From c08e22a4eb3e078e3df65ab7539622c52d7acadb Mon Sep 17 00:00:00 2001 From: v-rusraut Date: Thu, 7 Nov 2024 15:06:39 +0530 Subject: [PATCH 1/4] Repackaged - PaloAltoPANOS --- ...eHashEntity_Covid19_CommonSecurityLog.yaml | 8 +- .../PaloAlto-NetworkBeaconing.yaml | 8 +- .../Analytic Rules/PaloAlto-PortScanning.yaml | 8 +- .../PaloAlto-UnusualThreatSignatures.yaml | 8 +- ...o Alto - potential beaconing detected.yaml | 8 +- .../PaloAlto-HighRiskPorts.yaml | 8 +- Solutions/PaloAlto-PAN-OS/Package/3.0.7.zip | Bin 80205 -> 75256 bytes .../Package/createUiDefinition.json | 30 +- .../PaloAlto-PAN-OS/Package/mainTemplate.json | 812 +----------------- Solutions/PaloAlto-PAN-OS/ReleaseNotes.md | 1 + .../data/Solution_PaloAlto-PAN-OS.json | 4 - .../WorkbookMetadata/WorkbooksMetadata.json | 2 - 12 files changed, 27 insertions(+), 870 deletions(-) diff --git a/Solutions/PaloAlto-PAN-OS/Analytic Rules/FileHashEntity_Covid19_CommonSecurityLog.yaml b/Solutions/PaloAlto-PAN-OS/Analytic Rules/FileHashEntity_Covid19_CommonSecurityLog.yaml index 5aba013bee0..6c6bfcbe3d8 100644 --- a/Solutions/PaloAlto-PAN-OS/Analytic Rules/FileHashEntity_Covid19_CommonSecurityLog.yaml +++ b/Solutions/PaloAlto-PAN-OS/Analytic Rules/FileHashEntity_Covid19_CommonSecurityLog.yaml @@ -5,12 +5,6 @@ description: | severity: Medium status: Available requiredDataConnectors: - - connectorId: PaloAltoNetworks - dataTypes: - - CommonSecurityLog - - connectorId: PaloAltoNetworksAma - dataTypes: - - CommonSecurityLog - connectorId: CefAma dataTypes: - CommonSecurityLog @@ -72,5 +66,5 @@ entityMappings: columnName: FileHashValue - identifier: Algorithm columnName: FileHashType -version: 1.3.5 +version: 1.3.6 kind: Scheduled \ No newline at end of file diff --git a/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-NetworkBeaconing.yaml b/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-NetworkBeaconing.yaml index b34d5bfb4aa..110e00a0d2f 100644 --- a/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-NetworkBeaconing.yaml +++ b/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-NetworkBeaconing.yaml @@ -10,12 +10,6 @@ description: | severity: Low status: Available requiredDataConnectors: - - connectorId: PaloAltoNetworks - dataTypes: - - CommonSecurityLog - - connectorId: PaloAltoNetworksAma - dataTypes: - - CommonSecurityLog - connectorId: CefAma dataTypes: - CommonSecurityLog @@ -68,5 +62,5 @@ entityMappings: fieldMappings: - identifier: Address columnName: IPCustomEntity -version: 1.0.4 +version: 1.0.5 kind: Scheduled \ No newline at end of file diff --git a/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-PortScanning.yaml b/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-PortScanning.yaml index 9c1c9fa0848..af0bd93a483 100644 --- a/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-PortScanning.yaml +++ b/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-PortScanning.yaml @@ -7,12 +7,6 @@ description: | severity: Low status: Available requiredDataConnectors: - - connectorId: PaloAltoNetworks - dataTypes: - - CommonSecurityLog - - connectorId: PaloAltoNetworksAma - dataTypes: - - CommonSecurityLog - connectorId: CefAma dataTypes: - CommonSecurityLog @@ -68,5 +62,5 @@ entityMappings: fieldMappings: - identifier: Address columnName: IPCustomEntity -version: 1.0.6 +version: 1.0.7 kind: Scheduled diff --git a/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-UnusualThreatSignatures.yaml b/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-UnusualThreatSignatures.yaml index db90df11763..28aa6900ad2 100644 --- a/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-UnusualThreatSignatures.yaml +++ b/Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-UnusualThreatSignatures.yaml @@ -7,12 +7,6 @@ description: | severity: Medium status: Available requiredDataConnectors: - - connectorId: PaloAltoNetworks - dataTypes: - - CommonSecurityLog - - connectorId: PaloAltoNetworksAma - dataTypes: - - CommonSecurityLog - connectorId: CefAma dataTypes: - CommonSecurityLog @@ -59,5 +53,5 @@ entityMappings: fieldMappings: - identifier: Address columnName: SourceIP -version: 1.0.2 +version: 1.0.3 kind: Scheduled \ No newline at end of file diff --git a/Solutions/PaloAlto-PAN-OS/Hunting Queries/Palo Alto - potential beaconing detected.yaml b/Solutions/PaloAlto-PAN-OS/Hunting Queries/Palo Alto - potential beaconing detected.yaml index 396e79a855a..288f1461538 100644 --- a/Solutions/PaloAlto-PAN-OS/Hunting Queries/Palo Alto - potential beaconing detected.yaml +++ b/Solutions/PaloAlto-PAN-OS/Hunting Queries/Palo Alto - potential beaconing detected.yaml @@ -6,12 +6,6 @@ description: | severity: Low status: Available requiredDataConnectors: - - connectorId: PaloAltoNetworks - dataTypes: - - CommonSecurityLog - - connectorId: PaloAltoNetworksAma - dataTypes: - - CommonSecurityLog - connectorId: CefAma dataTypes: - CommonSecurityLog @@ -64,4 +58,4 @@ entityMappings: fieldMappings: - identifier: Address columnName: IPCustomEntity -version: 1.0.4 \ No newline at end of file +version: 1.0.5 \ No newline at end of file diff --git a/Solutions/PaloAlto-PAN-OS/Hunting Queries/PaloAlto-HighRiskPorts.yaml b/Solutions/PaloAlto-PAN-OS/Hunting Queries/PaloAlto-HighRiskPorts.yaml index 9364a983912..01614a828e3 100644 --- a/Solutions/PaloAlto-PAN-OS/Hunting Queries/PaloAlto-HighRiskPorts.yaml +++ b/Solutions/PaloAlto-PAN-OS/Hunting Queries/PaloAlto-HighRiskPorts.yaml @@ -4,12 +4,6 @@ description: | 'Identifies network connections whose ports are frequent targets of attacks and should not cross network boundaries or reach untrusted public networks. Consider updating the firewall policies to block the connections.' requiredDataConnectors: - - connectorId: PaloAltoNetworks - dataTypes: - - CommonSecurityLog - - connectorId: PaloAltoNetworksAma - dataTypes: - - CommonSecurityLog - connectorId: CefAma dataTypes: - CommonSecurityLog @@ -116,4 +110,4 @@ entityMappings: fieldMappings: - identifier: Address columnName: DestinationIP -version: 1.0.1 +version: 1.0.2 diff --git a/Solutions/PaloAlto-PAN-OS/Package/3.0.7.zip b/Solutions/PaloAlto-PAN-OS/Package/3.0.7.zip index c13ebb456b948c78ce884e62cba62b4173cdd0fc..06971f5bcb25197035e670fc0e6e9fbc7abb8fe7 100644 GIT binary patch literal 75256 zcmV(}K+wNXO9KQH000080LXS{S;^0wFLMq60NywN02crN0Aq4xVRU6xX+&jaX>MtB zX>V>WYIARH-CO-`8#faF|A2c3LOsB;q1D=H(zL;)h0aczplRa9Zi7P{6x1%I!QV`hi3K0rV}s1v z(%g$^PoJ+Bc54GS{{P_4t%w!?0RK@uF zD!1~d#rR)F6`u`8j#tKuG#8q9eJ>NOjGEc;#L@0h2$Ro+HXuZkd(6V)l54&Y7LzdJ zHyXlVqKcWEw*wfG=7s!~>lA}Co*OZ0o=mxsiRn(pU@AJ zay*wdtEQC^8XPTYh;-vt;{T0KFenR=$50l8j89Zv5m6H#^IT1GtD@t{)9BeroU6HV zgAu1u`Z_L)`PqOiWok2UzI&&9gRhy8^UOBizdkF@ioLz3%8Gk?d+azD+z6({OlW2m zvzcHsmFH?Hi#eN$nbLyE!dRZ?G(yi!5b7QyTL1gcf7x@V;@(5{^11M|iIsUZtQFyv zaPi8m7UJ^d2jY(Qc#-asB#cBk%>*P~@D+q-FJBjGSukl#)fIuihMAh!1eUeP#?AJV zcUdX40B=H%^&z=gqRQk1H!-rCfB_{5+f-RTJ zafzw4rA3(NG!?!?MkJM%c7=gAHkykL8LJlH4z*$wF3sek z)aslRb}o#SbGMQ)b`YwbON==o7eS|F#rPjAoRCV-c>x!tcXkX53hL4|eqyaMrpll! zmhh5KWsZmgmlY1Ph#R4B6oYUAtr9r2CA+W9e?C`-usFSnF_mg^ql(V)34obU4lW0R| z4SsqiAs=|r!LnX8n?es%$lr93XCu)utCuM0` zPVLm=+7f8wE=l$BiQu~M_URY2=@J_;$ECzN@a(dGvrQ^Z(0ljGP1H(NvO5@cl98#V z-E7p!Q+Nmh@QOqn!$oB3^We+w4A#xE&uX7B-#2MJZa8H=2aDU5IZ0l^ZP!m}ye zKawd~S50KZmV(U%qLpPc4f_gyis0m}6A`plMNhi7y+sYqrIFKI)DYwX(d!NUR;#Mq zkl#i72f+>T)at5BsQwr})P!4*)0jpV?G%7ev~H~N$>c?|l&(~ERf;}fYs`8)(Thnb z;bT^-y#JO``KhE;3|uIk$(*1X1%}pmpiTr$7g{J9lX9O29WbW^gnSB*BJI&e2ufuQ z&|c16R?@><6my#mdrBPcj%kIvqy61igTAVN0W`4Nj3iS86$jrwIPF^|0H@6yNAQPv z47<(=Mlv1kbiCnx9q1cg$|ykH`-qhL(f*gw{=p6e-nP4qNZWRC`JNl-Q`h)NtMUjq zsW&_4Q<2m3?bd)anutv0sYmfAZhshO7qDKlf)pH6!f`IC<+Sgr$U7#{u?X{lCSj~b z#?ygY^(k4V!}{bv2b*dyp0$JE86+(%DwKU zezj(&WZM9F>1K@RYOD=O-ATdFUe(b9*uA_ocx(;jeM8!O4DWdoX7slU7y?@*(>jU| z4qZ)0d7Z4`g1j*(m9hQzjsU#7KGfwt&3P(LrF9CpKtk9VCCQDnx}H5Y)DT%f`i-=9 zp&OoJ_CJtuUT?gjN}rrJG8T~|9<^VsBS6!rX^8r#2E2s9=P=+JgBuURNvqZ^*6LM_ zNP*!naT5lO*<=Qrzo?KLF$@EmR;GSZ3*yK*AH%)kBd(GwbBv z_6M$@&V%>Yyl(x4Mj>q>igHf3U7XI`i`evR^eP1Bel;>T>Ut9SLnWwaRH_hi!ur^h0&3Z(j zpSSBnYXh&kUq8&uZ+#Lo5B(O@&a?s7ZtS;ih_SEjYSX)EjCReiyXM$2F3{F^hb;uB zp2@7r+h&g}X0EwH31hlyjGo9jgPVe<5JjL(4XLusrLW&Yd&b{ zuJZ>GXgFVT4S024<CJw9eUO)+e?^zA-2O*Jd}!_w4ak8>ykU8;&|iz?VMlS$@U+=a3Xj!y=Z zz;gkekZ#5-`*-4l+p#JIY?zvCNTN|f z4c8FQBT1}sIVWF;e_zx5{2EQOjaU&Y6H^T^iE>AZKIZgWppL>-jq>xGV3h4T zOKt&~iV&tZi>ta$c1PJ$ZeUV~sG1B%lkF1jPel#`t|^WEDL#UuUNwQ*uyYEdfcD@0 z@Py5(!flT$ml5!jitwAG#T+qTC&T6oSLbu>%Lrd@E5L`k+*VVHwBAKH9LZG~GlUkp zk$~833CpQjyWqM;L5+<%8}l|)K@_UOq70!9opZvZuDSqCGgalOKP;{f;zQ;k=MAL| zEh?X))&V2!{ad`D5a*u{Vqw_f`8}Vbg17RDPNFPdJyPw_dvd-tn5Uw-lXhNs(~EIb)^jzFCNtPsXeS5e-C&n4hA5DqU$ zMb{p!Zr_Ax#ltbytkuAYKdyRwY}oK%fBc62ut%twsTWV@TNyt`K+zKTijd*KJ~^Vh zHvpU#%{5O1wLok_r(K93t~DlXh=VA#oB2oN<%RcK;^$FoXr#HgQ?Rqar0s|tYh_iU za&{k2DSYKH=(7POWrvETzqcdS7$>SK>FS9Ka*pQX?%UfKbSSzW&y)(<8dynx;pB3o zp_P_eOO-C*M(YZ^OiOkUixfdu4ZTzr1IwD68C6nP2=(neF|ewd*v!N&UXfyJmi9_ogq| z&1>NV`B)I}($SEKwZ~@dZG9>>Xm$Q~0cv|<&os4XL+@h5CjLgh>ti5&JQt>fJc12Ro=u+bw!b-W zIjHl1uD*Q_JI~b${)?=Gw;DlD8$m-Kv?GAqvWu=!p~hO(bx~5=i$5~(zju|kH;%W# zMc=b^zk9?URnu!Y1#GS1&x#wHQ$X#^B5jTV>!p9XgTQSe%719?TB^#HRsa5Kd!sk% z+-o1a1Z**O_>tFGVPeB8TxA_0S@7J{Z@9atHTz}DdF{@tySG}ep?7C>&|6vkW!Rh2 z&~SLMw2VF;9E1{fMkWX1B?76%mgyo7p7t$&!X4p}|6n zqC3z)7?Gb}#e-;*xxaF44N$dbOnXTK+wuYJ=R-o?GU9k)#Hfu_Ni=8V=LbKy3zyVl zTEgbfxdukRZ972aHCaRwDcrhqQYdICSbV zIif-2c3dt_WhlK#;ohZG_FKHMb#R@5C4Tc-Xl<_;U^f7zHJ}G8z%YeK08VY}= zo1$2IwB)0ffNDz^jlyV4>iOa3Sb~%+K-MEmF<&9!+aFdeSihP60=}*1EI{s$`9}c0 zh#AuC-pGLQns;h*&@MHH)Usw;&+L!1KI@G%IvVKOcsv*lt+6?pnPZ8POek4VCrf6b znsqsn$?+!*Ev4;e=VMz=_tUUg+G;qp;Iz*I{e(_gbsH@|^c8ChUH{)kFjc zeQE6bP_AC1PQ6B=Ub9xc9MqVNOv9L2+HlkzYW-Q4YE!dkYkhNMj0eo7(~;d!y~bx! zZxa!e>P;d+-ZG6Oxso7`b0(R%>YF(5zD*)Z5iN#K)0R_vzmGctnRf+5G2p0ZP^)wSBKhiQxdL4*b;LW41lQgn`**qR_vr*tuj zLaT|%7v`nV9S0M=$|DTfBjV*-tlkxFVLYZ=7>(TGlSHR2-NLAK3!~O8j8+pXHNIFY zHR`Rjs3sbx;1?^Gsj?2aznFFO4Iq0lAWrjJXTCYzntv~J$G)i?-v#2rEb<;LyY+7oqZ2{(qMq!uI6i?o}B)0Z^v5eM7K|t4>DptexTko!AP=H%+9^7;{ z`j2xteN(0~@zr!>K{p{(e14XE+_kFqqAJGod(i}<=sLUP;I6f^>%8)B9qVYh42!0- zv9(l*w6V1;nodFLqK*9T*{i1BR0dk=Ock`Ne5nMj!as~!|1fqENKK~FJ&Y#q@kw(1 zE!|_|sHV(4cFFHQk9(+2UW%4e;vR94O8bsQlXV!e#i=**WgAihY`8)x9hCzpfh)|u zS8MjYEm&3~R~may#a#8qgij|w`JB1_L#Un{d4LA)^hx#|OLr@G>NRzzUG^GFcV~Ax zkJ)J8KD~PPDM~qYsdpE~(+{u~+iy)VzvKV3svS)ns-GVpotIdx1W@H@c{(+YmH}5d zTCyi9ceMT%EUS?#9j&i+w5sjXc8=C>Iz znP045ne~2El(J}V&s^WSJ5?@7Nmr={Nw`&R6N8nW6o_*>PDLCQ{QjZBuLiY#HE1M^ z8m-cq25M&-Jeo5N8adP83v{MIQ)kLC|3x{|px&8^QYwuM!gr|wVqdj8#n`p}1aK8j zGOTryVKW}pc$Ho8to#Dno6awjnuw2dNf}fHS)F57wBuFroJ}%Vts8? z?`uUVOVXZ(uC@VKm-_ACXhoz7KO5Kj*?0$0)I=)XY^-*(@uRufxRINUzd$z|H+8e| z7wcx@dN=!yH4+A?5;yHW8qrJT28>0He1$3&Id?TH4Zkm8+zThXJNJVqym^_a9!QY* zBjHm)9-L^N-A=t1^G={>V2j0T{kFwZBavf-YFrguSy3edzo3+r-X5jR{XH!93s zy)Y$EX0s^(yQH^B{coGdXxUDPfnUDRCoVN=WDaW50MdS8^ zcUPX?YhUfH?B&%S{O$!dIj2FiCPz^OF(TxxCv+V-3r3dlF#Lu!aqw>NEWY^Lq2Mac z%n|cIXol_S!`cCUcyoD@Qg1gTJFX>rJg31e^R}gIbOATA1mzz+=2^jd88N%~nY_3> zCzk=80TqF$?}}(hh-Yb>;vXlImu)f)R^r0G#S&HtUheljf!`~~zhth*z(%NxDJSF; z_#y%5M9F~_>e(GXfaV;xp4q@EUQZe-bRbVvkv-7Gw#@0eUQY1h{J1S+5Q!vb42Q}Q zDpA~agvPn44{_aP{KMrhM5Mu(i@WJr1rIUogy(QBunT4Hc4kbQc0{<)^7xA@>#*9tCdgm?gO5CgV<6$aA0^>L4FwgsFAZHZysB#*I$^kq+_vq8a~q zatt;zI8Wz$n4{Hv3r^Ug8;E8(k5qZxj` zUmp$%%IuJ%Qt$8gW$({xcF%Qgj$(`pvBzTa0SrXrNBRS{|O6*El0cPC~4F4r3PQa%CCf$OZK1?G%Co~#X zhRp5@h-S$>~GI18Tgv9X>loVR{nv}J)9u|`YquVcEo8u+*1*%6p9Vp`{ z<47q^uPX=UjmbUs7fbqHR%R?k8-ox`Ha0n)<=F5?oQU>D75T{y1bfDya=lA;gXBBc zpHi0`!*sg-Ey*HVuPd9ddb-y*+t@XwA(I(QXTFz@uo+0nykDGvj~(-bSCI?z-Iq*v z(`i4FE;vgAZ+Y)>V6)dCdtN~LETH>6qmJ~sA4a#Zzc10Npfl>q`<8;S{Pg;m#F6y{ z?x4xD)eJ%bf5{NRU?ymcAA`oIBG-KDcs6GG=a4!FA;$OwX|OfYpf{9_NU6CC2HSTI zJ?!RWQ$iopFob0$pb3V)C5Aq(%@AwBBxL z<5AUyU(lMIbtcDW%U)lxg(n^?+@||Y=p=i81Ylb^T1d3uRIb*o#cS_m4Azkf5dMeJ7E~e ze_~+w0eSkATuH}H@d5-4;{F)8iJW_&Aiyp!j$XVtJ&yYXnIn-Q{s;EMTCl#_lZV3B zn>|}cEF|BOF2{oPfZoufyTxEIA3$WN1 z4|C-y&q43ggJnb24V!AkLAUr(oblpMdIl}mDipLi?0xbQyHiY`U|$8U;Kiw*C2r#Y zI=(H?hqag={}LMDixJuT73Mk-k8L6GXX%L@PF=`fHVGM8L@?LNh)%(VZOY3c;PU~4 z5C^$z6oAqofnTnsF2vawI6S=aj$w4HpOMwlruH-IC6M`92$rda#t z-4f@Adn(C4DD_dNP!JDq!8TAP>;N3^Z%KuODh=VY(^QH(!Teudmw#c=Z_j9U>`)5h#VsxWb!ny}h{g$DJ? zn5}u&W}dP(ri2)wUyEY2mA#dMyt5e?K%IXa!HGac-3#xS9p8$SNB+$QS(@s z@z-Nv&SO0mmV}9=k3+(4fJ|Yt<9nFY*}%C4`<;K~2gQoE7$X|j1-i?ByFmuA(h~ji!MWqke1>g^zn{CGg`UhJ(z~* zfiaKlb6xo}o38iit-qhD?%?3?u+SH45LU&EYV~m@@G_%r$fV=AJRfcOP%%Cc`!Qs} z=}C4Bm;A*~4hsj28z+nT!`pUtx{EA?cvv@G=MVVudfD>G4_F1G<|nf0`JV^B^F*KW zw*7+SI;=_9o^lg|Wpe8W64}(m9JCc59|qu0Lo%F`8{3)9_FEzEXtg(3$V(~BUpDyD z95Yv5r}K91M9g(U?tHL{MJQ~CM5zHMZFwUrF!`;*&A954!|e3*8k_cW^B1?JlL(B% z^lc8(Cez|6H)wBu(9FE5O)AgpzS8UYIec3k5mF`(V7_Q@dxK}~T;!X!LKNUx3Or9y zd;y$vWc7-tTsiRnO{Sn2C||gG`Y ztHkm3l{k#ja}whdmN*n!9r9^P998mvbcv&a_@^pyG~8*&WdAC0#BhI=IQ}YeY~a<} zsElL%86}RU0p&4D98J%2zOH&lg$AX%fce$cJ9d_ zT_au1ldldWZ)27JQ`IUGJ4zk}**Hc2Y&D6T%^-`aB1DyI9H$jfb!lK%-$)50>0vmB z#9eXbzv<(!yBeuWBn#!Yz_*Li($#h`p;?Jo&5QakNdIx~$LhvU(XCM1K ze1dii3LN_%wsTLyXzjA6S65eiGXT;;80`r$y50Z!JGOnhS&T`)wE7<%!2kAY?*j~g zQgE6PtOt-hb+I|)VO-=v7UKK&?s=k`Q{X=ph8Mgz2>+PrFBZ_Tc_%e3eKaslt;Y;o z>)X1aji$7(jSOZEr^a|-j&x3-(V(d$c(8dvy<2f5EEWXs!8zdtd%pt9!QrD|#gH@} z2MN*am00D@kWItHn;H1?Ato|m5#}hN02be>j)97Qqjn-$jz%xWFSd_M+VxRMM{iJu z(eIb^^m|50&uCDFqYsTT4pMb&b`84yGA!Nbj>}j#`g$ozS^332Qy=xq`i8^dAnv<{ zS>rDO5a-eHgn!^TvHA6knMp^KYGcdnYyFw6Yt)#IwNZbdPYuf)&P;O$^AktnH>do@ z)t*bI%$3?n+#Z{yQDT<-LjHu?Sl0M{1yO_3YH=DibDafNxp-T<;Ch>-+pFLzUobk( zU(x93pgFk)nP3#kad=q;LX7xdK&1B-1W8=w@^=*yz@*a3y+*od&?c`?Q&{SVphbC_9-A5eLs>H0iFcuCA)CuBxtl zHGlo|3E%ep&J<~06lG%NQj7Q!@6!ew0MP(BMY%Bt`L>aRcUWH_6@;ypXH#vm<=kAZ z2H^#`&_zux^ATbM%Z$=&D_r(l;ilR)S-W|V$_jic6>SQ8$!I#U55L7*(F0!GPsR5{ zA+^UZz}k+Gke|ODFIR%eUGXh9r@Le9VcFdmnGfQ5Ph`!*_@1|ObN}3YkLgRmG&EpO zV8ov$3~^7BlCJeEHvHz_&zC7N7;`YAaK}C}IE|%`;glcS5JD@O`H7ZRwv|Mdm6VF| zi9{=!j_>o)eYE{WvspggN=bXEl$c#WAKPH8`PV0bP?yFAZVnMO_oYwesNq&-jc=$l)RKj^infK zFF@iTdk&vl4;lA`-vwWi9CbobKlaZkdD_uGNVN(iWrXFz0IQmr#O={p82?XMzl@?M!n5i~yS6NE=&M%26}( zQn?L_`w!RSyHeC3$Stx&7QuztzK>h&VjN>7K_XF7y zQs4Qot@E<_!-?!RJ@?(*e;-5+!W-Wrhd;ax?Ce->6LIQh#6`@_zcx)$STe$}KItn6?{EpC zslX%jjd(t!XNZQDWJwV(s7ka}X~Sw@X@9Gc?Lu@kD-iN|HXQ49Ln}TDl49>#NTJGx z+*HUmGLQ#~3j-N)VbN?xnlkLsHt%%fir~2n!MBH-;qC)jG2gXyS#&tf1{&~D*_(b_Goy4V#e@6+-F1V^JphCjj$$K(gLq{ z2?K>03d@#nsDs%4mZ#RRJ_~AffG7);D4tq^WFJS#5z=r8eDOfobQoD==mx(ufTUFcntNtY|_aC{K#q zG1RtS6GX!3@&FfwOXr5t*A{EMLTCRx4UM&=fMY?ovN#}9$guobgmG-XS%LQz+Hw*NhR+zjeehHp6(8 z)hvQ9rWf(bKdgpQjKGnV?{_>00(;R0TK{$Ag8OKaz7WBF9vMRK4YuTv!m9oqA~W8w0U*Uj@yf>>im10}HJhh{iY51lF4GytJ=cL-Jmo`dh4^6OLu??8$zZ{+VM$O0?^S1EjCL1qcsib*na7xoP67cJZx zk;ZOmdI)L~Z(!empds7U5G3kLnes!-#|OD3J}M+yJij?9LI&;ZkQ zYxA>?AslY){`Ifz&zq4%Bxl{&D$<%dMi`KE_~|Vzvf7G@%)zgz%oiSK6=#z2m5PVJ zHsB+yoMC?Z94!nw46U*X0#xSELBT{=iWZ8+$Tys!-YcgK2l%^l+{i$phJPgs`Ob9J z2US%b{X@R_4JHRvGbeN*wIxV#wDjSBHyiLlz|F|!rMYsOTx7GNn!hsS7}grfW25#* z(CGXKYHG_ZyQp}?G46kDxNwU-y`RbMMUa93C^botkx3w$qgjAF73ZD6C}I{YkYa|H z`;}?~reanHBB)^J_o`p`nM-M~N#LZw+!;jNt<*G~!2wA_$)zZywW@hjRa34Na}Cd| z7&Z}ZJk%9tOEYK!i;IpNh_?8Pq73&$)%?sXu^Xt_fbWF%`-)5oq|rvS`#|e+8EE6` z?TE9yQav;Xd_Wn=#dYnB+y&%qj36pUPk{y!1p=bGhtv95O3*dv67?UF1u7R<{n0N>eMFV#r20~IoqKUY z>N=-}Ljc9HHh7JS^RA|QG1p4%gDAB((rJiseCn)5zT|>l`Lq#j{+8C*`_@2VM3Ob9 zwIF^FLG(%DtmDq&r=4X;*3|ROJD0V{Lc9IDJm4&O)3?`l%F?b?&IeIBVfTK-WBLI0 z{T0~pd8m}U5x!kw9bE#^+Ea~-l+)H-+%A&Z&oxz=gFkxu&~$hev1SpCJGRUiMZWCjT%)r_YzUO;bs zMCYsTYMyWT*GVNGUX#7bIpRr=Uy4y=r(<$Fna}DZ#V?>(-ppO%UYTV={`rm=ucq?z zh|MA&T{F#=@>SGbAvDvgj*XS7Pmxi~e0G)DmV2v%-WYN3z`TJ+v<(`P<3$lEAHymc z_Mx<#MeAkiA#g4<^}s3NGrHmt$cC3P!Q)T=jF77kx)(M`*fU3a+XRKW_7*S0DLpax@(y8nyC~;1zmHt{dF$!@0WhCR3%+rVPsanq-7c36S9I6-)wZu*l5AB6WiPdCMX zI(Oh#C!N+M1z{(Ng`A_=vVz+VO^)?9sOXQ9c)EC8Fd)jk4hXJDKyW5kFTou7h&Bk* zDYY6#h#TbQ-?rAA8ODUy?hbx4hP3pZ$lO~-Q&wkwPIKG8Lo9GcL(JFb(LAXO2ENSX z3lo4+UP%S+y5?pH^{hEN?zeph4TGl9ka~RuEks4c5a5$^vMMQ2kRK4AOC;(eSsG(Z z{$U6msmJ4%oxz}Qe2T@8((4SHyMoq>ozq#x93H-C#hh037EPA1NaHY@5MozEX!CW1xD&+1*xIz{T9as# z&F$|@5VS55fS@$l@V5Kme(=Ks=x=X(tWE)Pj;6ZRr_Ai6(&lz#(_YhEs>dxnHzQ{6 zO}esCWKAMXIoLAL@(;E=q=yz2F@eEuZlfOt={L}f5lLVRLiqV8h#G)JsmoaWVFv&H zn}R--CWl_GrHFmz6s@g+UlbQsL$-p(qh=5Abk`WQKXVSShsQ_@aa0mi!(V|XXpcTD+4WR5jcK4gw=*R{~CxAxLbqR#g z010-0#Rr)&5;RwdPXkU0h&vE>w%}X!Mqd_WZD?@t1O_m_MyFr~Gdgk~hP=~;95Q7% zMdEdpl35_db^iRI9q)EPMRSVtD-+OeMVc8xhp-sEg5uW8SPAc zahTXm?#4fJc!M~!@zzXEL2pb=Si=MxNmYK(@i7!uPoEL7n*l9V62P99}x z7f{mbfUTe`DG5+a#0>NIeW0E5v_&8cILShHDjl=*EDJ?b;{=XD6f9eY9Vpb1IUGbL zhn}L#5GD3uK($&C8ahODG(B(z6g6wv1CTXS!cXTw#u)a& z`U#H>I)Ce^2S0_l7G@^!f7@0G(su!!kY3TlOdDA($Yc~Z7!!%R26M=!&a7- z;xXTQlqKzbL9H=XS9lrFZ>FYm_AwWwj?HZczNy`~+l+qA7DM}ZZf{KT5I z*Z71EiKxn$w+Y?!224TF+t7!n{EEJF?2NRR$#0asEYW$*iNM5@9^f3}?mrQvqVY8I zL|~r;7&D=u>wQUp)k?Z3v7u<>gvVS&jBb=Rad#x@+_+TTN_gX|M5D*{0c}gSf87jA zC3Fl4IMHlJI0qEpk%q24kuQJ~BwUWg{cg`J==9<}wRlu@gIM)cT1->lq&~G^Igr$> zixbfXuF^&F?u+!W?%IU$lieOVnY5)In&>Y7GSnq}cqi|SSTdeCAlwo|>!fIto`cD- z`TM6^nNz6@(19MYNP46RYcsl3FbDT`vtdDEyrZmP_&4(~XKxqdV8?`imzpXcmKyX= z3in-9Kr8@sYcx9Oz#uXj_yirD`}fh(F`8Nqgiyz7_Yv50)>8@BI*ziQNs+m zDI{D^;#JhHHB>mmlt45D@pl8GBVhC>4B*IT)X|udq?)jeh%=MQAcs@%Z28XA5S&93 zK-loc1P;uA0z6j6h^9!shYENio3ethLjatStfND;qP6J^{Ei<#d1w1ALhO1;)~;tk zfDj}20VT0O)^Wq*iNDYW5`eK>@o-Iyrf= z0|Ey4Pn$3%<}z_jig7_`W`w=yJ|E9U)6J|DJ>Z+IXllR3r$s@CH~ALvmxdYCPSkUG zZq126L{c{3Qi`m@O+XxO0nlbJ(d!^ir;>5_`C)=^$J7k$HwWc`gOPMzE(j^JzxVk; z!1Kg@z>CygP>*yv;Ej#F_s#xZP@hCL8H7PHa}We?FP;wSl}N@9f>2MU6M-PD(HQSC ziT!lYyKFYQXTAepIChznYfj%>*DkFbpuVh_A8%Zud*3BgHs>SJN-QM=7d|6sRxob4 zkv6Po83DFG4oP9vY433WZn2CSCoI}+1@dZ~X#28jSaV|J*f^Vo%CvEIu=8zLqph=U zLS)^zeYaS*Kr#@^FwG~-*GERe5Keb9`UkcMLge1qck&n8{nzED z*5#&_vo;Ib0Pnrr)O0f-e7PxV2iRremu?6E=+cKNHnq4F@Eg_VVO+8xAXN z95A^51Dgie8Q`c| zK+~h$4A^$FLslulK*Y_po`t#9?C_9bqS$7L!_s5iKuUDBS)Otr zb9-IjdXky)LtT3~4}Ar$BQXUwyPIK&EOT;e*;A>i7}vT9xy z-v=V>bQ71dSc2*IuI#Wa&(<_?Ob4vB} z??y1MeI%BXoc_xc1LHgg{akl}dAF<=^{wKLj@5l@!x*#P!_tTP9$~3f zuOXH3-X{xW$ko)ChQ#YahoLe*ZT^LCO8&JOMkm-CH7nHOvjpr-f5vwjmZ(Z@@V!s) z_nEgtKd>tC*iFk4dWKQFT<{JiSt?}8Z%YLl=H&b;_&-m@68aFUd#Q7HSGqe`1FWL% zj>Tr!yVfOpO#E*^hg=uPb^WXhtc*4)o%S(=Q7IPvI}W(bJZjagt5f3w}E3A>$10` z-MZ}Uy6o+`?Cr8}VLe`#z5QinZ@ucD_I-8PTV?@33cWga*;^l;bCkXH^_^p9q`g+F z>@BuV2eMEbDiSfS5}Vt*&ZpjjxQTT+TzQ%0aHH4i5PUbp`h)~5elSEce#n`Nz$>r} z21oxkIQaWR)ytjDg=WXZcMsfORY%vyHaP_?x>H`l7S?6Y{lWRz($e1PW1uVzkeq(f zw@h-ho+286Rc3cl(Y650duXqS;8JP9vDrRo(F+=uSde7tA(0ubQssD2M2`*hX55j5 z4hInoRU2^VxC`H_LE@uK(0N)?cRBMAETW0v94=0VkIonxr-1JevAbw~J%*G(<%)3#~T!3rF0x$ui`8I*UK5;lNlhp)!!eLanFN1U6!DYc6a#`{7 zHx(YDt-^eippW417BD3|?3fSBXw3m(qoXMh#Ytv9bL35asO!!*i8y^zw)ljmgR*Yx zSfMD{K+J_id@$Lf@zZVltvj!uI%l@=_V#vg`0Lw- z-xKj|gPjBVZG$9%e%ruoT$hn{0wEKf$&92S4=N0`o0>BQAK2S8`V(*yp}ld_5O@{- z#rJ|D-h486p=g>2zknqx4R9OqByC3Q(q`xx{XI%vZo6Yd4Q;?HB$3a)R6)Z-*aL+g zgHP+hkOo_Rw71>K7X34{=>7iO3=y!BmP%SUkWA9!$>pejjoW=H<8+ly92V z8GZuYl$dQH+)nLVs)K^~7I%^9frR*(iJ2R~nF0PvHa+0Sq)Ed(St3-z^0xQUI^b*u zoGk|loSB28&a<5j=%BsKXtXDy<#psRK3u~E#|=YaKW9AgwJr$G_9(d4fY~y@r8;|F z0WKgD>^cZ(wp#}w=LiT`cZ&PHLs(vJq`~6fA%v9- z)b`%#W1t@}gvE0`NbLsCrcW-&m2{H8iMJ+Rop4mBxc;!I$Of7f^c{30&S7I+-c$)nnog*+q}Y)-cu+L0djy%R zj;IixM}>|EKHV)))jDENSOT}3^%Hs|4RGxTx+1vD^Ctrrbg-Yo$^8>YpEi{KnKY6V z`-!<xoN+4Y3;z60N(E)aOu_7Gi2N zUlMROpf;F+NQ_X6aAS$nRAs`cAlRB}5(zq+awBnl4cI_N=4_8wWI@*84j&EB3_3{s zp|b&fnrJE15riVzz~C@ZZy_@iyDfYx%&)EjB1?xjwB!)FZQOs#`qKs`G5rREdxS&x zh`2KXf!63B5Q^CKEXE=C4;^+g>$yAHGkY{%Z$CiXWk$;g_ZJSvxQ2(ZXhE5o{aroX zD#fJ}oJu3|O|_#xbw{lj&nveWtU{i{rNqqz|{h#=mbzXvgd7MSa+6$uffeQyF z9Vq5sD|0+ZTJijd!J0UG7FhHRD&D>_GhUbm1Gt#yLMFH5lSy22}B@+T%(B$=js z_yh|E_ODK`n9o7Zy-9*a$N+^2cAa2hwp%AytP?DJ{bus0v(K9(ScKIm3ny4C9?)4J zvm$6V_Ep{aGb`qWxdcT@p{;smMQTQ7MQWW{Aul7d!rB(i3phs-kA_Bvhu=Gu!pnYU z$JBQZ+>e+_kqXr7-sxkYA25}oNreCjFI2@-&4fOGwI}l;EEK6i-FO3sPdOb{2aJ7u zX;hSy0dGOVg|Q?K$3d)Xzy_9X2&tZ4opG(9iX&n;n2O|27-AX27g8}WQayFhkyH+e z1)M8zWi29-a2d)hn8j&LxW`KpJ9tjyapA2N+^vH6Hfn;#hRC)xVOq9J8xES(ezzei;-*AF$?9GjPXPeW7ZAqn1SnhA^nOk z&R{*OYf7x8AiQD{oG)b|W(*K=pk}hM_+Bg#H~U8|&{3du6nBc6ok$7qC;}R_#*JFz zM#;EF%)Y}7F#|vYK9Mu=B+LvlG3!CpDv5}*XG~P+Ep8j7k<8SkUC#PJ+hTwJqrscVMZN9ay13KTQ z;^zBv%@~-$%E5F+F$W8ldsaK?;T0sncE2JlC4kg7VGpuG!q1-iqpIHdx$ za9&2`cteP|=>kvOWB4AyIPefdgfd+U)a`Eak>^iz)Sa z^2tEvI}6EeN1_g%@FU-YC`8SgIv3477-|e1`z2o4av-$L{lz8XaT|3vw0{QZa>wu> zj!1F#`ra(C2v@0+Piz&jn;*UR(9aB}dK$Tj4}mZr6uMI3^J)_8bQy12O>%Zt&6&n9 z&AD|-jprvQ&?bD;l$wRFl!wZJfjitxBB6Jg6~5oiPys>AfP2rIyAZ$#LHs7IPO^tr zF}@$Nz2Dpg_l7hF#ePi&14F32kJcgY*M_{kF3XCT`iUX$6mzQ$AM$2k|LTzUe2z@+ zO+wxw9myuxb;#Rnw+?x)L*BlAGkMh6M|g{ncUXaROP6ujp@ANUy4;bj? zIS3O#1Q>4H!~JyAYspor2Dg=n?>@tSu=CQ`Cf9sB{7B+VpPVFei8#b?dm1i+tw!5A zLKr?MH4yq74nFH}+gKWyA#}K0OxruWsCYb5PMh3KHgL#V<(S`hg*%NZM7|XXzDNgE z2yp2g)MS@~=(>AgK^vl$B9UYav*PT{8o&V&e=(~G_rht;89a274DHtRdOru|8fTcQ z1!js?rwPCE1BfX*BihC%t71Y|)y4?Jwgf2zyY!P_G^&nO!fC#qLyIgZQUM)bW#wP8 zc-YM);_W#8$t%~ReC`z7@pgoH8DJYc0?RzCOf_8${Heh zU_!<&e14St zN(2QG9Tcf859A)~9FPMsLBhpJ>PXf#6;!!1V(gAnn%Jb%DS}4E{5Q3KKz`YelYh;B z_V=w{_V;NEc;<*1G9?M3&Q4+SPPCG{$Z=91?MGvjEB7T)=65x{9fQAOMGE4f?+P*bCT>Nz$&KgqK_-#h=5}|@8_;{1Oe*7yWTW-( z4*}ahU@FeY`Sch!=L~Y2F`$~n8&F2t@ipG5AGl?Fi+6*-AWMKhyE_8{{kko%9`roi z+THor_SWbB{9_w{1bx`;P-^3OZG}bf{vxWu^4a!BV7C zH&EFUWEM5@Ritxq42TmH4SyQ}D_gEqx!^=nhk|col{g&i+Dl{-{15mN^S2H7AVL&1 zFuBl!8w>*Af)IdrvVlYrF(w+0PDPmzl+ebdw19tc!4Csj`FLJDXGU^h^9Vu=ZD!Gy zteSXTgSdeBlHH6H1|c6xfEf}1g2E4h4){xlc(a7eFaufiG9-)v!Y&$P$aP6_B$@F< zF=NdkV(n}o-MUQWj`s{aGT>9IH=^dw8Rae=^c~n+ssTp`li&n@m|zFyD`SO*U|ITx z!M7YCsLAR;SKSyy!89<3Hfc=pAz&H!m@fkHF`>NzA9F?opPYi4h!b2#Mbmpw8w9@m zZR!o3>J3k62iAz77d}IghtzjZb@)1@?Lg@HdLVGDg6$EmsEUpTzKZP;nv((9GGP({ znAI}~?=y0A>?Y0xr+{MccBOcS*0lwUBu79^mqdIf8Jv$;RIneQxA;q=jAHmWGZGJL zCRUjF8SjQx0m%r?$un{h90>lrG=#9_Jpz*k)`|dQ^FrO2ddy^!C zkWPFP>^jN7Y`0D_SSK0y`px7~XP-AoG6<_tmXu_$kf(luoP(fgSs*;K3zKs&FU%!q zR0?giat>hm;rrpfZ)>|#1Qv}&u5$~leei+ogAZuFgNIzT@<5De>wM2u&87HIi3OCu z%-0EDq}r1};NCelJTx*DmERs0r4~O_2BfkW5FOJRNS*7;9v}>Jl!|5@`)EB|oOg4# zRuucp)F6~RF#UsC2Z3-FFi{3vl~=(4rbB-!XxxQ1;E=RK31ZATbiE;_Vcv@7q=Deu zxuWY zZ8l-On#n8y@TRg1qfZ#r&Cg6}*oLvN_B@@5upi1)T;0uQp-C7E?M=>JHgkJlgy3uj ztQl(p=d6Fb5^*c zg9rTY!mt4o;w(<^b()2~xhN`oxG8VLutosXSscRXHftKNY)HM3L?7@OQ&p*JP-D&F zo2hMPveB#&rgGJ^&aOYP}WmS!7F=q^=c&gbfo;-|N1H%!CY-MpLhh5_t<;Q>4G&rI-jg2VXuve{ zY?4^#-+%+-l)m;M)sJs)>Phw1c~W&Owi_+iArpRkYOp;2E>FT&CP6%`yI^v&U}bMrr<^d&#&A&RN|T`X4x(ZqlnmBEk^C^?O-%Q& z!1wv4tjGgu_Bm)l58OpaQO)T(KVcF9L22qd+{af)qQajg{KIVN@%1gXdBRZ}O#^;;~Y{93<<{ zPrO{a>|ISNox6Nm*Xl>Nr}g7pKR?XM=k4o~*6r>kMy2E7dAoIYynmhNuewI3*^#C6 zL`+>CT)tFO&#B9nkjbiQRnqrcE&W-#?`3u}sv4^bg_ltympeMmAGLFQyM32C)+)!j zqo>vXyHiN@)xno;=Adw&ecrjcOkS2V2M5FQb80kcBraN=M5`>t^09I?6?>M3x<0P% zkH@vn^S*Zbte%bUuk_Bzq*_ny^j{9n3lp)`%~q1tlCak{wAAg%&V5UIQL``OFG}aK z^*qQYOX|VF=u0Vk@pMrdAzE zIgUy4&AHMRTL=;LOS(HUZskVeNW3!o)zP51qpE4)>a3T_Jnv+LQFYY5F&bw=?>sRO zUxa<_V86I`U;UCzr90Vuv352#F3Ly6`cv(3n5$nlE(eMHi8$WZRb_H=b)CDv$UUa= z{bHkXQ5G(hn$hk)=h8i+UG7{z4H234zKr_S{&9UTp*Hiv=qTNr#AA08p;0D4Yy zB{}xk%4WxEWoMG9UmQ2Cg?wF%Up*e&OuDIj=AgDCI%xyFn1;02}bQacb?AoCI0FD=(#AT6IWe6SH6C(7K}^f{;8s-C(i;us&$Wg zr}@2lDe)4&eiEd#Dy%g#~rgS%bF&)8pY>}^IG~IXnum| zd@P~q930p7?%J)!xc6AC)%$#7|GrJ=J+78dj+4UK%T@NeI+$G6;+klbtM}bov<}JB zd`)N%_}bIm(Kz3D$v3;LoL(wj4KHfPg?lAGe!4lH9KReDhWvRB;eF9XOr{@=pTy%v z@-BDMH%i%;_|0jufAO4B0YB;Gs5_E6-DiZ~X+g=R?+;3o?%sJ%7+=+2x=OiPyVb9% zGT%@&;~L@dA`fCm_ZR(_uA~dy{oXh;IVm;v_|9JbqCUPFiPgtDsdv>E_p0}`R&l47 z%%9iO;@N#tK5wMOlau|sov}O~-;JMcQ};-%3zt1*?l<5BsgX<6cES=@qo$-J=+b-F%6~UM}`ukmO(M zl|uFGI5sTRgzKG#(cZb+Q#$eZ;OO9T6o0ASi$~>deAFmspJT>FY*aqWrV)Qm>O%QT zq7@TkH`#l& zgZR$Q)5~7$Z2vZPanzDd3paQCK)F0eteU*IM@xIvO7F|@>sGl_R4W(9=O-n-a3k7as@hxLC~(vgOi+^1@5!J9n4pWg*oNGUc87t1rp>ias1RYtJL8rf78|$)A>+ zH&;a@0{q^Y_>AY*JAO)cs^ivO?R;2nw$EX1jY0z1G`-`(Wx3vM8jrg;lG#b}%^dNe2_W5?VM)ryP7yGbq`v%+2Tp+ zKuBL+>`h|X%-MZjXr2^q+xO}E$z%2Ac_^u!v(m}=QF`aUB0B7r*~iem%XR$QWV+wuk`7!-d$foe9n2!SrkMN6crS>`vnjc zc~wNkUw^AmyR};soSB`T9WozgMyOOOl~htxlF};sno#iti**pbw_bJ~T$gBK;;R7| zOM8y2ny6A|Wmnr&N2S?zEucllH@g)gsMcDJZ=i_Q?=KXmg&=hr$aJaLG)t~l_Uc{V zVkjJ|dYukqM5xxI(T42=l;Q>5> z%k9jOiVDUSn{3%I>V@@Qt8kW8*Qs5pDIUT`vy5$4s$?vI?Ojz0Bc&`vn$qm^R&zb# zbf&}brEaavbSZ%!9mng)6^S{B1Q$^eq8es-6uH(xoOjw0 zUiPU&NuqSD(e7F{&p36w!eUK9+lrw-p z>w7TIQD2zo2nE-^;b;06lndw=fxN89(oS#?Jlf4cr(N5fc}tC%9O<;wTGYhDs_IaO z{`@%4+&%~i)2EbquZ>NBY7AAOqFvBFaS#S9ucXf_!2J#+jBqTCAF5i-^+IuAHJlAi z>~)+|hhU5gA7!ikd4rNVvCMh}-5g*ITk7(_s0|uaQ$=M*mO=|LCUuUL#HkP+G}8?Z z^9y+-!v0*~G1_Po&Aw(4Y^$j&J5w}7eOV$FbGL^!Z6)B_BfW}i>|Cy|ZJIFZOau3T zs2X!+Hq@b>_(b1h8r)XyA7=BeHUvCeAP6hZ8H7V>mvkenu`buSRjCQ+Z7;!?38ExT zs_U}CY8AP?^i1ELqJ)oVdMTXZp*mSBeqFZ%mul%%x-}t3wP-__S*p$ zFztm)?B&XqcJbgy+e9PwqTAb1QBCRX57u-oTUEez|K0xMO3T@H5bWpO8$mdcSH zq@k4*5)dA6J+--OwD&g3ZqX@<*&M1lG?X9DFh+Kx56pRZsOo_3=&v!) z4|dyW3AJriP~>?yX|r~pjYvcmOtd&FEWeznTSYaD zS*nCfTRhK9_%#;xxE-^@m~iB6a1xBmWvkfHzEuPa>$`fZzcps9b&IdarU7hl!>%5t zeJLodR@KIG4}7+sRh;p=sE=3zKwzP)YoQgQi18i12Yfx0?-oYfw2l=#es(yZ{tS53 zs}5U=XvJTs`{lUDiiHioX>Dr}oJ^oA1;Z2BRcC!D3^p7!paESiW?Y!=BB@kRJG16& zY#nGB3{F>|T|uf|s7b4aCcE~&wp)4zlz+^YOZ`I84Je^k1G?dboUaz~Y5PEqx0+sY zg#ub$a*cW?_PfCRt;EPQi_sO_lxB1Z8Ypg#TZKVQ*;%8ujxEP(NRRfosnyWH0dq7(!A_(k zaYM9GKB&v4yxYwd%V;q^{!VlqY$n$AfRO8fI{@;zFX9!_^|rFdAgog+31+i2_Kha+ zX*;g9Y783@((`sxF6bG;nFms#YmD}rJ%K8{nvZf7Sqz2R#&X(gvfNcCj4uM~;4UoL zKGL}mZHepx+HHT}Dd*od;I{z$wl@xpv#U*FS!mZgK)jHRHy?8*-Ptmhb|)Ss z4*FEDVnF?Yyq}DDKh#DHwQM%0`vw8lILfucf)^rFXGM2}rU?u$4>mHYF{;-^h_~Dc zcA5;8Zy9Ux`yJ2Hg=7%_3#7mQvSb};Q$^|fHr^3`ZS}d?b z->geh39c_%*O>Sw?NVIVwyV7k18f6u@^`I~2>e7ciYS+cbFi0(Y`0&bH_T#I8CS57 z4+nbF4G7>v>cE!Ny}l%t8>B#vdmOj55rSRNHY>KVnXHFESXgpD)6_!$YA(&%DFWADEY?77Xc4HT!Qhl~wOEp{RcxyE*j>hc+zTo+7SQC1}rXZ|b zq;oLV61pvHXX_$r^gXuMs@H+eXr8ZP=>D)hsDV^0@M5{r85A|GijRv%=+==+G@H$a zNXuxsp|9D4I#{E|{Q+6RMnhGtPITN^tFpW-l~-g`TJP~8M>`saF2t~B5l%;^EU)M- z#VNb17AqW08+N@JNfnfLrbx9u=#3+F92oYxMAISM3s}sa2TP2NdH6TpW0^HFa^?A?-rYgMT`h)^A@w*`l3sd5Kw zemf(uU+)3~vE*kGzY|;jeCC2R0?41#HK3gc0vznMDV<+fU1M!1!_XBFO%8VlvPtxD z52X&l7}1Kj#_o#|ALJu-D2iL3J;Wa zp*`aE^Ju|^bidW@MP!p_Y!`mQpoN-hM3^bdq$-A{F$_Z8R8-QnitBQ;Cz~9~lDy)A zHOcVzL2eKlv^C3xei=3Fb6ha?89(%u zA#ba)>N5k{p{Q|pS#KQ(#F&E}x~9_(Ij8M80`}&#y*2$c;AY81cI8S^M2+R8gRJ;kZLCDD5`GCEjFsd0_#bl0j#(M;2s+ zP$Yp-&>#m6=&+dMXsF~3NN2{@nPKw_;ek*L0pM|KPB70oI>Y~ z=?l)&FLPs4^u1scUvF}}qh)SxjQ}R5`<@#ZFK{|xVH;-D@4>WwN8S9HNc}~yaygDC zzj+LGo2~y)px&uBcp}8Bn+5E#nD9;0 z;s8TWJaYuki|`;3XjE}q2GdyNVKka)1jTc#@-Vy^ae09ONY=gQFY(E7EMj-@#BZKr zXdk`zS$)n86Xf-+*;_>N1N;}Kt+%76ZZvpw9Q>)lUvJ6SDc-)IC`btBz1iq9qf8f; z{(xmDj@_rj^S0WZseat*w*Ftk>tDJzO*9^#-u^Kxc!_C9hwPmXaihm=QgLA&7Z%IR zhP1L7H_9rX5MKX^D^vV&OrK8O?8%ve@Nu@_EFJF+JC?`rW-sR;q?cpt>`NTG3{BT5 zGjq&k=OcpjldH<>W;q-OuOdnV3@%rzC#DI&7K&i=o90;QefyKVMD`R&>#k7T^4 zu!7(52G?6cow!p^f_Fxq#+jvgR!+VbC;J9=X1BBuzQNi;cy$a%Oa6{@AD(qc-r*V7 zzxD{Z9y~=jgj^4j z;UkrA0-6O)woYM}=X#Xcr!?1trwE6T>p?Pn{z&*PqggOz>-QBF^UXe;xeh!>7A2;>?)D|<(Y_|C(7!+Jg56?nWn4&Gn=7Oiu$eDhV)4}4%x*I%o)eI3m97}G@= zM~LYv>FR#L=)_Et6XyLNPVmRp49vK0Ts%zEfq6!%dv}GsuCe~#dz^o;V!c)Wdke37 zAZ4#+%+BMb%#YqZ-+KpIY}Vne+xf0u|FBLzdi_1WB@Tc~@&1)WknkRitJu1`T5@0g z(y}=fpT-LIS0$K=F2)0L;QB{cXM>1?O`Epzq~gt~470laWx zrkZxRekf}vjQ^g*wj=#NJ(tZ1=09QBFAkV}b)I?XklM#BzPhV{261?Qdqdy5p*Y-0i%2J)7F(Zs*HC&Enkc{K4E#VBR_Z=;ku`ObHGvSG znnVaseqeukHX$U>=*D|F((|8}xFSnDyKxT>t=KiZPwE@Wj0i4Fk?N-Xo(tijlY54= zGW3~YK&aBUy;%M3dT!T{_1GZsE5S9S9dqW8{@-15AivJK^SxB(0%t}PUs-u#$x7e) z*HoV;W8i*wExKUacQ-_zac9Kzm6a-cJX_knp3Qsz-9`C=ZQos#KjY4b=_`x!rM#s_ z@{5{@?CCPUyI!5^hJJ6Iy2hIk%U9N?vy7!j@N4SQvw4`myFy*^?YnE$4dfY7ePz{p zBC9fOXHOJvdRjg{4$F9VVvc2-jQ#%|OE+b}X}F=2aRHec?!%ACm++dACfEf~*-Q=A zMqq6I&~4MWe?<2YP7UGWn@!|T4K;7GNGVcD)thg@r-E7OTV5(+%=dIHQw#hvMTLI% zwfoGo@4jw-K%5cHS6;I-mIg}O(GzLEzq{}rIhH88uzEkVJpcXsHC)?&>YnrW>wo@! z^;Opkj{mzGZ1EXBehT{c$@WPG)3^UMJ^kr(mA7(zORI0?KjS~KzE%E=|9peCT};=% zPvtIUF+Gy6rFUswOUI!bJBi0pHm9c9d2$MZNQM3-tH=AycgT0=B5i{w#3$1M+VvJS zZKI5zj56Atw5i7_#P^}-J{H@Ia+fl_>;di12GTy23lQe10C9t?Rym*%x}9J;ZScpPPOYMPxVdGz~3 z$fMsMy^&Gwesc8to#9-Tkrw?aEF+yYFz2KChDS8&bh?g1Z)3X&gG7wI3FUVFGCKFb zAA1-+>LGQ7>EjT-bA{=ob_py`lAhNh;KxSw&EmFP`mj|5@WsUg8lX?zaz*4g;8c~1 zUA1~UOjeyl!x-3PK1+-%0h%`l?5Dgo2ounfcSLMKXrQCZ7%Q0pUn`_}qmXJOTA&(_ z7U0LGEl^vNg`iD22d6ifktTr_1r9tm1vpJ@fz+@pg|M)TR?TwODV~pq)`&(9Eqaf))v<0n@OBpdka(mJVW* zJAObpU7JO)aY9JI8gx_v)MLs%1yf5cfVJSc>VsK@R0e36xG1?+!jsixwTajvV09Ixb(eUeG~=d<*;RhVx1&cAen;wmXQ{C*T!Hw%y@F zw%q~kI;mxvm7vy%@#VHV{Cn2=`W6TC*Z?&4ZFV_gSynrlh+|{2EUWD=4;FVsRy%MdfT&*|lhBUjBBv^Gr%$r{ zb3}zK|Lny#&Od+jI{@pd$L|3U(prh&H~#X!$6r=7-n@+^1J*NZd0vx-4xvCD6B5U% zR>xS`7pumFs#(P8n}x^%xh&#LD&j2S+_JP|HWC7kYx@Fp8Z#SXngwYt_orWz4 z2=6oS^S|xSD*-6_w-m_hg~XCi1Q&!#Ko6P zx8D*{KRX0>{m)3i*0>y4vacA7d&rbeQRmGXFB7i+4eS4%+hhbxri*w zm8Ij7ia0iq&eCzd;$Uf~y0oU)0!~HhSq{%rILqNNUo5E4a(HPw8W-Ophi8AeIm_d% zumwST@_4qqnJk$X#1`cK=Oy#Vs=~fYi~;-}HdHbjqXG-DqKg+Bu-}CF(HP!oGY8Sh z&+tD)bwB1_{iUW%)a-6O$-EDabh4DH58pVYs%3ZUZ3H#6@oqgcG`&-H!`_de3_nVG zTag=Rg^IBfTXxkx0BVD>09`3t_62U`yI;0XS%^gW{2-u${2CYR4Q(Xer~#k?DqM_l39k9s8W`p z^;8NK#-}G}voo*2Kc^5|MqN6OU&IHcS#hqOQ;;H#SnaFi-b1t|^{oZ2S>)-Pj>rPK zEb>e$;w3jbcP=bv9B&6pG;tJyx#88(O36@$Q4{tlVeNN?c)Ne#R&=A3MkS z;R#=%x$xLX)&Z%7tc$`n8S?tDvt$mSeJ3~=he0GDGU0@0)XA#CWdb}`2-u$>kX)?P z;w1*`GU5KjhaV}7>}PhL+Nl8b^I2-ihb*-eTQb#dfA7>%)OG6kFqJ$XWM8V5;TfTT z!fa;O-!UQJHcKw~io?cFmRw>!TEtm$Y0J`%S+z$xneB^`C~K4@m_kZZ9H4_9nFIIP z0=VZE;E62oQ1BvtSU~69AgIz=aRbW>ij)?$QZXnMi$R&#N~B?oPfc!lO#qnU!HA8g zU69+%x=5f&E(V(4Z~>PBLBhrYp|FUGkx4VliFpdd@&)YjSIvoq{~@aTQP*rA+P5|H zY#DMg9eZc5r6~hJ-0WGiTenUH=uDI)-hBA9#9MajHVR+v*6lagKg9_0 zK+zTE!GST-0*k5i0hYYisB^71_uEZ>6f^YyY>6B{`Nk%vz{L}xP9#I!7U~Dq?84q zSUI#hLsNi&rez*aPaH4tuxZpn0#A*Rz*}SFBtT^AM?%Ii5;BjG>kB>I|yjNTnkf zYqst%Mnf((hp-Nq{aOg}ERii8{D3!%=8$1t=cl}8ZMae>E}>(>SfAKjrm%Mk@l318 zfyPB)xNgcP0w^J%c|bL^7N>{%ItWo13#N2NhN0$1eJwxHc`eTllet$qI|;LqFutH< zeP$3w5JC?qTS;W6NRLB7=JRLBV+b*^y&k#20NCT%J3lx=T6cWDK1f>IH z7RqR-W}@6OgfxI};-ci8OCozBcF0%>vhinqPG)nybo19(0)k0QkNC7FZV5HCYR75D zX(jH=XLeB2R~$A&D+ySXEtasb84zk*$tstVv3Lx72o+eibm>lW{qsVDm9j5p-tqvOqS#8o* za<6DLLibGQH?}%cXz7`pN$yLUoMjzkwMkpaaf)mR@`NsW`^Hx1$Spm?b0~gE+gq6l z83EFUa>|s~G=V(#ijkQgnri!!ATy5i(lbJb;+HhSm9dZ!AZ;jxgX*7Ql7Jlx2h?n0 zP_v4W=n#4$wlUVW>}+P39~Q;G@J^JVnx{*Bzw0X!E691*Ky=@q%};pbC012&uEF^W zp?NwW9yl1JHfN6Rwg|Kh5=FzID>+bXxJt57IgD1Mj}(fh+E>~Gzk8V%j-gAb=_-Q-nj$b zY@CfzCSWi=(8EBIF&L26;7J*b%!|PwQZ0 zcDru3R&FN5Zf%a?&Ba^q@8ESInIQ~FYg8E`jLd)|47jk$^n8p5rcW$ke4rTvlS~-I z+>vv(##MNBfSexeOJxqM#Ts!d4CQ^<$YZyDkcuy7UB}5|Ric$MujN(zeQ>}?q#l9M zJKNzrkrQ4Gu%v`|c_P8AfZ&LV7v>>y(&GOkChS?IVur}75t|IQTfa#2iY$VX2&owj zP9CgyVK6U@$qP9_-@WCqZjqD9%q0XlogMJV&#@XeN}R4uYAzkjOULAenF*rEyz)*O zppOr_3kD{Xd83?=x$W!|Lj<0v*G`^UxZIl6v@KpzG8w05Ejw_eMlWs}6TwJiCKz<4 z?I1D#7>WCUL2vR75}UpQ=n%l|CK?A0;>JU;A-Z;;gTq12;wOQQQ?fUVRBR3-+4ymg zTE8$->l;S$apfSj@#O$I&MeFK3;>I8e6Ulg>9iI;DarzxpZuc}fTgjAe zvyqI8#A=_iB78S83}0RAR!5U_l}zat7s;4NtaG$b{SF$(-Av9?GJU7RLm(rQoFF{c z5CvckA_}0~L=*^f7EvJH{tiR3K^e4sE4)lbl5VFw3`8Gfh=UVgBqfuIA2(fK5)uha zjoQrUO)O|$&YFy#U^>PH`da5YD3w4f$DDP6A<^7)Trl*qUN! zk1~1zjsOCU)3^NvJcVQO^aNA#6bXe%>ndof(Mdl%1b|ZlvkYf9$f`N?;Z%}Y2Bm<2 zh5(W#Op+t`)s3f;XVCr76zpotTTj8qEN7vi07 zKIQp2$2;;MjufcF9qRCgGMq^izC?#B5hA3DOWZglhAKJH4;VR7Mnq1Ka_j(wv6aD- z!mBr*FoG;|(1LSO8FcoxHe+4pZ5qbGcG2_Su9$&*VxG=7Mh zN6D$uDPcJ!0p$G>UQ_gGg|tqh>u|{ys7Y^E zB|R*kbdivXlW;$XMOq=@l_Ki9CE*9nN$L_fs95I|@0fs|h0w{y@V=4n4S$Rz8&N0p z*WohBIiJbC;0J;%V2j?cyvdbYSIiB+apAR!l37*2MI%*_6FmET8;UvKg@4Ys%FX;u z^(8_LG`)`2esup_8RWdraCCV|6_IW3{^#WQYPX)YjTab8z?Xw2Eu3Bsw zkEnlc~?kQ@Ht5yz_eJTA5K*Uz1T%Wub4^@`b@ zpEiY^TV*J4WmVNH6WvgxiXzKAXDC{J=O-hwy75C-MZwn+lKSFRQN~yO1GAZ(zYs#6 zQ;AI$;D=3+PYHR>#n(jWOD$$#;a2uO1>;n%I3*%!j0M@O9wmd&N>f*9VJzD^jcij_ zCTRYNavm#|I*K@no?2Iy&|*cUEEaAnDfR6cCiHG0Az5TuYu#z;+!l`=$@D=z|o0xDjFiQWiM(ICoUN`={=b12wMMh<2KCrnU<{y zW+oUT#<2Cl*cQm(QC;%cCf=-e)E1loa{pevVdT16^EZ1EE2IA672qDboM=3Dxc1-l zLUI4#%(9;X(wwL)B#+tcz3GblFTZ1V#%YAV3=EWFV0SS}!=X2b@HbMW}l zz9f*dMExv@WmSj`YE}cYW99Vye-BQ(D}6F`MK_|hbb>V38(oFQ;jv-Rh%8sYv{)H+ zY}NGN7Yfr<3PePbsw4+WE3b_opk#6%khqv_yg2G{@Sw(qdxD* z{|lqLHn|r8{wR`~P3G6HaBuy@zZN)?6dHR$?;J9oLzUxS%|%Z-8>Q(^EbIJA8)ug% z@9eT+kr{~71Ea=iFXY)ul0~*(kRcutTtb`3 zI>X8fx2U}`pdw$&aI7fm=Etyy!j#t;=do?(6$Mg^Ae&7L6is4{J?6ji ze`Pd3@qaV;>qf7({}v<^X%$p?_$7roMa_x`SUS3f>Go7Crr(?$27IT#%b>U^P6sJ9La zbAF;}v)1Ws)*j7Im8ZFUJL}zRqw7VhbGWN6&l(qt{$O0XDz<9e$xv4gpRRX%1AZx& zma}JZbT^nAm10dkJDWb&O3n9XwQ>7)dsNyjbT8)Dz4xM2E1sS9MeX)*#@<;xcgh_@OZv^%uQR<;iKNY z<)p@e(O+_>%Gqi4q}O^b9UhHJr~UTrOmEiDtDX1u+oasN>)sg$mFxcORFlQU_5DM+ z*DSvsR@7?us#)jm#I`;h&&x-WKCF)(-X};*C(l#0rCxSU4&>JgH$6X+7W;*l1=p>e zpSRjC^0C-2R*nX(g4{bB@b$s&d!hE$(2S#(YUSjhb2RN4ul@Q|=x~9(x z7u@vb>GbAQ?N7wg^kPup-kz^71`p%zbzxVyd7QSYv)Q=YKDiaIYbB}qR5+f9{PBJN z?5#G}Uz%;>y)IvgkBx4z*Ie#D-N@s4wSHZFsI=LW!Be}`JAXggzbjtI%53pA9^G6i zkGG4~^Hr@<~S$ZtQ?=UcLnqJm+f(PSsh)LZpEuf ze_4NPwwGh}N^UH#i;e2_O{>kRi0R&_cXC_1DE6w)wQ6-NAbt-oO4n6&|KaBF;!s)K zj~4B7`KoiP*WbsScs?oL^Dms8G6_sb-d*}12aCC4#X3O=5dFw*I6MOGh^3h_> zvD5bWT)L^8bZQ67{fGDd!>Pn^XEi}BHOiIwF~7X%aL2V9V|stEU%zWB!k}B7HyiDv z9+vqvlJg~xx^s5fK6x1qx-;pm)$XWl_p~>(d_3hx<2mB*=0YqT_0DRG@kvACX7`=tSgg0& zPuhJ;V7s!SKOjDqf>Ai{HPz*q*SPViG&^2g*SaU{=%mu@%);}%;xEEEnNPo)26 z@5*`{MYi-`Nwwx-M%)@OHk;Jb5(dm-HXE>kmlmtRtOjEYzkUKcGb^hyv$Cu2t=7HW zoi8N^v7B?_tVDd&MZ~@In5B)Fn2B;;4&CJ%s=+?H9Po>ukYrcKIA4g3RIpX&977o1 z*)Tk+y<>lZuz?C^bhf``6ES2zhJ|LmaoC#s2=A#!WkfVWz?A#16 z0dhAs>WWR*`P=Iy+UAwfqTX8YcN-3vfQQTB^~PVppB9PU$Ie#i1plB+yqW9_q>cs8 zYJ!pZ?UC!abd}D6;wYbnE#2vU>fP3&=UrzdIZ|s0My<_e!6euqri7o1Q3Okfpw}ZZ zrx8Kfa&Q>b(l~d)IF_gHw2E^N*zABx$`zffm`k{X7F)A3%TpM?Pu7^5RbjWvsCZ9s z(wqtwnu-rFfypit_!7H6xC=u%>bq+fm5IEPl;r~2@MrPbXEC>tkG3i9mCljI;2?P} zyA4Wpqm2uH?btqgU6^QXW^#e)YI9r{bYP3@zV=$c%j$rgmbgpEPU)ZL1`=Ny6NjZb zU88I}Uob@-;h3*!iCZujMuI%E;(GkSn6ABsb%p81osp;9WF_b_OBz-q9i4{A>M&^gjtl}dswUG5 zH}3ov4r)uI#VP|oU|y8YjG@d%>maNKdRFrzV)Fq>t=3ttO9errGPyK8y%akQ!iM#( zVggg%17<~*M{I37cp#1?drHEU2q<)L1^YZ`=03pq$@gtv)1UAqpx*-ea^jHQEHHZL z4`9)CUdGkYm-cr$GjB00>2B^7{HPu7`>b5sj!kRcJ*X>k4@_h0nW+DQ_I-g#z`b&{ z?t&_(wMn+fe0}Tri?ZshO-2=Gk-Y}A;%xzsNsY^M?LhIiaMRfe3epWp<@Qe}TLOCHzK=0}ZcxG9|-p`wvEBmOkI#y|&hd5hfet>i#-Ff@Qt%)FSOP&elBD3d= z#gK?+ssS-#)_Y2Jy=;_LS|ufWb?N>**caWodrw5~a#N`0tt)hC%o?2aVT)yBTPUZ^k7viKpRTLRHrGaqXjq{+j z<74T^hSm17u5QSxZu?7!;Cb$uu5;-2D>>KXfx{d##o-t}Ryb6`paeMBmmO0Ri!^}- zA*Ik-0)A`npGPvn**z{qy?2c~Ze3{PjYnyQ7K=plj1b;4bL5QfZQObG7nTfM^Kjq| zA|ZJ7G%QHz=&_}k>AJMn8?sZCUg}AyGpaMq0lrFkPTu1iYLcW@28?!zVy0nq)JY={ zgQLW^k|RDGQ&|8CUrqqL9U1EYsgSSf`lqP9!I>6 zK}LNNWMmNCI`OW@ohn<W?B7|Gs1@^C*VMLC*OMebhR}11n{-S``O`c;nKpT(_snvoYfgwf5;moD{$=bD~ zYJyZVWjtFVT}BFAI<;dFnF5q@pfhN*aQn|w(b)s>lQ-6WC1=yny2bBn7D_fkJ zjoxwT^nIKhhh%qeXV(Q8TSU;Z4$+nypr2QmM!B-OIF*FS#f)R6^D(+oOOVqFWp<*r z)PSi~A1bXHnNKpXp>S4+cZ+^>^xAK8wdd^HLOL=NDLE9R%L6-FO5Hp|Rmu;W?Z0{cFSd!M8|U_e(1@T8s`Mk>bmS>7pSMp#fx(~OsJ(t8o)4blz< z^2RQizD+MB+n<@-gS(NRrBY7X0Xb;F%E5*tSRX^%Ca(p@V5!`SImfb;w(0DmE;izB z2 z3k2_^AR8zUaZlrcDvh|&;CkgzKn%^rYE9bLRvE~ixs@%(>w?N~5C;nn0=Wba#Lt^G zxo16Ln7e$v4aW0KmAR#?@|%b=R1s5v?{!ukXE4%nWDcE;7Kda*q@oM*vV*h4^2ancc=c zg{|auM;SAHOHWQ5*`F+AveV9i0M7*~5sGL*^0rP1JG3YN;;*B9or)!|tn+-X3KED7 zAj$6;!vc9CHw=6!PJ3{5w(?p-#j}*e=nf@2z1sxKvSmRI8Gu+qRGMwgD9+?|s-j$S zjFl5Hm#q~UJ3$AOmB~(yx*&9+T95+TlQBYg7kmL7?O9@`J2!xGbH^7x8@6YKS9Camup+g+UTa1aAva9`kLjWJO(>5GJ8e7ks?*qDMJjXdAvlBNU z&6VCNV&N-zVs&c97DB*h6*P` zW0%H=oK_*I2?Ay7IS5k@;|y)itp%kfn789cb~)9qCgcXw-nSs1AWdMKS>Ma%I&w45 z--FC6mcY(;1r5rTRb7F+AW(8lN5o>z0##sZQPwu;R_xB3D+^+1eK1smy_See`*VA} z8Snu3Td0s2&k;cJD;S_&UxNT~)MH!kEv7!iCGZhI|Lk=%#fi41L9NXPdXlZ9CUUo3 zX=1+9^&_`rHM+tG1qZgf-Uqihv;p*PDz5~A$s7isudhXsCmd)5DU`E4>-oSCApZr0 zsK`i%El;=Z3R)S;^)Mt#Cu+=E9k`_~<>mAWLo^p&G?1y|aGuqr(YEb^)b+SBgPYlK z<(3LAbGlmspA^+s76CqRvDO%|HuPmSgm&b*XYNMtkR*qk+q6b_Y``2VKP#uajNfXC z((Y=h?rL|d=bq!$(nc(Jez!gn%*bNV0aWOIAQs#~%nul-&BgqBV$u~bACu#ZBIWFA z@If76rTT2j5x0uNaTt%d5RZY{YqrgR9J4dI=UAFA=?oOgdqFh-tuzZtVOZ7ihKJ9lz1Rt}$h<@aOxBcb(KI6`DZQoH4aaV1 zWJx2mN^jKv;NPqo_XQg`|UtY+OGH~j#Tew%VGECVf%9zudeg-eoPHd zSDC(t#2QHDTc`+l+Wz;SgC0OPzV&>PY*!TC4bpzUf^xHi2l~lofC;>3jkn=nS>%0+ z$AObIJm?Iq-_3@NZq_GGj^tZYzPQBl%1OR=6XxA5dYto%3t!*F-F!n<)8F&0hTrnB zmlxlr1YCXC`;JRFOFHuJy{YP2f#xVU>@dU+(;Ify}`MFK1{+FNIp*=^% zFF#Mg=9i!0$A6w$;ajHBk!Mr(*gMEqP8q zh7teS7;mTC@vpYu;VmBidi(hib^k7mzyI*<6z2Z-(^Ibe;TLRP#DtH;`1Qva9|!(U z^1rpEKV3f+?WarHrnhT&w_GVLrW(O3-(T<#$H;zoHSvXR{D)vT9&e@aki~zrm}2gI8aT`%p(;jtPDQc=c<; z{Sn~R-vF2S{n*u4415Q6_0`z#aCT3l{v6oV`QO;pe=&CTF+_dhqqA{)12nxk{7WEK z=U-XX!v~1fCz(9DkJkz5E2!$XMEpi#_Ekyw%i9dA@%7i+3x9tce@j_!dHTx;|A=h9rA~2P^`FUjE5bjM@;cJrE=0V0 zvEo~i{khYBeOB{tzC(SEirW24xEe3ICq8M z5ZC1N9!?aim?Y^mfh3`%xdOY_%i}cTf>U|>W?{1=U2fJMOY-0}n|af;4|~Cn_pXK>(Xj=lik+`51fFx z+N6hPYu`f|BG_R9g3APzb*ZJ-X=$ZhK@yv*y=(fZ`6TT4bS;Raw)Swf5UlLEBpcuH z*1He>{$@wKe6aJ5|Cs{8KP0jz}7Z8c!q5nPeL5YZXpxlJ4 zK}~(BXn_W#mh=^mNy4TOHcX;0DTH+I?p<2KyJ*liXhzb&VKa2Q+&uUR|Nt+x^y|`6lc^+oHAAuj;_mkix8N ziL?bW)IC?ix}Z!6w#;gM7y9f&NXcBwR}qg=_gaed);+lM7DlH5&LYO}0vP;qd5P(h9+*-}vEw4PVf za2rwMF_knziN8GPGybw^1UpDf=@C_peJD6rOSV>`MIbefaUX6e>)nT2hJ{<&RxgCV zIGs9_?E%-YIPxdpyln6rG}~+11SHF*%?L@1K6I*^L^N!W0iam*IE!1v%Nfj%?@AMP zga{S))VZ?4OwYp5xFIVxsOh4t^}4#+0ERC>=4^xa)Xyt}WM?cg#t~PA@IGzC3RF=7 z9>ez`N44=e55n6$d9t?OQRZ3{)7Q8)k7sEd&v06&5Z?sxZSjmPR|)@#e<`A#RMeY@ znKBoK*W8Q1C)0>9VlU%)d>~Rhc2`!1e&sW2?{=@_;yu>6;^ZAZ z4EZ!4h&3FHSQ#4NNlAtyi(AwB=#^_NA64+=UG=nq`Tx4);2gh71W^^@$d|*%Phait zKf{0jR|68X79b1TLoU zHQZUpeE5(>BX)=kF!@8n5W*P$?U!^~0$qLp{Fs+>E`05Y_`YO5N9boFLQi%RN7D2D-@V34rZI#*WLOKhzF_6Uq z)^4r3rx2|~O{7dclW4%tH^}+ zUQDCqpW-^mlL}U`Yq$y6K^0)%i=)TWFnI&(}JB;QPE{82EsqQ1fJ} zeR&Lw)@3#B_zkQI=MuUo5Cu7$vzuB-Y5dU11E=NK%{#oQ=~reDyny?QQ@8Wt6h_*d za$V`DMNv-8|LicvRsFpqn%JX)=C@NoB+z?x&X09Y*Q z+iki4w(Tu2AlbJQ;dj4`-=Ez2ouJ+beB#=Mx~N#*hNqpk;U*%$T-))~wH;4w+i`y* z(7^@oZv<9j_Wm3<0V$T~*eru1fTwr@IwK$JF^u(w)|An%9Gk@w zXHzdOgeXer70Xgv3Y{|xiRPK5@2ksZsa#`Lw~ng^xdVg10|-0seD{vcLfd^J6*fx{ zMK;U!sk2!el-exhZKB_0HcOj(&1NC2g0cb|bs(MGjbP{C?ZAHp|LuS_3#QT(2TX)P z08%vjF`36dOJnzst84++6_FFpZWI;BpTfmEeVf$s?%4c1F-5Y-T7xzR=4&;iJss zAMj{qVYo-BMuR>O$Y5DVW+)o{AeD*d)hbH!vkv7?Jk`kpMQ(Kf+f z$y>$0k%3Ze+x$7YeTY!&6=(^|i|4u1fMHY(QYn~QshAv4yXnTxTQKy3rIQ=5t%}^N zDs=1kp!oNAiV;cdEaFssCIW`y)hb)DXCf^S#I`OV6n4gCf@GevXKaaqoARYL-4};* zcEMHFY<0y(0U|pE%2Wv!7&?dyK|(_hqC0`ws1mSY?ZgMxS%fF9hET~{#lIVa`1j>X zyr)BhfkA}PrzDC?=ne`5AJYaG1-U1ea~k56o66w16j3~ygu_%-FM}O$KyC6J;?Wa0 zizwc+#Y&`^5;yiv9|IER`!gVx?VLf9UPkkTB3+5n>nZpvd580#q!yQs&pfO2_0=Z% zoNn7vXbTe8g5-%-k_1hLsO4p9DMt_h#CK*;=*jDJ3vv=W-6GI1P(1p`M_FSa_Hb#9 z#J09J-<5;YuxRjL|Jd;Jp^Db}LB@vuwAp~zo%z&ZLznR->O#CmK(Fc@!G=C{1#*`P zGr3d+x7ht{ykP06;QZMQ&_w+-L^pNorH?6Hv?p(Y1ddk^(?z$ZhgNh@xZpLv(sv&* zv{{5s@oyK=a>>6tOXB$q?>?e=41($)IQp5HwiYiq$8d*Le*Ja;H+|J*=-FF7-dlNv z>FMzC*RLKudiMCMXHOoFzW8eY>n8_a{omWco@%K`fM~Q{ZF1hj2R_s6LvB=)m@T_L zcye&@?+gAvqlQK*QRk~KuQva__~J{WMuE!349AbZ8bAJ;sTsZ<$c0jsX$ox*WO^;x z9+mO+qda@*3s$0SP8)@}o3iYk{Whs%fMQHliU}YRq5%xz|7@apfb8D~GlpK$jpgoy zt$1Z_?-BaW2?}Ae?!dP0Q>yi{q3#OKAv{P!(vKR)Z|Pj%9R5rHMdKb4|{KU5`Q{LDt3Ze1FrXVT) zjg4>Wv)h<~yMk|m=ELz`zFGk)|JpSc_^Ya8^4Baj)L++tKX=`CzI{^1lDRHmh(hGX z5j13)6VhwVQrrr*Kgc7uRFGGfAeh^Vy_A#ct=e4#PpRtPcNlgn$XSJm;3QqeD-Ac z#nb(#!zW)p{&E;iXI~A!p6#C=oKE*ozuNcp36yOGm+_&$lX$I7PkquA+t-#aZ7@f; z1xLICM}77Lq9Hvr$V4&Nw^sSo8?;kNzz2AW|zkkHYTJ9e)s`uUlG?y|vTvG~*ZAnhmuj;^b z|A*s8k0#5KOAw0)TH($~8Q6m6Ep4Exx1z1Q~S zbAlx=`@Ea5)Mi=TpyKKEK?OP8`{HwXukFd!-)plajKro>`oji|ef0QVTjLl)aBhU& z`}f-J-)p;nuMPWlTGohYct_rA6NVWE`Ng*PUR%W0#xUY-wsS6brQ(a@@9!UE`>Y>i z6Bz``Q1Ia*mXAkC7=Sm%(rnEj!kY1Z{)kuEjlATBfhwMH8{cyKAzdZY3k>qFOCc}s zpK`l@%I*FsH(BBSDYrktQ*KplM78bsl$+h3q&g3O%B?odfT!GQZD|5x$w(w2OhK1M zmM*&e^xB_tds^Cw`={LG%nQ=k z*~XV#w+E`)a>u8tIH0fZ->Rxi*QE!S_uu(e74C4(>BpMWL$OG`#-oxo7{Ro7d&$u* z_!%aTPoq3?t#a^ig{<1ct4}u(9#mb>pXdcB>bpk=u5GYB|8)P*kAsA$@hqA}or?P% z4fhZISfzm5_t1~+YkLGL<=Kq8 z9~wo22^Z8S(<1+u#pq*nxb1uT+ql5#2JxPAGP$4NARolegHL86CQ>)iY{pS5pNRS9 zl`cyEbtgT#ryE#WT|T8JDQY4y4a2x`xpMY>&<>S~W-{bNYCea(PS1f8IatMDw4ABwds5%rvlClY%}!#ui(}9L`hqMwWd{<1ggu0p z)F1Nu337JSL=l7wq>BI|d{vP2!U3FK;TdZksaN;-O1J=hmOw1>;e|Sa2El1pn|zl-MPCrdazZc2 zb_iX)Ry}#QMHLb)s}@Zt1YpufV?~08THZbyN;$YhwK#~4SxD7f)Tt;zc`H?+=C4$R z*e#UcWQwA+J{pdeKtU*IX%yvxN+D-Bq zZ7}Sj2k9(WGOI{smiub?Eyu6K2g~0wom=ZQ1GA1a5?w|xSC@9@dfa4iB zxsVzx;>9Wb%@8Q{u^$J^VP5VA#e2Yneh4r?;&xEFNIx|G0cDGPHB6%M!Q*Y^wKnUB zlbI5CPf_Iw=VlX*RS>+UGN&TNzuDdD)h2mECPP;s;k8>3Jx@m!21FTNH@YT_<-HxdTzp#rgU`KD!(4W^qqm!b<*#{n{7} z0nPYs=h~=vM>DFE6U;jita&SYgr$B0vOLgw4_5XPY8AL4xUzk1`OdEHtSOFJskWE-e@T;rP!#?DVudi zVqE>Ijv03{p>eNyhrO3Mn|r-2$%nU=;JKC<@S3w4hp;$1eP}nXm#kXOr6N&Pce8dd zHgS?mTf#9m{zVRF8Z&n6e>)2-(M zt>>kXO{etCIE{Vum$u4w`5Sl^>sdC9ge`E@`-;Vw_Rz@qsPb0M*y&Y~*$z{Gmi(A( z#^;vIb4g*PNLQhI>|<0WIUH$T}!MlxY~~;NMcd{SHIjZ7 zip6J{ACyyn{@Zk#ZTR>1nL^D{wFQ|UjSr@%be}1-*1K09>M2vGgYmad7h0QZK)TRc zTbc;@)D$5lm?;p`7}G`lpI&>q&@W0mai1P;@en1gQ-=Ew4i+}UN_4~!vID^kiOl2c5U$27`Gzrl&Q2e{!3*0b$;^{3ovE+a7Pb&(2#S(G?P`#%#5#_& z*@x0|yN=$+DY)phEAbgvq?kN4X1v*nlbX&mw9%pUcsh^rJUNrsDYz;faS4+BH9gIj z|Eq^6!b{-@ML@bIW9n*9jxINQe((0=)*y4v=Xz6A;5U z`Odpfp5)(9TtpcPi3efD5I%$rw$6*7IQS9%>{~uPlPgwlksKUKTdpZ0Ff`%tZ9I`V zVO0-pad*!bi^sV7p8rCcTZI{Ro%29s;!A>(@zeum_{=PU18KmQ%Ur+ zjo44kJx9qo=Od}~{Ju)F=(?={?fK?(k*p63@b=^Tk#NIm*{-AvbYf`z9-fgjj;vW> z(DE#Xm5Fd=Au$)SE_#+Xi$w&{e>0}E9)?xXhqmE#vQOD2(_lbHGa%LbOx zR^p_~!F! zq7wnJ!kz&32C_{7dnJvHHH-0qT23$G>HA4?Cgw2Z02`+h49oFso9>T1GS-%l%5cJ6 zPG&}H9!>~KZ7D>-EM!Sv6$oQ@XGX4eVyO zYWzca=j@*^S*Otr2)d0bgzlgO=sK$OrSnV<+G#zi3{WuOr^R;ROu@+g{A0FR16SSM zIntM6G;co_j{Hv=0`Ln)OR-MKo(;u+>QJ_MIP*9?UtjEsGx||HKqV6HXJ?b+rQQt` z?Z62P-`Ae!AimE5WuI1&wtfCe-hTW?K+;EbWh+GiK^20c@j4Y3R5Q3#s{pdA*{u+Y zwM+~$I9!IS%c=sbC))Jqg{@E-**+Q3iGUqLHGoPv*HVlsLPsadp<&a5qF$EB!SuxU zMQnx88#wwOzfj-6+{9!^YK&P7Nx${e6HtPsekht{S3HCCVVUt91t*v)wCNeAm~<)N z6We1_ZDqdulfOD8-;d-!+3cR9RC*~1xk64Yi%3xU^N{GAp@h#k;+PRnmEDC|^}P^(;!} z5QW^8fA+&WTky^9Jab$8vaiq#JH7g3vPfC@pg)T9B)}&WKM0C)eH_wD8wgeWs|x0b zA>5GA9h4SaP;o#vHAB#Rp35kv06fTpq%1FegW^3aLO+D#B(oo1Uw%g6J>5{&6y}8_ z!OFGssg|zDAaWn%g4FIu(teR~mX&;zjtg7V*yEWxPz*Z=vYF@CS02T{#Otx}LUav!vuy>?w2?`Iy7Bv5(xYkbUFwpu4<>>u~FS&fQmXo@q0nZ>^O=L3F|%T77Xs5wgdK@{N{hQo+*+>5byw`5(pwEbq*= zNMAxUAgcC5fMZCK=pRtl4b_lthlOx(e4b`R6`Ud^`Kov-bRox7Uv>Rvs?=#jzOGoN zVHG>75QU@9DOyp-Y?F$=vK8}go-_8=;xJB1kq6Oy6-TqHiG1jGlB7*>2tFvKGa<*U z>a*d0VnU6o?bts|$ds_Q#n*wxgn+gmRuKT-dbNpZZM*~v zE0HG9WOpp>790*{gf@+hY<9)rL?n_YP-4n-2Bm;j3{eXz&qq~Zb19Z1|uo4hI>LJ;yQCu9nd&^2Fho+^T6%mCl9 zV%FYRGbog~I-r(xq-_wz#ry6Ss_@ObHjayDgJ~H_BN@DQAfrcUP($8?3XCg+7AaA* zqzUui2178g!paYnz9+#;uzvE!w*l+^Skyfdl#3yD);I-iND~{LTSBDUAJ@({`Gzr0 zjb#8E5j;Y|HfDI)pbw2OC9kCDpE1#5h*g8Mqk=~m=fbyLTu3yzMj%?ZLTneuLc>NW z4qAH3$SB+biHT@TIYLqT&?Q@-bw7w*LT$RdN8D@j7TUEX18Jo_vMk;y_@xX&n@S5< zB_7vpfRc7r2iC&wztu%8IK>7mtAnT970kYFOJ;8pu!^gO%B;_1SK`8Xp~+lex)LA6~9t3ea+*w2rCTH zlAKUQS4$LumAzAg^|}f@K{TzCz!N6!Xkq7gEu!r5tRlD+k6ze$EMZDk$;98xD`fa- zaTNokiA}8l#S2WG3gPDE^(9{U!8g3lx>AB@;)S0;$-xfRG};;>9Qete|4cqtRGMb< z%_77`N$M8L02L5eM)@ryE3FK&YpSz2!nqRw0E!nep}ZqaqA~$4DH7)39iIS%cICfD z0@#O(WO`AJ_T!Wi%>X_E;rh8h3#1DeD8NW209|C3?U@%1l4p00YyFMVYj^q-NTE8? zs8A|ZWBFB08f8EZ?<@8~Fv*v6Hs6xb6ENBbU!rW4-BYH}$nyJvOgd4J4cefHmtKfM zrW&Gn1qaIZ-eKe%m`_W;iWf_G`{9Sha(yN4k2gP@Y8KKKT?cFPqHGu5cQ=g^ZkdcI zlzpa_2aA(9IkSLX#XGEhEmqYN`%)c4)C8E0`G3*nVo?032K|2fu+NxbHP!o|HGqDX z?ar;uzhola2T*w5bj8}WcU^x1V_j*5;)xXgc{3Le=U^@x_zPco#r!e8+r&*zy|(bh zIboq3fW9o-A2ltY8Lo@l;_SR~*~r@ql+z9Fz9S8R_zFR6 z6RrPw0e;Q7(G~Jbw=Ur^P5rdVEdh9kU&0CXt^_7du(z-#-(iJ-bbGA2U7#M2w2lt) z)U;*6Da)=eU71fs@}XvtqU=2OrYP$*Jy}R!BFj7xRdn)3y|qQIi1Z@Qqx1MX z(PHpXJTCAS*YlQt^R{HfdOO%t6<`crp^^!+Z0~~9>#_lFA?@_g>l^s87%N%N+}TlF0qMP2cI7f5|zRFCtO-V!d8I8;_Md z3gT!!O0u!2lj|Rb@XP4md6pVuUUIURz&Fs-qtRm+j1=rQSjE$1nQ(NXK?ZP1K@{W@ z>L%GmqQT_vj59XMU1%Tgf-=Z2vdw%Z5&|EIWayLtLx10p15H0`|LbawYx)Re<%laq zr_uC1|8m!xx79b$P0Ju_IGG!eJG3NmHqSnsX6v!UcKi(baguIu>&F@n0e$kZ1fua@ z^3AE{m|l4xNZ3FM&2b`AnT&@KvN7b7xyU}04OS&m_LaPCz@U5&hDG zk7v?0S8Wwn;qnARz`@wjiXM)ZcVl_HGxc-&R zHk>=9LIfvmP|LHpscq%UUayk#^LPb#gH%?imS_;=8?cO5Yc6Qu$2{iZHzz`{m&fUp zZyi_ALpnfh0$P(crR7%MDX=c~@n0FH#-?v(B3u4zBOENB*!{NZI4!lSCZF|=@F&@v z5Fj)5k0f`s-@=>PjW@g;ah~y>fma8FuFE7ALYIP~ce^25rtp&M(|pUkGP9V>-PkiF z>HHkelFfoNN43o_r70C;R%y&7HE*{uRebcd>34fhxDY~<-17Am1`rNjaE&~WL>(_8 zqPV#c<{mJ-^%*))$*oc=QP@6dYtn(`+%`jGuh<^y!yR4*s71?eSOp zf4%(M6aW6XD|FF<9oaT7_~BNRAJj;i`wLNY?D0drStRU^Qm;aC&6bBPs%(XCjhO$S zmdP?W3`*oeDTSr<=y;E~hH{?P{92`?2QJub`l)#qM0gumqJDg^MuM|O7;{Wn!4}up zKw)b>bXeRvS;Wf8p&X{Jg>pK^7YTVo{dS2}yo}e0Ftnnn?WMg<|F+Ow3ryEk6b4}p{eW+v zn$ih^gF}e#0lA%~b9-Ug7Enyla2lc77MR@!0Nb26z9Zc_xDvyDX^=_@wFwHdp@rCV z4fAaqDnbtJC5H97Z)j5^Yyv}h$?>;stO2cKZbO1?-H1%TzD3332KsQ1$BxRMHy*!` zx3R}364<=y7Cvuew#Nqbg410C=ldW4WwX41-w9WwM83z`2+@boZwQO^enB06oS;(Qm`{4s+QDgQ!CMU%2m(*iqN?X>)~W-wSw7ak63rYy zS*@xt!`8nl4dbXnJE3|jaL0>QB3^;egg}4ljS9%nm@qYcR_qy}6Z;`o%P0F!?;5w? zK;>w&&cxlEa;fzBt_))8?>`HGVN?a-yfAV@G!d~Igf^SiT(nS;7*i#BC;YE`2&Rfr z^v7n!MUwM)l*Vf=`Of2rtEyb|9qo@E9en+0to|51esr)u#_G9@79K-Cqh)$dm`s5k z7_MT23{`F=)X`}5(Ht_E)Z?m|BD;S#C+8e`dXXj5I2e?ZT-@J?X9~R=x6Qb0_hU5Y z^XB4rf`;QEXD-on3Iru)-$(1nfe;uaLG8tIFqV$Dzqo0(T7f0vaL!pH`zbq5rmdG~ z?W^NLjoH8At275Rg80D&cgZy|+SExM^*8VD;uOMD>;rzcS+gI0U&^DT%s!yI{?_no z3Niev1tcS)O|#s>Plsx>B$)Avy*}02Q4}{Wi)}FdESHMn_0g?7Xw< zX7@`-xuSn=rKDQuIg!@`wn|b7K=MCahNA(8sM#NQdgRQ~*s5-SqyLnBpbd=``y2QB zEZte-ZD@z&RGL5@E#iKVQG(nxqhpAEXIz>o;f4NF{!#oS{({99l9Upp#H{Mc1nR{h z^Oo#8<*WM*rzcw#XD-P>VpVvWWJv(9?M_SOC}vcIH<)B?Rl*UD4^5lHZJrU3|I{Hu66Jd^a0Y=JJX*V2pjp7DuLYYbQW#F(ai_kS0;R9;4%XjE^xFL`#@l=*{&yV) zwWtRVAeoFEw)D*#z7Lq)_IS3tqt)TjZ}I8a6b|;70eLWJ#0S;(-ohy?(tAB{lg4SO zx|l{t_wL>kxiH?G%V)bghZc{qe~RpPg|#tBWhi-tjwIUaJVa=IqM_u+N54uS2cw z`47k4c$L^fB)AV1H{F5O>GD~*V@;tTLJ#zxlNGGyVd+xc%sEuc7;=5_Zg=OPQJ+85 zrEf`fw8?=GX2#l`Gi`8$Vk1VJ1sEl7-i4}~COY8CS_zjd0Z-k)C7G-Al!Jz-sBU&L znIFQ^^JSZ?ybklx3uxHFa7z!@ddbn!c^FVhRy)o^4_M=G9-&%~TQz0Dha1H)oKgj#b zq6kXGyXt)I3D!c)T0m5iyV`WM%cL&cV^1xCqacY;%vea9x4hpYG`}dTn{~#;?7$eL z0^fx^dC0oePI)>sR)KUx0~UX?qaXKmH>}+DP)P?g+8=ZWzh^s2sZp|HFq)Pok&Ax~ zDGK}vom_gef#*kXqR^i8k#NfMt~=A5=C}R8IYsouL~y!34WE}5=nJ+e2ja!+GwBcd zL8rA@DM{(S+R!ik`p5qEp+o>=4h3{8HjZRnX&KYV=# zdzO4_Ss}g!i7+~sUR?yW%o>14T1-5l&~+}t#;?GJ{VG>mm26ezq>dYE9dXl$J%R`# zPjXjIm1%SfpI=dgup32F?;&hW7PQbzo>H(3egY9mZ1yl!%*V$DuLYkFfg#UaGX>QH zpDNw0PT!zhK-I>NqPPu^NKvC+l%|V8`=Et=ayaFImKrR&_kKsiohp!W7eN6F4N#O znZ8C?>FzUqOsW^~Xlcyl__0tJb%@2}BmoO$`5eUQf$>4xzZ34fIwclzyvS1XG~pXY zIN-Z|p5(e#N$5#oIov<4w!`$7>czU#!O!x;D*C%DSAXz5$6&DP)D#>CUp-(hSgV4a z@(kcq07uSJH8PCwrQB(>$Bks=tb7@E}D zHw3Le7RT}To-Wol+pt&HsyJu*jqssimT_lQ`<9xtX|l`;Gk2^Qob4ztex2{2d6eMK zPCPM#2f)jGbsP-4EV!J&a?+avUkuxwzo?h zbE1}^2gxbwH~w?ymsiIj)$o~H=K!h{D`$Hgmvr+AT$C%J&uRz(Xac#C=63Zx-nFn9 zY^$yHNUN;9q_$P0qR@pUf%4&Mn<}RRYc%Xm(>j}*se5FktgdZbbch0bs-`!CHAS@+ z9(4hMjYt$#pG_dz35YBX@b~!UQMDKNKCRS+c*kf!6v4hoy62$sh5DBg!QQy0=;!#N zOWGu=R^{+@KzO>t)G@E*=Ala#?-aHh%v_zabhJj5LQ_HdA0vGlTWCD?oCf_ko>5lH zT5_S1vBbZ59B)^$w5F(KYr=$5;;AV&Y>p2&fgaAszU9L_Pl+vwj450Fn9DOzsUiWx zl60mK?!#rNP^pw*Jf2A=kMz|a-$8Ch)iP&2HV})yRnnmhWLh|<%Ta|}-4L2q$ zKTR+O%)h*;yyLca&i1_e?1shUPlGia6Ti#GXGA0Ri0*HTm# zT8Qe5Kj55T#-iJ!B9WEhvNY^njr&Yfp#qiUCv&8}Sf=z+fv{XjvilQ_^V#3_G(w*i zdz^b8T4~L*vNh0w_FiVPhdIy%ma>}S_iyAVt|0n;pDM+3ZvMBb|3DD)#v<$o5lxVmYBwp=`3=$o?S2u+*>vFx3+2V zOKuR=h+5Z#*s%HOAD4(5PssDXR=}pus~TM~--<>07}$&m9-c276s9qd*Ehlg?kaI! zSq&ttb;5IRO*j1!=dX25HkrT=h0QxMXsyP^-RW6(Ssl7`EgVqoG0nktbc@E4%djOu z?-^A3njE~!YWswJ7QB(jx`zQi4Ael7VM&=2ebFAjlXfg5qA!{B!s}NNsAzk2py4;d zjeK2n6?5IJK@E|J&7n4!iG{>u(C2EQH$14FfpLFyoUIKYVeRLG73d@}8o_UeKy`KQ zC6znNeTHWQRgVCzI&zM689b9^r0GL6Gl7>=|X6u#Qo&_hT+(3|5~a&FJ{;1lYXB zhW6{O(uPO26@Ny@Owk0}k~f70@VFeXcp8Y}Kg&K`4{(Pm#; zMf$V=zLWRrgN0reohJhfts19woNDUMmk`6_^6H0rr=Et1vEbHYUan{dd#03FJw)m` zUs4^#65ZeTAn1!bQFg>6EL+*N_#Th<{s|}ghBW(@8@g7)M4oE#LNB%X>9^Y!L=BLf z)#(&0k5l$5C6mUmUEU3ED(%2c#x7{k--$7#e%3F5;M!y8VF&2J+To2?`94e?pRBbU z-^PYyzMW3wP-BFC4cEB;#2*I&&vH}o)XDKjiyJcpy`t6o@e^i8rMElaVfPqU=ZE4L zb1OZbJ<`9a9C^}3W)cp}v)JY&MN#t{a4U1l?YSyJr(=v66&a&Hf+!OT$0`d)(B6*p zZKdUnc!Dbk`l+`?&xkrhg`Xd}wjQmUN{EZ~_>YM50Yu!{ftd;*;-$H)%rt*RT&Xtd z2q5Bq|A=@Yf>2oJmz^y!ysuRo5bvtt&CNY1qTd+C8|^j$iwIjH1WK>$m)X@8?d|5m zDw+v%#W}e7Owkq(*Q5PYVIS9*SEC{q!L@=xz+}@BFJTsMIWnw|7F=rg?!K)#h97MM zAf4||7n6WfhoXB=w+L|joL@~eQQxzNYMEaP@`rff#t5z}*DRyICh7w3D{xL_O6(nz z`c%8Qi&IxB!vSNkuz7!9q=Df=Al_f2*tHIpZ5P*?Iaj;b!8|jHmcxfqPaaf7G~EHI zW_i|d*6*zKqu}R{@ol9=XC>P-FkRlewjj<`!9?%95@4s-t0}CjGhyP7n>-ff_5La` zJ&0S3Yqsk|jI8F~0fU8ZNubZm6L)dbpxbz`otQhHEQB^Gl>DIVpZb*axIO7WaC3&_=&UsA_i{@ytTi9q_IoBXdJDXb$rFwM1OtG^ARdf)Sh`S|EW+#S$uwjRxojs zmX&_y9-6ZO@iDPe*~vyfS!ctC6_yRHTpi-XC7D?Yo{;mW#KytdBwMOU_nuZV1SAOB}pW8E0v51 z^6X0_`M09Mcd!=EZ9}5ZTGDt zm#Rw?_059ls$Je(V1JQYt7|`GdcU(n8=BDb78p>jjt_VON&^vU1fok^} zFF@~hg_5-|K%y+?0 z2xjS0?BFa1>vZRQ>MFnTT85kRZLc=h%3MBL4|7m2M>u40iVbobu&q)Df_qaE_4A_| zw8&|MCCS-DZXxWi2K!R#^eLhtpCP`I1f&wpyqtO-9ug!TwahOVGfD)WNrH?1NKrt$ zd_Y!_Fs;a=Rj!+BpiC3ybX1*QL0GctWAfZe=ChN;sW_wQ9gwZ%$Kw5g@KC@h2BIZ& z9hgnIG=km5>Mu9cQ?93i*$)A|E@tnH$a`KnKNw@kWCY-jsU`8f9u$VtGYc#m)#k<7OfjmwZ$cvk&J$w|GXYM+gw@pfaHW zOzdw4H39S?5VwT{q@ZPH%ET3JzhtL;>#M<`=L_`WKMw8_X$mRc6~5NB2->@d0Y z=*wYKgUp3~l%gqauMAj8+*UM~0sE0C$>bOf{Y!~7D~`beA$XY{>cQAmG=?jd%mz}} zYE|6YP|HlGe1uQ(2QxEzORpg@x#F~3BLCeO;6xa~CZ#rm@(zh3z0=nvcx+JJJb`w? z4aS42VCG;JL?JxX8Aq=$>o0rPPB%kV$N!F7_jj)6twnE!1mQsnh8T>7TIc}};4UIJ zhOU+DX#O&gR2lpLDl3^lYK;dq_w7Z#mLA(6B3zqroxZ-Xyr%6 z$RjXfy+m9f?;BJ;|L1(~k{ZScS?<@F`m5)tC-cUj1glpdEKj@mW} zcXLRoqX7K9Lk*nC4WF&SLQ6gO7r;L)We7m-yIr^m%=g)64q$TpEYHmfcmlr;=nXqc zA2sGXh2Gb2k$oY;i@}hw(Rb31e;^O-aK#M7qP^0R+-F5RuQygdw|CNcGnsK zIy+me;%5L+tP?zQd-H-^gSm~PL!m__$a;P8J@-uy(h}PpJ|6Kc=%+7v4h^+T!?OvJ zK{=^2tg)X36m7v<>5n88h%}A`b=>XW&_F;#k*RVU@#OMpKo}U%j#n|?frL7ca{uk$ zu{jtQ?J9 zB=F@5;NNxt|K{KP0k|9XkAH9e@$cLJ+rP>F?ccFVfBjov=O6$6!SS{4uYbeZ-tJgo z9Jq4Oq1co~Q6_sAFG5BR0Q|d8XGpQKi(cg%g-4N3_zg@g9^l{41~UNv{`8Tm`YXd|K1;_MuJ7F7DO+YsLW z1xDElr5ym^zEe}b&|ah-8Ql@CYR9booB;j}e^G5jF6-8EMYc&4?B@XK)UM5lAJ-f6 z<#Zm^r0*Eu-_B{@g>SZv;;aAoH_a)VvbuPBJv!C6hvawk#PrHYehU(*!>xJ9w7>qH z8l<{|7nu><{@cG5KncQ~juPem_%|XQmlW9MwgE-;F-cq!Ni|~Dx4Fl+ z32j?s)lC5ox}eH!BO8IMnf$>O-dDTysuAS1YZkK+iT1uK0!vP?yRi}EuwmaZj*@g^ z5AXm&b5JS)64Zh-0e}4#&Y2%_)1!zf}My7AX2ZR`o_p*U# zI?7mVG35=7iax7~kMG$`x2D%*pX(e5hL0cyosa}Odv72V&goO8nq6GV@o{aHBlavN z%;ev~M&h&&h+pN{Rg)&4!}sq&(JIv*ks8r*-^oci@*yBO=JMLA8ss~$x=Js=jr?Br z5Hg3p|2oM$P*m>qtshGnMoTAp3+{(no;u(;-dk*%!%)x)$s_dd=D8{q2+yc~t}X5EM8 z5>*`I^{EEVKdw6^-0Ha|`l|9un5gRhXKj^-sto-p-uCx;E+PSwv(4mR55+FK@C;&^ z+MT9bKY`;GcT`$?Q&?3HG)P+1 zQn+=&Q5+J}&G2bC44NPSys)6Fs}Hul1->*2DlvaeOgx^BqkjQBp!p@aWx@=v>Sm?#jcj{?O^?Q!b^WN6w^CrG;)92De58w4=PKOW%*>b%5Z2*Cd z=)ItGVOtL(-3UJae1>TM1@*lJ$&!`Za(=f8=TewCq6HUSU_q{kN}>X;p%957R1kekOgY?We!k+s zY`b2}nQws&#{5#3_8Wl~;u?@$<(Zc3$ItLWWmLcREvL~W%RUG-!z{%UOMC|O zI7ahj!1cc-{|;>EYUDWCL?5^GKTc2YCv40kxPn(w<`%TG1G?rTY?*VhVW3^xiJ;Pu zB~e=IuYU#7%ODwXE!2cmH8^7cMA6&qf_dzXj2YE+-PQx5qt{)7%Q}y2))t8}db|u= zP%Y7-xz1bG;($Z>_+yOLQn%j%1Q*xK^3S)!yBIf;4^JW>861cGhtZP{N4Yw7?Ur|5 z1Yo&V=@?f$+YyPA?{3)N8$+OUQ-bE#L@7I&u30^{6&1#k)E+V2kf!O!M|OT%P^<=* zc*-SF%LF~jvLb(USil~oJd#%o-kyPiwdp7RHmM6!Nlp45AaPuDmW4~~E9=8me+RXp zbcFP~Y{)jph)-)-GpT-Dtx4xvGu{b?0lf4M;yiD$lSgj#Tm0i#YLE3n&XzCn$HzHg z=xBc!it8`nMeNbd^7k96(@lQThWp?rCf%By`#X?=^X(;&Z+A?0IAaD~CUT*K6t(jl z2MHUEE^!(fS1JV%0b2=;r61(^QKJLFzA#7hLt2Xp+9K|0-6j^-|N)v^Y(c0i>}jQdu};*R;g2b z#9j-;Aa%cDSA6{zOMrJ4TjxO!8Zt8T(=06;g|t1p>UEWv@@%QH)|*_`TdMV z@#w|o)EHN2wvN#l>lcW9Qj8YPoiw4#VQZF)-|v`H&z)^x*}3O#qiIsCSs;SpE04dp z9SFf7q~tv7aHEQL&lzmet5o!&I5Qm=M}5Yp6U zb?OK+e-kUkRMIW)Gtn3IYj}^|bueiW7!^~6hpfMc{b(l{?DuB~-+|*Xm7z2#hd4E~ zY;yJbM1x)xkJMC2l^I6Rx0l5|3aAO08B-k)-QS)WUVtCk%7r^rW_B=+Lt*0>&&;B` zLv$O&sB8kh1Kb_D35_F+2;pOj)@Rof@t9yI$EnlRK3r}amQytlcfsx}VZua!1yy%I zf*a8n5CarPR~J5mFaA6H8R7^tFpZ<#9I`+p5U}9F+#&s2q@sFs7OBXyj8;tZBa1_d zGmvs?wz9r90#Ef-{n1yvrG9CV<)qmq z`Jcjhwe>F0ORbdPGze;%T0YORKMVHpr$2b=Icy#XUw^%2EFJplCNQ>lQCniWapgVA zUSaOVySDyI50iB#(4xV18xMV~8^3jIw^2!3nxxRv^)g%w({?(z zaXrgkLJjk_C{_22A2W?0*3{F=wDLj3NH&PP$kq)fH(pM0Uw3pQscUWT)XKh9y0(c* z4tJa3rSmSNsW;q)qU*{C9Swq`yb@qA>*tSx(mR~qMV&J{BQ#! zjfTbWr~}G$(&YWh2LtoMGI8<~Ap+`TY|M{Nn`)s1UH=8*-il!sYjY{s?$)^`E5QK# zR&@U#{6=oTBuEC}ccir#cc(!(-Z22bjf4N-H!1+XS@Qt+y)_pQ{eR#$=^y-V_l^hP zcenJv@OvCmLG(hN5`fjR;7qkH`#E->^}%4aCEe@cnR$Q+mKJ+&a~Lu|+4mJBffAS>|LZ|7@Mm%b zW`L2l9Wj}QqS?ZLqlD*3+~UFz0^iRpz9IxlF4xiLJKpi7jyJG``|7$bDfL~q2Qrt5 z=O$&+t3XInYndel1xxI{FUX4VPGuV|`Pc+y*nr8VWfj0=Q#)?M_#dD$?kNrqA5hKQ;R zPLZ6>e5d?d?c8D?q}Z(7gy}NvFu3yed|LFk5koWG;#R9saWG~SAZ8R=uNvRK=;D5- z&f=lN5aIQjx8kWyhob$0&S1&-wVOu9Etksk+>X%Cr0)^3rX!C-a0=H8X6GY%m9iMz z+K$bS$NxIk?w6T!Q5W2fY)p3;z`yB~>b6g>YmUoaGW=mnuCau?Dw)#{v3L&aRj0q! z!^!X+?WfWZgu*CbDSsCqj8-#KEaF#XbgA%vc$)5e zL?B?NyVxE;8n`g7@sfaDmO(NN_FSHK`rds79=&vG=0Wtv-&_%J&$pdb{g=HB^Y5$w zviIs=_HO#i-m8Du8}Sc&i*MO$q-=*Jge0|&4wdPRMg5z-o&T~oVfxMP!9VPM^k3{< zGxjg`jt8*!h~6Le?s5k}Z7Z~Z{tLbf+HJLCoWeq$Zt3UGr<3(+;^59#ug1i7W9%Av zwLaR22}(SZ=cm(clIO#?&sdaeQPv>M%EN1q)S7|??riw4q^FTYmp+srT2cUH!fk-^G{yky8{AE&iEIV1cv1r^^Q0zgMl;?#Y2_d7~tbl+@WeEwC#ea5C z>-hk|ei>z{WZhX<>yE;>rZv}# z5nYupBHz%ozUKfPp&(g18+G46!=35ni>LT~_$0H~Yj9YEc2*{H5AkCDs1){Z~a%~&tuQkcw~@O1MJb*F}rs{I#rFAe^sZaUVKmU4Kn zxl0BjdlV*S0W~K9(k*sPvgcQtJ;N6{C1Iqm_1nxrtt7<+<|#+Ds+ z#*&08hE9DjGQj&z_(hkF9S&J0@NfRda#a7!S&2-=4nr!&?7b}B@s%6`LUFwEY0Hk* zB4wy&Ph;)!CY2{^8M^dti^B!=Np^)D-o6DK`Fyy2{#pX@8V>f#gXpun`=m}V4=#q^s|}#gRi24#1FdHT zti%*dJG5FLTOXV*QM6TUg3r0Upe%b2do&I00q1?0<3u4|%%d3ey|K zk`(%@-BwM34!`gIqus>+(Qd16f%ah5jL3o)7&-4{f3Vr6Vr2 zAs%gL&z0~Ng)n9DZKPy4aKUxjh@pc>d=?^*TC>|)4FUbh&f7M%mb-hRHQ~FX@qwaw zI*g_F-GXLA$zN0DpkhU0v+Z?(**g&N%uEw%!$7y!#d};o$XU|NOP2V9=_4gL%o;l*dVE|6CjBnH zlbsP0dsc#oH=`>ueW1sJALOmwG}8&j0`+Xc}t+> z9!U=97ponI(>>PlA!X@mG?~OE0$iFR@LWf|=r9d4Iz#2w!&dyKRAj z^K7t^z%}O)!mAV#eo;|!vT@?7PFZtl5Gjr>7Q zpPgx30p4m!-zx${?`+37_TOUNsnkRHA~9e7`6%a6=-e-Vp5qCzNJt(Fe`kJ95TGs? z26D7wrkpvwjm4Bi=zpq&1o$srcW%z>d6T-vY$>YK?}Ejdt0Qy9>~Ourc6h=zYx&}v z1tlqV2%7K_Ci^lsUEofx=~IL4v#5uq9rwZb^RY&%LeO3RQLz2r|bTO)}hUO$p>patOfG$FZ>PsrR+{WYyivj7WOvLp_QCIR-g}( zZk+s%*qSHXeGQl{BOl17*A9X=Vp{IA-1A;WzvQ=rFT>;Xf)rpREjJ^~ndoy@?ufIy zb4X1M&ZrJG?YWU8Y`k{J%{eRGgSM;v4)$C8-(=Kjs1VoW$pkB8fp(&Eo zF2cg$J|RBja;7XJ% z<$wNLUgxX<%4?>J{ZNx_|NI*^THSheN_>fF*Gjo&dzgPg^S~36f5sb%m#g!StfYF+ z{3oz({HMGd;_YeB@55h}AKsJRUiYeJ1k(t^Th)F^f(cv&60#t^Jpq)t!XJBZm3s*0 zSOGSLaIn8Ax&4hoS7>oKWn)j~m2|IQ0}AnAceGOhzh;X1#+mt3j%cobHB>5W`v6pW z`$v&hJ7O!>4hYypjh=!5x=vpYs{j%GfIv;XaBs}g>~|s1SHfRd5hj_+6mZtODn@=m z_)a3#=l0A96d!{Rm?(w~s-;bQhSC@GfxKz^v#Eu+KX&_r$(e(L?SrqA{t&YlbkJhx zez{USXa6moWvQLHl6i@wcF|F($+7TJ*x|(zX>_^Z@?6;0p5k|Xxv!k_Adw!u1=fZ? zHV)S!q)@L=_uH?+{p5qFKa|0tXP5mbrG<%{Aj#x1108U{EGd_$wS=!>V&ppQ1dl?2 zxI+k!tJg$-6+ElgmOFWIj7Fkf5xXnqI>q;xThRv%Q9ZbzlR18|%HmXarAHs_<94XQ z=SqoozTdZMMoIq;@pC8eopL%>0OoDkUAuDp@b)}_61XyaJQ<1*YcvLx#z8R$Y z$_<18F0$zQZ+l*zcTs~7lt@xjL2FgpkhNhz49SmIHNonQc82lC3@hG6+Nv9TL`0Z0 z&&{|?z@=vWb<}AJ=)?e19uVH+Y{!D778~jF9j0!hAzh&b3!l&&Is|{Tf>`lIJL_oY z?@5YHduq-#28y4PA)^=Y;DNPMY`S7ui6z9;4)Bt&9-zneZGSc^AM=k5ix2b2=tb_C z|DN=e)QB+gjUa?rKiPGhRPok%j634pD0!eg?DakTg@f)$YAw;Tt!ZaKb(3i2jZ28C zHk7W9exlIl1i0+U^&`~2Xos7GzU%}@6zxiXz=imv8Cu`xZkq-1XR*gh?RR8z_ap03 z@*#C~@Ut@H8&QxbHS$Fip5k2Icr4zP)G@GZT1}=y2qc3W>7sm*=)-^TIAFV9?xI7nI@u_yFgC17iEZ*+ayzt7P6$t8 zIIzVBBRN$OKHrJ{rpo8?0J4FOVW zDy!W_E_qLL#&q7Qihhth?+eyw?`AvluX2<%1e^bl;bFAo>JSnT43@lCWGt@4z(N#M{1R&UjwQeC_*Q*)l89f1p@3FKj#>_ZJ%0;+^879dHK;7$ptj z+FvN9D>XY=Xbg8_vkpMGeOyP%`4uw)?q@O2II0nUt^+G_c&=t=(32jh{-`XM$ABM+3+a|hfxq86m zKw zLEP(roncdS!w92aU)rf6N_(^R(+QPXgYTD-0K?XQ!p!CcOimNj(fkx4K(xd;cB$Vm zDE8S8f*93ExvH9?K%<#DSn55)_OKSOTs?uaW?z6fz*y-dq7cQk?}bRc0F4RffW4e; zo8#;DP`mN>V&u**Y2%Vb^F@G0h zZS~5|^^P0x+9ysELoUjb*G1{0^ZF_HE+h6kX{~#p#-A?I)6ui04?;3jU+28D>Q@7jr z@}LBML_pn1wek6)<^wZ%CIT6MjIUHAnSfyL;8TYl-92&8;HGR1{C=}xl;oD}4fF`* z0Wze?HM$9wny5f@xp(EZGR7d5jK6(?aR=qv6S2uZ=FwW)LT$42*O8FCCwvvmOFIPU zI_aBKowThApu*S=Y%`uIo;Ex9m=1X%(0ju>j({xT_iPt@o)hnF34W}+2)(7&s9t-F zf9;g97ly(7HPRb1XU+_2aa#j7YsdmBrzNn(d-<};f9%`>+B}=NiED50ob6wNct)He z@dlhHPPe~)5lARNBvaM?%cP3iEp6ZMo#xjhFy2Br%s1=zidn`O>PGMCmhmLULOp>P!c7eb+NW{y;_{XgPM-jzM6 zv@{Uh;}k8Le3`6ydEeU)df9~AM*ZGPcFTu>ODXrn#1%-VrA=%f8B;xVHGw!v>-2qe zA8w@rvN36=LZ}e8xFI1YxEP=l=9C`m#4QJam6-iK{#?`NfhpRecoBHX}0J-x#N%41uVZ@uk?69R&CwYTT;yhE14d=^N`(pMp z6!>QJ^L#a-pW2v~3O1px`bvxJ9Q^P=?G;9=4fjcnUHo9?j;k`Y0 zc1i2XgS&~eV#x_#Qiu(5pG~nIU8m@DOv)tdH+%mxXz&CTvQ1JgmifU54pip2#3MI`4B|36@t!sm*)ht*1v6 zV1SN|X_(;Xhgz$}i|yP2BIofhLdt4;1ZCe4Uob%*)Z=TYJJ<;StXf5*qTIve0 zt2*N!4t5g$Ef8|bd-*@MEAnBr2~Ut&Qngu!Ss`%r}m`ZFq7ydiM;v zv3zVY^i14&vc!&GagjToiBs-5LKp9V0x9J`Aul(ZDwjJq5aGHw*GGX>$}e_d=8 zZ{x^;Kb+fwh6K4&gwU((MPULTR@EfOFu823;^?y|);at#Zj4cR-u>lX-@Tj}fDJ}Y z_{D{U9yyj{mqM4%`(-~Nu;S5Wd;VJYzDK(Tn~3v9}S2gCOGT z`Bkoq@ucHmv9`t)T{p#_)s$F3psNv$^^Tqs6U}vT#uR8dkc&j11bKws&9V*QaO-G@ z{P_d%@j&L^Nv{`nm8Gp5Z+xYu`SaX3+!)7QZ+g&q=5KaaD%TzUJz%Qf)hIx&S z&WX4PSO>B-o0~!TG?V)ZZap*ky(ydom+n+C)e`lGZu?l+xW$YBqziy-K8ex=NFPVo z9~FJ12-2BSnOnf;%#Szk;epuE#3SE?(lROaLTJST^_tph!m z39pjj;X_A^lY1*x;4L|^IZsdB*mQm+6+O=0+i)h)C>>SCyWxAcZ@XWE699jLmC%;kYXDLJ#`tQog0SA{R!w-Yj&*1k|*dIs^ z((ED^k%XP!87V%unylNU5DW>#H_c;-na@m65*B#JFpU*5r>^R4m(Z=!TH&SA9mj<*04+vQKLkXxbci8dvldoQw|7~L4HdB5H` zr}|_w{|YDERNvQh(bF&>f>;8_EkEB0WjJ;pj7;(84OIR6E3JzSCL`A*F0r4Err*sW zB~S1i`1xXQ?&-hw8Fg7&T`DYcW_t&(JNQ_mLBDMQ3w}G+khG8?Sr#;)KAXC4Mp<|g zUoblp?rYYlZ<;l>$8Dw>pR>Rfh7yUMsVKJlF~t#9oy;G_QZ2p=-;{)?vX-tDW02yB z0~eKh#G(0eH_vLvCQYp)GS=|@fBWVW*H${uU*CLzNr&$Q_-6E9-+cf7^UZV2zrHC^iw#HHjrhNOb8BZ8 z(Dxp|4sbHFIfjv=Ku67gW1=$){0RdxhWQDV!mOgo-7QVZHtQ4O-fwvv+B4Eq{Gx0F z(dQYB@UrD7`-FPQmD1(#5pQhv)c4ff7Gb04iY&H(f}BD`+ZbN@t|@$Ww1xc^(aRHV_`2Ux@#uAH*pUm1->$xIqnT`|fZw9er5P(WM@{b{4H${V zik%VIV;g?JY{cxccoOJFZ*)fewEGRF$Lx*J5g|W-+pFY!gmLo8((Tbw0Y!4jPe4~x zoHlHUsy&m{88xe)9NU8rXnMZ@nqCP&(<=_+_J1_J7yoH`+lT>8uQ@-W<=>{4IV^*s z7Fy9O%VwCvkgNb2QPECYlnxGTKbI*59tdawdanS6$U_wz4zXsCE=4t5Pg84)2lL`9 z9{yR+>ZWhV=SL01ce6(+YyoJS7PpWjh;EOye_rybtPiUZ@F2E2%8pM~@BYvkD0Q9; zMIiBkqBJ1&HM0Y?^LmoQon<&~1Ur_92eFU67B(jM@r)Y}?ngVTy)8u|>Wgf}RUSTy z1tcT|5uES;&~NUB0so9%h2#}o4wEhtZNT;Po`A#yyktjw%BOrUn=hrl4=XT621%G) zvuhk9N3mhe1~JCrB`80=7hJIe2_y|&kmP>;G0LN$3DT=x7*MISu865l%%fnMCgJ7& zbd~sXy)!B1f9WQ|KOwI%YYGPhoY!2-LtHDg32>0;W(eeOlL}H_-(W2nf(Q%B3w*0q z5h7;qV=;JTQ?i#MQ0=s{W8IZidW*E1umx6a#%~5t*jfsfFpVnDRcY8w8bucPY+tbn zq|1I->drl8W`EA*1(b5vocE`wQ0`p<-Y#3zcyD2AI(je9QVnEU6Mw!1W03w&!Fy8r zr{LvMiN@b{h{xU^qRz12I7>BaGO+HJ2yJE!f2C2}NzN_ql{S>Yunf;Eae&5BX=-l@ zV);p-Vkx0dR#z$F>|GyKVrQY7;*xJA*`T4?NLBT_whxWf4druM6>N?kSH8n#Gu$(U zx(`333G#R47sps`Pk&Ri6lv(Or~x`NqXOd+>M2eA&nHo=yR?2{!JVZWR@5p(zdqe$ z!UUSLGVVrddzHs>$l}>QuDOO41Qox6P$cC%@N)f8Py>D!1*pw3?Vro8bvJEz80{-@)Op0gME)A4>~Hctg~ym1g` z^n*8cP2+t7>b$c1|I9-pvw3M<)QA=?$bbc^V6c|ejOtk(#G;E1|BeZqUaK4GWzh{Y zGROI%1;EXf5Q-Le9H+M|%jfR^+%&LU=L9{IupY{wwwoCDV&ggHaqZE_w?*{FvxcqH ztei;f!jN5g^y=mBsY}`bk zpythB%hz{yVI zCSKL-u6x`26x-m8@vV;^$)#IESa;Xof`(m-t|!(Sa~<#0Xed@2i{}E-ghzKUaTGS~ zv4}kn?7p`5S+J=gGtBT|8irg=wbfvf-@aeV0(lAvu^{k_RRR<-t$YOs5HE_jRZwKg1quVG~mQ z&oht8OR9<0V8(l*0gE3dRJtzDW(Br)o7HH&w%_8nhi~!Q9n`n@ZHT069M`}2?N*Nj zl;JU;InNK}=nXUh$yHd!o81c`|3GtW{S7oT{{xyJ7seFEvj2eQR5y3d8)!Z<{TDPv zkw&&jY=bG>pF%#9_KT;cKQ(t^yOBA!%5br)@TcL5(e4D>t*@#FJsfWqw^J}q5o zUq(mpHn>-~QK-^Q&&nAc8GL*a+3Ek)fyE!rdD1PUNTCRMZHU-IH>Xdon0%CeCTlRG zAlNt^^4fPGTDGw5d{*Wmna?}tIS#g!W;h(&BCa6V|Lr{-xjn>hR^yJ9EyTupeYatV z)`g}cEQ`|(}RTG=}0|)=~7K!)(AF%tQ z*b>EQY^WDC1;x=$U(!VQ;ho1<4|l0}ARG#EU!7a`s+FH?MzPON&_)(Na6)e42pa~e zopJ*azygQYjO#{F$NQ33Q-S0L;S%nKC!97ZLEm%ieIK29+?MQ90gX&XhGoTr&4Wia z_%2}X={BX7H6RrJXgI{t+G#8uAR3#tFQUu1EEwXGl~cpv$;KgU`LB<(sm~!OtX{C! zu2G<=obmBR=>_Dbe~@Pz*Z=XmZ83lnPil@BDfCG@rH4%l-VBs&DSvJAL!vX3g~Ovo z!@7OWGktAGv!st4?+*14!*R>&Ackcl8c$roV^lzNx6O!+~&MGcuWQvXZH7CfqyIB=M& zU(suoeUyA0H(0mWqFvIlNP=)=9kw_MPtC%UDq4-J^+0m=@% z-i`U^n)H(ip_mVaf(o#z(85EHI@Vm@pQwYtT1IAH>TYXFV=dMZ)o;+^fH&A2riArT zBd~e`fAtN4^kXvStB&KXR9zrKBRRuTZ=Y&HT^pg^@pfE)W{W#a-e7Z+h^3{6OaP%Q zEl3@t@#dNmqDg^;nVN-e;7bUWKD6EtX(qKfa?u zm_OZ_!W(KrKQ_6%|1WBqD1(A||Don$<^Q23CteqVMDk1W&Kqi$zM*D`gEUDwyz%Ar zu&_PAGNw;h;UzbI?p1}fVnw+cpJMP~Vq|X{J0tM@uZZ(T71%P@6`&wx>RY3P?7sndbs*Y8th*g z>nBSKdR)JH$AK(T8Kg}feAGm;Nqtw|wv1u@Lk7jA9WPJGcMxeoYwcXw_^3w5sw)_A z5VL`HeWlhd?tM-PMUOC73FU7~&eAyfHV=#QG0)aEH$_D660fl9&qMbm5vMh62sn++Mx7MsJ}i9h&=C<^pK zUR~sSxr2Fl5pGWfWZz)p;n8Vfro0oYDR)6x{G~n|5Lw(Z4-an#oobzk7#u>RFOcaX zYu%?k=2su)?#GYS9@w=!(J0+M68n>1f55zU1CF7ex&Mzd>5skZ9?fE#y6+MFnz7B{ zKnWYfy`^zLAw{jl&509q`dR6MncwUN)0jpitZw8WI$!pdcZ=jvXAhc}6%1k7WYs{o`O3Uy(%A(=m(`@#XP8H=rZK?evJ}qz zT(O;0&dWp`z`0cEMpW_zY(@o^^Ar$Nh~r!c)BxHs(zj7MF!qP)Z?tw;Z^<^PB@j)= z1|=hR;xUHc_U)u=CM0Y&Q^27uXXtFmrXEMMx#<_R$o(?T%E0K8=4ZLWEAwj2I&V{K zz;2AxJ7C2N6iT3J-RjHmJ0j;YyA1`{?e_DJFiZpKQH?S_TZ5=`3^O;z#Kbh{uowBA zIJ$nw%qOAk70@7{74vGyQlGVbUm+?F&|(rShGPBP=*N`$1+zyVT9P3jDZ!_JNF6yj za>#?>ffEhq{XyW_wz4(eEA}LaTqE+etHb6LL^^cy2>VC@w5U@I9-gQ?Z9D)ABzk%V z9nvg=t=XNl@gl1hmxdE+7#R}Njm`YWUK$^j&xF22Bq+q!C+U~UO)cS2gzaqlTtb^- zwp`E^5r~t<@w|-<1}s?6N$5xC$a1Gtgnb81mnT}`zt~rrHEC9#wR~#I(3+RauUGW` zf!_>&i3A_Hj<@$N$0rPR6@0`_)C9cYbtapuh#XIdEVEBltwr&5-Es6v^lhAq*IU|V z0~h}O9Pbe)j0ayFzFB&;Dd>ZC?#lWnX-{*+aeS&?AhoSGp}D|Nh^xy)cF{xA`qw=Z z5`CFjl4`NNq#K=gD3U2&yHtqL;iEnA?z~(o=cmX_P7Wk;=Xtts6;V2yD$aT-j4Qjy zOsZsita}kf_>cmB4B zd$ByI5gl`-%*i~vMzue4b`aRZJu}Urx#=|0t2x$YzLq)flg?zvyEcPa*k!CSyM}6N z#4G13t>L&eWaeu;RTjy}i;vdaRbdxQM?3iO~ zHh+!KR>NvnEXT8!-``zdWo<~V%I}_wBuy)grhmxv9jwUl&^{@j{zZYuuqRq^ba2$_ zZz@@(|K(m(YPGzpR3gJr@W-m>@Y=p8kda_VWB9UWN<)VPJzr6AW$TsR0JYPDL7CO_ys zr9OC7f+%cF@=ZY&vF9B83#=O-rdq%XsP=>{yXPnb0tQW_ntzfcyTixAyqVmv0+xcf9M!2E5F1EB%;=j@UIs2;@?x0np?aKt+|P} z?tOJkztmK7kJ;cdOM73@lHuStq|5pwZ1^>@=Zoz_6bvpJ2~!~kU*_NG7t+^LSB6j1 zg`54llg~<|Bq*=>w$cq8Ppt>N*()2*rzbDyj|f2*9uxw2FZH(<*tglSF+%l*aK@b{ zQ3zwOAeI})(( zOMy9Xa8&xv4Gw$GPcmw7QC^Wng_ww4)etfZ06${k#qbD&pG`YyR6sI=@goE>`AW%S zoEZ~tdWUViIU$Bk2tQD(E~w43ObdKNgn@sWgpxYAST!#xYp~nLPVPWq_y5!6|TJ=9|q>rJ}sEfClgJIqPXRt_W62J(!P(cQ#Mw+w^ehAqua7 z^$iHNWpJ zFd`MQ@R3JLgcQ=^Tig7T*G9lbZoOj|7iDctGi0;qUtU^8OU*6JjVu^g}IxlU>wW-txVGwf)x_r3pSWDwC1Yh z8oPw|5hj6zqLK9oY;n|sxzYTLttm-W`pj|mD1!#g0m3xHd3{xzH)n~b@ps%Sf7Vt> zrneYfWhpTswb`50>B0c*lbCHEtRdlFSh*q*9!_|-l!F`f3)6ziil0+_hrX0Zh*=q5 zJ2SgLKD=!N&WmAO=q6(TwH3r(UKRxTB%x+Kh=s#A#RbzGy;qB0=kcZd}dujF#&p5E=Ws5uF+?+*#{ za9RS-<~00W{0Zr&dAY!MtK7GyFRdHOhp=Cx_8v(4)JK5hDDKg?9&imNeQN(2)n?Rw z1NNAC)!Bx}^kQr1BU~8Er=!RPD=k0+aPZ%sp9uep>rMSEHBw>@&Dn-h%LI2fCFmg1 z-osc53hbECJxZ%bWf>kBC!N;Z>K_&xFEpC@KX)o5@?rTf1^tAP2=ZB+wBBL#>RYZ0 z+4#%ys@48!-32dHftHr~_fv#mn(ZR&ogJ2`G6C+=6g16LZq0wbbGySB&7mmHQ5rc(T{0yQ07ay}qf|DbF<+tq|Nlign*RB+%zyULeBCJ^UBE zv4|7CI0tJEX$82_7|C#cg{wS81s(l*>na7ArZX1ebNc+$;U!qNcjr{^y=^05eaM|t z+opw?W;c^!QP!f`zR4^cmDcf4%35M^_YTyHm?xWsusbItqNsxbW}r5#6T;tAb{ zy2yW%RgFV^_DjDV;29!MU0|tL>P35ja*Ips+E4Tx%Bo(R+)056ylx`pN*Lr>gifD; zewrVPcU09iJiq2Gw6%0Tz>$b$Kf@#+dyie@R#>%7I7fA&>}flx$;n$tA0PC|Ems*2 z{!}VjhJy#wMD@d};LY~X6BSyBFpTK4-zO_CMf&X~+{P*!ao2(O{7*4v*4X_m+^3TZ zbte#iqy_BF$-(t@H<+gmSHiZ-l2h&Mmy0_`Ub3mbzvlBrI%mVC`BXrbnBXQ(^joml zv^E)QNoW{I%ebhTKa?%Y+6#mmvN^Q6p8_$>g@mOgVJe!biGNTE`a#9`&gAgxNvG69 z(Y;M=EFFxaWw^--zDM(x+UK>fNIX5E^u_aUk0Q(JRku@3PADWk@czmw;xar|wKB-X z?s&xkxCFLAt_)?!RKA@Wm+p;|spjJNYs8b+)0xeX0gQ5wRSlnH9y{(28r!UkJ3`>| zPm?u4jz=!liRZw9N{L?lBK!~oCb3$!W$H)k@`$o@G>xxNk|Df0!oWpqCP^s z0^#Iip{JAoh}UZ8Qd56*c_<5%zKN?b9_r|wTia3b31vAj8gwh2E+UArhCf%%gb{*a zrfHD8D^?B4*gWOMNN^8QTy>XLs7!i4vmxN%!v!WWwPEY9B;diOCo}>2#KmWC@{Zb!Y3qbc z0f4pwz;f?KveU1Z(9P|R)vkDFug*UY#{U66e+Cj>#R!j{=DCtlvIKOr6R)AI%e{ zFvO<9PbqYIRWs4fJy}yBZefYneC1bX`DA5j?IlWDFvjE}bx|Y!WXraK2`xe-K z(im3?u|~Vjmg{g#w2Ii^FJD1A+-|XEj7P!Oh|<^lo0hZ2q!B{qVRLm#hsbk1RY7#2 zo>FqjEyf9=+2!rOBa?Eooa^x!LnHHQ;^i!1_NF~E*>{zCHqxy|{r4=%H}zq29u z9RPC1Y&Nlfp{Cb7FVDg0Iy#yx z19cK!#1Z|82ihhdlBRlg(VDm=znsCm{KP0;K004rIqC{+$-^b-4?~vZ;UXUSLm!ER zen6oTBId;*mNkr!%$v%o+6g;W9BMfVa-8|E6sKt2 zhyzgeCGi$03)GDP(kW508M|jw-iUSxd_mtvlH)E0U&T@%Ewe~g)Zx01epxL_7*5t@ zL9?J@-*&~wiZF>K6#YvWX-P29j5D&NqK~ z3-YaeM2=0XV684Gn+W5lRaFTj>_M@FStD~L-sQpM(KP`oo?%DJWomlSNg7Xj>t(Uy z$%923BR~aFtOk^&Td6+sBVfGnV{gn@+i)BFBUNWb==C7N?T$BV4>f8RJt?Vl><7Ep z(kd6AjVB*!yCl8?%A=yT8&sW>JsoYaWja;SMhBLC{P$oD7jT?+1Rn`e0eVR zglOqOewP;OOtL3tW|$I&OW`^hcJtK~y5Pe)W&&f=OCbh$2!MR@Iyg-=u{t?GRO?Gy z!w?8O9PUTx$s9W9j@05M!-dlB;bY+ski?mX5`FnzfDkEok~Z=fUWdU91_iHNA3Xp5 zt^IJj&KF%!(mWiX5;iYVZ{OjDYus_v=0dJU4cE*}O~y&NV4-*NnJK^8;p1k)VxDmk ztv?mEG3x%H9N<`vF8DwoqA{XBFq1@UePD_C)L>4_5U z{n`%5g2N$YN0Qa?oUNEaE^daoxT7lHg5TnnKSnV*UYC~sq=c0l)elK7$oxc@YKyPW zNB<=XV7PG&Haifgda+rjj&*zeWS#4X>G+#=R8uw~87~^h~1Wt`413;3gW3 zq;~TQ6;-c}C>z2+W0k}(OK;hEA5u_-quON7u0C-^KYk6Hz$|NvJ_?`d8BN;fZdHP0 z7az5R+o2bw1Iaj2-wk6%4VvH;LnMb<1aDD}K7A)lFCyt)*B_*_SANTa=oVH*eb(!c zuIeiuwD>%z8R+HpQ`aJp+3VL|-WVik6ydJ02SW3qA)k@1z#UbtHst2d);$jv$E@W8ncdc`4b97#NI?ir z8XZ1UQ&s8@KmFuJ_e+gC?{cxa>

qoMf1tgX20u@O2Y)0FnGDFm zz)D+(OgvdIvO=&&p7AD|A366Dd4m+K-m`yPHWA8 z4N*o^G=n6oWUPH^JpUqqVjDZ)grjur?4|@!)LOk)JB)CaogkYz&N&K)NLzwX&!?rq z@TzaXBDN$~fAj?3%FlovjP+`{zjTex<(nqYL^GCfkdIysn9xuk<~ceZ8W2>qtihW^ z+}YA4vP52%a&$XxOTmG>@@da#B_?F4&D2%1d25O-0ayz(f z?Hcl&+~#?8rrX3=*)aw5<$Vd|6~kuQcpa5b224qLG3f>yjM44}dJbgkGwnavC2XyWCuR;!@wEvKoZtJ4bg(8~NH+uFzIM~cfB z*Iy#pgYAVBmlH=81S*Z=-r^trDrq&X|0Xp@+s2t6pUBVr=3k2Xlu^d$br+f>rJ-cU zgJk~P_jy!Ko1&(1`d_^^=SFhG4hu4HW_F3QKFgb{O%UWMmaPMgh_uo1&0 zE5?kpkxYuwM`EMk7>t|PRy0{$fcK^J{o!h5FePTGo#(uV9r@aW_fM9hx8Uq5M6$ac zOgykH!V_6Je)WY4^C+Vn#zpO(r_ijH%%iTbLA^qHv02crN0Aq4xVRU6xX+&jaX>MtB zX>V>WYIARH-CO-`8#faF|A2c3LOsB8pw-%G(zL;)h0abIqxo=Sx4|I}3Tl_q^1NDZ zNv;*O7vP@d9_^mwW`^W`Nb5L`?bK*mBw8*x91iE>H$(34fBg$%gTI+16AM0g$Of6U zrFj^~u4TO71)qzBDD0U3R%tO#)WW|r@y>X6d^ak!IFn)-?`grU_~~F@%w!?0RK@st zm0S7qV*D?oiZ2Eunk(Z)nhT9{J(r1AM$PPaLbO{HeCIQv4G_Z4oyq*`l54&Y7CJ$X z-?0fA6IIOQylH?YXR^tASj-XK%B9B2>z+`-+@(PKX_>kvnl3NuWPF_SWkK$a- z6*Wd2Tk&yR7W0zjj7r!@KaDz6B|EeVA)V_ z*LjF>(bAu{X#*L;l$dVV6pu8a8|)wOB&O?S`@C zayc%cD{g7wJCdaQLu5o!X=zu`@XkhaQ3%bEqi7b0)l9-RYF66|3-VQchG*bg z-6jRUQ&EZ{1^F;|M)TNHiv|3Ae1>gLlm0?@ zJK=`l8eI39)KbD`O>1QYUOB9WYhYyNl(}Kkb!k=s-r?o(WAqNq9%}(=2u?jUo&HFz z&E{TU)3GGpN!VCePR+hy9JZ5BRb_D{z#)hTh?6*{D|YA3q?)rYcSr2*&fR-=?s$gw zx#bOUgS_1xLFd=7=d?d{%cS7>%F2Yjs&YZi_pteCRS+XTRzgeBbl-DoNj``@Q*#(N zDNEBg*J02FY7+lXb`#0O9QoFqm53c=Is*>%&s1=S( zHEqYER-}TLKmhC_5r<$TGIf#gO}htc$Jv*`YRvOGu*dbx?OD$o$nyhdy(T7SQu0KY zxD2z$ z;6IfqYF8jKVoSm10{oR_GY$IXEfw68(@yZAK@=VC-gg!?IFm+Ba}hwuIjn~b{a&l8 z+~A-5{bO&4@Yd?8O(^{IKLX(f=G3au#ybUoC|ozJ@!8~cy_7arc2$ZlWUJMBJkg6u zDZ$39R(W@nQu(pORSd|P&SZ{Y4P8T{JRnYRo8(;3AER(zc^NPg0yuqikRt8S1}But z0MXveDK6<@E{eI$h8-aex5v1`?a|Km+d)^%xui-M zt0CrEv$3aSI3oR-=dk6pfeT&^ok9+sc?`F@2C%g~KEv)K=KF24N8i?HVrbPfps4*j z*!gXQOs=h0|F)sSP+GAdIuO2%7x?$G-=+l?%s?TvVIu6-Os?|(ojINcbcN*6UZLJ5+?IfB9;t${N`8jWnV zkRSs5wY+G|{t1vd;RQvXwU-`z9(h0vQPNQadm*IUlPuH*HfEC<=D`;&OPr+d zMO(8sP@iWK#X=%;{$K;=5Ea|?2`SboZtRIiNI43W*9pJxHgtvE zJk${C;;6EL)VgtE^ECv=XTC?*8$*%+o*1+x1n|9D;ZPCJfrW!o8QUGV51Dm4M4sI;FR3~E{9a@|#WS^-hGx6YXfes2LwpKJwsBcDO4ZV0tzLzc6OuHv)D1^*p?iR4 z$UQ3)-ULQ&(C{09h<_a2wMnlEECXn zCYawevrHD7Z`+TTQ}at;giENo zFQ~F(+JI|U_Pe)4+1GZpF3#3UyQbJ}b!;gY(AF@9EdwU;&%+CD)KWomDv&-Kl)M za&*q526Mskj$gr*HMM#8NUT-YmHM&Pr1$lwVy)iE*wwIBKZlpaS~X|40c&-S(gJHt zSC|-yMM*CDLg3_&Pg+S;hmyHL0M$tIPY<9{VKF=M&LVP$Ro}fn9xsw#Wcuh(Y1o~p zUg5z;XdPLAV(+A5WY@Np}iJXNoxl2MuPL zdOYQdZSItI|1mWlPF}Dl6;^baNx<5*R42s;w0Y9i<{1r*!qA9Lr$v#7FT(M$FJDJi zMVKz|LKUlpKSYfTBJe~+&S!}eGGl&2zV(A zxlXLs3i1lKYR?v{t4WwT`Hj;;w~ zk(uyf#h!qKo}z%tYMM)vxiSF;vL11Ib2})k$k`JCeIq=ac2{VoXdhr$tqT!dov&{| zOaXAkc<>SL+>dwf#i|sAt876KjS@Uh@%}uLI8`p^XbbV@Rn0H2Q8gQn6|qv`{UHcl z0CcguNw}AMPWOa^C|p%3zq}1f*{rkV79dmM-SlR174l@dt1{&VR0=$*M#a&nyNLT! zk%IyUN@I6T2b`l`)sEV*GjyW>?SJ_38JkrFZ4af(;P8_Q@f*=%M9k&Mpz{Ug`CPj+ z!sXiv;6q5a)f7FgGZ7AkL|MiRTnk<~0^e;B%c)tj;E^xF^xQm6_GX$V&6 z$Ow~=bpbTZRF$XhHb}T><0B6muTO1oQTY^d9hgWv`xfso1^1U`aHd5``Pr)wSQzZ^ z{Gp3c-dcHu2hEnRa;3*o#ZD>Xn&ns$pFlCLV`OYr!1yA@D<&XBELP*ea15~q;v1xO zKr)E|ASb6_@w*S=ov-5E9X~#*Nk=H_hz3P|kO9D$WDv&EsGc{f=Z)OFCT^lEyvdM_ zssJCe=6dY?xNe9-)Q!jwc~(N4ZCE;!oMz@t>;;X9NMoX)e(@B3#}6KSbN}nFKCgSa zcVq6!&@mxa0$_!p{CL;wo&Q||oCbu$3l!0{d#ii5!CP^ENb>oEFVBPXv}gY=Vc`;6bP~Cam{^kZRZc z_tDA=XSX-eWQB{d| z%gD(Q&4c#nz6n|ssm3$Kgf;*x>28!=tTedNQmZLt))pN@+bx-gHGse?oxtH-U>xYb zTlvG@(L{sZiv>vZbYZ9dfVvela|XSc6}kX3yXM19X|Eyh< z8E)p@AJcM(x5V&%JUhm6@%EJ?%%v^lI?FMiJ?HH#tRqIG1d+;m?X> z>vKs>YLV6llVRyMcQo1OqTG-Aa<{5%S#>YWH=hthtq*AiZvaRcJN(3Z^PpmQ+x=7T z&W|AK@Z5wE*fY5VRU6KYIARH>|J|v<2I82 z|Elggpq#6foib(XWlK|)+&P}i#1+qsckE>DYR2V2BqVW7kqSxKQ6{sW{Td*_Ctj50 zM-p>uCpHN*x*Pp#G=K*D`9J>yp{@Ul>=~Kktruu(7RQU|#ok`>rai|#o{~B7<2L?% z8Irag%+qhtUU$DUviAGderL}i3olsFau;O2@Ni7p|B3?ttF2wufF1ZTeEXS%ksJ85 zolbk7{xAJLCoy(#OgZ>WU%)H8jAubei@tH~Fo=Rlj4Tu_7mFZ_|7XtMQHByCteH7w zA)>X;18*5aV<=7;LX#jwXV?plyg0DVj^0}D&bMgAF9{C|9Ae-DSS)bi1vZWomeW`8 zGF~kRZ6b<8*Prs%sTi(*O8jX&gRhO&>BT=|Z^`O?3`rC$Lz}z~gXLm-r_Ecr zEYhl}B&8MEp}RgW>=!a1Os`VYQe!!t)2T<*oHbNf=a{VYK*r8NWJR|6r+aSD-7T6{hXY&_yJ9F(BawFuB z(7k~sCt)yW#ZQk=R$+_t{U!O~3-6~oNi+Rc71>x_AHfiz!R^+2GG(?Apu}=f#Lb2G zO@u5kH$ts~+76YEGYhXhV$+{mySdeDxA^zg&d#M?_L9g7$>i2%B=QH|9`b=v27=RI zijI8jtzy@Xpf5>CP!6(lK#=Pbk9KcF;^jgq$~XwFI~FCqUKdh8B8o^9+>r3bCAWG! znF;=ui%ZRtv#OP)yAfI5l9&=i7qgJy_+cfY|4Cii4GvvA_DIpAf#-HTCXUjTUS;Jz zW>mIY>}6}`GB3t)^ET1iR@K4Q3KqtI9*h8oSqWa?#G&8VXcMKTn2bFZ|JC9}tp&7( zp|u6}gQ(tCLaHc0{-r3z(mf9Ri90=UIz<`MUMvu<6f9CMd@7Qry$T;w3}T~wfQPV8mq#;c4(i7QH`Ae2ma=2XQR(y2zJ6CSRdFNjTTxKkV^B+~7+_7uXk zc6GHa$F^F#OW*xT#`aNl{M^Z8-;=#Get`T_v>Ds!{2r3hnMwg?85f+TEtmE=l`Dq1`ovc2z;MB@G0o z|6G!A^=|wxDB3ASY{l-JgJE}cKpZ?CI)>_f5LgS;Ya)VBy*zR+TV}U_Y+mBHWRiSbd6!O9fm##Nn^3VM9qgeUvSmj-XoR`KHv0^`Jq%RB4xXFjtnx^NfYCh+-}EfyLWDDb8KDPinNm1wgML2O~RsU1d9jp zP7PsE9Zm%$w6G|JT~aGuCkS~MD;0$vRWq!p38zbD@0T7CMIFWO)u^Le92ScO%TdR0 z1S9n1aNj!U3?^0|AC9ciLAPTaOb&+jV1Lp(7)%P3iiFfozh+fO9tmSwj~gsC_m)Zf zg^sVV@F+t94r?Q`nG`!EIYgauCufVpwaqwNo29%YRLo>b8f-Cx6NVmj6YlCvICaLo z_CRaGNn|%BeKI*XwD710j5kQ5@Ys=>u*yLjny^Xx<|h0g?pt8O zW>PdT;dMOmhE3Q=rp$!F;0#T;r!(Q6aB?CvVODgqKPKJ52wS~AwyplCe_&zU8CW*% zjys)!GnkOE)P#F?H(`_Z%}u!XNG5D1MFSJ=J-!JW$yD&deM1xO>rA-MP53}-!mQ|E zeAt}~x`!6&O%7nV*x!d~|NhV#lKzB{PT#>Jc_7ihy9t}LZ*Ic1hEDH@n?|M5-O zNTz}b9|%pD&%CaZZN4j*564$WXD3(3%P0=!$9w^=I7`!(&88E^H7c_d(|X0Z3%9lJ z=ZkoC6oz=ksM73}?bgT3Vo@l!sxRE^*S;T@VtP}ia`DAVzc-&JifQuL} z&qaBODsr6U4>u&~1Hds?&aHDFm>S!wJ&5p(K^3F}U_@;UK>+eq9w#Rd%E z^dR$&h1Up9JySTXGuK#nYs2X*Wy1hIJw1G?QjR_BUq@;8Ls^?_x5hNSWB;_&KuZ?Y z&yJ7IBvxA}paNQ%js|FXVFl3moJbC|egl@pm6bs2i-D$^J~abc-w0?AGCOJrw7x0O z)|nAK4AA;|pjD+5nA%V8PmiImra`z;3|7@rDj*3cYS2`vp@7st3#ma<3B(kXxEhFY zHP{%g21d9VJV9IyOmQ`MvbY-PaaEPFYH#0pfqi`<9FX`YDS`@hRj^5mNmmMzbvs5S zSt|JaMS-gWEv^oXgb`O$g6TjErh|=v>A(m~2Tu@82c}>uG5@5%bf5=QRZ5|ef%}#k zApNF>Q(9Y#Cn%=?$)Oe`hh{vA>nTxkC`QTQ#!zx-gp$K2h>}B7lpH=;lpN|&Qk7C> zW!Cq84EnwZ-RYEsDtoMy)FP-(*#uAJS_*UxwdfkIBaN7f5^F;-)`lCy+RzAV!zYNf zp()mePZn!KJ=UsHO2QsPsMQMULccYDR;{GK*+`4C(Hf$Ni6~(<62ok?F_?{vU^aS! zFdLb|Z1iMdHqyhaCM9pMD&-nNM(YcCp1!FISu2Y~UsLH);izosY1i!JHpufak-2_| zH@7qO0jRx27~HrHw6&M2E6Z=-3I(co;il|R+THzbFS!rFT7;x>mN`9EEI-Or+pR6< zM-)!VZ+#RZAv;W8uIP{j@tx?MpR0wvfBdsz+zzpQji;n~SgdFbJNbF~%Um+(B48|b zi|3nDkxS>ME4~&{wIiGB9o@R|EWah-@J)a*{(LU~S~Pi`|5khdqEQ$e4lXcIgJ;Lu?+M|VRk?$o zC?9o8dO`N z-f4&zvwtqZBt?FKKSCR$554^YteM{+aS_DWOMEog4x!h}h}&g#Jp$I^G_eL&ZHyyA zIcCXTpZw!sJ`a5Edms${aL8AM_}pHR2AC#^$|4n$uF|-2a19)M&lK_aOZ^iKk8Lv z>Xe9Ltdol$-hY2|fv_FBHz4K{S4~pqC}lRGpGZJUm&-O%V*{&9ogw4k7~}`*#A{h6 zAAnDybSx!K0#tb)+@u%qNZMj$9{M%m zf2KQ4sGtw1SEckV!qZ^8=j=$j68i1#eN27w1$56^{mO&ES~s9=9-r^1{5%Lu?-<|` zKZf&`cP#BfquxxKaU(yV6OMSripx5!N#Ecb?0U&ay^;lVbnu9Ayrlitk*Iphjn2~G z_yw9^FCwCHVh6hgQN!GgXuK^6K3OR~hd4_kXBBd#_LM}ryuNX`F1N5U`!C&yuBKeT z9GQ|2>5X_aUb>~O4HXI^4E-6BUzZRxI+6g1lTZ0gY4dpJ17}WIIkJOAgW{Z{Gm{?4 z>R=j3#o>}DNJBxU1f!A;@kmxwUQ%f2?1Pm2rVV2+nn6!GKa$m*Y@}!z;A0Y^=o+Y& zE^cFOmQ4qJJSWMGi%wuK=`uhPfCCke;LuNkdpr)7ae)M-e7Vh69H3^@o@Wx%g$B0d zko;?bmvmt^vqu*ffE)NoXIj=R%qn4a^Hng8vFls;WYl#muz3sG*jdZ6waR<|qsDd` z)2(ZP;t#^nRN@t3LI#a9KF(vZSZnmG#HV1uF`c1Omt?aEIrMLG|EB9Ne?zQesp;5( z=Vf!$WS~Uf-_Vb*zyNTJwvWGmwS&%A5ljKloJ0{_iDPuZLT+JNN~z8%srn?gO^3v9 z(c2(~K@-XWIcC3f>c%e2q%4N)rcF8#hF``6!PJ&Q!u46%LUG}E~^PBl2k_6%fH*<-z1bkq_Z)fJg2hu*jf5eHQZ0P43DXe+)Y z#IMZF`MN0UBmu3Mt_ko4ZR}H}2PqMHWnu{3N&Fi(41DTkcF_@a4wUHtng-UrVCleI zUjY_{QjB%qMcjy~z+i>kRw*NX!IszRi6ZS>M{g1b==#%Sktx$lxtHpw%K8tSu^YwE zCn<{%kWRhWXQFaZmJwA0m0=Rl)h+rPy+0X5c!3s49V=Z7PaEmB(f`p^ zrezc-q`};8Xqa0X_O_#?6YNymQw|_yC#gXtfz(QC?SJ0?fq>X1+45zE+kwxQt zn6npJ&D)|BkBd65(Z!K#MU4B5vXv?bSlU4hq&dNlxpGsP^D)ebcBT;^9nsJUb$3y3 z7umBQfOvzcJoWOs>F`B82-9-WCkw}m=@O!T57ZRBpy~h{giec#Jp{N1>V-Z=Uw{4G z`OB}rX1xXj3LE!e8nD`1Q26IN4^e)n{Mkzw|Ja^}J;VMq8Iog|b|qUFJ~R@e5PpX8 zP$GnwA0&byH9+_#a2*yB?Xp(#s=y1xM#OR1{tnQAxQOnsV1HF0l8mKE<74RgYes-d zmWnhc6FM)W%u|iHi8+2e&8KYN*7^yo#AL}U!#1etRf-|mHWR!kV&cA_{z_sTbTbQk zu0vy9W>UrFU}hUI`}Wak>Ed}hJ(&^v8o3j$Rlb~(u4?8sS6?+uch^~Daspk1p>Jsf zl+2L3`_O6rG6pxZ1Ry7YAZLo+;2%S0&ZA_m!d*`ujZvy66|Vds&N$mepuExpCF~R>A5Kys9KM1HS z&XLMUlXZIs0&|ZBgH5bb@Ur%*@}jD|nx^iO5thNBCU1kx(X7gb(&^ILuZ4B5qSnA2 zu;lL_6-LI(NK&5b2LmoewfUx`uqyp1si(EkVx80joU^%Uf!|&=Ou4hK-~@iuxr!~P zyeYe(oLt_1`4EXzj%w+eID%Z`W(1mgLSD70cSoTOCK^MhSXUf8Xo3c_V4-=CP#RgpL4ht9Fb@JsjY$UmCWC#WL0&hw zHy+fp!CLAMH{_O#EVzVr^HV%`@!4gt7HF>Rr4*-i(4MLg_uvLjQT)wLPlz^)w7T8Q zDT(LP5%-yOcYmiN43qAJRzx4;WIN+TJM&WyW~UugnRtd-cy~SB@K-t2AkV*RlzS&m z_c9ox>s@)5(+Q0yamUZ65S~vVJfA|?)G34wo<3*{<>yldf45Tx27!(^R5l54jDj13 z(*v?t#V}4;pLo-EQ9PRoE=tE}sce{DFZdF;m zb#sG`-W*9NHcAc3YCWe2-A9U0rrtmMg}Z`1bo7U45B=Y$Rd1z*s>O?2=&fX^Y0)k5 zKiEL)(5066YP`C_bBw;B%Yw_ff8|cdZ*CL=wvPEa;SWI+v!ejJt=3N7NFimWKxq@V zHa_3wtG|R+B8st2wAme5#iyW}O=o%Vr-@Y-=cZ5bF5mldAFTXCc@J8kd0N@sbIJH4 zSkk9Y6FX7lUh+q78|&p_X4R!RnfGNJ4?DIzRJtdBnsoc~Rl`Q}6Xl-c{Un#=0!- z<8k!O(fcTiJQ-Q&{}{yqN@KFDLH^?XDvQ9+g`n6AVy z9j5!K{8f43G)g*QObUt@>YBk>sBE5Du$L0GY%;MR^7sm1;#<(sR@R!e0JSrCCd(!4 zt7C@>JxMIN!T7FE4zmfK7Y)@B7AS8pL)ePOX2mTXfzbxdI8flu{GT~m@z z#GoHtrFkE3@eN(6BjSYG!dPZm*0<&KqvX}g^8Uow!wx|_N#q>BWY5^(+S00`Ro&~L zpr+X3$r(M+F3U?uG5}bp4*nLgi38m?e0lsnw-TqAZp;TK2%2pcg`;4?l(mbFdFHH7 zZW)DbCQ>>Jp>n=odP&;QrgKNR&X;r4X?G8^EgEQ#IVzUM z)zI@8yZL1MCh_vgcbeLXJ+zaKGHH54t~+PB@Lam+%|wR@n;WwnUK`WwVCqlP684Ij zOuvozmObC7PveU$g__!-*t!vQi*+aqb98y)gANb!0fs-#VfOvu)lqK25jD!v2ebA?!znF1d%sV&8W8_bh4UFeoijzlXQvc81 zm%lZxD~bO8zVH1HKHU2ra7oC%bq{AIWDjH^30n^R_#E3wOdLDdPC~eI=5K#0$@`Lx z&<%8$Ik!QUN+qePRH`bK_F0PeS&9kN^`mT!COZl}WZss&F#5Y^DfS7>q&80|=ofCd zIp=N!%7`uW7e^@-6to; zt@g=@*A+`^QSd%F@$QooyDlJYcJXL`;pkm19DVql#9t%WdxNXlFqywB-SO9$?VlA| zzib&9i=*jRWKw>wmHaJk(EM0`o%h+8*DzggdSCBD41L%4^p;W4J{$AO%Me>$nAz&0 z%$j!zHn~Hv@uNcdSx z`?Xa62^Tef!wVX#E@o_TA!ErU3f~J9JIDmE=>-c{mri^ArUvPceQ{#b3lqx>&8yRn zn$=gwWV|8XfqA#Y&qLTS!~u4iHG1F&iX0xFT1%bTpdPR{7{*i}JV2TKefUY;5^dq#tiFq%V;sy=ac zIz>FcV&fm`3~RY6kN|ZAMc;UMmaZvFs>DdbH?(OY_yG!9K;($6AaAm$ zR(|{!I@!en4+m3r@^FCujbSr_jP|Rnsv;So;L<#el>9M%Y7ch<&+lPViOlsi15*fm z-+Z4Z>p;Qc|&|GYaTqF|l2iR)n0@fCk z1tdlcy0QWCnYhgWWo%22)jkgYQLn=Q{o#=I(be;<8M{c}Qgbtsj>HoF11*4ANS*PDNhY$Jorb)Y$A*2@arkQrVhKY|< zqC#LUcaZUQzKMF)X~<4BNh_bdb5~K1Q5k?iT27Wjw}5eCyfK(q+HZM$27j5)HbXi1 zUrT#0(pay3Jib~SI3_bhWqr9n9=CG8eO7AcNROFwf2qXNBk`CO1ojt_o7#xKT2evJ#Q!%(Xal ze8;s@VcXa|Yv*W1LEDT>>n$Q1wuod_Vq|ZT3CCBizN1AXx#2i6(bXd_z&#M2(V|^Q zv)FdcGU;Upegdmq3$=4Kssrb9m8ys;C--Sx!Hq;CcD>VnkgjoKhGvHP$!jwzh;CRt z6^^7phGN{eM*|Bfi5tZJ` z7K@df_Kkqa5)JVW_>T611&LYLy8`Fa`2xJFe^O!GO1~9hltT4Ts70LU6PX7mBvol* ztqdL6F?8(F&%M7KKLH|<*Mex+o7O#+2Q8&k#l}&)g&6glOr%nAR5+Iu} z`Yy>VqD3@5b6gayAjMH16#2_GB3BVXNnrq>w$xxMR8)FALGx-XL;%rC4o3Z|baoSIJL3aC%$T*a9;EzRHqbRZc*tPM8* z;?ROVgz15khSF4EaRdVBS|-pQqG6WCZV|-uGKWMQ#5>4n(!k>n z7i1Z|vT_QSVMGP|XVi28(FuBFfqvN)`x^lmk{CTfVn&Xz3FXw&{p;sDI5KOj?_adJd+e@3Z-3UK zwV2Uw%}3srjmyuIsJ$v{_ZfOPj3`I)jbAYS4RdjA1blgVE-M|Z5UXpTu!g@<1G`Vy zrPW(IX@~yfiOfD>m)D>Bgk5VU?Al(SICFUU$&)R;;@-Ksv`q|RK9Bt7D3A!FZ3S&@ zhr{PX{0q{Kc%*8zu_yaTgW=m8H?@w20NHlZ2nL6c>os!d-0AetsxLP#%jSV=yld(* z<|l@QMOTD{MfYK0{I0^nbTKiJpi6WbpnB-ABZ;8Yu?Tax@%1|giaBXf&v&*D6oVz>pEw|-M1Hj6o$<~2l%V^#Etgvm=7{rVzV0BT6Wh=^lCxK*0@@Pd7y$B35c}`I2 z&QOMca{*GLL=*Z~Na%#GIx5!hv9R{NCMjxBvvw?p)Z}DvMxEoKTWh2N)|<0>EHi_e zux#c%v<&K;<3#ER&z00?>BSMGfH9`-`1thH@lBgSv@4oWmzy&YE;tj1#T;kHBVaWu zY8J6;g_A3J(+sEohAoE<1Eb5bXgA&lOzSS7pr&gSqeBIMI1IQ@u#eKR zerD%qHe?>eQ0R8ZtDKqxGWY!6Vq(@sJ+_9z#Jm zTLjM;44+iiKbZcCGdwxyzejU|v`TgthFQ@*yLdL=cjh#*Fh>OR;3Zf=hWXDeYPDS4 zS{Q|hSxx4mvHL>}sglgm!jT1`W9na2BpfzTw?q5WN0$4T{~hz{asfEzFU#Pi_Vg3z zlMh+LTu}6t`aG@#Qw^BVDiR|4omiyoK%5Rl29xWG;Od722oTUQmBFluXPAXWG}@j% zh!6{g)=Om2lA(s*be$II7(+&X8pLrkUrmIJf}n9Lx(Aonh;kCt{0%_^-QbL;gS?1P z3}TW})F7Y}#P|etd_q0+dnlF4B+|)W;bzE@aIvh&=8*C&OWs%AwnPF=C_bRCfk!72 zPDKKpNFo*4yEs0dizDi5CyD+<7l+4Dhx$1#j%DM2vx{R1@So-4So5T91B2>_)f?uOSS9z^_ng+8OG7g^@8B!jE67O*%`6XA;?Brenv zwc+%G#6q&5l&Lb|8D5$y6qG;*S|%?6PqH%PC(tD%NP=8{B;zkh7^TV}jSy-$z7i7o z;HJ1+4R?|cjg@(X7(5^19QiFTurPX(HjNk1T5I9R9&wXy^>&RDpyLHJCrQB!MuMVS z-!dQ=rgt_^Na5h$5Bi4naPaNn0Ma}Hm=M~!aGW}i#E^nM{e>z53!z^j&R*kr^cN}z zp@3We2g}bWMO_Ho*~7!bK_68LDyX+_R5Tp^Ki{G3Pme@=k|qHEBZS)j`Ec+z>HtQ8 zVdCU$K`IQzCJq@V4%R_jJPS>IYAOhSV=&m^g{$B{&H2*?$g}t(onRvAWFiraaZxrH zXCu*Ix<|)@=_r>-^`e<%A|1g1*6P$42^cn8kgpCGYXgCMaJkn1jgB zSS@#84bY4x;ARH={H+0Lb1LX43aPAcaJdr%)eS(EI#t-#qJmL$|I{D6TiAXx`_bru5CADuq z(5m4i0K^`xE%@KKjYfX4Xg@)xX*!r;67gWX&qjiDw3i8{H{a}V>)3I=pWnxKs3(~f@gxvIP`S>Y_+~(i1 zQ@Y*9zAm}DJoA1u@9?ZS2;cE_W9r|S?(zH*FdYfV6A1CAF+{3a7I3KCJv>Dne*Q6F*VYO7){iv*KbwIuhvzG6TUrK@|qd02)DQFbx5VlqF&+HJG{yJ^)0=37RR9=Xrz%j zEtUM{?6~K=9rfYMc`*m;#a6JM5640D96q<6dE6KN5Ohgez((X4gb0|T@EcyHR zJ3$84cBMK2N`M~Ts8=?wl%s0erE(J%_21N(9&tg11W$Ls9%2Ei zN1^=N;L2|}2J&yP%~%Q%yuWeEd28W7rg`yiE3(Hr<%ur*ZI_evkCA{K8NIR=S)^Bk zfG#JzsR%mZk=7w*8DlQ|C)TK<_3$*}AfPB>l)G;3e~d}?!yDfshd-PZ%;;F^5K-!3 zz&4qO|2ovB!r&1P?Nk4RQ?o~iqymf31F?K?FW?O=@|?idb&+VS(t%OIkp4y`(}ZZL zmM7Ea*l>)`9jWlbaDusOA%V&(d`}?T2+oph#ej!cSTvd$yhf?l`JfwD0FPw~wmn=8 zH&=N<`!MFCkD*M!wz$-+FjOMrGc zxl71^YGiAOKM3Cl4uumlWX`JptWBelHG2+#w$xXbcH&L5IKSNrN}{K#nnox)#~T1D#RvYsZHg{BzGQS+bszK>&S8+6NOFYt|hMx(s+Z+{&^A_OG)w^>MhTz zWC#f_dln%alWuk(K|>(}rozoQS~dxoZ`yd*JT<<}q)GzsPUCc~`%UgWC(DO@?d@d284CQd0d=y6_teaDk7e z^~Pe}S}(2ZQM*)p_uB3|YP*M8wn@jZ4y}G5FJF)QBztydZ{*gN$yeY*UyXUEj`FuC z7hl8kv&o6o;N4w%cK5uyW8OXdx0PL%uqLShOlfc6FA5w7-wpZKDhfUT7aP{d-;a?Q zSOlt)|H_Q)#b}?5lRbA~N4IX)!nM)Vm^C#EL5rgmY#U%Cq`N8%r`uAN{1El=k?(Ua zyrL>cFaiPxek1oN;lJa+YFG#jP+gA>zsnfH+0p60{`2_zVIUI78aK8IdQKf>9guqW z%WE3bY6>bc2DhZrJ~)h3ls1)b6g&jB0*|m#iuU$7S{QT~`phB-P}x8R`A@=5q);eC z-f)I|uaq=Z@w;=>OhK%Me@SwlX)SzB}j6#_}Tv)cHlw4 z!@yxfTe(9ja99zwUp@F3)*8}dqx$Disdf%IwfVl8R6Jnm_kT>daEm>jPNb3nBp?7v zi(`1C60llt1|Ubqc`Gm-F#{HGv4@rWjba0aqGbmns9@vwXTR{Xk=QH;-HAZji<);8HRVo<~J z&@B;LL8uwfWLOXYr9fK07M&NT+@Xi=l%vTbOm=Bzm}{)6SyXSW`}buIXwm=y-rcih z?F=Dk>vV_m5AlM|7g+r1FHC(!k!PLtoyt1<;;bp_tP&0ZWXqEJ77^!MP5WZ*h1wSp zYVRb|5aGDQS&O{nfE=W|lnnDxX<`Mw+zPXzS%GLPzXf8{nuv&JI1qf%Y}$iUu(ny3`13 zlU=J4GQgH0(JsVDd__~jvJrlDmileB-*x1``fC2KcUJ70&8=GJ-es|^cJL8g7Ax0t zFVlV_nf8aDas>yO~SuE3-?;Ki?4JlvHjSF-hdBOQzLa{uyQ08j|Tv$Hq$2 zCCGHlTzZvOmwK;*-W*Y{s@=dN(gt-&(JYIEk7A?@`%+TQnCo52A#I(0kqp{!O}Dt0 zpgqp)eJddv--|k5u`$=C?gMEx`b*p7w(;jtY2JKg$A9EIAm7iD>26C(b`$bv+Tr*4 z@T8sQ!!tAT+F|b#;=NBoJZ;S!djp=w02#Ah^J}HfBbtpNw`s77Re<0^0Dce1e|jCnXkg7*G-z`%k>p}^J56sZuR?qsCe6#5fJ&3yX{B+{O|9_zvO8I-Sbllu634iu!#@UYF<^8Gl77Zkg&`3h#HlEF0L!An5V#^WW>r|8+>jP9Zzk z1ire9+(RGy9NWNl?s3hguQm7tesO~EKHT&tO}ro8A3WR?|7qQU-yC$><^+Tt$L6z^ zYP)i7TO>J_-yovDO5o}CenB5E_ue7+NgRSJsd@+M$XC=sJdIMHLkY2iJp8vQHCMVZ z;j_JgTa6(#T_-a8meJ$ImCtD&yLX5!&S;4ECNvtSZi0cAnOtrH5XzrYfZMLQ8BD!u z%$ECYKS08uVRX3hL_iBsVKD@Fl8zTSAqe~f?9)K3KI6GL#^j$0GvvlJt~pfIiSjKJ zLPBpi?VU2xI8@U|6|z|Pf)#C8!CN$}o+OQwP*0G0p)rlL8aYHj;xWU=Q{uJ!8HtX`&njfHD=gIcYlf&3*hM)yH0HI%=~WJoe|Un>^CAHVeNGOX z_5QXO{OthrZ)bfhP647ZQKt=a`77?_41YIVfE zQ-U;*z%Ggtt07%MqEWR+C_PnXgYT3D>{$s(Axh^)%tVN~(PR$6v^C=>w5jo`1hEjP z7TRH~2Yi{EBkm(dd$g#FSE!}mz6Ma{9((#Ac80t{=>tH$$TA1ar~n6Bz~Y0<95I?L z#is%%1wM~Jb~Ty&1yjQST@J^uv~dq@FSPQPPFApDd(H$h!- zB7@L7YcG%l7@szJaJKmC2dRcctcd=UrqdW7iW>v=xO*ng*S*Z z6K_eQ6!b-tge^Q_Gpr8JP3=P8JzO>sg*{(qzedXQS}y32AB8< zCZdM9+dk@zb9xP57;ut><~nz*lCxeYY7)n{4z#7(`1oT`Z5HGe&|!% zPwqb|S}#Q2yW2V?H-?4|5kpD#9f6LTvFtubq0NmKTo~cf4Ukc$6VQIv#|E9hWz>RR zGPwq38u0%zwGt%nd>SFSBCj)Sq|J<=o~|ZneVp3+SabBOMH2W<0nw!JiXCL@c^|wG zUn0@O)2P;8UKKpHZT-j2d#=NccZay4PVIS340?5H+O3py);8Lrw6VHv!8djqwyV)^*<$pz7fW`S1C~eXA-yn0?NmOYK_n=8 zj9Y`QSp$|J=&b0%lYc|o4R%Jol}2wmc^RzpmJ@-7r+$F5u)F(25DSLmo+kqHB;YX; z9dvubF|b-u+e{n?5;@^{E+R%Zs8_K!B;s6Yh;|`-@E50hkIe(xk!=2Yxb7^WV~Ed* z<~TrEptz1S`q~rz0yuumWm()G=E(d`FV0hoLsWN&RRwh7~s(=j@k47f2G=qdd=l{tKPC*PD%G#tqgY6+or5~Ri0LS$I|{fAwc z>s;w0108G;b#N1wX8KaW80_24fdR?mn@$>vdoy3>>}?|)Y?yHGQcL;65QFYP;kMf{ zhyg&~8kHeBFt8pKT#Sy+{b{sx9#stk!dk~_`w`f2))NWUT8^@gjfHjgzA%|12Y`M0NENSYy|VdhL1!1aL8e z9gt)5WE~G2miW4)asb9K#ltl*J$z&3ErEah!()lbbYp9**DZml-A|BN;U_R`rale> z{HHlF8s^?OG+s#3EU}vO0E*pfH*4|m3@hOj_ zeLlpJel6m0pD!l%&M)btUzW4uzk@16<49ERiMWW%1AL`L~#22K|o5#0ABpvtr zmP)0P+BdL;W0N_#=Ja5@c4@=_O?W|jym5!-eH&Aml#f^|vJ)5F`Vm2^oN>GLv|&N( z;b8mYj3icF_8mLmwu`8-!qS_4g18zh+OFstuQ7SV*jTHr6=`E_V8+{c^|p_?StIJk z?nk!A-Z-avWdx43!Pap&7XNB2uq*<{w&v@^;k2hcBDMm%4#w%|>R)exjqu=8_>>OZ zw@2W(R%IWD^Rwb`tYhpUiq6yW$a9<<1n9UfkPu3@6Z#j{2-b+bG4JGWxBKtYP3_Z7 z?PhJZ)B!$vx~b)A!20Q?bUnaK6Tfps06-VNOtPu%wSeC!Kaai@#30X7C$vewwG1kMjznFlODK80dn!PlY?c#OiP2w1+aPyj47VJq?gyx;JbZunNJ zG&Xw2tS;H$Z8@6WZ)3Nv>pB~{N9A2@==ym_v3BuU_wy~T(>j-8XZLA6x9zt;+^OGM{b>|aM{#-DGlhiHiVdhVF#+t$J1{-EFNn+L+o9c7j-l{tmpL}k6LGE9+pKP z(E8DC1#Gk0nO7=7U&OVwUWK_)?d;4$MKRS7i>Bvs11T~*_Oit5V1OaeUJDxyxpafe zt=sDs*ORo6AKkQv_oN2J} zne8Qp8;=&dFyL&xS-CPxe(bF(;AvN(_0er%S9$Mblio&wH|8mOyWM4X)|GW8aBpS# zY*rT60}*DpiA`ASK=u1j`rck$^E__p+n3{X_4~XV(XrlH`S5$>Mz2O7dZ4u76|~`5 zxqA7#5uVpRBD)Dr|7C)~<2(oLY=-s| zYsx2mraTQZkX$_)#z&~JvD3eSZxJ}#x_x36UZu+F^SV?0^}YO#meqZ4#Tb*`EM z8+`8*?0wqp&@U`X9D38PnBGGv-Ys|wk?a(*PH#H}y3Wb@P4Iu7h$ZtwwCR#l%c5Yl-_8#2jK0&VSXP+Q@e-E zZy(A&?JcRdPkXyhd%I72yDMD0iuY-6e_7gFr})>~zB%o!X97SSdUNBnw=O(4NPFvQ zyTQ(=xB6UZZ?Sf&@=R+ga74L^93G!qOPvXEBl~o?{4Ues2Cu~_*lvjS2?1ENIz=OX z%xa533$P3drT?u^@b{O>m%Ew@wT6)&4!FN6kFJYsvI1IkE5EFpSl4^(kJe&CN;`*- zfqF@R=<<`kp^~HZWKjoRX?C||Z3DojhxQ5!CY3%Mo6UokenG=v3lc0nB|Jk_niS2l zs8~T?=0lztQsBW5C6z+QU3jksv5&Ao=V?wnrL;pZiw1&YxF{YTolzu80NWuVcUF5n zhNM8H(9xT!&}^HNn0> z4+i8T*fD}&$Ovlim7xAkkC%St+^APBz_rH$cmhV_?E!&(qi|fNR~2jthhE{n432#V zlLd7~rP%KeA{3&nLMw{sMeuhYh!P5iT45QjIUuYIB>}uR(ZqL(e928^+4?0C*1wbu zI?=;Hy>9Cmt|(qX#D!Q~T^#BD(_{0iJ+5Cj&K%)ENqv@H9MJ>m$Qa}C@#(4Kn>N(r z<70pK*TaF^67g{09RvDsK!QLY4lo(Fc_f{H$yjSJBdJJ(2t)Oj#*D!Odxy$o0cIk! zHy$bsEyBO}UQoapPX-?ZNn+s_&}2Ck*8xk?VZcmnhRXEcgXH6}-AB}sR9YZ`eCDMJ z-93aYP^cJeT8|2+9=Xvzwg+2GF43afTUeazsB)2)6}1g(hblQQ;2l!|>XJ6U(=X2N zy@f4;)12slZ7si>w24qHqZTF!?urKgq=2dnZrM}S7p5xh9OEJ~4+680i)9l2!!9SG zlJ!CwTw|cohDIH^g{C*aKkXtJUq~{-PP`4KcsD5G-B4ukw$SWE%KlZG9NJHbQ6%MQ z2|CbkcVZ2WWBIA4!3&$lU?W2ln%5k=OMAD}FRb3=RGCM6v)r&)u1YX-9GY(0dnU9d z#_XXsVNXOlx54VoX zx_H3RL|xSA$pivJHWdSX$f>oeG5q-2jxpIn41|8@&^HD@y2VX+{ggg`wE{zie<;9e3s8lP>@q~a;bwGN*F0VmqWqn? zYhk~kllQH5A<8uK*w(GZR+5L&p75>EN-k-?t!k-ASa%EZ>7O)EY zn1i*BWFB3oxZm5a=%hy7ga14D6{Eh=-Z^{>^b7hGX=)7d_F!&y@de2fK%#2#)Wezp)ALhu z$6=~)vc^Xizc2pZV4KstzuK*aHjP-A`#;ezSYSgyA&TV?tx4=tb5c$jW%h9JgNWoK z5(s|waDYpXkF|;HYeToqrDJwIT}QT=1ZbfURi;H2k%PAW6g@yfUQwx@gb)D7vrI9x z!eO5eQsvRe;V*5EP$;R7Sp$ga+k<%Ifthiu%+@(VSd}n%2U38ymdb52U>G?EFz~3N zAx;%oPn^GPip_8k{XXKj35A;U5mBS@k|+QL61FL5iV)FEPjXske+9$E@<2L7P|5I79fnO#o9?g(GibBik< zci$QI_gR?k7`I=t{(1#%GTjP;y@xY@wD_aNGH3fOW3>GfR+gFN%|>F!+1RnIJgeV}y`RiR2m_G!jCCyoyXNFE;l z75;G?&>LPi>+Na3&%dnQI`ZS#(tjDX@$TF@ArA+qM#p&x)KDZ7IMOHD5RZ8HOX}O& z9G)H?d-X)xqo#ZxHLw8tbD^^aL`O@QkXr=TW)|@ zRv1V~XBm3AOv%sN7E(uRANBIfqF$W-i3%J2iBT_6&-2y#Q7<0Yzd7nSOQ zdW|%&`=}SK-ahJOANAsDw~|J!ZQdp7WnGD~b=1rDUbZd5UHnF4UTWVw++|akI}oHg zw9g*y5?c}O65EHn@Vf|iF}6j`u6fSUsB3h1_`Ty>oaCo9jQw!H{fhA|F<-gv96kp6 z1>;+KIujt~h5V7C7G>$qi>6%}hjebJ8LeQSHYLOAfU=LTSF@a;(gq})LXM-bbIQ0d zuVC&5KljDeCDosb*iDH&+=%~}DdsVJbsGaCd4|;?CsK$l;9P-o&=Hn|YlB*9IZEom zjdv1lLsKk`Q`Gh079s>4pem?u2sbbWtS7jWrfN@`imZDo0K!yM<*5RGWgO4L=qdXY zN*PL1fpxm&aRva01JY9?LpFgP5^V}RG=oEhILiej3VIq(aB{zve!-tQM|1p*Y?95sZ=JB_PiP8A9)Zodd5zs!q_yD13wpqMAi8M?OmuT%sc#w<6KY;>$Po)R+xZ&UZBL@hpPzs zfkF%s650un-P#Oh5YfNRs2M0ba*P}T6`h^)ov^vmpbqS+_%8rq9fb-X=TPDBE%sdxvP`FiYL{Vlh<;Rvg3N>$@Mw%xTfbf1Ic4c^b{WQW58o5 zknq41JZCU`Qd$3COa=l6U(tV$<^*Y#Y_n*oXrEm?o9{bwUO5On1uMuf|G7o2mWx{p zqYyEx$y_vcf2bjJ?B{6V$b!%@^)D(C4x6akq5bJ2%PrjlJ0ih3o;XAE0#v0*9-}K@ zGe7$7m_N;#>ZoL&d~k%hpy(^Ley~%-JBG;_>l9rb>U1f2sOHo@&dKrP=V)X0aZVq8 zEMF(iY3t+*YXv4jwgb;eLf;afI1_@0T=pXd+#Dl4wMf*5}x5gnj?Z_22_7md}VxIcX`f&&z*uOarVKeJ8^)7J;Yg+d; zu=_X!t=>KkVIPO!YPXU`t! z&mMsgUlD;2-$x+uJB>g9(_@>V#eMXFlk~KP@gEMjUorY1?kmlm!^c3sVDte^f$s*~ z@{pGTGC63bWUA6ssG~^u^acJ8Ta=Y!av^?5&p1jmlyWQ;34>#OEa4pfVsIcMgyB6r zm6=dDB0z?F`JAf7HNZ7|y}re?jr$|70gzk#3XUTXDbMGr;r6cx;Rpf;4{Acb4xFS4 zRXL>~c9dKKls;!3<`Q6AQW1s4DHr>A`A-DHA>M$3yc)4 zP7i*iRdDoM!wi&fMsAUjD9sUu0}kRkPT?g0cnClbb-*IwBG=BMMP>vpkB+ar@Si+; zHp)iAgE0Qd3D>h+_5yq)rrUoPU^_Gd>v>pNs=6rnrQS8>$P@G?-uxxLaZBn1hu`TK zJCkgw&;Njo=J-)xP7Ol(4E*>rVjgkva6l4Kkf*vKVg-U>P_NWffv^@Bka7yICzD?Z zqd@eDzzuknAH&W8fhh~bTofnHcv%ublv~~ScIUB%O*|eWXe6|MW9ba}B^@UJYX79u z#xLo#UIWT3j$BVpf=~b}GdTxZ$=0(JH$nRm+WG~cXptL8NG-)NIe4_R0x>=YF>~VS zoFDNMj^*i7NgjmYuTVh;@i?*h{agb#!VXAofOsYmi5^p@r&_LnWFiquSi=j@`cI~S z?H@1{YdFL5zyrz}d7wGwS{$uF7JSQN;!EG>_IOJCfWRP2fL{$?0YQJ98%PgYo*kW@ z{O9q}_y7LqF#z#J(LwsX4pa@1dO-!~_$Wx8$jwYog2Jst+ zY!1S`I=Lp2x!5sBF@l7jcEQ4yDpu+gOER|511u7!>Z!Rz+JyfB56M3qz_fb&BDzVQlTNko{aJAEj^f}n&pE};+fi&Nt$NXy6LqAAUj1Dl5*VrVl9_IXjm z>l)Yv*q7{PB!v!n=LJSc05AeQg?Ydawc^bZ!u1rS(en_+2MF8d7(;GzoF(#)CW0AD z4i-yi1-Z3`9{6YLj$95K9H|0M{x*dA&Cgpb8>uso;8WBA^G#KnT-1(HWk3 zW(e(j1WuV%tWjq^Z&{cRU09^9$zUX61+pJS!Yil2TI4kgW&!$&A4>Lk%L9k2;%>EQ z7cFS!!_1XWgot(U9swd21b<#^$hwJed?Pvb(INZj5c|)nf&A+5inomA>qLi`uY0Tu zaIL72cye8M+&=OHe%AEJ?;}6#KWk3gKJr8VS#!enksrS>^22Gvudwl-82J(R)NR&} z{P4j3&5<9QS@x-SiTqg8v!a3BM}BDa_K_d^$PZV$l{9K?!@Ni2$GQ?_N0A>}xlgtT z1o0b|0m3o5bpk;)g}DQXszdu+fgrH_JxLll!#yJQxQ%Tc#QT5`V;_7Z``{xQulks6 zRvw8GZ5UmsrnVGcD%wM*FYR;06+YmI>agz|2aY+?1eIGKXSqH-6;zUg4<;SYHB5DO z!aIO?sG~Y-wz1*dvBfzzcVk7dAyf22$pO>dsc{fkPXi{xfNIhrD8PEx-|`YwmsARI zJ7iGDq@%AlIGVKl0Tib)uAO_?HoYvm#xWg80zD4lunJ56myD-y7o$*gmoALYe(rygxye< z;%cwH3Qa;-Xm7H%GKt&yVGYXmfVG0G9W7R&Oo++ViC6I&l)OH&9`#qDYFUqgEKMg) z8qf;YB>@x0Iut-^uR>8<0_&)7LkkVKzpX<$58q;UO*FdD8PZ8hEOC=9C!cU!McxlD6g{)s63X=}Gn0dQ!D4wjC|o zArpRf8^La$NRP9K(~1yD2E*w8J?_byR)oJ+u7;Q8-)2ep%X2~;q`PIrIb(#>HJ6+) zwaRc%7;y`~@0Ll$Ovou-2SxJZ;cxOZ4>RS~{5F7yL;0pf^LCjmj} z$uuNM5J>dMKZ^Lrv!=t=x83p~I6RuzYncZaaC-g5kLdvynuvq%5CoWv2l$)wMr$6v zC=H}6`l+|ChlT3_`mF{3Q@GD%@6o@x^3!x&gVL*!P`J8j#l^-eJBw$SNM9_cJB@t$ zj!8{ZrA)mqMGKu~?j~2fDU^hELyfjyo@u_-7+)_QK}Mc z7MbKgkz%*ilWw1T6;rSCJ7L)9zo@xrQOsm!cg0lwxn8JUK3&FBC!tRMrP_Utj*HPu znib^B*qpwaJx!7_8=Z^Q1^rqIar{k97_fbWh^ARGvG_2RW?PqYrCvTSw4Yl~(`>uZX{eE0 zm7S+$QCL*3uCv{G_9>Q|6gri9nP~_uWiWcl#>dK_JiLCMqG?Lr%_hxBshy07y&N+; zkB=AO(EWnx6wl9_t$Q&cu+dz+-wcV}OrIL<(b*VZTccTVW&cBmhXp{r@Lyte?96{Lnr*j&8%6N&qtkB@=~Z4Q{(z= zD1pwZi7PhqRD4nH>n-)UELMb@S|{4AzlLuw#L-KkTrFJZT6D61+e&rMpX1?1G%rf? z#nWhbQIT#g7tOm$F;`@=(#bs2D$H~IMX9}r%A?BY`ts=}*BTa5<7z=b^FtS(qTNNK z*p?RD(=aQHTlEW$4?Xo$skvA=StQ!^Qsx)=E zCM~Xpi`KbVXbj{e8m+LzD&=N( zbc@y@dXZ}}1C?$)-=EKOo!4A%)X⪻?=a?D&@OEZvK2zT9jVT^HaK(MR?aoh{)vg z`7>MUMDMfJiBe3xhHoySlln_c1pK(y^U;hOj$ROc7kMES?`DdNQL;8>=2z|4kx*{7 zZsn^cPj^H~xkh-r@@nY3Tc5m+IGGux$MeLZTI?k0VKP^5&#z`|^XZ-&UrpF#v)k$y zPR7w(tsQ4CyHUQ@iL=#e`u=3j&*%5^=i68piFKwi7LwKMq&Hym)9gz$JZUCUm)CbO zzRPg@G+K=`uk+*kms#o}#g)sk3RhUXmM;>araG$4#1N4&om`?x7h|DNkZTC>7<`5jVp3>oR_BePi!c3a~BG|*3++u^RMMf zzIj;+O^Yq&`lO=_PVSS!FdSCTGmTmJwb^CQ%cJnDQ%=2vlzM1ZzD>eJwLi7@9i_DLOt z*=9~nm5X)ZmF8+E_YL$hAL}rQ@=5pVF50cg(`m2uGUHl;)K;SOMY(r#RX{92CokC- zJic-1IX-O8`}eKdwA>riU~HXy1nD&6Qod1ck9x{eVOrpee1sW4T|O^b*=e)K)3~o} zY&yLj3gJm(n8;joe$|Op+!;3_BB(c-tDAT`96{@ie6K~X$i%=?Y+08M% zYW{Z6jkl{$&6}4gCk`)*)!KRd~>izn#zu8cT7Ics@^dQXl?h7%Qc& zs7#w|{IXx`(@nmcnAgu=kv??8L`TVVW}l2?--WvA%h35{gyT{t z@=GsT8;w#-X&yemew}8{BWd-SzT=+I-uoOqX?G)?MX!6_XpYY1c8#f)tIeB5Zg}0l zZ(m)O7FQ9e#1;7K@I^dQy(o2>Z8F~Ree|ySdY!K=N{a-|@sajI9KBu-%Ed)CGAX@= z?@CNMQ@j`n&FVOnjb5hDJ9Ja5OdBVO#l?-3V>*|&Xt0%hDSX#xEoiil4R15mWQ{`v z&Agy>UNkzlOriv`ujR&nSP~Kb*N9%83*mWZoX9Tb1Jvn-AoiuFUiFsXIill>^XxQ6 zk4vwO0a@qTi!#mglTvq3FQ#u1YqaQ2v}eKncATgp@miQPyGZ?3?$Y`3sMl=Ky|^e% zudha#v0BN$FxeX2LSr0Gl9#c@AXB<4W15vt82&1q5$-OUXj8k&l+Nko{rLWFI!bW2 zsoLe;HQQOd_IOcw9a!iwKWz*;&2)t;=Fc0wQT{S_&UEMeHFwQCh4aIKSWlh{U8PxU zGqG&%a&VuLg-V`FRWn%$kt#Rn_FD|_$t2&9s+rpCzVX^0T=ZIK4u^@v<^7+<(S{#b`m;30fB4!nW+ifrZaxK>9rA543e|a6T z^8F|_8WSGVa6GxZi=us5nHQfz^ZW2qm*A7g^upZ&LR_iU>GOG}_#z}PXGu1h7HY}f zxB~Peaa>!-G|+ZFeT^~7UH?h!_1o9VJTjfgX=$R&XKXkr2y~}=KbYPYFNMbCqL8@n z@X1g=^du!u#1J|H4DMz(xk)O{4^I|lJ`TOd_PwTaL zb)K$H+mf0spmB+pu{7D=qMdZQAu_qfjO*v*Tr+ylb7&9F2(eeTai@fzpJSP)7o@Y* zN1=XmzGx&y9Ry&Myc9>tXg-u~mYa2?>m{2PC+!-WN}ov0{_AUU(nlKgbNMp7sB|Yo z`sL}SetCVOHr3oLzJSF??_wH0|9zXL|Rd@DiUtNgU9BTDT84PC}wm>eS7E8LWi>oHNW zbCQfa)iS9v*1OR9$&o}#NOsSAF{HX)pOldPQbT)pTJ3k4sEpL1x)e{P5hHO=3$?(P zp096|biIRAO+H88Rny&EmFZ^ryM84M8&qwO9i3doyYo@I$fTcc=xL?>lI45xq%uZp z#3s>6Bz#wEB{Pv%`sw_BKJO2o7Q-7-p1&BU``0N($=|0G@e0xBODG#Hh|=s{swOVS zkwU(zK5;LZbEMOj#nE%7m02X}(wwa+b*`h&!QIIP*M3o7^2u&JK1tT1_t(=-Tpf*z zav^d--&QBrXm=2YqkDniIlLC`3Ks}>VR9vP^)eNeDX8p)d##S=@mov_#Z(!QS3;Er zH#NT5xF02eU!r$U7q?RB`l?Z?M>*ghnETtC=49GyS4&Ul=j=-+k7Qg)98FK8X@VU; zSIV7p9&Nl$bdaIBb}DrZa3f`9-n&QgtA}J(H-5Y5F@#6T}qG^YCVeXcrw?HlvWXF6Ph83UNt84Gk@L3%^=CWPiYF&i~o{7lTx)to?w zrmv+4Ulr1KOnT8^iuZ}dkhyqb@9xqs<3cXMUn&)$kk4ltSJS)kWPDY*c`d{$t;lAYGz_ zroYsgq;KJVz3b`QKg&S@VWu+G_*bJ)E& zkR{oct<(xmzy6Vuy_1q&?B#2# zLw=!;qrzg@NpaOFh|3m}T!P;~HhXbnZ0Q|yNDf+AhFolbe%9Ei3~evXEDzLx%qrzR zSPK=YSPjHw`-Y(E^WIV_)D$qEMaJrUn@N-!bv@IIklieF;^EQzAPntPp9Ddlg=j6+ ztPX;WuFR#z%ozHYS)CopTvaSL>pUN8Rcc^v073pX-y489vAExt#VQwL9Xcnf1rS5hU@l2X?eQRzDfWxQR!zmr)`@>?c80~H}KDZC3=87_o^V5o?P#<1lVmEL+#NOtN*#xSK;;sw}UBt5qGY1=h74 z30!2qkZslGlY#IK775FAGe2d)3ZnN;9zwz4obLuV(L-TT>8q7YoGBHy16B-%^h&pz zsDo9{SnM6b?{t$^OnmPz_eLz<)9|}3RcI^kJG#q;s#1rX0u+8;$ z+vwNX>6)62K;$*AfsxmRELg6TWC_Ftbdyhz;i?cT097c+)keF+b*sA8*%iPXDldAi zUSTJOr`cI-T<`3YH1M}Up_Zp66|nfN^uT((4km~dIUkeTL0(?WMc^ZV{*CJ_oF`N@ z3)b3Ynq02ytin#ay4X+5Ci?bJ%oW;MDUoU>f$i2uv@s8L0KXlH62ZjO-|uH-c_#?` zvIzbWgiw>NM)Lc73dFx)AzIDX7Tt1IotA>7UURqDFPnO`ov*j{#T;4VMVP{<_Tv=0 zPjiz=ks9b6+f{X%n^Hw_9a19uT`|{8Hj3m_1U`wCcZD$Uf$@4fUzK}gZoOy5>~yLX z4Sx5_<$^DE)E=`^0FBaYEyB30+-*0T>QJu9x;*WYJT;-@TBj;kON zXLMC4E~@+@0oLYKe)pc|O2B;j#bQt3ieqU%1M7$ZM@C?b*lkXV#Y8zg4VDvN?G@>+ zfgIObI#=8kw_u(Mg1LlmWJNfKWhaShzO##~e18xVMzh5rIEpsZ^>)$gcd9|QUzub| zNr5%|wzS@Dd%frsMi+wEZK~m|)?H=wk1DMm z;5AzSOW{z9Oe*D&)*r`*l?dD4utF#;XU2nUHs4rs*>1MbDHb}}a4s9pwz8epFZ}mH zYrbt}vt%fgNmsLR0W3mdahNmD_6Eatx1PvPs@4BzpZBNeH7hd5^H7fa8mjsGK;iH9 zTP}`LVH|3wWX`&819$suc~iF(yrb&O)amy?^!haPMIjC>;~s6ta2oI7q~Edj&DlER z8$jm%nDr8aq*#A4o=-TPTssOBex`+x;bS21S49_9<9P`3_yPiPJUY)ZM3$@)3swus zlByXW0y4j5wBRtcni$ zda8Chk?cbMVz<@)^ps5nx9#A&3V)q$$Rm`#;7D~i&TCugUQnC}-(!JqgP6^u(K&fL zi);5<_V#~`z+be)I8GjSr9Valguw$Ev9lbEO73-#q@WnDy3w!39CDNR*4j~cd*;&Fky9}qUeBr*z4i5MN>;AaAHTJmUtCOp}piNIe@S3MrXvoe{m zQz^)Z_2!qIR$;es)+VEmIJHq#%0%EVT{rIUeZCNN<3$jHV?IcdMn`dK<4W@4B;Dsr z(_-fMvX+xP;p2ES7QRqtRDfSH)P4}h0Fv0i>szqMKY@+9SN{oMb9NU0Njf+baEAbL z`6a{;8M$%`R`(r+8+l5)M#ph#V@j5yzl3I+Y!DQDR?+;{v7J&ouGF1y7UZ#?IMs0_ zd44hO331}jv=C3swh#e<6=u$Pq{r|YkeuNqG&$o|6Y*)_4YY|{1wKj;myp9lJWjyn z^v=vKbQFgYUb}(gl{u`q)`V{do*0Ml?Z6qgT%HsZhYVh$uu1EYQ2ZhF?Z6Y`5WXEa z<334v)=?ZvcDz!O#vyzgaK#grJp!d@Y-~F{L>k}1$bf{!nXit+*yFB zo;XDCnmo4frmJ4m$+rSej6?WV;0${!Fm)7%5?;Fj?ZL@QC-@fNiE#+u0-SNT*(qUh zh}WEDUtrmRKbF1$cw!vFHvnfiOaV|uaR}ixdzpdttpT5cZw-jR<@CW$0lrC~7e+3M z-k;l^m?tjLY9q0O#>y=l$FtDxRb6>-De&;;2R}aQR>1s#qxnTY_)+oGX&u|=o3EZBjw$jpuTN5l{4OrGrGwM@SYJRKJ>8H zZ><0QNb)Wo>-75H>3E%smIXLNoaUFZ-O5@YBLp=xMYsE8;#Kh*Kj~Kde80sw0EbZi zN+XK!I~Z4I>mFLkWAj55GZLd;R>U^XN8VL%kg;)~@pP!v^;Gg}q;34yjb)G0cKQhD zRe5Z2UvC+j->SZISMcMqNL@4h%Y_eh7rXP1ci&jE;5<|T*}R37)#b@2(^CIm40)B?NfkX!c}Up>?` zUyLUx>>DJv!aROk15gs#Eiw`0coXB(9ajzbVdqtGJhSn`PU2^a*bh5DSlSN4v+f_+ zy1|bZ<4j`QMPrH)sVJrtzf?Ggb$=I|AEOd3PZ0QbXfc)Z43BDxPX83dxO#~*P(nBe z%pF)y0|?=15FtD!*gcOXg!71M5@GW52VuO(VvMfQg6k}Hjq{+MNMaJWn2IP7HJ=ON z8su6))uDTV0i{B(d*S^aMsC-@-8OK{5?lkd&)7%$zq{o?d0DpeD$}{3iAmxs8;_w` z=(T@M^YM5F?z>yjh1gy`5#7_qr1X`I3jaJCYFl3Ky?=LAz7X5XRr#JaCZ(^e%9r|v zPUIJzCh)Jze0RID-VJ@VO7p$dA*1E-3{teZZEeg8{(LxzOrd~ zxK)YTn1_d(JnP48x7c$KV?Nu&?*25NZo;6+in@U5Kp0kZO(tI=fXNeV0+=jT1%*{v z?TzL+_VE_oEshnT^Tkv7W5t=IEfH19>Gfti+&!3uUh~or4Y{M$L{@k&j|zQv-)+h4 z<$n8yFeaI=?6WbS210Gf!?oYbKXI{ zdW@jHuBz*3P+{i^^*1>9NOzY1`LPrC~6`QNqq*>?dhzUc#+ zevLBx!Z!r`)9+WV7wu5FfBOAd5&Ng#KUmscjun5r7?F;&`={S+O5^flRKn#6!ax0v zR?a{DZUg5L^-sUs;x0P%Pru*dyIYQb`rQe)GQ&yU{j%ocpMHM;w+$Nq^t&tU_dWg7 z?_Woi{nPJ=C2vLOVb|%`ohJO#@Ah~wMfj)RALDLnz}w3FWo^kn{r(8f2IZfAM`q|& zi2mt!NBF1T{nPITkQLrP{q6*3-|e4%cg3yn{L}AWMS0Or_nT`-ARW zJ|jJl8TgDe?!lZ}^VLl<6vHUS(OYBQgoi}f9S8MxLG-K^NVA2mTMNi9Oq*SJ@e9*V z^&CX*q&U(tC0#^j55m*vK-`Xy(LQ0c52JkGl?d~zF3@kE z@;jV3mk1f=96>QoB*<**t=+?D^*pSX9Y(8;GQtp0Wj;%cCjlBa2accedLT@UmM$&g z1B8ZkbQ$6#Gt93Qdih47CrdQp$sSGMADcGeS({AU>XdbG`hglL0@k9y!i7#@oTfH` zs#qohf1R$;e6~1G*G!I9`arBdh-0`zY$#r52~H(YuISw2Ld-~)iEe=_YJbYosWjuGivCr8;%Y|^CH!{Y(?p8CAKM|Sn2{L$vLbd3x}9bGue-|s^S+-v z+uOLVFZBgw`yX&OKCW{ZAUS;(^X^Ue1&V0TIVRrT;w*XW?tH0NY(C8aZWlY&|@|(zN0;R4$ zU4m8lBLsNSK^zjUiP|%ei=q#WpXPq>^Q+R_H(~Q56|+rnH1mipO|t* zDDP*rpA)fbOy*~`ughbL+aarcb0q+&Uq2_I?Z`zymfTLC`1xmt3V#0i65lxg{IkCU za6k0$djN>EP9pe)U;e-FmwAOXZexiU>zTVeuR%k_q2M_tM2=IB-ZmpXK*&|{q<}!y$ES5L2;1#Gpx6G168E?X`2ixo z`~jWZ6I+e0OGl#+5-VP}Yg}3Qpw+9VOq~BgPO}2;)aobVuHYx)+)KW;-vStZYJuJL ze@6oD_^J|K0uDI~W>Uw>fq72N-JUlw-&(rwnM$0~Y(E}S^wV)ya}ipW%TLEWD`M9` z+E2$_6~~tLOPAIjwt!zEbw7u9QP|Jn5nn8*_j7o!b~I;viyYqZO|KQYp zmwWYPMbc&eZavDpj~(gwDb*`{pC5c7z_@ttS?Sck*x8U*lGWKTCQaA~&oR zD#S@_{#E-McvdJAxGQB-zpz{R?w9RfEJUPy{w;6?`86)syWg*WTACkyn;r%v9Q}kS z@f{Jw6V3?2f2bC_&aLwP8V}VT)f0yZ28YN+(Ys-v1wpHg#10xOw`}}7Z=jp;3{;;H*Jjzvw+)ogoAMqNCH9=j(tWQtt!4uFwYfY>`x#_ z&Q)se62t5=;{L=>KT_z}Pyar(RRPz}`>CZX_^Bn=k}vJ{_f9Q2U8i;rQ_=H5$4k{B zen#kKz>dt`f5!xYTR*vURUFTL{NxhxvqkJDmp)k9E~|D&C-d>5M9LcZ2_~D;9uCmq z9+|`LvkB~;o4`+GVVlAw+|2@a-o1sVbe5Z8UBW|3%k!W@cpO*=kBP0PMi}B#lUtW6 zfSKZfaE+(WK-Zajk>Dn|2;BU}8Te8_NZ6P_6c$o3G->)dv5Nw(d|`I^tLDV)e{kx) z(>2>cw^1_AmH{WzJMQd}iZti=$DY-{b!%0?or(O!+Z8@7@#f#Ub;6gsb*n2pF}J+b z#Q_AMEeVK@BUFXCRy^@ZX@$_C#8SEOI!O74f>m%VQ9b31$S*9UGN zx_j)Fo_JEq1g2PNusQ=%00*XJ7EVtzE3kOesEH>$HN+F%8X_QIM7Gy>l5vP9nTH54 zoC>!V8LtFh(h-O|UAGwXLe4dZa1T8FHF3+cfVOnF27bd}4q3dZ?1oj$4Ob5X_oQQj zxS!b0OhNBtmp3 z&hWY(JHyM$?2IQRXW~iunee)9JL5?+JL7e0Id2@`+0q%NRhjoq-YD8zw0*{h$CG?Sz;fF}*C!`QxBUz+tI{u9wo6@-a7?p5&g1}FXW9sV} zuhU%gCcRv{L5aN}yq-Pz00Cb9fKKj-LnX*EqIh1~dXf%~>O*)^e+ZBFkvtD0#N8gW zsq27uLX!wXXnzn{>q3&*g6lMXjq~st2g1yp6Y@3yHOXthyW0Yrfo;Ed+? zRJr_(%7K0mlK4ukgA~7})|G=FnPBu=L zUi}**2^1&3ofSmA`q_BG<4vGs8RiQBQ$EU=0p-1_k0NvwO~4 zc$;q_o>C5=NUaT@(ldA=wj9qBGuBE2Fz}!|rxBb=s4UKOaZ(_sj-r$L z7bp-$3&ig9HvY(jf2O}s*g31_iiFovYxI8lY!2#<$!aWf#EvmbaT#4UK{6T&mE5cns@EqJym3(m_$ z+i@oh$r32{JnnHeI9J+uq)~O*f+aQY;`X8<5KpNIgg4c;@HGDrPxk@ByUJU5TJW)HUwd20vPI4lHAex4ZP7wH?sOLPw6Is38jvVK9ltZxv{+m(fv*_Q=e zJ2N%^!U&EE`4Zc+;AVp;OgzVfSNpVZwA1e}=ec@r&`mC$W8&#C2Mg8jFygSA&-3)$c)x~+n~co!1o3kXPQc7TH~}j+;RM8- zg%gmszwPjxQQm648D2g|(%VkC9grSmaDx?KJWJ*!e%x?@&yaXR)jX@2cNM!;FKbQa zo#1Pf3+uJcdw3iKuW}5S7Z{#eUcGF|_p;^Q6X&}w@zP-6=|JE(QiRu|jF-TU0B#!h z-u4&p6qd?+C-@>y@uV=lx(YAVyh-0a1i+_+%`!f_x2zhbk5A<}&G0B7Ohv$wCY~f; z5c54DLcCAbTJSW~Cntha4P%^;#|V9V?gA#;-AisG<}736|reMCb%P+76~LKE!xl@YS17 zupraxVAXkoPYBPvLU`Y+ddlb_Tnyh~_@CN&y72-CP2jbFs^Au0^dXwh8VVck@tZ~) zl9x2)J#l-y*M{9BVcqBSRuk_Avk63BYyo)|gTT}8Uou92@|#N-(npp&y3}ps2d8-y zovOD%_@DqBr5KvTp3qMZBEi$gqw%Ac#&9y{+l{Cdu)N=s*A%Zt1+~so*WsR9pgw!M z>e<8c&n^;P;v~)wVxd-e@=B5CyCwDq%~9$iI4D==aOX-w%FtBWARaCjfQd2`)Nm;8hMYC!Mtdchz+_()1tVS`EM%@oB zRE;4hatsKf;b`>aso(zd$8VuCzrEv7 zpP2pak0XWO8q$KJv$Cw_bybsuyd;V&tx3w;Z+{RxrE0&cGS6ML1f;&7Nz%H?M2u#B z`wxK4=Tuyi1@OZrz^B-J&gH5J+b^{kfyKG<<)>h*%6Y4VBaJmD8r7X-U|VT(9yB|a zk7MfCrYh-R{&8|1Czg5=uRBkzCruzJUdr;CWVnTP&!M#0rj4l7V=Gn0!FKF=KO(ar_-e#=l}Pqv|sJgbq44L|#%rjR&8&0YwDK%hl^cqBb^#@93l^NQr`AKDtzu&02 zRl8+*D!ZyJ!$H~BbJfwyI!71KGd@;w!EfwG_(#~Tq!(vl)vaUr3i#9}B;2~O(*K%P z`rj_AYX1dO=zky4IJQeF5~I_PSidcJ*8}c}x)|Qhs&&*vOYu&2`OG|eS6Jw9kH4v*XgHEF^(O>Ij+gerh1&gCsgn3V*N)w?QwM)}V<^!Z`yy_>?shYY z1#V>2a@atz4jvDWmjnW)sK)}Il{wd-=46;XGpB$3`|Y%Q8c(7kshZQ4&MnRRMo*!! zeQbEEM5ZesNJ<19J2m}hK_Xg`MgUu%b30RWtl@@l6~jNnKe8HqH>WPRDg6Z|9V^PzYpqN#qbX0?7DUDL*F#3 zdB-w*fcp3U{5Tc{ef~}SUpu;YlY11yA30JxlKJ~@dv85rXCc}k1#IuuJKNZ^?ciLm z=A0*;htfPxEcg5h4`-Lr+p3P?~Q5M(Jj;y)sopV&VM_`1=I)!=5gF2a~r10>)B`hO50^Z+$27tTnu z`a?c4A+nmGVn&Q2gSk&qLz%b8@sDrdKVT^O#4~hcE>_b0b|F2cQ+leLY0af* zu}|iQ`O>gh=6h`|+S|QTT(>QB_SNMiA6KMaZdC7;vvOWfam~e`B(2xU$fi`*n~V9R zoF3$<&RSj0mK+=3GqHB2eIR4ISbI($sjnuR?xU#F^3vP35rsuUa5g3~#B5L1Wk zm|wQ%J1rkAiJ8o1TuQaxTg7H$)rhBpp?+ako4!YdQZ$ohc%>2BQk~68PAW`vE7tbZ zp&VklVUu4lbHIo=j;}ZBi0emkOh=W;jaCebVw~GWOpJacqW>U&&iND z&CJ=#Jop|et(uA!pA_@SNH4ybYBQ#?;duN z>f(A=tkjBwe3wejN8Qvk_Z|MR#p%~PqZSPkwIy;iwDpz}Q@ z+*xIY`*kdz$aI68@$cpCx_>Ax%c%xm)tN(O)#@JBR8?#qYSCt~Rwui(449rSr^!aC z5Shh^BRzInFZa+l)K5vV&2~hE3(^@seXF8Fy*}^E46Zz zZX7zP0jcfV-LS-{6>_>BfpLh|^IdwOQQh}RZkz8P^0W0ktCUI|z11xjrhI<;J}mFc zhg?CYnpwbiYYmi4$!*`6az8rB)?~GmI)sPysNCAcM93d|$gMZ*a=iom)eC$oKFyT& z>ts`)x1HW$%~#0oNa>Iq)fXjo0Qfj?S|~Sd$%i$o(Cf6YP3&u>ev(=y^R3>tvth{9 zgcUk6lO(6zc`+zN^UYqIX-uPBvma+_we%#o<+j_&_I(ta0=G`L1wL8J%CiMi(6hT} zSSAyx#$X)drZmgx(OQHY6okocld7lKN+nihi~B>Ro(PfJy15ZUrjP086C_oNg+h^G zQrJ|J6t`M)N_E*^HnrSd-|UzcJz8%T$<1t;PV4eKSr)2FO(;nEWW|I+!*M8dXr&Lp z@&`(_KsL%Dz0{=#!M?f(PLljG9M*D~_9lEFr%bN04sZIE)Gnm9LYqn>6$kpc@6nZU zWFBHd!&HQ3dgH{lkO@u5N-C31v++XnkO`9%r80-C$~4FNaMx;-dWu3ST$-83_F6a? zd_N>Zjr1tg%FWq&VK|{QzTE_>8f{I%(01nWG#4JsE6bu-ZIzp~l2RDbl+ zDy0^Gpx9<`(gr^kVtqPM2~IoX=(MWn`mDR#uw7p2sZpw4nGHKdU;{PyxmIfL#ae#nx|*A!e}v#_i8J0 zxYJp2*(lYTxp=Ts)~dVhdS2`_R^xtk)YK=n1HGtG(?XXPTb=eHKC4g0v*<3~kIMaZ zLr9Pr&yRZ5S5X>_T6 zbauh}NJ!Lxdo9Z36s&U8ak?O^XJnU}#YIUUbk-R`s}^>2wn=qCAD42n5o<3p<#EN( zSt&?!opgpD*GVv`bu#4~m7EBZvA#~Qqg1mo9x(m=VaAE-VR5041--rKlj$m3D&*R; zb)k{Z(bFwAU@x#4q_yG*~5)YQBeafZx&z^tn(7k4G^jGHuMFlhR7! zWS&VDr7UsM#@x9(Yz{_^K`759~FD?{j#cM6fj3bwp4Sy+jN?0t+W&iyGe9Y z6|<_z+h|tU4aC;AypK;?yTh7MChOQ*Fm3F}W3Vxff_YipmR6zdB)poM{3J57@U#dR zSDP&=x6PDxe6q1gGRZXGOwNQV)E|judwix1rgQxeqt)?zCC=u(fx3<8vXYi$b-Q80 zNuHQw4nGYr`P3-H*dT zsxr^bhwDRi0y;-e;k=TFN&0O3o|#QVeiz@aBo^v_nxBN*!H}qy`>i;z4M}gxR4B`o z4#nYSMn}bdFd11jGpULZcY*Qy|Li>pbJ|F=e?>*TDkmSYxeurEDrA}z<#NL?#?eJ z1170}IaHU@xjZlu`?y(@xyn=bUd`7#U}|zjx>wB)idAMna=i%^M+&MoCFjv*da#1iT7%)>}6t0KNk9{)nxX#nceHpOE*G((#oAg|0qn%>vA#$A7&LHv^JJ>EP>m2UH{Qctpoe-Q2;?i;c;YF8_dg~E7! zSppeX5$9S|(lTS=iMs9-I8eL|aAat8iC9jq#rh&VuC9^j2`5t zcBfRRPmz6yekF>9e8#F&!WqHdWrW`ZN$KfJJ3PZwocdS^*|}i z`^C)TqR|5Wexx2od6EVOT32CC^{0NZDr_efzPZZ|n_&dh%yv0ObWefZP`!@6o^yB)BS{?=kt!9dp&sY-Y^OjWtnkxn`Aq}lfbqSE^EEoCBN;LJ7oS2<}w0(K9C!^6q{r-1BI-TCX{fGHqC3@;)b(y)kz0oe)iAIY=LOlNP)QuxP)%sDGvyiOjYE(CR+mg9l zZ`?!jWpu+n$Q&hBYBxNes$W+@H-M49Dz>{|Czdyxib$a~Sod4EH+M;DQJqba_sP80 z(3(s^R7+q(GN4Ox(p|5cxGZ1OeT|7rpOjWO&;;h9LT8qyJk6_Z?|YV^}vvVLihWR@x)Vk6Ia$`t40ZhqFt%~a-6OnU5&Z&#^UvPMxXpDS#7$!tRyXHvOl{eDB=t1Pd?DM~}Wz`VL{fQamr z$a;0s?+Q=gB+T-);(!GYqW#p^#-jHVz7<_2x25TIN4>sGkFQFrE-OZ3+I6dyxdE@I zC$_ior>ime1Wc_(_v1xzvrQzGh1!jB9cWjpY)b{?yLO@j2Ccmc_C&q|yg6U3ZaX*Z zU`~%7!19_@VdXV}1b5|1mcTAxYJ8>y?JOmS} z-&!>IO)&@dFF2x9u{v#4NOf=(y=vFi)6J}=QFq0g`leiHRCy6?VNjhk&2I8szh9=i z8ppO&jo}7#S)9j|#AaPC)Uvnb#y|v_#LDYZ9Asen=B`M|?M7j~8TZ)1U{S{7-OOfF zzT8yX<3|PBxEjqxWS3Q1ceR>&FIQzv9<&-f-KXVhlM*VG`s7m*93bmL5L-1hzFM>%$wIZ!pUnZMW%c@Dotc$4nM%1tRzz|Rj`G8Gy$xd}OW+E} z>W!>Yi7h(4^!;^$?JQX#mX|MkU6L%`&N#9~mYU^KlZ+S0I9Vr~^*{J`sXkfNNU{-& zUFIn=Er1h}N~1k{3Y(N~iaUQ2$wwR^FVJO%hpp_38DqO;-d~h_? znQ(Se7#u3(bf|4X;Eo+9=@Q=# zWTI-qGmcdCv*oeoc-U@%(6Y>P`Z0A3g))U1q6}E^%8H1g<#&G%5I`GV?-6D-L7;I; zyB>mq`G6ozo&gqc<3?QlfFt!LjEaaGh(?iY=xkGBG51kOka#s|3t~AEl5UYOu1jRJ zxfk%|nRnxXD^#qgh9H-{*zTr;S@}Zic_~k5R=%*|Qo`+7M}8m5^3GujiXKMrO)j%z z=ZiX%R$srU8+E}7U%wz_^Yu&2_{V%2!$7{x{u(s;Uds7Gcr+6Ke24arnzhW(@;T>E zLI0>p8`+Wz&OeR#pEhw7*^d9V^&Vq=IK)5wM)$i+-2J7q38R;YX)F8QU}Mt>erPxB$ohsR+Gyhs$&o$TFn>>8#Z`78 zxXf>nyqbLdPhNdbUOlSkOQZHW%xfgC9y0E0 zB(DZYmpMIm^=JYia#xS)h7fjUt$#-DYU(|A^@Vd+4Hb1>VHa(@1B7-C{}malsROPe zd@@!|oEYNc*dRShRrNx#gJE{yQtrP$N>=@~3AAo*ZpdU;G)h96;9D{E3^?;3Nm4!$ z+=SRj8nL4FLnCHJi&GZE8k4}+iGCskdd?CmkPCv+R2@V`O>-ha^Zf3V35+61z+6h0 ztFIEYN~~C(f337xi@Dn@x*?9`i&pB}E)B`F^N)bf4Kqd)&AD25^y=;iICOW6 z)%tmIziqIYM%H2@Uxu(h`0(+<{*xMm7__O9{p3hfXsa=|EX|{&MAV!vO~xpxGDaeC zq8dnbN+um1&&1Y~{iRcF+xyhB(Xf~Pi>n+a1nYF~j<8)eY3#(j+~M(zoY8SCHi_5E zbN=^b3;TQLhy?IXt~hNkbafkPYYfA(W9PdDL3kTrW%mmSk)ANNznnV`ug9H;72D}{ z4R2&NW7BEEORL>5oHV>Olw(bg10q}lE4(zj1@u2VGWXm=wY1`$e$%)!T$tTB(5@&r z#A|RC4u__y7;+-Rp-VyojTNbTYkD9vW+3IAk%g;qqO2`^c9J6_Y3zGVdjy4apy-XE zrpM!a`^j_aqG&wrD*T6!e|u~wd+r$U6jt|s+-kkR<~Z%g4H0rY2Hhbb-XDT5ZH{jE;Xd`z zlQ0!cBqs~M4`t}V4nt(P46(CrcBTE({JZAwGYJ8BgI4sQ&fKNcs9*)c^nOCz{oVGnWNC`}p^l znEdsf^YJUMslr%h5?*i=BImWJJ0U?Cw4%m}I&X#+5-#0%@MB0F^jw~KBMOiYU8rA9 z1t{Ds5E0I+Q$es}K zp>jKAMULE;1251o)A8{ zL+x98*?w}$+OpS&X~eWsNZz9p{ZplnE4#T1>LX$JE2!CL$LqP&?A!dSQ}bKw2fdc8 zJ$!UbOfFZL?e9c71u`6;T27wNK^{G~%!g=M+fbfQqAA@N(zzobxSs zF6VjH`;+91uUd17B{``xU#a7Ovjg|_l#r=|F*%_2q`L^iV9|-aUW!f4xSe~a;red1 z9$g;y%xMueGZUZ3nMq~9wyYw;be4`msuBGbQfI4_J7&4Pqm5q|e)syc;li>eo?4;AoOp3d&@T@71&&8wHKWG_8>!@t3KWjK6g2!I>nO;1N}>ZJ2a!PT3JC zSOk)5AMfFo2HbnNWw>xlr`hYqA1g8*&UOSmEMR^P9bUSe8@TV+oDz_1RCQ;_fYFDZ z?q)zXbg=FOo|2>b;| zmC$gW`t+a^X+qGpe)Lo!oKH&=J616bJOY0o^5Up}&_Ou6N97jIIm+Ng5mp+vrQ->a zWyg3}BNX3+;@j9UAuAlbf`@w4lNt4<$4uELhSS`4flu~LgbSj@^6U~tQE{TWP&C~h zBN$pleN7~&iz20P5SBHZvBVJQyNh~SJ(0X1Dy)c9H%mZ0lxRF>Hy3}k(8vDtu^=WU zB$1d&D;>KAIBM7UjM|S6zasG-!)!pjqaWum%#ZpUQWwNNHK0#Q61ZnQYuZ|R^Jq=I zIN*~XhpUa0e^&-_W;>iNRCRMCcb?32;_=V;zrhia;N1ewg+8dmUGSq`ja`A`sx4Mv z$DE5CN0(LTwDk2uazcVIWn_e0qS;S*9OD_nJCbCXV5{yvULx!rsjA)f8 z@Y0BA1C!Ztg|qby(RMJp59m4z6EWx(3p95}&`&0#?MV~ErXCw?0BbV3Kv#E6xT&V= zd=*X3!XW?vnkmtSU)2(NV7G73-ZW1r8YmY+okY*z`^Y)4(wuSBfBmg@w7Nson1mv zauNB6sZkUYV9o6H5ae+4#{Sdx<2_Nt(~9zSYYr1doV*&h#1P+|)YH>Jj)oZ`9ptEP zFe`A+=Qk+q4^Ib4?_uIS9mE*<%cO&JW+=X_!O-%*A{``sz*WRANC(-W*hw3ON(TYo zlr&Ve+OnS(I*#py(>lt4XNACl57-oPAIxD}J{ydV({jc58_WuiCG4b-DF}2p~1Hr{=o=BPvAXq>i0~X!jU#3@Rf>t#~)a3Tj3NIQ0UAhTvL$1ESD5s znyS9N*kD6<=5su_-`f#z=-?VDI(CA$|f1!!|s#S37`-Exu`IHvm3k}`gU&!NS=Q+IR zz`D2KnHcm&c~EbW3HQ6^z+Oqp5FKB765&Kr44B9_Ju|XFD=Iszw(si0^C9p*aNAIt z3|pEw#Fvnsee@ts-%(*GYBEH3gAb|Fu)GG63y_Txq+JXNtTgsC5B8t~w~L`q%_`n& zBv^*Ay+n$Lp4cJs8KJKv>g%syRf%9J$M)h7XLDS<7-Cn#rdaOP4I=04C6LUsmzPdm zwwHr6W;5&fa3Rl7C+GtRXFvS%j_oBF_5(^`dkH0x?dA2Qv%PpoYI_Ncrr^2E_Hs&I zv%LhEMUWXdNryly_a@vK`5y64!T%l!HVVSLrZ~hv2o!)skFPkMtr?r$SBfN{bVV$a z{l1Z~D?t_qmEV#J@&4mKhXa?%7+Oh{1s?qNlNA|h%ywH8u%j%Az>pst9=SUXA3y#b zn{YhqkS*d|g66E-3z%L!kgoOln{Pk8T;aci4#iFdKg}I2GsN-ilkQ-B;1;X^y_hB< zzCwVZ&uh7HJuHO)5k!n0+(G~;l*7X&OA^&x`{O{-`R zMGL-=<`z#!p+$8P#;ijU*r-$k1fUfw&NOiz*is9I1b-l35Pw95v}#YiKgX&c#;El* zXah`-#=DmxAziDu$_`%{)(?pPV%ixG4VnTyd zAL{`_tfEK?@maqX2*tJvC=_-KHUY=0#Aiarft$vc+N`#K&WRbgtdg=JE<%{>L8#0u zp$&#-m<*weh8Hm114tXQgh1G7<^%C;6F%T<0s#4f_+ul&u4P64o=z|th|oCtG?2s% z&>Si#_&8YSdcoQg>>QVPWw#RfW|$~Go`lC%)p3cOp#vyQJqx(>0W^zVeAgBO1sZ8U z#QxFCfCcmW8U!q_vj&{Fq8=>y>T+MA#Q`ln%hQ*XaC8KjBR#al=L2jJm+(bw}s4}4IR;KgsO+(#VR ztcOm)Q-PLccsAi!evES;@%9)BszbripY7My;sj?F<**u$zeiA}ubB)z{to?pH&U1~ z=gG@XBJnwy|C~-{noDE{f%DWN9lKEKjk}ya3Jz`8Ws52czwue-DC#t=mitlBdXJ7e( zfr26D6o>hF&a&_5UsF1UaEyaG#Q{hpj0X^5pEQ~eVf(*?GDfY4nnUh{Q}MOAeV5R0 zolpsYtUmy)@gQI?f>3V&&n|qJCXj#R+P{0_0gnnIesM^CYZ~Z`z!gCr<2Mm=WrR*S z1G>gU2AG#CT7u%vYHSG7Y>1-zhPqYZ%L%WJH9Y;Q>SYB6vi;0+H>`a1y$|dn}(Z$CY}^qs85Kk>b2_|Lf0+p!)bO!FmrLE}ew z7x(PP-`~amBX~~W7DU1&OUD>h5C=1qTN%QcwC7HS^Cvx6--`r8c#Jzg5z|k}@%B_3 zc)%@ED?e?D(+`jEgYl^m5FW-XHvFS26;$J@m&%jAZW*;LIN%F*26N zM~v#d_W;eM%nrAd!eUdBQ}wGlFg-qERBGAhBSy9)dCeU@K4R2L4(>3Bw=mXjEGM7t zb1)|vH2^`yWM74e8d4ZYz~*1l@zG;?qc@v-LC0q~L8q52%G#qB`_IoOL?#D`NrRC zGbN0~rc?UE29166_+DG%7+i2}gx<&Z+8*C)dwj1A`?gxvh-mmg-fQEAnE>*OZSK9c zFvzuG_}gsfOzukf7f0VeKFIb(Kgh;22$Z4V`XUmKM+q2!H^!1Q4YY?cvp@y9f`eF6dA60u=S# zqkY>p7@vQ7eCWqQLgaV`&7w}l-HwLGhklGw!2NsZ$Mm&10+sUY$!`}?GC?%1zk4!~ zFJMeS<(^!J*+ldh%_iH&tN02smLGH3d;<11Yu56|r&2a`kE~@2Kl!ryaz5&dFqd zf`fbzTTedgiI_;;gtHk#t!%>Qn^n3f{nwuK=#g$k zDw@fV5vlnc_BuHSPLxf+?{Y86$6MH!u4LmZU9oM2?qIL2#||5TpsPv6E4;71_2hOA z-h2w358o5m9#5U0`d*L6{)2F?GW`4RD2EfKN#mPfp;o3?Npi4?z-T#>(|4r4d1NQ1 zs*0UNVi(7t0rUk~X37pE1PQwjFR4G|_Zo6`)I<@43#5wxB5YNV^uhw1PT?7A9m-et z*h-iHeHKG3^5pD4vjnv}7qHMq!J3p;4OQj(rWkM;_XIyUBuea(JX5TF=<^yOw(#m7 z3L`V%T!L-KuyK5gHbK;kP`(jb7Zb{)*3}RNS!%jzJ*Z`B&~}Qxw@hfgzlhtGbkwCPJrPVIJuA-ETY9J{ml?4^|7CM%VAFL2E}>6gnkGxK;m{# zx=24X{sCo!eAQ2)alzw#<+Ud3h?SWVcTZB~3FBrHhE))}CNrlZ#lPF#>eVKBMqEtUUtD9xu|L|w-Z6}df8 z&&K)sKt8h@?rw2UT*8X~h}_y34FUD|ZtL2pct|z&2y{ zV>atj?>!v+9o}duEv49~FDaXKM`B$4s*V{CGNEy=d54{sIh%XEFUf~Dmf*RT81R;} z8vC#~Gks_`u9K`9&ZQzzRd=&?Fn5!w(PKkRnAaBuZ!l?Nw-pAR@;81_S%aNO@Gt?S z&9Z_!$Pjyr*@nsaLcW+>pf5I_3$&h>LNuMyGvhS&(PJ*q#xWjqfr@&Mxj-Ltf%06S zU{%^wGSEFUEI~1_waC2}&Wk*HkU|mfnay@82}I8$wsv)Q9~Z@V4NN}^P9vr{ z2O=2mWo-tujHf*7AP3Pv!RRK_p4t+Z1`i~2X$AK_R`=eRMs$C;`(n7i+cu48{o+$? z*mhY&C3G8qf_-oe`1Ux>e3AJ<8TDtsO{eLaegBv#R4-Lqkp8Fkhb}5T zW(uwK?$n2R$`op0{O!|)*5>MwF0|H`CPKc@MMwc=62uh7bW#7Ox1KKatI|$9rVAA_ zFX&_IbfMp|jk-KK{!`=#{i=db!KQPBip@2#p~u9aeI^Dy=$sg|y5%B#IKZ$4<7W4~ zTR$*BUIiG~f&yfD0>0CK3oi!nwgGahTc3Yr2JIFAPyw>)T`obJgKH7`pXC+Vv&-5a z7(=R7q?D~z_D<}2%XwsR7i~je1@CSPRp~K3ZFxKPJ8#Dw2J>`GPpkd@{6233!n|ww z&uz;$J>K@1owr1yD=x=&)t+Wt95wy<8?QtxZx=EHQc zOtWaRBDoW^-&jPF+8TO6_59N5lp#m`!nn-*}@}bJfavElg_^=Ob1dUMX?j)I+AY4Lh z+hiK9>?GU?SXj%J72Ji)zPEF+4TbDsMGEP|iaqDl#y-n=wS`+y8D>{uqDKjUZ|(x@ z6!3&9xDsW!fJ~>Y$;n5@Li9MmI+nEA2f}lkhnGj|m?|AI2{QO=a+)pwOQ!igPT|5gW0w-N4jE`+DxV4R?}^~wtj>&a z%Q(mDgdtoc#D_6~UV~)^$h4dZh~evO>*Hrf@^2_Mq6~$^gRr6xAHoJ3=S5H~{0M(` zEuWsr6|1*M4i2R)*W?ixig36#p2(cAs)IIJSrm3aVN*~VSrruf`P>s4SjKZo6JS53 zMhD644Uz{gLf!&xaAS^}P;Y|xXVF!(;+J*b2g|aNAHiViev9)2_XHq^gRl zuG40X14C&manj{s!^;M7-GMJllQE|Wu2c@eML3VAak|bJ zY*|6enf#T(CMJ-C|Jw`|G~M1{UVsSE35Qs2PXK!Z*`|QKlE%iG#rQxirx(%mauT2M zIZPSAM#%)java;H`Xi5wwZ)9x19xWawkF`%wpCHZ72CGn*tTs~Y}>YN+pgHE*ywzF z_vzlJd-NFnE7r5-b}ZE z;)fuE1*Zk{mxn7B-DTjA>mVdh>ISV9{iR$Kz}qXLq5GwTf#SU!fmyW-8)Y*gUL}ML zyDQQ0F#n`7ciN$&g?%nALHQs!rCyTa-$_Ac{u`onP#<)g)Xf9i3aw}C^zmLW00GAe zt4Q3Zgc^0Fo9bzi$O%qZqUqJI4(CaJnxo@bYS~;FG{EKuY#tXSL3=cf_bGS6hl@rG z4JaDisyX(~=p+BK2$|@J)+OIFB1fQ!o z+=x~Mvobg4P`Z7eJDNhq$iP$Qy{p;x01@&jHgb!bikkx`5j7V@%{Qw`8jrv zGki$k4-~?^dn`@5VdF(DiM}GleNlf1&HXWdMmi;rwxQI7B#!TV7HF2OKEN|RL^yzB zf3Z@iN^_1lqhX-I*V@csrSzt~qxmD<+!&p9p1PM~vfhqMO$=N|#|HH-v{kH9RI{k1 z5^+du>$l(qh9vA9%D8vjN8V=hJL1q!uW>;Td;?!$sD&U6SMTHZ%|I0G=<@bZ5OXBG zvRH8khVi{koqnp*&ZU$Z$!rgdVaHIxt8u=!-7MN?6W8pvpFV4r-krAR966ZM`1!6@e>3|SUO6M+^lqBv+i+Wv;;^3BOS%$gl+-* zZ1g zbQ>-)2akxYnftt|--$un0-LrZ>I4#?5zt>@Iw?C5bjRN*rU7ePR-wV5cH;N~~WXp=%qJ2#Bnqk&vGHnof-^}@yt|J0R6HDZK@++*U3bhkr^!LrV$D;u3 z!V?e5_ey7j@szxm9x}=VOLkw{N#a71{+0@(h47Y`iQq$?2l+~>`a9lL*0n(Vw$}>h zhB~gG%={xgDAba`ZXPaVC-5^1THOSY1OFBZ%~IZM_{6}g)W06UlpK=QOJ=0;#_N{L zhPn8hJ7~ji6RKJgRZ=Io=T|G+{WJ1NjDMMDjrH2Kf1Qi8H^+9)+e-IGsP?PhF#?9eXOW1{*6x11Ikxox!`p48xNOqQPlUC!)^e@`d< z0Pu+flA?-DoDdpR{St7ej7$U1e2p(nxO#gJk#>HY#n1+L9C( zm0OStoz=!muyB^8TfQ^(V6#09vsL0=Zg5FtWIt_eYUps{kAosa?Rs#Hr@&RR#o`Ii z!7g&!Jax_aSe4Zu6MI=fy5mHRWsQD-J^Me9l;)<+P#UZF0R%LN(!^~)Duiaou87VKv}enEaE#{0D-6`W+A zP4ywzO!9R7x(S2Na-9pOY{{JFk3(u@HA|(H_m%S71KQ*wT)FXMQ}-ftjRhPnbMBr! zBM3E>yEHe=?YBj}^xD>@o`VI7aKfn@rW~0J{JjD&%T}?07_&@g@YS(BUA}oq0@5Y zdt}Od=mCnX8@(BM=(?SZ*UZQq$AX&^C%C=P$37`~%c73=OE`qp!>c-)_e*Hd4q>=1 z=agy@PzmXIZt~3RoUqZ!#k9$tEIXY^eBK+7KK|`$JIYkHDDw72v;!o!lfV07xRZL8 z5Bii&EsL(>Fl<21;kI*48LG6bj3}-#u?F3uC9+f!uWCOp$%lzahwS%8dElsM;&M7$wQCOk{}%WFjiCh@`C?z$ta~&Xl3p=xgX*#u2M`0n14! z!l?A`ZjuNlwZ(HPguA^mkDI2qMfvm0Sv8ovtdfc?@(`tdy^Q0w#MtIVDcVZeL&Vcr zKtS@Dq0omv%u$k{86@HuAdjEHh?uFrSWu9(bO#qAEE)+563rm&kfAnaKGcb)$}+qe*^& z@8R2ew=35X*L1?IoC>SgcH16cmRvPv%$I)*)*yhB-Fuz{@<9Jvd)tHskh_p_fm1-$ z<23maNr@1>8Nj*kxE!D}44G5@8=!*ts@=@h!uk~-=0wQ9>$QMxxw7T#4L{sI5A%Zh z^WyJACSPV?o7oO(_igx#p;k*+Mz)9bZbU=BAP11QdNUuD20xR5yWekcu)mn{NLP7r z91iw>r2{i>3E23fBc3guW{gVXTD^x~N9P|baP(dA9-4VQ{zx=j)f?hktIlGL?WgpU zS??>y&B>0fsUOzIwO~?~;BIP*oq^t<2dt87d`*D7r#lud90O+yb9IsyX-Y|M_8#kAF~RKGCU^{70vqF(v#!aEe4^&HX@HVcF7y zF=x?;c0T?gF@BO7UmY`eQ8;nB@1NVQnKC{8H1>1##mm<#M;jlD5n9NnBFVwWbFQ63JE*=|JD}Capl?S)W1$cFwLhqPu_^`0 zP)*jhz{^%dK$itqPxDruu8n`GWX=rf9bPHhAvi7mI__X~wzg*PKLJxB^~T~4p5c;l z+?R+S{qPd!El>9y!%C$W)OjJ9NueJx{23F#o*uR5GHT0G%4SNC40!YYb}r$_7*2~%J0XV5Hm&%a8PdogfV@&q41t;E(6YH{Yw@Ff-kTeCNJ^fZIxECY3`Sbd|a-*pjczOc8 z)ci4_Srs=I&A1D-GyHk!--pf7qK5`fB<-ltz$g2Bb{I7SOB_=x*m2n((6a#RR&aA7(!6&tbBw z4I^#S8dj<0cYDm@TI+>C&;l4TAJblXsdNnD8#{UiN^ABdZL9de*jlpbG(C*HiJSoH?>IHZqvtl!d+UOJv`gj5${BMP@$i%T z6$}FgqQ1bq9jj(!rpNte@BH}fYx48+BI8ew&c{ca=hp>#yIEhdRR-pT9rZY(1?kks z3nk~#bKVvWiiud65^cuqr5$0C8wJe03G;}eTaZV26zss!iBBSd>1h?c{ zv<=W{3%HMtmQ(t4G6H{n%{ID`C)Mw!`n-x2@<1sY{esO}wmWmrfUrPEYO|-LG&v(@ zCM7Ar3UahomOOm9kJG?OSH3(b+U8+t+w>Pn*M$K&07aD?fa~&0P36mi>Ex{?GIXU6D%hamLDz~Be` zXnMYEDE)o@N~8oZk5GaA>`jo_bp}dX&1IQ9OM#Hg7+v5oUtp7YXL^r;-15aTLQ=+J z9G~Xu)d0QGY|>>leAsa2o}hn@QST1FJp~V08>j&fDiu0m3mS6k$wlB(kuS5IG;K1! z+-Ypwi3)*r^QSOZSh`!XT=LhT&pFe*F~P{KR7pzJKhsSPu{X-glJ7!q-FK%ZsNpvg z%;kF!1vjFUPCetT*dfb9y(3ngFuju_#BI?PI<(6wdAE^mQ+|C{gZTCGG6SNA1rT7T zkKEjmal3%XoAO{erZplRRu13#^_B?Vr~C`%ORXkV+<_n}p3*e_FE>nD`MB`*+?AQ_ z*G5;}JA+4aOApuZSz0Itfe>GTv4d=?v_C#pwLt)!`W4yYoY})J9%Jg_emSUw%U7A) zH0S+2NmNN38|4UgPY?1GsRx@)hRfR3h~4zj)Zkw%_z|IDt^QLqC`mLg!lOKJVg|{8 z^@v?PIDA_l`vs>a5UIhw%(~$nXAc57P5QZ2)sbL}2Hy#lGQ?8wn?TsBaC3vkvINdE z+pTR8=%A8R$akA8NWS-OG%<;^E-}}Ss@)YZgJ)G(aZ%w6leXXtge5Zx?tOfT0Q>mg zFPuzB_)$On!lw&;P>rdu;7>dXgh;7Ow$_{*-pC52=lIwZ70K>1L(hS6$;!ZpUI@tt z=KKOzE)co#9Zbxv)LVMybW2tm^Xd$I_kD86H959In#E;{ppAA(&LFYDNB=N#zMixH;x=WK05XrM;E5{PBs z9ud{(WnhA_uTnZ+I-9YJtA9Ek*jg3AXSw01M1Zm;>b#LSj0I{Abo&JG?i~F}2Pd=D zV^XQ|!XdKmnI1JLmU_3Yxgb1{~rfX%RKPtLW^cgRja3!_|%dzg`y zZ+`+n+AdFN)&mN%V8=x;R@PWyx=)x*zLxE@36%KmBD;%-s^e=S-$r|lA?UPr%v3%4 zPlv%~hsSWbnWwzv?V^h>2~HwgUZgkwa>7|CAR_S3V{=)ZzCBqHGIU(dS$Rs84HRtW zFVxX}k5_OG`f`bJmDfCBOBm$-J`Bp@loXwL;qd<1@QfMiS92uKv9^tpa_CQ`75V!9 zdldh=Giye*iaN}`Rt}pjyoa|0y+^hf&xBoTt#>`Ak;8Y9g5J3Ms}UDtYe z1_UNay!c*IAi$gP5A7t$OfqfRQWH=gIn+>PDj#(f0?SR6xokigRgU!8JJx^svTS~g zdrg8zU2~A59zBWx(;0e&n_W*c|0xPgKn(KOERcrlSQ`YOqt1(_p_wvynH&K*?|mTU z_J_$KqEfBXP|u<*y5{P3C-rs3axg&)h+N?&KlYHS<&S$J0{N6mow~fv*#5ou71%I= z3)v_j4cr;As&wI62r_~ABvuoGzP`D@21R&o(Go$zvkXKfo;_!*z{!SQ*G#Xav-K=> zx49H|<_~WZ8ZJ53PquA9jl8qA_Dsnip1YvFNWQTw5Z{4799>915CpTr>4QU2$~G?B zav{Mb9LI_B7GF)4VpVCUiXLDVvDb()wDT`T_Bce7oqxfZTbljtGK{X?mDh~cZ=snG zrZ5TO94La!{ARL{ot_R-9U>tT!H~UT6143hO|D6wa#}u@sFfpQms+hBF_M1L+m3># zV9TRM*AU(}+bM3f9vO>bMuBHWAzd{=0XZU;AbG4Z0FI3Klr94)3hUq3v1bJTnnNgs zNE;*EvCMu&;4`Z+`^@}KCbSOr8iwxv-BBbsyXxhgAG#^XrF&lG`N$AL6u*v4#>kF<=*352Fh8 zUb@>>s?CmK+BM|AZUXzBfwj zQjM7xE1W zvx+LKI(O8hO_OBMKst%me1zI0A_*8!heHyMRBwkIBb2|Jq_9UK3!g2NxeV$ zvV?{UlT-X)zz66eRYg(31w9no=8G^#;9?oYS)xHhvn8!qO2GQxP_Uz{TqK((`_=$$ zu+Nmp3Axx%Mh^N?Vu54%ye8(H(~mU<5!l=Jxl-uaA!&`=aTs6$nUuEo-)oEbf-GbE z+)kJSwT7tu$@h1d{YknDzt(&Nb*lk@_Uja_!+ZaHp=9@8Jy2WpBtFjyQq3P%^&63b za1=-un}7pmF=o;_4K%WB&SiiVX3)F=?X3qoAMb4THNqdG1$LvO<5Vrb5~rb?qssd; z2^P-d?J<5-4arFIk(@yx7kPQ3kZ)b>q)-R5(v5``lvz$pxj0IL+%n$``yT5{XYK2&sW_EUHv#qT~aCi_j6Z0-I~T4 zw6qL71jyQS+1ZJ8P_9QnUFo{llUT>${%OA9c=K0%X)53xN+2ZuPq;k8#AG?TC2AyB zW6{{2?rD9iA1$;hj7L93>fgnS+`*2m-s510vyS& zbVs^r0v+IJE2vjC(Cc_!nEIiD1p+J}OsO$Mn2{5VOHZu5%x%L{M)G)_vk9&{MGT7! z{5=rC+1sbPubkB&1?jG>_#~QlPMDVZdIH8-VI#y!a)neyQl*kDV0oXM=`&fH)nDpc zUy6#uIC*uR9&wdry?Gjk`oZTXMiXc(^4DGsuyx#8RrODH5HU*bP?bA>tn+Z-bCTXH zku{t#=W>?7WzMMQ-O@e_1o-A!414ZetQh7e(NWdcL%x$r7hKJ|FWy@a=ys->pN<>1 zIT;#k(?Fi_nm64roB52IQ!2M}TQ%_;xM12+8-lGz=ksJ2!GQixnUvZn+-&j6`dB@V zY=N*EM}ZbhbU)BR$>GBtQJyPF`=-L-ClI}`{B=ZVnqDnv_^moUUlZMg5;toQLjsaA z=q(ZwK@k~@1qSFX3o2(|y!eib^Z{hhagi`T4}f3-ODk^w(`~#`xeALmV^q0XQr37~ zWf3qfT|+T+$DtXZsRUcqR-ievUfV$>$uq0bCvA0t!(3;AKlP`z-P?vpqI7JZOkpE) z+|eAgt9l{yQBu}_#;d~TLdJfzBuLL2`P>CHs=6lU*i+f?$SvzmYM;y>rf+nk(gGV( z0vF||c`-5krrTRj^yW}ZBu2PBarZWh}vO%OB2?^6qb}f#_ z+n?^FGkwD!hn8EqRzk#{YH@X&N3WRam=0Z9j9U0NP$>%I43*ZCTZ?=h)8I!m+XM+?#eA`+M3-`PUOa7-i{T z!}#4RN~NDaJ1fu(2>Dtikq!6-wHaUb^e!1k8cpEoJTWS9U=Ml8+HH?fz*==!n!n!6 zfy{@4MMYIi&KIlB=YV9*r4cqv7_7bsp==O5>vUAE8avA8g@#YuAznY2){Z6vW10*# zE}?_k8r1ed9$vW9KOUa_?ctp2Y5#b*vOG@Ozdf8vP1Nbz!}wZuRPpiATiS? z>*&K2GbCzhFA8&e_#w|RX3LjN!-V5CevCgeO{Ph2oly8vIyWiMm#G5$BGNLuf1INS zXL`onP9@wl3sPv4(w(@Fy4b_H)QeI+1>0t;s19xl`>?*anRi%35cl5;rS%#kC20LdU5!gCW+6{!-RF!wY;8G~k z6mnkM=P_b=GY2JcU9mJkXLP=s1_`ytfj3i~?qE6(PNz$e6o^o4b&C;{8&cKHC8(LL zUb(G5M3m!gX0pc9<1YenBc)1+7Fx<86>Ql0`B22|dGIiJJ1=kv=3aJuOZYVH{rtp6 zj7MIv;L-&D)^vOjlt3E0-p(6LmJUS5fY+^|s|PVKI6P@&J!Q{pBDj96@XC@ZE%6m1 zm}1jCP-~|r&2ix$RPqYZa$o_G_~2Q5G{hu{ zc*Z{*Zk>MnwsP&H@lst%joeH_%K4Yq<=euu{-=e<`a}|cje_NbW*3_Jtypl$bA!b& zzRSCFJD-RBkSf!0F-JFlJFY&s81aT69Z~_XqM#$W5VK>wU42m4Zf2kbFW zE|A`S1f-JBwx4qy9}^^=v?wo$Fh~SmNP>&Rrzm0^Kcc8em{xSt0O}VS7_x=f9aX2- z5Lc}FetGUB^VmtER$Nf`4oKJXT5`w3KmOno1JM$+4(qOw&v8GwNP zBVgY5NqXL(^ebpYH7(Tt7U*kIs?%Yfg>t%qR1awj$>6gdQ@jth>vk;zdg;xa=N9WxTbz z?NK5uFd#3soTD!sM9n`3u|DbR#>G1(sOyJygsL8Kb8Z{XOOc!6@9gT~WFNurQL!MK zZBFi8EgpI$AD2P*DNUiH@R3oDAmy0!Q20wUV4)F@5MIoJtrq{pGyb6dz#rubc-rdc z9|)dO4xJ17lkzPmRqHE_I^<@)6+!CYfa4%|=GU!O6e9$>U~P;Sqr?5+xxW{IF5VLy zP4M%Wgb%;VUy*vT7^&MK(VV@P3f}ZF(Plij5HVpyBpm?u$|r)+Wz(mxT`GCA*TOP! z;y2^2$_A1&xAKtt{DpZ4^MIXAZp+!~?{P(nA$kt6X& zV51~>nYwjp?6v!aw@ZXNx zj0_Otvd8Jbl{5MJ-)A!9X4_7Wi}P?9do0 zBr>^UCu-}o>^PIGRhl?~Yw&?6qc+?vJx*h=#+-qQP)f8u(D~9hl+bz~oazD~Pn709 z<%O(7+K{o}gr^u%-x%JDL4pW>67Y@T z3{s@K*Nz+}SbYsWDToxqDZZ28_CI9y&agokFjf6SCAjN*^nlgTV0V(_M3D?8a^+1d zfi>pCn)^_3k3H2=`&s`kKhtKzld=>>p`A#Y3c^bq1h>MXGo(OGF_lv)pkmZQN9XPa zrxA-s$pK-RejZfWg0Au~mWgpwV#-`q-oUKKatd}b4vM(4*Hpd~G5Yl;{C)eD2;bYek^hY=^rgiS%gNa(2a~dYYNPReARth_qH3cJ9lDqN^=*Q&+ zf&lD<(Cpe{FLOLsJr`IO4Wa<-2B?45wIJx8Xwca-8TD$TqC(e8b7?`joMrzHwL2Akqw*86F2zO+FRFN7zMLdfHHIhypYLjZtSR>^qyHGb%P5ff}PdG9u-=yOnV6qWaF7 ze;@Za{yk4$dKnY%4mvC8mmgQbbu(_ zZw{RFlU&L`xZ8s9ESa09Zi+XP8QPL<#P@kmfi^=i+$$zm`iZQ_lBS_|DHS}nhx6(L zRVA$MQ`}R=9aA0yyQ*s->xHi{O;#o|kQD^&*&Lyx@k3l!?4&x5 zu{rT>$1kADuY>D$S|x5P70-^|z4=RXDj>nH=Y}TeTniTCbh48{jz9A19pIhBDECBR zNV)Ov{T^cM*>xSu$kAJZHIJ|fZsD+RhQ0GlO@{7J7Db!rmOl^d)5pt6)2rG0siK2f z@EDdgmQCyfQaO6jbK*5;=A#zq+fuY@Jj2;i}Dv$P?%b+T(qAi;pxg^<=e%o z_(m18=)*Iuy~Gx~zR`hF{S$iyj;E);6XHV0xte!ww;=jP(3P)xudbt`Q}E|JkMuGq zx0M4S(VxAP+Q1Ilv@rB7c&{;Mao*fb;H)dmNKew*f&osJ;566Q`VA@Vqxo1ZcJ)GP zu9(czaSs{5Q9^O0NO*nre1dxs`FVa!`sh3d`-4DnX2U5P5;>jPaw5*Bjkjj`B9C0m zxw3bt+Dx0_)i3?G?;aO%B{3`XtZs!G+c;{HzR~(??$_uREU!I87_Z(3FTHIqO7%Kk zI2R*utUy3%;SddOC(%p0S+53^5YPQ9K{w5C_+1-T>~qO1UEB;j4coKHOWuZ*U&tSZM5(FjW~N(3CIyC%&oV{j-2fts?B&z_vM=sp zTThe_jy{Q_wHab7tJ|ytnZJMMFdUi2?nMpk$(Ns;tsiB#5{Fg z(*iIakA$os8r2&75t~)U9xJS}=?;*{Tx8Vh{(zx=y|%Ksn#ZlY%X zPyZIWZ~T1E>jL|`ZSVGvfBW0r$gE$DcNutm`!@r-n~cgYVKO%z&a_|4Y*XqTO1rlj zMXJ9v*^Vfd2QBVB89u19s<2%pTcKpvGn0?)R5f4El)A%bW(v@E;NsP))$_>`t9-Gm z9LP;~a?}S4ZAJaBAEy-2#FRRZ3oOeRXc97lZ1xp=s>TJ{YIV9#k3CMi-Y;{`&ucZ_2*p$$!CjIb!*b zZ}>LjIJ*89e5;lz;kFqM3_v_I^|y&i2g*;FpW=fLHRLDmDR|s>{g&qXhVSSq#mE1I z?_d87zJFTgR{RHi$NU$3gDA8p{6FB^;#JJZ6MvNTyTC0&^k3-B@QvQZ%%oHW?Ej#* z;zPwTm$-$snNkyKst?=Jfionzxeo`_EFwH5ywZJup#iTm70_2KkcH@)5&MhnaPk^W z*2oJ~Ij=eXVmV{+8tJhsR8hNd%3&mRqT+`@bFO$X%kD}nrQFABUv-K|228&VjXRjB zqq*&34}Iba&;kn!ncr-PPw$En;1sNH3wSWbZ&P-ot*6#1oVwVIBTC*HX5tFePbL~~ zCC&yEb2~h}CpDm>xH6YEGbQ$7$u{g%^r{jd^C*wIA(g z+}jOvIwd@EHyw1@Q-nOb;hy<@e^FsPHTWOH9d~vv`ke5XCD}w+xd$R@K)T&ueA~ef z*CmWu`g0lOu%lBJur~d~O^-S#)zl<8KZ(<#iz+x0Us)dx=6k3uOOtGled6GIeLb50v}pEVSJ&UIGSNg2xq8z5Gij%-U=B@$g(1ETV{)1 zSYC;U^6VO&3WOz(7v-;Twgw>MrgC9;rLTJC$RDtmL1$IH)H9klwcvuNAmHU}R767h z{mQP|;PlX0sfcYFycxc)tF0e6RKL%;4^^GUi{_6<7(>Tqd@+Cqc3}G5^?@L5`-Rw{ ztd}b|Y>7b`ixpp^*GjCQmctdEM?8jt;_u87g*i}tjul250puUiE@GZ<+gDMCzvmjd zKK}etnGx>2#(Kr3O>pctg1P7|MMpInb)e6S7Og-$jvXl^(7+e3f0O$ztj#OIH0O@$ z6yTVCrj0fupX;#SXykI`3vpz%CHEgO<04=@LXj=um(SmMV?d;Z^6x`g)PaLEJaM~= z$SAHr$NGVA6v+ZnvvB9O?h!WJ%}J-6@uAr)>CI0YOW0|rDvezrleMVed-q8vNhCSM zz2kb${k;2B#4b60!P9U~;DFZ$CKIidd#vt~~MkP6e?XuO}+w+M~S*_#H{!1W7-zwto3g4e<` zL5N2`$X0ymyTu)l{{G>_*Wv&*vw=vW_M1LgV3#0Ji@+)NV}{ebf2ec5LAwWDJjz(m#X+)cODg~M z=W!Clns|O1`j9H3!x}eO@1CH+*Rqu@#yr>EWm}P1b>cgX*u!FQTkIIV4TCNf9jCAEL4(v6`r%QGhy1Jg!Xd+om1=k;!TS;jm*A(yRn{y)X`C?4C z`j*wMpl33nWF)t1S^0nD6;JlWMp1jVOy4@$*GASg(aGcO(VulLhBWoY#817mBIp1T zL=$`vx7I#}5xY;>jm6;~^QWFUwY5#8DPltEhZ$s#tj;v$ayvv)gO2Cm`gZvFXjT-% zqc~Oi!xG$>rd~l_RpA6cFA(Zqyf377pFvdYWX#;qupmj>c8Y_<0K9#c50m( z(R!NTa3zNt2JH)ycaEjnIs3UWy0&_rM-b6-mCW0w-GyVVughL7uaIgvg zga(SP&qkMYhjBP14C1f!f;Okx3xDY-56n<)hKv=!p4d83!k%@&)C5DmWD60PD)afC zAuoTb9z;gS8xrP76Z;6(oq2aCfqMU=fv&dki>wa?u;U4IEu<~kvf%6ES@H#o!){o+ zML>oPCSYRNw2?;6!gP(;M=I$TV>*Ln*V}VQ6+onpn+X-BgQ>A}Ej_aHoFk&Z`P`>n+MqA75@xhu)qt16^@#vF0qTBUJ0!Z;caB99$kcQDne4(NSBT@ zNcO~)4$oa@+jv}DM6+X&rqT$y>16%!zHG?2=Fujt8Z~_IY85cxG^7!fJOyAv&Fayh zchB%gf9AC{52rnl1t}ZBw5rQa-ET{IH%v9_wB%aFO_Svc%U36FXcnGuhmp`su22K& z4}Ql0g65WW$BxD_SG$SOiiAm?bSv1AVUDR5?3_+LtY`wt|H);;x~x9FJ{}Q0Wb1}1bzsdZ}SF{&*o<>kIjw&^aA;ZkNjia1qLMl zr+K@D3ky>GpcKH1HB{3dtZ4B@rOj90?8S>{ED#rH&D#7m&p37a7d;YZ#OsyW=(nGs z$op>)HlUFbxfkM(cxkCv0!&vIR}h!dK4g zp*VQ=_tEq*r1$7lk3w}9mHZgGS@e}4A6dr+yCNwfQA4Lb7-!%^Cj#=6H1#&wd5BM> zQu#9eXpJgGme4a_3*Qq5(uJ1dl*sI_iF~I~&cBm;$%@2-f0LZYmL+%DSXj(n>$8+h z=Qg0i?!bhknqIDATqZ^qMAQ?lzl`V5D@+i=NlD+(^l-?CAl^Os8}^@%WpkV8xei^ zV-7S0BFOga%CjT(V-IM73P0Mx(xs{84$1(hb#R=7C+RFcOnX~KvAEAH@@SOC&o2#s zx@vL1O~*K7qrT&92@d z5LGAb(Xo0v2dd!K(kWWhU~yqA4yD}?(r!t#%iEvJ7sZiYY6{!|RSlZ?<8Qj-{c1nB zTzu(JIM4}|E4VA|NV7uI3_xMrdoL)zqbC&?Jehqp$^;vttEeb?+hLnFGn%; zW*?|@)_}B>PO3B{c{M&&7`;Leug*6kb-uJaoqFmgb^9(9+3tr>pj6QOYX$rITx<4{ z8hi(cIKiHyl`p14ag(_0rVB_dzw}WE1eQTn@Z6PVHD|5h;HOnaZ>pG}g+Xhmr+i=B z5VN#FYr3R1-fv~Pj-%CHKLg<HhPHg=O zkU73qi$ER>yB-*rl4rSp?D(LdlV{kMVd~ezg_+kAf!Wg&;W!Rl65Pb9*`ni}xA3y< zp`m$27o51&J-EfX@P0$2@9hzJ+%P7N{3}Y_LIWLlQuZl{k(K~h(R2ykW24W z?xB4BH&(k90{RsWb3CD!bNTUbPZq}cz#0OOz-Jrg%Gt99m<$*NKo-gb$tA&jWn>!; zeaAZUwV7@~+Gh?9FB}95{tK(aFI@^l1oQRP=6*-(2SzP0Qet?7@O32X7Pdf`*28+i zGE(mH{@bdT4!1l-IJI!)I)$PE_=~4qUGDrH3J60;_saiT-u}O^I$-lZu=-x|AFPf+ z{RgWVeopeA23V{d@yr86R9CD=Ei4_@@0IQ%!;~9hE?!m2CG$(878mQgzsXvg=wD=A z3i`junoT%OxxD)f@rh}Y!$sb&1$VpZWtMehUh6HTkhxr7`#2Y|96pQGGBBZ3qf&F9 zh&q{Y!>0S7>oc!gFK{kMZ}CE;;vDl+-3E{BIV-Uz_N&o$su%9pwa7{XbaW(`L!un^Nzc3AXmn>ir@!PQI3x}>K(w8A6$h9m4d01>d*b--5}q` zLy(pqrpVP_*D?5vF*ELO*fY)|Q}gAQQd~(%f%#W|z@a_!!WX4mW5|rr%a84GyFJz6 za^UrN$Nrm|j}M6mAXhUb86a6}L&8-&J6!b{ZBi1G!Ads9-N(C^8sWgj=7E7>8P z52;o|ltAAOD&$T%A$eQ6oJ$QhClIIlK}8NN)vApekO)lr0*KbIFbkz>p~{FABj^hq8Wdn+H+=n zlILCMUx$< z*uL$C#gAC-`2_{43UO!A~q>n6zo;2|a~!XKccH7Ztbw3b0vmi&9tztdJV=?MUGz?2w1NP|NZ* zfYy*bG`u|a-GEs{U?*mQd7YMse6hO*J;3g>O)Tcm9g*8&{!Nh=hwvn#g0g zRZjc*E3L_dK<5J;9tS$q^RtOHD{|%>mh2&jx40Zaf3()RyJoediQ^4$1#UIeBwA$t z`2>6k6{8YfO(6doMr2a~u**oA{?@UVqZ8~fczKfKbm$iCfhRp=0v(#;-EEi#v)y5m z1>O2L$+qfDPeH-j+=GpJEy&z_=z(%KNp&dtKoKy+xcw6kno=x$$gl71>gHIZE+kSq zQ}h(f%{pwOucVg0XOHhHbS8W20m;C^Ds1RIK&Kaz12RkfGe*21woW&QnOXB337;XbB>jnwEZ*!B_tNXl|QSX@?Ag%$}Y#{$F* zU|-gyu@LQe@d+VYA=aPM<5YTbMX@uedcq`i1lzx$59>yEup>d^dYQyk{hb4$ez~_R zD&!B}0nnyx$btIo^hspXJ11Fd3+$mboX!>~>m!n766vl>rob&>d;n)YBwO>21!@$- z2Se%1N2K*+Wx6kM5c<7MIBD2N%5GZYCMN0D z>Gc|yM&XbM=9kr~#C|E~dHOn;76}oTOQ(U%K}jwU(V&jbXUjEuE(1g$4notHh(2v4 zzbJ#V77b*H!gKvefH1xnsS9hP;*W$ci~7uN8_N;?CWIGB_9^Ir_}73l=c!|~l#P4m zqTGI_{Ey1+Ik?WfVfXloZQHhO+qP|^u^QV+W7}$@25oHHRvR}ttKIv3-e*7Oyl2iy zX0m27S@)kSGxz8By>1!<@bw?XAY~8Yab+M6eSmYU^W_FUN;P{oACsJ3qAoOV(^s_i zjHm`5N|tN*;FOqP-$_S5Q^!$!4M3TEn8L?bHxfBEVP2(atb2#`lK?THwUW3yk##?L zjJ5W>-F$1B?Ob^c4+DbXT6Hk!Qb6r8HF+L&}(Mk_C#^lrWgbB=fEQtMx!M}dVX$L z<&0eko%~n_NecnXp^ju1aYhJr+AZZ8WuHfpKfP@eY~$5BK!G!#5)nq2jnDXcpwZUNa}h(S1vTrsG2-b z2crVeYviv>g-P&nD2L(q!r=RUVH=0UNrNlucjkH1`AKB!mAIR!C7F1qS%xcuJ{_n3 z^x?GO3bEXQH3;XYm2wu>GuNI|+8Bfwk4G-35w_p6M^!X#D=7M=HAnfn&;lbkzZas8 z8tkz5)74H^ok8Y^k=9sPO-5jWY#9bUsK*zQ*G1l%Q`got1})q=^W# zN!Po#u3h6|dEjP9j!OzWtC^qO1DP^r6AWZzIulVDk>^{BTm>Z5x#S6H*9Qv`VX z75QHx46sZ$K-izEv;?ab#5Ai{E7b*0Q{}qc2-@kArK*&67wWf<ai=x1l|!mAy-F*f)rloy(0U4fRJ4`Et_2An!;%mUt7BY%yv~cW0a* zY-k88LDn!$?kjUIUY|-`#aIN9b=-nUcPtu?N(1bqA5(#ybiwGOgQcBfDzkF{6if^0 z#|&S_8Zp=5(E*krqOjfcB{V&q76pHf}~N|)$SPf zs!@r_c1I&Nwy?{O>yTv)rkgk>tkyw1_)WnGmw=T|H0{goX(JxU4KWEpR1^|U<;{GR zXB4VBqS6;4x4It@!%}+As#K>hws@a!)Rv~>_*?l}W{`E%9l*RWUv%W*qYvOJ<+v_<{s?u1azzeay>*KHrC1Vz3>sJ~AtDwJ=yny9P z5eQAdqfb8XwJun)cGeCx>0X#Ai^Z$$;hZK@oo~WuPLoLz=j_hq{!);xGioY=Tq^yJ zTO(1rV4j%~1~lO#Yu^!hq-z_jw*h*Dw(f9`=>eH1Uvu244oow>CSMwOPdu%tBgf#% zZUKi81uWD%I>$EaZRO2DNauzm@r#I<*lXkmJ#9Zo!dO$|Cb07avZ+O>_iCoN7uyy7 zH3cm1U3}>jQi zgjP;+O$Uz%&Kz6NyBPP)#1v9k9Ahx~2au7kIpIhr>nDUpt+Y37KQ;(_PI!&->xxw8 z>A~N`S(AhHoTzbNe*yZ>T*awEBzp~hNe{mwus=k^;uv?ir-2yLKYFEeK8f@9FR^7d zqk(S;>D-C{n!L^r1tKg`9%VWw7ois*$Ha-Q*F-?N^`a=tUP?gNC|F9gR7cljplzBJ z)>_(0VfKB@6+lr_OuioFvEyD_<3&y0CfMH>IsPhO(@0KaW_P3(1HrYRNO{JwqDlwyR4ATY4N zbc}KtfYJK_^QW^3k@Wofl)#}=S58UAfd!cwhOVJd$clf$R8TGq0x8%-gJ zX7A6$>?DaHzQw!#7}AOo($K8;|It?tRs#FVAms(wG(n+s5&3|(X29}HNF(KdkHyo3 zK0A+Pk>e`=P|=^tlJV9*>oa~rxhni`bL!A9ZT^E!C82-NDMb{BPVOBHuSx<%2y(B#+6(hH1*qBW|?iyu@x|C6A+kFD8LjyF0S zd~)S7pILI7eb`jEB_E~|8>5_gAwp0gwjzD3MWEq1%kE9NvBgGmjMmu=YWrxNnG-a9 zu6YF#%4;*M&#U)DTUUB5s^_8jb*$u)vOw`qwB+fE{^d}+cO@o$SBpN^gI97csi`Y| z?n_&^0ScDJI@-dC)DGDPn2x;a#S}NOUgR*4fr&%H?(Fe^Q`VGTh15!8_5#m1#H5N$ zAFHK_%Zx{Te-0uC;QZ3V+FW5_vmwkt6ks92b3mSK zfTMK&I+p3M-DmR-I>_5@Ojsz^CGt0Ylj1z7dLE@DBFu5$H$52#2r$iVGKB8s%%qiSFhV__2MP4f5bxc& z^=FLN4s^tH2~#_&2W}>L=^H{mPrU-4en;jieu>T^R_Poe5~JoG-U@2t+5nSMh%G1) ze2sl0jRsBFD_uX9;V4H!MLJ*NuOeDw3quKx;T{!*8!c089L^do){*nd`5pWMQWW|s;H9pR~YevAVF~c z=c?4wK_R<{7ej9=X)Y<(O%8lC)Qj1m&WR27G|tg3IL1oE*B<8EGiMLQjx8Ex5jQ5l zK0HE1pqEj=YuQ&9@9Xex5QYzJ2C7~c1?wq$>|>@Kv*0@Fnk?I9W8??h$)HXM1+-HV zpA3iWKgTxmWvrWOIk}~T3=p*>wXWMiR}Pi%ls}YS1g!${Vmd7!OC3V;4=#S+xWys& zbW>;?Vq8Bh(sqet;yvaVlG5y8pqd#;Yo&R{C)cP(Ndy5D4H>K(1?}U=+0C7kVbA09 z)0Qz@S9rwT@RK-9EU#um)E_bXV7%Rw5-^Ym8kWvaTfGPwR<@df>?&o*asEutW zh;VmN>+)?}z*26ecR7G{_MJcb0$k6mlj=2}m!0Or;3}X>SfMhj+a?icRB>gYd9COA+u!u9s9bcJm&lmQJ zVK(XUk1%#FAWFBR8ImNR!&nLE10dQ_IySv6gv(^`lj)2q`DatjoYF#iM=6Ur(Gj;a zo)&JM1Cw3?m0zN@jboAUl^w)-O&63(_-Qtpy;Wcls1lpKOEyP0{5?Dhb7R8-jKaDO zu#z1KCQsW~9MG(#bi<`7t>;-b=h~$4DDiN?7nEbgLm;qJkd@O7I6mH+LHMCD-ougv zvLQ6hWpcu4yZwpPMq=uf0Uz#sN8_BGI&CJws}%%#_mU8%pEj*CW^cJVV^AFw_+BLo zn_#Zt{ZJXr9B8LJAHEP?HU;`cxMfK^#%?hoe3M*7K`l=-r3ATvbYmSBgt8+|T6m+A zmHQcMJ8j!H@tq&uN{jEXKBC(wE1{DZM{vYkbpH$VfJH3N6VxBz#C{QeRP;knGU3X} ztl5=WrB2zkkC+;VFH{^O0#)a}IWZBH$gzOP{_>1CKhe%gj%vzBJoT71Q#TFqSKb>P z_>a8T#4i{RcQPRv{`~8T_JwEJw`us-L7mJ<@JH|aSP-aJy*ko{o3(B6(T6VR>If^> zhjhyBv2h;Td_6u@zC_il#G4bJ%!9Ra@I8OMwawBB7xov(Zj0AdYSfN?u#nhfeQ8?- zvP==v?-vvQAHXTS{14!Sk1aUn(tG|t11HZ1&VG|FQwGto!>X*0lST~a`SNp+?{oha z_qyjru}B`UL{%SkNu(|lzTz`a+!p%exQ-J+fVQQu!5829>{U`tV2 zAdo zHO;0QrJu$56tTo0(s28Pg?mm<3U^gLaxc6|fr9wO7Pe`58)eu-5Zl{;cW!RN(#Kb5 zy1^(lo^!-CsmHgIxw2Bh54^Aqelv7>+o1R9Tj@gt4z^unhWkOoK7@))-mjl%;M=~4 z)y!%9_~enx(!=h14e3WVw?d`DK4$*>YR#iW;`io?0oTxxxCN?xgOw_$oFura}&#!HR9|brm(+pGq?br{jdlGP{1E-uTCOP zR2>Aei_v><%Xw%Y1LOZPxPdkJYooopo9SljePJ8sBESWVy8i-mq+y^>%jtzuSG>6+ zSOfD0Lt3c=VdFn>lT`A5!%Z6G|G-Uuo04OtAO(K&bc4b3uh^rowwIcj} zt!moBk4x0)p<6;k5LDZ^{{wD5cGs>FuVgb&kAu4GR6T+K)cUL~4A+F3;`h@5&X|?J z17%+1lIf%I(>j)*M)`sQ7H&&UrDQPwR`LE2`&02c<4g?2fgo(n*9wq3=IQ`#vwa7o zJyavtV3Sx&Es_-Pwj0WhQsr9S=u|~)Mdza+@Bu^Qe$PA;6GiEa3D^pA5N6~N1^pDQ zWx{q@TfB+In$_wP#m}EsiMrIkwbY+b6dwU=T;irlzUJ#vbl4j|3xlRs)prF21m9l! zqj}>WoT6|1{ctJ&%6EBx=eySN8pV;l`s7kPhNW!7ISgpEnl%$#m(%H#E`h~z>!9=G znKU&grVJ=|sf;8ORhsST%!g0w)(kW?v%vj#8_Bb1*3vXQ&W;es ztKzMdXyeszGTXItzQ!w6ie<6p`=Fc!)5|2QshgVJWEzqz&kl$<`<8R{QXjH&B7zJN zp+xPkGX9K;VzXTU=EpNsbJlQyq)1JQ$y>vp!dhK7IVfIyp~(GgFNN+jPTE3i8!zc% zQys{h`^4UR&+lnAZC__0SG7e_oamM@mdV=DEl|`;CId6`QR|ML_;3)UR&CL8P%~}( zC2DNL6Z?H%U29zo|2yIhS^j|&W^9csD{%m$zQ$M65qdkZ-JSVowOLuet+$)P+U?pP zjD$K4au<5VSTF=0mvKyeYYi~BZ_AmY>2fW~vl(nxR}mAW8dvXXMoU#!vPXN((nH|r zGP=lb8^};YS5e3&g1gz0HmPZlszFN;^}aOIQ?bGlN zljTKZ6+yz<^qq_Tmuv3*muss0<(j%163o_rx#sY1*EIhx*W`B#m;Mje-1@({CiycY z%5T@~2D;`7&^12?&RP7sYu^8MO$nfD;s9N9G%C7VRUiDHt|{mJ+clT=Y3zQxro63c zM^u!uNGi}ZRe!rCZsh)Y_hChUkgF5WHFJTk`8J$-^?|fpz1FtN99N@}mM=|APYz61 z-%&(P0jqKo*`Z*>+1uJ}oSvyPIky6;=hSnR=&qVgu3ahO74W`1p4E?h_0Tr-->} z2`&X158}{x_NP#A)ecU;BkA9EK&);L<8u{mg5OMuQ@+PJg<+3mF(ysHwj&&dA;EMSueN$6 zsB5S!c;FSSW@r8${4yh*I0r6^OQ^~GXh}-fUBvo@$iu=$6^0-R&)1+hE1_EaUNh(; zmMK$uTK%RhG)TV;1>xO&v+;~Oe2ATG_nw?8$#MLG|3jpuFvZ;A8eSvD!w%nk=++Fc zL5nA9vIaBV*Z((Y?ug8hBGk{KMrRoB2^GmU5gFwqi3m}Y`d?I~V(z8q^Yt~B$2v)T z1K)T_DK^8RpOyTY9f^Gln`s!p+`qwYO#x}jS4AC_R=G>88BctI)XG^fMK{!bB10a| zDmSQ1t>L|StbOB}DgHz{&ZvhZf%ALAU_eIK;hqe>vxA6)e>fb}^W~Gs>jIs_`)8`QUQr7lW*F*m|IK z_KA`JvNM8!);SKe&X3L9Pys?`#~o+g9N?pFQ9gBQ;Y}aKGNr!x1T;E$&yWb@;4>_I zmviDv9YT>T&Z|`LS@Fs( zYSDTQMF{PGZ@4W#|o&8}!qHb*K~E?+&ud z%DKB_=v3Os&m_X}l!~ioo+|g&`PenI_B&6`q>C*MABmBV`IgUk zaNv3g12Ynmj5qFT78FhMI1gz-(gXh}hQr-O$U!T)v<2M=!E_c*{DG&s!~ZaTf|#$Z zCr`KiXxjA#Z3(jlo=bP-RqHjrq?rxrT?1|@RK`ro21hbM|?66!yo8 zb{H`iJAnF$k?dQ8y}PY6YFRgDSW43>%Se)=-rNwR2ouJ{e(L8&h7k&N$I#}ALLMlm!{p`3uP<`; zWJ9T+RoX52c4Z&RiyPT6UM3hrie^urBRCI3F-!UGRM3WqBVT5to5 zV85?X+bG@{;>J)aSD#)lR%lnE6F@K`Kk5pnWLvo8RIeY=fLsM;ElTt$3ef_NK=OKB zS0LBHz-k81zAY1^(6n{-G!Puk{GNoK20i-Ju^|cUjb%ctpg-xOnv=_zMhY}@k!R8x zs~t{Kf`fH6l;V)*Sslau;zac5-TCxGwa)e+93mQPchd})?g$ze3qOh)z(t;jY4796 z6O$?r<#w53YM1ChzO0H@Bs5mjbq_xC<~>3tyd=}R}TU7dbj3(+x_Qv)^x1e$Ct$b(BwoBEuZH zWo&QPhe74rdQX>=PVT?(DG!7$+5&+y3QgSwHkY$Vw)d3Vf>uEmk~sFZ3jdLYh(H@U zFG&C%ahGD;gBaZqH+qtB6c^TI2cyHWK8stWHicaBN3pR*2onVC&R1q1OKd9h$BPjF zn!P-&bJ5tvSA!M0S$(o+21SX;9g-XjU)X&Y>u z19it(b>T|%Tvcyqd1q6o{v&`JnyA_YnM46@3E0li!M;0ABrnV`VNYF7K#R)8Xs48= z2om*>5@j?QJ2{5AGN)Rfoe4%lEvq%V3Z#~jRybJYN$HxR<$aB zblQxtBVHFR<^=VEuW}~+Gdj*K><;B8!75V52?Q>})wGEeX(|ioNLDA;`r zVN{~F*`+>WQ37_a(9vJFEdvh4p}|JH5{2lZy(`~ zP-LfNI$E~-(d%ly=b*CHqO3yTMSFFvcYWjFItgGEV&AeK74kY^8K@RJdcE+AW5MkR)-yxvgjneD2**Dbt5X5@M|r7|SQ$JERzkfWfPH&fY$X7&ku73Ej66 z*j9r&5@=2&eLK#M_gyxyNA=f$@5D~(wGB)wEZpt=@Za8IJbmIoBRQbk)^Hu7J7!w! zLitGr7}gl|vQTBjo5zCp?rgKdsWJDJzu(pOE34}&M99c2Z=LzXQ+kcx06ux{FpWFW-1J4wd0GuTh>Wm2|pwAB;oqzM%!qbKSw9^K)8Bb%L-M>mNs zWQ&8xa8&@?P`cL}pRdiI2I$(L)wOnln^mrPQ!XjXi6t*++F3W3Q)2f@A0eDj7bS{t zpsBwAOn1`;BHd5jjp}vNynUZ96?@#1n3S|sXpAvQ14wcD`f9mS!NUWBwmn#i(0GcC zY68ej-ypO7#D?IR4Y~#a%$Toyayj~>`P*kWBP%c=SD(b6hyg2nj(3EEO)@`9^eybd zY(pK2kRBcC!#5a&(bzuB8fPV=&C(I=U+jmptdu#>>Lo-;g}90oVD?Cn}x@*0diLnx1*U?}AU9CW#A0$PVTUE!6}CAAKIjWT;GMig&`Qjs#~R zrT=c;1UC$wyX?y5 zem8Fv13Oro%ZKffip3vUnfluoq}r}f@*e-hy<;5Yz`a+Uj?pw^tY&)tgfDxoP@f*z zjEJ1yh?cpCWF>QvLJ4$0o+DweVj}wm)3%`J_*7iXtDtl$XZLxdrJIQ zj_Z(`CK>%SA#y)lC_WY1lh&_iN!5#w%NxdLG)v9YP?vmY4#e7G{1(t z1JCVKe`*pEB<~>lJqZgPpKQYqrh4ZFo7D)0Aa74>EO7C>Dp>8&4%RxGyG6t*>w^EdOYW-DJ&{60n1Z{S{3a@slN-V=raG`g1f__@1mR4kbzLy?hZ&Y;c$hSJy z#-e9IX@=gA30eU0=t7_>~ zf(3HQr+0dQXNz&{M`uHw05&Xz_^jL7N|OQw;%%G6-9dm21OtrL6n zw?;#jm2G}p3YAImX&-dfyrgdh#Tzr5Z|#0&PbNR?odUgL7escWv-sH~0wl-wbD6V1 z`4lmC{2l+Ekfpxd!4DY=h%T>Ymz%oX7C%Q%QR1n3Q~Q+baeN|yt3>9c9M49`kNam# zR*&!qwJZSs$bM5EF@ENq&77VzS24Iiy#K+3P!}1rIIi+DHsbK~%^?<-f)*V!4E}hr z24Rol)Sk^51@6mfhqA-H(+cfR5T(Tx)shl`(ldtIM{6}IkNK^h-k9V^ejDuTZV$rO z>lamg3X6Nfji2oiMkzR%7?{XZvj1F^?cXwG`LicmH~!V>&z>x`!9Vt7_XPjilNHxO z!3GCz_QMF@3du(lgFw}<5P9?NkIybQIR+N@D%RVGnGL-S{}NPa%N&gXh~@}mG8P3S zssybw6q~{HElAxIK7I@g(Lg6nN{#Y~>WH`g~uY>E7`P zZ!4w_zt&Y~+6?TxG7b{wQ$Admxgo}|-aLk=%cp1H=KI#|-<$6QC}gh1Q8F^&MDV(~ zMOZZ$!YQHhnczbWG_YaKQBs-0+m8~y24CFuU^!4oC=cXN6X&K9OGD{CBc0Qg zD2)q&nbojC#^EQ%v=?1!t;k_iXe8m%Gqczx7E`E+aW``23L`i2T zD9+wamy!a?2))Awpyl)Y^n=z?4l$^nZ)wBS&dIGjWB}ujYcf}c7yrvOlm2$ioxfev zzv&Ik^8%*F*sY z`|X-3(f^Zck}gQvx2*d|q>@L-y%HP%U2~mltNaaA!lhpCXX{bUXSLm%rEyuBiN9Pk zMHc9qT>o;-Oo897srSb|zrV{=3Otiy|4B(KPUDo3T9H4r@+pgDhLiYrg={jMi3 zxqwH4MrfRfO#hxKZi6qMQC`Fz{+6ro;S9#T9U5(T%nBM3>e-|-UDbZRQ8o1f3Vyr6 za+mVV$RO4I8(VVt>(_E0)Y>}Jph)PSKiWV=@dgQfCxE%;48j7_JZ`uDXks*66UD0I z?Vw7QCGaV{#?&hNzx?t%38w~g=GZ^mukV4DER-2LzW|qt4OK#k)w*=`d3DC}vxeg- zcCmLlke3~s_;v9MoJ|v95pt3uj}S&#I-;!X=L^X*StU{01!2A zhk&SAln6vk-ruO%XDj?4s9AswM9qP{FUS2Bu}_bGq2}YWFt?IlY9bIdy=zSWg_^Gg zir@c%nqAL`EkM*HL?z`*My_G~FgW{`0WPP0as|?d>z* z#f?|JG0BdS9URCFcb5ntn#yO{4hkI80H+K9Hk&tw8OFe7^L%qw+$)P&>UXnA3#EGe ze`q$hO#d{SA@5u3jrVOXWW7Yr@4?gM>eF@fD>B&wR=L|Hl}YR_4qH3ZoXplX3=B0N z+&i203Lu{Kp68zBc*R^h)(un>YUbFKOAMnEvUZ%gnUZr>z}#YIRqbrQpsdrgXj~q8 zuF2W@%X9R6Kz2g=J}KM2;NBrT-+VwIMk8)`Nr61sd?3rHB}KG|&xLNUoWJNe}tkEI|-THUCt!tDp65H#mxvBX){UoLv}VP! zEUMReusX&z5j^rUgvH{~kA!4335^u@-`k>QJ(ND&_c=!n5#8l;sc%1Aq4LSnc_tqf z?FhP)(d0a1k+WQsny$(p%=t(1WQ7h1%I`?ZkGz!>EuyW^PC@iwUOTszlJLtI zwbf6Sinfrld}j$?lAPoz011Nmw9I^y5A)N)y@A1TW64Tbv^SGgm*2$@^wdKkC4P+2 zVm7emlC*46n}01E&*Y(xE6OV9J}dUm+FAJNgEFY395v&qkxfi-a5i-BUZXlrmb}tL zoMtQ7mY6rQ|Fx1jCQTK4CAFM;(F4+fCZ`S5DqTTm5_o!SUqWmz@pJsF^dozu;*Bo9+!}!|7a_*_w$nv&=`}+>eH_Bt9uujhV*^1QFQ266Regsw) z{0j)OUtWNBu*U3bz|~%klm$RvGj)bucoVMRU0CZilU^auZ#nCl3?SUAs(l`5uL_q| zSxh7yQRz?M2)R#f9lSkehT2$_EY6soKd%Si06}XwpSvurZB#Eu5^iCQSkm?+??&eP-qmwKJcxS#!m76@h z3mW-5ypzF4!e1pj6Jx6kbz32mZqwn)kYqH3h?(r#9Q%Im>m5f)hrH?=tS?va7HH_F zXspg>o=_}a8G)SNv$)cXeDr2F6W&XiCuNjK04RUy84;dRJ$llUo6l`YK~=fXrH&hi zEN&~(USHqKw>k`4tpo$3n+BVo&_5&)J*}ox<8rC{l6zvH*@Z!_7vs#ETJ7LF*2BWD zbvTw-)?I-Uw^}pnZoB$vF|rmeWP<&3u)y{N?qKlg>ryQ%4x8}%W?zghUh&4lyh*KE zcbsSBhNNBG(QRxo#8p6t)~9?%NTSvc&BL2^U9_Hv7SqJ#5}ctI{s_4f(G1Rehz{*) zDMrh-O^58etj*S49o*20L#T_43-`|FP<~K~NKzY-2kv&*M4EB%h9jX01p5s~9J95} zLte)7KV#L6SgNZn=#6{5b)4olw;}C|CG6H9x6(egSR>sPizzcTy9b1^-sB7xzL}P* zDi2uFXh@Wf8(Ni|7)dNWib9{36|~MFijQG;eM<;XEW8s6dN4OT8`Fkdt?26p4d7_?Hfu=5BUO({L^lf^SS^f-c|@Jwtoy$rNgM=)wF!wN(`FM<`uyr?oZ8D?Tf9wZCHEr0k^Y6-IZ-1MbZMf7m) zxb$?eO!{55H%;pYfqWA;MEcPEM5QuK$w+zjxO5&`9o<%tUlkSVet!2CZ`)3;H>uXG zJK4OG$>4AP9x)aLSdahhrfj8e#*%#)qP?()V`fqfRmU|I8ZlGw0Ct?;LN&2s? zX?wqGT3F(^Q;jeV4t%+!m$}x%hWwO1r>l!A`AhQp8G5@1U$fB_DRDMNyK;A%Bd^A4AMmtS7Ihh> z4s5{Dw`8x&P`q|w?JrsM@Xk)q*J>L~WBcKj%(r*tPg0Niqbab5FV=DntM%0{MI3h7 z9mPa=MTBb-e4Yue^W)TB>Sk)}W-ru|4$MmPrWw{liYn0xGavJcQ90}vB}f*7Y1Gla zP!|SN;2N$Dm0egvfp7d;EoJ|h0CLobb>u>oJK~r-@+pC>lDm7`&!-&k!{KW2AyVTx zA>`WzrXJXv;#sV_bTIEeqjaJl=9&)N1mjyx_~GRe`K z80qIL3Ey6{*%!x>2O@}BD8mvYUXl;nlF!?BNt=QRyK)Cg_9w`fF+OZ7h+^9 zGW;(oU)zMEi=gX^Rr5x;W$K$5E4Y(&-viVcF^}u`1oCq|MTU|JpB{>DKQ*_H^u!+O zxNLdY=D%&-%rsUpO7r{SOZT<7_wPOx_ZJazorlaVC4iM%Qn$d#GIbT~PvzDYtKZ30 zapi$N!;e~^%a^tbh+4h0{%GaeX%ecv{xBipN`O_wuhIB9gIL4)@n+K-{rm&L`R4|Z zv=gbxY^D$wff{Sm>dz5YrAvtY+QMrzsGloQT^M^O=;fHBX3leW;*fYLQH>+u4{Z2( z0)=?&Hki${7W?L*t<_@RYNQ{OE6?wrnzFg38?x~Algi4S;v}PmZ=Bv=M~sx^KtRy} z=l}o!8sHQGq65pw7W@kl08kMC0I-0+{rv?3ApY|T0GPR2n7CVL*oa$L+Bn*{+c-Hg z+PXP8{`*C+ffrfa;09Ht0Rhmz!2nSHe(PTsVMPJ}987E+)h!&H?SYs2`|S{rzyAsp O_#Fm(ZRQ36{`_BveaCA6 diff --git a/Solutions/PaloAlto-PAN-OS/Package/createUiDefinition.json b/Solutions/PaloAlto-PAN-OS/Package/createUiDefinition.json index 45288c8c705..4bf8c64ce83 100644 --- a/Solutions/PaloAlto-PAN-OS/Package/createUiDefinition.json +++ b/Solutions/PaloAlto-PAN-OS/Package/createUiDefinition.json @@ -6,7 +6,7 @@ "config": { "isWizard": false, "basics": { - "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Palo Alto Networks (Firewall)](https://www.paloaltonetworks.com/network-security/next-generation-firewall) Solution for Microsoft Sentinel allows you to easily connect your Palo Alto Networks Firewall logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities. This solution also contains playbooks to help in automated remediation.\n\nThis solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation.\n\n**NOTE:** Microsoft recommends installation of CEF via AMA Connector. The existing connectors are about to be deprecated by **Aug 31, 2024**.\n\n**Data Connectors:** 2, **Workbooks:** 2, **Analytic Rules:** 4, **Hunting Queries:** 2, **Custom Azure Logic Apps Connectors:** 2, **Playbooks:** 7\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", + "description": "\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\nThe [Palo Alto Networks (Firewall)](https://www.paloaltonetworks.com/network-security/next-generation-firewall) Solution for Microsoft Sentinel allows you to easily connect your Palo Alto Networks Firewall logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities. This solution also contains playbooks to help in automated remediation.\n\nThis solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation.\n\n**NOTE:** Microsoft recommends installation of CEF via AMA Connector. The existing connectors are about to be deprecated by **Aug 31, 2024**.\n\n**Data Connector:** 1,**Workbooks:** 2, **Analytic Rules:** 4, **Hunting Queries:** 2, **Custom Azure Logic Apps Connectors:** 2, **Playbooks:** 7\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)", "subscription": { "resourceProviders": [ "Microsoft.OperationsManagement/solutions", @@ -51,30 +51,6 @@ } ], "steps": [ - { - "name": "dataconnectors", - "label": "Data Connectors", - "bladeTitle": "Data Connectors", - "elements": [ - { - "name": "dataconnectors1-text", - "type": "Microsoft.Common.TextBlock", - "options": { - "text": "This Solution installs the data connector for PaloAlto-PAN-OS. You can get PaloAlto-PAN-OS CommonSecurityLog data in your Microsoft Sentinel workspace. After installing the solution, configure and enable this data connector by following guidance in Manage solution view." - } - }, - { - "name": "dataconnectors-link2", - "type": "Microsoft.Common.TextBlock", - "options": { - "link": { - "label": "Learn more about connecting data sources", - "uri": "https://docs.microsoft.com/azure/sentinel/connect-data-sources" - } - } - } - ] - }, { "name": "workbooks", "label": "Workbooks", @@ -246,7 +222,7 @@ "name": "huntingquery1-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "Identifies network connections whose ports are frequent targets of attacks and should not cross network boundaries or reach untrusted public networks.\nConsider updating the firewall policies to block the connections. This hunting query depends on PaloAltoNetworks PaloAltoNetworksAma CefAma data connector (CommonSecurityLog CommonSecurityLog CommonSecurityLog Parser or Table)" + "text": "Identifies network connections whose ports are frequent targets of attacks and should not cross network boundaries or reach untrusted public networks.\nConsider updating the firewall policies to block the connections. This hunting query depends on CefAma data connector (CommonSecurityLog Parser or Table)" } } ] @@ -260,7 +236,7 @@ "name": "huntingquery2-text", "type": "Microsoft.Common.TextBlock", "options": { - "text": "Identifies beaconing patterns from PAN traffic logs based on recurrent timedelta patterns.\n Reference Blog:https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/detect-network-beaconing-via-intra-request-time-delta-patterns/ba-p/779586 This hunting query depends on PaloAltoNetworks PaloAltoNetworksAma CefAma data connector (CommonSecurityLog CommonSecurityLog CommonSecurityLog Parser or Table)" + "text": "Identifies beaconing patterns from PAN traffic logs based on recurrent timedelta patterns.\n Reference Blog:https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/detect-network-beaconing-via-intra-request-time-delta-patterns/ba-p/779586 This hunting query depends on CefAma data connector (CommonSecurityLog Parser or Table)" } } ] diff --git a/Solutions/PaloAlto-PAN-OS/Package/mainTemplate.json b/Solutions/PaloAlto-PAN-OS/Package/mainTemplate.json index e7637667c3c..e680cbaff9d 100644 --- a/Solutions/PaloAlto-PAN-OS/Package/mainTemplate.json +++ b/Solutions/PaloAlto-PAN-OS/Package/mainTemplate.json @@ -52,31 +52,13 @@ "_solutionVersion": "3.0.7", "solutionId": "azuresentinel.azure-sentinel-solution-paloaltopanos", "_solutionId": "[variables('solutionId')]", - "uiConfigId1": "PaloAltoNetworks", - "_uiConfigId1": "[variables('uiConfigId1')]", - "dataConnectorContentId1": "PaloAltoNetworks", - "_dataConnectorContentId1": "[variables('dataConnectorContentId1')]", - "dataConnectorId1": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]", - "_dataConnectorId1": "[variables('dataConnectorId1')]", - "dataConnectorTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId1'))))]", - "dataConnectorVersion1": "1.0.0", - "_dataConnectorcontentProductId1": "[concat(take(variables('_solutionId'),50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentId1'),'-', variables('dataConnectorVersion1'))))]", - "uiConfigId2": "PaloAltoNetworksAma", - "_uiConfigId2": "[variables('uiConfigId2')]", - "dataConnectorContentId2": "PaloAltoNetworksAma", - "_dataConnectorContentId2": "[variables('dataConnectorContentId2')]", - "dataConnectorId2": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId2'))]", - "_dataConnectorId2": "[variables('dataConnectorId2')]", - "dataConnectorTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-dc-',uniquestring(variables('_dataConnectorContentId2'))))]", - "dataConnectorVersion2": "1.0.0", - "_dataConnectorcontentProductId2": "[concat(take(variables('_solutionId'),50),'-','dc','-', uniqueString(concat(variables('_solutionId'),'-','DataConnector','-',variables('_dataConnectorContentId2'),'-', variables('dataConnectorVersion2'))))]", "huntingQueryObject1": { - "huntingQueryVersion1": "1.0.1", + "huntingQueryVersion1": "1.0.2", "_huntingQuerycontentId1": "0a57accf-3548-4e38-a861-99687c958f59", "huntingQueryTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('0a57accf-3548-4e38-a861-99687c958f59')))]" }, "huntingQueryObject2": { - "huntingQueryVersion2": "1.0.4", + "huntingQueryVersion2": "1.0.5", "_huntingQuerycontentId2": "2f8522fc-7807-4f0a-b53d-458296edab8d", "huntingQueryTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-hq-',uniquestring('2f8522fc-7807-4f0a-b53d-458296edab8d')))]" }, @@ -94,32 +76,32 @@ "_workbookContentId2": "[variables('workbookContentId2')]", "_workbookcontentProductId2": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId2'),'-', variables('workbookVersion2'))))]", "analyticRuleObject1": { - "analyticRuleVersion1": "1.0.2", + "analyticRuleVersion1": "1.0.3", "_analyticRulecontentId1": "89a86f70-615f-4a79-9621-6f68c50f365f", "analyticRuleId1": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '89a86f70-615f-4a79-9621-6f68c50f365f')]", "analyticRuleTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('89a86f70-615f-4a79-9621-6f68c50f365f')))]", - "_analyticRulecontentProductId1": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','89a86f70-615f-4a79-9621-6f68c50f365f','-', '1.0.2')))]" + "_analyticRulecontentProductId1": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','89a86f70-615f-4a79-9621-6f68c50f365f','-', '1.0.3')))]" }, "analyticRuleObject2": { - "analyticRuleVersion2": "1.3.5", + "analyticRuleVersion2": "1.3.6", "_analyticRulecontentId2": "2be4ef67-a93f-4d8a-981a-88158cb73abd", "analyticRuleId2": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '2be4ef67-a93f-4d8a-981a-88158cb73abd')]", "analyticRuleTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('2be4ef67-a93f-4d8a-981a-88158cb73abd')))]", - "_analyticRulecontentProductId2": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','2be4ef67-a93f-4d8a-981a-88158cb73abd','-', '1.3.5')))]" + "_analyticRulecontentProductId2": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','2be4ef67-a93f-4d8a-981a-88158cb73abd','-', '1.3.6')))]" }, "analyticRuleObject3": { - "analyticRuleVersion3": "1.0.4", + "analyticRuleVersion3": "1.0.5", "_analyticRulecontentId3": "f0be259a-34ac-4946-aa15-ca2b115d5feb", "analyticRuleId3": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'f0be259a-34ac-4946-aa15-ca2b115d5feb')]", "analyticRuleTemplateSpecName3": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('f0be259a-34ac-4946-aa15-ca2b115d5feb')))]", - "_analyticRulecontentProductId3": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','f0be259a-34ac-4946-aa15-ca2b115d5feb','-', '1.0.4')))]" + "_analyticRulecontentProductId3": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','f0be259a-34ac-4946-aa15-ca2b115d5feb','-', '1.0.5')))]" }, "analyticRuleObject4": { - "analyticRuleVersion4": "1.0.6", + "analyticRuleVersion4": "1.0.7", "_analyticRulecontentId4": "5b72f527-e3f6-4a00-9908-8e4fee14da9f", "analyticRuleId4": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '5b72f527-e3f6-4a00-9908-8e4fee14da9f')]", "analyticRuleTemplateSpecName4": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('5b72f527-e3f6-4a00-9908-8e4fee14da9f')))]", - "_analyticRulecontentProductId4": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','5b72f527-e3f6-4a00-9908-8e4fee14da9f','-', '1.0.6')))]" + "_analyticRulecontentProductId4": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','5b72f527-e3f6-4a00-9908-8e4fee14da9f','-', '1.0.7')))]" }, "PaloAlto_PAN-OS_Rest_API_CustomConnector": "PaloAlto_PAN-OS_Rest_API_CustomConnector", "_PaloAlto_PAN-OS_Rest_API_CustomConnector": "[variables('PaloAlto_PAN-OS_Rest_API_CustomConnector')]", @@ -197,708 +179,6 @@ "_solutioncontentProductId": "[concat(take(variables('_solutionId'),50),'-','sl','-', uniqueString(concat(variables('_solutionId'),'-','Solution','-',variables('_solutionId'),'-', variables('_solutionVersion'))))]" }, "resources": [ - { - "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", - "apiVersion": "2023-04-01-preview", - "name": "[variables('dataConnectorTemplateSpecName1')]", - "location": "[parameters('workspace-location')]", - "dependsOn": [ - "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" - ], - "properties": { - "description": "PaloAlto-PAN-OS data connector with template version 3.0.7", - "mainTemplate": { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('dataConnectorVersion1')]", - "parameters": {}, - "variables": {}, - "resources": [ - { - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentId1'))]", - "apiVersion": "2021-03-01-preview", - "type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors", - "location": "[parameters('workspace-location')]", - "kind": "GenericUI", - "properties": { - "connectorUiConfig": { - "id": "[variables('_uiConfigId1')]", - "title": "[Deprecated] Palo Alto Networks (Firewall) via Legacy Agent", - "publisher": "Palo Alto Networks", - "descriptionMarkdown": "The Palo Alto Networks firewall connector allows you to easily connect your Palo Alto Networks logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities.", - "graphQueries": [ - { - "metricName": "Total data received", - "legend": "Palo Alto Networks", - "baseQuery": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n" - } - ], - "sampleQueries": [ - { - "description": "All logs", - "query": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | sort by TimeGenerated" - }, - { - "description": "THREAT activity", - "query": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | where Activity == \"THREAT\"\n | sort by TimeGenerated" - } - ], - "connectivityCriterias": [ - { - "type": "IsConnectedQuery", - "value": [ - "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(3d)" - ] - } - ], - "dataTypes": [ - { - "name": "CommonSecurityLog (PaloAlto)", - "lastDataReceivedQuery": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)" - } - ], - "availability": { - "status": 1, - "isPreview": false - }, - "permissions": { - "resourceProvider": [ - { - "provider": "Microsoft.OperationalInsights/workspaces", - "permissionsDisplayText": "read and write permissions are required.", - "providerDisplayName": "Workspace", - "scope": "Workspace", - "requiredPermissions": { - "read": true, - "write": true, - "delete": true - } - }, - { - "provider": "Microsoft.OperationalInsights/workspaces/sharedKeys", - "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).", - "providerDisplayName": "Keys", - "scope": "Workspace", - "requiredPermissions": { - "action": true - } - } - ] - }, - "instructionSteps": [ - { - "description": "Install and configure the Linux agent to collect your Common Event Format (CEF) Syslog messages and forward them to Microsoft Sentinel.\n\n> Notice that the data from all regions will be stored in the selected workspace", - "innerSteps": [ - { - "title": "1.1 Select or create a Linux machine", - "description": "Select or create a Linux machine that Microsoft Sentinel will use as the proxy between your security solution and Microsoft Sentinel this machine can be on your on-prem environment, Azure or other clouds." - }, - { - "title": "1.2 Install the CEF collector on the Linux machine", - "description": "Install the Microsoft Monitoring Agent on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python -version.\n\n> 2. You must have elevated permissions (sudo) on your machine.", - "instructions": [ - { - "parameters": { - "fillWith": [ - "WorkspaceId", - "PrimaryKey" - ], - "label": "Run the following command to install and apply the CEF collector:", - "value": "sudo wget -O cef_installer.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/CEF/cef_installer.py&&sudo python cef_installer.py {0} {1}" - }, - "type": "CopyableLabel" - } - ] - } - ], - "title": "1. Linux Syslog agent configuration" - }, - { - "description": "Configure Palo Alto Networks to forward Syslog messages in CEF format to your Microsoft Sentinel workspace via the Syslog agent.\n\nGo to [configure Palo Alto Networks NGFW for sending CEF events.](https://aka.ms/sentinel-paloaltonetworks-readme)\n\nGo to [Palo Alto CEF Configuration](https://aka.ms/asi-syslog-paloalto-forwarding) and Palo Alto [Configure Syslog Monitoring](https://aka.ms/asi-syslog-paloalto-configure) steps 2, 3, choose your version, and follow the instructions using the following guidelines:\n\n1. Set the Syslog server format to **BSD**.\n\n2. The copy/paste operations from the PDF might change the text and insert random characters. To avoid this, copy the text to an editor and remove any characters that might break the log format before pasting it.\n\n[Learn more >](https://aka.ms/CEFPaloAlto)", - "title": "2. Forward Palo Alto Networks logs to Syslog agent" - }, - { - "description": "Follow the instructions to validate your connectivity:\n\nOpen Log Analytics to check if the logs are received using the CommonSecurityLog schema.\n\n>It may take about 20 minutes until the connection streams data to your workspace.\n\nIf the logs are not received, run the following connectivity validation script:\n\n> 1. Make sure that you have Python on your machine using the following command: python -version\n\n>2. You must have elevated permissions (sudo) on your machine", - "instructions": [ - { - "parameters": { - "fillWith": [ - "WorkspaceId" - ], - "label": "Run the following command to validate your connectivity:", - "value": "sudo wget -O cef_troubleshoot.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/CEF/cef_troubleshoot.py&&sudo python cef_troubleshoot.py {0}" - }, - "type": "CopyableLabel" - } - ], - "title": "3. Validate connection" - }, - { - "description": "Make sure to configure the machine's security according to your organization's security policy\n\n\n[Learn more >](https://aka.ms/SecureCEF)", - "title": "4. Secure your machine " - } - ], - "metadata": { - "id": "ef80260c-3aec-43bc-a1e5-c2f2372c9adc", - "version": "1.0.0", - "kind": "dataConnector", - "source": { - "kind": "community" - }, - "author": { - "name": "Palo Alto Networks" - }, - "support": { - "name": "Palo Alto Networks", - "link": "https://www.paloaltonetworks.com/company/contact-support", - "tier": "developer" - } - } - } - } - }, - { - "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", - "apiVersion": "2023-04-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]", - "properties": { - "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]", - "contentId": "[variables('_dataConnectorContentId1')]", - "kind": "DataConnector", - "version": "[variables('dataConnectorVersion1')]", - "source": { - "kind": "Solution", - "name": "PaloAlto-PAN-OS", - "sourceId": "[variables('_solutionId')]" - }, - "author": { - "name": "Microsoft", - "email": "[variables('_email')]" - }, - "support": { - "name": "Microsoft Corporation", - "email": "support@microsoft.com", - "tier": "Microsoft", - "link": "https://support.microsoft.com" - } - } - } - ] - }, - "packageKind": "Solution", - "packageVersion": "[variables('_solutionVersion')]", - "packageName": "[variables('_solutionName')]", - "packageId": "[variables('_solutionId')]", - "contentSchemaVersion": "3.0.0", - "contentId": "[variables('_dataConnectorContentId1')]", - "contentKind": "DataConnector", - "displayName": "[Deprecated] Palo Alto Networks (Firewall) via Legacy Agent", - "contentProductId": "[variables('_dataConnectorcontentProductId1')]", - "id": "[variables('_dataConnectorcontentProductId1')]", - "version": "[variables('dataConnectorVersion1')]" - } - }, - { - "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", - "apiVersion": "2023-04-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId1'),'/'))))]", - "dependsOn": [ - "[variables('_dataConnectorId1')]" - ], - "location": "[parameters('workspace-location')]", - "properties": { - "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId1'))]", - "contentId": "[variables('_dataConnectorContentId1')]", - "kind": "DataConnector", - "version": "[variables('dataConnectorVersion1')]", - "source": { - "kind": "Solution", - "name": "PaloAlto-PAN-OS", - "sourceId": "[variables('_solutionId')]" - }, - "author": { - "name": "Microsoft", - "email": "[variables('_email')]" - }, - "support": { - "name": "Microsoft Corporation", - "email": "support@microsoft.com", - "tier": "Microsoft", - "link": "https://support.microsoft.com" - } - } - }, - { - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentId1'))]", - "apiVersion": "2021-03-01-preview", - "type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors", - "location": "[parameters('workspace-location')]", - "kind": "GenericUI", - "properties": { - "connectorUiConfig": { - "title": "[Deprecated] Palo Alto Networks (Firewall) via Legacy Agent", - "publisher": "Palo Alto Networks", - "descriptionMarkdown": "The Palo Alto Networks firewall connector allows you to easily connect your Palo Alto Networks logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities.", - "graphQueries": [ - { - "metricName": "Total data received", - "legend": "Palo Alto Networks", - "baseQuery": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n" - } - ], - "dataTypes": [ - { - "name": "CommonSecurityLog (PaloAlto)", - "lastDataReceivedQuery": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)" - } - ], - "connectivityCriterias": [ - { - "type": "IsConnectedQuery", - "value": [ - "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(3d)" - ] - } - ], - "sampleQueries": [ - { - "description": "All logs", - "query": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | sort by TimeGenerated" - }, - { - "description": "THREAT activity", - "query": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | where Activity == \"THREAT\"\n | sort by TimeGenerated" - } - ], - "availability": { - "status": 1, - "isPreview": false - }, - "permissions": { - "resourceProvider": [ - { - "provider": "Microsoft.OperationalInsights/workspaces", - "permissionsDisplayText": "read and write permissions are required.", - "providerDisplayName": "Workspace", - "scope": "Workspace", - "requiredPermissions": { - "read": true, - "write": true, - "delete": true - } - }, - { - "provider": "Microsoft.OperationalInsights/workspaces/sharedKeys", - "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).", - "providerDisplayName": "Keys", - "scope": "Workspace", - "requiredPermissions": { - "action": true - } - } - ] - }, - "instructionSteps": [ - { - "description": "Install and configure the Linux agent to collect your Common Event Format (CEF) Syslog messages and forward them to Microsoft Sentinel.\n\n> Notice that the data from all regions will be stored in the selected workspace", - "innerSteps": [ - { - "title": "1.1 Select or create a Linux machine", - "description": "Select or create a Linux machine that Microsoft Sentinel will use as the proxy between your security solution and Microsoft Sentinel this machine can be on your on-prem environment, Azure or other clouds." - }, - { - "title": "1.2 Install the CEF collector on the Linux machine", - "description": "Install the Microsoft Monitoring Agent on your Linux machine and configure the machine to listen on the necessary port and forward messages to your Microsoft Sentinel workspace. The CEF collector collects CEF messages on port 514 TCP.\n\n> 1. Make sure that you have Python on your machine using the following command: python -version.\n\n> 2. You must have elevated permissions (sudo) on your machine.", - "instructions": [ - { - "parameters": { - "fillWith": [ - "WorkspaceId", - "PrimaryKey" - ], - "label": "Run the following command to install and apply the CEF collector:", - "value": "sudo wget -O cef_installer.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/CEF/cef_installer.py&&sudo python cef_installer.py {0} {1}" - }, - "type": "CopyableLabel" - } - ] - } - ], - "title": "1. Linux Syslog agent configuration" - }, - { - "description": "Configure Palo Alto Networks to forward Syslog messages in CEF format to your Microsoft Sentinel workspace via the Syslog agent.\n\nGo to [configure Palo Alto Networks NGFW for sending CEF events.](https://aka.ms/sentinel-paloaltonetworks-readme)\n\nGo to [Palo Alto CEF Configuration](https://aka.ms/asi-syslog-paloalto-forwarding) and Palo Alto [Configure Syslog Monitoring](https://aka.ms/asi-syslog-paloalto-configure) steps 2, 3, choose your version, and follow the instructions using the following guidelines:\n\n1. Set the Syslog server format to **BSD**.\n\n2. The copy/paste operations from the PDF might change the text and insert random characters. To avoid this, copy the text to an editor and remove any characters that might break the log format before pasting it.\n\n[Learn more >](https://aka.ms/CEFPaloAlto)", - "title": "2. Forward Palo Alto Networks logs to Syslog agent" - }, - { - "description": "Follow the instructions to validate your connectivity:\n\nOpen Log Analytics to check if the logs are received using the CommonSecurityLog schema.\n\n>It may take about 20 minutes until the connection streams data to your workspace.\n\nIf the logs are not received, run the following connectivity validation script:\n\n> 1. Make sure that you have Python on your machine using the following command: python -version\n\n>2. You must have elevated permissions (sudo) on your machine", - "instructions": [ - { - "parameters": { - "fillWith": [ - "WorkspaceId" - ], - "label": "Run the following command to validate your connectivity:", - "value": "sudo wget -O cef_troubleshoot.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/CEF/cef_troubleshoot.py&&sudo python cef_troubleshoot.py {0}" - }, - "type": "CopyableLabel" - } - ], - "title": "3. Validate connection" - }, - { - "description": "Make sure to configure the machine's security according to your organization's security policy\n\n\n[Learn more >](https://aka.ms/SecureCEF)", - "title": "4. Secure your machine " - } - ], - "id": "[variables('_uiConfigId1')]" - } - } - }, - { - "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", - "apiVersion": "2023-04-01-preview", - "name": "[variables('dataConnectorTemplateSpecName2')]", - "location": "[parameters('workspace-location')]", - "dependsOn": [ - "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]" - ], - "properties": { - "description": "PaloAlto-PAN-OS data connector with template version 3.0.7", - "mainTemplate": { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "[variables('dataConnectorVersion2')]", - "parameters": {}, - "variables": {}, - "resources": [ - { - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentId2'))]", - "apiVersion": "2021-03-01-preview", - "type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors", - "location": "[parameters('workspace-location')]", - "kind": "GenericUI", - "properties": { - "connectorUiConfig": { - "id": "[variables('_uiConfigId2')]", - "title": "[Deprecated] Palo Alto Networks (Firewall) via AMA", - "publisher": "Palo Alto Networks", - "descriptionMarkdown": "The Palo Alto Networks firewall connector allows you to easily connect your Palo Alto Networks logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities.", - "graphQueries": [ - { - "metricName": "Total data received", - "legend": "Palo Alto Networks", - "baseQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Palo Alto Networks' \n |where DeviceProduct has 'PAN-OS'\n |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)" - } - ], - "sampleQueries": [ - { - "description": "All logs", - "query": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | sort by TimeGenerated" - }, - { - "description": "THREAT activity", - "query": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | where Activity == \"THREAT\"\n | sort by TimeGenerated" - } - ], - "connectivityCriterias": [ - { - "type": "IsConnectedQuery", - "value": [ - "CommonSecurityLog\n |where DeviceVendor =~ 'Palo Alto Networks' \n |where DeviceProduct =~ 'PAN-OS'\n |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(3d)" - ] - } - ], - "dataTypes": [ - { - "name": "CommonSecurityLog (PaloAlto)", - "lastDataReceivedQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Palo Alto Networks' \n |where DeviceProduct has 'PAN-OS'\n |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)" - } - ], - "availability": { - "status": 1, - "isPreview": false - }, - "permissions": { - "resourceProvider": [ - { - "provider": "Microsoft.OperationalInsights/workspaces", - "permissionsDisplayText": "read and write permissions are required.", - "providerDisplayName": "Workspace", - "scope": "Workspace", - "requiredPermissions": { - "read": true, - "write": true, - "delete": true - } - }, - { - "provider": "Microsoft.OperationalInsights/workspaces/sharedKeys", - "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).", - "providerDisplayName": "Keys", - "scope": "Workspace", - "requiredPermissions": { - "action": true - } - } - ], - "customs": [ - { - "description": "To collect data from non-Azure VMs, they must have Azure Arc installed and enabled. [Learn more](https://docs.microsoft.com/azure/azure-monitor/agents/azure-monitor-agent-install?tabs=ARMAgentPowerShell,PowerShellWindows,PowerShellWindowsArc,CLIWindows,CLIWindowsArc)" - }, - { - "description": "Common Event Format (CEF) via AMA and Syslog via AMA data connectors must be installed [Learn more](https://learn.microsoft.com/azure/sentinel/connect-cef-ama#open-the-connector-page-and-create-the-dcr)" - } - ] - }, - "instructionSteps": [ - { - "instructions": [ - { - "parameters": { - "title": "1. Kindly follow the steps to configure the data connector", - "instructionSteps": [ - { - "title": "Step A. Configure the Common Event Format (CEF) via AMA data connector", - "description": "_Note:- CEF logs are collected only from Linux Agents_\n\n1. Navigate to Microsoft Sentinel workspace ---> configuration ---> Data connector blade .\n\n2. Search for 'Common Event Format (CEF) via AMA' data connector and open it.\n\n3. Check If there is no existing DCR configured to collect required facility of logs, Create a new DCR (Data Collection Rule)\n\n\t_Note:- It is recommended to install minimum 1.27 version of AMA agent [Learn more](https://learn.microsoft.com/azure/azure-monitor/agents/azure-monitor-agent-manage?tabs=azure-portal ) and ensure there is no duplicate DCR as it can cause log duplicacy_\n\n4. Run the command provided in the CEF via AMA data connector page to configure the CEF collector on the machine" - }, - { - "title": "Step B. Forward Palo Alto Networks logs to Syslog agent", - "description": "Configure Palo Alto Networks to forward Syslog messages in CEF format to your Microsoft Sentinel workspace via the Syslog agent.\n\nGo to [configure Palo Alto Networks NGFW for sending CEF events.](https://aka.ms/sentinel-paloaltonetworks-readme)\n\nGo to [Palo Alto CEF Configuration](https://aka.ms/asi-syslog-paloalto-forwarding) and Palo Alto [Configure Syslog Monitoring](https://aka.ms/asi-syslog-paloalto-configure) steps 2, 3, choose your version, and follow the instructions using the following guidelines:\n\n1. Set the Syslog server format to **BSD**.\n\n2. The copy/paste operations from the PDF might change the text and insert random characters. To avoid this, copy the text to an editor and remove any characters that might break the log format before pasting it.\n\n[Learn more >](https://aka.ms/CEFPaloAlto)" - }, - { - "title": "Step C. Validate connection", - "description": "Follow the instructions to validate your connectivity:\n\nOpen Log Analytics to check if the logs are received using the CommonSecurityLog schema.\n\nIt may take about 20 minutes until the connection streams data to your workspace.\n\nIf the logs are not received, run the following connectivity validation script:\n\n 1. Make sure that you have Python on your machine using the following command: python -version\n\n2. You must have elevated permissions (sudo) on your machine", - "instructions": [ - { - "parameters": { - "label": "Run the following command to validate your connectivity:", - "value": "sudo wget -O Sentinel_AMA_troubleshoot.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/Syslog/Sentinel_AMA_troubleshoot.py&&sudo python Sentinel_AMA_troubleshoot.py --cef" - }, - "type": "CopyableLabel" - } - ] - } - ] - }, - "type": "InstructionStepsGroup" - } - ] - }, - { - "description": "Make sure to configure the machine's security according to your organization's security policy\n\n\n[Learn more >](https://aka.ms/SecureCEF)", - "title": "2. Secure your machine " - } - ], - "metadata": { - "id": "ef80260c-3aec-43bc-a1e5-c2f2372c9adc", - "version": "1.0.0", - "kind": "dataConnector", - "source": { - "kind": "community" - }, - "author": { - "name": "Palo Alto Networks" - }, - "support": { - "name": "Palo Alto Networks", - "link": "https://www.paloaltonetworks.com/company/contact-support", - "tier": "developer" - } - } - } - } - }, - { - "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", - "apiVersion": "2023-04-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId2'),'/'))))]", - "properties": { - "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId2'))]", - "contentId": "[variables('_dataConnectorContentId2')]", - "kind": "DataConnector", - "version": "[variables('dataConnectorVersion2')]", - "source": { - "kind": "Solution", - "name": "PaloAlto-PAN-OS", - "sourceId": "[variables('_solutionId')]" - }, - "author": { - "name": "Microsoft", - "email": "[variables('_email')]" - }, - "support": { - "name": "Microsoft Corporation", - "email": "support@microsoft.com", - "tier": "Microsoft", - "link": "https://support.microsoft.com" - } - } - } - ] - }, - "packageKind": "Solution", - "packageVersion": "[variables('_solutionVersion')]", - "packageName": "[variables('_solutionName')]", - "packageId": "[variables('_solutionId')]", - "contentSchemaVersion": "3.0.0", - "contentId": "[variables('_dataConnectorContentId2')]", - "contentKind": "DataConnector", - "displayName": "[Deprecated] Palo Alto Networks (Firewall) via AMA", - "contentProductId": "[variables('_dataConnectorcontentProductId2')]", - "id": "[variables('_dataConnectorcontentProductId2')]", - "version": "[variables('dataConnectorVersion2')]" - } - }, - { - "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", - "apiVersion": "2023-04-01-preview", - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('DataConnector-', last(split(variables('_dataConnectorId2'),'/'))))]", - "dependsOn": [ - "[variables('_dataConnectorId2')]" - ], - "location": "[parameters('workspace-location')]", - "properties": { - "parentId": "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/dataConnectors', variables('_dataConnectorContentId2'))]", - "contentId": "[variables('_dataConnectorContentId2')]", - "kind": "DataConnector", - "version": "[variables('dataConnectorVersion2')]", - "source": { - "kind": "Solution", - "name": "PaloAlto-PAN-OS", - "sourceId": "[variables('_solutionId')]" - }, - "author": { - "name": "Microsoft", - "email": "[variables('_email')]" - }, - "support": { - "name": "Microsoft Corporation", - "email": "support@microsoft.com", - "tier": "Microsoft", - "link": "https://support.microsoft.com" - } - } - }, - { - "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',variables('_dataConnectorContentId2'))]", - "apiVersion": "2021-03-01-preview", - "type": "Microsoft.OperationalInsights/workspaces/providers/dataConnectors", - "location": "[parameters('workspace-location')]", - "kind": "GenericUI", - "properties": { - "connectorUiConfig": { - "title": "[Deprecated] Palo Alto Networks (Firewall) via AMA", - "publisher": "Palo Alto Networks", - "descriptionMarkdown": "The Palo Alto Networks firewall connector allows you to easily connect your Palo Alto Networks logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities.", - "graphQueries": [ - { - "metricName": "Total data received", - "legend": "Palo Alto Networks", - "baseQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Palo Alto Networks' \n |where DeviceProduct has 'PAN-OS'\n |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)" - } - ], - "dataTypes": [ - { - "name": "CommonSecurityLog (PaloAlto)", - "lastDataReceivedQuery": "CommonSecurityLog\n |where DeviceVendor =~ 'Palo Alto Networks' \n |where DeviceProduct has 'PAN-OS'\n |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)" - } - ], - "connectivityCriterias": [ - { - "type": "IsConnectedQuery", - "value": [ - "CommonSecurityLog\n |where DeviceVendor =~ 'Palo Alto Networks' \n |where DeviceProduct =~ 'PAN-OS'\n |extend sent_by_ama = column_ifexists('CollectorHostName','')\n |where isnotempty(sent_by_ama)\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(3d)" - ] - } - ], - "sampleQueries": [ - { - "description": "All logs", - "query": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | sort by TimeGenerated" - }, - { - "description": "THREAT activity", - "query": "\nCommonSecurityLog\n| where DeviceVendor == \"Palo Alto Networks\"\n| where DeviceProduct has \"PAN-OS\"\n\n | where Activity == \"THREAT\"\n | sort by TimeGenerated" - } - ], - "availability": { - "status": 1, - "isPreview": false - }, - "permissions": { - "resourceProvider": [ - { - "provider": "Microsoft.OperationalInsights/workspaces", - "permissionsDisplayText": "read and write permissions are required.", - "providerDisplayName": "Workspace", - "scope": "Workspace", - "requiredPermissions": { - "read": true, - "write": true, - "delete": true - } - }, - { - "provider": "Microsoft.OperationalInsights/workspaces/sharedKeys", - "permissionsDisplayText": "read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).", - "providerDisplayName": "Keys", - "scope": "Workspace", - "requiredPermissions": { - "action": true - } - } - ], - "customs": [ - { - "description": "To collect data from non-Azure VMs, they must have Azure Arc installed and enabled. [Learn more](https://docs.microsoft.com/azure/azure-monitor/agents/azure-monitor-agent-install?tabs=ARMAgentPowerShell,PowerShellWindows,PowerShellWindowsArc,CLIWindows,CLIWindowsArc)" - }, - { - "description": "Common Event Format (CEF) via AMA and Syslog via AMA data connectors must be installed [Learn more](https://learn.microsoft.com/azure/sentinel/connect-cef-ama#open-the-connector-page-and-create-the-dcr)" - } - ] - }, - "instructionSteps": [ - { - "instructions": [ - { - "parameters": { - "title": "1. Kindly follow the steps to configure the data connector", - "instructionSteps": [ - { - "title": "Step A. Configure the Common Event Format (CEF) via AMA data connector", - "description": "_Note:- CEF logs are collected only from Linux Agents_\n\n1. Navigate to Microsoft Sentinel workspace ---> configuration ---> Data connector blade .\n\n2. Search for 'Common Event Format (CEF) via AMA' data connector and open it.\n\n3. Check If there is no existing DCR configured to collect required facility of logs, Create a new DCR (Data Collection Rule)\n\n\t_Note:- It is recommended to install minimum 1.27 version of AMA agent [Learn more](https://learn.microsoft.com/azure/azure-monitor/agents/azure-monitor-agent-manage?tabs=azure-portal ) and ensure there is no duplicate DCR as it can cause log duplicacy_\n\n4. Run the command provided in the CEF via AMA data connector page to configure the CEF collector on the machine" - }, - { - "title": "Step B. Forward Palo Alto Networks logs to Syslog agent", - "description": "Configure Palo Alto Networks to forward Syslog messages in CEF format to your Microsoft Sentinel workspace via the Syslog agent.\n\nGo to [configure Palo Alto Networks NGFW for sending CEF events.](https://aka.ms/sentinel-paloaltonetworks-readme)\n\nGo to [Palo Alto CEF Configuration](https://aka.ms/asi-syslog-paloalto-forwarding) and Palo Alto [Configure Syslog Monitoring](https://aka.ms/asi-syslog-paloalto-configure) steps 2, 3, choose your version, and follow the instructions using the following guidelines:\n\n1. Set the Syslog server format to **BSD**.\n\n2. The copy/paste operations from the PDF might change the text and insert random characters. To avoid this, copy the text to an editor and remove any characters that might break the log format before pasting it.\n\n[Learn more >](https://aka.ms/CEFPaloAlto)" - }, - { - "title": "Step C. Validate connection", - "description": "Follow the instructions to validate your connectivity:\n\nOpen Log Analytics to check if the logs are received using the CommonSecurityLog schema.\n\nIt may take about 20 minutes until the connection streams data to your workspace.\n\nIf the logs are not received, run the following connectivity validation script:\n\n 1. Make sure that you have Python on your machine using the following command: python -version\n\n2. You must have elevated permissions (sudo) on your machine", - "instructions": [ - { - "parameters": { - "label": "Run the following command to validate your connectivity:", - "value": "sudo wget -O Sentinel_AMA_troubleshoot.py https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/Syslog/Sentinel_AMA_troubleshoot.py&&sudo python Sentinel_AMA_troubleshoot.py --cef" - }, - "type": "CopyableLabel" - } - ] - } - ] - }, - "type": "InstructionStepsGroup" - } - ] - }, - { - "description": "Make sure to configure the machine's security according to your organization's security policy\n\n\n[Learn more >](https://aka.ms/SecureCEF)", - "title": "2. Secure your machine " - } - ], - "id": "[variables('_uiConfigId2')]" - } - } - }, { "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates", "apiVersion": "2023-04-01-preview", @@ -975,9 +255,9 @@ "contentId": "[variables('huntingQueryObject1')._huntingQuerycontentId1]", "contentKind": "HuntingQuery", "displayName": "Palo Alto - high-risk ports", - "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '1.0.1')))]", - "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '1.0.1')))]", - "version": "1.0.1" + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '1.0.2')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject1')._huntingQuerycontentId1,'-', '1.0.2')))]", + "version": "1.0.2" } }, { @@ -1060,9 +340,9 @@ "contentId": "[variables('huntingQueryObject2')._huntingQuerycontentId2]", "contentKind": "HuntingQuery", "displayName": "Palo Alto - potential beaconing detected", - "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject2')._huntingQuerycontentId2,'-', '1.0.4')))]", - "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject2')._huntingQuerycontentId2,'-', '1.0.4')))]", - "version": "1.0.4" + "contentProductId": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject2')._huntingQuerycontentId2,'-', '1.0.5')))]", + "id": "[concat(take(variables('_solutionId'),50),'-','hq','-', uniqueString(concat(variables('_solutionId'),'-','HuntingQuery','-',variables('huntingQueryObject2')._huntingQuerycontentId2,'-', '1.0.5')))]", + "version": "1.0.5" } }, { @@ -1285,18 +565,6 @@ "triggerThreshold": 0, "status": "Available", "requiredDataConnectors": [ - { - "connectorId": "PaloAltoNetworks", - "dataTypes": [ - "CommonSecurityLog" - ] - }, - { - "connectorId": "PaloAltoNetworksAma", - "dataTypes": [ - "CommonSecurityLog" - ] - }, { "connectorId": "CefAma", "dataTypes": [ @@ -1408,18 +676,6 @@ "triggerThreshold": 0, "status": "Available", "requiredDataConnectors": [ - { - "connectorId": "PaloAltoNetworks", - "dataTypes": [ - "CommonSecurityLog" - ] - }, - { - "connectorId": "PaloAltoNetworksAma", - "dataTypes": [ - "CommonSecurityLog" - ] - }, { "connectorId": "CefAma", "dataTypes": [ @@ -1574,18 +830,6 @@ "triggerThreshold": 0, "status": "Available", "requiredDataConnectors": [ - { - "connectorId": "PaloAltoNetworks", - "dataTypes": [ - "CommonSecurityLog" - ] - }, - { - "connectorId": "PaloAltoNetworksAma", - "dataTypes": [ - "CommonSecurityLog" - ] - }, { "connectorId": "CefAma", "dataTypes": [ @@ -1709,18 +953,6 @@ "triggerThreshold": 0, "status": "Available", "requiredDataConnectors": [ - { - "connectorId": "PaloAltoNetworks", - "dataTypes": [ - "CommonSecurityLog" - ] - }, - { - "connectorId": "PaloAltoNetworksAma", - "dataTypes": [ - "CommonSecurityLog" - ] - }, { "connectorId": "CefAma", "dataTypes": [ @@ -9933,7 +9165,7 @@ "contentSchemaVersion": "3.0.0", "displayName": "PaloAlto-PAN-OS", "publisherDisplayName": "Microsoft Sentinel, Microsoft Corporation", - "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

The Palo Alto Networks (Firewall) Solution for Microsoft Sentinel allows you to easily connect your Palo Alto Networks Firewall logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities. This solution also contains playbooks to help in automated remediation.

\n

This solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation.

\n

NOTE: Microsoft recommends installation of CEF via AMA Connector. The existing connectors are about to be deprecated by Aug 31, 2024.

\n

Data Connectors: 2, Workbooks: 2, Analytic Rules: 4, Hunting Queries: 2, Custom Azure Logic Apps Connectors: 2, Playbooks: 7

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", + "descriptionHtml": "

Note: Please refer to the following before installing the solution:

\n

• Review the solution Release Notes

\n

• There may be known issues pertaining to this Solution, please refer to them before installing.

\n

The Palo Alto Networks (Firewall) Solution for Microsoft Sentinel allows you to easily connect your Palo Alto Networks Firewall logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities. This solution also contains playbooks to help in automated remediation.

\n

This solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation.

\n

NOTE: Microsoft recommends installation of CEF via AMA Connector. The existing connectors are about to be deprecated by Aug 31, 2024.

\n

Data Connector: 1Workbooks: 2, Analytic Rules: 4, Hunting Queries: 2, Custom Azure Logic Apps Connectors: 2, Playbooks: 7

\n

Learn more about Microsoft Sentinel | Learn more about Solutions

\n", "contentKind": "Solution", "contentProductId": "[variables('_solutioncontentProductId')]", "id": "[variables('_solutioncontentProductId')]", @@ -9957,16 +9189,6 @@ }, "dependencies": { "criteria": [ - { - "kind": "DataConnector", - "contentId": "[variables('_dataConnectorContentId1')]", - "version": "[variables('dataConnectorVersion1')]" - }, - { - "kind": "DataConnector", - "contentId": "[variables('_dataConnectorContentId2')]", - "version": "[variables('dataConnectorVersion2')]" - }, { "kind": "HuntingQuery", "contentId": "[variables('huntingQueryObject1')._huntingQuerycontentId1]", diff --git a/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md b/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md index 0c0d5eef8f2..069336a35d4 100644 --- a/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md +++ b/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md @@ -1,5 +1,6 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|--------------------------------------------------------------------| +| 3.0.8 | 07-11-2024 | Removed Deprecated **Data Connector** | | 3.0.7 | 08-01-2024 | Updated **Analytic Rule** for entity mappings | | 3.0.6 | 12-07-2024 | Deprecated **Data Connector** | | 3.0.5 | 30-04-2024 | Updated the **Data Connector** to fix conectivity criteria query | diff --git a/Solutions/PaloAlto-PAN-OS/data/Solution_PaloAlto-PAN-OS.json b/Solutions/PaloAlto-PAN-OS/data/Solution_PaloAlto-PAN-OS.json index 93a2778e1f6..fb561bd5ac9 100644 --- a/Solutions/PaloAlto-PAN-OS/data/Solution_PaloAlto-PAN-OS.json +++ b/Solutions/PaloAlto-PAN-OS/data/Solution_PaloAlto-PAN-OS.json @@ -3,10 +3,6 @@ "Author": "Microsoft - support@microsoft.com", "Logo": "", "Description": "The [Palo Alto Networks (Firewall)](https://www.paloaltonetworks.com/network-security/next-generation-firewall) Solution for Microsoft Sentinel allows you to easily connect your Palo Alto Networks Firewall logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's network and improves your security operation capabilities. This solution also contains playbooks to help in automated remediation.\n\nThis solution is dependent on the Common Event Format solution containing the CEF via AMA connector to collect the logs. The CEF solution will be installed as part of this solution installation.\n\n**NOTE:** Microsoft recommends installation of CEF via AMA Connector. The existing connectors are about to be deprecated by **Aug 31, 2024**.", - "Data Connectors": [ - "Solutions/PaloAlto-PAN-OS/Data Connectors/PaloAltoNetworks.json", - "Solutions/PaloAlto-PAN-OS/Data Connectors/template_PaloAltoNetworksAMA.json" - ], "Hunting Queries": [ "Solutions/PaloAlto-PAN-OS/Hunting Queries/PaloAlto-HighRiskPorts.yaml", "Solutions/PaloAlto-PAN-OS/Hunting Queries/Palo Alto - potential beaconing detected.yaml" diff --git a/Tools/Create-Azure-Sentinel-Solution/V2/WorkbookMetadata/WorkbooksMetadata.json b/Tools/Create-Azure-Sentinel-Solution/V2/WorkbookMetadata/WorkbooksMetadata.json index 44fdc2a3243..af2411fc98e 100644 --- a/Tools/Create-Azure-Sentinel-Solution/V2/WorkbookMetadata/WorkbooksMetadata.json +++ b/Tools/Create-Azure-Sentinel-Solution/V2/WorkbookMetadata/WorkbooksMetadata.json @@ -4565,8 +4565,6 @@ "Zscaler", "ZscalerAma", "MicrosoftSysmonForLinux", - "PaloAltoNetworks", - "PaloAltoNetworksAma", "AzureMonitor(VMInsights)", "AzureFirewall", "AzureNSG", From 4b087f8a12de4f32fefde043a2598450abe33db9 Mon Sep 17 00:00:00 2001 From: v-rusraut Date: Fri, 8 Nov 2024 10:45:48 +0530 Subject: [PATCH 2/4] Update WorkbooksMetadata.json --- .../V2/WorkbookMetadata/WorkbooksMetadata.json | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/Tools/Create-Azure-Sentinel-Solution/V2/WorkbookMetadata/WorkbooksMetadata.json b/Tools/Create-Azure-Sentinel-Solution/V2/WorkbookMetadata/WorkbooksMetadata.json index af2411fc98e..8da138881c4 100644 --- a/Tools/Create-Azure-Sentinel-Solution/V2/WorkbookMetadata/WorkbooksMetadata.json +++ b/Tools/Create-Azure-Sentinel-Solution/V2/WorkbookMetadata/WorkbooksMetadata.json @@ -175,8 +175,7 @@ "CommonSecurityLog" ], "dataConnectorsDependencies": [ - "PaloAltoNetworks", - "PaloAltoNetworksAma" + "CefAma" ], "previewImagesFileNames": [ "PaloAltoOverviewWhite1.png", @@ -200,8 +199,7 @@ "CommonSecurityLog" ], "dataConnectorsDependencies": [ - "PaloAltoNetworks", - "PaloAltoNetworksAma" + "CefAma" ], "previewImagesFileNames": [ "PaloAltoNetworkThreatWhite1.png", @@ -4574,7 +4572,8 @@ "CheckPoint", "Fortinet", "CiscoMeraki", - "FortinetAma" + "FortinetAma", + "CefAma" ], "previewImagesFileNames": [], "version": "1.0.0", From 7fce138c90774134e950cbbdafa831306b5147fc Mon Sep 17 00:00:00 2001 From: v-rusraut Date: Fri, 8 Nov 2024 14:46:24 +0530 Subject: [PATCH 3/4] Update WorkbooksMetadata.json --- Workbooks/WorkbooksMetadata.json | 3 --- 1 file changed, 3 deletions(-) diff --git a/Workbooks/WorkbooksMetadata.json b/Workbooks/WorkbooksMetadata.json index ce5f3585878..1b19b95e381 100644 --- a/Workbooks/WorkbooksMetadata.json +++ b/Workbooks/WorkbooksMetadata.json @@ -282,7 +282,6 @@ "CommonSecurityLog" ], "dataConnectorsDependencies": [ - "PaloAltoNetworks", "CefAma" ], "previewImagesFileNames": [ @@ -307,7 +306,6 @@ "CommonSecurityLog" ], "dataConnectorsDependencies": [ - "PaloAltoNetworks", "CefAma" ], "previewImagesFileNames": [ @@ -5517,7 +5515,6 @@ "WindowsForwardedEvents", "Zscaler", "MicrosoftSysmonForLinux", - "PaloAltoNetworks", "AzureMonitor(VMInsights)", "AzureFirewall", "AzureNSG", From 1335a9faa131eaf0e40c6242ce6b721a413952c1 Mon Sep 17 00:00:00 2001 From: v-rusraut Date: Mon, 11 Nov 2024 14:19:35 +0530 Subject: [PATCH 4/4] Update ReleaseNotes.md --- Solutions/PaloAlto-PAN-OS/ReleaseNotes.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md b/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md index 069336a35d4..ddaabecabd5 100644 --- a/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md +++ b/Solutions/PaloAlto-PAN-OS/ReleaseNotes.md @@ -1,7 +1,7 @@ | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** | |-------------|--------------------------------|--------------------------------------------------------------------| -| 3.0.8 | 07-11-2024 | Removed Deprecated **Data Connector** | -| 3.0.7 | 08-01-2024 | Updated **Analytic Rule** for entity mappings | +| 3.0.7 | 11-11-2024 | Removed Deprecated **Data Connector** | +| | | Updated **Analytic Rule** for entity mappings | | 3.0.6 | 12-07-2024 | Deprecated **Data Connector** | | 3.0.5 | 30-04-2024 | Updated the **Data Connector** to fix conectivity criteria query | | 3.0.4 | 16-04-2024 | Fixed existing rule for sites with private IP addresses other than 10/8 |