From 0c52b2d3ed2424c454311dedf73825b4cafacc8b Mon Sep 17 00:00:00 2001 From: root Date: Fri, 29 Jan 2021 19:25:55 +0000 Subject: [PATCH] Improve ASA/FTD Ingest Pipeline Fixes #21658 For messages 716002: - Changed to GROK; allows for better parsing of event.reason - Added field for cisco.webvpn.group_name - Added field for event.reason per cisco docs for why session was terminated - Added field for cisco.termination_user for the AAA username terminating the connection For messages 722051: - Add angle brackets to dissect to properly dissect the message, per cisco docs - Added field for cisco.webvpn.group.name For messages 305011: - Change to GROK; allows for variance in message format with identity firewall For messages 302020: - Added GROK pattern to allows for variance in message format with identity firewall For messages 302014/302016/302021: - Added patterns and modified order of patterns of GROK to better match teardown messages - Note that order of processing is important as the most specific messages are matched first, falling through to the appropriate match. - Added temp fields for teardown initiator and user; defined in cisco docs but currently no real place to put them, but could be in future. - Added icmp_type and icmp_code parsing for 302021 messages - Changed duration matching from TIME to NOTSPACE, as long-lived connections (over 24 hours) don't match TIME. And: - Added descriptions to many fields to make them easier to find in 7.9+ Kibana Ingest Node Pipeline editor. - Changed source.bytes field type from integer to long, since long-lived flows can surpass the capacity of an integer; ECS reference field is defined as long. - Changed destination.bytes type from integer to long, since long-lived flows can surpass the capacity of an integer; ECS reference field is defined as long. --- CHANGELOG.next.asciidoc | 2 + filebeat/docs/fields.asciidoc | 40 +++++ .../module/cisco/asa/_meta/fields.yml | 12 ++ .../additional_messages.log-expected.json | 22 ++- .../cisco/asa/test/asa-fix.log-expected.json | 1 + .../cisco/asa/test/asa.log-expected.json | 21 +++ .../asa/test/hostnames.log-expected.json | 3 +- .../cisco/asa/test/sample.log-expected.json | 4 + x-pack/filebeat/module/cisco/fields.go | 2 +- .../module/cisco/ftd/_meta/fields.yml | 12 ++ .../cisco/ftd/test/asa-fix.log-expected.json | 1 + .../cisco/ftd/test/asa.log-expected.json | 21 +++ .../cisco/ftd/test/sample.log-expected.json | 4 + .../cisco/shared/ingest/asa-ftd-pipeline.yml | 141 ++++++++++++++++-- 14 files changed, 265 insertions(+), 21 deletions(-) diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index d000980b026..ead7b537f45 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -376,6 +376,8 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d - Fix Cisco ASA parser for message 302022. {issue}24405[24405] {pull}24697[24697] - Fix gcp/vpcflow module error where input type was defaulting to file. {pull}24719[24719] - Fix date parsing in GSuite/login and Google Workspace/login filesets. {issue}24694[24694] +- Fix date parsing in GSuite/login fileset. {issue}24694[24694] +- Improve Cisco ASA/FTD parsing of messages - better support for identity FW messages. Change network.bytes, source.bytes, and destination.bytes to long from integer since value can exceed integer capacity. Add descriptions for various processors for easier pipeline editing in Kibana UI. {pull}23766[23766] *Heartbeat* diff --git a/filebeat/docs/fields.asciidoc b/filebeat/docs/fields.asciidoc index 2ed4bccb4f5..5deeeb0d541 100644 --- a/filebeat/docs/fields.asciidoc +++ b/filebeat/docs/fields.asciidoc @@ -21773,6 +21773,26 @@ type: keyword The total count of burst rate hits since the object was created or cleared +type: keyword + +-- + +*`cisco.asa.termination_user`*:: ++ +-- +AAA name of user requesting termination + + +type: keyword + +-- + +*`cisco.asa.webvpn.group_name`*:: ++ +-- +The WebVPN group name the user belongs to + + type: keyword -- @@ -21991,6 +22011,26 @@ type: keyword The assigned DAP records +type: keyword + +-- + +*`cisco.ftd.termination_user`*:: ++ +-- +AAA name of user requesting termination + + +type: keyword + +-- + +*`cisco.ftd.webvpn.group_name`*:: ++ +-- +The WebVPN group name the user belongs to + + type: keyword -- diff --git a/x-pack/filebeat/module/cisco/asa/_meta/fields.yml b/x-pack/filebeat/module/cisco/asa/_meta/fields.yml index b3bb3b5eb1d..f41b0383a11 100644 --- a/x-pack/filebeat/module/cisco/asa/_meta/fields.yml +++ b/x-pack/filebeat/module/cisco/asa/_meta/fields.yml @@ -175,3 +175,15 @@ type: keyword description: > The total count of burst rate hits since the object was created or cleared + + - name: termination_user + default_field: false + type: keyword + description: > + AAA name of user requesting termination + + - name: webvpn.group_name + type: keyword + default_field: false + description: > + The WebVPN group name the user belongs to diff --git a/x-pack/filebeat/module/cisco/asa/test/additional_messages.log-expected.json b/x-pack/filebeat/module/cisco/asa/test/additional_messages.log-expected.json index 3f2882e1f74..7c3e3b868b1 100644 --- a/x-pack/filebeat/module/cisco/asa/test/additional_messages.log-expected.json +++ b/x-pack/filebeat/module/cisco/asa/test/additional_messages.log-expected.json @@ -120,6 +120,8 @@ ] }, { + "cisco.asa.icmp_code": 3, + "cisco.asa.icmp_type": 3, "cisco.asa.mapped_source_ip": "8.8.8.8", "cisco.asa.message_id": "302020", "destination.address": "10.10.10.10", @@ -255,6 +257,8 @@ ] }, { + "cisco.asa.icmp_code": 1, + "cisco.asa.icmp_type": 3, "cisco.asa.mapped_source_ip": "8.8.8.8", "cisco.asa.message_id": "302020", "destination.address": "10.10.10.10", @@ -587,9 +591,10 @@ ] }, { + "cisco.asa.icmp_code": 0, + "cisco.asa.icmp_type": 8, "cisco.asa.mapped_source_ip": "8.8.8.8", "cisco.asa.message_id": "302021", - "cisco.asa.source_username": "type", "destination.address": "192.168.2.2", "destination.ip": "192.168.2.2", "event.action": "flow-expiration", @@ -771,6 +776,8 @@ ] }, { + "cisco.asa.icmp_code": 3, + "cisco.asa.icmp_type": 3, "cisco.asa.mapped_source_ip": "8.8.8.8", "cisco.asa.message_id": "302020", "destination.address": "10.10.10.10", @@ -837,6 +844,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 2960892904 for out111:10.10.10.10/443 to fw111:192.168.2.2/55225 duration 0:00:00 bytes 0 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2021-05-05T20:29:32.000Z", "event.timezone": "-02:00", @@ -1799,7 +1807,7 @@ "input.type": "log", "log.level": "informational", "log.offset": 4949, - "network.bytes": "0", + "network.bytes": 0, "network.iana_number": 6, "network.transport": "tcp", "observer.egress.interface.name": "fw111", @@ -1854,7 +1862,7 @@ "input.type": "log", "log.level": "informational", "log.offset": 5142, - "network.bytes": "0", + "network.bytes": 0, "network.iana_number": 6, "network.transport": "tcp", "observer.egress.interface.name": "net", @@ -2644,6 +2652,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302304: Teardown TCP state-bypass connection 2751765169 from server.deflan:1.2.3.4/54242 to server.deflan:2.3.4.5/9101 duration 1:00:02 bytes 245 Connection timeout", + "event.reason": "Connection timeout", "event.severity": 6, "event.start": "2021-04-27T05:12:21.000Z", "event.timezone": "-02:00", @@ -3229,6 +3238,7 @@ { "cisco.asa.assigned_ip": "192.168.50.5", "cisco.asa.message_id": "722051", + "cisco.asa.webvpn.group_name": "VPN5Policy", "event.action": "firewall-rule", "event.category": [ "network" @@ -3272,6 +3282,7 @@ }, { "cisco.asa.message_id": "716002", + "cisco.asa.webvpn.group_name": "another-policy", "event.action": "firewall-rule", "event.category": [ "network" @@ -3281,7 +3292,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-716002: Group another-policy User testuser IP 8.8.8.8 WebVPN session terminated: User Requested.", - "event.reason": "User Requested.", + "event.reason": "User Requested", "event.severity": 6, "event.timezone": "-02:00", "event.type": [ @@ -3323,6 +3334,7 @@ }, { "cisco.asa.message_id": "716002", + "cisco.asa.webvpn.group_name": "another-policy", "event.action": "firewall-rule", "event.category": [ "network" @@ -3332,7 +3344,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-716002: Group another-policy User alice IP 192.168.50.1 WebVPN session terminated: Idle timeout.", - "event.reason": "Idle timeout.", + "event.reason": "Idle timeout", "event.severity": 6, "event.timezone": "-02:00", "event.type": [ diff --git a/x-pack/filebeat/module/cisco/asa/test/asa-fix.log-expected.json b/x-pack/filebeat/module/cisco/asa/test/asa-fix.log-expected.json index bcd775e4e1e..7dde207d2b0 100644 --- a/x-pack/filebeat/module/cisco/asa/test/asa-fix.log-expected.json +++ b/x-pack/filebeat/module/cisco/asa/test/asa-fix.log-expected.json @@ -5,6 +5,7 @@ "cisco.asa.message_id": "302016", "cisco.asa.source_interface": "Outside", "cisco.asa.source_username": "(LOCAL\\Elastic)", + "cisco.asa.termination_user": "zzzzzz", "destination.address": "10.233.123.123", "destination.ip": "10.233.123.123", "destination.port": 53, diff --git a/x-pack/filebeat/module/cisco/asa/test/asa.log-expected.json b/x-pack/filebeat/module/cisco/asa/test/asa.log-expected.json index ea4dcecdef3..355b9450453 100644 --- a/x-pack/filebeat/module/cisco/asa/test/asa.log-expected.json +++ b/x-pack/filebeat/module/cisco/asa/test/asa.log-expected.json @@ -133,6 +133,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11749 for outside:100.66.211.242/80 to inside:172.31.98.44/1758 duration 0:01:07 bytes 38110 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -193,6 +194,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11748 for outside:100.66.211.242/80 to inside:172.31.98.44/1757 duration 0:01:07 bytes 44010 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -253,6 +255,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11745 for outside:100.66.185.90/80 to inside:172.31.98.44/1755 duration 0:01:07 bytes 7652 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -313,6 +316,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11744 for outside:100.66.185.90/80 to inside:172.31.98.44/1754 duration 0:01:07 bytes 7062 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -373,6 +377,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11742 for outside:100.66.160.197/80 to inside:172.31.98.44/1752 duration 0:01:08 bytes 5738 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:48.000Z", "event.timezone": "-02:00", @@ -433,6 +438,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11738 for outside:100.66.205.14/80 to inside:172.31.98.44/1749 duration 0:01:08 bytes 4176 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:48.000Z", "event.timezone": "-02:00", @@ -493,6 +499,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11739 for outside:100.66.124.33/80 to inside:172.31.98.44/1750 duration 0:01:08 bytes 1715 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:48.000Z", "event.timezone": "-02:00", @@ -553,6 +560,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11731 for outside:100.66.35.9/80 to inside:172.31.98.44/1747 duration 0:01:09 bytes 45595 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -613,6 +621,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11723 for outside:100.66.211.242/80 to inside:172.31.98.44/1742 duration 0:01:09 bytes 27359 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -673,6 +682,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11715 for outside:100.66.218.21/80 to inside:172.31.98.44/1741 duration 0:01:09 bytes 4457 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -733,6 +743,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11711 for outside:100.66.198.27/80 to inside:172.31.98.44/1739 duration 0:01:09 bytes 26709 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -793,6 +804,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11712 for outside:100.66.198.27/80 to inside:172.31.98.44/1740 duration 0:01:09 bytes 22097 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -853,6 +865,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11708 for outside:100.66.202.211/80 to inside:172.31.98.44/1738 duration 0:01:10 bytes 2209 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:46.000Z", "event.timezone": "-02:00", @@ -913,6 +926,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11746 for outside:100.66.124.15/80 to inside:172.31.98.44/1756 duration 0:01:07 bytes 10404 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -973,6 +987,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11706 for outside:100.66.124.15/80 to inside:172.31.98.44/1737 duration 0:01:10 bytes 123694 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:46.000Z", "event.timezone": "-02:00", @@ -1033,6 +1048,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11702 for outside:100.66.209.247/80 to inside:172.31.98.44/1736 duration 0:01:11 bytes 35835 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:45.000Z", "event.timezone": "-02:00", @@ -1093,6 +1109,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11753 for outside:100.66.35.162/80 to inside:172.31.98.44/1765 duration 0:00:30 bytes 0 SYN Timeout", + "event.reason": "SYN Timeout", "event.severity": 6, "event.start": "2018-10-10T14:34:26.000Z", "event.timezone": "-02:00", @@ -2791,6 +2808,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11777 for outside:100.66.133.112/80 to inside:172.31.98.44/1453 duration 0:00:00 bytes 862 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-10-10T14:34:56.000Z", "event.timezone": "-02:00", @@ -3781,6 +3799,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11784 for outside:100.66.198.40/80 to inside:172.31.98.44/1457 duration 0:00:00 bytes 593 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-10-10T14:34:56.000Z", "event.timezone": "-02:00", @@ -4509,6 +4528,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11564 for outside:100.66.115.46/80 to inside:172.31.156.80/1382 duration 0:05:25 bytes 575 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-10-10T14:29:31.000Z", "event.timezone": "-02:00", @@ -4569,6 +4589,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11797 for outside:100.66.19.254/80 to inside:172.31.156.80/1385 duration 0:00:00 bytes 5391 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:34:56.000Z", "event.timezone": "-02:00", diff --git a/x-pack/filebeat/module/cisco/asa/test/hostnames.log-expected.json b/x-pack/filebeat/module/cisco/asa/test/hostnames.log-expected.json index 6fd963a6037..e03c1a5c403 100644 --- a/x-pack/filebeat/module/cisco/asa/test/hostnames.log-expected.json +++ b/x-pack/filebeat/module/cisco/asa/test/hostnames.log-expected.json @@ -49,9 +49,10 @@ }, { "@timestamp": "2011-06-04T21:59:52.000-02:00", + "cisco.asa.icmp_code": 0, + "cisco.asa.icmp_type": 8, "cisco.asa.mapped_source_ip": "192.0.2.134", "cisco.asa.message_id": "302021", - "cisco.asa.source_username": "type", "destination.address": "192.0.2.15", "destination.ip": "192.0.2.15", "event.action": "flow-expiration", diff --git a/x-pack/filebeat/module/cisco/asa/test/sample.log-expected.json b/x-pack/filebeat/module/cisco/asa/test/sample.log-expected.json index 33d9e610b24..34f1549272a 100644 --- a/x-pack/filebeat/module/cisco/asa/test/sample.log-expected.json +++ b/x-pack/filebeat/module/cisco/asa/test/sample.log-expected.json @@ -2257,6 +2257,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 447236 for outside:192.0.2.222/1234 to dmz:192.168.1.34/5678 duration 0:00:00 bytes 14804 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-12-11T10:01:31.000Z", "event.timezone": "-02:00", @@ -2311,6 +2312,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 447234 for outside:192.0.2.222/1234 to dmz:192.168.1.35/5678 duration 0:01:08 bytes 134781 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-12-11T10:00:30.000Z", "event.timezone": "-02:00", @@ -2365,6 +2367,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 447234 for outside:192.0.2.222/1234 to dmz:192.168.1.35/5678 duration 0:01:08 bytes 134781 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-12-11T10:00:30.000Z", "event.timezone": "-02:00", @@ -2670,6 +2673,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 447237 for outside:192.0.2.222/1234 to dmz:10.10.10.10/1235 duration 23:59:59 bytes 11420 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-12-10T10:01:54.000Z", "event.timezone": "-02:00", diff --git a/x-pack/filebeat/module/cisco/fields.go b/x-pack/filebeat/module/cisco/fields.go index 1365580900a..f3ece1f34c2 100644 --- a/x-pack/filebeat/module/cisco/fields.go +++ b/x-pack/filebeat/module/cisco/fields.go @@ -19,5 +19,5 @@ func init() { // AssetCisco returns asset data. // This is the base64 encoded gzipped contents of module/cisco. func AssetCisco() string { - return "eJzsvW1zGzmSIPx9fgWuI56z3aGmu93d3pu+2b3QSupp3fhFa9nufS4mogKsAkmMUEAZQJFi//oLJFDvKJKigKK8N/7gsCUykZkAEvme36E7sv0FpVSl4k8IaaoZ+QVduP9mRKWSFpoK/gv6tz8hhNBbkZWMoIWQaIV5xihf2o8jTvRGyDuUkTVNCWJiqWZ/QmhBCcvUL3+Cb5s/3yGOc+LWnOG8qH+DkN4W5Be0lKJs/1QSRrAiv6A50bj184wscMl0Akv8ghaYKdL59QD76k+LigJL1RBx/vamxrz6U1HQBlARoWlOlMZ5kXDMhSKp4JnqfLIiKsOa9H6xA0Hz5+OKNPAR5eiqEOkKtRZqsPQiR9aE68Qsn9DMi9Qd2W6E7P9uD17nSJVzdH2JxALpFbHLnKGMFIRnhpWC25/BIntwzIgmqVkpHH6GbwZ4hV+O2QZL4pYi2aEYBWWaQaphWb3GHlxSwTlJtZDJsgyNzV8/NfjU6yDl9pDyhZA5NgCQhnuxB1W4tICm//wfd9Q4wlLircETFgCsb41EwJpkBrNA6K9LxonEc8qopsRPwoJhrQknjyCiQry3XEVIjhlNqSiVvUB7cFYp5rPW4uH4ftn82mCNqwvd4juG5dGcWHZTTc1vzkCmknucF4wASaogKV3QFGVUwh5tAftDSEsZwX6i5kJ4freHqH+3X0JrzEqC6MKRwEmGFpQRtMEKwZJISMTFQdx3ABIDwH9omODLh+F5IUquDdsBaI0j5Qg3THwIcoUUKVEqPII14BrJ7gGhfMmIPScHn+caaaxXwRHO6GJBpDnJFSNpUOTr+5vUEj44DY2MsOdDSJSJtMwJ16p+4x5HSyryotREziZ/f86QojllWIJEFAViZE1Y7x08Q/NSo5LTL/Ye5yXT1Mib+mMKmQef8rVg670Pfk0tuddEcswSWnhJHfz4ACormOj6piK22pqVUAdvBE41Xff1x0fIwmvH91LCbSA8KwTlGlGF7FKHycAaP6f8JzjL5LioOfYBZay2LijXRC5wSjpPvHnlH8ZZc3dmGVWFUDTs23mBNVkKSf/A1fNp1uo+jN+8rS7xN4bR31yYHfxmD8oVjw3hU6GOa8Z7FIAYdPFFPrOyObhNUB32GjyaY0Uyc3iUKGVKEOaZAaQptwy43qc1OnbMcpzGUXoxYzXP355foPp+HYhYOiI0ToZYykSZJVSkkyiubaFw/f4CzmqtkJofwKlWaCFFfoCR0CCvVkLqJAoJtwZ0+0MRCOlcuQKbazGdRKnwDyc0HAU0I1xTvZ3l2c/hSHh7+TNaYbXybMNjcFQr/EPAQ/Pb+Q/BsVwAlq9+fh0Uz1c/vz4SU3izsUxXdO1MrukOLViIbu0or6CHuGnOc7WmJbHnWXmYQ2IXDZHP+3RUxL4PwSnRGqd3xiDFlKkZLgpGUxxevWoBtu7XFupX9wUTVKMbCWjTykO8T1vwEgD/JVmSgxM/HBE3WK8qPpN7kpYazxkYQhljSK+wBhdRtb7TFp29Pd96iDyCOqOSVlZU2P0xkFFOciG3lbbWP13EUXCgp9yHvypV4Vwg4z6xR2ufFd7WA7JZEY4wdztjbNjHb8u0SlGBwTQJ8IwQKYWczClcuQ1g1YNEksUP/k5SkQW8vuBtATwMXPfpOeXLjpZxOKZ6JQnWyarkmvLlTJE1kVRvA8p+BxFJokqmK/lv10VmXSTJkipN5PgDgC7ACY/eiM13F5JqmmL2MMIoT+F5SyQpjFET19NXS5yGSrNFdu0jETc/mAhtytdEabp0kSWJ0zuIfyhV7gtpjGEPMfeAmBtwFdrVIn1B3+M+uPyMenMcBarMcyxD3gwLsKJClDoVOam8fGGRlyQnGQ2sD30gqchzwjOAC+E9SZRgaxsTa0f/tghEPrxRh7kuxygJff5pNjz97jiZZyr8VhCeJZrm/svw8PyJ341a0JeoC8oxo3+QzLA9ZULt1XJGT73GUkfH12icdXT1CH2M8swo5UIG9chf1nG0Gj4AVFZNzrFOV/CfoU7Z1XGagNzb648frpA2RyjdZxb0tsR9KSSBb6jSlZuzg1lfkrauRMkfeJQ0SVcQxIqNer3O47D/WticUy1Jsgvd4wwQn+8b1nJYo+vLZ2oPD7+uLXec3I10cGZWyx3AT/PMYp4ljHIyw3Jpw+Bh38GLN9eoBt1n5wUTZYY+Wol9/f7CabLW9IScwj0snhdJhjtpjeixx+GqieYKZjXVVrD0TwMe2kRM1cbBn4i5Y91fIUkSZLvLpLw9R79SSTaYsd3ZlPVhI0rh5SBXcXz3drIBdq7GxMFGzrFNifRuS53MUS4W9P5ANNxb9gtSRKm+GrkTx/fwc8zceggvNJHo/zMIH4ooBC6TOioegnO3NhjaRNorbW/BxAbttJ6bHMo6iBoWt8tWdPYxCMqSkcT8MwRS71rJpudpSpRCF4JrKZiVzGaxtmJkrF+6y4Pb291SERkDVwPX4kWtrubC4JadB2HY3ujJ0GyH6B+Aa46LgmRJdWUKD569H+4VMFpirux74Hh3fVM5Vx+AizH6Dubazpz3o3AetTn92Jr3zYPtIKXtCExGnUA9TDryJfBGdhNAHrKbbaxOtaVt7A/d1zbeMTa3jdPeHXY2EuT9hdEDQDWzeYRGWlTlAC/RXGhOtMF0saDpDL3nIHPWRG6/Y2JzhsxfPXC5yIjEmpyhFV2uzGMDHzf/OYSs1Lr+tyEoc2GEbf38jVP2a2Ny/4LWVJbqzH2mT5+W4h+YnyGi0530uFRLT5nEkdR8cumctd4DZGF403diQtO8gCIXDxaQpnM4DtcXb2/Gi1Y6Cw5iF8cvaEAdyusROuOIlc8371pro87aPl0AF4kkqZC9CpC9iDxCw8dK0SUnGbo8v0H9xb2sbOzFxG8vxkTXLY/M8i2bkonl0lqM5hozkWKGcJlRbX6zi5yK/P4jeCAND30lm+ewYTzkwMBJYZRwjVQJGvCiZGxbnx6+k4pC0jVlZElmgj3wDB+5F+BqxaBZqmZ5o1+mK8yXlYbu9E3BMls0chgRnGyeIBGcbPYTMS+l0jMx/wdJ+1Is3qWoPCp2WRD7gAfaYMkpX+680BZjOs2xaWNrlAB0fXkUui4TOZH9GEFU2ePSny2ygL4ihB+AreALuiwlyU6DcLN+C/f9aOP18jT44jWReEkexeiTId9itocOzJjYtNyRO054XjKs6ZokqSj5dMJEC40ZSqtiqRbuK6oVUpSnNgbrpA0U/RnVvIoIEixbBHZ9pAvdxubxPtJfqSSF2BBZWSmXZEG4Ik/Ecfrrx8uvy3FqEP6n4/SfjtN/Ok6/ascp+qQIurq4db+acaxntPinP/VIf6qPnU/Y0Vqj2/r9A47AP52w+3HqHos+n//pov2ni/afLtrOgntdtIqk5SA73K7n9aY0C/aW+4A3TtMH5t46uOhqvFzmv4ibOCaKO93EXRuPChXUxrt+f3tAR7HaoQtacMLoAx6uA7VB88RaHdtA33mSFjiF1OSH2nG3VxcP25dqIaQF2qxourJC0tmckiyIVOh5K2H0DN2+e3tzhm7//9szKMBSogd2IaRevZih8wa47VOEMFphmblWYGuakjOEUSGFFqlgZwhEma0pQ2LRl7lGyd8qTXKkxEIbIDN0rVFGuNCkYwQ4SZ/iUtW8t1/tv1OWzNngILqK3Fltp8161oFYE7mRVJtHS5ZkcF6Hm3R8q7z2ERo24disiLT+FPeQoRVWaE4IR2KuiOx0X6ltyE6q2T5ihpdvJynjdwuw5rirsoyvPrb+7oaAuer39dm1wgNyEz8aW+2ObI0tVyobeElxoUvHf4k39cUBmy8VOVGGaEhU7IFG6I1YoktiHjbpJ8TCGhQVHEtOtymhIS0wYIdwZO47lquqbZGGAJ5YIMqVxlxXaCgvjp5qgUMQ3FdL8LEV5zFLIKydOMWVb826PzF6R/TvVHPzDLjdnw2ORk2sWomSZYiTNZFGglbnrsBSEfSWaGxQw7brRLPU8zdiqV7e4PSOaPViAP4S+q+w7Vkdn8LoA7HCwp5w3kJz5mXk0PY4jJP7+m5dkkKSFAwmg0lGFpRDixgGaNmK4BwXfqxytRxW4YQ8gW6P37p7fn35g+tmZ708lWJeVV7gFCLIdr/kYCOAOqhtdacFPme2o8BS07RkWML33cbORk/GAPRRJ8V3MgaQx0/K6Jasp92TV//ck9174sl3D7Qhj7u+Yv6PBAjpb8uTwW6NjxF60VGTxOq+TxE3w7ZY9/9xmCmNNclJLzj6RJCD9KMkZXjQhuJJoEe4HhQcPwnEVp6mBk8CMcqPQyyuxlRJjqd70jKCj5Eecdm2IDZiEMqGGtFrfHampzGdwWaghwyUhMdZET09ZAB9jxUxzsVB4HUSLvKWV8XLPsuuAZmB2Ic8HHww+9Ip1OpyEHOo6K961HWN2gvBU/M4YC2eumU7Im7WNK44bHP3wixDF1XbLncg34iljTdUGS0lz4gEZylxgmpA+oLekwwpAllXnS9311DjBku1CQPYjzZY6k0YgH7Qpgw9geH9S8cdzAFdD+DJw3gwCKlHOZe/CaXbIpL1T2Q158H9UvmOTcuH9PXwd9Bj/BDu7m5M3mbs9c36pzqHf+y695k7oF6Lr5W5637vxuDsff3/LnsHUecosqEvF6wjre0tyxBGS7omvHaSfb2KgPZObzq9BZI9ReXv64hojDo0RLFNJPkSYa/bwUPYYKDb1Ztd2aXRDVykM+fN1hh93BYEpYPREmCFEKpXRKJP11z/8BoJiX5lAusfXzU99V2ADKoJhu3VhnQfo+5+xXRDGDSe8RnAv+BNhJvEOq5W/uodDEJusBxUZwbTOloSrUV2m5PXN587+h6G+rX+lqIqt8U+og5tSLcnnckCUDgj6ZJC7YX9Tldb2cOHWPrXjsSI65vPrz0s8OfkoAAsqDEacjnE69Mc1KHieOzrsyI4I3KS2PVvsBS6vnxMlNTi2w6WApjjYqVP2snG0iS6nw1XitZ1o2jBRTGmy4VgDGZqfY0C2HDvBDk35sxRhVLLump2X0tRfSP6agvawegnaPHl6fypqKq5UJDslguO5tvBpiEkyZeSKCiCUjQv2Nbtk/mwbUaK0xVSNCPo+fdIr2SJXv388wsoDVXE9WTN+36vLieehPJ6ACdUIbgi8ViRfjWnwpYIVz6FMp9boQcDl70Q0HM8F2vSYgbl3szKSrwpLQnOR+9P+tUcmxOzimS07OtpIRj1jU9zrB0LdIGo/nv56vsf/qysSH9ZgACtkP77gJq/G3vwDd4SiV6hK57iQpWu/6YxKR8k133QHxn88ORW+lb58RX6V0PuGfrxR/SvKBUSWl7ANtlFz9B/Z/p/mg9ShbpM+ca7hVxknqLhJ2Lr8g1JUszYHKd3cTVgi1xVMIC1m6lIVTNIw3UX8SIKhyOBARax9UEYLYcZYAyYKi2k0az51mod5hdrzKhtcI98SCHbYdi8MIzUY/bxYcmL3RsxgBwiFuiuw46w0cgubJnA2VN55xw6SNE/CMqJlsOW1wiG4fY/DLawfe4rIWyefawbjdYOpjHbNkO/iY3ZmqHNSTkS0hhjWqA7Qoo9THsSL95XwjQ7XTtZ0yzJYkVd617RS8KhalZBWVVp7WhnF66p1CVmxmjv+N65x8Xhxjfbaf3NjHB31a8vkTTSWoFDBZiG5ZLo+mN7OaFkpKSnk3OiqtnfxQkZJRQ0FPzN5JsPJBeaoFt33qteOfPtmKBE0G3EBmK+gsCLWylRBaMxMxuetDmv6EDtfxK6mZG5Ec873DrzBlRlmu7UVVaLe0L+a0QYrXhZ0MGwqQli9DDKUkh0c3F+43RfV5RLczsuwfNEfnVpEOXTcH+4Ng1giA+bryHrSu2a8mXzlcZgt3oOWOYz9Orn12gDfM8J5jC1w+srAKc+qEmN/whtiLQ98BC0+cBKI8F75SJdJp5cTfy6mei5qzHCto53vwuZAeMgq4mkKy6YWG77gbgFlQMtFqGfUbrCEqfaMtFc6i3gD05zjkrucnpYx2c+WlEbuqDbBupjBhF2xC7Bosjt1NIqjCDxZlSmgWTtqZU4BY3Vxijc3F0k0hR6PAJEpTHPsMwQFzK309E8trzMvfzJXJbD0SwS5XzwJD2ISQ3WNTIvGV0QoNhj4CuSCp6NKNjNdidKx/Sz7CCI8lTkBSPaewBGnagYFHgtaU8MturNpD7RQb41a3uP89hR7p7M0eOXC65XgbapqU8NlfPSZDllJ2L8Fc9isN2A/EPw2N0WdohFs3qlYtr02o99Dg9EVLQbfY40udfu8qE1kapVTpHtygPz7O9jD9uW4FBkNmV6qZAZ8Y7nDHOKXZKNe6ZUvWKlY1SZNvUH2/H14WslRT4DqCUU5auUcCypsGp9XjJNv9OUyM7Q+qaXTY45XvpKcxFiEN7ptPWpGkohqp8pJDbcRsY0zou+Z9BhDP03pRgmH1GtULqixroRGVEz9LZUGsykNlA7ym0kLxdrcuQm7RRgi4XBe02m0IRgk6sFLe+gFRThqT0QmMPc0TXNjGYD58EvyG4rQfaxxzw/kfcFlZNR2OynjQXdm5NINdtWfa+0AH3NIGWbM+70jQbc9FEXzpmRxrU8mw2WrNPJRBlaAuUDRe6xEGv+h74qoEF+KUk52VEyp9ueokY+brBCgEQ2cm4AuR9CMzWgUtBhaASZtsx1hNd3mcfAFYaEhgcaQ3suQoqiLtBXwaFG0JVar8hpTMie+eh9YwbP5YPenGPF5j65dkywoHkget0QQjuCcDpQ4kMo1qpkscNOI1aUKHUqcvLS4lAbL5CVPWiAicy5sCzoGJAjB4SsyaAd7mSEVau7IsBWZGeXyydu8eKgd6B9petKFwMN4k4FSemCNoaPX7t1rdxHzpTTleNnM3k2oHYx0qwpmKhcVJkLsnjxdmbzVJvwuWulty1BIdH7W5caS1WVEND3qyHXF7Y3QAF1qiRVIRQNKDgOOltgTvPMdpiCVP7q7o524SmZHjbMPpUo4mVOJE0fKou8tE1QxbaDsHYlW30zrFiy93tA2prwTEiXMLuTMjH/xwm611ShXU9b8zZi8WvBB+w2EnQ3YlbSx+xV983wQrqqfydmnJdrhevcYi40wjAmwiDpT6BlYplUiSonEerVQXywUJ+iZ0pH9v0V0q2ga3V33GEbq0Iwmm5j354dcuEGEHDNtTnbjshl77ClyAz8UDICiPnFqeCa3MfWWGuErrn11zX9UHGWKfMXPKow6g0Q8jWA2fM42ymZSX9cZwRZMBa4rEZy1r1CsNaSzktNWhJimKPvBnwabb39/PlFhyr6E8Qeb7XYUa/T3xwwBPv5RW7ubEt/8xi3UAFmGFY1HFRNzpdcEzlDt8RuSqmInOElgVbeLtN9IWSFwwB2Bcbq7akdumW/3+pbISSaS7Exv6t+6nRNa3aN9pO+zm6w1KHddDXg0B4Vd6f6c3ynu1P1rN6IV0oUxAUUY73F5xxhRqSus4tks6j7mQ1vOfHRagIASUgehTlDXPDvJCkIWDK7sh/AbJjyyamGj9b2iq4HdL6kNsJWhX8GlG2oXjll2cp6dAkLzqHahCPBv1sK8+8dLwEoKYlHcYxIN24FA18CAgZJsUBGOmhK1AzdNjKlP9igXVkVB+MLW85XKmPE2JJRm2yTOfHrGI9RykqlqwPp/jPYJvgKVWYnXU20828YxRd+O64CTa792Bvmt+htW6Z4StmzfYaXwfISsEBYKZFS8Jea3fDak7Bhb+gd+QVhVKy2iqaYoYyquzNUSJiJAqPEnvkVZSzxMbWXD3zobZ2NxDnRMMwcK+jipaCRg+1FUI3OF52g/bC0pjMVDQ2fJvsenErja+1hhIfJiu9U5EU5vIMRtg2jDeWZ2Lh82lTwlBT6rM6kGGXGgMxFydgWfSkxs87PTOSYcic1eGshJkaerrbXM5S6tIN0oxK+ofyOZK4WqEpExwq8U85AMb/5pkZtRrNdG8cGXSGiirr2ZCfrlugjUKH3/vZUeL0vnOcV3Q7b9dRBZyJz2h/sFNvF6tYEbO35361p/xhY015QFv+O1yT/CqvV11iSrEwJqiJHxO9uU0RSzBLPaxrtEbmFJSu1uf8+th5A88KM+gVIeqeOajkQwmPsVjcP3QqrVX1DjVroqTIs05XN/K1qbOoyw4sKUq9FmCGkXmamZAqD76v/DytNkZHnHFHIuSs5jMg3P4JGeA1qroCwGYJnCzv3Rx+s8CuHfZ6e9IuVinxezdMVi86D5cpG5QNeLxj4OrWnr62NAALjHr9pAqSeK3FhV7c9Gcc9pdaCi+4ar9lnvczXl+idlTTPXeMGZKftuaJfg9sLv15tHdCn8OW33M/Xl8BSV/JWi4mh96AbkbNpgJaEmT1ERhZsqPIbqWu1jdnLvhvVdQXaVl3Y6cceGY4c+dJdNJNyry/3arKh/HN7NFmD2CueNRrtDF3Y+kzX75TZX+zWZgFB2f3ED984d9y81HXlptD1Y1RyRpTljLAPykagNZYUz9mgCtA2ZaAcFQyPCAJFuIraH6WzoW1V1a48M5LKaBhVfSE1+3z78vqmr0Mj1zLWehTG6rKPHCh4cC1kE2mxSKJrrtEtXXIMwmLkiBZCxmxe+2wgv8whval0NwFdHeGfBpH28GlzyjLhOTjv3n9ElKeszIgRZ26QrR2E//yqGmB8Yx0iFixI75nfLwKRucljm+Ccap4WP2ZU3RmV+wi8HlCK13JjvnNPwweq7naEXLWkyyWR8UbY+Vn2uR0LcDjYEc2SqJVgmTk91lYfmTTaCb1P4FkYxt6dVH7+weoYL+pmHNeX/jKSg6PzqciLZOK8K9gVl3sFY1ytf0+V8+8MOoJDferCzubOynTMSnNq6YmyxtqY19JSSOg8YOR6hd/IlDg3iPwkCuCwq/4CZp/bh8gQMdIa+bkRohi9xWnVT9mv3BoRNKkdI/h3lYIqd0sha2sGH2otCVbBc4OVxroMpTjX/ihM2cnMDrP4XNwjmr0cf7/My1pOgaHB6NOg8bG9CwYL/9Wt3rHI0/cGh/xyOHfvmOeMclGGinG26kjUMvidMpI0pNNh4JH9KTDg2J0ZO0finDEj95Aq05QotSgZujLro1RkRJkjUTX79VsWlGfkPjADGFX6OM3zkbIFFgZTTFZIzImE+GaOJWWQwePx4Nn4O18iDEz8znzXSxmPcA7F3DYXOpFG7FZHz+t8zoJIVbiiWythBixzKkKTEF91eHoxUmRo3VzD9zh2QolVvuokL+ersp82v8SUK5QRjSnzOBnmotSt742QJtjkuZmVxxbXeWyAx/hDqklesGjZPOcoIwvsQkCu82UVw3fZmkYrXhPJ8BYKubRwjyt67rmR5hdgdbtvk0VVBW599UpTXUJjRuQlrLENhg2bHntdg0axWv6dFIfGNIKsSkWem/sU5xhdWOiItpJ9CynWNLP+s6qLXE7UaCJUJtLjA40P95b9SlmjNabtvDy/anBfQNLTaWR9tXpcWf8PMT/S73Q0ef9bzF0Axn+7Chqvce4lJBTbnb+9uUbXA4WqjUa0rrWuumQ3BgELu+pq2GVQQ/oh/jCXW+1X7q2ISOYii13xNai46ysdDhdkcBlRj1bhuyXYkMEElectF7ArHbYJtHU8hC5pVodyRpx4eWircVAGHuDlD6fk1XQXZcxnqpruffPJds+pAlGQrHFP0rLtRbCpX3PiK2+tujDtStyYwBHi9YpnXYdIXV2J15gyPAxkoNoVjqC+ckGkHJm0YO/QMb7+cHE3Z6zkrgGUDcAOSHLpBoouZyMSkebJvMyybXD/DM2ToHVALbilIsc1Ot/ppQoPUVIRsMtBr8QuUeUUBQlUtbNXbc9VXGZU15V1TV80h5FvsF1TsWFFSRNe2E2kzRILzcH1ZFb5xecr9NzVSnwumdGV55RBAQfkgV3dF0KZT75A3w0dDbwfhbnjYsM7hpAiaQnNLNZd6COTNlM8gQuunxZ6UVW5v3OlSW/IEqdb9GnUXGN0LvEpivLdwh0WU45yTPlC4pzsTMcosISpvfH7JHSUyxtYFr0TmU2ObtoCtrLOPEihPdoXpAoYRsSykLp9496RDfqt5GBKvhUZYeg55evZt2eIivQMzc1fxPyFOWZbRdXsW398UadFsmB4MDk/tA7V1fAvbhAsCr4ukJPbaviVWOxs1KBFVEztT+cOz6oNgiLSHGQvQus8rNztYfb57e9YEvTRJgB/++3nt7+ff7j69lubc7vGEtPRM7kR8i5kyfLeC/Z7tWA7wjbqBMM8tBLhanbCdimpnwOcmudiG8GEWQhJuKJpSAHSciVFwDgP7wXxxAdCAU02mA6HEz/aOwC9z0MDNdcndIm6KueRLoWeZ0rL0JXvUK8dzSHWfkuDvaNVzUc8J+mxxS7NYLCBSuOKTZq6F1fvYkAs6KijqSI1miP2WFK93Yg8ZPbLe/xC+eh+gg93XBjknf7/YbhqozLbyX8nOWJZy0fvENmJ5EkORxXH3YWfEBMkbXV2tmWXPtd1RnuVZQd9Ml+A221wcvdHpquW1XSKeBgUfS0wZYbXVTOXGyczri/btW3QicuYg5osPS0MxrMKq5zrxKiIR9BzTOI1pFu76qMLkecl73uiBtjx4xo3PRa7d+Re/5X4deoaN3WcZv1Y3G4xz/5d+KNmDW4aa3qMZHg0dsOFO8ipUhU0pSJYluhUFjxgv8GSD4MOTx11xfMiEbGE8e27tzfovfWjNkmpfkS+TJpKcPsfb9CXksiR3q0l44kk/U6dcZMbWg7RLfpQFZ1507pqLT0N+JC2gYrQYwQM0OIox9E+qNoTHHs03Cz8gAbMsMwj7JYBG8G9gIuABcg10DILNpW2AzNst6sO6Azrvlb4WLhzwtNVjmWospIa7rbAg/HFj44+4XSQThUEZrIKfhZSsghbQFUDXiyh1VIEsGL+jwhQCxx8EobtOBX8eEHQPaGhHxzXuS0nRvUMjjRPcAqDUcKXnxjYigc03luA58ti/RO/16vg73vKk1TLJFNB+663oBvIx0WeDgC8Zji4xOAJ4UvKAxZFDkHHyI3mySJRG6rT4PKDJwsmNgrn4XNX2rC5XseDHiHqkvKE8pjihPKCyHy+DZbwPoBdpHdxgK8xi3FWaJEUUmiRhA9JAfT1Twl4HMPDZtHuJhPLJIvBbAM4fP5bypMc3ydah3IbdAGbE81IhEchpzwS0pTHQ7pgKmFzloQOi3Zgfx8RePDO4C3YoXshtmGHruptw/45IuzXEWH/S0TY/yMi7D/Hga1FwfCcxBApNfTw5hlP8pKB8j3fRngnK+DFXQS9JC8ZXeZFHO3baJmYLUMnITnINIZSosiXNLxvhCfKJiRG2EEl0zjWpAEcx5pUW1UWEWaRprwuq45iqmqhjelB7iOIEC20McxiwQazJgrwktN7jrlQJI1wCNevDVciPQrr16LQK4KzCG41kRdJyiL4sA3gCEESgCvnWx3eLWogqyiQizKJENNIJdU0xSxCAZFK8JLwdBsw66oNm2O2/YNk8xh4rxNoAxoFsm0HEwdrm1gbBfp8Waxfx/FBq2RO9Z+jNBpLVRJ2VlwPsBTBRbWKcs0BKkll+Co3ZX38wWZttQATvbJ+/vDOEQsc1L4owG03+XAd5FqwF5SRGDaMShYxNpEuQhZndwHH0A1UQgtIUkyiiDparH/KlC4GzfwDwVYyjQKb0QWJYcYocDTnJKPBCka7sCmPc0pykZWMqFTE4LYDTpcRZJMo1AbroDP/W9B9GeRBAEuypEpLHN4T0sCOoPFJUsRitYzGawWdyGUk+Woz8+0RjwBdS4LzCIqkLQWKhXY85XqzElQldsJseOhbLHGUA56NFMKGgLy28+1Dw6VKYx58znGm9LyUoYYFVlCJnRUUA2oZHNfwenRVkxwaLExuWIQfdn1sp4FdMJc4y0LfAZqFDqtWrYMivEU0T1IpRB6lK5EBHMFMo3kSJznSdTyKwebiLnh7pkKFb1lKC1VIGhgow5rqMnj2GaOchGux00BVQSfq1HCh+Da8W4sJ2/U0WTAR/DmvgUdI+Tc2b3CpY4BGkDjGho6AavDcBCaWUY4uX0a5wIWQoQVYPi+XMa5ZTlUaQyzkKsqBjTEHghMNzZWCww0uw20D6NAZfxZq6HQ8vtmEtkCiVJQJOwA6uCUqwmtGQtJl4pnH9Wi4G05k+DerSOxQ3uBgg06mbsDaEa9RDlmEwk03Eye0MHBgQ0uDIrGOpODoYqXML5N0FarOfwCa3Bc0eCCgIDJfSsz1oOduCMibKIDDP722E9mnT70poAEAS7FMsCoCDgxog5Y4NFRJMIuh30mSAh9s19FIwMMz2UAO28K1BVnILALG4R2ZKoJvWFnfcIR8AEVCJwLYgccRjBNFvoQ/AL4GrcGgRjClFF1GELyqCO1lUzKNcQ9kmgVXpJVMfV1xAwDW4UZstWGWKnhXzXXKQxdKeKfFPhaobdIZmny91OGPlQUaPqJXz/QMDXdbBO/WWmbzKHnopWQR3sJSEZlkNHTVe5SxFVVkKAYbdKo0zkN7g9cJ5UrjRQTNYE2ljqGGrwseoXWTFrLkId2svrZono6i56UW6EPJ0WDpOnsk4rC8z5jRDF1IklGNLrDMXDdDBe3f/ejYyVkRuTQ2IRTAwBB9BP0NUsGQr1SnzoegPB7nrvKCiS0ZDBbcy7+FKIM19T7wjBkeWp8RzDuTZEnuUY77jRaaWCxflv1hINGRZFTBcIZqdbf10EAJqbIohNRo2HgUoc0Ka0Q1KiRZjB2FR6TlPmQIhY/xzuqoUUCUu87uI32hGeWxJ/K3UDWrtfFUSIsl0SsiZ83n1UqUgxcNIU7WRNbjiLRABZaKoLdEY5gIbu8qrlnw/I1Yqpc3tuz1Bbp0I77OkF55phRBM+APxI0+BrQ5ekf071Rzovz7PDzUUZi3gJHd9S2CxS2ximCZrmaUUy9+MHN3gv7aPfEJszAgGeIlwyWHWb/LEua4Vk3c/Q3ce/3ad9AUvx13TVPdhNvNLx4x9s1GJAFrmg7rvArLoo/kXsOtGHMXTDGNekQgNYPr3sGEas5GJl5C99yI48Chf64iGknypSRK72jafXy28sN75VuVAcby2FWtxO57pOq80647ZRdOFiOIjXV+Dh3a1S9eykPO/t8/39Asdn1ZCQVY2382wGoIl8T7wCNsHpc5VgTZdO0aGzS4VfUuuW+cBl9ej4KvMRfStq/3shEhrJAiBMad4d3zqiTmCqcTjPcddJi2S3NQe5tDk5YSJqDtQrogMqdW3ZgK6WZJO5iDrikjS4IYWROGsFJ0ye3GNfP6/UcfWjKfUH7D+jtO+vwkk54NZiWnX0rSH5OI/Zevhe9xHROPm4JSaTQ0sxcyFZwTyK1AG6pXY4ICIU9lSK2xS3JUedGDTQvDTpAn9RPFxJKmmCGDwYjpA1icFjtYamRM4+l4V6y2yo9eK51tI3pZraEfeMwoVslKRLcJrBFXm2swS6UZamSkYnsEj78fALKXxmALb5obxJIyguXsnClhDPHOfbuEYDn6zX1jhs75tv7fALoGW15xjXA2S0VelJpIvxiO4sY3hMUzz77p7wXMWOxsCNV/L199/8Ofje172dqOimPfeNF25zQJGzE71HGDt0Sif6l9cuqlQwOQ89/60PU/8c88b3DunPqd+3Fk8vI+2fasPzDFrDND795/vDK0E0ms8wT8pRlVqSQF5unWaJVOPWP9XBAEHDpDH9/+gq65/vHVGbp+d3n1n7+gT9dcv/4JPd+stogTqldEonQllBuVJqQkqYZP/fD6f/23F8+8HCF6FVHG9fkBMnWWY/84HhX59D3wmt/as3hdIeW/4tnTQrotm/ZgfmTDuIMfeB++PcW0sU4+U6lLzNCb83deZP8QnMTzZR13Mv6P4GTm561B96sRoUDIfuEJW/AU3+Ad+7DEmmzwCUakw+m+QedZJsFPa0+5D5366U3z4tg452NjIdcXb2/sqzQaHsuxmjD60XEqWU3Vvd3o+sagMuL9Mjw8chJEEB6atcd5WGliiZ2uNa2AaKGLs4yaD2PWBGxbs/z979yEB8CYhHDBhbvhl90jMEClybWOotcd+qRh9M5heCOkrkXyQOhmEGCDDaB6u1/yqol5b+mhfFk9JhVZb8cYz4nPbpzKi+uwA8sXKyVSalRO6zca6DjIyGWJ+ZLMatMpFXxBl6UkGZpvASbhGWQN+eVMcWTrgUHR6Ii27F10EaHfAQuo+7dLuII7ACTJhSaJy+wOn2cUnrUZVwlObCp+BNCFlnGALyIciUWEamEW4zrE6n9SRGAqzpLKExdPLe9b8IaOWX+1tjPhBBrslV4RyYlGH7cFOUOfqmfsDTjAfkQ3lQNs8BK8H9PUqlE9EygTI6ZxhbTzi58hzJhXmSiaD0KCG5aQmLcm0ryBlGuBlIbHnHL06XpUoKSQIBtNXgUX2QaoKCKMfTOAJVGhM3oN2AglLvZFDJ2KDv72CNja0QoJI3wZfFIk4GyUj4ha6IgGalUezFoBGI5SSCdYIIx+FXKDZTac043Q+RKSvSTC5sbfQy7dnOgNIdyvegbumvjQGLfQmLVDdRYZBC3jITNiQCHlLs8V0hJyqo1YciM2/CSuGeZTxPEPcFBWCSItF+WAwK7LsomkrI0FuwQDtvvyhI5UkhS6EKzD9YM7LGKPpaZpybBE0C8aVUg8v7r/5Y1YisXCP/2dpIlekejb20H2o1nQ3sYW3lcGb4PuealXhGuXLD6KtipDdk44LKHHLjmO+idF5CjCotSpmJbTbslxhG/LNCVKjeAMncePa452XOIJ4IWMirsUcos8hQkD3KYQTh0cSQ9HI5UgwKcKwc27YuSWTzmsv4gGilKXqnW4fnQj7yZGtmsp1AwwSrKaHueH6enDlCNFdemRnwiKC4gT0Q7qCiuEM1GY10WvCJVIbHizZZZxGt8LLvKRvFqYyaGobVE/rRJhlHvKMyN/hFQ1AzD6lTKCzh1iswEbDnH28poweydHE8Zr+k+SrjDKgluXtRCWCz4aPYwIWe/+CEbYfL1bV68RmhPjCaFzEbN6wEP8nKzwmooStMtU5IUUOR3JUCRTI3fF8ZxBEdkCXezGjfJ1LXYiItnHsKN1Ii8CHQyDDpc5AkHP+jV+sXe39co292302DVlliXX/XK20Bp9BmXgSXqMWX+QFgTv8ZJwImlakQQMgUS/fmoB1St4an2z3ZBDdpb+MFNajgc/K5qOabt1Mppe7abJqRd2rYh0eU3T2gjXNCfKyHWr7UlSkNEgktuFYE0h9m4ENB585DbIA4/WMb27T3a0fjyMph8SFWzI6cGkOYfxPgoHtAHFjUA4QBh8vdS92kudnHTv7EULQpvcv3PBeqlOI0D2yPFagHy9x/HH/VsWarTBNFt2mHyUk0qQkHfsAPkx6XEMSdvgMNZKPZSg9fzUwSt3Sr1KcqJX4gRREtzxJCOLhvvY6IZDLyUponqddkR1Pgjm/LUGkR3nMpIn5D9nP3//PXr+5vL85gW6pEpTviypWpEMSuG9uDCxFNH7Au2KhEG27MLi4bYZPjiSMSZFZK/irvpPs6s+DOobAx75YEOfH3JdUkj7r+t+W44/wMkXM8Xc1ya9yRTDLFR3uh4hH3BGS2VXQEIiRXPKsLTiyYhNc4dSeNf95VVwzxXNpuw00s6U/2QOQuVF7PXFbC55vDqLc77rrkNYw1Uatvy/zkkEvxmcBee4Ia2yjMzvyhQyZmLAIGQDrBZyiTn9Y0dWNY93FA5l9hGcbp+pEXYvqPTWkkbq+vOrWQ5eC9viy/Yu6mQ1/0Yw06sUS4IKSTKRU469BXct8XSDNSVcq73p8QxPSe0bfFJibetHUkQ6uObqPDOCq8BSQzOkhtTdYnXCZkdO2BwiURckIxJrkiXBksp2nA8jfH6tVqyDZzdSrGlWNw9zn8NFwZymOjgYrvmPeda6Oq1fwWmIpNlEVNZLul5/ejtCpnd4KGROrqmNnq/6ivtIC7ha6Qw5FPyhmie5B52p9aVWJfTSQ6jVUUFjxQopLaSV+AZaTjSG1Z7Bp2bmU8/81Oc0yxiZTsq9hfUOlXOe7W3JvaPkXDUeYxpyb9xqrQ5DfFtFZ89QwbDZMvM+C4kIT+W2GPPyQyrkBPbkARl0srYtfxNKo7c4XVE+YtJlOJLk+KbP608cMv0LSYz4MPqRbXKmZuhNhgv0Gf5j9aNMcFt3+vfh44lWeE2M5sQIluhLSeQWQQ9CVQiuSKVR+YtTDb0JfGcaeel64KUGsqRVF0huybd9+cbxrEiaANXmAH1wzVEPxRSmPMV1mPXPeNVautPEyNiG7uGlCsmSc68dq87ql8dGnm0bqZEaOwcxcRZm/I3AaEN5JjYKqYKkdEFT85szX52gy5MdXhBDnsW3yblBz6EjLOFp8wxB6PJFi1uo5PCOvyFLnG7RJ9VtfFtHYPN+IW3w7FqzwgQG+8hr3za1ABWoVYNDZl7EAcfrPgCe6v9OpSmU8wzZ1yU7vkI91p3XqtceioFC70Fz3zmC2GnyesdIdRm+zvVeyborIH28C+iQmmkcdnXAoLs3TUKm3YbBDvkbUuwvfoaygZAjAUcr3IDkjCwod756EE7Q1S/HxUjTQcDuqEKxSLg1Dpie+hdaMNY+29i0u15KI70pax+21jhd5RO3wG9WBYajgXXU3o4oQ17mlIebIBb0bhiSoagw7uPpEVLtsh3YFttGuynv90ztHGAd9+3bg3WBZXWmzI/PGlI2KzpopY7M7TC2rE1+P4g8HXxmiW1rIeQ23ob/RRWY/9vejjEVIt0u6pV67nuaDFv+8hKg76HtZCrRgKqq3/puqkZPQUK4lqI4RnRkopwPnAsHnXG3prG2yZ5yBMDRVndMew8vRF5gvq3vI1w7GKdv7ZU1keYZSihfCL9SgNVd7BqhPfKjZ0VWmG1I3K7oiy+xcgR+LRnbov8oMaMLSjJ0CXXP1jnoRWVD5kkqxB09UdD9dzJHdv3GfsZsTJsP3m22CYcXpQaV+8gRpvvv+od6CTdlx7mjrU9+hj5uC0t64zkwzLE7OL55kiySoM1ke2gbHKwjQj5Tvra1fWSmcNXVymUXO+tZLISsvP0QYv7wZmTLW71yAh+nihdF3DlEO1hhVt7rua/QlEJE0kS6SJl1zH6gAmu/azLlCVYho/0twNKV0weGXEoWcJtbUAPuSm2MJqUM5Q1pwVREJngZzqZsQAd/nrqgg6Y/dkG7Ux9BsJB7TTioVuGNEwM/2GmuFb2VJL1UmdAalV1iilrCjsz9CMuCevXS/fvCofDS/cPlNfnc/pgR6c/Oc+ScMHpuiWkHz8Hj2hq1NiAncwPRjElF+YJIORJ3HdI9CV1txX8v673u2QmQrPoSL1rb4LlSENYWUa+UZ4nJjt+VjdubY/cRMohl+0d/I8MErfGBn7RYETmNP8Lo7C7j6fkFjH58gS5gfT9qROqJmqWM8PmCSDf8k3SyMHc05yVRQ8ctRrY23Cz6TLU6Re/cafrHsV7Jh7dG8e82uqV/+L019C6STLn+2xXiZCk0tRtYrLAamQCl0qnbCrW20i4+PlzQbHW0CVCDBJfeGasap1f1N/6EFEWXU1RUdPsb1VMPP44OWjbShCpVBlc6ATIkS8Xz1j0uhgIYEimj+kAHm9KWnldmcXQLweld0mmSDIm6M7iLIj+/hdTO3Y9RS3oeh+TDpecOHMdFqFIsWcd80fshVefI9iKTJebo4TJ4m0YVCzC9I86ijtTc4JtmXEn7QQLZ+hNSEK8TEl3fnv/t7Q26Me8Ues9Hpq802EaqpD4G248b4ccWxFC6IumdOsqJfJgQjtuDzDd0ru7XWbcIgzRQN4KwkYI7tFwi6aAp5AmUXItH3RVk1GgAnDXW5WQTPttYrjGjmT2IHiT6gnCyrta7BCFw7I5sVV9sBzr5VQJpYNgrrQuVUJhBGwU0bGUMhqT4CdwmuuRV5YuQVG/33KhU5HnUPnEH4m3xcA4hfwn+hkrC+pZmaBfLhmGeKHWqgbdmZSvDf3fUVjVaXmxtqXFSCDpFWrUPYYsBAgwAKb81AGxNV5jzQeOM2O2m3KqAyEjMdqK2zfXD4mYe/v7m/J179172lq8fFC1k3/cfvGcbVXfJWrAyFgPOqznO3M25qSdjV+N8S061Qs8tEuoFdOuAwt5qom4PPAKkvdSwMpI0e+Nw/cSpdukCs27RwZpIyBRYlAylgqek0MZQvrV7ONJeYbOJKX0t443BXo3QNogWQmokDH9/+/dzXwqul+2hz52Qy+kTLPsFBh0X6xzbZifeRjF/vXp/c32D3uL7nPKsHuvt31ZD2+RpmJ0hiiNkOTIG1O0iq1af/CWLwdOzbZVjspiuYPPURfgVydHVjo6zzEnl60vXpddhsRNDNt2mnLhXQEVx/l++brguzOHZUJMMfbvBX2JM6BNlN7px1WDF10Hd3Bb3niFVelLUsUJ/UVoKvvy3OcPpHaNKk+wvL93PzurfUr4gqf9XCyrJBjOvIoPnrPUdhHmGlEAjx1KSJVVabo1lP6WwKLBeuWb9NQ6oj8MASXBKTYWmLYS29VqpkK0u5LU+WWNOuG7lpFR4u4GMs3qa2qx3+cdxH8M7IwtcMp3AnfgFLTDrlCJ3SOpm8L9rJUdUkyKbkfFN2ZqWeLGgKQwSmBPCkZhD34hWQ696XxR+ADH9i72HlOGtr13GBmseWZ3MVew2SSMSReINyolSeOn6EqXCyG8YYOZTJN+IJbokqchGwj4OVnAfle35HDCBqYfwlNIIijDNiyYWiHKlMdcVGn4bX9OjHvFs+E55VXG4h9RYt9rWOTXjCdDK2LYwYfd3qjlRqtr9/VMQOFkT2W5QUWCpCHpLNAZN3dXc1ks9fyOW6uWNTap9MQB/6dLBGrUCow/ECgt7wnkLzZFOMmQdxYXzuGhzrpZxlWe3x2/dPb++/MEFXGzbt8a6hp4A9zjViIml3a9hXxugDiZZu9MCn1PduUPm+25jZ6MnYwD6qJPiOxkDyOMnZXRL1tPuyat/7snuPTGrxtmQx11fMf9H4u119WSwW8cKlT4ONUliZsU+nm2x7v/jMAPbL17B/eOQw2VGdQL9qJ8iel3D6Qkhtgo4UTcoYpQfh1hcjamSHE/3pGXkqGGxcdm2ICSLXQQyHrZot020jSRJNtBDBkrC46yInh4ygL7Hihjn4vR15v3BuF72WXYNyAzEPuTh4IPZl06hVrvoQK1Gy5p+96Nt16i9EDw1jwPW4qlbtiPiBprURRSHbe5emGVs8kvrPr8RSzfW1VUxQC85Y4JI4gTVgPQFvScZUgQm7Xa+3F1DjRss1SYMYD/aYKk3YQD6QZsy9ASG9y8ddzAHdD2AJw/jQcAWCzvO5W9VXqk7kax/IhXhdedhJpbKd2xaPqSvh7/0mAM2+NIoY69v1j81/QBHrnufuQPqtfhambt+HZu9r//fZW/k2ifH475csI60trcsQxgt6Zrw2kn29SoChkXH+S/iWiDZU1T+vo6IxqhDQxTbRJIvEfa6HTyEDQa6XTO/K9dT7AYu0pnzZmtsK6xTPJQgc1Ilj3665vqH10hI9CsTWP/4qpvmlQq+oMtSjue3NHQfo+5+xXRDGPSplk2CZTxBz4yx7JiqmuhrdzAIucEyi6bU7Z5UbxWSzx19DyNJGB6mptnWqu4RdWi7ZphwUlXT5UNIuqQcs+o7XW1lDx9i6V87EiOubz6/9rAAebvJogAsqDEacjnE69Mc1KHieOzrsyI4i1he3zHtYCl0ffmYKKnFtx0sBTDHxUqftJONpUl0Pxuuc3AbRQsuijFdLgRj0Df1axTAhnsnyLkxZ44qlFrWVePhWorqGzEcZzHO6Cdo8eXp/KmoqrlQuircm28Hm1ZP4jIAFc0LtnX7ZD4MycwEpyukaEbQ8++RXskSvfr55xdog90ooWqVHZx4EsrrAZxwc3WisSL9ak6FHapS+RTqvqvmKisvBPQcz8WatJhB/SU6lXhTWhKcj96f9Ks5NidmFcnoUU0T9jHqG5/mWDsW6AJRXfX9AZH+0rYJrZAejrP6O4J6kS2R6BW64ikuVMlw3azsQXLdB/2RwQ9PbqVvlR9foX815J6hH39E/4pSIY2+bHsOVMPU/jvT/9N8kCrUZYq//QUXGXmyti7fkCTFjM1xehe/9CkjXOhqNBrYFYaJVc0LmCZjU+ngcERvZgRHBhpuYwYY2zn2WkijWfOt1TrML1rNKHxIIbQQJc/MC8NgIIOCjgCHJS92b8QAcohYoLsOO8JGI7uwZQJnT+Wdc+ggRf+AYZSSph6rw5nC7Q+DLWyf+0oIm2cf60ajFYtq22boN7ExWzO0OSlHQhpjTAt0R0ixh2lP4sX7SphmB1Mk65gDz68qyQNjqex8ag6T+Ft24ZpKGJl6fdn1vXOPi6M90x2YYalwV/36EkkjrRU4VIazRUan/9eciFbPfHJOdOeRjOTLRQkFDQV/0/zqA3TDr2c0p5JgNwhoRFCaP1Ug5isIvLiVElUwGrt7yZM15xWNVQj7yBTp45pGHXre4daZN6CaCOROXWW1uCfkv0aE0YqXwbigSWL0MAJISHRzcX7jdN8Uc8MemhdC9jVeBE/kV5cGUT4N98cn+1SBIe4bdYuGpnzZfKUx2K2eA5b5DL36+TXaAN9zgjnCjPl9BVX18wI1/iO0IZJYsFgjRrDSSPBeuUiXiSdXE79uJnruaoywrePd70JmwDjIaiLpigsmltt+IG5B5UCLRehnlK6wxKm2TCTQvshgYSe4o5K7nB7W8ZmPVtSGLui2gfqYQYRd0xaMRZEbJVPwKowg8WZUpoFk7amVOAWN1cYouPM5iDQtZQVRacwzLDPEhcwxo3/48nuFzL38yVyWw9EsOmwW3g4mNVjXyLxkdEGAYo+Br0gqeDaiYDfbnSg9QUN7H0GUpyIvGNHeAzDqRMWgwI83mlYaS32ig3xr1vYe57Gj3D2Zo8cvFzx4J+RskCDx6KYHPDsR4694FoPtBuQfgp+oe061eqVi2vTaj30OD0RUtBt9jmAYtxtB7trhVthlu/LAPPv72MO27Y8CfzxISVIhM5LFewddko17plS9YqVjVJk29Qfb8fXhayVFPgOoJRTlq5RwLKmwan1eMk2/05RIhIuCVdUvTS+bHHO89JXmIsQgvFPZixYpi6tCVD9TSGy4jYxpnBd9z6DDuJqaNLx9WqF0RY11IzKiZuhtqTSYSW2gtnvWSF4u1uTITdopwBYLg/eaTKEJwSZXC1re2aFpPLUHAhvVOqNrmhnNBs6DX5DdVoLsY495fiLvCyono7DZTxsLujcnkWq2tcQqI/SMvmaQggO62zcacNP3dPuu5NlssGTTXa0MLYHy4KM4a/6HviqgQX4pSTnZUTKn256iRj5uMIw9LdsNuNpoFoBcqFEPNVMDKgUdhkaQactcR3h9l3kMXIskAqpFEkN7LkKKoi7QUKM+GqgRdKXWK3IaE7JnPnrfmMFz+aA351ixuU+uHRMsaB6IXjeE0I4gnA6U+BCKtSrZiZrmi1KnIicvLQ618eIGuAxOCOaOBR0DcuSAkDWRVMduDTrWfdqt7ooAx0aT9lw+Ew9us690XelioEHcyY66bwwfv3ZrgzljPVWcrhw/m8mzAbWLkWaDybD1JFgv3r4pMhE34XPXSm9bgkKi97cuNZaqKiGg71eD9asdGquSVIVQNKDgOOhsgTnNs6a7cH13R7vwlEwn8VoXPVAU8TInkqYPlUVe2iaa/HxAJVt9M6xYsvd7QNqa8AzmJO+VW2L+jxN0r6lCu2I4nbaNWPxa8AG7YR7wTsSspI/Zq+6b0UmwTsw4L9cK17nFXGiE60lq/gRaJpZJlahyEqFeHcQHC/UpeqZ0ZN9fId0KulYP237Xir9gNN1OMW1nRC7cAAKuuTZn2xG5XLKYedN+Bn4oXfN/vzgVXJP72BprjdB1Myqgqq7KMmX+gkcVswohXwOYPY9zusJ8SRJONrFlwVjgkmxaoX5QQrSWdF5q0pIQwxx9ZVE32nr7+RsZSlzgYMKu5hwbTOiY5OaAIdjPL7LItPU3j3ELFWCGYVXDQdXkfMk1kTN0S+ymlIrIGV4SaOXtMt0XQlY4DGBXYKzensL3kf1+q2+FkGguxcb8rvppWs1xNGbXaD/p6+wGSx3aTVcDDu1RcXdKDKpDp7pTgmXNDNJIV0oUxAUUY73F5xxhRqSus4tks6j7mQ1vOfHRagIASUgehTlDXPDvJCkIWDK7sh+mmIvS7aPvm4Zi9biX1EbYqvDPgDI3VKOR9egSFpxDtQlHgn+3FObfO14CUFISj+IYkW7cCga+BAQMkmKBYMI8JWqGbhuZ0h9s0K6sioPxhS3nK5UxYmzJqE22yZz4raeZpKxUujqQ7j+DbYKvUGV20tVEO/+GUXzht+Mq0OTaj71hfovetmWKp5Q922d4GSwvAQuElRIpBX+p2Q2vPQkb9obekV9agwxhcOEZKiTMRDlDRKfP/IoyljjUwOo9QSxYimgiFSqwgi5eCho5uGnSIs+NFBOdoP2wtIbodKe6Z9+DU2l8rT2M8DBZ8Z2KvCiHdzDCtmG0oTwTG5dP66ZNntWZFKPMGJC5KBnboi8lZtb5mYkcUzeIF+iuFmJi5Olqez0jDbAfjIaj/I5krhaoSkTHCrxTzkAxv/mmRm1Gs10bxwZdIaKKuvZkJ+uW6CNQoff+9lR4vS+c5xXdDtv11EFnInPaH+wU28Xq1myNydutaf8YWNNeUBb/jtck/wqr1ddYkqxMCaoiR8TvbrMz9RPPaxrtEbntjPHvv4+tB9C8MKN+AZLeqaNaDoTwGLvVzUO3wmpV31CjFnqqDMt0ZTN/qxqbuszwooLUaxFmCKmXmSmZmm/V/x9WmiIjzzmikHNX8pQRLM2PoBFeg5orIKwmv1aFnfujD1b4lcM+T0/6xUpFPq/H9y46D5YrG5UPeL3WVJZqak9fWxsBBMY9ftMESD1X4sKubnsyjntKrQU33eBa62W+vnQjuNFz17ihmk1pi34Nbi/8erV1QJ9qwL9zP19ftue71mJi6D3oRuRsGqAlYWYPkZEFG6r8RupabWP2su9GdV2BtlUXdvqxuTW+Jx53fFEvjK4v92qyofxzezRZg9grnjUa7Qxd2PpM1++U2V/s1mYBQdn9xA/fOHfcvNR15abQ9WNUckaU5YywD8pGoDWWFM/ZoArQNmWgHBUMjwgCRbiK2h+ls6FtVdWuPDOSymgYVX0hNft8+/L6pq9DI9cy1noUxuqyjxwoeHAtZBNpsUiia67RLV1yDMJi5IgWQsZsXvtsIL/MIb2pdDcBXR3hnwaR1l2GU5YJz8F59/4jojxlZUaMOHODbM3XZ+j51T3OC0Z+QTfWIWLBgvSe+f0iEJmbPLYJzqnmafFjRtWdUbmPwOsBpXgtN+Y79zR8oOpuR8hVS7pcEhlvhJ2fZZ/bsQCHA2inK0nUSrDMnB5rq49MGu2E3ifwLAxj704qP/9gdYwXdTOO60t/GcnB0flU5EUycd4V7IrLvYIxrta/p8r5dwYdwaE+dQHjZkRWpmNWmlNLT5Q11sa8lpZCQucBI9cr/EamxGGZbbA8TYbesKu+ka7YPUSGiJHWyM+NEMXoLU6rfsp+5daIoEntGMG/qxRUuVsKWVsz+FBrSbAKnhusNNZlKMW59kdhyk5mdpjF5+Ie0ezl+PtlXtZyCgwNRp8GjY/tXTBY+K9u9Y5Fnr43OOSXw7l7xzxnlIsyVIyzVUeilsHvlJGkIZ0OA4/sT4EBx+7M2DkS54wZuYdUmaZEqUXJ0JVZH6UiI8ociarZr9+yoDwj94EZwKjSx2mej5QtsDCYYrJCYk4kxDdzLCmDDB6PB8/G3/kSYWDid+a7Xsp4hHMo5ra50Ik0Yrc6el7ncxZEqsIV3VoJM2CZUxGahPiqw9OLkSJD6+YavsexE0qs8lUneTlflf20+SWmXKGMaEyZx8kwF6VufW+ENMEmz82sPLa4zmMDPMYfUk3ygkXL5jlHGVlgFwJynS+rGL7L1jRa8ZpIhrdQyKWFe1zRc8+NNL8Aq9t9myyqKnDrq1ea6hIaMyIvYY1tMGzY9NjrGjSK1fLvpDg0phFkVSry3NynOMfowkJHtJXsW0ixppn1n1Vd5HKiRhOhMpEeH2h8uLfsV8oarTFt5+X5VYP7ApKeTiPrq9Xjyvp/iPmRfqejyfvfYu4CMP7bVdB4jXMvIaHY7vztzTW6HihUbTSida111SW7MQhY2FVXwy6DGtIP8Ye53Gq/cm9FRDIXWeyKr0HFXV/pcLggg8uIerQK3y3BhgwmqDxvuYBd6bBNoK3jIXRJszqUM+LEy0NbjYMy8AAvfzglr6a7KGM+U9V075tPtntOFYiCZI17kpZtL4JN/ZoTX3lr1YVpV+LGBI4Qr1c86zpE6upKvMaU4WEgA9WucAT1lQsi5cikBXuHjvH1h4u7OWMldw2gbAB2QJJLN1B0ORuRiDRP5mWWbYP7Z2ieBK0DasEtFTmu0flOL1V4iJKKgF0OeiV2iSqnKEigqp29anuu4jKjuq6sa/qiOYx8g+2aig0rSprwwm4ibZZYaA6uJ7PKLz5foeeuVuJzyYyuPKcMCjggD+zqvhDKfPIF+m7oaOD9KMwdFxveMYQUSUtoZrHuQh+ZtJniCVxw/bTQi6rK/Z0rTXpDljjdok+j5hqjc4lPUZTvFu6wmHKUY8oXEudkZzpGgSVM7Y3fJ6GjXN7AsuidyGxydNMWsJV15kEK7dG+IFXAMCKWhdTtG/eObNBvJQdT8q3ICEPPKV/Pvj1DVKRnaG7+IuYvzDHbKqpm3/rjizotkgXDg8n5oXWoroZ/cYNgUfB1gZzcVsOvxGJnowYtomJqfzp3eFZtEBSR5iB7EVrnYeVuD7PPb3/HkqCPNgH4228/v/39/MPVt9/anNs1lpiOnsmNkHchS5b3XrDfqwXbEbZRJxjmoZUIV7MTtktJ/Rzg1DwX2wgmzEJIwhVNQwqQlispAsZ5eC+IJz4QCmiywXQ4nPjR3gHofR4aqLk+oUvUVTmPdCn0PFNahq58h3rtaA6x9lsa7B2taj7iOUmPLXZpBoMNVBpXbNLUvbh6FwNiQUcdTRWp0Ryxx5Lq7UbkIbNf3uMXykf3E3y448Ig7/T/D8NVG5XZTv47yRHLWj56h8hOJE9yOKo47i78hJggaauzsy279LmuM9qrLDvok/kC3G6Dk7s/Ml21rKZTxMOg6GuBKTO8rpq53DiZcX3Zrm2DTlzGHNRk6WlhMJ5VWOVcJ0ZFPIKeYxKvId3aVR9diDwved8TNcCOH9e46bHYvSP3+q/Er1PXuKnjNOvH4naLefbvwh81a3DTWNNjJMOjsRsu3EFOlaqgKRXBskSnsuAB+w2WfBh0eOqoK54XiYgljG/fvb1B760ftUlK9SPyZdJUgtv/eIO+lESO9G4tGU8k6XfqjJvc0HKIbtGHqujMm9ZVa+lpwIe0DVSEHiNggBZHOY72QdWe4Nij4WbhBzRghmUeYbcM2AjuBVwELECugZZZsKm0HZhhu111QGdY97XCx8KdE56ucixDlZXUcLcFHowvfnT0CaeDdKogMJNV8LOQkkXYAqoa8GIJrZYigBXzf0SAWuDgkzBsx6ngxwuC7gkN/eC4zm05MapncKR5glMYjBK+/MTAVjyg8d4CPF8W65/4vV4Ff99TnqRaJpkK2ne9Bd1APi7ydADgNcPBJQZPCF9SHrAocgg6Rm40TxaJ2lCdBpcfPFkwsVE4D5+70obN9Toe9AhRl5QnlMcUJ5QXRObzbbCE9wHsIr2LA3yNWYyzQoukkEKLJHxICqCvf0rA4xgeNot2N5lYJlkMZhvA4fPfUp7k+D7ROpTboAvYnGhGIjwKOeWRkKY8HtIFUwmbsyR0WLQD+/uIwIN3Bm/BDt0LsQ07dFVvG/bPEWG/jgj7XyLC/h8RYf85DmwtCobnJIZIqaGHN894kpcMlO/5NsI7WQEv7iLoJXnJ6DIv4mjfRsvEbBk6CclBpjGUEkW+pOF9IzxRNiExwg4qmcaxJg3gONak2qqyiDCLNOV1WXUUU1ULbUwPch9BhGihjWEWCzaYNVGAl5zec8yFImmEQ7h+bbgS6VFYvxaFXhGcRXCribxIUhbBh20ARwiSAFw53+rwblEDWUWBXJRJhJhGKqmmKWYRCohUgpeEp9uAWVdt2Byz7R8km8fAe51AG9AokG07mDhY28TaKNDny2L9Oo4PWiVzqv8cpdFYqpKws+J6gKUILqpVlGsOUEkqw1e5KevjDzZrqwWY6JX184d3jljgoPZFAW67yYfrINeCvaCMxLBhVLKIsYl0EbI4uws4hm6gElpAkmISRdTRYv1TpnQxaOYfCLaSaRTYjC5IDDNGgaM5JxkNVjDahU15nFOSi6xkRKUiBrcdcLqMIJtEoTZYB53534LuyyAPAliSJVVa4vCekAZ2BI1PkiIWq2U0XivoRC4jyVebmW+PeAToWhKcR1AkbSlQLLTjKdeblaAqsRNmw0PfYomjHPBspBA2BOS1nW8fGi5VGvPgc44zpeelDDUssIJK7KygGFDL4LiG16OrmuTQYGFywyL8sOtjOw3sgrnEWRb6DtAsdFi1ah0U4S2ieZJKIfIoXYkM4AhmGs2TOMmRruNRDDYXd8HbMxUqfMtSWqhC0sBAGdZUl8GzzxjlJFyLnQaqCjpRp4YLxbfh3VpM2K6nyYKJ4M95DTxCyr+xeYNLHQM0gsQxNnQEVIPnJjCxjHJ0+TLKBS6EDC3A8nm5jHHNcqrSGGIhV1EObIw5EJxoaK4UHG5wGW4bQIfO+LNQQ6fj8c0mtAUSpaJM2AHQwS1REV4zEpIuE888rkfD3XAiw79ZRWKH8gYHG3QydQPWjniNcsgiFG66mTihhYEDG1oaFIl1JAVHFytlfpmkq1B1/gPQ5L6gwQMBBZH5UmKuBz13Q0DeRAEc/um1ncg+fepNAQ0AWIplglURcGBAG7TEoaFKglkM/U6SFPhgu45GAh6eyQZy2BauLchCZhEwDu/IVBF8w8r6hiPkAygSOhHADjyOYJwo8iX8AfA1aA0GNYIppegyguBVRWgvm5JpjHsg0yy4Iq1k6uuKGwCwDjdiqw2zVMG7aq5THrpQwjst9rFAbZPO0OTrpQ5/rCzQ8BG9eqZnaLjbIni31jKbR8lDLyWL8BaWisgko6Gr3qOMragiQzHYoFOlcR7aG7xOKFcaLyJoBmsqdQw1fF3wCK2btJAlD+lm9bVF83QUPS+1QB9KjgZL19kjEYflfcaMZuhCkoxqdIFl5roZKmj/7kfHTs6KyKWxCaEABoboI+hvkAqGfKU6dT4E5fE4d5UXTGzJYLDgXv4tRBmsqfeBZ8zw0PqMYN6ZJEtyj3Lcb7TQxGL5suwPA4mOJKMKhjNUq7uthwZKSJVFIaRGw8ajCG1WWCOqUSHJYuwoPCIt9yFDKHyMd1ZHjQKi3HV2H+kLzSiPPZG/hapZrY2nQlosiV4ROWs+r1aiHLxoCHGyJrIeR6QFKrBUBL0lGsNEcHtXcc2C52/EUr28sWWvL9ClG/F1hvTKM6UImgF/IG70MaDN0Tuif6eaE+Xf5+GhjsK8BYzsrm8RLG6JVQTLdDWjnHrxg5m7E/TX7olPmIUByRAvGS45zPpdljDHtWri7m/g3uvXvoOm+O24a5rqJtxufvGIsW82IglY03RY51VYFn0k9xpuxZi7YIpp1CMCqRlc9w4mVHM2MvESuudGHAcO/XMV0UiSLyVRekfT7uOzlR/eK9+qDDCWx65qJXbfI1XnnXbdKbtwshhBbKzzc+jQrn7xUh5y9v/++YZmsevLSijA2v6zAVZDuCTeBx5h87jMsSLIpmvX2KDBrap3yX3jNPjyehR8jbmQtn29l40IYYUUITDuDO+eVyUxVzidYLzvoMO0XZqD2tscmrSUMAFtF9IFkTm16sZUSDdL2sEcdE0ZWRLEyJowhJWiS243rpnX7z/60JL5hPIb1t9x0ucnmfRsMCs5/VKS/phE7L98LXyP65h43BSUSqOhmb2QqeCcQG4F2lC9GhMUCHkqQ2qNXZKjyosebFoYdoI8qZ8oJpY0xQwZDEZMH8DitNjBUiNjGk/Hu2K1VX70WulsG9HLag39wGNGsUpWIrpNYI242lyDWSrNUCMjFdsjePz9AJC9NAZbeNPcIJaUESxn50wJY4h37tslBMvRb+4bM3TOt/X/BtA12PKKa4SzWSryotRE+sVwFDe+ISyeefZNfy9gxmJnQ6j+e/nq+x/+bGzfy9Z2VBz7xou2O6dJ2IjZoY4bvCUS/Uvtk1MvHRqAnP/Wh67/iX/meYNz59Tv3I8jk5f3ybZn/YEpZp0Zevf+45WhnUhinSfgL82oSiUpME+3Rqt06hnr54Ig4NAZ+vj2F3TN9Y+vztD1u8ur//wFfbrm+vVP6PlmtUWcUL0iEqUrodyoNCElSTV86ofX/+u/vXjm5QjRq4gyrs8PkKmzHPvH8ajIp++B1/zWnsXrCin/Fc+eFtJt2bQH8yMbxh38wPvw7SmmjXXymUpdYobenL/zIvuH4CSeL+u4k/F/BCczP28Nul+NCAVC9gtP2IKn+Abv2Icl1mSDTzAiHU73DTrPMgl+WnvKfejUT2+aF8fGOR8bC7m+eHtjX6XR8FiO1YTRj45TyWqq7u1G1zcGlRHvl+HhkZMggvDQrD3Ow0oTS+x0rWkFRAtdnGXUfBizJmDbmuXvf+cmPADGJIQLLtwNv+wegQEqTa51FL3u0CcNo3cOwxshdS2SB0I3gwAbbADV2/2SV03Me0sP5cvqManIejvGeE58duNUXlyHHVi+WCmRUqNyWr/RQMdBRi5LzJdkVptOqeALuiwlydB8CzAJzyBryC9niiNbDwyKRke0Ze+iiwj9DlhA3b9dwhXcASBJLjRJXGZ3+Dyj8KzNuEpwYlPxI4AutIwDfBHhSCwiVAuzGNchVv+TIgJTcZZUnrh4annfgjd0zPqrtZ0JJ9Bgr/SKSE40+rgtyBn6VD1jb8AB9iO6qRxgg5fg/ZimVo3qmUCZGDGNK6SdX/wMYca8ykTRfBAS3LCExLw1keYNpFwLpDQ85pSjT9ejAiWFBNlo8iq4yDZARRFh7JsBLIkKndFrwEYocbEvYuhUdPC3R8DWjlZIGOHL4JMiAWejfETUQkc0UKvyYNYKwHCUQjrBAmH0q5AbLLPhnG6EzpeQ7CURNjf+HnLp5kRvCOF+1TNw18SHxriFxqwdqrPIIGgZD5kRAwopd3mukJaQU23Ekhux4SdxzTCfIo5/gIOyShBpuSgHBHZdlk0kZW0s2CUYsN2XJ3SkkqTQhWAdrh/cYRF7LDVNS4Ylgn7RqELi+dX9L2/EUiwW/unvJE30ikTf3g6yH82C9ja28L4yeBt0z0u9Ily7ZPFRtFUZsnPCYQk9dslx1D8pIkcRFqVOxbScdkuOI3xbpilRagRn6Dx+XHO04xJPAC9kVNylkFvkKUwY4DaFcOrgSHo4GqkEAT5VCG7eFSO3fMph/UU0UJS6VK3D9aMbeTcxsl1LoWaAUZLV9Dg/TE8fphwpqkuP/ERQXECciHZQV1ghnInCvC56RahEYsObLbOM0/hecJGP5NXCTA5FbYv6aZUIo9xTnhn5I6SqGYDRr5QRdO4Qmw3YcIizl9eE2Ts5mjBe03+SdIVRFty6rIWwXPDR6GFEyHr3RzDC5uvdunqN0JwYTwidi5jVAx7i52SF11SUoF2mIi+kyOlIhiKZGrkrjucMisgW6GI3bpSva7ETEck+hh2tE3kR6GAYdLjMEQh61q/xi727rVe2uW+jx64psyy57pezhdboMygDT9JjzPqDtCB4j5eEE0nTiiRgCCT69VMLqF7BU+ub7YYcsrP0h5nScjz4WdF0TNutk9H0ajdNTr2wa0Wky2ua1ka4pjlRRq5bbU+SgowGkdwuBGsKsXcjoPHgI7dBHni0jundfbKj9eNhNP2QqGBDTg8mzTmM91E4oA0obgTCAcLg66Xu1V7q5KR7Zy9aENrk/p0L1kt1GgGyR47XAuTrPY4/7t+yUKMNptmyw+SjnFSChLxjB8iPSY9jSNoGh7FW6qEEreenDl65U+pVkhO9EieIkuCOJxlZNNzHRjcceilJEdXrtCOq80Ew5681iOw4l5E8If85+/n779HzN5fnNy/QJVWa8mVJ1YpkUArvxYWJpYjeF2hXJAyyZRcWD7fN8MGRjDEpInsVd9V/ml31YVDfGPDIBxv6/JDrkkLaf13323L8AU6+mCnmvjbpTaYYZqG60/UI+YAzWiq7AhISKZpThqUVT0ZsmjuUwrvuL6+Ce65oNmWnkXam/CdzECovYq8vZnPJ49VZnPNddx3CGq7SsOX/dU4i+M3gLDjHDWmVZWR+V6aQMRMDBiEbYLWQS8zpHzuyqnm8o3Aos4/gdPtMjbB7QaW3ljRS159fzXLwWtgWX7Z3USer+TeCmV6lWBJUSJKJnHLsLbhriacbrCnhWu1Nj2d4Smrf4JMSa1s/kiLSwTVX55kRXAWWGpohNaTuFqsTNjtywuYQibogGZFYkywJllS243wY4fNrtWIdPLuRYk2zunmY+xwuCuY01cHBcM1/zLPW1Wn9Ck5DJM0morJe0vX609sRMr3DQyFzck1t9HzVV9xHWsDVSmfIoeAP1TzJPehMrS+1KqGXHkKtjgoaK1ZIaSGtxDfQcqIxrPYMPjUzn3rmpz6nWcbIdFLuLax3qJzzbG9L7h0l56rxGNOQe+NWa3UY4tsqOnuGCobNlpn3WUhEeCq3xZiXH1IhJ7AnD8igk7Vt+ZtQGr3F6YryEZMuw5Ekxzd9Xn/ikOlfSGLEh9GPbJMzNUNvMlygz/Afqx9lgtu6078PH0+0wmtiNCdGsERfSiK3CHoQqkJwRSqNyl+cauhN4DvTyEvXAy81kCWtukByS77tyzeOZ0XSBKg2B+iDa456KKYw5Smuw6x/xqvW0p0mRsY2dA8vVUiWnHvtWHVWvzw28mzbSI3U2DmIibMw428ERhvKM7FRSBUkpQuamt+c+eoEXZ7s8IIY8iy+Tc4Neg4dYQlPm2cIQpcvWtxCJYd3/A1Z4nSLPqlu49s6Apv3C2mDZ9eaFSYw2Ede+7apBahArRocMvMiDjhe9wHwVP93Kk2hnGfIvi7Z8RXqse68Vr32UAwUeg+a+84RxE6T1ztGqsvwda73StZdAenjXUCH1EzjsKsDBt29aRIy7TYMdsjfkGJ/8TOUDYQcCTha4QYkZ2RBufPVg3CCrn45LkaaDgJ2RxWKRcKtccD01L/QgrH22cam3fVSGulNWfuwtcbpKp+4BX6zKjAcDayj9nZEGfIypzzcBLGgd8OQDEWFcR9Pj5Bql+3Attg22k15v2dq5wDruG/fHqwLLKszZX581pCyWdFBK3VkboexZW3y+0Hk6eAzS2xbCyG38Tb8L6rA/N/2doypEOl2Ua/Uc9/TZNjyl5cAfQ9tJ1OJBlRV/dZ3UzV6ChLCtRTFMaIjE+V84Fw46Iy7NY21TfaUIwCOtrpj2nt4IfIC8219H+HawTh9a6+siTTPUEL5QviVAqzuYtcI7ZEfPSuywmxD4nZFX3yJlSPwa8nYFv1HiRldUJKhS6h7ts5BLyobMk9SIe7oiYLuv5M5sus39jNmY9p88G6zTTi8KDWo3EeOMN1/1z/US7gpO84dbX3yM/RxW1jSG8+BYY7dwfHNk2SRBG0m20Pb4GAdEfKZ8rWt7SMzhauuVi672FnPYiFk5e2HEPOHNyNb3uqVE/g4Vbwo4s4h2sEKs/Jez32FphQikibSRcqsY/YDFVj7XZMpT7AKGe1vAZaunD4w5FKygNvcghpwV2pjNCllKG9IC6YiMsHLcDZlAzr489QFHTT9sQvanfoIgoXca8JBtQpvnBj4wU5zreitJOmlyoTWqOwSU9QSdmTuR1gW1KuX7t8XDoWX7h8ur8nn9seMSH92niPnhNFzS0w7eA4e19aotQE5mRuIZkwqyhdEypG465DuSehqK/57We91z06AZNWXeNHaBs+VgrC2iHqlPEtMdvyubNzeHLuPkEEs2z/6GxkmaI0P/KTFishp/BFGZ3cZT88vYPTjC3QB6/tRI1JP1CxlhM8XRLrhn6SThbmjOS+JGjpuMbK14WbRZ6rVKXrnTtM/jvVKPrw1in+30S39w++toXeRZMr1364QJ0uhqd3AYoXVyAQolU7dVqi1lXbx8eGCZqujTYAaJLj0zljVOL2qv/EnpCi6nKKiotvfqJ56+HF00LKRJlSpMrjSCZAhWSqet+5xMRTAkEgZ1Qc62JS29Lwyi6NbCE7vkk6TZEjUncFdFPn5LaR27n6MWtLzOCQfLj134DguQpViyTrmi94PqTpHtheZLDFHD5fB2zSqWIDpHXEWdaTmBt8040raDxLI1p+QgnidkOj69vxvb2/QjXmn0Hs+Mn2lwTZSJfUx2H7cCD+2IIbSFUnv1FFO5MOEcNweZL6hc3W/zrpFGKSBuhGEjRTcoeUSSQdNIU+g5Fo86q4go0YD4KyxLieb8NnGco0ZzexB9CDRF4STdbXeJQiBY3dkq/piO9DJrxJIA8NeaV2ohMIM2iigYStjMCTFT+A20SX/v9xdW2/rNgx+36/QYwtkLbDbyw4GeD07OwVOt2Bb0UeDkeVEqCwZkhyn/34QdYkvSjesTgrstUWsTyJFURQ/MjJflOb25R92FFVNc9Y6cf8St8cRAkJ5Cn7PNRPTm+bSIZZegCyNea+Gt25kb8OfwmwjRyuL1lONy1bxS6RV5wB7BAQRIKj8bQCXle5AylnhjHOXmwqjIpATb7YXKtucDpbQ8/DpS/FbOPduJ8OnA8UqPY39L16zjZvncq9Ed64FKGIfZxn63KTO2LGdbye5NeTKgzDXWK0Dib2xo+7k8wRBZ2cjujNZsy8B66PkNqQL3IxJB3umMVOg7gShSlLWWndR/tPL8ER5hb4/p/X1C+8u7LGFtgPaKm2Jcuv7+ecil4KbXfal9U7p7eUTLKcEg1GIdQO+2Em2UMyvv/y+vl+TBzg0XFaprXderG5uF0/DHDVRPDGtMI3Z7F6bVnKf8pTFxdOzPcuxrC9H2HxvEn6c8tndjlGwLFjl+4+hSm9A8SpCcTmhvHOtgDjj5n/PG07EHFnNPcmldzfGS9wV+p2yG0O7arzFp0fdxpN7V8R0mRR1MOSDsVrJ7U8bAfRZcGNZ9eE2/G2V/stlzWj+XzXXrAeRdWRgIwa/ISArYhQ5oZaabbmx+sXd7C9pLFqwu1CsP2EgUwwzkBiUuhRMT4T2fC2q9KAKefInE3Im7SAn5RhxN1TddM1GMyGGt/m8po/wjNPvP+EWwB175z5KHsNHhwfrfJ9Mys3xyY3l9OK8AoWQQhLQGlL+fcVrpLHawThEM4FvPUHGyGvNeQEh4LgQtL8we4V2PlShPbvu2DKCRy771G9rwNIdM1nnVQlOX8r4Yjh/GHwDVCwOlB4jfWUKDyWVGOQmViC5IcUeuMB3smP2PfkWdzhs1D7rZY1wL7bGNlR9O0J3q9pAFYodRMSflCbsAE0r2Ir8oaDhcou8gs5iWajYUTWHfCMUfWZVubyGTLVBI73+SMIeasaGOcgBywkRfPe6CIISLqo5UQA9Ztfj91fujyHB3LKDvd3ZRuTwmB2UZgfffP/DEmg+swOp+JYZG+3BuOpDftvDvqyY9d1/F5Nr+mIIDVCq9KArDAFp+Z7rzhAmt1weG6wgs4VL0/qfZ81AB8sYT+LOewzKCUFa5RaIe1KA7EE6LRxUIyJX68fiOiioSc81rVYH7jw4hxuchbCdlgNaX5qooSDluH1vEkHTlhU3rTJ85rW+xfzie8aQdWgSXvRFEBFC9UdZUe0BSyA8gOid873WKsrxqnhYX7sZtqCTfsWzzzeFuU9iIzXDDIofCQW3ccmdYCBX7rucctXhWf4on6XqsyJ2C9J4DPP43X9ckfv6OPxq1kotjDbW1OJhfQqdoUovZkLwY1MkmAPqEHiHCF2KxE33vm7krzhh9lwIt9IbATJrxCuwQNmsLcAbYA/XL2nCR7BA7nAcb9IDGTDwQDvD9NfI1/c+iYa65jSH13cwnN6c3wA33IrTQZmeon2vbttJycTNV38HAAD//wF1780=" + return "eJzs/W1zGzmSII6/30+B64j/2e5Q09Pubu9N3+5eaCX1tG5st9ay3fu/mIgKEAWSGKOAMoAixf70v0AC9cAqFElRQEneHb9w2BKZyEwAiXzO79Bnuv0ZEaaJ/CeEDDOc/owu/H9zqolipWFS/Iz+7Z8QQuitzCtO0UIqtMIi50ws3ceRoGYj1WeU0zUjFHG51LN/QmjBKM/1z/8E37Z/vkMCF9SvOcNF2fwGIbMt6c9oqWTV/aminGJNf0ZzanDn5zld4IqbDJb4GS0w13Tn1wPs6z8dKkqsdEvE+dubBvP6T01BF0BNhGEF1QYXZSawkJoSKXK988maqBwb2vvFHgTtnw8r2sJHTKCrUpIV6izUYhlEjq6pMJldPmN5EKnPdLuRqv+7A3idI13N0fUlkgtkVtQtc4ZyWlKRW1ZK4X4GixzAMaeGErtSPPws3yzwGr8C8w1W1C9F82Mxiso0i1TLsmaNA7gQKQQlRqpsWcXG5i8fW3yadZD2e8jEQqoCWwDIwL04gCpcWkAzfP5PO2oCYaXw1uIJCwDWt1YiYENzi1kk9NcVF1ThOePMMBomYcGxMVTQBxBRI95briakwJwRJivtLtABnDXBYtZZPB7fL9tfW6xxfaE7fMewPJpTx25mmP3NGchUeoeLklMgSZeUsAUjKGcK9mgL2B9DGuEUh4maSxn43QGi/t19Ca0xryhiC0+CoDlaME7RBmsESyKpkJBHcd8DyCyA8KHhUizvh+eFrISxbAegDY5MINwy8T7IlUoSqnV8BBvADZK7B4SJJafunBx9nhuksVlFRzhniwVV9iTXjGRRkW/ub9ZI+Og0tDLCnQ+pUC5JVVBhdPPGPYwWIouyMlTNJn9/zpBmBeNYgUSUJeJ0TXnvHTxD88qgSrAv7h4XFTfMypvmYxrZB5+JteTrgw9+Qy29M1QJzDNWBkkd/PgIKmuY6PqmJrbempXUR28EJoat+/rjA2Thted7peA2UJGXkgmDmEZuqeNkYIOfV/4znOdqXNSc+oBy3lgXTBiqFpjQnSfevvL346y9O7Oc6VJqFvftvMCGLqVif+D6+bRr7T6M37ytL/E3ltHfXNgd/OYAyjWPLeFToY4bxgcUgBR0iUUxc7I5uk1QH/YGPJpjTXN7eLSsFKEIi9wCMkw4Blwf0ho9O2YFJmmUXsx5w/O35xeouV9HIkZGhMajIUa4rPKMSTKJ4toVCte/XcBZbRRS+wM41RotlCyOMBJa5PVKKpMlIeHWgu5+KAEhO1euxPZaTCdRavzjCQ1PAcupMMxsZ0X+UzwS3l7+hFZYrwLb8BAc9Qp/H/HQ/Hr+fXQsF4Dlq59eR8Xz1U+vT8QU3mysyIqtvck13aEFC9GvneQVDBA3zXmu13Qk9jwr93NI7KMh8XmfjorU9yE6JcZg8tkapJhxPcNlyRnB8dWrDmDnfu2gfnVXcskMulGANqs9xIe0hSAB8F+aZwU48eMRcYPNquYzvaOkMnjOwRDKOUdmhQ24iOr1vbbo7e35NkDkCdRZlbS2ouLuj4WMClpIta21tf7pop6CIz3lIfx1pUvvAhn3iT1Y+6zxdh6QzYoKhIXfGWvDPnxbplWKSgymSYRnhCol1WRO4dptAKseJZIcfvB3RmQe8fqCtwXwsHD9p+dMLHe0jOMxNStFsclWlTBMLGearqliZhtR9nuISFFdcVPLf7cususiRZdMG6rGHwB0AU549EZuvrtQzDCC+f0IY4LA85YpWlqjJq2nr5E4LZV2i9zaJyJufzAR2kysqTZs6SNLCpPPEP/QujoU0hjDHmLuETG34Gq060X6gr7HfXD5WfXmNAp0VRRYxbwZDmBNhawMkQWtvXxxkVe0oDmLrA+9p0QWBRU5wIXwnqJa8rWLiXWjf1sEIh/eqONcl2OUxD7/LB+efn+c7DMVfyuoyDPDivBluH/+xO9WLehL1AUTmLM/aG7ZTrjUB7Wc0VNvsDLJ8bUaZxNdPUEfYyK3SrlUUT3yl00crYEPALVTkwtsyAr+M9Qpd3WcNiD39vrD+ytk7BEih8yC3pb4L8Uk8A3TpnZz7mDWl6SdK1GJex4lQ8kKglipUW/WeRj2XwubC2YUzfahe5oBEvJ9w1oea3R9+Uwf4OHXteWek/uRjs7Merkj+GmfWSzyjDNBZ1gtXRg87jt48eYaNaD77LzgssrRByexr3+78JqsMz0hp/AAi+dlluOdtEb00ONw1UZzJXeaaidY+k8DHrpETN3FIZyIuWfdXyBJEmS7z6S8PUe/MEU3mPP92ZTNYaNa4+UgV3F89/ayAXauwcTDRt6xzagKbkuTzFEtFuzuSDT8W/Yz0lTrvhq5F8ff4OeY+/UQXhiq0P/PInwsohC4zJqoeAzO3bpgaBtpr7W9BZcbtNd6bnMomyBqXNwuO9HZhyCoKk4z+88YSL3rJJueE0K1RhdSGCW5k8x2sa5iZK1fts+D29vdSlOVAlcL1+HFnK7mw+COnUdh2N3oydDshujvgWuBy5LmWX1lygCevR8eFDBGYaHde+B5d31TO1fvgYs1+o7m2t6c95NwHrU5w9ja9y2A7SCl7QRMRp1APUx25EvkjdxNALnPbnaxeqwt7WJ/7L528U6xuV2cDu6wt5Eg7y+OHgCqmcsjtNKiLgd4iebSCGosposFIzP0mwCZs6Zq+x2XmzNk/+qBK2ROFTb0DK3YcmUfG/i4/c8xZBHn+t/GoMyHEbbN8zdO2S+tyf0zWjNV6TP/mT59Rsm/Y3GGqCF76fGploEyiROp+ejTORu9B8jC8KbvxYSRooQilwAWkKZzPA7XF29vxotWdhYcxC5OX9CCOpbXI3SmESufbt511kY7a4d0AVxmihKpehUgBxF5gIaPtWZLQXN0eX6D+osHWdnai1nYXkyJrl8e2eU7NiWXy6WzGO015pJgjnCVM2N/s4+cmvz+I3gkDfd9JdvnsGU85MDASeGMCoN0BRrwouJ825wesZeKUrE143RJZ5Lf8wyfuBfgasWgWep2eatfkhUWy1pD9/qm5LkrGjmOCEE3T5AIQTeHiZhXSpuZnP+dkr4US3cpao+KWxbEPuCBNlgJJpZ7L7TDmE1zbLrYWiUAXV+ehK7PRM5UP0aQVPb49GeHLKCvKRVHYCvFgi0rRfPHQbhdv4P7YbTxevk4+OI1VXhJH8ToR0O+w+wAHZhzuem4I/ec8KLi2LA1zYisxHTCxEiDOSJ1sVQH9xUzGmkmiIvBemkDRX9WNa8jghSr/QQaqoquy2MS0s7Pz5uaZvCHKPqlArNq2UVoH94bOl+XYubqdO/lp3moHvk7nVsFwRXwAhWNW2dOrWWpkZH/1MfXuaUXpovNw93SvzBFS7mhqjYML+mCCk2fiK/6lw+XX5ev2iL8D1/1P3zV//BVf9W+avRRU3R1cet/NRPYzFj5Dxf2iS7sEDufsG+7Qbfz+3scgX/4vQ/jtHss+nz+h1f8H17xf3jFdxY86BXXlFSDhHy3XtCB1S7YW+493nhNH5h76+Giq/EKpf8invmUKN7XM7/XrE6F6H9bs5pJHdWsvv7t9oi+eU3YAgyPjLN76ApHKuBWq3FmjYW+9/IuMIEE/PuazrdXF/fbqHohZCTarBhZuXfJm/mKLqjS6HknLfoM3b57e3OGbv//t2dQZqhlD+xCKrN6MUPnLXDXjQthtMIq9w3v1ozQM4RRqaSRRPIzBK+Hq5xEctF/5qxdtdWGFkjLhbFAZujaoJwKaeiO3eUfV4Ir3fDefbWvGjgyZ4OD6OvOZ41pPOvdHrmmaqOYscJBVXRwXoebdHpDyO4RGraa2ayocrfL6w5ohTWaUyqQnGuqdnoMNWb7TkLlIWKGl28vKeN3C7AWeFdLHF99bP39bS8L3e9etW+Fe2TgfrDm8We6teZzpV14keDSVJ7/Cm+aiwNmNpEF1ZZoSMftgUbojVyiS2p1CRUmxMEalM6cSs5u601LWmTAHuHE3Pcs13VzLgNharlATGiDhanR0EEcAzUxxyB4qGLmQyeaaZdA2Hhximt3pnPyY/SOmt+ZEfYZ8Ls/GxyNhli9khXPkaBreDmbc1dipSl6Sw22qGHXW6Vd6vkbudQvbzD5TI1+MQB/CV2G+PasicJi9J46YeFOuOigOQsycmjuHcfJQ93lLmmpKAEb1WKS0wUT0AiJA1qu7r3AZRirQi+HtWYxT6Df47f+nl9ffu97NjrHWm0L1fVFmECehNsvNdgIoA4quP1pgc/Z7SixMoxUHCv4vt/Y2ejJGIA+6aSETsYA8vhJGd2S9bR78uofe7J/TwJVHZE25GHXV87/ngEh/W15Mtit8SlCLzlqijrd9yniZtmW6v4/DDNtsKEF7aUAPBHkIMkuIxwPmq08CfSoMIOy+ieB2CrQuuNJIMbEaYil1ZhqyfF0T1pO8SnSIy3bFtQFaWLZUCN6TcjODLRftNgM9JCBkvAwK6KnhwygH7Aixrk4cExOwkXR8aoE2efYNSAzEvtQgIP3Zh+ZQq2uBmGemv66E+OuUXshBbGPAzbyqVu2I+JmzdKKwy53L+wybFE3p/MH8o1cuhBPnURUiZwqcJZSL6gGpC/YHc2RppBbuPPl3TX0uMFSb8IA9oMNlmYTBqDvtSlDT2B8/9JpB3NA1z14cj8eDLIYkpzLX6U2XRHJ+yeynmbif6lDx6bjQ/p6+DvopH8Md/e33+8y9vpm/WNTqTJ23fvMHVBv5NfK3HW/Q2l09r7+78veQaA/iWzoywXnSOt6y3KE0ZKtqWicZF+vImCCM8oe3wLJn6Ly93VENEYdGrLcZop+SbDX3eAhbDDQ7asqr9zS6AYu0pn3ZhuMPmxLishggApYIZSZFVXo47Uw379GUqFfuMTmh1ft5AgfIIOamWETwSHdp6i7XzHdEAZNZ3xG8C8Ecw8nsY7rlb96B4NUG6wGNcjRtI6OROuQ3eXk9c2nHX0PQ5Vmf0tRndviHlGPNlQ40J35GVAeptiSQbmL+86utnKAD6n0rz2JEdc3n14HWBDOyUERWNBgNORyjNenPahDxfHU12dFcU7VJLHrX2EpdH35kCipw7cbLAUwp8VKn7STjZMsuZ8N14rWdatowUWxpsuF5Bwmx32NAthy7xFybuyZYxoRx7p6QmVHUX0j+2oL2sPoJ2jxFWT+VFTVQmpIdiukQPPtYNNQnblsAWpWlHzr98l+2LXcxWSFNMspev4nZFaqQq9++ukFFEBr6jsPF32/1y4nnoTyegQndCmFpulYQb6aU+EK4WufQlXMndCDseJBCOg5nss17TCDiWBmZS3etFEUF6P3h3w1x+aRWUVzVvX1tBiM+iakOTaOBbZAzPytevWn7/+snUh/WYIArZH+24Cav1l78A3eUoVeoStBcKkr32XWmpT3kush6A8MfgRyK0Or/PAK/asl9wz98AP6V0SkgsYusE1u0TP0P7n53/aDTKNdpnwT3EIh80Cd9hOxdcWGZgRzPsfkc1oN2CFXFwxg4yeHMt2Oi/E9dIKIwuHIYExLan0QBihiDhgDptpIZTVrsXVah/3FGnPmxjigEFLI9dG2LwyngDwMQjgueXH3Rgwgx4gF+uuwJ2w0sgtbLnH+VN45jw7S7A+KCmrUsLE7gpHP/Q+DLeye+1oI22cfm1ajdeOX7LbN0K9yY7dmaHMygaSyxpiR6DOl5QGmPYkX7ythmpshn61ZnuWpoq5NR/QlFVCorKGsqnJ2tLcL10yZCnNrtO/43kXAxeGHlLvau3YSvr/q15dIWWmtwaECTMNqSU3zsYOc0CpR0tOjc6Juk7CPEypJKGgo+Nv5Tu9pIQ1Ft/681x2h5tsxQYmgwYsLxHwFgRe/UqZLzlJmNjxpc16zgdr/JHQzK3MTnne4dfYNqMs0/amrrRb/hPzXiDA68bJgg5FqE8ToYWCrVOjm4vzG676+KJcVbihI4In86tIgqqfh/vCdMcAQH7YYRM6VumvKV+1XWoPd6Tlgmc/Qq59eow3wvaBYwGyaoK8AnPqgJrX+I7ShynV6RNBZBWuDpOiVi+wy8dHVxK+biYG7miJs63n3u1Q5MM41hyArIblcbvuBuAVTAy0WoZ8QWWGFiXFMtJd6C/iD01ygSvicHr7jMx+tqI1d0O0C9SmDCHtil2BRFG42bx1GUHgzKtNAsvbUSkxAY3UxCj9dGklCoJMpQNQGixyrHAmpCjcDMGDLqyLIn9xnOZzMIlnNB0/SvZjUYt0g85KzBQWKAwa+pkSKfETBbrc70yaln2UPQUwQWZScmuABGHWiYlDgjWI9MdipN1PmkQ7yrV07eJzHjvLuyRw9foUUZhVpm9r61Fg5L22WU/5IjL8SeQq2W5B/SJG628IesWhXr1VMl177oc/hgYhKdqPPkaF3xl8+tKZKd8op8n15YIH9fehh21Ici8y2TI9IldPgENo4p9gn2fhnSjcr1jpGnWnTfLAbXx++VkoWM4BaQVG+JlRgxaRT64uKG/adYVQhXJa8rn5pe9kUWOBlqDQXIQ7hnZ22PnUPL8TMM43kRrjImMFF2fcMeoyh5amSw+QjZjQiK2atG5lTPUNvK23ATOoCdQMLR/JysaEnbtJeAbZYWLzXdApNCDa5XtDxDlpBUUHcgcACpuuuWW41GzgPYUF2WwuyDz3mhYm8K5majMJ2P10s6M6eRGb4tu57ZSToaxYp1w9zr2804qaPunDOrDRu5NlssGSTTiar2BKoGChyD4XY8D/2VQEN8ktFq8mOkj3d7hS18nGDNQIk8pFzA8h9H5upEZWCHYYmkGnLwiR4fZdFClxhFG58oCm05zKmKNoF+io61AS6UucVeRwTsmc+Bt+YwXN5rzfnVLF5SK6dEixoH4heN4TYjiBMBkp8DMVaVzx12GnEipKVIbKgLx0OjfECWdmDBpjIngvHgh0DcuSA0DUddCCejLB6dV8E2Ins7HP5pC1eHPQOdK90U+lioUHcqaSELVhr+IS1W989f+RMeV05fTZTYAMaFyPL24KJ2kWV+yBLEG9vNk+1CZ92rfSuJSgV+u3Wp8YyXScE9P1qyPeF7c2sQDtVkrqUmkUUHEedLTCnRe46TEEqf313R7vwVNwMe5Q/ligSVUEVI/eVRUHaJqhi20NYt5KtuRlOLLn7PSBtTUUulU+Y3UuZnP/9EbrX1KHdQCf5LmLpa8EH7LYSdD9iTtKn7FX3zfBC+qp/L2a8l2uFm9xiIQ3CMJnDIhlOoOVymdWJKo8i1OuDeG+hPkXPlB3Z9xdIt4Ku1btDPbtYlZIzsk19e/bIhRtAwDfXFnw7IpeD860SM/B9xSkgFhanUhh6l1pjbRC6Fs5f1/ZDxXmu7V/wqMJAQ0Ao1ADmwOPsZsFm/aG0CWTBWOCyHjzb9ArBxig2rwztSIhhjr4fY2u19e7zFxYduuwPbXu41eIGGk9/c8AQ7OcX+enKHf0tYNw2syvqhoO6zflSa6pm6Ja2UyJmeEmhlbfPdF9IVeMwgF2DcXo7cVMm3Pc7fSukQnMlN/Z39U+9runMrtF+0tf5DVYmtpuuARzbo+LvVH9a9XR3qplInfBKyZL6gGKqt/hcIMypMk12kWoX9T9z4S0vPjpNACAJKaAw50hI8Z2iJQVLZl/2A5gNUz459Yjdxl4xzRjal8xF2Orwz4CyDTMrryw7WY8uYcE5VJsIJMV3S2n/veclcCNqAopjQrpxJxj4EhCwSMoFstLBMKpn6LaVKf3BBt3KqjQYX7hyvkpbI8aVjLpkm9yLX894jAivtKkPpP/PYJvgK0zbnfQ10d6/YRVf+O24CjS59uNuWNiid22Z0illzw4ZXhbLS8ACYa0lYeAvtbsRtCdhw96wz/RnhFG52mpGMEc505/PUKlgJgpMb3sWVpSxwqfUXt7zoXd1NgoX1MDIfqyhi5eGRg6uFwGRRWGlmNwJ2g9La3YG0aHh0+Teg8fS+Dp7mOBhcuKbyKKshncwwbZhtGEilxufT0ukILQ0Z00mxSgzBmQuKs636EuFuXN+5rLATHipIToLcTnydHW9nrHUpT2kW5XwDROfae5rgepEdKzBO+UNFPubbxrUZizft3F80BUiqajrTnZybok+AjV6v90+Fl6/ld7zim6H7XqaoLObR5doNMKIi9WvCdi6879f0/4hsqa9YDz9HW9I/gVWa66xonlFKKojRzTsbtNUMcyzwGua7BG5hSVrtbn/PnYeQPvCjPoFKPmsT2o5EMNj7Fe3D90K61VzQ61aGKgyrMjKZf7WNTZNmeFFDanXIswS0iwz04rYbzX/H1aaIivPBWKQc1cJwilW9kfQCK9FzRcQtkPwXGHn4eiDE36DyZZP/MUispjXI4zlYufB8mWj6h6vF8zYndrT19VGAIFxj980AdLAlbhwq7uejOOeUmfBJXeNN+xzXubrS/TOSZrnvnEDctP2OqNHX4T1aueAfgxffsf9fH0JLPUlb42YGHoPdiNyLg3QkTBzh8jKgg3TYSN1rbcpe9nvRnV9gbZTF/b6sUfmUSe+dBftcOLry4OabCz/3AFN1iL2SuStRjtDF64+0/c75e4X+7VZQFDtfuL7b7w7bl6ZpnJTmuYxqgSn2nFGugdlI9EaK4bnfFAF6JoyMIFKjkcEgaZCJ+2PsrOhXVXVrTyzkspqGHV9IbP7fPvy+qavQyPfMtZ5FMbqsk8cKHh0LWQbaXFIomth0C1bCgzCYuSIllKlbF77bCC/7CG9qXU3CV0d4Z8Wke68b3vKchk4OO9++4CYILzKqRVnfpCt/foMPb+qBxjfOIeIAwvSexb2i0BkbvLYJjin2qcljBnTn63KfQJe9yjF67gx3/mn4T3Tn/eEXI1iyyVV6UbYhVn2qRsL8Di4Ec2K6pXkuT09zlYfmTS6E3qfwLMwjL17qfz8vdMxXjTNOK4vw2UkR0fniSzKbOK8K9gVn3sFY1ydf09X8+8sOlJAferCzebOKzJmpXm19JGyxrqYN9JSKug8YOV6jd/IlDg/iPxRFMBhV/0FzD53D5ElYqQ18nMrRDF6i0ndTzms3FoRNKkdI8V3tYKq9kshZ2tGH2qtKNbRc4O1waaKpTg3/ijM+KOZHXbxubxDLH85/n7Zl7WaAkOL0cdB42N3FywW4atbv2OJp+8NDvnlcO7eKc8ZE7KKFePs1JHoZfQ7ZSVpTKfDwCP7Y2TAqTsz7hyJc86t3EO6IoRqvag4urLrIyJzqu2RqJv9hi0LJnJ6F5kBnGlzmub5QNkCC4Mppmok5lRBfLPAinHI4Al48Fz8XSwRBiZ+Z78bpEwkOIdy7poLPZJG7FdHz5t8zpIqXfqiWydhBizzKkKbEF93eHoxUmTo3FzD9zh1QolTvpokL++rcp+2v8RMaJRTgxkPOBnmsjKd742QJvnkuZm1xxY3eWyAx/hDamhR8mTZPOcopwvsQ0C+82Udw/fZmlYrXlPF8RYKuYz0jyt6HriR9hdgdftv00VdBe589dowU0FjRhQkrLUNhg2bHnpdo0axOv4dgmNjmkBWEVkU9j6lOUYXDjpinWTfUsk1y53/rO4iV1A9mgiVS3J6oPH+3rJfGG+1RtLNywurBnclJD09jqyvV08r6/8u5yf6nU4m7//KuQ/AhG9XydI1zr2EhGK387c31+h6oFB10UjWtdZXl+zHIGJhV1MNu4xqSN/HH+Zzq8PKvRMR2VzmqSu+BhV3faXD44IsLiPq0Sp+twQXMpig8rzjAvalwy6BtomHsCXLm1DOiBOviG01DsrAI7z88ZS8hu6ySvlM1dO9bz667jl1IAqSNe4oqbpeBJf6Naeh8ta6C9O+xI0JHCFBr3i+6xBpqivxGjOOh4EM1LjCEdRXLqhSI5MW3B06xdcfL+7mjZXCN4ByAdgBST7dQLPlbEQisiKbV3m+je6fYUUWtQ6oA7fS9LRG53u9VPEhKiYjdjnoldhlupqiIIHpbvaq67mKq5yZprKu7YvmMQoNtmsrNpwoacML+4l0WWKxObiezCq/+HSFnvtaiU8Vt7rynHEo4IA8sKu7Umr7yRfou6GjQfSjMJ+F3IgdQ0hTUkEzi/Uu9JFJmwRP4ILrp4Ve1FXu73xp0hu6xGSLPo6aa5zNFX6Mony/8A6LmUAFZmKhcEH3pmOUWMHU3vR9EnaUyxtYFr2TuUuObtsCdrLOAkihA9oXpApYRqSykHb7xr2jG/RrJcCUfCtzytFzJtazb88Qk+QMze1f1P6FBeZbzfTs23B80ZAyW3A8mJwfW4fa1fAvbhAsCr4ukJPbeviVXOxt1GBkUkzdT+cez7oNgqbKHuQgQusirtztYfbp7e9YUfTBJQB/++2nt7+fv7/69luXc7vGCrPRM7mR6nPMkuWDF+z3esFuhG3UCYZFbCXC1+zE7VLSPAeY2Odim8CEWUhFhWYkpgDpuJISYFzE94IE4gOxgGYbzIbDiR/sHYDe57GB2usTu0RdV/NEl8LMc21U7Mp3qNdO5hDrvqXR3tG65iOdk/TUYpd2MNhApfHFJm3di693sSAWbNTRVJOazBF7KqnBbkQBMvvlPWGhfHI/wfs7LizyXv9/P1y1VZnd5L9HOWJ5x0fvEdmL5KMcjjqOuw8/KSdI2trZ2Y5d+tw0Ge11lh30yXwBbrfByT0cma5bVrMp4mFQ9LXAjFte181cbrzMuL7s1rZBJy5rDhq6DLQwGM8qrHOuM6sinkDPKYnXkG7tq48uZFFUou+JGmAnTmvc9FDs3tE78xca1qkb3PRpmvVDcbvFIv93GY6atbgZbNgpkuHB2A0X3kFOV7pkhMloWaJTWfCA/QYrMQw6PHXUtSjKTKYSxrfv3t6g35wftU1KDSPyZdJUgtv/eIO+VFSN9G6tuMgU7XfqTJvc0HGIbtH7uugsmNbVaOkk4kPaBSpjjxGwQMuTHEeHoJpAcOzBcPP4Axowx6pIsFsWbAL3Ai4jFiA3QKs82lTaHZhxu13tgM6x6WuFD4U7p4KsCqxilZU0cLclHowvfnD0CZNBOlUUmNkq+lkgdBG3gKoBvFhCq6UEYOX87wmgljj6JAzXcSr68YKge8ZiPzi+c1tBreoZHWmRYQKDUeKXn1jYWkQ03juA58ty/aO4M6vo7zsRGTEqy3XUvusd6BbyaZGnIwCvOY4uMURGxZKJiEWRQ9ApcqNFtsj0hhkSXX6IbMHlRuMifu5KF7Yw63TQE0RdiMiYSClOmCipKubbaAnvA9gl+ZwG+BrzFGeFlVmppJFZ/JAUQF//mIHHMT5snuxucrnM8hTMtoDj578RkRX4LjMmlttgF7A90ZwmeBQKJhIhzUQ6pEuuMz7nWeyw6A7sPyUEHr0zeAd27F6IXdixq3q7sH9KCPt1Qtj/nBD2/0oI+89pYBtZcjynKURKAz2+eSayouKgfM+3Cd7JGnj5OYFeUlScLYsyjfZttUzMl7GTkDxklkIp0fQLie8bEZl2CYkJdlArksaatIDTWJN6q6sywSxSIpqy6iSmqpHGmh70LoEIMdJYwywVbDBrkgCvBLsTWEhNSYJDuH5tuZLoUVi/lqVZUZwncKvJoswIT+DDtoATBEkArppvTXy3qIWsk0AuqyxBTIMoZhjBPEEBkc7wkgqyjZh11YUtMN/+QfN5CrzXGbQBTQLZtYNJg7VLrE0Cfb4s16/T+KB1Nmfmz0kajRGdxZ0V1wOsZHRRrZNcc4BKiYpf5aadjz/arK0OYGpWzs8f3znigIPalwS46yYfr4NcB/aCcZrChtHZIsUmskXM4uxdwCl0A52xEpIUsySijpXrH3NtykEz/0iwtSJJYHO2oCnMGA2O5oLmLFrB6C5sJtKckkLmFaeayBTc9sDZMoFskqXeYBN15n8HeiiDPApgRZdMG4Xje0Ja2Ak0PkXLVKxWyXitoRO5SiRfXWa+O+IJoBtFcZFAkXSlQKnQTqdcb1aS6cxNmI0PfYsVTnLA85FC2BiQ126+fWy4TBssos85zrWZVyrWsMAaKnWzglJAraLjGl+PrmuSY4OFyQ2L+MOuT+00sA/mEud57DvA8thh1bp1UIK3iBUZUVIWSboSWcAJzDRWZGmSI33HoxRsLj9Hb89U6vgtS1mpS8UiA+XYMFNFzz7jTNB4LXZaqDrqRJ0GLhTfxndrcem6nmYLLqM/5w3wBCn/1uaNLnUs0AQSx9rQCVCNnpvA5TLJ0RXLJBe4lCq2ACvm1TLFNSuYJinEQqGTHNgUcyAENdBcKTrc6DLcNYCOnfHnoMZOxxObTWwLJElFmXQDoKNbojK+ZiQVW2aBeVwPhrsRVMV/s8rMDeWNDjbqZOoWrBvxmuSQJSjc9DNxYgsDDza2NCgz50iKji7W2v4yI6tYdf4D0PSuZNEDASVVxVJhYQY9d2NA3iQBHP/pdZ3IPn7sTQGNAFjJZYZ1GXFgQBe0wrGhKop5Cv1OUQJ8cF1HEwGPz2QLOW4L1w5kqfIEGMd3ZOoEvmHtfMMJ8gE0jZ0I4AYeJzBONP0S/wCEGrRGg5rAlNJsmUDw6jK2l00rkuIeKJJHV6S1IqGuuBEAm3gjtrowKx29q+aaiNiFEsFpsQ8F6pp0xibfLE38Y+WAxo/oNTM9Y8PdltG7tVb5PEkeeqV4grew0lRlOYtd9Z5kbEUdGUrBBkO0wUVsb/A6Y0IbvEigGayZMinU8HUpErRuMlJVIqabNdQWLdBR9LwyEr2vBBos3WSPJByW9wlzlqMLRXNm0AVWue9mqKH9exgdNzkrIZfGJoQCGBiij6C/AZEchUp1mnwIJtJx7qooudzSwWDBg/xbyCpaU+8jz5jlofMZwbwzRZf0DhW432ihjcWKZdUfBpIcSc40DGeoV/dbDw2UkK7KUiqDho1HEdqssEHMoFLRxdhReEBa7n2GUIQY762OBgXEhO/sPtIXmjOReiJ/B1W7WhdPjYxcUrOiatZ+Xq9kNXjREBJ0TVUzjshIVGKlKXpLDYaJ4O6u4oYFz9/IpX5548peX6BLP+LrDJlVYEoRNAN+T/3oY0BboHfU/M6MoDq8z8NDnYR5CxjZ3dwiWNwRqylWZDVjggXxg5m7E/TX7olPmIUByRAvOa4EzPpdVjDHtW7iHm7g3uvXvoem9O24G5qaJtx+fvGIsW83IotY03Rc51VYFn2gdwZuxZi7YIpp1CMCqR1c9w4mVAs+MvESuucmHAcO/XM1NUjRLxXVZk/T7tOzle/fK9+pDDCWx63qJHbfI9Xkne66U/bh5DCC2NjOz6FDu/45SHnM2f+H5xvaxa4va6EAa4fPBlgN8ZJ473mE7eMyx5oil67dYIMGt6rZJf+Nx8FXNKPgG8ylcu3rg2xECGukKYVxZ3j/vCqFhcZkgvG+gw7TbmkBam97aEilYALaPqRLqgrm1I2pkG6XdIM52JpxuqSI0zXlCGvNlsJtXDuvP3z0oSXzI8pvWH/PSZ8/yqRni1kl2JeK9sck4vDl6+B7WsfE06ag1BoNy92FJFIICrkVaMPMakxQIBSoDGk0dkVPKi+6t2lh2QnypHmiuFwygjmyGIyYPoDF42IHS42MaXw83pWrrQ6j10ln28heVmvsBx5zhnW2ksltAmfENeYazFJphxpZqdgdwRPuB4DcpbHYwpvmB7EQTrGanXMtrSG+c98uIViOfvXfmKFzsW3+N4BuwJbXwiCcz4gsyspQFRbDSdz4lrB05tk3/b2AGYs7G8LM36pXf/r+z9b2vexsR82xb4Jo+3OaxY2YHeu4wVuq0D83Pjn90qMByIVvfez6n/RnXrQ475z6vftxYvLyIdn2rD8wxa4zQ+9++3BlaaeKOucJ+EtzpomiJRZka7VKr57xfi4IAg6doQ9vf0bXwvzw6gxdv7u8+s+f0cdrYV7/iJ5vVlskKDMrqhBZSe1HpUmlKDHwqe9f/5//8eJZkCPUrBLKuD4/QKbOChwex6MTn757XvNbdxava6TCVzx/Wkh3ZdMBzE9sGHf0Ax/Ct6eYttbJJ6ZMhTl6c/4uiOwfUtB0vqzTTsb/k4LOwry16H41IhQIOSw8YQue4hu8Zx+W2NANfoQR6XC6b9B5nivw07pTHkKneXpJUZ4a53xoLOT64u2Ne5VGw2MF1hNGP3acSk5T9W83ur6xqIx4vywPT5wEEYWHdu1xHtaaWOama00rIDro4jxn9sOYtwHbziz/8Ds34QGwJiFccOlv+OXuERig0uZaJ9Hrjn3SMHrnMbyRyjQieSB0cwiwwQYwsz0sefXEvHf0MLGsH5OarLdjjBc0ZDdO5cX12IHli7WWhFmV0/mNBjoOsnJZYbGks8Z0IlIs2LJSNEfzLcCkIoesobCcKU9sPTAoGh3RloOLLhL0O+ARdf9uCVd0B4CihTQ085nd8fOM4rM2FzrDmUvFTwC6NCoN8EWCI7FIUC3MU1yHVP1PygRMxXlWe+LSqeV9C97SMeuv1nUmPIIGe2VWVAlq0IdtSc/Qx/oZewMOsB/QTe0AG7wEv41pavWongmUiRHTuEba+8XPEOY8qEyU7QchwQ0rSMxbU2XfQCaMRNrAY84E+ng9KlAIJMgmk1fRRbYFKssEY98sYEV17IxeCzZBiYt7EWOnooO/PQG2brRCxqlYRp8UCThb5SOhFjqigTqVB/NOAEYgAukEC4TRL1JtsMqHc7oROl9CspdC2N74O8ilm1OzoVSEVc/IXRPvG+OWBvNuqM4hg6BlPGRGDChkwue5QlpCwYwVS37ERpjENcdiijj+EQ7KOkGk46IcELjrsmwjKWtrwS7BgN19eWJHKimBLgTreP3gjovYY2UYqThWCPpFoxqJ51d3P7+RS7lYhKe/U5KZFU2+vTvIfrALutvYwfvK4m3RPa/Migrjk8VH0dZVzM4JxyX0uCXHUf+oqRpFWFaGyGk57ZccR/i2IoRqPYIzdB4/rTnaaYkngBeyKu5Sqi0KFCYMcJtCOO3gSHs4WqkEAT5dSmHfFSu3Qsph80U0UJR2qVrH60c38m5i5LqWQs0AZzRv6PF+mJ4+zATSzFQB+YmguIB6Ee2hrrBGOJelfV3MijKF5Ea0W+YYZ/CdFLIYyauFmRyauRb10yoRVrlnIrfyRyrdMACjXxin6NwjNhuw4Rhnr2gIc3dyNGG8of9R0hVGWXDrsxbiciFEY4ARMevdH8AIl6936+s1YnNiPCF0LlNWDwSIn9MVXjNZgXZJZFEqWbCRDEU6NXJXAs85FJEt0MV+3JhYN2InIZJ9DHe0ThREYAfDqMNlTkAwsH6DX+rd7byy7X0bPXZtmWUlTL+cLbZGn0MZeEZOMeuP0oLgPV5SQRUjNUnAEEj066cWMLOCpzY02w15ZGfk+5k2ajz4WdN0StutR6Pp1X6avHrh1kpIV9A0bYxwwwqqrVx32p6iJR0NIvldiNYU4uBGQOPBB26DOvJondK7+9GO1g/H0fR9pqMNOT2aNO8wPkThgDaguBUIRwiDr5e6VwepU5PunbtoUWhTh3cuWi/VaQTIATneCJCv9zj+cHjLYo02mGbLjpOPalIJEvOOHSE/Jj2OMWkbHMZGqYcStJ6fOnrlTmVWWUHNSj5ClATveJKRQ8N/bHTDoZeSkkm9TnuiOu8l9/5ai8iec5nIE/Kfs5/+9Cf0/M3l+c0LdMm0YWJZMb2iOZTCB3HhcimT9wXaFwmDbNmFw8NvM3xwJGNMycRexX31n3ZXQxg0NwY88tGGPt/nuhBI+2/qfjuOP8ApFDPFItQmvc0UwzxWd7oeIe9xzirtVkBSIc0KxrFy4smKTXuHCLzr4fIquOea5VN2Gulmyn+0B6H2Ivb6YraXPF2dxbnYd9chrOErDTv+X+8kgt8MzoJ33NBOWUYedmVKlTIxYBCyAVZLtcSC/bEnq1qkOwrHMvsETnfP1Ai7F0wFa0kTdf35xS4Hr4Vr8eV6F+1kNf9KMTcrghVFpaK5LJjAwYK7jni6wYZRYfTB9HiOp6T2DX5UYl3rR1omOrj26jyzgqvEykAzpJbU/WJ1wmZHXtgcI1EXNKcKG5pn0ZLK9pwPK3x+qVdsgmc3Sq5Z3jQP85/DZcm9pjo4GL75j33WdnXasILTEsnyiahslvS9/sx2hMzg8FDInFwzFz1f9RX3kRZwjdIZcyj4fTVPegc6U+dLnUroZYBQp6OCxoo10kYqJ/EttIIaDKs9g0/N7KeehakvWJ5zOp2UewvrHSvnAtvbkXsnybl6PMY05N741TodhsS2js6eoZJju2X2fZYKUUHUthzz8kMq5AT25BEZdKqxLX+V2qC3mKyYGDHpcpxIcnzT5/VHAZn+paJWfFj9yDU50zP0Jscl+gT/cfpRLoWrO/3b8PFEK7ymVnPiFCv0paJqi6AHoS6l0LTWqMLFqZbeDL4zjbz0PfCIhaxY3QVSOPJdX75xPGuSJkC1PUDvfXPUYzGFKU9pHWb9M163lt5pYmRtQ//wMo1UJUTQjtVnzcvjIs+ujdRIjZ2HmHkLM/1GYLRhIpcbjXRJCVswYn9zFqoT9HmywwtiyXP4tjk36Dl0hKWCtM8QhC5fdLiFKgHv+Bu6xGSLPurdxrdNBLboF9JGz661K0xgsI+89l1TC1CBWjU4ZPZFHHC86QMQqP7fqTSFcp4h+3bJTq9Qj3Xndep1gGKgMHjQ/HdOIHaavN4xUn2Gr3e917LuCkgf7wI6pGYah10TMNjdmzYh023DYIfCDSkOFz9D2UDMkYCjFW5Ack4XTHhfPQgn6OpX4HKk6SBgd1KhWCLcWgdMT/2LLRgbn21q2n0vpZHelI0P2xhMVsXELfDbVYHhaGAddbcjyZCXORPxJohFvRuWZCgqTPt4BoRUt2wHtsW10W7L+wNTOwdYp337DmBdYlWfKfvjs5aUzYoNWqkjezusLeuS348iz0SfWeLaWki1Tbfh/6JLLP7tYMeYGpHdLuq1eh56mixb/uUlQD9A26OpRAOq6n7r+6kaPQUZFUbJ8hTRkctqPnAuHHXG/ZrW2qYHyhEAR1fdMe09vJBFicW2uY9w7WCcvrNX1lTZZyhjYiHDSgHWn1PXCB2QHz0rssZsQ9N2RV98SZUj8EvF+Rb9R4U5WzCao0uoe3bOwSAqGzrPiJSf2SMF3X+nc+TWb+1nzMe0+ejdZttweFkZULlPHGF6+K6/b5bwU3a8O9r55Gfow7Z0pLeeA8sct4Pjm6foIovaTLaHtsXBOSLUMx1qW9tHZgpXXaNc7mLnPIulVLW3H0LM79+MbHmnV07k41Tzokw7h2gPK+zKBz33NZpKykSayC5Sdh27H6jEJuyaJCLDOma0vwNY+XL6yJArxSNucwdqxF1pjNGsUrG8IR2YmqoML+PZlC3o6M/TLuio6Y+7oP2pTyBY6J2hAlSr+MaJhR/tNDeK3krRXqpMbI3KLTFFLeGOzP0Ay4J69dL/+8Kj8NL/w+c1hdz+mFMVzs7z5Dxi9NwR0w2eg8e1M2ptQE7uB6JZk4qJBVVqJO46pHsSurqK/0HWB92zEyBZ9yVedLYhcKUgrC2TXqnAEpMdvysXt7fH7gNkEKvuj/5Khwla4wM/Wbmiahp/hNXZfcbT8wsY/fgCXcD6YdSoMhM1Sxnh8wVVfvgn3cnC3NOclyYNHXcY2dlwu+gz3ekUvXen2R+neiXv3xolvNvolv0R9tawz4lkyvVfr5CgS2mY28ByhfXIBChNpm4r1NlKt/j4cEG71ckmQA0SXHpnrG6cXtffhBNSNFtOUVGx29+omXr4YXTQspUmTOsqutIJkCFZKp237mExFMCQKpXUBzrYlK70vLKLo1sITu+TTpNkSDSdwX0U+fktpHbuf4w60vM0JO8vPffgOC5CtebZOuWL3g+pekd2EJk8s0cPV9HbNOpUgNln6i3qRM0NvmnHlXQfJJCtPyIN8Tqp0PXt+V/f3qAb+06h38TI9JUW20SV1Kdg+2Ejw9iCGCIrSj7rk5zIxwnhtD3IQkPnmn6dTYswSAP1IwhbKbhHy6WKDZpCPoKS6/BouoKMGg2As8GmmmzCZxfLNeYsdwcxgERfEE7W1XqfIASOfaZb3RfbkU5+nUAaGfbKmFJnDGbQJgENW5mCIQQ/gdvElqKufJGKme2BG0VkUSTtE3ck3g4P7xAKl+BvmKK8b2nGdrFsOBaZ1o818Nau7GT4757aukYriK0rNc5KyaZIqw4h7DBAgAEgFbYGgK1khYUYNM5I3W7KrwqIjMRsJ2rb3Dwsfubh72/O3/l372Vv+eZBMVL1ff/Re7Yx/TlbS16lYsB5PcdZ+Dk3zWTsepxvJZjR6LlDQr+Abh1Q2FtP1O2BR4B0kBpeJZJmbzyuHwUzPl1gtlt0sKYKMgUWFUdECkJLYw3lW7eHI+0VNpuU0tcx3hrs9Qhti2gplUHS8vfXfz8PpeAG2R773Em1nD7Bsl9gsONinWPX7CTYKOYvV7/dXN+gt/iuYCJvxnqHt9XSNnka5s4QxRGyPBkD6vaR1ahP4ZLF6OnZrsoxW0xXsPnYRfg1ycnVjh1nmZfK15e+S6/HYi+GfLpNeeReATXFxX/5uuGmMEfkQ00y9u0Gf4k1oR8pu9GPqwYrvgnqFq649wzpKpCijjX6F22UFMt/m3NMPnOmDc3/5aX/2VnzWyYWlIR/tWCKbjAPKjJ4zjvfQVjkSEs0ciwVXTJt1NZa9lMKixKblW/W3+CA+jgMkASn1FRoukJoV69FpOp0IW/0yQZzKkwnJ6XG2w9knDXT1Ga9yz+O+xjeOV3gipsM7sTPaIH5TinyDkm7GfzvOskR9aTIdmR8W7ZmFF4sGIFBAnNKBZJz6BvRaejV7IvG9yCmf7EPkDK89Y3L2GItEquThU7dJmlEoii8QQXVGi99XyIirfyGAWYhRfKNXKJLSmQ+EvbxsKL7qFzP54gJTD2Ep5RGUIRpXzS5QExog4Wp0Qjb+Iad9Ijnw3cqqIrDPWTWujWuzqkdT4BW1raFCbu/MyOo1vXuH56CIOiaqm6DihIrTdFbajBo6r7mtlnq+Ru51C9vXFLtiwH4S58O1qoVGL2nTli4Ey46aI50kqHrJC6ch0WbC71Mqzz7PX7r7/n15fc+4OLavrXWNfQEuMPEIC6Xbr+GfW2AOphk7U8LfE7vzh2y3/cbOxs9GQPQJ52U0MkYQB4/KaNbsp52T179Y0/274ldNc2GPOz6yvnfs2CvqyeD3TpVqPRhqCmaMiv24WxLdf8fhhnYfukK7h+GHK5yZjLoR/0U0ds1nJ4QYquIE3WjIsbEaYil1ZhqyfF0T1pOTxoWm5ZtC0rz1EUg42GLbttE10iS5gM9ZKAkPMyK6OkhA+gHrIhxLk5fZ94fjBtkn2PXgMxI7EMBDt6bfWQKtdpHBxo1WjX0+x9td43aCymIfRywkU/dsh0RN9CkLqE47HL3wi7jkl869/mNXPqxrr6KAXrJWRNEUS+oBqQv2B3NkaYwaXfny7tr6HGDpd6EAewHGyzNJgxA32tThp7A+P6l0w7mgK578OR+PIjYYmHPufy1ziv1J5L3T6Smouk8zOVSh45Nx4f09fCXnXLABl8aZez1zfrHth/gyHXvM3dAvZFfK3PXr1Oz9/V/X/Ymrn3yPO7LBedI63rLcoTRkq2paJxkX68iYFl0mv8irQWSP0Xl7+uIaIw6NGS5zRT9kmCvu8FD2GCg2zfzu/I9xW7gIp15b7bBrsKa4KEEmdM6efTjtTDfv0ZSoV+4xOaHV7tpXkSKBVtWajy/paX7FHX3K6YbwqBPtWwSLOMJemaMZcfU1URfu4NBqg1WeTKlbv+keqeQfNrR9zBSlONhapprreofUY+2b4YJJ1W3XT6kYksmMK+/s6utHOBDKv1rT2LE9c2n1wEWoGA3WRSBBQ1GQy7HeH3agzpUHE99fVYU5wnL63dMO1gKXV8+JErq8O0GSwHMabHSJ+1k4yRL7mfDTQ5uq2jBRbGmy4XkHPqmfo0C2HLvEXJu7JljGhHHuno8XEdRfSOH4yzGGf0ELb6CzJ+KqlpIberCvfl2sGnNJC4LULOi5Fu/T/bDkMxMMVkhzXKKnv8JmZWq0KuffnqBNtiPEqpX2cOJJ6G8HsEJP1cnGSvIV3Mq3FCV2qfQ9F21V1kHIaDneC7XtMMMFi7RqcWbNoriYvT+kK/m2Dwyq2jOTmqacIhR34Q0x8axwBaImbrvD4j0l65NaI30cJzV3xDUi2ypQq/QlSC41BXHTbOye8n1EPQHBj8CuZWhVX54hf7VknuGfvgB/SsiUll92fUcqIep/U9u/rf9INNolynh9hdC5vTJ2rpiQzOCOZ9j8jl96VNOhTT1aDSwKywT65oXME3GptLB4UjezAiODDTcxhwwdnPsjVRWsxZbp3XYX3SaUYSQQmghK5HbF4bDQAYNHQGOS17cvREDyDFigf467AkbjezClkucP5V3zqODNPsDhlEqRgJWhzeFux8GW9g997UQts8+Nq1GKxf1ts3Qr3Jjt2ZoczKBpLLGmJHoM6XlAaY9iRfvK2GaG0yRrVMOPL+qJQ+MpXLzqQVM4u/YhWumYGTq9eWu710EXBzdme7ADEeFv+rXl0hZaa3BoTKcLTI6/b/hRLJ65kfnxO48kpF8uSShoKHgb5tfvYdu+M2MZqIo9oOARgSl/VMHYr6CwItfKdMlZ6m7lzxZc16zVIWwD0yRPq1p1LHnHW6dfQPqiUD+1NVWi39C/mtEGJ14GYwLmiRGDyOApEI3F+c3XvclWFj2sKKUqq/xIngiv7o0iOppuD8+uqcKDPHQqFs0NOWr9iutwe70HLDMZ+jVT6/RBvheUCwQ5jzsK6irnxeo9R+hDVXUgcUGcYq1QVL0ykV2mfjoauLXzcTAXU0RtvW8+12qHBgHWU2UrITkcrntB+IWTA20WIR+QmSFFSbGMZFC+yKLhZvgjirhc3r4js98tKI2dkG3C9SnDCLsm7ZgLYrCKplS1GEEhTejMg0ka0+txAQ0VhejEN7nIAmpVA1RGyxyrHIkpCowZ3+E8nulKoL8yX2Ww8ksOm4W3h4mtVg3yLzkbEGB4oCBrymRIh9RsNvtzrSZoKF9iCAmiCxKTk3wAIw6UTEo8OONprXByjzSQb61aweP89hR3j2Zo8evkCJ6J+R8kCDx4KYHIn8kxl+JPAXbLcg/pHik7jn16rWK6dJrP/Q5PBBRyW70OYJh3H4EuW+HW2OX78sDC+zvQw/btj8K/OEgFSVS5TRP9w76JBv/TOlmxVrHqDNtmg924+vD10rJYgZQKyjK14QKrJh0an1RccO+M4wqhMuS19UvbS+bAgu8DJXmIsQhvFPbiw4ph6tGzDzTSG6Ei4wZXJR9z6DHuJ6aNLx9RiOyYta6kTnVM/S20gbMpC5Q1z1rJC8XG3riJu0VYIuFxXtNp9CEYJPrBR3v3NA0QdyBwFa1ztma5VazgfMQFmS3tSD70GNemMi7kqnJKGz308WC7uxJZIZvHbHaCj2rr1mk4IDu941G3PQD3b5reTYbLNl2V6tiS6Ai+ijOhv+xrwpokF8qWk12lOzpdqeolY8bDGNPq24Dri6aJSAXa9RDw9SISsEOQxPItGVhEry+yyIFrmWWANUyS6E9lzFF0S7QWKM+WqgJdKXOK/I4JmTPfAy+MYPn8l5vzqli85BcOyVY0D4QvW4IsR1BmAyU+BiKta74IzXNl5UhsqAvHQ6N8eIHuAxOCBaeBTsG5MgBoWuqmEndGnSs+7Rf3RcBjo0m7bl8Jh7c5l7pptLFQoO4kxt13xo+Ye3WBXPGeqp4XTl9NlNgAxoXI8sHk2GbSbBBvENTZBJuwqddK71rCUqFfrv1qbFM1wkBfb8arF/v0FiVpC6lZhEFx1FnC8xpkbfdhZu7O9qFp+ImS9e66J6iSFQFVYzcVxYFaZto8vMRlWzNzXBiyd3vAWlrKnKYk3xQbsn53x+he00d2pXD6bRdxNLXgg/YDfOA9yLmJH3KXnXfjE6C9WLGe7lWuMktFtIg3ExSCyfQcrnM6kSVRxHq9UG8t1CfomfKjuz7C6RbQdfqYdvvRvGXnJHtFNN2RuTCDSDgm2sLvh2RyxVPmTcdZuD7yjf/D4tTKQy9S62xNghdt6MC6uqqPNf2L3hUMa8RCjWAOfA4kxUWS5oJukktC8YCl3TTCfWDEmKMYvPK0I6EGOboa4e61da7z9/IUOISRxN2Def4YELHJDcHDMF+fpFDpqu/BYxbqACzDKsbDuo250utqZqhW+o2pdJUzfCSQitvn+m+kKrGYQC7BuP0dgLfR+77nb4VUqG5khv7u/qnpJ7jaM2u0X7S1/kNVia2m64BHNuj4u+UHFSHTnWnJM/bGaSJrpQsqQ8opnqLzwXCnCrTZBepdlH/Mxfe8uKj0wQAkpACCnOOhBTfKVpSsGT2ZT9MMRdlt49+aBqK0+NeMhdhq8M/A8r8UI1W1qNLWHAO1SYCSfHdUtp/73kJQEnJAopjQrpxJxj4EhCwSMoFggnzjOoZum1lSn+wQbeyKg3GF66cr9LWiHEloy7ZJvfit5lmQnilTX0g/X8G2wRfYdrupK+J9v4Nq/jCb8dVoMm1H3fDwha9a8uUTil7dsjwslheAhYIay0JA3+p3Y2gPQkb9oZ9pj93BhnC4MIzVCqYiXKGqCHPwooyVjjWwOoDQSxYihqqNCqxhi5eGho5+GnSsiisFJM7QfthaQ01ZK+6596Dx9L4OnuY4GFy4pvIoqyGdzDBtmG0YSKXG59P66dNnjWZFKPMGJC5qDjfoi8V5s75mcsCMz+IF+iuF+Jy5Onqej0TDbAfjIZj4jPNfS1QnYiONXinvIFif/NNg9qM5fs2jg+6QiQVdd3JTs4t0UegRu+328fC67fSe17R7bBdTxN0pqpg/cFOqV2sfs3OmLz9mvYPkTXtBePp73hD8i+wWnONFc0rQlEdOaJhd5ubqZ8FXtNkj8jtzhj//vvYeQDtCzPqF6Dksz6p5UAMj7Ff3T50K6xXzQ21amGgyrAiK5f5W9fYNGWGFzWkXoswS0izzEwrYr/V/H9YaYqsPBeIQc5dJQinWNkfQSO8FjVfQFhPfq0LOw9HH5zwq4Z9np70i0VkMW/G9y52HixfNqru8Xqtmar01J6+rjYCCIx7/KYJkAauxIVb3fVkHPeUOgtuusG1zst8felHcKPnvnFDPZvSFf1a3F6E9WrngH6sAf/e/Xx92Z3v2oiJofdgNyLn0gAdCTN3iKws2DAdNlLXepuyl/1uVNcXaDt1Ya8fWzjje+JxxxfNwuj68qAmG8s/d0CTtYi9Enmr0c7QhavP9P1OufvFfm0WEFS7n/j+G++Om1emqdyUpnmMKsGpdpyR7kHZSLTGiuE5H1QBuqYMTKCS4xFBoKnQSfuj7GxoV1V1K8+spLIaRl1fyOw+3768vunr0Mi3jHUehbG67BMHCh5dC9lGWhyS6FoYdMuWAoOwGDmipVQpm9c+G8gve0hvat1NQldH+KdFpHOX4ZTlMnBw3v32ATFBeJVTK878IFv79Rl6fnWHi5LTn9GNc4g4sCC9Z2G/CETmJo9tgnOqfVrCmDH92arcJ+B1j1K8jhvznX8a3jP9eU/I1Si2XFKVboRdmGWfurEAjwNopytF9Ury3J4eZ6uPTBrdCb1P4FkYxt69VH7+3ukYL5pmHNeX4TKSo6PzRBZlNnHeFeyKz72CMa7Ov6er+XcWHSmgPnUB42ZkXpExK82rpY+UNdbFvJGWUkHnASvXa/xGpsRhlW+wepwMvWFXfStdsX+ILBEjrZGfWyGK0VtM6n7KYeXWiqBJ7RgpvqsVVLVfCjlbM/pQa0Wxjp4brA02VSzFufFHYcYfzeywi8/lHWL5y/H3y76s1RQYWow+Dhofu7tgsQhf3fodSzx9b3DIL4dz9055zpiQVawYZ6eORC+j3ykrSWM6HQYe2R8jA07dmXHnSJxzbuUe0hUhVOtFxdGVXR8RmVNtj0Td7DdsWTCR07vIDOBMm9M0zwfKFlgYTDFVIzGnCuKbBVaMQwZPwIPn4u9iiTAw8Tv73SBlIsE5lHPXXOiRNGK/Onre5HOWVOnSF906CTNgmVcR2oT4usPTi5EiQ+fmGr7HqRNKnPLVJHl5X5X7tP0lZkKjnBrMeMDJMJeV6XxvhDTJJ8/NrD22uMljAzzGH1JDi5Iny+Y5RzldYB8C8p0v6xi+z9a0WvGaKo63UMhlpH9c0fPAjbS/AKvbf5su6ipw56vXhpkKGjOiIGGtbTBs2PTQ6xo1itXx7xAcG9MEsorIorD3Kc0xunDQEesk+5ZKrlnu/Gd1F7mC6tFEqFyS0wON9/eW/cJ4qzWSbl5eWDW4KyHp6XFkfb16Wln/dzk/0e90Mnn/V859ACZ8u0qWrnHuJSQUu52/vblG1wOFqotGsq61vrpkPwYRC7uaathlVEP6Pv4wn1sdVu6diMjmMk9d8TWouOsrHR4XZHEZUY9W8bsluJDBBJXnHRewLx12CbRNPIQtWd6EckaceEVsq3FQBh7h5Y+n5DV0l1XKZ6qe7n3z0XXPqQNRkKxxR0nV9SK41K85DZW31l2Y9iVuTOAICXrF812HSFNdideYcTwMZKDGFY6gvnJBlRqZtODu0Cm+/nhxN2+sFL4BlAvADkjy6QaaLWcjEpEV2bzK8210/wwrsqh1QB24laanNTrf66WKD1ExGbHLQa/ELtPVFAUJTHezV13PVVzlzDSVdW1fNI9RaLBdW7HhREkbXthPpMsSi83B9WRW+cWnK/Tc10p8qrjVleeMQwEH5IFd3ZVS20++QN8NHQ2iH4X5LORG7BhCmpIKmlmsd6GPTNokeAIXXD8t9KKucn/nS5Pe0CUmW/Rx1FzjbK7wYxTl+4V3WMwEKjATC4ULujcdo8QKpvam75Owo1zewLLoncxdcnTbFrCTdRZACh3QviBVwDIilYW02zfuHd2gXysBpuRbmVOOnjOxnn17hpgkZ2hu/6L2Lyww32qmZ9+G44uGlNmC48Hk/Ng61K6Gf3GDYFHwdYGc3NbDr+Rib6MGI5Ni6n4693jWbRA0VfYgBxFaF3Hlbg+zT29/x4qiDy4B+NtvP739/fz91bffupzbNVaYjZ7JjVSfY5YsH7xgv9cLdiNso04wLGIrEb5mJ26XkuY5wMQ+F9sEJsxCKio0IzEFSMeVlADjIr4XJBAfiAU022A2HE78YO8A9D6PDdRen9gl6rqaJ7oUZp5ro2JXvkO9djKHWPctjfaO1jUf6Zykpxa7tIPBBiqNLzZp6158vYsFsWCjjqaa1GSO2FNJDXYjCpDZL+8JC+WT+wne33Fhkff6//vhqq3K7Cb/PcoRyzs+eo/IXiQf5XDUcdx9+Ek5QdLWzs527NLnpslor7PsoE/mC3C7DU7u4ch03bKaTREPg6KvBWbc8rpu5nLjZcb1Zbe2DTpxWXPQ0GWghcF4VmGdc51ZFfEEek5JvIZ0a199dCGLohJ9T9QAO3Fa46aHYveO3pm/0LBO3eCmT9OsH4rbLRb5v8tw1KzFzWDDTpEMD8ZuuPAOcrrSJSNMRssSncqCB+w3WIlh0OGpo65FUWYylTC+fff2Bv3m/KhtUmoYkS+TphLc/scb9KWiaqR3a8VFpmi/U2fa5IaOQ3SL3tdFZ8G0rkZLJxEf0i5QGXuMgAVanuQ4OgTVBIJjD4abxx/QgDlWRYLdsmATuBdwGbEAuQFa5dGm0u7AjNvtagd0jk1fK3wo3DkVZFVgFauspIG7LfFgfPGDo0+YDNKposDMVtHPAqGLuAVUDeDFElotJQAr539PALXE0SdhuI5T0Y8XBN0zFvvB8Z3bCmpVz+hIiwwTGIwSv/zEwtYiovHeATxflusfxZ1ZRX/ficiIUVmuo/Zd70C3kE+LPB0BeM1xdIkhMiqWTEQsihyCTpEbLbJFpjfMkOjyQ2QLLjcaF/FzV7qwhVmng54g6kJExkRKccJESVUx30ZLeB/ALsnnNMDXmKc4K6zMSiWNzOKHpAD6+scMPI7xYfNkd5PLZZanYLYFHD//jYiswHeZMbHcBruA7YnmNMGjUDCRCGkm0iFdcp3xOc9ih0V3YP8pIfDoncE7sGP3QuzCjl3V24X9U0LYrxPC/ueEsP9XQth/TgPbyJLjOU0hUhro8c0zkRUVB+V7vk3wTtbAy88J9JKi4mxZlGm0b6tlYr6MnYTkIbMUSommX0h834jItEtITLCDWpE01qQFnMaa1FtdlQlmkRLRlFUnMVWNNNb0oHcJRIiRxhpmqWCDWZMEeCXYncBCakoSHML1a8uVRI/C+rUszYriPIFbTRZlRngCH7YFnCBIAnDVfGviu0UtZJ0EclllCWIaRDHDCOYJCoh0hpdUkG3ErKsubIH59g+az1Pgvc6gDWgSyK4dTBqsXWJtEujzZbl+ncYHrbM5M39O0miM6CzurLgeYCWji2qd5JoDVEpU/Co37Xz80WZtdQBTs3J+/vjOEQcc1L4kwF03+Xgd5DqwF4zTFDaMzhYpNpEtYhZn7wJOoRvojJWQpJglEXWsXP+Ya1MOmvlHgq0VSQKbswVNYcZocDQXNGfRCkZ3YTOR5pQUMq841USm4LYHzpYJZJMs9QabqDP/O9BDGeRRACu6ZNooHN8T0sJOoPEpWqZitUrGaw2dyFUi+eoy890RTwDdKIqLBIqkKwVKhXY65XqzkkxnbsJsfOhbrHCSA56PFMLGgLx28+1jw2XaYBF9znGuzbxSsYYF1lCpmxWUAmoVHdf4enRdkxwbLExuWMQfdn1qp4F9MJc4z2PfAZbHDqvWrYMSvEWsyIiSskjSlcgCTmCmsSJLkxzpOx6lYHP5OXp7plLHb1nKSl0qFhkox4aZKnr2GWeCxmux00LVUSfqNHCh+Da+W4tL1/U0W3AZ/TlvgCdI+bc2b3SpY4EmkDjWhk6AavTcBC6XSY6uWCa5wKVUsQVYMa+WKa5ZwTRJIRYKneTAppgDIaiB5krR4UaX4a4BdOyMPwc1djqe2GxiWyBJKsqkGwAd3RKV8TUjqdgyC8zjejDcjaAq/ptVZm4ob3SwUSdTt2DdiNckhyxB4aafiRNbGHiwsaVBmTlHUnR0sdb2lxlZxarzH4CmdyWLHggoqSqWCgsz6LkbA/ImCeD4T6/rRPbxY28KaATASi4zrMuIAwO6oBWODVVRzFPod4oS4IPrOpoIeHwmW8hxW7h2IEuVJ8A4viNTJ/ANa+cbTpAPoGnsRAA38DiBcaLpl/gHINSgNRrUBKaUZssEgleXsb1sWpEU90CRPLoirRUJdcWNANjEG7HVhVnp6F0110TELpQITot9KFDXpDM2+WZp4h8rBzR+RK+Z6Rkb7raM3q21yudJ8tArxRO8hZWmKstZ7Kr3JGMr6shQCjYYog0uYnuD1xkT2uBFAs1gzZRJoYavS5GgdZORqhIx3ayhtmiBjqLnlZHofSXQYOkmeyThsLxPmLMcXSiaM4MusMp9N0MN7d/D6LjJWQm5NDYhFMDAEH0E/Q2I5ChUqtPkQzCRjnNXRcnllg4GCx7k30JW0Zp6H3nGLA+dzwjmnSm6pHeowP1GC20sViyr/jCQ5EhypmE4Q72633pooIR0VZZSGTRsPIrQZoUNYgaVii7GjsID0nLvM4QixHhvdTQoICZ8Z/eRvtCcidQT+Tuo2tW6eGpk5JKaFVWz9vN6JavBi4aQoGuqmnFERqISK03RW2owTAR3dxU3LHj+Ri71yxtX9voCXfoRX2fIrAJTiqAZ8HvqRx8D2gK9o+Z3ZgTV4X0eHuokzFvAyO7mFsHijlhNsSKrGRMsiB/M3J2gv3ZPfMIsDEiGeMlxJWDW77KCOa51E/dwA/dev/Y9NKVvx93Q1DTh9vOLR4x9uxFZxJqm4zqvwrLoA70zcCvG3AVTTKMeEUjt4Lp3MKFa8JGJl9A9N+E4cOifq6lBin6pqDZ7mnafnq18/175TmWAsTxuVSex+x6pJu90152yDyeHEcTGdn4OHdr1z0HKY87+Pzzf0C52fVkLBVg7fDbAaoiXxHvPI2wflznWFLl07QYbNLhVzS75bzwOvqIZBd9gLpVrXx9kI0JYI00pjDvD++dVKSw0JhOM9x10mHZLC1B720NDKgUT0PYhXVJVMKduTIV0u6QbzMHWjNMlRZyuKUdYa7YUbuPaef3how8tmR9RfsP6e076/FEmPVvMKsG+VLQ/JhGHL18H39M6Jp42BaXWaFjuLiSRQlDIrUAbZlZjggKhQGVIo7ErelJ50b1NC8tOkCfNE8XlkhHMkcVgxPQBLB4XO1hqZEzj4/GuXG11GL1OOttG9rJaYz/wmDOss5VMbhM4I64x12CWSjvUyErF7giecD8A5C6NxRbeND+IhXCK1eyca2kN8Z37dgnBcvSr/8YMnYtt878BdAO2vBYG4XxGZFFWhqqwGE7ixreEpTPPvunvBcxY3NkQZv5WvfrT93+2tu9lZztqjn0TRNuf0yxuxOxYxw3eUoX+ufHJ6ZceDUAufOtj1/+kP/OixXnn1O/djxOTlw/Jtmf9gSl2nRl699uHK0s7VdQ5T8BfmjNNFC2xIFurVXr1jPdzQRBw6Ax9ePszuhbmh1dn6Prd5dV//ow+Xgvz+kf0fLPaIkGZWVGFyEpqPypNKkWJgU99//r//I8Xz4IcoWaVUMb1+QEydVbg8Dgenfj03fOa37qzeF0jFb7i+dNCuiubDmB+YsO4ox/4EL49xbS1Tj4xZSrM0Zvzd0Fk/5CCpvNlnXYy/p8UdBbmrUX3qxGhQMhh4Qlb8BTf4D37sMSGbvAjjEiH032DzvNcgZ/WnfIQOs3TS4ry1DjnQ2Mh1xdvb9yrNBoeK7CeMPqx41Rymqp/u9H1jUVlxPtleXjiJIgoPLRrj/Ow1sQyN11rWgHRQRfnObMfxrwN2HZm+YffuQkPgDUJ4YJLf8Mvd4/AAJU21zqJXnfsk4bRO4/hjVSmEckDoZtDgA02gJntYcmrJ+a9o4eJZf2Y1GS9HWO8oCG7cSovrscOLF+stSTMqpzObzTQcZCVywqLJZ01phORYsGWlaI5mm8BJhU5ZA2F5Ux5YuuBQdHoiLYcXHSRoN8Bj6j7d0u4ojsAFC2koZnP7I6fZxSftbnQGc5cKn4C0KVRaYAvEhyJRYJqYZ7iOqTqf1ImYCrOs9oTl04t71vwlo5Zf7WuM+ERNNgrs6JKUIM+bEt6hj7Wz9gbcID9gG5qB9jgJfhtTFOrR/VMoEyMmMY10t4vfoYw50Flomw/CAluWEFi3poq+wYyYSTSBh5zJtDH61GBQiBBNpm8ii6yLVBZJhj7ZgErqmNn9FqwCUpc3IsYOxUd/O0JsHWjFTJOxTL6pEjA2SofCbXQEQ3UqTyYdwIwAhFIJ1ggjH6RaoNVPpzTjdD5EpK9FML2xt9BLt2cmg2lIqx6Ru6aeN8YtzSYd0N1DhkELeMhM2JAIRM+zxXSEgpmrFjyIzbCJK45FlPE8Y9wUNYJIh0X5YDAXZdlG0lZWwt2CQbs7ssTO1JJCXQhWMfrB3dcxB4rw0jFsULQLxrVSDy/uvv5jVzKxSI8/Z2SzKxo8u3dQfaDXdDdxg7eVxZvi+55ZVZUGJ8sPoq2rmJ2TjguocctOY76R03VKMKyMkROy2m/5DjCtxUhVOsRnKHz+GnN0U5LPAG8kFVxl1JtUaAwYYDbFMJpB0faw9FKJQjw6VIK+65YuRVSDpsvooGitEvVOl4/upF3EyPXtRRqBjijeUOP98P09GEmkGamCshPBMUF1ItoD3WFNcK5LO3rYlaUKSQ3ot0yxziD76SQxUheLczk0My1qJ9WibDKPRO5lT9S6YYBGP3COEXnHrHZgA3HOHtFQ5i7k6MJ4w39j5KuMMqCW5+1EJcLIRoDjIhZ7/4ARrh8vVtfrxGbE+MJoXOZsnogQPycrvCayQq0SyKLUsmCjWQo0qmRuxJ4zqGIbIEu9uPGxLoROwmR7GO4o3WiIAI7GEYdLnMCgoH1G/xS727nlW3v2+ixa8ssK2H65WyxNfocysAzcopZf5QWBO/xkgqqGKlJAoZAol8/tYCZFTy1odluyCM7I9/PtFHjwc+aplPabj0aTa/20+TVC7dWQrqCpmljhBtWUG3lutP2FC3paBDJ70K0phAHNwIaDz5wG9SRR+uU3t2PdrR+OI6m7zMdbcjp0aR5h/EhCge0AcWtQDhCGHy91L06SJ2adO/cRYtCmzq8c9F6qU4jQA7I8UaAfL3H8YfDWxZrtME0W3acfFSTSpCYd+wI+THpcYxJ2+AwNko9lKD1/NTRK3cqs8oKalbyEaIkeMeTjBwa/mOjGw69lJRM6nXaE9V5L7n311pE9pzLRJ6Q/5z99Kc/oedvLs9vXqBLpg0Ty4rpFc2hFD6IC5dLmbwv0L5IGGTLLhwefpvhgyMZY0om9iruq/+0uxrCoLkx4JGPNvT5PteFQNp/U/fbcfwBTqGYKRahNultphjmsbrT9Qh5j3NWabcCkgppVjCOlRNPVmzaO0TgXQ+XV8E91yyfstNIN1P+oz0ItRex1xezveTp6izOxb67DmENX2nY8f96JxH8ZnAWvOOGdsoy8rArU6qUiQGDkA2wWqolFuyPPVnVIt1ROJbZJ3C6e6ZG2L1gKlhLmqjrzy92OXgtXIsv17toJ6v5V4q5WRGsKCoVzWXBBA4W3HXE0w02jAqjD6bHczwltW/woxLrWj/SMtHBtVfnmRVcJVYGmiG1pO4XqxM2O/LC5hiJuqA5VdjQPIuWVLbnfFjh80u9YhM8u1FyzfKmeZj/HC5L7jXVwcHwzX/ss7ar04YVnJZIlk9EZbOk7/VntiNkBoeHQubkmrno+aqvuI+0gGuUzphDwe+redI70Jk6X+pUQi8DhDodFTRWrJE2UjmJb6EV1GBY7Rl8amY/9SxMfcHynNPppNxbWO9YORfY3o7cO0nO1eMxpiH3xq/W6TAktnV09gyVHNsts++zVIgKorblmJcfUiEnsCePyKBTjW35q9QGvcVkxcSISZfjRJLjmz6vPwrI9C8VteLD6keuyZmeoTc5LtEn+I/Tj3IpXN3p34aPJ1rhNbWaE6dYoS8VVVsEPQh1KYWmtUYVLk619GbwnWnkpe+BRyxkxeoukMKR7/ryjeNZkzQBqu0Beu+box6LKUx5Susw65/xurX0ThMjaxv6h5dppCohgnasPmteHhd5dm2kRmrsPMTMW5jpNwKjDRO53GikS0rYghH7m7NQnaDPkx1eEEuew7fNuUHPoSMsFaR9hiB0+aLDLVQJeMff0CUmW/RR7za+bSKwRb+QNnp2rV1hAoN95LXvmlqACtSqwSGzL+KA400fgED1/06lKZTzDNm3S3Z6hXqsO69TrwMUA4XBg+a/cwKx0+T1jpHqM3y9672WdVdA+ngX0CE10zjsmoDB7t60CZluGwY7FG5Icbj4GcoGYo4EHK1wA5JzumDC++pBOEFXvwKXI00HAbuTCsUS4dY6YHrqX2zB2PhsU9PueymN9KZsfNjGYLIqJm6B364KDEcD66i7HUmGvMyZiDdBLOrdsCRDUWHaxzMgpLplO7Atro12W94fmNo5wDrt23cA6xKr+kzZH5+1pGxWbNBKHdnbYW1Zl/x+FHkm+swS19ZCqm26Df8XXWLxbwc7xtSI7HZRr9Xz0NNk2fIvLwH6AdoeTSUaUFX3W99P1egpyKgwSpaniI5cVvOBc+GoM+7XtNY2PVCOADi66o5p7+GFLEosts19hGsH4/SdvbKmyj5DGRMLGVYKsP6cukbogPzoWZE1Zhuativ64kuqHIFfKs636D8qzNmC0RxdQt2zcw4GUdnQeUak/MweKej+O50jt35rP2M+ps1H7zbbhsPLyoDKfeII08N3/X2zhJ+y493Rzic/Qx+2pSO99RxY5rgdHN88RRdZ1GayPbQtDs4RoZ7pUNvaPjJTuOoa5XIXO+dZLKWqvf0QYn7/ZmTLO71yIh+nmhdl2jlEe1hhVz7oua/RVFIm0kR2kbLr2P1AJTZh1yQRGdYxo/0dwMqX00eGXCkecZs7UCPuSmOMZpWK5Q3pwNRUZXgZz6ZsQUd/nnZBR01/3AXtT30CwULvDBWgWsU3Tiz8aKe5UfRWivZSZWJrVG6JKWoJd2TuB1gW1KuX/t8XHoWX/h8+rynk9secqnB2nifnEaPnjphu8Bw8rp1RawNycj8QzZpUTCyoUiNx1yHdk9DVVfwPsj7onp0Aybov8aKzDYErBWFtmfRKBZaY7Phdubi9PXYfIINYdX/0VzpM0Bof+MnKFVXT+COszu4znp5fwOjHF+gC1g+jRpWZqFnKCJ8vqPLDP+lOFuae5rw0aei4w8jOhttFn+lOp+i9O83+ONUref/WKOHdRrfsj7C3hn1OJFOu/3qFBF1Kw9wGliusRyZAaTJ1W6HOVrrFx4cL2q1ONgFqkODSO2N14/S6/iackKLZcoqKit3+Rs3Uww+jg5atNGFaV9GVToAMyVLpvHUPi6EAhlSppD7QwaZ0peeVXRzdQnB6n3SaJEOi6Qzuo8jPbyG1c/9j1JGepyF5f+m5B8dxEao1z9YpX/R+SNU7soPI5Jk9eriK3qZRpwLMPlNvUSdqbvBNO66k+yCBbP0RaYjXSYWub8//+vYG3dh3Cv0mRqavtNgmqqQ+BdsPGxnGFsQQWVHyWZ/kRD5OCKftQRYaOtf062xahEEaqB9B2ErBPVouVWzQFPIRlFyHR9MVZNRoAJz/P+6upbdxGwjf+yt4TAA3Afq6dFHAzXa7ATat0TbYozCmaJswRQokZTn/vuDwYT1ot2hkpdhrAlMfZ4bDITnfjAXbzNbhs4vyAIKX3hAzIIaOcLaq1pccIUpsz17M0G1PZPkxgXTisXfW1qbg2IP2KkOjKq8hEAr/g9XEtzIyX5Tm9uUfVhRVVXXVOnH/ErfHES6E8hT8lmsmhifNqa9YWgGyMOatGt66L3sf/jnMNnK0smg91bioFZ8jrToH2CMgiABB5U8DKFa6AylHhTOuXW4qfBWBnHmznalsc9pYQs/Dz5+Wv4V9737w+bShWKWHd/+T12zjZl8clGiuJYBl7OMsQ5+b1Bk7tvNtJLeG3HgQ5hardSCxN3bUHQxPEHR2NqK5kjf7FLA+S25DusBdn3RwYBozBTaNIFRJymrrDsp/eh2eKa/Qttf0vl7w7sAeW2g7oLXSlign348/L3MpuFmxT213Sm/nT7AcEgx6V6xr8MVOsoVifv3l99XjijzBseKyTG2982p1c5s9DbPXRPHMtMI0RrO7NK0UPuUpi5OnZ3uWY7GZj7D51iT8OOWrhx29y7LglR/fhyq9AcVFhGI+pbxxrYA44+qL5w0nYo4sx5Hk1Ksb70vcEfqNshtDu2o8xadH3cqTexfENJkUdTDknbFaye1PawF0L7ixrHx3H/62SP/lcsNo/l8brlkLIhvIwFp0fkNAlsQocsYsNdtyY/WLO9nP6SxqsLtQrD9hIEMMI5B4KTUXTE+E9nwtqnSnCnmKJxNyJm0nJ+V0426oumuqtWZCdE/zeUvv4emn33/AJYAr9sENSp7DoN2NdbxOBuXm+ODEcl44F6AQspQEtIaUf1/yDdJYbec7RDOBbz1Bx8hrzUUB4cJxImh/YfYKbfxVhfbsulPLCB657MO4rQJLd8xkg1clOH0p4ovh+GHwFVCxOFB6jPSVKTyUVGKQm1iB5I4sD8AFvpOdsu/Jt7jCYa0O2Sirh3syGdtQ9e0E3Um1gjIUO4iIPyhN2BGqWrAF+UNBxeUWeQWNxbJQsaNqDvlaKLpnZTG9hQytQSO9/kTC7lrGmjnIAcsZFXx3WQXBCCe1nKiAFrPrcfyF+2NIMLfsaO93thI5PGYHhdnBN9//MAWaj+xISr5lxkZ/0K/6kF/2cChKZn3338n0mkYMVwOUKt3pCkNAWn7gujGEyS2XpwYryGzh0tT+51k30MA0zpO4/R4v5YQgtXIC4p4UIFuQzgo71YjIzep5eRsM1KTnmlqrI3cRnMMNzkPYRssOrS9N1FCQst++N6mgqouSm1oZPopaX+N+8T2jyzo0CS/GIogIofqtbFkeAEsgPIFoXfC90irq8Wb5tLp1M6xBJ/uKe59vCvOY1EY2DDMofiQU3MIlD4KBXLhxOeWqwb38We6larMqdgKpPIbx/d1/lMjj5vT5xaiVWvha31KXT6tz6AxVejIXgoMNkWAOqEPgAyIMKRI33ce6kb/ilNlyIZyk1wJk1omXYIGyUVuAV8Duyi9ZwnuwQB7wO96lBzJg4IE2humvka/vYxINmw2nOby+g+Hw5PwKuOFUnDbK9BTte3XbRkom7r76OwAA//8VqLns" } diff --git a/x-pack/filebeat/module/cisco/ftd/_meta/fields.yml b/x-pack/filebeat/module/cisco/ftd/_meta/fields.yml index 7c31ecd11ff..88f1d922df1 100644 --- a/x-pack/filebeat/module/cisco/ftd/_meta/fields.yml +++ b/x-pack/filebeat/module/cisco/ftd/_meta/fields.yml @@ -114,3 +114,15 @@ default_field: false description: > The assigned DAP records + + - name: termination_user + type: keyword + default_field: false + description: > + AAA name of user requesting termination + + - name: webvpn.group_name + type: keyword + default_field: false + description: > + The WebVPN group name the user belongs to diff --git a/x-pack/filebeat/module/cisco/ftd/test/asa-fix.log-expected.json b/x-pack/filebeat/module/cisco/ftd/test/asa-fix.log-expected.json index cbb36cb6185..ca827be6c56 100644 --- a/x-pack/filebeat/module/cisco/ftd/test/asa-fix.log-expected.json +++ b/x-pack/filebeat/module/cisco/ftd/test/asa-fix.log-expected.json @@ -6,6 +6,7 @@ "cisco.ftd.message_id": "302016", "cisco.ftd.source_interface": "Outside", "cisco.ftd.source_username": "(LOCAL\\Elastic)", + "cisco.ftd.termination_user": "zzzzzz", "destination.address": "10.233.123.123", "destination.ip": "10.233.123.123", "destination.port": 53, diff --git a/x-pack/filebeat/module/cisco/ftd/test/asa.log-expected.json b/x-pack/filebeat/module/cisco/ftd/test/asa.log-expected.json index 70e87e332d9..475389976c6 100644 --- a/x-pack/filebeat/module/cisco/ftd/test/asa.log-expected.json +++ b/x-pack/filebeat/module/cisco/ftd/test/asa.log-expected.json @@ -131,6 +131,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11749 for outside:100.66.211.242/80 to inside:172.31.98.44/1758 duration 0:01:07 bytes 38110 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -190,6 +191,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11748 for outside:100.66.211.242/80 to inside:172.31.98.44/1757 duration 0:01:07 bytes 44010 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -249,6 +251,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11745 for outside:100.66.185.90/80 to inside:172.31.98.44/1755 duration 0:01:07 bytes 7652 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -308,6 +311,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11744 for outside:100.66.185.90/80 to inside:172.31.98.44/1754 duration 0:01:07 bytes 7062 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -367,6 +371,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11742 for outside:100.66.160.197/80 to inside:172.31.98.44/1752 duration 0:01:08 bytes 5738 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:48.000Z", "event.timezone": "-02:00", @@ -426,6 +431,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11738 for outside:100.66.205.14/80 to inside:172.31.98.44/1749 duration 0:01:08 bytes 4176 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:48.000Z", "event.timezone": "-02:00", @@ -485,6 +491,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11739 for outside:100.66.124.33/80 to inside:172.31.98.44/1750 duration 0:01:08 bytes 1715 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:48.000Z", "event.timezone": "-02:00", @@ -544,6 +551,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11731 for outside:100.66.35.9/80 to inside:172.31.98.44/1747 duration 0:01:09 bytes 45595 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -603,6 +611,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11723 for outside:100.66.211.242/80 to inside:172.31.98.44/1742 duration 0:01:09 bytes 27359 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -662,6 +671,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11715 for outside:100.66.218.21/80 to inside:172.31.98.44/1741 duration 0:01:09 bytes 4457 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -721,6 +731,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11711 for outside:100.66.198.27/80 to inside:172.31.98.44/1739 duration 0:01:09 bytes 26709 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -780,6 +791,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11712 for outside:100.66.198.27/80 to inside:172.31.98.44/1740 duration 0:01:09 bytes 22097 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:47.000Z", "event.timezone": "-02:00", @@ -839,6 +851,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11708 for outside:100.66.202.211/80 to inside:172.31.98.44/1738 duration 0:01:10 bytes 2209 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:46.000Z", "event.timezone": "-02:00", @@ -898,6 +911,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11746 for outside:100.66.124.15/80 to inside:172.31.98.44/1756 duration 0:01:07 bytes 10404 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:49.000Z", "event.timezone": "-02:00", @@ -957,6 +971,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11706 for outside:100.66.124.15/80 to inside:172.31.98.44/1737 duration 0:01:10 bytes 123694 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:46.000Z", "event.timezone": "-02:00", @@ -1016,6 +1031,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11702 for outside:100.66.209.247/80 to inside:172.31.98.44/1736 duration 0:01:11 bytes 35835 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:33:45.000Z", "event.timezone": "-02:00", @@ -1075,6 +1091,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11753 for outside:100.66.35.162/80 to inside:172.31.98.44/1765 duration 0:00:30 bytes 0 SYN Timeout", + "event.reason": "SYN Timeout", "event.severity": 6, "event.start": "2018-10-10T14:34:26.000Z", "event.timezone": "-02:00", @@ -2744,6 +2761,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11777 for outside:100.66.133.112/80 to inside:172.31.98.44/1453 duration 0:00:00 bytes 862 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-10-10T14:34:56.000Z", "event.timezone": "-02:00", @@ -3717,6 +3735,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11784 for outside:100.66.198.40/80 to inside:172.31.98.44/1457 duration 0:00:00 bytes 593 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-10-10T14:34:56.000Z", "event.timezone": "-02:00", @@ -4430,6 +4449,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11564 for outside:100.66.115.46/80 to inside:172.31.156.80/1382 duration 0:05:25 bytes 575 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-10-10T14:29:31.000Z", "event.timezone": "-02:00", @@ -4489,6 +4509,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%ASA-6-302014: Teardown TCP connection 11797 for outside:100.66.19.254/80 to inside:172.31.156.80/1385 duration 0:00:00 bytes 5391 TCP Reset-I", + "event.reason": "TCP Reset-I", "event.severity": 6, "event.start": "2018-10-10T14:34:56.000Z", "event.timezone": "-02:00", diff --git a/x-pack/filebeat/module/cisco/ftd/test/sample.log-expected.json b/x-pack/filebeat/module/cisco/ftd/test/sample.log-expected.json index ed414710ed2..0e0512e1c3a 100644 --- a/x-pack/filebeat/module/cisco/ftd/test/sample.log-expected.json +++ b/x-pack/filebeat/module/cisco/ftd/test/sample.log-expected.json @@ -2229,6 +2229,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%FTD-6-302014: Teardown TCP connection 447236 for outside:192.0.2.222/1234 to dmz:192.168.1.34/5678 duration 0:00:00 bytes 14804 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-12-11T10:01:31.000Z", "event.timezone": "-02:00", @@ -2286,6 +2287,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%FTD-6-302014: Teardown TCP connection 447234 for outside:192.0.2.222/1234 to dmz:192.168.1.35/5678 duration 0:01:08 bytes 134781 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-12-11T10:00:30.000Z", "event.timezone": "-02:00", @@ -2343,6 +2345,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%FTD-6-302014: Teardown TCP connection 447234 for outside:192.0.2.222/1234 to dmz:192.168.1.35/5678 duration 0:01:08 bytes 134781 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-12-11T10:00:30.000Z", "event.timezone": "-02:00", @@ -2666,6 +2669,7 @@ "event.kind": "event", "event.module": "cisco", "event.original": "%FTD-6-302014: Teardown TCP connection 447237 for outside:192.0.2.222/1234 to dmz:10.10.10.10/1235 duration 23:59:59 bytes 11420 TCP FINs", + "event.reason": "TCP FINs", "event.severity": 6, "event.start": "2018-12-10T10:01:54.000Z", "event.timezone": "-02:00", diff --git a/x-pack/filebeat/module/cisco/shared/ingest/asa-ftd-pipeline.yml b/x-pack/filebeat/module/cisco/shared/ingest/asa-ftd-pipeline.yml index fc25f93f3b8..7cd61253320 100644 --- a/x-pack/filebeat/module/cisco/shared/ingest/asa-ftd-pipeline.yml +++ b/x-pack/filebeat/module/cisco/shared/ingest/asa-ftd-pipeline.yml @@ -183,97 +183,120 @@ processors: - dissect: if: "ctx._temp_.cisco.message_id == '106001'" field: "message" + description: "106001" pattern: "%{network.direction} %{network.transport} connection %{event.outcome} from %{source.address}/%{source.port} to %{destination.address}/%{destination.port} flags %{} on interface %{_temp_.cisco.source_interface}" - dissect: if: "ctx._temp_.cisco.message_id == '106002'" field: "message" + description: "106002" pattern: "%{network.transport} Connection %{event.outcome} by %{network.direction} list %{_temp_.cisco.list_id} src %{source.address} dest %{destination.address}" - dissect: if: "ctx._temp_.cisco.message_id == '106006'" field: "message" + description: "106006" pattern: "%{event.outcome} %{network.direction} %{network.transport} from %{source.address}/%{source.port} to %{destination.address}/%{destination.port} on interface %{_temp_.cisco.source_interface}" - dissect: if: "ctx._temp_.cisco.message_id == '106007'" field: "message" + description: "106007" pattern: "%{event.outcome} %{network.direction} %{network.transport} from %{source.address}/%{source.port} to %{destination.address}/%{destination.port} due to %{network.protocol} %{}" - grok: if: "ctx._temp_.cisco.message_id == '106010'" field: "message" + description: "106010" patterns: - "%{NOTSPACE:event.outcome} %{NOTSPACE:network.direction} %{NOTSPACE:network.transport} src %{NOTSPACE:_temp_.cisco.source_interface}:%{NOTSPACE:source.address}/%{POSINT:source.port} (%{DATA})?dst %{NOTSPACE:_temp_.cisco.destination_interface}:%{NOTSPACE:destination.address}/%{POSINT:destination.port}(%{GREEDYDATA})?" - dissect: if: "ctx._temp_.cisco.message_id == '106013'" field: "message" + description: "106013" pattern: "Dropping echo request from %{source.address} to PAT address %{destination.address}" - set: if: "ctx._temp_.cisco.message_id == '106013'" field: "network.transport" + description: "106013" value: icmp - set: if: "ctx._temp_.cisco.message_id == '106013'" field: "network.direction" + description: "106013" value: inbound - grok: if: "ctx._temp_.cisco.message_id == '106014'" field: "message" + description: "106014" patterns: - "%{NOTSPACE:event.outcome} %{NOTSPACE:network.direction} %{NOTSPACE:network.transport} src %{NOTSPACE:_temp_.cisco.source_interface}:%{NOTSPACE:source.address} (%{DATA})?dst %{NOTSPACE:_temp_.cisco.destination_interface}:%{NOTSPACE:destination.address}(%{GREEDYDATA})?" - grok: if: "ctx._temp_.cisco.message_id == '106015'" field: "message" + description: "106015" patterns: - "%{NOTSPACE:event.outcome} %{NOTSPACE:network.transport} %{NOTSPACE} from %{IP:source.address}/%{POSINT:source.port} to %{IP:destination.address}/%{POSINT:destination.port} flags %{DATA} on interface %{NOTSPACE:_temp_.cisco.source_interface}" - dissect: if: "ctx._temp_.cisco.message_id == '106016'" field: "message" pattern: "%{event.outcome} IP spoof from (%{source.address}) to %{destination.address} on interface %{_temp_.cisco.source_interface}" + description: "106016" - dissect: if: "ctx._temp_.cisco.message_id == '106017'" field: "message" pattern: "%{event.outcome} IP due to Land Attack from %{source.address} to %{destination.address}" + description: "106017" - dissect: if: "ctx._temp_.cisco.message_id == '106018'" field: "message" pattern: "%{network.transport} packet type %{_temp_.cisco.icmp_type} %{event.outcome} by %{network.direction} list %{_temp_.cisco.list_id} src %{source.address} dest %{destination.address}" + description: "106018" - dissect: if: "ctx._temp_.cisco.message_id == '106020'" field: "message" pattern: "%{event.outcome} IP teardrop fragment (size = %{}, offset = %{}) from %{source.address} to %{destination.address}" + description: "106020" - dissect: if: "ctx._temp_.cisco.message_id == '106021'" field: "message" pattern: "%{event.outcome} %{network.transport} reverse path check from %{source.address} to %{destination.address} on interface %{_temp_.cisco.source_interface}" + description: "106021" - dissect: if: "ctx._temp_.cisco.message_id == '106022'" field: "message" pattern: "%{event.outcome} %{network.transport} connection spoof from %{source.address} to %{destination.address} on interface %{_temp_.cisco.source_interface}" + description: "106022" - grok: if: "ctx._temp_.cisco.message_id == '106023'" field: "message" + description: "106023" patterns: - ^%{NOTSPACE:event.outcome} %{NOTSPACE:network.transport} src %{NOTSPACE:_temp_.cisco.source_interface}:%{IPORHOST:source.address}(/%{POSINT:source.port})?\s*(%{GREEDYDATA:_temp_.cisco.source_username} )?dst %{NOTSPACE:_temp_.cisco.destination_interface}:%{IPORHOST:destination.address}(/%{POSINT:destination.port})?%{DATA}by access.group "%{NOTSPACE:_temp_.cisco.list_id}" - dissect: if: "ctx._temp_.cisco.message_id == '106027'" field: "message" + description: "106027" pattern: '%{} %{event.outcome} src %{source.address} dst %{destination.address} by access-group "%{_temp_.cisco.list_id}"' - dissect: if: "ctx._temp_.cisco.message_id == '106100'" field: "message" + description: "106100" pattern: "access-list %{_temp_.cisco.list_id} %{event.outcome} %{network.transport} %{_temp_.cisco.source_interface}/%{source.address}(%{source.port})%{}-> %{_temp_.cisco.destination_interface}/%{destination.address}(%{destination.port})%{}" - dissect: if: "ctx._temp_.cisco.message_id == '106102' || ctx._temp_.cisco.message_id == '106103'" field: "message" + description: "106103" pattern: "access-list %{_temp_.cisco.list_id} %{event.outcome} %{network.transport} for user %{user.name} %{_temp_.cisco.source_interface}/%{source.address}(%{source.port})%{}-> %{_temp_.cisco.destination_interface}/%{destination.address}(%{destination.port})%{}" - dissect: if: "ctx._temp_.cisco.message_id == '111004'" field: "message" + description: "111004" pattern: "%{source.address} end configuration: %{_temp_.cisco.cli_outcome}" - set: field: event.outcome + description: "111004" value: "success" if: "ctx._temp_.cisco.message_id == '111004' && ctx?._temp_?.cisco?.cli_outcome == 'OK'" - set: field: event.outcome + description: "111004" value: "failure" if: "ctx._temp_.cisco.message_id == '111004' && ctx?._temp_?.cisco?.cli_outcome == 'FAILED'" - remove: @@ -281,296 +304,374 @@ processors: ignore_missing: true - append: field: event.type + description: "111004" value: "change" if: "ctx._temp_.cisco.message_id == '111004'" - grok: if: "ctx._temp_.cisco.message_id == '111009'" + description: "111009" field: "message" patterns: - "^%{NOTSPACE} '%{NOTSPACE:host.user.name}' executed %{NOTSPACE} %{GREEDYDATA:_temp_.cisco.command_line_arguments}" - grok: if: "ctx._temp_.cisco.message_id == '111010'" field: "message" + description: "111010" patterns: - "User '%{NOTSPACE:host.user.name}', running %{QUOTEDSTRING} from IP %{IP:source.address}, executed %{QUOTEDSTRING:_temp_.cisco.command_line_arguments}" - dissect: if: "ctx._temp_.cisco.message_id == '113019'" field: "message" + description: "113019" pattern: "Group = %{}, Username = %{source.user.name}, IP = %{destination.address}, Session disconnected. Session Type: %{}, Duration: %{_temp_.duration_hms}, Bytes xmt: %{source.bytes}, Bytes rcv: %{destination.bytes}, Reason: %{message}" - grok: if: '["302013", "302015"].contains(ctx._temp_.cisco.message_id)' field: "message" + description: "302013, 302015" patterns: - "Built %{NOTSPACE:network.direction} %{NOTSPACE:network.transport} connection %{NUMBER:_temp_.cisco.connection_id} for %{NOTSPACE:_temp_.cisco.source_interface}:%{IP:source.address}/%{NUMBER:source.port} \\(%{IP:_temp_.natsrcip}/%{NUMBER:_temp_.cisco.mapped_source_port}\\)(\\(%{NOTSPACE:_temp_.cisco.source_username}\\))? to %{NOTSPACE:_temp_.cisco.destination_interface}:%{NOTSPACE:destination.address}/%{NUMBER:destination.port} \\(%{NOTSPACE:_temp_.natdstip}/%{NUMBER:_temp_.cisco.mapped_destination_port}\\)( \\(%{NOTSPACE:destination.user.name}\\))?%{GREEDYDATA}" - dissect: if: "ctx._temp_.cisco.message_id == '303002'" field: "message" + description: "303002" pattern: "%{network.protocol} connection from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port}, user %{client.user.name} %{} file %{file.path}" - dissect: if: "ctx._temp_.cisco.message_id == '302012'" field: "message" + description: "302012" pattern: "Teardown %{} %{network.transport} translation from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} duration %{_temp_.duration_hms}" - grok: if: "ctx._temp_.cisco.message_id == '302020'" field: "message" + description: "302020" patterns: - - "Built %{NOTSPACE:network.direction} %{NOTSPACE:network.protocol} connection for faddr %{IP:destination.address}/%{NUMBER} (%{DATA})?gaddr %{IP:_temp_.natsrcip}/%{NUMBER} laddr %{IP:source.address}/%{NUMBER}(%{GREEDYDATA})?" + - "Built %{NOTSPACE:network.direction} %{NOTSPACE:network.protocol} connection for faddr (?:%{NOTCOLON:_temp_.cisco.source_interface}:)?%{ECSDESTIPORHOST}/%{NUMBER}\\s*(?:\\(%{NOTSPACE:_temp_.cisco.destination_username}\\) )?gaddr (?:%{NOTCOLON}:)?%{MAPPEDSRC}/%{NUMBER} laddr (?:%{NOTCOLON:_temp_.cisco.source_interface}:)?%{ECSSOURCEIPORHOST}/%{NUMBER}\\s*(?:\\(%{NOTSPACE:_temp_.cisco.source_username}\\) )?(type %{NUMBER:_temp_.cisco.icmp_type} code %{NUMBER:_temp_.cisco.icmp_code})?" + pattern_definitions: + NOTCOLON: "[^:]*" + ECSSOURCEIPORHOST: "(?:%{IP:source.address}|%{HOSTNAME:source.domain})" + ECSDESTIPORHOST: "(?:%{IP:destination.address}|%{HOSTNAME:destination.domain})" + MAPPEDSRC: "(?:%{DATA:_temp_.natsrcip}|%{HOSTNAME})" - dissect: if: "ctx._temp_.cisco.message_id == '302022'" field: "message" + description: "302022" pattern: "Built %{} stub %{network.transport} connection for %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} %{} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} %{}" - dissect: if: "ctx._temp_.cisco.message_id == '302023'" field: "message" + description: "302023" pattern: "Teardown stub %{network.transport} connection for %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} duration %{_temp_.duration_hms} forwarded bytes %{network.bytes} %{event.reason}" - grok: if: "ctx._temp_.cisco.message_id == '304001'" field: "message" + description: "304001" patterns: - "%{IP:source.address} %{DATA} (%{NOTSPACE}@)?%{IP:destination.address}:%{GREEDYDATA:url.original}" - set: if: "ctx._temp_.cisco.message_id == '304001'" field: "event.outcome" + description: "304001" value: allow - dissect: if: "ctx._temp_.cisco.message_id == '304002'" field: "message" + description: "304002" pattern: "Access %{event.outcome} URL %{url.original} SRC %{source.address} %{}EST %{destination.address} on interface %{_temp_.cisco.source_interface}" - - dissect: + - grok: if: "ctx._temp_.cisco.message_id == '305011'" field: "message" - pattern: "Built %{} %{network.transport} translation from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port}" + description: "305011" + patterns: + - Built %{NOTSPACE} %{NOTSPACE:network.transport} translation from %{NOTSPACE:_temp_.cisco.source_interface}:%{IP:source.address}/%{NUMBER:source.port}(\(%{NOTSPACE:source.user.name}\))? to %{NOTSPACE:_temp_.cisco.destination_interface}:%{IP:destination.address}/%{NUMBER:destination.port} - dissect: if: "ctx._temp_.cisco.message_id == '313001'" field: "message" + description: "313001" pattern: "%{event.outcome} %{network.transport} type=%{_temp_.cisco.icmp_type}, code=%{_temp_.cisco.icmp_code} from %{source.address} on interface %{_temp_.cisco.source_interface}" - dissect: if: "ctx._temp_.cisco.message_id == '313004'" field: "message" + description: "313004" pattern: "%{event.outcome} %{network.transport} type=%{_temp_.cisco.icmp_type}, from%{}addr %{source.address} on interface %{_temp_.cisco.source_interface} to %{destination.address}: no matching session" - dissect: if: "ctx._temp_.cisco.message_id == '313005'" field: "message" + description: "313005" pattern: "No matching connection for %{network.transport} error message: %{} on %{_temp_.cisco.source_interface} interface.%{}riginal IP payload: %{}" - dissect: if: "ctx._temp_.cisco.message_id == '313008'" field: "message" + description: "313008" pattern: "%{event.outcome} %{network.transport} type=%{_temp_.cisco.icmp_type}, code=%{_temp_.cisco.icmp_code} from %{source.address} on interface %{_temp_.cisco.source_interface}" - dissect: if: "ctx._temp_.cisco.message_id == '313009'" field: "message" + description: "313009" pattern: "%{event.outcome} invalid %{network.transport} code %{_temp_.cisco.icmp_code}, for %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}" - dissect: if: "ctx._temp_.cisco.message_id == '322001'" field: "message" + description: "322001" pattern: "%{event.outcome} MAC address %{source.mac}, possible spoof attempt on interface %{_temp_.cisco.source_interface}" - dissect: if: "ctx._temp_.cisco.message_id == '338001'" field: "message" + description: "338001" pattern: "Dynamic filter %{event.outcome} black%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}source %{} resolved from %{_temp_.cisco.list_id} list: %{source.domain}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - set: if: "ctx._temp_.cisco.message_id == '338001'" field: "server.domain" + description: "338001" value: "{{source.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338002'" field: "message" + description: "338002" pattern: "Dynamic %{}ilter %{event.outcome} black%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}destination %{} resolved from %{_temp_.cisco.list_id} list: %{destination.domain}" - set: if: "ctx._temp_.cisco.message_id == '338002'" field: "server.domain" + description: "338002" value: "{{destination.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338003'" field: "message" + description: "338003" pattern: "Dynamic %{}ilter %{event.outcome} black%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}source %{} resolved from %{_temp_.cisco.list_id} list: %{}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - dissect: if: "ctx._temp_.cisco.message_id == '338004'" field: "message" + description: "338004" pattern: "Dynamic %{}ilter %{event.outcome} black%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}destination %{} resolved from %{_temp_.cisco.list_id} list: %{}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - dissect: if: "ctx._temp_.cisco.message_id == '338005'" field: "message" + description: "338005" pattern: "Dynamic %{}ilter %{event.outcome} black%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}source %{} resolved from %{_temp_.cisco.list_id} list: %{source.domain}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - set: if: "ctx._temp_.cisco.message_id == '338005'" field: "server.domain" + description: "338005" value: "{{source.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338006'" field: "message" + description: "338006" pattern: "Dynamic %{}ilter %{event.outcome} black%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}destination %{} resolved from %{_temp_.cisco.list_id} list: %{destination.domain}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - set: if: "ctx._temp_.cisco.message_id == '338006'" field: "server.domain" + description: "338006" value: "{{destination.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338007'" field: "message" + description: "338007" pattern: "Dynamic %{}ilter %{event.outcome} black%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}source %{} resolved from %{_temp_.cisco.list_id} list: %{}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - dissect: if: "ctx._temp_.cisco.message_id == '338008'" field: "message" + description: "338008" pattern: "Dynamic %{}ilter %{event.outcome} black%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}destination %{} resolved from %{_temp_.cisco.list_id} list: %{}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - dissect: if: "ctx._temp_.cisco.message_id == '338101'" field: "message" + description: "338101" pattern: "Dynamic %{}ilter %{event.outcome} white%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}source %{} resolved from %{_temp_.cisco.list_id} list: %{source.domain}" - set: if: "ctx._temp_.cisco.message_id == '338101'" field: "server.domain" + description: "338101" value: "{{source.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338102'" field: "message" + description: "338102" pattern: "Dynamic %{}ilter %{event.outcome} white%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}destination %{} resolved from %{_temp_.cisco.list_id} list: %{destination.domain}" - set: if: "ctx._temp_.cisco.message_id == '338102'" field: "server.domain" + description: "338102" value: "{{destination.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338103'" field: "message" + description: "338103" pattern: "Dynamic %{}ilter %{event.outcome} white%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}source %{} resolved from %{_temp_.cisco.list_id} list: %{}" - dissect: if: "ctx._temp_.cisco.message_id == '338104'" field: "message" + description: "338104" pattern: "Dynamic %{}ilter %{event.outcome} white%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}destination %{} resolved from %{_temp_.cisco.list_id} list: %{}" - dissect: if: "ctx._temp_.cisco.message_id == '338201'" field: "message" + description: "338201" pattern: "Dynamic %{}ilter %{event.outcome} grey%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}source %{} resolved from %{_temp_.cisco.list_id} list: %{source.domain}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - set: if: "ctx._temp_.cisco.message_id == '338201'" field: "server.domain" + description: "338201" value: "{{source.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338202'" field: "message" + description: "338202" pattern: "Dynamic %{}ilter %{event.outcome} grey%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}destination %{} resolved from %{_temp_.cisco.list_id} list: %{destination.domain}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - set: if: "ctx._temp_.cisco.message_id == '338202'" field: "server.domain" + description: "338202" value: "{{destination.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338203'" field: "message" + description: "338203" pattern: "Dynamic %{}ilter %{event.outcome} grey%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}source %{} resolved from %{_temp_.cisco.list_id} list: %{source.domain}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - set: if: "ctx._temp_.cisco.message_id == '338203'" field: "server.domain" + description: "338203" value: "{{source.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338204'" field: "message" + description: "338204" pattern: "Dynamic %{}ilter %{event.outcome} grey%{}d %{network.transport} traffic from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})%{}destination %{} resolved from %{_temp_.cisco.list_id} list: %{destination.domain}, threat-level: %{_temp_.cisco.threat_level}, category: %{_temp_.cisco.threat_category}" - set: if: "ctx._temp_.cisco.message_id == '338204'" field: "server.domain" + description: "338204" value: "{{destination.domain}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '338301'" field: "message" + description: "338301" pattern: "Intercepted DNS reply for domain %{source.domain} from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port}, matched %{_temp_.cisco.list_id}" - set: if: "ctx._temp_.cisco.message_id == '338301'" field: "client.address" + description: "338301" value: "{{destination.address}}" ignore_empty_value: true - set: if: "ctx._temp_.cisco.message_id == '338301'" field: "client.port" + description: "338301" value: "{{destination.port}}" ignore_empty_value: true - set: if: "ctx._temp_.cisco.message_id == '338301'" field: "server.address" + description: "338301" value: "{{source.address}}" ignore_empty_value: true - set: if: "ctx._temp_.cisco.message_id == '338301'" field: "server.port" + description: "338301" value: "{{source.port}}" ignore_empty_value: true - dissect: if: "ctx._temp_.cisco.message_id == '502103'" field: "message" + description: "502103" pattern: "User priv level changed: Uname: %{host.user.name} From: %{_temp_.cisco.privilege.old} To: %{_temp_.cisco.privilege.new}" - append: if: "ctx._temp_.cisco.message_id == '502103'" field: "event.type" + description: "502103" value: - "group" - "change" - append: if: "ctx._temp_.cisco.message_id == '502103'" field: "event.category" + description: "502103" value: "iam" - dissect: if: "ctx._temp_.cisco.message_id == '507003'" field: "message" + description: "507003" pattern: "%{network.transport} flow from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} terminated by inspection engine, reason - %{message}" - dissect: if: '["605004", "605005"].contains(ctx._temp_.cisco.message_id)' field: "message" + description: "605004, 605005" pattern: 'Login %{event.outcome} from %{source.address}/%{source.port} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{network.protocol} for user "%{source.user.name}"' - dissect: if: "ctx._temp_.cisco.message_id == '609001'" field: "message" + description: "609001" pattern: "Built local-host %{_temp_.cisco.source_interface}:%{source.address}" - dissect: if: "ctx._temp_.cisco.message_id == '609002'" field: "message" + description: "609002" pattern: "Teardown local-host %{_temp_.cisco.source_interface}:%{source.address} duration %{_temp_.duration_hms}" - dissect: if: '["611102", "611101"].contains(ctx._temp_.cisco.message_id)' field: "message" + description: "611102, 611101" pattern: 'User authentication %{event.outcome}: IP address: %{source.address}, Uname: %{host.user.name}' - dissect: if: "ctx._temp_.cisco.message_id == '710003'" field: "message" + description: "710003" pattern: "%{network.transport} access denied by ACL from %{source.address}/%{source.port} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port}" - dissect: if: "ctx._temp_.cisco.message_id == '710005'" field: "message" + description: "710005" pattern: "%{network.transport} request discarded from %{source.address}/%{source.port} to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port}" - dissect: if: "ctx._temp_.cisco.message_id == '713049'" field: "message" + description: "713049" pattern: "Group = %{}, IP = %{source.address}, Security negotiation complete for LAN-to-LAN Group (%{}) %{}, Inbound SPI = %{}, Outbound SPI = %{}" - - dissect: + - grok: if: "ctx._temp_.cisco.message_id == '716002'" field: "message" - pattern: "Group %{} User %{source.user.name} IP %{source.address} WebVPN session terminated: %{event.reason}" - - dissect: + description: "716002" + patterns: + - "Group <%{NOTSPACE:_temp_.cisco.webvpn.group_name}> User <%{NOTSPACE:source.user.name}> IP <%{IP:source.address}> WebVPN session terminated: %{GREEDYDATA:event.reason}." + - "Group %{NOTSPACE:_temp_.cisco.webvpn.group_name} User %{NOTSPACE:source.user.name} IP %{IP:source.address} WebVPN session terminated: %{GREEDYDATA:event.reason}." + - grok: if: "ctx._temp_.cisco.message_id == '722051'" field: "message" - pattern: "Group %{} User <%{source.user.name}> IP <%{source.address}> IPv4 Address <%{_temp_.cisco.assigned_ip}> %{}" + description: "722051" + patterns: + - "Group <%{NOTSPACE:_temp_.cisco.webvpn.group_name}> User <%{NOTSPACE:source.user.name}> IP <%{IP:source.address}> IPv4 Address <%{IP:_temp_.cisco.assigned_ip}> %{GREEDYDATA}" + - "Group %{NOTSPACE:_temp_.cisco.webvpn.group_name} User %{NOTSPACE:source.user.name} IP %{IP:source.address} IPv4 Address %{IP:_temp_.cisco.assigned_ip} %{GREEDYDATA}" - dissect: if: "ctx._temp_.cisco.message_id == '733100'" field: "message" + description: "733100" pattern: "[%{_temp_.cisco.burst.object}] drop %{_temp_.cisco.burst.id} exceeded. Current burst rate is %{_temp_.cisco.burst.current_rate} per second, max configured rate is %{_temp_.cisco.burst.configured_rate}; Current average rate is %{_temp_.cisco.burst.avg_rate} per second, max configured rate is %{_temp_.cisco.burst.configured_avg_rate}; Cumulative total count is %{_temp_.cisco.burst.cumulative_count}" - dissect: if: "ctx._temp_.cisco.message_id == '734001'" field: "message" + description: "734001" pattern: "DAP: User %{user.email}, Addr %{source.address}, Connection %{_temp_.cisco.connection_type}: The following DAP records were selected for this connection: %{_temp_.cisco.dap_records->}" - dissect: if: "ctx._temp_.cisco.message_id == '805001'" field: "message" + description: "805001" pattern: "Offloaded %{network.transport} for connection %{_temp_.cisco.connection_id} from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})" - dissect: if: "ctx._temp_.cisco.message_id == '805002'" field: "message" + description: "805002" pattern: "%{network.transport} Flow is no longer offloaded for connection %{_temp_.cisco.connection_id} from %{_temp_.cisco.source_interface}:%{source.address}/%{source.port} (%{_temp_.natsrcip}/%{_temp_.cisco.mapped_source_port}) to %{_temp_.cisco.destination_interface}:%{destination.address}/%{destination.port} (%{_temp_.natdstip}/%{_temp_.cisco.mapped_destination_port})" - split: field: "_temp_.cisco.dap_records" @@ -584,12 +685,19 @@ processors: if: '["302012", "302014", "302016", "302018", "302020", "302021", "302036", "302304", "302306", "609001", "609002"].contains(ctx._temp_.cisco.message_id)' field: "event.action" value: "flow-expiration" + description: "302012, 302014, 302016, 302018, 302020, 302021, 302036, 302304, 302306, 609001, 609002" - grok: field: "message" if: '["302014", "302016", "302018", "302021", "302036", "302304", "302306"].contains(ctx._temp_.cisco.message_id)' + description: "302014, 302016, 302018, 302021, 302036, 302304, 302306" patterns: - - Teardown %{NOTSPACE:network.transport} (?:state-bypass )?connection %{NOTSPACE:_temp_.cisco.connection_id} (?:for|from) %{NOTCOLON:_temp_.cisco.source_interface}:%{DATA:source.address}/%{NUMBER:source.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.source_username} )?to %{NOTCOLON:_temp_.cisco.destination_interface}:%{DATA:destination.address}/%{NUMBER:destination.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.destination_username} )?(?:duration %{TIME:_temp_.duration_hms} bytes %{NUMBER:network.bytes:int})%{GREEDYDATA} - - Teardown %{NOTSPACE:network.transport} connection for faddr (?:%{NOTCOLON:_temp_.cisco.source_interface}:)?%{ECSDESTIPORHOST}/%{NUMBER}\s*(?:%{NOTSPACE:_temp_.cisco.destination_username} )?gaddr (?:%{NOTCOLON}:)?%{MAPPEDSRC}/%{NUMBER} laddr (?:%{NOTCOLON:_temp_.cisco.source_interface}:)?%{ECSSOURCEIPORHOST}/%{NUMBER}\s*(?:%{NOTSPACE:_temp_.cisco.source_username})?%{GREEDYDATA} + - Teardown %{NOTSPACE:network.transport} (?:state-bypass )?connection %{NOTSPACE:_temp_.cisco.connection_id} (?:for|from) %{NOTCOLON:_temp_.cisco.source_interface}:%{DATA:source.address}/%{NUMBER:source.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.source_username} )?to %{NOTCOLON:_temp_.cisco.destination_interface}:%{DATA:destination.address}/%{NUMBER:destination.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.destination_username} )?duration (?:%{TIME:_temp_.duration_hms} bytes %{NUMBER:network.bytes}) %{NOTCOLON:event.reason} from %{NOTCOLON:_temp_.cisco.termination_initiator} \(%{NOTSPACE:_temp_.cisco.termination_user}\) + - Teardown %{NOTSPACE:network.transport} (?:state-bypass )?connection %{NOTSPACE:_temp_.cisco.connection_id} (?:for|from) %{NOTCOLON:_temp_.cisco.source_interface}:%{DATA:source.address}/%{NUMBER:source.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.source_username} )?to %{NOTCOLON:_temp_.cisco.destination_interface}:%{DATA:destination.address}/%{NUMBER:destination.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.destination_username} )?duration (?:%{TIME:_temp_.duration_hms} bytes %{NUMBER:network.bytes}) %{NOTCOLON:event.reason} from %{NOTCOLON:_temp_.cisco.termination_initiator} + - Teardown %{NOTSPACE:network.transport} (?:state-bypass )?connection %{NOTSPACE:_temp_.cisco.connection_id} (?:for|from) %{NOTCOLON:_temp_.cisco.source_interface}:%{DATA:source.address}/%{NUMBER:source.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.source_username} )?to %{NOTCOLON:_temp_.cisco.destination_interface}:%{DATA:destination.address}/%{NUMBER:destination.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.destination_username} )?duration (?:%{TIME:_temp_.duration_hms} bytes %{NUMBER:network.bytes}) %{NOTCOLON:event.reason} \(%{NOTSPACE:_temp_.cisco.termination_user}\) + - Teardown %{NOTSPACE:network.transport} (?:state-bypass )?connection %{NOTSPACE:_temp_.cisco.connection_id} (?:for|from) %{NOTCOLON:_temp_.cisco.source_interface}:%{DATA:source.address}/%{NUMBER:source.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.source_username} )?to %{NOTCOLON:_temp_.cisco.destination_interface}:%{DATA:destination.address}/%{NUMBER:destination.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.destination_username} )?duration (?:%{TIME:_temp_.duration_hms} bytes %{NUMBER:network.bytes}) \(%{NOTSPACE:_temp_.cisco.termination_user}\) + - Teardown %{NOTSPACE:network.transport} (?:state-bypass )?connection %{NOTSPACE:_temp_.cisco.connection_id} (?:for|from) %{NOTCOLON:_temp_.cisco.source_interface}:%{DATA:source.address}/%{NUMBER:source.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.source_username} )?to %{NOTCOLON:_temp_.cisco.destination_interface}:%{DATA:destination.address}/%{NUMBER:destination.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.destination_username} )?duration (?:%{TIME:_temp_.duration_hms} bytes %{NUMBER:network.bytes}) %{NOTCOLON:event.reason} + - Teardown %{NOTSPACE:network.transport} (?:state-bypass )?connection %{NOTSPACE:_temp_.cisco.connection_id} (?:for|from) %{NOTCOLON:_temp_.cisco.source_interface}:%{DATA:source.address}/%{NUMBER:source.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.source_username} )?to %{NOTCOLON:_temp_.cisco.destination_interface}:%{DATA:destination.address}/%{NUMBER:destination.port:int}\s*(?:%{NOTSPACE:_temp_.cisco.destination_username} )?duration (?:%{TIME:_temp_.duration_hms} bytes %{NUMBER:network.bytes}) + - Teardown %{NOTSPACE:network.transport} connection for faddr (?:%{NOTCOLON:_temp_.cisco.source_interface}:)?%{ECSDESTIPORHOST}/%{NUMBER}\s*(?:\(%{NOTSPACE:_temp_.cisco.destination_username}\) )?gaddr (?:%{NOTCOLON}:)?%{MAPPEDSRC}/%{NUMBER} laddr (?:%{NOTCOLON:_temp_.cisco.source_interface}:)?%{ECSSOURCEIPORHOST}/%{NUMBER}\s*(?:\(%{NOTSPACE:_temp_.cisco.source_username}\))?(\s*type %{NUMBER:_temp_.cisco.icmp_type} code %{NUMBER:_temp_.cisco.icmp_code})? pattern_definitions: NOTCOLON: "[^:]*" ECSSOURCEIPORHOST: "(?:%{IP:source.address}|%{HOSTNAME:source.domain})" @@ -606,6 +714,7 @@ processors: - kv: if: '["430001", "430002", "430003", "430004", "430005", ""].contains(ctx._temp_.cisco.message_id)' field: "message" + description: "430001, 430002, 430003, 430004, 430005" field_split: ",(?=[A-za-z1-9\\s]+:)" value_split: ":" target_field: "_temp_.orig_security" @@ -1238,7 +1347,7 @@ processors: value: "ipv6-icmp" # - # Convert integer fields, as output of dissect and kv processors is always a string + # Convert numeric fields to integer or long, as output of dissect and kv processors is always a string # - convert: field: "source.port" @@ -1250,11 +1359,15 @@ processors: ignore_failure: true - convert: field: "source.bytes" - type: integer + type: long ignore_failure: true - convert: field: "destination.bytes" - type: integer + type: long + ignore_failure: true + - convert: + field: "network.bytes" + type: long ignore_failure: true - convert: field: "source.packets" @@ -1632,7 +1745,7 @@ processors: - append: field: related.user value: "{{user.name}}" - if: "ctx?.user?.name != null && ctx?.user?.name != ''" + if: ctx?.user?.name != null && ctx?.user?.name != '' allow_duplicates: false - append: field: related.user @@ -1647,8 +1760,8 @@ processors: - append: field: related.user value: "{{destination.user.name}}" + if: ctx?.destination?.user?.name != null && ctx?.destination?.user?.name != '' allow_duplicates: false - if: "ctx?.destination?.user?.name != null" - append: field: related.hash value: "{{file.hash.sha256}}"