From f6240730eeea74cb8c0a7b29b1eb7220435d6ed6 Mon Sep 17 00:00:00 2001 From: Lilach Amar Date: Mon, 13 Jan 2025 09:08:20 +0200 Subject: [PATCH 1/7] update semperis DSP solution --- ...sDSP_EvidenceOfMimikatzDCShadowAttack.yaml | 7 - .../SemperisDSP_KerberoskrbtgtAccount.yaml | 7 - ...SP_RecentsIDHistoryChangesOnADObjects.yaml | 7 - ...P_WellKnownPrivilegedSIDsInsIDHistory.yaml | 7 - .../SemperisDSP_ZerologonVulnerability.yaml | 7 - .../Semperis_DSP_Failed_Logons.yaml | 16 +- ...SP_Operations_Critical_Notifications_.yaml | 9 +- .../Semperis_DSP_RBAC_Changes.yaml | 7 +- .../SemperisDSP-connector.json | 48 +++- .../Parsers/dsp_parser.yaml | 48 ++-- .../SemperisDSPSecurityIndicators.json | 242 +++++++++--------- 11 files changed, 198 insertions(+), 207 deletions(-) diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml index a4de3d73c5f..d649811cfc5 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml @@ -20,15 +20,8 @@ query: | dsp_parser | where EventID == 9212 | where SecurityIndicatorName == "Evidence of Mimikatz DCShadow attack" - | extend NTDomain = tostring(split(UserName, '\\', 0)[0]), LoginUser = tostring(split(UserName, '\\', 1)[0]) | extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.')) entityMappings: - - entityType: Account - fieldMappings: - - identifier: Name - columnName: LoginUser - - identifier: NTDomain - columnName: NTDomain - entityType: Host fieldMappings: - identifier: HostName diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_KerberoskrbtgtAccount.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_KerberoskrbtgtAccount.yaml index b86dcd5905f..ed6719a40e0 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_KerberoskrbtgtAccount.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_KerberoskrbtgtAccount.yaml @@ -20,15 +20,8 @@ query: | dsp_parser | where EventID == 9212 | where SecurityIndicatorName == "Kerberos krbtgt account with old password" - | extend NTDomain = tostring(split(UserName, '\\', 0)[0]), LoginUser = tostring(split(UserName, '\\', 1)[0]) | extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.')) entityMappings: - - entityType: Account - fieldMappings: - - identifier: Name - columnName: LoginUser - - identifier: NTDomain - columnName: NTDomain - entityType: Host fieldMappings: - identifier: HostName diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_RecentsIDHistoryChangesOnADObjects.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_RecentsIDHistoryChangesOnADObjects.yaml index 305172e0c1a..b1e62b31e88 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_RecentsIDHistoryChangesOnADObjects.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_RecentsIDHistoryChangesOnADObjects.yaml @@ -21,15 +21,8 @@ query: | dsp_parser | where EventID == 9212 | where SecurityIndicatorName == "Recent sIDHistory changes on objects" - | extend NTDomain = tostring(split(UserName, '\\', 0)[0]), LoginUser = tostring(split(UserName, '\\', 1)[0]) | extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.')) entityMappings: - - entityType: Account - fieldMappings: - - identifier: Name - columnName: LoginUser - - identifier: NTDomain - columnName: NTDomain - entityType: Host fieldMappings: - identifier: HostName diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory.yaml index 5680a302180..808eee8703e 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory.yaml @@ -21,15 +21,8 @@ query: | dsp_parser | where EventID == 9212 | where SecurityIndicatorName == "Well-known privileged SIDs in sIDHistory" - | extend NTDomain = tostring(split(UserName, '\\', 0)[0]), LoginUser = tostring(split(UserName, '\\', 1)[0]) | extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.')) entityMappings: - - entityType: Account - fieldMappings: - - identifier: Name - columnName: LoginUser - - identifier: NTDomain - columnName: NTDomain - entityType: Host fieldMappings: - identifier: HostName diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_ZerologonVulnerability.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_ZerologonVulnerability.yaml index 35c2e5f2daa..2e49ab25856 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_ZerologonVulnerability.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_ZerologonVulnerability.yaml @@ -20,15 +20,8 @@ query: | dsp_parser | where EventID == 9212 | where SecurityIndicatorName == "Zerologon vulnerability" - | extend NTDomain = tostring(split(UserName, '\\', 0)[0]), LoginUser = tostring(split(UserName, '\\', 1)[0]) | extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.')) entityMappings: - - entityType: Account - fieldMappings: - - identifier: Name - columnName: LoginUser - - identifier: NTDomain - columnName: NTDomain - entityType: Host fieldMappings: - identifier: HostName diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Failed_Logons.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Failed_Logons.yaml index eb2ce206c0b..05e28a7e3ef 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Failed_Logons.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Failed_Logons.yaml @@ -19,14 +19,20 @@ relevantTechniques: triggerOperator: gt triggerThreshold: 0 query: | - Event - | where Source == 'Semperis-Operation-Log' and EventID == 20002 + SecurityEvent + | where EventSourceName == 'Semperis-Operation-Log' and EventID == 20002 | sort by TimeGenerated desc - | parse RenderedDescription with "Operation: " Operation "Access Granted:" AccessGranted "Result: " Result "Details: " * "Trustee Name: " TrusteeName " Correlation ID: " * " Source: " HostIP "WebSite Target" * + | extend p1Xml = parse_xml(EventData).EventData.Data + | mv-expand bagexpansion=array p1Xml + | evaluate bag_unpack(p1Xml) + | extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '') + | evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId) + | extend det = column_ifexists('details', '') + | parse det with * "Trustee Name: " TrusteeName " Correlation ID: " * " Source: " HostIP "WebSite Target" * | extend host = tostring(HostIP) | extend HostIP = trim_end(":", HostIP) - | project TimeGenerated, UserName, HostIP, _ResourceId - | extend NTDomain = tostring(split(UserName, '\\', 0)[0]), Name = tostring(split(UserName, '\\', 1)[0]) + | project TimeGenerated, TrusteeName, HostIP, _ResourceId + | extend NTDomain = tostring(split(TrusteeName, '\\', 0)[0]), Name = tostring(split(TrusteeName, '\\', 1)[0]) entityMappings: - entityType: IP fieldMappings: diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Operations_Critical_Notifications_.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Operations_Critical_Notifications_.yaml index 9fbd89a8cdb..fcceaa6618d 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Operations_Critical_Notifications_.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Operations_Critical_Notifications_.yaml @@ -21,15 +21,16 @@ relevantTechniques: - T1110 - T1584 query: | - Event - | where Source == 'Semperis-DSP-Notifications' and EventID == 30001 - | extend p1Xml = parse_xml(EventData).DataItem.EventData.Data + SecurityEvent + | where EventSourceName == 'Semperis-DSP-Notifications' and EventID == 30001 + | extend p1Xml = parse_xml(EventData).EventData.Data | mv-expand bagexpansion=array p1Xml | evaluate bag_unpack(p1Xml) | extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '') + | evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId) | parse column_ifexists('objectDN', '') with * "CN=" cnName "," * | where "Critical" == column_ifexists('severity', "") - | extend NTDomain = tostring(split(UserName, '\\', 0)[0]), LoginUser = tostring(split(UserName, '\\', 1)[0]) + | extend NTDomain = tostring(split(changedBy, '\\', 0)[0]), LoginUser = tostring(split(changedBy, '\\', 1)[0]) | extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.')) entityMappings: - entityType: Account diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_RBAC_Changes.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_RBAC_Changes.yaml index 11cba88a4c2..4a0fa8c220a 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_RBAC_Changes.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_RBAC_Changes.yaml @@ -19,13 +19,14 @@ relevantTechniques: - T1548 - T1098 query: | - Event - | where Source == 'Semperis-Operation-Log' and EventID == 20012 + SecurityEvent + | where EventSourceName == 'Semperis-Operation-Log' and EventID == 20012 | order by TimeGenerated desc | extend p1Xml = parse_xml(EventData).DataItem.EventData.Data | mv-expand bagexpansion=array p1Xml | evaluate bag_unpack(p1Xml) | extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '') + | evaluate pivot(Name, any(Value), TimeGenerated, Computer, Level, EventLevelName, EventID, Type, _ResourceId) | extend det = column_ifexists('details', '') | parse det with "Occured at (UTC): " OccurredAt "Session ID: " SessionID "Trustee Name: " TrusteeName "Correlation ID: " CorrelationID "Source: " Source "WebSite Target: " WebSiteTarget "Product: " Product "Component: " Component "AD Information: " ADInformation "Object GUID: " ObjectGUID "Attribute: " Attribute "Distinguished Name: " DistinguishedName "Additional Information: "AdditionalInformation "Operation Detail: " OperationDetail "operationName: " operationName "trustee: " trustee "personas: " personas "Status: " status "Granted: " Granted "Result: " Result | extend _AccessGranted = iif(operationName contains "CreateRbacIdentity", "Added", "Removed") @@ -36,7 +37,7 @@ query: | | extend grid_personas = iif(operationName contains "CreateRbacIdentity", add_personas, remove_personas) | extend date_to_sort = format_datetime(TimeGenerated, "yyyy-mm-dd HH:mm:ss") | order by date_to_sort desc - | extend NTDomain = tostring(split(UserName, '\\', 0)[0]), LoginUser = tostring(split(UserName, '\\', 1)[0]) + | extend NTDomain = tostring(split(TrusteeName, '\\', 0)[0]), LoginUser = tostring(split(TrusteeName, '\\', 1)[0]) | extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.')) entityMappings: - entityType: Account diff --git a/Solutions/Semperis Directory Services Protector/Data Connectors/SemperisDSP-connector.json b/Solutions/Semperis Directory Services Protector/Data Connectors/SemperisDSP-connector.json index e14d92fe95f..1b697318462 100644 --- a/Solutions/Semperis Directory Services Protector/Data Connectors/SemperisDSP-connector.json +++ b/Solutions/Semperis Directory Services Protector/Data Connectors/SemperisDSP-connector.json @@ -87,12 +87,16 @@ ] }, { - "title": "1. Configure Semperis DSP Management Server to send Windows event logs to your Microsoft Sentinel Workspace", - "description": "On your **Semperis DSP Management Server** install the Microsoft agent for Windows." + "title": "**Configure Windows Security Events via AMA connector**", + "description": "Collect Windows security events logs from your **Semperis DSP Management Server** ." }, { - "title": "2. Install and onboard the Microsoft agent for Windows", - "description": "You can skip this step if you have already installed the Microsoft agent for Windows", + "title": "1. Install the Azure Monitor Agent (AMA)", + "description": "On your **Semperis DSP Management Server** install the AMA on the DSP machine that will act as the event log forwarder.\nYou can skip this step if you have already installed the Microsoft agent for Windows" + }, + { + "title": "2. Create a Data Collection Rule (DCR)", + "description": "Start collecting logs from the **Semperis DSP Management Server** .\n\n1. In the Azure portal, navigate to your **Log Analytics workspace**.\n2. In the left pane, click on **Configuration** and then **Data connectors**.\n3. Find and install the **the Windows Security Events via AMA** connector.\n4. Click on **Open connector** and then on **Create data collection rule**.\n5. Configure the DCR with the necessary details, such as the log sources and the destination workspace.", "instructions": [ { "parameters": { @@ -117,20 +121,46 @@ ] }, { - "title": "3. Configure the Semperis DSP Windows event logs to be collected by the agent", - "description": "Configure the agent to collect the logs.\n\n1. Under workspace advanced settings **Configuration**, select **Data** and then **Windows Event Logs**.\n2. Select **Go to Agents configuration** and click **Add Windows event log**.\n3. Enter **Semperis-DSP-Security/Operational** as the log name to be collected and click **Apply**", + "title": "**Configure Common Event Format via AMA connector**", + "description": "Collect syslog messages send from your **Semperis DSP Management Server** ." + }, + { + "title": "1. Install the Azure Monitor Agent (AMA)", + "description": "Install the AMA on the Linux machine that will act as the log forwarder. This machine will collect and forward CEF logs to Microsoft Sentinel.\nYou can skip this step if you have already installed the Microsoft agent for Linux" + }, + { + "title": "2. Create a Data Collection Rule (DCR)", + "description": "Start collecting logs from the **Semperis DSP Management Server** .\n\n1. In the Azure portal, navigate to your **Log Analytics workspace**.\n2. In the left pane, click on **Configuration** and then **Data connectors**.\n3. Find and install the **the Common Event Format via AMA** connector.\n4. Click on **Open connector** and then on **Create data collection rule**.\n5. Configure the DCR with the necessary details, such as the log sources and the destination workspace.", "instructions": [ { "parameters": { - "linkType": "OpenAdvancedWorkspaceSettings" + "title": "Choose where to install the agent:", + "instructionSteps": [ + { + "title": "Install agent on Semperis DSP Management Server", + "description": "Download the agent on the relevant machine and follow the instructions.", + "instructions": [ + { + "parameters": { + "linkType": "InstallAgentOnNonAzure" + }, + "type": "InstallAgent" + } + ] + } + ] }, - "type": "InstallAgent" + "type": "InstructionStepsGroup" } ] }, + { + "title": "3. Configure sending CEF logs on your Semperis DSP Management Server", + "description": "Configure your **Semperis DSP Management Server** to send CEF logs to the Linux machine where the AMA is installed. This involves setting the destination IP address and port for the CEF logs" + }, { "title": "", - "description": "> You should now be able to receive logs in the *Windows event log* table, log data can be parsed using the **dsp_parser()** function, used by all query samples, workbooks and analytic templates." + "description": "> You should now be able to receive logs in the *Windows event log* table and *common log* table, log data can be parsed using the **dsp_parser()** function, used by all query samples, workbooks and analytic templates." } ], "metadata": { diff --git a/Solutions/Semperis Directory Services Protector/Parsers/dsp_parser.yaml b/Solutions/Semperis Directory Services Protector/Parsers/dsp_parser.yaml index dafb73e4ee3..040fbceddee 100644 --- a/Solutions/Semperis Directory Services Protector/Parsers/dsp_parser.yaml +++ b/Solutions/Semperis Directory Services Protector/Parsers/dsp_parser.yaml @@ -2,41 +2,39 @@ id: 5ea4c8c2-a6e9-4321-8402-39635ffcfbe4 Function: Title: Parser for dsp_parser Version: '1.0.0' - LastUpdated: '2023-08-23' + LastUpdated: '2024-12-25' Category: Microsoft Sentinel Parser FunctionName: dsp_parser FunctionAlias: dsp_parser FunctionQuery: | - Event - | where Source == "Semperis-DSP-Security" - | where EventID in ("9211","9212","9208") + SecurityEvent + | where EventSourceName == "Semperis-DSP-Security" + | where EventID in ("9211", "9212", "9208") | parse EventData with - '' DSPData '' + '' DSPData '' | parse DSPData with * '' FirstFound '' * | parse DSPData with - '' GenerationTime '' - '' SecurityIndicatorName '' - '' Result '' * - '' Score '' - '' ForestName '' - '' Domains '' - '' Severity '' - '' Weight '' - '' SecurityFrameworkTags '' - '' SecurityIndicatorDescription '' - '' LikelihoodOfCompromise '' - '' ResultMessage '' - '' NumberOfResults '' - '' Remediation '' - '' Schedule '' - * + '' GenerationTime '' * + '' SecurityIndicatorName '' * + '' Result '' * + '' Score '' * + '' ForestName '' * + '' Domains '' * + '' Severity '' * + '' Weight '' * + '' SecurityFrameworkTags '' * + '' SecurityIndicatorDescription '' * + '' LikelihoodOfCompromise '' * + '' ResultMessage '' * + '' NumberOfResults '' * + '' Remediation '' * + '' Schedule '' + * | extend SecurityFrameworkTagsCsv = replace(@' Mitre:', @'', tostring(SecurityFrameworkTags)) | extend SecurityFrameworkTagsCsv = replace(@'Mitre:', @'', tostring(SecurityFrameworkTagsCsv)) - | extend SecurityFrameworkTags = replace(@'Mitre:', @'', tostring(SecurityFrameworkTags)) \ No newline at end of file + | extend SecurityFrameworkTags = replace(@'Mitre:', @'', tostring(SecurityFrameworkTags)) + | extend GenerationTimeTags = tostring(DSPData) \ No newline at end of file diff --git a/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPSecurityIndicators.json b/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPSecurityIndicators.json index 89aef527d5f..ed732a81c8a 100644 --- a/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPSecurityIndicators.json +++ b/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPSecurityIndicators.json @@ -29,7 +29,7 @@ "description": " Specify the time range on which to query the data", "isRequired": true, "value": { - "durationMs": 604800000 + "durationMs": 1209600000 }, "typeSettings": { "selectableValues": [ @@ -108,7 +108,10 @@ "timeContextFromParameter": "TimeRange", "defaultValue": "value::all", "queryType": 0, - "resourceType": "microsoft.operationalinsights/workspaces" + "resourceType": "microsoft.operationalinsights/workspaces", + "value": [ + "value::all" + ] }, { "id": "cf84c455-c1b9-4785-a592-54834be54097", @@ -143,57 +146,6 @@ }, "name": "parameters - 3" }, - { - "type": 3, - "content": { - "version": "KqlItem/1.0", - "query": "dsp_parser\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| mv-expand bagexpansion=array SecurityFrameworkTagList to typeof(string)\r\n| where SecurityFrameworkTagList in ({MitreFramework})\r\n| summarize event_count=count() by SecurityFrameworkTagList\r\n", - "size": 0, - "title": "Amount of Generated Events per Category", - "timeContextFromParameter": "TimeRange", - "queryType": 0, - "resourceType": "microsoft.operationalinsights/workspaces", - "visualization": "barchart", - "graphSettings": { - "type": 0, - "topContent": { - "columnMatch": "securityFrameworkTags", - "formatter": 1 - }, - "centerContent": { - "columnMatch": "event_count", - "formatter": 1, - "numberFormat": { - "unit": 17, - "options": { - "maximumSignificantDigits": 3, - "maximumFractionDigits": 2 - } - } - } - }, - "chartSettings": { - "createOtherGroup": null - }, - "mapSettings": { - "locInfo": "LatLong", - "sizeSettings": "event_count", - "sizeAggregation": "Sum", - "legendMetric": "event_count", - "legendAggregation": "Sum", - "itemColorSettings": { - "type": "heatmap", - "colorAggregation": "Sum", - "nodeColorField": "event_count", - "heatmapPalette": "greenRed" - } - } - }, - "name": "query - 5", - "styleSettings": { - "showBorder": true - } - }, { "type": 12, "content": { @@ -204,58 +156,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "dsp_parser\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| extend MitreFramework = pack_array({MitreFramework})\r\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\r\n| extend FilterIntersectionCount = array_length(FilterIntersection)\r\n| where FilterIntersectionCount > 0\r\n| summarize Requests = count() by tostring(SecurityIndicatorName)\r\n| order by Requests\r\n", - "size": 3, - "title": "Breakdown by Indicators of Exposure (IoEs)", - "noDataMessageStyle": 4, - "timeContextFromParameter": "TimeRange", - "queryType": 0, - "resourceType": "microsoft.operationalinsights/workspaces", - "visualization": "tiles", - "tileSettings": { - "titleContent": { - "columnMatch": "SecurityIndicatorName", - "formatter": 1 - }, - "subtitleContent": { - "columnMatch": "Requests", - "formatter": 12, - "formatOptions": { - "palette": "auto" - } - }, - "showBorder": false, - "size": "auto" - }, - "chartSettings": { - "group": "securityIndicatorName", - "createOtherGroup": 10, - "showMetrics": false - }, - "mapSettings": { - "locInfo": "LatLong", - "sizeSettings": "Requests", - "sizeAggregation": "Sum", - "legendMetric": "Requests", - "legendAggregation": "Sum", - "itemColorSettings": { - "type": "heatmap", - "colorAggregation": "Sum", - "nodeColorField": "Requests", - "heatmapPalette": "greenRed" - } - } - }, - "name": "query - 2", - "styleSettings": { - "showBorder": true - } - }, - { - "type": 3, - "content": { - "version": "KqlItem/1.0", - "query": "dsp_parser\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| extend MitreFramework = pack_array({MitreFramework})\r\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\r\n| extend FilterIntersectionCount = array_length(FilterIntersection)\r\n| where FilterIntersectionCount > 0\r\n| summarize Count = count() by tostring(SecurityFrameworkTags), tostring(SecurityIndicatorName), tostring(SecurityIndicatorDescription), tostring(LikelihoodOfCompromise), tostring(Remediation), tostring(Result), tostring(FirstFound), tostring(Score)\r\n| order by Count\r\n", + "query": "dsp_parser_new\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| extend MitreFramework = pack_array({MitreFramework})\r\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\r\n| extend FilterIntersectionCount = array_length(FilterIntersection)\r\n| where FilterIntersectionCount > 0\r\n| union (CommonSecurityLog \r\n| extend p1Array = split(AdditionalExtensions,\"|\")\r\n| mv-expand bagexpansion=array p1Array\r\n| evaluate bag_unpack(p1Array)\r\n| extend Name=tostring(split(p1Array,\"=\")[0]),Value=substring(p1Array,indexof(p1Array,\"=\")+1)\r\n| evaluate pivot(Name, any(Value), Activity, LogSeverity)\r\n| extend Activity = column_ifexists('Activity', '')\r\n| extend SecurityIndicatorName = Activity\r\n| extend LogSeverity = column_ifexists('LogSeverity', '')\r\n| extend Severity = LogSeverity\r\n| extend Score = \"0 F\"\r\n| extend Result = \"\"\r\n| extend Timestamp = column_ifexists('Timestamp', '')\r\n| extend FirstFound = Timestamp\r\n| extend SecurityFrameworkTags = column_ifexists('SecurityFrameworkTags', ''))\r\n| where isnotempty(SecurityFrameworkTags) \r\n| summarize Count = count() by tostring(SecurityIndicatorName), tostring(Severity), tostring(Score), tostring(FirstFound), tostring(Result), tostring(SecurityFrameworkTags)\r\n| order by Count\r\n", "size": 0, "title": "Indicators of Exposure (IoEs) Details:", "timeContextFromParameter": "TimeRange", @@ -266,36 +167,24 @@ "gridSettings": { "sortBy": [ { - "itemKey": "SecurityFrameworkTags", + "itemKey": "Severity", "sortOrder": 1 } ], "labelSettings": [ { - "columnId": "SecurityFrameworkTags", - "label": "MITRE ATT&CK Framework" - }, - { - "columnId": "SecurityIndicatorName", - "label": "Indicator of Exposure" - }, - { - "columnId": "SecurityIndicatorDescription", - "label": "Description" - }, - { - "columnId": "LikelihoodOfCompromise", - "label": "Likelihood of Compromise" + "columnId": "FirstFound", + "label": "Latest alert" }, { - "columnId": "FirstFound", - "label": "First Time Found" + "columnId": "SecurityFrameworkTags", + "label": "Security framework tags" } ] }, "sortBy": [ { - "itemKey": "SecurityFrameworkTags", + "itemKey": "Severity", "sortOrder": 1 } ], @@ -325,11 +214,110 @@ "styleSettings": { "showBorder": true } + }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "dsp_parser_new\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| extend MitreFramework = pack_array({MitreFramework})\r\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\r\n| extend FilterIntersectionCount = array_length(FilterIntersection)\r\n| where FilterIntersectionCount > 0\r\n| summarize Requests = count() by tostring(SecurityIndicatorName)\r\n| order by Requests\r\n", + "size": 3, + "title": "Breakdown by Indicators of Exposure (IoEs)", + "noDataMessageStyle": 4, + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "tiles", + "tileSettings": { + "titleContent": { + "columnMatch": "SecurityIndicatorName", + "formatter": 1 + }, + "subtitleContent": { + "columnMatch": "Requests", + "formatter": 12, + "formatOptions": { + "palette": "auto" + } + }, + "showBorder": false, + "size": "auto" + }, + "chartSettings": { + "group": "securityIndicatorName", + "createOtherGroup": 10, + "showMetrics": false + }, + "mapSettings": { + "locInfo": "LatLong", + "sizeSettings": "Requests", + "sizeAggregation": "Sum", + "legendMetric": "Requests", + "legendAggregation": "Sum", + "itemColorSettings": { + "type": "heatmap", + "colorAggregation": "Sum", + "nodeColorField": "Requests", + "heatmapPalette": "greenRed" + } + } + }, + "name": "query - 2", + "styleSettings": { + "showBorder": true + } } ] }, "name": "group - 6" }, + { + "type": 3, + "content": { + "version": "KqlItem/1.0", + "query": "dsp_parser_new\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| mv-expand bagexpansion=array SecurityFrameworkTagList to typeof(string)\r\n| where SecurityFrameworkTagList in ({MitreFramework})\r\n| summarize event_count=count() by SecurityFrameworkTagList\r\n", + "size": 0, + "title": "Amount of Generated Events per Category", + "timeContextFromParameter": "TimeRange", + "queryType": 0, + "resourceType": "microsoft.operationalinsights/workspaces", + "visualization": "barchart", + "graphSettings": { + "type": 0, + "topContent": { + "columnMatch": "securityFrameworkTags", + "formatter": 1 + }, + "centerContent": { + "columnMatch": "event_count", + "formatter": 1, + "numberFormat": { + "unit": 17, + "options": { + "maximumSignificantDigits": 3, + "maximumFractionDigits": 2 + } + } + } + }, + "mapSettings": { + "locInfo": "LatLong", + "sizeSettings": "event_count", + "sizeAggregation": "Sum", + "legendMetric": "event_count", + "legendAggregation": "Sum", + "itemColorSettings": { + "type": "heatmap", + "colorAggregation": "Sum", + "nodeColorField": "event_count", + "heatmapPalette": "greenRed" + } + } + }, + "name": "query - 5", + "styleSettings": { + "showBorder": true + } + }, { "type": 12, "content": { @@ -340,14 +328,13 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "dsp_parser\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| extend MitreFramework = pack_array({MitreFramework})\r\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\r\n| extend FilterIntersectionCount = array_length(FilterIntersection)\r\n| where FilterIntersectionCount > 0\r\n| summarize Count = count() by tostring(SecurityIndicatorName)\r\n| top 10 by Count desc", + "query": "dsp_parser_new\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| extend MitreFramework = pack_array({MitreFramework})\r\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\r\n| extend FilterIntersectionCount = array_length(FilterIntersection)\r\n| where FilterIntersectionCount > 0\r\n| summarize Count = count() by tostring(SecurityIndicatorName)\r\n| top 10 by Count desc", "size": 3, "title": "Top 10 Indicators of Exposure (IoEs)", "timeContextFromParameter": "TimeRange", "queryType": 0, "resourceType": "microsoft.operationalinsights/workspaces", "visualization": "piechart", - "sortBy": [], "chartSettings": { "group": "SecurityIndicatorName", "createOtherGroup": 10, @@ -374,7 +361,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "dsp_parser\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| extend MitreFramework = pack_array({MitreFramework})\r\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\r\n| extend FilterIntersectionCount = array_length(FilterIntersection)\r\n| where FilterIntersectionCount > 0\r\n| summarize Count = count() by tostring(SecurityFrameworkTags), tostring(SecurityIndicatorName), tostring(FirstFound), tostring(Remediation)\r\n| top 10 by Count desc\r\n| project-away Count", + "query": "dsp_parser_new\r\n| where isnotempty(SecurityFrameworkTags) \r\n| where Result in ({Status})\r\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\r\n| extend MitreFramework = pack_array({MitreFramework})\r\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\r\n| extend FilterIntersectionCount = array_length(FilterIntersection)\r\n| where FilterIntersectionCount > 0\r\n| summarize Count = count() by tostring(SecurityFrameworkTags), tostring(SecurityIndicatorName), tostring(Remediation)\r\n| top 10 by Count desc\r\n| project-away Count", "size": 0, "title": "Top 10 Indicators of Exposure (IoEs) Details:", "timeContextFromParameter": "TimeRange", @@ -396,6 +383,9 @@ } } ], + "fallbackResourceIds": [ + "/subscriptions/5d15b6db-3197-4af6-9f27-24834d87d02d/resourcegroups/integration_testing/providers/microsoft.operationalinsights/workspaces/integration-log-analytics-workspace" + ], "fromTemplateId": "sentinel-SemperisDSPSecurityIndicators", "$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json" } \ No newline at end of file From 9ca9340ed11461451ef008d517bf50e3e97ac38b Mon Sep 17 00:00:00 2001 From: Lilach Amar Date: Mon, 13 Jan 2025 10:04:22 +0200 Subject: [PATCH 2/7] update semperis DSP solution --- ...sDSP_EvidenceOfMimikatzDCShadowAttack.yaml | 2 +- .../SemperisDSP_KerberoskrbtgtAccount.yaml | 2 +- ...SP_RecentsIDHistoryChangesOnADObjects.yaml | 2 +- ...P_WellKnownPrivilegedSIDsInsIDHistory.yaml | 2 +- .../SemperisDSP_ZerologonVulnerability.yaml | 2 +- .../Semperis_DSP_Failed_Logons.yaml | 2 +- ...SP_Operations_Critical_Notifications_.yaml | 2 +- .../Semperis_DSP_RBAC_Changes.yaml | 2 +- .../Data/Solution_Semperis.json | 2 +- .../Workbooks/SemperisDSPNotifications.json | 3 +- .../SemperisDSPQuickviewDashboard.json | 48 +++++++++---------- .../SemperisDSPSecurityIndicators.json | 3 -- 12 files changed, 33 insertions(+), 39 deletions(-) diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml index d649811cfc5..bb5598d1684 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml @@ -28,5 +28,5 @@ entityMappings: columnName: HostName - identifier: DnsDomain columnName: DnsDomain -version: 1.0.1 +version: 2.0.6 kind: Scheduled \ No newline at end of file diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_KerberoskrbtgtAccount.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_KerberoskrbtgtAccount.yaml index ed6719a40e0..13b06cea2cb 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_KerberoskrbtgtAccount.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_KerberoskrbtgtAccount.yaml @@ -28,5 +28,5 @@ entityMappings: columnName: HostName - identifier: DnsDomain columnName: DnsDomain -version: 1.0.2 +version: 2.0.6 kind: Scheduled \ No newline at end of file diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_RecentsIDHistoryChangesOnADObjects.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_RecentsIDHistoryChangesOnADObjects.yaml index b1e62b31e88..4e8039a5eab 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_RecentsIDHistoryChangesOnADObjects.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_RecentsIDHistoryChangesOnADObjects.yaml @@ -29,5 +29,5 @@ entityMappings: columnName: HostName - identifier: DnsDomain columnName: DnsDomain -version: 1.0.2 +version: 2.0.6 kind: Scheduled diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory.yaml index 808eee8703e..329eb60dd27 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory.yaml @@ -29,5 +29,5 @@ entityMappings: columnName: HostName - identifier: DnsDomain columnName: DnsDomain -version: 1.0.1 +version: 2.0.6 kind: Scheduled \ No newline at end of file diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_ZerologonVulnerability.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_ZerologonVulnerability.yaml index 2e49ab25856..0b240a760e6 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_ZerologonVulnerability.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_ZerologonVulnerability.yaml @@ -28,5 +28,5 @@ entityMappings: columnName: HostName - identifier: DnsDomain columnName: DnsDomain -version: 1.0.2 +version: 2.0.6 kind: Scheduled \ No newline at end of file diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Failed_Logons.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Failed_Logons.yaml index 05e28a7e3ef..5b449c0be2e 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Failed_Logons.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Failed_Logons.yaml @@ -49,5 +49,5 @@ eventGroupingSettings: alertDetailsOverride: alertDisplayNameFormat: Failed Logon -- Alert from Semperis Directory Services Protector alertDescriptionFormat: A failed logon was detected to the DSP system. -version: 1.1.1 +version: 2.0.6 kind: Scheduled diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Operations_Critical_Notifications_.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Operations_Critical_Notifications_.yaml index fcceaa6618d..36d2e5f25e6 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Operations_Critical_Notifications_.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Operations_Critical_Notifications_.yaml @@ -50,5 +50,5 @@ eventGroupingSettings: alertDetailsOverride: alertDisplayNameFormat: Critical Notification -- Alert from Semperis Directory Services Protector alertDescriptionFormat: A critical notification was created in the DSP system. -version: 1.1.1 +version: 2.0.6 kind: Scheduled \ No newline at end of file diff --git a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_RBAC_Changes.yaml b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_RBAC_Changes.yaml index 4a0fa8c220a..c335ae85c38 100644 --- a/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_RBAC_Changes.yaml +++ b/Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_RBAC_Changes.yaml @@ -57,5 +57,5 @@ eventGroupingSettings: alertDetailsOverride: alertDisplayNameFormat: RBAC Change -- Alert from Semperis Directory Services Protector alertDescriptionFormat: A RBAC change was detected in the DSP system. -version: 1.1.1 +version: 2.0.6 kind: Scheduled \ No newline at end of file diff --git a/Solutions/Semperis Directory Services Protector/Data/Solution_Semperis.json b/Solutions/Semperis Directory Services Protector/Data/Solution_Semperis.json index 59d15c547e6..c383d164392 100644 --- a/Solutions/Semperis Directory Services Protector/Data/Solution_Semperis.json +++ b/Solutions/Semperis Directory Services Protector/Data/Solution_Semperis.json @@ -26,7 +26,7 @@ "Data Connectors/SemperisDSP-connector.json" ], "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\Semperis Directory Services Protector", - "Version": "2.0.5", + "Version": "2.0.6", "Metadata": "SolutionMetadata.json", "TemplateSpec": true, "Is1Pconnector": false diff --git a/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPNotifications.json b/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPNotifications.json index e0cc38344b2..8016d31611d 100644 --- a/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPNotifications.json +++ b/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPNotifications.json @@ -82,7 +82,6 @@ "name": "Severity", "type": 2, "typeSettings": { - "additionalResourceOptions": [], "showDefault": false }, "jsonData": "[\r\n { \"value\":\"Critical\", \"label\":\"Critical\" },\r\n { \"value\":\"Warning\" , \"label\":\"Warning\" },\r\n { \"value\":\"Informational\" , \"label\":\"Informational\" }\r\n]", @@ -102,7 +101,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "Event\r\n| where Source == 'Semperis-DSP-Notifications' \r\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\r\n| mv-expand bagexpansion=array p1Xml\r\n| evaluate bag_unpack(p1Xml)\r\n| extend Key1=tostring(['@Name']), Value=['#text']\r\n| evaluate pivot(Key1, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\r\n| where (isempty('{Time}') or (todatetime(timeCreated) >= todatetime('{Time:startISO}') and todatetime(timeCreated) <= todatetime('{Time:endISO}'))) and ((isempty('{RuleName}') or indexof(ruleName,'{RuleName}') > -1)) and ((isempty('{Severity}') or severity == '{Severity}'))\r\n| order by TimeGenerated desc\r\n| project ruleName, fullOperation\r\n", + "query": "SecurityEvent\r\n| where EventSourceName == 'Semperis-DSP-Notifications' \r\n| extend p1Xml = parse_xml(EventData).EventData.Data\r\n| mv-expand bagexpansion=array p1Xml\r\n| evaluate bag_unpack(p1Xml)\r\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\r\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\r\n| where (isempty('{Time}') or (todatetime(timeCreated) >= todatetime('{Time:startISO}') and todatetime(timeCreated) <= todatetime('{Time:endISO}'))) and ((isempty('{RuleName}') or indexof(ruleName,'{RuleName}') > -1)) and ((isempty('{Severity}') or severity == '{Severity}'))\r\n| order by TimeGenerated desc\r\n| project ruleName, severity, Computer, objectDN, timeCreated, fullOperation, attributeName, attributeValue, changedBy, originatingServerName\r\n", "size": 0, "title": "Notifications", "queryType": 0, diff --git a/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPQuickviewDashboard.json b/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPQuickviewDashboard.json index 505049e3f9c..0ec753cd6d8 100644 --- a/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPQuickviewDashboard.json +++ b/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPQuickviewDashboard.json @@ -5,7 +5,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "let day_names =dynamic([\"Sunday\",\"Monday\",\"Tuesday\",\"Wednesday\",\"Thursday\",\"Friday\",\"Saturday\"]);\nlet averageData = view() { CommonSecurityLog \n| extend p1Array = split(AdditionalExtensions,\";\")\n| mv-expand bagexpansion=array p1Array\n| evaluate bag_unpack(p1Array)\n| extend Name=tostring(split(p1Array,\"=\")[0]),Value=substring(p1Array,indexof(p1Array,\"=\")+1)\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\n| where TimeGenerated > datetime(2000-01-01)\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \"\"\n| summarize Count=count() by Year=getyear(TimeGenerated), Month=monthofyear(TimeGenerated), Day=dayofmonth(TimeGenerated)\n| summarize Average_Count=toint(avg(Count)) by Day=dayofweek(make_datetime(Year,Month,Day)), SortData=\"Average Daily Change\"\n| order by Day asc};\nlet weeklyData = view() { CommonSecurityLog \n| extend p1Array = split(AdditionalExtensions,\";\")\n| mv-expand bagexpansion=array p1Array\n| evaluate bag_unpack(p1Array)\n| extend Name=tostring(split(p1Array,\"=\")[0]),Value=substring(p1Array,indexof(p1Array,\"=\")+1)\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\n| where TimeGenerated > startofweek(now())\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \"\"\n| summarize Count=count() by Year=getyear(TimeGenerated), Month=monthofyear(TimeGenerated), Day=dayofmonth(TimeGenerated)\n| summarize Average_Count=toint(avg(Count)) by Day=dayofweek(make_datetime(Year,Month,Day)), SortData=\"Daily Change\"\n| order by Day asc };\nunion withsource=TableName averageData,weeklyData\n| order by Day asc, SortData asc\n| project Average_Count,Day,TableName,SortData,Days=tostring(day_names[indexof('00010203040506', format_timespan(Day,'dd'))/2])\n| render barchart with (kind=unstacked)\n\n", + "query": "let day_names =dynamic([\"Sunday\",\"Monday\",\"Tuesday\",\"Wednesday\",\"Thursday\",\"Friday\",\"Saturday\"]);\nlet averageData = view() { CommonSecurityLog \n| extend p1Array = split(AdditionalExtensions,\";\")\n| mv-expand bagexpansion=array p1Array\n| evaluate bag_unpack(p1Array)\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\n| extend Name=tostring(split(p1Array,\"=\")[0]),Value=substring(p1Array,indexof(p1Array,\"=\")+1)\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\n| where TimeGenerated > datetime(2000-01-01)\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \"\"\n| summarize Count=count() by Year=getyear(TimeGenerated), Month=monthofyear(TimeGenerated), Day=dayofmonth(TimeGenerated)\n| summarize Average_Count=toint(avg(Count)) by Day=dayofweek(make_datetime(Year,Month,Day)), SortData=\"Average Daily Change\"\n| order by Day asc};\nlet weeklyData = view() { CommonSecurityLog \n| extend p1Array = split(AdditionalExtensions,\";\")\n| mv-expand bagexpansion=array p1Array\n| evaluate bag_unpack(p1Array)\n| extend Name=tostring(split(p1Array,\"=\")[0]),Value=substring(p1Array,indexof(p1Array,\"=\")+1)\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\n| where TimeGenerated > startofweek(now())\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \"\"\n| summarize Count=count() by Year=getyear(TimeGenerated), Month=monthofyear(TimeGenerated), Day=dayofmonth(TimeGenerated)\n| summarize Average_Count=toint(avg(Count)) by Day=dayofweek(make_datetime(Year,Month,Day)), SortData=\"Daily Change\"\n| order by Day asc };\nunion withsource=TableName averageData,weeklyData\n| order by Day asc, SortData asc\n| project Average_Count,Day,TableName,SortData,Days=tostring(day_names[indexof('00010203040506', format_timespan(Day,'dd'))/2])\n| render barchart with (kind=unstacked)\n\n", "size": 0, "title": "Weekly Active Directory Change Count", "queryType": 0, @@ -49,7 +49,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "Event\n| where Source == 'Semperis-Operation-Log' and EventID == 20000\n| sort by TimeGenerated desc \n| parse RenderedDescription with \"Operation: \" Operation \"Access Granted:\" AccessGranted \"Result: \" Result \"Details: \" * \"Trustee Name: \" TrusteeName \" Correlation ID: \" * \" Source: \" HostIP \"WebSite Target\" *\n| extend host = tostring(HostIP)\n| extend HostIP = trim_end(\":\",HostIP)\n| project TimeGenerated, UserName, HostIP\n| order by TimeGenerated desc\n| top 10 by TimeGenerated", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-Operation-Log' and EventID == 20000\n| sort by TimeGenerated desc \n| extend p1Xml = parse_xml(EventData).EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\n| extend details = column_ifexists('details', '')\n| parse details with * \"Trustee Name: \" TrusteeName \" Correlation ID: \" * \" Source: \" HostIP \":\" * \" Target\" *\n| extend host = tostring(HostIP)\n| project TimeGenerated, TrusteeName, HostIP\n| order by TimeGenerated desc\n| top 10 by TimeGenerated", "size": 1, "title": "Successful Logons", "queryType": 0, @@ -59,14 +59,6 @@ { "columnId": "TimeGenerated", "label": "Time Generated" - }, - { - "columnId": "UserName", - "label": "Identity" - }, - { - "columnId": "HostIP", - "label": "Host IP" } ] } @@ -81,7 +73,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "Event\n| where Source == 'Semperis-Operation-Log' and ( EventID == 20000 or EventID == 20002 )\n| sort by TimeGenerated desc \n| parse RenderedDescription with \"Operation: \" Operation \"Access Granted:\" AccessGranted \"Result: \" Result \"Details: \" * \"Trustee Name: \" TrusteeName \" Correlation ID: \" * \" Source: \" HostIP \"WebSite Target\" *\n| extend host = tostring(HostIP)\n| extend HostIP = trim_end(\":\",HostIP)\n| where isnotempty(AccessGranted)\n| summarize Count=count() by AccessGranted\n\n\n\n", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-Operation-Log' and ( EventID == 20000 or EventID == 20002 )\n| sort by TimeGenerated desc \n| extend p1Xml = parse_xml(EventData).EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\n| extend details = column_ifexists('details', ''), accessGrated = column_ifexists('accessGrated', '')\n| parse details with * \"Trustee Name: \" TrusteeName \" Correlation ID: \" * \" Source: \" HostIP \":\" * \" Target\" *\n| extend host = tostring(HostIP)\n| where isnotempty(accessGrated)\n| summarize Count=count() by accessGrated\n", "size": 1, "title": "DSP Logins", "queryType": 0, @@ -114,7 +106,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "Event\r\n| where Source == 'Semperis-DSP-Notifications' \r\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\r\n| mv-expand bagexpansion=array p1Xml\r\n| evaluate bag_unpack(p1Xml)\r\n| extend Key1=tostring(['@Name']), Value=['#text']\r\n| evaluate pivot(Key1, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\r\n| order by TimeGenerated desc\r\n| project ruleName, fullOperation\r\n", + "query": "SecurityEvent\r\n| where EventSourceName == 'Semperis-DSP-Notifications' \r\n| extend p1Xml = parse_xml(EventData).EventData.Data\r\n| mv-expand bagexpansion=array p1Xml\r\n| evaluate bag_unpack(p1Xml)\r\n| extend Name=tostring(['@Name']), Value=['#text']\r\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\r\n| order by TimeGenerated desc\r\n| project ruleName, severity, fullOperation, attributeName, attributeValue, changedBy, originatingServerName\r\n", "size": 0, "title": "Notifications", "queryType": 0, @@ -144,13 +136,19 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "Event\n| where Source == 'Semperis-Operation-Log' and EventID == 20012\n| sort by TimeGenerated desc\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=tostring(['@Name']), Value=['#text']\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\n| parse details with \"Occured at (UTC): \" OccurredAt \"Session ID: \" SessionID \"Trustee Name: \" TrusteeName \"Correlation ID: \" CorrelationID \"Source: \" Source \"WebSite Target: \" WebSiteTarget \"Product: \" Product \"Component: \" Component \"AD Information: \" ADInformation \"Object GUID: \" ObjectGUID \"Attribute: \" Attribute \"Distinguished Name: \" DistinguishedName \"Additional Information: \"AdditionalInformation \"Operation Detail: \" OperationDetail \"operationName: \" operationName \"trustee: \" trustee \"personas: \" personas \"Status: \" status \"Granted: \" Granted \"Result: \" Result\n| extend _AccessGranted = iif(operationName contains \"CreateRbacIdentity\", \"Added\", \"Removed\")\n| extend _Identity = iif(operationName contains \"CreateRbacIdentity\", trustee, tostring(substring(trustee,1,strlen(trustee))))\n| extend _Identity = iif(operationName contains \"CreateRbacIdentity\", _Identity, replace_string(_Identity,\"'\",\"\"))\n| extend add_personas = replace_string(replace_string(replace_string(personas,\"{ Name = \",\"\"),\" }\",\"\"),\";\",\",\")\n| extend remove_personas = replace_string(personas,\";\",\",\")\n| extend grid_personas = iif(operationName contains \"CreateRbacIdentity\", add_personas, remove_personas)\n| extend date_to_sort = format_datetime(TimeGenerated,\"yyyy-mm-dd HH:mm:ss\")\n| order by date_to_sort desc\n| project TrusteeName, _Identity, _AccessGranted, grid_personas, TimeGenerated\n\n\n", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-Operation-Log' and EventID == 20012\n| sort by TimeGenerated desc\n| extend p1Xml = parse_xml(EventData).EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\n| extend details=column_ifexists(tostring('details'), '')\n| parse details with \"Occured at (UTC): \" OccurredAt \"Session ID: \" SessionID \"Trustee Name: \" TrusteeName \"Correlation ID: \" CorrelationID \"Source: \" Source \"WebSite Target: \" WebSiteTarget \"Product: \" Product \"Component: \" Component \"AD Information: \" ADInformation \"Object GUID: \" ObjectGUID \"Attribute: \" Attribute \"Distinguished Name: \" DistinguishedName \"Additional Information: \"AdditionalInformation \"Operation Detail: \" OperationDetail \"operationName: \" operationName \"trustee: \" trustee \"personas: \" personas \"Status: \" status \"Granted: \" Granted \"Result: \" Result\n| where isnotempty(operationName)\n| extend _AccessGranted = iif(operationName contains \"CreateRbacIdentity\", \"Added\", \"Removed\")\n| extend _Identity = iif(operationName contains \"CreateRbacIdentity\", trustee, tostring(substring(trustee,1,strlen(trustee))))\n| extend _Identity = iif(operationName contains \"CreateRbacIdentity\", _Identity, replace_string(_Identity,\"'\",\"\"))\n| extend add_personas = replace_string(replace_string(replace_string(personas,\"{ Name = \",\"\"),\" }\",\"\"),\";\",\",\")\n| extend remove_personas = replace_string(personas,\";\",\",\")\n| extend grid_personas = iif(operationName contains \"CreateRbacIdentity\", add_personas, remove_personas)\n| extend date_to_sort = format_datetime(TimeGenerated,\"yyyy-mm-dd HH:mm:ss\")\n| order by date_to_sort desc\n| project TrusteeName, _Identity, _AccessGranted, grid_personas, TimeGenerated\n\n\n", "size": 1, "title": "Role Based Access Control Changes", "queryType": 0, "resourceType": "microsoft.operationalinsights/workspaces", "visualization": "table", "gridSettings": { + "sortBy": [ + { + "itemKey": "TrusteeName", + "sortOrder": 2 + } + ], "labelSettings": [ { "columnId": "TrusteeName", @@ -164,17 +162,18 @@ "columnId": "_AccessGranted", "label": "Access Granted" }, - { - "columnId": "grid_personas", - "label": "Persona Details" - }, { "columnId": "TimeGenerated", "label": "Timestamp" } ] }, - "sortBy": [] + "sortBy": [ + { + "itemKey": "TrusteeName", + "sortOrder": 2 + } + ] }, "customWidth": "50", "name": "query - 2", @@ -264,7 +263,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "CommonSecurityLog\n| extend p1Array = split(AdditionalExtensions,\";\")\n| mv-expand bagexpansion=array p1Array\n| evaluate bag_unpack(p1Array)\n| extend Name=tostring(split(p1Array,\"=\")[0]),Value=substring(p1Array,indexof(p1Array,\"=\")+1)\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\n| parse DistinguishedName with * \"CN\\\\=\" cnName \",\" *\n| parse DistinguishedName with * \"DC\\\\=\" dcName \",\" *\n| where ClassName != \"dnsNode\"\n| summarize ChangedCount=count() by cnName\n| project cnName, ChangedCount, \"Details\"\n| order by ChangedCount desc\n| top 5 by ChangedCount\n", + "query": "CommonSecurityLog\n| extend p1Array = split(AdditionalExtensions,\";\")\n| mv-expand bagexpansion=array p1Array\n| evaluate bag_unpack(p1Array)\n| extend Name=tostring(split(p1Array,\"=\")[0]),Value=substring(p1Array,indexof(p1Array,\"=\")+1)\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\n| extend DistinguishedName = column_ifexists('DistinguishedName', '')\n| where isnotempty(DistinguishedName)\n| parse DistinguishedName with * \"CN=\" cnName \",\" *\n| parse DistinguishedName with * \"DC=\" dcName \",\" *\n| where ClassName != \"dnsNode\"\n| summarize ChangedCount=count() by cnName\n| project cnName, ChangedCount, \"Details\"\n| order by ChangedCount desc\n| top 5 by ChangedCount\n", "size": 3, "title": "Top 5 Objects Changed", "queryType": 0, @@ -313,7 +312,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "Event\n| where Source == 'Semperis-DSP-Notifications' \n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=tostring(['@Name']), Value=['#text']\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\n| summarize Count=count() by tostring(fullOperation)\n\n", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-DSP-Notifications' \n| extend p1Xml = parse_xml(EventData).EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Key1=tostring(['@Name']), Value=['#text']\n| evaluate pivot(Key1, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\n| summarize Count=count() by tostring(fullOperation)\n\n", "size": 1, "title": "AD Change Types", "queryType": 0, @@ -413,7 +412,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "Event\n| where Source == 'Semperis-DSP-Security' \n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=tostring(['@Name']), Value=['#text']\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\n| extend isProblem = iif(result == \"Failed\", true, false)\n| where isnotnull(numberOfResults) and isProblem == true\n| order by tostring(securityIndicatorName)\n| summarize Count=count() by tostring(securityIndicatorName)\n| top 5 by Count\n\n", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-DSP-Notifications' \n| extend p1Xml = parse_xml(EventData).EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\n| extend result=column_ifexists(tostring('result'), ''), numberOfResults=column_ifexists(tostring('numberOfResults'), ''), securityIndicatorName=column_ifexists(tostring('securityIndicatorName'), '')\n| extend isProblem = iif(result == \"Failed\", true, false)\n| where isnotnull(numberOfResults) and isProblem == true\n| order by tostring(securityIndicatorName)\n| summarize Count=count() by tostring(securityIndicatorName)\n| top 5 by Count\n\n", "size": 1, "title": "Top 5 Failed Security Indicators", "queryType": 0, @@ -439,7 +438,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "Event\n| where Source == 'Semperis-DSP-Security' \n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=tostring(['@Name']), Value=['#text']\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\n| extend isProblem = iif(result == \"Failed\", true, false)\n| where isnotnull(numberOfResults) and isProblem == true\n| order by tostring(securityIndicatorName)\n| summarize Count=count() by tostring(securityIndicatorName)\n| top 5 by Count\n\n", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-DSP-Notifications' \n| extend p1Xml = parse_xml(EventData).EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\n| extend result=column_ifexists(tostring('result'), ''), numberOfResults=column_ifexists(tostring('numberOfResults'), ''), securityIndicatorName=column_ifexists(tostring('securityIndicatorName'), '')\n| extend isProblem = iif(result == \"Failed\", true, false)\n| where isnotnull(numberOfResults) and isProblem == true\n| order by tostring(securityIndicatorName)\n| summarize Count=count() by tostring(securityIndicatorName)\n| top 5 by Count\n\n", "size": 1, "title": "Top 5 Failed Security Indicators", "queryType": 0, @@ -465,7 +464,7 @@ "type": 3, "content": { "version": "KqlItem/1.0", - "query": "Event\n| where Source == 'Semperis-DSP-Security' \n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=tostring(['@Name']), Value=['#text']\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\n| extend isProblem = iif(result == \"Failed\", true, false)\n| where isnotnull(numberOfResults) and isProblem == true\n| summarize Count=count() by tostring(securityFrameworkTags)\n\n", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-DSP-Notifications' \n| extend p1Xml = parse_xml(EventData).EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\n| extend result=column_ifexists(tostring('result'), ''), numberOfResults=column_ifexists(tostring('numberOfResults'), ''), securityFrameworkTags=column_ifexists(tostring('securityFrameworkTags'), '')\n| extend isProblem = iif(result == \"Failed\", true, false)\n| where isnotnull(numberOfResults) and isProblem == true\n| summarize Count=count() by tostring(securityFrameworkTags)\n\n", "size": 0, "title": "Amount of Generated Events per Category", "timeContext": { @@ -487,11 +486,10 @@ "name": "query - 2" } ], - "fallbackResourceIds": [], "styleSettings": { "paddingStyle": "wide", "spacingStyle": "wide" }, "fromTemplateId": "sentinel-SemperisDSPQuickviewDashboard", "$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json" -} +} \ No newline at end of file diff --git a/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPSecurityIndicators.json b/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPSecurityIndicators.json index ed732a81c8a..6a9eefe2005 100644 --- a/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPSecurityIndicators.json +++ b/Solutions/Semperis Directory Services Protector/Workbooks/SemperisDSPSecurityIndicators.json @@ -383,9 +383,6 @@ } } ], - "fallbackResourceIds": [ - "/subscriptions/5d15b6db-3197-4af6-9f27-24834d87d02d/resourcegroups/integration_testing/providers/microsoft.operationalinsights/workspaces/integration-log-analytics-workspace" - ], "fromTemplateId": "sentinel-SemperisDSPSecurityIndicators", "$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json" } \ No newline at end of file From 7061f99964343ad9a171585d661102e16ab7fd59 Mon Sep 17 00:00:00 2001 From: v-prasadboke Date: Tue, 28 Jan 2025 18:52:45 +0530 Subject: [PATCH 3/7] Update WorkbooksMetadata.json --- Workbooks/WorkbooksMetadata.json | 83 +++++++++++++++++++++++++++++++- 1 file changed, 82 insertions(+), 1 deletion(-) diff --git a/Workbooks/WorkbooksMetadata.json b/Workbooks/WorkbooksMetadata.json index d0d539073f8..2d3c6e29391 100644 --- a/Workbooks/WorkbooksMetadata.json +++ b/Workbooks/WorkbooksMetadata.json @@ -8525,5 +8525,86 @@ "templateRelativePath": "SamsungKnoxAssetIntelligence.json", "subtitle": "", "provider": "Samsung" - } + }, + { + "workbookKey": "SemperisDSPADChangesWorkbook", + "logoFileName": "Semperis.svg", + "description": "View change data related to the Semperis DSP system.", + "dataTypesDependencies": [ + "CommonSecurityLog" + ], + "dataConnectorsDependencies": [ + "SemperisDSP-connector" + ], + "previewImagesFileNames": [ + "adchanges-black.png", + "adchanges-white.png" + ], + "version": "1.0.0", + "title": "Semperis DSP AD Changes", + "templateRelativePath": "SemperisDSPADChanges.json", + "subtitle": "", + "provider": "Semperis" + }, + + { + "workbookKey": "SemperisDSPNotificationsWorkbook", + "logoFileName": "Semperis.svg", + "description": "View notification data related to the Semperis DSP system.", + "dataTypesDependencies": [ + "Event" + ], + "dataConnectorsDependencies": [ + "SemperisDSP-connector" + ], + "previewImagesFileNames": [ + "notifications-black.png", + "notifications-white.png" + ], + "version": "1.0.0", + "title": "Semperis DSP Notifications", + "templateRelativePath": "SemperisDSPNotifications.json", + "subtitle": "", + "provider": "Semperis" + }, + { + "workbookKey": "SemperisDSPQuickviewDashboardWorkbook", + "logoFileName": "Semperis.svg", + "description": "View data related to the Semperis DSP system.", + "dataTypesDependencies": [ + "Event" + ], + "dataConnectorsDependencies": [ + "SemperisDSP-connector" + ], + "previewImagesFileNames": [ + "quickview-black.png", + "quickview-white.png" + ], + "version": "1.0.0", + "title": "Semperis DSP Quickview Dashboard", + "templateRelativePath": "SemperisDSPQuickviewDashboard.json", + "subtitle": "", + "provider": "Semperis" + }, + { + "workbookKey": "SemperisDSPSecurityIndicatorsWorkbook", + "logoFileName": "Semperis.svg", + "description": "View security indicator data related to the Semperis DSP system.", + "dataTypesDependencies": [ + "dsp_parser" + ], + "dataConnectorsDependencies": [ + "SemperisDSP-connector" + ], + "previewImagesFileNames": [ + "indicators-black.png", + "indicators-white.png" + ], + "version": "1.0.0", + "title": "Semperis DSP Security Indicators", + "templateRelativePath": "SemperisDSPSecurityIndicators.json", + "subtitle": "", + "provider": "Semperis" + } ] From 2f73d926aa92446afac9569ed125b8d52b6d888c Mon Sep 17 00:00:00 2001 From: v-prasadboke Date: Tue, 28 Jan 2025 18:52:58 +0530 Subject: [PATCH 4/7] Solution packaged --- .../Package/3.0.0.zip | Bin 0 -> 20517 bytes .../Package/createUiDefinition.json | 2 +- .../Package/mainTemplate.json | 1292 +++++++++-------- .../Package/testParameters.json | 56 + 4 files changed, 742 insertions(+), 608 deletions(-) create mode 100644 Solutions/Semperis Directory Services Protector/Package/3.0.0.zip create mode 100644 Solutions/Semperis Directory Services Protector/Package/testParameters.json diff --git a/Solutions/Semperis Directory Services Protector/Package/3.0.0.zip b/Solutions/Semperis Directory Services Protector/Package/3.0.0.zip new file mode 100644 index 0000000000000000000000000000000000000000..96acfc2259b28ee90ad41b719d7901ca9dec38e3 GIT binary patch literal 20517 zcmY(qV~j4$6FoSdJGO0GcWm3X=Na3!ZF}z6wr$(Cz3*>#|Jm%9PNj2ly8BeB(v_}O zkOl=q1p)&41LU5{qctf%oHq{(1SIko2ngf9Sz||2LuXS}OA%8uOIu54OFLV7DjaynY9g|Qd%EJ6#{{pQ80`C?gPyXX~o5UbDydtR1ocuuusR)M^d zxD|?Xx3PAq!y!4+P0Belxz_V2@=(V?kN(I-JzXYEwbKA zxNA)!`9KL1=N0L5bE(RT`uZmyAh84=ddI)S4%4N*>;f1{(sa-!tV1TU`ersUp54d6d~=<6j<;BdVY z$@Pba$|<@s$sKctMVS8$7*?hK@OXSUxo_*+VP*b+5b((#m%L@V98ub7fUtJL^J_bux zKazWVfk>&7cL6kS`jy7vi0?hCL(1)Gqw(MaMoII9-l|0Crsga)f`Ok`7I8j)(z z7*>(p^X7YXu5d^+$~S~2yA9F;#_US&t5uDfRpv`bV1*%uI)$-WtB?USj-ODly}iFPuo7zXMzx}1pb4@N0CcJ}&ABSq9~ zBFtC@$ORLSLsLl4L488`OHyEt6&(!S!N@qFhpQN*4e2vt+XybRx?*byHAjLcgu5t+ zKhx!q`U_H)2?T;^=yRGc^aZ#GI~=E0HBK(7n3~~6V8xAu{9?^pn0yn*i3!lnfzn~N zF_hXvXcF}0@Bf~W;)AUaJ(SOZFonB7Lmv+Z*EY?|OTcd#n}4z_z;`A6$&U4AgtJ); zQy%M4B4PR#B7gT{JPAYe0bL1rct++(6@I;?RI^|7N63~kdiuK;8rL+zVqkxCx>4>f zBCf5xvBNjS%9=-t?v(j8b`x)7r+yP5hCesPx2B1C-ni;PdUa>Kac~u~r#WE648^C| ze(paVDXAqT-HBW0SHG-F?RWnkM^hB40zvPKdZTxmRN8AN0wQAsN|UHQQ)gYw38*oc z{`<13RPbSn_IGr7d|J8oBVJrQg8c359yf8BDvS%L^Wcd|{EAhrE^ocMIYf2F9GxUv zVz(xHpvt+n{m$n5P+8d|A&}z?8KaPif{;#LVJ{6>CIRGPmYML9jsvTq-GBvHnhAc> z_*y1{-c!ZN~5iTzxGTAvF zFNO)F3WjevU%!lCw2vmvP(auh5e^5HI6!HHbgoOL2#O3Ra)u)$lm*KfKffJH63D?5 zI8hB^ocn@D_&LM#p=|@YhV7o#>7m*S-Mej}6**rmniLLsAc8GDZLTi#jM}P3yxkyt zTWXDQKIhelY**71hf?(eRj_AtjA9z&3vOl0%~b^EeNH_ovuWBZf?jzhw31#AFx|%g z?3_s8reG)6y+k=#Aj4_8s%QKM4z!W5zod3n|4rrZvn&c2+Y)V&=@%UcAa%RdFoL`3 znTarOhjj-LhJd4os&KNB((P9JW8>a!dZ(wpPXe%9r>oR;w#eZwn$7kLDwASu!sq_m zHiUETT#!ElfRV1t6@LI-nJ?RNcMj0OqhAV8pn;{DSJxyb#_>P4@@3N0=g<0 z#|JECc`n4FQE}+b2g>L{TjNDXWAF3BzSA|h%2@RqiC~-# zfc+%4+~O@2n|g~oN2U@)2?KX!h_nR;AVD)!R({=dc30q$_dbp67Vq+fJIFKn9FKn# z5G7j{mqs7@T`?rOHAy=k0#)_6Muty{PL8c4Tcj6s(Otg}ub&^2QnGt<9IE6sXdl_pf~@*kv3RMmADJSI7dTQk%Qc^KJYHIvD`nOKejfL z`4mCYl>e=`re^o3mUy{UE)@4~@v2_AWhq_lI-cvVaij^?3`P_}R=ZTbc6O@XelMK` z$yz?OO&wmorZfYd`nRo`I{u9%4sR+y#3-Ns+uO?FN<+Z8l+58q_#9bk&l<=ook25w zC33OteM>2>hm|KBOEONDIv;+GYDU%WwMAFb;y#Bv8Ej_#y?xvV>c(ul%8W18;l|?e32{@Y`uEqzyc1}LZIf>$k3a2TSL5ePY2+a=3qkwM!yeZ$d1sxkd!c$d zMV)plgXZ=?akk`M*bL@Z#j8jTlO4gK^Y}?ex8)C59cza%81;y0n$%lev;MW07<&Tc z!aUvTHvbklCScnqrSWkGRTt>Y+<{=T6}T%vu&sqQj7#nP*d)R6I$IRY;U7FC;Dz$c zc3%|lu|jB^o)X?6g_kQiS8-3G3a4R*tWdhD8s~62uj5Z-7>XWWv$h}_+6&V-1Yr$LN7&!<|U6i$v+1~CenpKRu9y8G(3EICJEs|{weRi#SXLJ9u zLc9K&VV7|hkw9oeYVS7g6@=na4P@9B7F~L?}E=qfALy^6TSCA^3@gC$C zR{5$#9#@fTTIae=e0B}!>@iD?jd4 zwH-@JqL7X$@Or@t%3#2&A=YYTbxt})xVf;ax8qaSBTN%oo6E9bDnSQ_0Ic!WXpO1}*zq5x%ba)Og(-bD0es>PsyP8o73TO$gz3IqMU!rj9C7(5w zf?7~Mrwa@WssKD)v9lR2I40w;NElc07Sh53$`(ror!y)yk`lZ9Wz1CXe7GXG*|Bal}6J4x9A5D<+CdEu(5eSdU-D?7ELGhZwhml{G=gMv##Ux@oJ+OAux{J)sGv{7b$z3A8^@74 z`rG7J_rkFjdEr%RG-<7Sr`ajh8Tljqof z4A|5RvtSZURQEOfRGd7dajf8IUVgRmQkTZp@~NDz`QFidFWS{oa>HEAj9r`vwWLx0 z3i|y%IK^Amr= zGpMmibPT$>wY5r(ERm2L#PrD-!`jwVv7ZO(h#5V7Y_= z&-aJ;2r8z$vt@(Jr>3c-rlFzfy_o&|%44;;>{0q7zHBMw#M)AT*SzG zHmMe^v54?l+4A!a^bH9#3B@)3SlTYv0Pnq3SCZ1q9Gf2>FSpmrgC2?wow-JDE1Kow z*)HB`P?7Nk_e=REl3Dv(;!#*b`s==x9Zs{ou%Ewyst2O6=AD1L3-G4RLv*p;e_W)+ z=O$$hyJTkhti&lc?o;+@YBnqmT{p*~wI?gU!;Elw)z8>3a4H_mh zOCnrJW)dV5VN5NYtwq=V%IG3a5pCyvBAit-aS>kqy0o#5&SQ7G1d}taihA>Su|YOHAU?OJTdagzHO*DgEm zBQEr%6ww~tSt#PUp~9G$L$T(KES!aPUU9Y$na(@_52x;|WUcu3f)h{Ga7sif-x**F zJ+$sGI?|kj36=4N-AxX^?P~n#+9d01;S4r=_JeOXdf4uINMC|FiaDVCDtW2L8* zw@IcZ%H2$j+$rBbVNvU3+9X{a{X(LHbsa(zWYnGiO7^Gu+XAY&J6&OMF!^JPO0YZ! zwE#LnNCFjnX+x8u*;PsraEhb^FehqOs=|2c0c&=}r)zdaR|a^dE9G^Pl{aS?FgsX zFJ1J!O@Voz^D9Rx3=@)(qmtD5)=aTifm=6mylwzC-FLp7>yty}Dx0=X<2H6CGAWiq zy-ZHQKay2=;;K<7^l_g~na_oxG6i?Uh|NC>P5KQO3ri<56H*OTNVKveLU_S#3Y5nm zA~;**VB*~ATqWj`ZQbF)o5zyrsJxhQ+(oW_#RwlcJv%ndHrtGyKHZ!aahZcRXZe6w z$N!LAP-&LEJW#C!;lY#7g&_YKxxv!UmQctyw8Z;z9?0aPpWFR{yUbjky)41aX6rWJ zeLR?FgTA}Cu2Z(ReRWQfZH@mgha3L?%i)Iqe>mug_ig{jK{tv0R23Avg99h-*$Rp? zI)=I4vEHoRE!S%N5-mp$<)%)t&wQOmv3~=aVBfB%Lb!i3m}FnUM<+PYElRpYBR^1l zR%hNa0_m!L8>g+?y-5)BY`A%GzA|=$|0D)!GdPAp>RFj&pYbx8WPckV(Wb*d9dCcT zFWIJ&mrA(*LyUZrMq#MbWZ9b8ZQEKIca08x?W)gj;Rf%FxDqyfl5gic0@+TwrJoZ# z*`%Kv{D~kkaO|lV@Sh<+Q1a0P28Dp0aF@>ml~g$B;5OH=N!QJS-E3I>Jo?c;W_>AJ zv~Kwti?b0B0-l4lgi8QYtAc`_EnS(0?IdpSH=NYLMHC*4>r$oAv5LL+NCgl? zyT28RMu|0xM~=KFHRWdt2dk*@1EHtwByGd}5rRJtScK9$KA)t;r9!Co$-?D}$Osu= zZT#AOq@(D{djol7Q{K%pf-mf5!RJJ7Y5m4*f;?4lqAc1)&d~(rr)e&ap=nl=zq>)& zgWzk%7T2B&{&n3x!bW~)(k%AqV8ynDdr1_pYsLDBIX;qkRshot zJlM^tf!G~)GZ)SG?f{ACmLPZE0hx6Q0GfU7Sc(lL=xG0g{R(Rai5P{u4p2OXt9aO2 zY$H?cbSbP{OZyF-DNempAr&YKJ-p|XYH>rjhb=6y)(MJCJs4(C1i@<*S?hm28V$y< zxX3axyzd=SIHGN;dK5&i51ABhPm*>?(mk zh~xVexHU_fD+z6G>Kl2dNI*O5%eupczZD`};jPDi(|7EEUKNiHLjft-cKF?ysvF*U znIICz(CeGD&+*$pzcKoAG#f?N5=!5at8XwA9%Jxg2->q|rDM(M@AD_GM?jDi<;?@A z7E5WQY)L?>e~e|_vLXamU!(25vngB)Qa#NInOROldbIQ5wGWr_5Rk2qPfRwQWo z><@qnqiL)lfE5?^@t&&}m|nha3JoHojJZ)b4W8QThG~IG^EQ~L&U_n^sIMj;rulsd z9wF$9s^1SS&TFgK(;`Fc)zJaNz`&QY6*-y2t(HY@q#;7asJZ!v0!xFaQl3 z&m{O6-P00>&J`;pGvI}MWhM+&7fW+mktT+@w#1#cy0eEFz~*>@Y+U^T&s>+_d0j{;J)&w1F3De}MsOob{Hm(h+Ts<-ws=Cu`j&Zu!eWTUBA4=IJ);Of zn1~V>t9}+oh(?x;D~gDiZW{#<$Pp;lK$i}bJ+*ICWME=W_0KRrjgtU*JLk{MDIg#c z#D;r}R36qpv=GWo!9kJ4e5l>oUUQF^cxombA#e+ahDR)PV8h{PWD>Z@q&=*?H|%5V zewZ`jRg4S}1I6Fd1T_D?<5p}TN-~@d#ktq4g;}~f@j%ezUpzyU^{qQc|k?@ zLR~>9q*0cJbB`gvBJhq6<4nxn4l8leSq6CI5lBeF^C4x^QCn+JvInt>fN5u@X-G--_>0Bj5S`WBur`)TFxRN5GQS5L5;cc5tHW#C=ey*&s3%H3gKU!ofwz`&(4d z0U?Rp{`V9ewwl6PJhbb_z?0MWH8xRIw@I&cdw-O$){wC=4J{!bvUd09M2*&nv8_^m z(AfkP6KuC zQB)H|U9?t9)3>k%tMr*@zi?qmlb;D%H-L#MvYfIB9oQ)(mZo% z`{!C7{)6N5rjAm)k0J9?{%bW>8nc(O17kF7Y_dGakBBURERcI#%=)B0S!x7V zE$0E5tzC-JKB*Eqw2734>|MdA5VOvNJl1-<>RxDO^x2#$crp;~v@wG~YE+o9z)L}0gt+5{YD0TL8=G(u2bW{HS{=G4k?F>BAuNpczixt;&O$k&s=|q9#tu{4%8$hEnGmlL?&uV2ba){k45(JrjE1TQCtISovD)p&#{l>vTLV_{197i&94G2@E zhT0v=H*f~yP5l`LCN9seyH+uq+c){^I1KYhwx+th+;OSTo}8hn{t+GTa=iC$2C2h+ zd^iD+YY7e11`n^Ib#mSH1TqgHe$MmCT%Pwcz6 zE<7+4VBObM1S7q2x_1MFC*PBH%5GsmBG8-LDEzN~hEpE|QS9Z?~QL`uS2`&N>=)1o$NWowM8+set#B8Ys8{osFln47^{5b(B@Hz}T z10b%NiVs<-q_bxh4z|IocMMFJ`Xipd$pt><1-GCDwg=AUs;^!WDtdd50yMW0m=0!H z%vF$AE+m?PA4n$t_F|*{!B+`$WnYT0(FA?>N;unO6d{xoi(*~@5kNGv@$yeg7S?H@ z1qCsuH8k+;0uYkMJ?^B%z#~2v?03k7pO&A*>-K-7-r1jq{%Lb`_Un#9ol=@GFOsNG z$c;^6PX>j20#@kLG3T00S$uoR2Mt^W0EY$-b;>x9l{k=_uO_%ErBXF!ggO@zUt`n3 z5r&%9R5GZ&6o3M)ekEDm?H)*gp)F2xb6pEMUsH3u#AtH};*S-~{)KYbwG7lY$A@#ix9#=0sjN!{laNdASdT|Mb5&4v>RY}N$##C_J4D;H0m#MuZ zS_43wQO7MUT)!Mo%k6HE$*nIC=;F8?GEXFXg`5B0ov&5+{k_q~W1Qnu{gLqgfXyPm zc$9@C6Y^?!bz5J+A#@GX|8JEeF0_IGNzwW`I3S=j5>JQ7zRr1RZy>%O?xOOR1@&G$ zMi_PCu{iK8gxq;Eoz}mjaB?^YQH27ZlE!UeA5#U8<6HTSfjuVv3u!R$?hM`aoW~x2 zvK3`Oy|16II;Z-ZWdjz5!rc+{dqa8`C>ZPl_5qV`Y7fApkN!ph7>42DJV4yK5^>_uE%@53DfO=X0B|Q3h$1XPdyz}S&gbXAf{<`%_a8|yumm$Ofg$!xT@#diu)hIL$XHE& zN84ECONw2*9!eF$(4ZwhUxt{n1v@OZx!y#wK4aBE7K<{1#YxBOQN`Ro!?02e!d_4* z1r=8PN;lZ+^c9Gdi9c2B)Pb%NL96he@wV_4&<|{f-;s~eoCrM2I*Szy;)yw{M##nY zb}UW=agb6k9Gf>mUQ1fj@L)G*3V#7B-_L;qGdoc!6MX>6_xFy@ktm!rIgYBPsrwN! zKbScIe(;9rlFaV|jJj6i>R>j-L0J1D*#PCQ?@&yA-{-7x${vV3uh$pST!=5pcmO$k zQn-iOk0w_g&Pq2Vw$rS9@JdXy$Nh(!yiM6^ZHoL~Ds%jLW<`I|!MH0SY$DMIpTzKud=F8jcmdyd`I^ zd738`tLfj+zLEpkCGjh5&ddOLh+UL26HU*mg9+Yy_7_i^c6XuOZ%-KJGkblLP2yu# zk7kX!c+N!*+Zey2eBzht1^}+yRh?=G!kvJ#$N+b6x|5Ly53dB7o09)vE)*$Vt=$r| zgy^%8i;`sET#D-)v%MY^vpCrk@*hnsO=#^Rx<)aj(G0b?f1f^SWG5xY3G*t3O|GBk zHyf?t6ij--Qsz`qxx0t;9WyLmnV9Fx&M9fpr!dHSeb5FrG03ZZe5UC8XgoW9redpr z?;y=D_A>p0R8g}0z76-7A1 z@fO^-_ni_9kG2ybp*1&1f~3i^NCHABO{8_aZ-tHZmJRwxaGFUnp}*LARAR7(Oda8N zq$*;b=wmK_1RNRo8-mmz|CJzT0%m6L1D;emeeQ**9MGzH1?okNAaLcBCXe8w05b}O ziUM=^5FRxEc2N)-!JWiQjHPMdRVX4jAj%g5t4wNw((lALKq>bqp6Q>|CBZ%ppx?#D zQF}|%r8))YJ0r6Q|jSdBx2P)xx<4b=b6DIx%Bx?;R$%7RGfg5a~2gkxK z-ACnr@C19xGw}clH!+68$4vK-oC-U_c&7+Z6*#E@sux)ljaLv$*r(-OdSGN*I3v^K zUFwbgl5PMca14rK6eQyy1oMUT`*8lJjsBMZ^>O)l{^Wr<@{PD)0aCX%9$j74Q2XNbO}AT&G55U@)nN`bIxX@v=uu2|qi@jjxXYd&ZG9p}p{D z{ztGML8cUtq);|I(S;iB9IGfjnA&*oFFj7By0AELJVH7v?`$n9Zv7(aDYkE~jKx+? z%XRACpVe2dxtX@VOZe~zhZ0Rx6kr`Y;bt+E*deyE*5euMi4?C#zKN3S(OzZ;c3EJB zY{+ylqvdV*lT30ZFI5PFAlJdwMQK0Tvq7_x4kO$GhNayseO&w=thnj69!jYw6X`ox z2_7kVuIfvH#JmxC!^^SbPTa~JWV!r^ugbQW4qbrK4KjQvs$J&^l!7VCu?EyGXSm5& zv@9qJ-Q2;xqp*18s9cwF!8|lF#zUITfi7awERmVki2V*mH;=sbUb~%FtSWxzPVo}N zaTlZ!-UIl3Vn~R*{5N{I<*B)w_*-WwO4;xsTxUIrF2;>DG!{s>L?Rl_`4X6aD6D1U z!kW*rd$Z<|4JAiF^M@r1qULHIum|7XTp)7$aficICrk|rjU%xKr<;xi^3(WS z0o+9bI|I@Wqg0kS(LCK@jq=M%^IE*#MQWX6gR${<>lp9WvUanD_9sHh69LEz*i>Pk zPdGZ_jS~Jmi7%#dSu}BPk%}ZR5o)WKW}CCmL9_;txTfBVnGvsp(41z#wZVk-J*tB* z=Otjy+nxY^0EjJ7L(@h?szA<00{KfAgt$UD0*_tgEtTIHRV5CMSqDYg8NXlxbHna# zzEFV;_yzc@2P03vr?PwSR-^bBW2-sBHmlfG?lW55alFdIWSRtkulYEZDZawf@FM&h za6Go^?ky^Kw3Uw9ubAq`>S%&C&p00x0>u(rI#dOj`ukTWNX8~yZ)1b0)30r48oThuDZO>ZhP6%t0uA@{qHx5qz6N&Fv?;5-+Lcd*juX4ZZ12EW|gTNuQA`e zO|hKso*CafqDZb!A0Pggq#lCK#)_-goM*G%+p73)KIPT{x%;MuUAN1tS0jgNx=&t? zl%dqbJmOEE#ME4gmrv`mT#*;Anm+?L*i~EkNOG$M{1~xQtRPB7N0sK6yLv6-<*E!@h@@^>%9&dmOP-rN1Y{#qE{h1JNR*Ya{MG+5HC}T86nU}>$p?iXqS+T@g&|!=!T+$ z!ye~}A@%h-?qd#QD$#PI^~b?B{o1GaByb{xp<*L^<(bl;+?WpPsZ*q^QG;ADOZ;Pe zATlaW4_q{OQMOBP)MW?f#OM5%{M|MADb2Pl=aH_6$1E<~4Tu@(m_KiNik&}q z3B6{I_ce#g^g9&^pj&Z?ygNQ7VDR-oYH})fgB}q$jgB|^dLVGxa|F9%4=`M(&uj^o zX7)(PUawJ&Kynrbx%90r9m!A0!7I@h{G0tcxRS2mOdxz*Ckw?1mZZ6m@!ol z56O^3#1t!PeWX^XjzjuLu5`LKxWxq*Ly9`gEl~(0OVQ37t=ot~3ufc1g40L0U!V1c zF_MwX4_RwtW=gu~ebfQQ#O$^t^e5{E>UGIi&U!4$vNwY|aAzX$J#bWZa;czWl9RqLRg#F?Sx)!=~3D3Qquzksn03l7Ql4*E#U&U*6$Iwa| z?7^=p*^X+FK|D}K#%wYZfFZl2b@t77<{9IRv-y(I`|q-5n}wYSWW)&PPhd_m?FM}! z*n2{HcEb=hVSx|`6%M&HseTF@Z*7d>OrWjifHuDi8 zaH9m^m2_rBp>55uSeBX)R9f2ap7C@Yan?P2(9i6PG)-!ee=rKl^9W& zLKJ3c?Lnlv0{s(1QK_)tIj~ERA8xT>;s6D%s=RQTy&|GpVbKvEu>pQ@yRxLW=-wv+ z)e?G4sugidjF1g2eyH7~|ez%x>K*7f6ltib6C(G@_Tx6!Hw9=g_?dZ_#dms)39|jiI{MsK_XwA?SS5 z`(c(SoQ&9uZ>S_*&z>5c9A{4NV(T3>F&h4_Ho3s>UxiFRVq}E|6n26V4Dl_7GqoeM zlOdvIY!Y;1{hZPHnwBYI615-t&I4O4wBhi26|&3b1><&xvv3+yoHw}-lK9qY@n1Sf zFJcEAygqe(2u8LZ&c*kqsSJ10mZd1U>bI4jSU-fk&+gPEUlU2X z9j&_~sVgp3*EHDPQ-uav{*1PBQ=k#($=>HWC8FQ5Q(J;+*INNE1P}r@#~Z#iEV=2Y zfHbBUfzV1iGXwKuEX>y-+F%NDBXB-3Y~_1n_7dhnW%vH1paYN_>qOFJ0)b!rI@Zux zZP^vt?naDkt?b84+;HmO)4s8 z8YuJhIw*mwe8fyv-id66S5lIiA@)U|@*&Q}6oOcfQYOt%zn4^$N&p(5+Gx9cPfwR( z$Z!Z_Q7S?M#;IE9e0bo4WCI6%8w4w=-24(z5$D2->^3oG!khm+^UTQ3e)#wVk|qGbX!YR0mp@X;J?0ducE-r50tkeZFu2Ov*Zjaw=pUAzuuI_w571mLrFnT^H$y zVf%q}b+g?`7}Uz($RXt?F6eJd@d7svw2&QLJ5*1%5XvW+ZRpM6IIIv`flaprW8ch9 z_7rZd%}%d}O=oXUY3zcMAX`BYk$1|kJ+k%v6^z1(p_?Jjb4G2P-*#QsCxJ-S15hCv z_sC%dBhB!DJyyY0yn%Ih=Z|BWY;%OJy3yM{@$ZfB9}h=wS5yD{pK!1rUHp0|;4qu? zM1{lIg3wuc>R=xx(S}H7B0dWXuh8Jw|H@B2Zd2p!WuM+;eVEvs8((@33z~L8F{Qrk zfk22V*`XD6UZe-pI=C|27UU+x@~tiq0`Aq`VF}B*X^8x(*Jc`$WFs#+*e_nLd0K)B zyc9kA3zB(MF-8!t+5q6rrx|GMWjNDQ($bYVfmS1(AjeQu@-!bvKE0K?vK;;O0y?YM zn>%a>M=R7YX(Ql4C#nb_2$%!c;+Vb9DM--tVeESaiff~ygxgM{fsi5{|H`%Dsz2`F ze+3G^fc9|wTiMyBXpom+c<}<@;67s&XIWv_SQ%LiomB{gVMbD2uuGGGZ@(<9ys~NV(d-xg^=m$KP!%UmApeOkZ95_V=j2!FJ<=UgS zeG77dbQ6ta@8POVs0pS#(pVf%xFLBfNBnVMCkp$Aqkv9AE#(dz1<5T*Y48xM$w`q# zS8zPepJy4-nARaf`={6{@=)>Qs5m%TN%|xJB7{xs{FJ!c#VAfNyFq^&(?ppP22I8@ zH)uwo-G5g5`Xry0$FuXA+c-3|X+oJrj37uf1qKL_aLFmyNpObjL4NLN&);46Qm{}; zFQ%)}8LbP9<)6QX4h2SIWRp}`R5_f+sPv*mwVu30;3iy+9tJWuw8J~s%kTn&gzx22 zcbfD<0+(GA^|_z)b48(^yQ-unvNsBgvZ!U(lVnIhb;`KBdPY|`!bBYM;#ZBrw*&Yl zmNIYoQV^&4IYnu*j_-U~N=iGx_xW%^Xxj8$?+;?NDE9QSVNJj&FB+VMR{%tlEYClo2&;MD@iTvBLt{#eT!%rR6{D3;ZRDBi9&0-&Go&^-3V zIzf!qKd7mVXbX|7yMFK=F)n3Fv}Ln0PW<3X20KUSM){8D$WgCR(12gAYij< z_|zXO7yD}X9e=LBKGZ-FZ~e>t*J#WAk$lxv@HMW1YtdY7M^Lc=)yw_OT$sOBE_VwT zdks;(ycc^VvF6g{VUM0<0!@{bVU+_qptD}o7yC0H&-P_%2(`MrU*jVtg!|{?wQ}J? z<4i7tpL=*YbCOVgwz>|PQQ&9;Ie=& z$2&9lx%v<1<*`;U$zk5zpnZE=0ftB`<(B#onO}zN8^tY z2b>hm+o2y!##gImHFH~C$Np18@ja?KRQ-d)W}0pViEHl%Zx~T<`>M5^JRPJZOZB^K zHK8Tj4$Nk%MF?(q)xVsagSMRfzvGuyk$2gO$!b2__4Td%4;10ooat!EX1Xrgi_dn9 zY+gl{ob2HfY3E*BQ(Oh@1c!TDK}ppKlbpP*CE4yuc5J@s;`jKaEuZa3yA%hc7+&(~ z1fW_J8DBL2g4LR^rJt2|`=tU<857LBVP62L#LvL0xGxE&fUWo!kvk~jag#4IeH?1Q zNYXdpPvdbc6l532kV2seH-wj$m7$Dn;{Pp$n6ZE#lF^m6`{u+vm*4}YjGifyDrW2l zYFkWH@KXVcgb;j;_={4zSk=%3Oo?2kBRp7@QEWF?ekxvfxbycX+duasHwd)R_*V91 zsC$)_CGkx%C@LblT&-+h7ip9#Eu}e_Zm{Gs3g@QrZ?q$3tocwsFDH;V? zBOSkB-N8z~148$;me`Xd4@^r9bNNqLnlZ=_@^L5uD^|w&i!GLue5_~tbHhYs>@Pb= z(vRIAh@%^k@l+(V&1O4$A|`<|MQzEH`lG3V zzA>|{6HC`@{15_E`+p$vpXH9J5|<29jBiip46;~B>2mtV4?=;bf0gwAi>@#)>VK0z zAj_t`YPvP5E*=pbldBNfDpixMZEd~}{?Dx6^^wf$yqYPd{AoF5oxjB@sU~2Ou$+pA zhI4||EJ+NW1ZMwplGBwugURvzX>OXo#f8f@bhf#*+4mb}b^``UhNvy2O1LTf>h zH$}>*DnK`<&63VQh55r3P9r(8d+QyFM8T=yGs(BjSpnadOUv;0%$;*RU+gY!e`vd| z%-rO^wg&y`R{m?8tEOS+3_OnM9RnXYf+m5E>g!?J;%q>pbmn|z%=v_WZ=-3Jp;s$i zP14~q{=_La4&eF`d+6tAvgvv~LjWqGe8lLQ$VruKVt2CrvVa86zj?C_Q-NfRK(Z)? zY%MTsL6~*j4{LKful5OIkoeylq{$&HVay%&Pl(I*9Q|P>*zu2MzB%6#^O*LN)d!{z z^FuMK;rOh8vKPL;(N@biB5#;^OgCW@P~51mKuxMxtdFOVlmT0eYb4KMHFX(5#O~$U zR6su`2gsbau_TnZJ$>wvSA_*#I|eL#GF0|CS=Txd#sJ3}8n?ZkF&in>A%U!~lzmVSQ85>TFJ zY;st0{fcw-G3s29p{n{sXEz)pje2a;P`l5>`5nN0Hb;YG7**w6J{i3C6i}kmF>5+A zJAhA;plqM=eeWdcC-MYEG*68^PlemlZp2$j>AAmed0^5QF>6lG@qK4>5nNR+ERDaF zj7&DUs!%3MekGB4?D*>Z<`*m#l~Qm8s5CuXJ&b+Cr1+AtY6wR05Jpj&b_kNG1<1@3 zBr3YU1Qa4o%|>y(STrP4g1HnmQ}gPGx4C5KBF|2t7*ewC>!EPCF1|>e*;$ zY}DP&xf1nUs-z1knkKyv)win((AG3!!63PQnX@5Ki9UNZpis$^4jGsvZfkkaR$Pm| z8Zb!F!0q*Y?Y$KCN4^mM=cX16Rb@u&5j_>9{=vSLm%|GCLak*s+G znZ3Ac=MQ4g1$*&7#?`*d+(Hu$UJWaS zhV=UX%hYw~`-zAc0ag86B75~@FMo?{wQP{p41UB1EoTx5w2?6(%cYWxh{CmGjQ9RN)XsI{fdo&Heb1 zqwswQ#~o?jmT5({qCgzyuQ%>*{*~ImG8`fAc`0$cbH&G=+n2foKp(C9=E_vcAzS| zr9&uuja?G0@q2uwTY&!-`N;G92<7#K(iS1cdrV&0&0MgIHL3X*1{6 z_9^KhE~#%$TmlVlsQtLtirlz7lEC^MT_yrp+^8-sY)7S*0CO|x9t*v`zXH^`RfV6ANyYiu^&)Hj>bS}fCa zp8y?>JfoO(!S7rM4!}kl+upkWR~_da&4!~r@ED=QD1zFeC~CysqbV9i8ZByXB6e-n zs#$wisjr}F1vRTRYZH65M$H&evr$?#8b9x^-#hQTckdtf+;i@||K4%V{jd@^=f0() zKlf|X41C^7Zs~3zCgCH4+=8Rl_2#iG{{2IOgS))RQ|?3Ckj(o< zF9!0CV2oKAXqU;4$1Y`a#5VF1_$r%Mx83OGy`t{Gk(CG8>HR?bBg>z|G%qiqoOsI&{|z{dKTj`JfD?>?|Zn9J^L6aTyrmrR61E zrU-Z|#3w#p{_A8Qm!kA?97^^ltEtZMTRw8($?rXNLo3)_NwXKgEST9&Z(#mK^h&Ck+caYN z3$>ibP5(vJwkn>Hp0Qv$NdS=t>!n?-8u{a6AT`KRRc28B&S7}GW!l`|ox*JXb_b=w z)g)D4rt@T$G5XolTRJpMrSwPpR<+;KR&M-o?^h$gO?yoK2Q(LO_s>ht^v-U=nlQYh z6X4Wv7*n9+xKUb++(t(jXwBJbPQqoK>ZGLIWUrrSmbiv{76%(<+}LMIO4nJrprYcm z4OKs}t0f8x70?MS+cU-)eeKIejjs(S<*T2!^e6(?IRm48G@TmW>nqk@U6UnSk+hQn zmgM2@EWva|kv3y<2XAIC_3TEfNkDFxh(6AUdP{8YW4In!4Ss67nUBmf!rH_Hi?=K0F#yOw@VI0{{l4x-tNKG9Lx z_cByXO$s!1P^DO13p&wNr#N=4 zI`P&y_S&!lWjaihI!#wpZidWXOF?f#F*y0VV23j9K4V(jK@J-G7X%!uDT5(0Fk5O& z`pnEl*NkUMQG^xfXHsrL-eR96<~lDaLNcGc$XJ>E$J&LXdycWjPWb)GUTc=Cb}8M& z>xYHk3ejt zH(#oYk9yn^3a<%f?xwlBccC;DQ3~q`z{2I{1x-+E?wLrTWr+<}gd`@u{UHEX9$w%_+dBO^hM&d);*mgnppfR=-w{)KAA1u= z))@4P!tEaA8pE-djEMP%_gA>w#vo+)d&ne%<&##i`7F7VXXaDR^y?OF%xsV|}_|~h>a#*Tc+x=vd!NUpz%7^l^ht+*T&i)^02F_R8 zPt?2b`KA^*Z~kb@Z2e+^RqzGY#FVX1L1}l{PoR@hAx3GvDL|eP9Z{*j#cf*Q=CT?n z*XVN@CaRF@G)!}3)gN2YA);-dbO-{A=G+vv66MOu?BoWZz%ACUay|qN=i*0=t4A}3 zgp~xHg5rt0F}^ktube|!*A{>|)ozOR%f`-3 zr{+AO^1f4Q>VAAksBm2l2Vqd}s*ts_qRp7ihV6OoOau=b5mtL;V(hIB_l~CXu0hsS95}v$2A=#{@s;$rt z$5LBQEraA8xs!ivDX9=?jMP`UVb4lVme-^-#hlIlR)=Idx<<c|yCgKL1kY-}Ux`%R>MmfG3#cSG>@uC$OafMcSkSHS*Pk95wsx2m<&}k+j zV^|sEz#k;PRdz#!BfA;8q{Y1MzfHH6fSYmyRMeLky3pgiy7iqw!O{PCh3Q5(Act;{ zN~SqCs4g|zF<}9(Ykg3*&iBUW2iHCJN8E+7JozOy9$%wINr?5|MQ}1rTRvPKQ{Dt) zJea@wA)p|H#9G`T(=#6EkkV=6l(H_&0|E*y_Xn{~iF*jNcmGT(;m5!`RWR zou_!eY%}cmQ@`=226bOFSi}l-pH;>lWz(%cC^yKUZ7sU~>LN*&^)7<fu z3X)PXCH)0`W5$3t)wO^2gYy?OTUZs^b{K&yGcpSt1C6ou;R&bqgg*Qx7F-pB-ze$E zWtkqy$0U1;SUtl+4>Qs~mm;e#9hZ{M2bkMB*((PzJ@5n!F(VkMi zI%gK0CTs(rBo-ILB8j_0T%`7B^BUE*7GJ4?;2Xb&@Y7k;9~d%8*zRI|?coZ=Xqj~N z-D^?RV3O6VXcrdz7~^$u0tVOh+ea*ah*}LhWH^b)u0fL;Qw8eeTx6no1j)_yG2n~{>m@e`7u>qZ4AesWJhsJT zZia#9ev`mSoq@IE_tY1+{$6^R_( zVh%3IRCjP&gscw<+5Dk8^-CPerX=nYY*jx6?UAU&wSvqDL&rkx7=BEK; zK0PEC<>dr5wQDE$P*+=g%UlILC4B?#J9QuuNRzH_lzIBbe05YqDUVCiN3TBE|JiN^ zrr#&Pj9e=inmXc(K+%fth11H#Rk3-qaQ%4fQCj;6IhJ}V>tSLK{%NusMIdid zUPWth5xWCyoSsO%vB(u+aHUKf^Y3kmKVJg>Ii!4it&wM9KMk2&Tp;Ymk1$hOrV&k% zFxO&CTRd43w1$qdrsk%bSysM1gcUUNL!KY>7lbfFi+*Pe(>cnFIMO+BD+PszeKx$c zKgO*126s6z6al8Ac7XwHpo2MetU42H`%b5IHQe$3UCc%`C6zF;dK2YGP+7`SIq`@m zt@lpo&DPX>6<&bM(I?km)xS{Dk#@d(uXzZJZYR3<)&YI9Sgpw-qn7u$)NJOP*!qqV zGY(S*|9sZ9nL{;;1uU-h^hpTE)C7CudPj|H47%k%r7V}#A9%bGUoJ^DE^YsQ_uc>2r)f-<%92q~%aMr6 z(&)Z_PzfUFE9O8W0deB1x@3u+Ru3o(y-NGLh&Z`Qvt8OIz59O5|7kiZOGOJ>{EhZ{EFd~T-gSq=Vo4=cy1T#i5=ZZ3D@jjZB8}j1GU%dz|u?~dDCYOC{>>$ z^p7h(h}Snefc%|*_c9uzt|i*sFHjc*APEo3qYx}Sp-mZ5nKe|j1>GFLB;&!VT;GBi zQT~~?HKKp-3wWkID`I7Vah6fk165My)dbc7HTcU*O{6{\n\n**Note:** _There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing._\n\nThe [Semperis Directory Services Protector](https://www.semperis.com/ds-protector/) solution provides the capability to ingest Windows event logs (i.e., Indicators of Exposure and Indicators of Compromise) into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Agent based logs collection from Windows and Linux machines](https://docs.microsoft.com/azure/azure-monitor/agents/data-sources-custom-logs)\n\n**Data Connectors:** 1, **Parsers:** 1, **Workbooks:** 4, **Analytic Rules:** 8\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", + "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Semperis%20Directory%20Services%20Protector/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Semperis Directory Services Protector](https://www.semperis.com/ds-protector/) solution provides the capability to ingest Windows event logs (i.e., Indicators of Exposure and Indicators of Compromise) into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Agent based logs collection from Windows and Linux machines](https://docs.microsoft.com/azure/azure-monitor/agents/data-sources-custom-logs)\n\n**Data Connectors:** 1, **Workbooks:** 4, **Analytic Rules:** 8\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", "subscription": { "resourceProviders": [ "Microsoft.OperationsManagement/solutions", diff --git a/Solutions/Semperis Directory Services Protector/Package/mainTemplate.json b/Solutions/Semperis Directory Services Protector/Package/mainTemplate.json index 98595f50373..79114c17306 100644 --- a/Solutions/Semperis Directory Services Protector/Package/mainTemplate.json +++ b/Solutions/Semperis Directory Services Protector/Package/mainTemplate.json @@ -62,115 +62,113 @@ } }, "variables": { + "_solutionName": "Semperis Directory Services Protector", + "_solutionVersion": "3.0.0", "solutionId": "semperis.directory-services-protector-solution", "_solutionId": "[variables('solutionId')]", "workbookVersion1": "1.0.0", "workbookContentId1": "SemperisDSPADChangesWorkbook", "workbookId1": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId1'))]", - "workbookTemplateSpecName1": "[concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId1')))]", + "workbookTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId1'))))]", "_workbookContentId1": "[variables('workbookContentId1')]", "workspaceResourceId": "[resourceId('microsoft.OperationalInsights/Workspaces', parameters('workspace'))]", + "_workbookcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId1'),'-', variables('workbookVersion1'))))]", "workbookVersion2": "1.0.0", "workbookContentId2": "SemperisDSPNotificationsWorkbook", "workbookId2": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId2'))]", - "workbookTemplateSpecName2": "[concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId2')))]", + "workbookTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId2'))))]", "_workbookContentId2": "[variables('workbookContentId2')]", + "_workbookcontentProductId2": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId2'),'-', variables('workbookVersion2'))))]", "workbookVersion3": "1.0.0", "workbookContentId3": "SemperisDSPQuickviewDashboardWorkbook", "workbookId3": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId3'))]", - "workbookTemplateSpecName3": "[concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId3')))]", + "workbookTemplateSpecName3": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId3'))))]", "_workbookContentId3": "[variables('workbookContentId3')]", + "_workbookcontentProductId3": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId3'),'-', variables('workbookVersion3'))))]", "workbookVersion4": "1.0.0", "workbookContentId4": "SemperisDSPSecurityIndicatorsWorkbook", "workbookId4": "[resourceId('Microsoft.Insights/workbooks', variables('workbookContentId4'))]", - "workbookTemplateSpecName4": "[concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId4')))]", + "workbookTemplateSpecName4": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId4'))))]", "_workbookContentId4": "[variables('workbookContentId4')]", - "parserVersion1": "1.0.0", - "parserContentId1": "dsp_parser-Parser", - "_parserContentId1": "[variables('parserContentId1')]", - "parserName1": "dsp_parser", - "_parserName1": "[concat(parameters('workspace'),'/',variables('parserName1'))]", - "parserId1": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), variables('parserName1'))]", - "_parserId1": "[variables('parserId1')]", - "parserTemplateSpecName1": "[concat(parameters('workspace'),'-pr-',uniquestring(variables('_parserContentId1')))]", - "analyticRuleVersion1": "1.0.0", - "analyticRulecontentId1": "1a6d0a49-64b3-4ca1-96c3-f154c16c218c", - "_analyticRulecontentId1": "[variables('analyticRulecontentId1')]", - "analyticRuleId1": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', variables('analyticRulecontentId1'))]", - "analyticRuleTemplateSpecName1": "[concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId1')))]", - "analyticRuleVersion2": "1.0.0", - "analyticRulecontentId2": "9ff3b26b-7636-412e-ac46-072b084b94cb", - "_analyticRulecontentId2": "[variables('analyticRulecontentId2')]", - "analyticRuleId2": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', variables('analyticRulecontentId2'))]", - "analyticRuleTemplateSpecName2": "[concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId2')))]", - "analyticRuleVersion3": "1.0.0", - "analyticRulecontentId3": "64796da3-6383-4de2-9c97-866c83c459ae", - "_analyticRulecontentId3": "[variables('analyticRulecontentId3')]", - "analyticRuleId3": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', variables('analyticRulecontentId3'))]", - "analyticRuleTemplateSpecName3": "[concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId3')))]", - "analyticRuleVersion4": "1.0.0", - "analyticRulecontentId4": "ddd75d93-5b8b-4349-babe-c4e15343c5a3", - "_analyticRulecontentId4": "[variables('analyticRulecontentId4')]", - "analyticRuleId4": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', variables('analyticRulecontentId4'))]", - "analyticRuleTemplateSpecName4": "[concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId4')))]", - "analyticRuleVersion5": "1.0.0", - "analyticRulecontentId5": "85c1f9e4-6f14-46bf-82d5-dbe495b92aab", - "_analyticRulecontentId5": "[variables('analyticRulecontentId5')]", - "analyticRuleId5": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', variables('analyticRulecontentId5'))]", - "analyticRuleTemplateSpecName5": "[concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId5')))]", - "analyticRuleVersion6": "1.0.0", - "analyticRulecontentId6": "0e105444-fe13-4ce6-9239-21880076a3f9", - "_analyticRulecontentId6": "[variables('analyticRulecontentId6')]", - "analyticRuleId6": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', variables('analyticRulecontentId6'))]", - "analyticRuleTemplateSpecName6": "[concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId6')))]", - "analyticRuleVersion7": "1.0.0", - "analyticRulecontentId7": "8f471e21-3bb2-466f-9bc2-0a0326a60788", - "_analyticRulecontentId7": "[variables('analyticRulecontentId7')]", - "analyticRuleId7": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', variables('analyticRulecontentId7'))]", - "analyticRuleTemplateSpecName7": "[concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId7')))]", - "analyticRuleVersion8": "1.0.0", - "analyticRulecontentId8": "e5edf3f3-de53-45e6-b0d7-1ce1c048df4a", - "_analyticRulecontentId8": "[variables('analyticRulecontentId8')]", - "analyticRuleId8": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', variables('analyticRulecontentId8'))]", - "analyticRuleTemplateSpecName8": "[concat(parameters('workspace'),'-ar-',uniquestring(variables('_analyticRulecontentId8')))]", + "_workbookcontentProductId4": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId4'),'-', variables('workbookVersion4'))))]", + "analyticRuleObject1": { + "analyticRuleVersion1": "2.0.6", + "_analyticRulecontentId1": "1a6d0a49-64b3-4ca1-96c3-f154c16c218c", + "analyticRuleId1": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '1a6d0a49-64b3-4ca1-96c3-f154c16c218c')]", + "analyticRuleTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('1a6d0a49-64b3-4ca1-96c3-f154c16c218c')))]", + "_analyticRulecontentProductId1": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','1a6d0a49-64b3-4ca1-96c3-f154c16c218c','-', '2.0.6')))]" + }, + "analyticRuleObject2": { + "analyticRuleVersion2": "2.0.6", + "_analyticRulecontentId2": "9ff3b26b-7636-412e-ac46-072b084b94cb", + "analyticRuleId2": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '9ff3b26b-7636-412e-ac46-072b084b94cb')]", + "analyticRuleTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('9ff3b26b-7636-412e-ac46-072b084b94cb')))]", + "_analyticRulecontentProductId2": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','9ff3b26b-7636-412e-ac46-072b084b94cb','-', '2.0.6')))]" + }, + "analyticRuleObject3": { + "analyticRuleVersion3": "2.0.6", + "_analyticRulecontentId3": "64796da3-6383-4de2-9c97-866c83c459ae", + "analyticRuleId3": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '64796da3-6383-4de2-9c97-866c83c459ae')]", + "analyticRuleTemplateSpecName3": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('64796da3-6383-4de2-9c97-866c83c459ae')))]", + "_analyticRulecontentProductId3": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','64796da3-6383-4de2-9c97-866c83c459ae','-', '2.0.6')))]" + }, + "analyticRuleObject4": { + "analyticRuleVersion4": "2.0.6", + "_analyticRulecontentId4": "ddd75d93-5b8b-4349-babe-c4e15343c5a3", + "analyticRuleId4": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'ddd75d93-5b8b-4349-babe-c4e15343c5a3')]", + "analyticRuleTemplateSpecName4": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('ddd75d93-5b8b-4349-babe-c4e15343c5a3')))]", + "_analyticRulecontentProductId4": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','ddd75d93-5b8b-4349-babe-c4e15343c5a3','-', '2.0.6')))]" + }, + "analyticRuleObject5": { + "analyticRuleVersion5": "2.0.6", + "_analyticRulecontentId5": "85c1f9e4-6f14-46bf-82d5-dbe495b92aab", + "analyticRuleId5": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '85c1f9e4-6f14-46bf-82d5-dbe495b92aab')]", + "analyticRuleTemplateSpecName5": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('85c1f9e4-6f14-46bf-82d5-dbe495b92aab')))]", + "_analyticRulecontentProductId5": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','85c1f9e4-6f14-46bf-82d5-dbe495b92aab','-', '2.0.6')))]" + }, + "analyticRuleObject6": { + "analyticRuleVersion6": "2.0.6", + "_analyticRulecontentId6": "0e105444-fe13-4ce6-9239-21880076a3f9", + "analyticRuleId6": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '0e105444-fe13-4ce6-9239-21880076a3f9')]", + "analyticRuleTemplateSpecName6": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('0e105444-fe13-4ce6-9239-21880076a3f9')))]", + "_analyticRulecontentProductId6": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','0e105444-fe13-4ce6-9239-21880076a3f9','-', '2.0.6')))]" + }, + "analyticRuleObject7": { + "analyticRuleVersion7": "2.0.6", + "_analyticRulecontentId7": "8f471e21-3bb2-466f-9bc2-0a0326a60788", + "analyticRuleId7": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '8f471e21-3bb2-466f-9bc2-0a0326a60788')]", + "analyticRuleTemplateSpecName7": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('8f471e21-3bb2-466f-9bc2-0a0326a60788')))]", + "_analyticRulecontentProductId7": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','8f471e21-3bb2-466f-9bc2-0a0326a60788','-', '2.0.6')))]" + }, + "analyticRuleObject8": { + "analyticRuleVersion8": "2.0.6", + "_analyticRulecontentId8": "e5edf3f3-de53-45e6-b0d7-1ce1c048df4a", + "analyticRuleId8": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'e5edf3f3-de53-45e6-b0d7-1ce1c048df4a')]", + "analyticRuleTemplateSpecName8": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('e5edf3f3-de53-45e6-b0d7-1ce1c048df4a')))]", + "_analyticRulecontentProductId8": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','e5edf3f3-de53-45e6-b0d7-1ce1c048df4a','-', '2.0.6')))]" + }, "uiConfigId1": "SemperisDSP", "_uiConfigId1": "[variables('uiConfigId1')]", "dataConnectorContentId1": "SemperisDSP", "_dataConnectorContentId1": "[variables('dataConnectorContentId1')]", "dataConnectorId1": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]", "_dataConnectorId1": "[variables('dataConnectorId1')]", - "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1')))]", - "dataConnectorVersion1": "1.0.0" + "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1'))))]", + "dataConnectorVersion1": "1.0.0", + "_dataConnectorcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentId1'),'-', variables('dataConnectorVersion1'))))]", + "_solutioncontentProductId": "[concat(take(variables('_solutionId'),50),'-','sl','-', uniqueString(concat(variables('_solutionId'),'-','Solution','-',variables('_solutionId'),'-', variables('_solutionVersion'))))]" }, "resources": [ { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", "name": "[variables('workbookTemplateSpecName1')]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Workbook" - }, - "properties": { - "description": "Semperis Directory Services Protector Workbook with template", - "displayName": "Semperis Directory Services Protector workbook template" - } - }, - { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('workbookTemplateSpecName1'),'/',variables('workbookVersion1'))]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Workbook" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('workbookTemplateSpecName1'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "SemperisDSPADChangesWorkbook Workbook with template version 2.0.5", + "description": "SemperisDSPADChanges Workbook with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion1')]", @@ -233,37 +231,30 @@ } } ] - } + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('_workbookContentId1')]", + "contentKind": "Workbook", + "displayName": "[parameters('workbook1-name')]", + "contentProductId": "[variables('_workbookcontentProductId1')]", + "id": "[variables('_workbookcontentProductId1')]", + "version": "[variables('workbookVersion1')]" } }, { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", "name": "[variables('workbookTemplateSpecName2')]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Workbook" - }, - "properties": { - "description": "Semperis Directory Services Protector Workbook with template", - "displayName": "Semperis Directory Services Protector workbook template" - } - }, - { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('workbookTemplateSpecName2'),'/',variables('workbookVersion2'))]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Workbook" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('workbookTemplateSpecName2'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "SemperisDSPNotificationsWorkbook Workbook with template version 2.0.5", + "description": "SemperisDSPNotifications Workbook with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion2')]", @@ -281,7 +272,7 @@ }, "properties": { "displayName": "[parameters('workbook2-name')]", - "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"9ce8b817-f1ac-44c1-9803-9c29fb852094\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Time\",\"type\":4,\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000},{\"durationMs\":5184000000},{\"durationMs\":7776000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000}},{\"id\":\"b5012d54-1341-451b-8c19-2464dad7400d\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"RuleName\",\"label\":\"Rule Name\",\"type\":1,\"timeContext\":{\"durationMs\":86400000},\"value\":\"\"},{\"id\":\"1e9c0aed-d257-4426-abd4-26d1f244705f\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Severity\",\"type\":2,\"typeSettings\":{\"showDefault\":false},\"jsonData\":\"[\\r\\n { \\\"value\\\":\\\"Critical\\\", \\\"label\\\":\\\"Critical\\\" },\\r\\n { \\\"value\\\":\\\"Warning\\\" , \\\"label\\\":\\\"Warning\\\" },\\r\\n { \\\"value\\\":\\\"Informational\\\" , \\\"label\\\":\\\"Informational\\\" }\\r\\n]\",\"timeContext\":{\"durationMs\":86400000}}],\"style\":\"pills\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 2\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"Event\\r\\n| where Source == 'Semperis-DSP-Notifications' \\r\\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\\r\\n| mv-expand bagexpansion=array p1Xml\\r\\n| evaluate bag_unpack(p1Xml)\\r\\n| extend Key1=tostring(['@Name']), Value=['#text']\\r\\n| evaluate pivot(Key1, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\\r\\n| where (isempty('{Time}') or (todatetime(timeCreated) >= todatetime('{Time:startISO}') and todatetime(timeCreated) <= todatetime('{Time:endISO}'))) and ((isempty('{RuleName}') or indexof(ruleName,'{RuleName}') > -1)) and ((isempty('{Severity}') or severity == '{Severity}'))\\r\\n| order by TimeGenerated desc\\r\\n| project ruleName, fullOperation\\r\\n\",\"size\":0,\"title\":\"Notifications\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"labelSettings\":[{\"columnId\":\"ruleName\",\"label\":\"Rule Name\"},{\"columnId\":\"fullOperation\",\"label\":\"Operation\"}]}},\"name\":\"query - 1\"}],\"fromTemplateId\":\"sentinel-SemperisDSPNotifications\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", + "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"9ce8b817-f1ac-44c1-9803-9c29fb852094\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Time\",\"type\":4,\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000},{\"durationMs\":5184000000},{\"durationMs\":7776000000}],\"allowCustom\":true},\"timeContext\":{\"durationMs\":86400000}},{\"id\":\"b5012d54-1341-451b-8c19-2464dad7400d\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"RuleName\",\"label\":\"Rule Name\",\"type\":1,\"timeContext\":{\"durationMs\":86400000},\"value\":\"\"},{\"id\":\"1e9c0aed-d257-4426-abd4-26d1f244705f\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Severity\",\"type\":2,\"typeSettings\":{\"showDefault\":false},\"jsonData\":\"[\\r\\n { \\\"value\\\":\\\"Critical\\\", \\\"label\\\":\\\"Critical\\\" },\\r\\n { \\\"value\\\":\\\"Warning\\\" , \\\"label\\\":\\\"Warning\\\" },\\r\\n { \\\"value\\\":\\\"Informational\\\" , \\\"label\\\":\\\"Informational\\\" }\\r\\n]\",\"timeContext\":{\"durationMs\":86400000}}],\"style\":\"pills\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 2\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"SecurityEvent\\r\\n| where EventSourceName == 'Semperis-DSP-Notifications' \\r\\n| extend p1Xml = parse_xml(EventData).EventData.Data\\r\\n| mv-expand bagexpansion=array p1Xml\\r\\n| evaluate bag_unpack(p1Xml)\\r\\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\\r\\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\\r\\n| where (isempty('{Time}') or (todatetime(timeCreated) >= todatetime('{Time:startISO}') and todatetime(timeCreated) <= todatetime('{Time:endISO}'))) and ((isempty('{RuleName}') or indexof(ruleName,'{RuleName}') > -1)) and ((isempty('{Severity}') or severity == '{Severity}'))\\r\\n| order by TimeGenerated desc\\r\\n| project ruleName, severity, Computer, objectDN, timeCreated, fullOperation, attributeName, attributeValue, changedBy, originatingServerName\\r\\n\",\"size\":0,\"title\":\"Notifications\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"labelSettings\":[{\"columnId\":\"ruleName\",\"label\":\"Rule Name\"},{\"columnId\":\"fullOperation\",\"label\":\"Operation\"}]}},\"name\":\"query - 1\"}],\"fromTemplateId\":\"sentinel-SemperisDSPNotifications\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", "version": "1.0", "sourceId": "[variables('workspaceResourceId')]", "category": "sentinel" @@ -326,37 +317,30 @@ } } ] - } + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('_workbookContentId2')]", + "contentKind": "Workbook", + "displayName": "[parameters('workbook2-name')]", + "contentProductId": "[variables('_workbookcontentProductId2')]", + "id": "[variables('_workbookcontentProductId2')]", + "version": "[variables('workbookVersion2')]" } }, { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", "name": "[variables('workbookTemplateSpecName3')]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Workbook" - }, - "properties": { - "description": "Semperis Directory Services Protector Workbook with template", - "displayName": "Semperis Directory Services Protector workbook template" - } - }, - { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('workbookTemplateSpecName3'),'/',variables('workbookVersion3'))]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Workbook" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('workbookTemplateSpecName3'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "SemperisDSPQuickviewDashboardWorkbook Workbook with template version 2.0.5", + "description": "SemperisDSPQuickviewDashboard Workbook with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion3')]", @@ -374,7 +358,7 @@ }, "properties": { "displayName": "[parameters('workbook3-name')]", - "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let day_names =dynamic([\\\"Sunday\\\",\\\"Monday\\\",\\\"Tuesday\\\",\\\"Wednesday\\\",\\\"Thursday\\\",\\\"Friday\\\",\\\"Saturday\\\"]);\\nlet averageData = view() { CommonSecurityLog \\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\\n| where TimeGenerated > datetime(2000-01-01)\\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \\\"\\\"\\n| summarize Count=count() by Year=getyear(TimeGenerated), Month=monthofyear(TimeGenerated), Day=dayofmonth(TimeGenerated)\\n| summarize Average_Count=toint(avg(Count)) by Day=dayofweek(make_datetime(Year,Month,Day)), SortData=\\\"Average Daily Change\\\"\\n| order by Day asc};\\nlet weeklyData = view() { CommonSecurityLog \\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\\n| where TimeGenerated > startofweek(now())\\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \\\"\\\"\\n| summarize Count=count() by Year=getyear(TimeGenerated), Month=monthofyear(TimeGenerated), Day=dayofmonth(TimeGenerated)\\n| summarize Average_Count=toint(avg(Count)) by Day=dayofweek(make_datetime(Year,Month,Day)), SortData=\\\"Daily Change\\\"\\n| order by Day asc };\\nunion withsource=TableName averageData,weeklyData\\n| order by Day asc, SortData asc\\n| project Average_Count,Day,TableName,SortData,Days=tostring(day_names[indexof('00010203040506', format_timespan(Day,'dd'))/2])\\n| render barchart with (kind=unstacked)\\n\\n\",\"size\":0,\"title\":\"Weekly Active Directory Change Count\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"chartSettings\":{\"xAxis\":\"Days\",\"seriesLabelSettings\":[{\"seriesName\":\"averageData\",\"label\":\"Average Daily Change\",\"color\":\"gray\"},{\"seriesName\":\"weeklyData\",\"label\":\"Daily Change\",\"color\":\"orange\"}]},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"Average_Count\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"Average_Count\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"Average_Count\",\"heatmapPalette\":\"greenRed\"}}},\"customWidth\":\"100\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"Event\\n| where Source == 'Semperis-Operation-Log' and EventID == 20000\\n| sort by TimeGenerated desc \\n| parse RenderedDescription with \\\"Operation: \\\" Operation \\\"Access Granted:\\\" AccessGranted \\\"Result: \\\" Result \\\"Details: \\\" * \\\"Trustee Name: \\\" TrusteeName \\\" Correlation ID: \\\" * \\\" Source: \\\" HostIP \\\"WebSite Target\\\" *\\n| extend host = tostring(HostIP)\\n| extend HostIP = trim_end(\\\":\\\",HostIP)\\n| project TimeGenerated, UserName, HostIP\\n| order by TimeGenerated desc\\n| top 10 by TimeGenerated\",\"size\":1,\"title\":\"Successful Logons\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"labelSettings\":[{\"columnId\":\"TimeGenerated\",\"label\":\"Time Generated\"},{\"columnId\":\"UserName\",\"label\":\"Identity\"},{\"columnId\":\"HostIP\",\"label\":\"Host IP\"}]}},\"customWidth\":\"55\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"Event\\n| where Source == 'Semperis-Operation-Log' and ( EventID == 20000 or EventID == 20002 )\\n| sort by TimeGenerated desc \\n| parse RenderedDescription with \\\"Operation: \\\" Operation \\\"Access Granted:\\\" AccessGranted \\\"Result: \\\" Result \\\"Details: \\\" * \\\"Trustee Name: \\\" TrusteeName \\\" Correlation ID: \\\" * \\\" Source: \\\" HostIP \\\"WebSite Target\\\" *\\n| extend host = tostring(HostIP)\\n| extend HostIP = trim_end(\\\":\\\",HostIP)\\n| where isnotempty(AccessGranted)\\n| summarize Count=count() by AccessGranted\\n\\n\\n\\n\",\"size\":1,\"title\":\"DSP Logins\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"chartSettings\":{\"showLegend\":true,\"seriesLabelSettings\":[{\"seriesName\":\" TRUE \",\"color\":\"green\"},{\"seriesName\":\" FALSE \",\"color\":\"redBright\"},{\"color\":\"red\"}]}},\"customWidth\":\"45\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"Event\\r\\n| where Source == 'Semperis-DSP-Notifications' \\r\\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\\r\\n| mv-expand bagexpansion=array p1Xml\\r\\n| evaluate bag_unpack(p1Xml)\\r\\n| extend Key1=tostring(['@Name']), Value=['#text']\\r\\n| evaluate pivot(Key1, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\\r\\n| order by TimeGenerated desc\\r\\n| project ruleName, fullOperation\\r\\n\",\"size\":0,\"title\":\"Notifications\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"rowLimit\":10000,\"labelSettings\":[{\"columnId\":\"ruleName\",\"label\":\"Rule Name\"},{\"columnId\":\"fullOperation\",\"label\":\"Operation\"}]}},\"customWidth\":\"50\",\"name\":\"query - 1\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"Event\\n| where Source == 'Semperis-Operation-Log' and EventID == 20012\\n| sort by TimeGenerated desc\\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=tostring(['@Name']), Value=['#text']\\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\\n| parse details with \\\"Occured at (UTC): \\\" OccurredAt \\\"Session ID: \\\" SessionID \\\"Trustee Name: \\\" TrusteeName \\\"Correlation ID: \\\" CorrelationID \\\"Source: \\\" Source \\\"WebSite Target: \\\" WebSiteTarget \\\"Product: \\\" Product \\\"Component: \\\" Component \\\"AD Information: \\\" ADInformation \\\"Object GUID: \\\" ObjectGUID \\\"Attribute: \\\" Attribute \\\"Distinguished Name: \\\" DistinguishedName \\\"Additional Information: \\\"AdditionalInformation \\\"Operation Detail: \\\" OperationDetail \\\"operationName: \\\" operationName \\\"trustee: \\\" trustee \\\"personas: \\\" personas \\\"Status: \\\" status \\\"Granted: \\\" Granted \\\"Result: \\\" Result\\n| extend _AccessGranted = iif(operationName contains \\\"CreateRbacIdentity\\\", \\\"Added\\\", \\\"Removed\\\")\\n| extend _Identity = iif(operationName contains \\\"CreateRbacIdentity\\\", trustee, tostring(substring(trustee,1,strlen(trustee))))\\n| extend _Identity = iif(operationName contains \\\"CreateRbacIdentity\\\", _Identity, replace_string(_Identity,\\\"'\\\",\\\"\\\"))\\n| extend add_personas = replace_string(replace_string(replace_string(personas,\\\"{ Name = \\\",\\\"\\\"),\\\" }\\\",\\\"\\\"),\\\";\\\",\\\",\\\")\\n| extend remove_personas = replace_string(personas,\\\";\\\",\\\",\\\")\\n| extend grid_personas = iif(operationName contains \\\"CreateRbacIdentity\\\", add_personas, remove_personas)\\n| extend date_to_sort = format_datetime(TimeGenerated,\\\"yyyy-mm-dd HH:mm:ss\\\")\\n| order by date_to_sort desc\\n| project TrusteeName, _Identity, _AccessGranted, grid_personas, TimeGenerated\\n\\n\\n\",\"size\":1,\"title\":\"Role Based Access Control Changes\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"labelSettings\":[{\"columnId\":\"TrusteeName\",\"label\":\"Changed By\"},{\"columnId\":\"_Identity\",\"label\":\"Identity\"},{\"columnId\":\"_AccessGranted\",\"label\":\"Access Granted\"},{\"columnId\":\"grid_personas\",\"label\":\"Persona Details\"},{\"columnId\":\"TimeGenerated\",\"label\":\"Timestamp\"}]}},\"customWidth\":\"50\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity)\\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \\\"\\\"\\n| summarize ChangedCount = count() by tostring(OriginatingUsers)\\n| project replace_string(OriginatingUsers,'\\\\\\\\\\\\\\\\','/'), ChangedCount, OriginatingUsers, \\\"Details\\\"\\n| order by ChangedCount desc\\n| top 5 by ChangedCount\",\"size\":1,\"title\":\"Top 5 Identities Making Changes\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"OriginatingUsers\",\"formatter\":5},{\"columnMatch\":\"Column2\",\"formatter\":1,\"formatOptions\":{\"linkTarget\":\"WorkbookTemplate\",\"linkIsContextBlade\":true,\"workbookContext\":{\"componentIdSource\":\"workbook\",\"resourceIdsSource\":\"workbook\",\"templateIdSource\":\"static\",\"templateId\":\"/subscriptions/b57a6492-52e3-4a3c-b970-f1d68b275e11/resourceGroups/DSPSentinel/providers/microsoft.insights/workbooks/18e25ec4-ee8d-4c12-aba1-c60b5159c0bc\",\"typeSource\":\"workbook\",\"gallerySource\":\"workbook\",\"locationSource\":\"workbook\",\"passSpecificParams\":true,\"templateParameters\":[{\"name\":\"OriginatingUsers\",\"source\":\"column\",\"value\":\"Column1\"}]}}},{\"columnMatch\":\"ParentId\",\"formatter\":5},{\"columnMatch\":\"Id\",\"formatter\":5},{\"columnMatch\":\"Originating Identity\",\"formatter\":1},{\"columnMatch\":\"Group\",\"formatter\":1}],\"labelSettings\":[{\"columnId\":\"Column1\",\"label\":\"Originating Identity\"},{\"columnId\":\"ChangedCount\",\"label\":\"Number of Changes\"},{\"columnId\":\"Column2\",\"label\":\" \"}]}},\"customWidth\":\"35\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\\n| parse DistinguishedName with * \\\"CN\\\\\\\\=\\\" cnName \\\",\\\" *\\n| parse DistinguishedName with * \\\"DC\\\\\\\\=\\\" dcName \\\",\\\" *\\n| where ClassName != \\\"dnsNode\\\"\\n| summarize ChangedCount=count() by cnName\\n| project cnName, ChangedCount, \\\"Details\\\"\\n| order by ChangedCount desc\\n| top 5 by ChangedCount\\n\",\"size\":3,\"title\":\"Top 5 Objects Changed\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Column1\",\"formatter\":1,\"formatOptions\":{\"linkTarget\":\"WorkbookTemplate\",\"linkIsContextBlade\":true,\"workbookContext\":{\"componentIdSource\":\"workbook\",\"resourceIdsSource\":\"workbook\",\"templateIdSource\":\"static\",\"templateId\":\"/subscriptions/b57a6492-52e3-4a3c-b970-f1d68b275e11/resourceGroups/DSPSentinel/providers/microsoft.insights/workbooks/18e25ec4-ee8d-4c12-aba1-c60b5159c2f4\",\"typeSource\":\"workbook\",\"gallerySource\":\"workbook\",\"locationSource\":\"default\",\"passSpecificParams\":true,\"templateParameters\":[{\"name\":\"cName\",\"source\":\"column\",\"value\":\"cnName\"}]}}}],\"labelSettings\":[{\"columnId\":\"cnName\",\"label\":\"Object Changed\"}]}},\"customWidth\":\"35\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"Event\\n| where Source == 'Semperis-DSP-Notifications' \\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=tostring(['@Name']), Value=['#text']\\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\\n| summarize Count=count() by tostring(fullOperation)\\n\\n\",\"size\":1,\"title\":\"AD Change Types\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"rowLimit\":10000,\"sortBy\":[{\"itemKey\":\"fullOperation\",\"sortOrder\":1}],\"labelSettings\":[{\"columnId\":\"fullOperation\",\"label\":\"Activity\"}]},\"sortBy\":[{\"itemKey\":\"fullOperation\",\"sortOrder\":1}]},\"customWidth\":\"30\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\\n| parse DistinguishedName with * \\\"CN\\\\\\\\=\\\" cnName \\\",\\\" *\\n| parse DistinguishedName with * \\\"DC\\\\\\\\=\\\" dcName \\\",\\\" *\\n| where ClassName == 'group'\\n| project AttributeModificationType,cnName,OriginatingTime,replace_string(OriginatingUsers,\\\"\\\\\\\\\\\\\\\\\\\",\\\"\\\\\\\\\\\"),StringValueFrom,StringValueTo\\n\",\"size\":0,\"title\":\"Builtin Group Changes\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Column1\",\"formatter\":1,\"formatOptions\":{\"workbookContext\":{\"componentIdSource\":\"workbook\",\"resourceIdsSource\":\"workbook\",\"templateIdSource\":\"static\",\"templateId\":\"/subscriptions/b57a6492-52e3-4a3c-b970-f1d68b275e11/resourceGroups/DSPSentinel/providers/microsoft.insights/workbooks/18e25ec4-ee8d-4c12-aba1-c60b5159c2f4\",\"typeSource\":\"workbook\",\"gallerySource\":\"workbook\",\"locationSource\":\"default\",\"passSpecificParams\":true,\"templateParameters\":[{\"name\":\"cName\",\"source\":\"column\",\"value\":\"cnName\"}]}}}],\"rowLimit\":10000,\"labelSettings\":[{\"columnId\":\"AttributeModificationType\",\"label\":\"Attribute Modification Type\"},{\"columnId\":\"cnName\",\"label\":\"Object Changed\"},{\"columnId\":\"OriginatingTime\",\"label\":\"Originating Time\"},{\"columnId\":\"StringValueFrom\",\"label\":\"Value From\"},{\"columnId\":\"StringValueTo\",\"label\":\"Value To\"}]}},\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"Event\\n| where Source == 'Semperis-DSP-Security' \\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=tostring(['@Name']), Value=['#text']\\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\\n| extend isProblem = iif(result == \\\"Failed\\\", true, false)\\n| where isnotnull(numberOfResults) and isProblem == true\\n| order by tostring(securityIndicatorName)\\n| summarize Count=count() by tostring(securityIndicatorName)\\n| top 5 by Count\\n\\n\",\"size\":1,\"title\":\"Top 5 Failed Security Indicators\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"gridSettings\":{\"rowLimit\":10000},\"chartSettings\":{\"yAxis\":[\"Count\"],\"showLegend\":true}},\"customWidth\":\"50\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"Event\\n| where Source == 'Semperis-DSP-Security' \\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=tostring(['@Name']), Value=['#text']\\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\\n| extend isProblem = iif(result == \\\"Failed\\\", true, false)\\n| where isnotnull(numberOfResults) and isProblem == true\\n| order by tostring(securityIndicatorName)\\n| summarize Count=count() by tostring(securityIndicatorName)\\n| top 5 by Count\\n\\n\",\"size\":1,\"title\":\"Top 5 Failed Security Indicators\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"gridSettings\":{\"rowLimit\":10000},\"chartSettings\":{\"yAxis\":[\"Count\"],\"showLegend\":true}},\"customWidth\":\"50\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"Event\\n| where Source == 'Semperis-DSP-Security' \\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=tostring(['@Name']), Value=['#text']\\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\\n| extend isProblem = iif(result == \\\"Failed\\\", true, false)\\n| where isnotnull(numberOfResults) and isProblem == true\\n| summarize Count=count() by tostring(securityFrameworkTags)\\n\\n\",\"size\":0,\"title\":\"Amount of Generated Events per Category\",\"timeContext\":{\"durationMs\":14400000},\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"categoricalbar\",\"gridSettings\":{\"rowLimit\":10000},\"chartSettings\":{\"yAxis\":[\"Count\"],\"showLegend\":true}},\"name\":\"query - 2\"}],\"styleSettings\":{\"paddingStyle\":\"wide\",\"spacingStyle\":\"wide\"},\"fromTemplateId\":\"sentinel-SemperisDSPQuickviewDashboard\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", + "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"let day_names =dynamic([\\\"Sunday\\\",\\\"Monday\\\",\\\"Tuesday\\\",\\\"Wednesday\\\",\\\"Thursday\\\",\\\"Friday\\\",\\\"Saturday\\\"]);\\nlet averageData = view() { CommonSecurityLog \\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\\n| where TimeGenerated > datetime(2000-01-01)\\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \\\"\\\"\\n| summarize Count=count() by Year=getyear(TimeGenerated), Month=monthofyear(TimeGenerated), Day=dayofmonth(TimeGenerated)\\n| summarize Average_Count=toint(avg(Count)) by Day=dayofweek(make_datetime(Year,Month,Day)), SortData=\\\"Average Daily Change\\\"\\n| order by Day asc};\\nlet weeklyData = view() { CommonSecurityLog \\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\\n| where TimeGenerated > startofweek(now())\\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \\\"\\\"\\n| summarize Count=count() by Year=getyear(TimeGenerated), Month=monthofyear(TimeGenerated), Day=dayofmonth(TimeGenerated)\\n| summarize Average_Count=toint(avg(Count)) by Day=dayofweek(make_datetime(Year,Month,Day)), SortData=\\\"Daily Change\\\"\\n| order by Day asc };\\nunion withsource=TableName averageData,weeklyData\\n| order by Day asc, SortData asc\\n| project Average_Count,Day,TableName,SortData,Days=tostring(day_names[indexof('00010203040506', format_timespan(Day,'dd'))/2])\\n| render barchart with (kind=unstacked)\\n\\n\",\"size\":0,\"title\":\"Weekly Active Directory Change Count\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"chartSettings\":{\"xAxis\":\"Days\",\"seriesLabelSettings\":[{\"seriesName\":\"averageData\",\"label\":\"Average Daily Change\",\"color\":\"gray\"},{\"seriesName\":\"weeklyData\",\"label\":\"Daily Change\",\"color\":\"orange\"}]},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"Average_Count\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"Average_Count\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"Average_Count\",\"heatmapPalette\":\"greenRed\"}}},\"customWidth\":\"100\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"SecurityEvent\\n| where EventSourceName == 'Semperis-Operation-Log' and EventID == 20000\\n| sort by TimeGenerated desc \\n| extend p1Xml = parse_xml(EventData).EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '')\\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\\n| extend details = column_ifexists('details', '')\\n| parse details with * \\\"Trustee Name: \\\" TrusteeName \\\" Correlation ID: \\\" * \\\" Source: \\\" HostIP \\\":\\\" * \\\" Target\\\" *\\n| extend host = tostring(HostIP)\\n| project TimeGenerated, TrusteeName, HostIP\\n| order by TimeGenerated desc\\n| top 10 by TimeGenerated\",\"size\":1,\"title\":\"Successful Logons\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"labelSettings\":[{\"columnId\":\"TimeGenerated\",\"label\":\"Time Generated\"}]}},\"customWidth\":\"55\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"SecurityEvent\\n| where EventSourceName == 'Semperis-Operation-Log' and ( EventID == 20000 or EventID == 20002 )\\n| sort by TimeGenerated desc \\n| extend p1Xml = parse_xml(EventData).EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '')\\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\\n| extend details = column_ifexists('details', ''), accessGrated = column_ifexists('accessGrated', '')\\n| parse details with * \\\"Trustee Name: \\\" TrusteeName \\\" Correlation ID: \\\" * \\\" Source: \\\" HostIP \\\":\\\" * \\\" Target\\\" *\\n| extend host = tostring(HostIP)\\n| where isnotempty(accessGrated)\\n| summarize Count=count() by accessGrated\\n\",\"size\":1,\"title\":\"DSP Logins\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"chartSettings\":{\"showLegend\":true,\"seriesLabelSettings\":[{\"seriesName\":\" TRUE \",\"color\":\"green\"},{\"seriesName\":\" FALSE \",\"color\":\"redBright\"},{\"color\":\"red\"}]}},\"customWidth\":\"45\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"SecurityEvent\\r\\n| where EventSourceName == 'Semperis-DSP-Notifications' \\r\\n| extend p1Xml = parse_xml(EventData).EventData.Data\\r\\n| mv-expand bagexpansion=array p1Xml\\r\\n| evaluate bag_unpack(p1Xml)\\r\\n| extend Name=tostring(['@Name']), Value=['#text']\\r\\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\\r\\n| order by TimeGenerated desc\\r\\n| project ruleName, severity, fullOperation, attributeName, attributeValue, changedBy, originatingServerName\\r\\n\",\"size\":0,\"title\":\"Notifications\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"rowLimit\":10000,\"labelSettings\":[{\"columnId\":\"ruleName\",\"label\":\"Rule Name\"},{\"columnId\":\"fullOperation\",\"label\":\"Operation\"}]}},\"customWidth\":\"50\",\"name\":\"query - 1\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"SecurityEvent\\n| where EventSourceName == 'Semperis-Operation-Log' and EventID == 20012\\n| sort by TimeGenerated desc\\n| extend p1Xml = parse_xml(EventData).EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\\n| extend details=column_ifexists(tostring('details'), '')\\n| parse details with \\\"Occured at (UTC): \\\" OccurredAt \\\"Session ID: \\\" SessionID \\\"Trustee Name: \\\" TrusteeName \\\"Correlation ID: \\\" CorrelationID \\\"Source: \\\" Source \\\"WebSite Target: \\\" WebSiteTarget \\\"Product: \\\" Product \\\"Component: \\\" Component \\\"AD Information: \\\" ADInformation \\\"Object GUID: \\\" ObjectGUID \\\"Attribute: \\\" Attribute \\\"Distinguished Name: \\\" DistinguishedName \\\"Additional Information: \\\"AdditionalInformation \\\"Operation Detail: \\\" OperationDetail \\\"operationName: \\\" operationName \\\"trustee: \\\" trustee \\\"personas: \\\" personas \\\"Status: \\\" status \\\"Granted: \\\" Granted \\\"Result: \\\" Result\\n| where isnotempty(operationName)\\n| extend _AccessGranted = iif(operationName contains \\\"CreateRbacIdentity\\\", \\\"Added\\\", \\\"Removed\\\")\\n| extend _Identity = iif(operationName contains \\\"CreateRbacIdentity\\\", trustee, tostring(substring(trustee,1,strlen(trustee))))\\n| extend _Identity = iif(operationName contains \\\"CreateRbacIdentity\\\", _Identity, replace_string(_Identity,\\\"'\\\",\\\"\\\"))\\n| extend add_personas = replace_string(replace_string(replace_string(personas,\\\"{ Name = \\\",\\\"\\\"),\\\" }\\\",\\\"\\\"),\\\";\\\",\\\",\\\")\\n| extend remove_personas = replace_string(personas,\\\";\\\",\\\",\\\")\\n| extend grid_personas = iif(operationName contains \\\"CreateRbacIdentity\\\", add_personas, remove_personas)\\n| extend date_to_sort = format_datetime(TimeGenerated,\\\"yyyy-mm-dd HH:mm:ss\\\")\\n| order by date_to_sort desc\\n| project TrusteeName, _Identity, _AccessGranted, grid_personas, TimeGenerated\\n\\n\\n\",\"size\":1,\"title\":\"Role Based Access Control Changes\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"sortBy\":[{\"itemKey\":\"TrusteeName\",\"sortOrder\":2}],\"labelSettings\":[{\"columnId\":\"TrusteeName\",\"label\":\"Changed By\"},{\"columnId\":\"_Identity\",\"label\":\"Identity\"},{\"columnId\":\"_AccessGranted\",\"label\":\"Access Granted\"},{\"columnId\":\"TimeGenerated\",\"label\":\"Timestamp\"}]},\"sortBy\":[{\"itemKey\":\"TrusteeName\",\"sortOrder\":2}]},\"customWidth\":\"50\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity)\\n| where isnotnull(OriginatingUsers) and OriginatingUsers != \\\"\\\"\\n| summarize ChangedCount = count() by tostring(OriginatingUsers)\\n| project replace_string(OriginatingUsers,'\\\\\\\\\\\\\\\\','/'), ChangedCount, OriginatingUsers, \\\"Details\\\"\\n| order by ChangedCount desc\\n| top 5 by ChangedCount\",\"size\":1,\"title\":\"Top 5 Identities Making Changes\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"OriginatingUsers\",\"formatter\":5},{\"columnMatch\":\"Column2\",\"formatter\":1,\"formatOptions\":{\"linkTarget\":\"WorkbookTemplate\",\"linkIsContextBlade\":true,\"workbookContext\":{\"componentIdSource\":\"workbook\",\"resourceIdsSource\":\"workbook\",\"typeSource\":\"workbook\",\"gallerySource\":\"workbook\",\"locationSource\":\"workbook\",\"passSpecificParams\":true,\"templateParameters\":[{\"name\":\"OriginatingUsers\",\"source\":\"column\",\"value\":\"Column1\"}]}}},{\"columnMatch\":\"ParentId\",\"formatter\":5},{\"columnMatch\":\"Id\",\"formatter\":5},{\"columnMatch\":\"Originating Identity\",\"formatter\":1},{\"columnMatch\":\"Group\",\"formatter\":1}],\"labelSettings\":[{\"columnId\":\"Column1\",\"label\":\"Originating Identity\"},{\"columnId\":\"ChangedCount\",\"label\":\"Number of Changes\"},{\"columnId\":\"Column2\",\"label\":\" \"}]}},\"customWidth\":\"35\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\\n| extend DistinguishedName = column_ifexists('DistinguishedName', '')\\n| where isnotempty(DistinguishedName)\\n| parse DistinguishedName with * \\\"CN=\\\" cnName \\\",\\\" *\\n| parse DistinguishedName with * \\\"DC=\\\" dcName \\\",\\\" *\\n| where ClassName != \\\"dnsNode\\\"\\n| summarize ChangedCount=count() by cnName\\n| project cnName, ChangedCount, \\\"Details\\\"\\n| order by ChangedCount desc\\n| top 5 by ChangedCount\\n\",\"size\":3,\"title\":\"Top 5 Objects Changed\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Column1\",\"formatter\":1,\"formatOptions\":{\"linkTarget\":\"WorkbookTemplate\",\"linkIsContextBlade\":true,\"workbookContext\":{\"componentIdSource\":\"workbook\",\"resourceIdsSource\":\"workbook\",\"typeSource\":\"workbook\",\"gallerySource\":\"workbook\",\"locationSource\":\"default\",\"passSpecificParams\":true,\"templateParameters\":[{\"name\":\"cName\",\"source\":\"column\",\"value\":\"cnName\"}]}}}],\"labelSettings\":[{\"columnId\":\"cnName\",\"label\":\"Object Changed\"}]}},\"customWidth\":\"35\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"SecurityEvent\\n| where EventSourceName == 'Semperis-DSP-Notifications' \\n| extend p1Xml = parse_xml(EventData).EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Key1=tostring(['@Name']), Value=['#text']\\n| evaluate pivot(Key1, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\\n| summarize Count=count() by tostring(fullOperation)\\n\\n\",\"size\":1,\"title\":\"AD Change Types\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"rowLimit\":10000,\"sortBy\":[{\"itemKey\":\"fullOperation\",\"sortOrder\":1}],\"labelSettings\":[{\"columnId\":\"fullOperation\",\"label\":\"Activity\"}]},\"sortBy\":[{\"itemKey\":\"fullOperation\",\"sortOrder\":1}]},\"customWidth\":\"30\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"CommonSecurityLog\\n| extend p1Array = split(AdditionalExtensions,\\\";\\\")\\n| mv-expand bagexpansion=array p1Array\\n| evaluate bag_unpack(p1Array)\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\n| evaluate pivot(Name, any(Value), TimeGenerated, TenantId, DeviceVendor, DeviceProduct, DeviceVersion, DeviceEventClassID, Activity, LogSeverity, OriginalLogSeverity, DeviceAction)\\n| parse DistinguishedName with * \\\"CN\\\\\\\\=\\\" cnName \\\",\\\" *\\n| parse DistinguishedName with * \\\"DC\\\\\\\\=\\\" dcName \\\",\\\" *\\n| where ClassName == 'group'\\n| project AttributeModificationType,cnName,OriginatingTime,replace_string(OriginatingUsers,\\\"\\\\\\\\\\\\\\\\\\\",\\\"\\\\\\\\\\\"),StringValueFrom,StringValueTo\\n\",\"size\":0,\"title\":\"Builtin Group Changes\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"gridSettings\":{\"formatters\":[{\"columnMatch\":\"Column1\",\"formatter\":1,\"formatOptions\":{\"workbookContext\":{\"componentIdSource\":\"workbook\",\"resourceIdsSource\":\"workbook\",\"typeSource\":\"workbook\",\"gallerySource\":\"workbook\",\"locationSource\":\"default\",\"passSpecificParams\":true,\"templateParameters\":[{\"name\":\"cName\",\"source\":\"column\",\"value\":\"cnName\"}]}}}],\"rowLimit\":10000,\"labelSettings\":[{\"columnId\":\"AttributeModificationType\",\"label\":\"Attribute Modification Type\"},{\"columnId\":\"cnName\",\"label\":\"Object Changed\"},{\"columnId\":\"OriginatingTime\",\"label\":\"Originating Time\"},{\"columnId\":\"StringValueFrom\",\"label\":\"Value From\"},{\"columnId\":\"StringValueTo\",\"label\":\"Value To\"}]}},\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"SecurityEvent\\n| where EventSourceName == 'Semperis-DSP-Notifications' \\n| extend p1Xml = parse_xml(EventData).EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\\n| extend result=column_ifexists(tostring('result'), ''), numberOfResults=column_ifexists(tostring('numberOfResults'), ''), securityIndicatorName=column_ifexists(tostring('securityIndicatorName'), '')\\n| extend isProblem = iif(result == \\\"Failed\\\", true, false)\\n| where isnotnull(numberOfResults) and isProblem == true\\n| order by tostring(securityIndicatorName)\\n| summarize Count=count() by tostring(securityIndicatorName)\\n| top 5 by Count\\n\\n\",\"size\":1,\"title\":\"Top 5 Failed Security Indicators\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"gridSettings\":{\"rowLimit\":10000},\"chartSettings\":{\"yAxis\":[\"Count\"],\"showLegend\":true}},\"customWidth\":\"50\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"SecurityEvent\\n| where EventSourceName == 'Semperis-DSP-Notifications' \\n| extend p1Xml = parse_xml(EventData).EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\\n| extend result=column_ifexists(tostring('result'), ''), numberOfResults=column_ifexists(tostring('numberOfResults'), ''), securityIndicatorName=column_ifexists(tostring('securityIndicatorName'), '')\\n| extend isProblem = iif(result == \\\"Failed\\\", true, false)\\n| where isnotnull(numberOfResults) and isProblem == true\\n| order by tostring(securityIndicatorName)\\n| summarize Count=count() by tostring(securityIndicatorName)\\n| top 5 by Count\\n\\n\",\"size\":1,\"title\":\"Top 5 Failed Security Indicators\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"gridSettings\":{\"rowLimit\":10000},\"chartSettings\":{\"yAxis\":[\"Count\"],\"showLegend\":true}},\"customWidth\":\"50\",\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"SecurityEvent\\n| where EventSourceName == 'Semperis-DSP-Notifications' \\n| extend p1Xml = parse_xml(EventData).EventData.Data\\n| mv-expand bagexpansion=array p1Xml\\n| evaluate bag_unpack(p1Xml)\\n| extend Name=column_ifexists(tostring('@Name'), ''), Value=column_ifexists('#text', '')\\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\\n| extend result=column_ifexists(tostring('result'), ''), numberOfResults=column_ifexists(tostring('numberOfResults'), ''), securityFrameworkTags=column_ifexists(tostring('securityFrameworkTags'), '')\\n| extend isProblem = iif(result == \\\"Failed\\\", true, false)\\n| where isnotnull(numberOfResults) and isProblem == true\\n| summarize Count=count() by tostring(securityFrameworkTags)\\n\\n\",\"size\":0,\"title\":\"Amount of Generated Events per Category\",\"timeContext\":{\"durationMs\":14400000},\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"categoricalbar\",\"gridSettings\":{\"rowLimit\":10000},\"chartSettings\":{\"yAxis\":[\"Count\"],\"showLegend\":true}},\"name\":\"query - 2\"}],\"styleSettings\":{\"paddingStyle\":\"wide\",\"spacingStyle\":\"wide\"},\"fromTemplateId\":\"sentinel-SemperisDSPQuickviewDashboard\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", "version": "1.0", "sourceId": "[variables('workspaceResourceId')]", "category": "sentinel" @@ -419,37 +403,30 @@ } } ] - } + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('_workbookContentId3')]", + "contentKind": "Workbook", + "displayName": "[parameters('workbook3-name')]", + "contentProductId": "[variables('_workbookcontentProductId3')]", + "id": "[variables('_workbookcontentProductId3')]", + "version": "[variables('workbookVersion3')]" } }, { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", "name": "[variables('workbookTemplateSpecName4')]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Workbook" - }, - "properties": { - "description": "Semperis Directory Services Protector Workbook with template", - "displayName": "Semperis Directory Services Protector workbook template" - } - }, - { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('workbookTemplateSpecName4'),'/',variables('workbookVersion4'))]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Workbook" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('workbookTemplateSpecName4'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "SemperisDSPSecurityIndicatorsWorkbook Workbook with template version 2.0.5", + "description": "SemperisDSPSecurityIndicators Workbook with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('workbookVersion4')]", @@ -467,7 +444,7 @@ }, "properties": { "displayName": "[parameters('workbook4-name')]", - "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"# Semperis Directory Services Protector\\r\\n\\r\\n**Semperis Directory Services Protector** (DSP) provides valuable insight into your Active Directory security posture. It queries your Active Directory environment and performs a set of tests against many aspects of Active Directory's security posture, including AD Delegation, Account security, AD Infrastructure security, Group Policy security, and Kerberos security.\\r\\n\\r\\nEach security indicator is mapped to MITRE ATT&CK® framework categories, explains what was evaluated, and indicates how likely an exposure will compromise Active Directory. \\r\\n\\r\\nEach IoE found highlights weak Active Directory configurations and provides actionable guidance on how to close gaps before they are exploited by attackers. Using this workbook, you can determine how you are doing from a security perspective, compared to best practice environments.\\r\\n\\r\\nIn case of security regressions, Semperis Directory Services Protector will trigger alerts through Microsoft Sentinel.\"},\"name\":\"text - 2\"},{\"type\":1,\"content\":{\"json\":\"# Security Indicators mapped to MITRE ATT&CK® Framework Categories:\"},\"name\":\"text - 5\"},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"83787f1b-6573-47c6-8def-36bceb9a8afe\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"label\":\"Time Range\",\"type\":4,\"description\":\" Specify the time range on which to query the data\",\"isRequired\":true,\"value\":{\"durationMs\":604800000},\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000},{\"durationMs\":5184000000},{\"durationMs\":7776000000}]},\"timeContext\":{\"durationMs\":86400000}},{\"id\":\"d46aac4d-bcb8-4dbf-a331-3a3538226bc3\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"MitreFramework\",\"label\":\"MITRE ATT&CK Framework\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"dsp_parser\\r\\n| where isnotempty(SecurityFrameworkTags)\\r\\n| mv-expand bagexpansion=array parse_csv(SecurityFrameworkTagsCsv) to typeof(string)\\r\\n| summarize Count = count() by SecurityFrameworkTagsCsv\\r\\n| order by Count desc, SecurityFrameworkTagsCsv asc\\r\\n| project Value = SecurityFrameworkTagsCsv, Label = strcat(SecurityFrameworkTagsCsv)\",\"typeSettings\":{\"additionalResourceOptions\":[\"value::all\"],\"selectAllValue\":\"\",\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"defaultValue\":\"value::all\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},{\"id\":\"cf84c455-c1b9-4785-a592-54834be54097\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Status\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"dsp_parser\\r\\n| where isnotempty(Result)\\r\\n| summarize Count = count() by tostring(Result)\\r\\n| order by Count desc, Result asc\\r\\n| project Value = Result, Label = strcat(Result)\",\"value\":[\"value::all\"],\"typeSettings\":{\"additionalResourceOptions\":[\"value::all\"],\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"}],\"style\":\"pills\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 3\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| mv-expand bagexpansion=array SecurityFrameworkTagList to typeof(string)\\r\\n| where SecurityFrameworkTagList in ({MitreFramework})\\r\\n| summarize event_count=count() by SecurityFrameworkTagList\\r\\n\",\"size\":0,\"title\":\"Amount of Generated Events per Category\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\",\"graphSettings\":{\"type\":0,\"topContent\":{\"columnMatch\":\"securityFrameworkTags\",\"formatter\":1},\"centerContent\":{\"columnMatch\":\"event_count\",\"formatter\":1,\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"event_count\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"event_count\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"event_count\",\"heatmapPalette\":\"greenRed\"}}},\"name\":\"query - 5\",\"styleSettings\":{\"showBorder\":true}},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| extend MitreFramework = pack_array({MitreFramework})\\r\\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\\r\\n| extend FilterIntersectionCount = array_length(FilterIntersection)\\r\\n| where FilterIntersectionCount > 0\\r\\n| summarize Requests = count() by tostring(SecurityIndicatorName)\\r\\n| order by Requests\\r\\n\",\"size\":3,\"title\":\"Breakdown by Indicators of Exposure (IoEs)\",\"noDataMessageStyle\":4,\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"SecurityIndicatorName\",\"formatter\":1},\"subtitleContent\":{\"columnMatch\":\"Requests\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"}},\"showBorder\":false,\"size\":\"auto\"},\"chartSettings\":{\"group\":\"securityIndicatorName\",\"createOtherGroup\":10,\"showMetrics\":false},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"Requests\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"Requests\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"Requests\",\"heatmapPalette\":\"greenRed\"}}},\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| extend MitreFramework = pack_array({MitreFramework})\\r\\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\\r\\n| extend FilterIntersectionCount = array_length(FilterIntersection)\\r\\n| where FilterIntersectionCount > 0\\r\\n| summarize Count = count() by tostring(SecurityFrameworkTags), tostring(SecurityIndicatorName), tostring(SecurityIndicatorDescription), tostring(LikelihoodOfCompromise), tostring(Remediation), tostring(Result), tostring(FirstFound), tostring(Score)\\r\\n| order by Count\\r\\n\",\"size\":0,\"title\":\"Indicators of Exposure (IoEs) Details:\",\"timeContextFromParameter\":\"TimeRange\",\"showExportToExcel\":true,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"sortBy\":[{\"itemKey\":\"SecurityFrameworkTags\",\"sortOrder\":1}],\"labelSettings\":[{\"columnId\":\"SecurityFrameworkTags\",\"label\":\"MITRE ATT&CK Framework\"},{\"columnId\":\"SecurityIndicatorName\",\"label\":\"Indicator of Exposure\"},{\"columnId\":\"SecurityIndicatorDescription\",\"label\":\"Description\"},{\"columnId\":\"LikelihoodOfCompromise\",\"label\":\"Likelihood of Compromise\"},{\"columnId\":\"FirstFound\",\"label\":\"First Time Found\"}]},\"sortBy\":[{\"itemKey\":\"SecurityFrameworkTags\",\"sortOrder\":1}],\"tileSettings\":{\"showBorder\":false,\"titleContent\":{\"columnMatch\":\"securityIndicatorName\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}}},\"name\":\"query - 1\",\"styleSettings\":{\"showBorder\":true}}]},\"name\":\"group - 6\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| extend MitreFramework = pack_array({MitreFramework})\\r\\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\\r\\n| extend FilterIntersectionCount = array_length(FilterIntersection)\\r\\n| where FilterIntersectionCount > 0\\r\\n| summarize Count = count() by tostring(SecurityIndicatorName)\\r\\n| top 10 by Count desc\",\"size\":3,\"title\":\"Top 10 Indicators of Exposure (IoEs)\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"chartSettings\":{\"group\":\"SecurityIndicatorName\",\"createOtherGroup\":10,\"showMetrics\":false,\"showLegend\":true,\"ySettings\":{\"numberFormatSettings\":{\"unit\":0,\"options\":{\"style\":\"decimal\",\"useGrouping\":false}}}}},\"customWidth\":\"40\",\"name\":\"query - 4\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| extend MitreFramework = pack_array({MitreFramework})\\r\\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\\r\\n| extend FilterIntersectionCount = array_length(FilterIntersection)\\r\\n| where FilterIntersectionCount > 0\\r\\n| summarize Count = count() by tostring(SecurityFrameworkTags), tostring(SecurityIndicatorName), tostring(FirstFound), tostring(Remediation)\\r\\n| top 10 by Count desc\\r\\n| project-away Count\",\"size\":0,\"title\":\"Top 10 Indicators of Exposure (IoEs) Details:\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\"},\"customWidth\":\"60\",\"name\":\"query - 1\",\"styleSettings\":{\"showBorder\":true}}]},\"name\":\"group - 5\",\"styleSettings\":{\"showBorder\":true}}],\"fromTemplateId\":\"sentinel-SemperisDSPSecurityIndicators\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", + "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":{\"json\":\"# Semperis Directory Services Protector\\r\\n\\r\\n**Semperis Directory Services Protector** (DSP) provides valuable insight into your Active Directory security posture. It queries your Active Directory environment and performs a set of tests against many aspects of Active Directory's security posture, including AD Delegation, Account security, AD Infrastructure security, Group Policy security, and Kerberos security.\\r\\n\\r\\nEach security indicator is mapped to MITRE ATT&CK® framework categories, explains what was evaluated, and indicates how likely an exposure will compromise Active Directory. \\r\\n\\r\\nEach IoE found highlights weak Active Directory configurations and provides actionable guidance on how to close gaps before they are exploited by attackers. Using this workbook, you can determine how you are doing from a security perspective, compared to best practice environments.\\r\\n\\r\\nIn case of security regressions, Semperis Directory Services Protector will trigger alerts through Microsoft Sentinel.\"},\"name\":\"text - 2\"},{\"type\":1,\"content\":{\"json\":\"# Security Indicators mapped to MITRE ATT&CK® Framework Categories:\"},\"name\":\"text - 5\"},{\"type\":9,\"content\":{\"version\":\"KqlParameterItem/1.0\",\"parameters\":[{\"id\":\"83787f1b-6573-47c6-8def-36bceb9a8afe\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"TimeRange\",\"label\":\"Time Range\",\"type\":4,\"description\":\" Specify the time range on which to query the data\",\"isRequired\":true,\"value\":{\"durationMs\":1209600000},\"typeSettings\":{\"selectableValues\":[{\"durationMs\":300000},{\"durationMs\":900000},{\"durationMs\":1800000},{\"durationMs\":3600000},{\"durationMs\":14400000},{\"durationMs\":43200000},{\"durationMs\":86400000},{\"durationMs\":172800000},{\"durationMs\":259200000},{\"durationMs\":604800000},{\"durationMs\":1209600000},{\"durationMs\":2419200000},{\"durationMs\":2592000000},{\"durationMs\":5184000000},{\"durationMs\":7776000000}]},\"timeContext\":{\"durationMs\":86400000}},{\"id\":\"d46aac4d-bcb8-4dbf-a331-3a3538226bc3\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"MitreFramework\",\"label\":\"MITRE ATT&CK Framework\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"dsp_parser\\r\\n| where isnotempty(SecurityFrameworkTags)\\r\\n| mv-expand bagexpansion=array parse_csv(SecurityFrameworkTagsCsv) to typeof(string)\\r\\n| summarize Count = count() by SecurityFrameworkTagsCsv\\r\\n| order by Count desc, SecurityFrameworkTagsCsv asc\\r\\n| project Value = SecurityFrameworkTagsCsv, Label = strcat(SecurityFrameworkTagsCsv)\",\"typeSettings\":{\"additionalResourceOptions\":[\"value::all\"],\"selectAllValue\":\"\",\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"defaultValue\":\"value::all\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"value\":[\"value::all\"]},{\"id\":\"cf84c455-c1b9-4785-a592-54834be54097\",\"version\":\"KqlParameterItem/1.0\",\"name\":\"Status\",\"type\":2,\"isRequired\":true,\"multiSelect\":true,\"quote\":\"'\",\"delimiter\":\",\",\"query\":\"dsp_parser\\r\\n| where isnotempty(Result)\\r\\n| summarize Count = count() by tostring(Result)\\r\\n| order by Count desc, Result asc\\r\\n| project Value = Result, Label = strcat(Result)\",\"value\":[\"value::all\"],\"typeSettings\":{\"additionalResourceOptions\":[\"value::all\"],\"showDefault\":false},\"timeContext\":{\"durationMs\":0},\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"}],\"style\":\"pills\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\"},\"name\":\"parameters - 3\"},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser_new\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| extend MitreFramework = pack_array({MitreFramework})\\r\\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\\r\\n| extend FilterIntersectionCount = array_length(FilterIntersection)\\r\\n| where FilterIntersectionCount > 0\\r\\n| union (CommonSecurityLog \\r\\n| extend p1Array = split(AdditionalExtensions,\\\"|\\\")\\r\\n| mv-expand bagexpansion=array p1Array\\r\\n| evaluate bag_unpack(p1Array)\\r\\n| extend Name=tostring(split(p1Array,\\\"=\\\")[0]),Value=substring(p1Array,indexof(p1Array,\\\"=\\\")+1)\\r\\n| evaluate pivot(Name, any(Value), Activity, LogSeverity)\\r\\n| extend Activity = column_ifexists('Activity', '')\\r\\n| extend SecurityIndicatorName = Activity\\r\\n| extend LogSeverity = column_ifexists('LogSeverity', '')\\r\\n| extend Severity = LogSeverity\\r\\n| extend Score = \\\"0 F\\\"\\r\\n| extend Result = \\\"\\\"\\r\\n| extend Timestamp = column_ifexists('Timestamp', '')\\r\\n| extend FirstFound = Timestamp\\r\\n| extend SecurityFrameworkTags = column_ifexists('SecurityFrameworkTags', ''))\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| summarize Count = count() by tostring(SecurityIndicatorName), tostring(Severity), tostring(Score), tostring(FirstFound), tostring(Result), tostring(SecurityFrameworkTags)\\r\\n| order by Count\\r\\n\",\"size\":0,\"title\":\"Indicators of Exposure (IoEs) Details:\",\"timeContextFromParameter\":\"TimeRange\",\"showExportToExcel\":true,\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\",\"gridSettings\":{\"sortBy\":[{\"itemKey\":\"Severity\",\"sortOrder\":1}],\"labelSettings\":[{\"columnId\":\"FirstFound\",\"label\":\"Latest alert\"},{\"columnId\":\"SecurityFrameworkTags\",\"label\":\"Security framework tags\"}]},\"sortBy\":[{\"itemKey\":\"Severity\",\"sortOrder\":1}],\"tileSettings\":{\"showBorder\":false,\"titleContent\":{\"columnMatch\":\"securityIndicatorName\",\"formatter\":1},\"leftContent\":{\"columnMatch\":\"Count\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"},\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}}},\"name\":\"query - 1\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser_new\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| extend MitreFramework = pack_array({MitreFramework})\\r\\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\\r\\n| extend FilterIntersectionCount = array_length(FilterIntersection)\\r\\n| where FilterIntersectionCount > 0\\r\\n| summarize Requests = count() by tostring(SecurityIndicatorName)\\r\\n| order by Requests\\r\\n\",\"size\":3,\"title\":\"Breakdown by Indicators of Exposure (IoEs)\",\"noDataMessageStyle\":4,\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"tiles\",\"tileSettings\":{\"titleContent\":{\"columnMatch\":\"SecurityIndicatorName\",\"formatter\":1},\"subtitleContent\":{\"columnMatch\":\"Requests\",\"formatter\":12,\"formatOptions\":{\"palette\":\"auto\"}},\"showBorder\":false,\"size\":\"auto\"},\"chartSettings\":{\"group\":\"securityIndicatorName\",\"createOtherGroup\":10,\"showMetrics\":false},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"Requests\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"Requests\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"Requests\",\"heatmapPalette\":\"greenRed\"}}},\"name\":\"query - 2\",\"styleSettings\":{\"showBorder\":true}}]},\"name\":\"group - 6\"},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser_new\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| mv-expand bagexpansion=array SecurityFrameworkTagList to typeof(string)\\r\\n| where SecurityFrameworkTagList in ({MitreFramework})\\r\\n| summarize event_count=count() by SecurityFrameworkTagList\\r\\n\",\"size\":0,\"title\":\"Amount of Generated Events per Category\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"barchart\",\"graphSettings\":{\"type\":0,\"topContent\":{\"columnMatch\":\"securityFrameworkTags\",\"formatter\":1},\"centerContent\":{\"columnMatch\":\"event_count\",\"formatter\":1,\"numberFormat\":{\"unit\":17,\"options\":{\"maximumSignificantDigits\":3,\"maximumFractionDigits\":2}}}},\"mapSettings\":{\"locInfo\":\"LatLong\",\"sizeSettings\":\"event_count\",\"sizeAggregation\":\"Sum\",\"legendMetric\":\"event_count\",\"legendAggregation\":\"Sum\",\"itemColorSettings\":{\"type\":\"heatmap\",\"colorAggregation\":\"Sum\",\"nodeColorField\":\"event_count\",\"heatmapPalette\":\"greenRed\"}}},\"name\":\"query - 5\",\"styleSettings\":{\"showBorder\":true}},{\"type\":12,\"content\":{\"version\":\"NotebookGroup/1.0\",\"groupType\":\"editable\",\"items\":[{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser_new\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| extend MitreFramework = pack_array({MitreFramework})\\r\\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\\r\\n| extend FilterIntersectionCount = array_length(FilterIntersection)\\r\\n| where FilterIntersectionCount > 0\\r\\n| summarize Count = count() by tostring(SecurityIndicatorName)\\r\\n| top 10 by Count desc\",\"size\":3,\"title\":\"Top 10 Indicators of Exposure (IoEs)\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"piechart\",\"chartSettings\":{\"group\":\"SecurityIndicatorName\",\"createOtherGroup\":10,\"showMetrics\":false,\"showLegend\":true,\"ySettings\":{\"numberFormatSettings\":{\"unit\":0,\"options\":{\"style\":\"decimal\",\"useGrouping\":false}}}}},\"customWidth\":\"40\",\"name\":\"query - 4\",\"styleSettings\":{\"showBorder\":true}},{\"type\":3,\"content\":{\"version\":\"KqlItem/1.0\",\"query\":\"dsp_parser_new\\r\\n| where isnotempty(SecurityFrameworkTags) \\r\\n| where Result in ({Status})\\r\\n| extend SecurityFrameworkTagList = parse_csv(SecurityFrameworkTagsCsv)\\r\\n| extend MitreFramework = pack_array({MitreFramework})\\r\\n| extend FilterIntersection = set_intersect(SecurityFrameworkTagList, MitreFramework)\\r\\n| extend FilterIntersectionCount = array_length(FilterIntersection)\\r\\n| where FilterIntersectionCount > 0\\r\\n| summarize Count = count() by tostring(SecurityFrameworkTags), tostring(SecurityIndicatorName), tostring(Remediation)\\r\\n| top 10 by Count desc\\r\\n| project-away Count\",\"size\":0,\"title\":\"Top 10 Indicators of Exposure (IoEs) Details:\",\"timeContextFromParameter\":\"TimeRange\",\"queryType\":0,\"resourceType\":\"microsoft.operationalinsights/workspaces\",\"visualization\":\"table\"},\"customWidth\":\"60\",\"name\":\"query - 1\",\"styleSettings\":{\"showBorder\":true}}]},\"name\":\"group - 5\",\"styleSettings\":{\"showBorder\":true}}],\"fromTemplateId\":\"sentinel-SemperisDSPSecurityIndicators\",\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", "version": "1.0", "sourceId": "[variables('workspaceResourceId')]", "category": "sentinel" @@ -500,7 +477,7 @@ "operator": "AND", "criteria": [ { - "contentId": "Event", + "contentId": "dsp_parser", "kind": "DataType" }, { @@ -512,181 +489,47 @@ } } ] - } - } - }, - { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", - "name": "[variables('parserTemplateSpecName1')]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Parser" - }, - "properties": { - "description": "dsp_parser Data Parser with template", - "displayName": "dsp_parser Data Parser template" - } - }, - { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('parserTemplateSpecName1'),'/',variables('parserVersion1'))]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "Parser" - }, - "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('parserTemplateSpecName1'))]" - ], - "properties": { - "description": "dsp_parser Data Parser with template version 2.0.5", - "mainTemplate": { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('parserVersion1')]", - "parameters": {}, - "variables": {}, - "resources": [ - { - "name": "[variables('_parserName1')]", - "apiVersion": "2020-08-01", - "type": "Microsoft.OperationalInsights/workspaces/savedSearches", - "location": "[parameters('workspace-location')]", - "properties": { - "eTag": "*", - "displayName": "dsp_parser", - "category": "Samples", - "functionAlias": "dsp_parser", - "query": "\nEvent\r\n| where Source == \"Semperis-DSP-Security\"\r\n| where EventID in (\"9211\",\"9212\",\"9208\")\r\n| parse EventData with \r\n '' DSPData ''\r\n| parse DSPData with \r\n *\r\n '' FirstFound ''\r\n * \r\n| parse DSPData with \r\n '' GenerationTime ''\r\n '' SecurityIndicatorName ''\r\n\t'' Result '' \r\n *\r\n\t'' Score ''\r\n\t'' ForestName ''\r\n\t'' Domains ''\r\n\t'' Severity ''\r\n\t'' Weight ''\r\n\t'' SecurityFrameworkTags ''\r\n\t'' SecurityIndicatorDescription ''\r\n\t'' LikelihoodOfCompromise ''\r\n\t'' ResultMessage ''\r\n\t'' NumberOfResults ''\r\n\t'' Remediation ''\r\n\t'' Schedule ''\r\n * \r\n| extend SecurityFrameworkTagsCsv = replace(@' Mitre:', @'', tostring(SecurityFrameworkTags))\r\n| extend SecurityFrameworkTagsCsv = replace(@'Mitre:', @'', tostring(SecurityFrameworkTagsCsv))\r\n| extend SecurityFrameworkTags = replace(@'Mitre:', @'', tostring(SecurityFrameworkTags))\r\n", - "version": 1, - "tags": [ - { - "name": "description", - "value": "dsp_parser" - } - ] - } - }, - { - "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", - "apiVersion": "2022-01-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Parser-', last(split(variables('_parserId1'),'/'))))]", - "dependsOn": [ - "[variables('_parserName1')]" - ], - "properties": { - "parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), variables('parserName1'))]", - "contentId": "[variables('_parserContentId1')]", - "kind": "Parser", - "version": "[variables('parserVersion1')]", - "source": { - "name": "Semperis Directory Services Protector", - "kind": "Solution", - "sourceId": "[variables('_solutionId')]" - }, - "author": { - "name": "Semperis" - }, - "support": { - "name": "Semperis", - "tier": "Partner", - "link": "https://www.semperis.com/contact-us/" - } - } - } - ] - } - } - }, - { - "type": "Microsoft.OperationalInsights/workspaces/savedSearches", - "apiVersion": "2021-06-01", - "name": "[variables('_parserName1')]", - "location": "[parameters('workspace-location')]", - "properties": { - "eTag": "*", - "displayName": "dsp_parser", - "category": "Samples", - "functionAlias": "dsp_parser", - "query": "\nEvent\r\n| where Source == \"Semperis-DSP-Security\"\r\n| where EventID in (\"9211\",\"9212\",\"9208\")\r\n| parse EventData with \r\n '' DSPData ''\r\n| parse DSPData with \r\n *\r\n '' FirstFound ''\r\n * \r\n| parse DSPData with \r\n '' GenerationTime ''\r\n '' SecurityIndicatorName ''\r\n\t'' Result '' \r\n *\r\n\t'' Score ''\r\n\t'' ForestName ''\r\n\t'' Domains ''\r\n\t'' Severity ''\r\n\t'' Weight ''\r\n\t'' SecurityFrameworkTags ''\r\n\t'' SecurityIndicatorDescription ''\r\n\t'' LikelihoodOfCompromise ''\r\n\t'' ResultMessage ''\r\n\t'' NumberOfResults ''\r\n\t'' Remediation ''\r\n\t'' Schedule ''\r\n * \r\n| extend SecurityFrameworkTagsCsv = replace(@' Mitre:', @'', tostring(SecurityFrameworkTags))\r\n| extend SecurityFrameworkTagsCsv = replace(@'Mitre:', @'', tostring(SecurityFrameworkTagsCsv))\r\n| extend SecurityFrameworkTags = replace(@'Mitre:', @'', tostring(SecurityFrameworkTags))\r\n", - "version": 1 - } - }, - { - "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", - "apiVersion": "2022-01-01-preview", - "location": "[parameters('workspace-location')]", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Parser-', last(split(variables('_parserId1'),'/'))))]", - "dependsOn": [ - "[variables('_parserId1')]" - ], - "properties": { - "parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), variables('parserName1'))]", - "contentId": "[variables('_parserContentId1')]", - "kind": "Parser", - "version": "[variables('parserVersion1')]", - "source": { - "kind": "Solution", - "name": "Semperis Directory Services Protector", - "sourceId": "[variables('_solutionId')]" - }, - "author": { - "name": "Semperis" }, - "support": { - "name": "Semperis", - "tier": "Partner", - "link": "https://www.semperis.com/contact-us/" - } - } - }, - { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", - "name": "[variables('analyticRuleTemplateSpecName1')]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, - "properties": { - "description": "Semperis Directory Services Protector Analytics Rule 1 with template", - "displayName": "Semperis Directory Services Protector Analytics Rule template" + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('_workbookContentId4')]", + "contentKind": "Workbook", + "displayName": "[parameters('workbook4-name')]", + "contentProductId": "[variables('_workbookcontentProductId4')]", + "id": "[variables('_workbookcontentProductId4')]", + "version": "[variables('workbookVersion4')]" } }, { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('analyticRuleTemplateSpecName1'),'/',variables('analyticRuleVersion1'))]", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('analyticRuleObject1').analyticRuleTemplateSpecName1]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('analyticRuleTemplateSpecName1'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "SemperisDSP_EvidenceOfMimikatzDCShadowAttack_AnalyticalRules Analytics Rule with template version 2.0.5", + "description": "SemperisDSP_EvidenceOfMimikatzDCShadowAttack_AnalyticalRules Analytics Rule with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('analyticRuleVersion1')]", + "contentVersion": "[variables('analyticRuleObject1').analyticRuleVersion1]", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.SecurityInsights/AlertRuleTemplates", - "name": "[variables('AnalyticRulecontentId1')]", - "apiVersion": "2022-04-01-preview", + "name": "[variables('analyticRuleObject1')._analyticRulecontentId1]", + "apiVersion": "2023-02-01-preview", "kind": "Scheduled", "location": "[parameters('workspace-location')]", "properties": { "description": "Mimikatz's DCShadow switch allows a user who has compromised an AD domain, to inject arbitrary changes into AD using a \"fake\" domain controller. These changes bypass the security event log and can't be spotted using normal AD tools. This rule looks for evidence that a machine has been used in this capacity.", "displayName": "Semperis DSP Mimikatz's DCShadow Alert", "enabled": false, - "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Evidence of Mimikatz DCShadow attack\"\n", + "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Evidence of Mimikatz DCShadow attack\"\n| extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.'))\n", "queryFrequency": "PT1H", "queryPeriod": "PT1H", "severity": "High", @@ -708,19 +551,34 @@ ], "techniques": [ "T1207" + ], + "entityMappings": [ + { + "fieldMappings": [ + { + "columnName": "HostName", + "identifier": "HostName" + }, + { + "columnName": "DnsDomain", + "identifier": "DnsDomain" + } + ], + "entityType": "Host" + } ] } }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", "apiVersion": "2022-01-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleId1'),'/'))))]", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject1').analyticRuleId1,'/'))))]", "properties": { "description": "Semperis Directory Services Protector Analytics Rule 1", - "parentId": "[variables('analyticRuleId1')]", - "contentId": "[variables('_analyticRulecontentId1')]", + "parentId": "[variables('analyticRuleObject1').analyticRuleId1]", + "contentId": "[variables('analyticRuleObject1')._analyticRulecontentId1]", "kind": "AnalyticsRule", - "version": "[variables('analyticRuleVersion1')]", + "version": "[variables('analyticRuleObject1').analyticRuleVersion1]", "source": { "kind": "Solution", "name": "Semperis Directory Services Protector", @@ -737,54 +595,47 @@ } } ] - } - } - }, - { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", - "name": "[variables('analyticRuleTemplateSpecName2')]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, - "properties": { - "description": "Semperis Directory Services Protector Analytics Rule 2 with template", - "displayName": "Semperis Directory Services Protector Analytics Rule template" + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('analyticRuleObject1')._analyticRulecontentId1]", + "contentKind": "AnalyticsRule", + "displayName": "Semperis DSP Mimikatz's DCShadow Alert", + "contentProductId": "[variables('analyticRuleObject1')._analyticRulecontentProductId1]", + "id": "[variables('analyticRuleObject1')._analyticRulecontentProductId1]", + "version": "[variables('analyticRuleObject1').analyticRuleVersion1]" } }, { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('analyticRuleTemplateSpecName2'),'/',variables('analyticRuleVersion2'))]", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('analyticRuleObject2').analyticRuleTemplateSpecName2]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('analyticRuleTemplateSpecName2'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "SemperisDSP_KerberoskrbtgtAccount_AnalyticalRules Analytics Rule with template version 2.0.5", + "description": "SemperisDSP_KerberoskrbtgtAccount_AnalyticalRules Analytics Rule with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('analyticRuleVersion2')]", + "contentVersion": "[variables('analyticRuleObject2').analyticRuleVersion2]", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.SecurityInsights/AlertRuleTemplates", - "name": "[variables('AnalyticRulecontentId2')]", - "apiVersion": "2022-04-01-preview", + "name": "[variables('analyticRuleObject2')._analyticRulecontentId2]", + "apiVersion": "2023-02-01-preview", "kind": "Scheduled", "location": "[parameters('workspace-location')]", "properties": { "description": "The krbtgt user account is a special (disabled) user account in every Active Directory domain that has a special role in Kerberos function. If this account's password is compromised, Golden Ticket attacks can be performed to get access to any resource in the AD domain. This indicator looks for a krbtgt user account whose password hasn't been changed in the past 180 days. While Microsoft recommends changing the password every year, STIG recommends changing it every 180 days.", "displayName": "Semperis DSP Kerberos krbtgt account with old password", "enabled": false, - "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Kerberos krbtgt account with old password\"\n", + "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Kerberos krbtgt account with old password\"\n| extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.'))\n", "queryFrequency": "PT1H", "queryPeriod": "PT1H", "severity": "Medium", @@ -803,19 +654,40 @@ ], "tactics": [ "CredentialAccess" + ], + "subTechniques": [ + "T1558.001" + ], + "techniques": [ + "T1558" + ], + "entityMappings": [ + { + "fieldMappings": [ + { + "columnName": "HostName", + "identifier": "HostName" + }, + { + "columnName": "DnsDomain", + "identifier": "DnsDomain" + } + ], + "entityType": "Host" + } ] } }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", "apiVersion": "2022-01-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleId2'),'/'))))]", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject2').analyticRuleId2,'/'))))]", "properties": { "description": "Semperis Directory Services Protector Analytics Rule 2", - "parentId": "[variables('analyticRuleId2')]", - "contentId": "[variables('_analyticRulecontentId2')]", + "parentId": "[variables('analyticRuleObject2').analyticRuleId2]", + "contentId": "[variables('analyticRuleObject2')._analyticRulecontentId2]", "kind": "AnalyticsRule", - "version": "[variables('analyticRuleVersion2')]", + "version": "[variables('analyticRuleObject2').analyticRuleVersion2]", "source": { "kind": "Solution", "name": "Semperis Directory Services Protector", @@ -832,54 +704,47 @@ } } ] - } - } - }, - { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", - "name": "[variables('analyticRuleTemplateSpecName3')]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, - "properties": { - "description": "Semperis Directory Services Protector Analytics Rule 3 with template", - "displayName": "Semperis Directory Services Protector Analytics Rule template" + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('analyticRuleObject2')._analyticRulecontentId2]", + "contentKind": "AnalyticsRule", + "displayName": "Semperis DSP Kerberos krbtgt account with old password", + "contentProductId": "[variables('analyticRuleObject2')._analyticRulecontentProductId2]", + "id": "[variables('analyticRuleObject2')._analyticRulecontentProductId2]", + "version": "[variables('analyticRuleObject2').analyticRuleVersion2]" } }, { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('analyticRuleTemplateSpecName3'),'/',variables('analyticRuleVersion3'))]", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('analyticRuleObject3').analyticRuleTemplateSpecName3]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('analyticRuleTemplateSpecName3'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "SemperisDSP_RecentsIDHistoryChangesOnADObjects_AnalyticalRules Analytics Rule with template version 2.0.5", + "description": "SemperisDSP_RecentsIDHistoryChangesOnADObjects_AnalyticalRules Analytics Rule with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('analyticRuleVersion3')]", + "contentVersion": "[variables('analyticRuleObject3').analyticRuleVersion3]", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.SecurityInsights/AlertRuleTemplates", - "name": "[variables('AnalyticRulecontentId3')]", - "apiVersion": "2022-04-01-preview", + "name": "[variables('analyticRuleObject3')._analyticRulecontentId3]", + "apiVersion": "2023-02-01-preview", "kind": "Scheduled", "location": "[parameters('workspace-location')]", "properties": { "description": "This indicator detects any recent changes to sIDHistory on AD objects, including changes to non-privileged accounts where privileged SIDs are added.", "displayName": "Semperis DSP Recent sIDHistory changes on AD objects", "enabled": false, - "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Recent sIDHistory changes on objects\"\n", + "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Recent sIDHistory changes on objects\"\n| extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.'))\n", "queryFrequency": "PT1H", "queryPeriod": "PT1H", "severity": "High", @@ -897,20 +762,39 @@ } ], "tactics": [ - "PrivilegeEscalation" + "PrivilegeEscalation", + "Persistence" + ], + "techniques": [ + "T1098" + ], + "entityMappings": [ + { + "fieldMappings": [ + { + "columnName": "HostName", + "identifier": "HostName" + }, + { + "columnName": "DnsDomain", + "identifier": "DnsDomain" + } + ], + "entityType": "Host" + } ] } }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", "apiVersion": "2022-01-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleId3'),'/'))))]", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject3').analyticRuleId3,'/'))))]", "properties": { "description": "Semperis Directory Services Protector Analytics Rule 3", - "parentId": "[variables('analyticRuleId3')]", - "contentId": "[variables('_analyticRulecontentId3')]", + "parentId": "[variables('analyticRuleObject3').analyticRuleId3]", + "contentId": "[variables('analyticRuleObject3')._analyticRulecontentId3]", "kind": "AnalyticsRule", - "version": "[variables('analyticRuleVersion3')]", + "version": "[variables('analyticRuleObject3').analyticRuleVersion3]", "source": { "kind": "Solution", "name": "Semperis Directory Services Protector", @@ -927,54 +811,47 @@ } } ] - } - } - }, - { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", - "name": "[variables('analyticRuleTemplateSpecName4')]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, - "properties": { - "description": "Semperis Directory Services Protector Analytics Rule 4 with template", - "displayName": "Semperis Directory Services Protector Analytics Rule template" + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('analyticRuleObject3')._analyticRulecontentId3]", + "contentKind": "AnalyticsRule", + "displayName": "Semperis DSP Recent sIDHistory changes on AD objects", + "contentProductId": "[variables('analyticRuleObject3')._analyticRulecontentProductId3]", + "id": "[variables('analyticRuleObject3')._analyticRulecontentProductId3]", + "version": "[variables('analyticRuleObject3').analyticRuleVersion3]" } }, { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('analyticRuleTemplateSpecName4'),'/',variables('analyticRuleVersion4'))]", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('analyticRuleObject4').analyticRuleTemplateSpecName4]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('analyticRuleTemplateSpecName4'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory_AnalyticalRules Analytics Rule with template version 2.0.5", + "description": "SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory_AnalyticalRules Analytics Rule with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('analyticRuleVersion4')]", + "contentVersion": "[variables('analyticRuleObject4').analyticRuleVersion4]", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.SecurityInsights/AlertRuleTemplates", - "name": "[variables('AnalyticRulecontentId4')]", - "apiVersion": "2022-04-01-preview", + "name": "[variables('analyticRuleObject4')._analyticRulecontentId4]", + "apiVersion": "2023-02-01-preview", "kind": "Scheduled", "location": "[parameters('workspace-location')]", "properties": { "description": "This indicator looks for security principals that contain specific SIDs of accounts from built-in privileged groups within their sIDHistory attribute. This would allow those security principals to have the same privileges as those privileged accounts, but in a way that is not obvious to monitor (e.g. through group membership).", "displayName": "Semperis DSP Well-known privileged SIDs in sIDHistory", "enabled": false, - "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Well-known privileged SIDs in sIDHistory\"\n", + "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Well-known privileged SIDs in sIDHistory\"\n| extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.'))\n", "queryFrequency": "PT1H", "queryPeriod": "PT1H", "severity": "Medium", @@ -997,19 +874,34 @@ ], "techniques": [ "T1134" + ], + "entityMappings": [ + { + "fieldMappings": [ + { + "columnName": "HostName", + "identifier": "HostName" + }, + { + "columnName": "DnsDomain", + "identifier": "DnsDomain" + } + ], + "entityType": "Host" + } ] } }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", "apiVersion": "2022-01-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleId4'),'/'))))]", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject4').analyticRuleId4,'/'))))]", "properties": { "description": "Semperis Directory Services Protector Analytics Rule 4", - "parentId": "[variables('analyticRuleId4')]", - "contentId": "[variables('_analyticRulecontentId4')]", + "parentId": "[variables('analyticRuleObject4').analyticRuleId4]", + "contentId": "[variables('analyticRuleObject4')._analyticRulecontentId4]", "kind": "AnalyticsRule", - "version": "[variables('analyticRuleVersion4')]", + "version": "[variables('analyticRuleObject4').analyticRuleVersion4]", "source": { "kind": "Solution", "name": "Semperis Directory Services Protector", @@ -1026,54 +918,47 @@ } } ] - } - } - }, - { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", - "name": "[variables('analyticRuleTemplateSpecName5')]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, - "properties": { - "description": "Semperis Directory Services Protector Analytics Rule 5 with template", - "displayName": "Semperis Directory Services Protector Analytics Rule template" + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('analyticRuleObject4')._analyticRulecontentId4]", + "contentKind": "AnalyticsRule", + "displayName": "Semperis DSP Well-known privileged SIDs in sIDHistory", + "contentProductId": "[variables('analyticRuleObject4')._analyticRulecontentProductId4]", + "id": "[variables('analyticRuleObject4')._analyticRulecontentProductId4]", + "version": "[variables('analyticRuleObject4').analyticRuleVersion4]" } }, { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('analyticRuleTemplateSpecName5'),'/',variables('analyticRuleVersion5'))]", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('analyticRuleObject5').analyticRuleTemplateSpecName5]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('analyticRuleTemplateSpecName5'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "SemperisDSP_ZerologonVulnerability_AnalyticalRules Analytics Rule with template version 2.0.5", + "description": "SemperisDSP_ZerologonVulnerability_AnalyticalRules Analytics Rule with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('analyticRuleVersion5')]", + "contentVersion": "[variables('analyticRuleObject5').analyticRuleVersion5]", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.SecurityInsights/AlertRuleTemplates", - "name": "[variables('AnalyticRulecontentId5')]", - "apiVersion": "2022-04-01-preview", + "name": "[variables('analyticRuleObject5')._analyticRulecontentId5]", + "apiVersion": "2023-02-01-preview", "kind": "Scheduled", "location": "[parameters('workspace-location')]", "properties": { "description": "This indicator looks for security vulnerability to CVE-2020-1472, which was patched by Microsoft in August 2020. Without this patch, an unauthenticated attacker can exploit CVE-2020-1472 to elevate their privileges and get administrative access on the domain.", "displayName": "Semperis DSP Zerologon vulnerability", "enabled": false, - "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Zerologon vulnerability\"\n", + "query": "dsp_parser\n| where EventID == 9212\n| where SecurityIndicatorName == \"Zerologon vulnerability\"\n| extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.'))\n", "queryFrequency": "PT1H", "queryPeriod": "PT1H", "severity": "Medium", @@ -1092,19 +977,37 @@ ], "tactics": [ "PrivilegeEscalation" + ], + "techniques": [ + "T1068" + ], + "entityMappings": [ + { + "fieldMappings": [ + { + "columnName": "HostName", + "identifier": "HostName" + }, + { + "columnName": "DnsDomain", + "identifier": "DnsDomain" + } + ], + "entityType": "Host" + } ] } }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", "apiVersion": "2022-01-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleId5'),'/'))))]", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject5').analyticRuleId5,'/'))))]", "properties": { "description": "Semperis Directory Services Protector Analytics Rule 5", - "parentId": "[variables('analyticRuleId5')]", - "contentId": "[variables('_analyticRulecontentId5')]", + "parentId": "[variables('analyticRuleObject5').analyticRuleId5]", + "contentId": "[variables('analyticRuleObject5')._analyticRulecontentId5]", "kind": "AnalyticsRule", - "version": "[variables('analyticRuleVersion5')]", + "version": "[variables('analyticRuleObject5').analyticRuleVersion5]", "source": { "kind": "Solution", "name": "Semperis Directory Services Protector", @@ -1121,54 +1024,47 @@ } } ] - } - } - }, - { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", - "name": "[variables('analyticRuleTemplateSpecName6')]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, - "properties": { - "description": "Semperis Directory Services Protector Analytics Rule 6 with template", - "displayName": "Semperis Directory Services Protector Analytics Rule template" + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('analyticRuleObject5')._analyticRulecontentId5]", + "contentKind": "AnalyticsRule", + "displayName": "Semperis DSP Zerologon vulnerability", + "contentProductId": "[variables('analyticRuleObject5')._analyticRulecontentProductId5]", + "id": "[variables('analyticRuleObject5')._analyticRulecontentProductId5]", + "version": "[variables('analyticRuleObject5').analyticRuleVersion5]" } }, { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('analyticRuleTemplateSpecName6'),'/',variables('analyticRuleVersion6'))]", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('analyticRuleObject6').analyticRuleTemplateSpecName6]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('analyticRuleTemplateSpecName6'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "Semperis_DSP_Failed_Logons_AnalyticalRules Analytics Rule with template version 2.0.5", + "description": "Semperis_DSP_Failed_Logons_AnalyticalRules Analytics Rule with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('analyticRuleVersion6')]", + "contentVersion": "[variables('analyticRuleObject6').analyticRuleVersion6]", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.SecurityInsights/AlertRuleTemplates", - "name": "[variables('AnalyticRulecontentId6')]", - "apiVersion": "2022-04-01-preview", + "name": "[variables('analyticRuleObject6')._analyticRulecontentId6]", + "apiVersion": "2023-02-01-preview", "kind": "Scheduled", "location": "[parameters('workspace-location')]", "properties": { "description": "Alerts when there are failed logons in the DSP system.", "displayName": "Semperis DSP Failed Logons", "enabled": false, - "query": "Event\n| where Source == 'Semperis-Operation-Log' and EventID == 20002\n| sort by TimeGenerated desc \n| parse RenderedDescription with \"Operation: \" Operation \"Access Granted:\" AccessGranted \"Result: \" Result \"Details: \" * \"Trustee Name: \" TrusteeName \" Correlation ID: \" * \" Source: \" HostIP \"WebSite Target\" *\n| extend host = tostring(HostIP)\n| extend HostIP = trim_end(\":\", HostIP)\n| project TimeGenerated, UserName, HostIP, _ResourceId\n| order by TimeGenerated desc\n| top 10 by TimeGenerated\n| count\n", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-Operation-Log' and EventID == 20002\n| sort by TimeGenerated desc \n| extend p1Xml = parse_xml(EventData).EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\n| extend det = column_ifexists('details', '')\n| parse det with * \"Trustee Name: \" TrusteeName \" Correlation ID: \" * \" Source: \" HostIP \"WebSite Target\" *\n| extend host = tostring(HostIP)\n| extend HostIP = trim_end(\":\", HostIP)\n| project TimeGenerated, TrusteeName, HostIP, _ResourceId\n| extend NTDomain = tostring(split(TrusteeName, '\\\\', 0)[0]), Name = tostring(split(TrusteeName, '\\\\', 1)[0]) \n", "queryFrequency": "PT30M", "queryPeriod": "PT30M", "severity": "Medium", @@ -1177,25 +1073,65 @@ "triggerOperator": "GreaterThan", "triggerThreshold": 0, "status": "Available", + "requiredDataConnectors": [ + { + "dataTypes": [ + "dsp_parser" + ], + "connectorId": "SemperisDSP" + } + ], + "tactics": [ + "InitialAccess", + "CredentialAccess" + ], + "techniques": [ + "T1078", + "T1110" + ], + "entityMappings": [ + { + "fieldMappings": [ + { + "columnName": "HostIP", + "identifier": "Address" + } + ], + "entityType": "IP" + }, + { + "fieldMappings": [ + { + "columnName": "Name", + "identifier": "Name" + }, + { + "columnName": "NTDomain", + "identifier": "NTDomain" + } + ], + "entityType": "Account" + } + ], "eventGroupingSettings": { "aggregationKind": "SingleAlert" }, "alertDetailsOverride": { - "alertDescriptionFormat": "A failed logon was detected to the DSP system.", - "alertDisplayNameFormat": "Failed Logon -- Alert from Semperis Directory Services Protector" + "alertDisplayNameFormat": "Failed Logon -- Alert from Semperis Directory Services Protector", + "alertDescriptionFormat": "A failed logon was detected to the DSP system." } } }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", "apiVersion": "2022-01-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleId6'),'/'))))]", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject6').analyticRuleId6,'/'))))]", "properties": { "description": "Semperis Directory Services Protector Analytics Rule 6", - "parentId": "[variables('analyticRuleId6')]", - "contentId": "[variables('_analyticRulecontentId6')]", + "parentId": "[variables('analyticRuleObject6').analyticRuleId6]", + "contentId": "[variables('analyticRuleObject6')._analyticRulecontentId6]", "kind": "AnalyticsRule", - "version": "[variables('analyticRuleVersion6')]", + "version": "[variables('analyticRuleObject6').analyticRuleVersion6]", "source": { "kind": "Solution", "name": "Semperis Directory Services Protector", @@ -1212,54 +1148,47 @@ } } ] - } - } - }, - { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", - "name": "[variables('analyticRuleTemplateSpecName7')]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, - "properties": { - "description": "Semperis Directory Services Protector Analytics Rule 7 with template", - "displayName": "Semperis Directory Services Protector Analytics Rule template" + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('analyticRuleObject6')._analyticRulecontentId6]", + "contentKind": "AnalyticsRule", + "displayName": "Semperis DSP Failed Logons", + "contentProductId": "[variables('analyticRuleObject6')._analyticRulecontentProductId6]", + "id": "[variables('analyticRuleObject6')._analyticRulecontentProductId6]", + "version": "[variables('analyticRuleObject6').analyticRuleVersion6]" } }, { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('analyticRuleTemplateSpecName7'),'/',variables('analyticRuleVersion7'))]", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('analyticRuleObject7').analyticRuleTemplateSpecName7]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('analyticRuleTemplateSpecName7'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "Semperis_DSP_Operations_Critical_Notifications__AnalyticalRules Analytics Rule with template version 2.0.5", + "description": "Semperis_DSP_Operations_Critical_Notifications__AnalyticalRules Analytics Rule with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('analyticRuleVersion7')]", + "contentVersion": "[variables('analyticRuleObject7').analyticRuleVersion7]", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.SecurityInsights/AlertRuleTemplates", - "name": "[variables('AnalyticRulecontentId7')]", - "apiVersion": "2022-04-01-preview", + "name": "[variables('analyticRuleObject7')._analyticRulecontentId7]", + "apiVersion": "2023-02-01-preview", "kind": "Scheduled", "location": "[parameters('workspace-location')]", "properties": { "description": "Alerts when there are critical notifications fired in the DSP system.", "displayName": "Semperis DSP Operations Critical Notifications", "enabled": false, - "query": "Event\n| where Source == 'Semperis-DSP-Notifications' and EventID == 30001\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\n| parse column_ifexists('objectDN', '') with * \"CN=\" cnName \",\" *\n| where \"Critical\" == column_ifexists('severity', \"\")\n| count", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-DSP-Notifications' and EventID == 30001\n| extend p1Xml = parse_xml(EventData).EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, EventSourceName, Channel, Computer, Level, EventLevelName, EventID, Task, Type, _ResourceId)\n| parse column_ifexists('objectDN', '') with * \"CN=\" cnName \",\" *\n| where \"Critical\" == column_ifexists('severity', \"\")\n| extend NTDomain = tostring(split(changedBy, '\\\\', 0)[0]), LoginUser = tostring(split(changedBy, '\\\\', 1)[0])\n| extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.'))\n", "queryFrequency": "PT30M", "queryPeriod": "PT30M", "severity": "Medium", @@ -1268,25 +1197,71 @@ "triggerOperator": "GreaterThan", "triggerThreshold": 0, "status": "Available", + "requiredDataConnectors": [ + { + "dataTypes": [ + "dsp_parser" + ], + "connectorId": "SemperisDSP" + } + ], + "tactics": [ + "InitialAccess", + "CredentialAccess", + "ResourceDevelopment" + ], + "techniques": [ + "T1133", + "T1110", + "T1584" + ], + "entityMappings": [ + { + "fieldMappings": [ + { + "columnName": "LoginUser", + "identifier": "Name" + }, + { + "columnName": "NTDomain", + "identifier": "NTDomain" + } + ], + "entityType": "Account" + }, + { + "fieldMappings": [ + { + "columnName": "HostName", + "identifier": "HostName" + }, + { + "columnName": "DnsDomain", + "identifier": "DnsDomain" + } + ], + "entityType": "Host" + } + ], "eventGroupingSettings": { "aggregationKind": "SingleAlert" }, "alertDetailsOverride": { - "alertDescriptionFormat": "A critical notification was created in the DSP system.", - "alertDisplayNameFormat": "Critical Notification -- Alert from Semperis Directory Services Protector" + "alertDisplayNameFormat": "Critical Notification -- Alert from Semperis Directory Services Protector", + "alertDescriptionFormat": "A critical notification was created in the DSP system." } } }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", "apiVersion": "2022-01-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleId7'),'/'))))]", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject7').analyticRuleId7,'/'))))]", "properties": { "description": "Semperis Directory Services Protector Analytics Rule 7", - "parentId": "[variables('analyticRuleId7')]", - "contentId": "[variables('_analyticRulecontentId7')]", + "parentId": "[variables('analyticRuleObject7').analyticRuleId7]", + "contentId": "[variables('analyticRuleObject7')._analyticRulecontentId7]", "kind": "AnalyticsRule", - "version": "[variables('analyticRuleVersion7')]", + "version": "[variables('analyticRuleObject7').analyticRuleVersion7]", "source": { "kind": "Solution", "name": "Semperis Directory Services Protector", @@ -1303,54 +1278,47 @@ } } ] - } - } - }, - { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", - "name": "[variables('analyticRuleTemplateSpecName8')]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, - "properties": { - "description": "Semperis Directory Services Protector Analytics Rule 8 with template", - "displayName": "Semperis Directory Services Protector Analytics Rule template" + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('analyticRuleObject7')._analyticRulecontentId7]", + "contentKind": "AnalyticsRule", + "displayName": "Semperis DSP Operations Critical Notifications", + "contentProductId": "[variables('analyticRuleObject7')._analyticRulecontentProductId7]", + "id": "[variables('analyticRuleObject7')._analyticRulecontentProductId7]", + "version": "[variables('analyticRuleObject7').analyticRuleVersion7]" } }, { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('analyticRuleTemplateSpecName8'),'/',variables('analyticRuleVersion8'))]", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('analyticRuleObject8').analyticRuleTemplateSpecName8]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "AnalyticsRule" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('analyticRuleTemplateSpecName8'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "Semperis_DSP_RBAC_Changes_AnalyticalRules Analytics Rule with template version 2.0.5", + "description": "Semperis_DSP_RBAC_Changes_AnalyticalRules Analytics Rule with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('analyticRuleVersion8')]", + "contentVersion": "[variables('analyticRuleObject8').analyticRuleVersion8]", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.SecurityInsights/AlertRuleTemplates", - "name": "[variables('AnalyticRulecontentId8')]", - "apiVersion": "2022-04-01-preview", + "name": "[variables('analyticRuleObject8')._analyticRulecontentId8]", + "apiVersion": "2023-02-01-preview", "kind": "Scheduled", "location": "[parameters('workspace-location')]", "properties": { "description": "Alerts when there are RBAC changes in the DSP system.", "displayName": "Semperis DSP RBAC Changes", "enabled": false, - "query": "Event \n| where Source == 'Semperis-Operation-Log' and EventID == 20012 \n| order by TimeGenerated desc\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, Source, EventLog, Computer, EventLevel, EventLevelName, EventID, EventCategory, UserName, Type, _ResourceId)\n| extend det = column_ifexists('details', '')\n| parse det with \"Occured at (UTC): \" OccurredAt \"Session ID: \" SessionID \"Trustee Name: \" TrusteeName \"Correlation ID: \" CorrelationID \"Source: \" Source \"WebSite Target: \" WebSiteTarget \"Product: \" Product \"Component: \" Component \"AD Information: \" ADInformation \"Object GUID: \" ObjectGUID \"Attribute: \" Attribute \"Distinguished Name: \" DistinguishedName \"Additional Information: \"AdditionalInformation \"Operation Detail: \" OperationDetail \"operationName: \" operationName \"trustee: \" trustee \"personas: \" personas \"Status: \" status \"Granted: \" Granted \"Result: \" Result\n| extend _AccessGranted = iif(operationName contains \"CreateRbacIdentity\", \"Added\", \"Removed\")\n| extend _Identity = iif(operationName contains \"CreateRbacIdentity\", trustee, tostring(substring(trustee, 1, strlen(trustee))))\n| extend _Identity = iif(operationName contains \"CreateRbacIdentity\", _Identity, replace_string(_Identity, \"'\", \"\"))\n| extend add_personas = replace_string(replace_string(replace_string(personas, \"{ Name = \", \"\"), \" }\", \"\"), \";\", \",\")\n| extend remove_personas = replace_string(personas, \";\", \",\")\n| extend grid_personas = iif(operationName contains \"CreateRbacIdentity\", add_personas, remove_personas)\n| extend date_to_sort = format_datetime(TimeGenerated, \"yyyy-mm-dd HH:mm:ss\")\n| order by date_to_sort desc\n| count\n", + "query": "SecurityEvent\n| where EventSourceName == 'Semperis-Operation-Log' and EventID == 20012 \n| order by TimeGenerated desc\n| extend p1Xml = parse_xml(EventData).DataItem.EventData.Data\n| mv-expand bagexpansion=array p1Xml\n| evaluate bag_unpack(p1Xml)\n| extend Name=column_ifexists('@Name', ''), Value=column_ifexists('#text', '')\n| evaluate pivot(Name, any(Value), TimeGenerated, Computer, Level, EventLevelName, EventID, Type, _ResourceId)\n| extend det = column_ifexists('details', '')\n| parse det with \"Occured at (UTC): \" OccurredAt \"Session ID: \" SessionID \"Trustee Name: \" TrusteeName \"Correlation ID: \" CorrelationID \"Source: \" Source \"WebSite Target: \" WebSiteTarget \"Product: \" Product \"Component: \" Component \"AD Information: \" ADInformation \"Object GUID: \" ObjectGUID \"Attribute: \" Attribute \"Distinguished Name: \" DistinguishedName \"Additional Information: \"AdditionalInformation \"Operation Detail: \" OperationDetail \"operationName: \" operationName \"trustee: \" trustee \"personas: \" personas \"Status: \" status \"Granted: \" Granted \"Result: \" Result\n| extend _AccessGranted = iif(operationName contains \"CreateRbacIdentity\", \"Added\", \"Removed\")\n| extend _Identity = iif(operationName contains \"CreateRbacIdentity\", trustee, tostring(substring(trustee, 1, strlen(trustee))))\n| extend _Identity = iif(operationName contains \"CreateRbacIdentity\", _Identity, replace_string(_Identity, \"'\", \"\"))\n| extend add_personas = replace_string(replace_string(replace_string(personas, \"{ Name = \", \"\"), \" }\", \"\"), \";\", \",\")\n| extend remove_personas = replace_string(personas, \";\", \",\")\n| extend grid_personas = iif(operationName contains \"CreateRbacIdentity\", add_personas, remove_personas)\n| extend date_to_sort = format_datetime(TimeGenerated, \"yyyy-mm-dd HH:mm:ss\")\n| order by date_to_sort desc\n| extend NTDomain = tostring(split(TrusteeName, '\\\\', 0)[0]), LoginUser = tostring(split(TrusteeName, '\\\\', 1)[0])\n| extend HostName = tostring(split(Computer, '.', 0)[0]), DnsDomain = tostring(strcat_array(array_slice(split(Computer, '.'), 1, -1), '.'))\n", "queryFrequency": "PT30M", "queryPeriod": "PT30M", "severity": "Medium", @@ -1359,25 +1327,69 @@ "triggerOperator": "GreaterThan", "triggerThreshold": 0, "status": "Available", + "requiredDataConnectors": [ + { + "dataTypes": [ + "dsp_parser" + ], + "connectorId": "SemperisDSP" + } + ], + "tactics": [ + "PrivilegeEscalation", + "Persistence" + ], + "techniques": [ + "T1548", + "T1098" + ], + "entityMappings": [ + { + "fieldMappings": [ + { + "columnName": "LoginUser", + "identifier": "Name" + }, + { + "columnName": "NTDomain", + "identifier": "NTDomain" + } + ], + "entityType": "Account" + }, + { + "fieldMappings": [ + { + "columnName": "HostName", + "identifier": "HostName" + }, + { + "columnName": "DnsDomain", + "identifier": "DnsDomain" + } + ], + "entityType": "Host" + } + ], "eventGroupingSettings": { "aggregationKind": "SingleAlert" }, "alertDetailsOverride": { - "alertDescriptionFormat": "A RBAC change was detected in the DSP system.", - "alertDisplayNameFormat": "RBAC Change -- Alert from Semperis Directory Services Protector" + "alertDisplayNameFormat": "RBAC Change -- Alert from Semperis Directory Services Protector", + "alertDescriptionFormat": "A RBAC change was detected in the DSP system." } } }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", "apiVersion": "2022-01-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleId8'),'/'))))]", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject8').analyticRuleId8,'/'))))]", "properties": { "description": "Semperis Directory Services Protector Analytics Rule 8", - "parentId": "[variables('analyticRuleId8')]", - "contentId": "[variables('_analyticRulecontentId8')]", + "parentId": "[variables('analyticRuleObject8').analyticRuleId8]", + "contentId": "[variables('analyticRuleObject8')._analyticRulecontentId8]", "kind": "AnalyticsRule", - "version": "[variables('analyticRuleVersion8')]", + "version": "[variables('analyticRuleObject8').analyticRuleVersion8]", "source": { "kind": "Solution", "name": "Semperis Directory Services Protector", @@ -1394,37 +1406,30 @@ } } ] - } + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('analyticRuleObject8')._analyticRulecontentId8]", + "contentKind": "AnalyticsRule", + "displayName": "Semperis DSP RBAC Changes", + "contentProductId": "[variables('analyticRuleObject8')._analyticRulecontentProductId8]", + "id": "[variables('analyticRuleObject8')._analyticRulecontentProductId8]", + "version": "[variables('analyticRuleObject8').analyticRuleVersion8]" } }, { - "type": "Microsoft.Resources/templateSpecs", - "apiVersion": "2021-05-01", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", "name": "[variables('dataConnectorTemplateSpecName1')]", "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "DataConnector" - }, - "properties": { - "description": "Semperis Directory Services Protector data connector with template", - "displayName": "Semperis Directory Services Protector template" - } - }, - { - "type": "Microsoft.Resources/templateSpecs/versions", - "apiVersion": "2021-05-01", - "name": "[concat(variables('dataConnectorTemplateSpecName1'),'/',variables('dataConnectorVersion1'))]", - "location": "[parameters('workspace-location')]", - "tags": { - "hidden-sentinelWorkspaceId": "[variables('workspaceResourceId')]", - "hidden-sentinelContentType": "DataConnector" - }, "dependsOn": [ - "[resourceId('Microsoft.Resources/templateSpecs', variables('dataConnectorTemplateSpecName1'))]" + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" ], "properties": { - "description": "Semperis Directory Services Protector data connector with template version 2.0.5", + "description": "Semperis Directory Services Protector data connector with template version 3.0.0", "mainTemplate": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "[variables('dataConnectorVersion1')]", @@ -1524,11 +1529,15 @@ "description": "**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected [**dsp_parser**](https://aka.ms/sentinel-SemperisDSP-parser) which is deployed with the Microsoft Sentinel Solution." }, { - "description": "On your **Semperis DSP Management Server** install the Microsoft agent for Windows.", - "title": "1. Configure Semperis DSP Management Server to send Windows event logs to your Microsoft Sentinel Workspace" + "description": "Collect Windows security events logs from your **Semperis DSP Management Server** .", + "title": "**Configure Windows Security Events via AMA connector**" + }, + { + "description": "On your **Semperis DSP Management Server** install the AMA on the DSP machine that will act as the event log forwarder.\nYou can skip this step if you have already installed the Microsoft agent for Windows", + "title": "1. Install the Azure Monitor Agent (AMA)" }, { - "description": "You can skip this step if you have already installed the Microsoft agent for Windows", + "description": "Start collecting logs from the **Semperis DSP Management Server** .\n\n1. In the Azure portal, navigate to your **Log Analytics workspace**.\n2. In the left pane, click on **Configuration** and then **Data connectors**.\n3. Find and install the **the Windows Security Events via AMA** connector.\n4. Click on **Open connector** and then on **Create data collection rule**.\n5. Configure the DCR with the necessary details, such as the log sources and the destination workspace.", "instructions": [ { "parameters": { @@ -1551,22 +1560,48 @@ "type": "InstructionStepsGroup" } ], - "title": "2. Install and onboard the Microsoft agent for Windows" + "title": "2. Create a Data Collection Rule (DCR)" }, { - "description": "Configure the agent to collect the logs.\n\n1. Under workspace advanced settings **Configuration**, select **Data** and then **Windows Event Logs**.\n2. Select **Go to Agents configuration** and click **Add Windows event log**.\n3. Enter **Semperis-DSP-Security/Operational** as the log name to be collected and click **Apply**", + "description": "Collect syslog messages send from your **Semperis DSP Management Server** .", + "title": "**Configure Common Event Format via AMA connector**" + }, + { + "description": "Install the AMA on the Linux machine that will act as the log forwarder. This machine will collect and forward CEF logs to Microsoft Sentinel.\nYou can skip this step if you have already installed the Microsoft agent for Linux", + "title": "1. Install the Azure Monitor Agent (AMA)" + }, + { + "description": "Start collecting logs from the **Semperis DSP Management Server** .\n\n1. In the Azure portal, navigate to your **Log Analytics workspace**.\n2. In the left pane, click on **Configuration** and then **Data connectors**.\n3. Find and install the **the Common Event Format via AMA** connector.\n4. Click on **Open connector** and then on **Create data collection rule**.\n5. Configure the DCR with the necessary details, such as the log sources and the destination workspace.", "instructions": [ { "parameters": { - "linkType": "OpenAdvancedWorkspaceSettings" + "title": "Choose where to install the agent:", + "instructionSteps": [ + { + "title": "Install agent on Semperis DSP Management Server", + "description": "Download the agent on the relevant machine and follow the instructions.", + "instructions": [ + { + "parameters": { + "linkType": "InstallAgentOnNonAzure" + }, + "type": "InstallAgent" + } + ] + } + ] }, - "type": "InstallAgent" + "type": "InstructionStepsGroup" } ], - "title": "3. Configure the Semperis DSP Windows event logs to be collected by the agent" + "title": "2. Create a Data Collection Rule (DCR)" + }, + { + "description": "Configure your **Semperis DSP Management Server** to send CEF logs to the Linux machine where the AMA is installed. This involves setting the destination IP address and port for the CEF logs", + "title": "3. Configure sending CEF logs on your Semperis DSP Management Server" }, { - "description": "> You should now be able to receive logs in the *Windows event log* table, log data can be parsed using the **dsp_parser()** function, used by all query samples, workbooks and analytic templates." + "description": "> You should now be able to receive logs in the *Windows event log* table and *common log* table, log data can be parsed using the **dsp_parser()** function, used by all query samples, workbooks and analytic templates." } ], "metadata": { @@ -1590,7 +1625,7 @@ }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", - "apiVersion": "2022-01-01-preview", + "apiVersion": "2023-04-01-preview", "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]", "properties": { "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]", @@ -1613,12 +1648,23 @@ } } ] - } + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('_dataConnectorContentId1')]", + "contentKind": "DataConnector", + "displayName": "Semperis Directory Services Protector", + "contentProductId": "[variables('_dataConnectorcontentProductId1')]", + "id": "[variables('_dataConnectorcontentProductId1')]", + "version": "[variables('dataConnectorVersion1')]" } }, { "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", - "apiVersion": "2022-01-01-preview", + "apiVersion": "2023-04-01-preview", "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]", "dependsOn": [ "[variables('_dataConnectorId1')]" @@ -1735,11 +1781,15 @@ "description": "**NOTE:** This data connector depends on a parser based on a Kusto Function to work as expected [**dsp_parser**](https://aka.ms/sentinel-SemperisDSP-parser) which is deployed with the Microsoft Sentinel Solution." }, { - "description": "On your **Semperis DSP Management Server** install the Microsoft agent for Windows.", - "title": "1. Configure Semperis DSP Management Server to send Windows event logs to your Microsoft Sentinel Workspace" + "description": "Collect Windows security events logs from your **Semperis DSP Management Server** .", + "title": "**Configure Windows Security Events via AMA connector**" + }, + { + "description": "On your **Semperis DSP Management Server** install the AMA on the DSP machine that will act as the event log forwarder.\nYou can skip this step if you have already installed the Microsoft agent for Windows", + "title": "1. Install the Azure Monitor Agent (AMA)" }, { - "description": "You can skip this step if you have already installed the Microsoft agent for Windows", + "description": "Start collecting logs from the **Semperis DSP Management Server** .\n\n1. In the Azure portal, navigate to your **Log Analytics workspace**.\n2. In the left pane, click on **Configuration** and then **Data connectors**.\n3. Find and install the **the Windows Security Events via AMA** connector.\n4. Click on **Open connector** and then on **Create data collection rule**.\n5. Configure the DCR with the necessary details, such as the log sources and the destination workspace.", "instructions": [ { "parameters": { @@ -1762,22 +1812,48 @@ "type": "InstructionStepsGroup" } ], - "title": "2. Install and onboard the Microsoft agent for Windows" + "title": "2. Create a Data Collection Rule (DCR)" + }, + { + "description": "Collect syslog messages send from your **Semperis DSP Management Server** .", + "title": "**Configure Common Event Format via AMA connector**" }, { - "description": "Configure the agent to collect the logs.\n\n1. Under workspace advanced settings **Configuration**, select **Data** and then **Windows Event Logs**.\n2. Select **Go to Agents configuration** and click **Add Windows event log**.\n3. Enter **Semperis-DSP-Security/Operational** as the log name to be collected and click **Apply**", + "description": "Install the AMA on the Linux machine that will act as the log forwarder. This machine will collect and forward CEF logs to Microsoft Sentinel.\nYou can skip this step if you have already installed the Microsoft agent for Linux", + "title": "1. Install the Azure Monitor Agent (AMA)" + }, + { + "description": "Start collecting logs from the **Semperis DSP Management Server** .\n\n1. In the Azure portal, navigate to your **Log Analytics workspace**.\n2. In the left pane, click on **Configuration** and then **Data connectors**.\n3. Find and install the **the Common Event Format via AMA** connector.\n4. Click on **Open connector** and then on **Create data collection rule**.\n5. Configure the DCR with the necessary details, such as the log sources and the destination workspace.", "instructions": [ { "parameters": { - "linkType": "OpenAdvancedWorkspaceSettings" + "title": "Choose where to install the agent:", + "instructionSteps": [ + { + "title": "Install agent on Semperis DSP Management Server", + "description": "Download the agent on the relevant machine and follow the instructions.", + "instructions": [ + { + "parameters": { + "linkType": "InstallAgentOnNonAzure" + }, + "type": "InstallAgent" + } + ] + } + ] }, - "type": "InstallAgent" + "type": "InstructionStepsGroup" } ], - "title": "3. Configure the Semperis DSP Windows event logs to be collected by the agent" + "title": "2. Create a Data Collection Rule (DCR)" }, { - "description": "> You should now be able to receive logs in the *Windows event log* table, log data can be parsed using the **dsp_parser()** function, used by all query samples, workbooks and analytic templates." + "description": "Configure your **Semperis DSP Management Server** to send CEF logs to the Linux machine where the AMA is installed. This involves setting the destination IP address and port for the CEF logs", + "title": "3. Configure sending CEF logs on your Semperis DSP Management Server" + }, + { + "description": "> You should now be able to receive logs in the *Windows event log* table and *common log* table, log data can be parsed using the **dsp_parser()** function, used by all query samples, workbooks and analytic templates." } ], "id": "[variables('_uiConfigId1')]", @@ -1786,13 +1862,20 @@ } }, { - "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", - "apiVersion": "2022-01-01-preview", + "type": "Microsoft.OperationalInsights/workspaces/providers/contentPackages", + "apiVersion": "2023-04-01-preview", "location": "[parameters('workspace-location')]", "properties": { - "version": "2.0.5", + "version": "3.0.0", "kind": "Solution", - "contentSchemaVersion": "2.0.0", + "contentSchemaVersion": "3.0.0", + "displayName": "Semperis Directory Services Protector", + "publisherDisplayName": "Semperis", + "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

The Semperis Directory Services Protector solution provides the capability to ingest Windows event logs (i.e., Indicators of Exposure and Indicators of Compromise) into Microsoft Sentinel.

\n

Underlying Microsoft Technologies used:

\n

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

\n
    \n
  1. Agent based logs collection from Windows and Linux machines
    2. \n
\n

Data Connectors: 1, Workbooks: 4, Analytic Rules: 8

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", + "contentKind": "Solution", + "contentProductId": "[variables('_solutioncontentProductId')]", + "id": "[variables('_solutioncontentProductId')]", + "icon": "", "contentId": "[variables('_solutionId')]", "parentId": "[variables('_solutionId')]", "source": { @@ -1831,50 +1914,45 @@ "contentId": "[variables('_workbookContentId4')]", "version": "[variables('workbookVersion4')]" }, - { - "kind": "Parser", - "contentId": "[variables('_parserContentId1')]", - "version": "[variables('parserVersion1')]" - }, { "kind": "AnalyticsRule", - "contentId": "[variables('analyticRulecontentId1')]", - "version": "[variables('analyticRuleVersion1')]" + "contentId": "[variables('analyticRuleObject1')._analyticRulecontentId1]", + "version": "[variables('analyticRuleObject1').analyticRuleVersion1]" }, { "kind": "AnalyticsRule", - "contentId": "[variables('analyticRulecontentId2')]", - "version": "[variables('analyticRuleVersion2')]" + "contentId": "[variables('analyticRuleObject2')._analyticRulecontentId2]", + "version": "[variables('analyticRuleObject2').analyticRuleVersion2]" }, { "kind": "AnalyticsRule", - "contentId": "[variables('analyticRulecontentId3')]", - "version": "[variables('analyticRuleVersion3')]" + "contentId": "[variables('analyticRuleObject3')._analyticRulecontentId3]", + "version": "[variables('analyticRuleObject3').analyticRuleVersion3]" }, { "kind": "AnalyticsRule", - "contentId": "[variables('analyticRulecontentId4')]", - "version": "[variables('analyticRuleVersion4')]" + "contentId": "[variables('analyticRuleObject4')._analyticRulecontentId4]", + "version": "[variables('analyticRuleObject4').analyticRuleVersion4]" }, { "kind": "AnalyticsRule", - "contentId": "[variables('analyticRulecontentId5')]", - "version": "[variables('analyticRuleVersion5')]" + "contentId": "[variables('analyticRuleObject5')._analyticRulecontentId5]", + "version": "[variables('analyticRuleObject5').analyticRuleVersion5]" }, { "kind": "AnalyticsRule", - "contentId": "[variables('analyticRulecontentId6')]", - "version": "[variables('analyticRuleVersion6')]" + "contentId": "[variables('analyticRuleObject6')._analyticRulecontentId6]", + "version": "[variables('analyticRuleObject6').analyticRuleVersion6]" }, { "kind": "AnalyticsRule", - "contentId": "[variables('analyticRulecontentId7')]", - "version": "[variables('analyticRuleVersion7')]" + "contentId": "[variables('analyticRuleObject7')._analyticRulecontentId7]", + "version": "[variables('analyticRuleObject7').analyticRuleVersion7]" }, { "kind": "AnalyticsRule", - "contentId": "[variables('analyticRulecontentId8')]", - "version": "[variables('analyticRuleVersion8')]" + "contentId": "[variables('analyticRuleObject8')._analyticRulecontentId8]", + "version": "[variables('analyticRuleObject8').analyticRuleVersion8]" }, { "kind": "DataConnector", diff --git a/Solutions/Semperis Directory Services Protector/Package/testParameters.json b/Solutions/Semperis Directory Services Protector/Package/testParameters.json new file mode 100644 index 00000000000..7275f20ea9a --- /dev/null +++ b/Solutions/Semperis Directory Services Protector/Package/testParameters.json @@ -0,0 +1,56 @@ +{ + "location": { + "type": "string", + "minLength": 1, + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Not used, but needed to pass arm-ttk test `Location-Should-Not-Be-Hardcoded`. We instead use the `workspace-location` which is derived from the LA workspace" + } + }, + "workspace-location": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "[concat('Region to deploy solution resources -- separate from location selection',parameters('location'))]" + } + }, + "workspace": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Workspace name for Log Analytics where Microsoft Sentinel is setup" + } + }, + "workbook1-name": { + "type": "string", + "defaultValue": "Semperis DSP AD Changes", + "minLength": 1, + "metadata": { + "description": "Name for the workbook" + } + }, + "workbook2-name": { + "type": "string", + "defaultValue": "Semperis DSP Notifications", + "minLength": 1, + "metadata": { + "description": "Name for the workbook" + } + }, + "workbook3-name": { + "type": "string", + "defaultValue": "Semperis DSP Quickview Dashboard", + "minLength": 1, + "metadata": { + "description": "Name for the workbook" + } + }, + "workbook4-name": { + "type": "string", + "defaultValue": "Semperis DSP Security Indicators", + "minLength": 1, + "metadata": { + "description": "Name for the workbook" + } + } +} From 2b62119fd7ced2b2af46880d5c09f1ca32ccb5c4 Mon Sep 17 00:00:00 2001 From: v-prasadboke Date: Tue, 28 Jan 2025 18:53:03 +0530 Subject: [PATCH 5/7] Update workbooksMetadata.json --- .../Workbooks/workbooksMetadata.json | 39 ++++++++++++++----- 1 file changed, 30 insertions(+), 9 deletions(-) diff --git a/Solutions/Semperis Directory Services Protector/Workbooks/workbooksMetadata.json b/Solutions/Semperis Directory Services Protector/Workbooks/workbooksMetadata.json index 7c5b8863c6b..032c0817a7d 100644 --- a/Solutions/Semperis Directory Services Protector/Workbooks/workbooksMetadata.json +++ b/Solutions/Semperis Directory Services Protector/Workbooks/workbooksMetadata.json @@ -16,9 +16,16 @@ "workbookKey": "SemperisDSPNotificationsWorkbook", "logoFileName": "Semperis.svg", "description": "View notification data related to the Semperis DSP system.", - "dataTypesDependencies": [ "Event" ], - "dataConnectorsDependencies": [ "SemperisDSP-connector" ], - "previewImagesFileNames": [ "notifications-black.png", "notifications-white.png" ], + "dataTypesDependencies": [ + "Event" + ], + "dataConnectorsDependencies": [ + "SemperisDSP-connector" + ], + "previewImagesFileNames": [ + "notifications-black.png", + "notifications-white.png" + ], "version": "1.0.0", "title": "Semperis DSP Notifications", "templateRelativePath": "SemperisDSPNotifications.json", @@ -29,9 +36,16 @@ "workbookKey": "SemperisDSPQuickviewDashboardWorkbook", "logoFileName": "Semperis.svg", "description": "View data related to the Semperis DSP system.", - "dataTypesDependencies": [ "Event" ], - "dataConnectorsDependencies": [ "SemperisDSP-connector" ], - "previewImagesFileNames": [ "quickview-black.png", "quickview-white.png" ], + "dataTypesDependencies": [ + "Event" + ], + "dataConnectorsDependencies": [ + "SemperisDSP-connector" + ], + "previewImagesFileNames": [ + "quickview-black.png", + "quickview-white.png" + ], "version": "1.0.0", "title": "Semperis DSP Quickview Dashboard", "templateRelativePath": "SemperisDSPQuickviewDashboard.json", @@ -42,9 +56,16 @@ "workbookKey": "SemperisDSPSecurityIndicatorsWorkbook", "logoFileName": "Semperis.svg", "description": "View security indicator data related to the Semperis DSP system.", - "dataTypesDependencies": [ "dsp_parser" ], - "dataConnectorsDependencies": [ "SemperisDSP-connector" ], - "previewImagesFileNames": [ "indicators-black.png", "indicators-white.png" ], + "dataTypesDependencies": [ + "dsp_parser" + ], + "dataConnectorsDependencies": [ + "SemperisDSP-connector" + ], + "previewImagesFileNames": [ + "indicators-black.png", + "indicators-white.png" + ], "version": "1.0.0", "title": "Semperis DSP Security Indicators", "templateRelativePath": "SemperisDSPSecurityIndicators.json", From b3459d35ea2f257f0d003c7474c17a34c189fd36 Mon Sep 17 00:00:00 2001 From: v-prasadboke Date: Wed, 29 Jan 2025 14:24:46 +0530 Subject: [PATCH 6/7] Solution packaged --- .../Data/Solution_Semperis.json | 2 +- .../Package/3.0.0.zip | Bin 20517 -> 21503 bytes .../Package/createUiDefinition.json | 2 +- .../Package/mainTemplate.json | 174 ++++++++++++++++-- 4 files changed, 159 insertions(+), 19 deletions(-) diff --git a/Solutions/Semperis Directory Services Protector/Data/Solution_Semperis.json b/Solutions/Semperis Directory Services Protector/Data/Solution_Semperis.json index c383d164392..0fa7fdea947 100644 --- a/Solutions/Semperis Directory Services Protector/Data/Solution_Semperis.json +++ b/Solutions/Semperis Directory Services Protector/Data/Solution_Semperis.json @@ -10,7 +10,7 @@ "Workbooks/SemperisDSPSecurityIndicators.json" ], "Parsers": [ - "Parsers/dsp_parser.txt" + "Parsers/dsp_parser.yaml" ], "Analytic Rules": [ "Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml", diff --git a/Solutions/Semperis Directory Services Protector/Package/3.0.0.zip b/Solutions/Semperis Directory Services Protector/Package/3.0.0.zip index 96acfc2259b28ee90ad41b719d7901ca9dec38e3..4111e76bc2bd16b9a182dc7b4cef861fa03e191d 100644 GIT binary patch delta 21362 zcmY(pb8O&Wus&Sdw(YI0t!>-b+WgeU*0$~L)^@kHZQK2Q@6CJvc$1TpNzUXsCvzr~ znR%upAN0En6kACa90CIb1Ox`8SYAK}XBa$o836=DEdiS!a5Hs?SwaG{37c~iV9Q40 z(MV<&&MS#uqCWK)ZIjs_l%`mxnXzC@{Fyu9!Nku`?Ej8G?A^2MPh+y>)9+pIqr#t+ zr~{Sx2sSTLi(+{H`d-enJ1Uw-VC&Yst4ldElAiWxKUmI@+@FURLp4K+Tz#)=lAPRd zWUEexvgaHzVGf&2lWcw^0_zVFeW_~htriYLe-tu%h=?JjDo+(O3&mrG?{pG8C^67g zUYvB>#+5`hN!^BptH4e{nizXH_{qoHmoF#A9#$`W@FFJ8V^=vsO{O4D^+^2Wj$}^d zThs{oC5XD3@&JiQY&pJidz&%NL@lF#cB_n_e{u`Yp}L5a+nuTZu%ZV=1rZoeRC;~G zhT)8rdG?HqJtp4R^@;uK)yyZ0P!b5T?PL9ciOUw1p;TWHMaGdf79&5XW*#&qhEF8U zE_&ad{|Q^v_4R)JU9YKuUL)=PCG)rIl;*S4aC~Cy%o{XAF2W&6#i?FkIXW0rc`Rab zUMV0eow*l>uSafy-&p0mQ<|s;V(w83`ylzks$-3jh~>8l_iuSH(hTW;GAckggFdEp zC!KVBIhe>rr&+9eOhY20#t(IL?!0LMeVgoJ9IJHEvG;rp5U4te8{5Ub`(#Bkihn^; z{jZ|&_|2WV!cT&Y|O0^BW`|%r#D1Hl$gk@IH`aChIA^)*I z`}anO951%o@L(3E9MU@<68w1xV~XS)9EbgbIA<`pmsgAkQ-=hqK|us4=uE#!;e3M~ z3-r101tiu2Jyd%T-K zRp}Ta=#85M4KFB!xDP#i%=i;4TbcFs@bs{wq(KvfB;r-V#>-37+&;*q9(oUPa%3wr z;tR%@ht(>6H20Suc3!}j=naGMj|`Z+@(tHst06JQ!;&1Nm7bL|rj+lOhmn+opEBUs zig3?$_tNv4S|@m4Q%ZAUQ=20T5PqSEo$}t+K_WjZqD}$=Yj{b%7w5B-u&Ta zZsP?+z4hFFlc=(>m>1OUwsyuT_mM*|%yWO}%UIYpZJB&kzh8hA4DI3_!uG+?lSx>u z3G`%`QIJw;&?igW-yCUK2&;Pa83Bhl;cl$nB&b>*!gJMV;?eC?(#iZ%jMNDfkI75w@I#QwVf^16~(RzsZOk`DjHjtfN#jmMrh7Y0eN^+^40M%muE9s1H9l1ZX# zlDbUPVZ^NN`eXpM6e;Cq&FE}^5;a%4$mm?RQdL}K=RvAy9TN<^zs5nHWZPo>e(IwE z+N3P8T4(sE%})}E``I{`{(?;vI!p0ltZc?Tl!ITr!Kl&QFli<#*10FR}VxMD`F(Ma7KCu^_q&VRG>gr(WVA*`{+1%6t8Pw6t z_mPZs%%w(BNX1|4kzVnDVl8g#Hb_lYc(`dLMIIAE2NvIaGI$2vaGP0_ri8L1HW&pV zZGzDd@lcys4jKtX_JA!anuWlVFuNH>9<^mCe z2LAK_4FM@Qs8y_#ln;pm=!-=A2Nu>KV=EkCcTr<^)sX7NMqFzCY;~K(H+W#6+-xHL zQ||`93fY=44p}8wNZYVR$$^b2?4#<9T-*fPu zSXC#YSQ!oY=DS4i9peeI)SOhCC+J6W)cDO84J?(AAZrP`3mPX4pR@sfn?tsv8$+#f zW8(dR6duUhCWu$vQwf%B2%ca+p%9s1D_nlbn0INw*m-uD-)yNR9E{=a|sNh#SqIZo9IttF1=d^a4=l zcU8vKZu0MB%+#0lSiH+A)1N%T>8vfTiR6Fb*GHU| zv9aSq6t%zGs6*bidxjQkh7?nqS+aM7m~k3{AvA?%r-c$7Ps@BCXncX3dC6O-0c zsPJCbc7D@Hx!SCeNrG~DR%_U{lW71ZN&xF^BcwJY>L{YWOEp{9R~lWkQiwuD{!I~R(kEQXfNKf%;2IY zrElJ}v&uw$=u~$d^QLtbs`2Zi4dZ+G?l_G#HEpAFyMH=3>37k?)YEB-y-?%JTmPZ-1Wp);eqZTE+(AU>Z!zatXc%Xvj!w2cW~hu%b>r7+k`(cPXTC^R z#FTLtaf+zAm@RmS0h2V@{Qby;s&8Vqi6a2ApbjYUXW!hNZaVX#k~QcfUQt34tKx?t zgW1!{(#|$Czz^k#bE2*U=v$z(fq!?`DcKI*C&J*u9B^uQ?(~w?(F2AF&!L>imiv*g&lY=RCVH?@WKBd%`d6}df zGyvo_4h6xRPxXB&J7Nk0b72=eUAR;i7}$`V`i{Y93?y<6xFCY;GDEg$uCwby-!o3 zu(S*2Oc97O;-q>V$P<4J>@Ej8h57LtlYsf6;~c~Mn%?q!%2QW%!wN`a1! ze1r3)N(`{XUQ?YYce3NA=p%^Z7Ugi~yS{USP^|ZUuCduBmPAJBsd9CZ_59Q9yva6%0ZNDv?(^!6i)E)5oJ7yjU6&gFEmS2huz(`Q(eq zyZ*e&p%fWr=_LPJQ!nNc$977X*kID=*~ZZL9_-`e4TP;dN50wK#udFBS{>G_;(%*> z`Cf3cjcq#9>UeZ^q|K4cQnA?-m_#y)Wr?%;S;vD(|13A_Kjwa)6aJ<%YwdCD4Rki} zf0ca(xAgRBsBN=h>ROx!0n=;hYw8b%XMe=RWbWOOZ8sPBY#v&lrvmxy-V9gAqyCB^ zmK&~5@rp&$CU)MzugB{U879bfRn&BAu6O9%&7A4lxnDj{O%Q)BCAJTwFS%xGaLVas z>=A!l1ONZ3B(=J5mreo%6pG1>Lplbn1gJr zHB;VPz~!WMyKlCqZ?mRa$w)}}ZzVWQ2z}oJbIq~ec$um`7QZ@YI7^k;kqs}d=D7IS2H0vZGA_mWhJ~;L zyG-BMfG5U{OSg7tZ_9j-_Ks8mk54`Z5Buq(TGUm(Z=$y?L(a8g(D`SwmnSYh7{cuV z_jW$Q51}VN3&}8Zv53CB7cc|dXsa`5tp@~>wLtW_Mu;^8UAQsHZGABi)o87bwLxTd z193hlu=SXa9V7!tt~l%Pwea5f(GEn2=U6fpfC~)#H^>JChTb+iiu(tgfrN((K0Z=W z?`d$-*_+4UbeR3f9}M?QgD%> z=-I(7rySQjk0sa0nrm7)4a71n*Hi7R6YBoOvMj_Hl}gTX#K_`U1Hb^@>~!f@e~W85 zQ2A|g-h&%x{-$(!&6oK!wnV@j^J_q~T!+1-rDyxC&yAZ)PWRaAOTQzB_ed?cuf-_B zA%9GIXIko(OER-uSOWXIdzRQWzW`nP_u?>@!0(pub2cSX_La2{D?`+%TMn64ozcjM zY5DTgcC0liOey6Rp*V(4_dwsBWedJiAajZ8ySuIBv83}lk_r2PA#aV&?G@cY@g79E zk$vk$b1lL0uSbGu7)zSFk*xzE+s#h^t&i@OY@|s)dut{R>%PA>#_zkmiu~lTl*ORb zlDN4D{nFFMQ`23myPU2TdCRg`KF+~9-240trTT~Eo>Haff#BovVi};#ee@U$m~Pup zOK=mu_X-jHu?%*5yqM&~4n*IyF3Sx~IvUWp$rng+FTy8xjA^i)$eN|JRDofP^qVDG zR?tj)+VSrM{|Rfbvp^O+l7Fp5&`!j9@|OK`*(>K48^*ZhY|@g&hdDa8nKu!xjy@^A znGAs{?%u-LcvpA@AFr|RK05Il;Hs`6`Kzl;!&ddCGe?!#wYF6G??iNXmYuvPe>BMM z?Wx4y9T(0&^4UeToyVhmp(_xaf7Y@(eh_7YK?-JFHm<#0YHj~w=07He&r0->75z|& zY>VkA6!TtFV@b@RUh&2FnT30rakA@^&f1TJsOhTmOPTwOhfv*kQcNb_6|gmi8(a+# zA8yIPfz5bX8$d$ZwD7ri@09kpa)p>afnmjITa;E;u*DEw&7ar6C>kFV z5mOef`E*mU?LljK$|Grc0%R*vO!Vj8;TG0_#)UQJvZV)>5(!Ls#G5I%K(` zD&mU_KfgIbq{*w?)$=$x*hGZ#bTQVSz`>eG$m2^jnfWgbYawYoR=9Xk5{Xpd%11J3 zwn}O3(-#v6Sr?`P08~tmCfUZX5YZkjsECk(a@PPC_PH{Nh1Q!T<6)$$tD(DRd3zpu zGq(o+$Vl<};(0h{*2tHIWu%Q_LpLX+s@X6n#3x>?f6-ex_&-6hKjp0%0`_@A>hFIC z(z9KCUwyge50716FiV-{&kx}DMux^jV~HT6NPjRZ8j%{cvC2YY^=E{RFd6KRCE$tbt#9Sxl(1<2`V!YC=W~`OE#!H*H@J8J3*Ve&I)Y| zgeLxdGcinDVqJ;=6GFo|0IQTYN?{#2bQ3(yF1*m(n!$)2D>`XoY#Oaj69TzIp^!P` zbE7P%`H5?vAzQbOj+<7^$oyv?H#oQP-g=+fL1^=o@{OQf_BrGIpJfM-MVqAsMaw0+ z#53lh{8#BGAUH2*sn14_kJYz$GYl$p@0f;|w(@k)_3KK?Aht`PPO%8Bx6!i5G*T^@ zCz{UgUj|3o#t%w|$Jps{aSDR9B+S0Cji>6HF6?+1ukROx_@sPe1NyxHEOy8B>QKM1bu`QSFE- zc|D_e;3V($Sq`dPPGR}l559Q8?=YlGssdR=TkF8sd&MB@8B0E3mxgF7RJfYYMBt|9 zz!kGL9tW8kLZ)M%X*0t(8k`~dXPCiyK-wAbdr3&~`!4#S zd>dxFR~$j!Q3UBWT4zLCj=Dw zdq>mCO<2i5_Yn3c(wCoY**5V(=XIR3;KTEs4FVL8A=IbARNAb8LC%#wGjj0O4GHoV zQ8v>Z$P+KLSNSv4rrz&Dj-fxs9_*vE_sXT%QMkN=-x6Rovv}6g7au-pH zn=Q!oP+7rx5K4Jplj0TCq`ie6fdW$M8xxbiq^H#ObbmEq2dA;I`-VcpWnZVG;e|0G zv4GBAAP!)F|DIpEF^q!xb|qNpEx5t%We9QtgAc+|3ykdXw~LAPX$ zPVv$SO)sU9@wS(9-CZ6mCw)wQ^~m%tGh9!-_yhHi3A3T$B9_}%S+cH?XE!G*%_{nZ z+w8CVXZoVKm=YdLem^|)(x!w6+JgAT;SF4OGGwhT7KbDVUiU`8I+HMW#>nFMa2%>L zYk|j=^hWy!+19hc->49@vu{lq*SFvx!vS+ckHmO9AzEvlJ{Seote+{#2~bzctJx9P_PXU8*cVyqaHbV z&n?AGjSeXi6Wgs?55p6+FrGN+LdP<+0B5tFXqYJ5A4#GN(Xmjr_v`S@@0zC3| z=&jx#NMDpd@qVVX3G^5>E5RBkw8TIFA;Meql};95@~6kn-r7IEg^XCt1V2q7+Blri zB$Dy+uzLh2U_mgDt5=P4sfz#U4 z)m3hVaSWm?15vHCrH30s*)132_J|TSDmXwg`iQL6UHXlMEbH#o>+I5LyH0lgen7~; z9i#@;8Uh8ixEAY9A{ojoVt%lIRmz=-gGwcY` zF2#sDI!LcOfm^ySVS`my7Un`X905J;WukzVcW4(*I@9_i z8j77T)ge;&-4VvOsF-8GD;`cdcME|O#CIo(XgG9rNtUi zV+AL)>K1f50*ZA|f7dnr9VJ~zXPm|=KN6Ye@OtTNR>z-^3udeHu_2KoYv;Za)E{bx zifO=hXLKMY8BNGKM58AWEIXvDv>0=&RXpC8g?LW3FFOVbn^A@!6c4 zqcdvxAn(61yf4&%3YxZwr|5-1tEDJ0()5YtxR4M~Fl0jR;-t+9l(98WISyhTt|W3( za4zMslkpH7Q7i{e|5^kF4S2Yopvg1opyL>Z^4Pg`l_MfhC?%CY*5mjID?=fY#jByb zEJFExM1R?gEvX-ADGlsMgt{i%6UkPXPZ}@MGAk!lg@6HEZIwn+vW*%B*pyUJpt4kk zV@v<=m=7?10UDxz=~f(nb8lGg2IQ*3QLNam(s=s#bdWo*@8pJx zS)?a)!+2D=_aG`CJX|~u1Rd2QChH28R3~{kJv*GDVHmEMQVmuypAj;MBiOTxc96)8oSlYgV^eJ z#!zbNL-9P1GRqx$;s0iF6WZ?*MQXPa~F`$H4W)m@4BXHi>THbx0^+ zHC-?KkeG6r=N_&e`$3gZcN*>(C!ILU<`g&PZc_qq+^J=o@<;OK@DA?t zx8w%23&}Ue+xmFF(rVd|_AA6*;mzX{>YKzl!D03&a(XxZ0pI!0!DS~V`vNUB;X-zyigQo@gacV zVZ4da2S{An+6xm8t(bBy=Nh~mgqByBZ(*5)X$L!kon51&zSAfqs}$b-5IHF#%a!V% zKtqtmyjJE!#PIxNho6eo?QTu@8*bT-fudAw0-|nvA)VC?{4|?}P40bz0i}#tx9=Rd zP)*=#IM7MqIm6sq+uSQYB>VZSeC~h%_^yiN9<@D{9D;0H35)VaV0EYsq^y9O+cju) zXqz4TQva~d%gT}{86g*z=!-2w2(l^Z#b#P){T~B(V+Tlh<5K(BoINjX7}ZGZteICg zEtn>3^A8k@ehNkbbT;EwReHwcG7~Ca=hVKhPhF@qHPQ}uhygc`$d}Ny0yh9!h@c4) z3qpyRng4}iuX*b&a^yagaC|!N*Mw|0PaadyVDxf+U?S0Uj1_7eLf4CLS{63&v@Z9$;Z-=x3cmltv|Fu+{DwO z`AEwZ_?0wT=XP<_Y;*jpKCuD3QOR#;qyC{^P@Ru?oWGCyqmAfx4fEA!)W5UrAi_1> zU7^42C~ty9LfjzU;PcHLZF6X3vvEAa>zO`aX_McwZQdi8(qyB49`FSOJGm^9P3uD7 zgI+DQ*6FhCuXSUX2B){eO4!kaWq42Z(qdr~lOjS93Ugl(#=q==lc)jrN~&z4_xOhW zD{(&0o3%R@8H?H$gIj}E6ZgiIS>hTl3FsXAmGfj?AWFi5!wM9$=8bnl!x+^)GZ}xIyaM>Q!5q+NZq^#~ z>7lWqE`vd{48`z4tXiK@T>xKlcZDQwWk2U?E1Ay-URq=l`)`P8l&kbaw~yD*YO|}T z7JuYKn=5kB{UTt1s9QRO^5{6=P|Ajit{9|8N%yLy#7~}%H#6BYBRS$iPNj~vT!^+V z@ozX*b{--2l)FwT{6*3NZ01z3WV|ferxBH#n8VQ~hwZTQX?lgY}L7 zXj{58gB#^j;L5->HtuIa30ejx(!Uz1GKHOvWqA70G2)Qm@rjkk$8aheuh)fyWLaZ-8_KEA*8ObSweM_;DT9zdprW!ef6F%X~LrRq| z95y5EI*PSq1Ao1nJ<>pC_hW)Q@*<> z+_Dvqr@^(ne}2eN+U);w$M$CP6lSvb1D;A=cjlR-6wIM%1^P*hC}0JfDUawaA1e->h6-!=5EVNVcHt)? zx(Ahy7;9tilUQU>NVG2jeyP+bRnW0f2%wyO6weMy?UnE=aapgMgR}VNCr(gkN*Zw9 zx*KZi^8xu*Ux$kbT8Jp)bK}QyDH|sC0V!(_Co6;-1A!N2t`En`EjK{xfA9!%A~bdf zf-*L|#?QiXpO}t3#(bv;RuwR*4{8!w8ck9VLpGr8Tz+V5Q#LEx=v@xrzNVQ$1A+%o z*v3IJ_QEj#)c_Bxa(@_ZL|!ldU^lHsv&6iU7SBQ$H6+2eWK~-x!H~E0u8rMFU4~DV ztGbeWo&>8sMWgoXlmrAa`Y7*o@aL@*Mdx$#_iWt0cpC}#tgCG$N<=&%!*yG->c@xh zrqJK3kj(K&Fe2(sMOB#ys5Hhf#83G- zPEJ<*1VkeVC*9d7C*I_l9EDaG?Hmo1mTOYE8%gidROW0~8Ie8mXc0>a%?t!Zd)^Eq z+zG2qf)KFH=&fwzy2x}SXgvw2{t(JTBiX8Xp9RU=T zP)N4UL-kL@w`!U|T*FnYBTUj&3g>Qp+*){-wEx;W??--l18+b7_^81p=wTagkYAxN zIUC);MqSS-{X@7!dQ~V30p>!aCPj`z2jPoi^?$g`kl;2(q3gHh^NP4+@+YeUh#y0G z%B_h6B;K8B?I)9T@gkkNlf%8VAJU!an2#lHB>ED`Raa+1u!|l|e~Un152^A2HIa}-$(8H?&lqTRtEQe{loqWT{e@pT85B74gnk|IslTV(%^ z_E#1K6Syj?+F?ptU^Ur|3G;BC?4AZ2T*ghPB%LPBsp!*sPgf&_W7#!LUmcePwxW>5Ux9W8QPgSA9MGRmX7DRTk6PnE>~5mpsX%&$`e*o+a=hy| z+O9`YvlklLChHZix`Tc+;(r7>oO3%v9I5?7||LFd@G56lNu@ZGQe$wTY>H} z9ij^Cy~DbV)7WPP$G{^S(GToI9mv#=o6wKN#splG5#6q@c2_wiBcJZXPHrJk|1q+QXJ+&B;lBpJ>gNEa{n822)p_c3 z_0DLm_^_;CkQJKf^JU=CIhbW$D6#)+>MZ zZpPU|_2~Dx@caoaUGw8L*C=(%IEvI|F)sS)B6|P>NT62?FGg({rhMBm_IYt@>=7zi>mZ5 z+E>y>iEV1@(+snoY42%*2`n zMx;kU5u<#mVBsGfUHTQ{PpwNqyBm8+0kpWFB1xIFGypvUM?CuuX*wv5JB%l+;XDY} z00Nes@Tx0z`NUjr^y8qrcCMQ1AMz+EWyr1H4>+JFIAANW1+5RU-d=t;`Xe##QU2X0 zOauXR3-S2d3DDmu#{ZS{h)F-#j$CBs92BR8y657iroZ2BufLzat3bx(60cffDyT zfLvMOPAYzCu0afs&6Ns+G8r5E$KLB%mZ6`x?dkofv5~S&R!tP)$Ao1Jlr1p#EUoE# z3i1?vmS2YcRU6|~9&1MeioeXAk0ew-FUWx6c#+gg2MzG85tAxdvxgcVOf<%tL6ILB zzhU#G2W};>2RNW6ADUvSsi1-Fhk)(;F3e}PW91xuLaF#ML*xqb1KNyI2NC_==S(Ci zKwzdQ0Cz>RUU8=QdNGwg2X7|SP(N^Q4Wx$~=g109%!6Zb@Cg*Ng4d1OO@Pg&r3sr2 zn=K(`Squ;qfUDuxtN<72Rw`nVD|A#sQ_1hv=C^3y7|OIslKlLf{VL{LdJcQ{^Q(8b zIwik>U3m8~ohKs3AvZN)b^>_3+x#$2i&QHl_K~Y)!Cz=E^@@un1W>O>w?a~(V$E_T z(0X!s>tl@MDwYW0cfuraftT5@5wKBF8N^WmWPlAT%HY^YafJp$vkKgnO*-UQ&7D)kSz)phIR3IEGKCy zX0%-~4elNarW3g^Wegc(1aMwA zthi|VT7&NPl-?~OtPW&uaRQSy^Gi~q%0Oo@1>B5l;`+b}2VbA)%#maZ=mr{5MD4 zNzNPNAk;=d0^Eg#;LO6q7bI)msvN(U^I_L$fjH)JH{YecXHc{RcQ|)ytqAJd29Om^ ze^yONmJLj$CG*uG`*}p*IV)BZxMwi^2d-DuULzc;@ttTq7nEb#~#-Xf9m&s&S=pOji0k}0UvlFo> z2h|w!L~87HjDnZ-EBmUMysW|YpKvIb5)3=ivA`TMf{h0?Z`PQvYPD?Y@ze>+tAI*K z-|-Q6y^8bW-RZVwPzPYbzDp|?GTib;mHWn&zscafm1T}&AQYrWrR1a1s-t-s&Q*-k zPKJsU^C-|w4vR*YnA)a@$W?x5drmA<(1l=HHpwhpRt&fv&mrm$lig)Jh!Z#&Chav7 zTtp7qxe|B3u?A$^E@m)VSWcx#n#gvY47NFw70y^kPqXlt)nRUX1KT&(w=O+giEGac z6+^o4xq6ZMWm8v)yUzqNsfX0)T%TwG4gGfx0@Z4x-=}Tsl2x0!Gh4yEBRSd7@$O-& zY<@fDa^$~vZ4MDGs(HcpbJIg_2F0p-N2E;Y{3lD*EIi?uJ)M;pcBiPMRX&Lxu0dr@ zUkcZa|IKya{d`sH0Y1zVB5%vx6wL~c_VrOSgp2wwf71`;`AZ9vpu?g(C5{IZTMy9i zJ0Ec-R5g~a950c7j?H5XGT@uhGqp?z?2ANhKb;5t#ZW?cPboXV*E@SJ3e1;$uET>fTjZI)}{W1e@x zT|K&q5=i*|s7a1!VOge2X2M>|o7qxwhc{y=%&qw;W>X>Ff!&0H%=A zEO|c67_pb}4p8y7c&*IA9YfF2RV_Vl;nfDJ<-MLs2^dyNW?7mNWm>s#ozrcLWi7{Z z67wrHd!>e?MROXGw(dnj=hJs)On}cc4ZI11o}A6(c+dV0hK3QIwkv`ab^x0p<^vJX zxT@5ZVF*JX?qq#8Fv!wxXS!5FYPuvivpr1J zGwYq^QZ@sBAsL@DAvr^ucR6QR6vbVRoVX@yfv8SmNM+T@`k=SpYNF?Sn)fu!Tu%XfLz;yZ#z2-3}?% zmjv2y21;5m5=6tf1#*;trlMvM8cD`oqU}Kx!fI!EkiH^83YK()84{!-rx=o-LzLZ# zx?-9DU4|~?#7}meoM?t}=m!*E3`AVrkg2x#gya>J5wf2?- zKj1fA-stq5MlzI#HCQ6jGGm zQMzuH7}tfowukDf0c?QBn8zUneez|s->sfPr|P=S-)#TWpBDOQuQR4*yVL&cO&VepMZTU0~nHtST+@6n{V;$`*%cEM} zYzdzt13+tg)5%S;sCOZ zE3Ly`(Q1>?DJ6qP`CNymig<=z7*c6s8r{^#g%>JhVOL(W;)Yw~w zHI6OgS##r$j#67;dksiC8ExXOk0c^!m-Z>X*(X3H)P8R~mhRd~ ztl@M|f5HrqTagn*Eun*ipl(JG3b_{@xVhwf@qJZ(Sixj%=g)Yof zC1`LyS!=<)n4oMV zVLA-~GVI`3bRRHzmCA<|S%U%G1Tk+tF;2uYuSL!c!GZKek6sH)=yI&(iCsXJ0qj>6meuc>|$lq>jk z%82cYNws9SSGSpG&T=oyRTFU}2SZc>MoKeq6a__Upz!I+HH`D=iL41rgl_B;f58zi z$|}H%P~P|Y>R;KkrZlAJ=dwg8XI#^-d-FGzrlu4D^(99#4Fz^JT>*NFP&ds7j8~$V zw%(Jma$9=SjgwyqX=|xX=^Q%i61G`7X(Rbl5|r7yM5q?p>eF~k!^i4se+G5|t1|G~ zrE@iC@JR_mhEI;O9V)szqJ_RwRZywH_*$f^nsOwK2WxXT$1e22&+=gU+#Q@13Brx? z;M+Q7Xw4WuJ^$G{Ny5&B+h4Gcjs|rQ5e9ybj{51gJ6_Y`0vpWA$j|tXH*1Rn#CDy- zRQv+3|6rAAcuMU(ue*xSd1-fn_!@eJd5S8Uq`js^%x9Mj|MvH3InC^uIGq^+2JlkV zp+z!Zb&+|zIs(LUBG+m`eGa<-qjq?B%v2Sp>1QMEZ2Xz%!nI_(U!?Qj(uPwCiuux> zmRhNHi_4C4Zj41E4O029W)E4RFRW(xix&HFYk!L>7ek1-&pk2wCFF5|(m8l1@Qu8m zS|%s&T^bzb$N9>t<3Ma?qq6E&a3(9`?;w_^6Pxj`C>t5^JPi%iC3J&pNqOzto8Ded zn{f&G$p3VmtvSpW#e0Z24$&;DDU*}E{Lo0=9#fLtjB5k;1+Xa(^Tnijtdf&$HC6l@ z^`AYadmaaAM?^niP(lGMZ=u#yR{7+Qy)IN({hpUBQ_>ovw8ft6uG4*^>ZLx* z6QQlZ?7P2fH6{=*i14e()Xuf~lJr1JPSRQKr3Tjg&26-+O_b+KS;Am%=h95uFvgoF|=ti%q=fq&2 zneLmT9hj6z^FnT)Y=(i~TQ53i4W~b2#q`tBPSaN0=pxp)7}|#dUq4~R*Qfg8XrC-` z%TUMu^mfg_jFXlvXS#nQ5k@$#Vmj~F0}uCMs+{OTTRb!?Jqdjt?3p#FTf-z}#0rX@Uf~E-#Re-Z-7U3M5U>-J$m9)Vj?d%R|iMx@jAg22N}%T8`ebT=GL>yE+biTMo#FFPbuK z$L34-Zd=Lq`HhK1jAuPUZLBR>55+%vpmdeaHg3=0NUHyI$FDxaSi8{|`XV*k@-j@* z#MQbB<=S|a>|Zd8?2V45E@(^u^m2kU#Qih6`nu7lDRo9mrM{L^bCy-!%D`=w`Wx63 z&aD9jjNbA?E@`+ClWW^f2@Hqst>1_G^2?{8?CcUYk?>vfE3mMF_BS-7P3XvAnZ8k_ zFNzb_QL|D#GF?*f8Y%ZW=9KW+&Ip}<8^%SVvm4=%b@qCnN7DvN;^!TKWM9|&v8|{h z^#7tOXWjyz_jdeiap75Tpxq>O>?_1K-u>9zQBq~JzrazF-se1;L=yibWJK4SMAH8R zh2`AnS+kx&tHx~{`6UN-)MOL`qTrQ~r^E>l!Ca_OtT? ziypvUlvWzRf%(zxMf)q-ixhoY*YwSf!+l#6$`t{h0 zYN^$hup#C3Mu6C_Z$qjJa}B)ix!90KB{rl{V?$cM4e8@AN5_}!f6mAs+gg++KUPtu zx@T)G8s+l!boYM%YY{F9aS_NGtV0AITVhW$>ZaQxaW#GbJYOAmQ`Ja>|DNI~JyPu}EfOz7Uc%d>2%gSBUo6Geut%8b($E}5WRCQTK#+oT z=+8`$4*AAj(Kqmdf5|@N8~aV#o6UU>hKn`Dp5Wo=L_75+L|Xzalg~#d(iLmsu@tO_Ck!3klLP{eOe@WrQmzhR&Qxq}& zlD>miK7S*cPrQK_5uF$Ejs1q7PzZK8BP6f+15OGt%aFI!e?kMlehm!Z-xhhvev>O& z!-Y$SoBotY@{*bwc;Q3MaVD)KV(j_}gbx-9SP&n_hIvZVm6(dFO^3#|=+BS#%)h}0 zneZ=p@#Pv|gVC03gNrfyCBA|E4_>*p$6ul9W_>t_>TN9mK?F9XONN2;3w^Pf4(lcF>_b4jy7iQC1|TLb3ZLJ zx1@e}Amg^AKuN|xHa6|YiGfV3HbJfT=r--qiZ*RUpH{YM*HeSuk4?Lx8k&J^Y}$=Y z8~+-c_R==(s*8S2SB~cx1C}sf=OHdYjOv@O>%v?ETl+rE*O(~b*!MiLx1}xB-Gq5+ zX}cEef3tH?Nrmsd^bX4Rnr86qby0|rnO2ql~>z&r!S9E2l{ z4d~U}#d>Yk#i9jH2I?H?Y&-k2KN@S?n(uwHb)}pHeiyHd4GMNsRUw#>k>?eg^}Muf1M)Fj#n#l23*b z@305NsOsYL_I7-k(f0P27T*+%YuFLO-H^?;F5Sqc)6!e)LMcRxYzY94Zc#9Ze+qgz zW4mWw|E~gLKK&PP2%#(?M;)B2u-gD81-yn!r{{hIv`NMbNW=zWQMl%ax~Pq33N1Oz zm^1l;nmFA5lD!uyC$2>q)uN7R*$53FKYN7%Ny!|);w@XQo5uoLr~a#Oi)Z>Gda#(g zphiZU!on*U3FYlrTJH5&;!Dyif9K_)W?cEL?sSV32^X^&uyt6ZBr>bDmGR?|tmdGs zvuVK7mh_g|Jwy4G@=C740+LElE=T(ABXwQVcZ{<;4dkv(sG}-h9gmS`%BAwo#f1#ZxMmsC9 zoqgcqcMnEA`{>cuFrM#Cy zIciQhRZ%z3(aQ-xFqJWjx>1!=b6fPphrJxN(7Bl|B+dE}$h zL;41#qF|v4wMsxYtV#tf+XclxE1F;O+j_IhEJGN(;S^@l`rW=;iAH3~0BtD+s$BzA zAt;D8lcb}4KC_u3f7v$|sJW#fGXTZ4jliS&ZDZ^&A_)XSj#aKuGu)Yp9;5k<7~<%^ zI#X=#qD~s)1$IH@|zp*9w3JR)wN z#4fbGop4KeD{R`tqK2cP6)c9>BDlRx?T2`H;7xN`kP7-C7?2F@=@)#rr~Mf zwKIoe&@P;yf99GqL435S0X8_pMc#SG8^$|960}0t6ycw2Aghdj7fqE?N00+*Zz%`V zjtImS^zPoylV_0u)>M-c9~$>!IzxP_klBTI;gN1gJwO|+;kGr;xN*Rd8m7YM6AMD8 zIpEe4I?@?JiD!#u47)~^v1MG_8e#%e`Osgji2yf5>seM!1Z^u*Dw{N zm`pC)+p=*shui_Y00*!JJKAxK2<+0HydGjqD4rx}jx#(uw(ubU$0>r?5P*qgN2vDr zW6XX4C>mP8*vle{+i(H^Ud0F)NtZc&@MbXx4rY&KA>%_@!~i62Ul@~8D8ghMSBi?t zRDTS5e>Jdh)1w}chCDfB8NDdlVQX$z6}ytgkuOWStYKV>S3()Ws>OE#ei5z@@|fs1 z=VAd!q&EgUb5@2EJ@Kh|9=^-dS19zT#;ej;RUEI{L?Bgj9q(FPQbtFcaJ={4JKrOG zB=;yr ze`soiCj4uJrUw?9xC~QOI700(N>s8Gkd-#rL5>L|08VW5Ov-S)8{fSl;u%RXo;kFh ze!!eEcndPMTBDCQS4H!-tB3`#bH$xR%&{?nJTyc)UUHPXr_q0@p{NvsM}})@9-QRH zs40gzhcRWoyA(|pXT6x~QB2Bst$FJK&z@thBkjDTz(REtdBIH9ZD@N5db^e>uq`1Ua0on+_LJ25uxmL~=_PN9iU2;-oA< zdv{lph&GHxGzAo1RIuN3>aE*ExR~R*s@Fz=I{+NtawN#%o>p0gqO+|@B}yA{EPy{pp-HEOQ$u+4gP$_o zWk=81$>VH)?aXT>m2Ds`pG2z7OIn3EM7nMfy^}Rm$VrN;kJ3 zApE-ahW{X8*6R+huHDOL9!9-#_;l?7ZNj8~s4(dY(X#3dp-N=WI>Ml9g+CW1p}CK6 z=SK*0t`*)~7N%Y=oO$&y=CbhR`eDljp~hc-?lFZ--7w@#liApS6~m2}mJjYFtazQ_ z#I<|&BZdt(fBP0~=zVTlpB>YfewD%f5TU${1VZvmKEEhGe`uc$` zRjT8Gz53OY{D#EkVoBB?Vj%?!WG_T4a{K3z3}@t`!@m`QSvfdK_)Mo%^D6gzdG-H) z7R_8N_w)Sa&v1hDy{nh+0RD@gciEHn!6jFt1@?sAw}#Y0^#!gQeKWdiSWvPaB} zJ7ip0gi|YzcP+dIM(Tk%V_}ET1bNcvBesCHKg_C2h73m)W}A1XtT?1IC&;R2T=i$}+|F4<`eSBE74 zga`A;Ea!Blz`_owK!eC?@ixJKg&SeB@qWc-3VRFX{Fpz(Rux7eU$s7HE`XZ@o(8l5 zFI?wk7Way&rHSHzMzH8iN35H;-_3v@U*QU&wgb8y5~`8((?ku#2@A(NA;qyJ3+Mro zyS|&G3#Pf^Q8N;2>$Wvs=mXgzb3T6JQik+-5P#+w!iY{xE;EX0G>>b4kU`?C0|wzu zI-_@%^2sd!hgJ=w;6^Y_D)54X#$2x`ytZhY%MXm@NTdr^2#Kv+6$+4j%$b1=A~2<4 z35?qvx~ahW=V7(^`^!pOi=dR<(;3PzyKnp}UqILiZ>}yjK%+BPKku2D2~+W8&{uTy%?=a`L(%!Oh?sl<+o3&)4kkI z_g3n3Pu=O>ljw9mx6}QVI^9=yy8k3PJ;?3!V5LqE)SVtYiB1o5J3U;f(?fNqhfku@ zd%2z7TdC7~>Q3)HiB9k5c6xuMPVcKbz5gUSJ<9F$Xr)e%)SVtJ-|3RXb8E_Uw{)5) zmBA$E)H1{{R02P)h*<6aW+e000O8q)k0q7{&vQ*9-sx092EtPdFc>O+8wctfJv6 kMgRczcLD$r00000000000000001T7+Pb3CqQvd(}0KSRwM*si- delta 20338 zcmY(qV{k6a7d#l}#`waqum7Ji8o5(>3ls9#VSwRG| z30rXFXUjq4)<|I&$}f#yp*r&zYnM3~QXt=?p0i*`63v_RVC3T?0)F6)c=xXQQ=9Dg z40so^RQj_LcA_vH!{kS5k&he@-OG9QL`8G+@7%d}cPnQ_%F-Mk1j{*+`E&E2t7b}( zsqc4Bk&*oy+Nsl_=)FKlT)-ktCtX~Nz-&dND^tz8)54}7h>B+q5jLby<*tHeCV#5@ z>`R6NB?9u-l_cM_b0t$wQMF^@D6o^0B*h*Leev>)6v&COht&%mzG{hc+x;0GB~=io zd?I>wM>MDOEpCMT7QkFDeS}2lok(doI8aU1mrLoGJ1EBfZ^5!D`$NFz$IW}w&<-#6 z3yg?g?%#nW^&vg`@(s~U@`IVr2h-a9_%o*u1`wtea&kz`Y>L`Kq`!~q(@$6xc^y? z2@y(+f{ayB1k~Q72gLO9l2rL2M7rjI((4mUYSmOfLA9~?%BIz`Pbg|nh!ZBnjFN*+ z8c5LSs$O#Uhn&9%7NX&A5{CxMh)j#tu$ug?ufU6IrBjkgfiWz_O|T9qc2`PYoqF`F zsz72QI~*y@37p+pr5qT?s+?YsE@ow>h2I&B!&qFB&^tb!OnA2lD|FAWelmR=huS3n%A- z8KGvBK4i#@YbU(S?vAS?(i{bu7~!TQ`NWV*9w1CzE))czWyo#0&==??>U5M={daOv z&D;V%5+{Bn^ap3&%Iu3YUP6dr4x9nIjj7BLN}H&!VDIOYoDgD#^#ON8>xhxs@h*$;dr@cs#vD^2v} zhFZgMF#st?#^mw$ZdiQN1e=lL;mJmYrc)=15IcK5Ii^e2=h$_EorC6eqy*vI zn82Dg_SxT6FY?P<(~bSh&|U2T6Cf*$fO7j;z;u+fj*M(4em$^ZS)Ueo_ZClA9Hs`v z=#PGFaFSfs>mUXuX97-_q&ZV>Tfz;fHJbkYysA?8ZjSMLba{MQweCGZQZkbA_4E!u zX_+RR2c&cVkwx;7U86pKy{0)-eZ~@#EJx~JZO%ZoYhC-T-PeJts##(X7w{AntB8e) zm_bo#Hyu8VpDxgH0A_~(@K8ad8K}Ug98S0Hr ziV5SLPt~hKMDVjIOVEeOxCrJ5nQ}54FBOOhOu<{V7K4nn5J)7JCh6%vi2hoPN~Kh{ zNZg=k)}ht%`Oxmlm&wQ*2dXW7%T%6>weQPzFau5Ie;a5y^(xbR{afAxNCBR zW*+MgX=BgJQw-sIMms6DY2GV_S#>J1lF_$sm`dAqWLHIX@Mt3=zepCGN zy^%sqhEKj?fPUgYa4QL%%RVSjYRediRqtcZqvPsPmIVShm?@lCnnMG#Zsb}4=`ej~kooByvvGLnqWns;brWII z&2g8V`5Zgc?&Bv-*eNnU0i7yzUUK}3u_QrL$B0=4)`2(#ObBd-gzf*$jsH3yGV3?`vvF1H2;fSh8t~ z%-QfubThhcuRW%U4(}Nd;dro_{paRk52PEr?J_H&L|=gP+tYi0_?s7p&o9(Nt@_Vz zKg&*#9ga`^vMWccK<> zKWaY33fP=TPMt@OdipKDAnMsWOd)7T%+qCF>zfU)d?Yv%sTbyf46ECMTaeg*ZNJpN z4?F1kAg7j2M4PRkU4g=FE%f0$8gEBtiOyF!;uubU5TOCj)Tj1);sg(sBIAtIh)${e zJSlm~yHeG7jXM-Yveh+s2h;f-zoNp?3E$8Vt$ZEedFbvsVg&3^`)}?+cfx^t?&}GJ0?Jg;CQiGUd@%a9$dK zL}T?&SioghptWrmT7>#RlTo333S5FCcUt?gJ-lZ19mK{g0i zQilLujB!@0YH~BMA}mGSeVre>9^jfV+T50fTLBq(oya|y75jK)@rb|?RmQz4*YGie z0s#&Z!Ok8ao%rw^L6$jO1mnLsNZ%S}85ocyg!ZOGV?(K;t>*&vG%8wQ#oR6k2$(|1 z4CT&dgpk^Q5EwRX-MBJ+Vx?w7~)E-*2DcO0O%PH z`fneY!|Zr_ygtS$cO~H26t2*%M0%1Bu4}b)FDe8(4eizkRrLITQ|lMgBP;~HaTdFL z%=8RrvuN%$;39;%Dv2yo-xLYUUu>$0!kG_a@@T0V zoh08G^;mX_%jlfBIeh+-J#e1?+f(v{soxFw1^WHLD_YV0dou&jEFp~flh0#cT$KXa`` zo%@uTOxo(-YIn+XMt#eErA0_t?_3+#bb3q1?mX|{B$Uhl(CKQUq*s7G0XDV6tyqBK zNt*t~AIg&lbk3Dr&C4$~KAN(GI(}8twO>2hZ^i#~R6MX3v*H#f!mR03KZAe1kpBN^ zBpCEJxP}M_h^7h{2+DsM#m?B;Ud`O@KUcV#GupT~*kAcwId4fNtpO!p35;s(lAMDt zZ|rT-qDrNt2eJKtxnnrn+G>vTARUopxTlbFC2cNIw|`$jKau^>1tZxm;2;YEpx%Q^ zsBi5#5DIANs%Yux=z7m*e?Ifs?Jj!5j#K$LTJiw8n#$~O`8PLmm1ZljjiUHbBykGuCqA?DN$t_h+faVBa$2~Z`Hx%+!AB?p&m|YY@=wb2A3|T;>c(uOW zB{XhbQSR?RI|+YB=(-@h(I(L=(_P8KZOot#1(Xb&Ku{?Ve^l672i#x0{*X+?otd!+ z;mW(7XmM!3=l;8$jUDoipt_pZX7l*icDyg+HW!r}S)=f8KISW~K*9X0%j-Lho{4(a zgMOn>i`^+~1>Ku3sqFBUW(lc7_zGy2W_(V^;AI* z27*85Om<(IWc6}Hf4=+_7X>!64nh;{w0@~a*V!3;FL(%+x~uy=OHI!BM}1K z$;z^F?Y{kdJYFvLd#F0}=KlKH&@CU$cJWVxi;XXMUMMz^%{tzYj=~!=UiGc)a9iw# zfBz0r-xrUw?EKwbNHA>~s*m&b?ItTZHz{x2B{wTzBT2P!m%1l^>3CN}+b-alpUBDG z1IN2$pc!ry%WWF2G7SDw`L|Z!YjO+7Qs;pGp~1^CP?d=Ed0_0bqOUnSW9vfrdp_6w zT>H1RfGy<92Aefk2MgFJc6&<~j=nQx=v>ko)|FGNtD7~_^$;&}$}Xe=1FI+ed){#2 z1xax2>~GiH)p1VILSGdA_4T-3TkvqXSu)Wo3bSCjNK;zT936)C7iKp}su%}*-(%72 z+KKasnwO=Gbxb~on9z!FH(tWu5j*aOk*PRP*gj;RXp&QQtk zq^M}lE?V()Zcot?s@Zl^0konwyAzQ#yJM-)4SNgU$SMI|=2ZY5EX`%%<3{C=iY}|) z%ab9Hj=i+`>O(tB9o4qcE7`ew}h33q$2fp2(4#zZRMd8?hFaj^!p~8mm$0 z#>kUTKy*1dc%twa$az{#f~u>Y#O5ZNbd7}RTe(me$)R7&xW?SA2Z ztUTVmY$44S>vms#eAuUh{{QgZr|fU~>RqJU{{BBC9)uAg|A)ha@c-ptB;B+B9|yxE z?qhXu+zuXsq<1Sg-sl+iddGURZnr|K>2r(%BaDY8)gF-bDxGTY8a&al-9U|a?|LxV zu~L9Rc%WOHe2Y$TpyagPvSkF?UGpYhSHF9cDE7&C^ZaaO?3(aV0@`kH42#^mD%mmf zc{17YCQzzPkBK(H@n%oDO)Wo-c<-AO^*Wu(Sf$CjHLKgcwJQD!6ZXp8P|(T)(G__m zeEPV+!4)_H-A=w`m>V+LWSAH7fh0C?V5U*Ewon8}}9&g1uM6(Qan+OL99u9RVZa+h0q(0HCxgDH+%^lxx{f;)i@8 z$n2j-6TrDIRf!y_IqHs7fl0jiXPsP0^!#Se#Z(+>(>?&lxe~f z_B7O|#m9-HozdM4vPE_>Me?FYAtxc8WWb7IBCBEA}nCOX37wE4GiU z2~n)G!lipGe~*)R%YcU+T~Ffe5g{HfjijFVn|T=ixBDn0H$-`RPN?it0PvhM=Q3Ov zVQ0s0+!uHYXyj=8b%62_LgoF|VjG2er(03gTKZ4eOi9|U8o5w;*ufpQOp6E79eh!t ztzK|c+Ws(;G8n;Mv9IY%e24Lu9*6)&Q$&I&hrF`D3(Frq+>2{1M}MC*Wqk5LrWNAOP-<8P(-ZJ zvoUzjnvI?Fge<*7f2nB{-7#spTm!%pmUQ#VJ!$c*<=AXW+n6Gvkn2k z=rq_EDaO%#av_`n4ZRLG)&QMR=5NOpX6SaKw2f~EY{jDT|mlXB$oof)9UcPDy3#Oosy;eF2 zncD4!1Gd1W`x?#DX1xwcHPlcJ)BQY$j1cujH|&L#QEr}>ghpXVG%MO2{JK) zD3j}a-r@gnH`0G9iVgy4a6cEFjKISO3_8iAqzrK1E%`TgD<2m&kI{lH-9n+{F; ztpmFxUZ=>fY(M{st&#KJzxFnFo$4P3GY1rjwPK7#xFUgE8psaR~4up2ap;?X06 zKU#N4m8|O@1qIy`8eZEdR%o>g$n9_HyPPA??c)eP$n&4Gj-M93C|Gq^mo@T1?=LiB zkGI`2RXL>ZvEDz>>140}fZpc3T!04G%G{2dhjxG;TnU$eBkY(C+-6BXMP1&TFSRP| z0E+cm-;XYLhVaqFTe2!$Gnb_H_b zMBP*ON<#r5;nMH~_x*Pgpy=TGu{i|-0whCjyu(W4WB)}DrP>q{97QUC-ksw!_i#a= zVa64Tuy9~}$i@IM9DzY0g^xfC>2e^+ zyJjoO*40S>hM}NH?b_AApTh^=!QaXcF1{P)4n`%5wlth~1pOIFaC8uFX7PGZ1;oo> z8{kt=#N9~5;pSq-K!};)`)iCjJ{aDY`J4GPGQCM)<(5B?2U*$*K&24DJF^8-XB!QX zo4B~dHlPvzZ?N|;-c^rHni%IzEKJmAByc`M37V|0s5AFUuwnCGs|SbRoI5FzmyW9mo5*b;90&rG<7^EbI6a=Ua8X#P{?D23L?O_#HdJv;}(>y53 z&jgHFtqZ9+e@!_8_ydU89t|9R}+p;bkwrsw!M#=t9~TtKLnMw zg`zQvbU+YaC+&kt%K?+CtSzJ_7Y!*!-P@vp4Gc}<4Y;G~u-6vV;iF$a0)kFX-__bh zSKlPR)bIXM!C6Da#WuEvzR&)*Hz#hgMv7~b`i;qH1ReeBBZPC0V$%gzO;~cnpWs#X z?QM$+pEo2Ke^VX=WYcMhWl?>o=*eC~$p`hfhROzoPyHjTqCTZnLRo=ek*D|u*t%R$kt)Y2 zSFG>S((*E$5QFA;sq-k;Uw7EDEG+7fBm)P?+Y%Fs08C+?W@aW4*K)98gB=>9q6Aox zD72D43ui?{uotYgiM5e+y}++LWZLm}Xs^a$2%Ra%evDjr$1zsnQy{G$gLQKYsW91Xve~!Sz_hP@f-k_LCwFVIe>6BW}S2#w#(vfJG zuBoyTji_;_aT;|CT32qxI;gfyG{Lswz&lsHM%v!P=q9N87@d};FHtLY*;Da;(W25O zpczItfQ2Tig1QM46zCG2F;+WA$~L&}zd)-YZJD*S{e7i~_|EllT~969$CP!U__-P< zi``4zfwd#&KTlo}K3NeAB%w&82%{R>G4-K*+`EnOFZ+C$)YPHpWW`E1fAHWDzkrw2 zQ;uVZ6g4sZ5+_Ra=DC2CmtM5c+MxQKcLMDR{PX1;Ri5>0z`GBPlI)okc!$dsgE)@#uPKym{ZEf`- zork&BmNE;&0iHcL_S!=dRCxB;!9Coq;U6#Z=43|Iid#rb|ln7uz!n zCs4(h(!A%czQAHjN=zN}V$ho!P>#~( zJY~K9`NJ?3@aNAfOZm>g6XU9}i>pLQZP%1gRimN73$PXJy0h!fMfQxRScLgND<$l( zTB&uQHZghO9NH}=F*$E3js@TxBTatuMw4TjWcDbQW7?RjV;#$fd4jE2G&6cay7)b> zXND+;_ld3pPQb9_-3kbbbzQqWg|_%G;=_IJ6D-#499v>!t?C?$@t)S$Ja>E2D2G!( z?p~210%rBCY;OCnvQ~qtHKf(|n}!672*=iO9m>r$B2ASU>vk+(BN&Z0^=BHHxjni6 zvx(i@zAjkDW12^?H`njwjZb^><_=2>i0pV%;J@=QN*nGIzzc+4OKhYyx_=R`SLkja zlFMw%gk#aQp~1?f+EwVET^}mTXOBwKw1jXn0op;+J#zlTcjJSjg6O`gCK~Bg(7zoZ zKK`0?Q1u805rf^_MiYGbHJtj;58^pYh^-`a1{97(OrKf%hH|e&#s~E*SowEqjGi-j zM|2*T$k_dbMGgTE*f7}GCgn&o+JGD;r{3QS7t9SzMbu;3831$FR=&?pBcDCBaQ2TU>lBj|D+W9Sr*=a7uxT;TB^VJNU0g@J_ym>NMSo!WV2R7U%HWL2fd@11vpBK z283KD&Xs>E!^aTy-KpShQ&5FcPb^CK1V)0;%_b;5E?L>8hZPpap48GIwhKW?oA!8; zmw=A=opauz5`S2Kkghxal6m8N9Qvcn1?=qCAB8!gHe+2RQ=?KCo5YYAuNM&ZR!brb8l)wQXtS(0i!>g*yEz z^7`97&;Vn5yyoWm7EFPr<^-wH=1}Bs8@RnMtzVnjjmRyl0213eBa*45ntD|}AOoB+ z?VSk$PcI^z@$*VZ{(xLYNhy^H<&?WkY3RMyR7m^`>)LvkxuY~jBS4Z_&m%p;u!2Cx z<93k6qb~^L{HPr|Uo2;ZSMbhLpjGtk?XR8JIM<2h1M%HHhgCtzC>vQ8^yTpCwxN(y z*cx`g?`mg!SS2B{;`Mb%Kww!EkU)>bvEFrQcOao3;k@dG4gF3sRup~Wp(N-vl+txG zgFc|6XmU6gS&fR2n$BZk4_gh8>tFSSg*zts18p?$<_g>Ol+T%PycKOkyJuLSKBxYZ zZ3hvK#@iA6b4`95Bpl)f@eWsD?g${Dlg+{Q2(M@SWT8oU&$0Q4U`&??~~Fsx3M>N923GWQCq0O+~4Ah^P23X zK2J+@fuz>&Ki|<9i^|pm(S}+`bgXV=UU_0PBaw-EZV4>#usxpR{lbULG6e;im}=gL8sZLal*lTv8Odid4#^sB}rgTGMYtW z^Jb`P$!l6(oR%yR&kz-Rxd;#z$7D+=dK2Hpq$Wbp42wPQP)sM@)glU}^D^edXak%|f zk%FQYjSc}PzF2Jc2S!WWVtm%^>3--;EJ%n&9vb=e07eS*=Wv|p#SJBA?c+STL~Z|u z?xh0QKQdrhb5WUVGxOfW^zJe6j$mW(<4u`BNTh z_{R7x^`jtArW*jb^i+4LC5mtX&87g{BIr*>?ccu;Wo=6Tfjd{Gda?CL)DdCKK`l;} zLvSmpch2#-SI*|y?)aXHs|LM=wmjd> z3J6w5%LYR9)Zhfto{X)&lR*9{IbE`0Le3$4iF8mWn?6V@fbE!stlSo<{1uvlL^+2b zSB7HE+nY~x!+I9h74{;D;w1nMN=AaxfF(pt0ZCV?N6~GTfJ%z#N8Bs8SH?lBj1C zd+1s6ENZbt!;|2DFHGxW9a67BV`K!JG(dl4oTYl+C8b83o#Z7nM1nu%%AU|&_%;76 z+>azz21r&aAD-w!k8q7smK{v{yZd&v$7oWMAw%<#Hh)4%gO*B*x9Xk;gvDCPs_VTvlnVd;fFNgj~((5rk7W)psY=|Nb zR0g=wiZ;SY76r5CY9wK>tB{)F^zWS6;8|&>5ndtVvTn9M9zid5{0w_9l{B=8j2)ar zuhe{Z&7~kx{>c2{<+yPdUeykYJVE3aRr@TbEdQ!i}p8wS2@7zN>*$7xTs%1{*X&5(ypmd@0-?H1_gw zQSB%B-C4`1#?nKO`Ge90aZ3#^`28@dnC+`nM11+Yr7 zmX`)uFtaz&Ermp6sufB;@>xfM&`+T!BjbJh5_un4`V@Gx5gmuSyB@%um@3`PZODSG z-NmN`Tw_)G24<>(6d5) z9G@#hI8WqcLiuKv$(AIUXE>-;eO_r^OE5T3t9NcRHT`NG=K0`I7`C{wp=uy>+RtyjU^%-8gN+TAPGH;6 zG;YmxnZ4I6Y}}=eSyzdf8N>^fz@NjRSJFiCEu7bD6RFfTlfxBZE+Tq(eO2E#1Az-a zPG~Yvz49JKi-#)Jf0~MZ|Juu!UbImS7=OOdq`jEJM9~f!e&6}I!{5++bn`e^HLFeK z`i%MKZ%P1jzj|i;^GTw3KK%RypObrtI{#K)zT`ex^xjk_dbn zWF0a&$Ge4wW5E&=+i5`mefZCERz}_HS#C3MZ|exRyjF=UuSN*Sj1ywJ*US9vQ4i86 zZ8JPHEtGsnLk)xp%aX*sMVv=|ThQnf>{=bNG4ru`;cNTyCqKL&Pf>f}9x2_yBIwkuBKADzy;?YqBW!s_ZiF z6#Ojeoou)pckxx9hOg!7j=FKUUV@3|f(!Vcfo?6bX5_!uHL=7bm+FH;wuN|Ex3)Ot z<|-7dHn17%EGNuRmy-v3(xU2srHf47%IOAQLEeR2XV)UF$;D__#M%;r;;sHJKoqQB z6re|Tyaa|}p^TT{hxlyVkSJKYLJp3ln}d(TOH2(uGPyHDc9U6y{3E5F9Hp%&A%_@& zf$Sp@7dFH-vrV`nQ6VefKLs&C9Fu9nr96IF3Z?}0DUbwZtEZ}0oGZCGN~6ogoeNc@ zENJ8GV?qq$?f@&w*0VPG2#8Y4?MUy)!)e}Fj|OH&XG)C#Nb?CpHS(&K0txf0lus#? ze`_JD6!d8GS#)d-XW1l&=k_}?+s8ioJIu{@g8!{U>Zek=d6X>U=V1;TSu@!Gc7AmJ zAYYIySBV`V(n{~RRo!Tpl8*Hz-AU|*VL-qg=Zhux_c`ig4Pq(P@t_aD!!`fhqxv9n zAqK+Ha1g)nO=(eYOb7SWD^u5MK(AON{W9Gb8x+M`_s7E z$z_t&+Tl0I+?gi8Dk<6xh#l#eKWlo7n+Kk`gbViHU~?}=P?ogr>H1C7@ivsxl#S-lc}Q8f;%Q#c7*vc`~p-qDZhXigK3@yH)2RZi9hw}3nd zvE=B(yi!FV@>K2oG5UYe=ppR<)$sZl_8PKZu|_iU1flEfEX>IleGfYzSXe!lM1Eyo z!@Ml{E7*=jTlZ$t2JH+6g<$AqwFiyLPp;Mci%}2V@>K zSZ$a&!9c33E}Z17i0M~abpR70Hz3b%R+bDFJ^RF9TEdRVbs}#_k#b-q@026=093z< zSH&`&u?K1TiBnpCQNt~`d!(D29=W?5b%Ak6Lt;~m-#8u~Vcl7cIjmdcfoPClQi(^3 zNA^;fL!SZ+oVwQ#t=f&ywNO!LvDDZ8Dl-dd3A(fyxzakrx)>u{$0fu5ZJ0ATThlQ|PNoH7 z?%Z?4!5R;*SEIUZo-=P}x{9W=#QReEp-676mi%Ub_91n`Bk0pKgkt9C;a+@uoXYeh zZ&`{~$caQl2~`mF4Fiso_|&|ve8&Ni@;|!Mmi*168FqAT4`nWS)ZNqJdry=a=>;>} z&dfnZU?+Q@>QzX7%1`WxYTR#xe2~D1Je;ou)^HT29|O}_Vuix07%Yq|k8rSGhUi16 zC`}**Byd&lOgT$g2UR`$lY{rcu5FXZmx+Xa2@r)3?JA#Vs}K;Zi6DjfYJ{J1coKVwY^{-csT{)st%PTad1b^F>%_WV z^QD=H|Hi>PrQi)&?N18d7<;$V$2UhVW!m4R48OE#XjtiBEHmn1gf0t^v)K73a+qGo z$!do<7yT-RxPgnQL~&kaEZSkf=QOk`00yAOWV>S5K%Z*JcnE7zCQ=K|rAFjzc;KCE z0}pc>3@5t6@&Z{I@7#ytCMkBpSMV+L?#CkQYxI~D4qvAXilb~sG@BUWDKusZ+y8iC zEGLJ2TSr|9&y927zbE59#X(u`Xs^Y(h>C$aeU(YiR>18xNM$~ke`0@Gk#u$Td=+)f zm*21J_Hd=1GV7w29-4idyf}{w<2XJ3*511{c|BP@T=R=(TS|MjTRmWy&=GopbPQyB zIe~b)Yu(U*=o56PGT=7)Ac3B?+bw~fx`DilLKloq=)1{A4m%EHXj=T6ghQ_ii5gOU zTGuU+;6)2dduP# zmIm7kgNeOSf9_JO@2y}JO$=QRai1~k;{CMiyFUs=sqce}(0N7;E176V1n#m6uM!Nb zd%C_K(dAeob=8mF^hthgM0|TW`?{M4+r zqgY7E6 zs;efsc}7uF!R}SL91G=JrTu7L(Jm5dq|Uacde&O(p0uMqzj}k>lD%}xKc^04%UWIn zs<!s*Y?#S@1N$yffg?wT40(>2ZC}DXVBI7mIlK58 z6B@#)4|G;X6CNnOs*%5(I7!0);3;8}(aLy&Mnm&TQybmKX>(I$GZY?;3+7u#{!Qu*$(OnGz#g4U?)qE(H7qEyf(LahN7Dle?l8_)Cb0+W>g#Zq^=>;f>6$DxV# z3@H0lS!Cd;F0GB~i^irZZr$}L9U54ZI{yHh(ktg!GT8wgsNtKe@i-r);3P#^CCMs&!h|%f;6JU>8V2jH)RST=!v$ zKeBdKiV)fm3;WL=QkiYY70HQVn83rOWM>?(&K&;E^BLlBQsgC2y&?ri@*%Y0D?IVs zjIDOCvvLrM2A3Ik8SQEzD@ze=E(t$ZOxsNIUYEP=gdvCiqe_IvY6Z;sRmr&+$I&Xs zhU;@VbgnGQEmZ&u1z976$|HkOAAqyG!5T|LgJxZ0jOOcpEd>7Y2FvGIq8H3;`;DIV z7h@rc{a+D87UDy$T>#ka<>zB;V;EY4b5Y^Mxi$-3b!Soe*o)B=q(r=gzAo;8j%9Qg zdXD4Cq7Fb8V5fRv{|N@Qs6kBowsCW; zLEH)8`Rzvw68YM{+<%3!+#e-SQ;k^b9<&z2({>0G7g)30-^_#kW8-$aaK76Z?azO{ zTN-C6TM_=?O(E1&RTW+}pa(wdLwmkA1NP)tu7Omi&;L0-Vg@AMI~%W4h!7cPaU1;D zCCHtVh5_2^J7rP6Jy{6`*R~~3J}zzpO*-~N+|eEU`!@qC6fiWSZ`C2?0bS0w7Kn2V z@2<;Ztq{_~{QrXY9PNdeqHI)K8balMsQ&xt#2-kxmusxuqOLzEz1kc@I7%9LTs-f9 zxj&guqn_Q&YXiKB`=f#8e^`B>{tJ)8Ji`VW-w}vt99ektqO+Vb9jqfy^RsL-p(Ec8 z%3-cU3~7AXznqebv7GWh0m`Z=yX+<8weN5H`d0o2iUc-iIa_m>uZ#B*avY&rR#T*; zc=<&+c-GaHRKvO;;NMhI({#e6q-^U*x4TmuS#AQ|fDfO#iaE~oOYtDe5v4CK0GdUy z@kPr|c%2D*##u#=9~uCSDbdU;?m38B!VJ8c=aO(L#7aOhrIRuNFXb}J`+*jmG-D&- zGy&H_VNOXbIShtqV?;%HIojAJ;qNl287ssgIel4&FK+BJDFIOGn3-ak66Su8w#6hR zpc)V&3QG7P@;6%DVs&E^C^c%ip6Fn8W{JaG#ffD7!OrjRoPfOdykPLZrZ@7>L*1+F zY==uD1;C(uAEInIwOai@Yaj7rPyiePlbSW@v{!4*zVdgSVk>{T1&qw z6yC?5{#f&vVVK|hGG+CwpOAYgsCOz|)OEhfPr%5pr1ri(x#x*l61Bu zjD=!{?$z1TrsD&IT4IEr=m5XOKbm_hJ~b~`0s6;Ku9?;-m_x15tLD!dOXjriO^u9y zv)Vdw^ex5@pulzi2crC5?wBfd%QVOO@^;Onh?ADBV0?Hd7JB?s#rQvyh5OL{nfwM@ zHt*HYuT^*RitLzNh00N@o@{Mv^S=*xV*hH0VqNFgPBj-y&n*Xb{*f z6f38x1mB#tNInG@6^u|iiQ>xXZEz|UhonW!qTIG*2Yg*DEhFBscFy&Da=Ll^qVKx2 z@KF5R8U)s_JW2qeYv?$+gN|Z*#~=p|VaZ^l`+8WmxEnF3UAbSFb3YK@+UT0)7&XdP zll6E^KkzC{19`qB?)$l#?7Ch~kwA*6AF#S6a?_-nI9=>Nt)M{*u3zoL)u5RpQLIX! zTMLa_kY?TY!rMH~YW#wkr2cm^X?6fl9D9rV9qP6{#|S*Af;jrtF0d3>Vja_cw0Xz& zW4$k7Hy)oAQuQGWFxhGuN9GT=jO`|F0*N2>7phH@i1YInkul_2+Ybp&R>Bty&=u>IM(2fO1Jg|?7}hZ?C|v@{ z_l`>mZ*Ev|tvN!U3pQ5xyKA*+^F0^WQckq2ue#&nW~S}Qv>j&O4yLAdv~+&$gI^Za znqv1E#@d6X)*q?4J~h=aNvhEy5wExX232ftbPSxiq&7jT=&>HlkOT7(Y4LF4MpARM z^Tv@I|A>L7_Z2CPMXE=GWVU&ePa0@g`@pS38SYGIG4s+~bn_-bh)tv|eVQ?5gy$vc zA4MRfFmvA*7D`r}NB^;Y(`UhrW|Xv16Rbc8`<4qmI$U^EEj0)p)%fMtoINp8ES%j*~ZhgMiI%X4VhV{~N3i z(zV~#FvZe@$6#W;9rGo$QyjO=eWYZ#$!lkm?HI z>4L2k6!Iz6MRL)KD@m+lN0(>UKM-l?Kx*L?kg|*j&2Y{Uvyuzu>LEDg12|<_`XOkR z77z<>u;`fnQgEnr4Ljxa67kS1Db_OdEbYrf{^ru5^jXFMgY@IqXsPUGX9N6mrT7JgH45$w$V~poTp zme)!~mPJOi!_xsOO_-UEO1M#U&OUp=o>dX;q~H=nKb~Ls+H|Z(kt^~bv(vhBJ38$| zifv%0rL|FiJLgW)a{*M#5K%TyekN&XR~MqM{fh&K;{IvLfkY$zBtwU=+xNNqT+|=+O!{A^TCmhrnQcc5)KvNh`&OQdHVi_5&D~bkKFa^= zl#en+^9CwsN!QLV`*lip!*({ow&?n#a?e{;uaQT zdMl04HiUeqhgYD{Eb1$QX!SPv<>_@j2u;2(!oY!Q4yG7Ye^iX)~H4N!im zBp`le!Yq&g|E*l&zuh;pbYF?_^lX7MS0^or-w}gA1>v zJs*37(fEx>R?j-H6{x?V@dXh6!ccRe8mcxhAx5oRcf{9D6Qw9&XT3{DSMbfWR^t*! zIbb^D^*nmuDta5j^F*2VBKf!G@Cp-Zl+Gq{pCz~pEJ6MY?BTYI|n=kZgR2TqxXKj{IE~Xz@*@o+CWgGqdX{Pvv z=bHfYlZ0hh3(AR&FwXg#sKIa_Z|!F{72xxU@yC88Jh)`BUtt$oDOh-xo$-jGW*_(v3DISl(gY-|}`*H(S1VVmvm7 z^`Q%9W#gmEnpfASVt~A)xjAtGGPt4f?O7)Vymosag9jd7BmvkwXfCYmjtzoZY}j57 zSY2e#!+luoWnojy;LYq7{WGw~nrzUPypik|32UtuH6E?av)ws3PAzOVD3<5oZS59o z?KWODH=EL1tkd-$0UgeKquBK!Z#+m&pe9<|zWNx)xN95n);%L)Frz&uiQNo#mG%_C zDOK6cW~2PvKpEQqLbalwu3L!qJPJn^Fj}m zl4)kqw)AGF*zmjp_ekItZo**Ayhh0JdXil6y$Z?f{o_R)>ta zQpUtFbRyW|$}YzoAhY?%MFSi0Yd?GS?&GUZr)N23B`)yJ2(B&vc6n|^)6fLPIWCe+897Sn9-fp8SM{OE^qBp}mVa zet+U?g3eHvEsdcg+bYG|<7yYNmUjgeTW85CK1MGm?2-0+;)obW9~R)OBs2Q+LW zblf| z`;8OM4cGZ6MF|n64fE|>u-cH{81HMwJbwZ!3iJZ_3)po-_=Xyhz{2L@CP=@)0A#cA zg`YTM1lyXK-gbD(MU67u`e-dGZ6PbrD%X{qA4>PZIbZ<60w0;6s|d< zE^6bMLQ4)a=1jhzCJy(%WbcK_iEB|twWwoSwn78Q&t73bQZmOIyk*OE^H{*nssAe6 z<(a;S9xUcAsFBgGVBr;vgz|PQEr0iVEb%4jmGk0IGba8{>uQ%23Fp%(uyt6ZBr&2UgPG8tM1&GBv5$k zT-&a5<@?r$vBYcT-Z()Ry@p;}$rh)!<&eEM(Vhu?-_4`C#u`XxX|ic|34i5;_eDDG zZcRInjCNLHI|Jb2clSm;1N3OC8P5+zJRqWxnV0eBzV!o8#G1FH zg;Y^*Nk0TxtaYbZNEG!>vw$WloR#pLhu$qqos+owkIbL8qdWob79Adeb}$;?6FX-r zj)Oo8(w}^+LDB%<%Bk@!>3{UOo327B$q7Bs2Tf^G!1;^MK&b)ccVtNDLcKJk7i6t=npWOWD=r7E zJ_iQPJVdWu%TaU6sft>8j$Tgqk*SPX)Qzf~n%kl$KJ4YFh0e`%A%AJsKQevtvYvZf zA6-R>U6^4+LZ3Mdor66I!GoHTGW}a5Z%ryl0;70hryRvp3SY??31NTc$Q4!&O;C21 zFU~RgSY}389nv=_6$Nuus8s^GVU;Rq*)AylS<(EG-`AU6W*NfR53gV*t>5gsm1sn! z4A7QRpxQM+6@r3jGk-}s+Ltq%DUyA2j+$Et$9opDkin13D<~*WiyDrGRMztHjrh;zlEkssUye%wRe;QYDWa(4)ktg z=gG6k0BfpAi4To?F`XekWytKpyYNUiq#mG+)^Hn|XWTg8NDWir^N9taQ}QJhZ2Z|X z0Mr&>TpLDoW_Wf(GhN5L#_5e|mFzjtHp)6s8b9H|B&N`ifa~mOuYX}GNHLjQo;{O| zvpM7r-~~8<)!oyMV?tV?yyHL35np(XoXO0XR+(#CiZsEIUHA$Dd;M13=Nx z0>)kzQQUwN0PreCz(~5x>4P_mL2xj8EDISQ(jo>Rar?rUltK|E&{((q#?fTD%e#A*@<_C*T+1`XG;qeseAsfJAy@ zz%yrMIMHLDn&;uWJbi^ik7~S1jaA9lgPh(Jy&Xki?D!9n3{3Fa4yvK!1Q)Gd^c%g!?iP26+$( z5!eB)w!3M0DZC4jAx^1j8s#QjDI1lOz#IT)6uMn#G;roVWu#NJ;Pck;=HH4%pQO-3 zg>qhjlx2Gr<2IzAcKqr!6$+HzQR^0+NH1!^=}`+#1@vDFO$!z?StmIAWU20O?xfds&bjh;yvj(6j`H$*%mDaJF0*3*xeQwDEA zrdDh8@#d;%-gX(W0CujplZZJsCXk1QNXHi(FEkXDLh#6NEzN_I+z2)0Fy}C) z%y*Zf$>OY^W!%SMK1c-|qGu-EhU3=_BH&S_1IS|lofGIfEo~n1A(s`VJG(HyW2Rqi zK$CDx8h-`Lpt!v@-y%oDAI@K%FP5+NeFrHi9<6992i=Aga1t4Ks! z#yq+L6rPu`-*f7%+C(^?;kv5UMu9s39N*>es@vP!y^vKSMjetx%8c}RxL>$*sR_)Y z*Pv8$DgXWh-@%+4u(+u^m``M4&(A-QjOikQMSm-08%X2?c<{)_WKdWt@Uc=fTTz&D zKBVGA1c@oCl8B&OoFRizXC0`s4&Yy%b)aO{fs)HPonjz&HRq=oC>fWzFx@~B<8t^#IQg~G zIYvTkAq#t`bPE;IENmjZ!t#uzAe}-!(^;54VWsp3Wzrth=??022bpvS3&Q-fT8AaV z`m2ZYmki@is7#UyyP^=3{ERadLrxx3sDDY(Sd5G)0GFb4wL?=!lX+?%c?hoGLb#&2!pN^{#=xVW)tDg4-n>D zDZF`6n0mEv=GDWP7lkiZ4_ht>HGlrP!4xu8!;mvgW@7_Z3^!g{KG;ZD@jAnaEBEYY z3>&Tmg*q&_77}V9fpLRcNGRNW+Ho};RNY>lNav+{`0@?vnTDNORh!>>@mG>4XK6d3vlUN?0AOY> zE<6DK|Nhti);^KBN)*ukYG_vg`tU-;0!)A;=OYpYKu+@XU!9ZXeiYdD{uGSBcCgP! zJ>2L0{BP~17&G|IM-6_8aev$YWRosoKf}GLb+Pq=z0t_4zwR3^5_q4JJz{FyA>+y- zoLYIjYvDC8QV+}-b3244$dg7Nu?4jKVOCu-WH_oY+q^psZI&JMX?Cpl1e$ocTo$uT zScMhBis8cmNR^^9f~}Y^aSJ-UTu5k9Y43nR3AxD8wCH*2M1`t z9LmAGiMrUT4FnCd$mj=lPz4E*OHq^gnOWe?J~*5kE^tY*cyxU0lAXqIbyxyGcrcI5 za!zLoEbM>^G>EJgZ+{bP9nkHNP>rOYCTbu~SUBDZDUK~!Ko5}I_uV92 zFwGT@nvqyrtD*5ipSd6*eeTAec@i+9_L9pCV=~NR3}hTQcYlC>zD+0X&Js77$p6sF zffNh}W^#vQ;@#Ff#gWl{LJYLzj7RB?6lJSno_`XJ7 z*k`#ab==~^#eXd(g|B#T$i&T2UQEI@w~pSYvhHk|EZ(JzV*(dUIk_s1p!tNyk5vn@ zXynDw^6IMS^X!P+2mb9<@NYjn{+(6u?>s#I-Bs}Ku7bZv--$bSl}>PF0@nL5!q_aJ zU3M(>Gq@Obblwe)18$%-BEYC^C&vq&Fyq| zrA~L%o$fx0PWN&<-CL>CJ$0vhkD}B4+)npb>U3Y->HeeW^dPs>gOxfxPsUl=p4vq)96CL5_ew#^AY+R38hyvPD9WR#R^clgBu&`%X*r zsqBI5wB;s5_XP)h*<6aW+e000O8c$Pd`%TL9h z(F_0pM3a6~I3IYHJX(VRI0IHf0037~0ss*J00000000000000029woOBnFF500000 DCRjoi diff --git a/Solutions/Semperis Directory Services Protector/Package/createUiDefinition.json b/Solutions/Semperis Directory Services Protector/Package/createUiDefinition.json index 156c867638e..1a4317a9155 100644 --- a/Solutions/Semperis Directory Services Protector/Package/createUiDefinition.json +++ b/Solutions/Semperis Directory Services Protector/Package/createUiDefinition.json @@ -6,7 +6,7 @@ "config": { "isWizard": false, "basics": { - "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Semperis%20Directory%20Services%20Protector/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Semperis Directory Services Protector](https://www.semperis.com/ds-protector/) solution provides the capability to ingest Windows event logs (i.e., Indicators of Exposure and Indicators of Compromise) into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Agent based logs collection from Windows and Linux machines](https://docs.microsoft.com/azure/azure-monitor/agents/data-sources-custom-logs)\n\n**Data Connectors:** 1, **Workbooks:** 4, **Analytic Rules:** 8\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", + "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Semperis%20Directory%20Services%20Protector/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Semperis Directory Services Protector](https://www.semperis.com/ds-protector/) solution provides the capability to ingest Windows event logs (i.e., Indicators of Exposure and Indicators of Compromise) into Microsoft Sentinel.\n\n**Underlying Microsoft Technologies used:**\n\nThis solution takes a dependency on the following technologies, and some of these dependencies either may be in [Preview](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) state or might result in additional ingestion or operational costs:\n\na. [Agent based logs collection from Windows and Linux machines](https://docs.microsoft.com/azure/azure-monitor/agents/data-sources-custom-logs)\n\n**Data Connectors:** 1, **Parsers:** 1, **Workbooks:** 4, **Analytic Rules:** 8\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", "subscription": { "resourceProviders": [ "Microsoft.OperationsManagement/solutions", diff --git a/Solutions/Semperis Directory Services Protector/Package/mainTemplate.json b/Solutions/Semperis Directory Services Protector/Package/mainTemplate.json index 79114c17306..afa1b901eb7 100644 --- a/Solutions/Semperis Directory Services Protector/Package/mainTemplate.json +++ b/Solutions/Semperis Directory Services Protector/Package/mainTemplate.json @@ -91,6 +91,13 @@ "workbookTemplateSpecName4": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-wb-',uniquestring(variables('_workbookContentId4'))))]", "_workbookContentId4": "[variables('workbookContentId4')]", "_workbookcontentProductId4": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId4'),'-', variables('workbookVersion4'))))]", + "parserObject1": { + "_parserName1": "[concat(parameters('workspace'),'/','dsp_parser')]", + "_parserId1": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'dsp_parser')]", + "parserTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-pr-',uniquestring('dsp_parser-Parser')))]", + "parserVersion1": "1.0.0", + "parserContentId1": "dsp_parser-Parser" + }, "analyticRuleObject1": { "analyticRuleVersion1": "2.0.6", "_analyticRulecontentId1": "1a6d0a49-64b3-4ca1-96c3-f154c16c218c", @@ -503,6 +510,134 @@ "version": "[variables('workbookVersion4')]" } }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('parserObject1').parserTemplateSpecName1]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "dsp_parser Data Parser with template version 3.0.0", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('parserObject1').parserVersion1]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "name": "[variables('parserObject1')._parserName1]", + "apiVersion": "2022-10-01", + "type": "Microsoft.OperationalInsights/workspaces/savedSearches", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Parser for dsp_parser", + "category": "Microsoft Sentinel Parser", + "functionAlias": "dsp_parser", + "query": "SecurityEvent\n| where EventSourceName == \"Semperis-DSP-Security\"\n| where EventID in (\"9211\", \"9212\", \"9208\")\n| parse EventData with \n '' DSPData ''\n| parse DSPData with \n *\n '' FirstFound ''\n * \n| parse DSPData with \n *\n '' GenerationTime ''\t*\n '' SecurityIndicatorName '' *\n '' Result '' *\n '' Score '' *\n '' ForestName '' *\n '' Domains '' *\n '' Severity '' *\n '' Weight '' *\n '' SecurityFrameworkTags '' *\n '' SecurityIndicatorDescription ''\t*\n '' LikelihoodOfCompromise ''\t*\n '' ResultMessage '' *\n '' NumberOfResults '' *\n '' Remediation '' *\n '' Schedule ''\n *\n| extend SecurityFrameworkTagsCsv = replace(@' Mitre:', @'', tostring(SecurityFrameworkTags))\n| extend SecurityFrameworkTagsCsv = replace(@'Mitre:', @'', tostring(SecurityFrameworkTagsCsv))\n| extend SecurityFrameworkTags = replace(@'Mitre:', @'', tostring(SecurityFrameworkTags))\n| extend GenerationTimeTags = tostring(DSPData)\n", + "functionParameters": "", + "version": 2, + "tags": [ + { + "name": "description", + "value": "" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Parser-', last(split(variables('parserObject1')._parserId1,'/'))))]", + "dependsOn": [ + "[variables('parserObject1')._parserId1]" + ], + "properties": { + "parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'dsp_parser')]", + "contentId": "[variables('parserObject1').parserContentId1]", + "kind": "Parser", + "version": "[variables('parserObject1').parserVersion1]", + "source": { + "name": "Semperis Directory Services Protector", + "kind": "Solution", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Semperis" + }, + "support": { + "name": "Semperis", + "tier": "Partner", + "link": "https://www.semperis.com/contact-us/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('parserObject1').parserContentId1]", + "contentKind": "Parser", + "displayName": "Parser for dsp_parser", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','pr','-', uniqueString(concat(variables('_solutionId'),'-','Parser','-',variables('parserObject1').parserContentId1,'-', '1.0.0')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','pr','-', uniqueString(concat(variables('_solutionId'),'-','Parser','-',variables('parserObject1').parserContentId1,'-', '1.0.0')))]", + "version": "[variables('parserObject1').parserVersion1]" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/savedSearches", + "apiVersion": "2022-10-01", + "name": "[variables('parserObject1')._parserName1]", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Parser for dsp_parser", + "category": "Microsoft Sentinel Parser", + "functionAlias": "dsp_parser", + "query": "SecurityEvent\n| where EventSourceName == \"Semperis-DSP-Security\"\n| where EventID in (\"9211\", \"9212\", \"9208\")\n| parse EventData with \n '' DSPData ''\n| parse DSPData with \n *\n '' FirstFound ''\n * \n| parse DSPData with \n *\n '' GenerationTime ''\t*\n '' SecurityIndicatorName '' *\n '' Result '' *\n '' Score '' *\n '' ForestName '' *\n '' Domains '' *\n '' Severity '' *\n '' Weight '' *\n '' SecurityFrameworkTags '' *\n '' SecurityIndicatorDescription ''\t*\n '' LikelihoodOfCompromise ''\t*\n '' ResultMessage '' *\n '' NumberOfResults '' *\n '' Remediation '' *\n '' Schedule ''\n *\n| extend SecurityFrameworkTagsCsv = replace(@' Mitre:', @'', tostring(SecurityFrameworkTags))\n| extend SecurityFrameworkTagsCsv = replace(@'Mitre:', @'', tostring(SecurityFrameworkTagsCsv))\n| extend SecurityFrameworkTags = replace(@'Mitre:', @'', tostring(SecurityFrameworkTags))\n| extend GenerationTimeTags = tostring(DSPData)\n", + "functionParameters": "", + "version": 2, + "tags": [ + { + "name": "description", + "value": "" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "location": "[parameters('workspace-location')]", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('Parser-', last(split(variables('parserObject1')._parserId1,'/'))))]", + "dependsOn": [ + "[variables('parserObject1')._parserId1]" + ], + "properties": { + "parentId": "[resourceId('Microsoft.OperationalInsights/workspaces/savedSearches', parameters('workspace'), 'dsp_parser')]", + "contentId": "[variables('parserObject1').parserContentId1]", + "kind": "Parser", + "version": "[variables('parserObject1').parserVersion1]", + "source": { + "kind": "Solution", + "name": "Semperis Directory Services Protector", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Semperis" + }, + "support": { + "name": "Semperis", + "tier": "Partner", + "link": "https://www.semperis.com/contact-us/" + } + } + }, { "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", "apiVersion": "2023-04-01-preview", @@ -540,10 +675,10 @@ "status": "Available", "requiredDataConnectors": [ { + "connectorId": "SemperisDSP", "dataTypes": [ "dsp_parser" - ], - "connectorId": "SemperisDSP" + ] } ], "tactics": [ @@ -646,10 +781,10 @@ "status": "Available", "requiredDataConnectors": [ { + "connectorId": "SemperisDSP", "dataTypes": [ "dsp_parser" - ], - "connectorId": "SemperisDSP" + ] } ], "tactics": [ @@ -755,10 +890,10 @@ "status": "Available", "requiredDataConnectors": [ { + "connectorId": "SemperisDSP", "dataTypes": [ "dsp_parser" - ], - "connectorId": "SemperisDSP" + ] } ], "tactics": [ @@ -862,10 +997,10 @@ "status": "Available", "requiredDataConnectors": [ { + "connectorId": "SemperisDSP", "dataTypes": [ "dsp_parser" - ], - "connectorId": "SemperisDSP" + ] } ], "tactics": [ @@ -969,10 +1104,10 @@ "status": "Available", "requiredDataConnectors": [ { + "connectorId": "SemperisDSP", "dataTypes": [ "dsp_parser" - ], - "connectorId": "SemperisDSP" + ] } ], "tactics": [ @@ -1075,10 +1210,10 @@ "status": "Available", "requiredDataConnectors": [ { + "connectorId": "SemperisDSP", "dataTypes": [ "dsp_parser" - ], - "connectorId": "SemperisDSP" + ] } ], "tactics": [ @@ -1199,10 +1334,10 @@ "status": "Available", "requiredDataConnectors": [ { + "connectorId": "SemperisDSP", "dataTypes": [ "dsp_parser" - ], - "connectorId": "SemperisDSP" + ] } ], "tactics": [ @@ -1329,10 +1464,10 @@ "status": "Available", "requiredDataConnectors": [ { + "connectorId": "SemperisDSP", "dataTypes": [ "dsp_parser" - ], - "connectorId": "SemperisDSP" + ] } ], "tactics": [ @@ -1871,7 +2006,7 @@ "contentSchemaVersion": "3.0.0", "displayName": "Semperis Directory Services Protector", "publisherDisplayName": "Semperis", - "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

The Semperis Directory Services Protector solution provides the capability to ingest Windows event logs (i.e., Indicators of Exposure and Indicators of Compromise) into Microsoft Sentinel.

\n

Underlying Microsoft Technologies used:

\n

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

\n
    \n
  1. Agent based logs collection from Windows and Linux machines
    2. \n
\n

Data Connectors: 1, Workbooks: 4, Analytic Rules: 8

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", + "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

The Semperis Directory Services Protector solution provides the capability to ingest Windows event logs (i.e., Indicators of Exposure and Indicators of Compromise) into Microsoft Sentinel.

\n

Underlying Microsoft Technologies used:

\n

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

\n
    \n
  1. Agent based logs collection from Windows and Linux machines
    2. \n
\n

Data Connectors: 1, Parsers: 1, Workbooks: 4, Analytic Rules: 8

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", "contentKind": "Solution", "contentProductId": "[variables('_solutioncontentProductId')]", "id": "[variables('_solutioncontentProductId')]", @@ -1914,6 +2049,11 @@ "contentId": "[variables('_workbookContentId4')]", "version": "[variables('workbookVersion4')]" }, + { + "kind": "Parser", + "contentId": "[variables('parserObject1').parserContentId1]", + "version": "[variables('parserObject1').parserVersion1]" + }, { "kind": "AnalyticsRule", "contentId": "[variables('analyticRuleObject1')._analyticRulecontentId1]", From d1d46a3869f33b84f2ecaada56cc92036af94c88 Mon Sep 17 00:00:00 2001 From: v-prasadboke Date: Thu, 30 Jan 2025 15:32:47 +0530 Subject: [PATCH 7/7] preview images added --- Workbooks/Images/Preview/adchanges-black.png | Bin 0 -> 62831 bytes Workbooks/Images/Preview/adchanges-white.png | Bin 0 -> 54978 bytes Workbooks/Images/Preview/indicators-black.png | Bin 0 -> 91072 bytes Workbooks/Images/Preview/indicators-white.png | Bin 0 -> 87819 bytes .../Images/Preview/notifications-black.png | Bin 0 -> 36711 bytes .../Images/Preview/notifications-white.png | Bin 0 -> 35935 bytes Workbooks/Images/Preview/quickview-black.png | Bin 0 -> 50337 bytes Workbooks/Images/Preview/quickview-white.png | Bin 0 -> 48705 bytes 8 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 Workbooks/Images/Preview/adchanges-black.png create mode 100644 Workbooks/Images/Preview/adchanges-white.png create mode 100644 Workbooks/Images/Preview/indicators-black.png create mode 100644 Workbooks/Images/Preview/indicators-white.png create mode 100644 Workbooks/Images/Preview/notifications-black.png create mode 100644 Workbooks/Images/Preview/notifications-white.png create mode 100644 Workbooks/Images/Preview/quickview-black.png create mode 100644 Workbooks/Images/Preview/quickview-white.png diff --git a/Workbooks/Images/Preview/adchanges-black.png b/Workbooks/Images/Preview/adchanges-black.png new file mode 100644 index 0000000000000000000000000000000000000000..193bb51ff0e15eb0b994a7b66195456f5a002595 GIT binary patch literal 62831 zcmd?QcTkhx_xOpTU_(>{1O!x2lopi|2@pU)q(-`Q8(n(nBoPq-5m1p%2)znXL3$Dq z5u}BV)X+mf2!uc&q%7~x`}^DZ?9A?eJ3BkOcP5kbBu}3E-20r|bI$9W8~4COkLQH& z2@Vbp9{u||W*i)xG!Bl##>co0K7r;&yB)k83NX{V%Td*Pk#uly#8t~!i-Y4!(n-eS zqX);weec@@aB!S%{pWS4-KX>!2gmjieH|@}5XZkv-UtUvB!GbkU2r{1{Mg?WcbAhc z$vDoFm|!F&bYa4<=w2qsEz8sL0^j`gXT^_P#bO6DK@vZMjv@74C3NB+d}KhcQRY?LSa>>{5IOEv7VI}n(aPej3_D9V*>VZ((~^H?`OkC z9NGVT72cU&jSovWxYK{yrEe?%)9GKCzLn)Z z`y-nA8klWTk`pG4^zXb8CX;Q1#_R}V=qnXe6npPB@{Zq2_;!VpsrQq+K1iDmsRyS! z=HH#CoY1`Uk>|xT7jv6Kj|K%M1DyA3>u^W`x$=)0`)N2vQTI%8ax!Ieg21xE@tG8l zV%7s|962Jo_Cack*5P+4jU2x>sk=Hd$a-mFGvW*nPXZ^#>i56BtWCipwR}Y(FmMJ{n%+WX!d9WPszp zM$~O_Fd{Qu{3LEs&Zo$9a?@`*gib0UeX4%rboW)nVfV=Yp0uHZ&MZt@V72)#9V0e% z>1Z|`!0c4q{fVIt;aSn^`>)`qt4}1|Uh-E7T~C%a1owNZ?wW_KU?D569Ol3ZO8qBZ z@w^GDdAfs(9qi#7$P^7golGJZK{ojofa%w&zdk?TL9nv9b9{j&-fXFnmEc_zRVrTW zaKrg%?gibWw0|_4WPMduqJiA5QAC6bM08wQTTdEj^VwIYcTCZHwt6z{+zA^BP+wsW zeDq1d72FA#B}_!`-lUYJ2l$rX8K0#T(tQ+V?p_~wiFz?S)PVrhfiSnI(A*^>u{5NK z1S80l{o6nhy#5@jNsMY&B%6DWn7`8xLo(zuoxITb4r0I{!CyK9 zuB#eHKQ;NtBX)^0S^(70CGSo?7k*&P`3NbfvADy%yV++qa+#1ec=4|_=lO!t85WPv z9pp7BsqJd_CkYY$k7xiW0p?+W694*Pq=2y=5T(+(n)v$KMPp|{#InnZ`tGr95c1ld z!_qSPgfbFuCGnY1vcJv(GoQW1(S*YOu0sY?{8tyDhU|B62Q_$e8fbC#8x)4xVxa~g zVohlv^cldGAAH?xZVomb6Oxs7djGX}o&zE@g*Ew%MNLNKLu$UYS?M(YJ98=4j_--! zva*HbiPKdDZ`yI1#H!u5@MtC{>{+x*BRuDe@K3R_Iu}NQkleRyw$)P&RYbbP>I$qM zWj9$G-tjjzOCu1DOF*sSY53mXG!S7;w3@DdJaK+4ZJ-2uM-vh;XhSbaY_~sA3U5lI zJ%h7%taZeoiS94FXBpDj0c)p0%gx|x6jmDA49(u`nci<_MW2RmKD|w*_*GR1AY_|A zg7yNC{*s-oPnmUQUF6>-aYf*y_^r^^BEFgloGqzX<}P>SUm>K&P z_OnR6&?*gRPL?A#uD#`SofNSj1Y|-*3nnb!#_L3<6VGeDEGdJftftz?$rF148ir|c zzYJ>~yv2^=)AIaz`$dzi`#|h3>7VHMI|2?d)5N9VZ3jmd4H5j)Zx}(2d9-wRUQ~&f}!#-NSgfneGWEeI;_&tu(`Eoucr5iuv#ZY@N{T$Uu4r`RH zQ~eB@Ddx9+XEW8+oUbt<>$9}#0uD@^m{{*3FOkpePhFe#5kpy<{A{&myc*LgbTIY2x zYcNfH=hWH+{Sb(@r$@>n42zsoiJ9Ich!s_3)%I)8pIpwC0pCL+Bpoqp)k9yQmzfJF zuy!SC_tY9ZXZh6TdSEbZz?jWECA>H8x-2ou=49$Xe}TX48A8W`>jsUR;5t%2!*j%U z6{j`?opQl@drn1D`;fji6yu!w&iq13e;l9Gvi9nTu9c3-(Vyg5+O;-fb2_57fEwX1 z<6s7R31{4Ayh)5sbJT}62_GV;U!!ylo6Jk@04c3cp*N-;DZ1^z^R=o?Qj0A{Ja6a?9Q;JIy3lDqY&8PJvfUti}y|7Nw)WY$sk_|Dfsci8_+H#(pcu^8# zTbpXOZ8_B7rA{%p{+?SWuqANLAt`p5W#;n>B7Z~K>UiZY+4^C{d~=GQW0o-1)?`7Z zBw;a3p-Eox!Iw>gtDBDRpX2?(A6w!9PMtPGyN_n7k|uB90Oerj5I_GtrfVHLVv?Mz zx>#G)uFr)5rsIKkS{`h+J7=0XJ)RAPvhd`55f;6II@EQt&D8GxFkSItDU@f@NuUUf~ ztOtbHo+7XXb)24zEmo7TVB-7)KiI;9D!^hUNaO9gL<0+@e25`2r#STxaf1x)OBYNV_uhA@DScBqbRrhBGww-8XWZ19Ke~?do!eBM>ZfPr zoFSpq^?)Avtt2i*X^r$BG(J%r4XKBRw~N@MiJAnDrbncn3GRf{w=V~d@W03T(6IZ( z;X1B)^mAjIj3L;SJLmR(Av4|~1p+x!v#fLihX5t3!DYFu*TG;2;m;o(B2clP=gNlk zuQ(~J!6=K#IYb*J6pF{!JlrS_(9y1cG5y`E|D{6dTo2#Zr;RJNey2tqOauXUwAhT{ zpvKkB_A>Ip9H}^H5}7US%Vm0ExqK9qJUsf^4p@^{y;s!2^d4hQZMbOO|9 zRCD5XY{S0kdn~d4s(yi4TL0_U=UU=Sec%hK_<%KG^`cyJ*l?hUoCLzgXkixqiLf#?g}IgO!PA z&4~+{>m)#r;rJEQR8jjW!Y)^X@0-(1a4c&>G)Z-zYhQJ;N;cwT%mxd4x=yqSbK80y z9;joZg%i#VIdE9fSh}>_!<*`(UyOJ$Itghjv3kU!lYv+H*CyHfPe4*lFRme!wD9bS z<6&i`xzo4wlSkku<8V7)R&~F#0m;zbeXt=7HfmGlWau*+?qY#1Xn#9zv=kZ^6!8{* zC5)0>g3>19<60@%#RF%J?;=40E0l!1ca9Ywn({-x&M)w*RaT4aZ;m`x@G(&)+i0b?6n+sxjAI@z}wlCfQc%WGbXQegd* zu_IbxrAPJ%3!ZE~nrp;9zp$oN*YI}K1V2#jB&6!q4cGtuv9tG30Q}dP=_VD_{`Jr2 zx4&eK_FWZJG$pc*gV+-Jk6~f4J8O;a!853%{#IR|%HA2i_z?P08OJ^dGH8g`^u)N% z^;z7FkK4%o&Io@g^=(y|WVHI)M8)QJ}o z>?8PLGwNZ<7l$40<8bSSLtkCg*XY!ukHc9f_ACez)E+##pbPH$@|ww=(f6c9i*Mq& zSU^s6Xy54Yv2xV+#j4hug}|%p!4G-#PTB-Ob_YQFU4+zOVdb>Oi??9e?Q9 zi#ZD&^RgFzvZkrU`8y~B@T@aQ5>&mT0Hvr^a%UwmE$wS>~Psa5FG%kT` z(JrK~xaKr(cYbI6k69B~CV!)@4?NDgLryJ5-W?|HP%N@9GwP^|1H9~-U@c5RH{T=; z80$JJ&)jzq!yT+#XNXb=rsUyJc3?ZI{QQ)30bgfzy;gMEvS6nS70~1!(8Ukk3#ATh?IGZWkt^Jx+JfI|?O)9&uYwhF?KZSvfhOUc8 zysc`s;Kjk9q7Hiku)Se2u>Tv|$1iQ@&VZG2y#v;1+O;KELIsS9C{Uj_tE*>tz47)5 z6mMxH3}WKA+{p9}?c3y|KDO2&&X(>>Ays?=KA}*Ohy{FwxO;%zM%Z#?E)i zUEiHcTTa!$yqexP$t(-U8E~UA3XkGww;Jcy0i-wP7T}1rRVVVu=!uj>nWQqSOFpnw zyLft?TggYrLZCyF`;Y8O`q;J(O$Yy1WtV=_2e(R+Yj}ps@-e#V^Q;6%<_hbmUxI@u zLVP@~>uMkX5tlK3JnU~;+A^N`skypJbzUyb2J$fN$gb+~qjBHYYCUylYCB2YY7pRB z#ETr5jp7_ap7LZ+hKi5KgI>W8BIND0fKxEQ6s>M`IXexm1Dl!)Kx_y#&L--)&n2Xp zbrErrl-&gAVwRJiY6gr~&7{E^pC_Y%OAdl*DPe=ZHD}3(vP($vFo$i6Lb;?Zr45JX zQ)4}lIlte0kr_I!%7dZ!tKP;xfycIX7DX=oR(mQxn+CLalht-?bFiHxkG;0}HL1yY ztqRAMR!_ClBvv+LtUpA6)i+xUzdhD*JgY@F7OCym+RRA%_6C1`d)C_`Ww;Dw?CA@5GN}cq9=3l1&m;=f%mH+7`V%T^ z*0cGj1=E0zufh}7yDLCloAVRX!3t~ieY>(~r~Qg+jUjFA?pvdVA{)1hD#a{;AF1Dx zD8<28)#dgDA48+?E`syO7*a6VR_MX!W|9cRmdS0JreRv|E&ok}Z&y?#R_u0X3J%xG z>pIg#7;RXHGqdW-bwcWV`G*z$hll5{uWYP4cab*R#Zlw9iIZiUs<2i@(X zQDuG?s-iahAN0RZaG0}H%h6hFng|m;={i=1Q#h>P4qx)Se)Ir`*DI#-IMRFBKkiOm zeHNhgnS4mfyzGF|mgSRE*;^=_rl4bbh$x_NQdiJH2he=83UxJYDdGovgcTacZut5t z#NB?R{;5K@@Yby)ZTEjbZxQ-=Y0*00e1Pg_BEQ3GIjTsikCv`vASc72&o4U3{#&9^ zq<~jTzMb**AB=mzF$WO)K5XNhttUk{Q0c*ii|wGZuY&mlTbu8M9ajP**H&@98heCY z@Jk2%L)uBwBE8PWE4S-afLU_r1R7m|B6g(BG5@HuLdrh~x4(-r_78w}1(X-Ii-o_1 z@7wM1^0i*vY8=HRPBYho2Y0vd{dfc`fa&4)e?h2S*M(d=BUncq{C{7i^QU|6PGYG8 z2&1yY|3LFo|BaZTANgNM8k|@kQz$5)j(ei}2Z{_A-OhLOM98yecv+e`cHnmN=!nDB zJd`_<(and?oOb5CltGf0;fQYbetc~UNGInnUc0v3;{#VfB3MVMbMb%y1alNYl6!a0 zCt_ZN#LM2`B`u~Qj3MHx#ZE}j0fv|RZw&vj;uFWu3^QLmi=BVCc+{~V7#naL38#~& z1BQUv%(9OvYc+#zn{#azc6Npu`y_TTisi#hGJ!}e@ZHJy?<;ld*c^&A8{pagksY>D zM*Uxzk(AA!KaVh1ta16jf9r?sEv9WZ%{-f5)H*33`;Hg;)KxjFNTK(RHmmw#1g+QF z31*3_R{K9sjd-pi)|s zHg&WxQJ2LaEZ-MFQ#JNJNkLQUkaE~gplK1jr+)nCR4attT8rq;U6Ki+R)oEo$D0i$R_3iS%7ZY%N`6OP zR9BPROioV?eNMJNUT@fkZ$A-tx8?!vpA_~%bHSMlAYmh(bn=goYr#)BF;t{gn%9kx#%cbHFXe4n9`LITy)<^Ofp?fLye$CsC&f{Q#Cbh%;A4;_h#35U;tY@S@8zT z+y)`)5d04G3HOiP2?A~X3e#^qb_YmXbzXp!t##>cfC|&TXxup5TN^Me z=FzZsX8XV^3P+S`Z0RLEKsUT)`hPp+=*^dO`6;^!#>fm|C+aQhPmhc)!Cd0Q@N*gy zx=9xd*JFaZj*@<>jq9t5;m^vI<_E(x)d1<>%W&oi<~_Dh)dw*Ax2{gZQ|cNv#{Gcd zE?yNc`5}1sVt%hf6!nT+?#k63x{`KRd)ec&{R@1-G2A<;x=!n=92sU_mS z3Hujj_P*@zazk6ocZ{+6M*^9U0bY7t|M0ytO%Yx4EA{1>Zd9?xMTNS-NGEKLfYZF4 zzvI=Hdrni@b!3pvJg%p2j+dYntaxq>w-pq&u`4O}uqGQ!Cvh=dQuAIbb&-C4UxV(C za=9}CQ-=Bmv>cihnUl&Zi_ROaSRHO`h{P1-Tfvpn4kjp;S&W}U*wtao+I83tM(J`j zelCFZydk805DF0_Yuryp%Xn+iquB7f4EEv9W=lqiCVkg(q^=*iy7Cjy-QN+pVH4g6 z<&+cr!i(%ijrvAFnhGwGUIkwF^6?1iqnsxf^y1$w0ipmB+gdO`rgJ~1GE1k#xa5=81(9t z)xWyf{Zx1QflqeWI65~8x;@x07~9(%qU41o9t0MA7rPyd#c|D<0t=`6D_6bq!o~jR zkFwSA7hOpX6=d8xMjG?uft@zP_sDfmjl5^@zh0 z^*)2jE4ve8!v@GJA;snuW$Umft*EM^*TA?n_K?9SIqboa7vjZ;Fxw;5f^sFRLsfSZ zxq_$e^MXrI_x5_?q4y(LG3>9tpGD;4VW%v6{IAj9V^7K&|3+U_Fqirpz5pq2|Y|DM|PF|P>hm3IGPzt^WdTIG?yiVNXY?;!4r1+t_CFlj)K zD@-;v#d~kuWQEbCeI;6_u{nX;r>bC4Q0`LLI>%H;d=1JJCur+ArK;*%v-Kq` z0UiB$6JXgL#JeCzgeuR{PnMxo{Nz7HHwP{8z}>?q!YY%&jGW+s%&M3JjkB?xZp^S6 z)cwdGsqCC)p62MH9=7WLA>bF9Pb*sjCBa{O4jB?HSjc|uI7@Qg`R13|hX|uU=R(P0 zn=NUfvrWFzrV|rG2`d6lTd_?wO+DC9jPFZ--enEWMv@_{S$O73BYnv+Y(X!nZ)vz~ z${p=>R$M#BA74t8RfCgWamr zo~It^xRptULL25+8c2enp~qW3lwEG>`K__^H3ERSq=qC@ibjJ`dG z--ZlrDTtj&FMR4$ha>;OLkBSwhiK8p%9N^*(F5=-!abK#!+@|GefvIHDti?qIbJ#3 zCkVgq)8>(W#D@T~_mpZF_jjA2w@8rKabvn#gmLO z3robCM^1R7r+T^wx{dbU(+u+VM~o4ST-$`z(%9WmwuP-rCahtis}L5rwy(+F?2?ij z2#>3ktfoWsmbx&KNduWl?cl{-HY@(T0wkHH{kC2%>JFv$^KLLX&xKW?5-COJEXgI) zIX%#+Z&_tDg!15=`LIh6KJVV?CXi#PWbWm@ zlTqKok9fB|%L?~zA)g|M?jI2=2bP|2Bh89dGj(5G&%b5{*;5nA*|ti6d_yOicjRwe zSs?v+lp|b4xF-UZe7TW^Dh^jBT)%5RyJ^z6<0D@9#ahO_=-BDHDe0F#Un|^TZ#~OX zcamTm6h~IAo^KxyRkFl^?(t3+Yp9-LXHn^O01dXHu*Re|5Q~cgA!iyi>F0?c4;DbDBRgY+|NR);}utag3Zad52)uartuNG%(=&BZ=w%3ih|6ZhSr*G!u z6Sg6`m}iuI%Q3m_TK#?lP(E)7Hxn7pLuH-3<{t4D_^QEG$SeT6B{A_gSPP&P=xIAMi;X{_P&h*I1rW*%AZno)f{9^h?!O_unEr&08+p zUnBng0mt=I3jg0O-Kz%F zRo5N6%abEGrX78Tdvw{g+EkF|ZQ{TKr>ukWsNuhOL-R+&tsTi*zq5NsZ~Ek|p;St> zIf|WxqV^3M=_5XUysz)MTUgv>givBQYgUU7M|#%2@c>|B<-^*~{ijnAPo+TE)7Tt_ zRT|vHBCti*0#lf}vb{yhlYS{scrtbOSiI;Dcz+tb}o9%Ihfopu|E|5U6cGyaX@=6Nq zofL^B@>ie3QiCVfo-;T1V4T%bl}ON!5VacvdsU}xVO8+>8LDf}Bu1+y|Mfp13L2jV z<|)+9c)4$2dIqbNg>H$^#q47rNlT0n9_$y^K#K@M;P#>#=r~4I#F>XZhrw zc~pA?;tK%16F(sP3!Cu9S#|N^Rp%I%t%vP|an#;X3rrZNLpym;!Z9gg9xfc_@$nul z@aVl3X^k)OVten!jQ8PyDYnC=lPlLRnxm5H7SH%FS`UO0&d02u3pRZ~8RtN@;3pzKie{S);Ef(^YX0Oq2Lo1aEYA zkh*cq!htDjR=eR8>U>v&-FqovKh^dqB5C(8 zrnjTvDcH>f44pqe0kLiUb+%#djSN+$Q&&)~m^Wf0if$v6-IM`lwh!0L9PMBJ=C^zl(t@$cuHO6-j3?*Vj;$nV%KK&e#Hum@ z^s~~(1tG>c2nW5jeJ*uMA-u<$*RVu>XGKSXu($f$lKqBuClJTJuq&sVLuLfbe{`Zc zjz@UvFh{>8aKTHHjMcgu)gH*_%vm0(D3dGCR`e>yXjq^MT!yQ5DAbE7ogj+fydsN! z6}l}q-N1RX=(dyUla-o9ByEs4yViEdltz$rJP#XD)g^p~v0H=tjH2dX{q zTEz40WvYiq{XN_@3+y(3<9@5sKan>sA332FJo!0WS}JKkJ^%aESGHogyyAuUkDdkK$!Yevlsfi{>Zf-dsZpyj$P%eaTGx|rsv8>s>(6yi;*-=qj; zYsIh#BBUM8`I<-l{`6%h|2%YIA^?_|3ZV0dGRNhh^8~O_2~ss-iknD_*nE7J;aWCZ z>@~DI;nOeoi=51P)ibEy;Ywxi?r-&>F@K5eiyBeF;4c}q4$>M&&(XIu*a{Ube!i^% z3ms>f&tEg#Ipx5C9}>a7oa(#Ta5Il&fYYgxRe zG*_PzPJnD~XP1TnYL;PEI%%we4jgQSn4Gg5?hiD1@GU>}HbA_n)uA~*+R{vW>cSM$ z#&X&bu{m6`N6x0~9BrgC(w4t_RSu1B-^5sa%LLVSn%%7EE^n4p8f*uY75*;4>8au- zAyExSq5aOFDX}U2taY%ohgbe4*;nst);gwc!tt@Bwcw2mU35u7R#k3hQRVr8;lgg! zRnl9%HdcNP2y}xo#S{D?SwTpRiseszPNFZLf`*5nq&d zO(RtQ;;PutxfYwVR#4xk|F1H)NJ?@tOx4%1lv~4J}}n++G1(MoXoN zBk!q{OH)^R1Bw)Nm2AyjqV7PfF9xeB5$_PM!ZDdq6j_UT3ZO z_!QxFVcx<+3L{j|wzx9;hy4U#ZIUSJZ9YFe!x4> zyUOiuq^2=%9N)%v((3})Y9>RbwZ#QQZCKMHysC#f6@B6ODv_aE@jk3+WC}jO?X0}For=A~@5SqS^8^cgf$y{@ z^GaHh&)_lfIT0CX0bdGHbRHVJHNdG#qD$P?Ghe#0i8{RK4Wf+qw&xVSour}*ykW7c&M}ZwL;D$v3wR= zZ+P*f39zZQ(f&^0r;e#sny=%eejQ7Jy`-?*z143(;rbj@<<3 zT-Qp7~5BNg>ZlKGKlb^5f zSKh@miT4QWa-u1GtMfQBZKqg)gkca~hQdEMexaDX{yH4pHC3~qq!J(tcK*$kUtwkD z74#to{x-@ahW)2Tz;gQbw&?nYyL(MPgCW}nYYpp-w2@7r;zc`)#z48QH_)b7VNg6d z_Xs6BsR3rN{kV*{-!MV?HC=E}2V}7F=Sd7L#aOgv)s9e-Cm!d&X;Izr8_sG5YR$t| z09$o67-O-F#%Ee$S*%Z^m!*0?76umj$5xTU(tjys7ES&nNnO@)l_01zhgl=a-(j3I>0H4t3inhk{6lg;^+6kw{fl z9&0|V)j|~he!&!L`P%%0@b`3^_JGiQ>x0m4+D=vz`U zEGDFWkiK5JI9oktv~)H9bQoDxurEF-KG%AhGg`c^>riT2mvXFvJ=h!8QGIFr<){kh ziE>VU_Y=f$MxqEw26E0aKG6r6g+Ld0UHNRs`t`VRe+$^BC%>LnZC|t;8kr=k7o#lH zepSrSZXlJfWb{*&gg7SBdoM9F&@O8jeMs_V_*P&9GN^Pls)jnpYbM3L7oTdrPq3E* zyvOXQlM7{R8%f^*3N^c#i8kBld)?1$^=#n#;fqCQA>xz~zOaM&&Jr$VN?Sp7oHn+#J-({HEv&e^Z3r7iUA%x45#wJ0N+=X5=R|GGfc!mYQSS#NyN>XAX@ER=083>I@*Ou8%`oqI)QN+R=kt> zou-xwQ=3emK6#tO+I}RAQ__P4OLeM^TZpXY*o&Cs|OM=X*7{4uHk5LXpmF?@cqol7Y+baBe|@6~VJ zACd-;qr%&d*Y&6~qd#BkS$=kG_++>s2d*OvwqFf4J=}gXWlPPs>u`C^yAECJ&->Cof1GJ~EF7+6$OEJfEP4L)!K{E*RtUOT+e>>MwWIHQKiLHi zcON-^6WBc+A!=UoEf!8w&njzRo$6e4{17O!I?jwOMWw~lkhy7a_2?8!=i3GDYj*IISIIjKqga=dDCWaWkroE&Er zt+5AKBMA1^mYj$^h@HOkP;IdK>AP=Nb=pQ8VMb2Dj?G90WOGv~J%0v1t9{aqkrozp zfU5SHw=yG`y3p;)rsdkK?XEbr`=bb!7${W`+3cx%G{Q?s9VR(T&N6`^seAi5*TN<| z#=rBlIKi@~1II&tSDR^4dwe3Ia^UoIc(EF#LxPG+WB@8=XSrh7NGq&Ut8KtXZs|@SYN3)Becr zH+0FS9!>}Ne9>R&K2o%9Fi#Lt@Y++k>ooqgi~=F<`X3C5s3m$#Bl8DrDCwo6pO%uDBE@e!pe38L>rSAm;W}?*t9x=(W33{tjR9 zfkkFQM5Q*j47Ng~rl^bBAH$z=I>>eYskH+>n9sUKI*JJe-**)ajjdwuYoE7&eloXE z=AT8DeOY?+WL0q$)^U7Wkf&y5x3y;8XFYGzx;NK(l$<|}mG`Jp)6&C@7-J`F@af5@ zk?{tyvRx&=E%Zwg*^!e1;@(sXyMyP3Qv!lcO#>CzB1 z^O^-7bRQ{2X89>j24!xBd@o`;yLK%ZRPeq=CbZ6h!I zjeG?|Np#{sUxv^<&H<``mWb#Go`AEI?QShw&W|ps_(>wK~c=8MjzkjGZY*9YgYe;oSi^nIuaFcwn zn`UCI$Y;xI=|B5YAAt&=+kpQEe(k1^UWfgUeAE2@zU`{P|Jf>Q%y#HIDmb!?`=1^j z)n1qWUz=NBjB$5S{vX`^nqJrF_6VxUz-`g4^E`hKIkFuw6vnd@Uj-{r92zY~rIZ$> zy`E$!1sfaMwtN~L0e+lO3&5!8VC3kenvKz($DNxPj+?>0qNergOJUwn0=0IWq7V~y zqjo1-iW!|@Ry*UEVo0h&zH;0PF zGJ2#TCXh${`o>C12b@;jbJeqOEa+f_0sZroSwt5G`?CM9W-Udboj0uTLqs4XY8$fCL?C5*Z?w9yt9Nsy_F z`Kc3O(%_A{i+$%VIso?7kk@BjH}@szdRFf{Kl+}uF2O(am!&Cxy+f=MeT zoZzaGa#uB>FCDHsK2%7+w;O)c7^p-6lNb+ z4b3BIe%Bl_3cN8>>Ot|lOc76aosuM`P?1-1O5{G0u`KAGRnoF{by z%J`F60ICza(N|0r6~M4W7jdHV+kbSh!=xIY08 zf2#AxXUkUJ8%e8uyGlI1{cXVPi_@SMbMiq-Pv0L?@}HO_*X!Yz*_HRsS}wgYOs)@j zl&IWR)UaEXqQi{7H(5Jmy1mKtrc-PFmV9~J+gIehMH(M9;@1nhKzziyprX9AWCszf ztVHE%y)Tgq``#hsPQ_bf%Gmrp@rJu}s8kYHQUKP@pr76ZzlYR+*y1_WlVmf~5ViW& z#k6!PpxmkM-rQ3z!=8wzIl(Esjc>;W-@T6*^Bb6e5gx;tO;I?{R6tX5;&wZt7D5Ud&l`|WaUD?hL6W)7 znaK4<_v<_t&n(H54(y4oW@i#jMo-$kUAwhb!OphxLX<70Ka~PHp1DFnnU98bH}(cU z&to2C+9lWiHgzxV(t_fC%r3+g1$DRF5`l1`YgW752Gap|Ge~ZALJ9#r%xIg=i{b*0 z3t6f_?<4W*ia83L&QT30$mjgEi%=5#s8{Smmh00J^!(*q9xX> z&PGS;dGG0g(*^lR>(lFbEzb*vOG}-%TA>d$taY>qe>C~lmji$avdUH!u_s3Cew%5x z8fI#{vQ(`%rQbA*<$2|s*hFSU$!CkVyRjqG#cvEX4%w?0S`%XZhrfjUbVwNl`0Kgt z)lw3WB@c_S@7&C)w}1K|y5z<6AguuDHEp#!7}}ZtjCh zchVKYM<5bm@!i!jaY4(Y?YFV~PL|(5N#)Sx3tn|O;iPjY7Z*p!*O%vtvj9Gg6*o*r zKfc;$@0|tN`_7eWX8m9mmN#ll+a^5P*erStq*7bVR^ z^#f47mJwyz=axFp<}J6}Oou_wK)=gavxFdRC?7_3g4&};pGv=2J^6BLC3wY3MPhbA zg4wX-tlW(L_Db%F)7aiEE5x2F=weo8@n;=XGSkI7n-jlAjyK@6yp~XVH|W&cjMJO? z7bLT!`$-eaHDl6`wpTO*oHIL{1PZW<)|E$lv)mMd(<=&fru}i+OB&2zt^B8D6RZ9G zAmJd;GySa^$Gv49Xs}tueqHETCL%Czh9!nPjU_scB|#Jv&|SkXAM;&%aBnvGQmJS0 z_e|fnXD5n%GZZGk(NcyM>@oO5Sm4=@s>~3fqzg<3&*9I{!;MUxu@4XsDv$M;7sAYA z8wDB(5|bSW)SYFN{ALyOL-+$dE3yPknMYHbjT0f&_2ip6OULCAbi7XSJHQiNqqnQI zg`Zk5_HVxA=%q9l@%Zmdwu>)BuSp4we&z+7&FB*4KbP=c!;k*!#)k35Pb(Ug2VP>_ z+Z8$Y&*!GR7Se^!ypv##tPUpVIYL|Bw||LpgZ-qu?@%dURH2_?P2|= z{p`i;*%Y1?v{~Ja-VTdDfvm0g=4UNJ%=sT8x9ZQ=o8)lUO!lT>J``QB-&2**KY`AS zta(>JFe!Or9C)xz_EZk_sz{_3hu$9!WGk)*B_0~CqrFN1wkjm`-U@u6eJw&`z3-~k9>_$H{rd|jpFk!lH-_A&gF_UR1a>N7eCFVhCyo}+eCpg zmDp-DQ_7z?F1~uI9s5Fa!C|md8&|O;YO{TqXS_5|=VHMQV}XyZ#bl{gBqqq1NX{v> zgl4aC*Rb9@FOZn7jquh(L2OuE+#fyD5tRqB@8^Ftkvmh~@Df!H8P~_WDZef=XM+4n zU&3-wV&0?LAiTLaNQ+EgNcPafN#W#=iQW`F+1w2)9wD}~k>6}wG)X2L*0IT8sCNY| z{D`6}=PpI%LzWY9yl$}SFV4ROqxsXh8u41^amrwok==t5SRvIW@gC`zhtjK)3xHR6 zBoi9S?!&_X%f>w*apjB>AWoJ4!<11eeTWL_vMrQqmW?ciWmJT=Cdx|5o&1-k4>|F7 z!$iFij4ylCGEqG4yX8*&apm>KOfP&$$78rA;h)>gnQg0KDC71zJ`1>L%8-rKHu8Q- zI^GvYk{blygoMB%+X+7(8GP{}B{rpJ=O9o^0^SdXPb6B%yXbiZo;Fp z6{sp(phR$l4TI7D~5!nJCAMXk- zBNjwS8J1+(*6W1>h%o&KyAYfmx+yUoC2D*cYgRjP@(^Z$4=VNDOXw1HC40bm!z8`C z+T-(A3`Fc0+?rlIb)dj@-`(9aS_X4FWk6HdCyQ73Yb6oxG>6gngmlyV5Z#$wAEKa*ne!)YT3}nh!guKC6i!e`R68(o1S|6a|*eP-l}ChOMF? zYFW;?zq%h)(SxM$9m}-rCxs__`_l;G&>(v~Ok@wVkVX{Qy5>&J?&0XkG!bbSuSE=j zok*tV09)U7)uWH;f6wA%%>!`7Q`YD4+=phwc2`mGqZvACWeLU8f65d4@r3otK6! z)-}sF*CoB~;}QyH#71cxmvrw9Xye^HiVxhv+$G}$PLbw3CUNvCcYuZ);ipw>>y}j< z9Y9_v>QxlZ#vZN)fn0JypWBGnI%h{wO10zebZz6Xwr)y*B z%W}#nW^xmZzxyS3j-^Wv#R>#C0_bPZZzl8o!wyK?{T~fkHD$k2wZhYvPWk<%_&cow z{PzDflT}Ge_@_hgzp^#CnZMr%%UAWwZ`{&O_>p&Z$vh((}4yLFh|n?xD)L&-_`)Jsu68 z&l#10)`lBbbPQ{9%Tl2mm1PSPCts_md9 zeX`o&ie`RST1LVy3?s;Z_$H>em>w= z6dbe7-y)oqu2r)sS>zE!#Lf7E-m%VnS${)Vk-zs2>Z_b8OA%OJem;O4$g>hRQ~%Yx z8?!6|Q2mV`B5FP5F{@b2mYbvN4iXkUgn9@SZ2D+xEZb*1a) zJ36!V)Kps>bUQ4bNl-c-pZv_J"sv$2*H!<`UwD}f6*zr1SH5VGD;l_=``_zR%0 zR1b159-q?1I>eWG5p9t{h?(Y3%}GE+4IRc48~*G> zj?}!b-1_uPYIvZRo1Q&mhHDTyLIEey^M|m zz)Q{wcG<&D<1X=W9`+OVqb*1JQK508QYq`iKk+<1{p4=yHLT3HyURo3r{ysZ80hmt zy#c>|`T|_3Z+FEOn8R{FI?|q_Bc3`Bt&ztoF~uEG6${Sb`1thLuB+2gQp>u|!?LiV zmz+0xVSpihwcg}FqJI4IA|0C&cl5=(IZ=7$*Hk546!owvx%tX_XfNGlqG46dZ(n{0 zn%>_9S>+5{XNn??_u?_b{L0>PfT8+oycth1TR8e+I6ZCHE{D{+Q&|1kz)nkfGi{eo zw#hrV8Z)tdj2OJ0dihGfWwOVz&f$X4_h^s6=TaLHx~ZxjLn-C< ztuC)N&!`4Eo4g};laxW2c(n($%$A^CDwJ}k65tB2YQk=lklkbk1-xI7uR7=S*%hf*c@IfL@$9@HPn+pOb?e$2KhiY|VmyXL zSv!gM&JQ)@|ElbZ6)!};y_6_|;=mpi+UMrgEJqV8FSq;|CHIQoN!|0pm<|-L^|40z zdCk>rbbvi2KbbW!_}!l$MA<_2^sU#l6^zPy4UJ~cX3JWgr|?^609LxDJx`iaxFoj; zF4ol6q~uNg_ACt9xm>4o30k3f_~x2c}Y0lH(cm)>Ey>F)#D?9p|J)cSF$b6>H9& zQY*Yv86FXJblbG$6)&p!6=497GNs38b;+Y7cVxKyxxei2Vmf4@*=v<#n=D&O{({-4 z-RcUL_Za5OdAp89YX_C8dma$!+urfmM}>!KaI)78Q%l+Nk6oTVMN~uIIfiz6X5+I- ztwOw)lJ<+itOpot_wct08?%+)fQAJQaSJ**94d?7YHztTDVXycf_kYVL?a|A%jxv z#5@QF5Y9+%?0&vGCtb27Tgz$;49Ww&Bk(Qkm@8&46{<=c0*R|8zwfjhL3r1^x+@tTs(?)05g~S zN?sAzjXpJhgiD`>tb1|j2$SRv=JGXIt8vXGGfv?xIj&~2L;^#vCDr+}=yQG{H*ce7 zBN)oy*#t&ayZ{ve(MAG0GvcvIKWF`(&Xh+CBk9=&hjv<43Bv z`mORcQ&ObP79-BE6$B%_ZHz}va00@TL4FGFnbpB>l^?r+d$IAQ$^+H3A_k14wj3+R z_loa11aCz-iIxl=?-_rB_!jX{J!k=qH@hNHvA+RhX6O}v9#L+W#5W5g9~|a(FH*lu z1HTS645kPIA|dojB{_GO3fnBP&?;6}gJ{XCDuN|nuVB8&TJuR7!PP`)09Wu#k)(NKD- zu4?bhK?I~9_8C^v_MCAG^Si7fnR44K!)Pnvgv;&jq|Z1OP1n;{4~$7_y(bj)H#pw} z=>>=PDLqHO1%7g(s%hF0W)1sO{g;NFDPJP4ntDTXIX~3k6schZQew>`e&m#K{z(;+ zc#3$lwMIchZ3O#6mSS;=kzZ(xI&ERvbEHRdl{~t{w_EE6L~)JUI_-FfMvB*t<4mz> z&eVp2PQg{Ns!lS8_o3#3eyK545X}%=@v@p2hS=?>HJ3lLJh<$p)wBu({vAV{F>s-{ zSvUs55#?bf|0?Ivf}tx@PjLv@3kv)~`u$lM=XB-GT?h>JWswO2KP)!w>O$79qb zpJ#I*_FXi5IzF(2u9>}-9xak3jVin1w^w{Ttdae3rV&_jlFr>^u{Uffq`_pC1HAQb zYQEIt=C?YAWzeE!Lp_~lOEyg-*y>YqakL|9K2A^V8hA>_c|mF5gaW6zw2D`7jWeq=Bwjl|(tn7tcY>U%vN6cj^g3wf~;G@dL#OJ28R0YQIzdK$~utOx*js&BbqLAXd69U5wy6 zZhTU;40`Jgo_knWaL0moJlB{Rn=UG8wa|_Uj`ol>+wgp0>YM{LgNK_u$@&65ongH4 z23&D=v0<<+DeO#S62cFM2JiMEBscldYQm4d?yn->Y|kG^xQb_%x!pgPe{MV8kd3~1 z;hjk}*Hf@lf6(TIn}zRslH$bYuJhwL0Zg+E#99y~4SRrm0coRs*yOjz8}Q=lC0~Vw z2P7O-dc17Z(V_%L2V`5)uZSGgJ%97!vX9QJEUNB8V9? z2eIC|lLl*e?sW~u@8~w`ASCXOfZRCjYGxP1bR1{lpfOEy&_J7`QHA9D`L|8bE((SX zO02l}Vmt?$Yx{a@kaWL>C2>ks?0d}?7Sa^& z!AyDftA$q9q4kR!b!zP%5qI~rbw_rACrosSeRNo)q-X}QelkKd*)gYRlf)f!i+-(SnIX=~@`CYXIKbd`siciT+Loh;z~Y-Twc7xqvP5qU4ULt)BDt zXL|_DfAQVh_`mkG4gO9){I5)HJ4u3y@rVj`;l98I6Ms-~;gEttLW%(~5@}L`A1)bO z=SkF}utG-Qx4+`=Nd1S^Ae@tv^SF67=r-lwGKM6)bsPRRYQNItd|Snx!rXaYk7zwr zA;uid)!I`WHF3{}CyxE(j{Nj%jw!WbaebFR*i+=dv}UH)S8jz}$-7w;Kobs%6HHKo zoQ7W+V!d|BN6Mb}6JyF3O>{3TBoG|qcURZE;GIJsrcF}=liP3k89NWx=?MawWjZK; zE_DDMKfbsC736i5(QGfe8F$M0?+nqkwY0)oHI1_R4!io`jYj5ThY)gDQ&T5p2qZR*~bb$he-9k#)pXq{}xYTQ3;FL_@7NQZ1W|3G&&yG*I zJ8j)MT7yie)Iy_^32KL*5nbfLb=8EH#j>YnV)2B3OFXA4%0zHtzTsl3i z`D>s&OTpCvmdQtknf>XRx?FDNig#erG>cI~Yj8tG&ySuEB&aTy2pKF(=FP z%lFm^zJY}^jaMz1=EAkx_4l`B%=@(+-n@vjr>^6@zE;%clPhP&6@~ATD|SAoRUj?? z&Lp(%^}UT=9?iI^U%y&eqzFt(h8!hD^^we;cykB{`|)`FY*-C9x&I{^a?P%4{&t|A zbIn=wXNto2r0cU1s>`Z5%p3uWA<F6zwUcA%+D7qFmlvT2>T5CqL8F1nyMCzF9K3 zLUE!CW!S8mG_J}dh4Nisty$a(>AMX+VtW@^%~4-sWpkU0dIxXCnZeTrm$Z!quX;Q$M>^Wk%@6@WvF^5}!n z?Idoga`#Nz{R9eI>^RHwc_izR?Dr+p9TXk08=w>3vosj_WzK1B(e2cyr8<>fJoh^yJ|D}0TFZ?9dkCQhbfv4v_(95LIk1Nes z*zVO351G8pu)Y(jK8J}ZmYXABb-G*;X6(M(M8kZv4#eBM5v)UrtG8V?*UbBsJ@loZpv zLid$!Oy#!zA<8Z=YFjNV8XdIE5>Ox^ej-H)XMie64XSO{=HpZ$n;DG7_k^i^Ws{ie`Y zRyb#(%8H|L*7&2e7IvFm`_gH4Fb_>ylVna*3@_Wb@Doqzv{Y1gxTitr!%7JW@r;h- zD;KTOdf^p4pP9aI|>jki6n$)(Z zksm$7ykTOJLl#Yx4@5jHtqgpnrd^kBa!PAN1cq$TAZ{#L4?I1iq!ho46JzZ-YY@if zSNo}AinH*1z9uN<+x6^1_|bEbt96rF37%y9Bu2w0%bj@z4X!M}B-dnit(4@+$Eyl= zOK2og8Wkd^r_(@Qyls}xyXZrciGEu!cAcvMG7`8fx1b7EupS-AVb4J*xkkuEYzzs& z)m43=jB#eoraM}|UUS7}b7gw&FESAtV zQbyA>yuO(v=*kdh8P9Te$ccPtaP^{PUfyEKSwc^VE?%PH02VX?+F!iqMhu|#^WrCl z%^2e~CRN>#mo(vXj0ui+M}+sxrbSrM`9E4%*R9QuQ);?tY`V{P-|rPxr@s6Ml+sRI zRpE<~UXzmIf;;om6-=n!jF51nI^3sxAn6aoHM)`0(#v5xqPnXaKg2o#6hMFm7-%Tj zpWeyZXD^NVPUXQ_&6I6uk8d2jpgHfr)fueBDh*82b9?TMqEy^2%PmF%Te$BXg%RYx zk|-?O%ttqmvomPzG_#Xpg`uj*O~6aQ%(Js8_|aQ>@ZV*8wJ^Qy8T*de@k_8u%?zui z**o-16=iAov72y*;+McM`W9)sb3M;OVMj@wQCpylP$d>PWsCUcVhiSD@ zfRsygE_cHe&(s9A#-tQ$z9}RluApZF{#R&bYk{H0U?2BT55vZv*BQzL*h$L>yl7>A zs(;y9HT}|2L$*fh949bdB}50N1%{DMdg7}-n{dem()}O? zi3>1{=-lCj{UL;&h%oUxsw>0|l|z3i{?wu+4n{Efm^lTP!>0r-!eF)WC_;&Mfw-n72!~7Do}$y0%1;`5PnIfW!*N{!>Izifw@}JfU=m z?F?6DNOLJCg5E8wLP!09XLT)iyY#L^uh!~-Wl`W0Z!E;1l3YzS)E!>d2pS>#wj~DX z92PeWZVMm)KACR>tzVXi3k_e@;5V_?!VZJ*n!`#X`LesKg{t#`p=!zxy4U6ka++;V zJLNb^z%L2YIk9=H$zWhK@6I~Mw7U$<+z7&inL9c0`C;BI(fdyU&vTouzUQK@y`$8}3Jl#2wWpcQ4KM zJfgrZiRCpRQIPgYtT+2Nm-4N&7Ppx5J=q5O%+R>|>d3_ff7yKlpWvw~U7|D(a<-er& z`t(F_&CmfGAPhLvqqIbA>35?W)2Zw&?Co8If0{hxEnMu<$en^Az&r%ZZO+7*{s)=2 z2t-Lw9*N$%MO*faM59h}-gDa87um!Wig5^pcPg^Ly}8APrRHy8y7ojtUfO%bR@yL?1Z=ohRi zJ}SxGwhE>p;4VC0{3|lnFeUiWZq7Uf0$dv!HR7BT6r`pP`ZsJZxgfMndtK3@9`?!8_Q)Dde)3{VFv8Plv1KBJMOQ6CeWc1Mqnm+!nx{ z5f=1vhQcs;2gY6|e}RVDv7C8CS}*07OHAb$Lb^5C^_qt~E88ohRe_@)VJQ0J#!x5h z$30!j+r<}+7ZN5x&+|Saw-DtRZeP@H?`GEFDYSRAndAG++p$o!L8+!-@Na^2+)r-fDyGJX&}19Ad7-3cHwfbALKbIKhx}IpNNPec&Ys zx=Wh09lQ@^RH18OC%7^XR?U2i*;s%tVjc*#A`$js83SZ5yEfAPN`Wsq31#oafmVIWc)Z+fY_cTE(T zpSkic6?(Rr^33KlK#NS(-YtG(cc|1^nRaj}7hwdhq4jdXWYa64Wn>fjvRd_tsOl)% zzq#l2No*x2-lAbw1-eP|f?Hf;?l8OG$Q?HU$T|kvQ_?#aM$R^Q`e9U0FLRCNaph&Q zrc0#qiAbL}e+NV{Z`o3jfFR z0!@;^KlA*1x7kQ4eereYT%@mf>ft$B23)v{}#U|nEXHDcc-_z2{{%w+ky_+#FMvH%LOn~62Fe+ z!)S7IrA9)YJm%4L{Hcaa*GIS0@O$=E3OU{)rQ;{FFGR0ZGphZVpE>|XhOhYJeo`oF z6I;B-1I@dt`5W!w^QLzro&JQYV$_9;WB1P_X`#2pHf&xLpyqwt`Nb0*iJjKlg{5WG za5@g4(^L^$Qbq=}*y7emQECG<1v+em&1<00Q^vc?@}K10z@h*JXQo0tE%o~8!9Da+ ztoi1O97PhgS$=jGnu@{AzVP$NVncp@8gw6SKT@q?wD0$!C+!RM;&mhM25;-#Gpw8! zx>q?6dJcde8pd;J0pvxm68paOYvN2D8u^L-p^AZLP6RJo2Y;#J^45Djh%&??b7Qdb zH~R11vc{VJvkE5p_yN4}eXR3C*~pX0_-Hm-baZK5QG{Sv#*F5F2ksI74&1XQ7+iQ& zNB-Mqz4?5yD?&R<=nPz|7yIbcEcKRSHbYKe{lUd%%kPaO3a(ns86%C`Wgl{+} zV7|M>!~5w?E~WCE`=@XnNI_hw6@x6FQ>MTj{yTHO-5b3iI`R<>@znM9Fqcp4@)Y*S z!s6!ZtW1xqJVACrUa02NHCokvWr!E`M=mHGsBI~&{+p|yM@@^OUloU0z62&CnwEn% zN7%}2VFw7b%73u>O?$PEoo#zrUs;k-lJ>S*RKvb(Az%qFDvHew+_fCe%v1yVnVYjg zpK;y*tAW9)%CP+K`FXj?tihR&eEK^P>W^X{c4=eROrxbQ!4is}@A>d= zu!m>eLheGnyAc6g8ze!|vfb8wE}}J*v!`5h6(hluLkvuTd8X}56D`9qI+mtFw#XKr zK{S5dEg4`HSn+^znH-_JkK~nP4^fYG2D^2~T6e23hThsM}^9&!5_ZwxgZ2e`iPv)}fEGqu8kXIDST={!~ zya%3l4?WzvE#8GGMY5n6F;u_yHzD`7Ez;H33kCqf#NfJ$a%0MC7-jpe# zzg&?UG1Ioopj-?Ez*?$fs#&3Tsnz#PB!xkZK8}?#Y(1HwWh22CIrZMLo5EO3a#R@I zpp`z>{(-LD6GDC#152N&Q#yo>3%1~*Z<71&t>w?!F$U3Eh$)HDB@9QkJ!-^>sx1;Se4qA?I%aL(#$ zN>?^~DNh#afV30Whq#>KcNn6}*>LN$XAZ-=Eb(oX*C5#oYxQxUgQOCupUH_;YCc>2 zV8C4ppvnHSG8o7?9%AxW3V*osUn%?)?mtrax+uid5(LlH&^pTB2(+Qz)ul@xLSZyv?>Qc*j0N zC+ZFb{mCYa++XVE-Ku3Rw~RChQGQ{>{|qjDwQZ`Fn)Ms63M#z@y)5YC)_}Q{>*`WG zJM7x8%sRp^#ybmLmDn7o!W#IGU-pLzlDQYtQP3aMo!wa3z`I`F6DSuv)^SfzUfj5N z>oBOy0eKgN&v>{+Q~E|)*SB%izq4NKs&K>z>L{Vo!~YK1SJI+`ZlVBm)Qu&GUuz_` z{&_Yc^PJILx4|waM=^1}kXA*Q}7pele}DeT7UcZA-X+s{0wbzM@pX9Xy3sL2l$b{GV-kzv@oy(YiFgbN9{ z@tE!nkeVB#8|%9#7S4(tDAeHN^>X;nBAyY%77!rsWJ!wU-oZHg4miEW+IE5Hy>Coh zGDv#ENs@-ePBIHMC@cQv_px^}{roEyET{w25uZqii{;1Udj|gl-R}%xM0fu19HXkV zr6gBFxEHNY78v82oM4q#&8>TkI**mo<S<8m1SU9YL8&|f$q35MCK8%?1waA)rs|Qm zmDlz{R(X?YbDEvcDK*St1~Jx;DJ4_NzIAjn0T+sQt?2x6zC%D`6*U}}YI85GjE=E- zojrq^mEMJg3zxQ!S6*;(QJu#a{IFk}P2oym2e7Ja!r<)Nm`gzgf~(DhRU)grN^3jo zgz?TstqBatn;Jg( z(!4~lFT8o}^cvm!OYiLF`fRiQe3Sly)R+p9E!{8sX}>1ir|v z)s;UOGA*Q-k_3=tua5yI+4cmN6|dzDDT zB7Zn9ZRM3~$H0~tv0E`SH-SHGaq&4_1r@- zaDih$J0GR+SLukpH-^YBU?Sxu4(aJ&wh^b>&Th4_8&MqL&zsX^A154NVIwE;N90wmG>HP!3_wtp znX(U1fO=#cdZbV#vj!pLw&!j?)@Yq4?*qCrFhiYzFvyjcmPq#G1)PI-rN2503k;}5`u`1CV7YIAAJ>A-Y`8>TS!zGI`M17AvKVm~vM&8bNsST0) zqIc51g@UeE&8~j`1{rRnu+yVAZ6QfIptz(=NM)D!(T5__XI$dOAA ze`59hCuoWEP|Nk{r|e<7UNg#!-|qgqS_T5x4pGghQ>>g%d#EFgFTM4;IgEp32vs?Z zE9a>rd!r^aHnTK1#!2_b{l)jPWWV$JAV&b#Aal%>8d?DsD+#fXwJNDNXuNtDp_nGP zku?b;p$bx>AdXhK->eWD;Yw4}&O@STdB@@6hLffC3o+uXOUl@qqAa0G6&r43aFexU zSu-Qe+SX~<@JKdwp{<_I-~oMZw63c5d8#wpHs)_oA8~ZMjRLCfR49lqQH1aoRwO-dfr=s&npsfS)pLA^ zRL|D?3+AUOBhP)f`3vR;rv3r*xs5c8V2fH)KL2(ar1_3$oi;XBu%QlrI^4Nj#BeZ$ z;BG3Hz?YJhKEH2j_u(Eg@v0ipgfzkyW0X-Ypl~HGoot%UAo?Ta4`TVG;(xJxXXSY( zv3@*^*=Xj1hf;DH`mlECKpFytre+hXT2M-*RW#R0r9pw<{_;oe!U~P{gR-*9=wu|R zLGuuqd;jX?10Zb&DNN(GO}}eG>h1r-@I)72ph^BpIC-6N+yq5hBaW-w15HhnP7TvSmM#KgI3Powo$cx3yO z9~;A{I#2)xui-d<;`~_v7#I^Ms~++<&&Q4H*XE#$JcI=AJl@d$`u!44o_~dYiQ^^s za8sM$1PZ8KQ08M`@i5KJ_M)ph*Ou6yR9s8-wt5M!FS}v#6Ajkx^gS3@jl_ye9T=m| zy9LXh+KrKv{ z!*O`QI{Ku~niwn>VItGcI!oG@aWl`$|Np1v1{J8e&-!~JplCf29A|YQ50Fku*T%}q z{h8u{QXks+1UK(zJNpa5Zy#p3$hyl%YyCrHR21-g2g$k!#3?(^htOq)SC$@!{prO4 zpz$zR&oXbe)_%s! z(nq%Fvku=8WYhwHA8LA3re*7Q^*y_8@kLoliR4c&gO76@?;l$MT#NtqGUyp0hEm#6 z9&h;nm2q3H4~ew2T18@~Jb(~K1pz^$t(Doa>?ouCDW+js-TaBX0xJo&Nc`mJeONHl zbZfClS4sY6i8pk_cH;KEn- z8ZClq*Q{iJ=8DjnM(Zl z?*|qZ+4KA_!lv@sVIs1Em;-dOOVf!CFT6k7RW+$^t+)#TxW(1jI6Of7r}K*l`a;Vc zY14?t+KAQuj86sj1G!emP0ZFsIl%3w)$2oxML8qv3~Z^@y_vd-6zV9@E`Jv<@r*@s zYHyRnWyKI)6+ZAv&Czm0!Uh>P`2se@Wj{FZD(yMbr;Yh-XkyE8TR^Wm04v8J*6cWT zC**9e)!c`0-_8qNDT@4Pf=SH0Y(j3Oaa1iGS-APufkHGdrBukcpx@p0z1-cFfY_`l z_r!S*#}~RIVzabZF=za_k_m@%7Vu<_&nr8%N;)jIx{XZ8*Q3_Unpm^q_JjK zSV7aAnK>iOT~U-J=!Z}IxG!VdM1iwNz&6w`?Bk^W6=xn}9od26Q_>^3@NZnd-3RfN zvtG50Zs_&fHhwJOe7NVexHD<);|6Gqkf}rD`84l^Rdp_zv%~q6AU7<*m5?Qt)a3>t zDg2!ON6(O2`}S^QG>kfGfuMzlm1%iX2cr}=O8Vf=euvYxDEYsO2s_7FDT@%rlxZnh z4kQYHv=DGeZjt^AwzqKkJt$yLUi9anz${8qVqb1em*heaV5+|G>t)mSBQ}q0Q!7pc zrAyj39@#~~B?A@etM6X2jf%Hw+5ZCfr`ITI%KrrSuH#Pf|xq4ig07eF+&1Lc

0R;WfEhxLq)2i5b`wPj^N3i2VmSN0!GQ}_C2n;4Pe1Pm07TUrbixT}Y zKdRj6<1{(F-Zz z-;CCe<90Ku2nA0a_T%)YgQW#QL@vAjCOmfyPq%UfLNSuvl_^33s+kmaayp|KjdHBX zf1&$?02#!0m5L1>&I3aN)LeQYjvJ#vFfSGHyV=i9+;>{1N;b_Xan?WZa=!@YbJ(9_ z>$hgq+bT(Nf>Bc;{k2|->2ndqqM+!0Ihsk!_O0JOwoyPZpv%AeFut@rv&a#JOT#*B zRE;;b=uJBJzEx#@L)WzWMwlnU1f5yX`&m%;m+ub;#HVxAtDvy3iMyUcJ8feT!pzWl zKg}n+vKqLE1pWDlENUV=uq3zq7#;*~#10&v;-W>tTK>jk5_-D0+!`8Uoj707O8u*0 z=o_`7WpwBC=bQvr#<4G|&dER6HKDmAY1JanHv;VZ$K)o$%626O{II_>nX_t|_kGSq zU>k&%;o}Cf#BUyz>`aqqn?5}9rWhnEpd9j>w1c-&B3y7`$Y2z4K~d@ zr3VhmB6wV7YUD~v%h47`fZbrY-}YXf#AF! z1P72xF8cyrhSRIii{n$gKvvhd87H!t{up*VwPOkfDN5X_QnyQpT7O$w1UK@!KmBLC zrlp*a-N-Nd)a_K6OJZva6vjo9j817CB79%7xr9zG-F>h6sE~Odnw2xOdzT;d66r2ho{9FR6i2$% z6~~zEw}_I=7^>xIr^}A#U}3X?y1pUp45IdZ3v*GI3Gi-2-vYhgsLvX`$v}O3Vauu@ z3svJaYB~G$X{i&15#F62?@2hBk_h|$NY`Tvno4pwbe|($4>rOEG|kpVdOk&QC=ZHPB`6?XtKu{T7zbacqY+<-G?~{(R4e?OK1@=i33+(qhB|LONrn{iBd6v z`;T^03TqP{e6}|eAE!id0CZzM1CMc7r!bV11O$C#qdZE_{v00ta0W zzg$&AiwpMKL%4;n1!1zG4>>=Nv&lPcq(dg9V`|!#KX#2VaX@|adG)#7`L+mfFmLnynIHI%* z3lQsF^kV8cp6XJ^u#Sa|Xn}GR9=(E5uaIJB_h247Enn@rdn?kUzJRh66rYZcNeC`Y zHK9!Jc5enW%;w_)oz9wX{*>1)VQEZTQ#fqIXQw^U)ngwo*}lFA_umcSazMUYO$L2b zG7XUdz3x9TSK$rKj=1ldH4bPFvnybi?faCy+DR2KKw7kr7I! zOBNk&V|)c?s@u;O!*QJm%?yz)kHcXN#l(v;B)j^`qUj73(={V&lyguYhq%+>o_TLQM(%?0Q}dJmRNh{QX|(<4FgQX#o7Sj}X!Yq&5waS5=FcF*N%tubSRG zBg99C9-rqwz1ExaO=TtvayJdDyxDB&w=|ONZ)u17kG4^SI3Wr9smnNr`QA^JVqh-1 z$Zx)chr8kN#+uhYIb!qb{n#i~-hx@Exz*3_kQ+YRY&nKe-MHK_n0E_2cn3E>_i0## ze$)%sy(%`t^yfp^`jOVpWYBdQ()ugnzWxXDW(?;{Dor#}dCzcWGy3qB!a|8rP~bCj z#tO_1_$j%h)GwInxOaFc@7+Y{mr6FKwcDZf=OP}uoNoSs&MkCJn%|HIwM|h@7-W)( z?6+1{hGShr3pNOgL{>Xckp1_A=&Q;vFsHc{Z+daXTajad4v`SFpvU~j!EOJ;c{^=| zH}tjtT+i$5a01nse}Ba|swe*I+kZUf|3_!#b+*olK;%Gdy=8QWS?Gs*6Bq91%v&+) z{Vi}yg+Z!!XRo5kN^=^{RQb2cJxv3RVvDv33C%8N1KxqfBi>EqH?=P^Gmg0sr%Qv( zUz6>kz`&``Fca{2qCVKHwjK8q2m|;GW`rdWz~*_!Z&mP%VTf0Bc38{JQUKY{p&K;-5OenAlE^XX7Q+ViR^`3$jW z=H0uhw6hllK-W{Krx&#k;zODc(081qPr5eYFJ;WkxFL2I3uozymIN=!GNoHrW_kw6 zX6=kh^^cT0j)QFOKNx@Lf3)jgjT`b* z4ZX5ilDiCs%Pl{|TJ~J|5ispH9i)f!!CJ7QoMCC6cQH-T%knvhn__F#dn9vTFsq;qJH?(RmUyJP5Xq;udM)a%-N-+SNBy6^S8 zpPrA(S}xWMga7k9f5-82wL|beelh0nW|(BRSjGHyD_>U2@1#er^R|413Kd7IjAYMw z7+&D=6&n`Q&bWhIN@v%Aj5&`IBrOq>q~c0K{5bk=hyFmgGsvOe5BS%i|F>N4U!eT7 zLSVj0X{8w-i%HDQB zp=CgKxLXgu2k!@U^_3~gOnfy;Ho6k|yn0rwes@$nqaN&;zme^L3F@S!Q_VvjrDxZYbvJbya#H$%?+nWsa) z&-`mdH?Obx5?aJjOIeacz5zxGytKnY_j%D-)XcZ=&YFunMsrNqH!dULM)6^98IQTHc2L<_m^sl-9n-Nq zTQnl{lZ7Pe{sjU1yuZv?EzeRB-G9h918W+ChYj%+z6!7Hv`r2mizVGiNuDNS2t}}wT zyz%nwxR7_#3mow4+8XGxX*FH@mQ<%b@7$b{vE)%VMBl^nx+oN`_39CCRqkn=UEza- zzzqpLnEb;*wOU?VN#^qUY;u9u3qIfn?xCy1wW@iMw#H?F;D&EVl)QNxvz6!j1g#o$N2l^j0C%9#zdx;deju9P6r}{vvh9Pro^STU6v*6T82I z0F`erXTI>^!aDHrPPdSL_(!dZw}cum9-ZpcgiLX_-SXr@^;ZF*GOD# z@*A$miLos3n$3Z2kFO}yZ+;p3UP9RZe=_#{2uqL&{YCauBn*D0i+g>YYihri%^m7l zKVdScqv_9-JuzBS=7(#)6zafbn|tuv*|#tak(sy|K@YUGY*fe6z`aMve)PoOF~y~% z8P_n*{Q11Q2+7hs(kHHQh;$gkSqq_rFkzw|+B_WhRyBum*y&WKVP(uH&sRRKumM#y z!C$4A@^4+A@Oo=yQa6gr=2yHdsc8Y|-4PCIY-V`0v#qbV7EeDF`HFS+#9Js!yCZB2 zRjZyQQ4c|$b;X#gDHR6dPi((;CxdUyEc&CG>oLbboc6=^<&{W|4|R;FCJB$ha6e^$ zP-TJqAqlD!EXbn5DlWCHvsWgWXQymWh0T_z#=HEW7i!+hEoSrZ`*!O7qPe-_nay=Z zVam?ze$DoDp|JRU_@SR#ntKG(#OD^#w4#>Dnf*mGmsGs!nYSaCorigSLac-t zTdl1Oy;z`yt3H6tqgC*3y2#1UYj@E}i8GnDgsgDqQx!K?6JYfxd!R0r zB0;e%{i*$A>r<5>`CIQMZ$`oU@W^Jl1wpgQQ{Cy6G%-Wb8H~exyXT5gA})W4`s_$X zgPEFzU&A;njmt15l61^tC)?ACukbp zbSN)2oK3_$7+b(>FqAx$eMR4G- zex64CtA6)!}Zqr=*XKa*O19$sDE8i{D;oBc%9 z>UqJ;<0M5e8ToR#Y!dyk;Do>;4uyBqPj%o6l5l%0r&TS|>Cl{n;d{ZYW5$JDr{^}_ zi?|Kmy%OA#Os+f{+eboI^U_Dn%J_5Z7Kl^S->(hPZ#59-8 zu_l`gu2_22#VnMVL$xdV5|7G}h7!B+ZxFhCJPD9Pp6`U2#Jyw){N?AHq{RUE1(>Ay}J(^+hb2S%qvT9TYn%^PH(UF-25`VGCfW$@j;Rbw3c*Hoij`;Wc)(?NB>~ zr2+zHa2lZ#?_ZSAOuk~@_l)vOe(8tYw|qitpbKW;N{IOB_8spe!iFX{2F%lpSHK-{ z?W01ey-Y{c*YW_JmC~?Nf z5AGeqNT7OeV#=CKD+iN*V=j!nzh6UPZe#*`7e3`A0^LBJZR7~hlgsB;4&E4*b6a83 zN}j;pG+s?dVqeQZPS0C6<4E@?$nKFk#&~I;!0P#k~-e(NvqTP>+Uzk+9Xl*m6`cAZ%oPVZyA-D5>q({shqfr z%%}Wa!HV+E+VKPs%p0VN#q18Vo5gTJSwARE#}=A=GJrh;JMgR_=-zDNX6)We-TU3F zD!}OL3x)F_?<&_o9qW{^Cp>?{pM;niSt&7fHxBwN=tX;p2Qhs2RQf}Q$6SD@TxxlZ z67T|!KI=*qn5%@x;#he&?k!7Y6Bt=#Z;>Pd!Uj;q^1m_c^VHNWyQ>>gPqSIJ@K+sm z9k9A#uHSL=P5drt6ULv>yX`^R2_g6C|B(AO;>|mLD8fUH0X0<79CABBx{wy9Pj?6G zvqh!{ee_k~yaTa79liQZ4rtlq)z575g8`sXzh zs;L{EYv)zbZFeZ~t1Pqq(7y2@2?}jYdq^%Yvxk-w$jCKcW6NEGjUv{i)%3}GTzo6a=Rj_O7Tas{8>A4 z+DQg%h9O}(T$cSh{<9N0N%u{L&3KsArG1j!k-&L3n@f2lRpUh{o3fpyUW9ykdkc7U zarBHQH<+j7dhzLEWbN{*?pudF(F~CG%?ys~{wv+&wpPpG?qak^nv#oU1)o|iS>IFB zBDHbVyc6M^G4B;arhP@P{ABQ4Op}jSRP(cM0{mOrpNjdG?Lg8F?(*=4)OkHbvQ37dqPTBOm@Og`g-PEMfX$U#fz zU(P?A$A5AD4O(kU_P5|F>oTKPQdg!hLRJYU*WC&p1mw#1244VEw?)~G+33Ce! z$gdL-xBxK=X5BTO$HZhqWQwBjJ7h$#gP;Fu0(eps3UbBK)!XdjWsZ%>gMT`2G<|Ac zG=YEn8#_4C;=WT$mBP_;0m0So%#bGb;4kSb_n6)jqGX49HV1kh>|ul30{vKR(sxko z$E#mQeA7885XwpWA9DEr^jqW(a( zVg%#hY#waI68~~P1Z#eoM1W#V%?}jaO)}_Z^AnuXO475DyEu89r7-U1QTqbFOu!Q% zTV1M^=8xLHAU9W(zcE5duF4%MsOkhOSKQ{Qdbmc1N(88G?riHbw-2GNl$5)>5+|RNm|AX^yvJZ3-Trz;HpmVfhwr`Oa zkm7o9NCL}7PltKT(`9HzbFnkSXSb_yeTMn>V&dNp_nlsyS`_^vV3@FA2Srs|H1jP- zLV~QpHRD??w_nONpBtAnD824Jz~raAjjUw20);8*=EYB@*JJ4uAZ+-R*2Bu7A(dSY zm&R!}Inl>Mtl946rd(gRq02*~vZUvqiMd{E7k#MR${$8XI)m&#CJ8YqFMsy{ym=)> z(IMp2vxdG0*e5zc10NpvF98_hR}Jw<#zAV|z}lHI=13|Q61}yho&+z~(7KuAo^bm$ zWO?|AC)_^g(-UqVp()JAPxFPKjI*o;FGh;pg6XDIs>73ltt5K2X!3VyKp&a4Iys7Q z)GHg!v3qlFq5<3d*T5yIF)7Xl&X}Zk31DWiUq>?CvU{HR>4q~;0 z-z0IGk z>BsZ`LN9Q4LgtS=3tbk-BcpzbpQ~{01S4Cp!}^A943`1V@pDpQRZ{`%ja^0O6wpYrufM#S|wwvWn>!d zVutpjh7O=B{K~aiy*kkEA_W zoSV7{4!CX1+~4Jr&aNW-QniQns~X^TgcP*yt0}+y%PiOhw03?qE^t#@(8o>4K#2CE zqGr!Z{0g}3(UMOS@kNA3AJmvHbG~`I=oV>6nK_SXax5ngKC?!LP81^^H!^F>KZ8K{ zIe#F0ZwQ1>n7+!4vE*&f={oG(jE`|@!EkVMZ}f998rb<3jN#R`=$q+o2TZCnGiDnh|?GX<}2F`5*=}^>douQf30Q`vxGQ$ z*y<<5v~Uu$#yXYiay4v1&|b_c!;V0}{CC{Npqna}i(p(wW*YaS(L!dB=s@L?-8*$N zjBcy?jqUs>J&J^C(LykR-HWJi0SDz03=JCMlZcXo+d2g3iAM^jBl-~OV5+H0Q;WiY zR)b;{@So266tIHpwIHl|_};lNxV;wz-p#j#Xh)&J!|RaCeglRZ~ z9Aq^UQ91kuOjak2G?{nu^hVN)6TA%;jG8d^6i(`YP`CX#j6&EFXfEseYCNSEu_wlQ z%HlhmR`lVB3!Cj>1;OO4uU7|J-OvvvC2~fL(zTeME|jxkzfb)EYu6Yv>nw^U2M-vs z_fMz(5r65VuHathP1K{!APIjSzu{-8MDUf*TES$54U-f#NBMKB7-2<^U;cmsI0MUJ zp7n<2Fz_m(2)k(cIn+Pg=3obsN5Dgj=Y%hu$(A7;)DRB<)1{YfQl5&Fnyeqa0N2wK`eeGbp*vW6T*Y+?vjZ)r0W#hTsVAF~9v9Jv zD}`TS?)Lj4M_*Rrb)xYhvOFvh9L17Zy#t@$W2Is)dMkp61)-K6s~KYySqdw!e5V(t&8 z!Y%m6plkxEsz^+N-0ZM;q3~A&%A{I}cW|@!=f$%crE2#;J8VDEEPoXw;eI(k%hAcK zEdDIf@XgbA|L5bs{68Q6QPTf9{vY#mnyVCn_C9j2)!H>t!%wB&w~(3Af#8FbpAOdL z^`*$_FB3n`3J>6`P@=IomVVVq)19xhzr*LcO5WpNE23R!?DN(Jd;_nO_pa3z7+-jJ zGfnZ=VGx8QWd~c=ahbem;pKd;+sdks@|9dEpAc0w7t%HKSfR1E;#dWTg%ssVU%%HJ zS?-})yOIX&h?5dvjJq!e(eH8HRNUdzf1a!2)jvR@FwN|wma=<$J2clXhd($H`r`1eK)nh_g zK|-aX@DtGj%eTW-WzSz~hM~8!$6Cy>9gT4J%zrCuZ)W z>4q!sbS8eLYHrgap?KIvVLlZO+4%qnMH!tjtSyjbrH}!R zyRaYF@6_j9ZN2M42QI?VKOzqcV`;?e))Pi3v@)-wRN6)!>pmj{Zf`_`Q$EtgLxLrz z+OEEL@jB)a8qePX`LH{J8}2E8S@${Tm^&L^qKPivcQlQC{*w*(@g{u{8z9}}V}s3P z$kOYP=^>eU-Dm-s=1ne)bHgPiPu$@{k#fc*ooP3sF|}RR$7|Xf?D;<|Qua2zS&4(nFikVb~u3Rb|{axn+Y3kdvq`|OlG~gq0BN9 zwaXImyjg^=eo^4W-!n)2yDH4nG9XLgtUe`Ct9sI&D z7SZd#OVtg`Y62pVNmuE$(#YD5WFgp}Q&`641ZvcwD)>8OaX5&7T=07Pt!kKmjl?Eb zSr4E~FEYYim4=_C?+f;<3sJ`{;~X~gkm0peJsCEx%Acs10K{xM}xJk z0aJLyCzRqqeA{WBsd(NQVNz1x8xD_fsLOqJ>&YWEf)HrpC;{`brPoT|SR0fW0W zBs4(vS7@Li_m5E@{&Roga^8m%zvN4XZJWn$T~Ra{Cl>BO2E91MtPX|!0W*fX#WfT&)}?T8T^0LeRrmUg&c|! z^yvIRnBzlt8k~_9p;6Z1F;-&}8*n>+UiGTxd^|F_ZL8EwoaS?-dDhamC%Rwu8PvGZ z02Cxau-_8At600zT4M7N4sLJtc*WJHb0>ds<;Nk`W8!N4`sRV5Q@c^m1W1MRGZRFI z$CCG?!%M*l`^ONDX9yX>hYf`_L_M6(?Rbt~imUEdy&YeakX?3{m^C4aIlYtM{HGB?jRi*cKtp7}V{b63#qf;?{J1@mppIAA}v;qh)8uPN1$&^>ry;d_dT|OtUmP}LRtRD3)GpX-kpf>8+F#^tOCvVjs$1?A` z`AP0%CWu87eedWsk{21Ep}ic53NlQtU>pqCF%FeM=9e;Zoub?D-N$vI%~s%^qJjp& z=e8XdOEOVA0}22Y^`Uop3{-;Vz-*87|D*U)&glSPqDp^zeW1$mx$fk>^7Yqu~h zRMV4EA4;^yT3MeJRGSqOAVRCbfe5cR@Or^nVS<_g=75Xy{f$(7;kEbxvpfu(Sp*AS zy%{R;2>ws>tsdH+3mtz` z{+cvK2Dq$$dHD^`d9ptk3`iLfHDhfqi2{|KN&5Gt_85nLxnjF%a zuVD7M%SvN6#Wu_sh$wika?1G!?xg`dvWeJtAEIuPXsk+4;_?mgb zE#ZyiDIfRQFzr8&YUEHt^6%Y7Y97gN*J7Sbb=DH^7P?|I7sWn$r>ToEDf1tmmJQcT zr8RBqPPtBV&D;o0Y84*M8f+vdu+NuLe8uwexV`XfX+(C?QEi)e)KOK^!74ru-kHfy z$khB{W#ULWysl7o_%YMrideb0`mSe!iW=OhJF~4=4f}V!o{G=Ar-|9Oix77t(WkOw zVFbc<)S%x76l7YO_;!csmH(;NBm2+wdM}Iqq~W7j=|o6A4dVJi*$uJ+{ouI@Y31rc zZ9;xK+SgL}D|#aE9D(Ganqn-x=koI^xXc6y3;oUYzH$Ya_nWL9XN+n8l8Fh}BiruEH1 zH|41Zuj<})bfB!VYL5oQlOKi4d|UF~F;NCmkGgTXN%P0Z?>fBCO|0_gfbUaj0H?pz ziBS8YH<(b!mUQ=|u9WCg8B4sWI`2WBp~RqPSwn`_)DA%NMR-6*Lz2k!sUU@uJR#)xD>H0DxToLd2{(-18big8{Kaq~O99(?wrxgnFh-0f57ZE9m2 zo{;lT8ShfpMC4-&wrF&S(nAt?>+8FQ5?^Z1i&wfylj$^0u3k%bL-xkN#|E(HlioUe zOr_U{+0^)TC$V}%y%kB_olKtQq&8-c=%??l^z)o`R=9JzMa5Wgm(TnwI$nWfRrC)!@x3WkqsmdSDu)~s1vPf=P(520jUbf}+^nf3Lg7(Jor zXMksjcw-1}VE(@GFZm-053-y_!`AsxQ?~|nt+t1n%?~qm>e;MlF9YG9jkh z2(6w#JL`3s?I$OExwO+Ft5b&+*}$@J&GgT@X(Y5 z$$^(Elhq^k#oZo*QyIgD$rFDn)|FQ=GcgwynF9eJ0ND@lS@3O5p*Mf3@LI7cO%TNEL)85#iAY_@7LXhOlICEqqmktqq|6!xpecyPI`x^Te7J+w<4>qcuOpZ}e9mN!Hg=OnWh5pNiml1Pwu)#D6(%e1 zXB9nI-?1X^RH?}K+=l?eO*WcAO+`s*`Px#2$K--Bkh0xUz*$_LY)lZCTk51NLBu3n- z*vFxp0Lcb$O{@%1N)}$Ue@W7g#37@ns~J^SIdNaa+k5ko~5=UHvqj?_-nOSVEzlQ~Sr;4#25v$5AwsIHR zmQDGdD?F2Z^7v5f#s1=N);E5 z$)3bff+5Vu{73B11s%NPl|wtS)jsN-PL(EKrZ)Exll$lTRP1R3$|N`j$ZWzGT*+7A zLRX^A8};)v^t+We69QqnI7)rOqr~eT8yyYEJDCl}J=q7Gc`9>z&}6!zO*OkZm(#}` zt7C)~4NjF5|8zyY>{DJa)L~vdiQl2%d3rCO@&V)Y4nHz~FCVHbzc;6GTMLZg4B$%A zZ6ISH3?2>a4^|G3BclwbMx_$sIzQF^83sUV|JX>a=`L1!UR#G_jOYNmP+iZy2xj2L z#7A>I$NVe13~_FB+R`y#}Y$m*A0dDL+L7&W>TJ@F3lmc!~`BX1zmN|KUffTo@6W*o|1B1BRP|J5ra}i7ii!d4|Moq4;LIsn;+oeWBA^AEec^IjT{3{{Yh18y4VHAA9|9Vkb)QAgh3SkU*d@B zV^oEv=E$H`=N;4BPtxDa; zc|U*^b(qVZ6#pp%7kR(z07AA9!@q<^rWG9%QBJp(vtF$_TyfZcG z_|7tHxD1ScgLxqUo)wX1@)9fS=SkxIg&YBLG7A{;fYPYjiILTPa%S3l7nFF#Ezfbn za-2bQ&+7yPx37e1Et)T1H%1EH_6wOYbVmavc|f7p^nI>ezbXN9AK{>ax>*c7bOXM0 z;0=26cD56s-=)VqOK?van2DTuMvPJyaw*+r8aU^s#gg?`H(*&+K^Wy<dp#dhLUJgHETnGt`+CEoV;Mh*0Apz^t=2w+@b^kfwX=tyeJrzqtoX^Su#{eGx6r zb$?M1P*9ATE6cyy3L$^~zwZtBUx5^QGG>1*EWnTm#!f3ec!SJrH|N{fGwwdIXDk^O z%aq6$HM^!y->RGpgm{1$4L>Z+|c9N*3J1qHiEwz1c8tSK?+4U?4?>Cy4#D7 zTTFq@YEvgTZGq5KhD68uL`~eHkH@RTLm-M)zv2iwv}%#Os)GL||6dyj5&Ms-+}4GN zWmr!f2fJw>VkxA@HxfY&5_=P@#fmRtq3%xDwn@cX&<`jcoWa~R1H3_@#@}z({4Y&c zD+0iC`ksvnS7);)Qjj>oCCQ0@a;f5ek%WpT9ssFoXmY$5a=^wa89K^KO2WPQ-5=P! z4Q)+6UsOAFkeU$?HY^^pY=h$px{Xj(bnwCXID9ZPS$4IX7krDt5oDt&RITf+GPJ~0 zsDqJiH-EcFS*P5#e5FnuC06hs2#5Tby8S_w-|c}D(=#&2TxYW&KMHv{SPgtoR6E6w z>?$gH2$vaf4Tcns3Fk$4F8u}^JoE1U8E}vlZpcs1V6wB`LqK^ylro%U7^~hal`i>I z!j8+sNHl^0HOTo}k9@g2hx-!7wuSI{` z5{5Z1z&{-n9wV_d@^-Ir45g57>xaPoPHt2efk^S&!|c_9b8n2vld6HqiKmzRUo!(n zmg?kR+lde7$T)(bT%I-}F>fH{gqTm|g!pPdFogF1Dkl_!X@_J6zMofD7eXcfi>?3O z`*2Y=NNdh>TAFt%wQtI7|_N@YO)LzM!K@%WUyv2G())Xs55Q z<+L6y*#^ax1o3kpm+~dti%6ip=5xGk5u`x_z8bW8$@kXX2 z$0-iSeA^FYd!;JC+dG{8(n8I;+v$d@GzYKk`=dC%QDJhFcNC3t){55@Z_;mO=t|OJ zFicu*BJTIwjp|4>BPy+yUFJ_H3h{=-W!_@Jj0|{QF)OMLUw)DHJx{VPSyc5Yny}y4 zZK?K9d2`&S(xd9wNk5?8+C+?jY7KL@0#&hDO>$-X{R4B)^uk8GWr893LTP_nNsqz#)%kTPVFij9eb%wf z;zxWXH~a*9?J1d18WzpKSsCe{+;Tcce%=uUL-$Ns5epxyj(O{iJDAq?^OL=Zu-Y)> zwp`9rYj3hsE2WwM)Yy6l0`Yf3AiJ*WM?fN>X`aY*uFS@Kd_9BxX6&w3Dkp{io7Qj0 zcmTfksT!fhd?(BCVdcpP{Z#FIS&Mmf?c>!wdnZ2ddzMWPxA)U$PC>irBMc^ruOpU= z(u}Guh5|v%?tq_OA92Z&-QFglHSiKy$-Y6wHUSOa7?(_!g+i+1v%k$C*0{} z-B4#hiiKWv;{pH}d1n#Hb3k+PrX9mtH;$Uwc%ict9zT_?tSZjz>p{RCB9XlDQnz_T z*;wPmv;)aw!^g@np?)s3IE#T}PVZ0eZ(D55*9y*Wtr-nwjnOCa=^SS^MIAGU@OSyg z^tinZk}F?|L1598LBKt;=IWQMF+66^+aO()Z)oNF72Cc}7N-fl?zh@Wo@;Qa;Vm%) zsN2h2TO;ad~@M&cyC>0-u(9 zp^!ail&TEHVt5KYo~>D(SIx7v?2n)etpf!@8qB+h8tO{Yy@8onxqWUgo8i2Ao1B>M zHBEF;Oa(>@+-doeBy3dJl7cv(w4+lv3 ztq^moNpQmqI0KDpfnkjizQet`$3r)V2{B7GMw8-VHc329HJg@V>-Ra&3Ny7pM>Ips zK@CDsYzLL0;e}s|H^tteA~+C|v8;AsfE=M@Al>yeAsj}0b0VrE3G`NxuKLsI9384H zjFLZkQ9WR*q$R`@-$@Ul;w8Ck6?0AGhU$c)g`<@9f+;*X>a(})lcxLtx9aNimO1zP zFS#u7hLh~;=Di{&ywQvnVCDq2Rkt(eB%7?OW$QMUo)L_8LS;VNDQAd;p(q{FV$m+F zWamSuJVXlDZ4(hI)y7j{J#gbB)~H$32k-13{Hzoyv5@rrMy-5t?t?Z(!bU$bpixH6 zr+X*U#auPVBmNniw-N$$+2wWUjuXk6I$gY4wji%=$v)opyMME6lK5Q6-V6ctm zrYK@=&R_C;g-pc10BcBY=OsmrIxh&QLHRx{24WYc+D|UBu)UIviuQGJfZ=)XS*>G zqCFX8XTbWETSC04^y*XayTeB0Q$HDPN3A>7$pVWm3#kFtI{nQ6ZB+Q)b}MIo;?YLH ztYsuL`|KpPrEzIWq09&oy%X<}SRXjIbo)3fZd#hY7nNmKqeM5CNv4o-)NRVDu^R)F zUMtXlahh|O$O3(J6;QM;=E$GuvVR+6Sefma*8glH6*$-H>yA8XWvjuyj+^?iR9=$3 z7SQrJP49$OHnINmfs~`Ve?gYrs--a%@8krY>pH#t7wKAp&M*1^G+`RJMro@g=V@^~Z(-6L%y)$!(mXTNPhjcuSeAIQ1d%-h4TCXK5g`!AdO;5!w%@ zLp?y{Q36gq$`~yIFpVg!Lq&Yg#dF?e+S`0c#*z$!@k6ohD6pz`?t-`xRpf)4!7_YXVS&Cr^!t z9#XT$I=FpkX|%VxA-FUV?5J7MZ#*m?IKN{Uv>cfK$U=6>rMqPI`GAP~EuQj0$Hxk~ z5049M8moez)1bo)D+9^|M*vlNEdfQm+k*`>yH4+KzAh2A89Tyoeo{O9EYlcl&4XJu zMIqu1tf9S%=kEB}wAkj={xJftpjilgG{9z?Ax=ADPrC)94hZF!pHng~_| z1x#TB`0&x7>lW#WgG%A+!0-Z`x}afh$Y(jEEE9#vbCgGUu9BN%HaX7!J3m!!I7d!c zQ={Iut=#t95pRyP<`;L0L;EuYAu)T^x+5mZ!?c^s5l)q?&EkLx1`7d)Mi-kJ+Nw!2 zsR5$G@a5#Q0%{R&j($tlj+Suzgs*+M1g}LER5lje_nE(O=#O7@?icJ&v-rQqnA?YwJvT0U(>mJDETJSm%^roXgzANkf2<+gQE7V)xnPQ_b^ZAk2(7V+nFp zIFvbQObQFuh7Mq;CH}ZZ@6l{aTpx~4wY$~B3YME|>?k)1z*uN_sjA}IwY`)pg%xdt zA>O&ik7d)QURY(h+K{BhkCA&1I=foYX=Fl(+vNZ9;Fl(KcdS1CtSK9%f(32v#)hbg zHRH2i=df?~Ocr^B9^=C)-EJyU{N}tnh)as$X;XzBf#qVSkK<+41CNFncz+>R!1Y6cKL*u#UR!9!O?Aj>(F!RTl&+mHhf z+sZJ3+e>L%(M9$PZSFjn*?o5usB^dAjRKjf+WDikDm9v$E{Dy`&$JjGWo`7;G}2C_ z+fbv88_s@~FW|1Oj8cyHFEU==RNoo1-!}cKvByqnkz#5(K)%!Dce)pB;HJZ%qu*Y5 z=`OyUaYYOo5tTC;TzF~%xbtmlWrukBrw_-5U|1Yb57NN4{OG^F1jV@Z@pnm`-r(PV z^Jjd-cK9>!hI0A3KMj9S-S~gFd_(ID$N(G0k$2DX>kH+&Kac;f{=M+uV!h8yVz$3@ z0PP8+ziagV<=gUswopH^Tw;1m=3S2EQ9VTLY*`9j>J+N*a8@KNO}i=!sCH2#%2+QHRy*h=@Od+Cz60Fl6&l`|;ek#Bo*tJ5;|b~tOf zR?9To%9YKF{+0l986(d0h~)!qNF9|6Z?l=iR>sdB!A%>$ou~8j5E^Cyws&X1#iFw! z2grkbk`(N*eltNRarJG=824t^BN$$Cj>!rXe*ZATZb?*20ML|#LqB(B%11cJsgFp% z5Yw!tnvWpJ^{N0bd!)}>iFrIUS+VW5{(7K?OJa6mPMOw8zo{kf!~HBN&CZjhn8;;^C~}SVE>7@l>t$o@aW~ z_0e@vC+fj(|KXzfWe!r)8HaIW9ldAM`>p#u*u+DBkk>cI*TVo5_Muw7Uhfau>H)a? zdGKp}XkSBI%L22Ii@sjajk-}(e^GxrX1MFzxb>6u%`$sld*gxx z%J@JXB>q!xG0ie`+R$a0$i8%(wYBDEvXt(@7(ow*?qK(!a(xC&8`yFO%Vl%e@he>R6F67fTi0 z{*4fUfSwY+M8ReP9c2Gl^VX3x;WjZRG2GEa>Ro=1cwg~MM*^&u-KW$FJ()en^xLb& zl?(xLbKK^i^)IiQcu?Z~#!jN;Z9#UY0}kG#_e+#T6a`tnP9da6eQsTCH`gtD&*UZB z1h{i+bfjB*(h-a1mTR{q%IQuTvdD`Dh`A|3+D>wp;k%B7Nv)bDE+yy&&LLxH&SB1Y ztDsn|fK!Q@XbC`$utspm&2ex5G?Pd79(Lgu}z)hcs9226>v9o(uN6)1??QHeo%p?H=xKY}c(? z0>s5xTHbGq*S{YkF4=JAY7g2j{xH@*H@KV#W}8b&DVmKCQRPZ~ie^4)jF8blBh!?9RuV3NhB7?$&;E`A%jT zss7;Hp9<_;Y~_8(XWv+i%4@MCe($_=Zlvo*bO-FrryBTp&BcQ@5z~nYuls%Yt8i7b zY|e~xYLPxrL@LkiTN6D;X3RO%%}#u=^Ll@8&XCOpoYSDVmzhfK#F#0EM52>*0?!na&EmwY ztn>Tu@Z{?Rh15i@sH=M>EMtQL(n?#8PP(RAdT@q(&9cStJ}b>m?M7wDn$x>Owav=5 zQoeY@v1KJyBb~aG4{L( z3=2&wUAp&cq#$#i_+huiMjFoe8IX}n!tr2u%}-9p9$QBgzP_b09#c5>2I7f`h2{DO zLEm+5XO9*NW{!yp$>IQqW|oOKWbJ9z&k>$vbt4m&5_?JCX4`Kn7Hm>D%|9ttr?YZd zUB0J98vib)K=er~+L)+8ysw97;Vbhq)+KS~h~c&g54*~9()%4Zr_4sDbB5> zGQM~?ZAMOoI6={;9jO;JggK_HsdfBX4`Ikm$naFkFCo_d(tST_wEEC+Z{|^Pt%J|6=c338^@cXL(;M`85JgG*-(G&|g8DeGILFG%Xlp^4HWq!?4`R)z) zfCDsGdcS{ttQ_aVL*ZAO$v81cJU3jw&h&C)Lde@{KPDW&T25e6*x-bhxK3H3cv!KO zPH|yti=?YQxjnQ!*zW7bH&{x8ubXSt7G>hVmc9;#ugmZ0k+~sz;RI=y#Rz9J2gRPg zwoawB18-kPO;Z5`ZU7@P`MZLCm;NzOtZ7oAl|fdTlg0J~ARyvxXzl~2X&MKSq#pu9 z0WwQ^h|^^M8uEnKEmoM7=OPn<>`{P(;jl#MV=58Sr-d@QSXoYv8X_UxAGAeD_(W#5 zWm%}nSWeaCc+%wpBm1DrC zJXoQ&H;pJSX3@`gz>B$A%5KPQcu`47jU@IJ9@EX@#_C&2UZq4SYM0rx;Vzi6uS-G~ zs`PrxRC7l|?-CDV%krSrYIbi(qd?Pr z{?!NPjl-l3KFM2mJNUoHrrMWn)q#PD8eEoD_TWv8xL8etj5W^7n!txY0~mBEGwkrwr1L zw9-=R<|XjqVXs!az5?S_Mr+nyh)jWsm`v>xRq*B?m(sY_Z;)vthi)P1`FP{a?M$gaw-cYd)U<;y1ORn=#f~W8mD;Gg zs8nx?PJ|;faO@SO5|ogkeEvayrDoxdrI9K;mX-uR2f!8m{Lm?2S1^}fV*e|hI-)>U zM1RK+al3h}jR(Bi%%ddAYF2YvuL9LR=8K^+$UQt~RDTN7qb zrR9|f^L~!iqJkszT<#kg=(~5jUI_wK(o*s>NF*s-HaWS{;(M7ZP4n3{6fqQIKZ31+GCRVFVz_~y$ZaaUK}NdMWr{m2 zZinGHUnR}5yi8;6Z*k$T^9r3biKx?q9KR2wfULclXtM0u=7nYr?jnig#H|Uf{q9*6 zJtFym16#v+#}VZ9y3JHr;r#S%qVu^raL$h?6ZCu2ECbeXuoe@d(Rfm^<9d`*#wdye zQhrvx*|C2n^erUFgl=g{U=JV7wY%8B@cPP1bJRc^wEHsR430m} zo+Kq_Du82WbnejFoB6d8L&2Hn(GN?l_`#K!@tgl&Y2O{!)V6Mm;szA~-H2>O1p7t>6p$zoA~sZ-h)5?W zO{9bpKw3gkaf1Sa5CJKQqI5_g)FdEVk=}$5QYaEyfIxtR^c(c-bI&`!bIyJDz4ceJ zvgVp|X0Gy$F}`9}+f^M;Bc5vlDc6?D-rw`MQ-u0+g7OYGo)6(J$fB&RR$yxjmma2G zQN&-H#fTxJDVs);o_73Za%sUi>hpx*@m47I+?}2`)Hw??b zY`WC4wF(oQpY<;NzF*EW{fvv(Mgg+n-=Eg+GDA4-d|xx`Vgz{gQSO7|YzxKVZt{hi zVC5~D%rt@w-$OXhO`}d4X-4k*gAABO%b+^9yjM88q%B!1ATOOkYATBtPfzB|BA(!n zUs-k9j*kiS8t6KAH0^l--E}(F$*G^28E$lvC(17wpY_riXS}arvb#q2UWwAnC6b2M z<&{=bfiIaa3Cv)2q(d*1Q9JW=68lE+@Bq|ceF5cZV&KaCj|%ZD#5G;0FJCG^18`XH zRl8y5Rf?nVz{T>rXHTi}E+!K!V7iH8uwD~SX=u+^lw5vCg_-(Y3X7jz9KswE zmHTtrn)wCin08i7>><{hqr}YIQxwY}{6Kn= zxhUK|FIph?G7RB{soci8a6yzWf9!m}caiZp#&T66EC})2<|e^iNWeZyLmrO8VCa84 z_!p9Y@iW!mzsB|((duIVf^r~T5Ty@PgqX2^=+9!#xW9yQ=g$A9^ZlK|_|KGs#>h}{mI`j`vv`6i<=dtmZsTthFgX!{UVCZe$6NT)PNjxk;m0Z&T_i!64 zXytDrn~UYd)kdO|DuA8UtjC+Wc>ycGfAbM&u~{t!Pa+?UDy?mrs7D6_#lla4gFXns}*V@bI)MGxWP4*a5toJ7G#I?zhRm$$Cs1{PSQnjrw`ia$Vh?d6f2n zT93jOSq)R-1vG3WN>kCo4|mF=p5^-BLAya2=vDIL)h4{O)6TkubW<`VonYK%Rt%>5 zw568r{Cmtf0(+#6Ydp>O zn;!bs`2;qk3d9S{2F#YPyl5>@(m=@z7A(<0026MoNU&^Ss^L9U!Lm&`$XLHR-AOz1 zf&u3uh#)IX%Bp#6E^>eiItHNGp z4CvU>WR%ztV{5BFz1ce`^sr33amlG}Ny)MU_kR);-ZiQ`xr81bE&WbU+cp%1XCw%6 zMiO6?8WGSC{e^Y8!RJ#)#HG}?<{-F>ZkKT`+<}yx9XT`ClbtNfs<|ip{*k1ZTaWi0 zc01n@qTo8w{M=c2zY6-bjw@w8YjR!s@nN*A^-5aWonPC&f)if!{15W=f$L@K#IRFW z;pR#7huZzYC4APS!-zgsjqeee6F?c0x-xgIKhQGU-1ms`zkg^XNeT~G%CTLpD%ZVm zAD#8FZ&i^NU^}b-?FEmA~}* zSm7e^UfEq3&tl*%uyKQU_{6iz$k|_Z*l!XVu+wUb^?8drG|75e*7O=q!OT-X&1uwX zbBlVytE)agcn5L**frK45(8{G;!D$W_rfntxuU-#2-}bEe@;oB9Wde{w?B?@OadyD z*r&E$rVP;g=jE&k%A(?+6BLoAO;}+B1Bhih89HwLPdZ>pighM2ZTH`0+LrIp)g+Sr zsBWk<6O5mJME2mWG^%g4@W5b3#!Blm^(3w8Po3F?#9v+4J{}I}+}~G!N`@q6PF!>t zb8_|=bayL!Cuo~1&OSZea&)x&Nh^I$iy$+1i(B)SS#=MXXGK)PC!xD_`0uJrPksBa zRz#asaLCgAQ?ofQz2kGdW;Gu*doknlrh81kg+jB7Pc}i%XG8S@>b;xZlR3|iDFhIy z+FuUJ)7(h9)XH0xLYv}4dT+52kr?6+O-6Ome)gRo);st^=T&7A(IWK^sDz_}nI`AP#S=bp->r^qxj$Re!frqwMfcF(|v z2g3BG-i4^`4eIa93eI-aBaX@D{jNkwoM0P^-@a0ZCR^*)D+I=hJs5V|t7Ii_dlK_* zOziZup{AUZex<48nCt7!IOM}iL#d9?wP&;a5*Z5a{7|`w!H(zMQkLlJ3b*cAdaqHqqhZZB*ppT4J%-zO4X}qw0aLQ zuv-78{4K>DA3scMY2Ad9fR_ojyZ=r5t`53x@D)-C%N}El7kbe&ckMWIyY=AJuCU67 zDQ9o*<68B@p6=dEoMQOcw~E{bZl7=4PYBI;u3cLrNx1St(NOmh|L%FVO1U@ii9phgDjSbsrStml`bI6&5NU zQn1hYDDT~C9prrHrB_zu`~Oi2S1KL+H&S>EL2c#V3E_%OQdb3QnXMbBJK`PPl*vfUTzI5kNAK2H7|xmhMb)&WlT@r`Ym7Y{dPLl-E$>^@?5+Fx z1*DM6wB-5yNxtiz%52(1)IJ?zKHodOKHvrfJv}6frKh{!RC3)hN4+iLpODeB^@Lue z$))|?B88V7rBdc4iAoJ>?Q9Bq>TXfH%Dc$3NYQo5)yY}QwHp|_tpP{Tc2vS*p_?I1 z=iYfwn0FNEKG!!{DX%?J z{W{eLx0-!g&97hUL}oS1h^ig(bJ(F)BGda<(%2!Bvp@}ib?oM|qd){M{fH67ufjv? ztDWJb?xqn7KXExBaQ9?zbJPXp?FI-W&%MFPH<+}r&m(avt zw)Cxyp@n1Ii0XwBODl8S`iZ$@()oRT+nOmQr*<>1p9yMI^&zdrDm?Jr?#X9CxCD66qM>*0kjHu2%@7P#lmu@?!T|kw! z`tf8)dy7+a)5#ojGLkX*>^dN`{jloEfJGq2parMwWbRm#quS{k7I;qBW1!u+NW8u3 zt4S+t4h<%AP^*zE6@Z|ktTX)wW^2P=IpzbQ=+@q%YIEqcoeXx~(kL*-r70(xxiB7l%=&!a{m2 zR!1yU-@MK??YR06TDpb5Wzv4)R%oZ7{Y3dXiTHB%Vv6@6PaE>|!~(!LC|yn8I<>>& z(@S``-~h=OaPjbJVln>UR zijX-5V%|zAkOcL3(uu75tKR9w@B{tM;T7NfQRSwmGbwUM2$BV$`D41KAf5#vK4F6M z){}qCQ2BIGe&$4S(HeBK=8VR$_Cw6egT?d|c<|}Q3fqgiC!CB{@ zS@@&Q)J$u!k`4eFJ)$v3^__$9YT*)MlHwva^^NVnHF#2)Bn!mpOZrQCR|q~^d%Qw& z;~;1Hf}Nka^G^kRrSfDmFdDeAU#zF6Yzqs_9l`(A2p_DbmMiun>_2MS#TxR_DC%b` z3UP4EY1i0>+kjX_O)&5$b{7jz_)DN?^}o@;FzeuynSVJ8KyT;IE{EZNOBL{cDER+` z^6R2~KeF@~xc7%6L$B9L{!Bx_{d_@-wS~Dc08X}Ld znQ2PrX3hYFkA@26t$)^C~i*INwOfqhS3zz>vaVt zdpwX%Y&FJ>Q;aFfod9Z&vLKuHP%FF>z-I4c#v`i-&*_he+y3se* zI*R2G8;QtknDYWNDta3dH-gasoo-DOP?kb!-WqaR zl-q2Dn#hN@CNIGq%p$E}u+?ze^H}zkQ1&brmJ#}zlO7Jn(W|~H;kwQ1>4|-nqL>ab z=W>1gm=ol+0%fmI$aet?3P)GU|8xq0bCO_0+`j&~IL3;gm@#rX`fx?o9o(@|?0jwq zi>g3)dBHs<~mSTjbEScH6z=7NOZN3+C) zbpFX{bILPGF$wg;Ta@J7_ApILrGj%Gv`YNztFrcX^&CU=sMAg{dGEf`KBUr5a?37g zi}Gt{!LE9Ern*^V2B(KQdvsZokw;4HM~wwef!jlq-_kuY5O+ZSG~xoDD&WTKU3Nud z*Tby_Au^)?w~((mrM{jBb8J65CW4y6c3=Qn__u@hM#H97vks-wrwl9wibd_(?>jUw zY8oMwbkN!;g6C`XJC|3vyHq*-QU;{miwth_P;RjHkj0$P=!qz=@F@?$spLlPbCrqU z)i7v_bOlZE?##%Ct=?IDa<$t>s?y6e*fDYvN0E=@K>`ytZq9kj9<^GHhCgy7n7BdU z1o-^EVd1n&5Kc+?_Xo}a7L$BAaH{O8kF-r9=$d6Nd}*?SQ6}AwJqVt4Q|+S{po+V+ zeYoA0FU)uV)m zLx7B2R3T+_TMTKBi3-Pxt<@mN&XIVp#n9q9(mRf)f;A$n$5|uJ%X)|CM~O?=r??&W zX3MsX3?SFFUgRI!sj)6v)IUS0$0OmYj|=i?up5?rUEfE{sn3m%Hm_6nTIw9rMbFL? z-b<9{sEo=m_7Mi@uSDhSIRFEj z2y$dnC~vH}SQB*l0-w>TK&F?eUF!O6J*IIY=~T~w}(A~xbq0?fQP>KKzINy~kmaOSuyRZDpuN0Dcrb$bHGsfr26f!oNV`?#4_hgCZ>{McLbWTxl?481oy#=u!qcEe#`;g1eDdD6fX*fSOv!0p!E?pjqi*b*7~@XF`tg~Tp2J=+MT`bj<18t(FU24AYLgv=0 z0N?H2uK`LnKjz`uwq=Ded8tm&XYRv%s^lFuDY0Kd=(DksIUj(si)*=9ZVis5D6pDW zHV|ABj86*(aPhO9m@>VJ4tNITE-%&`t}43w@&k1G3$Biuxt}G^zn2(KFX)xsS@LC6 zp4+s=vY-E?@u;qGkyat@B|shK=yWDJU3z4G9)9L1_G?dtM65!%xySnG%kn*%^3Wmu z2(TrF_im1deEJIm!Y)r;|5~omf$D#5T~@7ZkUC^fXS||W3wNE9 znfkTmnbAUSuHYuDlIg?#3>TI&LoJ@Q&(|TS;uA@Q&koi;_Q;|mW;G+f!7zq%sHpX{6^Xb z5-2HM(1ld|ynvixJz(cN1REGbBoK||#64J{(u?C(o^183gQ8krFpwh$$>Z52-#dUr z^|BS`(tgV`A^Oj*EjC~gzbr732@Fw?E}&~g7EZ=Vbhm}W!&W~qVkc|Q5cx2>J)96M zQC%zl&5oc8q9&splU>#V4HhZtBK600SpmU7XN=1u7jprex4eFkB4tq6Tll&T!T`Wo zJppWZRsGKW8|xn>?$Q$*es;KPSrcB(Hy7;P*eP~RbXET-qa-$;GtK;)6J!+G@b3oT zU*gCA#=G)AOA{O2{zpsYLNkAwks`7lH#TNMbPN{@-MaL{^cwbX(p`OzH(>Sr_}cW_ oMCL!ccK-i${_m|V8#%UcvrOt&?gQT2je%XiVs^RgqI1lD0T416kpKVy literal 0 HcmV?d00001 diff --git a/Workbooks/Images/Preview/adchanges-white.png b/Workbooks/Images/Preview/adchanges-white.png new file mode 100644 index 0000000000000000000000000000000000000000..210d6ddb0cf85cc90f6a0856f3ab9545dec4b9f5 GIT binary patch literal 54978 zcmd42cTiJZ_xOvVVna|w6a*BNDxgv#9h9O}0qG?w(gmc3P!a_d0RgFz-a8VJCM85v zq!X%0NkUJd1V}<4q+Fio{oa}PcmKS1?#%a0GFd0H&&tW#`>eg!XRRIk$kc%Qq~J*o z4i4^z4|FX!I5<5yI1b-Ce(c~I`?Mt7!N;LM3xj(cwL_N)2Pa3|bxd?PIO>v4F`gbh zI6v|7fn6X6$C;o1ybpEzRXpe5_+#@>SLbo4^BR*U$Z;Z4K7uVNYnZAnSiAkpZb$a> z8;6-*r?W|Ix8U$gcCyiT2@?g z`k}8&8J#6(@5?Ce(w|vV#4twBG2U*10n305S3}<`^S>2;kyz^pRL;RGa3x89JDI|) zQMy&E;Jz}TxsUZDMJCF(T;V;q;e$i>hdhDJ`LC#buwkzeo1I47IUJ-a6o^Xw{|WB2|Phvd++ z^z@Xd22u7Jrz$(J2v~6C^Ks<$J603&e35JSVMOHPW7{Wmk8a;Re+qo`yJ+7rZGUMe z>$o$c5DJEi!jiu=S~vQV0?j;5*J920J(pbKdoQ@;FL`163+|>%%G^|ZuqgIRAm|xlv#%TX2^Fm3F1U9jgY&^KvzWHHcAdRg zvW27%u`8bFF~^QDyBdKde(Y2Tck)kM4l1(l!i{_nZ1}DMMF91jD)XxEy|D<4I)9a( z2RSjqS4#hK*-wkCM@P$>49_qQ?{P~@2Dlb$vzq#T=v_gw=WVFfl40rZ%(ZUDS@g$A z-Fl$LCIcU-u!;N4NXjKT+M6u;wVv54POpZE7HaL5K*(O?R2xEUIO}8HrwO>gT)7t5 zMoXq9jkc|V3k22#kYi(`Z!5r0+gypfAYkLRb6Y;&1?Z?1;VZgM05^$o&&TyHekDIy zN{#<({{Gw&KlH06rT*SU{~Cn{=v^d3UEOwdopH8i{_b9P02EnX^kCW1 z`jyF$V17{&BjT*sPly+ z_l;uNATEsoRM#ThxAG6kwhNL~HtF2+XscY=7D#grW04Y9Z8~=~7#NGRfQ|k^iMW#? zJHvd^sGjaqlvR0s1mC_LF({F?DXi;2Dt4gLBpRZ>WGFE>zo$}BiU`dANgg~3{a>JBho7D zRGnDgF)lhLjFKsY?{X+oyj6AVP6&(1-NNF~vPb4?cL0rLz5snro*vb-o%1M=_r4yb zhCk?ktz!MD-K(dvMS}Yg%AXYET1H~U3;-o;a8@34_oJHX4P^i21aqBe@|2hE5^v=G z-l6Hh;#~|KH8w|fUsgUVFecQ!Q;7t&Wrl2or9cXr8Jj9hmUr`L9+xe?32fG(STa#0cO; zcOtCWZ>`2e*KQlM4GGrQ@APCUak_uFRqdJr7u=uP`+1pQK{~~n9o6rQ(9aIsv&7Nt zAfL6cYW8y2)rjWs0V3_Z|7Fpfa?uXPMdotqP|C?*^_6p{B+S}eA4Tk>qDC#D9l4qk zdDw0Dq!FPU;1rLgVhx+s24G#)pcD-iYk`$$EEIZMFKnTW_;>d%ONerTzi`W_w4Gur@XP};_UWsf2PlO>gyY+DV^X29F zrSmc9%$u2{L3PiGB-fR69!w!ggQYiZC(m+5=CYnq(gwJCWLOx;9=HhWUF-l&!gs;Y zWJwgYwmX2J#83p;w`hPr>@1C%P2O%bSw{9U+l^{IDF2!Ljr&#Awi_9s2Hgk|RIi+= zbrjh`!8*LuDynIso=G%YV{4}S<@nnB$lQJsv2B(?Vs5-zT)-}V4vbFwYxBqzcRLKz zy9#I;vn;1_{Ni#ajQ^yQip*Z(p2R__ns#aYyKTFUmT|}QcvI9?CeOrgrxuAa-T=@0 z?ZLQ{|Fp4^cQh9(4ZyB{=GE|(1{yfUD^Ohe+gCf*ceJ9Lw^rM?-NN@X!#%(3#I{eh znvn=aW~(^k6@KQF8(4wuyJCs^hF;HO__EH_VQIhi2NwhTV?#sxfWvinU55-)ucY6U z!Q0?YoF2_sSuiy}5y{q9TKN7pfp1Tb+?f6FZgGo(ocu5qibM}ReyS@@-{EW?8f;ZU~=ns8`CFS<0EneVL?DsUfp^o{@ZwTV|6Qn};La?O)6o-brB- z$omyOb2pioXbFNE`D0Jzm4R-GE}H-oTRTc>U+NpLGQh;)e%TA@cfW2oJ^6 zvjn2g7|#AOyI9wW-X>bhFI?+bDkXgnwT*N>y&jf zv_Y(ZyT=-8aJ2ImgEUdv>*ajeHxa#uQjaFw9KM! z1bv5vi{JvG#8Uu!?w~I>5tK*(uoaxaxjqwnW;J5|NJL)53!b1i`vk&?FuYmwm@rhq zzy{z99No@O*^b-%z4*BSm)STT{FuS46rqndPkXW_QDX4jbKp7B!#}Y$&f%Qq`D%yd zVP2Q&cXIPdU#+XZ$ym)QPe7@0JvOF7{Zu!42=+{Qg3X!tv^eDr>!Fyhe8gT@fc3R@ zOVF|`t(SDF$_xup@fnAP?4!DwVrYqG;nf?L+ArS$veU;ZWtrb@o+8NPTrO|H;>)`8 z!m?BWxkdB)dIlDZy>&mHVc_Mq9MybY*C+Jjjgalg5q@rh3?sV@pNZ@+X?Hn=4%Vgc z)BP-5gIxF;A!~Z7;|=Mo_BT&_reFzEIDF-2z;G}G);o@V(442}o*O@iWvzc6xPSTi zTG6cZ7Z*fhz>`5_yUMqRR#kc}XcXJILzwDqk}N0~6BNr%;PhQ%qO;9tK?w5VlMgHD>L{9%GDjp<}3Atm>K{d=sfry<{ z5WXCz*YOz<>x-64oDWJ7VM9LnGVguRw6fB(@kM6V3J^kw$T&s%gbcno=d(N?l&zH9 zoqLltA~-$DIxf85c9kBfYP!$fB~xHY)tA!mWrT}hw}rf^_4n2;Jn+ty=B0H`!SX|4wW6O&T%c$@0OJpTn76-SpNtsLSmI8D-qNaU z{y8XniJKB$bdrgIW|lT5+iVYtdwdLXr=;Fa?hv~r751vnc*12$3;nm3Xw6|Xt7ZO8; zl^&+!Wf()bl)cr-Q3K7&=}1)#Gxp8x^*yrI1tDx{{`-y}u1Nd)fQb2H{-=-9Pr?Gt zbkZ`DV!vKJ75B0d@4mKH7Q^093!?cUOz$`QlxsnE?Uafieg7&i)Y!7kA;(FhN2f5~`+g9j2343UEG;-QQjR z<3Gxl&bj^90OBL;fEKuv_RyS2#X4H+FW8Kq;J48B6CQm zhI!Jeq!g!c3Uo4O^&v}2PhK@wPAk8rw3=es+XFy`%O-g-i!r=QPV~;2iV6?D&+LR? zN-}T)DmUU~AlvORJ6)uldu?8Q||N4kC(WgQoQIxJT% z1IIkb?;y(3p{Nd1KY>Qn_R!*uW#JZM-STS3jgpA4q^yx;Bu@YBvV~}hk>7R(aaYyM z52J+Y7Mr1|tOvsI3cCw=WE}a8zI_sOruqF)4DnIr znKBg_q@;SV*F(yvQLryq<#`-rPFQI(CAX)*HOb2^joyCFfNJ7;*+!3kvZ&kxmIy5o zja#5sYJp!JOvf&Q2$yO{k=l$9*#h`W0zU=Lq8@8qsn0I}05eMg@s1;nIsNa{?yd%B zKwjQ?{snLoy5G?3$Fj`87z>7$aNpR%OTT+5;pc4^0;l}Y`aqTK!)UCd3H;@CX8FEuF|07(zWD2ct{T8;uh-!a z|Lc6|R{E)=;X3HuhcPpn`qoLw!*leczlA>54LPPB;9QSP*rH>!P;tSxA z#S^VYiMj&a1CLG(KB!3x1VS|TZaT4#p8a)k(kU%UrXd$g>M6Y~FD#kZEVgXutd(wv za#!APWR@|Ui1c&iW6Sr0o?&P0jZDM8yoICcJNC~aZah%(nNl$9P7EH)V5{guTLRUX zT|fCK8h&&8i(U|=!emnACg!mmTq#f=-=dd|}s*S6Ez zuco^1$)Zm8&;*Tw569BIa5}1tgsZL8)N&8}sTofct6P_sK$u6!d+QR)r_S}2nK}Eb z@=en62bTHvj<@}smL8P3T+l9g*jAw+UAU^-Kz-7|>Mze&ko3!pqF3_Yj7oD1ZUaoW zfjd2irjIkjHh%N|u7Fhb-L2JImvL;(s72yVgspTvBz9<;{LH;pWGYz<-_*(IpbcE5 z$2&BQ!q_XKges^6k%e3@TQ$Oa$oGG}>fUnLx8xe^UaOBs-bcpzB&O<8<+*5CDYiw7 zMH)80SM)ezo;JuKuOA-hYN!=Jg}Z;u*}q2jyhy3;xAbN4oF0Xg4%n4HCG)z#`z=2y31fC) zY@C&t1+Le+>?DzgZK;*e5s?9*YheqUk?fn1`+Cf`qAgLo=bMbQ+sie-m zCB%(?8@81b7)ISE+ezsb2TWik@RdmR;B3m}8?KI)5)d2^oqcNI+kLZ08aW=Kz%8YZi9L#l!Az#_%t+*yAj`$+ zeF_o;I8AY+y#FG?rC%-y`Zd;GMGL$tarPq^-VfeKvWpu_V%)8^`JL&ux8ROpN1Y;F z1eg;5ae@pq;8JcFvCGkJciiuNVkbzn)UP9_G=HcZzh#g=>2UHyk4%G3T6rU70ekwu zEKa@Dc^-GsVjR%YA=$>!Ysv!hvU74iL+#@->9%T0zo^))bFb$<(^UmE*}f8%KBs;O zKA@}hm$`Ro`mbe$xG3d!YiFY07X_PM9Un|1DzWsSyRTssrup6<> zt@pv`_>b*osc(ph$Rn$e<9vloqwe(Ppq_RZG%)dpjBwv7>MrN&-`a_I9?|)UljqnM z$aJMt!Rw&?YYTVtEdX;Lhv6A=)^@j#9`m$9GK?rju1P1YMdbJ9N1Cz0`j^NX_{V=; z^XWI4TN>z~=rP`iZSiSldNy97d)gECnKmrL-Z7=SASypr0rxL4nHmX{mQ{e|%r(;3 zXQ-?u4H$cm%tagf$==|jJTtq74p_8qUCg`ATuP-cK`3GL;>3fFM$*Bp%Yi(E!<%-k zxp3|&Tj#gl3&st@AAbFZA*Gouwc;f3(t(s+`?KF>1@Da3ZqYqK$Z!HzV^@Ou*3sSV zcf$1jGv+b=Cibq|nKc~VqQ&K22tdO75ezoe^dNi%OH|CBPIK(o$^K(uxJcA`S^o~)w>{qX+q0;hc%S`z%XEA?AY{y@~IX>adWDQARk{ccZ=bPwqSqvDqaO12VsXCwFS`DMBflqPTg*xEGj zQisI_{`TG>jR0=&*0%f0uOqgE>A&-R%2&e8Ml#sNc79UVufX4%63UUg&6ITP!!c}# zuK@Ka=Q{X#UX^Cy&OK-Uqv#-Q=lct@+9kCnm`Byp4_REMtcUBi?8S9(uDa`@J8hh>8!f2wNdjCA{Br?X#4j>e|>PgFd zaD6_*!}BV8dq|>vKtJfgN#k5toV((#udy%Z{7u}Jvhz(07`!Phk!c79t} z=RRx&&aoHC^X+e+luY9A@WxMMKrG{>t?;fRSw(&#U`T@D*QjAd@fnT(WprlrxA5;P zcdT7RVz#gRqXpu6U-oJ{5eQ%7NU*V812fLFibN*$NH+gNSsRk9(*YV>{WdDN2$f|% z@)<+M-)m8oE;rB@uYYjP`rVJJ3Et+tA)}FWfB9c+BCbE}=dOd#bn2tmAPqgvEl29(`7i zFx{KoR&oA^R*U^NIzFJ)=N&gZ=vyew0Fb*&+M{|0zcqp<{bT;IBe$^YIY&j0H>dl33@XXA1L z79@dg59ailmK1UDD`HiGD8KP)S_;NK>s(UQYs{FU=br8N+0M*wWreXDBI^3}IEusN zLV|)(%m>uphAsP6FiJ-iveJ$bdBN&+qavc~>GHK}x-nas3w24h6&D06f@hzPU z(}a!ErtI2@{dgBIXw;qd_1W9R^U&2C$%TW=;KA`^Kt3uY2A{EEAa$EA z$xTWyp9m+d0(7x$?!dySsnZC{yK;TBOyw|bh8qhV*;ZQ!5)Z3bE)x%XsSmZSBamAn z0~{8T+Xz{Ew_D3wvQr9mT(T_q>d&(sbB46`PUmiG?3j!zS9B=&V|`m!5dK6TrpENv z@Xe#Fahe;UGZ!hbV|3Q1#evz>*;dI~B#mvKX!|$8XWd~Wcbwjm;BGA#=7H|19_Onb zg*tMFiu(vrEwoDYLo6CuGF&P#npoo#^m7T&>QvLZR?8HTjwT z$g+ClEw1iLq*Y|oEc=1IpX862)rvsWpxAI&qBGdCT}~`=`>|DTuG=EH(mBSHw32w zQ&}6?c;7|xf4VV#?#lZ1T{Lwf_iv!`j3lIPOvkT!4O}I;&RuH6`F_3GMybJPYJ{gC0s5|X zcfmYtg#c+?MoUzHXpEriKWkhV_u{4Rgp2xJ!3L(;-n_&Zr5?Wxb8fA9C!x8E@89XaBv3DAzQ2bfd4 zC(YMtdKW1jm5H=En(=LG%XJ@=; zZ?Zy!ogkHvOG~ioUo5psk}2YJopC3@<)Rhf(9~lPXRzse4!7r8Xof#xaFJo0@*7)S z{@0EFms5vp+i^llP=wbBzZL%(#JEdty^V+IkgoOEV7Qu;wWSG+yyxqeij!xSfnVJA z+TS*v{^lk;5xXwCAm0sKoJkoN4ZP-A<+Wa#H$(J5XW1tMk5#NH1V~8jGk9;@@h1v> zb6SHQ{p|fMd!vJ(F3h&>%k})X_`vq)57I`@pKmr&taUEeq4hl1T zu|MS8sF)x+xly>tVC9pc4UMb#0461lhpdj0s386%Dp|pc?V00NMiak}*iIP8@v#r^ zXFO`4%q;MM0T09(njgBhOH>~TUooDQ!1E0WtW4>G&QLA;lVUu&srl(fQc2;QRfoU& z1$;L*Q}Ukh?gd1irvJX`g32qfan38KwH>B9lOB03oY)d7uWZ&~|Nb1V_g+6O%*%qY zeRv3=(>{FLdQrhaJgO>T0ZPW5L>cPEGL@Zc`T`2qTfcc(Wf;4+owwfg0A%_YTVsaQl&nC^n`FI1(wixLNxRB4(wIa2BBfcOOJBG??Hl_bgNL|J z0@6?9EuEr;WI2x_nY(!B={lyVU|W0Yx$rL1%6cKevK3@zYGLsv8$f#BUoZszI#Dte>BC!7yW9=>hZ z8<}6gl0PHVuNRHT&XrJcx3ki-!eNV+7Ek17HgLe4@7Mj2R@Is|Ve$nkvZGZ5k;s^L z3Et~faD?9FeSblS?$TATA-0e*&a07X_vqc>f1OiE)In?jFP6bvF6Y{redx0e8b!xo z3rxaAOAXj4)k`Ih+4J`mhXA0v5nSkRRQu`CS(8ejv&4_rZ@(p~I%w%Ef*j2NO`6(c zHtWT8?EMgGrd4nd%_YeK*PS{ZJf?j1J3|DmLf4@GYW+@45Sa+-n!4KhS?99%&s;^w z6ijkUl;XY*HaViT0BUXo4Rdy*#)4@kkBEO^6+Z~)w!sp*5x~*&!JGbG+3Y!G&jH6-{slFQp zi)~4xG9cNtV{-o(m_z2_)?~?{o7y{5(Tdw^HIBZj>}mh7my=G4rorRE3WxtwGQ}6A zXnW2|6kY@qnbHFQ9E|`FmZqWgdPxUdv@AoA`JaH`qgegy*?+Zi+)DkQ3M;Aq*Gu64 zCFNQH{?QF&Ps2oU$zW^b8Oy$KBg)1AA7$>><=ja)?6;cY{?eoeqp_4}z1bX2^A!{l z8iN;kWSsGt)z0O!V+s~Y)4`sHYQipp1C;DW_5`hE8<<91!4C-17fM{sZs7C&_yi^N z7-uUx8v#fv54ut3k85L4kBG@v4Oz_~is-$xZOkLFyQ=Lmz9Lx@@K{WiaIt}?mR@=S z`*G*=5)FS>-!3fPStX^QE)&dze7gu?EQ*c^Ab0iXa5fb=dM!ykU`ys>puG7rphA~& zb$fuxeFcrsfI={2%T+>ko7@7qoHgQSKQ9J@y&1a?=m~s@0;z-XXuE@z8DGLD+zMB> zo^S^&F@Frsd|V@Pfst6~(F#G&8dTCK`3+M#TOhmcdpB<8tKKnM6lOHL3HDbst3GB1 zJz5gvIO@Y5jWxAb3w}f1z1hWj&LbQal89kyBlTX=6=V%Y>GIPpF5^JHsxpf)g--_eO#&_D>Kit^AI1V7+p(;5RvU!WrXz#-EM-?9S zF&-n&drjw;+H_#_mFU5)<0DQIz%oll=u*fQU6r`k3egBXWo0SbsIf1dfHkkioH0t2 zNzC@^$ZYbN5obf$Oxjqyd{+J?fUpI4f9VMI#aXC_@CY1O)*$0CT9bOCXBIgj6{WeMp-iQoK_CD{Ms<<=LxSFX|cbZQ;Z7Aixhe`+-hVUBq4c4?-O8qd;2Ad8XJ3CQSrLWNB8_l zYqs9}*(*rH(r22ViVbMomIpVVEKb>sAVX9I|3O zl>za*X}DbT!e~WSuBO-gdUkdNP3`w-U)vU!uBArl+-5Bn(wyI&RFy=SBvU+!dr*!T z;jbUi+SlMM-64$eFI57{e#JxPE`%*E(r}ICvCx@eqqKx4I2jA@Lp7-MLzh+1uoD|6 z`&9fu=4tZ7W#!P)TOyOQZ!1l(?8yyvW7$t6D#Q?8m)P!um>etGI>93KL??e{8Q7#D0!;uPx4=;qqL2DfBs) zSZwe)2Y3 zDQ2W%Z)c_;I`Fxv--$kQ;%!4W(C~efrWp@wL`{*ke5CX)^1L+Y)R1>JzHCQTmA!O* zP&Ick^`T*8S;9iTIehQ$IZL5R(iDu)(y5;%+MaMGH>hvMXZ%iGA{}`HGFiXxiQdf( znzS5QjnI>pe@J??y=wLdEjlsQ3PirO*8~`Kv+GTp&1Ub#bYP4extr8~)aL?=T3h9( z6j%XGz=yG|n=5RJ^kBl;0CO;iI4^NAonGBQ zN5|Vgd#<`e6_=9DX&6(XNk^TD{FdBlO?dOssZo89a!qmnQ1&RStvx^3dCt2P_m+Yq| zJT#{cZ>VUeYz3c3K3wq#i&wCG9bgmN-n4Jk#?H-`3Y1sYR$^?OXYbL1 zVxL4AGzm^u`1FGX)q2xQrTyx5(B~awAd`Yta&Ew!^yMptMQN~-K-9<<>6hNiCe!wB zQAEG@V{3T-6qDgntDrr2Eakjeb?w}g>DC9f+t6Y_U$&eDFD+1A$7!Wfv1)$oPY`k9BysRyjMx?B=d$Z|SKBBI#esqeG4SHH4MeV~)2~DMN4Y#Fyj!Y+vqm+w<``ys0zgxn2wjAm zm8icEG!>}-neNKG{(iTDhfr?#Zbc=7J}0coT${w_?TAnNk2Q|pscOpjMMjrn&L{YX zmPW(-NLs%zzQi zssa>&1%dmqJmJ!f(8sUCZ-X%+A46mBEVP|WZ;M+}Qb|=XLq!5)r{gTs=%&JGhM!94 z%a(3&!&j*jD8$u%hpO;wy6@IU;VURUrU5WYb+|sfN zkN5sP;?DpSt+a7`8-{qyv=!A*Ts$#`$t_;wSubru0Y(NLvSS5;!lsss-g!;p%YXaz zmbK*IOAEIDQrruNobGh}NjBu~+R@aN#jY2#{D%0vPQR}j-EQQ4TyEuL;FPpp9E`&1 z0sge~UztR!J~(iONrX-mPzL7d02_R@qopfs*5Gf#@_25wCK9&U1gn6~Eu7xH8PT#> z#?B3i*u7yG(Qg-08hOjCJ3llEA2>s3{b+7$0MS1n9lNqXsUHl>Hji!_Z0Rn`z;n$( ze$2KF^W~8!ZYGj`Hu{Z^OuVE4 zApX15)>2K+Ua1TKB_It-@AdW)$58;lqA9le!)~of!)8V+rX&|-1<@)a`^Cp4O9cOM zlaF^2DY}EP}GkKb{uTrBV^Z7l}DultUjDeA0jP zPSw@Z4Ijx)fofC`&@?tY#zPeb#d)r=r*wIkD1D+D zgMCIx3kO8cvK}?Y$?d5c)cvuQ1rW8cR^e!x{Ox3 z(l_Fvu>LodH(ef943kvy|9Hk<&p|shkH@@V)=C=g1o>&|1zx`tHaD_(9(i@8lJB=J zr;@>xs4Ibz%!MEJZX5?+0~R(UFRZUh?)7krJs22mi-=GV^KrHcmz6Nef;k(F>`sNn z`8Y|yf~vb!tB@UeLuS`KGpZ3u5yo$Zbm8sF1|(ITgxwj{5xcvCo=*2BLWv_sN+EN9 zVypn`C1Ht9npdN0dE&9Ve{Ux@@6MhX!ETT07+`MST#J~TRn|W6+hY&p*lq+_=V#$l zu9T}I%*_0-cV!drMkC9Tr~in1hHhRwsB(v_Cao-Qk4OfG$i1tWOb$5DNYZ60+wWw? zSVMBEjo7 zR5gPnx>OTKGG6O=ZJidu-R0E0U-WqlYA<~d3cLw6xt4aBdG2%gx_1z0KX<$d2MOEw z2{nv$H}Hr-HF|aE>aT-eh)xUyjSV{Z6@XOTFHKx@`TA% z?os~pZR%q)FM&tW2lcU_UcHKJp3^nC84)2iB!eU^N znK4EW5QqIzN{}<`pv5jkJ>Bd|??mna*!oBd-&TTnD~rDR`Q#g!#4b8W^SMe`kf;xR zM3Ney;zcUR>&8{KHf?5dqsUhe{G#DxtzaR~Dv^U7*X&(7KCDOY0POD6J!nAcCv?OPEFeo-7$X~mm>>G>r-Kx{K zU#eL_tD~O*W*=U|0W1(0i?3CxMEZ&775+$dU-3!pg0>0Yh-s4eU!O7&~pv+!et z6`oZXhe*E+FlO9Sw6ZK;qb+_RIKR}JwFFVcYTnZTSXok+$rSDST?e#s>+16a4-%+9 zThZyX`2%mlgBTBBZK)9HuTgAE!uUQ_!1J3_yD~fuZNf9VE6h}k|QEWln3Aq^1h+txAL+kdrnhQOXU(Q_x$_tk?B8}LHf_&if1O7-O z5mKhH1xbtrSyg5N7vc4YB9q0QFx!GU^|l4x99VPFpzw$?E--(?&mojRA4I~g=wxPh z+=~R%RO2;tuc(GD;qHsld6{eOS`M%IyU(Sykx9dhc(!~i4vs0D;aMw|{q3qw%GETD zh3?*6->vsq%G|X}whnQQnmBpDS;UrBOQRch1PU`7z^Wa7@*10ro37Yvt?lBbYP5~w z+IJqZl9|vDd9=c(lBqyktfsTkR#|w(YCo05uHn#Lk_~AYW4~fRKNn|&b5$B(&S4s- z-TvJ!7|xY@^gpRQa_oP$G=8Cc z`5(IW|KpyV>YlX~l0LIC%B=PmF%Mw|FKmEL6y=ne$t(W!;-~0ahmK z+o9l{I%(Uf*Dss-H{NG;uVE#t7Zo6=fzH|e^_a*t;za~f;(#Mt-Sx~gF*N09*H4O?^7GjP`-2Oq!76;APhDX_-eEc%!m28P> zR$zIOh0j57kc7&+P8`oy0+l43`dVtrX~NcSi{36pE|{hV&|bE!F?Hl!TGXx-bA08)Ngv{ zw#XHAtf`?r*{s$k7d7Jg^as<|&iaE(FUc0gRsPyaoD5z3rpbk`u{qWpUHQSQ^HX~F zhd?=UM^Dnm&PTHNPM}tD<{o^u^-C5}Xf*+%`zSAD)lDyHZ9kG`xBqD!8#aJ8^HtF7 zmOj<#nE}KkFi!LT!p)jGnC?3YpS3SP!W0fp&`SRE`I5@8%b;~U3v81*L+19g)CES^ za8pGpwLRxv$!8QckTw3OSmA27CrffoEUOUaZ#e0D^y&mtsM16&fKw#8CBJ*^@sH!r z7z38#R`(nA%RA^*f<+2`w&}^&qmQylTd-0}W>}n`Q@cuTu#&HKZ>FS*{Xw>o+Rstw zc`ha60y*+dL2YS+`O|$R{V9M#o*gXsF`uQ5Ys<{dqQLQhvV3~N;rgl_pO%; zGOj772p7fnl@-Q#1s3Z_NNRcxh{T_q&b5Q&E?5p86oCYXgRSeGQH+gZRgqs`qTGj) ze8yYsQQdbMTz=&YPS(#CId+LJw%Bdo_S%uhT6ffu&l?5voE07h57}SpJU4!4qN2%! zYWZS(uzNdDuVrX(RP-w91ri~@Ecjr ze$j-eUNw5P$vmQEYuW_1si;5>yDgJdFscq#Xl^|bY-0C~EgEkb*?HpCVV{$%97E0jA^_`Ep3Ur zPHK-;uE#nyUfH(ZPlG#s`iCIU#h$r5A(=JIdOw0~wBG7%Dvwg|42X-=N?N;n=-uwUyut0wkUz|w)DPb63ziGrOZq2tOBa}1 z-nC`+ErZ{6Vjy1YW4ENvbvv0pxlwhtz4w*Q^`gt*dX}@Ny8Z9TZ6faw?Kli30TDvV?HmoYvVM$b&7 z+vp8chg9B)mx-Q2)G`Kb@%8&**QEF#fi-TN?aA)&NLB0?jtwPGm!imRIh7QjY*Xk^ z+iUg6cbnb;RzmA5T1;G2j`yf(k2d7*i?R6LvDp}@ulEURyG|uVV*`S_?@Bv4sRpq@ zXrIBJf?6rF6P(;neGHwvwMu!o1{&V_*FGfID4P#Flx(C|is=Xn1YCN)JNU}>M3L%B zqfI5~?S}iudX7JmuSM0O-M|-6@Tf)n-yEsUt`l9?fQRa>(tj1ZN(GMJAADaT4m_^0 zhf$PLmgU6S+&lULG#y%5*`{7U>oYWHc|ijKJK9lp=b9kZPEczt^QrPuaNcKqwB^(N zL1nJ_sn-gZuUC~O`sbwbfA5%&irD?bzcP4+a_!|uL)oM94T=t1Ay*9lPPPx*YcW<& zfMVmypWhVQ2Ymy42oRa)bbF*Zbu27n{CACz3%}^M&{Yf2EjwA2fwhB*SuV#g%Msmd z$Sc^x#H!Z->lb;>OPSSgOD^5ycTag8tptiX6l`*7=|eFa!OM8tAf?Xf`}x?}r={-nt2 zg6U_b3))q!D1|>4eR*r@=h51|1tFW8Qy&r?iBHV3x7XgDyftw=&wlh$iulpdJD|mn zUueCj-Hq3YK`Gw&1k|H?b+?~*(>7R}iHHp-p>6iWQov=RZ_^){?4^KQbF%MKG5AvL zL9>DtN%C5Kebuk%hy;nLjoQm$!O+2!wI3uI5{Xg*!p`QvRH*Ik1Ym%kfovl<8t z4+zp-7IMY+@#hHVSI$MF&xVd~*2Iq7>R*)W_`j%o%cwTnMO_yPg`zD`pg1j19E!UY z3N7yL6oN}|x8m;Z?k>TLdx{r#g1hTUKb!NLYwfkyn&a%T&-u%bmy9=o*c29!SIx{kQY&CHkfDN=YLOtNQ6wI;b9S+JEvq@ zrzSTY#-9jUmY7)NJt7_`1T$gt20vmpJOI{RoQXj$I zSwBFSeczuJyzX6fxp(~K7=xnwqIjl(^+7B80*J4+ZrvYLYgu&=L~@p9rKjyhaN4G2 zm)fSjFtW|Thf&)43W%3sbv1+eQ4I zVl|w%O2;lM@uii%7moJ%t|20a_Vm@6z=hmoTlP}rDah${A?^lhh(|dmTFqR0fI|Wk z!5Xq897BvK5hY3ESm)X}+;^s^QB#v>%XW4L1ta&UnvY9o^%;dM964VbG*T`Lit2}3 zau8^4{Q35RhbPvWH|thMtxWSnwfz*S4GZuTBh~rh_H3ou1_=bHw@x|ivG8VlbIPex z?kO``OehE4QkFOT;+ONOH1o|y@J^$-AlkJxxro42gXA@PdJ*Uj%47;G3~M^y<{nPS z{V#^Xe$i7&s&h_Vj~5im zG;cGUS11}n*qGs=Kd;nBzwl-pxnZ3Jx_--zj|uYiLI9>qQB38joli=)Ml9 zL|z7cD8aH(r1U&vZ+V<{S1k$`(O2@rh*&+OpVVH=Gv2d2*ud@X8?fb8!>wANb|Hqcl) z0uu9^R00i6TFCY}O5Eg=(DjMz(>&6e*h^GqgWihQlH_r%TUEA{h3md+9JWsL(KXFm zJ+ruaixV)YqAcJ&-%~x8lWDMZ%bV%`-0RcUfg_J$RUo_HUDf8L6o?p)u540;^m9s{ zh*87-$_W`;WLEsb%N3FZNjnjX6drluRy1k-Z$}(bhxJvL@O7`R_5KEGniMH~UnYwL z%nm;jP^fp&_U(6*Pf6}vx$+Njf%sk*us`6Mobf++@M~xP>_B>O$=Jq3;THTdeXbyR zxFSnr1Xu=5P!`IxWLeBe7f&C30Al3*Y*7Jf7=fx!c7wXOFx|G6WZ*{YoG& zV=i^uvZvJrjnuy$@rm496%RSiS^ZE`rXBEa#*wsMGX@7PpvqeoF3m z!>$vS5})+eYqr@3tu!_J--@KytFpx0uu$@*teMvUBAhdY!VXVe^%o~%cbDETQJw~Y z1DVuq!JP=GTq)p&I5eR(XX?s$wUvD9C{)toid`R#78y7Wz-egY9YNh*SJ((qH*`Yqvx z=X<(ut@vGE9Gf3vOIubFDz2@dF^5mF#@L>?M-Nu_vt>wfnJ!dDsm=OB3PPzfp%0r7 z{F^wPl2ct`tE_614ZiQZ$`@_-KzLk~43#^#lbhkq`5)XA+ed|F_d&ImBeKh}fT_ss z3`aH)-|{j0r*6t-)55Dj=U$vqQ{=vGC5(U0L1GQTr1WbNop=?r%#p6u+-iah9feSt~kd>=ls72 zW5xu3hp`*yyu|#a&__$q_{T}l(W>jxmKV~{_oYKq*!JbbTv!m=P%tgE!~`Ch6-0SS zQNcZjM|G&0GDak9z9&A@t;e_0g$>1uVD?LU4=tYve`exf`{@FZiB242LJlh9XR7d3Cq_wxtiOlHs=cRr>Q>)*0CqXnXA|4E^RbE~di0-IyX2*7_0XBfTolWWW*{wdU zhd;;5VO>(w?*WAm)8q0stq*se45zfpENW|iR7XwcV)ubWBeIdYI2}{!(PwQ6=by-mhAE7+JX9YOQZ)q(W0nVx2=?;%Jcf)~htI32d^eNNXSh)_u0DoJMsD z9#&}!rk4pf!RRM=K)v~ZIO5bXPA!&Q8yJ(Ra4c45uTR6B%PJ-&$b6{O)y4ge5;R;@}ny$J8N>eH_a8hTW}4 z_TvN@D3lCP!`qT(-~K?pj$d&dTQ~`XMT)R<_P9?jDN?p%vHk(AoZqoZ1|yHB?KWUe zy;%C%K}w^5{_3Eek(kTijWvC8LaA|?wDf0n7x*?tBUW{0ENO+)+%%yxU-NVmMeyKa zJ||g<$ISOK1|W4Ii#SB?(DI25Wi7k9Q}6BHPt{pH{i1$F?-*io%_$h&)wa z8OW+^Ss)^^Nb~HJNrVim2nEy1NWwpWl3qdd(3A0e-$K6!vs{qo5h2=dk>22rTM$j| zqkY;2*h@J-8!~CDWX~(F%NP%UGnyMDz1zHX12*p! zeva%VS?W?K@n9iU_9+Yp*=i|mdmwP3=!RilSFsq!15WPW8HIKu4Vlzq&%h6&vRWez16m7e07W_O_Buqca8NfBZl;WG9 zoHMxK&WT8ZtF?%o-E_-Pk5(hJ^6We05uD_TK_x5&VWC1{fD}OZaOAhbm@CDE=v50$ z-~qPt8ZAzO(=Z;@Z1sTGSSI4(?lJs1NiR4mznu3{w;;PrA9lLy@BoKt{1j}&ul>@A8cipuBkJc z&oS(!Kz5}+B0akbgoPwFALd>U5WxUrn-`)~-ZatXIH@^M0LIVjBoC`$S%9VaM2NT4 z2XrVODmakmWfWEM45+a1Yqp6$;K`X_n7VjE=f?>aH z6P{irM|_e#`>atD!#z*!bVI9S#%UN^7G@edRfM{Gnf_rAj&Yv;GMUwn!28_TD9ADq zF0S`?w0dH}UHFk`xLo18JHoLwZjD1wn3ubRv+f=D4)C(^q`EBwz#lxPGD)D!j~nsq z;^X5*f^=8u=ck%67hX#AJ56*uG+= z)7jZ`bxt|s;9D8KNf?rX-g_rgQnEN6(J5HTC>BnOhK%2ktDkqDZ`yCmvyhdn{e&yo zG?v3dKJ<<{kez?l>0{jq^!5DyX@Jsd?f}=lEYj@Sr+f!85TI`Gqnt`qAf3dm>up`B z{8cLl6zE!cVjKpZ3ke{?$U0rdR%p;wW1-WMFmApn=Mw6A8-@oXl4i?=SpI~dN@a5vBB}@7bY1#e2L-*l55gXqd>Mu7L_oe0Ss>MfW}_PwR)F!oqZn zucTlm4wY=Qs|4<~!_xR3iL?i9A`KD!zRURzp5@;i?Ib_Oxo2TvxyAd9vta13?|J^Z z)Srg#|KJiRorW6z(e^L(l{YgiG{?$WqN7O;373QP`r1WBJd5wxUqRSS?cY^_KD^3T zP$gE4MO16Dj_`2o&~LOOYnif`h59>pQGTE8+okId&u%{W5&Gy#dY1UWL%e$(y4*#i zZ$NUTN7BqKdS-R$xJgXZCxW|RR1ox#UTKkkY=_3Lf&(S547uL=76V6O*mk`U}hbi_744^@u{ivA}q#`}~r?v7r^X-N0zhy0j;DnBf|6 zy^nTy)yDQ%`zZaL8^O~m47wWi^W_B!7{FD*(+%LS)Jr(w$0f1qYrLi45^%fyi0B#q zvx4mWj?ctsWjXN*r2dm#MYYL4jTY<4+S3OzbD?8l(j%ie;HXxPgw=cpgEEi7|CW+?xKYbOrb=PA+) zbm4dBd#wK=(9oG##9Q|wNW zdo-FSV?SYODnVhAECxIH&&c+UISs!^B9(yhDR~$paTG~OU2|(&79*#QzebnWr|U+_ z1H8h-R@|M@v)Sv~CbEQ2Y?0I0&vMx>+u;Za6WnB+VHJxUmNVZwW4y#1?O%5z9k=f! zYE7^YWJ*5Ll3K|)%<~K{46;jK4FIt78{>SOk%J-`#PdB2)=kyhFDKMv;oJwYO?f5TwhZlRZ@+YpOSYuezhY0UB&e%KBw-gUfP~e?kpteEY~dnu2(i zhe@l~iBsf`(wtQIMAfuNQS4O%oOvRZ0+hrLtRk({ty0R}BO+px^`MEcSaYdu3)pL( z(hjruXzuN3(HIfL>zd1;(@tOPU#>v$fik9P*vN!?op|P#&>nn|3&c*mPsMtju@H}f zJiN>Yuq!0(hsrQ~B^M$LSb-U6`rfP|{Dq`r(KT4F=dl~%(RLd z6G?pBYr)8|1D4gYnGaSqoo$|4n(y^lk>|o~G4HJY{D<CRnc$$5*Ji0Vk=`yXg@=0D=&$Nv-#yzI zwy5r<wcp9I>|sPbW-;ntGG@&6xx3k^(?={`kqx8l_I}(7c^W7IAo%Tid-Rg&A$PSwCs`N40|-*Sg$9z6swhF zAX}#CmFi+F^Kf9}KG;6Gif#I^-Wc8m-G=4C1KEeVG{$ZYC{Mh1N#0~I)5?_}^9rPk z6>qS^fl+q~ruorgP6K%4isK5Edy4R3(7(nPe~hc45~bt~-OogPJy>ZWw4*)@(!cR0 z0J9bYHZ2uW$H>VtH4R(HS{-D&_n)N~gpR3knUWNCQ<|sHGHMBr#tj^HoH&BM3;#t>QOQZw+|_7&vEn?{v0W5-Rs0^`2qdrckiMG;iS&iLHW$|E zHv2}DSZqB*rUe~bqFc|}TbSTfA2BNci8^bNO=ok|PARyIEj*R4fnp6$imVu=^t_*W z97A2+uRqSb8lYCqi7}Dh^FN@h4Nt?E>Mq(5R$2+IWPB<@Uq6mHVeS+P#Tyv!zy>)piI1*QaU`9M?C~lESw*}&y#jJk+p~X^CGa7zc%4gPw^G+;tQqg5MA50Wp$ub!3Jl| z-}pxo5DgQumKVHsIvyx85D6%VIde&>QO&aW8EUK%W{}J`9@BgnszRGPjE!-csQjhi z&98f=oItHQBQfykdwAwoUn4Hd*LwPV@@@7@mwrdJoDM9WJ=a2tqg3mR(9*qg6naNR z`_H!hBVdsX&mY9!w4EY*hmb!Zggh4s=gp3Fur$`wwt8Kk(f>7RLFxm0VG6?QM2i@S z`%%uCSA<`=a%!g(Qt zFF1;|d31WuX(c)o)64C?8QnJ~X~WUCI+pXZmQ%+v&oZGEEp}MLZNr-8^9BFib&oRf z1v@`w1Kq5qI5l(&SqroI&9ez;t>0T+d>0&a(h;H%&`(ifd6N)<{M^6NrGHZhw8xej zz*N`-N;5?#nCCrc-51%6mnJx3syIS=J>C}NHN^YgnT!~avb~XqA7iOgpi2U;oS;8v zNdPgZVI)@k)_!}Zq>Neo$YpM+P!14yii$99#E|Cr19_tntCns<(nX;RO?jy(K5A6VbAyvge}uDdxn z?j-ipO8F+2IW3%fm-~U+-a@&e8cR6VSU}vicUjk2gXp`6b)mIuoM0dGUyYcX?k`)OFIIq0On%xd|Cd3xgk#R@7pU~Yb#)XsxVDkIEV2&II;|iA=rFkG!rWP_!_{2u3eXQEePqVD70*#@UyD4%UftZN=@%1@8*vGDj%ps76xo?W&X$vSo<%G)MFLr^;sG3$VKrP zR}-CN<1+nFunnEVtlrso6WzFh`(@5@u+SsmBdFAEv#1$(elwis`osBDPCm_iQ|XQu zAoD&5f4-2LgZpOFIE}i$Y%n)#wUVz^a`<)LsA`Ov?@%3=Y zuWvTTo7jZi71EW2p@3s3Y5J{!`W^qQl5ne7r)e0b(_sCTo6=))ZH|fDgLLL1{9@=7#gxj_t2Ae__Rje4K2KNIL-Mzhd_4^eJ*nu3;_u)# zeMa1Zlruh>U{bnWhhn@5V4BcGn5>Is$471tcfK461xy=~d4(5CN+5lL$;d>~IUFe2UsZ^iy+#i*C>lt z!q-W%6w*Ax1k9k$fT0swNOE7r@r5m>NCpSk1k=W-v?gLx|Bh*@fk{ z8Tvh`+!I&dTFvP@PUu&7O(oCoJq)4|HrVNC%U{b0;N8@Lt>9C6gp~VAq0bgoo;17I z_9uRv)>l$!LToG=(rOg2phu9+@N{99nP{gl+$v_4-IT0nJ_tR{d|!wK|JZTz4|@lTiv&070O&@ zQ}o5n5sp;cy|VwpHd%h-dGo5Wq7*Aki1H8HB+>SlZ35=`UDZ9f3z=jN=8h@%!@dOM zJ?qjH+e|7ER`jTA&4f#hT5zUzOK%A-iBZxrnHjcbPsP`XH z^Y){SZ3-lYH5tK{2IaiU`jx93W-d*1w>w*nUv!%unHI;*qY~O}{{}qoNNo!q%S70GILbM>D%WAg z9`Dwo;!HZ~jJ2VuqI79=TFYs&4T1>D4lRc2#sxB~OZ%ozlc#^W8M)ue3(l$brzd%}hn!b%91 zMf95Vt44D1GD&AB{OnTc|GG70NqyE11z{06>88`gDw~$jjsd~UTA72Jl%c=>&22{H zW`%Paz|6U-pz|`t0==^a4$vsv@C>nNQr@}%HQ?-5 zJWplWdD88A2I~+r?zlcXdVg7O@#hzQUO2r<-7P`J1_0BZk?N(cuK7w~;m~QqWxPlF zU}+3RxmXXob6DYF=m}|16=9>SJCXJbB!=iS`m-ub{pZ&2@iwHdGvxSSwj^|M~Ofd+1yC>>*DXFdj&C%QT6#|$KJ<*~x$MqNR1~i*6>ob0`Ti#P~ z)e)3XJTcMqVi$r4ziaYG=Gn+qZ3TjfiP4S-kHcu=-9-Bum^WuBAn+kECUkv@Ci)d+ z7ikwOhGC-@X3zu%ODa=c$;21!5P+LMz8q@>n@z#u(Bk`ulIC8mL-^Y!KO^v|NqwhuU`FAI08UJYCm{?+CojD*(h#=z(jnhaxzW2-K7|X%N zcv19H_zjtq(TJ_9l%e)c>m1X~vuEd+aX7Z3ek$s3&}w)O*HDDhGg)N~9f|;_$^__6 z3ufJ1y0(BMC%kM&wFho4tnZG-4$taTDx{(mn@!8vX^lW+ z%Yyx_xbTSPy>#4tu(w49t3t_b@dH}n`l8`ewd;Zc|5;GaB4+4mlyjo}7b7A6Vx)Y( z&7OEYGIY~=usVKsL?ucHtsq0d3sssZG8$8e)9Hi=n|2o2gx_eKa18?$xPcIfxyIy0T z%>&{Mv<`eC`|xs|KwZPH;lUbwzNM!w=VUf7H~=lG~J6qSls zY&lqZ#ZUsEc{y;}0m)f7Q#4JZo0C;9c_!BGC9aKI4EOlswnJ)7qRymdu0ES-dDhVb(VX)- zMXq#e)T*_zR8@;>Z6<>$eQ~-xNBf&idPU(jAcl5$j9A$}Oi)IT06o%eWnAI(-s+NW zx*vM_8y!0FtV)90iu3?XNcb<6bfwS%{2j!+UVNAQcaL#HYI*)NJRIur`)(18#PcWV zKQE;VBKwW={!g9_H>4cj%fk&tB99$5+emh_(Oq2J0cf5VbV91Nk>f@2fv3@%o3i>A z8~RA-L_Yb{?u#H=%ry!Lv=CLRamUUZIZ}09qC81@E_|`Rtl~zg&e^u)Va<6W?&mdn z3J>7sU%#>r`1!NX{byf!_}HCmW6i-K*1{N)^w6)zh57-k<1<5 z%^B}G)h}O=->~t0i7Hr!kr?E6IasQG>=-L0bkTeL4YtR%%DxZOB~py)>dw8#7h zPqm~`J>+9?gsk&FaHDZ(mFeJ`j7a0-+}T@9RiHuTkg1t<1m6^Ha>p6{JOrG}k*8TvyE z-g`ABa5Na_ntkn^qd31v6v>d?_8UNn9|c$oF9gczRE^w~uG_48_cXpgFi)1x zj-hV%`2|y)iT@nw`)2>+W{WzeI7>Zet*ouse|wlf8BuXOZKYDC#*o@QKYdN3jJ&My zZ}ln(F;(^W=ure(t&sarXqYc}s&t~_Cp6Djlv%xCfnx~+K38a$(^ZaH;9AWzw(Bn^ z7n$pRzaESE{V~<)eB#wb{yDoE1_u_A-29d_hkP|#R>Sj^qsnKDqpmdnB!{vQUPenQT@}i`1B^?`()XeLRdQDl~$3rdyYeXOD#8JLn-V6rDaYJyg z)1cb{`>yv61NIXa-4tK$8LAa7nwoFT;(>07g$TW}*gK&w_>uGb=$u}?77dgzLp4S` zJw*Zf{1*`#I@l6uk8>6Rj;A7-4UWwoXqB=(wTli9RD0%QGJ|zN&}XD^#l^*sHXl6- z+S8ga^b|}Ue4PENojmJZb0>R1Jwv(mEmR<#_e*V)x2>TsE0;V)wjy6n95#_HBl_o4 zC>}YH3q5sw^_{g&Aw$3I%W(A_H_b7#pa;Qe_3|%#|G@36oPDdf|5p(24O9kD{aJ%b zjpE0sirD^$7agCqLkBo+j46AbYgPpb20WP4BpN`WXb0g3&tRo`AaG?^(uP70@l*CY z0lH_6T9$K)9B7TuL(+04%|^csis%1Gt>QAHbwd0Qnk1t?Jd&plro1a4 ztG$eu@Sz$rZ)jD!uSTVMK0T#AEy;mMr95UmvOS<_ozy?8P1k}KFGFRL;tJI*jUTSr zR20eA~K1|LP=*d4?Q;OGNPT^;%pur$AhwuQw*iQ(%V>#ru1&D!{^AfG9s_Hl~ zqg=2%>id8VM9V+WNCWqazUDT#9jT zMZ@Zg3ng~Lo?PNz-A+Rhj&wwPr(D@b_qfn&`XVnooeyBa;le}CAu$#TURYv5q3PW> z1zG|$O_l5gS_$8iF}&1n)OCD5a7VHdp z_Ft)?UtblP(X~!)37}+zFa+DL2;gzqjNbPxTzj;sh3>W56X2z?e@x)haaup5KtS)qdO~l6_94Hek`< z=rvSsCQ%dVo{$v1_bPo#aftYA?d5;h4ow6CizG|qhiQ||-Ev+rGi-_v0 zluO4edOt^Ert{)u9asQz_jyZuTt~pGg zy`b5@7stMrdCkrR@{H(V1p`N^&>ogU)bcC-E~NOB366WJh)Pmsp5#ljkjjgxF+5De znO0@8J-k;@H#0B6P6XJwsL+oG`P|_?Gu3)K27cH{ho8jlBZ`|uBOxk?kEvEv#~;nT z^tT<_-foB@vLJ@-Q9tK;QJfKiE<*{qsGPmV8xzIP;B(Ct({>o6t?TBXR^ z3@;{GAOxPVj6q0h5wmcKb5E*2Mt#?ZjUtN>$-B|FeQb7amHX-OF2*p`y<2#RHM7G! zrG+07%7XG;DBe{|#iBPgZ6#!;OVoM_HM&J`X*Pf)gxv*fwjF_qw@k^n21Zf+IL>UB z@|N}2OU|-%!!N%Vun}GdjnF9^;-Y1};FtumuU7>dNpe;O-N1j5mhHwymI<>pT#Zd4 zp0ilclg$0k^-z>A^2C}OD6UECl3kYB>LjYGh;-_1e;rrDd2;?bb)ovJEp;AUd*l1u z=zmiV*_0ot(Q<3`0`3}mVB!>^;evHH^ULQO;_;fE^et(I-WTUIqAzNf zD(9X6OA*>l;lo<#t!aj2(mRfn+M`tu6?HNeQ|oaHw-fl;NocKqu!>wo*A|NYffRcxc3AHBY7?W1RCcE+M@uO|1T zrk8c=5{Z6aJ}s7nM&SSqo@JWYUuae3XM@n^SXBp7lk!f&(eVWebe_S`MMF0~t1&0j zTBMxO>gHh=YRAfdcK%K=Ufg%8Xhr*ijq}KkA|nQuRJ;{C!Y}aUJ|=L=tnd&G}y5sP2a|=`lx%t z3NsR>aP7J-0=Vdf!G1BmTWD4>A6M~DDY&(QbA=QZ?sibxtv-_YptNznN48m8&cLGb zjIN(Bzlbcym&uvkeFZTKxQp0C`6(s)32Ba>KNpMcSq#>%+2Gas6xWaau#*b0ltFUqv=rl z{>+3VtKqZq)9Nh6r?e9|Avg_u&$hS% zkhVR)Sb`tYRkNWQQ+N*pk2yalS}AkV6G7hvSO1eFl{nN9h&Ibo&N&pcR;zq{W0GM| zTYyex_3gmQaxYbuKEFtI30>fbEqjSlJpFvKN`HA38Xu#)CBdl)O;T7pIC9|v-Ng4kcW$_mEf1t<&^3OtD^Q_Nxe26E1cdE^_7-&8&BlJ z!LH@f$I39hObaTRAF4^daM^MsnK~i$$L6*5FwYsCa^a89A|l%|Z%aqR-K1g11CK;U z$klk>)Srf>6{r@w25x(e+D@DEV-d9!iPl*ZXXxix^2cY;4%%DBKfZ7_x;t>Eo)L6W zekIvMZQ@Q@lEc6s|8TkT@g%>9Bd1-Xy!O>ahAkaGEu+tb*HA9g#QGUQ3@d4ao|+Bb z#tVm+J#M~{bW(uO`-A4&eCP_uNWJpDJ@c2zMlExs*<}TXTa!SSu$?mfQ-`cG?fF^_ zJ7lpkx853KH}ksNy6*3av}1{n<&$1@am6VJB6nk&E`6yg&uo(N*l%XLq}n%iB04b7 zCaFPZUQPLQ3r|<5=hw79phX%JyK$O|Vd7F75^3iRqymu=@XC9vzO8y&O9EBsm;{;A zzl=$&4SxOwQb}X`#tM&rnI^V)Z2UXxb+h63YC*dSH(+$Acepr2{h`0I=~0yY)}2sT zk%cY0T}EU-J9}eU+d+L0k2eE(`i}ok$wUM96a}AtQB$NF71umMF^a_@=x21M%zF4a zl1Y3$jY2tfuYUpfJ%?wMju6~3dpCKoNs-(00RZ&-z0efTD`e5U0PG3-M6;fTalAz^ zRm6tqqrZjPz?K3QK?E0RfP~WszKvy=G3ac$f8yx;)o5}wigg*mh6if+k1vTz+cEzo znf_jB;#yfPRn&d6uli<+_!LIi!*+BYlKNrI@O1k!d;oTj%+l4e3^Tg>i1SB;VFa!JpX(7kzt$s)Tbe8~I(?UlpUee- z53F2oI^n_=X0G7P^feCMtJ4%@XmN4}HesN7I~g8W|3U^QXyk5Q?P^|TjU>lY*G>FB zbAihH573&=kqY%i|BbW8#R+NU!dAj)zo74P3f4Ypo0uYrMi5^l^6&}P3V7m}37PC* zT(>2T;YBA|b6X*adg%85IULbVNapZcsi`Y%((6wJH3M4(h?jUP=6Y^yyQ*fc%CLbN z#X>rje5_;AQ6pXrEB6xgnw>Gx_8P60vt_>JCaU3XI9DRwU4ielZMf??`>xc@Q6C&e z)(|nSA4FBm9_B3xuj>JpY^M*WMLp{D@GP8xuF95`0FZrD&F82{1MccdZC0O}!V0m( z?0_=aP3V#M@LK`m9G^v&`V^K2U1xII^8~(5;CDEz-`67|v&*R?tePQ=rBbV>$^3*L zCU8V`Za3h~4!M-7ytp$KMvK~&$v>}4x1%!O8wr-e%MqQ;l}t8&ykhBBgE5Qkh)5Hv z;XT{HWwNz1AANnj1_O0d@7^vZ1%K)sLRHu*44{f_o}tq6TMIr z^UwL)goJRH+XGk+j9T-y;>?^r=tA+QN6mcg0uQ*Ehtq00%m(AGF# zjLnl-;6`n`O#`>>j`&Xx{rSd|oQ+A#(s-XEfxa|#+n_{{x!Aqa*z5>K2H(EpNP@SO zX4O{~ZlL-^I{Rj?@bg5P>Uc^gSd*k?o6kS*zWTG|JJ@p%8~KFyo1%OW%fWb)M!V z{J?23l7Nm#5O~Yr&5Zn0$w|!<`=3fqJM7AM$G^9nwA}Riv0@R5hZ!y;muTKSqoyV4 zhn2oy-NTEGvoMBnPJb^(?c7V`g}kIgege* z#A8EuwXj9!T3hjH3!8rH;wZq!h)@sdBw94*CDkd{awWz8qW*Mj^NrE*wR^2lGn&I5 zp6hsL={yc`?v7c~!X}l`#^0WzQmr1Ur5EjEh}961n&#BUA3L=@M@ z*wcUW6VuBNy|0uD>*QoX1;%oz5IfCUR?Xy6FTBVVV+nETB2?uC?!?-tu(ut?5#ZPC zL#AH(a4aWEbg7wV#z(togd!>9$bwZ zY^3CNo=pgbhc-c*Pr3tYo931U$z7sz_!hB?k0G}VrS&mz(MaN@j&NC(53PoMDV~Gi zd48u4>_(bcJ8vs=AbFv;&H6D5_Ag0K4cZ~$9j29&H)%1iIRL1JDLHd`5Fm;b-?I>* z^VVw@U_p2avNQEVrBFvu(sJi=o^KyNMTzFX=nACg$jW#p@C^=Sfy zWM%$bn;1GU?+EVt*R=`bzp{U-7*5V#Eq>4uLjkOV2C!so!SpNQm(bRQC)36Fo2-KA zsP1#j1~>B-0spby_t)VVZ~sAo|2_75X7ycwg(WBB_vTcG{P*@h&)InUk1>n?=|x}t zo>zns`QNc$M|Iqv@a8f?m@5T6O|It?5V{9w$@>}ihDsM{7~L{+G^o_$IrN60$o)1o zA(X;y`QxQkfO$OnX8kPDVC6%nzyygSW~zJXsLwuC(>(gfb~_?7bZTNfD;#{yxA2zz z(uU-+s>I+N`aj>i`3~OEE?7$97tist>3|@E`gsKqmcgI#j{BozD;%YEG<+=(qpa(N z_@^XqBJ0tsl5<|zjvn0x@TnfUsPo)ii#N@Y!^v^k{P~^R9g4?%DZgOeo)t_XA=FgG zsx0DO?Mztzi>YFX|G!pq`iH41;wL-eIs2Apb`5FXU#|gcfaY6##&y|NmOa|32#nHE zIw5rAY1f46H#EG<0c+q>E}hhXj}Z!6chB7z=?K~`hy^LQ4hoeZfiB09UlP+H0oW^j7L9nlCw66f%&Z)?Pe)Nul`7TuL8}G(>pKoX2pzR;d8%Mi=_EJ z257NKaGGeTEtc~=1bU`M&f)*JWECs@6kt+YsZ2X@;}2!^oL>N76peY%Y`dedSer5@ z|0Q`#&I{P!JdDn+;G)~XiC7XSSs=QL3F#eZe{Tz)Z~HM0CxMGwvHNp5nC?x)inT|~ zGK-TW_&6B623+UUd1r+dQ7@;tf#>>_YNh#1H1jmUESc={)^`2H4X!H^V8e$0)eiS+ z`2G-g_nV!oQS|Eq*PRS9({~0+UI2D&Fn^(iDDjy6WFvpyO$Jhjh==)Sc{lOe9BCek zAP0*h=@T7#oC24egF>u>_J!V?(m3P&^S}a&s=Ig5{pH{oDQv{!2jdy%6CfJ_yg{JsjpvhT@Tg718u#92USsdDtQD|VfXuv$8(;lz26!elgr>M zwQnaDGN7Lp`5fG@sK=r}%Dz!oQIX{%hCJM**0$*H%EEAb^ zn(ak&nzl#VpCk8-KEYri!(-`J5)660m zlGSALO`c8omeaq`Xb^7)3*#=3A@=!rwPgi^^%`{AwDGy}=!y-c2Fm9deK0oo=d9v~ zK4|rC94*r^Rh1w!Zd}}dVfN0T7DpFjWWEPi!?X>bS zy6zj6j8f=~fbr>bEt4edaK30Qr>%J~9Yxc~?D4M_p31+9tOGkz;eStKJ!vA&?0g`w zFp@rICw?t$AF*rjs*!&bEfe+|Rq+A)o|qPZ#X6bR*p*(%sV1Jv0Lh@eSym>weZ+&-=aG_Wk(yGdQv_!vzf2 zc^&7zA356L9fxv%IDPa1$LmFnmzMXg6HxnpAjN0tYP`u6 zD*(kS;tYkX!562fqP_IUNIj*fiDt2TnI1FcarGYzNk5SDMv)J%;A}Ua2>VE1&}Tkj z{KcgAwfe6_D+O<`Pu5YXbpQQOuDu@s4hf-$a-M6&gA-*LG-2B8f zAq%(h{diw0rgQoIk!P%_{{c5Dkvj?xmr%;Tbl{if^~rrzIhv?=X0P@a;$n#F#<^|&gy z16lU_e1r?&G5>uInC6Amo&0GK37bAuF$kkUHrSN%XP(tEy=?V@VSgvlmDngDFC-B? z&b?d_^O(w8)qZ-1;794!)G)2lym8ht=X+C@vC@wEQz3NC>6B-UGebLk&t&dd!hP)h z1nJ3L)z>V-_Ne3QM)4!HKW%)>X}9Rp;YV`3dCK>}56^nZxHWK7UOy3`r+PRL?!NSq zEMaH?YX@wRoFuu9pww5|g@qp*i?58^!>R1Hfh2uXFp+X!h=Y{czwQrW0U?a+6PGAsobHkr^!m|QSgOiq(OW&k^$)HBo=e{2uU~a zkv!ULKim76b^X;;JDyA;6oF%hp@og*`j_l@HpRmWTTDRKf}Q*GlvbclR+~bqDR|$L zvL&qy%6(<~=|Xy?FGX>YmngGq4*{kz@ZZsuhdDyRgh%1KrJ_C*&f`#dsX2}XUL1{y z4Qx$F&Us58F&iJ2Q%5S#{f0fFkho_b(VjmH#CO48&n|ZmdU)uT{^e4byoVhY7*KD{ z?=#6-^KJK^Q!Wq|I$WqX1kx4qitaq+1!8*XHp7Lry`Ov@NEZ(}((RpbxETpBghi&@ zTKIC2>Bzo@%qU{6{VnAR8@2zHa?$2uZg3eV@+Cj$PZ&DLD3R5xS+-+Vn(4D!PW}3S zhk=^Rn>ohqZ+)RWJ0r^y5CTX(fd|p{QrRKUPZQASwt8M`JY#3N7HWKT;*aKafW)xA zMsMw|$gN_(sxsOy$+}2J1dD*66RZmOJZo-02KKaGOwAv!e_lakS0pkRTW2!Pfs)2o zKwcosS5FLR6N%gNI34T1jgxFk*yHZ53=GrbGj!nC$8tJgsUx zl$sjddXKQ2z(=>E0tNb0BGob}?s4 z`oB@}MF&hTrH`_5z8XMWd&34$fo-gk?E+o;qhQGwwf%)O#%GwoslE=8WSG5rit!aW zR}*K4MeI)hgR!)P-cmKm$#<5 z`#Jjr`)mAjZWR^zTW*-$tEVX+l+<^v21Brx}CdR~h&cUC` z&fLC;M(2Mw;%1ZL745rPneJwDPJRp5HKZYO4rtJjs=w3B!X0Bx?wcSmCFfI%-kPDk z#4I)4=Yc5}`7Dd}yf{w$s5E>oOU}9JP7B*<@mrKpvJv&F(l#gFf>9ed_+E%*M zYQ|*X1l!jYj;t+jdANNKLJ=an8uQHI^*8sYsL?C$KU~zqCyiGcaT05DIkrC~d~TvN zG@Prt_~Fa@a32IISevRAN5)8YHw>Ha)$Qbj+k+b7QN7P%5>+64jH8oGFeBQq6(Z?| z*(qLYB2L)xcuYEEeHZJ7klMFlV5I}zvQaIGe_^AB9?1`uO8qIcQnJJ>1JcA(XFw=J zTw>Mjibx%LkisDB1W%KJWzgK|9x3r4gZ^byG7Jm;qrm>}3->B^;0E;VV9uloe4ECF zdUcye_u6`KAoY_Mthf%Fs=7}i|4n96z!A?kU(+Unaf_E=6dBR0BdTdQwnQSgiEUt9`@Iwi`*-{KZGJT)*R9vp{xiRt z@znIbS@-ko#**&mS2!^$wTI(V*0=c7gV&>RK;Z32)$XLaPo?l-MfAa_z0g(%9^dPL zU#XR%av;PpEha~FuRR72#o2ze_Z*bDZ}wboDNB@RRTks%&Ok~VH96hcry%h0ed$B^ zCgfVEZ2SSD&~Hw@bT{5RE7YWM?^Zc+(}*Aal%8`@)=V0LOlqF4nmPWKU5!v#$($B5 z|4=wbhI+uAe7djK_VCQ?T&sYGq&85nL>xCP%Z+jsAKDHWO*ohjLm?52z-tKCVkP#X~yyDXClDeM@#Il%p7HlPA)`WtKbh+RCX>8H9_msSkt^ zkR^hk@lMc|vUz%k*Hd24-uIZUgpg%OV{26Yc)Q@^<}sVeE;b&Fwi$nLS_!)PIu%_z z?kPz~?^QYT6-%Z>6EpH*jduddy5$XBm92-2^P8eiNx}ctfli#R`0;NE7OH*ZV%j3@ zi#rTY8Ct}_J~8o_C9&G8;rUg3ca4RzNQ!C8{c0RIc+mkj&xhVy>=&l(EzxyCYE7Dro5{UCP!X;H9FKL@8l zFZV`2HilwM^~Y5EwPYA!eOmijqF_Ez{UwgI*0B;5{8;H!{#dm86L5vhe+3oX!yeAs z^A4}T6^@=^jN_W3`H|>Dq7XX4rb;A^^~`9%XyzK1q$Z=SS}Td8;pOkd)s`^0v0BNJ z9+N5iRK$;#vyP)w5aTCpWhE*WdNDbY#l4t)SDIyt;%2kZqOt7dB6QUn|4HmBV=InQ z9cR*Vh3nsPtXj*N6@nO`lk~ly`ma5@%V%nECAwds_5<}DXG*w! zl#+v8V#DVolM3Za;L($*cN12*?Zn%%wYd-lmAL!%`ea02Q;wd@O?u;cBHKM7c`*YI z2c?uXYeQ6!xt9!>dk?CE7|?(>zwMKm$z572)qu!})!Lm3O?u{6wQ?5ClF8Vfbe!Cq zJSPaBaVf_JaH{-n0joU(u$ss~1HL?yNiv7}sN7-hO3(vCVZF-2bD$ZRzQU@7WPvP1 zlrX%whb^|T_IFJ>@_>xJFpoW@S#G^v0tpAAAjETp)@8Z5A4G_(3ykIE7T$<=f-m~q z82zGaa5z*)LJ=>cont3IP2lquWo`XYeY5th+xh&EK$KK?hWU)ZUgFUc+?%9nQ>aY#hPi2N`9qV#)r zQFZdpWFG-Rm9|kk4cVmw(fi%D*Gc*TJRCa*Di}K#?@4-|o*Uyfv{}@sI{gXca zWA^+HE^;L7rJ-}ZrxI9(0VRq`PM#6AJfGP|5Rorym(${~Xyo}&CjLqbR8 zZG59%EWl)<>Hq~i0(3|w_fEyC1{E3x6!LcFVjs4bQheY%Hti!YPZzdyB?BjY%7~}B z^n|PXD5?S$N3*U;0CU;%107ON@z_7>?WS|i713<`eOZx>Uy(u;f11DHDu|ReNd|r; zYuog9XGMKXRbj2Uu!kwcPB{a>b4>7EV$6PiOgK6Sf@^`bMy_G|+F)aprCh<{0Lg=1 z2cAnJ9X9T9? zo?`D*(-nBoc<~{q3)%~|DFxi9*4e%&GMumTj4lzF+5OsNM34VQ>Am&gyHTQIzssS} zQ5BQv?2a|>FXpc>kdK8 zq&p3TIYXK$8n26pet}w|F{fqKGp+-1om#EwfT!5N_Ln%Qr`G*J<50UR^p^sRV(Eng z46pSO6ETEqWvk0zrRZ-=V6y@gZG5v**Z2wv@C*fGz^c9=DDf|;*NlF4k9qd1p`slY zZ#9ALz@1z6fv zY4CCdf|4)tUqn}|;5ZZKAKSdjpzbJ%e6{H!`{CQ_{IYl&Ft!vS~Lf^qVyl`G2_+jzdf zUHYCH4QEQ(hJ@Ie)a8bLc}>>4#BiVu#v$38c!$kosSHbK-0I!T1ZOtfdM}A$l6r5P zKW!4*mJ^)Uho5e8>>`(7jU;97FSx5Gj8aw2N~>1`YoS(9o(7DE)%LS8pe)>&_uBgV zk>TRKcPatzzt@MgkE76mmTx$#u1QAgmcN>Z`AIusD9bYR8q1V;#+HSQKlD< z(t}s7%&SWh-Kfo<#m;+1+J&gOcNYkc-Aqx%HJn}_?)*)Cen-lg#;f0sfSGQz`k}a3op9JgI>Ha; zOi9$(+GyaTP%7DPVAYB;D8@|_Jd-@b<* z4_ku8SUaeRWPdB@SM)Shq3r}Z%ObHL1kTnCJjqmiUtwU-J&U3G0iMO}BE;!T#F`Mp z=$XhSh`IA~V|n7q)DLQW#QzJq-f#Gn$}DT6!hIa<1F)29DKoFZtB=}>&y$JI+Mh|W zrngc|F^zF^#SGrbiZ^yB#&{r4l;psM{y=JigilEK$V!{WnBI`u1<%V<4&L`lw;62w zZR4mPiSxXLlr~R(>#lY1Oegc`fXa#?vZFTgT@xibx2Y@fsYkVfIidaGly%W{vP}OG zpjzc@Ik?ztPWhK;X;!yeK>kwO(Up^e(Oux9O9hf8*s{n484@k=h83#J z&0#aL=O|5$6YCo2yq!(5X6A*c{xIp;>SG-~h)hfkq-^1;qVkC0NGJzyYwhKgoz9Nyz=KViv^VJPq9z%_=? zS_zy2O@8R6OJbc<8s&pN8E^EXf*)Fff1e=vX=Bl;C2g#cqt{x5cvrptQ-CBZkENPM zI2T^Im?lMk-{R-_d$oF^l#jpA-2nUj$ohqNte}I*e9Y`@4~N$7yql(`n-ld^$Abe5 zsQukQR_Ll_5aKTlxKyZ(a)(QuQw4!W{r@jnsp|D!I4ZH8D&tGTvv#-HUO9qDM%BJH zs*0-kvon`>0;}`jDaWNL@y}`FS#ep|Sa>)3`?^9~u~E3}K~#evWgldMzB*^aw{57_ zv3|(|*Oc2rAMD;+H#}sfZp%_@foe37{%|NbI;zk9)41_43FWR=8Ru@y2GO{}#KuIf zWtm${(u*``t?=6&*aJ!lhDG}q8#`Wwjs!Q9~hK>gk{IaXFW)VCvSl;2;|p3l3f0K6VJ#p;sb?}nG? zi#Bf)KLfbk-FZFS_7_s>vU6J^P4-g5L2Qb0Xj6t#>yJd~mBl|*?ACsJhb|w%;J>;BnIMv_pqAW>XWfgk2KviD~rh z7~++3$WA?6nS74EoncY4YoWk!AbJxgS^Yztv^e&2D#_PL7?8%wjARC&U)`9Tmrhj1 zoe}sI{>h^^?If$<+5|7rHMxe&;6*>bmXZczcEJG|z|#rD)xUvLbd93Fm+$u5z{_`M z1pK!t@+RQwaMq&4)(?Nk^@NF*F82PH0TZ&d*>AkmDlK0Xsl~J2Z7hvWnr-|~Lm>6| zpj}RBW>!U_*YV&CVHiaF9IorjV$F_#6F7gh>Tx5*{%m=wZ>hPd-0kiqEr%yd8U84^ zqqMJ^D8_kYav^|450aGAV8KJsYnl>w+oT~z>hq$0jxjGaUv5sh_h@e5KW9t2IK*J4 z{r{ z%>AyLO}n?rC2!%~M1~ERQh^6Ol#+?F}x z>!WJ$p~UFQHURDUMN@}f?6B!3Rio2>`^xxO^&K+Pv}H4%v4Sy%9?ai+cpZJ($$QeH z$8W2jaz$@c5%9o?V?^#!)JH?*&%QmLmYN(ZT(=xnHeAPdi&5>{B{`|H;FSp~-mz^i zEVZgQQlBRA)_ zZY^E3w@okz7T&6?&u@A0ebJeg4V7+_o|FOljA@CQccjnKgjX5(omwaaGT+)Q-33pa zUaHMU;1ZGQfet3_q%A zr?_PjaLGh4{h#0{oKoe!aNbbjJTM&3q`0YlqRtHmjwts3IHT1%Y79fHRK_rNTzXu- ztw_&MlGB`U%SQc-nQ+4@1N}MJeuty#;c%3!sh{cGw#Vkl!IR;)pO|U{yL@pU^KeTg zr&j7%*F;KnFhUaFFZQvWk$Syx@SleFBg0QsbG256(SI-76>WW5z1vH99H0MYxe_gt z=lBT&8=;mSq_o2g%I2_?0G+yOyit7(o6#(L2XGwvwuJgAoDDtbwD+x=8RsG(xAY#? z=14oC6JJi(PNF`H_k@hLioPteTwL?(k?sn1o7LWljB65}o=efvQK*J*V@)Z9F>w7u zz0=Dh)k{-YM8488aCj#<@x_971netZUEeitD2KYA*Z2|1oIAeUoKNA}oTB-$UUQko z%ensAUvrVEy9)bmUcXg785jPneB$ra5&W%N_a6M3cF#@5B>v`)jETXfOIZJB z?~|jy5xFB{C=Flds&wWrMc-wSua?fTqI~v9%Wr&Cby;KrPbHj>Y6$`9irtUp;SgFz z6R#k@P{Z9TQ1pfI{*{eVV37tgZA6;RD`T`JF3rK0HkJNf{Iu_cakI?#kkt1%*ha-v zw21x9T^9~iz-Ulu;mDfrp}j#KkMm*tRoQ?Aff|)@mT+>TjBe7df;LXTiZ9A$*prPz zi@rfP5+(P*n4~}^*K#NOXu%s?$=^=I-a*N!-}@-1GX}wghe-=e6hb5TN2zYV+dkY) zVgI}tmu%0_bdYvn@l2!_pFqp<`=zZnD^(nFHPf>oVTJ))F`m)jKf1 zANq9m((@j=A`ZdIyLy7aCnsYrFIfn$j^Eb_lhqgIy!un6E(v<4E3$Jtj^8R@-WW<( zRM~+xd-~wacv}IU@w0e|B?JI`HHu>ma_?9p1W6GxfDwKvGx}`7m z?0GvBwBg>Gn+ay^kL#1;u>L;pZLFn&jLp&UpLvk#Kfk*E& z)r}4Onm0+(2`_jdI9Df0wzP$bSE%pc(?opr2xP@Ns$)!NiQeTd$6M*yzO?$&;*?m@ z?({y1WF&09 zRB`%1gra))AX{cl>=0(GCI79lbf57Mc*pI7WDtkt*D_4eR@$(-)34!hZLTs{XA@jM zCfe70QhD+i$Hn$2pMk^M&NO-Sk;vCc!~hEf6+UQJYZ=x>y)C#af&hLB(9jk~e2mw( z#jS!@n1Zd-PV81cq4^TtL)5)S?;)(CL{C7&ygVPiCO^2z(!?raj~p;_iAwKcWDj(P z=VPk~)kR{OAwq}P&|?jAffFA#a#)iavS%;*>A$@ zvLunY8xNYq1KT7SY428jCpz;3t@~l%Nci*5=r3Tq2RrAI1w57OMb zZj}J(=T+t18GaKvuu!_raF@i4u!RT_Hs#zljwmzkST2qL+|Xh}l7NP7{kk>wkL0*K zDmD)NJ0%#NA6*BOUQe8ECI=0%B-dtHo=|OUlrpUio0Tp5jkwBuFgq~l+$y&WlIi_) zoeen-vwm=Jm#r*}BKx^<>&FG&yWW8&a>tEr&UlZjmp0@>m3*;Rl>6Jznx}>w7~Q|% zdRL6@I((^;bGc_LHn3-M^BGqp!KCc0%y3 z`1*^(Li%cZYa*n441aL=+y9N*9}g`xOwb7;!E!Ux^KrFaHta$3&STw_on<`?r3sjS zXx@=K6U!(7Vl$iq1E6u8ZJ|#g80aL_;d`^h76~mLj#acJl$)39m~0^y;;Bxqnp++E z?*N(_!(&wH>JKhH^gxcgyZgYtG}GvfCH72iRrV)8*i@6R!5(F$2W4xjl>m=^+RvJ_ zY*D>+?u&Rd)Adb&c6z;QyfR2(7j!NW*y@puX(i;qW}2+U0V@GTX{udZg=?%GYGJr} z#SQN8Fk@Xt)`rcib7XA2=^>Ex@LH;5(<{E@D%+m?u}jKXyugLG9Ai1xc;GjU4XLtT z%QTK_Ns{w|Ijqj?h1Jm34%l}~Kn-lQR|ugsjyf_YaWCN)5zWJ3D((!8uj9u-{0waq zL#h35j(bdrT~!$7-5xo#XS* zPjV7D@y5F?0YOD#fIOirx8O6>#(r$~J8T3VNq-E{RG)SGR^NveEpU(cB(H0ZQFds{QF1_&Xs3 z6K%Q@S0*ENTRS3%kST>7V>?3C67M^#V7soP;f+)*Mj)+r*pf-vteO{b_KCIg?zH28 zp?xE`co^36bu_vPV;oaU7PK5V$+o}0 zbqLZ&PYLReeLv4NDmq>u@mv~Yd*oU+fB01+Zh>WM_>jDzskg*w^C%~}?+w-onz6f! z5Qg%StxOY2*KQm7xEzDyLpS_S_B?S%+tZxiwl?I#$jx*iNyQzb!gD#^%B*w76luV@ zH;bD&I8|YI6AvgIxFJQ7zFI$R^-29L<$F5%V2S3ANLK@|cx2h?*uA-*KXlEX{5EkMhMBG2I6zXA~_qYb_i{JAI!$Br(~+>E`Vuvo?9 zivW=Pm8~E}-1>fnI`Wp zX-wjyqwLF9S0_K7+C?x8)zhd!#htv``g&65G4JWRZHoxRIn`3zYfl^(aOkD=`)-1C z$F6n9lFEAQ4c<%^Z6H3w*&qqeQ`2|m!OrBaOMm(FvoU*Q|baSy& zYvMI;E-7Qrtc4d(9;@>(0TbuEcBga4VHC16vz*Z@GjZh%Y9(jg?+7UP4bItjzaT@m zBTIv&awRUKM%D5S`U7SmoLhuVP^(ztV)}~tXWDX1v537xgXdEO<6)KktUDR!EG3_L z`{Ll=k%g&Tp#lSrv=w{WbZG$0s`7L1*JciI+Ey-k)Wv&ghj{MXZMnN^bI9hE+10LWpK3z~r8u&x;BZ;mCwAdkJ|B23rs1*`zyw_jR zIcmwe5RQFKIxT!DW}OqGTWYGa2ZXm7swT`z8oVIy3uWlYDGK_2n3GO-QBF8RV@$RM z6<%l8CdCcvqDO2vGPJrG^!u_iWyT1YnC8_HSci2dlm`zgsR zmHzJoQ@9)GXbgwB{!qD(y^TxMbWL9$fJ(JY8xz2B-Jen(5r!v$oJEuFxzSIQZJQ1B zXV4zM8{YF&c)l${ls!}EJb^`ZhGWZs*W?Z{3YVzrL54XhqZf~a;y4oBcfY9QpXm%P z0*@TH9sxJwUphXWLi5vVEJU_0hn#Y9HMC(MJH78yDqX)@GQ6my%SCF#Q2+wy)Lotr zjZJnmI7g0GkOy0`GUkE{+}w2TZ-(Pza9a+H?H^s{#a1Ta_Vn5Wz?6plF|b}=-T!=k z|M_8q+G=-}M^OslrcSs?)Apy%47TWIlQPBOkYke`joQx;l-RWkNoAVW(Xa_!TCRa~ zFfo)--2_^2xnLKK`_y7kh)@TCIef!rpy4FVD#mU?3jR73-C1Irqn2&8#IyCj4}Q2$ zVl2>Rm`7eTY&z?{g2)`)?RFxc9l=8u$rJIfnCFBgDH`rdULRqZWe8RSJWJys1$(3KK zW&P7>?NzP$SO3MW+DGH{2(;`)vvl{>R>>RCXHOpS88)&(WU7wm3!-N$SS(DLi}T;D zAdKx-aN%=2AFGfNC9lZT2sk4sn7m(y=2m3#2sC;!`ITnJ5pw#~vh17QOLa`7%VkbVEMSU^KFsg5R|4b4!)- z60Jj!1pJRhi$X3^$f4}Uo*a}>OsHmcn?~=u_sFi~y8!Dox)i*qbS>RoFCeyRG#C}P zw5}sl)j=R4hSypN#-Vcd-68c^pP89&3$jk3{~ckC=Z`j-Q=@t6(hjBYD2vg6LJYNC z8MzAJ&RXWqvKG&E80%|4PC)c4_;k=Z> z^>}9&#N0iM4*fJwxiV<4y+={h3N%E;TpaTlCs6rNU#HV**?WmU$5M7{rARxle`L*- z(R#eT5@Q+U@vOL&cdxZht(&lYbcb8#`t*CMG?c|q!?vh?%O^CUJb;WdclH6~c;-8! zV{v+S2gdplzFF^kR(o?8Q`Y2T6djH<|9%Mvh~y=2-->cTAdhE)#C+9fA0SU>aAo>R zgB6;`b_r`wgG@!qh=Pvc_sgxjUOd*X4n?g}2_T$JTx$X-agBt!3;>E85CE4u;8=Z^ z70;$fiJ~5p{?N32i3@L7vWnHo5~_Eg_8JT|(?L zqg8Vtg5s;%K&ZzF`IRis4}kf1a^@!EN@5#O;B9V2hP7*kF+dlM1GXz!Vg?xvd!p2G3xk-7O(D0Er< z#k7JReYI?YzcxUQ#e5*6kH8vsb+%rQLTTycNI%nvCN=qlPT*QN)``3S%EZ{J5=y7HehgVPwXKge5|O}S=928 zUAc!oJ4_7BMrJrMp52OwH9fU$o!i_QxeeDG`{%AAW@NqJO1*3xCp5Yd1A4P$W8{rw z&ytG{95FBnk?#cg{oIK|eZLTTGp)!I{oIz5Cjz$;*v!_h=-$S3auW&n`Z={py1| z`|s~=u#1D1BgAHCZk_>uu@lQo1plL(_s`R}Py!z3+&l&TT_=JJs=F*Vcdr+!Al>q0 z-g6|s9&+-_+v*7)tt#u^#xX(i+s}adis|QArw+P300^o4KiwGrdRt0}e{e?FdjyJz z;j6{Cc^rhx*d&P&gq^T^W;g%(5?kua+?NWlExtV_mhV8fuEl@-O#jm({J*{5S}OeH zY}dMLSjx+i!sGVq3!I510-Wt&uat!qf8S`ju2|%~F>fFg0K-iX%b=0XR%aay-Pc!} zLQwRZ`^T$TFovx!diZM9K7^TsR^JY+m`KF%q6#ib6hY+3pv+4ZeCJH9D?S#s{rc)V?i`8t1P8|KU zJOs4A29fbvcP?`F+TuK_9-5zyn%BX8nb6{9Q%@E!yXJh*Bhgbhxdwkm>TKh*;v*>U zXW01`=03QuBm)jiy)Io!;opmG7^KV`qx;*o+)8&n*rdbApuFjh3d3FB3Wp|q@U_o& z-E;$BWN(BoMk#F0SPyyywb&a5{xCb{++%7P&b2gDWatw4=_Di8;18B^o<5;BKWRtZ@kr+9-jA;( zLcK1w*$%v#YBuIRG%)O}PV+hL);dCc73b`9p4UD=@Ybz`VNO=fHpJE$nU#SyqFFu0 z8YF42mkA=4V8-7Y>!eNyUPN>wmEQc^ZuQ0AGspGbKooRO@pA6DXR)vZ^*Wy8D}+Q` zu+7EfZAT{At#%S}st&lmZyijN7U8TL;hs*{$c&f}rcU2Kk1y=OGV)AoD!dLcky!+` z>{Y$OGAmQJ5j|X7us_$h@F)ye1;S5s#!avKc13!ocP7rPJ#_u4`;%F&bYqSaE(c^L zJ$~?_ug`PSiZL|Oh(SL!1vQP#%W1SS9ovXzi|B$FkJ7_Iuc8)h&e`FJ60)IjH!Kx8OR5;lx$jlEr&_kOOFB>S`coc}X-Z8aTzbEe@u2Faq8a&;8g2PeEfn(vEk-TFj6VNKdN6e`Cre_mc zt{FGqS$SvKxAX@iDXV4LYl~>T8V!)By2mFw#1r;VHRK`_3<`%UE+IHbQ@>C1k zxNXozz4W%Nkh0UK6iD{@V?L%nNaSWRxxm=TZhR>YW=ZS4DB{GJA@ZirB4AAyK9X#c zj*N1l04`R-C-Kn@oxK}dU0*cmg7nWWmdwujsFYaKk9S|V9-$1m^(u3D>WJ3f54Pxt zO`A{B@{ex;sXgcW7z=K))sZ|1)&2rITT}D^q@&FOPR!4%CY#__s+xC(p+qu-_YV^C zvnmn}>M-bgynxW0Hct;=R%<}uH)sY}^t`S54z4jxT7lHl=9th1nhLTJ&9UY#_qiw( zVfcYVZ*mNI`>5L=J-9pk;S{g-6DqH*qV=m+aUmtsd6Q}EUzkKOzJ-|dwO1F!UQSbz zK4WX1etY+$gv-EKL&D2wMGv!CHDlWVkD;$(r7uidwpqEUo((Nz)&fWw3Ffs{{5LCv zpd)50b=F*HSQq%7Z#DC3z`4Su+n0)-Ut`3A7y)XECkkI2$~E>r(R9;?TIy>vBn&pE zr>|D)M9N-cel(h2iCfs~ckRr0&|S0>*=qcud%Zo9mU};3BWrpdehj=lH$dUzv`i;! zUWYjsE3INX8O0;kSJeri5l9?qOo;uFm_&Pqir3n8~x^UcOf)+*C5ZnnFo;=1!>o_nR_Z94m!|Qs&&n!# zQ&{A=wC^NqBY?HYF2{g0Zh!CHU_~}gl{v>)IL9b$>~#(LXG_+Zk_brl$7|t!Je#iE z2~lbOtvQ$U9mbt#Ub@42>CphR)oQB~Ah2L1iY0EoK)lVQe5OQ^&m^4@-^oWg`GRrO z!$BvHPcu@WZ^ptIswvW*KV`0eJ@vpV!OQE$hBdCL=UbkT8{qfN`Vy9Kus`V)9yaef z)o7hnN5NA|v1sn=1anD;c`$SRAfH}8B8*Ih?pGU_wR-WH;C4a`(6OW#qu*Q%pc4iW zW<-<}c>|s%c#~OM*?5WjOCy*Ca8mcRn? zdTN#Ob?*fL{smV9SPNc2oYtXD&J49xN5idPaJlN$a&cu>)^4K9F8m`9^gY%s!?QR+ z_r(|G*gSd~Zioi&`b;k1MX*S1q zq7OG7J!6U!zWE77D9C(7;}5z$->B{rkGVY^^ZBU^c9Jc0B)a73IG5A literal 0 HcmV?d00001 diff --git a/Workbooks/Images/Preview/indicators-black.png b/Workbooks/Images/Preview/indicators-black.png new file mode 100644 index 0000000000000000000000000000000000000000..572eb26e9240c5ddcbe071d2ec020b716e78f777 GIT binary patch literal 91072 zcmeEtRaBfy@Fxigkl;yhcY?bN7J|FG2X~jj6D&9cw;|Zz?oM#G!5xMH26rb}a_|4{ z^X}8WY@IV_zW#c;yQaFUepS`o;mV3q=x+(%A|N23%Sel>A|SkagMjez35h})s;m?IvmZA!x2nf}&sE;PEpUZEYq;*^o5HNcFeqIbX7MUR+{3(zT z7ghH%JZwkz)tF5?`EzMhSnYu^*PN*?m!Cy!M4qFSJ4W62cJ_t!o4L0HDsV1#MO3#B zX?pUkTyEeWTinwD*zKHn3jSb~zSHX}F|H5Cena&}T>)H>Q_sIr?P6gEajy7t zRn~sJW_wb5BkYsydXCh|nyqlXSa|@`ned*gHN1WR`(9?=pggnrFBJ;@iM>btuN0_8 z%=i3f|A)xGCj9q^fbj1Br~>#WU;B`3Mi`$eqC`{W$w+HDn?|76QJRE!K)&wuTe#>D z-u%?ONC0WpZQlz*UpXe~#x@3p_5dcpFC% zuDrJV-j>Oc#ZYOe7#&NTU#NFr9Rt`k&J5=Lz_~Md9%_F%sMG@AcptsLA=4|PE}Ws~ zq4Gzd|MwZ5=cK0T&35pG`LKNY&202cwGStAR!K}OEwsc=zL0-pZmQu(N$utr2H=ex z!(ZOIg1ZB#f6V}FfOQ~-3DwTmJ&x$p#xB}V3_rVLaa82Fp4yml7HM^@kKYdEN)i6x?`vxD>#qbncklxC7fBxFn&z%KB8bI>ucEHh);o7O)VYG z07u71zt!$emV3^t#owd%W72284-rv451FmIKlq}jAr~pW=6k^P{(lxcA!spxlnubX6cW{8_(aV4OW9xraDP#ODQmuX|`tuMTQ8BF8 z0pPWVLc;&W4!JeE@LC{6HN2%iG%T~^phd4p5q}(Y-YzdDo22gKNe9{fam&r!@BWTz ze-SRUer)Nwz@z%$x_aFn)&eiIC$fg4K{1rTEcqHYf|4Rfb8Emoa(9vX=>5{^^%0lcSO!)NJDm!52pJh0I1=;KPQd+ifiq93dy@)`#+~O{JnO1tYMWM2;+&^XvS;khVe3!eukj`5ohMbnaV_8 z-dnD?Skd0H6qzGl@dCBwhy~kIBxRN}i}>qC(N1VfA2dYvkHPj+F<9Ra72VlExLOQVYDrJ4ZZRITRqlTBKz)5(fzw$wET3QPYtUxl}jMOb-zCE z?EXjO5v#Q_zJeH!Y0!Y@^tj(sVolT@zQ*sdo;qihZ*Ns|&X&|Cn#Mte{5(1f9{^EQ=H! zN2?6EU(M`6mbKaZK8~?3f6bxKb!R;C#OPcU6KE{w-QfxFY{j>tQ1ko)fcQht=sT>D{E>>3>RKH4=@EG3=!*39zfR zLRpT<+T_KA7$#$``LD=4ITG?uHJ-eIE{K-)F)Xc7K8@OX9_If(X6>oYp5^@IK? zJ7`8sK>EM77V%Fdk@Sx8lgHFvQ}5~m5%|}W(lnwc*QCeI&1GRl-gRN{*YW-pCz1N{ zlH5?sXtj4wkF8u=kwWk4Y z$mnHbWqwKhxFrDgd2rT(LTf!i3l6x;IsO*x!)JuhN zbY1RLTh8x^;F6>!ro_3MJ!9(b3TnY_6=3@bUR_10O1^2>7Jo*s>x>+dfQ|L>JRq7( zKCuQ{BGyt(k;M7>zD2a+4Ehkij29vg7qilGFhuV{mh$7nh*nin!01orpaki9d8x0CvzNA~6Ihf^j}vdP0fj z2gs^o!<#fKR34&)XE(A)mq_{vT&|+ktz+K4Gv6BuK=HsbGcZ&ONbF4ecCkCzU&oEw z4M17x6(?M9-Cb@h%Y&r{1+MMqw>ol@yn=gyUB^DRXiLOH&ip-t(tr(L=R|DDm;oY7 z!8vwUx6+9a-+_58kAEDlK4(NvPrEgK$uLN$KG{6(z3kM+i*hY_%Bb7M%g`T~#s2%}#N$HJ zh%y2WmLPkc*ocn~9?_AK6Vt2kGydEgP&W5stqJ!^YZzfST6x2Q45pCdgg~rDS*}NO z)0Ty9{h-}mG_iyl?J|0r`VXc*GTOoHotEVSu@(80kcC3NvBiz}WbarbCKlD~;=Ffq zy+1BxeL_{RD5lJ>y#BauW0Vhp{aep|xn8#uck(0>^GqYhoc4=rE6iNrVBiSjestd#rt2uUW@AC%3`Mlz!c zA^$$Wbo+cHx!Fs0xYpICq9)$ZoGCQ4e#4oR;2% zw`h(0hpA}1g%~oz!`i|R!LV|QSjon@z{p_#^*6F5*5u8(Bm2vaN9sPLkAl{`!jE3N zd{@Za#=N$u_@Dsx)gnUBNF|dR`cG>2W0YCDYZ}+T!Z9%WZo9kcQ?4TNdROZQoVMr> zs?UcW#@Migq5{k10#^5KQ1h`|1MJF*bJidD{%BUx3_ntHZUpCEK(I6YU8u?ay5)E^ zZ$pDUWp)W`u98+I1}V;F!nnIGqA;6+F0zcC4)wc5_*wkNLSVEb*yUgUBA5S-{5`3@ zjO$6Gk7P5Eb&M{8{7E#KuP=*21`o4SsctC?sU=!x-sqTREM&PKRHZCXJVb>NqmZ3f z$^NM5M)%^z`{;3wTU{7RXtU6ealcjvX)uke62bDOypX8I#H)82ULM!nOThcuvz8nK>1V-tP9;(e-XL~1@Q0+0kN z0Z#lm&C<6wHbxa=W99kBY<+9pKK&EVX3CnusN>oM#jo!dELG*vg^qkic=jS#PPK>p z$~GxxK5jY=9>fhbsF*RY?Efe(t>rPxdfWk8cJHyql6loMq2IE^b`tRu#>p`q9*?VeJu!e&~3CC4-g*6NkDfbh7M ze0^5QITS@Yzw~|rPHVWq)rXbK(V8|z9GJq<5;6EW-l@Gxqqm&{keG%uDmd6E%v-iC z{b_05nKIe;8R90SS6dvEjkVNKB%#8hRarS&7?Se+2MIn|`HFnC^5ZyJHIXGD%cm$s zt_gfAqAAWkrmNV#AP#f4=tK{oYYo~THJRx)7Vs}h0Qg``x>jOLr}ZVN(;jCF*CvME zBtdc=OGYjy)SE@h>CXO?rH21b>-_EE#}M@JUYk;Vz}spawVg}cQgv#SpKJGJDP{yx zKwH#K#k3~OurAu4fiQ0FrOh*l_--OxwXMiF=0_CS%>mWbxe{1F(@J{6wWDtv1H9ZG zx0tsc9?RX<90lObc-Jbs2sek}o*D)c+1XiDJJlx!J_O9D>~70v{QZqc#UjN5gtRJ~ ziA_{W*4lzT7gu$M&%nq+p6x4QTF71xTFNeah7!RaGxM_&$k!rL$ZLWL?xxA!$>N4%2bic!VIcKRX@-G1kyCC-Q($K4C%H$~JTK_(884A{s}yppcPlxU)$0$NTX`4Dmo#c9E%zq| z+8C1@`IxE||8t0a9vL5K(p*0_W9k{KCeNk56JBRDxO|xQ8LSWgv!UqS*J79tqtS}6 zt;|m&tKH@1oi7LPJY9=jS&mN;zZ$sVh1gUoRZ5suIpbZWw&$w;4lA});zIr!^z7a} z&+4~w0f2^M-6r`)6RAJN{Z>?4pd}<0Ia-p|H5A(-?SxW<(egWAcEvdRVzQQD(P^!m zbrO?pSt;%k#|L7;AX}H!bI}_Wvc0$I5I=bK_GsUubHRs8lFBxW z_sP>ZuNcgGR>#WH=yaPM)w^#=b=;%fHaZ+$e>mCck_a6!scZa>fd_QB;q zO&JEh%Wrsr0?@|G3KgG2=IrsL_z7iORk&91Pf^`Tjv;f&Vt*1**|OGHK}ltJo9~#$ zZ$6O_;l<@O$<|p4S{I<-9l{l{Ye4}6o{&$&^nTyxW01zcz-xeV< zOg5X9KA4_pasO-(rXFk|fyjO03g4c=BKebbAMg4jj4mz831{zX@0bgv?h6QEWY2kI3~SrB#@R z1v`}nV)ayKK$-s;a4=qN`{3`E%fB@EO7g${5fDDTr2DTM1O)15#{Q%KU-6G5s9z|4 zdrq{w1jktEdD>S$?8N9U*bX!TzxEf>7_g~78)VukRWH;pxw2Eze{~n@Ms>ub1 zw2+*!Hzd$>27XOkKE_p{Y~Q>vEiBb`^iY$FzE7jkxA29M!vwu`l3=IBhjLzt4~RY4 zU*+#mKd553q}0=sJLU#)WuV|+v)H{3(m#mUBY$$26nUa!VB)2MI5<;X@il%_WH&fI zqK@mA;-;CIP)q8~RbeQyfO>pLddZk`ACY?R?vkLLm_fme<3SqbtTwdWNy$a5Et$u( z+Pq6}jZP9{dx&Ik|FqM5rs~W+p9rZt*R|2?6y+ntmCv(AC7h|;+xG61K%$dMd^ArR zog-kM!@np0_O-`clUG^Sw%Avff3~4yy?JZ;jf*RRIF-sZtqW=BuQZF$3R1G@oa#5I zBkfu1P#Ph^BAX?y65UdNMXM-)pl_P&L{J;tJN(SI(ZPA=4kbSzdHnM1lRqQ?&1qia zJxEelUvvf-HkgvIdhG_wDopr!9HIJSY(SlkJN%nKbfW;kS{g*MKG;put!MaNh)B&q zK~leOj^`%^?t~V4nMDaR?>MZTvYE{x|E6e4+PtsdFranVNN5~Ln<6;$R?Z=#h_es* zi@LW&!+uFj#Fh=OR0NbNafAq0&AdiIZr$HT4am?a;9cw%ZNXLbPFsBG+3%N=C8xfB zvgcA)VP(7weN8C@wE!X@m|+r;h|P$^{j6bkB)3MZD|T_TQ}8QL7a7jOK|okkn+IgS zMZOQ0wTR7=)E%}mw)S`(tw~3W05tiIbODRYmX^QU<3A~|XRd5Z0h~1~AgwRg_Cwni zNcT1`cCLqgFbARQUXBy&7ab4l2P(S(?Yl%~&!*$-?} zPLOpQl~85o&Emk3&*ek8rS`m&cGlT7TBid2 z$0vsxp44Zb#57W^_?C--jDU`@Z-b~#uEr7(!vq&Hs4%t`kG($&&qoC5As4wOABHBx zc2yNY;nsF)Bi3wBdhKs^Pvr4!yzk+!OX z(yS{)2C_WXh(rcZGCc98kEeQADyFV{l)WIw?jtEwEDV12rw>EbZS%h1u*`zp?2E;F z*DE%Hd3a~m87JtVLqoJ=@% zPjR;EyLz>sDJmLjO1sj0(sdhc`q zP<4%PHIjv|QL&jLIu3e8N~&G%DX99b#6V0=*0G_Gv6n$p*|U+y@7I1-<5Xp#Hch#5 zJ1A$3yK=gf4irYjJnS(o&Uti@usZo6QsCtVwQ%;1ULi0w#Wr2ixqkoG6(8Ow@3v?- z=CKLTV}+WT>_$XBs8zOXl6B8OruWKKju2x{i3OJN_ccQr}D8$1eR2c_B;}W=C)b zFpIXZ&Ru(#6hka22f|POSm|}nDO)^$SkRP0Y~9D9pg7vci~~BH*q7%)Z*c*lqXk2?sI&cCVS>OxLH>@GeNpb z4OiIhy<&6AA;}tf`I!^km%uMz61lmjnMS3|AyMHEHKTYbcPr4S(f}aTX-3UDn_ssw z+8bWLbfG+`x)K+5ei!>{J1>Tjq|BO76mGib(jG+%JCnECbRFcyEas7H9K!Z3L-cbS zWtniH013oeMWS^|H=5DR>Roxnje5fYu~mb+WP>m_JD?lctS9|3Q_{X9X3 zF7L}jPL^fHfNXe`lATE`ogfh|)r=Yw=DF%%d_Y&Bwq0k#>3iNta4ml}eWj97_pv!@ z5U$bTo+P@8r9Y98(9M5{FKL zg>ex~Pxyh!*JCSK>UT@NcHij-v3qe21*ZmAO^Fi6xb@WetEYMoa0V=L64aA&m(Q+Vech<(7mYLt;6RLL+sbMx^LMf7e!UzL6!=nwW)sJMe+Ey-8kVYhj^osTd2hGbh*XL{9Liv^%wNPq7S&eG>=G zrehX@M;-_zi%t4gB!{V1qK4NWEgE0mLr@zO&~|^K)Gs%uBndtYS$dO@6Sa$y*pQ-8 zKV5LFYMzeErFEotSmEAJb4Dk&Edd7U#bT@pUYvi~&5MkJbrt@8``{~ysa53VHGhPZ z?!U#B|HN};1ond8e~0yob>2_vtHIuoo*)>}skybfMEv>|W&@EjpUkGK5o?ll9D zHG$>iD6Mpk)g&zb{t}GtSpRkAqV04>Yiih`YaX2sF)B22u}NkW(yp?yT*BMyrdpz6 z!Ydyd!yh2PUWwd7d}RIQ=9)7BX5|!q#qO|V z;3uBM!VklKMj-?FZD{=cm<_2y>OO@ac$3ZK1BqE^x-oHf9wi@g46H*M{iX~d!!WF;5K5%9yNCbUy zM5!oOb)D+F@b!7d|F>TY4JSea-Qx1YBF!gDnOt=^(HUEJSIMPWTqR;or`_TpU5sEa zrpV^lvWKyLB%)6;V@0DH!Zr~_Y>8Aq&OSPp75)g)yhnO3jG6Y+cV?4YLy#m-7~XTG zUF9%@*$^`{sq6%GS-Tyv<1Z^duV(NsjQ9Ri@*M*yPXAC?=f;+W%5oV(46^`M2(q<*?Ypp+=t4n49k9Y8!M3ms{#sp4ryS$EvA!dn z5YdP6)$`}gRx8OX;RQo3*H@wNg>yQ3KS`c!?rxrr{N0(>uxRu_{{g2j?QJmC3QnRI z)@yR@?7ukrHqVbpxST|K_+Ji|3-nsR64<{CYl{zAI`d4hIYB!>TRx+f>3IsdSXTru z`s4K0zmFZOjAGQb4Gj;wI)C&G8IIPg7XasLU3PE`O1k~HikrKrKuH|QRKAzs^;%40 zLc?7aC2F9^>ls)0(N1lRK1K`^JINZA{{%!`4g4M#CjUto;0%ytCZZ$vo8C62-dNk_ zJ6K0U$L3|(Rj3*bopfJhd)YFeQ00$FTONa9ko|g)9n*Yw{e{}=g)^-|^n<#1isKrR z>Ug48opOmJtIfYim|Mm&o(;@g54=Hl$t{GOn5u*Wnw^48=;=U``0K@fb}UN`6EYZ) zcCZ;P)9Yn6_C3+j18cM}pGJT{5|Pg-i7cjZ2|Xx}bm*f4_Ce8ivzpEYQDw4q^N?k` zb?>d>%I*|{_4rrThDcuzN$Lp`bsec3L7`?|WjC-3gU@f$*2fwJnO}s0W;vO7YVnrY z^QjRvS*v=W)?UXMwjKnpMQ;q78S#PHMO{P0FH8oOQ96zCjKsL-Oxd0Nlrh~_jwGN# zq1`-LpS``!e!u$3zVaOvvvbMwRnVowMT}wES?$romF&1Q)!2d6_0p~kh3?%KSek5P z;&N$eH;ox9y%oo_(4nxRRK3(ywH53ex60T=4nhc%pYH9KeCvq zqK{YVF3uL*n9gJE=r2mizgmEi=?!`(Had&dH@4@{eHi5K@rw z6DhHw4rz@JBduNgFAVSXH9eEo{*fY6@Y)5)upw*QXPl^YcfCkt)?ZTHKLf&EuE5om zSav_`D%rOGsplg+^MLe4GG=qAB;Ui52rJ}DB5N`Q#Ge8V3hp&?3H08{i_~{3Yio?c zjm*FDbZ8l*C0&e@Yx@?5?qe_h$?8EZiOfC=-F3f`)&JT`(RrjIW*Din82K=+O6v6@ zNyb<0dj{RbE01?xmx?ub6R8suYqxgZ$po1qhnbU)}%oM$CP>mk3^+YBM49l#sxNvX_N z=xN(iB-h?}JpKa^Y?J7%Y7Fu1NP!7$#j@RuJWj5ckO7hGMaHA#=)(&g3KHw%wKvOf z@cU8W1T`{6LInzx7~N^;#H#!OupK-v0)G1=lP@CEl2dmY|ZJM_{XyPdCb*KwZ!Y3+m`b$f=jK%CoOyGltt z=3lhk@wSNLU;4(G1HSo@#HBd+sTg%1<3dR-g`jhyq5ieQadc~Ud(_%qOrlo^5a%_a_IqedU<4XMSasRq?&OubSjy;O`H@Eb>$iO zD5yZ`^_@2rMgG!v+oV=($p&Ja+rwCmDPc76Hi|PYc4G!f@moT?G=!n6w@`;=kb4^B z(2PRA{T5|G&Jo@8ea7SUjrb4r<7S-A9mm&U8IG9!H1CDTW}TElzp=dcxbf#t0i-KB zV%T%FFQJ&*R0yWRtN$g@5fGrSqp1IPDe#rzzX$LBzL9=T?f*xCX2F@S9-B!o9tQJ* z^racQJz0Kfce!9+GOvbz$EF+bl>D_oj>k@9(9X&3yl>h3Np0{XELN+(_V;d8^ks^a z*(047=?>z;-&Fo5|5N98so4-$2WSa)Z|O_h{!gw7{0bLO{Z9Vzp@Z=lCN{BJQIA9c z(Q`;8={#e)eQ88=Ku*vs!@RY#W~r1w1Dd4Shdhu-dlJ4?p0#e9i|O_`OC?;0)VjRj z-1^$H_X5vo8QaVrnk$-2T4A^4!{J-so%5%F1%KjxF?gf}QfxlM?Br%X(wq4A+=KBW zHro$!i7ZbPs0x>VRC%=3loxx7{y?wBVd1H7HHgv@uG7nf`3ML(2&h!)D5 z*C2(E;NQE}`w--XRjUv&W9KxQh!M~rVJK_FDh160@jnvu>!LZQcKcwx(S z2&rc<({Z1>4)2mEY?_5)D8$xbJq5&LIM7E#k|!7CYSO)sdkj6e^~NYXE8G7PACjv= zH37W5&xaMWMyqSCC?Vq#W1Z{lc!lDvEYHkHs5evh){Z$@-&ulD2kJX0Ee3u?8I?Mh zXGtErsqvZ3w226v+zPFhGxxjR;;-)xYI(-y3sg3M3we!brg@nKcU(2v^b&p3f%~jv zijNf+ogyv1KyYN6u+cfqS|>Qs`@|{soi%vr^-d8@rJ&Y?rnB>bpb*BpWM&);PI+$t ze+7E}R}Z&>A}84$wmp1!5iCScOF~8fSng2?IP}Rpn~Z++l}f$!m)n6rR^DQY*ecNU z(TmRR>+3#_KKM=dh)*CI#1c-R7KvOoMLY!KTZEqIh|lnh-6=Q-p?MIuna503dX6Y0 zTD~4uR5nb%HF)oK!k6@Sd2FatZ>7INcQYoJEYNb27zu5f>+z6cO{zHK!2ee9KBf7#shpS>T~+u!*SZOcH{?;Cwcs<~ z2ee?{Q9|Ku0a{4BJyoZl$uT3`F_FW zrKT2g!cWyD%IqHVQ6u5ZD6lWEP!6;m31gU*d*Ha7Z1Gb{s2K%LbM#{1LDb!fF3qa0oSt~z$Y=G-WW-Nvh1Z_ia=!eiIh4x1V0UR?efXEA63Dqzw4hfMEft9 zuM&}yu}G?Qd@hu0I8P$};F+D zgfb0!xS%e0B!1zmc!Z?lDe>CofA}GpO!)PwS)XZ~fnsrvl^oWR`SM_H7d6 zvUyru`q98UN`rcnx@ltrQ*a}pEEyi{Y>0CNKcO5Iq5xp@a=Q-P;g_~Pgr1xVZ^ABH zrAW^x;1W=quvNgu0srXEjF#m@4?WucaXZ9z<5B7^+{<4{dRK-&)pj0_$xD~u%kLIi zeM%eahBelWaIRhPI@xsYy(wS4yxO9i?YQLxE!yuE2K}YigKp0CNheY<>XFK|d3@5m zJMT?{bSt7DI_S@;`Njfc+0g`;tdW$*(XmOtFm{89_yu>_ zHDw~1sRk>s+rQ=wue6 zZgk4B%yzq1GHJcb4C$}Ki zV*&jPJKa7P`7waK2lOdEknr`C*HEt?Jqvd+ga4AzjE59b(H@e$+<`$Z&T zV2;InWS5qlhgDY3=k~acr@$lDrRKL~KEqziHgoFc@L`$iWnvKDt6%QA2<7$a$J$cl zk>@*%f7gb@UwMU-BOi{AL9JMxrM5v$-X*g^4DvEl$n*$DN)=M=I)19Ea7JV1dD9ew zo_9_0AjJFrsK(o_*DuD^nQ&Ubb-T*t;Q$GPDM)VBr+07ciWs&biLYf?>T&Vdmnbz+ z>+pfFbO%qjed&tEjxt2VA-|fRRjoYFxZh;wMKhKjU!9N8xj305BVMFxWCu5sRql9` zF!2nJ_T31sAoU!dp@Q>bX`&o{pBk_wv|*`3oC`lJ;yqWsfSd1mucrw=|BaDe*Cc!I z70Q?rPlz@G8`-O&D&fvm?YfD$iH$Z+HloV@Cq}Cjp3lEnD+Q zye+m@&=5EN=jlWU%os$)i=o#+FCU{5EOWC$TgUWzefW7G;%e}HoCvwmVgktH{Tom^ zSH54lSXEBcTPa_IcWfP}asM2@&1Y|*dSesij&aBz+BRL=af{1m&Sp+AE2FTth}vN~QqJ_{A*MW4 zS3oWS0bHj6*@=tCxWlp>JZ=jvf@^jmQ*$Br55(5-S#3FOF*Kom#tTT}j{@cw=50xi z5{mbXa{XIbre9+de#YpwphFjz6wiCDwArG;%vNmvW_s0ibE=0@&=hysOHhdc z_teIp`z+Be`~+QVxNy^Lhplyi%-p5xItiuaapgzcr2KtH;Bci1k6W2Rl%cx1Ke;ok z75DUx_i_{@2rWWz6SbX(tWmErrI(WL@{2AoOnSe6rfd|XLqaIT_$b@A>*H-il%lRG ze`m@4iUZx z^!USNBRh_%0nh&%mHo5$qX@Z~xkT1j%LY}`g<>S>^IOu1dCW7aRAV!lFh)_#*jKw2 zd*IjJe1dEkRPEXaewSnwTTMncD@CN@&`icW;`ZTt&r?%C5XICTC41w~?H8o3C*1~F#Ohpap!6c zF1nc_naNO+$RfUUVsZg3z!z@Sxp8VZJT8lP)Q(;@s{OdgO)pwKI<(5~J2Tk&{h~a| zP1#w2pZh9l`b#4dqqfC9;}_iyfcYG~={QGTijkO6-NJ5xzRi5=aEN7^NwddDEtvDJ z(No8BID?7_BWr|yHQr;Tmq4oaanF3XO)Jzy<@1M7*^>DR_hcghM*^Xh)$(XcCb&uC zTHbo;a7ST`Cf~HU(n;XyZBAHE{ElwRkZqYS?%Be|48gkxjcVgm;gee z^tQT4L zoViJ;sLU+mTrQy#!n-V-{qEy+Hz{f|y1EPan++4MhoX9+Ix&KfvxJnWyZ!Dn;)~S^ zx43zHxLGKj^bYaeaYU?^;W_&N=cP;W7PLXH9Rv+Lfn0^iV=^<%3Gh`Y0#Uwb#3kRc#41jKxSxPkSV}aLlb~F% zIpZIXSt&{4TOr9N5)SB~qYz0hj5+qvmPmTiH!1sCVC?B9muKe)GnJ$Oq*VBfl~Yz& zA;W#%L28Z78^4yOCBaxMjccaB6BeVG8-b&_&Hw3&rd>1EGGov!LA%d4*Jt+ZE4~KH z8A=nD_mh9?Ciy#4g^yS1R76YRC1dit-)g>>fkwd<`E693Z>ETsC{LWZ0CSrB-crr; zZbn8C?>LW6Wpj>~MAMKXB8JBgH!r0b+ixzrMs1wy@tEYV)R!#1>zBmE#`%N=Dhlec z)@(katst(7XMN1|AE)Dg8JwL%X!^gXd#k9n-tAquLUDKZLUDI1?(SZSyBBu|?rx#D zyF-AM;O_43?$(q3_TK00@8XPcF20+8ZZa6j$V%3FdDooJd}Qx->r~;>Q6jOO_w_*Z zz;;W7msi(j4fC|f+Z^U7gic_ey-#TQ#j8Mnld-C(j@Y$YYP(z9%!qxXyWofvOa8OdhrPsizX#B( zMnh?A$O-;sWflqA_sR^ZNOW6_iufW4*iXhl}70bhV)OT;;U(PfjN2)@IzPVSXt^J? zkMt?E-d(zz3A*JBs1iVilPBRNYes_f>*-5+Whz7XirAJF&xZNnY}=+Fkc+fd3ou$c z-&Wtfp!L2TWU}*l{E4z;1lNM|_(f9WIP41)H(bx~`~oo|U1A7%Gpjf)W1~Ivfx$Aa zZAtCDY6kgcaFKgFwsP-yVp2qUUr02In|o?ySb_34J!%A(c9o_;v&%6D=_$o_5n6KW zwInQq)q}xcGqs_H2;~=%w@Il;x~%m1ny+dXR_g)m7rd5{SP--{`FU(jBfZFX0J`7} z(eX7uFVF$jYvAT$FyBSx#|wAYl<%@kYirR^db8F1SFRE9tos)D!>^fCv5gI~xE*!h zH67PBHc>x$16B8;?vFyIBcXYJdXQ;DFT^3y1px;DrL_5aMlA$^ zPadhE%Ka`H7ab~d96>_51y0)%SOirSvLk>n<|cS`inVWH(4*cLWE#rZR9)DWK|hSY z3=SpHafk|5o)&iJ{<4exDQJ--+n3l*!UDUcZTXw z%ysuNBw57HachIS(zXy*9q%TxzCwqnZ-m+$#>!f-|9&{aU>?rrNZ+ozxUg#2gh$P@ z>2V>>&8HOXx#-7+5hIQ?X+;~z>71cjC`6Kv|WVu(r+6h?q`%IkpMpj9HxJ*wfaC^%f=ki)! z7i?h>CK2`MC1dmhX^>9rV+2vBhCUG`8*dv3K`%xqd*Ut$h|L&iW5HhCOIN|ZY-7bMN5Hw0`Z6meC<)I{#Hxu~B9FKlRdma}d?ohF4t zR(6V;hhKAdJp-x+5R27DCZ>@8=!d*R<`l~MosK^v98$mbY0+l<9`O9icDfagkqx?S z^eEx}9T8f{gf;pCP=E|-jv3Bat37}j`g=N(Z@8fdLZQkS5WQL=I{!DA*ipfOapEtc zqtB+|0G)}K=-OTXU8OxC&hj%NC~d#S_BXU`OMEq#;ifOZLJuj#>ZBcZD8FKp7)HSU zBP?w}U_ikS4J1ic;BcLlW?1W}xMC`guf3<~j+o|%6OzADzVZiDtUCIfm^Cz{YtYIK zbPO^dUBjBUb}b*l&-hZyT&$_*;d4yrTz4U_M2`gwK1x6XyjWTTUNXCv#;cbVfdx#p z(1lv9Q-&kT`g>Xok1=A4<+M>~A$=Soo`k+6amMmG^y#EFn}ySS9p&7NE)0$IQHeEl zwZp1!dNsMnn#c=-#(>mfQ>d-d%ttY*)swjZz~!E4gXd;yQRA+y7zAWyN}yHFw{+P9jB%spBLSCbIk8qS?NZ`bL+ zoS@-&Of&i3x~DnCO8{C9e#GxxWa+bt!B{OIv-?HrQY>eS_(GP|(54OhMJgV_;@k2rRf~*%)Bh<1E=5v)-8?zf0P4UAseE(j&im@!tkY6Pm-Km0 zm{eQ`F{O2D!f!_6csH1aPu&A-U{}?l1Y_{xCN3IIlYD7@^L$G!a0dVUy=|Zp)NVCF zmz%hUgi`t?DJTY3vF8w4PkRo6cP(C6OnCy*Mxgy9g6rbOe;}1J1HPr5?~W3760#)L z2Zp#wdE#FuUszi93RGBeAyt3qLk{$iw#AhJ2!6O{oAPv_*hrLI{EfBbEu({6ir7Jf z2e0MGZ${7)BT-kI4(M#(+Ia3xWOR-#MO_;p|yv~do@!E``4K{LCPzRh4_8bueI+D$B+3-YOWfhNV|{C zs%~bhdh`v&9G{+wX@-+)52(5L!6ST_mW4v0T=l7dV!Vqy8IijWM96|q>{dEYWTsi? z=Aui}+I>i_XGqos&4s0kHbypuLd{=Mah z_dHDsbDkpv45xfE_a}LrU=qG{-*bu&_}U(JO#LGbq2n`t0unh6%q}dRkBb~;uuTJB z=mr7QU=*N%q~$XIHl`>(62yHuf4s$TazcW78<~N=8(I&9pS$PTFQoh`d64!bvXCfR zk<&6+;k$3M{>&bBZ57l$ICDW*>gLt-No1%#Zk9EdIEv?C=!bD=U_N-5fz62dxV!D9 zl;V9GC0icjhBCU5BW;;y zte+BAXwP-u=aN3)KpRd0jX+H1rX{<|b5daO>y$x>@)+kZ-%us;7?Co%BqSoIuy*z^ z)6W~W3-$awo@=|_#*I1gF6nIhbfGLgrm^$nc0FcXIg=#eQbw$=iLK%WohpHif{*k-8rI_WeaY2{{80kawb58h|330Fx$Ajfk#O)~Z8s0WrSX^7L?3U=){Aba)WKytKS58IL1 z=ptokO_@*iQ#Z>Ea~z_j6`C1t`y?v!oU^0x41uUuSxJN!H(?B$z8}H7$KmuBOFY0& zqgIJ*E<>qUWu^hp=6YQ~VtQ70hH?y8aGhy9@G6{TER|t0`sKnj&5Qq(m_8rK5|#%O zxWg)vU7c9#dqXjNZz{5geivACa&hNtCHVJ-Rh2mFaEtmQp0Jj~UJ$G7!s(U4&)k~t zHOtFz(ZiY-zWazZ2mmCb)vwcnFy!6TsI5I5x2oqq*_hYX`@Ki;nKKpMFpo{Y!WCIR z_Bb?T>=-DZaM2paoOJ&!ztLFMsd40$!F4+|*ry#J8u4Fi zl3-NMn0W*W@iJ!~H!$KbglYjIRghXB01rv5SaV5<0X}0S!CE?)b|2xXZ!#WVUOzaY z$PyrFuQgdkkXSe2hs?dkw9nQM5noY!0>4I4unR3>8ad)3b@2~jFCy6Oug9mKAj}=& zh<^|9EUtZs$d5yYHFbdCoXTXbI-6*YDG2)|&Y<*=9tK4S;0u2+%1ltV7f0JXLZppR ztltTK)UVMiQi*BJd;C4(T$w8Jg@*3zyR5aIY|wmpZE2D!Cj|y>^_5kOXKhS5fX?tZ zL0;Q{@~dP)nLpb^H|4gBF<_~>o+=Ko#6v&xXzcEbym=~&XBYe~ zF^)??aFqAnjAI}$Jn7uhB*pm8{_{>cLYFsdJo3W#)d3Vk0EC4moj>MoheuQ+vG+*` zTyA$kcO2l_Y4Md$Lyrq>m#)S4h8h%&_Q|cItT;K+<|eYG-_q-Gemi$KglTIL?}U7D z0abh;fkwFx&=O^e&w(54vK9eIila%1CQX+PS~tw98E(lW-02O-F)-&b<&#xlL%n6G zUd&r2?7YL>Z|~~7AC~>&bSO_nWMq6q-Tu2bx?GDByiC+$I#e?c9?)TDUFb!=dbJBt z)FsX0Cm0iE>IY=O=V3G7*s7Y9#hR?{+f_dvqcagw5Q=qBN+yP!dBc0A=0t_DRXtJC z5zr*Ygbn-~f)*Tj=NA#EX?M#MMOy6;f;mB22VmG+u||A{>(Rn8VCWBfs5DGbL5EF3 zH=cO5=YA1qP|ft?UEHVcjWb{!g&UYCYbPojc@*lTR+&6VA5p>es+@vcfr~o??Ng$r z)2J;O`@47C91vmPpJ|)!-yPU@HE!?v2>QM!I-vT0yQ%Pb7fjT$prRFta?j>?Z>?=Mmyf(*7a2pBPWqA`xlHXXo`9^f)8(QTd6N`cP5l9gyUDdBnpfjJWyAH< zH5Demlw(Vb^M98naHWSOAU~EHe!Q8*J(%;3lf}bDkjO_i4cxUxwDDm2U}Cp(#o_#D8fohB8j_GjiN_e!DsBd0!_`C&y0lXXlrCY)L*vcW{+` zKMXPvyD-7EoQ`%*P2J}7#13c>H3zL+l%miSX#1ELDHIm_*ZyvU4jCBtx)bst+ZSkkPh0 z_B2vdE}ofv@$&KM!K$0PQ$*t=++qy&K;G{j;zEc~X{34tbn5E!=^wqAoN2Z}Vxen6 z@bi30Z|`nz5>Vb%p{GlW=x$eJ|JKa2wIj;YJ^H?Vs(YV@_X_VRjzCk3px49A*NJ=N z9^dlUp{imsOI{E8ss2+vh`&7xWvSg%tHI&Q{&=->96m(=gJR_U+Afl55-#^wb%EEU zv_nU%P<6j98quVmR>vJp_cPg=eLT;vp7>88iwJjhoUUlqA{QpTk5_k=UvjBm`Z~i}cUXKF2V(ITV-kW+FQ3P@lOS zJMARchk{rjLcYvRL&QT_fk=AioziV!H|8=>VJlTK3`h ze8X+;YWpRc8wb~BXbW04{o9x6?!zRwdO1F@slL77@WbcYEArEmM!Qp%B^V{)#IS({UY$}`8QX%RCUJCxbXI{<=A2atGpO2k$^xG2r zCl{ZF;>^=oVk6xwt}wIS_F6A4ug4L50S~9Td;G8^y0}uiL_c@fcB$)#@L$ z&bI6^lACrTo09DNo!@B+@dg=l9{`cj#T@TEcdV7K=j6EKx~Gccq0srUw{n5^RYMEn zSzdeXeKj)lsbIrIe|BDV(}9RBZHMgftK4xtQViz&HYf<%^jchF^W|E`q}3J}crK-J zC{7s4R!X+tTc$C@T$D9TO^>cLZ=cM?w~d4|JHGHw=?PM+@NDldonOHhf1LN)y=Bxl z8_L_(u6n?AI%&$3L&S3=Mk!y;+6{q&4~>Zz9D9j5qeMlbx6#VIw8gxU5BR1NXNohZ$iX+M8qmY{^GSn+c*aPTo~) zj3UC?A1H!t|G|No&pu}ulIcu$hPk9kHi!fAqn|>QnC76C0>R~l$JiN61c#htIoqUS zT9M_Y75&`nGszIIHEb>7jOl+s-jt6#-95Jzmg-xyIMygievawMeZ7vv<>;CUNxT{Q zA~Vm3vFeTj<=G`m^k3fBnRl~l5$%KSV1x1;%>tjidbIJ19>>gUK4^)h*s!~Pw#6ei z9+L5hc9xSDRTS!#F%)gCZsK~0gT6BKTg;rQwmhMOgp)gD&UoAVwC#B#cvruZ z#TpsTee(-gli&>XcN3CbvbQ8w_@?7HQntrh7<8i;Fe*@@YH+ObLG;=-tCAfwK2Wg+ zcdjd!LSIewE;C!Y?T0;K^?M$Q2)deqGS4G5&B{z2Nul1zLy;FA+?76Iv;xPpnx3C# zEETfZqmf5;Bvi0X;>gZfjq?Uo`);^mLn96EOve!Zw9Qso&v-SoMI1xvGGRw%D5#}5 z&VDIPXK;~aI(1Gmx7SC%iD4H53Ak2#WF$#uH%X@JP`IMwd+%Bo`EAjvfb}?Qf=o@C z&c#@xo=b}g9*4$w?z6e@wEoL*gd!pTar{qqR)?c@heL``jrL>RzUi^=FD9MocOg}7 zY=V-($ej%pzI?k;P^ zszYV5%|j{BGZ79E3=%sjV2iO zyi~Sm=1s)qluh%HrowEBTY{Xj;-P{8uT%FLJA^MxWZl0PT%*~#K4wAXIq7Y0rlWqE zmT}S6n(36u8uL1p;+R=@F0Eoni66%L(i=I&HV}Xs;gQEOU-e1r%Z+{&*%p9WA!J%L zw-xSwh4f`hWgg;jgY3502Xa5dCX0G2Xt=TZ`BB6YQ^B$SYlvHHcFJGeonn=0#5pS% z{`hNV@_bz_J{v+{=6ji<@0eXmuQ$QfEYn(Fy4;y=sYcgr#PB3kby`}!W}M$93-n@@ zF}J{Heaz+e@QL_%#gnDMLfg@;KzI0c!X#gNpe8iKAum+<8xNTn|E`{7`4uzmy`0DP zPuDoWj2$oedZl^saJY+s6qvomW+@m_WRBv-I~gULc0uPDwgG$$)mAsjB=LsxGJTf{ zd5ANt%d%KYe+0o{2zAvh%LR4!jenuT8wz$?3Yny_3nnvDPwO67+;)jNWR15YjBpd8 zMO5?XC`WYXOoKYY;~QxSFV=MIWr9n%Wp0z&NVQ|-_go+-(TEJ?;u&%b<}YaE6BFdg zp>r%w^;RImvPAmuu~`A#$Ovq38cJP{_$d`n9%!Pa4ty;1J9yYt*#lj)YZT@eshX~Z zO^oj`zw%r1xrvKb)>NkgM%HoQ%j@iOd~%rZ);7uIR!tAY+YPve>n1mD82JKR>w@I! zJ`dFtiE5#6Pk=vP%gv5vrF1rhVszD^3nHga4Sbz!*Z#Yw8e~$pZ&ogmzgio|Vt?yw zbUg7Tm;r1w9GFxe)|j$h?u>gH zhuTXnik40<WNm=WUoW$z6#?--IHkw$Sd6ywW-ZB=9gbZ@p zs2U(3>jOmG?4?skhL&ps(K*?Wrb(3Bo8l!^p{?WSxb0|QPg~9a+QbhbX3jz#C!F-m z{M|1K=fpTvC2}ne1^S#$Rq-?=H&-JyZ%WBbniFQ})_UYoc%u%^8@>Ppdu^2bNZcG3 z45StrYzVvjt4=F<2j+szfnAKpa75C%4#tiUNDmzO#w=X3{yV+F~W zQ24|-2P+6%ito^v7sKpFZE>Kb1&81s8g${RnPFg}J)-u*``Co*cU^CX`kr$OBVxCV zwb4w9^LR0csRL$&L{l4%DD)@$6)bolW7EgXJQ3je!_>;vZyWjsfv2rn;)UgtC9n+nkgE@Cq6%0wB`fz_ zgz37ID{%nW4vRIwQNm5eIPw4l9FLkdt`cYnf7=#^O(SV-&Om_ALw*Yyl0hrUHSWg@lhf-cWvpCRl)&#ErK2RTz<;L5u-pxx!xsiagUA=Qi3i7 z_3`!q@FfM;U6@%y2c~P2wJ4^55lTf^eii*Z?y>s9G~1LZ1>y?Z0I>ZA9*hgW9~L_- ziVMY+*L};&qR7lvG6!kSM|D4X&PYGC-GMy_SM$sED!SL*+lA2>X%tJiHp2KyGvlWya z1^f5?WJV-9Bx_<9Ro0_ zI-C7MgcA429=NtiC9q~tz*9gr$vKInF#OCYzrDuz#3hw|Y8$=qHPHCBE;Y zYDGrC?Tt@djVlE`EIXH0agLV~PMWaS3)pY7UH!^7*G@Ky{^~^<8w_jS(j>=u8)w1v zpg=S8-`7y#1EZSGr(R;Y@;E%v=2ITZys!o{GFWUtb016WB#RoqE~|hhi46GygrkTH z7ev^dH}04^uKui@-(5bM6AzZ1@okEd(@OWxm8s*ZP1-{!r0w`wR?FOFGBBj7{lHI` zO1h}}lGWj__scse1HaB>luIQuD~B?4uV7drJ8pBMyKG}qx7W0RyGj$c5B8(iXoSTD zIXVA{6iL%*tWna@?l_gr;z->{cniv3V3eHXmh6es_b_AkStL%nGcy*+Qj{o!#g&c8 zemYV2OkH6b)R4Jswf_gLaYw_Z{ItZq(RgpMp6~ zmmzyvN|JIeXIX!MC*TycojYQ-6ZPC-s^71O^Qk~rXMv!!*VLvkQC84=46N1r{kYY& zk}eqe`hX+piQ2-hBYf)9QpVRTt~)yLoFAUamu1%N)VJL2R9OQtGW}xw+sJG#KukK5 z6*pLm4N>-z?~vl!(!@7Z-V@Yu#3;&iboj-E1VvJwZurOIWp&~z)G#(d(T~_vr-kE# zC!L{eNuVQ&_AiHT|7`QhQv;+!^%U{ad%cevo?JSwsJz4hn_F$Ual9mzc|=cn!wC+q zQZqO6m$8t#V^`Y29YP)zBWlu0GWRLzl$iSw6yWDEXflp85dTgT>oz5y)C+I+NJ*Kh zqu8am*jDMyj1~+m@%+6^j7t{Sy_iwTkSHq9&?M6!4PUy%kw7NZ{Fs^=w+U;(7h;h3 z3)l1a_16dCqlHljZ!=35;vCadAb?oPOFVYHA6nbSN1fuip229Lt)1l1fj=kAB$4kL;@^8n;M6G5omB)~?DN2m^B%vP>*rEAfqB1CEH}^a z(PEsQ%ETeh8{(>qTf?7-reE0J9t!;)9!zs^CLNAvD6SJ`3ihMfZH$|uWJOhQo6d4` z@$K-2ACQsUK$UH>p|^PyMA1OA{HTW{qGrb3(f&&!N?nj(Kz23VmowlV3#m)@=+UFo zBuBFO3b*n&A32WN^|&VsrRTf3#T$7HZJZI1 zb$xy?iL4zeChg}~3I1F5Li$5WQTIh@47Jek8nHS8y*e~C1J>roDE@@;{fE#oNI3!7 zqZF1KZX%Qb9gf3U)5KB~Dm>G$L}Mei>3Tsx$e+%4P@TL`?BlYJ$KI=)b zz-wR|lpJmgYNSYlIXE;VQ1j170qQ#kHZ&8MtL)Dl3^M{ENDR!#8!sK{7LkhE82%M- zG`e#WN3g1wzo5#d6^3|COimn7k>~K}EFvZM;Rc9)JTMgfzA7u3M*8Lc^Rm>6Rj4+V z>jiNCJ`Rq!b4RPfk?_MK^skRbh%1Dqs~GRPKP=)aQ;BqVp@XNf-~}{_VeV@qYMwV;2(ea2>C#aGoOZ` z-gwVP0kfMvfA4pT_(*+@9bU9QZ4lmozAd+TU(XIyNww~>bKIdk0L9EDoK*isdi@$0 z|L?dN2)q;b>pxC&kU!ucZgl^7#6{6j2k71O-7jYwN7p(?6xiGSZ~Yra7>iy@oTf!( z@dL4UvvX8={3=M++_|$E{{rBOv*b@9h=f;aoyqJ<1%L;HwWL#BLTc4=t{HR^z zvpn13OY6ubUQee>j`qFf^y%XIE6_f?fUIOn3|~)e#UfAE_v$0{1y&)HR5d0b)8yK? zz}9Ta+XRHQqzFFB`nnQgE;pC!adKz)OlWyc8b8|ZqPe7p2`G}_-LhiyT zt!G7~+%^TJvaFw8|HF*_dvb~?-&4SSSL0D+k13YVxBPA`tD(|i+~E(EJcaEMLonm2 z876T?)Ymw@^h{G*BFZj|mro{hdbC26orF0$U1kXpD6wY2P0Q^E0c-|RZ&VT=-vpoC z8!gs`&BM)aQf8hjFi6+hi_{PjEx6s9m9lwd|4}$)Ss#&?fzro0raL<^KbtLGRl{t)Dr$|hIKUHTqYOeZZP=ddt|m->ENTq7t8Joy}z8tG54!WR|) z?!&f^4!`(<)%^`0Au^-|)o{o66oc13H#)gVGIIFC3GOsvQCFcpt(kHrxh;Y(Es=QL zQ~rRURz#<(-}jsBRx79 z7trAT#$U=qsCU8BNRX}tu_n6QvV{5_^G*mK8#kZmfoHYS0sG$v|5d8sPA&Y84rga| z#T@4S_&ir=Rr4YR98_oY!&h(on-x{Y^;}!C@m2(5iwn6k(b)O+dgo!de>7AbJ^zR8Kg0-OG00lA?@<}M%jc~9w)*Q&L3%FV9R zg%o1vFs_O?Q$j z3Vl(XyAToV;)6mYb@3v|LII$3(E!))brryQ>yIPEpI7bppVjfNBbuZO6bLNt{lN;D z(^;BQmzv!}eMnzfuSVS;IzK4r7C&0aP|3@=hT|~Li9JSur^UxE=|!JqE8mug zk2;=)ZR;R<|FU*R);|+WL6(Jp&a+D@9KQ43dNd%aWt(Pdq7^eoqABV9a=Xa#=(;n0RzRrOgilkeK?*I9Uzi31sIQ~zRmxId3|F+B&oQC*- z{`=uj7V!VHE&gBk%l~07WT7hrw$0h`I_W8 z<}Lv!6p0GOF{7z$QaIwj9iT#YjqC@HShuMh^V+Y6bgjoh$d%weXa1S3PA zCK21)N%Ttr%KYcm%88VB?;OfDwkb>UQ_e1}-Np0cu{BX$*I1&9lIK^3es9VpDPl^?lGtZ6K>T#vy7bluVLHA6OnR^7df-UfN`r1z( zcAKNv=aXVV3JVjtAvw(}H&zCSuE^6CT;KkW!DTKinYFfn+xIwigB*I-a9S>35Bmc_ zHlVRqf5B!Qm&i`2%g&y(kkr%~4{!>iOZz3ZiJ5N4EEYtaiw5`Mo2VrO;H|5rLZn<< zN)XRqX2$;n2{_SsF(E9~VFOaLu6(U1o)Tp6J(Z@-2#XmG;AB7+RcqZd86bHlk){>_ zzwg0Q-$F*L`n(-~aRp5W^|^t2%)YY=)%2A!9TMtl@!HW7gQFNjU+a z^!{67bjjF~IgBGWek9G<+FKhBPzL&zVWY1e_?{@nye-Nz_Tkc*aD4xHbdC410@+IW zd}|G@JT)w*u_)oY25xiFJ+Sn7TIJVvYt$OsW>h^8X3OKnj%^GrXE)pK=~^Cd(^$b{ zGUrfAmkp@%R8&|x@8etGX_;eI!7+2t(PvQdYqrL66h1$M1B-Zv8NEYX>je=B)Us(|JiVDbc%c=hec}+v(9v8 z&9So@uV^{W;W=9#8U7vXcB_RbhE&@z3*)dR*^fykEL2UUgL{ui(%cvKar%4DY;uZ< zU+b<;JHT()ywuwfzzA!vEsGHO-0I2S^C)rs3NIkgrb{56arC&CnzQy;ur0O!)BR~6 z0klq=$uuE24jLo1w{#819z%dkY=D;|%Mf?qtLfnCSzs#7E1qxhqmAqvNa{|7333b2 z9-Vki*dKu z9SK7iuEs;g5>&)hI`5$A#IBy zi`!!KiFF|=dPG})t6gv3WotAz_>pHdU2+j=D1qL+vIwE4BR=awq{I}aA&xw!$Fj=b zi}ZQs^_6928iPPE(R?|>SfEw5+`BjtdG1o0cf?Tf1v^ zx2;Ni)A$>Atlr)q#U29uD3Y=6ry1QAF%{S5`z_Dezae$+=d3>?7a(=qMpW~jl_GQx zdYJ{k^dNbpK80U*ejk`(`mvHx+N3uy;m_kKHYn#G<=DwR7JlO$UaZv+xu-rfz$A*} zNa*8ILau>U{Ly<%K)|?CYJH3K5-MnmyZy%&Fpw^PhR?UIpk`+7i25(E#CfoPqn#y6cJgN|MARm znIKjFD3OG-q8uZVpHNT^@I;}(VmKH{<=n}-(Q|D;1?Gbk0$IGlZs>>&+R@8<=AJZI zY)Hb?(QFvqCG`XXqa2NWoh6`(J{GQx;7jU9kEw0#Zqf{DV0}O52U9RL@J-@OUCP2} zyHEU-SozW_+QyK7-B!>!)i$`6tfJ~V+E4<7FS0gp6P+o#&4#!1D}=Z1ZxA9t}X5}qte*!NK$2WhgMwVJE5AD&2LG24wu)Fvh3 z_U>K`zn9T@Hd2bFHQFh-4QrVe>FhsQH9c{O^Vobl4f7g8%K=D+1W*yklbL9xvJjE9 zA|kC<|CpXw$4f#c7|PlmngyF;Fe=)%LdFaqbp(g*2`}hHokri;Nws>llkXTF+&}ir z8{!1V-@6>?Xol4sQ|JZ1Xqn0lMim)y6SfDV8SX7gAtbPf+H;#svn2FUMIp;S^3t^G zWo%j(uuf{7$!By$(wv1^`(7Z(>KKGKK#1RY(1(_@diCPGWR!TOGUL=-@D*S{iv zdWvrqqfjmmW(HK{xA1f4A+Y@o${9E=eb8D z2x$rtg~1QtubClIB*Tj4t(23I#)0K_9cvw{n-xE&$-tLOh7w2{(T@1LImd?H+VKR( zA@%)y*hS-18kNu(wW-DForoC(+OwV9VzIO*C?e}5`*C{%cN6W95TXpQI_J9Xe+w8U zMjLkZbs6Cjz#3P8qNN7KT7V45iK`TODD@nnx&)5K9#LEVu)owfyN7CmNLvxX5H)(p zsCAA@Nv2AgL6vuSLNQ>|5`T8;un48u6)eGiZ#8%`5p@9jXx_j_y{OkH`N z=V~p8rLH*F?x!&ic&nPYg$WftmFRP|*KmbY>i&r_Xj&~3!!_Swgavx*Sq&6MVFm8qT3xeLP4llR<4Xh2vF+U$V9im^qrP#QA>At=N`s{oI8Xs@?xM@M zW(TnCi)`m*C#^=9a=+^Nr=yYRIu%Ho4*P5|B^^Pyq4^HHk_zIEZMqBNBO+*oZb=K3a7E z_mUEysPDY{!YPe<<#MB;-m#d0>&q--Vx_`2nBSlR4l!MY{fpm*kn^ds=0u634Xg0y z#G-0ZTofy^G+xq+GDrd~ZAbR3<2X}qiW>Eha8B~`j*_3rs1^tVQqZ_ljw^h~*QBW( zID4(IwnclkiL#7_=A7%Wfw{9N&jmRN)~&a};5!X`cWg9c7Pp~H*E-jbsOG>i=x6fX z8mT3-C2oNQkAmElki!6@N`v2Z^jHg!vd5rMKHsLJ(1kV~IV*dlxhuhb1QzBOW=5}1 zXc-?gQyA_tua}4>h{_3|0@}f0bEXQM_^#=LpU_CG$138_0jks>M3}AgPG8)ymZ1Vc zLQa2w7b!YT2;j4oZm_sRQ!G!GETAqC(g}uOwqP8GqjlGsTXusPls8ll1CA@5T|#$5C`a`377OA zR_k)Qw#Xnt-l{w2Nw}%SG7fYPmnfV~6B@+Fgk~4kK@lYZoUFIjpGSG(MkY>_J8M<; z-Rl_8j_0alHH&qL#ZMIIo9mYJzTBQ<5GgeC(~b}2`*8}pBU&}lLJxNa&079H*+Q>{ zfSOgpVlrpS06{rbMog2D{@win@r@DZ@7L@b3(vli)L1&AJ5gu|xnBMw`_|{2{7*XW z9;!&#=MQi@{5EVLy0E*8EnzaW^KFm*7rFK=tUd)+;qZccZ(AXgSPwmtDXTmGFn)&u zRXiftgUj#UIS^~y?v2`_MBE(LE4`9%&Gq@~WUmd8TeUEWe2>_HZHN~bMJx|JP$8Zu zDa+h|i4#wuets+)`+MY!Zgpbbm`S>4%;Zce0mOyAM|-u0|S_5=bEbU{$N zUbsV?%hlzVR9|DMvNq04epBQ2nil47mC?{k@mcnvvb(MEO_SG(3Oul$IfmXouEN|N zu@Smmgnvn)OWi4;y-${OYcPXpe1>J)Wn|@tv>ugwXUZ-mJr-%b^!ldkoZn4iN(NJ0 zv=Mr;H6g^(slA@|X{%4CQxXlP)fhWV&>28_3X+Z^I@vYuYu*A-xLd*eXS4xI1mRmf zz|Hul);U=jL)Cr~!&Wy8T+N&(D%GbJxDgbxbpc1ZEY=EgL;2Ti*H^TMv2S(0)c@=+ z_ws)&<4b**$G+JMR6`N1X~jZUe;6&l+s}7o({Lb!P#8&S+2H|5gO5oKStz9JkOj(s zkEY9T3~GKQGQVkYg1av}PQwE4#yLCsOV^9TsF>I2_qnS{8%!9UWJhOdZi zlO5#q72xfJ_I*xfFR08z`nt9_Aw2uu+JIe9UEbGl?wtpz=+j?i{kIng7`Tm0tT9Aq zef>e?@g#T8fXzUD8PFvZLk!gWB^5Yup$2cjl8F{hNi!JcLjFQS-KE9MA*;y8SpX4MTF?nyD0wu#Df2lhY0tpOABz% zQAmpR%BymV@~=i{WFRpXkj6_c4%2l_S)sA=3Tg^o&f$Xz#OUA`R9-x9jGAhon`-uq znt|--6?dAJn#wlDa>-NRhsWcGdZe2}EL$g%cg$D84(M{lM_szYvj{@s)71SXzrK`1 zgTYC>Km36Y{W?19RWaFeHU~c`B273baH)}C1myA!9zU@c^cm~CN6iR7qMQI%avwy~TKwhkR5vUAm6^v=6JUlkoo zdu|--T2}Mw{S$aDAqQ#b)eI61*sxY-L}FLX`rNbzz%pbgdl>w2j!)zaFFP)@yu--g z8uve&scut2Znk;ZJiPh04lqW;jJSWI0Ezy#+nE-dyI5*ZEXooqO_!J8o1xeoh*zX- zv9K$ySa0Dz%#y`YpiLvsJ5t);*64bjF-z?v`F*CEQzJBx3`+{+o(Q_qtHh)G!M-`7 znRNCap@z%iC@oQSc@b7RuI31?{PXfcwpFTPJj99GHovX( z=%GYKy4-9T`Gc9$qKHvbjA#+OvFEddj-Y+pDd{)(@9Z9ZB09|-LHJCX{j8220*x;P zK{|H2GR}-NPQ0+VRrfshRh=~T$HnYPehcG^v<$4MPIo=sfKC|hP@1oen=j{uSEeV(kh7k0SKLCaYlG54t zmpohwd6NW+>-4APP)-huH{E*A+NF?wp-Ho{juB=##wYKfS>x|cyP91J!_`#M&cs4 zL&fFBknkO@ndvg7F&4to;!u~@6~JDJUQ{P!aL(FX;dN=IJ}uYmOs+w7)49a; zm~Ft6p{vp}WRezBoQ<>jl+B$y+<`xQ-jYn4+(mu6q_A{z`!}yW(_-J6mJ9)1t)p&j z0p;i4Xz6KrS2dpA#UnglYVn|#Gh>=F%IKH|>N1*KVm|%}iE?X57$!iHu%RkTwD{g8 zPkdM1W!SBG+Q6BzC%2>FwVkfC>;->mM)j++#v4ZC3MM5Hn!^J3*r@K0-=%$7fc}Hp zE<-6epNqkEFng8^e%+N>ifK=(>T=a$ds75s2ARz;UaIox>zCknQB<7@e>3WT4%N?~ z5U;g7;6o58{k%<}PIOsW zi2S9|)?0=!a!Pje+QG}vJ=MPIW59mbS**bKK=IjdL!z>FRmB-;6btFsp6HKW6^BWF zoio0SU(fn|O)A0cd}Y>j^!+`K@e+A2>LH5HStNX6E4ZYXrk~yhIa7`Sl5N+utXM1rD z0LF5>xhl6zms2^jUkBRf^tkknsT!ei4h#u=w>Wfhh82c{Nmmx``MW};{25hGdZ;E| z>KrpK_-)yT8S&J9Tq>nE39{q6ebEf8ddeKhH-9$(i7yV{&hs@rUwUxzw?Kay~u!~s%>FT&r`kXm9X+C%S0xw^Lmf`LrC$|jj<5jH5zBm z2j+GyC}`$Y55~4(&-k*NeeV(Za`>Zx+&E~DW*;kB<6NvcYg=8dF=olHC`N!O3V)mS znP`Dcw~0;uqez& z57S;s!Tef0J+-Vmb>3PH#D>Q2TeI9P2*a*gkvkpdG2I#vj&ByS%ze^6Vg=w-s2mG$ zSMM4Wj5e%Heq&y*WHQ0dAL6+4AtIPDLf``$j2o)&LjL1-Bz|pn?Xx^tHmAgVH-0>S zQ26Et{Ai#y4ASf~>Qh--xZ`)tG!mSVS8TTONc>??aH_govQ`|Re%0&RVEa5h^BO^y zC3O5VrOVLjwqU7X-+2&+Yly$`jLYlE4A+f&Lws%I*d!g3wbo46#AAEhb`5+v<0{to zT$gNXUjeGcKEcG)Tpqvs0t4K{_Mn`8zWdgJ3*h=eLR#^wXBXhMSYqH}uX5|(VX5D^^p zhLv1G!`zQ@nw#Bc$7`rBu8CFdgJ0AsX?2(q>P)gk=Vc)N$gBs&Pwt4v!B6M+proj2 zp!T&?(`}kc5*&$Ry>nuV2`#e9>;=Y`Qw#A~e#mgm34JEj$A5lVQ zpDp)xKcoNTn%n?k)+kat^U(4dluA@|{M^6Nit!DFe^w-VDKMA!@UT9s=~e9TMwF;w ztcBj6hx|_i?}oXEV(7%5nJdZvVi`>Nv-8l@BgTuX>y^cnN+@BX6r$6u~Bnna9K zy(z9td_$z=o(!YdX$r&VUQ05mF<^#cE^n;r&QezP)|6eBw;*0IX^IDK$~UWx1vb zT=nM9@l{9)W0FdEI(B!Dm4{1y$6C;~&Y5^yf`)BG4QeVuBWW?7V)Z`LpD|+*1Pj=%uMx+}FGDwJHWpPEbhtf5iw~t3QFaSke zvkclW0IeOOJ(FIJb%FKhY96n=o+GLXHd=kec3NMqXGCsqObzHyUCOL|(>UiwE|Z$0 zmpkZ8d8lvrhAoNvRZ*He){*0zEzgOB7m+_5_Y{Y`-$JvCmt^g@u9Y%8h6F?s;+;49 zZ_c>Zkx}u0QaPhlN#6V1^2^@=ESSrLfgj8F<}tax#U;skdmw53RKcPU=nT~eU96CikS3r>Or zl6*Pmy!YPsU%2DTPZ`PB&))mdwdPuDPKSm0{C)VHbRUSIt>G)0XjL&Q;o4BxlH#b> zRiH?DWw-qRVSE;1g5KwM1RWv8SqhQ1b+*QB?=umd-AWVsQ+S~ABqL^cj+Wsdf4PrK zfbr?Lc*Q4v%IR;Df1#iODe+{dEbg!Zi6*d_s?JX;z5E!Za7vbXUVZ7E3eC3gAzrnn z-)Kw^X^FTbi{G#2_)=Pi+#JV8m4V)W#~V4zY@%C2LcF6H3f<>i8skbMX0(`O8=r@T zAlx}$g?d?^%2cUU+qEB%XfTL5(8MuV(I04qN-TVo@qG^&FzL|l*aGMav<;}FtVU{D zOwNXx<#3wVi$-iDk(-q;;;FFT%02UUA`=Ia7*YJ?dh&Q9&T-$yft*05dSQDlxXGA7 zXz1$X1@iVwLZ)3SXwh+BXlEo_JXE_JdNUvX8&fk{?;cX|I|L@CDj8 zTbvGgCi-~b?j5L^4L6QuTXT=lm4vlqygk}-L?J)*fQeLJe$K!#+-6zf=DNq}Vq(kz z9(6tIdRkFXqwYjWKH3@n%p$}~2uWABRrTwN9d+TEeJQHcPfA_eYz=P2OaD|gKHX|D zktoh(EitD67mkcF0LHY;rM=L0VXingV8fyd5jr_kQ4yLF9+p_}Pu84)(Z)LL!mt6_*4Bda?_<-%>_GQZMg>BsGnx`C9Al z)*@G=TKm&W6oHEkd=&^9KzmB#wuS`3I}iF%E-fdJ&cOC^U;iu7UKpr_^~-~i8QVZQ zo@O5bap%wSPgB~6^VYoa2@yQRo&pe|&U%htxN-+enZ}c1V;F0}8yyyn4Tp~=B^D!y z*LMk9@SMX{Qkj`KMi{1xfg4E3UQE?tL6Jd*{X81E*!M8~o$iM@80g6Z<{9(7O@ke| z*&I2>UjRj1-G~`+98a@pE9U9+9fgr;?kB`>!jV+sskJOC$I;xr3Y-P@Re@2;i3Tnn>1=&eKBvI#Avl8J)bOaEUo`=)mHY*OPmS!Uc<=52K*u(pD}e5GO*PS675MP&op z>+6i)4%lDuk4zzkI>*j*S}R;rQqx^5K#x3=;7VGaYL!$=99C=(&SQr+vG$4V%;}m zdwIF8?m_}HBLaY$#I=l82Za`|*Vy0DPtfn?Eq`dR(+buQ0MQI}UUI2Qke!wydz|ci zN@~xZ>?(w-_-8$xO@2~J8n9WZ0Ij`W!=CXny)uSAvmwqg)lxfq30@aDL^VCdxxXTl zqNS#hg43t}u;rD!NYRoB7t!%+oa=O@A4N}FE_i{1O>aK(RTzI((GqwY+%3eORRL>{ zu55#;XrOdU6d-~P>0VT?wYU@f-qkA)!A+K(^Ud)qipse1WlYqdHIYf&`GUjO%tVkv z+5mPziI$f5XUV-O1p%;D6>UJRI#tqS?f&rZ{q2LZ)?Y8={j}58jO3x{E#Cz@3RTn3 zy@WO={cramGs71Cj(Wb-%N1Mmn}6-C4Oc{z{Aj9h41_{Llb$3SK^eQr<5flC+Y`2v z6G|f&B@5$WY6nnJAab3()X1_RHxg!)71A|EK7Q(?)cd3T5GD;Z;BAe!mC5GzTM`88 z%FP97mH~|_=K0u&+K*}6iY%L(1l~h}V0I!xvY#47k9GQFz=DKg$PkyvCMN+xPWA~8 zvxOT7qoyMr;0*TeWFng zix(uQy#%;TG%)e}qnB?G5An_u!vMIWhw9aU(&U-Ku#aLD_#ibucV%R z`Bc;j=f%q~;$l=muMW{x6r&Zuyew@gReqLMEtD?ARN+k#aXz)LTie2LcB&1Ben*4T zQIXSq|G_`sreW{W5o*_pLB+HqT3h@wVBbCYg-V=YyKhl06$d(pJ{lN=+7=Dw8UTgq z#}p=*WaUI*=nAr`=7qhE_{Ax-Cwmz;z-$T~uSq{2m{UYw>Jh`u1Ew$XY7C~UhvpLk zBjNxdEAH@(I|>|zTT`ZjGLT?mq&BI8iCSnH8+Vg^ds7i{07{|OZ=%GJHrkT!_3}Nxx zvY9D!;L{`FH!&wrRTe(C8ClgP@n|ntE+w4k}BllN?(IC&sN1wd{r6L8;{4 zH#&l_mZ3DK(Hq|ig>)8W*N`nPQ%%5b!;3v*kzWBpMYN5%ja#8jTr}Ml+-k^GduJNtl+|qa;n$rf*$mpW{Rj?aKBdeW!Pou zQ&ncx#WiPs5pmc!P+M_vH2X{LBeEQKk9ir%-MQuMy0KJwoqfA3j@EDmEgFWv7EX8) z_B`7 zt&rH$Epcfp7~!h#CV^~crr8eMI(S-vaZ@8}7yT4KT6#DCXB9d&)R!YiL_!fge{BzL zu(2+0?ye-Yvr_*~J9dnKR5DN$u|2xErJC{SI)!@Dl4#`qOc}3*(meO~?T}Li?3{bH zNo_>l(?TgT`{?kKfIaCeoGwfI`HS`=NL+(Fk-H12@i?oiSp}(kQg;{(QexpafI=tIR41Wnj>IdF%x@XzgH6P+j)Y{oa{t6)YBme1lFyRe@1^2nk zS)H68a_!H3neK-^Bd1a8Z;Q!G#d9OAgnWIs$|~3--i0grl}9U-%e~r5x|lQ~^*jl# zV6MO8Kr3Di(|qs3jxKk&BIo30hLF?y@8P>xX3G;#;cvA-g-;)NIVF6{cIv;$(V%FJ z$nW3%f&5ul9rk#TU&(v-NPnEwPhC?@xy%u!#OXjkeVX7Xa`l*-SJ$D?z@7i@^)kM1 zZxt1?m*G(KFj#YwZ|jeNqvw>=_~Oc?ZZErSN(7!mkyb=ImD%IrRqo3It#wh@ly42p zKS;2|D58gzmjff1wasB5M|gM%dtOE}5R zFdphoNc4R|gR@GHv!Ro!%c;BY_9$DSlKe5J1%pLyH1zy()Apu})c*Z(r_^D_QVlLu z_2lI@;mE6j2TP(0t*#^#H5$P>20O;{Z*>;)bG>)H69oJH3p>W7_Jsm~s2^qWh(aIROc(;2N4%;as-is2N;ez4=K>KSe;?t|9JMV=PteiS#^l!Nl z(^Mva55;zj*zlpS1%cw9XPu(rCNbrcokPyE7Uo^5MhwynzM_$fpUQ^lHyez}T0K?o zEyfO3R=jh)pvGfm&dt2Xayy@INjL;l+i;}eS4?~3pVR;^UvuqEZVdlkw7GllH9hPr z12AOo>I454dGHwH9O3f?4U+m5c84*zuDXA6mXi~BtBt_Zy;Jv9`g}MHOn>Bepg}cs zpCiZ7ppEHU*NSzno5T-WdEAH)$WpO8H!ju(|ivM}!}p2CrAV9Udaq?Sr#b^ZLW%Fgr;k!y29m&g5;&n0Pg6uHDc zfBuWd%q)vclOATPH-Xvpet2$$X#ATx!|gjE8b*YaR{WK6gl=2D7z{>xp$xF7!-G_4 zan{}rrqh^i6GyjQv>RQH+FTnMX_;NFXT3|%E~L&L1{Mh%G=H@kqpd(9IwnG6;AIuZ zg&|w8Usew6WsVU@2#B4)@yL?9%e1FN!=jlv^i2@%CrmBiDKiV);uM*#6lhab9_3tEl`bA|RzQ>~AWke|}C*3u>RW zb0WSLp}rmXf9FCRZY~6nRu;6N=t{l6Z~x8>Y&B!_HyoWLoQw34>u0kZP2&E=C$7Co zFO2yV_ zBBAb(%;`d;jJNhldyk;sY4vY0KQRm4A1<~?&#R}egm7@C0rc~Aq}^{*oQvrP;Uc@Q z!CvCn^ZqJvY%2p;H-C39gp1oB`GOneMmS?E%n3)bwm%24nmJX*euD_)19k6PUS@cH zKfjgd4#;!b5|CxK`D-Eis#S&Ppm4^|)3qo;@UV`Y)X3js`G;BG_Qnw|LQfQ$AqVA?W|IHsM8EBLN@&0Uuu9BR%0queeF$ zmgjw0dZ(+iJDU!|fA4;$4YnncD&8*S%-e&?3Owp~o1t~___cXh=U3BAg&odrXlYef&%e!(ysAt0$By3QZkliF zz#)gQ$SzR??DLx5YYWbc(R0HJ?(gQBhiPaSZ+`IDT9@vy zik3JSa_H{%8@C3_m6e#Zhx-N02_Lqc%)BibN&M!8I^>2II4sz16h9KL6-!W|WdayJ zDJS%qtSD60XI^dx$Yf#b)eCBscSuD_VEPF`P+ptdty~EoI=s-e%8rZQ6|pLe3>0d0 zEeV)EJ>S|yceBB`klDxy&a_v=I`TD0U>{bLJ}(*@HOX5zwoFX`>_>hPPkueWuljQ! zqNj*!&2LndkpZ56Xe%ARWwY+_s4`nc#`dprU<`mMFGhXV{*fu1^I|4s0eUZG!>Qcet$na};&H1@!MT&8JgcO?*IAgVUtY5~OBcz>K7I z`MyBH!2*rQ1{84jOZzJPm2T_aQ{T;tLSTgNbEV>~VSpu-fN8jF0WDZK@Ao z%;__gQD^i~3qT_d8X8EUHgD3VxwQ51TZV$qkBKBr`zi9k*M*#4-uuW3aAJS7y3$d@ z7foihYqtCqGbBVpX`C|1TqNnO$i%(o{9W-!+d<|bYlaC2xn6;EMTuoyB0GVpB$V9l zcVEdSjCq*sJsvjkqkjA{oA|ukiwKP2o9aBG`~H&sjE9auR2yRKF!|~HJjh&Tjk>r@ zJWry1!&O5W2RVaYDn$rOo{NXv8*kCLNxxt93#@n8_ET$$*sC>zP|W}8eBt{i@#Lop z874Kfyr&ASI2zfWJUNv{3a6rjo&I%TUov1TtY|FXgMrvM+W?d>Km0aweMNjSWYDi} zCi#-DNMn%P{PJo|{MzL1YnWJDJT4(=p=`en3-bPi=yeMvl>i3nu{s#Ys_OenCw^C5 zumeQ0kK3Maniujf+Kqv23WOeA*WC==TZ(8gIm~FE`=G39=lkLLP+6mdGN)bpur)phxUVL#a>6Z=TKo)ng_->`x3T0OV0&KWH{aysgXsT!MAWCeWc!|s+ zo#%bspgxIqY7gpHEL7oZ!C7wE-}h-|;zu7A&Js901tf0-*SpAt-WFJh{1Z->-S@W5 zaQzWeZe+ei%-we>#FRxP0kDTEa*zU%&!D}5GOuS5?5yTGRn!*H+0^Ga+hgOt39Dq6 z-lKG%LlIjE_t@4Pcx*&E^&(_C;N+ctA*XW!&Qta4`qdAGkR{{yot z`<-*=@~mkw>yFN)V9P@#LD*G_o6=~3h#kw!vfBixaqb8h5SfjcKc9X{^-#2D2Mieb(+19lnDh*NNNC)93FH(c;t9Hb+L& zpdEI7U!=Oe#||?Bk$`H4f4NF9rO&Hz9zTTJEFaQFiM1|_<#z=b+|ilfe&#ccz6XEc zg3Zd5|;ojMLMj%?2Lsm6JpCnko;78kOMqZbc?3)PKCCs1Mm zhtej0aD^M(x;9gd>y9@G_V*vP?h8uf17r&oks?Da;;wDSm-6;SmH9*GGo7(*J>2)k zonWYL)5Ujx?EqH++itIfTazyKJt|`1#lZ*i0oT1+({JGOL3vRCNIa*!Jxc`&)EeY| zT#BqmS8uC4K{{KG%KGXz;d|#c1j+pl=ut1teAX9d^XL34QuVx--LcTYR5p}uSw6#Y zO?A_F^SOxsWbyWtN0a^IhTmIrv5Mk?>J}vu6r}Wm5B^fA{p5Iy`u^j4f7>o`TJQQi zqlWQ%eg{zHVytSf(fE7m@m^81_H0@?X_MN`xi5X}Gn8!r=-?H@Ol{+6DVEq;3$=fN zA(|>${Gs9tVZZ(uOIBaK_D;n0bK+AquR-3I_KQKG*+t2VlJD;B zTSB|53Lpmfa1~dq>mCGo{KnJsBbTj}y$m_uaQq7o8_|l&I_u1umkzC3ItBM}xf^uA z`s#Jvrt)-3P-FZv>;BA$hEMlbl(tjcQ*~Wlk0u1`+P7CP%r8XTA6@jECkC90pDpb1 zr=dy?=bvUHFJt^l#(e{o0{ZMoUXL7~*ri5r%3HMeXVk374tD}|enlfTZ^KWmgBl^< z?6toJHhxP+b34>1GHJ}#^$J#*iBM!&Uf2swj-}X}*M6}r{Ctr&_4IMT*nP%d8-5~p zca9v;X;$qKkNu+)L+|w}>G@4kB!7ROl$v9baH`oKii<;I^^=#yppd95EyetZw@Riz zT%KML%&|p2ep{tV27E#M)1&@&KTQ+S-&242YgYF}Y81(l%A2rl)RvfR z-1d1hZrS-0{fY|QC}+o&r`mu7Kg#G2N^&U>nZ)lFuGc4=byPHyk;O%0Or-2I@QL1~ z!t`EEr1N#gV1%TwX79rx!ShvI$Z5)8eLlsI4Yx4P-ucZ$Y`4x#x5Km@TOBj_n7NL4 z-*H|ccSwzvK+EKo!h)}0_;nT&B_ni7Y%*>0a4d{y_2^#ey! zY#^PI2BEyI#If3q-Q772ZIII_?1_n3YS^ZBOceS2o@!86mi{YS79 zCkgJpexlAsh*V08eFx;np=Osz0y6has8tVY`4w^roNfyN%%tA6kFam_cwFTOqcPKr z2(H#h3D~2>rBY>uJd68M!&VyE>|ikXa8W=^f2XVGB8zF^Xx|hfM~h#vyT%lRvQJa-SoG!BaIsI67Q%r$xdk0(WiOE1rVI1l^jZ}j z7xJ>ECu>QryEf;YAdzg>Er)Q4U<6hz!!}k3T0=xf38e<7txdo1XaogSw!Lmnr*7Y% zv~^t`ehb^vGYheVGjwu^a|HM`4w;rWiDfD$&B}>$7x%~YINu6z;a;j(XS1z#s?RTbIej*G-uRrWusRMH zN|nhlM-695HHG|p6|5|@0rA=czq0S>=%q}^?j*1ZSC__I#sAh zXMf%e0iY36MMOYKiU9nc)3z_U+!e(2z5Cy`SH?Y}k2iKg6-ot*zdlm0IwGM%n@uQ* zlFs#=Zq^2`!0jUW4WXDVkLi8jS;WXe+=+ysbx-x3*Ft;AOCW2IiTsX2hVH znw<8z*hNLXHCWE5s&E5E8zplmEw0h-A{@0rLqZ01seD0wac;Z-y3Eq{ezhdrG+jL` z26vvUZc@fS?c`VO)19#kANU7io}Z;}BzrwCFUqS!gqNw=?ldGf?xT7b^t2F{Cvw5h zsRb!QF=W0ahyUP(;y>Y6?|+I^wlXpEK_Ytws2~3 zci%sf4c^nlN*qv}$9OdaKOcMiPosE$9y;GJPrDS4>x@`&6en+8bO#|&Z=Zq@_wZ78 z|H$*0mFH6$HyBkuyLmX1_O`flMt;;wDRQRw-}>M`@(;Obe2^lxfigEk33Hn%PZ;!M zlD1zi9g|Frjgr}m)8c&?`==4|&zU+7P#rk^QE_8K!*qF-;6EC6xV!5*hg>AFo-01w zrosfNOi1oL-_nVV1jM=qSPW-^=heBSIN|Rrp0# z{qzCtnT>1P>f$Ek@Q(Exd^|D&|Nm>5QU8BH2r*hEqIg zNg1j^HvWK)4ram9ue3~zH&^|@p~RO!8|+0BIH^xCW}xdgoiqEF=-ss_+Fi!$0XYli ztSoo%Z7;X1KZH*Frrq%Gij^PH5i5(~2)da)PqYbAeukTqpZ$2ON|EGN5&p^VY{AUamMWPZ* zNmZ39J^t!+eto?rm+c%{Jw+s5ypRvTv~$kz-Wg9S4SxWS)DC>L9F&ehq18A?*q z`N+Qf@5w}NCHAXW+dnapg8!1=#c|WB@EV5(4NG%5AHU}Q(bth;lZh8g&BeOByzH7Y ztXlbtD4OJY>|bHONQO?8JK0vBHQl*7&W7GzeaC;lwZ{9$^4svelqmbv>v6GmA1nsF z{}As5haqN6?7XLz4hM#>?k2?i_Y%A7@K>w73s+>JSK;`01Y)Hj(5=~Dh1r7Exgt-zSvK_{5i1b)7uG>jX+`pat3OJe?5$(YwL%TW9;QbReCuMbRO5Eu9YrUjNrsDDUW3sdO>J$1*!ex6eZ2 z(xIShZp4Z5zR>f_CFBVA?rs_Bq|Ws5&%Q)9joodqk)(B&2j%ijM}<4I51Zm>f^}%Y zc9DW&9SzVDn*wTAJ&c$SPGEE+2eaDMfZSNJ$wPd+O@gX8w=v<#(8_$GXwLcVe>D?j z8C6-k^cVqe%Z_O!ZcA-6F}wkyh?A6`N8oQ({s&+P^0F*K?t5Fdir*!lSBcxkBkD0R zVI{|auNUBj!}D^{J!&1_=Zg@2h6Ky00(o0*KGVvMZNi-5e$drDv^Ufdg=q(Sn8JVjLo6`^d>n3p|+?n#tuDY}y$AF-(Sgbqf;$YA>I6aPkfB z_j2xuc6D2Z`q;#$edtS*ifGGz@4^2T3vsr}9ft6VOI(4}d_wN!2Q;DhZT0dwcND9` ztFMcx@lj7axZFtx(Bo5OtdC0u4lH##*!GS;ueB(O9^1ayJr3OF>NNHO>=F|>{J`sH zmAczM$YE;(FOov<>!Gn9RRiFz8`J$@rN!(TTB)kz<&P$-J0^bF?}dMIp^M&UUsM|V z7NK2GxeM_rCMr}paRt_mpe*ChI=h)|2l&2g)xMYCNZ7@tvSP1-4`~tPjAVNrl`gqS zW4MM5Th|Q^>tX&y%{!rXGXe~^qbcBzLNhb>MIK+#ne;#j-uYcv)_cLu_i@tUPKaUU z&?+`=YypabB-{0m2rO8d6$p388Xn8p}Xfvp%QYLH+%jPKYEVtbvU=R%G$@U zSWha*wbUNREmD~1^ou{aMz>tiu18b5x5T4wDzV4=D^3tX*1r(Yuk7=mw7PXtQsd~PP?lD*#(Tra%VyjpL%yZ(%6jFqp6D_3ztUI7zg zBfE9z*)sOsUj*ZhLBp`(u2O<+yaTT1#HhbaOhQG5w_gS-HTuYMjFoi~Nh17di>_o$ ze(jnU*!L;^cV5_^;P&$F;H4)tdeS`?%r{AsNP;Y{3L9zTJZvNF+LA`|kCCT$U`0CC z{>+9kBSzhGg;I#}^!1aZmS9BbJdbOKRLD-9bjFq_L!r> z?l?h)qD_9*vF;{0G))a*eYnw|0R0gedyOsKOULM^6*u2R3eHcRCK{`ZRCX|H6t?Ia z1K=`Q4?mL5LuH++(FqbmLPYkOD>sQzsPcAbiJE^eOJ{fffn!m~LIiLM3{YrVc4uC` z!2YZzm1$9-zQT?E^PCO4s|BTIdZYF)Oim*H%83LLJ(kQv?8}U|tJK03$EW*D zOl2v}ehtS3aA_%2Fcn|1)N{v0EP*mAtZA5uEEDFwtLD4;WRi6|#C_Fr{qK{GN>7L8 z@_Ci!DlvaTqjd7EDR-_nj%{XK%S9K;N4|YFyE2S3o9;F=Bnr!HyYBk6e5VsVr1Lw4 zb!u&ZKi9iLcRofZI!Dz$JbZ)fUaMB#X&hE8S*7Au*JyfERhR;C$kAr4eUTF_LEodc zb7DpiZ$K?3Sp}#V9CZ+yKwi3KgMzpyP)f5#Rv2%QypF1^cCTskXn!cKdfh+7zYP%* zvA5*qTe7ugOcOnx2Y1q9t^Lyezc#&H=kLaImA?Cqi>giqXhAtVXY;TFH$;H%#l$0a zj{rYG-$7XAa!d+*$4lx3u-D7*IDpK)vjNJM$=0`EkZVM$O1b)ga>#)7Q ze91jNMT+g=@ejl<_V0z#b3bb%YJY!ekdq%V{=7)XGXQdvzLf%ryyJqwkxzg_(YF)JHX&SO4BveHTVuGr}5 zjYsQ8#z*;x_9o_q8~s4T=$+4Y*BrUr*xnZP;}y52397+6>>USI9$X?D|6>&hdW$@| zs&l@7A9TLde@7tGSb&DcO8M*<$q#+CYC8MKx@Tx!G(U#m(+(20A2R-gn1C9XV5LW# zo?qK<^DMw3U4-hVdg-;JXovIa4gzH-E2ey;*AbUZ&G9S3?zo^B0eqO7D$^8Dl=$ZQ zrMQ2S$Y$QQp|O%}Sac&T_$NrFC%Vc66&h8b#!kaWRmGx@&_hZ4r~2lAQ+A7+rdpGY zX}C~y0%Esf9hmOB2nvCP7Z01hrB_JO6rJXbPNzduCB)B)$=sv_G?UXiB4wr2ybNXJ zxHX!dIJgS^9nXKAtkmW!=7E?LnUeHmFk1I=&^_|iA4my<9m@9Xw~wcH?Cwm;vFur% z-a`vQ%#e9%ov%&_#A$5zzw(WFI(2OSv2e`5C3;5IE$C!=pQ;JOcR35T2KtFIdhG1b zA`ITr9~UUDhwjc4TpJX86BJ>8yZN$qFP}5j4eLocx(ZZ)`NZu~!HUrmRQ&*?CF;9K z4l#&$%zjvaY(_1G&~<-=R2nBXCv)GtQ(8k;2uYFrZ&icL}(z)@t2i(?9t+-*l1cn8p`ry*1%~HcfRf& zf%MRiAEZRRi4OLEzkJk&k@Gy}6&gv97&=vCx=6nlbD=sl^z&!k$o1g4QA(y9D~WiS zuPj&WPd_ElPPH6)lD|ou{l>V=S&U0qP%rW*r z$LponAJf;}dyV?qj!{a6+Z*LhTeW$A=XU--dlFo%?!KKS7V9ter^9Jy@)^`{g$K8X ziX%Q65+5fK`&CfIM>#am5`kg!VXbz19Hy~sn-gFB9@YdA5mJFpm~|jjlqC+1Y+0Aq zvgz1UiIt-7gq=!+Me`LgZJ;YLhnvM=V5!Yg)@Kc(S8OXe(i+%xMMR6<3c*^T(8v>I z3>jh}BBqRa?{@!MDsfYGIE66}*`NdATx7@_2XKI!c^Mu~J0d06g@}nhYo<-j#N_IK8 zm7L0e8-!e4q}$$6F%s7ij0^3$S>8{)-IL{n2@Xvf@d4`6xwLdFhjssRVg7Xp48VR7 zfU~%m-zMgym!;0;Fx#+u7n{4kvq$ZEk$;&9A0Mv$O{xCLKyrD*Jzqr|Xj1%kvzT(U z`X{HRxy3W1_5;U-Tcd^w^s@%QiIfP!Y5fWo4l`-{0TQyIHIoYrWHCCGVE7d(!|XEH zg0qE^ooK~Nu?Q(3QTEOJB5)DgnP9s)qr!!~YLPz1g!=~hW-sattYFBjNAuF1mX+U* zOGtCu*gd-!tb7IuEJB0d{QAxpkJ#U^ZSOW%PbUQbvq+vaOpoV%$1qNAJKZL@aJ{mR zw6co@AWrh#dytB|b>~&?O5&>lfWDopbR0eD7~sZUPqw>z4U0n<%0ZSf!aF7=k$e&l zsWDwoj9S_CnHO}am;%U&W0VGb@ufUlm0bfyzk;)4SLt^&3C!Jt-=qK|@QX+vfe#;V zynRHh_ntQEB=LbmdXI7ngteANKDO)H2U}%hGev}2BI2dX5Ucohb@}8_M~ZFpd&oAr zRf@Ogju&Vr#ZWwG{bSuB7Is0U2ATtLA7Tq_mXeGmn|{MxyX>8}rzR}MMBwG0F0D-n zWO`t6a((*Gv!&go&l3d~2YZ=q+AC*^7_K%KTVUxjd@7=nRpM?{%&_bLqk{2%?xNSi z9AZFT?f;zfnl6aEvshXI_5y~X?ZBcJywBfwk7l{kZ3Jf`dQ*APvw%Gop`74M?@zz| zXui|2*cv(oCM($dEZA<4d(flD(QBy4+ zbr||i;E(t0wNCl31z|H7QQ(I;y4!UbRA)=2NpDB|cpj)A6C z5q&Xyoc_u8o5U5kPpr8r2;$s8pw^Ayz_kz8g+I!vc*rd$58ZF9n9yOC10s$hk6M;m z>BA2Gp2sSF+d3EqN`Lca71bO8-YJu=;~5rItv-i5@8V}`G3o8qO)-nN`B4;zWRft% zQn}=HLH9zVc~NgsYjGw|vs~Tx<4+G;wdray4bM=DHdxY;GUOgd8r5=+IT3fVJkMGUw2 z6HQuioc&AJXx{UWHW=M_(vKol?p#<0S`c|D3Vur(xz;xypmMmmxulm<$UW^Jqz!6} zH3kQAaW*d>(-M;9;IO-xu}uD-B#cKIa@{WT2f~Q;2yUzE3QxSRgE^SJoT*|7G;pEm zQrP1a9S-GDZ2TXTr{C=rz8emGY+e0MxT}f-a;D=nsL%%6uDP`qTsaz|^H;nA4vPv+ zqXK}@=7U$BPyAQ!GX5guZvUJd_4^hD?ceOc`?{102oRwc75ohfeqiZrKPdP=XwFsi zt1n}sSbx;&gYjP}#=ehoxb775AN#>>b~SQPJGc1U9Kr@&6FJ`m<*Nez8>al>8`fSk?5_*) z>v8ODe)+1R^+>FENq-EZjx{bC!p6pyEB#Uu>sl=*$mP0)4Lc*_<|x1&LlaJcHwH=@ z_%H4*kr^2qa}5uzb=nYy_%!(GQ_&xcLy|cc%{rHB=!CvRM4s0KTE=60+5I@OSH{ap)iQd0|pFE;>({onO zdUA6xVau8%keSE;Gh*5)N9x`6wleTwgRvN!)8U7IP=dj}$Hc!3h-)Es*q5t`Q_THL z4OU7S6=*W-9^h<|&RgQ_E?`os%#Bq_Lq7!z}BNJ!XnY#>{z$4%MrmQ_nY4N zb2SsuoN-~;qHxZ!aL)LR|JcrwTTBXtv#94ms!FyPP(XXcSoA9-ZFy=GmUsO|^LK1G zIa^-aapz*I(aIVQOk8}>wjp%Ye+yZ}b?9vX=5y?eEWH+Xdrcy-$KG$MCMS5?tTKGI z57)nDWcgH->%|FhX9@dlN2;K`6Y|H~}5D&%OujIUC&;9;ak74!M2R=H>8W3^u$KQ`(!^0T0NtdeeC zR^<^0Il;H0P{bFzV2*1;QFFdo<%6-{eW&q%@$$e0r+be|%RDT(vv9NpJLlpBzRQOP z8TvZG4of9-TV0;0nB6Ml!_wim*6}Y{5gK5Zx`W%1Tk>}QTmm74)>=+Ny#rFA;?|-t z&n&?m;02&)NNH`krGRhCX6pFY`vvI6Buy?jjbFFji+(6X1Iw{f5f$CA(qPqnN=Web zr0eC>Pw{YGs3L;lbymXJVuaziG8X;MfWPlX2HjH@+0FGUxYA;T{|R&(hE_F+Z&+== zt}?q$yzvyh4&C&Uz)CD4TvI1cutQlHdXSPXTYZ+MF?+_cR)IUyon8`1zlxmJdXk9^ zRnN(p?#I}6u-Wob7@9Zb3Q7Lndx+@cSA~sW5bg(>5&P4#V)iXU!J za6>ACN@2`dF=-_i8YFXRDZpo$NUzggkzfyg@Nz?^393;Zo7GE`V_MDS&=OxkQ7fj= zqKNfR0~tWEoW>RY9y1^7GC>SQMHlLQ#ve^{OtNtl!g#CN9$7EGO+Kl#<^Mq%kV_gl zJx4FQvF&N1#klF%Y{5grB@kh2Fej>iHbcGD*{|9`>8`PNHScSUE2QDsPO+OB^%juI z`Vvh1P*WKCPG&Svj=5)+eZ}Uh*75T*(KfXd?TX@Y;HUxhF*W~$jlW}R5!A#0?pPn# zG%FGzK6`tTa!N~4gdq+{y19A7naZOMdAU*OSNhf_aq?^Hx_~jXo_H3*JIztt?Imyh ztkLdgmWS5sAbxAj*itHhgHa=oD~4esAQDNo0JB|crG|4?<4Sg@bC^Zscf|c?T8l-= zH!zv9bpXe2vYi*vFB9BK3~9~j1#7I@lKejzx2=3O%CWVT&|$y)bvo2$MLT>65skZm zchGQD*_CI&JLLv3={ELNQ(pAY?B2eM^cJla#xnuHsZ$MY-CoqVmTa95g68nLO7p4< zmC|Roiw&znoa4&`JGRvv>kp|SLB?fqWXU$zw579Bh-4700%Ih+Sg*!9^8T33_y}lU z$UA+OgsyO0U<#UHzYX(HDX_?_Ru~$C0mt)H=U6A2D zHw7Cj7ID17^_i5m?PmdfT@}{gpUuZvvDq{Bm!HEm4e{F5-MVGs;rk{w*l}6rdMl_B zv0)S1&Up4$HIN2zp=~$6#M)^4dB=;Nv$;c%!$r;gyb_-{#xyq zkE-`0qigRxA{D>!2TaAM5EE?*ZIt{!+OoHj5Z495PthgMwYM71{Y1~f7raP z{%v;ub8)>Z)+@$JaMz4KnsPTQ$>5?fgecx9%-25!sSmZ}GBpo?eq|OL`z~=^=bAZ($#*HRbVJZ7Y9?Q3V ze(q-)ElaX@otMjOh5xP?pI| zqxwAOME9ZY-zX*qbc&K|C>&4f=&yDcI_^3CjZH3H^o=c|h7WVF+Ks@JJ72O}-nJ}U zp4WjC`zZt}3r|IPnvkLkR^)5lNq3`Em$X2geIYko>gW+@CN|pGaTTMo=XllRt#_S% zQFGIl61cGJ^kNsbl{8L*_-7V0BaQezO~AmlkyarJLN&*Z)r}29Y0%n~(#jQWX6|L` z!dDB*VVs`K2>+o%y9qLtvH2XSMCg@Ff677vEUWFC ztesUSyIHmx02MW9KU%#h9e(QMxb=2h#RSTFDsoXb8FF6AQJ3Ei3`Dqk^@uWUK<+K$ z64$B?Y5nMFVqTcMeVd>J=O(;yqde7c_B}C;%qee3ge>tk^7S`NW%DQ5k>v%K0ia{t zW)!#p)D!R#5DN#(*>Rtr=crAsC=vgG?6`Mjw>J*=y-HmL^dC5W@f~bxshK61TF|>eujtL(1YJEB93q|A;i&#;{x2`5ZPbX^>1L z$2niqX)OUR^pD0UnM=;W20eSgy~9H($zzS*t%3v4Gn$g6mY%BBcf>FJ{~3#>`mzU) z6i7UCw!~XmH|(pg!^9med`oKQ2X5|?WLB#rz%e6U@;2(y+geA~(HX@mQALT9SK4Eu ze6s%7;Ro}gzcz{^C3=s>UH=bz?;X}u^R|mx5CjD*AkwW=0TDt89qGL!^rF%eIs^m+ z6hvO>NRwUzBoL4idKCfbEg|$?L+>4S)c5`NclPi5_CDwA{m0qo9Ih)DZOxilGtcwP z{oHfUEP;BP*E@_oONUbK$H(HmWiMN-YFpL))?(g%x$vvX=Q)r8EIcjjH6?i%zmo#c#rZOZqmF)r@9Kc zYwHyns#07AF8>f;erVymSWmU7+2$235x#XW=D~QvDL(om6!^*nqFItBeT91?(Co#w zJaOB`1fRiOOWSgvHFW=}uuYUA>0Q#iqSQhKM2LyR@?_ioXniwu zINLpg@@LiDD;Y7dXdbcN-C)Q!)d`1iVo^XPPAan5_KD$_j9C+3t`u-|;QCwAOUvR;sn7Ud-=L^5O zU>#OeTSf8WT%aa{^9OiNE3!3Y?{&f56<$3losFoc35;enZxkiOENX^7Uya-!K9Sfo z=5d(-DyOKMgzpVb@is!l-lPwzZlDG!sRxhd`0B?`rkNzJC0Z1yI;bX$H5i|}cMi7K zPnE>S8Px3bT~4kXSN<^jxYWi&&O^T(VAR->w@}?tJ9h+{Jpk_jj*JJRrnWb7a=n3> zkB}4Tp-978(;85%q5~RHsj4{1)yK5c>4P{<;Ddgva-+=`=1ZvZx-#r@QvTLXvC$BH zVKrOZR11wKZ+xw;psV71i~{h zv^{Pm@3cp;YQbaTs04k=X=XRB-J|F8Eum_kQ@o?S+IigQK&)(c;AgyC<_=BfWr%Iz z#AVr1tNAkeAtr(~#TJQo!rq9{<;D*4HGi`!qJ8@_=iSklQaiPlk@NA%y%#qYxNttR z{vOyDbTxor1^J%kb@^&Ka{MiF`{ju`GZGUk4Zn@DWy#2FI$Qp)XUg+hTDv0nVVv># z#i|vb9sRi8T1avI#nLruZnLe!;2vn^!CCh<5l1#Wl2dzAu(J((xwDE9hXt=raPdA-f?D#2Un z^Uy_$F(U5kDj%4BMM1TQ*_1oYJR<{=0_GF=LWC0Qv&fzj-Lbd^VY~_^o3Nqm5IXB6 za9A=qpj=BMn+t`{8qk7t&&q~|e-*d)z|~b>es8GLyL(+$g;Hlj-~%4WrgGbC1@WyL z+EcYMJ~Le&lQ&>c%Nl@y!N-8UuTT>YC4UtaB9pq(@F6VuOOW^o$e1J`*PUL%gI#fS zp)TF$u7fK>Kpv^qMUg)iTVHyz9cp5R;^q8Zj3n;&D$S)!H^lx|CiYKT#hwP4mgew~ zUe9+>|IHMO^tiN5#VSQDuFm#YbYR1HFj|~v996f9 zU4Wm6#CC~Z96W=zi}viw$EuokyK-`Qp*@z**DZKb1sHZzM7KG0|J?Ob z1mkm-|BRS$b|E4K2H^dreB8dj%97Bp`|fEzcVhGNo%;l9$4hKu_u8!lUSnvlwD$|& zT*$D^uV!8%sMw|-d>G$!&}dhyhOxP6&C+9Zn}{C8-! zAC(e=XKirAnIy1!`85^0zV@QQ)qgr(rMO|_FWV&C@jDWoUKwl#? zW>s4xvsE%V{WwiJpKd?F!s>U;?zU6oSUb<92sY?4~>DGv9g1#xrZ#<6X>rA+^c=+(_ zEm!1|o{CV~xF@#v3v@c*ayJdG|GH%Zv)f%_Qa{j^DK~gI%7@jTI-$3XA@CJ)=G}4S z4kQ&*s&bjABgBM`c`>hUm+f~erYPH-)IZPAtSu{Fxw69fW}Zys&#An{{)wJb(!a0S ztas^3AtLaN#oE7re<1QxAdWtoeI>JyvSs*BYaNBTf2*x7UHbnXkMu9x+Wf-xJFa9{ z693cHkLleS-rwE@i1RY1OSxsIe(EgWi48>hCyzelH>(;<3ph4E*T5DJ{27dvvnHu4 z)zgz{(aCNr1Vrw17oYdq|5h^%nIV|pwF@2LWTPFyaSxalO5bT?cHUxsB)X78K`lyMF5GVL2>2HD#T#O^ zd;hr?6X-8+lS#?y%|GMqCHzXoPYZ&{Nqa(8HZgdQkFq*>fmYnK=h`ePwe2i2th zL|ee8rdWa2htIQ2EpPc64O)=Is>RIFmh+meejsncLMkzTN!|GE(T7d;-ycXt%XNxA zNEKffp*>_yMc$_Gbh@6+(VdfevQCUvhZubGdgrHXx!ZpzWV#2J{}Ty(6~erfsOqiN zP4C>&GyNSatk|>%1D*{vk#G zEoT1z?5MK~F)98gmZU>>>F(@S;{yqi0ri&))jQ()Oh^hh`@r6iWdr|v_^6|o;10E4 zVD{2`dUtJNQXu~}c5!UZy80&V^Ef|}GPQKPp*f1K zjJCk~*AcmdudxclDQAE4r}hy*&?abXfsK>(zhi~t(NccHwb@FHT^(e{ZDwXXU1d9k z1<`bS?70e8{*cwD?1HZ&9w^+6b&s-4h@;2gCdfGX)1$;zkatRLzbhVD(dGQE_|mD5 z;NmJ7JWb;q{f(G)5g&h*D8PHzjZvumDah@x8By%lJ)UNU0pUUcR-WI1lf ztv$VNJU=+GWrXzC*fv~TiK8Dw+Sd;>hL7#X{kDr!p4##~ zgnj5xw zD>Bxe{WdYjSweXGkP4wu)G1b%a4)=EZ6z53;$eSZ>~lj%}?M zg+a21gVX9_&oscHBEuyG$p667O>(rp#8fmUC!AUMi3S_H*+|_ZH4vE2I^_%f6A3T* z)DtZC7W@aZ5+Y;VEA3@~mXbIf{BZV5kD1%I|BkskPkkS*{SGH41ZIA%isR1btq;E< zD|Vg8e&L2!2Zuy)olEd7r#ifH_@8)s9>H)B&F0gWQupM+x4K6<1>dy0HL~-=>%{L{ z<=EQ^kDvt3+X&|WlkLl7KCW5SY>od{KTY{gXRj*$?y*bf2mcbQzjrMp;y0Euns@|% z`o4=3t&exe`Rz9sH$oI0Z@f|YU3tUghmPONmY3fD@4b%oFW_tbrbYYl(u%*68-6gB zVDGc33~ue8LmnM`x>GS$zy2VTb+3(FAufoppcP?i-OR)-=ct@(#`iHwiRR+gbeyee~|Xop5jf5lXTe z9a%7isOZuhbamY{czS~AUgFiT$`#MOmG`OEa+vnFg-jh(3HuWzOV9hhL(2UaU0&gU z%XyP=e7W>DFlbl3|KxiA#}QTl*U&h0s{E<-@W-g_9{xX}_R`^*eboagl++%G!xy{< zAYoh81{e4O%7}SFB)E@6EyG{-BEE>u3Rs4SeS2MDz!gWwYyI$d#lAzTG*AAbu(u&s zvle4n)xuu{7@CpGkf?)`)Flqa$qNPtUdi!{Hr;ehso+y$LL(T89;k@D{Pf1k^r^?(T)*Qv zE*MfG(WW+Sz~nP#T1SZ`geJ86D6x0tj?1s9_I*8_l%L@(sViBJ72dmAMx>4QDz>}m znuxS|_$Y~Ges*wW`L$fWDLCVN^^#)*gRryEKB4p8*E17}^;0KHFf>ER<{bCkiOwMl z8!cO1)^5M>jjzc6%w#>5B;}`;er$e3w(@@khf#?jw#ffv2}k@+B$t7JNOhyXB6WW| z;)T{`!++?91O#VEVmjQrq0y-Al$e>nyflSY+D9b!nWYi(6^(~FF4sD9l*Z3;Ajf&3r?H?4Eaw6sR_RkHs>$jfPw=w@_z5y*{yb81y}cqAl3f_sr> z{#qkkiZt7OD`xEJ3y<)$R_R$!CW#nI?LQ)2Cp|iU_+`#6=Stj~34vHhTaQCC$KWIex zKWGg7Wg0}J5yOneUiZ0{I4L&5oVPA!_FU#5zf9U~%0_EL{d6p8;; zjAcK*06))EqTRjsGkBixtPQEKt_O|jF9TPp>;)!4scFF!ly~MtinLP#?+po8#Fmw( z>JBqVhyWELEJZ)TE5}HUw1?XPn2H_A`R>^<7;L>BalADCT50GaAlV;!M9>npIDK#Q zBFV2+ClemTNpzUOX!uuk|n|%o$;r2zaNP3P_CBh zS1yn}K%j!-^x_TVp)~vND;bRZf7{QcdXoQf7Ut+q2xjhrlE8KQ_pW2(m*Sn=uV&4z z6D#QM87Yzr%{$~It#E}atX1uZh+LZrPhLSQb6J|5EjcS^TD0faSAMX4EHvSgH z{FHN^NZ~US-E4i%(#Z7}FKI;B-yd4DI}aEMpJZVcsSDjnhm7SWPL21Wfv;{KlOT<6l`B8BZLy*-PtFi-`XO+`p@h;PRmHnhW~p zX^YcmWI2`}PSO;M{&RuqxX($lKGXkm6guS^5e_o zWJ=vhGU9<$2TM}4Z?@Cl=L2lGcMy^OH>8*u<-d?(go`r#bN)vp!%r^PN&-7kif|Yo zf3U-N)A9fhAKrI$byPO z=kf*2`y=c|%J5Mi&1r`E5q7KN=C`(|^Azq^aG;8>}aSB=e~w59<_BhqCqyB(avN0lu0}S9b?p}p85u` z$pPj-p1R(!;GCRIFnqC$bPd#>Uw`{T!U>WLSL1Ir!vxQ%2a zlAgEw33CRXiMMPo4`dTG5vLAHzNXL#thj&t>$;D7tzVzhwCx(JEE9xD+=Fj?clpeH zj87_;Q>Xh^z6M{kSXGR;E4m*MzSZp7xNIX+8y%aAKS6!sRFuK$z5QWcA|U+vet7ZFzczVn~1`;H3WCH-wj z|21iG{0Efv{!L%~que{EO0~KIZcb@Ig+91!%kAOiF*NXV-N@t|vKtbfEM2y+9qazk zi*7i{DJgeU@3O_(lVbE0lL@)cmsFUL{SPz%Y`2D!l&R0h<%}n84$e6l%W!QE%0*mi zaTqbZI+2K&63oH-Z%LizmI!a`&+^a1B&fUM6Ukl)EFwiT2AU>7n{xpPy`RNi?k}Jy zX0!2V16jDyDs8bKGwgo7M!G}Tz}WEBd3C3s3#TDK^W2f>N@e#k8>@$jRi;dGw3{^& zmCsEvIU&Wj`-ZOO&fzp!5$D~Cx2gL@GRk%bZ ze}(-dKHqk0hBUqpqbnMC`5}3jXAFP+j=6S$G?R}1a}SFUwQ-x(CGD;;kT<^vYS&yH zka^{+H-XcE`6iD98AfrS`EMb#IaNf&ubIp2`Y=qF17<$uAk8H z*(Ob#^ybcC_43MNpXR*@exQFwLebNIdY|&ze%kA=#u(51QZ>{&<5?P6#Q;&N@+mMH z+9#tr3eyc2E^0T{9WGq@Tx}^{Z=inM?A5dy)D;PQ1JrWAtnCKr8ECnsD zkC$$J3{(<-C2=`yVORjfTw@GwomeYqyb81#!NIZliG4l_jG5TaygV_7YWyf2`Va+?wG)&t4g z^i&suJh}NODMurX_$IU~+&BVqWH7f%VYXOPSqM zFYq^4=@>dzy^+jn>{zVcV=I0g{70HGin)bk?u5jM=m8n}aFL_>cp-6=wNfQ|X}WhJKJw(;)G?LkJx&u;WY<#e8R zguaAdNpU(LI^5Dgo=zrZT!wXm^r^dI^8MZXd0@tW3FI6i-I9e=Q!1rw4#34$w;nha zTVADO$FYuMkX1-LN3vUeS&EBsa*!C#PM!)5_>}N zsy?HpHp=qQQ#!LqXS>kt7qTvfW9gf;!6-TN8On95CVg&lEt@cri24+upb$cR-$+B% zjCqjolc8p1vS;I6wcg0O4hz|-oMRZ%i1-OQ;5-+$)&-}&Z~JkS!QsQ z0qFdLEg{M#CGRR$zVK>$A*zROtdW>aO1d`maSU#2;uoZXI`yTfgXv&x%>8pCw=!ZR zbinjpy*oc>YcXb5)<{_&C``#ve)YfO*)G^47n(wsgPG5yPSMh4G*H;F$_E$7@d3Qw zFJiI%(oJ#E5b}g+-qWy92=~Yy4Ei%S0Zj?aR9QyS$MQM+d7RkrichcYaYj3j=_N}JFrEKzH{Yc z0*(!7W~d7>lU9Uz=j5y(PF<@-H-6PGv&x1Bi-C~NinDKTsX7ybh48k%)y^Mq7D zK6Xc}tf?g=G2MJ2&yq5xS;u-8#vh&|T2VHnX+(Vr;(e-Q$aC$&2zh@<8he9zpbSh; zl}eZP@O3!*dZxpQAt6rb(g}ATAs1T`BHT-c6@yoG8oCPQDcW z6Lyd>Fe*mpr}oUqjBTdBQxcm{W>kysvepOb{&2bRw7$gnR>t=wm2<}BDI6@HR;V3RNQrE9oGy_m=Z6(s`O3G?5|mSXSN7FnWd87q(_= zB0aS*{w67VHd1%g z4&U&Y*MIu>`%0Bd91CnIdwOR9x}R%rWVrf#0zHDC?+y($u8q+uDbGf>KK6*o13e~x z3uwTzhVd*EwoAM@06 z1o=It->K3ypqslbKt!ViL?^3^o|`=Yq!p}il-KRm+KycoiYo_(BqDJT>KNxrDn3{w z%&>#WLVMXeVZ5Sd{;X5-n&2~bYF{1nhH6O*z2dm2!44$>dc}R&)2WYFdNwI-Y?6z> zgnQn8;7H|wg^cg?!)1hb7CQtx6WX&>;){X1dpH8InOW*T3QIJlyhe2jTG@vqoViRH znM4dkg3b-WOwaPjEYvvO90wjZZ&1VR<_mM$&$5>9TG|BC()qn4g8cNV1SA#)u8$p_OQElIpz!N7e|-T4rd{vU&5Dh&RqOy@~X)OvI{vcgrN;g;w@LKnh5sBXC!FhSuY-HvgO} z*runQ?dkoKPulz5o70l>o;HsDGPUDQ?*}KrhIT3JnQIOdxagc9_kmtWRf z>;HIT7c?QC_OnQIZY@Teot+$0;1Oh5_d+pIYX|v$-$px(byw@E!`k7i*n7UG@%xO* zy@T+9(&rp~L+%X-qn=&d5AJ}{+SXgDruCXMP*+U-#&`k1G;7JRlhL!r@UDkLLUw$I z4z#O^ZA~~y^Wfv%q~0*IgXN>eyyc%kTtuYy#x^4t#-sq>Et`3x5)){dZQMuzKE~OQ zdc?bMeQiXKlEo*V)chI(-PhbI^U(*UCA_Vd?(yp2O*c4--SC9;2AEi*za6v>?st#(9 zsX8{bc+rKi>M#v2@J@^JlmR8|z|;TG;8ORil-r%D8PU&9Jel{tzR-)2pvx?m7|kK^ z3cv@vNrjH9tK)?y3ripE(UQ~lf~CORZ11+8H20163Xgn(C{{l*s2LP{fbu{ceN0E~ zTBq-flyK>IFhP;rJZ0d9*>I%PXiJsVeD(41beZRjZYK9_U$va;48T|q4@h8lPhOc- zf?GhLZVECKys)m0Uhe>{T>$G-)){h7^B$umV5x4hcDS+)(wjmfzHeemJO#xZ817b# zP2HPC_Q~E|sH!F^>yzo4)Ya;7bD3QKCU=eUX+D{*k-o#S43Z2aKoavh+H(<@YbF8b z$ZoY>Ak?7qB_0=MSyp_tPO?M~M@ zn67j{#~f@wmrVhXZ~|^fse+#|6oQp!=gd~=)Uv5Gs85PBWmZg<9FxQ*moYtU24iML z{dmfOUECG0q#;#h4}7Fhu#8*E1^hhhX*wh9^}G!E`lzx$YXQb2$p7kB_Yzvsv` zSlch-JviTAGVZ_Yd$%dZ=%GS#htf*fyPTlHXIPS}H896w&E-TUsKo7ZewPTP72?vk zV63}D)!dmves*{Qq9UUU;OzYE^x)<|)_n)qb-woRhCV=`gKJBJx#N=!`&kV7ZI&l` z3I0>$3I-lEMsjR*(l$wr;8Kjixc5nu?~3QPd6U>2Go5^{fXDlT1}kuC=1v-|APu;$ z9%3s>aOr!KF~6CX`g{Ui#wL|7xlt)d8%P7fP!Z?3-cyIBRWeaiu;sVjpsV>=Q}-7kNuyfuhQ<4aF*|8&MC;`0+9xaR8+2ygxS6J|XOEh7*?^ zmXKr>-4Z>SPh)D_NiqJRK=Alo=!cCwC~u~gE(U%Gk1BnpOHXb+)!$My4iFni=9!XV zLSi#eO6SkDckYIgO-Qv_$*5y%BWzb6Z*w3A@|4z(>PE6uL5sKSt(IiOdAfQd?%ej= z3f<(~KVxj+0g)$zC%z*_g!p7G4t{FD5RRaoU-=j@lgl&RU?r(AYc1F;p6@ zLQMIh>=(BS^PEx?LMIJ$k~<2t!ut&K?OVD!l5tfrkz#b(`SSGG8nZ%6bvcJ}2? zzB|nqkg)~NY!P{HjH_oRz}ZSq^icag(#9$86i7aGX=2)Hft@hvFxR68G4W5wO%3hH z*7~7^M9}6G^QXSF2<+%S$NH-vfc3+q_Eu}6Fs-#z@qr+&&%iC;$vm0Va?CReKhF?T zu0jK2aQV#bfKT?lkx`~AC(8b~M#W+ZEgP$mZIDe`V0T^4#M#8aLKC~vP_YrzosbU7 zxb#X3fk*0Os2#>MFNcdF7Y%S46BnaM)XBke2RSrmv#<<*V$M5X`xeA3zpgz}REV}R z^}Am`Sb4>S85v~SJs9@A3p*d5hTE2S@5xbq|`ctVvpd1!$fvsZ)b{m zpG`eUv3t2^f_nihcB=j|qnz8~GNHs+sZ)7{c~D(5uapZb&qd+}!VcUvC>M$J^!L|y zms-(~J{c^)PW&)aI-a(<7XA#bDn7m|xH;Zqt_ogFgN}|a;I!3GBf6Jy5^OTBw z`JJj#f_GL$^E?B&334INb=2yxw2$t40#dnYOq9$CX6_n#6n?x9coWYEL}ElX`rA|* zCoowuXV&UX`bH)bI&rVX2K4|wp_nv8WRNnm?t>iAHyPQZ^82|#tW5wu&qB@nZ-nno zSuddM!;wm@A*0jTqsM3L^R)vp7N(n-MGk5FLdHofJ!4OG_1TNP+(Qr91}7E}BOVM#YSr`w#+;?ghGV66FqcJj!N4W;OdJ^g?;gv2iR>Z^pF94ZFhh2gF9 zS;&_PwpNDtgdzcKuj_sAquRv2{{@@-? z%G&UW=~PykW+))*0z9!zXQ_{#*xk`gET6zdy1<$;Q*OGyX)9hGKhf891 zV5gQV|A&`Wo0^ir4JuNXm;rSBvds6%-?yEe!k_trES=dj+v?}a?mFfxvr@kp<^|`~ zZN>U}m0*VULbg7CxyUBGb398?MhYbL0!l66LzmsAO#Ase;tzf4+3%%_;kVA-U)a_` z%XbPpCDc4OfgA3FAU{QAnbi0ogqH;CF(HV!c^ruxTt+E(1ehTy-$XzVsF<1wK17V$>1_n zOJ_0?2Ncke<$N6HY$0s_Y;Xx70!|B~W&3rEl$`!mT9?X33Al7bOUOz#NtCX2`(HLe z#h!bm*p4-=UA4t&gRM~7Hf4-DB|kXWQ<%D3TulPJlu_gW8VK8(MLRaRF=lW^_)}?z zenQ7c_(bie3Xo*n0AIX;V)9xU#?L#Ik*3bo**z+KkEK-i8a`ZaHUj2uU_W7bmCCd$ zupS&!XeYd>VEw+&;U_sRMQ1CC{S42sdPT+)wSg2fIp9{3k_1i~w(;D-;UJ2`jiT?p zeA)6^xdi6Znki?zvA=(`Zt^|&?!c$}@h?eH`fZ;?(Q zxKDZac|DX4IlrL5nMdA)ah56NL?SRvq@m}Xoro{`o<$+kXlKl#ut4m9(6 zUbslFBV)W=<&z7@e#}H&XA4~9(ACjXgPlhcD=}epUFuYNQ(z>Z-O8}-6N}G-_tyf! zC(g@T98843H-U8d{xFCH(lCSru}+$J3-RkQdoOku^i}34*{!GP=B$;C+z1qfaOBn% zhTXS#$nKl=Da2RGBRgaO1JfLF5t@Bt;d$p&`;OYOboY%QQ?p68b|C$&!Z{-}b&WMb z{A<02@&a)lMm|Jt%~qW3ZObZSL~gj8I;N5AgN}pWkG;D9&qG0^*qbzDDlknXWffsb zhTA2#L5?Gi;0nA+Ec#nkF3Vxsyau+iyKC#O72A}!u!DGU$U43FS1m)4m)~Oy7GaMa zkU%e6(2&gj&9IqmT}k7eIQx`&{bvBj1D2tRSJ4wDQ(A$VQrmx>$iWTww5dySG>vQk z)ipV{lk(JVh$Zq#k5|_hw5@!ZKU2AJG+Od(VF`2NJK!QF7Js|u>!=~{D*-%{IN(aV z@Ay(N7yQjV#|t*77&B#u)(>h1S}uG+7zlW0Jff|@M7{}2#%gBTX~NN!Yw8?W>y>%5 z$kRkI#eEjKWv|t_Mn`fVj|lOMXF?qZlS{VUMnE()^2BYCJJU}8XRfqQDzYCH2WbnG zJL`KJ!hYN1rMnbi-T30chFUtEwp;x@)>!RX4!L=UH#}Y4{EuocdILQ79hLXu&8!+c zjJg1pa$?3pu2PkCskzMsK7VL~Fs){BKFpEyU!FCIx!vhE_J+1@J(kc1BcJdQ2V@dN zQ)6XS-yp$8KIr+#`vtt2O)MVTa1QbC!XPGn z#PZ$iMCQ!g;G4FYaxpv04OZHFeLALl-i4`T`PMe8cRP>7@wb0d)uE-DY-Ap}4U{<* z{8(Os^7Z9j2sAT0yluDIff>0R5C_R~7d*0E&b>{SeQ=(ft5~Rl85Fq+crvHY$T(;` zKuAaolhYGM@qRk?Zf%8XQct}_4IH?7Tm|py(x|3rY1|kI9n=w7F<4UEq*O}c#nLHc zJDtbivD}X(r;N){z=IoLz8+(Py+{#CioN%NP8A2y4k@8@VgNN>Z5sCT4`q1G!LRP< z4@*BD#B|dTC{bo`GfPbLb9ADoIoU0cO|Pt&T!=OnqrgSDq3yqC)w&v$1((8Dt13u% zy5f~n;L!GZD>IKDomz+cQ8%@gU1O>duwi5T-aGeDL8x15^HTMlx~k_rL-IsCI`2Z$ z6V5GN4vHPaqT95FCkO9-Dk`auy z*EJ7|lptFge%bCDDeRI2ohR@B^V10%T_tcTc$J8y<;kIZa&H*s1>{sliqW7*b~5px z#Cy#GEOZtcc4h^iNW7nZX2ids5)i_i=j#Dq59$q?KLO=y8j5)e7$w%J^%jh&FTsf? z40!G1yLCL}!sjOPJvO-e!yGCQuiYZuHY2tr`t-yXV-3q|pK0U;e=6r7?2A&zuRFwA zwcerleDTa1aoxH8RM330q(^K1V9MeBr<0RPYtWRz#Pn)V%|73@ z7+pcpz#~}1mJI_!67^uu;pF3X%CSMxS@_7$sVhRWRzI}z5X(c&GSn|E(qsmshE)@4S5)dlY7I==XE{P zyamrhO#RB3_I1u$x2>Byg@L*VREn=-VYb?d24^gHe=FxB>Zl)1kGvei6}6k#m?gNv z`9~rbrqGY~-Yu)6H|EBHyM5IOwMQ+G2qXJVi78~S&Pz|?pCTLAo)TyisSW!!S9*@P zgwRCxiyM;)a3v0aXZ9!c`LJtYZVnMGH<8F25_4KMJu+SEyhes8HwV2gxAJEM3om>O z2daA-H|x};-G;6%HheHb4!M2x6rD%a)IWiCl;Qv$&}_cOxT-|2c2yrbN@s#$MtVdodR{+)YQ%r2f=r_(XpA!_TC z=S>guzm!+51ls^kK~4_QW%um!1;7;6;_iix(a%~hiS(GqhO?`)Sof~*ZqtwHo(o68 z>LiO<>hEXNwiIOym$a7R`?)lxg#xYsUg^1jcYnf5NP~CxBOIX;kp)Wiw0N6RUbTCB zF)O`Vs^?eZvihQ?9CQ`M0s;Mfq>Q`Acb2yb826Tjp9Te$TXCwM)Yqw6FewavmumF% z?Rf1}H&oeq`P0P8Jjy}3YNhL_16E@sFLvRW5!+3Hv-2s;g>w3efw?uCCX%v^N&4@5 z54CX|^iLhjQy;OKb>DJGH?jf&#+@ z^vPNc6iq>GpH`;6p!K6z6_~ie6yuX035ih|#M>n1iZzRgZd>Ee@j2$W+>mn0X{6v&}?cL&~NLpo9~5f9Ar2hjJKHb3&rwfgBcKDrGP zGkjC4(`+ttxo*~}8L2wm*+bo5>GbLbb>6kj< zB~h8t19C@f6Vk@1T?p(7juX;s(7YPfI}+x8JIC3!@00(!lJUaq zkAls;c5QUJ(&THxi;qYmFhvRA3-EEp*3#X0t!*cm8kk+O$vp()2@V=h`{3K+_YdoK`Al7+=-J>ap4mq)fz>_Q zJ(S*3*W7FK(qEr&i?qGdJ1Rdk-lN*e&<$%?|9|W~EN7dDQQ78E2Xj&|n<0 z1$mL1uGlGMvOdlt^SzBYv+AKeAvX9Jw)NJqc8V6Ro4xLwQz)eN z1G;p|57;;?buQ2^tl%$+)Gz=9=ip~Ol&R1wP&E#rE^Qv0HyVJmnYBWLqYSDYRPsfW zTk^imgVe_Z{D)`CXPvI=jv)g1#wb`{^#$nhB|**|dzOcuCB9aGf&^u+$um6~ylZrQ z;K`xmXTqetd!#zz(%J356K$9Ou*pPMqgIJSyH8j4peAShpcEX;F$rC7xSYV`Ev>jfQgbETW z+!yuTxtCA=iYL>+N^cp6?tE?6+0|LsW`*Iqe<){a;fhmk!^^Ack>U5f8a&)q!Nt1o z<-)#ZM6QVy`XmVnY3>}vU`oc32I`8&Oc}Rb-k@xRdOvFe4Tsc2Z`k$Ckh`UDd45+) zM&8NlUN8=i;Cky$pHtBM7@H@{BRfG*8zg5950vY*lK7rj5-(@ugbl9ptPwH%v?!&a zTM7GV55c9wfn37ygydh0swG5sA_0GREEF350^GIz!L;OC!!hpM1o*dTP`*>KGdP}Hl&tL7e z?ar0T5bu}S%x)h@PWN_ao1+t=bML?ma=#b3?V%n=UD@DT<`nEUCh2I*>j zzsD87pPoVMJ(S+5eB;#BYQh(>-^4Uh1(c%Xx5;>K z2UjE8W2$S5o@v>1hhVK`Q$fg-VWR6Hvh{ORkcp3myqXVcgEss}5gEuPKc^#yW9tVy z<3vh!drxd%c%&TTiyapA(H#Hs6Z~}b40@0LQ@YEGjs5fl%!_)RKptE{xH=O5mk%=L z809Q}{LyH~AB`^cV#uR53>)fsf473ngAJ#?_ySEX2Erq(=5#Sbf=|XXN4hxihZu_& zc@c|sDxj@JVEe|RJHUArvL@!HXIc=SGn~5G<;vb}N>I1f`&*s7PI!@4*+=ENW6!Im zO)SA#c!IZCn$v)>(WmpMA0i99?+r6(@e@`(v8(2ytN=|XuQxFf^PYS{iZMQfk?FyA zs4qhMru!i~U&8sV5N^p)b)#GGFpuNBRzqWIjefmDN1?~JL=-|((&?b7TYOkN-^+Ak zPK5Q503Dx4nyC8^PF=J;@=cHW*?hFC!}}`nH!7^nHXA8K>((=R3yike$Vw}}GOnZ? zl>4C0B5{$ytr)g5svOiwH$mR?irm(?3s@$@^E@`4aY|u9F+h&|6wKifNeuHarVlOd zEeYeDHE8{e(Q9^;zuUSk;NUb=7X;zw!++@#rJ~`}{I#-KqSE@s^>eT^|M`Hq$hE~S zP~z4Nz;sbmg2bz$FO)6px~V?ML{UvKzn3AO(!#Ht9I|`PybVAJzmg#7*3jk&3@O3; z+xy_@?;+zjsbbVQ%_g6J%PsScQU>#^(S(>u2Z5^U^m9bvM45K9ak~c$tOP;zDauY1ywA^*}zr!#Z!e2DPI@f+pi9n_oKttjkj!^x|+f85%QcSDY^d5oCxR2 zJI5CC-!jC2NUy*I4%74^eB4l8xjQvzmPEVM_U=Kk+oQO+awB$jU``7Jr*yo#r$6G! zFJ%}WGq|$`;dB~OKvl1hX7=gH!+pXAL&_JdDOp1pJ46xB>%7^MRXOu?jPY%I&F@qt zj5MWCom)2I82LmYHFIW5f5&W3FXsM=IDho3d8Z>+Yj|M2X+c0oS7XTN%Ca*d0}ej%hMxC?_97ExGN=IY3``FIn(JRokAm&9sQpr+}By2B#MK$Nrvb9WOb9DQuX#~JN zo>N78&1haLv(N8mUx_hT=N(52O7kvUpS!4hNeQq+wgx-kLWDa??bjf7L*0_D-BVi4 zmS_BjSSH8-GA6}WToSx4lm;_hsBBjZ=s`bxlL@NLq>CPb0}>B7KFxk?0&4|+2#xmD zj@CJ~=D!Z5={-=!twc~j%lj0*$rYLcb@SYkzy+gj%T3q3Dxa45TaYslx0`j{lBKpO zT;yQr4N7K>X7JK02mkwAmyNu88&x-4ZtA6;%?3Dgi(P1FCg|8oEx}kj4Y0diO2&s- z@qxC}&juy$qP}eWM3~*)uxYO{-Bs{sbv-GYAMwQaRMuaX@}rN8&Cs6rvT^2N_7*-9 zJ1f@_yf#*?m_B)klx@=s^?Ix#Vo!;Qh$yIX57)eXdLDg8%}ArM{R6&FLb7sD9kdiD z7J7MhjkIQt2Dzxu0C%u&t}xpbbacITfc^@0G4A0JHe!Me;Nw#}k-qO($6$ z3k`CB?l0o-^}=f8+;Y~~{<~F$9)?HBjD>%V(&rBHFy~!tIwo%}XH2E5ui(@Nt#!3B zv|J_&6M7B?l&LA9(}~mig<{R9j=HmD9=XRwC2G&mO){6guo z*c%X0!b*Coj?MhKw^ADK5<~M!o}@5y@Jm9NG)a|QU-Ns{aGyzTDY*V8~b=rY-0y!ldoj;hzczs zVxN9kwlSDwEtFCe6ahVY`EFjvD;F}AuUs)@}v1_HoyV`;tJabf%dU$zn!z}sa@7HAb! z7u2fiD#=EGQJ6{%b8klfxC+;vJta_l+3NFDG@}As`qfUoZjPcw>h}Goe+uc-f8hlv zC!%U-X~(J)&?s4LE>>{<_1yF}!vYOF$p4$6(Mo(liCa5e6JD-YH0bg%7V0t^(sx^} zc`JGTcyT?;lR1rJo9`?AFYjEX&Hwkz{x&3m%*#?G>v_AJ5+>mk`9CbkR z=ullV7BZ~-L4@A=T9eVLnauR2Btth}qzmcv0y}B$s9BnqbIu{MaX53_H?GCQto7pU zqMhuv;1-|Ee!H9FRh)+e=gLT}HhLkqtC^&U=^IqP*4FV`9p{vG=t>69eu4S+n5Opm zWu8xdoA>y9H`IzI-B5uQisy+H?8|6dgX?9XHpkZL1%qJOop)b2?C+GeFRA^O!zRWG`-OSD{Sfn%=DVy(ud&a@on0$p;ZG`D*>D##GxYzj^5VY| z`|7wT8EA3MpE0YC=$QwePi~McKtgh**;syzy;S4hq)5lkVmeNE ze@pgZI(ZzNo8O&x54e(#d~2L1bEbbj=qe2G1S+@IsW{kZOuRXTo%ekxyS=fmo9=^ND_UnuXMIj%8kUCl?SQ9N z#N03z|1T_uMy$^hir&BeTl99J{XAp{pd1*j4&Al=)0oyOrUk$qr{wiDh3Gne7SzJY zT*u5aJ}heWPW#$!>*-lcsIfn{QQ4l z7TiU0QA8&%uGKzjp%?og6AJUAysVFn-YOsB+cLWzp`p*Vh?DhboSAcMcQw%?!h4f?@mf2#jOe)yT=X=h&)zbt|?YW&=mxE3LR3u{tS+u=~ z#pcHj*UO_ljW#hULC56v^&T&QKPJX%Tnd^{*SX95nY0qQEG77@RG4pa!^cGAjb$_C zT96*r&&%NOToWJ+Oyblw()J$SS)4ITFjIbA!Clwj0DJd=AAA0(wXU-aT^$Fpn~GBD zaEVioIM9vQ&o{V$4%VK}Bsh%Z=Lgh37)nWy89U9wf@-)FIUL?Rlgl3IsR=~neUz}; zF)CMc5O&K5Z<#dgCsMONtb9f${nH$1R3YH)Jp2d;K2i#I-?6B$W{Nd}@NC#W$-_6L z49CaJB-2>D7tJ~}+>Yvq>W-J?{P)Tc`Q0z!;fsd9g^XXdOH{U$7^kuPVXbwlh0VtX zy$Q;-r<;L(uv0+nl;uN{npW=?3SoqQJvD?=L z-NkncIX@3a#nErA6fS{Iwm9$H)dGm=+_pA7z=)b^2VaDT2b@(l;q40jQ5FU4H-4aw zSYa{r?YKDp2$n}xKD`mpN0g65U@?RLT+s8{I>q* z)~49+IwNg-QB69E0%9%N?nSJ6Fxbm&N|)^se+YkFsldn=w8)etx;cnPJa_$Hh_!rttAd79p6p($%&nRRlLku$LX z-AcT)>43DsP*&fo-8o+=7mFVnc;T=_8lT^RZ0^qBiN#zHMOvxzhV5~MG;(}3tcu4N zm97>n1Zv(27;h1Vkp037i~rSNDgT!~H|lZ=f;y)pONh%9DZFxfS3W!M#ZzNI zK%8{#5mKR9o*slxJ5hf>nZY`1N*D#X6O*m5D z4>nfh!U5ccv04{yem|@otqCKU;Io!`yy6tSR=*OpN^TljLis+%#$5UuhF% zaIuvl2Ng4j-r;Gn<>Hl8om16G5vRk+5#NDNUG}A!E9gW?T=POolU^&M)`DoDUPVw9 zU+T2c*X&QwmmF^#xd6Qw@CB>64BNw$L|s&SeZDNMjCkR`9{^vb1Xr;4|L# zZb#hq?FwORrNxvsjS^4F+hmHkum2EV`E&+RNT|o8@uY7gH480>8K`&GkD~`EUwX$p z&HrqqK52RoTmogx{8d+$zPzc@MrDMFK<>gF&TpXxJJ>xkM z>DxK~QT`hx-QL74;SV2nn0UO(3qtM-M%B^D7Ak<5sUos3tE(ZfsochRwvvAW-g+C)4x_~)T32>P7qxyQV*?SKua= z<=7*BRLVm{Qx+i&ehZ24;Pi{ni>`i)x3n!e82Nx`!dfA=WpptF3P&K$BPqCw>iFc~ zj^FH!>{^uRe-ePaRS}o{<$uA?5ptrs(gfZ~*i+yyU%8J-41<|ARCX?JCfmN0k!xWb z_GG0C>5ZVPnB%>&t=H>C03a!}p8E^CGd?0D@ank zc7MEC0P;NMN*)BtKyvG73&>_#l(OTwu@MrEryi{**>x7{oJp-AcW=G}26$Ku7FZ2l zLU5?@-@Lj6GD`PPx%81wJ?BBJptGVC^RhSBX7|5}W0`u+o~)orxF}OBX1+;t{LS9| zId9vRlvYVoa=b2UMw>h_S!T0G<+ZFBlm|8Rb`8%r5zFTGZ{uG$&we%sh@Lio^}?hi zuzwU(w^iwH8r2T1#lMbu*X07xds`p0J^tIoBB)xS{;D}$_iUk@oCC}=kzzfaw8lwm zuNG-u+8|xJy%ipFJjNd8>Cpb5^=ud9ns4${dT;d0cRr7cYVjj9*T0ed1V4fb%h$+C z=SfX(9blu!ghtA#oKE2W1gzin?!9XA!@E|ECw{xn4)3l!!tA&~NrQ)`2er3Q`!yn- z*XEhe-Y!1i&!l6Y0U!PLmb7(H*sEW`v`-o9%98z1p;u)WrW>>3)|78gy-l@2(6n_*CztI{tHAM@gtJPR=;mmKhfECP(3AP)q`MU^PEPxr8)R88`cfc;MF8ubNCD(>vf%8oWD z#7og>tS*rND|Qsx5c$FOww?R}bu)DNcXrt7Fe)WQ2i_gLYZesaF)=6mUx9_#(YBf1Zmu(V3P1PQI+mirT>XZYmNhliVac-+-B8o0YoEjf z19MMM(ug+GN19d>*vPKxl@u!dykC4e;pA}Su@|?HU#ZqyNOJgRU-G}y(%QXH>zp2D z<8t^-l`xFO3OkSlfnXwMnLjqD6ARUBxkftL!4xI*%NDern zf#km9zNoVsz5WzSt)<&tEPtJ(uT7OzR)=?*NPB}AzeM_IB9vasmHna++?^>*x1#hJ zLm$S?Z?U@n?yH$?a_rslC09_izwA;56ng%AgJr&@welbEJFWSpK^y#vR#^1?!dWdK zjwGvT#i-?ETHU(pnZi;R45rC-@?Zc`M2>1$t#*?0NF8(0w1B_}>HJl=ew4ASZYXIq z!H-XfM)arI3r16%pi? z%N?L5rW~j~AEfV?r8cfCT-Oa~{=s-gHyY+#KTU3(EMWz!Tct8skn-x}Clh&I(BIBwKt-V2Xki9UX;LdUu$`*^ciqaSnR6 z(_kHPZP^Z!z0LFQG7C8s&Zz= zp|$*qv%g?znk_Vvu0Q>1!FgJ3)QAsTeppwdFTWLj-ue>yt3Lm}$hAyS%|X&2ZL&1P zRJxj=But}$-c`!?dZ~?IKGY{XrAmbRU_~nFiY>MM)1{QF8`d9CbPnR zwGnObM|s}sgo7WVWiGb+J1$~*wqD!oDZ%iE`L8}c38k!v(Ca-})oTTYeA?M{RO+Za ze5tvquiraQ0QZEQ5Yp&nCEDU~MfR>Z{Wx2GyXzx9sZ>0r6{eYEAQDgwsc>KzT4B9Ng)#9Z@9(s4Y4cxizqMZ~$aKe2~ji;?-#27{IRQZBSP5 zkzQ+SRT8p1p9v+xBXlN|XM2gdSp(7@jIB1RAGamtI(WR$2!$#!G&YOKzA&YCh!Z*p z75$`BToiE(*fL8L3Cg_iow`j#f2Tpwx7d&<7;xyXVY}W^zD2)nzlynizCWi$Fr3_> zUDtDPfRVk?(MJTvs4dc)&_H}w9VDW(p*j@%c*Amw!qdUDO$37ygWbcj|DjiG$5*aW z4rF}|ZEyVFmKH^$t3ywyZ%e4}6GYCXNqJ3FBSKaX++0vb2%BU@f2r(9NOF~fY*5K1 zc{bpnE|t+qLHRkB}M9nZQ<&M(b@*0MzcGIwi{&hvjm4lB{Qme|V=4f7y>H2|ZS z*g68RXTk!<{0n+htJs^O{P?L$S=zSrR$!~!Ab;y*-ggp52_9T^Kir(Cq_@3R7cqYJ z@1Ewhh^~FtpK&Pt?K{7Rk=ccN4G9jjql0Sbz;1beDCNje^1^29d;Wg&Mtyr!5R}h9 z0kBh&#W*UeW8UdjVnHxnsgC(?tT3s}e6J=5@2alMd(Z`Q82kNe!Yiq>Rvi2jnp7!i z+Kc{#y7l$@Q-bMr`2Q$Ob<|}ua*>{eahw$f@4xCfe6mnU^II)TnrQzuT}(vZ0+`FB zP@c()Y#`_PHIW&WE;}q!tYcQA^TOdIM1^DH5U?EWJ8e?CU)UCYOF~ie_z7DXWhx0Q zChJN0fBX#Msz=Z)Py^Q?J-$?Ft+w1lkyf_?zkV%)j-t7-+-YOJpfy0Cg3B!z3CQJz z=I|^PWIGgp{?Fov=-KF9+Do97|EmOpK=0||_jID1`FP&`=J4e7%(cF3frZxuyD=f_ zp6#Itiy7`)r?!OQYAP^x27wtiTKJQAOq}9+NukzQgvDLTCB2Tie36qFCx^p;FKU^lrPe%kX^m0c=uxe>y#BJ&5}j<K+uPJ5-+OZB{xUfqe=VzKwF5K+=6jTix%eM{a3%Gf2Pxi^A1?a01e+aWLsm` z6)fH+?F*rV_nHprHJSIc82M>?$St|S?sxE&#?g$Xu;H(!)YS)NM2XAWQQH@=fWx(hY33|S5X28+M zL{fzFn%95uYcZ!OYlG_=5~7jEgq+YV=FPtY>`k~cLs(jismaaCfcljCd#YN8+z2Wr zU*Z{u?l0wJFt>M0iCo;VGxK+1Hx3RATb<--e-0MY%jyA<+$IDSq?T&BcIn5iI+)9c zG@BPG6Nk5vP1wJ(@Ozm#fQ9ry4P8?)s)xTCW^eu0>^=TOAG2ks;UDqM?tBx7*z~uM znfVvEF}-=8*Au2B?)j3rWS=)-EwF-y+Px<&!X%^DB9NAsDF~q{M-!m^P3G zA8rgy8zq2rdERVez+V z!eaS3GP^k-zQoi2$GyPyp;f}IsSx$+xy};z??x14_eV`C_zm*3a{`U^{%eClSbZ6| zm_`1H^DV8dLPb9F`9=JHjAiNk{*Tr1|F5^!nl_c`uly@Uf1dUZN$n|pm+ClHk2s-h zt=;zTd8`Kl zDs(sLmyP!A;LLrKiD`X?b9Aw-cH8~5)4@up(5sl8Pug>gPOz-I=5gn}H^ZfD(Y@pM zlNLg~mg&~M;ap0a%%|>LJ55|-A!YnG(9$0X-%Ua*E*Z~DGBQJITr%$7D!5o6zCYbR zJkTJ~F%_4oPSQJ=m0XTtN~AeZ)0a**1|PH0=Cx(oa6fl~uGiMo+?44)g2=`lr>>Js z2?xb3GF@tHEwn9Y*$R7}g9mJ-h0*v8%TC5KmOe*>d+c>Lose1cXEUpdWahF$3x;fW z$4J z=>F3O>T<8~W{;Fq1)pSF4;bQ+%X$E*!=TktBY1k6eb$;3>PjnA)Lz3`^eS=f!mX`T zNH%!ZqH(Z=R-& zBRzVMp?R^VrnbKN6-sc$8|CgB39>kR@z(R$VwK-LxGZa*iNDn1Y8dN}U3pR6@Hwz+ z*AyyAL^OvQ1=2e}8*c*AIt!to!xL~P|90l_v3hXQW{)cek-UT+9pv7~iKTW+i4P5V9Qch31pY3Y2g_L>&+#P@{c@#%l0IXCfT826NEpm4Ce z6#^Sw1vJ{ezLGgn5XImou}U_79(zmrdi@;!8Kf0-hUc!;3c5YiyJOan86Y5l%puC_? z6wPk(JM(7lY?1|Gv9nHw})sH!Fwc?4D~m?Dd@s8qa)Xbq@3Ew+m*wk@c^ z0N2}J^#=dO$!OU)Z(*9Nl!Dyeug$cUd?$)ozbZdtye^Bka4x8009_VvsaE6m<9mYtMh`p_>v&*kOok~06$ zcq6blP8JMvYy44s&RYeN5?P5xEadD(s~pllN;_(STVy6_Yr_ z)5{Yn>QLdE${Mb%MjqNeih7O44JeM5Pimo?>e2dT=ZxnFT>YvQXZP@-X> z^1dw4h)M20ef*mH7)ynDBWYddf94CvEHa&4(~WJ{fLBS+G)?9dC?xh zD~q3Yt$3PkO%k4;yxh`wYTco`0yNwXUzeN@h7oHQsC(UIcRo zc->jyby?vzRh7RrenK(fk?c3NPN8JhX~sW0gO=#Dk!0;}_Q=p!urOLfU%nwfXTt6B z+hYDqOj*mmZ}Xh3$ZlmBN?1$*J>*UHFG#MnEHn(V-O1)n(hHjK&1`gw{DFxCt~QOr z=DAOsE)K8Mm0@cU{sp8Cc7Fh|@{s20`9#lb!9x-Z2*?W!UZ>AQTppu(1oXYw^0*;od~HS;9O%7Ad#odeF-kIL^SvR#&nekQ&*cXI(tB7o zwqZqpn3iwuhCHnS1vvJPKurUT?ouZ>oXMX}Uq6fiN9Y#00fw+!1zROImOM+d3KBc? zjK*1o2b5p4l$#Brj;}O5>1%8g8(I6Wki+v2%2#%CUGhC4!7o%6X&>foa}4qZ0bAmG zpn0}*#oq@tIE>u892|Fit!%+`HE+)@7->s31JD1ZLCQ{|z9xaEwZ+i3=Ls%-E7}t6Yc3_}8dlXS zm+$Bd)Jt4Cd5>qPnCeu&=o{S92U?+C@!arV%}w~M%T;XBB^!9J-(D*{%Rn?x)3jo= zGF2zbIlQFE2WO@B{LK0<8#}FM?5oe^EQ~jv_j$7AP*FD1qr5LaAWkM>S)Fd48=NH` ziB7vLMzULSZR4w>{ib;BEsJ!FLzruhEHyPuO>@F{P}I!%!fd1Xs+VoW-?wU~c?zU*tS>+SSkp;3NxJvTxitgP(M{$$TQI}JS)-@f z1K)_B%=8&?b^s}+vvm^HI!~CgEE=7)_5NG{OUHdn4By(b#AU&al^TU&96|r078wBu z^&Za(=)qZn$8Y9QK?~i?v&yO}jc8Ha-vO*4dmhqw9VA!g2CcKlSzE~w+Jd5{N<%My z?4XTmW{(&0-3^&=JQu&sjZZ%J;O&CJC>uce_Si^!7HiZs;|N*RGd} zfFRsEE%~-EQ^x*PMk8_gyavlrR#tlytW02T)R`K6-k8Ldzu2pCer+46STmj-f01L_ zLzzA|2j&Xa5`lbQ4`PA*_ePSQsOOM@k)F9Oz(8@Iw6Mm9$%MSaCjCZUiy-FWVhh;; zqX?@*i!-JQOWB+1mEaqYaU6^4gw%MorumD(p?jdixhVzcDeJ3%~08o=4~pxO8GF_3KO`X-j5#`Mk8L zs!;=2f&a84Y$|Rv(FBsb5~hD-%@@oKlq{kZOi{bZU})v*Be9F%Q3~a;sXNi0DY{}^ zTV42TXTy*^72k#EHATv(mkk&!1YYd&Zs*PgM01(J;#z{_FPwUp5QZ-GSq!sSa}#7I z^74nfH>jr1bMAaTaMw?@wQAa|AggKZ!qA`p6xPI$@p-f2fR)r^X#A3Kjo=oM5!a+p z)LlA|KSHx|D&m*UpX96ZRkWf^y&2Vxz?{{$ph|ZSwpHa|Ynse>$ zfgI)I2C9#k&QsOw2-pIRFfRH8o}IF$(No(`>T&&*aeJW>3FxjPhEBVW_;N3pHLlIb zzOS;-FyOO-7QXNB#HR*EW!W2M=hfc$dqbWG#Lf0#N8dfN`0KE2b>=B+E4!lqDWQbi z=r?BcXn&hV=FLY!@5J={>p?p7+>J~QqHVpAIS~T$CL10Q@N(Gjk)svky-U1fJdp`e zeRL?gg6KcbP)$R~m~WV!B~N5{A2GFB(VP}oL9Lmcm{%?Zlzb0i8KM%2yWOm<)bSq4 zSdaQ$B(JLfdMak#Nc%?8hHuyS)M>CfT8Rf@sd6tq!JNh^4 zwz095PFgDww{@QjS~gPph>VX^c=3GH0P|h=z_oys=q3TQ{Xpr2H1#U;1SnhluY{4t zj=@fQZv;&K z-1W$ztMg-OtmK5W*gD!wDM;^9x|2&~ z8~c`&4&T#xBuC7Iidh78W=&6Mw`TgC874k&nvpoq=yqLmeG2jX=_VY<1i9%nTaWII zy|Ebl=eJYr3b$I|V1O|Ff{2*v#(}Q>T3bt?imWABt&=n{M)m$hx}XP4HV%W2^2>aF zeHT_jrZN?d-iTg5u_oaZm`jw)9>^97w(=4u$jE4X{q>L89L4i%#zg0gA^hUS=y@N* zrkAakPDulDBkwH3uw|ut2S}5%Yw%|(X~%y@tXp$Q{exb|e%kASoiXExazicQ2WUMj zEur?49FE-P2x#F|+{z2kf3ahh3Xa z@M1p29x)wHmX680r()05kK>u9yrI4Kb}7Xev%3gA6Yu-SBFa(o>*bIDarGIbtn-c@ za;%eRck$EW=$gUlkYUGaqoL$9w5roR->U=Dm+GS!Y?rj!s47*Ici`X&$GNZ{Uz&_A z0KCu6hn*PfMbVS=H{w44GL1;&8^uezuYv~aZJ;ZRn;4xOy5*q zP?z>*?S9%ge9-=Lw6Z!czJyxMYtXZR_^^&=i&ZYHkEN^#LbY>rC|SyE+L$RjUX|Ty z&dyh$x_7-s~( z%h3JeWFRXb^T{ibZwiD^TO0k}J~MlkR@808V9o#j8B0aW%I~dbW;9K6J~vsGK(89j ziVOg(h!YYL1)2FzOVVPORHp;pp$UZ`>@g=Q$snef&ZmHSygbCHYZ%PTB*5Zc?)}*` zFCU!&?hasPnlyn2-sGo_!%Fr8@&z4iZFOtvVGyZ&$NagOKV8u5yjbbO^CdS;60p|b zb`ML99&QKOiFwgP7MgK6v+q+r03yqK&LD2o|F%**#cDiu7jS1p6HL_Js&699ijqU7-L z^s}PUad}~H@0R#LZ%*~~&%hBP_;`~+NZ$L=IE#^MYG{n7V^ZLugu#deYw|z%DAx&i zx@*Q`*<8-k|267FA+~k@%FIUYs?*yg16(id)GdnPzc@0w@atij8=1u64UWc{WPrAW z{+OwP_k%_sE3&HSZs{o@&R0sYce;2yEJIpMB6tT{(91tO$$G{0YU(odkAV{mzM%lM zU6!NC@8mSW+CTd+!Tt9(no1y^alNxLV8A!JG~J=eumgPLMB2~YwDa#({urm0I7w8X zELNCD@+-L&qGrQd8dp(gVLh*gy_SOPr!Lb7{uwy0%T^lD);p8!+=w=TURx*Be(;c+ zl4;4Xm)Abdcv3iO4dV6r-dZjm{%_850^5TTjiw0nym#mreUf9bj4#xE03r;J)W z1IG;BjBmhhjz!>?$XdUd1$%qz{0B}F6(B2gqudPrQkw8T8J6LW9YcK8uF>lCESqd# z{W81l3~uo=Vd4xGa9%a-zkHYGP(G^aiWYSY<%PZ!k}@}^koUNuBG~`xJ6i<~#9Lf1 z4C6Z|MUxmU&ATLxsLUcq%7*bwsEa{b^b1v7%Xv6mK&HiY;Ch4dzG%~^(VH0XI|0biHT|?jLv73ByrTg+Y2n1uWL&b+e4Tq|P|r*6s?caR z@bQa=9@)y6M;g?r!C&;6E34yvg^!K+j&t92PS8$xuwv*x|YO0vm=y%_O z7FrpvjR~2kLV2d*?g{d-ieqWD^VOb}x9hl1*ICZ1PrMeayJ9DT4}A&KXhU;_EnHbK z*w>nYHDk@ER(`>xaisQZZj?~0r{y|W^I&l7keXrVxYaARiQufH>s$v!Q7E+|uO#>o zb@IP1-JM3uzE2>__D0r7T%|>!X_@vWBmI-O>}qN;`~gM;ipiHk1r%_h7zi?^RMvBPQm_u=8YHi%Xp1m ziD3!9(vuBX+47CqX7>sxW#J?zcLTWMqs_3}H*TOIT>|DN7%13V5@ z{j9+0*6>4@iJdGtK^>mZ=E~Sb=%=N}zM$Af2=ebrYku~A`;&8dmc)O1kr^lm1bPSw z3Y!ik{m^rAYd)AxG1RWUo-w*e9j?S#%E_RvusHn8!u1J$_vnHn`zYOY1IJ?L(@E?> zwYVZz(#_I5r0Ahkd(Iy@+$|;YvjlZf#QCR%U2wr#I3-Bwb9o&pJ6l>LHtzO%^KA9< z$qe!%v}kx+EVlyxLOQCCPjqzc7xb)07Q59)At}Wyi~iO;OIPNv=f&0X^nQ!63n{pN zZ*P;$NWF5%HQ={nF_!_{tPONX1NvF``A*E&t;{1@dF|7^OF#D1&OYZCj^sN6bHwOwLKC$0qyrz2cIjc?8TK*9mm!Cw#`58Uyh*n2$B>j#Oq zntG1un?q|P#@t7SZRN-WZg*7zerLcHT(d}tPFq?Uma8;;u2OmOAde@GMQC=eaftN; zX?#xLwE`a!v81JHr$ z|0ec2x9Qq%vqq=oI$+7rQ5r#E_eq4bq72~=7%(1X8qtAwHw4m#_okmnGjY_iMf+{; zE_vL;5CNU(W0AATZ`q!FU=xyue~S3N=t+!{w|JORfi1U!Gh7E0gdv_MJ~mFLUy-3Y zcgBU3f6|O>-N!Tup#J_Xj9WTa$(i$aKEX=t+Al~&yFW$*(S4D{Tv+je`*T`blMx@EDwATUvgHA{MQNNo z)*LKTFS9pQ;ujqJH>fv()uG=aSDYW;-5-g#DiduN#;4R6K6t?cW=<$14V9MIxX`0_ z6Xz_cZ$Gm$DF4pSbm1w`G~LZCVAk|1%pj??2PEu4^`;F}6_0AB;8UV_kw@OL!KiD> zVm_+XUpQWB(B}S>EL}Y~VEr!0!Z8AzQh#e8P9r3PN2FEeTN|Y?OpGR8j%Tvr{8@0J zTO*kwQ;*JHEk&jG2Q8%Pz66_CoQ6ypvQJ-e10%L*f);j5*mJO0N7 zR@I>_Vj&-^9vhdA4dD=0F2$sVjviXdN_v(ZL>aMBl*=kI6T(v)amBfyf#WlS;ELh) zS;5F$eqImBotx#tFWpWP#?c;AI?akP0g{sW)y;YL(pVIflt_l_q|4=;-u*=7-=DKp z9ty0aYZCRXw#tm9{T}^~=VO^t&{X*JofEc4|KzdSB!VNV=eZh65tXtpg{OyP#v+Ow zKVI^A=sgD?erf?1vz!%^isfse=TALZu4c%_d_Ks_N^`5wmW+bO>R;y{?mSKNg7lsX z>WlSHi+)4O1OAc~G2UPA8f&|K=QcZ)A2~xhSNdcDpWz6mp3KSSak8jnB3@jqzMkhbix_eT7AkGj8Q55zTNIEn7Y3oh;n{Hw8Y-}))}FzlS`6F)rY z?}H0z+u=qF`eB{6R>KX>`zfatb|6nJl#To3Yi*HPjx^$kjj1X+w^R_@Q7 zk_&MU9I%EuH8fU2u8U7<)mHhcHpeLU>y{B!A9(7%ofh?BLbu z#i(dNXIjW=!hgqw8Bxv3t7)&2XM8r$yY6Z|M~q+3l}|!RXsm0fAL+hFbVLn!$tyqw zEP2W%Gw81t(in#Bn=qY+`+b;s*J<-6j;lWi{QeaAR}@WCkp7|@^rYYlprc#}{-{Va zGb4Cv_xFz)lZM1~Y|N#N%`z3GN2VfM>YlQkocZ@;-j5F>6{lXpu5V9Mh6ne!Grrhk z`i)EJC70CvemX{hR}?Sz2|Ri&Rh$<%9$n3x`lH%|&QB8$H9sv^_8-2t`fFHEnG?~n zn22j~vp=|=gK#c3w+(3Le`_kIs58#^rXfFV-QMmh@pR<6eX_<-soBhyFg3cTUYo-@ zv)HB{Ldb7oUcE|e1n>YyvwsFbU&dS5_ctId>H>^6SEFM8ec9k3r+@{Do3fQyUg&Hx=L3j$}T4Jv$d^?)5^2pF18Q$%bS6wO|)wiD;o$9-Wdg7&ObO zbv(d7R}m{22H)K_={{2yZ|SSw`^`JrWempWl<)&A?@**UG&+(nJeV^d85@qs)s?aw zeM^f20n;wgZ&Rbs*$+Ll^!x2TIll8#Nh=Fu@4988Xnu5i@5vAw;vGtDz2};5HSxM} zgGZYF%f~`iO)QC5((NHfr4%ub?5sYLNc(s1DcKJ17hT>l9?$&(%e#N#;MFbY{Vs(0 z`JTT#MUMCE{jRU@ZoXFv`+*=kad1_6!^5z!#_n;Z;mhe;;ZuX*&)bgjqVtaZ76bZ2 zqVBk5E+1cm9dNu#OLJk}{c~h1y_63w)2=>8Z}O%89K3CCNo?RQlTRD7hP}|@V=3YiqD%Mt; z&hod{lPWwI9hr7uiZayX48Q}#h&J~iK0CCc2Jn6z=S$0IM z<&OFZMn9S=r_uVE0cYyX3w3nJuh9K+`?^0m-S)~0clldHJ=r>57W(a8tIil2=|rX3 zn(VKqhUpPoUnjmX&PQqhBAu65+;f7g1P}StbWJ}fT-*ybBaULNdtCY}px}yg*`g{` zW8(wcjCsOlPw@FAnk2B&bl|$AJ(YI{0&URxG`sqVG^F;Yh%tFw(9OW=7-;!l)yE4z z*-C8a1>bW1oQV`Rd(=y&D)aJph#&cy;PRu+WGZFZ{&X z9}vQg%K3SES2?5M@#9xI@2`HQB0^L1pWX&UN$b)i@o$B0%#nQN6VJ<)*3iw?z2-^}KWq5ueBxUzN0xM|=$i zN$vQ5p`!F%^7CclvDltV2(*I_{>>qmrh?iOx-Kn-ii^U;|b*$XJF-{Z@x1YP{R^D#j{=-Xf zZG47#%Mog=GuxA)i($D9B%)RGo`UVx4*`R$O z5iG&{+_q=U_2|!yZdc{wLhW!8cApG|XOtGUr24PSQgq+lS-@r5l|PRijGyB1m)2d7 zX3l$3$7+pmcmLAB-ky(S|s?9;XRqt zkOg_4xn50>&?7C?IhU2y)Nch}C0;*zFm+1*Ol@c*CZFECCMU?S%O%R@a#tUn5rW(g z5f#4ORdbxnAhu+8W)>-{^Rf|&04--(yjW@9lnpg-u=5ETwU9*?*b;So|Y{+0<6CT#@3NQb` z%)e(hR-_EkI2dWWE%Wu*{Bn$v$Vta$eIGpvK+^c!Yxk?+e$Tw*b4z1#qPb2(x}SW@ zK@$v95o*5#_B%GpxFa+&lLspX=u#}62E1Djr8nDjtjWpyX>-45o3{P1%3%uTphGbcIOg~CIZpSn?&_+G5skx85o#7g%3Z~-%$PZ zsEHT{^j_$1$Ip<9VV|e}>TnaRPR|VPZ?XLm=v4`Z^pA5K{&AP3UM*)4#r&vp za;Mm~pseqIX}tNfeO+izaT4)39a`&o8ZPO_ ztB~}sFF)~lC5X;@P8vK6c(xGS_%~}YJ=yLP_SyZGO^r+Z&bu99)P|#xST%J}9Fn9C z{rgUotf@~8YyaVg!i#m=@=Nqo{PyVs(s;$n#csjhNbx;Q4r-TciP@B*yM!-x)Ko*4 zN3iV$@K!R?GFPL6@(D!luV7VWf~i`M{GDMS|55LDRxRoM2aRpgSUcj0L$)C$Rv6M* zd132WbaYUNwyb4#{IiyuIu@~WbGsXXZk^0H>5w~A!tu~c7O}|%*&n&_U%;`kA2vPM zb{53nX4)0bQxyt-(bz8QH!TG za2jjgtP%-kh)&jGC28Y5huA&Nn0wsK{(mK{35OknA+~Mg!$EW&HbL*#dxH5xl(M#5 z8N7l^{h5oi`w6aV{3bdDlw8f0SkW9bW7Eo+yYXE-iN+T)d08Wg%%$HN5j9LYF2g}& zFD)=67#f~}dMP_3ct1D>V@e8Px?p*+3+_Pmw73YhC;D*s+xkgaCU#E$?H2T%Fb6NB z(%L(=6a+3ZnSxr_4+d=SrqDN*yeR)d?lcDpB;?=5c}^1^w3nFCdA0}EN7PVJ0~x3| z6-s2SA_BD6j=ugDRLLkuDPQ6Y?`QCIXkaE2^KJ_f!d2N&25P)T)Of0(e#8v>$w3_6 z7B>741?2v#x1#ZshnV{*6v$ewhv{gKU%7W5B@Wx_!1rDHaOF%hsuQila8pB9DE0&^ zsdGnRiFXn;-j13_8{xbhpotXOD0;+%wk~R9d(cJ{Qc>WmMSK%*wmgoSu!ZiD1Pz94 zteGU# z2RDVhy=Az!S!5B+GoqEXm`LV$FXLC9y_on<302L5=zFOaWvhwp3;ZHt+Z0PB6qVJ& z)_E44d*!p*1nDPQSu?EQa}5YG`*cHaPY~${X4#7Ps}j&GzorV+j2sh({p8Cc6DnEE zt=}4f>RMAUK}(SJ!{p2#T+v?d3F>MSZ%C^On%?PKGkp%le z1B&?kIvEr><*>eChk;XI<;(fyLj|OcCK$-Xd{z_^%AV_ieOH2kf~QJR*D(z5tj632 z_s{CEE{Y1-3mMHJEA#;?6n-U@XwYQ59mf0XWZoMs1C3Cc)<;p1I#EJ{A$~5MM02D< zRGCVN4Q+MYb`XN>YnL1!!_AsgC|2)^IF>aBcZQ@yfo(8GSSU?%kRS_7{*pDP z$WaG5RJ4Mp`=T4}%U<~8CfrNac&fn=lq!+6gg3ns)PYelA5GUI*SzR~S5`iiP}kZ* zf)7!XQ-!9thtO7C6x0FoD4=?z4I?xwB16+b{VNoKTQ6>S(0hO=DRvky(zYh_4Yk2g z$jgHa3KjH6M=*G}3i<3*^3lNB(-a&Gq0j)ui(*A4gc2*d8}(4}kLyww8s$q-L)jgAOao za%4TQV6xRP(M-7g1^;Vg}`!?JxyY?OhU1=6n-yb=0G@uo$KEnwv{eTv&?wj$vHkCk0A1 zw(p7KMQC);5y983;uOCBbtS#%eT#hFb-_ImtmXY#5&zl=bEY|OAuB3AxZiF-eS#|# zH1N>*Jza3R62W_U7*5&;FFZEd>nuC34p>^c~W&VcG|GK{c=AS!%;|b2hrkQZnKY*R+PZ20cGIXm)-C+!l z4x#TSX0A?KFljGbC<`^1kIO_f#(U9NwGHhdtA!GZ9+^!sQs-bDGLp-9!g%AK-$)VL5B&N!1@Q28^qwgxHX0v2;_MUP4@Fp z$IRYRL&p&7`{468CzJcDkJo9C#XC(CE;K$mOB&p%dNg!$<7x`JKYKCzOv{GPzcQ0D zlC%;t-N!?AA_a`V6tckcf+$H)*20jy@g6NihP&&bm3fEqh1cp(`n;2Sdk6eA&fm1!0X&GJj;O7cSTX_8Jl{MK;PLVpjJ0ylmR$6_sJC;E3D zA|L#VJ18Ct#BT|zZ9=&^jP|Ds{jd9bn)&C(D&ntKHpBU8poA+RJ!pb0;{BxbXy`AArBh=-4){WNGo-$C690PO;{p0 zXPy@vaPdhBD^!SlRgUUfJg_R*1E7=M8k2)l@D!rtpWli@r?@Z8DZ`%qvBk-3?~sYM zzeNmqt`-)5d%h#HS2sy36b9o1Tq-9uv_$zFm$~wIFB-NUf|Kh8s))=9r|n75J=cSt z=gNa4rWE3A_3k6aKhX&TQMgYrC(e7W5yjOv@k@zvbg=gHz$&x9+IO)R^;OY1r%u~e zRJS-oS5SFwc>R+o?I{0)v|to#CP>IT?TLOH`&BYlVu&I9XO@BEC6kO|@@)L)1yPYC zSqml&<6VwVooI{{SnY1Wdwi*t#VQo-VC`sFNO~sSBq(c_uJR$zCCHBR6|KJOpRv~L zgcK^I!Kl8*v}C>AoIXwRNsHeaj{OgC#dgW}{WdwTWEA~7w}b@$sE_<=qShyVZp07*qoM6N<$g3Z%k6aWAK literal 0 HcmV?d00001 diff --git a/Workbooks/Images/Preview/indicators-white.png b/Workbooks/Images/Preview/indicators-white.png new file mode 100644 index 0000000000000000000000000000000000000000..c4dbd9321e144c94305470b49ff78e7c72f7abd6 GIT binary patch literal 87819 zcmeFYWmKF^6DCYTLV!RBK?e;Xc!I;gU;%<#@ZiDS8C;U!?(WXuZiBnKGeBT)cNlcZ z^Stl(?f%$b`)|+Q=ggT?({p#%sj4oyx;pTitQaOb5jqkQ5~hUsR|O;_WH=Ji^HWrm zr(Y^uUaCKRJ+oI36GAE-A=!B%UKk6?2tEykzrNFb`9!1Hh^yHnA-(DR`+3%DU0{HO z^q4F0RZz)Ud;cEOL3!5YD3rezhk@eP6t|r)N@KqU-N%6X8dLzje@Bm5#0lCTc2wwh z+S&a=g1`{Hefehx4E>(oIf}@jS#m(HINA98CGjUVJqgQ@KJ!oNYKx4|uoP>pE&4mZ zo23Tmx)$T4e-ZxN>%4*(;+R#pFKM1xFt@g}{CNFHNL(_CI2khbyM=_;-eI}Kcrp!eRG2|Qt3^3?{G*{PC z=gF$b5B{K09#+lgHpnUq`w%L;JJg*bMF080gZ`%T0#}VRb8$e*C(H2qW_|S?ss;K(xABM)ndYIlQ7GL7i z>u89TjAEEzdKg7fFO%f`Dy7~fSB(F%8Dp8}VgA~8hdq4Ya7lEJ(O=ii_P3}ufhl50 z+pJVeYJ&kNZ@y9>u8UWq1uw-9dP=3VB z!4hvU=E=DxA-riu=)zo8VOm(2-Im)ZeyF^O1u>|*OTao`QR`jWmh#uIk=_#N8{AEB zU0CTz4SVNFaE1q|mgNul+D{{167jeup!hs{%XdwEpjpW14G82v{jOAzIK#*~DQ{z& z@{UIC+uAUi|1<5TRsX4q{HUNi(SBpl4Xx(^1(8+#Z)x83Q9uYkYfD1b0hG3b4Trkd z^qL@>-L5JAMyHBLc7Q1So0Ci+Xb^{u-uk17*A6wS5Zj`$$UkzE#xxC)BeTvltdS$` znNLxkI(14_x}b7dY4-)D=VkT}S05UIpACsS=<`lovVtvWV|w2#ljkk_Cl_4I>kiT~ zwX}xc)G?|USA{Ul5sE#e^l$gnUnzv081I?fBMZ~tb1LpTv&9nhX&|2UaQ$7fE##}L zVylf6jEt(;E!kK&JrRnEdC%ZSjITJI#t*t{qX+*o*)deD9+yX>pefWkIY0a4k<^U2Lm6B(Gff?Ziah^u4uQh62gHlks|0&3xH$EoebM>mQT?uWwg0@0+$<3znN^t-7r4#9u2jZJF17 z+cH0m>h6M&MS7|?#g*l5A0|+S^08c)9enO_TkG9yX0ds7`rhEFLt6K)Xg#iyd88}*_| z?q>N7-1H+|7Nqng+1hoCMua-v7>57YzYQR=$9WYOo$+*yCSdLbvHsV_hQfg&Y&E%R1}Kfza@8LR$7Vwh5pk zHHp2J*7%$7WY1H#CJ7Z}<)y|zkPenvNqYXTC3DkRHZ=Isl^10h%G$C09C{JVMy9Xg zEY=oG(W|K{6j^Av>qF~#=b+NF?7Ky5;?X%76G6GRwbNv3^JEIYdTMYXrtfz0yZ7$p zK?s<3kVrv#;zMgeS!!LpN8)<1d_JSLGzoY>K*4&GBQBoJMY@K|a>9qp?i zb1t)U8!;->Cba{eR3T3_jZ-q&G#uX`fyn`myC(RE zX?Y{lMnj8w#{@rnknlQ?9bpa@f9Y^fGnM&Tj+=p6CtTiP1HI5HWV~(fuZndauSAGe zCIu$AthXAK^%Ih^(iTE=p)q|i_AVr-L^|A6J8m( zFXqP0ty=)lmhpRaWYQb5?C4&d%lhC^Uw`VpO%%QqjOKdIuiJOq zzZq+_;PtUeWu;H?ieA8lt;Q&b)J1LJWPO~Ua%gr?V^T=o76N+LbSALF2PRAkm;F}9 zY^A9G$zf*|v@i~&4|`p3K4P@XKTzqOctZ}Hbcu02vX%hg5xeLiE7zod3q5vGa_qHQ z=)Gxg?bU!BhOyelnphz?;R`yd12j~1N1UZ6N4JB0u+5<<+a-QTc=6U@3) zo7DhRBaMB=Q#!;o9rIX3yyWq$QqOOZtM|eVrf&1FD}E!2XcuNobGKSvaVi=d=CAWf za3U@|bcZ0U!J9GiT5jacZ7!i36VsC88x6x2(KK$`{j<~kDWTOCks!xEG{)`oWDB;V z+8{a})UTk@nlm9WjVXF28aY0pY0P^&_Jn?FYXkK#|KWUxPS(QsS*K{yB*_I+{>7SM z#;d9jYx-yZ+Dro4F^Uxm`A0G6Bdg0`RvDGl#R{+`*UWKoy%;L3jMHEjR#y`xruNNFXzFPB`ToPH4;pZzX zl}fQveK;76-dfTn_u^DD<~vjECm1Q(`+aur1u1=$uPnV%-7O6Dcr@>KyY}E(reZ^oIIKWmal_ zsZL>8dSlu@WD7xaCn-4FEwUne=r-LcGZSo`FnXtUy5lqj4y1k^R%VmELGBfM*Otmi ze#bkn*SI?7f~?`y61#ux+ejGn>D0LP6pMKFjOn9O(x|QGv|;pWZ>u59zE^pcR7~9? zf_MBzY?l;!bB3T9o*Sv`IqhJ05M5f?`!TeY({*_%Y2QUv%gFOq+phXCa~(x0-^VL8 zaR34A@4QMpa_eP5XsnLZ9T=-W^v6ylu7^qwoLHPf$c)9*^jW8`{id}3?);yCpS4C! zKZA}QC{jsyzsfizW!wA??wo=e<0xBMWIelb=?}7Lvd`W(l)fZ} zw9JI)3Q!dbHlw+&a&!1Pw{tF>q<(;Z*FT(4#+C0yZapT%#FbwDCR5=LR5VSHm+QY^ zAHBJm)7|A?W3hAw32<|AOU$fKaO?UpX=ye^7N$Fg6k6NK3d{0({R~M^LU)Ou2N~K; zvYN+O+^v_p#+j@m2ou?wC_^oknwf){8^#@KGV&4+Ym8J)P@Ct#tqsZUzt_;xS?YqL zm6k7YIi9%q#iNBDCqJ!2+swTvY}hxSx-h1Owa)s z>~q9d+pW8d7f7iYEKK^EgfD^>LsUFEvz3)@rl&-gLq#a~+m%~_2HY{$vh>_i&$rbk zw~6vu5P=`s=fw(k^QNvpm707w!@h~P9i@xP)!^^mlTEi+X<`+mpd4h&BbaUc=^#VPP9JzBw>Y%3UJ$kM0yCX;xC5-D zymO*f`)LeZV+S!BYNTcStSa{Pq>gu3vHdCL?U9#GaLBXn@7wNrNbHq!Uwy!&-JmPd z63d+@M9ut13plv5&*_Wi3JkbqnVJSBSMiMZ>2@QbGd`1$x`)J@Y29(HJ>m7tPiK2i zi>YRkkO#}3<1aHu0gs6D`^(Kw*mOtqbYlc0kOg3b$E055-07q>9XjVUQtlhykEa!i zCUs9k>pUhVlJ^HrcKY)hLalB1{}U>6h~U&fLd?Es?^Il^9HP=DzuVPk=4`1aEO3n( z#kI4SJxLuHiNGyUFz!#(+S*2TzO7~I;gr54DxHD3l-%FB(49nKC>`rcL`_A%CTWR= zCz~?gn6SR$Tml^_-ea;n`_o zYmBk_msBd0EAh!e5Zbwe9LrQ8rTLaM>)L{4`ehSPOJe$r#0& zus`{#B#(-r?pywrDp5!IQ*p9MWCEY{ST_XS2aVgl;~F@kH0F$vd2Y!1$grNIgPZiP z#JEGP8{PlS852){Ju;hRS*eef@kBc~qHB>j4(gcMxSsQ5T4DSMYRvE#kB*GWSffb% z^#)-tD|E{^EgCEOtp3E-O}r+vwYdWUU5QFxruUb=Gk|d=1xB&G-b@uGmqewteE9n-?~0f;qe>I zB@U%~{u^tjDOFlg=qWg^pl}t24k4myktG)UhLZ~UWlz$n*QpvkFiX&zeJC(n5NsL< zs5rsw9=>9ZB=}R4XM*fq6qX;|1CDUMkhKC$!mXR*t8O;}VfSA@=n=|<>w9EeUukf9 z3!tARW4r0&j?y#4>R`gR(?&swwv>2GTA~|+2RdrDy7hDu{C13*KMehTBuZyevOw+J zlTJ+;;mL+#{{RbLTEwkG*j@*j1cD5**P4ikT2EeI&ULj3xRs^16gPo(_1n_&yH0R+ zompZ%lsV>0p^^9r<{ENuAfpZ&=?&dQw2fD9yLH^7vI;Fh+;c+Bn_)u@LWf^Hn83;A z>a&M=yUgZp!nWBn-^nw+ZW|VhD4qN7M)**;u>wonwN%}7K$bFtV77-DQ}Ea7L+VB5 zzLk6T2m>*CUo zjFe*;7Z*<>6`k^)#^jUMmLlV+xgd6|<(y17nTxOXT$Q9RI7Uwk86b0!#%cA*uCL2_ zwQGG2HC3rMam1>>lq5aPJt_S9`QL~&gqy>{&qA1esQ4f=da~6BQ6-)HO{J8j&i_&> zZX5)U=!;yCDnM6;WZ zPmK>*3mXS5XyqpSH|wDGZR_(m=i7Yd5SMQpS;5)3i_ub)6+h!(dZw?yykw3Btv?5R zDa;8)qNkdj$h$kgivZ_Bok2WSUh&`MziC54^jCM=@m+_^*Uv1lYHEwd_qg{8D&5iH zW(%TLaDhO@M*&h!PN;f$XrYh?e2^OYcYjuWNsc2I7}#5z#sy=~g3~$=_)QMS%x_Ir z*s@zvsZrE6Rnv`wW>hpb09rR+NHvW#Sxql!N3SO>!)y3T43veGv1j+=99$@i?05&= z=_Lt^kVQ=T>!HY01SkK-3#z9K|H%qxlJKgX5$ZvQ%TnR|mjO35V_`LQW0qJL5I?zR zB8N*R!2L}Xg>z5CPue6|n@3g|T3YuGr{M8FZjZb&AynJzKd|^3-EhDI^6k8A`9Ed( z%i{{koRik_{Y=-V&~~@1*{uU1*zwOB6rp_FaZjoBQnf6=QeR8M0-3YQz?NG8g75-#px~x_$TMPLKK~tJA@|F(&~A%UgX5B7YFb9TCLu zM&HQSad*&#z;9mFM2;rK;!eZ%kIXU(d6H-ujnPo~tecq5&&>oRRq2=Bi9YCSiDCp7 zen_;2#Th;fsXQbqevLe$Ez%%dtMFpCQ{7CSdUB_-mXw{fHMsKzK5BVT@zLc{{KDCm z&#B6uGQ2{OM`!k(9fa#!^~E5;CCl4l+0d-YMAij*gHzx|tu&E{%gozs&)m9`mS$Y7 z=0H6&2-wz=*wWUkmse}KuaabxK7C@#Bn>a&*{%tJAzLpz@hLQguG+oT`6s)^Qa zs0wTW>AL4Eb{Uh!0(t2KhT(*>P1fz6SirGI04!!*JG!&g?(%hT9v#xlB0yAVL zHCHdO!ozf$F0NhWg_N4Ak_3g%} z=le(;)=RR@mo3s{Um=UlMu;_9FmPF>WK@G(ORAl2>x_M@Jj#*8Hn*A*7R`Psjl9&{ zyX?ap>!O5cW2-(od>5~sGpWYZ196))GpoT!U^N4|1{AjD$O^OO-X+G~RR!$b-dF3p zcr%wtKVM4{b)sH#gB*I^M*pCz?})MW-}TH&lN1Ka<}wxCp)qY$ zvtmQET}Sn&8YcJbZ75DfRW|D1!`&qvRuL#cu$3eF=+w$V{+9W5#eZZy=uHA(x|1co zs0AvXhZ!n07JM@w8qHoyriV0U#x}mv$xMJ|j%uoYjkOe`^(>FgDk4y<;7sDGd-B~Y z@^YWG#0r*sRg$eFIUOdx%z9j+$k?Mp9KbP`_e)Y!2f6`lFM-pFSHWTh*}9~$d#8V# z)X1=^6_2p&=KGSRq*^rO_TrdSl51IBD%G0+N)~%61>P;Zl@n{f>;CYNY-+qn;YvX< zQQbcJb`<+HJ!GRHK2)aCihew=y~+x35==TD*XS~r@~+VH8ZXF+L$PLzL4#3}hTJ(S zD=gjzyV>8Vq_i4*?DsCxQ$(F;ab?#Edo(r)MDatbq?qIUZX8#bSED) zZR|i~?byo4@!`$99VPdZR)CxI834f~E`hF(3rEoXCl%CgIQJlw>YaG@s%lNi1fWeZ zLHyaWFBOCT372jAU&2C);0!N9LVhN8`cf`Jn%W7ON-YTd9@K}CUi?)P5|U<(&!P+| zQp8KR!*#FO+GWbHQZtd?Kd9ytu8H)7Z%%gkwi6zx?sW(671DOfO#KT^BdIbo_dM$Z z;NW@%Ir)=iEnj}FzPa5!lj@c?D{0?~|95sI&cA=6I3l&qyjcL5ZCY!e`EnN(7!vUl z|K~s;Vd?2?;JrWYki7l4HErg=g5$17MRXxP;eTgnTStdIG5DV+Vg82!$$yDHwx`+u zL;U1L*8hJ4NdK!yvO}Ic8I#u6;2Ir|6(3u3lxUMt-eMdNaF}ya>wW$da@5li#91T1 zn?&f9cI0jYO)`6bkUgK$Q9$?!RAJ&Zp?Gu29ya#`af=sXfSwV!S8$aA8h$sz)?yps zn&zS%izw&2B}wbQ{k1A5+<5*H9r8+XwnqBPg25XDPGaT-s0jn1bWLd=NuLhQ<7s+H z`LcBQ(wb--+(L1^;#2EP!8%Z0TB}|?aC)6iI6>5ajE&s*QXC!uf>s7jOP93MzwRMn zcO4!|xkc~YrezIDpOR%CEl*$AbME0xQCI;U4acBo*$C5MI$7lif!}n<&m2=@0%IUm zLy5b$_@*EnRtcS%ev8nD!BBZJgRzJ|yhXqlo7OpDk+OwJWh41PMbZ%hs-60v(`5_U zPG&AcqnK&7&h2_$UESuoNw>Vd>=4JWCJCPS!b!DId4K;=MTlucRi(CG{Sl)^iYY(l z>1gGoD|LhhLI(u~o-U>ltPstL6O3eZv2fGov338s=8kKcTi^G-^N!de_nnKI5oPRm zpE`Zv&9$KFW{WQ6yGHZr?o#A|2)dj?S-AGd>;0;1zos+M-zbeC+1rA#Ev_l{LrN1L z89p_8B&vUK*9|}kGuHSdJ+=)1bBXly=0VQjN(3BCygB_q$t8N34eRnK6#D9c#Mc8v z6KO7q^roMF&&>p-~>TFs*hA%umC;p%jQbIC4-CZ#G}IWℑ-^%KrA)1AD0VaX)a6x*s!3z?U;T2B5n z9J1QD3jIRhJ|7vj-V3~`Pi~Ta1!{!Vajl-Gk@b@Z30KJ+)tX(TNH#`Z1H*?;+=-q6 z#yAR$NxYwY7yh(T8VX*1qF#ggB#_&CZz)lgbd^Ei+}CEYcHs_zP=@7tOro zAU}_5mgbSFEv-krcJ%<;VA zeHe-9zG~^*D8rl#!~PD8P!*BlrEO}R1%*GRP}v9670PmIMh zFp}5pPpp#q;hvWV8`m?k!|`#oB_x|L72sLxMZPO?;iQc_nZ}TvEe8!JRjlZf6i+MO zqOGEs8#Z4wB9Nq#nxa%}PR+{a^K-qr=E=4o?{Lo~T}hhPUd|uy-inm8mns2X*5Ret zMXgR9oirHp!9!ZfjOt{0%?H{#0HQRF&;>TuA$s23mYqB*{nw720r8$p9xXVnG0xZ1 z2lQ_W-Ph8kr9Qid-K`(@c9J&pD(FT$K=cn~{O01ywQNSpYN zeHz{26xB}4>@6eU>}-S`R{%1p?y()&dwo+=?SLt=L1p-pid^ZZ$MuMDhqD$4C&fB&I(r@(D@}XOd*obpX?bicHkv@dh41L<5e$7g3^@;m# z25z|zgmyL+f(95%=SpSJ-iaF z4x^3EU`Evs8nPJ-3+stt{ruS!762rBfAg!+tNi=MOQ2?k^#p8H?d`M1qU_vQ_Ifh* z0p^BEeA8a*6YMmj#ppD9n_e~2h~<5EHr zC3%y36UK8U!aJwGTa4}>NBgIde-x#x&Gpkl8yozF>I9K#*#idCvlM{F4743){3}VO z3>KUHw$FH{5gD|G)5YZZP*Ims;tS2o$s~>LRJv_{p-n_-HvbV9d^dfCi-f`CM=1C0 zegrc3r^8@GOgEsV|OfZQJqU}nmXziHsVoZl$JvWu6}49 zk$p5?9LFZ0X>r}BziP^R7q9%4t~6Y7Fs#l}VI>D@Tn)%SWX^3@^KxxFcotcuGJLhm zbv3cYZu<87E0E#1OkyqFz}MtyuNgfvjdq&PB3$Q*o+q{M(p`JTX5~Flig|{TWMP1a zFxiO>GiUasmw;#>kWWQhm(mx%ERyTAI}0b`o*Y||cG3FAj}M-WjD`wgiG~faeji$~os`%? zBQnXV;qV$!3R9&hln!0pn86Nl!Vi8F`m%-`td;t>TD)?V6UtY-BfTT1Iyh%7HsLt( z?_=31TVZ(VVSFMzkBLe`G7Mn^ip>~{R`k0(KWP29r{(ZbL^YRLk9HIvMJUdc6>R~C zG?R}JJj*GW81Q-SptTS;wa^3dt40jcjbk@rGuF<6V+o%LMipO;wG3So^~p=+YZ6cM zlg*%|ebk7Z0blfVSG-RuNxPGA^}1b?oZL;9VByDezqmr?>(q=3_ChhM3XZ}9GuVsV z#N6!tGA((v)prjl{r>p@xp`;!jba=iK+%NMxOKV%ej4Cq{OHY?I2s;A*y~*FxoA`U zFWpNR;zP&W$AOT64N1?lRw1gB@tASr*A!w!$EmH6yIQf9IVCd_XmkwsF4#SVC7a@z z^70xRK5`<4^_j{M9iu8#!d6^;V1AWO7_)kayk{Ee8lyk#g^!@pr6ccrxngf(L{F%= zMlxwxZjBIDs*7NU6s`{)3Amn3G+PBh_>bLYr2VOtmq*nxr_%$$Lh{?iUqjAj`-O>>ozI1FSzwmK)i!lf$TeTSaqJqhDXJt0 zKp*al0t8`^V5+Oaa)kn0VQRKPV$$6e*4>P6Pj`M$jr0d3o*XA>{jpQ! ztbIB0-osd$>=yr%bXQS(*PN+gI3clOE?_>G=Fs=(m!YugAbW_v^gg=^KqR8{2U?Vz z?Bu+v%I~pT%yRy+thJZBNyiD+YqQ&i5n3bfRe+3WTh-on`yD-&5uCc+}XN zz~1INRy8W$>$iB!viB5Fc?T~nP$RrQa%dKNYr7<#CC&e=5R1b6eQsCS2ar++tXqhO zPJZVNt})fTOb&ImGWj$`WUV+IZf`wlQt(Egho;q*yXKf7&fOa=-B0=(X!m%6ZS;*e zIl_hyU$b@{1sWnT`Q8b>`|)IU-o{W%Wj$+OqBCZq%_6v;JUq+y;M4KAz7^X^L2*-Q zxX(_xt{&&m5?dq8C3&z)vp?j1V!?+InL@+kO`-qrWx|~;4{axF)T<_p#rH4LOn0ni zbK12~UcO;`k((VnhWJv}%6`@0eHmgzl1CZs{K7FWkHY&dwX|f*$JjLC5GB+Kx_1jH zS#6plUOf%Loq!@+BGHRa%$Zw;Q9iPuBM>GgS$<6WKaA&|XKI zY;~<>vuBfNPc2N+u9w+UdT1}%NlQui$2APmZP6u;{Te48IVExaoqn~Q8W|u|qZRFK z+65g0R!6sHjGI(B740E$ybS5n;4%Vk2QX_;ZuW$`)vk;4rzf+~oL`Juoy(inQ5brICaei5#|V} zU$Pl7v5hBPGtP}>LGGKA?%_^d?qI{P_*#}xQIeOuxgRLqHx>F*)F0Y}E#T(!iD&4J zn&G9GSZE-0O^;H6R9i)XK}m;ny=Pa5(Z4#DWkNE!i&% zzh1GQb6Tt1>}z1<*G?~uC5 zu3oq1?85q1k;`K$T1Q%ciq)$@>entGE=^|zn2`tQ)wZtpIZKAee+j!(^GoJ*?GYG7 z(Qy9sXtxvJx4%jKY({fIFb`55)ieLO^|#dJ z%;_&})AGg3TUSH9KJh&fHnB{5rQ`2Adbx>FzRcUH%`x(X4L72dy%Pc0^w7vT`+&X@| z*j2yH{Ng{;6|SuyOBZbR&`Aai3uiM-TC1FE!Yr7ES(t0TWM7g<HXawmLZ*Nz+N0V2y#ovcwc&uiU~x54!(<7+%3_u|KC_{J%UAMVlmtV!O; zQzz}MaWS2{j#v%wVgkw>&U*myNF?JGTlAQL)0tM zP+ZGdHZjx34F0H;q`K79^%Txa@mhJWLU?t-IcNNdnt<*$t=7f#R<-l=FVU@Z`_FbL z<(_?fZ#rtq?k8DmniAe_{%UxGh0_ED3~GsiwP zd4^${So-id+$wI6Tav%9?=N8TJQ%0z{tN}t6PI2PS;DpH^qV=Z7>(K9;rcN1zcJg3 zHy<8l-QLFLl~B87I^AmYzLFbA7{M_^?jR@p=kaz(q)Vc#kT7L z$_wU&G*>T*en+}_4ukgr8KW7fNoKuOc>DLL7I&rjA3BmGuq@tx(1Mxvxau`nk8qBm z#)Nx;?3s!*fR%E_zWe2NSG9{h&3AnAABY}nlYNP2#uAoSDS!fKs&oU9w;9+S>hh-i zCXEdAElG9gque(Fkl!YLAjy@KvYvoqn=)iR!xL>#3&%yoyKgn9E_D7zheh&2 zu<t-YSQ$_w@;F;pXX-z8=~d;a`SQ2gwVFL|n%urGg>XoQ{E4PS4m z>bl>xX_VE!4Gggy6y|Ch@*X4|CmfOYjS(<1um2UTmKMgVK#MV~vJ!?BMlN^oHFe}d z8mC6a`y^7sNQz64S-f|?KX#0)hSLVQ3ax5O$I>t3s0FpuVm+yIpI0MT_alFW`1Wg<^;^4ONaHHII4w_sUNkSJOTv9Eh}#mbl;PrRKqy?~Oy1YKp8RQ>LwI!gP{))Tu*_A97@iFW+LCpCl1Y z#yfJyUP&7~i0%?rw00&#uNO!eXRJjD`5~(V)GewVjEJyPow%254ep$)O^5ruth@LQ zw1$KGQ-Aqs3nT*QhCDN3G*#%lFEO_4I`R9g#+iX=N~B$E8Bk%X@x z5W73sN8T{x!+^P~*ssIVOGf>W1gh%sM-10dInvzk2Sf{MtNPd6qIw)o9;L*T6q{fz zP7){MdM=oe@L~v)j(yAEQAx%omwX71oV)0+gDV9?I9Tg?JK?h~>@`jg*#((E@2EW& zW?dol>pOI~;PM$^x449&&O7!oyxajl4k3YX5bO!HlUuX=I{Zqw-qKG>NCsbF8v?Uam+UIIpUs}=Ihv$Evi%47?wjrFbse2n z%Ku`Shq+y&?ki$s)UHJ0_YJNCp*{2*(h-HQ6Qz~rg^_d8PRO? z5r1;A#`(9?YF_SCSY4mHz`p%+mr)0u<6Ys>t7_x!=82L~^jXa1y``j2OV;&f^+kvs zbmZPlC3~qfjU$xKQKG~8juD%L;(FVJG>$M~ZMoP`N4X!jC2K|9@@X2UHvKSPMHSAG zy+-1mide=EN_?kW(u80Dw_(rdf>mSZ&=w=&rrl0y)v=Lo?2y~0ZvoAJ(N1_LXTwhl zi*$70y1_x>+Pb^{q}2aGTwyW{9+O3rbjV}45w8NNwDr@Ryma-oJwYCK<&dk^Z~d9wtORf}<=11(~DmuG1TuF$r? zVO}28lPfh`_>5&a;_mEIw9>2b!F+3jlShH-X2sto3OUST4q(CT?+89Ud za?|X#*|r0d<{tDrKev9*E)q@399&Ipyv?bHX83&YL;bT6sndtxfX;f38yNG<-K1gH}+|} zNk#k5+ep##c-3aAH)qa0D|O!jdBk5xnL|Vp(1myM$kN=BMJcJW<`d|Al`6lH`gO?p zzlIbl9(2Ax^i2;+@iUcSAiuYO(1#7Ukep%#CZ}`<-ei=KJ?V<8+`w>Kp5IQk3e8w586?WZ6J@e1S=dr#nfE(?tDw`729N#VSzm?L%XBl|E4 z7GjN(>$$ldp(7^BxQdI(T-d>UaR``2b(WPanF0Dl_q2fWY>9%+n>XxUD3Rv3 z+o)bC$}}er#ISQL@gJIq6Na+u-#}R|m{j!TbW*qXuzOd_czAf63)4AE&Zo2+D3nVp z@^Oi?QKq$%StYV_0+Wh|t=~;Cgxiz%R0io0am|S!zwVT_R-I%bg+2tQo6Lzm=d^=| zx)+XaPiEx@mxD-*cJon2e~*Q91-6K~bu9r)6jrP2^3Q{LPv2WRuZ#Wke8CL82nK$o zG%M}P$^NL-!YK+kpkhN?7)_Sn-8Re$vCpG)-s$`ks-tEYk+^S>8kfBr8cN1`e#OML zgz=0Co7+C-5-ZF%X=bP=pRc0?q$m7VGyf&C7bRHS8#Yz*=`^`)*QiY0M54s4LRPdlj%5^3kfvE8r>L3R6hcFvR};WyMo z(b*pr(Xwq~^AYAyHz^-ol?lA;cg^rF8kzNN(JuXiLd|5->^GD3_R^u6UrD=}wsw-w z1wqAS0@{Me=GrPZfD}iRyhxL#m9LA{*iNn0rxA5={`m2n?<_4bHA`2^$Yo0j@89)d zKeS5{jSUK6^H0o9HKLBpx_c$>XRyOSlCiI}qLqH4Ly&pUgk&GCg*Rjg) znC7{U$4#BMM+K;?bskx#WM1(GjrQa_&o1*NW45parH&82=Im$!*B1-U_KFf|5ZW2= zmdi?cUoy^`>YgQw{QRqj^26&`4N#Q~){_Q)CU$c)1t)_>czDgYzhO_=MI}l(gY-@e&&iL&pxI%hm66o%oxZeI(kMGtp=nPj6nl_V|_-tjE}8 zImYd)1GWg3b_+oD&nYtB)2qxH^~IC_ZJT+@EF%Yj|9?Zv->a(sn_T|?mVy2TmNXNc zuNNLTyB0atS-%#J|8a0Le z*3@6G>Sm)W+jyR+GhDeoKtW^ZK=!Bdqcj(jn7fg%Rth=SkAVmLd5aL@6MH*W#N_RVq2o8s%7I)^<7DV0wR_QajZxP$C=VF zW>+ZDNux}%9w1uIS@mOue_VX-{Ndj~KaM$FP(~RFj8eyXz6RQsLd8x)U?EYn`p*!hi;JMpkDjP3enNLkRKUf@@22SxXckt zW}Wq9J-qoE8dCPukTU-L?EtM8_a*MnB7bFEZu_<>Ad78z;M(q7pgeY8lM}P#-!>Ic z9sMgq@qv{e452giL@YNR_k37$%%mlF4qX@s63y)9N9yiiEFXFpWw*#K z>eHTh$`?cJ`KD~C>D42V+1b5CVNX$yXCY>(T7qx`aX>50CbPt?w{?i;cuvbj)CpfO zNqS^|)qCqI=R<_ecG&P@jS!FR&?T%OaaF##ta*Tm%(u$*7Ln@&?1)a1@Z(XSJTjkd*A0Jf4wdVm98pLv%BIeC=XU&AN%UL@P)oc%bta zLraUPL1xE_aj#Y*r2m6*+5q2unm-2k(SWPVrJQ8gjWKod9+#C!H9nQluI%tb5U}*^ z=uO}IgX&bhLQP?I8(884iQgOD^4h7wGYIpeN?}OIxQUAI{8LgvRagwk9ni!Nc-^`- z{;StiZ;)lYB~Y|s%s%8TzJjth^elW*4=0kjD>W4zEhy9y=ZL`6#egZ)dOPPj=~++% zSgjp|V@fhHF%78_C9~fI@I4Z3h=hCS?B-rJG3YpN0%pwX_{|Ne)7`ef`7PWXYqa(N zWyc&%pl#3ikbr9%>q@L{L15s}*jMZWHRFex$++=Ot(EwJADV zt>tH{C&F0%!kbC3bv6}HuycxC9L4e}xO;pft&?fB_P)3^#Q~6T>;c_pn}B(Sje@W4 z_VmiiZ}OlLD6ab(Egub%Tn2vKJN2)``FoMg*bd1335bp-rr1N#VtVO%t+>AJFU)!4 zM&_E3>y`H)p|pHv4c$Jq$&E#ng200#7~W)z3G=;Gi{g3ST=O+IMVyXx=povluHS2LDWxXALlMwoGo00LrRmIXh*nSm zO^&a8Hg3%I(!T4sE|J}UdRn<^Ug@n}BaJ7i2f5ZnzI;>n_51Rgy{d;n*ROk)j)O6P znCqTh-zQ5KY7HmL5Rj7Vf@e~%Agj~u#te4nh%`hls{bmAPos|7ZCNJobXWMPFfD{T zrOV8Gu1t3;b26`V*sEHz^qy?)IoY|_k%}`L?LWKE55*x}t$k=2-dX2A@aVO7Z`!6f z@o9JKkmKJhpSmz(wEaHpWKiF_SwE^|$%LnbMY zfmPq|LF%O1+`dvTqy%;w&zP^3D0B>a~9bMO+ggWlu*=?I_3w%W1 z=a){*FDL8qPJogmrm0QLVzfJr#yI$%lv0|%a~0wqAqNpmi1b!79rKS4^X)rZYLL7e z1;O(NS?zAuJTjeb^Otbr**4C9JB=eo(~Z0u%rZDfA&+C@@N!C*wD@+;MK2?aG1B{4 z7I)$LOBH%o?*VE|pqs}BFOpi*`j&?U)8D68^73vgk=0*UoB~&p{gm7nIk}t$A~!Yj z(--{qI2{KhqU!PMmB5FW+)WmVgFV$pF8hY=pr#{%r7zBh^%L}l^sWXokLKMK_XBK8 zc0pLFM+sGoOMW}MWt3b#_BRe)-G!M-e-#eg4Q_Ty1h1kS>y25H^*}$Fn0YvbC5H){ zHp{#|CLGntqsnR@Iw;1O7CuwT%+HrV(98){v$-6KGcY1vejxY}l?PP= z*a+0m?Gq%FWfgd_BIPSPzn9D+iwQAA;H916YOTCeJfWSN@dTBf#nO0*A)ZKT<5p;9 z+!V4K-;90H4G1c+K8Q}>dG}V?+wn*W@Jq|Owo^}9^K6#ii@|)aw~*D^t${kD96Xgr z%SFAp8Y^8`QnlW@8}Do%wMJw=d#IofvHH~?z23qj=OnaP8^Z0oD0^8eA$^<@<}#U8 z9GuB`N4soer=P1d!6DYF%m*1c0ZOBm8GWWV*C@O!s>H!^4Vn>CZt|Fi4!{Hz7h2;a z+siL4npO+XYPPg)%O)?&U~QwpLEad}QV&fsI^|Nj&MJ)_M|OaSxM(5%mL$1}5|J>V zz1+BQ_^mNDKz+U;I={PJfyHbm|G??dneJ@LHSUyUAM3qctsFX^o%*QE%4&_)UDZ^w z_B!Vf5{KZpl-_|S%M}?|WkiL)Q~OlB6@maRIHam7p&Bv$sb{^NRBf~{8WqtzYk<00 zd)iL{{Tqh9|I#uZo6w7KyBor4e~3}av*0H~bJw-)nvoSyU4Hl# zFP*uQWfUVLcftMHaC{%6n&GvbdQvqx$eE0*$*+I2`Q`XdEo9If;U7~5vtcUi5)=`z z-gM|`XC0v`!Rg%LpuBISq#OP|@#8%8s%>(gM_MnpAD;EP@^sSMQ?YxVb@Wr9k%I3*+diYbc95T*>)~?>&7UI zn@GK0QyYC38d-Mye2$g-JU({pkkOEc_51u{8f6nPuWHF?(%g1I;^Vw&p734V^(tZ_ z!bs*tJRS&%NsM77T94|(s*uM@6Qb=Dj`3k ztKMQ4Hf*~Ze-l;=%C~#5>Lx+L@gWOpO)LhE-IIY>d zmOQVws*!H$ua4$&Sg_N2}I9bGV$t|%r#rC}IVK+Ds#~q`jN+8kfh z$;Mzb$rKq$k^^Z|-kW$xGEE{hsj1IXQ;SH?R1Ba}uNGg>Fm#?2Z&^KFPr}noCc@ev zwws81QD`EVF7jryD%l~2Id#eW*SPGN^*gUsdPLEPgydd^cS;U$B+|0c=eMn(qu-mR z83jEW1SYHUR8}g~44mCe4`^@M5Kl0_ixVR+ty0FqICsC5Hc3j}=3qMAk8_UC*A3#S zp+MFc@9+cS2boW$7%OE12VWjfpG!;#mkV5u+yhN8ElD8lD!< z=6C6l4aq_qHf3vX7w6~OAW$VgBvdI_wO|cNRU}Hb0IQ# zW$|5JOYlnpj{1q38E;o6LnZI!&s3k6t8O&rft;v56AS_kYkZ>JTD{6C%lF)2g2KFJ zKtb}Jf>SQC$)o2fE11efBm57S5mx9@elmQ0LM#Zt~Lm5^eb(<>){W93@UpVqy$gwHz2nD-suVSdf7SyL4&ej0h| zS$?MlZ^hf=f@OWxLcsQ2pFHm!QSMPd_j|(tfuR-v)1pe`3CM?V+9O4mW_8e_%wQ_3 z%h1?tqH&K+eVWPy|7y|1;>dbLZlj_z0=8zFR97KVH#Luu2N z6))mG?BYS5Mcsv@$mL0BSgQtTOT+a>(|)uul2|VyU|#lSQY*7N zs$yh9XB>9KyRTR2DfiW(Id3R07HUDX@6Qw79cIst8<42VX{DTQG#B#{15W9zC-Q*T zVe7BUP-=&I<+kO+$b$XVSzT+m2LN-TV_xk!P6g{}^R32aS~3=6Tt|hi&ek=y9?oga zEo5WPfbb^@V1rcFn@Ejxu4UYrKk+ntJhmT;z;XQIO3#!m*>iqjBnFH;m(cp-UV z?j;H&v?qQDwMe@@K;}!1u%g(CM@^O;w8+<@0@;`ELLKY1-?^X;P>inyXZp)%&R6N~ zPsXTIPE~6At|nCx$pVt~0+XL?xf_aw$o!>SRjVMt!wm{=8T5D~KeAEJ`26HPPAoA5 ze+20G>lg*hC>jjko`{wmjq6O&ih?&CCt8T@c9C48vVtP3WZLcsE03af_M&~ zWJz2Z`Yc5w{k4rc0Fv29?T8a&v7ce1DMpgqusl7?<4B@a8+O zo`r(MpGz@==mHzuNVOl+@*mw(*LQRF()TLAW&qeOz%zuX8vF%$=Y6|xQraKXNh7@x zP_%p}q4xmPs@b@G)u9URw|1M#>_LIvRQ&4U?uWtcD$pQ~upryn95`TCeU+l%WdHXD zUVwzgmrDw}>`FFby`IF&wskw6rGWgfzGbF*vhV`fjd|~OmiT(2^xS(H$l-;)V4rU) z=slMz>lIxf{L6irn`F3<&put> z0LjN_Lv$Ec7)fjKPoHg~aShiRxvP@sI1#rK&}i{~Y=wd}Us-TXjCgEnyAXvy3`s*D zO5}m&ex;{-pUeXcgi;}+o;u$Ln-o6#jt@#b%>~s^?>A^7*&VtDsZ2mZ-&nuFsv*;w z81wRNyqL^S+zK9ch3OO#+;u90WO|KE>wn^>_2x=?n}5{tOA{_#22J9PQe0>}m=DlM zY}FESS4hVb8`$6OK$}1Ex(h4T*u)>JnWpCmeW5vXtmG$ydyEtdV#k@wdeDwz=wpNT z6%G63{Q5|CO>)FOVv!G?yrzS>DpR*o+&3S`TChG$^h>(Ay6yf`stt~C-Z>A>MIpKP zX@%;~z?MC<_7)1AZA^)&N_h2;KI7k)Fp<>-lH@;S+7R8wzC0hiW4;BWr%R6=pVe?j z0mWun-o5pChMGRp4{5yBlp7!&yxbDf zGFbOam(?X4TyE-m`Ia6Bz1wRpMiZBFm}zW>&iaqA{zOK4@FKFw8zBFyXx*Z1+6jg0 zMEQJqL8~pGHydxi_ps__+|9@B?$PL8Hy-l*t?I(;4Q(w*+&Cy03lJ3ZyWI_KST9m8 zTQywVApb)(K0>HRhX8cM{rN7^aZ-`jtmsKVfWrP*G5!IdVIolG{3?;KlFfaq;9$$+ zL_@`Uo(@G_oZEJPr7+zKmDFI>ppBE8+$w7G2lwF@$IUnFijPdvW+==2&emk&&rmw1 zUi+&H&kS;P{%$?Fas{JU0DAJg*}KHp`R8s3QP`QkavXh~!T89TXOc6={}u^Ze>2_7 zx_RkmVW+pciA^Gf!j)KsHdKZ3?8K^oLE;vZI#T(^Gn6tN_WuR{_HmJr{y%7q`2Y4x zDU3v%O5VROI!;xwOhm_luc@8dC>Jo_nq-%c&>y{?H`bGB-JUGOBwbc9!FCII1TMw& zLWBtDK3rT|2><3xqL>|(s`(oS8b(J>hlP(%)8=H626Dq*LJ}MJ!p9@DbOrTCoP(@} zcj@y2u#J>Yo+&KfAo+1KMyhW&qdqTXJOjn4v&yvo^tRA8%nE(J61Cps(oZGlAc=f@^2J5M%2S0$45k{t2XMn_J6PsSY1;-S*# zlXth4C6Q$ekf@eVaBTCvwV}Kc>T460#j#KDbh1K~bjzqL%0xrY{I6L8qy%-0q`6Qx z4Bz=ijdUeKUha2IAN`I5krQzU)KzWD2aYO4^9|^OKBGIsa#l`GmjnG7Ac%68zk%V^ zX34pyy3vslmrzUaUsm0l1{lo}a-7@Hneyg(X}5os{gKD4<4hOnkD09#v6Xm~psoBN zKVYjKE1XD4xc=b^!mM+x0A)wNNXP)mRnGI&RKG_a1f%l#N}B%W;iy83So{x{McwsC zuWkQANbiE?Fpqek^>{p#8mylhla84F-a{)=jzAalJS@FV%6(5P!sS2kf=0+J47{PP z1>Qe1oJXS_1IL5(%l43L62Y_73(HtpJQl@8zkRQb35Sq2j)xM7#A}Q>!0OLa#1d!u zk9>ZEDMRtV2?L#eoWZPV0(cHg&FsJ1KSJBw5PiPrL2(RHnv|moSQ}YnM6wY zN=cscq^$d%2$pq)FS$|!LQB}&0#J#vrp0&Q_`8g6?TbUMwa2ZS$s-f~!^VGIl@f`> zOiVhb)0+guMoCvW9vA$>R=D6WO0tt`3ku+xNeG)th~PQY)9@y1SH0q4*n4$-JCo=j znD2Vnh2q6zY16w)?kRJNp593G%x3tpVFJ6KpU0Yd56Ce$T;j^llU^f(a}2&e$)at* zt()T6e_PhX=$K>q+3V#7VL4x)O_^6$lfCeM99{@VZVM(gB`JE;UBYR2eZzXzd2ktD zM(mUKZE<^Mst1Y3wiGEYvoCim5WcM*k`t}^nk>@I*5w33PUFvsc z3h9*GtxIakrLoISIhr6E<%XkA8nY}yr!nDpR}}FMlb0x@7U484a#~G`L#6^FN1SRi z{CIScnIS{D0;HQ}&H1tS7v9ft%1O8XG@LZ+-Q+eKpTDLNLDFM8&C~Xu zbdH@oYER_(^`Ble(`0I{BBCO;AK=zEtIoY=0f_###I*$a2Pn%7;$CXrj%W1J)x9yd zcS-yDz&&mCqDM(N%CXsXT__8FHk(BQy((k&-Du1oT5?8=Ej#_X-+zUAe>@;l=C}je zNC-~`3c<^I5rhsBe-B+OAD}MEzV3}S{XB90Zh(H5L6L-SE6rs!@z-f*j)Aeqsm_i< zgDo@n(T54lLrrO(`_h252P-& z*S${LwcUvn@Qu$DbDCyO z0}^$LC?{i7MaifbO)ieDB#yrN`+Y(rE)uX>x3+hZ`Z_cq|De_q@*KV&)-HJMMjz`Y zQPd)3@O>j!sCYr|j8t0>z5jzIPMIZQ?OZVAx6BotR} zV|fr>b?qG8-`z1Ctk7?=Z*t}N@E3f&DTD|7FYGi=s{9hfvSc?}n)$D`va(_$B=Rj1 zKFt_0s{1V*SyQX4-Z#jUEr}FbUcP8Z{_69H`c6V_i93ozuBHB@idh z=N@npJ}9~JENsfYI)4DuU4KEV5T8v8e8vPD(90foU*u3(U9ujm`WFCnw(M+Jr`6E0 z!PNyD{-fkPRn3ffde0PzH9o5g*?TQwI>0A}YROdSoaHI3WUBG0SW-u=vlb~}RrL3T zC_DMENddwO1*|@G^PB$tDz}R>XpK~+FI354fgmuI9mjdXpI#&{Cn7NX+4k58V~!FQ3cWg;NGaDj?NaoZ4P-U- zgY3zD$K}us>35LAcy;Dl>oewJ@Q0tH&1W5r#9+})U-W^90#e}W-AF**WPq!Xf-dbz zY${e1#T94K#M-j;y#b{-?>rzFzUH_UGfvAl{Zj>mqoe8&ccu-JEM9U_h(WSV5t7-!`AJbYBo>( z{PFG29$aFRJyw`O%|3*Sjf|_SMDNBNby5d8L* zx57BPW@f(<-IE&*e;5lei*CcGn|B8jKCa;<5jUo>=4}NCy{C-ihafoxUyvR=emA|; zi4dbckV3R!^Y1RU_8gnhR@r;zl!A?4t+qhB`MvAT>8#{8ytpC5m};Y(CAANW)2|7Y z5~6f7Z{|2n7GCHzf8v-&n!6xPMNS5 z7kGRFX%G+!M3DBToR00!Bbvzo+6M2t=gJkf**#(b%Ty0bPCr$3P$R@uRUj1a*TDPY z$VQTySMM1e89fp@w2DsIt_(7+M3mXYF8zL=AD#TNHS>r=Vsddu%@3C@5?7_gE#eYt zN6Y>XTFa$N=18Mx&dGZvC0&JyZJDo?<0MOpP0fGJ8(~qg^34GBc_1=>uMa~Ypd}f+ z{3mSI_T8P9oS5_QSo@fH@8sDRraJ=0>HZ2cA`zkE1fCX!c$tV1Y2TEL*k6LHoz%^? z7X~zjpq<;~)iViAX9K(xPgW-tZa@v%Pt;D+!%HFN86zMz!ad#rC^hX0{|cftz1_d*p>~I47=<{c zPPDtQEVu=HbN72~KiW-}YLHGEHU`gfRMXxihIJ??ee3!F3RmsyllUG?reWM!7nT+FAcDaXX#y*K)A*n$>v?4C~|*7~2@#`-PDT>WFAvDrfeyV!EY=$ztT zrt$8vbA5NU!tm@-e#%-0`kIH~yC)arV*_Vp%&!;n6$PnpSubNQHd-fZ5G1g zMn20JU5yAVL#mucf3(|In&2V1dX0F>T$&q;uqYF3CoMyzwV!;x;S&BYt>Q2&;g#J8=w^z?cKNhlsouI{}ljcF3CPT7Pr z8^*k(*{cidybolN=iihhw;a3(jDMZ9_FkqJtw4gns7hOzXFwp5NFU4;zgYbScS5N9 z`O(xDsVhdoNsYt?O%hTO)(t45N?{WRwd?FeES1N+@{DTOkF(#bNfCJG*5!&+;?Y*d zwE4w52;WBzfWOyM_3Kn%^^nW^qYpC840IE!ne%q*^fMnHF~vZStPjqWyi!WsdK4QG zpM9dSjHKuzJ1~gAaeme)xb*MDj!NBsDkQ$9FL07`s=)Z5hGQTJ zH9MFKkRy$%l*V>3eoHWMZxRb|C~q2MAcpXVRYm2i=WUn^9N*0Rv);qWvadq(_ef^O z2W<-7DZo9j*k=gY$1}MbKC|~U0Sb#Fp{^jdBlMZ(&bvzQ*GP0h6TnnJo<*?<4 z)xBti&GL215bn)*`roT8#SBCcoy5M;I|7FYm$^DJtcP>?rYnP(cXO;@0~6AXx%~pI zkh321j2>{2ZNLQ3km4#3GEy(ZuJ|H|tCWQ+$jfTi-Xs>P3fVP6kP!bURV?QTKJd&C zCKK434}fW8U)G#n|7{|kM`#!Ic3zs@njFv#e^YzXgsMG;x&W$7hZ}Bgi3|Y0kDQ}S zHD0MMkr_xV)t*UvZ4jUv3QJy+ma1O{!;1%Nf7F??Ki`7Kbr$u@S}4VwYRq~JOmw6q z`bvLn`V)zVeObKnKua zfG4yE;>W9yAurYCn-%IUN`p`?o4Y0c?s`|+?d=4n8K2hr3!dpL)e?dREc%0K5kAZH*oZE8EP!bMXBZ1Ne_|xJ&`t1#rmPIgSBA^#zs6>8 zf4uH;9F%|X@w!|xpAZca{(|53ggKeT?b$>5?_v2097B4<2|308Krn-l=A{a;B~QfW z9sla8{CmoAUq?@bd-1exkCmL2nB19LS}8(sE!KU}obj&@C@H`-d?spPcV5;M)9^4t zPnAxvV9_$bUL}{5?AbtTHxl6m8(nt*%gx?|d?xjb{;^PY$D8B|$}C$}G_K=&MULC< z=#<_K3E&ViEbDiJjs=%UaK^NIOpmi-hDv<)-29Ys682#DRwLv`h1sONNh{sKfePFvhnaZ2PM`m=AbuKJl8L6k_ zg=OW}M}?D%t_ql_R0P&cJj&ZnKAmQ0D353z_!NrOXHvTu)Q@dz*ApY&lQ{~{R|6_gPVmXz|Ps^5u^Lt{Hr2w3lgY@raN9Y znRe)Y-iq+if4(tFpMbTQPiRUel{L9%Y;bqEw+X(~yZuH}Zc)243T3WLK4H1|fSzhN zI;^vA8oNzV5`C)mw-!?#=RE%zXRTytwoj`IO(VThHT3}HR8;Cyd1bjaf*Q`UD!n;Q zD7@bg)J}-1mlRrbi4#<&$gN_s7>>k;MEb5Vz*8xj1Y|Yq{74HgtKm|{RnxVI_ag^& zSR(hml-b%(o`EdO9$$CRdmfMGNi^^K)PwWC;PLEkbNXPBO*aWLO9^trjT+R28l;zO zK3LllNV`#MLaH()W9kySTbJIyG&q79+)|GH2d({@4CU<6RvpB(rD-h5i+^t@!vkZJ zyPTh2@5FAlGqv9ZIB7fWF(6r@bNij!4mm|NHeK{qI}H4fE1yYPDy5xT^Arqupxfi_ z2Y6PoNbj!B6}u7kZW*va`cI;~e~2`y*BhtF^(^p2xN76#Ab};kPK%@#E!baAP-?cQ zPMSQ}H>Y$MLs>T{I(ie=bWlC`x37Kh z{Df@4XqD&wyZHJ$mrIVDY$PBR zQ9%{l10`Gp^Ev9K<+%E3bSP z8nrq^(>{TFXc_sUnLW>Je>6BbY#4TkR20!OAgM=ILG=qpIbG*SZ40rVR6~-f^)UGE zimjO(IZ4_7jd=X;-?xG4J$xhP5_b9GQh0Ww*$v4z%ZV^MpLB&V8z>K zJIu&#d$qk*NiXT%*Jo&E$)>c`#6RM4Vow~c&ppa*yd#-GGnm_1eXXC<`#qPbFoEFG z@~SfHSYAnLYDb~Kf0zDQK&wT|O@R=h*DCejWA)J$*-|@G4LhZDij7m7poSR^q}x)9 z4QQp9gi5aiIGJK?2ZW?oq1A%ZoU6TtNKCd0r&ug6cDIF_zgD-Shm)(%d!k>e^cC)L zgs~WymcCXF7swE|K%8S=a?bCb$UF#cY`-kOr?&w@OhX_D>}3Mn70UlE&%s`v{*B!n zj>C5Xw*PZey6x~D{-4_wN*?zAE<$ajV^rz=?_Yw_hx-4k5yudrB~^$K8@bt(Vp2DK*>2rSGEui^UWNS9xm;*{!3Y+Dga-a@utEjlGAypx%Cq*O8Ov zU*o~wKyZT#4PjAnVrmr{UIvoJF3HPq9Tsi$BW`>o1_<6(gQO_u7)ZhT9)_)8+%EjO z5p7@jKo=kB9p|FUgUeSF$=esVVmh(Y5yo_B^Tk1#{_4!yE)!H+?3)WJN$oKpX%Nx? z7lbSI%5ZRCX--TF?3+9JfobI?w^j8j`LqQJQNSp>k`BFyCePz%qNHW?8=<{L7Q!ny zA)jJvl3ZCw58%~TGFs$0qd(&P_?uN@_tS-29?>&Vq+q4y zhWumJ_}r|Rj<;;M1P70{!RuYr4sLv1DVVYc1W@@~AScrD{ptdlZK!svmN1sq+jLDJ za=9AR=8&v!U2ry|0~L=;O}YDQJpk&tL;GG)?WTdsWOL`u8Q*PQOgifutw?g5mg}{b zt?q}w6}8vrX#5T$;l6$=?|gsSBcFwv#Mf8)Fp2{$>(%ud3}_<#?mm>)Ul+s}M~15_`5os5$aFT_m`-MGSnMWKO)2-t;JkgL z*ng2({*O8sNmECxrLZcpwC)js_kYGvNYfV=I5+azx4Oc3pYP!xML$*gk)4g1??;w5 z9TdBZRh^rFS!yMFH1eOfvn}s)T`a{YF&+V6T~mgVr#*ygP2`bOhE9w4&K}{THeWhp z=)yv6mYrPlLSlr4qzw$K;x-fY%WExf44QH$x=EX;S|BVRKH9rqdW7D;M)(J@M%}dq zMi*w-`|a+gD}iwM(Yp~ci5vG?%Ma~4c%wB+Fb77+52BH3rN$(8K?JWTamfYuswL0$ zM1Q7NFYC+GOcQxwG~x)u2=+kf&v zfQ+91lB&mNe%>2RjnoS>XPo_+3hAoG{h(Zoxc18AiR^})KW;RS((My5Uf+7M)f>zx zAOF>>Dw`SXMfCgX%|a{ow|$VO7F3b;O#!zD^3l^unFk%Z$P=e`NYb@W`l@@E%<{|< z!P$~S2w%4yKCXNE@m|%*&%v1kOD?BDb$k13#k8t8`@Q2m`$Bd;xLMo2Tx<==>iDMB zIz}<8f8skckELy`n|Q3+8^P7!tz7tZ_>NlMcu;4pr;9IAI%yW^G=x3bSwvY9fZZ#5V%LuwA zH*M@wY4$LhoILn#YwbaWW=)_NK z(=n-EvrD_rFFkKtFviK3_&X~SvhZ{UT-$LSEDQmBBuhxWo$0&?`0JJ5ykMw)%oSeD z%t|D7%pH3F^)UDTzi*@>d9DYKrG@atY8*|6EGH_(Hv4YI5yomhXg z4+UW&7qO9SyM@n_c7Y^0DEZeo*S|nBgbKsUMlX)zQRO|;0Zutuy{M9M+)Q^=zSf-v z?>`O?IiF2w6}k!j03nPtN>3hpq`;x?Yl#vK)K&nlZ6gAiWNxdF0$r_x9<~WSGwnRg z_Ai=Mt0zu_GWO=!Z0eh;8Cts{AJ`y54lQRWHeb)1Ov<< zQ>icyc^o(O9qJmx?T80svLA63}m-lW7i< zSH19Z!{H_@LXJv-hscSY6#YWEz6HT3bAv5~h|lSY>Tb%p3S$Y=ecUH-nZ(XFdMgth zcLb7GP0>nEtUe2PAaepc8UWu&+x@n2s=;onzb_Zztw-l(s~+2kbmNis&Rqcf7YbITLA2~q5t@BS;zj2Nj$`RE$!f_kA`3}l~KEGxx3~5qV8qS#UU;D zNJLm>V_ITj)4PlXu+oLM9(Gqf<3#pKvfPevpcQQL@KyayGR<(ATs(I4=jV%Oab&>H zH~g^i9Xs}Bvdm;xN0R1FoG3?{e$!zyl*MQWbb8u4b*ms#XrANcNUI_&<}GK6%_LnR4u}yai@-Im|`F{`|0QGs(6!_XFAB% z_GB(b;!C_^qL}(rxH0WzG|v=&jNwUyDS3({@2zgpxiudh=9>r5(Z7RHUdjf-wSm4jT1XNJ{xKh~Pxh?=Jfv zK2h>q?*3L~s+`^fBkniy3!s-j50tLOedm9TPMRGlQrPCI+E~YPJg4-Mgu5D_FYIJZ zcMgh}lX&zhQ_b|JtlH7e&jbAClTM;$f~r#8UeW^yF--~dcUm*1arvM7NM~YzuXe(@ z9s70}G|`}c*xT$q2NbzKmYBcl+13LIg77x%SG=0eLe&Z~+9fBltgNq~q3V zJOtjh-1Ix9z*OvYLye_jqoCq~+?xXDUiLub$ZgsL=;yWjt#YAiw=Ko@?OpTQGiS$b zW;~pq>0m({8fyh}jZur(yu||YLjdM1W)?KN8~wnskQ->0>Uq~+xF?2m>X@nj_$vQ6 zd5zVWNc$grHvOrE{ux-n7JWBKz_6${?sq}F=9#YhA{V2?hu~)f^#e>WRZ4o7VA;By zJw2+U8YH38NWc0ZK@;B&VPR!%OxIVtt;f$VD!f@#&g!|YupfO#_aIv;&q=Wm#=P!~5tb8~~@}5#E^!qB>0&>&?^?8$mME}?T z`=v?GU+2aA;fy;!RxO$Y35eP!AAzuttFGZ~@>+^hG`>gJO0px(GhOOM2WzbPTwmS} z^~7@lLZXe}uHSS_<8Fs9skYPR<)@x`zonfA#;hnkQK9F=i2T#Dw*2n9F%Qb8Ia6wD ziIHQKG4Lb^bw95CLD3c3J=xLc(Q`uJvz(O(9K;Yxr}+Bj#5Nqmw;ackbfDVmCj1Ri z%yhK8nJB|V-@o|8>ev5W+^wMgpOzZgy#3!!LH_^BrDhu0<$kEcTvvaB(4R!L{<#Gx zR5A)Je&3}>l!~}e%5XkIQ`7eI@APNXAj5i0?XUppGA|mJ?_T>v<7;Y9Q>w@OkmPSA z9VK+4^~m;b=smK@PS{-2o}rO*XBSA$=`yupblxT^((}bU^m=M(!s&<~<@xjtlwd$Y zmJLVuF1X(K1R&+&lK4O8Jm1Q#O&aML;Hx7WE%S=lqOD@YU=T%~EOWO2P%XFLth=(zx|vV#Ben*-ps}SqPWaJ~t)@5*5quah%<|eiwg`8gfQT zCsTL)WPag~SNDahZjKVKe5RQD+66wUWOni?JdS~&6v?3n_a z-!otA%zN%BI3Z>8%qa|ZD(@J`VT>*N)1&g+;E&7lZM_9z9#egNqMcl!$JPJc2Lwb)>n>c_Pc&Buonrs{351Dbynh6J4p>zqCLAOQ9Kepbf;~7y`vBnmthRO89veVMDx61+VqFrXM=An z(K5WnxN$A15_<~UO?XQ0pN#gjgZbb+;{NwUVT+ZCZ*BX6SJxOWg)6=#lrD=lU%fJ% zz;fE^oUMrAtyM;ZHW7t|cZ$wi1J+)4em=(H?ed>f9wyVCSVCu0*?6M2`V$WXdq_SQ z-J#8EGx!DWIvwDUkak!ep!0~8K^rYvKAgwre~2zQ?*;S)U%p_vu)+HGqe6ISYL_u89Ck?J4z3vdSlmAN{l`Rms13x1F? zT*Us@9qMZ^1HsaY44bXt$IR=^|3oKwp$kMw60>D}U`7V7|E0*i*+p>EMc{6i1a#bu zO=U0;-R5X-;2W!_$&4M(%Djy5z1TtfJ4trDprmO>IZ?JP=?B4J-F;XTOclXO80O2Ieg@%~R1)H&d5w`DIF6<-%sSx=ojJW*I)3 zEs4lf)(0b6*EK_kXAe69j&8xKK1MF2d?ZrJx`ipUcuiZs2#W+#C`1;~x7<>BW?x1@ zEs<%v8?6>M>H`EzkL4e(TZ>q|fBwKihzQ(mWES49T}Ooc%okAu(yGgrN2eYCl^^`; z9RwX(9~c2n;)|sz9jT8dvc5IZ)`rLIHn+=N-Q?c?S5oa!ZZVr5^TT7ESAze_P4x!N z-y65H7Kx)UBy%9zCV)rj)(eVe z1jG^Y^#9s~3;5u(soh?tSeeF8;82hY*-K)L94~OW@krrUmgpT~d`K;{z9!ew>G6M? zX+oxvk^kDo3%>1{6&>7`;dQkAAd?-0MoZ!FD~bQTQA;u?k|LX&P}ru*K}SK;JA1mo z<4r6wsCy(tCL(r?p?e;vrrH5IKFt)CtZW>v8MKu2IWrJfYF(Ky9~xx18)2R22TI@j z?Io>06OBZ&_k&uGlllK7An@(HrQU1uihX60D*CTmM zv+&|A9PZtUiW+ne)qF5ZiwOyzPPvP%hOVcVvzPTH<(YU@T(4;e>Zb>-n#~iAG}Z46 zPA*i>lijxQf4H3+*1DVpz36Uh|DF(PBY$*E++F4~;3A`RZs?0h^jOE(%(!{oP8U@# zTfcbRM9N>G*IJ(f3IL2|$zmUGu!R)3-0LwV&N$@tx!0>(0&bPl_Oc$Q1;Pt_4&CPc z&G?4t2V2ZHgMp~f!{zMV7tQV8+zxj0@s{5IiSXX=^0}_ox6+<@6Cscnnc}yPfP@q@ ziU-L&TxF^y@<2W8e?bO^w{?Vr?@fgNuaH{W5zyxbSZ>(Y#ZB`Z8zQ!nNA5 zjnV3b?6wQNWQu*&TEEHs6y!Ty%S8~dnR7+k^Q<%VF?oL>NHr|nL%Ni+bL`Od*gSt> zSqE%tXTY#CpVLX>XLQ?vb?uIw9y9ub`{$W3p%L4IjzMM2`!l4v-OsCYrjNq^iRzQO z%RhPKToS3_E)F?lQzpx|nIdY6%5Q$i}@c_KXbn%&KMw$FGbe$39jG+Q#UK;lLa*GvO9 zu&fs=uXV_>Ga=K#ZOo48V>lU_+QPS3iAn2a}Oc;#&5$!*5pN)Qf+<_$AzhjKd0us=U##BjOGq2J zC6gJaMK=pylGj#UF62Yrl%7+ob!Fc5Fxt6E8w$H`r!*`YEDNUfD%&<^YSv!fF@>dg zb-r}hYk&BDJdBU|CttBX(`KF^VSBLXI=b|0i`k<%2OHe8Kl$L7;*&Nt+I*EBNmdkR z4V8p9Pdlh*d;;vwi*Igu&j&ljc3S;WG*uc1mWpiTR!C3f9e)xt#gFU{rzDxl7yUgU zSHy|AcY}iMsrj*U#iQIBh2>4ej@mlAcA7|SV$t;EIIMRF+rz^&=9yQ`mA=NxHcwbb zX3VT;JdYwl_3|o)%hxa1WIIP8#srK>AF@@*JVXh6Z1%1Gy3li{f4=stj)imE+JSh) z9v2$f?XpMWEIlQ%K~0AvSiH2(FkU)np9c;iX_IZR*U^8eG_~LyBBCz6nh)%J9P!pF z8jhR9={UQ45%KEr*yqC_UfTIY1}3KIz@M+9-a>%R^R!lKWrMEE+YuFLk{=q6 zl*Uz@WwvW&%%sw*KH-O)>p)Y0x4S=vZ`Gqz;;m#4{8>%95$_s{7I*Zt6FbqlpBCNp z9t~B&UONlcnFCQX2bwEQ342n4%6jI3Sql$F8yPr&Pp9qxhybktomTSdH1GirOuLyL zK0L6sBE4@9#PJ0><9iLF;i_K{YieYG12~Nz&agqHIAA4?_>FPSZNq--*My;H%WqHp zpT(Cimq;hj2W1_tjK}y(&K@o2?(M&*4MTHW^ELTJ{s#N0hnjR`4g1j5A=if3BjShl zdL5q2J#UdwPGtV~Mw8T`@DBvOYn2!KP4qoG7jy6Rs`!4<|H1FcT+0nFRqgHUmM_>j z00S<;-pb5vhavAKO&eLyUy{aWV$!&!U_Wt1G!5p>D65o%a>AVeZgyJ&x6`4uCdRq4 zY~ikl-^%EU%5>z1NAruBM-d%IwKe<6fvS1!f5|*~LQmVg8RrT8@`C$A*|UdLh#tE$ z)y;d1-=sXbMJydv?DN?RR10g|)_{jV4Txf#m1PMSCF#sVpJuBYGWbw$<)nt8`Q|_{ zU3tCyQ%{{V-C=bXqGtb9@28C@8f@B0tgkI5P$-f>blBuxIdvl&8YWbw#@%%PmOCRQ zll-IxnVIKp=HT%=J7UuHgd|&%zhiiTFtT(I0Yq z9TiLp+p3;+%#Z?i_cB8TOR1NQD|=bPFJPUErzOtbO4L#x>$}Tabv0UC;>$=C!aA!z zKQV>XLDY`NwR4_Y94nHG0k+xuC(%Z%?BfJ~0NGM&UOmNiZ3~D zfmjl&qMeMD8O14{>e)x+#W7O2QGeBo2j63xE{b6Geo}y(|H($ZE%cBnFVTIgSMvpk zUiITx=d-2f4X>3 zAGEG5{xh5V)|M2IuYfVB+>2SxZon2f&9>G$h1eZGY}s72%d&-7mR8;KK)741BQ6h{ z)9mvn`e(2KgYiSZ(0Hb2b@jsqgEBe=-iovdr3v!`$sI2B_3@1{&0{YGVx#sU2uHe@ zU*P>xzSK?IM_tYI@ARSkq>Xw;Ei5D9$a6#Yy^EhrpE4_#(iKk~T-*(pw)5R8tUAN< zlVV%_M&FjX>=!s*7~Z92NEXAi$_?@A+w8kvV4@x;0n40^S^RZ@*D>Vtk9jb1>(jkV zlzjNJ2(ja3&fNhsod8Jns}yiD3*e;Xc?tHjsa%TY=nzJGXpG?Ue0@0B7f0-ejQ4gD z@o`b)Ehl(Ax0dT%Y9@ILIkKr%w3^m)GFR0t60&KMCtokfw8JTSx5c}6GxBEhdQ#S75a~u3q10uYQt6~ zMnXp)W(>?R<)N3h;-mlK0nhxJqma-$Ge8z|N|n#a6YOET(k?rWl_eV0)DA`Wd6fu8 zpN-i+(q;O2T@IU9A~u{ZtvNh}f#pJk_|>Df^rpVy!zbd)`<20`Sgfc472t4*=F$Rqmm}*X7iL5x`p-ZKrWeu$zaRW935} z-ANFw4t(lBH~clt6lL>=OaUrNPD)4hZ}LGh*Qnh2OU6v$(33N}xCY^Yre7U~*Fy4v`B-yUEY z8+jxD@*!5y{fIqG7nm*m`npL0q{F$q(Hpc?{Z(-16TT`8w2|pyo6M0-p)32XLM(Sx z@Kw2fdZajRf@ngxHxPdFiqcEY!o)?b&aiE_^ee3D{ z$pBsJh7PLPj}P$)t$V65=z&zeW$aGJM(k*%f9DrCT$4#Rwvz+MTPdnx3qjQuBNq{k zXH!))`g`)$%QAd^r{)8Rlwbj&K?~(vJ9%txF1t+F>Yy?kiOQd*pdO%HqR8a&_8`sb z0>%7{?UeDBqj6Z6P<@}zSbDBX@LM)(L`KD8@v`rg<8pu{{tgVEYH+g6ZH2D`y9T#ZaL?zl-t2BljQSR zlrOL67PzIkbQI6YWF=;Cz+dtkoTDzz73wSVhJ5x8MTv^3+(+KsdV;_zOG`OjW@rjL zG&s)DF>I-cz58dXmnwRugj8?yvZ?4odNAiTIOO6sdHI*VFWa`WTrUf263S@II(0;o z#jZzQ2i1B%d9t}MBv=V^5v>|yE@BCdJk<|JLkiU@J*<_>MRJhe5=ZJ?+xDk~2|-~k z*gxrLN5)L>VqbZ>ym+5_T5PI=seo1$F|Tw^2a(^B{dJS`S}sSGdZ~`L$E@cCPaNOH zvSi8Ce!U9ga1MDMBd$WQ+ zpl76)^Wnc&g*U-W{N^p1j1=Sj=6hZXelpL^(s#BMhTP_`4$IoFWLGmNKi|)fw=^$r zJ+Y3PpbQoKbh$na>5;6!ETa$Puc5wC+_OJE<~Q_u&gIaa!?`u%0fQy2l}T#~WWWS5 zp!Vdzc3UN~tgK7wuh(WQUHOTQ!@$1H%VxOhM0B)MmO9!c~K z2K-d}Q@>wyPw&@crCbwgzZXJAObGm3 ziDC_=1#!~GiNxc=ls(_nD*fQtm~YsRWuM2gzc-tu>Hv@PIg-e!NK-rtg6hckIa1FT zegR4|rZ$SnwmKc`35CWtWbZAKTR$v@OmHnssl$>kC*emycUCYEpPe;>S z`eU>aZ#@4l#+S8C6Z?ht+TBh6zG~o5Y@%)iy{^*?xPho06LvU<^gTIYc$wNBC-4v3UCXOgT=l6<4F zhm-#K(i6i{cikPWYaX66=i5)7EcRk{OmiQ+1E-Ho#uHNhB@Zh_UU>N%Rw__)U;n;4 zR;!9IoInMj{bU&OFf`PuW;#xv;F}XK``_m;y7s5Z9{=edsqtRi+ciNY^FAm+J)C%i zNd&FW+=4i^=j=5W;aIIly>$9NN}iWlZtZSyRf4Ottqe8Hwb?!ZwQh=}J1tHKZ{eb1 zho>%mn+$XCSAX2OEp@s0w{#eTvF8jKvIeM1w$SWFT;-ZqjM}nZw18%lTcL;oC!fIhcsJOEs-7%G`wGdV zBQ4!5Vkf;Q?#P^1mZ?7l_Et@XUZ4cm)j0EuDO4e~Juq8;rYF~a`rGwZZQPnhbj2F} zjlHObF`|C)(%$9)@;GP9?qoloAIbS~hP^G4DwPzAZElH4ADwz&Lb~hKWy-BzJce8B z>3iPtj9!0k)=>&9Y8dreF|ioX0EAA=KHs8V-GEKo(DwF?aAdsv0Py|&GMAP{M_5(E zrg`a$U^eWw=Z0}(`0PxKW_?G5bS~ZZFLUQ3v$ZRK7FoLU0TE$W`#L`-mr%obOVsI} ze}EForBqLjMhwptK_>!Dx2QunNaeWiU1d=wm4se8nAJKEs{+hQ&J?vhoJ8_HyB@1V zNvCviiUeo!BHYp>mLA4haok12zxU90q=^7yd|+z3xh-EZgV!7Rrk#U+1Pn6Check@ z{NNVWU<1tzkVj5>IvKx!He6051{*+Tv_!RzNl&*+tQn_V`7d-QXFd5F%tXl_qc+ZP z`=PMhGqDq|IN^ou-%Bn37})nZfA*A^y`PjTTcIW}#D&zEilp9Lnsc|`31tTce;w=S z7y3cQA$ZE!AHp9MSu(MOr|Y)|Wx|*a zo7;wA-Ll`YpCf|!QtiVUH#q@9S}BWcTlZT$FtXXS8y<2E!iyMo7oFw~kC5kivvKMK z%A7c{mMFti{rRU)Ito}*WYHsM+#cJsi^uQR%{gVP^E(=p(AOo(iMA4=smO_{f%ma> zjq=nqxK8N@Al>~21-^W3&SHB<*Lw-s#TRr$Exia@U^@JhKd#C0wIFKa3zeT)!!jw{ zEh$Dd*O0v8Jz}&7vtiLXvA2xY!yaYGJ;qXIpQg<40cV){HXbmzcg>1m9BrlnUe_UUg*);(rk(YxgbEsLAw=m60o zDP9({o{83y8pK;$MhFWvEtDzG+(-fPM#dR&sK%BKG>G?DR*{+JjC^pktY)+@{C%=E zVeh5v&9Kt3<&|iZ%pK{{UzmdhllXj_!A>cAzhkzxn1#rnK6Y7y^pXkz`cUWbSm}n? z{cwX3!(sG<+O*%Z12v15UN}=)V-TNKEx$r~m&kP z`LW()v7Uc7)5_kL5(s$b&zXEis4Ncc`7; z4QJ?y&Ca|``e^AZ`y?#zTaXT8Gq($5fNc|Y=n*0Xm%=R~ZU=Z+8LR9s-0<1HLyklW zTV@A*S$3)71+HYT6>N=9{|Z}}Nh`QpdQaKNT&B{%nXb{d=*_Cb-c_5sih`NeW&mDDn-AkcUR`?)Sri(olBCN*RjvVN~6BScvmz#B+8g zgd;4_Nt3Jgr=OJ4&0?;uDEW@Ev?n^W+rpW4Pa8Ky1TJ4U+?q_7wSehmyqsV$Heo`R zeO8r){C-PU_A4Nr?Jv3&Bc-t?3F&RagSKDg+sWAKrITq6%PxCcg6b@u@vOY7mTOo{ zjT7EGxq5iLF+hw;Ti}ZEsLGGA#sZGNr>XZX5`b$|$>fLd49#F^@af~$5pBda#jCyn zp)gQh3I-w77dGC7ka6RBm|Om3$Vd}9}{%IO<6xci`+={nUH#WAc1Jz>ZpWe|#P z{f7_u`DL)-2EC2Y(fAyL!gu*Tv4ow>m=yQl+WRSj1wLa4>DEOab%AwYpC{%4l&d43 z0Ol6$G`vq(jk@8(riK`7kX+Jdhl{jc-l}`}wC1te89G5{`lcAf6bwlVV*auDq@Nr* zjf`y3O_nh}%41~ORC_>B7vh%_oDdcF<;I=7CMY`aKWW}HH@x)9dN6wgvz4o?_fYfa z(1f+JI3bKBQn-W zmkr}#4J{@=2{JTpgLhJVQ`BCIdTe-md=7T zS=ttnlfP0o?$-@h&DVLG!dyYYbpBZIR^V`-P)EplhLV3{)SIXEV?=M_znorzUbzwy z)r8E4YQS-kIx|&*)U|6KqpN4$BGW5`3-w2fjpYP?TR#tW)njALk^P>|wh#W`^QnP3 zRkm~NnV4|O_v9|xP(sdpPb|QPn);i1=|INlh1g8BsnYqO9JNANxGwUzf2uwgA!RSy zH5HXoDFK_*)rYJ0w9WsiOxVTEX7%xzltia|^?0e)77Z{b# zG{q$OjoU^cI#4Vs+zctl!`?Ok)mx@os}&v2xCP$z@qc zxrIOMw3D_W46YP9brY1~h(1NjFL0A>eX-7gk-`~@!*H`$tP5iX=N+-*%L?ke#Av3x zuu_VoS51=*`Q#8CFu@!4=e(kDx`&zU$hrM5y)Psp*)2j!9pq}5$F@}Z+k)*1x@@du zI!WogZ9JvZV~QhGcYNJO_HnK(5$pM1A&~IiLoD1bactm`Z@)YQaW=T(mtf36{?W~$px4RW$`M4z#}q@iAB#lotKUlS zG=el?a)9w$hv9S1W(FTsd3pi+PLQPS*?{ zQq@_H{GCfe@~7o?_FQnTozlFzj!Oc-GVA+0W2%|*v89u{2Et)|&Ai+eZ6hKTe2|U0 zU{x?>QD{PDdyiG3pZE?*Q(VW^!B3Kf2@wTjW&Z9m-c1Fd>)guon zp8q}cK(5uj+9`4%c=_8>;|TqSblDlDwnBNoaZ`i22ZK)01m+O%#u z%5wKS+}I!Wo1>;V+iTXjHU5GcNAr?S2V$ccH%e!_irDqRRN$9|UGza>L|fqAN`fC! zSb(|brU5*SKKL<7oMIqjlxbslQv9m%r&o@y51n4O4bU(0%$h(IsxPN@77guX9GGoxc^Cc z$dVK#u|K6NYuT|bE=cT=wMH_6=02x^Y%8B~v{T$in{_0VGuH{-Xm{GR?!k%iY z(fLMK5bRMC2SJImbes0S%*tM$^KJLF3>_EzrVQmNp6h>e3+f@K61@o2FMWNalS8GJ zF@JZ399Dr=5d9=^&?IBrOdu~spU?MC@73(Gwjm9?r+CD_mMsVoNLjJA_l;TjO`ZL$ z&Wi1{XZWqo1|Mu9@0V9z;_iPE_emevv>`rJ$loK<^A~3f8eXSzGkCwq3aT#?`4})| zrFCxO;G7oY@3NWWSkm?rSN6!)#x3n`j__dSZ(mNQjV$x`Q-7*f=Q%<1xv_0tvT7p; zgvvfoB=aBKN{~a6QyboM+wa|xh0rC`YgQ}kVS(ZDtj5S}FZhlhmUB99?Vs3(FhR5z z9AjYwJ(a>Mpm*U1{oZ+^G_^uutE+5@J$KLI9mb&&KfOF2m9#*^kYuM7@%jhEdrv0P zF0Kl1(U`cas}Pq$^UG-rY8>7T^IK_e222}h%~6&G3};gf6FyAQ)|6_^TxmVQy~PjW zk!QCi(#8=s-Fx$F_0^4EHD^X++HbwGcb7R=;3X^FZ3I`FYlA^@rS3#5;bIVBqo*=5 zoX^o}9^rKJTu-0OB<4WAn{-R_h;B;3J`W!K)~Wf)R`0vJ9q&5-s`-=uMf-EVvYc6d z!5UtX)v#S8*l?~h!o#3D?qh)8%nWdY@Ie95F%em_{CWeGk{bl~| zU8+#S3eb?D%`U`3w#i~j^hru~66w<6JmXsMj@57xJ7QCE4?SdKqPE}Yog?*vziGQu ze~^~{IPKbC@2CSb`L}_d+1rnDX5dsfqWNxa^4(z1 zMF(?)3Xb0xy~WSj{U&B8!B}P9u9I`+B(-W;TPHtn4$Wx1rUUcvwY8;yTuh`C#rLrW z>o7&PT^%t`4*XP}Ce;6O3*JhNg*K=KqIZ_qo$XS%2~SA$-MWMVfk9RbmvB@}(BH=I zVmkdi(!Le+7uS7hn~h8}FnZavWD{^<)##b1wf;S6ZLHBCn^)mwM{65_7Sqm3KX7hn z)vhh7GTr|@nnl095gKG2nBKbRKNMtA4L7Z}4_vxy)y-ZvV&p?eal#As$w6{Pc}rt*u; zO~pTC!=YO0u?lxsn<(!IQQG6V=XdsKH$HzME+-VvdSIyUEAP2kB#4_!OXb{yj>uifd5~n*^{HoD7&vwbof-TxC{x!I|qyaKj0+dPwx> z!NLFTbh|+p|9_=@@P8?a@c;inc+UT4orwPjA4!$QgK6()%yE4j3YwGA%v4xi40dPz zRrM{Qf~%f}xp7VfZ*ofrzut$d;6w4blK)l2{#jv?ejVQStuU_Z3P)k{kyJ*Fc608P zK4u;NYrj{SX!rry$R=dYDw(=f8|7>R9ivpc=B$no_@5ecr22Q^FdL*Tx>BfXUfV|W zZZEL8R!G}-_F(K@L5PPE?zMZ!3FVmBby`?J?9SJFiv9O_h=zlzTDIudI;%leeRT#^ zMWE0%6w@@7EKt-as)7kU6A+o{Kq-x5V!!G+t=1y5+Tmn8IbLE6n{{ zmgoW;6sAoBaUACRsYyXlN3E-r1P)(sh@U$lH&2 z^Tg&LRjoS~I<(UG+%1b#-w2FC*rjlGt{9R^ZH36ItDtJQJ=}F?DmN>Kj;BAOg_C*r zF5wgw1CsIHLyw{vA6C8ocCV#yorBWe!uh5?N_9y4Ns6p_ariUU^mQ^wD z65*Klyo~C`5+I$_*?SATD=w;gIB_09?d(fIt9*(#w+Yi}lrzg(60z}M1D{9Byc_#Z$cQ0Hz;kvHbQvbUy{+G5{FxXku zZm)wo5z#1V7N?}A9dR{i)44|IFQR^iQD7EClG&aV`35(j+Dc&F6B$!Y(rzEe0LpEB z>(rjUpQnJJhWi2OU7jaudTCEd6)(JSt0CWX1YR(;hiJ3^dn4rut^%PLZzKdK1L9pT zqw1ARTgs9?1))HKozD`#qL^v$5%O}55BV({!&6f5!l8RpzVXp7Y&T*N_ye#{ME;Kx zlt0ezvDyYv8hyJt5F+pDq2wR~W}~pOs@3^-h+Nh);+U;8eY)9U2y<+cJUa8d&uMeD zZ+Fr9)!g6lTM5j|DvRouug2H_J7;?fZfi@Y)|0Et9z0gfF|Q5(IM6LKWBOEs0#EKZ z7vkYf9x%bDp&C{cq!3Ul;9Gh~<2C|^eH>3j9w4T#4QUl#;KBPI z(p$T;uG6buqfZw>o+X?PkKx!$(mgIYn;d)PkWeG>O58=RwA$a-Y1K6>xPza}rRA%u z?LPyb^D+0cGYkFo_rdmDG`t$htai;hbSc|?9eZYEQiYc7&t7G%j7NK26aoli<|XcP zc&uWdKC)NkseqKmuJf)1yrY0l$)S|xpTgmm)+IUp#E9U9dl3)%WXv6lSJOo~qIONz z{t7M8&Hkee!F72{yJ2&R&?5PQVFZ4DNluzZy_m#!4IXBlece5FQm1rM0!)h8FIWyq zfN+F(o-&7ad-IcJ0VR_n?U4m;j_KO8j24&Y6V)?MIIGme1CW>#aqsWT$&7-dxu+F< zq0!7t*^-l%katf%9!1&IxBOYjedoZplCyo&c?$Hpf$~sLJrNvhwqx4nO+E8Fz}wMP zc8g0+UlKyWf__Oj8rFKBYxua#R!I##Wy)n;y3|yb?w6eH7*+(NX)pPaWpw1a}JX=jhKB6tX%J`D8Jvg4} z=4`VITU38qos-{#e?7+@W&_BB!P!Q^ff`bAQJ8xZ(QISm5U2-ICUf^#eMXc?tf^rN z6x>Qo?$g=#&p2SF;?y^%{j%4p1->dUhHXs`q)wYkN_u)R-5)wGMj7SagH92nsFKt$ z)f54fpy`_Au1AcvlrEALIh1hb6j{X^iv8=sFm+rbqM|DJ+2qa2j+`G2V*!=sr2-u1 zeSQ=-{Ud9qiu0RHlH2#S_rX3=kzSsVA!ZYt@9*|CPkKoJ-bVbq#PQnrtXeqfp=6l9 zXvY-ht)hiU%o%j}iW0qBGgFU--%Ia!E^k$sf{$c2>g7$^*U(R{Dr4>$GiNV zDg%ed$(*~6_)FO@9>A#@NJwm0xqxH${~AOU{>bd3gvH2P*VRp>y(4m{LQf%eZvN2rOl7gXiwmaOnyv_1d}|G<9JQ^HpFNobBe-9AHe$Tc zc(KLw_MxCCdZ_6^6-Yn>g5oSk(4;@P=lK)SkV;gbb|6{^DU_Hg6z(_Qr7Fi7&3*-hnHJ!Fx~d&5NQlqHOpB1 zFj6hW`bC||HGf{YV2ir5bwTdEh=x3={83o%obj?UC;q%bdWcNd6HQo-&`&3{sv{4$ zwEB>b(fQK#tL+W}{#f)0@w62yvd9$_QSFJ)ur}`F@WhM@m5AgPtsh8=N&j^|3Uu6l z7O;RFS(U%(JSd#Zq1f3t15Bi{;j2uE^JJcPc=^Q_BZt;Q{kE#wock8YQE=R`ymTd+ zxQ->2(al3-z}R3Yg3>H7t{7+!*jcn*5$k|1Bqi$wr0=fJukK^{U>yZazJ+a7wwl{h zg^SU!#0f;I+xH#3BV#Dm1V|oV4lot^pCzAuVCprD(xq7|K^D5C7EqLx$+qC;_c=7_ zf%AM5D{8blgub9FMgs6+vU!evFV`AAWmPAD9jCXE^P7_XbLgixD`a@+0| zgmM71)HhVD)6MZy-Xm=m{%b)>^d!xL9W;o>K&2;n8B6YM{?3P>dw?fJ9n)}ZcFZ8m zb#mcV@8v~P`D{{;^K@EdF!DATrprsPtJRKU{#D@Bn-+;=Vsh&{C>aX%mNay}9T1nut4dF0KbD?i^$?|lI zy-8Y2ckK-fI!emE8}D1M#Jr@t8HbOSU%MhfZGP_^KPBPoUIlI3dzlsHT%RSnHCIgl z@(x>*8)yG$&amciSYwXl(LWauujb^2vZv;hg*9M=oNZfqd1>uSOP|wy>ke+RZS$QW zydYS~ivW&%=n`~$4uCj1a|x@Vj;qIc`#g$0`OOs#U+JDR%IwA|Urud7hn#OZZBZUE z+@Fr3-ZYZKh1ixc!?5iTv+R%Th(Kk!+X}+!BV-ZU$Ik{C_JS>Co5#I1YazcH7V|jQGzTjSJpZ4L2i*X)7;tH$j)!lAxA2-@I^=n1y*SK zo3CTm;e=yl!DsG8=ON8rQ%2sw%mNp?<(+BY+~5G@ZgxEBj#dhTbwR3{@zmhsGmC!3 z%){g-KB6Pj^Tc1RQBz5!iJcww?{`}D33ZpBak!RJoxlsxgW|X2n^Y|uYxnhADP{M$ zo4bL0A5oi+4M1YylZS}J2?Yjo{y`hPqe)rxSW{IoFf2r6v}`bCKF5O)as2JJxd5^l zDt`+j=y`B7&-x$*E!Q*D=Q6;=QRJt(=&udBuK`QCag9e=*G+ms>WrEwo%Lx!@N+>q z=FUmA8OZhHktC+?(QQ_R9-$AAU{a^eD%kFcmU^l8CKq@*Ad2}zmaK*#*6!CfaE4}$`xPE-d#<`n7MeL_7imn#yh{j!qTCyov7yEW^dwwGNtsRq6 zYHwMvk`535wYoTqBrt_)|D)JoL#UGeJ;W-YXRZk#%KkfBNbB)(XlW|J?+{(xL>E@=Da|49 z$<@Fd37MbzciTkYa*>?dtd<54E$Z5sD1l!=-Wy1V4?p%ZVt#&*}K^C(~M}%dRV)8|6beU|h<0lS1g% z9Ncjz>H?lklhB6sTREPQQ+o9~ZLDHJ5h6VaVq8*p+N>Ph!4p0heq;BrK|WvQrJBZr zr<#d|quxl6!;6M+X;F9xo)0eW(KUDF*mZf8UNj^k+AH;MJOq{+&;(9dc9qD!yAnsw zC*wta>3MVd%&QLaeHCg~6U3&$>;Y;KnA50m)0U!@kX?eV23vA_?BYd=!gu;1MG3N5 zp(yyZJOH&zj`aJ%62^=5iF2+86kN`)A_ll%7`$@U@)b1WEAH20Fiy}^fb-r@I9vrk z272IpwvMKuZFM@MNtys9*(+?$s{jv*UB-peH_HEPD18tb49>t_sHJH}R|9;hdWC`u zgpTa&R_kCQmRnQ%p2 zn>QI?2W|G6gQeVE0zb;%jQE^aIAuXD_!zIwiu`T{&38W}|MK%x&lY}RQk#zMv76@J6KR44)prvL!~7e(d^tmR8zdH5asKG)SRaCf`1cHlI{&T0b^gC3LQj`%X=HwXuZ3i|z71ILdiFN0?RE#BL+ z-g8I0?dEMl=s@}w`8&&L{Lhf~gT+pz2C?wYrQgs{+o#z z)yKzZPYt&o)GncZTmyOHJl==kjT)LxCXt1}?V@>XYa9bB)E`i5kOL zN%5OoDtco0s%9%dYsp zEOrvS!H%A9qvV0xe@O8lb()7Hjz>o)O#tQvubY}J{%7^G@ZDWcO2(fd0=)$R8#}$a z9{{Qlt$NXdk@+e=j$OYSA2c8+E60^<>>YJT>znSI>Dbg=!UkYBB93O)z*n9v{uneh ziG(KVAx~%n*De);vxNq`Hxnr2H7Bnr1nf_x_&5gRxvQlCv4bt*(hzgG&QVRN!XVZvlj|+{4f&^%#TVAHI?shQ1e~D^l=a zk>P~{DyeY3Kebh7)WM<$JbyBjhBNInF7-F^a-JZ4dOxn}=`1^qba2cu98TM@ufxb- zn;4BINS+|KsSla~qi|rk7%@huKU=q#JJB0aXz%mwXIAJB?YIA)UJ2}uCi^R0{k5$E>P%lgY7>YFI~|#YgG>!$IQN~5UCedSrVY2TYK82Mh3sT&M?gJe*#D& z$F6(CrI^Vt!+nS0<<(EUa5nf`%^9oGAAN}-Eh}|*<~|kd-U$=}Zpi$1a%g>T^L@~9 zCbe42kAdBQwPSUsU++!(IaPR($z4}l4GDMFjyD(FuZh1zb10zyfl;S@9&K=Xf&VTj z{d0LfurEnrrIq{m`o!nGY#N>De~2A#?D+pKM@-~H{50?%=~Y-pmG@Wwo_h`TmK_QWxYEFp&8x+QVy*1k1!yhq(O|wfeTlqZm_RoO4tvIe-yUYLqm0*7mkL?#;MnF99UcxGJ(ES8 z@kPhP#Kgz{l%)K(efc6x%gOq06A`()uJT_~>wS|&=tgM${j~8^|8=FKi}3!hCo7w+ zknVpy?d-^UWB=>=|M`gc^7+(n@l9cLC|`W z;Vjx%qFvx)id^|_A)7#H&5grPzRogMtwWwZ_I-BP<5&9=!;`uZJXOzZyZy9d#0q%@ zK@hSG+9cUP(SIM5xTkpdsfZmzeDu(JuXn|6>c~svUbNY*ugeTcO0KmVn+P@%Z^1FO z7Xxo9-<_x1Mpxuw;z3)tpyb$sQGrR@%*x(9@N;IotDk%zrPZ!0aXgK&p zF-+(_-VZ;%HvJJ~=bU{zIKKO`^?CKX-#fLBMB8((EcM^N=Qd%*3Jev056H}H7C80+ zQeZFH{u#D>g$ij}ylF(wNMcNy>=V80y3c7oR?8_N%rSqS9BGDMz6f z3+CO!JwF&=(A~>PK9@uYfa8%Pb@;n z;nBE>5lRPS%1zNh7q`tY4CHc8^dfUbIdhKr^{VO1R!{ zE$N}F7Ue@Z*e=THS$d#;J)KeySUUBAOCI;=WSC=Hj25e(dHZC0jDTBJ9r=^3nrOLO zPSfULnVsdHsJ2N&#XN5Y*zrG|5WPj>dG{(~Q zwdSe8hR4XQFV%Bb{B=JJ(Fe!w(OcOzYr(Ygj;1+xwXCc6B&^r5N61A&cIUQt`)tSC zt87#svgi2VJ;Z~bwI_J^k97f~3A_sMw2%(BTpc!Nul}VeuywVGjQ-=D8&WcJ)r@=T zU_)7%Pg0>h5>i;|gX|=yQ2HZ%AUd*CadYIT(#M)}K3{)EO0x zC1}KCbGcjdE!QM!1%Lk0LbkW-`)J0>%6M+fRD6{56sR^5t=9VNxflwI>MPzeAyIuh z7?rj6#&Yj5+yQy$cR6|Y^m;GHJV1_SU(5Q=OIr3>9j!89vUTaN#WR-b|9%kQT1Csh z2Co$4jOaSi@iwOi8G~L)VNlmP^0>$DYlWJiq$()RV9qe7)vE?M-Kqg~NrLgPktCL9 z<)Yj-e;v3(MbUCbyVo$CwWUY^j3<>Wq)cDVA#gM2AP%~4rp{v=ziYNTAF98Z!;CsM zX$k%M8!{eRtqqmWU_ zU2Hv6Dz=VCK}w***b*6h2{4fgUV`w9Szk4ZSn3)WAx^7ub#!y}>6gQl;5XSl`$Y&F zjSh%)%DKkoL8Jkc=9hP=CTG)F1iI6DrUixM@Mbb(+^>o{Q|ve8lrMM*Kwn~37Y7T3 zA(If;-X*5Nw+4p-3$KFSF1bR3QGKf85PTK%%;1;fzl%z~LeIDe4y*S(TSB=Ro*G8! z!4l)c_4fi6yofct8tO^??s0tYyxB=5Ry^<)l@QzHlf>+3Hngeeir}(5O9JLj)uVq8dvd=lmJ%J ze`}N2dziAjFXNtptl67BZ+5ZaWR^-FX{|GUD{m=_cBr=*q$aMVXS+NgYX|c-+IepRW zgRA&$^*)W#NU4=1KPB!&)A)>};`Bx-By~|(=hi6GQ~W`0Sa7kwAbw8uiW|d<1v$XV z4xIxS55YHIY zP4g8j-w;#nojX$GE^}=vr$V19@P^u=b;!`2UFzk65VJv#cii3-`2=9&oSf@QZLhKF zr*^4%2hR7}cF?Lu6FqF)<2b7nvaCBp5M7iRpbr(8)vgq=%}zw&BN}C= z3eS(7X0Ml!7A!gtu%J|zxFW_Eqg}aDvGKKj8X&;hj{{rXquYJpW)%+QB+DHgR;r|s zC0;65o@uPgVWsu?^-af`m928i)`gAZ@bN7R=F_pdq0bik4c2d+?TDwkp+&Yz8}E9S z$bMx}to^uNQ5vTB(loPw1SvSA(vS0(MsCy$1sPXiaOU0(_m!@Qo}K>YwkvW||8Q@V zWIy63;?xoXrL%|{QR=FhdTAv`I|l^yX@4mO6t=z29_0z^c~a{ATeG#qk3v3E%TonR zm3M{|?=QK`Fu3*DiXkf9x=d&lE7=o@V}Hvzm`T5~vuuumJW64xz^03&kgF|9xT}^C ziy&P>5M{^DU58st6hv>61=1znBt65TZaptHw0y<#UjSCdKB`%n;t)eG(%uR-2#RNl zb0U4V>RW1b(B!)4DtXt`&SrO!_cO}qR@Fw4?NWv5xCz+{LuT$DluD6ixBs$cf99|L zuqq_?Bbans*@fT*YZf~e^T*FF_HwM%cCxB*2Yc`=E!!$Qoj2L*BAC*mxbjzgfS6Dm zL*hM|z$WWeDR0KDOK!!3-&Scq++_48C%@DHnS^BupQ@*;bM>}m^(}1Xu1t>se|^dv zcVJ&jR?`WeefohosQchd+@wi?Vy@7LJ@BPf6Unx#nBknh&z(Ey0mSh5pf;wmyC$Y` zO2q1>=^6^pJK|3apnHo*Pg3!2e^BUgdF-Bgfqr7Pk^KlBjmq3%Hsu;uZ=JozEPdBr z=538cCDE!4i%Y=CQnt!MFrsB}d@b0x&Gv_)rf=#f zoBd3i3GXBXCA53C6fwqu3z|kON20e)wC_Dpx*Xg?)viDr9_2nY3zZg+Fy&oY0IoH= z&%%G0WgnB^f8MKk*|jjU=DU+T1NgSn=AKrB*S&+-esS0_$K_pzY#uGk6+ZkTIs_tugII(SPAXvd(8Z^hgb%6z*Kfy zmBgw^E%2dW!^9h0j8LRX=Lb0sK{o$mk;tK?QMtaVo_P7W&tk5$U48E1Gcl#juIopP z(=ld}3^{$q&w_gV?55Mw+ds{`w;y+VM^{FC%vuHkk!5s}I0*JA)k(Jdr~YXZro1&v zf>-O3iTKd1bu!s=nkFQ77dG4_9Jo5P!!Q0hvsBo=VD)A+<{^PWoe)jsGA`k#X}3*n^8mM+a#Ab-gZq61nqC! z#`<798zFt%x-!H@jW#0`{d|Kf0+_))e9`K#B(m-))EAp@{vaLGduOc~H(MrOjwSf$ULaqkvxEXH8oQ(HDtV->X{5Q67qSg89#Q2IaBs z_6?+Mbkd#fwBl$dQUk__Kj$Mv-+_S%;AJ)odJ>u^S{=7RHSDd1YpsIDc!(Is{DfGG z5>fREXKu>^CB5i>|E;`AJVQKipl|Inh&$!E4y4Rl_6=>PV+rRv10cjLc64uKgtNee&F~#t#-8X+ukA zgUM)#`n!nPTWR#pwkNYlt2ok$boQ)`b=~KJZ~rVbn$I2!%W8u75a{1{0)K&A*?F|B zVV6qSC-AGp-Xk_-lKt76TF)%}a3G2MbASZx{Yr4Z701r0cFdk0iIE+SS}cbQ{%keT zEMqUJ4H>1)uX3(A86=bWyYLA`hB7QOc{7>|n zbppl(xk$1e3~@=8e3gpzwli!)w#(qZ(v*KzS_QUStDFq9vjSg}yvbRCl0M_@Dvy$B zQ|;H*r4Ajp<&WA9bKV8|Jalx@9Rj~q1(92lf&UZPp&zBcc9ZGUPgNJS_X5N``5=Dn zLI24S>99XKOgOrgjk4jP>84XVGBcg-=EJX~MrNTIi5ofc=EigAqDD|QjyGw5QeVjn zF<|NjKj8SNO#&et?GU}{>Hf5;+~kY_?afnNUL5EXBLs~*)-TwjDJU8A>T3s|xs&br z&GyaYH$?m#JKn!0py4&Cstcd>Q3F0mxvqZe#s<9hnhf7Vv@HYr>dF zBrz?k=R9~3h1dpAkbm?Pi*Dio{iO+SZ&ux&Muv+LXwkJ}tQ(N35h3S455DXSJkJ23 z_|Ks;0eziKofCOuT@+7JvNFS--en(D9F@S1dLyX!4lVw6iJ~x%&aOMWFT|sL{lzLQ z-^GoL8a~NBu|gHdFqbXb#Hd+79eC*U8@bEV6jlfSnb@=(Z2YLgkKlRG{bRAb$K%}8 z&R^~w8d}se0gMEiPmBGJyE1XhKjktw-stJ+x&Kjt_SU;?4*tCM|C%z=|9gTL9zX7Q zbWba!rn}$-h0#iiS!5z{wP}f}5Q~~FI|VZ5#X<(?V0Qu1k=ezj1{D8i>dl!AnHXR| zr{p6e(43ORu$pmxGUv>=$sJhu)Xifn5p_AZ)eLV&vR{!GEuc@)(I(_*@xx>;$#TA` z{q{CARxB~Zeihhk%77Cf*_QDT-j^L1;qsWGzMFNTI2Xl;jLlWjq88Fo)qit&MX3jS zeyg-K`pS3zU@Z-la{h%bO*04$vG=!c6v0^`XrB+Ir)Q0Ml3)r9@wEp3dALRHq!~?5clVa4F^ByIl$W>n zHu>+t<^iNI2w47v(4SZTP7(EHzh<*u82laSL`0lA>_`7iIIT|S`facOKWV7{EzXa^ zhdcM%zp-N6Vd_+9b5kwV*c;FsPs2DLes(lW$7N`9HDz$ zyLYaz2R5*^D$nBGoX5(}2#r6#`YfTOQ@D-L{`2i57~)7z88@Um`GaV_x1v1*JyN=Q z9shf`_WV26S`l87o~8Yi;eF#X@U5CzYel&dwzaLBc+n#A{U3$h!h+a~{aUt5egv{Z z<;LcsLtsI&$;iWn;v&$iWFVxJjOmtMAC1!XSAr+Yqd0g2v$=xH-U>UtHUIN_!CNDJ z9P^AjOW4ophAA@MExfw>dZuX&44c(FR4T2}^jp6X^7E>0!t7I`fq}tA-p33Mdx-Y- z_6zjirkm{9CQbi`H%Q!H(QjHW)WzZa6T5wk*qwhv0xa?WyUYI>)&Bn$PyL$+8LO+O zv=$*!%4YagR#vwDth44luYHo97kg-k%l>UuEVmY{i3dN?|2BRa%75B@Ar9B)p=8518jy(L*xH*j%T3jC&8*YAc0BfP z!sTYyIFkG`>2*A3`r7a%!1)0%rwMS21SHpe^kke0Ks-$1e0{wG-!yLEOoVrz&Jt!J?HO~5k%opuRdkp-8L3>r#aC90qQh6NkmW%Q%LG?cCT z+kXR~U*I{3g3}o{sDq+DoN~>2m*Z$8iG7ClUxlo%CqbCG2>W8ejd`Cayy5I8{=M(Z^o!c1uf+f zyDBsu_-70l*PWDhmuXB0ZsSaj4`id=jSN#9=X0patkGWo0UB7-AfZ38T}B=uN=yk4 z8=HcWrY8)8a_#VtmXXz($iz2TD>3onE4qqdxZVG5wEL z**}TlstT{67R!dZDVd9A63BbjKfQhN@z)6BF6>9|z`MWvX^$lUmVf?%+5hJoW&d^1 zvHaJZTTocub5vMGNxr!fPR+o%%_bcY%*s_YQM@(G&Jx-`2Oa4 zY>#uOHk6F3Dj%_B=(}N|H~yeIh<8o@36ag_Z*oJhIRBpk2tU#i#VUAbkwZG3!Xh0X zuoQ@J9p6}dFmUyMK&O!URi1bEDb1((RU-jfAi8IDJC)Zt)C9IZrgRT)`rTh; zLJ91~{J)_{?*B513PZH@o?R2N#zYX@HO%vsS85XR7JRDas{;OxKN8?gLg)WMMH+_p zh+8_F^_Hjy2yt;99+ONr4Cie~Hi(Zi6@QzOeBwIrYK#m$}J} z*slSEEyYS$E=s@htRnKC3o^3*g<9Gg{{=S3uM>A99{32qMZO)rcN|%zOSJWi0UH}I zy~KiB`YO1QN?6pmB>c|&6*`RZb5t=hmMm5pETO+v3s7UX6l0*Vs!S!~74ZE%eVEZ* zcfxW*(GH2+RlmD)n8Y>t2}uuJ?=@sd^&2Z9G9!>E{f^;B)jWJ}(l?Ay6B_1Ft^S1^royg$|5tMOH{HAL zV96Qdd?5;GCYUXGhzW9BC_ccpv;Me4blX!1w{ijh56ZW5@mMN&&q%{VVgSjl+W$fe z|1J3S!3g4$@QJR{d)xR5Te`^}X=5U%0qmYP@T@YlLjA#|S5y=v^t@3zX6yhvVPp0m z&Zam$Yv96WqcV&D{}UoH^k4;g+eW8HJ!S_u0%nd3N$l@o`Fe6qAe2i{ItvL zv*4rMqDxV!Kuqv!?qChtxCSkYNV78^RecJrd~fzX@Pk9BVhH$E=a5^G@`vVCH(7=4 zvWNigqHzzqQ&2W3?*i=1r+~*d>MNZo_RyO$FoEa&f80Yx2i>JRKe)y=8vW$zL(;EHD z?5%%0^0EFi*(kXHeF&guj8T6&ax|VTPc+_l8bTIXR!O6N+5~O+&?VBT`7on?0)zE4 zSG$J^Nq5Pn23?u2V4lWm{h;3}lg@TQ#%mRF{0Xb8QL%?nm}%v^F!{>ac1ow-H?AtI z9UKQNqDVD9!|;HP(NASL&_p9oaJ~_ofY%lI6ZgxM?e}+&h>UlxM)y~i{h2K}dl3za zClfsn%&i*}s=9?CR;hRZ7Ql;|t|CReYRsCgxfB?2d4*B*n<$(OV6gr9$XJ1gtvKRl zv7z8DnJWE5)4;V@OqYzzVu8ct&s+cBT8L9y%)iBv&ZV+$b)XzvTdX9LA(L5R$L3s; zx0nnd5kHPgPAFYY>Z-!sBV$Bk7 z{;!H6N8tHOB`KA4xB=Vs@r_%7Z>IS|bL7B9j}z)E!#KubY4RTeoEA>O_K#l|?f(jsi*@Gj8K-)7vQ4$}(CN3xjSoQ0=x=U- zTjUm@eLz!vk7G(OGHA5Y)|%z2T1AkWCN>%C6u=4`~m%m-$TMUlT z_7#;S;9w39m0>-Vfq%2BE={0o|Cbs~GccJ5*LQx~2@nnY6&?6g~~@IQy4 z*dI&mN_j6s^e~d^AhEFe*5~zdx)1zqP%8c({&DPDA!)I@#_UTlsR7eh*1Dfa?u{nn9loN8M<7|8zHB>MeEG zO83~tg(f^s?;Xv&kc}9rP~|a=KLAN*GQr zzHeNX+9CLY9c=jYj`gSjANw+7r`?~LT z3-*Y4o-Kmpm3by&CBnKBd9B?L2XIo=hM*XbOUivWNtb>rXDqE^AyHuNLosS$VTds> z*XS>W{V`+F()$VGuA18$vW}nfHC!;9n}bW#DGhd5s;|dbz4>?nPKxagI;7#@`A+)q zz)qLD>LM&nNdoC5Cc{s$RV-?nc_w)-jH%JE2X;`kFI;aUW-Gdn*pmV^gjp06Do9{7 zKj=i(o(r;HdSM>2K<7A*!@&-R8f%)#9^4dqEy4Jx%^EG}t@hW{OEEb@AIARpypQ*x z3=}?{n$Bct{xKi5)j1~ajIRzW^+^7C)HH-aZbecz=r2(VH%O$$MR2wVnoN zF{!L?a>>c+aW}c@2;2W`4Cnk@5aa4#7MUWZPFTG5S>kStK#=IiHcs4E^A1qh#!5Wu zzD03|gi*(wQMogX>j+VQvVu;s~t{c=2DRI>#qtvo&vi<-Ho7ue% zkE*XOyz{Gs8%_nF{{xgoBAj%VUC4dMhW!dR?${`PT5x6jO^?kL)LpT(=!!o4;utCJ zyNeLrmzTY%3shM?`~ZfS5$^bpTgTmbMmu}g38bcevdVSI#CbLS~7XFN|PvOx=mK1+LPFbG7zqr6o|Hue4xW~!+2~U5louJ zn`9L4PKETv{I0!)RH))E>_V8NO`?E!mF+V{i)F8E=dti+Uk)DDt=-Gu( z^R+`G)8_?$UpYB@>LnyIlI&<~Pa27!gI7`NpN!wmJy_> zA=!V!FD`7oFjYvH=Jf8T9@6dXZk+8pGC;f!dIt%5&ATJq!l)_3SFNKkkkiW5+NxnB#fW%N}{4KGApO84NL8H6y6CPfo z_e80wC+2QKo;M|dFydINAX>%t_P5am=pB`TOZKb6Ba)*)2LIeMN5eVlJ{nok(PnKo zl&gVn;wu9OB+uu&Z+0Z^uF$;#79*UDkmg*PK=G@@KF6Y5OzT+9s}UL&N|g0pKDaT< zl8142HQM|)mus`q3NsEEiO0%j?TNP-mQLHp`tPras?U1_bcdAbbXL$lSbYvwC3HL% zB`Asw4hoivU3J9M-D6NGMu=;0=S^z6C2wv+Eweq|=#zd+a}N!7xRE`RKC(9M+5C^lB%+YzF_))b3 zh=Uz(YP5!72(yfL^yq|zZ4HqJXbc-pq?Xp`P%JDNddRn5SKAaNHh_2b8^r&5u}$Pe z)v6zeEW1%0M$rApeHjp$m#{g|YI|lh(`)sB;51~H#fDJX%7h{Ha)9)s`HLAhQeP}O zwKwjK#j+7a;Vs&=_zqI|_eUBmws9WHyfC3JI#ogGpMoT@{LQ|%fym`vtQL$Bb@zwd zHew7%+>~55$vz@el1;l1nuvhj%o5vib-)9Nj{)+&+!@*p5aNtFy=pL`h4>t3ft-IS zPYye7RGs+F;Iib=T4|1USKip7DCwrDd^+yh2B~tw z#`k0xKv<@1G4w>gBKJx8hWP=kIUQVx`=cs&b4(cV`r;`LwKDE7GO`X}xh)Ym8q+rg zo6wAI!@tiZn-gWNUQeK9=*HQaF@6U^+(r_gs4 zfr_aWYlvf*2|Wu#IO~C2?_V*Hqyv7+^OC_Ud>>H*J3xp+>niXQaywZv(-Xxm-1?4s~b!b zA2XKsH5`)SqE5>3+v_zJ@w-VaO2!Q{?ru6r5u{}3L}2N)yswML7`@!I8_mn+QTT@J zzTZ@Zcm?P&LJkqgNRUjx(7^c|mz)@36Ti}l+wt+q@dvvd0Wm}=hK3mi+8dOJ?ARuI zteWG8&X!D8$aBxgE;l9l{H|5ew_Fpef~zvpY3mO64W;t+v>_%&6js8|xi-F7)!bX& z(nJ z2#yy@d~bT`39>KX9?WQ~HHNgaIH ziGxamq?PL#{kPG+9X2`jU07rxuZ)LuH<97Y>lMEHwqYLh@DT2uwASNm{QmJZW3uHt zW6L|*&!nGDeM2I~UhFFD$3ruS!m9A^dAzKVW+=5<9FBC8krx><_1%x9td`u6W#3d( zecZfbAa7p2UQ&Y6*inm9+lVso=FZzlx5_7ZL>cye=scvZ9?uHCqvIuTPvYAn*y<9{ zmi$~(b>4$ncd&spbG(RvwJFi<4%LqP#*}4WKfSx+$K2grcAwq;67n|A?Z)Oa)|tv; zR|bw{qD*pl6wJbAA23T?W-aYr@s-qg#{atE&N9Rq)ZAn{hIKn&5PYDGco`b;u?dZ>S!-?>H5(C zoiLJN#iEG2MW}$JL*N!N@SI}9W$scQ1;okKxg|}=$8{JJRtXTeJ^$W#fP+|{?IZ`% zhiZ~6|B_Fa9B04A!;rlg5+8H-t!2qr+LH^fkHPz@2jhxPXR4^vN-YK-{fOzcXKG)V=yWgDW{@G+<_8Q3%GH}flmFgn&gS;UutNkUI@>MF0Bua#f^2EJulS>ctrm=ZA+u?_YBV8VSYb@tTb^G6&kq zlcbI+Jazu#hWbDkDp{@Ipb@mtn)v|UInU11bK5H0OExPhpx_lqU<@tigWkaA%ySG` zO=-Eoy#tNvfR&&wt*ILaFI;IJz50_qne5K?dgu3ICK4X(W!ZuCIwRPn{1)3Yh)f5` z9{ia6O>HSH4%f4gb=g^7yDP6;5hyB-0!o#nC%cG{)EFI( z&7MVv+`S6C`F0ztydEX6>tYu1#miyo&5JG@Q=;ZL219p?>$_$rr3m;Y)?GMxSRLJu zs*GrYKq)yl9tK$lbHv6MP@0e{AD*ZjbkDWP$JsAVeF%@=T8Dj9`& z|G*z+M1qU|P^MWgJRn|c-=9ybUBJehgeKOb|74(&78awXBXpN;yT+-4ZHSx_3h(l+ zF8f5NIJ=U{snTFGj}_!Q1`nxA7?pEFCxeySKJ;)Ut?=Oek%12{eC;pWgp;(u0=yl0 zfN1Wj(f*y;wa3v21jGyBTNGqD`MQhE!|DwOs1+Y;Dl0h#K%po}(5+RV(INO4j%kvT z4GubOAPFbi_*$PrmtFI+b81?h2gM-A* zF{(b{M*J?lYm;4TUfQ3@qMkDYgATo!&I_oVENOMDX~lK`r-q)zFc6vL2IV6{nyLIh zUDV>P=MBtA+QK1C3C|w%vi$>#%q}4^1F%TCY7&Fbl1^Z}RRU2A(e35Irwt$R2B6Pn znfaRYqc_+Hr(NSdaZZHb>?V}$!8UAzayAQe1`m1Ayh%oacjWo3ydft0hOovGXOO&i zWF6kgip>apn^X=74jziQ>XfWqwXjCrGKR|>gJ`V7v48y-T)U5kd8-qI#tvS#=fs2^ z=@PFe5UyB-Q0vOQcC7Y%b^BVeztGjB?mS7fz3U?~u{8wCuo@<68P2?ATiG20bXVp% z1{P0fzU>+L3`1>s$4rg=D4jWZV8-k*P6CzNdr$YCHdHLhy6N^bjsjkq?ZnAtUeU7FU3>S3MYh)9c+ ze_z;&F041wPrG+Jcq5T1j#9!^ziA2HhDarYU!+(BfAEzIPF$*unQW9GSZh^GbJrbr zuApC~al{kcqF~tpAN>Vq$B=5WZt-y^%wv1WPg;8Mj!0Q2WTS7=qDUU`n3bSN^UzL4 znMSkLv=_1`=^P+&Ja7BMKr=0ThP#~kJQ3B6*8%Mn^zz;V$rqYb)`iLRtyJoP^sHLE z`~KUbyCIy@_H()=D^b#g2HJ<4OaDM}DJA3SFnvqT=muoLs#;d*A2JGAH>3@`HxRn} z$5BbE9WloXS-2oZsH_H6CR3?KvYD(hIbCYY0vXYeA0sK;D|)_aZ%1x;ncfw>FT08d z#u@Uiz^R(&wcedm5=u*pN>zSeU+9NmJLx*>s7H}<%?=)`!w_l#L72?S^V$qmcfzYW zy~Ccj=~=&ZTr!< zrit9gp-{9khHsN7>{*Q}x_Z)W-;(N9&;rl2o@i}cD>xAv4Z_KW%WN(DZ21`7s6g{Q znP!wA?G3_RR9MgrD$`TB8rq5Ca`tfEqT8sq4^=nh$&sWWykc(f&NFoin=^D$mScz> z3<3wBEre8!T~KKwYWKk>Fb3IzlY5LJ|lFlt)uP+UQ>M*Ct@+DuX<7_n1S~1r?MgkS~)j*i!@&h zv9QZQ;iDrC*CgB|EYbVX<%i*H>b8wM7w;0)i1*MBO zt!;(jF5+%d{WL7~#BszeD+ua+vl{lz&^nFTI z45O;2=Tun6A)$))1^qW2aa|INX>ik77^ue|bW&>lykTHmq|`z$Y+cul_Q|9YM}|Vf zc;5%uvDa~*lNNf@@R9_+jVG)+J*^&WbBF9JFyzO;`Z*pw(8w(0c5LF#c&5qBHaiSpjB zL)C#9AOp#s<1YJoupTcwImGP@e1w)N%|Sv$Os9hYlhZ2~#HB8&T?4pGEyd10q6zM( zETU9z?w&7$t+EfCjwhTe`lQB!aXz0_TZQyBgg)`T<2Pto#%QtR*;#pKWWQsa(%54V zip??M8V(3qbTy$fw-nGmCW%4z!Fhqa)#Lt!KaMlp_&zIV4yCd;oM`AyZh`rT zQx&2T?c3zD>6lNcHWwz=vR`5%xs{Ig`Cft09$mS?c_XD)8?mUt6tr1cbDroFocc9V z$STIXy5moD?}Brmd;tokdu9v(YB>KrJ_L2KY4gzgg2892w|w)yPu)Fc^;PWUnvJVFASpc&3m~h>zD<-@)hF zWZ-EH4R=HjECo}pu{ondh!U?)o|EzMnFZ)BFLd=TU>(1>Vkv6f2D%cU0Twwszjh^) zX{>MnMs}=Y?-Mz0_*|$s9ijScy6k3g;0n#I9pPp9r(i71B?5|(mYP{meN&im*+Y_M z?W~gnoyGr3etjV*WzQ6BvGG4ch!FYmYB~XwM{1NKe-`b+gxQbbVMO+>^{z&DQMD#DM(67pgRkf&GWWD7!da>Y)xzQ4{#ovW>~ zxn^E!bVJnRKS3G!d29CfWmxyD;f}bdU1R-2=<@O(KFtAuXp~{Dyctf{h?4t%y6)NTY@UAbFsF+Qz|Q{ z{OJPk3sKZSe=97a*Kk!d=4V&P<_kvq{Ct$W7OfoT7`U?$P`I>tk)Ah(gMa)rbvFFE zuRVZ*0^??Uyqnel83=i7iBl7sR0j`3LK3mY#c~+m{RG5i5C3YvV2%jQ^*Np+TI7DL z?Lm@oWF$f%h4CV!E^{Jeyj#FDP6*6vYZCLxUh42|8GWz>74gpUNm|Ff;HH_$V)jlE zBWQ<0=QUU#5vj$3u{E+Q2WoETHYKtQko_#pN2%S90&W-ASw2^tN68jK6edG3GmDxRg!Plx&-%Z zi+oue2G&lS7%cjJzM@~lA`)VfSMCO(S4e|fO7`bC1mGO`{!Irn5ZF?^H6s*Ry_LC<#w13X`RZbIu*ik(EiS#WiH>Z=%oT~SOiW^`oXn%Y&S8<{g^a0w z8Pw>2ZYuf9ZSf^25DyFXU>$*d`8&vk^{+Os8Q6nI#0O~io)d-pzMmhMa69HckLfQ0 zXsf(k;oIwP1aH&u@(Tt9I`krRR+GrAH&wN-NuuAJxKvHbt%-$ykg2=q^3iUyhp?9< zmxuA}`Sz^RdqO3c(*Y?>avC(ivSHWk&41?}VVw~xRqe#7g;wiD>r$}QU6{^DXoHhP zA@BTYz(1zIW;jee*_;-F$rl7t@9EEQ4^%WqsqAic`ad3muXTuiIU;=dvQR+v7laJyYlncq7du03^;5xRXLlH@et$lKkb1vRLPJM|J3; zJvvuRoZGgXf7K&DT3LNfP+JR(W@3Fn2@>NBO&9|$a>Vw>oHTN6oqCX)M6jAJ2~@mM zMD;@k9Gx$d_}tn}mHj@ViaRZciT;xYV*e>M(G=ebLJN+mq4H~Vfesu_71 z5=(vulcDPgmDJYKJvKzN+L{m5uX)q(MF?NTwuDB)hFW8i9n6s>+OoIE>~vU+K^HwU?_BORN% z486Xd<#u(D3~Idb&4oV?v8J^I8~n=w)v(|5dE*}SkFN}s2@>&_#^t@Fhi~>4Yf+x) z88<*`SbI~`SV{Esc%kg}V7moxunf|fK>`N)hU|+7$A~V@$Lsg22>9PZUfsHut)ppi zNMbOZm$*z*j)&VSUaBWyk{wELjn&r$m!=OYcPvC0#`rwwFV+OoGE}aHd?g0=*PijN zE>Of`(^*YzeLWXiwwV3`wM>dNvHL04p(Dfxc3lRfgc8yBh;3%HT5Xlk{wRUSylUUA{x``c%y zhbZZnBUPIn!sk~2=Boojf?DY|a{ z+=8_^I8Y1@J;a3_7=c)j9l}fNhHlU1_=Ji^Xh3gT^cB76PoBOUBbD!h?IU|(dyN)> zA)?D_#Z~S*oQ=7t8aQ<86w4oUe>YPB!|r{dqFzS2?g* zeQh9vS;0LofmCGgH(cc3thREeIci}sm8XgDivzdFMbmr&HnqR(yfu;#Ab4_Pz+opk zGO!=1^T5`Ard5XZb^fq);FM4H)@_MkjMKB4+nm>BH(^dsR{hREWR(SUL*g!GHK31p zRl~$Xxy@_|^LV5pG4aqTXYpJih{c9|^VmQ(!lc5*3b{QnXQZM)wem9Xkw=Z@0CwJQ z?ktx|7KC6O+!`+pUNPUwQKn!I`sl+xB`JUDAnMM1f#4HRkjN^nsVlNj4S#pT9QpXk z)dM}5Z{e+u*$3#GQ#jjQ*}bV!k|ztKhj-+YSQ$Mr+vK47UCO&#``{nGj@9S2nH(A$ zVQ7poBKj?gW)VNue} ziK==c9uWnc<&5ots%bp{_j4(oQ3+y?)(oF*vwA4!8*tZ*V2-P=?@SlS)q^8@?q10F zsb=$*W+8Q53e08-iALQuw3|L(#@ajaD~{%!&B1b~u*u67@nr3^Z6;Q5klfGF85kM7 zbyaX3T|P(3@C@hr^5ar30gssIvwiM{B!|6&o+#~j*uaKx3|XV8+?^+Hcy~V1gu1h6 zL_S6pJjq|H;npGUAqymYJ zJB1i)kWR7D4aAiinmWR`HB}`FQ&$k_h8nBTs|T=Ib0&qg=G`r+j(YIpvGY7Dc)h~{ z?>ALQaXfLbr7BEYTpT<|;HDrpt$vu9B@Kik&T z;CjdQ-F2b@?{?HI9c6-Kvzu=&>b8kR&z zl(mrsEYf~kHzk$L+oYao0@udlZzz+?JI{yVGgdR9FPRxTIqz4g4$H+dv&8eEfRx5l z>sv{VXKAQ!)EuQieA}T*tiPHFow`|6GK+!2rk~fj&fW%b4OJFU$O1;MtEn7rgCkmK z!HR58`Cs-~{EDH0izCc;1+YBx7w8Tw7y2_sAB1T6dOW!q-n`26okYCcS$33yz8*&E zGPHJ=OKg+X&7xe5_4&6Y;qoltu$j!-IoJm0*YB<|^T0n_U7npj7dM*CB76(+xSUmn zr_gEDYrjXgDjPF;Jdg%mT?H<*5vCg!+za!p%>-_XT#~-kbvy%JzNB0mLj8QhN44Az zm&|?Z2l&oicc@1Cm`t{%eF}9-iRVYVaJ*8_CeN9^Y2^Ud+Qa)!Cy=(o4l#`krV+>$ z@{K*aFWWoQ;68=gbC^nu&xMf(;u4kBE3^LYOC`^$vOhGpk9$(r9Z{JM8fZxMXQ}l1 zM0LrTQ~!0@c$^Ct68=74Y-Nm~tGTLjt&99Eg1=6w>KS5$U$QeZcynH~k`*0Nxf!AG z9ATd+hq4z}Vp&RS(JW!uC8yW!;0A9*;0H_UsgYYLR5jF4J4S90Z$U_NEv<6Kj-sH5 z&)PB;a?(a?GR1}`4+2S{dY&zg)E1FU|M|4I9mF%!IU^dXF&*8q5bA+7-1LAj6B7uz zF(rK34d4G*V_q>K-0+Lf1s_}X3$(aPVP|g(iq#mgU|0-4VZPSaRQ_-Rz{&t~#0%`f z2K1?og&T*x5JSPlHc?l`{0VL3Egp-^*Z4yTK zcj2)vy3Rg0*<;bQdLXXN^OESAF`SyId&ALRC{A$uh*B&lP@XkfL0^~c{VP^$VL#4C z67j$79G}E2MCP-5p?*s#1$mzFNy{Tji!2@;)H$i93L+&!#92SeP7U!N zYkfDzqb{Hl7Zjz38R6l^)PMbg4maf(X7nLX%QuYfd4e1(gS(2hW=flz&=xl-uTmuG z{h;hiD zC44BvEYR!SjNPwIdBD-*c}b!5I%Zs#7b2T_8OL}JV>-0z8GLkVlDiDa?E@e49hVjxqi?jZKjfoJKHh# zf%oT^J$S|H!`gVW$r(tR;(Dzuq^6c6;pr(DV)k~CemQ}ahVj@rXY?JB=J4iv{PuEL zu+Y@jXf}f~9>UQRQl33*cmZ3N`YIMNF}bIUC7xO@ocz6l)WsD}Ea;7-dsoVND?Zyp z#I2S{TQ?5!&Q8@Apwip;5Ek!HgbLnwKb9@$C!cR(DNNbLw<_m4Kd9rce1T9=^L^&a zm)=R-JzEdB1}FW<3Z3JFQyoh~gqZKr3KlEKY-M~jfiFUBq4bBk^3+@b)|@V|)g!$J zO2~VMn@GSZx$5KZE4XZ+wtMK!=20Y&@>bYMH0$_ZN@j9C;So1zdj)I*{&x{)N81P} z@#EDGmabPQ$Rd?zutDJJw_-+|GH#N4@ppl_{?lNxFV0bTTDJEf!xVAYlDAfyh)?HPY(?JsAAIg?U|WyjL^MH;&ze`WJ2p8B2D={=S}A-bD1dBhfwmmnX0n zhY`wOB_rWi15*qmiR#ptcs(UlOWDLgib9|e?#;k9QzTgvmWEy&8HlH`iqviuykq+8aUFO={3a0AG zu|kGY_)R8Zj^Vos`CWUn4)7LWBEed^-)<$i8~I%j58Dqy<=LyZt8ZWteWAS{Zv=}f zSs?8Trm*sgw$L&b?--(6WO^f(84NZr+L#nzdTtzOD!3kd_L;$~fG@@i!IeW@g9TNM z%G!jC!PO1>fN~2<3Gn6x`{vExkTGbX@OpJ=0)8)fZrV!@p4$f@Gp0! zIze>YknZ4|oY&P2H;P z0^gr3ghe^)a4vEacjRLeLWghm+dxUwsyujMW~G^+>r6Dl(>1(#NxTE=OmXynX9;WveR zBUoa1jxBA zlNqCEsm$I=2Rp;lqo<1&O2;-!xFVRlnR~{9lDy9XW@LoGuBzsHd*UJ6GG2bBC14`7 zqRM+Tqg>}R*~cGcLF9J>f^lIl83E%rtA5P@+VIr-Yf32pghArH0FUvyD&eFM_7G4&U**d?m5u1iz_HsJ(pmZuq9k;Ly9h|mh&V;#+KC}YzK5Od%58o&Q1?`#~sJ&WY@PX=bHO- z9LHrA`3%7dkZ1dOZDIzpVM?URnTj2kQMNBF#_#-8MnHbI0`|ZO?hqMr{Y|?a3wMA~ zL5SyL*UvX&+l#Sw#k3HM={-x;w2?KlSJ(_< z({~l0=B8BFjiftQDWQ5=ESZ)V%KN&K(Dn%S{7N4$_2;IA`4PKHjJUs4azl))Otrq* zA;U0!S3$LHT1C%>6TQ6HvlR)=S>m(D0IyJY96nf)_tp9YF(&<7JwX{+ZTzOHpWLg> zlAi5lE6~TVC72VE@vC}wZamRxQjYRe-(tR7M%f-bP<)K+G6b-mmzl+x;l(BNc<<3` z#T7F0zt#1Q(UEmw*KT*ZgO2SAJGO1x?%1|%+qP}nc10cA?l?L1eD8NO#yRzWullj~ zU90w7*PL@^c5gWBpVfC2Zj`c|3I@DCyiYPUCcBM7nrUATbXndG&?TW<%%Pv7)3R4F z!DAP^2uvYmyPMsR)Uj2g?y=;;POrb-W;O_wC-95Laa8{27_T$zHR!+7trh$*sU*<$ z)f#&L$bM0g@#pZEN&KxJDSuC_-pOA0>h**ESAq=#p?1F;_J4fBF^yOT*`kYls4KXv zSIqR+#E=|KH-p}LR3F z*Ml|Lg9DO6E3>U1)Y9r}IRP3cYVq}u>FD?7R<@~L9T+%4J=fizHZG5$mf7}RDcP?C z2jP+IEyPHW4ikCMfM`C*jrsmgt4WX+N<u^KSpTH zVtVT25Dy3fu3J3$FLBs+K5J1jsosc7I!j2BclH-=F_`m<&?U071b?NJ39!Pb0+oHM zP!V3-);n4Rj@GGP1f@A>OH4sMS@eI_I}4USWB-F)|A?S12p_`hl5sH~b#xbWmYp>SzhGJYb%vSu{S{oDq|^cuVlPv}CT(JM77qT<$be*BR~j1qrzE<7fcO8HE-en! z-@b3iMdbmz|1j-n=n3misTc~Z_USCT-4a!9|kUCn^%5CM;@}>w2dy>wN%X4DyxNM6=>C6pM1Cd z();QBH1lF?5$VXtKpvV9U^4laNMQNJ8B;#Nhq`_&FvjEFGO1k5Yh92 zL@MXjCzFvzxAC($L(cy7bR3g#I6+YkD;3#ly;!KO79cHL-B7P0ZaiB;+iay#Vla%Q zOPz(TKsCtRe9zM4!*D{Rm=ocUq?XYqoU!}N&wDW-9Q^CB&28_e4SR>+V-Z)?Ldrf> zZ|{Dse#IFuDka74oC53?q61lBF}c&5riSO~i(VQvgH+|Er~Jp?>4bW*6*SrH>wykA zm)!?nEdk^6ZyUM}@h)oeh1%CtW5LgUN1w7vKKk!blArq1xCj6Or%VV z+OVWju(p4>hw4u9ROmfIw10Q1w)HA<`xj(QU)l(}|A7DetB~=zsH*T#E=xmNc{m&Dg-AcOAh_cf!=u z$w8{W80KB-csViScOcU^xYCLZtSFLfqN1xt4M;3ea)J{t1>YZ1g?NP~fplq5Mo!kb zT5lk*hFJ4_rDEr)D)+fpZ_m%)kZbQG|IbH?rjHn)0jmk767dtm^S{n70Eh9Xz;g_u|i2wXrgi+q^YhOSZ{Oo>#%1mBSCVgN=x#0y<@y zde1j3Z>;$aA^MPa3e=e_rhu|FdS|=7Xd;?9AfUV3MsFpdJ&fa(xNBr;1Zt7mY9k%G zdfQ0YlL3khB-0xhS!;%wUsnriBJHpmk=s~pMHUPYrFCFtIG!Ae-;;I>uzZBp0eus4C>vA%}fh>nE%as}fuYG(27@1*Zw>v<;waI3C*QtS$j1doC&)mUn& zMFwk~p7w>s&;p5M#9f0jMmFkD(Ua0$fDtc$@%D)L7B93Wp%Q)ZXdU?VK$!Xyeg?h6 zs5yFt&<96ROYfZc*iA>p`Q2;=`RzhW#|b=81lBY^t&0`;s3RR@!C6W!vN@?#<$bvs zn+0dU^z6=93P_}KMVF-BMC2xb#bdpQtx+F-85^GmyR^D(lY;VaW)5vnB%5fZ=2tW) zb91Q+89#Jft*1rTbjIvxYW7QpgM3G#$O#*0{#x^sySv=kP&oK;XOWgn_ytA(+>Nob zA-Ytjl`+`QHbCEsh(xi{8vcB64cZH_o@__vQ$q8Yz?sW0&1cwY7gv6E} zD8SwivPMs}(1QnK;iaKXVGimFGW|{&Yz(}Js>@QnH4?D-uSV2KjINMlFkC%-pIBPc z1))-IGQ3IN+0p3*rRS4sP`1ti94Tec>?>DDTCU*x#Nn!27iK@*tk8oJ?zPy`A5@a* z;VGe+u&aIf(kVN?#%T2Q*N_Ipc!v+&_A=U*1PqI~khz7M1Xj%vo-dLRLACmASKeQ}y$gb@ zofF8(S{8Pvesqhk8as#cu)86dw!iI=S(siZEI1uq#H(!{94#}`^)FT&ls>%v*|}F@!+sQ)f9KiZI6yA@u#BIV!CqM$Er8a{TI&0ld9SPB4C8F~njA`7zV7MHdLI_%`;e|{1G)|^fI|Tc7 zc#WEAF@1L~c5eN@gwa+^pyaW9cI#ifv`>MW*vFQ;QAoZHen)os>SH1UA<{xCMvfo> zkRDO3#-ONLHy{@Jy?zIzEV2V}ICKxOSvf=vezq8FBiLXvjN_Ns>@ygHfpRWIm>x&^ z@|eQ7tWI2VG8Mw+j)@=r+m!qNd5|Kr#(E6S4kLFID0{u{>c5j;nt`%W%U&AW7 zCzVjWX^{mL;jVaU;qT4r-1Z@vFRt{`iy{*yKb+a5yzUeA#|uEv;sNE`Ltg*ozm{ zKa&l;v8s4GLqypkw{<$8;Z|m?-qD@18KHJjEdOV#;*S{rXyxE{4erw&_{B(s7Km|% zec=bY`6HrpL5jNuhk5G-9L#;S5Z{^?2%8U&zKsLNA>5WAu~KLw+qDp_{=t0J^nz?_ zsw6%O7%J5URI$`XG^wv1JS|?na8J5Kjs*;V1IDXH#f-J5AQQ zWFSB2l&>5xfoBf6Tp031NJK&}mbu_-_(%cy@Yuv!Wnm7tLgrX^RYvj}8j`2>WlB#l zgzvM}mtQ3|Pt}Kmx4CqK?jAsrnHPpC^Ja}sdor`{RD(d;%M0w zae+4;(7M+jum8% z4k#t$fAZAgaAr|U0x;|RFOF}{xRey}u5<#91aPKtIf5bRR_6k*R-$NslspYz= z#JYYlyu>)`Og0Qz!sH>DlUaZc=%X_brn@=6aO_A7X-b4&aXx#-DuIB6yP9F5VyL~w z-#vSDcM)J8JsvFg@p%gBb-g33-JMx)y43<>_rJ#80#7?@s*LZB=lQPmbJkGFIjSXU ziVQc;C$I@z%e$HGbM{r_OGu`UzZ{Ls?uY`{ zk$Y1etDUNRtrt2Ex2+-CrRu%ZmY3O)VBoI{Tl)cQpajx7VZC(*}I2_biozL>5`?W zn5kEKQzJS%^9t%M7w}%85MK2=NH$Kpd-*6cRgOPbQ!#&WeXc$tSl^bMb0{F8^p zgiTcW9T&oIvwv~yOx}SW4_t1WBkEY71AqHX zpj^wf{cCec=FjfE(|1{KN8xSCcBkocsGD~j)sxy32{niT*z^qfh9~D|>ZnmqXDwG~ z7Ik_T%mN}$qBB7B=h=R8(r_63ouAsA+f+L5MNCReTz+G|IYA;5`QRE{A_KW%*LB#f zIAU%-H5(q&VM?SQi^kZ-@9q_PSm-;kCiR+h@TDym)VHnl;AVG;46Du+uvEJ zbGP_%%@vpI!>MXaP~o1yr>Y5$!vgGfPp6x-^9bHSX8TDpl3}BZvLa!)X@DW z(HRb$BK#;ZDF>>8fP-<%0Xe#O@8et!)Cm(nA~>Y7-4Qrs5Wr5#tH?Pa-jN*wT7Gfj zK>c?OR|IE z>>L!;ts5`Rz%1{DZ6tGtj4`eh>&4u+Tdk5o%Z@)9E4tqS!H@XM*2Pt1-jk;@H}0l} zM^No5`8nKm0uH=ovl}Bb816IK=4x0;*+5xat*9!D6ayE0v9xr|f5`!dXAa6%U&##& zq%xLnYXDj z=D$elR5P2zK&A7dD0m_eXlLy-Px>=^YZC~#LNnA#IQw(W-g-=aaT<>%zutvFEGxyn zZg5UjCWjo(x_5F*c52J27Q=a8!|2+3vE^d;YD=2#*E@Z9c~92P&Y_JhU~TobH=c1r zFqNhgGKeIdq66y^W@NO#L;K1P3K*}J+7B?i0mP^^+CHvc+;QmaWv7GIfT$OhwYU}g zGaho6+{BIX&efjUa@EiMnJIlZY=5xnBV<#D(!~jb}t@ij&RjXLz&g zkJ|QL=Rl!HV+9rO-_7yvt>V!rWc+Vyc$ojl`*LRe{PHTO>O&s%PcA8WM;YVA4y#0j zS2eSiZF^&i%s1-@Eeh6Q^Gp=H*`afvPPf$P|m`rul{z~JCLqfMA;oW7|x&UDoYs~~ak7&mGj zdvuA(DthBYw{2_tu&cC~;=+G@&h`0+MEk}pe?)DOuA6^IK&B2jAC_otK3dpr{8+?- zVZilIYcPQ%bxL&YpxAQ!!#Ti~4eSNMzj!6oD?7alE%&M?-3D}wyuMiA_bunHY5|Pe z;q3m)WvvV(#js~`a)vH11DvDg2%j8e=oL>r!ZYE3G-}As3l9Sv}wsqpAaz)7V*F9^cVnQLskO&*RzWwZ1gRH)FP~`7A*@IPC&>9^MV( z44(A7=>xcy?jY)=`o*(iQ9TMi!Fwi2*!t!#DFjKi%HAO(1bZtoGy+bYqTE0nq=qkT ztG}&)Q}0wF^9}glQ)kimPjn%V=b0j}>;9|tEE)YtRsP$J^R$r`W^YXDT;2$RTe^NX ztVHw)&?b>vY2DiIK(5}tqg!|N_9vW=D-LwRFd43B%-YMe29cuTz|wd|sbI|L{II@T zu(A;wB=;F}>dQJXhPMs<0Ui7Ij?JOR0lTu{<1Qr#1N003+0}l#Bqrk7@V!6Tcx4DF zHgBKbm`8^-wgtH5#sim`<9$jyPubET;lv*Fg^U616yg_*=twQEGOf$0J@<@2J;^J( z-##RFc?b{!kBv>HJnnkgK>s8Sp2wGr9+)ClK=`Oo{exruR|yAHS*AQo72F=~TcK-aOPCuFC43as>-$1g^B9bz-N$jqVV@*wulxs&=yuyZ?w5dv zclO4b1*dcifx3c1BULG0y{Q68WMcSW%GGP zh)TU7+++yM9|#~JQ~i?7FZ7F#BKe5@3srdZYSV4bJ4mw$t*TUg_*D(lL-rhkw|5`zwVW z^Ecmpn@QQ!NCoBh-l>H*$8RkmjOw`X^bx1q|%xJ zM&&!*gtmxREtf5p3!Wikxk_Fueu!>5?GO|&ql;U1@szr%s`95-F4>LY?!wA+vyy7S zb0i?ncOuE&d-e~%_r-3cyQW>fo5PjN5R ziw5pS!;dg5GTx0cEOBJ9<)(8~;apz~LT^$-?GdyxvD(11dw(b_7Eoy=H0Oxx{M_{# z`2uEf{wdVg0gM@I2$A{Txj45S^yy&7U^6x3FWX2%4j*olq44{!4rRMY+~P*3tIYmM zwW3@d|JVKHmOyd7_HETtw2x%MdbwkM1yL0>b1e;{op*5e{FHCfFB^76y`Q2V+E9m* z@_m!1P^;`H-%AX%`Pl^@+_S2Z5e7od^CY@s8YwpNukZs#4`fu%q_#1JIi1z>2tH2X%gLo7bh zR4s55g5#4>x~|41eQB`|C={fHVIn|6Ar6qnpgSMDeACP^Rs&^whDwtLe<< zTu${4cr253Uc8y+JXCn>PgxKZ55wKj_zB|1@YEhw?7((UX{%WRopEmEejHjk7Ik~! zSwNPPMRPMBRnjpOTd{7fQs&+_pMj>gwX?hyN5^nA2TM>#7wY_JtMe@jO|6EYHq-EO z*N5d(ba@U};^Q$V!(DX$O!KjL(Ly6E`Cl>~&J}t=WY?aBZCluTnak^2eh#C|Yo6-} zR9jM1(Fb@K7UA8?%pjstnLvPgPoZpyyleF+PzeD|UoQGp95lFr6_I5cW9ymUYV`@r z&Q9{bs)Y_c!o!Kd1bOnix6lcNU@^W+DIyS98bRUuSP=lgpHCL!(@QlESh|tONsKyW z?L_cqd>8v%&5U?@DJp8O9JWWJayh%e8zGgm{}BC%gEx`6ge2~WWM2aU`1^(J4aO@g zn**8yi3^Ud=X4bk@$QKMdfE8`Aw74Br0^yA0|q8E(4+b=HrJ`oSDT}hT>sorED?PD zDM%aZ5BO;EI5Pv1DklDfLs03qho3~-hiUVnAl+GXYIa@@Ois1&1cYr+CK`RB@1FjPt4-BE2c zcRm}WOKqASr47*K9u$k4htHd;eh1a3%fUr%zhyg#7*p>H?sg-Rk{&j;`=>O68^vN& zUCA0zv4Ut(>AV#m*Ie`j{V)nJYy~Dp5Q}2B{is8?(&}Gfin_i}X^=9OnB?VeH!4Wh z3{2CUnmT6z4CI0FxhjvQRL4f$4}5R)qs^N@q47Uy$84<I z%qzV7EwHqCV8K;2?EZdcZ@gnexhfl+I<4t><|^HRgxv5NGELt3R`%Ucd{bo#k^aEg z$h#dvqSKSOB8TDNvH1GRKzpR$Nr-dNJCgfDPE8JveaD6)6N_7nPH3Q?25KBL)|ziw zq7yp*p{WFq8O3DMl#sMKZ|34%<nV|`k~3grFpHBzUM z!G|MWQZcc)Bf$}V4JV#1QHfj^|HdXf|tCM`PCTIEcNzRY>g<|5v8{12p%_!xhd;)9mBiqYp3L)X{ z7HQdS(h!Fo$#Gj;N@8=A7>?_2joT7&YD=oBX)$R}tb_;AyJaXPTjl*8a?{*}_RiHF zi>KBW(s7HPdqdb1N+e*^FmTLwtNRI2m*Qh6?y*h`rK+!Q2zc#<(up3ks@^je;GwO= zg%&jkr}d7MH5cp=_-DZJq!U{Eu$~?*T^{ALd1V!RbLlPZK$TU@ATQQmiHQ)zlznj} zB&sekd#x$wBxvAc><;KLE~<98^yoPmJnEix-}WKhSa^FYC7@f*-{9fORAy}x&SJT) zeAym#jia~p;l)>Bg}33?E$;@N(E{Ud8~6l^7{G~5gp|-@*wD2Ik2K8Rx4ewTHIj~3 zlQEqPkilNX-y{rC&YV8V*Q!m|WQQd8RYF7!KG(|KPTR?)H7)~_>=&Lv>de|-Xu^2N z8_`wzt|kg?pC9SPay%Q{NS`Cl)KKRkX%+QU)nE*Uh6K!paMxJg?1;Y>!9-lj^b|2> zvzhe0?T`hFDtQ-dUrI*ooTXik?JYuYBSZI>m~XkjqeG7(@=0&hpOuHwtohaH2H6Wc zwf!Ga-*kNGV0o!#F;&%1~~csYU&lGr9R<6P(r zgKp#mpZ_$_$oRz}SJZ!K5_WlAi+_y4LWC}cFtg%2BS1&S-|PlE#Tvs%O~)Nbkq9yA zE3k(B$}`Ja(r3j5)i`Y1p^7bpjuk%d$)$hU&_CDJi1~HNiu=s}K4WNVIEw(hgTc<1 zqRR3x#T4{-6slT=bR+%~8H7|zd}><$w&F1)DyjCj_+E)~CO)isz7Ys2XB_$`(I0fW zVSi9KrVFTag`7ncHvYYHl1IKozG72J=dBg)ELEkdXLoE9<{?+)`oDH5bvDb+O_|Lf zQV8aC{2slgWW>AS#+YpRvgCnV$uM+?io%^i)nWiQ!9_w5YEtIeFoVso`UH6589sXZHxmmWz{ec9&ER@Hapd;f+pN8=~y zg_4|KI~3HXbE1@GK0(#P`bSs5v<7QFY;DUf@iOW?&rdRVC$$bRB%5pO~9NX3kH}Kxk^R(A; zwG%un!6P>OuGZx>GfK^;SehyBD4#v@gqMZU13{tY6F0KSWrBLeB70*IW>;zUwo7|E zT4j^v>%VD?Oke$)1=<0)pmJDfBhtX9g#&s=ZnWNF14ewAOu`<*SP7wArTM`|4C=<1 zurs%p4cwo&n?QQ&W)Tab>;LYriGFjCZEQF+U8beIAma1nrz{#b_8^>p!ZaZA6&eor zLAgB82WiO_&RhqkMNY9zU!m_+>vY>+Dn9?>5=g&mTt_5jY=RYQg;HBa7f%kH=dSGN z6UqEW?*NPlHasm>ld8D{ib=)033 zNPMe%jQtiIdFxj%4+;%Ze9m>IGwGx`*m{Ve#Codu`kQg~3+qWf5Oon7q}ub?$uR$) zjU*Nwpre)lQS$$PH2eQMocf}F)3mGVn<)aG$lj-L*6SJfj1FZYTUvf~DAk|MABcF2 zxPiplIKGx?5sau=%LK-w-+$+D26s8C*}Z9BcJ1u#1@zU)3&UalO!c(u%xf5+{!L;d zxKQ6XhP0h8+zZ5}&FwOXv@hIi?>}(`myw zO*6d|*aQA9@=6YDbYFox-)I|HTtp#^H$*}!583bLhDBS6PmPZ%B>Es-mNX4%I^RbL zzR~|+C~I^$QvDQq!uopQW`r;0cXX4xblfbU;nw!rA@->(;|<&~H&x#>Td)^j3k(7@ z-y>3C(EWrECbYQF3u=3h*TT~g*gN>Iu9xl;i4ewOJ1_(LA@qvLhi_qB$e}0opqQA$ z+%x-5H13WQ65|>6B>LuiAW~i&<0$6mocGAJS`TT`0bn>sX2WvDu;@tz@@%q+L1@X$ zvWjc$Ju8SpU@<=);}JD3ceC*=D)OC>>IzO;Cxv!q{FgZU8|l(riD4JCPm$`cRaamJ1O5Iau-fGo*H-$3^>5eJlG|y)kEjw_cHj&nz4>Poh_B%bVcK{uU zWIrgbM|&bjsgmtp)Rt(+@4CT`zNdj>F6rpZ2YuA&y(@AWq|)?HbaV829mN39l;OUMvK~xZTc6Nb#2_fQSUT^ z{5va!j(JODY=ExL1yf1G@V}*bk1WZ@1qQhG>-D~BaV=q3NNYb4m3(wZ{$*xq{b*Rtt9CwgwV^&FrdLRkN%g^ zYwW;+=+C``geH*uoE1 zN^%;~)LCVZ<|wh&ewoJMglb@Gnll}mbX7<+YG__aS(U&Tk6vPU)25!)y#Z5n@2&rv zsDzCu5kqo8Rd1jXv>ATS^)<29inQR^M0g^p=0QF7#JXecjfpcgWurtaeY@^Cv_w|m z)1grvG*j5)u0MLxFZUj&zlt3d!UEaOj#b|R`H*J232NCfls%M zKdLGh*%W`DmF+u7CDW6S!{FvwXRX<*n4KHhEslOfjZ$3c&J#$xxsxhj#Dkih(J`|m zw0-NQbf~jga56h1tz)%-#ePb7e&1uTL0od~L_Uo%m?=UVvuL5H{vN!6r1TWwX_%!I znYy*4?7Enw;mm|& zRb}on+H;|}l`RnEB)j$5eTMI&=wiTNQe}C987}RU%)ZUGnQl^KBL~-0yY#l_n&S(U zQ|`XDbz5DY?p{h`VCcFXv_4^Lr!&9w&%Gu>+Sbd%N63BPWU=));1<(^!tgjnx&}VTll2fj*k(5qoFGz$QM)ctr~~??{D`^QT@3AYWMNJDOa$g-bY3V=bA4~owX+p z@}^hsUbsk^TuzUyqG$jFd0d6r3iyroN8^$*SNw1CnalW`&+I`wt10J zRlBqrEAhk^SRoa*R)R)ePSA}uOTL(x^vvP?{_ ze=2JI3S_hBzrt?HZk0fAJMc*Xy| z^HBm?l^%4rjlP_Mq@^kn`NluR*_=-c48HWk%9l~*(NOkS4Mq7co3s<^!S;1EwBGhg zhB1dqrUm#>s0Vzs*dDn;`LT63{Z(qk_)(8 z5Jj$tZDOsB6^7H#BWG!RDz2_W#*SjFc~R8in3WdJIWxhv z?fONw>R6lERumcG+sQ{`8bNp$`YoRBom8~8^%KH+m54SkG!|v<+dn|Y}7H^n&+tWm0bO{k)fxt}aRSS8DTL<@DQ1U^=I&Bcv9(ATv#ux_~{VRqxW@f=Y zF7f@y^F7k4J7hHM*^Exw(&@8uxPi~Smy~mnO+TvJhNi&cbDDvSL_ro{^i?zG+?dsaBlvVG3Qz_EjV>6=<|qQP=?fq zM5Sy~7C+@B6`y07HBUZPK#gd+%82}>84vokX)3TZfJ5`fz{tz|8IPvrwAI$Ao?xs_qI0_ZbY{zO4GUaYw0;Ej*>7n4a%i^+m4^8-g`4*}+=3$9kO6Lnm-?@8Qf%7QO5<~kx0*>G32 z5Oy^Q*Ei8JtPeopUtiYpIQiQY98V2W6%FWc5O`WbX1#?!xsud(Fh>Zuc>TLmhMWKI^Q5vfcD4bCFpu|!^-5zL?U!^S=g5%rzexaZA zWCNn4y=~05kL13P#ZGNg2U&ghEcY~D7TN5XUU4)QX7CFP#wR{UjHu|Myn)#ml9YkF zWt2yFgz>xulh{%%KrSW-wpxAF?+=$U@)9A>8T?)vk#Y8=H3OgO4Nvz7c`Azx!(Wd< zZZSRr52~9k5bL=Mp;?D4V^7O{MmT-jUQfGbK>qkD?0VG)pm-3=J<;3DEkf}IUqb*? z13LJKp~$}EzaN<|c3`LG+qZ6j26a=6c<+24xniUWBYBNNQBA-VG#@ytP(rS$%OhV=@#da{mBx+h&g9S z@r5A{T?AyxOc|NVQ|U-|E_O?OBouBR{pEqegu{R+O?vGZq||ZlN3zp)cg2Q`-RbEjeKBjB_n-dLlXJnpoU9CYG z!g4{fbe1h^2$``B7=l|U{AeQMap0RE(*s)Pi7C4N=$7P(TyCi6Uj))+u9DO>O>iYL zHNWsYEK2>Jt3Y3kF^rEJZ8ia|^PTtJM&~=$69*3J8QQLyn7H{V)@=*f%Z}3bKoh5n zLo4FQ4|+V-{_%9fqjH29R>mha4&*VPV|-PC_O$jNY}=cV!#2TAZ6f+6OC&cjl=)jT zUn>cRzeoi6x0N)yK{` z2bgg`;JM5-%CvWattSHPVq^^oHydRHosbinkA0*;4@+?z*^YO7cZ)`zxSSqqJeRj& zUsP`BsU&%qwCQQ%9capNWw*yXW2$KVv5nScpg4**tDyxbMdD z%Nu#e>zvz8{GJ!w+)Vx?8b195{4-NmhG<IQ3fqNu|Bc(;aQln2pcQ6d^%9-5MvSci)GB0TgBoSY!NKbAC=YxU4Zyk%sHbrP5P33% zmJvt~}W$g!A5e%yRz z!l%C6+TVOyNA7%H+F?rTu;jfL!T9(K;H9DA=^P+poB6eP|GaIGOQ(R0!p9uYye56@X!dk;&(mOFxU76{^q;5Rp8w$$cb#=#$Fq;{BJb}0c-TsF}nliF^SRB@Y>NO z{_c_|bYI~A3?*Mho$jctFuN>*DA`_HL`VWho_!H_TxY;)G6W-}ba+wUEcDp*gYrAL z_W%)7WxrCs`#hX$tcG&x>D<1K#px=;1K!ffEaYWj_T8zs{M&i{j>)BAe0QT;7W6J7 z{%(8t(<62$?Cuz>YP37Yu*zz2&}OkHw*i1DWV?xH#x>qc<4r}W9>B<-# zA~7{qVAh`VXZ*Q-bt)08K6OH~{W~Tu7(hhFR7j`@wOxkN3^u@wxHBbu;oOJZ?y6gF z2mdl42Io{mAS5-o6}M<`QGneYq8GMfusm5;+$hY*n1*mj_Znt4XMUd1)vku-_h9B> z@f@z>$ppUFsOF#6-q6T@@x7*H{J6Oeqw3lt`)dsi2;H*_jY2 zyz0C_>~i7M40!Olb`II! z(qG8S%kLLN*Eye89e98BGQ}5qhJy`_pCtE(R)O_)#X)I zIbGM_$glHHmY7)tH#mS?BF3YE<49l%xKBdljjcF5y84>#sza8BoF{S@cihe#5W zB2i-zktN^F*T(V)-&~&~d42D4(jp1yJ-yPy5_RCZl`izkkNF8F@TRIdPsk3<38m#J z=ql{j6-7*yjYh}Fr0k>P`5JbT-C^eR1*bBc)W{hFkQb{OD^~bM&!QH(m(6yuQeOEf z?>dS8br}?Zh$AomtASq&^-AIIALYQS*^HlR5e#-)cv1`G!~-8cvjAt;rJax@J&ZzUHZji-ZJz$c15z@oa~W559Jlh@H}7F+6U-x*aZ1m z8>~d8IN=1+^E%<%jzG0)M0Y{_>)i^>rnZCQf;=d$u?kpr#*ocH9_m{(?*m6dVE%cv z^G5|-v;FauT5CeTJ6Sr~{?QOriL@kB6Gj#hTT4cte6=oj3NyXoTT&BryFg|)83 z6`?*3E6x4_2vf~0u{3!b1&GxVdi=SN7zIb)Ik&$vFhO-JXF{#1HMfdN yAAgjrL-wz%)v4P5Z82wsw6Gsy;yk{CeIk6bgNg^HCenWceI!I=g=+-$0{#!VHC#CJ%k}2Y}MPtE-HilMZTHY5>5u=rczz zPcimSyFWGa001~ze}9-dAo;ccz^9{UkJJo(K|~s7AfE|r77pKOE?Vjb<>{6>z7pDe z8hl9%EUrIF5o)_5S{j}xTTon*xq98?;@bx8r{rfRWuG_1L`>b92!p%v4L^BWCFo@$ z`|b(L+>0y2+1rI`9FIQfUl-R(@Gim*yFpRGPQHus%RR|;4ofr10cCfhjt_SF2<>G2 z5zu2fplJs=c#2n|Y2`5!qp~sKbOeo?v7yTLM>FG#;EU&jnHjsH*8!}ILjMtfgHdFE z09<7hPtP;mXB08lPq;IRYmZOPG78o3{|hI6JtJ!wI2f^iD32W*?JBaSIh$dE(2Yln zWig1R-5hAkDej*--_k&VTaW$b-g7Uo0uP#$=tn!-lJsrKxQq-`Ms9@nTjv4$*xbaC z89*^?`D!qMd5{32`%jc-&KxGGGF`pat=dxAYu*EVVP@vmij<5+I61Fe=pcAoX#|kTV3(2Ry^kEGH||McL!- z#?z+pT^Je;GvV{?3VJ)SEMaWS*l(kbenUrF2j|1hN<69YMmFM}xLp9Vdyu&X9erQXI!rsBkjqOGyp|CxVz1kxy_$$n7{(w;- z=xWjU1o!fi4t+s-JL7m5UQzaIm9#=KCeV-Zbc>xgE`r1#|OiflXq33W+GZe;`{XK<=z~GtsU*x(WBDO z|I}#{fjPPqLC^c#D>}m3rUAeUig@m?G_i)b#&w;=^Y{_nrFGPnMDF$3BIxbvb}K(Z zq!t{Cd#a|+CZ*^7szskA$}KbnGzsF92Zv$${7uVf=*PodFqGQ)4rZ;~1T&=cPzof&dhfWQ9*&c7(q zG(Ot2Gi@^rcn{ZP9xY%=hZdsj|lX0Lt1X{`)J@L z3w=mO<({Zg1nDT6v%8cWsLKJo0nMcB_XUJ5jM05FHED;ei&k>S9|P6-G-rHpB8!D( zd@&ZBFoSdxyr2CpGjx~)(+urB0E&clq$99+>NCFs+$ig>ejvT^sJ##QjrC7@^H)q3 z#zGw3>r&S{_NpeHJWb~CYwgMU^+S48PfZQK7_HG~FT`1t6nE7c)-jMfhD6t7KtFb) ztotlP(I?LQ2-9SdGMi$u&t$!@n1F$>jM=l*fQXcz>uBwknQ}_Z@-smHE5}FBZp5164ClHERXga8!t$?>~u^=EQ6Mt7jEW>I!jc7Oi;&e2{%<4Z%` z2fGrdS*{i&Hkc#W1a7khEEqe=BN_7S_aqjdR&&Ea_Iw* zVged#jH}+{J^g~1e;WX2u%7L7{o~v178ePNw><`S_+cicWq;aQQRq#U5?!V7m2@e| z{-fcYZA+~;C{l46J9{1n)VYEapZ|6nf=tv1T5N^l$B%{*?EOlbWbb+axF{qL?AIp&WXdS9R2MJG>mOOjb^Zo%*%*fwvIER;)I|D zFkqK6q!N^8U2Vqup~2zTugT1=H0w;PhUb9Q@=dPGW8PR%?S~!s+vPqQcHR1KpudU4L|n za0%79Q&^(B7pb&E^NK4m*#SZDWiRS*ynus3wr2Qd2&t?b(CDk?u$dnt4m-#~LfcXm zvLUXZnS)Zrg`Zqp(DeavsMS4>Um05K#nN^+M-S_#_KSdGh~qU@yMsu!ANZiGv+MrP zkIm@mIxy{0wqBRRv*oD=1aDJ1MS zxL=khNg$CF87-XDVntqCg9~QJ@8XtvW*R7%JN?Bb7!S0w^7Kw*Pf`CioYqo^IE=Gy zc+5c?eHXawl7UDKQd=0L&j=!FJfCks*0~GI)Bd%zcdUxQw?&9Wi@7>wO={jxB;2KM zgWkyth0$kGi))v?t{wb1eK@!{-tC341*W8%gkko!cNBr5)5w5@0oKxlVp@J2nH_k` z`lwU8ZVlLjJ=zIUE-<-rqj$V(vxD5}g&Z#o>2p|Y0tTVTTbT4qv|f!AmD}TJ^hAKp zjJP6>u&^o#)2+c27}en2O`?RP`04-LQATC{Mp~_s_KK$+vb`LZ*rD$Ybih(}Lc0ox z_ju*Dq_68|`wSb^Kn=%!hYoZ|)k?6F8qa3-;kMNJ*7#paH#h|-!LAV8EgU&WyJ^RO z6oU+!I+l?Pu3G@k2%@~3EZpe7yr6#7i}|F(;j)XSOv*#AORa(ga$0*TuaDhonDGTpalrnY`noxq^kV_4|uQI zta@7ek%VXCFZO-29PbrcsMTv2vUA=V)v_dCGkw87&>-JH1<*jm1#~12ejhA&A$?9!?;v4VoFY5b_q#uey z4@WUh3eji2S^jGXfbzJlJY!+iM{a0}&9?hk16K(7L*2RCNgU29x5lmZE>A2vWNgS^ zYmHv8vzo7lQjv1qyqLvNtg+3pwPF6gg-<7p3^R5ETZrgH1)2MY8U9sCmgS0EDelcv zIeu10^C^u%&>@OrjHQ4}Cq2;%NOe0LQO>ABvRv{d)MJ77U0uF&YYSZL+iTt&2GWLQ zrf>MY#xWRQl3$Ohi$vfU&FE}s`YP#LiKB+A_da%53|z7Ty1aFSEuX}|3Pr1V&dZmo);8B+-;{qCf>CkQ@SC(a`Cd*fZ&l5}@b1(p&I;+|P{X ztw*`#nk+UNNjp*_0XfB~hZTWqtr-T?7SC^e-&Fay6@I|E9f3KBfNp1EYDk7*-ftHlq(%)moP=CH9C?5>jd9Fm44tY% z(%bE5`a!YlRPA8Xcg6~5hv;JHAQL8|S;!Z41NN;OjmOWEeKrc;wp9->Vn_2)ri0%a z$#%+k;}famNEoY2;xX0@xMu*gtMMyw6fxzfGV4Ij2>dlHba#up|CeQ&MgTLQ4C!IQmGFKF#86BalERH$TG!t6Bj=`QmBQDhf7g)N zo%mZ+$)mU}|sodv1`UTUJilg7sR& z$Nwr%^)c0oS(u2F1??5}il=~%w@p4X|2)NQ`2yGm9rB8x0JcK}0`W(Ca(qu0j8wl} zWt`3OyDOd%*_$U(`G4zv!M11W|KMUse$C&{{r^!U{J$tm>LoJyMxWKv#P04^9rd45^g7ypj?fq$bQy4L$3HlQTRwwVAS4v2lsVPYX@fCTS@T z)u`ES9EdC=%_!P#4*3^gZL>Fw2x!SWBh~Wq6jXE<{w#$rbjazqhO3cN1303d5^dC# z#O==rL8>9*kERK0LX{hK`-!p=FwDNk(5?sH5cvbSkK#q4dq@S%Pj5GmXPo1i5h~Hr z8k&@LRIx74C`M?2sXgMO!s|$+!5k&9pM%~6J0YQr!k5lNXS#h zxj=^>L`#4jTAhy5>z5j;8Bap|BaXmgcyq9lkX8P;kGcg| zJ1C7WOKR&gvVA_f%X+F14~b9ZR3H&vK5^SoI7`ctLZh^_%(P${Wfa%%wsR4~H8W#k zVV|@*ZK83nm1G68d@Ln{-cHev^B}Y{hrCo|N0awcf7jC*unw>=c0-5$tt{wy>6Xd~ z#?bXEUAmA!nhr!MC0L6@jR)!aV@EYH;v!)xo>8v;i;YUV%Na2^PMDFs;mYKGdV^*; z^-vKK+tR_d7I8`*)-Mjlf_<l^n({Dbw2$^p zZSPP;CXK)SbpazfCU;uM9qFe3iDm%I!H2Zt@eEyT(c5j^yez$%<8Ds7bxxq*jc7*v z6N-A?58|`8zJY?R_)jEsVYi}-7O4l!&Z1))NV#*2f2_|#hIRJ(4QOkJKpd&0L9-OI zvvf^tz2O*$(wMKWgiH!BAW72JaMdRALsA1U4X(<6&|S-> zYvmzzoXEOR$Gy8#xjjYW?A$V#gM8TSmchiFKg3%nS_BbUE-m22GHSm)^oBix%ifZ6 zCB^UpgUXcL>C@18biD9vDQ**cJsNnEvxmw>Pp2H!My9Ibw-gn#iAK&6{EbF41t$&y zIQO~~@ygd7K)T3JML`DPg1(@3x+7xhc$uLp!C{?uT3tZg%3``P6Aw{OJ4m~a6?hoU zyl*Xj4Pf$V=2}SfMce6qE6F-?ZS~Z31o{cLZ%>y2d>t+OX=zb@ufM*>rEz?D4JF$p zBxy891g0g0ty?^57K<6pj<{~dr8c*d2y;yolL#~s8D1z^J7}-@UZ!|nsIL;7Wo$@J5GbT6= zH@GFGmQ@KbhWl(|%`Ct&oj;)os3`7Wop{>rGYK}Ex~*&`k_rznG=?e?~J8t3|Nnz>ti%!hDEDT#K+(b>gqo`@E zvF#?Sy4Ld4hkg<}EQh@W^Y1+F(qNfAia68*Zxu%sCwa~42*gP{kL*D(2FJfXr7lu< z-QqKW#5gTUWif}Q*FM>nxoQ0JyE&3iH$q*q=Q{kl;P|HB6XUHjoXv@KI@8xPV8y0^ zFR!B2W)K0Y_Mm(O>Ntt5-00fmE$MC54Hz^;e4>`z-*nS~?RMvM;fYpokugxtzVB90h)#0zeRsBF}?a z_O5$xah1{Is&y|~+qlt=8NX*>(^tz0Ouv0JUEcremf8RLYB<=<*4z+g`^w+^36I>FH_g)#4HCo=>3Kar*>Z zfQr+TuNtAcrQwycmlk=YM!?n%yo~q`yHJra;fim5UR^OM11Q$ih-ZRRilA7=Tx+4C z!k8TL5j7jBi!~ZV2MwoINh~P+T?Q+0x-K^yrv%;SE(Ft_~sFZGqnr<)JyI(m>&BghiQT!~}OY zO|DClVa?$nLCsBX5*_WTT>z$aNx}^E$Z$<+^sY!q4Q zY}U{pB|9@?Pb;D!odW@-vADP6T+phrKc^s+>4)31a_B8hxb*uwz_A1%B@37Yq)sg_ zoUy*|j6Xj?&E!meu}Fl#8(ZEK?I4 zI#?QraZe>Eogs$U!JD@fvSPI+izgt2~(U~6exJIqk5$%yBu60%8MYq_Rj zvB=)n8oe8|Z3CrUl8hHQ{^dPt##k!oCe@fG5s|R8M=ncIQQN=8GHM1;@O_Wn(B5$> zQN;ANSfLejGh59)rh^>J9iQpfh$-(@Nsa0CX(+Y<5_g`eHyX5DQsIPTW7|MKW6_Di zqUAneBa7qPGcYqjnUUNqi~v^~Ylh@&$kO~HXjyB!50A0<1g8n|9MV^|J{AW&Mv{|_ zKPU9#eNjs8E5bZ*bIjcva2SCIC1v0xIMYP)Rd3ozZH`;-*!x9MTs2{`&^0EWgCfyO zw@0vcn6F_>x5X|R2874%PUx>pd?CN_OK#{0AYP##n~}OS8sSxSW$SUgoU787a$UrrannN6O^nJKF8Uxo+rIVj~d!DQiKHHM$&Fej?$Tp5oO1uItJ$;R_goCxO%-0Sea*Q&=-9 zi?y!NVFH+HGpg*O!=S)MI!Hc?vlBMg5MLbdF(b@Bsu*4eyK?tny^#V3@lTH5)Y58G zcOicvzc=;R{%8Rd%Y#qd!cYRl_0NvuC4Hu6Za`p**;6~QsS8$!=+BY32R%z?u1hKj zl8>RjGd)gTFV3%=8ToY+R&&lHIxUt|pj)??g0qc>_19LZ&%hHWO?Dg>4ru$zIkoig zV)%s4PlxIa?&WeINB_rTug<0>Y(R-sYT}tuU_Z?z#=3(o!JcuGC%UdOqUu$q!-etX zN3xAZ{(H!aBOb8XVth(`Y8e{jrg&6TAu8c=)STVZ7?W6&8oE$}uYXcnw@-`XmA{Fa zh~`qJovyQ6sp?FhjO=S`VyOYVtP(Vp6O5rNN9+U58tCsv(IKZu^BdQw?_G z%5!n?br^bP75pjdT> zMCWQuKfJez^-goR^EjaVY-ccYJ_ipY>FDyQe=?B13Ss_MB2@p+Gm`QPfj@R~qqO#a zM-0IpE!N*pGB)%do&KHi^*>K-5@ns0=Ru~&WV%r=2thk??I@;wP2q#eH@S}e@Aa#X zrf9{_d~(v^dKxyvDiRv7UbHwUt)zG80|1mei|YYOneSbC$`U=wSBxBHs)LW1aZ+NZ zm{xH!H??ro^`bvp8?vhljJ(-#<6<$VuQ{8#-O1zUNpVLd`fHvo@G%j@c=%r{wOJD< zIAUORhR^q@Lgsm+-p$k6ihvgr;z0m64kfGW>PFWlYz3%0Llr$dId(FN`j*`4%Q;}u zWFJ3)LxYqn%Cm`>knr)&qMb1Q@-~tr=~fmSn7R&nPjz*3NbM0YLJlj7*cA@k5+77; z2q?OTt-U(oU@a-+gE5JIBi%dHV5wHVQANO~BW*{SUI>{k0F*?skX}owGjsg2Bhhem z@)ua9>&V1ss9C1_QsZZ@njA4&pL^_ZrCYn#tNS7kxi;SP@j(s%j?Y!z&V6MHLx>Zc z&vm)38sSA*`ZnBU><-9$v0D$2BLu(li6TKol7bkwEe>m2vn$mOGrou^o^juouAcEY zJ}A~5Q>X}-&f+!rMwNI-f0|c%c}6|%h9j9t`O`Ml;vj%y^ztOHz3os{ zrJB57?zO1Y*5Prc`ZRf`$y~+0+I7!YxZwvx*+ZWfYeMYGM<;1)x54jrAt|JtR|)QrMVs{@*L6(hFqlwC|~T~K323W!ae(o z#m>YfKC&nLqBeUz$@7B*$K6)DjtHKatm{^HSvR|{oO@R=I~oA(G}@l|Iu*yWB}$Ge)$Q@EiG z#PG0q=6EK}6WbX1bE}p(eDWx@rcl&^g0l6lsKuNjN;ZLaEvN7BC`QWqzIx8aE?z@( zk#};s^%M3~*{5Az;!M|p`hLOfAlC0YhKrl83D#cDdn8*m`yPe8AWU5Qgh+fPPv0Y^ zX14MJp<9P_?n{-A)Y>@@CiGyc=L&EyIOVmIM$V`bJ#M(&=e=`P(%zD_fwQ|7=t}4C za`e)cPu=q8S!r=teq6Elk+nx(e&XBXG(SC0V~h8L7Db(R_Rf-wcjmqI?QM&1ZjLve z1(mz?6zs4eQ{UMUdE88xdQI;F_-2Gybq>V}Jozq5fARL?o2zH_5n@+t;#=*YYiF<;zfc*o8xvDitFsw8jf@=c+G#ynA- zOqhqCM`V@Sz^g>WAfxwo^T$8R81i0Ctww4hk-fHU0xoWqc%~0En9iW{dYwh5DN|c6 znJ3jUJnw^_L{}OMQ4MW*y04^j?G@P=$^|a&kqYniO#~j*GXt_6wwO1sFq^|vZ|Sq9 z&b}%Ki9}f4RC)#TJ`x{LA!lArI_Dti^`oH0QrgtK7SFDP7Amk1r=1mdoo z{Gf0ydZeg5f`7n2TP1biw0oYl-6nYDY)w}&!C*NE>~iWf_6ocCcP5R4>qo=>_Z?)td=$4(+fsFp(q^xfna zX4QOF&wq_O1vFlW7}&*5iQbwLMZLvmZ>nU6kY?6R|7v>9_v1duDMb;|WvA`NUT-|T zS^dA8()745nA~+97CSgI6hVI?W-s71uzvDe{leG6>;!g-Ym$a^-b8rFCV_uoJ?a^9Q&zU5@AHWI^HC8@eOPd@sJ&j!(O;=D$?2}@-TPBAbkUF)#t-zzl z_vi;WrDfx88At6}UnCH+5r`Y!s9`aKq`rccQ(SdCDN#fGRb^?B-j~C~zh2GphYe+t zKEIrN$Y|#KX&psm#0f24PlcphT21Gt;((G61P`gOLOIdC9leihR7cofBn$E#aQD~y zj!PuOkL>sG6b^XZ?%I8vL79vVsaYtlpL4OGC$_J8`vL%1hd~Wp%_kF6&i(Rs_38^x zClnkI$}7}XVpn%y;xkcYEg0?|X7?2;QhvfiW`;JeznuQPdQo^obY)dLHuiI|KK><4 z&2dZO76mlDv73upERql_NR+632lP z^2%cg-^2FNO7`9d=5SAby#q%UHOm!%M;=5w%o-x=Y{Gc@XNn^y&ZH`X%BMfG``Bj@ zB{$q;b8ndBa)F(5rRO3-yprHE>%;zm4MG+Y0i{CK=oOV50XKC)LpCXK;^7-9{p*sJ$;!H~FIB5dC%a?WaKa^!YH zD3Nd}-@*55?qYlQEEsih-=xwye{}^e5^8A5n+OdCD^v_iO+u_C-xewi1A=#kezDFj zHBSmb4Nt{s?SBJGil1SBG5&TU_E-IV1xawgxOb=~D?d6l*S6W(zF}%2YX6LBCbYr^ z+t|}1`y6|n;*XP6Kr1`?2GX9QTVCnqs6a zZ&ohYTZ)8w#18-1@MR>j#OJVuMtEP?U0rfo{ja2U_CH8%@y0{%8Lxfu&KiWM_#pOA zvYFmd1;tEdC)u1N4-YiH<-%u%+1M7gJH2uTl{&f8{# zQ#;k-dH7|q{VbTp_SW(zcspT#_G_La+AffF zo>lg$vbKEXD;*`?{4=DYsQTFx`^Ri~EF(S&hP5xku%Ec48`U4zcc(uody;jpNPcYo zw2!%Vw_!`~qy7IvX4${VY*bz-tg%W*tllxS&s=`z>%s0BJ?Xw?6MQsTYSQbEV#s8DOnz??{m(G9CSE{%osHc|0 zTOi>z+%z7{i@1^bFZOa)xxY5N`>QA7YvttaND28U(3Ad6HxX)HZ>QpI zPu&YwN+bW~F3yZ0fqz3+%9mS3m9T$tS0S@)2IBV9<7ZUE(+->wF7@tfA69!D{|#Os z4f*EC$dg_>Gvy#vxmzB7c`!i`Ii`wmr+k8Cu-G$-`uR%J!&BI2OBr61fwuJ3x_UDy z;cH{VtG8;*rtg;P6d^`xWTzJ= zPoBn__fY(nm1XM-WDZSbs1mC=;urIX);rR_3AD%9{b zuUK#i_kJ#el#2```Lig{i=^E^9KVPSe|^5|UBBd(C8W6ivaN`X(48Xg+52AT+=XTp z)bMF>gJy{`55eTV_Kv@CNt&~IDyTPA&Znu>j>#YQuKUFPqdd|WvG7Yt<$c%li?_bH zo_^-86#`qSybN+E42RvhSWFm-TtK316@R+$Pm=FN9PG^rfA*5_Qpe+_^&Rw2aU1P@%P12*UBZ;XK+V*T5}ovoi##8@v{Q$-`mA(! z(e=}-S`e&>m9f5;KqRfjhFO8Jk-Zm(M zj;{ObW%m=SMr)$0J8d7Z`_{7HmQOYCTtc&OUr8lgTnnFA?e*6{*p%^X=3)GXEbkK| zz_{1kQB)+;Xn_WZG3kVMl}qkwasXcR*8gu4u1t_JQq6W^-AY3@y$NQHUG1DUG3JG( z)}zgMY%I#I*V|+(=(CPdtepA~izfji&Rde-Et#Ml_3PlabJ(=pvWn8HriKbOFqI>< zLXZsbxrE2&swcpR`{f{5UyS4aRh#BVk z?XZ1)wDGe_li^dD+^r9@{cat-#7K;+bQ;3lB|4p09iYzsHtwpG{6j@<(|@<8guy&s z!MP{8X1~>kRC_2~BS$L`)PQk{*I>BRY^Q(>*d-fZM3roHcj-&2|0yY^N9@?B#gQ8f zEvH65`lI09#_a_kZO$KFnrJ&dB1#hRyekOvh)^}jQHyh81>9+9<81DIlc%we&vr9) z-3AUaPm<57Dz;Y-C;VDztRh`&@t0WVm6nG6J#4h%waaZ=$c;?`FB%uCdy|vnBmu(%t zD-YDovkL&Uy43%&yf?d9VQ0mDJy{&Rrr6dz!B?7lmfmzj3X~u3ugobMAY;31<*@kH zH6Xbs3DjQOAN~t5%G(!|I~LF@zpJs^Os?$X+BfhC zI7w9b(xDdwKLhX2oO}?_8mXD$EqhC(|6=xQ4_}IcDneRB3+LIvgFtG#2AJnh3)4By zdZW6VMNhM~7;#v8(+IK{l$O-cEvq%!3zhlyI*7jgmB|TKz>8C+Q-DSWLY^^zN`1R` z{RSBKh$E$V;6sn?q-~hMK*3x{&*AawSn&pA$Ya~u(9&1e@;M&4weNkY(y(X`vVZF+ zasvZ@o&shu7Z}kjcMNm!Qas)MW!;&fgqg*DFJRh3atyW!+Sji8-fayq%obY$fXx0) zL0@?q`6ue1*{(hE8j%p)*9+0hi zVKGUA`qwiukgGD>k`d<>`BAWxVEC}HjGYEOsYm-V8TEzMhKforN)@sR8)RX)6PcN9 zHE?kearRRUoCV8$_dDzadFY)gMr|Zj-}J((DsHqQ?UG~Uoz6(Jycv?o(0!^cRJJww z7QmG0GUlWZkh?E1=~m|f6Hu{`^N;IZyz7D;U2*<%IC=i4F)FUV><Pycea{v9w!jOjX{*;Z& z^0PjF#7~Ci)rzBOQWQq-@$V^o3v~{$sjP`FsH{vbKCtNp?<)cZ_qit|ue15dsAVVy zi6>lJiRZ}cU3ooLXqyp!=b>4v$JZdQ$hFY2#$&6*cKOt3Yac-H?wue2$VRn@^N+`C zFSsnvjuC9XX}k|R!wM6U0uQ-_s6rZL&t#tnDw8lkTN|(hfR>J!(=wUS?|S08*!+j( zl8YVvo}5LBbERIoS6$MlcK{)Q6ZK}zh+h|w+3}JDkmcz z^dfI)aJppdgUM34{>f7ufUn^)vo|Vl{~0~P)`5yLPuR$73)W>N$eNDj+%!XJvkK2+{I^?Dx+BWh&*+^)Dky{B)|sWC8FbhRmW z&zhjb1kgv-GSzm~7$Qzf@ zaJ0#*^C>~eil^QyE*fv9UYrSIFkmX*nRb(ckUu-bv^w3CM)W!>Wn`-`P$`I;r z()ubXHEH3$g?DUQ&*DfyUNc5m8YU)GsAcp*otEwu!`wKU-T0g%*RXn?xe_L?Bu~_mC@tISP@kKb~%x+EK zsGU%?6zfRnljO2r-`lh8*xeppF1C)nD?;G53Zu-i{-}?9X#H~qgNG^ zOo!11a^!+$^&a$FI5wfB1=X}_3%-$;!KlvHu(@QHCth%G+{=dSjSZX{o z-3Jy4i)9{{4uq?t%vZL~rWH#2tp7DXk(zin;ALgUnHt{8xjxq_THADQyXQi;=U1&> zPvOAV<$c@zsW9_s2+9^~*I%7o!#$n1+e*Ck?zviSjxz9EpQXu_ndg@Dnm*;)GtYnB zM@Q&#VfO%lg4%!cnLLk-&ntJ%jSoXSbxFgq4Q0i$lq46SH&^>iT)t{aCLZf0kNKP_ z+zo4DB(%Ey3(p?prRs$${OMz4VZu>-f#PapB|;96%v3C-Kxi&O$q>HaB8bQ@IPfW!hsF#_J4Kw27!SRE6$u3cuT^VV-JkH(m}ypV&LAGg38W%F{?p`hM)Ze@2FnM*0!M=8~n) zQLd%#{W~3u@L1Q#;R?VVWPSvgx@y|+=u@F;MVHF{a*kal)4KUz|H(s)S#8ep8BRER zfOSPEHVg(ai5Y5pyCx%&C!RQ&{ZOqkj6Mr4ir=E~4WSrxA=O(UbH$O2dOE*u>Wu7} z>XS{*K*qNBMxY$_!2&T`u8Mp*0M(C=e`|J=1)RlNL*M$Fa@a|6pElH}4<=UZQZ?=G zCD7O$`XbC6QrQVUp%J!8Q;~!p?h??HpL~$}MfMejE$)NbZ&jw1#Q!U)Mb7=3)M^54 zJNp{?nodpZOXUdp^USM=F-$NZ)t?gz6F*tQ-<0$6i7=|DPxYZjSEGm|N=}@~* zVyqb|!Q4m8E@_cfU@mz_sjM3e*)N{&SWV+UT*H%^v2$1I!&wzC1=jJ5hYU%8d8o;! zzak@#jzyhncvh~NR<%~wBTw4sdRNPKbrwIJ8wsXphp}<5yH9Mr3MJ=1HJKP*8Ffss zm+A0Vn$yNUOTJy3-1%R~>}>*r%yJaemnxaB6D{5*8dh+qkECpc%&hpQOikr1)n8SP z=8<$SyjCeB7VjS@tUJClCcM*P7SEJCIgl6xFsibGw)4(zzm9=JJ~Bw_biD zzK}k)7MT2LFs__0T4k8WF=2ne;ThJ-5C5mqU7`1`u-6j|HQ@h6U%tQTYp&}*=&SO# zUpn5h5hAt0=~4lnhu*yRFZSwXRfna3{$&aZ@!;29$q8*F&z0c3w68|KcvM;PoB-Q(Zu(jN5bTFJEhMYxCVj^7Q^2yj(0L@FBE7eSj)+RHp(UY+^o{}niQsz$)ZM+G zd%ov>=lSNFdFK0T|Js=i%Y@@PkKcJ*7<40(WfAezGk-8rEZ*iN85KR{fuaTG%^1nk zDNi92$x5<)(mr9IjFI@(^rSj<_F`g5i9Q#``n75()UEpV)sVjQ7ZfDQ5rs5o-@i1} z$%)o&N<19_KXO{h5_;8&2*2SNyXAd(%|Rr&^(p(fK$*oI-(=%T(*S&bw%xNX2npq3_F?mEttu_giCb{k8P-3l+K*9$Elnd(+@0QEU z=b?fJ;ymfV3GM8S{KA)%%|0AH6X_14Ij1{sre0w}{_AYzouAqb6s~L94v(XFYCaaAIUR&NeoTF>fNyql~+ zVeHQWMr8+Wx_6SU3oiF4#qJ}ZVAlF)ou&?08~#zKuHHuB9x!@-NheM`#dTlxMfEy= z)4pT%W86cw@ig{Pi`=#CyP`{2ogTB)SQ7k15d^mKf#CB#!_yrJI!}&1fuB=AX#Cja ztyvU5v)nz!oL4#)&pf{94$iV98=r^WxQ0USALEkMLRKQS%xin0&!d)4+A&pK|84rx z&SbqYZ8hvz;&CMM|8cI=rku)m^xdkmc12WhAj~)=rg1ybp46vT4xesyu|;a)bd_p| z{+KN`?@?8(M_JMmn+UzC5AbWo|HliGMSOcxpLEWAsnzsAw|YmB_-Rn4^>26A&t1^Y z8gtchHO;u*VVJ=|O=qE~Ct%ekaxN@~zQMAmGrj0bA+asohYXXLTD#kcf?v6M6K&%P zo~k?lvRM}?(Xd)=?P|Y!AJZzMPs|<8Ay20#5|O6b zb+^zJFF3k>e(M;HXxY(GxBsT@*2*0eP}OyMr2rk>6?nN* z2S;FV6?DnU`9xG>X81-kvFz7lpJdHl;j+dzC7SddmtEFGh>v!})Kbpp`Bp$BHeNfo z2xWp{orEu)KN)br>77KNVtso1+Wpt`>)RrCGwO9@0-Eg3b)k@IcH%5`_%7RQM@^&{ zuetrI_Fa!~t@|r)4O)16zg4Dz0u1<%?!Drb-q1^GD!KeP8MUK5nm`<;2r2Flz4Ks% z7y51I=+y;~*{&W9gOjo1(CTO!-N&TjYZfDd$&Zmz+NQ4%B!aFM0Ij^`sgnOG<7`wC zGl7#O5HIb2P86}-d`QO&8BT9s^Tq?E2+ZH;?0(Jd848%@qYi--T7(Y^Ay$q%tJY##m;bB z$D`a`m2~dtAw+WNz6flg8e=V5mURr#CYNcrA?PJt@Wr>%-H~X!r`li7F!o|5ja;Rc6ztJBL!5d2+u4vX5@r)b zagofmsvKS4yvw&5+D77MrakU{JP*?-TWqx|3t4MiEjEgV3dEs@e(E^yHgx~6cmKE9 zDp~#2jssYd*ma-$_CXGwE$c~+K04j*$&1zJ92r6zzwIDfBpg>R!pjB_gVR7(VKg|^ znf%zs6*r@VVmk{%96!`V3?Rs*Tt~g$`K>raWloar-0IqNoY@rDGPHJl6{CRaBblE| z4it8vR5K-Aa#?s|le%$hwi5LMs&>8xJ2(Bbbwh{Y7RL;GZP!e9ssH4{9zsE$F-NJ1 ztp_r3Yfq(1Sxy2EkUS`iDF8r7^GAxRoQd*3{TwahiJv0|i#&-IpT2XW(h})f{+!_F z$WMjawp_&8R=>Z@ni^ViBYAE(X8UDO4o7YcYMY;;9pZlF}kthbo->S%?A9~fccb|0U?*No6Zk+W@ zzSF+5>kVthx#8W$<(?ckGMB(WhH}XPWYYiQ=Uno45hWG1EHs!9I(wxCQ&lzOGm}sp ziho=1ar-Pnjb_UcQX8P8`Ou=$~%@^sTvk)H0+JSDkR5L#J)A%7W8bbznRy^>*he6 zSOcjwJ|k@Y0p#YH#C&_c?9C8NuO|RAFKI+xh({E??UEAEj{Y8pEBI`+F_Br~wDRBr zx7W7lXE$lB_Qic=1)N|ynRH;im!qD*E2j9mMpSdOG|Xx5Kp!=Eh4ee+BMt11CU6jjBVP>_^=NVeX=Fw7?>~*N>DPb94oN@9rOEoJ+3lWx>>^eTQbM86^7* z64o?hEV=DGRfo$WA5Ly1jI|UE-GXd?S)~L;rvs;uDEz2SWB1zS!t znPqo#RlK1WmLkTio@%|_9I-6iv+FYJ?@sd%5OT{*iq;p@mvKDcjHBi6f1Xuk`M4@D z7cnA!wjH1+j!S9rgX7Cod93h=zMt$gkT(hAbYMS=>*h^Ha&2qm*ST6OKUzmMubX_- z5{SbRNo!S*Jh9L@GaF+tvyXTfHgs5h`NE3XBuRID{I%6ln+7;>4HdLAo6+hO$KKamQs!%O$)tCc&S+2Kmzl2s~ zme4q7RjC>rUsFPRjn7Wl`Wz|WOxRY>)mLL3Usu@QNm1~cdKgB;2H2YG2-5cFzCTN` zns9N%WYpzI5OPbl=A8mGn=S{gHA%9VvHQ^?&~n7x?fMJTy!9`Ne6lD3*St)pya_VD zxOezyfB~z_TlaZj7iK+kY&IG>lEmvomJDERV~CTFa&SUgJNM*$lmw2LN?!R6%T&?4 zUx^JXjMWfbs?xvFn-)^j-%B)JA{X({SNvt)u;m+QRNPIm9JU18X?j_K)Cb#rbOo-q zh6EF+>$7rN8{B>QedCmyZ1<(|?p2GsunQNFHY5%0jo?p(5<*9fb=y$21}vjR6ZGY7 z>q?d6;If#a&p@+_AV!}V@!TbTWmh4z**wICitsVr@2tDsAQOfTEbFDG^T)f-boH;wfyHM2kp|DB81&jU>&%G!m z0KUcm_{z)7lej1UxKhzKboWfwhlb20A6Nq_btl+kt|lXeX0bl z1nhC1t?uTc6Uh;Xmf8mNt4O0{)#`%ezGniIqxwf)RcfnW))VdP*6I?6aj)_5ezh#Y z>eoA}s~1V%C9f*B8NOJZ9<3wwkWpaH^SEgHxQ-RXPWzkBu5o2AsFH8AvOEM|9diM@ z>?MrIPrH;{i*Ea7t5Ut3GjxXsb>JYAa5O*XSz#nLS5>lv!%AHT~D=TGfE0q z=lnJ~-0o}th#*;XkOu|KS8)n{S_tIXyFn8Cg@gB;evNYOcnN%z-o4~$SQRjK2L)(b zMf@Z)R0`j*{nO$353UeujX=*%S66gO5pEwk-KeEH>2)d|Pp|&RX-`FQP=Dvr&NJX@ zdJ=bxgeX6%-36FAZTykEHJ0rqRXA#&vg5AolcJ{&pw*Q}rWkDyvzM2O`M)ox(u-gLHbMH!e_C;=0TRARfNj)$}l zMA7X>jn#a@0mkS5<`5YKSv+?fQeuhxlh<7!Vi*Cl;I7U{;LoTKmYYB9^7F)%m@Fs^ z05`b<96%Sj`UrXA^&>i)G!~_jxMVDvbGu4tsMhNXuBUmOSTG%$H+v4mUC}`}vy<3; zTB88Qp^??V>}ycc+LW8A$v&<#JfzZerpN2%s(sZX!p6NPHq{w^x$mATO~Wh&WJEcU z=kg7V!a!bXUd}&B?dHU9QcH{?M|+K-k?dHL-0Hgm<`a;6U%FQy-+CanO^e^Z=w}tf zEDr0tQ{y>?XP2l)X8wCr^U3`~c=OyU@gvS9czh&ko_KIeD%btx1rJHxakc}G2dT=P z3N%K0opbi`DP``6vU3AWmJ4pC3Ju)TxSi@Y)G)N?&_M$`+J+SF>6mjLVX(Hop1e0V zkIS9+XH9Pb=J4`wppefPV7(U#{LL66-3s(Ki-?OsK(COhSh?M`5`>^gqZfx)LBWt;LQf?tdS(`wcJ| ztHq@@3>zh7FW#Izqe^Rmu&~sK>OZ~WJ%zE5x@9NGu9@mhLwr~+zl^!fKrWHKyC_*H zrQ?b217ZLOnX*1bvAcrEnl*EkxS=8a=3r}YaIg?p5T!u|*}f1kX|K?mG|UmtKJ~cf z&W;hBAA!y;G#}9aqgH?`3(AC;9fW|1feGyapG_U_CQ}es?wjZmfg4O9P}hHeoDdmIbm-G$+iagT88LVbB?Di zxmA$h&-H^c3f8rP$J{0PMA82@bXf1{sLC;CKq0*|iR!n!RhD0{ZZTBf@`M8q(M{Txa4)YdQtU6x> z=&9vpk6Xdo-%6F30KZFXiwM-^4RS5L4O?8qjCgXtMUJo|CFoWLaBT$;e-f!4+4iuv zsatA`xDY{=hch$pWK3Tur|w|b2bdf`7Twn&`tdf|YP0Him`+dj43-IL*H@KGf+I>I zA`>C+2hc(ltpNoOVW*zzId>Oc`dT;^n^}QkQaI%MX04V~3-&F3+>RZ)x~q>D{*-9z3Gsd@ zQ(}mr_E^ZN97n8MU?XDt+=AyzZKi=KM^!D6=foLp?ZH-$GK(lIs<%F#UEIp`ZqPJI zXMJmf&&4;s`{+@2>EWlIBOZL^A`?U`TGyEKCzo{@o-l!fpn*h&*^CyKX#i}xxw>d` zw&YD*(4lafUM&~0k#&>^vy%)ORIrmF>z@yVgeyXDC zsC!@~Nv1C3g(k@z{TJMtg;}d*au9ET=Wcwd8zfRU| zyxU9!k{-MQd5fRxxE_OO%Ax-eq0=L^LYzwTKBXt#H@$TgmP^`yP z?7CT*m-RG?@AFt_s@Z7gpQ{E?ys*8_*Nt83!|a83HfkDJ1jn_(Pfvc-jxpp{PmHWF zc{2bSIur!D#Q)3PePiI*9lz@G#vWd!G!_9qS(Y<6N%qD(srWT4H-Sl)xT?uuU1*R} zUiF$5*El7hs_haUGJ|_7?s;NO{H8E{g%V{3MY-%AUFS#ULzO8$p`oK?9j`R$s87t@ z)cWvC^dK-QPktam#q)fSzW&?v7?rWN>z}0*e}f}Sq7yhebqyZ_`Agjeu#EECq=?dY z6X1en{l+D;5t(+ zfPl6e3vYOkXyx7TB7Es^wlxn3iGu<}eqH2i4q4J1<2hUI!7t-=fV1JxyXs-858Z*T z;H)gep-nHBB4bt_u;{IN_ZiHs90 z={z2Mo8|l`EpqM2kS!Ia)HOnP1GE^3KM54QJ{Elc<8Jxuc)~%9s#=FS()R^*ojFR- zmk(n4VTm>NoWEqsVzzB>u7YEGb>6u*a+^UkZIZZ=uS*Q+`QIgg&r?HS9-=58Xadb-(& zhXa2|U4pWe_~eks0xDmly8{vY^+5%5}x+CsXmE1V2b^ z$FjcIEcj+xT-Lcg>BUH~Cm>-CHbBS)v~?%KM4kh8_6j#I5kov`Qv|=`BRf2^R9ALy zkFSkH!#&^$=PTDO1r2}cILBM~f1Qd`5vJm2SW6n-qd(i$Nd$_{@XtnzWgOu=7F8r) zZ_{E#4;r#&hU=Y#B9Cp{^AQhkc|rY=t&&>AMNDEVqz|k%t~R-Tu^J!1djH!Y|98ny z+w<$d9NY$j&P==+|x|(g@5PgtbNsm{{4LXE`8{$nabG@7gk%| z7OR{w1vGtUBE-VfYci`ZoZ&DwM|?KfwLhcw7u# zSG_$dOkf~8ZW?u>j(_?&9m<+1ga{qdToyYJ2({VkUS3WdSRL@Iw=|Jo^PIrhoH|l5 z9Es;YG!&H3pO_BB(NBwdmpUYdv&b_MJX{DJ_NXSUTKLkM)SGmPS>~i*i|<$QTC^?1 zGhT%*`?b4e;F<%EN_HVDxOa=G!t7dHCz>4cny^UwP96W<=+?IWYxY^v?`!!|?9Ydx z<)O@6N-JkFadj8P(kSSFQGIF9B&p>D8^S*nTn)}k>-B6R-}zLveFc5+p4h4&ZEgHY zUn4iTsN~&JiMBM6q*)EgQ@!(?F7?zDR7#T>F&{~;;ui5@spHLWVkxl$9r-93_H8Z-VY(O)XlUbI*;O_TAX8Q4h>i1E+~*x9b&+DrLO5`l)Q_K7?rh)Sf`FBJr-INj7Mi~Decmh}enPC`euLK(%WrY{)2 zXtMpLdgWa|6^1phSB)3d-hK}Lzg znc?iJLG({{I;d{wdr$FebZ$Z>;t|OQ%+4{$$?jJxmM#*Y=RBhUQ9Xrbw>5Z~r$uca z)@RTW%d!+>&GeIEEhfQGq-!QFi$A%N$XX7uLn=pF6oGB@#h%{nlbUm<+`UEr9*x|s z5r}x)-Tm2ZOv(5U0U5h8m;IDc|B~&~pa+w{?O9H&hB0St{7(Z29?1(XQdPVMK-M{y zu&eZP%b^)iic@!4p5I^5p1nt9Evb>AvUIu@RVKJE>PCXK7~L&!Z9&uoKC_G<;hzcM zcyck_>ol-UH(|Lup7&^e)uHGiwK}v%G50e%{&Lo%Cc)R3Zi7D41@im(I=6spU9YR- z3bCKQS53WAE-%JJ-r)GMS}kev;-2+^<;JB;8}Wv%jvAh9L#-Z;?tGU`b0{A(mkIa6 zk#mAvND|{BhkeY?k1~BsTF;w1tba|^!Pf49dd4mfwKcj(d_}u+l2PTjI&n|~EdOSq z!2QAG`ta&?XTgQsootPDyzG)Cjm;GL3QQGhM=*i5YVb@&2t&}Tu~b#-54+LCV1#nwvy0G;1KS67{s{I zj=oF5)@OlSdkLIiaqwErcfCW#(BW3?7r3g;U|eYSF73GGbv#hkDcCG;X0P_7zvNry z;NgwJe$`G&817C6w*LsvxEBqwF7k-OFznokXZqrh*@z z4A=Lc-ajYlnDq_U_w2ODOzy|23_|5?HyBdNFmi~7hOWofYZ8Aruv|PEJ&SgvHVGrW3d<$w~QewWcCG~Gs%g#@6xwijcq)6oe#0#y-zo|U(D{@kX7Lu z18(Sk{ux?m4wQ5((GUWn^_|%}E@S1%};rT4>~WiX#-o--@!J zZ5Y;(W%M%Ia2udIX!C{G$<=I~TDv znmqnYu{v<)+|tC#iYdqPBJrSxq+oT4>c>5g2h#vubP9Km0-!d1C8El_04C@vfwk~+ zmuD0cm`X<@eWgEEt-AqpQVu%8nVof>RJo`^yA(cAv{4CMPr82IGCK(>m^`SC<4qG6 zu!2KHi-C=MtUgc^plPe?uz3tf#Nw1rjWcccB+ebUZCAVflhi`~BDJqEg#H4a4(Kn$ zCoWlr_DCO2gvdL)CvAh*hJGHKp6>3M zQXf$_tzwJy-cJl+NS-JK6I1YWY^OI)OjUpHZ`&3F=J3y}*OiT!fUA}Rz~77mkjWNR zu`|%9RGG`{43F$k&Q)>WC*}Xk8q)lEFT`$%hjmSBYu?I;O0l8Zat*@y++FZ1KJN|M zDl^DzkaBFrojP0wJ%YJ*wdzW+Ch>{{3y)Fx@798)TDETX!;}%`)i2K^_aug&s_|_>U{7MP^2(QFY2$vw)E-iZ3W$?NvvO_ea~w1hD!Jb-kiXBl^oB4;B!KzQr~g2H|9e=A_pPFDmJJRn-q#kkP)qN)#~K3XtxFz@NT`D@kCHuu{H%8<;57`Y4%evf%y z^R4&smnwHZSQ3Mz_5YQ=KD{8&7uR3()tdlW+nU^yvlNz&E(}zoM7gO6TDF7^8f>*8@CU#)~WyKt4uMS6*zxwyB`dds{C*5r2?vhxigo zPnx6Ui7EBm>;G&f^m^`g@O)ysg-O4ZjTb;S|06 zr%0hH`vqPH{RCN)T?6XlYC>qA83|UfzER=b>Z9_85epL1K(m&{ST7&JmaU#F)={Yu zSS>iUH0gT$?%n51JGQ=|?Lmmeg7PTsHBUTHEwIZVnb4rvR93s04^uMy+}Ef@heg2c z8y*fNmzGb6tOLi4p1=uhR6}MV4|sngVa?g6UO$QYTDyIu^%j<0U(C}(Ah7yZ4WaBH z@(dzGA~WdaGvXSFL!KZ-loV((E76mpYP<9V%rdac&l0bjC5_cZD??^yk8vqE)WD%-p*K}xdZrT81eLWU@_CK& zSasJP7(J1AdWdJ&YI9qqcJ$Ae32A?jq9YrH*~owGGpuA;6QNr7NxAp^z=@^@%wT0) z1kDKPRh()vdF?+8+-6g-#RC5>W7;O$9+)_RaD7xxK<mNc+mgU5ydE&7GiNA*BMU?rljqBEi4xdN4)I45>zqiQiUG`l3m*l~9IUDQv zZ#*~bl?`-UH@5~3Xc=6)WKYc9cmv$vrUb?Xe4VCXLFUZO16i>j_=7AZN6L>iM1O-L zzPHD4q#a;!=WEYj>aM)4oPMLmrCCo(QqME~S^pVsM50L}bA&!6%Ou@{Iay!n+XP2y1rJiQT|UOcZR29|L8N0u@l+3p(q4#q}YSb1WM~ zs)zd?CnW=T#PuZFlc~62{m>>ky}0D+amPSVc!qUp;!6lsKpvtdcM z42}3b?hkM_S~7oKKusTQG#1=|19VePpCk{5iE5Y%gJC9e`DA0&kX0;39;)!6zglmpz>3|h3+W; zA%m}rC+jiBocK8%>k~gmwKTjXvjCixcO*{swO%3kxtkZXNU!`mKUYF!%lYr;<4d0} z2pPFIzM7Hb8KQLsl@oMvlM6A^EbU$Z_!b+*UZLujzsm$?Lvf>KE8x9)4P^u|`SSra_mz`$c{OJZDN zNZ@4Xuqz~OwlX^0-y);%vj_WaHEl{ZJ`lO%z-1}_QSp?2Z}+D&s~^+A zWdn5zdZXzx?z98pw8R55#x7g&EwPGYk8Tp%Cha-h%-_J4p5nzfYRP<6!{oh8t#b`R z00K`YbFLTr97XhyC1X~I1KsV(13I^|(DbOu%t3wOt14dh)JW^(Dn!L2jCo7qnF6#; zb0TrdkHHuC=|y?N_2g<=EA+9Q!)Ua!&i9H1Q9Mh4H9l;O{$g-rN@hPx3!UPH9feSo z)y^$D?Mk(KiCM)n;tyNE@~}2tlOLsuvuVBUWfCB1Z{YO0>}KW&>9Z@a@^d#xR$-On zIq%wngPN(6MVD)2GQ~_%&u9>}=q43Rm0b^#6mUHv>Kk}!B5T!Yai(cGRaxhFcAog6 zmn;RNv&ha&peJ=F4SDmtJ89l-qTrwGB$MGjmR$RLbgq=O&=->f%+B!$9|p}PWd~Bw z!w-yGG5WOO_ick`vGV+id#K0K`9UxyKH#Evv0>i2JLRxcHHW4s2-=Z&WVU2hGJI_7lKHRD*kqO8r{_>#7wsDE5->G#wmHMi1v97$9kAC;J?zEY+ zBV=5_wXS$~4H#3J|0q-3xkPR3V9qr^IHH}m;;c$b4?OT4+=X{vg=|v}V8GtUGqXj* zGU2lcxpmu#MhkPJnRX)-rr48@vTS%vT7&cqzbERXy{Z?Alx`F%Dxx#{t?Gnb8AqkW zNX?LxBJ#WQ++fY57=)zi$BB49twLYZvrYC_dL<0s^c6rO2qtj7fJSSX&-}u+_s@nx z+{F=@yA!z#YpmNV0Yw`<`@l>cDY@=o7rl$PK1y2D4|Ei!xz}azU7gkt=kY6D4-3b* zSPmi?awV?;A9MV$8db+VP%V>ZZi8_QTkEJF1A8WaDdoXx+E`84weN~l^Xp`m;3Sh?*x~9_~EaH1haA}&kKiLZ% z)O=?my|_m=IerK=j8xfH5^(Q+6(^}XJ9*~@0AEG`e5D7TBo%meSw`uf(QO94-W*w1 zb@VoDUa5>VNG7)Z?FLDZf1D?{!MNS9Qn|w|;>X4xvjpsSrX9uMTEwLbS)C2)J;%d! zraN2QS&RI_(^JXOnVb{D9E7fbM9t`(T3`Ia8! z+hVU&NjuW8a=voWKm!}Lp?NUlen~cm9W|8Bb{0~~OX0{->TkHnI&p@>Ic@4*{)>5U zP=J=vFFuP-3r~@_Sxf41cRAeXS9GDfCRUnqu}EYvH%akFzVd3r8SMi(Q&0d0@)w?E zp?bOHSi&0$OL$3j&iNt=OXKiONdqj}hhmIr4Gct}#C{;Wkb1swqT%wTzqak}2BzaR zBsco5{I3r$Jhohp$$Ih3x6Z%XMM8?Jd)H9oQ5_n1ywTQs4KiYTcD!)kBT^v!K#+{u z5pL|%2K1dWa??0Y8_X17Brg+Q+)+|#H{NXW6i7GN8aNb_Pq`~S@)yAer$iokJbn;d z^YA+9c&_rA=5*^?CT^Ax>KpbDa6?27c8{+p}49yWEa@D z3o0GQLFvU+)*{8yw1xBw&1$W=WHKDm6aPtSADw=anxT{+p}#Oq=r0UWH-$TA&;k-H zV_qnuU^jic9THqQ8ne54!%-tqJt|vCEA+odwTb7m>Gjf)xewF z4F;(e7CLX7Y^8nk7eHnj@T=SC ze~j8?9Ni>U95ysujU&_B!|88nN26mC6eOi+@>jj=;=X+#-Hrx#RPGSmu z>9j9b*+QoZx2|l|n<`sZ{8NUd6H6sDc>@t@1RBBmKPI`?!qb;>4-PlJLmKsUs}J z_-b$9cd04^t7={=qz)W~pv6KKEu`WSh8o2|pPnF&#oxO9R7B+nk>k5Na4b`o@V$RF z6Bx=^_0N1KhNLw0+Y*N9M%))hpQf`w#3_v3F$htxLHb2GNdJ2h;#~QWbEhAF;4jkX zC^AtBJgz1TF!Y!i$|s2_cuE2pk(8cK(ihf}bOjyN7USV;#pu~m)0xmUdxDg2nOt&(hR+>6Hjsv&4kSG*l{B6U-bamsZ6 zRq8xPVjp1}{YV+WrVqs#d4E*LlI6PJ5w`!cEM|VaRChCe)^eTR zX$Q({Rj#5CXHk@OfWU`;i2lmlf7U7nj6ff9&$y1$Ew4dJ{!zj@cWC>_!;EgBh)xX^xB!1XDsw1Wn)_22LY=!)IS#I@qSNQ(d55I@y zBSbZQl4qdZDia5D$3@PyYH^m$iGN8RSaMTD2%3Hfj!@{f-C$ugXt`pps{i1`-1#6i zd9CgPqjJkDBe(O}UBdJ`y!KmhO z1dGRD?KFcrync@GrSpm$FWWx{0*w}*7d3h^7>4`C_*%`li2dzU&FT4NY~JtQW&svx zDIj)vUQ5UqUWJ*JOeZWn(N_gYm(cyV(nHJcQQSSHLtfEibHD?v#_#0_jV`vay;(^> zJn{Bd2CSSnp|yE~V;N?rdVW?(hq}@>S-HY6qfkKEkT_ZVe}8K;nzD&Xm3(hpw;K=v zufJ{r?a&befO$x*d7{Z#izM_U@`zo2`gcQdb{gs7@(Ddv;FUBp4!pas zE^BO-%K9ztNE@{e8;%b8;av*i*Y=dERg2aG8sP4rx0Qy3l!0gc-%@&P1=mLNJ?}T62Da}KbecK_B?HDlYCpi_T!{vkY9CkzEbvN zDz2n^0H3*%2bm;v3{*onCy3z^Q(Hs>@lQ^--6N(HFdQ9Wk3|m^HEWWmP0rYMZEZ?i znGFUPjBT4$=@KHFIyZpGCJ;>jspFbv*8X)WE=ib*(|T5KP(#9s<~Pn_o*~2Krk)&N zr{Q9|&--+(u}hmFA)2f2dT)gs+c=%+Wrj`*?Kb3RjJ&lWNrw39?MHWD$om5u#NN#F zd&sRl=0g5zv7U}MHjp5fugWrvVxf6u#BSoQL)9uCY0l{7_lUe;4D{>fTcA!zo)+tL z!DxQVa;(K++Xs8?YQ#{^6xD)|LmHmbGB*qE3na$^fD7FKLRS3A!9}BV^{1aBi#YLf zL~ur_4&bbu9$kqQ*Skybb0mQ)(mzG|BIg!ANIzM>PEn1y%;KHow0f6_Qjyu znus08&NT~X|MM8rC)g!Ia?<@Wl;GhQ4eaq_E<;1=<@jjtjc`{Zy4WvKYns~MDW5GC zbj{3;wyX@VOm_zMyn?M9`f)^55mFOrFHQlAv@c5PUtMQf1gHNGSIM zr`IAR)dvCUZzx4uKbSSC(lz`u*lAZK>t*MQ{W!Vp+au*>~qH19(8GgD<%_Q_MH6 z^X2jET(Cl4MiaZj{LCDnCu%a)uH#&1RG&QLCp#^nHo!DuzeeX?*M}#>D|gCqHq-6` z=7mX}>mc?*Jz^=rqQEZ?N}Qem@$h9o1M;)5a)%&GW5rn5YV~B_Q%oqrqKhPx0zJe= z&QdJuu#JP#3`^jnvEswCMi(H{qhrm&FZl(+P{snV;KtJ>O0Xh7^R;Pz~) zy%H?>lg3X2xT2LoR|>vPOMomlzDOhToL^Z_)&kuKddW;67b==X^XXSQAx?iRukR2u zN=BV1!dU%`IC1Nq=fXw8HXU~1QAS8YSwo4uf^^MI-sG1M&BxC|cDtV23fPJJCkruW z8O#9Jy26H33mt;C`@PKtTPtlP>f_&+p>UoYbXm(ub(-q6nhs}L6lQ!M01Sw(Fnf{! ze(u~jBn%9`yVE8Z-AaxF;m04v_k^?#u4Mn7sAr-cF{mbfhh;L{R2GL@=+Sz6<6Fncq2D` zv#mOmaC@yG!yQb2CPj3~jZXy+jbYK>GawZZn$ouP;pq+cSx0(B-RR}skOOZCq{F_H z8gp|MtS1X;Wvyz(E{93&)?6ipcIqGBVdRZKt#5&V1CiHBnXket>qgRDyWD=Vm(Rdn zC^jzP8&8~ucgg|6#&7w91A}YjqHQC-J*Q7H*baa%&4J^jf__eO+d<&K=YJ`Fx=KTT zxxvv-q86llP>PQwG$k1gy+wTvwb^qTiA>K<;ie;mXwuar!jZ|D?vj& z{4ABx$A8K_jCqVcz0OK&4}xStD6ObcTv|O@dO=Cw#v! EBPvkz%inw!8~4zai)8Op zBsVKQEagPe71VDoQzvifyK zU@k3t)b-hgKjed4#jb+he$@xU3$8K=KJ-C<+qSE&o^Kd^`$7MIe|Vvo4?wG!a)G@l z9f$Tsi#k6g9zHSP@g|e(=Y>gEg3eS5|9`2{{vXs*|LbpaEB^oX eKh^f`(GM0+%M@(CNe1EfL*bt4-BMYz!2bi&SdPa4 literal 0 HcmV?d00001 diff --git a/Workbooks/Images/Preview/notifications-white.png b/Workbooks/Images/Preview/notifications-white.png new file mode 100644 index 0000000000000000000000000000000000000000..8c25ad65dc87e8383f377429a721716b38680709 GIT binary patch literal 35935 zcmd?QXH-*N8}}J3aI1iNBP!A?2ucwJA<{tt05~$j+RpyP&ich+@k1Odu=yEj-v?9;39PXWj=5;)YXAVX38xO9 zA7>q(c=^cE4*=lq`m?e1fJz(zfY@D~2O1{9c6d71OM&T-pJ25*fjhNQ)WvTet-T&j zY(CYGFi!h2PHrKkuWHKAWh(h02NX( zYz~>7il%-}*+`2F; znK~ZE>X*h+cR(eR_ZI#13CS{~(oH7ys4%RWo)wwaR z`0~27lviNqKHcW*SQ8N7VLl14V)8WYP|ce=_WCHjNUAyxbxeskb0vqid;tevc#aG! zq^`knqcn)Mkkl;Y)K+~?hvPeU-5p!RFu9|8It&xDm*1l%I$-$@d~Y41s^ zA|#J3O}5{_(#FJa*|i`HWe0wKwxUQ0gqn61OvDa1&cqycPE$|_x}ljs&Q7h-EUPu; z?g0AmPS}fKP&lKFgzYG`OMsYpLlgSCLM;%gLFQ5PZr)9o>r}#cy%EzepuMvLL7K2v zevbVyjvdA7UmNVm0V!?I-`#4Mw%grUMJ8+JlyiDtFxP5C4fp=l>6>Mjc;SO#AH}{2 zbm5s)gQZ}@f$S+4%zYI zn?z^yXutLxDj6C$e~l>Uy)4$-{-(&XOD#L4SV$iQ4!7wGShX6{KzxK=2S|RLOREILPF>j=k2P5t&Scjq@5hhi_hkEyyM?5$fyK|B`FtU;*V{QONjc{C;grQJx zdMb5$3r~?MrHQcWu;~sUeqM0ed6Mo%%Yl$@hO7p`OR3%|^GIg$;n(afdj;C(!wxD9 zyc88QFJ&(k0)g!q&JvN@goF9#R4W~hJE61i{=9MbEmTm(a65IV&-gSq$~<;W@rp;` zV8nhZ1$_l4sI&x6$JZDIKsK;xy{4z(Qaz3HPpromIgkMhsz?gzstY^Fbg>lqV?Yyb z%Vd)G(P%NJ-Cw@!776_6-mAcIhMnqOK^RVLL0s6RD~P^ujnvLSj7L2A^pr+{_|ZTp z&EXkrv$=gTF`T+sSN@QWz?o5p9bA^Q%fi<~)&ij8If=HRt$}Hff(S!lMTXZ-)?Ks5 z;G;Exrd+wO750qR0tXn3*WR{+-81S(T8Du8T9Tf^&Q8M|$s9g)A<|X+C1W-!2vwD! zDml!Q4(dl5q;RT<4j;O{Q{GC^3Hcd+0q2p!fM$-?KHR=SMQ{wG22ZO>K@=)gF`}aN zhxNsKy3xFk&?RJr?d@`VxfHuG&*q@qujxxd!WPjCFYh z@A}uLQS)*~qA5Bcqo%g~fW-WThTW8NF~=}2?7F_OY18?n=R6h>D!Zz#uu>Q*@94@M zUdPQ=d&d31Uat&1c4K$aCE^B>+=5Kj7M{DJMq3xd83yEslQASQL>DQFiLVjJ$xe*v zJbzYj^Kj9aL<@pwMQnB62{}v~CuyTk`K|_??t|Zw>-Exvh*Rj%2Se|WC9|7u)OpH! zDXe-<~%coV$ zi5%4TYqTX5tUw}%aE>X&RD;o(fHKE682Xk~(s93pESc*P%d}xgi!mWQENWA!h`~sS z2wBMqLcLOJyG&%9F2?x@o7wNjsVbDsS~2kpbx1Fa_EJ%fK;k@-s^oj);bp|X-y8^K znL0|Bd`7+@fS1VBva3mpujYJAl?^!3Ld7~Sy=7`=x$4>GD!!UAywCWBA(;x^V=lm! zis7m^cGvV7o+UHXUA}fY0W=!|VxmS2pAq*DwQv*VO zcVp7ku2SfIZVF8ltq{g9tQkt_s$m-Ev$|%U@AnNjQG=-5()gs%xLy|=a(=^+vi`+j z!anqYYM7zI*Ab1OG$gtD+;`UnvD3gG$-X7Sq4bL1N;1B&>jEv_msU?Is=+^B7Cl^O zKz+xNj^sWQs)Dp$cG3HJ$fvNQhLuPNBR{3?YJ;Hg!b9^nYP*REyEI;6mvvm4Dh+40xDqxNMuY z2W(phTVMH)F{bceE@LUWDkdC*8#kuB+i*>$x^v1CcZqS*d9=|WVcAzZ#X{ja-hA1~ ztkW5K)6A#Qh8sJKc<@qD+;ksC9{W5#Wkve%37rgW|Ki7{7XCCMP=`*Co4+F5VJh7P zcTxmO0K*%!y+ex+XiDBmkn#vKBxU*`b+p=63^b+|J6+OLIy=ix&*=rq_3O{uv##S~ z5n-JD>8S95AeAl+w%o9q`UVn-OkvHH;ghE3=)9CKm){NOpuqS`k`tUzJL)?Z9GXdc z-Cpk&Yr~YT;xb^kz3oxDhBX%(^iZuaXP^-Lg(Fx|;lsf;+!fhA5Ye!;)AgK=KXm`GJZN+Sbw{1IGHLj8hf2O1<&TCngjdW7(W6?5_`j?hy@1r zAeDQ4dR_#PPg}|w&w;j?7WfgP?A&@zXHR?Wo^7GnV{ms1wO~s*kmuS4q*QivLyKh< zvyYED)gqh@K%`DCI3o<&-0S5(1y;ZL(Wsf!5}^fiS?Tc;g}el4e&9412KMRY%*atlLnV z9g9awq%qqBU5uNy-Bpl@)BPCl8A)OX;~fdYo0B9wIj)+5nrAVct?AL#a`QQ&CN=u| zPt$AGA%n<+_hF%jZq%qfc53R-CW8-L#-a)aNp3iS9F<{tktnVQ* zD>dI1lv*7TYLR{Lj*C>~b(OeD9pCcpcIvGZ<~2;W>THW3zHi^!P$6mChno;&(dh@x zV(;H(UuJyg}rXwxoFDTeuroj-sd)YaETTKOSne zrzJB&F7L33Sx8J=V3Hd2HV1nRnVS)7`y)M0yW8Th%BY{e-jNoOwNU}h&O1FzehI_9 ziwV2E8SxM!p@W0W_MK_jve5-GZKh&-g{kb))G(vzvc1Af_*~&@yvtJH8f|@?)RN#S zZ*H+(D>_@jT@X;3#%0BW$?N#ChpR?W7*)AV(_X%QTOwbmP4nXEZH^$F!7iz@It3A3 zfr82T_9~LX5j}hghojcGg`)|N9`dEF^HP7|hnI~6a)|ANHkLFLGxUkfa6&JUp5v~B z$k(Yd7oL~#Z)F59)+#coq=*&@&>A-)>uxi-rpkCHoWyVRod&CCr5tT#>?25-VNd+n z2uw^k5qu5k$`>&AV844X=n+x4EZ4DFvx>UWvs6v@`>K?&B&u-DULis&VmIN!(g2h4 z{@kW^^><1~N!7*zN$M^k2R@D!;Y681D=7jD=;on0#%wixgQ zQilxMt2i7$j%sCXGJd13xBOB&Y*AK?c%mAn>(Ku_SV z_sWYCJQ;eX#}R{03`1f~p#WuF;&}IQDr47X?$_MZljBWf-~UYCC$Bjt0@F-g=9{F_i=#G z;6H+zJdSLh2J*!!yD*8SRI=f_ps&`tV-lMo7*fUYH&~ zNA7&*Il@$Jv7Q$6HZTveh*P~Ox%)kr(y~AyTg?TMRH<8$CvOnO1i!FTE5W;5)`1W; zzqS^)vUK=7`617-4J8VF?_fS3P*xVu&pv#|w@z z#VCCk#=5aD+`T?1d^d?SpoXyZpOf^>nrqll4WUraqAOMTWnURY%>^RYH^ZNGwWGd- zm6s2e$%p9PY)~7F8{B(rQAziDEZK1g^hI&>o5RkJX)Vy7hewr%pL|EpAaEkiq-oDr z*@+P+C=PQF?N3}07(CdCh?nj+hY-!&m;-z*YY-4TXJYI!=%Diodj8AoEGXjf2jqen z69<{bxMj7|79m%27;(@;9b)A=u+Ee~{~cmU2?SN}&k~X_RZ2HG2(zLb9fad_P#a=+ zj$>UsBX_>tp)YMnG zMbrjXUTo}Xe!zwFO`+C)P0=8FAcn`kurl(z!RTBztSh#9y`WGREY9tjJ@e-wxICoIK;)%Jh;rnE=c5Fgs2^4Omqv67DJ>irBBmPW`uD69B*;P^ImX zbdmdohdbq0tIJA1wOCsEi{jh^&W|v6D;U%DEOiLBlKkK5(D`%fM_JOC`K6QXtPpwb zuUxkO--Z`QRuvRR{qjB0hpH`1Y5NAq4zH8rPTUyScc>#LX9v<@9=Jd&8R&3lZu#mM zgf-cE8;viF`PnSn-Re&yfE^3YWHG;)4)C*jvcx!!bN7147vd?SV01@TG0a&D$HR=M zR`wZXXy^wKK*RlLv~Yhca*N>`*sjek1lA!O{5JMoP6*WLie153{{ZQ%3EOXX+_sl4 zRX!jnEpfnFI3@30N8Yy~YTNENxCnDjcj)ev&Q7>tf4yOZ zQTlWUq^019bK=K2bnDZq@Tf~Rkm8R+Vb)rZw$3nBkQ&&ogFI1hP-CM2V%0d;u8(aO zQ|HTcA*2ec%G}7u8vK>F(s8AQj)$VxQ^Fk;IdI<8TN?zH3AYT%mwjjyj z?)yi_w$bgG6kT;Y@yCP(rFIez8J)$-+M)EnSdH+|9nAQv8Wnb5sC}_rfa-5BWLC}> z(Q@OOaGSPJ>&yB%X0NePFzE{VW{*=YUDdd5^l%&0AJdUBc>$ElP@@%PD)__R`1N!7 zuH=FGU5kY}thEdw##)4u0mWf@NP=VAY1CNPP@!#9wef zf!g(ar3J~in!<_ioF}vgbCP8t@|S_7of!uPWy9J_L+}kBf$D4+4>+ioZVXC|*ED?m zob);DONd#=%i*4-Q+WnmZ^C||HVQUs#hiW{6JhlU^Ae|V0pWYGP)M$=*3g2aW|BKy zR2aHB>D?swr^Pyh0IRnnP`r{zklkTBr>a>UL?Q#cUbEz!;e;hZj0j=FT5hhMiH6F` zl4w}*bxQI9gTE>Xj?|cbT#*z2YB8unG}U>(m~Wi!3s@eW?hOE$VoUe?>wSOcxwSMb zUg?_;D)x*pkGk8m*FQvA8#V!Sz|CdixP0-}tdY>BDzlXCA^x87LT zlAc(Z?rSY4--{;-!SZe<#&@u-%}j}K5#3YchvR$2Jv!F@3#5{Z8kY%(7a^MOpr@K603!gjbGvcRv{i{1htW?F7Jesc`ihFGglRuaO@Li zIMOo&Mp=0BYEz4htiN!f^wV>1vyK3bw>8#Suh+jyTE-Lldl_KI72@0#AQ~DMI*52_ zcDxUWTGn#uH)o!5b2VZjw=|2-X;zL~<9|*f-8t?~cJ3S6Lk$nhby|@4a1vums4qNd zJ4fIMt1c;d9RMr0W(V~H*>Rb>nLNPLi0$cskZ$-Ang}Mw3Fln!(|wlDoqs{2OACF- zo+#^*Q+*?@*+2A2-Mm6eGT*0b+QLcSmOeRdx{zI)BkE7~Bd@r)WZgs_P-KeDeCLb! z*HI$CIY||J5WiDwy@icI(RAQNF=b ztSdvIyWqYHZzf6GxI!0{GVn0yKp)RLKchoNED35O2C^5Hs$;oIU#*NFfJ(UqDb4W2 zTvDZF$X1`U4$*o?W?u=evm8%b+AgO&BJ^oO8?T?{f`{MV^8!B=-CMXqIb1u9P%CO^ zq1{Q_*VDQcUT7HDjtI)OWl|$#DzP z(EGENhAVP!6lHa>1-U9zzn0~40RZlgV6XnzV^uGYvAi;X`pN(I1{g51BiJSsh`n)5 zc2DKy@tJy;1U)^ynV^z&BOQ{1!cChRV(stIDmELP^B2{J`(m>BonlYEMoiO0#uaXe z4cXS^NGGO6IY$tgn+wWlKx)@- z$6Td^-n4OSvTRa9@BFkN?3Idw00DV%85?zp{oy)Q0Yix5hEGsnazEuF%4aP~}` zMv55@w3`sl*k`14rh)pOZ3OI{wumvaYGaSY)!k#;Z3UtlK?sAYaP#`zunNtkZ}5U$ z2QuZu-&`5BswNG@Ykww~MLVrcdZmi*lAe($)p_k;W>97uJ&a0&;d8#+GC=hrf_nAk zyQcn3N$^+U+n)}s4Gpp{ZX^zvsUQ)g?{6>QD#DRY7!@e3isw-n^8}weGqNuXJJG>u z8CY>sP*8CBZ#V-<-1^leIulIl6T{mpD<;7UEZcRlpQO1AQPBkLiETf)W7E7O(5uZj zG(J1IQ%@&8jL@7pjonGWim@K{)&LA7$5FLPv4^mI-p^*B6cCPD)=(hzsx0rzBH4U; z@;kmvq!}L_ml-KbKrPB#pyPwd4{xeAnJYG}`Q)3oZl)A#Xa5zU=Di*-DVF;EgZng~ z=Hq#>$c|l}khLD^{<+PDuwTDUv;_9ta&xQ6ncSFk!94=EWzO7|Ot^rQqISgj{?5iG z#mv0_VC0o+n)09aee4KKO1Lj$NV+fWHxQ?b46$RM6;77@ zK2nmzEiiYvt2l})3t?@B%}R}dnR4u28(hEP%X&8w+G*a2pbG`7yS8GCU@Ljy;KxIH zsv>aY%O{GAULlZNLhK@`63E$?RzKX=QMv9lw>@*Hqpush@W=CK*UyoG8tWAcb z%bz#_Sz)lb1sB*0m7O2-?tk1f73YiRpV*c0au2;K-EsJVk``zTn;S1vg_xTW4s#h@ z2D~PoiP29A4cwq+Q>+75=vLA)#f(x#g~^l*=U6L-;~l z!6F2Aq{mRJ5d=m&@_ce2y?mt`@%8w`@2sEl70xO0fro$_vimrU^Posi$Vch>513L0x`A3Ao4;l2lTp`35& z9*tGUKI0Wzs}Dhwko`lzFil?wqkVn3nz!h?_dAv}mN2aAvw0$>W&ZZ&y6D z9pN>u23d+u-rXNQl;5%a~3SLw0lZ zR);4+n!oafQ9N-7-xYoD5Bw5?bxj@s3$0jwb%_lbZ~=CqPp#Y_3~@TBZ}|msE(G&V zgq42R8iltMf+unTp$$l~BgW#2|`LV4P z6=(}yNWs^wzG24D$Qr4u6(4T2pc;}h*P$CF6Z4y>bRvcy}I?R<1?u|+oKj9z3N9x;yLdE0H$aEkqvG>`Nqme|1T`8 zc|sO8qK?jCF;`fB2i#&@zt0Mnk3YW03jeo7h}3(LxB7dRg%o^7J08CMoyYHl%KH+2 zVez-m8X2C?r&`jq={rXAX<0cTc{-ePFFUiIcq^eLNu?3O0RTvJUp+pe_|@puvn{Ln z&Z*Z1C9)h@_+0xw!S~CE;l6rs2EOg$Mo`}>`dXbIA{==n4RHBK=%R0W5|0X@!>BrY zalN|y6Sn2hz@}%+dODGh7FcQ`K+$c`-@vQ4WqAX>ez6V)co_)buP%z8QTDJm)`ubo z__9!CG>Z`HkHCKQjoG1vb#85E8HwYNEPUv&U5)+MlM`2?jB#|i+EV)i^IvzY1&FMh zHQ5qItb`6Oi3oEgORGwS@Ik98_vl8x31G5#1Ma$C%WI4IwJD^^qGKc5vzwB)S-tXT zr9$B>(a-S7dJh;I&rZ{7$*sRKSts*rAV6WmLs!i?bNea`IRDXw*!LxK)yL3;;NK;7 z+gRr8#|vB++dWNtK0nF>wH+8JYz6e_raZ^aN=2nv-duC4LFe-Xq65q%djrk;B-a8y z(kdh)Y!Ta=F79m?=xdgF6+Vu%){Ts0#Q6B?8QyyW=<7p5<{Jn#SDpn$Axi2vmPx29 zHTQ41Pt$?`?`F@Q_wJT%*gSzbTAOa&R&X1<&=Cvb&kN@ZTlU;}vp6v?tkHIQ)y+h0 z;TzVkr0KTe)OE}8p-TmYl@EQ5e^EC8)+|@bYdp(&g!|gxnC$cJ@IK^GE~WTK&n>=b zcxEk{&of#F;d{CozGHa|AxW3HyYMER>6z#8YygWRr%vU%h+c>FJ=T5U*4e-*z{@9N zndUHNx(dq_{#3dhH9(&D^vFJE$3d76RDlraE#-;H*cO0x$vmmaDK(yt5fZzmnv&8! z2-rx1p4i(A&iDQVy4yQ+ZMg3N{E_p1^1)EV=nr1!c0WxV=SK4*?ST``O_@thGkRik zYww*$mL09UvNxMnWmm)b@P36j-EiW2diKJHAvgg5w*?WM$t6V;}ICOmx(09grtS zAfZKQNi@N&>KNPCzb%4K^c3-bOY1o)C9@xylQp5XdbRMv=FP4?qfoX2LHXa^^TA_f@xVTN#X7x za|T+lU9)3^beP7ernr_}n|wcLO_iV6>GDWNLxo5iq;7Py^=3xDm&K6!EEzA!@naBd z`pog2MB}4HcBPW$G+E$kKW7lft9ZC)PbT-9_2x}NS+7vHG24SDKtkNcaR;ukhCVm@ zN4bh6l@U`$_$`h@Zd)VFRx+h9$VLnME`Hpnn#a9Feg@;E6r-qQbt6V?@^`ZES8a^_ zQuF)XyWS0&AC$tSCOSc>;RYF_<9g-4KYysuG~EDw5>>Lm?l;1b`$9DSP{7-;cc7p@v)NmEHov}j)eVa_7dMro#f8fCE_;CnRqL5fGNSgYx6!P1mC5Wky=P%$pj zfCD2xGg)|XWlqrv*lgbO1nWNuARSitJ^V4&=}agI^32GcQ;41$%F14Dzt_{$LAfT@ zq%1M?W2G?J4Vv3Htq@U$&k0Ne08Ta40A?MP)=}Th#yWQb)8@UTRn}2ud7S=G*R4=H z=lP#XzOo4sRP@m0uj8-$3+!a=cHi6;EA%^|(XPZ)jB?R*`K0e`Z6CVlq2%$%V%l}& zEcd-{z{E83nu({}s29@~c4lREuw#1ZSQVx}Ygh z%Sp@_-dVJPxS96Myiw5h!>{R^;P$`YjvSUNmx|7nHoe9cY~3k{S{c~PeiquO80^zN zb}I-CMZKB3ntIU|b4HxCr~bOeum$EQaNg4-2mT9vLb>RM1<($<(uHV9BZxpuw&=qPo? z@vf`=L%uc11Zyn?ZF;&>PQ;5Sx6?Xa*SNr$fr`M!H2GD3PJLQd@?3@W2GOZVY2DK> zCC#mxzI=LhEShwu;3$P;db&CgnO@N3Qg!AnVf+zG>z$w&aH64=2i=Bnx`+Naz6Jm| zKm1zvo}SjUa@kgzKT^zBQYTr5{4bI$bOeaiyN}kir zZL;Y?ylE>mcDyQDK0a3pa+OqjtEpCw&cdeV>j%J`3Y-kyJ1Dr7Eq1pT1aJvC@Os)O z+KFwPpN~GkaWu4Y-p77kVX9!$O^#Nk{;CMdPhy7C#|kAPem>EVwsvhnNSxKsZz#P( zfmIqh!aIEW3t!(}t6yx=b=x;-iI@)QsO>mgNz!_1f&=;SHj6gK-QD#+*;T(BbJkh0 z^7>jMa5=R7nL^O5Ilj0iWOH%p=Xi@0gPKylTW>(#la_m;etH{g z104H7>$NqeEkcXm@U3i5V>kS7II?nwJNsMWJ$<5R|94*?;A^`LIsL^u^V%;TKZ~(7 zi@7{l`)JW2N7_x8)KaS}zj~%C#a+K)tx(4ANz-caQM9>Z*Fjjihs*_ z(~=}NZA8H2SMj{+^C^lU3qi-{M<<3?gR+Z`0xXovWsZ7z|K&^kGR!Gusq>@ENv6>o zU(<2Njcd;40sAEYz{c65;LRVC$3n>C%fEJR{Vxbvros+DS=j^#`~vH*%}2HbT>qay zw3rkp1A|==0hBC<2Ym5(iw*L++*F3cQ9#wB*mLR|N$*b{i<(|n&0EcFqAX>G!=T(E z_c2$g1=x0qLP#K}KKz0M{T81J_(5P5oM@iQqP)^6eu*eJHuYDqT+iF|1O{Z-hc{JA z$}iGW@e8oO_hUHnul04#qkyS5Z#hPmzt7x~sXEeGzb7{-LZ!0jdT3B;Nlh0)$*-mw zv+~AXY5q5+nI_xV=lch&h#=p;ax7F(@bNceXDvM3nUY@ggKz%=yU7O7G>|9}wuv3EZnzCB!cmlsC3~ zu{8mKLl=I9tjjM)0870#ws#zCq4VXhskMC{oDA(iAeI683+M4ERX*|6_V-E_oE<%X zUVVe-Ww+X$?zGfb`BybXWkd8@S<~Wy#fY!P(f93j>Owx$KK2?{EbUWl|S|wla~MiTK)YD7#zm-^pB70cOFHPz8Ozk6B(x zVJ_tJU)HFOv)){a7K7r?r1exQi(c4^28Jna*4HY_cnUGIjQf_ehys z5chGfVdKS%(Xbpm=MiPWN7Law?Um2D zS934_dayBs9QuhK;dAtpfy zi(Y9|l^VCL+i2&`b2rXer?Hd-k!>%GzkvUVPsoL)amy;}s@jDB;Xh6Be8sowymsk4 zpKE1%h*yF0o?*`C%*zvw(VH)?@;3-du`o|3QgClwAuDw4A{piv41;rU-{adD(SI7- zhZ?~3h!rk5ayVSCD8G<A9^C#V{v0*Ru*Sq=_c46IyqhvoDceQ?33CxV-5r;{~Z_ z05z#n&2PFK{Ri`B4?o6-3Z7Xjvs&303rHFY=6F12;=*n#g-HvG&Hd=UFb^ZqCsI)-@9)N0F(_nRSQY1wMmB_J9&WGd!7;hf<+@g+r}%Gl z2u<62$53Bm&s_^j?!o`ea&-+~d&Ftuv56o;Z(#6a;+nhXV7nT#RNil~TDr-rXMT5+W2ekGwSA#6fh*}(HZkQK;A@%B zpKqA#e(V<72mB2;98?eZp?UB|IOL$mJzv;w$_i??M;8C0Bwu!I_p22|yg#Kb8xZ*x z`=I&Axzml99-}L%Ed#bLwsJKk{@weJ_c`7+p}rR3Xg$vW0N8NZfcl2f$B)*2X?#|7 z&=004NB8*yy>N%gOT8Zx|M+(>^rf4>SnvW!?Mc7!uboqDED;Ov>B#>X(n6ghZB6W^HmqsP$=+fcR|Com)aM zJBU*HuPAraEir^J44nOyG}7~o*rz}vkUlG+jcGvuK+OwDBS7U*N#4KMt0x6LrB>f4 z`i-Eu4^rk{xh~K$mD}Lxj@a4=*vD*@t4h-tio~ZA0HX@vtzy>VmPLXDd0nB3(Rz}a zg(7|rkVFIsrqzOAkAL_eA7C05xEnBQ>;TEuf6!<2e?lKr=4eYrYeEYAM{qu8Llu6r zlJL?|wBBfI8eK)%JWe}ap)MtJ&ve0_C*z`m_l6e-2vLKGuGa!wsQ-6;` zVOQ2>-LcZwDb429_pR+@U=r^qv%KjTSpzeEKvc*fUfVpTlfje!TV!N*RFK^)wInv-B1I;fSIp@MumpZ~rCjrs}p1 z9kh~49QV^#U5U28H+>oxXi@UNDi?h~3UoU0Rz~PUm_!3;H%N1_)a#e?;eAwgjmnww zmPXx^^(*+c{id_CuuhjDdBb}K^YpU~w8(5N@}ktC$~*T{`7E-L!&hin&02{7d9#t+ zHHCPyart>ScKq$DwRpF@z>Gtsk($N#=c2C*e4kQ?n8a6O!aR`YM8pKwiJiXP`hFf6 z{&9lK7XgviYiaON>LECeH+n7WlOuH)@x(P6|+lLP}}>5 zgI;ASCN}?vgA^yTR()iC8(a2aIBQf{dGByMaGjm16}72M%GC3Zb&NJFC2n4@wRzsH z1T-0{iI4UFo*C(Z(y@yk^#7I>@5=6FP&B#R=N)@1Un0U*UwtecR*~Zrrta7PnhksL zpy}6}1`e^M)xds(#`3}{E$PJu|Hi2s8c$D#U+-IAOH;R&&KMGyby5O9u1mrg+c=xE zeK)bbP57w*L0`i-yoDhu1l-#M2U92x_c0@{!`%{4QW;{JM9m&I`+U8bwPyVIvCSmI zas}%HctKlbSo?9jbcfeK){t&ze7>9~>anxuSQDi32DSD)n6vb`OL~+{&PVXl=d#71 z%k6pr@xpMrX|V~@z_|eBX-uR@xTOz5@!89d&j2J}y@kE>Y`u~hQZaHh>hwNZhaPpy zD6}(MCR4KTg8J<9Yu?J>I;`zbu>9u5R1L^n+8w@^(&+THP`;nh8~hK4RC0p9m765n zj{Z8Jhd--A_!^#JKI;z4DT_V<+OiQ^YcmlWyS6Xmii z|AU@5!qHYP-%e`O*xCN5^Kymitq;W&_B2Kff)O7J?ZkkQ+9oaRpvD?^4IlX#DZ{r=3tf;+_0ewv;@Aa$ zMP3WzNeelSx@2iDcxU`&&ArZEmlwv9fcLR%9bwuBvn<3u2%ZwP%{llD3+i zlKm#CE%(;M>2WLeGtO{}GUyp;!0Pl3wl*^CoLlpU_Ds^!_GUqh$Xi}F zSPgwCZBO2Er9JSch?PW=8!3S9;|^v58l?#^?c0zBK6{5N@J>c(?C zXf2zfwr=WRgo)}p>FX?J2wCs(rWT%}*Y)(-m9H6a>GUCvxufLfbepXeABw)HQyk1X zi0&pC-`lNEpQm~$%$fvQYFRD6xtE$$r06}MYc>7zj#=j(?^-~e_o!EieS~^B>hf+} z2m`xQsUtVy&NmbaRHS03rEOb(b8z$S*1b)|wEcZ{;z7nGKM4BZLEr{|v5oj&NvcZT zZOPGwDH}mqEBqV$qvD`*4^0{J=C3@AFpo41i*GA?WM6znYsWIuf8F0-Hp_AX$@Da2+vN;+f9O*eYecNxDYW;_tyY3Eu#+AQ+a~w? zY&^mwSfBSP5`W$lh#BAY{-P%t#Cn=hrqwqCgLx(T--rAi3HH@W9(s?nzGld@@Y=oB zCVu3OP3hEw3_EdI4yV`%EB#7H$qB%x*>9k$Hf$f>&1%9tp1xH~3!Jbv=c@So!2M}y z(n`4bh@d|GW5kM^A|Ucdy}0bia`a`&t%HFPXo^XNm8kK?6!!*y($v?%hmNcT$6uYA zwEkuN;c7+y$Iku#^H27lknaS_%I@q3fmtSGqy*sqAw;vVTwZ!$_^npiuO?8*?h}e^ zZRCJZkO%zy(C~=$4SGz8`t9IK0?!9-cd+3QI_Tz_`qc(0sNumNI48-4B995WGev}s z)@wVigwi68rz@e8+!3`h!89+vcym9S66z|GB4Ga9Z9;~lx9D1E{>OnCN^EY`&~3mo zeTzR%;>Z8VNz4HOTF?6nOMqgxwfJ0ZF?`~J_x>Bxp0ErQxyR-~2Bg@FkIY!ErM8RH zOLyd5kXKUGeY>LkSEPZ0rB;fhwOH-F1!?_xTWE$=`?dNI;!Qr~pwIEw05)u_1!NbT z3XF3u<|Kt%<8vBVbJxGT#Gg)JJ!hHZ@RKf8C`c|BY&G|3NkD2%m4a+J+*IqY2`Le4&DisuHpG=4vQsRbvcd)o}Qv zQ`|Mov@NzkGAmo_T?zO93acGx{=;g{uczeE(^e{fe@55+a#o>Hgz415dSQkQDL#SMBZD* zL4@o&*xlTC_%0gGT>?bPJ!56&s%$QYJPw&|eD}m<9A%Pv3d%>M6_^G2-KS-yjWw@^ zhZ}t5`C}f2)fsgr{l`39OY%ubI-Aq~c)>X`>VF^0%!|QF3oUuR(E&CE`Rh)rp-Upt zUCxTX40>2jaC6#Mg*3Aau{NpJk5&5tavEA5c6DWb4yxe)Vlxd7e1rIU;A(jQ&B=_A&K@)oUeodI@i?Y zZO_%T@w+`UX!*V%GtiavY{Me_RBqH{#gV;lOXKe1Q$LEY+dpBeR1{h^C=dJ%NBi*3 z1Wo-lRIcNSiN@c%oAFFlEI)4;I@PvUJ6a)oHo8|)4h)T7;aTw?NHQ?~}JYU$? zVS{y^)JJQ_!J$5N$#wv@cX7?zo=xsS3XA9(2Mcz(kA9QKqt^T5WSOsA)4&e}sx51% zx!;npU+VkCIjfpEZGX)5sfy8x0{$VdwM|pq5X@@s)w_1Q|De~)edzvyt<2rI7g!T- zO`eH?bxrPGs@NM9_~(2H@5ioyomm^l9#IQ;XinKtRYmDhVnAw*bA(Q(DAaa z&%qej-}_u$yFeD;XIX(o_jSZ~rdW!I<1aS<{z!j^eBtkI>u)9(?YZZL`gb4vmj^iS zRxMMR_+as2OC1^J@*(vW8FOR5v9M>KHy~mqxHuKJO76b=sM%`-EsLpkd+QuHc0T`2oNkAa^46y=_GjeH+!X(-^!Db zJ!QH0+H^q|Y-aKhx--&x{im(lO^!luw?}g+39~OSO-Xopam6mVDW%C;mQ-8*N2=v~ z+Q|QU{Y%seUZxFWS2YRyt;x44GWwI;KG50;2lM2F|J&c24;sK+T8`vC`L{s>;c$a9 zn=4C0Ud+!rpU-jsZ;=WQg^gtewT`nPDf$&iZwYH)a{!BHWRP4T*mDO^=8UG|X$n_x!oW&+P*?5n)D;4FYeQ z{cr8vTTD`M9KdnN%DFLXmE~oYnU{G9&6aFlmNTkhQZz*kMVJk7UYb`38?wx18Bx@t zw7jQcf@GyAE_2yUVPO*_Lo92WNb53mDNGlP&Gk}ky|lI8(>YJ)={)>)exLLGKb93E zE8;Yn=rQfeUJnzk&pv6JngaJ#J!i7y(`e?xJ=p}NUOsEzU}PE+h{Nh*TczB5UQ*ZU z9YVb{h^_87pwxNXv!yxYH}4oP{fVFKlZ|_eJ%ZkA4&J1y2EWddXyMLXM_qO1HR+C3 zZk$M5j#fa$o-wp;54s`gw7zh~?jiV02P7hEY-N?FoDph}{PsIVeP}X9&t=wm;fvDi z<|BMVuN~TAqFuWBFkyt~`{c?g2aO=Bd%njuC=E>KcNsT1E{W2aCCR){HCezH_Ehfqx0|Y*v68@e{WLqwCJYEI7W)pYvw?~{luw@4d*6Q9}B|CdR_-^ z&_@+jo^_d>dY43aMbB*%wT{&8q?fnM)wDkwRhW&nnY%H|rZg>M9Iq@1mW0s;4P^7{ zV3*H}sW>D;>gkE-_Q(C2byl9kYcOiz(m6UM^8NH}%QXdDk7LmIs8bUolKYh`? z=XzzmcR*`WXKeGRSgFD!h)*k=T`YUG+)6QjgQMk(5|t%7Z@cMPZxdF(yTr4(It6zL zQ*D`l5M}>pLkEZo5EURQKvaOJ08s&=0z?If>Zd;i0Z{>>0z?If3J?__DnL|#r~pw} zzElCC0z?If3J?__DnL|#r~pv`q5?z(hzbxDASysqfT#db0ips#1&9htR8XRV5*3uF zphN{FDkxDwi3&osyf)W*!sGvmk%UBhZsGvjzB`PRU zL5T`VR8XRV5*3uF{>u_op|!tiJ<5<^=WRVl@~@9F)M1w?x~tg(9#|H^@*D(i|6y!< HG_~{x;6`b` literal 0 HcmV?d00001 diff --git a/Workbooks/Images/Preview/quickview-black.png b/Workbooks/Images/Preview/quickview-black.png new file mode 100644 index 0000000000000000000000000000000000000000..2927cee24a0c113d6718f56dbf03e6edf1adb46f GIT binary patch literal 50337 zcmeFZ2Q-{t*e@zYBqXHhf=EJi5kzz%2%`5o(aY$)4Uq)VqxT-&nCOg}5E5*b~Unjh{Y9pf}Lqt>+OLl5TOn806<+Xu3 z5fORk`R}D3=MqaIqORwPuVl1+Og9i@##B}d_#KFz;LDm%vJyF)ii3vpww0gVMc@>`le(I;G*?TKKk~Ri`I+F zEa%TeMC5Yy<;{!6@9Q6FFB%?7R^m7dz-G<*~YAK4kg-q zmJo{z8DnLbgZYF zU~=curqUkWCFG(;T-2IfGBv7?coW;r@k#?^%*n-}kp=+VYU<&w4EvO}-a8P~P`$f> zHWYJ0%IdGt*| zCNJAj5jnAZIps89ddfYNVu5l_OuaR%hogsAw3Ix>cJTv$1V8V+f@|gTiGox~SoQ}2 zP;-CUKD8Zmv+-H?Vx5g@3e#xP(add6Nrw%E!!XqGpGCnRKBrpUbNSzdRkW*H(=7y( zd)$+i5n|Y%#Yqwr=QAdEIkhmam@MH_X3b#&QCd;Gfm6}EwwiI%-u|F5-1_1>g7odH z&&D>dn;R;txW@7#OsaL8mIqed;hc6aef=+`A3ZcGr5r?#7~rmJk} zJ)t$)r_ApX>h_dU(`zxvYiOj*F>S3V`^oTr9IGDew$eXZ44{iGPjQt(TRHK{^}ilA zjNQBsT$R&D*qfi6(DmUcpLMb~K=XaPK;h$VdsS^2OT%&9 z1~ysjcE*`T`70tvzf&khi6OM~W*w-tQGNmwIOF9aR=XxoJOa#)Y(wOhK|-nmrmk#m za>q#wEMJP)Z@lGh)CbQ%h-@50!-bZEcfnJKHYySEbNtS*ja`1lK1re8sMW$}*CMq? zn#cQQjT63)^-RV_zy~$o6itzqkmH?$pA9%>G+;}2^hu_cyLIo4%z)$yK*`MGXh+B1e!(igtZ| z$#mfgZLFPF5vk2bTK~$bLrm;JBh$I81f8Bd{c2OaTc4tsWlY*Mky_Uok>3)odp*~k zua+~v5_o0Ipz!!vk3-m>XPgG%5u00(R@4dy8;g!_m@#SAamD!i2OeJW<_cF|hm@ut z{1&%DJCy(CzoA5LXFNXopunL_13R5ifK6CPbfjrsW=Av27k>5pe0(-t8Hh>!^7%n2 zH{NmJc-lmJ{IQ(rGN0p#HiX{YU5fK-CG%Z94Uo>y{>KuM&tILL>?OttD({)XMx8vz z%GG|bi?omF7ijzP{a|McjGJhLm}is=VY~O1m@CYd7sL7+<-dUoc^FnWdIGp9&1N+mb#;!e$h_$5@D(5z8 zfECw4nt@?$r9R1^eu3N$e{Xemr@2)cSSDM^vz@8C{yoT>!+%|TK*_M+;bI+m+GqVb z&DjEoF*Dxu!<7@e*?2ia!0$lQ@4bNesyoo{K6DXMh82R%C9|KMtVtp@se-&J>RAIx z>F6pJ^j7SKL(P-2?&SU~U3S%GHkn*!XvI~ywhw?HV+xfr2}!?wnf*iUf946LAG}Gg z*YE3LfPHA{D4fJrMKm^oy@KM4d~ZZ1j$%lOGj6;C&z(T>Bx8G8TOVLgX990kM|^Q& ziO2?JTGWqWQcbhUQ&V=M{LN+)PAz|kAAQ{sHG-e(!#jC2!5MLYf1VOg6*}d~vj%;p z)1|bF)F=kkb(AnYW5eP3~!LG@dT7n^(Qf7}6kTNnNSNx_I z(-7$DrGf-j0P-`1shjjlHnW3CpIu3P|3iL!_VaP+$uV5Dx{^<>achP`J_HXhpxk>? zMlJD7si3IXz7Kj6E%_Gw966anNT@Yq8=v4137B?(IP#dD6 z>51kqf5`#T>&7Y3&+946KSy#JgH zhi+k$yL#$FD)1%ino!3a`>K>xpFSpcU?6e`!N@f}7(m`@5f2h|nambE_@ur;wr+T0 z*0wvq%ls%BmoK^~ncQ%hgWwlsm%AGe5hFp)JG3@k?k5McL5@9v;uuUDPBVMhXnND4 zp|LctzUS)sdXsy;WC@kjFL>zA9=aFC-gT3@x2N^!Z9&8#ZPMsF7B{+skp;BZxTj*3 z7hO;<=}3hPhXkKHfJZ&tl@XKyZW>RPIBiiNiFU58v-eLE4U;fL`CMT`=>^s(|N62{ zx^6d1!e>IsEwKPrmziHNusJDdOtry%Rt7l<7^zJjqG!p3ejT}=jwI^5b$}RseQ1+m zqDWX>$^hW=6+R72W?5{LbwlEG)AxHq$4ZOgXDhNi^@c6?jj|e=$8e(9EETk7AKTth)|8#tu#K8yDjZWq+%7pJ#?EbzJ zp6*fFyy2sgzSo#f(pbv}%nQW-q>MH)tM4i)zSRs??}oJ(BSd?K3Nl1%8;bi5<1Ena z^%hc0TPMbrtK{8yFMTT#cE_1CtMhdn3dq#|ly}o{)=B#<&cv;bSIbofyR}i;djjn* zS)yB(mus>$!8*g~rfcioNXp0x`EG~kvNl-22qy69t4le>_OiiMV0T$ckkO~+eA_n) zXI@b+h5dAaha65L0m~aZTHC3w3bk*N8V>C0OdFeP-|g&NDl3S5kAmyzgLxyQ()0=! z==P-R`#CF7y*m+4nbhR7tEvQ!ZFj}`5`6%PYy-wcR(rFEtGyMyUviA$Dtf00H%yy@ zzZ5z=;{@}Dgwh?t3v^!FW2_65kdV(i7L?{V=%(h+pX>DQjss2{REF4cd_uUAAg`j` z7U$mj^(Jx}4jwc6RzuZPLf9eK`@E-o?M|MJ9verXd18@NMron~xLirsJD!&`Tf`*1 z#v&9{Azo|U7OVY1!*yl>THn2~NNab}ZZiEQhANrX{#IEnSAHeq;U$I8H!p`#|X$!CSETM^~ig6X!kYV+xQDWUVE7NQo zS%6*K^GX-B^!An>gqR+kQ8ejtuA+R1l*Z1zN{y5eb4UJUHiaH`UyJYnKLvWK=LPYS zR;hlBoVwBTyX~qIjbQ_$5yu>s_VGPaPsFWkcNFB8hkHsICr0GHZLmE9y_?D^)c1AP zCKG8h{i3pRE8~h=OyUUJJlNMjPIR&<_F)w1#(vzTT`qy34B;{eq+*P^;0#IsR{J+Z z=)}@z=Ucfh>m&>Yu`mD3x=6XF8KV?%!ah=R`b1L1q?4DRpeE5*2d}HIeY!43n=%wR zUFsuSZ5|o|pKI;T5Or?QcQ3}7mgdkVt!3v$Kw%}d6l>FMTi_)m)WgVtKHi8O;>>hf}ma( zth16<%nmdoFUI%gm_NRb5w(+gGRs|4_mda{ygjEiot|fq@MIb`YCHhY%^lG_Bjslr z-IuZI#m=_K_L!}kg9Ra@JlYBJ2YNjIeCL1_71&z*PP`+b&(A#hL-na`@SM?$S6K~394yEUD981u?p+51Zu8N+#F~YmM=AJ zJ{4rTqh^g9X1J^^Su1Z~SM{7Hr?^ohsW|$aX&}nhlaao!@b^-I_GzI)Le^0@Q= zFlRUP5W}|=U_4qsD%`9oz8I89HRm2FzvSum6@PNV8}GDgpPn%ao$0KCPkknYgpwWM zp^oq|<9d+zq?byx;|#&CTUu9Cum01SqWk}tJ$QdbHp*6_#w|&AGR0=II&v!=pn|`}Lqh_)gF|J%2!|XVaEk%>(V&n~8I^y(4vd$T)iE#F%!G z*CDV}tMKEcOcp=O&rQ4+{ahZdhR}Y1mX}Kym<>r2pFIIYg3~MugT{1H=BdDaFpi;P zPiupE>&p4k4%7xU{Y9q^*UYKAi#83DCJHM?Jbwq09$js@ZGo_$cl2hZtI{OpV#Z&- zxLDARFf%g-mr6vHC4wA%YT(?gBVTgu+UA%IAGKZVd%+t(95@EG7x_E@x#*akE*et$XP# z_O6iVzwj=_Zl?cGG3l%d-cSCrG6Ov~>bfTD9Wx|I{yx0lP*#`A4r}oAv0UCi@6kVk zCR}{@|1zud@h>GMVZ!(4PG@3TRc|(sp119>x=}lO?O#oKft8PD0)PGtM2n2A3?Iz{ zx8_7%yj`S=uB&Xw^=#j~!rmSNNP#eF{CUev$N zpWc>AVm@BAXn?tIe~y3_Od=MAt~3yt?$(=^uNWIn{z&U-*UQp9g)W@n5s^n)zyl?f36l-| zw;>*Ny{KQgZ64M5k<`#JrWP}fM@WBi}$mo8&jGu+@uN)uAzJLY2)Eb@EupDvv*E~4N0A=eH5bfK3~ z=N$)LlNAIG{y4d?cE1Du=dhFCnpnDX6%LTSSbAp|vJz`p<(A~>E5tiyVhvv8HR6|= zHu($b`@gCPikR`?3kVbS^5CcR`oNz~L31Cdm#M@Esc^q1X%2ti-Gg5uvimFsix<}9Y)QqKtiAlc2v1^24Kp5i6}in;ZH8h659s2;|Q%;%H$ zHAI`dqi;jwJ}dDxYVbq_ZEp_!tCsgS|M?_u>}KrjJm^6-}WeLi}|1t`C$NU`uK`~V3FHmU= z`z7B4SIW7z1V~U(!%2*ONNaZ&n5S6no=q!SMp9PjsY|h>f7NS$$}ho~7qp9fsIu>e zz-#B!c+Zdi&L*FB0%sl}!qugJm@04d!F&3H=jKeMaG2VtIV-9yX=Gp`?X~%sU8_Md zIE{~reTY9|uuDSow{`N%lMVdzR zf`rlaLOefTYyfZ&6qw6whOv^0$I=tvdXjOP~arK1tQy_F;9HB9ZQ#%SCl1wqiX zHcEhaU^FKiV5|0xVUN+P^Z39IcL1Lyw)G0V$yoNMQ@%t_SyIJ*Z!uPilMuO~PPW<` zl*`B{@NYHbR;YudU`T(3q#q$f0&)LzV5f#M7()f zP>kR}CoViHEBc1L`}S{{XeQ4L%q9YuqWweQJgyiUrE|2zxpbYIW>um8f!jx!H0S1# zOSjSuu%a*%axHdOZ}BC<>I2hw`P{^XTOf*AY`MMo!|oy~^wl~yt~F2p2@FU7lfZD- z^CD1scTc2IOtA!-Q==s|L6`918t1kY*3cp82^X%Q5_(!`YZ9m$Jdx3t1WrSFb8d?^ zhy1fycAq4aHqXzpbV|;$dVfSvtnmV;zrU5E5A1% zPZKhKrF-f_al-ma%RbjQmxIp)%0uywzT$)SOH_23v3P^P9@%(fb1>_L+A*z<+k(x)P| z40}+Kpj`W{we?lSYbc82Ng4o*4ll0$ZVv=v{9l z)l3s&F<76n=6-LV@XuJgwX+~oi6eE(vKu^~*uS)iC|iZMbM zM=)w}|0!Iu9{xMH9GqQw47-1^%Kv+8vHq)>`!6EP|AD*5|CUImrWD57zcVRoUTN-& z>MM86+pLy}MUL-!t|~P5{RP+~5x%a*@@9;>PG$vq(Y+&_V3=BtQmrd%iu-QSmvrElfK@^X75lMJ5WZA8f~JOgR6VhRQCW;Ka0c^iURQ|~8M%m2NDhnFr`qzp5=?oL{ z>?NdgqkC_+%yA1Xt(f~|Vk6Ufc<)XnM#rgc-eBRhG&;kqG&`6O5918e#K;ieSpB#w zh{smfi$rB2J96`P!WVLdnES)~c3NOqV$oWI41VG(S(^oONoPtYmpu3b&HryW&ZYCe zSZ&7tY{Ow88+FOGZ@=FJ6Se;D6TIhZ8m;yz;8bQb@86o4n5B-}j|^cI#)T&kOx>yq zArQ#jU)eUJ=NC5-gD{ou$gdL;K<%R_gX9vmLArc}YfbRKal_yup{K#&E#{(PscB~z z!?j!5zk_z`Cesylj}=Tju_nXN)6C0YfK9R$aOF6Qv}MpK?=PcsKaBrB6yw;^vvfll zr?EA26EA32j%cr3@kZ9rMAj$ksfhDd}V|I!#=H5H8NtCWAMSX+nc+E`D!t0?!>ht&!0lhrwT z8Ux7Elg?Ag)qJs|$EBVBn!OZq96JuR3vImLnj}GPFK=Ijv-4)c6#xhv5HxU}R{k8y zqnC8}Xjr?H_2s$L*-^nlApUC`{>;DmOBsRId?uhf<*w5CBju_+iY5e;x#zLPj^jao z4Jh>=L(a?*=!(mP6!N~P$7^BoTQ!8h$5;6N@F(Sx%<<6M1%alf@%ehDrsf2rWz&!{ z7b{ue1x8;UBXBYf)}QVKE~=vh3OW3^_djiJxF>>g$q5XPKzn$_8#TB)jK_s0cZyEP zueLijCpVdAol+y?0||xwe#uO&H{_7{f$z$NRQ^9yhV?%g>i<>ETe{aLf^%+#5}4@J z6zs4U%f;HeH%CAH`4?`v^)FmrsNN&z|LgDD2QvpJ`VYjYd`wE}{>kGh zEdB!(KlD*H>LFU=^R?;4w^8jC<)rg4FWBF~dhEWl$k$u9Y3FvF%-TG;!DUdAHgWV% zNnUummv_8ptlhrL-p1ojLD68{zaPAy``3He4x>-^Vx~tA?lSSeF=}wCJ0}gMR=z&; z+tA3M?m5tW&NZLo-%9S)@-zE`Fo7T$p4Wxc6Z9DcLloy^84x0WXaUcREiA;FHis0v zao4BDb4J$@n4c4jHe?+CiEl6h8%`3J{2{@Yd;H$$+Ys?_-zTit!Nk1B($721U+kKu z@%|XGTl{eaH~?yXc3}0mrNqh zMOqoHq3=iDW6Hh1FE%04mThv}RihV|EFDjLdRxtAgoIKYnPW$*(8!!8s!j9bLSyx6 z>|H<4srE~Q|3-;-FvQ%;b-MqkqsldtsHfX?cl7DM*tUNwjP&@2xQLNf{!eNphq_*^ z#VHgl17Vj+)_0qk$8jGv=!i_W4KCl;$_e*dYE$>W_D=YZYplIEGusnJmTT#$&+Xj< zy-n;09qiOHHrh5b@g_;g8O&Ceogv%R%h!iIEgz!ioXhbON$ zNiqYwtG5InoXH`ij>M?8Fgo7py#-V2;2i-rUF@@U|AAK$HI_{y$z87@{llS^_x4wd zH?`lM@&3wD(-xEpNG9s>!Zy-DXDsF+r`*0uX3P>5Po8^>A3YY>ezYMg;A#4CGqy=3 zDTj?IhqYU;(#FCRo*f+YHBkIGhB-#{#><;8z7O)u|MDDtg>X3JAj`pied*1*E<8-8 zJqvulDf(2w8`e8!pg~48od*^*`E5#JE4iyPh7^s)g2k|K;(G^6h*f*^mOQeJ;5|l< zxRP)kS0zqhK*2?`MJ}7>N@#a0+mOS#jAm>Ab>p4|MfBs(WDj8R{!Z|0J*FY&vszge z3aK(8Y#GXPV*K68;ym`a(*NTo)8^UJ(lY}${4$;2f^g6flH41K1!VIur<-SbfJKk6 zxNn4Aok+g6S2Ohl489w+++stwxzu*!0w8m<+ev2!kju-h^BM)#3gsv~2+WkHXWO%2 zSy+kS#iK}&BNO0sVbjHpMqnpZ`s~!N9^=L{q z98y45xgy)+Lf$Yq8BAeqHd%to>ySrYF^_bnXU+SA_j;2*)95IEva}<^yke6LkDIv< zIs!umHy7KU4{@IhCt=)k2}VXWTnP3%8*!-9KCuZuOUQfjeDkyO>fD59@X9xYr{%Au zKF^gjJp-P%KpgjQAPA!rN=lK%BdMaw`|_rsUpo{lHBp)BmlU9j$KdSZLn4H4O$^L z@t7K#*&ni+Umr-BKnc|JH#7`7H2~%vYbJ>PF8w-KaTuqaXd93m#aNn_lUZ(5G!4SG zf|7sgrJP{x@j>miEAOoTU~WJQLCKqRcwqF|0oSy9^bTYHhM#_)P59tC=lrAjNVSB7 z$lF(f0J?#qXUNJe&s#P%2P!R{7Fm9>0^H16d|H5?18gw8e6zd@$7eO z4nsFvw|{$z?vCp&JI|GXzBLduP&%3w%dOMF`}xoVWJoz zX*Vj!ee#6;txa%5Ky$fPU_K#Q$7Ki%&8Dud1+A<+Ken8Z@Do*|f4XQDjdcw^JDL|e z_}THClY5pAj-6kJQ1ok1OU2|(?dW*x8KK$d3NE?wah^un`E5f^JSRl5_UEtYt;ek% zabNOK_4btdDl3Lzn6EhtsHeuWY2;wNMhvD4@X)Agshb)Z1H{uoGJ0rV^d*U^WQu!& zQf(h>)_%#z`JDvGdbFh61n znyLku%p=YclRpNQo@^?{i!cTJb_R?+TD3t6*GNq)x3?(SP*>_jV`{v>VfueFBws|KmTP z&H4sv?1-rwpF&HHmOCp6&$@yK$Gwj+Jp!JX!R6zD3JNT@i~w~>hE4Zc^5BWiL|!@O z)UoQ!)gaO7Y$|OUpW{4U1T+HeE}8g2ONzf&qQF~HCIu9c*rzh?qdM(=ry6n|$ExcT zT^y)%S_zTLX`5fNX`(0TEYND%wu$yu1frF+n99QZckNCq_shd>6`fR2;2G&eQ?deb zZU$6`uOsd~b^R>l$ay--bzCu82QBR+2Q@y+;>)sK2=K)IRzGaQ^0bj=?BuVgL3LC1 z848{NG9f!D0TsoBGQHS1e&~p?RS?uvza0=PY*LPQ>Kn=6y76@AJ{DQ8ky37pF@YXZ z@U7QONJKQN&S#CvUOG8{{O4<4h%rvB!`Z#B*+$J;2Rx6&c2TepVKW`(@m%dZa@?j{CWSy74A9$_iQeu-M8@Mj%Y zNjUaS+&dJ{Z9khyzm(oMBNS*K6?kYQ)=f)U0LaP$`){g^x!*XnU4cF)ZALxERw`?E z2SKXU=B@6_@Trcr!UEo^Tp3V=&)nPZ2kFsi+4MDJ?cj&7hPyp+$4)yC&#lN6{cSVo zVd?6@_q}hNZ%l1-G%nflirRHFDjfVAyKdqXIKK;gl;af)#bZODGY4(isYj{RQ41Yn z%;N&E_6k6q5_|z(!F72+y)DAfq?n&y&ko-!qJ;PUd~HUmY}a7q=(hQ9!A6xul4MSt zx2xf)S00YbHB?gy`NfE-?Faq39)NoYx$ppG+;_~bp$vC`$1ZO%NZ0JNl5Yxfn!?pw zNCH-920zRB#%BK0k6&>F$d6+JVjrnkOpwr+A8#0X*hMIfpUYRf`+QT_9 z7^Sw4OG@zAVil{MIMVgS5;Jo-Z3wo0%`5MQ1(_a_*x0R~ia=rP{+qIaI`Uf9F4EmWOCx^;Xl?Af&zw!dF(4d4)d1}kT(;pHz4I}=?Vwm7aK}le5=oB z@jwLbwJ7d**b-|>T?Xve%G145;-3T3I0T@xXSUxE_Pf1`y8&+lV17GSJn5gy3L63H zj=1d{uJgOlpXPo*=Jf?l8KoRn@zHo{{>h=faIL)$+!+@czn4^GO|5!`(77{c0`6?x zv7IJJW&3(;<)fmk>7ch^)pMvXpHiPQyR9U z+qgzHvZif3=^m$)mg!fuG~~&T%dD;V0%K4=aX_-*^P3ytqu&qH#XRw!%EwBh{o4kn z5X*YC>J&@Hg~e=#x>Mfre=sQ?^O@Xp4~E2z84GBbT6Ar;X7b@@FBF362A^z}H|J!5 znTxsg4q3hJ@j06#`Q(^)nvUf5_{xCRvoMj~r9QUw55Oo3OHFUkX>Si{s!I|nb9&Ja zKpI)VL3y$1NF6{t_rz2%>>c^&BjqQrIqnH2)UfAHA-`mUDn}eg*?tOx-Y@Jq!v)l? zt|v4z4QcLueJbT1h$=6%U>?18NcGOTLoWr-DSs$mJB+My=KKxQ8n?#TApL&GfVN{* zNf`p_B~Njk$7iOC0#-FUY4O#v!CE;ZkM!zwlCf#B-WYj8)N`xTJ3m`lR1Xr%FZl-4 zT<$LxNG$EXSf0Tgq$tcd2>%xOzSagi>bC&FLLJW{Mg4b73_X5n9q-i<`?(ladloU} zij=?58s8d4$TawpI@P@Qf@sK~#5HO*ZzM;UYMoy04wZ4IEDNJnQ-=?1l}mr4_xVLG zfy;P>hPchr=7{j~Blj^DhNl!K_R{xO{HGkD_&E(y@kZ0gv#-(&QGTIY+gEYe%9?|3 ziT?YudfhgC2pF)N*Z{h^tg3X>c{>Y-lc}3(FclE7vM+#_eaM+--dOi*I$BV!bwug< zlfSr=CHQvNHY5>LLIbBl_AnpX&Eq%Z2u7fQG*WbpCQf31Zmdw$r$<}m>_^&h%YHx> zKIaYCM5lz@tN~Rv@&=^u03fz4@><;-m-CL%#e>%UwsPdZ&8ZxhA#O+G5SECE_7Jyh zY}N{dZBtf2=v4SvrKcUJ`CSvV`>k2@{xbvbtDwpsL7dNGGG3ePY$Y9UGb{?MesEYu zS3|A{nyuu*_8!6}NYcc{a1jCrQ{_|77#*wLuv99+7rz@e*oV7-Bt8@hQu@neFCm z*%KzyFE1_pW^;*3m-zfnMnSzsvhOZ6f(lg>AY;z*rey%M+*bo(US5F#)QErS6R{-x*H#nR(!eb44cGv0Huu0!BvlPMYO`_dI|@tA=#_fE(tfzw~Vxm7MTS zRlsY=Q8Zec<2pIqbb;n^)a3On{4b;4 z86YLjrT}wIWr$I4W2lVc%qpNhAa_H2FLBo8?x5;rqFbCsYVA8<-gca-r_c%p|424% zVqJkqyG}MT2T(?VM@(dsq*u>D{m=INY`=my(MdUW3Mmf|mWdQM=O72|FwKlUf7I*; z|9wR8Wr?g*)_Dy+4s=}zwAryf+s7@Kde7kUYXB?Py6j2RBd_65Vl}RH^ksi?)vk_g z0+}WKNZ@Q;2immC1Uf4I*wqt?lPx_T#2j_t{gUWsmX7zzBY}zS7$pfY9 z!G?sIo|6h^wIEBHZ^O3X=QOk6*UEN3ZCKYwom0aWuM=`dz+oFyRlg+c8pECup&-r5 znP>3lc&tL(1c|Sh=jKqUpPS}KV~i(}PXf4@rnU4tK8e}HMf9RPAvYLpj4L9As!i<0 z%CB)-1ok9n?V{Th4sk5XS=~HiM|f&Q1SD|_Dw1CB6UG~xS+Rp_gQMF0rGpBouBjK} zn626OnD4Wz5MS{>FZ#TN?#Vh{0ta}~OX?)ZQj~8OW+CZ(OUaA5hmi6_IjHFzPo3&wD9@#k%aP04t$16U{bgRtw1BOqF|Lzx zVxB-cUWiDufRz6sz(+461Z(IOYciy6Z9{)p@O2>`Z&q}-=js$$d8FpX#;YImNfrIy zjSHjdB7sz8ldQm`lcrW2Y+h#s*o|H$978r;tffu+a=1H6Irj_VQ?b>0+X^!D zDq2OO5~mM_KlcV}TE8l(PcZHRJg_Ws+v93zKOO$)w@LFv z0}EuhTiBJU=uR#r?8Ms2+e$!Jty;`bMHp zoCiOyO?i{nVb*U0A0h)-DOw#AN9tuiljFb<;kHk{a#ud977GHt|$%^a4a8*h;MZdy3&kJ51&YQf9b zxpw&+pbc|3up*mQHiYx#wXYdcnr+Ir_lDbOI;mbvO*+M@%SHVf{XU--ThnljkK^_tvB|T1|y^gSfK`=VasS3U!#}_WOq!Q^<9v;b+hVn&FX* zADkiuHLVxt9|-WdW3J!Mq?|?axa8|onY=U2?RV=V48EKgiixjxsz{rDo_hL1P6xL& zh8o{22SKH;h$br9&?c!R+3(HM*hLafcynnq<*aZXuB&_MieXRN2a)Uxa>T}ceu%0+Jvjw(Bb6PobF*IZF8%A z=yY9om2h-&2ab8Tca`3{oW$9JERou-6F@k$>Xd^?-veLvKt;8)3k&P5TfC1Vbu%hR zcc|2>P+3s~^ukd{+zzq#rY$$w_~peNtGVG(_MJGoL+zt^Q*=FBwUGD5+k=?Q!b~r- zh%9EV#q@zs$_UY;QU|pvW84!|DaBs&>g;4g)G-uB*Bxmp#|Q!c090n6e{m`uSb3F2 zM6dd7QFJ?$^AZG8$T^qjc*+CVx^EH0r#qL^Uv17BRMTht%jXyBWSW}m;G4@qGlzU> zvpBAZM}{zb>dTC0X1Z@xLVeV^BBc`(3aoeNhdzVq`vUk zmF^B?jUgZrhYCb`w^!Y&ISsPn+(Q*!()Es0C(c=|Ox@&4=&dhAlKYFb28n2xDtu@Z z)Z9@n;`m~c{p`8I*lZh(9S4KXtox@Tz_g67K@DefG`C4brn52qQ!%-nM?ePlvFAR} z{P%6c%DCh8{HqB2*Lr(1TDpl8^wvwib8_=YM_M*yxY3`DcQ0{gZE{g6T zIlPran#eSD#&`_-q=Xw1Aa!KrSxKFIuc}s#i24?UW`iO%Efnlbt5eYad%>=NcGq9y zP6-p@&M5}fLRQn_jz@VZ`PK}v-)7rHR^BzJfSL@9#uP@Qd(w8@r5I}?fhEg3R{aJQ z8=ZMd#^}HRtR0h0k-lDq30REl?MKR-6{fI)uP)#PJ}xaxx%&a(^jmq!=xtW26|S=u z&?b-M=gL!R z!VtUHx!%2}A881fF(2^%eW-+(mN7dlv;`kbuK=+H7<0Ae_R9IdF9+%E)vwR~D0bJ6 zP!0cirvoj_hB%JBbkC&StK%8ljWemW!oD2v-?_ECL7};y{<09jnlz~=R+M3~i_gO} zUX=K%hW&?wL+3G=b$eLZ_do-io>Q%Ig^$@LnI&y*F09$0`$41qE01(=4uM?$NK5-%xUNiuic!&;t{r_qqz&0;r0M`rj6(>J zP^aEnKt08Jt`RQBLfJJ5na?zIftPBQ<^QC=3Sl?;b))#}u3h#(!BfR6st0K87jZp$ z6$WGzYtnf3AJ033#nmS5f*cEvJiH@gzJK?S^PH(1BlaYwEz;VaCO6FesT^5{RJ(ey zg-@@$XCEHShT5;Y2;zwZ6Rn5t{w>`RB>q2BFER8Qrh50w&l5KG1*jx)d=%g~bNsWo zuJxxnMz&OmR8qT}flSERH`v54-k830-CN$aL#LH;Xi7~|(yOVo;!R;Q+5S3ICq3tL z8IRYF>-wF%BPq$U5@lRe+QUNPP_Dt&t5V+-#l(K81%mRE;u*?s?;)jh>|$0h48@lI z6JjY3nLxU+XPmDCyZJS1#nt~%%tT&5DcsJ3hySHDx7OzBx>71_-e+Z#U9kfDcV@dH zooba_VYVY19?KAex7shz#8N*BHI&}?>tXF~qzgWL^$k%*Ov_f#0Wo3@i3x}Ap4KTr zpZqjcXO@YGQXZbx3HKtVi;mng&G{X-qvZQUE8M&B%EivSEt1~k)1CXYF2+>Pa+qW( z@vD?_hhNE5yFR_LD(dE1&(!vM^AuPO7aw0**ayu z9gKBN-}NPU5Lv-%ihOS+m8fG%J{6*K#Nngea<{V1M&fF0W@Q&^+NLh6#Y-yb#Yp+( zu~y0MwrZF~d+AnT_nA&n%d&ft8O#8Ynf*p%B`ieO=gxEj5lzs6Bxl9k#u-$9L;dIWKM6tvc=dh z(i+UJ8Eu5QG1TE2hlz6ZD$*Fv{PO9n2VQoy_!kEVq$#wM!gQhn;uYr8{U&pQTy7g2 zX(9fBdGr1m+DY|N*2cqgdD?~&mbPjc?3+HxXMFG8NDDyOxtuqqt9bOkv~`sGcbPz{YB{jI~}k7v9u zL4#jyxC?s~qcvhA^fI1#v7g^+;7tJ;zuQ@SnS(#nYbxRwM|Clm=Q_2c8e?(ik6zQK zN*}gNJ^BS=ETvNOT9`M|+_Io!bmoapFx_3;AH&8FB^!&eT!>n%z6!%qwT;8f{6s!0 zrdHTmxsa8gG|0()AX(=8HbWnU2+~AqYHJo;ZaAC~!i>2Z(if+$qWsGye2;gH{Htf_ z0+9}C$y_s96)m?))5W~L9wP)b+y#L3zok3vxFKpwQD&r-&zO`;-Ap6Pr$`Gbw14DS zavhYq(mT{^rzfyr{ytB%yKK~+SQ&CC)M^^1azzJ4&NwFNKeFr6=m!wcFWAg3T#D8f zV#w;=J>LH`z6Qjh=`!HDw63IE2(=FdZ1xk%A|Gkar<~3c7D~&jvNbxIU7zF#FDBbq z*Wxs+v_DWy+8h_gJXQzfwKHh8|5F_lc}4bS%ERn8BS&*OuyDf`r|gyK(c*X@^7aAP z%d4*%vX^MDcI7}oF@Z#zfou`A0qyyIewTOFgDfne$}GaK2>EM#a(hN;*PTndQBRe~ zG=+f2Rbf|fzx-Zt{fUv(ahloa*8D61%f5zuVu|@`Z}XT#%d}hE(CmB|X-0a-PjO$N z>LDS^DRoL|DJAO!-QU={!*ZWfXE?%u-oLNHFLQXQm{jL`z8&ehB`kTSO=&N?p*Ywt zeC#NPWOB4V{(d3P+uDmvp(Ikar;B}bGukd9V@T}}MG@0pZHbgg$-?M8s;L@#hMP%L z9B7X2ryZ`)Cz>qd-8vj+wpAk=b{9|NO@50%V5}+V%iUy3&L9xt9Yon8w4v|Hj>W$2IkR{hoFO zDHb{c3L;H<@1lYT(jk-xQF^b2UKFKBRV4Hxy@U{I0)!$8p%ZFC??nh5Lg?J+_xJps zXJ+oq>(0Hexqr<02goa&bM`v>?7cs0uk~JAon3@eU#QpS6G~QDL%U2GsC~vP2adAb zL}=c!l|evRE~RwuMOeE5f0GdEi=~`*o83*J`ba=$!-I;k(D)@==O#BbL}&kq^2BJ9 z$p|1nm`Fc5NEveaCu#h>s8p%!%Wbq}t1=~)<)*v7ePZn)_d&k5@|Xvgfa*kN8?l=kl>R zt+s*=VM4Z~e7YMI-A6m@37foXOey=F>-g>;lU#Rm41YlD08siWZ`!MM*1W&q=E39p z(!A%Q95sY{Gw*Yqg8hb_R5ZT)01t?@KEK(vlUn=j`FXZsHCCQ;>;&*kg<(zW&zaI% zn;)P%Xk}zy4z7W6`9|hJQNG2q^EV?w?=P*PjOwf|_nfhCnp_Tsu7mQF$7&`roNxT| zpZCzsq&K3R-jJ=mQlAqv@~v%t>`E&Yb)oNAR|R{XhReaWU@>=(POm317j)jC#)!`d zCD8!jH=#C`%dzsR~;NWWYi%X_~2l$MT;_dK1Z zm8yc?IN#xocC}FMf?l5ZZytU8or0~!eWUw<4^rws*)Q8kaszla7l6llv&$rz{}4OU zwK}K!JR0y!c`VLeOM?5K8|dvnsQZ>StD89(zYiSx#gCUhD) zZH^y(8TU9bMbfI~3qP+Y6TLdxob6@@`JeZTe&f|@mC292)LT~21t#yG&s<_gg3h~k zUaaFYsHnsEqMa{LKGc0_-Hz>{YBV`+A67Jp6)eFoH0IF0mXGJ-0rcYb-#xSV$Go?q zeP2;zik>XgNj$>yeh z`(t{9cZK@O%yHt|%kx#gJy0bn^>DQ{9%|0k&PuNI`#z3}SFc^;Et{5#{cwMt#yP<_ zF_6jYlEsIa=L{m|&@m!6&Z?A&KTPdx)U^O$^-nwWN!_G9Nx|r28`@3>kP*?y zV=zi>wI8QOT3Of=_vNev)1hvX1igbv4+9*T_TZy79v_SHPO94FuEq|X9ge%ht_G@7 zz?4S{aU@Z;7O<mVMS9gyFdq7060)^}*JhfN9}ja%kaG~CSN@7r@tY={Ap zKucDENub)Pd_YJO|*27K=gwl!Omk}(Mg7985MGu60kZvta`bp`I;_Lhs`8D?M z7w-jy_j3SlTEF1Sh3cOug^B?p zAx}r;syZVdmU|g`c?b0_{E_@2ecr3Gk5OM=`aTeNdeJ7Hdz0U5k{7l0eqq_{wX;{F z>1L;(&Nzw4laZXO>NmPFuZ!trS?~zWlriji`+jis;8~PX^Xdi%Ej&GY3uQsG`z9(s zic&H^o#qO|b&$h6Mp8N@&az&|e?#DpkbeIye@`9SNV7YmAI*H`5uymm8Ni;AGtzHT zJt%cAs_cv>4!ns@*(e2SM4i;C$eWv@eonEYrf9{DB6qtUp1%o+E~C$okd9!U0)A-t zMN9l(dPVI0Jhku{(E6Tr9Q6F5M%|F<0?*s((IFl^vVDJLz2adA=i;OeZ;En5<&%wG zZlwrc5xv?&&%@m6^VJhMWPmd!;(mQXENPAOHuq9D-+q)> zXO958S=~n?{4gBaQC_p5I~fm`w~P4GUaIP>+t+FmnkE)l%~zl#18^!_Pa z{49Z0>}*%3kMeUwp$&a>!1Zo?TDW#=qjq&E1SO)Q!-~X@E;eorR;!s*U{eG(Gj#Jx z4Rt^fxJu}{435-=SPjiEWCOYMSYD+0jZ3l4B0scTPadEnjMdBxODZ%Uq+}$(i33qA z)9Oh&P=~wmmYy$G{Ga&n(b-`|?K;Q#!D4jETumhhw=WJDj;aM%C(tn>J!U8@lwxi3 zjBuk4;Pa$vF|Ad)V!K_7Xf@wYb8Hd1WuVU}hjvj$Uchy55zK#*UH)W-$zp7a!1M>L z=q9_=%_Gw8T~ESLj(8EB#PKg496 z1P;H-G}%_j9q*`vB}dhmy^b)8EBt*?01}XqrA)RPpU|Y`Bp9Q;=0Qd-Y{;0L+s5^& z9bBVo{IXI^&;sd8koIi4-NY9LT~?%HBBVLevhC|_6|ShP{}Qr5IfHsnC1ZVpO0!6-D~*z*Rl#LAwi!`9^+m@u$rMUsTbeaTf5 zKstxYZi0aB>me33QM^8V827444)(TN2+AQ+$0d2^9|oo{z9cgck8sL+q+pBnc(giP zuUk~D-aM=ss=W`}mTH^ID$-YSy_5DNd=_D4M*>Y&AXOff=(zC(g~UW6QJ;qRb5onP zgUS(d2J7z`?v`x8@&@2LQO|0Nf8U(=7FR~D(zLv{Bk9FMAwXwM^a2U@n-{-HnW?}y!t zu2#^l-+=(FVbwK306Mscyve%EJb|Wg2y@V@P;HNMA^ym)Gl>_{;qarz#y1Udyxv-< z?$s%AkuwSLh9VbEW{eBAO5aUOqO0qZM727YBZnn~)X4s<$XRk4RV`f8u5jHmj~}mi zSGsd%_38jM(es5W`TVdjXSA(rC?{Rmu;>la=X=e&S^14aa`njQXU03Sf+Gzq)E%H? z_0FnAF!8+vB(c_a*hu#zkzxKj^-z159>j39U`96Iq0a5N8iKRDm$r23JgiCE29e%c zemO(fj@d)jVd6*P>YgFNgKWKH-i&F?J)!1Xn~$IqlVPH~JSJJ_f@a=~-yQL)0-fV_%s@61tT_@QYy*)<9S-yO zNV_OdRdanmYOp?Ubj&=Fg&q#(PpktMQs^T#grkS`yqF|( zgo*0S4u$>wgOwP?mZap;39kg6m5%3}Oo=vn=hQqOsTB%%Bc#0`~rF+uCtq~-l z#}mtB=ZJ6`s*QvU0&uqKq9}-6Y;5mrlU2}r>Gq8V49ZSWyj9%G+h4#J zmq*&$wrTu8xR)QlKmt)Rz~kvTXkXvX&gJF6cxz&Q=a4O8y8b~H>hBbZB#c0ZJG^6X z5ABYU6jomYvIDqe=x&kh{QhVc)mO^=Si5ueHGk&Vi$G54l=B~QP{Px_n+}AjP8xX! z99tYf6A-RL#=}4IX6TaU>$VHAG9BNxBN`F)rL_4iL(g-}gkElU@I+9Eth!wt1$>XI zFITlvq2#vIt<#B3wj7qu2RR_J6_rF2?bdIq1i)QvAnT854Q{19Zeug|N2yz}1k=c{ zKfR6SEb)?s1ZHH_64AyQ-$a%k1NJ4+8$oWL@)gC*O8KP?QtA0K3sLkXI{nmVtD--p zyrUul-%l&8i(^w{*NJMUErn%73US_Jm5{(E^f}qiua`ecY5220QzikPMR^aGK1lK8 zR;ry_Eqy`hkB#NEA9r7VSNBtfhHp8~IO6a-!X0lmB;=)3j9A;&Sw7Q=$h=ehk&V8+ zn?1IR@gglI5=@4l53DEKIA)cxuAAdh;eMjrsagZPo0w|YsneZix#-VPTN*vE$Mb8k ziAO_vDVnWfES%eEXELQaTea>7iJt7I1{4)@*lF?I58=aJY`UcpA(|0c!+rIhi1T?- z67S?+MUrND7O+;=e2YL({Las3ZMT3S;f0+;%JJj6hc!pM-KC13%k30|NK zxs`J}+*?F1cIwuBMZYUU6(l02iGr4!he)w!>)(^;naAlWq?LTp^vqk(PF6$O*iHQs zRy&;_ts$@dTM7j3@BsdNn>3tU|6jz)JpHeLy?-Ke#LSWzp=(8hkurB(SJSk^`?X#E zW-)8CQ5w5s^5aQ#dA9}%^6?(S@hO9bg`yr?xnNvL~RW3a=g@O=|9Vca?vmMXvOD3I86 zGBzrjPpbzGcteUu!nk5kuUB7NT@{n)v73gKH(}dw4kefdANX=niAQ+0%_E)xvv(rm zI3j6`?K?>uxW%yyqp&Iw5lO1{J(_-RjSwGel=gNra8~V z>)I_`K<|inZ@oda@N;t;Nlv>*%6s{KLg(?}rd)QX z83F4?H%T(4GnU%JXA#~5W>H+)W*Z$$+PbMzQX7=o6qni-EbLURDuPmtrVujJZl{>9 zt7Yu;$DQD})xD{SZu?U=3$jhZk8IbDOTEwv$Bx#m3Qmab-4hD3Xkb3EQ;|A~h_j*| zsvtdxtN`rtRQ3y%mCw{_|ESEw^yj_)EToPT1L9yF8O$@Yv2obATQs(#$d>aov(WA$ zuxg9A8&8Oief?3z;iwvIFK=G`#xwqs8qRiO#4V-T8GcEng?F2k2;f!b$&PK>>j_IC z`hPH8YHfemASABOg3RM}c8rQcdg-@+^5#rIT9t1mww-#HWe|VCfxtz1IinAx-EZUc z#mZ$T{;1@_&#{(;H8Az8`8nEh=dY}#117DGMRU4qCvCLgelsh1an1QVSX&p&jn>{| z%MvSr)cii@>k#C-1oI4|qL0f=v3Fw#K$ z{Df3)A`d#IUrjiEy$R~uyU1ct_E>X%Lkpl2c1szfsvq7^kC73S5mO z$mRvE?5`mVt(}2C4xZZScZ(vD432c2)Y6NU`RGZ&m!~di#2GyI;hBzO|Ya-VvCl&U^bL|u)g$M6mj0>58+?l zQb6(hB-*o50x%w?hykFfH`Jy-n4;ZC$bUe?R~yG3E&9+TpqHJ$_WM0>hOS~6;Mrx{ z_+w{GdneHce}|`1BNpgWlMW+QEFjrmzo+gLKIY#3qS-K3!V~I=M%6SUKgyhF=T^ON z?k{|?THeI^Y^&Y7)oeLV4Z-aYV(NWIeCf~l^!{5B>1kNWyaBB7t?6#xA?k0>c7n>X z1%=uw%2Jd30+pN$0$zPy=M`>5{h_AodrfqM2F+Pt0W#XW>b`rxV(vw}ws660jAdb$ zg7R01U0P>oO6+prJ-ISWhRDd}sK&%p_=!Kt&fN)JXX(@sRMOz&7cj4I8099&cWAQ+ z$7EorT}7^fC1OHJ6a5YoP0h!rl>;@{DJ_d*Ke53wZ^b~(_UpUxruV^(-r-NhOacT& z_D_Ry4L-%c&wGg3s51)e7X(6HDRaOqRSEL~AEWn%YW|7BjAMOvWVQW5@KG$Qg+n|LX%eMM?c0Gf)~G0<1vz zTj_83?HSg~Ba#mtOwbXN?npn^apy-YVdU{LxvTp>*${?>%BP!QU)Q)ucC}rzM)_2rLD|hZshX6UUK4PxzIk$PsL(W`Io+-06yNyghQDHYI zOVon|qRzfEHwO`N2^SD+EK5*7JGO=(s0Ox{?}*!dDsK=Tgj896h&ik#NNt35EG|Ywti%5{vr@nj=oD$V8MGCsB&3V5lOY}lkWt>95W^eEa)5(@FY`BIIV>HM$*Y!LtR z2u0kU`{YP+g$%rB_Ej5K7@p&W$@PthEi~dyi$!+Sa-Fl(ys;BDJpo6C!7N?HA9o<|P;aFV?L@!8Efd|N4v)ms6`+4vwL zLS29E+n{)rUUDO8zpq?Cb5^G^UdQ{1X=$|fLK3&~RNsrhJmt=g_Be5|@i-~@{lrTv z!8bI521cfy&4ZOu=E)62{5v_~uQFR@LJ}U+en0U1?etPi&sOdQp?#Xv+oKdp75eVrDM+1<>z5 zerHMO+NTV7VMnTl@NF5rV( zN!n}ROjT;}&+1g__J7^L;Ssff$X}m%#|wXVPu^D_psg`VsFDK?Aq1KP@yr@0%o&3OaFj6wNigCHlB`QbIPOKt z62c?qZ3g?OoVwP^a#6(Rv^+-?iPQI8#>D)B#y8QnmJ5B4TPGJ3j$bNX`V&+1-I%?F z^n-N#FK>MP9}q2nxvqasJG1bY&JCXH_ErDGGThj+Zy&#wQb%GFN!|Y=htha~swq(}1;8gfd)8m@aU$J~ zA;+(ykIQ|6VpdI-0K0+uQwafVe>QGhCU7u(V^%rzR9u4imgoTVVB={T0>7$>{g85; zQL9CI+q;iv70ilRk6G#Q3V>2WNSmKhNO9X2pCVtBc%oqdD=*S`IUpr{W%1C%<@nUA zEAv;1-1IlzDZbSaz@djJY5eMx6Re&*-&yVpbTY*4P`z!s&WiDyUNIcE*qU%@SQka` zZtjBX4Y6MG#{}M>QlB8w93K>r^8HW&`?uJ(b4B|7!hk zlly5cGm5)nuFKD~OHSXhs|LM(<~wet=&Bi07gcgHU?2D)RzIboL2P}M4QTwJ5bxWh zy;!lROwM48qsO^#2=;!fHdgk0xgHS@XbhOYb5>^R7(f;S2?8uu1X_Gsw_;rr91c(? zMQ+d=6gn7FW)O2$cRA+A^2qyPX1v1v>Y=hC*Mo%x-$~E-za4$jqU|jO*F0t&Mz!-7l!!ULl@%`YWEQn{)(LFZX!e1~Mnuy#y_bJWD_ zD-gu77ZVxbmHv_J=p=Pfc z-FZ39cGtt&TfBB31dUB(5ejAAyev*k*AsjT&aGpB>=)Cj&dV2rQX+hP;bp1aM1IBd z;!UwOYe&g0@3gmz5R+Kqqj@QRREysYqjh1*4fXzh>2#Tg7}gRm7MOaM?B&3SsUlwAxVW{ zVyrLR@Yqk1WY3ssJC?f~Sz1qq1;-!ZBNwfm3Jyup0`>U{1tNhc;gYFqL^s$X6meRn8!fYP~GxUUWy zCjaHFV6V?QqwPj683b#@jl;Xz;ByC(znWy8e$?Yo3h+xHWeYT%USciK7(cZKjPP5( znOO{gD#!t~jrh5E`Rc8ObmiO2JLOCQ4BSebhCLfHzmF8gZ>|P8K!}W$w4n$`?H(!Y z#coVgoOx`5YzMD^4#X8pGYN}SQ1~0l5lH1 zk6rcc(#L`tKYL24IiP1_Mp+3~)y`cd;R`8EKO1MM?sd~q18Tzr)$}V*pH$^CgfKb3yR7zt#rap7w{O z(+GRWgxMLm-WN|NMn)Zm8%v+7NotxQKBm5mC#Tem&wOefZ+NFm@au4$gaM_1yp!Oz z+>ty|+}O9YR6qpG56q%996kVb*HmfZ^3c&gEmn;n~60^qOziegZoR3x} z)v|;7p=w=4H8}VBn44~M#W5DMjkyMRQbu#B3F}AW2a^Pi!+wKWSk-zUtI{M{nThrl zhVx?NEm4#$c>Bf;$3>-l7BziFxk{`P<7%B5OL5faSu6kB7+i;=oq>2Cm=0QPDlY!< zhD&p(Y_Af@cnW9DMG8-q%Gau#0St@J+ zVw{jkwHPnU8-vVwp#K`JYj^jQ0ZH2(zZ=>KW4oLz#L4$Gl(<|uxiFvP@Hk6w^Ulh4P9Yx)< zu+FVw-Qj@#3F?MTwl*{PgQ-6cFa@EM*C_#qPrji2x>k#k zZ)5UY9l3lPjy#%(X%o0?CGQwM^9rK6!*?yw8bn*MD^dtLK|g76Is)sK)ARyP6IOjU zNzU6J+p^UU&~fI6u~k8&q73EDsp80b+7P6YRF41)>t$d9s3gB1%)cx1z2J~kbTDwo z6SS~UeiJeeI_oO)8Ee?VUIUv78n@Eogar)hj2R%GCo;#Xb0gc<>$I*K_0vxmJ~s&{ zS|3Mf79HGeo0sD02H7JGodlxuJM1BEwAiRCbxnclpCV>{+AF=u*s1V8m)v(dztKj&Q*7npKH!?IQhcRJCnASLjA7$X##;gQ-GQbSVQCaC!`a6|S5{uSnGSt1>%`UJWn-;!|)RD#b>U{>FCAP+FMJ7|Enh z>zeu@;?FTAMfec@;c^G{YI~kjZ*3X(k;30hgZ#jkPW~pp6F&&oEd`_Ex3HWWi($Dr zD*Pj_r|MvSr{{rw&t)U29Egh1P2;h)n5LK!-IXWJ1W+f(jL|;Z(`g9MA$uGo2Ij$&I%bzAARaHjx760Q4|uxbZ%1Ro>;x>0k!MDm&#o?Q_!ThzY{SlG zl3q;iAG$@LK zR_h88OsE+O0;(3~AMGwi@voD7#E;~K(3+eaC5sN>6Jf&}-3g?o=9wVR>^^)LHTt!t zxucgvT8QG4%z-UrGxgb?L<-eYrt^idJ^xrD$AuK)@@gcwo)!6Vv3Dx2>Qu|;gh({%DZwl_8D8TRneyoHio6Z?axeZbATX-xlYP`%gdl^bl^ zx;~Dt03md`u+|29dr=&3V?b_uzdM*{a-3n~2yG~q|DCZBb97RFMrBgkrT_TPVxTtP zWI~_W**QFK%u9@Szko+ys9FdE@f}bh%>(oK-2g^XFRx;)JREV``B&L(&Ey|=ARl{v z!`LB0Kh?9K$trmG&iuPj21Ei3*xu&deVe+@L$hOvo25)IZS)oX=sTiU8Z``3BZ?0SGSsg zs9Rkkf&4XT{vid-Iy}CjrH08dQJ0|Nz(AtpwzW6Lv#<)p2JjpBJBP=*S|D! znwT|xT-P<^S1nYi%f(r&kcGMT@K681?o!Sxj9d}_)C_mkO}cE9VyZfpF=}*)B4@yX zU`^tIs@Sh{5LmDY%?et#{&it4Q7uj;nbPzziC}?;88Hakq8!S}^pb@`25^Kh)_VcWODpJn6#BMEVeQ=! zabj1>ag>kZM4S4s#q_-SWLqbpSY*?JFkZoy+9pvv<=nGqkQvtLg!Rd^w(<2jn-~u~ zpWIn4dxV*o`v^!LY;nzo%Eli8ykCDJHO?Gt*&; z?cxQEe#*hIqRHgwT}gM3Hy9PsM=Ij{Kt!M5hO-SOOF?tnj1G3u7x>}B2P~(P-+T6k z0O5>D!;9mRJiQ0x-q4`MBM(VW9n024VqJny;Yfm8^!O5K+hKp^aAzcBP^W;QSuzPPIs+v=qX` z3aKyc(V57+3FMs043pU${N=)3a3m~p3M@8?O0q zH3=p`HCpR0w|F2;nq6KzmZ3-7xi&5?aEitT!LMHU zL3R}F2(9cDM>&pMjs7rN)133+S>#T#{UT*g8!}{jqPmatvaa8`*Tq9694GGVc!;yg z8T+;jBX{v{zKPFH!*vs)BKkETc&_t+O10CI#nMPzbxGPXBFbSx|Io@*UBcF*DD$L8 zkcjrZ9BfdYQM)b~C0KtkU;OI+w>$BT%>OI zIqFD71N<0TK^eI%H{sx4JN4UVb2YFV>;WGqDP1SWDcyy|y8nBfOBmnOEd4b6b=6#d z3<|g(O)Lzw<6T{8_~|S%jXXJlat60q{uiB_&pE&6`I&gDj2k{T*=pjFMtftpoIjO_ zKczuMS-f5)+{6%RKQhJ~EpxZwQ}yR(s1koxH)p_wJm35Byl{zEl(d%8U**)U+#f{p zT}odlcY(IU6R+t{E3P(7!2qrRo8J@{-hTvB+7>lRRvV=5Q>Ic>l{udk%4SOOvK-A8 z?w>D*@B4c^@50IFU4^25E6TeM zU5Jh&^IBtO-oT4{uAiGu)&R8P-ar5jF{F1Es61vF@Kvn9t7yccVZp`o<(U8~Zl+_` zci6k?NXqWyDGd<#ZJzXIg`0_t9t_lL&o`FeeB8F1grD71x%z!fuo}QeF@IR7D9^^uuNlK@*&#QZeH`RWZy&FCwHb>rfmAmaW_?=%S~BGmXTGU>yIL?Y~H%TeiV zby{J`R!Xxf;eH$Mt}Vf!wH#qEP6!M(&(Up!p2G}Gc#~j4RaPJE(dATc0iATEvd{)eO3g{LdGk)T+HsNUswQ%0q~%`K zAO*LA@BDY&{PXY1{nPkXzkNL9IH=FTP4Rc$2z+lXUWp8-#sXr@X&TcFOwoVpGgqe?cAQ(N*6nD(Ty9l0IVmW+IxWYfEVH zI@h7{l1_=JWmyUDN;-f`>Fdq5wUGagELW%gACTqSa(`s`9l1ZUe1pLhX>TwU%&wO_ zY@%87F|E;nuhNN)@_0%2r<{+(AqI`Hs6hcJt*+%dn zIz4HPPdXbccu!k*FR+32{G&q8fzJ83UyBKV?T>Z4@hRg*4vr3+y&SYK8BHz^xv!$V z_E}wFB+R~csveuU_g>f3P{9$s6)|yc6?U&gp@*0PI+8oKMGZH0A0tYB{3;FC553x| z0?udJHI(rq)ra<_i!HyfbHwVEmvz<+YIZm?!2`xCu2_-E)z(Mf)y`~tt^A(7i%$~J zM8Z9W4ExvBvjf&~Z^c;LBv1F8Is2P_8{{pL7|zmWZ6Q)_25sf8pn+mAah2VWKeoB# z%f?auNnz0hV9Zl7_WQ;aBYy5nQ9;AN@MP1fI`1o25Ibc9RGh_8#(H=J1=ti$MN&>% zJB_o4GRgd~;%jxi=GAi0eCu1Y{3EW{Zx0W9$?JW6QR55_DPetc@xsiLb=j&u0}lV8 z{7E}l^M!2N$ENNTU7#iG=b05M{iyR zzTA8Q87o}ScTw=K@IGEFOG8?1D2dDe4EuV~lRkcDsS7N(#3XlpzhvEq8y?O%^gAau zKeqzdu^mG(YmFEX=8cr+;0q#T-ey;{n10Mg|Fh&4_MTU^HGSb-Lqj~Zm*KZK!8K!Q ztRGfu^~fAy#A~pUKq($0S}6i__+k-yM?AQ53~A7eC!7WO5ihaeOsC0CWCO?F-r!;B zZ{eMUbfS&c*$Mi5SLuF{y=-W6KPnpzRY2U4u^BJqdM6Dm`50}~OE)}4Ubk*H$uXAq zly~u~z9z-ziMp)WmJfi^`?}n55bz7_FF&dSp*N>L~(05SySB0q+Q z+lqSQQC{X<61&#?mLD7hZML_r!{=tHO@BeJTE3=H6A@!wuMNe3LCQ;hl2|bwi&>_v zyZqhgaJ{MfD&rTfz4p2S=9I-rTa|gpBsYnc@O%nSr2`~Hee31d3cDirZgG5)=BYs6 zdj2i9t|GhQpBXvWl{e29xj-A5(z4gWOd*`c1(v1!ffHgVie)=8>vnnZr!u_J<4bcZ z5k`7^DICY_SsJAMTswm{)8>cj*Lw%m*RpWKWO?gNTa4ngur+eiN49sRj_%gb~+i@Y=7R0r_UGU77MCbnT2?uL(Z)9dXbC#JDsU*iL8j95`NHq0&jxY*wlA)?jp1bVwwx^HTxzvd{Y0B_5*9&~oFU}FU?f&6ry3+mF z`l{G%o~nG6K2)cIjogCht00kmn~^3?mv6#sdWY-0K8n`{Fd<{sEJph9Hoc79)Ii78 zh;h)GJDpZ0gZ&MsQ1$#}x3tU^#gLCytT+7S6{*SqGJmu|SOM0sIpm_A{9 zUa{3Niu-ee*MwOgvd{fMfkN>t$;VKxgY^dfcO^sKW2m=011k)j+!txio-GtdHt=3J zonQI+^XG^Tb-km_gM*qgAgS)W?cw+w#SA54&z;nn09LdqUp%|@Z%$hwZ?Ia>+^R%jpKC_s>!*S zwP|sH^lzdkNZ7B zB^(>qAErBuuBa{=72H>mG*ReRL&*}fY77`by4V+cGE zKJ|sYOt))LK;7GK2w>hg3P~S1Oc?+Saz5Uf+coyzzs!98wfOKLZ+h}0aQZuf7dUoW zJA22F zgOM4`I6Z#rzeW!Q^YjA%;oA4H?WFUrq9I@ zA0R(f(2Q2!F2Di%-TvKP5FML?g9>5eYWIj$Q(0Yj^wguz=J8T-<@NEc{BVm~&xHP? zw`F;9c4@l-lm&X1^}5cbrj7^sZMP}dn)5=^?Z@QM=Q|t>aieCM^Pe*^e*rh@USK>h zrcE(irG?wF4*e%LdqiGn1F2=EQ!be?C~an`OjsnI_j=89SSOhC^FK~(%!ln88#hLh zxBRJ%12f^h+8Wq#}bB?Buo$HB$0xP(L0wIZS{cz_1 zC)gR@Ae#ErQ8X^;mmZtbi*sbp?>os&yyt@J3gZ==A6WbtT5kROxfD9d-WjQYwLokP znwrjveN4Yt`>)yH%kSQRlo9bTgw3RqdTLsYn+jy;C9>3Q`l@EM; z`Bcueiczuftk-}28vw)*xDy{2#;RDzkf z?MeEjp_=r`jZvb8Z&+v2D6fvfy+cSJsJhrKA#aaP>Fa82P<_+33GS$A~Kc>w?Kv$*6X;+))` zsH(`_nk^emm9{>^fj)V=3A1P_c@=$&8Ko6Pj_54^OAMX8^1v_rZuc#8U|Tzs5?r^f zsLj1OxR#_FFYcUx984xoLJ~M{SN2bw=rJf1*|e`nFTY}Dc}F!kvIyW7jj2A%VXzhD zxDouA5dsL%AfKiao z*i@L(#)Uz>4RDUcu4oTx9lXotv)xIRJhc>$HxHH@tLdvLH|8bQl7!`!4`;Sh zzHRz19aj*=F|mKIVz{_~s!lCWs#(0iVcs1EX(;-NjgR1cpjp6EWAw;8JbYUn`p>+@$8I$vws_8=1H zwrMjZb{L~f0YUpi^IMyZznC}!>?TYL;2uj&@}X_8uXSXfU#kz-t$yMgt%dF}-j#H= zEO&(jn1_p87e4BrT55sTwf!pITD`P6#TzB}aJMMpE1z<~c?X$g9FI|$!-QBW>Tz|; z1H&rEtxJzYUgj>$ne}+RQFPyZIchU>)y1g+EX~}IrvG{@-Hr>rb3^S0^e1kFZp|O< zalH=4WRNUfIIXJPEvChoGDb~Z9Ep$IsE(Xo^2XL1_@!f#l3s;9b}-O=aS3w0`1#!e zPVeDlVu!EtqaP#Ly_XMJyz+)UN@)#>2R2|&iaqq_Zw-jg(t18vhFNyf-+uj-mq=Ef zP8@@n;A-v4SeBQ6etf^OJu#|`!IfTqDs06#+XX|H97SISd!aCV5m#R5aWIg{zjUGi zxE5Wd?>H$u4dD+{*eFnM zZ&x`LjDa{~B_Eb-24fLgQ5i=jo2`gG`h>eRUr?8SyW5cex8BY=tgSU&`z=sh3N2QO zwv^)T?rw$P?(Ptr;!r43in~K_*WywfiaQj7TX6`4lkUB{=ggj&Gjp!*yH5Vhm8_NZ zTAurN-|t$|aRBV69Q5UMQ)KaS#&Y^ngZrApja&QeENFR4wwX3ZU~e5wQpz|R33b&$ z$0fGJs7?jfiKWm>TC*UvuN>R!(tyV&%f-{01Xg|sG+3(H%@Y*Bk~2Qd3fPmJ6W8?R z#F8>6>?j05X$`0Aqgmt0&lG~y;a)+7qDb&@*Y%4_;f~NZ ztt9}1=BZJhEV!@H;N$S81R=Om(2=B6N7JKoV>8T*wbGqA?cm`wUK!Sp-0EbD3CG?} zOJm=KGDZ|&Q~U;cz}?X9Nv1Htu+Nj zT2&(Y(J>|IOMDE~kA8IzcM`~M)%Hc&q&za~p{FABJfD2F*Rn(aFU4aw#+K$HPFhUl zkmiP=$P*)gpxkX9W1~~mx#?|&55;RrorM>qKUQpq!;|nd6I8_{zzhe3v}Do{={mD1>PseOM zNAG1F5~oqp^s;x=Uh@VT5p=f=qtM1ou9XeToJFfVE1Jwa#FFWW$8FGQ&EtvQyi{K! zHMz;Ka%8$%mL+@p@eFt2xkvz}@5=G=ySP)%gsK2y-H%u zaKKc@$M5mS@f+ABpNe97Q&%(0T{ahw`}uEIzg7BDzpj}nrwT@IZsQ1CnQ7R$dbpWQ zvrbMPYa^uxYHpZXc&qbzh8`}m7wELKnR8C-W^>or#Mx*UAI`z*2hK0ANVNjVLP~Tm zHNHHE%s0QiH0R#o7{MA8&usZvPwA=UuF11zNJF7eY0$S@)cXdwJ1k3Y!#!g4BB#N! zHG54)6k2Mb@4nzORZD_S`Z%P^SL4Q}Mv`9ZaPXtu74aQ|%WbVL_SrIV!HDR$ZMDTx zu?9vLQ+iiHHk<`Uu^+AX8XAFl_f3Fo9wVYW5gxBz=rorphCG$7e>24n`UkBGn3XM; zVgYD^LkJ-*WfMkG%w&%>rFICr-HI?4Z4?A^9L5NVi81x)XHNik4^%hiz&e`@b)e1b$xvC!gVAhy zo0RF|0@`bbycss(s>wv-dhU+pD)TAdN?Id+e~#PQWUdhz)I-893QZnRwZ`P$(uLqk zWF8O4p)Yx!2*Cl6Vh#c1?l@1XrV`h*J*LS%4s@}FNPreDaY=?^7kd{(FbHHttjwzw)dkQ}KTx0Ao z2hjZFDzmlly z_p!N@J}ND(ThpDUkKO0X77hF(U-2Mr23N^UoJNjLJ=*SJZoINKU%7L@_a!$(y5d3_ALRS7>DZoXe&>wQ~q2+Bo@GR|ZfkyqZ-yNglaiZYbu| zF*UG1Bal^!m>H-yP3FUXzM%QsFx^4s3{ibM{xVA?7dA57cBp~9A`1hl^bP;gsi=LN> zRyV>^S)>{7a6?2B~MLRZE<_U;?h{9kfH@l$QO*vf3nZp zIPZF2$hqJCJH67grOhzG3UWQyjC_{>XeB|9R@;!<5og9$CKy1l?9i~F z0>CC6XT|@7ufEsw)~|gHbu)&Pf8&gM3V+=4!I}}^MyZ=2^9_pRbuM8l`?6o7F`+k? zfA*xS-6lh*4?ffTqX+o<+DnhQqN^1v(`(D0{cBIy^9dAlWf{#Gnlu|BfR45+Mb4vr z6fz7$!lyr}2~m)01`HF(t|*D@-D(1MeA)pw^90ox)%5w8244jdecF@Z2*hvVJ*SRh z@z3^gdv+vb2afm>s!IV}6F8Zl6vUp3ki@pOX`1{z8Z9JI))XXGBJ;5C=T2+4*rEWK z#EEfDw0$coi$h1xV7x_?%J`mK6CX-G;|m!`afTi64{{_EOQPFTCr4Z9qE^)t`axWHfP>_Z(_W-qXfA^L{Sr_a9}N`+HoKd-4g zB4eU!ntp-!nH>97OImNkH0;_HF@K%NLOd};uj{VF6r@yQ^lZ;hQb2=yL`F-nRlCBO z8wOBPKFRrb479!?`o*$pbL@TP0YyVoHeH`OqWDqnPW#V|-*VLI-v{!~fwbE{+xxw) zH~BGA!4kIK|4ZV7P4{-i>Ef$AL^)E0PA^dI?(FTCghEOeGqm$*blV>FeG|bO*2?s7Xj=6d^ldm zjbE~uw1(Cp4mYQ!XHma3Vo~jA27k#zRCM%ydvH-j#jIa6F>lCvKj~z}Y|2#f%zn*m z7w-Zvr@)cO?TFfZ5{ELj_uB>CsP`t1USoBe;!cbLUo><~cdlNvzNvMQp4dad&lN@g zwx^X))K2^fGshX$r{7LAGrO5jeV-^C`Ehp!gs|eXhxdBsb%kIFD{EiqwxgrPM5MO% zDFMI(bs!;#4aodzNUZDC&>pM6mB0FrZ#Kz-r6N__D8FMKusqG|s=L$US$)k288?wD z$^{1tB;SjxtJ2+98sM5uR&b3e@gQ->(+ISVsbFzLCZj*G%@dC;w1_#qtu|&SRUd&= zDTA^7`n6?#FNaOhmMU#vsV2$0%dv+`yL-*k!VZYzMJaqQK0q*$LzU4&df&Mx;`k+(s<%*tCNXRhl z(B1c9e)qMwhBXpE0^bTidqaNEti~N2Z0db~cY6*|mY%Dk`mJ?r-yY1>IJIWG(fZzA zGuSNGyU8K9JM{kIV|;|OYRT0LGwYix&6{(;HySIa)^;@v*i<}O}|AqyH5HB zN{2;a?GsVKW&nn^i)4DkQvH)fH!7F44lQF8y;9>xqD`0Y@bm$Yn8%TKOwWGjiyY5+ zpBb|!g;&-4Ze81{PTN$mu)MV&k{xpQ)v9JHPiC&gG5Z5YPk_9uj(HNc(3%Am2EX&2 z1T6qR3;sDj0eU{n5$!h{PfYS5D1#9PwDacs%g+nH{n_s&Zs2b?8Mm9R!|fm%unho5 z{*Y*1vbw?~Q`zv(e*Khmdy3N+g70{5YK9*aI~R5E+h>X#V3@@PJ<7<+Y7o79hk4_R zCzDMJA?Kk(eEIUXpBHJ$@nzbBHp?(~WsLLcLc{{%6>KsO6J(rupSX_<00qu` z<{>HDk`xpR2YnA#kDn95Mu3GWPgN2Q_IJQqP8%Tw(`vf44K3oC zq`|BTAuwQ{f^vFah#8`G>UCr<@vU_wtaMEdev1Lb*eeQ$Quh9ypPwaSYr}Bc-ZkxI zMRyQ4BE>`5fS16{5<^}FQ)Wp>U;SOQ7OeJ=VfS=<{NV139WgssE2aW55I#hkr>eFu za)*_q=eb`-+H};WGk#Rkv^ICNG@!o18t?`gxqMA-|DAD6?EoDoZH}s^a6;1}T+#J9 z#NLE|)>$gK!90+(6QG7fHm{YHH87axCdPe`ZDBp^(I62RpRML zBGCgZ``oi1XaJU1YGl*gAV=igloQmJm@_pNF#lw!Ts$ObVbtqTrfh$SZ7%A}d0n{U z-2LbvXWM$VeGK-v#}lxcvD$r~e{)OvYU>Qg`@mxC$e@fo4n*3&S|U)iz0)-dji08-)`RdXj!^Gk9ctF;n}$r4Jx^%FdB5Y0k9?XVE8d-q1%&bU?4r(q3Wg=#y#QDj6X|yr6LqGxUBXdWxF*7Py z9hMr+mU?}vKm5w;SwFMMV*A~$2M0NI>?snn&S5oCUtsZ;lQJLCOr9_d6oeO9NXkXf z$bmjOVroF{%Fw3Tkx-Z|o9P11JLd$)})4 zHUSlIbJ1vVLTC4v;6_2TAdcW?^sytjMJ=o$)LUX*SXZ+VIQqJ?n){jFTq$ zu_iytqiP=iNk@5;?{kFDy9q9lFkHzBJGGPJw@3@$C>07Wl70@OrL}8vmv$u?IIIv- zLH=Jd0E{RmAd#)?dF@HHOGme=Seij+Bxv;dt1i#kJ2Y(t=ZhyyD@qRe z0eC`c1IL!2!hwsjbe|&9YvZ=GEqvdQ~2A;Hx?@qdj4+DWo9MMOjCH89H9D(Un z&LBv3?6@!ahwa1ut`{NRBVRyD#8nvY$kV?VJy4`ohZMw>3+ZCJAc~jWj*+r`exn5_ zf8=k7L@Te4^O;)i zaMh4+N4|6-DaKMUInR8u@uwUoMN-|QV3j(-_lohI78f^=29|>AIEKb z9FL#gtfe;0K=FNx@mSHlfqIXp+A3c#2UDS@bT+@J#%ozg0G_p0dJD8aHCB%2UPLOG zY3^98(nIyf_iDk?f;Y}%$qfv*X?36i#!pqBh0RVy*3u~B=f4U?AyC5k5AIYui6m-2 z0c1@3g-)-^=bIUBx~I%&3L{augHK2zoL+{IlG2XhXY|6%V3(TaTO+*aOP%f-SZxK) z2g@(4o5OPbcw-s*J-O}97!@Gff^RhTPjhV_!I$#}G>--8Y=0)dXDPbjy;96#JP_fw z)6&pnIqKw*OT!%EiWzKZp$^i?T9haMo}e0(=3(U*Fl0!UyteFP8#pG=ML^hS&=tm6EB$sf@h|XJ=I~6olx(PUBx~q zI;3IKmSxMBrd^lvxL@eDNolb(Flz6@ebCu=GFo2O5fY(0`hEAAC`R^(k_m)0Sw6-x z|8m;W!=!$Gh$8k_*|4v_aCobf%jj^|-1>%7^t zCJDOtNzYsph{!ZE+HCqqtsHFlrfh+?yoUdhgx?6eN1wYR3k~&Ohllo1rIX=_LN=f6%Hd@k6A4~O+X6xw}Qyo83 z+uPI_styKvlj-K7u~D-h>ET3;C&f>^PdiJRcah-<_CtRO(}kF}n>xz0hmHN6hmR!$ z9_}O$cLyxx<_T4>%tPXKg5yO#_!D0-U@%62LGPvwaLIl_xazru2tBGf+c|FiaOUSi zym|*>bIrc!`=ym^Exvu;$b_yVww;IX6I_p!xSs>d*OM9P3~sGuua5+mJG$!V?C4A! z`Hf8#zmnane!T`0X{Ha5r-x`wmI>>vYSeCd_}(HycfV7#dAbQF(rc3G-^K0U!t|o$ zhC$}n4x4|=?S1NFS{0^ga&aCedWcLkSidlV zm@4)!@j;REK}j`};IB!OEx?aCD#VGco+$qCpFLzDYS^D4_B?n*`j7r9qWDweh~fU} zK~sQ`e|hfM%HjsU;v8W#aR2<&9lzQb8-VajRE7P^L;rt}LtiHO_KAdH{_`Uz=i3>6 zPu+n1b#FZ+M2TrGU=ztq^-U?Mt?I;T)ywV~AQ7L$0r?T9;XPtNyDqm{V1Hz3sB5IB zAEaEkB9}EYu{8IgX1Km-@Wj{7p&2O1W!hIhIj|mcZytXiUwG(4uqi+V_RVBAormx^ zH7#*nJ*|UY3b3snaz8YfB%Mk9#f2XHiwi9#)=TUBG#4Jpfdq1SIN3e!La)`$5UI$K z<>raLyoYmQF__$bWrVBcjDPGnspDi?OnIcZ-kR*UT8ynq?8u-6hHJwWEodbl=5Xc4 z4QK=(g|HsRvROs<=r%5tqHQb4k=gc%$r^uU(8r*s8s3SUPU1D~D{&Q3F+YFOsDwX@ zWIb%%0Mj+jV9p$$@klI(icsJ~k;s(a2-k~u;kyKUVOnP?G|3mlKnb<_<_RNG(mmjs zK)F-D&HGyn&Jl{TQFx3eYVRS7FGi~7B4Q(Xct~NE@m!QI>)7BXa4xucKu;wBu+jr% z&^P4_#D+8!gk=94&v^Uwzw(UjCblKlBjY-K1e8|&_6&Bo3$~$VuSfPjenlN+GdRk* zeaH7YW*l{Hb@Ek>g#d{gRIPvD2ajBmG1=*AO6zvq*rCWC%2|_@h0V}I5#`T7MaA!q zu9-eViPf092Ckm&+Ol?VY^aFOfO69E}f$^@Hl6tAMc)OZuWdX2~ZWoFYCY$`mg8 z&Jx@J(_p5@eR!@U$Rxbr*?-~i($G;5Nd6BJ=yCSnNucFzT=9V1|3Cq4FaCqUi+S`D z2q}~QMesaLz$S~g`yb5KzsMaeYA}}@F96rPQbm{TD*OHe;kw#nimas`faf|61h>|r zQc}Y-1w~dRDH3tb6+coFBya;ZIW(=dBRm)dAc7|XLsHP+WT2z1yBgc@5SCV2<1is} z+k?B)g|k_y(oic9B<}oQ@{h(}fUDkVDi4))MS?z$aS&ga&`9ASzF{OIh$?&JPi7}* zwzY;b`XTBI;OlTxF56_1^OI`Zn^CI%dpgX``GcUJ3!>UP=uf-Ot=pYxT8H6-c_y+n zN@9JVWGj%!nW8{Eff6@Xxe3jy50y)*FOcN;bm?Wl4SXAzO+9t*mifThH1v5cB!;%m zy^{Fjn`N%KAkmp#@1sDWOxlktDj^H2x)3UuV_kkA!+6CR7oPtQ*62KaEp?Ic8xXg+ z@Fu43M`H9yv=`55!?!lJu40L_eB@JG{bd_=xvwf#b=9aGc*?`&UjDr`I(U3Gg|K&S z4)KFI%)RvZjK!nOP4~DKsN}0E^q5<1UML9pj%^~TB2wd>V~{V}R_~yFENYeAjO{l( zO6hP`(@j-lXk}pxPW9Nnc{Mgx+ULdd*7lE z*hsGS#<=`Q)2dyFCt5z@z1H11w``%5;^xss@SqQ}I zlN_zRP($^O4R59a83kRX;S-9x({#l=-A>o#=if*>ey$cdt!0+ZIK}As%l})evHSe4m;4cZQ%b4pSp|3FOSP5NCTT8q9z1lk!ZfQ#1y7y)?Kp$Ov=!u4a4%oh zDImR~5xj8%4$d=k9f0TtcqpB1e|RB&A*5p&X}hi;a>z(92w75jRT?GZHQE$FXtvx9 zLH?Rq9>!jm!(9-Kxqu*7^GVHh30JP#WzCl+iv7HqXR_`{!7K2|H*9liNZQ123Z~8M zFA63L|4#+;EwO9xgD!)gS|(BcJ;O|Ji$1ntlUO4lfE`rwuu(+o5D)1_>uj7 zx71)8D_!(*O%2BPg#CUwJ3@B%6wRW+o*k>y1l1;iSV_ z{2`dTat3nmk0Pd({*q6S4`Rhu9#6RpUk}>}s(G7FXN{}CkwsHp#)GZ={sJK;q!JzZ z=hrAuH5&ea`#DU*J!Cm=_dkdK5vUeZCHVKX;J+_3fBH`R)_U9G86Mt$@tv&oaF1cB z{h#saGdtVg;?t=XHMBHgousdSGc)4^exR*WKW0$QcUV(!_mY(jt12hUuP~Wz= z#%zS;*pBjh@UrT~Z^29BDaaxa!;?7urqzV_KGU>*1Q2rN960#}(n-zgmac#qdLUSG zP{C(=+)Z}HO??H4q#jzCjU58_HH8*kG+brh*p1z^Q+B6GqHU@&dZ~*@>aL%{~nI zlCowCdtiisAgXy9`q7#HEmQ?bbc~t*iu0AFp1qiwL&0Nb{OQE+gR58*82GhM81@lWV*@4N8zfaKmK3oomx~Wn9jCd}3$@|?Up=+nM zw!QAC1S1u0qMP|bcokm&P8aBey?!L=3UiEjr`}4{bSrC*NSJCN9W_Lc>P+j$=j`J9 zldR^(wjJ#jUKOd)k>^UgHJT6@{XZjo7Pq?ub<&8RiWLI;(@gYOqUe=9rK1f(VX7}W z6FQlrZqINoD|#32X8+_}dhUzRm~xbgN;GbJN)DYMzGYj(- zm+>(X3Z|(DoYgHCeC*_Dy@4%!fk4l?hRRQ{p~03k>|f)A}_8&k)4l$+`A`4rLPUdzGsL3(5$7OLo zdOO0lrQ>g--F7zMC>R0n!NE&T0ei9tJRZ8i(`D~L(jJGpAv*%Bf|Mcg9|zCKsn@^F zT!&rR87uVEeyz@|2FiZWoQpUp`SfA+}K(LtgFS0`X(RYM#;g z1)4N_p#NwC`E+IcKesJMvByt-_-z}Jjb)}|@l zzwDYZTznKNAp!}0o6$guW=(L)egzV7?ctCLcDej;U*b6UB1NGY&Q*Mz@Oj;ypx@SK zwh55a6J&JW7|Q^hj8%6NO_;OH%;#eil*akrnE&G6F@K6f)bjm;80aHBY;4@f$LKk! zv#_crc2H?yIa*xG86D-FOAh0Cz|Xyglb9%CVhEylxG#JXM-|wkbVtRH-j&Ei3Hmgu zcEKK!!}DnUFjqt)-KseNOVUdI?DNSvxDw4h^iRSMXM1kR>X;J$e1SDcyxL`|YRhVn z&9#+K+SO*^Pr^U1{vQy2K4Cd*T{VRrr;@Be*zT&z+m_-fy2zJ`al*7aYX}uDSB#aT zx=%KY!8ctsTt9_Pkvj}t|1FtEtp0m4FE>S`M;?tD_{QR;l@&=O-=ukqpu zm|w%&{JF)5{BToVdlOnO5Se$t+kHC6&$~!w*W^3AnV=k4m>dj}i!86Vl#btbE|Yw` zVEdzR8jol3C_SM)J~iyQ+|iVR*JQq>^EXYDEm!iqcf|4GF=#qF=x`pJ`96_~+3f5A zD}YPx4f0IG+mtH7ZYaG+YUEAQpuPG4ggM5SVTxnl0OZM^ahkSzZmgod1T{*malh?R z618A`J`a^MduF0l?Bl9+3&*lZG=Dyd@UK#Muo6|~;LFBksYiNZLid&7^^gAHmhaM+ zLK>2py>Cr5d-pp}EZ9eb^qxP%4vv+JL5xhcp@vm3)pB|%EEOMs2Xj@QrnEmOgJ7Kg zNttCPK~$ImSH!!)YPEF}c+mF+5bSLY#YdLNL+^jjqLHpWz>jKgktWpeU;VsEk+isi KShLIhf*@c4k^WPD2!enLh=35K3P^8KLX{fnoe+XZQKYCe>AjOgdJl>M z(mSDrDm6f;2@pcQfcx&g@Bjbq_wDS=elt6>&Nz9V6VCITcHQ@NU*|q~uce_(Ps>J2 zK|w*U@?1fOf`W36g5o@e<|4V|lYW>O`Qx02jnffydin18GV@oRX z{Uz7uMjjLt3_ni)pKEt1d__UgG^(QTOwZSB9nEN(u%AUDNhA%vPQDSR<`_19VL!wp zBK)!!btSzqUm1j%sF6entIqRU%79SrewpY1Eay6_t#@ZhM?lnGGkfZcy%2~VORZ^U zGQDUdZ}-gh>vO$5A0P^XcBPb{dB;LB)8wu(MJ?BFVorR}ct{hXFJlt>ncPD1zuDr3 zwiCLuOZY>%$7dG|w?Zh-zPs|@rr@J(xGO5Tftl^0xzVEcn<95aLilBa75PcMS1d^a z9to@%4V`2k%Zj?ni76agqKvu8YOlh=qigYjox=8SI;U*doTruM8R92wgmm;vBNb!C zT)lv|(g4 z9PfSA+Wum&o)QNGE>4Q{rXoVVFdfQrx-+N!>Ti4>Tj@%;L?7T*BuQ3GrBnXfyEX^_d-T`>A`!Ghp+WE`z zMz(?1!qceen=sdfYtmk2Iu+(xa?Jrw0T1=5^xJky0tk6jtet{KE$JT5^|J;8WzCHs z*W-?sG+@cnMxWXiVp8KWe;=07el^70pXgdR+@a*`?ll~z0-ug*5Kr<9Un9yjRGIC& zbj>&CdSKyOqgLAYY4EWuouiZUC3=gB?wko$%JemqmU$80!n%zk$2ez24fFic>!at@ z9Lyq?S|iJom%`eg6c7KPAHI}6mNm|EQP4Z8L<44-w_|W~GFsJ*TF2yjSfRhobf<^U z-IC_3Ar~2kw^sgQe%U(!4@@w;ZtXL^#Y~vOH+g0}l4Z+r-IcofAi3slbFX!MWV&TC(Y{o#(u5lD zkZw&34X}A)*mk@w#HyNRBU>Ygt{O|MLk~_Rqi%~?MGQvQrTl1jd6<|lFim(A>69m& zoc(-3e7h08+Wy3(0^27l9k>7c?}bCrlt>mqrwDDFZy0J7U3v7ec|Mj) z*H@&W^j60D$l6_;tQfB%oVHX35}1&kAwG5#lF*A6 zaFNdjCv6|~O}~1QVT-3gY|^PuLsJfXRd;o&`au~VppM}YPh#44>o-e_TH)xwNe^RI zzo~{sYZ^p9NQxC}!}y;f0$zRNa`%nQIeeHZm_cBso7G^9VK4;y)A&~PL+rZ-bKjGU z_^dKoMvPN$k?*o;EANKxN^DZ+WCgGSjO}j>N6*y`(ol)oIcqHr_jGpjjIO=A4NL!& zTiORJ87;iu()y#Llg=C-*Nz#*9SOcZes#!xOQt?TB@gRw!YbItiWh%c z2Eqy2)Yr9%<^5)h!Cze{8=o|WT2HkM~sRM zG1&q;#FgLXJhrcOPvpew$jw*xXBxt zp1&4FNU}{MC5A*TX3st%t!~&3Lp?~5&fU9ktkg^58q@)IG4F;VXgtD!b`@pvY+>2K z>_y%~vmOVte#hXjrNhg`%COTs&q{m|fyF^gkJ@ zT~<7KNyo=ZnAxyYO|=y6``Rw!>VR*PJJd8U{as{9yC%^;1~9aLQwFKY-)vU5alvke z8tW6;p5#YqDweqSxl}bszU6qd_oe=@#E{#%S^N$WJY8zmhFQh#{>@CD?4Z%n>?`oB z9OeS6jT7B0S{(Kx*Ub&MLv<%!pf4VAOxe2A?DMYl!MFw_Gnkf#36}BOnc=k=mnrCV zmd>&;Q;9`PSugu8x+kZnt57+r)?#ZDanvgXo6sp8YhUK?rU{bu@<7S56fD0KUx&*$ z6gRqLx8bT1QQBKd#aGJ&;-%0?bXII-FO6;dq`7W-e9DJ7m+6|VIa+6x=XJ!u))~IM zCWl9WKEvJ*;#E7X*cA2gipu*f$c>NM$%zh3`e{}02|e4MVljj7MD#B50`=5uP2iHZ z+6T{m-{Vg_VZ#nKvnJcykT%i}W=HCP4_D=Sbh)Ss8rc%?bfv%_XbI!(A!2-dT8=x9 z=O(%eg=YKS?lC3!ZOS-HRV2ku87xCB@r$Gc9@Nv%5AN0zf_i?Q=iDRFv5^kg_;K?>q$^E{A-LzYyyDI}F8Ima958?i7{x423 zHu0iMu9oB)+J5s{SA2e?gaGIWLSWP$^W~Z6d~WzGnu*1hv11gg5qk5xvJ^z>N>}xKduZ~7NcNXE0&N1N(^;9AK zO|5m(+tyM0g^|SEmxqS0bra%S-ir0Vt{@cfD2X|~pJroc7Hay;gF07n*IykL&=0hZ zB3V}nG~le^Go?*e7YT7kQ)Y*nQHG@>^Rqi_O+cQ%k`cOQ->DrBSm9U2zP*lyY8_7V zbVAKu%NTz8K7F-Z7#a$=ul&rVu?Q0GeOHF>g{bxVD2>-aID4N_pB0R-_=s7eA3<`D zFb{a?wu`^(y5#S4vVobXk^F8pcmYBw)_)Ld_#3T!tQ&7&xc4t3c`&`)shQ+~>qr10 zDmqmK94~fAn~cO6UM3IaQxlL8jYP}h77b7L#<=B$F0D}XqJtwxX8$`aeP?vO7|%*5 zBYv1O%zi!cjlje~WFSVM?7Z3HGIiBL^N!xM(9;|&yCBI>!hV5WvD`}0?~}JnfO=?E zv9*iV*aCaiy~d{)+ir1ZlrX%+CD+P2BL3v}!#uoG?t70ntPw#Q zp9jsvK@OB+IBF$+K&9$#`jqX3G96~_vHW2fZ}EKnhL?rGlx@6yHWCmx%y9TstKquV z+AcwFU0;y<{#u|Su3M|qqivy5AgW8R*6yvDpyTXGvIdKz`KBz-?1pYz{$T{WgswxA zt)Lfj`*^&>RAZrrJ^#{s$|#fz+}7on*7x>2fr;4cJ^3a7Fs>yj#ZFN!gx{rFpK>d3 zedW>ns?NuzrGwd!i7#=vrRil6qABYVwuR$+0C`OM^H>aWwSK1I5jurr-(x0e^j)$` zY;HQq7%B6^|5#EQUyH&9QA6#58(5uw z+tVZ9!8pS)%^LoFzBiq!5!$bQ@`JVz!QV~{guK2njtZhV{#rj|O}4m4m+?6_6@>0d z2Cd%6tra(k>vuui05lGQ_CPL8%#setsu8rzV^6Q!k!e5TwU%37M+BEP-(4>{-95dW zd%OCe*{^1J*Z`=nRdD5-6z|W-0phN?ZW5FcG!j(kXM9CFzw+=w@}bUqeS?^*_1Oh# zl9JRQR44w!NIgpeXiu3v?*4#p_tn_AMrGRiR;31wYh@7rArSdH$w4&_khIlOv=Rrad(aF_wUQzQJ+-TEL7wtaGY# z98yuap2e@&);$73FY$|eL}jzDoY(q+_R9R_o0gq(8&YHNl}bSfg-b;7TPnOa13MzO z59}PLMLhJzMG95;xVs6QQ2aAkpnYWajZK~Bk>h~+qGRTh0}Y{+2{i<-`XEtsv`B1C zg%{fXa=3@{RZ1giLKyGc4G{(naZqjgcly&?ML~K=d@1o&gB7F@$E69yh*Dqm58Ow5 ztuENSgF0Kfa9f&pqm73-`>nXc2#9Yu+ZgzCaw{J;t6c=w4;6MB$Rn_c)B`&0n(7`QY510lefH!%DWwfkpYX3 z?%EpsP){AG7U;I!1jQehs(pX&wjmpoXbT^1dyyES!Ad~QU50^u;e*WiRAm=jPan}U zROHwK1YHyi)O86}2No{w@(I>T_EgS&)XC$E9+(GE@$c|~Dv##|Xze?G?J@}T0ZZxx z2jdK1o#Yz3P$^F#La26`Bx;xJP^XW}yennn;dy#RF_F_d!ohiZ733Xxh2iW%o@Va! zlj3p6f4tyWn00;iPDgKVb-`KPryiC3A>msd{wT{8Cb>jp-jFCGi) z9x6Emwn<041SPA&-@V``wM7bkUZGJg2! z&!pK)bBg@YVEUhVtt_pa_0sciq2f!}$r^+V_1S%L#L`L_B{hTn&v#dGe}>tRx@X`Y z2L7LB;=iJRIxY~GblT&?(^d4R$C4b6U7zwOMSfkT$i&q7Zf8emrhZ-S|A>HWfM_q% zkc%lOlEbe!^Mp{YtaV>GIVofGT(zn|UaMy!uQxQ4E6?fLsl0h>N{I%0tdVx4z#?pV z`hd*L6C6{0^4gW@Mns5kYu|w~4S7HegHIpj6KG2VfGl}fclH5;{JZV$yxOXn5>4yR zBReKqpSeG33+MY-k zI4U3&sG&S-)U*r>80XB>M)Qh2aF^K@@cV%{CNi+)|J0ZB9rDCo348!8kO{9BHUl@w zHe&VVe0l2SXaLQ(UIYfB*Uul!<6~lqCRhAUXR60K%r!8ZOe*vmJdwd_lq|r)$_!o# z3ghU17qd6N^z;u<+ctPE@c_FuYnErb_{^J4?ELraEULRKEUMuj-i!+)N-lRRH7|!H zy&XM7H@tf@9;C#?LHr;S8a6dngK(}}v;{K&>2q=>rQ~T46Hm+@Qb)bf%wT}Z*#+OZ z(jxNq%Cy(j7Lk}M404ZM{X(|dlD=c^$oVF=t*oR)`pJfVz@7<(mDC|;c8!8V?sVWO zD8AkLFD)2!llSd#7D}r&I>ePuPnNC@&BM9|fxMd!L7YD0d&4}N56|#0@jRS-YW#aNmfw@A`cG z=wxutU8qBklqbsU_(-~M1;KkszEoV*TWA2I^c=LBkr@` z&PCmP(2|bv6;3;RuAkD58LSi8xHhc6v+;M@rR2W=3*2ls9v+zB^pBf zV&&eQkvvfSByVBY@p0|lStY8A7shzgx(y4w0_DGWW(^8I1s2G24;;Eg$Ihs~ zUB7nVj*&p#0sxRM4aLDZ(6WNr53G&OYmDqyHLcOC0>Q zN}6xwy^|<&@vY=-I@UK+oV}VFkGjq?6Dz=RAS#@1lP9K+N&Vv4Qmf2jkd~?!A4?wR zo=PA3n&kahb12f%JIT-H8U38#OS%ZXL)Jpg-WJJl4GNOJHASKc9@@o1Da*?!K5#4?C~9W50%6k2+jH z(#2*X571*f6&PGEO9xRXz^1lHblB(xbj-d68uekCoi)F+i2CZY&hRYvZmTf?N2<^b zK0h<~L6BnwqvdwZIB|M__UIYFGWg#fUbo4(+QM#gA~s&L$@Wt-&dZYgXA1}KAA0`E z;6L*rnK`%r+v)KCnH_^OcBWEZQNhg2Y}4n(K+V9>|L!W!dR_GLU{Z`;m0zQ98evfQ z8IX5IV=yW6(vIj!mgTLt%{H1|vihtZp8u!a1=i;`kf(?|eJSUi^(>wS0S7w*yo{G6 zLR44;HqH-wN$p*QcrP;{RoLd1mkV6b;=hh2S%KXeIwN2Q97n+6EZAjCcdPZXnZ*7^ ziHURFI50@KV6URD@Y3lDOkNv2qw>MJByx;}zN0`PI&96~dY;iZ(`m4GKomxqPKNf72fT^LL^Kk0X7U z%0};*6tK3-U`|zjivCAZt{!{W(jEtfA5kaAQpZbM1Xt}uH)hFZfgA}FQ0L@*GqV$u)w`j0hyrFN z(-j}iXovms>1&>bDqb$5<`Pg%^GLj`i*~LN>Zj|lTwxI&$QRB zd7>p6mXs$iw!kttWN`Q-E%o&yT}HjVzD?~->rF57`hB~IJ8#d>F`*SsH}~dxVyCFo z(P+pm@1pOZVNaj?5*Ns3rQvml!nL!#tV}1b+5bhK?gb`Z#(BoRva>63nL*+>Cf;(H zrwsxL&|;8qfK6g1Tr-?+^~2|m*O_f>`p*00k87J6+m9}PNr)>W_#=wu( z|C_bYuczx@G@Wb$cggvlk;Q+bPEzS=cCtDnOWXCH@ZF1rf`2^2?GST~U$ZXbx@nsF zZ5+Vv8Hc_sVY!3FqzrBes;RL_8TD6)MDIVXcKhf*;e_sgBAoc2DyJy<=Kw61GHi=y;-Qe)P*2xq zv_P5K{!uTujNoK3mm5cBzMC+B^gtkLc( z5Rx+Y8X6zHf?mM$cN*6RNn9WG;DZ*j{#f@rEu@&JV_})CnOUo{)(xg350^$F+C%$m`U!XothWZoTEL*@<20CY|eF}5x z^w;pbfB5AyPT`R7JGIJ62&8XvE@O%j&;YIZ#5Fi!%tr0b=Wl1G$Ejq2q5CXadrH0F z(_x`0q2ldbef0n0{hfl3BcWS8$NUGy^J-xDZr#5Tfd56}|IL~F$GE_u54d=Dl@u7^ ze2gg}L+fCcS`x<;@Zhas{I-nyrfD9TY4wtMLCw7oWktntkF+0eD5=G)e$s&93w2~_ zukXZ#P+OLA398pQb9R4`K^=1WBtd56P|v1&p!GNn$FW96fBNB}o9?%$(=bX+DhZ*1 zIS#wOdY(FrUeYOKtB+e8{A3UF~`+vsszpt=Jy*_nm3S_@%_X6uQy63PxYO@Nz=3_*T zW2(CH3%J}8&lYXJl9UAvAX`YOF!0!?ecey@eYy8@&DUyV(EslUw}Kf}YlucS7v7Uj z`6DmfAlKv0W>p#s#3{dB_mlsRhb}AE|3N3p^$6MecEa|N2p?gbTIb&EY?9{*N0*xH zN1J-n?HvOkh3{NUoQD4R_v>l7cLLto9?SVpuw82K}Exc+9mod-(?m~KwGJRr4_Vj&n+ykr91zYOwtjy*o==8OKqvnikcG8gm;VF;o z!Lw)?D)a7HeVc%oRB6Li;irinPWVkBx;braZJg<{>;Elo>t)Y`>vhz`dfs_=B~bF8 z=qb%yqFrF%6q9StdCK$apEZ_BhNQ^aK>fEjmhu|xw~j^Sd~=SEkN02=7mc9OIUmMV z>bI6>zA}mhUzvU^>Wd!!6TkbMt4|&5lg*KoIy1!@|NSy`{xcE6|1W7sAA32;z7Din z>8mawQlz{tcQ(QkN(Bt3q5{8_Q*yQQDWf*mGkD*0_Fd4U{`c|+SDV1cT%lCSL;t{? zIgkD^dRzT@>-hf+izgjZ{wNVCD?e{N(Ha0WDA&c*DJw%)M>FmwUq1WJUOufs(tq}X z(70`Mbb3DTb(PuEw+B@#X8el`GyhNS&ie#gzp9XbENu2wO$(JcQ)?LCgsmitM!X9% zp}Wf)b-e}n0_+M13UDR^hb(cSmVGqDk<9huyjyw2Yr(>1jrM(B!YDm`f!T$`D9X12 z4HvxhFGLTIvxk$R`Rj0ZdA+E&0A&Z&=@U7z>ieEJ^!9r9TUxP}W3C6yn*HKHj~;O{ zUb3>Xa2)*)jyGJOLlVesdN4zfNTX&@+cwuTyV>PsKJ#!AvNNRu-f<7$xAUqAuL5#v zkX%H5-8ic6tWNpy-l>NFkE49r{;!~;oTbBF&va{44(eKfoHyly{G-&||3?z12-o^Y zQx|e2T4O1s{9*Li5Jf=Ifk(c(+Bz$R>=y96sX?6@V%O%p*xGOSi$%k6Q8Svk6;A#xF|)ye8Yv>$jxQ1W08yr@@?^B`1OJf2ayn0&wz}^qJoTxd~4>V z?w)#mK1tW}j*^Ju8JR3EmxdWuGy#uF#F zv|+RuI0z)V5Ow$tl%6K)W*x8lfVeNGdEa$veIkRLxAB7BHyVIK3_2!bif(5%Z$~}d zpsMFWss(kG{F;IJG~tPB*v~9p0pDK8JlL)sC6@TLM8xW^WcOxhZBDl9?K;ix19z&$ zoWK95-``&}SX7p0<|g-+2JNz*W9^V6<$y1GoU~nv!>RS}jLUlvC79b9>I$RlO$ zCTCuYx=?@lw1pT}{-%@p2Bp&b!$jdjsPeFkXL14{FcAkojNj>ltX32W^%r?H8$qI- zMlh|LWzkIWJAXXwX6kIL_{Uy{O2q7BrpWX$lc6`d=itNQEMUq7|f{B*7fhHj=teTaU1?Rh*j+zc_24DqpIc-JCmqu7tjFFEk)j|5t7w0WD zVbP#bZtz);*V7LGsAwL~I}ndZxB)@w=$DZDy%~U<>+PB=uQs~`-fIlvsXcwnvyLPE zr^ni5=sl?xvG%)@KC7SjSR6Z`r9%MjnbLdG(y4&`EREDB`Gz~^t1Nn5sggtWnWc2y zDvtIl4bIhHI9(4#TAK+zV)nf{Jy7?w(P>iFBdi-V>EKxSfnLCN-g%eVt_#3l)FL1? z#mH^o=iEh1>V>8mkdeYDa~4H2`(T{wTCK6kgxO$Wc( z2DV03_tIi9J3lrdL6Qpvah&(3F6m9f%Z=$ zI6h5ut5)FC^f8@`nIW~uaT!90j( z1st%CJYPUE<(W|%@TkiWaGeDf{{j?X5x%BZn|d+1+p={hqvz_sZ;sM>axQzlRxUQX zTW1u@ePTz?4^i$T7Weve{C*|{U8>d4+d~DJnBeZL;t=GWc$J8V2quo#>9iEdMN>4B zE+>j8^nf`E>=Uwr6OSj&84=4+0Ee-(TlK`Pi}<}L9ek#=-hMj=@E8YJ8D%FFqN;FS zK^n#LvDeZ_NBg5H{JJVQ0ode>Jme%jXXXhh{V0kR=E7K{GlA7`IFPBq)Pwv%vpwy5 z6Wf#G4-ahjS3T0|2L@<>S|@bPhKP(OaBAfB?BZ0Y?ljCJ?yLzk*H*0Z<{GALr|h zu(6oONgsssL!opA7@Q%^nrRr30`>3%`B`yed=et zx1bCrn;N>AX*TE60AJ@{g{Yp*7!J{S$rFyYZ6&5q(8LR=VNS0S)Y04@DpmH zuyL8tQ4%XIy1aYlXHDga&!t-&43G0?uq#EZfGF)1n9PQ4Igy#uOUcAc9NIV5?~!}r z_cDP{gFBkaVI`F``}-d8odYT{dNqUJ37GkfLxMXWTS)mpdXyo34cLLq9ByO2!izEo zx>1eOoGouO5I^%O3(|c^)ioU_fh&RSGHbDAJ^Wbst(n!V((L;}&y(}NexqG1kVQ;I zoJ4#{%{)|L1pSWM#89NgO2T^)plP1vzLLLvQp!8ATBIG8{k>`)DN@uYHuqP}^_psf zJlClU?N*&(;KN$~Kv3|!9iKyB>9XOYAdSLC1@qLZf)f1|^m0Z#nLJ;)x&QSdaT`CX z8BOm$`z-Bn1H19e#e~#A)(xol^fGppr*m63RVeb&2|Bs^(J0B8#P{o zUl@)@ub`ib@_V}Ta;Ft?0f%5Q=LwewepC1IJJoEr(XbVL^?@R$+`-#??fMT_81Q|j zrYQ5Q?;OHeu_XeZK$z=CtNGU>e5W2CJn%XEj5bcTig_^!Yvwv|<8IpNe6S$R`z*#3 zpM68vUrvohri5p1h}jbE5@HW9U8tlD1Y@Wlhgz4*gj+-ie%ep zezM5Lc~s-4YSyTrX1KJcfSKYGvw3kVTO<)U{$*ga&~0dvy%X9S!SuSiiQ@A%IRQSkTcjm7@6Sl zLINW3;*G8OCWg8gI)|uI`$XH&`kX-`P~NVFq|_d!(Z8a-;AOrCa4_}E4ZCm+IZ%~~ zJ)vLiF&8AITo>Ef3_O~z;#m{lmF*F9$-pV%b*gEyOY z{lPYwbhVq_^pBf0xzSIw_-gVn!{6rEhHDx$NYDnarQS(EfefZ;!z*;LZA-2m%E? zgViq&PeopTj}d_;G^{!Jt*`)r(cJN86OY(B#%0wIT0SGOE z6_}dt>ly6a&A_4*5$hkxl#?g*^odp?X1fi9fabF`A#v+3?rZv-6qU_t%4)Ly$q zeNm;BA~X@&$3B`XW6GQ3WCNr%(4KBMnkX-3z3C zG>vO7Gw{hAZY{&|e0?s+WfX{N&Wj3{7qfAXR9aP+!8ZU3+dopnY^&dp?yJ^lmr>t@ zqrROhh_A0O%~9U3K}y$CUmmC>APZI=$a`Klzq9hYmxXA?%FQr5>ry+Upjf8na?+>m z)!-I%WV&0nLyLsJgVuH!j|yh0B1k(yN17b4Pe0^6hfoMzpJH@>sAq%QyG>4UEr>s3 zf6!1$WyLzT_`_ev+4rMi7xza^NUMWE4}4brE4+_WWcCvKD8=}{Hq=YLy!*@KT6FzB zSZ#kD`u8fIHS3$}_mjk#uVV9!#hGQ~p@qC983ub!I5`UOZnnsD5e$9=z)I=Ki3UH% za`?|ApWMb9$>2BlX$jt$?x=g(2}*afe=9aQN52LYJ~qhu+Ck|#%`seI$i1Iib*uh< z#mL+~tB5gAx`}`Eu>4iwJYo!5;qMhL2w?b7kDQSb^oY4|g?lDXLNwZlXQJ2;idHQ# z{uaJTOEd@Q|D?y=>o3y(6@LV>fmrojq}P6lRBMmi;c>x_;JG>eCXVDSpl0&EIYXE} z9mqqHq%>nlUDuqDzA;=k!7*}&!sn*YiB`>e$#$XX+2=TIj?Dh6{5wq2h(Q5=iE#?j?p)WI>_u#@mdjKrX`w1 z9tAkPQ@Uu5h=|3mNHkC6Xl`IAws^@}QcC{0jTHsvvkW|YYjm@uQdWBcs0jVK8oc#a ze1K<@?L9v&-e%)03BqMC^;GaG=#-pU{6_XzkhtW3b(jRyY8pZ-mTpW`wOWh$~Tj9vdMhT)8Z_hC= z^h`IF8R6tlTya}u@r$75za5<6OC?2lrU&-J_lAS0$p`gxA~!efh(WwT8h-@&O8GZ) zWTTw0iQ@?B4gQ~9jZ?AkpR+>$A%&^-EGfwGY_o}~GJUtixvap^)BNDQ%vsXG2Br8M zEGzp(ygp7$DzWonyy3*qsS4>DI-yS^(ifnYbxSu6R|f1iU?>&aY`4JMkdH*lBxg73 z;>!J1;~$XBg!=rHOXRP`PtW>u#S2W-z1UvBdb zSf)hI(pHfTLu4IsN<0Gj-E1W@n8l!Yhi`iaYV+n1&iBQ5coad$^*P4s{JOYQ#f7}2 zKFIe#C+L%xMnn0I3)*09PD>BQyO1^tFx+j?rQ2{%w@tQjP6!VI&pPo=JBfIHT&|*@ zu6cF|{yc9(f*Yf~*mJ1@WuKpJExsF0sC2X|1D^IEGjBqZMr5L7&*cTGMVU{~)gytn zxHC>1`t=6V5~ahXF%WWhQZL}PT2}%4vq!d(^Xc6>Zt)HIZu?=%%v|L<2$!_%T57(# zkF4V6C2C(8Ovf*k>IM9?2vzDHoJg#dVMpcs34^|xJ_iZ zh5BJ!ykUN}|0F_p$j>TeK1U~#;L@unuw2wo^#lc%yVs|)R`K1q+A3M@{4v^wD?U^e z>K@UeJO!(@!xfv_bQ)Pc(O9Uy&C_N-SE5Am5VT?kA68ljR8GdgTz+q}s?k2;tw#U? z^K}@(`qpfHMr|%FOzh;tR}ezU?*%z#u>Qrw%@>t5miIx?Y4AKBEkxE(<(3;XZ}~Ub zprd+yk@HqccLP)-OquhlK;HlkzpM0-gOSUxah{UC3HGhLMUfB-|uieDn-R& z!{$p7oYnG@RA*-b%FA~npE};_LuY*?$;e3pW^!i>yai--8Iujg%~N)J+12pHU;Az^ zGT$4-7a%kD5`6@Cz*QIFGsUTc5LLg%=WZfNRlV%Y?6Vpvts=dKj$5?W=odCU@i&~O z?G#eN4oZA9i%REHgE7uCjULlSG2+fY8cA)Qe$fxzm-vOJ7;MY~v&y&1Xfc>{7%$=_ zaT%G}STicjIEi~!52jz%Ta(XW!vAJqX3auc67(L~ zmkr|W9KFX?g}kF4ZDO_a)E{!$!LN=tOKRmXvW%Z4NZA+RuC~A?8mw%3BnX4igDnyf z@jIQe4hog?xb;EgPQYTL{pe=e$a{H3RTD84H%9f5dOUS;`MR1lWezhZ>no??$98#3 z>KR2L;f4-1Mj6L7R?Lha41A#;Ma>td#rusBdm(C}lPotUlX4H1cbH9$oI@cqoq7Q+ z=Ff=!BQr?9-Kq<#CnV17y{Uls<_a}(Rn3SQqn_Tk9` zUB4_HD)LmfyjZBd;jA<8USx{z5?R9NPdCFrmI&MN83LnqG8iV8C&*epGtu+~k19|F z^+o>v}@e zgPln^o=`nER}p_SYGNE{n2;}rMdehcG)+4v50cH;0Y;yi{0n_Zf3*rt z7VRZYCEDQkA5>d}Q7>rvC5!^xHMUJ23GN?;CR;d9T`uu!t1ewyiWdl&LC;Jz`+N-U z-g0o^BNo{ouG0g_=j_r-;*JjGTEmxyXON6d+4*;O;yqzq!lT_^v>Jx5T!9@FNms5F zaSCjWH&3Zq7BAT_pvrsNoM6ekKF2#*S?#EbL;;>9`(3*9Wr1f^{ufvhihrh8deUjF ze6?Us6BwuiMIDlH-CX`Hj{_8{QCO_gS_i6HZ!Js4KXtK@Nh$0s65;pSy&=Tmg3wid zi-2vfPm_EZVS(xx##MnwIrOHoNSR z9xv*si&S~_sOJV_JA-2eII62e3Us_IJ8-u{q z$!(^ULMA;tNt8KJg`CAnAgtkZs&<4JVN*7)^d45=o7oR$)(SO`oI4IU18Fl;Zdjcl z*a6LW5p?jj>v#EEg1xL7UD{WG&ev?~Owm&X(}y0)Buw>Bnb zgD?*;E?e;7hXs`1nQ~4vI%ZCaD++~F#NAxvD)T=$IP5%XFX{1HJ!;j9iIiP!O{sDoeTilh zSAKu!As#@s)FNwn&v&Jib(z^eS-qa2c`I!v5TKo)8U_Xrk5-@e=!a`F zOlffT_y$n1XUDk{H0-c5`ksL!LO8vsO*%kXfw3-oQ*~Ijkgiz6yvj!U0+7;tX2jR& zLyhKu987yc&+!NOwLyXdflA8Fj;b)^(%gdwwA}lUyqnLgzC#QjJTYpPhhRsV(;S7s z0k=eN2yRI@;GWOeUu!ov>DWKM85$F#{rjDEGNItTu|&=`g|p*6s@e+isQIxm9pBZ{ z?5iNbkt)ZQ0S8ILKRd2MC@RN4yR!D&|KG_&6B{cli;9Fwux5h$^y9*o>xTm5!=U}5 zPj7wyAs#UJs&z)f;5%evXH-W&Kf4h7)dL4{TZ z`md@fJ>*|A*fr&aj~BS}^201XwX7@J*BP*L5+lqr{v5dC0OM2@gbjP!I_js=4FdV~ zJ(f%L(zm%(#{Bi@l*axXa**DD-)Y>jFSd#&+h=$b8_Oiw%6XQ_Rten@4oO_b>h=~TuT0jeGQU>Q z+sl#G3*dd$7?5G0dBVqA+M)F<6zI(wuk2$#_f|K~e{Tn0b?h2u(8rdy75+JXI%I#Y z6nAuVKt1&r6kLCUC%~>Wsc7q+it(`y67~Kzc@)Uv1zYjR zG4~IdE#>$yVZLG<9I93VMLrWYmpJyz+VO^aqSgRn z=0$Zjxbu~ChTHqA5VfAbq2FrF^={HH=xh~B5@qbXVt=8tMq(ldTzLXSrW8P@zoV1M zvVjSPSNLo#)5^<;mUf&#C`*_!JP$pmVG)uT2Ue%DiW%fxhuEOCHmcn^$ z)Wnj}MY}WduZC|t@^Jh{N5Tqgajp1xC)l!VUU`^tHb3ZHd)$#}@Y=Nd=$p5Rh){`Y zZs*r58+zE%$MXXJc;CKsR@C?p)#}?mN&>s7Up+ ze<*kSgl>=LMw+UxUqM2vsqElExaMeg7A~?K+$v?MIf^ows~F`c_M{ohIAj9Da5+)t z8N~rkW_7SpmDEfl52ne!^zAG|gi<_ z2Njm*ENPq3>B!PIv@r0G@DKV8%G>m`(aHJ0#igqztIUgbt(gZu+wRn=PV`}P)AvpC zn8rmD%2ZRi46qk;v9tEAfI6ks@$fjiY9`jHr)pQvx@6o=KWC?^FWA7ZN2J_PDcDDd zM(n>E?>tzvYHbe@SlJmlay16~L5g?cab1yjhJ(ZJKG;oEO=m0lc(SfVe#BGdQA>H> zfsARrG8v~!Nb?*{hZK|2mLIs>cHlF|lH-`@lAW}@J0roTnQtpkq+XHZO_QQJK~r36 zhxzu0`LtDTlS;!?KU}5I-?tTnUem+~m%Lo<8`-4W1ju9!AZJgTDTQRX-Xhr5r5Es6 zzG#>4uDflqp{^%1R0av8yUke$D18__l&rrKO|sRUt9^daRDM^FYb?K~N=bonD7Yw* z{px9E?NeoxvwSV6$09Ur*fcDLE$r>d>mE)%5HP1ou@viKG>VR zg|fv~&@FoTbLQAPtAH@IRoR10#xjyhbUvd+=dkQBeT1`~ zDHMDnAc#&{aZbpnl^==O8D{9giJ|bq$^?Tt&DG|jkt;yU3M=Npo^&?~!u8W$dQUjf zFh=;l*j@4${y_c(BaJ+}O+%!hiG!ww!E+efid-IVZ+}}3?zJF4ATImh{d-jz;|9iB z((Je@dS9(ois>6fQ2*%jtHm#|pSt2J+#cps_*_{8d-KCu(#t~b;?n;D*TcR7PJ5-X z>f19we9QF6t8UQT4E{^%Spd52a{Q!+VYcsbPDFCK0o>S9g*LrX39;e(V$NyGug25v z^9_^t4y6e~y!X90Y$h56f23C@QI=P2e+yjKBtJ9AL&`qG^~Xl6IF`@L@yd*^Iv7#N z36rFlWI|`e>GO5t4fbM_RL!rJ{6(EYPw;dM{~U`mj{PKPz#lymzxh~W!$1jkZajCT z@K-hG$0*_@@-toa$e0QHs6Bv-Yd2#Kc%@nWbi21M0wGOdGGou%e3US%&N;@Q^h`vr z*sx-5F}AQ`{kf_~#S{WqWv{3_%(?tcE%0NGfr{&sSK+=j<+`TvK#_Y7;QYx_R2APNF1 z0)iCFB~?VabWs7NN=c}ph}6(Kgb)=Gr7OKg={-OQJrt!V#n3~qQUe4CBtQtfQLp=% z_nG-H$CP(I4WBqTNcP%mt-aUzKg;h7+sgVDKplcHZOzM;DvhKOQ4PRHMeqfk=WEr~ z_!E%kFHe!Q#mt^(8v2LBM~>1}Wji5V#URGASV&ln%a$$dcV!6|RqFfO2BatspXK*; z7(NVwbVy6;e>3aLNBJ*HXee4^jK}eAuVOMz-drguM4L9gg@0NT5Mtgm*tj|NMsiO6 z40TA~{tl@a6uPxjLQ4;?)N-T?2bkEhj{vAgz9N|QB;@7d5GQ)lvI4njRIX^0t*xs?;r}Nq|`-~tF*iG)gAZy^unPldLow1 zKwL?;2DOy_*~je29d-RRN>K92etYV55G=NMN9NPjq$=$)OmCfdT{XY(<}*Y;Mw21l zYc!Mi9aNmctgUY@aj!6J9Vchqb}P3(vNkGS5clJmY2(!5beNK#pvaG8Sat=F>!1sg zt)s_xNg!N_~L?9|Kt)6>AQz5nD*oK5(zu96yc!3Foy z%d}3yA_J|aQ`|YR<+Ifk$4a@s7qqV`zO*?bQy$QogLj~s8iqfSO=oHyXZuD2l|`0# z2`(t8+hiU?a+Tfzt$ISUM5g|(?wqDfNJQ4`YU4J(_0Ta5mC-y!$SB37P4!r;q+ z6&05ny2?M#s7pR|ku4UIgfV;7;+bY8ZH4{x9CGD40{GHdDji1NrUHnLFAZ^X8F`c3 z0c&o+LWSd-UZj34fxlTREidd&I5zZdC<=X|K48|byD?N*XuSz7a7&&yx<(*L9YJQ= zdD%w|c(Pf!Uh4kdo-6wQ-Ou@_o`5E`h@14Mnv3SM*Z;>EwEt!MZwUTgU79{FDu3nvPtDWi%ba?Oa;eG#(qAl@j z^p~AcCK0%JSN#dnFL6AVk$Q+al%y5x8u+S+>2v14FMRsBIZ4usO&hoXCH4*;uv|ARUJFmZRvm`DCW` zz@xRGcEx&aRe;IZQT*J_}_1>chN#(amzi?I`ub%X% z-RXz~`nNf#>X_!xig62m&ooG>TZn14{8&Rugvt2*c_OM(kH3{RUgZ%3dU#<4D8q~4 zB|QW4_8XT#yY{w*Z=G73MU9U9{i?$=P-++a%&=u_l0!d121($(g)c=tR4Q9^zB??m zx7RRu$%dX#6VZ38mw665^Le@hzRPZ5P!VHyzD&x_;6sAv7-3jjY-A|DHVvs;k!C(w z`aPcrg#Qri)$VV+<|nb;cOH>69m?Q6ap(aUi6O zdW?LWCopW@*#i`(SG(hbO9m_)3WNaD@7mTnr6C6I z^l_8$fkrBsMM>>jZ|4ieV{VJy=L(o@3sx66emZ)4QUsPgYT>&7;Bhw^(TwV|_`NPI zmnr;Uix;t%vq-C-Ip`vtS#yGNHzxCU_@uWt=iKrt5(^CVmNXD0tl0tAiG@QrUv$Iz zJ6)5!k|ZY?H$=joLcr>sB+n783UTb#Hr2{9kMjzbND>S_ni`RIl0xF=Q+dBaRKc6b zIM(!}k_%MN&s^TP=%g*6zUrs*&rH93yAyE(*@kKdqD(L7>-kg!pHSe)xdg2s{ndtP zU`M#ej!cLhpkiP-4aB?3!?v-In6a=qcExmWGbg_Xb?1l|g^%It< z#y$*~rI=WW#fJNz`i!>aZ$Q_KLT8#(e-WUT9lIpV=a-@Kq#f;CB0 zbX4;31zd!b?=i!8MxE-mrR(q^7fIY;@pVF~tk=H;Izr`t2y{c6Ax+Q>eG053L$vvG zfHkcKB&f8q1bO*je1G9Uqaiqv>Q2VY*l-%J?iWf>XZdqC!^LY3N0ud@Fj2}OELE<@ z4hhbwgOM%{Y1bTv{XLs|iqQ+QkXR{?2vuWK}}w2Jy9xKp%x zk5JuRFYE^Q+YLS?1iLiqi_ZWL-&id=R~Oy8o60~46AcCl+~8{!#d)e{khD`Z=Bp{90tc^o#vAPNZoy(p?&>zb>lTY}v35hl>GEsXf=SY&J@W8xi(#EqUb1{CsPFj0#|S!8QG55pr6} zZSh6%fqzS%;|NDiR#XGpX;S-m&4=vJYjz3jj7c*Jkg=)9GpcI?8}H(>Vt0zy|Fj3&)xmX~%-t=R=uqQ%iRCt@rJnwQ4 z+1Xp~b5(Cn4q(n>bg5Ag#b(2xMW$ZDF1R-GD+w8SLUl+{k%6X;ADK8+lswxm`8_1+ zn;L)CUwkew31tc#!2b!H>?P&lfvFS8UxSqDoeBoFyY0}R_yUHFxL&@JZ5g3T;F)M;K9Dc0c(d=A)U zE((ya0H2_!=%aUw;U_Ob<~Pw3PNw>b*M8gcG@V!3ISxMCm!Atnb!@OI06$>RrRhoR zf=4Z;y%SE=`=xU{$s4q`>#{i^9daLgxud)7m+qh56`{iJnmi*;_7v9(-_g!^A{Fm| zu)Sbh2upnBi_|V@9sQT10`1BP){|GXM40DzC|RuBwntN5Pk^EeJWDJv9ox(@8UWSe ztoeK@JL-g4=){H;gnD%&bT@v7Uddf1Z0pMX`)#8p=Q!mTf)^J9EqUU6#P3*Dp$2(+ zrV43qlB*6oaV1Du#zeB!@H@El^@@q2N$p>VcuXfbpaOM9?c8;hdbd~G-y=IgzfhV$ zXwkshy$Kc0YpzEJgC9-hT@D1jTua`N86FH1k^M)q05FP-1- zaL>+p8ft+W-R$YtKc;F%V@Egcfz9PjqcP%v>He(?Z9_+wf(2BO)RK?LNvPWS>HPGK zAEwo+^qFEhH#_EE`>9?(!9VZnfC?!A3L@*!RFw3G5C6^bBJMNt#Sx=p8S;7P>ld$jog0Sfq}!a;k*XcjXBu| zpW8JWD}?Q|6*6+8B@)v0oeCz|Z=Vn2c)jnQs_(aCMsi#Tw-p!uoVMuwg*b+Z@R0=q z3I1^7;>d69LL%e&QO}-rt#K6BZlBVxnF~+fM09CCGj*Nx-R?Zlfbp3K4ogj*;v|O{ zAMl#yhT=As@5rb!WcGZ5^}N(xu}6#uB-EC`x)+e04M=n2D zWN>GL9BKZ%gJ_3MZiKs>+ zU?J}Gl*sG3k)un~GEdRU8rULrdm-x)tzO9Snb4mzCB4dw$W-aw@L(-m-n#<#Z(7<^ z9NinpvOp_TyQZn%bZ7jzxF!AmCw`s(hh6>3w76&4OSI-4Au~N+kdhh%JO7@<6~B@^%+h}LIx+g zAksh;Uy)i^^Fu&WLJ_TRuyM8U^KG!N(-d>r`Z64ux!v^-Qd$7-)uUZQ!pO-cuiNRK1=V+l3eW8jeN6EU zRong77L>*aE1pgJ^9+hR-){%v(WKo;FAQo(n@4|e982nY0mVqsru^Awl#ds8hQR;`ucC9eS@lv zP+LU~$_VNTI`jY-=YF%5MX|MwjmC2wK}TN1piLWkiKP&G+qK#53-r|^O&Uev346Z` z+Z9vzPev^T7IU?1ou>*yD~^R^eSTULa_|44|vmlL6(OQFM5R8(+E*hTJSej=fj1ZHx-jEj?=1RFeXW`kqwpJn#|l_ zF5#=!OY!I_45q)O@#R8;faW4GYh(zZ{Fv&!cwgppo`fGZLmzS`DIM>~EJG#;&|cXe zD7*4UEPlo)`b^HZyE2JXPnbYV@{3_ZcF2q80Nc_dq}W;QP;2W_=4}3mo}pN z*BQx%rndL)CsDJ93I*wF++=)Ch98uK7|bs$l=9^)S;jD4mo}#BPf1Df{g7tTz39zo zv^ZyI!z)Exh}GL1ZWL8H*H9un+`&*m1t$;Tx~dr7Y33`57R6H@j4 zSo@2>BC!gih|cR+?IY1#jLb>Bvcz3L2f4=|*3m_*f=gZUtqJCq5-R3}3@s`Jwo+Z^=RG;N5ecvp# zQe&Yicv(l}+R{LM7=F0%%tzCNlu{q&ctJ%$K)_Nf4A3O4lajT2EWDeFi>>_hCSHkP zuTktrO%;V$_ELG}{_Rt)><2qk4Xu=%Ge6qf<+Xub!n1<6;{lr!m7}C?FJ&HGfDQ{@ z{b!~wE4kru*USTxQ-_ZdDE5N3*qhuz;B3Am*TF`6q#=)gGZ5<}GV3b%yxg&9-tU~_ zL2<`nissdLB?B)@Z@T2ux6?6@#dE!oRhLC)IR6RB0@>9smO|GyO^4xGQmHaQ4(COZ zI_Eir0bD4H1}`LPZTiYaFEWXvYbF^%hTjFQ6UaX9Cw8jvr@%=hxzPy$ZH9g28AHUc zcFb?JYhb1j!_)ljTGlaw_&UdqHmcLwxlwfF=y^q4-VbGdO^9OeAgCc8D5mY9=i4hw z^%0Y%&KZ-}Z_CmLiVyBLLe0|hGYz_WIL7^ljExru4mr9F6^H?gT=$i**vL4c)beI& zm6%MKQG-&%?IvnItv6uf?%PgbYo~(KhoNi7A8ew|!284DQa}}G$W=wL@nlip_Hu_) zn4fU2L&=pM+v8*U_w|b&6e z>r$LSC%fxZ7Pt-`@emmrxvafr-6R@Fy3ZF$X^yFw44R324>ZT1yS(baO$D49=P7o!dFL0b-Po<$2lxBpwFYM=~DOz6`X$dC& zLJ=(=J6gZ?hCMThuTAQ}N@smxpI&z-NyPZ$BBG zK&HMkT1&?gon{bFA-Uly^5qo}!J6?>4UoZ}>L>3J@Eh!Smwxz=mQ`P8;2LDY*Wh~* zvV)P`tXqwlbHxJtYww7rv~Yi4iJ+DErucEEkKMg$4)Q!t;ehb&6TTFDerlk59D<}9 zu^$7R)O{0Qaq@Y4y4y%6@WXruGonuZ)oPQf##Gf9uJY;9Dz6Ml2?zBA)|;H_=ydcL zlLhmdmD_%NQ@QN)D0vKhOS3)G^`XdIfZG$TfkR!E_)k}hi(^|)(LAIZ*nH$~a5iX= zt4qYR*fU0``Sa2z@j_QZ%MEH_;e*OR$FRyCPHzKUWZr=tQas!A`Id3viH(M`IRrw@ zFc6mfyh{33y5AngN^-8tN^%B{7n2jDyDerlo8@iQ)>ov+V3!G}k!hJ0)5MbsqnX`6 z{u_NM$!7$maw=>~Z_Zx-)+=Emr^o%|CuiYArsT9u>&K20s--rq%fMy=5-NKa3*i@b zfJE;w{Sp9qT~(LzZy4btyPnL^$6VX+;c#6qa;oe zqGmkp^)x`VR}a4t;}l>w1qAk5G4~|aoWwFUH9q~=>()LkG`=H2m7GH(Hy_u&(=mK> zayPeR?8_SiTcMLi<1%fI&DNf^^O^OJKGfJdTJ&hS^i1+&=Yr~p>*5lss8{bDR5M3E z+cr<<&tsxCGK35}G$EyVYf(-el=}&Z$&B8R@6BP}n{5`h>mEsFWz8yfh>?&Eig3+2 z6usVV$qie@8jaO3%_x_o!u^Lu;!GS7^`Sz}pPF~1%X~!1{s^G*w;S>qV-s%8E{yet zMvo~E%?zH88q*2`aG6pwytzW7_4>urNOqxzHvG|mZMV#U`pFkyWf76C=ZBejp=>A9 zYLbTrubDXUa1BdTR0sLiQ?jAe=5l76q@<}t*yi)DwJCk`oJUT>mDy;=ZYWm922N2a zIjTVntSK%jfj0+n@jC~`cb+iD>)1Lh5Q7qcz#?^gi)rcIdkxKpFPMAmeDfVNH}F1G zZxe1U`R1gu7DI4@TDG!j@&0!9RURqTVx4`+u($szM_z#Z@#i6vQ{xSMdfU`6($Nv4 z(8XtcmFgWFVK(oA<4}j8omXqYWqePrO{7U0nXtZ2auXj-CtIJ7Fw5S5<=x8zL)aZJ zr9aw4u_p(rQtk0%dU#6C76i+wGHq!c<2F*X#a!juaV=DRvUuMww80td%ez@znhvKtJEQF&6ej2{BDD$sroncK%H%f;0m z&r6m%cJ&XlJ0P)uq_V2&v9dlCTG%=<-~{R9V#HD5Aa8A{9(%cDa?2k zr$E;m930Fk=UpJR<6&gj2o2|J^lbKRzF*oJXW?Ku>Ni1WK}Q36X12s8&cZpkVaZ4( z#$9D)6?`zd&cN8>Xty!qg9YUy?J>T+Au+6x>%M$@OK7z^2Y&h~HIE@Qe$; zKR1o{9hVfd?^+HQrRHelE)w|9E!5Bn?0j5CxdH{Uv#9vlb9yY%#3CEw1-iaFp}opQ zM`zrGLusg|-7BW>{}-wj+WxC>8Y;ieyZ$@nfW`qNbB@}#0F|C%mX(#YE^CikbjhZG z_0HRe{Z=LJ)EHvIn1M(Q>?HWngYi56w}sEja|`Gm07Adw|2N7acTtyy|9$qqK+Ba& zYvRWI{H=`Y)}-cgK)WygryW;HeTZfAs0HZEp17B=)MEi{pa*cXDF9M%Jq#_Vh+Ny@*a z&6~g;vITPEa6%Li_@cMclvKw=vLR5oq^f&Lk0}LpB4nk1Ht**Jd05s|klzu@=CGra zVN(bf3bf73ab0mPn0aW1)B~+NR9Kr~+1a(|FhGae_qdWvSh3jU+Qma%Abqa?ovff;I>fj8?!%!DFbFkc*M*+axE%l0frpfzPwFgd%@S zI$t_pL7$N)p&ViN3st3X%OwK(L3^$CHrD^zM#8FA};?Y4sN5%-t5H*Z)nb zTc3}1w7YSXF4Uy8o7IsW0CqM}oF-)x3Adx9%HSo2ymZvHkr5cqR8wCHj*7c}k-^$@ zc1$^v^!iqkaAziB%pNB`{q0$+#(gEa%2bZo(|j&fr1lzA&u9Qk^>_{1qcW(Gfzzsq zxl;fWjC$lDmDN6Nv%ED(b*(>5~Dk( zE)|y4&%#m!M{sV&qDrP)Mdh+qa+iK2<-7wkq;)H)RJZJN6*S|`p=DAAh7NCkj-UFz zA347N=8E(IQ#v2POE|xP$ltrjF##R*r>clYDOmfsZKZUVvk*)EiYpyPuzF)$y9u78 zR&7gwqJ=LzH+JThOs0|=7l)W~xy;IJ)e77Yll|OZq>X}!3Y+NqdhZMtyz;4;gP?c^f7k6?miXTO6&H5pCKYV0#jq{o)KYfA? z)(N`+HnEuypAXd2d6QLo=BAgN@fq|8!@ga)_xc&~4Qv`|Z*8l{$4yH1NBD04%l@Fv zb8EeP(opY*Z#`(t^7DF%Xk{{)Z~5C_&ZD(+nY&_%g7g|uj%9Q$q^<-an35``qX6D- z5uD%et768@l-*5xT5tpr(evI}vj28=89 zR9Y$vK2KUpN|tI0HUJPlyUu=7N{vs|&d2&BI^Q9CO zRov>|6c=a6-*VPr{fXl?5Ht63YJ_&>s@h$ra#>$wvQ$Bu0zZSxHK=w?qS_oWjXF9QBLDZ$>1Jp)AYE&3iuhWYnKWQr)x9)LPYT_T?PnUG7aV>Cl zHj4rwJY+lUwe|=AgdplbE>|e`5GAAg@*f9ZIu{L>cT4q7&6}?6s*nvqWLZ3tyvWhSx);^CZAG!Pvw*{ux%~sS8-e_ili~a1vL#8HESe%myTAVxR>E z@?k%3J0B;=Xo~js77cseaX$2fQ?ks;e3hxy)1h)xs^NyCEjIVh47a!iPJ^T-G}3I( z?yRwBi&za?<#V2_RriTC_+Jg6HBVc9lFnTOW(*#gt-eUT=gX+Wx8xN|JVh==1mpyd zT{kWn(eW8#9%y<~C;t>XJhZ3vGuZdc!{vF;x>V??ae4K$>@+&Ug=tDHRB~DRv2P`C zU*U$ca|$MJ&MwyVMh{l;hNu+ynSwU!b#x{>GO_Q$Q^dqkIm(#yW4?iJX>Ermx%A6& zE6YFTdxr&C5`~V5)03I~u6Du~Zm&D1>KowXluTr0r6^gw4-J}Ud?>EBMX<&j4Go2X z?l8zm#9oSzs`hd(+ie?GSr2nG=B`Afl>e=-7l(axzDiY>Iw>LiXd^f3$cTnc$Vvff zcG$^B)-!A=HBMB@2_LZ(yaG9?JqmQ${=IbL4aL{LM%_=_1l+dS<0#|tFFBrlv~>8R zAqzE$eQjaW9put|*X&d7O0LrB238()ntmExa%SF86bNH%clM`K2UNpxb{1XONCyy} zsvE#r%{1ylipg2^Wa!B5ohmhfYF)V@&g5QeVC>V>tae6XyL!HrjAo1s@rRv+*|P$> zU2n{tPVoIFej8RBJ8D@U?XDV}PeZ`xQq*r@A_E%k!!A z7B=uHs-+IDufN$ilOdGqiVfmOdV2fGvcFRWlrhUr`T~hFxyP#_6)0WZv;4~0uJmn8 zaF(xSsn$8iIk><8hBirUC{7RH>W0@?T+M@| zZDe?1zeaWX2HO405>u6B9hIk7^-~c*KqiYQvB?4Ib`YeLR%-#F{66PgI{wRw{Da>S zu^*W}BTBnF=M6CB6YG@PP&We5b?QCyz!;>+)oYSxY^ zWV1UpRZqaSeBL_I#0!Z2mK#nY1E~}Br|EnP%PX2vX`aVG&h7*@1E?G8l}>TgBmZQ! zD$`zFuq%!}(%9Pv#&_{y{>$SwtBLA)YN+5<+_=DBv|eAJ(9evKnJy+A<&*MS-v{rF z6My9N!F^Q#fZcnmEuv%h+{TFm618r;$^!-wcF(Cr|&(Qqy@ypbSAS&)HcCBUu~xnj-j&Fi~$vEPj! zFBc1WM_Kw!c~iLSQKYFuHT;*g8Gfx(SZ42;KEOlmzW{2GyyafPj;`(633qxa4Ca-i zPvFBbcLGVg)@u{0%~<}FS=030< zY=^y1&^r>K0y%p`zj(0PIhnL<%MamQ7=SM^{y2D3qE06VoI!0*_@I8M9@G0TbiInh z>+R0TJ%9b{({;M)%FxG4eRFnRTO&5PTO-!a%Ml12Q&>#Gx}L@+DSj`B6{x(M=hVNl z0wohs%fE;5*@ux+^7~;owX?;{2^Y))qHLV+8mwq&vX=`Qug_}QV~A>WsXrEh6o3W- zd){qYl9-2#mb-VS8iLF8YB1iS4ri71{^Z$%=J>nhlnM6j;)FN=ad^g?_^1vP=<|g6 zxS8|vRfK(I*w`JTPAuh2WOr}9+twA@Jr38T5%s?vd|ui7-mT3Lzf>iWlWqX>tn1IV z>1LzEHKZuRo+Vu#ZX=7)*Ae=+y+#YbK02^zuO()8Q@z<>_zns0C*O+M$M&3?74dB< z(g(0(aJn#xDDFuJLT~88pN;;icx`|6q#t&yTXIZnha8gY^i8r6vTYblB>Lx6W`KcR z=|1)Oaa=fQTlt1L?zEUy`%ASqmkQI#5#DHtDZPvl7B$ak#d6vVzm@0s>atw?bG6vZ z(t+H{i|hO0-4OqGVQV#xm-pSO$fDgo+xiKhc?F5L@}?{no$V2Tai3km4T(&K|7^{* zX`#d1X~A*#;o!iMA4ff@Th%^gYr-2M<_NBZe|w5l2}!)d%V!p8cvcPN;Rw0nnuuWSzr(EJL0+IT?5kHMLz`;?7^}=Cb}x_?=W{jxPT51;eYzXnicNZ! zAOSFcg;9OS;hid?r`x{}TnE}ET@Q3-^C;)#Ms8aR&`v`~#moga`oFx<+370H+7P!quCB|dDm4|p%mP*pGczhaQ_`7K``99;WUkX(lQL0cQe(LK zLCqv%W5nIEX70Bv-e{OdzJ$g8=e8Iw%NQ9sLrTxODh)H>kAqL=b75O*R0viIL&}z9`4DNKQgPOsO7+frqX&`G$3c& zK_6;fL!iVN^Ol?_ zV$*(gqADk38Az^{(E+|f|6EMLe-rCU-LFQAkce4+QH3lc9Zq9B7|#VSa4dfLOFvoi zMPlMGG=^(5r#-}?FK)YkpiBk_^-WQ!U!pjg6R+Vi?z2(nnNa7t9~e>8Jz&Qn+E0&J zuy_eoN_Fb$=~ipsL$W6$PAV9c9v6YZm7eRX#P3i~>!deEktj`to*N3PJB>PKA=Gxl z2#lMJG6y`@0mAFB)sXiCmr^6Irpi1~12)&^lY$~>skK!8gb>u>QSpL{5>0@J-Cj)t z{p9>{sXI6e7+_Z0byMM?N1Q?!q{Eu*Z+Us>!NY*2r`>sJI1V}@0X)L|{yp%e&X@4g zx{kyE|KHw%qtp=Xz3cfa-_b(i%sNqf#7+IZz@=)I$TQVLiksgm-XZLH{B_Grq+h&X zd4&4GZLH5X<%q%FXZ~CaR;70D{QCVhy(eaP-#Ii{zLEkvP-j?mFqLlg6jcDn8xhw~!yRjhQ zw7{S-`b*wDwFgt0o;41aOtN<-Suc1f;V;-)z_lrS;Ofik(2O>XYnGJN7p3g>8GQ~f z&7^0r4Odz_Am&|Nd&lNt$^4{f5v=&_p&FyjxZ4qic!QOpw5|cqJN}v13BS~GVptxH z1k2?gzJ1b?BdhWK$G~(wSv?Lr@iJrIaW{vWo62pxof2{gU%=qjLz^e=xO~H$AIS`I zIp=x;4lFW?G4u99H0(})NJ5cU#A$;m_lkSW?aB-?Iw|RjkXdRG2{v4bNVBB72(lafHNFvv9Y6!)Y=-2f{=BEJqqe&`)JMYG~BPJlljZYQ`5ERNInEm<~$y)_Z7oH8qx zl5XZ@pZJbc8IFJC2H4CDd^<`0vU>YOlldaq?~d9_W7{QhFK#cY*+vNrHJ&JcRA--U z)IZETXF<7w?7+GeIq?iJ292u6=_3(SyW=RuVNPSJGV3|B`UJ`5oG5=k4b=s#OFBNo z>Zm(X;H4O01plhYl7I)u&s?!4pi}vXRQE|k-3v6|Y}DOi6yw4{^dxKPqEDK<^nn=J zN@3>5vmzF&(~`bfRsO}x?v<|E@^YbF!7YJqPS2Lf5CdP-!mtcph_A~(g zS{hPH*OMmTGeG3tyTgeyG<~hVcy#pw7Wq5k&-_5K`OV`8C7v=fnU&_OWFP)mG4jE1 zBlq@rw3UHkSSf^!1$MH7InrgXZd2OtQgb-->ROmPBKSi;WQ}K~j(KfuMBEH|n3zl_ zG7Y^t#c8nwF#}rFFz0~3Zf5L(J$p>AKnCVe>9@FoKC|g%X5iiF* zZ^2$8<*_`4B~yJ?yzGOTL&Xu8NXb%C<_*1kU#1N8(Ia8EM2plkK=Go+=rSh4MXzUe8^KQ1)R@@$U&H*VrY%LSI#S2OE?;bXw*_|SYo#$i zq~#5pv)%8 zL8iahtpEj@Uef+D3xsOMs5WK8qYtv*1udKcdw{RmIpgw4$0{+?J2$drYd9+7P+yl%SyOedG^0$2_ZjP^%~Jt|CYtk(MWZWwjmfCD z9V&rSOJSw$^}38(s2)XuR3rb)OeYy@k|fOeml$?I@xIw(ObGwe+O<7BReSxxyXZQ_ z?5Q5$6}8bZ$=tjVpP)+5Na*08==ep+Ju(Q3f7I_8HQdyYRzydtu}2%jO^k-Tr=7*b zfgf2qhavD3>ylQM%XS52ep#h+E&xIRTG+}NGXieRFi^0Aa8*kHRR(=pfBokIJVG)eh+9||1S(}zVcRIyhzO?On=M+fOK z&k*VZL0BQWY?S%bCD*rO-Uv<(;eUY4_kb|>n_iTcmfD5d)b|xi1lhxt?pzqt;u@-s z&l_4gm6tE*V}q4QVhKJa%F!mA8x_?7L-jmqE$r`MVas2_CBwyUxu>nl2; zWc$o*V(J!4ZhVwfjkvxZ5u?-Un#kj}?$>Kq{poq{%4()&G`8i{=6LJ4HJ0mXsZ^(V zxswmopy1GLUAK7QD{Im}`yp>+o!v4*b|qWkOaKR51ne~PZY*hk$21U~=S7lro5E&k z`;&@g#>lx+&(i|thm}lLUFQstqV=8i*c(oE1P4TGrviJiqb+p{F@3ii(b!+%cOtb@%d8%CM+Z<7mEon^Lqw`^M8kM@ zr>vLYn&-lGk$hA-za+3z4i|p36{ooD1e^=_ zYUTXRq-vLR)dGmyt>MacXGy|bUSHS<((Bt-6>8=JM29y$^~1QQZ<(Qa5o4GM|DKT# zVm5(6)}`s<-{fRq6^AM6?u&a3x@a}eV_>uRssRoceV;OPkwQ`MS25Cw~ z8M_X#Fd|WVE^iJd?EEKF&g@UOh3*toP189i@Q0B}V0T@W-1eC}`w9hTXe@hD_d(&r z!wsrS^+rNMf(Z;%wgf-R%-{tp-lT?$0G^tfRX{tZn4Z_8Bg>P;n(R?2#jIa@gWPh4 z5SD((CDkSu_G;$lKyYKz1ISnIcC+M8?hO`;?AIzora4kIKD12h`qnm3sZ*bMNaug; z1s8KtWn;#;Ur<~?zA;)G94XkeGOWe3Cwhm^{nDRHo_Nx2P zYuh)Y!95|EeexnwtqHytgQ#DYe+7>W9)s#+rKqI;tH6iqis+&HCS~_fIcp@(b(-Ui zi9Azfh7rAF(Dei=^x6?rvwY9PTeou(T$?7B=G$^WUtBIcI#Op%f= zO)E8eco&-U`>s3!D=SsGg29RuhM!t=do|qR{wKTEKPx~s-J7>%UnDQem=4>m^mY!@9!KJ@ZZ@=M%5a#Hj>A;#TR z?eF{ReV&m>3BJvL36qu}++zRMoV707So1_X#8 zxF^K*=5OB#n)|7ZhZ3eu&Iy4=a+A*F$KbT#hWoN|RgSk6ugP&=1)rDUTRoDXTisUY z)hF;~=?0a>WTwS_coMkKZZkAU6o5X-J@}|D0Zdgr941L&9)v6W*EiRT?+J;N8kbEc z=%}jFP614Er$Y;~#zEXen{Xvt#-^J2e#`8)`|{fvid9gO2Pfh<$9#I=`LiUQ;FJN_ zmTi}+w{7!&5D5UAHgCOu%9Z^$t+%D|O@IF~^Kn4s z`o7WXUX3NtOXFc%fpFsFGstm!%y8r*t$r^wvtFPTi;tpLylIi@rQjVi@6C`HJi$aQjDJZV|GPs-(%Pw%FeXLuvhdoe>17rd!u8x?;#g8 zAK=fAmG|D^uk_su2=m~iK)`31f|?~qauzFmOm#w)=4Vm$>Zu22D$K!K)(30zqSLW3 z%FmM;r7r#OdWh!rSIDkhzlf7}SfAT}A5|KfY@AG4cww8eF5mnht0o@cMlYs{pfqp=zpXdPueF#PEpnBQE}!q@3jg*D)a5^Y9&RTN+@ZGb9CIA6?!=*SO`- zF`I#I@#$2Vg)|kC^niEGSPvv@|8vzFLs7C0(H44o{@1r6X1G6FZ`Uji3W~qmQqVYj zC=adlig&P~vt@$4iG19QCJKRmHM=Qlfo6`+`B1i(SGPrjLUed^KBUOX?P8lAl6S<` z<|QYh2kNFqlF#&K!34Ne{y1rAXs(GA8tZf?PJfwB(4f@@Nsxw_{Gu~g*;}`}ItBJF zKYqM>oqctG)1?aS7cay+rrz1S7f=K$Ogt#9PuiSo{&95}k>HinfLjw3Jl3I1(R#wD zJ%71pW>ify2CYhH%$;Ei^s0<7rDc^`0~b;LJ$cttM`X8=%7Q%xZOv%^<&x%)Oc@En z4?M%BY`OWXct1vryS|gmHtw9!=@c#IIMq7S>NOZ+YR88`P?CMmsHP*;-7Poki%i~$ zf|5`!{^R#gLSY?2%w}+xEuM<}0`kBi)7j>RAj@-j4kacWd7iQfj#E(cQxsKFJ82rK zb9D44T{m~#__mbC5ujzy%vlCcAhK9iBCKPNDc+f^mmSBja^CXxnM$GD%}~Z+`|Be^ z8j5Ea0*DEgqp~Zc($!2o1aeKoS*sQaao3!(0f0@ zYuZ|(cB}h$wn=`U3~|a_OfAYJferHJ)jRUKeLud%==m7a{M@wAyuj21Q&R2Vnf05& z5oPfBET~D=Zi_`Y`x_QCbc6k4!kib^Tirf^jV!Na%lJVnvv;Oi91Y0F@s8lD{0Z4w z(;(%Ew0t&x0tZTKA?Hr@wQKoIsN=eiJe+Pm5}@=`E?=^R(An`Tlk;{C+12veo0YF6 zZB4VqEu@7Pu&RO@#jMxndhr{4IYw01o&;#t^m8^SR*Qzrf zY+tn<0vmrX!PE*%8W-d$5-B&E=;GJElmzkyTZZG^?WJw=2l|BKx~`OsHk`t`mkRW?j;GH+D@8;=5P+ab1A)1EFXIi8YgLtugDUQLM@*hn z@6gTD5QCe*`qqH@?|aqVr=#9iT_yM;^+cK$o_x#STMlmth1e(#i5%ag5}>|*L|^r% z2Pvt38+zAN(Ll=k*i7;5`ldFvlSntjz*p$#(RFEtQ&z)ng-^gkU>~ z+FUR%cg(`!uZoXOoJDU@yyo%Wss!hlTUFBu7fDyygLjN}6A-~;@)=b-9?Rskm2YW0 zS)K5T9ho%W^<3SO#-}ODhZiZU?CpWNL5bBcYr~fz1H1Xn3sLn>ei28vq6V5Md8bJ? zc=VL!*}J+X_!VS6ZQHS>^jym=m?kv1cIA3>6`5|(3|1CYJ*myamjNTP5Z%P$6VYpXD z_h_pUz0{6<+jxEa9t$F*T?D)u*xAE4K=?yonH}@H)11&KmtkXv^pOGm)u`rrjTeG=^gH z-9KtK#^=989W&$Qibm*PxOiX}$Vw{tFQm<=IsM77O;Zo$sq}l47H6(pi#j%mq=1Dt z?`_*=5>P-1Pk7<=k(o(LV*khdAcK1^d5aBpfAz_%Z1);S9%@%i``vp!FQMptv|{nt z((@;KeyM-Y=uWR~hQX7w_j;h0%Jww5T+d4b7PUYx^1nP2B%#22Bg6-f5<~OaIaYnk zXu-(Sc4dG>f)tpglBFrhP5v3q;K9H(FYiWoR0AsS130x%SIX$3ymi^2xnmVCc7K@0w?e7 zuJ`sfF@eF|b~v%%acWkuRa5P9G^u~@x?7Q7?%slC=TI@nUFhf$)D-(?K`k|Hg;(FdsaZM3JhEcqX;op)GM z?Xvb!nu>skfOIT?lz@nI5RoDZ2uPFAK|n(9y%(vX(tDHMl`4eZTaZ9PO(;U>Jp>5l z#8=(*-TT}7d}sYfu8SvYC0Wm!-#z!tWQn~_bxg*x=&mIs((Rb&~OhJ;U z!O_{QUP&SV+KS@HD*APsOR(>DfG`h^q?(wLyv5yAx{xbF`(5U7HHj%3A%OmGS(@2W z&?pL2s>Fj)WAh=?=I&YZTPX&U{z2s~WYpv~KKxT=E0p-9=9nZ+q>uyBlRq&i&4szA_)`0pgdL? zYnoOl`}Fqouq3<9$~@q`?yJ}R%o&C()>j5fA5ZdbdT^Igk@c6UpIy9(!$Nl}jl~Ap z;W|YySK3Org{bQhE!t-1&>-PVObNN0Y!_vvP>xv;e27|NX^8NMqHQZM?aG^Dkbg_C zcXsuN0RC}YiRw-*)DDo<^9h^693L*8cP-BpmiY#_J)NwoG`_JEO@U&_Bp;x5VO)QF zn`SxZN<`QcH+VSx8?_DVt$?&MMw?PgX&Tc`umvV!$&YP(OLROq+fB84OH&OEl7_M! z4J2zo-EH_@D))Bbh7{2fn`9AEFsKt>nQVhP+^kI@{E$B8J43f+lm!bA6Q8jy$(#Uq z*}HGaHjxivx(C*hEWhEB_teQ)O$n7%{W*qUXt8ZbtRb&qx!x)94pQexZ0>fVMA=wR z56d@NU2fsJYvo8&(DT9U_@t3}cX8o~3(_q-flt940_OKO@O3#IimZ?V-f)^WyOA^P ze^~c#?D(=+;mSOn;AYloLz6LvYOKoW1Y}`~%~zXZ@vH4yi#bcGfQNOMYyns>XfX#T z8%?82)=&rd2|4||`<9pS@M_blw~EpNkymK!4+m5BV-lKk5CAVP9;mA1wXy;0YfWbO zi#i&E35j*(4zRLLLDKB5!JO*W?)7JarIA20hWAmHtXEHEGz=Px^7L1kzF00Dnp>_< zA__K&?tOq;?(LgR-sZQ$i9=7mSDykUa~BR|qkz=Pha!-R@Yrhi6rHyD*HKrrg~_h8 zg96f8bYQc)%5oE!LpcyFr9YOtTX%cbyI|+Wy7xGe)i!~WnW~Xh0TG>mb&qh2Cp4LN zZm&ZfvH7}Kb?x!Gh(+Wp*Cj>{jvt-Gpd&JKBkDAX582trjzXMgDoON5!S~K*9_T|7 z*Ty!gkNt}+b$d{_TDJDHJRdo2CCu#0DI2D{;%#BLI*}Eyr!kDvTapTl}$PW)iL^#fu9D->A z;4t8MQM!m@-d%eIzUNf@gEZy(^^cJ!Daia{czJf$d$67C} z@UNux5D3-C^l7~%u- z_=4xXb|m>;vYwjeHztRwJDzv1l)C!hu!Z_af_jTtwK*8uJhs`7au*wde? z4<6o!cwTUfU?Wzjv-nV;$=?33uQ2^g(!fAvaOCKf@_9RS^KwTJ%a5{J++nt#g*j!K zsXx(M)e8$_i8q&*XvRB9VD<){Xfe3?FJAu*X@+vRv(=ezCX`DhoHc+nx$G$& z18ejLlbV~vzb2I->p1m0Z9{CNf1gR^XqjamRsW{?)^l5ruL1ha$Na~~_^7A+V_1Y%m2~IxC%X;1@QV;AT@0-`um~W5?8eVj`slhDNrXRf(flM@RRb!9n8M30aoX@J3~^r zT=7f-%!j_B*KkyGwQ&R8PwU73bJzx6OQSJ72tovE>tBPME%6;se2-p9qlb?&TnbG7 zrFbRAf0YmsA+xM3PC7e*Z zp8Yd}9#T@jKTOu0tm-L?J^YO-(2+NYY`MOST?wH}qqyw$tYp zDw=o^TTOz!CQk6Zd6WGug|w9T5ZC6`Mc5-No8%AOP6wHD$J!Q>JFHkbq7|ebN}J+C zymzT|t>e;)+W5{CT*bTQ?P~#NNacm#&I>SB|<^;Kyj`G^}aqiGl_SQeB?%Kn3 z4W({~ZaPN}m!J2UR2fg`fynNYwQzL`BrULb1;|;@q=}tprxH!!BDB8oG{$U2ojYUU z+=^^lWf>cTY7sFsK^5S?qa}$-m?1LjP~NbonJkV`TRM5ziHZ){by)?FV-{%8NO& zO0}w+lHaTc^nG95-|(seVm|h|s6Hs^H6DGyvFT38ze70nC-^+)qqd`{Nh&#%1dEIbyvywz3hv1CuXP-i;xblcU2j=ro_K4I;o zt$9VMg$jwuGL8lfu=kJoUTePrrhc$N0V@Q#43~hWA_iXsrJkWj7N=f}9N&2Na73ik zrRnBBvF|4eOrtO*Gw_uWOPQ+{`_aWj&LZ2plR}2(?5EY+757FrNUh)LT`QB?s3rN5 z9e^;#X&FRfJ(c;4O=T2_i<~oGLEvS1WrgWO;_T${r&-s#^BG0hsF_u;}&EGyODU=qg>o z_SW**s6ua5+9!0d^-WG;C_OX$36W(#_pSc<)C3mGyVBTzAA93J(QEYN%op4ENA@1$ zP>0-_>h5vguWksRX_(U}T<@;(!Yx$G1r1~HX_Ot5&WiFvz1pxkfp%aT#rYnMhyCBs z>x}))py8^Zf{oj5$3gVR@U;xeTBjXqc^>Z18t;|wzZWE2(q!47ah1rEv^CY@^u2Hu zx0P7?`8HXho@Qhj=$~4yvJX((Kee|9ad9DKEw@hZS4TMd%+4@tkZ_w?Q??`>RUx9M zhEr1l*LhY2%r51`)24(tvM^pB!18~m)KxGR(ukaX(Ow;NJ7&|?=N0E};*%iW2w`51 zPZhTxGbaMpMaTVRYz_vejF=o#a%m>{C)-Nz%2Ys`+e@9Tm$R*48#IF#lq!(U6`ry? z*&rmYxOmKROef0AY_MoWy!K{c{_6!;3x7ml<#50yvLbv!>p2UN$f>~qdB|$BO%$d= z#j=$#y-Y-Nc%8bbt`Tz^`F06wvVGLQX`k0X6hgyBJ*=AAp(t73r>w8yLw=!TG&qb7aJvH*hMSk1qO*!v31o|%DXXj`ucgd?2zb<~b=D{42rL1?7; z7=6M0ozaruC4(>iyQM`-3X0DtWXv~!R!|nuv=fltYasnKv=66XT$rfSY#UZqM|T#3 zR&zJ`8qD7L)^wF^L`{~3Uv~!!D%<7(9<+BMIeBFCr^?Z4qBaJj1*T=&d!OxyX2cSQ zx$Tv-Q)=s3xnF$Nd^}tBn(L&=K#d7P-c|kBa~s-n^8xhg0r0eC zOn~S69&QVGH2_2CD4ZYU_{!=OorlH)v|q$2Xce-OK*CLnJ4Dp`9OoQ?m@@KWRx>JS zfCpp$e+#&U`czv3N&Ku~I^n8Ci7PHUu<8ux@?pYCa0D_>EFQ^qDW*k7HGHuJ?p<=WI%D1)Um%)Yk01LL{3d3yog5r= zjdJa`b>{4!NRkbYu=X!c4%S+%9;bj-N>%Ik$#5xRDkWuPros7Q_j0?X>+p;SsTpB89xkmZLGBt_^wM2@fRYVq*90<#@|9b zX$G(0o%X``=f|0NMe)pkkpK=X1m$@mD2i#(ryby-l_@!?>VnbpIA^kS9QN*XMj)$bR1E>RK8-H!RuV) zb=cpfm(1;tL3LnBoEDY@MEZ_#*J-Nq$a|0R>mv!-tx&x5_Vru^&EZ{E*Wr(>3P-5M zm8HQor;Q~Yb=AtqO@p{h3<3*T0b{&W-c9SXA|SZcfAA3A{c@H|Z;czBPf-t#4j`{H zc5BO;<MC?uH=LU<#-LcOTSP9pr@=Tmz>cTI@V1VmV zn-O1oi`5@X;^CPF{Kn@@#cQ;Fv& z*(X<8mFUNu-aCMrwBC^wnyRkRBvb1>l4Be?re7J>t`E55I<5z^H-0imm0go^Yw#Xy zrxv=?50b-UZb+#S^4@v?*$H`%g8M|K3V3%j`Ea)`*kOdEx~DqDCG^NGr-ZwS_cRX8 z2QU@r38F0u&+y|HuaN$;t_fRXvl8vyMl(781^YnmqOi38f_?7%J^PrO{sa5W9td_z z9TG&1@QAve$%>HHm=<)#R*H$qB-O|jQE4aspJp--CP>sJvX>%EvWJGYuim9hYH#vE z0~2uR%9t~X$tJl$^5N)qPw!A%)_RD|q$fx@)h+zNssQ(EnE5mn9rx%66ZY&H692Tx zVRHg+hjFtcugZ<=D$UIn4FN_~%=`~-az*_>97z&Ik9DaRck(;FPr3nayL36t&oacTm|Q9#E2!vVv9R)S%T!a%t@I zcQ4cV^NqpZZaKgfs-U;q<7q2Do6JqwcQs7tX~J*bDKOJ)8G%+Hms|R#)c2t|~{cuIBqO z#-5Y5C$XX}!Myx84sJZ5dcQ#d@t+0rWB%_GlL5y^eVhyv3jX=Si)s%QC1PvJNoj2E zk`g}IeKfNuZd;t}qADt;m~)1`bKr6Md6vD=?#JX78zIvT%5?f(H~t7kv&fg~wnZNn zGgZex#EJ2;xvXtyFF_@aB#L?XSnM#Y7-*pM&_&AB!TH$b5wO&=_jSWP5w)1kp1m8| z`;=+7p>TyMcroqQGsYJ&J=y~7Gygg1a0V3pyG&t~rVtZ+D8_gxv4q~&$Y=nY4J zuz*c&kVkVS!IfLZe+N0L%YOnnep9W}#6Lpzxe!A&jiFIi7rNwF2ZIJpTkGgMe~&bD z=6@g!aPjl}zeF0r3n&v+?2PhgjzBy5)2%XBhkLRTc}wqrd+NUYSowJmSLctseude` za@pSaE-oX;uXxmi_K+ZfZl2I}CL5kM8vcJa4iT*AoQ+nQ`EgEYhDSF`VH=cu+okBo|8o>0&~!#|^^Te^|_MLB7#updDaa zA?lFdLo;v4pr0GNZ=Y$g{Dq-uAT|E#xQ5&$sf!SSr9)l33^-PC>KV{rJR~cCAG~7^ z_@uAXHE1^GLw?OUOwqA|P3-AgU>MQDehk$GU*+Q`u&&cjRWO5*5P+^5lA?bulTLmfJixDcxz84s$-I4U|r`nwV0Kcf) z$rGw3RgDs3N{+u)tw*4Yo8;jreV$sE8&Uh%!RSM2npc2-703PBix$mwYn4@+!rTon zk4Ox0zw_Cem$0Sf)FkD#(>l_@dXb*ZY<-iE`=F#s3t{4sTdj?f(vMoJ@4BdU_G~=V zRk-(HhDnA|&9{c|^o4suH-D4Ml>C1{E)v0Z+~R<@_6^$CRyP{!oin1)_ote;!J`=rr?hFx=L`ICJ8e}zpCr2N~u>>MnptIy7TF@c{zigPnLlK z?z$7>>Pg$+R+(PKMMu{uF}OBC)#G`sopsOZ1n(zF^ybB>_DAB!*_Q@oWfZJNXpN03 z%$T?gGMrmQ=}pmB>rt`pdRV6;6m?#QL^W&ZhBnq1tmQkcHx;aP(0)a2>QN&Hlm= zbJa__VY48B#+kRzw>A>azvSWUS?V*pN=LJMguB|7d38QO0le}@Hl)USDi1*wZE357 zUrm)0YeB{P^z9_C%4A|8KHmMg|8>-a*jb4@d#esc~AU@7aFH|lQ}oW zTuSOq4#ZYf;MHq7}F4`*B+D?mjubZxw zP9vTve**8|LzN$uBV=tb)~>W$mN_*x_qa}7DmP+)K&eK3c@K#1)Xb2pqMQSxJs54- zv8M>#CWWHcaB4e?&%vgIY^qEqk1xIXTL0NNnOB<#mtM$HoG29 zTx&EhS=dIP#39XK3kkEPXfU>N#4&@gwW_guNjWB%F~&Ci)auF+6H$7!G1$Zb8(I~# zy`h`8W_iNR`snG|$spury(G&0{`o6NCU3Z}=f1i4o?iDbs@D1JpuT@U65~3JR>a_Z zMFZc_a07D1W^6+Q%!1tevSi^j3G5wu5v8} zPnU+Zp9Z)WG>Z)drh*cH%Fa!&F_-C2QQbETsW|*oR9``O^hLfx-<+EYI~5dY=wGGl zb&`{sABQx{dn?h8dM4x(ZSNA&DYLyvLk|^~CDoLxmM`)Z!UNbzpXt6mZI5039eQ5N zc%D_V#((y)AzIyJvR=Q8!Bn)kP^W~1#9*}rmqKv~fm2hju3s~qq_e;&?gU$D^$9-| zch3wer1U90OS`jZ6ZZ}-tE zlTCuo)}v_y!xiU_?=dSpD0iK)s)&&ZBRVvaxe~sXKi6e$0V$Eh%@;dd5^65gcMl#U zPAvZi)twAC(CcBiVuLM7goU;`@U||*92)zP_Lh&H(q(IK5qeCzhiLt|A1 zPog3Vq>r!K^1Lw8m!~oOk_SreT?lrKqk2M}KtrLh=9^&)hkc7BPKj@oVk$J$Auz^* zrv0MuJ$c6)%CFH z_o;mb@?OzhwnX7EP-oYZw^jep-g${Y_`+%l;}a#O zkvBFi;j5(^_CeevN)h}c8@ePgGr|Gg1#Xljj7`2+SJMj@qGhywkQ2=x8=}c^5rV%j zzM~IS^hOzca&(vn_5gsH1KrsN4H*TfP|x)AhaKn_WVr?1YE${68yXf77N6dBEtpMr zqBmFX8sMqPqN8N6MC9jUzty*Em_Gfn>a99q#O15t20dnNp3zVMO!^O4{(G2 z)tbg~I33x>=(9MM{l>BpXcK7D9Ei-kX>XdAMxOt=__~Pl%kz=1q z#@>XZlw7i?A|#&B@84O|4$M6FMz6z=xY`@zN_<;_*$S0GoJ)_;r;x%|4$?PzWSO++ zC&ln4U2t=|d5*hqsLBdB1v0f062U2KMFso?mrAtx>kGKD# zU5&(-(Yp<0DCr&g!&e4)OwM}oEL~sPQSE66aDBkNz2a~^AS2ky$Ab8J)1=5NagZyd zN&C2C#Ynk7ZW6|nou$^4X)Cx|=qckZnYvO?-XNdeB|YSiU)14&)mg|B7-zfake^w2 z=`)eooimheeVd;6F3_)doY0=L;J~X}8hSmuCgT0NHw>&Ff(khku~(q6_5a>>TSx4O z0N+B*(1vit#~yBCQEK<& zIOnwakaT$bhlMekcln7VzbF}4>BqYtoNia9R~MyD^^l3dg`GiTa(SaKn3 zy+vE`HvbD;<~O~TD7l{z7GUqZzVztxPVeJvN8*i$W|Bi2tb?-?3LAO{ED0cujkLqg#7Y zz5C6FhiB6RhIY&VPg`?3mHZgASO@qs;}}nuQd_lu?{DK+LF7Lg$6T(Fj#q{M=QQmzvq zJ`-sXG)!X3Oce<>zc4tq24b?hfE5@c--JfJ7hdYy@!al``kN@gkTx|@IGl7L9i>CU z7{#|FQ#qwA?%me;+Nx^^l~H0q0MP5G7Hu&xD%d04_?mO&Uzx}7BGd@aUnKp<3OcCt zM{~>g-ri^EA~&21h~wGx%gC3ViWS0tsN%1$RcFUODAg7glUY#3)%)RHETQPZ|Dzib z9$o|tQ2a}!zAvRD%#GvlpRz69-c0G$whL`H7=9_?c#ru)&m