From 3d649b47c07edc529eda6880a929a0363d6a4328 Mon Sep 17 00:00:00 2001 From: mgstate <44847443+mgstate@users.noreply.github.com> Date: Mon, 3 Feb 2025 13:19:19 -0500 Subject: [PATCH 1/4] Create Machine_Learning_Creation.yaml Machine learning creation event --- .../Machine_Learning_Creation.yaml | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml diff --git a/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml b/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml new file mode 100644 index 00000000000..2ea9a3f3b4e --- /dev/null +++ b/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml @@ -0,0 +1,40 @@ +name: Azure Machine Learning Write Operations +description: | + 'Shows the most prevalent users who perform write operations on Azure Machine Learning resources. List the common source IP address for each of those accounts. If an operation is not from those IP addresses, it may be worthy of investigation.' +requiredDataConnectors: + - connectorId: AzureActivity + dataTypes: + - AzureActivity +tactics: + - InitialAccess + - Execution + - Impact +relevantTechniques: + - T1078 + - T1059 + - T1496 +query: | + AzureActivity + | where ResourceProviderValue == "MICROSOFT.MACHINELEARNINGSERVICES" // Filter activities related to Microsoft Machine Learning Services + | extend SCOPE = tostring(parse_json(Authorization).scope) + | extend subname = split(Hierarchy, "/") + | extend ['Subscription Name'] = subname[-2], ['Subscription ID'] = subname[-1] // Extract Subscription Name and ID + | extend Properties = parse_json(Properties) + | extend Properties_entity = tostring(Properties.entity) + | where isnotempty(Properties_entity) // Filter activities where Properties.entity is not empty + | where OperationNameValue contains "write" // Filter activities where OperationNameValue contains "write" + | where OperationNameValue !contains "MICROSOFT.AUTHORIZATION/ROLEASSIGNMENTS/WRITE" // Exclude role assignments + | extend LLM = tostring(split(Properties_entity, "/")[-1]) + | distinct TimeGenerated, tostring(['Subscription Name']), ResourceGroup, tostring(['Subscription ID']), Caller, CallerIpAddress, OperationNameValue, LLM +entityMappings: + - entityType: Account + fieldMappings: + - identifier: Name + columnName: Caller + - identifier: UPNSuffix + columnName: SCOPE + - entityType: IP + fieldMappings: + - identifier: Address + columnName: CallerIpAddress +version: 1.0 From fe4de1a0bf6b9ac383d0a9774b2cbe8ce79cc4af Mon Sep 17 00:00:00 2001 From: Mike <44847443+mgstate@users.noreply.github.com> Date: Tue, 4 Feb 2025 17:13:51 -0500 Subject: [PATCH 2/4] Update Machine_Learning_Creation.yaml query and mappings Fixed Entity Mappings and modified kql based on mappings --- .../Machine_Learning_Creation.yaml | 33 +++++++++++-------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml b/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml index 2ea9a3f3b4e..84d44cc28f5 100644 --- a/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml +++ b/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml @@ -14,27 +14,32 @@ relevantTechniques: - T1059 - T1496 query: | - AzureActivity - | where ResourceProviderValue == "MICROSOFT.MACHINELEARNINGSERVICES" // Filter activities related to Microsoft Machine Learning Services - | extend SCOPE = tostring(parse_json(Authorization).scope) - | extend subname = split(Hierarchy, "/") - | extend ['Subscription Name'] = subname[-2], ['Subscription ID'] = subname[-1] // Extract Subscription Name and ID - | extend Properties = parse_json(Properties) - | extend Properties_entity = tostring(Properties.entity) - | where isnotempty(Properties_entity) // Filter activities where Properties.entity is not empty - | where OperationNameValue contains "write" // Filter activities where OperationNameValue contains "write" - | where OperationNameValue !contains "MICROSOFT.AUTHORIZATION/ROLEASSIGNMENTS/WRITE" // Exclude role assignments - | extend LLM = tostring(split(Properties_entity, "/")[-1]) - | distinct TimeGenerated, tostring(['Subscription Name']), ResourceGroup, tostring(['Subscription ID']), Caller, CallerIpAddress, OperationNameValue, LLM +AzureActivity +| where ResourceProviderValue == "MICROSOFT.MACHINELEARNINGSERVICES" // Filter activities related to Microsoft Machine Learning Services +| extend SCOPE = tostring(parse_json(Authorization).scope) // Parse Authorization scope as string +| extend subname = split(Hierarchy, "/") // Split Hierarchy to extract Subscription Name and ID +| extend ['Subscription Name'] = subname[-2], ['Subscription ID'] = subname[-1] // Extract Subscription Name and ID +| extend Properties = parse_json(Properties) // Parse Properties as JSON +| extend Properties_entity = tostring(Properties.entity) // Cast Properties.entity to string +| where isnotempty(Properties_entity) // Filter activities where Properties.entity is not empty +// | where Properties_entity contains "deepseek" // Filter activities where Properties.entity contains "deepseek" +| where OperationNameValue contains "write" // Filter activities where OperationNameValue contains "write" +| where OperationNameValue !contains "MICROSOFT.AUTHORIZATION/ROLEASSIGNMENTS/WRITE" // Exclude role assignments +| extend LLM = tostring(split(Properties_entity, "/")[-1]) // Extract the last segment of Properties_entity and cast it to string +| distinct TimeGenerated, tostring(['Subscription Name']), ResourceGroup, tostring(['Subscription ID']), Caller, CallerIpAddress, OperationNameValue, LLM, _ResourceId // Select distinct relevant fields for output + entityMappings: - entityType: Account fieldMappings: - identifier: Name columnName: Caller - - identifier: UPNSuffix - columnName: SCOPE - entityType: IP fieldMappings: - identifier: Address columnName: CallerIpAddress + - entityType: Azure Resource + fieldMappings: + - identifier: ResourceId + columnName: _ResourceId + version: 1.0 From c92e37b89040be2a00ac1bef865dffa23d15e35f Mon Sep 17 00:00:00 2001 From: Mike <44847443+mgstate@users.noreply.github.com> Date: Tue, 4 Feb 2025 17:21:56 -0500 Subject: [PATCH 3/4] Add ID field to Machine_Learning_Creation.yaml added id --- .../Machine_Learning_Creation.yaml | 29 ++++++++++--------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml b/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml index 84d44cc28f5..ab8a4765784 100644 --- a/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml +++ b/Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml @@ -1,3 +1,4 @@ +id: 26d116bd-324b-4bb8-b102-d4a282607ad7 name: Azure Machine Learning Write Operations description: | 'Shows the most prevalent users who perform write operations on Azure Machine Learning resources. List the common source IP address for each of those accounts. If an operation is not from those IP addresses, it may be worthy of investigation.' @@ -14,19 +15,19 @@ relevantTechniques: - T1059 - T1496 query: | -AzureActivity -| where ResourceProviderValue == "MICROSOFT.MACHINELEARNINGSERVICES" // Filter activities related to Microsoft Machine Learning Services -| extend SCOPE = tostring(parse_json(Authorization).scope) // Parse Authorization scope as string -| extend subname = split(Hierarchy, "/") // Split Hierarchy to extract Subscription Name and ID -| extend ['Subscription Name'] = subname[-2], ['Subscription ID'] = subname[-1] // Extract Subscription Name and ID -| extend Properties = parse_json(Properties) // Parse Properties as JSON -| extend Properties_entity = tostring(Properties.entity) // Cast Properties.entity to string -| where isnotempty(Properties_entity) // Filter activities where Properties.entity is not empty -// | where Properties_entity contains "deepseek" // Filter activities where Properties.entity contains "deepseek" -| where OperationNameValue contains "write" // Filter activities where OperationNameValue contains "write" -| where OperationNameValue !contains "MICROSOFT.AUTHORIZATION/ROLEASSIGNMENTS/WRITE" // Exclude role assignments -| extend LLM = tostring(split(Properties_entity, "/")[-1]) // Extract the last segment of Properties_entity and cast it to string -| distinct TimeGenerated, tostring(['Subscription Name']), ResourceGroup, tostring(['Subscription ID']), Caller, CallerIpAddress, OperationNameValue, LLM, _ResourceId // Select distinct relevant fields for output + AzureActivity + | where ResourceProviderValue == "MICROSOFT.MACHINELEARNINGSERVICES" // Filter activities related to Microsoft Machine Learning Services + | extend SCOPE = tostring(parse_json(Authorization).scope) // Parse Authorization scope as string + | extend subname = split(Hierarchy, "/") // Split Hierarchy to extract Subscription Name and ID + | extend ['Subscription Name'] = subname[-2], ['Subscription ID'] = subname[-1] // Extract Subscription Name and ID + | extend Properties = parse_json(Properties) // Parse Properties as JSON + | extend Properties_entity = tostring(Properties.entity) // Cast Properties.entity to string + | where isnotempty(Properties_entity) // Filter activities where Properties.entity is not empty + // | where Properties_entity contains "deepseek" // Filter activities where Properties.entity contains "deepseek" + | where OperationNameValue contains "write" // Filter activities where OperationNameValue contains "write" + | where OperationNameValue !contains "MICROSOFT.AUTHORIZATION/ROLEASSIGNMENTS/WRITE" // Exclude role assignments + | extend LLM = tostring(split(Properties_entity, "/")[-1]) // Extract the last segment of Properties_entity and cast it to string + | distinct TimeGenerated, tostring(['Subscription Name']), ResourceGroup, tostring(['Subscription ID']), Caller, CallerIpAddress, OperationNameValue, LLM, _ResourceId // Select distinct relevant fields for output entityMappings: - entityType: Account @@ -37,7 +38,7 @@ entityMappings: fieldMappings: - identifier: Address columnName: CallerIpAddress - - entityType: Azure Resource + - entityType: Azure Resource fieldMappings: - identifier: ResourceId columnName: _ResourceId From cf587066c092201102701f46bcf50fb5313f76b6 Mon Sep 17 00:00:00 2001 From: v-shukore Date: Wed, 5 Feb 2025 15:42:12 +0530 Subject: [PATCH 4/4] solution packaged for added new Hunting Query --- .../Data/Solution_AzureActivity.json | 5 +- Solutions/Azure Activity/Package/3.0.3.zip | Bin 31516 -> 31460 bytes .../Package/createUiDefinition.json | 16 ++- .../Azure Activity/Package/mainTemplate.json | 111 ++++++++++++++++-- Solutions/Azure Activity/ReleaseNotes.md | 2 +- 5 files changed, 122 insertions(+), 12 deletions(-) diff --git a/Solutions/Azure Activity/Data/Solution_AzureActivity.json b/Solutions/Azure Activity/Data/Solution_AzureActivity.json index c778d63e6fb..66156b1f9e8 100644 --- a/Solutions/Azure Activity/Data/Solution_AzureActivity.json +++ b/Solutions/Azure Activity/Data/Solution_AzureActivity.json @@ -20,7 +20,8 @@ "Hunting Queries/Creating_Anomalous_Number_Of_Resources.yaml", "Hunting Queries/Granting_Permissions_to_Account.yaml", "Hunting Queries/PortOpenedForAzureResource.yaml", - "Hunting Queries/Rare_Custom_Script_Extension.yaml" + "Hunting Queries/Rare_Custom_Script_Extension.yaml", + "Hunting Queries/Machine_Learning_Creation.yaml" ], "Analytic Rules": [ "Analytic Rules/AADHybridHealthADFSNewServer.yaml", @@ -43,7 +44,7 @@ "Workbooks/AzureServiceHealthWorkbook.json" ], "BasePath": "C:\\GitHub\\Azure-Sentinel\\solutions\\Azure Activity", - "Version": "3.0.0", + "Version": "3.0.3", "Metadata": "SolutionMetadata.json", "TemplateSpec": true, "StaticDataConnectorIds": [ diff --git a/Solutions/Azure Activity/Package/3.0.3.zip b/Solutions/Azure Activity/Package/3.0.3.zip index 4b73e37997257e84b8d7aba0d8dd3d3c4a821173..01b2c49492b1c53d2c7e6e40091923d757db2293 100644 GIT binary patch literal 31460 zcmY(pW02_3(zZR=W81cE+qP})!5-VTZQHhO+qU)2Ip2AHd{s%+s#LOa^_|tdx;iZ{ z1^fpY0000SV8Bg8vmjY|Jp~B>0L2ji0PXjxk%NhWlZlFju!*UKt%Z|?oh_}Uqn+)Q z&V?;jTl}|=uUm-!KeT3G9cwaK#=dEeTM1J}(91}+e~8rk`uxr*?QWB#9^%c$CbGU> z$zF|K@ggW6lw;FJqiE=FM(T(eI+fKEYH0O8pL=uwT|O=f;c2Hl0lMd2*V$2`dl?3# zjpFn|S0VdG27l4hDnF;9nnSn-wghbdQvPLiw^eZUbi4&3Q#aPBg@CG!HAjfl)1 zEqnvYCEMb9Q&??%fhHB?xLoOp3`$VAu>58eMbk+8xS#%^X!w&E<;_{qW;A4-DxQOS z(4Q9-`8-Il4^u<@iIbW8tXP0)((l$-;4+*Y6UE_D5Fkx_DjGt{U^^Iz5|^TMcG5$Y zkeZi4YQ~c~wpzlM^^|>igl5Jgu0UE=!}s$fopS~Tr;8CYgUjt}6x2_ko|y|`*INRP zRFIe^k=2V%HcTjf)hQp|owt*v08(|2F{}Oa!uJDJlh&1mxA$cQ?YL0288Q_P;Rl#f zv#vF0c}8|*Obh)Uvvu|5&{yE_FWWP9NJ|(Jo~DFCGf;ZcAoBKGJ0lJBOna_aATz?? zShTv+Or+sp&fpgH(7Y=)T}>u34wlmWJ(li)M$2?1wvQjGUN5Hi4aX5OGp-Qk#;b|0XoLCE{gKSu^3Pb)cl6*v+Aef^Pe3~NJDYsLZ-xqs= zCZ}Cciqho(glJHbx9rbaStPu-NS^04f|Uq5Z)sImXmSt)A-vVIF*7 z^d1YR((1dVYmM}NxBJwyC7Ymc;jDPQG5SwsVw%`^$Zm5y^#Ce zKBzqqZZ=J$!zkxMXf7|;+gw$)chi*awH3iBi{q7`e)?MiuOBM`B+^?w5KWEmTCs#4 zK4AkEV`6ASYsen|a1w(<6BWcZke|RK4NK?N_kGPwBP1J;47GG}wa5+Da+59q_hwJ+ zk!5KU?8<|WXK?e4?Hvc=zYOa*OT*sEJ8fPo6ST95B6Y7SPNdXnYQv=dbaL(6>;{p<7qfu0&&k*M;z~1N63H9>zV&i_^ z1UcjPwwZ35&E=H8w7!*OHe0(jnb&#cBO*)BNlxKjc9x_pl#Wg~;4E;ZXqE@OGOkYU z+vc`0m%7H$ohdC)x|He%k;+E>23)u8C;jAtzzSLX7AH5?K^c&G^ZG}PHq*EmIZY1* z8hYf=Wmjc_IPcC(L&7q&gf#b5eLOCN%pfCtkWW7;2_#?uL$@b#^56uAi@;^*_$^JX7Y1kFOF-O*%4-9M6 z_$(Vqs{XuN7+FYNn%hx|q$X zhoQ?AnORn2hlPJF$Cqd^pH@(8V7PYPN_`(Iez6Zh{kWLqKNLwpQ+>sk2A!SaCiSWn z*Y~Fy-@}Jem!27tuZp+|z1k`96Ekz=fIOn1OlL%H!OIb|p z|#3HA`aI&I!ew5b%GJ zJI|YiU}9J)Ks>_=QsjCPrg9R)$+}2RVrHL>zfdK&?CPj$FM`=AjL>chm?uD(K!Pby zl3V>Tl`Nx8+lzJ3tgpk39koa@lpOPt5K;C3t|QT&2G3f-geaO7OzVt82X_`phM?jj z96SwBNdqsVyroAiBneUA&lkPid9%yrq@!{58%K`^1X$ zN_03Pjz8{-%B~4+*zaE#&*EPS1>S;#RU`1H8?$rqEp2JHXdJ#8th2Intp{9JRq3^9 zx2X7%);GnrET0g@S|AS8v<*=i^VK@H|1A4o;(Xee4iTY6tJ@8N1pOs&4r0p|eqg4L zhYROq{*KA#LS3D1sX*8K&KmCLcJ*ZyUZ3)%9+|&I?(NLF79bei?#kQhcx%1I2ip$}q)8~t&&Ga=m3=Z$vLgJtS#L-3e;B&s(wJKHtVs6smX%3(`hOlYlY02^O zG2TJJxRJtQQy?I0N7_=SG-~)O@YG2NzTsP{5z% z!!m;$v~veAt(&P5&SGiw-g!%K6ZeHqxiIE~siI<}6IEk{1#5lg&JOI5Lt|le%-J#);$x9X64?Sp%g1{M zJnz9M>7LW%CcMRy&~fs4C#L-BBnuaR4D`rJQIOsIAbF~Fq+D)dl7|QL5YN1tF#jc? zb6e(pv78>OP-0L%o>88kcJmJ9+EGI=g!+is%J&9!$6!=$pPa z+T8YF$Kdml)QCtOiFRpz!9BPJz~g!QdwV*94hDpG4V}%swT6;#m8BDz6aS1t%f5?E zV?pw|$ZlOEY)if-FR@#|a;_?6;S?7|vB2b4p1SI%%5XeBDdDUcmeypoQlPa^4UCgO zofm+S=8&h=Ru#-*7h_r6D%A!=8V)(1$!H*OoE_w&paF3rF_IR;L0l@4+sX%MK#ff) zu`1&lll)~`D2-6#%9;5JTxP_P^p^m6!i7nvE77f~kpsCMKL|Kw!f`lFMK&srj7YlO zA9VnSe96^_pv8d_g%sVZUceP!<2(#ydV}yjvkU%Ybgi4eHM9&t zVD$~=;&-Qe3N@N_SaOX^!O#}G1mW?QL|(3@^Jpod>r1d7u0{%y;fIiNgO^;w+%O#3 zAOg#BF?ia8%kRvct1oNJF1&iX!)j4siUH7*(rk5W2>ko!IsG;Ui(~Xa`N5b_ zvIw?KBr`l!fBg>&hkX0^UqPCKa987#Hnu~4XCOBN$Aj439lGIut}-Jg#{!|U2q@Q# zzOc{GYB*Q~-i#}93k>DPNYf+hK{7Bi&eiZ1v0F)Fr-u_!B}%Tt&7LdN1?yb5dVxjh ze+`n)ukM*Dh9als%t#IsX-l! zQxNS_YSo{sSzKBTE*l%Xcy2pvqwVhTF6b0&cL>Jn9_cSsT3V`tt^ljJ;mLelC&nn1 zaojU(HKCU^I=y8o&0W@^k!2N{KE|u3xNbHbwm6N?k)J~9tKjMTFxVYNpcB<@dymkPcr^ zXJj{8BN&@v?yKhsS&}c#uF$o)^l)q1X!Q_RC~$r@laN_-2Kr5KKtkr5-_BznJ%d~L z{h`sGP6M$hAS9ye!}3+p%1Pgkj}H3`3?N?@rQ-;Fk8;3}*6a}qGGgq1g0ko-50z+F zR`to~Pom044x|cT1y|5YTEu^Z!Yxpq;DZdbH}$u-UtXh!E&B`!oi37{cBi_>FflbY zgv0?p(nv1^m5~7hMNWUtcRpa~VJq)J=l1Mm+jV6U<;rCqC8ue`la9n;wn%q{hXp@< z`~!y`19x5~YQ!)q28U8ZQL+-dLGi=u^IgZb7()2TClt&3+T zp|`~Rz4oo6WgiheFhu1hq?G3s*3f$QIB%-^y3*l>hVG%KU1HRPlX3%qE`m$oQ z-XZ&uvzyqy+iVM(+>|q{>GHZ5MM8jH2?9Zh5eHt-Y#0 zg0Vb{xd{*J32}#AQYyqc^i)PJ>C<~p+Bno@QKd@5o_jFR3VT4W{j}M@PKZWZODz zdG?Bc2!Tk`nQIBo9!c%K5^@j_fZv{%`SV;_d5RQ$>;$hf>Q4vABGqfAh^O|Qy@_;S15}Nn{KR}a6TL%j`BBj zn%MoS^6wPE^g|$h0=iO` z!yil@8$FsRFDmY(U_z7L2xa8x6WEY1>GqY7i*aOf6ZhVK1q^Y64Cv_?r91%;ZRq~1aL?JwMJ(&PpQ}oe@(O@`4;}X^eI(98e}PE zX8bXt#Exu3iu)EH#!SrhdD__V;pKL9bm}?u$+C&2%6~pKZ@^;hm%C0x(CteLO4v~) zOuRwGyz19>(lNHH!K! zKDry>3e}`Lm~_!{)42D}igGc~)|eh5U2>Ii4!Pn=CXA-l^3Gy74ahH!;{=hKfYewE z6r71=qjhZCJRP)|Cy3fu2i+=fSqKKmEB`iCfiF#3HL z=YWOZEO=!@r|y@NVO_@oH>HAh1%*WzPseVYu#1mvL+9DmZJzD`Y}WoHlR$(PR^6 z!mQR3SnAYawiU47{#NV;#FtmeQj(6Yk;PNH`NPkXv~2F(uQYD&!DNFtLimUsT6h?iizVnt5Rq3_!w0pPM?Pw4flI_rihR9qBKz;jyfoJU|v6avgf9Ye; znmC;kz|<`{Na)u5zG}uz#T>rWE zLX%N9M57B8(=KN2F9r=3>=y&ia&?gcVxgaD%1qPac~dc-P4p>D^7@66rvKHq)e~mK7= zVK4&kfSP)!juT4_`F`lC6z<4eNV2iSD=XaX3;VXF!yHqLE4(8F^Z-RmfqK78x&Sbp>@4~DIp*26+`>>MEijUj+&LIAN4%I z!W*p$xrh+J0rohWH)A}=7l?z`9`v-h>wytU4@L(p1DNysev1-`TpjfFNh;4-L5 zQ=MqiNt1W4vXXza&7o(-W1B9@TLQX;$?Bi&xd2)`PiT>1goFDoch(C2lFLYB{0G9SEIdk|YX6kv5{yk><9Jyl|n4eB^vt<+P)7Iqp`Q2?M{Yv$NmmsZNu!-a?zAvy$x;bEBg3k@}A|LZ0II8z?`Hzc?jFmg_;rUN9wt zq66^1Jw->8KZGP37kgHS7NMLn$XT$6>MOd z8<$8nv)PC?^Jk5iHeE)~5@Hk*G^gYaY(Hk&*OG4S0KgY^Cf#Omc8&|TtVsK59G%=2 z9VXJ4RsZBNQiJoFBzlVWEWoTl)1)Uwt!5Xdyr=hUa4lRPoCr>Cn^|G(Ch&B<4sP!Y zaT?Yzp^Jf|c3~TUdxJQi-7AK>WZ%H`g> zwtLadT^VgGul{+I?-lbdtygUq^5HPo&JA;fw0ITnO)Ugv4s5J3cV>MKOeDk$Y+OEb z>e$S#z*O@J56~HoXV}cPw!n}OT8SQ3jPjkF?Gf5=PS=Rf>X#yl;-VP zpevi8=NHz$1k|vkKagzJnKipuNw;JhQXE}7#I)8~U4D&u{xycK=kdPKy=HBe;o2(7 zZ+mGyN>^_n%2enAVY5HLv}Nt)WT~smh#~}AXOyG!OJ-nWhVNG{u!{wOmW8><@7$s$ zEMT3B3{jyA8RxA_XOAt}f(%F3j}gsvhyUmW%L;RY|MM$WmTt{X_HOj@1&mYGmNlYH zu1kq#i%@Z`$Kuo&@$Y@nES((fv5u}!!^4guL_Yu#jZvmGa+(RX~nETvbqg;a-F}ClhLX!*o!@f>hTiwg2|421G%8_7NVDe=i zC7@h35}tFD)Ivr4#L)l02e4x7xJ9-Jjx9d6f(`b)wJz?CSv>6DEn1ocO8Cw&K(Aej z-PjQFdx@a`X7e86>_>^QXA|DQKQsd8w{(2zsu5L*N?F0(DrY?Ib*`DiO5?b6e91E1 zz~fyYrTIT>25C!-qJ$yDUnhRyi8PK82*V3e#JF^*@9dl<`twQTI zf{F2q{+_<yvu?f!v?QZMMkB-Kq+d~`S|md%GjD5Du#~kcjbM92*Y9>dL)U*r6lUM8YfaF9 zbr4}+%}YVJIZe@@B}2G5RukklFHo~Yl2umyM5^QxfIi4}}TEc`oi%)vOq?Vau!xbMFbFN>(h7*M$)qIGdKH z;r1>*2-8YF-U!#Y5`hm-hETr)y+Fq&34}dUS%hmF#64Yan#lyj0-jl|t>oo2AO@*o zC7b!HU*EM&A1++U!d$Q|27h@*+v9#ZLEGDo6K2<=Ylh$3z7t_r%lS9k|MhFluciL_ z*Rm1=naqv0HEgr%TNKNrGzA4Lm|LPfVO&+BEm;)(Utc2Za$j#Etv1)!mU1@ z2-8a?IKr;A5`kcEBB^9o>0QO!tYDb>i<%uavMiA$Nc1P>(x8PA5>!}dxR?JEHQ@h5 z4fwC9SNQ!5LSf9d1#x%@@D^YT5+!1sUR5HK-OJgJV3^sMN>ir^x;+~fk7Vs}Q?|^o z_JtF3zBH#%!*$b6ZS8e1J#(&qLfW~r)&WyO(+Ub9?pdj`#5WivI;3h%8#8dKqC9wP z=C7TaqN|POuU$AzU1DiQ!FJE?nf0Lrcu^HnYOprI?}_x!9h@!EqB`Tsp`yGU%#E{? zQ?Hf>Gas4#?}V+8HkU~Y7Z%$CqIp@0Tg3?fsW1re0%)a_0BV8X*PXU|Zmo*O;sNTV zR48?rA4Uac)!O>I0>7II99wL770g|xdsVU7_)Sgb7Qk@+2AZt%E7O6?e-afb{~@{j zABn~Pkz6@AOF}ZDwJQreceONpv3((1eFh(V9|>eX9djXs=!)Yy4$3TJ|LuFy!yDp1 z`By*f$J%s+@Ur))pn?;+Fdq6ZyM^>IS2ps|unO(z#;vndNz)UYDSu;ZTB$Fksqn#e z-IwI^-@!fZ2W{QT6uzMJvy(aKf`F(Fya3wrWY{smi7?Yjra5mv$J{16nQ#T$BX3A3 zD_&J7D_exQVd^L3LDyzp!sK>ag135sF&UBtQ6Gxo9h>nSY2FER>J;r#fagw&4Nhj4Ox6d~P7oJLa?X**wW#9;qnU1XO2I z%sG(0QlbI8e@<3z5A=h}QLmZgi0eUU?Y+qdJ_Y7paPU6VrQ{eP)JnPiNs=0@o$Ol~*>0)VP% zLN3mw;5?G=F5D#JD=G5EW6bwz829DeIRj-Yg)a$MeB~{nhTt``yI2`j8~ZB4Z0b0| zhQ}tvD|dh%xMyXt9iLwX-zwOY5eHj zwwSIh9Zf)Y4gF`V=~mWg|DxBCbP0n&q@aQ8A5p=m$>Pw0@H>~oqRUUvs%2eo z^%I@{w$X7{NyCi8=NvrEZOeU96Fwgj7%3}G>IJ^8L9~s~aq;)877kyl8SyH5X27mc%G!K$en^FJX{%)!F3*!q z1Dm>G%1w!@T()Onm-q^hCwE=R8g>}HGaTxha2bW&^IHA{nLBKDLYuc+8J3&!XIiOFLtOi|#>>Y1|pSGUAKD9I5_(puS26(Yn zUpwAgF_kE17oWvXJU{KYWzg^rLSSd}Pn* zQTjH+nkxpCF&J83=|0G8OtKr5xiRr~a$ypx<%`Rppj43nuttA!H3jRH91S>7A9BUm zh)*%Geh|GO)!h!|2KlBM7*STK!@da)*_VOeis=T}20MvYS&q+{VI(D_SBi_-8iTXr znd>Q|yiCra22yHx5wrSX z>rwGVX1e24;Xp>gfpR)RNFQ^)J6nYNbRrb7*NH6ckYALoVrHK_7C>W z_OBptP@nWDtl=d~rY_c;Ij|sP=##vi3NtSt7u=oQ6d+|MD69x2a3O2-Bbf8LPB?dj zy%uQ+9V%F8QS_EFS#JzhC4Z}yvr_6|>QSjYUJQ*)EIC=&zF30v^&};ppdAdqE;8%%^Xm&2ok+bICx%y1xk@r!HHDa^X$_pyOsJN-QyR8aY1junS^Pi!Go@S-XZ*rlC6;On0>1Q+4s2 z7O!M^zCM-N56i3~@e-R=T5De$wmN=)X&ZAy*$&OWKw-@NeL2Wm$*>b`F{XfWz)s^8 zd}$%hYoYYyp{ok-V{Lq#-Vo5R?o*C%0#VYTUm7thcTpq%d(SDAv$;}sa0oC>@!)fP znVJ8OZ7;Wesg$%JsR;gdrdn_OoDc|@7cI5A4Y1e>m43@lpR>J}RfnM)1f281FMZH^ zY*$=I@p$sj3LjZQLk?4e+I&GoFJ&YuErKZRsp*V;v~Tf?^I;B z|Fb~WAy6-Wn1X4g(mM->a7jC|>U^i;=6E1Ei%4z}M&r`yboNJ%Is@tQpe!o5^it+h z?Wjk!{M5->{v!zhpyJf|5RK_Ho?MQS=mbvTI*A$>#C7`>8D`I@8g+U#J>CxWK|Kvk zSENX>D15j^39(ZZ>GoU^5oBr?;;Z^^?p=Z-1(S}*s@(VeV)MYur$ieNczNk49zlw% ztezS2Eobr_ayvrfW6vyK=@CBrO+G>W*kS=yOlxT+YZZ_xf&eIoI+~GgqnJ#4`l_%o zyO&Pc$a+;Xf**Y7Few%!lTj1+cv&$tz-&)li9t#Hl@zO;&V_D`)z*cV<_l+)^H`r0 z4wrmXzQX=a8eSwBq8=rB6t;$L1a-}UM!&)*iY8>i8=qSR%l8pcqX!CZ)`W4*1=_*k z#mY&^-o=7C$xT%mSz#C%xsZuZkhH?Tp73vAEYN>4Bs6w8dYLm{VkVv8#jHiNiJBr& zngw&_r%AVa7mXn$XL3F=KAzRws5T1Wd~#(f|JdIMFZDYIW4Z4Z)gpC<0$(3Ub!w?Vn=U)kfsMC#D zho^BUQ)tzK1<+%L27e@^4U?6ZNx8*y3F?a%>W74*4sK3%4u7}6{u#$hgiF;K zPeL_q z{tm9U>|lG!BC%teB9)IlJ40~*hVYLN1TuZqgb@gH=| zAdnUyPrIwll<6PqJ{g}?{G>X~-eu`Rq>qG$70JF=)8t9=MKtM0@h-kTZrNq!n8JB} zRn*swRN0B&B@_-&L`CMP0#F2*a;G0QdrJdq5LSYgA9t`&LcJLN$Cz#f%A;KkzGTg*hA~rs|M?&_4zAAI;Xg7&7-~dK~_?gd? zI$=Hakvk_j>9S2%U=NW$D^mEw6EaV@`4trdqn=OHJvg!^k9hiyW4UPh6Bmog#1mfS z%=VR9;j8mwWNp8}`cA;XJG>LmU}8^?@79~jH6zF=1SQo_3EwPOnpl)0j{Lm|F{h#a z_~VUEk-0Km`lSSK<@P+IxLzHg7`++B<4^K;9R!rf*q{rE2~sAy$J3~&LV z)hEl-$MQh|i-+-)%`*4iHY*BFRX=W)(&`pXb| zez7okDkisgeveo2hp7NlYuDb%41S!o@@3kRfxwpI4r8td<|~PvkTXffd1Cv}GDJLM zJ>8-E__iuF6IlS0LyR)NuAVn!^Bow6#i_E|PL+q=ST~%S98IPx@ zBx_`VN$BuYUBpa~PZxTifIv)n6w7BAZmA7Vg)f}FP(1iPNs(9Gb2niCoeQZbyHI688#oFjvtNad_uBM?4-OrALV}(*<6OoKi-VTe z;bEI<*NnX=xN>%$ZF;}2WRSI!LCtp(-wrl-1H4pARp=xen-x^h7rL%nZSD=^2M>GA z^!7`jV9%Elx6MDa1Vsavu{MCTHV+7`9L1A=l)tO(d}Ykl z2EjIbDcT_D6Ib?f^_$<0eM*&+f!TfnFOSizih|T@$Hw@BJC*@=pIWR3` zmc7|0k53h7P}W?0ZzqpiLHdwO9c4B%)UWm{Y7|mYCqYRajhL5Zs^wi;mURX|EH5xh z>N5F;-`O6FVUXNx)}$&p9IT;}w6Ol3kOhYWm?SYfT9H_p-s#bFJm>ou7(ZE?U8l8x ze+d#XRMv#(wir3?vtBY|UQE&^(S%3?F?ABSgfo`}VYdvf;+U*U<|8e7J9szK#+H8z z{p#$=4ed4zH|d)U7ETqMyCoVDcZ$FjrE?JB`tL%<9I&-YKu6LLRgQEps!-Ew=5a$K zvOC^d_ov)`D6{mYD9F3_eogrL*tzky;|0N8hP{Tq&d|Po1P$jQJfX;-{2uwkr92ZP zx2N9Fq!VF780Gmb(PG|bp=%<_Y> zuIlzla`lK2rFf}CxrzXT#5>7}2!o+}h@mVlf4yn>=hGr^;J%PX(LV+WH7i1f1v zLeFP-02*iL(EqG4Z6+BQbPPv5fHZO?AdUh=B`Ns>&QZ1kgKxqI79r83uDcG;juSXA z;-AB-3Z*17HH4w&R+~Phv_R9-*0twdCFO5MEnyQfhH!S~vi<*P#&~Cbl z9H`*qFnTuq6;4p{-XI{mffc*(&o2}A`do$O7Rq_M&FOAq=twG9`e2@nsa!Bbm(zIN zn=sbGUNKCP1BgMaM@O4*NA(WZzam>Nvgkn*gE{;{A4|5x~#tG_H81>J)LuNqI)98|nttqb0X)P@G%jMOcB}OB6(Ky*!G+LzcYeBQYo9b~fSZV_JkLsjVQ|U)F&0KN75Y{d;_Gl~62_zR@s>{E7*ky) z!QW>~Zecm#EP2w{N8=ppYyEV4vC4>cF;a4N0oL_l>*lEJp8zd+k{tPu6?w*PyM{TD{I80T;YA z*ceriwO-$+pZg>SPJho5FjVq{=x|Cdcu_L1Tj1hctq-vnRDI9v7YO1GKY$_Sg>V@6gjpqR!~eUQ zEAoXM2p&3*OvjMD7SyLrwvP%kM#lLJ8zHn~!S}c8ik`+e(wx)b5ZC27!m6!$sl*f2 zUu`(eQou`usw$+Wsy=_>Zu%v4m}(R( zN>*2HB4Ss^5HkJd1$DttIe1^E-qAyk5+zC<1+8h$ zrdd<)vfO{aD_B=}y_X#MNflHF>^}q06vK2K7bc1Yzq6llVmOfCQtu}kK!^90tQ4_o ziej))+>+a_3cU_Oc;2sk^hS^ZEh7K@v|j+en{gF@SEdh5+9`F($OzgcAKj^JVDp1m zrhcsn&#fWD25XnU*8^BzBNe+XS2CEd0{AcOM~Vrk{09}`m_6|3#E;8l@wUY;6y#nx zYEesuf(>Jpm8TR?{FvP)c7eKL$(eYlle4-bn+R-oGjEZEN11RKtWIx`V2Y#RZ|`LOBq3Y}6ObPq zzN_DmJiypP8JAxNHTvhwz8@HWn&;=^`_;#T9v^a^PQ+~WOla|`X+FkQNC8E=SOLZI zuYac-{`$9w(jhnYgdtSAU?G)xxPP&0B(un`f8)v2F@ZibzJ{>`VC=rWBOQ|cyH*R# znax4qo7?D>dxZ4fxBm>hdG!><2|>qo)-ce?6e9igb>ulIGaC1poF?!W?h9c-k~HCj9J-w`j`#|9o-_;VowuDSj2%rHthFTzPcSa zcTH}2-R#}AZ_nMfJ8$h^)o3Zb3hg;_v;@_!0@Wa$L3UR6Uf>exru^>r;VU@1k9Upq z9W21_g*M?X*DDQ86xVjWm+v5^F0PZ;F6X*(_?23y#xL;*9j(ISk>&XLDbcG>ImCu& zp#SN$KnK4*@Xz+b%TU%b|8-(NiKUp#F1>W%x;yT;jemV>v# zx&H>3x%NKLMqBw@=MbTbLb!}bQiry5_Q46(dZKM9(5roa3a0Y=P+d-QHrLPGEN1DH z>sbM89D?@|v8(t!_9CWcpANaKuwqd7ZC1B^dt9(V*G9nTHGz*ZDt)e3mtpcNkAT^( zJa-Z088VC|CM!l%Q@6WxsLY$U1J8g-qQ2cd`|iFu`|khfdh%agJvmz9e!)+E!82=m z-*Abh|D)@fXvd7jkp-Za73iY`u-AV=Jdl^W5%7Eo8)WGXzC2#*j*{8$PYA<7?2j+6 zIo$?`y95p*#osMAw?s^Jn5Sf)hrnI1GcFd%FyDR^E`06ig*MBGH8|Jgs3%HR@JuE0 z`a2oC?zE=@KM}}-A{7m6iEs|UNP&jzE;LjH2MF)ok@piV1|9c1(A9aYTljkLd0;_? zzJpX(1MrmkSbi3HJ4?7<7+>J1PETfEgjtXXSwg2Z%*`Q$Hq@$@XCimHdE+!onH7ohPgy39MDV&wZ zAu}HA?w|ozgTUCrm?CZ0_MWo7$_lZQU!Efnop~;DCs#%2iP|UA%G$LBL8cYh zm4s2I$K&N&e&#!Aq7t3_^gwRre6oe-`7B8DS$NbC4Ap_$0?@s5l8DboQFyMlfiC@F z86V(i!USh8my&mwAKl&P9wJ;!Otin`Mdzp~&68ns)H;BPrMgko5g#CBE^0dwpsFU)Qx-yN?}MG}NL0K;?=Z?+qdL;(DWqVc3430oI<+ zZa5T$J1K1|jz{Ymv)RNwTtp6R~=SP5fi^ncqe2hcSC0mF-~(EeG&sXwb^b(rP> zm?I6mlk(U-C#4(wdHuq*hl5JjKft63vr_nPn-6STZHTphT8R7Tpi59xp5||d9gk(J z%*=M#1sr(G*+{^~a&+&v{YLvf9<=R5$4&wWntg`2TCWYr<}>+T^QNSUS*y*6;}DY2 z?sC+@g6QtQo3#g#-SiCjR#U%ToIidaYePWdZTQvP91V41Bi|U0BtmvmkyWXb9u7@z zeY08*cS3gEvA~$SP#pYV>fmn!1vdS}@}N78Wis%l`W$~4E8jOnD4v$;oy5U80(<+N0c5Sa()D8 z!1~UNz>8*4wDq;Ud-KLxJuzYC(l1K(Z1#c9;R&T9ZG!a3I!t$uTIOzPo}uQDAfA*n zCUeJP-n@UjU)+`l^m8Vv;OHyV%f zK)QhghP2MzAGpXD9BjcKDlzEx$YW1HJT;CHM(~%QR@&>V8Hw!D{Dy{plTJab0B^q_ zUIFUHG%r(2UVPMbZd}y%e}A4w1Xoag^wrI`VOptMdj&<>fuLw=XT`#Tj#Vi;4D+SwGu6X0qu%*Vg~|G()~V;NPBrICsfO?ZZFdI2YJ@(_y?>n^<=$*Ckj@ zK#B4a<+#tZxyp@_jk5WI!7>y{BoC5#GVpmu3fFe+7pn;^GWm=~a-loJd|QO}a?Z?X zjh$5RaMmUFS1s$T1wwcTlRA%`+|D_$)X^M#3g*jwACw)%YgunFHrPALmccm@=iC+` zSxk}xF-%jK&@+1j2n}L!6M*V60P#;^Lm@+?`^)moG?7xpU^QbrL+X!Dk;WO=3lCE9 zoNNzZQwn>x#2!goEYYE8Wcv@$)J=qPz!pKm3^g#2hdcPfP|nc$H=@v=X$vB+tt@s{ zC|epZSfb3$B{@RF#Q9+;NFMA=>6a#E=P5_AirP5Q@JJPLa>gYW-8HX%Q-APxa1}G2w8c&pit3)DoLj-u`0HJ zOtiQXtFuI=_;S19M5?%vEso;KUz!6v?H;4U*t6LXS0|G0E#gkA=Y}p_*22uXTe&ac zVgjmIX+0)K77#*Aus<%=9$EZ#FAW(KKa)(KHKzaT^0q+x{U8P)o2%#Z@yi3kHrO9} zkU=Rys*yJR)oXMi5XC~=E`!nUwB+=7!)|a_69`5@S8${TKPHdO`3vjxtM!d>QJB5E zznBZJDo-9=vRG=r4@{pjz8DeDihe;Fw@}fjURf7u219l5XcSxZ<5bgW(h&;Q})ZvjjsUY$Q7)7vMN#3%bQ#K$Yq&`;+ zJEC8ikTNHr`b4ra(hgawEUi8U7{+hjU<=qz4HlqOF*c^R=9B6f6K^hljxJUfiKc&H zw&)y&^QlavOeQ*xHyO&Q9`I@wZH>}3klf`EhOCZ{Rd}g3N2jKSmIHyGrpuD5aj)fz zJM#{2#izX36y!1LJA^@5lZA+K3pHxY$qF(3Hnf&$&y%%wS!!?O!YT{yYTc^h7Bk0u z?gEldI%kY1fqN4(b2&IO7@z(+BO&O*%#M)YN1$!_cW(03cF1idP7g2ocqYKMq)mOBNVmgwQ2|AD$Q zHh6-zpFpSDY?h^$YjAt_#c}m=PByp|jLL@j)(m~2+M_^^Sf_SgAB!Eu0=RD!Fx*1^ zTU8lbPyS}_tSKI6?bKR(#@fGQzzL>#r(?HO8o`q~q5|_~8(%r3qD9&f4+hA&M|^_{ z5oE>UR+sisbZE&oD14qGQWL0~{i)N4%Of_H+YyZOtX;60s$?93qtShSyXWJtfeDaA z4437+3(JN|N?v{ycDBs#{g6pn;#^!?teC9(G&m$*`+s%41CT6T)GgSyZQHhW+qP}n zsP=8!cK2=Fwr$(IZQGds{x=gd@g`nnR#j%?$rBk-QL)$FYn{D5ujzUE>6y?{pj4pR=6`sU#%BM}@rX!#p<>%=4oOa1WfLn~Tr)|wlF!{RFn>{4o_$s*>Bg-l`(zVfH zc*1F(lO!I^$lM;(BQ#!_p_c9T2L=u7_m}d!VG-Gep)%7;Fs`YhO5nCGXYeV|e zhY{m2Xp;+s*FB}da}>aOxE_-1Z)!3eehvI`@`K~B8ZkNL4F+Tc049BTaVH%FiCA|8 z2v~c5VvWVof3arLSKm<+Lzn5EM6YiWbMm9e^vLDs-=Fc?Nj8W|dbkp^u|RR?@dF3Q z4|%gBU*(0z2}6?8_|{+e`)WXKs|XqI#98lhqUF+P+?@5i`l5Z0Z&~k*LC=$hy5oy> z`V<)dIY0Wq-X2vY!d57wb9N&hTjUAq`Fne)y*qk8O}vh@T<_%ie|di09#6F71@H>` z_;B+GJ6;~~UQLyYq~LjzQiw4_ai&Fn>7zUkvyj+(rCH=LY*+TC_y7F-{H+HZH0qn1CkV<>q7P~{2(4&lABdX}T6Qo+YPsVkU8 zznxxBO{|qndh0rQAB#d5ZT3s3p5XB0P_AFh>iak)cmGBHrom<*zxI_wV>F4no#zT9 z&_&ET0kPDz<%a8X8#5h)YMVye`*Wr|p?UsVbr7H1YEw0-*1rz(Ehj}dy|-Xc>;L-j z`ti-*#q<48|Mj}?-cpv9b}Sh1ar5+V$?Wra=2*kQY+~C#Ng#htDC~^S@B2#>rCT1Z zRj@!Pl@{3u;Uf_%!|5eOUZoooQkyvCP`qTcvG<#P>RF>F;Je`WqE2cX2JuhD80^w5QqG`&Ba;K`~ zb@4x1@(6kIkwVpq3I)`B-=HxsBOoPn;`xT>!mu zX3C>+iX)|)&sEb_K!=Xp{#c+MEmKb{(1qhUt?1$Z(n%QZ?*y{f0A14pSxBAt@&0j=QBd;u1#j!!O{M~SWMz{$ zAg}{%LM3e0ky?Wl8HR6)yb)QXD*-wBw^MghL_Pu0wG_LatyoUIK!AA9&=ZT#3Wk$} zLkR#eSh%0|gS-q2F9tCp_N337?=MRr5E@&BSt*AHV&6{=MS&lA4|j`lVjLl`j-nH= z@>#Qd!>~UDiA*5?DWf1KVqVGH^7w@Mf{W;EA@J?tfXa%Ty9mU(2w-_i;ML}a&yBqb z3nc1Hdn0i+Dem|3fm-DmXC>&JWV2EmB@VwjsQ&(KXhnK|zjJ1dy7Zb@r!=m3D-VUI z#lyaXtWx7Lc0g_D7W;OljF<5p2OcB?qNVrpCmBt5y{^8=@Vl>7CAmK^`}P>w=j`wf zkAw~a$uYetEKNpcwb8|w*?zsc7>r!2Vmt5FW00Eo4<{(yQU7i148+K;vU5Stn7mhC zZH9hYbOJ62EhMIsv3AvB5t*PX$X{!v<0goy02pOm|NZ_e1;+6~qWR zYD{9*=g0I4Hxh(~UpyPAq}fSp$zF26o$VZl|CzrF;JhCo1m-hrf)x`A$QH^J26wz>X>-ryf|# zR(LeR6`WWFiDiV+)P04@iHAa^01xe#q=mWrnWADy?sybl<0Rb`o5cu8m zu$knaQ~3JGU-}$*$Y~-O^{*%|(dMOL3LQNSyR3g-;82f{k6BAMP%)I+LA?h1Vm%P) zhI#Hlpr8OpR@K4YUEIi%U@Mpu{VGgH&3t3-tBV=PX-Ncwy1!JTv&mHYke=p7q3oRK zmPINh$XreObT9gKp}48be@C#Psfr7$@u61&swp(M*M9#nV>DRt0AOk?BrW^CKs2~f zQ6{3>;PbXMUoME^HcHUM`Ij#2_)GbQ=YhZjF;vrfa8QzYbU4YrKt2fwvRa8Y2M99U zq}3qsu`^XgF&7^U(+w8He1$w%*!lHdK)FXKI^C#|Ry?{+E<+k))_252-sGw`^v5q+ zm7X%acC8yis}D#C+o4nvBDVgC61&J!5g?dd%tU>Bf~_F3f*Mn;Z0s`KdFtf#(btsf z)*di2=?c-p5Mgp5Lb1##i}zPtQ`rvlIM?^}#)9W24l6_WX9{{b2Y0EWg-rQ3Kjhy8 z^YRZ8WipvKR?iUHK87gpNvSoDZ{Da1xZX+Weug}rFSd+u1S9~rkUmlC@B`-lT4x-0 z2M2*7{TcpB?Hc9-rRZg}ibEVdCpBPwhQl1hqnu#ORHZNF@r5wursT53d5v$8sNJN# zUq+EU&#t%S_EU{FVf>htW6oc=DM_TdUc;`5Sg>=;0S$PnsfoIdax89r?EJtrr<3Hq z8oQ8gA=KkVK3lbSg{#dp=5O z7KOeF*BFnSA2o*6mnx?HZ=82@r?P&G^L6LEM6@NOKXsLhFmmfZGYkhU?HUp$5=-jG!E-Y;+9h>Ze(Qyi-Lo_6B2+o3(}Y z_mhix&NMzM1{U&L9^_O1m#i>C9`&xk{YE$u4;E^%f}>T1vlkG1G&++s%OX!}wxcqY zys@wAC?`sIE4KSpBXTFifv)~XA<#}{x~#n4h%BV ze`|zb8q##I@I+piq|wGLI?%1?80mz$o4I*8f$5GRQ6Q)S3Ks#zz)b_Y#+C}YpPQ_Q zqWkH030H!E9hG$UGtt(9y+i{AP%35|^F)?}D!kbc&z2Cb@=4k<71W)S+vwkUib^E_ zYxd$!w-dWIbHu2|?CWq6aBG@D-k60MoyXdScQW>`6(N5RcZ@yHnO zNa9tQ0?Rc&zMA`3_=svvEAp zM)pxQDN%%P#??8_@0I55sTA3lM8pLDBnYoqYdu|#=0u~${F2+>j+oqf;8+-y$jG!M>Xk3H90w9;eJfEz?eYoIkKgrb`z_Rc0*-M*PHw%qPoYO$2f-=WZ**YMImVm-UJl&+b`TD%=lP9L#8BDr|9M8%8R z1PP|&k#F75j)^w6om;upJPB&Kd@Qo$&Y{?JMsEqO*1@PIlf#@7`@^e?lsSyP$T~vX z+H#w8CwAM0aWF))m>iQcHRi}R?RYK2RR&*tOy zi49ZE6alCvk72j`J!$-dw8+-%xo)#x{wG;?bE_57pinOvoSr3_@7(epZJqgY;MF(( z+e4CFLR%vxN9wO%xI3?}=X2ll!_ydwgST+!7UiwFZUs3kHB{^6h6Bh?EC{!Q1j`3fSpTIa?Va&OJwy?#KC zgfXI{j!So7Si_YrP9l`iw4LjRZ9)^!DXq?`*!{N^P$RqX8u|d#nWHnT>-{lhctkW= zWC?sD*Tuc}Cv^ho5d(K>x4{{b5RP!@xmwJZ@8tK|Zscfhi)?0cwt9x_VmqA)krPjfw$tXW2ZJ(?Cv$;vjp^I%YwU;yTd$-mf^j(d(ZS=zdS%(2Wx6|8j>4Y^EbTtn64qbs$SL2rcE<(7=0Lf0?m4 zFT)!*|I6c1U85@=*ECa(`w-}ZW{Q&*#;iHST1MH}Je=%}9+cuI5*dLIB`3G4s9Z#m zF{lV#T2AKk?MczTVR7i&6H!vRBg;MkNCTftY|%<~`t=ZL#OB&D@Krk$-grJUz_+*Q z@F`tg-7Kzc8D_z%WX`Bi3cz6cE|4AJ?i)>*XYmlJzAZY_wdG82qmw=+k-eoH}KtXtKL2CYE(V zeCzzkCXdDwX1-_hH2eyZ{UItJA9GZvFqPS9uP!YQWUl~S~~mxqMfnH@5EwEY~&CMCig)ox23P1?a_-fsUs2DZN^eI&yk1AF5mC{dY* zT!Sh8=Vw>4u}^s~(pV0cNS~2uTD$?IkV9!i42o&K>%CA%*tBk$p)%BrmL%jV$fJg& zN?ZH)ANF1@`i55&C2&gCm`U}ZEbZ}@H6)W(dRiMX<@Wtows3D0H0J?_Cg>R!b2FnQ zmIrp5oKDR98x-;6XR99AcNkly zar1-(P`S_CTsbI*+5eWFIfa!0TxMlg`+E@*b{-~cbB?kmGmRrsiA&Di%M0?!QiEKV zGOP%jj*=)+Nx&+u_#@WZ5pZgZ8h>zdS2i1~NaCBuHBr85+)eu;_NPMkxe1k7ghMh_<7i8BR7F%KWqy8nPF zjUNMrVHf<*yC3X=h{BLi(7=kClQDp-#Sxv%$)NdALl@>p2k??xeW<~x(l^r4Q+v2F zGNUnbwR~vl8%87xf(T96 zoV9P0=>E;Bqs;SY(`e4e0{V~(IpX2f>HCxVM`&&s#$L{c4iz1dp7nBu8^~I*I@yqh zBQmqOiu5jr0s%9-+!_b9h1Flb$N~50>gf?#$@XJ<_@?l5=J1%!v zV4s+I5!kz|f%8YhlNC-zt9dZG0uV_$C<%D(Nns0g*JTJES_Izgtk3YGhBu#i zt^Wey^g2RRDM3-@EjubBQX0y@Q*5gA7) z&~lSSsL+XGhTn&%hzL2z5tq{;#;M|R6PB9ic!lBH_Hl#3!{@2eJ0T17JXh=Li3(?tnlRSH#K zsVs&j)j~Fk7;+PMPy=M5!8Xd^qwsuju=I?HP3rYHZWp|FAR{GxR2^k zNIqx=-h1*Ku{PyLNBcz%WzFptVnTf2HwN^R)R%B$a%!ZLut{6y>L%ak zP0vo;Mda|wiwY}Dz-jBZjjMND(Q$hs>|nKYJ+!p7y<1&q(&ME1$N!cldZ5_r1kkE+ zI&0qYf~rZ|RNXy1+{xFE-O93R|33*5>E@n_qbc~W)IN(G#?;jt1nKxD$SnX7>=zoC zmT-Iy80{biD8`XjB&fP4ANu0H#3)p6VmK-0Ba~qeXh-_`SJ&&1T|x1?5thq<*WX=$ z3EC-4Z2c}4A?ZlEK^5Nq-#mDt3xp68^Y>tu{jIvIlEq-ESqo9#vnIb*Lp6arsJsx32C8MPenNDRC(WM6%%!(i%B!nr7^R~{S zwqiuac%s>ipcg#uRGu>qgTR1T-=DSty4ExJg&6(3(yE}FlF9d?B=)kYNw5u5f&>S_u$9aGF0(b3*@@D&u`N)|Ha>HY6ZW`{W zSTta-0H9>>4h26fgvwjhb}?!lSLslV%Uo%`+I*O70SzJ!AtPq6M(x0-m^7An3A-oA zMHQCbMgBc(2zef`2Z|D;CPP~Kjs4*tEHJrbTx1?`p)8WgT^h1J0m#GO?uO~bL5c88 zHa}Q*?$7Zcu)!M%+OwE8Aw|3t_6!u#2@+yyfZo?sF+sLC)RrX%h8xmACE`}onJDH> zukb=JclOww`CQCtS8eZ#+!)J9G_=2!Yog^cN3P$`Vmz^bh{94kxIGt~F_^p(g76I# zW1ot1PBTM+Q4jc6ZC?WAYzuvV20#hj1$k_*)`{1F^}9K}{Hs8;KAk_*A{rFe0qHR7uk zqL{1QxBREtfsQddNLgrqtd;3LE6Sw*-J7Xptyv2S0L`SR z(bpd%r-ic~8384HV<()>;7#lBj5^Dn53>Zhfws)l@m&znndiHrxLt|(+gs_O=3mS1 z-%=&9=YL}*aMR_X-YlqK((9cM{~e=?ki@bPmD+g}g-DB?lh3}QD0NNe zAB53OfrDx?iBiE=KsevKN-!-5vtH zPARqjnCFQuuC;e*!Dhf$!p1!P4D($T&rWNz6o1 zV~;C1)9ext{78YcJAc)VOhDTnuX1q4sRvRp@I#=i69t*`@_5GMN0Ko&H`>TesGsmbQ@tv3(`yZvF&d}1r(CmuHSH!wdcMVHbVZBi*Xwi7gGX03>)2wCOr`LFD9bqc3TKxou6F#)D~ho zTE}RwDYPvDDZ`=@6h|l;=F{>( z#dV}P{i8yAS?v#Xqw4LRZ36w=^EG0j&eB>?sby--Ro4Jxqt% zeboqh#z(W89Wp-D+}5+5IdMDd1Fc@Vw4}&Df&94mfuc*tv?B|pi%Wr1PN)6*4Bj`l zO_Gf&F$M)?;NnY^nmWrmTM`NmrMS8j{q$7)Q}L0(OmRwVc$>tS0`E|T&S7cUD);~$ zLWi)MJrrfNulZRB%`E@VqHjIeudV4@hpyKgh45gsLBDI3Y%qEY2`q!EKm=+H)0=tA z7Icf&Q8oMd0R?%}C48olEzfbxKeer>^{s{s`?^$CF*hu2%uKitLmWmBz<)v#nCa9H znWV(KeC_{u-)T)2)NOiu9E!ncEs$H}?utTgMrAfO6GiV~D>Zb+zyKap2uwB@s#ugC zCt_7c*Z~0z1o0dTR$5l2+8mz$s0Dl2y8W$u!2{;0z#kyG%Sic#-03wGs67sPFXA^f zLgGYEd2iz(^&hG8Hop@`d?1JNpp_?qqd z(5XJ&{p!JqDE#T;l1!;vJ1oYw4s%B9@|}OVOl0VxAQtACX6NmmaAvic4zFYZvH!Fw zlY8-EW0bY~ll}|SAtIcfx1%Qc5_mD~i3?vh)?N#&AJ;1pb3eR$Y}vn^xW*=9Ejm;d z?*eP*HaMEgzCUzxP(0v+_-N+&`c4Rm|D_9uoAfwN@POdr-Q&ee0DaHio>>&(5zx_H zH42Doy7u)MA0%es(uq_NqW2?2ZRF+a2)T^SHq6&MGn?4yAvKA`XSze91mbXZ4?2g% zaJ9i;L(m4+y$__bv@yV7tNwg%$kzdAJr4qoz|qY5z+q|T(djJv00Pn&Y%S_*q;%)* zTzd?I7B-~fYwJNTo9&Ci<#T0Hz9Md@(zU1;=E)^=CsR46Q&d6s9eCFk;)ZV`2Qy({ zxbAG3EF?^`gPnhh^S@3Lf6>DbT3QpdCLP_#A_}eW>%fS zM5e?f6$MlQhyR?YDtHHC9~tL7$Hc-m9IimZFFOLXrr|y;WKCay53{l34o7BEtioLOTKMPjMt|Dyf``x0~whK4p3r6-Nn41KeEh^C zPY#yS1SNdme)Lc9m81dPaq{{@FfZ?dm#{rr#{^nn;7%MtlzV~$%@h6fNj(>AKYf1I z9BjN>*k{*2!wTeNH|Ho+igvOx{knFn??9Z@U`+Z{0+p66;-S7Y-HYKrP4dVc1$n#< z+h{?=?>+rHZAuSl1cX>SV%&Rx1G*^EW%?2sLAm4%-oc%{g#2Zb&Uhaj5UAAhO zloUB>e|6;CmTp;_cbS9x6(G2Idtd|fW8MjfP|dntv5r3j%`3(zlhaigw!VP6t_qC=1I_v@uo2V zh~+cdJMV!gMYqqWG`|l?*+CrZBn>yDuV4$D3fLMus`VkC+qDr<^=z{E3*m7-OP7}+ zy~|3@g9QjKh~N`i%i|=d606sxITncnEY=F~1IkGWZN~xmb0o?Q7bw1Wn8b#ihub;y zEDZD;=HZye;+y^A=vL*_rnN(C2Y;maZh+0F7*tZv=%| z$I+eMG(g_sRGy;u3LvjhK|odcEIPtDwz5T%uuCtSlkD!q=MZv^2rKu1?;mk^3Kwvs z7o|(NQ+XNfM(NMmb11%3<{cR^6WSh>FxC`C^1Vx)%EI~0%&9$xtnJipXU_A*-@b9r zmOUY_(idw;Dbn?xGu{`Ri1_s0=~_afr4_}GOU`&bdHd|YhqMCix>)=vGWJv8AK6)q z89tC@4>UH-zIbhqQo;wBd!mG3#|JW^=#PE&&qpa7aAe_k_BG}CF=TpYh~@lHgd0_& z47eRv87CxeUNPa6n`ibNo(_L94sQpv**!lI;IR6jrUOm%wb2^Qr5?Xz^%GUFTn0@aa zRycYV?TU7~IE$p2KUO2#$BLX&Vz)H$fv;qv6uS0A30_w%@6Cw1&dp~CB@!CO>kv_x z((TM1L96`3>vwcIG`SIQ)a7-+s?cUa$({9ZX|bS%*X93kZ+@h0?y3zIl@nJ%f$@!W zq>MQ%vHdA7oe<Ae1VB25cdzv_XHsqJzlsh_kCT5XG{c@}W07>4F3#_1u9xaJKfaQ5b44Kr`_vjD zz2?p)L`%))OUg?=hUK{%6$EqqKu>Z`0sVVx=_R4V4QfvC(nPR76N&zBI zI+k|rR+jbUuxX*uLbheFIxcP!26Ox6m4P8JL9W(hepy;sKt>Io$qVw1ChJXEA?D&w z9w6^}%UDN-SVRc#xDbuV^Y848;qmeL8ib>`=J{>K&A_L*loJec=9Z^Zqq9V^_KmE6R&*RHG9FR}#P)_}AJdkKtJZ3_SM_Qfgb zaf7>%kyS&5)(NJ>pnX>N4F+a|d)m9)-P9~>-%BWuEh#k8!`%*d4}^HYuQVIPv;C?g zankwNe=bZ4nuri$hQs`I=;4_Mo4$~-JoUrxw4&?0ag0^iuP^%#37H4V_PV$?PHn^f zewas+?m-^!pzanJZ1qVsBkPGez`M6J?JvxZTuu?y;&I%Hjcj4RYZCq=ZC=i>u)voT z(qwdoy_bDKiRm?a&rq}E&tNC{_NAjLdc7kyBx2;d<2K=*Wrh+JC8^=rWP7@l_)~{h z0?sfIN{Ik3BUCZ*9ryqqoo#Y#es?X^adf>p{7soJ$)g$RytDO?tYts`yqYOAWX?`~ z=_IWg+>d-JfS15=e&5=ml*zNRHS1Lrr!?CeGNI5(W)s(`Lnk^jL0hin364Kcdy?47 znJVm0y!vz$WHBq_i2P&Q!0Lo7?QUJGbqA#zBA*~^S2vlmVhk)qTKkb;4dn!-j5qgE zAbat<#FUhH9csWZ>b;MoxOd=nitT#GK_YJ85`@m1o#*vAATF_+HD~`>ivWz z3cQlY91^bA2IXpJ${{=;gEepDZmEWCA$D;2g+aEdfzQWVZ$7;_i@tip;i<{pVSS$I z%A-lXVa=|QGAVK{=gQEywppmD?%G+@>o8?TH$URvU&5}~iESSql|l)}N1RU*mdT>S zvG#e{7tum8W7pd8$2M%v@x!Mpq?suf;3N=%e1Z&UH&4|V3}xU>YYgy9l{Y+Mo>{k_yB4_$VDZ z?_k@({|rtxA$M>#IJ)@%5x1bJY<>`OOa!P@P^8&R*N7xsCM~pnqiZSg;$j>exfVY2 z42um+Nom+*nakid`p{SJT<>>tTj3t{u8IrkA@`hrOudklzI?sdi!f*&U z?*ky2pJVb}%+0ZM7$s4#@X|5F0)uHKf<2%Q%agMeq$mU*y4sx7Jr6Wu~CR^ODg*3zZU6!AWb$N-6^p-T1Ws#*otSb?7h(E$ zLUU5Q+5XzF<1ou1~7&9?Mx_3A&C<#8m)1m^+ztg7N}-iE_u48frO%p~pvqkhhry2YbzP zEuHmRmQvamkhE=%H;K6^Vxo%pC-2VdB1#3TscYX9J^Lz3#WdOn>K}(q3zm&aEv?fQ z8!SzEZUX(CR>V}u;Ws1?-X8m78BEIC7jgeXZoRfYi7Tk&MQv=ZU3xvpXTOKe&Y$r= zt4-dILVjBxw!lo^Kw?}T(;u@p8;=C+NVEj8xk{wXlS0Ys*!-yx<@`fRsEy#fiHOK| z9?K;~C&Z>&k;Kbf?m15DAOEQj91yPj0RKy?J1tC<0FHP$Zq;<^B6?z{%vJ1GPB!ah zJd%cw=M|b%qy{FZ)5Uy6$$MWyi?BxP!7GX^%a!3w~ z|LNFvM!qRr%fY9@aGvT%QCj)9O6~BE;A1oweA!MKezbyHo97;b64hHL51uq?3DH&F-yVYv>HY$)|)qDdQ&! zY48W?W9H+Zwa8kFf{GL=IGZ2u0d!O&FR(}AzQM)RkrMLpy&Enfe>CscpkoZDdYj2> z;|}n&mmN*Sq6Dah3`ugu(sU>dSL(5^cr5B>;u$yGc^lgXcxrdjI7`m`JuTDA8BJvD z;*E&=7a7U*zpl;B#0X)D7i)^zMrkmY4^T}iHkg;HR26jOkBU5%`p>ZFPT%>RiEL%G zYBHO<)vEN=&5|YKMpPYj=1o9zK;Kdo+RC13%1vk`64DBXAI*^KJv%{9FpJja6kZO) zJ{Obfo)Vt>e2~4q7G0uw-^sn{R;3oAt;D925gM^tOBya(PxsIx$3pDe$JUPds^ygjy!uall(fdoSY;0qqD*Gua)7y_T^H! z9JI6issy){FWO)1ZU5^>KT#o0sh#b8p|FVDDYsZSY9ungA8OaHs7yOkH{D@TOyN5J zd(#JXhs@rU0{Y|W6z%oxZEhcD!#e{lmn@W0YEMepGx6t8sh);U3PvHZKdJbJj60E1 z3Wophmp%0AeDpxqyr#k?V*%`UGAMe|1D;oq;SxX5zYc<<1taF~n;dQRyVaaw^0I8} z0q3Q(0a=f)2NhfGM_^};5@9EQU(rro8f5t6M`iX&gE7=}lPcC7R~kU{uQzAi{axZ% z_qFiq=qzd>BPcVBKjnSMGTb4bXZ=k(*giBF!>v=fZw&VPy#oU zOH`E_4M+?VB-?rb;yRYAi?p$K=URIMnwG2K3w1u$;(oBzSX<1_pdSl*+ z!c^>FthL3h@>F+at@4)P=OLNT{yB=3AH!E@zqbioubFcQhf;XF@1%1y-v|1}yNxK_ zT<>*Tf*B6^L@ZqEfoRh@L^per2#kC?aB(vc9YGb$@rU5~Nc5aQ75>+5{k0E~`}y$N zXTNJj@C1>2M8J7Nc4uD?$KMOj_hrZ2q1W4RPtTL#F-29B)Jbo?h0_rlGE7G0LoJ|H zL(x2RH0XyqmAFZ#HaCnexrOq*PyYh*@b9jSFymO+;t3UO(eKej?@I)eqc55$O?L0E z)Hr9A3QRpIk@RDTEVVAe9uwjQ2j5SB)q#Awgp{ zk1^MDZ-E2Q9|_3oXH{_c?*NR4k-SK;0DF#)xvBt)&aGK&b)EF0q`U*vLBdbX5kYYr zk0It(@NQAm#CaOu7#mpi=Qwx&ckHqz`eDzLm%JB7GJg?xC{tLSkH4}4t{9^JSyh%9 zcx&R$LN>yzwMSO;tQCF6QGz2WgWpa6)Bn${-*cmW>a4q<%zR<( zYAqf$oEFxpk4hY4Q{rss+Jc)MGu7ntdn!lHAxj7;>^k9&P+hlDn$74{!kS)uydcF{ zvWP%W4N3)aj3c2>j+Fho%Q#JeHCU?_(M2W@|DKMi^ZF{Ee*6sLBS~G{YaTK47el|P zN0zHW<^{Ff-6h9X^&q~@-x1#=atDeI-ej+YLEN?%%YQ?-h|cbD5&jAuQr@%z60`?b zr7o$%#!0n@YJ6x*;GHx3j|`0CbVgIHk&W*E5YB3}?iJN41KlL5pM9N@*dd!h3A(o2 zTRN~eOccW9c%b%NA^obC6?UrEJglVNe|c?b89le00FEdOaH1gVh3wdWq;AT*=IHzn zaZ|8s0-RNRLH#X=uFt;mU1?=^j9>0{^7}8n*o-S{a;O>if)*R>v`3`^~V9 z8YnY+yB|Xgat>9NK2L>+2K*nA5p%8uAqB%;+CYf# zT6&raN_%aKCYv!D;8{1&((#km=8WA9&BH+&qF6e#CmAL$lntL0%@v~7f;0GGCI!YX zY?$Af8We)Kg)%_tkATb(sF=d3T*`;=`X`COkD$zA8`DYCxeI$I>2;Gey(Y*PD!(7c$nt83K{=%!EV^eY4~yR zzY8`e4b3EVIP9vxapz%b9l2u{4gwRV{Z8*Xk8(%g1$JoK?n;&^wh$xW`Fbd`1TfW!9M2F5B{qBlVQ+)0YFKiIz%`Flf*MD%U25LkeCg3S$^V$za|^_0`dk>8Gj zM0A&JF@r6esWn#sHG$X>J~V7aq$>HOVrmf|z1~W0Uhn8*&-u#b_s!XTp32)R?*`^! z(I5PdxQWL1?Saq1fxQram3R+6{EaNGD~@lxMa0DkBp}w_DqmcS4kg*)Xa_+}9TH8r z)iGpLqLAEke_d9@BhyJFCR7alK=n! literal 31516 zcmY(qbBrj>^F6%AUE8*8+qP}nwr$(CZQHi(ySu;pk=m> zZs?f`t8>kg3`GRc2)6DduXS#bVFuNOxbdL)UU^B+g?Yqioo?)4sxEir7^IzJ;VHe4 zWd#}Emq zC4gkfbwq*3lzbcIz?@__gcAqQw2 z&m_bGhroXW3n8hx8(!v8sK_ z8`P`a5y-kJGs##kf5b>#=w?3dp`1qD`3}!=Rs>hIBlCXo~>D z4*eKYLT^WuF#k>^BwA393PU&M8J7Y^f*Ky1oFI2l{LrF`QLG<)&Vq6P4`r#Iav+p6 z`KpMj6r<^u+IGn<8e@W~a{5-Z!mDh2L9GY5>EWRb_Nq;5=eTHyVc?8r8YkWA0G)Xf z`dr@<=kOn0Ui z-}onpzX8!54NREe10TnsVptvn0h2*Ii9t%*9&~*qF&!0@(sEu!fDjbz623d0s+1)E z4C|9srf~x3Z@m1(NfuQ-5B{)LlIcpoqhF`rF>qRC9ezwDY;=LT#g6*X!q1r@g-ZFf z^`Ok84aIn8S6=KJ8A1ADv4rwn3h{!5c$GRAkpwpck>Y+K9~DDsfUHGuAxppqMn?#= zAu$9@%>fq5@@Oa_?D}K=LLc--wm2Ih3fzo&QRr~Y3~h~lQ&Y=F3#)MD4_J;tX1H;3 zJYd7?>x@PYqd{mo!d&==04|ow>9DZDyhfeCTOITT~j`cK@0@Sp634qOl_YsHPRpL~mrd2NR1lAvXpI!m4WrAGyPFK}3|u`8Hxm#jtt&&I||TdkN8X$KC#hY-{zv?fUD623<4%mzmq- zOt)aGHVWU*Bz$0arE{1hY=hzDo}pPgSK*)Pgdf%geIjPd>7)MK70V%oh0nV))Uz|I zy4kf=E_fEp=^jqQZ|@qX-qCpGzHcKOp*8ZY1=n;S0Vu}8$Oc7X6)XdWVn)A+2Ks^|ZHgn}vP5E}Ik7F2`zo3=- zh6PfC(tZ4vuI!maWbfL_r>vwA+$0dx3jHIc`a6SHk-s6|XH)4ZbJ;IvW}Eyd37Cfg z{iOA%STz%Yb)ANO0E#-N7|y{iW#+hzAT=nKHs>7r1pQKeM(H5|!4+ck>P>~r_7g+r ztI38Uu`@|WGHvs~=V)ARJt52zOHq^pbm(5N;(|~`(~$w7PoZJ~ExIp*X_~7YA?r>- zUd)YYaol|Ocxwb*e;-~>CyfXAtE$3A*5)I`YDIJ)hKj-fz*>$yzgz_Dg~O$)2U;Mt zgFX9#h-))7{ixB1XW(~LgOTHR`tIkU28qB;fp2NOOA;bUuPI;)Qp-`W&{pFJt1)$} zB?y@M8>?9|l+bjl?IOUrWn-LnD!*L9qV))KHyldTdvQux?|YSoAsp8>h!|$6eYsY9 zQ8?S|VkLr6(yvarkRd9lN<&wc!~OsU1tj&`NE{?;m2i<56Kp12{e)l4 zSf+)_)^i}3LEiga(i|C67ZEQFid~~95GC|i!INTBK~Fpu>u(aEo(M|sn{2=l1!7u3 zDK<`R2%fbNGJ}-qw(r9jl5(fajv8fz_6@`fD5sW8@`ozea%%%wYL;ou0nyOOKMe-e z?aA$O)g-y`6q7pEEONHoaih1~om~bLyD`H1H9as8LY&S0c}1nppf_MH6h(Ai9jy5r zrHSvaiAf{mU9#>zMi_LBP8*&05jiTs7~I0712wMF?_O3y;V>r@8HP`tL{9*fgz;Wd zIIx#nk*bI(zMChcX!tm%L8MyeVIs7)n(NH=`|)1I`RWTDkRyXsq)AY#epX8b?^9*+ zy3wNN_}psNmsEO(F-%v)#tnCC^2G$}klx~h=gW(H6HiU37n-l4Y0#@a9T@J78GjH( zO6u>l50y3;lm8L3UT%`9hm6J~rC{Vp&J*0;4i3U#qG%$$idQy966X=w1j(g0nr&=` zLhbMDAh>KBFWq_RFKZP*GhoV3OBOC=Q@L6cOHlL~M-r?6R2X(K9<&glW%woW9 z{1&Xb>wG4rMjM*wHtQF zW?;mJNI37nBcd+5V2!EAN|dmT#P-LFvCNTj!-Y!&3nnnT*vW*sl7?=di7m^$?Rn1ag-#}0xovHGGxQQG{Ehvi3;zbVRPB!dOi&9F4e4x; zf!I-|FC-fvr*&NOXK8q&T`nOPusBi5M^&bZU#8Glv|0&rx_MSd4llY3HerWMRiHmo zm_xiL+9sv^!&w_≷5K+*?^Rp}Z9k3h_<)@6)uTEADv|As*B5wjm*Tt(-g%h9RgP zbZZv#JaILf4*(MLH7xiKy^enXa6Q738;5p7vPN%n#`s}0I_xEF@F&%Ax@3YBT5y$9!@%Cur%)ccJ2 zf*={Qw;6G{E#qR>L7gg9RS{A9i6glSsK>?goPFG0?7j_|!9=bsbk_KU8H(7!f-U)J zh&Xw%1v%>SeLNrI*F${8SMrV<%+fFlTUN|l)bV0qdLf$a?n@aC#@8vgcxaCCqZ4Bo zQhp%1hD=g22=_o8Z~({+l%4_G9rQ_zhrXOy_~-gioMak*to|GnJiVKBe?ec03aHkPDSWwG02!jl^1RA{8n1=<8Oc`A0bS^;1VX`!;s`B@Dr=|OfQ^pByu%7<-C`pg$ zP6v7Ta;$$dZaj4_eT3Q=M`>i5==^1Fh!}T#no&a z0j99SgZsUYOC+h-SY_R2L2pXy`r#`pQ`vMwu&61t)LzdvKfMB<)z}o%7Jka7qKM-O z1Q*5&5Z$xc2uIb39l7hucN&KD_zYj@M$(p3MOY$-d~#+^pqOo1h_@r3qXZ*2*jC|^ z`#vm)^2i!-EEEk_yJefDi`Ckw2TfCOR#AONSp&JZyKaNt>W@206>1pG2M(j5oSGa( zpi9Jr=f@oP6Y#_LYTL2MsAMZc3Hmtff$Un|stvCB=)|?0UP#f*<|B_Y5Fgar4OQMG zeE^gB_A%k>5MGE0e}0X(&op0Hh@c8&OWVLgIrzZBY+!qSC3k&ZEc{*nOe_yodRLK< zO>~9?LW_bYr<9378?_%J5)^Jv_^jXQs3w#CwwBfmgaZ&$@uf_Xs%HoIi7#4oj>bI% zcls5K&;YAZ3KC>OZ~fI?r;{^ObR9GCn;K4;&1WliRj@Z0+V>Da(CG8u!W$s~39fe| z&42K?>2F65@e2VH=zD4jH6&C^W#;#0x&E>l5Qt{DUtm6gGc4 zSE?e}GEAU@H(FwOE#G}nopPAo=~7w)$nF+fTfYerqdoBL9^NO@ zHf-BI$|=#OTaGbUzOi2LC@cPRppB?|)mdAUT8l@Jh`%VUoR0wYsjxQU-vAPwD-7X`+Ih zZnYE2)V&>Os)*52vkg7`xl-W>NC;b@*_M=mwC@BWac}-Xh3uN@mO|S}@~XTl0VHB+ z{k1Vqpr`NVOfX+r28;<$fQOl=%pf}-3iMV1ADEQ-RuxeqPpS|PBY@9Jr?t;*O9@2N zI`a7YV#}*FU#*Zm@y|sD2#%wFh{tE$CQkToGDG#Y7)j~GL=EzCTomjUH8Qm%MOA4| zClJqL4Ir_qby8#djVy#c$t7sTb{7Ic31VGQsd#kSdO&o|>v7kNwLymz8p26FDYkP2 zJ6=i8jRhqe{dJHpgd@05?!1dh_8-2uiES|kc1ypBRfl73F!TiXzz3O>@MrMNfIlt? z8t%VSdb`*-zTCdr&wHjBMnP-3x;CzJg6?)D!S=wWr?$RU&GNqD=GVqqB)%|T^4i%h zb0D3FD1K8DO~O-+{97_IVB9{^Kut4(>}7a64he()GoSV>w^_J)wfQTZ&`f;BCyo0) zSs`w%IZ|hXl2nMDZb@$Inho#`ebyf$!}-8`zlGd;gD8rulw8DXOQSJ5)M-#T@7ozL zN2;*`YL7S0&w8RC0S)9tMXbfZF(cRpu;_#npytk*(J^adCRweTeCjpVdXAH?v5?+g zD2DoLG+$fbbsvP#s56b8x$oRy1xq*Z&mUm(wK864(j%~FDs+w*_$h(G67s50gfoJB zRrH2%$Q)kA401r3`Fz;0MksM zLBT?}2MGxtSsk36_A&A}UBhMw7?V+ZccJrcYDM>WhxR}q>zbVj!6$PI<&?bdvP&Mt z?Nss?SvV#1KH9>s%{NaVbvHMUW!e>FyX#!`cjS28-}W5zljF1+mL59cP??0}{W9si zyf{M10-LamUg8n79*>l%0STXhi%qp+x+W5W4wMBa24>1p{85vBt)Wqh^X95Dm}=7Y zyg!G%0Qv=!cNC-}YQb?&c0lFsn57cadaha~gLahb*P3PxO-p(s6J;L z2JoOq>+~_^yjh?If7>h`p}B@B3udGnpb&grFr-fzm`#Vfg+|#SVwkXl9ZrXL&FFgh z`tN!hX{WE}Lv8utLS&_Z#zrL@#qQ~Q^AM~FB8BGqBrwMm+<&wV_lDcX7-*{rqF#OBQ-2#?YWs zy%KI0@qp(h@J^Ar0n3nN`xEBicE!;aiiSZ8*)unP%nn`J{JzCR^zE;R_UmoJM=v;p zAE}aBWS1LHm2?GsPr$6si{qos>uNC$C0cscswnisV=;GMP~;5L4PzV4w3oX*mWwo?ji`>Wf!P%d zdi-G=xP+D9&a1_qtN`!bC|&K@Lor=5R$^6g+$bIzNuA;Bbitm96?c>voX3OzA~&2n z+%|eAF%`#2El}#yDl~^H6HdO!@92fZSsGI4oSym>zpBVp367egq2LYVnO&9EEy^F)G#u;J+ z;aD|aJA{P+A~9*!_NTic^^VicVPgB^HKy-y%wy&ZVV4&qtvV8Bup@t#4;V1WxTxsi%Y z!71^kaMB5m6Gu^OV_m6jeCDDmyj*JZZ3CZ;wbHBfu$PXz@3U=`YqeM^q|-D^di}^6>}{d_jv?MM5;~5y`3Mk+&kDQXh6s;Y?I#0i7jo>UDE)b zmg5qUEgG|B^A@kuaTn|+nNOM}TsP|_f}(^ia~RLmEjo$a)7Wt>QwWlYEltr~Rgc>e z5iZ*%7W8Ov(gv>eHe0yT-W7(LhwX0fBv4coS{(w*i})2{{kZqX}=eGdVCu{w5 z?-l>vXzIypXOC^!0*%D(Pi<=}q7b>n?f~N>>||0J>dmv~_v`p=dOerAY1c-uP|*rb z)($Mj(ZzzJSW)6J&UIur$$zX>jV^i$8wN)LQ*D^Nd=@cZ46M-m8@i92r+@M{*t}vw zfwh9Rg8L?SsWG_-9Woe_Ngf`nwkX}$G*@k*#oJauKUQv{_1{{;E!qSycp61%y0&mz zz-t<%rzy7qBc`GYs3X#J_sk<2iAznsbkZ%l_E^1|y=HKCeK&2K<}czrV~yUpjvB)t zR1aXqwN0T-B)Xsfh)E@rFwk(}t9EVOxyUS9_Omk7kDZpsz0HU^?Q6QWZQU_XCAzD% zwKE!#OC6T1v1=AmM_6q1vbc8nV8NZyVmn*2SG|ea&NYA94_>ne2^8tQmJU#EgQBIO z2PF=(iiPjakqMWGAnl#CnA0Tm8wzMdt=`3L<*d3x^I*cSlZg^F-KpE}Sv!Bm?hxeX z5DLl|ibQ}Z)%4KL-&zX}qW4Lig1XFwnQWpxk9E*q3n!R`jbPBS{1FhS%t(%L9&&AO zwPg<>Y@n-7bu==B!Bq^Uni!lhq28vR8}u$}!m7C~w;0rgo~n`%CEeZ;z*s?#&Jpd~ zx_Y6efnsaxA0*kNn;V?bX|S(QsO}$};n6=}G|~(T(V9|kSIG^rP;jF+f5}-L57vUu zUfr@;!{(SFHCF|H?Qg^^W^iqx-rmd(nQGR{4bkEwm zC9RR3X7f_B)+!;@f&+E?0^A36duG5MJ z%8k|Rfbk~H>|i!ly?vWpRsUf2R-=76eKme?$Ao%1p=i{>i2`b=u&C6?CBKO@dqcqB zaI=1OpVY1uQ`K#`WecZkWx3Jb%?Xuu$=3t*_BK3ZD#j4>-%W0aRE&iFfvE)QEsfEE zt_Ov56e4(QxN4h;>u5MOVtYVrr#=RgEt`(n@>Oh(gWA+!&x}U9^w)_-dm9ldEn6gt zdV8A}DlJPXOR>El2GrYB6TJ|Bm(ilV7z~nay1n^btc}w$5D1tw6sG+%;8Cru*3{tl z{~-GQ2hsO`5bEyr(IMa`8tJGvojs*1t_5+d`JwhVAXh|Ku{;1FZ2I6Ao5dw-P;mdV z$H4#WG4Ox(&_BRVtQ%y-JaIv+zSifyd=@XWYYm6;!Fd_Tgms0azryd~MR#}>ODz&( z!_;bDOgZoWb1!P7=GLh=qz<}gemzi9JDtBeFLiuPq8#1*M{;bkReSLkv0lfPjjR6A z6JWk|z`empgVo}V3#W~1p6L#BxQK*@$PTcEYAFB(-9yb@r^BFnaNNs( zEd_I#6VZc0e{9;Wy4xT!Gr?lRb!>DVWG+#*@yHqO#jjFR-B!5umX(9^mKCStF-hiDML~a~_eXTB+W`No!mT z^Bq_;kN3*2+K+ZBN-EFxDk}tVxv!*74>aZIiEZwCN^x4j^J6f+}K^cgUg6N9|i1_T&c z6aD*j$NVZJnVM%W0vrvKT)5hTHM17=b^-^~gjw7+q=?5kybpEYpe=D;T(CGhI9{?8 z1xzZD-+3a&!_GMx9}$#K@0UItB;MvM*;nXl(GeJd?(CSgF}=uq!#dJXTKQn%IDr^+ zapwWCG23nTJ8Kl+ONLAt!3b_aimc6?+^M+j9RiSX35-J~q;{D}xpf)hdH{m#ACngq zUy707i5?~DhT}M4xQrvVEgscq07B>ddQO_A1;yIg=OmcnVC+s|g||*B_L}{qGbIfl z3?YKEH75~-okaMLu$Ox^+(c0wSV_;2eRjiOEE6~k$R77bdgr9=gAemVkv3u2<5CLh z>MJ+b_X(I=gpgHy6glT)ugFW{6$xNij3~A{1sW_rn zg?#`$K?zj6T39}gqz))AUByT+03#fU;fjY?+V6P?M%2Q=GFxG8*kzh1;E~I6EVuqo zVk%ghA=_&#^ziFch=j3xytn(J<%>>(FIpNjK(A>cB6KY7M+EyIK$qAcd&zBQ__0x} zc;6)e&+Cu(*wzRiqktV=azWpY046bnk-==AYLdoVQufqB;hg9@(%jz*W7o&Nd%Zax z8`c^?bIBiXG(5Q+0&ej@mIam^M-paun2u;H&L87*Vb^1Ku`$fpcF3Cz8qQ^R%8cZ{ z3XJUExT*T*3pc137nI>2$bbzvfeBa3H;Z;;$6&0hgE_7PXhd9u%U@;h37=TFjZ!~J zH~xwz*`dvyY2)JcwrhnFgurt|w6oz;oHcmsX1J%)OQjk_d*5jGkIsJrPxFS| zt;86r_usOAMk^Rv`j%_EDLxY3+v&r-l7BH%nJpKg3&!qsdQ0)3zevkpwuxXG0vfaC zfEedc;O%K9$+%24d^7tY7#tNDg<0$_EMk;tMD$UC=cE1tz)3#v(9{+cWonOvg*bMA zKW+%Q46f_9$pT-du(O)Oy=?Jb-q)R&tGmMuM%0QlMUd&$Mm9|6gMO^GO>O{q%FHP_ z6U*@;XEQe|^XalLQNyK_aR*5#6;pqBBoT4e1tn;C2}{8R|E(uu2rk*Dhe<&M#?Yt7n$P5rXPr)deG1o|b)+60N7NG`%I_ z=8{m8e6_i)cBv0FNAW`uZW3pO2Y=T6c>|SBOJd ztXBT^Ve;km;iF?I-4sW+)u*=6rnXt9wpZ3in-bQgm|L6A>;qwP@u?_ThrI$-UotuG zI618-IW6g-K|v=)K@(*e%aWXYl9F_ilK5CcFt+X4l7@?}x!UxtXh(zTE3s3h8`Pq` z)+s*LIoG)ocT&-g?VxD_z9TiPhmdxCf9`IeUq1<<&m{^_NMh`KD$BD6Y(%slHb-m{ zZT_yriUN`Kpa;XrGB>HL&p}3-7Qdqom#o#B0JC_OxK1E15z>K{YPHmi$v*_j=}jpW z7C|qAZYVCn*o+IbrdOFxrpAgZ1NT#?jCj^8{%4(4>Qp#mFTP`Md|j`G3mmKqa($Mn z7W}%dl6yUZoI1~w#X~yQK*99%f{p7)HF}Bd*z=A^<5wOihfinXP-Ynl)I)=!yP86-BVb7jhjKW zoi~R=adM!vwucV)3(~fyc9BFI)l3W$lJSuo7%mEH;LHTG}wv%NHBf8mYl6U&= zREKj^D!u55s2lny!k#xt_;sy76&N^_@tr^wZg7fqbn=hwEwZ`X%OOYlP`(sxza6c5 zk?h-nc9W9IDB1o`3K2{+YfV^b^mv{VlD5G`fX#gVyk!2^0C!2|$7h$3_ zRgjp8mlonLAb)|$07l}3z{LqtJ8Y?{*4u2Svm{SAAxU0W6xJk+Kdgybvk}7Vt2NTFRAY-JrLho^cLSFePd_bW3tY%Jhj&yfHTo%=gw(-EQH%0$FCP>9B#c;;s|G zF9G%Q4%~rSRt^`AyEgUs5!_jWG2UY-0Io)%F51QeUhugCBEExGyhg6*6@7N^p>YKk zK9=!3jUGW^{S;zUVaXuaGtr08B7x|Jftoo)3YxK+^%+!0j0}y#|m{oVvGS!i9hBaDlw0 zdvf1FmkY!n*1Q7KmN%b5*@OeC2h$&C(ZrCwhgi@HpKtt`2g?OjxbYwaQg zlt#(BMj=EZ>|rLB7oWPE&dfn4{ZJpXYH|-#YiTfXwfg+# zd~q6^Ew+5uS#J#$XR>MnU)xRBYnpp}fe>^T#jo6|eQt+as|uPU2b1ir4x+nAp@KYi zrcRGit&2XAMqbK4?%_*wGC_2(L+85*tb7>Lq?k!zrjyWD#-sV%vCRTM!`Oq!TPw9h zGfT=02<3x}a`FOey86Tio)`YvuES;glJBiL4;OSLj=~r*?ioXdlb;y=+jJxd`vzz8 zn?!GCV9z!zW*rnV0XXY*u(J)%4D5!~Xh31cJ5q!}H8x9jMi(4;GsiXpm+?LrLfi5M zTzh0FMW#rBPD$F;4yQ7|kLn-D6mU%Ff@X zV>KI)p}tUk2Nk~wn=Nrh^ngCSOCpu~Jql4wJGU$Fu?^l1fqZh2b=WvJ`M9DZr58cP zzLy|)V9e-*7m=gj2b{B5_d-Op1+=eSL)$!|Oi$1_sBO+WFBkd=JYx+JA|*XmxVZVD z{+VDZC|uBGtZDqw{c~JRPeUaw{;zVy1xc0Y$8eCOJI~8>JBw+*QQ%((tsAb;Aupa= zGw6&$eJ1G(p_nXB+rY--1pblD_TBe~GsricbkPG{*@P^0!|Xz1>xa4I zOHhi+YpH52*E9Jjnuum-9l|?N^I1|?@cd$mS_|4FTfFCMjeW7=s=_)s3QGwZiU~}i z|EjNcEtXVeqS|tx=Q7K>zbSp8xK9P7CEAgf{3D)LJt6;YlM$s~qDpDU<=F-TvBwW9 z-QJ$c+r#xNz7EcT8Yv!~Y*Q7%N_o86L?j=|S}(OPh^xGPD7{o9?yxW|xS zB`86BzWxtYWx^vHRcypPy)o%_5)L%tsobrCVM&`k!zVfnTq?I50(88e$FP}3S7h6w zi^JTER~>v_L44+cNoubLGF%zrZT9^rsE|y5-JurqHYHwDL{MJ?VSs~ zcd6e&$_>~V9!X}7V916wKMX%-`^sRji2ad>zI1Y@)K+d6G>>9h*AEg$RB#Ka9v{4Bb@n=mt4H*E((?J! z{>fS`by99lv7>^;%#t^^#L>wtbuucnuc72Ia1w7yv7^`qx~{cR+0?n5I)zH=#HU%A zmP&rLMOk+U;@~+nrT(qK4$(m?Zb;5}g=o)AtSqE9;96 zOS2CF4dD38)$v=G^-UOoU5*of`vHA$npv6lpC0>Y0#;Sjp5B*1|zcl)-UI<0)I1GyCtT z3a@y?!$zT`T{C|XFXZ(804d@<`&FRKTg+0DuS}J#29_W3Cm7Ei^=C{I2{X)df~5pt zG-e8O$5RT4com3j6By6f@78&l5y8MrqDJHi6ip0i^>=0BPMxgfFg*K9R`Cq8Ea?fF_B!r zm`fWSwYh;&)1-G81zn{+2ravqN-i7U6bNE1*Q8?)L!QB!qs3J?@G9Nx+QUZ6V@;)j zG@sdD0|2uXUofk~jUwSAV*3_EQPZmK2mLI!2jfbIXIN^)c!02AXxN|PA&N`R>_jzGm1Ww{gglIe>&sJ19l|{oO z!!$4C-xR_$Rr9NBglN1pyfrhIK#jc?53pBp*P39?=5-4>Y}7KBZp>vXUWFn4BEH)V z>VIyHoU~Ol&N$)y${TYYX{lwj=7mo(_f(8)+u~(qSg{j zqm4?He-MjC8smQA{kZ1P2F&+z^#+`<;1x&)Hqq(;ICEdyF-06Y15p84@^&-_{7&?- zV6E>@V95)LlC?+rnaYTa$v%I4?h|RXvz+?5dHV3@DZc$B2~Y+lDWlA^tgI}i_0ezs zw&1OLI6!-LGdGa%QUPyjb;tc2>VVq;92E(=Y2b;NM^aK&F>NRp)+rhcXzEQ+MS6+H zEU_+e^0v-7($X&sr+_@^HGk)EXTnd@Z|b%NFp@XA2|?H7=TCaRJKeg~Q3cm-KC{zM^X6iXLy z7xNUh4eK9DcD?kdx|a_m7v;>}r2)&#iH7XcF#PuV{|iTB7~&{y3_iJZ{d0 z2yw!`Q;Q3)=rV<9z^@i}nl(Z?xQJ6=?y$Jmak ztew17HgVI`kXTvBz2u53E4sRt7Hj*D$2sah9-N(tWkUaW6dC>F;hYj{i|69}kB8~2 zZf6oS*;h}n@2O{^39T%{@4=?7Vv3DoF6%3 z&O^=BMW>vI+}jox1uoVHkQNCisNxcV>hWKoX2|7NtFJ$tlYK(Aa?Y0Gq5-osygwPD zYkz0O7eCmO^lwf36iWo2bqaTdmIfG8gDS?JCXlbQvxm*^4S6%&VVO|9-9An){~q$( zY)+7%(|W)zvSBs~I#ZB<1xI}EA2{zd8?cjaS3FV0PHL^(2O*mJ=o=(4{zf!N2*_ei( z{#{Il=?H|9CO(0vD2D6n0;p+DDTRuQcgpO%oQX-P8N8Ze`#Yne9J@i8P}7v{kFe*J3{QF}KY>>{ z2~kc7wJSd-%=)K%l9*^LYyasXRQ6p?`kAp%L?{#890|ER*}U4hmVH>E6>JT-zGCP@ zFXS(7-(dlSWuNZfX`uH@pZgN9Q1d~kMP5RoWGI%467(xJ3Br`GPj;AG>QpS#4D<85 z@0;KQe}=%pKCVSkn|lp?xwM)F)+~%eFcSb`143oaKOy zr}84kDJCuLapcogPmNOO?Aa%nL&T!P77nU;&|v#PG?A84b0G2E9YHyEzJB0G11{JkzRzLLmE=2Pjys?2q~*{gCfKNPl#86DN*0$H<$&=qF*W z-}-un_CfV6vNLBEOSlHLQ4xMXS*PWx{v_r3c|3gHeAL}l&ey7#uN^XaG?otQ)UXzP zxzmfdnbD6F9@s%EQJ4R1(2q<^Gt#vIRifuqrWXNKx+aoVP|ddnQ>v~B^3Z%A1~M%5 z^uB^TM6!yL8YHVW3zmCM-AC&Aledn`o50Q+6gmaI32vaQftI!}G5bJBg}KLRxv=H8 zOh}TRaNm=_@WY#dibk7L9z5My$x5sHs<7LwE&zk6Cx9=Z;dB(nL{v*1mgj$B4=JlC zf?GZvDb@AU2EH@-@_TV{<+-`!bNBG<(vx#>g$m=j^(*w($+y#5-7T%bBv% zW^I;zCjL_}9zNPu+i=Av5u-Et+NHK`QW3|kfV{LD!PyydB3XWtNWeG34v+$5=ZE6% z`J&T0?kL%nas<$SsrXVJ3Dp1VJ*^a$2kH{6>E@)6iy+Xx6^@v^WxelT&Pl|J_te?@ zs=w#Q?V{sncG)R1w5P7qmj5`WxR%0=^k_-tf>R_^Qd_m`@>O0-MJ3-_UaR$R`Ow_# z0(JgT+~Q&tceP=81t!((5+teB#$$u?W^lA1yuWyzq;6*{c4((zk!B|Sk3rl&2F+O4 zeT%VJrA}_=%(1XW-#b<}kq7J@Os-brd_3L)q*to$yn>wfZy@+~+& z)dh>C82>VRm72(lccKE1OH>2n)D}6BoJr~%@ryU`O^W`#yJzpf?6dcOi9FZtzeIjU z_nqUy=}FOkowU3|PM%&GnJmUGdr37ZoOiceJdX9=p${}Q>%vqlU_CU2EO#b;~b zrO=xfeY=;)i{UU%uN<<>UL$8+zwckEh^uHjodPqKSG}UKbu4IKbT2H7jkd}rsyiJ| zD={HxP1Uch7lF~9zy%!cIWf26yI5$Uf>%UmUF8Z=5#VW&7VHxu!c`h*@AT@AYcfm* z?k|+16_hc;lVRDxrI_n;qzJ3Pz}bIlFNuivToF|xf8gLzamFANhaizEMsRurMyR8} zJ}_TsMohLR?JFs-S7Jn`#<7Vk40+xH9`Cqs!R1E0G%)*`LB9;9tdlV5K#qVAm#qB= z2JV!U4^saDywDsdy5(#-7{M2WWFTkS59Z*C&HxCvtvBimLLV@y;h6ZfFyqLCvA3UP zGZvWht=H0YrE1FGgXQx{5{Lov0U0~1OqF*4)D?c;o`M_xb{#7V;=bi;WT zTXV1)qa$us?5!}3VSazwEj{4$K6q7o<|k~rbg^#GY&&4%f3L||qhUVIU@o`B+Ffjv z^i^#|e{#*PRl>fANqd+#+3w(%ocqjN+KZv$SYWOT3x1>R?OXcvf}N{I9rLBRSQ9LqpbP zf|>g!-P4ef`aMkz-^M>+eLT&%S3a5h;vaN2sO zD|fgAcDbf&^ohx@QKlOl9a1Sq&z(IhzagaLuuT6X2ZvJSYp)jM$3G$YG;F-NNLHA> zZKboVbvY+^1Ax}heo%ZxfQ(|U(Q22?9?3{DcN-&N@8o?GBnz8tPL!^z++=WB%D(iw z@E12d3{-h{mJHZ^8;alVzeb_=6dWuhph|=yv-Ve?6b0>frHZZB&C&Q=5N0x$D})uB z)!StoD2n=yP8)@nxKdjxuiYaQwM*82f5(pMzp08ls+#51HMUw$x(~z5_EG2W%`Em; zan~P~`eZ749?arP{wk;wG`2W)5N=-@-gu%9$qSgb5!3<+=Vw*O4IoB37e zDV2`h0tlH@blGnz{qw%bYKk}>bQdxJqKrLXg@xy#{@j+rVgf28C^YR`C81r_00e?m z_ePu>#t%U*N3$q+=#Qb7Ttb=~&w$C?!QBLeNiB1O&f?EDGDy&fMMllBk*bAttHN%Qvm_h49XeUt;O%o%U0@RMwX%;5}3M3%5?L% zptLB>8z(%P)|PI8-r@PDIY?s|GBq0z8WDLA8coRgl+{bt`Nx2aZ z%Z^7`SeM`G6pRCS()xQEG)NLMU&2GQdcezTl$2YV@={a`O<;;d(xqpa`^cGNo@l)u;w^);R=nf%*EW^l5pi zwk=}DvP??PJb8JL{F3mFc#?sD&ryEv@*fx|Pj>x*@b;nTDt*oKCW1eanw40{xjMxr zar4Dap$f)&Ah+KO3l6F=>%r1Gy`%X!W3l1#SUGHDjIb+s*sCYA;W@mjevZmv75b?q zAHC9vDzCBrsnaw|S=(eMpGjZjHwdyQd2q&b^<2_s|Bk?=jOz_Y999bZ@M#2u^cadn zDkHG=fWknOptcewE3twe1}cJ>%y}_)>uj4Ayf=Q5EX(t>|V1r+RCFy6d4XI_0=_^U})5OdE-g#DS= zFaX%<(yIT?9XJ+2#_tGOBD`K1PKy;Ajd{yBo)Z@Z0QU|JH%&e2;#Zh&LYyTx>-|D} z{dX+j>P(4UakMK)&QtY!@^ZefYQ9B|(V3>_%Ho->Ml4uSvnxmuRZ-uG+~i--04quE zS$K-1A`e+82vnpbH=!#?{?7x+O-N=Ikbsp?5$-I4DE^BXffP3;`jTBhO07Vp-C;wU z_b1$uK^OOlz39E7B4DzoY%pcbEMasB5AQ#ZFhdkK-(gDeLolNUU`O^uC-*l*6!~L+ zj?ybO4gsE;j_6v3_+S!G$L z*Yx&hCs8U*0CS217(;jM`}Z-$o8)QWyLf_JNNYsJ zjFs>XtCH4|%sw{e{eWj9TRL1M3@ec{L=Ng%VEb(XP?S~N7l}{_l`I)f5fKE6=|^Mo zPa~7z$8-o4sSkMa-Fd&bygcL)kTKPkQ$x*zNjiYPFZZF3|Hw zy-*)zKSQIlgG^c4w4Iu^31b@q3OXC7dGvxUML0t-$P`SAQ0C^#1=*Nrno@+_00S4t zB{wsGi1e+e?)M8r`mbg7<2Dea%mT%)IM{Tb8u#yDa_;mE;h*xnWE_!zqXic77&62m zhayfq7&wYyfVb19|5w*HMrYCl;l|b`d1Kqo#WVf2@1ugcHs(5aF>MEZ_*YNq0YX_naD-_)UUnyS4q6|O zDevD{nxyn$sMuC;V(|?gnb}3VBrB6VNpE08Eo!0=@k_9Iiv~(lm>Mbc3iy@R-tzy> zP@t%jl(q8Cd^qmC?nGq$V?{mbeCk0uNwMif`cr}z;yHa;(%>1?|ECZ#28UMiV$G4N zwIA0(T#WAV*GAP_R5g zMgos$5GKQ5eShYy5PN%rhTEa>r;$_I>J_$6MXFKc%S7B3m(wwp%->ca6dIV=80aNx ztUT{i%FS+>EkM8$rJbCMLRF=EbACP|nd8WAjNHL)GFlK7$`Oa?*h=ITn&?|4|5L~( zh%O)OTOpG|;ncNroXl;v3Ja}3EJf2acMh;M#DurPx70=mcguc=x*(Wb%k#jJ@91$t zuIVdzZo-6G4Dh6^{dGcY=RxIXp~%I>FJ#(NqjA_q_#?yN3Ms?j`)ic&BDN%e!(yP$ zHA!0=?Ug0~hHb^e`%p}B8p4U{(*t5qCn0!dvms9+X|GtUq!Xs5JhWW5rTMkic> zw-a1UT<#a}WCra~*@4F77=NSSk{Nqn!}j)Ni7IN*DwnoZYd;6Lu%Fa1aU4B@E{-t3 zr%+FXNhjH177-H=%uRe>M#~SBn<=qAe~6>*ct`kP%u2x+30PdSLm9D?boK~>gI;I< zq9$aft4f%rFaOH7-+xc(UoP#(D06xo_jHjGc*Kh-bcc#HgfH(9&0{VPZjCsV$lEY_ zxt}-}DOHggk2T_;yN7m(n+7|kahU76x#B#&8P3nr3>ba(fmK(+@hIGCDLvc@yUx^GsSsM(;sRidWmo)KIz;$l709no{J zMd)T071^4lWD=Bxl2xx!0Mf{@KHcqgMMP8Z>O>@4z33q?|2(qiaCxQE_bjtk*xx``Dr zOS~G|2S{5*eJHc>cgJV^(@_y5@N$@3W0q%x2rZ0#7LK=t$|uzE7*AZN`8RFFT`o)W z6(3I;__DlYedL|qe9L(Y$l#=?o(=o&$(~7VG|=wjSpML4;`oL;kA*%+8{7s_G;6BT zk@Qve86*!!o=ugV8sA}88{?23EM?0v)jW*9T4}xfozNnPaCH$89^nxh4Qk4lg{!l- zV<)F8SmTsI6_;z-6X7=_l8&jW4ftED;ivD}vULiD6O|kswGtMZ5+n;I(7OS4bA;dZ{8= z9x9d{7}RLcK1O`L#eYbZ?7`)X_sl)YHX*pu#xf(smQE-;gR_-1V9uP?O!X5S1!EKQCqcC(dz6vUd7vabNHl*-! zvyn0ba?Yj36>bi4iCE5LzE^ie04kj&(sHHD7N}%(BkG%kn&l2itykUpm_t;$B5Acd zLrti^?A;`W($YP4yreUs?}LYJKnu1ORDA&T?*Ud<&#>sTh&}B6B~W%s6TO>LlWN{;pR-hhkqiZ@!oU~+ z0APiQdK0eh4;K&yN;K>{Yv!blx(rzGmTVZAmL(ch_@qQH(X_g21jwM&34Jz8(+)Af zYWFNZEQsRbpMe@W#6&Sj05D}@qPGZOatal4Eb!P3)h3^)Q>a9ZO+!LRy~YLp_P!&Z zsD_+MGNs{kS25m;4SZt70rzY4j_|AgfqsXOzQ$K0^r`k58SrU@`-6@Y!+QXvs~5JK zv~smg5A!CpPy_lfMHib46e6U6PLW)g!5RhmjXAIO=D+kjom(0JL)3iFJ6; zbo<$(QO*p$kPdDz`#aLu#Czn=gMTN2L%m&d+ zDKDA{B^VNTxl%t7kO7Yt`SDUu28}-IWl6&clV-I}l6Q+mLw|C(-jvtHG|$HIVNznx zd^r@U7hlh@KKkyCom(1wK`PGT9Q_-or{Ka=wP$|2!nk80yH_<-V0tT@HvSUow#f98 zE4r>-DCf0l%~Nu`0EV?A}f>}v0y zjoAxM1#4*K!^T{ zr~p8jYy4&vqRA$+H<@5@K5RPWvocUn7@kZlFqx48JDAE-;Q?LgrtnUA)t#uMB_ljN3>YD5e$AOt9&LLWQ5+n{#lSKDK7+gLSa@kXK>9QAmT>Jklsf*JCXpz zjFHasmwl8;D3KNT1Olw_1;oq5xOIjoWS-xQp^UKMLAKgaY;#jnBQR)kzit&^F(X7> z4_*atQSzotoNqJ81@=2;4F86<$kZaAhG}vFV1pE8qDyDv(s^r-Fi?lI#z^1sBNzmR zV$gw3AlOWviB6S}W*8+Ua3i&T22Bn@bTUhG2~NJYFb*F(wNRM12b|KmiP5NPH~08# zCkT%5u#@5MUVx##bS-Vhbl;A*1my>LoX3KZrkz@vtx0Ywq;aB*Hug@c3= zMv71Gk3{-lm_N7=-7TbG)nKz{EK;F;^J$pXQmn|k@%eDLgmW1FPt{|_OPK!lLnxOW z9T3-lpzx5Mt%6jE^p?X<%}te<67?S2;QrDp4ZTV1^vVK$+@9z(3~pL0iZZb!ygLVguKf&~1>x7gJSjzfs!! z)VTt%@5Y@laIF#5%r4(OdVHBZUwiXqd#sVD!lT$S z5%her3?ew@ja`!uq81iFuh8ZC_1J~{oQZiCNr29y7ha!>`gp(2!xYXsh)Qi@i`|t+ z-9jN1cH=o0Bhz9_pI)-QJSQt4z(;7LLe{xGXPI8b{=~b&KDOtFW(=# z*-l3f#I(-H>;9y7Ie+Za?shv1@%0J_IBVMWu2yW5`?6{(wEM)R-Q&Ta{l_EsIPeuC zfS&Vk>+cO8|L-JBvJnbh=ky|#+t2A2ll~yN+~y#EzM!^f+A2H6B~cSrU-ErYwCfxz z!qFYNmUhgrpB*N^t6d`r%0)0kN>8{1 z?+AQD{UMdsNF|=lf7sRn@zv1Mb^^zGu@|WxYNw%9MBiF3+@GJdTDG7(6n>VZmYhqb zDBH;N1glBY%SX_ZsNa@JS3DSkk_QA$87;}$4G=sCqToGNN(;5Z4OgO@@(gX?;-JnV z@e+J4uc8E~xcZyC+p)Kd4emIQFRA}tgA3SKE|C^eFCkhNd9SG!)xr(X5ut5`nl8l^ z*A}yI%eGtMZX*)PgP&g33un*Yp^_#!iz>%gSsNLq(I5Y3z0#L>>3lRp z@85t$bhBFv7{9>#QB-q|fg^HXm(EPb0YLyqyK~<(c#&nn9uEi;?Y}F-CS#3YSM7@6 zU$IGv&+0hI1cqv0()V1JXS>)O)LgxNec9!_a$w4}r|6PzVU`%S8BMlEclEhHXUKX0 zjDr1u8EYHg8+rNJ0%bv*CdbS$J~%@Ti;&QsF%xL{XveF5UvvM%y0Os^bxu&-CR?nH zScMwZRlGzDvtk?LmueW_myT0RI$b zsoUpwz}Ly>^L5+Vq9{@GRh$C|Xy&hY%ID02dSbhz4?BI5q!&|Xuy6AB`B(|!M9RBP zQ=q;Zr2~wU5&hAt=ecMe=%6u^ee8i1Pd9(Q!Wq;o3CtKSW6a)Dy{gF5Jxz8Jgr&(S z{jzgvB7JvnF3tgS!@^hU&d>jnXA7Pbv`-<9$g@(>-S_=QwJB?79|vmb-6oRpapnL` zJ058rMdbF06%s`-_l^*fyQ=0LV3&U$CGH;<9I+4H{)1^p50hXa&qcV&b+c!osp>#m zpj~;tvk3+vUjX2AFwtP80Ej|GcVXasg$ALt91(5}NLrT?I1N2X;ns};SqecY`VU(A zd&xW4I212*noghto&yxL?0JKU1R3%vF$y=t@K}N3eLX{SB5i91yNIzg)u8>^N}xK)BiM~FeM>do2Q?2k2fJ05bm zFdr&a5OdWz!9Y zBD2eP9JV^J1Djy(U20W!LVTymB)Z^uQix_fLKSK!NYCB!s03fyOvSc}_SoiFBrQga zC1qxuP!-T%;uZ{d>OqI`RRf(P8m>Z-pYo{74azv?YDHLSk*H0bd55ai)tZ~@rr8BI zbsZaKUhcpYgb86^rH@hyoDM5O8NOx^{x=vE(Km#t{%hp%aEB!F^MTvhmV%=dC$5lL z6NRLAvrbse)I~pZv`+Y+2Jvkb%8LxBsbCes%xzUy!9iN#9j=al4b(ng%z=g!R*Hs> zmOnGMYN|oX!C!uD|CAJ}^@!i~EQQ@+u<7=^R)EbVxxW9Fq=ok#>A;87?~4Ylz9t>` z@%}lkYO4R4v0+3biR!=3jB%?wDuAAGwW{s^(EOj{lcVniLO=B%MvE6JEC}SEsHq}o z5`r?2n^`QG>ZR_p78{{jNb*guReD(k=5y#!Cb1-A?xUK4k*71ZIyVJEys&USgH zM}3tQK4u|jc6Sw>T@EDz0nOqeqE{UNi3!dC^Y85JWNK%I-TbFT1-FkMcKqmTeiz~j zIWVlb{|!~>;ZzY@y74@Rj7MP~&nehb<2z6@3uZsxNMR>&8%{JPf$hy3-a4Cfbsi;> zwTt>p%+m?%`wl2SUsvlPR+4re_mb9f7EcS9=%NYvS=+GWz^Dlx4A%~ zsDcRnck7>z#@DqbKqfl2gF&I6tpnMYs{!=_B6;xC&tVTq! z^%XDxC!a;6sVQvZmaezX(TOjcfh0d>6oP#PNY~RR8)`zDJ!)7;PG6D`^6T{F*8!ei zb_LM-^5Oox#|$#>pA^E4>4uut3bSYsXQXj%s$Ng}KR4KpK^8~3PQohnvySD_%royt z(9GXVpQ!a~0kT_EFF-Ud{{%O^;tpshqLnxzf#ED2g8w#ikx&2uGD@*jl2`GemxOZ&Mn^ z1m~yiD3EG@(NgZAgSf;}d69PSwXdHcNEB@8B z)A><{U9}tK$^v^{xYz)zx9KJko*80sSEpOZ)w(!H7n%Vn-Zd`xI$qz=6!%=DMJJ5P*3p7wwgUJ7_xUF7vcc7~pAOh-f z03Z$YAj0!M#OliR^V-v$Z*-tY;OItslR2+eg@3r-TVv}J^|3;e3J*aivI~={jo}=` ze8uzyVn-_esFE&?=r5LRw>}(dKB&%#6$(p21Fs#z0;3~SnRHJtrDlugGlVb&n*}c) z-|cWhzQE;O0-4J7u>BpV5Sknrfee)Q4C8uaVjag~4Th+&K;T9C$hJYanc`9)lT5nH zAbnnB*Lsw`kB;0uk!lp4G{t3UQvU*sjw!E-ekCW5rK^v2OCaNxJqj&u_L}~Lj})2i zT096pxn%ZGROc-4A%jUT5hE4qB`E2(2x5PEG)a7^S1py!tc2!dlDjSv;#yV^E{{z; zc=^r=x^31Ybtr&?pduk*OW7SfqU4opLK8PV#b&2(Y^5XJ6*u+SV6$?on$x6J!}(Gi z7e}+YE4i7!brPnd4_0zM(H$19ZqvO=D={vLTv6W{78{#aJzzdk?Ief>rX0m`T@D#9 zf<88*4~`!ppcB`moHi{!g5lv83f{oGu={AYgfuoHM1W@GrrR?Ktw7)13=V&aQ!e@3?vq&WrMs5B=JI>#Sc(N_u>zUqad~Nn^ zmryTQ>Vg2EUKeyi&2)4sIWIrBeonD01}EfH5TjB^IdrntY5w;Byc*xHh$QW-z2eGG zhq$ELau^???B;5gL=D~D;_r`!y!LLfPh?VRDviy4v5mFfUr@Q4lIzkID9cXg8l8mF z87MY825`A7fMq9OHu?0M=`CEyDv%D=AATj6#8aF*TM=gS90gSF5LSb?&7k8;z|CW< zTw9F(;04X4t@IvDS^TloOWMkI<7+$#l0Zg`XdycY5~MA_ez{8uFarJq$|2P zd%;?TytQfz=}f8g#XoptzC|f$MpBN5E}c&zApVR@#QYeVW(X$b1++9LW@9Dhuo4|d zmpI5Vgcu-L|2+dt3UgeCGx8azl1Iq2=V-t4`eTRbLG>Som05^lw2Q79>LyxwY~gFtY)@xUd`k8=lG=tcr{K73%RH z=Z2?BF%Qf>m|1Kw=l~}jzzrQw`~jkgn^w6ID!QZ~Lj*Juk9l+*!u}aZ6}aIsuJ-Cr ziluYR#Y@Z@I6%DxYC4&q*oSRRP5U<%hKPA+{rQx8VCC0+Q2{)O1vfkii){4YW1>^> zD*JTxP0k_45q;lL7|svdL`GI!E8FT>BlOJwiB!>pF#P)g54q#PJ=s}5iN3wCRjFS* zPwc}1`;O~m4o{>Tw@e*G?VIFw2wg-h*NHW!lI|;?U(7S$m^clOU#R*j)Qu4zbCRDp zLj6efM`{VVe)3s;=Mk(_XXZB_0EWTkb@4Trq>QGpvNYQ_xwdFeIw4i_pu2-v^C_-< z%U2tcs|Jsga3Zj2yTY;cULmwejdOj$Wk+>1_`OIsgEud&!#LnfP)8p+sO?JvVl6WZ z%QwE?%or9NE_T+fsVY&gVmTpw?- z7c1q*ZLeuTu(wfjTvy-u$*eWaa~0Mwz;Ri*GEc{paFokfzC0iO{B2}}+vxt#DwjDj)siL^Ab$4OaDKesn6vMVGR5Oq}?FCPTHTlz1PM_BV!2cnA zATVd)?wG2)ExdDwz5_rsb0&)wTzKg}MSsQrz za;1F5Q;kD5?0PwP{_pqo-n7(fpRF5Dsmw_J5M==uSY!6a0AMRbTvpTt#Q3&6nn1pX zT8xL?3XYGp=G4?Qt0_snZLTTPI(S039nz>6CwB$zma3~ZpXVQ&5MhFv{u*mkMQ))E z;RV#)uCcD#+bk1wE7#|<#8*|u=LW+~)6%RdP6E(#D%>sr}s zC5SaUc|6wV`6iUE6FhY^mU41uESvjB6NF2m3$cW5qp7oqsC`Z!RK*#}VhV_9M3x#o zEtq4RrvCA7OweGU>8~rBP}JWgGEuyn(LM6UbNkehBrB@J3i=Zu2b9Nzn|z5bTIAz!n3sz^I8a7POkxyEP9Hq@uxk4|omZOmg| z@KK+Ld^#0>G;>nWx<`^jD+V>a0vf8OyOfbkG^WBj4FSToVxZfY%>Kgb=- z6nF;l39TU{*ypFBC8)i*6zv=K{mpl*Pyj)#z(GO$Kvor0cgg>3EoGT$|Gqef$9b9v z)B>2$k$>T>aBvWJ6zI4Y9(9EvQ-o|u0PvL>1_D`s?HRtp^-((%I>Ud3#s?NM=uO*;_1WnPN3d^_(xpuWW$|w)W@{d2q+2 zLnAgK#Py*wv&tWs20b_gzWJ5R=kD(NHRRU*&o}jSDLcSI<~Oi|ja{%l8Y8&Y;)dMt zz;EpF$V2|h0@9E|Hn}AP4_p zq1%VyDah6CZA2&FeTP=$D2$Dv2Dmi+a$qWx#6i@I1m!+zI3)#v+!b)ML6AgNvma0$yMr`8XO3Kgov}hvPkq90pf+jq z;&rF%EI1EzxX)U?dLK#<_AfL+L_UnZA26uhcjpf%@8KD~|AgB0(^s}G*(P_m!$K5Q zreO4}K~vA&IA2=NIh(|O!n#A2dK){_`bU^aoNkv%+=zTHhx?m)?@}=!*&5wSNG4xt z+27iV2)!WD^yBnXSJ5=W@gfM`{_9s+l zEysFl>v%K!a97-t!`aq@H{Y`E{@I_pdv*&pVR8Jw*vPW;g!fbKe+ja{|5#^U_BliI z)o(d(EaSwC-2H&lU0!rt{mumGmKkSV9sJ531SNx-8_{-@3$-7ByYY~MiW*SU9jm z!efk4S6A|GVHDs6jujwnJUm|#EaArD58q4qCJ;a-4kFJ18}B*nLhR14ALib+bhgr6 zyV?|K*1Ac+3?1vg01?;BO+SHif6jnsfWC4x`AKvL0yBt7N@jV758o!enn^0{mae430Ew*pB?{@7m;ZCVNGj!%_33R;N6oK zlhpmw*$LxXlW`Wgde;^u?z*@jvg2B!GrqTo;m+WOiIF$twWm=Ken5nY^6|Ycbahux zUtD&f2RxrzfvUn`40B_#3`JB&i*E&5c!GTkw)0b&ZVyi}`HAjks=G6vQ9a(BASOO+v1O8q*?7=m6BqGR3@Eia5G7DD*;$;nXz z^efWVmDDAfpu`kA(K&2Wr)Rj(6FW4KIpxHNaY?U*>u~g4Zs>DLcGAHIltE;Zd{(h->y7VRF1q-bF{tIOytRpYL-cj)4jEi;p`$ zS8IaHcn{DR{_L>{m@Wf7@F%&6-liJUhhu=5eTt>wB6QLxLoFBVHUOtLU@| zXAP4M6XLi32|KQg00t2?7C%OfHFW-yQqgPuG{r)V*5NMY$$Ca3H{PVIJ+pdAV`1X= zqxaR{Da7=uu?dpRbJQGbqq~_!-Mx_&DxV%j)eIJmf@Sv#ZKXd6s{~OJ=x#pLw5fIq z8(S84jw2TSgZ7SL`ekSpid*&YtA(0%m?6(~=htW-Sn1~rDfn9`rgvxHomO5*9I>)8 z*%H}v2C}wkrkf0WD4wLCL1UGL2~WOJ$SgAQuS&|v{%J;Q3AK_zU@|Fvia}ritv*Z>o zJM>(bEZ2~L;G62bu*1S9r;x}D0bVah%#Li?w~8pa6z%T!7NW_m^B7&qMtp(b0cFc5 z*DgOVMMwJv(f5W+@oZ)rB26CGx*JyQW5g*e$s`W*ms)d_qB%F+pJv)Y^Lp+{C^@@$ z-|jpwdCCOV^Z3&JodLQ)lvYZI6_l?S+@}g&t8$Jd*<(b2#?$y;NBn$ik@C-Bzo1yq zu}`GGhIB7wxO>PF?wtQ<-9{DR=)T|uesfSS-f%+0>`Ucs&ak#k(Unu$?m1ZPxNe21 zMmTKrx_D~b!3Iph_accL=ao|VNx@(40TJcogK&ePqyA>Mf);oRsr=*XC-s1615B1ybisejMYuSaIa{EUg!bYcnCT2Q;Z$=Te6Mbyw7s=P&jZNo! zV=maK-QjO$`-gcmzVx>QCdrULM!%g$@1Y#mZwoCExHlA~n%KqF_=dAuqj|_~@us5VEl49ZpWu?w%ZA+J~2`{%p zcSTaKSo=_}Cxhtk>}&3{B*#ISWAQhn2{70rDQL3DLTR8dSbr@Cu6b}CyD z`Z-aOTSHXugz}q;)V(#|!F)Q?#-qmmWoml#I9dsHbtpZr&NL%s5H{%U!9 z6MRmh+6*&ym*O-|Jv{|?%7jJD!H{WrzH(v;g}2+a^@x0ob@}E8fM&V6d>K^#N4(qr zxR!RO*!T49Fk>P`kT|qV%HD7pEg@wr}QIE5Dz(-x{DGVw}q-BT4Z&N+6^)eI97yf_G*|Ijp zeb{igHg9k!9*vPj;olh8lQH$lM?;CZ7%1n?sIEYlLd$=s{vKx?807V4c91a}$O9!$ zoa-L_n_o4FeW2{)5p#qQUY;b(yCbR%OZi;RpaC`uMnnQbZfUI$i?8)Capcl*BXIi5 zfZ0S*Nv8)3ee^xrG_x?I`Ux7m4YJsE2+6*2ZO%j<)7e4ogE zbF3A5hwxyu8m)mS)wVKr`^*w%EzxyZHiPR{kl)|+FcmtdTm6o~5|++@C83*mZd0vi zt&>7se_7r>YBxP3?Ec_$o-tXD7TVIr(+(re61zI3(cH>9orKXNXNDCle6kFF#(BH*|*=kbw0dXBom|s zPqcw#H|!AV;(E|1;bo$2dUh|H0-G_ZF8Wh z898#8DmLpYRrR{*vOm-ub|ETPt!;-$6EW$l!sn)vwd%`oUcR*KagS=Ne<+ruR#kUt zmR$@JCmKwTtWMK5E5H2(qcT)R5*Tf{x}fsS<7=+C!{%UwjAbDBXd1J)VQn9U3bXS4 z7zC3q2&P#Dx!w53n&&5mHvfi7U-Dg;rPB%pRZfjCO@0+@%XnfHm;tZ#dNpwFmb|S5 z-qW3K)&EmTg7-I+J^y~BSW)Q@d-et|o(#l{LO>#Rp53HM?<-qZcw7w|0=OkZSfRPI z5948;n>Q^3IxvFFB@ufdOb+cv|8MjkV1Hq9&!&*Hxou7;!mr)5z`5MIh|!v zm9D6o&*ssJL#wx_7$1mTJDb2Ix5KcOeVGaM+PBqEi#b49IlLi0V69jl zp^*Q8$2;M}JLD57{1&&;?8V#DTRNEd-$;T^^;&<(eYY`DkVB#ME<8u&`DrqGa_W0i zq;0+Ir&dWJhGHiY2aL{jyAYgo6a-XS`Q#(5R=tlFQMQqrb069`T>{h#T7xqBj!rYO zr1Vt|UAkA0$*1<7;qKJVdORc*TzrHVI-H#F7KscTBY&~OES-qg*l4&<{!#D-$NUH7 z+fFV~$k1<~S{}7MwzLPwrKFa2pPEJP2iF~wU-n~p((`P+G2PIZuoUI-6U1K`Ar-py zV~}G8U!}-S>BWP8$QrZK&Jy%BWOkKQ0N9%rmdb8XakWD0U!nj^d~Pj3!;{QEG+I?{ z!5ro+nNQcNA@nDsVTdcztSY7|msM7PdXDozWulgXhPhNGl@@DN&7capx`rh2Z&bIE zgWDxv!Hc}=w_!>`1?Ew>sNsTWCwpWid|%C9!T+4(*z=2w1FLt7P&>Jv2vUQNBBa_E zl<2)E$j%N;pg;mAo=Ig9{IYGXsm|u^o1}UsXW_Z)Hpj6&D4GmrQh3b23Yp4nq_jCg z=vrSdXx>S-1N$u_;LJy2)p*1LId~%O4um=mA1QV(5eS;kM(pzRbx@WAM43SY~ zdA!(Av%_^sH7RvqH2PzLKd_mU@kMgan2Y~v9$+cwh(8{)p@I|9U4CTZGY>e+Jn)WT z6t1P}Pm9C^6Qle5j933zEbY}DK3~xi=UN$(EHBBI8pF*cMPuglRo^3GFYlo#Pz>d8 zU1u2W>e-Ax%3z~a4Rj;&0;7j-hkvIKAq`hJ_-qYq4QPVD07R)>Nbow0=&XPq66sp) zvS9W(dvx1ve}#Nk)>vp#nM7fUk<^{gTKX%a^|$~j@mG*f;LzK<09{?54^+`PO+m~% zWk^Zq{r7d4{ccCNG5o5Ew+lTEw2EI}P?ld0j=Re!Uovp-ou{PVpl3pNrs~wi_(8(Q zIvgYmiE^kn(!plD5}r?8{|(-**a5x<##eKv(bsIkm1=y1ec21Sx?(K5x%fB7i^!g` zMdG3Zp)4_~S9hCttXj7$jY8shQt>TW1+Ucq+3mh2Q|cp)c9F?KS0_kw7I zSs2et;{jRm$XXbm{E+6FSNFw~(g%v_`vW<-l9P|8t0$RcuW%oUy0Z(YO*N5G3U%E0 zgx2Aprqs%xqXlWpP{d|1=4+BE@{+GAC1~2DIf{4v z3$WBL9BC?&(**ZB%sEdaC2?x96-j3S;&gst_~dRA#p{71>B*p^u_x$qlviyDffD#e zzAZ6`QxcBpXMf0qfL(SrG3KZibrPB#Ezn5B<= z2vT#jZ%KZx(%N zLCa{OV~qGQ{fQG{ltMqcYs&5b&IBeRU|+Lp((9vI5DY|nUt%b6Oj8J!a$iHc`om#j zjW@XMlcakhp$lXMr%rTMT(HTZ%1K%oNb_+?>>>?Bv`3!0V({pBsn! z2zgm3X#2|2lNwgOsMg^AEG3gn$CJEH1^#FaG{Q#oL7y}k)}#*ooS@P$>$EqFQ(Y>9 z=hn%KemoGn)#&Y_$Qi|?Yv@S*M2AysIF)mVp>l<240+sSPI7W#N;?Fc4CAM{YFXR4 z`w4)m>BpO_vMt>_1UiM&h*`G$&F~8}aDct+JGl}_=A}A8BR;)ch38k=)=4vsp--W9 ze?VwZj*@m0Uop!toY)p98SxxgJg7NwcW5xvU)?4%N~1-v$a0)xQf%s07T2)ijAm(P znBM3lGO=Mk$mZ_0Qo=2_Fq2YhB}-|%w4_@q7+2IHo88-WG>UC}^-r1GfZJy7#&_NK zq~e$FZBfU{@6^AsVmbB0a#7(qJQO#vul%#I5zgG!Y+`T6c9`ltS@SK@;W>Q#7FGS( z*a~O%Xg0aDWjl=Xp3M0cY499gikn=1kJ=1pe)<-DkIMC)?EV%R@Em@Ai@rx~hchEL zn-F}D3iO@~_QPsgnkAIR$;y$&$uyBNVI1k+VQSsAlJ&q_kG@MU5s25y${Dqss&u*< z&X}Ah9Iu{|H)}RuYJb|(H9tW%UpA*?)o!xhz|Edgp5R=}tzmJ@3W(T-O{2fL(N3dx z>)ux+dV-sGDN z3U4j~i9)jbXe!rC+4Ra%pMzC;U?c@9I7JYU?C44mXAl_D2`bp?Um)-4;%`=5>YTv# z(}`*9*J`8_cEpxo;ili@`RWT= zQ3ezY9pwLCgZjG=&Hr}%e=1V{-;?~`rELD!44>cSt^c3GHi|NkQ2(ibeV-xUZIJhW GPyYijhRd@6 diff --git a/Solutions/Azure Activity/Package/createUiDefinition.json b/Solutions/Azure Activity/Package/createUiDefinition.json index d0abf6cd829..df21571a6ad 100644 --- a/Solutions/Azure Activity/Package/createUiDefinition.json +++ b/Solutions/Azure Activity/Package/createUiDefinition.json @@ -6,7 +6,7 @@ "config": { "isWizard": false, "basics": { - "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Azure%20Activity/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Azure Activity](https://docs.microsoft.com/azure/azure-monitor/essentials/activity-log) solution for Microsoft Sentinel enables you to ingest Azure Activity Administrative, Security, Service Health, Alert, Recommendation, Policy, Autoscale and Resource Health [logs](https://docs.microsoft.com/azure/azure-monitor/reference/tables/azureactivity) using Diagnostic Settings into Microsoft Sentinel.\n\n**Data Connectors:** 1, **Workbooks:** 2, **Analytic Rules:** 13, **Hunting Queries:** 14\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", + "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Azure%20Activity/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Azure Activity](https://docs.microsoft.com/azure/azure-monitor/essentials/activity-log) solution for Microsoft Sentinel enables you to ingest Azure Activity Administrative, Security, Service Health, Alert, Recommendation, Policy, Autoscale and Resource Health [logs](https://docs.microsoft.com/azure/azure-monitor/reference/tables/azureactivity) using Diagnostic Settings into Microsoft Sentinel.\n\n**Data Connectors:** 1, **Workbooks:** 2, **Analytic Rules:** 13, **Hunting Queries:** 15\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", "subscription": { "resourceProviders": [ "Microsoft.OperationsManagement/solutions", @@ -558,6 +558,20 @@ } } ] + }, + { + "name": "huntingquery15", + "type": "Microsoft.Common.Section", + "label": "Azure Machine Learning Write Operations", + "elements": [ + { + "name": "huntingquery15-text", + "type": "Microsoft.Common.TextBlock", + "options": { + "text": "Shows the most prevalent users who perform write operations on Azure Machine Learning resources. List the common source IP address for each of those accounts. If an operation is not from those IP addresses, it may be worthy of investigation. This hunting query depends on AzureActivity data connector (AzureActivity Parser or Table)" + } + } + ] } ] } diff --git a/Solutions/Azure Activity/Package/mainTemplate.json b/Solutions/Azure Activity/Package/mainTemplate.json index 0c319dbeeb6..0eb9a577166 100644 --- a/Solutions/Azure Activity/Package/mainTemplate.json +++ b/Solutions/Azure Activity/Package/mainTemplate.json @@ -62,7 +62,7 @@ "dataConnectorVersion1": "2.0.0", "_dataConnectorcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentId1'),'-', variables('dataConnectorVersion1'))))]", "huntingQueryObject1": { - "huntingQueryVersion1": "2.0.1", + "huntingQueryVersion1": "2.0.2", "_huntingQuerycontentId1": "ef7ef44e-6129-4d8e-94fe-b5530415d8e5", "huntingQueryTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('ef7ef44e-6129-4d8e-94fe-b5530415d8e5')))]" }, @@ -131,6 +131,11 @@ "_huntingQuerycontentId14": "81fd68a2-9ad6-4a1c-7bd7-18efe5c99081", "huntingQueryTemplateSpecName14": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('81fd68a2-9ad6-4a1c-7bd7-18efe5c99081')))]" }, + "huntingQueryObject15": { + "huntingQueryVersion15": "1", + "_huntingQuerycontentId15": "26d116bd-324b-4bb8-b102-d4a282607ad7", + "huntingQueryTemplateSpecName15": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('26d116bd-324b-4bb8-b102-d4a282607ad7')))]" + }, "analyticRuleObject1": { "analyticRuleVersion1": "2.0.3", "_analyticRulecontentId1": "88f453ff-7b9e-45bb-8c12-4058ca5e44ee", @@ -422,7 +427,7 @@ "eTag": "*", "displayName": "Microsoft Sentinel Analytics Rules Administrative Operations", "category": "Hunting Queries", - "query": "let opValues = dynamic([\"Microsoft.SecurityInsights/alertRules/write\", \"Microsoft.SecurityInsights/alertRules/delete\"]);\n// Microsoft Sentinel Analytics - Rule Create / Update / Delete\nAzureActivity\n| where Category =~ \"Administrative\"\n| where OperationNameValue in~ (opValues)\n| where ActivitySubstatusValue in~ (\"Created\", \"OK\")\n| sort by TimeGenerated desc\n| extend Name = tostring(split(Caller,'@',0)[0]), UPNSuffix = tostring(split(Caller,'@',1)[0])\n| extend Account_0_Name = Name\n| extend Account_0_UPNSuffix = UPNSuffix\n| extend IP_0_Address = CallerIpAddress\n", + "query": "let opValues = dynamic([\"Microsoft.SecurityInsights/alertRules/write\", \"Microsoft.SecurityInsights/alertRules/delete\"]);\n// Microsoft Sentinel Analytics - Rule Create / Update / Delete\nAzureActivity\n| where CategoryValue =~ \"Administrative\"\n| where OperationNameValue in~ (opValues)\n| where ActivitySubstatusValue in~ (\"Created\", \"OK\")\n| sort by TimeGenerated desc\n| extend Name = tostring(split(Caller,'@',0)[0]), UPNSuffix = tostring(split(Caller,'@',1)[0])\n| extend Account_0_Name = Name\n| extend Account_0_UPNSuffix = UPNSuffix\n| extend IP_0_Address = CallerIpAddress\n", "version": 2, "tags": [ { @@ -477,9 +482,9 @@ "contentId": "[variables('huntingQueryObject1')._huntingQuerycontentId1]", "contentKind": "HuntingQuery", "displayName": "Microsoft Sentinel Analytics Rules Administrative Operations", - "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '2.0.1')))]", - "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '2.0.1')))]", - "version": "2.0.1" + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '2.0.2')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '2.0.2')))]", + "version": "2.0.2" } }, { @@ -1587,6 +1592,91 @@ "version": "2.0.1" } }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", + "apiVersion": "2023-04-01-preview", + "name": "[variables('huntingQueryObject15').huntingQueryTemplateSpecName15]", + "location": "[parameters('workspace-location')]", + "dependsOn": [ + "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" + ], + "properties": { + "description": "Machine_Learning_Creation_HuntingQueries Hunting Query with template version 3.0.3", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "[variables('huntingQueryObject15').huntingQueryVersion15]", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.OperationalInsights/savedSearches", + "apiVersion": "2022-10-01", + "name": "Azure_Activity_Hunting_Query_15", + "location": "[parameters('workspace-location')]", + "properties": { + "eTag": "*", + "displayName": "Azure Machine Learning Write Operations", + "category": "Hunting Queries", + "query": "AzureActivity\n| where ResourceProviderValue == \"MICROSOFT.MACHINELEARNINGSERVICES\" // Filter activities related to Microsoft Machine Learning Services\n| extend SCOPE = tostring(parse_json(Authorization).scope) // Parse Authorization scope as string\n| extend subname = split(Hierarchy, \"/\") // Split Hierarchy to extract Subscription Name and ID\n| extend ['Subscription Name'] = subname[-2], ['Subscription ID'] = subname[-1] // Extract Subscription Name and ID\n| extend Properties = parse_json(Properties) // Parse Properties as JSON\n| extend Properties_entity = tostring(Properties.entity) // Cast Properties.entity to string\n| where isnotempty(Properties_entity) // Filter activities where Properties.entity is not empty\n// | where Properties_entity contains \"deepseek\" // Filter activities where Properties.entity contains \"deepseek\"\n| where OperationNameValue contains \"write\" // Filter activities where OperationNameValue contains \"write\"\n| where OperationNameValue !contains \"MICROSOFT.AUTHORIZATION/ROLEASSIGNMENTS/WRITE\" // Exclude role assignments\n| extend LLM = tostring(split(Properties_entity, \"/\")[-1]) // Extract the last segment of Properties_entity and cast it to string\n| distinct TimeGenerated, tostring(['Subscription Name']), ResourceGroup, tostring(['Subscription ID']), Caller, CallerIpAddress, OperationNameValue, LLM, _ResourceId // Select distinct relevant fields for output\n", + "version": 2, + "tags": [ + { + "name": "description", + "value": "Shows the most prevalent users who perform write operations on Azure Machine Learning resources. List the common source IP address for each of those accounts. If an operation is not from those IP addresses, it may be worthy of investigation." + }, + { + "name": "tactics", + "value": "InitialAccess,Execution,Impact" + }, + { + "name": "techniques", + "value": "T1078,T1059,T1496" + } + ] + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('HuntingQuery-', last(split(resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject15')._huntingQuerycontentId15),'/'))))]", + "properties": { + "description": "Azure Activity Hunting Query 15", + "parentId": "[resourceId('Microsoft.OperationalInsights/savedSearches', variables('huntingQueryObject15')._huntingQuerycontentId15)]", + "contentId": "[variables('huntingQueryObject15')._huntingQuerycontentId15]", + "kind": "HuntingQuery", + "version": "[variables('huntingQueryObject15').huntingQueryVersion15]", + "source": { + "kind": "Solution", + "name": "Azure Activity", + "sourceId": "[variables('_solutionId')]" + }, + "author": { + "name": "Microsoft", + "email": "[variables('_email')]" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + }, + "packageKind": "Solution", + "packageVersion": "[variables('_solutionVersion')]", + "packageName": "[variables('_solutionName')]", + "packageId": "[variables('_solutionId')]", + "contentSchemaVersion": "3.0.0", + "contentId": "[variables('huntingQueryObject15')._huntingQuerycontentId15]", + "contentKind": "HuntingQuery", + "displayName": "Azure Machine Learning Write Operations", + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject15')._huntingQuerycontentId15,'-', '1')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject15')._huntingQuerycontentId15,'-', '1')))]", + "version": "1" + } + }, { "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", "apiVersion": "2023-04-01-preview", @@ -3167,8 +3257,8 @@ "SourceTenantId": "SourceTenantId" }, "alertDetailsOverride": { - "alertDisplayNameFormat": "Subscription {{SubscriptionId}} changed tenants\n", - "alertDescriptionFormat": "The user {{Caller}} moved a subscription:\n\n{{Summary}}\n\nIf this was not expected, it may indicate a subscription hijacking event.\n" + "alertDescriptionFormat": "The user {{Caller}} moved a subscription:\n\n{{Summary}}\n\nIf this was not expected, it may indicate a subscription hijacking event.\n", + "alertDisplayNameFormat": "Subscription {{SubscriptionId}} changed tenants\n" } } }, @@ -3400,7 +3490,7 @@ "contentSchemaVersion": "3.0.0", "displayName": "Azure Activity", "publisherDisplayName": "Microsoft Sentinel, Microsoft Corporation", - "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

The Azure Activity solution for Microsoft Sentinel enables you to ingest Azure Activity Administrative, Security, Service Health, Alert, Recommendation, Policy, Autoscale and Resource Health logs using Diagnostic Settings into Microsoft Sentinel.

\n

Data Connectors: 1, Workbooks: 2, Analytic Rules: 13, Hunting Queries: 14

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", + "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

The Azure Activity solution for Microsoft Sentinel enables you to ingest Azure Activity Administrative, Security, Service Health, Alert, Recommendation, Policy, Autoscale and Resource Health logs using Diagnostic Settings into Microsoft Sentinel.

\n

Data Connectors: 1, Workbooks: 2, Analytic Rules: 13, Hunting Queries: 15

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", "contentKind": "Solution", "contentProductId": "[variables('_solutioncontentProductId')]", "id": "[variables('_solutioncontentProductId')]", @@ -3500,6 +3590,11 @@ "contentId": "[variables('huntingQueryObject14')._huntingQuerycontentId14]", "version": "[variables('huntingQueryObject14').huntingQueryVersion14]" }, + { + "kind": "HuntingQuery", + "contentId": "[variables('huntingQueryObject15')._huntingQuerycontentId15]", + "version": "[variables('huntingQueryObject15').huntingQueryVersion15]" + }, { "kind": "AnalyticsRule", "contentId": "[variables('analyticRuleObject1')._analyticRulecontentId1]", diff --git a/Solutions/Azure Activity/ReleaseNotes.md b/Solutions/Azure Activity/ReleaseNotes.md index 0a5aa944bfb..4c10fa37a46 100644 --- a/Solutions/Azure Activity/ReleaseNotes.md +++ b/Solutions/Azure Activity/ReleaseNotes.md @@ -1,6 +1,6 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|----------------------------------------------------------------------------| -| 3.0.3 | 30-04-2024 | Added new **Workbook** Azure Service Health to the Solution | +| 3.0.3 | 05-02-2025 | Added new **Workbook** Azure Service Health to the Solution and added new **Hunting query** Machine_Learning_Creation.yaml | | 3.0.2 | 21-02-2024 | Modified Entity Mappings of **Analytic Rules** | | 3.0.1 | 23-01-2024 | Added subTechniques in Template | | 3.0.0 | 06-11-2023 | Modified text as there is rebranding from Azure Active Directory to Microsoft Entra ID.
Optimized the **Analytic Rule** query logic to achieve expected results |