4201-a362-3f8f68631a83, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_jtWHnUtmZvFb95ZI.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=null, ip=null, domain=cloudtrail.amazonaws.com} | Success | 1 | 1699342905000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=o5fB4Haj65lh3PSSxZ3GImGDkSUUQ2Vy0qEH2kifNcpzIn9KWAL4VECS2HMMq8abRt7X9q1X3W9r0tioo1ytzQ==, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=b1991000-4fff-4444-a70e-c615aae8db9e, requestParameters.key=AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_jtWHnUtmZvFb95ZI.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1580} | +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=0J1R23EBRVY6T7ZJ}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231107 | {user_agent=cloudtrail.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=85ca9b31-7607-40bd-8f65-0e6f892550a5, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_xvmpLIGhOzmt4n3B.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=null, ip=null, domain=cloudtrail.amazonaws.com} | Success | 1 | 1699342908000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=iypPsK3E1swmRKTBokcowNGxPCNWvgnjXmMyOOvajrl8bGqbQVTmPUbXGLOYR2z553KaKn/HZF0=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=d0089b3a-0175-4732-8726-aa8b83557c19, requestParameters.key=AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_xvmpLIGhOzmt4n3B.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=2276} | +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=BW3N96A9B3H9MVBS}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231107 | {user_agent=s3.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=a7a07526-e890-4697-85a5-3d9cf4ab1e9b, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-41-57-110CCCE05A2BEE37, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com} | Success | 1 | 1699342917000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=193ieSvoNFv1o.tUJKgchRloNHbERbcu, additionalEventData.x-amz-id-2=jIV/CP92IrpLpnNRe2zwJj9+c9Rg3EsUyM2AIRSYR19hm8Umi4gnDdP9NrDJszZO4EkOgWiJQz8=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=80ec7a41-6396-453a-8ec9-993c46b371be, requestParameters.key=2023-11-07-07-41-57-110CCCE05A2BEE37, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date="Wed, 15 Nov 2023 00:00:00 GMT", rule-id="Delete-older-the-7-days", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=480} | +| 654338056632 | 3 | Update | {user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}} | {response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=8A48J06NSTRZZH41}} | Audit Activity | 3 | API Activity | 3005 | {region=eu-central-1, provider=AWS} | 20231107 | {user_agent=s3.amazonaws.com} | {product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=8f60fe7d-1b50-42f5-956c-cd0f60fc98ed, profiles=[cloud], version=1.0.0-rc.2} | b3c194e7-6580-421c-81fa-4b409e1ba04f | eu-central-1 | [{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-42-28-FC0CDE158967D4CF, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}] | Informational | 1 | {uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com} | Success | 1 | 1699342948000 | API Activity: Update | 300503 | {additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=IBZgLYMsVU50YUHYOt9rQ1R28oTy_rHd, additionalEventData.x-amz-id-2=TCnuNhf35xx4buXCo34P8TdlAV4hkDit07I8iUuqpjcyvWOXRGuPAuFGd+5tbmPRXN5+MbY57zU=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=93494c71-ec89-4b9a-8607-6f8ff7460ff9, requestParameters.key=2023-11-07-07-42-28-FC0CDE158967D4CF, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date="Wed, 15 Nov 2023 00:00:00 GMT", rule-id="Delete-older-the-7-days", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=960} | diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/get_query_execution.json b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/get_query_execution.json new file mode 100644 index 000000000000..dc84fda8a074 --- /dev/null +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/get_query_execution.json @@ -0,0 +1,50 @@ +{ + "QueryExecution": { + "QueryExecutionId": "b3c194e7-6580-421c-81fa-4b409e1ba04f", + "Query": "SELECT * FROM test_db.test_table", + "StatementType": "DML", + "ResultConfiguration": { + "OutputLocation": "s3://athena-queries-test/b3c194e7-6580-421c-81fa-4b409e1ba04f.csv" + }, + "ResultReuseConfiguration": { + "ResultReuseByAgeConfiguration": { + "Enabled": false + } + }, + "QueryExecutionContext": {}, + "Status": { + "State": "SUCCEEDED", + "SubmissionDateTime": "2023-11-07T10:01:03", + "CompletionDateTime": "2023-11-07T10:01:04" + }, + "Statistics": { + "EngineExecutionTimeInMillis": 1074, + "DataScannedInBytes": 86996, + "TotalExecutionTimeInMillis": 1296, + "QueryQueueTimeInMillis": 192, + "QueryPlanningTimeInMillis": 493, + "ServiceProcessingTimeInMillis": 30, + "ResultReuseInformation": { + "ReusedPreviousResult": false + } + }, + "WorkGroup": "primary", + "EngineVersion": { + "SelectedEngineVersion": "AUTO", + "EffectiveEngineVersion": "Athena engine version 3" + }, + "SubstatementType": "SELECT" + }, + "ResponseMetadata": { + "RequestId": "07c697eb-30b3-42a6-bb42-86afd1227d3f", + "HTTPStatusCode": 200, + "HTTPHeaders": { + "date": "Tue, 07 Nov 2023 16:51:15 GMT", + "content-type": "application/x-amz-json-1.1", + "content-length": "2106", + "connection": "keep-alive", + "x-amzn-requestid": "07c697eb-30b3-42a6-bb42-86afd1227d3f" + }, + "RetryAttempts": 0 + } +} \ No newline at end of file diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/get_query_results.json b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/get_query_results.json new file mode 100644 index 000000000000..25b9d0eb82d4 --- /dev/null +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/get_query_results.json @@ -0,0 +1,1222 @@ +{ + "UpdateCount": 0, + "ResultSet": { + "Rows": [ + { + "Data": [ + { + "VarCharValue": "metadata" + }, + { + "VarCharValue": "time" + }, + { + "VarCharValue": "cloud" + }, + { + "VarCharValue": "api" + }, + { + "VarCharValue": "dst_endpoint" + }, + { + "VarCharValue": "actor" + }, + { + "VarCharValue": "http_request" + }, + { + "VarCharValue": "src_endpoint" + }, + { + "VarCharValue": "resources" + }, + { + "VarCharValue": "class_name" + }, + { + "VarCharValue": "class_uid" + }, + { + "VarCharValue": "category_name" + }, + { + "VarCharValue": "category_uid" + }, + { + "VarCharValue": "severity_id" + }, + { + "VarCharValue": "severity" + }, + { + "VarCharValue": "user" + }, + { + "VarCharValue": "activity_name" + }, + { + "VarCharValue": "activity_id" + }, + { + "VarCharValue": "type_uid" + }, + { + "VarCharValue": "type_name" + }, + { + "VarCharValue": "status" + }, + { + "VarCharValue": "status_id" + }, + { + "VarCharValue": "mfa" + }, + { + "VarCharValue": "unmapped" + }, + { + "VarCharValue": "region" + }, + { + "VarCharValue": "accountid" + }, + { + "VarCharValue": "eventday" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=7c33bcd3-0252-4b28-b2c7-7f38ed881796, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699342808000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=5AV2YZSR7D9DFDW8}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=s3.amazonaws.com}" + }, + { + "VarCharValue": "{uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-40-08-CD1B1BC0934C71D4, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=CSwJV1zFxiBSHjrTGaIUH5FMMVcgl05W, additionalEventData.x-amz-id-2=71IAMvFJ3O5bJRBlpJCB3l0B8CzNy5sG7BECw2I1R4oHyvkV2FKixZqmYAir4Y5h5ldtxWA+xlk=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=6ffdc2dd-05ca-483e-8baa-842949fddced, requestParameters.key=2023-11-07-07-40-08-CD1B1BC0934C71D4, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date=\"Wed, 15 Nov 2023 00:00:00 GMT\", rule-id=\"Delete-older-the-7-days\", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=480}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231107" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=69d54eee-2c1c-4f51-b89f-45c7029695c6, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699342833000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=BRW2SJ5SBFD7T91W}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/07/654338056632_CloudTrail_eu-central-1_20231107T0740Z_dimNGWjAynOPPS1e.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=CKIV9mfKLdZHOitE2UvDr21Km4whgr92dar3i5Ew4/upKPfXc97MP45lpxnGo1mhPW7RQgvuQEs=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=cd4f5d26-4491-40fc-a7d9-cb10f3e99ed3, requestParameters.key=AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/07/654338056632_CloudTrail_eu-central-1_20231107T0740Z_dimNGWjAynOPPS1e.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=2347}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231107" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=2a0b2b1a-bff6-4a89-93e5-801e3fdf3b92, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699342772000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=55TVMR6HYD2ABTWB}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=s3.amazonaws.com}" + }, + { + "VarCharValue": "{uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-39-32-43DC7FEEAE7DFCA6, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=LXBDlV4KJJB56OUOvwPNlb1v4Re5gpKH, additionalEventData.x-amz-id-2=0/+WsTcJgOlNKdHK/L2FmlK7IyBHUCeZDaXhRKtYAlWrPy0oTMVVtX41yxCh3HE5s2YMLFpwyGc=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=ae9c5147-998a-4a83-ae76-dd1916795763, requestParameters.key=2023-11-07-07-39-32-43DC7FEEAE7DFCA6, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date=\"Wed, 15 Nov 2023 00:00:00 GMT\", rule-id=\"Delete-older-the-7-days\", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=480}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231107" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=fee096f2-611d-4b3c-b092-ea06e8a527ca, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699137065000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=5E1S778MRDJEDVSR}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2230Z_Ei3HUNUHdxFCuo9l.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=RITtRiXX1DGn4aCJ1AguFwc0Ux/HS6LSgIjiGlJBFdeFWMwmqQk1TlibDKq5kIA2xrSZc/qyl8w=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=150e3c90-ce64-4311-b9de-67ef7077751a, requestParameters.key=AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2230Z_Ei3HUNUHdxFCuo9l.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1317}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231104" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=68481d66-4a3e-42fe-a878-a1e6a7176c16, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699137170000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=VDKRDR9XNA8H2MF8}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/04/668688824393_CloudTrail_eu-central-1_20231104T2230Z_cvjIkDeGdNDHOgZs.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=p+d+4x2c5Cq78w5YiikRKYtXsRxTFKFiklo3uPsWV9VkYTbLqxQxlKSOvJ/3pyFMV0ghlX4jSiw=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=f7f916ab-0dd4-4e99-b522-b415b9c80458, requestParameters.key=AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/04/668688824393_CloudTrail_eu-central-1_20231104T2230Z_cvjIkDeGdNDHOgZs.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1199}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231104" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=6a5583e7-0463-439a-89c6-5431d3cd58fe, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699137247000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=PN8HM14HVKG8ED12}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2235Z_yvpVSHH3613gs2AK.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=xm6fkjpc6B9awVdyl1jxnkfp+1boyZ3slsj3MtybxFfeJ+fhC84Il8k2jKEVlK91DdoRzM+RVIw=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=083a753d-7aae-4dcb-b5d9-703cfab873b4, requestParameters.key=AWSLogs/o-re4vuxlksb/654338056632/CloudTrail/eu-central-1/2023/11/04/654338056632_CloudTrail_eu-central-1_20231104T2235Z_yvpVSHH3613gs2AK.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1556}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231104" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=e3cc1c86-950f-4201-a362-3f8f68631a83, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699342905000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=J3HPX1A1NNHGKFKH}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_jtWHnUtmZvFb95ZI.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=o5fB4Haj65lh3PSSxZ3GImGDkSUUQ2Vy0qEH2kifNcpzIn9KWAL4VECS2HMMq8abRt7X9q1X3W9r0tioo1ytzQ==, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=b1991000-4fff-4444-a70e-c615aae8db9e, requestParameters.key=AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_jtWHnUtmZvFb95ZI.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=1580}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231107" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=85ca9b31-7607-40bd-8f65-0e6f892550a5, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699342908000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=0J1R23EBRVY6T7ZJ}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=cloudtrail.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "{uid=null, ip=null, domain=cloudtrail.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake/AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_xvmpLIGhOzmt4n3B.json.gz, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::aws-cloudtrail-logs-654338056632-cloudlake, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=SSE_S3, requestParameters.x-amz-acl=bucket-owner-full-control, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, additionalEventData.x-amz-id-2=iypPsK3E1swmRKTBokcowNGxPCNWvgnjXmMyOOvajrl8bGqbQVTmPUbXGLOYR2z553KaKn/HZF0=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=aws-cloudtrail-logs-654338056632-cloudlake.s3.eu-central-1.amazonaws.com, requestParameters.x-amz-server-side-encryption=AES256, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=d0089b3a-0175-4732-8726-aa8b83557c19, requestParameters.key=AWSLogs/o-re4vuxlksb/668688824393/CloudTrail/eu-central-1/2023/11/07/668688824393_CloudTrail_eu-central-1_20231107T0740Z_xvmpLIGhOzmt4n3B.json.gz, requestParameters.bucketName=aws-cloudtrail-logs-654338056632-cloudlake, responseElements.x-amz-server-side-encryption=AES256, recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=2276}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231107" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=a7a07526-e890-4697-85a5-3d9cf4ab1e9b, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699342917000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=BW3N96A9B3H9MVBS}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=s3.amazonaws.com}" + }, + { + "VarCharValue": "{uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-41-57-110CCCE05A2BEE37, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=193ieSvoNFv1o.tUJKgchRloNHbERbcu, additionalEventData.x-amz-id-2=jIV/CP92IrpLpnNRe2zwJj9+c9Rg3EsUyM2AIRSYR19hm8Umi4gnDdP9NrDJszZO4EkOgWiJQz8=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=80ec7a41-6396-453a-8ec9-993c46b371be, requestParameters.key=2023-11-07-07-41-57-110CCCE05A2BEE37, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date=\"Wed, 15 Nov 2023 00:00:00 GMT\", rule-id=\"Delete-older-the-7-days\", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=480}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231107" + } + ] + }, + { + "Data": [ + { + "VarCharValue": "{product={version=1.09, name=CloudTrail, vendor_name=AWS, feature={name=Data}}, uid=8f60fe7d-1b50-42f5-956c-cd0f60fc98ed, profiles=[cloud], version=1.0.0-rc.2}" + }, + { + "VarCharValue": "1699342948000" + }, + { + "VarCharValue": "{region=eu-central-1, provider=AWS}" + }, + { + "VarCharValue": "{response={error=null, message=null}, operation=PutObject, version=null, service={name=s3.amazonaws.com}, request={uid=8A48J06NSTRZZH41}}" + }, + {}, + { + "VarCharValue": "{user={type=AWSService, name=null, uid=null, uuid=null, account_uid=null, credential_uid=null}, session={created_time=null, mfa=null, issuer=null}, invoked_by=s3.amazonaws.com, idp={name=null}}" + }, + { + "VarCharValue": "{user_agent=s3.amazonaws.com}" + }, + { + "VarCharValue": "{uid=vpce-59a25a30, ip=null, domain=s3.amazonaws.com}" + }, + { + "VarCharValue": "[{uid=arn:aws:s3:::test-log-collector/2023-11-07-07-42-28-FC0CDE158967D4CF, account_uid=null, type=AWS::S3::Object}, {uid=arn:aws:s3:::test-log-collector, account_uid=654338056632, type=AWS::S3::Bucket}]" + }, + { + "VarCharValue": "API Activity" + }, + { + "VarCharValue": "3005" + }, + { + "VarCharValue": "Audit Activity" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "1" + }, + { + "VarCharValue": "Informational" + }, + {}, + { + "VarCharValue": "Update" + }, + { + "VarCharValue": "3" + }, + { + "VarCharValue": "300503" + }, + { + "VarCharValue": "API Activity: Update" + }, + { + "VarCharValue": "Success" + }, + { + "VarCharValue": "1" + }, + {}, + { + "VarCharValue": "{additionalEventData.SSEApplied=Default_SSE_S3, additionalEventData.SignatureVersion=SigV4, additionalEventData.CipherSuite=ECDHE-RSA-AES128-GCM-SHA256, additionalEventData.bytesTransferredOut=0, responseElements.x-amz-version-id=IBZgLYMsVU50YUHYOt9rQ1R28oTy_rHd, additionalEventData.x-amz-id-2=TCnuNhf35xx4buXCo34P8TdlAV4hkDit07I8iUuqpjcyvWOXRGuPAuFGd+5tbmPRXN5+MbY57zU=, readOnly=false, eventType=AwsApiCall, requestParameters.Host=s3.eu-central-1.amazonaws.com, additionalEventData.AuthenticationMethod=AuthHeader, sharedEventID=93494c71-ec89-4b9a-8607-6f8ff7460ff9, requestParameters.key=2023-11-07-07-42-28-FC0CDE158967D4CF, requestParameters.bucketName=test-log-collector, responseElements.x-amz-server-side-encryption=AES256, responseElements.x-amz-expiration=expiry-date=\"Wed, 15 Nov 2023 00:00:00 GMT\", rule-id=\"Delete-older-the-7-days\", recipientAccountId=654338056632, managementEvent=false, additionalEventData.bytesTransferredIn=960}" + }, + { + "VarCharValue": "eu-central-1" + }, + { + "VarCharValue": "654338056632" + }, + { + "VarCharValue": "20231107" + } + ] + } + ], + "ResultSetMetadata": { + "ColumnInfo": [ + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "metadata", + "Label": "metadata", + "Type": "row", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "time", + "Label": "time", + "Type": "bigint", + "Precision": 19, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "cloud", + "Label": "cloud", + "Type": "row", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "api", + "Label": "api", + "Type": "row", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "dst_endpoint", + "Label": "dst_endpoint", + "Type": "row", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "actor", + "Label": "actor", + "Type": "row", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "http_request", + "Label": "http_request", + "Type": "row", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "src_endpoint", + "Label": "src_endpoint", + "Type": "row", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "resources", + "Label": "resources", + "Type": "array", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "class_name", + "Label": "class_name", + "Type": "varchar", + "Precision": 2147483647, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": true + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "class_uid", + "Label": "class_uid", + "Type": "integer", + "Precision": 10, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "category_name", + "Label": "category_name", + "Type": "varchar", + "Precision": 2147483647, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": true + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "category_uid", + "Label": "category_uid", + "Type": "integer", + "Precision": 10, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "severity_id", + "Label": "severity_id", + "Type": "integer", + "Precision": 10, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "severity", + "Label": "severity", + "Type": "varchar", + "Precision": 2147483647, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": true + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "user", + "Label": "user", + "Type": "row", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "activity_name", + "Label": "activity_name", + "Type": "varchar", + "Precision": 2147483647, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": true + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "activity_id", + "Label": "activity_id", + "Type": "integer", + "Precision": 10, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "type_uid", + "Label": "type_uid", + "Type": "integer", + "Precision": 10, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "type_name", + "Label": "type_name", + "Type": "varchar", + "Precision": 2147483647, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": true + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "status", + "Label": "status", + "Type": "varchar", + "Precision": 2147483647, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": true + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "status_id", + "Label": "status_id", + "Type": "integer", + "Precision": 10, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "mfa", + "Label": "mfa", + "Type": "boolean", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "unmapped", + "Label": "unmapped", + "Type": "map", + "Precision": 0, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": false + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "region", + "Label": "region", + "Type": "varchar", + "Precision": 2147483647, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": true + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "accountid", + "Label": "accountid", + "Type": "varchar", + "Precision": 2147483647, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": true + }, + { + "CatalogName": "hive", + "SchemaName": "", + "TableName": "", + "Name": "eventday", + "Label": "eventday", + "Type": "varchar", + "Precision": 2147483647, + "Scale": 0, + "Nullable": "UNKNOWN", + "CaseSensitive": true + } + ] + } + }, + "ResponseMetadata": { + "RequestId": "4633521e-628b-491b-bb41-e4915567588c", + "HTTPStatusCode": 200, + "HTTPHeaders": { + "date": "Wed, 08 Nov 2023 08:29:33 GMT", + "content-type": "application/x-amz-json-1.1", + "content-length": "72582", + "connection": "keep-alive", + "x-amzn-requestid": "4633521e-628b-491b-bb41-e4915567588c" + }, + "RetryAttempts": 0 + } +} \ No newline at end of file diff --git a/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/start_query_execution.json b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/start_query_execution.json new file mode 100644 index 000000000000..aa7cbf5a4d3b --- /dev/null +++ b/Packs/AWS-Athena/Integrations/AWS-Athena/test_data/raw_data_mock/start_query_execution.json @@ -0,0 +1,15 @@ +{ + "QueryExecutionId": "b3c194e7-6580-421c-81fa-4b409e1ba04f", + "ResponseMetadata": { + "RequestId": "90cd1f51-4cf6-4992-a435-11bf8bd791df", + "HTTPStatusCode": 200, + "HTTPHeaders": { + "date": "Wed, 08 Nov 2023 09:07:39 GMT", + "content-type": "application/x-amz-json-1.1", + "content-length": "59", + "connection": "keep-alive", + "x-amzn-requestid": "90cd1f51-4cf6-4992-a435-11bf8bd791df" + }, + "RetryAttempts": 0 + } +} \ No newline at end of file diff --git a/Packs/AWS-Athena/ReleaseNotes/2_0_0.json b/Packs/AWS-Athena/ReleaseNotes/2_0_0.json new file mode 100644 index 000000000000..4ad515eec990 --- /dev/null +++ b/Packs/AWS-Athena/ReleaseNotes/2_0_0.json @@ -0,0 +1,4 @@ +{ + "breakingChanges": true, + "breakingChangesNotes": "Context output of the commands has been changed, and a new 'QueryLimit' parameter with a default value has been added to the 'aws-athena-start-query' command. See the release notes for more information." +} \ No newline at end of file diff --git a/Packs/AWS-Athena/ReleaseNotes/2_0_0.md b/Packs/AWS-Athena/ReleaseNotes/2_0_0.md new file mode 100644 index 000000000000..c3b82e3a6d95 --- /dev/null +++ b/Packs/AWS-Athena/ReleaseNotes/2_0_0.md @@ -0,0 +1,13 @@ + +#### Integrations + +##### AWS - Athena + +- The integration is no longer in beta. +- Added a new **aws-athena-execute-query** command, which will execute a new query, wait using polling until the query is completed, and return query execution information and the results. +- Added the **Timeout** and **Retries** instance configuration options. +- Added a **QueryLimit** parameter to the ***aws-athena-start-query** command. +- Added a `query_execution_id` key to the ***aws-athena-query-results*** command's context results, to help differentiate between results from different queries. +- Updated the context output keys of commands to be unique and separate for each command (previously, the context output for all commands was under the same `Query` key). +- Updated the output of the ***aws-athena-query-results*** command to parsed & arranged results instead of the previous raw response. +- Updated the Docker image to: *demisto/boto3py3:1.0.0.83094*. diff --git a/Packs/AWS-Athena/TestPlaybooks/playbook-AWS-Athena-Beta.yml b/Packs/AWS-Athena/TestPlaybooks/playbook-AWS-Athena-Beta.yml deleted file mode 100644 index 76a32f733353..000000000000 --- a/Packs/AWS-Athena/TestPlaybooks/playbook-AWS-Athena-Beta.yml +++ /dev/null @@ -1,91 +0,0 @@ -id: Beta-Athena-Test -version: -1 -name: Beta-Athena-Test -starttaskid: "0" -tasks: - "0": - id: "0" - taskid: c8fef65f-4455-4504-8743-1bbea18b650b - type: start - task: - id: c8fef65f-4455-4504-8743-1bbea18b650b - version: -1 - name: "" - iscommand: false - brand: "" - nexttasks: - '#none#': - - "1" - separatecontext: false - view: |- - { - "position": { - "x": 450, - "y": 50 - } - } - note: false - timertriggers: [] - ignoreworker: false - "1": - id: "1" - taskid: c5a4913a-9bfe-44f8-8ae7-242e5866d8ce - type: regular - task: - id: c5a4913a-9bfe-44f8-8ae7-242e5866d8ce - version: -1 - name: aws-athena-start-query - description: Start Athena Query. - script: '|||aws-athena-start-query' - type: regular - iscommand: true - brand: "" - scriptarguments: - ClientRequestToken: {} - Database: {} - EncryptionOption: {} - KmsKey: {} - OutputLocation: - simple: s3://aws-athena-query-results-120785635586-us-east-2.unknown - QueryString: - simple: |- - SELECT - request_timestamp, - elb_name, - backend_ip, - backend_response_code - FROM elb_logs - WHERE backend_response_code LIKE '4%' OR - backend_response_code LIKE '5%' - LIMIT 100; - WorkGroup: {} - region: {} - roleArn: {} - roleSessionDuration: {} - roleSessionName: {} - separatecontext: false - view: |- - { - "position": { - "x": 450, - "y": 230 - } - } - note: false - timertriggers: [] - ignoreworker: false -view: |- - { - "linkLabelsPosition": {}, - "paper": { - "dimensions": { - "height": 275, - "width": 380, - "x": 450, - "y": 50 - } - } - } -inputs: [] -outputs: [] -fromversion: 5.0.0 diff --git a/Packs/AWS-Athena/pack_metadata.json b/Packs/AWS-Athena/pack_metadata.json index dc68b5b8021c..e54aff77afbb 100644 --- a/Packs/AWS-Athena/pack_metadata.json +++ b/Packs/AWS-Athena/pack_metadata.json @@ -1,8 +1,8 @@ { - "name": "AWS - Athena (Beta)", + "name": "AWS - Athena", "description": "Amazon Web Services Athena", "support": "xsoar", - "currentVersion": "1.0.8", + "currentVersion": "2.0.0", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 0889b83d089de3331825cc1a6375964b1003a958 Mon Sep 17 00:00:00 2001 From: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Date: Tue, 12 Dec 2023 11:13:13 +0200 Subject: [PATCH 11/50] Malware Investigation and Response - Added specification for integration brand for the !endpoint command. (#31399) * Specify dedicated integration brand for !endpoint command * RN --- ...ook-CrowdStrike_Falcon_Malware_-_Incident_Enrichment.yml | 2 +- Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_7.md | 6 ++++++ Packs/CrowdStrikeFalcon/pack_metadata.json | 2 +- .../playbook-MDE_Malware_-_Incident_Enrichment.yml | 2 +- .../ReleaseNotes/1_16_20.md | 6 ++++++ .../pack_metadata.json | 2 +- 6 files changed, 16 insertions(+), 4 deletions(-) create mode 100644 Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_7.md create mode 100644 Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_20.md diff --git a/Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_Malware_-_Incident_Enrichment.yml b/Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_Malware_-_Incident_Enrichment.yml index ebb6bd33ba94..d5fa5c65bcdc 100644 --- a/Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_Malware_-_Incident_Enrichment.yml +++ b/Packs/CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_Malware_-_Incident_Enrichment.yml @@ -90,7 +90,7 @@ tasks: version: -1 name: Enrich endpoint details description: Returns information about an endpoint. - script: '|||endpoint' + script: 'CrowdstrikeFalcon|||endpoint' type: regular iscommand: true brand: '' diff --git a/Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_7.md b/Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_7.md new file mode 100644 index 000000000000..0b6e06aa41a7 --- /dev/null +++ b/Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_7.md @@ -0,0 +1,6 @@ + +#### Playbooks + +##### CrowdStrike Falcon Malware - Incident Enrichment + +Added a command brand specification for !endpoint. diff --git a/Packs/CrowdStrikeFalcon/pack_metadata.json b/Packs/CrowdStrikeFalcon/pack_metadata.json index fa91a631aa8a..1e1aabf7d972 100644 --- a/Packs/CrowdStrikeFalcon/pack_metadata.json +++ b/Packs/CrowdStrikeFalcon/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CrowdStrike Falcon", "description": "The CrowdStrike Falcon OAuth 2 API (formerly the Falcon Firehose API), enables fetching and resolving detections, searching devices, getting behaviors by ID, containing hosts, and lifting host containment.", "support": "xsoar", - "currentVersion": "1.12.6", + "currentVersion": "1.12.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/MicrosoftDefenderAdvancedThreatProtection/Playbooks/playbook-MDE_Malware_-_Incident_Enrichment.yml b/Packs/MicrosoftDefenderAdvancedThreatProtection/Playbooks/playbook-MDE_Malware_-_Incident_Enrichment.yml index c9a8db97016e..ed067ed4907c 100644 --- a/Packs/MicrosoftDefenderAdvancedThreatProtection/Playbooks/playbook-MDE_Malware_-_Incident_Enrichment.yml +++ b/Packs/MicrosoftDefenderAdvancedThreatProtection/Playbooks/playbook-MDE_Malware_-_Incident_Enrichment.yml @@ -88,7 +88,7 @@ tasks: id: aaf8082e-fe44-455d-8ca0-f9243218db51 iscommand: true name: Enrich endpoint details - script: '|||endpoint' + script: 'Microsoft Defender Advanced Threat Protection|||endpoint' type: regular version: -1 taskid: aaf8082e-fe44-455d-8ca0-f9243218db51 diff --git a/Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_20.md b/Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_20.md new file mode 100644 index 000000000000..8cc07bd08ef9 --- /dev/null +++ b/Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_20.md @@ -0,0 +1,6 @@ + +#### Playbooks + +##### MDE Malware - Incident Enrichment + +Added a command brand specification for !endpoint. diff --git a/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json b/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json index b391d241576f..280a8641e397 100644 --- a/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json +++ b/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Defender for Endpoint", "description": "Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection (ATP)) is a unified platform for preventative protection, post-breach detection, automated investigation, and response.", "support": "xsoar", - "currentVersion": "1.16.19", + "currentVersion": "1.16.20", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From cbe69d7c42d41838d78a98d3d9534682b06781df Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 12 Dec 2023 11:21:28 +0200 Subject: [PATCH 12/50] Update Docker Image To demisto/tesseract (#31410) * Updated Metadata Of Pack ImageOCR * Added release notes to pack ImageOCR * Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml Docker image update --- Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml | 2 +- Packs/ImageOCR/ReleaseNotes/1_1_22.md | 3 +++ Packs/ImageOCR/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/ImageOCR/ReleaseNotes/1_1_22.md diff --git a/Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml b/Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml index 5e893171b40a..e5cdbf241516 100644 --- a/Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml +++ b/Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml @@ -35,7 +35,7 @@ script: - contextPath: File.Text description: Extracted text from the passed image file. type: String - dockerimage: demisto/tesseract:1.0.0.81254 + dockerimage: demisto/tesseract:1.0.0.82701 runonce: false script: '-' type: python diff --git a/Packs/ImageOCR/ReleaseNotes/1_1_22.md b/Packs/ImageOCR/ReleaseNotes/1_1_22.md new file mode 100644 index 000000000000..e89c6050e4dd --- /dev/null +++ b/Packs/ImageOCR/ReleaseNotes/1_1_22.md @@ -0,0 +1,3 @@ +#### Integrations +##### Image OCR +- Updated the Docker image to: *demisto/tesseract:1.0.0.82701*. diff --git a/Packs/ImageOCR/pack_metadata.json b/Packs/ImageOCR/pack_metadata.json index edfb49146497..91cf237aab42 100644 --- a/Packs/ImageOCR/pack_metadata.json +++ b/Packs/ImageOCR/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Image OCR", "description": "Extracts text from images.", "support": "xsoar", - "currentVersion": "1.1.21", + "currentVersion": "1.1.22", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From f01ecc0a2d3494bddfd619c4dc616aaad4a40c52 Mon Sep 17 00:00:00 2001 From: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Date: Tue, 12 Dec 2023 12:54:12 +0200 Subject: [PATCH 13/50] Fix js get incident tasks by state (#31414) * fixed js indexof * Added rn --- Packs/DemistoRESTAPI/ReleaseNotes/1_3_41.md | 6 ++++++ .../GetIncidentTasksByState/GetIncidentTasksByState.js | 2 +- Packs/DemistoRESTAPI/pack_metadata.json | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 Packs/DemistoRESTAPI/ReleaseNotes/1_3_41.md diff --git a/Packs/DemistoRESTAPI/ReleaseNotes/1_3_41.md b/Packs/DemistoRESTAPI/ReleaseNotes/1_3_41.md new file mode 100644 index 000000000000..809bf7df2f6a --- /dev/null +++ b/Packs/DemistoRESTAPI/ReleaseNotes/1_3_41.md @@ -0,0 +1,6 @@ + +#### Scripts + +##### GetIncidentTasksByState + +Fixed an issue where the script failed in XSOAR version 6.9.0 diff --git a/Packs/DemistoRESTAPI/Scripts/GetIncidentTasksByState/GetIncidentTasksByState.js b/Packs/DemistoRESTAPI/Scripts/GetIncidentTasksByState/GetIncidentTasksByState.js index ed7b3937b50d..94e3ca2eb1f6 100644 --- a/Packs/DemistoRESTAPI/Scripts/GetIncidentTasksByState/GetIncidentTasksByState.js +++ b/Packs/DemistoRESTAPI/Scripts/GetIncidentTasksByState/GetIncidentTasksByState.js @@ -39,7 +39,7 @@ function getAllPlaybookTasks(tasks) { function getStates(states) { var input_states = states.split(","); - if (input_states.includes('error')) { + if (input_states.indexOf('error') > -1) { input_states = input_states.concat('loopError') } var readyStates = {}; diff --git a/Packs/DemistoRESTAPI/pack_metadata.json b/Packs/DemistoRESTAPI/pack_metadata.json index 99cb0feb512a..c1e7b3a4742a 100644 --- a/Packs/DemistoRESTAPI/pack_metadata.json +++ b/Packs/DemistoRESTAPI/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cortex REST API", "description": "Use Demisto REST APIs", "support": "xsoar", - "currentVersion": "1.3.40", + "currentVersion": "1.3.41", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 9c36e62c4f3a0eb9539cfc24e15f2762516f57a2 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 12 Dec 2023 13:43:55 +0200 Subject: [PATCH 14/50] [Marketplace Contribution] IP2LocationIO (#31302) (#31406) * "pack contribution initial commit" * Update IP2LocationIO.py * Update pack_metadata.json * Update IP2LocationIO.py * Update .secrets-ignore * Update .secrets-ignore * Update IP2LocationIO.py * Update IP2LocationIO.py * Update IP2LocationIO.yml * Update Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO.py --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: IP2Location Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com> --- Packs/IP2LocationIO/.pack-ignore | 0 Packs/IP2LocationIO/.secrets-ignore | 2 + .../IP2LocationIO/IP2LocationIO.py | 126 ++++++++++++++++++ .../IP2LocationIO/IP2LocationIO.yml | 114 ++++++++++++++++ .../IP2LocationIO_description.md | 5 + .../IP2LocationIO/IP2LocationIO_image.png | Bin 0 -> 1112 bytes .../Integrations/IP2LocationIO/README.md | 57 ++++++++ Packs/IP2LocationIO/README.md | 0 Packs/IP2LocationIO/pack_metadata.json | 21 +++ 9 files changed, 325 insertions(+) create mode 100644 Packs/IP2LocationIO/.pack-ignore create mode 100644 Packs/IP2LocationIO/.secrets-ignore create mode 100644 Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO.py create mode 100644 Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO.yml create mode 100644 Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO_description.md create mode 100644 Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO_image.png create mode 100644 Packs/IP2LocationIO/Integrations/IP2LocationIO/README.md create mode 100644 Packs/IP2LocationIO/README.md create mode 100644 Packs/IP2LocationIO/pack_metadata.json diff --git a/Packs/IP2LocationIO/.pack-ignore b/Packs/IP2LocationIO/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/IP2LocationIO/.secrets-ignore b/Packs/IP2LocationIO/.secrets-ignore new file mode 100644 index 000000000000..e1a0b3c2bd96 --- /dev/null +++ b/Packs/IP2LocationIO/.secrets-ignore @@ -0,0 +1,2 @@ +https://www.ip2location.io +https://api.ip2location.io diff --git a/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO.py b/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO.py new file mode 100644 index 000000000000..9d6a9d289c16 --- /dev/null +++ b/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO.py @@ -0,0 +1,126 @@ +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + + +import urllib3 +from typing import Any, Dict, List + +urllib3.disable_warnings() + + +class Client(BaseClient): + def get_ip_geolocation(self, ip: str, api_key: str) -> Dict[str, Any]: + return self._http_request( + method='GET', + url_suffix='/', + params={ + 'ip': ip, + 'key': api_key + } + ) + + +def test_module(client: Client) -> str: + try: + client._http_request( + method='GET', + url_suffix='/', + params={ + 'ip': '8.8.8.8' + } + ) + except DemistoException as e: + if 'Forbidden' in str(e): + return 'Authorization Error: make sure API Key is correctly set' + else: + raise e + + return 'ok' + + +def ip_geolocation_command(client: Client, args: Dict[str, Any], reliability: DBotScoreReliability, + api_key: str) -> List[CommandResults]: + ips = argToList(args.get('ip')) + if len(ips) == 0: + raise ValueError('IP(s) not specified') + + command_results: List[CommandResults] = [] + + for ip in ips: + if not is_ip_valid(ip, accept_v6_ips=True): # check IP's validity + raise ValueError(f'IP "{ip}" is not valid') + ip_data = client.get_ip_geolocation(ip, api_key) + ip_data['ip'] = ip + + dbot_score = Common.DBotScore( + indicator=ip, + indicator_type=DBotScoreType.IP, + integration_name='IP2LocationIO', + score=Common.DBotScore.NONE, + reliability=reliability + ) + + ip_standard_context = Common.IP( + ip=ip, + geo_country=ip_data.get('country_name'), + geo_latitude=ip_data.get('latitude'), + geo_longitude=ip_data.get('longitude'), + geo_description=f"{ip_data.get('city_name')}, {ip_data.get('region_name')}, {ip_data.get('country_name')}", + region=ip_data.get('region'), + asn=f"AS{ip_data.get('asn')}", + dbot_score=dbot_score + ) + + ip_context_excluded_fields = ['objects', 'nir'] + ip_data = {k: ip_data[k] for k in ip_data if k not in ip_context_excluded_fields} + + readable_output = tableToMarkdown('IP', ip_data) + + command_results.append(CommandResults( + readable_output=readable_output, + outputs_prefix='IP2LocationIO.IP', + outputs_key_field='ip', + outputs=ip_data, + indicator=ip_standard_context + )) + return command_results + + +def main() -> None: + params = demisto.params() + args = demisto.args() + command = demisto.command() + + api_key = params.get('credentials', {}).get('password') + + base_url = urljoin(params.get('url').rstrip("/"), '') + + verify_certificate = not params.get('insecure', False) + + proxy = params.get('proxy', False) + + reliability = params.get('integrationReliability', DBotScoreReliability.C) + + demisto.debug(f'Command being called is {command}') + try: + client = Client( + base_url=base_url, + verify=verify_certificate, + proxy=proxy) + + if command == 'test-module': + result = test_module(client) + return_results(result) + + elif command == 'ip': + return_results(ip_geolocation_command(client, args, reliability, api_key)) + + else: + raise NotImplementedError(f'Command {command} is not implemented') + + except Exception as e: + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO.yml b/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO.yml new file mode 100644 index 000000000000..395709d8038a --- /dev/null +++ b/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO.yml @@ -0,0 +1,114 @@ +category: Utilities +commonfields: + id: IP2LocationIO + version: -1 +configuration: +- additionalinfo: Reliability of the source providing the intelligence data. + defaultvalue: C - Fairly reliable + display: Source Reliability + name: integrationReliability + options: + - A+ - 3rd party enrichment + - A - Completely reliable + - B - Usually reliable + - C - Fairly reliable + - D - Not usually reliable + - E - Unreliable + - F - Reliability cannot be judged + required: false + section: Collect + type: 15 +- defaultvalue: https://api.ip2location.io + display: IP2Location.io API + name: url + required: true + section: Connect + type: 0 +- display: "" + displaypassword: API Key + hiddenusername: true + name: credentials + required: true + section: Connect + type: 9 +- advanced: true + display: Trust any certificate (not secure) + name: insecure + required: false + section: Connect + type: 8 +- advanced: true + display: Use system proxy settings + name: proxy + required: false + section: Connect + type: 8 +description: IP2Location.io integration to query IP geolocation data. +display: IP2LocationIO +name: IP2LocationIO +script: + commands: + - arguments: + - default: true + description: List of IPs. + isArray: true + name: ip + description: Return IP information and reputation + name: ip + outputs: + - contextPath: DBotScore.Indicator + description: The indicator that was tested. + type: String + - contextPath: DBotScore.Score + description: The actual score. + type: Number + - contextPath: DBotScore.Type + description: The indicator type. + type: String + - contextPath: DBotScore.Vendor + description: The vendor used to calculate the score. + type: String + - contextPath: IP2LocationIO.IP.asn + description: The autonomous system name for the IP address. + type: String + - contextPath: IP2LocationIO.IP.asn_description + description: The ASN description. + type: String + - contextPath: IP2LocationIO.IP.ip + description: The actual IP address. + type: String + - contextPath: IP2LocationIO.IP.query + description: IP address that was queried. + type: String + - contextPath: IP2LocationIO.IP.raw + description: Additional raw data for the IP address. + type: Unknown + - contextPath: IP.Address + description: IP address. + type: String + - contextPath: IP.ASN + description: The autonomous system name for the IP address. + type: String + - contextPath: IP.Relationships.EntityA + description: The source of the relationship. + type: string + - contextPath: IP.Relationships.EntityB + description: The destination of the relationship. + type: string + - contextPath: IP.Relationships.Relationship + description: The name of the relationship. + type: string + - contextPath: IP.Relationships.EntityAType + description: The type of the source of the relationship. + type: string + - contextPath: IP.Relationships.EntityBType + description: The type of the destination of the relationship. + type: string + dockerimage: demisto/python3:3.10.13.82980 + runonce: false + script: '' + subtype: python3 + type: python +fromversion: 6.0.0 +tests: +- No tests (auto formatted) diff --git a/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO_description.md b/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO_description.md new file mode 100644 index 000000000000..b35902a3b7f8 --- /dev/null +++ b/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO_description.md @@ -0,0 +1,5 @@ +## IP2LocationIO +- This section explains how to configure the instance of IP2LocationIO in Cortex XSOAR. +- Sign up for a free API key at https://www.ip2location.io/pricing + +--- \ No newline at end of file diff --git a/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO_image.png b/Packs/IP2LocationIO/Integrations/IP2LocationIO/IP2LocationIO_image.png new file mode 100644 index 0000000000000000000000000000000000000000..85dbcdee8bd6b107d3b555559c2c587e1d13a68a GIT binary patch literal 1112 zcmV-e1gHCnP){~r<6HySh5d~dVT)@i-vIjug%?aXE&>)X)Aq|If2_{G| zL4pYqOpss_OpsuL1QR5fAi)F)CP**|ChjF3))hW`{vnZ1@%ht>GL-kVTqF}&ip-?V zly1Dc=*Iui0di*|`y$6mpp>QZyF^*ULZmP4mUL%3QnV7B;&%}UzZN+cIl}iEPryZ``?q1V9T(@DCT1GYDYZ@veo=AY)Nn!Rjj-&oM}3{o?Fo07SnQ* zo+c~U8a$~}gu#Bo;I1pzeLEL96?r7`O5}0quIYU&{U*|0Q~X(t3A$B`%nm<>8*7X$ zVlPxxTCUEOHoBcmYXVVi$ZT#1k{NWJqR+fWw;v-n+t7bvWnr9&v>8jA74#k3EyVm4 ze5f{m(=nvHK(-v$%;5_2EO)sFFYq0#sUL)P>+l24@S>AE6T_eCNxY_BF}x)Jb^H_P zx&$ewm~@T`$ZknAe zQ&vv*0%cz;Gi;lpCs1tB;|CqV3D#~M-imw;WhqkF9_%QCvl8dbO-TJpcebfLzc6`o z>O$IN8=N?Cw*_5Mhp;QdbAX<5{9c|7)_zY4aLbHZjQ@Y{b=ICVIbq?eW zoihhE?-e4ArglNC!Wg8eX0(|wJg*?JH51Ld0Mks=Oo(%dGx^=Weq(ZHD1oY?aq z({LL0b$Wt)2U{)?cviPS2I!-IfybFD=upSK@ppY!*9#8rG)$%E&}DiO*mn@;jMH_2 zJ=?Nb5d$6PgafzddK*=DQFm+THvQu>MAaeE@qjnX_C8hKwu<|7+dU*0sYTPnUfpq= zXzxpw#~80NOS-Nd=<*N1nW702OpsuL1QR5fAi)F)Ccy*=CP*+rf(a5#kYIuYlVE}b e6Yaxq0R{k_oTj0 **Integrations** > **Servers & Services**. +2. Search for IP2LocationIO. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Source Reliability | Reliability of the source providing the intelligence data. | False | + | IP2Location.io API | | True | + | API Key | | True | + | Trust any certificate (not secure) | | False | + | Use system proxy settings | | False | + +4. Click **Test** to validate the URLs, token, and connection. + +## Commands + +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. + +### ip + +*** +Return IP information and reputation + +#### Base Command + +`ip` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| ip | List of IPs. | Optional | + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| DBotScore.Indicator | String | The indicator that was tested. | +| DBotScore.Score | Number | The actual score. | +| DBotScore.Type | String | The indicator type. | +| DBotScore.Vendor | String | The vendor used to calculate the score. | +| IP2LocationIO.IP.asn | String | The autonomous system name for the IP address. | +| IP2LocationIO.IP.asn_description | String | The ASN description. | +| IP2LocationIO.IP.ip | String | The actual IP address. | +| IP2LocationIO.IP.query | String | IP address that was queried. | +| IP2LocationIO.IP.raw | Unknown | Additional raw data for the IP address. | +| IP.Address | String | IP address. | +| IP.ASN | String | The autonomous system name for the IP address. | +| IP.Relationships.EntityA | string | The source of the relationship. | +| IP.Relationships.EntityB | string | The destination of the relationship. | +| IP.Relationships.Relationship | string | The name of the relationship. | +| IP.Relationships.EntityAType | string | The type of the source of the relationship. | +| IP.Relationships.EntityBType | string | The type of the destination of the relationship. | diff --git a/Packs/IP2LocationIO/README.md b/Packs/IP2LocationIO/README.md new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/IP2LocationIO/pack_metadata.json b/Packs/IP2LocationIO/pack_metadata.json new file mode 100644 index 000000000000..fa4d97795a52 --- /dev/null +++ b/Packs/IP2LocationIO/pack_metadata.json @@ -0,0 +1,21 @@ +{ + "name": "IP2LocationIO", + "description": "IP2Location.io API integration to query IP geolocation.", + "support": "community", + "currentVersion": "1.0.0", + "author": "ip2location", + "url": "https://www.ip2location.io/", + "email": "support@ip2location.io", + "created": "2023-12-05T03:03:31Z", + "categories": ["Utilities"], + "tags": [], + "useCases": [], + "keywords": [], + "marketplaces": [ + "xsoar", + "marketplacev2" + ], + "githubUser": [ + "ip2location" + ] +} From 82c06d9046e38792bec6579868adef861627b642 Mon Sep 17 00:00:00 2001 From: Erez FelmanDar <102903097+efelmandar@users.noreply.github.com> Date: Tue, 12 Dec 2023 14:41:10 +0200 Subject: [PATCH 15/50] Bugfix/XSUP-30713/add-InternalIPRanges-as-playbook-input (#31329) * Pass InternalIPRanges as input for alert handling subplaybook * Add InternalIPRanges playbook input * Remove unwanted change * Fix validation error * Update release notes * Fix alert handling subplaybook to use InternalIPRanges from inputs * Fix release notes based on review comments * Bump pack from version CortexXDR to 6.0.9. --------- Co-authored-by: Content Bot --- .../Playbooks/Cortex_XDR_Alerts_Handling.yml | 22 +++++++++++++++++++ .../Cortex_XDR_Alerts_Handling_README.md | 1 + .../Cortex_XDR_incident_handling_v3_6_5.yml | 19 +++++++++++++++- ...tex_XDR_incident_handling_v3_6_5_README.md | 2 +- Packs/CortexXDR/ReleaseNotes/6_0_9.md | 12 ++++++++++ Packs/CortexXDR/pack_metadata.json | 2 +- 6 files changed, 55 insertions(+), 3 deletions(-) create mode 100644 Packs/CortexXDR/ReleaseNotes/6_0_9.md diff --git a/Packs/CortexXDR/Playbooks/Cortex_XDR_Alerts_Handling.yml b/Packs/CortexXDR/Playbooks/Cortex_XDR_Alerts_Handling.yml index eb90778e5fed..53ed5dd5a288 100644 --- a/Packs/CortexXDR/Playbooks/Cortex_XDR_Alerts_Handling.yml +++ b/Packs/CortexXDR/Playbooks/Cortex_XDR_Alerts_Handling.yml @@ -342,6 +342,9 @@ tasks: xdr_alert_id: complex: root: inputs.alert_id + InternalIPRanges: + complex: + root: inputs.InternalIPRanges separatecontext: true continueonerrortype: "" loop: @@ -1459,6 +1462,25 @@ inputs: required: false description: Alert ID. playbookInputQuery: +- key: InternalIPRanges + value: + complex: + root: lists + accessor: PrivateIPs + transformers: + - operator: RegexReplace + args: + action_dt: {} + ignore_case: {} + multi_line: {} + output_format: {} + period_matches_newline: {} + regex: + value: + simple: IANA_Private_Address + required: false + description: 'A list of IP ranges to check the IP against. The list should be provided in CIDR notation, separated by commas. An example of a list of ranges would be: "172.16.0.0/12,10.0.0.0/8,192.168.0.0/16" (without quotes). If a list is not provided, will use default list provided in the IsIPInRanges script (the known IPv4 private address ranges).' + playbookInputQuery: outputs: - contextPath: PaloAltoNetworksXDR.Incident.incident_id description: Unique ID assigned to each returned incident. diff --git a/Packs/CortexXDR/Playbooks/Cortex_XDR_Alerts_Handling_README.md b/Packs/CortexXDR/Playbooks/Cortex_XDR_Alerts_Handling_README.md index ba501e4358a1..78e2ab306634 100644 --- a/Packs/CortexXDR/Playbooks/Cortex_XDR_Alerts_Handling_README.md +++ b/Packs/CortexXDR/Playbooks/Cortex_XDR_Alerts_Handling_README.md @@ -46,6 +46,7 @@ This playbook does not use any scripts. | --- | --- | --- | --- | | incident_id | Incident ID. | PaloAltoNetworksXDR.Incident.incident_id | Optional | | alert_id | Alert ID. | PaloAltoNetworksXDR.Incident.alerts.alert_id | Optional | +| InternalIPRanges | A list of IP ranges to check the IP against. The list should be provided in CIDR notation, separated by commas. An example of a list of ranges would be: "172.16.0.0/12,10.0.0.0/8,192.168.0.0/16" \(without quotes\). If a list is not provided, will use default list provided in the IsIPInRanges script \(the known IPv4 private address ranges\). | lists.PrivateIPs | Optional | ## Playbook Outputs diff --git a/Packs/CortexXDR/Playbooks/Cortex_XDR_incident_handling_v3_6_5.yml b/Packs/CortexXDR/Playbooks/Cortex_XDR_incident_handling_v3_6_5.yml index 2ba8db356293..fbba586ab8b4 100644 --- a/Packs/CortexXDR/Playbooks/Cortex_XDR_incident_handling_v3_6_5.yml +++ b/Packs/CortexXDR/Playbooks/Cortex_XDR_incident_handling_v3_6_5.yml @@ -1608,6 +1608,9 @@ tasks: '#none#': - "79" scriptarguments: + InternalIPRanges: + complex: + root: inputs.InternalRange alert_id: complex: root: PaloAltoNetworksXDR.Incident.alerts @@ -2013,7 +2016,21 @@ inputs: description: This input indicates whether the playbook will hunt for related IOCs. Specify Yes/No. playbookInputQuery: - key: InternalRange - value: {} + value: + complex: + root: lists + accessor: PrivateIPs + transformers: + - operator: RegexReplace + args: + action_dt: {} + ignore_case: {} + multi_line: {} + output_format: {} + period_matches_newline: {} + regex: + value: + simple: IANA_Private_Address required: false description: "A comma-separated list of internal IP ranges to check IP addresses against. The list should be provided in CIDR notation. An example of a list \n\"172.16.0.0/12,10.0.0.0/8,192.168.0.0/16\" (without quotes). \nIf a list is not provided, will use the default list provided in the IsIPInRanges." playbookInputQuery: diff --git a/Packs/CortexXDR/Playbooks/Cortex_XDR_incident_handling_v3_6_5_README.md b/Packs/CortexXDR/Playbooks/Cortex_XDR_incident_handling_v3_6_5_README.md index 5511352c7ac8..cce9234c3baa 100644 --- a/Packs/CortexXDR/Playbooks/Cortex_XDR_incident_handling_v3_6_5_README.md +++ b/Packs/CortexXDR/Playbooks/Cortex_XDR_incident_handling_v3_6_5_README.md @@ -45,7 +45,7 @@ This playbook uses the following sub-playbooks, integrations, and scripts. | incident_id | Incident ID. | incident.xdrincidentid | Optional | | LinkSimilarIncidents | This input indicates whether the playbook will link similar incidents. To link similar incidents, specify Yes/No. | Yes | Optional | | Hunting | This input indicates whether the playbook will hunt for related IOCs. Specify Yes/No. | Yes | Optional | -| InternalRange | A comma-separated list of internal IP ranges to check IP addresses against. The list should be provided in CIDR notation. An example of a list
"172.16.0.0/12,10.0.0.0/8,192.168.0.0/16" \(without quotes\).
If a list is not provided, will use the default list provided in the IsIPInRanges. | | Optional | +| InternalRange | A comma-separated list of internal IP ranges to check IP addresses against. The list should be provided in CIDR notation. An example of a list
"172.16.0.0/12,10.0.0.0/8,192.168.0.0/16" \(without quotes\).
If a list is not provided, will use the default list provided in the IsIPInRanges. | lists.PrivateIPs | Optional | | CriticalUsernames | A comma-separated list of names of critical users in the organization.
This will affect the calculated severity of the incident. | admin,administrator | Optional | | CriticalHostnames | A comma-separated list of names of critical endpoints in the organization. This will affect the calculated severity of the incident. | | Optional | | CriticalADGroups | A comma-separated list of DN names of critical Active Directory groups. This will affect the severity calculated for this incident. | | Optional | diff --git a/Packs/CortexXDR/ReleaseNotes/6_0_9.md b/Packs/CortexXDR/ReleaseNotes/6_0_9.md new file mode 100644 index 000000000000..31ac8b7f0071 --- /dev/null +++ b/Packs/CortexXDR/ReleaseNotes/6_0_9.md @@ -0,0 +1,12 @@ + +#### Playbooks + +##### Cortex XDR incident handling v3 + +- Updated the "Cortex XDR Alerts Handling" sub-playbook to use the "InternalRanges" input instead of default static value. +- Added a default value to the "InternalRanges" playbook input. + +##### Cortex XDR Alerts Handling + +- Added a new playbook input for Internal IP ranges. +- Updated the "Port Scan - adjusted" sub-playbook to get Internal IP ranges from inputs instead of static value. diff --git a/Packs/CortexXDR/pack_metadata.json b/Packs/CortexXDR/pack_metadata.json index 8d88570cc17d..b25b6225769f 100644 --- a/Packs/CortexXDR/pack_metadata.json +++ b/Packs/CortexXDR/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cortex XDR by Palo Alto Networks", "description": "Automates Cortex XDR incident response, and includes custom Cortex XDR incident views and layouts to aid analyst investigations.", "support": "xsoar", - "currentVersion": "6.0.8", + "currentVersion": "6.0.9", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 20ad0908b9d00103ab9dd9838f1addfe2664b450 Mon Sep 17 00:00:00 2001 From: Liron Michalevich <73780437+lmichalevich@users.noreply.github.com> Date: Tue, 12 Dec 2023 15:56:04 +0200 Subject: [PATCH 16/50] CRTX-96742: Release a new base pack (#31420) --- Packs/Base/ReleaseNotes/1_33_4.md | 4 ++++ Packs/Base/Scripts/SanePdfReport/SanePdfReport.yml | 2 +- Packs/Base/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/Base/ReleaseNotes/1_33_4.md diff --git a/Packs/Base/ReleaseNotes/1_33_4.md b/Packs/Base/ReleaseNotes/1_33_4.md new file mode 100644 index 000000000000..1f385d7adaf2 --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_33_4.md @@ -0,0 +1,4 @@ +#### Scripts +##### SanePdfReports +- Updated the Docker image to: *demisto/sane-pdf-reports:1.0.0.83535*. +- Fixed an issue where table section header could be split between two pages. \ No newline at end of file diff --git a/Packs/Base/Scripts/SanePdfReport/SanePdfReport.yml b/Packs/Base/Scripts/SanePdfReport/SanePdfReport.yml index 154d904332ee..c915254b371f 100644 --- a/Packs/Base/Scripts/SanePdfReport/SanePdfReport.yml +++ b/Packs/Base/Scripts/SanePdfReport/SanePdfReport.yml @@ -45,7 +45,7 @@ tags: - pdf timeout: '0' type: python -dockerimage: demisto/sane-pdf-reports:1.0.0.81075 +dockerimage: demisto/sane-pdf-reports:1.0.0.83535 runas: DBotWeakRole tests: - No Test diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json index 4ca07ab9dfde..4e3aeffe63ac 100644 --- a/Packs/Base/pack_metadata.json +++ b/Packs/Base/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Base", "description": "The base pack for Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.33.3", + "currentVersion": "1.33.4", "author": "Cortex XSOAR", "serverMinVersion": "6.0.0", "url": "https://www.paloaltonetworks.com/cortex", From f8ac6ed8ed33048c17a2df83aa403b7898723941 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 12 Dec 2023 16:37:21 +0200 Subject: [PATCH 17/50] Azure sentinel assignement options (#31419) * Azure sentinel assignement options (#31065) * Azure sentinel updates for assginment (#1) * added support to unassign incidents and assignment based on AssigneeObjectID * updated docker images and release notes * updated containers and sdk format * Update Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.py Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com> * Update Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com> * Update TestAzureSentinelPlaybookV2.yml revert demisto sdk format changes * Update playbook-TestAzureSentinelPlaybook.yml revert demisto-sdk format changes * undo json changes * undo demisto-sdk json changes * new version * resolve conflict * resolve conflict * resolve conflict * revert changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Docker Image --------- Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com> Co-authored-by: MLainer1 Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * DI --------- Co-authored-by: asieberle <121243004+asieberle@users.noreply.github.com> Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com> Co-authored-by: MLainer1 Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --- Packs/AzureSentinel/.pack-ignore | 1 + .../AzureSentinel/AzureSentinel.py | 23 +++++++++++------ .../AzureSentinel/AzureSentinel.yml | 25 +++++++++++++++++-- .../AzureSentinel_description.md | 2 +- .../Integrations/AzureSentinel/README.md | 13 ++++++++++ Packs/AzureSentinel/README.md | 2 ++ Packs/AzureSentinel/ReleaseNotes/1_5_33.md | 11 ++++++++ Packs/AzureSentinel/pack_metadata.json | 4 +-- 8 files changed, 69 insertions(+), 12 deletions(-) create mode 100644 Packs/AzureSentinel/ReleaseNotes/1_5_33.md diff --git a/Packs/AzureSentinel/.pack-ignore b/Packs/AzureSentinel/.pack-ignore index 7bb33d4306e4..ace2ab67eabf 100644 --- a/Packs/AzureSentinel/.pack-ignore +++ b/Packs/AzureSentinel/.pack-ignore @@ -49,3 +49,4 @@ Eleme Respo ts GCC +unassign diff --git a/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.py b/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.py index 01711cdb5b97..8adbe2aec6c3 100644 --- a/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.py +++ b/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.py @@ -31,9 +31,9 @@ 'The response from the server did not contain the expected content.' INCIDENT_HEADERS = ['ID', 'IncidentNumber', 'Title', 'Description', 'Severity', 'Status', 'IncidentUrl', 'AssigneeName', - 'AssigneeEmail', 'Label', 'FirstActivityTimeUTC', 'LastActivityTimeUTC', 'LastModifiedTimeUTC', - 'CreatedTimeUTC', 'AlertsCount', 'BookmarksCount', 'CommentsCount', 'AlertProductNames', - 'Tactics', 'FirstActivityTimeGenerated', 'LastActivityTimeGenerated'] + 'AssigneeEmail', 'AssigneeObjectID', 'AssigneeUPN', 'Label', 'FirstActivityTimeUTC', 'LastActivityTimeUTC', + 'LastModifiedTimeUTC', 'CreatedTimeUTC', 'AlertsCount', 'BookmarksCount', 'CommentsCount', + 'AlertProductNames', 'Tactics', 'FirstActivityTimeGenerated', 'LastActivityTimeGenerated'] COMMENT_HEADERS = ['ID', 'IncidentID', 'Message', 'AuthorName', 'AuthorEmail', 'CreatedTimeUTC'] @@ -233,6 +233,8 @@ def incident_data_to_xsoar_format(inc_data, is_fetch_incidents=False): 'Status': properties.get('status'), 'AssigneeName': properties.get('owner', {}).get('assignedTo'), 'AssigneeEmail': properties.get('owner', {}).get('email'), + 'AssigneeObjectID': properties.get('owner', {}).get('objectId'), + 'AssigneeUPN': properties.get('owner', {}).get('userPrincipalName'), 'Label': [{ 'Name': label.get('labelName'), 'Type': label.get('labelType') @@ -348,8 +350,10 @@ def get_update_incident_request_data(client: AzureSentinelClient, args: Dict[str classification_comment = args.get('classification_comment') classification_reason = args.get('classification_reason') assignee_email = args.get('assignee_email') + assignee_objectid = args.get('assignee_objectid') user_principal_name = args.get('user_principal_name') labels = argToList(args.get('labels', '')) + unassign = args.get('unassign') owner = demisto.get(fetched_incident_data, 'properties.owner', {}) if not title: @@ -360,10 +364,15 @@ def get_update_incident_request_data(client: AzureSentinelClient, args: Dict[str severity = demisto.get(fetched_incident_data, 'properties.severity') if not status: status = demisto.get(fetched_incident_data, 'properties.status') - if user_principal_name: - owner = {'userPrincipalName': user_principal_name} - if assignee_email: - owner['email'] = assignee_email + if unassign == 'true': + owner = {} + elif assignee_objectid: + owner = {'objectId': assignee_objectid} + else: + if user_principal_name: + owner = {'userPrincipalName': user_principal_name} + if assignee_email: + owner['email'] = assignee_email existing_labels = demisto.get(fetched_incident_data, 'properties.labels') if not labels: # not provided as arg diff --git a/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml b/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml index 9049c7405991..8624ba1a2e32 100644 --- a/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml +++ b/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml @@ -233,6 +233,12 @@ script: - contextPath: AzureSentinel.Incident.AssigneeEmail description: The email address of the incident assignee. type: String + - contextPath: AzureSentinel.Incident.AssigneeObjectID + description: The object ID of the incident assignee. + type: string + - contextPath: AzureSentinel.Incident.AssigneeUPN + description: The user principal name of incident assignee. + type: string - contextPath: AzureSentinel.Incident.Label.Name description: The name of the incident label. type: String @@ -545,13 +551,22 @@ script: name: assignee_email - description: The user principal name of the client. Note that the updated API field is `owner.userPrincipalName`. name: user_principal_name + - description: Object ID of assignee. This is the unique object ID of a user to update the assignee of the incident. Updated key is owner.objectId. + name: assignee_objectid - description: Incident labels. Note that all labels will be set as labelType='User'. - isArray: true name: labels + isArray: true - description: The subscription ID. name: subscription_id - description: The resource group name. name: resource_group_name + - auto: PREDEFINED + description: If set to true, the assignee will be removed and the incident will remain unassigned. Overrides the other arguments related to the assignee. + name: unassign + predefined: + - 'false' + - 'true' + type: unknown description: Updates a single incident in Azure Sentinel. name: azure-sentinel-update-incident outputs: @@ -576,6 +591,12 @@ script: - contextPath: AzureSentinel.Incident.AssigneeEmail description: The email address of the incident assignee. type: String + - contextPath: AzureSentinel.Incident.AssigneeObjectID + description: The object ID of the incident assignee. + type: string + - contextPath: AzureSentinel.Incident.AssigneeUPN + description: The user principal name of the incident assignee. + type: string - contextPath: AzureSentinel.Incident.Label.Name description: The name of the incident label. type: String @@ -2360,7 +2381,7 @@ script: execution: false name: azure-sentinel-auth-reset arguments: [] - dockerimage: demisto/crypto:1.0.0.82278 + dockerimage: demisto/crypto:1.0.0.83343 isfetch: true runonce: false script: '-' diff --git a/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel_description.md b/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel_description.md index 8c7ab11974b8..b7c3775cc65c 100644 --- a/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel_description.md +++ b/Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel_description.md @@ -37,4 +37,4 @@ If you have a dedicated server URL, enter it in the *Server Url* parameter. ## Get the Additional Instance Parameters -To get the *Subscription ID*, *Workspace Name* and *Resource Group* parameters, in the Azure Portal navigate to **Azure Sentinel** > your workspace > **Settings** and click the **Workspace Settings** tab. +To get the *Subscription ID*, *Workspace Name*, and *Resource Group* parameters, in the Azure Portal navigate to **Azure Sentinel** > your workspace > **Settings** and click the **Workspace Settings** tab. \ No newline at end of file diff --git a/Packs/AzureSentinel/Integrations/AzureSentinel/README.md b/Packs/AzureSentinel/Integrations/AzureSentinel/README.md index 2e494cca73b2..4b752ce326c1 100644 --- a/Packs/AzureSentinel/Integrations/AzureSentinel/README.md +++ b/Packs/AzureSentinel/Integrations/AzureSentinel/README.md @@ -125,6 +125,8 @@ Gets a single incident from Azure Sentinel. | AzureSentinel.Incident.Status | String | The incident status. | | AzureSentinel.Incident.AssigneeName | String | The name of the incident assignee. | | AzureSentinel.Incident.AssigneeEmail | String | The email address of the incident assignee. | +| AzureSentinel.Incident.AssigneeObjectID | String | The object ID of the incident assignee. | +| AzureSentinel.Incident.AssigneeUPN | String | The user principal name of the incident assignee. | | AzureSentinel.Incident.Label.Name | String | The name of the incident label. | | AzureSentinel.Incident.Label.Type | String | The incident label type. | | AzureSentinel.Incident.FirstActivityTimeUTC | Date | The date and time of the incident's first activity. | @@ -716,6 +718,8 @@ Updates a single incident in Azure Sentinel. | AzureSentinel.Incident.Status | String | The incident status. | | AzureSentinel.Incident.AssigneeName | String | The name of the incident assignee. | | AzureSentinel.Incident.AssigneeEmail | String | The email address of the incident assignee. | +| AzureSentinel.Incident.AssigneeObjectID | String | The object ID of the incident assignee. | +| AzureSentinel.Incident.AssigneeUPN | String | The user principal name of the incident assignee. | | AzureSentinel.Incident.Label.Name | String | The name of the incident label. | | AzureSentinel.Incident.Label.Type | String | The incident label type. | | AzureSentinel.Incident.FirstActivityTimeUTC | Date | The date and time of the incident's first activity. | @@ -2425,8 +2429,11 @@ There are no input arguments for this command. | AzureSentinel.Subscription.subscriptionPolicies | String | The subscription policies of the resource. | #### Command example + ```!azure-sentinel-subscriptions-list``` + #### Context Example + ```json { "AzureSentinel": { @@ -2451,6 +2458,7 @@ There are no input arguments for this command. #### Human Readable Output >### Azure Sentinel Subscriptions + >|Subscriptionid|Tenantid|Displayname|State| >|---|---|---|---| >| 0000000000000 | 000000000000000 | Pay-As-You-Go | Enabled | @@ -2465,6 +2473,7 @@ There are no input arguments for this command. | AzureSentinel.ResourceGroup.location | String | The location of the resource group. | | AzureSentinel.ResourceGroup.tags | Dictionary | The tags of the resource group. | | AzureSentinel.ResourceGroup.properties | dictionary | The properties of the resource group. | + ### azure-sentinel-resource-group-list *** @@ -2494,8 +2503,11 @@ Lists all resource groups. | AzureSentinel.ResourceGroup.properties | dictionary | The properties of the resource group. | #### Command example + ```!azure-sentinel-resource-group-list``` + #### Context Example + ```json { "AzureSentinel": { @@ -2528,6 +2540,7 @@ Lists all resource groups. #### Human Readable Output >### Azure Sentinel Resource Groups + >|Name|Location|Tags| >|---|---|---| >| cloud-shell | eastus | | diff --git a/Packs/AzureSentinel/README.md b/Packs/AzureSentinel/README.md index 16e4a4d64a4a..08ab7f7c16b2 100644 --- a/Packs/AzureSentinel/README.md +++ b/Packs/AzureSentinel/README.md @@ -1,6 +1,8 @@ Use the Azure Sentinel integration to get and manage incidents and get related entity information for incidents. ​ + ## What does this pack do? + - Gets a single incident or a list of incidents from Azure Sentinel. - Gets a list of watchlists from Azure Sentinel. - Creates, updates, or deletes a watchlist in Azure Sentinel. diff --git a/Packs/AzureSentinel/ReleaseNotes/1_5_33.md b/Packs/AzureSentinel/ReleaseNotes/1_5_33.md new file mode 100644 index 000000000000..b4b2ec0250e4 --- /dev/null +++ b/Packs/AzureSentinel/ReleaseNotes/1_5_33.md @@ -0,0 +1,11 @@ + +#### Integrations + +##### Microsoft Sentinel + +- Updated the Docker image to: *demisto/crypto:1.0.0.83343*. +- Added support for incident assignment based on *AssigneeObjectID* in the ***azure-sentinel-update-incident*** command. +- Added support for *unassign* incidents in the ***azure-sentinel-update-incident*** command. +- Added the following context keys + - *AzureSentinel.Incident.AssigneeObjectID* + - *AzureSentinel.Incident.AssigneeUPN* diff --git a/Packs/AzureSentinel/pack_metadata.json b/Packs/AzureSentinel/pack_metadata.json index 77b913f8ec20..a5d24e386a35 100644 --- a/Packs/AzureSentinel/pack_metadata.json +++ b/Packs/AzureSentinel/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Sentinel", "description": "Microsoft Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise.", "support": "xsoar", - "currentVersion": "1.5.32", + "currentVersion": "1.5.33", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", @@ -17,4 +17,4 @@ "xsoar", "marketplacev2" ] -} \ No newline at end of file +} From 10954e332aeb4032901dedbe73e49163861ac6fb Mon Sep 17 00:00:00 2001 From: Sapir Shuker <49246861+sapirshuker@users.noreply.github.com> Date: Tue, 12 Dec 2023 16:54:13 +0200 Subject: [PATCH 18/50] SetGridField fixes (#31318) * SetGridField fixes * update docker * add support for incident_id * do only needed change * revert yml * docker image * revert ruff changes * revert ruff changes * fixes * fixes * fixes * RN conflicts * Update SetGridField.py * add tests * fix test * add tests * Update SetGridField_test.py * fixes CR * fix CR review,update docker * Bump pack from version CommonScripts to 1.12.57. * fix CR review * fix CR review --------- Co-authored-by: Content Bot --- Packs/CommonScripts/ReleaseNotes/1_12_57.md | 7 ++ .../Scripts/SetGridField/SetGridField.py | 81 ++++++++++++------- .../Scripts/SetGridField/SetGridField.yml | 2 +- .../Scripts/SetGridField/SetGridField_test.py | 79 +++++++++++++++++- Packs/CommonScripts/pack_metadata.json | 2 +- 5 files changed, 135 insertions(+), 36 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_12_57.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_12_57.md b/Packs/CommonScripts/ReleaseNotes/1_12_57.md new file mode 100644 index 000000000000..1e0d1f962841 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_12_57.md @@ -0,0 +1,7 @@ + +#### Scripts + +##### SetGridField + +- Fixed an issue where an uninformative error was raised when trying to run the script from the playground or form the playbook debugger. +- Updated the Docker image to: *demisto/pandas:1.0.0.83429*. diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py index ba550ab147ff..38e37fb301c5 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py @@ -1,7 +1,7 @@ import demistomock as demisto # noqa: F401 from CommonServerPython import * # noqa: F401 # STD Libraries -from typing import Optional, List, Dict, Any +from typing import Any # 3-rd party libraries import pandas as pd import phrases_case @@ -9,6 +9,21 @@ from CommonServerUserPython import * +def get_error_message(grid_id: str) -> str: + """ Gets error message. + + Args: + grid_id: The grid ID. + + Returns: + str: The error message. + """ + return f"The following grid id was not found: {grid_id}. Make sure you entered the correct " \ + f"incident type with the \"Machine name\" as it appears in the incident field editor in " \ + f"Settings->Advanced ->Fields (Incident). Also make sure that this value appears in the " \ + f"incident Context Data under incident - if not then consult with PANW support team." + + def normalized_string(phrase: str) -> str: """ Normalize a string to flatcase (to match `cli name`). @@ -46,7 +61,7 @@ def normalized_column_name(phrase: str) -> str: return re.sub(r'[^a-zA-Z\d_]', '', phrase).lower() -def filter_dict(dict_obj: Dict[Any, Any], keys: List[str], max_keys: Optional[int] = None) -> Dict[Any, Any]: +def filter_dict(dict_obj: dict[Any, Any], keys: list[str], max_keys: int | None = None) -> dict[Any, Any]: """ Filter keys from Dictionary: 1. Will only save keys which specified in keys parameters. 2. If key in index 0 is "*", will save all keys until max_keys (as much as Grid can include). @@ -77,7 +92,7 @@ def filter_dict(dict_obj: Dict[Any, Any], keys: List[str], max_keys: Optional[in return new_dict -def entry_dicts_to_string(dict_obj: Dict[Any, Any], keys_to_choose: list[str]): +def entry_dicts_to_string(dict_obj: dict[Any, Any], keys_to_choose: list[str]): """ Args: @@ -87,7 +102,7 @@ def entry_dicts_to_string(dict_obj: Dict[Any, Any], keys_to_choose: list[str]): Returns: string contains all selected values from the nested dictionary of the context entry. """ - new_dict = {key: '' for key in dict_obj.keys()} + new_dict = {key: '' for key in dict_obj} for (key, value) in dict_obj.items(): if isinstance(value, dict): value = filter_dict(value, keys_to_choose) @@ -108,7 +123,7 @@ def entry_dicts_to_string(dict_obj: Dict[Any, Any], keys_to_choose: list[str]): return new_dict -def unpack_all_data_from_dict(entry_context: Dict[Any, Any], keys: List[str], columns: List[str]): +def unpack_all_data_from_dict(entry_context: dict[Any, Any], keys: list[str], columns: list[str]): """ Unpacks lists and dicts to flatten the object for the grid. Args: @@ -123,7 +138,7 @@ def unpack_all_data_from_dict(entry_context: Dict[Any, Any], keys: List[str], co filtered_dict = filter_dict(entry_context, keys) - def recursively_unpack_data(item_to_unpack: Dict[Any, Any], path: str): + def recursively_unpack_data(item_to_unpack: dict[Any, Any], path: str): for key, value in item_to_unpack.items(): if isinstance(value, dict): recursively_unpack_data(filter_dict(value, keys), path + '.' + key) @@ -135,14 +150,14 @@ def recursively_unpack_data(item_to_unpack: Dict[Any, Any], path: str): unpacked_data.append( { columns[0]: key, - columns[1]: item if isinstance(item, (str, int, float, bool)) else "" + columns[1]: item if isinstance(item, str | int | float | bool) else "" } ) else: unpacked_data.append( { columns[0]: key, - columns[1]: value if isinstance(value, (str, int, float, bool)) else "" + columns[1]: value if isinstance(value, str | int | float | bool) else "" } ) @@ -161,8 +176,12 @@ def get_current_table(grid_id: str) -> pd.DataFrame: Returns: DataFrame: Existing grid data. """ - custom_fields = demisto.incident().get("CustomFields", {}) - current_table: Optional[List[dict]] = custom_fields.get(grid_id) + incident = demisto.incident() + custom_fields = incident.get("CustomFields", {}) or {} + is_playground = incident.get("isPlayground") + if is_playground and grid_id not in custom_fields: + raise ValueError(get_error_message(grid_id)) + current_table: list[dict] | None = custom_fields.get(grid_id) return pd.DataFrame(current_table) if current_table else pd.DataFrame() @@ -191,9 +210,9 @@ def validate_entry_context(context_path: str, entry_context: Any, unpack_nested_ 'When the unpack_nested_elements argument is set to True, the context object for the path should be ' 'of type dict.') else: - return + return None - if not isinstance(entry_context, (list, dict)): + if not isinstance(entry_context, list | dict): raise ValueError( f'The context object {context_path} should be of type dict or list.\n' f'Received type: {type(entry_context)}') @@ -218,7 +237,7 @@ def validate_entry_context(context_path: str, entry_context: Any, unpack_nested_ if not has_seen_dict: data_type = 'list' for index, item in enumerate(entry_context): - if not isinstance(item, (str, int, float, bool)): + if not isinstance(item, str | int | float | bool): raise ValueError( f'The context path {context_path} should contain a list of simple values ' f'(string, number, boolean)\n' @@ -227,8 +246,8 @@ def validate_entry_context(context_path: str, entry_context: Any, unpack_nested_ return data_type -def build_grid(context_path: str, keys: List[str], columns: List[str], unpack_nested_elements: bool, - keys_from_nested: List[str]) -> pd.DataFrame: +def build_grid(context_path: str, keys: list[str], columns: list[str], unpack_nested_elements: bool, + keys_from_nested: list[str]) -> pd.DataFrame: """ Build new DateFrame from current context retrieved by DT. There are 3 cases: 1. DT returns dict - In this case we will insert it in the table as key, value in each row. @@ -288,9 +307,9 @@ def build_grid(context_path: str, keys: List[str], columns: List[str], unpack_ne @logger -def build_grid_command(grid_id: str, context_path: str, keys: List[str], columns: List[str], overwrite: bool, - sort_by: List[str], unpack_nested_elements: bool, keys_from_nested: List[str]) \ - -> List[Dict[Any, Any]]: +def build_grid_command(grid_id: str, context_path: str, keys: list[str], columns: list[str], overwrite: bool, + sort_by: list[str], unpack_nested_elements: bool, keys_from_nested: list[str]) \ + -> list[dict[Any, Any]]: """ Build Grid in one of the 3 options: 1. Context_path contains list of dicts where values are of primitive types (str, int, float, bool), e.g. [{'a': 1, 'b': 2}, {'a': 1, 'b': 2}] @@ -362,7 +381,7 @@ def main(): # pragma: no cover keys_from_nested=argToList(args.get('keys_from_nested')) ) # Execute automation 'setIncident` which change the Context data in the incident - res = demisto.executeCommand("setIncident", { + res_set = demisto.executeCommand("setIncident", { 'customFields': { grid_id: table, }, @@ -370,17 +389,19 @@ def main(): # pragma: no cover # we want to check if the incident was succefully updated # we execute command and not using `demisto.incident()` because we want to get the updated incident and context res = demisto.executeCommand("getIncidents", {"id": demisto.incident().get("id")}) - data = res[0]["Contents"]["data"] - custom_fields = data[0].get("CustomFields") - - if table and grid_id not in custom_fields: - raise ValueError(f"The following grid id was not found: {grid_id}. Please make sure you entered the correct " - f"incident type with the \"Machine name\" as it appears in the incident field editor in " - f"Settings->Advanced ->Fields (Incident). Also make sure that this value appears in the " - f"incident Context Data under incident - if not then please consult with support.") - - if is_error(res): - demisto.error(f'failed to execute "setIncident" with table: {table}') + is_playground = demisto.incident().get("isPlayground") + custom_fields = {} + for entry in res: + if entry['Contents']: + data = entry["Contents"]["data"] + custom_fields = data[0].get("CustomFields") if data and data[0].get("CustomFields") else {} + if (not is_playground) and table and grid_id not in custom_fields: + raise ValueError(get_error_message(grid_id)) + if is_error(res_set): + demisto.error(f'failed to execute "setIncident" with table: {table}.') + return_results(res_set) + elif is_error(res): + demisto.error('failed to execute "getIncidents".') return_results(res) else: return_results(f'Set grid {grid_id} using {context_path} successfully.') diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.yml b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.yml index fb60b641b745..f7e0cd0e6446 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.yml +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.yml @@ -43,7 +43,7 @@ script: '-' subtype: python3 timeout: '0' type: python -dockerimage: demisto/pandas:1.0.0.76121 +dockerimage: demisto/pandas:1.0.0.83429 fromversion: 5.0.0 tests: - No tests diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py index 3144471cdf2c..0968f62d83ad 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py @@ -1,5 +1,6 @@ import json import pytest +import demistomock as demisto def util_load_json(path): @@ -72,7 +73,7 @@ def test_validate_entry_context(capfd, entry_context: dict, raise_exception: boo ]) def test_build_grid(mocker, keys: list, columns: list, dt_response_json: str, expected_json: str, unpack_nested: bool): - """Unit test + """ Given - script args - a file @@ -104,7 +105,7 @@ def test_build_grid(mocker, keys: list, columns: list, dt_response_json: str, ex ]) def test_build_grid_command(mocker, keys: list[str], columns: list[str], unpack_nested_elements: bool, dt_response_path: str, expected_results_path: str): - """Unit test + """ Given - script args - a file @@ -135,7 +136,7 @@ def test_build_grid_command(mocker, keys: list[str], columns: list[str], unpack_ def test_build_grid_command_with_sort_by(mocker, keys: list[str], columns: list[str], unpack_nested_elements: bool, dt_response_path: str, expected_results_path: str): - """Unit test + """ Given - script args, including sort_by - a file @@ -168,7 +169,7 @@ def test_build_grid_command_with_sort_by(mocker, keys: list[str], columns: list[ def test_build_grid_command_with_multi_sort_by(mocker, keys: list[str], columns: list[str], unpack_nested_elements: bool, dt_response_path: str, expected_results_path: str): - """Unit test + """ Given - script args, including multi sort_by cols - a file @@ -189,3 +190,73 @@ def test_build_grid_command_with_multi_sort_by(mocker, keys: list[str], columns: expected_results = util_load_json(expected_results_path) assert json.dumps(results) == json.dumps(expected_results) + + +def side_effect_for_execute_command_in_playground(command: str, arguments: dict): + if command == "getIncidents": + return [{'Type': 1, 'Contents': {'ErrorsPrivateDoNotUse': None, 'data': [], 'total': 0}}] + if command == 'setIncident': + return None + return {} + + +def test_main_does_not_raises_list_index_in_playground(mocker): + """ + Given + - An output from executeCommand in the playground. + When + - Execute SetGridField from the playground. + Then + - Verify that no error message was raised. + """ + import SetGridField + mocker.patch.object(demisto, 'args', return_value={"grid_id": "grid_id", "keys": "key1,key2", + 'columns': "col1,col2", "sort_by": "col1", + "overwrite": "True", + "unpack_nested_elements": "False"}) + mocker.patch.object(demisto, 'incident', return_value={"CustomFields": None, "isPlayground": True}) + mocker.patch.object(SetGridField, 'get_current_table', return_value=[]) + mocker.patch.object(SetGridField, 'build_grid_command', return_value=[{"name": "name", "readable_name": "readable_name"}]) + mocker.patch.object(demisto, 'executeCommand', side_effect=side_effect_for_execute_command_in_playground) + mocked_return_err = mocker.patch.object(SetGridField, "return_error") + SetGridField.main() + assert not mocked_return_err.called + + +def test_main_raises_list_index_not_in_playground(mocker): + """ + Given + - An output from executeCommand not in the playground. + When + - Execute SetGridField not from the playground. + Then + - Verify that an error message was raised. + """ + import SetGridField + mocker.patch.object(demisto, 'args', return_value={"grid_id": "grid_id", "keys": "key1,key2", + 'columns': "col1,col2", "sort_by": "col1", + "overwrite": "True", + "unpack_nested_elements": "False"}) + mocker.patch.object(demisto, 'incident', return_value={"CustomFields": None, "isPlayground": False}) + mocker.patch.object(SetGridField, 'get_current_table', return_value=[]) + mocker.patch.object(SetGridField, 'build_grid_command', return_value=[{"name": "name", "readable_name": "readable_name"}]) + mocker.patch.object(demisto, 'executeCommand', side_effect=side_effect_for_execute_command_in_playground) + mocker_return_error = mocker.patch('SetGridField.return_error') + SetGridField.main() + assert mocker_return_error.called + + +def test_get_current_table_exception(mocker): + """ + Given + - An output from demisto.incident in the playground. + When + - Execute get_current_table. + Then + - Verify that an error message was raised. + """ + + import SetGridField + mocker.patch.object(demisto, 'incident', return_value={"CustomFields": None, "isPlayground": True}) + with pytest.raises(Exception): + SetGridField.get_current_table("grid_id") diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index 7091c54ffc49..dc8764713098 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.12.56", + "currentVersion": "1.12.57", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From d6cb7849c4931b8fa8a0a6909f15dd27d7847b24 Mon Sep 17 00:00:00 2001 From: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Date: Tue, 12 Dec 2023 17:05:16 +0200 Subject: [PATCH 19/50] O365 security and compliance - search action - handle no results better (#31062) --- .../SecurityAndComplianceV2.ps1 | 21 +++++++++++++------ .../SecurityAndComplianceV2.yml | 5 ++++- ...book-O365-SecurityAndCompliance-Search.yml | 9 ++++++++ .../ReleaseNotes/1_2_32.md | 14 +++++++++++++ .../pack_metadata.json | 2 +- 5 files changed, 43 insertions(+), 8 deletions(-) create mode 100644 Packs/MicrosoftExchangeOnline/ReleaseNotes/1_2_32.md diff --git a/Packs/MicrosoftExchangeOnline/Integrations/SecurityAndComplianceV2/SecurityAndComplianceV2.ps1 b/Packs/MicrosoftExchangeOnline/Integrations/SecurityAndComplianceV2/SecurityAndComplianceV2.ps1 index dfb12e9630f9..9345cd2d3412 100644 --- a/Packs/MicrosoftExchangeOnline/Integrations/SecurityAndComplianceV2/SecurityAndComplianceV2.ps1 +++ b/Packs/MicrosoftExchangeOnline/Integrations/SecurityAndComplianceV2/SecurityAndComplianceV2.ps1 @@ -237,6 +237,7 @@ function ParseSearchActionToEntryContext([psobject]$search_action, [int]$limit = "PublicFolderLocationExclusion" = $search_action.PublicFolderLocationExclusion "Retry" = $search_action.Retry "RunspaceId" = $search_action.RunspaceId + "SearchStatus" = "Success" "SharePointLocation" = $search_action.SharePointLocation "SharePointLocationExclusion" = $search_action.SharePointLocationExclusion "Name" = $search_action.Name @@ -924,12 +925,6 @@ class SecurityAndComplianceClient { throw "New action must include valid action - Preview/Purge" } $response = New-ComplianceSearchAction @cmd_params - if (-not $response){ - # Close session to remote - $this.DisconnectSession() - - throw "The search action didn't return any results. Please check the search_name and consider running the o365-sc-start-search command before." - } # Close session to remote $this.DisconnectSession() @@ -1627,6 +1622,20 @@ function StopSearchCommand([SecurityAndComplianceClient]$client, [hashtable]$kwa function NewSearchActionCommand([SecurityAndComplianceClient]$client, [hashtable]$kwargs) { # Raw response $raw_response = $client.NewSearchAction($kwargs.search_name, $kwargs.action, $kwargs.purge_type) + + if ($null -eq $raw_response) { + # Handle the scenario if a search is not found: + $human_readable = "Failed to retrieve search for the name: $($kwargs.search_name)" + $entry_context = @{ + $script:SEARCH_ACTION_ENTRY_CONTEXT = @{ + "SearchStatus" = "NotFound" + "Name" = $kwargs.search_name + } + } + $raw_response = "Failed to retrieve search for the name: $($kwargs.search_name)" + return $human_readable, $entry_context, $raw_response + } + # Human readable $md_columns = $raw_response | Select-Object -Property Name, SearchName, Action, LastModifiedTime, RunBy, Status $human_readable = TableToMarkdown $md_columns "$script:INTEGRATION_NAME - search action '$($raw_response.Name)' created" diff --git a/Packs/MicrosoftExchangeOnline/Integrations/SecurityAndComplianceV2/SecurityAndComplianceV2.yml b/Packs/MicrosoftExchangeOnline/Integrations/SecurityAndComplianceV2/SecurityAndComplianceV2.yml index e73a28032557..4be852e97473 100644 --- a/Packs/MicrosoftExchangeOnline/Integrations/SecurityAndComplianceV2/SecurityAndComplianceV2.yml +++ b/Packs/MicrosoftExchangeOnline/Integrations/SecurityAndComplianceV2/SecurityAndComplianceV2.yml @@ -614,6 +614,9 @@ script: - contextPath: O365.SecurityAndCompliance.ContentSearch.SearchAction.TenantId description: Security and compliance search action Tenant ID. type: String + - contextPath: O365.SecurityAndCompliance.ContentSearch.SearchAction.SearchStatus + description: The status indicating whether or not the search for a given search_name was successful. + type: String - arguments: - description: The name of the compliance search action. name: search_action_name @@ -1099,7 +1102,7 @@ script: predefined: - 'true' - 'false' - dockerimage: demisto/pwsh-exchangev3:1.0.0.67595 + dockerimage: demisto/pwsh-exchangev3:1.0.0.80547 runonce: true script: '-' type: powershell diff --git a/Packs/MicrosoftExchangeOnline/Playbooks/playbook-O365-SecurityAndCompliance-Search.yml b/Packs/MicrosoftExchangeOnline/Playbooks/playbook-O365-SecurityAndCompliance-Search.yml index 5cd0a66b1bd8..6ca1950ad7b5 100644 --- a/Packs/MicrosoftExchangeOnline/Playbooks/playbook-O365-SecurityAndCompliance-Search.yml +++ b/Packs/MicrosoftExchangeOnline/Playbooks/playbook-O365-SecurityAndCompliance-Search.yml @@ -623,6 +623,15 @@ tasks: right: value: simple: "true" + - - operator: greaterThan + left: + value: + simple: O365.SecurityAndCompliance.ContentSearch.Search.Items + iscontext: true + right: + value: + simple: "0" + continueonerrortype: "" view: |- { "position": { diff --git a/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_2_32.md b/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_2_32.md new file mode 100644 index 000000000000..12f4acb81aef --- /dev/null +++ b/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_2_32.md @@ -0,0 +1,14 @@ + +#### Integrations + +##### O365 - Security And Compliance - Content Search v2 + +- Added a SearchStatus output field for **o365-sc-new-search-action** command. +- Fixed an issue where getting an empty response from the **o365-sc-new-search-action** command resulted in an error. +- Updated the Docker image to: *demisto/pwsh-exchangev3:1.0.0.80547*. + +#### Playbooks + +##### O365 - Security And Compliance - Search + +- Fixed an issue where the playbook continued to a preview command even when no search items to preview were returned. diff --git a/Packs/MicrosoftExchangeOnline/pack_metadata.json b/Packs/MicrosoftExchangeOnline/pack_metadata.json index e5fbb0a26d33..98681e41c30c 100644 --- a/Packs/MicrosoftExchangeOnline/pack_metadata.json +++ b/Packs/MicrosoftExchangeOnline/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Exchange Online", "description": "Exchange Online and Office 365 (mail)", "support": "xsoar", - "currentVersion": "1.2.31", + "currentVersion": "1.2.32", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From edb20110786b629f845b85bc043b5354d6ca8249 Mon Sep 17 00:00:00 2001 From: JudithB <132264628+jbabazadeh@users.noreply.github.com> Date: Tue, 12 Dec 2023 21:09:04 +0200 Subject: [PATCH 20/50] added xsoar-saas_test_e2e_results (#31417) --- Tests/scripts/check_jobs_done.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Tests/scripts/check_jobs_done.py b/Tests/scripts/check_jobs_done.py index 82f96dbad582..85047318ee47 100644 --- a/Tests/scripts/check_jobs_done.py +++ b/Tests/scripts/check_jobs_done.py @@ -15,7 +15,7 @@ 'xpanse-prepare-testing-bucket', 'xsoar-prepare-testing-bucket', 'xsiam_server_ga', - 'xsoar_ng_server_ga' + 'xsoar_ng_server_ga', 'tests_xsoar_server: [Server 6.9]', 'tests_xsoar_server: [Server 6.10]', 'tests_xsoar_server: [Server 6.11]', @@ -24,7 +24,8 @@ 'xsoar-test_playbooks_results', 'xsiam-test_playbooks_results', 'xsiam-test_modeling_rule_results', - 'cloning-content-repo-last-upload-commit' + 'cloning-content-repo-last-upload-commit', + 'xsoar-saas_test_e2e_results', ] SDK_NIGHTLY_JOBS = [ From 6fa0258e7514abc6c10af9c74ad398e9de1ca9f9 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 13 Dec 2023 03:38:20 +0200 Subject: [PATCH 21/50] Update Docker Image To demisto/auth-utils (#31431) * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update --- Packs/Troubleshoot/ReleaseNotes/2_0_12.md | 4 ++++ .../CertificatesTroubleshoot/CertificatesTroubleshoot.yml | 2 +- Packs/Troubleshoot/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/Troubleshoot/ReleaseNotes/2_0_12.md diff --git a/Packs/Troubleshoot/ReleaseNotes/2_0_12.md b/Packs/Troubleshoot/ReleaseNotes/2_0_12.md new file mode 100644 index 000000000000..0b79dabff646 --- /dev/null +++ b/Packs/Troubleshoot/ReleaseNotes/2_0_12.md @@ -0,0 +1,4 @@ + +#### Scripts +##### CertificatesTroubleshoot +- Updated the Docker image to: *demisto/auth-utils:1.0.0.83550*. \ No newline at end of file diff --git a/Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml b/Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml index 71ea3b81f8f9..a6bf3192b088 100644 --- a/Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml +++ b/Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml @@ -337,7 +337,7 @@ tags: - Utility timeout: '0' type: python -dockerimage: demisto/auth-utils:1.0.0.81563 +dockerimage: demisto/auth-utils:1.0.0.83550 runas: DBotWeakRole tests: - No tests (auto formatted) diff --git a/Packs/Troubleshoot/pack_metadata.json b/Packs/Troubleshoot/pack_metadata.json index ecd3438f295b..3a84aebc85f7 100644 --- a/Packs/Troubleshoot/pack_metadata.json +++ b/Packs/Troubleshoot/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Troubleshoot", "description": "Use this pack to troubleshoot your environment.", "support": "xsoar", - "currentVersion": "2.0.11", + "currentVersion": "2.0.12", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 79a1b73667af1703f59e1f7b6cba756ea0d117b4 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 13 Dec 2023 04:21:19 +0200 Subject: [PATCH 22/50] Update Docker Image To demisto/python3 (#31427) * Updated Metadata Of Pack GCP-Enrichment-Remediation * Added release notes to pack GCP-Enrichment-Remediation * Packs/GCP-Enrichment-Remediation/Scripts/GCPProjectHierarchy/GCPProjectHierarchy.yml Docker image update * Updated Metadata Of Pack PaloAltoNetworks_Threat_Vault * Added release notes to pack PaloAltoNetworks_Threat_Vault * Packs/PaloAltoNetworks_Threat_Vault/Scripts/SetThreatVaultIncidentMarkdownRepresentation/SetThreatVaultIncidentMarkdownRepresentation.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Scripts/CryptoCurrenciesFormat/CryptoCurrenciesFormat.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Scripts/WaitAndCompleteTask/WaitAndCompleteTask.yml Docker image update * Updated Metadata Of Pack Carbon_Black_Enterprise_Response * Added release notes to pack Carbon_Black_Enterprise_Response * Packs/Carbon_Black_Enterprise_Response/Scripts/CBWatchlists/CBWatchlists.yml Docker image update * Packs/Carbon_Black_Enterprise_Response/Scripts/CBAlerts/CBAlerts.yml Docker image update * Updated Metadata Of Pack Lokpath_Keylight * Added release notes to pack Lokpath_Keylight * Packs/Lokpath_Keylight/Scripts/KeylightCreateIssue/KeylightCreateIssue.yml Docker image update * Updated Metadata Of Pack XMatters * Added release notes to pack XMatters * Packs/XMatters/Scripts/WaitForKey/WaitForKey.yml Docker image update * Packs/XMatters/Scripts/CloseTaskSetContext/CloseTaskSetContext.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Scripts/FormatACTIURL/FormatACTIURL.yml Docker image update * Updated Metadata Of Pack SymantecEndpointProtection * Added release notes to pack SymantecEndpointProtection * Packs/SymantecEndpointProtection/Scripts/SEPCheckOutdatedEndpoints/SEPCheckOutdatedEndpoints.yml Docker image update * Updated Metadata Of Pack Forcepoint * Added release notes to pack Forcepoint * Packs/Forcepoint/Scripts/FPDeleteRule/FPDeleteRule.yml Docker image update * Packs/Forcepoint/Scripts/FPSetRule/FPSetRule.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertAlertsToTable/MicrosoftSentinelConvertAlertsToTable.yml Docker image update * Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertRelationsToTable/MicrosoftSentinelConvertRelationsToTable.yml Docker image update * Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertEntitiesToTable/MicrosoftSentinelConvertEntitiesToTable.yml Docker image update * Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertCommentsToTable/MicrosoftSentinelConvertCommentsToTable.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/MyToDoTasksWidget/MyToDoTasksWidget.yml Docker image update * Packs/CommonWidgets/Scripts/FeedIntegrationErrorWidget/FeedIntegrationErrorWidget.yml Docker image update * Updated Metadata Of Pack fireeye * Added release notes to pack fireeye * Packs/fireeye/Scripts/FireEyeDetonateFile/FireEyeDetonateFile.yml Docker image update * Updated Metadata Of Pack Campaign * Added release notes to pack Campaign * Packs/Campaign/Scripts/SetPhishingCampaignDetails/SetPhishingCampaignDetails.yml Docker image update * Packs/Campaign/Scripts/GetCampaignDuration/GetCampaignDuration.yml Docker image update * Packs/Campaign/Scripts/GetCampaignIncidentsInfo/GetCampaignIncidentsInfo.yml Docker image update * Packs/Campaign/Scripts/ShowCampaignHighestSeverity/ShowCampaignHighestSeverity.yml Docker image update * Packs/Campaign/Scripts/ShowCampaignSimilarityRange/ShowCampaignSimilarityRange.yml Docker image update * Packs/Campaign/Scripts/GetCampaignLowSimilarityIncidentsInfo/GetCampaignLowSimilarityIncidentsInfo.yml Docker image update * Packs/Campaign/Scripts/IsIncidentPartOfCampaign/IsIncidentPartOfCampaign.yml Docker image update * Packs/Campaign/Scripts/GetCampaignIncidentsIdsAsOptions/GetCampaignIncidentsIdsAsOptions.yml Docker image update * Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.yml Docker image update * Packs/Campaign/Scripts/CollectCampaignRecipients/CollectCampaignRecipients.yml Docker image update * Packs/Campaign/Scripts/ShowCampaignSenders/ShowCampaignSenders.yml Docker image update * Packs/Campaign/Scripts/ShowCampaignRecipients/ShowCampaignRecipients.yml Docker image update * Packs/Campaign/Scripts/GetCampaignLowerSimilarityIncidentsIdsAsOptions/GetCampaignLowerSimilarityIncidentsIdsAsOptions.yml Docker image update * Packs/Campaign/Scripts/ShowCampaignLastIncidentOccurred/ShowCampaignLastIncidentOccurred.yml Docker image update * Packs/Campaign/Scripts/SendEmailToCampaignRecipients/SendEmailToCampaignRecipients.yml Docker image update * Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.yml Docker image update * Updated Metadata Of Pack RiskIQDigitalFootprint * Added release notes to pack RiskIQDigitalFootprint * Packs/RiskIQDigitalFootprint/Scripts/RiskIQDigitalFootprintAssetDetailsWidgetScript/RiskIQDigitalFootprintAssetDetailsWidgetScript.yml Docker image update * Updated Metadata Of Pack DomainToolsIrisDetect * Added release notes to pack DomainToolsIrisDetect * Packs/DomainToolsIrisDetect/Scripts/DomainToolsIrisDetectStatusUpdate/DomainToolsIrisDetectStatusUpdate.yml Docker image update * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateReputation/CertificateReputation.yml Docker image update * Updated Metadata Of Pack CarbonBlackProtect * Added release notes to pack CarbonBlackProtect * Packs/CarbonBlackProtect/Scripts/CBPFindComputer/CBPFindComputer.yml Docker image update * commit --------- Co-authored-by: israelpolishook --- Packs/AccentureCTI/ReleaseNotes/2_2_29.md | 4 +++ .../Scripts/FormatACTIURL/FormatACTIURL.yml | 2 +- Packs/AccentureCTI/pack_metadata.json | 2 +- Packs/AzureSentinel/ReleaseNotes/1_5_34.md | 10 ++++++ .../MicrosoftSentinelConvertAlertsToTable.yml | 2 +- ...icrosoftSentinelConvertCommentsToTable.yml | 2 +- ...icrosoftSentinelConvertEntitiesToTable.yml | 2 +- ...crosoftSentinelConvertRelationsToTable.yml | 2 +- Packs/AzureSentinel/pack_metadata.json | 2 +- Packs/Campaign/ReleaseNotes/3_3_10.md | 34 +++++++++++++++++++ .../CollectCampaignRecipients.yml | 2 +- .../GetCampaignDuration.yml | 2 +- .../GetCampaignIncidentsIdsAsOptions.yml | 2 +- .../GetCampaignIncidentsInfo.yml | 2 +- .../GetCampaignLowSimilarityIncidentsInfo.yml | 2 +- ...gnLowerSimilarityIncidentsIdsAsOptions.yml | 2 +- .../IsIncidentPartOfCampaign.yml | 2 +- .../PerformActionOnCampaignIncidents.yml | 2 +- .../SendEmailToCampaignRecipients.yml | 2 +- .../SetPhishingCampaignDetails.yml | 2 +- .../ShowCampaignHighestSeverity.yml | 2 +- .../ShowCampaignIncidentsOwners.yml | 2 +- .../ShowCampaignLastIncidentOccurred.yml | 2 +- .../ShowCampaignRecipients.yml | 2 +- .../ShowCampaignSenders.yml | 2 +- .../ShowCampaignSimilarityRange.yml | 2 +- Packs/Campaign/pack_metadata.json | 2 +- .../CarbonBlackProtect/ReleaseNotes/1_0_40.md | 4 +++ .../CBPFindComputer/CBPFindComputer.yml | 4 +-- Packs/CarbonBlackProtect/pack_metadata.json | 2 +- .../ReleaseNotes/2_1_43.md | 6 ++++ .../Scripts/CBAlerts/CBAlerts.yml | 2 +- .../Scripts/CBWatchlists/CBWatchlists.yml | 4 +-- .../pack_metadata.json | 2 +- Packs/CommonWidgets/ReleaseNotes/1_2_40.md | 6 ++++ .../FeedIntegrationErrorWidget.yml | 2 +- .../MyToDoTasksWidget/MyToDoTasksWidget.yml | 2 +- Packs/CommonWidgets/pack_metadata.json | 2 +- Packs/Cryptocurrency/ReleaseNotes/1_1_49.md | 4 +++ .../CryptoCurrenciesFormat.yml | 2 +- Packs/Cryptocurrency/pack_metadata.json | 2 +- Packs/DeveloperTools/ReleaseNotes/1_3_5.md | 4 +++ .../WaitAndCompleteTask.yml | 2 +- Packs/DeveloperTools/pack_metadata.json | 2 +- .../ReleaseNotes/1_0_7.md | 4 +++ .../DomainToolsIrisDetectStatusUpdate.yml | 2 +- .../DomainToolsIrisDetect/pack_metadata.json | 2 +- Packs/Forcepoint/ReleaseNotes/1_0_12.md | 6 ++++ .../Scripts/FPDeleteRule/FPDeleteRule.yml | 6 ++-- .../Scripts/FPSetRule/FPSetRule.yml | 6 ++-- Packs/Forcepoint/pack_metadata.json | 2 +- .../ReleaseNotes/1_1_11.md | 4 +++ .../GCPProjectHierarchy.yml | 2 +- .../pack_metadata.json | 2 +- Packs/Lokpath_Keylight/ReleaseNotes/1_1_23.md | 4 +++ .../KeylightCreateIssue.yml | 2 +- Packs/Lokpath_Keylight/pack_metadata.json | 2 +- .../ReleaseNotes/2_0_10.md | 4 +++ ...eatVaultIncidentMarkdownRepresentation.yml | 2 +- .../pack_metadata.json | 2 +- .../ReleaseNotes/1_1_15.md | 4 +++ ...gitalFootprintAssetDetailsWidgetScript.yml | 2 +- .../RiskIQDigitalFootprint/pack_metadata.json | 2 +- .../ReleaseNotes/1_1_10.md | 4 +++ .../SEPCheckOutdatedEndpoints.yml | 2 +- .../pack_metadata.json | 2 +- Packs/X509Certificate/ReleaseNotes/1_0_34.md | 4 +++ .../CertificateReputation.yml | 2 +- Packs/X509Certificate/pack_metadata.json | 2 +- Packs/XMatters/ReleaseNotes/1_0_13.md | 6 ++++ .../CloseTaskSetContext.yml | 8 ++--- .../Scripts/WaitForKey/WaitForKey.yml | 4 +-- Packs/XMatters/pack_metadata.json | 2 +- Packs/fireeye/ReleaseNotes/1_0_17.md | 4 +++ .../FireEyeDetonateFile.yml | 10 +++--- Packs/fireeye/pack_metadata.json | 2 +- 76 files changed, 188 insertions(+), 72 deletions(-) create mode 100644 Packs/AccentureCTI/ReleaseNotes/2_2_29.md create mode 100644 Packs/AzureSentinel/ReleaseNotes/1_5_34.md create mode 100644 Packs/Campaign/ReleaseNotes/3_3_10.md create mode 100644 Packs/CarbonBlackProtect/ReleaseNotes/1_0_40.md create mode 100644 Packs/Carbon_Black_Enterprise_Response/ReleaseNotes/2_1_43.md create mode 100644 Packs/CommonWidgets/ReleaseNotes/1_2_40.md create mode 100644 Packs/Cryptocurrency/ReleaseNotes/1_1_49.md create mode 100644 Packs/DeveloperTools/ReleaseNotes/1_3_5.md create mode 100644 Packs/DomainToolsIrisDetect/ReleaseNotes/1_0_7.md create mode 100644 Packs/Forcepoint/ReleaseNotes/1_0_12.md create mode 100644 Packs/GCP-Enrichment-Remediation/ReleaseNotes/1_1_11.md create mode 100644 Packs/Lokpath_Keylight/ReleaseNotes/1_1_23.md create mode 100644 Packs/PaloAltoNetworks_Threat_Vault/ReleaseNotes/2_0_10.md create mode 100644 Packs/RiskIQDigitalFootprint/ReleaseNotes/1_1_15.md create mode 100644 Packs/SymantecEndpointProtection/ReleaseNotes/1_1_10.md create mode 100644 Packs/X509Certificate/ReleaseNotes/1_0_34.md create mode 100644 Packs/XMatters/ReleaseNotes/1_0_13.md create mode 100644 Packs/fireeye/ReleaseNotes/1_0_17.md diff --git a/Packs/AccentureCTI/ReleaseNotes/2_2_29.md b/Packs/AccentureCTI/ReleaseNotes/2_2_29.md new file mode 100644 index 000000000000..c566e3bb8316 --- /dev/null +++ b/Packs/AccentureCTI/ReleaseNotes/2_2_29.md @@ -0,0 +1,4 @@ + +#### Scripts +##### FormatACTIURL +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/AccentureCTI/Scripts/FormatACTIURL/FormatACTIURL.yml b/Packs/AccentureCTI/Scripts/FormatACTIURL/FormatACTIURL.yml index a2b1d577d4e0..525accf1b2c5 100644 --- a/Packs/AccentureCTI/Scripts/FormatACTIURL/FormatACTIURL.yml +++ b/Packs/AccentureCTI/Scripts/FormatACTIURL/FormatACTIURL.yml @@ -10,7 +10,7 @@ comment: Helps to fetch ACTI Intelligence Report/Alert URL and converts it to uu enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.5.0 tests: diff --git a/Packs/AccentureCTI/pack_metadata.json b/Packs/AccentureCTI/pack_metadata.json index 9539b7cfa6b7..c49a36c01052 100644 --- a/Packs/AccentureCTI/pack_metadata.json +++ b/Packs/AccentureCTI/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Accenture CTI v2", "description": "Accenture CTI provides intelligence regarding security threats and vulnerabilities.", "support": "partner", - "currentVersion": "2.2.28", + "currentVersion": "2.2.29", "author": "Accenture", "url": "https://www.accenture.com/us-en/services/security/cyber-defense", "email": "CTI.AcctManagement@accenture.com", diff --git a/Packs/AzureSentinel/ReleaseNotes/1_5_34.md b/Packs/AzureSentinel/ReleaseNotes/1_5_34.md new file mode 100644 index 000000000000..11a734a3f68f --- /dev/null +++ b/Packs/AzureSentinel/ReleaseNotes/1_5_34.md @@ -0,0 +1,10 @@ + +#### Scripts +##### MicrosoftSentinelConvertAlertsToTable +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### MicrosoftSentinelConvertRelationsToTable +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### MicrosoftSentinelConvertEntitiesToTable +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### MicrosoftSentinelConvertCommentsToTable +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertAlertsToTable/MicrosoftSentinelConvertAlertsToTable.yml b/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertAlertsToTable/MicrosoftSentinelConvertAlertsToTable.yml index a74f9b69bfe8..1e39c70703ea 100644 --- a/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertAlertsToTable/MicrosoftSentinelConvertAlertsToTable.yml +++ b/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertAlertsToTable/MicrosoftSentinelConvertAlertsToTable.yml @@ -10,5 +10,5 @@ tags: timeout: '0' type: python subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 5.5.0 diff --git a/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertCommentsToTable/MicrosoftSentinelConvertCommentsToTable.yml b/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertCommentsToTable/MicrosoftSentinelConvertCommentsToTable.yml index 38c3f68bb07d..5180ff28cef9 100644 --- a/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertCommentsToTable/MicrosoftSentinelConvertCommentsToTable.yml +++ b/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertCommentsToTable/MicrosoftSentinelConvertCommentsToTable.yml @@ -10,5 +10,5 @@ tags: timeout: '0' type: python subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 5.5.0 diff --git a/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertEntitiesToTable/MicrosoftSentinelConvertEntitiesToTable.yml b/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertEntitiesToTable/MicrosoftSentinelConvertEntitiesToTable.yml index 2f780e5d46d9..b5aaadfbd959 100644 --- a/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertEntitiesToTable/MicrosoftSentinelConvertEntitiesToTable.yml +++ b/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertEntitiesToTable/MicrosoftSentinelConvertEntitiesToTable.yml @@ -10,5 +10,5 @@ tags: timeout: '0' type: python subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 5.5.0 diff --git a/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertRelationsToTable/MicrosoftSentinelConvertRelationsToTable.yml b/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertRelationsToTable/MicrosoftSentinelConvertRelationsToTable.yml index 50196ed55325..009ff70b8731 100644 --- a/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertRelationsToTable/MicrosoftSentinelConvertRelationsToTable.yml +++ b/Packs/AzureSentinel/Scripts/MicrosoftSentinelConvertRelationsToTable/MicrosoftSentinelConvertRelationsToTable.yml @@ -10,5 +10,5 @@ tags: timeout: '0' type: python subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 5.5.0 diff --git a/Packs/AzureSentinel/pack_metadata.json b/Packs/AzureSentinel/pack_metadata.json index a5d24e386a35..f43ad5c3f1da 100644 --- a/Packs/AzureSentinel/pack_metadata.json +++ b/Packs/AzureSentinel/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Sentinel", "description": "Microsoft Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise.", "support": "xsoar", - "currentVersion": "1.5.33", + "currentVersion": "1.5.34", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Campaign/ReleaseNotes/3_3_10.md b/Packs/Campaign/ReleaseNotes/3_3_10.md new file mode 100644 index 000000000000..10847e6824f1 --- /dev/null +++ b/Packs/Campaign/ReleaseNotes/3_3_10.md @@ -0,0 +1,34 @@ + +#### Scripts +##### SetPhishingCampaignDetails +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetCampaignDuration +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetCampaignIncidentsInfo +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ShowCampaignHighestSeverity +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ShowCampaignSimilarityRange +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetCampaignLowSimilarityIncidentsInfo +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### IsIncidentPartOfCampaign +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetCampaignIncidentsIdsAsOptions +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ShowCampaignIncidentsOwners +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### CollectCampaignRecipients +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ShowCampaignSenders +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ShowCampaignRecipients +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetCampaignLowerSimilarityIncidentsIdsAsOptions +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ShowCampaignLastIncidentOccurred +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### SendEmailToCampaignRecipients +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### PerformActionOnCampaignIncidents +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/Campaign/Scripts/CollectCampaignRecipients/CollectCampaignRecipients.yml b/Packs/Campaign/Scripts/CollectCampaignRecipients/CollectCampaignRecipients.yml index 6c5bebe54dfb..a9f0dbbc1c30 100644 --- a/Packs/Campaign/Scripts/CollectCampaignRecipients/CollectCampaignRecipients.yml +++ b/Packs/Campaign/Scripts/CollectCampaignRecipients/CollectCampaignRecipients.yml @@ -7,7 +7,7 @@ comment: |- commonfields: id: CollectCampaignRecipients version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: CollectCampaignRecipients script: '' diff --git a/Packs/Campaign/Scripts/GetCampaignDuration/GetCampaignDuration.yml b/Packs/Campaign/Scripts/GetCampaignDuration/GetCampaignDuration.yml index 47e2b721b350..a4679a4ec0bb 100644 --- a/Packs/Campaign/Scripts/GetCampaignDuration/GetCampaignDuration.yml +++ b/Packs/Campaign/Scripts/GetCampaignDuration/GetCampaignDuration.yml @@ -11,7 +11,7 @@ tags: enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.5.0 tests: diff --git a/Packs/Campaign/Scripts/GetCampaignIncidentsIdsAsOptions/GetCampaignIncidentsIdsAsOptions.yml b/Packs/Campaign/Scripts/GetCampaignIncidentsIdsAsOptions/GetCampaignIncidentsIdsAsOptions.yml index fd598615dc83..c3ef437c45e5 100644 --- a/Packs/Campaign/Scripts/GetCampaignIncidentsIdsAsOptions/GetCampaignIncidentsIdsAsOptions.yml +++ b/Packs/Campaign/Scripts/GetCampaignIncidentsIdsAsOptions/GetCampaignIncidentsIdsAsOptions.yml @@ -1,7 +1,7 @@ commonfields: id: GetCampaignIncidentsIdsAsOptions version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: GetCampaignIncidentsIdsAsOptions runas: DBotWeakRole diff --git a/Packs/Campaign/Scripts/GetCampaignIncidentsInfo/GetCampaignIncidentsInfo.yml b/Packs/Campaign/Scripts/GetCampaignIncidentsInfo/GetCampaignIncidentsInfo.yml index fb1dc0b9f088..51fcdd2f5b72 100644 --- a/Packs/Campaign/Scripts/GetCampaignIncidentsInfo/GetCampaignIncidentsInfo.yml +++ b/Packs/Campaign/Scripts/GetCampaignIncidentsInfo/GetCampaignIncidentsInfo.yml @@ -8,7 +8,7 @@ comment: |- commonfields: id: GetCampaignIncidentsInfo version: -1 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: GetCampaignIncidentsInfo script: '' diff --git a/Packs/Campaign/Scripts/GetCampaignLowSimilarityIncidentsInfo/GetCampaignLowSimilarityIncidentsInfo.yml b/Packs/Campaign/Scripts/GetCampaignLowSimilarityIncidentsInfo/GetCampaignLowSimilarityIncidentsInfo.yml index dbe150be194b..76578c9bb5ad 100644 --- a/Packs/Campaign/Scripts/GetCampaignLowSimilarityIncidentsInfo/GetCampaignLowSimilarityIncidentsInfo.yml +++ b/Packs/Campaign/Scripts/GetCampaignLowSimilarityIncidentsInfo/GetCampaignLowSimilarityIncidentsInfo.yml @@ -7,7 +7,7 @@ comment: |- commonfields: id: GetCampaignLowSimilarityIncidentsInfo version: -1 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: GetCampaignLowSimilarityIncidentsInfo script: '' diff --git a/Packs/Campaign/Scripts/GetCampaignLowerSimilarityIncidentsIdsAsOptions/GetCampaignLowerSimilarityIncidentsIdsAsOptions.yml b/Packs/Campaign/Scripts/GetCampaignLowerSimilarityIncidentsIdsAsOptions/GetCampaignLowerSimilarityIncidentsIdsAsOptions.yml index 8ce1b15ce9b8..8ad9fe98063f 100644 --- a/Packs/Campaign/Scripts/GetCampaignLowerSimilarityIncidentsIdsAsOptions/GetCampaignLowerSimilarityIncidentsIdsAsOptions.yml +++ b/Packs/Campaign/Scripts/GetCampaignLowerSimilarityIncidentsIdsAsOptions/GetCampaignLowerSimilarityIncidentsIdsAsOptions.yml @@ -10,7 +10,7 @@ comment: Gets the IDs of incidents with lower similarity. Used to fill the optio enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.5.0 tests: diff --git a/Packs/Campaign/Scripts/IsIncidentPartOfCampaign/IsIncidentPartOfCampaign.yml b/Packs/Campaign/Scripts/IsIncidentPartOfCampaign/IsIncidentPartOfCampaign.yml index 4976dbf37929..19bfd0a4649d 100644 --- a/Packs/Campaign/Scripts/IsIncidentPartOfCampaign/IsIncidentPartOfCampaign.yml +++ b/Packs/Campaign/Scripts/IsIncidentPartOfCampaign/IsIncidentPartOfCampaign.yml @@ -23,7 +23,7 @@ outputs: scripttarget: 0 subtype: python3 runonce: false -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 5.5.0 tests: - No tests (auto formatted) diff --git a/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.yml b/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.yml index 726589ec3803..d20bd072a4d5 100644 --- a/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.yml +++ b/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.yml @@ -15,7 +15,7 @@ comment: |- commonfields: id: PerformActionOnCampaignIncidents version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: PerformActionOnCampaignIncidents script: '' diff --git a/Packs/Campaign/Scripts/SendEmailToCampaignRecipients/SendEmailToCampaignRecipients.yml b/Packs/Campaign/Scripts/SendEmailToCampaignRecipients/SendEmailToCampaignRecipients.yml index 5ed942d369ff..f83a2625f7f5 100644 --- a/Packs/Campaign/Scripts/SendEmailToCampaignRecipients/SendEmailToCampaignRecipients.yml +++ b/Packs/Campaign/Scripts/SendEmailToCampaignRecipients/SendEmailToCampaignRecipients.yml @@ -1,7 +1,7 @@ commonfields: id: SendEmailToCampaignRecipients version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: SendEmailToCampaignRecipients runas: DBotWeakRole diff --git a/Packs/Campaign/Scripts/SetPhishingCampaignDetails/SetPhishingCampaignDetails.yml b/Packs/Campaign/Scripts/SetPhishingCampaignDetails/SetPhishingCampaignDetails.yml index b245feddf600..717000b6c536 100644 --- a/Packs/Campaign/Scripts/SetPhishingCampaignDetails/SetPhishingCampaignDetails.yml +++ b/Packs/Campaign/Scripts/SetPhishingCampaignDetails/SetPhishingCampaignDetails.yml @@ -25,7 +25,7 @@ args: outputs: [] scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotRole fromversion: 6.0.0 tests: diff --git a/Packs/Campaign/Scripts/ShowCampaignHighestSeverity/ShowCampaignHighestSeverity.yml b/Packs/Campaign/Scripts/ShowCampaignHighestSeverity/ShowCampaignHighestSeverity.yml index 3e0441e6daac..8bbdf053b734 100644 --- a/Packs/Campaign/Scripts/ShowCampaignHighestSeverity/ShowCampaignHighestSeverity.yml +++ b/Packs/Campaign/Scripts/ShowCampaignHighestSeverity/ShowCampaignHighestSeverity.yml @@ -10,7 +10,7 @@ comment: Displays the highest severity among the incidents that make up the phis enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 6.0.0 tests: diff --git a/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.yml b/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.yml index 04d0a392e94b..24a99fedd1a6 100644 --- a/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.yml +++ b/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.yml @@ -14,7 +14,7 @@ tags: timeout: '0' type: python subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 6.0.0 tests: - No tests (auto formatted) diff --git a/Packs/Campaign/Scripts/ShowCampaignLastIncidentOccurred/ShowCampaignLastIncidentOccurred.yml b/Packs/Campaign/Scripts/ShowCampaignLastIncidentOccurred/ShowCampaignLastIncidentOccurred.yml index 793f6e7f5ac3..379c1308be66 100644 --- a/Packs/Campaign/Scripts/ShowCampaignLastIncidentOccurred/ShowCampaignLastIncidentOccurred.yml +++ b/Packs/Campaign/Scripts/ShowCampaignLastIncidentOccurred/ShowCampaignLastIncidentOccurred.yml @@ -10,7 +10,7 @@ comment: Displays the occurrence date of the last campaign incident. enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.5.0 tests: diff --git a/Packs/Campaign/Scripts/ShowCampaignRecipients/ShowCampaignRecipients.yml b/Packs/Campaign/Scripts/ShowCampaignRecipients/ShowCampaignRecipients.yml index f679a0d25c5d..db31ed9e15e8 100644 --- a/Packs/Campaign/Scripts/ShowCampaignRecipients/ShowCampaignRecipients.yml +++ b/Packs/Campaign/Scripts/ShowCampaignRecipients/ShowCampaignRecipients.yml @@ -10,7 +10,7 @@ comment: Displays the phishing campaign recipients' email addresses and the numb enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.5.0 tests: diff --git a/Packs/Campaign/Scripts/ShowCampaignSenders/ShowCampaignSenders.yml b/Packs/Campaign/Scripts/ShowCampaignSenders/ShowCampaignSenders.yml index bc57c376cfeb..aef600670791 100644 --- a/Packs/Campaign/Scripts/ShowCampaignSenders/ShowCampaignSenders.yml +++ b/Packs/Campaign/Scripts/ShowCampaignSenders/ShowCampaignSenders.yml @@ -10,7 +10,7 @@ comment: Displays the phishing campaign senders' email addresses and the number enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.5.0 tests: diff --git a/Packs/Campaign/Scripts/ShowCampaignSimilarityRange/ShowCampaignSimilarityRange.yml b/Packs/Campaign/Scripts/ShowCampaignSimilarityRange/ShowCampaignSimilarityRange.yml index e887e90eb9c9..8d18c63e2b3c 100644 --- a/Packs/Campaign/Scripts/ShowCampaignSimilarityRange/ShowCampaignSimilarityRange.yml +++ b/Packs/Campaign/Scripts/ShowCampaignSimilarityRange/ShowCampaignSimilarityRange.yml @@ -10,7 +10,7 @@ comment: Displays the similarity range between the incidents that make up the ph enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.5.0 tests: diff --git a/Packs/Campaign/pack_metadata.json b/Packs/Campaign/pack_metadata.json index 738c35d48c7b..fe44fb8f7012 100644 --- a/Packs/Campaign/pack_metadata.json +++ b/Packs/Campaign/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Phishing Campaign", "description": "This pack can help you find related phishing, spam or other types of email incidents and characterize campaigns.", "support": "xsoar", - "currentVersion": "3.3.9", + "currentVersion": "3.3.10", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CarbonBlackProtect/ReleaseNotes/1_0_40.md b/Packs/CarbonBlackProtect/ReleaseNotes/1_0_40.md new file mode 100644 index 000000000000..7e58b441ff4a --- /dev/null +++ b/Packs/CarbonBlackProtect/ReleaseNotes/1_0_40.md @@ -0,0 +1,4 @@ + +#### Scripts +##### CBPFindComputer +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/CarbonBlackProtect/Scripts/CBPFindComputer/CBPFindComputer.yml b/Packs/CarbonBlackProtect/Scripts/CBPFindComputer/CBPFindComputer.yml index 06a783c9aff1..8c0a3a121a39 100644 --- a/Packs/CarbonBlackProtect/Scripts/CBPFindComputer/CBPFindComputer.yml +++ b/Packs/CarbonBlackProtect/Scripts/CBPFindComputer/CBPFindComputer.yml @@ -13,13 +13,13 @@ system: true args: - name: query default: true - description: Only show computers matching this query. If omitted, displays all computers. Query is in CBEP/Bit9 syntax documented in https://developer.carbonblack.com/reference/enterprise-protection/7.2/rest-api/#query-condition - e.g. "name:*srv*" + description: Only show computers matching this query. If omitted, displays all computers. Query is in CBEP/Bit9 syntax documented in https://developer.carbonblack.com/reference/enterprise-protection/7.2/rest-api/#query-condition - e.g. "name:*srv*". scripttarget: 0 dependson: must: - cbp-computer-search timeout: 0s fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 tests: - No test diff --git a/Packs/CarbonBlackProtect/pack_metadata.json b/Packs/CarbonBlackProtect/pack_metadata.json index 6b1b9d42b04f..6bbbc5c0e619 100644 --- a/Packs/CarbonBlackProtect/pack_metadata.json +++ b/Packs/CarbonBlackProtect/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Carbon Black Enterprise Protection", "description": "Carbon Black Enterprise Protection is a next-generation endpoint threat prevention solution to deliver a portfolio of protection policies, real-time visibility across environments, and comprehensive compliance rule sets in a single platform.", "support": "xsoar", - "currentVersion": "1.0.39", + "currentVersion": "1.0.40", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Carbon_Black_Enterprise_Response/ReleaseNotes/2_1_43.md b/Packs/Carbon_Black_Enterprise_Response/ReleaseNotes/2_1_43.md new file mode 100644 index 000000000000..04fea575da85 --- /dev/null +++ b/Packs/Carbon_Black_Enterprise_Response/ReleaseNotes/2_1_43.md @@ -0,0 +1,6 @@ + +#### Scripts +##### CBWatchlists +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### CBAlerts +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/Carbon_Black_Enterprise_Response/Scripts/CBAlerts/CBAlerts.yml b/Packs/Carbon_Black_Enterprise_Response/Scripts/CBAlerts/CBAlerts.yml index e639d0aaa3fc..f2980648dcc1 100644 --- a/Packs/Carbon_Black_Enterprise_Response/Scripts/CBAlerts/CBAlerts.yml +++ b/Packs/Carbon_Black_Enterprise_Response/Scripts/CBAlerts/CBAlerts.yml @@ -15,7 +15,7 @@ dependson: - cb-alert timeout: 0s fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/Carbon_Black_Enterprise_Response/Scripts/CBWatchlists/CBWatchlists.yml b/Packs/Carbon_Black_Enterprise_Response/Scripts/CBWatchlists/CBWatchlists.yml index eaade50e6814..65898c4c5c34 100644 --- a/Packs/Carbon_Black_Enterprise_Response/Scripts/CBWatchlists/CBWatchlists.yml +++ b/Packs/Carbon_Black_Enterprise_Response/Scripts/CBWatchlists/CBWatchlists.yml @@ -12,13 +12,13 @@ system: true args: - name: id default: true - description: Display a specific watchlist by watchlist ID (numeric) + description: Display a specific watchlist by watchlist ID (numeric). scripttarget: 0 dependson: must: - cb-edr-watchlists-list timeout: 0s fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/Carbon_Black_Enterprise_Response/pack_metadata.json b/Packs/Carbon_Black_Enterprise_Response/pack_metadata.json index 2725ba61bc2d..96223d36668a 100644 --- a/Packs/Carbon_Black_Enterprise_Response/pack_metadata.json +++ b/Packs/Carbon_Black_Enterprise_Response/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Carbon Black Enterprise Response", "description": "Query and respond with Carbon Black endpoint detection and response.", "support": "xsoar", - "currentVersion": "2.1.42", + "currentVersion": "2.1.43", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CommonWidgets/ReleaseNotes/1_2_40.md b/Packs/CommonWidgets/ReleaseNotes/1_2_40.md new file mode 100644 index 000000000000..72e2767c2229 --- /dev/null +++ b/Packs/CommonWidgets/ReleaseNotes/1_2_40.md @@ -0,0 +1,6 @@ + +#### Scripts +##### MyToDoTasksWidget +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### FeedIntegrationErrorWidget +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/CommonWidgets/Scripts/FeedIntegrationErrorWidget/FeedIntegrationErrorWidget.yml b/Packs/CommonWidgets/Scripts/FeedIntegrationErrorWidget/FeedIntegrationErrorWidget.yml index 73bdf5e7dc08..8affcdd40835 100644 --- a/Packs/CommonWidgets/Scripts/FeedIntegrationErrorWidget/FeedIntegrationErrorWidget.yml +++ b/Packs/CommonWidgets/Scripts/FeedIntegrationErrorWidget/FeedIntegrationErrorWidget.yml @@ -9,7 +9,7 @@ tags: timeout: '0' type: python subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 6.1.0 tests: - No test diff --git a/Packs/CommonWidgets/Scripts/MyToDoTasksWidget/MyToDoTasksWidget.yml b/Packs/CommonWidgets/Scripts/MyToDoTasksWidget/MyToDoTasksWidget.yml index 4293fd9fad84..3800bfec00f9 100644 --- a/Packs/CommonWidgets/Scripts/MyToDoTasksWidget/MyToDoTasksWidget.yml +++ b/Packs/CommonWidgets/Scripts/MyToDoTasksWidget/MyToDoTasksWidget.yml @@ -9,7 +9,7 @@ tags: timeout: '0' type: python subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 6.1.0 tests: - No test diff --git a/Packs/CommonWidgets/pack_metadata.json b/Packs/CommonWidgets/pack_metadata.json index dbe948d6d39c..637bfc921e0b 100644 --- a/Packs/CommonWidgets/pack_metadata.json +++ b/Packs/CommonWidgets/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Widgets", "description": "Frequently used widgets pack.", "support": "xsoar", - "currentVersion": "1.2.39", + "currentVersion": "1.2.40", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Cryptocurrency/ReleaseNotes/1_1_49.md b/Packs/Cryptocurrency/ReleaseNotes/1_1_49.md new file mode 100644 index 000000000000..071f2a7937df --- /dev/null +++ b/Packs/Cryptocurrency/ReleaseNotes/1_1_49.md @@ -0,0 +1,4 @@ + +#### Scripts +##### CryptoCurrenciesFormat +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/Cryptocurrency/Scripts/CryptoCurrenciesFormat/CryptoCurrenciesFormat.yml b/Packs/Cryptocurrency/Scripts/CryptoCurrenciesFormat/CryptoCurrenciesFormat.yml index d69c47f8636b..4b8ddffa62d0 100644 --- a/Packs/Cryptocurrency/Scripts/CryptoCurrenciesFormat/CryptoCurrenciesFormat.yml +++ b/Packs/Cryptocurrency/Scripts/CryptoCurrenciesFormat/CryptoCurrenciesFormat.yml @@ -15,5 +15,5 @@ tags: - indicator-format timeout: '0' type: python -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 5.0.0 diff --git a/Packs/Cryptocurrency/pack_metadata.json b/Packs/Cryptocurrency/pack_metadata.json index 1681adf61bc1..e1d6af7f4129 100644 --- a/Packs/Cryptocurrency/pack_metadata.json +++ b/Packs/Cryptocurrency/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cryptocurrency", "description": "This Content Pack enables you to add a reputation for cryptocurrency addresses.", "support": "xsoar", - "currentVersion": "1.1.48", + "currentVersion": "1.1.49", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/DeveloperTools/ReleaseNotes/1_3_5.md b/Packs/DeveloperTools/ReleaseNotes/1_3_5.md new file mode 100644 index 000000000000..b54d8aa29fdc --- /dev/null +++ b/Packs/DeveloperTools/ReleaseNotes/1_3_5.md @@ -0,0 +1,4 @@ + +#### Scripts +##### WaitAndCompleteTask +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/DeveloperTools/Scripts/WaitAndCompleteTask/WaitAndCompleteTask.yml b/Packs/DeveloperTools/Scripts/WaitAndCompleteTask/WaitAndCompleteTask.yml index 2279f0670e79..dcbf7cab634b 100644 --- a/Packs/DeveloperTools/Scripts/WaitAndCompleteTask/WaitAndCompleteTask.yml +++ b/Packs/DeveloperTools/Scripts/WaitAndCompleteTask/WaitAndCompleteTask.yml @@ -48,7 +48,7 @@ tags: timeout: 2400 type: python subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 6.1.0 tests: - No tests (auto formatted) diff --git a/Packs/DeveloperTools/pack_metadata.json b/Packs/DeveloperTools/pack_metadata.json index 913162936d4c..13d11886be49 100644 --- a/Packs/DeveloperTools/pack_metadata.json +++ b/Packs/DeveloperTools/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Developer Tools", "description": "Basic tools for content development.", "support": "community", - "currentVersion": "1.3.4", + "currentVersion": "1.3.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/DomainToolsIrisDetect/ReleaseNotes/1_0_7.md b/Packs/DomainToolsIrisDetect/ReleaseNotes/1_0_7.md new file mode 100644 index 000000000000..d7fb6c3e76a1 --- /dev/null +++ b/Packs/DomainToolsIrisDetect/ReleaseNotes/1_0_7.md @@ -0,0 +1,4 @@ + +#### Scripts +##### DomainToolsIrisDetectStatusUpdate +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/DomainToolsIrisDetect/Scripts/DomainToolsIrisDetectStatusUpdate/DomainToolsIrisDetectStatusUpdate.yml b/Packs/DomainToolsIrisDetect/Scripts/DomainToolsIrisDetectStatusUpdate/DomainToolsIrisDetectStatusUpdate.yml index edc4c1a50e93..3049719ae862 100644 --- a/Packs/DomainToolsIrisDetect/Scripts/DomainToolsIrisDetectStatusUpdate/DomainToolsIrisDetectStatusUpdate.yml +++ b/Packs/DomainToolsIrisDetect/Scripts/DomainToolsIrisDetectStatusUpdate/DomainToolsIrisDetectStatusUpdate.yml @@ -10,7 +10,7 @@ tags: - field-change-triggered timeout: 180ns type: python -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole runonce: false tests: diff --git a/Packs/DomainToolsIrisDetect/pack_metadata.json b/Packs/DomainToolsIrisDetect/pack_metadata.json index d872a9a73728..fd35b7833568 100644 --- a/Packs/DomainToolsIrisDetect/pack_metadata.json +++ b/Packs/DomainToolsIrisDetect/pack_metadata.json @@ -2,7 +2,7 @@ "name": "DomainTools Iris Detect", "description": "Iris Detect protects against malicious domains impersonating your brands and supply chain.", "support": "partner", - "currentVersion": "1.0.6", + "currentVersion": "1.0.7", "author": "DomainTools Integrations", "url": "http://www.domaintools.com", "email": "enterprisesupport@domaintools.com", diff --git a/Packs/Forcepoint/ReleaseNotes/1_0_12.md b/Packs/Forcepoint/ReleaseNotes/1_0_12.md new file mode 100644 index 000000000000..08e264c0381a --- /dev/null +++ b/Packs/Forcepoint/ReleaseNotes/1_0_12.md @@ -0,0 +1,6 @@ + +#### Scripts +##### FPDeleteRule +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### FPSetRule +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/Forcepoint/Scripts/FPDeleteRule/FPDeleteRule.yml b/Packs/Forcepoint/Scripts/FPDeleteRule/FPDeleteRule.yml index 81ed05ad28e9..616f02f30ce4 100644 --- a/Packs/Forcepoint/Scripts/FPDeleteRule/FPDeleteRule.yml +++ b/Packs/Forcepoint/Scripts/FPDeleteRule/FPDeleteRule.yml @@ -13,10 +13,10 @@ system: true args: - name: type required: true - description: The Triton rule type - "dest_domain", "dest_ip", "dest_host" or "url_regex" + description: The Triton rule type - "dest_domain", "dest_ip", "dest_host" or "url_regex". - name: value required: true - description: The value to match for this rule (domain, regex, etc. depending on the type) + description: The value to match for this rule (domain, regex, etc. depending on the type). - name: remoteaccessname description: If the Forcepoint Triton instance is configured as a RemoteAccess integration instance ‐ insert its name here. Replaces argument "tritonsystem". - name: tritonsystem @@ -27,6 +27,6 @@ dependson: - ssh timeout: 0s fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/Forcepoint/Scripts/FPSetRule/FPSetRule.yml b/Packs/Forcepoint/Scripts/FPSetRule/FPSetRule.yml index 10f77f4999fe..172e5310687a 100644 --- a/Packs/Forcepoint/Scripts/FPSetRule/FPSetRule.yml +++ b/Packs/Forcepoint/Scripts/FPSetRule/FPSetRule.yml @@ -17,10 +17,10 @@ args: description: Policy/action assigned to the rule - "allow" or "deny" only. - name: type required: true - description: The Triton rule type - "dest_domain", "dest_ip", "dest_host" or "url_regex" + description: The Triton rule type - "dest_domain", "dest_ip", "dest_host" or "url_regex". - name: value required: true - description: The value to match for this rule (domain, regex, etc. depending on the type) + description: The value to match for this rule (domain, regex, etc. depending on the type). - name: remoteaccessname description: If the Forcepoint Triton instance is configured as a RemoteAccess integration instance ‐ insert its name here. Replaces argument "tritonsystem". - name: tritonsystem @@ -31,6 +31,6 @@ dependson: - ssh timeout: 0s fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/Forcepoint/pack_metadata.json b/Packs/Forcepoint/pack_metadata.json index 19831c3b5a31..63ff88f31a8c 100644 --- a/Packs/Forcepoint/pack_metadata.json +++ b/Packs/Forcepoint/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Forcepoint Web Security", "description": "Advanced threat protection with added local management controls.", "support": "xsoar", - "currentVersion": "1.0.11", + "currentVersion": "1.0.12", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/GCP-Enrichment-Remediation/ReleaseNotes/1_1_11.md b/Packs/GCP-Enrichment-Remediation/ReleaseNotes/1_1_11.md new file mode 100644 index 000000000000..2734a3ab2b9d --- /dev/null +++ b/Packs/GCP-Enrichment-Remediation/ReleaseNotes/1_1_11.md @@ -0,0 +1,4 @@ + +#### Scripts +##### GCPProjectHierarchy +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/GCP-Enrichment-Remediation/Scripts/GCPProjectHierarchy/GCPProjectHierarchy.yml b/Packs/GCP-Enrichment-Remediation/Scripts/GCPProjectHierarchy/GCPProjectHierarchy.yml index 7586da857014..bc05694d63a8 100644 --- a/Packs/GCP-Enrichment-Remediation/Scripts/GCPProjectHierarchy/GCPProjectHierarchy.yml +++ b/Packs/GCP-Enrichment-Remediation/Scripts/GCPProjectHierarchy/GCPProjectHierarchy.yml @@ -6,7 +6,7 @@ comment: Determine GCP project hierarchy by looking up parent objects until the commonfields: id: GCPProjectHierarchy version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: GCPProjectHierarchy outputs: diff --git a/Packs/GCP-Enrichment-Remediation/pack_metadata.json b/Packs/GCP-Enrichment-Remediation/pack_metadata.json index c71765f1f0b1..7afbff902503 100644 --- a/Packs/GCP-Enrichment-Remediation/pack_metadata.json +++ b/Packs/GCP-Enrichment-Remediation/pack_metadata.json @@ -2,7 +2,7 @@ "name": "GCP Enrichment and Remediation", "description": "Playbooks using multiple GCP content packs for enrichment and remediation purposes", "support": "xsoar", - "currentVersion": "1.1.10", + "currentVersion": "1.1.11", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Lokpath_Keylight/ReleaseNotes/1_1_23.md b/Packs/Lokpath_Keylight/ReleaseNotes/1_1_23.md new file mode 100644 index 000000000000..882d70f4f782 --- /dev/null +++ b/Packs/Lokpath_Keylight/ReleaseNotes/1_1_23.md @@ -0,0 +1,4 @@ + +#### Scripts +##### KeylightCreateIssue +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/Lokpath_Keylight/Scripts/KeylightCreateIssue/KeylightCreateIssue.yml b/Packs/Lokpath_Keylight/Scripts/KeylightCreateIssue/KeylightCreateIssue.yml index 223453309581..466245e1d3f3 100644 --- a/Packs/Lokpath_Keylight/Scripts/KeylightCreateIssue/KeylightCreateIssue.yml +++ b/Packs/Lokpath_Keylight/Scripts/KeylightCreateIssue/KeylightCreateIssue.yml @@ -24,6 +24,6 @@ dependson: must: - Lockpath KeyLight v2|||kl-get-records - Lockpath KeyLight v2|||kl-get-component -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.0.0 diff --git a/Packs/Lokpath_Keylight/pack_metadata.json b/Packs/Lokpath_Keylight/pack_metadata.json index 2256505f7fbd..6eec5c6d4e2c 100644 --- a/Packs/Lokpath_Keylight/pack_metadata.json +++ b/Packs/Lokpath_Keylight/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Lockpath Keylight", "description": "Use the LockPath KeyLight integration to manage GRC tickets in the Keylight platform.", "support": "xsoar", - "currentVersion": "1.1.22", + "currentVersion": "1.1.23", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/PaloAltoNetworks_Threat_Vault/ReleaseNotes/2_0_10.md b/Packs/PaloAltoNetworks_Threat_Vault/ReleaseNotes/2_0_10.md new file mode 100644 index 000000000000..4d61ea8b4c05 --- /dev/null +++ b/Packs/PaloAltoNetworks_Threat_Vault/ReleaseNotes/2_0_10.md @@ -0,0 +1,4 @@ + +#### Scripts +##### SetThreatVaultIncidentMarkdownRepresentation +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/PaloAltoNetworks_Threat_Vault/Scripts/SetThreatVaultIncidentMarkdownRepresentation/SetThreatVaultIncidentMarkdownRepresentation.yml b/Packs/PaloAltoNetworks_Threat_Vault/Scripts/SetThreatVaultIncidentMarkdownRepresentation/SetThreatVaultIncidentMarkdownRepresentation.yml index d00638a308e9..c4e007020144 100644 --- a/Packs/PaloAltoNetworks_Threat_Vault/Scripts/SetThreatVaultIncidentMarkdownRepresentation/SetThreatVaultIncidentMarkdownRepresentation.yml +++ b/Packs/PaloAltoNetworks_Threat_Vault/Scripts/SetThreatVaultIncidentMarkdownRepresentation/SetThreatVaultIncidentMarkdownRepresentation.yml @@ -10,7 +10,7 @@ comment: This automation takes several Incident fields from the Threat Vault inc enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 6.2.0 tests: diff --git a/Packs/PaloAltoNetworks_Threat_Vault/pack_metadata.json b/Packs/PaloAltoNetworks_Threat_Vault/pack_metadata.json index fe9a4eff2f81..4efd52bbedea 100644 --- a/Packs/PaloAltoNetworks_Threat_Vault/pack_metadata.json +++ b/Packs/PaloAltoNetworks_Threat_Vault/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Threat Vault by Palo Alto Networks", "description": "Use the Palo Alto Networks Threat Vault to research the latest threats (vulnerabilities/exploits, viruses, and spyware) that Palo Alto Networks next-generation firewalls can detect and prevent.", "support": "xsoar", - "currentVersion": "2.0.9", + "currentVersion": "2.0.10", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/RiskIQDigitalFootprint/ReleaseNotes/1_1_15.md b/Packs/RiskIQDigitalFootprint/ReleaseNotes/1_1_15.md new file mode 100644 index 000000000000..c24e57d0c615 --- /dev/null +++ b/Packs/RiskIQDigitalFootprint/ReleaseNotes/1_1_15.md @@ -0,0 +1,4 @@ + +#### Scripts +##### RiskIQDigitalFootprintAssetDetailsWidgetScript +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/RiskIQDigitalFootprint/Scripts/RiskIQDigitalFootprintAssetDetailsWidgetScript/RiskIQDigitalFootprintAssetDetailsWidgetScript.yml b/Packs/RiskIQDigitalFootprint/Scripts/RiskIQDigitalFootprintAssetDetailsWidgetScript/RiskIQDigitalFootprintAssetDetailsWidgetScript.yml index 0b654139eec4..2bd504659f29 100644 --- a/Packs/RiskIQDigitalFootprint/Scripts/RiskIQDigitalFootprintAssetDetailsWidgetScript/RiskIQDigitalFootprintAssetDetailsWidgetScript.yml +++ b/Packs/RiskIQDigitalFootprint/Scripts/RiskIQDigitalFootprintAssetDetailsWidgetScript/RiskIQDigitalFootprintAssetDetailsWidgetScript.yml @@ -13,7 +13,7 @@ dependson: must: - '|||df-get-asset' timeout: 300ns -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 6.0.0 tests: diff --git a/Packs/RiskIQDigitalFootprint/pack_metadata.json b/Packs/RiskIQDigitalFootprint/pack_metadata.json index 9c4ce1bb029d..832609b8947d 100644 --- a/Packs/RiskIQDigitalFootprint/pack_metadata.json +++ b/Packs/RiskIQDigitalFootprint/pack_metadata.json @@ -2,7 +2,7 @@ "name": "RiskIQ Digital Footprint", "description": "RiskIQ Digital Footprint integration enables your security team to manage assets outside your firewall and provides you with the ability to add or update assets and analyze your digital footprint from the view of the global adversary.", "support": "community", - "currentVersion": "1.1.14", + "currentVersion": "1.1.15", "author": "RiskIQ", "url": "https://www.riskiq.com/resources/support/", "email": "paloaltonetworks@riskiq.net", diff --git a/Packs/SymantecEndpointProtection/ReleaseNotes/1_1_10.md b/Packs/SymantecEndpointProtection/ReleaseNotes/1_1_10.md new file mode 100644 index 000000000000..a5ffee549138 --- /dev/null +++ b/Packs/SymantecEndpointProtection/ReleaseNotes/1_1_10.md @@ -0,0 +1,4 @@ + +#### Scripts +##### SEPCheckOutdatedEndpoints +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/SymantecEndpointProtection/Scripts/SEPCheckOutdatedEndpoints/SEPCheckOutdatedEndpoints.yml b/Packs/SymantecEndpointProtection/Scripts/SEPCheckOutdatedEndpoints/SEPCheckOutdatedEndpoints.yml index f6b765e49146..4c25ca86cf17 100644 --- a/Packs/SymantecEndpointProtection/Scripts/SEPCheckOutdatedEndpoints/SEPCheckOutdatedEndpoints.yml +++ b/Packs/SymantecEndpointProtection/Scripts/SEPCheckOutdatedEndpoints/SEPCheckOutdatedEndpoints.yml @@ -23,4 +23,4 @@ timeout: 0s tests: - No test - postpone for later fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/SymantecEndpointProtection/pack_metadata.json b/Packs/SymantecEndpointProtection/pack_metadata.json index 0c13d0e642b8..6a01ef32d06c 100644 --- a/Packs/SymantecEndpointProtection/pack_metadata.json +++ b/Packs/SymantecEndpointProtection/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Symantec Endpoint Protection", "description": "Query the Symantec Endpoint Protection Manager using the official REST API.", "support": "xsoar", - "currentVersion": "1.1.9", + "currentVersion": "1.1.10", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/X509Certificate/ReleaseNotes/1_0_34.md b/Packs/X509Certificate/ReleaseNotes/1_0_34.md new file mode 100644 index 000000000000..912c0521cf3b --- /dev/null +++ b/Packs/X509Certificate/ReleaseNotes/1_0_34.md @@ -0,0 +1,4 @@ + +#### Scripts +##### CertificateReputation +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/X509Certificate/Scripts/CertificateReputation/CertificateReputation.yml b/Packs/X509Certificate/Scripts/CertificateReputation/CertificateReputation.yml index cd4a096bea80..0e4154a0a28b 100644 --- a/Packs/X509Certificate/Scripts/CertificateReputation/CertificateReputation.yml +++ b/Packs/X509Certificate/Scripts/CertificateReputation/CertificateReputation.yml @@ -133,5 +133,5 @@ tags: timeout: '0' type: python subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 6.0.0 diff --git a/Packs/X509Certificate/pack_metadata.json b/Packs/X509Certificate/pack_metadata.json index 3f9524dd55c4..e79b4b0b81bc 100644 --- a/Packs/X509Certificate/pack_metadata.json +++ b/Packs/X509Certificate/pack_metadata.json @@ -2,7 +2,7 @@ "name": "X509Certificate", "description": "The X509 Certificate Content Packs provides additional capabilities for handling, parsing and validating X509 Certificates in Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.0.33", + "currentVersion": "1.0.34", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/XMatters/ReleaseNotes/1_0_13.md b/Packs/XMatters/ReleaseNotes/1_0_13.md new file mode 100644 index 000000000000..bbd6fe8e69f1 --- /dev/null +++ b/Packs/XMatters/ReleaseNotes/1_0_13.md @@ -0,0 +1,6 @@ + +#### Scripts +##### WaitForKey +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### CloseTaskSetContext +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/XMatters/Scripts/CloseTaskSetContext/CloseTaskSetContext.yml b/Packs/XMatters/Scripts/CloseTaskSetContext/CloseTaskSetContext.yml index 9fe71a066a2f..13dc09f65b23 100644 --- a/Packs/XMatters/Scripts/CloseTaskSetContext/CloseTaskSetContext.yml +++ b/Packs/XMatters/Scripts/CloseTaskSetContext/CloseTaskSetContext.yml @@ -12,17 +12,17 @@ args: - name: entry_id required: true default: true - description: Enter an entry id or tag to close + description: Enter an entry id or tag to close. defaultValue: ${lastCompletedTaskEntries} - name: context_key required: true - description: The context key to place the comments + description: The context key to place the comments. - name: comments required: true - description: The comments to place into the context + description: The comments to place into the context. scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.0.0 diff --git a/Packs/XMatters/Scripts/WaitForKey/WaitForKey.yml b/Packs/XMatters/Scripts/WaitForKey/WaitForKey.yml index c462e78babb7..76ee6fa0385f 100644 --- a/Packs/XMatters/Scripts/WaitForKey/WaitForKey.yml +++ b/Packs/XMatters/Scripts/WaitForKey/WaitForKey.yml @@ -10,7 +10,7 @@ enabled: true args: - name: context_key required: true - description: The context key to wait for + description: The context key to wait for. - name: iterations required: true default: true @@ -18,7 +18,7 @@ args: defaultValue: "10" scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.0.0 tests: diff --git a/Packs/XMatters/pack_metadata.json b/Packs/XMatters/pack_metadata.json index 9a411129bd69..d835b6ea7763 100644 --- a/Packs/XMatters/pack_metadata.json +++ b/Packs/XMatters/pack_metadata.json @@ -2,7 +2,7 @@ "name": "xMatters", "description": "Use the xMatters pack to trigger events to on-call groups or users and wait for their response. Use their response to branch and take action in XSOAR.", "support": "partner", - "currentVersion": "1.0.12", + "currentVersion": "1.0.13", "author": "xMatters", "url": "https://support.xmatters.com/hc/en-us/requests/new", "email": "support@xmatters.com", diff --git a/Packs/fireeye/ReleaseNotes/1_0_17.md b/Packs/fireeye/ReleaseNotes/1_0_17.md new file mode 100644 index 000000000000..048aab00f50b --- /dev/null +++ b/Packs/fireeye/ReleaseNotes/1_0_17.md @@ -0,0 +1,4 @@ + +#### Scripts +##### FireEyeDetonateFile +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/fireeye/Scripts/FireEyeDetonateFile/FireEyeDetonateFile.yml b/Packs/fireeye/Scripts/FireEyeDetonateFile/FireEyeDetonateFile.yml index feb1c10d7f5d..f7c0d0ba6e6f 100644 --- a/Packs/fireeye/Scripts/FireEyeDetonateFile/FireEyeDetonateFile.yml +++ b/Packs/fireeye/Scripts/FireEyeDetonateFile/FireEyeDetonateFile.yml @@ -9,21 +9,21 @@ tags: - fireeye - file - enhancement -comment: Detonate File or URL through FireEye +comment: Detonate File or URL through FireEye. enabled: true args: - name: file required: true default: true - description: File /EntryID to detonate + description: File /EntryID to detonate. - name: profiles required: true - description: The FireEye profiles to use (comma separated) + description: The FireEye profiles to use (comma separated). - name: analysistype description: Specify live or sandbox analysis mode. 0—Sandbox, analyze suspected malware objects in a closed, protected environment. 1 —Live, analyze suspected malware objects live within the MAS Multivector Virtual Execution (MVX) analysis engine. defaultValue: "0" - name: prefetch - description: Specifies whether to determine the file target based on an internal determination rather than browsing to the target location. 0—No 1—Yes + description: Specifies whether to determine the file target based on an internal determination rather than browsing to the target location. 0—No 1—Yes. defaultValue: "1" scripttarget: 0 dependson: @@ -35,4 +35,4 @@ timeout: 960ns tests: - No test fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.68714 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/fireeye/pack_metadata.json b/Packs/fireeye/pack_metadata.json index b63eca44a832..dd28c4b11646 100644 --- a/Packs/fireeye/pack_metadata.json +++ b/Packs/fireeye/pack_metadata.json @@ -2,7 +2,7 @@ "name": "FireEye (AX Series)", "description": "Perform malware dynamic analysis", "support": "xsoar", - "currentVersion": "1.0.16", + "currentVersion": "1.0.17", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From e7504da04c1226ad0e46935615cd6d6695445791 Mon Sep 17 00:00:00 2001 From: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Date: Wed, 13 Dec 2023 09:52:10 +0200 Subject: [PATCH 23/50] Fix "unexpected keyword argument" Error (#31418) * fixed bug * RN * ignore pylance error * update docker --- Packs/FiltersAndTransformers/ReleaseNotes/1_2_45.md | 7 +++++++ Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.py | 2 +- Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.yml | 2 +- Packs/FiltersAndTransformers/pack_metadata.json | 2 +- 4 files changed, 10 insertions(+), 3 deletions(-) create mode 100644 Packs/FiltersAndTransformers/ReleaseNotes/1_2_45.md diff --git a/Packs/FiltersAndTransformers/ReleaseNotes/1_2_45.md b/Packs/FiltersAndTransformers/ReleaseNotes/1_2_45.md new file mode 100644 index 000000000000..f2a4b2f0b59a --- /dev/null +++ b/Packs/FiltersAndTransformers/ReleaseNotes/1_2_45.md @@ -0,0 +1,7 @@ + +#### Scripts + +##### If-Elif + +- Fixed an issue where an error would be returned when *Common Arguments* were provided. +- Updated the docker image to *demisto/python3:3.10.13.83255*. diff --git a/Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.py b/Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.py index adb3506c53d2..ddd45f0519b8 100644 --- a/Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.py +++ b/Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.py @@ -47,7 +47,7 @@ class ConditionParser: ast.Add: return_none_on_error(lambda x, y: x + y), } - def __init__(self, context, conditions, flags=None): + def __init__(self, context, conditions, flags=None, **_): self.conditions: list self.functions: dict[str, Callable] = { 'from_context': partial(demisto.dt, context) diff --git a/Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.yml b/Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.yml index cba3ebdedced..72162b1b876d 100644 --- a/Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.yml +++ b/Packs/FiltersAndTransformers/Scripts/IfElif/IfElif.yml @@ -33,7 +33,7 @@ args: scripttarget: 0 subtype: python3 runonce: false -dockerimage: demisto/python3:3.10.13.74666 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 6.9.0 tests: diff --git a/Packs/FiltersAndTransformers/pack_metadata.json b/Packs/FiltersAndTransformers/pack_metadata.json index 9f648c137469..b87d16750b75 100644 --- a/Packs/FiltersAndTransformers/pack_metadata.json +++ b/Packs/FiltersAndTransformers/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Filters And Transformers", "description": "Frequently used filters and transformers pack.", "support": "xsoar", - "currentVersion": "1.2.44", + "currentVersion": "1.2.45", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From b97b4f47506e73bc1257ebfdc70ea99f762ba291 Mon Sep 17 00:00:00 2001 From: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Date: Wed, 13 Dec 2023 09:52:37 +0200 Subject: [PATCH 24/50] New script: ReadQRCode (#31323) * init * json.loads on the results of extractIndicators * fix unit-tests * added docs to unit-tests * fix unit-tests * moved script to commonScripts * capitalize output key 'text' * no error for non QR code images * add RN * fix unit-tests * demo changes * added docs * Update Packs/CommonScripts/Scripts/ReadQRCode/README.md Co-authored-by: Judah Schwartz * CR changes * RN * remove trailing whitespace * build wars: round 1 * fixed 'unexpected argument' bug * unit-tests complete * Bump pack from version CommonScripts to 1.13.0. --------- Co-authored-by: Judah Schwartz Co-authored-by: Content Bot --- Packs/CommonScripts/.pack-ignore | 2 + Packs/CommonScripts/ReleaseNotes/1_13_0.md | 6 ++ .../Scripts/ReadQRCode/README.md | 61 +++++++++++++++ .../Scripts/ReadQRCode/ReadQRCode.py | 54 +++++++++++++ .../Scripts/ReadQRCode/ReadQRCode.yml | 32 ++++++++ .../Scripts/ReadQRCode/ReadQRCode_test.py | 73 ++++++++++++++++++ .../ReadQRCode/test_data/not_a_qr_code.png | Bin 0 -> 23516 bytes .../Scripts/ReadQRCode/test_data/qr_code.png | Bin 0 -> 16031 bytes .../Scripts/ReadQRCode/test_data/text.txt | 1 + Packs/CommonScripts/pack_metadata.json | 2 +- 10 files changed, 230 insertions(+), 1 deletion(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_13_0.md create mode 100644 Packs/CommonScripts/Scripts/ReadQRCode/README.md create mode 100644 Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode.py create mode 100644 Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode.yml create mode 100644 Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode_test.py create mode 100644 Packs/CommonScripts/Scripts/ReadQRCode/test_data/not_a_qr_code.png create mode 100644 Packs/CommonScripts/Scripts/ReadQRCode/test_data/qr_code.png create mode 100644 Packs/CommonScripts/Scripts/ReadQRCode/test_data/text.txt diff --git a/Packs/CommonScripts/.pack-ignore b/Packs/CommonScripts/.pack-ignore index 7b35a208796c..035aaf0a3ca7 100644 --- a/Packs/CommonScripts/.pack-ignore +++ b/Packs/CommonScripts/.pack-ignore @@ -169,6 +169,8 @@ parses yaml indexerror gTLD +qr +cv [file:ScheduleGenericPolling.yml] ignore=BA124 diff --git a/Packs/CommonScripts/ReleaseNotes/1_13_0.md b/Packs/CommonScripts/ReleaseNotes/1_13_0.md new file mode 100644 index 000000000000..63c420e5b292 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_13_0.md @@ -0,0 +1,6 @@ + +#### Scripts + +##### New: ReadQRCode + +- New: This script uses the open-source library OpenCV to extract text from QR codes. The output of this script includes the output of the script "extractIndicators" run on the text extracted from the QR code. (Available from Cortex XSOAR 6.10.0). diff --git a/Packs/CommonScripts/Scripts/ReadQRCode/README.md b/Packs/CommonScripts/Scripts/ReadQRCode/README.md new file mode 100644 index 000000000000..a8eb45d50fb4 --- /dev/null +++ b/Packs/CommonScripts/Scripts/ReadQRCode/README.md @@ -0,0 +1,61 @@ + +This script uses the open-source library OpenCV to extract text from QR codes. +The output of this script includes the output of the script "extractIndicators" run on the text extracted from the QR code. + +## Script Data + +--- + +| **Name** | **Description** | +| --- | --- | +| Script Type | python3 | +| Cortex XSOAR Version | 6.10.0 | + +## Inputs + +--- + +| **Argument Name** | **Description** | +| --- | --- | +| entry_id | The entry ID of the QR code image. | + +## Outputs + +--- + +| **Path** | **Description** | **Type** | +| --- | --- | --- | +| QRCodeReader.Text | The raw text extracted from the QR code image. | String | +| QRCodeReader.Domain | The domains extracted from the QR code image if they are present. | String | +| QRCodeReader.URL | The URLs extracted from the QR code image if they are present. | String | +| QRCodeReader.IP | The IPs extracted from the QR code image if they are present. | String | + +## Script Examples + +### Example command + +```!ReadQRCode entry_id=1234@1234abcd-12ab-12ab-12ab-1234abcd``` + +### Context Example + +```json +{ + "QRCodeReader": { + "Domain": [ + "xsoar.pan.dev" + ], + "Text": "https://xsoar.pan.dev/", + "URL": [ + "https://xsoar.pan.dev/" + ] + } +} +``` + +### Human Readable Output + +>### QR Code Read +>|Text| +>|---| +>| https://xsoar.pan.dev/ | + diff --git a/Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode.py b/Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode.py new file mode 100644 index 000000000000..507c44055f55 --- /dev/null +++ b/Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode.py @@ -0,0 +1,54 @@ +import demistomock as demisto # noqa +from CommonServerPython import * # noqa +import cv2 +# pylint: disable=E1101 # disable pylint not recognizing cv2's attributes. + + +def read_qr_code(filename: str) -> str: + + detect = cv2.QRCodeDetector() + img = cv2.imread(filename) + text, *rest = detect.detectAndDecode(img) + demisto.debug(f'QR code matrices: {rest}') + return text + + +def extract_indicators_from_text(text: str) -> dict: + + return json.loads(demisto.executeCommand( + 'extractIndicators', + {'text': text} + )[0]['Contents']) + + +def extract_info_from_qr_code(entry_id: str, **_) -> CommandResults: + + try: + filename = demisto.getFilePath(entry_id)['path'] + text = read_qr_code(filename) + if not text: + return CommandResults(readable_output='No QR code was found in the image.') + indicators = extract_indicators_from_text(text) + except cv2.error as e: # generic error raised by cv2 + raise DemistoException('Error parsing file. Please make sure it is a valid image file.') from e + except ValueError: # raised by demisto.getFilePath when the entry_id is not found + raise DemistoException(f'Invalid entry ID: {entry_id=}') + + return CommandResults( + outputs_prefix='QRCodeReader', + outputs=({'Text': text} | indicators), + readable_output=tableToMarkdown( + 'QR Code Read', {'Text': text} + ), + ) + + +def main(): + try: + return_results(extract_info_from_qr_code(**demisto.args())) + except Exception as e: + return_error(f'Failed to execute ReadQRCode. Error: {e}') + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode.yml b/Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode.yml new file mode 100644 index 000000000000..e05c7496458b --- /dev/null +++ b/Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode.yml @@ -0,0 +1,32 @@ +args: +- description: The entry ID of the QR code image. + name: entry_id + required: true + default: true +comment: Extracts the text from a QR code. This script uses the open-source library OpenCV and is restricted to it's capabilities. The output of this script includes the output of the script "extractIndicators" run on the text extracted from the QR code. +commonfields: + id: ReadQRCode + version: -1 +name: ReadQRCode +outputs: +- contextPath: QRCodeReader.Text + description: The raw text extracted from the QR code image. + type: String +- contextPath: QRCodeReader.Domain + description: The domains extracted from the QR code image if they are present. + type: String +- contextPath: QRCodeReader.URL + description: The URLs extracted from the QR code image if they are present. + type: String +- contextPath: QRCodeReader.IP + description: The IPs extracted from the QR code image if they are present. + type: String +script: '-' +tags: [] +timeout: '0' +type: python +subtype: python3 +dockerimage: demisto/opencv:1.0.0.82635 +fromversion: 6.10.0 +tests: +- No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode_test.py b/Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode_test.py new file mode 100644 index 000000000000..d2c445da3f01 --- /dev/null +++ b/Packs/CommonScripts/Scripts/ReadQRCode/ReadQRCode_test.py @@ -0,0 +1,73 @@ +import pytest +import demistomock as demisto +from CommonServerPython import * + + +def test_extract_info_from_qr_code(mocker): + """ + Given: + A QR code image file. + + When: + - Calling the ReadQRCode script. + + Then: + Extract the text of the QR code and get indicators from it. + """ + from ReadQRCode import extract_info_from_qr_code + + mocker.patch.object( + demisto, 'getFilePath', return_value={'path': 'test_data/qr_code.png'}, + ) + mocker.patch.object( + demisto, 'executeCommand', return_value=[{"Contents": '{"Domain": "xsoar.pan.dev"}'}], + ) + + result = extract_info_from_qr_code('entry_id') + + assert result.outputs_prefix == 'QRCodeReader' + assert result.outputs == {'Text': 'https://xsoar.pan.dev/', 'Domain': 'xsoar.pan.dev'} + assert result.readable_output == '### QR Code Read\n|Text|\n|---|\n| https://xsoar.pan.dev/ |\n' + + +def test_with_non_qr_code_file(mocker): + """ + Given: + An image file that does not contain a QR code. + + When: + - Calling the ReadQRCode script. + + Then: + Return a message that no QR code was found. + """ + from ReadQRCode import extract_info_from_qr_code + + mocker.patch.object( + demisto, 'getFilePath', return_value={'path': 'test_data/not_a_qr_code.png'}, + ) + + result = extract_info_from_qr_code('entry_id') + + assert result.readable_output == 'No QR code was found in the image.' + + +def test_with_non_image_file(mocker): + """ + Given: + A file that is not an image. + + When: + - Calling the ReadQRCode script. + + Then: + Return an informative error. + """ + from ReadQRCode import extract_info_from_qr_code + + mocker.patch.object( + demisto, 'getFilePath', return_value={'path': 'test_data/text.txt'}, + ) + + with pytest.raises(DemistoException, match='Error parsing file. Please make sure it is a valid image file.'): + extract_info_from_qr_code('entry_id') diff --git a/Packs/CommonScripts/Scripts/ReadQRCode/test_data/not_a_qr_code.png b/Packs/CommonScripts/Scripts/ReadQRCode/test_data/not_a_qr_code.png new file mode 100644 index 0000000000000000000000000000000000000000..f19057b671240adc34661e28b277dc914f2bc4a9 GIT binary patch literal 23516 zcmV*3Kz6^0P)j z>#cu1&+|U-^Ab5YI5;>sI5;>sI5;>sI5;>sI5;>sI5;>sIOG;Ca&U-dQ%gBfVL5pM zONiX%6r@^m2ic>$jI|i{9$WAjsWjqw%uSW zt(x0I4h{+&!OB%6QCdPCCN!=fglP_Yl|8!H>%np|1x(~z!B#G66kwv}Z6WeElW(NS z5wqOH5v*Kb({UzD{v{z{TFg%S67z^svT%#7i3wRVv(OsJpT{h+X-(u{YaGE+r#!UO zhMwcD-Wqx|6XF;p5xVU9a;m?lE-7&u>?7(pL^RYVJufaLnsWwOgJ=;OYjiBJq^YHF z`vJDUVW12&|9RsuZ8S! z>MZFsh}whSri_B)IQTaE+r8ShKi1Mj#}BkpZ--fhOW8hKLyw8rz?L#HhUU=zKplnK zeylcy;}q?_k+MLh1ZyY7zxcI)AL&+-PG~(_Hc|3yX3IK?eYe2L!pW0QR&8x9UqDY! z4>dJSXip6!oxm0{j?HXY73V!18@~Sv`GxXwevEhot*xzmk(t5-=Gxn03)fRjsJ8x4 zwy3ZVu|F{3J1h6q(ZXFwuUxUCti$hQ)mNd z3kuLEuAvNDT^SXuwQJYP7lIlG4<4lM?rv&sZl=b@M&(-#Bw1gZ>gwuf<;ui{R&Q@F zwY0QE?+d>?PSSS8rfWm{C+r)?x@5@``GhIKel~C3Ok1|dZ3;WC!?x?!CvRwBzoC6@ zCZ%AB0D0S+E9vgfuAsr*a{R5;t5@@5#S#q~*Y@q(Y2(I?VZnjWTytA^qx)79J^wHz z`p#lsI5zn=6r#lhE7A8}wMzOb8#Zj9va;BQfpXvRwu|^KD%;(9>#h9Jh;yN}%?j47 zTgPt}_#JV65`p$9ZVFfwHyW%gr`UqP1xxMsOa!h6d|t8tTG6KJ>+55FXB-=T7x5iK zpM_{?u?j5(1S`06=gy#BnAikaqY2{kp=CE7*^e633--lCPV5IR=aSIz)rli1fLE>fG0*3tdPHqis^-SqQ!gUq_&@3V`6e;2LbJITM__1_KB z1IL0)xcGC{NOhf;h<#mov!?GYwpTl5oX)~s10 z_JiZ9rBDOVBUXalyLTHeSc@-h;UWcL5sN|`v^K1m`z|gG(tkWHA2W_W>3wPZ-eizq zMPFog6fA)6r4X%#7}t}bf|YEW65o|A+bBc0$s#b3iRtCf)`WGJOmYa@F0POx~*llSpe*3e?Qsfob%<1RE}RsVUd{2GownSB{`F7$xEsmDFD zD)^2}FvZiver1Xz+oo`gq0hw&(i@It1Pf@1S!n@3GA_Ch^@;W!6|b6rmRLnf?0bAlRzh z76I6ppc|i|XdDyRv114S4Ml)E7Rv94^>_^x$A$fc;aqZPu6@1b>HSmJFf_LWI+f#G=6z9$ejEhTE_0^$+XBb^Y<=P%Cj;j?PJkQEgb z@@lO2moHx)@f`b$=P5vRVudc$Tx>0EO7Zzx$^fQw2@^F$qxPq~2$S*Oqfs<2kqxgM zfw%i|TF({&<}6#Ukx zMbF=iXrHOJDMcG_Vp!3nE8uGIg$F+rxAs=epZMax6Rm$Gyj=fX(u-EX62GAlzh$-r z>*}ko*0$kYTczJqr)V`!pGC_GiZpNky|O9PR9#C4PMSv#R?cXp^aImsu437t zpJ^lm$h2UY#wAP_@h&Rm1#aYpx1wm$;$K%*?_7MWwYJUgBM0LVZecoDmS04(J$br5 zb60N%-96AHo@xuUIwXay1xq=sCYl&SYz*P@f?}TJ<&a*|)mwO7$z;+?Z!kc;z5qF- zA4|D}TEX3S_wL<%i3O}Hbk{mq7tL;=PV`t;82W=izF3gYz|S zC3ZlqyWB3{8*X8`IvTW+sCU`Hcx)fTQW7J-1})xpEiT!vcB|otMedPPf(5G!3*3oo zuDJ$rEc>%Knnm&7N4=}po+JkcD`HE*f~$Z8RAk}Cat#rPNBki=@h)q;&IIHm z35x7#<+VRai-Us=v8`ZSswQ8G%}km6c;yh(D?gPs%iK zy`OvTIr(|EV`{m8?Oj5(p(PkjW10&XC5n~B^-=&mR`GyUsdos9S-{XIGYJ;NDp%r# zX2F(e4NBAmNim!z`=ETxU>`Ze2SRH`E9Sc5$@G(oX?*!giPI5~PHZn&S}?^$Fcg{y z!a)^SS!M&-@z)iX^5v?c5^_i%j$l#t1q*j*&R-vny+LR&v=PT?);Nn+*W8Tm>=UDd zba!7DUw%7eyp@dMUX&(MZ4Zj`mXU^KI>FLX_Cycq8ZaG=IB{hj59vi3zvh*yGVFbE z;s(W1FkY=jlh*I4ER~}LEdl&Q=f%i;DYbfO+2V=eLAs~Ei!Toi_3Qeqmh*<;UY#`y z)_0fJ8tHFhG8ff0rSrUHM6gU3bXNJ==tv4lzzUA&_Hl9qkxElnc$0uv=Pc-rrVU)hO{jMUrhi zqUWhoD{hG2HBr$(J%iEFJ7)&LLc55*!J^kti(u(#pR>JUe50#2;PLM6oUveC)zSSM zC^cH~kJ|5!wuEC;8@H)wQ`%2p3Yf+v6c>pan6FR^Vk}{zJA_iOl=(E#pxA!Afz$wv z6c_KAOsvY>$^E4G+*c-rj`yiwM!tE@$N7U=FB!fsjxjXXT-@VSqE@pV`%+AVFoEdL zs_hH=Q5zVnxA)JCZlPZEw9nGWHdW59+VyY|DK+?yh~F~aZ;zV-Qe@P;9>uw6qzquG zp!>FM#?2-qCan}M94_=^+$2$`AADs}YO{xbRS1?yBo!cr#Vjr~EVcUDiH=him7Aq~ zpk!_`aY0eumlMhzOZN8ziE5ii6E)$eEfKZX5!*a7w$;Ao{TXvxx~r28(zddtF_p?C zQ4^{*QUK7%odqG4TEoLZ(jtSq_5FgnE{ zBn*ir1&9SMaCsQg6*o&WHiraI?{~(w_zV|1><2SIpM7Og`vN!*{4+Ys8JjV^!6?LU z46Z7g6nDFFw}-iio}K6A7bV+^i0ZgKxY_6xEipkw2z_^)6fmt|iCI2yC&$TC%;2Ki zR~Gxig)3&~!8%0d_R>neAoe60iWXsn8>8IMj;S?d1hVKwCz2wj6%sA{7V?Fzg1CFi zLNfb|aQS6eSxg{=m?iqoVqf^qvcO#b@1cGDh(8y@~{Y5BriY z3<%$?na}_b zO(={fYHdmpWEa59wspPbXD;rx~edC zM)E^Lee}>^KkXV*Z>+G${*k$Fa-cklR0Inb3N9FavEibNMu-DqU5OGEAubR;Wv^p2 z5E<+*(M7FgU+Ce4pvKB4Qv$Jrh+cVfSopLG3w{?Z+gV7kq*-@7ba7!3Z<~51!7xCu zKyB!CbP1~U2H+aRwFseVr3{lP!OAE|u=AIAce+xT5a5u1oZcE6qc_J#sSh=~{eGIo zx|e5ry>v0V`_1y|o2Wo9OPSyug5ce`HL*aT#ueO0T$IR)7t@BJcTrDV4f{FKCQaN5 zA;f%$BDQq;Mfzr+!RPnxnz%0rGps4K@01R347Z-cA9q*J(LK?Gm0<0@$u;O(UeVL4 zzeh!)j--iEG1wOKfFZ{UBkG$;G9Z%OZ_3zCu+VFQKqP#7vM@g%=;5=m@C*A+eeoTK z7{H3WZ#8$d9yKW5Xl{b7Zol8CBvaF1tFeT35i5Y;J5RX~iKGsx5sIxPGb@fYaq(** zg|r7#VjID-lURX>L{deN-6081gvV&=i49pF`-zq<1gpE|vulMcj->@FELQfL zs!I?zk<>vO=%r-6pGd-tm&%eOlzZ51<#i8+*xz-rm7?FWvmcivY6h&>ON_~ z+JGx&ISfl6EG%4XYIV(BF6mUDCRMzt=9SaT$J-8drci$>(Z1Au3Z~*JJg7Ru-UQVgF8qK6(8(Ru3mD6Fm=$qd*;cjtt?hXqc$0U z*)Zd=VxkeXNjwB7Iv5L4#1KUr?Ks2-*V-%7XRjd>V_L!DS?s}JMynZ`omAYROk>t# zjW=_&Ql#R|-Xtd8xX8vS5>;;RdNU`Mno_W&EcSqLQ{>nLQMTC%nDtoWP3I;=3dbF9 zzCiKWPuO^f4>}&qoLFkgpnIpwwX=d;wd61XxLWb71ihqtsw^Xq6^O}1l&DQc8oh0I zcQ>!cA1k;o_7l>t!iMiQ#4Ht6xfV8GNprb>4(onVD}1Z&A5CUCVBGYF-G2zaLp z%ouFcu>y!q^lUl7U@-3X@unSv_(Thnu&m-)g~GbZm5h0*=WxN=sw4YvB@A*D=2(fEHJvjSnCf~o zjbQP(RWR5<4hb<@1a6wqLqGUp9sT9IC#MDn|Ff{q!AnQQxzfR@EDyH)w|5!tM`R z>5+e1C8t_M%(18d)>W(+mJm3I6@t<^2ER6Ojgkp4$FE=FU7L#onv=z7SF3kCyckV7 z+`?qo`|Ngl`>`$ZvBc^Oh2Ho&jZ?2~oD>ZqAt@5HV2V}uAGvs}5T z4aZ3Zv!pjX^V0@8Z(%K8j}^yCl+KX5g2h?WF=Kw#vw^cJSn!Qq(iGVaI>A)pse%hs zxnS5yIxyl`jbNm|hX(&9xpyK7G!d|_L^?z6O<)m;%kA2f?RZvJ1#3^xzsYe0lcUz0 zd3`Z4)3KJ0_fUaH3Zx^wArU)v?BI_d&)EqqA}9}fyvYydG=QuL7E%}%dJF2v!6Cz( z6$&56OK(sj;#YRgZr4LkAW-+ElJcyDaIzv;P6~s5;tkq0BW6F=*&*$Tm);8tHBS`Euh6k(n30p)kuV3 ziS&ke3A1wURgQ}liW=VC-xaQ$yYQlNs{j5b`ahQ}rwo&E!9uT~i(GZ&pc}X_Mv8#e zz;iMfeXK@O=#fP0(4Ztr@k-%r*|LQ{=JI@ou&Tb%-A;%6KIw%oewXOVo3U0$_a9qB zH&$n~qDn?xLZ??SHH;ictmKn5(sFJU8AiH})hL9O)!f`1cN;Md5w+fP4Omro_IB{% zlU%H3pF#A!r-fKaxLj*#Q%goYrHl%e-{Wa;dIggwUWRt6oLM0)CmT4gMY@hP8CQ*jAnXuBa<^s6xAXKso2&?LQ z&**glV-pOl;n#c`Nv~jeLURg!`13?}ZIvDw2woz;$^WF%!iA#^Q(i0K{0UlE-y%-+%sLqOCt9>S*InuPdHRw@I2o0HBZ)W?9BaZd^Z)yJwYQRTNT=D#Ic5aSq`+QUN96IRpX*!Rc zH4Dg0z^a1#$Av1n9>8R1q#LT!GR`nP7M7&2b*kIIJ%qJ&jnpdvHxcnI1Ot)t;t(5* zgF`(hD`2H#wHq0>s-j7om6aX~>w#mqPuFVR9#$5tEm&O)RCm0+v@)mCAiNizN2QPa zhOZxer-^?2nWf~A9lrBoHx*8na>x2Udp-GH`Wsn^ELm02q{YfI-olcUwU+dtjBl}Z zWqd1FdJ_vi`)PUoz$=Lh%Q>WvJRq$dmXH`X$7Aq?aE}<*=Tnq>o zL@SgA0pZG(Gzjma)8zF%&p4?7+2p{hjqxJpZ@@JlOsBlOIw;jaaI`zg@ZM`OR+O5@D* z4;;>XfZWZFrTnEv`T3n^rmru=Au(_V;T8(IPd}T2eVI?eQMOm_qSM*)$^7+TUq5TB zFVpywPt$u3JxsUs9G8R&oP8w|svl)psAPid|4WS=7;Ug%9oxqKHFhc>1L9ja@x={y zQNib~O}OnS6RzQVf0R+-%D>{HH0ghS%GX<7X{2A?l<`824pDsLk=-<7p){##rsG&b zs0zQdN*1YjAkXcZYp$WDcMnKH1;H{GJ6SC2QZfkRTtX?s)%bbKM0^WLZi@I8e042u zqKCO!Wq*EDlUM<4SN?J%mE3zbxo6f;Ch#iaBu@Ow94OC2{uP%~CO|ttyQ|pq8Wnx( zn+e4VU`C?dyLZ#tXZD&=tbn1hEaL`0i>&r^fxsc+TcP}|UCi=Ad`m5V3$7M=-jpXE z7R+lqwy*}-$e$N6^B;H8v#(xBbI+}lw}WtD$%MtFj9-c4vMLvS{*yH8j8mxXt#|3g zhaV%Wf;iT)8>FfX9>w`d2M{U1`|ks%+3q|)|JD_Ht?CpC5Z z$YgYrZ+M;&l^l$52|dBgPGJo<5o4fWaj~vjxQTc5bnr9?F+Q>A)^EyU)%`&${pd4G zRZl(;@gw9wy}n~h#CvE|lm6#t++8gA?6roui^{t<@~^BaR$$hmlOvulIBzjo72M!@ zSi1ob7tf-FWCYk((YL-Kg&o%4JwdEQ8^n^Ry`o)XyQBNUV>Q>Glh}>S0u|&gG-NJA zV+70P&Q4iL5#LgzK_I^M!?L1?nAI~sZIBzE79bqI|F?Sj!4-2S2p5D34Nb(kyea1C zcxKL&*Sn7#BrDTnTfaw&2_)Jos)^x)cJUHSi9Rf-vD`=2lqGO0>kM^s?)L4RqN*OF7%Hu*&n@)H7zP zF}bc#B55O~Kx%>|r83l!iKtsNk9GA*$)ymQ7Dd*w5xmYVw#_^+fA-ZVexw7 z2$qO%A(t-y%FE-5lyLjd+m{YY8v92N^Sn@pQT@C^GxiwP@p%kW2)?H#SnlAObXKTI zh9wo@^oDe%2;lB0?vSv$7BS&E?b67;2UuPrJp!Po5ebOWqaxii}U{t_4>p_})NClA>U_uO^dm$@H*bWulP)VRfNlpUy-J;spy#X?X#-3RsFl z&*44_x|57wn1w~lFO2#6*`K_OUVH3W%UW68M_T2yfzsdqh6|TkLZ?!sU`dH!cqUNZ zpiLQg2U768fs!P7!AhnoLk6gw6#hz??sY@s6ygOSS`e^#=UftzDpV<_&Vn z^TP*~ZL3A;HX=x0%^Ln9CSWs8T|7a+x-2YM$ZS``%2rnA;ddsy27x;8_eMJK>T?kp z=-CFxAzWBo2PO=>19pK1;h8m35~Sb~!W|5f*{CfEm$>XPk(&ka#IpBUsdP+XXh_h! zbLwd3=^vt|ZT~}7MVZ|m3s_laFqiSQsI&(waH#q3{HF84JI&nX!n#=mDi%VpKzW{v z2^N_U_evIgUzbeqJvqU;zkLO{g7%rtHw&O)DJ`%m)2gZV#Dvb{}G*W(C1=yFFA`R78_X%lPAX`$4CAhVhh>w-7EyBk3eb3oEd~Y`uea zps=urFO^fK^5-KX!!$ZPO#OYm{BeBTe7DO))|CJ~h#0D~|L@IYCLmD7lO|Dd$s{gN zcvONLhlAm`D45)U=p+TpobI6A5CT?KA?1~gkBxB=8)g>R2oo?Y*|NfrBsz^*SBc_R zO3wa=%V>0Hn2xs`&PqH>SWj3A*zXFV%F8opZ<^h4(F*1keoL=gs9&&5?hdvN`sFxQ zISX`~DUOvYdHMN#natc30R#*}maK@OhwtOxT*>pOASB!W>u1z=qLam)ih1k_qEtGq zlFFt|p|a_fq32bU4EP(L|L(V><7R?&qV+KK9`B?+w%~8`$JVw9$F=`&P4w)qAK}NP zm1uD)D3ZkA!89c07A9d~IqsmD5LTE{!~%Xl7cz*KkGYX*LdNS?Et0IHX>(`NjrZO~ zV}rvY37$IbS_9$Xvl{2PAYy%;|l1(6- z(ZJ$@YYZWRD8XXNXY2T`4id^l<(@GMglt^ALh(&{KB6zX%%sVpN)8T$?+ z2pO!gDbuTI#?09?aIBlGz;I_jKVBR+gbP-sBUX_pbNftgT?uqoaL^}MfeaVwO9JJI zij`gN5XrlZuTslPZ&2US4m!5iT=Ucq_4LzFcRzKud_ZqMxr-dsQCe8a8@GvZQ9xhu z1br@{$9;*}I|r45r7QtscHpjMi?^SAQC>f#?i@O0`8kwrdXII|OPd}g-^eIs6Emig z#N(t>!#C)rZi~$0>2`fY*XEkHL|KR+ncie+JQhAtGZtE>L@#1XW&jq~yE|W{Y+@F% z0_cIY3Ukj5hnIJoudaJMq>?il(Jok?;ySVbu&_kH5f)atMXW4jw`bGJQj$&4GLu*V zB<)&-lN2G4<}S+!7SonO&7me8F|2^;<5vQuIXo}M3^-=x#PMTf7P28)W)rL4?k*ZN ziRGIJO#LNdSh#6hBU{==QgDs|son%6^ z%oejcbYMRnYT0iZ7hMadT^hdT8`~`sa1T?fHIAiCuq+b45?~@pVG_eko_kImS&0D_ zH+lb^J#_T&AyWufIz`JYVg-u|Hwygjh$mVJ#A=lm){evGuu^rAH%XH#q)o7b{yMT4 zTiy@H9x%&|6+sNeEW!oRLQa&?WLvBtRKlVfuuyQQEaB)|RlkGU>XMR!^aH zFu6LtgRBLxP|=|QYpQksJ3Lls53#D36QmIa*>b=dy_zx5q%nyFYt!K+R;@0&Q86#u zvKv-&E6Wbx;)BJ7i|^e%Z*uX%^K`n6#pRPI9Tb7M9OOM zsYEEl9or9C)w<%8)28DIMJusO=*g?KYO%iU%sdwLv4oZN%+DIgPT;~6E+Z%m6{dsx zD9WuELAorgvKhu$SX`h6rSj5n`Rpc4u~1r9V59jaPSuCU55a0u+a$4IA>i&Z?UX?Y zS=T&Bn=X>>;;^!I{bqw@V_90@b+Fjd)p3G9=cQOeHM3AB%9|(Ei_(jkTtZlqNa!33 zJ;IW*(wIM^P+C`;StpZ)l0{>oDSDMkUv9*<@1}<(a(LG=gFfWST zh03%*#83<`KRXQE|KC_xGU}1xt-6-o6GRQ)+57lyYfY$Jig8zi^`4fA>{jJy@Wjj-PCjR zI2R>k49JaqCKuFovb>>mmEp2Ge;VmZi*o|HSR<$w3{sSRy7A%yThe zDbVz}wzuBprHtR&`4VYm($sRPHoap#Y2vc4HAM6bHoRe*cwKp-jCXaxl8VIJf>kf} z$yFSX6};?v>!&$nin6JR<4i)R9{$d~)b{qf^yH7X(0yOMi@%<5|I^YFAG0HH1(kVM z4b66N1r;RF9Cg96VE$D+a3@-)xD$Qij`dDOQjJWFQDa?zS#Oj=r3AC!;PpQ-@xpfT zD4m*_Tr8^-?Fu5$ZsEME*aX!}u&WovUh%Cjkjr%e*@Txn#;I<4KGjZ=zV;~>UrBqO z-C^pf$FmJ)Y{tww-u%3X*D+1k^AB#P$L{@A!s)j#o!9G+J{)Fm9{)LD5s#O56VXsdyWxTUc)Q9I_co*AREC z&-}+Ga)=G4;kxvu&qW9fgzCkIAERG>_1|<)J^wa~Yr*2e=apdpXIy$AUG%w6l0$3| zcU6`^zNWFqE`jz)5?EO3g5@&z3^~bwlYGr{VT%g!tWP_l6_c_Ua}(~k`{!J6lAXC3 zZX!O9_*S%=xZr$CXV9b#xPi-V2*+H}E7)Y663F^+si!um3s%5YOEv^OhRVE^vsobX zvVXQ_MTc|}Ehu=dC5WyC2-n+DJ&DmVFb86tL#tWaY>=NLo83meg0WETC5#`#LieJ_ z+dwu2qE(UarVFM>u^CZMsO8n?$Uy?JspBneJigR*q@DislPxsV(?>>uY3WNU%D792 z*`9Z9dW2bSHVY!B0D1#geCOx#b68bM@4%)M(x<+@k#=kxiS=guIp;Cx+3Vd+HfQri zrL=Nhc&N%VKW(6AezuMr9I^?->NEebS$+<&TK?y57G$?vtt-6*$rqeQt7f#udNaOD z==Ip6v_S&uSrA^?HH@S@$31k&CWu)n#fryWS&%&k#7ZL18#j&>U$BDq3%JK4mS|nS zahq+*(KuKK^ad(pR>HEfWshJy0=|lPZ#jY$0-~iX&vE*tE9e`K?6%Cjh7Q&S1M|Q1 z>zxt3fjKEwyj*g8?Xhm%m^85F)&7XyL*!|FdDG5_p%4xZMuRy8zw!Is5fe#lIWUqd zF{_EVgJp5wivOwHvakf`GDdX=fs|aj*@)%k8pV zmb+FqFxPPIwvGr>9C59GeX7NA5giNx0tFZF6L)NoU&AmP1lMhzXQhEa5;3eC2Vw=2 zTsd7B8rkhkv>a>8Ar($t@lm?vkyj#IK*Xz-KGsRwtvIKk(YV}6xr8|nM63R#KJFrl z@rOWITQ!%RLkgR+B*5`pP&!j^-okZEj#lBI#>fwRUuWbI)$okJB@<#rPtbeU!!0!JRWfM!V)Ua zckBm_O3_el6RA4zyPtAK-FHs>iM;N7s=nY%z8rq$@ATgPK1svJyU4)-xQe}0dU*{^ zy8I+^7fYAg@qs-wDNia`*xmmQRhBN|>(TAYAvP*`SS}}PQUPjct(a9PKi}W^EaiJj z2rX^-R%LPT0YoK&Z+-HHS|6uXCyNQ?q5U0{-AQ9qfIH{DE<9WeJv4 zc=_U>PW)fU2DRLcq~Xl4IJI;?PepkXJ2DP*KSw3Yrt@WRS33>9*iNJG^pZnvkUy)0 zikDSW$wkv5L@Jsw{}3G?+)JLxc{DcKMfn9%NMXgS0{fPY(MN5(HylaV$R*Rm6Otb3 zc{Rei0`05;q9F=|aE-MM(!kS4xPUp>lY&#rxJ89Wt#k~%N2LWb=t$qIGfTzxvX;k=rQUZX`_mwaGKgU?wBk#5ewXP;U>a07~R)P{Y<>Z z+iW&*Kn@ZsKBbq#Osq=ss;G9#rQ~vXS zUC%{`6@RTeaSbgm>nZXsE0nFSpsjM(Oiws=Bc-EB`5aa55xr;CP z1jxxeQHI%jm19DMh` zy_ejxYS?4W3RYYk!Aii&`Qd7$a0g5Br^?UU2lw#q>0~+lMj^fZ^knjlN;ebFWY%D( z&!jH*QvN)jiI!L#0ZSj_B~>&wnF&+nTpBN~qM$c2Ev2xqkO~S4XkcJ~iPtC%_j>4s zUso~F>Y~zVsrTv)j(5_#-8<=w>Q76@^U~kAXgN&8aS1_3oAh{sJr1$E+F&oSR!Ox} zE2-t)ugjY~`Ocj*sbD%^9~e79E!}^mWa(@7(o4Uokj1K`q?n3}i&Z}Z;mRB8*LfginuD)Jghdby|xP$19PL}Zz7rpw2a#^g3 ziV72o6%a1UVD*{&xyv`o1q_RKu!D(MKVNtIoIrkniIBfw5)-5;T%i2s3tsk zE<^^8(V~x!B_I(3d~`8F?GHgGG5#E^YVl!HAqIy|lhk%-ss$ zW`D0lgIL7^7oQL@B}yUljP#LbY(Rd^PGSa83V8BEf;5Tzg{54W;Ntn2C6z89T5t^m zfdD^`@3ENH>6fRTJB5Vgg;PJy*YhqsFNXyym<7R#<7RO|Qd&EMLWI<pw&;-5tOms@QAO+b1F_P8`xFGR$Z+3=2xm+$P zEuBm~J<=$K7Ip(Vne`qTVPy%yf`vu&V{(W@WoQmF%LYQ$4mi=K?q+2`c(~B0h?0?b z*&WVRDqTEC78SjNsajX&2HN-k-u= zzxp3O8Sy^iHp=%udikYnKQrTg{>qEbrP;G)((BD{(6f*4hEeqnWG-?M?QU+4IF>}msr9!=v=6Q1<>j&S=VtDqG+-H`b;^fRO9*ad78cR} zmG;jB3$9@VEj;xUDlRIfzdZA-{C>l??^J#N_J6sRrc9}l-=EDc z=7)aw`%3)j&wp4#UwJu={%$Kdgi&(|xnL=UM_4pMc#?6mtb%vZY4ZAsfqkfg zn6h;R`r5prcG97?!(=q?#5k7SO>dBv;{-8(i-_;~Zo+-& z1u;nFIUMRq-LvRq?G5P-0NL)idFC2{pzBb)_u}5-zfe+kLAl#qM>$Br=dR^JPq4r1 z86H^0$a-HO^^^c~feQ+mrQ%6Jv^qPxsDrs?Q>IkX__&X`KRfA(C;!6M$L04AwYAZV z>goLbU96k@_uF>J@At8QuJU~d(fz;qEe(gP9lZADTYG5!yjuDFAOG||`F$ff(9*&m zVHJt*vg41BYdX$&zr~Kno{0NfKnx%F-`~pbC(G!ll->ZU=8RKCO=|n|2ghi3`FY%; z2fo*vDDeIP$|aan{oD`wyBcG?7uVZb1QZa!9Rd@Qv)v_tv{GK*?t zcqBrsj0E{u0?(q{3%mziNu)J+#{EqJPwtJ4MgtM~SLkN$AMfDtE2AhX^UHZyN+4cX zhS`OH*a!l;1qJ!!W#=F--}pQ;2Yo=KMn}hJgt>q|pN|jEiKfV)>J1%=3LxHG6s%EK z5}EFW%)-jSo4sddxYiW{phg7RmE;u!DNzIn7X$9x;_fX340&5{Be5=ANF-aL`yO5T z2r`Rqe1Y=)-A&DMTu6XqOC*+}%fF4qc#xN*3`8S;=?kCxto;6V_IbpE(gD&KmR)oK zUyn}gOmv)Dzw33M|15w19TtR7l+qCJGm#n_YrBKC_h&w zekMB3RKDv^e)bFbGZ3h;F(yua9~UVROxH^3G~@2@sIw;LV=*f$hXkvqqNg>kg{9g> z)gAEXTpUXozdF?Wcf&2LGJ_g5MC`*CUp(RUk6v~u_4fAhc-W=OFPZrM<(JCqNT!TV zw&X$)%3nJ5lvCm+jv9@ytRi1KU(;~{<@XAI{=$g$=zSoY-tBf#fByit8aunXsGt3A zaLe_IRpsoll#@o4bPVm6*FCdpC|6+3x>fCcRl)KFf=!fTcxHwh$C!VBjAr^NqvS0x z#&y8J>1dFG0V@F)-RNj+al{3Rnod1E$=#2TIBGOQDyb6DxnO#LD>oX7JH-N>9;hg) zSD>PqWpLSK5XB4;#r)!luJ;j0PK#D|hF}_qluzlv4#^$DV4(Ddz{fOV!s`kF>*qdC-#e!IsJ@qJGM-SnzU%iUb z0R}+7{F@3gf(y<+mp=8$tC+P_!UbxFLa@NRxwZ7An^yAo|MvG+=zo9vNW}ZorcI?U z-&D`7wYT2h!{cAdix}_!BMVf|W&6SBqu)1@%PzfyE?Zv5*QLMpgy!P}XP$9752~wu z*EQex8efmMk7QW<$v(pcYjQy~UBBdad_9LMkOmL<#=doK`=Pi&QdPnF3{y5mz^r@0E$^|m*5-LGV3jy4D=MK@k z&zJDjhggH89Wo1q3MFHV%AIqF&-l12Vcus#!CKXGqN%f_Ea%1)`u*7{4~;uG;#vT8 z!XaEpf9PfF%4($!=>sB#VtjMY88mdbje{yZ(@wmX(3{gV3Kwo6J8gB8L-yKXkbvd76$Z-*uALC4DuXL3q?;VFu!5cBZ`87(Cc!$p*wYxuv0{Gw z?q)HA1s5e2xHkd_7p9-$k0Fc9u1uchqbYO7xQHVTWmd~cE8{tI%`F}EJf~$lO@f7t z_x&^GwpO@3wUi^Ew7MNC6ALSh&J4c>;TmGrn3XLtSWoy~Wudqeis#uaK%OfWRxn6S zi89;;noD1nx!pV1gRR}dU~fNBDBZ>Do=kQ{h?vq6!>q-^5`$|AK^yAvQ2+7l*7b)l z6_o{;FpbMGCo{*LjAU#)H)2@r0iWhvPtC3I(UHNX6@`8x+c*WYcw7wbAXG65DukP7K@<-J(YP(keuA6#Eh_; zKv79f2o`HJK27l}p!sq{9E%yKjbvl|hr?5_7v+`E$Y}0#D;tFnw|I*qR@y+@E6TUG zM*}(oe$DYKpv!*n2T8LMS`i+@3Q^1&3+{3b4%uLEm~ z-NFhtipojV)IaF>gAUnYXxL3vtPKkMZMGDw;HaN8$FG2{D>78N)V@{cdc$#oVs>}K zT`re~M>v>+!6B*L73G)6uLb*h$#w*Tt=IG%Zq)M;-6q6QzfYGUS_$8tz4CfZ<$V6w z)$I&-amXw^{nBMQvtoh#n*Z&6WIJ5?JvQBfHQnpoOg1H;FuSWtBy+s8$L&~I4jBUp z%RPN=s;QVSzvh2?FWHb_vu{kd@uOR?m|KV>FI&2W=sFIBdJ54)Gm|wMh?QeyIb@0x zT~b?%u&xxn*LI;N;P1J#y)FHMg}-HIw{ZNWzsc(-PhZR*VP%cw*jP%3%md2`3lMD& z_!Mo@E|k07+bIc>>ISp3Tj*273eK8!F@J=W)q2G1xP}gC12@FuUE#|yLa^)?ze>s- z1W5^&o!!FmC;uX^!zC2Sd*kCSYCY_TmV@y?tZ+jd4~-p!Sc#Md_q`C-8tePk=yj9|d!x}TCH zX~9Agsap9>g;xU5*^|L z*G~u)g6pyBwMSc5L;w9FvKu=_22#o}NNIF$cWrHXVBFhHHUu;6mi_rra?h0JDtxcK znKu6ATM0i`QWT`}(f}0~1#D5V)FF8=cpl?XF~kdt8W5}1m)|P~+sB^z3l03!*T`lB z-G1M^ies&Kk-L#HQ51m_dlu%t|R)6yb>8kNtz~Dl~NZ{X0)N z)^aJOK+2Kh+sY~rveQyeHbiPLF3MxV1!h*A$}^Dn9DRj+{=_o@`}{5%W(^o)!w|0+ z8F7=($NX^igL$)CdDv3yd3rL9G7+dYp+SRK4E3YOJ^WnboNJw;3zpT_m;aY6 zR$$<3YskM_)2vrkBKViFp>;ck2U7ZCh7^42tXTlJ(6%!}7k%rSZ25-#ymR0f{qni* z(Bba)DOvLJf;6QpNR<`2SprxOPu)9}mrefgO`T*G5RdBUaiuhO;8`=5(e)SI&TFp; zhVT6`TkIFRV!`&7st?|uM=4@R-~7K$t}Jr7>^n2G)Ke3-w9vpVKII>%vZR_0_w1+P zu|d)c8u|dcJC{xhI@VSK-f5I9EX=>?F~M(zp5bF19(D~TCss%dz2Txe=woMGM|qy` zv}^a?_ODd>vtLn}+jc24!2|yB@BVVI_hm{ELoBRN@V$j>Y-NG`&t6N#0aF{S@fqA{a(waZp=hTi@;qmWJ=Z_Gq(=YF*Y=WL(BoFJgtPrO1mVQ?j>Yn z{CoED-W&8FdKaB0zmE6=x}%Y=g&5cH_yBbcwrkoa8a`rOu(TXv)AC9&1=w%Y^Fba} zpE^nfCD|Dtg`j#1hG+S;ixtEPB6U5psL)1~RYbwYeM5BJ^L@0hVjg_?Skdx3CY9ISUN&VXdgJge z_SlrrZJbsaps7_(JS!G2|E5Bou^Q8XA(oYm$t;kW9xK^X2`niLnm=XQVmfoyvWWPU zpl3Wt+YgPb2eTpur&ZpXv_y#M)tGR6#9qHa5*LAF!?&mpN4w1b2`!Z^OuTXxD ziBvE6$F7Wu*6~iaT&qe61PWF)0_Z1KFX02`;{kEn^8N^I*gM2TOXWNtdW&fNDx!`y z?jqh^T1nRxmy#7}5BRp9ezf%(G6+Kj>%`0jb?zY9+RA!psE_XI>7d>qYj6uMBD!@m zi^5Bdscw2c)z2$TC|*Nj1GJxs*3Nx@h!8Ktv1(`fc>b1yG#hm*a|hpjVWO3iNzuY6 z1_ara!2O4dhsvPED${X6q;?z{rR|4Dsj)qADvS&hD{gH)|1f|0)k)=a`{YW@z)lt- z_=Db#OaE)2r;!Z8@OiB4Y-Qcu-$nQIbxBXIxS8ns@5bF0;`y6CG#bMN%Z^r7Zy-Q-_MM>L z4u*QDzQ}~?%9}NR9@f^9O0O(nO6x1ukRS9M*4FrPPPF>ky>$4^B5Hf1Q1jIH5Uo=# z9-x_LjgZj{j}ouUp(J_;4NzK9O5%~!@eXEfnH|=jv^Bg>OJZ{BZzngzVboP~$3M*z6(6&p$86Z!*aX(ukJ5jPFTIi9(bn@vC zfLOqqf>6E3+&&RlS7Y)t_L~$2Xl%qy{l~+W>&!EU>EsU&8fI-FgZo2@r z9-s`NTK?zmiGlNU@!)ru#dRNFy{>pNcM;8MZN2XsZ#}R5;9N48v}CB+Ww;K+>gtXo z^d5VpDYJ+go*-IqHl@nGK0j6DyXk@{Qe#8cH!Lk>Dg-VRj7h^dL{A3u2n#0#XwTE7 z^#02wTu2ZrN=KZi^I#sezFI=fkCoD)reYfIjsGRN6~)A8>D9e7@4O){rgJ_tOtV6w z>hT7t?|2^HhY`bf;0CrG^-f3(z3Qx$wEVPieY7>N4$yPQb;PAo<*emIQ&~Ga_%^-O zdxHKnGDv5#oR=LM>%@6vzTFGG2HW$0qt*j?lW4NWOT?($xK7$3;LM&_N$13EQ7IL>XKK-o;q6KD531ocSA>6}vpD&ppE)X!d zUX!PdbL$H(q>^#AJwy){4=kUd9=GP06v&29fq1D4h+F-itL~F~0})7H`nUe||XhmSEdJ?II%q3bB^8XcB`>(~FgWL;%|=pekBXu&l+X?o^^@j|%Z z)~UstwBlt}87wu#oKWW~ov8_GM9)~G#Pnh%Fj3By+wYreR91T|(kfV>d3x=JnO^T| zGBF~!j?8r)r$W36ajOinW??a{KWDQ190RH!eCeK;+oA^%S@D^SYbg=&C_F;EhS(BM z#2`$tn1maN$5Q4>;xXGGUZqy9SSeN*PP6>aU8(0)r4!_AZT$h!P+yi@#PnKMAnk%> z_DT*fFpCPqY|cu|Vd|;SNPquQlg27gIz`s15))h#5hdC-aTvt+B#LUw=G8sQ-v8pe3x6>$ca^e2n z@(ZG}X_PIHA?;%SiJrshWwYt@lg^{p4(^Ou;S_bkQQBK2<5^Vz$-ApRdM}j~N$wM3R{#9Be(Q=An8QLG=X{(6Y2T*a;|J4L zXKT|?|EfQa4DO>0kTDAjyfveC^9;9lC1nXS1lRQt9f(IP3o$Lkw$$K3`Dy-~pQ#5K z>j2ilcnRIsucfR6~SL#*!Fnzi7%9+2{|>B2HO zPYc8vdl(D!B2KN$J>lY$mNKg<(OiJ2Wp&kA^-Qp?m0vS$>Vgp{a<-82@V&ArspV{C zDA2AXqoG;^;O{7{#9*(~Mi1*GBDju$%eVhFtHE_WVBF!uts}Hzb^#MD$)$n&f}(LP zoqJR(nU4FUp#0FVoASIt+sC)~j?~@(ZcZrQddOyJ$_t(U#{ZgJjgg5@a$1K4O@S$%5;8!0??- z7nRC!Er4MBA71-uLKjg0R}rZYcB*QM7*$udzA3lh0)G6g8zTzup|<*(SF=08MMg<6 zXKSBtv~gK`TUy2os*x4J3T43WrZl>S2(I74tSa0^I67-snU&}sM6h%3ALxlU?~j|W z6%B+7?qd05>&{3Gx38|s5nfr#KbeDpP&iB7wS>;kMTSX;_MfUvd@+ro5XdVqM9mPq1NXwuv% z0YnNtq1}D@Coqj=RoOaTr3Xcwt*eSk=zFD8RIM%cYu!5S$o>tK1+pesARVrua)Jme z1=sZgv1(wJ*2?*jUDO!T^TeB5RCBiCAuO-bk^mJm%PZS+CBoh7A8_#)T<<_~vn0N3!o z)kJ$=MEF`Bz@5I1MbO~Lw# zBk!kn7fg|?3l=yrbN&W*(3Mn0hg2tsuoI}QwXLpv!W3ia5H7Q!CRDJdU{&ROtV$1x zfIM=x)|XG+cvDyV8p<-J5GBH1yv;qW!;pn3f(pD7A@uUnMGW+D6j2=vKPE zIx8s*u`rcjfkg4FTn?_M#8dZCz4rjEUAvZQYina}f~m%k7GWmwf+cnG^d+Ik#WA-T zf9Y>DeD9CR#~uZr>Np~myI!-2=4mt@^E8SR~ks4QeFr{Ge zc$V9Ow?!(IEC z1=h@Sy}FpFbq*#cWDusB$^|TFK8a?Q&!?Gey{2M*T!BJdN-X0{q+nIe931A~1(S(J zgWltLM-NC(e*UiG7U}_F3+;+s)JG zUP`N`HIWH1tzd!QPMNXhE1m7@%`ibkOdtfeo=c_zZt|Q((#*g~&{RE#e%9YhzZgt^ z4|aWhJ#E^wDdIJ_dK))vpmpo-jSwls-NXX$o>-ciBCjn77pA#tV>da7mh2WP5+V&F zjT7x=1(OBYqw$i7`9jB0{BY&0QLN?j1e&xbu)MsS)~rcSY!Vmak|j$tZMS{~vixxI--pt*tLp~p$v;aU*;sxkqeHPY|o?{L4_OUqBR`TuHOM$i{)bhp~^tCr% zm#m`D@nfG?UwyUeaR_S+`-DY?Qoz^;hL)7M+|&!JDm1OT*ss>#CDC`V6@lP7S~GwN9&(3C!Px`}po;vrig5UY@2 zAx5MXT=W3$_glWv$bA}gjPX#46$Enk?%hdSKse@|J9o;0#KQ@|Y_Uc&foscT=?n3& zhF}5z@N(XJkz*tZHVb5NIngF96c!;Zh;3g8xnp>)_48VfF&_8ycgdC˴?#{-sD zgcXGjl6?jT-0cAG5gg81xfs1zN3d4S?crUmIVM^nu&j%ag{8%v6U>=2hd&DIO6zBh zu&(&@Qw*cTN&wM{u+;WCf)##++r3>2J+^nfLaqisY zhQuL0hqRJ-$6`6SSh*}KR=~P~1xzAZxQKAqj|QTlRj^(!@{oka_sk}S)gbnk68sQ zZCMGdFIWI4V$;#(85b=K75d2MC%%rJx?}|l1qnr&XY7XwRx%b=G9n;8qvx|mxJKy~ ztdx5nOX8eoD`4ROdn~LObdQA{dk;ecy_1Py>B+$o2&+u%1)fxnm_z2UnOFh)2o}h3 z(Gr4_ti>X7u`&_AvJ`{8;UQ1ai&?RuSOI&ugi5%3*ur93MQ{)Gn;B*UaWZPtWyvJ# z0tungV`1e4h$Y4=Beeb%^G$w&v4I$FW1$Rot=LbnfOMjk(gPoCU`Aw8^BtN7)V4bG z7VpAOaN-fv-A>oOSJ!ixpi6nhGm03*;JILgG!W!>=^+``gk z&FB@JX!N?2cDJx_gJ@}KiTNIKyG$oqQa!5%vN84+EN}xmf%kvVLoT-p}{;_VUMB9xpFPoN18MX`95(WZ}Ve_cc~e2-Qk%2o{hMOqXXR!88@7%;pbz zQXAAPBnUUPhcbS9M({d zVXr(atsod54BTpoY7cM;i%T^pX{z;X0ktW!^axhiy2{Nalr_+1F|&UYgjW!Km+EopBhz4ZA5 zWNE~hz#HwA4629R6)Yf`*zCRk$Huy{FLT8H$AfP0xI zI~JCx^pH-}%FARvrGvSE{?P_ICWGoBw*?DG4PXu3f3%6`Ynjp73eCqTL_&>3^`R2E zmU`n?vpjj!7w}Uyz%*o9=7WSA9IIYgB1}?d0GHmduSaHZvEok-RQU zMO;T_B8l;Y@qpE!R<1^GY2?`+FTIr|!GblZ#f43|T7z17nW8dEBaO@jTt%yDTFHUq z2$mA57jZe={{g#gd)8*VlBrA*xmd9fLZxP5X%#Gy0Y2NCm(d==tdQyQGO()L!F6Vy zGCo^4T|BWsK;9o%O1Q(B0UfCgi309G&BD@}E4YQSg^mHx zYAA&&)q%U>SP*nim2?jx*3wy#Wmp>lwb>!}H@&wTCpQaO24 zZD>s*l&+wb6p2LpLBQP#ba!`CN?^w5SoN^<6!5#|HmP2}5?JmoX2IVuqmdjm;aFID zxN-V+y0Ln$lqH{GH!(D(Fcm9H`Po$F6Ew=Y65|1rnPdZKO~FXzyUG|@ZB)2_XiJV* z>B14LWZ*&h47-U_rJll6N~J_wSji#}%Skb5R1E7$re;0RTL$M$odc$k(}v#Ac#G&! z#daZN1 z!^L_TwYs_xEQkmaL9wmY6bx~^rAhQ?svVQAGCo~Ln#hOB3MaLaL((`FR;oa_cu87j zaiud2LPsILScEgvy%En-*_ROmpO+OB@y8uIc4*pu=gytnqJh<HSL`N3e_nu?TcYL%4jtRx+BR)OreqD|s=yXv-8ms<4C{tdApDMg!sc*9(`E(S&lbl6B>jWB<;`*B9)LMu=vq0T$MEtoIWF z3O7%WXlVi8Z_5@b%y@fgB{^6hN3g6yDBC?*3rh^8Ig^Q%h&?6Sdlnu?n0gKtTs0vk z7@%xaP8P&!`Eu#LamVCJLypxU`#6GS6?D!59gPqt#IVlH&*$sOSXiRk1BAw?;(cG8 zRL(4|$$Y;{moAm9qGUly7>E`2hy6O%m3?po%SxmmTH$2RJlVoZMzD;uu9W^tLw4nTapof0J7BN`_0_;d-Knla+ z#f#uY$o3a}BaP%> z8XUngGxxWzAPTIA5HAeG{m*Opg}S@CmK+SD=a}EOeVW(1W$NMm2=1j;8p9ziI4+@? z!C-45DLF}qSL1`1uxGVd&DypPj!0Py$HKBEb^l&owc_(drI%E>J=zA;IdFokGco9* z=h$i^6RAdWuoRA9S)A_j+Va=({dLuD&x&e~cQHGmj({oX4)|MH0Di}#BZE!X`U|&L z^t3uwl!b8w%Vr1xo9gn^)p%tA(@|Ey()2J3swqgp=H~IS#TgAk_YM@L)heBLI`8{!E%@Y z#B97Iuh!)Xmb-$%+F;OCi`UunIURvO?G(3%Z-@7!6&D0fUF3qnR(aKh*^CKgf_vEO zaN~Lp`~5w$Jf7C3@v)vo#h#|Z9_n#K$-%+F!NI}7!NI}7!NI}7!NI}7!NI}7!NI}7 bA=ml;nkSdk*~I>T00000NkvXXu0mjf$*R1X literal 0 HcmV?d00001 diff --git a/Packs/CommonScripts/Scripts/ReadQRCode/test_data/qr_code.png b/Packs/CommonScripts/Scripts/ReadQRCode/test_data/qr_code.png new file mode 100644 index 0000000000000000000000000000000000000000..658cfb591d90466c2afbee32a8b7bb30879b371d GIT binary patch literal 16031 zcmeHudsI``)-Q@kB_ch_qorEVY84P^6{?~T2-@;cf`Cm6LTuFvh{h_Qys|}%wzP^x zlp_iu3WSFmA4rtf_EA){K;$VRq<}yO1_Tm99((UQcd%!C_qO+rZ`^UdabEqyVMz8` zd#<_Gobxw-bFT0Gd_OZbvNY1u(=+z+T<5Q+H$_hVduuv;^Q1+b0{>0f@BbN1?@Ha= z0X;oyJ+F1{fd@ln9kT25R_>OwBMV*?x@Gw{7^+N_XKt6^MajBnXst6B_d5~x^4xffujvNT^i0=B z{9D3b@)V4DP1Ihd*1YVSRjUOm7H@G!`P=cfe*7l6yK8mjj%AloX%22fbPGjJ_iJKn z5sJ$|C+Ar}l5<|Z$*9ec{r+%lv!Q~nvOqak-u129g$GN#l*@k3HfpkQN<2ybmUY%= zP~cpEJVqz%qiXl=3mp^F=w%1yj|b-X77ipQq{Khj5`;9nV*z+Ii?{3Osj*DLJg%XV za*aPV+Iyqb%YYZbeGTg3SyJw(1Dg_}TdPoXYAED87qfzZ2(>l0yK{L)3p3h}NJmD3 zC7E3>EBa7S#V}2$ipGC$RWKQnfFo)73$KasoJBVY;#m;yx11E@zja>Wl{rLRc@p zfKU?S(}E<7RRtD7USac>RMoNGtV2rtCZRtCGcr`r>}J?ct8P`v)C0JbY01RIuE-C# zylisT5N1q8D<2hV~^!PckTA8XgoGf8=TJA~THZDA@~ zV-?Ji%}58brb7)W$onwc~CB$rtwRX{D?9pql7Vi~-^*#V6p6aN0pZhq@*e)cYT*pn$1POP^$< z#%q%ERjTVELPUKr#0(;2YRu!Bdi0tUKAWpEF5?IAu7IhE;R1zt$p9s9qUc=TXCu*} z4YxSBg+V79 zA*Sco zJJvffaf=l2uX`z#oK9NnuCa&OfKD;~($##%8i`HPaqme5J9cg7(EuzoYH);@Kp|f z+T*}g+!or#L8MNr^y*-ejvX`$r$F^IR^f0NL3J*LKBMXCQl{&&M4l<}WF3);6#RY# zYR(m}cQO(09N%7%p~6(zdR{7+VD$^sdHv1QT5*iF1Zh_cTf{lLBlpRtb~GCfmJV<^NYxZ?;|yFBV}kObM}X0`BUfI~?)nuSU;vKfRU(mv9N?*`YC?du0S zhc7meySJChC#%d(@cI19FAFF!l?$E*uS^Q}zH zXkZ-8%n@-NQ{huzjAWv+iEyHHkhn#o8!kA`trGRJj3SkEZKo!0gD zY%3i@G`Q7!xG>2aR^{Ze9C?E6=Kb)4MQ!Kog7k&$Dl`$P-3W*3%DZW*;2{7|&OtWiGkOW}x$zR0#kYGu7_xc+k)uNi;q#^c?aL><(o9&H zQpj1hEYvaHC&xc6vY!~ooK}Jzmwn^e$GVN$M}0eTp)Gjo>9p-@2;s2cb~v2+|EZ(*Q{u;xDAG76K#f->fshK^JKQQkwl}Rl!KUS!#>wXF` zZo^DUmi@t&DV7B?lOPpZF6ta2ZiL=QjC4fo<%!wE#rJmQ1W7Pj#-UG;Hfq7o<#lCK zA(JSJe_b%g(T`m0mhbumoMoyu*J4O>SoAxuamxZytqa<;H${u6?K{c*NH*i0PNse{ zjm7g>cn&o$d%06{39^YQmnru( zFM{35@caa^kE*F3{}NKI#Q3R4m91_!VS{Ja{Jn)wwNS^nmlNe?BC2PgOQoo6GKvs& zj3h#E=NV!Z*L!K|IWrM0aA<(Gu?LWJuUKU(qOqnI-JwI4U5<=yB-}4dRDQR4D=mr5 zqZd3|(P9U`^L)MwmRtzk$u|w-(QVrHe?Ix;q5rfmi9mm=s7g@^)$F^*{pp0wkl?m- zr%^t{U%mu7bB~(S_G+G3$Pau&CM(<(Or%r(RBaaIvj+H!okd7|%$2Qz8VP{%(P>-{QdWoEtNkm(l3Mo60pEI3iyjff5 zc0T)}mi{gA)~IqgZe0{k!i7p|c!Dt`ZxaIm?Uj(*;VZZ#Av>JIL`=#YDJPrh57}*_D(^rX=89sfGGb+JNC# zn&bivL>R$e8Za}e3lr0D@Qj%e)^eH+TTQb;I#Bi5!vN%{aEQe(o)E)VC6m}60I4qi z70y&p65VR#$yYJ=CTufO-TKx5p2E!*;ADJK|7yR13J~_PKg5Jy0nQ&0_J1~+@it?d3<=bBRiAn)8CrP)2}J<3vc6KgdojaKkCK{IP>-W7)Hi92 zYLk}40H6(LySkqK)Q$TAb({a#MKynf+x7K{>UJPk zq+5o$w$EtXO?xG##&VJ6uGFW7UJ81Tz-cJ0T08{1_+C5_c-LJ0<6#eeSkAGQFXDf6 z^(;axk;~s^EX8ApboBW%4d19#w9|C1^Ll-kk_XSX$=&_2#))0W%eRjRHGFOJgHGz^ zs~p#hzlv-uB|N8=_b-~HfuPJ?FBbiPc7SR>8OI9`+sofIIOhA*&E)d6@plqW1`>{V zP|vb2wd7K6UW27X^6HnYib|Ot7k2#SLrHQjtfSTPKutGG2?ynPB~rANlKAOeUVx*> zW7j2@PpuX&2_>=t+a}pgJhpJcRVgQDg`t8 z_*oSy<&PCH0p?9enf*76a);?>5-AueZ#DEXZg#V+8U_6DM~?tpUTFY1ROnkI%6G-A zE8n~-ihbi%umt>r+Wx?6p-Y2FL;Hxp$Rk7bMN$--8aiQRDM60n0ng+X+0*^Ucv=7& z>VXPr#yD$DmAX}RY3hLH)DE4k0bo9}=9z<>!sgwwof*=%4WbR|(?Xgdk?*Fa4EDUY zR%`fu_h5qBJ?^)`+Hcx)KI1;8z{1<%2o90SSpakbFds-(z3s_57OaoV($L;n#%732~*F0W!M0+wSYJvp|0OZY%fk~id+J4v6u~O z$iv!C2q5yc$3=!8-&C4j34K)P;@_W(0l$G%(^a2vg0cMcU(R2| zH||cXwNRV#F89Bf{ardcQH12?62=TgtJansSTW_bbfxvzuisLzA{6H8^t6L@_DOD* z4|@^;YCPn2*kBPVi@ z+bkM6A3Qb5@x((hZk;!|dg`psMaj*>vp<;C>PO7_3ViCK7jlsM>&#Y0{a`ZepWvI` z?+M>wqJ5a|JVz>S0_XpqE)sFuAu41^B9Ha)%fN>vY<@hE8GxNeyX^=$$c$hHZKtA6--Fu;~*o(S*=V( z01-%jZ13L;$s`3UT9cF1Vz_=}^DloS9qD^EA8^yZY?9Jl{MP}194a&fX{KWVm~HwGfKSsApGxbbcH;M3a9f)CjarNH`EDuNCFhqOXFO zu6xL2lh|>Q;2{MjQff&{<~AoZ{DKr66`v5(tbF%6``wRnee>A0uKW7xoLPb!L#t|8 znOD_t9(#nMV{^{WYWgTEHMN~gu93)z*N0pS?hjsC<2!cl!%H}vFQ6H^rt$TiHuU%O zyvf~N*XEc=Upo(;Xw>GqW`P^9m)igWz3-hp zk8h&3w;25~k>5nfj3U^OE~z1TfCJ|ZQ2T1y&W8iZQBOE)w~1|FhQpa+U`%mHbjVl< zK>E_lwr|ze9sB0jKRe(JxmHe}Ql>5>KwMIgNS=vZY|MFAPvMqFE5@_@387tqDzTg` z{Xa!$_-7L#%j?3|dV23~Bzpn=UK&ZYD4V{(-ZPGHteWl(e!G?)2f<{lh}#Y2Exr~a zfR6gMgJNbSLcv%wJm1TFKxe*H-Ac&=Kr;~A>`;l44^l5Pfe#0V&Wt02PRQ^bW}kv4 zSsur0(AYsm4TJhZGvqQ8P+Vvv=PgDC$jA~^sc$deWN_nH$EbBy(Mk46Ga_BtbRJxl z88iA>6+)7N2XZ*BMO(+O%9D#;H9{eRoR83jTbYIoJ#mIXl8Z*)nD|f&9s{<9phVW) zRAg}abArEz4v2$1hTrBpeNHEj;y|?1i=V(v0!@DoCsS0Eb za{MPLU*`rKRxeKEH6;0tp$n%!+?9*13Du_Em8k*<;aKZCg?~;&y2^h&9YJM+J9}X? zWKFAj1r|Y2m83^&dKRz=-_LRt7Xc?~@-=q&xGD;V$_k6kX1vy<`lNdr()9DjGM??- z-~lv5xOQ6?dzKDjLYW#LkJVvJT}~9-2Suk<*IZ6QBLal8ZRsS2M4?Ept550b@XQg` zS%8_{KaaaXuLVTJAJ*GFLD1jWo#(4THLA>pOWQ?)_6J(zpMkHO0Op62A8wV}1X!&PDG2RBMC#HWN3Z zgMhec$B=j&QMJ;D!Xu%cm2X=kERto-oLcV=TX zmDJlNKNox^NlsgKL^dmba`s9XtK(h%--Ah#)$PZ)Bd$vZXwQbWPD@uK|sWw5w91wuoXcFd3mceP2nEM8*Bn3LU#!fvTn`YJkxenPXne`HW zTcz$#kF9nR(}?Ue_B6&=F>W{GZ$Af1sAeL=5UZE6iJ&lNZVMG)7D>2~LxUx#O%CE0 z#v4eWULY zb^ExuYJe<6kV2EwD;Fy%_y@<}kQ;qz@Dvr9GKqV-`HHwhTv$X@DAc>-pd1WJfyz3$ zA|~)kI^zBfNe7f8O1$qwaQH}<1PTK)?ew_T0kqJU%9QNStub~u&L1cHFuuoV=+8;7EY;SMadl2EIG8N)BW$6K{a?VpWGx82fZ(A7p<}vtR8fND?{a|L@8eBCAi>z2K9&rTYDD zsT%0|_!`;w4-&aeWoPQiEO5llK3p0~!vdrMCS^n4>X>Rryl_wBetUWN`uNawNpg;F z&u8n9w+qyK|1h3SRb4Uk*c}(BH`YSxm;P$?Ca`Gd<5p(GlwYM>?;KA4B;D;;C0z;j z$@Rb9zs}5)DRE>6Y7Gw+BeqHAnUDxcp)YQtNZgbF3206BoXysWyvB)5BUXA>@WN?9 zVbHHx1TBF*#q5AF0A`EgeFG;2sYdi}srj@26y$$iBib*3VGTGES9f+Q3-xOs)5H*U z{sgzMgn-%=mJTRzO!%5KE0eRWlxUwEx=e)8zvcIJ4soS_g|;UIc920totrOpa_Df&a?V%1$_DQZcJ(Seytju_rVjDC- zK|%yY=vGzmgizF6bL^KvPT3+6KSqM{Zw2g!DWW%Mpr!{cdBub?LLu!@buzZnPdH88 zG^>L!JrFSjQ=AAVpfX6-M4A1pE-{U<*lM}JLVCuH`<$oYcKg;=!W19Nh!`ReA{IWV zwTBK>=}QmDxI1P`0@g%<*DJgYQ#j{iVpt&*8IdfM10A7R36Cm53xcO6MjRVLQr0*r zVTy-;D(Sx{iE!dnb@&+{spIRPen9qVlXmBdKn3#_EK*G{o;5xqc#u3Vyr10 zhS#}X=8{|pH%=6t+NdglEIgfPf*9X8jrmCiDVz){mVXNO&#gIPn^A~?i}7gFdCMZL z8RC7cX?3$ho_57vCu+UlR}Pd!q6wO1^8f*+%`D;xr%7k8riNZrCocWc5Qi39{@34_ z9efPEZ}oi=6FGnKXAi6Gis2s4n!Tr|W^#)kRqTDY5``3(?5Py#=2-qETH&kETo1&K z5gt=&>FaB4U#BaDOi9~Z1qGXpDcoBOyJo*z_J9Wycsx5{Y?A}sC=BSyFfsT_`i_(Q zjN8V65f(Q9!*^G6Ieb;@8B5KxwY`|kLcORh-aBX6Ph&k!a`(>(*U($~44WL)?UY|A z8Bd`dh3r;#pj;+($*z5BC4sirMf=zlM_nID z#SbY5ezi4lq%wYr?OGm(G$YlJ8tve1_F&Cu+Hsv7nu~zuFA5P!L0{kJ%)Z zt*c9I6&ZesX%2SH+LCvuuitjL!A_(o(G<0c6L>O@T$k}-z{T>DlDr|2DKK7MC z1I~KLy?zlYzffmx*Keae)LUvr?>}%mVX&31LFXa1dL$SbIWJ3!tM+{hkAPkw97JBm>NP- z58VKm*t~_=H(XBIN6ox5Iugascp_wD5I{!wQ$@PEaNGNj%$=uiRULFjpY#T!WK-}& zz!b8n?fd>nlkJpw`d1UyW{G=8FEgnS!L)^XB>>HS-d}2XopWN!7p~cL!~0Y%0_a6v zg9qvb{ktr$^LF!~*3bbgzbZ8Y2YKSLVbLWuc+h0}swd+?V61Nwg&yvSr zk0B?C+0W)SC>d85?+lilin#YB*~9sK9J{Oj>8Ws#0XXHhry4gJe;G+h^xwG3NB<_~ z-d;uhg1TI-8^6rLOU%5ReSSBOUNmE8cupxbtX*k1_}Qo8D@-6RdKV06?4F&vVK4V` z>RM{tG;X+CgKxziN!k^5fJ(M3OhgRg_my&73qL%cm-HOZ*)6uZWc4l-N_xe#j307` z1zYKLrJ}{nM{YR!wOf_QG|7q&E|N-jntJ+KYZ@s?J^VUOi|mny@l0 zm#P1vnssAprd6nQ0wj~H>0#E{3&LzOpc@||byJ7UkdPHel9E~d z1pEMgviMfo(N6SqE>RMt#?Cbe!1lIJ%&j~*;C2AWhY6!f%g|wQ%t*tqIGs(}`u%?1h5qv`@xVqN{V&qhJB@Pnv)F!}b;MF9;;cW`K$ghI!if|XA|f7x0yP`w zK4&_lU-^kGf@XZkH~#hnG%vG{T_Jx=^P)<~Do7zaoPcfyRS9`fgoS!AWC9ECnp`V6 z+#?_Y(GsW`0~bk_DurTR@i>&(wl|ol+o4lmA;sWfs z4>TE&iF$;bR;7Oa)7%-OoPb_(Z9ld2YdO0zg?%+haPR}ouB=Gy9TXm z?|yT2daYZMxmth2QVx0Xn*7dQ{>?w{K*DfoVr1*R1fu}BajxgJ-gn&<+SbGW3v<9( A*8l(j literal 0 HcmV?d00001 diff --git a/Packs/CommonScripts/Scripts/ReadQRCode/test_data/text.txt b/Packs/CommonScripts/Scripts/ReadQRCode/test_data/text.txt new file mode 100644 index 000000000000..f3a34851d44d --- /dev/null +++ b/Packs/CommonScripts/Scripts/ReadQRCode/test_data/text.txt @@ -0,0 +1 @@ +text \ No newline at end of file diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index dc8764713098..d4100ff4d3db 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.12.57", + "currentVersion": "1.13.0", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 7160ea6a015e593c005e7ea34f8db9d2569b1163 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 13 Dec 2023 10:11:10 +0200 Subject: [PATCH 25/50] Trend micro vision one (#31361) * Trend micro vision one (#30157) * removed microsocks Potentially harmful * imported urllib3 and removed reference to requests.packages. Updated release notes and TrendMicroVisionOne.yml * added action to add file entry from incident to sandbox and action to get result of file entry analysis status * removed redundant action to check sandbox submission status * added polling command for sandbox submissions * added unit tests for file entry to sandbox and polling for sandbox submissions * added unit tests for submit file entry and sandbox polling command * updated yml to include submit-file-entry-to-sandbox and run-sandbox-submission-polling * Update README.md Added hints for command execution order * Update README.md Updated Notes for better readability. * Update README.md Updated README.md for better readability. * updated release notes to indicate addition of submit file entry to sandbox and sandbox submission polling command * formatted files per XSOAR standards * Added command examples for V2 actions * added test_data folder containing example responses * Update README.md Added link to supported file types in submit file to sandbox and submit file entry to sandbox. * removed unused mock test case for submit file entry to sandbox and test_data folder with mock responses * Added submit file entry to sandbox and run sandbox submission polling and their respective unit tests and command_examples * added demosti.patch.object to get custom data for demisto.getFilePath in submit file entry to sandbox * updated polling comamnd per XSOAR standards and updated YAML to include polling in sandbox submissing polling command root * TrendMicroVisionOne_description * updated sandbox submission command example to include polling arg * updated yml to include polling in root of sandbox submission polling * removed unused variable declarations * updated doc string for sandbox submission polling * updated min server version to 6.2.0 in sandbox polling unit test * updated if check to differentiate between cmd instead of args * added dbotscore for sandbox submissions status and sandbox polling commands * added doc string for dbot severity helper function * Updated Vendor Name to match integration pack * updated risk to look for obj instead of str and updated release notes and updated docker image version * added dbotscore to VisionOne context data and updated YML and README.md accordingly * small context output fix * Update 1_3_0.md * updated description in YML for V3. * added pagination for suspicious/exception list as well as endpoint info and fetch incidents * updated unit test for endpoint info * updated README.md to reflect name change for 3 context outputs in get endpoint info * reverted change for get endpoint info to ensure backwards compatibility * updated docker python image in release notes * Update docker image. * Update RN. * Remove main function from unit test coverage. * corrected delete from suspicious list endpoint * updated docker image to latest per circleci test * fixed precommit error of implicitly concatenated string in regex for macaddress validation * fixed precommit error of implicitly concatenated string in regex for ipv6 validation * updated Release Notes * Add pytmv1 devdemisto image for testing * updated all actions to use pytmv1 library * added 2 new actions (get alert details and submit urls to sandbox) * updated to declare pytmv1 directly in actions instead of passing in action calls * removed commented code for pytmv1 initialization. * updated actions using pytmv1 library * added variable names for replace args and updated isolate and restore endpoint table vars * updated yml for all actions and added return_error condition for all actions * removed unused message vars * updated unit tests and added test_data folder with mock responses. * updated check_task_status unit test with correct params * updated base url for unit tests * updated var declarations to compatible union type * ran format command to format yml file * updated release notes * validated yml file * added missing default value for polling * removed commented code and wrapped digest values * added endpoint and email activity data actions and their fetch count helper functions respectively. * added unit tests for endpoint and email activity data * updated yml to include context outputs for endpoint and email activity data, added respective command examples and updated README.md * updated get_activity_data_count param for respective actions * updated README.md * added severity filter to fetch incidents * added dbotMirrorId and details to incident, added 'any' option for incident severity types and updated yml file for incidentSeverity. * added any string literal with var * updated README.md to indicate addition of 2 new actions. * updated docstrings and added comments * added comments for workbench histories and updated status check to include task class type to fetch the final task response. * removed unused vars * formatted and validated yml and README.md * updated yml for exception and suspicious list actions to correct the context outputs and updated README.md to match * updated docker image to match demsito-docker image and updated relase notes per demisto XSOAR standards. * added tmv1 url and various IPs to secrets-ignore. * updated return type for get_task_type * updated test connectivity and updated self.app reference to APP_NAME variable. * updated yml and generated new README.md * updated file path default value * updated command_examples and updated args to reference collect_files variable in collect_file action * updated yml and generated new readme, also ran command to update release notes with -bc flag * fixed submit file to sandbox unit test * Update docker image in TrendMicroVisionOneV3.yml * added breaking changes details to ReleaseNotes->4_0_0.json * Update 4_0_0.md * corrected breaking changes json file * enabled network for docker unit tests and added type:ignore for poll_time_sec * updated docker image tag to 0.6.2.79742 * updated context output for sandbox submission polling to remove report_id duplicate and replace with type. * updated 32 unit tests and added email and endpoint activity actions * corrected submit_file_to_sandbox unit test * updated yml and README.md * removed commented out code for test get endpoint information * updated endpoint and email activity data count command names and updated yml and README * added missing white space for table heading * fixed import for endpoint and email activity data * updated secretes-ignore list * updated unit test for get_endpoint_info and update dockerimage to newest. * removed top var from endpoint and email activity data count actions and updated yml and README.md accordingly. * fixed docker image tag in release notes * corrected remaining Ruff errors * added if check for str to use json loads and added input examples. Added isArray for context inputs and also updated README.md accordingly. * Added query op detailed description and examples. * replaced str if check and replaced with in-built safe_load_json method. * updated docker image to latest * Update 4_0_0.md * fixed fetch incident bug where duplicates were fetched because end date was not being set correctly. --------- Co-authored-by: yaakovpraisler Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Danny_Fried Co-authored-by: Kobbi Gal <85439776+kgal-pan@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> * remove pass * update docker --------- Co-authored-by: shaqnawe Co-authored-by: yaakovpraisler Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Danny_Fried Co-authored-by: Kobbi Gal <85439776+kgal-pan@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: ilappe --- Packs/TrendMicroVisionOne/.secrets-ignore | 10 +- .../TrendMicroVisionOneV3/README.md | 946 +++-- .../TrendMicroVisionOneV3.py | 3050 ++++++++++------- .../TrendMicroVisionOneV3.yml | 1193 ++++--- .../TrendMicroVisionOneV3_description.md | 2 +- .../TrendMicroVisionOneV3_test.py | 1526 ++++++--- .../TrendMicroVisionOneV3/command_examples | 55 +- .../test_data/add_blocklist.json | 11 + .../test_data/add_exception.json | 7 + .../test_data/add_note.json | 3 + .../test_data/add_suspicious_list.json | 7 + .../test_data/check_task_status.json | 13 + .../test_data/collect_forensic_file.json | 11 + .../test_data/delete_email.json | 11 + .../test_data/delete_suspicious_list.json | 8 + .../test_data/disable_user_account.json | 11 + .../test_data/download_analysis_report.json | 14 + .../download_information_collected_file.json | 17 + .../download_investigation_package.json | 5 + .../download_suspicious_object_list.json | 21 + .../test_data/enable_user_account.json | 11 + .../test_data/force_password_reset.json | 11 + .../test_data/force_signout.json | 11 + .../test_data/get_alert_details.json | 88 + .../test_data/get_email_activity_data.json | 17 + .../test_data/get_endpoint_activity_data.json | 45 + .../test_data/get_endpoint_info.json | 26 + .../test_data/get_file_analysis_result.json | 15 + .../test_data/get_file_analysis_status.json | 15 + .../test_data/isolate_endpoint.json | 11 + .../test_data/quarantine_email.json | 11 + .../test_data/remove_blocklist.json | 11 + .../test_data/remove_exception.json | 7 + .../test_data/remove_suspicious_list.json | 7 + .../test_data/restore_email_message.json | 11 + .../test_data/restore_endpoint.json | 11 + .../test_data/sandbox_submission_polling.json | 24 + .../test_data/submit_file_to_sandbox.json | 11 + .../test_data/submit_urls_sandbox.json | 18 + .../test_data/terminate_process.json | 11 + .../test_data/update_status.json | 7 + .../ReleaseNotes/4_0_0.json | 4 + .../TrendMicroVisionOne/ReleaseNotes/4_0_0.md | 16 + Packs/TrendMicroVisionOne/pack_metadata.json | 2 +- 44 files changed, 4696 insertions(+), 2626 deletions(-) create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_blocklist.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_exception.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_note.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_suspicious_list.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/check_task_status.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/collect_forensic_file.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/delete_email.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/delete_suspicious_list.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/disable_user_account.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_analysis_report.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_information_collected_file.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_investigation_package.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_suspicious_object_list.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/enable_user_account.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/force_password_reset.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/force_signout.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_alert_details.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_email_activity_data.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_endpoint_activity_data.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_endpoint_info.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_file_analysis_result.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_file_analysis_status.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/isolate_endpoint.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/quarantine_email.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_blocklist.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_exception.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_suspicious_list.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/restore_email_message.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/restore_endpoint.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/sandbox_submission_polling.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/submit_file_to_sandbox.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/submit_urls_sandbox.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/terminate_process.json create mode 100644 Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/update_status.json create mode 100644 Packs/TrendMicroVisionOne/ReleaseNotes/4_0_0.json create mode 100644 Packs/TrendMicroVisionOne/ReleaseNotes/4_0_0.md diff --git a/Packs/TrendMicroVisionOne/.secrets-ignore b/Packs/TrendMicroVisionOne/.secrets-ignore index f638b702826a..a8ca37625f47 100755 --- a/Packs/TrendMicroVisionOne/.secrets-ignore +++ b/Packs/TrendMicroVisionOne/.secrets-ignore @@ -10,4 +10,12 @@ https://apimock-dev.trendmicro.com http://someotherurl.com http://adsd.com 10.211.55.36 -ghost@trendmicro.com \ No newline at end of file +ghost@trendmicro.com +https://www.trendmicro.com +https://somelink.com +https://tmv1-mock.trendmicro.com +https://THE_WORKBENCH_URL +https://THE_TI_REPORT_URL +10.64.25.134 +10.64.18.27 +192.169.1.1 \ No newline at end of file diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/README.md b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/README.md index 06d471faaad5..0afd72bbeae1 100644 --- a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/README.md +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/README.md @@ -1,29 +1,24 @@ -# Integration Author: Trend Micro - -Support and maintenance for this integration are provided by the author. Please use the following contact details: - -- **Email**: [integrations@trendmicro.com](mailto:integrations@trendmicro.com) - -*** -Trend Micro Vision One is a purpose-built threat defense platform that provides added value and new benefits beyond XDR solutions, allowing you to see more and respond faster. Providing deep and broad extended detection and response (XDR) capabilities that collect and automatically correlate data across multiple security layers—email, endpoints, servers, cloud workloads, and networks—Trend Micro Vision One prevents the majority of attacks with automated protection. +Trend Micro Vision One is a purpose-built threat defense platform that provides added value and new benefits beyond XDR solutions, allowing you to see more and respond faster. Providing deep and broad extended detection and response (XDR) capabilities that collect and automatically correlate data across multiple security layers—email, endpoints, servers, cloud workloads, and networks—Trend Micro Vision One prevents the majority of attacks with automated protection. V3 version of the app includes everything that the previous app had and adds more capabilities. It leverages V3 of Trend Micro APIs and introduces further ability to manage domain accounts with addition of 4 domain account actions for enabling/disabling user account, forcing sign-out and password resets for compromised accounts. This app is in active development. In this new release 3 actions have been added, one to fetch email activity data with count, one to fetch endpoint activity data with count and one action to restore a quarantined email message. This integration was integrated and tested with version 3 API of Trend Micro Vision One. ## Configure Trend Micro Vision One V3. on Cortex XSOAR 1. Navigate to **Settings** > **Integrations** > **Servers & Services**. -2. Search for Trend Micro Vision One V3. +2. Search for Trend Micro Vision One V3.. 3. Click **Add instance** to create and configure a new integration instance. - | **Parameter** | **Description** | **Required** | - | ----------------------------------------------- | ----------------------------------------------- | ------------ | - | API URL (e.g. ) | The base url for the Trend Micro Vision One API | True | - | API Key | The API token to access data | True | - | Fetch incidents | | False | - | Incidents Fetch Interval | | False | - | Incident type | | False | - | Sync On First Run (days) | | False | - | Max Incidents | | False | - | Use system proxy settings | | False | - | Trust any certificate (not secure) | | False | + | **Parameter** | **Description** | **Required** | + | --------------------------------------------- | ---------------------------------------------------------- | ------------ | + | API URL (e.g. https://api.xdr.trendmicro.com) | The base url for the Trend Micro Vision One API | True | + | API Key | The API token to access data | True | + | Fetch incidents | | False | + | Incidents Fetch Interval | | False | + | Incident type | | False | + | Sync On First Run (days) | | False | + | Max Incidents | | False | + | Use system proxy settings | | False | + | Trust any certificate (not secure) | | False | + | Source Reliability | Reliability of the source providing the intelligence data. | False | + | Severity | Severity of the incident being fetched. | False | 4. Click **Test** to validate the URLs, token, and connection. @@ -35,7 +30,7 @@ After you successfully execute a command, a DBot message appears in the War Room ### trendmicro-visionone-enable-user-account *** -Allows the user to sign in to new application and browser sessions. Supported IAM systems -> Azure AD and Active Directory (on-premises) +Allows the user to sign in to new application and browser sessions. Supported IAM systems -> Azure AD and Active Directory (on-premises). #### Base Command @@ -43,24 +38,21 @@ Allows the user to sign in to new application and browser sessions. Supported IA #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------ | ------------ | -| accountName | The User account that needs to be enabled. | Required | -| description | Description of a response task. | Optional | +| **Argument Name** | **Description** | **Required** | +| ------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| account_identifiers | List of object(s) containing `account_name` and optional `description`. e.g. [{"account_name":"some-account","description":"enable"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ---------------------------------- | -------- | -------------------------------------------------- | -| VisionOne.User_Account.status_code | number | Task status code of request to enable user account | -| VisionOne.User_Account.taskId | string | Task ID of enabling user account | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. +| **Path** | **Type** | **Description** | +| ------------------------------ | -------- | ---------------------------------------------- | +| VisionOne.User_Account.status | number | Status of request to enable user account. | +| VisionOne.User_Account.task_id | string | Task ID generated after enabling user account. | ### trendmicro-visionone-disable-user-account *** -Signs the user out of all active application and browser sessions, and prevents the user from signing in any new session. Supported IAM systems -> Azure AD and Active Directory (on-premises) +Signs the user out of all active application and browser sessions, and prevents the user from signing in any new session. Supported IAM systems -> Azure AD and Active Directory (on-premises). #### Base Command @@ -68,24 +60,21 @@ Signs the user out of all active application and browser sessions, and prevents #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------- | ------------ | -| accountName | The User account that needs to be disabled. | Required | -| description | Description of a response task. | Optional | +| **Argument Name** | **Description** | **Required** | +| ------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| account_identifiers | List of object(s) containing `account_name` and optional `description`. e.g. [{"account_name":"some-account","description":"disable"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ---------------------------------- | -------- | --------------------------------------------------- | -| VisionOne.User_Account.status_code | number | Task status code of request to disable user account | -| VisionOne.User_Account.taskId | string | Task ID of disabling user account | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. +| **Path** | **Type** | **Description** | +| ------------------------------ | -------- | ----------------------------------------------- | +| VisionOne.User_Account.status | number | Status of request to disable user account. | +| VisionOne.User_Account.task_id | string | Task ID generated after disabling user account. | ### trendmicro-visionone-force-signout *** -Signs the user out of all active application and browser sessions. Supported IAM systems -> Azure AD +Signs the user out of all active application and browser sessions. Supported IAM systems -> Azure AD. #### Base Command @@ -93,24 +82,21 @@ Signs the user out of all active application and browser sessions. Supported IAM #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------- | ------------ | -| accountName | The User account to sign out. | Required | -| description | Description of a response task. | Optional | +| **Argument Name** | **Description** | **Required** | +| ------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| account_identifiers | List of object(s) containing `account_name` and optional `description`. e.g. [{"account_name":"some-account","description":"sign-out"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ---------------------------------- | -------- | -------------------------------------------- | -| VisionOne.User_Account.status_code | number | Task status code of request to sign out user | -| VisionOne.User_Account.taskId | string | Task ID of signing out user | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. +| **Path** | **Type** | **Description** | +| -------------------------------- | -------- | ----------------------------------------- | +| VisionOne.Force_Sign_Out.status | number | Status of request to sign out user. | +| VisionOne.Force_Sign_Out.task_id | string | Task ID generated after signing out user. | ### trendmicro-visionone-force-password-reset *** -Signs the user out of all active application and browser sessions, and forces the user to create a new password during the next sign-in attempt. Supported IAM systems -> Azure AD and Active Directory (on-premises) +Signs the user out of all active application and browser sessions, and forces the user to create a new password during the next sign-in attempt. Supported IAM systems -> Azure AD and Active Directory (on-premises). #### Base Command @@ -118,24 +104,21 @@ Signs the user out of all active application and browser sessions, and forces th #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ---------------------------------------------------------- | ------------ | -| accountName | The User account for which the password needs to be reset. | Required | -| description | Description of a response task. | Optional | +| **Argument Name** | **Description** | **Required** | +| ------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| account_identifiers | List of object(s) containing `account_name` and optional `description`. e.g. [{"account_name":"some-account","description":"reset"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ---------------------------------- | -------- | -------------------------------------------------- | -| VisionOne.User_Account.status_code | number | Task status code of request to reset user password | -| VisionOne.User_Account.taskId | string | Task ID of resetting user password | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. +| **Path** | **Type** | **Description** | +| -------------------------------------- | -------- | ------------------------------------------------ | +| VisionOne.Force_Password_Reset.status | number | Status of request to reset user password. | +| VisionOne.Force_Password_Reset.task_id | string | Task ID generated after resetting user password. | ### trendmicro-visionone-add-to-block-list *** -Adds a file SHA-1, IP address, domain, or URL object to the User-Defined Suspicious Objects List, which blocks the objects on subsequent detections +Adds a domain, ip, file_sha1, url, sender_mail_address to the User-Defined Suspicious Objects List, which blocks the objects on subsequent detections. #### Base Command @@ -143,25 +126,21 @@ Adds a file SHA-1, IP address, domain, or URL object to the User-Defined Suspici #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -| value_type | The type of object you would like to add to the block list: "file_sha1", "ip", "domain", "url" or "mailbox". Possible values are: file_sha1, domain, ip, url, mailbox. | Required | -| target_value | The object you would like to add that matches the value-type. | Required | -| description | Optional description for reference. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| block_objects | List of object(s) made up of `object_type` (domain,ip,file_sha1,url,sender_mail_address), `object_value` and optional `description`. e.g. [{"object_type":"domain","object_value":"www.yahoo.com"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| -------------------------- | -------- | --------------------------------------------------------------------------------------------------------------- | -| VisionOne.BlockList.taskId | string | Task ID of action of adding file SHA-1, IP address, domain, or URL to the User-Defined Suspicious Objects List | -| VisionOne.BlockList.status | number | Task status of adding file SHA-1, IP address, domain, or URL object to the User-Defined Suspicious Objects List | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. +| **Path** | **Type** | **Description** | +| --------------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------- | +| VisionOne.BlockList.status | number | Status of adding domain, ip, file_sha1, url, sender_mail_address to the User-Defined Suspicious Objects List. | +| VisionOne.BlockList.task_id | string | Task ID generated after adding domain, ip, file_sha1, url, sender_mail_address to the User-Defined Suspicious Objects List. | ### trendmicro-visionone-remove-from-block-list *** -Removes a file SHA-1, IP address, domain, or URL from the User-Defined Suspicious Objects List +Removes a domain, ip, file_sha1, url, sender_mail_address from the User-Defined Suspicious Objects List. #### Base Command @@ -169,25 +148,21 @@ Removes a file SHA-1, IP address, domain, or URL from the User-Defined Suspiciou #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -| value_type | The type of object you would like to remove from the block list: "file_sha1", "ip", "domain", "url" or "mailbox". Possible values are: file_sha1, domain, ip, url, mailbox. | Required | -| target_value | The object you would like to add that matches the value-type. | Required | -| description | Optional description for reference. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| block_objects | List of object(s) made up of `object_type` (domain,ip,file_sha1,url,sender_mail_address), `object_value` and optional `description`. e.g. [{"object_type":"domain","object_value":"www.yahoo.com"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| -------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | -| VisionOne.BlockList.taskId | string | Task ID of action of removing file SHA-1, IP address, domain, or URL object from the User-Defined Suspicious Objects List | -| VisionOne.BlockList.status | number | Task Status of removing file SHA-1, IP address, domain, or URL object that was added to the User-Defined Suspicious Objects List from block list | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. +| **Path** | **Type** | **Description** | +| --------------------------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | +| VisionOne.BlockList.status | number | Status of removing domain, ip, file_sha1, url, sender_mail_address that was added to the User-Defined Suspicious Objects List from block list. | +| VisionOne.BlockList.task_id | string | Task ID generated after removing domain, ip, file_sha1, url, sender_mail_address from the User-Defined Suspicious Objects List. | ### trendmicro-visionone-quarantine-email-message *** -Moves a message from a mailbox to the quarantine folder +Moves a message from a mailbox to the quarantine folder. #### Base Command @@ -195,26 +170,21 @@ Moves a message from a mailbox to the quarantine folder #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------------------- | ------------ | -| message_id | Email Message ID from Trend Micro Vision One message activity data. | Required | -| uniqueId | Unique alphanumeric string that identifies an email message within one mailbox. | Required | -| mailbox | Email mailbox where the message will be quarantined from. | Optional | -| description | Optional description for reference. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| email_identifiers | List of object(s) containing `message_id` (<mailMsgId>), `mailbox` (mailbox ID) and `description` or `unique_id` (msgUuid) and optional `description` from Trend Micro Vision One message activity data. e.g. [{"message_id":"xasbjAgs72912-asdjnaj","mailbox":"mailbox-name","description":"quarantine"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ---------------------- | -------- | ----------------------------------------------------------------------- | -| VisionOne.Email.taskId | string | The Task Id of moving a message from a mailbox to the quarantine folder | -| VisionOne.Email.status | number | The status of moving a message from a mailbox to the quarantine folder | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. +| **Path** | **Type** | **Description** | +| ----------------------- | -------- | --------------------------------------------------------------------------------- | +| VisionOne.Email.status | number | Status of moving a message from a mailbox to the quarantine folder. | +| VisionOne.Email.task_id | string | Task ID generated after moving a message from a mailbox to the quarantine folder. | ### trendmicro-visionone-delete-email-message *** -Deletes a message from a mailbox +Deletes a message from a mailbox. #### Base Command @@ -222,26 +192,43 @@ Deletes a message from a mailbox #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------------------- | ------------ | -| message_id | Email Message ID from Trend Micro Vision One message activity data. | Required | -| uniqueId | Unique alphanumeric string that identifies an email message within one mailbox. | Required | -| mailbox | Email mailbox where the message will be quarantined from. | Optional | -| description | Optional description for reference. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| email_identifiers | List of object(s) containing `message_id` (<mailMsgId>), `mailbox` (mailbox ID) and `description` or `unique_id` (msgUuid) and optional `description` from Trend Micro Vision One message activity data. e.g. [{"message_id":"xasbjAgs72912-asdjnaj","mailbox":"mailbox-name","description":"disable":"delete"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ---------------------- | -------- | ---------------------------------------------------- | -| VisionOne.Email.taskId | string | The Task id of deleting a message from a mailbox | -| VisionOne.Email.status | number | The task status of deleting a message from a mailbox | +| **Path** | **Type** | **Description** | +| ----------------------- | -------- | ---------------------------------------------------------- | +| VisionOne.Email.status | number | Status of deleting a message from a mailbox. | +| VisionOne.Email.task_id | string | Task ID generated after deleting a message from a mailbox. | -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. +### trendmicro-visionone-restore-email-message + +*** +Restores a quarantined message. Deleted messages cannot be restored. + +#### Base Command + +`trendmicro-visionone-restore-email-message` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| email_identifiers | List of object(s) containing `message_id` (<mailMsgId>), `mailbox` (mailbox ID) and `description` or `unique_id` (msgUuid) and optional `description` from Trend Micro Vision One message activity data. e.g. [{"message_id":"xasbjAgs72912-asdjnaj","mailbox":"mailbox-name"}]. | Required | + +#### Context Output + +| **Path** | **Type** | **Description** | +| ----------------------- | -------- | -------------------------------------------- | +| VisionOne.Email.status | number | Status of restoring a message. | +| VisionOne.Email.task_id | string | Task ID generated after restoring a message. | ### trendmicro-visionone-isolate-endpoint *** -Disconnects an endpoint from the network (but allows communication with the managing Trend Micro product) +Disconnects an endpoint from the network (but allows communication with the managing Trend Micro product). #### Base Command @@ -249,25 +236,21 @@ Disconnects an endpoint from the network (but allows communication with the mana #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ----------------------------------------------------- | ------------ | -| endpoint | "hostname" or "agentGuid" of the endpoint to isolate. | Required | -| description | Description. | Optional | +| **Argument Name** | **Description** | **Required** | +| -------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| endpoint_identifiers | List of object(s) containing `endpoint` (hostname) and `description` or `agent_guid` and `description`. e.g. [{"endpoint":"test-endpoint","description":"isolate endpoint"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ---------------------------------------- | -------- | ------------------------------------ | -| VisionOne.Endpoint_Connection.taskId | string | The task ID of isolate endpoint task | -| VisionOne.Endpoint_Connection.taskStatus | number | The task status of isolate endpoint | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. -Note: The above command should be added with execution timeout in the advanced field of playbook execution. The recommended timeout be ``20 minutes``. +| **Path** | **Type** | **Description** | +| ------------------------------------- | -------- | ------------------------------------------------ | +| VisionOne.Endpoint_Connection.status | number | Status of isolating endpoint\(s\). | +| VisionOne.Endpoint_Connection.task_id | string | Task ID generated after isolating endpoint\(s\). | ### trendmicro-visionone-restore-endpoint-connection *** -Restores network connectivity to an endpoint that applied the "isolate endpoint" action +Restores network connectivity to an endpoint that applied the "isolate endpoint" action. #### Base Command @@ -275,25 +258,21 @@ Restores network connectivity to an endpoint that applied the "isolate endpoint" #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ----------------------------------------------------- | ------------ | -| endpoint | "hostname" or "agentGuid" of the endpoint to restore. | Required | -| description | Description. | Optional | +| **Argument Name** | **Description** | **Required** | +| -------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| endpoint_identifiers | List of object(s) containing `endpoint` (hostname) and `description` or `agent_guid` and `description`. e.g. [{"endpoint":"test-endpoint","description":"restore endpoint"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ---------------------------------------- | -------- | ---------------------------------------------- | -| VisionOne.Endpoint_Connection.taskId | string | The task ID of the restore endpoint connection | -| VisionOne.Endpoint_Connection.taskStatus | number | The task status of restore endpoint connection | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. -Note: The above command should be added with execution timeout in the advanced field of playbook execution. The recommended timeout be ``20 minutes``. +| **Path** | **Type** | **Description** | +| ------------------------------------- | -------- | ------------------------------------------------ | +| VisionOne.Endpoint_Connection.status | number | Status of restoring endpoint\(s\). | +| VisionOne.Endpoint_Connection.task_id | string | Task ID generated after restoring endpoint\(s\). | ### trendmicro-visionone-add-objects-to-exception-list *** -Adds domains, file SHA-1 values, IP addresses, or URLs to the Exception List and prevents these objects from being added to the Suspicious Object List +Adds domain, ip, url, file_sha1, file_sha256, sender_mail_address to the Exception List and prevents these objects from being added to the Suspicious Object List. #### Base Command @@ -301,23 +280,23 @@ Adds domains, file SHA-1 values, IP addresses, or URLs to the Exception List and #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -| type | Object type: "domain", "ip", "fileSha1", "fileSha256", "senderMailAddress" or "url". Possible values are: domain, ip, fileSha1, fileSha256, senderMailAddress, url. | Required | -| value | The object value. Full and partial matches supported. Domain partial match, (with a wildcard as the subdomain, example, .example.com) IP partial match, (IP range example, 192.168.35.1-192.168.35.254, cidr example, 192.168.35.1/24) URL Partial match, (Supports wildcards 'http://.'', 'https://.'' at beginning, or ''' at the end. Multiple wild cards also supported, such as , ) SHA1 Only full match". | Required | -| description | Exception description. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| block_objects | List of object(s) consisting of `object_type` (domain,ip,url,file_sha1,file_sha256,sender_mail_address), `object_value` and `description`. e.g. [{"object_type":"ip","object_value":"5.5.5.5"}, {"object_type":"domain","object_value":"www.yahoo.com"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------ | -------- | --------------------------------------- | -| VisionOne.Exception_List.status_code | number | status code of response | -| VisionOne.Exception_List.total_items | number | count of item present in exception list | +| **Path** | **Type** | **Description** | +| ----------------------------------------------- | -------- | ----------------------------------------------------------- | +| VisionOne.Exception_List.message | string | Success or fail response message. | +| VisionOne.Exception_List.multi_response.status | number | Status of adding item\(s\) to exception list. | +| VisionOne.Exception_List.multi_response.task_id | string | Task ID generated after adding item\(s\) to exception list. | +| VisionOne.Exception_List.total_items | number | Count of total items present in exception list. | ### trendmicro-visionone-delete-objects-from-exception-list *** -Deletes domains, file SHA-1 values, IP addresses, or URLs from the Exception List. +Deletes domain, ip, url, file_sha1, file_sha256, sender_mail_address from the Exception List. #### Base Command @@ -325,22 +304,23 @@ Deletes domains, file SHA-1 values, IP addresses, or URLs from the Exception Lis #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -| type | Object type: "domain", "ip", "fileSha1", "fileSha256", "senderMailAddress" or "url". Possible values are: domain, ip, fileSha1, fileSha256, senderMailAddress, url. | Required | -| value | The object value. | Required | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| block_objects | List of object(s) consisting of `object_type` (domain,ip,url,file_sha1,file_sha256,sender_mail_address), `object_value` and `description`. e.g. [{"object_type":"ip","object_value":"5.5.5.5","description":"exception list"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------ | -------- | --------------------------------------- | -| VisionOne.Exception_List.status_code | number | status code of response | -| VisionOne.Exception_List.total_items | number | count of item present in exception list | +| **Path** | **Type** | **Description** | +| ----------------------------------------------- | -------- | --------------------------------------------------------------- | +| VisionOne.Exception_List.message | string | Success or fail response message. | +| VisionOne.Exception_List.multi_response.status | number | status code of response. | +| VisionOne.Exception_List.multi_response.task_id | string | Task ID generated after removing item\(s\) from exception list. | +| VisionOne.Exception_List.total_items | number | count of item present in exception list. | ### trendmicro-visionone-add-objects-to-suspicious-list *** -Adds domains, file SHA-1/SHA-256 values, IP addresses, senderMailAddress, or URLs to the Suspicious Object List. +Adds domain, ip, url, file_sha1, file_sha256, sender_mail_address to the Suspicious Object List. #### Base Command @@ -348,26 +328,23 @@ Adds domains, file SHA-1/SHA-256 values, IP addresses, senderMailAddress, or URL #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -| type | Object type: "domain", "ip", "fileSha1", "fileSha256", "senderMailAddress" or "url". Possible values are: domain, ip, fileSha1, fileSha256, senderMailAddress, url. | Required | -| value | The object value. | Required | -| description | Description. | Optional | -| scan_action | The action to take if object is found. If you don't use this parameter, the scan action specified in default_settings.riskLevel.type will be used instead. "block" or "log". Possible values are: block, log. | Optional | -| risk_level | The Suspicious Object risk level. If you don't use this parameter, high will be used instead. "high", "medium" or "low". Possible values are: high, medium, low. | Optional | -| expiry_days | The number of days to keep the object in the Suspicious Object List. If you don't use this parameter, the default_settings.expiredDay scan action will be used instead. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| block_objects | List of object(s) consisting of `object_type` (domain,ip,url,file_sha1,file_sha256,sender_mail_address), `object_value`, `scan_action`, `risk_level`, `expiry_days` and `description`. e.g. [{"object_type":"ip","object_value":"5.5.5.5","scan_action":"block","risk_level":"medium","expiry_days":7}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------- | -------- | ------------------------------------------------------ | -| VisionOne.Suspicious_List.status_code | number | Response code of adding item to suspicious object list | -| VisionOne.Suspicious_List.total_items | number | Number of items present in suspicious object list | +| **Path** | **Type** | **Description** | +| ------------------------------------------------ | -------- | ------------------------------------------------------------ | +| VisionOne.Suspicious_List.message | string | Success or fail response message. | +| VisionOne.Suspicious_List.multi_response.status | number | Status of request to add item\(s\) to suspicious list. | +| VisionOne.Suspicious_List.multi_response.task_id | string | Task ID generated after adding item\(s\) to suspicious list. | +| VisionOne.Suspicious_List.total_items | number | Count of total items present in suspicious object list. | ### trendmicro-visionone-delete-objects-from-suspicious-list *** -Deletes domains, file SHA-1 values, IP addresses, or URLs from the Suspicious Object List +Deletes domain, ip, url, file_sha1, file_sha256, sender_mail_address from the Suspicious Object List. #### Base Command @@ -375,22 +352,23 @@ Deletes domains, file SHA-1 values, IP addresses, or URLs from the Suspicious Ob #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -| type | Object type: "domain", "ip", "fileSha1", "fileSha256", "senderMailAddress" or "url". Possible values are: domain, ip, fileSha1, fileSha256, senderMailAddress, url. | Required | -| value | The object value. | Required | +| **Argument Name** | **Description** | **Required** | +| ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| block_objects | List of object(s) consisting of `object_type` (domain,ip,url,file_sha1,file_sha256,sender_mail_address) and `object_value`. e.g. [{"object_type":"ip","object_value":"5.5.5.5"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------- | -------- | ---------------------------------------------------------- | -| VisionOne.Suspicious_List.status_code | number | Response code of removing item from suspicious object list | -| VisionOne.Suspicious_List.total_items | number | Number of items present in suspicious object list | +| **Path** | **Type** | **Description** | +| ------------------------------------------------ | -------- | ----------------------------------------------------------------------- | +| VisionOne.Suspicious_List.message | string | Success or fail response message. | +| VisionOne.Suspicious_List.multi_response.status | number | Status of request to remove item\(s\) from suspicious object list. | +| VisionOne.Suspicious_List.multi_response.task_id | string | Task ID generated after removing item\(s\) from suspicious object list. | +| VisionOne.Suspicious_List.total_items | number | Count of total items present in suspicious object list. | ### trendmicro-visionone-get-endpoint-info *** -Retrieves information about a specific endpoint +Retrieves information about a specific endpoint. #### Base Command @@ -398,30 +376,188 @@ Retrieves information about a specific endpoint #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ----------------------------------------------------------------------- | ------------ | -| endpoint | "hostname", "macAddress", "agentGuid" or "ip" of the endpoint to query. | Required | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| endpoint | comma separated string containing Hostname, IP, macAddress or agentGuid of the endpoint(s) to query. | Required | +| query_op | Operator used to build request header query that allows you to retrieve a subset of the collected endpoint(s). e.g. endpointName eq sample-host `or` macAddress eq 00:11:22:33:44:55. Possible values are: and, or. | Required | + +#### Context Output + +| **Path** | **Type** | **Description** | +| ----------------------------------------------- | -------- | ------------------------------------------------------------------ | +| VisionOne.Endpoint_Info.agent_guid | string | Agent Guid of the endpoint. | +| VisionOne.Endpoint_Info.login_account.value | string | Account currently logged on to the endpoint. | +| VisionOne.Endpoint_Info.endpoint_name.value | string | Hostname of the endpoint queried. | +| VisionOne.Endpoint_Info.mac_address.value | string | MAC address of the endpoint queried. | +| VisionOne.Endpoint_Info.ip.value | string | IP address of the endpoint queried. | +| VisionOne.Endpoint_Info.os_name | string | Operating System name of the endpoint queried. | +| VisionOne.Endpoint_Info.os_version | string | Operating System version of the endpoint queried. | +| VisionOne.Endpoint_Info.os_description | string | Description of the Operating System of the endpoint queried. | +| VisionOne.Endpoint_Info.product_code | string | Product code of the Trend Micro product running on the endpoint. | +| VisionOne.Endpoint_Info.installed_product_codes | string | Product code of the Trend Micro product installed on the endpoint. | + +### trendmicro-visionone-get-endpoint-activity-data + +*** +Displays search results from the Endpoint Activity Data source that match the parameters provided. + +#### Base Command + +`trendmicro-visionone-get-endpoint-activity-data` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| fields | Statement that allows you to retrieve a subset of the collected endpoint activity data. e.g. {"endpointName":"sample-host","macAddress":"00:11:22:33:44:55"}. Complete list of supported fields (https://automation.trendmicro.com/xdr/api-v3#tag/Search/paths/~1v3.0~1search~1endpointActivities/get). | Required | +| query_op | Operator used to build request header query that allows you to retrieve a subset of the collected endpoint activity data. e.g. endpointName:sample-host `or` src:192.169.1.1. Possible values are: and, or. | Optional | +| start | Timestamp in ISO 8601 format that indicates the start of the data retrieval range. If no value is specified, start defaults to 24 hours before the request is made. | Optional | +| end | Timestamp in ISO 8601 format that indicates the end of the data retrieval time range. If no value is specified, end defaults to the time the request is made. | Optional | +| top | Number of records displayed on a page. | Optional | +| select | List of fields to include in the search results. If no fields are specified, the query returns all supported fields. | Optional | #### Context Output -| **Path** | **Type** | **Description** | -| --------------------------------------------- | -------- | ----------------------------------------------------------------- | -| VisionOne.Endpoint_Info.status | string | Status of the request | -| VisionOne.Endpoint_Info.logonAccount | string | Account currently logged on to the endpoint | -| VisionOne.Endpoint_Info.hostname | string | Hostname | -| VisionOne.Endpoint_Info.macAddr | string | MAC address | -| VisionOne.Endpoint_Info.ip | string | IP address | -| VisionOne.Endpoint_Info.osName | string | Operating System name | -| VisionOne.Endpoint_Info.osVersion | string | Operating System version | -| VisionOne.Endpoint_Info.osDescription | string | Description of the Operating System | -| VisionOne.Endpoint_Info.productCode | string | Product code of the Trend Micro product running on the endpoint | -| VisionOne.Endpoint_Info.agentGuid | string | AgentGuid of the endpoint | -| VisionOne.Endpoint_Info.installedProductCodes | string | Product code of the Trend Micro product installed on the endpoint | +| **Path** | **Type** | **Description** | +| ----------------------------------------------------------- | -------- | ------------------------------------------------------------- | +| VisionOne.Endpoint_Activity_Data.dpt | string | Destination port. | +| VisionOne.Endpoint_Activity_Data.dst | string | Destination IP address. | +| VisionOne.Endpoint_Activity_Data.endpoint_guid | string | endpoint GUID for identity. | +| VisionOne.Endpoint_Activity_Data.endpoint_host_name | string | Hostname of the endpoint on which the event was generated. | +| VisionOne.Endpoint_Activity_Data.endpoint_ip | string | Endpoint IP address list. | +| VisionOne.Endpoint_Activity_Data.event_id | string | ID corresponding to data field mapping. | +| VisionOne.Endpoint_Activity_Data.event_sub_id | string | ID corresponding to data field mapping. | +| VisionOne.Endpoint_Activity_Data.object_integrity_level | string | ID corresponding to data field mapping. | +| VisionOne.Endpoint_Activity_Data.object_true_type | string | ID corresponding to data field mapping. | +| VisionOne.Endpoint_Activity_Data.object_sub_true_type | string | ID corresponding to data field mapping. | +| VisionOne.Endpoint_Activity_Data.win_event_id | string | ID corresponding to data field mapping. | +| VisionOne.Endpoint_Activity_Data.event_time | string | Log collect time utc format. | +| VisionOne.Endpoint_Activity_Data.event_time_d_t | string | Log collect time. | +| VisionOne.Endpoint_Activity_Data.host_name | string | Hostname of the endpoint on which the event was generated. | +| VisionOne.Endpoint_Activity_Data.logon_user | string | Logon user name. | +| VisionOne.Endpoint_Activity_Data.object_cmd | string | Command line entry of target process. | +| VisionOne.Endpoint_Activity_Data.object_file_hash_sha1 | string | The SHA1 hash of target process image or target file. | +| VisionOne.Endpoint_Activity_Data.object_file_path | string | File path location of target process image or target file. | +| VisionOne.Endpoint_Activity_Data.object_host_name | string | Server name where Internet event was detected. | +| VisionOne.Endpoint_Activity_Data.object_ip | string | IP address of internet event. | +| VisionOne.Endpoint_Activity_Data.object_ips | string | IP address list of internet event. | +| VisionOne.Endpoint_Activity_Data.object_port | string | The port number used by internet event. | +| VisionOne.Endpoint_Activity_Data.object_registry_data | string | The registry value data. | +| VisionOne.Endpoint_Activity_Data.object_registry_key_handle | string | The registry key. | +| VisionOne.Endpoint_Activity_Data.object_registry_value | string | Registry value name. | +| VisionOne.Endpoint_Activity_Data.object_signer | string | Certificate signer of object process or file. | +| VisionOne.Endpoint_Activity_Data.object_signer_valid | string | Validity of certificate signer. | +| VisionOne.Endpoint_Activity_Data.object_user | string | The owner name of target process / The logon user name. | +| VisionOne.Endpoint_Activity_Data.os | string | System. | +| VisionOne.Endpoint_Activity_Data.parent_cmd | string | The command line that parent process. | +| VisionOne.Endpoint_Activity_Data.parent_file_hash_sha1 | string | The SHA1 hash of parent process. | +| VisionOne.Endpoint_Activity_Data.parent_file_path | string | The file path location of parent process. | +| VisionOne.Endpoint_Activity_Data.process_cmd | string | The command line used to launch this process. | +| VisionOne.Endpoint_Activity_Data.process_file_hash_sha1 | string | The process file sha1. | +| VisionOne.Endpoint_Activity_Data.process_file_path | string | The process file path. | +| VisionOne.Endpoint_Activity_Data.request | string | Request URL \(normally detected by Web Reputation Services\). | +| VisionOne.Endpoint_Activity_Data.search_d_l | string | Search data lake. | +| VisionOne.Endpoint_Activity_Data.spt | string | Source port. | +| VisionOne.Endpoint_Activity_Data.src | string | Source IP address. | +| VisionOne.Endpoint_Activity_Data.src_file_hash_sha1 | string | Source file sha1. | +| VisionOne.Endpoint_Activity_Data.src_file_path | string | Source file path. | +| VisionOne.Endpoint_Activity_Data.tags | string | Detected by Security Analytics Engine filters. | +| VisionOne.Endpoint_Activity_Data.uuid | string | Log unique identity. | + +### trendmicro-visionone-get-endpoint-activity-data-count + +*** +Displays total count of search results from the Endpoint Activity Data source that match the parameters provided. + +#### Base Command + +`trendmicro-visionone-get-endpoint-activity-data-count` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| fields | Statement that allows you to retrieve a subset of the collected endpoint activity data. e.g. {"endpointName":"sample-host","macAddress":"00:11:22:33:44:55"}. Complete list of supported fields (https://automation.trendmicro.com/xdr/api-v3#tag/Search/paths/~1v3.0~1search~1endpointActivities/get). | Required | +| query_op | Operator used to build request header query that allows you to retrieve a subset of the collected endpoint activity data. e.g. endpointName:sample-host `or` src:192.169.1.1.. Possible values are: and, or. | Optional | +| start | Timestamp in ISO 8601 format that indicates the start of the data retrieval range. If no value is specified, start defaults to 24 hours before the request is made. | Optional | +| end | Timestamp in ISO 8601 format that indicates the end of the data retrieval time range. If no value is specified, end defaults to the time the request is made. | Optional | +| select | List of fields to include in the search results. If no fields are specified, the query returns all supported fields. | Optional | + +#### Context Output + +| **Path** | **Type** | **Description** | +| -------------------------------------------------------------- | -------- | ------------------------------------------ | +| VisionOne.Endpoint_Activity_Data_Count.endpoint_activity_count | string | Total count for endpoint activity queried. | + +### trendmicro-visionone-get-email-activity-data + +*** +Displays search results from the Email Activity Data source that match the parameters provided. + +#### Base Command + +`trendmicro-visionone-get-email-activity-data` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| ----------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| fields | Statement that allows you to retrieve a subset of the collected email activity data. e.g. {"mailMsgSubject":"spam","mailSenderIp":"192.169.1.1"}. Complete list of supported fields (https://automation.trendmicro.com/xdr/api-v3#tag/Search/paths/~1v3.0~1search~1emailActivities/get). | Required | +| query_op | Operator used to build request header query that allows you to retrieve a subset of the collected email activity data. e.g. mailMsgSubject:spam `and` mailSenderIp:192.169.1.1..'. Possible values are: and, or. | Optional | +| start | Timestamp in ISO 8601 format that indicates the start of the data retrieval range. If no value is specified, start defaults to 24 hours before the request is made. | Optional | +| end | Timestamp in ISO 8601 format that indicates the end of the data retrieval time range. If no value is specified, end defaults to the time the request is made. | Optional | +| top | Number of records displayed on a page. | Optional | +| select | List of fields to include in the search results. If no fields are specified, the query returns all supported fields. | Optional | + +#### Context Output + +| **Path** | **Type** | **Description** | +| ---------------------------------------------------- | -------- | --------------------------------------------------------- | +| VisionOne.Email_Activity_Data.mail_msg_subject | string | Subject of the email message. | +| VisionOne.Email_Activity_Data.mail_msg_id | string | Internet message ID of the email message. | +| VisionOne.Email_Activity_Data.msg_uuid | string | Unique ID of the email message. | +| VisionOne.Email_Activity_Data.mailbox | string | Mailbox where the email message is. | +| VisionOne.Email_Activity_Data.mail_sender_ip | string | Source IP address of the email message. | +| VisionOne.Email_Activity_Data.mail_from_addresses | string | Sender email address of the email message. | +| VisionOne.Email_Activity_Data.mail_whole_header | string | Information about the header of the email message. | +| VisionOne.Email_Activity_Data.mail_to_addresses | string | A list of recipient email addresses of the email message. | +| VisionOne.Email_Activity_Data.mail_source_domain | string | Source domain of the email message. | +| VisionOne.Email_Activity_Data.search_d_l | string | Search data lake. | +| VisionOne.Email_Activity_Data.scan_type | string | Email activity scan type. | +| VisionOne.Email_Activity_Data.event_time | string | Date and time UTC. | +| VisionOne.Email_Activity_Data.org_id | string | Unique ID used to identify an organization. | +| VisionOne.Email_Activity_Data.mail_urls_visible_link | string | Visible link in email message. | +| VisionOne.Email_Activity_Data.mail_urls_real_link | string | Real link in email message. | + +### trendmicro-visionone-get-email-activity-data-count + +*** +Displays search results from the Email Activity Data source that match the parameters provided. + +#### Base Command + +`trendmicro-visionone-get-email-activity-data-count` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| ----------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| fields | Statement that allows you to retrieve a subset of the collected email activity data. e.g. {"mailMsgSubject":"spam","mailSenderIp":"192.169.1.1"}. Complete list of supported fields (https://automation.trendmicro.com/xdr/api-v3#tag/Search/paths/~1v3.0~1search~1emailActivities/get). | Required | +| query_op | Operator used to build request header query that allows you to retrieve a subset of the collected email activity data. e.g. mailMsgSubject:spam `and` mailSenderIp:192.169.1.1.. Possible values are: and, or. | Optional | +| start | Timestamp in ISO 8601 format that indicates the start of the data retrieval range. If no value is specified, start defaults to 24 hours before the request is made. | Optional | +| end | Timestamp in ISO 8601 format that indicates the end of the data retrieval time range. If no value is specified, end defaults to the time the request is made. | Optional | +| select | List of fields to include in the search results. If no fields are specified, the query returns all supported fields. | Optional | + +#### Context Output + +| **Path** | **Type** | **Description** | +| -------------------------------------------------------- | -------- | ------------------------------ | +| VisionOne.Email_Activity_Data_Count.email_activity_count | string | Total count of email activity. | ### trendmicro-visionone-terminate-process *** -Terminates a process that is running on an endpoint +Terminates a process that is running on an endpoint. #### Base Command @@ -429,27 +565,21 @@ Terminates a process that is running on an endpoint #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------ | ------------ | -| endpoint | "hostname" or "agentGuid" of the endpoint to terminate process on. | Required | -| file_sha1 | SHA1 hash of the process to terminate. | Required | -| description | Description. | Optional | -| filename | Optional file name list for log. | Optional | +| **Argument Name** | **Description** | **Required** | +| ------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| process_identifiers | List of object(s) consisting of `endpoint` (hostname) or `agent_guid`, `file_sha1`, `filename` and `description`. e.g. [{"endpoint":"test-endpoint","file_sha1":"fb5608fa03de204a12fe1e9e5275e4a682107471","filename":"test.txt","description":"terminate process"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| -------------------------------------- | -------- | ----------------------------------- | -| VisionOne.Terminate_Process.taskId | string | Task Id of the current running task | -| VisionOne.Terminate_Process.taskStatus | number | Status of current running task | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. -Note: The above command should be added with execution timeout in the advanced field of playbook execution. The recommended timeout is ``20 minutes``. +| **Path** | **Type** | **Description** | +| ----------------------------------- | -------- | ---------------------------------------------- | +| VisionOne.Terminate_Process.status | number | Status of request to terminate process. | +| VisionOne.Terminate_Process.task_id | string | Task Id generated after terminating a process. | ### trendmicro-visionone-get-file-analysis-status *** -Retrieves the status of a sandbox analysis submission +Retrieves the status of a sandbox analysis submission. #### Base Command @@ -457,29 +587,29 @@ Retrieves the status of a sandbox analysis submission #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------ | -| task_id | task_id from the trendmicro-visionone-submit-file-to-sandbox or trendmicro-visionone-submit-file-entry-to-sandbox command output. | Required | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ---------------------------------------------------------------------------- | ------------ | +| task_id | task_id from the trendmicro-visionone-submit-file-to-sandbox command output. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------------------- | -------- | --------------------------------------------------------- | -| VisionOne.File_Analysis_Status.id | string | Submission ID of the file submitted for sandbox analysis | -| VisionOne.File_Analysis_Status.status | string | Response code for the action call | -| VisionOne.File_Analysis_Status.action | string | Action performed on the submitted file | -| VisionOne.File_Analysis_Status.error | string | Error code and message for the submission | -| VisionOne.File_Analysis_Status.digest | string | The hash values of file analyzed | -| VisionOne.File_Analysis_Status.createdDateTime | string | Create date time for the sandbox analysis | -| VisionOne.File_Analysis_Status.lastActionDateTime | string | Date and time for last action performed on the submission | -| VisionOne.File_Analysis_Status.resourceLocation | string | Location of the submitted file | -| VisionOne.File_Analysis_Status.isCached | string | Is the file cached or not \(True or False\) | -| VisionOne.File_Analysis_Status.arguments | string | Arguments for the file submitted | +| **Path** | **Type** | **Description** | +| ---------------------------------------------------- | -------- | ---------------------------------------------------------- | +| VisionOne.File_Analysis_Status.id | string | Submission ID of the file submitted for sandbox analysis. | +| VisionOne.File_Analysis_Status.status | string | Response code for the action call. | +| VisionOne.File_Analysis_Status.action | string | Action performed on the submitted file. | +| VisionOne.File_Analysis_Status.error | string | Error code and message for the submission. | +| VisionOne.File_Analysis_Status.digest | string | The hash values of file analyzed. | +| VisionOne.File_Analysis_Status.created_date_time | string | Create date time for the sandbox analysis. | +| VisionOne.File_Analysis_Status.last_action_date_time | string | Date and time for last action performed on the submission. | +| VisionOne.File_Analysis_Status.resource_location | string | Location of the submitted file. | +| VisionOne.File_Analysis_Status.is_cached | string | Is the file cached or not \(True or False\). | +| VisionOne.File_Analysis_Status.arguments | string | Arguments for the file submitted. | ### trendmicro-visionone-get-file-analysis-result *** -Retrieves the sandbox submission analysis result +Retrieves the sandbox submission analysis result. #### Base Command @@ -487,31 +617,33 @@ Retrieves the sandbox submission analysis result #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------------------------------------------------- | ------------ | -| report_id | report_id of the sandbox submission retrieved from the trendmicro-visionone-get-file-analysis-status command. | Required | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| report_id | report_id of the sandbox submission retrieved from the trendmicro-visionone-get-file-analysis-status command. | Required | +| poll | If script should wait until the task is finished before returning the result, enabled by default. Possible values are: true, false. | Optional | +| poll_time_sec | Maximum time to wait for the result to be available. | Optional | #### Context Output -| **Path** | **Type** | **Description** | -| --------------------------------------------------------- | -------- | ----------------------------------------------- | -| VisionOne.File_Analysis_Result.status_code | string | status code of file report | -| VisionOne.File_Analysis_Result.type | string | Suspicious object type | -| VisionOne.File_Analysis_Result.digest | string | The hash values of file analyzed | -| VisionOne.File_Analysis_Result.risk_level | string | Risk Level of suspicious object | -| VisionOne.File_Analysis_Result.analysisCompletionDateTime | string | Analyze time of suspicious object | -| VisionOne.File_Analysis_Result.arguments | string | Arguments for the suspicious object | -| VisionOne.File_Analysis_Result.detectionNames | string | Detection name for the suspicious object | -| VisionOne.File_Analysis_Result.threatTypes | string | Threat type of the suspicious object | -| VisionOne.File_Analysis_Result.trueFileType | string | File type for the suspicious object. | -| VisionOne.File_Analysis_Result.DBotScore.Score | number | The DBot score. | -| VisionOne.File_Analysis_Result.DBotScore.Vendor | string | The Vendor name. | -| VisionOne.File_Analysis_Result.DBotScore.Reliability | string | The Reliability of an intelligence-data source. | +| **Path** | **Type** | **Description** | +| ------------------------------------------------------------ | -------- | ----------------------------------------------- | +| VisionOne.File_Analysis_Result.id | string | Report ID for the submission. | +| VisionOne.File_Analysis_Result.type | string | Type of object. | +| VisionOne.File_Analysis_Result.digest | string | The hash values of file analyzed. | +| VisionOne.File_Analysis_Result.risk_level | string | Risk Level of suspicious object. | +| VisionOne.File_Analysis_Result.analysis_completion_date_time | string | Analyze time of suspicious object. | +| VisionOne.File_Analysis_Result.arguments | string | Arguments for the suspicious object. | +| VisionOne.File_Analysis_Result.detection_names | string | Detection name for the suspicious object. | +| VisionOne.File_Analysis_Result.threat_types | string | Threat type of the suspicious object. | +| VisionOne.File_Analysis_Result.true_file_type | string | File type for the suspicious object. | +| VisionOne.File_Analysis_Result.DBotScore.Score | number | The DBot score. | +| VisionOne.File_Analysis_Result.DBotScore.Vendor | string | The Vendor name. | +| VisionOne.File_Analysis_Result.DBotScore.Reliability | string | The reliability of an intelligence-data source. | ### trendmicro-visionone-collect-forensic-file *** -Compresses a file on an endpoint in a password-protected archive and then sends the archive to the XDR service platform +Compresses a file on an endpoint in a password-protected archive and then sends the archive to the XDR service platform. #### Base Command @@ -519,26 +651,21 @@ Compresses a file on an endpoint in a password-protected archive and then sends #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------- | ------------ | -| endpoint | "hostname" or "macaddr" of the endpoint to collect file from. | Required | -| file_path | Path to the file to collect. | Required | -| description | Description of the file. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| collect_files | List of object(s) containing `endpoint` (hostname) or `agent_guid`, `file_path` and `description`. e.g. [{"endpoint":"test-endpoint","file_path":"C:/test_dir/test.txt","filename":"test.txt","description":"collect file"}]. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------------ | -------- | ------------------------------- | -| VisionOne.Collect_Forensic_File.taskId | string | Task ID of the particular file. | -| VisionOne.Collect_Forensic_File.taskStatus | number | Task status of collected file | - -Note: To get the complete task status run polling command `trendmicro-visionone-check-task-status` giving `taskId` as input parameter. -Note: The above command should be added with execution timeout in the advanced field of playbook execution. The recommended timeout be ``20 minutes``. +| **Path** | **Type** | **Description** | +| --------------------------------------- | -------- | -------------------------------------------------------------- | +| VisionOne.Collect_Forensic_File.status | number | Status of request to collect file from endpoint. | +| VisionOne.Collect_Forensic_File.task_id | string | Task ID generated after collecting file for forensic analysis. | ### trendmicro-visionone-download-information-for-collected-forensic-file *** -Retrieves a URL and other information required to download a collected file via the trendmicro-visionone-collect-forensic-file command +Retrieves a URL and other information required to download a collected file via the trendmicro-visionone-collect-forensic-file command. #### Base Command @@ -546,32 +673,33 @@ Retrieves a URL and other information required to download a collected file via #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ---------------------------------------------------------------- | ------------ | -| task_id | taskId output from the collect command used to collect the file. | Required | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| task_id | taskId output from the collect forensic file command. | Required | +| poll | If script should wait until the task is finished before returning the result, enabled by default. Possible values are: true, false. | Optional | +| poll_time_sec | Maximum time to wait for the result to be available. | Optional | #### Context Output -| **Path** | **Type** | **Description** | -| ----------------------------------------------------------------------------- | -------- | --------------------------------------------------------------- | -| VisionOne.Download_Information_For_Collected_Forensic_File.status | string | Status of action performed \(succeeded, running or failed\) | -| VisionOne.Download_Information_For_Collected_Forensic_File.createdDateTime | string | The create date time for the file | -| VisionOne.Download_Information_For_Collected_Forensic_File.taskId | string | The task ID for the response of collect file | -| VisionOne.Download_Information_For_Collected_Forensic_File.lastActionDateTime | string | Time and date of last action on file | -| VisionOne.Download_Information_For_Collected_Forensic_File.description | string | Task description | -| VisionOne.Download_Information_For_Collected_Forensic_File.action | string | Action performed on file | -| VisionOne.Download_Information_For_Collected_Forensic_File.account | string | The account associated with the request | -| VisionOne.Download_Information_For_Collected_Forensic_File.agentGuid | string | AgentGuid of the endpoint used to collect file | -| VisionOne.Download_Information_For_Collected_Forensic_File.endpointName | string | hostname of the endpoint used to collect file | -| VisionOne.Download_Information_For_Collected_Forensic_File.filePath | string | File path for the file that was collected | -| VisionOne.Download_Information_For_Collected_Forensic_File.fileSha1 | string | The fileSha1 for the collected file | -| VisionOne.Download_Information_For_Collected_Forensic_File.fileSha256 | string | The fileSha256 for the collected file | -| VisionOne.Download_Information_For_Collected_Forensic_File.fileSize | number | The file size of the file collected | -| VisionOne.Download_Information_For_Collected_Forensic_File.resourceLocation | string | URL location of the file collected that can be used to download | -| VisionOne.Download_Information_For_Collected_Forensic_File.expiredDateTime | string | The expiration date and time of the file | -| VisionOne.Download_Information_For_Collected_Forensic_File.password | string | The password for the file collected | - -Note: The URL received from the `trendmicro-visionone-download-information-for-collected-forensic-file` will be valid for only ``60 seconds`` +| **Path** | **Type** | **Description** | +| -------------------------------------------------------------------------------- | -------- | ---------------------------------------------------------------- | +| VisionOne.Download_Information_For_Collected_Forensic_File.status | string | Status of action performed \(succeeded, running or failed\). | +| VisionOne.Download_Information_For_Collected_Forensic_File.created_date_time | string | The create date time for the file. | +| VisionOne.Download_Information_For_Collected_Forensic_File.id | string | Task ID used to query for forensic file information. | +| VisionOne.Download_Information_For_Collected_Forensic_File.last_action_date_time | string | Time and date of last action on file. | +| VisionOne.Download_Information_For_Collected_Forensic_File.description | string | Task description. | +| VisionOne.Download_Information_For_Collected_Forensic_File.action | string | Action performed on file. | +| VisionOne.Download_Information_For_Collected_Forensic_File.account | string | The account associated with the request. | +| VisionOne.Download_Information_For_Collected_Forensic_File.agent_guid | string | AgentGuid of the endpoint used to collect file. | +| VisionOne.Download_Information_For_Collected_Forensic_File.endpoint_name | string | hostname of the endpoint used to collect file. | +| VisionOne.Download_Information_For_Collected_Forensic_File.file_path | string | File path for the file that was collected. | +| VisionOne.Download_Information_For_Collected_Forensic_File.file_sha1 | string | The fileSha1 for the collected file. | +| VisionOne.Download_Information_For_Collected_Forensic_File.file_sha256 | string | The fileSha256 for the collected file. | +| VisionOne.Download_Information_For_Collected_Forensic_File.file_size | number | The file size of the file collected. | +| VisionOne.Download_Information_For_Collected_Forensic_File.resource_location | string | URL location of the file collected that can be used to download. | +| VisionOne.Download_Information_For_Collected_Forensic_File.expired_date_time | string | The expiration date and time of the file. | +| VisionOne.Download_Information_For_Collected_Forensic_File.password | string | The password for the file collected. | +| VisionOne.Download_Information_For_Collected_Forensic_File.error | string | Error response generated for the request. | ### trendmicro-visionone-download-investigation-package @@ -584,17 +712,19 @@ Downloads the investigation package based on submission ID. #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------- | ------------ | -| submission_id | The submission ID for the object submitted to sandbox for analysis. | Required | -| filename | Optional name for the package to be downloaded. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| submission_id | The submission ID for the object submitted to sandbox for analysis. | Required | +| poll | If script should wait until the task is finished before returning the result, enabled by default. Possible values are: true, false. | Optional | +| poll_time_sec | Maximum time to wait for the result to be available. | Optional | #### Context Output -| **Path** | **Type** | **Description** | -| ----------------------------------------------------- | -------- | ------------------------------------ | -| VisionOne.Download_Investigation_Package.submissionId | string | The submission for the file | -| VisionOne.Download_Investigation_Package.code | number | Response status code for the command | +| **Path** | **Type** | **Description** | +| ------------------------------------------------------ | -------- | ------------------------------------------------------------------------ | +| VisionOne.Download_Investigation_Package.submission_id | string | The submission for the file. | +| VisionOne.Download_Investigation_Package.result_code | number | Result code of making a request to download investigation package. | +| VisionOne.Download_Investigation_Package.message | number | Message notifying user that investigation package is ready for download. | ### trendmicro-visionone-download-suspicious-object-list @@ -607,20 +737,22 @@ Downloads the suspicious object list associated to the specified object. Note ~ #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------- | ------------ | -| submission_id | The submission ID for the object submitted to sandbox for analysis. | Required | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| submission_id | The submission ID for the object submitted to sandbox for analysis. | Required | +| poll | If script should wait until the task is finished before returning the result, enabled by default. Possible values are: true, false. | Optional | +| poll_time_sec | Maximum time to wait for the result to be available. | Optional | #### Context Output -| **Path** | **Type** | **Description** | -| -------------------------------------------------------------------- | -------- | ------------------------------------------------------ | -| VisionOne.Download_Suspicious_Object_list.code | number | status code for the command | -| VisionOne.Download_Suspicious_Object_list.riskLevel | string | Risk level of the analyzed object | -| VisionOne.Download_Suspicious_Object_list.analysisCompletionDateTime | string | The analysis completion date and time | -| VisionOne.Download_Suspicious_Object_list.expiredDateTime | string | The expiration date and time for the suspicious object | -| VisionOne.Download_Suspicious_Object_list.rootSha1 | string | The rootSha1 value for the object | -| VisionOne.Download_Suspicious_Object_list.ip | string | The endpoint ip associated with the submission | +| **Path** | **Type** | **Description** | +| ----------------------------------------------------------------------- | -------- | ------------------------------------------------------- | +| VisionOne.Download_Suspicious_Object_list.type | string | The type of suspicious object. | +| VisionOne.Download_Suspicious_Object_list.value | string | Value of the suspicious object. | +| VisionOne.Download_Suspicious_Object_list.risk_level | string | Risk level of the analyzed object. | +| VisionOne.Download_Suspicious_Object_list.root_sha1 | string | status code for the command. | +| VisionOne.Download_Suspicious_Object_list.analysis_completion_date_time | string | The analysis completion date and time. | +| VisionOne.Download_Suspicious_Object_list.expired_date_time | string | The expiration date and time for the suspicious object. | ### trendmicro-visionone-download-analysis-report @@ -633,17 +765,19 @@ Downloads the analysis report for an object submitted to sandbox for analysis ba #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | ------------------------------------------------------------------- | ------------ | -| submission_id | The submission ID for the object submitted to sandbox for analysis. | Required | -| filename | Optional name for the package to be downloaded. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| submission_id | The submission ID for the object submitted to sandbox for analysis. | Required | +| poll | If script should wait until the task is finished before returning the result, enabled by default. Possible values are: true, false. | Optional | +| poll_time_sec | Maximum time to wait for the result to be available. | Optional | #### Context Output -| **Path** | **Type** | **Description** | -| ----------------------------------------------- | -------- | ------------------------------------ | -| VisionOne.Download_Analysis_Report.submissionId | string | The submission for the file | -| VisionOne.Download_Analysis_Report.code | number | Response status code for the command | +| **Path** | **Type** | **Description** | +| ------------------------------------------------ | -------- | ------------------------------------------------------------------ | +| VisionOne.Download_Analysis_Report.submission_id | string | The submission ID for the sandbox object. | +| VisionOne.Download_Analysis_Report.result_code | string | Result code of making a request to download analysis report. | +| VisionOne.Download_Analysis_Report.message | string | Message notifying user that analysis report is ready for download. | ### trendmicro-visionone-submit-file-to-sandbox @@ -658,20 +792,21 @@ Submits a file to the sandbox for analysis (Note. For more information about the | **Argument Name** | **Description** | **Required** | | ----------------- | ----------------------------------------------------------------------------------------------------- | ------------ | -| file_path | URL pointing to the location of the file to be submitted. | Required | -| filename | Name of the file to be analyzed. | Optional | +| file_url | URL pointing to the location of the file to be submitted. | Required | +| file_name | Name of the file (including extension) to be analyzed. | Required | | document_password | The Base64 encoded password for decrypting the submitted document. sample. | Optional | | archive_password | The Base64 encoded password for decrypting the submitted archive. | Optional | | arguments | Parameter that allows you to specify Base64-encoded command line arguments to run the submitted file. | Optional | #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------------ | -------- | ------------------------------------------------ | -| VisionOne.Submit_File_to_Sandbox.code | number | status code of the file submitted to sandbox | -| VisionOne.Submit_File_to_Sandbox.task_id | string | Task ID of the submitted file | -| VisionOne.Submit_File_to_Sandbox.digest | string | The hash value of the file | -| VisionOne.Submit_File_to_Sandbox.arguments | string | Command line arguments to run the submitted file | +| **Path** | **Type** | **Description** | +| ------------------------------------------ | -------- | --------------------------------------------------------------- | +| VisionOne.Submit_File_to_Sandbox.message | string | Result code of submitting file to sandbox for analysis. | +| VisionOne.Submit_File_to_Sandbox.code | string | HTTP status code of the request made to submit file to sandbox. | +| VisionOne.Submit_File_to_Sandbox.task_id | string | ID generated for submitting file to sandbox for analysis. | +| VisionOne.Submit_File_to_Sandbox.digest | string | The hash value of the file. | +| VisionOne.Submit_File_to_Sandbox.arguments | string | Command line arguments to run the submitted file. | ### trendmicro-visionone-submit-file-entry-to-sandbox @@ -682,30 +817,92 @@ Submits a file to the sandbox for analysis (Note. For more information about the `trendmicro-visionone-submit-file-entry-to-sandbox` -#### +#### Input + +| **Argument Name** | **Description** | **Required** | +| ----------------- | ----------------------------------------------------------------------------------------------------- | ------------ | +| entry_id | Entry ID of the file to be submitted. | Required | +| document_password | The Base64 encoded password for decrypting the submitted document. sample. | Optional | +| archive_password | The Base64 encoded password for decrypting the submitted archive. | Optional | +| arguments | Parameter that allows you to specify Base64-encoded command line arguments to run the submitted file. | Optional | + +#### Context Output + +| **Path** | **Type** | **Description** | +| ------------------------------------------------ | -------- | --------------------------------------------------------------------- | +| VisionOne.Submit_File_Entry_to_Sandbox.message | string | Result code of submitting file entry to sandbox for analysis. | +| VisionOne.Submit_File_Entry_to_Sandbox.code | string | HTTP status code of the request made to submit file entry to sandbox. | +| VisionOne.Submit_File_Entry_to_Sandbox.task_id | string | ID of the submitted file. | +| VisionOne.Submit_File_Entry_to_Sandbox.digest | string | The hash value of the file. | +| VisionOne.Submit_File_Entry_to_Sandbox.filename | string | The name of the file submitted. | +| VisionOne.Submit_File_Entry_to_Sandbox.file_path | string | The path to the file associated to incident. | +| VisionOne.Submit_File_Entry_to_Sandbox.entry_id | string | The Entry ID for the file. | +| VisionOne.Submit_File_Entry_to_Sandbox.arguments | string | Command line arguments to run the submitted file. | + +### trendmicro-visionone-submit-urls-to-sandbox + +*** +Sends URL(s) to sandbox for analysis. + +#### Base Command + +`trendmicro-visionone-submit-urls-to-sandbox` + +#### Input + +| **Argument Name** | **Description** | **Required** | +| ----------------- | ------------------------------------- | ------------ | +| urls | List of URLs to be sent for analysis. | Required | + +#### Context Output + +| **Path** | **Type** | **Description** | +| ---------------------------------------- | -------- | ---------------------------------------------------------------- | +| VisionOne.Submit_Urls_to_Sandbox.id | string | ID generated for the URL sent to sandbox for analysis. | +| VisionOne.Submit_Urls_to_Sandbox.url | string | URL sent to sandbox for analysis. | +| VisionOne.Submit_Urls_to_Sandbox.digest | string | Digest value generated for the URL sent to sandbox for analysis. | +| VisionOne.Submit_Urls_to_Sandbox.status | string | HTTPS status code of making the request. | +| VisionOne.Submit_Urls_to_Sandbox.task_id | string | Task ID generated for the URL sent to sandbox for analysis. | + +### trendmicro-visionone-get-alert-details + +*** +Fetches details for a specific alert. + +#### Base Command + +`trendmicro-visionone-get-alert-details` + +#### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | -------------------------------------------------------------------------- | ------------ | -| entry_id | Entry ID of the file to be submitted. | Required | -| document_password | The Base64 encoded password for decrypting the submitted document. sample. | Optional | -| archive_password | The Base64 encoded password for decrypting the submitted archive. | Optional | +| **Argument Name** | **Description** | **Required** | +| ----------------- | ------------------------------------ | ------------ | +| workbench_id | Workbench ID for the alert to query. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------------------ | -------- | ------------------------------------------------ | -| VisionOne.Submit_File_Entry_to_Sandbox.message | string | Status message of the file submitted to sandbox. | -| VisionOne.Submit_File_Entry_to_Sandbox.code | string | status code of the file submitted to sandbox | -| VisionOne.Submit_File_Entry_to_Sandbox.task_id | string | Task ID of the submitted file | -| VisionOne.Submit_File_Entry_to_Sandbox.digest | string | The hash value of the file | -| VisionOne.Submit_File_Entry_to_Sandbox.filename | string | The name of the file submitted | -| VisionOne.Submit_File_Entry_to_Sandbox.file_path | string | The path to the file associated to incident | -| VisionOne.Submit_File_Entry_to_Sandbox.entryId | string | The Entry ID for the file | +| **Path** | **Type** | **Description** | +| -------------------------------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------- | +| VisionOne.Alert_Details.etag | string | The ETag of the resource you want to update. | +| VisionOne.Alert_Details.alert.id | string | ID of the workbench alert. | +| VisionOne.Alert_Details.alert.model | string | Name of the detection model that triggered the alert. | +| VisionOne.Alert_Details.alert.score | number | Overall severity assigned to the alert based on the severity of the matched detection model and the impact scope. | +| VisionOne.Alert_Details.alert.severity | string | Workbench alert severity. | +| VisionOne.Alert_Details.alert.indicators | string | The indicators refer to those objects which are found by RCA or sweeping. | +| VisionOne.Alert_Details.alert.description | string | Description of the detection model that triggered the alert. | +| VisionOne.Alert_Details.alert.impact_scope | string | Affected entities information. | +| VisionOne.Alert_Details.alert.matched_rules | string | The rules are triggered. | +| VisionOne.Alert_Details.alert.alert_provider | string | Alert provider. | +| VisionOne.Alert_Details.alert.schema_version | string | The version of the JSON schema, not the version of alert trigger content. | +| VisionOne.Alert_Details.alert.workbench_link | string | Workbench URL. | +| VisionOne.Alert_Details.alert.created_date_time | string | Datetime in ISO 8601 format \(yyyy-MM-ddThh:mm:ssZ in UTC\) that indicates the created date time of the alert. | +| VisionOne.Alert_Details.alert.updated_date_time | string | Datetime in ISO 8601 format \(yyyy-MM-ddThh:mm:ssZ in UTC\) that indicates the last updated date time of the alert. | +| VisionOne.Alert_Details.alert.investigation_status | string | Workbench alert status. | ### trendmicro-visionone-run-sandbox-submission-polling *** -Runs a polling command to retrieve the status of a sandbox analysis submission +Runs a polling command to retrieve the status of a sandbox analysis submission. #### Base Command @@ -720,25 +917,24 @@ Runs a polling command to retrieve the status of a sandbox analysis submission #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------------------------------- | -------- | ----------------------------------------------------------------------- | -| VisionOne.Sandbox_Submission_Polling.message | string | Status of the sandbox analysis | -| VisionOne.Sandbox_Submission_Polling.status_code | string | Response code | -| VisionOne.Sandbox_Submission_Polling.task_id | string | task_id of the task queried | -| VisionOne.Sandbox_Submission_Polling.taskStatus | string | Sandbox analysis status | -| VisionOne.Sandbox_Submission_Polling.digest | string | The hash values of file analyzed | -| VisionOne.Sandbox_Submission_Polling.analysis_completion_time | string | Sample analysis completed time. | -| VisionOne.Sandbox_Submission_Polling.risk_level | string | Risk Level of the analyzed file. | -| VisionOne.Sandbox_Submission_Polling.description | string | Scan result description for NotAnalyzed. | -| VisionOne.Sandbox_Submission_Polling.detection_name_list | unknown | Detection name of this sample, if applicable. | -| VisionOne.Sandbox_Submission_Polling.threat_type_list | unknown | Threat type of this sample. | -| VisionOne.Sandbox_Submission_Polling.file_type | string | File type of this sample. | -| VisionOne.Sandbox_Submission_Polling.report_id | string | ID used to get the report and suspicious object. Empty means no report. | -| VisionOne.Sandbox_Submission_Polling.message | string | Error message for failed call. | -| VisionOne.Sandbox_Submission_Polling.code | string | Error code for failed call. | -| VisionOne.Sandbox_Submission_Polling.DBotScore.Score | number | The DBot score. | -| VisionOne.Sandbox_Submission_Polling.DBotScore.Vendor | string | The Vendor name. | -| VisionOne.Sandbox_Submission_Polling.DBotScore.Reliability | string | The Reliability of an intelligence-data source. | +| **Path** | **Type** | **Description** | +| ------------------------------------------------------------- | -------- | ----------------------------------------------- | +| VisionOne.Sandbox_Submission_Polling.message | string | Status of the sandbox analysis. | +| VisionOne.Sandbox_Submission_Polling.status_code | string | Status code of the request. | +| VisionOne.Sandbox_Submission_Polling.status | string | Status of action to analyze file in sandbox. | +| VisionOne.Sandbox_Submission_Polling.report_id | string | Report ID of the submission queried. | +| VisionOne.Sandbox_Submission_Polling.digest | string | The hash values of file analyzed. | +| VisionOne.Sandbox_Submission_Polling.analysis_completion_time | string | Sample analysis completed time. | +| VisionOne.Sandbox_Submission_Polling.risk_level | string | Risk Level of the analyzed file. | +| VisionOne.Sandbox_Submission_Polling.detection_name_list | string | Detection name of this sample, if applicable. | +| VisionOne.Sandbox_Submission_Polling.threat_type_list | string | Threat type of this sample. | +| VisionOne.Sandbox_Submission_Polling.file_type | string | File type of this sample. | +| VisionOne.Sandbox_Submission_Polling.type | string | Object type. | +| VisionOne.Sandbox_Submission_Polling.message | string | Error message for failed call. | +| VisionOne.Sandbox_Submission_Polling.code | string | Error code for failed call. | +| VisionOne.Sandbox_Submission_Polling.DBotScore.Score | number | The DBot score. | +| VisionOne.Sandbox_Submission_Polling.DBotScore.Vendor | string | The Vendor name. | +| VisionOne.Sandbox_Submission_Polling.DBotScore.Reliability | string | The reliability of an intelligence-data source. | ### trendmicro-visionone-check-task-status @@ -758,15 +954,25 @@ Command gives the status of the running task based on the task id. #### Context Output -| **Path** | **Type** | **Description** | -| -------------------------------- | -------- | ---------------------------- | -| VisionOne.Task_Status.taskId | string | Task ID of the task queried. | -| VisionOne.Task_Status.taskStatus | string | Status of the task. | +| **Path** | **Type** | **Description** | +| ------------------------------------------- | -------- | -------------------------------- | +| VisionOne.Task_Status.id | string | Task ID of the task queried. | +| VisionOne.Task_Status.status | string | Status of the task. | +| VisionOne.Task_Status.created_date_time | string | Timestamp in ISO 8601 format. | +| VisionOne.Task_Status.last_action_date_time | string | Timestamp in ISO 8601 format. | +| VisionOne.Task_Status.action | string | Action performed. | +| VisionOne.Task_Status.description | string | Description of the task. | +| VisionOne.Task_Status.account | string | Account that performed the task. | +| VisionOne.Task_Status.type | string | Value type. | +| VisionOne.Task_Status.value | string | Value that was submitted. | +| VisionOne.Task_Status.tasks | string | Task related information. | +| VisionOne.Task_Status.agent_guid | string | Agent guid of the endpoint. | +| VisionOne.Task_Status.endpoint_name | string | Endpoint name. | ### trendmicro-visionone-add-note *** -Attaches a note to a workbench alert +Attaches a note to a workbench alert. #### Base Command @@ -781,16 +987,16 @@ Attaches a note to a workbench alert #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------- | -------- | --------------------------------------------------- | -| VisionOne.Add_Note.Workbench_Id | string | The ID of the workbench that the note was added to. | -| VisionOne.Add_Note.note_id | string | The ID of the note that was added. | -| VisionOne.Add_Note.code | string | The response code from the command | +| **Path** | **Type** | **Description** | +| -------------------------- | -------- | ------------------------------------------------------ | +| VisionOne.Add_Note.code | string | HTTPS status code of making the request. | +| VisionOne.Add_Note.message | string | Message notifying the user of note added to workbench. | +| VisionOne.Add_Note.note_id | string | ID of the note added to workbench. | ### trendmicro-visionone-update-status *** -Updates the status of a workbench alert +Updates the status of a workbench alert. #### Base Command @@ -798,14 +1004,16 @@ Updates the status of a workbench alert #### Input -| **Argument Name** | **Description** | **Required** | -| ----------------- | -------------------------------------------------------------------------------------------------------------- | ------------ | -| workbench_id | ID of the workbench you would like to update the status for. | Required | -| status | Status to assign to the workbench alert. Possible values are: new, in progress, true positive, false positive. | Required | +| **Argument Name** | **Description** | **Required** | +| ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| workbench_id | ID of the workbench you would like to update the status for. | Required | +| if_match | Target resource will be updated only if it matches ETag of the target one. Etag is one of the outputs from get_alert_details. | Required | +| status | Status to assign to the workbench alert. Possible values are: new, in_progress, true_positive, false_positive, benign_true_positive, closed. | Required | #### Context Output -| **Path** | **Type** | **Description** | -| ------------------------------------ | -------- | ---------------------------------------------------- | -| VisionOne.Update_Status.Workbench_Id | string | The ID of the workbench that had the status updated. | -| VisionOne.Update_Status.code | string | The response code from the command | +| **Path** | **Type** | **Description** | +| ------------------------------------ | -------- | ------------------------------------------------------------------------------------- | +| VisionOne.Update_Status.Workbench_Id | string | The ID of the workbench that had the status updated. | +| VisionOne.Update_Status.code | string | HTTP status code of updating workbench alert status. | +| VisionOne.Update_Status.message | string | Message notifying user that the alert status has been updated to user defined status. | diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3.py b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3.py index 675db99e909e..eac150360230 100644 --- a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3.py +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3.py @@ -1,62 +1,97 @@ import demistomock as demisto # noqa: F401 from CommonServerPython import * # noqa: F401 -"""IMPORTS""" + from CommonServerUserPython import * # noqa: F401 -import base64 +"""IMPORTS""" + import json -import re -import requests import urllib3 from datetime import datetime, timezone, timedelta -from typing import Any, Dict, Union -from requests.models import HTTPError +from typing import Any, TypeVar +import pytmv1 +from pytmv1 import ( + AccountTask, + AccountTaskResp, + BaseTaskResp, + BlockListTaskResp, + CollectFileTaskResp, + EmailMessageIdTask, + EmailMessageTaskResp, + EmailMessageUIdTask, + EndpointTask, + EndpointTaskResp, + ExceptionObject, + FileTask, + InvestigationStatus, + ObjectTask, + ObjectType, + ProcessTask, + ResultCode, + SaeAlert, + SuspiciousObject, + SuspiciousObjectTask, + TerminateProcessTaskResp, + TiAlert, +) """CONSTANTS""" -USER_AGENT = "TMV1CortexXSOARApp/1.1" VENDOR_NAME = "TrendMicroVisionOneV3" +ACCOUNT_IDENTIFIERS = "account_identifiers" +EMAIL_IDENTIFIERS = "email_identifiers" +ENDPOINT_IDENTIFIERS = "endpoint_identifiers" +PROCESS_IDENTIFIERS = "process_identifiers" +COLLECT_FILES = "collect_files" +BLOCK = "block" +ANY = "any" URL = "url" -POST = "post" -GET = "get" -PATCH = "patch" +URLS = "urls" +INTERVAL_IN_SECONDS = "interval_in_seconds" +MEDIUM = "medium" +NAME = "name" +PATH = "path" +IF_MATCH = "if_match" +FALSE = "false" +TRUE = "true" +POLL = "poll" +POLL_TIME_SEC = "poll_time_sec" +POLLING = "polling" ARGUMENTS = "arguments" -ACCOUNT_NAME = "accountName" -AUTHORIZATION = "Authorization" -BEARER = "Bearer " -CONTENT_TYPE_JSON = "application/json" +ACCOUNT_NAME = "account_name" +INTEGRATION_RELIABILITY = "integrationReliability" +INCIDENT_SEVERITY = "incident_severity" EMPTY_STRING = "" -ASCII = "ascii" API_TOKEN = "apikey" -VALUE_TYPE = "value_type" -TARGET_VALUE = "target_value" +AGENT_GUID = "agent_guid" DESCRIPTION = "description" -MESSAGE_ID = "messageId" -MAILBOX = "mailBox" -FIELD = "field" +MESSAGE_ID = "message_id" +MAILBOX = "mailbox" ENDPOINT = "endpoint" +START = "start" +SELECT = "select" +END = "end" +TOP = "top" +QUERY_OP = "query_op" +FIELDS = "fields" ENTRY_ID = "entry_id" -DATA = "data" -TYPE = "type" -VALUE = "value" -FILESHA = "file_sha1" -FILENAME = "filename" -CRITERIA = "criteria" -EXCEPTION_LIST = "exceptionList" -SUSPICIOUS_LIST = "suspiciousObjectList" -LAST_MODIFIED = "lastModified" +FILE_SHA1 = "file_sha1" +SUCCEEDED = "succeeded" SCAN_ACTION = "scan_action" RISK_LEVEL = "risk_level" -EXPIRYDAY = "expiry_days" +EXPIRY_DAYS = "expiry_days" TASKID = "task_id" REPORT_ID = "report_id" -FAILED = "failed" -PROCESSING = "processing" +OBJECT_TYPE = "object_type" +OBJECT_VALUE = "object_value" QUEUED = "queued" +FAILED = "failed" RUNNING = "running" +REJECTED = "rejected" WAITFORAPPROVAL = "waitForApproval" OS_TYPE = "os" FILEPATH = "filepath" FILE_PATH = "file_path" +FILE_URL = "file_url" FILE_NAME = "filename" DOCUMENT_PASSWORD = "document_password" ARCHIVE_PASSWORD = "archive_password" @@ -65,62 +100,28 @@ STATUS = "status" SUBMISSION_ID = "submission_id" UNIQUE_ID = "unique_id" -# End Points -ENABLE_USER_ACCOUNT = "/v3.0/response/domainAccounts/enable" -DISABLE_USER_ACCOUNT = "/v3.0/response/domainAccounts/disable" -FORCE_SIGN_OUT = "/v3.0/response/domainAccounts/signOut" -FORCE_PASSWORD_RESET = "/v3.0/response/domainAccounts/resetPassword" -ADD_BLOCKLIST_ENDPOINT = "/v3.0/response/suspiciousObjects" -REMOVE_BLOCKLIST_ENDPOINT = "/v3.0/response/suspiciousObjects/delete" -QUARANTINE_EMAIL_ENDPOINT = "/v3.0/response/emails/quarantine" -DELETE_EMAIL_ENDPOINT = "/v3.0/response/emails/delete" -ISOLATE_CONNECTION_ENDPOINT = "/v3.0/response/endpoints/isolate" -TERMINATE_PROCESS_ENDPOINT = "/v3.0/response/endpoints/terminateProcess" -RESTORE_CONNECTION_ENDPOINT = "/v3.0/response/endpoints/restore" -ADD_OBJECT_TO_EXCEPTION_LIST = "/v3.0/threatintel/suspiciousObjectExceptions" -DELETE_OBJECT_FROM_EXCEPTION_LIST = ( - "/v3.0/threatintel/suspiciousObjectExceptions/delete" -) -ADD_OBJECT_TO_SUSPICIOUS_LIST = "/v3.0/threatintel/suspiciousObjects" -DELETE_OBJECT_FROM_SUSPICIOUS_LIST = "/v3.0/threatintel/suspiciousObjects/delete" -TASK_DETAIL_ENDPOINT = "/v3.0/response/tasks/{taskId}" -GET_ENDPOINT_INFO_ENDPOINT = "/v3.0/eiqs/endpoints" -GET_FILE_STATUS = "/v3.0/sandbox/tasks/{taskId}" -GET_FILE_RESULT = "/v3.0/sandbox/analysisResults/{reportId}" -ADD_NOTE_ENDPOINT = "/v3.0/workbench/alerts/{alertId}/notes" -UPDATE_STATUS_ENDPOINT = "/v3.0/workbench/alerts/{workbenchId}" -COLLECT_FORENSIC_FILE = "/v3.0/response/endpoints/collectFile" -DOWNLOAD_INFORMATION_COLLECTED_FILE = "/v3.0/response/tasks/{taskId}" -SUBMIT_FILE_TO_SANDBOX = "/v3.0/sandbox/files/analyze" -DOWNLOAD_ANALYSIS_REPORT = "/v3.0/sandbox/analysisResults/{submissionId}/report" -DOWNLOAD_INVESTIGATION_PACKAGE = ( - "/v3.0/sandbox/analysisResults/{submissionId}/investigationPackage" -) -DOWNLOAD_SUSPICIOUS_OBJECT_LIST = ( - "/v3.0/sandbox/analysisResults/{submissionId}/suspiciousObjects" -) -WORKBENCH_HISTORIES = "/v3.0/workbench/alerts" # Error Messages -RESPONSE_ERROR = "Error in API call: [%d] - %s" -RETRY_ERROR = "The max tries exceeded [%d] - %s" COMMAND_CALLED = "Command being called is {command}" -COMMAND_EXECUTION_ERROR = "Failed to execute {error} command. Error" -AUTHORIZATION_ERROR = ( - "Authorization Error: make sure URL/API Key is correctly set. Error - {error}" -) -PARAMETER_ISSUE = "{param} is not a valid parameter. Kindly provide valid parameter" -FILE_NOT_FOUND = "No such file present in {filepath}" -# General Messages: -RAW_RESPONSE = "The raw response data - {raw_response}" -SUCCESS_RESPONSE = "success with url {url} and response status {status}" -EXCEPTION_MESSAGE = "Successfully {task} object to exception list with response {code}, Total items in exception list - {length}" -SUCCESS_TEST = "Successfully connected to the vision one API." -POLLING_MESSAGE = "The task has not completed, will check status again in 30 seconds" -# Workbench Statuses -NEW = "New" -IN_PROGRESS = "In Progress" -RESOLVED_TRUE_POSITIVE = "True Positive" -RESOLVED_FALSE_POSITIVE = "False Positive" +# Action Descriptions +BLOCK_OBJECTS = "block_objects" +ADD_BLOCKLIST = "Add To Blocklist." +DELETE_EMAIL = "Delete Email Message." +ISOLATE_ENDPOINT = "Isolate Endpoint." +RESTORE_ENDPOINT = "Restore Endpoint." +SIGN_OUT_ACCOUNT = "Sign Out Account." +COLLECT_FILE = "Collect Forensic File." +ENABLE_ACCOUNT = "Enable User Account." +RESTORE_EMAIL = "Restore Email Message." +TERMINATE_PROCESS = "Terminate Process." +DISABLE_ACCOUNT = "Disable User Account." +ADD_SUSPICIOUS = "Add to Suspicious list." +REMOVE_BLOCKLIST = "Remove from Blocklist." +FAILED_CONNECTIVITY = "Connectivity failed!" +ADD_EXCEPTION_LIST = "Add To Exception list." +QUARANTINE_EMAIL = "Quarantine Email Message." +FORCE_PASSWORD_RESET = "Force Password Reset." +DELETE_SUSPICIOUS = "Delete from Suspicious list." +DELETE_EXCEPTION_LIST = "Delete from Exception list." # Table Heading TABLE_ENABLE_USER_ACCOUNT = "Enable user account " TABLE_DISABLE_USER_ACCOUNT = "Disable user account " @@ -130,22 +131,29 @@ TABLE_REMOVE_FROM_BLOCKLIST = "Remove from block list " TABLE_QUARANTINE_EMAIL_MESSAGE = "Quarantine email message " TABLE_DELETE_EMAIL_MESSAGE = "Delete email message " -TABLE_ISOLATE_ENDPOINT_MESSAGE = "Isolate endpoint connection " -TABLE_RESTORE_ENDPOINT_MESSAGE = "Restore endpoint connection " +TABLE_RESTORE_EMAIL_MESSAGE = "Restore email message " +TABLE_ISOLATE_ENDPOINT = "Isolate endpoint connection " +TABLE_RESTORE_ENDPOINT = "Restore endpoint connection " TABLE_TERMINATE_PROCESS = "Terminate process " TABLE_ADD_EXCEPTION_LIST = "Add object to exception list " TABLE_DELETE_EXCEPTION_LIST = "Delete object from exception list " TABLE_ADD_SUSPICIOUS_LIST = "Add object to suspicious list " TABLE_DELETE_SUSPICIOUS_LIST = "Delete object from suspicious list " TABLE_ENDPOINT_INFO = "Endpoint info " +TABLE_GET_EMAIL_ACTIVITY_DATA = "Email activity data " +TABLE_GET_EMAIL_ACTIVITY_DATA_COUNT = "Email activity data count " +TABLE_GET_ENDPOINT_ACTIVITY_DATA = "Endpoint activity data " +TABLE_GET_ENDPOINT_ACTIVITY_DATA_COUNT = "Endpoint activity data count " TABLE_GET_FILE_ANALYSIS_STATUS = "File analysis status " TABLE_GET_FILE_ANALYSIS_RESULT = "File analysis result " +TABLE_GET_ALERT_DETAILS = "Alert details " TABLE_COLLECT_FILE = "Collect forensic file " TABLE_COLLECTED_FORENSIC_FILE_DOWNLOAD_INFORMATION = ( - "The download information for collected forensic file " + "Download information for collected forensic file " ) TABLE_SUBMIT_FILE_TO_SANDBOX = "Submit file to sandbox " TABLE_SUBMIT_FILE_ENTRY_TO_SANDBOX = "Submit file entry to sandbox " +TABLE_SUBMIT_URLS_TO_SANDBOX = "Submit urls to sandbox " TABLE_SANDBOX_SUBMISSION_POLLING = "Sandbox submission polling status " TABLE_CHECK_TASK_STATUS = "Check task status " TABLE_DOWNLOAD_ANALYSIS_REPORT = "Download analysis report " @@ -162,6 +170,7 @@ REMOVE_BLOCKLIST_COMMAND = "trendmicro-visionone-remove-from-block-list" QUARANTINE_EMAIL_COMMAND = "trendmicro-visionone-quarantine-email-message" DELETE_EMAIL_COMMAND = "trendmicro-visionone-delete-email-message" +RESTORE_EMAIL_COMMAND = "trendmicro-visionone-restore-email-message" ISOLATE_ENDPOINT_COMMAND = "trendmicro-visionone-isolate-endpoint" RESTORE_ENDPOINT_COMMAND = "trendmicro-visionone-restore-endpoint-connection" TERMINATE_PROCESS_COMMAND = "trendmicro-visionone-terminate-process" @@ -188,432 +197,365 @@ ) FILE_TO_SANDBOX_COMMAND = "trendmicro-visionone-submit-file-to-sandbox" FILE_ENTRY_TO_SANDBOX_COMMAND = "trendmicro-visionone-submit-file-entry-to-sandbox" +URLS_TO_SANDBOX_COMMAND = "trendmicro-visionone-submit-urls-to-sandbox" SANDBOX_SUBMISSION_POLLING_COMMAND = ( "trendmicro-visionone-run-sandbox-submission-polling" ) CHECK_TASK_STATUS_COMMAND = "trendmicro-visionone-check-task-status" GET_ENDPOINT_INFO_COMMAND = "trendmicro-visionone-get-endpoint-info" +GET_EMAIL_ACTIVITY_DATA_COMMAND = "trendmicro-visionone-get-email-activity-data" +GET_EMAIL_ACTIVITY_DATA_COUNT_COMMAND = ( + "trendmicro-visionone-get-email-activity-data-count" +) +GET_ENDPOINT_ACTIVITY_DATA_COMMAND = "trendmicro-visionone-get-endpoint-activity-data" +GET_ENDPOINT_ACTIVITY_DATA_COUNT_COMMAND = ( + "trendmicro-visionone-get-endpoint-activity-data-count" +) +GET_ALERT_DETAILS_COMMAND = "trendmicro-visionone-get-alert-details" UPDATE_STATUS_COMMAND = "trendmicro-visionone-update-status" ADD_NOTE_COMMAND = "trendmicro-visionone-add-note" FETCH_INCIDENTS = "fetch-incidents" +TEST_MODULE = "test-module" table_name = { - ENABLE_USER_ACCOUNT_COMMAND: TABLE_ENABLE_USER_ACCOUNT, - DISABLE_USER_ACCOUNT_COMMAND: TABLE_DISABLE_USER_ACCOUNT, + ADD_NOTE_COMMAND: TABLE_ADD_NOTE, + COLLECT_FILE_COMMAND: TABLE_COLLECT_FILE, + UPDATE_STATUS_COMMAND: TABLE_UPDATE_STATUS, FORCE_SIGN_OUT_COMMAND: TABLE_FORCE_SIGN_OUT, - FORCE_PASSWORD_RESET_COMMAND: TABLE_FORCE_PASSWORD_RESET, ADD_BLOCKLIST_COMMAND: TABLE_ADD_TO_BLOCKLIST, - REMOVE_BLOCKLIST_COMMAND: TABLE_REMOVE_FROM_BLOCKLIST, - QUARANTINE_EMAIL_COMMAND: TABLE_QUARANTINE_EMAIL_MESSAGE, + GET_ENDPOINT_INFO_COMMAND: TABLE_ENDPOINT_INFO, + ISOLATE_ENDPOINT_COMMAND: TABLE_ISOLATE_ENDPOINT, + RESTORE_ENDPOINT_COMMAND: TABLE_RESTORE_ENDPOINT, DELETE_EMAIL_COMMAND: TABLE_DELETE_EMAIL_MESSAGE, - ISOLATE_ENDPOINT_COMMAND: TABLE_ISOLATE_ENDPOINT_MESSAGE, - RESTORE_ENDPOINT_COMMAND: TABLE_RESTORE_ENDPOINT_MESSAGE, + CHECK_TASK_STATUS_COMMAND: TABLE_CHECK_TASK_STATUS, + GET_ALERT_DETAILS_COMMAND: TABLE_GET_ALERT_DETAILS, + RESTORE_EMAIL_COMMAND: TABLE_RESTORE_EMAIL_MESSAGE, TERMINATE_PROCESS_COMMAND: TABLE_TERMINATE_PROCESS, ADD_EXCEPTION_LIST_COMMAND: TABLE_ADD_EXCEPTION_LIST, - DELETE_EXCEPTION_LIST_COMMAND: TABLE_DELETE_EXCEPTION_LIST, + REMOVE_BLOCKLIST_COMMAND: TABLE_REMOVE_FROM_BLOCKLIST, + FILE_TO_SANDBOX_COMMAND: TABLE_SUBMIT_FILE_TO_SANDBOX, + URLS_TO_SANDBOX_COMMAND: TABLE_SUBMIT_URLS_TO_SANDBOX, + ENABLE_USER_ACCOUNT_COMMAND: TABLE_ENABLE_USER_ACCOUNT, ADD_SUSPICIOUS_LIST_COMMAND: TABLE_ADD_SUSPICIOUS_LIST, + DISABLE_USER_ACCOUNT_COMMAND: TABLE_DISABLE_USER_ACCOUNT, + FORCE_PASSWORD_RESET_COMMAND: TABLE_FORCE_PASSWORD_RESET, + QUARANTINE_EMAIL_COMMAND: TABLE_QUARANTINE_EMAIL_MESSAGE, + DELETE_EXCEPTION_LIST_COMMAND: TABLE_DELETE_EXCEPTION_LIST, DELETE_SUSPICIOUS_LIST_COMMAND: TABLE_DELETE_SUSPICIOUS_LIST, + GET_EMAIL_ACTIVITY_DATA_COMMAND: TABLE_GET_EMAIL_ACTIVITY_DATA, GET_FILE_ANALYSIS_STATUS_COMMAND: TABLE_GET_FILE_ANALYSIS_STATUS, GET_FILE_ANALYSIS_RESULT_COMMAND: TABLE_GET_FILE_ANALYSIS_RESULT, - COLLECT_FILE_COMMAND: TABLE_COLLECT_FILE, - DOWNLOAD_COLLECTED_FILE_COMMAND: TABLE_COLLECTED_FORENSIC_FILE_DOWNLOAD_INFORMATION, DOWNLOAD_ANALYSIS_REPORT_COMMAND: TABLE_DOWNLOAD_ANALYSIS_REPORT, - DOWNLOAD_INVESTIGATION_PACKAGE_COMMAND: TABLE_DOWNLOAD_INVESTIGATION_PACKAGE, - DOWNLOAD_SUSPICIOUS_OBJECT_LIST_COMMAND: TABLE_DOWNLOAD_SUSPICIOUS_OBJECT_LIST, - FILE_TO_SANDBOX_COMMAND: TABLE_SUBMIT_FILE_TO_SANDBOX, FILE_ENTRY_TO_SANDBOX_COMMAND: TABLE_SUBMIT_FILE_ENTRY_TO_SANDBOX, SANDBOX_SUBMISSION_POLLING_COMMAND: TABLE_SANDBOX_SUBMISSION_POLLING, - CHECK_TASK_STATUS_COMMAND: TABLE_CHECK_TASK_STATUS, - GET_ENDPOINT_INFO_COMMAND: TABLE_ENDPOINT_INFO, - UPDATE_STATUS_COMMAND: TABLE_UPDATE_STATUS, - ADD_NOTE_COMMAND: TABLE_ADD_NOTE, + GET_ENDPOINT_ACTIVITY_DATA_COMMAND: TABLE_GET_ENDPOINT_ACTIVITY_DATA, + GET_EMAIL_ACTIVITY_DATA_COUNT_COMMAND: TABLE_GET_EMAIL_ACTIVITY_DATA_COUNT, + DOWNLOAD_INVESTIGATION_PACKAGE_COMMAND: TABLE_DOWNLOAD_INVESTIGATION_PACKAGE, + DOWNLOAD_SUSPICIOUS_OBJECT_LIST_COMMAND: TABLE_DOWNLOAD_SUSPICIOUS_OBJECT_LIST, + GET_ENDPOINT_ACTIVITY_DATA_COUNT_COMMAND: TABLE_GET_ENDPOINT_ACTIVITY_DATA_COUNT, + DOWNLOAD_COLLECTED_FILE_COMMAND: TABLE_COLLECTED_FORENSIC_FILE_DOWNLOAD_INFORMATION, } # disable insecure warnings urllib3.disable_warnings() +_T = TypeVar("_T") + + +def unwrap(val: Optional[_T]) -> _T: + if val is None: + raise ValueError("Expected non-null value but received None.") + return val + def check_datetime_aware(d): return (d.tzinfo is not None) and (d.tzinfo.utcoffset(d) is not None) -class Client(BaseClient): - def __init__(self, base_url: str, api_key: str, proxy: bool, verify: bool) -> None: - """ - Inherit the BaseClient class from the demistomock. - :type base_url: ``str`` - :param base_url: Base server address with suffix, for example: https://example.com/api/v2/. - :type api_key: ``str`` - :param api_key: api token to access the api data. - :type proxy: ``bool`` - :param proxy: Whether the request should use the system proxy settings. - :type verify: ``bool`` - :param verify: Whether the request should verify the SSL certificate. - :return: returns None - :rtype: ``None`` - """ - self.base_url = base_url - self.api_key = api_key - self.status = None - - super().__init__(base_url=base_url, proxy=proxy, verify=verify) - - def http_request( - self, - method: str, - url_suffix: str, - json_data=None, - params=None, - headers=None, - data=None, - ) -> Any: - """ - Override http_request method from BaseClient class. This method will print an error based on status code - and exceptions. - :type method: ``str`` - :param method: The HTTP method, for example: GET, POST, and so on. - :type url_suffix: ``str`` - :param url_suffix: The API endpoint. - :type json_data: ``dict`` - :param json_data: The dictionary to send in a 'POST' request. - :type params: ``dict`` - :param params: URL parameters to specify the query. - :type data: ``dict`` - :param data: The data to send in a 'POST' request. - :return: response data - :rtype: ``dict`` or ``str`` or ``requests.Response`` - """ - token = self.api_key - # Headers will be passed in for certain actions - # This header will be ignored in such cases - if not headers: - headers = { - "Authorization": f"Bearer {token}", - "Content-Type": f"{CONTENT_TYPE_JSON};charset=utf-8", - } +def status_check(v1_client: pytmv1.Client, data: dict[str, Any]) -> Any: + """ + Check the status of particular task. + :type data: ``dict`` + :param method: Response data to received from the end point. + :return: task status response data. + :rtype: ``Any`` + """ + task_id = data.get(TASKID, EMPTY_STRING) + poll = argToBoolean(data.get(POLL, TRUE)) + poll_time_sec = arg_to_number(data.get(POLL_TIME_SEC, 0)) + message: dict[str, Any] = {} + + # Make rest call + resp = v1_client.get_base_task_result(task_id, poll, poll_time_sec) # type: ignore + # Check if error response is returned + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Get the task action type that will be used to + # fetch task class which is used in get_task_result + status_resp: pytmv1.BaseTaskResp = unwrap(resp.response) + action: pytmv1.TaskAction = status_resp.action + # Make rest call using task class to get final result + task_resp = v1_client.get_task_result( + class_=_get_task_type(action), + task_id=task_id, + poll=poll, + poll_time_sec=poll_time_sec, # type: ignore + ) + # Assign values on a successful call + resp_obj: pytmv1.BaseTaskResp = unwrap(task_resp.response) + message = resp_obj.dict() + return CommandResults( + readable_output=tableToMarkdown( + table_name[CHECK_TASK_STATUS_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), + outputs_prefix="VisionOne.Task_Status", + outputs_key_field="id", + outputs=message, + ) - try: - response = self._http_request( - method=method, - full_url=f"{self.base_url}{url_suffix}", - retries=3, - json_data=json_data, - params=params, - headers=headers, - resp_type="response", - ok_codes=(200, 201, 202, 204, 207), - data=data, - ) - # Check if response has a status code of 207 and parse response through multi_status_check - # to check for valid or invalid calls based on response status for the multi status response. - if response.status_code == 207: - self.multi_status_check(response.json()) - - except DemistoException as error: - demisto.error(error.message) - return_error(error, error.message) - if response.ok: - demisto.info( - SUCCESS_RESPONSE.format( - url=f"{self.base_url}{url_suffix}", status=response.status_code - ) - ) - self.status = response.status_code - content_type = response.headers.get("Content-Type", "") - if content_type.__contains__(CONTENT_TYPE_JSON): - # Handle empty response - if response.text == EMPTY_STRING: - return response - else: - return response.json() - else: - return response - - def multi_status_check(self, response: List[Any]) -> List[Any]: - """ - Check the response code for 207 multi status response - and return an error if the status is 400, 403, 404, 500. - :type response: ``dict`` - :return: error object with code, status and message - :rtype: ``dict`` - """ - err_obj: Dict[str, Any] = {} - success_codes = [200, 201, 202, 204] - if response[0].get("status") not in success_codes: - err_status = response[0].get("status", int) - err_code = response[0].get("body", {}).get("error", {}).get("code", "") - err_msg = response[0].get("body", {}).get("error", {}).get("message", "") - - err_obj["status"] = err_status - err_obj["code"] = err_code - err_obj["message"] = err_msg - return return_error(err_obj) - return response - - def status_check(self, data: Dict[str, Any]) -> Any: - """ - Check the status of particular task. - :type data: ``dict`` - :param method: Response data to received from the end point. - :return: task status response data. - :rtype: ``Any`` - """ - task_id = data.get(TASKID) - query_params: Dict[str, Any] = {} - response = self.http_request( - GET, TASK_DETAIL_ENDPOINT.format(taskId=task_id), params=query_params - ) - message = { - "taskId": response.get("id"), - "taskStatus": response.get("status"), - "createdDateTime": response.get("createdDateTime"), - "action": response.get("action"), - "endpointName": response.get("endpointName"), - "account": response.get("account"), - } - return CommandResults( - readable_output=tableToMarkdown( - "Status of task ", message, removeNull=True - ), - outputs_prefix=("VisionOne.Task_Status"), - outputs_key_field="taskId", - outputs=message, - ) - def sandbox_submission_polling(self, data: Dict[str, Any]) -> Any: - """ - Check the status of sandbox submission - :type data: ``dict`` - :param method: Response data received from sandbox. - :return: Sandbox submission response data. - :rtype: ``Any`` - """ - task_id = data.get(TASKID) - submission_status_call = self.http_request( - GET, GET_FILE_STATUS.format(taskId=task_id) +def sandbox_submission_polling(v1_client: pytmv1.Client, data: dict[str, Any]) -> Any: + """ + Check the status of sandbox submission + :type data: ``dict`` + :param method: Response data received from sandbox. + :return: Sandbox submission response data. + :rtype: ``Any`` + """ + task_id = data.get(TASKID, EMPTY_STRING) + message: dict[str, Any] = {} + # Make rest call + resp = v1_client.get_sandbox_submission_status(submit_id=task_id) + resp_obj: pytmv1.SandboxSubmissionStatusResp = unwrap(resp.response) + # Check if error response is returned + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Get the task status of rest call + task_status = resp_obj.status + file_entry = Common.File(sha256=None, md5=None, sha1=None, dbot_score=None) + if task_status.lower() == SUCCEEDED: + analysis_resp = v1_client.get_sandbox_analysis_result(submit_id=task_id) + if _is_pytmv1_error(analysis_resp.result_code): + error: pytmv1.Error = unwrap(analysis_resp.error) + return_error(message=f"{error.message}", error=str(error)) + analysis_resp_obj: pytmv1.SandboxAnalysisResultResp = unwrap( + analysis_resp.response ) - task_status = submission_status_call.get("status", "") - error_code = submission_status_call.get("error", {}).get("code", "") - error_message = submission_status_call.get("error", {}).get("message", "") - file_entry = None - if task_status == "succeeded": - response = self.http_request(GET, GET_FILE_RESULT.format(reportId=task_id)) - risk = response.get("riskLevel", "") - risk_score = self.incident_severity_to_dbot_score(risk) - sha256 = response.get("digest", {}).get("sha256") - md5 = response.get("digest", {}).get("md5") - sha1 = response.get("digest", {}).get("sha1") - reliability = demisto.params().get("integrationReliability") - dbot_score = Common.DBotScore( - indicator=sha256, - indicator_type=DBotScoreType.FILE, - integration_name=VENDOR_NAME, - score=risk_score, - reliability=reliability, - ) - file_entry = Common.File( - sha256=sha256, md5=md5, sha1=sha1, dbot_score=dbot_score - ) - message = { - "status_code": self.status, - "taskStatus": task_status, - "message": "success", - "report_id": response.get("id", ""), - "type": response.get("type", ""), - "digest": response.get("digest", {}), - "arguments": response.get("arguments", ""), - "analysis_completion_time": response.get( - "analysisCompletionDateTime", "" - ), - "risk_level": response.get("riskLevel", ""), - "detection_name_list": response.get("detectionNames", []), - "threat_type_list": response.get("threatTypes", []), - "file_type": response.get("trueFileType", ""), - "DBotScore": { - "Score": dbot_score.score, - "Vendor": dbot_score.integration_name, - "Reliability": dbot_score.reliability, - }, - } - else: - message = { - "taskStatus": task_status, - "task_id": task_id, - "code": error_code, - "message": error_message, - } - results = CommandResults( - readable_output=tableToMarkdown( - TABLE_SANDBOX_SUBMISSION_POLLING, message, removeNull=True - ), - outputs_prefix="VisionOne.Sandbox_Submission_Polling", - outputs_key_field="report_id", - outputs=message, - indicator=file_entry, + risk = analysis_resp_obj.risk_level + risk_score = incident_severity_to_dbot_score(risk) + digest: pytmv1.Digest = unwrap(analysis_resp_obj.digest) + sha256 = digest.sha256 + md5 = digest.md5 + sha1 = digest.sha1 + reliability = demisto.params().get(INTEGRATION_RELIABILITY) + dbot_score = Common.DBotScore( + indicator=sha256, + indicator_type=DBotScoreType.FILE, + integration_name=VENDOR_NAME, + score=risk_score, + reliability=reliability, ) - return results - - def lookup_type(self, param: Any) -> str: - # Regex expression for validating IPv4 - regex = ( - "(([0-9]|[1-9][0-9]|1[0-9][0-9]|" - "2[0-4][0-9]|25[0-5])\\.){3}" - "([0-9]|[1-9][0-9]|1[0-9][0-9]|" - "2[0-4][0-9]|25[0-5])" + file_entry = Common.File( + sha256=sha256, md5=md5, sha1=sha1, dbot_score=dbot_score ) + message = { + "status_code": 200, + "status": task_status, + "report_id": analysis_resp_obj.id, + "type": analysis_resp_obj.type, + "digest": digest.dict(), + "arguments": analysis_resp_obj.arguments, + "analysis_completion_time": analysis_resp_obj.analysis_completion_date_time, + "risk_level": risk, + "detection_name_list": analysis_resp_obj.detection_names, + "threat_type_list": analysis_resp_obj.threat_types, + "file_type": analysis_resp_obj.true_file_type, + "DBotScore": { + "Score": dbot_score.score, + "Vendor": dbot_score.integration_name, + "Reliability": dbot_score.reliability, + }, + } + else: + message = { + "status": resp_obj.status, + "report_id": task_id, + "result_code": resp.result_code, + "message": resp_obj.action, + } + return CommandResults( + readable_output=tableToMarkdown( + table_name[SANDBOX_SUBMISSION_POLLING_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), + outputs_prefix="VisionOne.Sandbox_Submission_Polling", + outputs_key_field="report_id", + outputs=message, + indicator=file_entry, + ) - # Regex expression for validating IPv6 - regex1 = "((([0-9a-fA-F]){1,4})\\:){7}" + "([0-9a-fA-F]){1,4}" - # Regex expression for validating MacAddress - regex2 = "([0-9A-Fa-f]{2}[:-]){5}" + "([0-9A-Fa-f]{2})" +def exception_list_count(v1_client: pytmv1.Client) -> int: + """ + Gets the count of object present in exception list + :return: number of exception object. + :rtype: ``int`` + """ + new_exceptions: list[ExceptionObject] = [] - # Regex expression for validating agentGuid - regex3 = ( - "[0-9a-f]{8}-[0-9a-f]{4}-[1-5]" - "[0-9a-f]{3}-[89ab][0-9a-f]{3}-" - "[0-9a-f]{12}" + # + # Make rest call + try: + v1_client.consume_exception_list( + lambda exception: new_exceptions.append(exception) ) + except Exception as err: + raise RuntimeError(f"Error while fetching exception list count.\n {err}") + # Return length of exception list + return len(new_exceptions) - p = re.compile(regex) - p1 = re.compile(regex1) - p2 = re.compile(regex2) - p3 = re.compile(regex3) - - # Checking if it is a valid IPv4 addresses - if re.search(p, param): - return "ip" - - # Checking if it is a valid IPv6 addresses - elif re.search(p1, param): - return "ipv6" - - # Checking if it is a valid IPv6 addresses - elif re.search(p2, param): - return "macAddress" - - # Checking if it is a valid agenGuid - elif re.search(p3, param): - return "agentGuid" - - # Otherwise use hostname type - return "endpointName" - - def get_paginated_results(self, response, headers) -> list: - """ - Get the paginated results after initial API call - :return: additional items list using skipToken. - :rtype: ``list`` - """ - url = response.get("nextLink", "") - results = [] - while url: - req = urllib.request.Request(url=url, headers=headers) - resp = json.loads(urllib.request.urlopen(req).read()) - url = resp.get("nextLink", "") - results += resp["items"] - return results - - def exception_list_count(self) -> int: - """ - Gets the count of object present in exception list - - :return: number of exception object. - :rtype: ``int`` - """ - token = self.api_key - headers = {"Authorization": "Bearer " + token} - query_params = {"top": 200} - response = self.http_request( - GET, ADD_OBJECT_TO_EXCEPTION_LIST, params=query_params, headers=headers - ) - exception_count = self.get_paginated_results(response, headers) - final_results = [] - final_results += response.get("items", []) - final_results += exception_count - return len(final_results) - - def suspicious_list_count(self) -> int: - """ - Gets the count of object present in suspicious list - :return: number of suspicious object. - :rtype: ``int`` - """ - token = self.api_key - headers = {"Authorization": "Bearer " + token} - query_params = {"top": 200} - response = self.http_request( - GET, ADD_OBJECT_TO_SUSPICIOUS_LIST, params=query_params, headers=headers + +def suspicious_list_count(v1_client: pytmv1.Client) -> int: + """ + Gets the count of object present in suspicious list + :return: number of suspicious object. + :rtype: ``int`` + """ + new_suspicious: list[SuspiciousObject] = [] + + # Make rest call + try: + v1_client.consume_suspicious_list( + lambda suspicious: new_suspicious.append(suspicious) ) - suspicious_count = self.get_paginated_results(response, headers) - final_results = [] - final_results += response.get("items", []) - final_results += suspicious_count - return len(final_results) - - def get_workbench_histories( - self, start, end, dateTimeTarget, orderBy, investigationStatus - ) -> list: - if not check_datetime_aware(start): - start = start.astimezone() - if not check_datetime_aware(end): - end = end.astimezone() - start = start.astimezone(timezone.utc) - end = end.astimezone(timezone.utc) - start = start.isoformat(timespec="milliseconds").replace("+00:00", "Z") - end = end.isoformat(timespec="milliseconds").replace("+00:00", "Z") - # Format start and end to remove decimal values so that the request call - # doesn't fail due to incorrect time format for seconds. - formatted_start = str(start[: (start.index("."))]) + str(start[-1]) - formatted_end = str(end[: (start.index("."))]) + str(end[-1]) - query_params: Dict[str, Any] = { - "startDateTime": f"{formatted_start}", - "endDateTime": f"{formatted_end}", - "dateTimeTarget": f"{dateTimeTarget}", - "orderBy": f"{orderBy}", - } - token = self.api_key - headers = { - "Authorization": "Bearer " + token, - "TMV1-Filter": f"investigationStatus eq '{investigationStatus}'", - } + except Exception as err: + raise RuntimeError(f"Error while fetching suspicious list count.\n {err}") + # Return length of suspicious list + return len(new_suspicious) + - response = self.http_request( - GET, WORKBENCH_HISTORIES, params=query_params, headers=headers +def get_workbench_histories(v1_client: pytmv1.Client, start, end) -> list: + """ + Fetches incidents based on incident severity per user selection. + Args: + start (str): Datetime in ISO 8601 format (yyyy-MM-ddThh:mm:ssZ in UTC) that indicates the start of the data retrieval + time range. Oldest available value is "1970-01-01T00:00:00Z" + end (str): Datetime in ISO 8601 format (yyyy-MM-ddThh:mm:ssZ in UTC) that indicates the end of the data retrieval + time range. "endDateTime" can not be earlier than "startDateTime". + Returns: + list: list of incidents fetched + """ + + if not check_datetime_aware(start): + start = start.astimezone() + if not check_datetime_aware(end): + end = end.astimezone() + # Date time format before formatting -> 2020-06-15T10:00:00.000Z + start = start.astimezone(timezone.utc) + end = end.astimezone(timezone.utc) + start = start.isoformat(timespec="milliseconds").replace("+00:00", "Z") + end = end.isoformat(timespec="milliseconds").replace("+00:00", "Z") + # Format start and end to remove decimal values so that the request + # call doesn't fail due to incorrect time format for seconds. + # Date time format after formatting -> 2020-06-15T10:00:00Z + formatted_start = str(start[: (start.index("."))]) + str(start[-1]) + formatted_end = str(end[: (start.index("."))]) + str(end[-1]) + + new_alerts: list[SaeAlert | TiAlert] = [] + + # filter incidents per user preference + def _filter_alerts(alert: SaeAlert | TiAlert) -> None: + # If incidents of all severities need to be fetched + if demisto.params().get(INCIDENT_SEVERITY) == ANY: + new_alerts.append(alert) + # If incidents of selected severity need to be fetched + elif alert.severity.value == demisto.params().get(INCIDENT_SEVERITY): + new_alerts.append(alert) + + # Make rest call + try: + v1_client.consume_alert_list( + _filter_alerts, + start_time=formatted_start, + end_time=formatted_end, ) - additional_alerts = self.get_paginated_results(response, headers) - final_results = [] - final_results += response.get("items", []) - final_results += additional_alerts - return final_results - - def incident_severity_to_dbot_score(self, severity: str): - """ - Converts an priority string to DBot score representation - alert severity. Can be one of: - Unknown -> 0 - No Risk -> 1 - Low or Medium -> 2 - Critical or High -> 3 - Args: - severity: String representation of severity. - Returns: - Dbot representation of severity - """ - if not isinstance(severity, str): - return 0 - - if severity == "noRisk": - return 1 - if severity in ["low", "medium"]: - return 2 - if severity in ["high", "critical"]: - return 3 + except Exception as err: + demisto.debug(f"Error while fetching incidents.\n {err}") + return [] + return new_alerts + + +def incident_severity_to_dbot_score(severity: str) -> int: + """ + Converts an priority string to DBot score representation + alert severity. Can be one of: + - Unknown -> 0 + - No Risk -> 1 + - Low or Medium -> 2 + - Critical or High -> 3 + Args: + severity: String representation of severity. + Returns: + Dbot representation of severity + """ + if not isinstance(severity, str): return 0 + if severity == "noRisk": + return 1 + if severity in ["low", "medium"]: + return 2 + if severity in ["high", "critical"]: + return 3 + return 0 + + +# returns initialized pytmv1 client used to make rest calls +def _get_client(name: str, api_key: str, base_url: str) -> pytmv1.Client: + return pytmv1.client(name, api_key, base_url) + + +# Checks the api response for error +def _is_pytmv1_error(result_code: ResultCode) -> bool: + return result_code == ResultCode.ERROR + + +# Validates object types like ip, url, domain, etc. +def _get_ot_enum(obj_type: str) -> ObjectType: + if obj_type.upper() not in ObjectType.__members__: + raise RuntimeError(f"Please check object type: {obj_type}") + return ObjectType[obj_type.upper()] + + +# Use response action type and return task class associated +def _get_task_type(action: str) -> type[BaseTaskResp]: + task_dict: dict[Any, list[str]] = { + AccountTaskResp: [ + "enableAccount", + "disableAccount", + "forceSignOut", + "resetPassword", + ], + BlockListTaskResp: ["block", "restoreBlock"], + EmailMessageTaskResp: ["quarantineMessage", "restoreMessage", "deleteMessage"], + EndpointTaskResp: ["isolate", "restoreIsolate"], + TerminateProcessTaskResp: ["terminateProcess"], + } + + for task, task_values in task_dict.items(): + if action in task_values: + return task + raise ValueError def run_polling_command( - args: Dict[str, Any], cmd: str, client: Client -) -> Union[str, CommandResults]: + args: dict[str, Any], cmd: str, v1_client: pytmv1.Client +) -> str | CommandResults: """ Performs polling interval to check status of task. :type args: ``args`` @@ -623,30 +565,22 @@ def run_polling_command( :param client: The command that polled for an interval. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to call respective polling commands. """ ScheduledCommand.raise_error_if_not_supported() - interval_in_secs = int(args.get("interval_in_seconds", 30)) - task_id = args.get(TASKID, "") + interval_in_secs = int(args.get(INTERVAL_IN_SECONDS, 30)) + task_id = args.get(TASKID, EMPTY_STRING) if cmd == CHECK_TASK_STATUS_COMMAND: - command_results = client.status_check(args) + command_results = status_check(v1_client, args) else: - command_results = client.sandbox_submission_polling(args) - statuses = [ - "succeeded", - "failed", - "timeout", - "successful", - "queued", - "rejected", - "waitForApproval", - ] - if command_results.outputs.get("taskStatus") not in statuses: + command_results = sandbox_submission_polling(v1_client, args) + statuses = [FAILED, QUEUED, REJECTED, SUCCEEDED, WAITFORAPPROVAL] + if command_results.outputs[STATUS] not in statuses: # schedule next poll polling_args = { task_id: task_id, - "interval_in_seconds": interval_in_secs, - "polling": True, + INTERVAL_IN_SECONDS: interval_in_secs, + POLLING: True, **args, } scheduled_command = ScheduledCommand( @@ -659,7 +593,9 @@ def run_polling_command( return command_results -def get_task_status(args: Dict[str, Any], client: Client) -> Union[str, CommandResults]: +def get_task_status( + args: dict[str, Any], v1_client: pytmv1.Client +) -> str | CommandResults: """ check status of task. @@ -667,37 +603,41 @@ def get_task_status(args: Dict[str, Any], client: Client) -> Union[str, CommandR :param client: argument required for polling. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. """ - return run_polling_command(args, CHECK_TASK_STATUS_COMMAND, client) + return run_polling_command(args, CHECK_TASK_STATUS_COMMAND, v1_client) def get_sandbox_submission_status( - args: Dict[str, Any], client: Client -) -> Union[str, CommandResults]: + args: dict[str, Any], v1_client: pytmv1.Client +) -> str | CommandResults: """ call polling command to check status of sandbox submission. :type args: ``args`` :param client: argument required for polling. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. """ - return run_polling_command(args, SANDBOX_SUBMISSION_POLLING_COMMAND, client) + return run_polling_command(args, SANDBOX_SUBMISSION_POLLING_COMMAND, v1_client) -def test_module(client: Client) -> Any: +def test_module(v1_client: pytmv1.Client) -> str: """ - Performs basic get request to get item samples. + Performs basic get request to check for connectivity to Trend XDR. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. """ - client.http_request("GET", ADD_OBJECT_TO_EXCEPTION_LIST) + + # Make rest call + resp = v1_client.check_connectivity() + if _is_pytmv1_error(resp.result_code): + return FAILED_CONNECTIVITY return "ok" def enable_or_disable_user_account( - client: Client, command: str, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, command: str, args: dict[str, Any] +) -> str | CommandResults: """ Enable allows the user to sign in to new application and browser sessions. Disable signs the user out of all active application and browser sessions, @@ -705,12 +645,11 @@ def enable_or_disable_user_account( Supported IAM systems: Azure AD and Active Directory (on-premises). :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type command: ``str`` - :param command: type of command either - trendmicro-visionone-enable-user-account or - trendmicro-visionone-disable-user-account. + :param command: Either trendmicro-visionone-enable-user-account + or trendmicro-visionone-disable-user-account. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -718,35 +657,73 @@ def enable_or_disable_user_account( :return: sends data to demisto war room. :rtype: ``dict` """ - account_name = args.get(ACCOUNT_NAME) - description = args.get(DESCRIPTION) - body = [{"accountName": f"{account_name}", "description": f"{description}"}] + # Required Params + account_identifiers = safe_load_json(args[ACCOUNT_IDENTIFIERS]) + # if isinstance(account_identifiers, str): + # account_identifiers = json.loads(args[ACCOUNT_IDENTIFIERS]) + account_tasks: list[AccountTask] = [] + message: list[dict[str, Any]] = [] + if command == ENABLE_USER_ACCOUNT_COMMAND: - response = client.http_request(POST, ENABLE_USER_ACCOUNT, data=json.dumps(body)) + # Create account task list + for account in account_identifiers: + account_tasks.append( + AccountTask( + account_name=account[ACCOUNT_NAME], + description=account.get(DESCRIPTION, ENABLE_ACCOUNT), + ) + ) + # Make rest call + resp = v1_client.enable_account(*account_tasks) + enable_resp_obj: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in enable_resp_obj.items] + if command == DISABLE_USER_ACCOUNT_COMMAND: - response = client.http_request( - POST, DISABLE_USER_ACCOUNT, data=json.dumps(body) - ) + # Create account task list + for account in account_identifiers: + account_tasks.append( + AccountTask( + account_name=account[ACCOUNT_NAME], + description=account.get(DESCRIPTION, DISABLE_ACCOUNT), + ) + ) + # Make rest call + resp = v1_client.disable_account(*account_tasks) + disable_resp_obj: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errors: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errors}", error=str(errors)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in disable_resp_obj.items] - resp_headers = response[0].get("headers", {})[0].get("value", "").split("/") - task_id = resp_headers[-1] - message = {"status_code": response[0].get("status", int), "taskId": task_id} - results = CommandResults( - readable_output=tableToMarkdown(table_name[command], message, removeNull=True), + return CommandResults( + readable_output=tableToMarkdown( + table_name[command], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), outputs_prefix="VisionOne.User_Account", - outputs_key_field="taskId", + outputs_key_field="task_id", outputs=message, ) - return results -def force_sign_out(client: Client, args: Dict[str, Any]) -> Union[str, CommandResults]: +def force_sign_out( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Signs the user out of all active application and browser sessions. Supported IAM systems: Azure AD :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -754,34 +731,53 @@ def force_sign_out(client: Client, args: Dict[str, Any]) -> Union[str, CommandRe :return: sends data to demisto war room. :rtype: ``dict` """ - account_name = args.get(ACCOUNT_NAME) - description = args.get(DESCRIPTION) - body = [{"accountName": f"{account_name}", "description": f"{description}"}] - response = client.http_request(POST, FORCE_SIGN_OUT, data=json.dumps(body)) - resp_headers = response[0].get("headers", {})[0].get("value", "").split("/") - task_id = resp_headers[-1] - message = {"status_code": response[0].get("status", int), "taskId": task_id} - results = CommandResults( + # Required Params + account_identifiers = safe_load_json(args[ACCOUNT_IDENTIFIERS]) + # if isinstance(account_identifiers, str): + # account_identifiers = json.loads(args[ACCOUNT_IDENTIFIERS]) + account_tasks: list[AccountTask] = [] + message: list[dict[str, Any]] = [] + + # Create account task list + for account in account_identifiers: + account_tasks.append( + AccountTask( + account_name=account[ACCOUNT_NAME], + description=account.get(DESCRIPTION, SIGN_OUT_ACCOUNT), + ) + ) + # Make rest call + resp = v1_client.sign_out_account(*account_tasks) + resp_obj: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + return_error(message=f"{unwrap(resp.errors)}", error=str(resp.errors)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in resp_obj.items] + + return CommandResults( readable_output=tableToMarkdown( - table_name[FORCE_SIGN_OUT_COMMAND], message, removeNull=True + table_name[FORCE_SIGN_OUT_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Force_Sign_Out", - outputs_key_field="taskId", + outputs_key_field="task_id", outputs=message, ) - return results def force_password_reset( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Signs the user out of all active application and browser sessions, and forces the user to create a new password during the next sign-in attempt. Supported IAM systems: Azure AD and Active Directory (on-premises) :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -789,33 +785,53 @@ def force_password_reset( :return: sends data to demisto war room. :rtype: ``dict` """ - account_name = args.get(ACCOUNT_NAME) - description = args.get(DESCRIPTION) - body = [{"accountName": f"{account_name}", "description": f"{description}"}] - response = client.http_request(POST, FORCE_PASSWORD_RESET, data=json.dumps(body)) - resp_headers = response[0].get("headers", {})[0].get("value", "").split("/") - task_id = resp_headers[-1] - message = {"status_code": response[0].get("status", int), "taskId": task_id} - results = CommandResults( + # Required Params + account_identifiers = safe_load_json(args[ACCOUNT_IDENTIFIERS]) + # if isinstance(account_identifiers, str): + # account_identifiers = json.loads(args[ACCOUNT_IDENTIFIERS]) + account_tasks: list[AccountTask] = [] + message: list[dict[str, Any]] = [] + + # Create account task list + for account in account_identifiers: + account_tasks.append( + AccountTask( + account_name=account[ACCOUNT_NAME], + description=account.get(DESCRIPTION, FORCE_PASSWORD_RESET), + ) + ) + # Make rest call + resp = v1_client.reset_password_account(*account_tasks) + resp_obj: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errors: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errors}", error=str(errors)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in resp_obj.items] + + return CommandResults( readable_output=tableToMarkdown( - table_name[FORCE_PASSWORD_RESET_COMMAND], message, removeNull=True + table_name[FORCE_PASSWORD_RESET_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Force_Password_Reset", - outputs_key_field="taskId", + outputs_key_field="task_id", outputs=message, ) - return results def get_endpoint_info( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Retrieve information about the endpoint queried and sends the result to demisto war room. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -823,83 +839,272 @@ def get_endpoint_info( :return: sends data to demisto war room. :rtype: ``dict` """ + # Required Params + endpoint_list = argToList(args.get(ENDPOINT, EMPTY_STRING)) + query_op = args.get(QUERY_OP, EMPTY_STRING) + new_endpoint_data: list[Any] = [] + message: list[dict[str, Any]] = [] + # Choose QueryOp Enum based on user choice + if query_op.lower() == "or": + query_op = pytmv1.QueryOp.OR + elif query_op.lower() == "and": + query_op = pytmv1.QueryOp.AND + # Make rest call + try: + v1_client.consume_endpoint_data( + lambda endpoint_data: new_endpoint_data.append(endpoint_data), + query_op, + *endpoint_list, + ) + except Exception as e: + raise RuntimeError(f"Something went wrong while fetching endpoint data: {e}") + # Load json objects to list + for endpoint in new_endpoint_data: + message.append(endpoint.dict()) + # Check if endpoint(s) returned + if len(message) == 0: + err_msg = f"No endpoint found. Please check endpoint {endpoint_list}." + return_error(message=err_msg) - value = args.get(ENDPOINT) - field = client.lookup_type(value) + return CommandResults( + readable_output=tableToMarkdown( + table_name[GET_ENDPOINT_INFO_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), + outputs_prefix="VisionOne.Endpoint_Info", + outputs_key_field="endpoint_name", + outputs=message, + ) - token = client.api_key - query_params: Dict[str, Any] = {"top": 50} - headers = { - "Authorization": f"Bearer {token}", - "TMV1-Query": f"{field} eq '{value}'", - } - response = client.http_request( - GET, GET_ENDPOINT_INFO_ENDPOINT, params=query_params, headers=headers +def get_endpoint_activity_data( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: + """ + Displays search results from the Endpoint Activity Data source + in a paginated list and sends the result to demisto war room. + + :type client: ``Client`` + :param client: client object used to initialize pytmv1 client. + + :type args: ``dict`` + :param args: args object to fetch the argument data. + + :return: sends data to demisto war room. + :rtype: ``dict` + """ + # Optional Params + fields = json.loads(args.get(FIELDS, EMPTY_STRING)) + start = args.get(START, EMPTY_STRING) + end = args.get(END, EMPTY_STRING) + top = args.get(TOP, EMPTY_STRING) + select = args.get(SELECT, EMPTY_STRING).split(",") + query_op = args.get(QUERY_OP, EMPTY_STRING) + # Choose QueryOp Enum based on user choice + if query_op.lower() == "or": + query_op = pytmv1.QueryOp.OR + elif query_op.lower() == "and": + query_op = pytmv1.QueryOp.AND + # list to contain endpoint activity data + message: list[Any] = [] + # Get the activity count + count_obj = get_endpoint_activity_data_count(v1_client, args) + activity_count = int(count_obj.outputs.get("endpoint_activity_count", EMPTY_STRING)) # type: ignore + # If activity count is greater than 5k, throw error else return response + if activity_count > 5000: + return_error("Please refine search, this query returns more than 5K results.") + # Make rest call + resp = v1_client.get_endpoint_activity_data( + start_time=start, + end_time=end, + top=top, + select=select, + op=query_op, + **fields, + ) + resp_obj: pytmv1.GetEndpointActivityDataResp = unwrap(resp.response) + # Parse endpoint activity data to message list and send to war room + for activity in resp_obj.items: + message.append(activity.dict()) + + return CommandResults( + readable_output=tableToMarkdown( + table_name[GET_ENDPOINT_ACTIVITY_DATA_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), + outputs_prefix="VisionOne.Endpoint_Activity_Data", + outputs_key_field="endpoint_host_name", + outputs=message, ) - additional_endpoints = client.get_paginated_results(response, headers) - final_results = [] - final_results += response.get("items", []) - final_results += additional_endpoints - if not final_results: - return_error("No endpoint found for the query provided.") - endpoint_data = { - "status": "success", - "logonAccount": final_results[0].get("loginAccount", "").get("value", ""), - "hostname": final_results[0].get("endpointName", "").get("value", ""), - "macAddr": final_results[0].get("macAddress", {}).get("value", ""), - "ip": final_results[0].get("ip", {}).get("value", [])[0], - "osName": final_results[0].get("osName", ""), - "osVersion": final_results[0].get("osVersion", ""), - "osDescription": final_results[0].get("osDescription", ""), - "productCode": final_results[0].get("productCode", ""), - "agentGuid": final_results[0].get("agentGuid", ""), - "installedProductCodes": final_results[0].get("installedProductCodes", [])[0], - } - results = CommandResults( + +def get_endpoint_activity_data_count( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: + """ + Fetches endpoint activity data count. + + :return: sends data count to demisto war room. + :rtype: ``int`` + """ + start = args.get(START, EMPTY_STRING) + end = args.get(END, EMPTY_STRING) + select = args.get(SELECT, EMPTY_STRING).split(",") + query_op = args.get(QUERY_OP, EMPTY_STRING) + fields = json.loads(args.get(FIELDS, EMPTY_STRING)) + # Make rest call + resp = v1_client.get_endpoint_activity_data_count( + start_time=start, + end_time=end, + top=500, + select=select, + op=query_op, + **fields, + ) + resp_obj: pytmv1.GetEndpointActivityDataCountResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Add results to message to be sent to the War Room + activity_count = {"endpoint_activity_count": resp_obj.total_count} + + return CommandResults( readable_output=tableToMarkdown( - table_name[GET_ENDPOINT_INFO_COMMAND], endpoint_data, removeNull=True + table_name[GET_ENDPOINT_ACTIVITY_DATA_COUNT_COMMAND], + activity_count, + headerTransform=string_to_table_header, + removeNull=True, ), - outputs_prefix="VisionOne.Endpoint_Info", - outputs_key_field="hostname", - outputs=endpoint_data, + outputs_prefix="VisionOne.Endpoint_Activity_Count", + outputs_key_field="endpoint_activity_count", + outputs=activity_count, ) - return results -def add_delete_block_list_mapping(data: List[dict]) -> Dict[str, Any]: +def get_email_activity_data( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ - Mapping add to block list response data. + Displays search results from the Email Activity Data source + in a paginated list and sends the result to demisto war room. - :type data: ``dict`` - :param data: Response data to received from the end point. + :type client: ``Client`` + :param client: client object used to initialize pytmv1 client. - :return: mapped response data. - :rtype: ``dict`` + :type args: ``dict`` + :param args: args object to fetch the argument data. + + :return: sends data to demisto war room. + :rtype: ``dict` """ - status = data[0].get("status", "") - resp_headers = data[0].get("headers", []) - task_list = resp_headers[0].get("value").split("/") - task_id = task_list[-1] - resp_msg = "success" - return {"status": status, "taskId": task_id, "message": resp_msg} + # Optional Params + fields = json.loads(args.get(FIELDS, EMPTY_STRING)) + start = args.get(START, EMPTY_STRING) + end = args.get(END, EMPTY_STRING) + top = args.get(TOP, EMPTY_STRING) + select = args.get(SELECT, EMPTY_STRING).split(",") + query_op = args.get(QUERY_OP, EMPTY_STRING) + # Choose QueryOp Enum based on user choice + if query_op.lower() == "or": + query_op = pytmv1.QueryOp.OR + elif query_op.lower() == "and": + query_op = pytmv1.QueryOp.AND + # list to populate email activity data + message: list[Any] = [] + # Get the activity count + count_obj = get_email_activity_data_count(v1_client, args) + activity_count = int(count_obj.outputs.get("email_activity_count", EMPTY_STRING)) # type: ignore + # If activity count is greater than 5k, throw error else return response + if activity_count > 5000: + return_error("Please refine search, this query returns more than 5K results.") + # Make rest call + resp = v1_client.get_email_activity_data( + start_time=start, + end_time=end, + top=top, + select=select, + op=query_op, + **fields, + ) + resp_obj: pytmv1.GetEmailActivityDataResp = unwrap(resp.response) + for activity in resp_obj.items: + message.append(activity.dict()) + + return CommandResults( + readable_output=tableToMarkdown( + table_name[GET_EMAIL_ACTIVITY_DATA_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), + outputs_prefix="VisionOne.Email_Activity_Data", + outputs_key_field="mail_to_addresses", + outputs=message, + ) + + +def get_email_activity_data_count( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: + """ + Fetches email activity data count. + + :return: sends activity data count to demisto war room. + :rtype: ``int` + """ + fields = json.loads(args.get(FIELDS, EMPTY_STRING)) + start = args.get(START, EMPTY_STRING) + end = args.get(END, EMPTY_STRING) + select = args.get(SELECT, EMPTY_STRING).split(",") + query_op = args.get(QUERY_OP, EMPTY_STRING) + # Make rest call + resp = v1_client.get_email_activity_data_count( + start_time=start, + end_time=end, + top=500, + select=select, + op=query_op, + **fields, + ) + resp_obj: pytmv1.GetEmailActivityDataCountResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Return the total count + activity_count = {"email_activity_count": resp_obj.total_count} + + return CommandResults( + readable_output=tableToMarkdown( + table_name[GET_EMAIL_ACTIVITY_DATA_COUNT_COMMAND], + activity_count, + headerTransform=string_to_table_header, + removeNull=True, + ), + outputs_prefix="VisionOne.Email_Activity_Count", + outputs_key_field="email_activity_count", + outputs=activity_count, + ) def add_or_remove_from_block_list( - client: Client, command: str, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, command: str, args: dict[str, Any] +) -> str | CommandResults: """ Retrieve data from the add or remove from block list and sends the result to demist war room. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type command: ``str`` - :param command: type of command either - trendmicro-visionone-add-to-block-list or - trendmicro-visionone-remove-from-block-list. + :param command: Either trendmicro-visionone-add-to-block-list + or trendmicro-visionone-remove-from-block-list. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -907,125 +1112,115 @@ def add_or_remove_from_block_list( :return: sends data to demisto war room. :rtype: ``dict` """ - value_type = args.get(VALUE_TYPE) - target_value = args.get(TARGET_VALUE) - query_params: Dict[str, Any] = {} - description = args.get(DESCRIPTION) - if not description: - description = EMPTY_STRING - body = [ - { - "description": f"{value_type} that needs to be blocked/unblocked", - f"{value_type}": f"{target_value}", - } - ] + # Required Params + block_objects = safe_load_json(args[BLOCK_OBJECTS]) + # if isinstance(block_objects, str): + # block_objects = json.loads(args[BLOCK_OBJECTS]) + block_tasks: list[ObjectTask] = [] + message: list[dict[str, Any]] = [] + if command == ADD_BLOCKLIST_COMMAND: - response = client.http_request( - POST, ADD_BLOCKLIST_ENDPOINT, params=query_params, data=json.dumps(body) - ) + # Create block task list + for obj in block_objects: + block_tasks.append( + ObjectTask( + object_type=_get_ot_enum(obj[OBJECT_TYPE]), + object_value=obj[OBJECT_VALUE], + description=obj.get(DESCRIPTION, ADD_BLOCKLIST), + ) + ) + # Make rest call + resp = v1_client.add_to_block_list(*block_tasks) + add_block_resp_obj: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in add_block_resp_obj.items] + if command == REMOVE_BLOCKLIST_COMMAND: - response = client.http_request( - POST, REMOVE_BLOCKLIST_ENDPOINT, params=query_params, data=json.dumps(body) - ) + # Create unblock task list + for obj in block_objects: + block_tasks.append( + ObjectTask( + object_type=_get_ot_enum(obj[OBJECT_TYPE]), + object_value=obj[OBJECT_VALUE], + description=obj.get(DESCRIPTION, REMOVE_BLOCKLIST), + ) + ) + # Make rest call + resp = v1_client.remove_from_block_list(*block_tasks) + remove_block_resp_obj: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errors: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errors}", error=str(errors)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in remove_block_resp_obj.items] - mapping_data = add_delete_block_list_mapping(response) - results = CommandResults( + return CommandResults( readable_output=tableToMarkdown( - table_name[command], mapping_data, removeNull=True + table_name[command], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.BlockList", - outputs_key_field="taskId", - outputs=mapping_data, + outputs_key_field="task_id", + outputs=message, ) - return results -def fetch_incidents(client: Client): +def fetch_incidents(v1_client: pytmv1.Client): """ This function executes to get all workbench alerts by using - startDateTime, endDateTime, dateTimeTarget, orderBy and - TMV1-Filter + startDateTime, endDateTime and sends the result to war room. """ end = datetime.now(timezone.utc) - dateTimeTarget = "createdDateTime" - orderBy = "createdDateTime desc" - investigationStatus = "New" - days = int(demisto.params().get("first_fetch")) + days = int(demisto.params().get("first_fetch", "")) last_run = demisto.getLastRun() if last_run and "start_time" in last_run: - start = datetime.fromisoformat(last_run.get("start_time")) + start = datetime.fromisoformat(last_run.get("start_time", "")) else: start = end + timedelta(days=-days) - - alerts: List[Any] = [] - alerts.extend( - client.get_workbench_histories( - start, end, dateTimeTarget, orderBy, investigationStatus - ) - ) - - incidents = [] + # Fetch alerts + alerts: list[Any] = get_workbench_histories(v1_client, start, end) + # list to store incidents that will be sent to the UI + incidents: list[dict[str, Any]] = [] if alerts: + # Alerts are fetched per created_date_time in descending order + # Set the last_event to the created_date_time for the first alert + # in alert list to get the latest created_date_time for record in alerts: incident = { - "name": record.get("model"), - "occurred": record.get("createdDateTime"), - "severity": client.incident_severity_to_dbot_score( - record.get("severity") - ), - "rawJSON": json.dumps(record), + "name": record.model, + "dbotMirrorId": record.id, + "details": record.description if isinstance(record, SaeAlert) else None, + "occurred": record.created_date_time, + "severity": incident_severity_to_dbot_score(record.severity), + "rawJSON": record.json(), } incidents.append(incident) - last_event = datetime.strptime( - record["createdDateTime"], "%Y-%m-%dT%H:%M:%SZ" - ) - - next_search = last_event + timedelta(0, 1) - - demisto.setLastRun({"start_time": next_search.isoformat()}) - - if incidents: - demisto.incidents(incidents) - else: - demisto.incidents([]) - + demisto.setLastRun({"start_time": end.isoformat()}) + demisto.incidents(incidents) return incidents -def quarantine_delete_email_mapping(data: List[Any]) -> Dict[str, Any]: - """ - Mapping quarantine email message response data. - - :type data: ``dict`` - :param method: Response data to received from the end point. - - :return: mapped response data. - :rtype: ``dict`` - """ - status = data[0].get("status", {}) - resp_headers = data[0].get("headers", [])[0] - task_id = None - if resp_headers: - task_list = resp_headers.get("value").split("/") - task_id = task_list[-1] - return {"status": status, "taskId": task_id} - - def quarantine_or_delete_email_message( - client: Client, command: str, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, command: str, args: dict[str, Any] +) -> str | CommandResults: """ Retrieve data from the quarantine or delete email message and sends the result to demist war room. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type command: ``str`` - :param command: type of command either - trendmicro-visionone-quarantine-email-message or - trendmicro-visionone-delete-email-message + :param command: Either trendmicro-visionone-quarantine-email-message + or trendmicro-visionone-delete-email-message. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -1033,89 +1228,163 @@ def quarantine_or_delete_email_message( :return: sends data to demisto war room. :rtype: ``dict` """ - messageId = args.get(MESSAGE_ID) - mailBox = args.get(MAILBOX) - description = args.get(DESCRIPTION) - uniqueId = args.get(UNIQUE_ID) - query_params: Dict[str, Any] = {} - if not description: - description = EMPTY_STRING - if not mailBox: - mailBox = EMPTY_STRING - if command == QUARANTINE_EMAIL_COMMAND: - if uniqueId: - body = [{"description": f"{description}", "uniqueId": f"{uniqueId}"}] - else: - body = [ - { - "description": f"{description}", - "messageId": f"{messageId}", - "mailBox": f"{mailBox}", - } - ] - - response = client.http_request( - POST, QUARANTINE_EMAIL_ENDPOINT, params=query_params, data=json.dumps(body) - ) + # Required Params + email_identifiers = safe_load_json(args[EMAIL_IDENTIFIERS]) + # if isinstance(email_identifiers, str): + # email_identifiers = json.loads(args[EMAIL_IDENTIFIERS]) + message: list[dict[str, Any]] = [] + email_tasks: list[EmailMessageIdTask | EmailMessageUIdTask] = [] - elif command == DELETE_EMAIL_COMMAND: - if uniqueId: - body = [{"description": f"{description}", "uniqueId": f"{uniqueId}"}] - else: - body = [ - { - "description": f"{description}", - "messageId": f"{messageId}", - "mailBox": f"{mailBox}", - } - ] - - response = client.http_request( - POST, DELETE_EMAIL_ENDPOINT, params=query_params, data=json.dumps(body) - ) + if command == QUARANTINE_EMAIL_COMMAND: + # Create email task list + for email in email_identifiers: + if email.get(MESSAGE_ID, EMPTY_STRING): + email_tasks.append( + EmailMessageIdTask( + message_id=email[MESSAGE_ID], + description=email.get(DESCRIPTION, QUARANTINE_EMAIL), + mail_box=email.get(MAILBOX, EMPTY_STRING), + ) + ) + elif email.get(UNIQUE_ID, EMPTY_STRING): + email_tasks.append( + EmailMessageUIdTask( + unique_id=email[UNIQUE_ID], + description=email.get(DESCRIPTION, QUARANTINE_EMAIL), + ) + ) + # Make rest call + resp = v1_client.quarantine_email_message(*email_tasks) + quarantine_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + + # Add results to message to be sent to the War Room + message = [item.dict() for item in quarantine_resp.items] + + if command == DELETE_EMAIL_COMMAND: + # Create email task list + for email in email_identifiers: + if email.get(MESSAGE_ID, EMPTY_STRING): + email_tasks.append( + EmailMessageIdTask( + message_id=email[MESSAGE_ID], + description=email.get(DESCRIPTION, DELETE_EMAIL), + mail_box=email.get(MAILBOX, EMPTY_STRING), + ) + ) + elif email.get(UNIQUE_ID, EMPTY_STRING): + email_tasks.append( + EmailMessageUIdTask( + unique_id=email[UNIQUE_ID], + description=email.get(DESCRIPTION, DELETE_EMAIL), + ) + ) + # Make rest call + resp = v1_client.delete_email_message(*email_tasks) + delete_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errors: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errors}", error=str(errors)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in delete_resp.items] - mapping_data = quarantine_delete_email_mapping(response) - results = CommandResults( + return CommandResults( readable_output=tableToMarkdown( - table_name[command], mapping_data, removeNull=True + table_name[command], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Email", - outputs_key_field="taskId", - outputs=mapping_data, + outputs_key_field="task_id", + outputs=message, ) - return results -def isolate_restore_endpoint_mapping(data: List[dict]) -> Dict[str, Any]: +def restore_email_message( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ - Mapping isolate endpoint and restore endpoint response data. + Restores a quarantined email message and + sends the result to demist war room. - :type data: ``dict`` - :param method: Response data to received from the end point. + :type client: ``Client`` + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. - :return: mapped response data. - :rtype: ``dict`` + :type command: ``str`` + :param command: Either trendmicro-visionone-quarantine-email-message + or trendmicro-visionone-delete-email-message + + :type args: ``dict`` + :param args: args object to fetch the argument data. + + :return: sends data to demisto war room. + :rtype: ``dict` """ - value = data[0].get("headers", [])[0].get("value", "") - task_id = value.split("/")[-1] - task_status = data[0].get("status", "") - return {"taskId": task_id, "taskStatus": task_status} + # Required Params + email_identifiers = safe_load_json(args[EMAIL_IDENTIFIERS]) + # if isinstance(email_identifiers, str): + # email_identifiers = json.loads(args[EMAIL_IDENTIFIERS]) + message: list[dict[str, Any]] = [] + email_tasks: list[EmailMessageIdTask | EmailMessageUIdTask] = [] + + # Create email task list + for email in email_identifiers: + if email.get(MESSAGE_ID, EMPTY_STRING): + email_tasks.append( + EmailMessageIdTask( + message_id=email[MESSAGE_ID], + description=email.get(DESCRIPTION, RESTORE_EMAIL), + mail_box=email.get(MAILBOX, EMPTY_STRING), + ) + ) + elif email.get(UNIQUE_ID, EMPTY_STRING): + email_tasks.append( + EmailMessageUIdTask( + unique_id=email[UNIQUE_ID], + description=email.get(DESCRIPTION, RESTORE_EMAIL), + ) + ) + # Make rest call + resp = v1_client.restore_email_message(*email_tasks) + restore_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in restore_resp.items] + + return CommandResults( + readable_output=tableToMarkdown( + table_name[RESTORE_EMAIL_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), + outputs_prefix="VisionOne.Email", + outputs_key_field="task_id", + outputs=message, + ) def isolate_or_restore_connection( - client: Client, command: str, args: Dict[str, str] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, command: str, args: dict[str, Any] +) -> str | CommandResults: """ Retrieve data from the isolate or restore endpoint connection and sends the result to demist war room. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type command: ``str`` - :param command: type of command either - trendmicro-visionone-isolate-endpoint or - trendmicro-visionone-restore-endpoint-connection + :param command: Either trendmicro-visionone-isolate-endpoint + or trendmicro-visionone-restore-endpoint-connection :type args: ``dict`` :param args: args object to fetch the argument data. @@ -1123,44 +1392,89 @@ def isolate_or_restore_connection( :return: sends data to demisto war room. :rtype: ``dict` """ - value = args.get(ENDPOINT) - field = client.lookup_type(value) - description = args.get(DESCRIPTION) - if not description: - description = EMPTY_STRING - body = [{"description": description, f"{field}": f"{value}"}] - if command == ISOLATE_ENDPOINT_COMMAND: - response = client.http_request( - POST, ISOLATE_CONNECTION_ENDPOINT, data=json.dumps(body) - ) - - elif command == RESTORE_ENDPOINT_COMMAND: - response = client.http_request( - POST, RESTORE_CONNECTION_ENDPOINT, data=json.dumps(body) - ) + # Required Params + endpoint_identifiers = safe_load_json(args[ENDPOINT_IDENTIFIERS]) + # if isinstance(endpoint_identifiers, str): + # endpoint_identifiers = json.loads(args[ENDPOINT_IDENTIFIERS]) + message: list[dict[str, Any]] = [] + endpt_tasks: list[EndpointTask] = [] - mapping_data = isolate_restore_endpoint_mapping(response) + if command == ISOLATE_ENDPOINT_COMMAND: + # Create endpoint task list + for endpt in endpoint_identifiers: + if endpt.get(ENDPOINT, EMPTY_STRING): + endpt_tasks.append( + EndpointTask( + endpoint_name=endpt[ENDPOINT], + description=endpt.get(DESCRIPTION, ISOLATE_ENDPOINT), + ) + ) + elif endpt.get(AGENT_GUID, EMPTY_STRING): + endpt_tasks.append( + EndpointTask( + agent_guid=endpt[AGENT_GUID], + description=endpt.get(DESCRIPTION, ISOLATE_ENDPOINT), + ) # type: ignore + ) + # Make rest call + resp = v1_client.isolate_endpoint(*endpt_tasks) + isolate_endpoint_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in isolate_endpoint_resp.items] + + if command == RESTORE_ENDPOINT_COMMAND: + # Create endpoint task list + for endpt in endpoint_identifiers: + if endpt.get(ENDPOINT, EMPTY_STRING): + endpt_tasks.append( + EndpointTask( + endpoint_name=endpt[ENDPOINT], + description=endpt.get(DESCRIPTION, RESTORE_ENDPOINT), + ) + ) + elif endpt.get(AGENT_GUID, EMPTY_STRING): + endpt_tasks.append( + EndpointTask( + agent_guid=endpt[AGENT_GUID], + description=endpt.get(DESCRIPTION, RESTORE_ENDPOINT), + ) # type: ignore + ) + # Make rest call + resp = v1_client.restore_endpoint(*endpt_tasks) + restore_endpoint_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errors: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errors}", error=str(errors)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in restore_endpoint_resp.items] - results = CommandResults( + return CommandResults( readable_output=tableToMarkdown( - table_name[command], mapping_data, removeNull=True + table_name[command], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Endpoint_Connection", - outputs_key_field="taskId", - outputs=mapping_data, + outputs_key_field="task_id", + outputs=message, ) - return results def terminate_process( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Terminate the process running on the end point and sends the result to demist war room. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -1168,50 +1482,65 @@ def terminate_process( :return: sends data to demisto war room. :rtype: ``dict` """ - value = args.get(ENDPOINT) - field = client.lookup_type(value) - description = args.get(DESCRIPTION) - if not description: - description = EMPTY_STRING - file_sha1 = args.get(FILESHA) - filename = args.get(FILENAME) - query_params: Dict[str, Any] = {} - body = [ - { - "description": f"{description}", - f"{field}": f"{value}", - "fileSha1": f"{file_sha1}", - "fileName": f"{filename}", - } - ] - response = client.http_request( - POST, TERMINATE_PROCESS_ENDPOINT, params=query_params, data=json.dumps(body) - ) + # Required Params + process_identifiers = safe_load_json(args[PROCESS_IDENTIFIERS]) + # if isinstance(process_identifiers, str): + # process_identifiers = json.loads(args[PROCESS_IDENTIFIERS]) + process_tasks: list[ProcessTask] = [] + message: list[dict[str, Any]] = [] + + # Create process task list + for process in process_identifiers: + if process.get(ENDPOINT): + process_tasks.append( + ProcessTask( + endpoint_name=process[ENDPOINT], + file_sha1=process[FILE_SHA1], + description=process.get(DESCRIPTION, TERMINATE_PROCESS), + file_name=process.get(FILE_NAME, EMPTY_STRING), + ) + ) + elif process.get(AGENT_GUID): + process_tasks.append( + ProcessTask( + agent_guid=process[AGENT_GUID], + file_sha1=process[FILE_SHA1], + description=process.get(DESCRIPTION, TERMINATE_PROCESS), + file_name=process.get(FILE_NAME, EMPTY_STRING), + ) # type: ignore + ) + # Make rest call + resp = v1_client.terminate_process(*process_tasks) + process_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + # Add results to message to be sent to the War Room + message = [item.dict() for item in process_resp.items] - value = response[0].get("headers", [])[0].get("value", "") - task_id = value.split("/")[-1] - task_status = response[0].get("status", int) - message = {"taskId": task_id, "taskStatus": task_status} - results = CommandResults( + return CommandResults( readable_output=tableToMarkdown( - TABLE_TERMINATE_PROCESS, message, removeNull=True + TABLE_TERMINATE_PROCESS, + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Terminate_Process", - outputs_key_field="taskId", + outputs_key_field="task_id", outputs=message, ) - return results def add_or_delete_from_exception_list( - client: Client, command: str, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, command: str, args: dict[str, Any] +) -> str | CommandResults: """ Add or Delete the exception object to exception list and sends the result to demist war room. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type command: ``str`` :param command: type of command either @@ -1224,55 +1553,82 @@ def add_or_delete_from_exception_list( :return: sends data to demisto war room. :rtype: ``dict` """ - field = args.get(TYPE) - value = args.get(VALUE) - description = args.get(DESCRIPTION) - if not description: - description = EMPTY_STRING - query_params: Dict[str, Any] = {} - if command == ADD_EXCEPTION_LIST_COMMAND: - body = [{f"{field}": f"{value}", "description": f"{description}"}] - response = client.http_request( - POST, - ADD_OBJECT_TO_EXCEPTION_LIST, - params=query_params, - data=json.dumps(body), - ) + # Required Params + block_objects = safe_load_json(args[BLOCK_OBJECTS]) + # if isinstance(block_objects, str): + # block_objects = json.loads(args[BLOCK_OBJECTS]) + excp_tasks: list[ObjectTask] = [] + message: dict[str, Any] = {} - elif command == DELETE_EXCEPTION_LIST_COMMAND: - body = [{f"{field}": f"{value}"}] - response = client.http_request( - POST, - DELETE_OBJECT_FROM_EXCEPTION_LIST, - params=query_params, - data=json.dumps(body), - ) - status_code = response[0]["status"] - exception_list = client.exception_list_count() + if command == ADD_EXCEPTION_LIST_COMMAND: + # Create exception task list + for obj in block_objects: + excp_tasks.append( + ObjectTask( + object_type=_get_ot_enum(obj[OBJECT_TYPE]), + object_value=obj[OBJECT_VALUE], + description=obj.get(DESCRIPTION, ADD_EXCEPTION_LIST), + ) + ) + # Make rest call + resp = v1_client.add_to_exception_list(*excp_tasks) + add_excp_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + message = { + "message": "success", + "multi_response": [item.dict() for item in add_excp_resp.items], + } - message = { - "message": "success", - "status_code": status_code, - "total_items": exception_list, - } - results = CommandResults( - readable_output=tableToMarkdown(table_name[command], message, removeNull=True), + if command == DELETE_EXCEPTION_LIST_COMMAND: + # Create exception task list + for obj in block_objects: + excp_tasks.append( + ObjectTask( + object_type=_get_ot_enum(obj[OBJECT_TYPE]), + object_value=obj[OBJECT_VALUE], + description=obj.get(DESCRIPTION, DELETE_EXCEPTION_LIST), + ) + ) + # Make rest call + resp = v1_client.remove_from_exception_list(*excp_tasks) + rmv_excp_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred for each call + if _is_pytmv1_error(resp.result_code): + errors: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errors}", error=str(errors)) + message = { + "message": "success", + "multi_response": [item.dict() for item in rmv_excp_resp.items], + } + # Get the total count of items in exception list + exception_count = exception_list_count(v1_client) + # Add count of total exception items to message + message["total_items"] = exception_count + return CommandResults( + readable_output=tableToMarkdown( + table_name[command], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), outputs_prefix="VisionOne.Exception_List", - outputs_key_field="message", + outputs_key_field="multi_response", outputs=message, ) - return results def add_to_suspicious_list( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Add suspicious object to suspicious list and sends the result to demist war room. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -1280,61 +1636,63 @@ def add_to_suspicious_list( :return: sends data to demisto war room. :rtype: ``dict` """ - field = args.get(TYPE) - value = args.get(VALUE) - description = args.get(DESCRIPTION) - if not description: - description = EMPTY_STRING - scan_action = args.get(SCAN_ACTION) - query_params: Dict[str, Any] = {} - if scan_action and scan_action not in ("log", "block"): - return_error(PARAMETER_ISSUE.format(param=SCAN_ACTION)) - risk_level = args.get(RISK_LEVEL) - if risk_level and risk_level not in ("high", "medium", "low"): - return_error(PARAMETER_ISSUE.format(param=RISK_LEVEL)) - expiry = args.get(EXPIRYDAY) - if not expiry: - expiry = 7 - body = [ - { - f"{field}": f"{value}", - "description": description, - "scanAction": scan_action, - "riskLevel": risk_level, - "daysToExpiration": expiry, - } - ] - response = client.http_request( - POST, ADD_OBJECT_TO_SUSPICIOUS_LIST, params=query_params, data=json.dumps(body) - ) - status_code = response[0]["status"] - suspicious_list = client.suspicious_list_count() - + # Required Params + block_objects = safe_load_json(args[BLOCK_OBJECTS]) + # if isinstance(block_objects, str): + # block_objects = json.loads(args[BLOCK_OBJECTS]) + + suspicious_tasks: list[SuspiciousObjectTask] = [] + message: dict[str, Any] = {} + + # Create suspicious task list + for block in block_objects: + suspicious_tasks.append( + SuspiciousObjectTask( + object_type=_get_ot_enum(block[OBJECT_TYPE]), + object_value=block[OBJECT_VALUE], + scan_action=block.get(SCAN_ACTION, BLOCK), + risk_level=block.get(RISK_LEVEL, MEDIUM), + days_to_expiration=block.get(EXPIRY_DAYS, 30), + description=block.get(DESCRIPTION, ADD_SUSPICIOUS), + ) + ) + # Make rest call + resp = v1_client.add_to_suspicious_list(*suspicious_tasks) + add_sus_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + # Get the total count of items in suspicious list + suspicious_count = suspicious_list_count(v1_client) + # Add results to message to be sent to the War Room message = { "message": "success", - "status_code": status_code, - "total_items": suspicious_list, + "multi_response": [item.dict() for item in add_sus_resp.items], + "total_items": suspicious_count, } - results = CommandResults( + return CommandResults( readable_output=tableToMarkdown( - table_name[ADD_SUSPICIOUS_LIST_COMMAND], message, removeNull=True + table_name[ADD_SUSPICIOUS_LIST_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Suspicious_List", - outputs_key_field="message", + outputs_key_field="multi_response", outputs=message, ) - return results def delete_from_suspicious_list( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Delete the suspicious object from suspicious list and sends the result to demist war room. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -1342,44 +1700,59 @@ def delete_from_suspicious_list( :return: sends data to demisto war room. :rtype: ``dict` """ - field = args.get(TYPE) - value = args.get(VALUE) - body = [{f"{field}": value}] - query_params: Dict[str, Any] = {} - response = client.http_request( - POST, - DELETE_OBJECT_FROM_SUSPICIOUS_LIST, - params=query_params, - data=json.dumps(body), - ) - status_code = response[0]["status"] - suspicious_list = client.suspicious_list_count() - + # Required Params + block_objects = safe_load_json(args[BLOCK_OBJECTS]) + # if isinstance(block_objects, str): + # block_objects = json.loads(args[BLOCK_OBJECTS]) + + suspicious_tasks: list[ObjectTask] = [] + message: dict[str, Any] = {} + + # Create suspicious task list + for block in block_objects: + suspicious_tasks.append( + ObjectTask( + object_type=_get_ot_enum(block[OBJECT_TYPE]), + object_value=block[OBJECT_VALUE], + description=block.get(DESCRIPTION, DELETE_SUSPICIOUS), + ) + ) + # Make rest call + resp = v1_client.remove_from_suspicious_list(*suspicious_tasks) + dlt_sus_resp: pytmv1.MultiResp = unwrap(resp.response) + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + # Get the total count of items in suspicious list + suspicious_count = suspicious_list_count(v1_client) + # Add results to message to be sent to the War Room message = { "message": "success", - "status_code": status_code, - "total_items": suspicious_list, + "multi_response": [item.dict() for item in dlt_sus_resp.items], + "total_items": suspicious_count, } - results = CommandResults( + return CommandResults( readable_output=tableToMarkdown( - table_name[DELETE_SUSPICIOUS_LIST_COMMAND], message, removeNull=True + table_name[DELETE_SUSPICIOUS_LIST_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Suspicious_List", - outputs_key_field="message", + outputs_key_field="multi_response", outputs=message, ) - return results def get_file_analysis_status( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Get the status of file based on task id and sends the result to demist war room :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. @@ -1387,51 +1760,72 @@ def get_file_analysis_status( :return: sends data to demisto war room. :rtype: ``dict` """ - task_id = args.get(TASKID) - response = client.http_request(GET, GET_FILE_STATUS.format(taskId=task_id)) - message = { - "status": response.get("status"), - "id": response.get("id", ""), - "action": response.get("action", ""), - "error": response.get("error", {}), - "createdDateTime": response.get("createdDateTime", ""), - "lastActionDateTime": response.get("lastActionDateTime", ""), - "resourceLocation": response.get("resourceLocation", ""), - "isCached": response.get("isCached", ""), - "digest": response.get("digest", {}), - "arguments": response.get("arguments", ""), - } - results = CommandResults( + # Required Params + task_id = args.get(TASKID, EMPTY_STRING) + message: dict[str, Any] = {} + + # Make rest call + resp = v1_client.get_sandbox_submission_status(submit_id=task_id) + resp_obj: pytmv1.SandboxSubmissionStatusResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Add results to message to be sent to the War Room + message = resp_obj.dict() + + return CommandResults( readable_output=tableToMarkdown( - TABLE_GET_FILE_ANALYSIS_STATUS, message, removeNull=True + table_name[GET_FILE_ANALYSIS_STATUS_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.File_Analysis_Status", - outputs_key_field="message", + outputs_key_field="id", outputs=message, ) - return results def get_file_analysis_result( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Get the report of file based on report id and sends the result to demist war room :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - report_id = args.get(REPORT_ID) - response = client.http_request(GET, GET_FILE_RESULT.format(reportId=report_id)) - risk = response.get("riskLevel", "") - risk_score = client.incident_severity_to_dbot_score(risk) - sha256 = response.get("digest", {}).get("sha256") - md5 = response.get("digest", {}).get("md5") - sha1 = response.get("digest", {}).get("sha1") - reliability = demisto.params().get("integrationReliability") + # Required Params + report_id = args.get(REPORT_ID, EMPTY_STRING) + # Optional Params + poll = argToBoolean(args.get(POLL, TRUE)) + poll_time_sec = arg_to_number(args.get(POLL_TIME_SEC, 0)) + message: dict[str, Any] = {} + + # Make rest call + resp = v1_client.get_sandbox_analysis_result( + submit_id=report_id, + poll=poll, + poll_time_sec=poll_time_sec, # type: ignore + ) + # Check if an error occurred during rest call + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Extract values on successful call + reliability = demisto.params().get(INTEGRATION_RELIABILITY) + sandbox_response: pytmv1.SandboxAnalysisResultResp = unwrap(resp.response) + risk = sandbox_response.risk_level + risk_score = incident_severity_to_dbot_score(risk) + digest: pytmv1.Digest = unwrap(sandbox_response.digest) + sha256 = digest.sha256 + md5 = digest.md5 + sha1 = digest.sha1 + # Create DBot Score dbot_score = Common.DBotScore( indicator=sha256, indicator_type=DBotScoreType.FILE, @@ -1439,494 +1833,597 @@ def get_file_analysis_result( score=risk_score, reliability=reliability, ) + # Create file file_entry = Common.File(sha256=sha256, md5=md5, sha1=sha1, dbot_score=dbot_score) + # Add results to message to be sent to the War Room message = { - "status_code": client.status, - "message": "success", - "report_id": response.get("id", ""), - "type": response.get("type", ""), - "digest": response.get("digest", ""), - "arguments": response.get("arguments", ""), - "analysisCompletionDateTime": response.get("analysisCompletionDateTime", ""), - "riskLevel": response.get("riskLevel", ""), - "detectionNames": response.get("detectionNames", []), - "threatTypes": response.get("threatTypes", []), - "trueFileType": response.get("trueFileType", ""), + "status": resp.result_code, + "id": sandbox_response.id, + "type": sandbox_response.type, + "digest": digest.dict(), + "arguments": sandbox_response.arguments, + "risk_level": risk, + "threat_types": sandbox_response.threat_types, + "true_file_type": sandbox_response.true_file_type, + "detection_names": sandbox_response.detection_names, + "analysis_completion_date_time": sandbox_response.analysis_completion_date_time, "DBotScore": { "Score": dbot_score.score, "Vendor": dbot_score.integration_name, "Reliability": dbot_score.reliability, }, } - results = CommandResults( + return CommandResults( readable_output=tableToMarkdown( - TABLE_GET_FILE_ANALYSIS_RESULT, message, removeNull=True + table_name[GET_FILE_ANALYSIS_RESULT_COMMAND], message, removeNull=True ), - outputs_prefix="VisionOne.File_Analysis_Report", - outputs_key_field="message", + outputs_prefix="VisionOne.File_Analysis_Result", + outputs_key_field="id", outputs=message, indicator=file_entry, ) - return results -def collect_file(client: Client, args: Dict[str, Any]) -> Union[str, CommandResults]: +def collect_file( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Collect forensic file and sends the result to demist war room :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - value = args.get(ENDPOINT) - field = client.lookup_type(value) - description = args.get(DESCRIPTION) - if not description: - description = EMPTY_STRING - file_path = args.get(FILE_PATH) - query_params: Dict[str, Any] = {} - body = [{"description": description, f"{field}": value, "filePath": file_path}] - response = client.http_request( - POST, COLLECT_FORENSIC_FILE, params=query_params, data=json.dumps(body) - )[0] - task_status = response.get("status", {}) - task_id = None - if task_status == 202: - resp_headers = response.get("headers", [])[0] - task_list = resp_headers.get("value").split("/") - task_id = task_list[-1] - error = response.get("body", {}).get("error", {}) - message = {"taskId": task_id, "taskStatus": task_status, "error": error} - results = CommandResults( - readable_output=tableToMarkdown(TABLE_COLLECT_FILE, message, removeNull=True), + # Required Params + collect_files = safe_load_json(args[COLLECT_FILES]) + # if isinstance(collect_files, str): + # collect_files = json.loads(args[COLLECT_FILES]) + # Create file task list + file_tasks: list[FileTask] = [] + message: list[dict[str, Any]] = [] + + # Create file task list + for file in collect_files: + if file.get(ENDPOINT, EMPTY_STRING): + file_tasks.append( + FileTask( + endpoint_name=file[ENDPOINT], + file_path=file[FILE_PATH], + description=file.get(DESCRIPTION, COLLECT_FILE), + ) + ) + elif file.get(AGENT_GUID, EMPTY_STRING): + file_tasks.append( + FileTask( + agent_guid=file[AGENT_GUID], + file_path=file[FILE_PATH], + description=file.get(DESCRIPTION, COLLECT_FILE), + ) # type: ignore + ) + # Make rest call + resp = v1_client.collect_file(*file_tasks) + file_resp: pytmv1.MultiResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = resp.errors + return_error(message=f"{errs}", error=str(errs)) + + message = [item.dict() for item in file_resp.items] + + return CommandResults( + readable_output=tableToMarkdown( + TABLE_COLLECT_FILE, + message, + headerTransform=string_to_table_header, + removeNull=True, + ), outputs_prefix="VisionOne.Collect_Forensic_File", - outputs_key_field="taskId", + outputs_key_field="task_id", outputs=message, ) - return results def download_information_collected_file( - client: Client, args: Dict[str, Any] -) -> Union[Any, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Get the analysis report of file based on action id and sends the file to demist war room where it can be downloaded. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - task_id = args.get(TASKID) - query_params: Dict[str, Any] = {} - response = client.http_request( - GET, - DOWNLOAD_INFORMATION_COLLECTED_FILE.format(taskId=task_id), - params=query_params, + # Required Params + task_id = args.get(TASKID, EMPTY_STRING) + # Optional Params + poll = argToBoolean(args.get(POLL, TRUE)) + poll_time_sec = arg_to_number(args.get(POLL_TIME_SEC, 0)) + # Make rest call + resp = v1_client.get_task_result( + task_id=task_id, + class_=CollectFileTaskResp, + poll=poll, + poll_time_sec=poll_time_sec, # type: ignore ) - message = { - "taskId": response.get("id"), - "status": response.get("status"), - "createdDateTime": response.get("createdDateTime"), - "lastActionDateTime": response.get("lastActionDateTime"), - "description": response.get("description"), - "action": response.get("action"), - "account": response.get("account"), - "agentGuid": response.get("agentGuid"), - "endpointName": response.get("endpointName"), - "filePath": response.get("filePath"), - "fileSha1": response.get("fileSha1"), - "fileSha256": response.get("fileSha256"), - "fileSize": response.get("fileSize"), - "resourceLocation": response.get("resourceLocation"), - "expiredDateTime": response.get("expiredDateTime"), - "password": response.get("password"), - } + resp_obj: pytmv1.CollectFileTaskResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Add results to message to be sent to the War Room + message = resp_obj.dict() return CommandResults( readable_output=tableToMarkdown( - "Download information for collected file ", message, removeNull=True + table_name[DOWNLOAD_COLLECTED_FILE_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), - outputs_prefix=("VisionOne.Download_Information_For_Collected_Forensic_File"), - outputs_key_field="resourceLocation", + outputs_prefix="VisionOne.Download_Information_For_Collected_Forensic_File", + outputs_key_field="resource_location", outputs=message, ) def download_analysis_report( - client: Client, args: Dict[str, Any] -) -> Union[Any, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> Any | CommandResults: """ Get the analysis report of file based on action id and sends the file to demist war room where it can be downloaded. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - submission_id = args.get(SUBMISSION_ID) - file_name = args.get(FILE_NAME) - # If a file name is not provided, default value - # of Sandbox_Analysis_Report is set for the pdf. - if not file_name: - file_name = "Sandbox_Analysis_Report.pdf" - query_params: Dict[str, Any] = {} - token = client.api_key - headers = {AUTHORIZATION: f"{BEARER} {token}"} - response = requests.get( - f"{client.base_url}" - + DOWNLOAD_ANALYSIS_REPORT.format(submissionId=submission_id), - params=query_params, - headers=headers, + # Required Params + submit_id = args.get(SUBMISSION_ID, EMPTY_STRING) + # Optional Params + poll = argToBoolean(args.get(POLL, TRUE)) + poll_time_sec = arg_to_number(args.get(POLL_TIME_SEC, 0)) + + # Create name for pdf report file to be downloaded + name = "Trend_Micro_Sandbox_Analysis_Report" + file_name = f"{name}_{datetime.now(timezone.utc).replace(microsecond=0).strftime('%Y-%m-%d:%H:%M:%S')}.pdf" + + # Make rest call + resp = v1_client.download_sandbox_analysis_result( + submit_id=submit_id, poll=poll, poll_time_sec=poll_time_sec # type: ignore ) - data = response.content - code = response.status_code - resp_msg = "Please select download to start download" + analysis_resp: pytmv1.BytesResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Extract content value on successful call + data = analysis_resp.content + + resp_msg = "Please click download to download PDF Report." # fileResult takes response data and creates a file with # the specified extension that can be downloaded in the war room output_file = fileResult(f"{file_name}", data, file_type=EntryType.ENTRY_INFO_FILE) - message = {"submissionId": submission_id, "code": code, "message": resp_msg} - results = [ + message = { + "submission_id": submit_id, + "result_code": resp.result_code, + "message": resp_msg, + } + return [ output_file, CommandResults( readable_output=tableToMarkdown( - TABLE_DOWNLOAD_ANALYSIS_REPORT, message, removeNull=True + table_name[DOWNLOAD_ANALYSIS_REPORT_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Download_Analysis_Report", - outputs_key_field="submissionId", + outputs_key_field="submission_id", outputs=message, ), ] - return results def download_investigation_package( - client: Client, args: Dict[str, Any] -) -> Union[Any, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> Any | CommandResults: """ Downloads the Investigation Package of the specified object based on submission id and sends the file to demist war room where it can be downloaded. :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - submission_id = args.get(SUBMISSION_ID) - file_name = args.get(FILE_NAME) - # If a file name is not provided, default value of - # Sandbox_Investigation_Package is set for the package. - if not file_name: - file_name = "Sandbox_Investigation_Package.zip" - query_params: Dict[str, Any] = {} - token = client.api_key - headers = {AUTHORIZATION: f"{BEARER} {token}"} - response = requests.get( - f"{client.base_url}" - + DOWNLOAD_INVESTIGATION_PACKAGE.format(submissionId=submission_id), - params=query_params, - headers=headers, + # Required Params + submit_id = args.get(SUBMISSION_ID, EMPTY_STRING) + # Optional Params + poll = argToBoolean(args.get(POLL, TRUE)) + poll_time_sec = arg_to_number(args.get(POLL_TIME_SEC, 0)) + + # Create name for zip package to be downloaded + name = "Sandbox_Investigation_Package" + file_name = f"{name}_{datetime.now(timezone.utc).replace(microsecond=0).strftime('%Y-%m-%d:%H:%M:%S')}.zip" + + # Make rest call + resp = v1_client.download_sandbox_investigation_package( + submit_id=submit_id, poll=poll, poll_time_sec=poll_time_sec # type: ignore ) - data = response.content - code = response.status_code - resp_msg = "Please select download to start download" + investigation_resp: pytmv1.BytesResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Extract content value on successful call + data = investigation_resp.content + # fileResult takes response data and creates a file with # the specified extension that can be downloaded in the war room output_file = fileResult(f"{file_name}", data, file_type=EntryType.ENTRY_INFO_FILE) - message = {"submissionId": submission_id, "code": code, "message": resp_msg} - results = [ + resp_msg = "Please click download to download .zip file." + message = { + "submission_id": submit_id, + "result_code": resp.result_code, + "message": resp_msg, + } + + return [ output_file, CommandResults( readable_output=tableToMarkdown( - TABLE_DOWNLOAD_INVESTIGATION_PACKAGE, message, removeNull=True + table_name[DOWNLOAD_INVESTIGATION_PACKAGE_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Download_Investigation_Package", - outputs_key_field="submissionId", + outputs_key_field="submission_id", outputs=message, ), ] - return results def download_suspicious_object_list( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Downloads the suspicious object list associated to the specified object - Note: Suspicious Object Lists are only available for objects with a high risk level + Note: Suspicious Object lists are only available for objects with a high risk level :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - submission_id = args.get(SUBMISSION_ID) - query_params: Dict[str, Any] = {} - token = client.api_key - headers = {AUTHORIZATION: f"{BEARER} {token}"} - response = client.http_request( - GET, - DOWNLOAD_SUSPICIOUS_OBJECT_LIST.format(submissionId=submission_id), - params=query_params, - headers=headers, + # Required Params + submit_id = args.get(SUBMISSION_ID, EMPTY_STRING) + # Optional Params + poll = argToBoolean(args.get(POLL, TRUE)) + poll_time_sec = arg_to_number(args.get(POLL_TIME_SEC, 0)) + suspicious_objects: list[dict[str, str]] = [] + + # Make rest call + resp = v1_client.get_sandbox_suspicious_list( + submit_id=submit_id, poll=poll, poll_time_sec=poll_time_sec # type: ignore ) - message = { - "code": client.status, - "riskLevel": response.get("items", [])[0].get("riskLevel", ""), - "analysisCompletionDateTime": response.get("items", [])[0].get( - "analysisCompletionDateTime", "" - ), - "expiredDateTime": response.get("items", [])[0].get("expiredDateTime", ""), - "rootSha1": response.get("items", [])[0].get("rootSha1", ""), - "ip": response.get("items", [])[0].get("ip", ""), - } - results = CommandResults( + sus_list_resp: pytmv1.SandboxSuspiciousListResp = unwrap(resp.response) + # Check if an error occurred + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Extract suspicious objects from response + for item in sus_list_resp.items: + suspicious_objects.append(item.dict()) + + return CommandResults( readable_output=tableToMarkdown( - TABLE_DOWNLOAD_SUSPICIOUS_OBJECT_LIST, message, removeNull=True + table_name[DOWNLOAD_SUSPICIOUS_OBJECT_LIST_COMMAND], + suspicious_objects, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Download_Suspicious_Object_list", - outputs_key_field="riskLevel", - outputs=message, + outputs_key_field="risk_level", + outputs=suspicious_objects, ) - return results def submit_file_to_sandbox( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ submit file to sandbox and sends the result to demist war room :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - query_params: Dict[str, Any] = {} - data = {} - file_path = args.get(FILE_PATH) - file_name = args.get(FILE_NAME) - document_pass = args.get(DOCUMENT_PASSWORD) - if document_pass: - data["documentPassword"] = base64.b64encode(document_pass.encode(ASCII)).decode( - ASCII - ) - archive_pass = args.get(ARCHIVE_PASSWORD) - if archive_pass: - data["archivePassword"] = base64.b64encode(archive_pass.encode(ASCII)).decode( - ASCII - ) - arguments = args.get(ARGUMENTS) - if arguments: - data["arguments"] = arguments - token = client.api_key - headers = {AUTHORIZATION: f"{BEARER} {token}"} - try: - file_content = requests.get(file_path, allow_redirects=True) # type: ignore - files = { - "file": (file_name, file_content.content, "application/x-zip-compressed") - } - result = requests.post( - f"{client.base_url}{SUBMIT_FILE_TO_SANDBOX}", - params=query_params, - headers=headers, - data=data, - files=files, - ) - result.raise_for_status() - except HTTPError as http_err: - demisto.error(http_err) - return_error(http_err) - except Exception as err: - demisto.error(err) - return_error(err) - else: - response = result.json() - + # Required Params + file_url = args.get(FILE_URL, EMPTY_STRING) + file_name = args.get(FILE_NAME, EMPTY_STRING) + # Optional Params + document_pass = args.get(DOCUMENT_PASSWORD, EMPTY_STRING) + archive_pass = args.get(ARCHIVE_PASSWORD, EMPTY_STRING) + arguments = args.get(ARGUMENTS, EMPTY_STRING) + + # Get file contents + _file = requests.get(file_url, allow_redirects=True, timeout=30) + # Make rest call + resp = v1_client.submit_file_to_sandbox( + file=_file.content, + file_name=file_name, + document_password=document_pass, + archive_password=archive_pass, + arguments=arguments, + ) + sub_file_resp: pytmv1.SubmitFileToSandboxResp = unwrap(resp.response) + digest: pytmv1.Digest = unwrap(sub_file_resp.digest) + # Check if an error occurred during rest call + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Add results to message to be sent to the War Room message = { - "message": "success", - "code": f"{result.status_code}", - "task_id": response.get("id", ""), - "digest": response.get("digest", ""), - "arguments": response.get("arguments", ""), + "code": 202, + "message": resp.result_code, + "task_id": sub_file_resp.id, + "digest": digest.dict(), + "arguments": sub_file_resp.arguments, } - results = CommandResults( + return CommandResults( readable_output=tableToMarkdown( - TABLE_SUBMIT_FILE_TO_SANDBOX, message, removeNull=True + table_name[FILE_TO_SANDBOX_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Submit_File_to_Sandbox", - outputs_key_field="message", + outputs_key_field="task_id", outputs=message, ) - return results def submit_file_entry_to_sandbox( - client: Client, args: Dict[str, Any] -) -> Union[str, CommandResults]: + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ submit file entry to sandbox and sends the result to demist war room :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - entry = args.get(ENTRY_ID) + # Required Params + entry = args.get(ENTRY_ID, EMPTY_STRING) + # Optional Params + archive_pass = args.get(ARCHIVE_PASSWORD, EMPTY_STRING) + document_pass = args.get(DOCUMENT_PASSWORD, EMPTY_STRING) + arguments = args.get(ARGUMENTS, EMPTY_STRING) + + # Use entry ID to get file details from demisto file_ = demisto.getFilePath(entry) - file_name = file_.get("name") - file_path = file_.get("path") - archive_pass = args.get(ARCHIVE_PASSWORD) - document_pass = args.get(DOCUMENT_PASSWORD) - query_params: Dict[Any, Any] = {} - headers = {AUTHORIZATION: f"{BEARER} {client.api_key}"} + file_name = file_.get(NAME, EMPTY_STRING) + file_path = file_.get(PATH, EMPTY_STRING) with open(file_path, "rb") as f: contents = f.read() - data = {} - if document_pass: - data["documentPassword"] = base64.b64encode(document_pass.encode(ASCII)).decode( - ASCII - ) - if archive_pass: - data["archivePassword"] = base64.b64encode(archive_pass.encode(ASCII)).decode( - ASCII - ) - files = {"file": (f"{file_name}", contents, "application/octet-stream")} - try: - result = requests.post( - f"{client.base_url}{SUBMIT_FILE_TO_SANDBOX}", - params=query_params, - headers=headers, - data=data, - files=files, - ) - result.raise_for_status() - except HTTPError as http_err: - demisto.error(http_err) - return_error(http_err) - except Exception as err: - demisto.error(err) - return_error(err) - response = result.json() + # Make rest call + resp = v1_client.submit_file_to_sandbox( + file=contents, + file_name=file_name, + document_password=document_pass, + archive_password=archive_pass, + arguments=arguments, + ) + sub_file_resp: pytmv1.SubmitFileToSandboxResp = unwrap(resp.response) + digest: pytmv1.Digest = unwrap(sub_file_resp.digest) + # Check if an error occurred during rest call + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Add results to message to be sent to the War Room message = { + "code": 202, + "message": resp.result_code, "filename": file_name, - "entryId": entry, - "file_path": file_.get("path", ""), - "message": "Success", - "code": "Success", - "task_id": response.get("id", ""), - "digest": response.get("digest", ""), + "entry_id": entry, + "file_path": file_path, + "task_id": sub_file_resp.id, + "digest": digest.dict(), + "arguments": sub_file_resp.arguments, } - results = CommandResults( + + return CommandResults( readable_output=tableToMarkdown( - TABLE_SUBMIT_FILE_ENTRY_TO_SANDBOX, message, removeNull=True + table_name[FILE_ENTRY_TO_SANDBOX_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, ), outputs_prefix="VisionOne.Submit_File_Entry_to_Sandbox", - outputs_key_field="entryId", + outputs_key_field="entry_id", outputs=message, ) - return results -def add_note(client: Client, args: Dict[str, Any]) -> Union[str, CommandResults]: +def submit_urls_to_sandbox( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ - Adds a note to an existing workbench alert + submit Urls to sandbox and send the result to demist war room :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - workbench_id = args.get(WORKBENCH_ID) - content = args.get(CONTENT) + # Required Params + urls: list[str] = argToList(args[URLS]) + submit_urls_resp: list[dict[str, Any]] = [] + # Make rest call + resp = v1_client.submit_urls_to_sandbox(*urls) + urls_resp: pytmv1.MultiUrlResp = unwrap(resp.response) + # Check if an error occurred during rest call + if _is_pytmv1_error(resp.result_code): + errs: list[pytmv1.MsError] = unwrap(resp.errors) + return_error(message=f"{errs}", error=str(errs)) + for item in urls_resp.items: + submit_urls_resp.append(item.dict()) - body = {"content": content} - query_params: Dict[str, Any] = {} - token = client.api_key - headers = { - "Authorization": "Bearer " + token, - "Content-Type": "application/json;charset=utf-8", - } - response = requests.post( - f"{client.base_url}" + ADD_NOTE_ENDPOINT.format(alertId=workbench_id), - params=query_params, - headers=headers, - data=json.dumps(body), + return CommandResults( + readable_output=tableToMarkdown( + table_name[URLS_TO_SANDBOX_COMMAND], + submit_urls_resp, + headerTransform=string_to_table_header, + removeNull=True, + ), + outputs_prefix="VisionOne.Submit_Urls_to_Sandbox", + outputs_key_field="id", + outputs=submit_urls_resp, ) - response_code = response.status_code - location = response.headers.get("Location", "").split("/") - note_id = location[-1] - resp_msg = "success" + + +def get_alert_details( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: + """ + Fetch information for a specific alert and display in war room. + :type client: ``Client`` + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. + :type args: ``dict`` + :param args: args object to fetch the argument data. + :return: sends data to demisto war room. + :rtype: ``dict` + """ + # Required Params + workbench_id: str = args.get(WORKBENCH_ID, EMPTY_STRING) + message: dict[str, Any] = {} + # Make rest call + resp = v1_client.get_alert_details(alert_id=workbench_id) + alert_resp: pytmv1.GetAlertDetailsResp = unwrap(resp.response) + # Check if an error occurred during rest call + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Extract values from response + etag = alert_resp.etag + alert = alert_resp.alert.dict() + # Add results to message to be sent to the War Room + message = {"etag": etag, "alert": alert} + + return CommandResults( + readable_output=tableToMarkdown( + table_name[GET_ALERT_DETAILS_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), + outputs_prefix="VisionOne.Alert_Details", + outputs_key_field="etag", + outputs=message, + ) + + +def add_note(v1_client: pytmv1.Client, args: dict[str, Any]) -> str | CommandResults: + """ + Adds a note to an existing workbench alert + :type client: ``Client`` + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. + :type args: ``dict`` + :param args: args object to fetch the argument data. + :return: sends data to demisto war room. + :rtype: ``dict` + """ + # Required Params + workbench_id = args.get(WORKBENCH_ID, EMPTY_STRING) + content = args.get(CONTENT, EMPTY_STRING) + message: dict[str, Any] = {} + + # Make rest call + resp = v1_client.add_alert_note(alert_id=workbench_id, note=content) + note_resp: pytmv1.AddAlertNoteResp = unwrap(resp.response) + # Check if an error occurred during rest call + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Add results to message to be sent to the War Room message = { - "Workbench_Id": workbench_id, - "code": response_code, - "note_id": note_id, - "message": resp_msg, + "code": 201, + "message": f"Note has been successfully added to {workbench_id}", + "note_id": note_resp.note_id(), } - results = CommandResults( - readable_output=tableToMarkdown(TABLE_ADD_NOTE, message, removeNull=True), + return CommandResults( + readable_output=tableToMarkdown( + table_name[ADD_NOTE_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), outputs_prefix="VisionOne.Add_Note", outputs_key_field="note_id", outputs=message, ) - return results -def update_status(client: Client, args: Dict[str, Any]) -> Union[str, CommandResults]: +def update_status( + v1_client: pytmv1.Client, args: dict[str, Any] +) -> str | CommandResults: """ Updates the status of an existing workbench alert :type client: ``Client`` - :param client: client object to use http_request. + :param v1_client: pytmv1.Client object used to initialize pytmv1 client. :type args: ``dict`` :param args: args object to fetch the argument data. :return: sends data to demisto war room. :rtype: ``dict` """ - workbench_id = args.get(WORKBENCH_ID) - status = args.get(STATUS) - - if status == "new": - status = NEW - elif status == "in progress": - status = IN_PROGRESS - elif status == "true positive": - status = RESOLVED_TRUE_POSITIVE - elif status == "false positive": - status = RESOLVED_FALSE_POSITIVE - - query_params: Dict[str, Any] = {} - body = {"investigationStatus": status} - client.http_request( - PATCH, - UPDATE_STATUS_ENDPOINT.format(workbenchId=workbench_id), - params=query_params, - data=json.dumps(body), + # Required Params + workbench_id = args.get(WORKBENCH_ID, EMPTY_STRING) + status = args.get(STATUS, EMPTY_STRING) + if_match = args.get(IF_MATCH, EMPTY_STRING) + message: dict[str, Any] = {} + # Choose Status Enum + sts = status.upper() + # Assign enum status + status = InvestigationStatus[sts] + # Make rest call + resp = v1_client.edit_alert_status( + alert_id=workbench_id, status=status, if_match=if_match ) - - response_code = client.status - response_msg = "Alert status changed successfully" + # Check if an error occurred during rest call + if _is_pytmv1_error(resp.result_code): + err: pytmv1.Error = unwrap(resp.error) + return_error(message=f"{err.message}", error=str(err)) + # Add results to message to be sent to the War Room message = { + "code": 204, "Workbench_Id": workbench_id, - "code": response_code, - "message": response_msg, + "message": f"Successfully updated status for {workbench_id} to {status}.", } - results = CommandResults( - readable_output=tableToMarkdown(TABLE_UPDATE_STATUS, message, removeNull=True), + return CommandResults( + readable_output=tableToMarkdown( + table_name[UPDATE_STATUS_COMMAND], + message, + headerTransform=string_to_table_header, + removeNull=True, + ), outputs_prefix="VisionOne.Update_Status", outputs_key_field="Workbench_Id", outputs=message, ) - return results def main(): # pragma: no cover @@ -1934,104 +2431,127 @@ def main(): # pragma: no cover """GLOBAL VARS""" params = demisto.params() - base_url = params.get(URL) - api_key = params.get(API_TOKEN).get("password") - proxy = params.get("proxy", False) - verify = not params.get("insecure", False) + base_url: str = params.get(URL, "") + api_key: str = params.get(API_TOKEN, {}).get("password") - client = Client(base_url, api_key, proxy, verify) + if base_url == "": + raise RuntimeError( + "The base_url cannot be empty, please provide a valid value." + ) + v1_client = _get_client(VENDOR_NAME, api_key, base_url) command = demisto.command() demisto.debug(COMMAND_CALLED.format(command=command)) args = demisto.args() - if command == "test-module": - return_results(test_module(client)) + if command == TEST_MODULE: + return_results(test_module(v1_client)) elif command == FETCH_INCIDENTS: - return_results(fetch_incidents(client)) + return_results(fetch_incidents(v1_client)) elif command in (ENABLE_USER_ACCOUNT_COMMAND, DISABLE_USER_ACCOUNT_COMMAND): - return_results(enable_or_disable_user_account(client, command, args)) + return_results(enable_or_disable_user_account(v1_client, command, args)) elif command == FORCE_SIGN_OUT_COMMAND: - return_results(force_sign_out(client, args)) + return_results(force_sign_out(v1_client, args)) elif command == FORCE_PASSWORD_RESET_COMMAND: - return_results(force_password_reset(client, args)) + return_results(force_password_reset(v1_client, args)) elif command in (ADD_BLOCKLIST_COMMAND, REMOVE_BLOCKLIST_COMMAND): - return_results(add_or_remove_from_block_list(client, command, args)) + return_results(add_or_remove_from_block_list(v1_client, command, args)) elif command in (QUARANTINE_EMAIL_COMMAND, DELETE_EMAIL_COMMAND): - return_results(quarantine_or_delete_email_message(client, command, args)) + return_results(quarantine_or_delete_email_message(v1_client, command, args)) + + elif command == RESTORE_EMAIL_COMMAND: + return_results(restore_email_message(v1_client, args)) elif command in (ISOLATE_ENDPOINT_COMMAND, RESTORE_ENDPOINT_COMMAND): - return_results(isolate_or_restore_connection(client, command, args)) + return_results(isolate_or_restore_connection(v1_client, command, args)) elif command == TERMINATE_PROCESS_COMMAND: - return_results(terminate_process(client, args)) + return_results(terminate_process(v1_client, args)) elif command in (ADD_EXCEPTION_LIST_COMMAND, DELETE_EXCEPTION_LIST_COMMAND): - return_results(add_or_delete_from_exception_list(client, command, args)) + return_results(add_or_delete_from_exception_list(v1_client, command, args)) elif command == ADD_SUSPICIOUS_LIST_COMMAND: - return_results(add_to_suspicious_list(client, args)) + return_results(add_to_suspicious_list(v1_client, args)) elif command == DELETE_SUSPICIOUS_LIST_COMMAND: - return_results(delete_from_suspicious_list(client, args)) + return_results(delete_from_suspicious_list(v1_client, args)) elif command == GET_FILE_ANALYSIS_STATUS_COMMAND: - return_results(get_file_analysis_status(client, args)) + return_results(get_file_analysis_status(v1_client, args)) elif command == GET_FILE_ANALYSIS_RESULT_COMMAND: - return_results(get_file_analysis_result(client, args)) + return_results(get_file_analysis_result(v1_client, args)) elif command == GET_ENDPOINT_INFO_COMMAND: - return_results(get_endpoint_info(client, args)) + return_results(get_endpoint_info(v1_client, args)) + + elif command == GET_ENDPOINT_ACTIVITY_DATA_COMMAND: + return_results(get_endpoint_activity_data(v1_client, args)) + + elif command == GET_ENDPOINT_ACTIVITY_DATA_COUNT_COMMAND: + return_results(get_endpoint_activity_data_count(v1_client, args)) + + elif command == GET_EMAIL_ACTIVITY_DATA_COMMAND: + return_results(get_email_activity_data(v1_client, args)) + + elif command == GET_EMAIL_ACTIVITY_DATA_COUNT_COMMAND: + return_results(get_email_activity_data_count(v1_client, args)) elif command == COLLECT_FILE_COMMAND: - return_results(collect_file(client, args)) + return_results(collect_file(v1_client, args)) elif command == DOWNLOAD_COLLECTED_FILE_COMMAND: - return_results(download_information_collected_file(client, args)) + return_results(download_information_collected_file(v1_client, args)) elif command == FILE_TO_SANDBOX_COMMAND: - return_results(submit_file_to_sandbox(client, args)) + return_results(submit_file_to_sandbox(v1_client, args)) elif command == FILE_ENTRY_TO_SANDBOX_COMMAND: - return_results(submit_file_entry_to_sandbox(client, args)) + return_results(submit_file_entry_to_sandbox(v1_client, args)) + + elif command == URLS_TO_SANDBOX_COMMAND: + return_results(submit_urls_to_sandbox(v1_client, args)) elif command == SANDBOX_SUBMISSION_POLLING_COMMAND: - if args.get("polling") == "true": - cmd_res = get_sandbox_submission_status(args, client) + if args.get(POLLING) == TRUE: + cmd_res = get_sandbox_submission_status(args, v1_client) if cmd_res is not None: return_results(cmd_res) else: - return_results(client.sandbox_submission_polling(args)) + return_results(sandbox_submission_polling(v1_client, args)) elif command == DOWNLOAD_ANALYSIS_REPORT_COMMAND: - return_results(download_analysis_report(client, args)) + return_results(download_analysis_report(v1_client, args)) elif command == DOWNLOAD_INVESTIGATION_PACKAGE_COMMAND: - return_results(download_investigation_package(client, args)) + return_results(download_investigation_package(v1_client, args)) elif command == DOWNLOAD_SUSPICIOUS_OBJECT_LIST_COMMAND: - return_results(download_suspicious_object_list(client, args)) + return_results(download_suspicious_object_list(v1_client, args)) elif command == UPDATE_STATUS_COMMAND: - return_results(update_status(client, args)) + return_results(update_status(v1_client, args)) + + elif command == GET_ALERT_DETAILS_COMMAND: + return_results(get_alert_details(v1_client, args)) elif command == ADD_NOTE_COMMAND: - return_results(add_note(client, args)) + return_results(add_note(v1_client, args)) elif command == CHECK_TASK_STATUS_COMMAND: - if args.get("polling") == "true": - cmd_res = get_task_status(args, client) + if args.get(POLLING) == TRUE: + cmd_res = get_task_status(args, v1_client) if cmd_res is not None: return_results(cmd_res) else: - return_results(client.status_check(args)) + return_results(status_check(v1_client, args)) else: demisto.error(f"{command} command is not implemented.") diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3.yml b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3.yml index 5bedbbffdb7c..46a2ef02af3c 100644 --- a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3.yml +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3.yml @@ -63,6 +63,18 @@ configuration: - F - Reliability cannot be judged type: 15 required: false +- additionalinfo: Severity of the incident being fetched. + defaultvalue: high + display: Severity + name: incident_severity + options: + - critical + - high + - medium + - low + - any + type: 15 + required: false description: Trend Micro Vision One is a purpose-built threat defense platform that provides added value and new benefits beyond XDR solutions, allowing you to see more and respond faster. Providing deep and broad extended detection and response (XDR) capabilities that collect and automatically correlate data across multiple security layers—email, endpoints, servers, cloud workloads, and networks—Trend Micro Vision One prevents the majority of attacks with automated protection. V3 version of the app includes everything that the previous app had and adds more capabilities. It leverages V3 of Trend Micro APIs and introduces further ability to manage domain accounts with addition of 4 domain account actions for enabling/disabling user account, forcing sign-out and password resets for compromised accounts. This app is in active development. display: Trend Micro Vision One V3. defaultmapperin: Trend Micro Vision One V3 XDR - Incoming Mapper @@ -70,429 +82,637 @@ name: Trend Micro Vision One V3 script: commands: - arguments: - - description: The User account that needs to be enabled - name: accountName + - description: 'List of object(s) containing `account_name` and optional `description`. e.g. [{"account_name":"some-account","description":"enable"}].' + name: account_identifiers required: true - - description: Description of a response task - name: description - description: Allows the user to sign in to new application and browser sessions. Supported IAM systems -> Azure AD and Active Directory (on-premises) + isArray: true + description: Allows the user to sign in to new application and browser sessions. Supported IAM systems -> Azure AD and Active Directory (on-premises). name: trendmicro-visionone-enable-user-account outputs: - - contextPath: VisionOne.User_Account.status_code - description: Task status code of request to enable user account + - contextPath: VisionOne.User_Account.status + description: Status of request to enable user account. type: number - - contextPath: VisionOne.User_Account.taskId - description: Task ID of enabling user account + - contextPath: VisionOne.User_Account.task_id + description: Task ID generated after enabling user account. type: string - arguments: - - description: The User account that needs to be disabled - name: accountName + - description: 'List of object(s) containing `account_name` and optional `description`. e.g. [{"account_name":"some-account","description":"disable"}].' + name: account_identifiers required: true - - description: Description of a response task - name: description - description: Signs the user out of all active application and browser sessions, and prevents the user from signing in any new session. Supported IAM systems -> Azure AD and Active Directory (on-premises) + isArray: true + description: Signs the user out of all active application and browser sessions, and prevents the user from signing in any new session. Supported IAM systems -> Azure AD and Active Directory (on-premises). name: trendmicro-visionone-disable-user-account outputs: - - contextPath: VisionOne.User_Account.status_code - description: Task status code of request to disable user account + - contextPath: VisionOne.User_Account.status + description: Status of request to disable user account. type: number - - contextPath: VisionOne.User_Account.taskId - description: Task ID of disabling user account + - contextPath: VisionOne.User_Account.task_id + description: Task ID generated after disabling user account. type: string - arguments: - - description: The User account to sign out - name: accountName + - description: 'List of object(s) containing `account_name` and optional `description`. e.g. [{"account_name":"some-account","description":"sign-out"}].' + name: account_identifiers required: true - - description: Description of a response task - name: description - description: Signs the user out of all active application and browser sessions. Supported IAM systems -> Azure AD + isArray: true + description: Signs the user out of all active application and browser sessions. Supported IAM systems -> Azure AD. name: trendmicro-visionone-force-signout outputs: - - contextPath: VisionOne.User_Account.status_code - description: Task status code of request to sign out user + - contextPath: VisionOne.Force_Sign_Out.status + description: Status of request to sign out user. type: number - - contextPath: VisionOne.User_Account.taskId - description: Task ID of signing out user + - contextPath: VisionOne.Force_Sign_Out.task_id + description: Task ID generated after signing out user. type: string - arguments: - - description: The User account for which the password needs to be reset - name: accountName + - description: 'List of object(s) containing `account_name` and optional `description`. e.g. [{"account_name":"some-account","description":"reset"}].' + name: account_identifiers required: true - - description: Description of a response task - name: description - description: Signs the user out of all active application and browser sessions, and forces the user to create a new password during the next sign-in attempt. Supported IAM systems -> Azure AD and Active Directory (on-premises) + isArray: true + description: Signs the user out of all active application and browser sessions, and forces the user to create a new password during the next sign-in attempt. Supported IAM systems -> Azure AD and Active Directory (on-premises). name: trendmicro-visionone-force-password-reset outputs: - - contextPath: VisionOne.User_Account.status_code - description: Task status code of request to reset user password + - contextPath: VisionOne.Force_Password_Reset.status + description: Status of request to reset user password. type: number - - contextPath: VisionOne.User_Account.taskId - description: Task ID of resetting user password + - contextPath: VisionOne.Force_Password_Reset.task_id + description: Task ID generated after resetting user password. type: string - arguments: - - description: 'The type of object you would like to add to the block list: "file_sha1", "ip", "domain", "url" or "mailbox"' - name: value_type + - description: 'List of object(s) made up of `object_type` (domain,ip,file_sha1,url,sender_mail_address), `object_value` and optional `description`. e.g. [{"object_type":"domain","object_value":"www.yahoo.com"}].' + name: block_objects required: true - auto: PREDEFINED - predefined: - - file_sha1 - - domain - - ip - - url - - mailbox - - description: The object you would like to add that matches the value-type - name: target_value - required: true - - description: Optional description for reference - name: description - description: Adds a file SHA-1, IP address, domain, or URL object to the User-Defined Suspicious Objects List, which blocks the objects on subsequent detections + isArray: true + description: Adds a domain, ip, file_sha1, url, sender_mail_address to the User-Defined Suspicious Objects List, which blocks the objects on subsequent detections. name: trendmicro-visionone-add-to-block-list outputs: - - contextPath: VisionOne.BlockList.taskId - description: Task ID of action of adding file SHA-1, IP address, domain, or URL to the User-Defined Suspicious Objects List - type: string - contextPath: VisionOne.BlockList.status - description: Task status of adding file SHA-1, IP address, domain, or URL object to the User-Defined Suspicious Objects List + description: Status of adding domain, ip, file_sha1, url, sender_mail_address to the User-Defined Suspicious Objects List. type: number + - contextPath: VisionOne.BlockList.task_id + description: Task ID generated after adding domain, ip, file_sha1, url, sender_mail_address to the User-Defined Suspicious Objects List. + type: string - arguments: - - description: 'The type of object you would like to remove from the block list: "file_sha1", "ip", "domain", "url" or "mailbox"' - name: value_type - auto: PREDEFINED - predefined: - - file_sha1 - - domain - - ip - - url - - mailbox - required: true - - description: The object you would like to add that matches the value-type - name: target_value - required: true - - description: Optional description for reference - name: description - description: Removes a file SHA-1, IP address, domain, or URL from the User-Defined Suspicious Objects List + - description: 'List of object(s) made up of `object_type` (domain,ip,file_sha1,url,sender_mail_address), `object_value` and optional `description`. e.g. [{"object_type":"domain","object_value":"www.yahoo.com"}].' + name: block_objects + required: true + isArray: true + description: Removes a domain, ip, file_sha1, url, sender_mail_address from the User-Defined Suspicious Objects List. name: trendmicro-visionone-remove-from-block-list outputs: - - contextPath: VisionOne.BlockList.taskId - description: Task ID of action of removing file SHA-1, IP address, domain, or URL object from the User-Defined Suspicious Objects List - type: string - contextPath: VisionOne.BlockList.status - description: Task Status of removing file SHA-1, IP address, domain, or URL object that was added to the User-Defined Suspicious Objects List from block list + description: Status of removing domain, ip, file_sha1, url, sender_mail_address that was added to the User-Defined Suspicious Objects List from block list. type: number + - contextPath: VisionOne.BlockList.task_id + description: Task ID generated after removing domain, ip, file_sha1, url, sender_mail_address from the User-Defined Suspicious Objects List. + type: string - arguments: - - description: Email Message ID from Trend Micro Vision One message activity data - name: message_id + - description: 'List of object(s) containing `message_id` (), `mailbox` (mailbox ID) and `description` or `unique_id` (msgUuid) and optional `description` from Trend Micro Vision One message activity data. e.g. [{"message_id":"xasbjAgs72912-asdjnaj","mailbox":"mailbox-name","description":"quarantine"}].' + name: email_identifiers required: true - - description: Unique alphanumeric string that identifies an email message within one mailbox - name: uniqueId - required: true - - description: Email mailbox where the message will be quarantined from - name: mailbox - - description: Optional description for reference - name: description - description: Moves a message from a mailbox to the quarantine folder + isArray: true + description: Moves a message from a mailbox to the quarantine folder. name: trendmicro-visionone-quarantine-email-message outputs: - - contextPath: VisionOne.Email.taskId - description: The Task Id of moving a message from a mailbox to the quarantine folder - type: string - contextPath: VisionOne.Email.status - description: The status of moving a message from a mailbox to the quarantine folder + description: Status of moving a message from a mailbox to the quarantine folder. type: number + - contextPath: VisionOne.Email.task_id + description: Task ID generated after moving a message from a mailbox to the quarantine folder. + type: string - arguments: - - description: Email Message ID from Trend Micro Vision One message activity data - name: message_id + - description: 'List of object(s) containing `message_id` (), `mailbox` (mailbox ID) and `description` or `unique_id` (msgUuid) and optional `description` from Trend Micro Vision One message activity data. e.g. [{"message_id":"xasbjAgs72912-asdjnaj","mailbox":"mailbox-name","description":"disable":"delete"}].' + name: email_identifiers required: true - - description: Unique alphanumeric string that identifies an email message within one mailbox - name: uniqueId - required: true - - description: Email mailbox where the message will be quarantined from - name: mailbox - - description: Optional description for reference - name: description - description: Deletes a message from a mailbox + isArray: true + description: Deletes a message from a mailbox. name: trendmicro-visionone-delete-email-message outputs: - - contextPath: VisionOne.Email.taskId - description: The Task id of deleting a message from a mailbox + - contextPath: VisionOne.Email.status + description: Status of deleting a message from a mailbox. + type: number + - contextPath: VisionOne.Email.task_id + description: Task ID generated after deleting a message from a mailbox. type: string + - arguments: + - description: 'List of object(s) containing `message_id` (), `mailbox` (mailbox ID) and `description` or `unique_id` (msgUuid) and optional `description` from Trend Micro Vision One message activity data. e.g. [{"message_id":"xasbjAgs72912-asdjnaj","mailbox":"mailbox-name"}].' + name: email_identifiers + required: true + isArray: true + description: Restores a quarantined message. Deleted messages cannot be restored. + name: trendmicro-visionone-restore-email-message + outputs: - contextPath: VisionOne.Email.status - description: The task status of deleting a message from a mailbox + description: Status of restoring a message. type: number + - contextPath: VisionOne.Email.task_id + description: 'Task ID generated after restoring a message.' + type: string - arguments: - - description: '"hostname" or "agentGuid" of the endpoint to isolate' - name: endpoint + - description: 'List of object(s) containing `endpoint` (hostname) and `description` or `agent_guid` and `description`. e.g. [{"endpoint":"test-endpoint","description":"isolate endpoint"}].' + name: endpoint_identifiers required: true - - description: Description - name: description - description: Disconnects an endpoint from the network (but allows communication with the managing Trend Micro product) + isArray: true + description: Disconnects an endpoint from the network (but allows communication with the managing Trend Micro product). name: trendmicro-visionone-isolate-endpoint outputs: - - contextPath: VisionOne.Endpoint_Connection.taskId - description: The task ID of isolate endpoint task - type: string - - contextPath: VisionOne.Endpoint_Connection.taskStatus - description: 'The task status of isolate endpoint ' + - contextPath: VisionOne.Endpoint_Connection.status + description: Status of isolating endpoint(s). type: number + - contextPath: VisionOne.Endpoint_Connection.task_id + description: 'Task ID generated after isolating endpoint(s).' + type: string - arguments: - - description: '"hostname" or "agentGuid" of the endpoint to restore' - name: endpoint + - description: 'List of object(s) containing `endpoint` (hostname) and `description` or `agent_guid` and `description`. e.g. [{"endpoint":"test-endpoint","description":"restore endpoint"}].' + name: endpoint_identifiers required: true - - description: Description - name: description - description: Restores network connectivity to an endpoint that applied the "isolate endpoint" action + isArray: true + description: Restores network connectivity to an endpoint that applied the "isolate endpoint" action. name: trendmicro-visionone-restore-endpoint-connection outputs: - - contextPath: VisionOne.Endpoint_Connection.taskId - description: The task ID of the restore endpoint connection - type: string - - contextPath: VisionOne.Endpoint_Connection.taskStatus - description: The task status of restore endpoint connection + - contextPath: VisionOne.Endpoint_Connection.status + description: Status of restoring endpoint(s). type: number + - contextPath: VisionOne.Endpoint_Connection.task_id + description: Task ID generated after restoring endpoint(s). + type: string - arguments: - - description: 'Object type: "domain", "ip", "fileSha1", "fileSha256", "senderMailAddress" or "url".' - name: type - auto: PREDEFINED - predefined: - - domain - - ip - - fileSha1 - - fileSha256 - - senderMailAddress - - url - required: true - - description: The object value. Full and partial matches supported. Domain partial match, (with a wildcard as the subdomain, example, .example.com) IP partial match, (IP range example, 192.168.35.1-192.168.35.254, cidr example, 192.168.35.1/24) URL Partial match, (Supports wildcards 'http://.'', 'https://.'' at beginning, or ''' at the end. Multiple wild cards also supported, such as , https://.example.com/path1/) SHA1 Only full match" - name: value - required: true - - description: Exception description. - name: description - description: Adds domains, file SHA-1 values, IP addresses, or URLs to the Exception List and prevents these objects from being added to the Suspicious Object List + - description: 'List of object(s) consisting of `object_type` (domain,ip,url,file_sha1,file_sha256,sender_mail_address), `object_value` and `description`. e.g. [{"object_type":"ip","object_value":"5.5.5.5"}, {"object_type":"domain","object_value":"www.yahoo.com"}].' + name: block_objects + required: true + isArray: true + description: Adds domain, ip, url, file_sha1, file_sha256, sender_mail_address to the Exception List and prevents these objects from being added to the Suspicious Object List. name: trendmicro-visionone-add-objects-to-exception-list outputs: - - contextPath: VisionOne.Exception_List.status_code - description: status code of response + - contextPath: VisionOne.Exception_List.message + description: Success or fail response message. + type: string + - contextPath: VisionOne.Exception_List.multi_response.status + description: Status of adding item(s) to exception list. type: number + - contextPath: VisionOne.Exception_List.multi_response.task_id + description: Task ID generated after adding item(s) to exception list. + type: string - contextPath: VisionOne.Exception_List.total_items - description: count of item present in exception list + description: Count of total items present in exception list. type: number - arguments: - - description: 'Object type: "domain", "ip", "fileSha1", "fileSha256", "senderMailAddress" or "url".' - name: type - auto: PREDEFINED - predefined: - - domain - - ip - - fileSha1 - - fileSha256 - - senderMailAddress - - url - required: true - - description: The object value. - name: value + - description: 'List of object(s) consisting of `object_type` (domain,ip,url,file_sha1,file_sha256,sender_mail_address), `object_value` and `description`. e.g. [{"object_type":"ip","object_value":"5.5.5.5","description":"exception list"}].' + name: block_objects required: true - description: Deletes domains, file SHA-1 values, IP addresses, or URLs from the Exception List. + isArray: true + description: Deletes domain, ip, url, file_sha1, file_sha256, sender_mail_address from the Exception List. name: trendmicro-visionone-delete-objects-from-exception-list outputs: - - contextPath: VisionOne.Exception_List.status_code - description: status code of response + - contextPath: VisionOne.Exception_List.message + description: Success or fail response message. + type: string + - contextPath: VisionOne.Exception_List.multi_response.status + description: status code of response. type: number + - contextPath: VisionOne.Exception_List.multi_response.task_id + description: Task ID generated after removing item(s) from exception list. + type: string - contextPath: VisionOne.Exception_List.total_items - description: count of item present in exception list + description: count of item present in exception list. type: number - arguments: - - description: 'Object type: "domain", "ip", "fileSha1", "fileSha256", "senderMailAddress" or "url".' - name: type - auto: PREDEFINED - predefined: - - domain - - ip - - fileSha1 - - fileSha256 - - senderMailAddress - - url - required: true - - description: The object value. - name: value - required: true - - description: Description - name: description - - description: The action to take if object is found. If you don't use this parameter, the scan action specified in default_settings.riskLevel.type will be used instead. "block" or "log". - name: scan_action - auto: PREDEFINED - predefined: - - block - - log - - description: The Suspicious Object risk level. If you don't use this parameter, high will be used instead. "high", "medium" or "low". - name: risk_level - auto: PREDEFINED - predefined: - - high - - medium - - low - - description: The number of days to keep the object in the Suspicious Object List. If you don't use this parameter, the default_settings.expiredDay scan action will be used instead. - name: expiry_days - description: Adds domains, file SHA-1/SHA-256 values, IP addresses, senderMailAddress, or URLs to the Suspicious Object List. + - description: 'List of object(s) consisting of `object_type` (domain,ip,url,file_sha1,file_sha256,sender_mail_address), `object_value`, `scan_action`, `risk_level`, `expiry_days` and `description`. e.g. [{"object_type":"ip","object_value":"5.5.5.5","scan_action":"block","risk_level":"medium","expiry_days":7}].' + name: block_objects + required: true + isArray: true + description: Adds domain, ip, url, file_sha1, file_sha256, sender_mail_address to the Suspicious Object List. name: trendmicro-visionone-add-objects-to-suspicious-list outputs: - - contextPath: VisionOne.Suspicious_List.status_code - description: Response code of adding item to suspicious object list + - contextPath: VisionOne.Suspicious_List.message + description: Success or fail response message. + type: string + - contextPath: VisionOne.Suspicious_List.multi_response.status + description: Status of request to add item(s) to suspicious list. type: number + - contextPath: VisionOne.Suspicious_List.multi_response.task_id + description: Task ID generated after adding item(s) to suspicious list. + type: string - contextPath: VisionOne.Suspicious_List.total_items - description: Number of items present in suspicious object list + description: Count of total items present in suspicious object list. type: number - arguments: - - description: 'Object type: "domain", "ip", "fileSha1", "fileSha256", "senderMailAddress" or "url".' - name: type - auto: PREDEFINED - predefined: - - domain - - ip - - fileSha1 - - fileSha256 - - senderMailAddress - - url + - description: 'List of object(s) consisting of `object_type` (domain,ip,url,file_sha1,file_sha256,sender_mail_address) and `object_value`. e.g. [{"object_type":"ip","object_value":"5.5.5.5"}].' + name: block_objects required: true - - description: The object value. - name: value - required: true - description: Deletes domains, file SHA-1 values, IP addresses, or URLs from the Suspicious Object List + isArray: true + description: Deletes domain, ip, url, file_sha1, file_sha256, sender_mail_address from the Suspicious Object List. name: trendmicro-visionone-delete-objects-from-suspicious-list outputs: - - contextPath: VisionOne.Suspicious_List.status_code - description: Response code of removing item from suspicious object list + - contextPath: VisionOne.Suspicious_List.message + description: Success or fail response message. + type: string + - contextPath: VisionOne.Suspicious_List.multi_response.status + description: Status of request to remove item(s) from suspicious object list. type: number + - contextPath: VisionOne.Suspicious_List.multi_response.task_id + description: Task ID generated after removing item(s) from suspicious object list. + type: string - contextPath: VisionOne.Suspicious_List.total_items - description: Number of items present in suspicious object list + description: Count of total items present in suspicious object list. type: number - arguments: - - description: '"hostname", "macAddress", "agentGuid" or "ip" of the endpoint to query' + - description: 'comma separated string containing Hostname, IP, macAddress or agentGuid of the endpoint(s) to query.' name: endpoint required: true - description: Retrieves information about a specific endpoint + - description: 'Operator used to build request header query that allows you to retrieve a subset of the collected endpoint(s). e.g. endpointName eq sample-host `or` macAddress eq 00:11:22:33:44:55.' + name: query_op + required: true + auto: PREDEFINED + predefined: + - and + - or + description: Retrieves information about a specific endpoint. name: trendmicro-visionone-get-endpoint-info outputs: - - contextPath: VisionOne.Endpoint_Info.status - description: Status of the request + - contextPath: VisionOne.Endpoint_Info.agent_guid + description: Agent Guid of the endpoint. type: string - - contextPath: VisionOne.Endpoint_Info.logonAccount - description: Account currently logged on to the endpoint + - contextPath: VisionOne.Endpoint_Info.login_account.value + description: Account currently logged on to the endpoint. type: string - - contextPath: VisionOne.Endpoint_Info.hostname - description: Hostname + - contextPath: VisionOne.Endpoint_Info.endpoint_name.value + description: Hostname of the endpoint queried. type: string - - contextPath: VisionOne.Endpoint_Info.macAddr - description: MAC address + - contextPath: VisionOne.Endpoint_Info.mac_address.value + description: MAC address of the endpoint queried. type: string - - contextPath: VisionOne.Endpoint_Info.ip - description: IP address + - contextPath: VisionOne.Endpoint_Info.ip.value + description: IP address of the endpoint queried. type: string - - contextPath: VisionOne.Endpoint_Info.osName - description: Operating System name + - contextPath: VisionOne.Endpoint_Info.os_name + description: Operating System name of the endpoint queried. type: string - - contextPath: VisionOne.Endpoint_Info.osVersion - description: Operating System version + - contextPath: VisionOne.Endpoint_Info.os_version + description: Operating System version of the endpoint queried. type: string - - contextPath: VisionOne.Endpoint_Info.osDescription - description: Description of the Operating System + - contextPath: VisionOne.Endpoint_Info.os_description + description: Description of the Operating System of the endpoint queried. type: string - - contextPath: VisionOne.Endpoint_Info.productCode - description: Product code of the Trend Micro product running on the endpoint + - contextPath: VisionOne.Endpoint_Info.product_code + description: Product code of the Trend Micro product running on the endpoint. type: string - - contextPath: VisionOne.Endpoint_Info.agentGuid - description: AgentGuid of the endpoint + - contextPath: VisionOne.Endpoint_Info.installed_product_codes + description: Product code of the Trend Micro product installed on the endpoint. type: string - - contextPath: VisionOne.Endpoint_Info.installedProductCodes - description: Product code of the Trend Micro product installed on the endpoint + - arguments: + - description: 'Statement that allows you to retrieve a subset of the collected endpoint activity data. e.g. {"endpointName":"sample-host","macAddress":"00:11:22:33:44:55"}. Complete list of supported fields (https://automation.trendmicro.com/xdr/api-v3#tag/Search/paths/~1v3.0~1search~1endpointActivities/get).' + name: fields + required: true + - description: Operator used to build request header query that allows you to retrieve a subset of the collected endpoint activity data. e.g. endpointName:sample-host `or` src:192.169.1.1. + name: query_op + auto: PREDEFINED + predefined: + - and + - or + default: true + - description: 'Timestamp in ISO 8601 format that indicates the start of the data retrieval range. If no value is specified, start defaults to 24 hours before the request is made.' + name: start + - description: 'Timestamp in ISO 8601 format that indicates the end of the data retrieval time range. If no value is specified, end defaults to the time the request is made.' + name: end + - description: 'Number of records displayed on a page.' + name: top + - description: 'List of fields to include in the search results. If no fields are specified, the query returns all supported fields.' + name: select + description: Displays search results from the Endpoint Activity Data source that match the parameters provided. + name: trendmicro-visionone-get-endpoint-activity-data + outputs: + - contextPath: VisionOne.Endpoint_Activity_Data.dpt + description: Destination port. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.dst + description: Destination IP address. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.endpoint_guid + description: endpoint GUID for identity. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.endpoint_host_name + description: Hostname of the endpoint on which the event was generated. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.endpoint_ip + description: Endpoint IP address list. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.event_id + description: ID corresponding to data field mapping. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.event_sub_id + description: ID corresponding to data field mapping. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_integrity_level + description: ID corresponding to data field mapping. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_true_type + description: ID corresponding to data field mapping. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_sub_true_type + description: ID corresponding to data field mapping. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.win_event_id + description: ID corresponding to data field mapping. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.event_time + description: Log collect time utc format. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.event_time_d_t + description: Log collect time. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.host_name + description: Hostname of the endpoint on which the event was generated. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.logon_user + description: Logon user name. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_cmd + description: Command line entry of target process. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_file_hash_sha1 + description: The SHA1 hash of target process image or target file. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_file_path + description: File path location of target process image or target file. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_host_name + description: Server name where Internet event was detected. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_ip + description: IP address of internet event. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_ips + description: IP address list of internet event. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_port + description: The port number used by internet event. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_registry_data + description: The registry value data. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_registry_key_handle + description: The registry key. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_registry_value + description: Registry value name. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_signer + description: Certificate signer of object process or file. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_signer_valid + description: Validity of certificate signer. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.object_user + description: The owner name of target process / The logon user name. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.os + description: System. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.parent_cmd + description: The command line that parent process. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.parent_file_hash_sha1 + description: The SHA1 hash of parent process. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.parent_file_path + description: The file path location of parent process. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.process_cmd + description: The command line used to launch this process. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.process_file_hash_sha1 + description: The process file sha1. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.process_file_path + description: The process file path. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.request + description: Request URL (normally detected by Web Reputation Services). + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.search_d_l + description: Search data lake. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.spt + description: Source port. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.src + description: Source IP address. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.src_file_hash_sha1 + description: Source file sha1. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.src_file_path + description: Source file path. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.tags + description: Detected by Security Analytics Engine filters. + type: string + - contextPath: VisionOne.Endpoint_Activity_Data.uuid + description: Log unique identity. type: string - arguments: - - description: '"hostname" or "agentGuid" of the endpoint to terminate process on' - name: endpoint + - description: 'Statement that allows you to retrieve a subset of the collected endpoint activity data. e.g. {"endpointName":"sample-host","macAddress":"00:11:22:33:44:55"}. Complete list of supported fields (https://automation.trendmicro.com/xdr/api-v3#tag/Search/paths/~1v3.0~1search~1endpointActivities/get).' + name: fields required: true - - description: SHA1 hash of the process to terminate - name: file_sha1 + - description: 'Operator used to build request header query that allows you to retrieve a subset of the collected endpoint activity data. e.g. endpointName:sample-host `or` src:192.169.1.1..' + name: query_op + auto: PREDEFINED + predefined: + - and + - or + default: true + - description: 'Timestamp in ISO 8601 format that indicates the start of the data retrieval range. If no value is specified, start defaults to 24 hours before the request is made.' + name: start + - description: 'Timestamp in ISO 8601 format that indicates the end of the data retrieval time range. If no value is specified, end defaults to the time the request is made.' + name: end + - description: 'List of fields to include in the search results. If no fields are specified, the query returns all supported fields.' + name: select + description: Displays total count of search results from the Endpoint Activity Data source that match the parameters provided. + name: trendmicro-visionone-get-endpoint-activity-data-count + outputs: + - contextPath: VisionOne.Endpoint_Activity_Data_Count.endpoint_activity_count + description: Total count for endpoint activity queried. + type: string + - arguments: + - description: 'Statement that allows you to retrieve a subset of the collected email activity data. e.g. {"mailMsgSubject":"spam","mailSenderIp":"192.169.1.1"}. Complete list of supported fields (https://automation.trendmicro.com/xdr/api-v3#tag/Search/paths/~1v3.0~1search~1emailActivities/get).' + name: fields required: true - - description: Description - name: description - - description: Optional file name list for log - name: filename - description: Terminates a process that is running on an endpoint - name: trendmicro-visionone-terminate-process + - description: Operator used to build request header query that allows you to retrieve a subset of the collected email activity data. e.g. mailMsgSubject:spam `and` mailSenderIp:192.169.1.1..' + name: query_op + auto: PREDEFINED + predefined: + - and + - or + default: true + - description: 'Timestamp in ISO 8601 format that indicates the start of the data retrieval range. If no value is specified, start defaults to 24 hours before the request is made.' + name: start + - description: 'Timestamp in ISO 8601 format that indicates the end of the data retrieval time range. If no value is specified, end defaults to the time the request is made.' + name: end + - description: 'Number of records displayed on a page.' + name: top + - description: 'List of fields to include in the search results. If no fields are specified, the query returns all supported fields.' + name: select + description: Displays search results from the Email Activity Data source that match the parameters provided. + name: trendmicro-visionone-get-email-activity-data outputs: - - contextPath: VisionOne.Terminate_Process.taskId - description: Task Id of the current running task + - contextPath: VisionOne.Email_Activity_Data.mail_msg_subject + description: Subject of the email message. + type: string + - contextPath: VisionOne.Email_Activity_Data.mail_msg_id + description: Internet message ID of the email message. + type: string + - contextPath: VisionOne.Email_Activity_Data.msg_uuid + description: Unique ID of the email message. + type: string + - contextPath: VisionOne.Email_Activity_Data.mailbox + description: Mailbox where the email message is. + type: string + - contextPath: VisionOne.Email_Activity_Data.mail_sender_ip + description: Source IP address of the email message. + type: string + - contextPath: VisionOne.Email_Activity_Data.mail_from_addresses + description: Sender email address of the email message. type: string - - contextPath: VisionOne.Terminate_Process.taskStatus - description: Status of current running task + - contextPath: VisionOne.Email_Activity_Data.mail_whole_header + description: Information about the header of the email message. + type: string + - contextPath: VisionOne.Email_Activity_Data.mail_to_addresses + description: A list of recipient email addresses of the email message. + type: string + - contextPath: VisionOne.Email_Activity_Data.mail_source_domain + description: Source domain of the email message. + type: string + - contextPath: VisionOne.Email_Activity_Data.search_d_l + description: Search data lake. + type: string + - contextPath: VisionOne.Email_Activity_Data.scan_type + description: Email activity scan type. + type: string + - contextPath: VisionOne.Email_Activity_Data.event_time + description: Date and time UTC. + type: string + - contextPath: VisionOne.Email_Activity_Data.org_id + description: Unique ID used to identify an organization. + type: string + - contextPath: VisionOne.Email_Activity_Data.mail_urls_visible_link + description: Visible link in email message. + type: string + - contextPath: VisionOne.Email_Activity_Data.mail_urls_real_link + description: Real link in email message. + type: string + - arguments: + - description: 'Statement that allows you to retrieve a subset of the collected email activity data. e.g. {"mailMsgSubject":"spam","mailSenderIp":"192.169.1.1"}. Complete list of supported fields (https://automation.trendmicro.com/xdr/api-v3#tag/Search/paths/~1v3.0~1search~1emailActivities/get).' + name: fields + required: true + - description: 'Operator used to build request header query that allows you to retrieve a subset of the collected email activity data. e.g. mailMsgSubject:spam `and` mailSenderIp:192.169.1.1..' + name: query_op + auto: PREDEFINED + predefined: + - and + - or + default: true + - description: 'Timestamp in ISO 8601 format that indicates the start of the data retrieval range. If no value is specified, start defaults to 24 hours before the request is made.' + name: start + - description: 'Timestamp in ISO 8601 format that indicates the end of the data retrieval time range. If no value is specified, end defaults to the time the request is made.' + name: end + - description: 'List of fields to include in the search results. If no fields are specified, the query returns all supported fields.' + name: select + description: Displays search results from the Email Activity Data source that match the parameters provided. + name: trendmicro-visionone-get-email-activity-data-count + outputs: + - contextPath: VisionOne.Email_Activity_Data_Count.email_activity_count + description: Total count of email activity. + type: string + - arguments: + - description: 'List of object(s) consisting of `endpoint` (hostname) or `agent_guid`, `file_sha1`, `filename` and `description`. e.g. [{"endpoint":"test-endpoint","file_sha1":"fb5608fa03de204a12fe1e9e5275e4a682107471","filename":"test.txt","description":"terminate process"}].' + name: process_identifiers + required: true + isArray: true + outputs: + - contextPath: VisionOne.Terminate_Process.status + description: Status of request to terminate process. type: number + - contextPath: VisionOne.Terminate_Process.task_id + description: Task Id generated after terminating a process. + type: string + description: Terminates a process that is running on an endpoint. + name: trendmicro-visionone-terminate-process - arguments: - - description: task_id from the trendmicro-visionone-submit-file-to-sandbox command output + - description: 'task_id from the trendmicro-visionone-submit-file-to-sandbox command output.' name: task_id required: true - description: Retrieves the status of a sandbox analysis submission - name: trendmicro-visionone-get-file-analysis-status outputs: - contextPath: VisionOne.File_Analysis_Status.id - description: Submission ID of the file submitted for sandbox analysis + description: Submission ID of the file submitted for sandbox analysis. type: string - contextPath: VisionOne.File_Analysis_Status.status - description: Response code for the action call + description: Response code for the action call. type: string - contextPath: VisionOne.File_Analysis_Status.action - description: Action performed on the submitted file + description: Action performed on the submitted file. type: string - contextPath: VisionOne.File_Analysis_Status.error - description: Error code and message for the submission + description: Error code and message for the submission. type: string - contextPath: VisionOne.File_Analysis_Status.digest - description: The hash values of file analyzed + description: The hash values of file analyzed. type: string - - contextPath: VisionOne.File_Analysis_Status.createdDateTime - description: Create date time for the sandbox analysis + - contextPath: VisionOne.File_Analysis_Status.created_date_time + description: Create date time for the sandbox analysis. type: string - - contextPath: VisionOne.File_Analysis_Status.lastActionDateTime - description: Date and time for last action performed on the submission + - contextPath: VisionOne.File_Analysis_Status.last_action_date_time + description: Date and time for last action performed on the submission. type: string - - contextPath: VisionOne.File_Analysis_Status.resourceLocation - description: Location of the submitted file + - contextPath: VisionOne.File_Analysis_Status.resource_location + description: Location of the submitted file. type: string - - contextPath: VisionOne.File_Analysis_Status.isCached - description: Is the file cached or not (True or False) + - contextPath: VisionOne.File_Analysis_Status.is_cached + description: Is the file cached or not (True or False). type: string - contextPath: VisionOne.File_Analysis_Status.arguments - description: Arguments for the file submitted + description: Arguments for the file submitted. type: string + description: Retrieves the status of a sandbox analysis submission. + name: trendmicro-visionone-get-file-analysis-status - arguments: - - description: report_id of the sandbox submission retrieved from the trendmicro-visionone-get-file-analysis-status command + - description: report_id of the sandbox submission retrieved from the trendmicro-visionone-get-file-analysis-status command. name: report_id required: true - description: Retrieves the sandbox submission analysis result - name: trendmicro-visionone-get-file-analysis-result + - description: If script should wait until the task is finished before returning the result, enabled by default. + name: poll + auto: PREDEFINED + predefined: + - "true" + - "false" + default: true + - description: Maximum time to wait for the result to be available. + name: poll_time_sec outputs: - - contextPath: VisionOne.File_Analysis_Result.status_code - description: status code of file report + - contextPath: VisionOne.File_Analysis_Result.id + description: Report ID for the submission. type: string - contextPath: VisionOne.File_Analysis_Result.type - description: Suspicious object type + description: Type of object. type: string - contextPath: VisionOne.File_Analysis_Result.digest - description: The hash values of file analyzed + description: The hash values of file analyzed. type: string - contextPath: VisionOne.File_Analysis_Result.risk_level - description: Risk Level of suspicious object + description: Risk Level of suspicious object. type: string - - contextPath: VisionOne.File_Analysis_Result.analysisCompletionDateTime - description: Analyze time of suspicious object + - contextPath: VisionOne.File_Analysis_Result.analysis_completion_date_time + description: Analyze time of suspicious object. type: string - contextPath: VisionOne.File_Analysis_Result.arguments - description: Arguments for the suspicious object + description: Arguments for the suspicious object. type: string - - contextPath: VisionOne.File_Analysis_Result.detectionNames - description: Detection name for the suspicious object + - contextPath: VisionOne.File_Analysis_Result.detection_names + description: Detection name for the suspicious object. type: string - - contextPath: VisionOne.File_Analysis_Result.threatTypes - description: Threat type of the suspicious object + - contextPath: VisionOne.File_Analysis_Result.threat_types + description: Threat type of the suspicious object. type: string - - contextPath: VisionOne.File_Analysis_Result.trueFileType + - contextPath: VisionOne.File_Analysis_Result.true_file_type description: File type for the suspicious object. type: string - contextPath: VisionOne.File_Analysis_Result.DBotScore.Score @@ -504,161 +724,204 @@ script: - contextPath: VisionOne.File_Analysis_Result.DBotScore.Reliability description: The reliability of an intelligence-data source. type: string + description: Retrieves the sandbox submission analysis result. + name: trendmicro-visionone-get-file-analysis-result - arguments: - - description: '"hostname" or "macaddr" of the endpoint to collect file from' - name: endpoint - required: true - - description: Path to the file to collect. - name: file_path + - description: 'List of object(s) containing `endpoint` (hostname) or `agent_guid`, `file_path` and `description`. e.g. [{"endpoint":"test-endpoint","file_path":"C:/test_dir/test.txt","filename":"test.txt","description":"collect file"}].' + name: collect_files required: true - - description: Description of the file. - name: description - description: Compresses a file on an endpoint in a password-protected archive and then sends the archive to the XDR service platform + isArray: true + description: Compresses a file on an endpoint in a password-protected archive and then sends the archive to the XDR service platform. name: trendmicro-visionone-collect-forensic-file outputs: - - contextPath: VisionOne.Collect_Forensic_File.taskId - description: Task ID of the particular file. - type: string - - contextPath: VisionOne.Collect_Forensic_File.taskStatus - description: Task status of collected file + - contextPath: VisionOne.Collect_Forensic_File.status + description: Status of request to collect file from endpoint. type: number + - contextPath: VisionOne.Collect_Forensic_File.task_id + description: Task ID generated after collecting file for forensic analysis. + type: string - arguments: - - description: taskId output from the collect command used to collect the file. + - description: taskId output from the collect forensic file command. name: task_id required: true - description: Retrieves a URL and other information required to download a collected file via the trendmicro-visionone-collect-forensic-file command - name: trendmicro-visionone-download-information-for-collected-forensic-file + - description: If script should wait until the task is finished before returning the result, enabled by default. + name: poll + auto: PREDEFINED + predefined: + - "true" + - "false" + default: true + - description: Maximum time to wait for the result to be available. + name: poll_time_sec outputs: - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.status - description: Status of action performed (succeeded, running or failed) + description: Status of action performed (succeeded, running or failed). type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.createdDateTime - description: The create date time for the file + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.created_date_time + description: The create date time for the file. type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.taskId - description: The task ID for the response of collect file + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.id + description: Task ID used to query for forensic file information. type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.lastActionDateTime - description: Time and date of last action on file + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.last_action_date_time + description: Time and date of last action on file. type: string - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.description - description: Task description + description: Task description. type: string - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.action - description: Action performed on file + description: Action performed on file. type: string - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.account - description: The account associated with the request + description: The account associated with the request. type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.agentGuid - description: AgentGuid of the endpoint used to collect file + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.agent_guid + description: AgentGuid of the endpoint used to collect file. type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.endpointName - description: hostname of the endpoint used to collect file + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.endpoint_name + description: hostname of the endpoint used to collect file. type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.filePath - description: File path for the file that was collected + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.file_path + description: File path for the file that was collected. type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.fileSha1 - description: The fileSha1 for the collected file + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.file_sha1 + description: The fileSha1 for the collected file. type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.fileSha256 - description: The fileSha256 for the collected file + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.file_sha256 + description: The fileSha256 for the collected file. type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.fileSize - description: The file size of the file collected + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.file_size + description: The file size of the file collected. type: number - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.resourceLocation - description: URL location of the file collected that can be used to download + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.resource_location + description: URL location of the file collected that can be used to download. type: string - - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.expiredDateTime - description: The expiration date and time of the file + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.expired_date_time + description: The expiration date and time of the file. type: string - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.password - description: The password for the file collected + description: The password for the file collected. type: string + - contextPath: VisionOne.Download_Information_For_Collected_Forensic_File.error + description: Error response generated for the request. + type: string + description: Retrieves a URL and other information required to download a collected file via the trendmicro-visionone-collect-forensic-file command. + name: trendmicro-visionone-download-information-for-collected-forensic-file - arguments: - - description: The submission ID for the object submitted to sandbox for analysis + - description: The submission ID for the object submitted to sandbox for analysis. name: submission_id required: true - - description: Optional name for the package to be downloaded - name: filename + - description: If script should wait until the task is finished before returning the result, enabled by default. + name: poll + auto: PREDEFINED + predefined: + - "true" + - "false" + default: true + - description: Maximum time to wait for the result to be available. + name: poll_time_sec outputs: - - contextPath: VisionOne.Download_Investigation_Package.submissionId - description: The submission for the file + - contextPath: VisionOne.Download_Investigation_Package.submission_id + description: The submission for the file. type: string - - contextPath: VisionOne.Download_Investigation_Package.code - description: Response status code for the command + - contextPath: VisionOne.Download_Investigation_Package.result_code + description: Result code of making a request to download investigation package. + type: number + - contextPath: VisionOne.Download_Investigation_Package.message + description: Message notifying user that investigation package is ready for download. type: number description: Downloads the investigation package based on submission ID. name: trendmicro-visionone-download-investigation-package - arguments: - - description: The submission ID for the object submitted to sandbox for analysis + - description: The submission ID for the object submitted to sandbox for analysis. name: submission_id required: true + - description: If script should wait until the task is finished before returning the result, enabled by default. + name: poll + auto: PREDEFINED + predefined: + - "true" + - "false" + default: true + - description: Maximum time to wait for the result to be available. + name: poll_time_sec outputs: - - contextPath: VisionOne.Download_Suspicious_Object_list.code - description: status code for the command - type: number - - contextPath: VisionOne.Download_Suspicious_Object_list.riskLevel - description: Risk level of the analyzed object + - contextPath: VisionOne.Download_Suspicious_Object_list.type + description: The type of suspicious object. type: string - - contextPath: VisionOne.Download_Suspicious_Object_list.analysisCompletionDateTime - description: The analysis completion date and time + - contextPath: VisionOne.Download_Suspicious_Object_list.value + description: Value of the suspicious object. type: string - - contextPath: VisionOne.Download_Suspicious_Object_list.expiredDateTime - description: The expiration date and time for the suspicious object + - contextPath: VisionOne.Download_Suspicious_Object_list.risk_level + description: Risk level of the analyzed object. type: string - - contextPath: VisionOne.Download_Suspicious_Object_list.rootSha1 - description: The rootSha1 value for the object + - contextPath: VisionOne.Download_Suspicious_Object_list.root_sha1 + description: status code for the command. type: string - - contextPath: VisionOne.Download_Suspicious_Object_list.ip - description: The endpoint ip associated with the submission + - contextPath: VisionOne.Download_Suspicious_Object_list.analysis_completion_date_time + description: The analysis completion date and time. + type: string + - contextPath: VisionOne.Download_Suspicious_Object_list.expired_date_time + description: The expiration date and time for the suspicious object. type: string - description: Downloads the suspicious object list associated to the specified object. Note ~ Suspicious Object Lists are only available for objects with a high risk level. name: trendmicro-visionone-download-suspicious-object-list + description: Downloads the suspicious object list associated to the specified object. Note ~ Suspicious Object Lists are only available for objects with a high risk level. - arguments: - - description: The submission ID for the object submitted to sandbox for analysis + - description: The submission ID for the object submitted to sandbox for analysis. name: submission_id required: true - - description: Optional name for the package to be downloaded - name: filename + - description: If script should wait until the task is finished before returning the result, enabled by default. + name: poll + auto: PREDEFINED + predefined: + - "true" + - "false" + default: true + - description: Maximum time to wait for the result to be available. + name: poll_time_sec outputs: - - contextPath: VisionOne.Download_Analysis_Report.submissionId - description: The submission for the file + - contextPath: VisionOne.Download_Analysis_Report.submission_id + description: The submission ID for the sandbox object. + type: string + - contextPath: VisionOne.Download_Analysis_Report.result_code + description: Result code of making a request to download analysis report. + type: string + - contextPath: VisionOne.Download_Analysis_Report.message + description: Message notifying user that analysis report is ready for download. type: string - - contextPath: VisionOne.Download_Analysis_Report.code - description: Response status code for the command - type: number description: Downloads the analysis report for an object submitted to sandbox for analysis based on the submission ID. name: trendmicro-visionone-download-analysis-report - arguments: - description: URL pointing to the location of the file to be submitted. - name: file_path + name: file_url + required: true + - description: Name of the file (including extension) to be analyzed. + name: file_name required: true - - description: Name of the file to be analyzed - name: filename - description: The Base64 encoded password for decrypting the submitted document. sample. name: document_password - description: The Base64 encoded password for decrypting the submitted archive. name: archive_password - description: Parameter that allows you to specify Base64-encoded command line arguments to run the submitted file. name: arguments - description: Submits a file to the sandbox for analysis (Note. For more information about the supported file types, see [the Trend Micro Vision One Online Help](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/threat-intelligence-/sandbox-analysis/sandbox-supported-fi.aspx). Submissions require credits. Does not require credits in regions where Sandbox Analysis has not been officially released.) - name: trendmicro-visionone-submit-file-to-sandbox outputs: + - contextPath: VisionOne.Submit_File_to_Sandbox.message + description: Result code of submitting file to sandbox for analysis. + type: string - contextPath: VisionOne.Submit_File_to_Sandbox.code - description: status code of the file submitted to sandbox - type: number + description: HTTP status code of the request made to submit file to sandbox. + type: string - contextPath: VisionOne.Submit_File_to_Sandbox.task_id - description: Task ID of the submitted file + description: ID generated for submitting file to sandbox for analysis. type: string - contextPath: VisionOne.Submit_File_to_Sandbox.digest - description: The hash value of the file + description: The hash value of the file. type: string - contextPath: VisionOne.Submit_File_to_Sandbox.arguments - description: Command line arguments to run the submitted file + description: Command line arguments to run the submitted file. type: string + description: Submits a file to the sandbox for analysis (Note. For more information about the supported file types, see [the Trend Micro Vision One Online Help](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/threat-intelligence-/sandbox-analysis/sandbox-supported-fi.aspx). Submissions require credits. Does not require credits in regions where Sandbox Analysis has not been officially released.) + name: trendmicro-visionone-submit-file-to-sandbox - arguments: - description: Entry ID of the file to be submitted. name: entry_id @@ -667,53 +930,132 @@ script: name: document_password - description: The Base64 encoded password for decrypting the submitted archive. name: archive_password + - description: Parameter that allows you to specify Base64-encoded command line arguments to run the submitted file. + name: arguments outputs: - contextPath: VisionOne.Submit_File_Entry_to_Sandbox.message - description: Status message of the file submitted to sandbox. + description: Result code of submitting file entry to sandbox for analysis. type: string - contextPath: VisionOne.Submit_File_Entry_to_Sandbox.code - description: status code of the file submitted to sandbox + description: HTTP status code of the request made to submit file entry to sandbox. type: string - contextPath: VisionOne.Submit_File_Entry_to_Sandbox.task_id - description: Task ID of the submitted file + description: ID of the submitted file. type: string - contextPath: VisionOne.Submit_File_Entry_to_Sandbox.digest - description: The hash value of the file + description: The hash value of the file. type: string - contextPath: VisionOne.Submit_File_Entry_to_Sandbox.filename - description: The name of the file submitted + description: The name of the file submitted. type: string - contextPath: VisionOne.Submit_File_Entry_to_Sandbox.file_path - description: The path to the file associated to incident + description: The path to the file associated to incident. type: string - - contextPath: VisionOne.Submit_File_Entry_to_Sandbox.entryId - description: The Entry ID for the file + - contextPath: VisionOne.Submit_File_Entry_to_Sandbox.entry_id + description: The Entry ID for the file. + type: string + - contextPath: VisionOne.Submit_File_Entry_to_Sandbox.arguments + description: Command line arguments to run the submitted file. type: string - description: Submits a file to the sandbox for analysis (Note. For more information about the supported file types, see [the Trend Micro Vision One Online Help](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/threat-intelligence-/sandbox-analysis/sandbox-supported-fi.aspx). Submissions require credits. Does not require credits in regions where Sandbox Analysis has not been officially released.) name: trendmicro-visionone-submit-file-entry-to-sandbox + description: Submits a file to the sandbox for analysis (Note. For more information about the supported file types, see [the Trend Micro Vision One Online Help](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/threat-intelligence-/sandbox-analysis/sandbox-supported-fi.aspx). Submissions require credits. Does not require credits in regions where Sandbox Analysis has not been officially released.) + - arguments: + - description: List of URLs to be sent for analysis. + name: urls + required: true + outputs: + - contextPath: VisionOne.Submit_Urls_to_Sandbox.id + description: ID generated for the URL sent to sandbox for analysis. + type: string + - contextPath: VisionOne.Submit_Urls_to_Sandbox.url + description: URL sent to sandbox for analysis. + type: string + - contextPath: VisionOne.Submit_Urls_to_Sandbox.digest + description: Digest value generated for the URL sent to sandbox for analysis. + type: string + - contextPath: VisionOne.Submit_Urls_to_Sandbox.status + description: HTTPS status code of making the request. + type: string + - contextPath: VisionOne.Submit_Urls_to_Sandbox.task_id + description: Task ID generated for the URL sent to sandbox for analysis. + type: string + description: Sends URL(s) to sandbox for analysis. + name: trendmicro-visionone-submit-urls-to-sandbox + - arguments: + - description: Workbench ID for the alert to query. + name: workbench_id + required: true + outputs: + - contextPath: VisionOne.Alert_Details.etag + description: The ETag of the resource you want to update. + type: string + - contextPath: VisionOne.Alert_Details.alert.id + description: ID of the workbench alert. + type: string + - contextPath: VisionOne.Alert_Details.alert.model + description: Name of the detection model that triggered the alert. + type: string + - contextPath: VisionOne.Alert_Details.alert.score + description: Overall severity assigned to the alert based on the severity of the matched detection model and the impact scope. + type: number + - contextPath: VisionOne.Alert_Details.alert.severity + description: Workbench alert severity. + type: string + - contextPath: VisionOne.Alert_Details.alert.indicators + description: The indicators refer to those objects which are found by RCA or sweeping. + type: string + - contextPath: VisionOne.Alert_Details.alert.description + description: Description of the detection model that triggered the alert. + type: string + - contextPath: VisionOne.Alert_Details.alert.impact_scope + description: Affected entities information. + type: string + - contextPath: VisionOne.Alert_Details.alert.matched_rules + description: The rules are triggered. + type: string + - contextPath: VisionOne.Alert_Details.alert.alert_provider + description: Alert provider. + type: string + - contextPath: VisionOne.Alert_Details.alert.schema_version + description: The version of the JSON schema, not the version of alert trigger content. + type: string + - contextPath: VisionOne.Alert_Details.alert.workbench_link + description: Workbench URL. + type: string + - contextPath: VisionOne.Alert_Details.alert.created_date_time + description: Datetime in ISO 8601 format (yyyy-MM-ddThh:mm:ssZ in UTC) that indicates the created date time of the alert. + type: string + - contextPath: VisionOne.Alert_Details.alert.updated_date_time + description: Datetime in ISO 8601 format (yyyy-MM-ddThh:mm:ssZ in UTC) that indicates the last updated date time of the alert. + type: string + - contextPath: VisionOne.Alert_Details.alert.investigation_status + description: Workbench alert status. + type: string + description: Fetches details for a specific alert. + name: trendmicro-visionone-get-alert-details - arguments: - description: polling the task for 30 seconds interval. name: polling default: true defaultValue: 'true' - - description: task_id from the trendmicro-visionone-submit-file-to-sandbox or trendmicro-visionone-submit-file-entry-to-sandbox command output + - description: task_id from the trendmicro-visionone-submit-file-to-sandbox or trendmicro-visionone-submit-file-entry-to-sandbox command output. name: task_id required: true outputs: - contextPath: VisionOne.Sandbox_Submission_Polling.message - description: Status of the sandbox analysis + description: Status of the sandbox analysis. type: string - contextPath: VisionOne.Sandbox_Submission_Polling.status_code - description: Response code + description: Status code of the request. type: string - - contextPath: VisionOne.Sandbox_Submission_Polling.task_id - description: task_id of the task queried + - contextPath: VisionOne.Sandbox_Submission_Polling.status + description: Status of action to analyze file in sandbox. type: string - - contextPath: VisionOne.Sandbox_Submission_Polling.taskStatus - description: Sandbox analysis status + - contextPath: VisionOne.Sandbox_Submission_Polling.report_id + description: Report ID of the submission queried. type: string - contextPath: VisionOne.Sandbox_Submission_Polling.digest - description: The hash values of file analyzed + description: The hash values of file analyzed. type: string - contextPath: VisionOne.Sandbox_Submission_Polling.analysis_completion_time description: Sample analysis completed time. @@ -721,20 +1063,17 @@ script: - contextPath: VisionOne.Sandbox_Submission_Polling.risk_level description: Risk Level of the analyzed file. type: string - - contextPath: VisionOne.Sandbox_Submission_Polling.description - description: Scan result description for NotAnalyzed. - type: string - contextPath: VisionOne.Sandbox_Submission_Polling.detection_name_list description: Detection name of this sample, if applicable. - type: unknown + type: string - contextPath: VisionOne.Sandbox_Submission_Polling.threat_type_list description: Threat type of this sample. - type: unknown + type: string - contextPath: VisionOne.Sandbox_Submission_Polling.file_type description: File type of this sample. type: string - - contextPath: VisionOne.Sandbox_Submission_Polling.report_id - description: ID used to get the report and suspicious object. Empty means no report. + - contextPath: VisionOne.Sandbox_Submission_Polling.type + description: Object type. type: string - contextPath: VisionOne.Sandbox_Submission_Polling.message description: Error message for failed call. @@ -751,7 +1090,7 @@ script: - contextPath: VisionOne.Sandbox_Submission_Polling.DBotScore.Reliability description: The reliability of an intelligence-data source. type: string - description: Runs a polling command to retrieve the status of a sandbox analysis submission + description: Runs a polling command to retrieve the status of a sandbox analysis submission. name: trendmicro-visionone-run-sandbox-submission-polling polling: true - arguments: @@ -763,57 +1102,95 @@ script: name: task_id required: true outputs: - - contextPath: VisionOne.Task_Status.taskId + - contextPath: VisionOne.Task_Status.id description: Task ID of the task queried. type: string - - contextPath: VisionOne.Task_Status.taskStatus + - contextPath: VisionOne.Task_Status.status description: Status of the task. type: string + - contextPath: VisionOne.Task_Status.created_date_time + description: Timestamp in ISO 8601 format. + type: string + - contextPath: VisionOne.Task_Status.last_action_date_time + description: Timestamp in ISO 8601 format. + type: string + - contextPath: VisionOne.Task_Status.action + description: Action performed. + type: string + - contextPath: VisionOne.Task_Status.description + description: Description of the task. + type: string + - contextPath: VisionOne.Task_Status.account + description: Account that performed the task. + type: string + - contextPath: VisionOne.Task_Status.type + description: Value type. + type: string + - contextPath: VisionOne.Task_Status.value + description: Value that was submitted. + type: string + - contextPath: VisionOne.Task_Status.tasks + description: Task related information. + type: string + - contextPath: VisionOne.Task_Status.agent_guid + description: Agent guid of the endpoint. + type: string + - contextPath: VisionOne.Task_Status.endpoint_name + description: Endpoint name. + type: string + description: Command gives the status of the running task based on the task id. name: trendmicro-visionone-check-task-status polling: true - description: Command gives the status of the running task based on the task id. - arguments: - description: ID of the workbench you would like to attach the note to. name: workbench_id required: true - - description: Contents of the note to be attached + - description: Contents of the note to be attached. name: content required: true outputs: - - contextPath: VisionOne.Add_Note.Workbench_Id - description: The ID of the workbench that the note was added to. + - contextPath: VisionOne.Add_Note.code + description: HTTPS status code of making the request. type: string - - contextPath: VisionOne.Add_Note.note_id - description: The ID of the note that was added. + - contextPath: VisionOne.Add_Note.message + description: Message notifying the user of note added to workbench. type: string - - contextPath: VisionOne.Add_Note.code - description: The response code from the command + - contextPath: VisionOne.Add_Note.note_id + description: ID of the note added to workbench. type: string - description: Attaches a note to a workbench alert + description: Attaches a note to a workbench alert. name: trendmicro-visionone-add-note - arguments: - description: ID of the workbench you would like to update the status for. name: workbench_id required: true - - description: Status to assign to the workbench alert + - description: Target resource will be updated only if it matches ETag of the target one. Etag is one of the outputs from get_alert_details. + name: if_match + required: true + - description: Status to assign to the workbench alert. name: status required: true auto: PREDEFINED predefined: - new - - in progress - - true positive - - false positive + - in_progress + - true_positive + - false_positive + - benign_true_positive + - closed outputs: - contextPath: VisionOne.Update_Status.Workbench_Id description: The ID of the workbench that had the status updated. type: string - contextPath: VisionOne.Update_Status.code - description: The response code from the command + description: HTTP status code of updating workbench alert status. + type: string + - contextPath: VisionOne.Update_Status.message + description: Message notifying user that the alert status has been updated to user defined status. type: string - description: Updates the status of a workbench alert + description: Updates the status of a workbench alert. name: trendmicro-visionone-update-status - dockerimage: demisto/python3:3.10.12.63474 + dockerimage: demisto/pytmv1:0.6.2.83411 isFetchSamples: true isfetch: true script: '' diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3_description.md b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3_description.md index cacfccfda955..b0c1e94fcb63 100644 --- a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3_description.md +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3_description.md @@ -66,4 +66,4 @@ You can then create a user account and generate an API key to be used for the Co 4. Click **Test** to validate the URLs, token, and connection. *** -[View Integration Documentation](https://xsoar.pan.dev/docs/reference/integrations/trend-micro-vision-one) +[View Integration Documentation](https://xsoar.pan.dev/docs/reference/integrations/trend-micro-vision-one) \ No newline at end of file diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3_test.py b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3_test.py index 71fc167aecf7..6a2ba28391a3 100755 --- a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3_test.py +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/TrendMicroVisionOneV3_test.py @@ -1,627 +1,822 @@ +from typing import Any from TrendMicroVisionOneV3 import ( - Client, add_note, collect_file, update_status, force_sign_out, get_task_status, get_endpoint_info, + get_alert_details, terminate_process, force_password_reset, + restore_email_message, + submit_urls_to_sandbox, add_to_suspicious_list, submit_file_to_sandbox, + get_email_activity_data, get_file_analysis_status, get_file_analysis_result, download_analysis_report, + get_endpoint_activity_data, delete_from_suspicious_list, submit_file_entry_to_sandbox, get_sandbox_submission_status, + get_email_activity_data_count, add_or_remove_from_block_list, isolate_or_restore_connection, - download_investigation_package, enable_or_disable_user_account, + download_investigation_package, download_suspicious_object_list, + get_endpoint_activity_data_count, add_or_delete_from_exception_list, quarantine_or_delete_email_message, download_information_collected_file, ) +from pytmv1 import ( + AccountTaskResp, + AddAlertNoteResp, + BytesResp, + BaseTaskResp, + CollectFileTaskResp, + Digest, + EmailActivity, + Endpoint, + EndpointActivity, + GetAlertDetailsResp, + GetEmailActivityDataResp, + GetEndpointActivityDataResp, + GetEmailActivityDataCountResp, + MsData, + MsDataUrl, + MultiResp, + MultiResult, + MultiUrlResp, + NoContentResp, + OperatingSystem, + ProductCode, + QueryOp, + Result, + ResultCode, + RiskLevel, + Status, + SandboxAction, + SandboxObjectType, + SubmitFileToSandboxResp, + SandboxSuspiciousObject, + SandboxAnalysisResultResp, + SandboxSuspiciousListResp, + SandboxSubmissionStatusResp, + TaskAction, + Value, + ValueList, +) +from pytmv1.model.commons import Account +from pytmv1.model.enums import Iam import demistomock as demisto +import json +import TrendMicroVisionOneV3 + +# import unittest +from unittest.mock import Mock # Provide valid API KEY api_key = "test api key" -proxy = "false" -verify = "true" +proxy = True +verify = True # Mock response for enabling or disabling user account -def enable_disable_user_account_mock_response(*args, **kwargs): - return_value = [ - { - "status": 202, - "headers": [ - { - "name": "Operation-Location", - "value": "https://apimock-dev.trendmicro.com/v3.0/xdr/response/tasks/00000001", - } - ], - } - ] - return return_value +def enable_user_account_mock_response(*args, **kwargs) -> MultiResult[MultiResp]: + with open("./test_data/enable_user_account.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) def test_enable_user_account(mocker): """Test enable user account success response.""" - mocker.patch( - "TrendMicroVisionOneV3.Client.http_request", - enable_disable_user_account_mock_response, - ) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.enable_account = Mock(return_value=enable_user_account_mock_response()) args = { - "accountName": "ghost@trendmicro.com", - "description": "Enabling user account.", + "account_identifiers": json.dumps( + [ + { + "account_name": "ghost@trendmicro.com", + "description": "Enable user account.", + } + ] + ) } - result = enable_or_disable_user_account( + result = TrendMicroVisionOneV3.enable_or_disable_user_account( client, "trendmicro-visionone-enable-user-account", args ) - assert result.outputs["status_code"] == 202 - assert result.outputs["taskId"] == "00000001" + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000010" assert result.outputs_prefix == "VisionOne.User_Account" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" + + +def disable_user_account_mock_response(*args, **kwargs): + with open("./test_data/disable_user_account.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) def test_disable_user_account(mocker): """Test disable user account success response.""" - mocker.patch( - "TrendMicroVisionOneV3.Client.http_request", - enable_disable_user_account_mock_response, - ) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.disable_account = Mock(return_value=disable_user_account_mock_response()) args = { - "accountName": "ghost@trendmicro.com", - "description": "Disabling user account.", + "account_identifiers": json.dumps( + [ + { + "account_name": "ghost@trendmicro.com", + "description": "Disable user account.", + } + ] + ) } result = enable_or_disable_user_account( client, "trendmicro-visionone-disable-user-account", args ) - assert result.outputs["status_code"] == 202 - assert result.outputs["taskId"] == "00000001" + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000009" assert result.outputs_prefix == "VisionOne.User_Account" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" # Mock response for force sign out def force_signout_mock_response(*args, **kwargs): - return_value = [ - { - "status": 202, - "headers": [ - { - "name": "Operation-Location", - "value": "https://apimock-dev.trendmicro.com/v3.0/xdr/response/tasks/00000001", - } - ], - } - ] - return return_value + with open("./test_data/force_signout.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) def test_force_signout(mocker): """Test to force sign out user account with successful result.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", force_signout_mock_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.sign_out_account = Mock(return_value=force_signout_mock_response()) args = { - "accountName": "ghost@trendmicro.com", - "description": "Signing out user account.", + "account_identifiers": json.dumps( + [ + { + "account_name": "ghost@trendmicro.com", + "description": "Signing out user account.", + } + ] + ) } + result = force_sign_out(client, args) - assert result.outputs["status_code"] == 202 - assert result.outputs["taskId"] == "00000001" + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000012" assert result.outputs_prefix == "VisionOne.Force_Sign_Out" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" # Mock response for force password reset def force_password_reset_mock_response(*args, **kwargs): - return_value = [ - { - "status": 202, - "headers": [ - { - "name": "Operation-Location", - "value": "https://apimock-dev.trendmicro.com/v3.0/xdr/response/tasks/00000001", - } - ], - } - ] - return return_value + with open("./test_data/force_password_reset.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) def test_force_password_reset(mocker): """Test to force sign out user account with successful result.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", force_password_reset_mock_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.reset_password_account = Mock( + return_value=force_password_reset_mock_response() + ) args = { - "accountName": "ghost@trendmicro.com", - "description": "Forcing a password reset for user account.", + "account_identifiers": json.dumps( + [ + { + "account_name": "ghost@trendmicro.com", + "description": "Signing out user account.", + } + ] + ) } result = force_password_reset(client, args) - assert result.outputs["status_code"] == 202 - assert result.outputs["taskId"] == "00000001" + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000011" assert result.outputs_prefix == "VisionOne.Force_Password_Reset" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" -# Mock function for add to block list and remove from block list -def add_remove_blocklist_mock_response(*args, **kwargs): - return_value = [ - { - "status": 202, - "headers": [ - { - "name": "Operation-Location.", - "value": "https://apimock-dev.trendmicro.com/v3.0/xdr/response/tasks/00000001", - } - ], - } - ] - return return_value +# Mock function for add to block list +def add_blocklist_mock_response(*args, **kwargs): + with open("./test_data/add_blocklist.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for add to block list def test_add_blocklist(mocker): """Test add to block list with positive scenario.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", add_remove_blocklist_mock_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.add_to_block_list = Mock(return_value=add_blocklist_mock_response()) args = { - "valueType": "fileSha1", - "targetValue": "2de5c1125d5f991842727ed8ea8b5fda0ffa249b", - "description": "block info", + "block_objects": json.dumps( + [ + { + "object_type": "file_sha1", + "object_value": "2de5c1125d5f991842727ed8eca8b5fda0ffa249b", + "description": "Add to blocklist.", + } + ] + ) } - result = add_or_remove_from_block_list(client, "trendmicro-visionone-add-to-block-list", args) - assert result.outputs["status"] == 202 - assert result.outputs["taskId"] == "00000001" + result = add_or_remove_from_block_list( + client, "trendmicro-visionone-add-to-block-list", args + ) + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000007" assert result.outputs_prefix == "VisionOne.BlockList" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" + + +# Mock function for remove from block list +def remove_blocklist_mock_response(*args, **kwargs): + with open("./test_data/remove_blocklist.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for remove from block list -def test_remove_block_list(mocker): +def test_remove_blocklist(mocker): """Test remove block list positive scenario.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", add_remove_blocklist_mock_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.remove_from_block_list = Mock(return_value=remove_blocklist_mock_response()) args = { - "valueType": "fileSha1", - "targetValue": "2de5c1125d5f991842727ed8ea8b5fda0ffa249b", - "description": "block info", + "block_objects": json.dumps( + [ + { + "object_type": "domain", + "object_value": "www.test.com", + "description": "Remove from block list", + } + ] + ) } result = add_or_remove_from_block_list( client, "trendmicro-visionone-remove-from-block-list", args ) - assert result.outputs["status"] == 202 - assert result.outputs["taskId"] == "00000001" + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000008" assert result.outputs_prefix == "VisionOne.BlockList" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" # Mock function for quarantine and delete email message -def quarantine_delete_email_mock_response(*args, **kwargs): - return_value = [ - { - "status": 202, - "headers": [ - { - "name": "Operation-Location", - "value": "https://apimock-dev.trendmicro.com/v3.0/xdr/response/tasks/00000001", - } - ], - } - ] - return return_value +def quarantine_email_mock_response(*args, **kwargs): + with open("./test_data/quarantine_email.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for quarantine email message def test_quarantine_email_message(mocker): """Test quarantine email message positive scenario.""" - mocker.patch( - "TrendMicroVisionOneV3.Client.http_request", - quarantine_delete_email_mock_response, + client = Mock() + client.quarantine_email_message = Mock( + return_value=quarantine_email_mock_response() ) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) args = { - "messageId": (""), - "mailBox": "kjshdfjksahd@trendenablement.com", - "description": "quarantine info", + "email_identifiers": json.dumps( + [ + { + "message_id": ( + "" + ), + "mailbox": "kjshdfjksahd@trendenablement.com", + "description": "quarantine email", + } + ] + ) } result = quarantine_or_delete_email_message( client, "trendmicro-visionone-quarantine-email-message", args ) - assert result.outputs["status"] == 202 - assert result.outputs["taskId"] == "00000001" + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000002" assert result.outputs_prefix == "VisionOne.Email" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" + + +def delete_email_mock_response(*args, **kwargs): + with open("./test_data/delete_email.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for delete email message def test_delete_email_message(mocker): """Test delete email message with positive scenario.""" - mocker.patch( - "TrendMicroVisionOneV3.Client.http_request", - quarantine_delete_email_mock_response, - ) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.delete_email_message = Mock(return_value=delete_email_mock_response()) args = { - "messageId": (""), - "mailBox": "kjshdfjksahd@trendenablement.com", - "description": "quarantine info", + "email_identifiers": json.dumps( + [ + { + "unique_id": ( + "CANUJTKTjto9GAHTr9V=TFqMZhRXqVn=" + "MfSqmTdAMyv9PDX3k+vQ0w@mail.gmail.com" + ), + "description": "delete email", + } + ] + ) } result = quarantine_or_delete_email_message( client, "trendmicro-visionone-delete-email-message", args ) - assert result.outputs["status"] == 202 - assert result.outputs["taskId"] == "00000001" + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000001" assert result.outputs_prefix == "VisionOne.Email" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" + + +# Mock response for restore email message +def restore_email_mock_response(*args, **kwargs): + with open("./test_data/restore_email_message.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) -# Mock function for isolate and restore endpoint -def isolate_restore_mock_response(*args, **kwargs): - return_value = [ - { - "status": 202, - "headers": [ +# Test case for restore email +def test_restore_email_message(mocker): + client = Mock() + client.restore_email_message = Mock(return_value=restore_email_mock_response()) + args = { + "email_identifiers": json.dumps( + [ { - "name": "Operation-Location", - "value": "https://apimock-dev.trendmicro.com/v3.0/xdr/response/tasks/00000001", + "unique_id": "CANUJTKTjto9GAHTr9V=TFqMZhRXqVnMfSqmTdAMyv9PDX3k", + "description": "Restore email.", } - ], - "body": { - "error": {"code": "TaskError", "message": "Task duplication."}, - }, - } - ] - return return_value + ] + ) + } + result = restore_email_message(client, args) + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000003" + assert result.outputs_prefix == "VisionOne.Email" + assert result.outputs_key_field == "task_id" + + +# Mock response for isolate endpoint +def isolate_mock_response(*args, **kwargs): + with open("./test_data/isolate_endpoint.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for isolate endpoint def test_isolate_endpoint(mocker): """Test isolate endpoint positive scenario.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", isolate_restore_mock_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.isolate_endpoint = Mock(return_value=isolate_mock_response()) args = { - "endpoint": "client1", - "description": "isolate endpoint info", + "endpoint_identifiers": json.dumps( + [ + { + "endpoint": "client782", + "description": "Add to blocklist.", + } + ] + ) } - result = isolate_or_restore_connection(client, "trendmicro-visionone-isolate-endpoint", args) - assert result.outputs["taskStatus"] == 202 - assert isinstance(result.outputs["taskId"], str) + result = isolate_or_restore_connection( + client, "trendmicro-visionone-isolate-endpoint", args + ) + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000004" assert result.outputs_prefix == "VisionOne.Endpoint_Connection" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" + + +# Mock response for restore endpoint +def restore_endpoint_mock_response(*args, **kwargs): + with open("./test_data/restore_endpoint.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for restore endpoint def test_restore_endpoint(mocker): """Test restore endpoint positive scenario.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", isolate_restore_mock_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.restore_endpoint = Mock(return_value=restore_endpoint_mock_response()) args = { - "endpoint": "client1", - "description": "restore endpoint info", + "endpoint_identifiers": json.dumps( + [ + { + "agent_guid": "cb9c8412-1f64-4fa0-a36b-76bf41a07ede", + "description": "Remove from blocklist.", + } + ] + ) } result = isolate_or_restore_connection( client, "trendmicro-visionone-restore-endpoint-connection", args ) - assert result.outputs["taskStatus"] == 202 - assert isinstance(result.outputs["taskId"], str) + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000005" assert result.outputs_prefix == "VisionOne.Endpoint_Connection" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" -# Mock function for terminate process +# Mock response for terminate process def terminate_process_mock_response(*args, **kwargs): - return_value = [ - { - "status": 202, - "headers": [ - { - "name": "Operation-Location", - "value": "https://apimock-dev.trendmicro.com/v3.0/xdr/response/tasks/00000001", - } - ], - } - ] - return return_value + with open("./test_data/terminate_process.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for terminate process endpoint -def test_terminate_process_endpoint(mocker): +def test_terminate_process(mocker): """Test terminate process positive scenario.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", terminate_process_mock_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.terminate_process = Mock(return_value=terminate_process_mock_response()) args = { - "endpoint": "035f6286-2414-4cb4-8d05-e67d2d32c944", - "fileSha1": "12a08b7a3c5a10b64700c0aca1a47941b50a4f8b", - "description": "terminate info", - "fileName": "testfile.txt", + "process_identifiers": json.dumps( + [ + { + "endpoint": "035f6286-2414-4cb4-8d05-e67d2d32c944", + "file_sha1": "12a08b7a3c5a10b64700c0aca1a47941b50a4f8b", + "description": "terminate info", + "filename": "testfile.txt", + } + ] + ) } result = terminate_process(client, args) - assert result.outputs["taskStatus"] == 202 - assert result.outputs["taskId"] == "00000001" + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000006" assert result.outputs_prefix == "VisionOne.Terminate_Process" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" -# Mock function for add and delete exception list -def add_delete_exception_mock_response(*args, **kwargs): - return_value = [{"status": 201}] - return return_value +# Mock response for add to exception list +def add_exception_mock_response(*args, **kwargs): + with open("./test_data/add_exception.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) -# Test cases for add exception list endpoint. +# Test cases for add exception list. def test_add_object_to_exception_list(mocker): """Test add to exception list with positive scenario.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", add_delete_exception_mock_response) - mocker.patch( - "TrendMicroVisionOneV3.Client.exception_list_count", - add_delete_exception_mock_response, - ) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) - args = {"type": "domain", "value": "1.alisiosanguera.com", "description": "new key"} + client = Mock() + client.add_to_exception_list = Mock(return_value=add_exception_mock_response()) + args = { + "block_objects": json.dumps( + [ + { + "object_type": "domain", + "object_value": "1.alisiosanguera.com", + "description": "new key", + } + ] + ) + } result = add_or_delete_from_exception_list( client, "trendmicro-visionone-add-objects-to-exception-list", args ) assert result.outputs["message"] == "success" - assert isinstance(result.outputs["status_code"], int) + assert isinstance(result.outputs["total_items"], int) assert result.outputs_prefix == "VisionOne.Exception_List" - assert result.outputs_key_field == "message" + assert result.outputs_key_field == "multi_response" + + +# Mock response for remove from exception list +def delete_exception_mock_response(*args, **kwargs): + with open("./test_data/remove_exception.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for delete exception list. -def test_delete_object_to_exception_list(mocker): +def test_delete_object_from_exception_list(mocker): """Test delete exception list positive scenario.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", add_delete_exception_mock_response) - mocker.patch( - "TrendMicroVisionOneV3.Client.exception_list_count", - add_delete_exception_mock_response, + client = Mock() + client.remove_from_exception_list = Mock( + return_value=delete_exception_mock_response() ) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) - args = {"type": "domain", "value": "1.alisiosanguera.com.cn"} + args = { + "block_objects": json.dumps( + [ + { + "object_type": "ip", + "object_value": "7.7.7.7", + "description": "Remove IP from exception list", + } + ] + ) + } result = add_or_delete_from_exception_list( client, "trendmicro-visionone-delete-objects-from-exception-list", args ) assert result.outputs["message"] == "success" - assert isinstance(result.outputs["status_code"], int) + assert isinstance(result.outputs["total_items"], int) assert result.outputs_prefix == "VisionOne.Exception_List" - assert result.outputs_key_field == "message" + assert result.outputs_key_field == "multi_response" -# Mock response for add and delete suspicious list -def add_delete_suspicious_mock_response(*args, **kwargs): - return_value = [{"total_items": 20, "status": 201}] - return return_value +# Mock response for add to suspicious list +def add_suspicious_mock_response(*args, **kwargs): + with open("./test_data/add_suspicious_list.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for add suspicious object list def test_add_object_to_suspicious_list(mocker): """Test add to suspicious list with poistive scenario.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", add_delete_suspicious_mock_response) - mocker.patch( - "TrendMicroVisionOneV3.Client.suspicious_list_count", - add_delete_suspicious_mock_response, - ) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.add_to_suspicious_list = Mock(return_value=add_suspicious_mock_response()) args = { - "type": "domain", - "value": "1.alisiosanguera.com.cn", - "description": "Example Suspicious Object.", - "scanAction": "log", - "riskLevel": "high", - "daysToExpiration": 15, + "block_objects": json.dumps( + [ + { + "object_type": "domain", + "object_value": "1.alisiosanguera.com.cn", + "description": "Example Suspicious Object.", + "scan_action": "log", + "risk_level": "high", + "expiry_days": 15, + } + ] + ) } result = add_to_suspicious_list(client, args) assert result.outputs["message"] == "success" - assert isinstance(result.outputs["status_code"], int) + assert isinstance(result.outputs["total_items"], int) assert result.outputs_prefix == "VisionOne.Suspicious_List" - assert result.outputs_key_field == "message" + assert result.outputs_key_field == "multi_response" + + +# Mock response for delete from suspicious list +def delete_suspicious_mock_response(*args, **kwargs): + with open("./test_data/delete_suspicious_list.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for delete suspicious object list def test_delete_object_from_suspicious_list(mocker): """Test delete object from suspicious list.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", add_delete_suspicious_mock_response) - mocker.patch( - "TrendMicroVisionOneV3.Client.suspicious_list_count", - add_delete_suspicious_mock_response, + client = Mock() + client.remove_from_suspicious_list = Mock( + return_value=delete_suspicious_mock_response() ) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) - args = {"type": "domain", "value": "1.alisiosanguera.com.cn"} + args = { + "block_objects": json.dumps( + [ + { + "object_type": "domain", + "object_value": "1.alisiosanguera.com.cn", + "description": "Delete from suspicious list", + } + ] + ) + } result = delete_from_suspicious_list(client, args) assert result.outputs["message"] == "success" - assert isinstance(result.outputs["status_code"], int) + assert isinstance(result.outputs["total_items"], int) assert result.outputs_prefix == "VisionOne.Suspicious_List" - assert result.outputs_key_field == "message" + assert result.outputs_key_field == "multi_response" # Mock response for Get file analysis status -def mock_file_status_response(*args, **kwargs): - return_response = { - "status_code": 200, - "id": "012e4eac-9bd9-4e89-95db-77e02f75a6f3", - "action": "analyzeFile", - "status": "succeeded", - "error": {}, - "createdDateTime": "2021-05-07T03:07:40Z", - "lastActionDateTime": "2021-05-07T03:08:40Z", - "resourceLocation": """"https://apimock-dev.trendmicro.com/v3.0/sandbox/analysisResults/ - 012e4eac-9bd9-4e89-95db-77e02f75a6f3""", - "isCached": True, - "digest": {}, - "arguments": "LS10ZXN0IA==", - } - return return_response +def mock_file_analysis_status_response(*args, **kwargs): + # with open("./test_data/get_file_analysis_status.json") as f: + # return_value: list[dict[str, Any]] = json.load(f) + return Result( + result_code=ResultCode.SUCCESS, + response=SandboxSubmissionStatusResp( + id="921674d0-9735-4f79-b7de-c852e00a003d", + status=Status.SUCCEEDED, + created_date_time="2021-11-17T12:00:00Z", + last_action_date_time="2021-12-17T12:00:00Z", + action=SandboxAction.ANALYZE_FILE, + resource_location="https://api.xdr.trendmicro.com/...", + is_cached=False, + arguments="LS10ZXN0IA==", + digest=Digest( + md5="4ac174730d4143a119037d9fda81c7a9", + sha1="fb5608fa03de204a12fe1e9e5275e4a682107471", + sha256="65b0f656e79ab84ca17807158e3eac206bd58be6689ddeb95956a48748d138f9", + ), + ), + ) # Test Cases for Get file analysis status -def test_get_file_status(mocker): +def test_get_file_analysis_status(mocker): """Test to get status of file""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", mock_file_status_response) - args = {"taskId": "921674d0-9735-4f79-b7de-c852e00a003d"} - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.get_sandbox_submission_status = Mock( + return_value=mock_file_analysis_status_response() + ) + args = {"task_id": "921674d0-9735-4f79-b7de-c852e00a003d"} result = get_file_analysis_status(client, args) - assert result.outputs["isCached"] is not None + assert isinstance(result.outputs["is_cached"], bool) assert result.outputs["status"] == "succeeded" assert isinstance(result.outputs["action"], str) - assert result.outputs["arguments"] == "LS10ZXN0IA==" - assert result.outputs["id"] == "012e4eac-9bd9-4e89-95db-77e02f75a6f3" + assert isinstance(result.outputs["arguments"], str) + assert result.outputs["id"] == "921674d0-9735-4f79-b7de-c852e00a003d" assert isinstance(result.outputs["digest"], dict) - assert isinstance(result.outputs["error"], dict) - assert isinstance(result.outputs.get("resourceLocation"), str) - assert result.outputs_prefix == "VisionOne.File_Analysis_Status" - assert result.outputs_key_field == "message" - - -def test_get_report_id(mocker): - """Test to get status of file with report id""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", mock_file_status_response) - args = {"taskId": "921674d0-9735-4f79-b7de-c852e00a003d"} - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) - result = get_file_analysis_status(client, args) - assert result.outputs["status"] == "succeeded" - assert result.outputs["action"] == "analyzeFile" - assert result.outputs["id"] == "012e4eac-9bd9-4e89-95db-77e02f75a6f3" + assert isinstance(result.outputs["resource_location"], str) assert result.outputs_prefix == "VisionOne.File_Analysis_Status" - assert result.outputs_key_field == "message" + assert result.outputs_key_field == "id" # Mock response for Get file analysis report def mock_file_result_response(*args, **kwargs): - return_response = { - "id": "8559a7ce-2b85-451b-8742-4b943ad76a22", - "type": "file", - "digest": {}, - "arguments": "LS10ZXN0IA==", - "analysisCompletionDateTime": "2021-05-07T03:08:40Z", - "riskLevel": "high", - "detectionNames": [], - "threatTypes": [], - "trueFileType": "exe", - } - return return_response + return Result( + result_code=ResultCode.SUCCESS, + response=SandboxAnalysisResultResp( + id="800f908d-9578-4333-91e5-822794ed5483", + type=SandboxObjectType.FILE, + analysis_completion_date_time="2021-11-17T12:00:00Z", + risk_level=RiskLevel.HIGH, + true_file_type="exe", + digest=Digest( + md5="4ac174730d4143a119037d9fda81c7a9", + sha1="fb5608fa03de204a12fe1e9e5275e4a682107471", + sha256="65b0f656e79ab84ca17807158e3eac206bd58be6689ddeb95956a48748d138f9", + ), + arguments="LS10ZXN0IA==", + detection_names=["VAN_DROPPER.UMXX"], + threat_types=["Dropper"], + ), + ) # Test cases for get file analysis report def test_get_file_analysis_result(mocker): """Test get file analysis report data.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", mock_file_result_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) - args = {"reportId": "800f908d-9578-4333-91e5-822794ed5483"} + client = Mock() + client.get_sandbox_analysis_result = Mock(return_value=mock_file_result_response()) + args = { + "report_id": "800f908d-9578-4333-91e5-822794ed5483", + "poll": "true", + "poll_time_sec": 30, + } result = get_file_analysis_result(client, args) - assert result.outputs["report_id"] == "8559a7ce-2b85-451b-8742-4b943ad76a22" + assert result.outputs["id"] == "800f908d-9578-4333-91e5-822794ed5483" assert isinstance(result.outputs["type"], str) assert isinstance(result.outputs["digest"], dict) assert isinstance(result.outputs["arguments"], str) - assert isinstance(result.outputs["analysisCompletionDateTime"], str) - assert isinstance(result.outputs["riskLevel"], str) - assert isinstance(result.outputs["detectionNames"], list) - assert isinstance(result.outputs["threatTypes"], list) - assert isinstance(result.outputs["trueFileType"], str) - - -def test_get_file_analysis_result_1(mocker): - """Test get file analysis report data.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", mock_file_result_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) - args = {"reportId": "800f908d-9578-4333-91e5-822794ed5483"} - result = get_file_analysis_result(client, args) - assert len(result.outputs) > 0 + assert isinstance(result.outputs["analysis_completion_date_time"], str) + assert result.outputs["risk_level"] == "high" + assert isinstance(result.outputs["detection_names"], list) + assert isinstance(result.outputs["threat_types"], list) + assert isinstance(result.outputs["true_file_type"], str) + assert result.outputs_key_field == "id" # Mock response for collect file def mock_collect_file_response(*args, **kwargs): - return_value = [ - { - "status": 202, - "headers": [ - { - "name": "Operation-Location", - "value": "https://apimock-dev.trendmicro.com/v3.0/xdr/response/tasks/00000001", - } - ], - } - ] - return return_value + with open("./test_data/collect_forensic_file.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiResp(items=[MsData(**data) for data in return_value]), + ) # Test cases for collect forensic file. def test_collect_forensic_file(mocker): """Test collect file with positive scenario.""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", mock_collect_file_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.collect_file = Mock(return_value=mock_collect_file_response()) args = { - "endpoint": "client1", - "description": "collect file", - "filePath": ("/file_path/sample.txt"), + "collect_files": json.dumps( + [ + { + "endpoint": "client95c3", + "file_path": "C/file_path/sample.txt", + "description": "collect file", + } + ] + ) } result = collect_file(client, args) - assert result.outputs["taskStatus"] == 202 - assert isinstance(result.outputs["taskId"], str) + assert result.outputs[0]["status"] == 202 + assert result.outputs[0]["task_id"] == "00000003" assert result.outputs_prefix == "VisionOne.Collect_Forensic_File" - assert result.outputs_key_field == "taskId" + assert result.outputs_key_field == "task_id" # Mock for downloaded file information def mock_download_collected_file_info_response(*args, **kwargs): - return_response = { - "id": "00000012", - "status": "running", - "createdDateTime": "2021-04-05T08:22:37Z", - "lastActionDateTime": "2021-04-06T08:22:37Z", - "description": "task description", - "action": "isolate", - "account": "test", - "agentGuid": "cb9c8412-1f64-4fa0-a36b-76bf41a07ede", - "endpointName": "trend-host-1", - "filePath": "string", - "fileSha1": "12a08b7a3c5a10b64700c0aca1a47941b50a4f8b", - "fileSha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", - "fileSize": 102400, - "resourceLocation": "htttps://api.xdr.trendmicro.com/...", - "expiredDateTime": "string", - "password": "xns9ns", - } - return return_response + return Result( + result_code=ResultCode.SUCCESS, + response=CollectFileTaskResp( + id="00000003", + status=Status.SUCCEEDED, + action=TaskAction.COLLECT_FILE, + created_date_time="2023-11-12T12:00:00Z", + last_action_date_time="2023-11-16T12:00:00Z", + description="Test", + account="API", + agent_guid="cb9c8412-1f64-4fa0-a36b-76bf41a07ede", + endpoint_name="trend-host-1", + file_path="string", + file_sha1="12a08b7a3c5a10b64700c0aca1a47941b50a4f8b", + file_sha256="e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + file_size=102400, + resource_location="htttps://api.xdr.trendmicro.com/...", + expired_date_time="2023-11-17T12:00:00Z", + password="LS10ZXN0IA==", + ), + ) # Test Cases for Collected downloaded file information. def test_get_forensic_file_information(mocker): """Test endpoint to get collected file information based on task id""" - mocker.patch( - "TrendMicroVisionOneV3.Client.http_request", - mock_download_collected_file_info_response, + client = Mock() + client.get_task_result = Mock( + return_value=mock_download_collected_file_info_response() ) - args = {"task_id": "00000012"} - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + args = { + "task_id": "00000003", + "poll": "true", + "poll_time_sec": 30, + } result = download_information_collected_file(client, args) - assert result.outputs["taskId"] == "00000012" - assert result.outputs["status"] == "running" - assert result.outputs["action"] == "isolate" - assert result.outputs["agentGuid"] == "cb9c8412-1f64-4fa0-a36b-76bf41a07ede" - assert result.outputs["endpointName"] == "trend-host-1" - assert result.outputs["fileSha1"] == "12a08b7a3c5a10b64700c0aca1a47941b50a4f8b" - assert result.outputs["fileSize"] == 102400 - assert isinstance(result.outputs["filePath"], str) - assert isinstance(result.outputs["resourceLocation"], str) - assert isinstance(result.outputs["expiredDateTime"], str) + assert result.outputs["id"] == "00000003" + assert result.outputs["action"] == "collectFile" + assert result.outputs["status"] == "succeeded" + assert result.outputs["agent_guid"] == "cb9c8412-1f64-4fa0-a36b-76bf41a07ede" + assert result.outputs["endpoint_name"] == "trend-host-1" + assert result.outputs["file_sha1"] == "12a08b7a3c5a10b64700c0aca1a47941b50a4f8b" + assert result.outputs["file_size"] == 102400 + assert isinstance(result.outputs["file_path"], str) + assert isinstance(result.outputs["resource_location"], str) + assert isinstance(result.outputs["expired_date_time"], str) + assert isinstance(result.outputs["created_date_time"], str) assert isinstance(result.outputs["password"], str) # Mock response for Download analysis results def mock_download_analysis_report_response(*args, **kwargs): - class Response: - content = "" - status_code = 200 - - return_value = Response() - return return_value + return Result( + result_code=ResultCode.SUCCESS, + response=BytesResp(content=b"JVBERi0xLjQKJcCnN0cmVhbQp4nD2OywoCMQxF9=="), + ) # Test Case for Download analysis report @@ -631,66 +826,69 @@ def test_download_analysis_report(mocker): to sandbox based on submission ID returned by get file analysis status. """ - mocker.patch( - "requests.get", - mock_download_analysis_report_response, + client = Mock() + client.download_sandbox_analysis_result = Mock( + return_value=mock_download_analysis_report_response() ) - args = {"submission_id": "8559a7ce-2b85-451b-8742-4b943ad76a22"} - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + args = { + "submission_id": "8559a7ce-2b85-451b-8742-4b943ad76a22", + "poll": "true", + "poll_time_sec": 30, + } result = download_analysis_report(client, args) - assert isinstance(result[1].outputs["code"], int) - assert result[1].outputs["message"] == "Please select download to start download" - assert result[1].outputs["submissionId"] == "8559a7ce-2b85-451b-8742-4b943ad76a22" + assert result[1].outputs["result_code"] == "SUCCESS" + assert result[1].outputs["submission_id"] == "8559a7ce-2b85-451b-8742-4b943ad76a22" assert result[1].outputs_prefix == "VisionOne.Download_Analysis_Report" - assert result[1].outputs_key_field == "submissionId" + assert result[1].outputs_key_field == "submission_id" # Mock response for download investigation package def mock_download_investigation_package_response(*args, **kwargs): - class Response: - content = "" - status_code = 200 - - return_value = Response() - return return_value + return Result( + result_code=ResultCode.SUCCESS, + response=BytesResp(content=b"JVBERi0xLjQKJcCnN0cmVhbQp4nD2OywoCMQxF9=="), + ) # Test case for Download analysis package -def test_download_analysis_package(mocker): +def test_download_investigation_package(mocker): """ Test to download investigation package for file submitted to sandbox based on submission ID returned by get file analysis status. """ - mocker.patch( - "requests.get", - mock_download_investigation_package_response, + client = Mock() + client.download_sandbox_investigation_package = Mock( + return_value=mock_download_investigation_package_response() ) - args = {"submission_id": "8559a7ce-2b85-451b-8742-4b943ad76a22"} - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + args = { + "submission_id": "8559a7ce-2b85-451b-8742-4b943ad76a22", + "poll": "true", + "poll_time_sec": 30, + } result = download_investigation_package(client, args) - assert isinstance(result[1].outputs["code"], int) - assert result[1].outputs["message"] == "Please select download to start download" - assert result[1].outputs["submissionId"] == "8559a7ce-2b85-451b-8742-4b943ad76a22" + assert result[1].outputs["result_code"] == "SUCCESS" + assert result[1].outputs["submission_id"] == "8559a7ce-2b85-451b-8742-4b943ad76a22" assert result[1].outputs_prefix == "VisionOne.Download_Investigation_Package" - assert result[1].outputs_key_field == "submissionId" + assert result[1].outputs_key_field == "submission_id" # Mock response for download suspicious object list def mock_download_suspicious_object_list_response(*args, **kwargs): - return_value = { - "code": 200, - "items": [ - { - "riskLevel": "high", - "analysisCompletionDateTime": "2021-05-07T03:08:40Z", - "expiredDateTime": "2021-06-07T03:08:40Z", - "rootSha1": "fb5608fa03de204a12fe1e9e5275e4a682107471", - "ip": "6.6.6.6", - } - ], - } - return return_value + return Result( + result_code=ResultCode.SUCCESS, + response=SandboxSuspiciousListResp( + items=[ + SandboxSuspiciousObject( + risk_level=RiskLevel.HIGH, + analysis_completion_date_time="2021-11-17T12:00:00Z", + expired_date_time="2022-12-17T12:00:00Z", + root_sha1="12a08b7a3c5a10b64700c0aca1a47941b50a4f8b", + url="https://someurl.com", + ) + ], + ), + ) # Test case for download suspicious object list @@ -702,34 +900,40 @@ def test_download_suspicious_object_list(mocker): High will be populated in the list. If no items exist, a 404 not found error will be returned. """ - mocker.patch( - "TrendMicroVisionOneV3.Client.http_request", - mock_download_suspicious_object_list_response, + client = Mock() + client.get_sandbox_suspicious_list = Mock( + return_value=mock_download_suspicious_object_list_response() ) - args = {"submission_id": "8559a7ce-2b85-451b-8742-4b943ad76a22"} - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + args = { + "submission_id": "8559a7ce-2b85-451b-8742-4b943ad76a22", + "poll": "true", + "poll_time_sec": 30, + } result = download_suspicious_object_list(client, args) - assert result.outputs["riskLevel"] == "high" - assert result.outputs["analysisCompletionDateTime"] == "2021-05-07T03:08:40Z" - assert result.outputs["expiredDateTime"] == "2021-06-07T03:08:40Z" - assert result.outputs["rootSha1"] == "fb5608fa03de204a12fe1e9e5275e4a682107471" - assert result.outputs["ip"] == "6.6.6.6" + assert result.outputs[0]["risk_level"] == "high" + assert isinstance(result.outputs[0]["analysis_completion_date_time"], str) + assert isinstance(result.outputs[0]["expired_date_time"], str) + assert isinstance(result.outputs[0]["root_sha1"], str) + assert isinstance(result.outputs[0]["type"], str) + assert isinstance(result.outputs[0]["value"], str) assert result.outputs_prefix == "VisionOne.Download_Suspicious_Object_list" - assert result.outputs_key_field == "riskLevel" + assert result.outputs_key_field == "risk_level" # Mock response for submit file to sandbox. def mock_submit_file_to_sandbox_response(*args, **kwargs): - return_response = { - "id": "012e4eac-9bd9-4e89-95db-77e02f75a6f3", - "digest": { - "md5": "4ac174730d4143a119037d9fda81c7a9", - "sha1": "fb5608fa03de204a12fe1e9e5275e4a682107471", - "sha256": "65b0f656e79ab84ca17807158e3eac206bd58be6689ddeb95956a48748d138f9", - }, - "arguments": "LS10ZXN0IA==", - } - return return_response + return Result( + result_code=ResultCode.SUCCESS, + response=SubmitFileToSandboxResp( + id="012e4eac-9bd9-4e89-95db-77e02f75a6f3", + digest=Digest( + md5="4ac174730d4143a119037d9fda81c7a9", + sha1="fb5608fa03de204a12fe1e9e5275e4a682107471", + sha256="65b0f656e79ab84ca17807158e3eac206bd58be6689ddeb95956a48748d138f9", + ), + arguments="LS10ZXN0IA==", + ), + ) # Mock response for submit file to sandbox. @@ -782,18 +986,25 @@ def raise_for_status(self): def test_submit_file_to_sandbox(mocker): - mocker.patch("TrendMicroVisionOneV3.requests.get", mocked_requests_get) - mocker.patch("TrendMicroVisionOneV3.requests.post", mocked_requests_post) + client = Mock() + client.submit_file_to_sandbox = Mock( + return_value=mock_submit_file_to_sandbox_response() + ) args = { - "file_path": "http://adsd.com", - "filename": "XDR_ResponseApp_CollectFile.7z", + "file_path": "https://someurl.com/test.json", + "filename": "dummy.pdf", "archive_password": "6hn467c8", "document_password": "", + "arguments": "LS10ZXN0IA==", } - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + mocker.patch("TrendMicroVisionOneV3.requests.get", mocked_requests_get) result = submit_file_to_sandbox(client, args) assert isinstance(result.outputs["task_id"], str) assert isinstance(result.outputs["digest"], dict) + assert result.outputs["code"] == 202 + assert isinstance(result.outputs["arguments"], str) + assert result.outputs["message"] == "SUCCESS" + assert result.outputs_key_field == "task_id" def test_submit_file_entry_to_sandbox(mocker): @@ -802,63 +1013,75 @@ def test_submit_file_entry_to_sandbox(mocker): "getFilePath", return_value={"id": id, "path": "README.md", "name": "test.txt"}, ) + client = Mock() + client.submit_file_to_sandbox = Mock( + return_value=mock_submit_file_to_sandbox_response() + ) mocker.patch("TrendMicroVisionOneV3.requests.get", mocked_requests_get) mocker.patch("TrendMicroVisionOneV3.requests.post", mocked_requests_post) args = { "entry_id": "12@1221", "archive_password": "6hn467c8", "document_password": "", + "arguments": "LS10ZXN0IA==", } - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + result = submit_file_entry_to_sandbox(client, args) + assert result.outputs["entry_id"] == "12@1221" assert isinstance(result.outputs["task_id"], str) assert isinstance(result.outputs["digest"], dict) + assert result.outputs_key_field == "entry_id" -# Mock response for Get file analysis report -def mock_sandbox_submission_polling_response(*args, **kwargs): - return_response = { - "id": "8559a7ce-2b85-451b-8742-4b943ad76a22", - "action": "analyzeFile", - "status": "succeeded", - "error": {"code": "", "message": ""}, - "createdDateTime": "2021-05-07T03:07:40Z", - "lastActionDateTime": "2021-05-07T03:08:40Z", - "resourceLocation": """https://apimock-dev.trendmicro.com/v3.0/sandbox/analysisResults/ - 012e4eac-9bd9-4e89-95db-77e02f75a6f3""", - "isCached": "true", - "digest": { - "md5": "4ac174730d4143a119037d9fda81c7a9", - "sha1": "fb5608fa03de204a12fe1e9e5275e4a682107471", - "sha256": "65b0f656e79ab84ca17807158e3eac206bd58be6689ddeb95956a48748d138f9", - }, - "arguments": "LS10ZXN0IA==", - "type": "file", - "analysisCompletionDateTime": "2021-05-07T03:08:40Z", - "riskLevel": "high", - "detectionNames": ["VAN_DROPPER.UMXX"], - "threatTypes": ["Dropper"], - "trueFileType": "exe", +# Mock response for submit urls to sandbox +def mock_urls_to_sandbox_response(*args, **kwargs): + with open("./test_data/submit_urls_sandbox.json") as f: + return_value: list[dict[str, Any]] = json.load(f) + return MultiResult( + result_code=ResultCode.SUCCESS, + response=MultiUrlResp(items=[MsDataUrl(**data) for data in return_value]), + ) + + +# Test case for submit urls to sandbox +def test_submit_urls_to_sandbox(mocker): + client = Mock() + client.submit_urls_to_sandbox = Mock(return_value=mock_urls_to_sandbox_response()) + args = { + "urls": json.dumps( + [ + "http://www.shadywebsite.com", + "http://www.virus2.com", + "https://testurl.com", + ] + ) } - return return_response + result = submit_urls_to_sandbox(client, args) + assert isinstance(result.outputs[0]["url"], str) + assert isinstance(result.outputs[0]["id"], str) + assert isinstance(result.outputs[0]["digest"], dict) + assert result.outputs_key_field == "id" def test_sandbox_submission_polling(mocker): """Test sandbox submission polling.""" + client = Mock() + client.get_sandbox_submission_status = Mock( + return_value=mock_file_analysis_status_response() + ) + client.get_sandbox_analysis_result = Mock(return_value=mock_file_result_response()) mocker.patch.object( demisto, "demistoVersion", return_value={"version": "6.2.0", "buildNumber": "12345"}, ) mocker.patch( - "TrendMicroVisionOneV3.Client.http_request", - mock_sandbox_submission_polling_response, + "CommonServerPython.ScheduledCommand.raise_error_if_not_supported", lambda: None ) - mocker.patch("CommonServerPython.ScheduledCommand.raise_error_if_not_supported", lambda: None) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) - args = {"task_id": "8559a7ce-2b85-451b-8742-4b943ad76a22"} + + args = {"task_id": "800f908d-9578-4333-91e5-822794ed5483"} result = get_sandbox_submission_status(args, client) - assert result.outputs["report_id"] == "8559a7ce-2b85-451b-8742-4b943ad76a22" + assert result.outputs["report_id"] == "800f908d-9578-4333-91e5-822794ed5483" assert isinstance(result.outputs["type"], str) assert isinstance(result.outputs["digest"], dict) assert isinstance(result.outputs["arguments"], str) @@ -869,124 +1092,315 @@ def test_sandbox_submission_polling(mocker): assert isinstance(result.outputs["file_type"], str) +# Mock function for check task status +def get_base_task_result_mock_response(*args, **kwargs): + return Result( + result_code=ResultCode.SUCCESS, + response=BaseTaskResp( + id="00000004", + status=Status.SUCCEEDED, + created_date_time="2021-11-17T12:00:00Z", + last_action_date_time="2021-12-17T12:00:00Z", + action=TaskAction.ENABLE_ACCOUNT, + description="something", + account="API", + ), + ) + + # Mock function for check task status def check_task_status_mock_response(*args, **kwargs): - return_value = { - "id": "00001824", - "status": "succeeded", - "createdDateTime": "2021-04-05T08:22:37Z", - "lastActionDateTime": "2021-04-06T08:22:37Z", - "description": "task description", - "action": "isolate", - "account": "test", - "agentGuid": "cb9c8412-1f64-4fa0-a36b-76bf41a07ede", - "endpointName": "client1", - } - return return_value + return Result( + result_code=ResultCode.SUCCESS, + response=AccountTaskResp( + id="00000004", + status=Status.SUCCEEDED, + created_date_time="2021-11-17T12:00:00Z", + last_action_date_time="2021-12-17T12:00:00Z", + action=TaskAction.ENABLE_ACCOUNT, + description="something", + account="API", + tasks=[ + Account( + iam=Iam.AAD, + account_name="jdoe@trendenablement.com", + status=Status.SUCCEEDED, + last_action_date_time="2023-11-16T21:51:19Z", + ) + ], + ), + ) def test_check_task_status(mocker): - mocker.patch("TrendMicroVisionOneV3.Client.http_request", check_task_status_mock_response) - mocker.patch("CommonServerPython.ScheduledCommand.raise_error_if_not_supported", lambda: None) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) - args = {"task_id": "00001824"} + client = Mock() + client.get_base_task_result = Mock( + return_value=get_base_task_result_mock_response() + ) + client.get_task_result = Mock(return_value=check_task_status_mock_response()) + mocker.patch( + "CommonServerPython.ScheduledCommand.raise_error_if_not_supported", lambda: None + ) + args = { + "task_id": "00000004", + "poll": "true", + "poll_time_sec": 30, + } result = get_task_status(args, client) - assert result.outputs["taskId"] == "00001824" - assert result.outputs["taskStatus"] == "succeeded" + assert result.outputs["id"] == "00000004" + assert result.outputs["status"] == "succeeded" assert isinstance(result.outputs["action"], str) - assert isinstance(result.outputs["createdDateTime"], str) - assert isinstance(result.outputs["account"], str) + assert isinstance(result.outputs["created_date_time"], str) + assert isinstance(result.outputs["description"], str) + assert isinstance(result.outputs["last_action_date_time"], str) # Mock for downloaded file information def mock_get_endpoint_info_response(*args, **kwargs): - return_response = { - "items": [ - { - "agentGuid": "35fa11da-a24e-40cf-8b56-baf8828cc151", - "loginAccount": { - "value": ["MSEDGEWIN10\\\\IEUser"], - "updatedDateTime": "2020-06-01T02:12:56Z", - }, - "endpointName": { - "value": "MSEDGEWIN10", - "updatedDateTime": "2020-06-01T02:12:56Z", - }, - "macAddress": { - "value": ["00:1c:42:be:22:5f"], - "updatedDateTime": "2020-06-01T02:12:56Z", - }, - "ip": { - "value": ["10.211.55.36"], - "updatedDateTime": "2020-06-01T02:12:56Z", - }, - "osName": "Linux", - "osVersion": "10.0.17763", - "osDescription": "Windows 10 Enterprise Evaluation (64 bit) build 17763", - "productCode": "sao", - "installedProductCodes": ["xes"], - } - ] - } - return return_response + return Endpoint( + agent_guid="35fa11da-a24e-40cf-8b56-baf8828cc151", + login_account=ValueList( + value=["MSEDGEWIN10\\\\IEUser"], + updated_date_time="2020-06-01T02:12:56Z", + ), + endpoint_name=Value( + value="MSEDGEWIN10", updated_date_time="2020-06-01T02:12:56Z" + ), + mac_address=ValueList( + updated_date_time="2020-06-01T02:12:56Z", + value=["00:1c:42:be:22:5f"], + ), + ip=ValueList(value=["10.211.55.36"], updated_date_time="2020-06-01T02:12:56Z"), + os_name=OperatingSystem.WINDOWS, + os_version="10.0 (Build 19045)", + os_description="Windows 10 10.0 (Build 19045)", + product_code=ProductCode.SAO, + installed_product_codes=[ProductCode.SAO, ProductCode.XES], + ) + + +def side_effect(lambda_func, args2, args3): + lambda_func(mock_get_endpoint_info_response()) # Test case for get endpoint information. def test_get_endpoint_information(mocker): """Test get information from endpoint based on endpointName or agentGuid""" - mocker.patch("TrendMicroVisionOneV3.Client.http_request", mock_get_endpoint_info_response) - args = {"endpoint": "hostname"} - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + args = {"endpoint": "hoMSEDGEWIN10stname", "query_op": "and"} + client = Mock() + client.consume_endpoint_data = Mock(side_effect=side_effect) + my_list = [] + client.consume_endpoint_data( + lambda cons: my_list.append(cons), QueryOp.AND, "MSEDGEWIN10" + ) result = get_endpoint_info(client, args) - assert result.outputs["status"] == "success" - assert isinstance(result.outputs["agentGuid"], str) - assert isinstance(result.outputs["logonAccount"], list) - assert isinstance(result.outputs["hostname"], str) - assert isinstance(result.outputs["macAddr"], list) - assert isinstance(result.outputs["ip"], str) - assert isinstance(result.outputs["osName"], str) - assert isinstance(result.outputs["osVersion"], str) - assert isinstance(result.outputs["osDescription"], str) - assert isinstance(result.outputs["productCode"], str) - assert isinstance(result.outputs["installedProductCodes"], str) - - -# Mock function for add note. -def add_note_mock_response(*args, **kwargs): - class Response: - headers = {} - status_code = 200 + assert isinstance(result.outputs[0]["agent_guid"], str) + assert isinstance(result.outputs[0]["login_account"], dict) + assert isinstance(result.outputs[0]["endpoint_name"], dict) + assert isinstance(result.outputs[0]["mac_address"], dict) + assert isinstance(result.outputs[0]["ip"], dict) + assert isinstance(result.outputs[0]["os_name"], str) + assert isinstance(result.outputs[0]["os_version"], str) + assert isinstance(result.outputs[0]["os_description"], str) + assert isinstance(result.outputs[0]["product_code"], str) + assert isinstance(result.outputs[0]["installed_product_codes"], list) + assert result.outputs_key_field == "endpoint_name" + + +# Mock response for get endpoint activity data +def get_endpoint_activity_data_mock_response(*args, **kwargs): + with open("./test_data/get_endpoint_activity_data.json") as f: + endpoint_activity: dict[str, Any] = json.load(f) + return Result( + result_code=ResultCode.SUCCESS, + response=GetEndpointActivityDataResp( + next_link="https://somelink.com", + items=[EndpointActivity(**endpoint_activity)], + progress_rate=30, + ), + ) + + +# Test case for get alert details +def test_get_endpoint_activity_data(mocker): + client = Mock() + client.get_endpoint_activity_data_count = Mock( + return_value=get_endpoint_activity_data_count_mock_response() + ) + client.get_endpoint_activity_data = Mock( + return_value=get_endpoint_activity_data_mock_response() + ) + args = { + "start": "2022-10-04T08:22:37Z", + "end": "2023-10-04T08:22:37Z", + "top": 500, + "query_op": "or", + "select": "dpt,dst,endpointHostName", + "get_activity_data_count": "true", + "fields": json.dumps({"dpt": "443", "endpointHostName": "client1"}), + } + result = get_endpoint_activity_data(client, args) + assert isinstance(result.outputs[0]["endpoint_host_name"], str) + assert result.outputs_key_field == "endpoint_host_name" + + +# Mock response for get endpoint activity data count +def get_endpoint_activity_data_count_mock_response(*args, **kwargs): + return Result( + result_code=ResultCode.SUCCESS, + response=GetEmailActivityDataCountResp(total_count=10), + ) + - return_value = Response() - return return_value +# Test case for get alert details +def test_get_endpoint_activity_data_count(mocker): + client = Mock() + client.get_endpoint_activity_data_count = Mock( + return_value=get_endpoint_activity_data_count_mock_response() + ) + args = { + "start": "2022-10-04T08:22:37Z", + "end": "2023-10-04T08:22:37Z", + "query_op": "or", + "select": "dpt,dst,endpointHostName", + "get_activity_data_count": "true", + "fields": json.dumps({"dpt": "443", "endpointHostName": "client1"}), + } + result = get_endpoint_activity_data_count(client, args) + assert isinstance(result.outputs["endpoint_activity_count"], int) + assert result.outputs_key_field == "endpoint_activity_count" + + +# Mock response for get endpoint activity data +def get_email_activity_data_mock_response(*args, **kwargs): + with open("./test_data/get_email_activity_data.json") as f: + email_activity: dict[str, Any] = json.load(f) + return Result( + result_code=ResultCode.SUCCESS, + response=GetEmailActivityDataResp( + next_link="https://somelink.com", + items=[EmailActivity(**email_activity)], + progress_rate=30, + ), + ) + + +# Test case for get alert details +def test_get_email_activity_data(mocker): + client = Mock() + client.get_email_activity_data_count = Mock( + return_value=get_email_activity_data_count_mock_response() + ) + client.get_email_activity_data = Mock( + return_value=get_email_activity_data_mock_response() + ) + args = { + "start": "2022-10-04T08:22:37Z", + "end": "2023-10-04T08:22:37Z", + "top": 50, + "query_op": "or", + "select": "mailFromAddresses,mailToAddresses", + "fields": json.dumps( + {"mailToAddresses": "testemail@gmail.com", "mailMsgSubject": "spam"} + ), + } + result = get_email_activity_data(client, args) + assert isinstance(result.outputs[0]["mail_msg_id"], str) + assert result.outputs_key_field == "mail_to_addresses" + + +# Mock response for get email activity data count +def get_email_activity_data_count_mock_response(*args, **kwargs): + return Result( + result_code=ResultCode.SUCCESS, + response=GetEmailActivityDataCountResp(total_count=10), + ) + + +# Test case for get email activity data count +def test_get_email_activity_data_count(mocker): + client = Mock() + client.get_email_activity_data_count = Mock( + return_value=get_email_activity_data_count_mock_response() + ) + args = { + "start": "2022-10-04T08:22:37Z", + "end": "2023-10-04T08:22:37Z", + "query_op": "or", + "select": "mailFromAddresses,mailToAddresses", + "fields": json.dumps( + {"mailToAddresses": "testemail@gmail.com", "mailMsgSubject": "spam"} + ), + } + result = get_email_activity_data_count(client, args) + assert isinstance(result.outputs["email_activity_count"], int) + assert result.outputs_key_field == "email_activity_count" + + +# Mock response for get alert details +def get_alert_details_mock_response(*args, **kwargs): + with open("./test_data/get_alert_details.json") as f: + alert = json.load(f) + return Result( + result_code=ResultCode.SUCCESS, + response=GetAlertDetailsResp( + etag="33a64df551425fcc55e4d42a148795d9f25f89d4", alert=alert + ), + ) + + +# Test case for get alert details +def test_get_alert_details(mocker): + client = Mock() + client.get_alert_details = Mock(return_value=get_alert_details_mock_response()) + + args = {"workbench_id": "WB-9002-20220909-00111"} + result = get_alert_details(client, args) + assert result.outputs["etag"] == "33a64df551425fcc55e4d42a148795d9f25f89d4" + assert isinstance(result.outputs["alert"], dict) + assert result.outputs_key_field == "etag" + + +# Mock response for add note. +def add_note_mock_response(*args, **kwargs): + return Result( + result_code=ResultCode.SUCCESS, + response=AddAlertNoteResp( + Location="https://dummy.com/v3/workbench/alerts/WB-14-20190709-00003/notes/1" + ), + ) # Test case for add note def test_add_note(mocker): - mocker.patch("TrendMicroVisionOneV3.requests.post", add_note_mock_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) + client = Mock() + client.add_alert_note = Mock(return_value=add_note_mock_response()) args = {"workbench_id": "WB-14-20190709-00003", "content": "This is a new note."} result = add_note(client, args) - assert result.outputs["message"] == "success" + assert isinstance(result.outputs["message"], str) assert isinstance(result.outputs["code"], int) - assert isinstance(result.outputs["note_id"], str) - assert isinstance(result.outputs["Workbench_Id"], str) + assert result.outputs["note_id"] == "1" + assert result.outputs_key_field == "note_id" # Mock function for update alert status def update_status_mock_response(*args, **kwargs): - return_value = { - "message": "Alert status changed successfully", - "Workbench_Id": "WB-20837-20220418-00000", - } - return return_value + return Result( + result_code=ResultCode.SUCCESS, + response=NoContentResp(), + ) # Test case for update alert status def test_update_status(mocker): - mocker.patch("TrendMicroVisionOneV3.Client.http_request", update_status_mock_response) - client = Client("https://apimock-dev.trendmicro.com", api_key, proxy, verify) - args = {"workbench_id": "WB-20837-20220418-00000", "status": "In Progress"} + client = Mock() + client.edit_alert_status = Mock(return_value=update_status_mock_response()) + args = { + "workbench_id": "WB-20837-20220418-00000", + "if_match": "d41d8cd98f00b204e9800998ecf8427e", + "status": "in_progress", + } result = update_status(client, args) - assert result.outputs["message"] == "Alert status changed successfully" - assert isinstance(result.outputs["Workbench_Id"], str) + assert result.outputs["code"] == 204 + assert isinstance(result.outputs["message"], str) + assert result.outputs["Workbench_Id"] == "WB-20837-20220418-00000" diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/command_examples b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/command_examples index 17d81424c0fd..4da25bb49904 100644 --- a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/command_examples +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/command_examples @@ -1,29 +1,34 @@ -!trendmicro-visionone-isolate-endpoint value="test-endpoint1" -!trendmicro-visionone-get-endpoint-info endpoint="test-endpoint1" -!trendmicro-visionone-restore-endpoint-connection value="test-endpoint1" +!trendmicro-visionone-get-endpoint-info endpoint="test-endpoint1,test-endpoint2,test-endpoint3" +!trendmicro-visionone-isolate-endpoint endpoint_identifiers=[{"endpoint":"test-endpoint","description":"isolate endpoint"}] +!trendmicro-visionone-restore-endpoint-connection endpoint_identifiers=[{"endpoint":"test-endpoint","description":"restore endpoint"}] !trendmicro-visionone-submit-file-entry-to-sandbox entry_id="12@1221" -!trendmicro-visionone-check-task-status actionId="00000012" polling="true" -!trendmicro-visionone-download-information-for-collected-forensic-file task_id="00000012" +!trendmicro-visionone-check-task-status task_id="00000012" poll="true" poll_time_sec=30 +!trendmicro-visionone-get-alert-details workbench_id="WB-14-20190709-00003" +!trendmicro-visionone-download-information-for-collected-forensic-file task_id="00000012" poll="true" poll_time_sec=30 !trendmicro-visionone-get-file-analysis-status task_id="012e4eac-9bd9-4e89-95db-77e02f75a611" -!trendmicro-visionone-update-status workbench_id="WB-14-20190709-00003" status="true positive" -!trendmicro-visionone-get-file-analysis-result report_id="8559a7ce-2b85-451b-8742-4b943ad76a22" -!trendmicro-visionone-collect-forensic-file endpoint="test-endpoint1" file_path="/file_path/sample.txt" -!trendmicro-visionone-add-objects-to-exception-list type="domain" value="1.alisiosanguera.com.cn" +!trendmicro-visionone-update-status workbench_id="WB-14-20190709-00003" status="true_positive" if_match="d41d8cd98f00b204e9800998ecf8427e" +!trendmicro-visionone-get-file-analysis-result report_id="8559a7ce-2b85-451b-8742-4b943ad76a22" poll="true" poll_time_sec=30 +!trendmicro-visionone-collect-forensic-file collect_files=[{"endpoint":"test-endpoint1","file_path":"c/test/test.txt","description":"collect file"}] +!trendmicro-visionone-add-objects-to-exception-list block_objects=[{"object_type":"domain","object_value":"1.alisiosanguera.com.cn","description":"Add to exception list"}] !trendmicro-visionone-add-note workbench_id = "WB-14-20190709-00003" content="This is a test note" -!trendmicro-visionone-add-to-block-list value_type="domain" target_value="1.alisiosanguera.com.cn" -!trendmicro-visionone-add-objects-to-suspicious-list type="domain" value="1.alisiosanguera.com.cn" -!trendmicro-visionone-delete-objects-from-exception-list type="domain" value="1.alisiosanguera.com.cn" -!trendmicro-visionone-remove-from-block-list value_type="domain" target_value="1.alisiosanguera.com.cn" -!trendmicro-visionone-delete-objects-from-suspicious-list type="domain" value="1.alisiosanguera.com.cn" -!trendmicro-visionone-force-signout accountName="ghost@trendmicro.com" description="Force signout user" -!trendmicro-visionone-submit-file-to-sandbox file_path="http://someurl.com/test.json" filename="test.json" -!trendmicro-visionone-download-suspicious-object-list submission_id="8559a7ce-2b85-451b-8742-4b943ad76a22" -!trendmicro-visionone-enable-user-account accountName="ghost@trendmicro.com" description="Enable user account" -!trendmicro-visionone-disable-user-account accountName="ghost@trendmicro.com" description="Disable user account" -!trendmicro-visionone-force-password-reset accountName="ghost@trendmicro.com" description="Force password reset" +!trendmicro-visionone-add-to-block-list block_objects=[{"object_type":"domain","object_value":"1.alisiosanguera.com.cn","description":"Add to block list"}] +!trendmicro-visionone-add-objects-to-suspicious-list block_objects=[{"object_type":"domain","object_value":"1.alisiosanguera.com.cn","scan_action":"block","risk_level":"medium","expiry_days":5,"description":"Add to suspicious list"}] +!trendmicro-visionone-delete-objects-from-exception-list block_objects=[{"object_type":"domain","object_value":"1.alisiosanguera.com.cn","description":"Remove from exception list"}] +!trendmicro-visionone-remove-from-block-list block_objects=[{"object_type":"domain","object_value":"1.alisiosanguera.com.cn","description":"Remove from block list"}] +!trendmicro-visionone-delete-objects-from-suspicious-list block_objects=[{"object_type":"domain","object_value":"1.alisiosanguera.com.cn","description":"Remove from suspicious list"}] +!trendmicro-visionone-force-signout account_identifiers=[{"account_name":"ghost@trendmicro.com","description":"Force sign out user"}] +!trendmicro-visionone-submit-file-to-sandbox file_path="http://someurl.com/test.json" filename="dummy_file.pdf" +!trendmicro-visionone-download-suspicious-object-list submission_id="8559a7ce-2b85-451b-8742-4b943ad76a22" poll="true" poll_time_sec=30 +!trendmicro-visionone-enable-user-account account_identifiers=[{"account_name":"ghost@trendmicro.com","description":"Enable user account"}] +!trendmicro-visionone-disable-user-account account_identifiers=[{"account_name":"ghost@trendmicro.com","description":"Disable user account"}] +!trendmicro-visionone-force-password-reset account_identifiers=[{"account_name":"ghost@trendmicro.com","description":"Force password reset for user"}] !trendmicro-visionone-run-sandbox-submission-polling task_id="012e4eac-9bd9-4e89-95db-77e02f75a611" polling="true" -!trendmicro-visionone-download-analysis-report submission_id="8559a7ce-2b85-451b-8742-4b943ad76a22" filename="sandbox_report.pdf" -!trendmicro-visionone-download-investigation-package submission_id="8559a7ce-2b85-451b-8742-4b943ad76a22" filename="sandbox_report.zip" -!trendmicro-visionone-terminate-process endpoint="cb9c8412-1f64-4fa0-a36b-76bf41a07ede" file_sha1="1e97cca0cbefe53860a9bbc9bbbb846e6cdea911" -!trendmicro-visionone-delete-email-message messageId="" mailBox="kjshdfjksahd@trendenablement.com" -!trendmicro-visionone-quarantine-email-message messageId="" mailBox="kjshdfjksahd@trendenablement.com" \ No newline at end of file +!trendmicro-visionone-submit-urls-to-sandbox urls=["http://www.shadywebsite.com","http://www.virus2.com","https://testurl.com"] +!trendmicro-visionone-download-analysis-report submission_id="8559a7ce-2b85-451b-8742-4b943ad76a22" poll="true" poll_time_sec=30 +!trendmicro-visionone-restore-email-message email_identifiers=[{"unique_id":"jto9GAHTr9V=TFqMZhRXqVnMfSqmTdAMyv9PDX3k","description":"Restore email message"}] +!trendmicro-visionone-download-investigation-package submission_id="8559a7ce-2b85-451b-8742-4b943ad76a22" poll="true" poll_time_sec=30 +!trendmicro-visionone-terminate-process process_identifiers=[{"agent_guid":"cb9c8412-1f64-4fa0-a36b-76bf41a07ede","file_sha1":"1e97cca0cbefe53860a9bbc9bbbb846e6cdea911","file_name":"dummy_file.pdf","description":"Terminate process"}] +!trendmicro-visionone-delete-email-message email_identifiers=[{"message_id":"","mailbox":"kjshdfjksahd@trendenablement.com","description":"Delete email message"}] +!trendmicro-visionone-quarantine-email-message email_identifiers=[{"message_id":"","mailbox":"kjshdfjksahd@trendenablement.com","description":"Quarantine email message"}] +!trendmicro-visionone-get-endpoint-activity-data "start"="2022-10-04T08:22:37Z" "end"="2023-10-04T08:22:37Z" "top"=50 "query_op"="or" "select"="dpt,dst,endpointHostName" "get_activity_data_count"="true" "fields"={"dpt":"443","endpointHostName":"client1"} +!trendmicro-visionone-get-email-activity-data "start"="2022-10-04T08:22:37Z" "end"="2023-10-04T08:22:37Z" "top"=50 "query_op"="or" "select"="mailFromAddresses,mailToAddresses" "get_activity_data_count"="true" "fields"={"mailToAddresses":"testemail@gmail.com","mailMsgSubject":"spam"} \ No newline at end of file diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_blocklist.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_blocklist.json new file mode 100644 index 000000000000..774dee9e45c2 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_blocklist.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000007" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_exception.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_exception.json new file mode 100644 index 000000000000..3aabf06376bc --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_exception.json @@ -0,0 +1,7 @@ +[ + { + "message": "success", + "status": 201, + "total_items": 10 + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_note.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_note.json new file mode 100644 index 000000000000..452cc7a655a5 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_note.json @@ -0,0 +1,3 @@ +{ + "Location": "{{request.baseUrl}}/v3/workbench/alerts/{{request.pathSegments.[3]}}/notes/1" +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_suspicious_list.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_suspicious_list.json new file mode 100644 index 000000000000..7298575cb6b8 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/add_suspicious_list.json @@ -0,0 +1,7 @@ +[ + { + "status": 201, + "total_items": 10, + "message": "success" + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/check_task_status.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/check_task_status.json new file mode 100644 index 000000000000..7b2a62124662 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/check_task_status.json @@ -0,0 +1,13 @@ +[ + { + "id": "00000004", + "status": 200, + "createdDateTime": "{{now offset='-1 minutes'}}", + "lastActionDateTime": "{{now offset='-1 minutes'}}", + "description": "task description", + "action": "isolate", + "account": "test", + "agentGuid": "cb9c8412-1f64-4fa0-a36b-76bf41a07ede", + "endpointName": "trend-host-1" + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/collect_forensic_file.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/collect_forensic_file.json new file mode 100644 index 000000000000..c82aa2c4777d --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/collect_forensic_file.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000003" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/delete_email.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/delete_email.json new file mode 100644 index 000000000000..93c60710eceb --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/delete_email.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000001" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/delete_suspicious_list.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/delete_suspicious_list.json new file mode 100644 index 000000000000..fd4b8cb30580 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/delete_suspicious_list.json @@ -0,0 +1,8 @@ +[ + { + "status": 204, + "task_id": null, + "total_items": 10, + "message": "success" + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/disable_user_account.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/disable_user_account.json new file mode 100644 index 000000000000..75fa3ac0b5c3 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/disable_user_account.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "https://tmv1-mock.trendmicro.com/v3.0/xdr/response/tasks/00000009" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_analysis_report.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_analysis_report.json new file mode 100644 index 000000000000..82e005141c26 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_analysis_report.json @@ -0,0 +1,14 @@ +{ + "priority": 1, + "request": { + "urlPathPattern": "/v3.0/sandbox/analysisResults/.*/report", + "method": "GET" + }, + "response": { + "status": 200, + "base64Body": "JVBERi0xLjQKJcOkw7zDtsOfCjIgMCBvYmoKPDwvTGVuZ3RoIDMgMCBSL0ZpbHRlci9GbGF0ZURlY29kZT4+CnN0cmVhbQp4nD2OywoCMQxF9/mKu3YRk7bptDAIDuh+oOAP+AAXgrOZ37etjmSTe3ISIljpDYGwwrKxRwrKGcsNlx1e31mt5UFTIYucMFiqcrlif1ZobP0do6g48eIPKE+ydk6aM0roJG/RegwcNhDr5tChd+z+miTJnWqoT/3oUabOToVmmvEBy5IoCgplbmRzdHJlYW0KZW5kb2JqCgozIDAgb2JqCjEzNAplbmRvYmoKCjUgMCBvYmoKPDwvTGVuZ3RoIDYgMCBSL0ZpbHRlci9GbGF0ZURlY29kZS9MZW5ndGgxIDIzMTY0Pj4Kc3RyZWFtCnic7Xx5fFvVlf+59z0tdrzIu7xFz1G8Kl7i2HEWE8vxQlI3iRM71A6ksSwrsYptKZYUE9omYStgloZhaSlMMbTsbSPLAZwEGgNlusxQ0mHa0k4Z8muhlJb8ynQoZVpi/b736nkjgWlnfn/8Pp9fpNx3zz33bPecc899T4oVHA55KIEOkUJO96DLvyQxM5WI/omIpbr3BbU/3J61FPBpItOa3f49g1948t/vI4rLIzL8dM/A/t3vn77ZSpT0LlH8e/0eV98jn3k0mSj7bchY2Q/EpdNXm4hyIIOW9g8Gr+gyrq3EeAPGVQM+t+uw5VrQ51yBcc6g6wr/DywvGAHegbE25Br0bFR/ezPGR4kq6/y+QPCnVBYl2ijka/5hjz95S8kmok8kEFl8wDG8xQtjZhRjrqgGo8kcF7+I/r98GY5TnmwPU55aRIhb9PWZNu2Nvi7mRM9/C2flx5r+itA36KeshGk0wf5MWfQ+y2bLaSOp9CdkyxE6S3dSOnXSXSyVllImbaeNTAWNg25m90T3Rd+ii+jv6IHoU+zq6GOY/yL9A70PC/5NZVRHm0G/nTz0lvIGdUe/Qma6nhbRWtrGMslFP8H7j7DhdrqDvs0+F30fWtPpasirp0ZqjD4b/YDK6Gb1sOGVuCfoNjrBjFF31EuLaQmNckf0J9HXqIi66Wv0DdjkYFPqBiqgy+k6+jLLVv4B0J30dZpmCXyn0mQ4CU0b6RIaohEapcfoByyVtRteMbwT/Wz0TTJSGpXAJi+9xWrZJv6gmhBdF/05XUrH6HtYr3hPqZeqDxsunW6I/n30Ocqgp1g8e5o9a6g23Hr2quj90W8hI4toOTyyGXp66Rp6lr5P/05/4AejB2kDdUDzCyyfaawIHv8Jz+YH+AHlZarAanfC2hDdR2FE5DidoGfgm3+l0/QGS2e57BOsl93G/sATeB9/SblHOar8i8rUR+FvOxXCR0F6kJ7Efn6RXmIGyK9i7ewzzMe+xP6eneZh/jb/k2pWr1H/op41FE2fnv5LdHP0j2SlHPokXUkH4duv0QQdpR/Sj+kP9B/0HrOwVayf3c/C7DR7m8fxJXwL9/O7+IP8m8pm5TblWbVWXa9err6o/tzwBcNNJpdp+oOHpm+f/ub0j6JPRX+E3EmC/CJqhUevQlY8SCfpZUj/Gb1KvxT5A/lr2Q72aWgJsBvYHeyb7AX2I/ZbrJLkewlfy5uh1ceH4aer+e38Dmh/Ce9T/Of8Vf47/kfFoCxRVip7lfuVsDKpnFJ+rVrUIrVCXa5uUXeoUUSm2nCxocPwiOFxw3OGd4z1xj6j3/gb09Wma83/dLbs7L9N03T/dHh6ArlrRiZdCU98lR5A3h9FDH4Aj/4QFp+mdxGFHFbAimH3atbK2tgm9il2GfOwq9n17O/Yl9k97AH2LawAa+Am2O7gjbyDu7iHX8uv57fwo3gf59/nP+Gv8DOwPEuxKw5lubJR2aFcqgxhDUHlgHItPHub8pjykvKy8qbyG+UMopalLlZD6pXq3erD6lH1R4ZPGgbxfsBw0jBl+JHhA8MHRm7MMeYZK42fMT5i/KXJaFppajfdaPoX03+Y/SyPlcFybX614NnYg4v5YzxdPcjOAJHPVErGyh2IQwd2xX9QgzKNuCSJediWwbPVNMFpdKph8AfZCaplL9BBI1dQidXTFGG/4KfV5/lF9GPWw7LVh5Uhww94AT2OanSYP81PsPV0lNfzS/i9CrE32CP0BvL9CrqDXc4C9Dg7w9awz7M6dpD+hWcqHexaqo8+wFUWxzaydwgW0FVqH33646sgW02/oLemv6omqp9DfZqkuxDRb9Br7FH6MzNE30Z1U1CNXKgyNyPfryNR9XZinx3EfsxGBRkwvkRHxYliqjOuU6+kd+g/6S3DcWTUelTSN6e96lfVX0XrouXYYdhl9Aj2XT9djB3zBrLkGYzF6DLs9HjUkmrs6nbaQX30eVS926Lh6L3Ra6L7oz76R/D+mS1jf2Zj2BGT4Kin7+H9RfoZuwn78OL/3ikw3UdT9FtmZYWsGvvhjGGf4bDhMcNRw7cNLxqXw9vX0j3I6F8im+OxAjf9iH5Lf2JmxCabllEN7F0F27togHcrz1ATyyE/9mwJ6vh6fSUBSLka3rsX+/kZ7I13UCcuo2/TK4yzLKzIDf1myGmDn3eB+iFE8Bo2AUwfqnYZ/Q7rTmKreBD6nJB0F6rWFGz6Bf0a3o5Ku5ahLjSzSyDrT/Qp6oOGldTOxhGBJ2k1Kmuz8k/w91JmofVsCfs6+HqwQ5Mon1YbfsU4LZveHF3FvcozOGOiwI/h9Mqli9heWJGMdZylDLaFaqe3wYaXiZyNnc6GdRfVr12zelVdbc2K6uVVlRXlyxxlpSXFRYVL7UsKNNvi/LzcnGxrVmZGelpqiiU5KTFhUXyc2WQ0qApntKzF3tqjhYt6wmqRfcOGcjG2u4BwzUP0hDWgWhfShLUeSaYtpHSCcveHKJ0xSucsJbNo9VRfvkxrsWvhF5vt2iTbsbUL8C3N9m4tfEbCmyR8WMKJgAsKwKC1WPubtTDr0VrCrfv6R1t6miFufFF8k73JE1++jMbjFwFcBCicZfePs6x1TAI8q2XNOCdzIowK59ibW8LZ9mZhQVgpbHH1hdu3drU05xYUdJcvC7Mmt703TPb14WSHJKEmqSZsbAqbpBrNK1ZDN2njy6ZGb560UG+PI6HP3ue6rCusuLqFjhQH9DaHs6583To3hPDUpq7r58/mKqMtVq8mhqOj12vhqa1d82cLxLW7GzLAywtbe0ZbofpmOLGtQ4M2fl13V5hdB5WaWIlYVWx9HnuLwPR8RgvH2dfb+0c/04PQ5IyGadv+gkhOjvNY9DTltGijnV32gnBDrr3b1Zw3nk6j2/ZPZDu17IUz5cvGLSkxx44nJetAQuJ8wDM7JyFJLqC2bbOeZcIi+0YkRFhza7Cky441rRIXzyoada8CGV7dDFzhPkTEG45r6hm1rBF4wR82FFrs2ugfCRlgP/P2QoxLxxgLLX8kAYo8mU01zM/AYYcjXFYmUsTUhJjCxnVyXFu+bN8kX2n3WzR0cB+1w7eu7jWVcH9BgQjwTZNO6sUgfGhrV2ysUW9uhJyVju4w7xEzUzMzGdvFzKGZmVn2Hjsy+ah8EMgIm4tm/yVbMtNa+teEWebHTHti820d9ratO7q0ltEe3bdtnQtGsflVs3M6FE5r6lJyuQ7xXEXOIikvmyUWg66EsFqIf0aZ1H1hBUkpEUxrDVt6NsSu3fEFBR/JM2kyz2OajL4juGQ3x6ZbGV7jWDheu2C8wLqEUQX2qkW8rXPH6Gj8grlWFKDR0Va71jraM+qajB7qtWsW++gx/jB/eNTf0jMT0Mno8Ztyw603d2MR/WwNkpXT+nE7u2HruJPd0LGj65gFT283dHZFOONNPeu7x5dirusYbkWcEstnsWKkiRG1MSR6hJvlVO4xJ9EhOatKhBy7JxlJnHkGx8g9yWM4i8ThVY7bFBF8A9449U20/ihn00bTJG9wppFBnVYo3qROM8o2Gw3TXHmaFVEcbnatZHVY3qs/W7/Z8m79prP11ADY8gEuy6sKUgpSCnFhuIH4QFOmPnAa6C+kqVPQhScYMrjwnGUhGx10rigxlMRfnOVRPQmGsqzVWRsyuzP7Mw2rs1bmXp97t+GuRQZbSiEjnpZamGwxZxcfMTHTZHRqIm5RDUy82Zl2qIBpBVUFvCAlVSPNUmXhlkl+04S2vMPqgGk7hW2bLDv3vufYu+mMNLJB2kg797KdaQXVWZmZqRnpuBfE217AUlZU163jtTVFRcVF9jt4/lM9V032lNft3nRN79fPvsxKXv1c3YZd9fUDHeueMBzPK3pu+s0fPnHNmLutzKY+90FtUuolLzz22JO7U5PEs/ct0d+oHbivy6R7nVmfStmTcpdBiTNmG+t5fUobb0t5k5uSJ3nQmaIuyqT4jPT0+DhjWnpRRgZNslJnUqZTW1pzJJNFM1lmjhWLdmYuWVpz2Dpm5X7rO1b+eyuzxi8qijOLqWTQjpnZO2Zmzs5qqJdr3zvsEKvfjNUPO95D23Sm3iIjVW+BFxrOCC+wnQW1RqN9SVFRLaKWnpm5onrlSgEqm9c84738sU+ybNu2hg3DZSz7vu29n37sLj42bT3tWbsl9Dqb+svPxToP4H73y+o6KmZrj1EpjNmZEt9gMBoTMoyZCTVKjbnGWmNv5i3mFmuzPUFTKks74npKD5XeV/p148OmhxKeMD6REC49VXq6NIlKK0vbMXGy9LVSY6kzJ6+mAeNDctJgKlBNOfmZcFkk3lQgPLdYNVlSUopz8/KKiuMZGZMtRakpzh21PSnMl8JSJnmrMzkntyg/DzhfHuvJY3nAHS1EdBl8HCEqFsmUHNcgeudK2F0M0mJnI1o92tLimmLnmotqKotfKn6tWEkuthUfKlaoWCuuKo4Wq8XZJb+K+Vq4OPZCtp2Bl9/budeBRHtv707RwefS6+LdcKbhDEtJXU1oy6vYsGPvToTBkVaQsXJFdWbWSnnNzEAIapCDS4xGCRbNgAeYctPU7ruqWh+4LPRASf70m/nFW9f2V0y/ubhhZWN/+fSbatFtj3Zu396567LmL5/t5ru+WlG/4aa7pjlvvWfHstZr7z77AWKWNL1V3YbcTGM1R1NLDCxtMnraaU1IrjFnJibXmMTFKC6GTOC4cI4tZ00NgqomLkoyWjilGdU0rioKg9vTeizMMsmOOFMXJSdWJpWQllGV0ZOhvJPBMoR/lxTViN6Zmre4JiMrK0ddrTit2TUHFaZMsmJnHJcjVD8xSsXTiTNvZY1GVagW2enfGYs52LHpbDau+Gc9u7nF0/xrh2Pv8CbLu69Tw5mdlQ3StSx1dYr0a+pqAKYki9joDibjsrMtbOloC69BxY+oFjoefYdY9J1xBc/veHXjRDlGhuhvnEmJKQ1plrRsXFKtDQacIRMYiD6CcUxWd1pBWloBMyUp9iXFxWLL1CUxx/T7zD59Y1Nh06cOtm/dnL2+tvfT2WrR2ST+hw/4sZ29Fy1J+UVioFvUwDvxLPg+amAy7rdHnIVGw7H0Y1blYgPbY/iJgaemFCYmJVGupRAuSSZz5jlVL9OWX5Xfk+/PP5RvyLckayzmLFH48hYWvtm6J6pe6urKudq3IqVAQ/HLSDeKymfP5nLj14i6dyf7V5a07cBjvV/a/JnvP/vAkX1Nn95QO2Y4nlnw6pHrJ70pGWd/qj433VPR29jenxiPbPoS1nMt1hNHw84Gs0E1GgpNmrnKfNL8mlmtNB82c7OZFFWsJ47MpgbjFjyKb1Nw8vAcbVHVIr5IjZu/iPj5i0D9eg8ABnPL2LkXvWKw1GM1WEhGgWxfUs6cXcv7zt5rOP7+9IPvn71NVCcrHP5rw8uowpPO6pUqK1M1i5bSrR6yGszqSSvPyEzh6amZKUlpyWRJSmNk4elx5uRFbNeiKAwTZSbeyFKSY4VYVh2c13jYFomPkr2iwbzF3G5WzCWWypRdKTxlkqnOxKS0Ip6+i8YypzJ5JkL3ZFxCTWZ21hXHuJfk0hx76zeJ0/KDnfXv7sx+naxYm1gVWgMuq6uT8UJ5EMUhbUVtjSgLWSZRBDIyVmTYURLs1ntX3x26IlDUtO6i2n/+5+k371WL2r9wbcfS71hWb2179YOnlI0i126Hsd9AbMTZPnKM4rAPG1DnnHHtcfxQXDhuKu5U3O/jDLa4nriDcWNAGBSjCQe/kkzMSafwxKjQTtwiGA1GkxrPTUVMFXs5rmBpjZpt1o8ah34LIAOEJcjQyOhgAcOONJjL0G5n2dNvsmz1SaZOf/CXT6hFOEDYPAs7xBaccpYK+wztBn7IEDZMGU4Zfm8w2Aw9hoOGMSAMMAY3JVwpYjRjCWWr51ii614R02s4/udWeKMRZ3Ixzqp0ymNfO0aW6PvO1kWr7477SuJdlkcMD8efiDuROJljNqezDfxiY2v8lsWPJD5pfDLnu/HfS/hJ/CsJ75v+lJiYl5yX4czNr8lwJqXUJGeczHgpQ5GFLnlxg+yTstDzW5wJyUmp7Uk9STzJmspEFmTn1rAVqcLsiXytRvZLSmO9ozzWW/Nk70xOSq4ZE/flFpi9KzUVmTehLkq1igxcushEBawyo2BLEkvKqVy8a7Fv8X2L1cXJBWYnirY5O9/bGPPGpjNy+2w68y6KwBkUOWe61VmS3mB1Lk7GJdeCS15KgyxqDWdlEUyFEaBIFcaASPagE31khhTnnSyEkoEwgeNMzGeJLjwRF79ODhsLGhwk6F93oCjvlOqTnPBSklCaJNQnOeEskkJRnBwOHKP1uAtD8HbupZ0OhiPHrhUX1VpoRTUpBfL+JE0chiZjFv8zs65868j0767zsvSXz7BU41mncrVr/Y5i5YpLLquvZ2xb5Vfuf+K2V5kZ1fm70898/qYNbODKg01NAfkxmPiI79d7nvlx/8ldyfV/NGeb5adDD/yqfu5Tf5reavwyqgdDbWMzH58RmdZNb6amuQ/UPvQBU4IRKMN36Q71V3SLKZ8OqAFK4qtx53sJ3Qncl/hjZMX4dtEw1wielfQ4s7H/5JN8UtGUIeV/qw1qyPBZXXoClSANxIsjISppO+65Nlt82AgCu0u9ksTduzRYXhXJFy9HiuTCnaEOK9TFLDqsUjrr12EDWdnndNgI+A4dNtF32Dd02ExF3K/DcTTK79LhePU5RdPhRdRr+qUOJ9Buc7MOJxqPmh/T4SS6LPnTs347mHxch+E2y2od5qRa1umwQsss63VYpXjLkA4bKMFyhQ4bAV+rwybqtRzWYTOlWf6gw3HUkmLQ4XjuSvmEDi+i5WmPz35btiLtFzqcqOxIT9bhJKrI8sISpgqvJ2V9SYdVysl6UMIG4OOzTuqwSplZ35ewEXhj1ms6rFJq1hsSNom4ZP1JhxGLrKiEzcAnWNN0WCWr1SbhOBFfa50OI77ZtToMOdkNOoz4Zl+sw5CZfZ8OI77ZEzqM+Gb/ow4jvtm/0mHEN+dhHUZ8c17UYcQ391M6jPhq2TqM+Gqf1WHEV/tfOoz4Ft8p4Xjhq+J/12H4qji2xkXAp5Zk67BKi0scEk4QaynZqMOwv2SrhJNE5pd4dFilvJKQhC1Szm06LOR8TcJpwuclz+owfF7yXQmnC3tKfqbDsKfkTQlnAJ9eynRYJa00Q8KZgr60VodBX9ok4WxJv1OHBf1eCeeKHCi9TYeRA6X3SDhf2FM6rsOwp/QpCdsk/fd1WNC/LOGlIgdK39Jh5EDpHyVcJvxTlqjD8E9ZzM5yUQnKSnVYnYHN0v+zMOwvk/ljlusq26rDAr9LwAkx+v06LPDXS1jGpex+HRZ6H6VO2k9+8tBucpEbvUaPonVSv4Q3kY+G0II6lYaK6aNhwOLqAt4rKTRgBsBfAahZ4l3/Q0mVs5Zp1IGZAQrN0gSA24g+pm85rca7isp1qFpiG8ExgH4bePbAhqDk2gZ5AbRh2odrH6iGMe8C5Xqpo+8cO9fMo9FmqdbQJVJKYNbqFdBahbeGKr8JWDdmfZj3wbNBKj2vlI+SMUdbPs+uznn4b0nPCr/1QcYg+mG6HDih7b/vcw1YD7zlhU1BaZvwkYaxoAnqUrcjHhq1S36NiqS+Tbhuge7d0vcu0As+D6QKb49ITiGt4jw2xeLsg15hkx+0+z+SyiPzS9CNSKv2zOr16tlbLqPso17d6s1ypl960QVrls3aPixnvDJTO3ANSatjEYll1SrkUpO0JCi9POO3Ydiigcql52Iso7zS930yw0TODUld8+Pu1mW5pG2Cc1BKFHb3Q/+glBjzviatdkl9bj0asRlhdUCPh0uuMca3fzb+Xj3b/XoEPdI3AZmNsdXNRMil2x+S2jSpYb5VM5EXvhHjESm7f142CFqflBXTPYOPeTuoe8StZ2rgHLogZHqkV7zoY7LdOiYkPS0yai6nfXLnDkuPDkh+YamI56DONaPBLfn36Vq9+kpj+1FImPPCblAKaTHsnF+9und9+kq8kj4kR3NRDcgsHZDWnT8nZmprYHYtYm5QypuTIerF5bq1Lt3/bln1NH2XzvisT+reI7ExfrHDvHoM++W+8+s54sNV7Oh9urdjEuaqvUvGKpYdmvShW1+/V0ZtQNL45d6LZeOQ5IytZH52e2czS+z8K/TIDEprRG7u0/dWrO4MzNoxKEdz2Rv80IkU+ND63LqOXikhJD3dtyA3PbQX+BnPitx2z65wt8xtTebAFdK3AZl3wdl6Eou6sD2234N61YjtpoCeZXPVMzY7KCPioislf8xqIdctZ+cyLaa9T3rLL3fJ/tlVzOgekjVTzLukJ4Z1HWIPxbwYlPwzFs9I98scGpR1c8a2Cnn2BTG3BmdqJeSKd4Wkml9hK2R1GgRFv9xLA4AGAQ3JCHnkKEC7ZA7EIl4xS/l/V8OIzJgYrWeels2o9J0491vRmpB5At4CrDgBWnH9pMS3ANOBq8jNi3EStOC9SWI7KRFPU6J1ymwKnCfXtFl8bJ/EPOrXfT6Xo3/dKTYXmZmKPBPnXjm7H/ShWZ3u2doWy+e582h+tYxVjrk6Gtu/Xr1mBvQ9vUdK8czWRLFbu3VtYnfv02tp7+xpFNMZ/BjPzNTOkdnq5NF3nGc2p4dl/Qjq+3m3no/n89fMLhQe88yTMreLz9XXp5+AIgN7ZWWMWd2rR2ZIl3y+CBXLVS30VKwin5sV52qeqW2iirnkvagLWgd0bwf0GvJRuoX3twMzV2f3nxMLj36XMf+eK1a9XdIiv/SsV7/T+Wtirum5ODSvts3oFZWkT3raO+8UGZ53r7xslnp4Xt7Ond0f7ylh3aCUP5NXvgXyRmT8L5fRnH8fOlMf5yh9oI3doYakx4X8/tn1xOyan92DekWN+T+2q/x6fsxV3oU59HErmsuPjXLt50Zu5t5LnDke/Q4ttprY/Z5bRnXoQzEY/pC/5yQH5N1qSN71x86hffLeaITm313919GfkTes3/959Wee893FnRvHmLfm7ljdUua5+3gmYq4P+Xr332TtnJfP1bDwvF9okUe/iw3i7JmRIJ5PGin2JFCCe/gaqsPzl4brcozK8XxVI5+yxKcj26lNp6zC7HLM1OhwHZ7G6iTXSqrFs4BoQvrfdtb990/GmbnKD3lv9jzs3O/37Ha5PdqjWme/R9vkG/IFgdKafMN+37Ar6PUNaf4Bd4XW7Aq6/guiSiFM6/ANhAQmoG0cAt/y1aurynGprtAaBwa0bd49/cGAts0T8Azv8/Q1DntdA+t9A30zMtdIjCZQay7xDAeE6BUVVVVaySave9gX8O0Ols6RzKeQ2HIpq1PCj2idw64+z6Br+HLNt/tjLdeGPXu8gaBn2NOneYe0IEi3d2jtrqBWpHVu0rbs3l2huYb6NM9AwDPSD7KKWUlYs2/PsMvfv38+yqM1D7tGvEN7BK8X7i3Xtvl6IXqz193vG3AFlgnpw16316V1uEJDfVgIXLWqusk3FPQMCtuG92sBF7wIR3l3a32egHfP0DIttnY3qFxeTA76hj1af2jQNQTzNXe/a9jlxjIw8LoDWIdrSMPcfrF+L9zuxwI9bk8g4IM6sSAX5Ifc/ZpXFyUWHxryaCPeYL90w6DP1ye4BQyzgzDEDacGZnDBEc9Q0OsBtRtAaHh/hSY97dvnGXYh3sFhjys4iCnB4A4h5gGhTMTRMyxN2B0aGAAobYX6QR+UeIf6QoGgXGoguH/AM98TIlsDQotneNA7JCmGfZdDrAv2u0NQFAtgn9e1xyfmR/rhc63fM+CHR3zaHu8+jySQae/SBuAObdAD3w153SB3+f0euHHI7YGSmLu9wlma5wosZtAzsF/D2gLInQEhY9A7IN0b1DdSQNfnBkevRwsFkFLSm569IWFsyC38r+32YcmQiEUFgyJPsPRhD+IeRGogTAG4TKYnhoOuPa4rvUMQ7Qm6l8WcBvY+b8A/4NovVAjuIc9IwO/ywzSQ9MHEoDcgBAty/7Bv0CelVfQHg/41lZUjIyMVg3rCVrh9g5X9wcGBysGg+NuSysHALpdYeIVA/pUMI54BYD2SZfOWzo2tG5saOzdu2axtadU+ubGpZXNHi9Z48baWlk0tmzsT4xPjO/vh1hmvCReLmMBQrCAoPXqeLSYXIxJZrLl3v7bfFxKcbpFt8LPcR7G0RHLIHEV8sf2GQO7aM+zxiEys0LrB1u9CGvh6xTYCZ3CBMSI7R0Q6eRA4j/D0sMcdRJx3w49zdokQ+vZ4JIkM8SwfQoPs7Q0FIRpm+rCj5i2oODBjFBJ51hWzzCLbtH2ugZCrFxnmCiBD5nNXaNuHZM7un1kF1qRXLqS3Swv4PW4vis65K9fgxSGZbYLX1dfnFTmBrByWVXmZQA9L38rd/SGjBryDXrEgKJF0I77hywOxJJX5KJG+ERTUUO+AN9Av9EBWzN2DSFTYj1D592ux5NU9tFCR9MfG3XOLE9Vrb8gTkGpQ99ye4SF9BcO63ZI40O8LDfRhD+3zekZi5eqc5Qs6RNKDCtA3V+Jm1wizZGF1B+diLBbm0q3efX6x0uRZBn3f64KgxxVcIwi2dzTiEChZVVNXqtUtX1VeVVNVFRe3vQ3IquXLa2pwrVtRp9WtrF1duzox/iN23cduRjGq1M2T+xCPqx79Jknc6sz/mGXhTJBCLBG3Bm8toJnD7qaFH3NrOqZV/9Bj/oyOU25QnlG+o5zEdXz+/AL8ha8NLnxtcOFrgwtfG1z42uDC1wYXvja48LXBha8NLnxtcOFrgwtfG1z42uDC1wYXvjb4f/hrg9nPD7z0UZ8sxGY+iT6WrT6JCS2gPXf2Ylk1AguoZnCt9BbGl9N7oH8LuIWfOiycm+GZub/ynVfi3OwlEppPE8NskKN98vOOhfMLZ9r10zckn/18clfOpz7f/HxP+T7Shz7Vpq5T16pN6kp1lepUL1Lb1NXzqc8733neT3TmsK3nrCeGaRMjthw08+fmsG36venlH7J4Hp6l0C8VO7Jk3vws7q/Nm7/SN3+1vI/LK/3/y1O0mH5K53l9mzqVr1AyY2SLTilfnrCkVzsnlbsnktOqnY0W5U5qR+MUVjbRFBonn3IbHUTjIG+LlC+vPiaAifikagvobyIN7RCaQmO4Mjl2ogn6mybSMoX4ayLJKZLvs5GqmhgwYbFWtzemK1cQUzzKENnJphxAvxi9G30++l6lD5VC2OmcSLZUH4K+BpA3KBkoQzalUcmkavTNSg7lSrJQJCmmJxQpKatujFeaFKskSVYSUY9silkxRapt2glF/NmwU7lhIm6RsO+GiCWj+hnlOsVE6aA6BKosW/IzSjxVoomVdE7EJVYfbkxQOrHMTrjFpoj/rH+fvDqVoQgEQV+LkkeZmLtcyacM9K3K4kiGbeqEcrsk+zshBfrWRcwrRDeRmFQ91RiniL8HCCu3wuO3Sm2HJ4pWVVNjkVJCVYr4EwlNOQjooPjP4soooFGEaRShGUVoRmHFKBkR+RsxcyNoKpUrya+M0GG0+wCrEJkRgQePSWBpSfUxJVuxwhOWE/AdAzZnIi5JWGaNpKZJMutEQlJ1wzNKgLagcRgfnMiyVvtOKGVyKcsmrLmCwR+JS4DrsmKxAGOmiMEzSp6yWHoiX3og3GjDmFGyYiPGf8BPCe/wl/mPRXzFT/rI/h/1/kW9/2Gsj07xUxPQ4pzk/yz60415/A0I28VfpfsAcX6CP4+jxsZ/zieFFfxn/Bg1oH8F4z70x9CvQH88UvA92ySfnEAH2++JJGaKxfLnI45KHbAV6kBWrg6kZlY3FvLn+LOUBxE/Rb8U/bN8ipagP4nein6KB+l76J/gtbQW/VG9/w5/WuQ0f4o/iTPTxiciScKEcMQkuiMRo+i+FaHYqL3S9jT/Fn+cckD6zUhRDrCPTBQttSWfgDzGH+TBSL4ttTGe38+62LsgGqNXRE+p/IFInRByOPK0ZjvGD/PDTmuds9BZ7nxIqSqsKq96SNEKtXKtTntIa7TwW8kA52HD8ptwxfnMkT1oTrTD/MaIWhduPIs1iXVxOoTrmIR6cPVLiHC1zM6+I6EGfh1tQeOQcQDtINohtKtIxfVKtM+ifQ7t8xITRAuhjaB8+MHhB4cfHH7J4QeHHxx+cPglh19qD6EJjh5w9ICjBxw9kqMHHD3g6AFHj+QQ9vaAo0dytIOjHRzt4GiXHO3gaAdHOzjaJUc7ONrB0S45nOBwgsMJDqfkcILDCQ4nOJySwwkOJzickqMKHFXgqAJHleSoAkcVOKrAUSU5qsBRBY4qyaGBQwOHBg5Ncmjg0MChgUOTHBo4NHBoksMCDgs4LOCwSA4LOCzgsIDDIjksMj4hNMFxGhynwXEaHKclx2lwnAbHaXCclhynwXEaHKf5yLhyqvEFsJwCyymwnJIsp8ByCiynwHJKspwCyymwnNKXHpTO4EibA2gH0Q6hCd4p8E6Bdwq8U5J3SqZXCE3whsERBkcYHGHJEQZHGBxhcIQlRxgcYXCEJccYOMbAMQaOMckxBo4xcIyBY0xyjMnEDaEJjr89Kf/m0PCrWJcZhys/xEplf5Delv0BekX2n6dx2X+OHpL9Z+lq2V9JdbIfoSLZQ57sg2Qzs4itLrkxEyVgC9ouNB/afWhH0E6imST0EtpraFFe61yiJpu2mO4zHTGdNBmOmE6beLJxi/E+4xHjSaPhiPG0kWuNuTxR1lGUFvqivB7E9fdoOERwbZBQA6+B3hrU2Vq8a3iNM+WM9vsy9lIZO1nGjpSxL5axxjh+MVNlpcOdPofhrMuZULTO9gpaXVHxOlSmW598O8sWKVppm2RPx7pSpwP922jjaA+hXY1Wh1aNVo5WiGaTuDLQdzmX6CKfRitGK0DThArKzMTdTWqK2XmMJ7KHJl5IpDihp7gEfCcixVXoJiPFW9A9FSnutTXGsSepWNwGsScQucfRH4nYXsf0N2PdNyK2E+geidhq0O2MFFeguzRS/KKtMZFtJ5sqWDv1vgPrFv22iO0SkG2N2ErROSLFRYK6DIoKMVvKuuh19IU619KYJnvEthbdkohttaA2U7EIPDNSuTTPgCZ6ZQIG/f4Y61KZc5HtjO1229tg/x0ci/T4mTaponupcJJd4oy3PV3+VRA32iKN8YIe58O43odF/4TtocIbbfdAFit80na3rcJ2a/mkGehbYPeNUkXEdrU2yR93ptkO2apswfLXbQHbJ2wu2zbbzkLgI7bLbE8LM6mbdfHHn7S1Q+BGrKIwYru4cFKa2Grbb3Paim2rtaeFf2lVTG5d+dPCA1Qd074M/i0rnBQ5vr1ukqU4y0zvmA6bLjWtN6012U1LTItN+aZ0c6rZYk4yJ5jjzWaz0ayauZnM6eLnHRzizyvTjeKv18moiqsqYQsXVx77S1POzJw+QeE0pY23daxnbeEpN7X1auH3OuyTLH7rjrDBvp6FU9uorXN9eJWjbdIU3Rauc7SFTe2Xdo0zdms3sGF+wySjzq5JFhWo63LFD1GNM7rultxjxFj2dbd0d5M1c1+DtSF1Xcrq1ubzXHr0q2PuZZ0P5ofvauvoCj+W3x2uFkA0v7stfJX4mapjPJkntjQf40mi6+46pvp5css2gVf9zd0ge12SIZuTQEbFogOZeT1pggz1ZL0gQ4xidEVgB12B6EAXn0hFkq4oPlHSqUzQjb+itTSPa5qkKSR6RdK8UkjzaJAx4G0eLyqSVHaNdQkq1mXXpGGlUpDNBpJymyTBk5tNCrIxqSxcOUdSqJPUzpLUSl0Km6OxxWjSS2Zo0ktA4/gfvjzrHWxieejA8+KXv3rsLR60nvBN+/qt4UO9mjZ+IKT/JFhRT6+7X/QuTzhk9zSHD9ibtfHlz59n+nkxvdzePE7Pt3R2jT/v9DRHljuXt9hdzd0TDfVdjQt03Tirq6v+PMLqhbAuoauh8TzTjWK6QehqFLoaha4GZ4PU1eIVed/eNW6m9eJ3QWQ/wRfFI4d7cgu612da/OtEQh9bW2A9kHtcJfYILXJ0hxPs68OJaGKqvLG8UUxhn4mpJPHzbvqU9cDagtzj7BF9ygJ0in09zbiWBFFbuHZrW7igY0eXSJWw03X+mAXES05bqcXbjH8YB2XDez4lBc77Cp7vFQqFAuIScuApuS1c1tEWXrkVlphMUNXT3A1cxQxOUSRuPC6uZTI6hUkHjGBBoU5ADiZ+I8AZj6cuEx8zjpm4eFQITuTkV/uewQl+EA3PcXwkUimfl/nIxJJC8fwSnKisjfV4PhV9JKegWvwUQR1YRV8Y650p5QAOFx4uP1w3VjhWPlZnFD+08BCQtofEURqpfEihoCMw4wiAwW6K/XQB9N0fycuXiscE4HB0OwLyN17ow6526L8jA6fPOjagSw1I8cGZgMTwAYoRxyYdoRmmkM4iJ0OSRSr8P1jbNhMKZW5kc3RyZWFtCmVuZG9iagoKNiAwIG9iagoxMDgyNQplbmRvYmoKCjcgMCBvYmoKPDwvVHlwZS9Gb250RGVzY3JpcHRvci9Gb250TmFtZS9CQUFBQUErQXJpYWwtQm9sZE1UCi9GbGFncyA0Ci9Gb250QkJveFstNjI3IC0zNzYgMjAwMCAxMDExXS9JdGFsaWNBbmdsZSAwCi9Bc2NlbnQgOTA1Ci9EZXNjZW50IDIxMQovQ2FwSGVpZ2h0IDEwMTAKL1N0ZW1WIDgwCi9Gb250RmlsZTIgNSAwIFI+PgplbmRvYmoKCjggMCBvYmoKPDwvTGVuZ3RoIDI3Mi9GaWx0ZXIvRmxhdGVEZWNvZGU+PgpzdHJlYW0KeJxdkc9uhCAQxu88BcftYQNadbuJMdm62cRD/6S2D6AwWpKKBPHg2xcG2yY9QH7DzDf5ZmB1c220cuzVzqIFRwelpYVlXq0A2sOoNElSKpVwe4S3mDpDmNe22+JgavQwlyVhbz63OLvRw0XOPdwR9mIlWKVHevioWx+3qzFfMIF2lJOqohIG3+epM8/dBAxVx0b6tHLb0Uv+Ct43AzTFOIlWxCxhMZ0A2+kRSMl5RcvbrSKg5b9cskv6QXx21pcmvpTzLKs8p8inPPA9cnENnMX3c+AcOeWBC+Qc+RT7FIEfohb5HBm1l8h14MfIOZrc3QS7YZ8/a6BitdavAJeOs4eplYbffzGzCSo83zuVhO0KZW5kc3RyZWFtCmVuZG9iagoKOSAwIG9iago8PC9UeXBlL0ZvbnQvU3VidHlwZS9UcnVlVHlwZS9CYXNlRm9udC9CQUFBQUErQXJpYWwtQm9sZE1UCi9GaXJzdENoYXIgMAovTGFzdENoYXIgMTEKL1dpZHRoc1s3NTAgNzIyIDYxMCA4ODkgNTU2IDI3NyA2NjYgNjEwIDMzMyAyNzcgMjc3IDU1NiBdCi9Gb250RGVzY3JpcHRvciA3IDAgUgovVG9Vbmljb2RlIDggMCBSCj4+CmVuZG9iagoKMTAgMCBvYmoKPDwKL0YxIDkgMCBSCj4+CmVuZG9iagoKMTEgMCBvYmoKPDwvRm9udCAxMCAwIFIKL1Byb2NTZXRbL1BERi9UZXh0XT4+CmVuZG9iagoKMSAwIG9iago8PC9UeXBlL1BhZ2UvUGFyZW50IDQgMCBSL1Jlc291cmNlcyAxMSAwIFIvTWVkaWFCb3hbMCAwIDU5NSA4NDJdL0dyb3VwPDwvUy9UcmFuc3BhcmVuY3kvQ1MvRGV2aWNlUkdCL0kgdHJ1ZT4+L0NvbnRlbnRzIDIgMCBSPj4KZW5kb2JqCgoxMiAwIG9iago8PC9Db3VudCAxL0ZpcnN0IDEzIDAgUi9MYXN0IDEzIDAgUgo+PgplbmRvYmoKCjEzIDAgb2JqCjw8L1RpdGxlPEZFRkYwMDQ0MDA3NTAwNkQwMDZEMDA3OTAwMjAwMDUwMDA0NDAwNDYwMDIwMDA2NjAwNjkwMDZDMDA2NT4KL0Rlc3RbMSAwIFIvWFlaIDU2LjcgNzczLjMgMF0vUGFyZW50IDEyIDAgUj4+CmVuZG9iagoKNCAwIG9iago8PC9UeXBlL1BhZ2VzCi9SZXNvdXJjZXMgMTEgMCBSCi9NZWRpYUJveFsgMCAwIDU5NSA4NDIgXQovS2lkc1sgMSAwIFIgXQovQ291bnQgMT4+CmVuZG9iagoKMTQgMCBvYmoKPDwvVHlwZS9DYXRhbG9nL1BhZ2VzIDQgMCBSCi9PdXRsaW5lcyAxMiAwIFIKPj4KZW5kb2JqCgoxNSAwIG9iago8PC9BdXRob3I8RkVGRjAwNDUwMDc2MDA2MTAwNkUwMDY3MDA2NTAwNkMwMDZGMDA3MzAwMjAwMDU2MDA2QzAwNjEwMDYzMDA2ODAwNkYwMDY3MDA2OTAwNjEwMDZFMDA2RTAwNjkwMDczPgovQ3JlYXRvcjxGRUZGMDA1NzAwNzIwMDY5MDA3NDAwNjUwMDcyPgovUHJvZHVjZXI8RkVGRjAwNEYwMDcwMDA2NTAwNkUwMDRGMDA2NjAwNjYwMDY5MDA2MzAwNjUwMDJFMDA2RjAwNzIwMDY3MDAyMDAwMzIwMDJFMDAzMT4KL0NyZWF0aW9uRGF0ZShEOjIwMDcwMjIzMTc1NjM3KzAyJzAwJyk+PgplbmRvYmoKCnhyZWYKMCAxNgowMDAwMDAwMDAwIDY1NTM1IGYgCjAwMDAwMTE5OTcgMDAwMDAgbiAKMDAwMDAwMDAxOSAwMDAwMCBuIAowMDAwMDAwMjI0IDAwMDAwIG4gCjAwMDAwMTIzMzAgMDAwMDAgbiAKMDAwMDAwMDI0NCAwMDAwMCBuIAowMDAwMDExMTU0IDAwMDAwIG4gCjAwMDAwMTExNzYgMDAwMDAgbiAKMDAwMDAxMTM2OCAwMDAwMCBuIAowMDAwMDExNzA5IDAwMDAwIG4gCjAwMDAwMTE5MTAgMDAwMDAgbiAKMDAwMDAxMTk0MyAwMDAwMCBuIAowMDAwMDEyMTQwIDAwMDAwIG4gCjAwMDAwMTIxOTYgMDAwMDAgbiAKMDAwMDAxMjQyOSAwMDAwMCBuIAowMDAwMDEyNDk0IDAwMDAwIG4gCnRyYWlsZXIKPDwvU2l6ZSAxNi9Sb290IDE0IDAgUgovSW5mbyAxNSAwIFIKL0lEIFsgPEY3RDc3QjNEMjJCOUY5MjgyOUQ0OUZGNUQ3OEI4RjI4Pgo8RjdENzdCM0QyMkI5RjkyODI5RDQ5RkY1RDc4QjhGMjg+IF0KPj4Kc3RhcnR4cmVmCjEyNzg3CiUlRU9GCg==", + "headers": { + "Content-Type": "application/pdf" + } + } +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_information_collected_file.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_information_collected_file.json new file mode 100644 index 000000000000..1b9fe23274f2 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_information_collected_file.json @@ -0,0 +1,17 @@ +{ + "id": "00000003", + "action": "collectFile", + "status": "succeeded", + "account": "API key", + "file_path": "/home/ec2-user/test_folder/test_file.txt", + "file_sha1": null, + "file_size": null, + "agent_guid": "ab673395-9bf9-49fc-b8ac-7fa15467d20a", + "description": "Collect File.", + "file_sha256": null, + "endpoint_name": "ip-172-31-6-62.us-west-2.compute.internal", + "created_date_time": "2023-08-29T23:06:17Z", + "expired_date_time": "2023-09-08T23:48:54.000Z", + "resource_location": "https://upload.xdr.trendmicro.com/customer/da9032e8-b40a-40c1-8512-f89bb504cb0d/arp/CollectedFiles/XDR_ResponseApp_CollectFile_RM-20230829-00015_ab673395-9bf9-49fc-b8ac-7fa15467d20a_20230829T230618Z.7z?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXQVNLDPDYVQ5MK64%2F20230908%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230908T234754Z&X-Amz-Expires=60&X-Amz-Signature=4811f8048351e3ac5a9be717829d80d118d0336b1103c073ca487226c2cbe87a&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D%22XDR_ResponseApp_CollectFile_RM-20230829-00015_ab673395-9bf9-49fc-b8ac-7fa15467d20a_20230829T230618Z.7z%22", + "last_action_date_time": "2023-08-29T23:06:25Z" +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_investigation_package.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_investigation_package.json new file mode 100644 index 000000000000..875605336498 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_investigation_package.json @@ -0,0 +1,5 @@ +{ + "submission_id": "8559a7ce-2b85-451b-8742-4b943ad76a22", + "result_code": "SUCCESS", + "message": "Please click download to download .zip file." +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_suspicious_object_list.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_suspicious_object_list.json new file mode 100644 index 000000000000..0eef9e78ecc7 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/download_suspicious_object_list.json @@ -0,0 +1,21 @@ +[ + { + "status": 200, + "transformers": ["response-template"], + "jsonBody": { + "items": [ + { + "riskLevel": "high", + "analysisCompletionDateTime": "{{now offset='-10 seconds'}}", + "expiredDateTime": "{{now offset='1 days'}}", + "rootSha1": "fb5608fa03de204a12fe1e9e5275e4a682107471", + "type": "url", + "value": "http://208.67.105.179:80/robinzx.exe" + } + ] + }, + "headers": { + "Content-Type": "application/json" + } + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/enable_user_account.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/enable_user_account.json new file mode 100644 index 000000000000..62cf6a04dcbf --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/enable_user_account.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "https://tmv1-mock.trendmicro.com/v3.0/xdr/response/tasks/00000010" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/force_password_reset.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/force_password_reset.json new file mode 100644 index 000000000000..d59f8e59730a --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/force_password_reset.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000011" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/force_signout.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/force_signout.json new file mode 100644 index 000000000000..2a2893ab13eb --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/force_signout.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000012" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_alert_details.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_alert_details.json new file mode 100644 index 000000000000..859db653b857 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_alert_details.json @@ -0,0 +1,88 @@ +{ + "schemaVersion": "1.3", + "id": "WB-9002-20220909-00111", + "investigationStatus": "New", + "workbenchLink": "https://THE_WORKBENCH_URL", + "alertProvider": "TI", + "modelId": "report--12ea4e6c-2b13-44e4-94a9-4cc8da461258", + "model": "Threat Intelligence Sweeping", + "modelType": "preset", + "campaign": "null", + "industry": "null", + "regionAndCountry": "null", + "createdBy": "n/a", + "totalIndicatorCount": 9, + "matchedIndicatorCount": 1, + "reportLink": "https://THE_TI_REPORT_URL", + "score": 42, + "severity": "medium", + "createdDateTime": "2022-09-09T09:04:36Z", + "updatedDateTime": "2022-09-09T09:04:36Z", + "impactScope": { + "desktopCount": 2, + "serverCount": 0, + "accountCount": 0, + "emailAddressCount": 0, + "containerCount": 0, + "entities": [ + { + "entityType": "host", + "entityValue": { + "guid": "2E7EC0A5-6686-4BE0-BAF8-AD3C2DA19A0D", + "name": "M1-Max", + "ips": ["10.64.25.134"] + }, + "entityId": "2E7EC0A5-6686-4BE0-BAF8-AD3C2DA19A0D", + "managementScopeGroupId": "deadbeef-292e-42ae-86be-d2fef483a248", + "relatedEntities": [], + "relatedIndicatorIds": [1], + "provenance": ["Alert"] + }, + { + "entityType": "host", + "entityValue": { + "guid": "D7E9EC75-4072-2D48-01EF-7A6A95FAD384", + "name": "testdeMacBook-Pro", + "ips": ["10.64.18.27"] + }, + "entityId": "D7E9EC75-4072-2D48-01EF-7A6A95FAD384", + "managementScopeGroupId": "deadbeef-292e-42ae-86be-d2fef483a248", + "relatedEntities": [], + "relatedIndicatorIds": [1], + "provenance": ["Alert"] + } + ] + }, + "indicators": [ + { + "id": 1, + "type": "filename", + "fields": [[]], + "value": "goog-phish-proto-1.vlpset", + "relatedEntities": [ + "2E7EC0A5-6686-4BE0-BAF8-AD3C2DA19A0D", + "D7E9EC75-4072-2D48-01EF-7A6A95FAD384" + ], + "matchedIndicatorPatternIds": [ + "3d206434-58eb-42e4-8355-44ddd394850c" + ], + "firstSeenDateTimes": [ + "2022-07-27T03:00:47.000Z", + "2022-08-16T09:15:06.000Z" + ], + "lastSeenDateTimes": [ + "2022-07-28T01:25:52.000Z", + "2022-08-17T07:05:34.000Z" + ], + "provenance": ["Alert"] + } + ], + "matchedIndicatorPatterns": [ + { + "id": "3d206434-58eb-42e4-8355-44ddd394850c", + "pattern": "[file:name = 'goog-phish-proto-1.vlpset']", + "tags": ["STIX2.malicious-activity"], + "matchedLogs": ["Lengthy log string"] + } + ] +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_email_activity_data.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_email_activity_data.json new file mode 100644 index 000000000000..4ea46206b555 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_email_activity_data.json @@ -0,0 +1,17 @@ +{ + "mailMsgSubject": "test sample", + "mailMsgId": "", + "msgUuid": "AAMkAGRhODQyZDAzLWNmNjEtNDY2OS1iOWM3LWVmODUxMDk4ZjE1ZgBGAAAAAAABcyFCsOdnTohKgA0TJdjUBwAYbtU+cD0jRZmfu0kuMtvEAAAAAAEMAAAYbtU+cD0jRZmfu0kuMtvEAAF/JGRaAAA=", + "mailbox": "user2@example2.com", + "mailSenderIp": "xx.yy.zz.ww", + "mailFromAddresses": ["user3@example3.com"], + "mailWholeHeader": ["Microsoft Azure"], + "mailToAddresses": ["user2@example2.com"], + "mailSourceDomain": "example3.com", + "searchDL": "CAS", + "scanType": "exchange", + "eventTime": 1601249307000, + "org_id": "8d23a000-9a4c-11ea-80f5-1de879102030", + "mailUrlsVisibleLink": ["http://xxxxxx.com"], + "mailUrlsRealLink": ["http://xxxxxx.com"] +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_endpoint_activity_data.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_endpoint_activity_data.json new file mode 100644 index 000000000000..ab4e0bf14c48 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_endpoint_activity_data.json @@ -0,0 +1,45 @@ +{ + "dpt": 443, + "dst": "", + "endpointGuid": "72436165-b5a5-471a-9389-0bdc3647bc33", + "endpointHostName": "xxx-docker", + "endpointIp": ["192.0.2.0"], + "eventId": "1", + "eventSubId": 0, + "objectIntegrityLevel": 0, + "objectTrueType": 0, + "objectSubTrueType": 0, + "winEventId": 3, + "eventTime": 1633124154241, + "eventTimeDT": "2021-10-01T21:35:54.241000+00:00", + "hostName": "xxx-docker", + "logonUser": ["string"], + "objectCmd": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe --type=utility --lang=en-US --no-sandbox", + "objectFileHashSha1": "98A9A1C8F69373B211E5F1E303BA8762F44BC898", + "objectFilePath": "C:\\Program Files (x86)\\temp\\Application\\test.exe", + "objectHostName": "string", + "objectIp": "string", + "objectIps": ["string"], + "objectPort": 0, + "objectRegistryData": "wscript \"C:\\Program Files (x86)\\JNJ\\ITS_IE_PREF\\IE_Preferences.vbs\"", + "objectRegistryKeyHandle": "hklm\\software\\wow6432node\\microsoft\\windows\\currentversion\\run", + "objectRegistryValue": "its_ie_settings", + "objectSigner": ["Microsoft Windows"], + "objectSignerValid": [true], + "objectUser": "SYSTEM", + "os": "Linux", + "parentCmd": "string", + "parentFileHashSha1": "string", + "parentFilePath": "string", + "processCmd": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe --type=utility --lang=en-US --no-sandbox", + "processFileHashSha1": "string", + "processFilePath": "C:\\Program Files (x86)\\temp\\Application\\test.exe", + "request": "https://www.example.com", + "searchDL": "SDL", + "spt": 8080, + "src": "192.169.1.1", + "srcFileHashSha1": "string", + "srcFilePath": "string", + "tags": ["MITRE.T1210"], + "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_endpoint_info.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_endpoint_info.json new file mode 100644 index 000000000000..9bb498bf9515 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_endpoint_info.json @@ -0,0 +1,26 @@ +[ + { + "ip": { + "value": ["192.168.1.31"], + "updated_date_time": "2023-06-10T06:15:43.942Z" + }, + "os_name": "Windows", + "agent_guid": "035f7d86-9872-4fw4-8c78-b67d2e32p462", + "os_version": "6.1 (Build 7601)", + "mac_address": { + "value": ["00:50:56:a9:9f:e8"], + "updated_date_time": "2023-06-10T06:15:43.942Z" + }, + "product_code": "xes", + "endpoint_name": { + "value": "CLIENT32", + "updated_date_time": "2023-07-11T15:38:51Z" + }, + "login_account": { + "value": ["MDGSECURITYAdministrator"], + "updated_date_time": "2023-08-15T20:11:39Z" + }, + "os_description": "Windows 7 6.1 (Build 7601)", + "installed_product_codes": ["sao", "xes"] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_file_analysis_result.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_file_analysis_result.json new file mode 100644 index 000000000000..97d89fe9732e --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_file_analysis_result.json @@ -0,0 +1,15 @@ +{ + "id": "800f908d-9578-4333-91e5-822794ed5483", + "type": "url", + "digest": { + "md5": "8e2ef39aac9e466458557519b789a4e7", + "sha1": "22083a8a88396c95ed54ccdb40216048fd7d269e", + "sha256": "79b5ef7554f8d8031028e9d215ad08e1bbd23d2a96a02ecaff4462bbdedeccbd" + }, + "arguments": "", + "risk_level": "high", + "threat_types": ["Dropper"], + "true_file_type": "URL", + "detection_names": ["VAN_WEB_THREAT.UMXX"], + "analysis_completion_date_time": "2021-01-23T20:32:48Z" +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_file_analysis_status.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_file_analysis_status.json new file mode 100644 index 000000000000..5b34cbf3c3f4 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/get_file_analysis_status.json @@ -0,0 +1,15 @@ +{ + "id": "921674d0-9735-4f79-b7de-c852e00a003d", + "action": "analyzeUrl", + "digest": { + "md5": "8e2ef39aac9e466458557519b789a4e7", + "sha1": "22083a8a88396c95ed54ccdb40216048fd7d269e", + "sha256": "79b5ef7554f8d8031028e9d215ad08e1bbd23d2a96a02ecaff4462bbdedeccbd" + }, + "status": "succeeded", + "arguments": "", + "is_cached": false, + "created_date_time": "2023-08-23T20:28:38Z", + "resource_location": "https://api.xdr.trendmicro.com/v3.0/sandbox/analysisResults/cdc33307-3b39-4650-a366-3a5add4501ad", + "last_action_date_time": "2023-08-23T20:32:48Z" +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/isolate_endpoint.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/isolate_endpoint.json new file mode 100644 index 000000000000..359053101146 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/isolate_endpoint.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000004" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/quarantine_email.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/quarantine_email.json new file mode 100644 index 000000000000..f3f268316901 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/quarantine_email.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000002" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_blocklist.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_blocklist.json new file mode 100644 index 000000000000..da43cb612a48 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_blocklist.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000008" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_exception.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_exception.json new file mode 100644 index 000000000000..7ee0a549796c --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_exception.json @@ -0,0 +1,7 @@ +[ + { + "status": 204, + "total_items": 10, + "message": "success" + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_suspicious_list.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_suspicious_list.json new file mode 100644 index 000000000000..7ee0a549796c --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/remove_suspicious_list.json @@ -0,0 +1,7 @@ +[ + { + "status": 204, + "total_items": 10, + "message": "success" + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/restore_email_message.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/restore_email_message.json new file mode 100644 index 000000000000..c82aa2c4777d --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/restore_email_message.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000003" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/restore_endpoint.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/restore_endpoint.json new file mode 100644 index 000000000000..eb29888a424a --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/restore_endpoint.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000005" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/sandbox_submission_polling.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/sandbox_submission_polling.json new file mode 100644 index 000000000000..bd380126a741 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/sandbox_submission_polling.json @@ -0,0 +1,24 @@ +[ + { + "id": "8559a7ce-2b85-451b-8742-4b943ad76a22", + "action": "analyzeFile", + "status": 200, + "error": { "code": "", "message": "" }, + "created_date_time": "2021-05-07T03:07:40Z", + "last_action_date_time": "2021-05-07T03:08:40Z", + "resource_location": "https://apimock-dev.trendmicro.com/v3.0/sandbox/analysisResults/012e4eac-9bd9-4e89-95db-77e02f75a6f3", + "is_cached": "true", + "digest": { + "md5": "4ac174730d4143a119037d9fda81c7a9", + "sha1": "fb5608fa03de204a12fe1e9e5275e4a682107471", + "sha256": "65b0f656e79ab84ca17807158e3eac206bd58be6689ddeb95956a48748d138f9" + }, + "arguments": "LS10ZXN0IA==", + "type": "file", + "analysis_completion_date_time": "2021-05-07T03:08:40Z", + "risk_level": "high", + "detection_names": ["VAN_DROPPER.UMXX"], + "threat_types": ["Dropper"], + "true_file_type": "exe" + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/submit_file_to_sandbox.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/submit_file_to_sandbox.json new file mode 100644 index 000000000000..1b1d4d8e7f11 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/submit_file_to_sandbox.json @@ -0,0 +1,11 @@ +{ + "code": 202, + "message": "SUCCESS", + "task_id": "012e4eac-9bd9-4e89-95db-77e02f75a6f3", + "digest": { + "md5": "4ac174730d4143a119037d9fda81c7a9", + "sha1": "fb5608fa03de204a12fe1e9e5275e4a682107471", + "sha256": "65b0f656e79ab84ca17807158e3eac206bd58be6689ddeb95956a48748d138f9" + }, + "arguments": "LS10ZXN0IA==" +} diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/submit_urls_sandbox.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/submit_urls_sandbox.json new file mode 100644 index 000000000000..1827cff5848b --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/submit_urls_sandbox.json @@ -0,0 +1,18 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000005" + } + ], + "url": "https://www.trendmicro.com", + "id": "012e4eac-9bd9-4e89-95db-77e02f75a6f5", + "digest": { + "md5": "f3a2e1227de8d5ae7296665c1f34b28d", + "sha1": "d79bff55069994b1c11f7856f9f029de36adfd8f", + "sha256": "619a273ee4d25fb4aeb97e89c554fcfbdbc82e22d840cfdb364a8f1932f48160" + } + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/terminate_process.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/terminate_process.json new file mode 100644 index 000000000000..1086c5fe9be6 --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/terminate_process.json @@ -0,0 +1,11 @@ +[ + { + "status": 202, + "headers": [ + { + "name": "Operation-Location", + "value": "{{request.baseUrl}}/v3.0/xdr/response/tasks/00000006" + } + ] + } +] diff --git a/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/update_status.json b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/update_status.json new file mode 100644 index 000000000000..aa0a2f55ab6e --- /dev/null +++ b/Packs/TrendMicroVisionOne/Integrations/TrendMicroVisionOneV3/test_data/update_status.json @@ -0,0 +1,7 @@ +[ + { + "code": 204, + "Workbench_Id": "WB-20837-20220418-00000", + "message": "Successfully updated status for WB-20837-20220418-00000 to In Progress." + } +] diff --git a/Packs/TrendMicroVisionOne/ReleaseNotes/4_0_0.json b/Packs/TrendMicroVisionOne/ReleaseNotes/4_0_0.json new file mode 100644 index 000000000000..d1b9b642e8ef --- /dev/null +++ b/Packs/TrendMicroVisionOne/ReleaseNotes/4_0_0.json @@ -0,0 +1,4 @@ +{ + "breakingChanges": true, + "breakingChangesNotes": "enable-user-account: The users can now pass multiple accounts in one call. Pass a dictionary object containing `account_name` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. disable-user-account: The users can now pass multiple accounts in one call. Pass a dictionary object containing `account_name` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. force-signout: The users can now pass multiple accounts in one call. Pass a dictionary object containing `account_name` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. force-password-reset: The users can now pass multiple accounts in one call. Pass a dictionary object containing `account_name` and optional `description` object in a comma separated list. The action now returns `status` and `task_id`. add-to-block-list: Multiple items can be added to block list in one call. Pass a dictionary object containing `object_type`, `object_value` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. remove-from-block-list: Multiple items can be removed from block list in one call. Pass a dictionary object containing `object_type`, `object_value` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. quarantine-email-message: Multiple emails can be quarantined in one call. Pass a dictionary object containing `unique_id` and optional `description` or `message_id`, `mailbox` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. delete-email-message: Multiple emails can be deleted in one call. Pass a dictionary object containing `unique_id` and optional `description` or `message_id`, `mailbox` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. check-task-status: This action is mostly unchanged. The only difference is the return context output variable names. The output context now follows snake case format. isolate-endpoint: Multiple endpoints can be isolated in one call. Pass a dictionary object containing `endpoint` (hostname) and optional `description` or `agent_guid` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. restore-endpoint-connection: Multiple endpoints can be restored in one call. Pass a dictionary object containing `endpoint` (hostname) and optional `description` or `agent_guid` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. add-objects-to-exception-list: Multiple objects can be added to exception list in one call. Pass a dictionary object containing `object_type`, `object_value` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. delete-objects-from-exception-list: Multiple objects can be removed from exception list in one call. Pass a dictionary object containing `object_type`, `object_value` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. add-objects-to-suspicious-list: Multiple objects can be added to suspicious list in one call. Pass a dictionary object containing `object_type`, `object_value` and optional `description`, `scan_action`, `risk_level` and `days_to_expiration` in a comma separated list. The action now returns `status` and `task_id`. delete-objects-from-suspicious-list: Multiple objects can be removed from suspicious list in one call. Pass a dictionary object containing `object_type`, `object_value` and optional `description` in a comma separated list. The action now returns `status` and `task_id`. get-endpoint-info: Multiple endpoints can be queried in one call. Pass a comma separated string containing `ip`, `agent_gui` or `hostname`, terminate-process: Multiple processes can be terminated in one call. Pass a dictionary object containing `endpoint` (hostname) or `agent_guid`, `fileSha1` and optional `fileName` and `description`. The action now returns `status` and `task_id`. collect-forensic-file: Multiple files can be collected in one call. Pass a dictionary object containing `endpoint` (hostname) or `agent_guid`, `filePath` and optional `description`. The action now returns `status` and `task_id`. download-information-for-collected-forensic-file: This action is mostly unchanged. The only difference is the return context output variable names. The output context now follows snake case format. download-suspicious-object-list: This action is mostly unchanged. The only difference is the return context output variable names. The output context now follows snake case format. get-file-analysis-status: This action is mostly unchanged. The only difference is the return context output variable names. The output context now follows snake case format. get-file-analysis-result: This action is mostly unchanged. The only difference is the return context output variable names. The output context now follows snake case format. download-analysis-report: The analysis report now returns the `file_added` string which indicates the name of the analysis report (.pdf format), download-investigation-package: The investigation package now returns the `file_added` string which indicates the name of the investigation package (.zip format). submit-file-to-sandbox: This action is mostly unchanged. The only difference is the return context output variable names. The output context now follows snake case format. update-status: This action now accepts an additional `if_match` argument. The status of a workbench alert is only updated when a valid `if_match` (Etag) is provided, add-note: This action is mostly unchanged. The only difference is the return context output variable names. The output context now follows snake case format." +} diff --git a/Packs/TrendMicroVisionOne/ReleaseNotes/4_0_0.md b/Packs/TrendMicroVisionOne/ReleaseNotes/4_0_0.md new file mode 100644 index 000000000000..782dd21fb584 --- /dev/null +++ b/Packs/TrendMicroVisionOne/ReleaseNotes/4_0_0.md @@ -0,0 +1,16 @@ + +#### Integrations + +##### Trend Micro Vision One Event Collector + + +##### Trend Micro Vision One V3. + +- Updated the Docker image to: *demisto/pytmv1:0.6.2.83411*. +- Added pytmv1 package to make the integration uniform and follow Trend standards. +- Updated get_endpoint_info action to accept multiple endpoints using a comma separated string. +- Multiple requests can now be made for a single action call. +- Added an action to fetch all endpoint activity data and all email activity data where pagination is automatically handled. +- Added an action to fetch endpoint activity data and an action to fetch email activity data where results are limited to the integer value provided for the `top` field. +- Added an action to fetch endpoint activity count and an action to fetch email activity count. This helps in determining whether the user would like to fetch all or only limited results for endpoint or email activity. +- Fixed an issue where the last_event time was causing duplication of incidents. diff --git a/Packs/TrendMicroVisionOne/pack_metadata.json b/Packs/TrendMicroVisionOne/pack_metadata.json index fc4ceeb8b9e2..8905e909c12c 100755 --- a/Packs/TrendMicroVisionOne/pack_metadata.json +++ b/Packs/TrendMicroVisionOne/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Trend Micro Vision One", "description": "Trend Micro Vision One is a purpose-built threat defense platform that provides added value and new benefits beyond XDR solutions, allowing you to see more and respond faster. Providing deep and broad extended detection and response(XDR) capabilities that collect and automatically correlate data across multiple security layers—email, endpoints, servers, cloud workloads, and networks—Trend Micro Vision One prevents the majority of attacks with automated protection.", "support": "partner", - "currentVersion": "3.0.4", + "currentVersion": "4.0.0", "serverMinVersion": "6.2.0", "author": "Trend Micro", "url": "https://success.trendmicro.com", From bdfdcabf653b474e4a97d06e7cef5bd04a53ef6d Mon Sep 17 00:00:00 2001 From: Sasha Sokolovich <88268646+ssokolovich@users.noreply.github.com> Date: Wed, 13 Dec 2023 12:45:46 +0200 Subject: [PATCH 26/50] Fix MDE settings description (#31398) * updated script description * RN * updated rn * updated rn * updated rn * Bump pack from version MicrosoftDefenderAdvancedThreatProtection to 1.16.21. --------- Co-authored-by: Content Bot --- .../MicrosoftDefenderAdvancedThreatProtection.yml | 6 +++--- .../MicrosoftDefenderAdvancedThreatProtection/README.md | 4 ++-- .../ReleaseNotes/1_16_21.md | 6 ++++++ .../pack_metadata.json | 2 +- 4 files changed, 12 insertions(+), 6 deletions(-) create mode 100644 Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_21.md diff --git a/Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/MicrosoftDefenderAdvancedThreatProtection.yml b/Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/MicrosoftDefenderAdvancedThreatProtection.yml index b619256519e0..7b8aa2e5b899 100644 --- a/Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/MicrosoftDefenderAdvancedThreatProtection.yml +++ b/Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/MicrosoftDefenderAdvancedThreatProtection.yml @@ -123,7 +123,7 @@ configuration: section: Connect required: false - defaultvalue: New - display: 'Status to filter out alerts for fetching as incidents. Comma-separated lists are supported, e.g., New,Resolved.' + display: 'Status for fetching alerts as incidents. Comma-separated lists are supported, e.g., New,Resolved.' name: fetch_status options: - New @@ -151,7 +151,7 @@ configuration: advanced: true required: false - defaultvalue: Informational,Low,Medium,High - display: 'Severity to filter out alerts for fetching as incidents. Comma-separated lists are supported, e.g., Medium,High.' + display: 'Severity for fetching alerts as incidents. Comma-separated lists are supported, e.g., Medium,High.' name: fetch_severity type: 16 options: @@ -5534,7 +5534,7 @@ script: execution: false name: microsoft-atp-auth-reset arguments: [] - dockerimage: demisto/crypto:1.0.0.82826 + dockerimage: demisto/crypto:1.0.0.83343 isfetch: true runonce: false script: '-' diff --git a/Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/README.md b/Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/README.md index f67cd3b80680..d4c68adee470 100644 --- a/Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/README.md +++ b/Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/README.md @@ -77,9 +77,9 @@ Please add the following permissions to the app registration. Choose application | Application redirect URI (for authorization code mode) | | False | | Authorization code | for user-auth mode - received from the authorization step. see Detailed Instructions section | False | | Azure Managed Identities Client ID | The Managed Identities client ID for authentication - relevant only if the integration is running on Azure VM. | UUID | - | Status to filter out alerts for fetching as incidents | The property values are, "New", "InProgress" or "Resolved". Comma-separated lists are supported, e.g., New,Resolved. | New,In Progress,Resolved | + | Status for fetching alerts as incidents | The property values are, "New", "InProgress" or "Resolved". Comma-separated lists are supported, e.g., New,Resolved. | New,In Progress,Resolved | | DetecitonSource to filter out alters for fetching as incidents. | The property values are, "Antivirus", "CustomDetection", "CustomTI", "EDR" and "MDO". Comma-separated lists are supported, e.g., Antivirus,EDR. | CustomDetection,EDR | - | Severity to filter out alerts for fetching as incidents | The property values are, "Informational", "Low", "Medium" and "High". Comma-separated lists are supported, e.g., Medium,High. | Medium,High | + | Severity for fetching alerts as incidents| The property values are, "Informational", "Low", "Medium" and "High". Comma-separated lists are supported, e.g., Medium,High. | Medium,High | | Maximum number of incidents to fetch | The maximum number of incidents to retrieve per fetch. | 50 | | Trust any Certificate (Not Secure) | When selected, certificates are not checked. | N/A | | Fetch alert evidence | When selected, fetches alerts in Microsoft Defender. | N/A | diff --git a/Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_21.md b/Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_21.md new file mode 100644 index 000000000000..25020d7776ab --- /dev/null +++ b/Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_21.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### Microsoft Defender for Endpoint +- Updated the Docker image to: *demisto/crypto:1.0.0.83343*. +- Updated the settings' descriptions. diff --git a/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json b/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json index 280a8641e397..dbf4ac05547d 100644 --- a/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json +++ b/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Defender for Endpoint", "description": "Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection (ATP)) is a unified platform for preventative protection, post-breach detection, automated investigation, and response.", "support": "xsoar", - "currentVersion": "1.16.20", + "currentVersion": "1.16.21", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 6bc34f941716f9c565608d604c2fe3687affd7b8 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 13 Dec 2023 13:21:49 +0200 Subject: [PATCH 27/50] Update Docker Image To demisto/netutils (#31428) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Scripts/CompareIndicators/CompareIndicators.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/IPv4Blacklist/IPv4Blacklist.yml Docker image update * Packs/FiltersAndTransformers/Scripts/IsRFC1918Address/IsRFC1918Address.yml Docker image update * Packs/FiltersAndTransformers/Scripts/IPv4Whitelist/IPv4Whitelist.yml Docker image update * Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml Docker image update * Bump pack from version FiltersAndTransformers to 1.2.46. * Add RN and update pack_metadata file * add README for IsNotInCidrRanges script --------- Co-authored-by: Content Bot Co-authored-by: israelpolishook --- Packs/DeveloperTools/ReleaseNotes/1_3_6.md | 3 +++ .../CompareIndicators/CompareIndicators.yml | 2 +- Packs/DeveloperTools/pack_metadata.json | 2 +- .../ReleaseNotes/1_2_46.md | 10 ++++++++ .../Scripts/IPv4Blacklist/IPv4Blacklist.yml | 2 +- .../Scripts/IPv4Whitelist/IPv4Whitelist.yml | 2 +- .../IsNotInCidrRanges/IsNotInCidrRanges.yml | 2 +- .../Scripts/IsNotInCidrRanges/README.md | 25 +++++++++++++++++++ .../IsRFC1918Address/IsRFC1918Address.yml | 2 +- .../FiltersAndTransformers/pack_metadata.json | 2 +- 10 files changed, 45 insertions(+), 7 deletions(-) create mode 100644 Packs/DeveloperTools/ReleaseNotes/1_3_6.md create mode 100644 Packs/FiltersAndTransformers/ReleaseNotes/1_2_46.md create mode 100644 Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/README.md diff --git a/Packs/DeveloperTools/ReleaseNotes/1_3_6.md b/Packs/DeveloperTools/ReleaseNotes/1_3_6.md new file mode 100644 index 000000000000..ecea48acca9c --- /dev/null +++ b/Packs/DeveloperTools/ReleaseNotes/1_3_6.md @@ -0,0 +1,3 @@ +#### Scripts +##### CompareIndicators +- Updated the Docker image to: *demisto/netutils:1.0.0.83404*. \ No newline at end of file diff --git a/Packs/DeveloperTools/Scripts/CompareIndicators/CompareIndicators.yml b/Packs/DeveloperTools/Scripts/CompareIndicators/CompareIndicators.yml index 83143049eece..c560227c53d9 100644 --- a/Packs/DeveloperTools/Scripts/CompareIndicators/CompareIndicators.yml +++ b/Packs/DeveloperTools/Scripts/CompareIndicators/CompareIndicators.yml @@ -26,7 +26,7 @@ outputs: type: String scripttarget: 0 subtype: python3 -dockerimage: demisto/netutils:1.0.0.79439 +dockerimage: demisto/netutils:1.0.0.83404 runas: DBotWeakRole tests: - No test diff --git a/Packs/DeveloperTools/pack_metadata.json b/Packs/DeveloperTools/pack_metadata.json index 13d11886be49..00f9ced12290 100644 --- a/Packs/DeveloperTools/pack_metadata.json +++ b/Packs/DeveloperTools/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Developer Tools", "description": "Basic tools for content development.", "support": "community", - "currentVersion": "1.3.5", + "currentVersion": "1.3.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FiltersAndTransformers/ReleaseNotes/1_2_46.md b/Packs/FiltersAndTransformers/ReleaseNotes/1_2_46.md new file mode 100644 index 000000000000..e748d51aaa5a --- /dev/null +++ b/Packs/FiltersAndTransformers/ReleaseNotes/1_2_46.md @@ -0,0 +1,10 @@ + +#### Scripts +##### IPv4Blacklist +- Updated the Docker image to: *demisto/netutils:1.0.0.83404*. +##### IsRFC1918Address +- Updated the Docker image to: *demisto/netutils:1.0.0.83404*. +##### IPv4Whitelist +- Updated the Docker image to: *demisto/netutils:1.0.0.83404*. +##### IsNotInCidrRanges +- Updated the Docker image to: *demisto/netutils:1.0.0.83404*. \ No newline at end of file diff --git a/Packs/FiltersAndTransformers/Scripts/IPv4Blacklist/IPv4Blacklist.yml b/Packs/FiltersAndTransformers/Scripts/IPv4Blacklist/IPv4Blacklist.yml index ff4cb323b05a..f1115002ae83 100644 --- a/Packs/FiltersAndTransformers/Scripts/IPv4Blacklist/IPv4Blacklist.yml +++ b/Packs/FiltersAndTransformers/Scripts/IPv4Blacklist/IPv4Blacklist.yml @@ -21,7 +21,7 @@ args: description: Array or comma-separated list of IPv4 ranges, in CIDR notation, against which to match the IPv4 addresses. isArray: true scripttarget: 0 -dockerimage: demisto/netutils:1.0.0.74582 +dockerimage: demisto/netutils:1.0.0.83404 runas: DBotWeakRole tests: - No test - unit test diff --git a/Packs/FiltersAndTransformers/Scripts/IPv4Whitelist/IPv4Whitelist.yml b/Packs/FiltersAndTransformers/Scripts/IPv4Whitelist/IPv4Whitelist.yml index 1463823c12c7..97128de6af30 100644 --- a/Packs/FiltersAndTransformers/Scripts/IPv4Whitelist/IPv4Whitelist.yml +++ b/Packs/FiltersAndTransformers/Scripts/IPv4Whitelist/IPv4Whitelist.yml @@ -21,7 +21,7 @@ args: description: Array or comma-separated list of IPv4 ranges, in CIDR notation, against which to match the IPv4 addresses. isArray: true scripttarget: 0 -dockerimage: demisto/netutils:1.0.0.74582 +dockerimage: demisto/netutils:1.0.0.83404 runas: DBotWeakRole tests: - No test - unit test diff --git a/Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml b/Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml index 8020649f7eb7..f1985e4b7e71 100644 --- a/Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml +++ b/Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml @@ -17,7 +17,7 @@ args: required: true description: Comma-separated list of IPv4 ranges in CIDR notation against which to match. scripttarget: 0 -dockerimage: demisto/netutils:1.0.0.74582 +dockerimage: demisto/netutils:1.0.0.83404 runas: DBotWeakRole tests: - No test - unit test diff --git a/Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/README.md b/Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/README.md new file mode 100644 index 000000000000..0ede7afe9b02 --- /dev/null +++ b/Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/README.md @@ -0,0 +1,25 @@ +Checks whether an IPv4 address is not contained in one or more comma-delimited CIDR ranges. + +## Script Data + +--- + +| **Name** | **Description** | +| --- | --- | +| Script Type | python3 | +| Tags | filter | +| Cortex XSOAR Version | 5.0.0 | + +## Inputs + +--- + +| **Argument Name** | **Description** | +| --- | --- | +| left | IPv4 address to filter. | +| right | Comma-separated list of IPv4 ranges in CIDR notation against which to match. | + +## Outputs + +--- +There are no outputs for this script. diff --git a/Packs/FiltersAndTransformers/Scripts/IsRFC1918Address/IsRFC1918Address.yml b/Packs/FiltersAndTransformers/Scripts/IsRFC1918Address/IsRFC1918Address.yml index 5ed45b5da9c5..c741265fc394 100644 --- a/Packs/FiltersAndTransformers/Scripts/IsRFC1918Address/IsRFC1918Address.yml +++ b/Packs/FiltersAndTransformers/Scripts/IsRFC1918Address/IsRFC1918Address.yml @@ -16,7 +16,7 @@ args: - name: left description: The IPv4 address to check (can be used instead of the value argument). scripttarget: 0 -dockerimage: demisto/netutils:1.0.0.74582 +dockerimage: demisto/netutils:1.0.0.83404 runas: DBotWeakRole tests: - IsRFC1918-Test diff --git a/Packs/FiltersAndTransformers/pack_metadata.json b/Packs/FiltersAndTransformers/pack_metadata.json index b87d16750b75..bbd3431e29fa 100644 --- a/Packs/FiltersAndTransformers/pack_metadata.json +++ b/Packs/FiltersAndTransformers/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Filters And Transformers", "description": "Frequently used filters and transformers pack.", "support": "xsoar", - "currentVersion": "1.2.45", + "currentVersion": "1.2.46", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From ac8156f56ff23a07ffbebbd097cf2ff65c115e9f Mon Sep 17 00:00:00 2001 From: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Date: Wed, 13 Dec 2023 14:07:41 +0200 Subject: [PATCH 28/50] Armis fix url suffix (#31434) * Armis add suffix to base url * RN * Add UT * doc review * docker --- Packs/Armis/Integrations/Armis/Armis.py | 2 ++ Packs/Armis/Integrations/Armis/Armis.yml | 2 +- Packs/Armis/Integrations/Armis/Armis_test.py | 28 ++++++++++++++++++++ Packs/Armis/ReleaseNotes/1_1_10.md | 7 +++++ Packs/Armis/pack_metadata.json | 2 +- 5 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 Packs/Armis/ReleaseNotes/1_1_10.md diff --git a/Packs/Armis/Integrations/Armis/Armis.py b/Packs/Armis/Integrations/Armis/Armis.py index 82bd81384e72..3d8f00b8b6bb 100755 --- a/Packs/Armis/Integrations/Armis/Armis.py +++ b/Packs/Armis/Integrations/Armis/Armis.py @@ -644,6 +644,8 @@ def main(): # get the service API url base_url = params.get('url') + if 'api/v1' not in base_url: + base_url = urljoin(base_url, '/api/v1/') verify = not params.get('insecure', False) # How much time before the first fetch to retrieve incidents diff --git a/Packs/Armis/Integrations/Armis/Armis.yml b/Packs/Armis/Integrations/Armis/Armis.yml index ee18c1654479..8b309f667923 100644 --- a/Packs/Armis/Integrations/Armis/Armis.yml +++ b/Packs/Armis/Integrations/Armis/Armis.yml @@ -385,7 +385,7 @@ script: - contextPath: Armis.Device.visibility description: The visibility of the device. type: String - dockerimage: demisto/python3:3.10.13.78960 + dockerimage: demisto/python3:3.10.13.83255 isfetch: true runonce: false script: '-' diff --git a/Packs/Armis/Integrations/Armis/Armis_test.py b/Packs/Armis/Integrations/Armis/Armis_test.py index c64d2aef3ce7..2efb25cd6d18 100755 --- a/Packs/Armis/Integrations/Armis/Armis_test.py +++ b/Packs/Armis/Integrations/Armis/Armis_test.py @@ -7,6 +7,7 @@ import time import CommonServerPython +import demistomock as demisto def test_untag_device_success(requests_mock): @@ -429,3 +430,30 @@ def test_fetch_incidents_no_duplicates(mocker): assert incidents[0]['rawJSON'] == json.dumps(armis_incident) _, incidents = fetch_incidents(client, next_run, '', 'Low', [], [], '', 1) assert not incidents + + +class MockClient: + def __init__(self, secret: str, base_url: str, verify: bool, proxy): + pass + + +def test_url_parameter(mocker): + """ + Given: + - Instance parameters with a base URL without `api/v1` prefix. + + When: + - Running the main function and configured the client class. + + Then: + - Ensure that hte base URL in the client class is with teh `api/v1` prefix. + + """ + from Armis import main + + mocker.patch.object(demisto, 'params', return_value={'url': 'test.com'}) + mock_client = mocker.patch('Armis.Client', side_effect=MockClient) + + main() + + assert mock_client.call_args.kwargs['base_url'] == 'test.com/api/v1/' diff --git a/Packs/Armis/ReleaseNotes/1_1_10.md b/Packs/Armis/ReleaseNotes/1_1_10.md new file mode 100644 index 000000000000..25986c7f07ed --- /dev/null +++ b/Packs/Armis/ReleaseNotes/1_1_10.md @@ -0,0 +1,7 @@ + +#### Integrations + +##### Armis + +- Fixed an issue in the **Server URL** parameter without `api/v1` suffix. +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/Armis/pack_metadata.json b/Packs/Armis/pack_metadata.json index c7f4b6b54dfe..b4a190723472 100755 --- a/Packs/Armis/pack_metadata.json +++ b/Packs/Armis/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Armis", "description": "Agentless and passive security platform that sees, identifies, and classifies every device, tracks behavior, identifies threats, and takes action automatically to protect critical information and systems", "support": "partner", - "currentVersion": "1.1.9", + "currentVersion": "1.1.10", "author": "Armis Corporation", "url": "https://support.armis.com/", "email": "support@armis.com", From abce390c63a7cfe24d60248591ef1efee7b3cabf Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 13 Dec 2023 16:07:36 +0200 Subject: [PATCH 29/50] Update Docker Image To demisto/python3 (#31439) * Updated Metadata Of Pack Active_Directory_Query * Added release notes to pack Active_Directory_Query * Packs/Active_Directory_Query/Scripts/SendEmailToManager/SendEmailToManager.yml Docker image update * Updated Metadata Of Pack ServiceNow * Added release notes to pack ServiceNow * Packs/ServiceNow/Scripts/ServiceNowUpdateIncident/ServiceNowUpdateIncident.yml Docker image update * Packs/ServiceNow/Scripts/ServiceNowQueryIncident/ServiceNowQueryIncident.yml Docker image update * Packs/ServiceNow/Scripts/ServiceNowCreateIncident/ServiceNowCreateIncident.yml Docker image update * Packs/ServiceNow/Scripts/ServiceNowAddComment/ServiceNowAddComment.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook --- .../ReleaseNotes/1_6_27.md | 4 ++++ .../SendEmailToManager/SendEmailToManager.yml | 12 +++++------ .../Active_Directory_Query/pack_metadata.json | 2 +- Packs/ServiceNow/ReleaseNotes/2_5_47.md | 10 ++++++++++ .../ServiceNowAddComment.yml | 6 +++--- .../ServiceNowCreateIncident.yml | 14 ++++++------- .../ServiceNowQueryIncident.yml | 16 +++++++-------- .../ServiceNowUpdateIncident.yml | 20 +++++++++---------- Packs/ServiceNow/pack_metadata.json | 2 +- 9 files changed, 50 insertions(+), 36 deletions(-) create mode 100644 Packs/Active_Directory_Query/ReleaseNotes/1_6_27.md create mode 100644 Packs/ServiceNow/ReleaseNotes/2_5_47.md diff --git a/Packs/Active_Directory_Query/ReleaseNotes/1_6_27.md b/Packs/Active_Directory_Query/ReleaseNotes/1_6_27.md new file mode 100644 index 000000000000..71284609cb46 --- /dev/null +++ b/Packs/Active_Directory_Query/ReleaseNotes/1_6_27.md @@ -0,0 +1,4 @@ + +#### Scripts +##### SendEmailToManager +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/Active_Directory_Query/Scripts/SendEmailToManager/SendEmailToManager.yml b/Packs/Active_Directory_Query/Scripts/SendEmailToManager/SendEmailToManager.yml index c3703264d80a..56dcca3cb14b 100644 --- a/Packs/Active_Directory_Query/Scripts/SendEmailToManager/SendEmailToManager.yml +++ b/Packs/Active_Directory_Query/Scripts/SendEmailToManager/SendEmailToManager.yml @@ -8,11 +8,11 @@ type: python subtype: python3 tags: - communication -comment: Send an approval email to the manager of the employee with the given email allowing the manager to reply directly into the incident +comment: Send an approval email to the manager of the employee with the given email allowing the manager to reply directly into the incident. system: true args: - name: email - description: The employee email. We will send an email to his manager. If not provided will be taken from incident label 'Email/from' + description: The employee email. We will send an email to his manager. If not provided will be taken from incident label 'Email/from'. - name: manager description: The manager attribute in Active Directory. Default is 'manager'. - name: allowReply @@ -20,15 +20,15 @@ args: predefined: - "true" - "false" - description: If true, we will add an entitlement to the subject allowing manager to reply to war room + description: If true, we will add an entitlement to the subject allowing manager to reply to war room. - name: body description: The contents of the email body. It's a template that can include $empName and $managerName which will be replaced with actual values. - name: request description: The contents of the request from the manager. Will be added below the body. If none is provided, incident details will be taken. - name: replyEntriesTag - description: Tag to add on email reply entries + description: Tag to add on email reply entries. - name: persistent - description: Indicates whether to use one-time entitlement or a persistent one + description: Indicates whether to use one-time entitlement or a persistent one. auto: PREDEFINED predefined: - "true" @@ -42,4 +42,4 @@ dependson: timeout: 0s tests: - No test -dockerimage: demisto/python3:3.10.12.66339 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/Active_Directory_Query/pack_metadata.json b/Packs/Active_Directory_Query/pack_metadata.json index ab918b9bcabd..ca8634084aa3 100644 --- a/Packs/Active_Directory_Query/pack_metadata.json +++ b/Packs/Active_Directory_Query/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Active Directory Query", "description": "Active Directory Query integration enables you to access and manage Active Directory objects (users, contacts, and computers).", "support": "xsoar", - "currentVersion": "1.6.26", + "currentVersion": "1.6.27", "author": "Cortex XSOAR", "url": "", "email": "", diff --git a/Packs/ServiceNow/ReleaseNotes/2_5_47.md b/Packs/ServiceNow/ReleaseNotes/2_5_47.md new file mode 100644 index 000000000000..33b355bef059 --- /dev/null +++ b/Packs/ServiceNow/ReleaseNotes/2_5_47.md @@ -0,0 +1,10 @@ + +#### Scripts +##### ServiceNowUpdateIncident +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ServiceNowQueryIncident +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ServiceNowCreateIncident +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ServiceNowAddComment +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/ServiceNow/Scripts/ServiceNowAddComment/ServiceNowAddComment.yml b/Packs/ServiceNow/Scripts/ServiceNowAddComment/ServiceNowAddComment.yml index 12452cbe1715..fb4e04308b90 100644 --- a/Packs/ServiceNow/Scripts/ServiceNowAddComment/ServiceNowAddComment.yml +++ b/Packs/ServiceNow/Scripts/ServiceNowAddComment/ServiceNowAddComment.yml @@ -1,10 +1,10 @@ args: -- description: Note to be added as comment or worknote to servicenow +- description: Note to be added as comment or worknote to servicenow. name: note required: true - auto: PREDEFINED defaultValue: comment - description: Tag as a comment or a work_notes. Default is "comment" + description: Tag as a comment or a work_notes. Default is "comment". name: tag predefined: - comment @@ -25,7 +25,7 @@ contentitemexportablefields: dependson: must: - '|||servicenow-add-comment' -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: ServiceNowAddComment runas: DBotWeakRole diff --git a/Packs/ServiceNow/Scripts/ServiceNowCreateIncident/ServiceNowCreateIncident.yml b/Packs/ServiceNow/Scripts/ServiceNowCreateIncident/ServiceNowCreateIncident.yml index 84e05308a824..6e416864b0d5 100644 --- a/Packs/ServiceNow/Scripts/ServiceNowCreateIncident/ServiceNowCreateIncident.yml +++ b/Packs/ServiceNow/Scripts/ServiceNowCreateIncident/ServiceNowCreateIncident.yml @@ -5,14 +5,14 @@ args: - 1 - High - 2 - Medium - 3 - Low - description: Incident severity + description: Incident severity. - name: assignee - description: Incident assigne name (e.g John Smith) + description: Incident assigne name (e.g John Smith). - name: description required: true - description: Incident description + description: Incident description. - name: assigned_group - description: Incident assigned group name (e.g Incident Management Group) + description: Incident assigned group name (e.g Incident Management Group). commonfields: id: ServiceNowCreateIncident version: -1 @@ -23,10 +23,10 @@ comment: |- code and work with the records easily. outputs: - contextPath: ServiceNow.Incident.ID - description: Incident ID + description: Incident ID. type: string - contextPath: ServiceNow.Incident.Number - description: Incident number + description: Incident number. type: string enabled: true script: '-' @@ -43,6 +43,6 @@ dependson: tests: - No test - Hibernating instance fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 skipprepare: - script-name-incident-to-alert diff --git a/Packs/ServiceNow/Scripts/ServiceNowQueryIncident/ServiceNowQueryIncident.yml b/Packs/ServiceNow/Scripts/ServiceNowQueryIncident/ServiceNowQueryIncident.yml index e3c736268085..8b786d848d76 100644 --- a/Packs/ServiceNow/Scripts/ServiceNowQueryIncident/ServiceNowQueryIncident.yml +++ b/Packs/ServiceNow/Scripts/ServiceNowQueryIncident/ServiceNowQueryIncident.yml @@ -1,9 +1,9 @@ args: -- description: Incident System ID +- description: Incident System ID. name: id -- description: Incident number +- description: Incident number. name: number -- description: Incident assigne name (e.g John Smith) +- description: Incident assigne name (e.g John Smith). name: assignee comment: |- This script is used to wrap the generic query-table command in ServiceNow. @@ -16,16 +16,16 @@ enabled: true name: ServiceNowQueryIncident outputs: - contextPath: ServiceNow.Incident.ID - description: Incident ID + description: Incident ID. type: string - contextPath: ServiceNow.Incident.Description - description: Incident description + description: Incident description. type: string - contextPath: ServiceNow.Incident.Number - description: Incident number + description: Incident number. type: number - contextPath: ServiceNow.Incident.Caller - description: Incident caller + description: Incident caller. type: string script: '-' tags: @@ -40,6 +40,6 @@ dependson: must: - servicenow-query-table fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 skipprepare: - script-name-incident-to-alert diff --git a/Packs/ServiceNow/Scripts/ServiceNowUpdateIncident/ServiceNowUpdateIncident.yml b/Packs/ServiceNow/Scripts/ServiceNowUpdateIncident/ServiceNowUpdateIncident.yml index 235d77f54789..ce82066ecd3e 100644 --- a/Packs/ServiceNow/Scripts/ServiceNowUpdateIncident/ServiceNowUpdateIncident.yml +++ b/Packs/ServiceNow/Scripts/ServiceNowUpdateIncident/ServiceNowUpdateIncident.yml @@ -1,22 +1,22 @@ args: - auto: PREDEFINED - description: Incident severity + description: Incident severity. name: severity predefined: - 1 - High - 2 - Medium - 3 - Low -- description: Incident assigne name (e.g John Smith) +- description: Incident assigne name (e.g John Smith). name: assignee -- description: Incident description +- description: Incident description. name: description -- description: Incident assigned group name (e.g Incident Management Group) +- description: Incident assigned group name (e.g Incident Management Group). name: assigned_group -- description: Incident ID to update +- description: Incident ID to update. name: id -- description: Incident number to update +- description: Incident number to update. name: number -- description: 'Query to use ' +- description: 'Query to use.' name: query comment: |- This script is used to wrap the generic update-record command in ServiceNow. @@ -29,10 +29,10 @@ enabled: true name: ServiceNowUpdateIncident outputs: - contextPath: ServiceNow.Incident.ID - description: Incident ID + description: Incident ID. type: string - contextPath: ServiceNow.Incident.Number - description: Incident number + description: Incident number. type: string script: '-' tags: @@ -48,6 +48,6 @@ dependson: tests: - No test - Hibernating instance fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 skipprepare: - script-name-incident-to-alert diff --git a/Packs/ServiceNow/pack_metadata.json b/Packs/ServiceNow/pack_metadata.json index 13cb26cbc1d2..757163b544df 100644 --- a/Packs/ServiceNow/pack_metadata.json +++ b/Packs/ServiceNow/pack_metadata.json @@ -2,7 +2,7 @@ "name": "ServiceNow", "description": "Use The ServiceNow IT Service Management (ITSM) solution to modernize the way you manage and deliver services to your users.", "support": "xsoar", - "currentVersion": "2.5.46", + "currentVersion": "2.5.47", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From be5100718b410d71cb5fa5f91360a885fe540d04 Mon Sep 17 00:00:00 2001 From: ilaner <88267954+ilaner@users.noreply.github.com> Date: Wed, 13 Dec 2023 17:22:34 +0200 Subject: [PATCH 30/50] Feed Elastic: fetch in batches (#31377) --- .../FeedElasticsearch/FeedElasticsearch.py | 67 +++++++++++++------ .../FeedElasticsearch/FeedElasticsearch.yml | 39 ++++++----- .../FeedElasticsearch_test.py | 17 +++++ Packs/FeedElasticsearch/ReleaseNotes/1_1_3.md | 7 ++ Packs/FeedElasticsearch/pack_metadata.json | 2 +- 5 files changed, 92 insertions(+), 40 deletions(-) create mode 100644 Packs/FeedElasticsearch/ReleaseNotes/1_1_3.md diff --git a/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch.py b/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch.py index b23125ce811a..b217bd9e652e 100644 --- a/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch.py +++ b/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch.py @@ -24,6 +24,7 @@ '''VARIABLES FOR FETCH INDICATORS''' FETCH_SIZE = 50 +FETCH_LIMIT = 10000 API_KEY_PREFIX = '_api_key_id:' MODULE_TO_FEEDMAP_KEY = 'moduleToFeedMap' FEED_TYPE_GENERIC = 'Generic Feed' @@ -95,8 +96,8 @@ def _get_api_key_header_val(api_key): ` :arg api_key, either a tuple or a base64 encoded string """ - if isinstance(api_key, (tuple, list)): - s = "{0}:{1}".format(api_key[0], api_key[1]).encode('utf-8') + if isinstance(api_key, tuple | list): + s = f"{api_key[0]}:{api_key[1]}".encode() return "ApiKey " + base64.b64encode(s).decode('utf-8') return "ApiKey " + api_key @@ -159,7 +160,7 @@ def test_command(client, feed_type, src_val, src_type, default_type, time_method else: # if it is unknown error - get the message from the error itself - return_error("Failed to connect. The following error occurred: {}".format(str(e))) + return_error(f"Failed to connect. The following error occurred: {str(e)}") except requests.exceptions.RequestException as e: return_error("Failed to connect. Check Server URL field and port number.\nError message: " + str(e)) @@ -178,7 +179,7 @@ def get_indicators_command(client, feed_type, src_val, src_type, default_type): # Insight is the name of the indicator object as it's saved into the database search = get_scan_insight_format(client, now, feed_type=feed_type) ioc_lst, ioc_enrch_lst = get_demisto_indicators(search, client.tags, client.tlp_color) - hr = tableToMarkdown('Indicators', list(set(map(lambda ioc: ioc.get('name'), ioc_lst))), 'Name') + hr = tableToMarkdown('Indicators', list({ioc.get('name') for ioc in ioc_lst}), 'Name') if ioc_enrch_lst: for ioc_enrch in ioc_enrch_lst: hr += tableToMarkdown('Enrichment', ioc_enrch, ['value', 'sourceBrand', 'score']) @@ -188,9 +189,9 @@ def get_indicators_command(client, feed_type, src_val, src_type, default_type): def get_generic_indicators(search, src_val, src_type, default_type, tags, tlp_color): """Implements get indicators in generic format""" ioc_lst: list = [] - for hit in search.scan(): - hit_lst = extract_indicators_from_generic_hit(hit, src_val, src_type, default_type, tags, tlp_color) - ioc_lst.extend(hit_lst) + hit = search.execute() + hit_lst = extract_indicators_from_generic_hit(hit, src_val, src_type, default_type, tags, tlp_color) + ioc_lst.extend(hit_lst) return ioc_lst @@ -208,36 +209,53 @@ def get_demisto_indicators(search, tags, tlp_color): return ioc_lst, ioc_enrch_lst -def fetch_indicators_command(client, feed_type, src_val, src_type, default_type, last_fetch): +def update_last_fetch(client, ioc_lst): + last_calculated_time = None + last_ids = [] + for ioc in reversed(ioc_lst): + calculate_time = dateparser.parse(ioc.get(client.time_field)) + if calculate_time and (not last_calculated_time or calculate_time >= last_calculated_time): + last_calculated_time = calculate_time + last_ids.append(ioc.get('id')) + else: + break + if last_calculated_time is None: + last_calculated_time = datetime.now() + return last_calculated_time, last_ids + + +def fetch_indicators_command(client, feed_type, src_val, src_type, default_type, last_fetch, fetch_limit): """Implements fetch-indicators command""" last_fetch_timestamp = get_last_fetch_timestamp(last_fetch, client.time_method, client.fetch_time) + prev_iocs_ids = demisto.getLastRun().get("ids", []) now = datetime.now() ioc_lst: list = [] ioc_enrch_lst: list = [] if FEED_TYPE_GENERIC not in feed_type: # Insight is the name of the indicator object as it's saved into the database search = get_scan_insight_format(client, now, last_fetch_timestamp, feed_type) - for hit in search.scan(): + for hit in search if client.time_field else search.scan: # if time field is not set we have to scan all hit_lst, hit_enrch_lst = extract_indicators_from_insight_hit(hit, tags=client.tags, tlp_color=client.tlp_color) ioc_lst.extend(hit_lst) ioc_enrch_lst.extend(hit_enrch_lst) else: - search = get_scan_generic_format(client, now, last_fetch_timestamp) - for hit in search.scan(): + search = get_scan_generic_format(client, now, last_fetch_timestamp, fetch_limit) + for hit in search if client.time_field else search.scan: # if time field is not set we have to scan all ioc_lst.extend(extract_indicators_from_generic_hit(hit, src_val, src_type, default_type, client.tags, client.tlp_color)) - + ioc_lst = list(filter(lambda ioc: ioc.get("id") not in prev_iocs_ids, ioc_lst)) if ioc_lst: for b in batch(ioc_lst, batch_size=2000): demisto.createIndicators(b) + last_calculated_time, last_ids = update_last_fetch(client, ioc_lst) if ioc_enrch_lst: ioc_enrch_batches = create_enrichment_batches(ioc_enrch_lst) for enrch_batch in ioc_enrch_batches: # ensure batch sizes don't exceed 2000 for b in batch(enrch_batch, batch_size=2000): demisto.createIndicators(b) - demisto.setLastRun({'time': int(now.timestamp() * 1000)}) + demisto.setLastRun({'time': int(last_calculated_time.timestamp() * 1000), 'ids': last_ids}) def get_last_fetch_timestamp(last_fetch, time_method, fetch_time): @@ -253,7 +271,7 @@ def get_last_fetch_timestamp(last_fetch, time_method, fetch_time): return last_fetch_timestamp -def get_scan_generic_format(client, now, last_fetch_timestamp=None): +def get_scan_generic_format(client, now, last_fetch_timestamp=None, fetch_limit=FETCH_LIMIT): """Gets a scan object in generic format""" # if method is simple date - convert the date string to datetime es = client.es @@ -264,9 +282,9 @@ def get_scan_generic_format(client, now, last_fetch_timestamp=None): if time_field: query = QueryString(query=time_field + ':*') range_field = { - time_field: {'gt': last_fetch_timestamp, 'lte': now}} if last_fetch_timestamp else { + time_field: {'gte': last_fetch_timestamp, 'lte': now}} if last_fetch_timestamp else { time_field: {'lte': now}} - search = Search(using=es, index=fetch_index).filter({'range': range_field}).query(query) + search = Search(using=es, index=fetch_index).filter({'range': range_field}).extra(size=fetch_limit).sort().query(query) else: search = Search(using=es, index=fetch_index).query(QueryString(query=client.query)) return search @@ -281,11 +299,11 @@ def extract_indicators_from_generic_hit(hit, src_val, src_type, default_type, ta return ioc_lst -def get_scan_insight_format(client, now, last_fetch_timestamp=None, feed_type=None): +def get_scan_insight_format(client, now, last_fetch_timestamp=None, feed_type=None, fetch_limit=FETCH_LIMIT): """Gets a scan object in insight format""" time_field = client.time_field range_field = { - time_field: {'gt': last_fetch_timestamp, 'lte': now}} if last_fetch_timestamp else { + time_field: {'gte': last_fetch_timestamp, 'lte': now}} if last_fetch_timestamp else { time_field: {'lte': now}} es = client.es query = QueryString(query=time_field + ":*") @@ -298,7 +316,9 @@ def get_scan_insight_format(client, now, last_fetch_timestamp=None, feed_type=No indices += f',-*{tenant_hash}*-shared*' elif not indices: indices = '_all' - search = Search(using=es, index=indices).filter({'range': range_field}).query(query) + search = Search(using=es, index=indices).filter({'range': range_field}).extra( + size=fetch_limit).sort({time_field: {'order': 'asc'}}).query(query) + return search @@ -362,7 +382,7 @@ def create_enrichment_batches(ioc_enrch_lst): def main(): try: - LOG('command is %s' % (demisto.command(),)) + LOG(f'command is {demisto.command()}') params = demisto.params() server = params.get('url', '').rstrip('/') creds = params.get('credentials') @@ -375,6 +395,9 @@ def main(): time_method = params.get('time_method') fetch_index = params.get('fetch_index') fetch_time = params.get('fetch_time', '3 days') + fetch_limit = arg_to_number(params.get('fetch_limit', 10000)) + if not fetch_limit or fetch_limit > 10_000: + raise DemistoException(f"Fetch limit must be between 1-10,000, got {fetch_limit}") query = params.get('es_query') api_id, api_key = extract_api_from_username_password(username, password) client = ElasticsearchClient(insecure, server, username, password, api_key, api_id, time_field, time_method, @@ -388,11 +411,11 @@ def main(): test_command(client, feed_type, src_val, src_type, default_type, time_method, time_field, fetch_time, query, username, password, api_key, api_id) elif demisto.command() == 'fetch-indicators': - fetch_indicators_command(client, feed_type, src_val, src_type, default_type, last_fetch) + fetch_indicators_command(client, feed_type, src_val, src_type, default_type, last_fetch, fetch_limit) elif demisto.command() == 'es-get-indicators': get_indicators_command(client, feed_type, src_val, src_type, default_type) except Exception as e: - return_error("Failed executing {}.\nError message: {}".format(demisto.command(), str(e))) + return_error(f"Failed executing {demisto.command()}.\nError message: {str(e)}") if __name__ in ("__main__", "__builtin__", "builtins"): diff --git a/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch.yml b/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch.yml index 64c42f04c180..cd7156ad38a1 100644 --- a/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch.yml +++ b/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch.yml @@ -51,6 +51,11 @@ configuration: name: fetch_time type: 0 required: false +- defaultvalue: '10000' + display: Fetch Limit + name: fetch_limit + type: 0 + required: false - additionalinfo: Indicators from this integration instance will be marked with this reputation defaultvalue: feedInstanceReputationNotSet display: Indicator Reputation @@ -60,10 +65,9 @@ configuration: - Good - Suspicious - Bad - type: 18 required: false + type: 18 - additionalinfo: Reliability of the source providing the intelligence data - defaultvalue: F - Reliability cannot be judged display: Source Reliability name: feedReliability options: @@ -73,10 +77,10 @@ configuration: - D - Not usually reliable - E - Unreliable - F - Reliability cannot be judged - required: true type: 15 -- additionalinfo: The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed - display: Traffic Light Protocol Color + required: true + defaultvalue: F - Reliability cannot be judged +- display: 'Traffic Light Protocol Color' name: tlp_color options: - RED @@ -85,26 +89,27 @@ configuration: - WHITE type: 15 required: false -- defaultvalue: indicatorType + additionalinfo: The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed +- defaultvalue: 'indicatorType' display: '' name: feedExpirationPolicy + type: 17 + required: false options: - never - interval - indicatorType - suddenDeath - type: 17 - required: false - defaultvalue: '20160' display: '' name: feedExpirationInterval type: 1 required: false -- defaultvalue: '240' - display: Feed Fetch Interval +- display: Feed Fetch Interval name: feedFetchInterval type: 19 required: false + defaultvalue: '1' - additionalinfo: Supports CSV values. display: Tags name: feedTags @@ -130,20 +135,20 @@ configuration: name: default_type type: 0 required: false -- additionalinfo: A comma-separated list of indexes. If empty, searches all indexes. - display: Index from Which To Fetch Indicators +- display: Index from Which To Fetch Indicators name: fetch_index type: 0 required: false -- defaultvalue: Simple-Date - display: Time Field Type + additionalinfo: A comma-separated list of indexes. If empty, searches all indexes. +- display: Time Field Type name: time_method + type: 15 + required: false + defaultvalue: Simple-Date options: - Simple-Date - Timestamp-Seconds - Timestamp-Milliseconds - type: 15 - required: false - additionalinfo: Used for sorting and limiting data. If empty, results are not sorted. display: Index Time Field name: time_field @@ -167,7 +172,7 @@ script: required: true description: Gets indicators available in the configured Elasticsearch database. name: es-get-indicators - dockerimage: demisto/elasticsearch:1.0.0.77444 + dockerimage: demisto/elasticsearch:1.0.0.83352 feed: true runonce: false script: '-' diff --git a/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch_test.py b/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch_test.py index c2ab32d9df94..88b4b494de4c 100644 --- a/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch_test.py +++ b/Packs/FeedElasticsearch/Integrations/FeedElasticsearch/FeedElasticsearch_test.py @@ -1,4 +1,10 @@ from CommonServerPython import * +from dataclasses import dataclass + + +@dataclass +class MockClient: + time_field = "calculatedTime" class MockHit: @@ -291,3 +297,14 @@ def test_extract_api_from_username_password_username_api_key(): import FeedElasticsearch as esf username = esf.API_KEY_PREFIX + 'api_id' assert esf.extract_api_from_username_password(username, 'api_key') == ('api_id', 'api_key') + + +def test_last_run(): + from FeedElasticsearch import update_last_fetch + ioc_lst = [{"id": "1", "calculatedTime": "2023-01-17T14:30:00.000Z"}, + {"id": "2", "calculatedTime": "2023-01-17T14:32:00.000Z"}, + {"id": "3", "calculatedTime": "2023-01-17T14:33:00.000Z"}, + {"id": "4", "calculatedTime": "2023-01-17T14:33:00.000Z"}] + last_update, last_ids = update_last_fetch(MockClient(), ioc_lst) + assert set(last_ids) == {"4", "3"} + assert last_update.isoformat() == "2023-01-17T14:33:00+00:00" diff --git a/Packs/FeedElasticsearch/ReleaseNotes/1_1_3.md b/Packs/FeedElasticsearch/ReleaseNotes/1_1_3.md new file mode 100644 index 000000000000..413aae70b672 --- /dev/null +++ b/Packs/FeedElasticsearch/ReleaseNotes/1_1_3.md @@ -0,0 +1,7 @@ + +#### Integrations + +##### Elasticsearch Feed +- Updated the Docker image to: *demisto/elasticsearch:1.0.0.83352*. + +- Added `fetch-limit` parameter to fetch indicators in batches. diff --git a/Packs/FeedElasticsearch/pack_metadata.json b/Packs/FeedElasticsearch/pack_metadata.json index e9f4d514c89d..39a575efb118 100644 --- a/Packs/FeedElasticsearch/pack_metadata.json +++ b/Packs/FeedElasticsearch/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Elasticsearch Feed", "description": "Indicators feed from Elasticsearch database", "support": "xsoar", - "currentVersion": "1.1.2", + "currentVersion": "1.1.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 55cebbf54d74b3c985e69be8895869de67fd3424 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 13 Dec 2023 19:07:25 +0200 Subject: [PATCH 31/50] Update Docker Image To demisto/ssdeep (#31446) * Updated Metadata Of Pack CommonScripts * Added release notes to pack CommonScripts * Packs/CommonScripts/Scripts/SSDeepSimilarity/SSDeepSimilarity.yml Docker image update --- Packs/CommonScripts/ReleaseNotes/1_13_1.md | 4 ++++ .../Scripts/SSDeepSimilarity/SSDeepSimilarity.yml | 2 +- Packs/CommonScripts/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_13_1.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_13_1.md b/Packs/CommonScripts/ReleaseNotes/1_13_1.md new file mode 100644 index 000000000000..0613fb61cc66 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_13_1.md @@ -0,0 +1,4 @@ + +#### Scripts +##### SSDeepSimilarity +- Updated the Docker image to: *demisto/ssdeep:1.0.0.82649*. \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/SSDeepSimilarity/SSDeepSimilarity.yml b/Packs/CommonScripts/Scripts/SSDeepSimilarity/SSDeepSimilarity.yml index 03d2b2a40c1f..85937fca548c 100644 --- a/Packs/CommonScripts/Scripts/SSDeepSimilarity/SSDeepSimilarity.yml +++ b/Packs/CommonScripts/Scripts/SSDeepSimilarity/SSDeepSimilarity.yml @@ -30,7 +30,7 @@ outputs: type: string scripttarget: 0 subtype: python3 -dockerimage: demisto/ssdeep:1.0.0.23743 +dockerimage: demisto/ssdeep:1.0.0.82649 runas: DBotWeakRole fromversion: 5.5.0 tests: diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index d4100ff4d3db..ac9b3ad5fa25 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.13.0", + "currentVersion": "1.13.1", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 3a1dce409c941c7203e4623eb2f3c485f1eb24f3 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 13 Dec 2023 20:13:41 +0200 Subject: [PATCH 32/50] Update Docker Image To demisto/taxii (#31459) * Updated Metadata Of Pack Base * Added release notes to pack Base * Packs/Base/Scripts/StixParser/StixParser.yml Docker image update --- Packs/Base/ReleaseNotes/1_33_5.md | 4 ++++ Packs/Base/Scripts/StixParser/StixParser.yml | 2 +- Packs/Base/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/Base/ReleaseNotes/1_33_5.md diff --git a/Packs/Base/ReleaseNotes/1_33_5.md b/Packs/Base/ReleaseNotes/1_33_5.md new file mode 100644 index 000000000000..64f4a823478c --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_33_5.md @@ -0,0 +1,4 @@ + +#### Scripts +##### StixParser +- Updated the Docker image to: *demisto/taxii:1.0.0.83456*. \ No newline at end of file diff --git a/Packs/Base/Scripts/StixParser/StixParser.yml b/Packs/Base/Scripts/StixParser/StixParser.yml index aed5c1056747..9d475523ff36 100644 --- a/Packs/Base/Scripts/StixParser/StixParser.yml +++ b/Packs/Base/Scripts/StixParser/StixParser.yml @@ -29,7 +29,7 @@ tags: timeout: 0s type: python subtype: python3 -dockerimage: demisto/taxii:1.0.0.48109 +dockerimage: demisto/taxii:1.0.0.83456 tests: - No tests dependson: {} diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json index 4e3aeffe63ac..31f6aec52d04 100644 --- a/Packs/Base/pack_metadata.json +++ b/Packs/Base/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Base", "description": "The base pack for Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.33.4", + "currentVersion": "1.33.5", "author": "Cortex XSOAR", "serverMinVersion": "6.0.0", "url": "https://www.paloaltonetworks.com/cortex", From cc31f820d5e6b4f1ea7a826e6fec96bcd0fd4a34 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 13 Dec 2023 20:21:21 +0200 Subject: [PATCH 33/50] Add argument include_resolved_param to sentinelone-get-threats (#31433) * Add argument include_resolved_param to sentinelone-get-threats (#31355) * Add argument include_resolved_param to sentinelone-get-threats * fix: update pack metadatafile version * Update docker * Update 3_2_14.md * Update Packs/SentinelOne/ReleaseNotes/3_2_14.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: chloerongier <150173582+chloerongier@users.noreply.github.com> Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --- Packs/SentinelOne/Integrations/SentinelOne-V2/README.md | 1 + .../Integrations/SentinelOne-V2/SentinelOne-V2.py | 2 +- .../Integrations/SentinelOne-V2/SentinelOne-V2.yml | 9 ++++++++- Packs/SentinelOne/ReleaseNotes/3_2_14.md | 6 ++++++ Packs/SentinelOne/pack_metadata.json | 2 +- 5 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 Packs/SentinelOne/ReleaseNotes/3_2_14.md diff --git a/Packs/SentinelOne/Integrations/SentinelOne-V2/README.md b/Packs/SentinelOne/Integrations/SentinelOne-V2/README.md index dc64e83eae06..e5f26f3206e5 100644 --- a/Packs/SentinelOne/Integrations/SentinelOne-V2/README.md +++ b/Packs/SentinelOne/Integrations/SentinelOne-V2/README.md @@ -197,6 +197,7 @@ Returns threats according to the specified filters. | rank | Risk level threshold to retrieve (1-10). Relevant for API version 2.0 only. | Optional | | site_ids | A comma-separated list of site IDs to search for threats, for example: "225494730938493804,225494730938493915". | Optional | | incident_statuses | Incident status. Example: "IN_PROGRESS, UNRESOLVED". | Optional | +| include_resolved_param | Whether to include the resolved parameter in the query. Possible values are: false, true. Default is false. | Optional | #### Context Output diff --git a/Packs/SentinelOne/Integrations/SentinelOne-V2/SentinelOne-V2.py b/Packs/SentinelOne/Integrations/SentinelOne-V2/SentinelOne-V2.py index 9e7f1654912e..25c42ff00e3f 100644 --- a/Packs/SentinelOne/Integrations/SentinelOne-V2/SentinelOne-V2.py +++ b/Packs/SentinelOne/Integrations/SentinelOne-V2/SentinelOne-V2.py @@ -280,7 +280,7 @@ def get_threats_request(self, content_hash=None, mitigation_status=None, created createdAt__lte=created_until_parsed, createdAt__gte=created_from_parsed, updatedAt__gte=updated_from_parsed, - resolved=argToBoolean(resolved) if include_resolved_param else None, + resolved=argToBoolean(resolved) if argToBoolean(include_resolved_param) else None, displayName__like=display_name, displayName=display_name, query=query, diff --git a/Packs/SentinelOne/Integrations/SentinelOne-V2/SentinelOne-V2.yml b/Packs/SentinelOne/Integrations/SentinelOne-V2/SentinelOne-V2.yml index d63ea9a35991..b426ddd52948 100644 --- a/Packs/SentinelOne/Integrations/SentinelOne-V2/SentinelOne-V2.yml +++ b/Packs/SentinelOne/Integrations/SentinelOne-V2/SentinelOne-V2.yml @@ -395,6 +395,13 @@ script: name: site_ids - description: 'Incident status. Example: "IN_PROGRESS, UNRESOLVED".' name: incident_statuses + - auto: PREDEFINED + defaultValue: "false" + description: Whether to include the resolved parameter in the query. + name: include_resolved_param + predefined: + - "false" + - "true" description: Returns threats according to the specified filters. name: sentinelone-get-threats outputs: @@ -2378,7 +2385,7 @@ script: - contextPath: SentinelOne.Notes.UpdatedAt description: The note updated time. type: string - dockerimage: demisto/python3:3.10.13.82467 + dockerimage: demisto/python3:3.10.13.83255 isfetch: true ismappable: true isremotesyncin: true diff --git a/Packs/SentinelOne/ReleaseNotes/3_2_14.md b/Packs/SentinelOne/ReleaseNotes/3_2_14.md new file mode 100644 index 000000000000..30c20458e6f5 --- /dev/null +++ b/Packs/SentinelOne/ReleaseNotes/3_2_14.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### SentinelOne v2 +- Added the *include_resolved_param* argument to the command ***sentinelone-get-threats*** which allows ignoring the *resolved* argument in order to get threats no matter what their status is. +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/SentinelOne/pack_metadata.json b/Packs/SentinelOne/pack_metadata.json index c08889ab454f..31cfc6c05729 100644 --- a/Packs/SentinelOne/pack_metadata.json +++ b/Packs/SentinelOne/pack_metadata.json @@ -2,7 +2,7 @@ "name": "SentinelOne", "description": "Endpoint protection", "support": "partner", - "currentVersion": "3.2.13", + "currentVersion": "3.2.14", "author": "SentinelOne", "url": "https://www.sentinelone.com/support/", "email": "support@sentinelone.com", From 482b19be96991de1c79c97941d5df8bd7afbdaff Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 13 Dec 2023 22:40:37 +0200 Subject: [PATCH 34/50] Update Docker Image To demisto/office-utils (#31451) * Updated Metadata Of Pack CommonScripts * Added release notes to pack CommonScripts * Packs/CommonScripts/Scripts/ConvertFile/ConvertFile.yml Docker image update * Bump pack from version CommonScripts to 1.13.2. --------- Co-authored-by: Content Bot --- Packs/CommonScripts/ReleaseNotes/1_13_2.md | 4 ++++ Packs/CommonScripts/Scripts/ConvertFile/ConvertFile.yml | 2 +- Packs/CommonScripts/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_13_2.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_13_2.md b/Packs/CommonScripts/ReleaseNotes/1_13_2.md new file mode 100644 index 000000000000..217945908513 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_13_2.md @@ -0,0 +1,4 @@ + +#### Scripts +##### ConvertFile +- Updated the Docker image to: *demisto/office-utils:2.0.0.82639*. \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/ConvertFile/ConvertFile.yml b/Packs/CommonScripts/Scripts/ConvertFile/ConvertFile.yml index f319167a01c6..163e094272d9 100644 --- a/Packs/CommonScripts/Scripts/ConvertFile/ConvertFile.yml +++ b/Packs/CommonScripts/Scripts/ConvertFile/ConvertFile.yml @@ -42,7 +42,7 @@ outputs: description: The file type. type: String scripttarget: 0 -dockerimage: demisto/office-utils:2.0.0.78144 +dockerimage: demisto/office-utils:2.0.0.82639 runas: DBotWeakRole tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index ac9b3ad5fa25..aeab34f841f7 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.13.1", + "currentVersion": "1.13.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 5d2ad5c469bb1a4a5950802f8faceb7801b48f7d Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 01:12:29 +0200 Subject: [PATCH 35/50] Update Docker Image To demisto/python3 (#31442) * Updated Metadata Of Pack CommonScripts * Added release notes to pack CommonScripts * Packs/CommonScripts/Scripts/ScheduleGenericPolling/ScheduleGenericPolling.yml Docker image update * Packs/CommonScripts/Scripts/ChangeContext/ChangeContext.yml Docker image update * Packs/CommonScripts/Scripts/MarkAsNoteByTag/MarkAsNoteByTag.yml Docker image update * Packs/CommonScripts/Scripts/ExportIncidentsToCSV/ExportIncidentsToCSV.yml Docker image update * Packs/CommonScripts/Scripts/EmailReputation/EmailReputation.yml Docker image update * Packs/CommonScripts/Scripts/OnionURLReputation/OnionURLReputation.yml Docker image update * Packs/CommonScripts/Scripts/FileCreateAndUploadV2/FileCreateAndUploadV2.yml Docker image update * Packs/CommonScripts/Scripts/GetServerURL/GetServerURL.yml Docker image update * Packs/CommonScripts/Scripts/ShowLocationOnMap/ShowLocationOnMap.yml Docker image update * Packs/CommonScripts/Scripts/ExportIndicatorsToCSV/ExportIndicatorsToCSV.yml Docker image update * Packs/CommonScripts/Scripts/CheckContextValue/CheckContextValue.yml Docker image update * Packs/CommonScripts/Scripts/GetEnabledInstances/GetEnabledInstances.yml Docker image update * Packs/CommonScripts/Scripts/FileReputation/FileReputation.yml Docker image update * Packs/CommonScripts/Scripts/ConvertCountryCodeCountryName/ConvertCountryCodeCountryName.yml Docker image update * Packs/CommonScripts/Scripts/IsUrlPartOfDomain/IsUrlPartOfDomain.yml Docker image update * Packs/CommonScripts/Scripts/ServerLogs/ServerLogs.yml Docker image update * Packs/CommonScripts/Scripts/PrintRaw/PrintRaw.yml Docker image update * Packs/CommonScripts/Scripts/DisplayHTMLWithImages/DisplayHTMLWithImages.yml Docker image update * Packs/CommonScripts/Scripts/SCPPullFiles/SCPPullFiles.yml Docker image update * Packs/CommonScripts/Scripts/StopTimeToAssignOnOwnerChange/StopTimeToAssignOnOwnerChange.yml Docker image update * Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml Docker image update * Packs/CommonScripts/Scripts/ShowIncidentIndicators/ShowIncidentIndicators.yml Docker image update * Packs/CommonScripts/Scripts/GetDataCollectionLink/GetDataCollectionLink.yml Docker image update * Packs/CommonScripts/Scripts/PrintContext/PrintContext.yml Docker image update * Packs/CommonScripts/Scripts/ServerLogsDocker/ServerLogsDocker.yml Docker image update * Packs/CommonScripts/Scripts/GetStringsDistance/GetStringsDistance.yml Docker image update * Packs/CommonScripts/Scripts/GetDockerImageLatestTag/GetDockerImageLatestTag.yml Docker image update * Packs/CommonScripts/Scripts/GetIndicatorDBotScore/GetIndicatorDBotScore.yml Docker image update * Packs/CommonScripts/Scripts/CreateNewIndicatorsOnly/CreateNewIndicatorsOnly.yml Docker image update * Packs/CommonScripts/Scripts/ChangeRemediationSLAOnSevChange/ChangeRemediationSLAOnSevChange.yml Docker image update * Packs/CommonScripts/Scripts/DBotAverageScore/DBotAverageScore.yml Docker image update * Packs/CommonScripts/Scripts/PrintErrorEntry/PrintErrorEntry.yml Docker image update * Packs/CommonScripts/Scripts/ExtractIndicatorsFromTextFile/ExtractIndicatorsFromTextFile.yml Docker image update * Packs/CommonScripts/Scripts/UtilAnyResults/UtilAnyResults.yml Docker image update * Packs/CommonScripts/Scripts/ZipStringsArrays/ZipStringsArrays.yml Docker image update * Packs/CommonScripts/Scripts/GridFieldSetup/GridFieldSetup.yml Docker image update * Packs/CommonScripts/Scripts/GetByIncidentId/GetByIncidentId.yml Docker image update * Packs/CommonScripts/Scripts/ProvidesCommand/ProvidesCommand.yml Docker image update * Packs/CommonScripts/Scripts/ReplaceMatchGroup/ReplaceMatchGroup.yml Docker image update * Packs/CommonScripts/Scripts/VerifyCIDR/VerifyCIDR.yml Docker image update * Packs/CommonScripts/Scripts/AppendindicatorFieldWrapper/AppendindicatorFieldWrapper.yml Docker image update * Packs/CommonScripts/Scripts/URLNumberOfAds/URLNumberOfAds.yml Docker image update * Packs/CommonScripts/Scripts/FileToBase64List/FileToBase64List.yml Docker image update * Packs/CommonScripts/Scripts/GetFieldsByIncidentType/GetFieldsByIncidentType.yml Docker image update * Packs/CommonScripts/Scripts/LoadJSON/LoadJSON.yml Docker image update * Packs/CommonScripts/Scripts/URLReputation/URLReputation.yml Docker image update * Packs/CommonScripts/Scripts/IncidentFields/IncidentFields.yml Docker image update * Packs/CommonScripts/Scripts/HideFieldsOnNewIncident/HideFieldsOnNewIncident.yml Docker image update * Packs/CommonScripts/Scripts/IPReputation/IPReputation.yml Docker image update * Packs/CommonScripts/Scripts/DeduplicateValuesbyKey/DeduplicateValuesbyKey.yml Docker image update * fix DS108 * Bump pack from version CommonScripts to 1.13.2. --------- Co-authored-by: israelpolishook Co-authored-by: Content Bot --- Packs/CommonScripts/ReleaseNotes/1_13_2.md | 3 +- Packs/CommonScripts/ReleaseNotes/1_13_3.md | 101 ++++++++++++++++++ .../AppendindicatorFieldWrapper.yml | 2 +- .../Scripts/ChangeContext/ChangeContext.yml | 6 +- .../ChangeRemediationSLAOnSevChange.yml | 2 +- .../CheckContextValue/CheckContextValue.yml | 6 +- .../ConvertCountryCodeCountryName.yml | 8 +- .../CreateIndicatorsFromSTIX.yml | 2 +- .../CreateNewIndicatorsOnly.yml | 4 +- .../DBotAverageScore/DBotAverageScore.yml | 2 +- .../DeduplicateValuesbyKey.yml | 8 +- .../DisplayHTMLWithImages.yml | 2 +- .../EmailReputation/EmailReputation.yml | 6 +- .../ExportIncidentsToCSV.yml | 4 +- .../ExportIndicatorsToCSV.yml | 4 +- .../ExtractIndicatorsFromTextFile.yml | 16 +-- .../FileCreateAndUploadV2.yml | 2 +- .../Scripts/FileReputation/FileReputation.yml | 6 +- .../FileToBase64List/FileToBase64List.yml | 2 +- .../GetByIncidentId/GetByIncidentId.yml | 4 +- .../GetDataCollectionLink.yml | 2 +- .../GetDockerImageLatestTag.yml | 2 +- .../GetEnabledInstances.yml | 2 +- .../GetFieldsByIncidentType.yml | 2 +- .../GetIndicatorDBotScore.yml | 2 +- .../Scripts/GetServerURL/GetServerURL.yml | 2 +- .../GetStringsDistance/GetStringsDistance.yml | 2 +- .../Scripts/GridFieldSetup/GridFieldSetup.yml | 10 +- .../HideFieldsOnNewIncident.yml | 6 +- .../Scripts/IPReputation/IPReputation.yml | 6 +- .../Scripts/IncidentFields/IncidentFields.yml | 2 +- .../IsUrlPartOfDomain/IsUrlPartOfDomain.yml | 2 +- .../Scripts/LoadJSON/LoadJSON.yml | 8 +- .../MarkAsNoteByTag/MarkAsNoteByTag.yml | 6 +- .../OnionURLReputation/OnionURLReputation.yml | 2 +- .../Scripts/PrintContext/PrintContext.yml | 4 +- .../PrintErrorEntry/PrintErrorEntry.yml | 4 +- .../Scripts/PrintRaw/PrintRaw.yml | 2 +- .../ProvidesCommand/ProvidesCommand.yml | 4 +- .../ReplaceMatchGroup/ReplaceMatchGroup.yml | 2 +- .../Scripts/SCPPullFiles/SCPPullFiles.yml | 8 +- .../ScheduleGenericPolling.yml | 2 +- .../Scripts/ServerLogs/ServerLogs.yml | 4 +- .../ServerLogsDocker/ServerLogsDocker.yml | 4 +- .../ShowIncidentIndicators.yml | 2 +- .../ShowLocationOnMap/ShowLocationOnMap.yml | 4 +- .../StopTimeToAssignOnOwnerChange.yml | 6 +- .../Scripts/URLNumberOfAds/URLNumberOfAds.yml | 16 +-- .../Scripts/URLReputation/URLReputation.yml | 6 +- .../Scripts/UtilAnyResults/UtilAnyResults.yml | 2 +- .../Scripts/VerifyCIDR/VerifyCIDR.yml | 2 +- .../ZipStringsArrays/ZipStringsArrays.yml | 2 +- Packs/CommonScripts/pack_metadata.json | 2 +- 53 files changed, 212 insertions(+), 110 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_13_3.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_13_2.md b/Packs/CommonScripts/ReleaseNotes/1_13_2.md index 217945908513..6c3088acadf1 100644 --- a/Packs/CommonScripts/ReleaseNotes/1_13_2.md +++ b/Packs/CommonScripts/ReleaseNotes/1_13_2.md @@ -1,4 +1,3 @@ - #### Scripts ##### ConvertFile -- Updated the Docker image to: *demisto/office-utils:2.0.0.82639*. \ No newline at end of file +- Updated the Docker image to: *demisto/office-utils:2.0.0.82639*. diff --git a/Packs/CommonScripts/ReleaseNotes/1_13_3.md b/Packs/CommonScripts/ReleaseNotes/1_13_3.md new file mode 100644 index 000000000000..b4e92cc570cb --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_13_3.md @@ -0,0 +1,101 @@ +#### Scripts +##### ScheduleGenericPolling +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ChangeContext +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### MarkAsNoteByTag +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ExportIncidentsToCSV +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### EmailReputation +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### OnionURLReputation +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### FileCreateAndUploadV2 +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetServerURL +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ShowLocationOnMap +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ExportIndicatorsToCSV +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### CheckContextValue +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetEnabledInstances +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### FileReputation +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ConvertCountryCodeCountryName +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### IsUrlPartOfDomain +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ServerLogs +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### PrintRaw +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### DisplayHTMLWithImages +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### SCPPullFiles +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### StopTimeToAssignOnOwnerChange +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### CreateIndicatorsFromSTIX +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ShowIncidentIndicators +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetDataCollectionLink +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### PrintContext +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ServerLogs_docker +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetStringsDistance +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetDockerImageLatestTag +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetIndicatorDBotScore +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### CreateNewIndicatorsOnly +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ChangeRemediationSLAOnSevChange +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### DBotAverageScore +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### PrintErrorEntry +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ExtractIndicatorsFromTextFile +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### UtilAnyResults +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ZipStrings +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GridFieldSetup +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetByIncidentId +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ProvidesCommand +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### ReplaceMatchGroup +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### VerifyCIDR +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### AppendindicatorFieldWrapper +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### URLNumberOfAds +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### FileToBase64List +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### GetFieldsByIncidentType +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### LoadJSON +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### URLReputation +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### IncidentFields +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### hideFieldsOnNewIncident +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### IPReputation +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### DeduplicateValuesbyKey +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/CommonScripts/Scripts/AppendindicatorFieldWrapper/AppendindicatorFieldWrapper.yml b/Packs/CommonScripts/Scripts/AppendindicatorFieldWrapper/AppendindicatorFieldWrapper.yml index aca5212c34bb..1b3eb48e4404 100644 --- a/Packs/CommonScripts/Scripts/AppendindicatorFieldWrapper/AppendindicatorFieldWrapper.yml +++ b/Packs/CommonScripts/Scripts/AppendindicatorFieldWrapper/AppendindicatorFieldWrapper.yml @@ -20,5 +20,5 @@ tags: - incident-action-button timeout: '0' type: python -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 6.2.0 diff --git a/Packs/CommonScripts/Scripts/ChangeContext/ChangeContext.yml b/Packs/CommonScripts/Scripts/ChangeContext/ChangeContext.yml index f506fe7dd534..266c910fba4d 100644 --- a/Packs/CommonScripts/Scripts/ChangeContext/ChangeContext.yml +++ b/Packs/CommonScripts/Scripts/ChangeContext/ChangeContext.yml @@ -8,7 +8,7 @@ args: predefined: - 'True' - 'False' -- description: 'A list of key-values to replace key for value in the following format: {"old_key1":"new_key1", "old_key2":"new_key2"}' +- description: 'A list of key-values to replace key for value in the following format: {"old_key1":"new_key1", "old_key2":"new_key2"}.' name: replace_dict - auto: PREDEFINED defaultValue: 'False' @@ -29,9 +29,11 @@ name: ChangeContext script: '-' timeout: '0' type: python -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole subtype: python3 fromversion: 5.0.0 tags: - Utility +tests: +- No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/ChangeRemediationSLAOnSevChange/ChangeRemediationSLAOnSevChange.yml b/Packs/CommonScripts/Scripts/ChangeRemediationSLAOnSevChange/ChangeRemediationSLAOnSevChange.yml index 70607f1f7376..28d160d11994 100644 --- a/Packs/CommonScripts/Scripts/ChangeRemediationSLAOnSevChange/ChangeRemediationSLAOnSevChange.yml +++ b/Packs/CommonScripts/Scripts/ChangeRemediationSLAOnSevChange/ChangeRemediationSLAOnSevChange.yml @@ -36,4 +36,4 @@ marketplaces: - xsoar tests: - SLA Scripts - Test -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/CommonScripts/Scripts/CheckContextValue/CheckContextValue.yml b/Packs/CommonScripts/Scripts/CheckContextValue/CheckContextValue.yml index 82d6a69649bd..9cccd6ce3bc9 100644 --- a/Packs/CommonScripts/Scripts/CheckContextValue/CheckContextValue.yml +++ b/Packs/CommonScripts/Scripts/CheckContextValue/CheckContextValue.yml @@ -1,5 +1,5 @@ args: -- description: 'The context key to check (can contain ".", e.g: My.Context.Path)' +- description: 'The context key to check (can contain ".", e.g: My.Context.Path).' name: key required: true - description: The regex pattern to check the field for (optional). @@ -15,12 +15,12 @@ comment: This script checks that a context key exists (and contains data), and o commonfields: id: CheckContextValue version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: CheckContextValue outputs: - contextPath: CheckContextKey.name - description: Key Name + description: Key Name. type: string - contextPath: CheckContextKey.exists description: Whether the Key Exists. diff --git a/Packs/CommonScripts/Scripts/ConvertCountryCodeCountryName/ConvertCountryCodeCountryName.yml b/Packs/CommonScripts/Scripts/ConvertCountryCodeCountryName/ConvertCountryCodeCountryName.yml index 2a2e5cd06cd2..b54b083a24a4 100644 --- a/Packs/CommonScripts/Scripts/ConvertCountryCodeCountryName/ConvertCountryCodeCountryName.yml +++ b/Packs/CommonScripts/Scripts/ConvertCountryCodeCountryName/ConvertCountryCodeCountryName.yml @@ -14,16 +14,16 @@ comment: |- Output: { "United States" } Another Example: Input: { "country_name": "United States" } - Output: { "US" } + Output: { "US" }. enabled: true args: - name: country_code - description: 'Country Code Alpha 2 (Example: US)' + description: 'Country Code Alpha 2 (Example: US).' - name: country_name - description: Country Name + description: Country Name. scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 6.5.0 tests: diff --git a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml index 21218142d2c0..effc89baaeea 100644 --- a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml +++ b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml @@ -14,7 +14,7 @@ tags: - ioc timeout: '0' type: python -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests fromversion: 5.0.0 diff --git a/Packs/CommonScripts/Scripts/CreateNewIndicatorsOnly/CreateNewIndicatorsOnly.yml b/Packs/CommonScripts/Scripts/CreateNewIndicatorsOnly/CreateNewIndicatorsOnly.yml index 75bef231eb84..75e2d7503515 100644 --- a/Packs/CommonScripts/Scripts/CreateNewIndicatorsOnly/CreateNewIndicatorsOnly.yml +++ b/Packs/CommonScripts/Scripts/CreateNewIndicatorsOnly/CreateNewIndicatorsOnly.yml @@ -10,7 +10,7 @@ comment: Create indicators to the Threat Intel database only if they are not reg enabled: true args: - name: indicator_values - description: The indicator values + description: The indicator values. isArray: true - name: type auto: PREDEFINED @@ -69,7 +69,7 @@ outputs: type: string scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.68300 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 6.5.0 tests: diff --git a/Packs/CommonScripts/Scripts/DBotAverageScore/DBotAverageScore.yml b/Packs/CommonScripts/Scripts/DBotAverageScore/DBotAverageScore.yml index 47af9b25073c..2ec8af75a6a8 100644 --- a/Packs/CommonScripts/Scripts/DBotAverageScore/DBotAverageScore.yml +++ b/Packs/CommonScripts/Scripts/DBotAverageScore/DBotAverageScore.yml @@ -16,7 +16,7 @@ outputs: type: number enabled: true subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 5.0.0 tests: - DbotAverageScore-Test diff --git a/Packs/CommonScripts/Scripts/DeduplicateValuesbyKey/DeduplicateValuesbyKey.yml b/Packs/CommonScripts/Scripts/DeduplicateValuesbyKey/DeduplicateValuesbyKey.yml index 84d5e0f86343..7c98741183bf 100644 --- a/Packs/CommonScripts/Scripts/DeduplicateValuesbyKey/DeduplicateValuesbyKey.yml +++ b/Packs/CommonScripts/Scripts/DeduplicateValuesbyKey/DeduplicateValuesbyKey.yml @@ -3,13 +3,13 @@ args: isArray: true name: object_list required: true -- description: String representing key from which unique values should be retrieved. Use dot notation to access subkeys (e.g. 'key.subkey') +- description: String representing key from which unique values should be retrieved. Use dot notation to access subkeys (e.g. 'key.subkey'). name: key_of_interest required: true - auto: PREDEFINED default: true defaultValue: "False" - description: Default is False. If set to True, will return None in the unique list if the key is not found + description: Default is False. If set to True, will return None in the unique list if the key is not found. name: keep_none predefined: - "True" @@ -21,12 +21,12 @@ commonfields: contentitemexportablefields: contentitemfields: fromServerVersion: "" -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: DeduplicateValuesbyKey outputs: - contextPath: DeduplicatedValues - description: List of unique values for the specified key + description: List of unique values for the specified key. runas: DBotWeakRole script: '' scripttarget: 0 diff --git a/Packs/CommonScripts/Scripts/DisplayHTMLWithImages/DisplayHTMLWithImages.yml b/Packs/CommonScripts/Scripts/DisplayHTMLWithImages/DisplayHTMLWithImages.yml index 938d8e0fad45..ad5db96cff05 100644 --- a/Packs/CommonScripts/Scripts/DisplayHTMLWithImages/DisplayHTMLWithImages.yml +++ b/Packs/CommonScripts/Scripts/DisplayHTMLWithImages/DisplayHTMLWithImages.yml @@ -11,6 +11,6 @@ tags: system: true scripttarget: 0 fromversion: 6.5.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/EmailReputation/EmailReputation.yml b/Packs/CommonScripts/Scripts/EmailReputation/EmailReputation.yml index 34c2b17c7086..4f9f39395a1a 100644 --- a/Packs/CommonScripts/Scripts/EmailReputation/EmailReputation.yml +++ b/Packs/CommonScripts/Scripts/EmailReputation/EmailReputation.yml @@ -7,18 +7,18 @@ type: python subtype: python3 tags: - enhancement -comment: A context script for Email entities +comment: A context script for Email entities. enabled: true args: - name: email required: true default: true - description: Email address to look up + description: Email address to look up. scripttarget: 0 fromversion: 5.0.0 marketplaces: - xsoar - marketplacev2 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/ExportIncidentsToCSV/ExportIncidentsToCSV.yml b/Packs/CommonScripts/Scripts/ExportIncidentsToCSV/ExportIncidentsToCSV.yml index 9957d7163d50..a88a7b9abec6 100644 --- a/Packs/CommonScripts/Scripts/ExportIncidentsToCSV/ExportIncidentsToCSV.yml +++ b/Packs/CommonScripts/Scripts/ExportIncidentsToCSV/ExportIncidentsToCSV.yml @@ -5,7 +5,7 @@ args: - defaultValue: "7" description: Number of days you want to fetch back for (default is 7). Needs to be a number. name: fetchdays -- description: 'Comma separated list of columns (fields) for the CSV. (Default is: id,name,type,severity,status,owner,roles,playbookId,occurred,created,modified,closed)' +- description: 'Comma separated list of columns (fields) for the CSV. (Default is: id,name,type,severity,status,owner,roles,playbookId,occurred,created,modified,closed).' name: columns comment: This automation uses the Demisto REST API Integration to batch export Incidents to CSV and return the resulting CSV file to the war room. commonfields: @@ -18,7 +18,7 @@ dependson: must: - demisto-api-post - demisto-api-get -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: ExportIncidentsToCSV runas: DBotWeakRole diff --git a/Packs/CommonScripts/Scripts/ExportIndicatorsToCSV/ExportIndicatorsToCSV.yml b/Packs/CommonScripts/Scripts/ExportIndicatorsToCSV/ExportIndicatorsToCSV.yml index 55a1bf96d752..3bfa060469af 100644 --- a/Packs/CommonScripts/Scripts/ExportIndicatorsToCSV/ExportIndicatorsToCSV.yml +++ b/Packs/CommonScripts/Scripts/ExportIndicatorsToCSV/ExportIndicatorsToCSV.yml @@ -5,7 +5,7 @@ args: - defaultValue: "7" description: Indicator last seen days (default is 7). Needs to be a number. name: seenDays -- description: 'Comma separated list of columns (fields) for the CSV. (Default is: id,indicator_type,value,source,score,relatedIncCount,setBy,sourceBrands,modified)' +- description: 'Comma separated list of columns (fields) for the CSV. (Default is: id,indicator_type,value,source,score,relatedIncCount,setBy,sourceBrands,modified).' name: columns comment: This automation uses the Demisto REST API Integration to batch export Indicators to CSV and return the resulting CSV file to the war room. commonfields: @@ -18,7 +18,7 @@ dependson: must: - demisto-api-post - demisto-api-get -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: ExportIndicatorsToCSV runas: DBotWeakRole diff --git a/Packs/CommonScripts/Scripts/ExtractIndicatorsFromTextFile/ExtractIndicatorsFromTextFile.yml b/Packs/CommonScripts/Scripts/ExtractIndicatorsFromTextFile/ExtractIndicatorsFromTextFile.yml index 8e6db0742fa7..de4a5a900a4b 100644 --- a/Packs/CommonScripts/Scripts/ExtractIndicatorsFromTextFile/ExtractIndicatorsFromTextFile.yml +++ b/Packs/CommonScripts/Scripts/ExtractIndicatorsFromTextFile/ExtractIndicatorsFromTextFile.yml @@ -23,25 +23,25 @@ enabled: true name: ExtractIndicatorsFromTextFile outputs: - contextPath: Domain.Name - description: Extracted domains + description: Extracted domains. type: string - contextPath: Account.Email.Address - description: Extracted emails + description: Extracted emails. type: string - contextPath: File.MD5 - description: Extracted MD5 + description: Extracted MD5. type: string - contextPath: File.SHA1 - description: Extracted SHA1 + description: Extracted SHA1. type: string - contextPath: File.SHA256 - description: Extracted SHA256 + description: Extracted SHA256. type: string - contextPath: IP.Address - description: Extracted IPs + description: Extracted IPs. type: string - contextPath: URL.Data - description: Extracted URLs + description: Extracted URLs. type: string script: '-' timeout: '0' @@ -52,4 +52,4 @@ tests: - Extract Indicators From File - Generic v2 - Test fromversion: 5.0.0 tags: [] -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/CommonScripts/Scripts/FileCreateAndUploadV2/FileCreateAndUploadV2.yml b/Packs/CommonScripts/Scripts/FileCreateAndUploadV2/FileCreateAndUploadV2.yml index b4ec35c309ce..aeed086c22f4 100644 --- a/Packs/CommonScripts/Scripts/FileCreateAndUploadV2/FileCreateAndUploadV2.yml +++ b/Packs/CommonScripts/Scripts/FileCreateAndUploadV2/FileCreateAndUploadV2.yml @@ -27,7 +27,7 @@ args: defaultValue: raw scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 6.2.0 tests: diff --git a/Packs/CommonScripts/Scripts/FileReputation/FileReputation.yml b/Packs/CommonScripts/Scripts/FileReputation/FileReputation.yml index 7636557d0cf7..f1d7ea860f86 100644 --- a/Packs/CommonScripts/Scripts/FileReputation/FileReputation.yml +++ b/Packs/CommonScripts/Scripts/FileReputation/FileReputation.yml @@ -7,15 +7,15 @@ type: python subtype: python3 tags: - enhancement -comment: A context script for hash entities +comment: A context script for hash entities. enabled: true args: - name: file required: true default: true - description: File hash to look up - supports MD5, SHA1 and SHA256 + description: File hash to look up - supports MD5, SHA1 and SHA256. scripttarget: 0 fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/FileToBase64List/FileToBase64List.yml b/Packs/CommonScripts/Scripts/FileToBase64List/FileToBase64List.yml index 627b594f24bc..7ac263406de6 100644 --- a/Packs/CommonScripts/Scripts/FileToBase64List/FileToBase64List.yml +++ b/Packs/CommonScripts/Scripts/FileToBase64List/FileToBase64List.yml @@ -31,4 +31,4 @@ runonce: true tests: - No Test fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/CommonScripts/Scripts/GetByIncidentId/GetByIncidentId.yml b/Packs/CommonScripts/Scripts/GetByIncidentId/GetByIncidentId.yml index 09c00d6a72d5..732b427407b6 100644 --- a/Packs/CommonScripts/Scripts/GetByIncidentId/GetByIncidentId.yml +++ b/Packs/CommonScripts/Scripts/GetByIncidentId/GetByIncidentId.yml @@ -14,11 +14,11 @@ args: description: The ID of the incident from which to get context values. The default is the current incident. - name: get_key required: true - description: The key to get + description: The key to get. - name: set_key description: The key to set. The default is "get_key". scripttarget: 0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole tests: - No test - tested with unittest diff --git a/Packs/CommonScripts/Scripts/GetDataCollectionLink/GetDataCollectionLink.yml b/Packs/CommonScripts/Scripts/GetDataCollectionLink/GetDataCollectionLink.yml index 3801cd69153f..843ca5baa7be 100644 --- a/Packs/CommonScripts/Scripts/GetDataCollectionLink/GetDataCollectionLink.yml +++ b/Packs/CommonScripts/Scripts/GetDataCollectionLink/GetDataCollectionLink.yml @@ -16,7 +16,7 @@ commonfields: contentitemexportablefields: contentitemfields: fromServerVersion: "" -dockerimage: demisto/python3:3.10.13.80014 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: GetDataCollectionLink outputs: diff --git a/Packs/CommonScripts/Scripts/GetDockerImageLatestTag/GetDockerImageLatestTag.yml b/Packs/CommonScripts/Scripts/GetDockerImageLatestTag/GetDockerImageLatestTag.yml index bf0092db52fb..4f4b5fdcfdd4 100644 --- a/Packs/CommonScripts/Scripts/GetDockerImageLatestTag/GetDockerImageLatestTag.yml +++ b/Packs/CommonScripts/Scripts/GetDockerImageLatestTag/GetDockerImageLatestTag.yml @@ -28,4 +28,4 @@ args: tests: - No test - no testplaybook, but unit tests exist fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.13.78623 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/CommonScripts/Scripts/GetEnabledInstances/GetEnabledInstances.yml b/Packs/CommonScripts/Scripts/GetEnabledInstances/GetEnabledInstances.yml index dcb1a0242454..21364da5b16d 100644 --- a/Packs/CommonScripts/Scripts/GetEnabledInstances/GetEnabledInstances.yml +++ b/Packs/CommonScripts/Scripts/GetEnabledInstances/GetEnabledInstances.yml @@ -2,7 +2,7 @@ comment: Gets all currently enabled integration instances. commonfields: id: GetEnabledInstances version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: GetEnabledInstances outputs: diff --git a/Packs/CommonScripts/Scripts/GetFieldsByIncidentType/GetFieldsByIncidentType.yml b/Packs/CommonScripts/Scripts/GetFieldsByIncidentType/GetFieldsByIncidentType.yml index b49769294918..7ca38119a1b5 100644 --- a/Packs/CommonScripts/Scripts/GetFieldsByIncidentType/GetFieldsByIncidentType.yml +++ b/Packs/CommonScripts/Scripts/GetFieldsByIncidentType/GetFieldsByIncidentType.yml @@ -44,7 +44,7 @@ subtype: python3 dependson: must: - '|||demisto-api-get' -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole tests: - No test - unit test diff --git a/Packs/CommonScripts/Scripts/GetIndicatorDBotScore/GetIndicatorDBotScore.yml b/Packs/CommonScripts/Scripts/GetIndicatorDBotScore/GetIndicatorDBotScore.yml index 603fb3aee4e7..258968d3bcb8 100644 --- a/Packs/CommonScripts/Scripts/GetIndicatorDBotScore/GetIndicatorDBotScore.yml +++ b/Packs/CommonScripts/Scripts/GetIndicatorDBotScore/GetIndicatorDBotScore.yml @@ -33,4 +33,4 @@ subtype: python3 fromversion: 5.0.0 tests: - GetIndicatorDBotScore Test -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/CommonScripts/Scripts/GetServerURL/GetServerURL.yml b/Packs/CommonScripts/Scripts/GetServerURL/GetServerURL.yml index 55a3cb36b792..bbc57a8d3673 100644 --- a/Packs/CommonScripts/Scripts/GetServerURL/GetServerURL.yml +++ b/Packs/CommonScripts/Scripts/GetServerURL/GetServerURL.yml @@ -21,7 +21,7 @@ script: '-' subtype: python3 timeout: '0' type: python -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole tags: [] tests: diff --git a/Packs/CommonScripts/Scripts/GetStringsDistance/GetStringsDistance.yml b/Packs/CommonScripts/Scripts/GetStringsDistance/GetStringsDistance.yml index 6812c0b1fc7e..4d1ee6047c29 100644 --- a/Packs/CommonScripts/Scripts/GetStringsDistance/GetStringsDistance.yml +++ b/Packs/CommonScripts/Scripts/GetStringsDistance/GetStringsDistance.yml @@ -27,6 +27,6 @@ outputs: description: The closeness of the sender domain to our configured domains. scripttarget: 0 fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - GetStringsDistance - Test diff --git a/Packs/CommonScripts/Scripts/GridFieldSetup/GridFieldSetup.yml b/Packs/CommonScripts/Scripts/GridFieldSetup/GridFieldSetup.yml index a825492549b6..c80eb5186523 100644 --- a/Packs/CommonScripts/Scripts/GridFieldSetup/GridFieldSetup.yml +++ b/Packs/CommonScripts/Scripts/GridFieldSetup/GridFieldSetup.yml @@ -1,5 +1,5 @@ args: -- description: columns for the grid field in comma separated format +- description: columns for the grid field in comma separated format. name: keys required: true - description: A value for the 1st key. (Can be a string or context path or `TIMESTAMP` to get the current timestamp in ISO format.) @@ -23,23 +23,23 @@ args: name: val9 - description: A value for the 10th key. (Can be a string or context path or `TIMESTAMP` to get the current timestamp in ISO format.) name: val10 -- description: Grid field to populate +- description: Grid field to populate. name: gridfield required: true - auto: PREDEFINED defaultValue: "false" - description: whether to overwrite what is in the gridfield or not (default is to append) + description: whether to overwrite what is in the gridfield or not (default is to append). name: overwrite predefined: - "true" - "false" comment: |- Automation used to more easily populate a grid field. This is necessary when you want to assign certain values as static or if you have context paths that you will assign to different values as well. Instead of a value you can enter `TIMESTAMP` to get the current timestamp in ISO format. For example: - `!GridFieldSetup keys=ip,src,timestamp val1=${AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddress} val2="AWS" val3="TIMESTAMP" gridfiled="gridfield"` + `!GridFieldSetup keys=ip,src,timestamp val1=${AWS.EC2.Instances.NetworkInterfaces.PrivateIpAddress} val2="AWS" val3="TIMESTAMP" gridfiled="gridfield"`. commonfields: id: GridFieldSetup version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: GridFieldSetup runas: DBotWeakRole diff --git a/Packs/CommonScripts/Scripts/HideFieldsOnNewIncident/HideFieldsOnNewIncident.yml b/Packs/CommonScripts/Scripts/HideFieldsOnNewIncident/HideFieldsOnNewIncident.yml index f3ae8e3fd950..52d6e36e84fa 100644 --- a/Packs/CommonScripts/Scripts/HideFieldsOnNewIncident/HideFieldsOnNewIncident.yml +++ b/Packs/CommonScripts/Scripts/HideFieldsOnNewIncident/HideFieldsOnNewIncident.yml @@ -12,10 +12,10 @@ comment: When you apply this script to an incident field, that incident field is enabled: true args: - name: incident - description: Incident object + description: Incident object. - name: field - description: Field definition object + description: Field definition object. scripttarget: 0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/IPReputation/IPReputation.yml b/Packs/CommonScripts/Scripts/IPReputation/IPReputation.yml index e3558948b149..f84807b14977 100644 --- a/Packs/CommonScripts/Scripts/IPReputation/IPReputation.yml +++ b/Packs/CommonScripts/Scripts/IPReputation/IPReputation.yml @@ -7,18 +7,18 @@ type: python subtype: python3 tags: - enhancement -comment: A context script for IP entities +comment: A context script for IP entities. enabled: true args: - name: ip required: true default: true - description: IP address to look up + description: IP address to look up. scripttarget: 0 fromversion: 5.0.0 marketplaces: - xsoar - marketplacev2 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/IncidentFields/IncidentFields.yml b/Packs/CommonScripts/Scripts/IncidentFields/IncidentFields.yml index 3049990d8859..c708f824ee47 100644 --- a/Packs/CommonScripts/Scripts/IncidentFields/IncidentFields.yml +++ b/Packs/CommonScripts/Scripts/IncidentFields/IncidentFields.yml @@ -28,7 +28,7 @@ subtype: python3 dependson: must: - '|||demisto-api-get' -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole tests: - No test - unit test diff --git a/Packs/CommonScripts/Scripts/IsUrlPartOfDomain/IsUrlPartOfDomain.yml b/Packs/CommonScripts/Scripts/IsUrlPartOfDomain/IsUrlPartOfDomain.yml index 69f7425f6be3..4f249416f947 100644 --- a/Packs/CommonScripts/Scripts/IsUrlPartOfDomain/IsUrlPartOfDomain.yml +++ b/Packs/CommonScripts/Scripts/IsUrlPartOfDomain/IsUrlPartOfDomain.yml @@ -26,7 +26,7 @@ script: '-' subtype: python3 timeout: '0' type: python -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - IsUrlPartOfDomain Test fromversion: 5.0.0 diff --git a/Packs/CommonScripts/Scripts/LoadJSON/LoadJSON.yml b/Packs/CommonScripts/Scripts/LoadJSON/LoadJSON.yml index 34e0685260b6..a8192910b197 100644 --- a/Packs/CommonScripts/Scripts/LoadJSON/LoadJSON.yml +++ b/Packs/CommonScripts/Scripts/LoadJSON/LoadJSON.yml @@ -7,18 +7,18 @@ type: python subtype: python3 tags: - Utility -comment: Loads a json from string input, and returns a json object result +comment: Loads a json from string input, and returns a json object result. enabled: true args: - name: input required: true default: true - description: Input string to transform to JSON object + description: Input string to transform to JSON object. outputs: - contextPath: JsonObject - description: The JSON object loaded from input + description: The JSON object loaded from input. scripttarget: 0 tests: - JSONtoCSV-Test fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/CommonScripts/Scripts/MarkAsNoteByTag/MarkAsNoteByTag.yml b/Packs/CommonScripts/Scripts/MarkAsNoteByTag/MarkAsNoteByTag.yml index 98cbf0db41be..7cb761f75319 100644 --- a/Packs/CommonScripts/Scripts/MarkAsNoteByTag/MarkAsNoteByTag.yml +++ b/Packs/CommonScripts/Scripts/MarkAsNoteByTag/MarkAsNoteByTag.yml @@ -7,15 +7,15 @@ type: python subtype: python3 tags: - Utility -comment: Mark entries as notes if they are tagged with given tag +comment: Mark entries as notes if they are tagged with given tag. enabled: true args: - name: tag required: true default: true - description: Entries with the given tag will be marked as notes + description: Entries with the given tag will be marked as notes. scripttarget: 0 fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/OnionURLReputation/OnionURLReputation.yml b/Packs/CommonScripts/Scripts/OnionURLReputation/OnionURLReputation.yml index 6c305f5f68b6..b05c37c7d130 100644 --- a/Packs/CommonScripts/Scripts/OnionURLReputation/OnionURLReputation.yml +++ b/Packs/CommonScripts/Scripts/OnionURLReputation/OnionURLReputation.yml @@ -15,5 +15,5 @@ tags: - reputation timeout: '0' type: python -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 5.0.0 diff --git a/Packs/CommonScripts/Scripts/PrintContext/PrintContext.yml b/Packs/CommonScripts/Scripts/PrintContext/PrintContext.yml index f091b42f2757..5545b5b622d2 100644 --- a/Packs/CommonScripts/Scripts/PrintContext/PrintContext.yml +++ b/Packs/CommonScripts/Scripts/PrintContext/PrintContext.yml @@ -7,7 +7,7 @@ type: python subtype: python3 tags: - Utility -comment: Pretty-print the contents of the playbook context +comment: Pretty-print the contents of the playbook context. system: true args: - name: outputformat @@ -17,6 +17,6 @@ scripttarget: 0 dependson: {} timeout: 0s fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/PrintErrorEntry/PrintErrorEntry.yml b/Packs/CommonScripts/Scripts/PrintErrorEntry/PrintErrorEntry.yml index 8aca2b532233..136420d6e6ca 100644 --- a/Packs/CommonScripts/Scripts/PrintErrorEntry/PrintErrorEntry.yml +++ b/Packs/CommonScripts/Scripts/PrintErrorEntry/PrintErrorEntry.yml @@ -7,7 +7,7 @@ script: '' type: python subtype: python3 tags: [] -comment: Prints an error entry with a given message +comment: Prints an error entry with a given message. enabled: true args: - name: message @@ -15,6 +15,6 @@ args: default: true required: true scripttarget: 0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/PrintRaw/PrintRaw.yml b/Packs/CommonScripts/Scripts/PrintRaw/PrintRaw.yml index a646107bc163..c150fae2c47f 100644 --- a/Packs/CommonScripts/Scripts/PrintRaw/PrintRaw.yml +++ b/Packs/CommonScripts/Scripts/PrintRaw/PrintRaw.yml @@ -13,7 +13,7 @@ args: description: The value to be represented. scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole tests: - No test - unit test diff --git a/Packs/CommonScripts/Scripts/ProvidesCommand/ProvidesCommand.yml b/Packs/CommonScripts/Scripts/ProvidesCommand/ProvidesCommand.yml index e486aacfbdcc..08111d135814 100644 --- a/Packs/CommonScripts/Scripts/ProvidesCommand/ProvidesCommand.yml +++ b/Packs/CommonScripts/Scripts/ProvidesCommand/ProvidesCommand.yml @@ -13,7 +13,7 @@ enabled: true args: - name: command required: true - description: The integration command to find + description: The integration command to find. - name: enabled auto: PREDEFINED predefined: @@ -25,7 +25,7 @@ dependson: must: - demisto-api-post - demisto-api-get -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole tests: - No test - unit test diff --git a/Packs/CommonScripts/Scripts/ReplaceMatchGroup/ReplaceMatchGroup.yml b/Packs/CommonScripts/Scripts/ReplaceMatchGroup/ReplaceMatchGroup.yml index 7b8992b73df6..cc5bd8015b42 100644 --- a/Packs/CommonScripts/Scripts/ReplaceMatchGroup/ReplaceMatchGroup.yml +++ b/Packs/CommonScripts/Scripts/ReplaceMatchGroup/ReplaceMatchGroup.yml @@ -20,7 +20,7 @@ args: required: true description: The replacement string. scripttarget: 0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole tests: - No test - unit test diff --git a/Packs/CommonScripts/Scripts/SCPPullFiles/SCPPullFiles.yml b/Packs/CommonScripts/Scripts/SCPPullFiles/SCPPullFiles.yml index 329e2259604c..1dfc7e5d8835 100644 --- a/Packs/CommonScripts/Scripts/SCPPullFiles/SCPPullFiles.yml +++ b/Packs/CommonScripts/Scripts/SCPPullFiles/SCPPullFiles.yml @@ -7,7 +7,7 @@ type: python subtype: python3 tags: - Utility -comment: Take a list of devices and pull a specific file (given by path) from each using SCP +comment: Take a list of devices and pull a specific file (given by path) from each using SCP. system: true args: - name: systems2files @@ -20,9 +20,9 @@ dependson: - copy-from timeout: 0s fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) marketplaces: - - xsoar - - marketplacev2 \ No newline at end of file +- xsoar +- marketplacev2 diff --git a/Packs/CommonScripts/Scripts/ScheduleGenericPolling/ScheduleGenericPolling.yml b/Packs/CommonScripts/Scripts/ScheduleGenericPolling/ScheduleGenericPolling.yml index 502aa7a71198..014551922068 100644 --- a/Packs/CommonScripts/Scripts/ScheduleGenericPolling/ScheduleGenericPolling.yml +++ b/Packs/CommonScripts/Scripts/ScheduleGenericPolling/ScheduleGenericPolling.yml @@ -47,4 +47,4 @@ args: scripttarget: 0 tests: - Generic Polling Test -dockerimage: demisto/python3:3.10.13.75921 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/CommonScripts/Scripts/ServerLogs/ServerLogs.yml b/Packs/CommonScripts/Scripts/ServerLogs/ServerLogs.yml index 99429641e6b4..09e8d2edf96f 100644 --- a/Packs/CommonScripts/Scripts/ServerLogs/ServerLogs.yml +++ b/Packs/CommonScripts/Scripts/ServerLogs/ServerLogs.yml @@ -1,8 +1,8 @@ -comment: Uses the ssh integration to grab the host server logs +comment: Uses the ssh integration to grab the host server logs. commonfields: id: ServerLogs version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: ServerLogs runas: DBotWeakRole diff --git a/Packs/CommonScripts/Scripts/ServerLogsDocker/ServerLogsDocker.yml b/Packs/CommonScripts/Scripts/ServerLogsDocker/ServerLogsDocker.yml index 0882448c7bef..b73b9393d382 100644 --- a/Packs/CommonScripts/Scripts/ServerLogsDocker/ServerLogsDocker.yml +++ b/Packs/CommonScripts/Scripts/ServerLogsDocker/ServerLogsDocker.yml @@ -1,8 +1,8 @@ -comment: Uses the ssh integration to grab the host server logs +comment: Uses the ssh integration to grab the host server logs. commonfields: id: ServerLogs_docker version: -1 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 enabled: true name: ServerLogs_docker runas: DBotWeakRole diff --git a/Packs/CommonScripts/Scripts/ShowIncidentIndicators/ShowIncidentIndicators.yml b/Packs/CommonScripts/Scripts/ShowIncidentIndicators/ShowIncidentIndicators.yml index e4b4df07f95b..8aa2158790d7 100644 --- a/Packs/CommonScripts/Scripts/ShowIncidentIndicators/ShowIncidentIndicators.yml +++ b/Packs/CommonScripts/Scripts/ShowIncidentIndicators/ShowIncidentIndicators.yml @@ -12,7 +12,7 @@ comment: |- enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 6.8.0 tests: diff --git a/Packs/CommonScripts/Scripts/ShowLocationOnMap/ShowLocationOnMap.yml b/Packs/CommonScripts/Scripts/ShowLocationOnMap/ShowLocationOnMap.yml index 7e1aba4cec3b..f33ea6c25860 100644 --- a/Packs/CommonScripts/Scripts/ShowLocationOnMap/ShowLocationOnMap.yml +++ b/Packs/CommonScripts/Scripts/ShowLocationOnMap/ShowLocationOnMap.yml @@ -2,7 +2,7 @@ commonfields: id: ShowLocationOnMap version: -1 name: ShowLocationOnMap -comment: Show indicator geo location on map +comment: Show indicator geo location on map. script: '-' type: python tags: @@ -10,7 +10,7 @@ tags: enabled: true scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 5.0.0 tests: diff --git a/Packs/CommonScripts/Scripts/StopTimeToAssignOnOwnerChange/StopTimeToAssignOnOwnerChange.yml b/Packs/CommonScripts/Scripts/StopTimeToAssignOnOwnerChange/StopTimeToAssignOnOwnerChange.yml index 67dce61d845a..14ade71a583c 100644 --- a/Packs/CommonScripts/Scripts/StopTimeToAssignOnOwnerChange/StopTimeToAssignOnOwnerChange.yml +++ b/Packs/CommonScripts/Scripts/StopTimeToAssignOnOwnerChange/StopTimeToAssignOnOwnerChange.yml @@ -13,13 +13,13 @@ comment: Stops the "Time To Assign" timer if the owner of the incident was chang enabled: true args: - name: old - description: The old value of the changed field + description: The old value of the changed field. - name: new - description: The new value of the changed field + description: The new value of the changed field. scripttarget: 0 runas: DBotWeakRole marketplaces: - xsoar tests: - SLA Scripts - Test -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 diff --git a/Packs/CommonScripts/Scripts/URLNumberOfAds/URLNumberOfAds.yml b/Packs/CommonScripts/Scripts/URLNumberOfAds/URLNumberOfAds.yml index fcac389f6115..b07a541dbc8e 100644 --- a/Packs/CommonScripts/Scripts/URLNumberOfAds/URLNumberOfAds.yml +++ b/Packs/CommonScripts/Scripts/URLNumberOfAds/URLNumberOfAds.yml @@ -7,27 +7,27 @@ type: python subtype: python3 tags: - Utility -comment: Fetches the numbers of ads in the given url +comment: Fetches the numbers of ads in the given url. enabled: true args: - name: url required: true default: true - description: URL to load and count ads on + description: URL to load and count ads on. - name: easylist - description: Optional easylist to get ads from + description: Optional easylist to get ads from. defaultValue: "https://easylist.github.io/easylist/easylist.txt" outputs: - contextPath: Ads.URL - description: Ad URL found + description: Ad URL found. - contextPath: Ads.Count - description: The count for the ad found + description: The count for the ad found. - contextPath: URL.Data - description: The URL we are checking + description: The URL we are checking. - contextPath: URL.AdsCount - description: The ads count on the URL + description: The ads count on the URL. scripttarget: 0 fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/URLReputation/URLReputation.yml b/Packs/CommonScripts/Scripts/URLReputation/URLReputation.yml index 30eb3813975d..b1a41627864f 100644 --- a/Packs/CommonScripts/Scripts/URLReputation/URLReputation.yml +++ b/Packs/CommonScripts/Scripts/URLReputation/URLReputation.yml @@ -7,15 +7,15 @@ type: python subtype: python3 tags: - enhancement -comment: A context script for URL entities +comment: A context script for URL entities. enabled: true args: - name: url required: true default: true - description: URL to look up + description: URL to look up. scripttarget: 0 fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/UtilAnyResults/UtilAnyResults.yml b/Packs/CommonScripts/Scripts/UtilAnyResults/UtilAnyResults.yml index c18445847852..28c6f4a72885 100644 --- a/Packs/CommonScripts/Scripts/UtilAnyResults/UtilAnyResults.yml +++ b/Packs/CommonScripts/Scripts/UtilAnyResults/UtilAnyResults.yml @@ -19,6 +19,6 @@ scripttarget: 0 dependson: {} timeout: 0s fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 tests: - No tests (auto formatted) diff --git a/Packs/CommonScripts/Scripts/VerifyCIDR/VerifyCIDR.yml b/Packs/CommonScripts/Scripts/VerifyCIDR/VerifyCIDR.yml index fc43f766c395..e5bc0ce5b0b3 100644 --- a/Packs/CommonScripts/Scripts/VerifyCIDR/VerifyCIDR.yml +++ b/Packs/CommonScripts/Scripts/VerifyCIDR/VerifyCIDR.yml @@ -15,7 +15,7 @@ timeout: '0' type: python subtype: python3 runas: DBotWeakRole -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 fromversion: 6.5.0 tests: - VerifyCIDR-Test diff --git a/Packs/CommonScripts/Scripts/ZipStringsArrays/ZipStringsArrays.yml b/Packs/CommonScripts/Scripts/ZipStringsArrays/ZipStringsArrays.yml index d2c678b2867f..7a686847acda 100644 --- a/Packs/CommonScripts/Scripts/ZipStringsArrays/ZipStringsArrays.yml +++ b/Packs/CommonScripts/Scripts/ZipStringsArrays/ZipStringsArrays.yml @@ -25,7 +25,7 @@ outputs: type: string scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.83255 runas: DBotWeakRole fromversion: 6.0.0 comment: 'Joins values from two lists by index according to a given format.' diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index aeab34f841f7..7fb8e89f1527 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.13.2", + "currentVersion": "1.13.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 7f43d77e3a9a82444099e9beea507e27135590e0 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 09:03:37 +0200 Subject: [PATCH 36/50] Update Docker Image To demisto/crypto (#31471) * Updated Metadata Of Pack AzureFirewall * Added release notes to pack AzureFirewall * Packs/AzureFirewall/Integrations/AzureFirewall/AzureFirewall.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphIdentityandAccess * Added release notes to pack MicrosoftGraphIdentityandAccess * Packs/MicrosoftGraphIdentityandAccess/Integrations/MicrosoftGraphIdentityandAccess/MicrosoftGraphIdentityandAccess.yml Docker image update * Updated Metadata Of Pack AzureLogAnalytics * Added release notes to pack AzureLogAnalytics * Packs/AzureLogAnalytics/Integrations/AzureLogAnalytics/AzureLogAnalytics.yml Docker image update --- .../AzureFirewall/Integrations/AzureFirewall/AzureFirewall.yml | 2 +- Packs/AzureFirewall/ReleaseNotes/1_1_33.md | 3 +++ Packs/AzureFirewall/pack_metadata.json | 2 +- .../Integrations/AzureLogAnalytics/AzureLogAnalytics.yml | 2 +- Packs/AzureLogAnalytics/ReleaseNotes/1_1_23.md | 3 +++ Packs/AzureLogAnalytics/pack_metadata.json | 2 +- .../MicrosoftGraphIdentityandAccess.yml | 2 +- Packs/MicrosoftGraphIdentityandAccess/ReleaseNotes/1_2_39.md | 3 +++ Packs/MicrosoftGraphIdentityandAccess/pack_metadata.json | 2 +- 9 files changed, 15 insertions(+), 6 deletions(-) create mode 100644 Packs/AzureFirewall/ReleaseNotes/1_1_33.md create mode 100644 Packs/AzureLogAnalytics/ReleaseNotes/1_1_23.md create mode 100644 Packs/MicrosoftGraphIdentityandAccess/ReleaseNotes/1_2_39.md diff --git a/Packs/AzureFirewall/Integrations/AzureFirewall/AzureFirewall.yml b/Packs/AzureFirewall/Integrations/AzureFirewall/AzureFirewall.yml index d0e88d6377d6..16d94e009120 100644 --- a/Packs/AzureFirewall/Integrations/AzureFirewall/AzureFirewall.yml +++ b/Packs/AzureFirewall/Integrations/AzureFirewall/AzureFirewall.yml @@ -1089,7 +1089,7 @@ script: - contextPath: AzureFirewall.ResourceGroup.type description: The type of the resource group. type: String - dockerimage: demisto/crypto:1.0.0.80214 + dockerimage: demisto/crypto:1.0.0.83343 runonce: false script: '-' subtype: python3 diff --git a/Packs/AzureFirewall/ReleaseNotes/1_1_33.md b/Packs/AzureFirewall/ReleaseNotes/1_1_33.md new file mode 100644 index 000000000000..3a6d1ab5a5fe --- /dev/null +++ b/Packs/AzureFirewall/ReleaseNotes/1_1_33.md @@ -0,0 +1,3 @@ +#### Integrations +##### Azure Firewall +- Updated the Docker image to: *demisto/crypto:1.0.0.83343*. diff --git a/Packs/AzureFirewall/pack_metadata.json b/Packs/AzureFirewall/pack_metadata.json index 8fc77dca9698..41c243d0b736 100644 --- a/Packs/AzureFirewall/pack_metadata.json +++ b/Packs/AzureFirewall/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Azure Firewall", "description": "Azure Firewall is a cloud-native and intelligent network firewall security service that provides breed threat protection for cloud workloads running in Azure.It's a fully stateful, firewall as a service with built-in high availability and unrestricted cloud scalability.", "support": "xsoar", - "currentVersion": "1.1.32", + "currentVersion": "1.1.33", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/AzureLogAnalytics/Integrations/AzureLogAnalytics/AzureLogAnalytics.yml b/Packs/AzureLogAnalytics/Integrations/AzureLogAnalytics/AzureLogAnalytics.yml index fd58618ec32a..1109d45f325f 100644 --- a/Packs/AzureLogAnalytics/Integrations/AzureLogAnalytics/AzureLogAnalytics.yml +++ b/Packs/AzureLogAnalytics/Integrations/AzureLogAnalytics/AzureLogAnalytics.yml @@ -683,7 +683,7 @@ script: name: workspace_name description: Delete a Log Analytics workspace table. We recommend you delete the search job when you're done querying the table. This reduces workspace clutter and extra charges for data retention. name: azure-log-analytics-delete-search-job - dockerimage: demisto/crypto:1.0.0.80214 + dockerimage: demisto/crypto:1.0.0.83343 runonce: false script: '-' subtype: python3 diff --git a/Packs/AzureLogAnalytics/ReleaseNotes/1_1_23.md b/Packs/AzureLogAnalytics/ReleaseNotes/1_1_23.md new file mode 100644 index 000000000000..5fcb83deb75a --- /dev/null +++ b/Packs/AzureLogAnalytics/ReleaseNotes/1_1_23.md @@ -0,0 +1,3 @@ +#### Integrations +##### Azure Log Analytics +- Updated the Docker image to: *demisto/crypto:1.0.0.83343*. diff --git a/Packs/AzureLogAnalytics/pack_metadata.json b/Packs/AzureLogAnalytics/pack_metadata.json index 8cbbcd144536..fe66c0bb1b75 100644 --- a/Packs/AzureLogAnalytics/pack_metadata.json +++ b/Packs/AzureLogAnalytics/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Azure Log Analytics", "description": "Log Analytics is a service that helps you collect and analyze data generated by resources in your cloud and on-premises environments.", "support": "xsoar", - "currentVersion": "1.1.22", + "currentVersion": "1.1.23", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/MicrosoftGraphIdentityandAccess/Integrations/MicrosoftGraphIdentityandAccess/MicrosoftGraphIdentityandAccess.yml b/Packs/MicrosoftGraphIdentityandAccess/Integrations/MicrosoftGraphIdentityandAccess/MicrosoftGraphIdentityandAccess.yml index 95ebcff97f79..04e4d16c9429 100644 --- a/Packs/MicrosoftGraphIdentityandAccess/Integrations/MicrosoftGraphIdentityandAccess/MicrosoftGraphIdentityandAccess.yml +++ b/Packs/MicrosoftGraphIdentityandAccess/Integrations/MicrosoftGraphIdentityandAccess/MicrosoftGraphIdentityandAccess.yml @@ -455,7 +455,7 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/crypto:1.0.0.80214 + dockerimage: demisto/crypto:1.0.0.83343 fromversion: 5.0.0 defaultmapperin: Microsoft Graph Identity and Access Incoming Mapper defaultclassifier: Microsoft Graph Identity and Access Classifier diff --git a/Packs/MicrosoftGraphIdentityandAccess/ReleaseNotes/1_2_39.md b/Packs/MicrosoftGraphIdentityandAccess/ReleaseNotes/1_2_39.md new file mode 100644 index 000000000000..fa9bc8abb9c0 --- /dev/null +++ b/Packs/MicrosoftGraphIdentityandAccess/ReleaseNotes/1_2_39.md @@ -0,0 +1,3 @@ +#### Integrations +##### Azure Active Directory Identity And Access +- Updated the Docker image to: *demisto/crypto:1.0.0.83343*. diff --git a/Packs/MicrosoftGraphIdentityandAccess/pack_metadata.json b/Packs/MicrosoftGraphIdentityandAccess/pack_metadata.json index f14901f9ac2d..c961df826e33 100644 --- a/Packs/MicrosoftGraphIdentityandAccess/pack_metadata.json +++ b/Packs/MicrosoftGraphIdentityandAccess/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Graph Identity and Access", "description": "Use this pack to manage roles and members in Microsoft.", "support": "xsoar", - "currentVersion": "1.2.38", + "currentVersion": "1.2.39", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From f094adffeb3343d8bae0720c37cb9061eb6e50ba Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 09:07:04 +0200 Subject: [PATCH 37/50] Update Docker Image To demisto/opnsense (#31473) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update --- Packs/OPNSense/Integrations/OPNSense/OPNSense.yml | 2 +- Packs/OPNSense/ReleaseNotes/1_0_20.md | 3 +++ Packs/OPNSense/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/OPNSense/ReleaseNotes/1_0_20.md diff --git a/Packs/OPNSense/Integrations/OPNSense/OPNSense.yml b/Packs/OPNSense/Integrations/OPNSense/OPNSense.yml index f5211293b48c..b59f856bddd5 100644 --- a/Packs/OPNSense/Integrations/OPNSense/OPNSense.yml +++ b/Packs/OPNSense/Integrations/OPNSense/OPNSense.yml @@ -958,7 +958,7 @@ script: description: Rollback revision. description: Revert config to given savepoint. outputs: [] - dockerimage: demisto/opnsense:1.0.0.80743 + dockerimage: demisto/opnsense:1.0.0.83388 subtype: python3 fromversion: 6.0.0 tests: diff --git a/Packs/OPNSense/ReleaseNotes/1_0_20.md b/Packs/OPNSense/ReleaseNotes/1_0_20.md new file mode 100644 index 000000000000..5c17c12bdee5 --- /dev/null +++ b/Packs/OPNSense/ReleaseNotes/1_0_20.md @@ -0,0 +1,3 @@ +#### Integrations +##### OPNSense +- Updated the Docker image to: *demisto/opnsense:1.0.0.83388*. diff --git a/Packs/OPNSense/pack_metadata.json b/Packs/OPNSense/pack_metadata.json index ebfbb46443a0..12662762dc1d 100644 --- a/Packs/OPNSense/pack_metadata.json +++ b/Packs/OPNSense/pack_metadata.json @@ -2,7 +2,7 @@ "name": "OPNSense", "description": "Manage OPNsense Firewall", "support": "partner", - "currentVersion": "1.0.19", + "currentVersion": "1.0.20", "author": "SecInfra", "url": "http://secinfra.fr", "email": "support@secinfra.fr", From 01830aadedfb5c763a3c320adb0baa44e129bead Mon Sep 17 00:00:00 2001 From: Judah Schwartz Date: Thu, 14 Dec 2023 10:26:36 +0200 Subject: [PATCH 38/50] added logs (#31229) * added logs * Apply suggestions from code review * add rn * change image --- .../FreshworksFreshservice.py | 13 +++++++++++-- .../FreshworksFreshservice.yml | 2 +- Packs/FreshworksFreshservice/ReleaseNotes/1_0_19.md | 7 +++++++ Packs/FreshworksFreshservice/pack_metadata.json | 2 +- 4 files changed, 20 insertions(+), 4 deletions(-) create mode 100644 Packs/FreshworksFreshservice/ReleaseNotes/1_0_19.md diff --git a/Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.py b/Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.py index b91afe8ed9e1..d42da1756724 100644 --- a/Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.py +++ b/Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.py @@ -3283,6 +3283,7 @@ def get_last_run(args: dict[str, Any], ticket_type: str) -> tuple: Tuple: Updated last run arguments. """ last_run = demisto.getLastRun() + demisto.debug(f'get_last_run {last_run=}') ticket_last_run = last_run.get(ticket_type) last_run_id = None @@ -3368,7 +3369,6 @@ def fetch_relevant_tickets_by_ticket_type( if all((alert_property := alert.get(key)) is None or properties == ['All'] or alert_property in properties for key, properties in alert_properties): - # fetch task for each ticket if true if fetch_ticket_task: freshservice_request = get_command_request( @@ -3386,6 +3386,10 @@ def fetch_relevant_tickets_by_ticket_type( # insert only limited number of tickets according max_fetch_per_ticket_type. if len(alerts) == max_fetch_per_ticket_type: break + else: + demisto.debug(f'filtering out alert {alert_id} due to properties arent according to defined properties') + else: + demisto.debug(f'filtering out alert {alert_id} due to time') return alerts, incidents @@ -3443,19 +3447,23 @@ def fetch_incidents(client: Client, params: dict): ticket_types, alert_properties = get_alert_properties(params) fetch_ticket_task = argToBoolean(params['fetch_ticket_task']) + demisto.debug(f'fetch_incidents {ticket_types=} {alert_properties=} {fetch_ticket_task=}') # use condition statement to avoid mypy error if (max_fetch := arg_to_number(params['max_fetch'])) is not None: max_fetch_per_ticket_type = max_fetch // len(ticket_types) + demisto.debug(f'fetch-incidents {max_fetch_per_ticket_type=}') incidents = [] last_run = {} for alert_type in ticket_types: + demisto.debug(f'fetching {alert_type=}') ticket_type = FETCH_TICKET_TYPE[alert_type] last_run_id, last_run_datetime, last_run_datetime_str = get_last_run( params, ticket_type) + demisto.debug(f'last run info {last_run_id=} {last_run_datetime_str=}') freshservice_request = get_command_request(client, ticket_type) request_args = { @@ -3499,8 +3507,9 @@ def fetch_incidents(client: Client, params: dict): 'id': last_run_id, 'time': last_run_datetime_str } - + demisto.debug(f'setting last run {last_run=}') demisto.setLastRun(last_run) + demisto.debug(f'{len(incidents)=}') demisto.incidents(incidents) diff --git a/Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml b/Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml index 75ddd7c8101a..f4d475fe8c2f 100644 --- a/Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml +++ b/Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml @@ -3448,7 +3448,7 @@ script: name: lastUpdate description: Gets the list of incidents that were modified since the last update time. Note that this method is here for debugging purposes. The get-modified-remote-data command is used as part of a Mirroring feature, which is available in Cortex XSOAR from version 6.1. name: get-modified-remote-data - dockerimage: demisto/python3:3.10.13.82980 + dockerimage: demisto/python3:3.10.13.83255 isfetch: true ismappable: true isremotesyncin: true diff --git a/Packs/FreshworksFreshservice/ReleaseNotes/1_0_19.md b/Packs/FreshworksFreshservice/ReleaseNotes/1_0_19.md new file mode 100644 index 000000000000..2eab8b1abae2 --- /dev/null +++ b/Packs/FreshworksFreshservice/ReleaseNotes/1_0_19.md @@ -0,0 +1,7 @@ + +#### Integrations + +##### Freshworks Freshservice + +- Added more debug logs. +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/FreshworksFreshservice/pack_metadata.json b/Packs/FreshworksFreshservice/pack_metadata.json index 491115866fbb..176a5865a237 100644 --- a/Packs/FreshworksFreshservice/pack_metadata.json +++ b/Packs/FreshworksFreshservice/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Freshworks Freshservice", "description": "Freshservice is a service management solution that allows customers to manage service requests, incidents, change requests tasks, and problem investigation.", "support": "xsoar", - "currentVersion": "1.0.18", + "currentVersion": "1.0.19", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 556b836a77a9b7e2a90ba2bad15608b6ae46ba19 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 11:16:52 +0200 Subject: [PATCH 39/50] EWS o365 eml download/incident creation inconsistencies (#31326) * EWS o365 eml download/incident creation inconsistencies (#31146) * Corrects incident occurred time to use datetime_received to match fetch email search parameters. Adjusts header validation in get item as eml and parse incident as item to match header keys in a case-insensitive way. Applies SMTP and SMTPUTF8 email policies when creating eml files based on the presence of non-ascii characters * corrects tests to expect \r\n and initialize message objects with datetime_received * corrects contenttype header check to also be lowercase * fix line length * updated release notes * test for header integrity in parse_incident_from_item function * Test for get_item_as_eml file result * reduced line lengths * updating some formatting * updated to latest version of py3ews and updated release notes to include the change * adds newline for validation * Update 1_2_32.md * updates to release notes based on feedback * another edit to the release notes * Update docker * Update docker * remove extra blank line --------- Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> * remove folder-path from test pb * Update docker * Update 1_2_32.md * Bump pack from version MicrosoftExchangeOnline to 1.2.33. --------- Co-authored-by: Isaiah Eichen Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: adi88d Co-authored-by: Content Bot --- .../playbook-EWS-Searchmailbox-Test.yml | 2 - .../Integrations/EWSO365/EWSO365.py | 28 ++-- .../Integrations/EWSO365/EWSO365.yml | 2 +- .../Integrations/EWSO365/EWSO365_test.py | 132 +++++++++++++++++- .../ReleaseNotes/1_2_33.md | 11 ++ .../pack_metadata.json | 2 +- 6 files changed, 158 insertions(+), 19 deletions(-) create mode 100644 Packs/MicrosoftExchangeOnline/ReleaseNotes/1_2_33.md diff --git a/Packs/MicrosoftExchangeOnPremise/TestPlaybooks/playbook-EWS-Searchmailbox-Test.yml b/Packs/MicrosoftExchangeOnPremise/TestPlaybooks/playbook-EWS-Searchmailbox-Test.yml index 0b0cad60ed49..210c4594bc09 100644 --- a/Packs/MicrosoftExchangeOnPremise/TestPlaybooks/playbook-EWS-Searchmailbox-Test.yml +++ b/Packs/MicrosoftExchangeOnPremise/TestPlaybooks/playbook-EWS-Searchmailbox-Test.yml @@ -258,8 +258,6 @@ tasks: '#none#': - "9" scriptarguments: - folder-path: - simple: Inbox limit: simple: "1" query: diff --git a/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.py b/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.py index 31d11529ece0..2fafbdc77f94 100644 --- a/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.py +++ b/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.py @@ -19,6 +19,7 @@ import logging import warnings import email +from email.policy import SMTP, SMTPUTF8 from requests.exceptions import ConnectionError from multiprocessing import Process import exchangelib @@ -2006,20 +2007,22 @@ def get_item_as_eml(client: EWSClient, item_id, target_mailbox=None): # pra if item.mime_content: mime_content = item.mime_content + email_policy = SMTP if mime_content.isascii() else SMTPUTF8 if isinstance(mime_content, bytes): - email_content = email.message_from_bytes(mime_content) + email_content = email.message_from_bytes(mime_content, policy=email_policy) else: - email_content = email.message_from_string(mime_content) + email_content = email.message_from_string(mime_content, policy=email_policy) if item.headers: + # compare header keys case-insensitive attached_email_headers = [ - (h, " ".join(map(str.strip, v.split("\r\n")))) + (h.lower(), " ".join(map(str.strip, v.split("\r\n")))) for (h, v) in list(email_content.items()) ] for header in item.headers: if ( - header.name, + header.name.lower(), header.value, - ) not in attached_email_headers and header.name != "Content-Type": + ) not in attached_email_headers and header.name.lower() != "content-type": email_content.add_header(header.name, header.value) eml_name = item.subject if item.subject else "demisto_untitled_eml" @@ -2048,7 +2051,7 @@ def parse_incident_from_item(item): # pragma: no cover incident["details"] = item.body incident["name"] = item.subject labels.append({"type": "Email/subject", "value": item.subject}) - incident["occurred"] = item.datetime_created.ewsformat() + incident["occurred"] = item.datetime_received.ewsformat() # handle recipients if item.to_recipients: @@ -2132,11 +2135,14 @@ def parse_incident_from_item(item): # pragma: no cover # save the attachment if attachment.item.mime_content: mime_content = attachment.item.mime_content + email_policy = SMTP if mime_content.isascii() else SMTPUTF8 if isinstance(mime_content, str) and not mime_content.isascii(): mime_content = mime_content.encode() - attached_email = email.message_from_bytes(mime_content) if isinstance(mime_content, bytes) \ - else email.message_from_string(mime_content) + attached_email = email.message_from_bytes(mime_content, policy=email_policy) \ + if isinstance(mime_content, bytes) \ + else email.message_from_string(mime_content, policy=email_policy) if attachment.item.headers: + # compare header keys case-insensitive attached_email_headers = [] for h, v in attached_email.items(): if not isinstance(v, str): @@ -2147,12 +2153,12 @@ def parse_incident_from_item(item): # pragma: no cover continue v = ' '.join(map(str.strip, v.split('\r\n'))) - attached_email_headers.append((h, v)) + attached_email_headers.append((h.lower(), v)) for header in attachment.item.headers: if ( - (header.name, header.value) + (header.name.lower(), header.value) not in attached_email_headers - and header.name != "Content-Type" + and header.name.lower() != "content-type" ): attached_email.add_header(header.name, header.value) attached_email_bytes = attached_email.as_bytes() diff --git a/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.yml b/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.yml index 38315a3c20c3..fcb72e5e5b6c 100644 --- a/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.yml +++ b/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365.yml @@ -959,7 +959,7 @@ script: - description: Run this command if for some reason you need to rerun the authentication process. name: ews-auth-reset arguments: [] - dockerimage: demisto/py3ews:1.0.0.80814 + dockerimage: demisto/py3ews:1.0.0.83462 isfetch: true script: '' subtype: python3 diff --git a/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365_test.py b/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365_test.py index ec48360a9901..07398df585f3 100644 --- a/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365_test.py +++ b/Packs/MicrosoftExchangeOnline/Integrations/EWSO365/EWSO365_test.py @@ -6,12 +6,13 @@ from exchangelib import EWSDate, EWSDateTime, EWSTimeZone from exchangelib.attachments import AttachmentId, ItemAttachment from exchangelib.items import Item, Message +from exchangelib.properties import MessageHeader from freezegun import freeze_time from EWSO365 import (ExpandGroup, GetSearchableMailboxes, EWSClient, fetch_emails_as_incidents, add_additional_headers, fetch_last_emails, find_folders, get_expanded_group, get_searchable_mailboxes, handle_html, - handle_transient_files, parse_incident_from_item, parse_item_as_dict) + handle_transient_files, parse_incident_from_item, parse_item_as_dict, get_item_as_eml) with open("test_data/commands_outputs.json") as f: COMMAND_OUTPUTS = json.load(f) @@ -508,13 +509,13 @@ def mock_get_folder_by_path(path, account=None, is_public=False): @pytest.mark.parametrize("mime_content, expected_data, expected_attachmentSHA256", [ (b'\xc400', - '\nÄ00', + '\r\nÄ00', '90daab88e6fac673e12acbbe28879d8d2b60fc2f524f1c2ff02fccb8e3e526a8'), ("Hello, this is a sample email with non-ASCII characters: é, ñ, ü.", - "\nHello, this is a sample email with non-ASCII characters: é, ñ, ü.", + "\r\nHello, this is a sample email with non-ASCII characters: é, ñ, ü.", "228d032fb728b3f86c49084b7d99ec37e913789415789084cd44fd94ea4647b7"), ("Hello, this is a sample email with ASCII characters", - "\nHello, this is a sample email with ASCII characters", + "\r\nHello, this is a sample email with ASCII characters", "84f8a0dec6732c2341eeb7b05ebdbe919e7092bcaf6505fbd6cda495d89b55d6") ]) def test_parse_incident_from_item(mocker, mime_content, expected_data, expected_attachmentSHA256): @@ -533,6 +534,7 @@ def test_parse_incident_from_item(mocker, mime_content, expected_data, expected_ """ mock_file_result = mocker.patch('EWSO365.fileResult') message = Message( + datetime_received=EWSDate(year=2021, month=1, day=25), datetime_created=EWSDate(year=2021, month=1, day=25), to_recipients=[], attachments=[ @@ -569,6 +571,7 @@ def test_parse_incident_from_item_with_attachments(): b'nUT26MNdeTzcQSwK679doIz5Avpv8Ps2H/aBkBamwRNOCJBkl7iCHyy+04yRj3ghikw3u/ufIFHi0sQ7QG95mO1PVPLibv9A==' message = Message( + datetime_received=EWSDate(year=2021, month=1, day=25), datetime_created=EWSDate(year=2021, month=1, day=25), to_recipients=[], attachments=[ @@ -583,6 +586,66 @@ def test_parse_incident_from_item_with_attachments(): assert incident['attachment'] +def test_parse_incident_from_item_with_eml_attachment_header_integrity(mocker): + """ + Given: + 1. Message with EML attachment + 2. Attachment Item Header Keys differ in case from mime content case + + When: + - Parsing incident from item + + Verify: + - Result EML attachment headers are intact + + """ + + # raw mime data + content = b'MIME-Version: 1.0\r\n' \ + b'Message-ID:\r\n' \ + b' ' \ + b'Content-Type: text/plain; charset="us-ascii"\r\n' \ + b'X-FAKE-Header: HVALue\r\n' \ + b'X-Who-header: whovALUE\r\n' \ + b'\r\nHello' + # headers set in the Item + item_headers = [ + # these headers may have different casing than what exists in the raw content + MessageHeader(name="Mime-Version", value="1.0"), + MessageHeader(name="Content-Type", value="text/plain; charset=\"us-ascii\""), + MessageHeader(name="X-Fake-Header", value="HVALue"), + MessageHeader(name="X-WHO-header", value="whovALUE"), + # This is an extra header logged by exchange in the item -> add to the output + MessageHeader(name="X-EXTRA-Missed-Header", value="EXTRA") + ] + + # sent to "fileResult", original headers from content with matched casing, with additional header + expected_data = 'MIME-Version: 1.0\r\n' \ + 'Message-ID: ' \ + '\r\nX-FAKE-Header: HVALue\r\n' \ + 'X-Who-header: whovALUE\r\n' \ + 'X-EXTRA-Missed-Header: EXTRA' \ + '\r\n' \ + '\r\nHello' + + message = Message( + datetime_received=EWSDate(year=2021, month=1, day=25), + datetime_created=EWSDate(year=2021, month=1, day=25), + to_recipients=[], + attachments=[ + ItemAttachment( + item=Item(mime_content=content, headers=item_headers), + attachment_id=AttachmentId(), + last_modified_time=EWSDate(year=2021, month=1, day=25), + ), + ], + ) + mock_file_result = mocker.patch('EWSO365.fileResult') + parse_incident_from_item(message) + # assert the fileResult is created with the expected results + mock_file_result.assert_called_once_with("demisto_untitled_attachment.eml", expected_data) + + @pytest.mark.parametrize('params, expected_result', [ ({'_tenant_id': '_tenant_id', '_client_id': '_client_id', 'default_target_mailbox': 'default_target_mailbox'}, 'Key / Application Secret must be provided.'), @@ -656,3 +719,64 @@ def test_categories_parse_item_as_dict(): return_value = parse_item_as_dict(message) assert return_value.get("categories") == ['Purple category', 'Orange category'] + + +@pytest.mark.parametrize("subject, expected_file_name", [ + ("test_subject", "test_subject.eml"), + ("", "demisto_untitled_eml.eml"), + ("another subject", "another subject.eml") +]) +def test_get_item_as_eml(subject, expected_file_name, mocker): + """ + Given + 1. An Item Exists in the Target Mailbox + 2. That Item Can be Retrieved By Item ID + When + - Requesting Item As EML + + Then + - Item is converted to an EML with the correct filename and headers intact. + + """ + content = b'MIME-Version: 1.0\r\n' \ + b'Message-ID:\r\n' \ + b' ' \ + b'Content-Type: text/plain; charset="us-ascii"\r\n' \ + b'X-FAKE-Header: HVALue\r\n' \ + b'X-Who-header: whovALUE\r\n' \ + b'\r\nHello' + + # headers set in the Item + item_headers = [ + # these headers may have different casing than what exists in the raw content + MessageHeader(name="Mime-Version", value="1.0"), + MessageHeader(name="Content-Type", value="text/plain; charset=\"us-ascii\""), + MessageHeader(name="X-Fake-Header", value="HVALue"), + MessageHeader(name="X-WHO-header", value="whovALUE"), + # This is an extra header logged by exchange in the item -> add to the output + MessageHeader(name="X-EXTRA-Missed-Header", value="EXTRA") + ] + expected_data = 'MIME-Version: 1.0\r\n' \ + 'Message-ID: \r\n' \ + 'X-FAKE-Header: HVALue\r\n' \ + 'X-Who-header: whovALUE\r\n' \ + 'X-EXTRA-Missed-Header: EXTRA' \ + '\r\n' \ + '\r\nHello' + + class MockEWSClient: + + def __init__(self, *args, **kwargs): + pass + + def get_account(self, target_mailbox): + return "Account" + + def get_item_from_mailbox(self, account, item_id): + + return Item(mime_content=content, headers=item_headers, subject=subject) + mock_file_result = mocker.patch('EWSO365.fileResult') + + get_item_as_eml(MockEWSClient(), "item", "account@test.com") + + mock_file_result.assert_called_once_with(expected_file_name, expected_data) diff --git a/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_2_33.md b/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_2_33.md new file mode 100644 index 000000000000..b0e8bf65bee7 --- /dev/null +++ b/Packs/MicrosoftExchangeOnline/ReleaseNotes/1_2_33.md @@ -0,0 +1,11 @@ + +#### Integrations + +##### EWS O365 + +- Fixed a bug when fetching incidents that could result in an incident fetch loop. +- Fixed a bug in the ***ews-get-items-as-eml*** command and **fetch_emails_as_incidents** that + could result in duplicated headers in EML file results. +- Fixed an issue so that EML files downloaded from ***ews-get-items-as-eml*** command and **fetch_emails_as_incidents** will now + retain CRLF line separators +- Updated the Docker image to: *demisto/py3ews:1.0.0.83462*. diff --git a/Packs/MicrosoftExchangeOnline/pack_metadata.json b/Packs/MicrosoftExchangeOnline/pack_metadata.json index 98681e41c30c..ba5ec63cc973 100644 --- a/Packs/MicrosoftExchangeOnline/pack_metadata.json +++ b/Packs/MicrosoftExchangeOnline/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Exchange Online", "description": "Exchange Online and Office 365 (mail)", "support": "xsoar", - "currentVersion": "1.2.32", + "currentVersion": "1.2.33", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 339b2a69dafbb630b620161f228aad813c12d52e Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 12:03:59 +0200 Subject: [PATCH 40/50] Update Docker Image To demisto/teams (#31448) * Updated Metadata Of Pack CommonScripts * Added release notes to pack CommonScripts * Packs/CommonScripts/Scripts/GenerateAsBuilt/GenerateAsBuilt.yml Docker image update * Bump pack from version CommonScripts to 1.13.2. * Bump pack from version CommonScripts to 1.13.4. --------- Co-authored-by: Content Bot --- Packs/CommonScripts/ReleaseNotes/1_13_4.md | 4 ++++ .../CommonScripts/Scripts/GenerateAsBuilt/GenerateAsBuilt.yml | 2 +- Packs/CommonScripts/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_13_4.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_13_4.md b/Packs/CommonScripts/ReleaseNotes/1_13_4.md new file mode 100644 index 000000000000..66b182c636b1 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_13_4.md @@ -0,0 +1,4 @@ + +#### Scripts +##### GenerateAsBuilt +- Updated the Docker image to: *demisto/teams:1.0.0.83464*. \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/GenerateAsBuilt/GenerateAsBuilt.yml b/Packs/CommonScripts/Scripts/GenerateAsBuilt/GenerateAsBuilt.yml index 953034b3d63e..89f98d58265f 100644 --- a/Packs/CommonScripts/Scripts/GenerateAsBuilt/GenerateAsBuilt.yml +++ b/Packs/CommonScripts/Scripts/GenerateAsBuilt/GenerateAsBuilt.yml @@ -22,7 +22,7 @@ subtype: python3 timeout: '0' type: python fromversion: 6.0.0 -dockerimage: demisto/teams:1.0.0.43500 +dockerimage: demisto/teams:1.0.0.83464 tests: - No tests (auto formatted) marketplaces: diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index 7fb8e89f1527..1d7c0fcdb46f 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.13.3", + "currentVersion": "1.13.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 8951261b9d1e8843c759e4ab29fedd1cfb510611 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 12:18:52 +0200 Subject: [PATCH 41/50] Update Docker Image To demisto/python3 (#31470) * Updated Metadata Of Pack SymantecCloudSecureWebGateway * Added release notes to pack SymantecCloudSecureWebGateway * Packs/SymantecCloudSecureWebGateway/Integrations/SymantecCloudSecureWebGatewayEventCollector/SymantecCloudSecureWebGatewayEventCollector.yml Docker image update * Updated Metadata Of Pack Lumu * Added release notes to pack Lumu * Packs/Lumu/Integrations/Lumu/Lumu.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack Wiz * Added release notes to pack Wiz * Packs/Wiz/Integrations/Wiz/Wiz.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack SalesforceFusion * Added release notes to pack SalesforceFusion * Packs/SalesforceFusion/Integrations/SalesforceFusionIAM/SalesforceFusionIAM.yml Docker image update * Updated Metadata Of Pack RecordedFuture * Added release notes to pack RecordedFuture * Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.yml Docker image update * Packs/RecordedFuture/Integrations/RecordedFutureLists/RecordedFutureLists.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook --- .../AbnormalSecurity/AbnormalSecurity.yml | 2 +- Packs/AbnormalSecurity/ReleaseNotes/2_2_1.md | 3 ++ Packs/AbnormalSecurity/pack_metadata.json | 2 +- .../Integrations/BinalyzeAIR/BinalyzeAIR.yml | 2 +- Packs/Binalyze/ReleaseNotes/1_1_2.md | 3 ++ Packs/Binalyze/pack_metadata.json | 2 +- .../Integrations/FeedLOLBAS/FeedLOLBAS.yml | 2 +- Packs/FeedLOLBAS/ReleaseNotes/1_0_13.md | 3 ++ Packs/FeedLOLBAS/pack_metadata.json | 2 +- .../FlashpointFeed/FlashpointFeed.yml | 2 +- Packs/FlashpointFeed/ReleaseNotes/1_0_22.md | 3 ++ Packs/FlashpointFeed/pack_metadata.json | 2 +- .../Grafana/Integrations/Grafana/Grafana.yml | 2 +- Packs/Grafana/ReleaseNotes/1_0_28.md | 3 ++ Packs/Grafana/pack_metadata.json | 2 +- .../Integrations/Hackuity/Hackuity.yml | 2 +- Packs/Hackuity/ReleaseNotes/1_0_18.md | 3 ++ Packs/Hackuity/pack_metadata.json | 2 +- Packs/Lumu/Integrations/Lumu/Lumu.yml | 2 +- Packs/Lumu/ReleaseNotes/1_0_15.md | 3 ++ Packs/Lumu/pack_metadata.json | 2 +- .../Integrations/OracleIAM/OracleIAM.yml | 2 +- Packs/Oracle_IAM/ReleaseNotes/1_0_19.md | 3 ++ Packs/Oracle_IAM/pack_metadata.json | 2 +- .../RecordedFuture/RecordedFuture.yml | 2 +- .../RecordedFutureLists.yml | 40 +++++++++---------- Packs/RecordedFuture/ReleaseNotes/1_7_5.md | 5 +++ Packs/RecordedFuture/pack_metadata.json | 2 +- .../SalesforceFusionIAM.yml | 2 +- Packs/SalesforceFusion/ReleaseNotes/1_0_18.md | 3 ++ Packs/SalesforceFusion/pack_metadata.json | 2 +- .../ServiceDeskPlus/ServiceDeskPlus.yml | 2 +- Packs/ServiceDeskPlus/ReleaseNotes/2_0_26.md | 3 ++ Packs/ServiceDeskPlus/pack_metadata.json | 2 +- ...tecCloudSecureWebGatewayEventCollector.yml | 2 +- .../ReleaseNotes/1_0_1.md | 3 ++ .../pack_metadata.json | 2 +- .../VMwareWorkspaceONEUEM.yml | 2 +- .../ReleaseNotes/1_0_15.md | 3 ++ .../VMwareWorkspaceONEUEM/pack_metadata.json | 2 +- Packs/Wiz/Integrations/Wiz/Wiz.yml | 2 +- Packs/Wiz/ReleaseNotes/1_2_15.md | 3 ++ Packs/Wiz/pack_metadata.json | 2 +- 43 files changed, 92 insertions(+), 48 deletions(-) create mode 100644 Packs/AbnormalSecurity/ReleaseNotes/2_2_1.md create mode 100644 Packs/Binalyze/ReleaseNotes/1_1_2.md create mode 100644 Packs/FeedLOLBAS/ReleaseNotes/1_0_13.md create mode 100644 Packs/FlashpointFeed/ReleaseNotes/1_0_22.md create mode 100644 Packs/Grafana/ReleaseNotes/1_0_28.md create mode 100644 Packs/Hackuity/ReleaseNotes/1_0_18.md create mode 100644 Packs/Lumu/ReleaseNotes/1_0_15.md create mode 100644 Packs/Oracle_IAM/ReleaseNotes/1_0_19.md create mode 100644 Packs/RecordedFuture/ReleaseNotes/1_7_5.md create mode 100644 Packs/SalesforceFusion/ReleaseNotes/1_0_18.md create mode 100644 Packs/ServiceDeskPlus/ReleaseNotes/2_0_26.md create mode 100644 Packs/SymantecCloudSecureWebGateway/ReleaseNotes/1_0_1.md create mode 100644 Packs/VMwareWorkspaceONEUEM/ReleaseNotes/1_0_15.md create mode 100644 Packs/Wiz/ReleaseNotes/1_2_15.md diff --git a/Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml b/Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml index d39ba66ac49f..1bb2eb17d750 100644 --- a/Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml +++ b/Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml @@ -703,7 +703,7 @@ script: description: Get the latest threat intel feed. name: abnormal-security-get-latest-threat-intel-feed deprecated: true - dockerimage: demisto/python3:3.10.13.81631 + dockerimage: demisto/python3:3.10.13.83255 script: "" subtype: python3 type: python diff --git a/Packs/AbnormalSecurity/ReleaseNotes/2_2_1.md b/Packs/AbnormalSecurity/ReleaseNotes/2_2_1.md new file mode 100644 index 000000000000..759761c12817 --- /dev/null +++ b/Packs/AbnormalSecurity/ReleaseNotes/2_2_1.md @@ -0,0 +1,3 @@ +#### Integrations +##### Abnormal Security +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/AbnormalSecurity/pack_metadata.json b/Packs/AbnormalSecurity/pack_metadata.json index b9e4050acc22..c12f33f4dc7a 100644 --- a/Packs/AbnormalSecurity/pack_metadata.json +++ b/Packs/AbnormalSecurity/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Abnormal Security", "description": "Abnormal Security detects and protects against the whole spectrum of email attacks", "support": "partner", - "currentVersion": "2.2.0", + "currentVersion": "2.2.1", "author": "Abnormal Security", "url": "", "email": "support@abnormalsecurity.com", diff --git a/Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml b/Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml index fee4be4bea66..03eb0fc98773 100644 --- a/Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml +++ b/Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml @@ -97,7 +97,7 @@ script: description: Organization Id of endpoint. type: number description: Acquire evidence from an endpoint. - dockerimage: demisto/python3:3.10.13.80593 + dockerimage: demisto/python3:3.10.13.83255 subtype: python3 fromversion: 6.2.0 tests: diff --git a/Packs/Binalyze/ReleaseNotes/1_1_2.md b/Packs/Binalyze/ReleaseNotes/1_1_2.md new file mode 100644 index 000000000000..4245be5bf4c6 --- /dev/null +++ b/Packs/Binalyze/ReleaseNotes/1_1_2.md @@ -0,0 +1,3 @@ +#### Integrations +##### Binalyze AIR +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/Binalyze/pack_metadata.json b/Packs/Binalyze/pack_metadata.json index cb48ff111a74..093e9c3e495c 100644 --- a/Packs/Binalyze/pack_metadata.json +++ b/Packs/Binalyze/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Binalyze AIR", "description": "Collect over 300 different types of evidence under 10 minutes.", "support": "partner", - "currentVersion": "1.1.1", + "currentVersion": "1.1.2", "author": "Binalyze Integration Team", "url": "https://kb.binalyze.com/air/integrations/cortex-xsoar-integration", "email": "support@binalyze.com", diff --git a/Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml b/Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml index 41a4b7708b67..128780c10932 100644 --- a/Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml +++ b/Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml @@ -169,7 +169,7 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/python3:3.10.13.80593 + dockerimage: demisto/python3:3.10.13.83255 fromversion: 6.8.0 tests: - FeedLOLBas_test diff --git a/Packs/FeedLOLBAS/ReleaseNotes/1_0_13.md b/Packs/FeedLOLBAS/ReleaseNotes/1_0_13.md new file mode 100644 index 000000000000..9600121fb556 --- /dev/null +++ b/Packs/FeedLOLBAS/ReleaseNotes/1_0_13.md @@ -0,0 +1,3 @@ +#### Integrations +##### LOLBAS Feed +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/FeedLOLBAS/pack_metadata.json b/Packs/FeedLOLBAS/pack_metadata.json index 0b18f134f032..8a236f967820 100644 --- a/Packs/FeedLOLBAS/pack_metadata.json +++ b/Packs/FeedLOLBAS/pack_metadata.json @@ -2,7 +2,7 @@ "name": "LOLBAS Feed", "description": "\"Living off the land binaries\" is a term used to describe malware or hacking techniques that take advantage of legitimate tools.", "support": "xsoar", - "currentVersion": "1.0.12", + "currentVersion": "1.0.13", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml b/Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml index b976730ffd1b..3d8ba8e3aa9d 100644 --- a/Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml +++ b/Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml @@ -135,7 +135,7 @@ script: name: types description: Retrieves indicators from the Flashpoint API. It displays the content of the fetch-indicators command. name: flashpoint-get-indicators - dockerimage: demisto/python3:3.10.13.80593 + dockerimage: demisto/python3:3.10.13.83255 feed: true runonce: false script: '-' diff --git a/Packs/FlashpointFeed/ReleaseNotes/1_0_22.md b/Packs/FlashpointFeed/ReleaseNotes/1_0_22.md new file mode 100644 index 000000000000..e7c9f95ebce9 --- /dev/null +++ b/Packs/FlashpointFeed/ReleaseNotes/1_0_22.md @@ -0,0 +1,3 @@ +#### Integrations +##### Flashpoint Feed +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/FlashpointFeed/pack_metadata.json b/Packs/FlashpointFeed/pack_metadata.json index 2f8c8f40c191..8eaea7e36bb4 100644 --- a/Packs/FlashpointFeed/pack_metadata.json +++ b/Packs/FlashpointFeed/pack_metadata.json @@ -2,7 +2,7 @@ "name": "FlashpointFeed", "description": "Ingest indicator feeds from Flashpoint.", "support": "partner", - "currentVersion": "1.0.21", + "currentVersion": "1.0.22", "author": "Flashpoint", "url": "https://www.flashpoint-intel.com/", "email": "demisto_support@flashpoint-intel.com", diff --git a/Packs/Grafana/Integrations/Grafana/Grafana.yml b/Packs/Grafana/Integrations/Grafana/Grafana.yml index 5b5ae66f2533..5a968ab3dc43 100644 --- a/Packs/Grafana/Integrations/Grafana/Grafana.yml +++ b/Packs/Grafana/Integrations/Grafana/Grafana.yml @@ -654,7 +654,7 @@ script: - contextPath: Grafana.Organization.address description: Organization address. type: Unknown - dockerimage: demisto/python3:3.10.13.80593 + dockerimage: demisto/python3:3.10.13.83255 isfetch: true runonce: false script: '-' diff --git a/Packs/Grafana/ReleaseNotes/1_0_28.md b/Packs/Grafana/ReleaseNotes/1_0_28.md new file mode 100644 index 000000000000..8d2e93f3305d --- /dev/null +++ b/Packs/Grafana/ReleaseNotes/1_0_28.md @@ -0,0 +1,3 @@ +#### Integrations +##### Grafana +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/Grafana/pack_metadata.json b/Packs/Grafana/pack_metadata.json index be6e3dbeea2a..b0b53d401f78 100644 --- a/Packs/Grafana/pack_metadata.json +++ b/Packs/Grafana/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Grafana", "description": "Grafana client to interact with Grafana server API.", "support": "xsoar", - "currentVersion": "1.0.27", + "currentVersion": "1.0.28", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Hackuity/Integrations/Hackuity/Hackuity.yml b/Packs/Hackuity/Integrations/Hackuity/Hackuity.yml index 952221e7b8f5..27e9d1233e3a 100644 --- a/Packs/Hackuity/Integrations/Hackuity/Hackuity.yml +++ b/Packs/Hackuity/Integrations/Hackuity/Hackuity.yml @@ -192,7 +192,7 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/python3:3.10.13.80593 + dockerimage: demisto/python3:3.10.13.83255 fromversion: 6.0.0 tests: - No tests (auto formatted) diff --git a/Packs/Hackuity/ReleaseNotes/1_0_18.md b/Packs/Hackuity/ReleaseNotes/1_0_18.md new file mode 100644 index 000000000000..3298e5621956 --- /dev/null +++ b/Packs/Hackuity/ReleaseNotes/1_0_18.md @@ -0,0 +1,3 @@ +#### Integrations +##### Hackuity +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/Hackuity/pack_metadata.json b/Packs/Hackuity/pack_metadata.json index a46742127499..5850c5ff0af2 100644 --- a/Packs/Hackuity/pack_metadata.json +++ b/Packs/Hackuity/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Hackuity", "description": "From a war-room, query your Hackuity cockpit in order to seamlessly retrieve information related to your vulnerability stock.", "support": "partner", - "currentVersion": "1.0.17", + "currentVersion": "1.0.18", "author": "Hackuity", "url": "https://www.hackuity.io/support", "email": "", diff --git a/Packs/Lumu/Integrations/Lumu/Lumu.yml b/Packs/Lumu/Integrations/Lumu/Lumu.yml index 959d74efa934..7929b271ef05 100644 --- a/Packs/Lumu/Integrations/Lumu/Lumu.yml +++ b/Packs/Lumu/Integrations/Lumu/Lumu.yml @@ -1081,7 +1081,7 @@ script: - contextPath: Lumu.GetCache.lumu_incidentsId type: string description: "Lumu incident ids processed." - dockerimage: demisto/python3:3.10.13.80593 + dockerimage: demisto/python3:3.10.13.83255 isfetch: true subtype: python3 ismappable: true diff --git a/Packs/Lumu/ReleaseNotes/1_0_15.md b/Packs/Lumu/ReleaseNotes/1_0_15.md new file mode 100644 index 000000000000..febfbd223d75 --- /dev/null +++ b/Packs/Lumu/ReleaseNotes/1_0_15.md @@ -0,0 +1,3 @@ +#### Integrations +##### Lumu +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/Lumu/pack_metadata.json b/Packs/Lumu/pack_metadata.json index e4d593260a8c..4ae83775acf8 100644 --- a/Packs/Lumu/pack_metadata.json +++ b/Packs/Lumu/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Lumu", "description": "SecOps operation, reflect and manage the Lumu Incidents either from XSOAR Cortex or viceversa using the mirroring integration flow", "support": "partner", - "currentVersion": "1.0.14", + "currentVersion": "1.0.15", "author": "Lumu", "url": "https://lumu.io", "email": "support@lumu.io", diff --git a/Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml b/Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml index 0805b8660f20..895a062c754e 100644 --- a/Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml +++ b/Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml @@ -337,7 +337,7 @@ script: type: Unknown - description: Retrieves a User Profile schema, which holds all of the user fields within the application. Used for outgoing-mapping through the Get Schema option. name: get-mapping-fields - dockerimage: demisto/python3:3.10.13.80593 + dockerimage: demisto/python3:3.10.13.83255 runonce: false script: '-' subtype: python3 diff --git a/Packs/Oracle_IAM/ReleaseNotes/1_0_19.md b/Packs/Oracle_IAM/ReleaseNotes/1_0_19.md new file mode 100644 index 000000000000..825e59af9c63 --- /dev/null +++ b/Packs/Oracle_IAM/ReleaseNotes/1_0_19.md @@ -0,0 +1,3 @@ +#### Integrations +##### Oracle IAM +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/Oracle_IAM/pack_metadata.json b/Packs/Oracle_IAM/pack_metadata.json index 1ee709bacfc8..2deb63699a3a 100644 --- a/Packs/Oracle_IAM/pack_metadata.json +++ b/Packs/Oracle_IAM/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Oracle IAM", "description": "Oracle IAM", "support": "xsoar", - "currentVersion": "1.0.18", + "currentVersion": "1.0.19", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.yml b/Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.yml index 6dc205efa2f0..e8cad9101af3 100644 --- a/Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.yml +++ b/Packs/RecordedFuture/Integrations/RecordedFuture/RecordedFuture.yml @@ -154,7 +154,7 @@ script: script: '' type: python subtype: python3 - dockerimage: demisto/python3:3.10.13.78960 + dockerimage: demisto/python3:3.10.13.83255 commands: - name: domain description: Gets a quick indicator of the risk associated with a domain. diff --git a/Packs/RecordedFuture/Integrations/RecordedFutureLists/RecordedFutureLists.yml b/Packs/RecordedFuture/Integrations/RecordedFutureLists/RecordedFutureLists.yml index dcc2a942ccc4..2f935a1d7d4f 100644 --- a/Packs/RecordedFuture/Integrations/RecordedFutureLists/RecordedFutureLists.yml +++ b/Packs/RecordedFuture/Integrations/RecordedFutureLists/RecordedFutureLists.yml @@ -5,7 +5,7 @@ name: RecordedFutureLists display: 'Recorded Future - Lists' category: Data Enrichment & Threat Intelligence image: -description: 'Search and manage watchlists in Recorded Future' +description: 'Search and manage watchlists in Recorded Future.' configuration: - display: API URL name: server_url @@ -31,15 +31,15 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/python3:3.10.13.72123 + dockerimage: demisto/python3:3.10.13.83255 commands: - name: recordedfuture-lists-search - description: Search for lists in Recorded Future + description: Search for lists in Recorded Future. arguments: - name: list_names - description: Freetext name to search for + description: Freetext name to search for. - name: contains - description: Filter lists based on entity types, will only include lists with the entity types specified. Default value "" includes all types + description: Filter lists based on entity types, will only include lists with the entity types specified. Default value "" includes all types. auto: PREDEFINED predefined: - entity @@ -63,7 +63,7 @@ script: - target - method - name: limit - description: Limits the amount of returned results + description: Limits the amount of returned results. - name: include required: false description: Include all search results. Default is to exclude all lists owned by the system user. @@ -72,37 +72,37 @@ script: - all outputs: - contextPath: RecordedFuture.List.id - description: Unique id of the list in Recorded Future + description: Unique id of the list in Recorded Future. type: String - contextPath: RecordedFuture.List.name - description: Name of the list in Recorded Future + description: Name of the list in Recorded Future. type: String - contextPath: RecordedFuture.List.type - description: Recorded future entity type + description: Recorded future entity type. type: String - contextPath: RecordedFuture.List.created - description: Timestamp of creation + description: Timestamp of creation. type: String - contextPath: RecordedFuture.List.updated - description: Timestamp of last update to the list + description: Timestamp of last update to the list. type: String - contextPath: RecordedFuture.List.owner_id - description: Unique id of the owner in Recorded Future + description: Unique id of the owner in Recorded Future. type: String - contextPath: RecordedFuture.List.owner_name - description: Readable name of list in Recorded Future + description: Readable name of list in Recorded Future. type: String - name: recordedfuture-lists-add-entities description: Add entities to a list, separate entities by commas. "NOTE:" if entity type is specified, only one entity type can be added with each action. arguments: - name: list_id required: true - description: Id of the list that should be added, can be found by running !recordedfuture-lists-search with the corresponding filters or in the Recorded Future portal + description: Id of the list that should be added, can be found by running !recordedfuture-lists-search with the corresponding filters or in the Recorded Future portal. - name: entity_ids description: 'A comma-separated list of specific IDs from Recorded Future. For URLs containing commas, replace the comma with %2C. For more information, go to https://xsoar.pan.dev/docs/reference/integrations/recorded-future-lists#recordedfuture-lists-add-entities.' required: false - name: freetext_names - description: 'Freetext names will be matched to Recorded Future ids separated by comma, this alernative will add the best match in the Recorded Future data. For urls containing commas: escape with %2C' + description: 'Freetext names will be matched to Recorded Future ids separated by comma, this alernative will add the best match in the Recorded Future data. For urls containing commas: escape with %2C.' - name: entity_type required: false description: Type of the entities that should be added. Use together with freetext_names to improve entity resolution. @@ -173,19 +173,19 @@ script: - malware-category outputs: - contextPath: RecordedFuture.List.Entities.name - description: Name of the entity in the list + description: Name of the entity in the list. type: String - contextPath: RecordedFuture.List.Entities.type - description: The Recorded Future entity type resolved during the action + description: The Recorded Future entity type resolved during the action. type: String - contextPath: RecordedFuture.List.Entities.id - description: Unique id of the entity in Recorded Future + description: Unique id of the entity in Recorded Future. type: String - contextPath: RecordedFuture.List.Entities.input_value - description: The value inputted to the command + description: The value inputted to the command. type: String - contextPath: RecordedFuture.List.Entities.action_result - description: Entity specific result for the action + description: Entity specific result for the action. type: String - name: recordedfuture-lists-entities description: Get the entities that are currently in the given lists. diff --git a/Packs/RecordedFuture/ReleaseNotes/1_7_5.md b/Packs/RecordedFuture/ReleaseNotes/1_7_5.md new file mode 100644 index 000000000000..d3f08f5bc6df --- /dev/null +++ b/Packs/RecordedFuture/ReleaseNotes/1_7_5.md @@ -0,0 +1,5 @@ +#### Integrations +##### Recorded Future v2 +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. +##### Recorded Future - Lists +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/RecordedFuture/pack_metadata.json b/Packs/RecordedFuture/pack_metadata.json index 71c463b44252..6d6e86b8df5f 100644 --- a/Packs/RecordedFuture/pack_metadata.json +++ b/Packs/RecordedFuture/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Recorded Future Intelligence", "description": "Recorded Future App, this pack is previously known as 'RecordedFuture v2'", "support": "partner", - "currentVersion": "1.7.4", + "currentVersion": "1.7.5", "author": "Recorded Future", "url": "https://www.recordedfuture.com/support/demisto-integration/", "email": "support@recordedfuture.com", diff --git a/Packs/SalesforceFusion/Integrations/SalesforceFusionIAM/SalesforceFusionIAM.yml b/Packs/SalesforceFusion/Integrations/SalesforceFusionIAM/SalesforceFusionIAM.yml index 7c566c1c861e..9d9e74bddb80 100644 --- a/Packs/SalesforceFusion/Integrations/SalesforceFusionIAM/SalesforceFusionIAM.yml +++ b/Packs/SalesforceFusion/Integrations/SalesforceFusionIAM/SalesforceFusionIAM.yml @@ -251,7 +251,7 @@ script: type: String - description: Retrieves a User Profile schema, which holds all of the user fields within the application. Used for outgoing-mapping through the Get Schema option. name: get-mapping-fields - dockerimage: demisto/python3:3.10.13.80014 + dockerimage: demisto/python3:3.10.13.83255 runonce: false script: '-' subtype: python3 diff --git a/Packs/SalesforceFusion/ReleaseNotes/1_0_18.md b/Packs/SalesforceFusion/ReleaseNotes/1_0_18.md new file mode 100644 index 000000000000..8e0fdd7ff54a --- /dev/null +++ b/Packs/SalesforceFusion/ReleaseNotes/1_0_18.md @@ -0,0 +1,3 @@ +#### Integrations +##### Salesforce Fusion IAM +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/SalesforceFusion/pack_metadata.json b/Packs/SalesforceFusion/pack_metadata.json index b3e8f2b5bc80..9d7c1cc4db39 100644 --- a/Packs/SalesforceFusion/pack_metadata.json +++ b/Packs/SalesforceFusion/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Salesforce Fusion", "description": "CRM Services", "support": "xsoar", - "currentVersion": "1.0.17", + "currentVersion": "1.0.18", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml b/Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml index 8a5f1c94d8ed..5a7ece9c3888 100644 --- a/Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml +++ b/Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml @@ -542,7 +542,7 @@ script: required: true description: Closes the specified request. name: service-desk-plus-request-close - dockerimage: demisto/python3:3.10.13.80593 + dockerimage: demisto/python3:3.10.13.83255 isfetch: true runonce: false script: '-' diff --git a/Packs/ServiceDeskPlus/ReleaseNotes/2_0_26.md b/Packs/ServiceDeskPlus/ReleaseNotes/2_0_26.md new file mode 100644 index 000000000000..d161a9d33990 --- /dev/null +++ b/Packs/ServiceDeskPlus/ReleaseNotes/2_0_26.md @@ -0,0 +1,3 @@ +#### Integrations +##### Service Desk Plus +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/ServiceDeskPlus/pack_metadata.json b/Packs/ServiceDeskPlus/pack_metadata.json index 770970726256..8c975db530d6 100644 --- a/Packs/ServiceDeskPlus/pack_metadata.json +++ b/Packs/ServiceDeskPlus/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Manage Engine Service Desk Plus", "description": "IT service management.", "support": "xsoar", - "currentVersion": "2.0.25", + "currentVersion": "2.0.26", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/SymantecCloudSecureWebGateway/Integrations/SymantecCloudSecureWebGatewayEventCollector/SymantecCloudSecureWebGatewayEventCollector.yml b/Packs/SymantecCloudSecureWebGateway/Integrations/SymantecCloudSecureWebGatewayEventCollector/SymantecCloudSecureWebGatewayEventCollector.yml index ec56966b4aaa..1d6c1425e654 100644 --- a/Packs/SymantecCloudSecureWebGateway/Integrations/SymantecCloudSecureWebGatewayEventCollector/SymantecCloudSecureWebGatewayEventCollector.yml +++ b/Packs/SymantecCloudSecureWebGateway/Integrations/SymantecCloudSecureWebGatewayEventCollector/SymantecCloudSecureWebGatewayEventCollector.yml @@ -41,7 +41,7 @@ configuration: section: Collect script: commands: [] - dockerimage: demisto/python3:3.10.13.82467 + dockerimage: demisto/python3:3.10.13.83255 longRunning: true script: "" subtype: python3 diff --git a/Packs/SymantecCloudSecureWebGateway/ReleaseNotes/1_0_1.md b/Packs/SymantecCloudSecureWebGateway/ReleaseNotes/1_0_1.md new file mode 100644 index 000000000000..ef2404a5b1ac --- /dev/null +++ b/Packs/SymantecCloudSecureWebGateway/ReleaseNotes/1_0_1.md @@ -0,0 +1,3 @@ +#### Integrations +##### Symantec Cloud Secure Web Gateway Event Collector +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/SymantecCloudSecureWebGateway/pack_metadata.json b/Packs/SymantecCloudSecureWebGateway/pack_metadata.json index d1dc1ffdd391..a8b25bb3c006 100644 --- a/Packs/SymantecCloudSecureWebGateway/pack_metadata.json +++ b/Packs/SymantecCloudSecureWebGateway/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Symantec Cloud Secure Web Gateway", "description": "Symantec Cloud Secure Web Gateway (SWG) is a cutting-edge cybersecurity solution designed to provide robust protection and control over internet traffic within organizations. Leveraging advanced threat intelligence, real-time content analysis, and secure web access policies, Symantec Cloud SWG ensures a secure and compliant online environment for users.", "support": "xsoar", - "currentVersion": "1.0.0", + "currentVersion": "1.0.1", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml b/Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml index 5ba82839b021..ba63584e2e2c 100644 --- a/Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml +++ b/Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml @@ -576,7 +576,7 @@ script: - contextPath: VMwareWorkspaceONEUEM.OSUpdate.OSUpdateList.Uuid description: The universally unique identifier of the OS update. type: String - dockerimage: demisto/python3:3.10.13.80014 + dockerimage: demisto/python3:3.10.13.83255 runonce: false script: '-' subtype: python3 diff --git a/Packs/VMwareWorkspaceONEUEM/ReleaseNotes/1_0_15.md b/Packs/VMwareWorkspaceONEUEM/ReleaseNotes/1_0_15.md new file mode 100644 index 000000000000..025cc1fe6cf3 --- /dev/null +++ b/Packs/VMwareWorkspaceONEUEM/ReleaseNotes/1_0_15.md @@ -0,0 +1,3 @@ +#### Integrations +##### VMware Workspace ONE UEM (AirWatch MDM) +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/VMwareWorkspaceONEUEM/pack_metadata.json b/Packs/VMwareWorkspaceONEUEM/pack_metadata.json index 3f5c94ebc938..58cbc17e1eae 100644 --- a/Packs/VMwareWorkspaceONEUEM/pack_metadata.json +++ b/Packs/VMwareWorkspaceONEUEM/pack_metadata.json @@ -2,7 +2,7 @@ "name": "VMware Workspace ONE UEM", "description": "VMware workspace ONE UEM allows users to search enrolled corporate or employee-owned devices, provides detailed information about each device such as its serial number, installed OS's, pending OS updates, network details, and much more leveraging Workspace ONE UEM's (formerly AirWatch MDM) API.", "support": "xsoar", - "currentVersion": "1.0.14", + "currentVersion": "1.0.15", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Wiz/Integrations/Wiz/Wiz.yml b/Packs/Wiz/Integrations/Wiz/Wiz.yml index 92391844b147..7b52f26e3661 100644 --- a/Packs/Wiz/Integrations/Wiz/Wiz.yml +++ b/Packs/Wiz/Integrations/Wiz/Wiz.yml @@ -279,7 +279,7 @@ script: - name: vm_id description: vm cloud provider id. required: true - dockerimage: demisto/python3:3.10.13.80593 + dockerimage: demisto/python3:3.10.13.83255 isfetch: true runonce: false script: '-' diff --git a/Packs/Wiz/ReleaseNotes/1_2_15.md b/Packs/Wiz/ReleaseNotes/1_2_15.md new file mode 100644 index 000000000000..ff9bb40d8c9e --- /dev/null +++ b/Packs/Wiz/ReleaseNotes/1_2_15.md @@ -0,0 +1,3 @@ +#### Integrations +##### Wiz +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. diff --git a/Packs/Wiz/pack_metadata.json b/Packs/Wiz/pack_metadata.json index bd33f2309d16..abc5a1d04cdc 100644 --- a/Packs/Wiz/pack_metadata.json +++ b/Packs/Wiz/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Wiz", "description": "Integrate with Wiz for bidirectional Issue management and fetching of resource information. \n", "support": "partner", - "currentVersion": "1.2.14", + "currentVersion": "1.2.15", "author": "Wiz Inc.", "url": "https://wiz.io/", "email": "support@wiz.io", From abb3b15332ed1e409553d5b38d4f40a00bb77dcb Mon Sep 17 00:00:00 2001 From: RotemAmit Date: Thu, 14 Dec 2023 12:20:40 +0200 Subject: [PATCH 42/50] CS Falcon - Add batch_id argument to run_command (#31394) * added batch_id argument * unit tests * updated unit tests and docker image * RN * updated README * Update Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> * Bump pack from version CrowdStrikeFalcon to 1.12.8. * updated the timeout * updated the timeout * updated the timeout * docker image update --------- Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: Content Bot --- .../CrowdStrikeFalcon/CrowdStrikeFalcon.py | 6 +- .../CrowdStrikeFalcon/CrowdStrikeFalcon.yml | 7 +- .../CrowdStrikeFalcon_test.py | 117 ++++++++++++++++++ .../Integrations/CrowdStrikeFalcon/README.md | 29 +++-- .../run_command/run_command_with_batch.json | 24 ++++ .../CrowdStrikeFalcon/ReleaseNotes/1_12_8.md | 4 + Packs/CrowdStrikeFalcon/pack_metadata.json | 2 +- Tests/conf.json | 2 +- 8 files changed, 173 insertions(+), 18 deletions(-) create mode 100644 Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/run_command/run_command_with_batch.json create mode 100644 Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_8.md diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py index aa5a372da300..f2917f01fcef 100644 --- a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py @@ -3809,7 +3809,8 @@ def run_command(): output = [] if target == 'batch': - batch_id = init_rtr_batch_session(host_ids, offline) + batch_id = args.get('batch_id', None) if args.get('batch_id', None) else init_rtr_batch_session(host_ids, offline) + demisto.debug(f"{args.get('batch_id', None)=} , {batch_id=}") timer = Timer(300, batch_refresh_session, kwargs={'batch_id': batch_id}) timer.start() try: @@ -3837,7 +3838,8 @@ def run_command(): 'Stdout': resource.get('stdout'), 'Stderr': resource.get('stderr'), 'BaseCommand': resource.get('base_command'), - 'Command': full_command + 'Command': full_command, + 'BatchID': batch_id }) human_readable = tableToMarkdown(f'Command {full_command} results', output, removeNull=True) diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.yml b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.yml index b5b8720d4c91..388be9f8bf38 100644 --- a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.yml +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.yml @@ -456,6 +456,8 @@ script: predefined: - batch - single + - description: A batch ID to execute the command on. + name: batch_id description: Sends commands to hosts. name: cs-falcon-run-command outputs: @@ -486,6 +488,9 @@ script: - contextPath: CrowdStrike.Command.NextSequenceID description: (For single host) The next sequence ID. type: number + - contextPath: CrowdStrike.Command.BatchID + description: The Batch ID that the command was executed on. + type: String - arguments: - description: The script name to upload. name: name @@ -4696,7 +4701,7 @@ script: auto: PREDEFINED description: Perform actions on alerts. name: cs-falcon-resolve-identity-detection - dockerimage: demisto/py3-tools:1.0.0.80944 + dockerimage: demisto/py3-tools:1.0.0.83529 isfetch: true ismappable: true isremotesyncin: true diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon_test.py b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon_test.py index 896790c2c56e..a3836a40d895 100644 --- a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon_test.py +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon_test.py @@ -239,6 +239,7 @@ def test_run_command_read_scope(requests_mock, mocker): 'Command': [{ 'HostID': '284771ee197e422d5176d6634a62b934', 'SessionID': '1113b475-2c28-4486-8617-d000b8f3bc8d', + 'BatchID': 'batch_id', 'Stdout': 'Directory listing for C:\\ -\n\n' 'Name Type Size (bytes) Size (MB) ' 'Last Modified (UTC-5) Created (UTC-5) \n---- ' @@ -308,6 +309,7 @@ def test_run_command_write_scope(requests_mock, mocker): 'CrowdStrike': { 'Command': [{ 'HostID': '284771ee197e422d5176d6634a62b934', + 'BatchID': 'batch_id', 'SessionID': 'ed0743e0-b156-4f98-8bbb-7a720a4192cf', 'Stdout': 'C:\\demistotest1', 'Stderr': '', @@ -373,6 +375,7 @@ def test_run_command_with_stderr(requests_mock, mocker): 'CrowdStrike': { 'Command': [{ 'HostID': '284771ee197e422d5176d6634a62b934', + 'BatchID': 'batch_id', 'SessionID': '4d41588e-8455-4f0f-a3ee-0515922a8d94', 'Stdout': '', 'Stderr': "The term 'somepowershellscript' is not recognized as the name of a cmdlet, function," @@ -6517,3 +6520,117 @@ def test_list_detection_summaries_command_no_results(mocker): mocker.patch('CrowdStrikeFalcon.http_request', return_value=response) res = list_detection_summaries_command() assert res.readable_output == '### CrowdStrike Detections\n**No entries.**\n' + + +def test_run_command_batch_id(requests_mock, mocker): + """ + Test cs-falcon-run-command when batch_id is given as an argument. + + Given: + - A batch_id host_ids, command_type, full_command. + When: + - Running the command cs-falcon-run-command + Then: + - Check that the batch_id is correct. + """ + from CrowdStrikeFalcon import run_command + args = { + 'host_ids': 'host_id', + 'command_type': 'ls', + 'full_command': 'ls', + 'batch_id': 'batch_id' + } + mocker.patch.object( + demisto, + 'args', + return_value=args + ) + response = load_json('test_data/run_command/run_command_with_batch.json') + requests_mock.post( + f'{SERVER_URL}/real-time-response/combined/batch-command/v1', + json=response, + status_code=201 + ) + results = run_command() + expected_results = { + 'CrowdStrike': { + 'Command': [{ + "BaseCommand": "ls", + "BatchID": "batch_id", + "Command": "ls", + "HostID": "aid", + "SessionID": "session_id", + "Stderr": "", + "Stdout": 'Directory listing for C:\\ -\n\n' + 'Name Type Size (bytes) Size (MB) ' + 'Last Modified (UTC+2) Created (UTC+2) \n' + '---- ---- ------------ --------- ' + '--------------------- --------------- \n' + '$Recycle.Bin -- -- ' + '6/19/2023 4:11:43 PM 9/15/2018 10:19:00 AM \n' + 'Config.Msi -- -- ' + '11/14/2023 1:56:25 AM 8/17/2023 1:49:07 AM \n' + }] + } + } + assert results['EntryContext'] == expected_results + + +def test_run_command_without_batch_id(requests_mock, mocker): + """ + Test cs-falcon-run-command when batch_id isn't given as an argument. + + Given: + - host_ids, command_type, full_command. + When: + - Running the command cs-falcon-run-command + Then: + - Check that the batch_id is correct. + """ + from CrowdStrikeFalcon import run_command + args = { + 'host_ids': 'host_id', + 'command_type': 'ls', + 'full_command': 'ls', + } + mocker.patch.object( + demisto, + 'args', + return_value=args + ) + requests_mock.post( + f'{SERVER_URL}/real-time-response/combined/batch-init-session/v1', + json={ + 'batch_id': 'new_batch_id' + }, + status_code=201 + ) + response = load_json('test_data/run_command/run_command_with_batch.json') + requests_mock.post( + f'{SERVER_URL}/real-time-response/combined/batch-command/v1', + json=response, + status_code=201 + ) + results = run_command() + expected_results = { + 'CrowdStrike': { + 'Command': [{ + "BaseCommand": "ls", + "BatchID": "new_batch_id", + "Command": "ls", + "HostID": "aid", + "SessionID": "session_id", + "Stderr": "", + "Stdout": 'Directory listing for C:\\ -\n\n' + 'Name Type Size (bytes) Size (MB) ' + 'Last Modified (UTC+2) Created (UTC+2) \n' + '---- ---- ------------ --------- ' + '--------------------- --------------- \n' + '$Recycle.Bin -- -- ' + '6/19/2023 4:11:43 PM 9/15/2018 10:19:00 AM \n' + 'Config.Msi -- -- ' + '11/14/2023 1:56:25 AM 8/17/2023 1:49:07 AM \n' + }] + } + } + assert results['EntryContext'] == expected_results diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/README.md b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/README.md index e68329d3141a..be1255a7cf49 100644 --- a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/README.md +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/README.md @@ -570,21 +570,23 @@ Sends commands to hosts. | target | The target for which to run the command. Possible values are: "single" and "batch". Default is "batch". | Optional | | queue_offline | Any commands run against an offline-queued session will be queued up and executed when the host comes online. | Optional | | timeout | The amount of time (in seconds) that a request will wait for a client to establish a connection to a remote machine before a timeout occurs. | Optional | +| batch_id | A batch ID to execute the command on. | Optional | #### Context Output | **Path** | **Type** | **Description** | -| --- | --- | --- | -| CrowdStrike.Command.HostID | String | The ID of the host for which the command was running. | -| CrowdStrike.Command.SessionID | string | The ID of the session of the host. | -| CrowdStrike.Command.Stdout | String | The standard output of the command. | -| CrowdStrike.Command.Stderr | String | The standard error of the command. | -| CrowdStrike.Command.BaseCommand | String | The base command. | -| CrowdStrike.Command.FullCommand | String | The full command. | -| CrowdStrike.Command.TaskID | string | \(For single host\) The ID of the command request which has been accepted. | -| CrowdStrike.Command.Complete | boolean | \(For single host\) True if the command completed. | -| CrowdStrike.Command.NextSequenceID | number | \(For single host\) The next sequence ID. | +| --- |----------| --- | +| CrowdStrike.Command.HostID | String | The ID of the host for which the command was running. | +| CrowdStrike.Command.SessionID | string | The ID of the session of the host. | +| CrowdStrike.Command.Stdout | String | The standard output of the command. | +| CrowdStrike.Command.Stderr | String | The standard error of the command. | +| CrowdStrike.Command.BaseCommand | String | The base command. | +| CrowdStrike.Command.FullCommand | String | The full command. | +| CrowdStrike.Command.TaskID | string | \(For single host\) The ID of the command request which has been accepted. | +| CrowdStrike.Command.Complete | boolean | \(For single host\) True if the command completed. | +| CrowdStrike.Command.NextSequenceID | number | \(For single host\) The next sequence ID. | +| CrowdStrike.Command.BatchID | string | The Batch ID that the command was executed on. | #### Command Example @@ -599,6 +601,7 @@ Sends commands to hosts. 'Command': [{ 'HostID': 'a1a1a1a1a1a1a1a1a1a1a1a1a1a1a1a1', 'Stdout': 'Directory listing for C:\\ -\n\n' + 'BatchID': 'batch_id' 'Name Type Size (bytes) Size (MB) ' 'Last Modified (UTC-5) Created (UTC-5) \n---- ' ' ---- ------------ --------- --------------------- -------' @@ -617,9 +620,9 @@ Sends commands to hosts. >### Command ls C:\\ results ->|BaseCommand|Command|HostID|Stderr|Stdout| ->|---|---|---|---|---| ->| ls | ls C:\ | a1a1a1a1a1a1a1a1a1a1a1a1a1a1a1a1 | | Directory listing for C:\ -

Name Type Size (bytes) Size (MB) Last Modified (UTC-5) Created (UTC-5)
---- ---- ------------ --------- --------------------- ---------------
$Recycle.Bin <Directory> -- -- 11/27/2018 10:54:44 AM 9/15/2017 3:33:40 AM
ITAYDI <Directory> -- -- 11/19/2018 1:31:42 PM 11/19/2018 1:31:42 PM | +>|BaseCommand|Command|HostID|Stderr|Stdout|BatchID| +>|---|---|---|---|---|---| +>| ls | ls C:\ | a1a1a1a1a1a1a1a1a1a1a1a1a1a1a1a1 | | Directory listing for C:\ -

Name Type Size (bytes) Size (MB) Last Modified (UTC-5) Created (UTC-5)
---- ---- ------------ --------- --------------------- ---------------
$Recycle.Bin <Directory> -- -- 11/27/2018 10:54:44 AM 9/15/2017 3:33:40 AM
ITAYDI <Directory> -- -- 11/19/2018 1:31:42 PM 11/19/2018 1:31:42 PM | batch_id | ### 8. cs-falcon-upload-script diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/run_command/run_command_with_batch.json b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/run_command/run_command_with_batch.json new file mode 100644 index 000000000000..13bc0bf0dd07 --- /dev/null +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/run_command/run_command_with_batch.json @@ -0,0 +1,24 @@ +{ + "meta": { + "query_time": 2.10823729, + "powered_by": "powered_by", + "trace_id": "trace_id" + }, + "combined": { + "resources": { + "host_id": { + "session_id": "session_id", + "task_id": "task_id", + "complete": true, + "stdout": "Directory listing for C:\\ -\n\nName Type Size (bytes) Size (MB) Last Modified (UTC+2) Created (UTC+2) \n---- ---- ------------ --------- --------------------- --------------- \n$Recycle.Bin -- -- 6/19/2023 4:11:43 PM 9/15/2018 10:19:00 AM \nConfig.Msi -- -- 11/14/2023 1:56:25 AM 8/17/2023 1:49:07 AM \n", + "stderr": "", + "base_command": "ls", + "aid": "aid", + "errors": [], + "query_time": 2.105078272, + "offline_queued": false + } + } + }, + "errors": [] +} \ No newline at end of file diff --git a/Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_8.md b/Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_8.md new file mode 100644 index 000000000000..ba84dbdc9391 --- /dev/null +++ b/Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_8.md @@ -0,0 +1,4 @@ +#### Integrations +##### CrowdStrike Falcon +- Updated the Docker image to: *demisto/py3-tools:1.0.0.83529*. +- Added the argument **batch_id** to **cs-falcon-run-command** command. \ No newline at end of file diff --git a/Packs/CrowdStrikeFalcon/pack_metadata.json b/Packs/CrowdStrikeFalcon/pack_metadata.json index 1e1aabf7d972..251c64679884 100644 --- a/Packs/CrowdStrikeFalcon/pack_metadata.json +++ b/Packs/CrowdStrikeFalcon/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CrowdStrike Falcon", "description": "The CrowdStrike Falcon OAuth 2 API (formerly the Falcon Firehose API), enables fetching and resolving detections, searching devices, getting behaviors by ID, containing hosts, and lifting host containment.", "support": "xsoar", - "currentVersion": "1.12.7", + "currentVersion": "1.12.8", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Tests/conf.json b/Tests/conf.json index 61cf7802f491..c7952f72b202 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -1861,7 +1861,7 @@ "integrations": "CrowdstrikeFalcon", "playbookID": "Test - CrowdStrike Falcon", "fromversion": "4.1.0", - "timeout": 1000, + "timeout": 5000, "is_mockable": false }, { From e7a1e4470fce7dfda2b266fbfb7d9315627f4963 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 12:27:01 +0200 Subject: [PATCH 43/50] Update Docker Image To demisto/auth-utils (#31472) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * exclude Silverfort pack --------- Co-authored-by: israelpolishook --- .../Integrations/AzureDataExplorer/AzureDataExplorer.yml | 2 +- Packs/AzureDataExplorer/ReleaseNotes/1_2_33.md | 3 +++ Packs/AzureDataExplorer/pack_metadata.json | 2 +- .../Integrations/BoxEventsCollector/BoxEventsCollector.yml | 2 +- Packs/Box/Integrations/BoxV2/BoxV2.yml | 2 +- Packs/Box/ReleaseNotes/3_1_38.md | 5 +++++ Packs/Box/pack_metadata.json | 2 +- .../Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml | 2 +- Packs/Cylance_Protect/ReleaseNotes/1_1_29.md | 3 +++ Packs/Cylance_Protect/pack_metadata.json | 2 +- .../MicrosoftManagementActivity.yml | 2 +- Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_34.md | 3 +++ Packs/MicrosoftManagementActivity/pack_metadata.json | 2 +- .../Integrations/ZoomEventCollector/ZoomEventCollector.yml | 2 +- Packs/Zoom/ReleaseNotes/1_6_3.md | 3 +++ Packs/Zoom/pack_metadata.json | 2 +- 16 files changed, 28 insertions(+), 11 deletions(-) create mode 100644 Packs/AzureDataExplorer/ReleaseNotes/1_2_33.md create mode 100644 Packs/Box/ReleaseNotes/3_1_38.md create mode 100644 Packs/Cylance_Protect/ReleaseNotes/1_1_29.md create mode 100644 Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_34.md create mode 100644 Packs/Zoom/ReleaseNotes/1_6_3.md diff --git a/Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml b/Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml index 8e3abc26627c..5a9eb17725e5 100644 --- a/Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml +++ b/Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml @@ -434,7 +434,7 @@ script: - description: Generate the login url used for Authorization code flow. name: azure-data-explorer-generate-login-url arguments: [] - dockerimage: demisto/auth-utils:1.0.0.81563 + dockerimage: demisto/auth-utils:1.0.0.83550 runonce: false script: "-" subtype: python3 diff --git a/Packs/AzureDataExplorer/ReleaseNotes/1_2_33.md b/Packs/AzureDataExplorer/ReleaseNotes/1_2_33.md new file mode 100644 index 000000000000..f99f765c2c06 --- /dev/null +++ b/Packs/AzureDataExplorer/ReleaseNotes/1_2_33.md @@ -0,0 +1,3 @@ +#### Integrations +##### Azure Data Explorer +- Updated the Docker image to: *demisto/auth-utils:1.0.0.83550*. diff --git a/Packs/AzureDataExplorer/pack_metadata.json b/Packs/AzureDataExplorer/pack_metadata.json index eada8743b6c4..0e84f427a19c 100644 --- a/Packs/AzureDataExplorer/pack_metadata.json +++ b/Packs/AzureDataExplorer/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Azure Data Explorer", "description": "Use Azure Data Explorer integration to collect and analyze data inside clusters of Azure Data Explorer and manage search queries.", "support": "xsoar", - "currentVersion": "1.2.32", + "currentVersion": "1.2.33", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml b/Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml index e64b203fd015..994d99418fec 100644 --- a/Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml +++ b/Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml @@ -57,7 +57,7 @@ script: defaultValue: 3 days description: Get events. name: box-get-events - dockerimage: demisto/auth-utils:1.0.0.81563 + dockerimage: demisto/auth-utils:1.0.0.83550 runonce: false script: '-' subtype: python3 diff --git a/Packs/Box/Integrations/BoxV2/BoxV2.yml b/Packs/Box/Integrations/BoxV2/BoxV2.yml index 9b8fcd207e22..66150f215949 100644 --- a/Packs/Box/Integrations/BoxV2/BoxV2.yml +++ b/Packs/Box/Integrations/BoxV2/BoxV2.yml @@ -2496,7 +2496,7 @@ script: - contextPath: Box.Folder.item_status description: The status of the parent of the item. type: String - dockerimage: demisto/auth-utils:1.0.0.81563 + dockerimage: demisto/auth-utils:1.0.0.83550 isfetch: true runonce: false script: '-' diff --git a/Packs/Box/ReleaseNotes/3_1_38.md b/Packs/Box/ReleaseNotes/3_1_38.md new file mode 100644 index 000000000000..038b513ed1a1 --- /dev/null +++ b/Packs/Box/ReleaseNotes/3_1_38.md @@ -0,0 +1,5 @@ +#### Integrations +##### Box Event Collector +- Updated the Docker image to: *demisto/auth-utils:1.0.0.83550*. +##### Box v2 +- Updated the Docker image to: *demisto/auth-utils:1.0.0.83550*. diff --git a/Packs/Box/pack_metadata.json b/Packs/Box/pack_metadata.json index 865d9d6d4784..b55668df977d 100644 --- a/Packs/Box/pack_metadata.json +++ b/Packs/Box/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Box", "description": "Manage Box users", "support": "xsoar", - "currentVersion": "3.1.37", + "currentVersion": "3.1.38", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml b/Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml index ec56f0db6ed5..a38d66cb3f34 100644 --- a/Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml +++ b/Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml @@ -968,7 +968,7 @@ script: - contextPath: InstaQuery.List description: The list of InstaQuery. type: string - dockerimage: demisto/auth-utils:1.0.0.81563 + dockerimage: demisto/auth-utils:1.0.0.83550 isfetch: true script: '' subtype: python3 diff --git a/Packs/Cylance_Protect/ReleaseNotes/1_1_29.md b/Packs/Cylance_Protect/ReleaseNotes/1_1_29.md new file mode 100644 index 000000000000..5c0440b533bb --- /dev/null +++ b/Packs/Cylance_Protect/ReleaseNotes/1_1_29.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cylance Protect v2 +- Updated the Docker image to: *demisto/auth-utils:1.0.0.83550*. diff --git a/Packs/Cylance_Protect/pack_metadata.json b/Packs/Cylance_Protect/pack_metadata.json index 6286d7018fb9..a08f5c03b351 100644 --- a/Packs/Cylance_Protect/pack_metadata.json +++ b/Packs/Cylance_Protect/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cylance Protect", "description": "Manage Endpoints using Cylance protect", "support": "xsoar", - "currentVersion": "1.1.28", + "currentVersion": "1.1.29", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml index 662efbbab726..009583eaac5e 100644 --- a/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml +++ b/Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml @@ -290,7 +290,7 @@ script: - description: Run this command if for some reason you need to rerun the authentication process. name: ms-management-activity arguments: [] - dockerimage: demisto/auth-utils:1.0.0.81563 + dockerimage: demisto/auth-utils:1.0.0.83550 isfetch: true runonce: false script: '-' diff --git a/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_34.md b/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_34.md new file mode 100644 index 000000000000..7b45dc72da3c --- /dev/null +++ b/Packs/MicrosoftManagementActivity/ReleaseNotes/1_3_34.md @@ -0,0 +1,3 @@ +#### Integrations +##### Microsoft Management Activity API (O365 Azure Events) +- Updated the Docker image to: *demisto/auth-utils:1.0.0.83550*. diff --git a/Packs/MicrosoftManagementActivity/pack_metadata.json b/Packs/MicrosoftManagementActivity/pack_metadata.json index b6a14c73a0b5..8fc80de25a71 100644 --- a/Packs/MicrosoftManagementActivity/pack_metadata.json +++ b/Packs/MicrosoftManagementActivity/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Management Activity API (O365/Azure Events)", "description": "An integration for Microsoft's management activity API, which enables you to fetch content records and manage your subscriptions.", "support": "xsoar", - "currentVersion": "1.3.33", + "currentVersion": "1.3.34", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml b/Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml index 9c135176aab1..db35920a0415 100644 --- a/Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml +++ b/Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml @@ -60,7 +60,7 @@ script: defaultValue: 300 description: Gets events from Zoom. name: zoom-get-events - dockerimage: demisto/auth-utils:1.0.0.81563 + dockerimage: demisto/auth-utils:1.0.0.83550 isfetchevents: true script: '-' subtype: python3 diff --git a/Packs/Zoom/ReleaseNotes/1_6_3.md b/Packs/Zoom/ReleaseNotes/1_6_3.md new file mode 100644 index 000000000000..c6e14c750283 --- /dev/null +++ b/Packs/Zoom/ReleaseNotes/1_6_3.md @@ -0,0 +1,3 @@ +#### Integrations +##### Zoom Event Collector +- Updated the Docker image to: *demisto/auth-utils:1.0.0.83550*. diff --git a/Packs/Zoom/pack_metadata.json b/Packs/Zoom/pack_metadata.json index df9336ccd5b1..dd760e750e03 100644 --- a/Packs/Zoom/pack_metadata.json +++ b/Packs/Zoom/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Zoom", "description": "Use the Zoom integration manage your Zoom users and meetings", "support": "xsoar", - "currentVersion": "1.6.2", + "currentVersion": "1.6.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 03e7a1616559d23a9c1d2cd8ef75ef7a0dbdb6cd Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 14:48:54 +0200 Subject: [PATCH 44/50] Update Docker Image To demisto/parse-emails (#31457) * Updated Metadata Of Pack CommonScripts * Added release notes to pack CommonScripts * Packs/CommonScripts/Scripts/ParseEmailFilesV2/ParseEmailFilesV2.yml Docker image update * Bump pack from version CommonScripts to 1.13.2. * Bump pack from version CommonScripts to 1.13.4. * Bump pack from version CommonScripts to 1.13.5. --------- Co-authored-by: Content Bot --- Packs/CommonScripts/ReleaseNotes/1_13_5.md | 4 ++++ .../Scripts/ParseEmailFilesV2/ParseEmailFilesV2.yml | 2 +- Packs/CommonScripts/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_13_5.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_13_5.md b/Packs/CommonScripts/ReleaseNotes/1_13_5.md new file mode 100644 index 000000000000..f571c6c03c31 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_13_5.md @@ -0,0 +1,4 @@ + +#### Scripts +##### ParseEmailFilesV2 +- Updated the Docker image to: *demisto/parse-emails:1.0.0.83392*. \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/ParseEmailFilesV2/ParseEmailFilesV2.yml b/Packs/CommonScripts/Scripts/ParseEmailFilesV2/ParseEmailFilesV2.yml index 649675a3816a..759bcb0d076e 100644 --- a/Packs/CommonScripts/Scripts/ParseEmailFilesV2/ParseEmailFilesV2.yml +++ b/Packs/CommonScripts/Scripts/ParseEmailFilesV2/ParseEmailFilesV2.yml @@ -116,4 +116,4 @@ type: python fromversion: 5.0.0 tests: - ParseEmailFilesV2-test -dockerimage: demisto/parse-emails:1.0.0.82865 +dockerimage: demisto/parse-emails:1.0.0.83392 diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index 1d7c0fcdb46f..7dd356f5f9cf 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.13.4", + "currentVersion": "1.13.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 163acd5fb940e88eb56347e9f6460e14c93d873e Mon Sep 17 00:00:00 2001 From: Adi Daud <46249224+adi88d@users.noreply.github.com> Date: Thu, 14 Dec 2023 15:55:20 +0200 Subject: [PATCH 45/50] update condition for create link to jira for contributions prs (#31475) --- .github/workflows/close_jira_issue_by_pr_merge.yml | 2 +- .github/workflows/link_edited_pr_to_jira_issue.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/close_jira_issue_by_pr_merge.yml b/.github/workflows/close_jira_issue_by_pr_merge.yml index 1044fb06f0c7..d90095c3f5f6 100644 --- a/.github/workflows/close_jira_issue_by_pr_merge.yml +++ b/.github/workflows/close_jira_issue_by_pr_merge.yml @@ -9,7 +9,7 @@ permissions: jobs: add_pr_link_to_related_jira_issue: runs-on: ubuntu-latest - if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]' && github.event.action == 'closed' && github.event.pull_request.merged == true + if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]' && github.event.action == 'closed' && github.event.pull_request.merged == true && startsWith(github.head_ref, 'contrib/') == false steps: - name: Checkout uses: actions/checkout@v4 diff --git a/.github/workflows/link_edited_pr_to_jira_issue.yml b/.github/workflows/link_edited_pr_to_jira_issue.yml index 21acea27c13f..487f03dc836a 100644 --- a/.github/workflows/link_edited_pr_to_jira_issue.yml +++ b/.github/workflows/link_edited_pr_to_jira_issue.yml @@ -9,7 +9,7 @@ permissions: jobs: add_pr_link_to_related_jira_issue: runs-on: ubuntu-latest - if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]' + if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]' && startsWith(github.head_ref, 'contrib/') == false steps: - name: Checkout uses: actions/checkout@v4 From da7a6ec3f1f7c87217ba53e29cff0452cf85e9ba Mon Sep 17 00:00:00 2001 From: sharonfi99 <147984773+sharonfi99@users.noreply.github.com> Date: Thu, 14 Dec 2023 16:30:07 +0200 Subject: [PATCH 46/50] bug fix (#31476) --- Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.xif | 0 Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.yml | 6 ------ 2 files changed, 6 deletions(-) delete mode 100644 Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.xif delete mode 100644 Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.yml diff --git a/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.xif b/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.xif deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.yml b/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.yml deleted file mode 100644 index 5de58ae5390b..000000000000 --- a/Packs/RSASecureID/ParsingRules/RSASecureID/RSASecureID.yml +++ /dev/null @@ -1,6 +0,0 @@ -id: RSA_SecureID_ParsingRule -name: RSA SecureID Parsing Rule -fromversion: 8.4.0 -tags: [] -rules: '' -samples: '' \ No newline at end of file From d1c139db95efa7424ff3fe42aad10e71ff6051fd Mon Sep 17 00:00:00 2001 From: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Date: Thu, 14 Dec 2023 17:25:34 +0200 Subject: [PATCH 47/50] [SaaS Security Event Collector] - logs & docs improvements (#31474) * [SaaS Security Event Collector] - logs improvements * docs updates * rn * pre-commit fixes --- .../SaasSecurityEventCollector.py | 20 ++++++++++--------- .../SaasSecurityEventCollector.yml | 6 +++--- .../SaasSecurityEventCollector_description.md | 1 + .../PrismaSaasSecurity/ReleaseNotes/2_0_28.md | 7 +++++++ Packs/PrismaSaasSecurity/pack_metadata.json | 2 +- 5 files changed, 23 insertions(+), 13 deletions(-) create mode 100644 Packs/PrismaSaasSecurity/ReleaseNotes/2_0_28.md diff --git a/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector.py b/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector.py index f64f9909574f..cf7c626b03f0 100644 --- a/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector.py +++ b/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector.py @@ -231,17 +231,19 @@ def fetch_events_from_saas_security( # if max fetch is None, all events will be fetched until there aren't anymore in the queue (until we get 204) try: - iteration_num = 0 # this is done in order to prevent timeouts - while under_max_fetch and iteration_num < max_iterations: + iteration_num = 1 # this is done in order to prevent timeouts + while under_max_fetch and iteration_num < max_iterations + 1: response = client.get_events_request() if response.status_code == 204: # if we got 204, it means there aren't events in the queue, hence breaking. break fetched_events = response.json().get('events') or [] - demisto.info(f'fetched events length: ({len(fetched_events)})') - demisto.info(f'fetched the following events: {fetched_events}') + demisto.info(f'fetched events length: ({len(fetched_events)}) in iteration {iteration_num}') + demisto.info(f'fetched the following events: {fetched_events} in iteration {iteration_num}') events.extend(fetched_events) + events_len = len(events) if max_fetch: - under_max_fetch = len(events) < max_fetch + under_max_fetch = events_len < max_fetch + demisto.info(f'Collected already {events_len} events until iteration {iteration_num}') iteration_num += 1 except Exception as exc: demisto.info(f'Got error get_events: {exc}') @@ -285,9 +287,9 @@ def main() -> None: # pragma: no cover demisto.info(f'got exception when trying to fetch events: [{exception}]') else: events = integration_context.get('events') - demisto.info('fetching events from integration context') + demisto.info('Fetching events from integration context') try: - demisto.info(f'sending the following amount of events into XSIAM: {len(events)}') + demisto.info(f'Sending the following amount of events into XSIAM: {len(events)}') send_events_to_xsiam( events=events, vendor=VENDOR, @@ -295,9 +297,9 @@ def main() -> None: # pragma: no cover ) demisto.setIntegrationContext({}) except Exception as e: - demisto.info(f'got error when trying to send events to XSIAM: [{e}]') + demisto.info(f'Received error when trying to send events to XSIAM: [{e}]') demisto.setIntegrationContext({'events': events}) - demisto.info(f'set the following events into integration context: {events}') + demisto.info(f'Successfully set the following events into integration context: {events}') elif command == 'saas-security-get-events': return_results(get_events_command(client, args, max_fetch=max_fetch, max_iterations=max_iterations)) else: diff --git a/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector.yml b/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector.yml index a9dfd6fbbe10..3e3b7b070c92 100644 --- a/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector.yml +++ b/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector.yml @@ -24,7 +24,7 @@ configuration: type: 8 required: false - display: The maximum number of events per fetch. - additionalinfo: The maximum number of events to fetch every time fetch is being executed. This number must be divisible by 100 due to SaaS-Security api limitations. Default is 1000. In case this is empty, all available events will be fetched. + additionalinfo: The maximum number of events to fetch every time fetch is being executed. This number must be divisible by 100 due to SaaS-Security api limitations. Default is 1000. In case this is empty, will default to 5000. defaultvalue: 1000 name: max_fetch type: 0 @@ -47,7 +47,7 @@ script: description: The maximum number of events to get. Must be divisible by 100 due to SaaS-Security api limitations. Overrides the max-fetch parameter of the integration. - auto: PREDEFINED defaultValue: 'False' - description: Set this argument to True in order to create events, otherwise the command will only display them. *If setting to 'False' The returned events will be lost.* + description: Set this argument to True in order to create events, otherwise the command will only display them. *If setting to 'False' The returned events will be lost. name: should_push_events predefined: - 'True' @@ -144,7 +144,7 @@ script: - contextPath: SaasSecurity.Event.resource_value_new description: New resource value. (optional). type: String - dockerimage: demisto/python3:3.10.12.63474 + dockerimage: demisto/python3:3.10.13.83255 isfetchevents: true script: '-' subtype: python3 diff --git a/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector_description.md b/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector_description.md index d41519ef8a54..d7aee505af4e 100644 --- a/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector_description.md +++ b/Packs/PrismaSaasSecurity/Integrations/SaasSecurityEventCollector/SaasSecurityEventCollector_description.md @@ -8,6 +8,7 @@ 6) In some rare cases more than ```max_fetch``` events could be fetched. 7) The maximum recommended max fetch is 5000 to avoid fetch timeouts. 8) In case not providing the ```max_fetch``` argument, the default will be 1000. +9) The maximum recommended amount of ```max_iterations``` is 50 to avoid fetch timeouts Creating the Client ID and Client Secret in the SaaS Security UI: diff --git a/Packs/PrismaSaasSecurity/ReleaseNotes/2_0_28.md b/Packs/PrismaSaasSecurity/ReleaseNotes/2_0_28.md new file mode 100644 index 000000000000..26418420f522 --- /dev/null +++ b/Packs/PrismaSaasSecurity/ReleaseNotes/2_0_28.md @@ -0,0 +1,7 @@ + +#### Integrations + +##### SaaS Security Event Collector + +- Logging and documentation improvements. +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/PrismaSaasSecurity/pack_metadata.json b/Packs/PrismaSaasSecurity/pack_metadata.json index 0d95703d1daf..f4e71209e8c5 100644 --- a/Packs/PrismaSaasSecurity/pack_metadata.json +++ b/Packs/PrismaSaasSecurity/pack_metadata.json @@ -2,7 +2,7 @@ "name": "SaaS Security by Palo Alto Networks", "description": "SaaS Security connects directly to your sanctioned SaaS applications to provide data classification, sharing and permission visibility, and threat detection.", "support": "xsoar", - "currentVersion": "2.0.27", + "currentVersion": "2.0.28", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 4741d1044e15c982eade30409b498873bfe87a89 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 17:42:15 +0200 Subject: [PATCH 48/50] Added context output and indicator tagging to CreateIndicatorsFromStix (#31485) * Added context output and indicator tagging to CreateIndicatorsFromStix (#31140) * Added context output and tagging to CreateIndicatorsFromSTIX.py * Removed Spaces in CommandResults * Added Release Note Bumped Up Version to 1.12.50 * Update Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.py Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.py Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.py Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> * fixes in CreateIndicatorsFromSTIX.py * Updated YML * Updated CreateIndicatorsFromSTIX_test.py * Updated CreateIndicatorsFromSTIX_test.py * Updated Docker Image Version * Updated Release notes to align with docker version * Added Tags to context output. * Added outputs to CreateIndicatorsFromSTIX.yml * Bumped up Docker Image version in Release Note and YML Added additional asserts in test * Adjusted Version * Updated README.md * Updated CreateIndicatorsFromSTIX.yml with description periods. * Added CONTRIBUTORS.json * Deleted CONTRIBUTORS.json * Update 1_13_5.md * Update CreateIndicatorsFromSTIX.yml * Update README.md * Update README.md * Update Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * merge from master --------- Co-authored-by: Martin Ohl Co-authored-by: Adi Daud <46249224+adi88d@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: adi88d --- Packs/CommonScripts/ReleaseNotes/1_13_6.md | 6 +++ .../CreateIndicatorsFromSTIX.py | 39 ++++++++++++++++--- .../CreateIndicatorsFromSTIX.yml | 16 ++++++++ .../CreateIndicatorsFromSTIX_test.py | 35 ++++++++++++++--- .../CreateIndicatorsFromSTIX/README.md | 10 ++++- Packs/CommonScripts/pack_metadata.json | 2 +- 6 files changed, 95 insertions(+), 13 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_13_6.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_13_6.md b/Packs/CommonScripts/ReleaseNotes/1_13_6.md new file mode 100644 index 000000000000..18bd622dea6c --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_13_6.md @@ -0,0 +1,6 @@ +#### Scripts + +##### CreateIndicatorsFromSTIX + +- Added the *add_context* and * tags* arguments for context output. +- Updated the Docker image to: *demisto/python3:3.10.13.83255*. \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.py b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.py index 47303f6bc159..2e8d99ae9e81 100644 --- a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.py +++ b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.py @@ -34,7 +34,7 @@ def create_relationships_from_entity(indicator_relationships): return entity_relationships -def create_indicators_loop(indicators): +def create_indicators_loop(args, indicators): """ Create indicators using createNewIndicator automation :param indicators: parsed indicators @@ -42,18 +42,45 @@ def create_indicators_loop(indicators): """ relationships_objects = list() errors = list() + context_data = [] + add_context = argToBoolean(args.get('add_context', False)) + tags = argToList(args.get('tags')) + for indicator in indicators: indicator['type'] = indicator.get('indicator_type') relationship_object = create_relationships_from_entity(indicator.get('relationships')) if relationship_object: relationships_objects.extend(relationship_object) + + if len(tags) > 0: + if 'customFields' in indicator: + if 'tags' in indicator.get('customFields'): + [indicator['customFields']['tags'].append(ntag) for ntag in tags] + + context = {'value': indicator['value'], 'type': indicator['type']} + if 'tags' in indicator.get('customFields'): + context['tags'] = indicator['customFields']['tags'] + res = demisto.executeCommand("createNewIndicator", indicator) + context_data.append(context) + if is_error(res[0]): errors.append(f'Error creating indicator - {(res[0]["Contents"])}') - result = CommandResults( - readable_output=f"Create Indicators From STIX: {len(indicators) - len(errors)} indicators were created.", - relationships=relationships_objects - ) + + if add_context: + result = CommandResults( + readable_output=f"Create Indicators From STIX: {len(indicators) - len(errors)} indicators were created.", + relationships=relationships_objects, + outputs_prefix='StixIndicators', + outputs_key_field='value', + outputs=context_data + ) + else: + result = CommandResults( + readable_output=f"Create Indicators From STIX: {len(indicators) - len(errors)} indicators were created.", + relationships=relationships_objects + ) + return result, errors @@ -61,7 +88,7 @@ def main(): # pragma: no cover args = demisto.args() entry_id = args.get("entry_id", "") indicators = parse_indicators_using_stix_parser(entry_id) - results, errors = create_indicators_loop(indicators) + results, errors = create_indicators_loop(args, indicators) return_results(results) if errors: return_error(json.dumps(errors, indent=4)) diff --git a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml index effc89baaeea..5863617a828d 100644 --- a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml +++ b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX.yml @@ -2,6 +2,22 @@ args: - description: The entry ID of the STIX file. name: entry_id required: true +- auto: PREDEFINED + defaultValue: "false" + description: Adds indicators to context. + name: add_context + predefined: + - "true" + - "false" +- description: A comma-separated list of tags to add to indicators. + name: tags +outputs: +- contextPath: StixIndicators.type + description: Type of the indicator. +- contextPath: StixIndicators.value + description: Value of the indicator. +- contextPath: StixIndicators.tags + description: Tags of the indicator. comment: Creates indicators from the submitted STIX file. Supports STIX 1.0 and STIX 2.x. This automation creates indicators and adds an indicator's relationships if available. commonfields: id: CreateIndicatorsFromSTIX diff --git a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX_test.py b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX_test.py index 21f5a06b5909..9cb2d6bf96f4 100644 --- a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX_test.py +++ b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/CreateIndicatorsFromSTIX_test.py @@ -1,10 +1,7 @@ -import demistomock as demisto -from CommonServerPython import * -from CommonServerUserPython import * from CreateIndicatorsFromSTIX import * -def test_create_indicators_loop(mocker): +def test_create_indicators_loop_wo_args(mocker): """ Given: - A collection of indicators in XSOAR Format @@ -15,12 +12,40 @@ def test_create_indicators_loop(mocker): Then: - Validate the indicators extract without errors. """ + args = {} with open('test_data/expected_result_example3.json') as json_f: indicators = json.load(json_f) mocker.patch.object(demisto, 'executeCommand', return_value=[None]) - results, errors = create_indicators_loop(indicators=indicators) + results, errors = create_indicators_loop(args, indicators) + + assert errors == [] + assert results.readable_output == 'Create Indicators From STIX: 2 indicators were created.' + + +def test_create_indicators_loop_w_args(mocker): + """ + Given: + - A collection of indicators in XSOAR Format + + When: + - Parsing stix indicators. + + Then: + - Validate the indicators extract without errors. + """ + args = { + 'add_context': 'true', + 'tags': 'tag1,tag2' + } + + with open('test_data/expected_result_example3.json') as json_f: + indicators = json.load(json_f) + mocker.patch.object(demisto, 'executeCommand', return_value=[None]) + results, errors = create_indicators_loop(args, indicators) + assert errors == [] assert results.readable_output == 'Create Indicators From STIX: 2 indicators were created.' + assert results.outputs[0]['tags'] == ['tag1', 'tag2'] def test_parse_indicators_using_stix_parser(mocker): diff --git a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/README.md b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/README.md index f274a3cb80ea..3c973e78754c 100644 --- a/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/README.md +++ b/Packs/CommonScripts/Scripts/CreateIndicatorsFromSTIX/README.md @@ -17,7 +17,15 @@ Wrapper for the **StixParser** automation. This automation creates indicators an | **Argument Name** | **Description** | | --- | --- | | entry_id | The entry ID of the STIX file. | +| add_context | Adds indicators to context. | +| tags | A comma-separated list of tags to add to indicators. | ## Outputs + --- -There are no outputs for this script. + +| **Path** | **Description** | **Type** | +| --- | --- | --- | +| StixIndicators.type | Type of the indicator. | String | +| StixIndicators.value | Value of the indicator. | String | +| StixIndicators.tags | Tags of the indicator. | Unknown | diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index 7dd356f5f9cf..c74add0b3f91 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.13.5", + "currentVersion": "1.13.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 54ae28c47dd786b6606bc5bc100fbc7b8f796629 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 18:03:24 +0200 Subject: [PATCH 49/50] Update Docker Image To demisto/sklearn (#31458) * Updated Metadata Of Pack Phishing * Added release notes to pack Phishing * Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.yml Docker image update --------- Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> --- Packs/Phishing/ReleaseNotes/3_6_3.md | 4 ++++ .../FindDuplicateEmailIncidents.yml | 2 +- Packs/Phishing/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/Phishing/ReleaseNotes/3_6_3.md diff --git a/Packs/Phishing/ReleaseNotes/3_6_3.md b/Packs/Phishing/ReleaseNotes/3_6_3.md new file mode 100644 index 000000000000..60c650b722e9 --- /dev/null +++ b/Packs/Phishing/ReleaseNotes/3_6_3.md @@ -0,0 +1,4 @@ + +#### Scripts +##### FindDuplicateEmailIncidents +- Updated the Docker image to: *demisto/sklearn:1.0.0.83494*. \ No newline at end of file diff --git a/Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.yml b/Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.yml index 39027a89ace2..61941a90b6b9 100644 --- a/Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.yml +++ b/Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.yml @@ -109,7 +109,7 @@ tags: - phishing timeout: 600ns type: python -dockerimage: demisto/sklearn:1.0.0.80783 +dockerimage: demisto/sklearn:1.0.0.83494 tests: - No tests (auto formatted) fromversion: 5.0.0 diff --git a/Packs/Phishing/pack_metadata.json b/Packs/Phishing/pack_metadata.json index 25fd37eb6ae4..84e9387fbebc 100644 --- a/Packs/Phishing/pack_metadata.json +++ b/Packs/Phishing/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Phishing", "description": "Phishing emails still hooking your end users? This Content Pack can drastically reduce the time your security team spends on phishing alerts.", "support": "xsoar", - "currentVersion": "3.6.2", + "currentVersion": "3.6.3", "serverMinVersion": "6.0.0", "videos": [ "https://www.youtube.com/watch?v=SY-3L348PoY" From e92224682f203ad9e9294dd552d7d6205dbfb120 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 14 Dec 2023 18:09:56 +0200 Subject: [PATCH 50/50] Update Docker Image To demisto/chromium (#31460) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update --------- Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> --- Packs/ExpanseV2/ReleaseNotes/1_10_46.md | 4 ++++ .../ExpanseGenerateIssueMapWidgetScript.yml | 2 +- Packs/ExpanseV2/pack_metadata.json | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 Packs/ExpanseV2/ReleaseNotes/1_10_46.md diff --git a/Packs/ExpanseV2/ReleaseNotes/1_10_46.md b/Packs/ExpanseV2/ReleaseNotes/1_10_46.md new file mode 100644 index 000000000000..798252c65679 --- /dev/null +++ b/Packs/ExpanseV2/ReleaseNotes/1_10_46.md @@ -0,0 +1,4 @@ + +#### Scripts +##### ExpanseGenerateIssueMapWidgetScript +- Updated the Docker image to: *demisto/chromium:120.0.6099.83579*. \ No newline at end of file diff --git a/Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml b/Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml index b89452d3674e..28b9895ce570 100644 --- a/Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml +++ b/Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml @@ -13,7 +13,7 @@ comment: |- commonfields: id: ExpanseGenerateIssueMapWidgetScript version: -1 -dockerimage: demisto/chromium:118.0.5993.78770 +dockerimage: demisto/chromium:120.0.6099.83579 enabled: true name: ExpanseGenerateIssueMapWidgetScript script: '-' diff --git a/Packs/ExpanseV2/pack_metadata.json b/Packs/ExpanseV2/pack_metadata.json index d89f412c9593..1d65007fd09a 100644 --- a/Packs/ExpanseV2/pack_metadata.json +++ b/Packs/ExpanseV2/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cortex Xpanse by Palo Alto Networks", "description": "Automate Attack Surface Management to identify Internet assets and quickly remediate misconfigurations with Expanse, a Palo Alto Networks company.", "support": "xsoar", - "currentVersion": "1.10.45", + "currentVersion": "1.10.46", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "",