From 079a7e82baeff219e9b82c10ffc69984752c7ced Mon Sep 17 00:00:00 2001 From: Alison Goryachev Date: Mon, 7 Dec 2020 12:55:53 -0500 Subject: [PATCH 01/11] Integrate painless autocomplete in runtime fields editor (#84943) --- packages/kbn-monaco/src/index.ts | 2 +- packages/kbn-monaco/src/painless/index.ts | 2 +- packages/kbn-monaco/src/painless/language.ts | 7 ++- .../src/painless/services/editor_state.ts | 8 +-- packages/kbn-monaco/src/painless/types.ts | 2 +- .../src/painless/worker/lib/autocomplete.ts | 8 ++- .../src/painless/worker/painless_worker.ts | 4 +- .../runtime_fields/runtime_fields_list.tsx | 5 +- x-pack/plugins/runtime_fields/README.md | 6 +- .../runtime_field_editor.test.tsx | 4 +- .../runtime_field_form/runtime_field_form.tsx | 58 +++++++++++++++++-- 11 files changed, 82 insertions(+), 24 deletions(-) diff --git a/packages/kbn-monaco/src/index.ts b/packages/kbn-monaco/src/index.ts index dcfcb5fbfc63f..41600d96ff7c9 100644 --- a/packages/kbn-monaco/src/index.ts +++ b/packages/kbn-monaco/src/index.ts @@ -22,7 +22,7 @@ import './register_globals'; export { monaco } from './monaco_imports'; export { XJsonLang } from './xjson'; -export { PainlessLang, PainlessContext } from './painless'; +export { PainlessLang, PainlessContext, PainlessAutocompleteField } from './painless'; /* eslint-disable-next-line @kbn/eslint/module_migration */ import * as BarePluginApi from 'monaco-editor/esm/vs/editor/editor.api'; diff --git a/packages/kbn-monaco/src/painless/index.ts b/packages/kbn-monaco/src/painless/index.ts index 3c81f265f9b0d..4693fa2418b66 100644 --- a/packages/kbn-monaco/src/painless/index.ts +++ b/packages/kbn-monaco/src/painless/index.ts @@ -23,4 +23,4 @@ import { getSuggestionProvider } from './language'; export const PainlessLang = { ID, getSuggestionProvider, lexerRules }; -export { PainlessContext } from './types'; +export { PainlessContext, PainlessAutocompleteField } from './types'; diff --git a/packages/kbn-monaco/src/painless/language.ts b/packages/kbn-monaco/src/painless/language.ts index f64094dbb482e..b38dac2c7baf7 100644 --- a/packages/kbn-monaco/src/painless/language.ts +++ b/packages/kbn-monaco/src/painless/language.ts @@ -21,7 +21,7 @@ import { monaco } from '../monaco_imports'; import { WorkerProxyService, EditorStateService } from './services'; import { ID } from './constants'; -import { PainlessContext, Field } from './types'; +import { PainlessContext, PainlessAutocompleteField } from './types'; import { PainlessWorker } from './worker'; import { PainlessCompletionAdapter } from './completion_adapter'; @@ -38,7 +38,10 @@ monaco.languages.onLanguage(ID, async () => { workerProxyService.setup(); }); -export const getSuggestionProvider = (context: PainlessContext, fields?: Field[]) => { +export const getSuggestionProvider = ( + context: PainlessContext, + fields?: PainlessAutocompleteField[] +) => { editorStateService.setup(context, fields); return new PainlessCompletionAdapter(worker, editorStateService); diff --git a/packages/kbn-monaco/src/painless/services/editor_state.ts b/packages/kbn-monaco/src/painless/services/editor_state.ts index b54744152e34d..3003f266dca62 100644 --- a/packages/kbn-monaco/src/painless/services/editor_state.ts +++ b/packages/kbn-monaco/src/painless/services/editor_state.ts @@ -17,16 +17,16 @@ * under the License. */ -import { PainlessContext, Field } from '../types'; +import { PainlessContext, PainlessAutocompleteField } from '../types'; export interface EditorState { context: PainlessContext; - fields?: Field[]; + fields?: PainlessAutocompleteField[]; } export class EditorStateService { context: PainlessContext = 'painless_test'; - fields: Field[] = []; + fields: PainlessAutocompleteField[] = []; public getState(): EditorState { return { @@ -35,7 +35,7 @@ export class EditorStateService { }; } - public setup(context: PainlessContext, fields?: Field[]) { + public setup(context: PainlessContext, fields?: PainlessAutocompleteField[]) { this.context = context; if (fields) { diff --git a/packages/kbn-monaco/src/painless/types.ts b/packages/kbn-monaco/src/painless/types.ts index 8afc3dc7ddd88..a56ca4f9b695a 100644 --- a/packages/kbn-monaco/src/painless/types.ts +++ b/packages/kbn-monaco/src/painless/types.ts @@ -51,7 +51,7 @@ export interface PainlessCompletionResult { suggestions: PainlessCompletionItem[]; } -export interface Field { +export interface PainlessAutocompleteField { name: string; type: string; } diff --git a/packages/kbn-monaco/src/painless/worker/lib/autocomplete.ts b/packages/kbn-monaco/src/painless/worker/lib/autocomplete.ts index 5536da828be42..e8e795e99b259 100644 --- a/packages/kbn-monaco/src/painless/worker/lib/autocomplete.ts +++ b/packages/kbn-monaco/src/painless/worker/lib/autocomplete.ts @@ -23,7 +23,7 @@ import { PainlessCompletionResult, PainlessCompletionItem, PainlessContext, - Field, + PainlessAutocompleteField, } from '../../types'; import { @@ -124,7 +124,9 @@ export const getClassMemberSuggestions = ( }; }; -export const getFieldSuggestions = (fields: Field[]): PainlessCompletionResult => { +export const getFieldSuggestions = ( + fields: PainlessAutocompleteField[] +): PainlessCompletionResult => { const suggestions: PainlessCompletionItem[] = fields.map(({ name }) => { return { label: name, @@ -168,7 +170,7 @@ export const getConstructorSuggestions = (suggestions: Suggestion[]): PainlessCo export const getAutocompleteSuggestions = ( painlessContext: PainlessContext, words: string[], - fields?: Field[] + fields?: PainlessAutocompleteField[] ): PainlessCompletionResult => { const suggestions = mapContextToData[painlessContext].suggestions; // What the user is currently typing diff --git a/packages/kbn-monaco/src/painless/worker/painless_worker.ts b/packages/kbn-monaco/src/painless/worker/painless_worker.ts index 357d81354ac43..9c39659519163 100644 --- a/packages/kbn-monaco/src/painless/worker/painless_worker.ts +++ b/packages/kbn-monaco/src/painless/worker/painless_worker.ts @@ -17,7 +17,7 @@ * under the License. */ -import { PainlessCompletionResult, PainlessContext, Field } from '../types'; +import { PainlessCompletionResult, PainlessContext, PainlessAutocompleteField } from '../types'; import { getAutocompleteSuggestions } from './lib'; @@ -25,7 +25,7 @@ export class PainlessWorker { public provideAutocompleteSuggestions( currentLineChars: string, context: PainlessContext, - fields?: Field[] + fields?: PainlessAutocompleteField[] ): PainlessCompletionResult { // Array of the active line words, e.g., [boolean, isTrue, =, true] const words = currentLineChars.replace('\t', '').split(' '); diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/runtime_fields/runtime_fields_list.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/runtime_fields/runtime_fields_list.tsx index dce5ad1657d38..4033c0f2fe456 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/runtime_fields/runtime_fields_list.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/runtime_fields/runtime_fields_list.tsx @@ -78,7 +78,10 @@ export const RuntimeFieldsList = () => { docLinks: docLinks!, ctx: { namesNotAllowed: Object.values(runtimeFields).map((field) => field.source.name), - existingConcreteFields: Object.values(fields.byId).map((field) => field.source.name), + existingConcreteFields: Object.values(fields.byId).map((field) => ({ + name: field.source.name, + type: field.source.type, + })), }, }, flyoutProps: { diff --git a/x-pack/plugins/runtime_fields/README.md b/x-pack/plugins/runtime_fields/README.md index e682d77f7a884..eb7b31e6e1154 100644 --- a/x-pack/plugins/runtime_fields/README.md +++ b/x-pack/plugins/runtime_fields/README.md @@ -90,8 +90,12 @@ interface Context { * An array of existing concrete fields. If the user gives a name to the runtime * field that matches one of the concrete fields, a callout will be displayed * to indicate that this runtime field will shadow the concrete field. + * This array is also used to provide the list of field autocomplete suggestions to the code editor */ - existingConcreteFields?: string[]; + existingConcreteFields?: Array<{ + name: string; + type: string; + }>; } ``` diff --git a/x-pack/plugins/runtime_fields/public/components/runtime_field_editor/runtime_field_editor.test.tsx b/x-pack/plugins/runtime_fields/public/components/runtime_field_editor/runtime_field_editor.test.tsx index a8f90810a1212..89f795633e9d1 100644 --- a/x-pack/plugins/runtime_fields/public/components/runtime_field_editor/runtime_field_editor.test.tsx +++ b/x-pack/plugins/runtime_fields/public/components/runtime_field_editor/runtime_field_editor.test.tsx @@ -78,7 +78,7 @@ describe('Runtime field editor', () => { }); test('should accept a list of existing concrete fields and display a callout when shadowing one of the fields', async () => { - const existingConcreteFields = ['myConcreteField']; + const existingConcreteFields = [{ name: 'myConcreteField', type: 'keyword' }]; testBed = setup({ onChange, docLinks, ctx: { existingConcreteFields } }); @@ -87,7 +87,7 @@ describe('Runtime field editor', () => { expect(exists('shadowingFieldCallout')).toBe(false); await act(async () => { - form.setInputValue('nameField.input', existingConcreteFields[0]); + form.setInputValue('nameField.input', existingConcreteFields[0].name); }); component.update(); diff --git a/x-pack/plugins/runtime_fields/public/components/runtime_field_form/runtime_field_form.tsx b/x-pack/plugins/runtime_fields/public/components/runtime_field_form/runtime_field_form.tsx index 2ed6df537a6fe..f64bdaacd7ff2 100644 --- a/x-pack/plugins/runtime_fields/public/components/runtime_field_form/runtime_field_form.tsx +++ b/x-pack/plugins/runtime_fields/public/components/runtime_field_form/runtime_field_form.tsx @@ -3,9 +3,9 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import React, { useEffect } from 'react'; +import React, { useEffect, useState, useCallback } from 'react'; import { i18n } from '@kbn/i18n'; -import { PainlessLang } from '@kbn/monaco'; +import { PainlessLang, PainlessContext } from '@kbn/monaco'; import { EuiFlexGroup, EuiFlexItem, @@ -28,7 +28,7 @@ import { ValidationFunc, FieldConfig, } from '../../shared_imports'; -import { RuntimeField } from '../../types'; +import { RuntimeField, RuntimeType } from '../../types'; import { RUNTIME_FIELD_OPTIONS } from '../../constants'; import { schema } from './schema'; @@ -38,6 +38,11 @@ export interface FormState { submit: FormHook['submit']; } +interface Field { + name: string; + type: string; +} + export interface Props { links: { runtimePainless: string; @@ -54,8 +59,9 @@ export interface Props { * An array of existing concrete fields. If the user gives a name to the runtime * field that matches one of the concrete fields, a callout will be displayed * to indicate that this runtime field will shadow the concrete field. + * It is also used to provide the list of field autocomplete suggestions to the code editor. */ - existingConcreteFields?: string[]; + existingConcreteFields?: Field[]; }; } @@ -105,18 +111,51 @@ const getNameFieldConfig = ( }; }; +const mapReturnTypeToPainlessContext = (runtimeType: RuntimeType): PainlessContext => { + switch (runtimeType) { + case 'keyword': + return 'string_script_field_script_field'; + case 'long': + return 'long_script_field_script_field'; + case 'double': + return 'double_script_field_script_field'; + case 'date': + return 'date_script_field'; + case 'ip': + return 'ip_script_field_script_field'; + case 'boolean': + return 'boolean_script_field_script_field'; + default: + return 'string_script_field_script_field'; + } +}; + const RuntimeFieldFormComp = ({ defaultValue, onChange, links, ctx: { namesNotAllowed, existingConcreteFields = [] } = {}, }: Props) => { + const typeFieldConfig = schema.type as FieldConfig; + + const [painlessContext, setPainlessContext] = useState( + mapReturnTypeToPainlessContext(typeFieldConfig!.defaultValue!) + ); const { form } = useForm({ defaultValue, schema }); const { submit, isValid: isFormValid, isSubmitted } = form; const [{ name }] = useFormData({ form, watch: 'name' }); const nameFieldConfig = getNameFieldConfig(namesNotAllowed, defaultValue); + const onTypeChange = useCallback((newType: Array>) => { + setPainlessContext(mapReturnTypeToPainlessContext(newType[0]!.value!)); + }, []); + + const suggestionProvider = PainlessLang.getSuggestionProvider( + painlessContext, + existingConcreteFields + ); + useEffect(() => { if (onChange) { onChange({ isValid: isFormValid, isSubmitted, submit }); @@ -145,7 +184,10 @@ const RuntimeFieldFormComp = ({ {/* Return type */} - path="type"> + >> + path="type" + onChange={onTypeChange} + > {({ label, value, setValue }) => { if (value === undefined) { return null; @@ -185,7 +227,7 @@ const RuntimeFieldFormComp = ({ - {existingConcreteFields.includes(name) && ( + {existingConcreteFields.find((field) => field.name === name) && ( <> Date: Mon, 7 Dec 2020 11:17:48 -0700 Subject: [PATCH 02/11] [dev/cli] don't filter inspect flags (#85156) Co-authored-by: spalger --- src/dev/cli_dev_mode/using_server_process.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/dev/cli_dev_mode/using_server_process.ts b/src/dev/cli_dev_mode/using_server_process.ts index 23423fcacb2fc..438e1001672a2 100644 --- a/src/dev/cli_dev_mode/using_server_process.ts +++ b/src/dev/cli_dev_mode/using_server_process.ts @@ -41,7 +41,7 @@ export function usingServerProcess( nodeOptions: [ ...process.execArgv, ...(ACTIVE_INSPECT_FLAG ? [`${ACTIVE_INSPECT_FLAG}=${process.debugPort + 1}`] : []), - ].filter((arg) => !arg.includes('inspect')), + ], env: { ...process.env, NODE_OPTIONS: process.env.NODE_OPTIONS, From 3d3eb40964b11e755b21e220f564bc186ac51914 Mon Sep 17 00:00:00 2001 From: Davis Plumlee <56367316+dplumlee@users.noreply.github.com> Date: Mon, 7 Dec 2020 13:34:15 -0500 Subject: [PATCH 03/11] [Security Solution][Detection Rules] Mitre subtechniques (#83511) --- .../schemas/common/schemas.ts | 30 +- .../schemas/types/threat.mock.ts | 32 + .../cypress/helpers/rules.ts | 21 + .../alerts_detection_rules_custom.spec.ts | 7 +- .../alerts_detection_rules_eql.spec.ts | 7 +- ...ts_detection_rules_indicator_match.spec.ts | 7 +- .../alerts_detection_rules_ml.spec.ts | 7 +- .../alerts_detection_rules_override.spec.ts | 7 +- .../alerts_detection_rules_threshold.spec.ts | 7 +- .../security_solution/cypress/objects/rule.ts | 37 +- .../cypress/screens/create_new_rule.ts | 15 +- .../cypress/tasks/create_new_rule.ts | 56 +- .../components/rules/add_item_form/index.tsx | 6 +- .../rules/description_step/helpers.test.tsx | 68 +- .../rules/description_step/helpers.tsx | 39 +- .../rules/description_step/index.tsx | 7 +- .../components/rules/mitre/helpers.test.tsx | 68 +- .../components/rules/mitre/helpers.ts | 22 +- .../components/rules/mitre/index.test.tsx | 6 +- .../components/rules/mitre/index.tsx | 290 +- .../rules/mitre/subtechnique_fields.tsx | 204 + .../rules/mitre/technique_fields.tsx | 195 + .../components/rules/mitre/translations.ts | 51 +- .../rules/step_about_rule/index.tsx | 4 +- .../rules/step_about_rule/schema.tsx | 9 +- .../mitre/mitre_tactics_techniques.ts | 9746 +++++++++++++---- .../public/detections/mitre/types.ts | 4 + .../detections/mitre/valid_threat_mock.ts | 25 + .../rules/all/__mocks__/mock.ts | 37 +- .../rules/create/helpers.test.ts | 112 +- .../detection_engine/rules/create/helpers.ts | 43 +- .../detection_engine/rules/helpers.test.tsx | 19 +- .../pages/detection_engine/rules/types.ts | 10 +- .../extract_tactics_techniques_mitre.js | 85 +- .../routes/__mocks__/request_responses.ts | 19 +- .../routes/__mocks__/utils.ts | 19 +- .../routes/index/get_signals_template.ts | 2 +- .../routes/index/signals_mapping.json | 13 + .../routes/rules/validate.test.ts | 19 +- .../rules/get_export_all.test.ts | 19 +- .../rules/get_export_by_object_ids.test.ts | 37 +- .../rules/patch_rules.mock.ts | 1 + .../translations/translations/ja-JP.json | 148 - .../translations/translations/zh-CN.json | 148 - 44 files changed, 8733 insertions(+), 2975 deletions(-) create mode 100644 x-pack/plugins/security_solution/common/detection_engine/schemas/types/threat.mock.ts create mode 100644 x-pack/plugins/security_solution/cypress/helpers/rules.ts create mode 100644 x-pack/plugins/security_solution/public/detections/components/rules/mitre/subtechnique_fields.tsx create mode 100644 x-pack/plugins/security_solution/public/detections/components/rules/mitre/technique_fields.tsx create mode 100644 x-pack/plugins/security_solution/public/detections/mitre/valid_threat_mock.ts diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts index ff76a0fcb5593..09c6db5f16acf 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts @@ -413,16 +413,32 @@ export const threat_tactic = t.type({ name: threat_tactic_name, reference: threat_tactic_reference, }); +export const threat_subtechnique_id = t.string; +export const threat_subtechnique_name = t.string; +export const threat_subtechnique_reference = t.string; +export const threat_subtechnique = t.type({ + id: threat_subtechnique_id, + name: threat_subtechnique_name, + reference: threat_subtechnique_reference, +}); +export const threat_subtechniques = t.array(threat_subtechnique); export const threat_technique_id = t.string; export const threat_technique_name = t.string; export const threat_technique_reference = t.string; -export const threat_technique = t.exact( - t.type({ - id: threat_technique_id, - name: threat_technique_name, - reference: threat_technique_reference, - }) -); +export const threat_technique = t.intersection([ + t.exact( + t.type({ + id: threat_technique_id, + name: threat_technique_name, + reference: threat_technique_reference, + }) + ), + t.exact( + t.partial({ + subtechnique: threat_subtechniques, + }) + ), +]); export const threat_techniques = t.array(threat_technique); export const threat = t.array( t.exact( diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/threat.mock.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/threat.mock.ts new file mode 100644 index 0000000000000..083c902dea9d4 --- /dev/null +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/threat.mock.ts @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Threat } from '../common/schemas'; + +export const getThreatMock = (): Threat => [ + { + framework: 'MITRE ATT&CK', + tactic: { + id: 'TA0000', + name: 'test tactic', + reference: 'https://attack.mitre.org/tactics/TA0000/', + }, + technique: [ + { + id: 'T0000', + name: 'test technique', + reference: 'https://attack.mitre.org/techniques/T0000/', + subtechnique: [ + { + id: 'T0000.000', + name: 'test subtechnique', + reference: 'https://attack.mitre.org/techniques/T0000/000/', + }, + ], + }, + ], + }, +]; diff --git a/x-pack/plugins/security_solution/cypress/helpers/rules.ts b/x-pack/plugins/security_solution/cypress/helpers/rules.ts new file mode 100644 index 0000000000000..3d977e7381573 --- /dev/null +++ b/x-pack/plugins/security_solution/cypress/helpers/rules.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Mitre } from '../objects/rule'; + +export const formatMitreAttackDescription = (mitre: Mitre[]) => { + return mitre + .map( + (threat) => + threat.tactic + + threat.techniques + .map((technique) => { + return technique.name + technique.subtechniques.join(''); + }) + .join('') + ) + .join(''); +}; diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts index 5fee3c0bce13c..36a4099812b55 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { formatMitreAttackDescription } from '../helpers/rules'; import { newRule, existingRule, indexPatterns, editedRule } from '../objects/rule'; import { ALERT_RULE_METHOD, @@ -105,11 +106,7 @@ import { DETECTIONS_URL } from '../urls/navigation'; const expectedUrls = newRule.referenceUrls.join(''); const expectedFalsePositives = newRule.falsePositivesExamples.join(''); const expectedTags = newRule.tags.join(''); -const expectedMitre = newRule.mitre - .map(function (mitre) { - return mitre.tactic + mitre.techniques.join(''); - }) - .join(''); +const expectedMitre = formatMitreAttackDescription(newRule.mitre); const expectedNumberOfRules = 1; const expectedEditedtags = editedRule.tags.join(''); const expectedEditedIndexPatterns = diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_eql.spec.ts b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_eql.spec.ts index 22d2a144932bf..d8bdafe2d6ce0 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_eql.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_eql.spec.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { formatMitreAttackDescription } from '../helpers/rules'; import { eqlRule, eqlSequenceRule, indexPatterns } from '../objects/rule'; import { @@ -79,11 +80,7 @@ import { DETECTIONS_URL } from '../urls/navigation'; const expectedUrls = eqlRule.referenceUrls.join(''); const expectedFalsePositives = eqlRule.falsePositivesExamples.join(''); const expectedTags = eqlRule.tags.join(''); -const expectedMitre = eqlRule.mitre - .map(function (mitre) { - return mitre.tactic + mitre.techniques.join(''); - }) - .join(''); +const expectedMitre = formatMitreAttackDescription(eqlRule.mitre); const expectedNumberOfRules = 1; const expectedNumberOfAlerts = 7; const expectedNumberOfSequenceAlerts = 1; diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_indicator_match.spec.ts b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_indicator_match.spec.ts index 03e714f2381c6..193d5939d04af 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_indicator_match.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_indicator_match.spec.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { formatMitreAttackDescription } from '../helpers/rules'; import { newThreatIndicatorRule } from '../objects/rule'; import { @@ -83,11 +84,7 @@ import { DETECTIONS_URL } from '../urls/navigation'; const expectedUrls = newThreatIndicatorRule.referenceUrls.join(''); const expectedFalsePositives = newThreatIndicatorRule.falsePositivesExamples.join(''); const expectedTags = newThreatIndicatorRule.tags.join(''); -const expectedMitre = newThreatIndicatorRule.mitre - .map(function (mitre) { - return mitre.tactic + mitre.techniques.join(''); - }) - .join(''); +const expectedMitre = formatMitreAttackDescription(newThreatIndicatorRule.mitre); const expectedNumberOfRules = 1; const expectedNumberOfAlerts = 1; diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_ml.spec.ts b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_ml.spec.ts index 061b66faca054..9669b4ed4c78b 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_ml.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_ml.spec.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { formatMitreAttackDescription } from '../helpers/rules'; import { machineLearningRule, totalNumberOfPrebuiltRulesInEsArchive } from '../objects/rule'; import { @@ -67,11 +68,7 @@ import { DETECTIONS_URL } from '../urls/navigation'; const expectedUrls = machineLearningRule.referenceUrls.join(''); const expectedFalsePositives = machineLearningRule.falsePositivesExamples.join(''); const expectedTags = machineLearningRule.tags.join(''); -const expectedMitre = machineLearningRule.mitre - .map(function (mitre) { - return mitre.tactic + mitre.techniques.join(''); - }) - .join(''); +const expectedMitre = formatMitreAttackDescription(machineLearningRule.mitre); const expectedNumberOfRules = totalNumberOfPrebuiltRulesInEsArchive + 1; describe('Detection rules, machine learning', () => { diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_override.spec.ts b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_override.spec.ts index b1ccca5e4f13c..afbdafdc27b81 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_override.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_override.spec.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { formatMitreAttackDescription } from '../helpers/rules'; import { indexPatterns, newOverrideRule, severitiesOverride } from '../objects/rule'; import { NUMBER_OF_ALERTS, @@ -83,11 +84,7 @@ import { DETECTIONS_URL } from '../urls/navigation'; const expectedUrls = newOverrideRule.referenceUrls.join(''); const expectedFalsePositives = newOverrideRule.falsePositivesExamples.join(''); const expectedTags = newOverrideRule.tags.join(''); -const expectedMitre = newOverrideRule.mitre - .map(function (mitre) { - return mitre.tactic + mitre.techniques.join(''); - }) - .join(''); +const expectedMitre = formatMitreAttackDescription(newOverrideRule.mitre); describe('Detection rules, override', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_threshold.spec.ts b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_threshold.spec.ts index c3e7892d63279..ad4bfa101652f 100644 --- a/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_threshold.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_threshold.spec.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { formatMitreAttackDescription } from '../helpers/rules'; import { indexPatterns, newThresholdRule } from '../objects/rule'; import { ALERT_RULE_METHOD, @@ -80,11 +81,7 @@ import { DETECTIONS_URL } from '../urls/navigation'; const expectedUrls = newThresholdRule.referenceUrls.join(''); const expectedFalsePositives = newThresholdRule.falsePositivesExamples.join(''); const expectedTags = newThresholdRule.tags.join(''); -const expectedMitre = newThresholdRule.mitre - .map(function (mitre) { - return mitre.tactic + mitre.techniques.join(''); - }) - .join(''); +const expectedMitre = formatMitreAttackDescription(newThresholdRule.mitre); describe('Detection rules, threshold', () => { before(() => { diff --git a/x-pack/plugins/security_solution/cypress/objects/rule.ts b/x-pack/plugins/security_solution/cypress/objects/rule.ts index 06046b9385712..5a3cf53b776fb 100644 --- a/x-pack/plugins/security_solution/cypress/objects/rule.ts +++ b/x-pack/plugins/security_solution/cypress/objects/rule.ts @@ -4,8 +4,10 @@ * you may not use this file except in compliance with the Elastic License. */ -// eslint-disable-next-line @kbn/eslint/no-restricted-paths +/* eslint-disable @kbn/eslint/no-restricted-paths */ +import { mockThreatData } from '../../public/detections/mitre/mitre_tactics_techniques'; import { rawRules } from '../../server/lib/detection_engine/rules/prepackaged_rules/index'; +/* eslint-enable @kbn/eslint/no-restricted-paths */ export const totalNumberOfPrebuiltRules = rawRules.length; @@ -13,9 +15,14 @@ export const totalNumberOfPrebuiltRulesInEsArchive = 127; export const totalNumberOfPrebuiltRulesInEsArchiveCustomRule = 145; -interface Mitre { +interface MitreAttackTechnique { + name: string; + subtechniques: string[]; +} + +export interface Mitre { tactic: string; - techniques: string[]; + techniques: MitreAttackTechnique[]; } interface SeverityOverride { @@ -93,14 +100,30 @@ export const indexPatterns = [ 'winlogbeat-*', ]; +const { tactic, technique, subtechnique } = mockThreatData; + const mitre1: Mitre = { - tactic: 'Discovery (TA0007)', - techniques: ['Cloud Service Discovery (T1526)', 'File and Directory Discovery (T1083)'], + tactic: `${tactic.name} (${tactic.id})`, + techniques: [ + { + name: `${technique.name} (${technique.id})`, + subtechniques: [`${subtechnique.name} (${subtechnique.id})`], + }, + { + name: `${technique.name} (${technique.id})`, + subtechniques: [], + }, + ], }; const mitre2: Mitre = { - tactic: 'Execution (TA0002)', - techniques: ['CMSTP (T1191)'], + tactic: `${tactic.name} (${tactic.id})`, + techniques: [ + { + name: `${technique.name} (${technique.id})`, + subtechniques: [`${subtechnique.name} (${subtechnique.id})`], + }, + ], }; const severityOverride1: SeverityOverride = { diff --git a/x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts b/x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts index ab9347f1862cc..17567b61ad314 100644 --- a/x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts +++ b/x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts @@ -23,8 +23,6 @@ export const ADD_REFERENCE_URL_BTN = export const ANOMALY_THRESHOLD_INPUT = '[data-test-subj="anomalyThresholdSlider"] .euiFieldNumber'; -export const MITRE_BTN = '[data-test-subj="addMitre"]'; - export const ADVANCED_SETTINGS_BTN = '[data-test-subj="advancedSettings"] .euiAccordion__button'; export const COMBO_BOX_CLEAR_BTN = '[data-test-subj="comboBoxClearButton"]'; @@ -85,10 +83,17 @@ export const MACHINE_LEARNING_TYPE = '[data-test-subj="machineLearningRuleType"] export const MITRE_TACTIC = '.euiContextMenuItem__text'; -export const MITRE_TACTIC_DROPDOWN = '[data-test-subj="mitreTactic"]'; +export const MITRE_ATTACK_TACTIC_DROPDOWN = '[data-test-subj="mitreAttackTactic"]'; + +export const MITRE_ATTACK_TECHNIQUE_DROPDOWN = '[data-test-subj="mitreAttackTechnique"]'; + +export const MITRE_ATTACK_SUBTECHNIQUE_DROPDOWN = '[data-test-subj="mitreAttackSubtechnique"]'; + +export const MITRE_ATTACK_ADD_TACTIC_BUTTON = '[data-test-subj="addMitreAttackTactic"]'; + +export const MITRE_ATTACK_ADD_TECHNIQUE_BUTTON = '[data-test-subj="addMitreAttackTechnique"]'; -export const MITRE_TECHNIQUES_INPUT = - '[data-test-subj="mitreTechniques"] [data-test-subj="comboBoxSearchInput"]'; +export const MITRE_ATTACK_ADD_SUBTECHNIQUE_BUTTON = '[data-test-subj="addMitreAttackSubtechnique"]'; export const QUERY_PREVIEW_BUTTON = '[data-test-subj="queryPreviewButton"]'; diff --git a/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts b/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts index 219c6496ee893..7882885ea0598 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts +++ b/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts @@ -35,10 +35,7 @@ import { MACHINE_LEARNING_DROPDOWN, MACHINE_LEARNING_LIST, MACHINE_LEARNING_TYPE, - MITRE_BTN, MITRE_TACTIC, - MITRE_TACTIC_DROPDOWN, - MITRE_TECHNIQUES_INPUT, REFERENCE_URLS_INPUT, REFRESH_BUTTON, RISK_INPUT, @@ -67,6 +64,12 @@ import { EQL_QUERY_VALIDATION_SPINNER, COMBO_BOX_CLEAR_BTN, COMBO_BOX_RESULT, + MITRE_ATTACK_TACTIC_DROPDOWN, + MITRE_ATTACK_TECHNIQUE_DROPDOWN, + MITRE_ATTACK_SUBTECHNIQUE_DROPDOWN, + MITRE_ATTACK_ADD_TACTIC_BUTTON, + MITRE_ATTACK_ADD_SUBTECHNIQUE_BUTTON, + MITRE_ATTACK_ADD_TECHNIQUE_BUTTON, } from '../screens/create_new_rule'; import { NOTIFICATION_TOASTS, TOAST_ERROR_CLASS } from '../screens/shared'; import { TIMELINE } from '../screens/timelines'; @@ -109,18 +112,29 @@ export const fillAboutRule = ( cy.get(ADD_FALSE_POSITIVE_BTN).click({ force: true }); }); - rule.mitre.forEach((mitre, index) => { - cy.get(MITRE_TACTIC_DROPDOWN).eq(index).click({ force: true }); + let techniqueIndex = 0; + let subtechniqueInputIndex = 0; + rule.mitre.forEach((mitre, tacticIndex) => { + cy.get(MITRE_ATTACK_TACTIC_DROPDOWN).eq(tacticIndex).click({ force: true }); cy.contains(MITRE_TACTIC, mitre.tactic).click(); mitre.techniques.forEach((technique) => { - cy.get(MITRE_TECHNIQUES_INPUT) - .eq(index) - .clear({ force: true }) - .type(`${technique}{enter}`, { force: true }); + cy.get(MITRE_ATTACK_ADD_TECHNIQUE_BUTTON).eq(tacticIndex).click({ force: true }); + cy.get(MITRE_ATTACK_TECHNIQUE_DROPDOWN).eq(techniqueIndex).click({ force: true }); + cy.contains(MITRE_TACTIC, technique.name).click(); + + technique.subtechniques.forEach((subtechnique) => { + cy.get(MITRE_ATTACK_ADD_SUBTECHNIQUE_BUTTON).eq(techniqueIndex).click({ force: true }); + cy.get(MITRE_ATTACK_SUBTECHNIQUE_DROPDOWN) + .eq(subtechniqueInputIndex) + .click({ force: true }); + cy.contains(MITRE_TACTIC, subtechnique).click(); + subtechniqueInputIndex++; + }); + techniqueIndex++; }); - cy.get(MITRE_BTN).click({ force: true }); + cy.get(MITRE_ATTACK_ADD_TACTIC_BUTTON).click({ force: true }); }); cy.get(INVESTIGATION_NOTES_TEXTAREA).clear({ force: true }).type(rule.note, { force: true }); @@ -173,15 +187,29 @@ export const fillAboutRuleWithOverrideAndContinue = (rule: OverrideRule) => { cy.get(ADD_FALSE_POSITIVE_BTN).click({ force: true }); }); - rule.mitre.forEach((mitre, index) => { - cy.get(MITRE_TACTIC_DROPDOWN).eq(index).click({ force: true }); + let techniqueIndex = 0; + let subtechniqueInputIndex = 0; + rule.mitre.forEach((mitre, tacticIndex) => { + cy.get(MITRE_ATTACK_TACTIC_DROPDOWN).eq(tacticIndex).click({ force: true }); cy.contains(MITRE_TACTIC, mitre.tactic).click(); mitre.techniques.forEach((technique) => { - cy.get(MITRE_TECHNIQUES_INPUT).eq(index).type(`${technique}{enter}`, { force: true }); + cy.get(MITRE_ATTACK_ADD_TECHNIQUE_BUTTON).eq(tacticIndex).click({ force: true }); + cy.get(MITRE_ATTACK_TECHNIQUE_DROPDOWN).eq(techniqueIndex).click({ force: true }); + cy.contains(MITRE_TACTIC, technique.name).click(); + + technique.subtechniques.forEach((subtechnique) => { + cy.get(MITRE_ATTACK_ADD_SUBTECHNIQUE_BUTTON).eq(techniqueIndex).click({ force: true }); + cy.get(MITRE_ATTACK_SUBTECHNIQUE_DROPDOWN) + .eq(subtechniqueInputIndex) + .click({ force: true }); + cy.contains(MITRE_TACTIC, subtechnique).click(); + subtechniqueInputIndex++; + }); + techniqueIndex++; }); - cy.get(MITRE_BTN).click({ force: true }); + cy.get(MITRE_ATTACK_ADD_TACTIC_BUTTON).click({ force: true }); }); cy.get(INVESTIGATION_NOTES_TEXTAREA).type(rule.note, { force: true }); diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/add_item_form/index.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/add_item_form/index.tsx index d0e606ef368a1..fe785bcacc919 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/add_item_form/index.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/add_item_form/index.tsx @@ -38,9 +38,9 @@ const MyEuiFormRow = styled(EuiFormRow)` `; export const MyAddItemButton = styled(EuiButtonEmpty)` - margin-top: 4px; + margin: 4px 0px; - &.euiButtonEmpty--xSmall { + &.euiButtonEmpty--small { font-size: 12px; } @@ -53,7 +53,7 @@ export const MyAddItemButton = styled(EuiButtonEmpty)` MyAddItemButton.defaultProps = { flush: 'left', iconType: 'plusInCircle', - size: 'xs', + size: 's', }; export const AddItem = ({ diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.test.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.test.tsx index ee1edecbdc54a..38eb66dc2ecd9 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.test.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.test.tsx @@ -237,13 +237,22 @@ describe('helpers', () => { expect(wrapper.find('[data-test-subj="threatTechniqueLink"]').text()).toEqual(''); }); - test('returns with corresponding tactic and technique link text', () => { + test('returns empty technique link if no corresponding subtechnique id found', () => { const result: ListItems[] = buildThreatDescription({ label: 'Mitre Attack', threat: [ { framework: 'MITRE ATTACK', - technique: [{ reference: 'https://test.com', name: 'Audio Capture', id: 'T1123' }], + technique: [ + { + reference: 'https://test.com', + name: 'Audio Capture', + id: 'T1123', + subtechnique: [ + { reference: 'https://test.com', name: 'Audio Capture Data', id: 'T1123.000123' }, + ], + }, + ], tactic: { reference: 'https://test.com', name: 'Collection', id: 'TA0009' }, }, ], @@ -256,16 +265,57 @@ describe('helpers', () => { expect(wrapper.find('[data-test-subj="threatTechniqueLink"]').text()).toEqual( 'Audio Capture (T1123)' ); + expect(wrapper.find('[data-test-subj="threatSubtechniqueLink"]').text()).toEqual(''); + }); + + test('returns with corresponding tactic, technique, and subtechnique link text', () => { + const result: ListItems[] = buildThreatDescription({ + label: 'Mitre Attack', + threat: [ + { + framework: 'MITRE ATTACK', + technique: [ + { + reference: 'https://test.com', + name: 'Archive Collected Data', + id: 'T1560', + subtechnique: [ + { reference: 'https://test.com', name: 'Archive via Library', id: 'T1560.002' }, + ], + }, + ], + tactic: { reference: 'https://test.com', name: 'Collection', id: 'TA0009' }, + }, + ], + }); + const wrapper = shallow(result[0].description as React.ReactElement); + expect(result[0].title).toEqual('Mitre Attack'); + expect(wrapper.find('[data-test-subj="threatTacticLink"]').text()).toEqual( + 'Collection (TA0009)' + ); + expect(wrapper.find('[data-test-subj="threatTechniqueLink"]').text()).toEqual( + 'Archive Collected Data (T1560)' + ); + expect(wrapper.find('[data-test-subj="threatSubtechniqueLink"]').text()).toEqual( + 'Archive via Library (T1560.002)' + ); }); - test('returns corresponding number of tactic and technique links', () => { + test('returns corresponding number of tactic, technique, and subtechnique links', () => { const result: ListItems[] = buildThreatDescription({ label: 'Mitre Attack', threat: [ { framework: 'MITRE ATTACK', technique: [ - { reference: 'https://test.com', name: 'Audio Capture', id: 'T1123' }, + { + reference: 'https://test.com', + name: 'Archive Collected Data', + id: 'T1560', + subtechnique: [ + { reference: 'https://test.com', name: 'Archive via Library', id: 'T1560.002' }, + ], + }, { reference: 'https://test.com', name: 'Clipboard Data', id: 'T1115' }, ], tactic: { reference: 'https://test.com', name: 'Collection', id: 'TA0009' }, @@ -273,7 +323,14 @@ describe('helpers', () => { { framework: 'MITRE ATTACK', technique: [ - { reference: 'https://test.com', name: 'Automated Collection', id: 'T1119' }, + { + reference: 'https://test.com', + name: 'Account Discovery', + id: 'T1087', + subtechnique: [ + { reference: 'https://test.com', name: 'Cloud Account', id: 'T1087.004' }, + ], + }, ], tactic: { reference: 'https://test.com', name: 'Discovery', id: 'TA0007' }, }, @@ -283,6 +340,7 @@ describe('helpers', () => { expect(wrapper.find('[data-test-subj="threatTacticLink"]')).toHaveLength(2); expect(wrapper.find('[data-test-subj="threatTechniqueLink"]')).toHaveLength(3); + expect(wrapper.find('[data-test-subj="threatSubtechniqueLink"]')).toHaveLength(2); }); }); diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.tsx index 83413496c609d..5af35d17f587e 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.tsx @@ -29,7 +29,11 @@ import * as i18nRiskScore from '../risk_score_mapping/translations'; import { Threshold, Type } from '../../../../../common/detection_engine/schemas/common/schemas'; import { esFilters } from '../../../../../../../../src/plugins/data/public'; -import { tacticsOptions, techniquesOptions } from '../../../mitre/mitre_tactics_techniques'; +import { + subtechniquesOptions, + tacticsOptions, + techniquesOptions, +} from '../../../mitre/mitre_tactics_techniques'; import * as i18n from './translations'; import { BuildQueryBarDescription, BuildThreatDescription, ListItems } from './types'; @@ -119,11 +123,16 @@ const ThreatEuiFlexGroup = styled(EuiFlexGroup)` } `; +const SubtechniqueFlexItem = styled(EuiFlexItem)` + margin-left: ${({ theme }) => theme.eui.paddingSizes.m}; +`; + const TechniqueLinkItem = styled(EuiButtonEmpty)` .euiIcon { width: 8px; height: 8px; } + align-self: flex-start; `; export const buildThreatDescription = ({ label, threat }: BuildThreatDescription): ListItems[] => { @@ -145,20 +154,42 @@ export const buildThreatDescription = ({ label, threat }: BuildThreatDescription {tactic != null ? tactic.text : ''} - {singleThreat.technique.map((technique, listIndex) => { + {singleThreat.technique.map((technique, techniqueIndex) => { const myTechnique = techniquesOptions.find((t) => t.id === technique.id); return ( - + {myTechnique != null ? myTechnique.label : ''} + + {technique.subtechnique != null && + technique.subtechnique.map((subtechnique, subtechniqueIndex) => { + const mySubtechnique = subtechniquesOptions.find( + (t) => t.id === subtechnique.id + ); + return ( + + + {mySubtechnique != null ? mySubtechnique.label : ''} + + + ); + })} + ); })} diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/description_step/index.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/description_step/index.tsx index 7d509270fff95..3ab23266abf52 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/description_step/index.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/description_step/index.tsx @@ -44,6 +44,7 @@ import { buildActionsDescription } from './actions_description'; import { buildThrottleDescription } from './throttle_description'; import { Type } from '../../../../../common/detection_engine/schemas/common/schemas'; import { THREAT_QUERY_LABEL } from './translations'; +import { filterEmptyThreats } from '../../../pages/detection_engine/rules/create/helpers'; const DescriptionListContainer = styled(EuiDescriptionList)` &.euiDescriptionList--column .euiDescriptionList__title { @@ -178,10 +179,8 @@ export const getDescriptionItem = ( indexPatterns, }); } else if (field === 'threat') { - const threat: IMitreEnterpriseAttack[] = get(field, data).filter( - (singleThreat: IMitreEnterpriseAttack) => singleThreat.tactic.name !== 'none' - ); - return buildThreatDescription({ label, threat }); + const threats: IMitreEnterpriseAttack[] = get(field, data); + return buildThreatDescription({ label, threat: filterEmptyThreats(threats) }); } else if (field === 'threshold') { const threshold = get(field, data); return buildThresholdDescription(label, threshold); diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/helpers.test.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/helpers.test.tsx index dc201eb21c911..bb117641bdee9 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/helpers.test.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/helpers.test.tsx @@ -4,10 +4,70 @@ * you may not use this file except in compliance with the Elastic License. */ -import { isMitreAttackInvalid } from './helpers'; +import { getValidThreat } from '../../../mitre/valid_threat_mock'; +import { hasSubtechniqueOptions, isMitreAttackInvalid } from './helpers'; -describe('isMitreAttackInvalid', () => { - it('returns true if tacticName is empty', () => { - expect(isMitreAttackInvalid('', undefined)).toBe(true); +const mockTechniques = getValidThreat()[0].technique; + +describe('helpers', () => { + describe('isMitreAttackInvalid', () => { + describe('when technique param is undefined', () => { + it('returns false', () => { + expect(isMitreAttackInvalid('', undefined)).toBe(false); + }); + }); + + describe('when technique param is empty', () => { + it('returns false if tacticName is `none`', () => { + expect(isMitreAttackInvalid('none', [])).toBe(false); + }); + + it('returns true if tacticName exists and is not `none`', () => { + expect(isMitreAttackInvalid('Test', [])).toBe(true); + }); + }); + + describe('when technique param exists', () => { + describe('and contains valid techniques', () => { + const validTechniques = mockTechniques; + it('returns false', () => { + expect(isMitreAttackInvalid('Test', validTechniques)).toBe(false); + }); + }); + + describe('and contains empty techniques', () => { + const emptyTechniques = [ + { + reference: 'https://test.com', + name: 'none', + id: '', + }, + ]; + it('returns true', () => { + expect(isMitreAttackInvalid('Test', emptyTechniques)).toBe(true); + }); + }); + }); + }); + + describe('hasSubtechniqueOptions', () => { + describe('when technique has subtechnique options', () => { + const technique = mockTechniques[0]; + it('returns true', () => { + expect(hasSubtechniqueOptions(technique)).toBe(true); + }); + }); + + describe('when technique has no subtechnique options', () => { + const technique = { + reference: 'https://test.com', + name: 'Mock technique with no subtechniques', + id: 'T0000', + subtechnique: [], + }; + it('returns false', () => { + expect(hasSubtechniqueOptions(technique)).toBe(false); + }); + }); }); }); diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/helpers.ts b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/helpers.ts index 2dc7a6d8f45e5..eb0ebd50398ac 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/helpers.ts +++ b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/helpers.ts @@ -4,15 +4,31 @@ * you may not use this file except in compliance with the Elastic License. */ import { isEmpty } from 'lodash/fp'; +import { subtechniquesOptions } from '../../../mitre/mitre_tactics_techniques'; -import { IMitreAttack } from '../../../pages/detection_engine/rules/types'; +import { IMitreAttackTechnique } from '../../../pages/detection_engine/rules/types'; export const isMitreAttackInvalid = ( tacticName: string | null | undefined, - technique: IMitreAttack[] | null | undefined + technique: IMitreAttackTechnique[] | null | undefined ) => { - if (isEmpty(tacticName) || (tacticName !== 'none' && isEmpty(technique))) { + if ( + tacticName !== 'none' && + technique != null && + (isEmpty(technique) || !containsTechniques(technique)) + ) { return true; } return false; }; + +const containsTechniques = (techniques: IMitreAttackTechnique[]) => { + return techniques.some((technique) => technique.name !== 'none'); +}; + +/** + * Returns true if the given mitre technique has any subtechniques + */ +export const hasSubtechniqueOptions = (technique: IMitreAttackTechnique) => { + return subtechniquesOptions.some((subtechnique) => subtechnique.techniqueId === technique.id); +}; diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/index.test.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/index.test.tsx index 23b3519cee582..5a91b5eb8970a 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/index.test.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/index.test.tsx @@ -7,7 +7,7 @@ import React from 'react'; import { shallow } from 'enzyme'; -import { AddMitreThreat } from './index'; +import { AddMitreAttackThreat } from './index'; import { useFormFieldMock } from '../../../../common/mock'; describe('AddMitreThreat', () => { @@ -16,7 +16,7 @@ describe('AddMitreThreat', () => { const field = useFormFieldMock({ value: [] }); return ( - { }; const wrapper = shallow(); - expect(wrapper.dive().find('[data-test-subj="addMitre"]')).toHaveLength(1); + expect(wrapper.dive().find('[data-test-subj="addMitreAttackTactic"]')).toHaveLength(1); }); }); diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/index.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/index.tsx index 71734affd42ce..e5918cb065f39 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/index.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/index.tsx @@ -4,35 +4,34 @@ * you may not use this file except in compliance with the Elastic License. */ -import { - EuiButtonIcon, - EuiFormRow, - EuiSuperSelect, - EuiSpacer, - EuiFlexGroup, - EuiFlexItem, - EuiComboBox, - EuiText, -} from '@elastic/eui'; -import { isEmpty, kebabCase, camelCase } from 'lodash/fp'; -import React, { useCallback, useState } from 'react'; +import { EuiButtonIcon, EuiFormRow, EuiSuperSelect, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; +import { isEmpty, camelCase } from 'lodash/fp'; +import React, { memo, useCallback, useMemo, useState } from 'react'; import styled from 'styled-components'; -import { tacticsOptions, techniquesOptions } from '../../../mitre/mitre_tactics_techniques'; +import { isEqual } from 'lodash'; +import { tacticsOptions } from '../../../mitre/mitre_tactics_techniques'; import * as Rulei18n from '../../../pages/detection_engine/rules/translations'; import { FieldHook, getFieldValidityAndErrorMessage } from '../../../../shared_imports'; import { threatDefault } from '../step_about_rule/default_value'; import { IMitreEnterpriseAttack } from '../../../pages/detection_engine/rules/types'; import { MyAddItemButton } from '../add_item_form'; -import { isMitreAttackInvalid } from './helpers'; import * as i18n from './translations'; +import { MitreAttackTechniqueFields } from './technique_fields'; +import { isMitreAttackInvalid } from './helpers'; -const MitreContainer = styled.div` +const MitreAttackContainer = styled.div` margin-top: 16px; `; -const MyEuiSuperSelect = styled(EuiSuperSelect)` - width: 280px; + +const InitialMitreAttackFormRow = styled(EuiFormRow)` + .euiFormRow__labelWrapper { + .euiText { + padding-right: 32px; + } + } `; + interface AddItemProps { field: FieldHook; dataTestSubj: string; // eslint-disable-line react/no-unused-prop-types @@ -40,25 +39,25 @@ interface AddItemProps { isDisabled: boolean; } -export const AddMitreThreat = ({ field, idAria, isDisabled }: AddItemProps) => { +export const AddMitreAttackThreat = memo(({ field, idAria, isDisabled }: AddItemProps) => { const [showValidation, setShowValidation] = useState(false); - const { isInvalid, errorMessage } = getFieldValidityAndErrorMessage(field); + const { errorMessage } = getFieldValidityAndErrorMessage(field); - const removeItem = useCallback( + const removeTactic = useCallback( (index: number) => { - const values = field.value as string[]; - const newValues = [...values.slice(0, index), ...values.slice(index + 1)]; - if (isEmpty(newValues)) { + const values = [...(field.value as IMitreEnterpriseAttack[])]; + values.splice(index, 1); + if (isEmpty(values)) { field.setValue(threatDefault); } else { - field.setValue(newValues); + field.setValue(values); } }, [field] ); - const addItem = useCallback(() => { - const values = field.value as IMitreEnterpriseAttack[]; + const addMitreAttackTactic = useCallback(() => { + const values = [...(field.value as IMitreEnterpriseAttack[])]; if (!isEmpty(values[values.length - 1])) { field.setValue([ ...values, @@ -71,151 +70,134 @@ export const AddMitreThreat = ({ field, idAria, isDisabled }: AddItemProps) => { const updateTactic = useCallback( (index: number, value: string) => { - const values = field.value as IMitreEnterpriseAttack[]; + const values = [...(field.value as IMitreEnterpriseAttack[])]; const { id, reference, name } = tacticsOptions.find((t) => t.value === value) || { id: '', name: '', reference: '', }; - field.setValue([ - ...values.slice(0, index), - { - ...values[index], - tactic: { id, reference, name }, - technique: [], - }, - ...values.slice(index + 1), - ]); + values.splice(index, 1, { + ...values[index], + tactic: { id, reference, name }, + technique: [], + }); + field.setValue([...values]); }, [field] ); - const updateTechniques = useCallback( - (index: number, selectedOptions: unknown[]) => { - field.setValue([ - ...values.slice(0, index), - { - ...values[index], - technique: selectedOptions, - }, - ...values.slice(index + 1), - ]); - }, - // eslint-disable-next-line react-hooks/exhaustive-deps - [field] - ); + const values = useMemo(() => { + return [...(field.value as IMitreEnterpriseAttack[])]; + }, [field]); - const values = field.value as IMitreEnterpriseAttack[]; + const isTacticValid = useCallback((threat: IMitreEnterpriseAttack) => { + return isMitreAttackInvalid(threat.tactic.name, threat.technique); + }, []); - const getSelectTactic = (tacticName: string, index: number, disabled: boolean) => ( - {i18n.TACTIC_PLACEHOLDER}, - value: 'none', - disabled, - }, - ] - : []), - ...tacticsOptions.map((t) => ({ - inputDisplay: <>{t.text}, - value: t.value, - disabled, - })), - ]} - aria-label="" - onChange={updateTactic.bind(null, index)} - fullWidth={false} - valueOfSelected={camelCase(tacticName)} - data-test-subj="mitreTactic" - /> + const getSelectTactic = useCallback( + (threat: IMitreEnterpriseAttack, index: number, disabled: boolean) => { + const tacticName = threat.tactic.name; + return ( + + + {i18n.TACTIC_PLACEHOLDER}, + value: 'none', + disabled, + }, + ] + : []), + ...tacticsOptions.map((t) => ({ + inputDisplay: <>{t.text}, + value: t.value, + disabled, + })), + ]} + prepend={`${field.label} ${i18n.TACTIC}`} + aria-label="" + onChange={updateTactic.bind(null, index)} + fullWidth={true} + valueOfSelected={camelCase(tacticName)} + data-test-subj="mitreAttackTactic" + placeholder={i18n.TACTIC_PLACEHOLDER} + isInvalid={showValidation && isTacticValid(threat)} + onBlur={() => setShowValidation(true)} + /> + + + removeTactic(index)} + aria-label={Rulei18n.DELETE} + /> + + + ); + }, + [field, isDisabled, removeTactic, showValidation, updateTactic, values, isTacticValid] ); - const getSelectTechniques = (item: IMitreEnterpriseAttack, index: number, disabled: boolean) => { - const invalid = isMitreAttackInvalid(item.tactic.name, item.technique); - const options = techniquesOptions.filter((t) => - t.tactics.includes(kebabCase(item.tactic.name)) - ); - const selectedOptions = item.technique.map((technic) => ({ - ...technic, - label: `${technic.name} (${technic.id})`, // API doesn't allow for label field - })); - - return ( - - - setShowValidation(true)} - /> - {showValidation && invalid && ( - -

{errorMessage}

- - )} - - - removeItem(index)} - aria-label={Rulei18n.DELETE} - /> - - - ); - }; + /** + * Uses the fieldhook to set a new field value + * + * Value is memoized on top level props, any deep changes will have to be new objects + */ + const onFieldChange = useCallback( + (threats: IMitreEnterpriseAttack[]) => { + field.setValue(threats); + }, + [field] + ); return ( - - {values.map((item, index) => ( + + {values.map((threat, index) => (
- - - {index === 0 ? ( - - <>{getSelectTactic(item.tactic.name, index, isDisabled)} - - ) : ( - getSelectTactic(item.tactic.name, index, isDisabled) - )} - - - {index === 0 ? ( - - <>{getSelectTechniques(item, index, isDisabled)} - - ) : ( - getSelectTechniques(item, index, isDisabled) - )} - - - {values.length - 1 !== index && } + {index === 0 ? ( + + <>{getSelectTactic(threat, index, isDisabled)} + + ) : ( + + {getSelectTactic(threat, index, isDisabled)} + + )} + +
))} - - {i18n.ADD_MITRE_ATTACK} + + {i18n.ADD_MITRE_TACTIC} - + ); -}; +}); diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/subtechnique_fields.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/subtechnique_fields.tsx new file mode 100644 index 0000000000000..bc4226ca23ca8 --- /dev/null +++ b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/subtechnique_fields.tsx @@ -0,0 +1,204 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { + EuiButtonIcon, + EuiFormRow, + EuiSuperSelect, + EuiSpacer, + EuiFlexGroup, + EuiFlexItem, +} from '@elastic/eui'; +import { camelCase } from 'lodash/fp'; +import React, { useCallback, useMemo } from 'react'; +import styled from 'styled-components'; + +import { subtechniquesOptions } from '../../../mitre/mitre_tactics_techniques'; +import * as Rulei18n from '../../../pages/detection_engine/rules/translations'; +import { FieldHook } from '../../../../shared_imports'; +import { IMitreAttack, IMitreEnterpriseAttack } from '../../../pages/detection_engine/rules/types'; +import { MyAddItemButton } from '../add_item_form'; +import * as i18n from './translations'; + +const SubtechniqueContainer = styled.div` + margin-left: 48px; +`; + +interface AddSubtechniqueProps { + field: FieldHook; + threatIndex: number; + techniqueIndex: number; + idAria: string; + isDisabled: boolean; + onFieldChange: (threats: IMitreEnterpriseAttack[]) => void; +} + +export const MitreAttackSubtechniqueFields: React.FC = ({ + field, + idAria, + isDisabled, + threatIndex, + techniqueIndex, + onFieldChange, +}): JSX.Element => { + const values = field.value as IMitreEnterpriseAttack[]; + + const technique = useMemo(() => { + return values[threatIndex].technique[techniqueIndex]; + }, [values, threatIndex, techniqueIndex]); + + const removeSubtechnique = useCallback( + (index: number) => { + const threats = [...(field.value as IMitreEnterpriseAttack[])]; + const subtechniques = threats[threatIndex].technique[techniqueIndex].subtechnique; + if (subtechniques != null) { + subtechniques.splice(index, 1); + + threats[threatIndex].technique[techniqueIndex] = { + ...threats[threatIndex].technique[techniqueIndex], + subtechnique: subtechniques, + }; + onFieldChange(threats); + } + }, + [field, threatIndex, onFieldChange, techniqueIndex] + ); + + const addMitreAttackSubtechnique = useCallback(() => { + const threats = [...(field.value as IMitreEnterpriseAttack[])]; + + const subtechniques = threats[threatIndex].technique[techniqueIndex].subtechnique; + + if (subtechniques != null) { + threats[threatIndex].technique[techniqueIndex] = { + ...threats[threatIndex].technique[techniqueIndex], + subtechnique: [...subtechniques, { id: 'none', name: 'none', reference: 'none' }], + }; + } else { + threats[threatIndex].technique[techniqueIndex] = { + ...threats[threatIndex].technique[techniqueIndex], + subtechnique: [{ id: 'none', name: 'none', reference: 'none' }], + }; + } + + onFieldChange(threats); + }, [field, threatIndex, onFieldChange, techniqueIndex]); + + const updateSubtechnique = useCallback( + (index: number, value: string) => { + const threats = [...(field.value as IMitreEnterpriseAttack[])]; + const { id, reference, name } = subtechniquesOptions.find((t) => t.value === value) || { + id: '', + name: '', + reference: '', + }; + const subtechniques = threats[threatIndex].technique[techniqueIndex].subtechnique; + + if (subtechniques != null) { + onFieldChange([ + ...threats.slice(0, threatIndex), + { + ...threats[threatIndex], + technique: [ + ...threats[threatIndex].technique.slice(0, techniqueIndex), + { + ...threats[threatIndex].technique[techniqueIndex], + subtechnique: [ + ...subtechniques.slice(0, index), + { + id, + reference, + name, + }, + ...subtechniques.slice(index + 1), + ], + }, + ...threats[threatIndex].technique.slice(techniqueIndex + 1), + ], + }, + ...threats.slice(threatIndex + 1), + ]); + } + }, + [threatIndex, techniqueIndex, onFieldChange, field] + ); + + const getSelectSubtechnique = useCallback( + (index: number, disabled: boolean, subtechnique: IMitreAttack) => { + const options = subtechniquesOptions.filter((t) => t.techniqueId === technique.id); + + return ( + <> + {i18n.SUBTECHNIQUE_PLACEHOLDER}, + value: 'none', + disabled, + }, + ] + : []), + ...options.map((option) => ({ + inputDisplay: <>{option.label}, + value: option.value, + disabled, + })), + ]} + prepend={`${field.label} ${i18n.SUBTECHNIQUE}`} + aria-label="" + onChange={updateSubtechnique.bind(null, index)} + fullWidth={true} + valueOfSelected={camelCase(subtechnique.name)} + data-test-subj="mitreAttackSubtechnique" + disabled={disabled} + placeholder={i18n.SUBTECHNIQUE_PLACEHOLDER} + /> + + ); + }, + [field, updateSubtechnique, technique] + ); + + return ( + + {technique.subtechnique != null && + technique.subtechnique.map((subtechnique, index) => ( +
+ + + + + {getSelectSubtechnique(index, isDisabled, subtechnique)} + + + removeSubtechnique(index)} + aria-label={Rulei18n.DELETE} + /> + + + +
+ ))} + + {i18n.ADD_MITRE_SUBTECHNIQUE} + + + ); +}; diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/technique_fields.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/technique_fields.tsx new file mode 100644 index 0000000000000..c9d8623d16e82 --- /dev/null +++ b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/technique_fields.tsx @@ -0,0 +1,195 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { + EuiButtonIcon, + EuiFormRow, + EuiSuperSelect, + EuiSpacer, + EuiFlexGroup, + EuiFlexItem, +} from '@elastic/eui'; +import { kebabCase, camelCase } from 'lodash/fp'; +import React, { useCallback } from 'react'; +import styled, { css } from 'styled-components'; + +import { techniquesOptions } from '../../../mitre/mitre_tactics_techniques'; +import * as Rulei18n from '../../../pages/detection_engine/rules/translations'; +import { FieldHook } from '../../../../shared_imports'; +import { + IMitreAttackTechnique, + IMitreEnterpriseAttack, +} from '../../../pages/detection_engine/rules/types'; +import { MyAddItemButton } from '../add_item_form'; +import { hasSubtechniqueOptions } from './helpers'; +import * as i18n from './translations'; +import { MitreAttackSubtechniqueFields } from './subtechnique_fields'; + +const TechniqueContainer = styled.div` + ${({ theme }) => css` + margin-left: 24px; + padding-left: 24px; + border-left: 2px solid ${theme.eui.euiColorLightestShade}; + `} +`; + +interface AddTechniqueProps { + field: FieldHook; + threatIndex: number; + idAria: string; + isDisabled: boolean; + onFieldChange: (threats: IMitreEnterpriseAttack[]) => void; +} + +export const MitreAttackTechniqueFields: React.FC = ({ + field, + idAria, + isDisabled, + threatIndex, + onFieldChange, +}): JSX.Element => { + const values = field.value as IMitreEnterpriseAttack[]; + + const removeTechnique = useCallback( + (index: number) => { + const threats = [...(field.value as IMitreEnterpriseAttack[])]; + const techniques = threats[threatIndex].technique; + techniques.splice(index, 1); + threats[threatIndex] = { + ...threats[threatIndex], + technique: techniques, + }; + onFieldChange(threats); + }, + [field, threatIndex, onFieldChange] + ); + + const addMitreAttackTechnique = useCallback(() => { + const threats = [...(field.value as IMitreEnterpriseAttack[])]; + threats[threatIndex] = { + ...threats[threatIndex], + technique: [ + ...threats[threatIndex].technique, + { id: 'none', name: 'none', reference: 'none', subtechnique: [] }, + ], + }; + onFieldChange(threats); + }, [field, threatIndex, onFieldChange]); + + const updateTechnique = useCallback( + (index: number, value: string) => { + const threats = [...(field.value as IMitreEnterpriseAttack[])]; + const { id, reference, name } = techniquesOptions.find((t) => t.value === value) || { + id: '', + name: '', + reference: '', + }; + onFieldChange([ + ...threats.slice(0, threatIndex), + { + ...threats[threatIndex], + technique: [ + ...threats[threatIndex].technique.slice(0, index), + { + id, + reference, + name, + subtechnique: [], + }, + ...threats[threatIndex].technique.slice(index + 1), + ], + }, + ...threats.slice(threatIndex + 1), + ]); + }, + [threatIndex, onFieldChange, field] + ); + + const getSelectTechnique = useCallback( + (tacticName: string, index: number, disabled: boolean, technique: IMitreAttackTechnique) => { + const options = techniquesOptions.filter((t) => t.tactics.includes(kebabCase(tacticName))); + return ( + <> + {i18n.TECHNIQUE_PLACEHOLDER}, + value: 'none', + disabled, + }, + ] + : []), + ...options.map((option) => ({ + inputDisplay: <>{option.label}, + value: option.value, + disabled, + })), + ]} + prepend={`${field.label} ${i18n.TECHNIQUE}`} + aria-label="" + onChange={updateTechnique.bind(null, index)} + fullWidth={true} + valueOfSelected={camelCase(technique.name)} + data-test-subj="mitreAttackTechnique" + disabled={disabled} + placeholder={i18n.TECHNIQUE_PLACEHOLDER} + /> + + ); + }, + [field, updateTechnique] + ); + + return ( + + {values[threatIndex].technique.map((technique, index) => ( +
+ + + + + {getSelectTechnique(values[threatIndex].tactic.name, index, isDisabled, technique)} + + + removeTechnique(index)} + aria-label={Rulei18n.DELETE} + /> + + + + + +
+ ))} + + {i18n.ADD_MITRE_TECHNIQUE} + + + ); +}; diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/translations.ts b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/translations.ts index 704f950cfb4b9..98899d4315d54 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/mitre/translations.ts +++ b/x-pack/plugins/security_solution/public/detections/components/rules/mitre/translations.ts @@ -6,6 +6,13 @@ import { i18n } from '@kbn/i18n'; +export const THREATS = i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttack.threatsDescription', + { + defaultMessage: 'threats', + } +); + export const TACTIC = i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttack.tacticsDescription', { @@ -16,27 +23,55 @@ export const TACTIC = i18n.translate( export const TECHNIQUE = i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttack.techniquesDescription', { - defaultMessage: 'techniques', + defaultMessage: 'technique', + } +); + +export const SUBTECHNIQUE = i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttack.subtechniquesDescription', + { + defaultMessage: 'subtechnique', + } +); + +export const ADD_MITRE_TACTIC = i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttack.addTacticTitle', + { + defaultMessage: 'Add tactic', } ); -export const ADD_MITRE_ATTACK = i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttack.addTitle', +export const ADD_MITRE_TECHNIQUE = i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttack.addTechniqueTitle', { - defaultMessage: 'Add MITRE ATT&CK\\u2122 threat', + defaultMessage: 'Add technique', } ); -export const TECHNIQUES_PLACEHOLDER = i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttack.techniquesPlaceHolderDescription', +export const ADD_MITRE_SUBTECHNIQUE = i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttack.addSubtechniqueTitle', { - defaultMessage: 'Select techniques ...', + defaultMessage: 'Add subtechnique', } ); export const TACTIC_PLACEHOLDER = i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttack.tacticPlaceHolderDescription', { - defaultMessage: 'Select tactic ...', + defaultMessage: 'Select a tactic ...', + } +); + +export const TECHNIQUE_PLACEHOLDER = i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttack.techniquePlaceHolderDescription', + { + defaultMessage: 'Select a technique ...', + } +); + +export const SUBTECHNIQUE_PLACEHOLDER = i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttack.subtechniquePlaceHolderDescription', + { + defaultMessage: 'Select a subtechnique ...', } ); diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/step_about_rule/index.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/step_about_rule/index.tsx index 40b73fc7d158c..65993902d4c28 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/step_about_rule/index.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/step_about_rule/index.tsx @@ -17,7 +17,7 @@ import { } from '../../../pages/detection_engine/rules/types'; import { AddItem } from '../add_item_form'; import { StepRuleDescription } from '../description_step'; -import { AddMitreThreat } from '../mitre'; +import { AddMitreAttackThreat } from '../mitre'; import { Field, Form, @@ -230,7 +230,7 @@ const StepAboutRuleComponent: FC = ({ /> = { ...args: Parameters ): ReturnType> | undefined => { const [{ value, path }] = args; - let hasError = false; + let hasTechniqueError = false; (value as IMitreEnterpriseAttack[]).forEach((v) => { if (isMitreAttackInvalid(v.tactic.name, v.technique)) { - hasError = true; + hasTechniqueError = true; } }); - return hasError + return hasTechniqueError ? { code: 'ERR_FIELD_MISSING', - path, + path: `${path}.tactic`, message: I18n.CUSTOM_MITRE_ATTACK_TECHNIQUES_REQUIRED, } : undefined; }, + exitOnFail: false, }, ], }, diff --git a/x-pack/plugins/security_solution/public/detections/mitre/mitre_tactics_techniques.ts b/x-pack/plugins/security_solution/public/detections/mitre/mitre_tactics_techniques.ts index 027aa7fd699e4..3684820b5383a 100644 --- a/x-pack/plugins/security_solution/public/detections/mitre/mitre_tactics_techniques.ts +++ b/x-pack/plugins/security_solution/public/detections/mitre/mitre_tactics_techniques.ts @@ -6,7 +6,7 @@ import { i18n } from '@kbn/i18n'; -import { MitreTacticsOptions, MitreTechniquesOptions } from './types'; +import { MitreTacticsOptions, MitreTechniquesOptions, MitreSubtechniquesOptions } from './types'; export const tactics = [ { @@ -69,6 +69,16 @@ export const tactics = [ id: 'TA0004', reference: 'https://attack.mitre.org/tactics/TA0004', }, + { + name: 'Reconnaissance', + id: 'TA0043', + reference: 'https://attack.mitre.org/tactics/TA0043', + }, + { + name: 'Resource Development', + id: 'TA0042', + reference: 'https://attack.mitre.org/tactics/TA0042', + }, ]; export const tacticsOptions: MitreTacticsOptions[] = [ @@ -192,14 +202,34 @@ export const tacticsOptions: MitreTacticsOptions[] = [ ), value: 'privilegeEscalation', }, + { + id: 'TA0043', + name: 'Reconnaissance', + reference: 'https://attack.mitre.org/tactics/TA0043', + text: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTactics.reconnaissanceDescription', + { defaultMessage: 'Reconnaissance (TA0043)' } + ), + value: 'reconnaissance', + }, + { + id: 'TA0042', + name: 'Resource Development', + reference: 'https://attack.mitre.org/tactics/TA0042', + text: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTactics.resourceDevelopmentDescription', + { defaultMessage: 'Resource Development (TA0042)' } + ), + value: 'resourceDevelopment', + }, ]; export const technique = [ { - name: '.bash_profile and .bashrc', - id: 'T1156', - reference: 'https://attack.mitre.org/techniques/T1156', - tactics: ['persistence'], + name: 'Abuse Elevation Control Mechanism', + id: 'T1548', + reference: 'https://attack.mitre.org/techniques/T1548', + tactics: ['privilege-escalation', 'defense-evasion'], }, { name: 'Access Token Manipulation', @@ -207,12 +237,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1134', tactics: ['defense-evasion', 'privilege-escalation'], }, - { - name: 'Accessibility Features', - id: 'T1015', - reference: 'https://attack.mitre.org/techniques/T1015', - tactics: ['persistence', 'privilege-escalation'], - }, { name: 'Account Access Removal', id: 'T1531', @@ -229,43 +253,25 @@ export const technique = [ name: 'Account Manipulation', id: 'T1098', reference: 'https://attack.mitre.org/techniques/T1098', - tactics: ['credential-access', 'persistence'], - }, - { - name: 'AppCert DLLs', - id: 'T1182', - reference: 'https://attack.mitre.org/techniques/T1182', - tactics: ['persistence', 'privilege-escalation'], - }, - { - name: 'AppInit DLLs', - id: 'T1103', - reference: 'https://attack.mitre.org/techniques/T1103', - tactics: ['persistence', 'privilege-escalation'], - }, - { - name: 'AppleScript', - id: 'T1155', - reference: 'https://attack.mitre.org/techniques/T1155', - tactics: ['execution', 'lateral-movement'], + tactics: ['persistence'], }, { - name: 'Application Access Token', - id: 'T1527', - reference: 'https://attack.mitre.org/techniques/T1527', - tactics: ['defense-evasion', 'lateral-movement'], + name: 'Acquire Infrastructure', + id: 'T1583', + reference: 'https://attack.mitre.org/techniques/T1583', + tactics: ['resource-development'], }, { - name: 'Application Deployment Software', - id: 'T1017', - reference: 'https://attack.mitre.org/techniques/T1017', - tactics: ['lateral-movement'], + name: 'Active Scanning', + id: 'T1595', + reference: 'https://attack.mitre.org/techniques/T1595', + tactics: ['reconnaissance'], }, { - name: 'Application Shimming', - id: 'T1138', - reference: 'https://attack.mitre.org/techniques/T1138', - tactics: ['persistence', 'privilege-escalation'], + name: 'Application Layer Protocol', + id: 'T1071', + reference: 'https://attack.mitre.org/techniques/T1071', + tactics: ['command-and-control'], }, { name: 'Application Window Discovery', @@ -273,18 +279,18 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1010', tactics: ['discovery'], }, + { + name: 'Archive Collected Data', + id: 'T1560', + reference: 'https://attack.mitre.org/techniques/T1560', + tactics: ['collection'], + }, { name: 'Audio Capture', id: 'T1123', reference: 'https://attack.mitre.org/techniques/T1123', tactics: ['collection'], }, - { - name: 'Authentication Package', - id: 'T1131', - reference: 'https://attack.mitre.org/techniques/T1131', - tactics: ['persistence'], - }, { name: 'Automated Collection', id: 'T1119', @@ -304,22 +310,16 @@ export const technique = [ tactics: ['defense-evasion', 'persistence'], }, { - name: 'Bash History', - id: 'T1139', - reference: 'https://attack.mitre.org/techniques/T1139', - tactics: ['credential-access'], - }, - { - name: 'Binary Padding', - id: 'T1009', - reference: 'https://attack.mitre.org/techniques/T1009', - tactics: ['defense-evasion'], + name: 'Boot or Logon Autostart Execution', + id: 'T1547', + reference: 'https://attack.mitre.org/techniques/T1547', + tactics: ['persistence', 'privilege-escalation'], }, { - name: 'Bootkit', - id: 'T1067', - reference: 'https://attack.mitre.org/techniques/T1067', - tactics: ['persistence'], + name: 'Boot or Logon Initialization Scripts', + id: 'T1037', + reference: 'https://attack.mitre.org/techniques/T1037', + tactics: ['persistence', 'privilege-escalation'], }, { name: 'Browser Bookmark Discovery', @@ -339,30 +339,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1110', tactics: ['credential-access'], }, - { - name: 'Bypass User Account Control', - id: 'T1088', - reference: 'https://attack.mitre.org/techniques/T1088', - tactics: ['defense-evasion', 'privilege-escalation'], - }, - { - name: 'CMSTP', - id: 'T1191', - reference: 'https://attack.mitre.org/techniques/T1191', - tactics: ['defense-evasion', 'execution'], - }, - { - name: 'Change Default File Association', - id: 'T1042', - reference: 'https://attack.mitre.org/techniques/T1042', - tactics: ['persistence'], - }, - { - name: 'Clear Command History', - id: 'T1146', - reference: 'https://attack.mitre.org/techniques/T1146', - tactics: ['defense-evasion'], - }, { name: 'Clipboard Data', id: 'T1115', @@ -370,10 +346,10 @@ export const technique = [ tactics: ['collection'], }, { - name: 'Cloud Instance Metadata API', - id: 'T1522', - reference: 'https://attack.mitre.org/techniques/T1522', - tactics: ['credential-access'], + name: 'Cloud Infrastructure Discovery', + id: 'T1580', + reference: 'https://attack.mitre.org/techniques/T1580', + tactics: ['discovery'], }, { name: 'Cloud Service Dashboard', @@ -388,13 +364,7 @@ export const technique = [ tactics: ['discovery'], }, { - name: 'Code Signing', - id: 'T1116', - reference: 'https://attack.mitre.org/techniques/T1116', - tactics: ['defense-evasion'], - }, - { - name: 'Command-Line Interface', + name: 'Command and Scripting Interpreter', id: 'T1059', reference: 'https://attack.mitre.org/techniques/T1059', tactics: ['execution'], @@ -411,30 +381,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1092', tactics: ['command-and-control'], }, - { - name: 'Compile After Delivery', - id: 'T1500', - reference: 'https://attack.mitre.org/techniques/T1500', - tactics: ['defense-evasion'], - }, - { - name: 'Compiled HTML File', - id: 'T1223', - reference: 'https://attack.mitre.org/techniques/T1223', - tactics: ['defense-evasion', 'execution'], - }, - { - name: 'Component Firmware', - id: 'T1109', - reference: 'https://attack.mitre.org/techniques/T1109', - tactics: ['defense-evasion', 'persistence'], - }, - { - name: 'Component Object Model Hijacking', - id: 'T1122', - reference: 'https://attack.mitre.org/techniques/T1122', - tactics: ['defense-evasion', 'persistence'], - }, { name: 'Component Object Model and Distributed COM', id: 'T1175', @@ -442,16 +388,22 @@ export const technique = [ tactics: ['lateral-movement', 'execution'], }, { - name: 'Connection Proxy', - id: 'T1090', - reference: 'https://attack.mitre.org/techniques/T1090', - tactics: ['command-and-control', 'defense-evasion'], + name: 'Compromise Accounts', + id: 'T1586', + reference: 'https://attack.mitre.org/techniques/T1586', + tactics: ['resource-development'], }, { - name: 'Control Panel Items', - id: 'T1196', - reference: 'https://attack.mitre.org/techniques/T1196', - tactics: ['defense-evasion', 'execution'], + name: 'Compromise Client Software Binary', + id: 'T1554', + reference: 'https://attack.mitre.org/techniques/T1554', + tactics: ['persistence'], + }, + { + name: 'Compromise Infrastructure', + id: 'T1584', + reference: 'https://attack.mitre.org/techniques/T1584', + tactics: ['resource-development'], }, { name: 'Create Account', @@ -460,65 +412,17 @@ export const technique = [ tactics: ['persistence'], }, { - name: 'Credential Dumping', - id: 'T1003', - reference: 'https://attack.mitre.org/techniques/T1003', - tactics: ['credential-access'], - }, - { - name: 'Credentials from Web Browsers', - id: 'T1503', - reference: 'https://attack.mitre.org/techniques/T1503', - tactics: ['credential-access'], - }, - { - name: 'Credentials in Files', - id: 'T1081', - reference: 'https://attack.mitre.org/techniques/T1081', - tactics: ['credential-access'], + name: 'Create or Modify System Process', + id: 'T1543', + reference: 'https://attack.mitre.org/techniques/T1543', + tactics: ['persistence', 'privilege-escalation'], }, { - name: 'Credentials in Registry', - id: 'T1214', - reference: 'https://attack.mitre.org/techniques/T1214', + name: 'Credentials from Password Stores', + id: 'T1555', + reference: 'https://attack.mitre.org/techniques/T1555', tactics: ['credential-access'], }, - { - name: 'Custom Command and Control Protocol', - id: 'T1094', - reference: 'https://attack.mitre.org/techniques/T1094', - tactics: ['command-and-control'], - }, - { - name: 'Custom Cryptographic Protocol', - id: 'T1024', - reference: 'https://attack.mitre.org/techniques/T1024', - tactics: ['command-and-control'], - }, - { - name: 'DCShadow', - id: 'T1207', - reference: 'https://attack.mitre.org/techniques/T1207', - tactics: ['defense-evasion'], - }, - { - name: 'DLL Search Order Hijacking', - id: 'T1038', - reference: 'https://attack.mitre.org/techniques/T1038', - tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], - }, - { - name: 'DLL Side-Loading', - id: 'T1073', - reference: 'https://attack.mitre.org/techniques/T1073', - tactics: ['defense-evasion'], - }, - { - name: 'Data Compressed', - id: 'T1002', - reference: 'https://attack.mitre.org/techniques/T1002', - tactics: ['exfiltration'], - }, { name: 'Data Destruction', id: 'T1485', @@ -531,18 +435,18 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1132', tactics: ['command-and-control'], }, - { - name: 'Data Encrypted', - id: 'T1022', - reference: 'https://attack.mitre.org/techniques/T1022', - tactics: ['exfiltration'], - }, { name: 'Data Encrypted for Impact', id: 'T1486', reference: 'https://attack.mitre.org/techniques/T1486', tactics: ['impact'], }, + { + name: 'Data Manipulation', + id: 'T1565', + reference: 'https://attack.mitre.org/techniques/T1565', + tactics: ['impact'], + }, { name: 'Data Obfuscation', id: 'T1001', @@ -567,6 +471,12 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1530', tactics: ['collection'], }, + { + name: 'Data from Configuration Repository', + id: 'T1602', + reference: 'https://attack.mitre.org/techniques/T1602', + tactics: ['collection'], + }, { name: 'Data from Information Repositories', id: 'T1213', @@ -604,35 +514,23 @@ export const technique = [ tactics: ['defense-evasion'], }, { - name: 'Disabling Security Tools', - id: 'T1089', - reference: 'https://attack.mitre.org/techniques/T1089', - tactics: ['defense-evasion'], + name: 'Develop Capabilities', + id: 'T1587', + reference: 'https://attack.mitre.org/techniques/T1587', + tactics: ['resource-development'], }, { - name: 'Disk Content Wipe', - id: 'T1488', - reference: 'https://attack.mitre.org/techniques/T1488', - tactics: ['impact'], + name: 'Direct Volume Access', + id: 'T1006', + reference: 'https://attack.mitre.org/techniques/T1006', + tactics: ['defense-evasion'], }, { - name: 'Disk Structure Wipe', - id: 'T1487', - reference: 'https://attack.mitre.org/techniques/T1487', + name: 'Disk Wipe', + id: 'T1561', + reference: 'https://attack.mitre.org/techniques/T1561', tactics: ['impact'], }, - { - name: 'Domain Fronting', - id: 'T1172', - reference: 'https://attack.mitre.org/techniques/T1172', - tactics: ['command-and-control'], - }, - { - name: 'Domain Generation Algorithms', - id: 'T1483', - reference: 'https://attack.mitre.org/techniques/T1483', - tactics: ['command-and-control'], - }, { name: 'Domain Trust Discovery', id: 'T1482', @@ -646,22 +544,10 @@ export const technique = [ tactics: ['initial-access'], }, { - name: 'Dylib Hijacking', - id: 'T1157', - reference: 'https://attack.mitre.org/techniques/T1157', - tactics: ['persistence', 'privilege-escalation'], - }, - { - name: 'Dynamic Data Exchange', - id: 'T1173', - reference: 'https://attack.mitre.org/techniques/T1173', - tactics: ['execution'], - }, - { - name: 'Elevated Execution with Prompt', - id: 'T1514', - reference: 'https://attack.mitre.org/techniques/T1514', - tactics: ['privilege-escalation'], + name: 'Dynamic Resolution', + id: 'T1568', + reference: 'https://attack.mitre.org/techniques/T1568', + tactics: ['command-and-control'], }, { name: 'Email Collection', @@ -670,10 +556,10 @@ export const technique = [ tactics: ['collection'], }, { - name: 'Emond', - id: 'T1519', - reference: 'https://attack.mitre.org/techniques/T1519', - tactics: ['persistence', 'privilege-escalation'], + name: 'Encrypted Channel', + id: 'T1573', + reference: 'https://attack.mitre.org/techniques/T1573', + tactics: ['command-and-control'], }, { name: 'Endpoint Denial of Service', @@ -682,22 +568,22 @@ export const technique = [ tactics: ['impact'], }, { - name: 'Execution Guardrails', - id: 'T1480', - reference: 'https://attack.mitre.org/techniques/T1480', - tactics: ['defense-evasion'], + name: 'Establish Accounts', + id: 'T1585', + reference: 'https://attack.mitre.org/techniques/T1585', + tactics: ['resource-development'], }, { - name: 'Execution through API', - id: 'T1106', - reference: 'https://attack.mitre.org/techniques/T1106', - tactics: ['execution'], + name: 'Event Triggered Execution', + id: 'T1546', + reference: 'https://attack.mitre.org/techniques/T1546', + tactics: ['privilege-escalation', 'persistence'], }, { - name: 'Execution through Module Load', - id: 'T1129', - reference: 'https://attack.mitre.org/techniques/T1129', - tactics: ['execution'], + name: 'Execution Guardrails', + id: 'T1480', + reference: 'https://attack.mitre.org/techniques/T1480', + tactics: ['defense-evasion'], }, { name: 'Exfiltration Over Alternative Protocol', @@ -706,7 +592,7 @@ export const technique = [ tactics: ['exfiltration'], }, { - name: 'Exfiltration Over Command and Control Channel', + name: 'Exfiltration Over C2 Channel', id: 'T1041', reference: 'https://attack.mitre.org/techniques/T1041', tactics: ['exfiltration'], @@ -723,6 +609,12 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1052', tactics: ['exfiltration'], }, + { + name: 'Exfiltration Over Web Service', + id: 'T1567', + reference: 'https://attack.mitre.org/techniques/T1567', + tactics: ['exfiltration'], + }, { name: 'Exploit Public-Facing Application', id: 'T1190', @@ -765,36 +657,12 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1133', tactics: ['persistence', 'initial-access'], }, - { - name: 'Extra Window Memory Injection', - id: 'T1181', - reference: 'https://attack.mitre.org/techniques/T1181', - tactics: ['defense-evasion', 'privilege-escalation'], - }, { name: 'Fallback Channels', id: 'T1008', reference: 'https://attack.mitre.org/techniques/T1008', tactics: ['command-and-control'], }, - { - name: 'File Deletion', - id: 'T1107', - reference: 'https://attack.mitre.org/techniques/T1107', - tactics: ['defense-evasion'], - }, - { - name: 'File System Logical Offsets', - id: 'T1006', - reference: 'https://attack.mitre.org/techniques/T1006', - tactics: ['defense-evasion'], - }, - { - name: 'File System Permissions Weakness', - id: 'T1044', - reference: 'https://attack.mitre.org/techniques/T1044', - tactics: ['persistence', 'privilege-escalation'], - }, { name: 'File and Directory Discovery', id: 'T1083', @@ -820,10 +688,28 @@ export const technique = [ tactics: ['credential-access'], }, { - name: 'Gatekeeper Bypass', - id: 'T1144', - reference: 'https://attack.mitre.org/techniques/T1144', - tactics: ['defense-evasion'], + name: 'Gather Victim Host Information', + id: 'T1592', + reference: 'https://attack.mitre.org/techniques/T1592', + tactics: ['reconnaissance'], + }, + { + name: 'Gather Victim Identity Information', + id: 'T1589', + reference: 'https://attack.mitre.org/techniques/T1589', + tactics: ['reconnaissance'], + }, + { + name: 'Gather Victim Network Information', + id: 'T1590', + reference: 'https://attack.mitre.org/techniques/T1590', + tactics: ['reconnaissance'], + }, + { + name: 'Gather Victim Org Information', + id: 'T1591', + reference: 'https://attack.mitre.org/techniques/T1591', + tactics: ['reconnaissance'], }, { name: 'Graphical User Interface', @@ -835,13 +721,7 @@ export const technique = [ name: 'Group Policy Modification', id: 'T1484', reference: 'https://attack.mitre.org/techniques/T1484', - tactics: ['defense-evasion'], - }, - { - name: 'HISTCONTROL', - id: 'T1148', - reference: 'https://attack.mitre.org/techniques/T1148', - tactics: ['defense-evasion'], + tactics: ['defense-evasion', 'privilege-escalation'], }, { name: 'Hardware Additions', @@ -850,28 +730,16 @@ export const technique = [ tactics: ['initial-access'], }, { - name: 'Hidden Files and Directories', - id: 'T1158', - reference: 'https://attack.mitre.org/techniques/T1158', - tactics: ['defense-evasion', 'persistence'], - }, - { - name: 'Hidden Users', - id: 'T1147', - reference: 'https://attack.mitre.org/techniques/T1147', - tactics: ['defense-evasion'], - }, - { - name: 'Hidden Window', - id: 'T1143', - reference: 'https://attack.mitre.org/techniques/T1143', + name: 'Hide Artifacts', + id: 'T1564', + reference: 'https://attack.mitre.org/techniques/T1564', tactics: ['defense-evasion'], }, { - name: 'Hooking', - id: 'T1179', - reference: 'https://attack.mitre.org/techniques/T1179', - tactics: ['persistence', 'privilege-escalation', 'credential-access'], + name: 'Hijack Execution Flow', + id: 'T1574', + reference: 'https://attack.mitre.org/techniques/T1574', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], }, { name: 'Hypervisor', @@ -880,10 +748,10 @@ export const technique = [ tactics: ['persistence'], }, { - name: 'Image File Execution Options Injection', - id: 'T1183', - reference: 'https://attack.mitre.org/techniques/T1183', - tactics: ['privilege-escalation', 'persistence', 'defense-evasion'], + name: 'Impair Defenses', + id: 'T1562', + reference: 'https://attack.mitre.org/techniques/T1562', + tactics: ['defense-evasion'], }, { name: 'Implant Container Image', @@ -891,18 +759,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1525', tactics: ['persistence'], }, - { - name: 'Indicator Blocking', - id: 'T1054', - reference: 'https://attack.mitre.org/techniques/T1054', - tactics: ['defense-evasion'], - }, - { - name: 'Indicator Removal from Tools', - id: 'T1066', - reference: 'https://attack.mitre.org/techniques/T1066', - tactics: ['defense-evasion'], - }, { name: 'Indicator Removal on Host', id: 'T1070', @@ -915,6 +771,12 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1202', tactics: ['defense-evasion'], }, + { + name: 'Ingress Tool Transfer', + id: 'T1105', + reference: 'https://attack.mitre.org/techniques/T1105', + tactics: ['command-and-control'], + }, { name: 'Inhibit System Recovery', id: 'T1490', @@ -928,52 +790,16 @@ export const technique = [ tactics: ['collection', 'credential-access'], }, { - name: 'Input Prompt', - id: 'T1141', - reference: 'https://attack.mitre.org/techniques/T1141', - tactics: ['credential-access'], + name: 'Inter-Process Communication', + id: 'T1559', + reference: 'https://attack.mitre.org/techniques/T1559', + tactics: ['execution'], }, { - name: 'Install Root Certificate', - id: 'T1130', - reference: 'https://attack.mitre.org/techniques/T1130', - tactics: ['defense-evasion'], - }, - { - name: 'InstallUtil', - id: 'T1118', - reference: 'https://attack.mitre.org/techniques/T1118', - tactics: ['defense-evasion', 'execution'], - }, - { - name: 'Internal Spearphishing', - id: 'T1534', - reference: 'https://attack.mitre.org/techniques/T1534', - tactics: ['lateral-movement'], - }, - { - name: 'Kerberoasting', - id: 'T1208', - reference: 'https://attack.mitre.org/techniques/T1208', - tactics: ['credential-access'], - }, - { - name: 'Kernel Modules and Extensions', - id: 'T1215', - reference: 'https://attack.mitre.org/techniques/T1215', - tactics: ['persistence'], - }, - { - name: 'Keychain', - id: 'T1142', - reference: 'https://attack.mitre.org/techniques/T1142', - tactics: ['credential-access'], - }, - { - name: 'LC_LOAD_DYLIB Addition', - id: 'T1161', - reference: 'https://attack.mitre.org/techniques/T1161', - tactics: ['persistence'], + name: 'Internal Spearphishing', + id: 'T1534', + reference: 'https://attack.mitre.org/techniques/T1534', + tactics: ['lateral-movement'], }, { name: 'LC_MAIN Hijacking', @@ -982,52 +808,10 @@ export const technique = [ tactics: ['defense-evasion'], }, { - name: 'LLMNR/NBT-NS Poisoning and Relay', - id: 'T1171', - reference: 'https://attack.mitre.org/techniques/T1171', - tactics: ['credential-access'], - }, - { - name: 'LSASS Driver', - id: 'T1177', - reference: 'https://attack.mitre.org/techniques/T1177', - tactics: ['execution', 'persistence'], - }, - { - name: 'Launch Agent', - id: 'T1159', - reference: 'https://attack.mitre.org/techniques/T1159', - tactics: ['persistence'], - }, - { - name: 'Launch Daemon', - id: 'T1160', - reference: 'https://attack.mitre.org/techniques/T1160', - tactics: ['persistence', 'privilege-escalation'], - }, - { - name: 'Launchctl', - id: 'T1152', - reference: 'https://attack.mitre.org/techniques/T1152', - tactics: ['defense-evasion', 'execution', 'persistence'], - }, - { - name: 'Local Job Scheduling', - id: 'T1168', - reference: 'https://attack.mitre.org/techniques/T1168', - tactics: ['persistence', 'execution'], - }, - { - name: 'Login Item', - id: 'T1162', - reference: 'https://attack.mitre.org/techniques/T1162', - tactics: ['persistence'], - }, - { - name: 'Logon Scripts', - id: 'T1037', - reference: 'https://attack.mitre.org/techniques/T1037', - tactics: ['lateral-movement', 'persistence'], + name: 'Lateral Tool Transfer', + id: 'T1570', + reference: 'https://attack.mitre.org/techniques/T1570', + tactics: ['lateral-movement'], }, { name: 'Man in the Browser', @@ -1035,6 +819,12 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1185', tactics: ['collection'], }, + { + name: 'Man-in-the-Middle', + id: 'T1557', + reference: 'https://attack.mitre.org/techniques/T1557', + tactics: ['credential-access', 'collection'], + }, { name: 'Masquerading', id: 'T1036', @@ -1042,10 +832,16 @@ export const technique = [ tactics: ['defense-evasion'], }, { - name: 'Modify Existing Service', - id: 'T1031', - reference: 'https://attack.mitre.org/techniques/T1031', - tactics: ['persistence'], + name: 'Modify Authentication Process', + id: 'T1556', + reference: 'https://attack.mitre.org/techniques/T1556', + tactics: ['credential-access', 'defense-evasion'], + }, + { + name: 'Modify Cloud Compute Infrastructure', + id: 'T1578', + reference: 'https://attack.mitre.org/techniques/T1578', + tactics: ['defense-evasion'], }, { name: 'Modify Registry', @@ -1054,10 +850,10 @@ export const technique = [ tactics: ['defense-evasion'], }, { - name: 'Mshta', - id: 'T1170', - reference: 'https://attack.mitre.org/techniques/T1170', - tactics: ['defense-evasion', 'execution'], + name: 'Modify System Image', + id: 'T1601', + reference: 'https://attack.mitre.org/techniques/T1601', + tactics: ['defense-evasion'], }, { name: 'Multi-Stage Channels', @@ -1065,12 +861,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1104', tactics: ['command-and-control'], }, - { - name: 'Multi-hop Proxy', - id: 'T1188', - reference: 'https://attack.mitre.org/techniques/T1188', - tactics: ['command-and-control'], - }, { name: 'Multiband Communication', id: 'T1026', @@ -1078,23 +868,17 @@ export const technique = [ tactics: ['command-and-control'], }, { - name: 'Multilayer Encryption', - id: 'T1079', - reference: 'https://attack.mitre.org/techniques/T1079', - tactics: ['command-and-control'], + name: 'Native API', + id: 'T1106', + reference: 'https://attack.mitre.org/techniques/T1106', + tactics: ['execution'], }, { - name: 'NTFS File Attributes', - id: 'T1096', - reference: 'https://attack.mitre.org/techniques/T1096', + name: 'Network Boundary Bridging', + id: 'T1599', + reference: 'https://attack.mitre.org/techniques/T1599', tactics: ['defense-evasion'], }, - { - name: 'Netsh Helper DLL', - id: 'T1128', - reference: 'https://attack.mitre.org/techniques/T1128', - tactics: ['persistence'], - }, { name: 'Network Denial of Service', id: 'T1498', @@ -1107,12 +891,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1046', tactics: ['discovery'], }, - { - name: 'Network Share Connection Removal', - id: 'T1126', - reference: 'https://attack.mitre.org/techniques/T1126', - tactics: ['defense-evasion'], - }, { name: 'Network Share Discovery', id: 'T1135', @@ -1126,10 +904,22 @@ export const technique = [ tactics: ['credential-access', 'discovery'], }, { - name: 'New Service', - id: 'T1050', - reference: 'https://attack.mitre.org/techniques/T1050', - tactics: ['persistence', 'privilege-escalation'], + name: 'Non-Application Layer Protocol', + id: 'T1095', + reference: 'https://attack.mitre.org/techniques/T1095', + tactics: ['command-and-control'], + }, + { + name: 'Non-Standard Port', + id: 'T1571', + reference: 'https://attack.mitre.org/techniques/T1571', + tactics: ['command-and-control'], + }, + { + name: 'OS Credential Dumping', + id: 'T1003', + reference: 'https://attack.mitre.org/techniques/T1003', + tactics: ['credential-access'], }, { name: 'Obfuscated Files or Information', @@ -1137,36 +927,18 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1027', tactics: ['defense-evasion'], }, + { + name: 'Obtain Capabilities', + id: 'T1588', + reference: 'https://attack.mitre.org/techniques/T1588', + tactics: ['resource-development'], + }, { name: 'Office Application Startup', id: 'T1137', reference: 'https://attack.mitre.org/techniques/T1137', tactics: ['persistence'], }, - { - name: 'Parent PID Spoofing', - id: 'T1502', - reference: 'https://attack.mitre.org/techniques/T1502', - tactics: ['defense-evasion', 'privilege-escalation'], - }, - { - name: 'Pass the Hash', - id: 'T1075', - reference: 'https://attack.mitre.org/techniques/T1075', - tactics: ['lateral-movement'], - }, - { - name: 'Pass the Ticket', - id: 'T1097', - reference: 'https://attack.mitre.org/techniques/T1097', - tactics: ['lateral-movement'], - }, - { - name: 'Password Filter DLL', - id: 'T1174', - reference: 'https://attack.mitre.org/techniques/T1174', - tactics: ['credential-access'], - }, { name: 'Password Policy Discovery', id: 'T1201', @@ -1192,40 +964,22 @@ export const technique = [ tactics: ['discovery'], }, { - name: 'Plist Modification', - id: 'T1150', - reference: 'https://attack.mitre.org/techniques/T1150', - tactics: ['defense-evasion', 'persistence', 'privilege-escalation'], - }, - { - name: 'Port Knocking', - id: 'T1205', - reference: 'https://attack.mitre.org/techniques/T1205', - tactics: ['defense-evasion', 'persistence', 'command-and-control'], - }, - { - name: 'Port Monitors', - id: 'T1013', - reference: 'https://attack.mitre.org/techniques/T1013', - tactics: ['persistence', 'privilege-escalation'], - }, - { - name: 'PowerShell', - id: 'T1086', - reference: 'https://attack.mitre.org/techniques/T1086', - tactics: ['execution'], + name: 'Phishing', + id: 'T1566', + reference: 'https://attack.mitre.org/techniques/T1566', + tactics: ['initial-access'], }, { - name: 'PowerShell Profile', - id: 'T1504', - reference: 'https://attack.mitre.org/techniques/T1504', - tactics: ['persistence', 'privilege-escalation'], + name: 'Phishing for Information', + id: 'T1598', + reference: 'https://attack.mitre.org/techniques/T1598', + tactics: ['reconnaissance'], }, { - name: 'Private Keys', - id: 'T1145', - reference: 'https://attack.mitre.org/techniques/T1145', - tactics: ['credential-access'], + name: 'Pre-OS Boot', + id: 'T1542', + reference: 'https://attack.mitre.org/techniques/T1542', + tactics: ['defense-evasion', 'persistence'], }, { name: 'Process Discovery', @@ -1233,18 +987,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1057', tactics: ['discovery'], }, - { - name: 'Process Doppelgänging', - id: 'T1186', - reference: 'https://attack.mitre.org/techniques/T1186', - tactics: ['defense-evasion'], - }, - { - name: 'Process Hollowing', - id: 'T1093', - reference: 'https://attack.mitre.org/techniques/T1093', - tactics: ['defense-evasion'], - }, { name: 'Process Injection', id: 'T1055', @@ -1252,22 +994,22 @@ export const technique = [ tactics: ['defense-evasion', 'privilege-escalation'], }, { - name: 'Query Registry', - id: 'T1012', - reference: 'https://attack.mitre.org/techniques/T1012', - tactics: ['discovery'], + name: 'Protocol Tunneling', + id: 'T1572', + reference: 'https://attack.mitre.org/techniques/T1572', + tactics: ['command-and-control'], }, { - name: 'Rc.common', - id: 'T1163', - reference: 'https://attack.mitre.org/techniques/T1163', - tactics: ['persistence'], + name: 'Proxy', + id: 'T1090', + reference: 'https://attack.mitre.org/techniques/T1090', + tactics: ['command-and-control'], }, { - name: 'Re-opened Applications', - id: 'T1164', - reference: 'https://attack.mitre.org/techniques/T1164', - tactics: ['persistence'], + name: 'Query Registry', + id: 'T1012', + reference: 'https://attack.mitre.org/techniques/T1012', + tactics: ['discovery'], }, { name: 'Redundant Access', @@ -1276,41 +1018,17 @@ export const technique = [ tactics: ['defense-evasion', 'persistence'], }, { - name: 'Registry Run Keys / Startup Folder', - id: 'T1060', - reference: 'https://attack.mitre.org/techniques/T1060', - tactics: ['persistence'], - }, - { - name: 'Regsvcs/Regasm', - id: 'T1121', - reference: 'https://attack.mitre.org/techniques/T1121', - tactics: ['defense-evasion', 'execution'], - }, - { - name: 'Regsvr32', - id: 'T1117', - reference: 'https://attack.mitre.org/techniques/T1117', - tactics: ['defense-evasion', 'execution'], - }, - { - name: 'Remote Access Tools', + name: 'Remote Access Software', id: 'T1219', reference: 'https://attack.mitre.org/techniques/T1219', tactics: ['command-and-control'], }, { - name: 'Remote Desktop Protocol', - id: 'T1076', - reference: 'https://attack.mitre.org/techniques/T1076', + name: 'Remote Service Session Hijacking', + id: 'T1563', + reference: 'https://attack.mitre.org/techniques/T1563', tactics: ['lateral-movement'], }, - { - name: 'Remote File Copy', - id: 'T1105', - reference: 'https://attack.mitre.org/techniques/T1105', - tactics: ['command-and-control', 'lateral-movement'], - }, { name: 'Remote Services', id: 'T1021', @@ -1336,9 +1054,9 @@ export const technique = [ tactics: ['impact'], }, { - name: 'Revert Cloud Instance', - id: 'T1536', - reference: 'https://attack.mitre.org/techniques/T1536', + name: 'Rogue Domain Controller', + id: 'T1207', + reference: 'https://attack.mitre.org/techniques/T1207', tactics: ['defense-evasion'], }, { @@ -1348,37 +1066,7 @@ export const technique = [ tactics: ['defense-evasion'], }, { - name: 'Rundll32', - id: 'T1085', - reference: 'https://attack.mitre.org/techniques/T1085', - tactics: ['defense-evasion', 'execution'], - }, - { - name: 'Runtime Data Manipulation', - id: 'T1494', - reference: 'https://attack.mitre.org/techniques/T1494', - tactics: ['impact'], - }, - { - name: 'SID-History Injection', - id: 'T1178', - reference: 'https://attack.mitre.org/techniques/T1178', - tactics: ['privilege-escalation'], - }, - { - name: 'SIP and Trust Provider Hijacking', - id: 'T1198', - reference: 'https://attack.mitre.org/techniques/T1198', - tactics: ['defense-evasion', 'persistence'], - }, - { - name: 'SSH Hijacking', - id: 'T1184', - reference: 'https://attack.mitre.org/techniques/T1184', - tactics: ['lateral-movement'], - }, - { - name: 'Scheduled Task', + name: 'Scheduled Task/Job', id: 'T1053', reference: 'https://attack.mitre.org/techniques/T1053', tactics: ['execution', 'persistence', 'privilege-escalation'], @@ -1395,12 +1083,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1113', tactics: ['collection'], }, - { - name: 'Screensaver', - id: 'T1180', - reference: 'https://attack.mitre.org/techniques/T1180', - tactics: ['persistence'], - }, { name: 'Scripting', id: 'T1064', @@ -1408,22 +1090,28 @@ export const technique = [ tactics: ['defense-evasion', 'execution'], }, { - name: 'Security Software Discovery', - id: 'T1063', - reference: 'https://attack.mitre.org/techniques/T1063', - tactics: ['discovery'], + name: 'Search Closed Sources', + id: 'T1597', + reference: 'https://attack.mitre.org/techniques/T1597', + tactics: ['reconnaissance'], }, { - name: 'Security Support Provider', - id: 'T1101', - reference: 'https://attack.mitre.org/techniques/T1101', - tactics: ['persistence'], + name: 'Search Open Technical Databases', + id: 'T1596', + reference: 'https://attack.mitre.org/techniques/T1596', + tactics: ['reconnaissance'], }, { - name: 'Securityd Memory', - id: 'T1167', - reference: 'https://attack.mitre.org/techniques/T1167', - tactics: ['credential-access'], + name: 'Search Open Websites/Domains', + id: 'T1593', + reference: 'https://attack.mitre.org/techniques/T1593', + tactics: ['reconnaissance'], + }, + { + name: 'Search Victim-Owned Websites', + id: 'T1594', + reference: 'https://attack.mitre.org/techniques/T1594', + tactics: ['reconnaissance'], }, { name: 'Server Software Component', @@ -1431,18 +1119,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1505', tactics: ['persistence'], }, - { - name: 'Service Execution', - id: 'T1035', - reference: 'https://attack.mitre.org/techniques/T1035', - tactics: ['execution'], - }, - { - name: 'Service Registry Permissions Weakness', - id: 'T1058', - reference: 'https://attack.mitre.org/techniques/T1058', - tactics: ['persistence', 'privilege-escalation'], - }, { name: 'Service Stop', id: 'T1489', @@ -1450,10 +1126,10 @@ export const technique = [ tactics: ['impact'], }, { - name: 'Setuid and Setgid', - id: 'T1166', - reference: 'https://attack.mitre.org/techniques/T1166', - tactics: ['privilege-escalation', 'persistence'], + name: 'Shared Modules', + id: 'T1129', + reference: 'https://attack.mitre.org/techniques/T1129', + tactics: ['execution'], }, { name: 'Shared Webroot', @@ -1461,23 +1137,23 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1051', tactics: ['lateral-movement'], }, - { - name: 'Shortcut Modification', - id: 'T1023', - reference: 'https://attack.mitre.org/techniques/T1023', - tactics: ['persistence'], - }, { name: 'Signed Binary Proxy Execution', id: 'T1218', reference: 'https://attack.mitre.org/techniques/T1218', - tactics: ['defense-evasion', 'execution'], + tactics: ['defense-evasion'], }, { name: 'Signed Script Proxy Execution', id: 'T1216', reference: 'https://attack.mitre.org/techniques/T1216', - tactics: ['defense-evasion', 'execution'], + tactics: ['defense-evasion'], + }, + { + name: 'Software Deployment Tools', + id: 'T1072', + reference: 'https://attack.mitre.org/techniques/T1072', + tactics: ['execution', 'lateral-movement'], }, { name: 'Software Discovery', @@ -1485,12 +1161,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1518', tactics: ['discovery'], }, - { - name: 'Software Packing', - id: 'T1045', - reference: 'https://attack.mitre.org/techniques/T1045', - tactics: ['defense-evasion'], - }, { name: 'Source', id: 'T1153', @@ -1498,95 +1168,35 @@ export const technique = [ tactics: ['execution'], }, { - name: 'Space after Filename', - id: 'T1151', - reference: 'https://attack.mitre.org/techniques/T1151', - tactics: ['defense-evasion', 'execution'], + name: 'Steal Application Access Token', + id: 'T1528', + reference: 'https://attack.mitre.org/techniques/T1528', + tactics: ['credential-access'], }, { - name: 'Spearphishing Attachment', - id: 'T1193', - reference: 'https://attack.mitre.org/techniques/T1193', - tactics: ['initial-access'], + name: 'Steal Web Session Cookie', + id: 'T1539', + reference: 'https://attack.mitre.org/techniques/T1539', + tactics: ['credential-access'], }, { - name: 'Spearphishing Link', - id: 'T1192', - reference: 'https://attack.mitre.org/techniques/T1192', - tactics: ['initial-access'], + name: 'Steal or Forge Kerberos Tickets', + id: 'T1558', + reference: 'https://attack.mitre.org/techniques/T1558', + tactics: ['credential-access'], }, { - name: 'Spearphishing via Service', - id: 'T1194', - reference: 'https://attack.mitre.org/techniques/T1194', + name: 'Subvert Trust Controls', + id: 'T1553', + reference: 'https://attack.mitre.org/techniques/T1553', + tactics: ['defense-evasion'], + }, + { + name: 'Supply Chain Compromise', + id: 'T1195', + reference: 'https://attack.mitre.org/techniques/T1195', tactics: ['initial-access'], }, - { - name: 'Standard Application Layer Protocol', - id: 'T1071', - reference: 'https://attack.mitre.org/techniques/T1071', - tactics: ['command-and-control'], - }, - { - name: 'Standard Cryptographic Protocol', - id: 'T1032', - reference: 'https://attack.mitre.org/techniques/T1032', - tactics: ['command-and-control'], - }, - { - name: 'Standard Non-Application Layer Protocol', - id: 'T1095', - reference: 'https://attack.mitre.org/techniques/T1095', - tactics: ['command-and-control'], - }, - { - name: 'Startup Items', - id: 'T1165', - reference: 'https://attack.mitre.org/techniques/T1165', - tactics: ['persistence', 'privilege-escalation'], - }, - { - name: 'Steal Application Access Token', - id: 'T1528', - reference: 'https://attack.mitre.org/techniques/T1528', - tactics: ['credential-access'], - }, - { - name: 'Steal Web Session Cookie', - id: 'T1539', - reference: 'https://attack.mitre.org/techniques/T1539', - tactics: ['credential-access'], - }, - { - name: 'Stored Data Manipulation', - id: 'T1492', - reference: 'https://attack.mitre.org/techniques/T1492', - tactics: ['impact'], - }, - { - name: 'Sudo', - id: 'T1169', - reference: 'https://attack.mitre.org/techniques/T1169', - tactics: ['privilege-escalation'], - }, - { - name: 'Sudo Caching', - id: 'T1206', - reference: 'https://attack.mitre.org/techniques/T1206', - tactics: ['privilege-escalation'], - }, - { - name: 'Supply Chain Compromise', - id: 'T1195', - reference: 'https://attack.mitre.org/techniques/T1195', - tactics: ['initial-access'], - }, - { - name: 'System Firmware', - id: 'T1019', - reference: 'https://attack.mitre.org/techniques/T1019', - tactics: ['persistence'], - }, { name: 'System Information Discovery', id: 'T1082', @@ -1617,6 +1227,12 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1007', tactics: ['discovery'], }, + { + name: 'System Services', + id: 'T1569', + reference: 'https://attack.mitre.org/techniques/T1569', + tactics: ['execution'], + }, { name: 'System Shutdown/Reboot', id: 'T1529', @@ -1629,12 +1245,6 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1124', tactics: ['discovery'], }, - { - name: 'Systemd Service', - id: 'T1501', - reference: 'https://attack.mitre.org/techniques/T1501', - tactics: ['persistence'], - }, { name: 'Taint Shared Content', id: 'T1080', @@ -1648,22 +1258,10 @@ export const technique = [ tactics: ['defense-evasion'], }, { - name: 'Third-party Software', - id: 'T1072', - reference: 'https://attack.mitre.org/techniques/T1072', - tactics: ['execution', 'lateral-movement'], - }, - { - name: 'Time Providers', - id: 'T1209', - reference: 'https://attack.mitre.org/techniques/T1209', - tactics: ['persistence'], - }, - { - name: 'Timestomp', - id: 'T1099', - reference: 'https://attack.mitre.org/techniques/T1099', - tactics: ['defense-evasion'], + name: 'Traffic Signaling', + id: 'T1205', + reference: 'https://attack.mitre.org/techniques/T1205', + tactics: ['defense-evasion', 'persistence', 'command-and-control'], }, { name: 'Transfer Data to Cloud Account', @@ -1672,22 +1270,10 @@ export const technique = [ tactics: ['exfiltration'], }, { - name: 'Transmitted Data Manipulation', - id: 'T1493', - reference: 'https://attack.mitre.org/techniques/T1493', - tactics: ['impact'], - }, - { - name: 'Trap', - id: 'T1154', - reference: 'https://attack.mitre.org/techniques/T1154', - tactics: ['execution', 'persistence'], - }, - { - name: 'Trusted Developer Utilities', + name: 'Trusted Developer Utilities Proxy Execution', id: 'T1127', reference: 'https://attack.mitre.org/techniques/T1127', - tactics: ['defense-evasion', 'execution'], + tactics: ['defense-evasion'], }, { name: 'Trusted Relationship', @@ -1702,10 +1288,10 @@ export const technique = [ tactics: ['credential-access'], }, { - name: 'Uncommonly Used Port', - id: 'T1065', - reference: 'https://attack.mitre.org/techniques/T1065', - tactics: ['command-and-control'], + name: 'Unsecured Credentials', + id: 'T1552', + reference: 'https://attack.mitre.org/techniques/T1552', + tactics: ['credential-access'], }, { name: 'Unused/Unsupported Cloud Regions', @@ -1713,6 +1299,12 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1535', tactics: ['defense-evasion'], }, + { + name: 'Use Alternate Authentication Material', + id: 'T1550', + reference: 'https://attack.mitre.org/techniques/T1550', + tactics: ['defense-evasion', 'lateral-movement'], + }, { name: 'User Execution', id: 'T1204', @@ -1737,29 +1329,17 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1497', tactics: ['defense-evasion', 'discovery'], }, + { + name: 'Weaken Encryption', + id: 'T1600', + reference: 'https://attack.mitre.org/techniques/T1600', + tactics: ['defense-evasion'], + }, { name: 'Web Service', id: 'T1102', reference: 'https://attack.mitre.org/techniques/T1102', - tactics: ['command-and-control', 'defense-evasion'], - }, - { - name: 'Web Session Cookie', - id: 'T1506', - reference: 'https://attack.mitre.org/techniques/T1506', - tactics: ['defense-evasion', 'lateral-movement'], - }, - { - name: 'Web Shell', - id: 'T1100', - reference: 'https://attack.mitre.org/techniques/T1100', - tactics: ['persistence', 'privilege-escalation'], - }, - { - name: 'Windows Admin Shares', - id: 'T1077', - reference: 'https://attack.mitre.org/techniques/T1077', - tactics: ['lateral-movement'], + tactics: ['command-and-control'], }, { name: 'Windows Management Instrumentation', @@ -1767,43 +1347,25 @@ export const technique = [ reference: 'https://attack.mitre.org/techniques/T1047', tactics: ['execution'], }, - { - name: 'Windows Management Instrumentation Event Subscription', - id: 'T1084', - reference: 'https://attack.mitre.org/techniques/T1084', - tactics: ['persistence'], - }, - { - name: 'Windows Remote Management', - id: 'T1028', - reference: 'https://attack.mitre.org/techniques/T1028', - tactics: ['execution', 'lateral-movement'], - }, - { - name: 'Winlogon Helper DLL', - id: 'T1004', - reference: 'https://attack.mitre.org/techniques/T1004', - tactics: ['persistence'], - }, { name: 'XSL Script Processing', id: 'T1220', reference: 'https://attack.mitre.org/techniques/T1220', - tactics: ['defense-evasion', 'execution'], + tactics: ['defense-evasion'], }, ]; export const techniquesOptions: MitreTechniquesOptions[] = [ { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.bashProfileAndBashrcDescription', - { defaultMessage: '.bash_profile and .bashrc (T1156)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.abuseElevationControlMechanismDescription', + { defaultMessage: 'Abuse Elevation Control Mechanism (T1548)' } ), - id: 'T1156', - name: '.bash_profile and .bashrc', - reference: 'https://attack.mitre.org/techniques/T1156', - tactics: 'persistence', - value: 'bashProfileAndBashrc', + id: 'T1548', + name: 'Abuse Elevation Control Mechanism', + reference: 'https://attack.mitre.org/techniques/T1548', + tactics: 'privilege-escalation,defense-evasion', + value: 'abuseElevationControlMechanism', }, { label: i18n.translate( @@ -1816,17 +1378,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'defense-evasion,privilege-escalation', value: 'accessTokenManipulation', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.accessibilityFeaturesDescription', - { defaultMessage: 'Accessibility Features (T1015)' } - ), - id: 'T1015', - name: 'Accessibility Features', - reference: 'https://attack.mitre.org/techniques/T1015', - tactics: 'persistence,privilege-escalation', - value: 'accessibilityFeatures', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.accountAccessRemovalDescription', @@ -1857,74 +1408,41 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ id: 'T1098', name: 'Account Manipulation', reference: 'https://attack.mitre.org/techniques/T1098', - tactics: 'credential-access,persistence', + tactics: 'persistence', value: 'accountManipulation', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.appCertDlLsDescription', - { defaultMessage: 'AppCert DLLs (T1182)' } - ), - id: 'T1182', - name: 'AppCert DLLs', - reference: 'https://attack.mitre.org/techniques/T1182', - tactics: 'persistence,privilege-escalation', - value: 'appCertDlLs', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.appInitDlLsDescription', - { defaultMessage: 'AppInit DLLs (T1103)' } - ), - id: 'T1103', - name: 'AppInit DLLs', - reference: 'https://attack.mitre.org/techniques/T1103', - tactics: 'persistence,privilege-escalation', - value: 'appInitDlLs', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.appleScriptDescription', - { defaultMessage: 'AppleScript (T1155)' } - ), - id: 'T1155', - name: 'AppleScript', - reference: 'https://attack.mitre.org/techniques/T1155', - tactics: 'execution,lateral-movement', - value: 'appleScript', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationAccessTokenDescription', - { defaultMessage: 'Application Access Token (T1527)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.acquireInfrastructureDescription', + { defaultMessage: 'Acquire Infrastructure (T1583)' } ), - id: 'T1527', - name: 'Application Access Token', - reference: 'https://attack.mitre.org/techniques/T1527', - tactics: 'defense-evasion,lateral-movement', - value: 'applicationAccessToken', + id: 'T1583', + name: 'Acquire Infrastructure', + reference: 'https://attack.mitre.org/techniques/T1583', + tactics: 'resource-development', + value: 'acquireInfrastructure', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationDeploymentSoftwareDescription', - { defaultMessage: 'Application Deployment Software (T1017)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.activeScanningDescription', + { defaultMessage: 'Active Scanning (T1595)' } ), - id: 'T1017', - name: 'Application Deployment Software', - reference: 'https://attack.mitre.org/techniques/T1017', - tactics: 'lateral-movement', - value: 'applicationDeploymentSoftware', + id: 'T1595', + name: 'Active Scanning', + reference: 'https://attack.mitre.org/techniques/T1595', + tactics: 'reconnaissance', + value: 'activeScanning', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationShimmingDescription', - { defaultMessage: 'Application Shimming (T1138)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationLayerProtocolDescription', + { defaultMessage: 'Application Layer Protocol (T1071)' } ), - id: 'T1138', - name: 'Application Shimming', - reference: 'https://attack.mitre.org/techniques/T1138', - tactics: 'persistence,privilege-escalation', - value: 'applicationShimming', + id: 'T1071', + name: 'Application Layer Protocol', + reference: 'https://attack.mitre.org/techniques/T1071', + tactics: 'command-and-control', + value: 'applicationLayerProtocol', }, { label: i18n.translate( @@ -1937,6 +1455,17 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'discovery', value: 'applicationWindowDiscovery', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.archiveCollectedDataDescription', + { defaultMessage: 'Archive Collected Data (T1560)' } + ), + id: 'T1560', + name: 'Archive Collected Data', + reference: 'https://attack.mitre.org/techniques/T1560', + tactics: 'collection', + value: 'archiveCollectedData', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.audioCaptureDescription', @@ -1948,17 +1477,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'collection', value: 'audioCapture', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.authenticationPackageDescription', - { defaultMessage: 'Authentication Package (T1131)' } - ), - id: 'T1131', - name: 'Authentication Package', - reference: 'https://attack.mitre.org/techniques/T1131', - tactics: 'persistence', - value: 'authenticationPackage', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.automatedCollectionDescription', @@ -1994,36 +1512,25 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.bashHistoryDescription', - { defaultMessage: 'Bash History (T1139)' } - ), - id: 'T1139', - name: 'Bash History', - reference: 'https://attack.mitre.org/techniques/T1139', - tactics: 'credential-access', - value: 'bashHistory', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.binaryPaddingDescription', - { defaultMessage: 'Binary Padding (T1009)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.bootOrLogonAutostartExecutionDescription', + { defaultMessage: 'Boot or Logon Autostart Execution (T1547)' } ), - id: 'T1009', - name: 'Binary Padding', - reference: 'https://attack.mitre.org/techniques/T1009', - tactics: 'defense-evasion', - value: 'binaryPadding', + id: 'T1547', + name: 'Boot or Logon Autostart Execution', + reference: 'https://attack.mitre.org/techniques/T1547', + tactics: 'persistence,privilege-escalation', + value: 'bootOrLogonAutostartExecution', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.bootkitDescription', - { defaultMessage: 'Bootkit (T1067)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.bootOrLogonInitializationScriptsDescription', + { defaultMessage: 'Boot or Logon Initialization Scripts (T1037)' } ), - id: 'T1067', - name: 'Bootkit', - reference: 'https://attack.mitre.org/techniques/T1067', - tactics: 'persistence', - value: 'bootkit', + id: 'T1037', + name: 'Boot or Logon Initialization Scripts', + reference: 'https://attack.mitre.org/techniques/T1037', + tactics: 'persistence,privilege-escalation', + value: 'bootOrLogonInitializationScripts', }, { label: i18n.translate( @@ -2058,50 +1565,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'credential-access', value: 'bruteForce', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.bypassUserAccountControlDescription', - { defaultMessage: 'Bypass User Account Control (T1088)' } - ), - id: 'T1088', - name: 'Bypass User Account Control', - reference: 'https://attack.mitre.org/techniques/T1088', - tactics: 'defense-evasion,privilege-escalation', - value: 'bypassUserAccountControl', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.cmstpDescription', - { defaultMessage: 'CMSTP (T1191)' } - ), - id: 'T1191', - name: 'CMSTP', - reference: 'https://attack.mitre.org/techniques/T1191', - tactics: 'defense-evasion,execution', - value: 'cmstp', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.changeDefaultFileAssociationDescription', - { defaultMessage: 'Change Default File Association (T1042)' } - ), - id: 'T1042', - name: 'Change Default File Association', - reference: 'https://attack.mitre.org/techniques/T1042', - tactics: 'persistence', - value: 'changeDefaultFileAssociation', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.clearCommandHistoryDescription', - { defaultMessage: 'Clear Command History (T1146)' } - ), - id: 'T1146', - name: 'Clear Command History', - reference: 'https://attack.mitre.org/techniques/T1146', - tactics: 'defense-evasion', - value: 'clearCommandHistory', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.clipboardDataDescription', @@ -2115,14 +1578,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.cloudInstanceMetadataApiDescription', - { defaultMessage: 'Cloud Instance Metadata API (T1522)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.cloudInfrastructureDiscoveryDescription', + { defaultMessage: 'Cloud Infrastructure Discovery (T1580)' } ), - id: 'T1522', - name: 'Cloud Instance Metadata API', - reference: 'https://attack.mitre.org/techniques/T1522', - tactics: 'credential-access', - value: 'cloudInstanceMetadataApi', + id: 'T1580', + name: 'Cloud Infrastructure Discovery', + reference: 'https://attack.mitre.org/techniques/T1580', + tactics: 'discovery', + value: 'cloudInfrastructureDiscovery', }, { label: i18n.translate( @@ -2148,25 +1611,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.codeSigningDescription', - { defaultMessage: 'Code Signing (T1116)' } - ), - id: 'T1116', - name: 'Code Signing', - reference: 'https://attack.mitre.org/techniques/T1116', - tactics: 'defense-evasion', - value: 'codeSigning', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.commandLineInterfaceDescription', - { defaultMessage: 'Command-Line Interface (T1059)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.commandAndScriptingInterpreterDescription', + { defaultMessage: 'Command and Scripting Interpreter (T1059)' } ), id: 'T1059', - name: 'Command-Line Interface', + name: 'Command and Scripting Interpreter', reference: 'https://attack.mitre.org/techniques/T1059', tactics: 'execution', - value: 'commandLineInterface', + value: 'commandAndScriptingInterpreter', }, { label: i18n.translate( @@ -2192,201 +1644,80 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.compileAfterDeliveryDescription', - { defaultMessage: 'Compile After Delivery (T1500)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentObjectModelAndDistributedComDescription', + { defaultMessage: 'Component Object Model and Distributed COM (T1175)' } ), - id: 'T1500', - name: 'Compile After Delivery', - reference: 'https://attack.mitre.org/techniques/T1500', - tactics: 'defense-evasion', - value: 'compileAfterDelivery', + id: 'T1175', + name: 'Component Object Model and Distributed COM', + reference: 'https://attack.mitre.org/techniques/T1175', + tactics: 'lateral-movement,execution', + value: 'componentObjectModelAndDistributedCom', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.compiledHtmlFileDescription', - { defaultMessage: 'Compiled HTML File (T1223)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.compromiseAccountsDescription', + { defaultMessage: 'Compromise Accounts (T1586)' } ), - id: 'T1223', - name: 'Compiled HTML File', - reference: 'https://attack.mitre.org/techniques/T1223', - tactics: 'defense-evasion,execution', - value: 'compiledHtmlFile', + id: 'T1586', + name: 'Compromise Accounts', + reference: 'https://attack.mitre.org/techniques/T1586', + tactics: 'resource-development', + value: 'compromiseAccounts', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentFirmwareDescription', - { defaultMessage: 'Component Firmware (T1109)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.compromiseClientSoftwareBinaryDescription', + { defaultMessage: 'Compromise Client Software Binary (T1554)' } ), - id: 'T1109', - name: 'Component Firmware', - reference: 'https://attack.mitre.org/techniques/T1109', - tactics: 'defense-evasion,persistence', - value: 'componentFirmware', + id: 'T1554', + name: 'Compromise Client Software Binary', + reference: 'https://attack.mitre.org/techniques/T1554', + tactics: 'persistence', + value: 'compromiseClientSoftwareBinary', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentObjectModelHijackingDescription', - { defaultMessage: 'Component Object Model Hijacking (T1122)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.compromiseInfrastructureDescription', + { defaultMessage: 'Compromise Infrastructure (T1584)' } ), - id: 'T1122', - name: 'Component Object Model Hijacking', - reference: 'https://attack.mitre.org/techniques/T1122', - tactics: 'defense-evasion,persistence', - value: 'componentObjectModelHijacking', + id: 'T1584', + name: 'Compromise Infrastructure', + reference: 'https://attack.mitre.org/techniques/T1584', + tactics: 'resource-development', + value: 'compromiseInfrastructure', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentObjectModelAndDistributedComDescription', - { defaultMessage: 'Component Object Model and Distributed COM (T1175)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.createAccountDescription', + { defaultMessage: 'Create Account (T1136)' } ), - id: 'T1175', - name: 'Component Object Model and Distributed COM', - reference: 'https://attack.mitre.org/techniques/T1175', - tactics: 'lateral-movement,execution', - value: 'componentObjectModelAndDistributedCom', + id: 'T1136', + name: 'Create Account', + reference: 'https://attack.mitre.org/techniques/T1136', + tactics: 'persistence', + value: 'createAccount', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.connectionProxyDescription', - { defaultMessage: 'Connection Proxy (T1090)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.createOrModifySystemProcessDescription', + { defaultMessage: 'Create or Modify System Process (T1543)' } ), - id: 'T1090', - name: 'Connection Proxy', - reference: 'https://attack.mitre.org/techniques/T1090', - tactics: 'command-and-control,defense-evasion', - value: 'connectionProxy', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.controlPanelItemsDescription', - { defaultMessage: 'Control Panel Items (T1196)' } - ), - id: 'T1196', - name: 'Control Panel Items', - reference: 'https://attack.mitre.org/techniques/T1196', - tactics: 'defense-evasion,execution', - value: 'controlPanelItems', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.createAccountDescription', - { defaultMessage: 'Create Account (T1136)' } - ), - id: 'T1136', - name: 'Create Account', - reference: 'https://attack.mitre.org/techniques/T1136', - tactics: 'persistence', - value: 'createAccount', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialDumpingDescription', - { defaultMessage: 'Credential Dumping (T1003)' } - ), - id: 'T1003', - name: 'Credential Dumping', - reference: 'https://attack.mitre.org/techniques/T1003', - tactics: 'credential-access', - value: 'credentialDumping', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsFromWebBrowsersDescription', - { defaultMessage: 'Credentials from Web Browsers (T1503)' } - ), - id: 'T1503', - name: 'Credentials from Web Browsers', - reference: 'https://attack.mitre.org/techniques/T1503', - tactics: 'credential-access', - value: 'credentialsFromWebBrowsers', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsInFilesDescription', - { defaultMessage: 'Credentials in Files (T1081)' } - ), - id: 'T1081', - name: 'Credentials in Files', - reference: 'https://attack.mitre.org/techniques/T1081', - tactics: 'credential-access', - value: 'credentialsInFiles', + id: 'T1543', + name: 'Create or Modify System Process', + reference: 'https://attack.mitre.org/techniques/T1543', + tactics: 'persistence,privilege-escalation', + value: 'createOrModifySystemProcess', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsInRegistryDescription', - { defaultMessage: 'Credentials in Registry (T1214)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsFromPasswordStoresDescription', + { defaultMessage: 'Credentials from Password Stores (T1555)' } ), - id: 'T1214', - name: 'Credentials in Registry', - reference: 'https://attack.mitre.org/techniques/T1214', + id: 'T1555', + name: 'Credentials from Password Stores', + reference: 'https://attack.mitre.org/techniques/T1555', tactics: 'credential-access', - value: 'credentialsInRegistry', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.customCommandAndControlProtocolDescription', - { defaultMessage: 'Custom Command and Control Protocol (T1094)' } - ), - id: 'T1094', - name: 'Custom Command and Control Protocol', - reference: 'https://attack.mitre.org/techniques/T1094', - tactics: 'command-and-control', - value: 'customCommandAndControlProtocol', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.customCryptographicProtocolDescription', - { defaultMessage: 'Custom Cryptographic Protocol (T1024)' } - ), - id: 'T1024', - name: 'Custom Cryptographic Protocol', - reference: 'https://attack.mitre.org/techniques/T1024', - tactics: 'command-and-control', - value: 'customCryptographicProtocol', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dcShadowDescription', - { defaultMessage: 'DCShadow (T1207)' } - ), - id: 'T1207', - name: 'DCShadow', - reference: 'https://attack.mitre.org/techniques/T1207', - tactics: 'defense-evasion', - value: 'dcShadow', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dllSearchOrderHijackingDescription', - { defaultMessage: 'DLL Search Order Hijacking (T1038)' } - ), - id: 'T1038', - name: 'DLL Search Order Hijacking', - reference: 'https://attack.mitre.org/techniques/T1038', - tactics: 'persistence,privilege-escalation,defense-evasion', - value: 'dllSearchOrderHijacking', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dllSideLoadingDescription', - { defaultMessage: 'DLL Side-Loading (T1073)' } - ), - id: 'T1073', - name: 'DLL Side-Loading', - reference: 'https://attack.mitre.org/techniques/T1073', - tactics: 'defense-evasion', - value: 'dllSideLoading', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataCompressedDescription', - { defaultMessage: 'Data Compressed (T1002)' } - ), - id: 'T1002', - name: 'Data Compressed', - reference: 'https://attack.mitre.org/techniques/T1002', - tactics: 'exfiltration', - value: 'dataCompressed', + value: 'credentialsFromPasswordStores', }, { label: i18n.translate( @@ -2410,17 +1741,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'command-and-control', value: 'dataEncoding', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataEncryptedDescription', - { defaultMessage: 'Data Encrypted (T1022)' } - ), - id: 'T1022', - name: 'Data Encrypted', - reference: 'https://attack.mitre.org/techniques/T1022', - tactics: 'exfiltration', - value: 'dataEncrypted', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataEncryptedForImpactDescription', @@ -2432,6 +1752,17 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'impact', value: 'dataEncryptedForImpact', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataManipulationDescription', + { defaultMessage: 'Data Manipulation (T1565)' } + ), + id: 'T1565', + name: 'Data Manipulation', + reference: 'https://attack.mitre.org/techniques/T1565', + tactics: 'impact', + value: 'dataManipulation', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataObfuscationDescription', @@ -2476,6 +1807,17 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'collection', value: 'dataFromCloudStorageObject', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataFromConfigurationRepositoryDescription', + { defaultMessage: 'Data from Configuration Repository (T1602)' } + ), + id: 'T1602', + name: 'Data from Configuration Repository', + reference: 'https://attack.mitre.org/techniques/T1602', + tactics: 'collection', + value: 'dataFromConfigurationRepository', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataFromInformationRepositoriesDescription', @@ -2544,58 +1886,36 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.disablingSecurityToolsDescription', - { defaultMessage: 'Disabling Security Tools (T1089)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.developCapabilitiesDescription', + { defaultMessage: 'Develop Capabilities (T1587)' } ), - id: 'T1089', - name: 'Disabling Security Tools', - reference: 'https://attack.mitre.org/techniques/T1089', - tactics: 'defense-evasion', - value: 'disablingSecurityTools', + id: 'T1587', + name: 'Develop Capabilities', + reference: 'https://attack.mitre.org/techniques/T1587', + tactics: 'resource-development', + value: 'developCapabilities', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.diskContentWipeDescription', - { defaultMessage: 'Disk Content Wipe (T1488)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.directVolumeAccessDescription', + { defaultMessage: 'Direct Volume Access (T1006)' } ), - id: 'T1488', - name: 'Disk Content Wipe', - reference: 'https://attack.mitre.org/techniques/T1488', - tactics: 'impact', - value: 'diskContentWipe', + id: 'T1006', + name: 'Direct Volume Access', + reference: 'https://attack.mitre.org/techniques/T1006', + tactics: 'defense-evasion', + value: 'directVolumeAccess', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.diskStructureWipeDescription', - { defaultMessage: 'Disk Structure Wipe (T1487)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.diskWipeDescription', + { defaultMessage: 'Disk Wipe (T1561)' } ), - id: 'T1487', - name: 'Disk Structure Wipe', - reference: 'https://attack.mitre.org/techniques/T1487', + id: 'T1561', + name: 'Disk Wipe', + reference: 'https://attack.mitre.org/techniques/T1561', tactics: 'impact', - value: 'diskStructureWipe', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.domainFrontingDescription', - { defaultMessage: 'Domain Fronting (T1172)' } - ), - id: 'T1172', - name: 'Domain Fronting', - reference: 'https://attack.mitre.org/techniques/T1172', - tactics: 'command-and-control', - value: 'domainFronting', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.domainGenerationAlgorithmsDescription', - { defaultMessage: 'Domain Generation Algorithms (T1483)' } - ), - id: 'T1483', - name: 'Domain Generation Algorithms', - reference: 'https://attack.mitre.org/techniques/T1483', - tactics: 'command-and-control', - value: 'domainGenerationAlgorithms', + value: 'diskWipe', }, { label: i18n.translate( @@ -2621,36 +1941,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dylibHijackingDescription', - { defaultMessage: 'Dylib Hijacking (T1157)' } - ), - id: 'T1157', - name: 'Dylib Hijacking', - reference: 'https://attack.mitre.org/techniques/T1157', - tactics: 'persistence,privilege-escalation', - value: 'dylibHijacking', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dynamicDataExchangeDescription', - { defaultMessage: 'Dynamic Data Exchange (T1173)' } - ), - id: 'T1173', - name: 'Dynamic Data Exchange', - reference: 'https://attack.mitre.org/techniques/T1173', - tactics: 'execution', - value: 'dynamicDataExchange', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.elevatedExecutionWithPromptDescription', - { defaultMessage: 'Elevated Execution with Prompt (T1514)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.dynamicResolutionDescription', + { defaultMessage: 'Dynamic Resolution (T1568)' } ), - id: 'T1514', - name: 'Elevated Execution with Prompt', - reference: 'https://attack.mitre.org/techniques/T1514', - tactics: 'privilege-escalation', - value: 'elevatedExecutionWithPrompt', + id: 'T1568', + name: 'Dynamic Resolution', + reference: 'https://attack.mitre.org/techniques/T1568', + tactics: 'command-and-control', + value: 'dynamicResolution', }, { label: i18n.translate( @@ -2665,14 +1963,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.emondDescription', - { defaultMessage: 'Emond (T1519)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.encryptedChannelDescription', + { defaultMessage: 'Encrypted Channel (T1573)' } ), - id: 'T1519', - name: 'Emond', - reference: 'https://attack.mitre.org/techniques/T1519', - tactics: 'persistence,privilege-escalation', - value: 'emond', + id: 'T1573', + name: 'Encrypted Channel', + reference: 'https://attack.mitre.org/techniques/T1573', + tactics: 'command-and-control', + value: 'encryptedChannel', }, { label: i18n.translate( @@ -2687,36 +1985,36 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionGuardrailsDescription', - { defaultMessage: 'Execution Guardrails (T1480)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.establishAccountsDescription', + { defaultMessage: 'Establish Accounts (T1585)' } ), - id: 'T1480', - name: 'Execution Guardrails', - reference: 'https://attack.mitre.org/techniques/T1480', - tactics: 'defense-evasion', - value: 'executionGuardrails', + id: 'T1585', + name: 'Establish Accounts', + reference: 'https://attack.mitre.org/techniques/T1585', + tactics: 'resource-development', + value: 'establishAccounts', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionThroughApiDescription', - { defaultMessage: 'Execution through API (T1106)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.eventTriggeredExecutionDescription', + { defaultMessage: 'Event Triggered Execution (T1546)' } ), - id: 'T1106', - name: 'Execution through API', - reference: 'https://attack.mitre.org/techniques/T1106', - tactics: 'execution', - value: 'executionThroughApi', + id: 'T1546', + name: 'Event Triggered Execution', + reference: 'https://attack.mitre.org/techniques/T1546', + tactics: 'privilege-escalation,persistence', + value: 'eventTriggeredExecution', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionThroughModuleLoadDescription', - { defaultMessage: 'Execution through Module Load (T1129)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionGuardrailsDescription', + { defaultMessage: 'Execution Guardrails (T1480)' } ), - id: 'T1129', - name: 'Execution through Module Load', - reference: 'https://attack.mitre.org/techniques/T1129', - tactics: 'execution', - value: 'executionThroughModuleLoad', + id: 'T1480', + name: 'Execution Guardrails', + reference: 'https://attack.mitre.org/techniques/T1480', + tactics: 'defense-evasion', + value: 'executionGuardrails', }, { label: i18n.translate( @@ -2731,14 +2029,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverCommandAndControlChannelDescription', - { defaultMessage: 'Exfiltration Over Command and Control Channel (T1041)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverC2ChannelDescription', + { defaultMessage: 'Exfiltration Over C2 Channel (T1041)' } ), id: 'T1041', - name: 'Exfiltration Over Command and Control Channel', + name: 'Exfiltration Over C2 Channel', reference: 'https://attack.mitre.org/techniques/T1041', tactics: 'exfiltration', - value: 'exfiltrationOverCommandAndControlChannel', + value: 'exfiltrationOverC2Channel', }, { label: i18n.translate( @@ -2762,6 +2060,17 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'exfiltration', value: 'exfiltrationOverPhysicalMedium', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverWebServiceDescription', + { defaultMessage: 'Exfiltration Over Web Service (T1567)' } + ), + id: 'T1567', + name: 'Exfiltration Over Web Service', + reference: 'https://attack.mitre.org/techniques/T1567', + tactics: 'exfiltration', + value: 'exfiltrationOverWebService', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.exploitPublicFacingApplicationDescription', @@ -2839,17 +2148,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'persistence,initial-access', value: 'externalRemoteServices', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.extraWindowMemoryInjectionDescription', - { defaultMessage: 'Extra Window Memory Injection (T1181)' } - ), - id: 'T1181', - name: 'Extra Window Memory Injection', - reference: 'https://attack.mitre.org/techniques/T1181', - tactics: 'defense-evasion,privilege-escalation', - value: 'extraWindowMemoryInjection', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.fallbackChannelsDescription', @@ -2861,39 +2159,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'command-and-control', value: 'fallbackChannels', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileDeletionDescription', - { defaultMessage: 'File Deletion (T1107)' } - ), - id: 'T1107', - name: 'File Deletion', - reference: 'https://attack.mitre.org/techniques/T1107', - tactics: 'defense-evasion', - value: 'fileDeletion', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileSystemLogicalOffsetsDescription', - { defaultMessage: 'File System Logical Offsets (T1006)' } - ), - id: 'T1006', - name: 'File System Logical Offsets', - reference: 'https://attack.mitre.org/techniques/T1006', - tactics: 'defense-evasion', - value: 'fileSystemLogicalOffsets', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileSystemPermissionsWeaknessDescription', - { defaultMessage: 'File System Permissions Weakness (T1044)' } - ), - id: 'T1044', - name: 'File System Permissions Weakness', - reference: 'https://attack.mitre.org/techniques/T1044', - tactics: 'persistence,privilege-escalation', - value: 'fileSystemPermissionsWeakness', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileAndDirectoryDiscoveryDescription', @@ -2940,14 +2205,47 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.gatekeeperBypassDescription', - { defaultMessage: 'Gatekeeper Bypass (T1144)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.gatherVictimHostInformationDescription', + { defaultMessage: 'Gather Victim Host Information (T1592)' } ), - id: 'T1144', - name: 'Gatekeeper Bypass', - reference: 'https://attack.mitre.org/techniques/T1144', - tactics: 'defense-evasion', - value: 'gatekeeperBypass', + id: 'T1592', + name: 'Gather Victim Host Information', + reference: 'https://attack.mitre.org/techniques/T1592', + tactics: 'reconnaissance', + value: 'gatherVictimHostInformation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.gatherVictimIdentityInformationDescription', + { defaultMessage: 'Gather Victim Identity Information (T1589)' } + ), + id: 'T1589', + name: 'Gather Victim Identity Information', + reference: 'https://attack.mitre.org/techniques/T1589', + tactics: 'reconnaissance', + value: 'gatherVictimIdentityInformation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.gatherVictimNetworkInformationDescription', + { defaultMessage: 'Gather Victim Network Information (T1590)' } + ), + id: 'T1590', + name: 'Gather Victim Network Information', + reference: 'https://attack.mitre.org/techniques/T1590', + tactics: 'reconnaissance', + value: 'gatherVictimNetworkInformation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.gatherVictimOrgInformationDescription', + { defaultMessage: 'Gather Victim Org Information (T1591)' } + ), + id: 'T1591', + name: 'Gather Victim Org Information', + reference: 'https://attack.mitre.org/techniques/T1591', + tactics: 'reconnaissance', + value: 'gatherVictimOrgInformation', }, { label: i18n.translate( @@ -2968,20 +2266,9 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ id: 'T1484', name: 'Group Policy Modification', reference: 'https://attack.mitre.org/techniques/T1484', - tactics: 'defense-evasion', + tactics: 'defense-evasion,privilege-escalation', value: 'groupPolicyModification', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.histcontrolDescription', - { defaultMessage: 'HISTCONTROL (T1148)' } - ), - id: 'T1148', - name: 'HISTCONTROL', - reference: 'https://attack.mitre.org/techniques/T1148', - tactics: 'defense-evasion', - value: 'histcontrol', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.hardwareAdditionsDescription', @@ -2995,47 +2282,25 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.hiddenFilesAndDirectoriesDescription', - { defaultMessage: 'Hidden Files and Directories (T1158)' } - ), - id: 'T1158', - name: 'Hidden Files and Directories', - reference: 'https://attack.mitre.org/techniques/T1158', - tactics: 'defense-evasion,persistence', - value: 'hiddenFilesAndDirectories', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.hiddenUsersDescription', - { defaultMessage: 'Hidden Users (T1147)' } - ), - id: 'T1147', - name: 'Hidden Users', - reference: 'https://attack.mitre.org/techniques/T1147', - tactics: 'defense-evasion', - value: 'hiddenUsers', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.hiddenWindowDescription', - { defaultMessage: 'Hidden Window (T1143)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.hideArtifactsDescription', + { defaultMessage: 'Hide Artifacts (T1564)' } ), - id: 'T1143', - name: 'Hidden Window', - reference: 'https://attack.mitre.org/techniques/T1143', + id: 'T1564', + name: 'Hide Artifacts', + reference: 'https://attack.mitre.org/techniques/T1564', tactics: 'defense-evasion', - value: 'hiddenWindow', + value: 'hideArtifacts', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.hookingDescription', - { defaultMessage: 'Hooking (T1179)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.hijackExecutionFlowDescription', + { defaultMessage: 'Hijack Execution Flow (T1574)' } ), - id: 'T1179', - name: 'Hooking', - reference: 'https://attack.mitre.org/techniques/T1179', - tactics: 'persistence,privilege-escalation,credential-access', - value: 'hooking', + id: 'T1574', + name: 'Hijack Execution Flow', + reference: 'https://attack.mitre.org/techniques/T1574', + tactics: 'persistence,privilege-escalation,defense-evasion', + value: 'hijackExecutionFlow', }, { label: i18n.translate( @@ -3050,14 +2315,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.imageFileExecutionOptionsInjectionDescription', - { defaultMessage: 'Image File Execution Options Injection (T1183)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.impairDefensesDescription', + { defaultMessage: 'Impair Defenses (T1562)' } ), - id: 'T1183', - name: 'Image File Execution Options Injection', - reference: 'https://attack.mitre.org/techniques/T1183', - tactics: 'privilege-escalation,persistence,defense-evasion', - value: 'imageFileExecutionOptionsInjection', + id: 'T1562', + name: 'Impair Defenses', + reference: 'https://attack.mitre.org/techniques/T1562', + tactics: 'defense-evasion', + value: 'impairDefenses', }, { label: i18n.translate( @@ -3070,28 +2335,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'persistence', value: 'implantContainerImage', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.indicatorBlockingDescription', - { defaultMessage: 'Indicator Blocking (T1054)' } - ), - id: 'T1054', - name: 'Indicator Blocking', - reference: 'https://attack.mitre.org/techniques/T1054', - tactics: 'defense-evasion', - value: 'indicatorBlocking', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.indicatorRemovalFromToolsDescription', - { defaultMessage: 'Indicator Removal from Tools (T1066)' } - ), - id: 'T1066', - name: 'Indicator Removal from Tools', - reference: 'https://attack.mitre.org/techniques/T1066', - tactics: 'defense-evasion', - value: 'indicatorRemovalFromTools', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.indicatorRemovalOnHostDescription', @@ -3114,6 +2357,17 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'defense-evasion', value: 'indirectCommandExecution', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.ingressToolTransferDescription', + { defaultMessage: 'Ingress Tool Transfer (T1105)' } + ), + id: 'T1105', + name: 'Ingress Tool Transfer', + reference: 'https://attack.mitre.org/techniques/T1105', + tactics: 'command-and-control', + value: 'ingressToolTransfer', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.inhibitSystemRecoveryDescription', @@ -3138,41 +2392,19 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.inputPromptDescription', - { defaultMessage: 'Input Prompt (T1141)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.interProcessCommunicationDescription', + { defaultMessage: 'Inter-Process Communication (T1559)' } ), - id: 'T1141', - name: 'Input Prompt', - reference: 'https://attack.mitre.org/techniques/T1141', - tactics: 'credential-access', - value: 'inputPrompt', + id: 'T1559', + name: 'Inter-Process Communication', + reference: 'https://attack.mitre.org/techniques/T1559', + tactics: 'execution', + value: 'interProcessCommunication', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.installRootCertificateDescription', - { defaultMessage: 'Install Root Certificate (T1130)' } - ), - id: 'T1130', - name: 'Install Root Certificate', - reference: 'https://attack.mitre.org/techniques/T1130', - tactics: 'defense-evasion', - value: 'installRootCertificate', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.installUtilDescription', - { defaultMessage: 'InstallUtil (T1118)' } - ), - id: 'T1118', - name: 'InstallUtil', - reference: 'https://attack.mitre.org/techniques/T1118', - tactics: 'defense-evasion,execution', - value: 'installUtil', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.internalSpearphishingDescription', - { defaultMessage: 'Internal Spearphishing (T1534)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.internalSpearphishingDescription', + { defaultMessage: 'Internal Spearphishing (T1534)' } ), id: 'T1534', name: 'Internal Spearphishing', @@ -3180,50 +2412,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'lateral-movement', value: 'internalSpearphishing', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.kerberoastingDescription', - { defaultMessage: 'Kerberoasting (T1208)' } - ), - id: 'T1208', - name: 'Kerberoasting', - reference: 'https://attack.mitre.org/techniques/T1208', - tactics: 'credential-access', - value: 'kerberoasting', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.kernelModulesAndExtensionsDescription', - { defaultMessage: 'Kernel Modules and Extensions (T1215)' } - ), - id: 'T1215', - name: 'Kernel Modules and Extensions', - reference: 'https://attack.mitre.org/techniques/T1215', - tactics: 'persistence', - value: 'kernelModulesAndExtensions', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.keychainDescription', - { defaultMessage: 'Keychain (T1142)' } - ), - id: 'T1142', - name: 'Keychain', - reference: 'https://attack.mitre.org/techniques/T1142', - tactics: 'credential-access', - value: 'keychain', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.lcLoadDylibAdditionDescription', - { defaultMessage: 'LC_LOAD_DYLIB Addition (T1161)' } - ), - id: 'T1161', - name: 'LC_LOAD_DYLIB Addition', - reference: 'https://attack.mitre.org/techniques/T1161', - tactics: 'persistence', - value: 'lcLoadDylibAddition', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.lcMainHijackingDescription', @@ -3237,91 +2425,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.llmnrNbtNsPoisoningAndRelayDescription', - { defaultMessage: 'LLMNR/NBT-NS Poisoning and Relay (T1171)' } - ), - id: 'T1171', - name: 'LLMNR/NBT-NS Poisoning and Relay', - reference: 'https://attack.mitre.org/techniques/T1171', - tactics: 'credential-access', - value: 'llmnrNbtNsPoisoningAndRelay', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.lsassDriverDescription', - { defaultMessage: 'LSASS Driver (T1177)' } - ), - id: 'T1177', - name: 'LSASS Driver', - reference: 'https://attack.mitre.org/techniques/T1177', - tactics: 'execution,persistence', - value: 'lsassDriver', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.launchAgentDescription', - { defaultMessage: 'Launch Agent (T1159)' } - ), - id: 'T1159', - name: 'Launch Agent', - reference: 'https://attack.mitre.org/techniques/T1159', - tactics: 'persistence', - value: 'launchAgent', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.launchDaemonDescription', - { defaultMessage: 'Launch Daemon (T1160)' } - ), - id: 'T1160', - name: 'Launch Daemon', - reference: 'https://attack.mitre.org/techniques/T1160', - tactics: 'persistence,privilege-escalation', - value: 'launchDaemon', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.launchctlDescription', - { defaultMessage: 'Launchctl (T1152)' } - ), - id: 'T1152', - name: 'Launchctl', - reference: 'https://attack.mitre.org/techniques/T1152', - tactics: 'defense-evasion,execution,persistence', - value: 'launchctl', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.localJobSchedulingDescription', - { defaultMessage: 'Local Job Scheduling (T1168)' } - ), - id: 'T1168', - name: 'Local Job Scheduling', - reference: 'https://attack.mitre.org/techniques/T1168', - tactics: 'persistence,execution', - value: 'localJobScheduling', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.loginItemDescription', - { defaultMessage: 'Login Item (T1162)' } - ), - id: 'T1162', - name: 'Login Item', - reference: 'https://attack.mitre.org/techniques/T1162', - tactics: 'persistence', - value: 'loginItem', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.logonScriptsDescription', - { defaultMessage: 'Logon Scripts (T1037)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.lateralToolTransferDescription', + { defaultMessage: 'Lateral Tool Transfer (T1570)' } ), - id: 'T1037', - name: 'Logon Scripts', - reference: 'https://attack.mitre.org/techniques/T1037', - tactics: 'lateral-movement,persistence', - value: 'logonScripts', + id: 'T1570', + name: 'Lateral Tool Transfer', + reference: 'https://attack.mitre.org/techniques/T1570', + tactics: 'lateral-movement', + value: 'lateralToolTransfer', }, { label: i18n.translate( @@ -3334,6 +2445,17 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'collection', value: 'manInTheBrowser', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.manInTheMiddleDescription', + { defaultMessage: 'Man-in-the-Middle (T1557)' } + ), + id: 'T1557', + name: 'Man-in-the-Middle', + reference: 'https://attack.mitre.org/techniques/T1557', + tactics: 'credential-access,collection', + value: 'manInTheMiddle', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.masqueradingDescription', @@ -3347,14 +2469,25 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.modifyExistingServiceDescription', - { defaultMessage: 'Modify Existing Service (T1031)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.modifyAuthenticationProcessDescription', + { defaultMessage: 'Modify Authentication Process (T1556)' } ), - id: 'T1031', - name: 'Modify Existing Service', - reference: 'https://attack.mitre.org/techniques/T1031', - tactics: 'persistence', - value: 'modifyExistingService', + id: 'T1556', + name: 'Modify Authentication Process', + reference: 'https://attack.mitre.org/techniques/T1556', + tactics: 'credential-access,defense-evasion', + value: 'modifyAuthenticationProcess', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.modifyCloudComputeInfrastructureDescription', + { defaultMessage: 'Modify Cloud Compute Infrastructure (T1578)' } + ), + id: 'T1578', + name: 'Modify Cloud Compute Infrastructure', + reference: 'https://attack.mitre.org/techniques/T1578', + tactics: 'defense-evasion', + value: 'modifyCloudComputeInfrastructure', }, { label: i18n.translate( @@ -3369,14 +2502,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.mshtaDescription', - { defaultMessage: 'Mshta (T1170)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.modifySystemImageDescription', + { defaultMessage: 'Modify System Image (T1601)' } ), - id: 'T1170', - name: 'Mshta', - reference: 'https://attack.mitre.org/techniques/T1170', - tactics: 'defense-evasion,execution', - value: 'mshta', + id: 'T1601', + name: 'Modify System Image', + reference: 'https://attack.mitre.org/techniques/T1601', + tactics: 'defense-evasion', + value: 'modifySystemImage', }, { label: i18n.translate( @@ -3389,17 +2522,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'command-and-control', value: 'multiStageChannels', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.multiHopProxyDescription', - { defaultMessage: 'Multi-hop Proxy (T1188)' } - ), - id: 'T1188', - name: 'Multi-hop Proxy', - reference: 'https://attack.mitre.org/techniques/T1188', - tactics: 'command-and-control', - value: 'multiHopProxy', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.multibandCommunicationDescription', @@ -3413,36 +2535,25 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.multilayerEncryptionDescription', - { defaultMessage: 'Multilayer Encryption (T1079)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.nativeApiDescription', + { defaultMessage: 'Native API (T1106)' } ), - id: 'T1079', - name: 'Multilayer Encryption', - reference: 'https://attack.mitre.org/techniques/T1079', - tactics: 'command-and-control', - value: 'multilayerEncryption', + id: 'T1106', + name: 'Native API', + reference: 'https://attack.mitre.org/techniques/T1106', + tactics: 'execution', + value: 'nativeApi', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.ntfsFileAttributesDescription', - { defaultMessage: 'NTFS File Attributes (T1096)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkBoundaryBridgingDescription', + { defaultMessage: 'Network Boundary Bridging (T1599)' } ), - id: 'T1096', - name: 'NTFS File Attributes', - reference: 'https://attack.mitre.org/techniques/T1096', + id: 'T1599', + name: 'Network Boundary Bridging', + reference: 'https://attack.mitre.org/techniques/T1599', tactics: 'defense-evasion', - value: 'ntfsFileAttributes', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.netshHelperDllDescription', - { defaultMessage: 'Netsh Helper DLL (T1128)' } - ), - id: 'T1128', - name: 'Netsh Helper DLL', - reference: 'https://attack.mitre.org/techniques/T1128', - tactics: 'persistence', - value: 'netshHelperDll', + value: 'networkBoundaryBridging', }, { label: i18n.translate( @@ -3466,17 +2577,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'discovery', value: 'networkServiceScanning', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkShareConnectionRemovalDescription', - { defaultMessage: 'Network Share Connection Removal (T1126)' } - ), - id: 'T1126', - name: 'Network Share Connection Removal', - reference: 'https://attack.mitre.org/techniques/T1126', - tactics: 'defense-evasion', - value: 'networkShareConnectionRemoval', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkShareDiscoveryDescription', @@ -3501,14 +2601,36 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.newServiceDescription', - { defaultMessage: 'New Service (T1050)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.nonApplicationLayerProtocolDescription', + { defaultMessage: 'Non-Application Layer Protocol (T1095)' } ), - id: 'T1050', - name: 'New Service', - reference: 'https://attack.mitre.org/techniques/T1050', - tactics: 'persistence,privilege-escalation', - value: 'newService', + id: 'T1095', + name: 'Non-Application Layer Protocol', + reference: 'https://attack.mitre.org/techniques/T1095', + tactics: 'command-and-control', + value: 'nonApplicationLayerProtocol', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.nonStandardPortDescription', + { defaultMessage: 'Non-Standard Port (T1571)' } + ), + id: 'T1571', + name: 'Non-Standard Port', + reference: 'https://attack.mitre.org/techniques/T1571', + tactics: 'command-and-control', + value: 'nonStandardPort', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.osCredentialDumpingDescription', + { defaultMessage: 'OS Credential Dumping (T1003)' } + ), + id: 'T1003', + name: 'OS Credential Dumping', + reference: 'https://attack.mitre.org/techniques/T1003', + tactics: 'credential-access', + value: 'osCredentialDumping', }, { label: i18n.translate( @@ -3521,6 +2643,17 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'defense-evasion', value: 'obfuscatedFilesOrInformation', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.obtainCapabilitiesDescription', + { defaultMessage: 'Obtain Capabilities (T1588)' } + ), + id: 'T1588', + name: 'Obtain Capabilities', + reference: 'https://attack.mitre.org/techniques/T1588', + tactics: 'resource-development', + value: 'obtainCapabilities', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.officeApplicationStartupDescription', @@ -3532,50 +2665,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'persistence', value: 'officeApplicationStartup', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.parentPidSpoofingDescription', - { defaultMessage: 'Parent PID Spoofing (T1502)' } - ), - id: 'T1502', - name: 'Parent PID Spoofing', - reference: 'https://attack.mitre.org/techniques/T1502', - tactics: 'defense-evasion,privilege-escalation', - value: 'parentPidSpoofing', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.passTheHashDescription', - { defaultMessage: 'Pass the Hash (T1075)' } - ), - id: 'T1075', - name: 'Pass the Hash', - reference: 'https://attack.mitre.org/techniques/T1075', - tactics: 'lateral-movement', - value: 'passTheHash', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.passTheTicketDescription', - { defaultMessage: 'Pass the Ticket (T1097)' } - ), - id: 'T1097', - name: 'Pass the Ticket', - reference: 'https://attack.mitre.org/techniques/T1097', - tactics: 'lateral-movement', - value: 'passTheTicket', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.passwordFilterDllDescription', - { defaultMessage: 'Password Filter DLL (T1174)' } - ), - id: 'T1174', - name: 'Password Filter DLL', - reference: 'https://attack.mitre.org/techniques/T1174', - tactics: 'credential-access', - value: 'passwordFilterDll', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.passwordPolicyDiscoveryDescription', @@ -3622,69 +2711,36 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.plistModificationDescription', - { defaultMessage: 'Plist Modification (T1150)' } - ), - id: 'T1150', - name: 'Plist Modification', - reference: 'https://attack.mitre.org/techniques/T1150', - tactics: 'defense-evasion,persistence,privilege-escalation', - value: 'plistModification', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.portKnockingDescription', - { defaultMessage: 'Port Knocking (T1205)' } - ), - id: 'T1205', - name: 'Port Knocking', - reference: 'https://attack.mitre.org/techniques/T1205', - tactics: 'defense-evasion,persistence,command-and-control', - value: 'portKnocking', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.portMonitorsDescription', - { defaultMessage: 'Port Monitors (T1013)' } - ), - id: 'T1013', - name: 'Port Monitors', - reference: 'https://attack.mitre.org/techniques/T1013', - tactics: 'persistence,privilege-escalation', - value: 'portMonitors', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.powerShellDescription', - { defaultMessage: 'PowerShell (T1086)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.phishingDescription', + { defaultMessage: 'Phishing (T1566)' } ), - id: 'T1086', - name: 'PowerShell', - reference: 'https://attack.mitre.org/techniques/T1086', - tactics: 'execution', - value: 'powerShell', + id: 'T1566', + name: 'Phishing', + reference: 'https://attack.mitre.org/techniques/T1566', + tactics: 'initial-access', + value: 'phishing', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.powerShellProfileDescription', - { defaultMessage: 'PowerShell Profile (T1504)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.phishingForInformationDescription', + { defaultMessage: 'Phishing for Information (T1598)' } ), - id: 'T1504', - name: 'PowerShell Profile', - reference: 'https://attack.mitre.org/techniques/T1504', - tactics: 'persistence,privilege-escalation', - value: 'powerShellProfile', + id: 'T1598', + name: 'Phishing for Information', + reference: 'https://attack.mitre.org/techniques/T1598', + tactics: 'reconnaissance', + value: 'phishingForInformation', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.privateKeysDescription', - { defaultMessage: 'Private Keys (T1145)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.preOsBootDescription', + { defaultMessage: 'Pre-OS Boot (T1542)' } ), - id: 'T1145', - name: 'Private Keys', - reference: 'https://attack.mitre.org/techniques/T1145', - tactics: 'credential-access', - value: 'privateKeys', + id: 'T1542', + name: 'Pre-OS Boot', + reference: 'https://attack.mitre.org/techniques/T1542', + tactics: 'defense-evasion,persistence', + value: 'preOsBoot', }, { label: i18n.translate( @@ -3697,28 +2753,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'discovery', value: 'processDiscovery', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.processDoppelgangingDescription', - { defaultMessage: 'Process Doppelgänging (T1186)' } - ), - id: 'T1186', - name: 'Process Doppelgänging', - reference: 'https://attack.mitre.org/techniques/T1186', - tactics: 'defense-evasion', - value: 'processDoppelganging', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.processHollowingDescription', - { defaultMessage: 'Process Hollowing (T1093)' } - ), - id: 'T1093', - name: 'Process Hollowing', - reference: 'https://attack.mitre.org/techniques/T1093', - tactics: 'defense-evasion', - value: 'processHollowing', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.processInjectionDescription', @@ -3732,36 +2766,36 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.queryRegistryDescription', - { defaultMessage: 'Query Registry (T1012)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.protocolTunnelingDescription', + { defaultMessage: 'Protocol Tunneling (T1572)' } ), - id: 'T1012', - name: 'Query Registry', - reference: 'https://attack.mitre.org/techniques/T1012', - tactics: 'discovery', - value: 'queryRegistry', + id: 'T1572', + name: 'Protocol Tunneling', + reference: 'https://attack.mitre.org/techniques/T1572', + tactics: 'command-and-control', + value: 'protocolTunneling', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.rcCommonDescription', - { defaultMessage: 'Rc.common (T1163)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.proxyDescription', + { defaultMessage: 'Proxy (T1090)' } ), - id: 'T1163', - name: 'Rc.common', - reference: 'https://attack.mitre.org/techniques/T1163', - tactics: 'persistence', - value: 'rcCommon', + id: 'T1090', + name: 'Proxy', + reference: 'https://attack.mitre.org/techniques/T1090', + tactics: 'command-and-control', + value: 'proxy', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.reOpenedApplicationsDescription', - { defaultMessage: 'Re-opened Applications (T1164)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.queryRegistryDescription', + { defaultMessage: 'Query Registry (T1012)' } ), - id: 'T1164', - name: 'Re-opened Applications', - reference: 'https://attack.mitre.org/techniques/T1164', - tactics: 'persistence', - value: 'reOpenedApplications', + id: 'T1012', + name: 'Query Registry', + reference: 'https://attack.mitre.org/techniques/T1012', + tactics: 'discovery', + value: 'queryRegistry', }, { label: i18n.translate( @@ -3776,69 +2810,25 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.registryRunKeysStartupFolderDescription', - { defaultMessage: 'Registry Run Keys / Startup Folder (T1060)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteAccessSoftwareDescription', + { defaultMessage: 'Remote Access Software (T1219)' } ), - id: 'T1060', - name: 'Registry Run Keys / Startup Folder', - reference: 'https://attack.mitre.org/techniques/T1060', - tactics: 'persistence', - value: 'registryRunKeysStartupFolder', + id: 'T1219', + name: 'Remote Access Software', + reference: 'https://attack.mitre.org/techniques/T1219', + tactics: 'command-and-control', + value: 'remoteAccessSoftware', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.regsvcsRegasmDescription', - { defaultMessage: 'Regsvcs/Regasm (T1121)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteServiceSessionHijackingDescription', + { defaultMessage: 'Remote Service Session Hijacking (T1563)' } ), - id: 'T1121', - name: 'Regsvcs/Regasm', - reference: 'https://attack.mitre.org/techniques/T1121', - tactics: 'defense-evasion,execution', - value: 'regsvcsRegasm', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.regsvr32Description', - { defaultMessage: 'Regsvr32 (T1117)' } - ), - id: 'T1117', - name: 'Regsvr32', - reference: 'https://attack.mitre.org/techniques/T1117', - tactics: 'defense-evasion,execution', - value: 'regsvr32', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteAccessToolsDescription', - { defaultMessage: 'Remote Access Tools (T1219)' } - ), - id: 'T1219', - name: 'Remote Access Tools', - reference: 'https://attack.mitre.org/techniques/T1219', - tactics: 'command-and-control', - value: 'remoteAccessTools', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteDesktopProtocolDescription', - { defaultMessage: 'Remote Desktop Protocol (T1076)' } - ), - id: 'T1076', - name: 'Remote Desktop Protocol', - reference: 'https://attack.mitre.org/techniques/T1076', + id: 'T1563', + name: 'Remote Service Session Hijacking', + reference: 'https://attack.mitre.org/techniques/T1563', tactics: 'lateral-movement', - value: 'remoteDesktopProtocol', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteFileCopyDescription', - { defaultMessage: 'Remote File Copy (T1105)' } - ), - id: 'T1105', - name: 'Remote File Copy', - reference: 'https://attack.mitre.org/techniques/T1105', - tactics: 'command-and-control,lateral-movement', - value: 'remoteFileCopy', + value: 'remoteServiceSessionHijacking', }, { label: i18n.translate( @@ -3886,14 +2876,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.revertCloudInstanceDescription', - { defaultMessage: 'Revert Cloud Instance (T1536)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.rogueDomainControllerDescription', + { defaultMessage: 'Rogue Domain Controller (T1207)' } ), - id: 'T1536', - name: 'Revert Cloud Instance', - reference: 'https://attack.mitre.org/techniques/T1536', + id: 'T1207', + name: 'Rogue Domain Controller', + reference: 'https://attack.mitre.org/techniques/T1207', tactics: 'defense-evasion', - value: 'revertCloudInstance', + value: 'rogueDomainController', }, { label: i18n.translate( @@ -3908,69 +2898,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.rundll32Description', - { defaultMessage: 'Rundll32 (T1085)' } - ), - id: 'T1085', - name: 'Rundll32', - reference: 'https://attack.mitre.org/techniques/T1085', - tactics: 'defense-evasion,execution', - value: 'rundll32', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.runtimeDataManipulationDescription', - { defaultMessage: 'Runtime Data Manipulation (T1494)' } - ), - id: 'T1494', - name: 'Runtime Data Manipulation', - reference: 'https://attack.mitre.org/techniques/T1494', - tactics: 'impact', - value: 'runtimeDataManipulation', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.sidHistoryInjectionDescription', - { defaultMessage: 'SID-History Injection (T1178)' } - ), - id: 'T1178', - name: 'SID-History Injection', - reference: 'https://attack.mitre.org/techniques/T1178', - tactics: 'privilege-escalation', - value: 'sidHistoryInjection', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.sipAndTrustProviderHijackingDescription', - { defaultMessage: 'SIP and Trust Provider Hijacking (T1198)' } - ), - id: 'T1198', - name: 'SIP and Trust Provider Hijacking', - reference: 'https://attack.mitre.org/techniques/T1198', - tactics: 'defense-evasion,persistence', - value: 'sipAndTrustProviderHijacking', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.sshHijackingDescription', - { defaultMessage: 'SSH Hijacking (T1184)' } - ), - id: 'T1184', - name: 'SSH Hijacking', - reference: 'https://attack.mitre.org/techniques/T1184', - tactics: 'lateral-movement', - value: 'sshHijacking', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.scheduledTaskDescription', - { defaultMessage: 'Scheduled Task (T1053)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.scheduledTaskJobDescription', + { defaultMessage: 'Scheduled Task/Job (T1053)' } ), id: 'T1053', - name: 'Scheduled Task', + name: 'Scheduled Task/Job', reference: 'https://attack.mitre.org/techniques/T1053', tactics: 'execution,persistence,privilege-escalation', - value: 'scheduledTask', + value: 'scheduledTaskJob', }, { label: i18n.translate( @@ -3994,17 +2929,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'collection', value: 'screenCapture', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.screensaverDescription', - { defaultMessage: 'Screensaver (T1180)' } - ), - id: 'T1180', - name: 'Screensaver', - reference: 'https://attack.mitre.org/techniques/T1180', - tactics: 'persistence', - value: 'screensaver', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.scriptingDescription', @@ -4018,36 +2942,47 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.securitySoftwareDiscoveryDescription', - { defaultMessage: 'Security Software Discovery (T1063)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.searchClosedSourcesDescription', + { defaultMessage: 'Search Closed Sources (T1597)' } ), - id: 'T1063', - name: 'Security Software Discovery', - reference: 'https://attack.mitre.org/techniques/T1063', - tactics: 'discovery', - value: 'securitySoftwareDiscovery', + id: 'T1597', + name: 'Search Closed Sources', + reference: 'https://attack.mitre.org/techniques/T1597', + tactics: 'reconnaissance', + value: 'searchClosedSources', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.securitySupportProviderDescription', - { defaultMessage: 'Security Support Provider (T1101)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.searchOpenTechnicalDatabasesDescription', + { defaultMessage: 'Search Open Technical Databases (T1596)' } ), - id: 'T1101', - name: 'Security Support Provider', - reference: 'https://attack.mitre.org/techniques/T1101', - tactics: 'persistence', - value: 'securitySupportProvider', + id: 'T1596', + name: 'Search Open Technical Databases', + reference: 'https://attack.mitre.org/techniques/T1596', + tactics: 'reconnaissance', + value: 'searchOpenTechnicalDatabases', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.securitydMemoryDescription', - { defaultMessage: 'Securityd Memory (T1167)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.searchOpenWebsitesDomainsDescription', + { defaultMessage: 'Search Open Websites/Domains (T1593)' } ), - id: 'T1167', - name: 'Securityd Memory', - reference: 'https://attack.mitre.org/techniques/T1167', - tactics: 'credential-access', - value: 'securitydMemory', + id: 'T1593', + name: 'Search Open Websites/Domains', + reference: 'https://attack.mitre.org/techniques/T1593', + tactics: 'reconnaissance', + value: 'searchOpenWebsitesDomains', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.searchVictimOwnedWebsitesDescription', + { defaultMessage: 'Search Victim-Owned Websites (T1594)' } + ), + id: 'T1594', + name: 'Search Victim-Owned Websites', + reference: 'https://attack.mitre.org/techniques/T1594', + tactics: 'reconnaissance', + value: 'searchVictimOwnedWebsites', }, { label: i18n.translate( @@ -4060,28 +2995,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'persistence', value: 'serverSoftwareComponent', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.serviceExecutionDescription', - { defaultMessage: 'Service Execution (T1035)' } - ), - id: 'T1035', - name: 'Service Execution', - reference: 'https://attack.mitre.org/techniques/T1035', - tactics: 'execution', - value: 'serviceExecution', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.serviceRegistryPermissionsWeaknessDescription', - { defaultMessage: 'Service Registry Permissions Weakness (T1058)' } - ), - id: 'T1058', - name: 'Service Registry Permissions Weakness', - reference: 'https://attack.mitre.org/techniques/T1058', - tactics: 'persistence,privilege-escalation', - value: 'serviceRegistryPermissionsWeakness', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.serviceStopDescription', @@ -4095,14 +3008,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.setuidAndSetgidDescription', - { defaultMessage: 'Setuid and Setgid (T1166)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.sharedModulesDescription', + { defaultMessage: 'Shared Modules (T1129)' } ), - id: 'T1166', - name: 'Setuid and Setgid', - reference: 'https://attack.mitre.org/techniques/T1166', - tactics: 'privilege-escalation,persistence', - value: 'setuidAndSetgid', + id: 'T1129', + name: 'Shared Modules', + reference: 'https://attack.mitre.org/techniques/T1129', + tactics: 'execution', + value: 'sharedModules', }, { label: i18n.translate( @@ -4115,17 +3028,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'lateral-movement', value: 'sharedWebroot', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.shortcutModificationDescription', - { defaultMessage: 'Shortcut Modification (T1023)' } - ), - id: 'T1023', - name: 'Shortcut Modification', - reference: 'https://attack.mitre.org/techniques/T1023', - tactics: 'persistence', - value: 'shortcutModification', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.signedBinaryProxyExecutionDescription', @@ -4134,7 +3036,7 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ id: 'T1218', name: 'Signed Binary Proxy Execution', reference: 'https://attack.mitre.org/techniques/T1218', - tactics: 'defense-evasion,execution', + tactics: 'defense-evasion', value: 'signedBinaryProxyExecution', }, { @@ -4145,9 +3047,20 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ id: 'T1216', name: 'Signed Script Proxy Execution', reference: 'https://attack.mitre.org/techniques/T1216', - tactics: 'defense-evasion,execution', + tactics: 'defense-evasion', value: 'signedScriptProxyExecution', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.softwareDeploymentToolsDescription', + { defaultMessage: 'Software Deployment Tools (T1072)' } + ), + id: 'T1072', + name: 'Software Deployment Tools', + reference: 'https://attack.mitre.org/techniques/T1072', + tactics: 'execution,lateral-movement', + value: 'softwareDeploymentTools', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.softwareDiscoveryDescription', @@ -4159,17 +3072,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'discovery', value: 'softwareDiscovery', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.softwarePackingDescription', - { defaultMessage: 'Software Packing (T1045)' } - ), - id: 'T1045', - name: 'Software Packing', - reference: 'https://attack.mitre.org/techniques/T1045', - tactics: 'defense-evasion', - value: 'softwarePacking', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.sourceDescription', @@ -4181,94 +3083,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'execution', value: 'source', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.spaceAfterFilenameDescription', - { defaultMessage: 'Space after Filename (T1151)' } - ), - id: 'T1151', - name: 'Space after Filename', - reference: 'https://attack.mitre.org/techniques/T1151', - tactics: 'defense-evasion,execution', - value: 'spaceAfterFilename', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.spearphishingAttachmentDescription', - { defaultMessage: 'Spearphishing Attachment (T1193)' } - ), - id: 'T1193', - name: 'Spearphishing Attachment', - reference: 'https://attack.mitre.org/techniques/T1193', - tactics: 'initial-access', - value: 'spearphishingAttachment', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.spearphishingLinkDescription', - { defaultMessage: 'Spearphishing Link (T1192)' } - ), - id: 'T1192', - name: 'Spearphishing Link', - reference: 'https://attack.mitre.org/techniques/T1192', - tactics: 'initial-access', - value: 'spearphishingLink', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.spearphishingViaServiceDescription', - { defaultMessage: 'Spearphishing via Service (T1194)' } - ), - id: 'T1194', - name: 'Spearphishing via Service', - reference: 'https://attack.mitre.org/techniques/T1194', - tactics: 'initial-access', - value: 'spearphishingViaService', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.standardApplicationLayerProtocolDescription', - { defaultMessage: 'Standard Application Layer Protocol (T1071)' } - ), - id: 'T1071', - name: 'Standard Application Layer Protocol', - reference: 'https://attack.mitre.org/techniques/T1071', - tactics: 'command-and-control', - value: 'standardApplicationLayerProtocol', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.standardCryptographicProtocolDescription', - { defaultMessage: 'Standard Cryptographic Protocol (T1032)' } - ), - id: 'T1032', - name: 'Standard Cryptographic Protocol', - reference: 'https://attack.mitre.org/techniques/T1032', - tactics: 'command-and-control', - value: 'standardCryptographicProtocol', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.standardNonApplicationLayerProtocolDescription', - { defaultMessage: 'Standard Non-Application Layer Protocol (T1095)' } - ), - id: 'T1095', - name: 'Standard Non-Application Layer Protocol', - reference: 'https://attack.mitre.org/techniques/T1095', - tactics: 'command-and-control', - value: 'standardNonApplicationLayerProtocol', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.startupItemsDescription', - { defaultMessage: 'Startup Items (T1165)' } - ), - id: 'T1165', - name: 'Startup Items', - reference: 'https://attack.mitre.org/techniques/T1165', - tactics: 'persistence,privilege-escalation', - value: 'startupItems', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.stealApplicationAccessTokenDescription', @@ -4293,36 +3107,25 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.storedDataManipulationDescription', - { defaultMessage: 'Stored Data Manipulation (T1492)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.stealOrForgeKerberosTicketsDescription', + { defaultMessage: 'Steal or Forge Kerberos Tickets (T1558)' } ), - id: 'T1492', - name: 'Stored Data Manipulation', - reference: 'https://attack.mitre.org/techniques/T1492', - tactics: 'impact', - value: 'storedDataManipulation', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.sudoDescription', - { defaultMessage: 'Sudo (T1169)' } - ), - id: 'T1169', - name: 'Sudo', - reference: 'https://attack.mitre.org/techniques/T1169', - tactics: 'privilege-escalation', - value: 'sudo', + id: 'T1558', + name: 'Steal or Forge Kerberos Tickets', + reference: 'https://attack.mitre.org/techniques/T1558', + tactics: 'credential-access', + value: 'stealOrForgeKerberosTickets', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.sudoCachingDescription', - { defaultMessage: 'Sudo Caching (T1206)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.subvertTrustControlsDescription', + { defaultMessage: 'Subvert Trust Controls (T1553)' } ), - id: 'T1206', - name: 'Sudo Caching', - reference: 'https://attack.mitre.org/techniques/T1206', - tactics: 'privilege-escalation', - value: 'sudoCaching', + id: 'T1553', + name: 'Subvert Trust Controls', + reference: 'https://attack.mitre.org/techniques/T1553', + tactics: 'defense-evasion', + value: 'subvertTrustControls', }, { label: i18n.translate( @@ -4335,17 +3138,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'initial-access', value: 'supplyChainCompromise', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemFirmwareDescription', - { defaultMessage: 'System Firmware (T1019)' } - ), - id: 'T1019', - name: 'System Firmware', - reference: 'https://attack.mitre.org/techniques/T1019', - tactics: 'persistence', - value: 'systemFirmware', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemInformationDiscoveryDescription', @@ -4401,6 +3193,17 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'discovery', value: 'systemServiceDiscovery', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemServicesDescription', + { defaultMessage: 'System Services (T1569)' } + ), + id: 'T1569', + name: 'System Services', + reference: 'https://attack.mitre.org/techniques/T1569', + tactics: 'execution', + value: 'systemServices', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemShutdownRebootDescription', @@ -4423,17 +3226,6 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'discovery', value: 'systemTimeDiscovery', }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemdServiceDescription', - { defaultMessage: 'Systemd Service (T1501)' } - ), - id: 'T1501', - name: 'Systemd Service', - reference: 'https://attack.mitre.org/techniques/T1501', - tactics: 'persistence', - value: 'systemdService', - }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.taintSharedContentDescription', @@ -4458,36 +3250,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.thirdPartySoftwareDescription', - { defaultMessage: 'Third-party Software (T1072)' } - ), - id: 'T1072', - name: 'Third-party Software', - reference: 'https://attack.mitre.org/techniques/T1072', - tactics: 'execution,lateral-movement', - value: 'thirdPartySoftware', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.timeProvidersDescription', - { defaultMessage: 'Time Providers (T1209)' } - ), - id: 'T1209', - name: 'Time Providers', - reference: 'https://attack.mitre.org/techniques/T1209', - tactics: 'persistence', - value: 'timeProviders', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.timestompDescription', - { defaultMessage: 'Timestomp (T1099)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.trafficSignalingDescription', + { defaultMessage: 'Traffic Signaling (T1205)' } ), - id: 'T1099', - name: 'Timestomp', - reference: 'https://attack.mitre.org/techniques/T1099', - tactics: 'defense-evasion', - value: 'timestomp', + id: 'T1205', + name: 'Traffic Signaling', + reference: 'https://attack.mitre.org/techniques/T1205', + tactics: 'defense-evasion,persistence,command-and-control', + value: 'trafficSignaling', }, { label: i18n.translate( @@ -4502,36 +3272,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.transmittedDataManipulationDescription', - { defaultMessage: 'Transmitted Data Manipulation (T1493)' } - ), - id: 'T1493', - name: 'Transmitted Data Manipulation', - reference: 'https://attack.mitre.org/techniques/T1493', - tactics: 'impact', - value: 'transmittedDataManipulation', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.trapDescription', - { defaultMessage: 'Trap (T1154)' } - ), - id: 'T1154', - name: 'Trap', - reference: 'https://attack.mitre.org/techniques/T1154', - tactics: 'execution,persistence', - value: 'trap', - }, - { - label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.trustedDeveloperUtilitiesDescription', - { defaultMessage: 'Trusted Developer Utilities (T1127)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.trustedDeveloperUtilitiesProxyExecutionDescription', + { defaultMessage: 'Trusted Developer Utilities Proxy Execution (T1127)' } ), id: 'T1127', - name: 'Trusted Developer Utilities', + name: 'Trusted Developer Utilities Proxy Execution', reference: 'https://attack.mitre.org/techniques/T1127', - tactics: 'defense-evasion,execution', - value: 'trustedDeveloperUtilities', + tactics: 'defense-evasion', + value: 'trustedDeveloperUtilitiesProxyExecution', }, { label: i18n.translate( @@ -4557,14 +3305,14 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.uncommonlyUsedPortDescription', - { defaultMessage: 'Uncommonly Used Port (T1065)' } + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.unsecuredCredentialsDescription', + { defaultMessage: 'Unsecured Credentials (T1552)' } ), - id: 'T1065', - name: 'Uncommonly Used Port', - reference: 'https://attack.mitre.org/techniques/T1065', - tactics: 'command-and-control', - value: 'uncommonlyUsedPort', + id: 'T1552', + name: 'Unsecured Credentials', + reference: 'https://attack.mitre.org/techniques/T1552', + tactics: 'credential-access', + value: 'unsecuredCredentials', }, { label: i18n.translate( @@ -4577,6 +3325,17 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'defense-evasion', value: 'unusedUnsupportedCloudRegions', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.useAlternateAuthenticationMaterialDescription', + { defaultMessage: 'Use Alternate Authentication Material (T1550)' } + ), + id: 'T1550', + name: 'Use Alternate Authentication Material', + reference: 'https://attack.mitre.org/techniques/T1550', + tactics: 'defense-evasion,lateral-movement', + value: 'useAlternateAuthenticationMaterial', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.userExecutionDescription', @@ -4621,103 +3380,6692 @@ export const techniquesOptions: MitreTechniquesOptions[] = [ tactics: 'defense-evasion,discovery', value: 'virtualizationSandboxEvasion', }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.weakenEncryptionDescription', + { defaultMessage: 'Weaken Encryption (T1600)' } + ), + id: 'T1600', + name: 'Weaken Encryption', + reference: 'https://attack.mitre.org/techniques/T1600', + tactics: 'defense-evasion', + value: 'weakenEncryption', + }, { label: i18n.translate( 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.webServiceDescription', { defaultMessage: 'Web Service (T1102)' } ), - id: 'T1102', - name: 'Web Service', - reference: 'https://attack.mitre.org/techniques/T1102', - tactics: 'command-and-control,defense-evasion', - value: 'webService', + id: 'T1102', + name: 'Web Service', + reference: 'https://attack.mitre.org/techniques/T1102', + tactics: 'command-and-control', + value: 'webService', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsManagementInstrumentationDescription', + { defaultMessage: 'Windows Management Instrumentation (T1047)' } + ), + id: 'T1047', + name: 'Windows Management Instrumentation', + reference: 'https://attack.mitre.org/techniques/T1047', + tactics: 'execution', + value: 'windowsManagementInstrumentation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.xslScriptProcessingDescription', + { defaultMessage: 'XSL Script Processing (T1220)' } + ), + id: 'T1220', + name: 'XSL Script Processing', + reference: 'https://attack.mitre.org/techniques/T1220', + tactics: 'defense-evasion', + value: 'xslScriptProcessing', + }, +]; + +export const subtechniques = [ + { + name: '.bash_profile and .bashrc', + id: 'T1546.004', + reference: 'https://attack.mitre.org/techniques/T1546/004', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: '/etc/passwd and /etc/shadow', + id: 'T1003.008', + reference: 'https://attack.mitre.org/techniques/T1003/008', + tactics: ['credential-access'], + techniqueId: 'T1003', + }, + { + name: 'ARP Cache Poisoning', + id: 'T1557.002', + reference: 'https://attack.mitre.org/techniques/T1557/002', + tactics: ['credential-access', 'collection'], + techniqueId: 'T1557', + }, + { + name: 'AS-REP Roasting', + id: 'T1558.004', + reference: 'https://attack.mitre.org/techniques/T1558/004', + tactics: ['credential-access'], + techniqueId: 'T1558', + }, + { + name: 'Accessibility Features', + id: 'T1546.008', + reference: 'https://attack.mitre.org/techniques/T1546/008', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Add Office 365 Global Administrator Role', + id: 'T1098.003', + reference: 'https://attack.mitre.org/techniques/T1098/003', + tactics: ['persistence'], + techniqueId: 'T1098', + }, + { + name: 'Add-ins', + id: 'T1137.006', + reference: 'https://attack.mitre.org/techniques/T1137/006', + tactics: ['persistence'], + techniqueId: 'T1137', + }, + { + name: 'Additional Cloud Credentials', + id: 'T1098.001', + reference: 'https://attack.mitre.org/techniques/T1098/001', + tactics: ['persistence'], + techniqueId: 'T1098', + }, + { + name: 'AppCert DLLs', + id: 'T1546.009', + reference: 'https://attack.mitre.org/techniques/T1546/009', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'AppInit DLLs', + id: 'T1546.010', + reference: 'https://attack.mitre.org/techniques/T1546/010', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'AppleScript', + id: 'T1059.002', + reference: 'https://attack.mitre.org/techniques/T1059/002', + tactics: ['execution'], + techniqueId: 'T1059', + }, + { + name: 'Application Access Token', + id: 'T1550.001', + reference: 'https://attack.mitre.org/techniques/T1550/001', + tactics: ['defense-evasion', 'lateral-movement'], + techniqueId: 'T1550', + }, + { + name: 'Application Exhaustion Flood', + id: 'T1499.003', + reference: 'https://attack.mitre.org/techniques/T1499/003', + tactics: ['impact'], + techniqueId: 'T1499', + }, + { + name: 'Application Shimming', + id: 'T1546.011', + reference: 'https://attack.mitre.org/techniques/T1546/011', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Application or System Exploitation', + id: 'T1499.004', + reference: 'https://attack.mitre.org/techniques/T1499/004', + tactics: ['impact'], + techniqueId: 'T1499', + }, + { + name: 'Archive via Custom Method', + id: 'T1560.003', + reference: 'https://attack.mitre.org/techniques/T1560/003', + tactics: ['collection'], + techniqueId: 'T1560', + }, + { + name: 'Archive via Library', + id: 'T1560.002', + reference: 'https://attack.mitre.org/techniques/T1560/002', + tactics: ['collection'], + techniqueId: 'T1560', + }, + { + name: 'Archive via Utility', + id: 'T1560.001', + reference: 'https://attack.mitre.org/techniques/T1560/001', + tactics: ['collection'], + techniqueId: 'T1560', + }, + { + name: 'Asymmetric Cryptography', + id: 'T1573.002', + reference: 'https://attack.mitre.org/techniques/T1573/002', + tactics: ['command-and-control'], + techniqueId: 'T1573', + }, + { + name: 'Asynchronous Procedure Call', + id: 'T1055.004', + reference: 'https://attack.mitre.org/techniques/T1055/004', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'At (Linux)', + id: 'T1053.001', + reference: 'https://attack.mitre.org/techniques/T1053/001', + tactics: ['execution', 'persistence', 'privilege-escalation'], + techniqueId: 'T1053', + }, + { + name: 'At (Windows)', + id: 'T1053.002', + reference: 'https://attack.mitre.org/techniques/T1053/002', + tactics: ['execution', 'persistence', 'privilege-escalation'], + techniqueId: 'T1053', + }, + { + name: 'Authentication Package', + id: 'T1547.002', + reference: 'https://attack.mitre.org/techniques/T1547/002', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Bash History', + id: 'T1552.003', + reference: 'https://attack.mitre.org/techniques/T1552/003', + tactics: ['credential-access'], + techniqueId: 'T1552', + }, + { + name: 'Bidirectional Communication', + id: 'T1102.002', + reference: 'https://attack.mitre.org/techniques/T1102/002', + tactics: ['command-and-control'], + techniqueId: 'T1102', + }, + { + name: 'Binary Padding', + id: 'T1027.001', + reference: 'https://attack.mitre.org/techniques/T1027/001', + tactics: ['defense-evasion'], + techniqueId: 'T1027', + }, + { + name: 'Bootkit', + id: 'T1542.003', + reference: 'https://attack.mitre.org/techniques/T1542/003', + tactics: ['persistence', 'defense-evasion'], + techniqueId: 'T1542', + }, + { + name: 'Botnet', + id: 'T1583.005', + reference: 'https://attack.mitre.org/techniques/T1583/005', + tactics: ['resource-development'], + techniqueId: 'T1583', + }, + { + name: 'Botnet', + id: 'T1584.005', + reference: 'https://attack.mitre.org/techniques/T1584/005', + tactics: ['resource-development'], + techniqueId: 'T1584', + }, + { + name: 'Business Relationships', + id: 'T1591.002', + reference: 'https://attack.mitre.org/techniques/T1591/002', + tactics: ['reconnaissance'], + techniqueId: 'T1591', + }, + { + name: 'Bypass User Account Control', + id: 'T1548.002', + reference: 'https://attack.mitre.org/techniques/T1548/002', + tactics: ['privilege-escalation', 'defense-evasion'], + techniqueId: 'T1548', + }, + { + name: 'CDNs', + id: 'T1596.004', + reference: 'https://attack.mitre.org/techniques/T1596/004', + tactics: ['reconnaissance'], + techniqueId: 'T1596', + }, + { + name: 'CMSTP', + id: 'T1218.003', + reference: 'https://attack.mitre.org/techniques/T1218/003', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'COR_PROFILER', + id: 'T1574.012', + reference: 'https://attack.mitre.org/techniques/T1574/012', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'Cached Domain Credentials', + id: 'T1003.005', + reference: 'https://attack.mitre.org/techniques/T1003/005', + tactics: ['credential-access'], + techniqueId: 'T1003', + }, + { + name: 'Change Default File Association', + id: 'T1546.001', + reference: 'https://attack.mitre.org/techniques/T1546/001', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Clear Command History', + id: 'T1070.003', + reference: 'https://attack.mitre.org/techniques/T1070/003', + tactics: ['defense-evasion'], + techniqueId: 'T1070', + }, + { + name: 'Clear Linux or Mac System Logs', + id: 'T1070.002', + reference: 'https://attack.mitre.org/techniques/T1070/002', + tactics: ['defense-evasion'], + techniqueId: 'T1070', + }, + { + name: 'Clear Windows Event Logs', + id: 'T1070.001', + reference: 'https://attack.mitre.org/techniques/T1070/001', + tactics: ['defense-evasion'], + techniqueId: 'T1070', + }, + { + name: 'Client Configurations', + id: 'T1592.004', + reference: 'https://attack.mitre.org/techniques/T1592/004', + tactics: ['reconnaissance'], + techniqueId: 'T1592', + }, + { + name: 'Cloud Account', + id: 'T1136.003', + reference: 'https://attack.mitre.org/techniques/T1136/003', + tactics: ['persistence'], + techniqueId: 'T1136', + }, + { + name: 'Cloud Account', + id: 'T1087.004', + reference: 'https://attack.mitre.org/techniques/T1087/004', + tactics: ['discovery'], + techniqueId: 'T1087', + }, + { + name: 'Cloud Accounts', + id: 'T1078.004', + reference: 'https://attack.mitre.org/techniques/T1078/004', + tactics: ['defense-evasion', 'persistence', 'privilege-escalation', 'initial-access'], + techniqueId: 'T1078', + }, + { + name: 'Cloud Groups', + id: 'T1069.003', + reference: 'https://attack.mitre.org/techniques/T1069/003', + tactics: ['discovery'], + techniqueId: 'T1069', + }, + { + name: 'Cloud Instance Metadata API', + id: 'T1552.005', + reference: 'https://attack.mitre.org/techniques/T1552/005', + tactics: ['credential-access'], + techniqueId: 'T1552', + }, + { + name: 'Code Signing', + id: 'T1553.002', + reference: 'https://attack.mitre.org/techniques/T1553/002', + tactics: ['defense-evasion'], + techniqueId: 'T1553', + }, + { + name: 'Code Signing Certificates', + id: 'T1587.002', + reference: 'https://attack.mitre.org/techniques/T1587/002', + tactics: ['resource-development'], + techniqueId: 'T1587', + }, + { + name: 'Code Signing Certificates', + id: 'T1588.003', + reference: 'https://attack.mitre.org/techniques/T1588/003', + tactics: ['resource-development'], + techniqueId: 'T1588', + }, + { + name: 'Compile After Delivery', + id: 'T1027.004', + reference: 'https://attack.mitre.org/techniques/T1027/004', + tactics: ['defense-evasion'], + techniqueId: 'T1027', + }, + { + name: 'Compiled HTML File', + id: 'T1218.001', + reference: 'https://attack.mitre.org/techniques/T1218/001', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Component Firmware', + id: 'T1542.002', + reference: 'https://attack.mitre.org/techniques/T1542/002', + tactics: ['persistence', 'defense-evasion'], + techniqueId: 'T1542', + }, + { + name: 'Component Object Model', + id: 'T1559.001', + reference: 'https://attack.mitre.org/techniques/T1559/001', + tactics: ['execution'], + techniqueId: 'T1559', + }, + { + name: 'Component Object Model Hijacking', + id: 'T1546.015', + reference: 'https://attack.mitre.org/techniques/T1546/015', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Compromise Hardware Supply Chain', + id: 'T1195.003', + reference: 'https://attack.mitre.org/techniques/T1195/003', + tactics: ['initial-access'], + techniqueId: 'T1195', + }, + { + name: 'Compromise Software Dependencies and Development Tools', + id: 'T1195.001', + reference: 'https://attack.mitre.org/techniques/T1195/001', + tactics: ['initial-access'], + techniqueId: 'T1195', + }, + { + name: 'Compromise Software Supply Chain', + id: 'T1195.002', + reference: 'https://attack.mitre.org/techniques/T1195/002', + tactics: ['initial-access'], + techniqueId: 'T1195', + }, + { + name: 'Confluence', + id: 'T1213.001', + reference: 'https://attack.mitre.org/techniques/T1213/001', + tactics: ['collection'], + techniqueId: 'T1213', + }, + { + name: 'Control Panel', + id: 'T1218.002', + reference: 'https://attack.mitre.org/techniques/T1218/002', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Create Cloud Instance', + id: 'T1578.002', + reference: 'https://attack.mitre.org/techniques/T1578/002', + tactics: ['defense-evasion'], + techniqueId: 'T1578', + }, + { + name: 'Create Process with Token', + id: 'T1134.002', + reference: 'https://attack.mitre.org/techniques/T1134/002', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1134', + }, + { + name: 'Create Snapshot', + id: 'T1578.001', + reference: 'https://attack.mitre.org/techniques/T1578/001', + tactics: ['defense-evasion'], + techniqueId: 'T1578', + }, + { + name: 'Credential API Hooking', + id: 'T1056.004', + reference: 'https://attack.mitre.org/techniques/T1056/004', + tactics: ['collection', 'credential-access'], + techniqueId: 'T1056', + }, + { + name: 'Credential Stuffing', + id: 'T1110.004', + reference: 'https://attack.mitre.org/techniques/T1110/004', + tactics: ['credential-access'], + techniqueId: 'T1110', + }, + { + name: 'Credentials', + id: 'T1589.001', + reference: 'https://attack.mitre.org/techniques/T1589/001', + tactics: ['reconnaissance'], + techniqueId: 'T1589', + }, + { + name: 'Credentials In Files', + id: 'T1552.001', + reference: 'https://attack.mitre.org/techniques/T1552/001', + tactics: ['credential-access'], + techniqueId: 'T1552', + }, + { + name: 'Credentials from Web Browsers', + id: 'T1555.003', + reference: 'https://attack.mitre.org/techniques/T1555/003', + tactics: ['credential-access'], + techniqueId: 'T1555', + }, + { + name: 'Credentials in Registry', + id: 'T1552.002', + reference: 'https://attack.mitre.org/techniques/T1552/002', + tactics: ['credential-access'], + techniqueId: 'T1552', + }, + { + name: 'Cron', + id: 'T1053.003', + reference: 'https://attack.mitre.org/techniques/T1053/003', + tactics: ['execution', 'persistence', 'privilege-escalation'], + techniqueId: 'T1053', + }, + { + name: 'DCSync', + id: 'T1003.006', + reference: 'https://attack.mitre.org/techniques/T1003/006', + tactics: ['credential-access'], + techniqueId: 'T1003', + }, + { + name: 'DLL Search Order Hijacking', + id: 'T1574.001', + reference: 'https://attack.mitre.org/techniques/T1574/001', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'DLL Side-Loading', + id: 'T1574.002', + reference: 'https://attack.mitre.org/techniques/T1574/002', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'DNS', + id: 'T1071.004', + reference: 'https://attack.mitre.org/techniques/T1071/004', + tactics: ['command-and-control'], + techniqueId: 'T1071', + }, + { + name: 'DNS', + id: 'T1590.002', + reference: 'https://attack.mitre.org/techniques/T1590/002', + tactics: ['reconnaissance'], + techniqueId: 'T1590', + }, + { + name: 'DNS Calculation', + id: 'T1568.003', + reference: 'https://attack.mitre.org/techniques/T1568/003', + tactics: ['command-and-control'], + techniqueId: 'T1568', + }, + { + name: 'DNS Server', + id: 'T1583.002', + reference: 'https://attack.mitre.org/techniques/T1583/002', + tactics: ['resource-development'], + techniqueId: 'T1583', + }, + { + name: 'DNS Server', + id: 'T1584.002', + reference: 'https://attack.mitre.org/techniques/T1584/002', + tactics: ['resource-development'], + techniqueId: 'T1584', + }, + { + name: 'DNS/Passive DNS', + id: 'T1596.001', + reference: 'https://attack.mitre.org/techniques/T1596/001', + tactics: ['reconnaissance'], + techniqueId: 'T1596', + }, + { + name: 'Dead Drop Resolver', + id: 'T1102.001', + reference: 'https://attack.mitre.org/techniques/T1102/001', + tactics: ['command-and-control'], + techniqueId: 'T1102', + }, + { + name: 'Default Accounts', + id: 'T1078.001', + reference: 'https://attack.mitre.org/techniques/T1078/001', + tactics: ['defense-evasion', 'persistence', 'privilege-escalation', 'initial-access'], + techniqueId: 'T1078', + }, + { + name: 'Delete Cloud Instance', + id: 'T1578.003', + reference: 'https://attack.mitre.org/techniques/T1578/003', + tactics: ['defense-evasion'], + techniqueId: 'T1578', + }, + { + name: 'Determine Physical Locations', + id: 'T1591.001', + reference: 'https://attack.mitre.org/techniques/T1591/001', + tactics: ['reconnaissance'], + techniqueId: 'T1591', + }, + { + name: 'Digital Certificates', + id: 'T1587.003', + reference: 'https://attack.mitre.org/techniques/T1587/003', + tactics: ['resource-development'], + techniqueId: 'T1587', + }, + { + name: 'Digital Certificates', + id: 'T1588.004', + reference: 'https://attack.mitre.org/techniques/T1588/004', + tactics: ['resource-development'], + techniqueId: 'T1588', + }, + { + name: 'Digital Certificates', + id: 'T1596.003', + reference: 'https://attack.mitre.org/techniques/T1596/003', + tactics: ['reconnaissance'], + techniqueId: 'T1596', + }, + { + name: 'Direct Network Flood', + id: 'T1498.001', + reference: 'https://attack.mitre.org/techniques/T1498/001', + tactics: ['impact'], + techniqueId: 'T1498', + }, + { + name: 'Disable Cloud Logs', + id: 'T1562.008', + reference: 'https://attack.mitre.org/techniques/T1562/008', + tactics: ['defense-evasion'], + techniqueId: 'T1562', + }, + { + name: 'Disable Crypto Hardware', + id: 'T1600.002', + reference: 'https://attack.mitre.org/techniques/T1600/002', + tactics: ['defense-evasion'], + techniqueId: 'T1600', + }, + { + name: 'Disable Windows Event Logging', + id: 'T1562.002', + reference: 'https://attack.mitre.org/techniques/T1562/002', + tactics: ['defense-evasion'], + techniqueId: 'T1562', + }, + { + name: 'Disable or Modify Cloud Firewall', + id: 'T1562.007', + reference: 'https://attack.mitre.org/techniques/T1562/007', + tactics: ['defense-evasion'], + techniqueId: 'T1562', + }, + { + name: 'Disable or Modify System Firewall', + id: 'T1562.004', + reference: 'https://attack.mitre.org/techniques/T1562/004', + tactics: ['defense-evasion'], + techniqueId: 'T1562', + }, + { + name: 'Disable or Modify Tools', + id: 'T1562.001', + reference: 'https://attack.mitre.org/techniques/T1562/001', + tactics: ['defense-evasion'], + techniqueId: 'T1562', + }, + { + name: 'Disk Content Wipe', + id: 'T1561.001', + reference: 'https://attack.mitre.org/techniques/T1561/001', + tactics: ['impact'], + techniqueId: 'T1561', + }, + { + name: 'Disk Structure Wipe', + id: 'T1561.002', + reference: 'https://attack.mitre.org/techniques/T1561/002', + tactics: ['impact'], + techniqueId: 'T1561', + }, + { + name: 'Distributed Component Object Model', + id: 'T1021.003', + reference: 'https://attack.mitre.org/techniques/T1021/003', + tactics: ['lateral-movement'], + techniqueId: 'T1021', + }, + { + name: 'Domain Account', + id: 'T1136.002', + reference: 'https://attack.mitre.org/techniques/T1136/002', + tactics: ['persistence'], + techniqueId: 'T1136', + }, + { + name: 'Domain Account', + id: 'T1087.002', + reference: 'https://attack.mitre.org/techniques/T1087/002', + tactics: ['discovery'], + techniqueId: 'T1087', + }, + { + name: 'Domain Accounts', + id: 'T1078.002', + reference: 'https://attack.mitre.org/techniques/T1078/002', + tactics: ['defense-evasion', 'persistence', 'privilege-escalation', 'initial-access'], + techniqueId: 'T1078', + }, + { + name: 'Domain Controller Authentication', + id: 'T1556.001', + reference: 'https://attack.mitre.org/techniques/T1556/001', + tactics: ['credential-access', 'defense-evasion'], + techniqueId: 'T1556', + }, + { + name: 'Domain Fronting', + id: 'T1090.004', + reference: 'https://attack.mitre.org/techniques/T1090/004', + tactics: ['command-and-control'], + techniqueId: 'T1090', + }, + { + name: 'Domain Generation Algorithms', + id: 'T1568.002', + reference: 'https://attack.mitre.org/techniques/T1568/002', + tactics: ['command-and-control'], + techniqueId: 'T1568', + }, + { + name: 'Domain Groups', + id: 'T1069.002', + reference: 'https://attack.mitre.org/techniques/T1069/002', + tactics: ['discovery'], + techniqueId: 'T1069', + }, + { + name: 'Domain Properties', + id: 'T1590.001', + reference: 'https://attack.mitre.org/techniques/T1590/001', + tactics: ['reconnaissance'], + techniqueId: 'T1590', + }, + { + name: 'Domains', + id: 'T1583.001', + reference: 'https://attack.mitre.org/techniques/T1583/001', + tactics: ['resource-development'], + techniqueId: 'T1583', + }, + { + name: 'Domains', + id: 'T1584.001', + reference: 'https://attack.mitre.org/techniques/T1584/001', + tactics: ['resource-development'], + techniqueId: 'T1584', + }, + { + name: 'Downgrade System Image', + id: 'T1601.002', + reference: 'https://attack.mitre.org/techniques/T1601/002', + tactics: ['defense-evasion'], + techniqueId: 'T1601', + }, + { + name: 'Dylib Hijacking', + id: 'T1574.004', + reference: 'https://attack.mitre.org/techniques/T1574/004', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'Dynamic Data Exchange', + id: 'T1559.002', + reference: 'https://attack.mitre.org/techniques/T1559/002', + tactics: ['execution'], + techniqueId: 'T1559', + }, + { + name: 'Dynamic-link Library Injection', + id: 'T1055.001', + reference: 'https://attack.mitre.org/techniques/T1055/001', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'Elevated Execution with Prompt', + id: 'T1548.004', + reference: 'https://attack.mitre.org/techniques/T1548/004', + tactics: ['privilege-escalation', 'defense-evasion'], + techniqueId: 'T1548', + }, + { + name: 'Email Account', + id: 'T1087.003', + reference: 'https://attack.mitre.org/techniques/T1087/003', + tactics: ['discovery'], + techniqueId: 'T1087', + }, + { + name: 'Email Accounts', + id: 'T1585.002', + reference: 'https://attack.mitre.org/techniques/T1585/002', + tactics: ['resource-development'], + techniqueId: 'T1585', + }, + { + name: 'Email Accounts', + id: 'T1586.002', + reference: 'https://attack.mitre.org/techniques/T1586/002', + tactics: ['resource-development'], + techniqueId: 'T1586', + }, + { + name: 'Email Addresses', + id: 'T1589.002', + reference: 'https://attack.mitre.org/techniques/T1589/002', + tactics: ['reconnaissance'], + techniqueId: 'T1589', + }, + { + name: 'Email Forwarding Rule', + id: 'T1114.003', + reference: 'https://attack.mitre.org/techniques/T1114/003', + tactics: ['collection'], + techniqueId: 'T1114', + }, + { + name: 'Emond', + id: 'T1546.014', + reference: 'https://attack.mitre.org/techniques/T1546/014', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Employee Names', + id: 'T1589.003', + reference: 'https://attack.mitre.org/techniques/T1589/003', + tactics: ['reconnaissance'], + techniqueId: 'T1589', + }, + { + name: 'Environmental Keying', + id: 'T1480.001', + reference: 'https://attack.mitre.org/techniques/T1480/001', + tactics: ['defense-evasion'], + techniqueId: 'T1480', + }, + { + name: 'Exchange Email Delegate Permissions', + id: 'T1098.002', + reference: 'https://attack.mitre.org/techniques/T1098/002', + tactics: ['persistence'], + techniqueId: 'T1098', + }, + { + name: 'Executable Installer File Permissions Weakness', + id: 'T1574.005', + reference: 'https://attack.mitre.org/techniques/T1574/005', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'Exfiltration Over Asymmetric Encrypted Non-C2 Protocol', + id: 'T1048.002', + reference: 'https://attack.mitre.org/techniques/T1048/002', + tactics: ['exfiltration'], + techniqueId: 'T1048', + }, + { + name: 'Exfiltration Over Bluetooth', + id: 'T1011.001', + reference: 'https://attack.mitre.org/techniques/T1011/001', + tactics: ['exfiltration'], + techniqueId: 'T1011', + }, + { + name: 'Exfiltration Over Symmetric Encrypted Non-C2 Protocol', + id: 'T1048.001', + reference: 'https://attack.mitre.org/techniques/T1048/001', + tactics: ['exfiltration'], + techniqueId: 'T1048', + }, + { + name: 'Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol', + id: 'T1048.003', + reference: 'https://attack.mitre.org/techniques/T1048/003', + tactics: ['exfiltration'], + techniqueId: 'T1048', + }, + { + name: 'Exfiltration over USB', + id: 'T1052.001', + reference: 'https://attack.mitre.org/techniques/T1052/001', + tactics: ['exfiltration'], + techniqueId: 'T1052', + }, + { + name: 'Exfiltration to Cloud Storage', + id: 'T1567.002', + reference: 'https://attack.mitre.org/techniques/T1567/002', + tactics: ['exfiltration'], + techniqueId: 'T1567', + }, + { + name: 'Exfiltration to Code Repository', + id: 'T1567.001', + reference: 'https://attack.mitre.org/techniques/T1567/001', + tactics: ['exfiltration'], + techniqueId: 'T1567', + }, + { + name: 'Exploits', + id: 'T1587.004', + reference: 'https://attack.mitre.org/techniques/T1587/004', + tactics: ['resource-development'], + techniqueId: 'T1587', + }, + { + name: 'Exploits', + id: 'T1588.005', + reference: 'https://attack.mitre.org/techniques/T1588/005', + tactics: ['resource-development'], + techniqueId: 'T1588', + }, + { + name: 'External Defacement', + id: 'T1491.002', + reference: 'https://attack.mitre.org/techniques/T1491/002', + tactics: ['impact'], + techniqueId: 'T1491', + }, + { + name: 'External Proxy', + id: 'T1090.002', + reference: 'https://attack.mitre.org/techniques/T1090/002', + tactics: ['command-and-control'], + techniqueId: 'T1090', + }, + { + name: 'Extra Window Memory Injection', + id: 'T1055.011', + reference: 'https://attack.mitre.org/techniques/T1055/011', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'Fast Flux DNS', + id: 'T1568.001', + reference: 'https://attack.mitre.org/techniques/T1568/001', + tactics: ['command-and-control'], + techniqueId: 'T1568', + }, + { + name: 'File Deletion', + id: 'T1070.004', + reference: 'https://attack.mitre.org/techniques/T1070/004', + tactics: ['defense-evasion'], + techniqueId: 'T1070', + }, + { + name: 'File Transfer Protocols', + id: 'T1071.002', + reference: 'https://attack.mitre.org/techniques/T1071/002', + tactics: ['command-and-control'], + techniqueId: 'T1071', + }, + { + name: 'Firmware', + id: 'T1592.003', + reference: 'https://attack.mitre.org/techniques/T1592/003', + tactics: ['reconnaissance'], + techniqueId: 'T1592', + }, + { + name: 'GUI Input Capture', + id: 'T1056.002', + reference: 'https://attack.mitre.org/techniques/T1056/002', + tactics: ['collection', 'credential-access'], + techniqueId: 'T1056', + }, + { + name: 'Gatekeeper Bypass', + id: 'T1553.001', + reference: 'https://attack.mitre.org/techniques/T1553/001', + tactics: ['defense-evasion'], + techniqueId: 'T1553', + }, + { + name: 'Golden Ticket', + id: 'T1558.001', + reference: 'https://attack.mitre.org/techniques/T1558/001', + tactics: ['credential-access'], + techniqueId: 'T1558', + }, + { + name: 'Group Policy Preferences', + id: 'T1552.006', + reference: 'https://attack.mitre.org/techniques/T1552/006', + tactics: ['credential-access'], + techniqueId: 'T1552', + }, + { + name: 'Hardware', + id: 'T1592.001', + reference: 'https://attack.mitre.org/techniques/T1592/001', + tactics: ['reconnaissance'], + techniqueId: 'T1592', + }, + { + name: 'Hidden File System', + id: 'T1564.005', + reference: 'https://attack.mitre.org/techniques/T1564/005', + tactics: ['defense-evasion'], + techniqueId: 'T1564', + }, + { + name: 'Hidden Files and Directories', + id: 'T1564.001', + reference: 'https://attack.mitre.org/techniques/T1564/001', + tactics: ['defense-evasion'], + techniqueId: 'T1564', + }, + { + name: 'Hidden Users', + id: 'T1564.002', + reference: 'https://attack.mitre.org/techniques/T1564/002', + tactics: ['defense-evasion'], + techniqueId: 'T1564', + }, + { + name: 'Hidden Window', + id: 'T1564.003', + reference: 'https://attack.mitre.org/techniques/T1564/003', + tactics: ['defense-evasion'], + techniqueId: 'T1564', + }, + { + name: 'IP Addresses', + id: 'T1590.005', + reference: 'https://attack.mitre.org/techniques/T1590/005', + tactics: ['reconnaissance'], + techniqueId: 'T1590', + }, + { + name: 'Identify Business Tempo', + id: 'T1591.003', + reference: 'https://attack.mitre.org/techniques/T1591/003', + tactics: ['reconnaissance'], + techniqueId: 'T1591', + }, + { + name: 'Identify Roles', + id: 'T1591.004', + reference: 'https://attack.mitre.org/techniques/T1591/004', + tactics: ['reconnaissance'], + techniqueId: 'T1591', + }, + { + name: 'Image File Execution Options Injection', + id: 'T1546.012', + reference: 'https://attack.mitre.org/techniques/T1546/012', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Impair Command History Logging', + id: 'T1562.003', + reference: 'https://attack.mitre.org/techniques/T1562/003', + tactics: ['defense-evasion'], + techniqueId: 'T1562', + }, + { + name: 'Indicator Blocking', + id: 'T1562.006', + reference: 'https://attack.mitre.org/techniques/T1562/006', + tactics: ['defense-evasion'], + techniqueId: 'T1562', + }, + { + name: 'Indicator Removal from Tools', + id: 'T1027.005', + reference: 'https://attack.mitre.org/techniques/T1027/005', + tactics: ['defense-evasion'], + techniqueId: 'T1027', + }, + { + name: 'Install Root Certificate', + id: 'T1553.004', + reference: 'https://attack.mitre.org/techniques/T1553/004', + tactics: ['defense-evasion'], + techniqueId: 'T1553', + }, + { + name: 'InstallUtil', + id: 'T1218.004', + reference: 'https://attack.mitre.org/techniques/T1218/004', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Internal Defacement', + id: 'T1491.001', + reference: 'https://attack.mitre.org/techniques/T1491/001', + tactics: ['impact'], + techniqueId: 'T1491', + }, + { + name: 'Internal Proxy', + id: 'T1090.001', + reference: 'https://attack.mitre.org/techniques/T1090/001', + tactics: ['command-and-control'], + techniqueId: 'T1090', + }, + { + name: 'Invalid Code Signature', + id: 'T1036.001', + reference: 'https://attack.mitre.org/techniques/T1036/001', + tactics: ['defense-evasion'], + techniqueId: 'T1036', + }, + { + name: 'JavaScript/JScript', + id: 'T1059.007', + reference: 'https://attack.mitre.org/techniques/T1059/007', + tactics: ['execution'], + techniqueId: 'T1059', + }, + { + name: 'Junk Data', + id: 'T1001.001', + reference: 'https://attack.mitre.org/techniques/T1001/001', + tactics: ['command-and-control'], + techniqueId: 'T1001', + }, + { + name: 'Kerberoasting', + id: 'T1558.003', + reference: 'https://attack.mitre.org/techniques/T1558/003', + tactics: ['credential-access'], + techniqueId: 'T1558', + }, + { + name: 'Kernel Modules and Extensions', + id: 'T1547.006', + reference: 'https://attack.mitre.org/techniques/T1547/006', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Keychain', + id: 'T1555.001', + reference: 'https://attack.mitre.org/techniques/T1555/001', + tactics: ['credential-access'], + techniqueId: 'T1555', + }, + { + name: 'Keylogging', + id: 'T1056.001', + reference: 'https://attack.mitre.org/techniques/T1056/001', + tactics: ['collection', 'credential-access'], + techniqueId: 'T1056', + }, + { + name: 'LC_LOAD_DYLIB Addition', + id: 'T1546.006', + reference: 'https://attack.mitre.org/techniques/T1546/006', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'LD_PRELOAD', + id: 'T1574.006', + reference: 'https://attack.mitre.org/techniques/T1574/006', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'LLMNR/NBT-NS Poisoning and SMB Relay', + id: 'T1557.001', + reference: 'https://attack.mitre.org/techniques/T1557/001', + tactics: ['credential-access', 'collection'], + techniqueId: 'T1557', + }, + { + name: 'LSA Secrets', + id: 'T1003.004', + reference: 'https://attack.mitre.org/techniques/T1003/004', + tactics: ['credential-access'], + techniqueId: 'T1003', + }, + { + name: 'LSASS Driver', + id: 'T1547.008', + reference: 'https://attack.mitre.org/techniques/T1547/008', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'LSASS Memory', + id: 'T1003.001', + reference: 'https://attack.mitre.org/techniques/T1003/001', + tactics: ['credential-access'], + techniqueId: 'T1003', + }, + { + name: 'Launch Agent', + id: 'T1543.001', + reference: 'https://attack.mitre.org/techniques/T1543/001', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1543', + }, + { + name: 'Launch Daemon', + id: 'T1543.004', + reference: 'https://attack.mitre.org/techniques/T1543/004', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1543', + }, + { + name: 'Launchctl', + id: 'T1569.001', + reference: 'https://attack.mitre.org/techniques/T1569/001', + tactics: ['execution'], + techniqueId: 'T1569', + }, + { + name: 'Launchd', + id: 'T1053.004', + reference: 'https://attack.mitre.org/techniques/T1053/004', + tactics: ['execution', 'persistence', 'privilege-escalation'], + techniqueId: 'T1053', + }, + { + name: 'Linux and Mac File and Directory Permissions Modification', + id: 'T1222.002', + reference: 'https://attack.mitre.org/techniques/T1222/002', + tactics: ['defense-evasion'], + techniqueId: 'T1222', + }, + { + name: 'Local Account', + id: 'T1136.001', + reference: 'https://attack.mitre.org/techniques/T1136/001', + tactics: ['persistence'], + techniqueId: 'T1136', + }, + { + name: 'Local Account', + id: 'T1087.001', + reference: 'https://attack.mitre.org/techniques/T1087/001', + tactics: ['discovery'], + techniqueId: 'T1087', + }, + { + name: 'Local Accounts', + id: 'T1078.003', + reference: 'https://attack.mitre.org/techniques/T1078/003', + tactics: ['defense-evasion', 'persistence', 'privilege-escalation', 'initial-access'], + techniqueId: 'T1078', + }, + { + name: 'Local Data Staging', + id: 'T1074.001', + reference: 'https://attack.mitre.org/techniques/T1074/001', + tactics: ['collection'], + techniqueId: 'T1074', + }, + { + name: 'Local Email Collection', + id: 'T1114.001', + reference: 'https://attack.mitre.org/techniques/T1114/001', + tactics: ['collection'], + techniqueId: 'T1114', + }, + { + name: 'Local Groups', + id: 'T1069.001', + reference: 'https://attack.mitre.org/techniques/T1069/001', + tactics: ['discovery'], + techniqueId: 'T1069', + }, + { + name: 'Logon Script (Mac)', + id: 'T1037.002', + reference: 'https://attack.mitre.org/techniques/T1037/002', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1037', + }, + { + name: 'Logon Script (Windows)', + id: 'T1037.001', + reference: 'https://attack.mitre.org/techniques/T1037/001', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1037', + }, + { + name: 'MSBuild', + id: 'T1127.001', + reference: 'https://attack.mitre.org/techniques/T1127/001', + tactics: ['defense-evasion'], + techniqueId: 'T1127', + }, + { + name: 'Mail Protocols', + id: 'T1071.003', + reference: 'https://attack.mitre.org/techniques/T1071/003', + tactics: ['command-and-control'], + techniqueId: 'T1071', + }, + { + name: 'Make and Impersonate Token', + id: 'T1134.003', + reference: 'https://attack.mitre.org/techniques/T1134/003', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1134', + }, + { + name: 'Malicious File', + id: 'T1204.002', + reference: 'https://attack.mitre.org/techniques/T1204/002', + tactics: ['execution'], + techniqueId: 'T1204', + }, + { + name: 'Malicious Link', + id: 'T1204.001', + reference: 'https://attack.mitre.org/techniques/T1204/001', + tactics: ['execution'], + techniqueId: 'T1204', + }, + { + name: 'Malware', + id: 'T1587.001', + reference: 'https://attack.mitre.org/techniques/T1587/001', + tactics: ['resource-development'], + techniqueId: 'T1587', + }, + { + name: 'Malware', + id: 'T1588.001', + reference: 'https://attack.mitre.org/techniques/T1588/001', + tactics: ['resource-development'], + techniqueId: 'T1588', + }, + { + name: 'Masquerade Task or Service', + id: 'T1036.004', + reference: 'https://attack.mitre.org/techniques/T1036/004', + tactics: ['defense-evasion'], + techniqueId: 'T1036', + }, + { + name: 'Match Legitimate Name or Location', + id: 'T1036.005', + reference: 'https://attack.mitre.org/techniques/T1036/005', + tactics: ['defense-evasion'], + techniqueId: 'T1036', + }, + { + name: 'Mshta', + id: 'T1218.005', + reference: 'https://attack.mitre.org/techniques/T1218/005', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Msiexec', + id: 'T1218.007', + reference: 'https://attack.mitre.org/techniques/T1218/007', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Multi-hop Proxy', + id: 'T1090.003', + reference: 'https://attack.mitre.org/techniques/T1090/003', + tactics: ['command-and-control'], + techniqueId: 'T1090', + }, + { + name: 'NTDS', + id: 'T1003.003', + reference: 'https://attack.mitre.org/techniques/T1003/003', + tactics: ['credential-access'], + techniqueId: 'T1003', + }, + { + name: 'NTFS File Attributes', + id: 'T1564.004', + reference: 'https://attack.mitre.org/techniques/T1564/004', + tactics: ['defense-evasion'], + techniqueId: 'T1564', + }, + { + name: 'Netsh Helper DLL', + id: 'T1546.007', + reference: 'https://attack.mitre.org/techniques/T1546/007', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Network Address Translation Traversal', + id: 'T1599.001', + reference: 'https://attack.mitre.org/techniques/T1599/001', + tactics: ['defense-evasion'], + techniqueId: 'T1599', + }, + { + name: 'Network Device Authentication', + id: 'T1556.004', + reference: 'https://attack.mitre.org/techniques/T1556/004', + tactics: ['credential-access', 'defense-evasion'], + techniqueId: 'T1556', + }, + { + name: 'Network Device CLI', + id: 'T1059.008', + reference: 'https://attack.mitre.org/techniques/T1059/008', + tactics: ['execution'], + techniqueId: 'T1059', + }, + { + name: 'Network Device Configuration Dump', + id: 'T1602.002', + reference: 'https://attack.mitre.org/techniques/T1602/002', + tactics: ['collection'], + techniqueId: 'T1602', + }, + { + name: 'Network Logon Script', + id: 'T1037.003', + reference: 'https://attack.mitre.org/techniques/T1037/003', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1037', + }, + { + name: 'Network Security Appliances', + id: 'T1590.006', + reference: 'https://attack.mitre.org/techniques/T1590/006', + tactics: ['reconnaissance'], + techniqueId: 'T1590', + }, + { + name: 'Network Share Connection Removal', + id: 'T1070.005', + reference: 'https://attack.mitre.org/techniques/T1070/005', + tactics: ['defense-evasion'], + techniqueId: 'T1070', + }, + { + name: 'Network Topology', + id: 'T1590.004', + reference: 'https://attack.mitre.org/techniques/T1590/004', + tactics: ['reconnaissance'], + techniqueId: 'T1590', + }, + { + name: 'Network Trust Dependencies', + id: 'T1590.003', + reference: 'https://attack.mitre.org/techniques/T1590/003', + tactics: ['reconnaissance'], + techniqueId: 'T1590', + }, + { + name: 'Non-Standard Encoding', + id: 'T1132.002', + reference: 'https://attack.mitre.org/techniques/T1132/002', + tactics: ['command-and-control'], + techniqueId: 'T1132', + }, + { + name: 'OS Exhaustion Flood', + id: 'T1499.001', + reference: 'https://attack.mitre.org/techniques/T1499/001', + tactics: ['impact'], + techniqueId: 'T1499', + }, + { + name: 'Odbcconf', + id: 'T1218.008', + reference: 'https://attack.mitre.org/techniques/T1218/008', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Office Template Macros', + id: 'T1137.001', + reference: 'https://attack.mitre.org/techniques/T1137/001', + tactics: ['persistence'], + techniqueId: 'T1137', + }, + { + name: 'Office Test', + id: 'T1137.002', + reference: 'https://attack.mitre.org/techniques/T1137/002', + tactics: ['persistence'], + techniqueId: 'T1137', + }, + { + name: 'One-Way Communication', + id: 'T1102.003', + reference: 'https://attack.mitre.org/techniques/T1102/003', + tactics: ['command-and-control'], + techniqueId: 'T1102', + }, + { + name: 'Outlook Forms', + id: 'T1137.003', + reference: 'https://attack.mitre.org/techniques/T1137/003', + tactics: ['persistence'], + techniqueId: 'T1137', + }, + { + name: 'Outlook Home Page', + id: 'T1137.004', + reference: 'https://attack.mitre.org/techniques/T1137/004', + tactics: ['persistence'], + techniqueId: 'T1137', + }, + { + name: 'Outlook Rules', + id: 'T1137.005', + reference: 'https://attack.mitre.org/techniques/T1137/005', + tactics: ['persistence'], + techniqueId: 'T1137', + }, + { + name: 'Parent PID Spoofing', + id: 'T1134.004', + reference: 'https://attack.mitre.org/techniques/T1134/004', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1134', + }, + { + name: 'Pass the Hash', + id: 'T1550.002', + reference: 'https://attack.mitre.org/techniques/T1550/002', + tactics: ['defense-evasion', 'lateral-movement'], + techniqueId: 'T1550', + }, + { + name: 'Pass the Ticket', + id: 'T1550.003', + reference: 'https://attack.mitre.org/techniques/T1550/003', + tactics: ['defense-evasion', 'lateral-movement'], + techniqueId: 'T1550', + }, + { + name: 'Password Cracking', + id: 'T1110.002', + reference: 'https://attack.mitre.org/techniques/T1110/002', + tactics: ['credential-access'], + techniqueId: 'T1110', + }, + { + name: 'Password Filter DLL', + id: 'T1556.002', + reference: 'https://attack.mitre.org/techniques/T1556/002', + tactics: ['credential-access', 'defense-evasion'], + techniqueId: 'T1556', + }, + { + name: 'Password Guessing', + id: 'T1110.001', + reference: 'https://attack.mitre.org/techniques/T1110/001', + tactics: ['credential-access'], + techniqueId: 'T1110', + }, + { + name: 'Password Spraying', + id: 'T1110.003', + reference: 'https://attack.mitre.org/techniques/T1110/003', + tactics: ['credential-access'], + techniqueId: 'T1110', + }, + { + name: 'Patch System Image', + id: 'T1601.001', + reference: 'https://attack.mitre.org/techniques/T1601/001', + tactics: ['defense-evasion'], + techniqueId: 'T1601', + }, + { + name: 'Path Interception by PATH Environment Variable', + id: 'T1574.007', + reference: 'https://attack.mitre.org/techniques/T1574/007', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'Path Interception by Search Order Hijacking', + id: 'T1574.008', + reference: 'https://attack.mitre.org/techniques/T1574/008', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'Path Interception by Unquoted Path', + id: 'T1574.009', + reference: 'https://attack.mitre.org/techniques/T1574/009', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'Plist Modification', + id: 'T1547.011', + reference: 'https://attack.mitre.org/techniques/T1547/011', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Pluggable Authentication Modules', + id: 'T1556.003', + reference: 'https://attack.mitre.org/techniques/T1556/003', + tactics: ['credential-access', 'defense-evasion'], + techniqueId: 'T1556', + }, + { + name: 'Port Knocking', + id: 'T1205.001', + reference: 'https://attack.mitre.org/techniques/T1205/001', + tactics: ['defense-evasion', 'persistence', 'command-and-control'], + techniqueId: 'T1205', + }, + { + name: 'Port Monitors', + id: 'T1547.010', + reference: 'https://attack.mitre.org/techniques/T1547/010', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Portable Executable Injection', + id: 'T1055.002', + reference: 'https://attack.mitre.org/techniques/T1055/002', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'PowerShell', + id: 'T1059.001', + reference: 'https://attack.mitre.org/techniques/T1059/001', + tactics: ['execution'], + techniqueId: 'T1059', + }, + { + name: 'PowerShell Profile', + id: 'T1546.013', + reference: 'https://attack.mitre.org/techniques/T1546/013', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Print Processors', + id: 'T1547.012', + reference: 'https://attack.mitre.org/techniques/T1547/012', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Private Keys', + id: 'T1552.004', + reference: 'https://attack.mitre.org/techniques/T1552/004', + tactics: ['credential-access'], + techniqueId: 'T1552', + }, + { + name: 'Proc Filesystem', + id: 'T1003.007', + reference: 'https://attack.mitre.org/techniques/T1003/007', + tactics: ['credential-access'], + techniqueId: 'T1003', + }, + { + name: 'Proc Memory', + id: 'T1055.009', + reference: 'https://attack.mitre.org/techniques/T1055/009', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'Process Doppelgänging', + id: 'T1055.013', + reference: 'https://attack.mitre.org/techniques/T1055/013', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'Process Hollowing', + id: 'T1055.012', + reference: 'https://attack.mitre.org/techniques/T1055/012', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'Protocol Impersonation', + id: 'T1001.003', + reference: 'https://attack.mitre.org/techniques/T1001/003', + tactics: ['command-and-control'], + techniqueId: 'T1001', + }, + { + name: 'Ptrace System Calls', + id: 'T1055.008', + reference: 'https://attack.mitre.org/techniques/T1055/008', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'PubPrn', + id: 'T1216.001', + reference: 'https://attack.mitre.org/techniques/T1216/001', + tactics: ['defense-evasion'], + techniqueId: 'T1216', + }, + { + name: 'Purchase Technical Data', + id: 'T1597.002', + reference: 'https://attack.mitre.org/techniques/T1597/002', + tactics: ['reconnaissance'], + techniqueId: 'T1597', + }, + { + name: 'Python', + id: 'T1059.006', + reference: 'https://attack.mitre.org/techniques/T1059/006', + tactics: ['execution'], + techniqueId: 'T1059', + }, + { + name: 'RDP Hijacking', + id: 'T1563.002', + reference: 'https://attack.mitre.org/techniques/T1563/002', + tactics: ['lateral-movement'], + techniqueId: 'T1563', + }, + { + name: 'ROMMONkit', + id: 'T1542.004', + reference: 'https://attack.mitre.org/techniques/T1542/004', + tactics: ['defense-evasion', 'persistence'], + techniqueId: 'T1542', + }, + { + name: 'Rc.common', + id: 'T1037.004', + reference: 'https://attack.mitre.org/techniques/T1037/004', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1037', + }, + { + name: 'Re-opened Applications', + id: 'T1547.007', + reference: 'https://attack.mitre.org/techniques/T1547/007', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Reduce Key Space', + id: 'T1600.001', + reference: 'https://attack.mitre.org/techniques/T1600/001', + tactics: ['defense-evasion'], + techniqueId: 'T1600', + }, + { + name: 'Reflection Amplification', + id: 'T1498.002', + reference: 'https://attack.mitre.org/techniques/T1498/002', + tactics: ['impact'], + techniqueId: 'T1498', + }, + { + name: 'Registry Run Keys / Startup Folder', + id: 'T1547.001', + reference: 'https://attack.mitre.org/techniques/T1547/001', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Regsvcs/Regasm', + id: 'T1218.009', + reference: 'https://attack.mitre.org/techniques/T1218/009', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Regsvr32', + id: 'T1218.010', + reference: 'https://attack.mitre.org/techniques/T1218/010', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Remote Data Staging', + id: 'T1074.002', + reference: 'https://attack.mitre.org/techniques/T1074/002', + tactics: ['collection'], + techniqueId: 'T1074', + }, + { + name: 'Remote Desktop Protocol', + id: 'T1021.001', + reference: 'https://attack.mitre.org/techniques/T1021/001', + tactics: ['lateral-movement'], + techniqueId: 'T1021', + }, + { + name: 'Remote Email Collection', + id: 'T1114.002', + reference: 'https://attack.mitre.org/techniques/T1114/002', + tactics: ['collection'], + techniqueId: 'T1114', + }, + { + name: 'Rename System Utilities', + id: 'T1036.003', + reference: 'https://attack.mitre.org/techniques/T1036/003', + tactics: ['defense-evasion'], + techniqueId: 'T1036', + }, + { + name: 'Revert Cloud Instance', + id: 'T1578.004', + reference: 'https://attack.mitre.org/techniques/T1578/004', + tactics: ['defense-evasion'], + techniqueId: 'T1578', + }, + { + name: 'Right-to-Left Override', + id: 'T1036.002', + reference: 'https://attack.mitre.org/techniques/T1036/002', + tactics: ['defense-evasion'], + techniqueId: 'T1036', + }, + { + name: 'Run Virtual Instance', + id: 'T1564.006', + reference: 'https://attack.mitre.org/techniques/T1564/006', + tactics: ['defense-evasion'], + techniqueId: 'T1564', + }, + { + name: 'Rundll32', + id: 'T1218.011', + reference: 'https://attack.mitre.org/techniques/T1218/011', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Runtime Data Manipulation', + id: 'T1565.003', + reference: 'https://attack.mitre.org/techniques/T1565/003', + tactics: ['impact'], + techniqueId: 'T1565', + }, + { + name: 'SID-History Injection', + id: 'T1134.005', + reference: 'https://attack.mitre.org/techniques/T1134/005', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1134', + }, + { + name: 'SIP and Trust Provider Hijacking', + id: 'T1553.003', + reference: 'https://attack.mitre.org/techniques/T1553/003', + tactics: ['defense-evasion'], + techniqueId: 'T1553', + }, + { + name: 'SMB/Windows Admin Shares', + id: 'T1021.002', + reference: 'https://attack.mitre.org/techniques/T1021/002', + tactics: ['lateral-movement'], + techniqueId: 'T1021', + }, + { + name: 'SNMP (MIB Dump)', + id: 'T1602.001', + reference: 'https://attack.mitre.org/techniques/T1602/001', + tactics: ['collection'], + techniqueId: 'T1602', + }, + { + name: 'SQL Stored Procedures', + id: 'T1505.001', + reference: 'https://attack.mitre.org/techniques/T1505/001', + tactics: ['persistence'], + techniqueId: 'T1505', + }, + { + name: 'SSH', + id: 'T1021.004', + reference: 'https://attack.mitre.org/techniques/T1021/004', + tactics: ['lateral-movement'], + techniqueId: 'T1021', + }, + { + name: 'SSH Authorized Keys', + id: 'T1098.004', + reference: 'https://attack.mitre.org/techniques/T1098/004', + tactics: ['persistence'], + techniqueId: 'T1098', + }, + { + name: 'SSH Hijacking', + id: 'T1563.001', + reference: 'https://attack.mitre.org/techniques/T1563/001', + tactics: ['lateral-movement'], + techniqueId: 'T1563', + }, + { + name: 'Scan Databases', + id: 'T1596.005', + reference: 'https://attack.mitre.org/techniques/T1596/005', + tactics: ['reconnaissance'], + techniqueId: 'T1596', + }, + { + name: 'Scanning IP Blocks', + id: 'T1595.001', + reference: 'https://attack.mitre.org/techniques/T1595/001', + tactics: ['reconnaissance'], + techniqueId: 'T1595', + }, + { + name: 'Scheduled Task', + id: 'T1053.005', + reference: 'https://attack.mitre.org/techniques/T1053/005', + tactics: ['execution', 'persistence', 'privilege-escalation'], + techniqueId: 'T1053', + }, + { + name: 'Screensaver', + id: 'T1546.002', + reference: 'https://attack.mitre.org/techniques/T1546/002', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Search Engines', + id: 'T1593.002', + reference: 'https://attack.mitre.org/techniques/T1593/002', + tactics: ['reconnaissance'], + techniqueId: 'T1593', + }, + { + name: 'Security Account Manager', + id: 'T1003.002', + reference: 'https://attack.mitre.org/techniques/T1003/002', + tactics: ['credential-access'], + techniqueId: 'T1003', + }, + { + name: 'Security Software Discovery', + id: 'T1518.001', + reference: 'https://attack.mitre.org/techniques/T1518/001', + tactics: ['discovery'], + techniqueId: 'T1518', + }, + { + name: 'Security Support Provider', + id: 'T1547.005', + reference: 'https://attack.mitre.org/techniques/T1547/005', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Securityd Memory', + id: 'T1555.002', + reference: 'https://attack.mitre.org/techniques/T1555/002', + tactics: ['credential-access'], + techniqueId: 'T1555', + }, + { + name: 'Server', + id: 'T1583.004', + reference: 'https://attack.mitre.org/techniques/T1583/004', + tactics: ['resource-development'], + techniqueId: 'T1583', + }, + { + name: 'Server', + id: 'T1584.004', + reference: 'https://attack.mitre.org/techniques/T1584/004', + tactics: ['resource-development'], + techniqueId: 'T1584', + }, + { + name: 'Service Execution', + id: 'T1569.002', + reference: 'https://attack.mitre.org/techniques/T1569/002', + tactics: ['execution'], + techniqueId: 'T1569', + }, + { + name: 'Service Exhaustion Flood', + id: 'T1499.002', + reference: 'https://attack.mitre.org/techniques/T1499/002', + tactics: ['impact'], + techniqueId: 'T1499', + }, + { + name: 'Services File Permissions Weakness', + id: 'T1574.010', + reference: 'https://attack.mitre.org/techniques/T1574/010', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'Services Registry Permissions Weakness', + id: 'T1574.011', + reference: 'https://attack.mitre.org/techniques/T1574/011', + tactics: ['persistence', 'privilege-escalation', 'defense-evasion'], + techniqueId: 'T1574', + }, + { + name: 'Setuid and Setgid', + id: 'T1548.001', + reference: 'https://attack.mitre.org/techniques/T1548/001', + tactics: ['privilege-escalation', 'defense-evasion'], + techniqueId: 'T1548', + }, + { + name: 'Sharepoint', + id: 'T1213.002', + reference: 'https://attack.mitre.org/techniques/T1213/002', + tactics: ['collection'], + techniqueId: 'T1213', + }, + { + name: 'Shortcut Modification', + id: 'T1547.009', + reference: 'https://attack.mitre.org/techniques/T1547/009', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Silver Ticket', + id: 'T1558.002', + reference: 'https://attack.mitre.org/techniques/T1558/002', + tactics: ['credential-access'], + techniqueId: 'T1558', + }, + { + name: 'Social Media', + id: 'T1593.001', + reference: 'https://attack.mitre.org/techniques/T1593/001', + tactics: ['reconnaissance'], + techniqueId: 'T1593', + }, + { + name: 'Social Media Accounts', + id: 'T1585.001', + reference: 'https://attack.mitre.org/techniques/T1585/001', + tactics: ['resource-development'], + techniqueId: 'T1585', + }, + { + name: 'Social Media Accounts', + id: 'T1586.001', + reference: 'https://attack.mitre.org/techniques/T1586/001', + tactics: ['resource-development'], + techniqueId: 'T1586', + }, + { + name: 'Software', + id: 'T1592.002', + reference: 'https://attack.mitre.org/techniques/T1592/002', + tactics: ['reconnaissance'], + techniqueId: 'T1592', + }, + { + name: 'Software Packing', + id: 'T1027.002', + reference: 'https://attack.mitre.org/techniques/T1027/002', + tactics: ['defense-evasion'], + techniqueId: 'T1027', + }, + { + name: 'Space after Filename', + id: 'T1036.006', + reference: 'https://attack.mitre.org/techniques/T1036/006', + tactics: ['defense-evasion'], + techniqueId: 'T1036', + }, + { + name: 'Spearphishing Attachment', + id: 'T1566.001', + reference: 'https://attack.mitre.org/techniques/T1566/001', + tactics: ['initial-access'], + techniqueId: 'T1566', + }, + { + name: 'Spearphishing Attachment', + id: 'T1598.002', + reference: 'https://attack.mitre.org/techniques/T1598/002', + tactics: ['reconnaissance'], + techniqueId: 'T1598', + }, + { + name: 'Spearphishing Link', + id: 'T1566.002', + reference: 'https://attack.mitre.org/techniques/T1566/002', + tactics: ['initial-access'], + techniqueId: 'T1566', + }, + { + name: 'Spearphishing Link', + id: 'T1598.003', + reference: 'https://attack.mitre.org/techniques/T1598/003', + tactics: ['reconnaissance'], + techniqueId: 'T1598', + }, + { + name: 'Spearphishing Service', + id: 'T1598.001', + reference: 'https://attack.mitre.org/techniques/T1598/001', + tactics: ['reconnaissance'], + techniqueId: 'T1598', + }, + { + name: 'Spearphishing via Service', + id: 'T1566.003', + reference: 'https://attack.mitre.org/techniques/T1566/003', + tactics: ['initial-access'], + techniqueId: 'T1566', + }, + { + name: 'Standard Encoding', + id: 'T1132.001', + reference: 'https://attack.mitre.org/techniques/T1132/001', + tactics: ['command-and-control'], + techniqueId: 'T1132', + }, + { + name: 'Startup Items', + id: 'T1037.005', + reference: 'https://attack.mitre.org/techniques/T1037/005', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1037', + }, + { + name: 'Steganography', + id: 'T1027.003', + reference: 'https://attack.mitre.org/techniques/T1027/003', + tactics: ['defense-evasion'], + techniqueId: 'T1027', + }, + { + name: 'Steganography', + id: 'T1001.002', + reference: 'https://attack.mitre.org/techniques/T1001/002', + tactics: ['command-and-control'], + techniqueId: 'T1001', + }, + { + name: 'Stored Data Manipulation', + id: 'T1565.001', + reference: 'https://attack.mitre.org/techniques/T1565/001', + tactics: ['impact'], + techniqueId: 'T1565', + }, + { + name: 'Sudo and Sudo Caching', + id: 'T1548.003', + reference: 'https://attack.mitre.org/techniques/T1548/003', + tactics: ['privilege-escalation', 'defense-evasion'], + techniqueId: 'T1548', + }, + { + name: 'Symmetric Cryptography', + id: 'T1573.001', + reference: 'https://attack.mitre.org/techniques/T1573/001', + tactics: ['command-and-control'], + techniqueId: 'T1573', + }, + { + name: 'System Checks', + id: 'T1497.001', + reference: 'https://attack.mitre.org/techniques/T1497/001', + tactics: ['defense-evasion', 'discovery'], + techniqueId: 'T1497', + }, + { + name: 'System Firmware', + id: 'T1542.001', + reference: 'https://attack.mitre.org/techniques/T1542/001', + tactics: ['persistence', 'defense-evasion'], + techniqueId: 'T1542', + }, + { + name: 'Systemd Service', + id: 'T1543.002', + reference: 'https://attack.mitre.org/techniques/T1543/002', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1543', + }, + { + name: 'Systemd Timers', + id: 'T1053.006', + reference: 'https://attack.mitre.org/techniques/T1053/006', + tactics: ['execution', 'persistence', 'privilege-escalation'], + techniqueId: 'T1053', + }, + { + name: 'TFTP Boot', + id: 'T1542.005', + reference: 'https://attack.mitre.org/techniques/T1542/005', + tactics: ['defense-evasion', 'persistence'], + techniqueId: 'T1542', + }, + { + name: 'Thread Execution Hijacking', + id: 'T1055.003', + reference: 'https://attack.mitre.org/techniques/T1055/003', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'Thread Local Storage', + id: 'T1055.005', + reference: 'https://attack.mitre.org/techniques/T1055/005', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'Threat Intel Vendors', + id: 'T1597.001', + reference: 'https://attack.mitre.org/techniques/T1597/001', + tactics: ['reconnaissance'], + techniqueId: 'T1597', + }, + { + name: 'Time Based Evasion', + id: 'T1497.003', + reference: 'https://attack.mitre.org/techniques/T1497/003', + tactics: ['defense-evasion', 'discovery'], + techniqueId: 'T1497', + }, + { + name: 'Time Providers', + id: 'T1547.003', + reference: 'https://attack.mitre.org/techniques/T1547/003', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, + { + name: 'Timestomp', + id: 'T1070.006', + reference: 'https://attack.mitre.org/techniques/T1070/006', + tactics: ['defense-evasion'], + techniqueId: 'T1070', + }, + { + name: 'Token Impersonation/Theft', + id: 'T1134.001', + reference: 'https://attack.mitre.org/techniques/T1134/001', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1134', + }, + { + name: 'Tool', + id: 'T1588.002', + reference: 'https://attack.mitre.org/techniques/T1588/002', + tactics: ['resource-development'], + techniqueId: 'T1588', + }, + { + name: 'Traffic Duplication', + id: 'T1020.001', + reference: 'https://attack.mitre.org/techniques/T1020/001', + tactics: ['exfiltration'], + techniqueId: 'T1020', + }, + { + name: 'Transmitted Data Manipulation', + id: 'T1565.002', + reference: 'https://attack.mitre.org/techniques/T1565/002', + tactics: ['impact'], + techniqueId: 'T1565', + }, + { + name: 'Transport Agent', + id: 'T1505.002', + reference: 'https://attack.mitre.org/techniques/T1505/002', + tactics: ['persistence'], + techniqueId: 'T1505', + }, + { + name: 'Trap', + id: 'T1546.005', + reference: 'https://attack.mitre.org/techniques/T1546/005', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Unix Shell', + id: 'T1059.004', + reference: 'https://attack.mitre.org/techniques/T1059/004', + tactics: ['execution'], + techniqueId: 'T1059', + }, + { + name: 'User Activity Based Checks', + id: 'T1497.002', + reference: 'https://attack.mitre.org/techniques/T1497/002', + tactics: ['defense-evasion', 'discovery'], + techniqueId: 'T1497', + }, + { + name: 'VBA Stomping', + id: 'T1564.007', + reference: 'https://attack.mitre.org/techniques/T1564/007', + tactics: ['defense-evasion'], + techniqueId: 'T1564', + }, + { + name: 'VDSO Hijacking', + id: 'T1055.014', + reference: 'https://attack.mitre.org/techniques/T1055/014', + tactics: ['defense-evasion', 'privilege-escalation'], + techniqueId: 'T1055', + }, + { + name: 'VNC', + id: 'T1021.005', + reference: 'https://attack.mitre.org/techniques/T1021/005', + tactics: ['lateral-movement'], + techniqueId: 'T1021', + }, + { + name: 'Verclsid', + id: 'T1218.012', + reference: 'https://attack.mitre.org/techniques/T1218/012', + tactics: ['defense-evasion'], + techniqueId: 'T1218', + }, + { + name: 'Virtual Private Server', + id: 'T1583.003', + reference: 'https://attack.mitre.org/techniques/T1583/003', + tactics: ['resource-development'], + techniqueId: 'T1583', + }, + { + name: 'Virtual Private Server', + id: 'T1584.003', + reference: 'https://attack.mitre.org/techniques/T1584/003', + tactics: ['resource-development'], + techniqueId: 'T1584', + }, + { + name: 'Visual Basic', + id: 'T1059.005', + reference: 'https://attack.mitre.org/techniques/T1059/005', + tactics: ['execution'], + techniqueId: 'T1059', + }, + { + name: 'Vulnerabilities', + id: 'T1588.006', + reference: 'https://attack.mitre.org/techniques/T1588/006', + tactics: ['resource-development'], + techniqueId: 'T1588', + }, + { + name: 'Vulnerability Scanning', + id: 'T1595.002', + reference: 'https://attack.mitre.org/techniques/T1595/002', + tactics: ['reconnaissance'], + techniqueId: 'T1595', + }, + { + name: 'WHOIS', + id: 'T1596.002', + reference: 'https://attack.mitre.org/techniques/T1596/002', + tactics: ['reconnaissance'], + techniqueId: 'T1596', + }, + { + name: 'Web Portal Capture', + id: 'T1056.003', + reference: 'https://attack.mitre.org/techniques/T1056/003', + tactics: ['collection', 'credential-access'], + techniqueId: 'T1056', + }, + { + name: 'Web Protocols', + id: 'T1071.001', + reference: 'https://attack.mitre.org/techniques/T1071/001', + tactics: ['command-and-control'], + techniqueId: 'T1071', + }, + { + name: 'Web Services', + id: 'T1583.006', + reference: 'https://attack.mitre.org/techniques/T1583/006', + tactics: ['resource-development'], + techniqueId: 'T1583', + }, + { + name: 'Web Services', + id: 'T1584.006', + reference: 'https://attack.mitre.org/techniques/T1584/006', + tactics: ['resource-development'], + techniqueId: 'T1584', + }, + { + name: 'Web Session Cookie', + id: 'T1550.004', + reference: 'https://attack.mitre.org/techniques/T1550/004', + tactics: ['defense-evasion', 'lateral-movement'], + techniqueId: 'T1550', + }, + { + name: 'Web Shell', + id: 'T1505.003', + reference: 'https://attack.mitre.org/techniques/T1505/003', + tactics: ['persistence'], + techniqueId: 'T1505', + }, + { + name: 'Windows Command Shell', + id: 'T1059.003', + reference: 'https://attack.mitre.org/techniques/T1059/003', + tactics: ['execution'], + techniqueId: 'T1059', + }, + { + name: 'Windows File and Directory Permissions Modification', + id: 'T1222.001', + reference: 'https://attack.mitre.org/techniques/T1222/001', + tactics: ['defense-evasion'], + techniqueId: 'T1222', + }, + { + name: 'Windows Management Instrumentation Event Subscription', + id: 'T1546.003', + reference: 'https://attack.mitre.org/techniques/T1546/003', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, + { + name: 'Windows Remote Management', + id: 'T1021.006', + reference: 'https://attack.mitre.org/techniques/T1021/006', + tactics: ['lateral-movement'], + techniqueId: 'T1021', + }, + { + name: 'Windows Service', + id: 'T1543.003', + reference: 'https://attack.mitre.org/techniques/T1543/003', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1543', + }, + { + name: 'Winlogon Helper DLL', + id: 'T1547.004', + reference: 'https://attack.mitre.org/techniques/T1547/004', + tactics: ['persistence', 'privilege-escalation'], + techniqueId: 'T1547', + }, +]; + +export const subtechniquesOptions: MitreSubtechniquesOptions[] = [ + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.bashProfileAndBashrcT1546Description', + { defaultMessage: '.bash_profile and .bashrc (T1546.004)' } + ), + id: 'T1546.004', + name: '.bash_profile and .bashrc', + reference: 'https://attack.mitre.org/techniques/T1546/004', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'bashProfileAndBashrc', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.etcPasswdAndEtcShadowT1003Description', + { defaultMessage: '/etc/passwd and /etc/shadow (T1003.008)' } + ), + id: 'T1003.008', + name: '/etc/passwd and /etc/shadow', + reference: 'https://attack.mitre.org/techniques/T1003/008', + tactics: 'credential-access', + techniqueId: 'T1003', + value: 'etcPasswdAndEtcShadow', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.arpCachePoisoningT1557Description', + { defaultMessage: 'ARP Cache Poisoning (T1557.002)' } + ), + id: 'T1557.002', + name: 'ARP Cache Poisoning', + reference: 'https://attack.mitre.org/techniques/T1557/002', + tactics: 'credential-access,collection', + techniqueId: 'T1557', + value: 'arpCachePoisoning', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.asRepRoastingT1558Description', + { defaultMessage: 'AS-REP Roasting (T1558.004)' } + ), + id: 'T1558.004', + name: 'AS-REP Roasting', + reference: 'https://attack.mitre.org/techniques/T1558/004', + tactics: 'credential-access', + techniqueId: 'T1558', + value: 'asRepRoasting', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.accessibilityFeaturesT1546Description', + { defaultMessage: 'Accessibility Features (T1546.008)' } + ), + id: 'T1546.008', + name: 'Accessibility Features', + reference: 'https://attack.mitre.org/techniques/T1546/008', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'accessibilityFeatures', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.addOffice365GlobalAdministratorRoleT1098Description', + { defaultMessage: 'Add Office 365 Global Administrator Role (T1098.003)' } + ), + id: 'T1098.003', + name: 'Add Office 365 Global Administrator Role', + reference: 'https://attack.mitre.org/techniques/T1098/003', + tactics: 'persistence', + techniqueId: 'T1098', + value: 'addOffice365GlobalAdministratorRole', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.addInsT1137Description', + { defaultMessage: 'Add-ins (T1137.006)' } + ), + id: 'T1137.006', + name: 'Add-ins', + reference: 'https://attack.mitre.org/techniques/T1137/006', + tactics: 'persistence', + techniqueId: 'T1137', + value: 'addIns', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.additionalCloudCredentialsT1098Description', + { defaultMessage: 'Additional Cloud Credentials (T1098.001)' } + ), + id: 'T1098.001', + name: 'Additional Cloud Credentials', + reference: 'https://attack.mitre.org/techniques/T1098/001', + tactics: 'persistence', + techniqueId: 'T1098', + value: 'additionalCloudCredentials', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.appCertDlLsT1546Description', + { defaultMessage: 'AppCert DLLs (T1546.009)' } + ), + id: 'T1546.009', + name: 'AppCert DLLs', + reference: 'https://attack.mitre.org/techniques/T1546/009', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'appCertDlLs', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.appInitDlLsT1546Description', + { defaultMessage: 'AppInit DLLs (T1546.010)' } + ), + id: 'T1546.010', + name: 'AppInit DLLs', + reference: 'https://attack.mitre.org/techniques/T1546/010', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'appInitDlLs', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.appleScriptT1059Description', + { defaultMessage: 'AppleScript (T1059.002)' } + ), + id: 'T1059.002', + name: 'AppleScript', + reference: 'https://attack.mitre.org/techniques/T1059/002', + tactics: 'execution', + techniqueId: 'T1059', + value: 'appleScript', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.applicationAccessTokenT1550Description', + { defaultMessage: 'Application Access Token (T1550.001)' } + ), + id: 'T1550.001', + name: 'Application Access Token', + reference: 'https://attack.mitre.org/techniques/T1550/001', + tactics: 'defense-evasion,lateral-movement', + techniqueId: 'T1550', + value: 'applicationAccessToken', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.applicationExhaustionFloodT1499Description', + { defaultMessage: 'Application Exhaustion Flood (T1499.003)' } + ), + id: 'T1499.003', + name: 'Application Exhaustion Flood', + reference: 'https://attack.mitre.org/techniques/T1499/003', + tactics: 'impact', + techniqueId: 'T1499', + value: 'applicationExhaustionFlood', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.applicationShimmingT1546Description', + { defaultMessage: 'Application Shimming (T1546.011)' } + ), + id: 'T1546.011', + name: 'Application Shimming', + reference: 'https://attack.mitre.org/techniques/T1546/011', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'applicationShimming', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.applicationOrSystemExploitationT1499Description', + { defaultMessage: 'Application or System Exploitation (T1499.004)' } + ), + id: 'T1499.004', + name: 'Application or System Exploitation', + reference: 'https://attack.mitre.org/techniques/T1499/004', + tactics: 'impact', + techniqueId: 'T1499', + value: 'applicationOrSystemExploitation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.archiveViaCustomMethodT1560Description', + { defaultMessage: 'Archive via Custom Method (T1560.003)' } + ), + id: 'T1560.003', + name: 'Archive via Custom Method', + reference: 'https://attack.mitre.org/techniques/T1560/003', + tactics: 'collection', + techniqueId: 'T1560', + value: 'archiveViaCustomMethod', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.archiveViaLibraryT1560Description', + { defaultMessage: 'Archive via Library (T1560.002)' } + ), + id: 'T1560.002', + name: 'Archive via Library', + reference: 'https://attack.mitre.org/techniques/T1560/002', + tactics: 'collection', + techniqueId: 'T1560', + value: 'archiveViaLibrary', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.archiveViaUtilityT1560Description', + { defaultMessage: 'Archive via Utility (T1560.001)' } + ), + id: 'T1560.001', + name: 'Archive via Utility', + reference: 'https://attack.mitre.org/techniques/T1560/001', + tactics: 'collection', + techniqueId: 'T1560', + value: 'archiveViaUtility', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.asymmetricCryptographyT1573Description', + { defaultMessage: 'Asymmetric Cryptography (T1573.002)' } + ), + id: 'T1573.002', + name: 'Asymmetric Cryptography', + reference: 'https://attack.mitre.org/techniques/T1573/002', + tactics: 'command-and-control', + techniqueId: 'T1573', + value: 'asymmetricCryptography', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.asynchronousProcedureCallT1055Description', + { defaultMessage: 'Asynchronous Procedure Call (T1055.004)' } + ), + id: 'T1055.004', + name: 'Asynchronous Procedure Call', + reference: 'https://attack.mitre.org/techniques/T1055/004', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'asynchronousProcedureCall', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.atLinuxT1053Description', + { defaultMessage: 'At (Linux) (T1053.001)' } + ), + id: 'T1053.001', + name: 'At (Linux)', + reference: 'https://attack.mitre.org/techniques/T1053/001', + tactics: 'execution,persistence,privilege-escalation', + techniqueId: 'T1053', + value: 'atLinux', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.atWindowsT1053Description', + { defaultMessage: 'At (Windows) (T1053.002)' } + ), + id: 'T1053.002', + name: 'At (Windows)', + reference: 'https://attack.mitre.org/techniques/T1053/002', + tactics: 'execution,persistence,privilege-escalation', + techniqueId: 'T1053', + value: 'atWindows', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.authenticationPackageT1547Description', + { defaultMessage: 'Authentication Package (T1547.002)' } + ), + id: 'T1547.002', + name: 'Authentication Package', + reference: 'https://attack.mitre.org/techniques/T1547/002', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'authenticationPackage', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.bashHistoryT1552Description', + { defaultMessage: 'Bash History (T1552.003)' } + ), + id: 'T1552.003', + name: 'Bash History', + reference: 'https://attack.mitre.org/techniques/T1552/003', + tactics: 'credential-access', + techniqueId: 'T1552', + value: 'bashHistory', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.bidirectionalCommunicationT1102Description', + { defaultMessage: 'Bidirectional Communication (T1102.002)' } + ), + id: 'T1102.002', + name: 'Bidirectional Communication', + reference: 'https://attack.mitre.org/techniques/T1102/002', + tactics: 'command-and-control', + techniqueId: 'T1102', + value: 'bidirectionalCommunication', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.binaryPaddingT1027Description', + { defaultMessage: 'Binary Padding (T1027.001)' } + ), + id: 'T1027.001', + name: 'Binary Padding', + reference: 'https://attack.mitre.org/techniques/T1027/001', + tactics: 'defense-evasion', + techniqueId: 'T1027', + value: 'binaryPadding', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.bootkitT1542Description', + { defaultMessage: 'Bootkit (T1542.003)' } + ), + id: 'T1542.003', + name: 'Bootkit', + reference: 'https://attack.mitre.org/techniques/T1542/003', + tactics: 'persistence,defense-evasion', + techniqueId: 'T1542', + value: 'bootkit', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.botnetT1583Description', + { defaultMessage: 'Botnet (T1583.005)' } + ), + id: 'T1583.005', + name: 'Botnet', + reference: 'https://attack.mitre.org/techniques/T1583/005', + tactics: 'resource-development', + techniqueId: 'T1583', + value: 'botnet', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.botnetT1584Description', + { defaultMessage: 'Botnet (T1584.005)' } + ), + id: 'T1584.005', + name: 'Botnet', + reference: 'https://attack.mitre.org/techniques/T1584/005', + tactics: 'resource-development', + techniqueId: 'T1584', + value: 'botnet', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.businessRelationshipsT1591Description', + { defaultMessage: 'Business Relationships (T1591.002)' } + ), + id: 'T1591.002', + name: 'Business Relationships', + reference: 'https://attack.mitre.org/techniques/T1591/002', + tactics: 'reconnaissance', + techniqueId: 'T1591', + value: 'businessRelationships', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.bypassUserAccountControlT1548Description', + { defaultMessage: 'Bypass User Account Control (T1548.002)' } + ), + id: 'T1548.002', + name: 'Bypass User Account Control', + reference: 'https://attack.mitre.org/techniques/T1548/002', + tactics: 'privilege-escalation,defense-evasion', + techniqueId: 'T1548', + value: 'bypassUserAccountControl', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.cdNsT1596Description', + { defaultMessage: 'CDNs (T1596.004)' } + ), + id: 'T1596.004', + name: 'CDNs', + reference: 'https://attack.mitre.org/techniques/T1596/004', + tactics: 'reconnaissance', + techniqueId: 'T1596', + value: 'cdNs', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.cmstpT1218Description', + { defaultMessage: 'CMSTP (T1218.003)' } + ), + id: 'T1218.003', + name: 'CMSTP', + reference: 'https://attack.mitre.org/techniques/T1218/003', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'cmstp', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.corProfilerT1574Description', + { defaultMessage: 'COR_PROFILER (T1574.012)' } + ), + id: 'T1574.012', + name: 'COR_PROFILER', + reference: 'https://attack.mitre.org/techniques/T1574/012', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'corProfiler', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.cachedDomainCredentialsT1003Description', + { defaultMessage: 'Cached Domain Credentials (T1003.005)' } + ), + id: 'T1003.005', + name: 'Cached Domain Credentials', + reference: 'https://attack.mitre.org/techniques/T1003/005', + tactics: 'credential-access', + techniqueId: 'T1003', + value: 'cachedDomainCredentials', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.changeDefaultFileAssociationT1546Description', + { defaultMessage: 'Change Default File Association (T1546.001)' } + ), + id: 'T1546.001', + name: 'Change Default File Association', + reference: 'https://attack.mitre.org/techniques/T1546/001', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'changeDefaultFileAssociation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.clearCommandHistoryT1070Description', + { defaultMessage: 'Clear Command History (T1070.003)' } + ), + id: 'T1070.003', + name: 'Clear Command History', + reference: 'https://attack.mitre.org/techniques/T1070/003', + tactics: 'defense-evasion', + techniqueId: 'T1070', + value: 'clearCommandHistory', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.clearLinuxOrMacSystemLogsT1070Description', + { defaultMessage: 'Clear Linux or Mac System Logs (T1070.002)' } + ), + id: 'T1070.002', + name: 'Clear Linux or Mac System Logs', + reference: 'https://attack.mitre.org/techniques/T1070/002', + tactics: 'defense-evasion', + techniqueId: 'T1070', + value: 'clearLinuxOrMacSystemLogs', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.clearWindowsEventLogsT1070Description', + { defaultMessage: 'Clear Windows Event Logs (T1070.001)' } + ), + id: 'T1070.001', + name: 'Clear Windows Event Logs', + reference: 'https://attack.mitre.org/techniques/T1070/001', + tactics: 'defense-evasion', + techniqueId: 'T1070', + value: 'clearWindowsEventLogs', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.clientConfigurationsT1592Description', + { defaultMessage: 'Client Configurations (T1592.004)' } + ), + id: 'T1592.004', + name: 'Client Configurations', + reference: 'https://attack.mitre.org/techniques/T1592/004', + tactics: 'reconnaissance', + techniqueId: 'T1592', + value: 'clientConfigurations', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.cloudAccountT1136Description', + { defaultMessage: 'Cloud Account (T1136.003)' } + ), + id: 'T1136.003', + name: 'Cloud Account', + reference: 'https://attack.mitre.org/techniques/T1136/003', + tactics: 'persistence', + techniqueId: 'T1136', + value: 'cloudAccount', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.cloudAccountT1087Description', + { defaultMessage: 'Cloud Account (T1087.004)' } + ), + id: 'T1087.004', + name: 'Cloud Account', + reference: 'https://attack.mitre.org/techniques/T1087/004', + tactics: 'discovery', + techniqueId: 'T1087', + value: 'cloudAccount', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.cloudAccountsT1078Description', + { defaultMessage: 'Cloud Accounts (T1078.004)' } + ), + id: 'T1078.004', + name: 'Cloud Accounts', + reference: 'https://attack.mitre.org/techniques/T1078/004', + tactics: 'defense-evasion,persistence,privilege-escalation,initial-access', + techniqueId: 'T1078', + value: 'cloudAccounts', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.cloudGroupsT1069Description', + { defaultMessage: 'Cloud Groups (T1069.003)' } + ), + id: 'T1069.003', + name: 'Cloud Groups', + reference: 'https://attack.mitre.org/techniques/T1069/003', + tactics: 'discovery', + techniqueId: 'T1069', + value: 'cloudGroups', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.cloudInstanceMetadataApiT1552Description', + { defaultMessage: 'Cloud Instance Metadata API (T1552.005)' } + ), + id: 'T1552.005', + name: 'Cloud Instance Metadata API', + reference: 'https://attack.mitre.org/techniques/T1552/005', + tactics: 'credential-access', + techniqueId: 'T1552', + value: 'cloudInstanceMetadataApi', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.codeSigningT1553Description', + { defaultMessage: 'Code Signing (T1553.002)' } + ), + id: 'T1553.002', + name: 'Code Signing', + reference: 'https://attack.mitre.org/techniques/T1553/002', + tactics: 'defense-evasion', + techniqueId: 'T1553', + value: 'codeSigning', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.codeSigningCertificatesT1587Description', + { defaultMessage: 'Code Signing Certificates (T1587.002)' } + ), + id: 'T1587.002', + name: 'Code Signing Certificates', + reference: 'https://attack.mitre.org/techniques/T1587/002', + tactics: 'resource-development', + techniqueId: 'T1587', + value: 'codeSigningCertificates', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.codeSigningCertificatesT1588Description', + { defaultMessage: 'Code Signing Certificates (T1588.003)' } + ), + id: 'T1588.003', + name: 'Code Signing Certificates', + reference: 'https://attack.mitre.org/techniques/T1588/003', + tactics: 'resource-development', + techniqueId: 'T1588', + value: 'codeSigningCertificates', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.compileAfterDeliveryT1027Description', + { defaultMessage: 'Compile After Delivery (T1027.004)' } + ), + id: 'T1027.004', + name: 'Compile After Delivery', + reference: 'https://attack.mitre.org/techniques/T1027/004', + tactics: 'defense-evasion', + techniqueId: 'T1027', + value: 'compileAfterDelivery', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.compiledHtmlFileT1218Description', + { defaultMessage: 'Compiled HTML File (T1218.001)' } + ), + id: 'T1218.001', + name: 'Compiled HTML File', + reference: 'https://attack.mitre.org/techniques/T1218/001', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'compiledHtmlFile', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.componentFirmwareT1542Description', + { defaultMessage: 'Component Firmware (T1542.002)' } + ), + id: 'T1542.002', + name: 'Component Firmware', + reference: 'https://attack.mitre.org/techniques/T1542/002', + tactics: 'persistence,defense-evasion', + techniqueId: 'T1542', + value: 'componentFirmware', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.componentObjectModelT1559Description', + { defaultMessage: 'Component Object Model (T1559.001)' } + ), + id: 'T1559.001', + name: 'Component Object Model', + reference: 'https://attack.mitre.org/techniques/T1559/001', + tactics: 'execution', + techniqueId: 'T1559', + value: 'componentObjectModel', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.componentObjectModelHijackingT1546Description', + { defaultMessage: 'Component Object Model Hijacking (T1546.015)' } + ), + id: 'T1546.015', + name: 'Component Object Model Hijacking', + reference: 'https://attack.mitre.org/techniques/T1546/015', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'componentObjectModelHijacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.compromiseHardwareSupplyChainT1195Description', + { defaultMessage: 'Compromise Hardware Supply Chain (T1195.003)' } + ), + id: 'T1195.003', + name: 'Compromise Hardware Supply Chain', + reference: 'https://attack.mitre.org/techniques/T1195/003', + tactics: 'initial-access', + techniqueId: 'T1195', + value: 'compromiseHardwareSupplyChain', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.compromiseSoftwareDependenciesAndDevelopmentToolsT1195Description', + { defaultMessage: 'Compromise Software Dependencies and Development Tools (T1195.001)' } + ), + id: 'T1195.001', + name: 'Compromise Software Dependencies and Development Tools', + reference: 'https://attack.mitre.org/techniques/T1195/001', + tactics: 'initial-access', + techniqueId: 'T1195', + value: 'compromiseSoftwareDependenciesAndDevelopmentTools', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.compromiseSoftwareSupplyChainT1195Description', + { defaultMessage: 'Compromise Software Supply Chain (T1195.002)' } + ), + id: 'T1195.002', + name: 'Compromise Software Supply Chain', + reference: 'https://attack.mitre.org/techniques/T1195/002', + tactics: 'initial-access', + techniqueId: 'T1195', + value: 'compromiseSoftwareSupplyChain', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.confluenceT1213Description', + { defaultMessage: 'Confluence (T1213.001)' } + ), + id: 'T1213.001', + name: 'Confluence', + reference: 'https://attack.mitre.org/techniques/T1213/001', + tactics: 'collection', + techniqueId: 'T1213', + value: 'confluence', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.controlPanelT1218Description', + { defaultMessage: 'Control Panel (T1218.002)' } + ), + id: 'T1218.002', + name: 'Control Panel', + reference: 'https://attack.mitre.org/techniques/T1218/002', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'controlPanel', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.createCloudInstanceT1578Description', + { defaultMessage: 'Create Cloud Instance (T1578.002)' } + ), + id: 'T1578.002', + name: 'Create Cloud Instance', + reference: 'https://attack.mitre.org/techniques/T1578/002', + tactics: 'defense-evasion', + techniqueId: 'T1578', + value: 'createCloudInstance', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.createProcessWithTokenT1134Description', + { defaultMessage: 'Create Process with Token (T1134.002)' } + ), + id: 'T1134.002', + name: 'Create Process with Token', + reference: 'https://attack.mitre.org/techniques/T1134/002', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1134', + value: 'createProcessWithToken', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.createSnapshotT1578Description', + { defaultMessage: 'Create Snapshot (T1578.001)' } + ), + id: 'T1578.001', + name: 'Create Snapshot', + reference: 'https://attack.mitre.org/techniques/T1578/001', + tactics: 'defense-evasion', + techniqueId: 'T1578', + value: 'createSnapshot', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.credentialApiHookingT1056Description', + { defaultMessage: 'Credential API Hooking (T1056.004)' } + ), + id: 'T1056.004', + name: 'Credential API Hooking', + reference: 'https://attack.mitre.org/techniques/T1056/004', + tactics: 'collection,credential-access', + techniqueId: 'T1056', + value: 'credentialApiHooking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.credentialStuffingT1110Description', + { defaultMessage: 'Credential Stuffing (T1110.004)' } + ), + id: 'T1110.004', + name: 'Credential Stuffing', + reference: 'https://attack.mitre.org/techniques/T1110/004', + tactics: 'credential-access', + techniqueId: 'T1110', + value: 'credentialStuffing', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.credentialsT1589Description', + { defaultMessage: 'Credentials (T1589.001)' } + ), + id: 'T1589.001', + name: 'Credentials', + reference: 'https://attack.mitre.org/techniques/T1589/001', + tactics: 'reconnaissance', + techniqueId: 'T1589', + value: 'credentials', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.credentialsInFilesT1552Description', + { defaultMessage: 'Credentials In Files (T1552.001)' } + ), + id: 'T1552.001', + name: 'Credentials In Files', + reference: 'https://attack.mitre.org/techniques/T1552/001', + tactics: 'credential-access', + techniqueId: 'T1552', + value: 'credentialsInFiles', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.credentialsFromWebBrowsersT1555Description', + { defaultMessage: 'Credentials from Web Browsers (T1555.003)' } + ), + id: 'T1555.003', + name: 'Credentials from Web Browsers', + reference: 'https://attack.mitre.org/techniques/T1555/003', + tactics: 'credential-access', + techniqueId: 'T1555', + value: 'credentialsFromWebBrowsers', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.credentialsInRegistryT1552Description', + { defaultMessage: 'Credentials in Registry (T1552.002)' } + ), + id: 'T1552.002', + name: 'Credentials in Registry', + reference: 'https://attack.mitre.org/techniques/T1552/002', + tactics: 'credential-access', + techniqueId: 'T1552', + value: 'credentialsInRegistry', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.cronT1053Description', + { defaultMessage: 'Cron (T1053.003)' } + ), + id: 'T1053.003', + name: 'Cron', + reference: 'https://attack.mitre.org/techniques/T1053/003', + tactics: 'execution,persistence,privilege-escalation', + techniqueId: 'T1053', + value: 'cron', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dcSyncT1003Description', + { defaultMessage: 'DCSync (T1003.006)' } + ), + id: 'T1003.006', + name: 'DCSync', + reference: 'https://attack.mitre.org/techniques/T1003/006', + tactics: 'credential-access', + techniqueId: 'T1003', + value: 'dcSync', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dllSearchOrderHijackingT1574Description', + { defaultMessage: 'DLL Search Order Hijacking (T1574.001)' } + ), + id: 'T1574.001', + name: 'DLL Search Order Hijacking', + reference: 'https://attack.mitre.org/techniques/T1574/001', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'dllSearchOrderHijacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dllSideLoadingT1574Description', + { defaultMessage: 'DLL Side-Loading (T1574.002)' } + ), + id: 'T1574.002', + name: 'DLL Side-Loading', + reference: 'https://attack.mitre.org/techniques/T1574/002', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'dllSideLoading', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dnsT1071Description', + { defaultMessage: 'DNS (T1071.004)' } + ), + id: 'T1071.004', + name: 'DNS', + reference: 'https://attack.mitre.org/techniques/T1071/004', + tactics: 'command-and-control', + techniqueId: 'T1071', + value: 'dns', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dnsT1590Description', + { defaultMessage: 'DNS (T1590.002)' } + ), + id: 'T1590.002', + name: 'DNS', + reference: 'https://attack.mitre.org/techniques/T1590/002', + tactics: 'reconnaissance', + techniqueId: 'T1590', + value: 'dns', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dnsCalculationT1568Description', + { defaultMessage: 'DNS Calculation (T1568.003)' } + ), + id: 'T1568.003', + name: 'DNS Calculation', + reference: 'https://attack.mitre.org/techniques/T1568/003', + tactics: 'command-and-control', + techniqueId: 'T1568', + value: 'dnsCalculation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dnsServerT1583Description', + { defaultMessage: 'DNS Server (T1583.002)' } + ), + id: 'T1583.002', + name: 'DNS Server', + reference: 'https://attack.mitre.org/techniques/T1583/002', + tactics: 'resource-development', + techniqueId: 'T1583', + value: 'dnsServer', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dnsServerT1584Description', + { defaultMessage: 'DNS Server (T1584.002)' } + ), + id: 'T1584.002', + name: 'DNS Server', + reference: 'https://attack.mitre.org/techniques/T1584/002', + tactics: 'resource-development', + techniqueId: 'T1584', + value: 'dnsServer', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dnsPassiveDnsT1596Description', + { defaultMessage: 'DNS/Passive DNS (T1596.001)' } + ), + id: 'T1596.001', + name: 'DNS/Passive DNS', + reference: 'https://attack.mitre.org/techniques/T1596/001', + tactics: 'reconnaissance', + techniqueId: 'T1596', + value: 'dnsPassiveDns', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.deadDropResolverT1102Description', + { defaultMessage: 'Dead Drop Resolver (T1102.001)' } + ), + id: 'T1102.001', + name: 'Dead Drop Resolver', + reference: 'https://attack.mitre.org/techniques/T1102/001', + tactics: 'command-and-control', + techniqueId: 'T1102', + value: 'deadDropResolver', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.defaultAccountsT1078Description', + { defaultMessage: 'Default Accounts (T1078.001)' } + ), + id: 'T1078.001', + name: 'Default Accounts', + reference: 'https://attack.mitre.org/techniques/T1078/001', + tactics: 'defense-evasion,persistence,privilege-escalation,initial-access', + techniqueId: 'T1078', + value: 'defaultAccounts', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.deleteCloudInstanceT1578Description', + { defaultMessage: 'Delete Cloud Instance (T1578.003)' } + ), + id: 'T1578.003', + name: 'Delete Cloud Instance', + reference: 'https://attack.mitre.org/techniques/T1578/003', + tactics: 'defense-evasion', + techniqueId: 'T1578', + value: 'deleteCloudInstance', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.determinePhysicalLocationsT1591Description', + { defaultMessage: 'Determine Physical Locations (T1591.001)' } + ), + id: 'T1591.001', + name: 'Determine Physical Locations', + reference: 'https://attack.mitre.org/techniques/T1591/001', + tactics: 'reconnaissance', + techniqueId: 'T1591', + value: 'determinePhysicalLocations', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.digitalCertificatesT1587Description', + { defaultMessage: 'Digital Certificates (T1587.003)' } + ), + id: 'T1587.003', + name: 'Digital Certificates', + reference: 'https://attack.mitre.org/techniques/T1587/003', + tactics: 'resource-development', + techniqueId: 'T1587', + value: 'digitalCertificates', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.digitalCertificatesT1588Description', + { defaultMessage: 'Digital Certificates (T1588.004)' } + ), + id: 'T1588.004', + name: 'Digital Certificates', + reference: 'https://attack.mitre.org/techniques/T1588/004', + tactics: 'resource-development', + techniqueId: 'T1588', + value: 'digitalCertificates', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.digitalCertificatesT1596Description', + { defaultMessage: 'Digital Certificates (T1596.003)' } + ), + id: 'T1596.003', + name: 'Digital Certificates', + reference: 'https://attack.mitre.org/techniques/T1596/003', + tactics: 'reconnaissance', + techniqueId: 'T1596', + value: 'digitalCertificates', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.directNetworkFloodT1498Description', + { defaultMessage: 'Direct Network Flood (T1498.001)' } + ), + id: 'T1498.001', + name: 'Direct Network Flood', + reference: 'https://attack.mitre.org/techniques/T1498/001', + tactics: 'impact', + techniqueId: 'T1498', + value: 'directNetworkFlood', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.disableCloudLogsT1562Description', + { defaultMessage: 'Disable Cloud Logs (T1562.008)' } + ), + id: 'T1562.008', + name: 'Disable Cloud Logs', + reference: 'https://attack.mitre.org/techniques/T1562/008', + tactics: 'defense-evasion', + techniqueId: 'T1562', + value: 'disableCloudLogs', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.disableCryptoHardwareT1600Description', + { defaultMessage: 'Disable Crypto Hardware (T1600.002)' } + ), + id: 'T1600.002', + name: 'Disable Crypto Hardware', + reference: 'https://attack.mitre.org/techniques/T1600/002', + tactics: 'defense-evasion', + techniqueId: 'T1600', + value: 'disableCryptoHardware', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.disableWindowsEventLoggingT1562Description', + { defaultMessage: 'Disable Windows Event Logging (T1562.002)' } + ), + id: 'T1562.002', + name: 'Disable Windows Event Logging', + reference: 'https://attack.mitre.org/techniques/T1562/002', + tactics: 'defense-evasion', + techniqueId: 'T1562', + value: 'disableWindowsEventLogging', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.disableOrModifyCloudFirewallT1562Description', + { defaultMessage: 'Disable or Modify Cloud Firewall (T1562.007)' } + ), + id: 'T1562.007', + name: 'Disable or Modify Cloud Firewall', + reference: 'https://attack.mitre.org/techniques/T1562/007', + tactics: 'defense-evasion', + techniqueId: 'T1562', + value: 'disableOrModifyCloudFirewall', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.disableOrModifySystemFirewallT1562Description', + { defaultMessage: 'Disable or Modify System Firewall (T1562.004)' } + ), + id: 'T1562.004', + name: 'Disable or Modify System Firewall', + reference: 'https://attack.mitre.org/techniques/T1562/004', + tactics: 'defense-evasion', + techniqueId: 'T1562', + value: 'disableOrModifySystemFirewall', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.disableOrModifyToolsT1562Description', + { defaultMessage: 'Disable or Modify Tools (T1562.001)' } + ), + id: 'T1562.001', + name: 'Disable or Modify Tools', + reference: 'https://attack.mitre.org/techniques/T1562/001', + tactics: 'defense-evasion', + techniqueId: 'T1562', + value: 'disableOrModifyTools', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.diskContentWipeT1561Description', + { defaultMessage: 'Disk Content Wipe (T1561.001)' } + ), + id: 'T1561.001', + name: 'Disk Content Wipe', + reference: 'https://attack.mitre.org/techniques/T1561/001', + tactics: 'impact', + techniqueId: 'T1561', + value: 'diskContentWipe', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.diskStructureWipeT1561Description', + { defaultMessage: 'Disk Structure Wipe (T1561.002)' } + ), + id: 'T1561.002', + name: 'Disk Structure Wipe', + reference: 'https://attack.mitre.org/techniques/T1561/002', + tactics: 'impact', + techniqueId: 'T1561', + value: 'diskStructureWipe', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.distributedComponentObjectModelT1021Description', + { defaultMessage: 'Distributed Component Object Model (T1021.003)' } + ), + id: 'T1021.003', + name: 'Distributed Component Object Model', + reference: 'https://attack.mitre.org/techniques/T1021/003', + tactics: 'lateral-movement', + techniqueId: 'T1021', + value: 'distributedComponentObjectModel', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainAccountT1136Description', + { defaultMessage: 'Domain Account (T1136.002)' } + ), + id: 'T1136.002', + name: 'Domain Account', + reference: 'https://attack.mitre.org/techniques/T1136/002', + tactics: 'persistence', + techniqueId: 'T1136', + value: 'domainAccount', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainAccountT1087Description', + { defaultMessage: 'Domain Account (T1087.002)' } + ), + id: 'T1087.002', + name: 'Domain Account', + reference: 'https://attack.mitre.org/techniques/T1087/002', + tactics: 'discovery', + techniqueId: 'T1087', + value: 'domainAccount', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainAccountsT1078Description', + { defaultMessage: 'Domain Accounts (T1078.002)' } + ), + id: 'T1078.002', + name: 'Domain Accounts', + reference: 'https://attack.mitre.org/techniques/T1078/002', + tactics: 'defense-evasion,persistence,privilege-escalation,initial-access', + techniqueId: 'T1078', + value: 'domainAccounts', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainControllerAuthenticationT1556Description', + { defaultMessage: 'Domain Controller Authentication (T1556.001)' } + ), + id: 'T1556.001', + name: 'Domain Controller Authentication', + reference: 'https://attack.mitre.org/techniques/T1556/001', + tactics: 'credential-access,defense-evasion', + techniqueId: 'T1556', + value: 'domainControllerAuthentication', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainFrontingT1090Description', + { defaultMessage: 'Domain Fronting (T1090.004)' } + ), + id: 'T1090.004', + name: 'Domain Fronting', + reference: 'https://attack.mitre.org/techniques/T1090/004', + tactics: 'command-and-control', + techniqueId: 'T1090', + value: 'domainFronting', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainGenerationAlgorithmsT1568Description', + { defaultMessage: 'Domain Generation Algorithms (T1568.002)' } + ), + id: 'T1568.002', + name: 'Domain Generation Algorithms', + reference: 'https://attack.mitre.org/techniques/T1568/002', + tactics: 'command-and-control', + techniqueId: 'T1568', + value: 'domainGenerationAlgorithms', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainGroupsT1069Description', + { defaultMessage: 'Domain Groups (T1069.002)' } + ), + id: 'T1069.002', + name: 'Domain Groups', + reference: 'https://attack.mitre.org/techniques/T1069/002', + tactics: 'discovery', + techniqueId: 'T1069', + value: 'domainGroups', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainPropertiesT1590Description', + { defaultMessage: 'Domain Properties (T1590.001)' } + ), + id: 'T1590.001', + name: 'Domain Properties', + reference: 'https://attack.mitre.org/techniques/T1590/001', + tactics: 'reconnaissance', + techniqueId: 'T1590', + value: 'domainProperties', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainsT1583Description', + { defaultMessage: 'Domains (T1583.001)' } + ), + id: 'T1583.001', + name: 'Domains', + reference: 'https://attack.mitre.org/techniques/T1583/001', + tactics: 'resource-development', + techniqueId: 'T1583', + value: 'domains', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.domainsT1584Description', + { defaultMessage: 'Domains (T1584.001)' } + ), + id: 'T1584.001', + name: 'Domains', + reference: 'https://attack.mitre.org/techniques/T1584/001', + tactics: 'resource-development', + techniqueId: 'T1584', + value: 'domains', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.downgradeSystemImageT1601Description', + { defaultMessage: 'Downgrade System Image (T1601.002)' } + ), + id: 'T1601.002', + name: 'Downgrade System Image', + reference: 'https://attack.mitre.org/techniques/T1601/002', + tactics: 'defense-evasion', + techniqueId: 'T1601', + value: 'downgradeSystemImage', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dylibHijackingT1574Description', + { defaultMessage: 'Dylib Hijacking (T1574.004)' } + ), + id: 'T1574.004', + name: 'Dylib Hijacking', + reference: 'https://attack.mitre.org/techniques/T1574/004', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'dylibHijacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dynamicDataExchangeT1559Description', + { defaultMessage: 'Dynamic Data Exchange (T1559.002)' } + ), + id: 'T1559.002', + name: 'Dynamic Data Exchange', + reference: 'https://attack.mitre.org/techniques/T1559/002', + tactics: 'execution', + techniqueId: 'T1559', + value: 'dynamicDataExchange', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.dynamicLinkLibraryInjectionT1055Description', + { defaultMessage: 'Dynamic-link Library Injection (T1055.001)' } + ), + id: 'T1055.001', + name: 'Dynamic-link Library Injection', + reference: 'https://attack.mitre.org/techniques/T1055/001', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'dynamicLinkLibraryInjection', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.elevatedExecutionWithPromptT1548Description', + { defaultMessage: 'Elevated Execution with Prompt (T1548.004)' } + ), + id: 'T1548.004', + name: 'Elevated Execution with Prompt', + reference: 'https://attack.mitre.org/techniques/T1548/004', + tactics: 'privilege-escalation,defense-evasion', + techniqueId: 'T1548', + value: 'elevatedExecutionWithPrompt', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.emailAccountT1087Description', + { defaultMessage: 'Email Account (T1087.003)' } + ), + id: 'T1087.003', + name: 'Email Account', + reference: 'https://attack.mitre.org/techniques/T1087/003', + tactics: 'discovery', + techniqueId: 'T1087', + value: 'emailAccount', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.emailAccountsT1585Description', + { defaultMessage: 'Email Accounts (T1585.002)' } + ), + id: 'T1585.002', + name: 'Email Accounts', + reference: 'https://attack.mitre.org/techniques/T1585/002', + tactics: 'resource-development', + techniqueId: 'T1585', + value: 'emailAccounts', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.emailAccountsT1586Description', + { defaultMessage: 'Email Accounts (T1586.002)' } + ), + id: 'T1586.002', + name: 'Email Accounts', + reference: 'https://attack.mitre.org/techniques/T1586/002', + tactics: 'resource-development', + techniqueId: 'T1586', + value: 'emailAccounts', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.emailAddressesT1589Description', + { defaultMessage: 'Email Addresses (T1589.002)' } + ), + id: 'T1589.002', + name: 'Email Addresses', + reference: 'https://attack.mitre.org/techniques/T1589/002', + tactics: 'reconnaissance', + techniqueId: 'T1589', + value: 'emailAddresses', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.emailForwardingRuleT1114Description', + { defaultMessage: 'Email Forwarding Rule (T1114.003)' } + ), + id: 'T1114.003', + name: 'Email Forwarding Rule', + reference: 'https://attack.mitre.org/techniques/T1114/003', + tactics: 'collection', + techniqueId: 'T1114', + value: 'emailForwardingRule', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.emondT1546Description', + { defaultMessage: 'Emond (T1546.014)' } + ), + id: 'T1546.014', + name: 'Emond', + reference: 'https://attack.mitre.org/techniques/T1546/014', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'emond', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.employeeNamesT1589Description', + { defaultMessage: 'Employee Names (T1589.003)' } + ), + id: 'T1589.003', + name: 'Employee Names', + reference: 'https://attack.mitre.org/techniques/T1589/003', + tactics: 'reconnaissance', + techniqueId: 'T1589', + value: 'employeeNames', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.environmentalKeyingT1480Description', + { defaultMessage: 'Environmental Keying (T1480.001)' } + ), + id: 'T1480.001', + name: 'Environmental Keying', + reference: 'https://attack.mitre.org/techniques/T1480/001', + tactics: 'defense-evasion', + techniqueId: 'T1480', + value: 'environmentalKeying', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exchangeEmailDelegatePermissionsT1098Description', + { defaultMessage: 'Exchange Email Delegate Permissions (T1098.002)' } + ), + id: 'T1098.002', + name: 'Exchange Email Delegate Permissions', + reference: 'https://attack.mitre.org/techniques/T1098/002', + tactics: 'persistence', + techniqueId: 'T1098', + value: 'exchangeEmailDelegatePermissions', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.executableInstallerFilePermissionsWeaknessT1574Description', + { defaultMessage: 'Executable Installer File Permissions Weakness (T1574.005)' } + ), + id: 'T1574.005', + name: 'Executable Installer File Permissions Weakness', + reference: 'https://attack.mitre.org/techniques/T1574/005', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'executableInstallerFilePermissionsWeakness', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exfiltrationOverAsymmetricEncryptedNonC2ProtocolT1048Description', + { defaultMessage: 'Exfiltration Over Asymmetric Encrypted Non-C2 Protocol (T1048.002)' } + ), + id: 'T1048.002', + name: 'Exfiltration Over Asymmetric Encrypted Non-C2 Protocol', + reference: 'https://attack.mitre.org/techniques/T1048/002', + tactics: 'exfiltration', + techniqueId: 'T1048', + value: 'exfiltrationOverAsymmetricEncryptedNonC2Protocol', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exfiltrationOverBluetoothT1011Description', + { defaultMessage: 'Exfiltration Over Bluetooth (T1011.001)' } + ), + id: 'T1011.001', + name: 'Exfiltration Over Bluetooth', + reference: 'https://attack.mitre.org/techniques/T1011/001', + tactics: 'exfiltration', + techniqueId: 'T1011', + value: 'exfiltrationOverBluetooth', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exfiltrationOverSymmetricEncryptedNonC2ProtocolT1048Description', + { defaultMessage: 'Exfiltration Over Symmetric Encrypted Non-C2 Protocol (T1048.001)' } + ), + id: 'T1048.001', + name: 'Exfiltration Over Symmetric Encrypted Non-C2 Protocol', + reference: 'https://attack.mitre.org/techniques/T1048/001', + tactics: 'exfiltration', + techniqueId: 'T1048', + value: 'exfiltrationOverSymmetricEncryptedNonC2Protocol', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exfiltrationOverUnencryptedObfuscatedNonC2ProtocolT1048Description', + { defaultMessage: 'Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol (T1048.003)' } + ), + id: 'T1048.003', + name: 'Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol', + reference: 'https://attack.mitre.org/techniques/T1048/003', + tactics: 'exfiltration', + techniqueId: 'T1048', + value: 'exfiltrationOverUnencryptedObfuscatedNonC2Protocol', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exfiltrationOverUsbT1052Description', + { defaultMessage: 'Exfiltration over USB (T1052.001)' } + ), + id: 'T1052.001', + name: 'Exfiltration over USB', + reference: 'https://attack.mitre.org/techniques/T1052/001', + tactics: 'exfiltration', + techniqueId: 'T1052', + value: 'exfiltrationOverUsb', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exfiltrationToCloudStorageT1567Description', + { defaultMessage: 'Exfiltration to Cloud Storage (T1567.002)' } + ), + id: 'T1567.002', + name: 'Exfiltration to Cloud Storage', + reference: 'https://attack.mitre.org/techniques/T1567/002', + tactics: 'exfiltration', + techniqueId: 'T1567', + value: 'exfiltrationToCloudStorage', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exfiltrationToCodeRepositoryT1567Description', + { defaultMessage: 'Exfiltration to Code Repository (T1567.001)' } + ), + id: 'T1567.001', + name: 'Exfiltration to Code Repository', + reference: 'https://attack.mitre.org/techniques/T1567/001', + tactics: 'exfiltration', + techniqueId: 'T1567', + value: 'exfiltrationToCodeRepository', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exploitsT1587Description', + { defaultMessage: 'Exploits (T1587.004)' } + ), + id: 'T1587.004', + name: 'Exploits', + reference: 'https://attack.mitre.org/techniques/T1587/004', + tactics: 'resource-development', + techniqueId: 'T1587', + value: 'exploits', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.exploitsT1588Description', + { defaultMessage: 'Exploits (T1588.005)' } + ), + id: 'T1588.005', + name: 'Exploits', + reference: 'https://attack.mitre.org/techniques/T1588/005', + tactics: 'resource-development', + techniqueId: 'T1588', + value: 'exploits', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.externalDefacementT1491Description', + { defaultMessage: 'External Defacement (T1491.002)' } + ), + id: 'T1491.002', + name: 'External Defacement', + reference: 'https://attack.mitre.org/techniques/T1491/002', + tactics: 'impact', + techniqueId: 'T1491', + value: 'externalDefacement', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.externalProxyT1090Description', + { defaultMessage: 'External Proxy (T1090.002)' } + ), + id: 'T1090.002', + name: 'External Proxy', + reference: 'https://attack.mitre.org/techniques/T1090/002', + tactics: 'command-and-control', + techniqueId: 'T1090', + value: 'externalProxy', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.extraWindowMemoryInjectionT1055Description', + { defaultMessage: 'Extra Window Memory Injection (T1055.011)' } + ), + id: 'T1055.011', + name: 'Extra Window Memory Injection', + reference: 'https://attack.mitre.org/techniques/T1055/011', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'extraWindowMemoryInjection', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.fastFluxDnsT1568Description', + { defaultMessage: 'Fast Flux DNS (T1568.001)' } + ), + id: 'T1568.001', + name: 'Fast Flux DNS', + reference: 'https://attack.mitre.org/techniques/T1568/001', + tactics: 'command-and-control', + techniqueId: 'T1568', + value: 'fastFluxDns', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.fileDeletionT1070Description', + { defaultMessage: 'File Deletion (T1070.004)' } + ), + id: 'T1070.004', + name: 'File Deletion', + reference: 'https://attack.mitre.org/techniques/T1070/004', + tactics: 'defense-evasion', + techniqueId: 'T1070', + value: 'fileDeletion', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.fileTransferProtocolsT1071Description', + { defaultMessage: 'File Transfer Protocols (T1071.002)' } + ), + id: 'T1071.002', + name: 'File Transfer Protocols', + reference: 'https://attack.mitre.org/techniques/T1071/002', + tactics: 'command-and-control', + techniqueId: 'T1071', + value: 'fileTransferProtocols', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.firmwareT1592Description', + { defaultMessage: 'Firmware (T1592.003)' } + ), + id: 'T1592.003', + name: 'Firmware', + reference: 'https://attack.mitre.org/techniques/T1592/003', + tactics: 'reconnaissance', + techniqueId: 'T1592', + value: 'firmware', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.guiInputCaptureT1056Description', + { defaultMessage: 'GUI Input Capture (T1056.002)' } + ), + id: 'T1056.002', + name: 'GUI Input Capture', + reference: 'https://attack.mitre.org/techniques/T1056/002', + tactics: 'collection,credential-access', + techniqueId: 'T1056', + value: 'guiInputCapture', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.gatekeeperBypassT1553Description', + { defaultMessage: 'Gatekeeper Bypass (T1553.001)' } + ), + id: 'T1553.001', + name: 'Gatekeeper Bypass', + reference: 'https://attack.mitre.org/techniques/T1553/001', + tactics: 'defense-evasion', + techniqueId: 'T1553', + value: 'gatekeeperBypass', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.goldenTicketT1558Description', + { defaultMessage: 'Golden Ticket (T1558.001)' } + ), + id: 'T1558.001', + name: 'Golden Ticket', + reference: 'https://attack.mitre.org/techniques/T1558/001', + tactics: 'credential-access', + techniqueId: 'T1558', + value: 'goldenTicket', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.groupPolicyPreferencesT1552Description', + { defaultMessage: 'Group Policy Preferences (T1552.006)' } + ), + id: 'T1552.006', + name: 'Group Policy Preferences', + reference: 'https://attack.mitre.org/techniques/T1552/006', + tactics: 'credential-access', + techniqueId: 'T1552', + value: 'groupPolicyPreferences', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.hardwareT1592Description', + { defaultMessage: 'Hardware (T1592.001)' } + ), + id: 'T1592.001', + name: 'Hardware', + reference: 'https://attack.mitre.org/techniques/T1592/001', + tactics: 'reconnaissance', + techniqueId: 'T1592', + value: 'hardware', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.hiddenFileSystemT1564Description', + { defaultMessage: 'Hidden File System (T1564.005)' } + ), + id: 'T1564.005', + name: 'Hidden File System', + reference: 'https://attack.mitre.org/techniques/T1564/005', + tactics: 'defense-evasion', + techniqueId: 'T1564', + value: 'hiddenFileSystem', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.hiddenFilesAndDirectoriesT1564Description', + { defaultMessage: 'Hidden Files and Directories (T1564.001)' } + ), + id: 'T1564.001', + name: 'Hidden Files and Directories', + reference: 'https://attack.mitre.org/techniques/T1564/001', + tactics: 'defense-evasion', + techniqueId: 'T1564', + value: 'hiddenFilesAndDirectories', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.hiddenUsersT1564Description', + { defaultMessage: 'Hidden Users (T1564.002)' } + ), + id: 'T1564.002', + name: 'Hidden Users', + reference: 'https://attack.mitre.org/techniques/T1564/002', + tactics: 'defense-evasion', + techniqueId: 'T1564', + value: 'hiddenUsers', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.hiddenWindowT1564Description', + { defaultMessage: 'Hidden Window (T1564.003)' } + ), + id: 'T1564.003', + name: 'Hidden Window', + reference: 'https://attack.mitre.org/techniques/T1564/003', + tactics: 'defense-evasion', + techniqueId: 'T1564', + value: 'hiddenWindow', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.ipAddressesT1590Description', + { defaultMessage: 'IP Addresses (T1590.005)' } + ), + id: 'T1590.005', + name: 'IP Addresses', + reference: 'https://attack.mitre.org/techniques/T1590/005', + tactics: 'reconnaissance', + techniqueId: 'T1590', + value: 'ipAddresses', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.identifyBusinessTempoT1591Description', + { defaultMessage: 'Identify Business Tempo (T1591.003)' } + ), + id: 'T1591.003', + name: 'Identify Business Tempo', + reference: 'https://attack.mitre.org/techniques/T1591/003', + tactics: 'reconnaissance', + techniqueId: 'T1591', + value: 'identifyBusinessTempo', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.identifyRolesT1591Description', + { defaultMessage: 'Identify Roles (T1591.004)' } + ), + id: 'T1591.004', + name: 'Identify Roles', + reference: 'https://attack.mitre.org/techniques/T1591/004', + tactics: 'reconnaissance', + techniqueId: 'T1591', + value: 'identifyRoles', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.imageFileExecutionOptionsInjectionT1546Description', + { defaultMessage: 'Image File Execution Options Injection (T1546.012)' } + ), + id: 'T1546.012', + name: 'Image File Execution Options Injection', + reference: 'https://attack.mitre.org/techniques/T1546/012', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'imageFileExecutionOptionsInjection', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.impairCommandHistoryLoggingT1562Description', + { defaultMessage: 'Impair Command History Logging (T1562.003)' } + ), + id: 'T1562.003', + name: 'Impair Command History Logging', + reference: 'https://attack.mitre.org/techniques/T1562/003', + tactics: 'defense-evasion', + techniqueId: 'T1562', + value: 'impairCommandHistoryLogging', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.indicatorBlockingT1562Description', + { defaultMessage: 'Indicator Blocking (T1562.006)' } + ), + id: 'T1562.006', + name: 'Indicator Blocking', + reference: 'https://attack.mitre.org/techniques/T1562/006', + tactics: 'defense-evasion', + techniqueId: 'T1562', + value: 'indicatorBlocking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.indicatorRemovalFromToolsT1027Description', + { defaultMessage: 'Indicator Removal from Tools (T1027.005)' } + ), + id: 'T1027.005', + name: 'Indicator Removal from Tools', + reference: 'https://attack.mitre.org/techniques/T1027/005', + tactics: 'defense-evasion', + techniqueId: 'T1027', + value: 'indicatorRemovalFromTools', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.installRootCertificateT1553Description', + { defaultMessage: 'Install Root Certificate (T1553.004)' } + ), + id: 'T1553.004', + name: 'Install Root Certificate', + reference: 'https://attack.mitre.org/techniques/T1553/004', + tactics: 'defense-evasion', + techniqueId: 'T1553', + value: 'installRootCertificate', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.installUtilT1218Description', + { defaultMessage: 'InstallUtil (T1218.004)' } + ), + id: 'T1218.004', + name: 'InstallUtil', + reference: 'https://attack.mitre.org/techniques/T1218/004', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'installUtil', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.internalDefacementT1491Description', + { defaultMessage: 'Internal Defacement (T1491.001)' } + ), + id: 'T1491.001', + name: 'Internal Defacement', + reference: 'https://attack.mitre.org/techniques/T1491/001', + tactics: 'impact', + techniqueId: 'T1491', + value: 'internalDefacement', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.internalProxyT1090Description', + { defaultMessage: 'Internal Proxy (T1090.001)' } + ), + id: 'T1090.001', + name: 'Internal Proxy', + reference: 'https://attack.mitre.org/techniques/T1090/001', + tactics: 'command-and-control', + techniqueId: 'T1090', + value: 'internalProxy', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.invalidCodeSignatureT1036Description', + { defaultMessage: 'Invalid Code Signature (T1036.001)' } + ), + id: 'T1036.001', + name: 'Invalid Code Signature', + reference: 'https://attack.mitre.org/techniques/T1036/001', + tactics: 'defense-evasion', + techniqueId: 'T1036', + value: 'invalidCodeSignature', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.javaScriptJScriptT1059Description', + { defaultMessage: 'JavaScript/JScript (T1059.007)' } + ), + id: 'T1059.007', + name: 'JavaScript/JScript', + reference: 'https://attack.mitre.org/techniques/T1059/007', + tactics: 'execution', + techniqueId: 'T1059', + value: 'javaScriptJScript', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.junkDataT1001Description', + { defaultMessage: 'Junk Data (T1001.001)' } + ), + id: 'T1001.001', + name: 'Junk Data', + reference: 'https://attack.mitre.org/techniques/T1001/001', + tactics: 'command-and-control', + techniqueId: 'T1001', + value: 'junkData', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.kerberoastingT1558Description', + { defaultMessage: 'Kerberoasting (T1558.003)' } + ), + id: 'T1558.003', + name: 'Kerberoasting', + reference: 'https://attack.mitre.org/techniques/T1558/003', + tactics: 'credential-access', + techniqueId: 'T1558', + value: 'kerberoasting', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.kernelModulesAndExtensionsT1547Description', + { defaultMessage: 'Kernel Modules and Extensions (T1547.006)' } + ), + id: 'T1547.006', + name: 'Kernel Modules and Extensions', + reference: 'https://attack.mitre.org/techniques/T1547/006', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'kernelModulesAndExtensions', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.keychainT1555Description', + { defaultMessage: 'Keychain (T1555.001)' } + ), + id: 'T1555.001', + name: 'Keychain', + reference: 'https://attack.mitre.org/techniques/T1555/001', + tactics: 'credential-access', + techniqueId: 'T1555', + value: 'keychain', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.keyloggingT1056Description', + { defaultMessage: 'Keylogging (T1056.001)' } + ), + id: 'T1056.001', + name: 'Keylogging', + reference: 'https://attack.mitre.org/techniques/T1056/001', + tactics: 'collection,credential-access', + techniqueId: 'T1056', + value: 'keylogging', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.lcLoadDylibAdditionT1546Description', + { defaultMessage: 'LC_LOAD_DYLIB Addition (T1546.006)' } + ), + id: 'T1546.006', + name: 'LC_LOAD_DYLIB Addition', + reference: 'https://attack.mitre.org/techniques/T1546/006', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'lcLoadDylibAddition', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.ldPreloadT1574Description', + { defaultMessage: 'LD_PRELOAD (T1574.006)' } + ), + id: 'T1574.006', + name: 'LD_PRELOAD', + reference: 'https://attack.mitre.org/techniques/T1574/006', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'ldPreload', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.llmnrNbtNsPoisoningAndSmbRelayT1557Description', + { defaultMessage: 'LLMNR/NBT-NS Poisoning and SMB Relay (T1557.001)' } + ), + id: 'T1557.001', + name: 'LLMNR/NBT-NS Poisoning and SMB Relay', + reference: 'https://attack.mitre.org/techniques/T1557/001', + tactics: 'credential-access,collection', + techniqueId: 'T1557', + value: 'llmnrNbtNsPoisoningAndSmbRelay', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.lsaSecretsT1003Description', + { defaultMessage: 'LSA Secrets (T1003.004)' } + ), + id: 'T1003.004', + name: 'LSA Secrets', + reference: 'https://attack.mitre.org/techniques/T1003/004', + tactics: 'credential-access', + techniqueId: 'T1003', + value: 'lsaSecrets', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.lsassDriverT1547Description', + { defaultMessage: 'LSASS Driver (T1547.008)' } + ), + id: 'T1547.008', + name: 'LSASS Driver', + reference: 'https://attack.mitre.org/techniques/T1547/008', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'lsassDriver', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.lsassMemoryT1003Description', + { defaultMessage: 'LSASS Memory (T1003.001)' } + ), + id: 'T1003.001', + name: 'LSASS Memory', + reference: 'https://attack.mitre.org/techniques/T1003/001', + tactics: 'credential-access', + techniqueId: 'T1003', + value: 'lsassMemory', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.launchAgentT1543Description', + { defaultMessage: 'Launch Agent (T1543.001)' } + ), + id: 'T1543.001', + name: 'Launch Agent', + reference: 'https://attack.mitre.org/techniques/T1543/001', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1543', + value: 'launchAgent', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.launchDaemonT1543Description', + { defaultMessage: 'Launch Daemon (T1543.004)' } + ), + id: 'T1543.004', + name: 'Launch Daemon', + reference: 'https://attack.mitre.org/techniques/T1543/004', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1543', + value: 'launchDaemon', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.launchctlT1569Description', + { defaultMessage: 'Launchctl (T1569.001)' } + ), + id: 'T1569.001', + name: 'Launchctl', + reference: 'https://attack.mitre.org/techniques/T1569/001', + tactics: 'execution', + techniqueId: 'T1569', + value: 'launchctl', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.launchdT1053Description', + { defaultMessage: 'Launchd (T1053.004)' } + ), + id: 'T1053.004', + name: 'Launchd', + reference: 'https://attack.mitre.org/techniques/T1053/004', + tactics: 'execution,persistence,privilege-escalation', + techniqueId: 'T1053', + value: 'launchd', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.linuxAndMacFileAndDirectoryPermissionsModificationT1222Description', + { defaultMessage: 'Linux and Mac File and Directory Permissions Modification (T1222.002)' } + ), + id: 'T1222.002', + name: 'Linux and Mac File and Directory Permissions Modification', + reference: 'https://attack.mitre.org/techniques/T1222/002', + tactics: 'defense-evasion', + techniqueId: 'T1222', + value: 'linuxAndMacFileAndDirectoryPermissionsModification', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.localAccountT1136Description', + { defaultMessage: 'Local Account (T1136.001)' } + ), + id: 'T1136.001', + name: 'Local Account', + reference: 'https://attack.mitre.org/techniques/T1136/001', + tactics: 'persistence', + techniqueId: 'T1136', + value: 'localAccount', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.localAccountT1087Description', + { defaultMessage: 'Local Account (T1087.001)' } + ), + id: 'T1087.001', + name: 'Local Account', + reference: 'https://attack.mitre.org/techniques/T1087/001', + tactics: 'discovery', + techniqueId: 'T1087', + value: 'localAccount', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.localAccountsT1078Description', + { defaultMessage: 'Local Accounts (T1078.003)' } + ), + id: 'T1078.003', + name: 'Local Accounts', + reference: 'https://attack.mitre.org/techniques/T1078/003', + tactics: 'defense-evasion,persistence,privilege-escalation,initial-access', + techniqueId: 'T1078', + value: 'localAccounts', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.localDataStagingT1074Description', + { defaultMessage: 'Local Data Staging (T1074.001)' } + ), + id: 'T1074.001', + name: 'Local Data Staging', + reference: 'https://attack.mitre.org/techniques/T1074/001', + tactics: 'collection', + techniqueId: 'T1074', + value: 'localDataStaging', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.localEmailCollectionT1114Description', + { defaultMessage: 'Local Email Collection (T1114.001)' } + ), + id: 'T1114.001', + name: 'Local Email Collection', + reference: 'https://attack.mitre.org/techniques/T1114/001', + tactics: 'collection', + techniqueId: 'T1114', + value: 'localEmailCollection', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.localGroupsT1069Description', + { defaultMessage: 'Local Groups (T1069.001)' } + ), + id: 'T1069.001', + name: 'Local Groups', + reference: 'https://attack.mitre.org/techniques/T1069/001', + tactics: 'discovery', + techniqueId: 'T1069', + value: 'localGroups', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.logonScriptMacT1037Description', + { defaultMessage: 'Logon Script (Mac) (T1037.002)' } + ), + id: 'T1037.002', + name: 'Logon Script (Mac)', + reference: 'https://attack.mitre.org/techniques/T1037/002', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1037', + value: 'logonScriptMac', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.logonScriptWindowsT1037Description', + { defaultMessage: 'Logon Script (Windows) (T1037.001)' } + ), + id: 'T1037.001', + name: 'Logon Script (Windows)', + reference: 'https://attack.mitre.org/techniques/T1037/001', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1037', + value: 'logonScriptWindows', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.msBuildT1127Description', + { defaultMessage: 'MSBuild (T1127.001)' } + ), + id: 'T1127.001', + name: 'MSBuild', + reference: 'https://attack.mitre.org/techniques/T1127/001', + tactics: 'defense-evasion', + techniqueId: 'T1127', + value: 'msBuild', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.mailProtocolsT1071Description', + { defaultMessage: 'Mail Protocols (T1071.003)' } + ), + id: 'T1071.003', + name: 'Mail Protocols', + reference: 'https://attack.mitre.org/techniques/T1071/003', + tactics: 'command-and-control', + techniqueId: 'T1071', + value: 'mailProtocols', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.makeAndImpersonateTokenT1134Description', + { defaultMessage: 'Make and Impersonate Token (T1134.003)' } + ), + id: 'T1134.003', + name: 'Make and Impersonate Token', + reference: 'https://attack.mitre.org/techniques/T1134/003', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1134', + value: 'makeAndImpersonateToken', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.maliciousFileT1204Description', + { defaultMessage: 'Malicious File (T1204.002)' } + ), + id: 'T1204.002', + name: 'Malicious File', + reference: 'https://attack.mitre.org/techniques/T1204/002', + tactics: 'execution', + techniqueId: 'T1204', + value: 'maliciousFile', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.maliciousLinkT1204Description', + { defaultMessage: 'Malicious Link (T1204.001)' } + ), + id: 'T1204.001', + name: 'Malicious Link', + reference: 'https://attack.mitre.org/techniques/T1204/001', + tactics: 'execution', + techniqueId: 'T1204', + value: 'maliciousLink', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.malwareT1587Description', + { defaultMessage: 'Malware (T1587.001)' } + ), + id: 'T1587.001', + name: 'Malware', + reference: 'https://attack.mitre.org/techniques/T1587/001', + tactics: 'resource-development', + techniqueId: 'T1587', + value: 'malware', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.malwareT1588Description', + { defaultMessage: 'Malware (T1588.001)' } + ), + id: 'T1588.001', + name: 'Malware', + reference: 'https://attack.mitre.org/techniques/T1588/001', + tactics: 'resource-development', + techniqueId: 'T1588', + value: 'malware', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.masqueradeTaskOrServiceT1036Description', + { defaultMessage: 'Masquerade Task or Service (T1036.004)' } + ), + id: 'T1036.004', + name: 'Masquerade Task or Service', + reference: 'https://attack.mitre.org/techniques/T1036/004', + tactics: 'defense-evasion', + techniqueId: 'T1036', + value: 'masqueradeTaskOrService', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.matchLegitimateNameOrLocationT1036Description', + { defaultMessage: 'Match Legitimate Name or Location (T1036.005)' } + ), + id: 'T1036.005', + name: 'Match Legitimate Name or Location', + reference: 'https://attack.mitre.org/techniques/T1036/005', + tactics: 'defense-evasion', + techniqueId: 'T1036', + value: 'matchLegitimateNameOrLocation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.mshtaT1218Description', + { defaultMessage: 'Mshta (T1218.005)' } + ), + id: 'T1218.005', + name: 'Mshta', + reference: 'https://attack.mitre.org/techniques/T1218/005', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'mshta', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.msiexecT1218Description', + { defaultMessage: 'Msiexec (T1218.007)' } + ), + id: 'T1218.007', + name: 'Msiexec', + reference: 'https://attack.mitre.org/techniques/T1218/007', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'msiexec', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.multiHopProxyT1090Description', + { defaultMessage: 'Multi-hop Proxy (T1090.003)' } + ), + id: 'T1090.003', + name: 'Multi-hop Proxy', + reference: 'https://attack.mitre.org/techniques/T1090/003', + tactics: 'command-and-control', + techniqueId: 'T1090', + value: 'multiHopProxy', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.ntdsT1003Description', + { defaultMessage: 'NTDS (T1003.003)' } + ), + id: 'T1003.003', + name: 'NTDS', + reference: 'https://attack.mitre.org/techniques/T1003/003', + tactics: 'credential-access', + techniqueId: 'T1003', + value: 'ntds', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.ntfsFileAttributesT1564Description', + { defaultMessage: 'NTFS File Attributes (T1564.004)' } + ), + id: 'T1564.004', + name: 'NTFS File Attributes', + reference: 'https://attack.mitre.org/techniques/T1564/004', + tactics: 'defense-evasion', + techniqueId: 'T1564', + value: 'ntfsFileAttributes', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.netshHelperDllT1546Description', + { defaultMessage: 'Netsh Helper DLL (T1546.007)' } + ), + id: 'T1546.007', + name: 'Netsh Helper DLL', + reference: 'https://attack.mitre.org/techniques/T1546/007', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'netshHelperDll', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.networkAddressTranslationTraversalT1599Description', + { defaultMessage: 'Network Address Translation Traversal (T1599.001)' } + ), + id: 'T1599.001', + name: 'Network Address Translation Traversal', + reference: 'https://attack.mitre.org/techniques/T1599/001', + tactics: 'defense-evasion', + techniqueId: 'T1599', + value: 'networkAddressTranslationTraversal', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.networkDeviceAuthenticationT1556Description', + { defaultMessage: 'Network Device Authentication (T1556.004)' } + ), + id: 'T1556.004', + name: 'Network Device Authentication', + reference: 'https://attack.mitre.org/techniques/T1556/004', + tactics: 'credential-access,defense-evasion', + techniqueId: 'T1556', + value: 'networkDeviceAuthentication', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.networkDeviceCliT1059Description', + { defaultMessage: 'Network Device CLI (T1059.008)' } + ), + id: 'T1059.008', + name: 'Network Device CLI', + reference: 'https://attack.mitre.org/techniques/T1059/008', + tactics: 'execution', + techniqueId: 'T1059', + value: 'networkDeviceCli', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.networkDeviceConfigurationDumpT1602Description', + { defaultMessage: 'Network Device Configuration Dump (T1602.002)' } + ), + id: 'T1602.002', + name: 'Network Device Configuration Dump', + reference: 'https://attack.mitre.org/techniques/T1602/002', + tactics: 'collection', + techniqueId: 'T1602', + value: 'networkDeviceConfigurationDump', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.networkLogonScriptT1037Description', + { defaultMessage: 'Network Logon Script (T1037.003)' } + ), + id: 'T1037.003', + name: 'Network Logon Script', + reference: 'https://attack.mitre.org/techniques/T1037/003', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1037', + value: 'networkLogonScript', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.networkSecurityAppliancesT1590Description', + { defaultMessage: 'Network Security Appliances (T1590.006)' } + ), + id: 'T1590.006', + name: 'Network Security Appliances', + reference: 'https://attack.mitre.org/techniques/T1590/006', + tactics: 'reconnaissance', + techniqueId: 'T1590', + value: 'networkSecurityAppliances', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.networkShareConnectionRemovalT1070Description', + { defaultMessage: 'Network Share Connection Removal (T1070.005)' } + ), + id: 'T1070.005', + name: 'Network Share Connection Removal', + reference: 'https://attack.mitre.org/techniques/T1070/005', + tactics: 'defense-evasion', + techniqueId: 'T1070', + value: 'networkShareConnectionRemoval', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.networkTopologyT1590Description', + { defaultMessage: 'Network Topology (T1590.004)' } + ), + id: 'T1590.004', + name: 'Network Topology', + reference: 'https://attack.mitre.org/techniques/T1590/004', + tactics: 'reconnaissance', + techniqueId: 'T1590', + value: 'networkTopology', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.networkTrustDependenciesT1590Description', + { defaultMessage: 'Network Trust Dependencies (T1590.003)' } + ), + id: 'T1590.003', + name: 'Network Trust Dependencies', + reference: 'https://attack.mitre.org/techniques/T1590/003', + tactics: 'reconnaissance', + techniqueId: 'T1590', + value: 'networkTrustDependencies', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.nonStandardEncodingT1132Description', + { defaultMessage: 'Non-Standard Encoding (T1132.002)' } + ), + id: 'T1132.002', + name: 'Non-Standard Encoding', + reference: 'https://attack.mitre.org/techniques/T1132/002', + tactics: 'command-and-control', + techniqueId: 'T1132', + value: 'nonStandardEncoding', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.osExhaustionFloodT1499Description', + { defaultMessage: 'OS Exhaustion Flood (T1499.001)' } + ), + id: 'T1499.001', + name: 'OS Exhaustion Flood', + reference: 'https://attack.mitre.org/techniques/T1499/001', + tactics: 'impact', + techniqueId: 'T1499', + value: 'osExhaustionFlood', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.odbcconfT1218Description', + { defaultMessage: 'Odbcconf (T1218.008)' } + ), + id: 'T1218.008', + name: 'Odbcconf', + reference: 'https://attack.mitre.org/techniques/T1218/008', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'odbcconf', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.officeTemplateMacrosT1137Description', + { defaultMessage: 'Office Template Macros (T1137.001)' } + ), + id: 'T1137.001', + name: 'Office Template Macros', + reference: 'https://attack.mitre.org/techniques/T1137/001', + tactics: 'persistence', + techniqueId: 'T1137', + value: 'officeTemplateMacros', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.officeTestT1137Description', + { defaultMessage: 'Office Test (T1137.002)' } + ), + id: 'T1137.002', + name: 'Office Test', + reference: 'https://attack.mitre.org/techniques/T1137/002', + tactics: 'persistence', + techniqueId: 'T1137', + value: 'officeTest', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.oneWayCommunicationT1102Description', + { defaultMessage: 'One-Way Communication (T1102.003)' } + ), + id: 'T1102.003', + name: 'One-Way Communication', + reference: 'https://attack.mitre.org/techniques/T1102/003', + tactics: 'command-and-control', + techniqueId: 'T1102', + value: 'oneWayCommunication', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.outlookFormsT1137Description', + { defaultMessage: 'Outlook Forms (T1137.003)' } + ), + id: 'T1137.003', + name: 'Outlook Forms', + reference: 'https://attack.mitre.org/techniques/T1137/003', + tactics: 'persistence', + techniqueId: 'T1137', + value: 'outlookForms', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.outlookHomePageT1137Description', + { defaultMessage: 'Outlook Home Page (T1137.004)' } + ), + id: 'T1137.004', + name: 'Outlook Home Page', + reference: 'https://attack.mitre.org/techniques/T1137/004', + tactics: 'persistence', + techniqueId: 'T1137', + value: 'outlookHomePage', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.outlookRulesT1137Description', + { defaultMessage: 'Outlook Rules (T1137.005)' } + ), + id: 'T1137.005', + name: 'Outlook Rules', + reference: 'https://attack.mitre.org/techniques/T1137/005', + tactics: 'persistence', + techniqueId: 'T1137', + value: 'outlookRules', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.parentPidSpoofingT1134Description', + { defaultMessage: 'Parent PID Spoofing (T1134.004)' } + ), + id: 'T1134.004', + name: 'Parent PID Spoofing', + reference: 'https://attack.mitre.org/techniques/T1134/004', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1134', + value: 'parentPidSpoofing', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.passTheHashT1550Description', + { defaultMessage: 'Pass the Hash (T1550.002)' } + ), + id: 'T1550.002', + name: 'Pass the Hash', + reference: 'https://attack.mitre.org/techniques/T1550/002', + tactics: 'defense-evasion,lateral-movement', + techniqueId: 'T1550', + value: 'passTheHash', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.passTheTicketT1550Description', + { defaultMessage: 'Pass the Ticket (T1550.003)' } + ), + id: 'T1550.003', + name: 'Pass the Ticket', + reference: 'https://attack.mitre.org/techniques/T1550/003', + tactics: 'defense-evasion,lateral-movement', + techniqueId: 'T1550', + value: 'passTheTicket', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.passwordCrackingT1110Description', + { defaultMessage: 'Password Cracking (T1110.002)' } + ), + id: 'T1110.002', + name: 'Password Cracking', + reference: 'https://attack.mitre.org/techniques/T1110/002', + tactics: 'credential-access', + techniqueId: 'T1110', + value: 'passwordCracking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.passwordFilterDllT1556Description', + { defaultMessage: 'Password Filter DLL (T1556.002)' } + ), + id: 'T1556.002', + name: 'Password Filter DLL', + reference: 'https://attack.mitre.org/techniques/T1556/002', + tactics: 'credential-access,defense-evasion', + techniqueId: 'T1556', + value: 'passwordFilterDll', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.passwordGuessingT1110Description', + { defaultMessage: 'Password Guessing (T1110.001)' } + ), + id: 'T1110.001', + name: 'Password Guessing', + reference: 'https://attack.mitre.org/techniques/T1110/001', + tactics: 'credential-access', + techniqueId: 'T1110', + value: 'passwordGuessing', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.passwordSprayingT1110Description', + { defaultMessage: 'Password Spraying (T1110.003)' } + ), + id: 'T1110.003', + name: 'Password Spraying', + reference: 'https://attack.mitre.org/techniques/T1110/003', + tactics: 'credential-access', + techniqueId: 'T1110', + value: 'passwordSpraying', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.patchSystemImageT1601Description', + { defaultMessage: 'Patch System Image (T1601.001)' } + ), + id: 'T1601.001', + name: 'Patch System Image', + reference: 'https://attack.mitre.org/techniques/T1601/001', + tactics: 'defense-evasion', + techniqueId: 'T1601', + value: 'patchSystemImage', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.pathInterceptionByPathEnvironmentVariableT1574Description', + { defaultMessage: 'Path Interception by PATH Environment Variable (T1574.007)' } + ), + id: 'T1574.007', + name: 'Path Interception by PATH Environment Variable', + reference: 'https://attack.mitre.org/techniques/T1574/007', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'pathInterceptionByPathEnvironmentVariable', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.pathInterceptionBySearchOrderHijackingT1574Description', + { defaultMessage: 'Path Interception by Search Order Hijacking (T1574.008)' } + ), + id: 'T1574.008', + name: 'Path Interception by Search Order Hijacking', + reference: 'https://attack.mitre.org/techniques/T1574/008', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'pathInterceptionBySearchOrderHijacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.pathInterceptionByUnquotedPathT1574Description', + { defaultMessage: 'Path Interception by Unquoted Path (T1574.009)' } + ), + id: 'T1574.009', + name: 'Path Interception by Unquoted Path', + reference: 'https://attack.mitre.org/techniques/T1574/009', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'pathInterceptionByUnquotedPath', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.plistModificationT1547Description', + { defaultMessage: 'Plist Modification (T1547.011)' } + ), + id: 'T1547.011', + name: 'Plist Modification', + reference: 'https://attack.mitre.org/techniques/T1547/011', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'plistModification', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.pluggableAuthenticationModulesT1556Description', + { defaultMessage: 'Pluggable Authentication Modules (T1556.003)' } + ), + id: 'T1556.003', + name: 'Pluggable Authentication Modules', + reference: 'https://attack.mitre.org/techniques/T1556/003', + tactics: 'credential-access,defense-evasion', + techniqueId: 'T1556', + value: 'pluggableAuthenticationModules', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.portKnockingT1205Description', + { defaultMessage: 'Port Knocking (T1205.001)' } + ), + id: 'T1205.001', + name: 'Port Knocking', + reference: 'https://attack.mitre.org/techniques/T1205/001', + tactics: 'defense-evasion,persistence,command-and-control', + techniqueId: 'T1205', + value: 'portKnocking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.portMonitorsT1547Description', + { defaultMessage: 'Port Monitors (T1547.010)' } + ), + id: 'T1547.010', + name: 'Port Monitors', + reference: 'https://attack.mitre.org/techniques/T1547/010', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'portMonitors', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.portableExecutableInjectionT1055Description', + { defaultMessage: 'Portable Executable Injection (T1055.002)' } + ), + id: 'T1055.002', + name: 'Portable Executable Injection', + reference: 'https://attack.mitre.org/techniques/T1055/002', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'portableExecutableInjection', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.powerShellT1059Description', + { defaultMessage: 'PowerShell (T1059.001)' } + ), + id: 'T1059.001', + name: 'PowerShell', + reference: 'https://attack.mitre.org/techniques/T1059/001', + tactics: 'execution', + techniqueId: 'T1059', + value: 'powerShell', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.powerShellProfileT1546Description', + { defaultMessage: 'PowerShell Profile (T1546.013)' } + ), + id: 'T1546.013', + name: 'PowerShell Profile', + reference: 'https://attack.mitre.org/techniques/T1546/013', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'powerShellProfile', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.printProcessorsT1547Description', + { defaultMessage: 'Print Processors (T1547.012)' } + ), + id: 'T1547.012', + name: 'Print Processors', + reference: 'https://attack.mitre.org/techniques/T1547/012', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'printProcessors', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.privateKeysT1552Description', + { defaultMessage: 'Private Keys (T1552.004)' } + ), + id: 'T1552.004', + name: 'Private Keys', + reference: 'https://attack.mitre.org/techniques/T1552/004', + tactics: 'credential-access', + techniqueId: 'T1552', + value: 'privateKeys', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.procFilesystemT1003Description', + { defaultMessage: 'Proc Filesystem (T1003.007)' } + ), + id: 'T1003.007', + name: 'Proc Filesystem', + reference: 'https://attack.mitre.org/techniques/T1003/007', + tactics: 'credential-access', + techniqueId: 'T1003', + value: 'procFilesystem', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.procMemoryT1055Description', + { defaultMessage: 'Proc Memory (T1055.009)' } + ), + id: 'T1055.009', + name: 'Proc Memory', + reference: 'https://attack.mitre.org/techniques/T1055/009', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'procMemory', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.processDoppelgangingT1055Description', + { defaultMessage: 'Process Doppelgänging (T1055.013)' } + ), + id: 'T1055.013', + name: 'Process Doppelgänging', + reference: 'https://attack.mitre.org/techniques/T1055/013', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'processDoppelganging', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.processHollowingT1055Description', + { defaultMessage: 'Process Hollowing (T1055.012)' } + ), + id: 'T1055.012', + name: 'Process Hollowing', + reference: 'https://attack.mitre.org/techniques/T1055/012', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'processHollowing', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.protocolImpersonationT1001Description', + { defaultMessage: 'Protocol Impersonation (T1001.003)' } + ), + id: 'T1001.003', + name: 'Protocol Impersonation', + reference: 'https://attack.mitre.org/techniques/T1001/003', + tactics: 'command-and-control', + techniqueId: 'T1001', + value: 'protocolImpersonation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.ptraceSystemCallsT1055Description', + { defaultMessage: 'Ptrace System Calls (T1055.008)' } + ), + id: 'T1055.008', + name: 'Ptrace System Calls', + reference: 'https://attack.mitre.org/techniques/T1055/008', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'ptraceSystemCalls', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.pubPrnT1216Description', + { defaultMessage: 'PubPrn (T1216.001)' } + ), + id: 'T1216.001', + name: 'PubPrn', + reference: 'https://attack.mitre.org/techniques/T1216/001', + tactics: 'defense-evasion', + techniqueId: 'T1216', + value: 'pubPrn', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.purchaseTechnicalDataT1597Description', + { defaultMessage: 'Purchase Technical Data (T1597.002)' } + ), + id: 'T1597.002', + name: 'Purchase Technical Data', + reference: 'https://attack.mitre.org/techniques/T1597/002', + tactics: 'reconnaissance', + techniqueId: 'T1597', + value: 'purchaseTechnicalData', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.pythonT1059Description', + { defaultMessage: 'Python (T1059.006)' } + ), + id: 'T1059.006', + name: 'Python', + reference: 'https://attack.mitre.org/techniques/T1059/006', + tactics: 'execution', + techniqueId: 'T1059', + value: 'python', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.rdpHijackingT1563Description', + { defaultMessage: 'RDP Hijacking (T1563.002)' } + ), + id: 'T1563.002', + name: 'RDP Hijacking', + reference: 'https://attack.mitre.org/techniques/T1563/002', + tactics: 'lateral-movement', + techniqueId: 'T1563', + value: 'rdpHijacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.rommoNkitT1542Description', + { defaultMessage: 'ROMMONkit (T1542.004)' } + ), + id: 'T1542.004', + name: 'ROMMONkit', + reference: 'https://attack.mitre.org/techniques/T1542/004', + tactics: 'defense-evasion,persistence', + techniqueId: 'T1542', + value: 'rommoNkit', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.rcCommonT1037Description', + { defaultMessage: 'Rc.common (T1037.004)' } + ), + id: 'T1037.004', + name: 'Rc.common', + reference: 'https://attack.mitre.org/techniques/T1037/004', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1037', + value: 'rcCommon', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.reOpenedApplicationsT1547Description', + { defaultMessage: 'Re-opened Applications (T1547.007)' } + ), + id: 'T1547.007', + name: 'Re-opened Applications', + reference: 'https://attack.mitre.org/techniques/T1547/007', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'reOpenedApplications', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.reduceKeySpaceT1600Description', + { defaultMessage: 'Reduce Key Space (T1600.001)' } + ), + id: 'T1600.001', + name: 'Reduce Key Space', + reference: 'https://attack.mitre.org/techniques/T1600/001', + tactics: 'defense-evasion', + techniqueId: 'T1600', + value: 'reduceKeySpace', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.reflectionAmplificationT1498Description', + { defaultMessage: 'Reflection Amplification (T1498.002)' } + ), + id: 'T1498.002', + name: 'Reflection Amplification', + reference: 'https://attack.mitre.org/techniques/T1498/002', + tactics: 'impact', + techniqueId: 'T1498', + value: 'reflectionAmplification', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.registryRunKeysStartupFolderT1547Description', + { defaultMessage: 'Registry Run Keys / Startup Folder (T1547.001)' } + ), + id: 'T1547.001', + name: 'Registry Run Keys / Startup Folder', + reference: 'https://attack.mitre.org/techniques/T1547/001', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'registryRunKeysStartupFolder', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.regsvcsRegasmT1218Description', + { defaultMessage: 'Regsvcs/Regasm (T1218.009)' } + ), + id: 'T1218.009', + name: 'Regsvcs/Regasm', + reference: 'https://attack.mitre.org/techniques/T1218/009', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'regsvcsRegasm', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.regsvr32T1218Description', + { defaultMessage: 'Regsvr32 (T1218.010)' } + ), + id: 'T1218.010', + name: 'Regsvr32', + reference: 'https://attack.mitre.org/techniques/T1218/010', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'regsvr32', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.remoteDataStagingT1074Description', + { defaultMessage: 'Remote Data Staging (T1074.002)' } + ), + id: 'T1074.002', + name: 'Remote Data Staging', + reference: 'https://attack.mitre.org/techniques/T1074/002', + tactics: 'collection', + techniqueId: 'T1074', + value: 'remoteDataStaging', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.remoteDesktopProtocolT1021Description', + { defaultMessage: 'Remote Desktop Protocol (T1021.001)' } + ), + id: 'T1021.001', + name: 'Remote Desktop Protocol', + reference: 'https://attack.mitre.org/techniques/T1021/001', + tactics: 'lateral-movement', + techniqueId: 'T1021', + value: 'remoteDesktopProtocol', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.remoteEmailCollectionT1114Description', + { defaultMessage: 'Remote Email Collection (T1114.002)' } + ), + id: 'T1114.002', + name: 'Remote Email Collection', + reference: 'https://attack.mitre.org/techniques/T1114/002', + tactics: 'collection', + techniqueId: 'T1114', + value: 'remoteEmailCollection', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.renameSystemUtilitiesT1036Description', + { defaultMessage: 'Rename System Utilities (T1036.003)' } + ), + id: 'T1036.003', + name: 'Rename System Utilities', + reference: 'https://attack.mitre.org/techniques/T1036/003', + tactics: 'defense-evasion', + techniqueId: 'T1036', + value: 'renameSystemUtilities', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.revertCloudInstanceT1578Description', + { defaultMessage: 'Revert Cloud Instance (T1578.004)' } + ), + id: 'T1578.004', + name: 'Revert Cloud Instance', + reference: 'https://attack.mitre.org/techniques/T1578/004', + tactics: 'defense-evasion', + techniqueId: 'T1578', + value: 'revertCloudInstance', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.rightToLeftOverrideT1036Description', + { defaultMessage: 'Right-to-Left Override (T1036.002)' } + ), + id: 'T1036.002', + name: 'Right-to-Left Override', + reference: 'https://attack.mitre.org/techniques/T1036/002', + tactics: 'defense-evasion', + techniqueId: 'T1036', + value: 'rightToLeftOverride', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.runVirtualInstanceT1564Description', + { defaultMessage: 'Run Virtual Instance (T1564.006)' } + ), + id: 'T1564.006', + name: 'Run Virtual Instance', + reference: 'https://attack.mitre.org/techniques/T1564/006', + tactics: 'defense-evasion', + techniqueId: 'T1564', + value: 'runVirtualInstance', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.rundll32T1218Description', + { defaultMessage: 'Rundll32 (T1218.011)' } + ), + id: 'T1218.011', + name: 'Rundll32', + reference: 'https://attack.mitre.org/techniques/T1218/011', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'rundll32', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.runtimeDataManipulationT1565Description', + { defaultMessage: 'Runtime Data Manipulation (T1565.003)' } + ), + id: 'T1565.003', + name: 'Runtime Data Manipulation', + reference: 'https://attack.mitre.org/techniques/T1565/003', + tactics: 'impact', + techniqueId: 'T1565', + value: 'runtimeDataManipulation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.sidHistoryInjectionT1134Description', + { defaultMessage: 'SID-History Injection (T1134.005)' } + ), + id: 'T1134.005', + name: 'SID-History Injection', + reference: 'https://attack.mitre.org/techniques/T1134/005', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1134', + value: 'sidHistoryInjection', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.sipAndTrustProviderHijackingT1553Description', + { defaultMessage: 'SIP and Trust Provider Hijacking (T1553.003)' } + ), + id: 'T1553.003', + name: 'SIP and Trust Provider Hijacking', + reference: 'https://attack.mitre.org/techniques/T1553/003', + tactics: 'defense-evasion', + techniqueId: 'T1553', + value: 'sipAndTrustProviderHijacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.smbWindowsAdminSharesT1021Description', + { defaultMessage: 'SMB/Windows Admin Shares (T1021.002)' } + ), + id: 'T1021.002', + name: 'SMB/Windows Admin Shares', + reference: 'https://attack.mitre.org/techniques/T1021/002', + tactics: 'lateral-movement', + techniqueId: 'T1021', + value: 'smbWindowsAdminShares', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.snmpMibDumpT1602Description', + { defaultMessage: 'SNMP (MIB Dump) (T1602.001)' } + ), + id: 'T1602.001', + name: 'SNMP (MIB Dump)', + reference: 'https://attack.mitre.org/techniques/T1602/001', + tactics: 'collection', + techniqueId: 'T1602', + value: 'snmpMibDump', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.sqlStoredProceduresT1505Description', + { defaultMessage: 'SQL Stored Procedures (T1505.001)' } + ), + id: 'T1505.001', + name: 'SQL Stored Procedures', + reference: 'https://attack.mitre.org/techniques/T1505/001', + tactics: 'persistence', + techniqueId: 'T1505', + value: 'sqlStoredProcedures', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.sshT1021Description', + { defaultMessage: 'SSH (T1021.004)' } + ), + id: 'T1021.004', + name: 'SSH', + reference: 'https://attack.mitre.org/techniques/T1021/004', + tactics: 'lateral-movement', + techniqueId: 'T1021', + value: 'ssh', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.sshAuthorizedKeysT1098Description', + { defaultMessage: 'SSH Authorized Keys (T1098.004)' } + ), + id: 'T1098.004', + name: 'SSH Authorized Keys', + reference: 'https://attack.mitre.org/techniques/T1098/004', + tactics: 'persistence', + techniqueId: 'T1098', + value: 'sshAuthorizedKeys', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.sshHijackingT1563Description', + { defaultMessage: 'SSH Hijacking (T1563.001)' } + ), + id: 'T1563.001', + name: 'SSH Hijacking', + reference: 'https://attack.mitre.org/techniques/T1563/001', + tactics: 'lateral-movement', + techniqueId: 'T1563', + value: 'sshHijacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.scanDatabasesT1596Description', + { defaultMessage: 'Scan Databases (T1596.005)' } + ), + id: 'T1596.005', + name: 'Scan Databases', + reference: 'https://attack.mitre.org/techniques/T1596/005', + tactics: 'reconnaissance', + techniqueId: 'T1596', + value: 'scanDatabases', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.scanningIpBlocksT1595Description', + { defaultMessage: 'Scanning IP Blocks (T1595.001)' } + ), + id: 'T1595.001', + name: 'Scanning IP Blocks', + reference: 'https://attack.mitre.org/techniques/T1595/001', + tactics: 'reconnaissance', + techniqueId: 'T1595', + value: 'scanningIpBlocks', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.scheduledTaskT1053Description', + { defaultMessage: 'Scheduled Task (T1053.005)' } + ), + id: 'T1053.005', + name: 'Scheduled Task', + reference: 'https://attack.mitre.org/techniques/T1053/005', + tactics: 'execution,persistence,privilege-escalation', + techniqueId: 'T1053', + value: 'scheduledTask', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.screensaverT1546Description', + { defaultMessage: 'Screensaver (T1546.002)' } + ), + id: 'T1546.002', + name: 'Screensaver', + reference: 'https://attack.mitre.org/techniques/T1546/002', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'screensaver', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.searchEnginesT1593Description', + { defaultMessage: 'Search Engines (T1593.002)' } + ), + id: 'T1593.002', + name: 'Search Engines', + reference: 'https://attack.mitre.org/techniques/T1593/002', + tactics: 'reconnaissance', + techniqueId: 'T1593', + value: 'searchEngines', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.securityAccountManagerT1003Description', + { defaultMessage: 'Security Account Manager (T1003.002)' } + ), + id: 'T1003.002', + name: 'Security Account Manager', + reference: 'https://attack.mitre.org/techniques/T1003/002', + tactics: 'credential-access', + techniqueId: 'T1003', + value: 'securityAccountManager', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.securitySoftwareDiscoveryT1518Description', + { defaultMessage: 'Security Software Discovery (T1518.001)' } + ), + id: 'T1518.001', + name: 'Security Software Discovery', + reference: 'https://attack.mitre.org/techniques/T1518/001', + tactics: 'discovery', + techniqueId: 'T1518', + value: 'securitySoftwareDiscovery', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.securitySupportProviderT1547Description', + { defaultMessage: 'Security Support Provider (T1547.005)' } + ), + id: 'T1547.005', + name: 'Security Support Provider', + reference: 'https://attack.mitre.org/techniques/T1547/005', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'securitySupportProvider', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.securitydMemoryT1555Description', + { defaultMessage: 'Securityd Memory (T1555.002)' } + ), + id: 'T1555.002', + name: 'Securityd Memory', + reference: 'https://attack.mitre.org/techniques/T1555/002', + tactics: 'credential-access', + techniqueId: 'T1555', + value: 'securitydMemory', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.serverT1583Description', + { defaultMessage: 'Server (T1583.004)' } + ), + id: 'T1583.004', + name: 'Server', + reference: 'https://attack.mitre.org/techniques/T1583/004', + tactics: 'resource-development', + techniqueId: 'T1583', + value: 'server', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.serverT1584Description', + { defaultMessage: 'Server (T1584.004)' } + ), + id: 'T1584.004', + name: 'Server', + reference: 'https://attack.mitre.org/techniques/T1584/004', + tactics: 'resource-development', + techniqueId: 'T1584', + value: 'server', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.serviceExecutionT1569Description', + { defaultMessage: 'Service Execution (T1569.002)' } + ), + id: 'T1569.002', + name: 'Service Execution', + reference: 'https://attack.mitre.org/techniques/T1569/002', + tactics: 'execution', + techniqueId: 'T1569', + value: 'serviceExecution', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.serviceExhaustionFloodT1499Description', + { defaultMessage: 'Service Exhaustion Flood (T1499.002)' } + ), + id: 'T1499.002', + name: 'Service Exhaustion Flood', + reference: 'https://attack.mitre.org/techniques/T1499/002', + tactics: 'impact', + techniqueId: 'T1499', + value: 'serviceExhaustionFlood', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.servicesFilePermissionsWeaknessT1574Description', + { defaultMessage: 'Services File Permissions Weakness (T1574.010)' } + ), + id: 'T1574.010', + name: 'Services File Permissions Weakness', + reference: 'https://attack.mitre.org/techniques/T1574/010', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'servicesFilePermissionsWeakness', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.servicesRegistryPermissionsWeaknessT1574Description', + { defaultMessage: 'Services Registry Permissions Weakness (T1574.011)' } + ), + id: 'T1574.011', + name: 'Services Registry Permissions Weakness', + reference: 'https://attack.mitre.org/techniques/T1574/011', + tactics: 'persistence,privilege-escalation,defense-evasion', + techniqueId: 'T1574', + value: 'servicesRegistryPermissionsWeakness', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.setuidAndSetgidT1548Description', + { defaultMessage: 'Setuid and Setgid (T1548.001)' } + ), + id: 'T1548.001', + name: 'Setuid and Setgid', + reference: 'https://attack.mitre.org/techniques/T1548/001', + tactics: 'privilege-escalation,defense-evasion', + techniqueId: 'T1548', + value: 'setuidAndSetgid', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.sharepointT1213Description', + { defaultMessage: 'Sharepoint (T1213.002)' } + ), + id: 'T1213.002', + name: 'Sharepoint', + reference: 'https://attack.mitre.org/techniques/T1213/002', + tactics: 'collection', + techniqueId: 'T1213', + value: 'sharepoint', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.shortcutModificationT1547Description', + { defaultMessage: 'Shortcut Modification (T1547.009)' } + ), + id: 'T1547.009', + name: 'Shortcut Modification', + reference: 'https://attack.mitre.org/techniques/T1547/009', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'shortcutModification', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.silverTicketT1558Description', + { defaultMessage: 'Silver Ticket (T1558.002)' } + ), + id: 'T1558.002', + name: 'Silver Ticket', + reference: 'https://attack.mitre.org/techniques/T1558/002', + tactics: 'credential-access', + techniqueId: 'T1558', + value: 'silverTicket', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.socialMediaT1593Description', + { defaultMessage: 'Social Media (T1593.001)' } + ), + id: 'T1593.001', + name: 'Social Media', + reference: 'https://attack.mitre.org/techniques/T1593/001', + tactics: 'reconnaissance', + techniqueId: 'T1593', + value: 'socialMedia', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.socialMediaAccountsT1585Description', + { defaultMessage: 'Social Media Accounts (T1585.001)' } + ), + id: 'T1585.001', + name: 'Social Media Accounts', + reference: 'https://attack.mitre.org/techniques/T1585/001', + tactics: 'resource-development', + techniqueId: 'T1585', + value: 'socialMediaAccounts', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.socialMediaAccountsT1586Description', + { defaultMessage: 'Social Media Accounts (T1586.001)' } + ), + id: 'T1586.001', + name: 'Social Media Accounts', + reference: 'https://attack.mitre.org/techniques/T1586/001', + tactics: 'resource-development', + techniqueId: 'T1586', + value: 'socialMediaAccounts', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.softwareT1592Description', + { defaultMessage: 'Software (T1592.002)' } + ), + id: 'T1592.002', + name: 'Software', + reference: 'https://attack.mitre.org/techniques/T1592/002', + tactics: 'reconnaissance', + techniqueId: 'T1592', + value: 'software', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.softwarePackingT1027Description', + { defaultMessage: 'Software Packing (T1027.002)' } + ), + id: 'T1027.002', + name: 'Software Packing', + reference: 'https://attack.mitre.org/techniques/T1027/002', + tactics: 'defense-evasion', + techniqueId: 'T1027', + value: 'softwarePacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.spaceAfterFilenameT1036Description', + { defaultMessage: 'Space after Filename (T1036.006)' } + ), + id: 'T1036.006', + name: 'Space after Filename', + reference: 'https://attack.mitre.org/techniques/T1036/006', + tactics: 'defense-evasion', + techniqueId: 'T1036', + value: 'spaceAfterFilename', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.spearphishingAttachmentT1566Description', + { defaultMessage: 'Spearphishing Attachment (T1566.001)' } + ), + id: 'T1566.001', + name: 'Spearphishing Attachment', + reference: 'https://attack.mitre.org/techniques/T1566/001', + tactics: 'initial-access', + techniqueId: 'T1566', + value: 'spearphishingAttachment', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.spearphishingAttachmentT1598Description', + { defaultMessage: 'Spearphishing Attachment (T1598.002)' } + ), + id: 'T1598.002', + name: 'Spearphishing Attachment', + reference: 'https://attack.mitre.org/techniques/T1598/002', + tactics: 'reconnaissance', + techniqueId: 'T1598', + value: 'spearphishingAttachment', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.spearphishingLinkT1566Description', + { defaultMessage: 'Spearphishing Link (T1566.002)' } + ), + id: 'T1566.002', + name: 'Spearphishing Link', + reference: 'https://attack.mitre.org/techniques/T1566/002', + tactics: 'initial-access', + techniqueId: 'T1566', + value: 'spearphishingLink', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.spearphishingLinkT1598Description', + { defaultMessage: 'Spearphishing Link (T1598.003)' } + ), + id: 'T1598.003', + name: 'Spearphishing Link', + reference: 'https://attack.mitre.org/techniques/T1598/003', + tactics: 'reconnaissance', + techniqueId: 'T1598', + value: 'spearphishingLink', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.spearphishingServiceT1598Description', + { defaultMessage: 'Spearphishing Service (T1598.001)' } + ), + id: 'T1598.001', + name: 'Spearphishing Service', + reference: 'https://attack.mitre.org/techniques/T1598/001', + tactics: 'reconnaissance', + techniqueId: 'T1598', + value: 'spearphishingService', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.spearphishingViaServiceT1566Description', + { defaultMessage: 'Spearphishing via Service (T1566.003)' } + ), + id: 'T1566.003', + name: 'Spearphishing via Service', + reference: 'https://attack.mitre.org/techniques/T1566/003', + tactics: 'initial-access', + techniqueId: 'T1566', + value: 'spearphishingViaService', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.standardEncodingT1132Description', + { defaultMessage: 'Standard Encoding (T1132.001)' } + ), + id: 'T1132.001', + name: 'Standard Encoding', + reference: 'https://attack.mitre.org/techniques/T1132/001', + tactics: 'command-and-control', + techniqueId: 'T1132', + value: 'standardEncoding', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.startupItemsT1037Description', + { defaultMessage: 'Startup Items (T1037.005)' } + ), + id: 'T1037.005', + name: 'Startup Items', + reference: 'https://attack.mitre.org/techniques/T1037/005', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1037', + value: 'startupItems', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.steganographyT1027Description', + { defaultMessage: 'Steganography (T1027.003)' } + ), + id: 'T1027.003', + name: 'Steganography', + reference: 'https://attack.mitre.org/techniques/T1027/003', + tactics: 'defense-evasion', + techniqueId: 'T1027', + value: 'steganography', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.steganographyT1001Description', + { defaultMessage: 'Steganography (T1001.002)' } + ), + id: 'T1001.002', + name: 'Steganography', + reference: 'https://attack.mitre.org/techniques/T1001/002', + tactics: 'command-and-control', + techniqueId: 'T1001', + value: 'steganography', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.storedDataManipulationT1565Description', + { defaultMessage: 'Stored Data Manipulation (T1565.001)' } + ), + id: 'T1565.001', + name: 'Stored Data Manipulation', + reference: 'https://attack.mitre.org/techniques/T1565/001', + tactics: 'impact', + techniqueId: 'T1565', + value: 'storedDataManipulation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.sudoAndSudoCachingT1548Description', + { defaultMessage: 'Sudo and Sudo Caching (T1548.003)' } + ), + id: 'T1548.003', + name: 'Sudo and Sudo Caching', + reference: 'https://attack.mitre.org/techniques/T1548/003', + tactics: 'privilege-escalation,defense-evasion', + techniqueId: 'T1548', + value: 'sudoAndSudoCaching', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.symmetricCryptographyT1573Description', + { defaultMessage: 'Symmetric Cryptography (T1573.001)' } + ), + id: 'T1573.001', + name: 'Symmetric Cryptography', + reference: 'https://attack.mitre.org/techniques/T1573/001', + tactics: 'command-and-control', + techniqueId: 'T1573', + value: 'symmetricCryptography', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.systemChecksT1497Description', + { defaultMessage: 'System Checks (T1497.001)' } + ), + id: 'T1497.001', + name: 'System Checks', + reference: 'https://attack.mitre.org/techniques/T1497/001', + tactics: 'defense-evasion,discovery', + techniqueId: 'T1497', + value: 'systemChecks', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.systemFirmwareT1542Description', + { defaultMessage: 'System Firmware (T1542.001)' } + ), + id: 'T1542.001', + name: 'System Firmware', + reference: 'https://attack.mitre.org/techniques/T1542/001', + tactics: 'persistence,defense-evasion', + techniqueId: 'T1542', + value: 'systemFirmware', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.systemdServiceT1543Description', + { defaultMessage: 'Systemd Service (T1543.002)' } + ), + id: 'T1543.002', + name: 'Systemd Service', + reference: 'https://attack.mitre.org/techniques/T1543/002', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1543', + value: 'systemdService', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.systemdTimersT1053Description', + { defaultMessage: 'Systemd Timers (T1053.006)' } + ), + id: 'T1053.006', + name: 'Systemd Timers', + reference: 'https://attack.mitre.org/techniques/T1053/006', + tactics: 'execution,persistence,privilege-escalation', + techniqueId: 'T1053', + value: 'systemdTimers', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.tftpBootT1542Description', + { defaultMessage: 'TFTP Boot (T1542.005)' } + ), + id: 'T1542.005', + name: 'TFTP Boot', + reference: 'https://attack.mitre.org/techniques/T1542/005', + tactics: 'defense-evasion,persistence', + techniqueId: 'T1542', + value: 'tftpBoot', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.threadExecutionHijackingT1055Description', + { defaultMessage: 'Thread Execution Hijacking (T1055.003)' } + ), + id: 'T1055.003', + name: 'Thread Execution Hijacking', + reference: 'https://attack.mitre.org/techniques/T1055/003', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'threadExecutionHijacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.threadLocalStorageT1055Description', + { defaultMessage: 'Thread Local Storage (T1055.005)' } + ), + id: 'T1055.005', + name: 'Thread Local Storage', + reference: 'https://attack.mitre.org/techniques/T1055/005', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'threadLocalStorage', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.threatIntelVendorsT1597Description', + { defaultMessage: 'Threat Intel Vendors (T1597.001)' } + ), + id: 'T1597.001', + name: 'Threat Intel Vendors', + reference: 'https://attack.mitre.org/techniques/T1597/001', + tactics: 'reconnaissance', + techniqueId: 'T1597', + value: 'threatIntelVendors', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.timeBasedEvasionT1497Description', + { defaultMessage: 'Time Based Evasion (T1497.003)' } + ), + id: 'T1497.003', + name: 'Time Based Evasion', + reference: 'https://attack.mitre.org/techniques/T1497/003', + tactics: 'defense-evasion,discovery', + techniqueId: 'T1497', + value: 'timeBasedEvasion', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.timeProvidersT1547Description', + { defaultMessage: 'Time Providers (T1547.003)' } + ), + id: 'T1547.003', + name: 'Time Providers', + reference: 'https://attack.mitre.org/techniques/T1547/003', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'timeProviders', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.timestompT1070Description', + { defaultMessage: 'Timestomp (T1070.006)' } + ), + id: 'T1070.006', + name: 'Timestomp', + reference: 'https://attack.mitre.org/techniques/T1070/006', + tactics: 'defense-evasion', + techniqueId: 'T1070', + value: 'timestomp', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.tokenImpersonationTheftT1134Description', + { defaultMessage: 'Token Impersonation/Theft (T1134.001)' } + ), + id: 'T1134.001', + name: 'Token Impersonation/Theft', + reference: 'https://attack.mitre.org/techniques/T1134/001', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1134', + value: 'tokenImpersonationTheft', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.toolT1588Description', + { defaultMessage: 'Tool (T1588.002)' } + ), + id: 'T1588.002', + name: 'Tool', + reference: 'https://attack.mitre.org/techniques/T1588/002', + tactics: 'resource-development', + techniqueId: 'T1588', + value: 'tool', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.trafficDuplicationT1020Description', + { defaultMessage: 'Traffic Duplication (T1020.001)' } + ), + id: 'T1020.001', + name: 'Traffic Duplication', + reference: 'https://attack.mitre.org/techniques/T1020/001', + tactics: 'exfiltration', + techniqueId: 'T1020', + value: 'trafficDuplication', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.transmittedDataManipulationT1565Description', + { defaultMessage: 'Transmitted Data Manipulation (T1565.002)' } + ), + id: 'T1565.002', + name: 'Transmitted Data Manipulation', + reference: 'https://attack.mitre.org/techniques/T1565/002', + tactics: 'impact', + techniqueId: 'T1565', + value: 'transmittedDataManipulation', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.transportAgentT1505Description', + { defaultMessage: 'Transport Agent (T1505.002)' } + ), + id: 'T1505.002', + name: 'Transport Agent', + reference: 'https://attack.mitre.org/techniques/T1505/002', + tactics: 'persistence', + techniqueId: 'T1505', + value: 'transportAgent', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.trapT1546Description', + { defaultMessage: 'Trap (T1546.005)' } + ), + id: 'T1546.005', + name: 'Trap', + reference: 'https://attack.mitre.org/techniques/T1546/005', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', + value: 'trap', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.unixShellT1059Description', + { defaultMessage: 'Unix Shell (T1059.004)' } + ), + id: 'T1059.004', + name: 'Unix Shell', + reference: 'https://attack.mitre.org/techniques/T1059/004', + tactics: 'execution', + techniqueId: 'T1059', + value: 'unixShell', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.userActivityBasedChecksT1497Description', + { defaultMessage: 'User Activity Based Checks (T1497.002)' } + ), + id: 'T1497.002', + name: 'User Activity Based Checks', + reference: 'https://attack.mitre.org/techniques/T1497/002', + tactics: 'defense-evasion,discovery', + techniqueId: 'T1497', + value: 'userActivityBasedChecks', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.vbaStompingT1564Description', + { defaultMessage: 'VBA Stomping (T1564.007)' } + ), + id: 'T1564.007', + name: 'VBA Stomping', + reference: 'https://attack.mitre.org/techniques/T1564/007', + tactics: 'defense-evasion', + techniqueId: 'T1564', + value: 'vbaStomping', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.vdsoHijackingT1055Description', + { defaultMessage: 'VDSO Hijacking (T1055.014)' } + ), + id: 'T1055.014', + name: 'VDSO Hijacking', + reference: 'https://attack.mitre.org/techniques/T1055/014', + tactics: 'defense-evasion,privilege-escalation', + techniqueId: 'T1055', + value: 'vdsoHijacking', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.vncT1021Description', + { defaultMessage: 'VNC (T1021.005)' } + ), + id: 'T1021.005', + name: 'VNC', + reference: 'https://attack.mitre.org/techniques/T1021/005', + tactics: 'lateral-movement', + techniqueId: 'T1021', + value: 'vnc', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.verclsidT1218Description', + { defaultMessage: 'Verclsid (T1218.012)' } + ), + id: 'T1218.012', + name: 'Verclsid', + reference: 'https://attack.mitre.org/techniques/T1218/012', + tactics: 'defense-evasion', + techniqueId: 'T1218', + value: 'verclsid', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.virtualPrivateServerT1583Description', + { defaultMessage: 'Virtual Private Server (T1583.003)' } + ), + id: 'T1583.003', + name: 'Virtual Private Server', + reference: 'https://attack.mitre.org/techniques/T1583/003', + tactics: 'resource-development', + techniqueId: 'T1583', + value: 'virtualPrivateServer', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.virtualPrivateServerT1584Description', + { defaultMessage: 'Virtual Private Server (T1584.003)' } + ), + id: 'T1584.003', + name: 'Virtual Private Server', + reference: 'https://attack.mitre.org/techniques/T1584/003', + tactics: 'resource-development', + techniqueId: 'T1584', + value: 'virtualPrivateServer', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.visualBasicT1059Description', + { defaultMessage: 'Visual Basic (T1059.005)' } + ), + id: 'T1059.005', + name: 'Visual Basic', + reference: 'https://attack.mitre.org/techniques/T1059/005', + tactics: 'execution', + techniqueId: 'T1059', + value: 'visualBasic', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.vulnerabilitiesT1588Description', + { defaultMessage: 'Vulnerabilities (T1588.006)' } + ), + id: 'T1588.006', + name: 'Vulnerabilities', + reference: 'https://attack.mitre.org/techniques/T1588/006', + tactics: 'resource-development', + techniqueId: 'T1588', + value: 'vulnerabilities', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.vulnerabilityScanningT1595Description', + { defaultMessage: 'Vulnerability Scanning (T1595.002)' } + ), + id: 'T1595.002', + name: 'Vulnerability Scanning', + reference: 'https://attack.mitre.org/techniques/T1595/002', + tactics: 'reconnaissance', + techniqueId: 'T1595', + value: 'vulnerabilityScanning', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.whoisT1596Description', + { defaultMessage: 'WHOIS (T1596.002)' } + ), + id: 'T1596.002', + name: 'WHOIS', + reference: 'https://attack.mitre.org/techniques/T1596/002', + tactics: 'reconnaissance', + techniqueId: 'T1596', + value: 'whois', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.webPortalCaptureT1056Description', + { defaultMessage: 'Web Portal Capture (T1056.003)' } + ), + id: 'T1056.003', + name: 'Web Portal Capture', + reference: 'https://attack.mitre.org/techniques/T1056/003', + tactics: 'collection,credential-access', + techniqueId: 'T1056', + value: 'webPortalCapture', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.webProtocolsT1071Description', + { defaultMessage: 'Web Protocols (T1071.001)' } + ), + id: 'T1071.001', + name: 'Web Protocols', + reference: 'https://attack.mitre.org/techniques/T1071/001', + tactics: 'command-and-control', + techniqueId: 'T1071', + value: 'webProtocols', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.webServicesT1583Description', + { defaultMessage: 'Web Services (T1583.006)' } + ), + id: 'T1583.006', + name: 'Web Services', + reference: 'https://attack.mitre.org/techniques/T1583/006', + tactics: 'resource-development', + techniqueId: 'T1583', + value: 'webServices', + }, + { + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.webServicesT1584Description', + { defaultMessage: 'Web Services (T1584.006)' } + ), + id: 'T1584.006', + name: 'Web Services', + reference: 'https://attack.mitre.org/techniques/T1584/006', + tactics: 'resource-development', + techniqueId: 'T1584', + value: 'webServices', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.webSessionCookieDescription', - { defaultMessage: 'Web Session Cookie (T1506)' } + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.webSessionCookieT1550Description', + { defaultMessage: 'Web Session Cookie (T1550.004)' } ), - id: 'T1506', + id: 'T1550.004', name: 'Web Session Cookie', - reference: 'https://attack.mitre.org/techniques/T1506', + reference: 'https://attack.mitre.org/techniques/T1550/004', tactics: 'defense-evasion,lateral-movement', + techniqueId: 'T1550', value: 'webSessionCookie', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.webShellDescription', - { defaultMessage: 'Web Shell (T1100)' } + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.webShellT1505Description', + { defaultMessage: 'Web Shell (T1505.003)' } ), - id: 'T1100', + id: 'T1505.003', name: 'Web Shell', - reference: 'https://attack.mitre.org/techniques/T1100', - tactics: 'persistence,privilege-escalation', + reference: 'https://attack.mitre.org/techniques/T1505/003', + tactics: 'persistence', + techniqueId: 'T1505', value: 'webShell', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsAdminSharesDescription', - { defaultMessage: 'Windows Admin Shares (T1077)' } + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.windowsCommandShellT1059Description', + { defaultMessage: 'Windows Command Shell (T1059.003)' } ), - id: 'T1077', - name: 'Windows Admin Shares', - reference: 'https://attack.mitre.org/techniques/T1077', - tactics: 'lateral-movement', - value: 'windowsAdminShares', + id: 'T1059.003', + name: 'Windows Command Shell', + reference: 'https://attack.mitre.org/techniques/T1059/003', + tactics: 'execution', + techniqueId: 'T1059', + value: 'windowsCommandShell', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsManagementInstrumentationDescription', - { defaultMessage: 'Windows Management Instrumentation (T1047)' } + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.windowsFileAndDirectoryPermissionsModificationT1222Description', + { defaultMessage: 'Windows File and Directory Permissions Modification (T1222.001)' } ), - id: 'T1047', - name: 'Windows Management Instrumentation', - reference: 'https://attack.mitre.org/techniques/T1047', - tactics: 'execution', - value: 'windowsManagementInstrumentation', + id: 'T1222.001', + name: 'Windows File and Directory Permissions Modification', + reference: 'https://attack.mitre.org/techniques/T1222/001', + tactics: 'defense-evasion', + techniqueId: 'T1222', + value: 'windowsFileAndDirectoryPermissionsModification', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsManagementInstrumentationEventSubscriptionDescription', - { defaultMessage: 'Windows Management Instrumentation Event Subscription (T1084)' } + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.windowsManagementInstrumentationEventSubscriptionT1546Description', + { defaultMessage: 'Windows Management Instrumentation Event Subscription (T1546.003)' } ), - id: 'T1084', + id: 'T1546.003', name: 'Windows Management Instrumentation Event Subscription', - reference: 'https://attack.mitre.org/techniques/T1084', - tactics: 'persistence', + reference: 'https://attack.mitre.org/techniques/T1546/003', + tactics: 'privilege-escalation,persistence', + techniqueId: 'T1546', value: 'windowsManagementInstrumentationEventSubscription', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsRemoteManagementDescription', - { defaultMessage: 'Windows Remote Management (T1028)' } + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.windowsRemoteManagementT1021Description', + { defaultMessage: 'Windows Remote Management (T1021.006)' } ), - id: 'T1028', + id: 'T1021.006', name: 'Windows Remote Management', - reference: 'https://attack.mitre.org/techniques/T1028', - tactics: 'execution,lateral-movement', + reference: 'https://attack.mitre.org/techniques/T1021/006', + tactics: 'lateral-movement', + techniqueId: 'T1021', value: 'windowsRemoteManagement', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.winlogonHelperDllDescription', - { defaultMessage: 'Winlogon Helper DLL (T1004)' } + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.windowsServiceT1543Description', + { defaultMessage: 'Windows Service (T1543.003)' } ), - id: 'T1004', - name: 'Winlogon Helper DLL', - reference: 'https://attack.mitre.org/techniques/T1004', - tactics: 'persistence', - value: 'winlogonHelperDll', + id: 'T1543.003', + name: 'Windows Service', + reference: 'https://attack.mitre.org/techniques/T1543/003', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1543', + value: 'windowsService', }, { label: i18n.translate( - 'xpack.securitySolution.detectionEngine.mitreAttackTechniques.xslScriptProcessingDescription', - { defaultMessage: 'XSL Script Processing (T1220)' } + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.winlogonHelperDllT1547Description', + { defaultMessage: 'Winlogon Helper DLL (T1547.004)' } ), - id: 'T1220', - name: 'XSL Script Processing', - reference: 'https://attack.mitre.org/techniques/T1220', - tactics: 'defense-evasion,execution', - value: 'xslScriptProcessing', + id: 'T1547.004', + name: 'Winlogon Helper DLL', + reference: 'https://attack.mitre.org/techniques/T1547/004', + tactics: 'persistence,privilege-escalation', + techniqueId: 'T1547', + value: 'winlogonHelperDll', }, ]; + +/** + * A full object of Mitre Attack Threat data that is taken directly from the `mitre_tactics_techniques.ts` file + * + * Is built alongside and sampled from the data in the file so to always be valid with the most up to date MITRE ATT&CK data + */ +export const mockThreatData = { + tactic: { + name: 'Privilege Escalation', + id: 'TA0004', + reference: 'https://attack.mitre.org/tactics/TA0004', + }, + technique: { + name: 'Event Triggered Execution', + id: 'T1546', + reference: 'https://attack.mitre.org/techniques/T1546', + tactics: ['privilege-escalation', 'persistence'], + }, + subtechnique: { + name: '.bash_profile and .bashrc', + id: 'T1546.004', + reference: 'https://attack.mitre.org/techniques/T1546/004', + tactics: ['privilege-escalation', 'persistence'], + techniqueId: 'T1546', + }, +}; diff --git a/x-pack/plugins/security_solution/public/detections/mitre/types.ts b/x-pack/plugins/security_solution/public/detections/mitre/types.ts index a1e7a2e66ab83..9e941339d6b13 100644 --- a/x-pack/plugins/security_solution/public/detections/mitre/types.ts +++ b/x-pack/plugins/security_solution/public/detections/mitre/types.ts @@ -19,3 +19,7 @@ export interface MitreTechniquesOptions extends MitreOptions { label: string; tactics: string; } + +export interface MitreSubtechniquesOptions extends MitreTechniquesOptions { + techniqueId: string; +} diff --git a/x-pack/plugins/security_solution/public/detections/mitre/valid_threat_mock.ts b/x-pack/plugins/security_solution/public/detections/mitre/valid_threat_mock.ts new file mode 100644 index 0000000000000..1694ff3fddd3b --- /dev/null +++ b/x-pack/plugins/security_solution/public/detections/mitre/valid_threat_mock.ts @@ -0,0 +1,25 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Threat } from '../../../common/detection_engine/schemas/common/schemas'; +import { mockThreatData } from './mitre_tactics_techniques'; + +const { tactic, technique, subtechnique } = mockThreatData; +const { tactics, ...mockTechnique } = technique; +const { tactics: subtechniqueTactics, ...mockSubtechnique } = subtechnique; + +export const getValidThreat = (): Threat => [ + { + framework: 'MITRE ATT&CK', + tactic, + technique: [ + { + ...mockTechnique, + subtechnique: [mockSubtechnique], + }, + ], + }, +]; diff --git a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/all/__mocks__/mock.ts b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/all/__mocks__/mock.ts index 5851177a4e4ab..15e74287d56f3 100644 --- a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/all/__mocks__/mock.ts +++ b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/all/__mocks__/mock.ts @@ -9,6 +9,7 @@ import { Rule, RuleError } from '../../../../../containers/detection_engine/rule import { AboutStepRule, ActionsStepRule, DefineStepRule, ScheduleStepRule } from '../../types'; import { FieldValueQueryBar } from '../../../../../components/rules/query_bar'; import { fillEmptySeverityMappings } from '../../helpers'; +import { getThreatMock } from '../../../../../../../common/detection_engine/schemas/types/threat.mock'; export const mockQueryBar: FieldValueQueryBar = { query: { @@ -137,23 +138,7 @@ export const mockRuleWithEverything = (id: string): Rule => ({ tags: ['tag1', 'tag2'], to: 'now', type: 'saved_query', - threat: [ - { - framework: 'mockFramework', - tactic: { - id: '1234', - name: 'tactic1', - reference: 'reference1', - }, - technique: [ - { - id: '456', - name: 'technique1', - reference: 'technique reference', - }, - ], - }, - ], + threat: getThreatMock(), threshold: { field: 'host.name', value: 50, @@ -179,23 +164,7 @@ export const mockAboutStepRule = (): AboutStepRule => ({ references: ['www.test.co'], falsePositives: ['test'], tags: ['tag1', 'tag2'], - threat: [ - { - framework: 'mockFramework', - tactic: { - id: '1234', - name: 'tactic1', - reference: 'reference1', - }, - technique: [ - { - id: '456', - name: 'technique1', - reference: 'technique reference', - }, - ], - }, - ], + threat: getThreatMock(), note: '# this is some markdown documentation', }); diff --git a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.test.ts b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.test.ts index 239d885bfc157..1b4934cf7c9ec 100644 --- a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.test.ts +++ b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.test.ts @@ -20,6 +20,7 @@ import { ActionsStepRule, ScheduleStepRule, DefineStepRule, + IMitreEnterpriseAttack, } from '../types'; import { getTimeTypeValue, @@ -29,6 +30,7 @@ import { formatActionsStepData, formatRule, filterRuleFieldsForType, + filterEmptyThreats, } from './helpers'; import { mockDefineStepRule, @@ -37,6 +39,7 @@ import { mockAboutStepRule, mockActionsStepRule, } from '../all/__mocks__/mock'; +import { getThreatMock } from '../../../../../../common/detection_engine/schemas/types/threat.mock'; describe('helpers', () => { describe('getTimeTypeValue', () => { @@ -83,6 +86,24 @@ describe('helpers', () => { }); }); + describe('filterEmptyThreats', () => { + let mockThreat: IMitreEnterpriseAttack; + + beforeEach(() => { + mockThreat = mockAboutStepRule().threat[0]; + }); + + test('filters out fields with empty tactics', () => { + const threat: IMitreEnterpriseAttack[] = [ + mockThreat, + { ...mockThreat, tactic: { ...mockThreat.tactic, name: 'none' } }, + ]; + const result = filterEmptyThreats(threat); + const expected = [mockThreat]; + expect(result).toEqual(expected); + }); + }); + describe('formatDefineStepData', () => { let mockData: DefineStepRule; @@ -385,23 +406,7 @@ describe('helpers', () => { severity: 'low', severity_mapping: [], tags: ['tag1', 'tag2'], - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: '1234', - name: 'tactic1', - reference: 'reference1', - }, - technique: [ - { - id: '456', - name: 'technique1', - reference: 'technique reference', - }, - ], - }, - ], + threat: getThreatMock(), }; expect(result).toEqual(expected); @@ -472,23 +477,7 @@ describe('helpers', () => { severity: 'low', severity_mapping: [], tags: ['tag1', 'tag2'], - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: '1234', - name: 'tactic1', - reference: 'reference1', - }, - technique: [ - { - id: '456', - name: 'technique1', - reference: 'technique reference', - }, - ], - }, - ], + threat: getThreatMock(), }; expect(result).toEqual(expected); @@ -512,12 +501,22 @@ describe('helpers', () => { severity: 'low', severity_mapping: [], tags: ['tag1', 'tag2'], + threat: getThreatMock(), + }; + + expect(result).toEqual(expected); + }); + + test('returns formatted object with threats filtered out where tactic.name is "none"', () => { + const mockStepData = { + ...mockData, threat: [ + ...getThreatMock(), { - framework: 'MITRE ATT&CK', + framework: 'mockFramework', tactic: { id: '1234', - name: 'tactic1', + name: 'none', reference: 'reference1', }, technique: [ @@ -525,19 +524,37 @@ describe('helpers', () => { id: '456', name: 'technique1', reference: 'technique reference', + subtechnique: [], }, ], }, ], }; + const result: AboutStepRuleJson = formatAboutStepData(mockStepData); + const expected = { + author: ['Elastic'], + license: 'Elastic License', + description: '24/7', + false_positives: ['test'], + name: 'Query with rule-id', + note: '# this is some markdown documentation', + references: ['www.test.co'], + risk_score: 21, + risk_score_mapping: [], + severity: 'low', + severity_mapping: [], + tags: ['tag1', 'tag2'], + threat: getThreatMock(), + }; expect(result).toEqual(expected); }); - test('returns formatted object with threats filtered out where tactic.name is "none"', () => { + test('returns formatted object with threats that contains no subtechniques', () => { const mockStepData = { ...mockData, threat: [ + ...getThreatMock(), { framework: 'mockFramework', tactic: { @@ -550,21 +567,7 @@ describe('helpers', () => { id: '456', name: 'technique1', reference: 'technique reference', - }, - ], - }, - { - framework: 'mockFramework', - tactic: { - id: '1234', - name: 'none', - reference: 'reference1', - }, - technique: [ - { - id: '456', - name: 'technique1', - reference: 'technique reference', + subtechnique: [], }, ], }, @@ -585,10 +588,13 @@ describe('helpers', () => { severity_mapping: [], tags: ['tag1', 'tag2'], threat: [ + ...getThreatMock(), { framework: 'MITRE ATT&CK', tactic: { id: '1234', name: 'tactic1', reference: 'reference1' }, - technique: [{ id: '456', name: 'technique1', reference: 'technique reference' }], + technique: [ + { id: '456', name: 'technique1', reference: 'technique reference', subtechnique: [] }, + ], }, ], }; diff --git a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts index 540fdc6bc75f5..4f25c33fad92d 100644 --- a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts +++ b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts @@ -27,6 +27,9 @@ import { ActionsStepRuleJson, RuleStepsFormData, RuleStep, + IMitreEnterpriseAttack, + IMitreAttack, + IMitreAttackTechnique, } from '../types'; export const getTimeTypeValue = (time: string): { unit: string; value: number } => { @@ -161,6 +164,32 @@ export const filterRuleFieldsForType = >( assertUnreachable(type); }; +function trimThreatsWithNoName( + filterable: T[] +): T[] { + return filterable.filter((item) => item.name !== 'none'); +} + +/** + * Filter out unfilled/empty threat, technique, and subtechnique fields based on if their name is `none` + */ +export const filterEmptyThreats = (threats: IMitreEnterpriseAttack[]): IMitreEnterpriseAttack[] => { + return threats + .filter((singleThreat) => singleThreat.tactic.name !== 'none') + .map((threat) => { + return { + ...threat, + technique: trimThreatsWithNoName(threat.technique).map((technique) => { + return { + ...technique, + subtechnique: + technique.subtechnique != null ? trimThreatsWithNoName(technique.subtechnique) : [], + }; + }), + }; + }); +}; + export const formatDefineStepData = (defineStepData: DefineStepRule): DefineStepRuleJson => { const ruleFields = filterRuleFieldsForType(defineStepData, defineStepData.ruleType); const { ruleType, timeline } = ruleFields; @@ -293,16 +322,10 @@ export const formatAboutStepData = ( severity_mapping: severity.isMappingChecked ? severity.mapping.filter((m) => m.field != null && m.field !== '' && m.value != null) : [], - threat: threat - .filter((singleThreat) => singleThreat.tactic.name !== 'none') - .map((singleThreat) => ({ - ...singleThreat, - framework: 'MITRE ATT&CK', - technique: singleThreat.technique.map((technique) => { - const { id, name, reference } = technique; - return { id, name, reference }; - }), - })), + threat: filterEmptyThreats(threat).map((singleThreat) => ({ + ...singleThreat, + framework: 'MITRE ATT&CK', + })), timestamp_override: timestampOverride !== '' ? timestampOverride : undefined, ...(!isEmpty(note) ? { note } : {}), ...rest, diff --git a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/helpers.test.tsx b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/helpers.test.tsx index a327f8498f7c0..5c3335c5500fe 100644 --- a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/helpers.test.tsx +++ b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/helpers.test.tsx @@ -29,6 +29,7 @@ import { ScheduleStepRule, ActionsStepRule, } from './types'; +import { getThreatMock } from '../../../../../common/detection_engine/schemas/types/threat.mock'; describe('rule helpers', () => { // @ts-ignore @@ -112,23 +113,7 @@ describe('rule helpers', () => { ruleNameOverride: 'message', severity: { value: 'low', mapping: fillEmptySeverityMappings([]), isMappingChecked: false }, tags: ['tag1', 'tag2'], - threat: [ - { - framework: 'mockFramework', - tactic: { - id: '1234', - name: 'tactic1', - reference: 'reference1', - }, - technique: [ - { - id: '456', - name: 'technique1', - reference: 'technique reference', - }, - ], - }, - ], + threat: getThreatMock(), timestampOverride: 'event.ingested', }; const scheduleRuleStepData = { from: '0s', interval: '5m' }; diff --git a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/types.ts b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/types.ts index f2afe32b1e12c..5fe529a5b77bb 100644 --- a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/types.ts +++ b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/types.ts @@ -202,8 +202,16 @@ export interface IMitreAttack { name: string; reference: string; } + +export interface IMitreAttackTechnique { + id: string; + name: string; + reference: string; + subtechnique?: IMitreAttack[]; +} + export interface IMitreEnterpriseAttack { framework: string; tactic: IMitreAttack; - technique: IMitreAttack[]; + technique: IMitreAttackTechnique[]; } diff --git a/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js b/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js index aa4112d8a6f97..5aa301a4dbe65 100644 --- a/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js +++ b/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js @@ -10,13 +10,12 @@ const fs = require('fs'); // eslint-disable-next-line import/no-extraneous-dependencies const fetch = require('node-fetch'); // eslint-disable-next-line import/no-extraneous-dependencies -const { camelCase } = require('lodash'); +const { camelCase, startCase } = require('lodash'); const { resolve } = require('path'); const OUTPUT_DIRECTORY = resolve('public', 'detections', 'mitre'); -// Revert to https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json once we support sub-techniques const MITRE_ENTERPRISE_ATTACK_URL = - 'https://raw.githubusercontent.com/mitre/cti/ATT%26CK-v6.3/enterprise-attack/enterprise-attack.json'; + 'https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json'; const getTacticsOptions = (tactics) => tactics.map((t) => @@ -49,6 +48,24 @@ const getTechniquesOptions = (techniques) => }`.replace(/(\r\n|\n|\r)/gm, ' ') ); +const getSubtechniquesOptions = (subtechniques) => + subtechniques.map((t) => + `{ + label: i18n.translate( + 'xpack.securitySolution.detectionEngine.mitreAttackSubtechniques.${camelCase(t.name)}${ + t.techniqueId // Seperates subtechniques that have the same name but belong to different techniques + }Description', { + defaultMessage: '${t.name} (${t.id})' + }), + id: '${t.id}', + name: '${t.name}', + reference: '${t.reference}', + tactics: '${t.tactics.join()}', + techniqueId: '${t.techniqueId}', + value: '${camelCase(t.name)}' +}`.replace(/(\r\n|\n|\r)/gm, ' ') + ); + const getIdReference = (references) => references.reduce( (obj, extRef) => { @@ -63,6 +80,20 @@ const getIdReference = (references) => { id: '', reference: '' } ); +const buildMockThreatData = (tactics, techniques, subtechniques) => { + const subtechnique = subtechniques[0]; + const technique = techniques.find((technique) => technique.id === subtechnique.techniqueId); + const tactic = tactics.find( + (tactic) => tactic.name === startCase(camelCase(technique.tactics[0])) + ); + + return { + tactic, + technique, + subtechnique, + }; +}; + async function main() { fetch(MITRE_ENTERPRISE_ATTACK_URL) .then((res) => res.json()) @@ -83,7 +114,29 @@ async function main() { ]; }, []); const techniques = mitreData - .filter((obj) => obj.type === 'attack-pattern') + .filter((obj) => obj.type === 'attack-pattern' && obj.x_mitre_is_subtechnique === false) + .reduce((acc, item) => { + let tactics = []; + const { id, reference } = getIdReference(item.external_references); + if (item.kill_chain_phases != null && item.kill_chain_phases.length > 0) { + item.kill_chain_phases.forEach((tactic) => { + tactics = [...tactics, tactic.phase_name]; + }); + } + + return [ + ...acc, + { + name: item.name, + id, + reference, + tactics, + }, + ]; + }, []); + + const subtechniques = mitreData + .filter((obj) => obj.x_mitre_is_subtechnique === true) .reduce((acc, item) => { let tactics = []; const { id, reference } = getIdReference(item.external_references); @@ -92,6 +145,7 @@ async function main() { tactics = [...tactics, tactic.phase_name]; }); } + const techniqueId = id.split('.')[0]; return [ ...acc, @@ -100,6 +154,7 @@ async function main() { id, reference, tactics, + techniqueId, }, ]; }, []); @@ -112,7 +167,7 @@ async function main() { import { i18n } from '@kbn/i18n'; - import { MitreTacticsOptions, MitreTechniquesOptions } from './types'; + import { MitreTacticsOptions, MitreTechniquesOptions, MitreSubtechniquesOptions } from './types'; export const tactics = ${JSON.stringify(tactics, null, 2)}; @@ -127,6 +182,26 @@ async function main() { ${JSON.stringify(getTechniquesOptions(techniques), null, 2) .replace(/}"/g, '}') .replace(/"{/g, '{')}; + + export const subtechniques = ${JSON.stringify(subtechniques, null, 2)}; + + export const subtechniquesOptions: MitreSubtechniquesOptions[] = + ${JSON.stringify(getSubtechniquesOptions(subtechniques), null, 2) + .replace(/}"/g, '}') + .replace(/"{/g, '{')}; + + /** + * A full object of Mitre Attack Threat data that is taken directly from the \`mitre_tactics_techniques.ts\` file + * + * Is built alongside and sampled from the data in the file so to always be valid with the most up to date MITRE ATT&CK data + */ + export const mockThreatData = ${JSON.stringify( + buildMockThreatData(tactics, techniques, subtechniques), + null, + 2 + ) + .replace(/}"/g, '}') + .replace(/"{/g, '{')}; `; fs.writeFileSync(`${OUTPUT_DIRECTORY}/mitre_tactics_techniques.ts`, body, 'utf-8'); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts index e1859a57a8f81..73e4845924acf 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts @@ -29,6 +29,7 @@ import { SetSignalsStatusSchemaDecoded } from '../../../../../common/detection_e import { getCreateRulesSchemaMock } from '../../../../../common/detection_engine/schemas/request/rule_schemas.mock'; import { getListArrayMock } from '../../../../../common/detection_engine/schemas/types/lists.mock'; import { EqlSearchResponse } from '../../../../../common/detection_engine/types'; +import { getThreatMock } from '../../../../../common/detection_engine/schemas/types/threat.mock'; export const typicalSetStatusSignalByIdsPayload = (): SetSignalsStatusSchemaDecoded => ({ signal_ids: ['somefakeid1', 'somefakeid2'], @@ -379,23 +380,7 @@ export const getResult = (): RuleAlertType => ({ severityMapping: [], to: 'now', type: 'query', - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: 'TA0040', - name: 'impact', - reference: 'https://attack.mitre.org/tactics/TA0040/', - }, - technique: [ - { - id: 'T1499', - name: 'endpoint denial of service', - reference: 'https://attack.mitre.org/techniques/T1499/', - }, - ], - }, - ], + threat: getThreatMock(), threshold: undefined, timestampOverride: undefined, threatFilters: undefined, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/utils.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/utils.ts index 87903d1035903..91589edec9aca 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/utils.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/utils.ts @@ -9,6 +9,7 @@ import { Readable } from 'stream'; import { HapiReadableStream } from '../../rules/types'; import { RulesSchema } from '../../../../../common/detection_engine/schemas/response/rules_schema'; import { getListArrayMock } from '../../../../../common/detection_engine/schemas/types/lists.mock'; +import { getThreatMock } from '../../../../../common/detection_engine/schemas/types/threat.mock'; /** * Given a string, builds a hapi stream as our @@ -64,23 +65,7 @@ export const getOutputRuleAlertForRest = (): Omit< updated_by: 'elastic', tags: [], throttle: 'no_actions', - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: 'TA0040', - name: 'impact', - reference: 'https://attack.mitre.org/tactics/TA0040/', - }, - technique: [ - { - id: 'T1499', - name: 'endpoint denial of service', - reference: 'https://attack.mitre.org/techniques/T1499/', - }, - ], - }, - ], + threat: getThreatMock(), exceptions_list: getListArrayMock(), filters: [ { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts index 8ea1faa84cfba..664b215549327 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts @@ -7,7 +7,7 @@ import signalsMapping from './signals_mapping.json'; import ecsMapping from './ecs_mapping.json'; -export const SIGNALS_TEMPLATE_VERSION = 3; +export const SIGNALS_TEMPLATE_VERSION = 13; export const MIN_EQL_RULE_INDEX_VERSION = 2; export const getSignalsTemplate = (index: string) => { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json index 96868e62ea978..890505e9693c4 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json @@ -201,6 +201,19 @@ }, "reference": { "type": "keyword" + }, + "subtechnique": { + "properties": { + "id": { + "type": "keyword" + }, + "name": { + "type": "keyword" + }, + "reference": { + "type": "keyword" + } + } } } } diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/validate.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/validate.test.ts index 6bdbfedf625dd..8653bdc0427e4 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/validate.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/validate.test.ts @@ -14,6 +14,7 @@ import { BulkError } from '../utils'; import { RulesSchema } from '../../../../../common/detection_engine/schemas/response'; import { getResult, getFindResultStatus } from '../__mocks__/request_responses'; import { getListArrayMock } from '../../../../../common/detection_engine/schemas/types/lists.mock'; +import { getThreatMock } from '../../../../../common/detection_engine/schemas/types/threat.mock'; export const ruleOutput = (): RulesSchema => ({ actions: [], @@ -45,23 +46,7 @@ export const ruleOutput = (): RulesSchema => ({ to: 'now', type: 'query', throttle: 'no_actions', - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: 'TA0040', - name: 'impact', - reference: 'https://attack.mitre.org/tactics/TA0040/', - }, - technique: [ - { - id: 'T1499', - name: 'endpoint denial of service', - reference: 'https://attack.mitre.org/techniques/T1499/', - }, - ], - }, - ], + threat: getThreatMock(), version: 1, filters: [ { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_all.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_all.test.ts index 13ca78431c9d9..a78163c0770c0 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_all.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_all.test.ts @@ -12,6 +12,7 @@ import { import { alertsClientMock } from '../../../../../alerts/server/mocks'; import { getExportAll } from './get_export_all'; import { getListArrayMock } from '../../../../common/detection_engine/schemas/types/lists.mock'; +import { getThreatMock } from '../../../../common/detection_engine/schemas/types/threat.mock'; describe('getExportAll', () => { test('it exports everything from the alerts client', async () => { @@ -55,23 +56,7 @@ describe('getExportAll', () => { tags: [], to: 'now', type: 'query', - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: 'TA0040', - name: 'impact', - reference: 'https://attack.mitre.org/tactics/TA0040/', - }, - technique: [ - { - id: 'T1499', - name: 'endpoint denial of service', - reference: 'https://attack.mitre.org/techniques/T1499/', - }, - ], - }, - ], + threat: getThreatMock(), throttle: 'no_actions', note: '# Investigative notes', version: 1, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts index 0741ff600082a..23b9a8cf91a47 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts @@ -13,6 +13,7 @@ import { import * as readRules from './read_rules'; import { alertsClientMock } from '../../../../../alerts/server/mocks'; import { getListArrayMock } from '../../../../common/detection_engine/schemas/types/lists.mock'; +import { getThreatMock } from '../../../../common/detection_engine/schemas/types/threat.mock'; describe('get_export_by_object_ids', () => { beforeEach(() => { @@ -63,23 +64,7 @@ describe('get_export_by_object_ids', () => { tags: [], to: 'now', type: 'query', - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: 'TA0040', - name: 'impact', - reference: 'https://attack.mitre.org/tactics/TA0040/', - }, - technique: [ - { - id: 'T1499', - name: 'endpoint denial of service', - reference: 'https://attack.mitre.org/techniques/T1499/', - }, - ], - }, - ], + threat: getThreatMock(), throttle: 'no_actions', note: '# Investigative notes', version: 1, @@ -164,23 +149,7 @@ describe('get_export_by_object_ids', () => { tags: [], to: 'now', type: 'query', - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: 'TA0040', - name: 'impact', - reference: 'https://attack.mitre.org/tactics/TA0040/', - }, - technique: [ - { - id: 'T1499', - name: 'endpoint denial of service', - reference: 'https://attack.mitre.org/techniques/T1499/', - }, - ], - }, - ], + threat: getThreatMock(), throttle: 'no_actions', note: '# Investigative notes', version: 1, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.mock.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.mock.ts index 60f1d599470e3..f01ea3c855501 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.mock.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.mock.ts @@ -58,6 +58,7 @@ const rule: SanitizedAlert = { id: 'T1499', name: 'endpoint denial of service', reference: 'https://attack.mitre.org/techniques/T1499/', + subtechnique: [], }, ], }, diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index e96aa0d0a6bb3..9df495717b431 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -16843,11 +16843,9 @@ "xpack.securitySolution.detectionEngine.eqlValidation.title": "EQL確認エラー", "xpack.securitySolution.detectionEngine.goToDocumentationButton": "ドキュメンテーションを表示", "xpack.securitySolution.detectionEngine.lastSignalTitle": "前回のアラート", - "xpack.securitySolution.detectionEngine.mitreAttack.addTitle": "MITRE ATT&CK\\u2122脅威を追加", "xpack.securitySolution.detectionEngine.mitreAttack.tacticPlaceHolderDescription": "Tacticを追加...", "xpack.securitySolution.detectionEngine.mitreAttack.tacticsDescription": "Tactic", "xpack.securitySolution.detectionEngine.mitreAttack.techniquesDescription": "手法", - "xpack.securitySolution.detectionEngine.mitreAttack.techniquesPlaceHolderDescription": "Techniqueを選択...", "xpack.securitySolution.detectionEngine.mitreAttackTactics.collectionDescription": "収集(TA0009)", "xpack.securitySolution.detectionEngine.mitreAttackTactics.commandAndControlDescription": "コマンドとコントロール(TA0011)", "xpack.securitySolution.detectionEngine.mitreAttackTactics.credentialAccessDescription": "資格情報アクセス(TA0006)", @@ -16860,60 +16858,27 @@ "xpack.securitySolution.detectionEngine.mitreAttackTactics.lateralMovementDescription": "水平移動(TA0008)", "xpack.securitySolution.detectionEngine.mitreAttackTactics.persistenceDescription": "永続(TA0003)", "xpack.securitySolution.detectionEngine.mitreAttackTactics.privilegeEscalationDescription": "特権昇格(TA0004)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accessibilityFeaturesDescription": "アクセシビリティ機能(T1015)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accessTokenManipulationDescription": "アクセストークン操作(T1134)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accountAccessRemovalDescription": "アカウントアクセス削除(T1531)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accountDiscoveryDescription": "アカウント検出(T1087)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accountManipulationDescription": "アカウント操作(T1098)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.appCertDlLsDescription": "AppCert DLLs (T1182)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.appInitDlLsDescription": "AppInit DLLs (T1103)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.appleScriptDescription": "AppleScript (T1155)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationAccessTokenDescription": "アプリケーションアクセストークン(T1527)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationDeploymentSoftwareDescription": "アプリケーション開発ソフトウェア(T1017)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationShimmingDescription": "アプリケーションシミング(T1138)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationWindowDiscoveryDescription": "アプリケーションウィンドウ検出(T1010)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.audioCaptureDescription": "音声キャプチャ(T1123)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.authenticationPackageDescription": "認証パッケージ(T1131)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.automatedCollectionDescription": "自動収集(T1119)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.automatedExfiltrationDescription": "自動抽出(T1020)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bashHistoryDescription": "Bash履歴(T1139)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bashProfileAndBashrcDescription": ".bash_profile and .bashrc (T1156)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.binaryPaddingDescription": "バイナリパディング(T1009)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bitsJobsDescription": "BITSジョブ(T1197)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bootkitDescription": "Bootkit (T1067)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.browserBookmarkDiscoveryDescription": "ブラウザーブックマーク検出(T1217)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.browserExtensionsDescription": "ブラウザー拡張(T1176)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bruteForceDescription": "Brute Force (T1110)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bypassUserAccountControlDescription": "ユーザーアカウント制御のバイパス(T1088)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.changeDefaultFileAssociationDescription": "デフォルトファイル関連付けの変更(T1042)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.clearCommandHistoryDescription": "コマンド履歴の消去(T1146)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.clipboardDataDescription": "クリップボードデータ(T1115)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.cloudInstanceMetadataApiDescription": "Cloud Instance Metadata API (T1522)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.cloudServiceDashboardDescription": "クラウドサービスダッシュボード(T1538)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.cloudServiceDiscoveryDescription": "Cloud Service Discovery (T1526)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.cmstpDescription": "CMSTP (T1191)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.codeSigningDescription": "コード署名(T1116)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.commandLineInterfaceDescription": "コマンドラインインターフェース(T1059)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.commonlyUsedPortDescription": "一般的に使用されるポート(T1043)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.communicationThroughRemovableMediaDescription": "リムーバブルメディア経由の通信(T1092)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.compileAfterDeliveryDescription": "配信後のコンパイル(T1500)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.compiledHtmlFileDescription": "コンパイルされたHTMLファイル(T1223)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentFirmwareDescription": "コンポーネントファームウェア(T1109)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentObjectModelAndDistributedComDescription": "コンポーネントオブジェクトモデルおよび分散COM (T1175)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentObjectModelHijackingDescription": "コンポーネントオブジェクトモデルハイジャック(T1122)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.connectionProxyDescription": "接続プロキシ(T1090)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.controlPanelItemsDescription": "コントロールパネルアイテム(T1196)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.createAccountDescription": "アカウントの作成(T1136)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialDumpingDescription": "資格情報ダンピング(T1003)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsFromWebBrowsersDescription": "Webブラウザーからの資格情報(T1503)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsInFilesDescription": "ファイルの資格情報(T1081)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsInRegistryDescription": "レジストリの資格情報(T1214)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.customCommandAndControlProtocolDescription": "カスタムコマンドおよび制御プロトコル(T1094)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.customCryptographicProtocolDescription": "カスタム暗号プロトコル(T1024)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataCompressedDescription": "データ圧縮(T1002)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataDestructionDescription": "データ破壊(T1485)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataEncodingDescription": "データエンコード(T1132)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataEncryptedDescription": "データ暗号化(T1022)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataEncryptedForImpactDescription": "影響のデータ暗号化(T1486)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataFromCloudStorageObjectDescription": "クラウドストレージオブジェクトからのデータ(T1530)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataFromInformationRepositoriesDescription": "情報リポジトリからのデータ(T1213)", @@ -16923,29 +16888,14 @@ "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataObfuscationDescription": "データ難読化(T1001)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataStagedDescription": "データステージ(T1074)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataTransferSizeLimitsDescription": "データ転送サイズ上限(T1030)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dcShadowDescription": "DCShadow (T1207)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.defacementDescription": "改ざん(T1491)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.deobfuscateDecodeFilesOrInformationDescription": "ファイルまたは情報の難読化解除/デコード(T1140)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.disablingSecurityToolsDescription": "セキュリティツールの無効化(T1089)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.diskContentWipeDescription": "ディスク内容のワイプ(T1488)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.diskStructureWipeDescription": "ディスク構造のワイプ(T1487)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dllSearchOrderHijackingDescription": "DLL検索順序ハイジャック(T1038)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dllSideLoadingDescription": "DLLサイドロード(T1073)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.domainFrontingDescription": "ドメインフロンティング(T1172)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.domainGenerationAlgorithmsDescription": "ドメイン生成アルゴリズム(T1483)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.domainTrustDiscoveryDescription": "ドメイン信頼検出(T1482)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.driveByCompromiseDescription": "Drive-by Compromise (T1189)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dylibHijackingDescription": "Dylibハイジャック(T1157)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dynamicDataExchangeDescription": "動的データ交換(T1173)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.elevatedExecutionWithPromptDescription": "プロンプトを使用した昇格された実行(T1514)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.emailCollectionDescription": "電子メール収集(T1114)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.emondDescription": "Emond (T1519)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.endpointDenialOfServiceDescription": "エンドポイントサービス妨害(T1499)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionGuardrailsDescription": "実行ガードレール(T1480)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionThroughApiDescription": "API経由の実行(T1106)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionThroughModuleLoadDescription": "モジュール読み込み経由の実行(T1129)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverAlternativeProtocolDescription": "代替プロトコルでの抽出(T1048)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverCommandAndControlChannelDescription": "コマンドおよび制御チャネルでの抽出(T1041)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverOtherNetworkMediumDescription": "他のネットワーク媒体での抽出(T1011)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverPhysicalMediumDescription": "物理媒体での抽出(T1052)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exploitationForClientExecutionDescription": "クライアント実行の悪用(T1203)", @@ -16955,144 +16905,59 @@ "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exploitationOfRemoteServicesDescription": "リモートサービスの悪用(T1210)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exploitPublicFacingApplicationDescription": "公開アプリケーションの悪用(T1190)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.externalRemoteServicesDescription": "外部リモートサービス(T1133)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.extraWindowMemoryInjectionDescription": "追加ウィンドウメモリインジェクション(T1181)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fallbackChannelsDescription": "フォールバックチャネル(T1008)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileAndDirectoryDiscoveryDescription": "ファイルおよびディレクトリ検索(T1083)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileAndDirectoryPermissionsModificationDescription": "ファイルおよびディレクトリアクセス権修正(T1222)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileDeletionDescription": "ファイル削除(T1107)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileSystemLogicalOffsetsDescription": "ファイルシステム論理オフセット(T1006)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileSystemPermissionsWeaknessDescription": "ファイルシステムアクセス権脆弱性(T1044)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.firmwareCorruptionDescription": "ファームウェア破損(T1495)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.forcedAuthenticationDescription": "強制認証(T1187)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.gatekeeperBypassDescription": "Gatekeeperバイパス(T1144)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.graphicalUserInterfaceDescription": "グラフィカルユーザーインターフェース(T1061)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.groupPolicyModificationDescription": "グループポリシー修正(T1484)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hardwareAdditionsDescription": "ハードウェア追加(T1200)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hiddenFilesAndDirectoriesDescription": "非表示のファイルおよびディレクトリ(T1158)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hiddenUsersDescription": "非表示のユーザー(T1147)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hiddenWindowDescription": "非表示のウィンドウ(T1143)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.histcontrolDescription": "HISTCONTROL (T1148)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hookingDescription": "フック(T1179)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hypervisorDescription": "ハイパーバイザー(T1062)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.imageFileExecutionOptionsInjectionDescription": "画像ファイル実行オプションインジェクション(T1183)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.implantContainerImageDescription": "コンテナーイメージの挿入(T1525)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.indicatorBlockingDescription": "インジケーターブロック(T1054)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.indicatorRemovalFromToolsDescription": "ツールからのインジケーター削除(T1066)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.indicatorRemovalOnHostDescription": "ホストでのインジケーター削除(T1070)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.indirectCommandExecutionDescription": "間接コマンド実行(T1202)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.inhibitSystemRecoveryDescription": "システム回復の抑制(T1490)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.inputCaptureDescription": "入力キャプチャ(T1056)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.inputPromptDescription": "入力プロンプト(T1141)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.installRootCertificateDescription": "ルート証明書のインストール(T1130)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.installUtilDescription": "InstallUtil (T1118)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.internalSpearphishingDescription": "内部スピアフィッシング(T1534)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.kerberoastingDescription": "Kerberoasting (T1208)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.kernelModulesAndExtensionsDescription": "カーネルモジュールおよび拡張(T1215)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.keychainDescription": "鍵チェーン(T1142)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.launchAgentDescription": "エージェントの起動(T1159)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.launchctlDescription": "Launchctl (T1152)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.launchDaemonDescription": "デーモンの起動(T1160)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.lcLoadDylibAdditionDescription": "LC_LOAD_DYLIB追加(T1161)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.lcMainHijackingDescription": "LC_MAIN Hijacking (T1149)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.llmnrNbtNsPoisoningAndRelayDescription": "LLMNR/NBT-NSポイズニングおよびリレー(T1171)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.localJobSchedulingDescription": "ローカルジョブスケジュール(T1168)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.loginItemDescription": "ログイン項目(T1162)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.logonScriptsDescription": "ログオンスクリプト(T1037)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.lsassDriverDescription": "LSASSドライバー(T1177)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.manInTheBrowserDescription": "Man in the Browser (T1185)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.masqueradingDescription": "マスカレード(T1036)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.modifyExistingServiceDescription": "既存のサービスの修正(T1031)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.modifyRegistryDescription": "レジストリの修正(T1112)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.mshtaDescription": "Mshta (T1170)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.multibandCommunicationDescription": "マルチバンド通信(T1026)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.multiHopProxyDescription": "マルチホッププロキシ(T1188)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.multilayerEncryptionDescription": "マルチレイヤー暗号化(T1079)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.multiStageChannelsDescription": "マルチステージチャネル(T1104)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.netshHelperDllDescription": "Netsh Helper DLL (T1128)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkDenialOfServiceDescription": "ネットワークサービス妨害(T1498)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkServiceScanningDescription": "ネットワークサービススキャン(T1046)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkShareConnectionRemovalDescription": "ネットワーク共有接続削除(T1126)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkShareDiscoveryDescription": "ネットワーク共有検出(T1135)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkSniffingDescription": "ネットワーク検査(T1040)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.newServiceDescription": "新しいサービス(T1050)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.ntfsFileAttributesDescription": "NTFSファイル属性(T1096)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.obfuscatedFilesOrInformationDescription": "難読化されたファイルまたは情報(T1027)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.officeApplicationStartupDescription": "Officeアプリケーション起動(T1137)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.parentPidSpoofingDescription": "親PIDスプーフィング(T1502)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.passTheHashDescription": "ハッシュを渡す(T1075)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.passTheTicketDescription": "チケットを渡す(T1097)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.passwordFilterDllDescription": "パスワードフィルターDLL (T1174)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.passwordPolicyDiscoveryDescription": "パスワードポリシー検出(T1201)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.pathInterceptionDescription": "パス傍受(T1034)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.peripheralDeviceDiscoveryDescription": "周辺機器検出(T1120)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.permissionGroupsDiscoveryDescription": "アクセス権グループ検出(T1069)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.plistModificationDescription": "Plist修正(T1150)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.portKnockingDescription": "ポートノッキング(T1205)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.portMonitorsDescription": "ポートモニター(T1013)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.powerShellDescription": "PowerShell (T1086)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.powerShellProfileDescription": "PowerShellプロファイル(T1504)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.privateKeysDescription": "秘密鍵(T1145)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.processDiscoveryDescription": "プロセス検出(T1057)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.processDoppelgangingDescription": "Process Doppelgänging (T1186)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.processHollowingDescription": "プロセスハロウイング(T1093)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.processInjectionDescription": "プロセスインジェクション(T1055)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.queryRegistryDescription": "クエリレジストリ(T1012)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.rcCommonDescription": "Rc.common (T1163)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.redundantAccessDescription": "冗長アクセス(T1108)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.registryRunKeysStartupFolderDescription": "レジストリ実行キー/スタートアップフォルダー(T1060)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.regsvcsRegasmDescription": "Regsvcs/Regasm (T1121)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.regsvr32Description": "Regsvr32 (T1117)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteAccessToolsDescription": "リモートアクセスツール(T1219)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteDesktopProtocolDescription": "リモートデスクトッププロトコル(T1076)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteFileCopyDescription": "リモートファイルコピー(T1105)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteServicesDescription": "リモートサービス(T1021)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteSystemDiscoveryDescription": "リモートシステム検出(T1018)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.reOpenedApplicationsDescription": "再オープンされたアプリケーション (T1164)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.replicationThroughRemovableMediaDescription": "リムーバブルメディア経由のレプリケーション(T1091)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.resourceHijackingDescription": "リソースハイジャック(T1496)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.revertCloudInstanceDescription": "Revert Cloud Instance (T1536)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.rootkitDescription": "ルートキット(T1014)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.rundll32Description": "Rundll32 (T1085)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.runtimeDataManipulationDescription": "ランタイムデータ操作(T1494)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.scheduledTaskDescription": "スケジュールされたタスク(T1053)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.scheduledTransferDescription": "スケジュールされた転送(T1029)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.screenCaptureDescription": "画面キャプチャ(T1113)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.screensaverDescription": "スクリーンセーバー (T1180)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.scriptingDescription": "スクリプティング(T1064)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.securitydMemoryDescription": "Securityd Memory (T1167)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.securitySoftwareDiscoveryDescription": "セキュリティソフトウェア検出(T1063)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.securitySupportProviderDescription": "セキュリティサポートプロバイダー(T1101)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.serverSoftwareComponentDescription": "サーバーソフトウェアコンポーネント(T1505)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.serviceExecutionDescription": "サービス実行(T1035)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.serviceRegistryPermissionsWeaknessDescription": "サービスレジストリアクセス権脆弱性(T1058)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.serviceStopDescription": "サービス停止(T1489)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.setuidAndSetgidDescription": "SetuidおよびSetgid (T1166)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sharedWebrootDescription": "共有Webroot (T1051)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.shortcutModificationDescription": "ショートカット修正(T1023)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sidHistoryInjectionDescription": "SID履歴インジェクション(T1178)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.signedBinaryProxyExecutionDescription": "署名されたバイナリプロキシ実行(T1218)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.signedScriptProxyExecutionDescription": "署名されたスクリプトプロキシ実行(T1216)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sipAndTrustProviderHijackingDescription": "SIPおよび信頼プロバイダーハイジャック(T1198)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.softwareDiscoveryDescription": "ソフトウェア検出(T1518)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.softwarePackingDescription": "ソフトウェアパッキング(T1045)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sourceDescription": "ソース(T1153)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.spaceAfterFilenameDescription": "ファイル名の後のスペース(T1151)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.spearphishingAttachmentDescription": "スピアフィッシング添付ファイル(T1193)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.spearphishingLinkDescription": "スピアフィッシングリンク(T1192)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.spearphishingViaServiceDescription": "サービス経由のスピアフィッシング(T1194)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sshHijackingDescription": "SSHハイジャック(T1184)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.standardApplicationLayerProtocolDescription": "標準アプリケーション層プロトコル(T1071)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.standardCryptographicProtocolDescription": "標準暗号プロトコル(T1032)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.standardNonApplicationLayerProtocolDescription": "標準非アプリケーション層プロトコル(T1095)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.startupItemsDescription": "スタートアップ項目(T1165)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.stealApplicationAccessTokenDescription": "アプリケーションアクセストークンの窃盗(T1528)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.stealWebSessionCookieDescription": "WebセッションCookieの窃盗(T1539)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.storedDataManipulationDescription": "保存されたデータ操作(T1492)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sudoCachingDescription": "Sudoキャッシュ(T1206)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sudoDescription": "Sudo (T1169)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.supplyChainCompromiseDescription": "サプライチェーンの危険(T1195)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemdServiceDescription": "Systemdサービス(T1501)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemFirmwareDescription": "システムファームウェア(T1019)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemInformationDiscoveryDescription": "システム情報検出(T1082)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemNetworkConfigurationDiscoveryDescription": "システムネットワーク構成検出(T1016)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemNetworkConnectionsDiscoveryDescription": "システムネットワーク接続検出(T1049)", @@ -17102,29 +16967,16 @@ "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemTimeDiscoveryDescription": "システム時刻検出(T1124)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.taintSharedContentDescription": "Taint Shared Content (T1080)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.templateInjectionDescription": "テンプレートインジェクション(T1221)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.thirdPartySoftwareDescription": "サードパーティーソフトウェア(T1072)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.timeProvidersDescription": "時刻プロバイダー(T1209)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.timestompDescription": "Timestomp (T1099)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.transferDataToCloudAccountDescription": "クラウドアカウントへのデータ転送(T1537)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.transmittedDataManipulationDescription": "転送されたデータ操作(T1493)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.trapDescription": "トラップ(T1154)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.trustedDeveloperUtilitiesDescription": "信頼できる開発者ユーティリティ(T1127)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.trustedRelationshipDescription": "信頼できる関係(T1199)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.twoFactorAuthenticationInterceptionDescription": "二要素認証傍受(T1111)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.uncommonlyUsedPortDescription": "一般的に使用されないポート(T1065)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.unusedUnsupportedCloudRegionsDescription": "未使用/サポートされていないクラウドリージョン(T1535)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.userExecutionDescription": "ユーザー実行(T1204)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.validAccountsDescription": "有効なアカウント(T1078)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.videoCaptureDescription": "動画キャプチャ(T1125)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.virtualizationSandboxEvasionDescription": "仮想化/サンドボックス侵入(T1497)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.webServiceDescription": "Webサービス(T1102)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.webSessionCookieDescription": "WebセッションCookie (T1506)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.webShellDescription": "Webシェル(T1100)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsAdminSharesDescription": "Windows管理共有(T1077)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsManagementInstrumentationDescription": "Windows Management Instrumentation (T1047)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsManagementInstrumentationEventSubscriptionDescription": "Windows Management Instrumentationイベントサブスクリプション(T1084)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsRemoteManagementDescription": "Windowsリモート管理(T1028)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.winlogonHelperDllDescription": "Winlogon Helper DLL (T1004)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.xslScriptProcessingDescription": "XSLスクリプト処理(T1220)", "xpack.securitySolution.detectionEngine.mlRulesDisabledMessageTitle": "MLルールにはプラチナライセンスとML管理者権限が必要です", "xpack.securitySolution.detectionEngine.mlUnavailableTitle": "{totalRules} {totalRules, plural, =1 {個のルール} other {個のルール}}で機械学習を有効にする必要があります。", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index dbfc45deb8dd5..fc70ada752a94 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -16861,11 +16861,9 @@ "xpack.securitySolution.detectionEngine.eqlValidation.title": "EQL 验证错误", "xpack.securitySolution.detectionEngine.goToDocumentationButton": "查看文档", "xpack.securitySolution.detectionEngine.lastSignalTitle": "上一告警", - "xpack.securitySolution.detectionEngine.mitreAttack.addTitle": "添加 MITRE ATT&CK\\u2122 威胁", "xpack.securitySolution.detectionEngine.mitreAttack.tacticPlaceHolderDescription": "选择策略......", "xpack.securitySolution.detectionEngine.mitreAttack.tacticsDescription": "策略", "xpack.securitySolution.detectionEngine.mitreAttack.techniquesDescription": "技术", - "xpack.securitySolution.detectionEngine.mitreAttack.techniquesPlaceHolderDescription": "选择技术......", "xpack.securitySolution.detectionEngine.mitreAttackTactics.collectionDescription": "Collection (TA0009)", "xpack.securitySolution.detectionEngine.mitreAttackTactics.commandAndControlDescription": "Command and Control (TA0011)", "xpack.securitySolution.detectionEngine.mitreAttackTactics.credentialAccessDescription": "Credential Access (TA0006)", @@ -16878,60 +16876,27 @@ "xpack.securitySolution.detectionEngine.mitreAttackTactics.lateralMovementDescription": "Lateral Movement (TA0008)", "xpack.securitySolution.detectionEngine.mitreAttackTactics.persistenceDescription": "Persistence (TA0003)", "xpack.securitySolution.detectionEngine.mitreAttackTactics.privilegeEscalationDescription": "Privilege Escalation (TA0004)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accessibilityFeaturesDescription": "Accessibility Features (T1015)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accessTokenManipulationDescription": "Access Token Manipulation (T1134)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accountAccessRemovalDescription": "Account Access Removal (T1531)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accountDiscoveryDescription": "Account Discovery (T1087)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.accountManipulationDescription": "Account Manipulation (T1098)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.appCertDlLsDescription": "AppCert DLLs (T1182)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.appInitDlLsDescription": "AppInit DLLs (T1103)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.appleScriptDescription": "AppleScript (T1155)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationAccessTokenDescription": "Application Access Token (T1527)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationDeploymentSoftwareDescription": "Application Deployment Software (T1017)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationShimmingDescription": "Application Shimming (T1138)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.applicationWindowDiscoveryDescription": "Application Window Discovery (T1010)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.audioCaptureDescription": "Audio Capture (T1123)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.authenticationPackageDescription": "Authentication Package (T1131)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.automatedCollectionDescription": "Automated Collection (T1119)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.automatedExfiltrationDescription": "Automated Exfiltration (T1020)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bashHistoryDescription": "Bash History (T1139)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bashProfileAndBashrcDescription": ".bash_profile and .bashrc (T1156)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.binaryPaddingDescription": "Binary Padding (T1009)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bitsJobsDescription": "BITS Jobs (T1197)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bootkitDescription": "Bootkit (T1067)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.browserBookmarkDiscoveryDescription": "Browser Bookmark Discovery (T1217)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.browserExtensionsDescription": "Browser Extensions (T1176)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bruteForceDescription": "Brute Force (T1110)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.bypassUserAccountControlDescription": "Bypass User Account Control (T1088)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.changeDefaultFileAssociationDescription": "Change Default File Association (T1042)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.clearCommandHistoryDescription": "Clear Command History (T1146)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.clipboardDataDescription": "Clipboard Data (T1115)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.cloudInstanceMetadataApiDescription": "Cloud Instance Metadata API (T1522)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.cloudServiceDashboardDescription": "Cloud Service Dashboard (T1538)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.cloudServiceDiscoveryDescription": "Cloud Service Discovery (T1526)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.cmstpDescription": "CMSTP (T1191)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.codeSigningDescription": "Code Signing (T1116)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.commandLineInterfaceDescription": "Command-Line Interface (T1059)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.commonlyUsedPortDescription": "Commonly Used Port (T1043)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.communicationThroughRemovableMediaDescription": "Communication Through Removable Media (T1092)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.compileAfterDeliveryDescription": "Compile After Delivery (T1500)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.compiledHtmlFileDescription": "Compiled HTML File (T1223)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentFirmwareDescription": "Component Firmware (T1109)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentObjectModelAndDistributedComDescription": "Component Object Model and Distributed COM (T1175)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.componentObjectModelHijackingDescription": "Component Object Model Hijacking (T1122)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.connectionProxyDescription": "Connection Proxy (T1090)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.controlPanelItemsDescription": "Control Panel Items (T1196)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.createAccountDescription": "Create Account (T1136)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialDumpingDescription": "Credential Dumping (T1003)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsFromWebBrowsersDescription": "Credentials from Web Browsers (T1503)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsInFilesDescription": "Credentials in Files (T1081)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.credentialsInRegistryDescription": "Credentials in Registry (T1214)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.customCommandAndControlProtocolDescription": "Custom Command and Control Protocol (T1094)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.customCryptographicProtocolDescription": "Custom Cryptographic Protocol (T1024)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataCompressedDescription": "Data Compressed (T1002)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataDestructionDescription": "Data Destruction (T1485)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataEncodingDescription": "Data Encoding (T1132)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataEncryptedDescription": "Data Encrypted (T1022)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataEncryptedForImpactDescription": "Data Encrypted for Impact (T1486)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataFromCloudStorageObjectDescription": "Data from Cloud Storage Object (T1530)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataFromInformationRepositoriesDescription": "Data from Information Repositories (T1213)", @@ -16941,29 +16906,14 @@ "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataObfuscationDescription": "Data Obfuscation (T1001)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataStagedDescription": "Data Staged (T1074)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dataTransferSizeLimitsDescription": "Data Transfer Size Limits (T1030)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dcShadowDescription": "DCShadow (T1207)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.defacementDescription": "Defacement (T1491)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.deobfuscateDecodeFilesOrInformationDescription": "Deobfuscate/Decode Files or Information (T1140)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.disablingSecurityToolsDescription": "Disabling Security Tools (T1089)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.diskContentWipeDescription": "Disk Content Wipe (T1488)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.diskStructureWipeDescription": "Disk Structure Wipe (T1487)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dllSearchOrderHijackingDescription": "DLL Search Order Hijacking (T1038)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dllSideLoadingDescription": "DLL Side-Loading (T1073)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.domainFrontingDescription": "Domain Fronting (T1172)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.domainGenerationAlgorithmsDescription": "Domain Generation Algorithms (T1483)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.domainTrustDiscoveryDescription": "Domain Trust Discovery (T1482)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.driveByCompromiseDescription": "Drive-by Compromise (T1189)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dylibHijackingDescription": "Dylib Hijacking (T1157)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.dynamicDataExchangeDescription": "Dynamic Data Exchange (T1173)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.elevatedExecutionWithPromptDescription": "Elevated Execution with Prompt (T1514)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.emailCollectionDescription": "Email Collection (T1114)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.emondDescription": "Emond (T1519)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.endpointDenialOfServiceDescription": "Endpoint Denial of Service (T1499)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionGuardrailsDescription": "Execution Guardrails (T1480)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionThroughApiDescription": "Execution through API (T1106)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.executionThroughModuleLoadDescription": "Execution through Module Load (T1129)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverAlternativeProtocolDescription": "Exfiltration Over Alternative Protocol (T1048)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverCommandAndControlChannelDescription": "Exfiltration Over Command and Control Channel (T1041)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverOtherNetworkMediumDescription": "Exfiltration Over Other Network Medium (T1011)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exfiltrationOverPhysicalMediumDescription": "Exfiltration Over Physical Medium (T1052)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exploitationForClientExecutionDescription": "Exploitation for Client Execution (T1203)", @@ -16973,144 +16923,59 @@ "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exploitationOfRemoteServicesDescription": "Exploitation of Remote Services (T1210)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.exploitPublicFacingApplicationDescription": "Exploit Public-Facing Application (T1190)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.externalRemoteServicesDescription": "External Remote Services (T1133)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.extraWindowMemoryInjectionDescription": "Extra Window Memory Injection (T1181)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fallbackChannelsDescription": "Fallback Channels (T1008)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileAndDirectoryDiscoveryDescription": "File and Directory Discovery (T1083)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileAndDirectoryPermissionsModificationDescription": "File and Directory Permissions Modification (T1222)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileDeletionDescription": "File Deletion (T1107)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileSystemLogicalOffsetsDescription": "File System Logical Offsets (T1006)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.fileSystemPermissionsWeaknessDescription": "File System Permissions Weakness (T1044)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.firmwareCorruptionDescription": "Firmware Corruption (T1495)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.forcedAuthenticationDescription": "Forced Authentication (T1187)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.gatekeeperBypassDescription": "Gatekeeper Bypass (T1144)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.graphicalUserInterfaceDescription": "Graphical User Interface (T1061)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.groupPolicyModificationDescription": "Group Policy Modification (T1484)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hardwareAdditionsDescription": "Hardware Additions (T1200)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hiddenFilesAndDirectoriesDescription": "Hidden Files and Directories (T1158)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hiddenUsersDescription": "Hidden Users (T1147)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hiddenWindowDescription": "Hidden Window (T1143)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.histcontrolDescription": "HISTCONTROL (T1148)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hookingDescription": "Hooking (T1179)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.hypervisorDescription": "Hypervisor (T1062)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.imageFileExecutionOptionsInjectionDescription": "Image File Execution Options Injection (T1183)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.implantContainerImageDescription": "Implant Container Image (T1525)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.indicatorBlockingDescription": "Indicator Blocking (T1054)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.indicatorRemovalFromToolsDescription": "Indicator Removal from Tools (T1066)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.indicatorRemovalOnHostDescription": "Indicator Removal on Host (T1070)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.indirectCommandExecutionDescription": "Indirect Command Execution (T1202)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.inhibitSystemRecoveryDescription": "Inhibit System Recovery (T1490)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.inputCaptureDescription": "Input Capture (T1056)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.inputPromptDescription": "Input Prompt (T1141)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.installRootCertificateDescription": "Install Root Certificate (T1130)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.installUtilDescription": "InstallUtil (T1118)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.internalSpearphishingDescription": "Internal Spearphishing (T1534)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.kerberoastingDescription": "Kerberoasting (T1208)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.kernelModulesAndExtensionsDescription": "Kernel Modules and Extensions (T1215)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.keychainDescription": "Keychain (T1142)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.launchAgentDescription": "Launch Agent (T1159)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.launchctlDescription": "Launchctl (T1152)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.launchDaemonDescription": "Launch Daemon (T1160)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.lcLoadDylibAdditionDescription": "LC_LOAD_DYLIB Addition (T1161)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.lcMainHijackingDescription": "LC_MAIN Hijacking (T1149)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.llmnrNbtNsPoisoningAndRelayDescription": "LLMNR/NBT-NS Poisoning and Relay (T1171)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.localJobSchedulingDescription": "Local Job Scheduling (T1168)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.loginItemDescription": "Login Item (T1162)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.logonScriptsDescription": "Logon Scripts (T1037)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.lsassDriverDescription": "LSASS Driver (T1177)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.manInTheBrowserDescription": "Man in the Browser (T1185)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.masqueradingDescription": "Masquerading (T1036)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.modifyExistingServiceDescription": "Modify Existing Service (T1031)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.modifyRegistryDescription": "Modify Registry (T1112)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.mshtaDescription": "Mshta (T1170)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.multibandCommunicationDescription": "Multiband Communication (T1026)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.multiHopProxyDescription": "Multi-hop Proxy (T1188)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.multilayerEncryptionDescription": "Multilayer Encryption (T1079)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.multiStageChannelsDescription": "Multi-Stage Channels (T1104)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.netshHelperDllDescription": "Netsh Helper DLL (T1128)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkDenialOfServiceDescription": "Network Denial of Service (T1498)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkServiceScanningDescription": "Network Service Scanning (T1046)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkShareConnectionRemovalDescription": "Network Share Connection Removal (T1126)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkShareDiscoveryDescription": "Network Share Discovery (T1135)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.networkSniffingDescription": "Network Sniffing (T1040)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.newServiceDescription": "New Service (T1050)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.ntfsFileAttributesDescription": "NTFS File Attributes (T1096)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.obfuscatedFilesOrInformationDescription": "Obfuscated Files or Information (T1027)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.officeApplicationStartupDescription": "Office Application Startup (T1137)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.parentPidSpoofingDescription": "Parent PID Spoofing (T1502)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.passTheHashDescription": "Pass the Hash (T1075)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.passTheTicketDescription": "Pass the Ticket (T1097)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.passwordFilterDllDescription": "Password Filter DLL (T1174)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.passwordPolicyDiscoveryDescription": "Password Policy Discovery (T1201)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.pathInterceptionDescription": "Path Interception (T1034)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.peripheralDeviceDiscoveryDescription": "Peripheral Device Discovery (T1120)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.permissionGroupsDiscoveryDescription": "Permission Groups Discovery (T1069)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.plistModificationDescription": "Plist Modification (T1150)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.portKnockingDescription": "Port Knocking (T1205)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.portMonitorsDescription": "Port Monitors (T1013)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.powerShellDescription": "PowerShell (T1086)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.powerShellProfileDescription": "PowerShell Profile (T1504)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.privateKeysDescription": "Private Keys (T1145)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.processDiscoveryDescription": "Process Discovery (T1057)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.processDoppelgangingDescription": "Process Doppelgänging (T1186)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.processHollowingDescription": "Process Hollowing (T1093)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.processInjectionDescription": "Process Injection (T1055)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.queryRegistryDescription": "Query Registry (T1012)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.rcCommonDescription": "Rc.common (T1163)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.redundantAccessDescription": "Redundant Access (T1108)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.registryRunKeysStartupFolderDescription": "Registry Run Keys / Startup Folder (T1060)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.regsvcsRegasmDescription": "Regsvcs/Regasm (T1121)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.regsvr32Description": "Regsvr32 (T1117)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteAccessToolsDescription": "Remote Access Tools (T1219)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteDesktopProtocolDescription": "Remote Desktop Protocol (T1076)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteFileCopyDescription": "Remote File Copy (T1105)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteServicesDescription": "Remote Services (T1021)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.remoteSystemDiscoveryDescription": "Remote System Discovery (T1018)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.reOpenedApplicationsDescription": "Re-opened Applications (T1164)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.replicationThroughRemovableMediaDescription": "Replication Through Removable Media (T1091)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.resourceHijackingDescription": "Resource Hijacking (T1496)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.revertCloudInstanceDescription": "Revert Cloud Instance (T1536)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.rootkitDescription": "Rootkit (T1014)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.rundll32Description": "Rundll32 (T1085)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.runtimeDataManipulationDescription": "Runtime Data Manipulation (T1494)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.scheduledTaskDescription": "Scheduled Task (T1053)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.scheduledTransferDescription": "Scheduled Transfer (T1029)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.screenCaptureDescription": "Screen Capture (T1113)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.screensaverDescription": "Screensaver (T1180)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.scriptingDescription": "Scripting (T1064)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.securitydMemoryDescription": "Securityd Memory (T1167)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.securitySoftwareDiscoveryDescription": "Security Software Discovery (T1063)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.securitySupportProviderDescription": "Security Support Provider (T1101)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.serverSoftwareComponentDescription": "Server Software Component (T1505)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.serviceExecutionDescription": "Service Execution (T1035)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.serviceRegistryPermissionsWeaknessDescription": "Service Registry Permissions Weakness (T1058)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.serviceStopDescription": "Service Stop (T1489)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.setuidAndSetgidDescription": "Setuid and Setgid (T1166)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sharedWebrootDescription": "Shared Webroot (T1051)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.shortcutModificationDescription": "Shortcut Modification (T1023)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sidHistoryInjectionDescription": "SID-History Injection (T1178)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.signedBinaryProxyExecutionDescription": "Signed Binary Proxy Execution (T1218)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.signedScriptProxyExecutionDescription": "Signed Script Proxy Execution (T1216)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sipAndTrustProviderHijackingDescription": "SIP and Trust Provider Hijacking (T1198)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.softwareDiscoveryDescription": "Software Discovery (T1518)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.softwarePackingDescription": "Software Packing (T1045)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sourceDescription": "Source (T1153)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.spaceAfterFilenameDescription": "Space after Filename (T1151)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.spearphishingAttachmentDescription": "Spearphishing Attachment (T1193)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.spearphishingLinkDescription": "Spearphishing Link (T1192)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.spearphishingViaServiceDescription": "Spearphishing via Service (T1194)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sshHijackingDescription": "SSH Hijacking (T1184)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.standardApplicationLayerProtocolDescription": "Standard Application Layer Protocol (T1071)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.standardCryptographicProtocolDescription": "Standard Cryptographic Protocol (T1032)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.standardNonApplicationLayerProtocolDescription": "Standard Non-Application Layer Protocol (T1095)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.startupItemsDescription": "Startup Items (T1165)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.stealApplicationAccessTokenDescription": "Steal Application Access Token (T1528)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.stealWebSessionCookieDescription": "Steal Web Session Cookie (T1539)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.storedDataManipulationDescription": "Stored Data Manipulation (T1492)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sudoCachingDescription": "Sudo Caching (T1206)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.sudoDescription": "Sudo (T1169)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.supplyChainCompromiseDescription": "Supply Chain Compromise (T1195)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemdServiceDescription": "Systemd Service (T1501)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemFirmwareDescription": "System Firmware (T1019)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemInformationDiscoveryDescription": "System Information Discovery (T1082)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemNetworkConfigurationDiscoveryDescription": "System Network Configuration Discovery (T1016)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemNetworkConnectionsDiscoveryDescription": "System Network Connections Discovery (T1049)", @@ -17120,29 +16985,16 @@ "xpack.securitySolution.detectionEngine.mitreAttackTechniques.systemTimeDiscoveryDescription": "System Time Discovery (T1124)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.taintSharedContentDescription": "Taint Shared Content (T1080)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.templateInjectionDescription": "Template Injection (T1221)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.thirdPartySoftwareDescription": "Third-party Software (T1072)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.timeProvidersDescription": "Time Providers (T1209)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.timestompDescription": "Timestomp (T1099)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.transferDataToCloudAccountDescription": "Transfer Data to Cloud Account (T1537)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.transmittedDataManipulationDescription": "Transmitted Data Manipulation (T1493)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.trapDescription": "Trap (T1154)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.trustedDeveloperUtilitiesDescription": "Trusted Developer Utilities (T1127)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.trustedRelationshipDescription": "Trusted Relationship (T1199)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.twoFactorAuthenticationInterceptionDescription": "Two-Factor Authentication Interception (T1111)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.uncommonlyUsedPortDescription": "Uncommonly Used Port (T1065)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.unusedUnsupportedCloudRegionsDescription": "Unused/Unsupported Cloud Regions (T1535)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.userExecutionDescription": "User Execution (T1204)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.validAccountsDescription": "Valid Accounts (T1078)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.videoCaptureDescription": "Video Capture (T1125)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.virtualizationSandboxEvasionDescription": "Virtualization/Sandbox Evasion (T1497)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.webServiceDescription": "Web Service (T1102)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.webSessionCookieDescription": "Web Session Cookie (T1506)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.webShellDescription": "Web Shell (T1100)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsAdminSharesDescription": "Windows Admin Shares (T1077)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsManagementInstrumentationDescription": "Windows Management Instrumentation (T1047)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsManagementInstrumentationEventSubscriptionDescription": "Windows Management Instrumentation Event Subscription (T1084)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.windowsRemoteManagementDescription": "Windows Remote Management (T1028)", - "xpack.securitySolution.detectionEngine.mitreAttackTechniques.winlogonHelperDllDescription": "Winlogon Helper DLL (T1004)", "xpack.securitySolution.detectionEngine.mitreAttackTechniques.xslScriptProcessingDescription": "XSL Script Processing (T1220)", "xpack.securitySolution.detectionEngine.mlRulesDisabledMessageTitle": "ML 规则需要白金级许可证以及 ML 管理员权限", "xpack.securitySolution.detectionEngine.mlUnavailableTitle": "{totalRules} 个{totalRules, plural, =1 {规则需要} other {规则需要}}启用 Machine Learning。", From b01f33eeb09131e53c66ca7757a462ae563b36b3 Mon Sep 17 00:00:00 2001 From: Spencer Date: Mon, 7 Dec 2020 11:34:59 -0700 Subject: [PATCH 04/11] [cli/dev] make optimizer delays more obvious and hide proxy target url (#84835) Co-authored-by: spalger Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../server/http/base_path_proxy_server.ts | 13 +++++- src/dev/cli_dev_mode/cli_dev_mode.test.ts | 1 + src/dev/cli_dev_mode/cli_dev_mode.ts | 46 +++++++++++++++++-- src/dev/cli_dev_mode/dev_server.ts | 10 +++- 4 files changed, 64 insertions(+), 6 deletions(-) diff --git a/src/core/server/http/base_path_proxy_server.ts b/src/core/server/http/base_path_proxy_server.ts index 737aab00cff0e..d461abe54ccbd 100644 --- a/src/core/server/http/base_path_proxy_server.ts +++ b/src/core/server/http/base_path_proxy_server.ts @@ -52,6 +52,14 @@ export class BasePathProxyServer { return this.devConfig.basePathProxyTargetPort; } + public get host() { + return this.httpConfig.host; + } + + public get port() { + return this.httpConfig.port; + } + constructor( private readonly log: Logger, private readonly httpConfig: HttpConfig, @@ -92,7 +100,10 @@ export class BasePathProxyServer { await this.server.start(); this.log.info( - `basepath proxy server running at ${this.server.info.uri}${this.httpConfig.basePath}` + `basepath proxy server running at ${Url.format({ + host: this.server.info.uri, + pathname: this.httpConfig.basePath, + })}` ); } diff --git a/src/dev/cli_dev_mode/cli_dev_mode.test.ts b/src/dev/cli_dev_mode/cli_dev_mode.test.ts index b86100d161bd3..a6905df8d0c27 100644 --- a/src/dev/cli_dev_mode/cli_dev_mode.test.ts +++ b/src/dev/cli_dev_mode/cli_dev_mode.test.ts @@ -95,6 +95,7 @@ it('passes correct args to sub-classes', () => { ], "gracefulTimeout": 5000, "log": , + "mapLogLine": [Function], "script": /scripts/kibana, "watcher": Watcher { "serverShouldRestart$": [MockFunction], diff --git a/src/dev/cli_dev_mode/cli_dev_mode.ts b/src/dev/cli_dev_mode/cli_dev_mode.ts index 3cb97b08b75c2..58d5e499f189b 100644 --- a/src/dev/cli_dev_mode/cli_dev_mode.ts +++ b/src/dev/cli_dev_mode/cli_dev_mode.ts @@ -21,7 +21,7 @@ import Path from 'path'; import { REPO_ROOT } from '@kbn/dev-utils'; import * as Rx from 'rxjs'; -import { mapTo, filter, take } from 'rxjs/operators'; +import { mapTo, filter, take, tap, distinctUntilChanged, switchMap } from 'rxjs/operators'; import { CliArgs } from '../../core/server/config'; import { LegacyConfig } from '../../core/server/legacy'; @@ -142,6 +142,15 @@ export class CliDevMode { ] : []), ], + mapLogLine: (line) => { + if (!this.basePathProxy) { + return line; + } + + return line + .split(`${this.basePathProxy.host}:${this.basePathProxy.targetPort}`) + .join(`${this.basePathProxy.host}:${this.basePathProxy.port}`); + }, }); this.optimizer = new Optimizer({ @@ -168,10 +177,41 @@ export class CliDevMode { this.subscription = new Rx.Subscription(); if (basePathProxy) { - const delay$ = firstAllTrue(this.devServer.isReady$(), this.optimizer.isReady$()); + const serverReady$ = new Rx.BehaviorSubject(false); + const optimizerReady$ = new Rx.BehaviorSubject(false); + const userWaiting$ = new Rx.BehaviorSubject(false); + + this.subscription.add( + Rx.merge( + this.devServer.isReady$().pipe(tap(serverReady$)), + this.optimizer.isReady$().pipe(tap(optimizerReady$)), + userWaiting$.pipe( + distinctUntilChanged(), + switchMap((waiting) => + !waiting + ? Rx.EMPTY + : Rx.timer(1000).pipe( + tap(() => { + this.log.warn( + 'please hold', + !optimizerReady$.getValue() + ? 'optimizer is still bundling so requests have been paused' + : 'server is not ready so requests have been paused' + ); + }) + ) + ) + ) + ).subscribe(this.observer('readiness checks')) + ); basePathProxy.start({ - delayUntil: () => delay$, + delayUntil: () => { + userWaiting$.next(true); + return firstAllTrue(serverReady$, optimizerReady$).pipe( + tap(() => userWaiting$.next(false)) + ); + }, shouldRedirectFromOldBasePath, }); diff --git a/src/dev/cli_dev_mode/dev_server.ts b/src/dev/cli_dev_mode/dev_server.ts index da64c680a3c2d..f832acd38c641 100644 --- a/src/dev/cli_dev_mode/dev_server.ts +++ b/src/dev/cli_dev_mode/dev_server.ts @@ -45,6 +45,7 @@ export interface Options { processExit$?: Rx.Observable; sigint$?: Rx.Observable; sigterm$?: Rx.Observable; + mapLogLine?: DevServer['mapLogLine']; } export class DevServer { @@ -59,6 +60,7 @@ export class DevServer { private readonly script: string; private readonly argv: string[]; private readonly gracefulTimeout: number; + private readonly mapLogLine?: (line: string) => string | null; constructor(options: Options) { this.log = options.log; @@ -70,6 +72,7 @@ export class DevServer { this.processExit$ = options.processExit$ ?? Rx.fromEvent(process as EventEmitter, 'exit'); this.sigint$ = options.sigint$ ?? Rx.fromEvent(process as EventEmitter, 'SIGINT'); this.sigterm$ = options.sigterm$ ?? Rx.fromEvent(process as EventEmitter, 'SIGTERM'); + this.mapLogLine = options.mapLogLine; } isReady$() { @@ -124,8 +127,11 @@ export class DevServer { // observable which emits devServer states containing lines // logged to stdout/stderr, completes when stdio streams complete const log$ = Rx.merge(observeLines(proc.stdout!), observeLines(proc.stderr!)).pipe( - tap((line) => { - this.log.write(line); + tap((observedLine) => { + const line = this.mapLogLine ? this.mapLogLine(observedLine) : observedLine; + if (line !== null) { + this.log.write(line); + } }) ); From 3604995ac25cbbfb9816ee1248bb323afb2d6b39 Mon Sep 17 00:00:00 2001 From: "Christiane (Tina) Heiligers" Date: Mon, 7 Dec 2020 12:39:48 -0700 Subject: [PATCH 05/11] [Docs] Adds docs on how to run Kibana with the APM agent locally (#84700) Co-authored-by: Vignesh Shanmugam --- .../getting-started/debugging.asciidoc | 87 ++++++++++++++++-- docs/developer/images/apm_example_trace.png | Bin 0 -> 570262 bytes docs/developer/images/apm_ui_transactions.png | Bin 0 -> 196750 bytes 3 files changed, 80 insertions(+), 7 deletions(-) create mode 100644 docs/developer/images/apm_example_trace.png create mode 100644 docs/developer/images/apm_ui_transactions.png diff --git a/docs/developer/getting-started/debugging.asciidoc b/docs/developer/getting-started/debugging.asciidoc index a3fb12ec1f6a3..5ddc5dbb861b7 100644 --- a/docs/developer/getting-started/debugging.asciidoc +++ b/docs/developer/getting-started/debugging.asciidoc @@ -15,7 +15,17 @@ For information about how to debug unit tests, refer to <> https://github.com/elastic/apm-agent-nodejs[Elastic APM Node.js Agent] built-in for debugging purposes. -Its default configuration is meant to be used by core {kib} developers +With an application as varied and complex as Kibana has become, it's not practical or scalable to craft all possible performance measurements by hand ahead of time. As such, we need to rely on tooling to help us catch things we may otherwise have missed. + +For example, say you implement a brand new feature, plugin or service but don't quite know how it will impact Kibana's performance as a whole. APM allows us to not only spot that something is slow, but also hints at why it might be performing slowly. For example, if a function is slow on specific types of inputs, we can see where the time is spent by viewing the trace for that function call in the APM UI. + +image::images/apm_example_trace.png[] + +The net of metrics captured by APM are both a wide and deep because the entire application is instrumented at runtime and we simply take a sample of these metrics. This means that we don't have to know what we need to measure ahead of time, we'll instead just get (most) of the data we're likely going to need by default. + +This type of data can help us identify unknown bottlenecks, spot when a performance regression may have been introduced, and inform how the performance of Kibana is changing between releases. Using APM allows us to be proactive in getting ahead of potential performance regressions before they are released. + +The default APM configuration is meant to be used by core {kib} developers only, but it can easily be re-configured to your needs. In its default configuration it’s disabled and will, once enabled, send APM data to a centrally managed {es} cluster accessible only to Elastic @@ -27,11 +37,8 @@ APM config option. To activate the APM agent, use the https://www.elastic.co/guide/en/apm/agent/nodejs/current/configuration.html#active[`active`] APM config option. -All config options can be set either via environment variables, or by -creating an appropriate config file under `config/apm.dev.js`. For -more information about configuring the APM agent, please refer to -https://www.elastic.co/guide/en/apm/agent/nodejs/current/configuring-the-agent.html[the -documentation]. +All config options can be set by +creating an appropriate config file under `config/apm.dev.js`. Example `config/apm.dev.js` file: @@ -56,4 +63,70 @@ ELASTIC_APM_ACTIVE=true yarn start Once the agent is active, it will trace all incoming HTTP requests to {kib}, monitor for errors, and collect process-level metrics. The collected data will be sent to the APM Server and is viewable in the APM -UI in {kib}. \ No newline at end of file +UI in {kib}. + +[discrete] +=== Running Kibana with the APM Agent Locally + +The easiest and recommended way of running Kibana with the APM agent locally is to use the solution provided by the https://github.com/elastic/apm-integration-testing[apm-integration-testing] repo. You’ll need https://www.docker.com/community-edition[Docker] and https://docs.docker.com/compose/install/[Docker Compose] to use the tool. + +[discrete] +==== Quick start guide + +. Clone the https://github.com/elastic/apm-integration-testing[elastic/apm-integration-testing] repo. +. Change into the apm-integration-testing repo: ++ +[source,bash] +---- +cd apm-integration-testing +---- + +. Run {es} and the APM servers without running Kibana: ++ +[source,bash] +---- +./scripts/compose.py start master --no-kibana +---- + +. Change into the {kib} repo: ++ +[source,bash] +---- +cd ../kibana +---- + +. Change the elasticsearch credentials in your `kibana.yml` configuration file to match those needed by elasticsearch and the APM server (see the apm-integration-testing repo's https://github.com/elastic/apm-integration-testing#logging-in[README] for users provided to test different scenarios). +. Make sure that the APM agent is active and points to the local APM server by adding the following configuration settings to to a config file under `config/apm.dev.js`: ++ +Example `config/apm.dev.js` file: ++ +[source,js] +---- +module.exports = { + active: true, + serverUrl: 'http://127.0.0.1:8200', // supports `http://localhost:8200` + centralConfig: false, + breakdownMetrics: false, + transactionSampleRate: 0.1, + metricsInterval: '120s' +}; +---- + +. Start Kibana with APM active using: ++ +[source,bash] +---- +yarn start +---- + +. After Kibana starts up, navigate to the APM app, where you should see some transactions. + +image::images/apm_ui_transactions.png[] + +You can now continue doing what you want to in Kibana (e.g. install sample data sets, issue queries in dashboards, build new visualizations etc). +Once you're finished, you can stop Kibana normally, then stop the {es} and APM servers in the apm-integration-testing clone with the following script: + +[source,bash] +---- +./scripts/compose.py stop +---- diff --git a/docs/developer/images/apm_example_trace.png b/docs/developer/images/apm_example_trace.png new file mode 100644 index 0000000000000000000000000000000000000000..ec29f72e0b70a5f3769d1adef5e94dbc1c63e647 GIT binary patch literal 570262 zcmd41WmufcvM`EkfDkM|kU($^&fpN--7VpW}Ue|P42XZr2#>gwvQ>Z-1)a1|wKEDRD1I5;>gS(y)NaB%2^u!j{51y=J_ zCZQS*4r2o-A)z8GAwj9);%Eu9vw(w>2~SQ%RY_bT3_N`<4f~Yx5}qNSR}27O^l1u# zzAHjb1_7NW6ko%xjJakrf{H5GLQGo{pIIK4^kZKO{dG5GWMBg;p@jpZ`{4g;U}9S}w@IOZtPy9Lsg!6){{{|CcrMcm=`l zt+*v}aR|8NueUDIpE$mkZ$)WQ+=PdJd~1gRm-Fq1%rrdZ61BTGD=%5NM1<&~(Koz^ zmlM*9nM|9%UP_$@6E7`c4tk=Q%6~I{0hb=ZPJPApe&(4_M3XqTUsn74gYj1I4Uyb{ zZWhh+9^}Dscp^c0mtC4rmJ&Tiyotxf|Avz&luNvu%+BGxP~`UB|SYbFd|jv(*Xi;c6cYBa5l@&N=3+@=f$+_&!xnLC1Tv-j|AZV61O+e(X5W+Jaek!%7n z+ydd*;Zu4E`4F@>(S60>(BOYiqPz>f4a7vEBrW&F)j`n;5?6V_6U>tL>KFms=kJ8} z26=q*9UmrZaOEaS8zOm-!xXAfu<0-IDDjt{LWW)zCe$exa)D=p|q8>i7lmEPECB z@MD7Z`VO41vrvh8NjEXtP=wKV`>cLc{vvB5^+%7*gOfv+lpxNxQ+z`cX+=yIW8ORx6?n&UanhHK1 zM&#Gxs{G@8gS<=CdJRm*%nUJ>67m9fwXkNc=B(zQO@y|Z!0hS6l6>o3E*_RhEpY)k zu>8HCVgQLNNx*Uk@M^|E={`@$a78<_*05+T&rkZk5!;YXluq3$QK@kP&#P! z&K48w4$RWcbj`e0Fl-0vMw*sQLH#5x?)8K^+PcQALG}jrpLhi9IxI~r+a_O*m!&&T zrkIa5jW<^}p41mEeO{_=v2F3;o^i9B9#iBLu=H>AsGn@uFnb;nn|b@qv{|CEpH$jb zy2dPd%bu=5J#R*?l(2MRf@i{aFMHy~ke;>CaK57n>^2${hjcPFHbWZ?1m#&&+eqTmOrD zpzvxQK$=6w;d603=sLFhWtS@~#L4~l?k_rALR@}aI;#43+<49S$-*}UDUzTM>IFm} zD8BepY!Ruyx}cxu&>~+UFC|QUqfL7Ac3q^Kt6RX-^6UAh%J7cxuisMM8K@aduNTF) z!@IVQoyfb(vMO{7OnzMd>6N;7G%=YGU=y^AFcECVke2j236a5=??)ENgbbqq$mftf zbzp78Z}?&-`3&XO=t0dtAVXUZxGdVCeYbll78ILj!2Zr0o#}HeXE3L`h40Xd$<@^I zp@>PFq3>3u<`hK02oA|TA`)hU&N_KJYF2!YJF^#e6@@r zqiYxYcs{ZTi;Sws!~3Q;OifbOJWzz%8{1*5-;oy^LV?oYi2S8De{>#a3K;mqq) zo21?3Ylob!_VOqrEsbl3(O{O;(d~4W0kAqXj^{ZRyAF(%;Ar+Z6W40q6W*&P`|86=5G_T_O`b`Rjzw^7Dp|!$% z>6O^`F>}v$*B94Pa%QS{vrR?7Hr=V!wS>iKkl?nbPojMs?cXCqO|7^)`Jh1XvA!-rX9_ zF21cenk%toT_6c?zAdhwX>L5|Sh-3eh4SiwEkW7c2d)>#EYJExj*X7SU7UML3u}wu zn^T&NqwYzt$S=yHzN4^q9BGOjk?(@6-UUxZ59RAK8OGKA_WSN9!gE_2t|z*ejnZAK z>#04m0r%6|zp@@WJ2&cj+wEJgQu(?rl9OM=6u#Zi(E)vfc&XtDVgq+8(t| zImQw!VSG-b{t*?6KyTg$1j2PLg^dk{!>Pm(2lIJ+>?S9&{+Vf#)f@0LoY>dE0KQCm zcG3Eq4dNzy!`KD9$_28C9dpDPa$RDg%cFb|P$>qlUS`NG{I*P`a}E`50i#ztT>O29 zME>s%REBGKID39P*T=NilpC*Ix#9GToJ8uWC>|teEuVTWe=B2sXLLe&o((`KrJ~UO z+^sJTvv^Z1bYv|R72z0RWi&Ws_*ZaA%Zr@bv%cg8&B? z282WUS06pt|DR7B?14f5>mM;86b=>k_6qiV%0u`+z0nEt5dU3fg|)$nsY}Sp!v59G zTr4acT&*45>PbYHVHN03GPlhx71itRl=KR+8g2O9?m z3#AI`9I@)uy8eV0Xn$>9UUnDjBEPQ5#%OBMfC^Kzd!$+r-di* zzc4wt{);Rafoy+T*xs|Uv;7sA8_@E90sGVPPq2T`^-pwye+C0+x>~qMINIA=IJgP_ z*NO}N1JnPj@xSKzPe2u*r-hx)2Otd66-JXV2PX&5zrg-y(_ez>{&!Gr_Wut0-F$CHE%~HY`gS`Q~aB!kbg-5*XIUJgLTRd6v0J{&-y(9puI-#wFAoV@y}U>~2>4eiuy&%JC9Va`?$ z@Wt`PF2MQxk{I2E->f-p_L!Kn@FF}s+~v@%z;3xk+a>*Ru2NHY$fuYe>7^(f{D1T# zQ`wuKsb9^PBX>sg&I9@yHeS2|Z5>_elbM`?9%%tN0vcr?+<)}*Ar>x365?9Jul65d z{xidAW>FK>jPkNC{}~3#K+#LImpb@Ddl}S{{~>{*l;a3UgvIF*5&wT9WIH@ZVn+t| z?{})9vA6FN(o(xw>amEEXbhPEtJOr-@I;uz2CgV229nFp2+i%qpj>@{WU<21v|5qV z4?EB-5}`%qjHK1y4j;6SuhZpSZMV`*4Zz7Ml!6PgW6Fb%la3{CB)=meq%hX9nJ>$+ zj|uB7uyd{0r~g}4c$tk5naZ5#cYm#qYFz)(i@~rW37`2jT?YE6VAwW)Xb40hBop@4 zaX(q6&TO?ywqJ4AAzmPv6=6yMpIk=wQiTPh|2+c*$>2>XNRntIi3IrbS31};Xq1^0 zf#RS3Fe^MV7hHo%zW98h+d)Eu-7Vu0xBXQ{^AeS-szNWd8S>wf02@P>-iiHfAMsOE zUIDWp?lB2GQZQ8>yp+{kwMBDrdgQAyTZ1AZgh;B#7Z8!Zoh_vtvO9Fqf~*}oK&qsG zz6*`d4#_1g5QRvyN@X2TK_-xBv_*CM5}i3>yHR4}Z)G=#o^UZ>GZ1uHET0_l5gD5d z9?2ym5IelY;`u2AH^3T+Q1XGHAmnfPUGx$?i{DiW#!wDqo_)d25Y%2=>Oj#Lf-jNs z-iiY5$7%bvhVTARd3!v?`}b5vARm)L+g*14Jtt8G1+})AM-rmpL1`1!ce!MDp?@pr zAMyife|`D&j$GAKi_aYCCE91vqMmhJ9sGz!rOdx22@WCsYw zqE2M0hvt}Gs#Co0g8vD}{SyINkfZ_9e}L;>T{fvjP2zFTG5?ll{;drHd#P&v{qpzg z@e7x-ZYb;%@_#-hQ4`#Szuo2k(kZ`T2l}?eSA@T1uYb>#vhIuRzhD0T^z=nSV?KXt z3jd$)!AqTQ-2b7@`$LB?OuyX5)%|~%(z)n=GQ4OLrrk=5;e3@L9V+&lq(nO9(5ym@ z@&vV3C3}b!28^DU`oZ?%BcV!y%4X*Chgc}I1~h>ji>Os?a$*$bcEV-nv?gtcii-&AiKONB?L zSbrDKq|FMnLYQ_L{N`C@g%YHK_QBo+5{gA?zUV<6{86v|BQio{FqJGd5Lc&X{bsrA zXu=<6pdiNr{`XBpQr%n(pW(2ceZ}v~d_ddDvsSH`%sh;=-MwKC<-KQ-=YhHgM>Ks+ z-O|F-+18Hu4580Uw{EiTRWL9x7(#cW0KCY6XSz2p4t8)>$lXQiHUyI`WoRXXy>oj zC0wwW{sco=l61Qb(WuW(AokjGO? z$7G0n+tn9y@w(V;Cias0OHm4X!}x17Dq2{Y$K^1z4wdlMjjA^o;nro;3Q=Gv*OgcP zOuT-&%RU*7TQ>?0VM$dKF^G$Df401c*~V5OFOKX@((>6m+MM`oa6%)2W|_+R(uY&8 zCi@w=rmlzEi&0(B5#N!^-M8x#fozFcQ7TX#h3q+r`K77C*RvIddUzvF4AFDe6XaA>`0D?5T-|? zjB5yt(J;Y@O>r4-s%5c|3ZJ@1&1WWg*<>oAHdScJJk2bTVNc)OU~!~HM;$+3t=rf! zNK2BJG*3wri`94=C6JjUu*jH6LAWMOY4~SBG)kJhesJOh&;OD>e@ql?Hw&IlOe}phE);L@Dls%LOjJP7ba}}3 zE-{=IfqUEqNu2s+D7+vSW*> z!1H4)&@B25z-_TYzu3hBIF*;P>NbNlo$m+MK#b;s+rNPXjNpjGBo)i2^4|-B?MZ>l zP2pTT_t52H*NQ$x0gsb})9!ntr#ssy>3|CDTH0)ZY&vcC9&r*LyUjPYQnZ9@MpS0c zy>9XipdY2J6ohQfEh)o-1* z>8+dz@S4v0d`@-ttoOmE!(-`<(f#7KT_gr>rrHNyqt8XYx1Ls+Q40H*KZ}Odw^vO2 zEg)Y98cfa9+#0U6v%$vB?d?izuY@L?l8*^Bip)%(g#t1abPolT+}p;)yK;9%wfVsN z{sYBYD)FpeFfS;i?`Y2}1LlXK2*Bpc=i5yQN_!1`NPUt^o9`f!e`yZ{zuTN>^9LTu zspXrC(besj0!g>mnGQ>t*sZr}`Z??#^wPUOmR2pLm|Qiuf2Nu)@|FeaG`ATnS0rp- zcf1$*y+^}gzr@OK4@GSo1+m3?Si&>{1CH^`RC>V9y(EW+;@u-G>e&*Yg>H5lN_U0^+9~$S zY`M{fES%cVS7bDzk(TZ@hNVrHP(6K&bX5d3#zCbl!e+xx|6FD+oN?^pVkuu!{*}vO z>C%jX$3n`NFM_U5BrV=Rp z1k50?o1uk~f{R+LDIOD& zBOy3KhwH29^Tq&*!>vN)VvpJ!+R9;xd7Liww^(?0!DmmX6vL5hU5BkLPzef>%|dw9 zT>ra#WiC7R)y~O-NBXC4a4)vo-Lt6 z;O3&vMWhnN^UY%abk7DE`H{!T@`4%rKh6$6s#~0H9e<^!vL^{n^c~z?}Q{|rig`Nx=l(k9pZ)}mr z-Uz$Pm9VZb?C~(~&7yNTe>Z2p{as6NeqB52Td^;E`TpZH;1;w?>s76d$zVk9)%3aA zCq}Oiuuf_N7i%a-H14RZH<_sr7}w>$vQF)f7#Z_MgeKNsSo+DZZQM*hd#V1p>}m=$ zZj+MK*V>%&@pA&yubqiP$a!Qb_F60?(ZSQA6CA-^-T(bS0x>l7+L7r>aVnvwAV~Yh zkE_3bt)^5=;ckkpw%c~u+PJ5xE5Zt?Kut7+CnX)1sp%ND@EC_O4C-T{(V2pwVwFbK z6%L20Tyfv98)W(1h8#`eYbZoa8{PFXN*Frv7QQ# zVJw6hf8(&ZbJc&XSp#Q3LD#^O7(8c0c?I^1e)AC5=~o&>_wE#x6DyJ-MaQBHhL)(K z`%ONXqQZL0kzgpg8DWjf>f&LS`{_s0gY!b#^lFG|;oWilW8FR7S~{VdyQw4XkkOw% zA5c?lHaNWv0RmCy;hWoxQ7#_>!bF^>&2#gpsuwymQ#@J{6Kr2!%)~^)zgX}?*OkZB=S;k;qCL~a_jRiIb-?R|HY1$ z!Jo>XIG!$d?!;$Fn;fB?tyXkN!NEe3llM9qloS?|L{{7-AKxyVbWaC1ba@0kQ7pCa z^2>j+Jmjxbdw*oQFk|JDF09R(-K~nr#WYnNLVJ%y0K9%@KWVs|5hcaj%_D~WMhOGS zsn%7wcF|W9>g$owSQbIdqqO2mG;VS^WYxGc8?dCfdNl8#9Cu{&v_Mx@X4u71&_C5K zAJ9nQF_r3LXj$rmmBUOV%rBLaxrMF;X=xf?FR{l!=zHaaiUOnzLoq7SSiOmfBw%9n z4xsLmL=^fS^*BgZCKK|xGbDrSm-+Pe_5zZR@s2@ylzZA3-_r?7KjTGyH1Z7<^x;5!lO{d;Us{_L1eyl3JoUi8$9S>)V z%xSMVz+@gjgYoE;GK%Op1z{J|926X236&42y~Jtuqkw;bbYRL_i?DJ!#~N%ZtvA9b zWJ|!~jpyId#c1C_2T=7UCAw$sSJen_0S-Q2m``_Wd!9&aA>xT^G9j*=k=Oz54ujZQ zo3SYH?V}AAqdTLu-SGnVHz2~J$QsM3Gi|*L`pIBtE)Aqxr z5~rBp`ckqRDb}ayw~bu)(UwXsMB~dB`NTX`r(~_|M5tLX(W^-g9|C{9-2*i>>{PLf z;fg$;R}R`>u}%{OMY0{*u)z3xP-!g6Ql=p?Cq&5ShEHO8Y4pl-Ej{Ar)+oP3+Y;z_ zj~5jScbo^mY*C_T=?L^i@R4S}%V0s|*CsUw@GD>9$oK`0osa&hRrGY%q`A>Kw%)Yc zCqR+W+r${h>tlXe47c{d5V4O8jy~QK zxqeUr;>W?)v5I@oyf@cVINQT?=+_!y|*d3*kw`(ohse033d3y#s z4h|s1511SF&@h{^@OIkh(KNo(N#50VeM2N;M@D|HWM>CrOA?+f$?#)e)^;Vg)Uj#) zXv&hh)PcRfO0#kIBtZDqw%D4Go&_+Q4y}~EdX>PYtcHzzBGHpSla&uyzxPXj(b3i1 zNUfvU{x8%kRtlBkI*1fXBuV|`xxO}25>mm0m zdf4ez(tr^K#f2wE?V5Km2Sdxetrlt5;J%-+#prJJy!VX=;G1S~1i@;gg2|{XBoGg5 zy#i#xBALbWvxeL|y6)TxDo*o(VkuH&CObRmRnlu_h=HiZeQ6R2`+lOvxMRX%W;4$sgN|l zTo1&_oB`hF7+0_$>cU=b0v;GBFHbb=Fq!X+%xNVTxu?pm@KhfwR_&P>q>^Jv9lQvV zd@Fp02yK_I0YhyVv|Fl}--}R!#?#{ULeosAJ4dyR{TWHj&4|VUu*4TspLy>bGc~{V zQBp_jYxF=!U_q>~?<9$`%F!W?!DNnKmFeQKJxHeIfYUOAqH132!=6O!LvGiI_xu^l zM!+c%((#@-*X$v@IuEgywc{TNyWx#@)!-(M!;6zMfr zG`KFX-a=j^Uq4{79Wj=U8OL3UA2Xw|J6~z8?IfofJB23AY*uDIc|;EK&%x#Yp!Sbj zxx2)eirD)Jp@p*>Nh&AD{Buj{y!`1p@jCbJ>)kkS|Mm}Q3Xj7Bf49X};Vwr|3bGj$ z7?q%F9bBxzpf6LA;i&v=cbsK1AhpGn^aZ%7c8?w$5|jWYC&5<1sVmWx{Y*wrbqS*mpr*d zrA9X{T1PZbD)eU7pVMLwg@j$_j|D=;>OS6H?6_AP)(K@G1Mj;FIWAi*=FflNEy(sn z9_i)k3J`>F)ej&|_yTAd*yS=i>%1iCz6`H_zOGeXSZ+9-a<<)nZ&=f(%$uW4y~%E= zCmnk_E}X;b%dK;;l$kj!wZ-jduU6ORdvQ#r!!?t(vXh>fDOb6iqZ@I_xs&Q>Z;I7i zGNU<4i)^{Hf^_8di>%sW6O}XgmBBVPV}*KtnXk9wy$LAMJ(!t&$$WmP%SyRJZ;tKZ zC^fpV!8$M0&+&G%4~gIZ;ZrjAcd+u&yuA}4kS8sI_T{@SnzwKJsDs3B&(G#ntf20f z{w`tHR-=L^tKE$FkaTs5IL_#>`4Pln@gy zvkuBA^jgx6`UL7^@M0DvLvjJx0X1_iT?#AZR?t%lVc!p2F=C?=*!) z@L=J_UAM_PT)Ks3T(AhzRbOAf4tCyMX%^5&!SP-jCMjmpOCy?h?7sU-k}+0pP3uqb zD4l^A>Hn*Pmh0u=IIqza+SByW-fpI263uAJaH_HY*6|_iZidQTM-LM|28C419LPAf z)+dFi-%oV6yDPX_j$G5;Q<-dDAIy&^z&Ap_(wd*3@HiPqM`la_10um21vQhU*8c9+ zP>~r69AWm}ho3bSiKc7=3Kg3diX)p@T4<~zK&zy!zlwBxaSt-KvU5YL5d=p_Q^wUy ziBbw=PAbpvAiZGL>-OrgE+GR8I$22Mwj6_6ja1~d?D#2Bv9s$4PuPQ`k`>|9>qhzT z&@574eKy;1PIP8aY2Q2dE+9^wx0A1{unsM`OGb>1$Q#_NP17fwo_Vt&h*wu=@fcH- z$Lz5tF{lJ+%xE4qhWIJ_UVVg2W=LpqNkDF5v+26VRGhtqIWpRZj8)>ZaTzuIO4ryi z(|Y@=SV<_k7R+&{;c!@v=4(?sKsNVoqe2Q9>zQ-+Uk+GopYIF64n#!Sy>w+mYetPF z(UM{GGnDuzD^HK8RcvD`piBQ&lrPqhKwJ+Ki0Z{>F9Dx8?CN4k#1gl*N(ow5rMKE~ zkz{rSAT&m`&ttIhZGDgkyjsiP4Mo|ZQP*BUd#*;o zkc^0mt%K_h1^kHy88LI4SbUGtB~Q0+%CVGjK_ysPu~C^xR2H-}Dr#McEb@OWy0rh} z{cBX9YdTFeb}t{~@R17f?Qm}weIntUH!`O(+$&+I8zQ4LcZB8tB5v1!@6w6V8nb0) zwOI7ijCoj&8ObO6oGz??^$?RqR9TLbkXK%QR=)oM^KL3AVJRRLdq4syPfb@Z4T|w~ zW^ZDI{R7_H>a*zc5ZyR=1F9h@$e6UH@fXmL3ES*?vq7&awGC0?Vu#KrKx{9S&^%J2 zd!1AMW+yQO-}_FyCP?p2{sSU2eIMSG?eP_FC?8h$t2{w;{%$7E>xgg!Mkj(bU?cP}2!Cf*fiKw!e(MY}*A%Sn{!sPne}f>S;95W$)Ek z@^J~&S^wzp)8Ziy5EI2CI(2G+u(i*#FRdaHke!bTtSIMor0YISel23AT9%re;4YRi zn4aQ(TApQo?qV%tdA`|sV|%serN6Vz8=nD=F`mG2SwQt%mx@bkVoFK~6y zaq3IY8W3q`B)RefC+dL{Fq6lT#|)$9YM5%f>%?*av$RX8aTAHrV|9J-v?7|;HUVti zlAY-QJuupSFXW>%P4VSgJo>eQJaDa|Sh=~}GD_0Vx>qUe`lL9WIJDd%l5n~Sh=&JC z%Q~E~l4ztXba+~>Q0;$a8x}W$=SgO~rSNIAj=w}5%UWxR?x}(KhY^!tN`?r!-nfE9 zNMq%A-dZoP`iM?P*`-_7-fmP5%jL|KEnl5B%4s7@d$PVHO)N?BQa+a`VuiHX7A!)++HSkVam4 zV@|hp4`(YT8xsU8s{FP_WKA|AzNukorGSo1EFEN(Ip!?!f{154`)%o)W$I%SI2 zxno%4pgn-jJpJev;Ge}+Z6prhiAXKsmdg+=EO<*yG6ANz_LT~WL}P3~_QFmT#loXE zM!~c;3gNBYnr_nNdhCmTtrQw51U~D557T(~vjDS1jZOv|)f-FNaHLY&2 zA(vS^*g7S%eHZj0M48KW+~3u>axvhh*=>j!ya=!0ZW6zq+JqQ+eX?@;qO=5F3&2H6 zbAj;mDywL=B1b~8q`~9V9|FfA5U0qge9$2(d9+mgAw25Y|HUo{ctfZ6N7X~p*);h0 z8vs+R*yMurA?x1y!VkX^MK#q7y3M3r-hmC@Q?o@}zfN%{y{qcaEN=dN6xL%u$zk?p z9b{$fWo50li|;`;-g!Ql8=#A0SQ8}GdUe2ph`PFyIM3YZ0DWAZc~6`0K1(u|E#T<^ z-lM#K!YkE})@H$Yp3Xxkpnv?p$>&bScB$F6wJ1fAsoGwZtqFliyT;u;j{y#mfazYV zl2FSeeqI;s-o?c$=9^T7kM=OArga_R_m@^@py&ufVF_KpdQBfYH7(6Xl82+$@i(B= z^&kW3_I2dpZ>0HSVb8I0^?Hr-Xn!lyG`d%KiYVv{>}Ei8<_f)e&foi+KN8i(2;P}f zh<9srD>y7*UamIlN~X73*1pKBn=j{ZJTZcV8L~R)s&=$iQ&k@ou@r`O8A|2OkQ#hY zQI#rQV&z02p)Z1$$apCliSnww=Xd9@`E9-Y&I`*c2pq0Q+!xCNXRE^c6`aegxXtup z1c`aTf|Q<5UjNEcu@lKp*5eN7o{4cPw58BFBR7v3aKvdfo|00%V!>A?1NJ*Fa{T7L z4rhj0;+8fTL!k@=RUEAzoT*hlz(T9TdA!EW2w`d!l|fP=C^+$?4##gv=4?_;+Lr7k z&s}p?yWak{O2J%D^!dwlE;7s6PJ%xV#~MA>Uq~uUdPNtJTA)Hd&Br0x zHA^X!Y|%RVH}x)~Vx`6c*A&UOwDjM>Z$QWtJK=$u>#*Z89*qCxs!RKaQSA)!xtG85 zebF%MtB8+3k+vbWq{HCHl@Wfdhk$N?_q=7h{Sdy_-hu_KdiY-brvl~W5;6mgQgKyT zK5sQ|oE&Bn(QQLC#&beb;Vgt?CT%zOJ?u7!f~b3MycQbQ*T_ca!0>P1#vWJc?!4B@ zbl!ULHJ@1Gqp^4!k727pRH?WEWhk!87&?^j=&kEpAwUm(fHHb@?=_i#;;Tg2`F*nM z+w*lZJ3HawR5pI~>>KYJ?qYO&4z*Q#b88=w1q-R=VTP5WCn7N={%JG-HrdysCscAm ztei7evPmK73I5V9janl`n}r&hL|UbkFbcm_a0a*WT@Ss&jhtV+f@4d1!*jF zoNv>?hi7i@=fDha(RA~I0gJZ#sY9rF##=mEr3BqZtNR!C7N;6vvOdsTqMhnKM;(b= zWS9{xz?6HndIZWd`*O#m-%3+@*0@kQ(C)^tkyHu0lQS6xpqaZJYk+g1dzOl%qvnZf zs)&rV%IUNxE6pJPcJR^r?Dy~x!fV`vjGW}L}Pl4X` z|HUUXgAgz-J8>Mp{@p*bSvF&i`Ji6+fNGeU)NUnJkU37en0;b<9FH3LVh`7cz9Cuw zM^=_|RbS3xhIP`%Z~z0PTQy5f0BE?-?XL?Ne3GCu@4M^L>Ybmp5U^M(c~ruqcxwNO zaSjnJa>5sAD_h7LZumF~&(yY`7<5wXFid}*lls+qqgE`Z zcQf!%jd{~RGFPde9^uxLVImq<0*e`yRk>q@loVEf8z2}`S>WoA%jT9LwO(z@Pj;rS zjvgTRwdP2ZC08?OU;8-p%Vwih-rb`qrnAV7gc$S#Y%WZ1;?+l}J_dr3XW z)^NCFtnJ-pI(e8@orxHOc1=_gtD#;5KI^f8Ri+|s1$Oo4Pi|j!w z<}ZUkVsE#w`D ze(~u7j@`abx7z0yY(3t`7n42T)2>QsbR5W|t$vKbB6LN%oX`E*<7w|lOReruWo!nF z$*@e?9vbA;SGe9CaofhD-~mgjnGv+V6Z~>omF)6I8Nfi zsDw6m(nHM)5sL^KRKn^F=OLf~6CGnx6rRA!^zsS%bd%J`4ek7ij8jLYm@G*aeoR4s zb+#=B(Sez0t9OIbnvs|5?5lJzfMIbfm6&uVzmhcLN323cAv=CRpJd3Xwf%_~%q>tQ zN;htEdC+xI%`9!Y{|Y>06ZGrdxZI4YO>Z0u_7Xe^iOOuJF5Xg$J-E@Yxk5AhAWFgd zWf&QAp$G_oq;Dzr^iZGhC-?YzqwBo7q!yMf>ylBW^PayjUTH;4MnJJ8i-opsh;=!% zg&?M&Pt(0VZQ-1Vw`?n!5+)ow+A;r zgF=Rh;Sgc@AcBhv7I}{!`dttr8#bA3FS9+ot`F!Gwk>f_2O3QJ#B(jKgHu@a7855f zR!%#ukmK8o+uU}(D`pny-&AIM1J1VbVs(QgtM!|cltu2p>b9D0NkJ%!2w5`tM_2I* z{hu_I(yK^!##Dr1hA4NC?3r4f$%xtWA?7wLdB>tvR;1Nu(qRc`^cxm#W`(7Rv}DYW z303R0)RA}ek{J~BY-`o(Qun#IQpjs5Rkru^Qe8c7P4)%c#E%)h>D96+d)t}v!exjnfG-=eu_!w zi6_jiLZ(Ne2uK9T38wsiX&f%en+$*VYv?ooRX<8bw2(YfjJe$CpBwu|WCw{5_&Gch zmWyaP%-gR&%eYfT!DCu|2`;KBN;=zHNYC7kBX*FN2YXwnul8Wuro`uE%+u;VR2`W3t($Shx3xOtf@QSvHh1L_B%2(mL*rs#dM1`NxehcM9{{g`;fk zKkCC2P@P<|+`OCAGXz3%eJm^Il;2-n%=0w{<;Bh@5z~7Hq~~Ndiqq8#gC747;`pty zIUzFfO3|S0UWM#=i;U=l#j~vj|9+`G_NHhj0xXjTX;R3&L{J1a0io-RA! zx4%ANNk>|e#LgINY_E6S`?lop+qOJ#9TMg4TqBGtxjuQ3o#-BUr4NT*RuKcno+R@y zxmPCt#KTpUtynwjBAbsNE(G)@p#kK+`>J?X2lxGgKkq5FC%`B}fj$&*M-FYe6GEp5 zx10U3tC@G%^JsGy0-$8u+8)`v4Svxa|7))US09l*qClTQs$HU34@eTI&*j2FpmO(W z)&FTgn;g8+?9;jmxnYg903_x_Nh}!n6%Ss+Tu+y1ZyL2}-vHhTd0(bH`#dllxay0v zZ#O`vJ1z7tFxmLI^9*?#C*7UmyFG2^2?at_EmxvpR(O*VHtPe-`$H~r%5aCV|c=gvkWv6};@5X8ucN)TLyH87fw_SQYrn@5=^jUK3?Xb2Y{r`lr_q z=QQQ4%wN4p{~6h%?NjA38KqyR_;eb{e?I-?^L$|-(?$IJ1@_Y!dBND4mfQ>xSM_F9 zPJ>%%RN6K_LRjOpLKL@{B+0RPDrP2~qb(ce_eN}x`^6F7_VIl{qOb(*X!%UIeHs!t$3Z8FTA8R3gE5toTZV$<4`ICHN&P%n_M*~9_^wz%N2qUU#Cq7= zyO-$l zZW{dV6T+n2T7PI@Lq7Zv|D2W5>bUX4T;GK-BODg+8~HgPzZThGxqKy0U3@HeaAII* z=dxLf;)BfSEdnV1fyAUO_q0}S&#co%ucB_5*3;bJJ0PbEcIdhqN~H6ejkB4n0IVP% zb-0m4HK6}F{5~yIs}EY$wqAD_hWhbR9eg$J7U#N9xnZikD&OncTo3Z_VN1XfdHBG3 z>Ym(rwyS^s8&6sOF;sDT!8qWiY@yB+v0RNGxLDNI#@GJb4NrcgU86^{=XT5tGnsM8 zB91d1dlLU7hTW{+#7PTfx1WU``K5TVeTj}v&UCn}Dm}Pz=x8q`FyLG~MQn=_tsv@IugHEG@Fn?P5`kaKc(;l6zsDelkt8@}9y|2Vm?JA5Lg=JX2^puHpq` z;azpgPM(-Dd=96}jeow{w=gsdh$d#L?Y!$S@Rj9-TpY7@`CMHt&36fN&L9z4NKHPs z0LBc*Gi1fYF$q~y*m_8I)m5MQd|@u8>>X`GulDe#-Qo>+bO@4|iS`lM~)5nOFN10nJk9bc0`Fy627rQCT1PMKDk6TGs3GwgnqbmqfQ)m+t42@oQi|*Dc zj=&-=Gkco)I3tP1lOV#mFKoL!{+(z5IB_+{y3@ z5pDMLpj9y%PRp@Z;~d+DF%%+i6KR#XYn8342E{nXG}k+yLNeUAhyvi1lNDNMPJcS4 zJ7lKdns%;??02qc$DVGS;SFTBTmMP9xIPVdpj{u@7v}6RJWw01y;xpownapZFR`K^ zU`q0+INb>7eaCS&K2cOi@OW{Gbo3yQ+(mntQMPF#kJwz2X)AYs$Od_eSBg?~q~dDa^eTLh*9B+Uo{#08TaQk! zc=FTwF`+`@y1T2cwJ!So8Q3wHT`!Zn(rRn#UryJvgnp;w>J*ZZaUQ*39GBC2O%UDf zfBL9wzBjQ(OR8(dV2yxsm3l=)yC@S9)6`_UAmx2?7#|`@wKavt7!h?L%J!Gn1hkZ1 zuEh7!Ve<|0rLEqcisNl=&VC8*Qb)0r^e~r1^RX3@5hnOm6DBbl38CdohbB9o)F#nAFM$`?)ks_ zLLV;26?YPzL-A)oLhEVtutX)gD<&emuHs6+xh^cnZaRdW9wS_*lISqgZ=dsXsq|Jkia;741c{hKskfcTR=HRNr+Q z@ZS`?P&^W<CkUHDL8-&FCKf% zl4vbfKp?)$AoT#?u^Hau?f$4DsLi9BpTcSgeN%{{3UpG1<^L-7S{Kalo|Iz4djLeQ zn^i8y!HPG(oI4!yiD?}V8VFKg0bQ%&qxB}Ry-=#R;?f|G{hb0HU&;c8&CEAcZxQvd zK6!cIa#1{}R$W?Zx}Z<8=kci&Bt*cdqvGa9?%~c@T_{VuN~5t*>_Y+JAj{bJ1u01F z+nUAv4GYCwe@VGmNRpZndS0D*((+>V`4!|dAfPf-7;G!G@^H0B;TNhhLv-QTb1M!2 z0VXvCc7}bR(9^^N`eK&D`D$wFfHyg61hF8J{qz2t{_Wt2?5dqU_lrf{G^@+Sb#e~+ zxvq78eKx#fSN)2s&i{wJw+xGGTeF1|2o{1{fZzm3umlb665QS0AvhEgoZyh)?(Xgo z65QS03n<)*f^Y5a)93Efy>IVxe}B)j{;-O*YFfSXl`+PocRqIX^Lm&7t%k#oTKoDu z9w5=X(;MWImjf7`*Z7Q|vd+vRCMfLRVz}IH^=IxhEI|^8?N1nQR-cN7Gc$1wG#cd? zJvQ!W%LVlOYt6OJXayBw1@ICm{%0}~z<0MJEcbZV1KLdaVeV$AQV09zNyKI9b;X-1 zU(ER@gHkN_x1JxDcM-Nu2B(LVQS>85YEhm5FlvSS(-YUpHnY#IC4Eje4XSxY#oIDy zscvKm9yCkiw?RvMhxr`J19cydHlmbr92^Zs1I3nhR@M@SK)V|N*qz_oS)QlZ+}~GN z6LD>IaciC})S`*7;P?)L-;d;5c8dJ|a3(*2*MtR85fizw3*bYTOpkTuA7txyV7N^@ zqeQ!RNIa*RQmB#wfRr*0iqhu&?6&G53yaN8iFj|eNmTN#mKtp1H&1}Ab@aXf@9HsU zmGzpbWtb<{@1|jODbT1xEZmGAHZ>u({9L|Vi-U6^eew}RjSHLRVE@{$%l36|d*FM` z$cs~xf;!8o!5+b-X%l4blvtjkBIkqcvd@p#g=eUHnQl>dNhX!*(j@ryTLmLPRl)Ny zmED%%B;xZmM|Km_aYOFG!bLn)N)&H+G(fU>&*D04(R^QW;seS_4i%4l(6gE=*>P(J zWj|(F%u=GgYCfuwUM}S=U~a!OBD~mx#dA*9F}wBs*r-A2nSbA&#hu$i3Pdk*t?E>k~65mVVN)wx#28MJt?rS&GmA@KI? z$!?kXl=N}anFkT5`yVV$1XG5zRHfXEbyI0EmU2ZrY!{q<m?jx5@gYkqSAqLXr771ApGCp}v zS9Gt;!xr=zlfdHKh4=?Nw3I=~iLEOp)3BYyO0rK9Crw3B@y`cA?W3GPo*OawSssA8 zk+%De7U(Z1is~MVZp5$V3g{7kZOERi{r z%|bzbl&`RTVEMaas_9U|8M4yZNoT9TiA#(93dg)yEk?cyTXGLV`q+0$v6oPlsV%#S zwqp655MDi7&oK}uZvRZHp4CN);b)12FBpb}OZzY;x6hDAHq>}Mc)ycU>n;UtC;3{> ztCEwI+w>?_sygT9buapWxK5w_8h;v)VhFlV__i;Qw*P)fmK))YSn;duj z33xuw2urhW4D!LGX+esXj9;eBsVKHa50NPjF<;*84-$u#SDz;zdMQy zY#0&iH5vW=%;WEvjN@W3eU<%_&q9Ms>s5+2dBxWsoO_y6gi6B9AIy$EaXD@m;bB$! zhKf0MsqM4R!~bQ3f@~tX?z~Aze`*0;rEb#>S7-8R=G}fMFU0$&m*R#)CmmZACeXp0S zt+X&u+nGct&kkalrPLNH`MPR8YwdAZN2o@?Q)f>+Sz*;c!Km)s%9aN`v*Rtj2CqaL zj9I%T!|#$7t)>E$!XGHlzI_M4>6(7z-K*-<4TW=+hzAxlZgmTliwmE~_Co|Dk!Rn3y+D|lIn zMHj9C6Yi-T6l&*CUf<^`eo=3eh7!vbt$v@WgfSb!>}IkAU`stG^0N=U7`s@zUmIQ$ zFxlj=fRTWYyw-0b%5H`!w8|-HM zvvN)^Y9;>CX?G0#YPL8*PUvk?usbF@U+E*H0hM$oz zld98CB&?^ZqRVx(0Uj2@8kd{|5F0P0w7c!{Cem{!XSM-0U0x}FJRd?$s~Z&4SNW%M z`2VIYfgIEYu+u~(7Lg^YL(+|K105`CF0o6vk<8eqJ-yfe7;*uLHB5usT`YYr8ulLB!kpc4J zcVJ@*HDh`?H*V5Wd40SnRjl-RA9ApyJoAoDW8|^nbY)|H`AU2?tuYup=`e|8GC?lMWF4cwN1K_rJ{4 zzjhJmNmtI1W5GV{zx~Lc_?Lgx?EiVs?}!p;mMfR?CC&aRU2EFA`)~jDBd-yV8D3IxwEiXO?oX}xXRFCu0XqE;-BDcFzoB*T zpWJ!!2!KQ$gq5oMm+taEm&c!GB}NyZ)DJS5hxz=Wuke5A?!SJ3DgGQT{AcJ$#s3`q zf42Q!`_s<^G|M!RRZQUTB~0jW`s3*nU48+wDBo(R_8b6N6k1ej8XBz-^Uhwe^J;7j z+yV2Dj=%4qB14RTZ<)(w2nN}={}R>!Oxov4%e#xc=vxuMSZ>N=k^KGG<|tvt^5+}6$23W&lj@o|912QaZ!J~SDoa(A4zQ-%oYjB z)$kXQc;=Tz>99XevCw8(>hdXHDn9hKXE3gdQoJ+b7VMAy_tT*VN43b(x!lqXD^=4{LT-z_3f-KZoP&Tr^kz&X z{D7RL^xgSR`5cFLq_mVKZu5p1u(bM0Bl!Osf$-<0%carPGG`Yx_L6~xwb`jpvia8i zol;%Vn@?5x*x2X;XIp(@tbTt$<^3e_$LFf&AF7p_6e!+l)g}G<{adrr@}pUE1?!V` zv?L!Qprdj%JkI>Lwvv1h;W8K`BNMUB@m$pWJgwTUzpuAfYCtK!Jd2XPs{a>0mLBd7 z!OM_n!51$zxI)Xavh$whEZ=J-@HB1@7-x*sbu=9OKgrX)M2HJUW=ZBXl5vPlN_VVAeirzWEoT|dpjC7>mJRV;0p-y5VY|`+#uDTp zWoS2;%-BsD?nBEb{l8+CLgf-VW@{`RWn(|J!^2<@-hb z07p^LA&yJ*Z;ju7IRTUOF>n3EnkSc}5C7gs|5rliPg`QvK@Encv7Srp!-OZ*jp9B^<@07vips2OIo zX-}|hjnPgCd4r_#KSlzx94=(|)chY9j2t1skcYfKIdK2SYm52*;`PfBu#H^OCoup! zW5w9My;(7t_nE4aXrOit9jZ55uASLN9$#FdTG|gls8glN%k*L0A(;aJ`_s}T&w5Vo ze3>=c+`Dl9Ih-N>C)cBj^Jo%IT!<7XG8=FZddP&00~84hZxU z^?jitK%Sflpi0F8CG^h#9;;X(yKTBuU40ZhFO-sW!v;tppu0B#aE0$a=rTZqh4Y={!+?=KAmGMYqQs_Ao#82-K@L>-_`_2gX^>#CqoABY-I5_E9 zl=*ky$}cSICq7CgDxVWoOypYZwRQo?AQqm_l{GXLn41@hB2E>0_VE~ovlk!;i{mykKNvun zQW81Txt}Q!el*Hsv!4~!bASB&PBEuRURT!vP#)TY$*yn%x>I6C6#um-|1_&;fP;Py zp&m(Nm&kBGzhlc}LF1K_Z=kgOly85Y@6kt5@frt*%675t$HA02!0fT7vQiMsBN$y-wUo*w|KAN)h&XW=|PN5KB<%ycIwyhZZB2D6JuulUCe$4Ms2uG^K&w~X z#SB!T(gA3*ar68`q?`~r(F>sN$7J7j7nR2Ko$e1s4Paq}2KVf~{ule`=ZqqHrCY>q zJvZ=hhiW>Sc6WZ$bavpsWZ&Vj$E5Fd-2s|~I3G;rKQKkt1}MT3x}7Y?7r^g(3`I`D!lb8EZU8YM$2mTXFrOjy z@Xoma5*}A>+Z6}cjHBV)=xAH#Hys+xD!Jp7M>R264Ik)wa7&)ooa^#-?dmz-Wn0^I zFD91-fEgB9sh@Mk&`?*mS*+8fkQI@ZtC|4u*Cu*?(aC0SzLnO@VLs1+AV1@ zHRqMG*-ev=)8q)Lwa7ENU3ad$GQ=XQvZGUH(65$4eC5@DU(gB?@O*fI-z=t-Sz#8e z?tNKZSRSVOUfswdc6y))NOSy$wRwkZL6ZX%39oK>%4L!#)n-je&dYw>@rtZfmTA@Z zz9JJCd5}$G3v9ESD|PerIQU(dKXtcPP=%x>*3va?$-12zEzsDqaJG!@(+c|e3Xk7% z6IauuM(qHadARF?R%h>v$tp zs(rk69S5GpO8Ief_?DS7V|QlB%q+v{tzGvlJ(@1o(zRxhBhUu3cV=(pp`>2cq+FgV zdfqNoe`tMac?|s4&DU+^=)lvJzH~x@DP_VsKG?6eP3Cyu07bOwI@_i9BKqe;k^+}} zXSXQdO*el2o(1WUTq~??SvhEiT-)XY)PV}ULf`Wx!!>QqQ6PUv9nJ6P8-_N_4ypAe zx+*R19B!ex43E0kYxTG&aGZ%>p|)S07U&)AXD1>iw)R%bg`@&R>G!$f=-=TG&I{+& z)&4b%o1lrg=c#$aa6USYVLJHZfRJ0*ZQal8iVIxEO=v}n%{iIc+HMEar*@6xr@+Ma ztEcH7=X+(O<(4A^l!&D#Fp2;%pmJY;x#-0)g`s>rnI+Wz=BmYrOuZ>%?P(pyT%B{p zJ)QNK@1w=3f_V}Wj9gs_nPC!x3wlkwKk@5u##)rDrvuvURa>3Q3%fLqlV3tnxO9_v zYCTDeBnqDag!Q!FV=&1#y5I$2(NSQQqN{e)$9Fz zpKhJXUU}b8HD_IT0PKy4XI2dVr0gr%Htc}cRYYMFRUEFK>J;L(!D_#Sv zXpj5k#5D0t(4#7SQDCRUn>ZWxFX!9uJeQzx`a{XoYLK3j~G5WQ4_&=H8q-Xc2TBpb-47T7kwkH zB`bh4zBQM{@2#J-nw4>REfV06;d3vR$*e8+q1*UgVd!R!m|;XFMp1llzVpdtG^FE3 z`d!sN*gkkDrjf6+uGlZ!Rp00C3d7?%xi8Nw^6+_UT(WhYJcM+Xz|lE#&5K9aIpdE| z_)i`{3dGf3aR!V5chgg zPHCwWDgx@Quq<_7^E$iuG)i68wH14Qa*Ru@QrO|lo*W<*AfPcLNanp?hmZEDWyWhu z8+=a>NqL41%TfjlT<^oqCsE}!=SpY2N0wimGkG5KU9F*!!5a2@gxV_FZ{impCQa$n zFh<#Vrb9RM`)_@H8Z(^ojU_u9Lwv}+?OLTzTA+T@uE|?-OF~^lW$c^KSguF++=FL* zFj!$5->vH1y6#%0_0qVWh_Z*$EjYlXfQx0P5U4mlDU@KWXXfV(S5Y-Q&ildjHvV+lWt zHXuoWUY$CNy$`vnvx8I+RNTn5j2U<|L+$0GVNkL?Zz%zs*W0k0JAh!9H+JmC1Hf*5 zL~GA2T<4v}KBH&fJ%rnD-x285r(Sui0yL-P35Xsra7z=zl|)Bdqh0r_(9Hh*31hDY zdCP79j=uY%+JbN7t24lA)*icdC8Eo{^4DaOl!RBD)MCq3iq3HR1c_ve0k>FJ*4>w6 zidjrB=RH6Yctlyt3+wY5$x@o{{E(i;03ztx+96cOyVIJ$n=EaW+0<%@%Kd)Jt6poFUc0zmTXCa>tC8>9+Bpl=?^v^>kMfmRXi7PMTCRV% zHq@x1F1fr40Fw%v9{Yu;sNe=GR+|j@AW%$Ub3@xO4YLR!iK}u zL`Y-VXb?oHt+=D9;!kJHuWWfTD_c?2H(0eeXOl8WmM?2i-Lyl#^ z)shv!&|CS?sMhrO*;1gwYBsO++xQ-N<>%GU1gfZJ##A@vgDn zf`@&Wv$&%D{v}tR*LcAKJBzm2a1x`y<7K!D=}`pjy-->KY3F4eYB`w8_wfg`bS?<} ziE}d~)5Pzy?g_s+fc0m$?5o7F%{8y|iL>C}W>m}xd_{Wc*i`{WDt?N}vpWHCwm;fnf6~g1)ZuW_e}qp=!1Wai z9tEs&O%1hIu;^|hUzO9zeo z1gVBE>v*rWsg&w0ut2KwnTgE$8%N5WJ9_m}rq=uwg3td$NM@XZ^0LRb{ltfjtoP<* zhUz!**8^)l7Hj*p2GtDjL#$FKU8Xjbil+0${v!(-5c_5Moas)O>13UzbaU?0v&>ll zcS>K`ndY2Z@U(KH2^N6f@+Gr7rLe<((g%#JQM~nP2%konDv*n-I@Ma6TdFrSYo1DBtR;0*TFEIA z^`|+Bv7M7(K17SfWbHW?{Tci?I+XYAslTcc@bldE_->?Oh=fBbSSWoGWRo;moL9#=$;zMy z2qK8%x4CyFfV-mwL-fmU3-5StD|jH1Ux?9u-0r4gnQ5#YjDq@7*sV1nmY~$(fydy8 zS;Uo0lx3f#^2rhx)Y5cF@Y8x-t`OlE--T~Z-#QaF?isULlN*fkEBcD5`S>*KFmb42 z-}T!MmW3p^_%csO9&Caf7sm371*gr(ylKYAdOX5MPjT+m1zyDY_q%1u@D2_Zutgoch;1dCF4IGmGKjCUAqJDe{6He_a*yaJ9ExW(0t~WWD|{egjXm zl9)cI9Z%>Nk$fl5N(IXKEkUbgR ztG=(}3|t|*w7e!Ad6qj@rpwl}6GGt-*=QgoEeKRt) z;=*}Zhwp0)$GSp>4i;vgO{LHR(m3y#J8$dykoJL!NNvK(B2*3x4=M*G-X%1la~cxB z@Eg3NmPImVcuJ#m#n|>$17z#|2;+z-r3uPRp}y8qYNR+({`Mzv!LT=?bHMk=#FJPvJCYAVf{qh({M zR~c{uz&n9xnfqRksa?kMu2-2-6na_S<5`r9$75V$kX5rM0>M1`r_AipGEhcTnHu3X*84^8-dz9#-uCI;96Y;7bOlC7l(@$4}tYi zzc5%^d1{H3rtv=Q03fq~&OfTw%;mgSUO1g*k8(;h4FF58U z;XTg#!d=s?Af&6E-LLz2Hzw2wwjw9V#5E|tU1BuMNw_><$d zg~k`mUu2A0u5~|2-&uoa1>Fsi)5Q00wyjj{<7HjL+(_<5*UCj;KZme?K5s?b7(pP= zTd#NtMGFwE(RZiyE9x|hg4Eb;q|~4~Pu7@7`42Uma9<4l3Y7E-|;jh(K zY_#5tXN$DxLToQc!mOY5y&mx4JF}M5j&tXaGrk^zPSQ&sS=AAHBpa+RDKH9(KuIc4 zd1*1VR*A70@#l)5wy?<|X*z})^I%qLLAZapvQ&cc@$9CwNCr zQw5br)yp}=rR~9rwGPMV2|&Q9Hm9pC400(tl*O-!0IQds^`Mz@n1q>QEf*L&Q=Q~T zdYXJmp6s50RkmLj$UZ6LB8}YD(aVjjzcEe?L>J7!9|_1HJN3eY>Y~d1mfIh7{pc~e zx!f=Cxv80JBPLG0x9d~FVbS+QL8qyI-Ar6I;jGRI4{&C(d%G-Ug4%4Bz zdyks{{yu_~iSyTDdRieq(nkv+;|LID_&M*xCQ?-l^#`%=-clY&5q@=Uk`=MAIM@ra8qaMnd-fuzYe==> zXu+ju;A;}z+FK0HqH;YDluETp@-&@nY-U&Xu$WQbwgFn<336e5>V`s64oc(&I4m=K z??z&x*4ja?#UrWw>Npuh`5(y2^Ao|>~DAd)##-hZ}5#Kbe835!U&b8{Ry1orbSDKD=%#w255IYJu zv}qKVkQ>q);#aE?-_4Ih4M*HrxzO%_$GKGjW2szP291hQz#iF;%Ai#v9cYum_;yQ|i#u%_Ylv&FGf z#$}C=6`bw`p4XvUXHod!*0^g^l$at*G>B7p3=Ylu@l8=LB)|U4#q!2aVMi#K=V6=d z6krG1?glLyqY-64ydr6VzrRue_@viMY1=O6AJHK=wps!?Ofw`vJ^%8039=BYE=iR` z8PVn6_!^~W=jv09V0d&ehBRH(w*n(2f~Lxoh1^3Ak?->*NQIv>5m(JTp|!NV(exA;SyAHu@yd?&+$Q?@aZYh`Jjmk|Eks z=*OF_EfMizgo}cZ&|JXfz@dC^l|#&RINdzf0u7EqvMc?aip8C_fhQq6Gw_I$8b!$Z zF>eDiQa_StMj4wQ8LF8h0s98F2<2IiL@_MW3AlM{gCk-rzbAKWBf%>!+EFGECY!?B z6FmC8ZuK2^E+PgY;banOCCBTHcaZ^@*s^K7D^YquNvLzb_yF0haOuV&2V->36{Bdj zsnxJcKCn5`m89TD9k=K@i_9zv%?7F$YVzJA8JUvq*q<}!ap7nJnMLQH1^NdV>gul) zG2eU*4f{}118R(Vsh45!dgbMFRH79F<-!p;at3bYo0r#5JL-N_`bjs|xPATedG4hF zl5#}M-I8t3v%M-;Jj_+W9Ns&F>=Zw90D12DZPlM_orxtNc?h6|8j+c)W;u!at-P@%Pza`}x zw~)XIj8J48W6T^eDh918hgg&9sl7DCh9(X%jX;O!n&T**k`idhzPUuH$toHoR*^fl{>j%BpLyjvqtcWauTpBZ-llF}o|Kdp4$qwWre7T$93nb614%EW=+Xj!wXTWzM^I`N?-c7N;JRjO1DOOs#gx7Whjfv-CxRupb-Psna9ATe&v z?grxXj98qJq^v^mQvn!1zcDCW9{|1?KjzD!tGE}Hjc%4$z7!-qnc!YnE;4Z|ZZj67p58ug5zJ zxgif1M~+Q|$T#9?RslWh!1=M8qNiH?kmddznnKcBJ-i+_n@>GA%pCz=_%@+0*7_## z*Ar=dAH6;kDTI6oGP?D-L67-vo79riho;rETd$#$ONW!ggvDd%@G3}5Z&HWmIX3y9 zuKuDIbPQ6v$%%5#CT@G}zq`RmKNChKN#agpFi``@^W4Um8meEQNxQAM6fQRUb{@zi zc(Yk9E3n&O9+DtLx?9MAjP}3NEO4wer(lbOGDG@5HLdsZubYZ3TN=OosG?QH)e@^j zL^+|!YdhG4nK-uot+y^nE6v$AJw!$;ZR@S{8rw<2&g%}?HBT~oq|xexl11Im(DzMM zdXHy?1>J{hzK``DImvetsP0UIjr z`_&TAV7A3BCyA{P;vztVec!>7O89z1SFoSHF}qfOjg&?uAr(D?zbaan$89Niv07eM zZKj^sY3?E{m9~AP^Wp?bk>N|kQABW!i9yQyrewDthRYgH2Nt17U=iu+0x0n;1vL&Zv;^_E}l2oQ;;#$Thq+9{!n zd711+C!v~}iPP@_Lyh9?is@=QricgQ>%kMT8z~VPqWkQLwW){~^E4X^)X}Mk{zAyX z30Bp+9WW$Sd_GFtF#?TzDLh#T%#6lKji@Mmchj&SA!oX=*FV&yI0Lslp2tRoCXw?F zx-6JdWFsk53iv#U9FLE|ADw>ZOsTXL#|@@1rZ)TV>sxsf?5*#YQ`w^SV zJ4j)s&-6yMS`iF-of0+hz-^NFCRN_C^<@T5jQvdoNiY1u%zYD}jZNfY8I{Hnx%TSk zJHLZ#TWwXKc8*pVHd;^dle5+7oDJM#)X6InrhDI<340ma0-4Bg@tIl$ zogZ4i&Pxcii%lpNe+Kt9#|O zKfnxDUF=F-Y1K5Ldzs(wmqUC2UA?KWogv@mVR80!PV*L7PS>B#^zVO41u}zq3_|hn z+ixF)XJkPYzbIL zmt~H1kWRIwZ16j0CYIO6T>uz)W5=%8Ikkn_diF)@oxwuuA*Azh_Nw0~1EDVpmd9~m zeYRxZSX7p1qWrtQ|EL8_g<*%{riXnbQ`yzL*koAl)3}l=Mj#d;(I`3gjCbtR<`Fno zU?y7NjcVe~WT(A4-rP-Qr#cfCDX;aJ4tE8@OYm%k8c&10>YO#l>1Z$ri)PFpkgT?_ z5B4oJQcqOaxvV8v`?B$BXI<}i^E-Dj3YYW>38fzVV0x&H{!>qM_l<5SoLu1siNn$U z#%{XmH9W=hUzhF>aXPctKRap7kQWf`GmTE!HhlsFEtnx+B?HE{G0U3NbV6`R*&Rbm zynRJliPlD9MHvgBODNfq6J`{%C8o76vXjm_zIE#^T*Bbwr>kOfGgxxU^U(RbVK2rq zKDhggCNOSXATCKIc8s=N1iTBBanHP7438>QuXI2jdvRxmIaXs)*wskcMtscU(ADOf zIBWayvn>x#NqbOO_mTy5kL#V9?n!<>s7l9{2}r8o#2A_;DjG?91^V&2L#RDr z(pqJZKDW~4BQlD$N~bP9*V{jB7=LUYey?Q7>r8n>azh{2qrq5RdVpeC#0g#dYT#Tq z5);vLoo>a_+4Q=;RKgaV-S_sh)Xba{6`}dcT_ZZxMnRZ{6Yw`{TXqc>cDc`qT-O;X znsc#RUG40LT+GLdpjG(AUSF(CE-RGN2kcU&lltg-8|&O?tE-KJLqfw$_zEn3h~AR3 zjd%0U=|y1n>Aup7`!#+LfymW)asDgDkA`sbC+*Dm*}QV=b4U&!s&{@5SjVm0cMoAO zs9%~Jwjxexvy>%~&>UGJzkhqVA@1J|9%o&giUYxNUd^q-I!#@%DEv=Ky&H91&8slp zbkcMCxy9$XM|>ILN!^{0z1MJxr%~qzM-h|pV#Mpm6XQmAT>;lc1~Wo#PuxN6f-Rg zYw1cbSng{_duu8z^uq@r$N?Cm4Am=Q^(493fTX$Dcl`8sTNy-HERIgU!&GUeDY41D zwrf$%iNCx`c>98y7x{D1S3RvasES&3!BIIA^62aXt(MuCZ4kfuvTzmjjIq=6nPOvW z9Bw$vv$o(3O%#Z=(W#Njp5J1F2m-~#asKGUpizcjF1u58_k#(Ii5l`BnLThWPcN8$B@ zL0UL4ATCDXbk~3M#2e(cDBJ$mkd?glx!VPEYd9leo7QYEu}gw(ABI%gJEGNG zdc@1Sbh$q{>t0z+FF(R&y(;bko)PfV*gfV8j^BMc`O}pp<0*<>y*soM-72uU<4O52_R`;;Cwu3=dzdw@F*)Z*Nw@WB)SvCSEf{{<_v- z@3$;;&G)HNfNEe_cs`U z63Ds>9WLKvj+>qmI6S#&mZ`l)kRaS)zk=^L1jKyCKp+sBk;$eG1 zV5HkxCr|!9&K5cL6-MS}(EWEj`k68A2enUrBR~kD^?3HOIE656y2Mnu^(ei&i@Z%f z?6r61bs5RPQXHp1!p#xNgPLK7U|@_q#=%9cMo4=wMHz3KT=wxZQm!*OKK;(Aun(`+ zQ1v!q!Lly{VmNFbgk2yLYaJ4){_-#+!wF^M5NO9u%Yn&b)oQ24=$pp?w1qzBU=(AkU|tGzTDb=LCXx z*pSp2a5)7459>H^+(SQpBVlaqh?W!Lptc_-xCh?=na+4W>2JH*_M1Z|`*~5|br<%4 zT}QG1$^&fn*p-x3{Zk*(n2P+Eckj)Eu)>cwim|P%Y?tIJ+D+mbY(-ws;~NgtW#!i0 z;69D&WGXIRD6^B25j6EqOtQYX)DX5qo*3>QLwh>iKZ*5 z0EfKAC6h^JFt zLRQzDk#E)$&{xf3(ZC+6EF&y9=x8NJ;d33W^Lr2v%8(LI=3=)&FVu}JQ|g~d4ZPNN*=6J($a)b20bi3dKXcqYo})8IPtzO@CY z9W8jcnOzktSYmqPw$~)JzB}T*CXrJKl*tXoP?N?-`W0YDq3?Ycbfy)+4P9s}G%o_6 zpQ*7|H6*Lno-Wp8l)%&xBZFz+iU?|Nh@1{a&DE_Gj7R#$-bW_!QKr4s1n zt$(4_Sy3FLh`vHA<~eseo|kIQp>)6((ewtnDp{)`{nCvU{@!%A9&~7YjD?CQFN9h2 zjpR$9*y+AM7~d#=^f(dJ~a2;nM zY6KlRX~Zw|jC1#(9iEf2WWhH9SEpsp5?8GstdCB+16WE+R`f)=>61d~j)Rd|2b%3x zHrt?5C+v)-9k5yJjvPvxzINa=DnNXriUb-wXRVbhRVd+g5ZtDS;)3?!&@j(B~|d@G%IZ zMeX>L*J{lhJ%amdWU2+0Gmo`7ue|ZsHNLF02HWTP!CC;%YIzSUgAB+olQ_z^+_4U} zEs>JzWy{S~6GTO$YCHQdo_;wFAq#+vpLh;S+;j9^k1PfhB15ZReN>ZX zB{V$UW!%+ktcgU2lD)4^cUVA^({>#E6YX4=EB zu;(~f`5^4Nd*pHbLEB>P(GI>~Wqo*iB$cP^hT(H?@YdO)vP|D-JFbpnkKSyqxH6I1 z2j32_n()x6VJ#D^(NVq|-wlppR+q{q{{mhQ$Dnd~C5|^P!r7)*C?cDT^yX30GivQh zZJdTsc>x3-F`bDp&Ps;XxtHggiwTejy&&V@x65p>v0EF=y6rD3*MsL7sUusTRZ8q<0i28ylvtO`eZ#3cCb*2g zddbVf&9^i4fJ8Mzg~RD83N5m~#!Ey+DX$Gd-H|ZmCn1BH&8_HRr5)|k;P!?U-b}9t zKcahg-&U(%``=3bNW@xvt+Ly94&hsDOhrL;76}qWdfT?hX8({ig2b!1GY)wpDu;a= zT*8;YH=k9_eFpw=bswibO-<5^6MUZFdz;Y$8*LqC3B+eiMTC5Ik7?1V3?$k_Et@jKi41Iw*fn8??Gldh}am|u?`=cuo;?LF6v(DU9w7{Zz(6gK0Vud2RF zrzIy>B*b4>MTfQGTOUJUbSj^3EIQw2Xu##i zFrX5mjYhJ}EQ%Rq`~8xvjgZm(aRw9eVVx?0NB-9BYnw;F5+?tLX8ePe_D(za=dhHuWqT<+5QJNkjp4eJ{bbFToS?7AJR=TraNB%`EZp3#T}wRnA{x>jqiYUrTlt4!=#5$vr*H{x?y?g_4W^TYuBLhIOWR= zRo*zhT7#%Vw?h!YniNT0A;t3ds**-^^`@taS%%Jg$J!40-ehw`UR{^tX{C|mr<|i+ zxi5B@*mk?id-d+;@4f9iD;@0DH9D3bnm?=SuYu4=tqPFrb&7V!(zD6g0@_cP{V}5r zrf39A@49g&vuHEe{D(WQTDf`EHdcRsshbckoLjs5RAOGTpvVn{$e{e#+M4i*dB?z4 zS1X8136HSeOr6&3axLw&ub^N7HTx}B-9;}JwTsH9v8^EAY*ZJPlBRJQ-v@@yp{wiv@)Ga9PmKCinC2WD zjUUbH#S&c}WThV03@4Xn=bXRv=V0x+cT7R9oX0`ArMq3b*Q;~lU|bUN%9=)>J>7lz z9_e448ga9=xnpgnM|Sm;S;!1r3m?)2nB^jz&bN%$j|hI5i5)(vkgHYXpL!+#R8GDv zyQT^eB_g2(Oq5L^K*PO8WoMM!O`_>TqAp=Y@P>PNd16sMijU|ZrPF?v8QB5K?1X%) zn-~kX98j#jo&$qsM7{TYrehcB%!`z-&EE^im=Q6pe5LppiNqJSvs!wC3z9wQXL3q` z`~B5oXM}0{W5h`kuB1iJH;-|WqeA{Wp>n&i$pieaU@du4Tu$DYOkOpSNKFb+{27d3 zTCYtUSmz}U=T=Yuq|D4)`TkT;wh&%ZDT=<2Sm4V@8k=Rn8GxX{ETGGWrh0LN!WOE zwGTCF4I9o)){M?o!e-rP6)gS3Svf`*3*OBxf0ryrODRq4#ft=NmVhUCdS6^b^j~Y? zJt5(!u=jZTlDAVErhvQSARnx852&b{TU303P2=$?ym7VDdqTu@mwWm-$POm&A3L(!<;JkneK+1*vZ)hV8!KggTpF>{@^c06_00(BR<(^H#?0NQR4<+rgF=QdiSc`=}M zI>(`odruf#(9WbNWxdXpvpnW^Skn4ZgJ6Om8lU-mVnTZ^F5sEV&xUc9O(XfDaDZ^Q zQFf8FU--rq3ku(R_IdkZUHgJSXKo`j(Nl31UTOS8j>x3J8B#T4!HVaxaZ7jCo_UhV zelaBjfWYrg?)?MGb`&#F)O_RfRWKpgyVsr5>_(e*Bm{u6*vG5erM~YgPSs?!E=J9j zM^we>RU7>E<#iANj!z%Cv;dnLb`iiSmW*>+MB(D$PWd?r;L!4NzypjKiCl{*-ItqX z6s7{8j3pD6n=eycCL7Jr$Sp&-hu(%$_toP=;V|K+*?6jWH(F|*5RCuzRF?MvWpe9!ow~ ziITRRIPDO=BrwXU(bw`SCX)F)qZhHLQA!LEvMJ8OH8k0nB$3I3>&VoSYKmQk@oY1^ z`%0{zd}{n><99|=nDd3x53~#e9xES_0~zuMs=KNVCelq#xrfh3*}8`+(#6lYjn_)z zuMrzk^xe%>AD^avHUNLPPG?Lmlz!n&eK`!$cUq-;y19JmK3%#g?oORU`(zt_TJGeh)m4rOwIvaeH*1$??VO!6kJujFaeal#$3B>2 zpv~$CEH;!l#hdoq15$V0r5=D7PN*i}eoJr}l+9ZR%V>@#G80J1vEI=AqJ1H>_!ocq zGsA-~t}cF^4~X938%<-gCDoyc@s0YE9>jn(e4-VcLw2pZ^d8NzVM%*Xg( zerZJMC1eQ+L?J~MKQJq|#}&Iqi&K_PZt^qCHqLL5!ecJO&;S+f=@x1T8u-Z;QxRp+ za1fBVWcg)+g2S^Rx8gFhZ3mT2qWjA7Qh;ppirDppy1{Omj;qtCQjN8 zQK_fOBo*>ujd|rUywXv=@1?w0ntrN;#e7`sA$9ukvj`3eg3_II4S1fCX zfiV$&tpVS$iltnl$X2tuW^})CFw4qreI<|&dk4#F>EhF_1#4xERo~s@iA7{cKZP|h zfMMuek>{psckm$tQ7>}u`AKWhp8LUM1s{YG(EtVz(%AHaHtK_Y#%q~r$JA%VDXZ6Y z>QnIv$migZIGRt-h4#5o3Ch$vC8#BdC3ygL?APksO>j%D$vLP&2ymxU#bO%8KN{lES2K133Rd$`rAq1F5? zEvR_xj*++e6U$cd!iYZj-LfHULN*-tCg+vGq?-0-lb;qCiJc2p4xv@7c`+nPVJLquUiC1=EDD{+_2dG*&I0$%D_;b?6*NkFr_6 z58P(Gm-#B{C5>xLe~N_~b$zyJixl2?+PV4V3ms*VSFGGkE6hg9QrkFzl*td0(O71m zdGNNV-sP#fJ9x8#P#Tclg5sI5tMjh0OGo*5b2OQ#H})xYg?q( zf3E?zMb{UkY5&&gfx}f{y33K8k>`QqRiCRh6=i78iq7KD%+q(Vs(xuwD6e092L->4 z`m8j`&yWITw`D@kR|C_8gUAQ4xm=2~XRt*A4h@@ll2`h`O-y~_`}7}Aa1 zd?#edWlOP=j^ep$r5%D2?R$H@yx-B7Pa{4 z>AoOXCPNlE?v06@eMge7<>(cJcLN*8WiEjI7cq_I;0v*|Xm-i;!2o`o^6$#F{Kc0B zVgrSyq?c8{5Jrc&dC3B`_-?c3^&4LN=+q2r(x*uFRbdv0(VMBPEa#?7yJcEi7pW^faQ53=Qg=qY2`Ekio5 ze&cfcj3I88?TAP$eT-}{a=5|vY;bKL*F06yt2({wKTyt@qqPt=M#J$?Vo@6smrF7z zszU7-E-L?m-`x8>;OTL29dGv5M9c7%i=ymy>*XFdh4vPIAAZZwwbSf8bIA8R7hXg} z!Hovy)Br0@F}wspPl~ex#8K2q`VH%`Kg3I%?1Fddg0KWi8{m8qrr09rmDuZ1J=9C5bP#ZE_1d6vjpheo zjy0f6q4%;uZKE}`Qc zew>{4L?*9#KZEu6bo%`^KM7#Bk7mR|u-FN=?^P%OM^3)Vy15GQ<5njqSPYK!6m4w?nnKC16$o_q_R|h|H(5Nw zEPrC%V#aZQPG9{Q$kY6A+ZQ#m&cn}ZXmY<)Ynqn94a|`Xukl8`CBW$8-TPJhY958s z-|kDuB1n}sA~dpT?XkZM1}GYMj6Ktu>j8?a`?YQMoI-0e=?N}h9>-g~R>0%kXxm1@ zSfuS5*y4u%Bz0sz)X3q6wFM+M>o#G)A~k{{(FY=5(ck{S)+0XUzqbj9KfgEQelJav z5NawV5$g8IG*rVR24}SiTvN!9x_GB}r&Mnw;bJQ-lbQC}e1+S(t4uV%hpzm{pT5*%p4K&}Q^0+Pt0r_A$ zzA-DhI3%dk-%vsVSrfG}uz(J`8-@IJtA06HoW;8aJ-E@Tedw+Bp7l!8uYT{{u=OTuf8y0iprDsiHo6AMx}J>_Em3gYQwMZ^e*D(S9ac~2?o+F$in>f!DX2K&eh=o=weu2A z4pK2sGay-M&0Vu?`}I1HhS0mK-F-l)im+8_`v_$*$*rl4!hdALDWA7o{-`lv8;Ovf z@fCBOAm;TM))&ZYj$_gZmjg@@1*$9@V^y_@D6)VSzZMYG%EDy(IAylyD%!e_w8?ToIzl*hf(Ut9<$rgd|p z)ddOVKr)Fp)tc%n0B4dveM0U^SFrGYqHLhwWLx}){jI=I&Cl%S)x+<5NpFy))XRO! zKh>Oj*B_IT-)XI|t@S8{T{WxHjphhvu9GR2RK;IbBE11Th1RqB{Nt@6EK|v~12>oN zqMYPrX$nzp-O+80Fq1dH+`nGX)5f-I6xVEudCH%P`i#BA_;){tK!Npnme(aL6P!Ys zx=b&~P%TeAYwrEX-ulTe?5>3g1`xH-K`1Y+NiJWqDO2w`osCbd~Pn1{>uA3l6(rU~7M?;uL|xg19mtO!k6t%-2=c0=*_ z)I94~y>+u53%nppR(qRf;8P00ZnRsLIc~XjA#gyv2A-iv!YwiQlj^lM?Qu(g4W1qZ zEe2FE{Q}NRE>x~s$uQC?(;>|M(ObK+IwxcQmS%sY*S(FA1i7}+II-FSp0$pmM%5UX zUsq|qOZaWRc?xO#h_OY37Ioh7s{KRUCnXU5HnPfOj<5i8bRvYrALT(D(ack5%l?+> zXlHQ^oALx9rzp|ZfkCAO#Mx@jY3Kzn6L*6#0(hq$%6jg$E0Wopay>dJN*X7&X#&E#b{RnFel;)4S%&->sLNT|J7lW01uCF#vpJih$a}%%Seo|-U*((xh7k%DJ=2} zz@cIV%>BWN%WFz(r~u{kLR6$VD|sycbSDUnrU>>dRlN1)bnfHT-}h1pB20a1tFKXr z>q5`l<^jb!m5V&~haY@`91WHkPEOdYoP@n8wV3n15W$G!03i1Wjv0RH_YJ}ZB|ZN( zDn8jqdgz=tV&Hc{798Bx=tqqrOPKnj(dENOak}18^CW1u{q?F(3;QX?|alPMy z{F_AY&F8{IpyFz<@;I6BF0);TVX4u?|bsqZ17qYF7W&n{nF` z#}=U5YSWqB@0MPv6W@lz0gFhNq8sklDNZZRj&Z$yXN{dO6p4lwA)ED~sc?u&xJl)T zho+}`w*rA*u>nq|<9D|X+`P&n#a#PXfVf+Sg!EyDhr?Z^8lMMI`Vj99y*BUpdt1j@Rg?+HF?=P}RSF5*pQwg=U@?309f1j>eseX;_c z+dfAoD>t?7TvPg^qRX2L7M*Sdi92hxWa5ss=OsW-mTgzrrz~hTzOpaLh1Q{=Pce6G zwyjrrAhCNCS|S@a4{Uf{l4~?8+3S2@ANa=$0|u|VFuCy$)F+zs%%Ys9pXY+HgoZvE zD}FkG=Q&Ib88IcCT?+U8&_k5_Z=7HKGFcd_Pp%|Lhe zi9|biVWfG-j+N*wr-(c344U=@5w5~zA}byHaIOFbors2Sh)*1R=JSeybfR~{zZqbm1YI4 zpTA(#u9rSDym)J2{%{!95|=}YSLF16~<>a6d7{ADBrF| z;Bq z8ITwtS;F>!aqcz1f)Eu9LRQsDmQOab0pB|nwr?IWy^~Dz1sb?a%2Cd$^ROx9iB9)# z*t(Z45qj_>rE1E_gV4mA#UjtRBNZ1w=hp0Aaeu%-Ipa#bl5S5|tL<+sc1xeBcqAhE zh-U84B$Zyr@O?gL8*r_2tXASNqo~Rbf60Bx%KLh;L6_8#M;-p2JDSg_~5xH>L+ z6z|-dKU3Mf40-n|%Jz8{f3&bAzLYe$((ALWMALBZPYBwXDjB7COpg<`>pnXAG^}T@ z=Al*u(EsdL>)bgO{(+aD`aoWf)Ql{V5gFrkmXl}q(LID@{Oyck%Tz2!$%u}sWXPSn z+fe0}pd_px`@w2mHf8YMV$(n51c*B$@}P3w$*;CC+ljR~fuH4B2^WXWfe`+1eV;~v z2o1PGYkvd71`Z6OIj=bJIR$uWPoNtfy1!11%WUtJ$ED=|=E`_17a*w4wY92yp(H81W7@ z1qq?LGM0UKJPOkL>L`ikgw0I~j?)WqGjscCt56ejGc*w!R_de9f)J6zV}&{36n43?mgeab&klURpuWggX39cgtO!g zzpcz)w^G$#=eP8fFwXU&=DEMT3wXLE)OGWv5f{je|0jlNJRGWuc5-x*-ovqp50|o& zq`I>32%$l=o`h_H6kEr4`VUzaS`t%g9bP4*{_PwH6JDLXkm;DjDky5CxpcIzJVq1& zy*z{K!5Ht4;K#QB7OP+54zhUQzW zZFl9+$ajeHTJ?Yw$19c9!A?{hA&0N5L&aC%+NcR2=OjemIn*(!cWBTG=+>9{{J;=i ziT+Pm$D;8CeI=FYUts!eJzSXWCUADE^`5!MQ>B)XD&?wuZHcVoN|P`m0!qLmWO1Zo zrOPxTTY30Hv3rQ#<x@>LX7% zZY=5x=&(F1+547)P5=A(qMos14dxSfc0_BJmxTAoDr=PXS0 zKz&Cg-6q6-zC@)Wz`4-#i4b#60_5B#%pOqrAsf%DYLq7uO$LjSE{YyAlf|rS3mzgn z>QPq`F0{ZP>5CdPTVfni`J!w`F{J{U?K&x}+-SExJ-o^*X%^y&{dUjYr-6pbTtrvC)v6s!b`7ARN2{V zk1>1;b4My!=A>VBe=V`JJNDn(C+3 z=LvPRWBWEVS2A_EW;UM~br5+A2Yo?#75c?p7-O*uS`~R#-E_{$HCtg#+s;7NH^h*u zMufRV(g9JLv**!mMy{TRl_Fc@CT<=ei)k>N@?52isNmNhm6$@z&?C;N2DvTY&c_KL zlb);;Z>}fB##<=>ZBA&1^++=ImlrZeP&L$y2h8sP=zX{3@DBBGhUm=F+uatbEGP*g z^b{%`bKJa2cTN)$q)00rJ8zIJ-i>g)h~XdL3EtrC0rGFm)*6f{vVo@jIX}GY&EU6n zh-^VzMY%dN??~x0^=|1-phZ?tEmH)^*tMBx>02+FT8wA7Q=dUz{ftxF;G!nZ3e%oP zfC_c#8gH#sKO2SJ_cX$E{mK|*;+o6X&P;TOKc^SS*?p?CG0!wx3oS+SpM>A(roI*l z1I$1eBgbmnq*YUya}*TM%u6t0{@&r9!3}bqRWqMRZ8Hj0+7ww=KYZJ1PpdR(fbapu z7>)epLx~3^n5SmDWlBuwZaB|!lsYHD$Kbo5wr;aeKi7&;gw>eUVprxx1;X@5m!DX* z#1;z22f7djGHXC6A2M~@+tG9hjS6jpRxE8)F*if-Cm;0%(jvalYM+2*7mfV|-7(bK z$NQHh8Uj}t&2W$eiymoqvx@zv=XoPjqQ(4g%>B z5jfFg_ymd>jT}3nFi+qN>>Nb_brMO&Y3;_c<_vbxnW>1~qDM=jLUWA8l;VkVpRys(^Cw{Oj^G5pxKoxSj);~43+Y_H!5m; z2br9r#www=?#=Q?y)#tX$QnS+HF-NJ^scZW@~DL1{Z7{KCE8>a%IQn4DId?J?@}M< zLFz5UUK01G_x5EbVLygeG;9~bQ5E8OvhrO0hvE|~IFA>KJ)05b6ktq|P?bPlZlSZ^ z2jlq$&ZkGrQPPu0F-@j}m>#cFf5onB@F&8;v6v7$Q#Bp%5Kl6M7M8Npji9 zo8RtsC+N_vC@SL$0svOW+7Sgl_fyP4E=hU~haf0$oc;k;Pl#0F;mzo%d{j(COV#a6 zFi=%n>rCbGZ+NY*AF2*XLNC+VJqkv$d8>VDdiuKZeo#f;sCGlwHNi^c29Q7>zu{47 zy5Qa|>b;2!=+a2X^|69cRuXY{{&9yL)R>;n$6ETD*h2oY+R6FBXIn+SLl>0z{9`g zP1SQrCir{ zR&rrzIMz1FVbD0oGX4Z+2T_mdM_4Pbn2}S^AR;F$twdgHR{(WU8?>plgs+L0Y55*XZH zgQq+qqoL+tw5PsoA@O*5KXcjw4sd&iAk;Nxkk-`{aFgbVCfK!?%@Y+c(QI{dk*lH&6bzDTPHMXEu}hH_~Bg^1gK>a2dWQ)PU5PS2Y`FUSJ>Nx2n%=FKxluj9Y@npzrO$uhBMTUb_wP*9iISp$IRXehh=d zGa+ATRyz%RQ6Z!KMvno2(nFQiU4D=)jrY5lz_O3D98`Ny8{{|UZix$ewiwT`oIE^W z>s~mc3390+-$W(K3JUtzB28&My%9Pe{ENas-Y{U-9tft%_To#dqaFgU!X#3h!yO;q zW{1EV$feD^L9TQ^o*5+w0r>Id-e6dwf+IYNv`M>k4gL4IXLFFQz22JsK!=$ry-Nb3 z+z;ITY%aE~H3gqVsvIJNRuFL_RXml_j3SwOh_ z<0-VT;tt~AIKUqq_EGw$${{VT(b>m$lXvcmsVbKTN*~wTp!Ha)ztsD47Xdp~!4yZ? z3w`+BAV2!lZ6@*okpjV=l0pc^Q@W1Nxy`cmn0Y_uhD~4fw{^?$R=FQ9N%v%i5|ON&A98c`iu#xlje9|bKQrkoS#nE(NP|(xp0z2=qO;$VLd7wcbCRtOm4c+raR~Dg z=IyPdbgZnhdCap$ayPrhD0c>N`jB!*U%d#;goYNY&SOAh_bPo9hHJCqNnA961m)NWicXyzM`0(y_G?~@0*Sj^0+Kvd3m#yQxnYccMy`FAY_&K**u? zE^8ZO^#>x=f^--w^8hCp@JX4w!ZWUvQoPjtEK7xIO~$kLGdspc008}HbUfF#XMP&- zC9JXhPWddmbx6z9KtT)CA{hfBVrbE zs^GJu{oSQ>>JM1ev<%!EhiRY1k~v()=;lk;X)W-3FSjRcKU%(3;Z-josw45n*}yWv znj~7^b)cP z(naoxAKP;z2qLYI1s-nO{*KO8_!rk^^M+gCl^~sXD)bkmt%(rAR$#BMaE0zxxVvlVCT*o52!o;h6ozK_D%L5(7 z?dB~M+8k7vIi^zTFWJUF(u)@Q*osk0YTalC-fY?ec1))zXWGMSAb`e5@J6SWg{c6< zM{v+H+jli=6$e=@3now1rJI{0EY%2_8rQP~2*WOpm2Kjgv8Qgu*E}rqit9R*JmRj_ z^A2JW8b*Osza3ass_laaYW8{*Y8&L|R-kqj_n8X+(?ndB>OIvfu}}u5r`yAb&64JR z>!6>ru0>xH1b=;ikO-u2O9K-<5MG`M4L4qL%2Y)pXR0e>B~A*ClNkq0FAV6?lb}Cf z)*c*AW>-ydfD}VwP2KvxK{w+fhoYcu&-%;aFY)_C*{aaf8OG`ux$Z(Gp`xQ+Jd~B#tq*U**!Gg%N*zp) zgiRu=&d2V$NA$M$5ub1rPSP2V9*Qh?40`;XC&h*k`$`l-3!@h%L`6HANwY{%1p#VP zq%aaMzofzCRegoic1vWtMDeKl`WCCZ+bdJ@CaL4EVhDGz8m}Uc7r`Yn3Mq9BaWUyL zwT&B=cjD?%V8ZCHE!1XZE-z)G=Ylp_&%3*2Z@DY_JuTz~WA!VT`awFdU-5Dss=Gc= zazKsOJLDT(a^23r?&GmA_W5UsN(-zi{teTM>5>@%Ym2i;5%ofIFEwlv`2o9EFg-Uf z9|hV0ZC077nx;J)P%+FXc8ip3C`N5)%nmCO ze6X!NVjt&nv=9A^utz1f0?%{n0J;fdHFd*EJzH1Kd%iF?)Yn|VjmwqG3E>Sp>Gz1+ zs=F4ICp>O5$@8qZY_dS`)#1$dRh49k)RjZm&Tcoi{rQbLEb2XLqu< z{4i@Lf*ymEU8FFrHiuT`Zskr{Kldt=NSkNmpOh?`ksE)I^^%dnk%3p zcVlzo>w&fpr@&J!SAvcbs_+ZW&@SM`yr;N$gV|+EynFQzX27ofl-Xb zTLjOb;mL#+o*s?B@!=8KNp!C^ACnvHec{ESC?Eke5~@SBZ!z~q=&|GRfVm8&Lc$}N znufIDy@h`nc6cb|>#68)4|jcNzZp5Fv|X9Yvg>m++g?smh;r+-x&0ces~F|wu_dzi zH^1J=hmDJenStX~H1j?|oE5kX9_zjP*w0*i^kllv{=%=leix?$*84v{i9tf;mEEZZto~#m(A^v%;#wxluvrU;=}_=BBxN z_i_vBGdS5O58j5!txlcZb~$40pFVa_(yIuc&x@=l`KtL-9*l1oR^H@sx4vtr=WODZ&7SdxDJ(X+9==5)oN&6peEIUTUw^TZ;_RtGz?5;A z|HB1C%ExvC>HP5K9{!b#U7yuTVcCcBYJOBK8g8R+A5I9jePgYv@vQiUk_4MCRPdDg z_q1Nlk(xhT4Cc0N$m74krL3LqtB&qppl*7Ab(_cCQxyzNot?ul%lm)7cE7LE2UdXG z_a5ya5uXX1A8wq5>rMg%3S^McC0b0Nwhzh;HH@!(A&>q^b&>+UIa@!@AJ&S)=w#e? z7s6Kd{Y1!P8EhBMv8+{16d-2B_XavueN;4(1ejP0sN?vyeSWcr!jf-?@yDqPmM8Sv z73Znch4s4$VG(jTlN(S1-&QNC3Efp5j6K4>3^`~fU$l7gy;UomhMaXP9|O(0+f+Oq zc64&rHZijhTQ{%4>(y@;vT-k*wU%O|tg0#J4!3$jj?;D-xIoXPy%!g4ecb9NfKnDA z87L)RiBi^$hUZU<>EI$gG;!IM+uH6=&;?G~XzCkr8Mz8p%}Jd%3=0qiIqyGoL6%)@ z;KDZ_BY-fQjmJBIArs-Wlcg?=^^d!nNoR0iVe`n-itxM&Q_;tg0BAi^q}W4;F7>+M z9r=YJO!B!Z5^^*>?WGiqYP8?Rigq0AneoLuiqw&G-gW^UEsx%u&Ky0CUnZ7}M+eX} z1R23C&4S6Jg6{ouTeZ;fzi55_{NichjAaX{36?&?&2g=BYgdpHCZGI(_{X7_*$Ti! zbkA6`Tn6PQd+{i8VHe5b$;wNsl9HY|a2R@}!N zL8tnHV?R*!ssT5*I$<*dW3F&Cb#Yoq;=i^;1{!ntFOis@_mOZ>u_yPu#j-EP1ig&9 z1^gc@AAQFx#1W-&;cm$-D;Bnw;*KphU)~W%9;$70-1dEGG^w4Oee|R0E-wa(8o|A! z@yeBq5Zt(T*=teXpEuSug%}WHY)q#HnesWE$6r%G^G9GAfUoxB)9TrAonG1zPn2HK`WsDmB2nWq$idaAV70U_N{Zi38(&d3#?~!;>t?By z%qwb?jl=0wg5k0Dx$bA;AhiOwrR&Sd?h@e@LA4(Ew0j?K$Y|W%gL3yEFwEZHdUhA4 zgr|$RHno7KWOXQfs?FJV`Dx`4-CB&Ot2N11u2Xuu)wX}=$NeL0roq+nL?YAW#c;wqut$s__%Q>v7e z118;8MgyBiTwD%4f~mO?6;{_#;d9x7o(#v*Kp0-UiSJBSw7rKjB*9e6Fs8d)NVnyy z9=w-|1ZHse)gQNO>roMD%n;(~ndNwTwL@EJ@Z)q8z6@7g(bXrJV$Fo!i`p`^B^Oxv zj@(1ng;x)z@T{JVHOwly;tK%N?dwpMu4%71mMHfGBhi5AcX)(kqNIqzK;sWh*xB^k z9DtqJR4#ajukX6ET4dIzjQp+5$VcQWgbE-&{vlp+;w&1aJ~HsCIKS;+B9ycgKOPjD z5hWGBDp!exZu!`KX(IF5ckXPVOMSTm=M^A_fgGf)b{s1pp&fEb3Ff96L{n|cwZs!L z#eIdJhuP6b(D6MUFRkF{`N^{i?Q=@Ohhkh>M>S%p73GTRRoVX_FNDMx#n z@E9#b;=d7G#RR{AF|NC3&7tdBqv%mNz|+^e)10+_+k&)(nZ<6+NeNgX7Ks8*^b2F>9ZE{V4->j-RjQ~rbiNc-a$mkYM7ogwh4=uA2Kx8Ls?s9& zLf4p5M$2_^bFccOGjWPh%RfGa*L4lPR3@G+nyg(-B<&q1_(6=z*M~@T`fIr}>3AK= z(I^!muGi`^Zhi5|E&OFvJ8cjE-s&cYADE+q;wXjBl#H=F5mq1aqnbgfFNH3C0kxnQ)Z~=FJT9zVvBb?m$dr3@nVK^(nr<=pnDE|* z;YF=T=$wcP2YRJesQ+8Uo_k{{kzs84HH_M zXS{=|!IMdmhe@P=6xFC&5ltXjDK3e+FAx3`${$q!`Nz?dNW$j)Y-eu$XMT|U-*LMC zDaRb|3vcBZ99wMEMJBMKN}uxPBfWd9fiw2gtaO|dGQu-$P_)=LqaJvh9Ez|;heu?{ zv`lVEcKh|$8cUrzGgYLwlhsviWhG2{d`c;-ALaLloUMNb_U6<56QkhI@`Ha{K7ak* zIDw6ziZ19%f$C$CtNJbJNJjS+Fj?r`pJs*p8U8c>r3LW6?mZ|OcPM!V{%h`E;)@0c zpp~95<3#$ONumG+K3%CbLh0pTuj${$^rw%2Z#9vNaDU1xKdfInT}Y)X+upKd{pbE? z(1TbW#ub>0gCT$V&p(YGc1>|$k!^yQIPhn3)(y;s`4U&ETI$KJCG{WsqIv`bHp850 zdE@?Bf#ttMw2wZ+Zv3MoyWiUXtuIT3h1CM!&WqzE>VJr%{~FpK zVYQ_YND<{*>-746{GC7V{?E&1cJNo)$+eTBaXE++Ht?^j#sV}Kb5j^#2NBeu6gauu z;2*9n`j68Z6fGOrJxP2~aryP{h2{T1s8T^tr%Y9kYY%h&-{1cY$NJ}wRO7fXOzU_K ziDvX);^)85_Mf-@>#|xL?AnwL<^caDx%oeZ#ec64;!+6g{muon(dPI|;QaR%|8v;O z3d7?O6jA_B)BnE*Ji`Ku%bAl>=eT=Ha;hHog4e~r7pT$q1+_3sP&zn!7~IA{O9WB;YQSN7j`?7w!N{+){dmHY1B z&)9$MN&W9W1^zb8-sQgWjDugQ}rEAZ(|w2%jUqe^~r0i9Lz|HOJV+5N1V z>*uMSeY0!!sgeftuT1v;H1UTO6I>_DR*LdRC1e@hDY~X!te2q}A;E@73qL zPFz@7?uJ=j+G)$rx4(Wna4(C2By_*c19^Nh{GgGs?qB$2)U~#9AtCo!1&Zx$_~;|A zekH!iROZ!l;vr}`Lm$+<>8)(PblzI2mqZ_<4l5w8?iY-~D7O-tqR|*VKKr%9;J0E z@2uMWcpHaL;MaK108>-!!AP}Nb7sx{hFzqT=wUy5dD|m<^t&f>Un@c;@3_(3m9{ker2KSmYc1hxvD;fvFiz_K|T|~ zBsh~N?XAp7@8xsxfk$P*#&V68zK^qod%%Er-5Y)7>Zr*)`o?zE%DcOoHiOAcorCA) z_Lt{OWeq{QY{FEX%~QZLDsnLaMpVX;%A{0U6)E^=Xm=m{|=vRD@||+42g<~Nztjd zP#BE0Pnuh`p0#{kDw6USM|8M9`_I3B@qa&3@xj4I1-qhqSB??SD$L`yA~a>PD)g4V zQQbcj&YV7?^ITFLlepj5Egr{8~;TUu0d=ld~bw%-i_x0a<{rgf7 z7t;?FE9`M4HtbjDnhJh}-Rg6@p+dtoK zt%d*BMzvn6vB_oEK3 z_>M)+#+u-Le(#UbZFaWH5=o(Jk4KxYJH6K zeZJ?pot+c(;}Ln0?~&dyQ)rBKv{6t{pqw^gD*9y6@R(5F4D;a}G=t{NYNntMxWH;o zYcuUq#HER{$P5AC*0klp6mA9N+nwQ`iLXB*TS5v3rr-H4@YwplKa|(B$R}oojtq%5 zjo$q-UAS1oO;9aM9is)0vDl6#8X=#-I;qhN?iV@WG1Az!#2_=2DE z1%G51Z2w6Pw7~k#-0McJ-irfneLX2lF%X-e(zzFdkz@TU~@7ytPvr0Sn}(Qda+65wY!nyLuv2Ga@q zti5UcK$)nPxLW;$kdrc7tUNmW@dDa#>bl+gdguDrdV8^(RY3dZDa)q@^`B1e1CKk!RhuuF%W=j)1B7wf{CTPQ_0c~m7DA>HApX@UP zjpbAOWyx%D$l#>>W{~UN&~Rwi1gO%%Hc11_$((36Vtl%nYycEYkA$fc+dE$@6v0W((ofM&C*5^X>I8({c2vF z?#@KZp9WG0i>#U*K7D+5XO-N+Z<8W3OTyCVH7f?^&UJaW&%pQvCKoQ;z!u=4B|e~U*E84{(hECB)A#Gj*CPE{Q@ zyB;av#IEH%<5jvIZchd#phvT{zq>s*pug(tXFmM8zPmLUYW@w;%9UMySGZm-T$IMD zOFh|nUe^Efrw_~G?NRr5oyfB=2gW;a*vR76q=oXq=l zA6uc{zR|gqv2e}BCnrkc1X(Vo9ARxXyDS}q{~wanpRQ|=Ei){WEH3aWHb0%DMP+@X z8CO>qdS<0~^s~QlxwW_>h=Z+SSFbbji1Q(d=k#$%9()Isjz9rHw}oT7Wjm88ncQ0}CMK<_ib0F051QYf zlpn?!tcu)@5;be0kURbld+!z2WVf!3iUmalR0IU2s`R3SA|OpbdXe6XK9AVfe! zL5lR=d+(t`2#QE2bO@m+y@k+23)!!0&pEHT*Z(c2>ttX5!FRv`A@9qm&v?px-=jXH zADw>7}i6Hv6f@&xpM8o>W%6eSZ#9>_?2K>4}WGZ$xvDGGp2#|iWWoDa(`UMmd~ zVMcn_$nd*H#*wp@z*+=c2Sdb)lnyviA8OlEVyF?uFRktlU1h*m&2&Gp)P~@X>?Xml zttq_fjW4ZEF={AMcQc82C4sLFISLfW_k>bHWiNP4j&Q8mJ#>qPEM=Y1adt^N_J}5a zh9oFIC){c5T`eY7oSts3R{NeW&DtMKY=n~ak2)JH4jAD{MqcIM>w0C08k64H@#wkN zrW?o`{erhPCY0vWJZ!odF`O9kb2DvP`FT2diFUTnJx&jItXpg~k60*Kf9;Cjv?(esae}QIA_nMiM&VIhXm`y&rJ!$xL1B&%txDL%zV(?y&S{=^M zx9mw8ExJuj%{s5L#Bt)K*XY*3rB^?3J!I@j=FPkt|90a4+h+QA`&iZh$QX{NJi%;A zf{48jzLlz~M;=r^Uv1t2&x+8ej{V5?oz+E?a16y-g)Btijs;$=*}jW_$_p4*VpnL6 zUaqm^s}fXW7go!(bCiD`W-uFP()gGN`UyAo^N1)Xl37DayFngWl?Ti8Jf&Kh8#}KF z&*^Cb$2R2e2=;G=(1+6(Q}s3O?SoWuZAYK=LufB+mcR8m+RlyZ=c8M5+(;M2upE*x z4%9l@TlbY25B_4JThBnB!ANWe!l_8h8cMaVVL5!3XFWY4U`GC?GhXYa8l?u5oCWf_ zmYoq&jngQ7ar}aJ{!DmwN7q>Cwx4r9AO@5o=Ajx)$!X`PU93aux%+wi>HA^JBN75u3&fOzlX2^H4r*OeyDmT0^enxHS4(aznrjd;*+^Z5XTW_QR<$SOG)@Lxu zRV{i4%^6#z3o%*bX=GXgvONNK3b2lgr?rvDlJ%MT99Vx7IW=#47vNm&40+AY}|+w_H#Qao;8?N!GolMzxultKR5t zC(c%ThD1M<^Ea6BS(k_s)?`WdYRoW!PY&g|D_Kt`)vTwkE-1TU$7H|b_u$tV1Z9X@ zPQc73Dp%IfFza$;*)LZBwh>lFry{BCYCR(s2^?OWdL8iIS+|1Y#d3^f5C0n_m;heT z@%{Cqx%)H&gh)wkS%1Wa%hnGjXq59G92V;jB+Ulh->Zf+6>77j&pKH>lICc*5Wo+6 zk)bhkks7r)600nJaHg?#&Ti^BhfBVH{oAlRYx`3 zhIAB#P|w3GR=*DCTc}XwkM?_c+=zn>2n=RNL55SuQ(z&k%jo7A^PqqaoG&+wKbquRlTUZJGSPU8c5h0ad5 z&94uSmg@R8N5zLvydtqIF}{1 zG_~<)*|H*Z6LbA36dQsw z`~33*3+#yQLlRBP^)bhp;&Kt+g_XzossQBXfuRneZA&<|SLP=(i9T$qXL^_&6W>&t zqimls{=t;xZg`i=h`WP=t$*VmEQWENcdc3W>vwBQO`BsPN?C=k0B)^fKX}~jZl6X> zl*{IOYvP=kYIl%xaa#<)edz1fasAOMrC)Co#NSer>E7wO-0x8}vGT}NC7J(f(%c5> zgJfNXP@~57RKu>q^tbG@L5q%sMC&u2yT;N`PpwBFKrB19NShKKRMG%&-uv$zM_L6 zGUYM+SH#2*3y)Jf7E;uxO=~V=>KeNGa^@aMTh1tZyxJM6NoT-VDV--ZhE2XU%dEA^ zvWrnHNRVN*AIu{qU{V!Sa)$-RtBkMB(c ziT0eT+!K^8d#Lklu>9L3t`7Ku>rSgQUQDM3K%_W1j!1H77ct5PQ^h@Pa5Y?yFV}k* zjw2My8H4|17}9?Y15#w;KgkAGV2dQI(g!Qwy1kf_i^j1f7oZ9p8 zGP=}OK#OQeska61vbmwJU;8$97{g;MA~O6%d1cFdQ=>>r0kO#hZs|5ecIwGmrfNr&6aQ_rVM*&f))Dl0`O*KS(SWMvOD62wsCBTPyxTxmWJ z4o~uzpl91(AK%skBU7GwItIv8qnGdgyHE1hePev>w-;0n=04v=ZKKY_6k)O1h}U&o zIb7WZuVlxNW^0?*URZ0xtI=@bpTSY!c_Jq0i)>`|q5?8@N*L!RQ@|@fr zm!gF4KKA=>7UeH~eKmdY3Rk1k$j`d$TK8b#%VI7E5Pcvt1!2W1aq=bAgk?9|>#_kWI>g*hLfuZ!fuC3fWM)hoJ61(sDolz!d#~Vs~)|+qB z8(B!=<$f8I-Wq!knkaWoVymY{hmQ|o|Q>TP1>F>T?R zCB=V%cUp_Y;D^2sClWTQeDKeqL(8JN{VDxb&7KtR_ftOVvXC)|Gb2=!f5Hny6U82TDpbD(iHRr3Unt5VzeGRRJrm%pMnrmXNb(+cWo6}HWIE@M=&QQ{maHAEK*+3u8A4cgoA8~@VI^DH5ldWZF) zB1ryZw3s8d8#g|te#n(P-dkOm#f?Um5rU8+E(;67G+V3Z3pIJtwRjWds;s)$l;5G@2@Uj616%G7IQKD%&bwQ4nes-(K$2n zl{{eBy)NUKW8BW~dR<6Sj?c1_5sqDDO7}U4m5Yb&HxFNb7#Bg;VX>$UruW(sKf;GM zWYL6FzkRZzNrT&!Dby{mz0IK~DVV?*-yRY#ETwE9=N~v(ZJQe{o-4b{Qsr*{b}WP8 zd1#yj7zr59o$k^)!L2JV?I!nhXoNPY?N10$`;52y`;TnLsw)>j?(QcaL*l$PhOOmv zscv%{$fWtKy*^r*N0vSm8PNxB1I>Zr$}~#kZw3L$t~f4Z9_Yb0Yqg=w;SF0~$ABW! zNl2NIaIQfOM->F)Wv`1wYz14z3%jzc67(c&Co0lvn)ND~$0D2{h-2}sgkKphTK)n~ z8W1>Y6kJf9yL5-`4^G%ZUP-eTYw7;UjhAU1Kyx3db{3Ye$zBMl=9=}II6f5J+Wf54 z?K)k2WEcyMgS&W;cA1?w{N-gF=jg|=BylO7b#vdOS?tMAmXB=K$CrXp+82T4ilxvS z$;4xHQ5;)#bO9T~YQ){wcw3e(w%WW3^Ess?eM7VNQZl%nDKcvx5ODpZ0dm)0zP?Fgj$#nbOK^3`i9@cT%W{ zEn7aAthWtW>1YC8HQddy2v7N=O@IFf!SQGxB?N6CK7Uh}=9%&ZCFIU-L|UEoJrmw48@;^Z4r942b*mXzi%TnW9egi!Rfy z1SWX1mzoOAo}P4}sW<|`F;;cinU{Co)Si1(8Nw1=E(xS`Qa;jd&6nTqOjnz%c3LfI z%(j>7io72P!ln&emxBzNcb}*1yR~xau>a|@+sOtBPrjUgG6k~^cbI7gqD|%;t-`1*BE>G68I|<% z$B$1+!Vl^s{myGt+x#phzI`N`28;|^!ecW2KN%9<3a1_u&M?+0d6V6=r*MI+@TH0h3jG^;ZWtsH^gm}){^7YW z_K_HISA5DG7@A_wmi_|+@&A4$rv-4>3Vq2|i2id}@((A%Ru%Bw`8^a@Zv62h|1d@u zy#BI2@)yp@JIN#pMgU!ydQ0TPU;X*7K9gL#c0(`bc=;XuU*$Od^0SB~zz0%v&Hq5g z^rtP0I0n-Cxo5%|m;Zc>h5fWhxEfQI?))!?>`MJ5jfWL%sZE!a@BeArevO)ZEHF9w zl7WBi(Ee3Mu2uS7D>FISpSbt`c&Q{1p3aH<@zOj;!~o=%-pcF!aX-!hWBi)*FQ@D; z-|;RSSjFNGxc(PSIv-L`{J$6@Ibe(!Zc+VtlYj;pUHIcA!uaF9q*)|6$+bUk640Qs z{~W>mYr?l~GFEg3ez^4KO_DUbIsRAs?0@*|@X8In1?jJUP+0kAs~Iak+5fA3|9R@( z0(*6b$^6d^70{q>0)M$){<;g|z^XfnsQ6zr3D^d-|GDA+n$!RLwt-*hPet|lpzWVt zEB8F^Tq~h}Ykh}7EHLb^2k5`89fg~W7B4ia3qt^L{%*Ac-<)r(vf4bio zZGPcL{+^IOn)tsbiRd^SsQ3y^VJRvhO>;HX1;1qB5XNF@~m0tB_NS}-d6Dk zAhKHpRSUh%tdOB3#V)NcBAp8#J;}bIZWF3`URm_?$ z26Kr*Yj3F7xvRl-IoGR3aYqjUEp?omn_GaBBP#N+@ciW4oCb$Qj?=xA5Ls-bls}>} zWn(_{vzWA5*Ci$HyEy{2bHj+D5}Q ztHCHrjTR%C)v+35bw{7$_D84++hWVlpCSnGqbLfay|#jME98v#nAli>RBFa#)~(-} zvl~3;%^CEnJ$tBDaa;3M-q4s1;qi0#@is>**pr-;lf31UoXAy(y+WtX-j}? zPCm?6O^r$scFk+w%sUddl^l%uh+gdMg87^j5j}5ImEf$SuULaPXtA^tJvXew#X2?_F-h)CIz zBphKWPrSZkXXcgPMV1XC<3>+P8UY1m`Pc6viD%cm%`P7wPdAKzr4#iqRO(L=o{t{S#vWWMn1+Q_V~x^_rbSB8-hyif}qj8CX|F*e35qa#r&-+C$nQpdwvu{ zFj)W^Jnq7RpkYyfwK+^Rs~FVTxo~^9x7C(@xpSGEuJ(Ag5brpYX@x$8cXKGqvA{9-+7M1}Oxv3a{gkT^u%OUpSW$5B(G!DpJb%EG$(+xN6s zo>V6_1x<&LR)L!d`@16gkDcYBCdbZYo640&;hVyH9H)y|Y|$|~K0nUr`F6vPz*l;& zs;a+GL|a0CXC!`rsjr}0nfrFOx{C=rPY@{BEHl7?sdyi#Q?Ab$&7!icCt)|T!q1?W zL+5i`NaW&C-t_HW)@>f6&iOkDB&v+UQnH(In0GnrG)8XFb#N9#u&-YcuDrrL4s7D;R!1E`1fO zSOH|Qvf45ldOT)*9@Yukt#BD^uPClg)ii-5JiE03q@%9_P#aFQ5_!GUOLMe~yabjH zvk|rr7%$L<1&kEDkmgtKYT7{8na1%LFL9M==GWfl(o>J)(q{(lG7Rg@T9KVv%;pDY$R%sgH0YG z#70_WS}%&Ui@ioAb8_w#L(`K5og-C}1-sJ3pen7yR_r<@1zIKQQXGl+yqc`Gbd;YI z`)YFSP5npK!GW^7o6<%`DO~!siaf@_(bsAClIzL!R^TRbl`EzdKme=~R;RIe%Mh;qVYTUx$$o#~nAJI2pg2h^d!0j{F2 zwkj<7J9O*Si3;_zt85}Bg~osIu$U##G`YCQ`he zx?_U*ae7k1ZY!T+jTJ#`l#h2~Ib-9Egk7It(j|PQ;wONMSk&CqvA(Oc`vQFN-1R%*OZ!Amqz$frupJyn$UB|q=D>$MpO6zT1|H$C-q(MM`wk44Jc zUasK_W$P5KNi(l)SwqYsMk_7P1_iHDB4g*w2Tw6R)5j{{df4GR4RoK+0RT#Cn@`+? z!^u|b-IK`_yuOJ5GGF7p?}B2@e4D0lH3yupo$il)gET-P==3Kxa==~gV1v1926Av zI&M8g$)k1Pkc48fJ^qYI#4^&ucDgb4t>B?W!(yC6e-VH{=nmmUto4$gSw_6&I|QLB z%(Gz|vA)f01U#ZH^@v&aYR^#nZmMVMKt@K#vBWA@u~9>m+uF#NB;TcSr01Tsn%n6$ zg{B<Xk9>3G1SU{jT*5S#RyESEykNh11OAbr~V}8ndZXg-2;Mx<@TJ< zc>edV?AOHL8bg;Ii(gm~q{O>yb^Xc32|Li;XOG3%%8=6@B7LEE#J+eDP1mZpBK%}& zpY9yAB4tby8hhkn)BZRdKau0;R7j~U>9b>>1!Vt?mz!6;j3scr_cbaceXJ{qCqoZk zH&YI%SD1;@JXuj16mL>ur-<1*ypL0YjC*IU3!GcI4C6g%Z-yrC-5>7p_lD|Asc$ZR zQC{D+OP{iui=pXv;HJ>a<%L)yjoEgWcq0`lyMu|hdrcE=oGXyJ2{DT#CThn0q+a^C zuaHj)eHM;cB_cn*D1}O2chEDyW24;$k9cp)`)g=9bSg^!bvuCLRoUmlA=ceGj{ePI@WGk4U+O z-XVT@d+)WUK7#@O2_Z3Vdi9Vb;L!Dp291z;5mJzXMJ4{w{*cL))Y>IUsmnWc#QGC# zn2}`)&!NSJFum-pipQfmyx+gwfNEgF+m&<^CBIA4Lr0+6N*bFu#>TNcH&Sv#D-4*Z{m)UXJ5`MSCJL$90_gEgm3E8-li^XfOx%~9}&J@p( zDdUQ~{mE-1a_QZ_FDyne{z&vROe0KDfoOc@zb02NZKDGmAiBRen=#oJKD7*>1MVsA^$uvOS?`-amyGl5YZ(3u146CoQ3sJl{L} zFiNc)qRZOK2OrPtmOb`#zU_dxHYYfatPDB+H3T|;d$S_ zr>HKgJ^IONYB;;7!ooo3rCc|jrT_XlfqyWmmSBVbl1}daKA8VXUKYt#C2UF0`_w5$ zjRAw9IO&fTjURa|r8${qT&>oqERpoH-B>W0k(rcZNPMNo8qe-$Lx)BZ`8?OS!W}mf3sMJl0M3bNIZ59$tILeG5u@iR z_I?=iKkBB_%8B#3*El_5iwGfB%c;pi1&5^tA&qVYx7Zp^g4q-mvG$_CD`#xtC`2Rn zL%S4lXBkX7g7-Zn_D^kod;`L%()I($rv0JPZpyZ9l$UA#0?nK=!7t7h;c&U{Ru0+0 zemSy`T>MC}KTUMmW0!p?X*4727m~y_`h~JslF(D&b|-%NO!o?l&rtxw3KX8<^Ud@=bd6D{#&<@G3LB^awVJG!A2I! zg}3^P|-O#+%ht{kCew zU{<@*LQsBMB(~*fD7#Dy2E<0dIyF+bw`f8J{&$I&HX@Z@W%Zzt=c%y%@2KHAB?RrZ-@AMkn3>LRZX74k|Sw1ax zmJ^oV-{a#g7syuD2yUq_(}xE?-HSI-ebg73-LZgh_I0>Kvl4PdI9tc|SJ+s5SAm?j zq{ocQ*=ZGTY&Zddst#i)G4IBsFYKGt$&lPo8a_bal>AX!DP;v!s*rT^in!YqK2qgD z>Mh8P55zkwHv|lT@P*mK&1rqgL*)9vx^s(jsbTHQQZ?es_Oi^rdmk~S2qKpVBmXhPtFREMX=H0gxAy7cGwm z+&TNy?UP7kLRv0jp{C^4^=Wvpd?`-im~T*0(Y{UV5C)koi@<85m2Jne)ThS1$OJ-y zO>`lHnFMh~48Wymh+QghB53Y6Z5#V3<~ZcV}1aNt@`ZNS|u$n^i^5R<#S# z_)C=!7F$$TLEpsF%vwe>$Bk1{GZ?3z`xo#(k;bBU5j3`&sLOAYhUT4Ss{I~stURU0 zD0Vf>-W4dYuo53;Y+YqELiH~kRkt*) zZ0SK*s&d44r!gN~ywJz^Oox6uCG>UKu`HA;wJ^;D{~Jxv^d$hxP4~i{bn^(U8U9JE zB*DbcA905R-S^7VOGS=~m%~aizT!A_XqE@BvUTQ7XZ=2q|A{`eRUF5d=9o$C1@k$1!Fa--<41`m?Oj=-kn`RlfA_`hWAPy zY?tW6bi|JjH5-aM#D+3nXaYE6DVBBrWkRaN<}wMyeI5D(>f95$s<}`~XkoI~Ni=t% zeQ?qH^Z>0)p?veO{UAI1AX@g?Qg((6q*YVstZP5;>jZ88fV6>Cn0D28LUJLn@j z=)Lt?7|u#5TY)sy5k} z7b#Ppcy?b69x{fkPJ9RWiJqk54ud6`l=Zp0v~L#67y46&?-$6gYYCt}ZnT!bA1gr3 z%iF%MhS*Lc$Z)^XL`{jx;AlibD}$(O4>QH1x$>tw>I}dMHNM=FY$#IgXsbPHp0Rff z>$wH8jG-cZ+lWx}0R9|L$&oPIeLZW~wiHOMJz6kU1nhcad9fA;_NG?OWdk6dvmMX- z=-w-GJCO{YBU>IVMA(1tzIk@AcOU2`yv%C%xsDi~!ZAQ^S2xPVG=J|ON0Oj`C@^Po z{%(MMvFmf1Z0=({2`L-sbrfszI3VFr?82Y@z{5+t*WiUTk^GV}h??q#(!%Hlc?Zz0{*H7Y$w^$>E@4aJKDtw(2*&JfV zqVeZnR|iNhrK3Q00iqjyyuX%Yo^)Mwi>I+EF6TMQs| z>`Zd<8qy?hV6r`Am0~$!+kY+g8jajwh~^kh6iXI!UoK1$23E<@Xurx*uu2`iZ)?6Z z!A@vf%*kiu1_lZPh8_H3%Ms4j#u;YiAs+$AxLl{orhGbGgw$y_ptL!40 zTS_4<5u+KGuvv+L)oI2XKbtl@PnupH@g3ysI+8o)UE?>5O5K-QcE7@luMYuJ44NfV zu&Nn`geN$NK!hy=Nbicfq=>EWmh%2=f+%_oBoWir2R^O7JM;5uh8;Su0X{L`q|`B{ zb1nf4S6Ay}Uf`kZj@>@VG6X%a{o(Hv9g{`FU%lel9eKYAnMZ4s!#g1`z|O)Vem|xu zimWS6R96+pY~LsobjUR6wiMHq^U~UBl7`NAW}kLM@-a3`x)6oZZ642EI^Bj>$Xl$-8 zJe7`un$|Vkl3Z}x>jqBE3H@5PiPl?@X;Sq-;$j!7mbc(DZYEDEp7O*hpf^DPh^S}m ztbB)0RN|rWEOleBwbfmxnlANh=``Cx^9p{Ygt)vqmW!N**EF_~g%;Mbx8_KthbW5s zZdX^gTEg!Nu$;}_7P&ohpZwqeYEoW%4NvMqP(|(U(@bQTaN8&F_YE!c{E9N14ZEI# z;2~$K)ErupZcpGq+V@S#7?+&G8qZ7Jao6z4^599%**|8?u z;>FHLX%oV7@y<{PZzrI8VKtNP+kHK{)cWLrE!@K7<$3>OiS6ppQ>nms;fFJ*H%WDS z-uf#}X0twoM0vLrknb1zM#pj!kFF-H_YZ!U*_UUwQ0U!6aqj?_GAnT1_wr+`^Y`%Blnv@nC&O)DM7&2_`>U+C?NDuFAm2l zfOuQyj8OV1Vfn9^A3FA@HMPa+IJ;z8L8oaN3+!EpMA@23d!1L~D58qK|IUU6RIU?rQm?ijFyL6t)+Ndejs{$P|# z(XSijx-0{$yvQLE6aCKcnWHM2-> ztfzDG&dCI|4Q;?d4tBn^U@W)+azW_blkBI*6X(J+(Ho8e zdP)*)2nMFMK%e`$im}zY+upL0rUB^1)-TdJOP?ia6gRy5TBh6b-i!|_(;ARLtuA`u z+IUY}sz;QcDv&(inn}ks6PI2;ds#61?l$xdFE&0uNnal3JK@JW&uqZCtj7y z)3e81xes`5be|kkQApk{uz3|pOx1w3r*m2dTvi-PrremcUt#UlTXE6`sui(_|5^g; z06E(TdXUl^Cs2G3@oK0$YN>%`E5)0@g7eW;BfXI%ZV^^P;ms4nkr+YJ3q`8*J<<^g z9e*C(pzL4F-0NL!Ht15EL|naclEZEWnnT4;?x?Rk zkhM(lqziTcyhKAk-h)?w9lKzjB;>p{G8}Yuv8M-we7aiM3(YgqpEb{HUVnqMH&b;V z4i{kQROlHgL?{k_PouGKbZ=^df)Km8O0he7E%v&nHxxHNQu7!^OiX+r?1}+I>p8fw zMtF_6|1qD(f%1{X!M$HRI4Qvq$9mWEbA$>a(FxK z$BV!R###VX#OhM#^?Ur^EYEG3SAQVDH|@9xXR)yUI003UEp}-FrbE_<+8#gT7=zw@HO- z6t);2jp(##(PSpVfx#C&+7yAKas45nQl_vZvUxRQZ|2Qx?5qMQWHf`ByXy$E<0LfU zNqV*V!e}))rZ*x*WWhS~{UsTYvut9o3CcTgaHGC~Kr$l78GH z9q5YXjBiTJ$j7ch@+knhupl^oQ!?Dq83C{9c$-0k6}LD1m1h9RYof``r{Uw43k8Gy zrwa=6xjKEcUE(^^9jg<=x9kH}+4QS&+%Q8ZyOYE1`JK`6*{&0Y>n;ZZujed}_M)Z6 z9_jag)k^406$`m1Oe5i@RRAe>WT~4Ps|wP3BqgIp{zm<5cPw!1m3TTC4NEy<#~~}x z^%UdW6NedUR=AL^eLOc!KbfmlC~pr3_YPcFFlcnMo5xwzrw+Ci#e9`m7jmdH7>Lh7 zitksb+0%ALO}5i3t}PS}yBw5svAI|s@_8V#Jh1LyrTEY~H!36lAii8B13%egzNaHJ zNzF~gsJM-vNp1y=0s9nbbdc%YWn>7MQp}j*<|hZ21?3;DjSG9aXk{moRd2XJx3k%x zpMPMgd9`938`#~wr)xt3u3dZK5hgv%@ z#$4P<#Z3!tU(z2%IyG5c@9U*lRMVK;?X_{xayv*NM{IY`@n^#lrja4*&L4Y4CaJXj zZUzaRX`Ihg?}q|mZ!bHuA@z|ehLFOQQ~ zc$=okcBh6lvfjMN?^{1Y=Z*(Z^{MVHAxvJqPu}Q%K(%K#{`0pSZuv0D;{^vdkb`D6 z*gd@M@Sw?jM;*~o(wY>@soS;nQ$ijqjytg&ue|VjZM=Nlp`3`H;5kp|jkvR1Y6Up( zksS=a8X|5R9KdzTQM5H{T|n7FWIvj3uu$`I_!?RT!qDWlI;7xYiF87m>^DjId(pe6 zc^-J8s@#idIF?hC({_sG)L$HI)Fs4cYL^~&3F~-29zQ-f7^+uLvK_9?cH3|Z{1pq2 zrV;Dc*rBGfd6P&KOk49H>@V212Hd(ZhKiHQ>Ehz(Nbua7>RGrBwcDMzaAIG3xQvQo zx=x7!Ym#hRld=Hnom>3_?%XoV%*ti=L`3F00I~7-i)+5SyL>S5hV7t({ERHDqy$K_ zL$}@2J*-z~fP^XX%>79kR_@G!d)(m`EnCFUT)(^f-o)$lrS3R(b8d94cYgGCm$5?N zx+n6wb-upcSn2G7Non1p#HVm zoCP1#7MD^7LBA9OFSm6z--f!t326s!&_>5QW1GpGmKs%91S-)MsA6w8+NTbp1)KxdX zeAzkvjLL4%e21^`Jkl-EWc^zC_0;^`|CH7&WazrtovrZ9(0zR*GLHMHzoDB=^|I+3 z1rhgE7T&}Sv0ZAeJ)27D6NpBRytzHf8@K;h|MD#p4LdW9{UrBXI0*}fZf23dUOc># zc-3ufVkS*x=+|AaC81Jhf@=_KUEh!kJkTw_78VQXuh%Lu=%{r@RL;f-9iD)Qn#}RtcaGQ zPMMynh{q?SdM@h224h@~+hHk=IQi$xmnAByiLDtxrmFik$TF0QuCa&gURUg}C5n%M zn2d^bvECbxsRW@ z_9fM*(m`JyRyg-nD0DF_Wy^(cR@qc8hscxa?2v_4;iy-d)H9#)xqN%H>a}dFnvNfJ z1nR=g2i-mWMGN%n!)jto*Qj`^0*qjHcbA6`$DR-6+Ed_-x_mJfDBTXY_eI&ZkUzA9QB#QL8tRpeCk#yO2-14kfUB95OL`~Sr?;#0Dl`VtYKyqU;e~AS%fV#r zi{)BnMhfC|Pvu!c8P-7?dO(o8kpK98uIqBxnPBV;ZZAsMw>N@#Uo4Q(RkuHeJsLWO zbvuEO@CIP68jE=F>EEcDfYHxxGP00Lx&T@iN}UsrvriB7!}k;O(_@@lXkWscU7X_q zTj(8rXkO5K+^s~9O5K2r8jXLZ6*dB(nfAP@``ED0-5*NGGaY(1wGfv#UjuhVo!J7g zPmflU*cBXIs&n0YlV(oayexzmz5*#cuFMLDPXD}kG$AE(yt9*unBr~^X}_#&yA@*0 zXDL5(A1K%uEPb?Q0O9mb_lx{QAQh@;!M@zjU4mH;z4_4Nj?><*IQ{WUhWr%c_sRF; z0MOoRqYa;;5OB}V^=2;}QuId~^A32tbhpZA?(LX?2L=O`Wk!QbsQUvm&1Eobb!&ZFqS*m zxxO@68FDgH8GmUvHN{%~5$3o!dpwO;#kMkBA%A_Wj0dm$$jC)e1B+XkhL*lln~o>m zv8{-1+QU$!7ph?s8Tw#o(?LnfrYSqV`8VkjP-8n^At#2$)<*SOtEMS%Rq<$vNqdqp z94y_+^#bAz2#|S+oo#vRw1&Zz5&LzkgFfClZiVu=mkl}yV;Yr#0*|gFfoCSrRoiIK zssvbf%b38MvRTtxWv)2zv(VX3Sjf zlb|qR=Hn!o;!ze+omwd+HLnSu6z$2vz|S@SBPGsmR9^wQH!*sA`|e#%fch_k*j?zd zsO7e--S>X%Rs$(p_G&^>_dR;v9zwZG!bLJd4Q&DtWhR&9`W~sC;IMTjF>&mg27K22 z_iU&OTi*6=^zlKp-GYw?v%oof4mTU)%h}gL?Sad7?Uu{LT)L*BFZI3hX>e&L_gpHP z0~Jd9(22a2*;(r1zSOs6G`?e1N48oGpeHSRsLV-sV|B3i=}hDTO@jrb85VnAhj@Y) zR5Z52$al1f-XP-Io#m7{7^1zBTvn-{3}D`|kf!I^h!_UG4l3HE??A;N<4{5T`WPzQ_-Hj1Rxa z+6ok~eUsr2Y$auli29LLO{?YBmipm_`-G|4i%&_aHNcg@FB1ettcWP~j*dBfRcd@L zHqFOeq|OD3@@C)A`M40mRH4Qh-1?^xZRq+Ez>Q!iPQBE9uaZ&ms?+4$>nm^7|ExPT%-O%`6bQ zfe1H-Ek?5_wqH&11+7@P+cl!Pcf?m#t^a}VmSGTO>*)XPH8Xw_rF>3!UOtz4RZN8LS>{ArPzB8AU(v8hMZ;+aIxj`iy->l_U0Ob_H3;x#*vUQ=o)S6TVY zP9u$4JErr&L&qe!zP}snckux6)r7H^`G;C7*`uAhFsmz!uPm-k5Iq+HV^`e)wCDo> zGZgi>?emFRA|RfGf?KD%^8qq(?7v_^WEg|#2-b13M~zIPYWcq_ArW0Xe>F$c_vg^! zJNxJcX7NO&x3KuW(EjxvSV;Wb1CgaqIUtMTmDA52Y6C< zint!6MCPnzI^BNGV=;Yl%nFN zE6l-H*xtLzE8S0h@5V7S+iWe|HZ=)vaxj7rmObM{U+4L_1}2K`_Cs%cA_v+%Cmree z$32bc{iXB)7LDoq({@WTiUW@Xlglps*7f=K7D)2_5-mx@s0&{H=k)!49RLjQ!yCXO z;sC&P|kpF+uZgYUdN7kXbCH)`I^8*kt!axGk z%Jtu-^7ozjds6}hu=kc>QGaXOu%v(zih$CBfV8xLluDPRba!{Bh)PR$58VviSaf%T z#Ly_i5JSC-ec$^y?*D%7y|?d|=XgHsk8?20FVZLP_uy;pc&p*sFZsld3%rj zO;!MlPQ$a!1_Lz7C`wk{CKpFZ(98b1S4Xkfk(2%Eqs-ai`d(pHCKxe-E07k5<$*Ei z>3z|J&2osAP4Z_(^%qW!{gNKNT+%Yd17r6OcOR{#SeJ)XWvD;*Mb>cJFV2_EmFo%u z{zvm%1qEy{J$9nxZSz-BZVPJgCL8AzZ=+&A7FDsp&hCBjuLFhuwv5y>H~`f6a=-Ot z(POUdpzT~?vP>H`SYbO?XIH;B-R|GM$DMfwhn;LG_EX}%7jWK?3lAIjLb`LTw_jg1 zC-o#B(*PNeCMi*R$-h|be`0w9*I0+EO=Y*HDl#tsQZWZb7;L9FFoXGfpM>@DfVO?> z`k*Y77Kk7Z?bTDv)!WynD>pb8N~iJ~k`)0J(puFLb@}qvW33TWsuvz_05yj;f{ZWW zrj!i^zT|;7&*|~Y;5X(qkVMne^E)$TREB&iDsW|fTh7v?3zp5b{;_IT0;~2Kz~4XX z8(A)rOXidYs+|2^N1G$B0AiTfO8Emrfan*$zWWBj$#ke#r#NX&3Y@9+HXuu>mu+kD z1PR~InDy%Zw)o9gw*o6Mj=tFTO;T($^rrIF$2mq8^?iAse|#YFbcfH*jV(nXY4z9P zON=LK#j1wviJ@2!m%tnH+*0$&!w)pUcccO4`DM%n7??izyH5OgcYy(9Xwg5#@5q8@ zdpT*2j*9hZ+WJStU{!8cBBeQ)augB$0j?eXT2+)%T>dJ?F;kG9@@4Z_rg@oMm6f^aD6Yvh^zaQ{da4#_GF0b{d3<`DIZXhd?ob74T zj0#4YJe^>n$0^Zp?dLh;($c78e73Hf`Dr&&w(ncq?JF3j%9frKq_eQxFp8M_;uE+n zM_gd+7@1+JG{frjc1i zpWn%XyXoOt&;CztDXA&lYqP;LOVn`g!cF8(MWT>*4!|b%0^34zNha*m(4WF18%n}% zCwb~O=rLMO)#M1W3lRJw(Wo(Ly!+@l{o0_&)7aHBYb*UR zdpIh+0q`6T1GfM$e#F=hZ@ADwjo%X)VkYMQ!h%}qWKq92vfb@WF7fdzFV8##*T%<> zLs(t}VEIJ-D^E@@WEtK(WeVPLRup3Knm;2cJK5WGN-4kj| z=uf{PG=471+@eEMZV-LmHJ3jy2bm%XlK<6|C|kj-Z+ls4GL$hPIPC)WW(#XL65+HY)Jf&w>~|+DR)$f^VDKQ!72z z;y$Q0?f(3jzHfAMBzGZ;2G_4QhAvDneR847_@l-0IKIe*0fVcEWcb6!_(DgYfn{wf zZF1e|)%U+#ACwGAuxr|)*Q_!UZ?P{J`m)7=${n20p^uJxe>5lXWu0J?_-qzU8KJ`E z=EnDiHP&bDi$;8fPbDL5oOBUP8)ZTZR=&#u&!sw)4v7tS2pXOT>iegzU=k5Ado_+X ztdNcv%l7rESn{iV{`Zh7#Q}@@7v3j&TU+Rm z9a-us#<{xdbxb00J_=a`QFJ^iekPId^i52n;8{Q1(!Glw68gfYDnG(EPIQW5 zzRS4|NQ^fR5sY-uUVr)T?P7sRWnV{Q`;tX<#749(oQ!V}{ltPmDV5h2Vm(!UIBQ+e zBXlxPOKLD)@|InjM^Bi?IU4f}G$|LjLx2n5BvNvi1ZBy;WRe-$&d91UmqRO1_V?Dv>^mm5{t|XVw>$^F%eb`L`SSGLtc2#T{M-5Le$Hqy?juRFxx%dq%K#V~ozQW0+9i-vk~N52}M0~1lJy%tLav0H)5sIzkY z)4yZiMIGIpSXCUd)dJ(Cp1N8u88jh2=(Gpw_w`Qf^fxL6(HqIg+t9C3p(_Uj2=6`; zK9q#!UD;P}qdjhoF2naXyKZ~4J=Hiuv~sbbJRB%GjmrGCf@jK)l;CJ%hg~Z0Ldl+J z+jS#Ks1 z`XlPkau_$z+*agWJnNmGPB)v2MT;qqAaI)8p3pDZXi#^(f`vB4R(;4J@V{N-8hr!ho9h@_os$@fK3ru0$PZ72w);~J+BSIZH2kklTD?P@*zTh^jmP4}s z!iX|Jr)@v)G5I;xU&Y>j8t3`@)sCe~i+%gjL^#>y*P+qv#;*Au{`STPE;^77pn8z^ z>LcF1&Y}-|;PXsq%_s;X=9{kMBN}Pb@N9W^^Ah!(Qf|Fq9l>DoEWj@C1|rR1vI>$KS>MYAm592g9xbpqEbx&tq$=0W< z{N>bqjbDzv+#ay8|3JJqNhOrRYJ|w#Nw1$%{E$|g0det4kHR$D#HYeRjb^HJozveC zEVifd06*y~oAA_Xk$lPySEo`u>LcUWM$)1n+2R^ta^3Q!KDywFN^%4-Q1sFQH`iAbj#|i|63UCoP*QBU}7_7b4~vO0Gezooo7;e(3kL zM5AtB`jIdtiBJo*QOd?MC-9a0>KeUckLlG~Pc&zImmo*zQd<-tfmV z_a)D;M+I9)i26iUuZY5_P_3ic5lkY>cFfWpo_ylgjqv>oVrEJp27^gcrrW;^Yg*neD92%+5S?*s?@Vmt*Zo;+L}s^V^Tzsc3&{ zE+1`iZDbh!HVR&sF5q8yBYtpu`%K=y-O_nHMSe1&bnt9X4^-z_t<$~VFD{v-EtTHS zBw_xAn9@(p@7(n2y&E#~K;n!anSsf96qSgb-~g=6SLx)r52k=nnO1EKNE5mN znim4#gEz7TXUrWN%DTpF>e31?KVkVi?mc@@WJku3I)GMKLx8qpY^q zQ>^0OnVA+k=EiCbdfxF3fq#D56h>E4G!u37;W+4Iflj4h=(lC0gnwbn%svLZPU%EX zA36Vd(ve;GxB)wqKg;Lll-1D<(Vm67%M2T90BxO?<-cQ27Pxqt}*~;eEOip_< z`4op;Wp>b6EUG%)XIsBxr;YW$)+%p5wt{b6N-o(9$1Q^-HyR@>v1hM-91)4Pxd^Jf zaNd1_o|JV?OP{GS1+pEH)A12RbMpx6#=sMyx>j*210Mg%5ckj665E0XNj5W0U(G%C zb@kM*>?ly46mwn!kn(qlfaTi8;kSNF;45jmuLGQf4kj>7s*%F+94o{ zg1cVMm*-Ue2|%vne0&1FmL6f3Fw0Ypc%*=j8bX(q%u+kA)2==&E_`VM4OmHALX~nbpJdk2hlU^% zbv?ZUo}s(sY<}kb$;=)^AmYeYqDV3Ksj+A*)D=qm+4pvrO?)X!4vo(1SQ^lp!Am06 zD;S>N5XKu0YK%KAzqOd%cixt3?YK!!IW8|hesm3gpt4@|F}1gvsIAj`(USJ^;s+G% zU@=E98)LumoOeWob{|4ZFZ|R{EAtml=~s|61G*4 znXpsdtiYsxmmNqTjOPnC&@YcZ*{jJ}wju*2;hTa^zA z?dMp7oKAgg)2eAj9Qa>+cbW5-2q)bEQ8|!8N;^LyFNF0d<#v5%{N9+(mx-kl9)MY9 zHDboZz51z5`owc7JKwYBO|sD}>d)&X)dGj!&W zyZcYQBP=Q&E!=|%9+8fjSyXl9`==XR%BJ@xfQRp_^rEnkZD;@3CzQ9*mj z_sx4@tCbQ_0b8P?`kQ}H+lqRC;yYb@qPX9*x{*~<0|Y3z=Dn}Kd0%)$F(2IBb+m|* zJ!sf$IujyE$6Jkw?HGp7WFWlc4zMNO?mC)8F<&<=t`2+qAgAC5QBiQRA-s#5-wbSb zyR=mokE+O3=%Y+&^jZEK&1o=<1*b8tWT{wO?ef;~tnZ=xc-(Ll8CISO*LD%;v7fIr z{OVIpRBN{&@FSuWh}3i2&1>j+tYBD<7e*_-iB4|-^_v{|1k(YpmA3QGk6-O>KKBR7 zKWC{W50_G54*RQMCQyh=gk^XSQj`r8S@J@>_ZuaVh#dw{*Ey25Sy6}3c4FjYsMDVs zX$0WtC_QhsSRRg55FM#nEihR@-YIJ4UIsw|1r90)HaWjjziLmk(Dvg3e_vdIVY0Rq zv6at+@8iB(CNQSu+?!+P*L-NBVl{hLr9JSg{12jZ{jPd_*VLjB>c_Z#!!|6W;c+7R zsz;^1LBD#P@_c7gCi0Uo@hBgUnO(5CTIn8)`Dj1ik)S}2ky(c67bM?iBK_v<8ee!@ zqKWOeGYs=qFw@M?Z5lABYvr+gVUt?}Wxc5kk$ZKZ&$ z=ew4(6MReiMt-{%2GPR5MsnnB$X`4p3YgxHPuR$g!JG1QzbO3ZnN;I)#?)AjoDfKQ zCmMrgF&v560ECwmt)^PoW?hG!lZk~$JXP*_GgQM~dq>`^jbN+upbs2DGT%Y3%RcY| zg7Uh_uAsyLL$UWb9A-KY&3^d-%H(=p&NDD+bK#Zu2A2P zgB#cAtr9jX+$avN@i=B_$L=22Dr2oi>sqjSt#N+O5a+hB95L~9fjVcj+1e{XDj#|< z_KbI`;0(UbgE$3F^1-K_Dw7JbJy*yz@00Z#S8?4ccAZCEx!9A@W+Sd@pd`dl63u#% z0lg3W3m-}=tln`<-C6OQh_PoSzr^89h}3!f@GFg2$D*tVh#ftr&RSP}8K*MlxPuz6 z_MyS>)c9q%5&D(0p4{cq^%ZO|2V@HzX3S2^A4inhd^|m`&R}`6iER1D0HK`+5>i9C zr*X<`I>SZyYa@oktY1aP`_!&?}<{HQpI^Tr?hWHUm{r=s}1`81I=yDtGnq>vP z%1!SVUuSD45QQuVglFYUYvzy7rZ`OtKf#Ho6SuVqy_|mia)%5b#Ko{|rAaSZO<8dU zcxc;%Rao6>DZWST?n3<%UINenO4)yh0dM|VlPi;VIJ$M|cBuEU4xQ+%dzi2XHDzFB zs)wteY4HFZZqo1Y7`OOxg+MnU-Ude7X$=3+$hO;ge&7_vE;PtJ(7?(!QL;t(YIghs zZuhjaFmv!Ev@6@qdh&s`i(W;&E#rcS=f^CXurKB@Sev*U^1fx_sk`AtGY`Glps+dv zX4|0yLr&e z1cNeLwqN~#%CGIuc(1G%eEpc~H)Z)lI6ae9>-y`7UgD6j-<)UT`z)HBFXp2--_|uk zPraGRgQU;%jJB$X0h`73Drf1fSyQpXuj2YM1;3&1DY4iD4j5OioT>O!_Yee#D{r#k z{uDcgPp3DgcDMW|*BA6i%FC|O=(ZzSeZKOM3iSsUwc$;B`QelWOzWw;+1dVp7w7Lw?fy)+oo6_xD_9U|=aot!XQW)W z^k7Da*DIki7`;PxFHACy#WP!8mI8wB<(zKMe%Z?`b1qlTmk3{r#L;-Z?io-bpJ|ya z;2UX4Z@bqd?=*nT4N*Gaqj(Nq-YVV#6=y7><&DeRDSw_hVzGzakZJTXh8z6JV z)y$U*2?$us5ohC@Xbo)S)6pNeJBK)-9D9<|##n)0S7YLe8gGPy!%K8_JMi`WPkmKu zt$Ig#lE{kc)~lMnUsP13BEtJ+4tFtQO*J4mn`hb9QCAzmcYGVSR?Osm)F&uKjy(<^ zdA4P&K#OL$R{; zi}K^*>X-_h1p}-;i>1eI`S)tq`d6?=m1~R zIu}j_tA9UD*3U(UW#LeCB{7!Yr{}q42{T&`E{%>Y7>ub}rBB}A;F*>h!q++?RT`o? zPT@$3ZJn&?GOHB0`Z}5ywc(x)Ijo?p(f6;PC~*$zX@U&=#slq-q5>3^h=ZmHba{;Q z&w*G^0!4Kq^Q7AAzi=d>>pvlW#DIb;vo~p-Wl`DGwmd$`e|x)+WDyj8D=-(Z-m_Qw ztrCwc+p#JNyZLJng7NUcvl{M6Fwq4DEb>j24w8O*+dddPiRPkqlqc3YRi1nX`dE3a zpwxh#=}7eOg@;30HPPixi(G>z+zhIL+ZIy9_{>(hKcQ5Cne5R}y{hp?U7Soh*@Op| z){8BTN4qm)+#!>7w%RkG+OK(O-*zSexfFbPHFglm6zC;$sER*o*-R5lu0$0Yw|t+un)@h>p_D;ra5rYyBs#ZI-YN{@B+$t(K-2q z9F|@XXn4OrnTmJd?jcU;-B1+As5Xy&Ye!p7HnA*5A=8JgL|vbh(Ts35 zDO|S`B1Cw|97l)zTb@*mHWxB2bi*683#Yg*L=un z)=ltCm;=*7ds|Utrk};?B%}54GD+VAR94qPShco+S!)z8Ps1^pXiA-h+7)%pkm+*3 zoI)fHEwbR^$d1fLJv)5JJ%9zVPdVpiz!3%)Rjm6AEt6a5HMZ>(N?K zZ|4pi;9BVI+QUdyq6}H3BKqe%Z-yR6_g- zq)-DJC}k7BfDpa&$?40g?n?Bdj4o=1O)-7qk(`13?K>o$IPI`^MbGXAZenmdEa=_d zcAY{Bzj~*Tbux!g`POr2x@!nGZ zXg-uM5WaD-QSsW}1|1WZbS<`Q6IAeVybqQ0WX{I-7MklV43sNDR*~s@oGe(Z2`z-x z?FV4(4kPvedZARiUg0K%-2woN;aV1zAAAIFDij&9nZW=~aiqExVpV)_5FH!KMu^AttLM;F07xT4vaBYEq`kQ?_BSgRCm}cR_pGP9sX|g*$D3VjxbgCHPKn{NO7V z))XAgIgX`j*X9e*&x@_&+1}7cEysjPfc|u<<4CG*cIZ_AP)EDRJ^c9k?3OS^K8#za z-BQK4)>;onm{r_WmO)ax$r0d=-n6SgFg6KUu6#0 zdm>o%a8N@S-_*Ha#|ro#&j&m0@u>N{BR&%3AL6I7XdI0l`2^QC+JBr7uY-=`NeS7W zEAfih)UV@jkFI&Z?zQrwaO%?%zu1x&MU%;vOp%+bcxF%j^Qj~)7rzh+jhY*ULFYY8 z7_zEqZICG5R|Ps^1ZEE+ZAjRjW)KPprVq=M4OtnG$eCXr&Mu1y?4+bjLK{4{WDO z`(X^)tzTCK^k0Y2P8J!7%9&s);zO3C8W4Ld+=oXIFMe;LZG5~CD+ozaY&zj`Ma(~B zGOZfw|5+uuL{83ORhpbDd^ACJPfH==#a8Ko&RCiK2%)OU(^H0M4ALdn5^R>yEIT3g z1$TSeo}cKLn>=g3?uj(W^Xcj~z8gw$^nqe+uS*_CyXn_{smp+;gf&Mh2)a6~ukVS1J<;YH~Q==-J#~3x9J3xg!^|zw%alqJa z`N7=JPWrVIoo7TJ9usI$0~GkkqR36J6}Gr!)L7?5)ObL-6uuVibrW!JUJfKdNQM)u z{4$;o%)9T-=C)&}45Tu+k6*SXE3pe~Yw0-)t2F8w58A808=A(t`|w%EfI6g8c=1-U z18l6#*E^ZpGNx3IV#4afv2}hX=x&Fa?I%BX%pn&djYrXh74;Y*T)n~k_RZwFoe4<|z znXowR7;7^Be(6a>Z1ihbHl2HUnv;F(2fNE}+YLp2tngd1Q>zj6%~EYGjROLfw>}W# zIuts-s{N)#kq{)>g0%_yhqg$wUC{Dgi$A9D9rQ)EPCDmi&=Nvbi&Pg)@Wwxuf;KcS zelVhp-uJUjA1mKko08#2c!=oBJ8Rt;^7~dU&8BSEa#?+N+0ApC}wcH;UNce!|K5M@@Kecq0veGk+HFGw+%QCaVfv<^em6eaoZ_4pF~7v1L$bjb;r4 zW$ThKYpf+ksSoPTN5YQf&US-I49nOzz5l4HZ_1qrDQ}}iaLOFR`6xlkpLX-yja1SR8 zAPzE>#{CM3Os<=vAqHcXa3xR&mAL5`T-=(4y0`bB=E9k^AfH>#C;P-wH!J&A2?HU- zSjVlCuA|PW8LKvgS;x~8&e@dqUUuQOA;+hOg2yeAIl7WUi*xOVE!b%T8{A9z$p$u{ zJqrtC&6J9{{iVt^%kL0quZh`OBIb>AmK0f!8ye>=o1`n|tQH?myRgCP*Uo(n`tB=; zrlRlsGP8EZwNP1|GjNtqTpGuw9$lstYHJa%AVQGmPelqS6pUEQ*iOEz;6P}N`I8r7;D~_}e{+w$xE< z697i1gDO>83e8W?=lAzFYR2RM>ELz-8ew3FFPn0^-(?m;yT$@&=d#6x68Wa;;cM}y z1OhevNVDBwr4ifnU@Z=J%Y+;vX7z64C?VpS>e&UyE{bZWbs5j)z}xR84Gk{tKm3%T7(CD<`prG;Sz5%vlYM!3QWvh2o&+N}7dfWMpZdI(;bpgCQZrkIGJ+Xps zhp8S(*B&FUgRVrf2e^aJ4Va21&DnbFc7 zS|-g(Pz2-4pm>7d3tE?CaG3R6Sv^?rPERC*rqZwHmh4b;oecoIfYF`J6Ss+CHK*Na zjvIlJ2h8enUvRNxc3mR|4kO9=X|(HXqSFQ41-eY|Zit6xVFND;$uc^M5rXpHb1>WIz57eg^eB3?m#C8M4kDKk2d*+-FS?^_2KO zAGP;hberJoqwqh4^WQ>c)CdR{CuxKy`Y)c+z&h6c0lEIqKfcZYV-{)bGb<(j`FH*S z9{;2fP{E|z?r8iO9{lF5&?o`|%#(Qr!INudq~xDdfJV_rC1!E*-Xlf~a(FLceVKxI zsROM!4sKgl{jSPS-8bSY&unP_kh;@BM=kmz=k=mAshrD_-tn0hO}t0;QjHF z{B4Bj^ZRv@XrHuPGFc^~GCA)w<;zimmWO~`*9?n<8TIu)ysm%#@$+jy=AyfQ0f4$| zeheznxJ*quO*x!}^78P41ud7f$&sdiDT(nHw0ev(wXHJSi#!%>v|xd|+CS~=;9hwU z-LX)+>)TQ4JPRTNQ8-VlT@TuXnU=fDr2d@m6!HYTHS`b1_)OcUQfiq%&ddXsZPc;O z!r@+WSSe=apYEFwR)AGT4fB8D72J%DOCHL0Cpr?2N#a@HYX0*7$K6oh{0i-oYa2f_ z>0Riql}Aw6ZjBrHAKwPnlLXOXP&`ZvI|xqaat=?~<1dgrAIcD7{%?~i#bh41-uEE% z;5(Z11yY?lG4%3Q(&+-V5GPb`CWUBDCqYU07r+* zX=7K@nYCyt4mdvmKyQ7Ub0T-77qZBe4Mtdh!QO=4@}>XG@k#)eEc%7@BR?$x=nX6| zjzZVoHw%r+dZ3i|6D}sv{d2eb569P`2bfzR_Qk3G@PB`S_vM#$a#%w!9{94CM<#j{r^`ol9{NtnXIt>`=d-bv!kN@pn`unwF^gy%)S-M^N=d;@H zF#y~CZSTH1*8lzv{?8{2gpdH{^wtTA^*_9pfBsSQ8+g+X9Gl-0z5M&F{-3}5*XvVn z0cxHM(zk>3kJt16y=4hpd+fmGX@jW^nCy(|U~L{W@60&-@p8Vr1K!%~2aZ49G7ycx z8b-Iin@eCZ{?fWme%!_J2Z_tFGEp~6yz`ZJQTdCVbo84Z5vmJu$REcbkemD5^8SSQ z^GFB#2Db5^i~M!Z|I@QU{h!zMpWXFmRzURs(qV)|91)pZ8ZlJ5Y&ks=uz7DXlpw$8 z3yYYRm$Ut212+f^M_hOt4yeh*^V%+b_P@S-3uK(q!t282|Fl*hWdl6xeeD++iSFCu zmYQuo!5397!ADfjo@c-YcmJK6`TLPmE(Xpv@ib$p(K)fkX5#q%5{~+xhE>#~=*p6_ zIO0g;i>c~}`2|QaXs|wBR9A!L!EMei`l>R_0Z|%aF+!u9`vY-^w6+kdv9!7n}u2aDtA z0O+!P;us_tcfg}6|M>$w0Q=)-1H(^Jo!4)a$UBqo{;APb!WgCB9*vp#V&gF4JX9Zz z*x{4uQ)idW9BK~XO(ZTQP<>t02|CK8Numxy16&5V0^e)nIZIIM z1cKZnSUcVel*P;Y*$=}Eg2H;^80r32u@xs3UDL;6IwZ;d%GM1TqTr=g?{Du{tXVd*A8VU#}0dOb1goQxXO?G}8=p+6s` z%=}|M@XwCJlR|Ko?gzXL3Y%@acy}fnFvBJL$F}jl4k+wmE2K5tk&304|H<|_?~gAl z3ycLFbU~|mGNRgGvBsoM%|_t~4mq$62^UpzX8lR5&2E>hJCpVV6#3#%w|G_+EgWJN zYS1W+6R5R*{gb{@;eS7y1k$KQG?u0sB>(d%-hlIUN(nNwQgm()i?#YCLI2zZQJU*V z7U|z*6H+=?8RWPFCGdrZRd3$q*xn6c@lW=}rx!pzC9K8w3+ZEmDpb-Zc<13ki5M<_ET=h1RiT*uF`cl zd#c%(--Y3O?xt1VM;uNyVB(P?F6U?fZEqf9rO|hpN63k({a%2So;cH+KR9M^?Yfab zuy04t&&C(-ILO*F-`Mgh3O&y+&mef7C*u^({l z6DQg0Vt#%P3+5^F&kJc+h#6|%WB~NQ81qa|8A>}!gnygA5b|FuxWrTdi{9hDRBej& zEi3?+sTZ6u&w^Lpz%=G3AA~1E7k0%biq)|-67a@Y#AUBE=(XOWg>h3CeU2U3Y>iA` zpdY!<)KKW0sA$qRX^XOBdK*|yg~R7!v^VpI0J%nHghqU~@SzBz^Ag|KFOJ{YKM_oB z>lxG)Oz$Wz1={A0jXy)3Mr*c&lpB@5KZF@GZ@xPBgp+g^t67`O9IjW}%s4f&z)h7W zI7-+0Va12*>rFf5@imrX)6)I0(Y!tg7%eFL)o4xy`Xj;-hdAjMoLwPn`l-7koy-IG zX4-6HWO(wSVF8<&n%f>yoBNIN$_0OnurD&J#C@&%-dU+Oex_r(a0|ifRW6#~V-}5u zVe`zXG8MsKnfHskR6oMwrDOe_nb*L$83Fh0P0+diJ-cJytqi+HVQuv~ajfnniUTvd zrjLeFcqGA)dCR6fkxajN&7*4z*2~*>v-vb{Ay2B)BMaC>1(^$s}im z@UFq2b1@XPamhr!lM_#RS%vuCc!+t_5Co8{P+VKl0K1lkHN#IGkZ}(vSk6t_ZNPll z9~Y;wkMx?|rD>o$gv21_^&D&(l1R>!qRpe57~c}FY=~qb&CJCoRnGdVTcz6XQsU9so`ol}sOyqJ{^&}d zK|aAe!PX3-pcyO~RS!Mgu~WXW4VA~(Ugd2~p?ArLySNwf2IhsXrfEmY zS0U0QDHWrDXp!|Ov$f9q#17~XwF=4w_4FpTj{@WFhar4+N;}f=RV0Beo<8Crrum?a zYZt>J))FwD?+>V|HoLJ}UJVBsD(;jO!cXnSu^tJyB$1!Ps60=z&6GVo|@I@uR-45ej=bIpe>a)t@G`6h4&3n5(Ub7H{)rglB?DHoEUl z(`pL^kWo509*y{Gdhpk{>2(}1H1}!+H6EeUNQ$O1j*S+M*rG7kegjxIQn{IS#9#5~@WMV2(SAlhK?Fi=8lPe9JiGgBr6SGX)Ke*v!Gn3qdC)TUcsVMqk(z%t_{6>P(1y$fEcG) z%dd{c>kjsXvuV5m<-_Hmld!>)mtjS_)4vlf z-3BMeHcEQq7$@&W6Jm_YxXrJU&NX+gh>Zxua%}NJ-@Rx)e?o<(*$B*D$cw>N+;Rm`(ZVLn<_sq3=R0W1 zYzltceHira2zY#xi*g$Ou(@&E?k+8E=6wnBK*DNcPz6nrl)I3jqHS`~q}EaLIYmli zHzx5VjN5SR9M0a7EAL(c%XFr^X#W|D0gDv0OPovJcu(oOE4^yY0K`Y2au=@E+{Y#q znj75l8?2=LoSS`qF>Ja5TpH(nacq0s_Y&3gtoFzZD!mYy^p#J&!O&a(l{lmCq2IL$ zt+rQLvs1naIIVrUcw}EOhd%ZRIF-|^4VReP?Nk!L@G72dg%jPDVbQ_2p!$LYSm&5B_{P28KC`b zUh?5$yrUKbPEM#Db$v^N?jq*pY051c_lnd?^2f{7`e1^l=0Dqownp<3`IbC%d2OaG z+Oz?GFxF-U+LIo!|JnP%(gq0je8i_ps1k{ApI7ezextv#?+#Inb$O9lO8clWZ9b>< zF?l9aZMrM2+Wg*Jo$m22P*9gmjOmSM<`*V{T*SY9K1Xty*OenKE5~IZnC7as`Z5?t zKrGx;o;nw^%5pi}|IyWeR2R+mH66v3mGEJ{Ln48pSZ8xq3h?iIn^hjyzVbno z^#ZRDqt|3d8dIWuEoX-UOFKFA4Hcoz;jiCDQi-sw{!skP<6j=XH|N$Jh;|!tqpa2N zYn^_$TCY{$H)VH15B5>ZZgqdoz-P5`RXsp-pw8`*`((!x6gg%i9+vR>(%(x@W&+P>$$xNeDx zf_lDuYF#f7kV@Z^WzUl(a*qrg)+~s;gjW!nG=4p6xBLjd6r}Y$T#M-?>Jz-S$E0-r zUB%ju_Akm2Y`B4&nftn=a~)bV0irMN+zjFB=g_F5p>RCfp4$Sr}_J=QGQIUMQ>nF929k$(M8f=sSrp zCfr@a`{iO$xk#ueyob(tW_Der=F%KS#LBefcV7E|QD+*DH?y-&GPS#Di+G7ewMZrJ z7@LLkeC)Yro0@f|=S;>uTFD;fin`d%NzI+@6E(EN7CH?T$Lu;qsIO&ZSVFN{MM9_k zu{$cUlef8f6VI6XPNKf!@xsplM>kOr$wAyJ_7$k5#09&3wuOITwrn|S6st;mZp^@Z zBbNYLw0G*Oq!e&IYkeq}Pu%x)gyAC@VVY3^$^2*uEN8DWEPjU%Ip!{*AlgTQj$8kbLpvHq_irrHIZvQOx;n@ekCE`cN#t9cQ|+rXGf-Fb!QA7k){#r z)4eSxA8lME+uz+_zxcWrDc_~I%8}?PB#JYQ-1G0Qb*Z8G`oF;Sblz z!i#7n{7zzPfc9OH>Pl~b<-@=F^uHEd7++Dl_D;*y-3J|J+DgMq36<8;SWSA3nc5wD zuIJVXES(bPccHG}$V3e}%o!)%W66y!i~XE=mR3p%^k7=14@+V-f3&v{zakWOUzm~N zzV$^re<+F3tt|z&>w2Yy*KzV{0FS=plY0};>giTt%^<)HsP>=IcQ31#$#EM>-$`AN zgtnh1mS-ZcNLAPL718kat>#s^nN?l##v}v9#21nOAA9c^)l|2&e+w##0xDHNiiIXs zdM_dhQU#<#RC)=$mms1bqEzXoG_gFA(5^BT(<{JabtBiqXTxePG+97o@gbEm2G17VFyPp1i#n>!Uj`<_c@k@&rcMii}+U@ zoi3sQ#?pS{@H1c(X6gpO4z{Qc8_;SjeEq%W5uf8&2P^qV+0PF5Y`-VeiAqoAJHI;O zYYfEe(up`~*6q@OdUwMYMHOTv?zQ!|4bdLhn3|KZX&_7=8oX>wjLQibXwJOb`m`e) zi}zFXGte#na&Nxl5Iw@>}GoCn0$gTxcSh6C6mof?xQfc-Y)GNvQ0m>;Gu7kAqK+KfirjK zC0XhOyx>;zq@9*C^9j!bqJiWx)6Q6qN2m8I6iV%$ec5AJ9Vl+0dK5Kc ztpRYU2GdrS&=q6&EI8!-P|2kvj>hHhGm~qkZWVyhklg(=Qk!D5sL@`G2p)^zW zhZUIb^v{@!d-XlCeB_7RigaUD@S8+AEfx&U%Xdm*AF7ml?4!||HdSK!GW+Hmy|~|# z9}n)(Dp%bzZ1KUR$3GTZF2I>f;JPZ}oRp=JpLLrOE@WtrxjDy&;Mi4Ajx#?La`I}w z_s{za&4c37E|#Rph)>#brjh+Na)7kgOJ?vrkm5st5c8***>+qQ{olxk^0z?7A?xEr_tSef#r!7fGw_4g zZTppq;EhJjDM|Vz4lMz4+K`yEpJp;;E@ZRV6yMXReW^wAl3dW!ueP;HM23DceN>Ns zR!u3(e)>A~J(~%**WQ?lC2m_0??%s>JhU^{5O=2FpI{rQ=R(s?<#W^l@m;IPh+NgU zXab8n$nV{@t2q@-ISogLY%h%@I~X^`SZer2foo8K9UkVq-D>JhVBqQYeM?})sk>8e zGtpqwh;wz9E(s!_J20o;PI*=WJ2UH`;ol^VM_N|Y@|B8t+?rPWKc-cdMNb(bAs7O1D5V!{-#|qN&_5XSiY7eU z_#n6>=+asI%Y3_-?8(LV4RUBrqb##Oy+bXqZH>W6^ja?W zRZ~kM(zDP|P8w+p!|~8@+7;992Mk#W1DR96$epzWS6-dz#?)+)DGhi_UX08&@1681 za~^$IzLP*Z=*oM=^r}we$(3~cVCVN{l;1SBp4aZhKa9BlOi)AH-?wg`p0)mTl8gr` zd@5gd?i;$*!37UmNLckUKdyb=0~*pDyxCBCu?3Q@XwHPs^a777sJ|`7-|Ej! zkz5^QTHZKYoghq9o~Lcz%2`dnX96jEa=mP$K9}Rep8CV6u&f6P9eQ_1N!KjzXMMP* zIQsZw*lLtv)e$>x+c$-8k`FWKwcefd$c+f=b(Rw66}{hpkwBM^AG*=^qBbtqo;7++ z2u66lIozhes~_yX7h^=@o(Q^83*p_V?m9ienWh|eB#Jmm2PF108;20ox*N`3kMHjW zs(k}d}f)E)JvP;vk`0>%+w-p zat*W_9i>x$9uTI8`cY3(ow$0P48j^7?Nx?JSHH}M5ieo;v1 zm3%%I)U3G7Tp=sTl&uC}-yuR8RMXkUzz71ZUT9_N)M$MA!~vg~Mu3R$&7t)OWL*-U zMp6R%iBP39t`!J#%>G97tnq19huozjrAC2Gr*(S#ks1|8TQES)$-~n?5xmioY^6i3=gwSQ zEK0vJrpoNlFc$1@rWk{ng8r54mtB-9jA_X!1(4Csas6%#>>A>`H|S7 zP_0O*Sv0A3walictW`$FCMFJNTwP1W@ART5Q6%$umZJ*eSFJq)77<$P^}pHms3!p- zC~y6%Q}fjy-1bO0stzDxvp`giehcM?m@)Nl4}5Qa>u=B5_7cKJVL6;GUdw%>+9QHv zWa=he$iv2dT&+11q_M$PfbL#4TKJoCT`xMcLy| zo(J}imAT{tO#90PL<+-A%}f`S1Z-^QiL@%F`|msTW6luuSZJNOS3y_}5s1R~En0 z&zV8H0vGa4gZ1a&`%?BXOYl8l?H$t{( zwql2Fl;vM+k2dY{Esg9k|M_V?>B60j?^7#}S1fqKtI0V%KSaJ<0tDCfnFuE10BHZK z>vXUl5}BM9CC?_S<_Vzlm`v2|+N!12m&OUhW@_97P3k<#nen=I3@QXMwzY%{*l0vT zH7NW;F1OKDqn9U=_`nw??)u5;D@pZak$O*_No*E>hWXgE-@SxJ(+b%-E|asV|32I~ z?Ke+7<+pUqu$Y<=(1xsCVkWrK=Uy#BJ5aB*R}0blB~DvpH znMbN#>P_9@pzDfW(*e`!Uxu4`=UrL`9g;yQo`~m8Rb7e~apzEGioP%S%(CG^jK;0MzTmC2A}pkz*muOS z^GiSRr?#ytEyZTYPzA?uM18pK8_~<+Gc6`Q{xLiQz~x5_wFPSqb9=Ac2%<=wXmgdm z==u~c`1F_0=4<(z=UboNH$RK6<`wDM@Gmyg-rgC35YnnxEcKh>t!d@!F+I5Wk&d!Y zztleb@uaS~UNOWjn_YhzP(i`Xj$9)A+&H;-`Nde}bf3 zx#2NXY}H;i;k9?^5~U?GvmGFwSGj2&hZO6)IP)?Lga+pyA7go`4`vt%>65vNpx+Az znmNTd6022^?2n6?Htb*O39;eQ{DMZyewqYr?ah9=C)ZHkQ!$pp{&S;Y<)-;Xf&h~1 zx4o6>m9p75Jz=5}lQIFs4Acg4%n6?%N5;Ws$;*2tF&_gh%TaPG*x=%95#<$Zz0AZ9 z^SFoFdo(O1^0c@K6J&jv`{FKjq48#w{!zSof0`j}oC*FXXB~dJ^tDi_YEdbg1I=nz zf!ZuxW3=>BJ29odF{d;ive{1`dg$Dt0J+#8>Cyoi>6Kxe`P)(%>B%(s_qE>Pj(DbE zJBs?y1N^VvLMrJWK)ZYAfU#>N5BnFem{2;srx*dRa5HpJF^7JYcxLCkq@Ud6bJ4+2 z0*LrPD^Y0Gt0L-$Yxnbv;PKU;_$1tnUM-}CU3;Ok*>rZIO37_R)8{CXGLJCH>IbU0UoOyVf$9(U_E#AP*fwJKZhJ+MP^$hXW-waB&vdtcOg{4mKVRYt3Y zNio*z?t#0rSknn=uRn9kEy$X-9$M4ue?~{7BVeudN~>&n2*3DQ)9k>iA|a>fIAmaf zGx9;M{C?8HPKig$Nqg)g+0A<*-ok?QI_mqa+%*bfQ`H810!inC_H4`zmz26&@4U{M zB=%G4((j6mY(@VSyRU3$r7zAxFY>DgEW5UWn1rF6{YwJw_|fU`up=6nC=9FyGaIW*Tj@_&bMj4=3;}B&Q0HhC;KS{I^=O$UCE$J4^7)@@7b9SDf&?a{X^gPW~ooGnCiC92#9-a|0eMHz-RH7$^>+Dg89y)*YI@hUhSYZKaj9kDqN{nn zl4w#Pt6^P*dXw#!l8L?oDLeRn5cTp_=3u^t;U}u=2=(1SYEV7hTBMO}u)p2`lbPWfYE115Z0fDfT}6%@ob{p z?16<^-yEApR)_MJi*-4pAIy5=Hi$kj3tcX_7FQ~pbZGjZzsf~kU_yIsY#P!Rz#sqd z^5ts_RK&Il7Rc9~$!kMmugV=}CBG&l2!SF8_RAb2)QHsq+=s@yT^kLvf^NEF{FZWj z_U>KYWCpjyyT2Bx8ZQ&Xls__2mv>DWOB?lZX04W!;v`wLrPJ6z2t5rJqE*dobsP<7 zJaqjw?tm+F9X=c^cmXJ%*K{atElS=#&oSqpYORMG`HNQQ*>_NVEqy-HdjzX8FvZVo zm$Fn$HAQf1Mve$2bweNa(I%CHpX;Qc z`4M}kE%zjW*Cm^8bu==G{*mmy;mo=gpLbMa)z|K0Sn{DQZp5$$be8#dY4Kk^W^&=3 zIcTcK;5`ezfG>&fHi_)i75!<#d5vpc#hj{4Mz&=Ij;#ur_*K6?tI8}|?h2W7VKWug zE;8t^u(a6G?9y^;UmR)c+*^Azs(Z>OE00KNlBPlTahSC8NJLXs{~!=Bbb?x3=*n0V zZU0PNj?YVGxsa0MwL_$n4ZVD&a6*6YEiW7Sl0DW}r9TFV2{2fvQ@& z+w!ahb*ZtyV5#XmS~Sm#&=x%*?3v7NL=Pu{>=3fKzXhtMysK!r+UGhT7$>KIU+v;PU`-c*$ws zh%6Hn{o6!~pfLg5=Cq5 zWfNHi=>Cn)BpiAfU*kq%+m+6=yP!7d(s~U%%3`XwKP5&n>!FK}(5c5L_v?|%c75xm zTrI(g9tf*+-1CksUo@3T%exPE;VPC=hmiY;=Em)=m5xqxV zqdI5nV&Y>-YaKC=mPeuDcQTeB=C-*d=hi@yB&QdB*Z1Zx7`Zn0uAe}Wq>?;?vh4aY=A zjDLM5)+y!-LYzh*hy=1)>><7qKcP-D=8+~%)MKmb_3QQlCHi&FaTX=vloIsBZ`d_U zQb8K8cfxGBqWKkl(<|P>0u0l^fwM(<<;t*#F8th=Qzm{gRh3WXNgT!HQ&`U7dwPtw z!jB5`6at%tJA5)GfQ05}$Eec$RFY3B-m3~ptSoo&74Qa`C!3Q!wz8yT7Aw%MI7%B? zCKeKmp;g{1_dUa@GAke5oAXGMrC+X0x--AsWt<}C>RU`i$DDu=_{Yxj?Wxb|jIfk| zh5ev)@s&Z#;f4?5qm{u1PKcLf9$i}0cKDsE_MVm6mipmx!d3LA2q+m#pkkoVvEj7g2K`PGysf2b%BcJO8c@*gZ)J zuOj)o8fW{{YoLnlG+94{$d8Y-JzgN#d97dOXvb&i^H`AGEXGR$Y6P|c#bdgLzHuH~ zM@Ng{{ma8*KDb-jYT;%RHEYAo&1{I<+k5)PnJN>%r^xJDgQ>W8dkB=Yi;a|N28*dm zIL7#BH0L=%qKo);e_K&kqDc8yRwIMq!cc_XHnz7baf(DAqa-OH%xr+1incC>GmkHa z&4&{p76W`d_amUpeOby2*2JQc>Bubvn>8Ui0FZzjmORBME zZ@nbtVu-JkM(R zIJu(aUqb(A6!o0~&f?sJWVP(>Gj)iv%SJeAS%)c4j1A3vTP_+%yU5_NNPoCjzcJtT zL2(YK5168^NU@l&>|TZZRywGCk7Yol2;#SV6M{6;C|3q;0IoaraJvMEi@C1WfZimZ z$hjDydT6dut}k@=5VmbBf4A0=0KCn|R4*-2mhF^SzQ zo4Ee%cZ8Wi6^r(Yld0E;ZCMR!)P5rda#XpEjTqS6CY(|>0F#VZpk%rA#$;5Yh@(4| zn5-9kcVT6FN;Z^$V?SZ(bdb#P%*Rhg9=1E9mo2OCS4TUVTrR}?0eaQ+J&v_TB7#w+_rX!X@&iC26B3xV=k*!)HYQ% zVApXi!L2kxGRZlV)v<+T7;U5^d!T_^zBiqg!DKg`D-otCs zr)V2cF?CX8Q2G43>E^W}RISDpG7hZU6Uk5L!asE3j29~IWBK!OqLs;vsi<~bBgXFz><%Mhm5vM0#x7v%RQThU8CxqHh z8~TODALgm&C1S}8Wc&^7tPCJDLIwAMMK9*;RLmscbvJ7arZe0|MzzJ~4gKF~Z6VU* zXX0Y>JCVtZZ<}>V-A`+Ck}fb3Us@i9$9VHfGPgco(-TO%+w7dne?rJrrv!TE#PSs8 z%LQr;2m&Zjl@AvM;y16)7`X>@kSEU|FWqiLz&_hLMy1TYC9wqL8)XrVrN@|*#F+V` zehGs-)8m~F$M01o?E|6Lw1vjEL8A7(J_Tkwl0~%>>^H9r<{1?}Z*FjVdhr3Xk7SFG z+T&2S?+2loCVf0sG_P)I1M+2}5^irL?DG>(sLT4`3(2I-a0Ab!EC+$?c*X&DQsG4DOjBV$H_9x;xZnwN(RY6OM;4=`H$`yk0#98wG>ksGV+H;UJ2y z-3oZBV#W-1+fG?63h{YeplzA5#opKORtNW}-&|6A7#;Bsur&1M$bb19CzKJCBv>sGC=9&L>2G5c&hI252eUT#L zp)U<1kLz~)`~qPpK?^n2N#Fg#Ft6vRu}bS0*a77Rtm0jdbxCN|%N$ouG;{|BT0>e6 zFb9s)ir$GQu-S7zVnbVN((QPExh<&~5GTzeW|OoL(&P65^Z^OOKg2SN=CY0j=Ay}H zb~1H8IYN>nQ`0T{2PFS`;=z1uzWgjSNjPfIM`FI>_P{C|Uk3Kb@#r8ZvdpwivbK43 z^V^I^q-Qmu)yBv!D(Of&Wghk*cR=$gBlRT`I?07qP%zURGXR$2C6MZlPG?r8>DpTp zoBJY!jwEIJ)Uo(NcH%CA-yS5}xPYydz!KNz(_=4mZVkB@27;|DzHU9L2)f;3WwGm(lCr{0TosALeVF(C~bX zGkbRk(>mbbnS`zL#c@~JqL|~ia&(aC>pc3CqAdfWW z7)7o|9pK@jy{UFAn=^bhOl|+Q6~nr+V%y7{;Kj5)oH`-8)-bLI0LZT*l6+ss8sT19(k=MRvG4+@bvxwSD zmv~;XFNb|U-CkT2=bR?*Azn zpK)V(V|$a?;kJ+ASOe)<^PMeCMpakLhW*Kv!=r|>4NLcO$7INbJM{PpOnsG#S6JT4 zU;JzneUCU3nU42_Mjqsw8haW*s=-u`IpJ+O9domEuvto<>uQNb&v&PT7_%`p&D>OM zBza)ks1*N&`~8fcGk=?VLqTO5YwGipBbSQ{v+>Bc@8tcj%~-Y7s}!g8GmELc2_~?+ zd?WN_mSff>ftcZj3gp`>Cki&m)a!^w_1sO09xBIQM933S75NljL%1kouDrkVyFl0A zjhfwq9hNk?z{7#pOEWa_Txrl{21(Bp=1i~>9R-E13<0S?(|k{u z?4T$Okt2q#a4rO;U#t7&@xwAkInb%`rm&4prEq|ZV)&JtgLy+ug@iiktuKIl$N5Uv zDg_YHe&Su)T^S;bH7EF+Md%-OH0q(}Ss#pnQ|8qNLDItoy4{;*`(jcc7wA+*WvPa& z+oc`nV4;!MOm~08(i%>ZpjGes<-w@Xmj_MFE5%=K($RE9cgK+l&c#e{WqBJp?Y=DA ztB$gD}DO6^hT3i4A*-S?g6v+Lhdhm|}nJVXD6~+UTdrO`akNEaI3swbI z4V(L5zEmppQB-Pk*5M%b&UjDNclWT&WV+XX^Krp{DNN5g)c-;hVFh(Ep-d&#R{_avDp7lQZS z9?<_84ZjDJfPWDrWBJGMFh8se;-0rXn3X8L$McXo5?oY9?tUiny(iHT zy%auT`a{Uw4-J6LD95++qxScNxf9Y;7SaVHK9#U!5&$(dwId>DCy( z^Qqo-+`BD{4-K_MxSfMv(pge{6_?Rp|1sMufEJ&Ngp0oH$TPF_v%)85355Un6Z?bq zM~{jxb=SXjUPzMO*^}+M`sCr}ubSedZ_o`W%@XsV;ynJbX>up`1(H9lRlR^G1s<4LEL9}n*_ zKxu4iyr%xMM+*2e^9;bNs0qWfKlqQc{p*hhfZsBg^PTsPPfGn96_|I7KehSyg@FI_ zQh}FmlZ>&XUG;}nu1$G(nB38HzSOQmPN%K+$85@}L@@6yf~s`qzuQp$ z+YR(v1heb^{m37$EdO`A{_pAfvnlrfua{BYOJzT~ho!c8d!Bs`?!eH+L}TbeWG9oMMhD)dtcllpiQfP=PvlyNr}<)ylA$pS9Q><+6PBsInro7xZg_huYdA) z1c4q-zw5n)>&ZB{50FtUVO>c;o(Om#b{ndQvf0;(xl|n|;>66R!_%Z$Y$TVwJgn;} zHFCcNTJonzw&p_?fL%3_%mH%nS0G`;amW~&?Bu4Yr#~s>TlNELiT)LmV|K@7&3CBI zIKDuoM4q0BbsWP&-GI`6ERcWsG1KUr5P_{_*m0BseO+_Ou4dxNm`BvM0|5)#D0wtw zB1z*K_=k&;eIrOfeC;;Z;vO&B?T>0&|6|I&z;hq z^J-r3SOfz*t)_Dgf74^N^N=C^F3;k$UId$Qodv&g!c|6ly?>9F2^vFcd2W8p2EEpE z=Gu|7j?*8gCe07rxc-xE;2&)C-OhH}8t z#q@YrX9=Jk{vndQJ>|^v)mTPH90@V~Giv@vcpP+EO?qO-{7)Ta`hMGw22!34{QfvM zd?e}y=lz>`&9t+PAr%jIZ`xlv=sMB*NoN8`Tu@5J>d70|nr+0F(e;V6- z%mz^%a_~#Z+QGZvs}DcjjIjFCXib3`yu1-Fl67TaEpm#!MqEc3vYD2G_Yqb*N7luk zhO_?iVg1hoHKYx?)!!?k9xl#tj zk+8iidtYIL6u05NUr1Gjr^RTWeBEaJpx#>?mhSZRhLm&DTxS%vLE??XaHwP)D-b2W zUSY7{1kF55)c??{%=PxKM>+{tYacaPP`0m+`s#~)T^3Q}ma-jGg|H+b#S zi@0xwkw4UAoS~x=ca}drHZBL`c#aw9JN7ZbqK2~f2B2S3OMcv6zA3`j!SyCxc6JSt zwz_$M+we7M@4MwVb3ll0MR>n3s~vA>=h7<3)y&sZ;5BKV;x(WP{T~*9KDYZcm^4hb zX0mu)#)uA2LZ#+!VDZ^y19ldEYRj-`Rea>P_RRRoFT)ZZ4bnTTQd~L@tcQythnkAQ z(ZdCi?=Ekjd)Q6KYSlrF9xEtJylQE?R=2x7>BaDYBhal(;)UuvB;Fg=pGMre-zJPl0WdN#+w+}uE9$d9P#d2kiD?DpoEMYm z?O0+U^rxa4s8OeduCjS{V17tR6jc1m$~+PU*8;7{T|43htQ&BkcVd2bQnhq6Cr*x% zTbCI)7otB=bSf-a7e|Y_SUr#Dx152>vUBKFJZU_(`lL~<7()`l*Jiq9E9BK9ez=@( zm*{DT5M)a$;OVVZ?Z&Ef8HZL1;7NN#X6kzuKz!+(3PPn$bs{R_$iEQL^BORFi*{IA z{V0*?IiW3@fFSlGB_K39Pj0pRID07n31@Nic_Rx`?vqGYA>bDXWvJ_&(5>0%FGN)- z21mPz?E*#?XKNs_Yju$Gchu9-vMkfpl}9bk;kK$0e>MC3e_J8Oq3f%o_1d6Xm^xe* zfZ`%4$m-(Kd%f=g~QVvFARG0&)Joi8E&mX1u+J>{# zNs#qV##gQ=ry@Pg8OEw(2pVs0e|H1Lg}lZKH}Fp6+m(X#4= zb#uC1<4I3iN9-eG5W)d3^j!T?d7=yGuTbTU8O$+5^v(7Gn9d{c2W5;;n*23$rZ9mJ z3B$cU|5EOL{}l^+bzF$5a4+44s1LzX?*ULN zKDfjCPU8zrhpu{HMFOKLw;(ng4T0(2^*yOX9m5@J4IhMycfp~H<(e0TXRmEK(@F(0 zYZdEqM>fUXrHZ?N+Y7w}>m{NVdArvrL-!#L|e%Tcz#7qR$g@%-oX8*UmO~S<^pve>8jyBOw6K|V5u^oc-E|u zxoe~Eoo$1MNZeX38A()uZ6n1Te^PuP8+wg!HS_=UE=2)GoUORQ&{u9XWVN*EF0_A` zCHwK^H=RjB_kK)g6%?=sjvB6wprg{il5L z{G=d157zto!!fHyhF=Ybevxu&{?-0n488;eJy(kNd+bn+?2IKAh%w?a(-l{{sIVpA ztNp-X{8s_~%^(mog|oi6f_JG$erjPsNCBgg*4n!|TCP3m>6PfccNn9BgEFkMLcCAI zsYzH>n@>T%KT1$l(rWB%aaO`-5LTGWJ&K8&%1A2?aW-1D4ts$qQtf)LI!Qr%Z?~&ptG*_hixVYw8ks^_GT5KFeX8w&?SLk3wM{ z`HVhHUw^^|{{ye+sN(nCHBhC=lCNFtprxH>@W`N2v+_>lVzMpqa-7HsJ5qYn1{9tl zdz@pDO9PGM2%R`~a}~0kH7RmigD)Pa_DC^7)C&Vt=8nsGQdnR`FkUH^)&z9$b8xNx zi4baM!%C19tqP3tV!DF~dAk$YjHN3jyo}!kfDW1L6rE8dI_Bm(y0U+j-yyvZrja*; zzd?d4;t69QbH5deIz)TnKT{AB$(O8r`*iYTGdFxpb%`q!7ckxs`Rc zU9W|(Qm^W+-2M^SD?BRfd^=?1X%m~Opmf2?cl?&|-CN?=pl@$UBywb*Smqgscn^omugF!F^CyEgz#gv@-;}>v zwAYLemsiBKjRlC`aQ@9poIVKHa;P{np?>K!z^WWI>>96?s_RWLQ?|Q$`;9!i<-`cY z>!ocI7G|DsLn@h3Ss8wvtEM?_1Ofv0b(NL(W>2wZ&#&t&@fnwUTK1U+k^c0yN|Xw2 zXwxguL6W<@iizX!*orbW`z@~D8KbJ(@}dgTaROewpXFwV_^G5tvHb!~aAIUtSS<2b?Ie8;`cT3#)@ zFh7L~lKApy-%BN)zaF70K0TnYJ$12=Nx$m1uS1h*m!KONo$LJ~$64Ypb0ZLAUOAHv z#}@`KBcT&USioBXq_`+x6Qne+2`Bv-tT4bVB%ht?+j2TEleL{e{kV-*Gi_8;&~9>O zXa5uXC*jF>x%tWw^jESr)%K%Z+9Vg6+phyt`!Bnped_1Zsk{ z@pb(5q(d}JpM7N*8m9PVpF-|hhq9S))D)3s&(mbcvyeMmbjuwYa`;B~+QMBP^m|TL z`R52o8wXIstg+FB+tnT~a<~;-+Tpae7OXTxR1gvO#jr@zg^{7Aj^qh1bM-%iT9^u)DDh+8x=B=ch(ecDFI0~ay)D!?>@cQHf8SGf2nIv*g z`{XF$j)dbNwO&CsVJExK+R#>2)(BDv6dBSAop9B=u0^jdh+9(@KOGslA-0-Yjg&eY zzZWlKh8T0%2GOzTh=L@UeC~+CEho5p7beAbKG7edECuzLE!>}Tj3iW21h%8Ox)uC# zUW;F;6_)*-AEI5*zO&{gc-x<+4@JCUqO2 zs49@**dmj3%SU_lCaqVvJ?7;9s9rc^8CQ$$GSvQ6sGj3WjEU3Aw7;7N&2BncPPlZL z5)mhcw#<*GK7FJd&u?2#(_miCS$lmp)?#?)DLQRwhyGx_KCVZg3W!FS)1DZiVj%G7 zKGgoU=mk4=&FIZyfW@vP=KxAt)=h6c^w6(uxv-|ofL0?1 z5yrWYJknhHc|qjci0MRKWw(U>uj(d+Eux(&2egmd2Lw?@uLGy&1O+#xPgLVe9xu?X9(8UfHjzs(_t^`gjKKNBldHFc{h9{ zvpRHgX^sbJKG)!JJ<)s%Qor90TFc&(L%5k`tgI-!cG@_MdKJodXgjz^HV`-kV_J~x zZ{hv&S{utFHQ6^)wyEaK2uBqlQA=3z6rxNx4JghRX#Amj%80T>p z>S@^b(n@)BWW#D3&{(L}Xwbg@4sy{md8gjA@UU?N2k}>SiB%?^`OGgH38{y5@h0`i zXQN|GpF^0a`AousB1t8?3(VN{ww=1st;EYiL^Ui!YfWb)qV=HKE;2KtH zsSGE`=`Nd_;U7v`*hSG<8aVfhY8A;OGTEa~p2GJ6dOBA{uyYFw%88aIS$_0Y1%iG& zqI1t`(nn)1r2hIYqF zAY(djNZQ-UOMfw=T0Y%zQVCNGrbNsw<uHevXq8PRQLaXPzCFqq7&Lr-EfyZJKk8>cQ4DMr^}kp6kqY*%>otPZb*! zmqX{GdwP6`Z^USQ_Vn`|>tv=F`KHF+%i~w{d@((SN7G+_m~ixCBF#7l(&Ks>WLZS7 zOEl34Suq}w8JwQ%O9`RE2)ut#+;M^v8uc}Uz2-sn?bK zi`|nW;ru#)_Z5bFG%k_4rhKsD#8Tg%8(u6AoGUZqAM}>O>}WD)IHh9a+$K-d*6XlZ z$h5`PV5l9P7@d28->5`I4>IGK>A}Yl*>%Et_#``ctnc3sxIrR<2J--s?R^93);p2& z&%r!6dZ&U>oX$H8ib@5(PM z*qGkJX_X=8F9&_~;_-Rp3@~2YC9LCoPkXkjrYP8kiRw|O%x@)f5Ma%@L8A$&}`OwD{1 zUMzI$vtnTe9NN*W4*|G1!jjLd99)8VPDIuyvTP&*(xO-EurV-ERfHY!5(i9itKHYPkQ^IJ3o ztTmmCJW-9-f^p_vyADRtDAV|P1<2DFfjCDSqz!AGl5b~9&uIqtw^iQCs-Ii~ucGbG zt~HK0os7Tbfz|_gYIUIp^IK^0QELaBqD0A@-{LVJ#sV4R?V8JHF4MT1Y)@cSXxg!R5uzhSs82 zd2xAo0+Xrte2@i#V567PxQ}+lcmS6&@%D7iuYS=RE^8VlHr*%fful094 zD@QWTNJ`}(l-8iyU{t-!fmw~M#{FV27hhZoKUs&^28@xrQGC#Yy0A6I@>hnv9ApQT zjwhhElXdd$gH(q_!Zh#21pLZDo|24q;dq)D!5sG!>|@*qNwn#%-M2P zam`Vt)hbIUj@c$P2c5G&ntFodxI3BNwhq6tBffIjk81{a<&iEv2}l^o9--tKQ{Xrv zXa7$-G@Fyp>imo}XpV1bZ_%%~NXGT>9}G^CRnZYQA|+AAL*|;H$?!ERbng$zi$1j1 z^>VWXXAMgH3ctz1#u)hxvwJyw%urs>HiCN$lcS4Se658Xq;3G`_C&Jhu+QG2gZ@Q0 zLB%3)w@OZ%xH<^!#4R2@xgnG*k4x<>iDsVS@$cwMm)jVyo$#u~^_w1XAZN=aJ$=T{ zq{Ymy${22Fr(34?ULbbg1*sqOjt6GLzN+~>)Sg4=H%s=ww zwp4pz|7rzPR816FYW-l-Fc)nthVM^5(XF$Yr=|-fz_(<4L4ZB6&+0Jv$_4FiQanoO z$Q5?}K?`uLW{-eqnu5Bqw((9*svav^+I5^HYVuo0C^y$W?O45PXUH~z&kP|jx-WRi zrWHW2|2IWAlgKajj5n6|=rK2l+@r27Dn9mc$orWPB@1yMn}3N2129Cn)Aon2%HkFk zm5F(OTLs+PrbH}eaH|N&z9U$%AV@{oLZ^vbTwdm}&k`AIRXGV}@4E9R_?x{dYn8Bk z`VmNGvv=}~MpiE%5+>%HRReST84yp>xveV~Z>n(GS}rT0AeM;WbQ$h_C$sukD#s)B zmyql+)2d{2PE{e^rTfo_qQ3(?;>(?^@owGnEXY|*k_UoE9ncS1^n;-H-F3K6MmAt_ z<@`$?{pz)jHeo9E6Y?vU?Q*a*2CpEbD_sX^#SN^U#G~mltcEGxzv9+@=OuUxuPgHn zD!!=KBLTa*P&Zg7+z2)9TOFC#L9zs#k47H-4Gr4)fVChR=Vr5z0Zj4=s$@6Kid~4W zE)JF^Ih~BrxtCv77QhHayzW}9+S4c|_VF0Q9h#3y-7WREGOJ7rQ8sv1VQMv5UJ&{FSim#5z{t(dgZsc+Zo{w4ShMRT6ZK zdAlc}!sQYvYxifRU?bGm6v{&^krznC9zd#D#6Fm`BSk$=meoEC_t~|J`rL(f8PnB? zo>XG@G%m6Q5G`*cBpGis{!UE=wHudqx@?P6Xc%2kh1K#STyzs&gGK0ax8fxJQGUmo z0T|g)g9f(*Gom3<({yVlmJ06KyU-gWlsal37j46Y$j!pD(Bqel+7}%x5DHE3YEAYJ zp`&*wyEf`2%{OH6D%q@E52!{!A}Wc*>-H)fJz2~l7+5^KExBqM`6#2Ne7P^Jl^2K{ z$Q7`0C>P+z1C{Al2>3+V5yex+5{~?Wu?i`G7R!s&ijv{pb-_=yx%rvEZ^1OEJNyh ztOY6Q-t;DuA$YbQqp2n?s3LaKTfdkgXs{f^Q{0HB*)3^DM8oFeVBrox2xhtL)aMxo z22KdtP?D{60i5GFqvl$mSz;ObB8_tRk8JwcgrFr zzIJRc(qj{-6?-dBxQ3cd5C-H$5BBQhJ0&0d^dVnAxM!FgX6|7Cr5E0`Yu>lfj*OB& z8!l~KU6MHR-Z)K z^3_TRXDPBIJ|4M{+CxY0m`vA$ zCf5ig&8dL7 z-_<-xlHutWkKRjEc3*F_sYW#Rx;Rz8{)=u_>H(nBg8DCyRI00)dU!r@JYx+?6+gws ze@XTRA9o=XH{VB(GdIfw6F9mDH?|MoEo?Y@Y#6v`X^d}2gZ}-UFaX)j%eDq7Sb0?8 zvna{J+71>pUOJjp5DPD7YRq&V8?QXr&1tl$l93y$BH7KNw&ZXA6-`JcSq%UyK9Mh< z2PzB@Jv%wtyVjmOTeyf2o!NggG5n<>xzJ8ZV5NKNZtGeB_TDI1RN1X!S9y;}$0>c5 z7CBQspN+$N&UFgQeT(kv!uroH8YXY-RwPBKO0y7d`K0V9_WmKg1G)Xh=j zOE%D-6L*!4z z!gW3jV~x!uDeg`mBWqK7+vN0?Ey#`k3LC0-Ya_Vq;h*&QVfR>T#GlGgEDIX`;;Z(yE>J6E@B?I9X^V_rTl7Il z<&&*9{iApM>4OPw4+_!?=E|e`h@f<1QZ@;ZF3f6oiy~spUm2{8x}4`RnExMp?->qv z+wFfxP0Ym@M4d{dlJPq1v3EpI#Pe?T|!lVi`a%Mql{az^k~>D;PYqkI!t$ zB=ioz1arAnuv$vz=?{o51Lv{`LOpM_jrcIn*I*&lWe8+BQ|ns^KUQ3I7rGdWOIeK) z!Qaj$HnQ*wJn%rK57)jiE(y-wX-k-qc~7h32&1;Y^e^=uSU>(nTT=tXB$ZrLC;St* z{!{Wgf_)3W7Ry>ciKRSJRog_FVSoQv@qEJ}UGPUHl!edUBTHTG-ZEEIncXQ@vmnG$ zvst~xsmIkJoW&$kA13IfHP*AtWS<(}>{o?42{cIX6y+=Jw4?4`%_5oI6dgE3`*$Fb z@A=t0q!<8mq0mp}4W@3XG*_}|i7J`4NM+D=T|h>a*AhX@yDUO-MtYTTQ>WLO(I9e@db}d(lNTpw zQlWBfP;i0Uf9*_m(^AiVh+?98jX=tt`Ei4;*x~0ad(0#HcfIw32vv8S zIzf25zMp*i>Kq*wd9Mw>J8GrALdqZy;N=jxQorz0?z+oTjatsFz_MV*hh^!}&8>#= zg9txF+HY=NT8|fj&D*Jelsl~&*zu9k_OHaI%WJqY65SdVC)FW$*Pr+BfSr>GLoFB;cC~ZCn= zIUPRhuX!+MXKN0zCHs_zi++#;@agE;Dxnk}bDQe2P-<_txSLA< zaWE#YL+*RYn>#@_D&x&VMBC8y`+RdHKyk4fx2?(*IcX@PmoDi($-U`$Wgd=SV|kI_v>NIv>vygn9e0`va|pNgE1f?aK)ttB!l8GNtw!mX-~EbVyFURymDJ1G#MH->X?g zdlAVZ7e+xi41n6_cgb$m)EigJoXaU>9-ms=S<)v(;3tkjp1Q7iG;Y2LgKXHeyzu z&Mibf-j-7xt7wzPt;y}o#8N#Y-9~#~-qxobb4RG&E3xPxAUYYGe<6Zya6`v7x|{H< ze46g(MB3npB|{mCwfw%v$Znq6Hrwghw1|IxF3Gy?dZr5d+Wj=!S47+SR{b8>;xTP% zJG`+-y-HQQgCsX|H4eO5224Bn%yzb?8_+yu20eJ|x4U(hvmQ~l*hvZkrQ5yDmNnX+ zZeHrAO&SAAf>-r1e0DQSiW)Ckm8eYbmPB&_=rAA!S)r|9okFZWZ1@~eoteN468~no zKaFtk;>dE=P&q3SYOKzW@ z#o4gD!mM~Bbh{ZJx?U;_P`hJ^X-%+0P*C$^vPR>8(_SFSYpY0{WYqMN?MQcmkmlD| zxIG5wzMf@8>QS6=PXGX-LHa?v*)*59#=-N12!_$dWASHBq0@^l{Cn~iK8YNK-a6JS zlA_y(WaZ!42R+LwDSNuW<|7N7+YXl1P~&iy>7$f#fEAc2d7*G__YHVAI%02l<{_c3 zbt>=C`7qaAdE~Sz64&@Mn_y+a-1D!62&eYgVY8C5D2BAeNhv?p!^zy0v)O`yqj}Qg zbwmU7a~;fPXw{|GCmF!{OSbSg)fMixq27#t0fR^@qGU3L}IyH$It^^NQ=SQ11HdJ@`M!q4OOIm@H z9Ftn%J5nN$e4ts}Y5#@UvQ@4%l7DwVJ)7;&Q{K<<;>}L4)0@uDM-dwSorIA`=X6PJ z9ty;5ZoXV6Wc`+K!w;>!NB|DjcPBOOIBIQksgkG;yG(chc>uKTBIhOTAQDff!* zDX8lonqXe`VrSUn^*aVkhybLoH0-10ytyIE!Bzm+R?FpWlhP}%&Y;uSmN{wm3vy}p zQL}Q1yDhIh22TpP-fM?hpSZjSz*aaiuM#m)ztZa3{#xIaT|`ln@%c%3L0$(P0yjFp zhZj@(1gU$4aihI9%qb4rz_gklh&NROrk~!(8b~5vYPVW`ww#j~GTPR6s$_-bkVN=a6J*98AaUK!#@(EHR;e4gM4%LE(k_r^0bfuVDmFsL>>``=1CN&9u6M?6Z2dIbDSS_>WaCd z&?EXuR7KJE+ld)++63AkT$miY>@7W8A30{?ci2IBqVLjnu-1M+Vk#&JS>^WU~ent@{rnUIyt@^H0+r-88f-fdFH4SfRiNX;@@}mKI6QRq=aJ5t1{Jh zieINEx^7&tKJDmi5YJtaBx$uI#PBaa^2#+ghcjnrD^^)(^h;XJY`IIm$*D#y&l&Ca zxR0hFma`2z(81X!CAW!Cgq%ZsLm1207(iDP2sYQQw)spw^I#_KWMyEfUbaB=+PBZW zU`C!{QdgHBN44+vH_&~tKziGueiARob>a?MfrSyT@}>Ni&W=1M6UIH$U5lxP2TheK z6K)$}1bHc-gX;Hi5-FfZK|> zX7yNeJFfJlnLp)N+N2Z3o79=QY`y7mX1{f&+m^BQzs-5jM-T#vF(w@D266f-f;G8B z))j+Kp26@RNNrd7*u60`hK=GCmvgQO}dS*SKT;tn4vYV4< zsDZ1?^MRC5u8E&t<%|Phg3f}AeG80b3G&+m$8Y;>3eVnZ5po#pDe9?IWPhk0pGT zH7Nq34s*LDsl!z#+B6wcX^-k-M?o$9vuZ!4_atN(fkqO@5zfZJU}%}tbav^u%gn>(y;)|% zbA=fRu%JyCN9*LL#{%jiHITEWr-^kxU>5kb7pHrH_%AGgmbP6?;5d&%>$=h4D9RHv zdFhd+M>*U{yl;x^Jhp_j0{Mv_8fu(PPmZL#byqobC0z{`#?LvfkY3?8<1CUaO4R`& zQ+&uvZ+!Gr0|{R&p!^6adK6SJL&CwVRs$|}hlkk%sHUG6P4IH=}ejFbK@~h-gM+1X2OGx!>j0 zo?OoZ|1n+0gnjGPQ{{d_ibH@I`nZTzN1}r_97Hgd>Vk2 z2_hPOC~R7LTRkCqaAhFxGAGq!8V~|T2b-L*(>ivL+usP)`{qkEaOCx-US#q$RIf=| zJ<+hheV_cLWVmHY-99v$I9%)*8ZI(r=cq0ke4ld(pU7g~|L_=07iitZvR&z>NsA8N zrip7OuBmWT>)Yj9ARZQa_pT(_{E=ohs`}kigMLMS%!TDIRRE-y)bBxLM?HAu{yJ&= zYCsw-vfG)K)K;C(26Bp^RUAYMmQi;e>zY^q?e) zO6OdL;S!6Q}P5X7o`(i+xD7zG^DiP5O`;ewb74ox58nbbetD?=^YS7rL zo!TNw#B+;>3%xX=9F~_kbxu!(uYwg z=e2f-c);(P&$*Zx!-AK#Bz2Ef8gIsjJZSW_Rj{*Sx1E|H8$w|&SMm&ZoG_F2-1e5P zEf3hByb0LNZafvCkVV=d`n4Yyvs5a%kBdO-h53pI=ao7g0Oj|x=FFqVc@l0C7ZsT2 zieP1M;T1~4-?n(R)7|(`^#vt`X;*}P38&ikQ%ls6$En2yg`&^Uj>x$w0N2j+g#%Lb ze^m|tSMVw;fPHEIMOE=??e^b&d$h6N!F?Y#Q{HnAHqL~>XaF4%%HteTqpdfvd+*Fq z${;q4`)Wiy<|f@2A?2sQc;HMf3YVuf3e8sw)!na(TKq$kvW?q!eeX~!h{toFdkZ(~GdhGd*KIPU zXjbqsGy0C(D>sK7Z0{GH5Gho%-2=MWj~H}C?7z`88wEB_V=iTE{7L4FzA9?;1Mn8I z^lXVY$5n7Sb;=5sRId*A+s#wBG?xBp*;Hq}M@l%PfPjM|5ijpmps}M_;7?bzu3T_< zd3)05^#WCpb3?W&4Ha zCOxb`^kr1u{cL}Yk)%t0pZ1px4Br23&g&e|XR=Qjef+egY(%t)4C2=r`bEZ)yd}NK ze`$yPr1ul9@jyH;lIfXNW}Z+=G8vG`iVQUHVzfpm+i)b#(wp__Ztv*h903>DOjqr3qW^RXLd#^@HO*LF+NW1R}6_* z;@#?0FivT!gy1K6uQp5fagC6u}sLBwo_zdF>guCsrZ&jk z%J8W^vjx%;uhtTKjvX_tPovG;fk<*8(XBrX!JXL&1zJ{WT?pdOn+;pz&0D@p$(bJS zi0lZWKc%uk)F)MEOw-GyrW;mErnigaiFgR(5+T2q@8_oC^NqtaI%k>7$Ox3o-xu1Y z=6fLg*%I>?*UeMi(mcb3XQWxx*y&2@D}(`H=#EG_vVz}4ch~yX1`jkl)3EI5hVN|g$YTF8wA^Y^tGFDQ~9sSX~o&6rClot(OC|i zG534P&e)OW>Qx0XDSDd`VeiePM?4kNS^+k>lDG!1XX9V*UBM_Ycse(x~(} zhv_wf+M2mjdecMiE86I5sc0O(-OOOh_-&$=6M#~qSQ>h4R#R+R5w^zbkmG(zSMo}m zYvzbaF4iGnVuU{LxD!I7s^<66qxpG@9;#f5$6S`CA>DmHX)BwMio5SPakwRsa>Z=* zx))6d1qX#+D!CWLRn=GrJ;C)S}2W6J&T4|zOf|6Qz#}WZyWomVe*12zFAgPRVW zwL^Iul8IA**?1>QkP@Il#Lum&Voo-!%6UEBhBB$f#>p?Qk;sx7P+=h(o^ClCr}-LD zgV7#3Ul-*pQe@MX7p4wHP0o(#Ov@iUx|LsmWl8%8y@HF@ zpF07Qm6mrGj~p$8^&jR8STx@-#3Y%WAJHm8h#tZFc${;lWx3^T0K_6xrvf!Oa!6#= znN%#xW<{^a11v2$(F~>7FE;mjr1<*z&*uqHK^>KTn#turMG_&G{thl$RISv0{A%Zm zeG&eXu@}R2I`->(qXgVGqdLqE?r9^%D+<)WbiFdA--j??WPCCPe_|Q)0vQE}uQqRC z_jXN{gMn=LLtbgo6N|<*f-@kb6~JOWBi*eSFuAO%*#1?)Oy5mCZx}b{F2lyM9|^ZX zQWW#^HjPn|7HbYY{wm_>dfoT}L=cM1Q1ardUuP_ z%aK1*rcbkA4%w5K^Z~_-8>CvTk7Kmzw#Ui)oqJ;uZD2w7MTDCa4+qFbSp)RNGO~MZ z4^cCcj9KrfN2`N90rVXfm1c$%j@>ute%-Hu74-yuv6XfYz?XSdoJ<5oj#nJ|i5;3D zBU*8mF8RU*C2nUKc=wvFPB4a2^G5{B@A?r-9HrjoD{p;Fl};-BDOEqKUOr%c#IVRy zyCz0vsydRCSytMBbCck`b-}qkiklI>4Axzx~IqLrQYV^GQNz8>TwPm1w}DYA}2AAP`I0lP37YYqX`uNp?0% zs0NP|8d1lIZtSkrM_bWwp46ma1+HK(v6xeh|g zoG{9tgW!Up`6r0-ib+%PLC3X0qxFLiLgrJKR)DS(se)s$lIWxgv*Tb92R5gHDbV?o zvJX3SagRze#__SC_Sj+5D40Lc7}&RUn_&s1=8aHY5uK{GZHOXj!>_skL?k!DGdHlG zd(mgGO5L{{4$kwrADQXgF#IFTCy3rK>y~OZ#l37d6&01Ttoz}A8%!3 zsp67;_a6A91vWR2QjncPiw>0YxB+6-o&J)9#X72&JbS0DP_1xhp|h4V-*a?q%>ekr z#@;Kp&5HMjV=>oo_;GUy9y^O6+e)j+zC_V9?{Sz|oO`bHp;PLPt(El4RY>KlUqAQG zsGVjIUi(zZCiXB1%%)cwR#T1Wo(09ag(!|$PxRM`kutzqtfjrd$;%P^i31_6In$yvo)NIyV`=1!J^KIFNj`DXg+E%(M$!RJ6<4x5fwrvmN|dm5ihy`hm* z6_sH~(S1z)*^w*UKFY%Ynx|(yME?>a3g1kv-qY-qDO%vjQj$tSN1@G77fO({XG`1um3{>PtVEF(9PEjQK1&7k4)vqTkdPzh(?#?2g}6^o&Ef>V&Q{Tf9lEhiyE&)Gl(V{E0r2mQmyz|i7uJX=s z-CIvKLvcDoPa?Hkk}H|!=kf=>`4zPR^+Puv36)w5q(b2I_lR!XQvb`A!UocyPv@bO z{QS*SW$1bHDR1p}N<*WX5gS3E?{1gSc{pH+D!TeZH+P{oelK^nR^_M)9oT9pz(zY) zOR&s z)62wsBpy9s}sCNBEbJ zQfy~u=>YFCphS%lDBjnmO1R<6;CJ5bo*RQx#D9+3o$ zftBha>o~(uQZ`?zl%YD+gPU`$8{SX#V~x;s)I=rR@@>cKp-ibQNx8jqDzbew{>S#FpC4&bs7H(fi3F#5q?b9NG`G?M10=8v0+NmwvW>N&#? zGPw}twdQCjn^5MyQ*=C8?Qsb>6J}^OJdx2#{(9TGP=^bKKUSzt3Zdnb99wsAIh$6- z$vmjJ`wvyOVVL-C?vwT7cmaTfbnC6}ILQnny6L>WJAGvMtvDUX+M)A19vv*rk&oc;$kR zq}+yDih${FCuVHr(-!!Q2%4Xbd`H|wPd&~N8rcPa?owTfPF^t;B&}Ut+qQof)Y}=d zz9_=;Y5h)$kO-^a&BH2g(mMWhb^f`TSE!WzL<2g9>XAONvvlP8**;hES>l>`vD~Um zvAgYl3y#})tN;tBVX&8nMF%on#{tX=;rH0~C!wXEEXVV1$)_{`_s2g4`kvy=(~y^0 z7+Lg-)}W)95+%1teUS$I%8|v|Zd0qF0R=A!@z&~Xmn}AV*XJC_v0__nQ&rBV3N^De z13bg)Wil5fF_5C=o|s4qY2vc}ff9nF5-ct*g)~DmA*Y(UR>H!=`d`1ei4S$h+&c~e z)xo64M=tv3MfmspRRQBCthPm*e3J? z-f16iBxcEN)u#$s;PfC=5=N;2l;Lbom9HxtFh__<9+C4{?GSE^hIjBM)vr@rU-ut=JrlUIeDQUdIm6Tauj!D6&V$mOV-JxT zDfDJ|wLKeGGwAgl^2Q(bWl$x6N6~ktw+g?qmP8ayTt-%}H0($jL{!Y-a}UbDdi9A{ zSXbb@S{4bZe1?9}-=^eViutnVW-4{&$iHmfJ}IV+`@~>Zkr*kl zYGPu-)Is}Nm@o9~NnysjEqIb@cB+X_3kac)C=n@(3husFim!Bpx?^~BdeB?K zM|Y_`ftdh;PrQ?^Hg)Mhma)+nD-2SqL8!EYD<33-8z8PX7+UaljxQ~`O{ftW4atdf zaqh|i5;X}o?I}F*Z%lMj($X?ExT0eL*s-<*m#gwea9RS8w7NRF+V$fvX2?H)!V-*K zWu&wuY1Sp{KVg?U)6y#T&MNYxSR64zp27`Lo<|F~jR8}fhV8hl#8;S_SKBBPh}$x^ z@2f;!<`ds_tG4r4C3lD9fR4MIO1FCLr!AvxjQzR1)P!zOo!y}c-zbwnSogK z3QX%gTih?2uYeTDQvoA?>X86nDvPXEi;VjstC({V&B@YhrUw&3vi)NTq0BE^8RVR8 zN${ze5jTx4m0^Kox+OCsqC8r8$ab51^*!*eCNd#X=S{>(8hOgCK5&|z zBbTQJpZ<#lFlyXTx3aNDQ@|SSLS|KA(y3T?j;dDYK}=+~s^zOBr(q#dRl2-l$6h{@ z5+j?g#xMvV%vAzh2*>As3Ta^aU%In)P@$g6966=&i=@WKKU}=Z-4b(Xq527X75Ebi z(hHgCb|G=L*EnD1sF}4iGqD`HASTNjYny$7a<2*s;y&iAphf&3XOHi)W~@gyG52<3 zEv7T2ohpvmW{*mGH&LubCz{HVSY(HGV`_~@%;TfL=9%?b-bs1lym$5GyAQ1?w}?R zEX=N(rwrUlXRDzr$MNie=f||AaGsuMP9}gmDDku*hX{LJk)D}ZJ<~)n$8w|x! z0rbMlxS0sIq)R=Xq*J?K(BH%qSph5zM}G6O!^`XBi^VY4Vo>kRZdt#pAeW8asgKEoY;W4N+)I$k1FX_=@V&;lJv@abq?+s^+G zi9L>XfGCz6vzPVD7XH4M;xiOdWL^YoSDZ z%ZBYgo605iBymOqK;dom8(+qe_0|5K??3LZI$aGeA~VJgVyL8edTJ|rK5X+B%OB`# zG2Sn%9@2^vIyAXP`WI)46T^wKA6fysr?UkG?!vDA-GE*NOQ2sG16uJ^sUt+=| z|NCaC8`wsSEmy{5d~u0n*R&OG|CTUX@19?aoyC4l)!^Nmn;F%;56uxOk0ZFTH~DSK z`HI?fnPlj}Jv3%}HoQE^o5x}{M@H`o$-N%R8e~0>Z+Sw<$({R;quwG)@VYdkOSnjG zUbBrprHQ|eVz6v4|2!VJ3X&|vW6P)}s1`lE^~q2CYSlxl%@Ua7cp4znO}ILB5T>)V zl0>DW$5TV8AO85`?WTWbMEO=e09wFoF_S{qML8ci@qjvlWnYiHZQUeua^F(YE@0Tm zM6x~jr3P*0YlCPf?D*sg!#n>~DfzdgwQuF!`EDugyo&3*1ic@DuB({_Q^S(cbE-D_*~!td=jey~UHW%n@2m37vJ+p(|KSyGU{fm5TXzVVhCTepPyBCxP}K&?kkRDe^M8EN|NRG3 zaey|%JukHw@y8q;S<7o0q;~xFpAvBBBd`GCRF4lusHF5iujc>!GW0pus76bp>OUqm zisN5DavXgSG3Eb!segV;-)QnL^6RwO$ZdO6y^t0$M_qLk`^`4#-yY-tZZGuMF4oA> z*t?r|ai0mU3FDfmxb=oYnaDMB-P{GNg9fq^!i%*27SBFOab zQ{UEUxsQBL5cKMX?+=1x0VjZi5faI+RW934V|4D4{Nd#|(0z?vR%X7ml>ZRmy96(F z^{;Z={#5i)ybC*5sk0}4ZG`k*q*}Ro@GW-{s>eR!KkjhO^jDql&1V{9V5P^4U4 zRJT5H-nE5K8~3^C^6k%(Tf!Hg-lC6i#6Hte1yES_uQ3YOyx3^6L4XQACx2kibjD8x zz>c$%TLPnoj2{8aX{^aU9^dF`5*=y!cfJV~t2zpRQ>WTstt4>5f+hsG-<&`AWAoYt z`Z~MhJ`4W-HvMm_fQ9@0nzH&FeIxnLX|ejimE1jF`A@-XKH~8J%I^LOt-8?8=t6``~W}oD=_#RvE#7 z%gnbK!4MYZ2W)Zx%xj`@qUY5A$1dL&_u5THeEEN2&;QGl{gehgy9GCdfXN>}JJM^% zD)E@=HwN`DFZ?fmy?ae#{yfLK8uG`xURD{{#JGVL|Ijn~@9!giO-jBGMJDt7`I#aC z*fQyp%zxs?{QG+^02Jf@yCDDm@c#!L?>`s*|1QY?-#dh!yOkUyPJa)Znjgvq8%Sk5 z-CK!~z&U?ntdRImasU5byKEL<4-AitbH$M1e8es&jdED+rQLeKjRZZfY|I~&X= z7FS#T)M+&0m3wHsP147^u8JUZP+U6I7qK=0dDFwTt~m>lj(1$YUj3;e(Dz7(NA^c13m7lMEno-WW`~UaAm*$GGWCB`eIvhrewEw( zE;_R0ac9ti&$Roi z)U_9M-_wmJZ7>8F%@M?SVYEV=I5&xY(Q2U@-Oa?W;PBHE=F4-mSa%GYhL?gSIWzV( zGM2}@U$#G4Aj+%bp#8~6S*D!$xoQ}Vz!Prn?^U1vX%H+u=9+vBg%Qd8Jw(J1mo=J; zg+NU2NeUfW+TotaW4+rUUPhHRbHB_7O?px}l7Q)7OaRCGJ#@JI-c|H<)15wL?n5~ zD$IFvCGkPHD3;*j1sX6`wLaI9`n@;#YMWC&0kfXRJ2Ad~0eG`^PYLc&`DIAr`wx%8 z5Q$aRX8l6w(+w)VJam$)B8`CKD?oTltJQeobPAc~6L6SMulj)Ow;gZL&lL+Xvau<8 zkgW;Sk=*n2s8^Z48*9U^tYHIT$GZCo^TmK1`E^WBOb!&Y$&|F-W~p_wJ;w!ri{j!( zav=djxo%2;VDpo`XhvYbqaAuS4TvRgp@+)@OH^Y%KokrBaJx@4)F8c4g`6Kinat8JsRqg0)HkfSQ;Aa){j{XNowWF!f9LW`imYJw727 zfVqSgHQnb@8BR<+-P_z78EBqB{N(|A+wg71={Thv$l+6py|u>>6tIf3fQ8i*}QU0{RycEx2(^(Ojtt^lV*&?BQDptI<5> zP^xiYx}Mz4E&i-`Ub_prfk9Jbdkd(sf}F;e9;S`0RJrnltzROuOjr6eaH@gPr!TC% z3pKnMVf`L@AX(#|pUOH)<;8W(+ui1hc%^b&VTO#WI;<33(=S69P$AbTtG z$)x-qY-OG&i+N{=BxSo1VZVN3IHX}vd^By~hktmn;*sU9 z<(>pacAQ|>?WvSJ>wI4l`^L+H(faCd3JEr7s?utwRnF#ZwPNjd-0IV-+-{VJCj>KM zckyAhbE`W7rPP^9@Mg*ad*guDY{U7~xs^o~zz9ZEMe?QECg|1c55oP{%;)Rh zKd{IYr<)80?ut`sAN4Z1;F?TxK$(<-*tMDGmpVN2cpRuKYr+6#aBp&re)w@iYt2u0 zc?*Z-qDgdjt6#u!EH!na4~*?E)YMjuSahDqdC^fZ+WJ|$d`o;qNWybT;QVz_$4h~i zy%x!LbKe=LSZOL3)dstYUI)-yR%h5idKW_k?{8=cb6EmL#_8oG(IQjJoR=6op0k$Ad z0vbK6T*S5Noj=3u&MJSYHcgGePnDU+<9))fCFijG9XSIoM6y}Aa%k1ZkP9l)VM-#0 z>+@PZjqi22`M@KG*z==p9xU+`Gt3zgR&OIKNIVnTMr}G?$knaDkD4EQg^I_-9;{E# zIVCixR@Be9dJ?#AS0ymN)pS4p`7X_%-nnj0bTcsky~90WS`o;V*EO4ZI*13_UFcUo z?g1*BOfH+_w;}C!wJ*^X?ZfCgUnmE^ohIWE1Ys|6r_VyY(3M1tHI3^MlwCYRA!!^` zqXOPkqIx$~d78p)d~$d5a+9!Yw9jC=1|6{@;?a$BJeOps&PqfMfiA5@1bBo{2zLEN z#F{9w%1EYJGig=kcI8XYfm7J5*B~+O<+j8B5gK0CdqnG9SNO3XJ=GM~l9?{}`-P&1 zTzhFz7=g^^>(gSM^x}W#2>#{!%uWe zS-;5Z=6u&;?;iNGz33FEcXc~4pGP$GdDvEOO+8?WVby!akvO-Y&kkI8Zs(1JFu2V? zgJJr9b(bKlw{(#EaYNtUu9ocW^>s7%wyMGTekoj7V8?EyKSq2Qg+qjR`i67%;<^C< zZ_y+$7=600YKzmp`7|h+jlz38<>V+TGL}QT@s*&fhpxV-%eOhB&L7FKiYaM?0(o6^ zdu`#)mDo>8YBMt{wBZ+fn-P9NTMu~sh9pT6GP2;BRz$(%_wE^Sy%}>uSX7v8s?Uk? zdiKX?;DeDT2i|F?QxjyzGmyB^e5YcO-gEamGZ1_0Q`4QB01$F)z)8-s!lR+uwg|r1 zk9}0pO`0nSC|b0Zg;mco-!5L{@_2ZcFA-)JvKl{Q#c8B=s&R^a7R+S%x&XA zd2Dhxw&K-Y$FP9=RDxe!2KdP9%842zKK7M5m%lLt)2Rj~up1;@KH`_pMvF_vzXV1f zH=aXh?0rrW=O%xu3z+yf6Q~0PWp=jai*fB_A&q`RMBeYSoW9PiKsrRQ={XJg^-aX5 zSv*ykqURugk;lwIrC1wzl2(*3l1?L3y4FEWmBio~gj+cj6x>&;hDbzFl>(wauA-Jq z?i@J}P7=-5cR)+fc*Qm&iOAD%7wFU!YT|vAf^r`SHioki3)8e5ivccfjTd|OyMg1J z*W3N`9y87xTb@s9H-V1PW_jiUE*>dE6+|Mh>BR&^vD0XXvUfsy(WHG72OzOItQa~a z0&CV(W4OzR+N{`Ra1hZKl4|DL0IH zu%yO72>g+tFP?7_m#zcvjum+t+WSO8|KVZgoXc1hi+nPB#oVnex7M0uXzUDhnj;ft zr3Q=T3>VvWGi<&(^8Dy4bs!~H{=t0fGF#Gkd$M7U5K^b5Ps79a_K*c{&~xC5Mj|vZ zv|lTEvi88~5Wzq922e^r0iMoqnWSgo`e*mOE}JNoe$MGWhwSUf3c9MuOOy55~Bcq zGF#KIHt58nm>faC)u;@5D#t@->CXa;Qa7L|g^{r+YGZ-wbpaJ-(v5=Xr|yVd{+u^4 z2e#Tcc?U*&JR+XG$!@6qF#x#BS&kEYpv$b3uu-FH{s=w%+T(D`$c(t00tG!UWwENeXLA?$YLYmr;+jbmeR@59;2P2JhC zvC=aqx<4Gyl0h7-o;R4oP;)q)(Aig@W^g(-4qHtdlB2K_^F*W&ZH|^KCx^P7b<*(% zgKtlomIu5_3yLi_>(zvg6>0>#i6A(uEQX9HOW#M`4mp2IOna&GCWf8i0h>Oj#=9a5 zJcQ*9iBjPCU3FjJ5iA3+*D8NyVdu4o?jD3{3+|Fxu%3*YX9`S@?RoGR z9k{kY@R8(}08%LwZh=+`C`{yb@uv}9O4E{t1?o>5N(HD~EJfjcw*R99^|GKDMT8u69s&4e2Kcyn|7 z7XkY)o?y0Boue7V_Nz%|i_|INt{)!2#CSYh3Z+dD*t8vDf0Yq!P-7Q$NbOyjh;mbM zO28ZiWE7DPN>@C9)QIk!ulaWz%HOcDXnjj{*JXEbPW7Af`)8(5f~~108R(gNu#0!& zMo(|fmu?@6xU7}r>iET3qmMCMoDPw7bkV?=WKKga;txoZ;e~0}OS2svfpWQf`xv#H zy$82Zo;ZB3@P3;!GJ1Sn2hz1rBm-(BT_M=!{kU|lj6A9K+NmRIU|HUVi+VsUe@kyN z_0S7xo#iWera#Td7*&!@GE_w)1l?gUSKRlp9}Om3D!o0Pr;{5SLdQRBWpcGY>qece z6JA^NvMDW;z<;PESrmh>qmb%R9wj_+rr%I^Sdx$ihF>J|7Ppn;xDK%k?zB8cjGD&f z^s1lW-L`B3vu;f1#?Agf>&1zP8OIBszTNsyW#3D>N9;~~6X#EbjYX?d)0z)W-4u$)3B{Gjg>&pD#TY+`p6r=+H- z_}SZBomMR}mXOGv7`DkVxLXyauybu~z+pLcpT{=QGk_n^2!aGXxleBfTZAHS6so&b zN05k}P1vivdl$X*0!vaG^s>Od*>?|hPIpo@L@6X0hc9F))-+-|QyvWNy5qX#p|JH8 zXm%$dE6T;pYLT;_ypv9t&%W0dAlpz)B1oY%Lba6Lxzty_ytR+T79TXa7Tk{sqZWJJ z5tcMxRDLEIzN3fPNaoo@+D8OTyB(Z2T6>Rrh7pIKbXdb=Rmk4`WKU#3XcfFGu_0=k z@D`tejOu?wI{wVgAI@lF+|!*CO_g}#I&Fwfs1jQr1atH?{pII-0AJvwia2e-9D4xd zrRhE9-BCT#jqshLj6N|3`(Winyvo2AT0#10v=n!B;JTLiD#eapae`MkG;M4RaMbKU zzET;n0%(Xab}+GAg^=CX8dQQc9`@uW)VNyfv><4>3}UTSe<64J;qtL(BpS0LgpN2v zp5IKeQvNAK*B50E*F#&ID_JO;q@^l#0b1*d!VmutnN(n3n!IWG4^)yk)oma;*B|$) z5Jn+~nf7zOPqtto1bIA0OF@EDyVKj2Q913Lt{v2#s7*bd>Y1^Ex*3QD0o!0}VJP^~ zu<8)uz8M7~b>9Y7>yrS}@V4gunoKY;c=Kac=MNEQn08gr?aaD1?c%SuJ?d9?go@V# zqrL@$MaqG6C8C{})uR$J4We{Jux$>DU0s;aWyWAS_?=uc%?E1JpSd-O%oVNEs(zEV z^c?pT-a>PRpa(<~CN?&PhDPJ;x34P4LfCiGAFp<-LWPx5H>TRO%oMl`eti}mtk(ljlno02 zC`DnVsDs(FL%mr_a7zVfemKReKH+^Sl(jkQGJq+cH63{$H^dc2KoxIN6B;zdsE|}c zYF--E#6IeVNMGW-x^((cAZX@)>Y0r(NtKZ5cLDjx_|2tmigjs0P{8>1bRi&29)e@= zyQZo(lhq`0c^#g@zYYUeN_6-NloS}Rpw*5_7Ga}*8{L!&RRjcCN8FIB(^Z3Ptzh-r zM|BUr**EwFB~K3-mI^QnDXGd`-(NKOP1kPaYj0~0q(62U9{5#U!wV?wtK#Oo=g7t5 zc&%f7>JQ$%xEdKyh%Gl!$4>)P_%Tb8LJqqTT$_>j4?ZUrch$8?$*F5fNS*Gl#*~}A zIU~oEo>EYXotm-b$yN}nachMnOGu!-D_hXVJ|!npTgMOyDJmNECM&aN+D|wuro5SD z-82V_Y7P1W-d7XdwA*l`I_OLK9tz17_{vyfV;Jm*A$S zvyBZn#sG(X$=&8A@uS@$r94#}ds5a!4EWdA0SLnRq$0KH42WuP6J6|5eN*tW>Ie~u zb6;8Nj^eiYA?wLI*FY@hGBE3ghdZ}^CivrPMc;>YvxMjG%PV>k#|hQ-+s0fr_OiJK z*$s1WS^4ZQpQTH+evH#}*(XCwSPmvq#E3{~WgBDf2 z+EZS47jCDwN;VbXY#gD(n@Mt<4Jt|28qni6P3cF>D(2#sDc_mHa?$s9|jBr`csKMdm=B(F8=K>uM8yRUhL{OPj>Rr*I2yirJfIY)1e$Y? z9S!p_UM{LaI@5Ny5kSqyPYd0V3-iT*xX`m>JB@7|qk? zHFOe5bDt`hu3~$Gf*dmnTpZ7FFWa;Xl7+iP1Bj*b;;e+5shh}=0-clf$EQGdvuS9z zcDZpoYoVR^73#W$uGvM^WM!gkk=u0Qi;tdwU&SRT;Zw4d9}j3z`LE^j-XJ{CWV3xU zti-b>_anaLTHB7f=W!G>|IFhn-dBu2@u&$#9KnZ zzGcDSU`OKCoWo+eS|xJM6U~lLTBf<;(<##vD@*neT+DJWxt659K%8~NcP|n~b86W76{K1gbRN?%fhAS}ZrZ7l-SnQQ>=*n$?7d}J zl-=GpEFp*psDuJiA|a`y)BwUD(%q>rG)N8|q9ENML$^qG3`2-YcQ;554MPv{oLtww z?|nbl<-Xtjet5sU$Nu6m9s|rd=UV4l|MmY>xVj-5fU%~bbc?xNjNT;lMrcC-VGN-; z>NNUFyKDGyMrMmvS3F1gk=q;sipw)si}dI-A~X|AE9LR`RR z&~fqdh$cjuG-6>FlL8hTMEtX}dd@pO&3oF&^pRtYo5c!iW{b@pDV3n2C^2v*J(vzS zGA!v9+OttjF#UN+LQekFALsj_Bh}e%$g*s<#n6-&3I2-LlfHvB%O273vrFGi`+8c# z*=CP8@0Fo?bFva`vp_L;<@}GqFXBeNmS5Ux`>?ldrYk2by|eJ{bOH>?F9l~+L(RFl zHEH=-+&8kHl010wkIn3__3`3CFA*#@*p;imDphV zYJJk&6ZP}>=YPTje_JCTN74R?G(^tc#33TLxFp(_PfZL?P7K|K*QmRT#yNR;TAuH- z+MR^&tqo*BUgU~`1D^~<3qfs>Q+a`QZYqp~RDx`Z!Xv6c(m98qin zwYi*{%z9cqIJ@i97M`-dqHE^?A+eY(%->O()@G3*IVOVb^E%0olf#lnUUlrf)OH;g7TkF2ZHdB|83-kt`JQ95)0w=5R%wu#&*K@@cdsPZFgimD?wM)`JwQ`f2Xnw3{jus^^^%!a~lv~C5Ofhgp&^&g4g6W2S#qyiYS8^c{9&JKk{_y}}Rozf7R8q`Id zHzH>wg}so4V7mX*P@a)%tEu-|GbzVd>)y-KgtUJvm58>|F4*p5Er|pUa*6ZxHRqG& zN?(TB?J^R}&@qInU$pJ`Y$u=KKfuAc0SUOwPOE{gHdx$bSYJJ$ab(}h^vcs6%Ug<1 zvg4X_Oqd+;-q9%$&+ffE8J*hE!U!Ep+9?<6;dSsdq@v4h{Ya8X& z8(rSzh99q0pbcmU4bx)fwKmim8uXg$O=aSCN7PF+CV)MbggMgilFP57Ej+EOT)jVv zT|V%24EKshmI`=Iz*6k~zmPmN0BHHXO9t6BYmGMLmO0?~oxVqL*-ftIgtp_`Ev8(J0t6J5)7Q zp>e|>=c#<^i%EXZ#4&ehwKYrHrCnK^S39BYV7CN}{jt^nsMP(CVlL9c9Y_%X@w3U4 z9!6&w(AM5U zZ5Bs10JpNaL^3tG9d`ryc+=__D2ns`Eu`b|Xb4AryQl3UW)P37;&Hw>o8{ruPE*$} za2l@l;sNrrZ+*7Lv^}~A!%MZ|M=j7FqNtOd10j~$dXh|wIv^0hf1;)nKkKJ7P`MlS z%UK@$IG!bH2(XdAtJy}FF;~&R#fRjZ_5=G|)(wG{eW4d}<3JJoP1mmODG>BdL!=5v zGzRMW4BnuHzd%pf6L)7~`1jHcY`XM93Eo*dAA5PXaeK!v5jV-*1dcs z5J#3&=^+oj_(%aOx|~hl$BT+}NTu{BUte_p)Oc{E1^3)VciM#c3^-1BI#VRylR4ce z(Z}ey4HIL5Dz{D9!GE|@0nqEHca1{h>CZbEyvK{a3kau~*D-n86DnWT@gHUOBDR)N zp=NZJ!=>U4@c#5dZ!eFeLbal9iN)l->Z%7C4Gr%_kjDls*mvu?GW>Dn)%7lbMD5TC zCXL+>++CkMs7l;Ks`Jv^Uoy(wx#K-ZHcf@~Rz~_DTE2YK^_YNwz#jG#l5j&0Ni!nqONgAitv(g9;eIbOwb|!|2qo`*e z#kx&%GoAOun`s->EYAAld=$G559;et;n1ZWuA2a*`LoaPM=#zr>n|q(P-wi}WGb^^ zak2;i2qqSZ3K-A2t;z?1NNv;wxLpONYV&wM%W`KRP}^v(U#AbwG391#RNr3q2+(Lt ze6)D?wqnXouteWmn3JPlrOC(EoJ3f4)NSht9_!r5z6)`wa~YdXCONYE;yI%f(48tc zJTuyUX>mM1qcX!Qr*q$>_4o7z6G4D=#x=vR{NcKy?Pk~=wZ6LZ*xjX94h-vHX6Gg~ zW!##qvh3s*NtHQL9V}$T!WHG5^Qvi?JVMdqybhxnxj!92ShMs9W|KfZYO>vi>M0fN z@h^t|GMMk;X4>hbu5)5T^u*ukUtEb&+A-BpM z$;Hpfl2eomKwjt&$Xn#aCifnsqI_(un+I5PeWsT`kPk|S;FvgjZrW?tt;<4VB3I$g zUW2!LWtj`QGJnWQ0ubWo^$kuzHe;0#!nXKWpy&00JKe`{PRZuzlK0knS??;>!->QE z!&G)%^Q+VQYCg#x=^s;IS`|=WE!}1e*Dl~2LYKoPQ zj{^_UwijyVX-iO@QsgyDe%xPP z4q_5SS3e>rHzqJuE!2Acl)Ue*1Ht-O3}AwDHaZjpgm1LB-;=m*nh9*-b`2kI4Lvw3E7ChPF)J03ZoQ>39sNg@_555BTdP;l_=FKkNb zzUs&OtQErk!2mymv&vH6%JfL5#ug!$$|Yh%>GBch*qkvFS9gw6R{q9FFe$72(U+a` z0P*svb&s~T`t~E6CLM8c!R)k(ST^OCg3jyng|`K_NKM}GZ_jR7G<6%h$+2(yBC%5gSTQ02F8Zh$8_gm^+GUKBhXi)kLX%b{)Gzlh=At7vk*#SbY2{ zP$+6#o630mrY+3}w#l3Ia=VM77D*UC1&5Zr4Y7}T@SyfZI!7Jr<|PRrMt#%$%=ffs zwMshbWn#5xN{Jx=?zlrP>c3%U8hq|-vN}KyaRBfVS4$CmYr+>wB_(I*hH}3;0*n;6 zt*EFVg|D+VutpU*Nk8K2vz&eP@nQ!+;RgYs5ACQX>j^{w49S4we%tT*FOjwY0ZxWL z;XT$L^Y9ip-K=EQq$|Gms=ym)hvamG$rI}pNgaOWvRSXio*JM%y=maR?0mYLrC3NH zdZA`U?D@`0T4H&V zSs@Pe)eyYrlgUufGYqO@oWhu7(jPra4n^D6QET#+WLc|cMEkmm+*+09vuc(}>7>w8 zfJ$WAKi{05h2DX;jqz|j9_(~qEOmQdciydg{5CSMC9go%Xo$_m}$1WAi96tx*V_;&6X*KdW+rrqCIv@Q{^*v`P_ON)t8hqAw&3^=w#p?qpdkalhdnrW!f|+=i>7BPC zz0#k2L0YU^=A(~f*6|yzTH3f!%VR}Ub3i+V$NU}QyvnL(bwkama_7dO-^QoaHZ2s) zZ4Ee8Jd;2#MK*f5YdITw9fsk-_I%!5ZU7;XKR0XB{n`XU)&cie8J9cbqpEFwz2|3C zfZ1|A+uYxx7m?Ru3al3B|@zhyMiv}SrzZWKm0H@(~&zZ&qV zK<$*}_zlt|pyccvWeQkC!KiYeY2Mz>^}pgY4ephC%V>I91Qa)d=4D$R2rz&(MS2aJhm9#*BYH{c@1ZEGojSCKT=>O&=HzL00HEx2hT zIA@r0SU>Ik3O|1=JxEW#C|A!LYp=;XC^`Ni8l0O<9veBvLOA6WHl$tSGVoHMHlDMOyT5jMOeTw-^$vpAlw^@~RiP05^SqWP;dn zm9w0YS2xO*QzY)~O3ja*DHpAY&!F=YRRPOJ)v9yU&OPl0ryNqXY!u*FG06WfO5zvT zm{$*++g|=7bz0gE6Nu5c&R+-yVq26lk^!o6ct-!=6qu_mOJX$4+y4DdJBVK*1Ieo8 zW_8r10uX<#_GGyYQKr=HKoG`tmZiEOKmfFO0~F#~RjaSUnfhXyoh zsoHI#Y>t}uYMc??m!>=g48})~q(WVlbLFV5%1OT4^o=o7$=#t5)Y2%qWTbuDQ@TJ8 zHiXf&r9A!VHoo{XoU65!^hn(zfRbv~Vyary)4ARo9!OKQ0t6_~`6P<55-9Dlz}TNw zb(w{bp|{G5JBEo3pBiKOOfwAAeyf@Feg&i@TLz32SW)xX#hjuZ)blg2Q~BxCbFSXC z#3%D+Vb|s1Z*5nvDrZ9Wt8Xt%BvTG=EKsj(?J>bSiS-3vpWa?x9y9cbBj-eH>ivLm zXmV_GD>q#p0zo|j5etc_2%vqyoF)Fs-G$=>T-K*JpGp5jL_=&G5{hTiq5w}Ix~k%$r$nN|qlg#a71;!i<+>SQ zJ{=+C`;JwKKOb$usu~vutY&;B;EnG8VLhpys$MB1si~ISMLP0fbYjxGIS_j^Q48TFM=tfZw z^Ny6n|41u|1Kaa)c7%0cgW%Fcc$Cc;PPr|Qw)jON36E!17=O11Juu=ULkRi3V zRWB80*=Ui{zmXwP7T44e&13HLwz<^NJFG_z;XW25^jQk)B{jEpHU)p3wjk84bLZUo z;%69z%#Yv%-K0)Puk-%*z0pckS|Yb0Z|g->1sCxI07)&UP;bm9i|in~ST$~q2M|ta z=GkK9yMjpv*o5{D)jgJj6WUS|L`rrhX?UAA!uV$$H1gIeQ3l34%@#)zng@{tFzpfv#NqJz&?BZZ88hu$&{ z%biHw-hYhpUr*cL@v_eiIivp6w9zKs+?;>hqnF(R2Ixmo7#C^sD~J!(bpZK=)a#?l zeqx3cfO1Y-eoa&dlm>Y9IzPI)(33beBz>4Yn9n}r`FPl0(x7PJ6ERB^VBmW&3oUTwV7V)Sv;S$6=uWiGe0T=2Eb!>e;{y2W(Wd3 zGo{+MEO3TaSw3wIAl%n2Y}LmMEWH~IGYY5Gc99)VX+^Mkxo zonHuP#2zEbgSJG$>fA~0O}+4 zt7ZgyVK$Wh`=TU9ysD&vf#0XG#HC%h z;q2Y?uR1K zchdm`lv^u}$KO6;p_OC+ccs!;!qz3WBH*aB-B=>7v3JuU>>)_J(}qAnsu6+x*TULTj5_fP0%O1o4io7SHayD zPL+@%1O+Sw%%5sjhXOe5RDpJbv-@Ts(Unc{7WFB>Hp{NX6J*gSG|wz<4I*YLY%GJ$ zfd-5{gUQ$*-;|f4E1^wtC1MQ1Kdb?4d(o1|X>%q}7WJD9MrPtb=%z+&vV8<>k;781qRkXS+;Aq0_gC$pYQEH0)lJv8HN8?DPL{e@>@k_WI zNBSPCy9bLww(p^kFi?1nUUYhUJ8gH!Fb2*a{2}Dw%JWUBllBi8Eh6fcjuPmDRos4n z0i+p9JVCMw1VcQY+G3g?#2Iw10E;O;OZ~6lU_2l;tZXAfyJvUt4%xNFVBaVyut;^P z%2D@y-a`xOZyL;opca>29Kf1RmqnvtT03sdLgWbZCP%qJkiqHZZ2`xX%J*))OzBMd z=+VOiQ5GK8F7oEM;VopTV{gW4bUjtcp`f$d%f>Uys0NcS?C4C?i)gMQFPT6L zIdkUbY-=Ij(GKPdq$eBCyDfmuJ2C!My}%um1kwMqW&Agh5-s>XxZCBaF`X&-Z8v|OJCuH!hKa^po+oC< z>6`&Q%Zi#zUnkaZh&I!T0U6(KyHWr}BN@|#&B5|n*nh*6kzX-^N>Kxd1vHogIl|~B zU$Q4?GIIi~0*1w(@_(=soOvfdmiZD2@TU8S)}7{3Vv($cU_4RFE)@gJ&rGuMBISw; zot}EuT2o)+Hh)zv0Ok~G*X9(6-DJN1YOF_6V>`K4<8#WLDGpj$8PHz?+ShU(-I{Yo zTq3GiK(2^f7=97pMB88S3hH)}ffdbZX83|NL45_}=;?rtkQ zL7|^wJx@`uJMRA|0wwBAnF;;1sQ5=mUrYw?$;DFz8LE3z|3imK8-Nbo)6A26 z(XI$^FRrBje#fE(1h@gmNXMgp@p=D!pZ_T*`~QvA10cNv z#(?gh-|T;Xb$8|35#j%99~4?Hy*?k*=nV4L@KBe1HvS#Lf2F?qzh|n7T)OQR#b|Yq zy7cp3l6EIw_rb&n107 zTjkX`Kx8jcDqdlKlb-KR=p5~KL5ST|=O$7sx$_CIDe|Fzcqc2fSw z%;rC4Hvf;0^#5&UQ}u_L%^_W>&u=%me{6iT>VKHou%L~ZfWI&H=Gp^J>-psGs_5Tg z%(QoLt{2G`@CwQA_nW`(u6LyifrU7TH0xi)GX3UbjA;St`$Ihwg?qo>u>Zb^`+dKb zwf*Od{CoH7KO^#=sr8%3?r#eY@UTZ2zY9-(gL8kpcF)7j>*!HO0)NRJig6|^DuKX% z)9t~8$;(XTU;s!7Q zR{u1Dz<<*L%!K;-TKcNGBh9WMJ16h+tIe64pVibUoA(k3#k1jXT@^{CPHZ71aWS#G zkt+AV*^-fw&y>^(`^3PKVtDtkpWM8c9fd;~8?e)0RtMeb?zQeMuYg~ngcpQh zD7hWxy!zgDlS*qT+aJ1o@y4$y+11elH5nj-nM}`^gcQ2x}jF0B1DrHifhdGptdRh0$cgp1QHv> z1MESNn=vL`oT1c=rd{#Xeqt1NVQfQ^Uw2$*xI#89l}DZ z<_meSK`Ixhr3I|~K3Fd4CO+A%4X-@l%>OUG>|fp}yLO2?(s&B#*qo?fV6J6WQi`eu z+!FuI(Gj@zKuCT|o+lDy_wJrJ*!~T~_0)n(AF?#c#I)H0p9NEsyKoc~%}Nt0tT$tw+Pdo^{G z`6%93Bf$w&!-8K5c&oT9YG9>?L#r|BXD9PWjRL}(cdcq_-> z9vZPv*x{e$z^i>RIn0vDbXHPWp$Fq6tg);nHiLKnK7#2$gXWj;Eml7#4W<9mJo~n}1#(t=sjLxzRL{jG-Add1Glb*ktU{K+x`A zp6AH>*gV{X48k|tpOB`ueKh#n`_tFAaXNzb;@{ju0MhQgYdQ+H8tmWo8WN+eyOv1* zzx|Lwrk6=PLH}bh`${ri_BNs6swrZt5sExWU+PNW{~^exbDqM6_WlUutZSbgZjtk$ z-L|I%Cic7dp6Y+iHt9`%I_aGP^3sutNHj{Y82P1>4`fwUcI5>metxp8JnA9Yo2)5a ztS9gmk&*SvC+6x>i0((ogRn!vOZOogF9|BA-X^tv^+2`O-wF5oJ1fJ8@? zN^@fidwp(;;nK!zc}nz>FOW?c2iSFdYP1_aiShcRRb*+JuT|EdR;;F6+)!Sf4G_rk zIP(-zqRj%s_Y=tyhNT)7vI+>ebTHzd|s#MbISZR9Uv$)XZ-7%7(@LV2m`m9K(NGwZT8T*Dd}(m)Hop2(R* zoI-zC>ZW6+B?X>e0Z9bi59uYTwO z?Dhi=<~~C5ClrrJ^aXq_-^=+p1^`ms1LhDfxJlxgYzPjk$f=2F2aF*Eo{Xd6Sz%O$ z7ATI3W{{OeX%$!6pcSCHGxg3g%6?#0jpFE$g0Ts<`{BL3$#zTSUFDthL~WoG%Rs!B=SxGMjQXP) zf;+diY(K>>ph>MvS`|eBYnOW%0A#Te`8AHUJ;>#OiiAi!@~0d_Lj70sb9Scfj2nzon?hVZ#nYWgJU|41zM!zE>njgd>_ z>PR*8abC5+0sK`w+Dlh)aJ@>sfar5_Vb^R*;cOerqloKKopiD=?b|k-2|R{9g-jh$ zaUpZcqQ^|M2ctm}IDq2deKJ3W)Fl{;C;6J!&|y-}eVQKRkJu$|H`T(#l9@M75n*37N7IIyaU(DG;4l8OPzzW0c*XFx5-M${gaKd z@;RG0PEpG-d^S3g7E&ci7!gGAq^ufssC9kqSNjjz&GM+8k5$DN&$xHhmeJ>k`#1Y> z4$XPKauQM)*vS5hhdrEu7%kSdLw{*`x_-RQN}LnWVFXNSz;%U^Z6tj*Zh#%Oxhl~1 z8k%j(BW{x5{tBO@-EJpiQk2T}t2d&4z{Pmtn04#?>~P~g$vfrSG3JVi*gXxvF1{Rw zrKO0q4pt~t z5g~Brp07OUuDT=C2m7oZ(6ZyIvN$aW6EJ71D7Xoae>1egTGF_HL&^)!4Z1^h7Q5!Q z8LKFoWD}4^X(dWXE~rvm|5ZG8Qwz1q`3_K8x-JzVOHPvKO5{Cc4U&#>ZQiaubEN7% zYqyy7nnO(K$)=`f(kY5A5P#23{66b(B{5(m!EV=hS{zFA;G)!D^s;uq#*mvVXDO4s zFvYQu&?4m!vQ(mX9jtyGW)!%{Ft* zoJ$Dan=WhajqeaEfcu_s)37hPg7Fq3M{AY)6d{;$_UKzivACFS_4c!-u+ z35~Ftb^?~*e7|GRc{c&eSH1k?;e6Bbg+!w)QqjUV!|JVA?p#sg+y**{RChTpS8w8< z!yKsJuIJK(m=-Y-Oi21aOSGV;>Ex>0wTL1h7iV~;yJn8Vc|&1YK4wM|%cBwir8;pA zc=*YU8pOeZC2xN0bGdZCo67Yb-QVn2c36=cZu)TL(5rb5|MQjQu3|ddGoXry>xlU| z+09X3ii3|doKU@68;c1mS{O5=#|!~Bv_~cK8+XkqUSxx5oQPH9`vSAM*`V}HV+0uO=Pj|=$_0BE-Mi4OCR@w zfXkw{ndEWNl4KH-#=5DPBDh>k{H5H|`Fp93yW;gBH65(dU76GM_#6hiA$R3r^kUN_ zmFxKjZ9Y2_X$AXuoN0apWuo>xAn>hSsdJfJn*#&8^yt|y3bIJr=#04a@yfMSp&gw_l}QO#(3h3Qzny|Gc8r}T%3^uMgEnR1H;u> zT{hs%{LS@10ry00kz2R8TRUNCeMR_>nUA*R@@@ zkNBiq;(UkMvvJOE^{z^qF3AWCPJi5S%quw{ADlWYv7BxuWXhe;NzUBzIT^_7eT8m> zY`H_*9}(an_oN@BoeG9_*Ey~-_*;xMxdz^0(|Xo)wW;NGX}LYN?cfgDaK8WLz^gDX zNnV=!i)$BPf;xSpiLXd^+-g*4F2AN}$2Rd0EIFSlIBeJ7oM<}7J2apkMmgz@?`Vs| zT4gzUmr1Cv+D0f_CQhb>ERJE0y#htSS377ncW?$R54@>A!M&JEIfebGmpNlKq5_XV zPOsra$bt4_LrcTc3e=&NbNgW7mr@lv4f zj0P;K+#V3h1kYIXS!S|c7j=!^LNtgJM?|2%G z4J@#wc=UHCRxD}8fNf(=LH3fs0TBFot0WT?zz9?)hE@3O$=_ERT5Ie~5by1z;(>dAzR7_Q`*C}D3(Jup zd?0YujT486{R*`2H*~SJ6F$-kC4jjChkoR6UEoZVom_e-f2lOhEhLr=Rj^Hn+b!t% zNs~BDtQFSQ)SRhdf&s&k?zzdz>i+rK9)_mt#@2DRK0L|9=xSD+CIE>=MfFV{E2iNG zxrPEl>W+^NAc$E_vDv^SqK+PT%h+CSsvIaeKpQ+Z=c>DnSS3Urn%6LI{B-&D{$|K> zka(Yz_PGyDZ){=}B(YJ1o}%>rm$lXdY7z9r;+E)DYXoF6a6g6#VIFW1?0IWNUx8-) zh-Np|70WaEw7wDNr-LJ-r)q$Iaz~#g(1MtRT5h zvdtRr0tpq%Gte?IidHWKa_&GKj%)d9)oQdvY}uo)YWy2^$W2xlQWi_e=?g2tm$NZF z!wJraO2opMMrO(9PD7uIWsYd}_OgMSfY;t8Va%FnVf;~xJ(Mye*I_xXDhr#8;o#h! zFYh=JFjAQidu0Y|wLn9BZ|Ar$zy1LLVW?-P3ff5P9L-ar8~RS1Fgy>_|Dc>cf-*;>X!_3$MiO=bZy-e zxX#RgX%TRAu}IrS9u`Pg3NVaUAI#=SU|EXE(4f4QJo5xLPMg|HGX1>u>p|-{@d6t@ zR+!F}=I^#q^no&$n95kDF=q|^mq>)s0sdmvf#GV;m3v0R3)|=(gD=NJYcifCS-e)G z@ZN zQJ$FT;F6~4q*Y9|&Pb;pq|HjFSWmP4%WCSoG5xwue%k4jd+FuYrOQw*|%o%jnQCVo2#@<-eH3V|R>!P+#aO6VcNgQy)1apgsfSP3b9h*PcGCbl4oXPdx9`Wn9~d>~p$M%5=R4S8zH$ zW@gp@hG*z?S{LeeDKKz@_DZD#ds~i2qKA}OtKDogKZeQlpq*~N>DcTU_3ZI~8(Wqx|C&iU%HQKz3iPT8VNOjw0xt zqGZynvz-Mr@D4SX3Rhw}|5dqD$KxSe&8dK^23#Q!o7b7B1=i>D)xF=u9o>51H?Mf- zTTb8s)*qc{KUwBy*xXWBIVKdaU9tuODNzDW;)MDNmkE7Tcbu~p@4 z+OK!5+3A&LB=suY1S%lh^qw$v=a`6xC4Ss!q?hf55{^cDQOQhCH>{Q|nt$h0HD;(Wsbq8BP$Yyx5^?K-%Lv&mJf@AF9e@6?%lc zAOcml>CsU1!FXStSKteDZNRHn?=XzlDoY;G&S=`0{R|~C8D6so+#q(O+?2L$BsN~j zldpPQVk6U!sofn&Ed8d~_O&I3j|&C3nOp#F zF#6M#Qk2&jXkj~~hNvvRAfK3R)o#9!W)2-yO!M_^E+KFyd6l44T>VdBDcv4E14zN- z^y67{7~Tt{Rl|9ce=^^J2qW=@_xhMmqzBc8AO-E0#HLC`odXJ=(zpB*)n4$6&2y$l zy&)Hjk&^!F$>_)Jn{e4UaYNqT+6eqw(JVXw#(ZFQ{_g>wolqNQ0&iIONiP{GN({C3}KsHZ4B+qiUvTi*dUDp1Jz)Xuy(z=!-O72$9`L=c3$~zQk{bOyHtXl@6X zqgU1|fsoHjnx47HKzY#%^MF1$r;$=r@0hc@%f`cHXhLt+-+JFb(%WNzK=n@G{+|ya zZO6?6zXH@VWtw56VUQ4*rq*)chVTB0pSE=fq@{KR#<-1DBP#dvq213Ln`hpi2(li_ zY}KFfxtd{Q6?<-0y|!x_akRbz*!N8=8YhwdM8a_v&Es=-;=MUpeYDu=rNX1~aEY9_ zi7X@><&|KnsZ{&fYwtvQ&#pcjdkVU&b2P!|6nRPu3=s7$u6zXU?#2ht;FEEOC1pF4 zc3VE_0D+wY>X2UeI#4b$Of?|l;o^1#xBOgSn5#H7&B^CVD~~K_d65;_&AcVvRzjqb zL&TvMmyyufv$G#%^q2-%FmmY-gAl&}Ysc!09XFID$mskcVlGD#Z;tliPWkMaHi}j| z@WbFH1BH1`j$yafsT1+SQU zX?9$AKTGv31`$goWw<=vHWjS=HE7yp+OI0Hl}T~KRUegmpP4esAcVpsF9$giwgo>H z&8R0E(Km#pSdTmU&sf`1XyqQ`_1w>0p2)~r8d98f#@cM~3My{2wJ`~Z)=Ax%&}O1L z&QhZ0UOnF!tI3<5+=h6}q>1{pOw&Ae|2j63g}|*{&4+ZrPjfc_b@QiCa+uprB3-Ku z*%x+3S7m>U9r&?=8Nb(T7WaS+h~Kl4@+7Zqxh}(h+Da|(gq+_v_@a0SadM1{V*KSmp+ z2m1y3FgSXvyZ6(ID4s~5H}~pi;^BhhZDmHsRKkT-5=0GBM4`t3b{;GYN{`@XeLXve zo>v_(qNb85+LAANyXntwq~Ra@Gn{4-hXUD2$!}9;!vn96szlVOhi=`}5esCb5>5~7 zFp6vKHE1xY^W2|!1g9dftVdNRW!txY5;M8*hV8FUF}m6%6zX5aR5q=;)O1h@9oM$# z9?#4utdA5Sd(n^u=>F;EX}QsWiiM^3TL6GqveScRJo%dZVlPeD%zNrZPT*;e6FTKs zW?R^8YZr3i4vnD#EUC8jg?jE6mb~O{ktH_pGyq-h>Q9AM&mb3GO>auTyz<|og_7l^&0_Y7S|#)uB!1r6 zpQ#D4rm5;-2zl^1V`MZ0M-<3r{U-wU4}|U=34qGKpe8;0a1G8xKEb?hhW8jL7eGwr zKe_zuuvY$}gpuYOG48~ZhL`!Slg8(KL2U~T;c>U@zX65e1e!B`SQ(pnk^(=dlpwa5 zYaB|UDUQP<&a2lS3Jd`Dq!eW!U%_pAqP;oGcm<;h^vNX{^8BHIWg$x0z{jSXQZ1X< zdHe-cwTypIrFmpuFlm9c{#Dil)ajETL2jZs^*SIu>AfiMPAQRigM4PL!&8d{V61BD zu`6NzgQscfkM)~6)CqC`*@&&`to1`d<-n&yHkJcy5?ed)E`r;G78K1#-9r&@a#0>% z%PhR%{rHlmAlG-f7ESPk|1eGC-Kv0xdyvg?0oR6cxF#HPSc9 zVA>MEI`TY@l>?$Yuq5Jn4`3?Q%29$bQ7 z!g#rA64j{$2k)1CbWHwi#$-Epl)f4{q>{zZxr0MwF|4 z)zWZ!$it4`q|a#Befm?Mk0TDg-EX}2_>qCN6rn2MskCq^HRy_F6562iX#rH zuX~r)b+;Y*yr?QIyA&zMgw%;Y5euB_S8V7^0FymmB5KBY2aC(;TOvuSZ@L9l=X?T3ys*Ab_Xcys=>#jnHctAG|kNG!Zy_PY>?wwScxB z375`Y6#6N`1YUQgKx+~VA_!u;9G9LQBMS#JM-I7~H%n9-53qR!hJNRD`V9<#tN$!1 zUSsnBa(wZFk_$vDAXFq?#wJ7Vs@Sv78i!w^k0oPAcpdv*U3my~-nF98dw#fVvEtV$ zv10t)pYNUc6-;otGehFlG#i;9kL=Wq3CqepL6dNtkr$@RKNeySP{&=Gf-yFCUjZ2K zOy8``T$_74utJrV1e12bE3U($MW~UFcMzz0pgH(GWxL2+?7gbX=J>MO+lykN46K_f z=2!%jqmEM((C6?tZgH$vm1}P46P}o)1cVfuc+YfecXiW#ltX&nh+5t7^O=wC?QhPf z>k~Hi59ffh74+4YU8J{=DuM6MsO~Z6Y=uz@sgQBP=v#^byj3n`Ask;!=P? zDK|~YAcP1OYO4U@FiScs9%{fy3?cJcO`&?LUoqs>bdC#8=4MNS=6slqcoH&VEgvdI$R$qo0vC%oxC?U#3H3yQ4WDXZ}YI_R4BYGq0dWs=c>3S zutd5XdCB;`&JVa^%}0tfISHu4UUJWqX>8`uh;9b#3_hxq$Zul4`f8mx0% z@o?+2ov3%N5ZdZ*!LmgdwS2R^2d>mJ7U`ew|&XXgA>1k`fVwXaocM2Y}okePFFF)QfgLTljkSpW^af104v z`icUSWo&L-qtW2p-^&?!^o2VS`kMyXCidgY29C{oaNwVN?Ja~ajtP&A3qrBgkE=x3 z4wKb#q;R_;8FVmadWGiP#|ZDk9PoVMxDqPFFA>mehyYNJDhaj2ojKXY3zvKB}GI!q$H)gM7l&!q`RcMOO#IO?nb&BX^EkGhRy*7 z7+`3=FYbNEz3=P&to!@#x7I8ci`NWuUgwecJJ6z1;LsHX7Sl<}~1n3*o zi>*lJc@x;@15>4UXE_YI`ADZ<0{V#B8PB5*=5_KCr4kk&%=RFo-eLca@|V2G!$7^2 z)iV4aGPNAgV4l5CfC|D9TK+wn5r|%7-e(dFnY`a5>S+pg3D6!fP#nFJsUzlFk$ebW z4+wcQv>}cTO&X9$n++#0$n7u$59j6#4rI?fW)d4o$MLvN$5E)lF+*6G*xCl7;AIGp zeMwDQVzYv>w|sL64_BWGGTKOZwdWFbOqs-|St%65HiT*KJZ;o9vdBwJQX+Ci4>n}? zeqA|E#77c|)CRCBB6t6n`2TpOA+SGpF>|GIr?!=*>}iKy6QUzsB+w7c(Hjn$23+JJZi ztQ(&x~`KE&7@Or6LBOT=0YO{CcbGQA8tqf!nE2>g9_6zkfRL;0^|M`5FsG& zR!tZ75|Y<{Yj^F+i3K}lE?XB0Nt}(MuBJDDOb*AsuIr1I#H=TG^xI_7 z7&;YuC$UO3)5Q`a=P@W(cwam&lbAo!n2uC42<)cP_|b_zv=3`N`jWcs!@Z!URy+2x zLaS2$wZJ@y8CdvWt9jh#`*6OZ&TRp8Z|}vbM5F%b5PUXq(~d?D*gzq*wd95KG#VeG zzb57IM_n9MW8diq0L>lMo?r2hA&4M*Ra2+{n#j1>&ny^o4E@lbo5oo;8%rApS z{>s42@4Mf8r7~}n>iL&}g?htZ@w_!VZ?hkcx}tom6O7TAjXB5hma1eeTChhpHkf_-wi3mcz@y^TDsZ+x`WO2IgW64;|wdfje|YJ{kQ@a#6+ z*ruKR`{mEY3#Hb+(MChbROh3&(pgi;&L>kxIUGWhrOIWh>vU00 zM$MXe6u!;lOp*6P)}pGH6_jYC*RpNi4+lqI4Ws2DPP>*wj^+_4@lP2(wxK+80VU`( zp7o?fPHCmi`&8=iK)3e=6fj9P-K%D#0S(9$ai&6LVhpp2_@}9oEv6OaWb$lwJ7xQJ z{h`ARkak1{NB~9xI@yJNyFKkQYJ_F*dd;KA&1l?vUQl+Yy}=+9K( zI;wdnl*NHwuZ!lFbj7oFnwF&+y&W|ZudKiCHodpdI$<_hA61y-&3&^hP`m6ZBpsr^ zz96&#PfLZX-`n47sm)@epG63??o}huVXs*dOwvEcKB1z3EkTa;l`#F`ufx9^$&SHB zr_r3AnYTW%CBARQ_A=LhnTXEhZr>4CUwk?9jOMW0ja`TMT!T@1V}q1_{a%9+XFU7M z6UEwkrv)U{3U-RNl}Yv4-nCTk$@ueZkv#bV^*qLN-Vk7f#MW&@|Rx=qQCOg#W9FrgE0upoU<8rZjrY(*+D zn-TXDBtG!Cnb-kY=!{HibN071yO|T#RyB59rarn(0)gM6;a+KtdYbfUw>fQgJ^x_% zpX|^7Dk`uXZ?j#%`5h-U(U^T30M!Q#~-n>*QSgQ*CKn>Eg6K>o5BF+x5R45^QDw z=mgg(461c>h;3}WGVDB}6cDqNz%x4h!EKrS{64A#=E_x)OX=W3%ZhdGwKk*$9l_=k z`}nG9EKL zA&8w}zlM-Kvs!=BM|IBmL!?$Kruw}UE5y>U)xKW1%G`97Y4DtKx~vc{{2dT?3E6l$ zD2TIjz00uD#N5h_mN@G+XT46d>KXmKXJ9Mt2Jk(WmF}Y3;6(-6F&YAu=hjPgt{(cs z^*Xxc4oymtkbLEj5k4q|7LbaGlr(V))^6n4ye}FOKC?1~rWw5cfHEQ_noji{#0B9c zD4MkGRATgUTqSOZI2+izQoo|9Gt=W4xV)sV-2!wNxE?P3ky+Rx^bZDyOR}_+KN&mh zIft*ZFEpPw??m&DxQA;*zVKHyPdoEGLGQJnY*vN=+m(p9IWQT4aCOhA6}Y7zS;z8~ zYJJ#rh+I~8VuqK$0KPqUo6Lj)%+V1xyM&`WUNz$|dO7>S(V3mN!5miVmJJS_a#gW` zCWh`y!7u7m7J3YK6G;uS@LkQ%DqsfS*#OwuT7PUW&J{@vfa$J-t_~!~Bx=sRd*;ao zVscvT)s3<+DdD^EOR{o+J}lU@%A|X57JyNoI}>kj!gaGF_0Tl!FS23)^eFQZ>vU@? zX9sEScbV?ulZUIIG?fM?=+n~g6W`TkTGY>*HJ$pL7Wx6TB~g(hM#2Lg0^|%aQoSCo z=aT->4F`T74qGveXKOf80{-h2eDS7 z=Tn#79U<9!f`;{mSVx+L1PtncZ8c^943MW3ekfo_)D*4F!vFd#9t~ICThiX*t8J=L zy6w+BfmYrLZ&+fNQGXZtQWNLUj|Oc_r!BG+k_PRXq@@k^x$aMF$Z>md&pf={dQvcZ z=Xu!VJ{0w~4%D(SFL|+xepRxMC(c_vCR$nU$^^MCqyIQ0J!H^^^rj0E+tM`1z9kHe zRI=?M&j+bWEF^JR(ed=imbGg@PLd5d6Ls$AjTdP47od3D=uQwMusS5Bl=j$v>6?Gb zKt>(C5k5vvBiwnmbJNmem#Veol3vpPT?^;zRm-P|pVvjRpp2$x947P)Zn;_y)W%uj zGc?=ar0Chh3=(Pt>;Xi2pvnNs->3Q!Mi2cT;df%5Ppr8c}Zmt}wc zmMvmy-}&IBl!w-4Jy5I+vli;QVB*#v3Xoe}_>eQ~K=^EqnS49hjn>}MuS>G-3{uTx zzfBQsxaY7vUInZx=lz~S7Sm;Y27YR*Mn-PO)mxlURd+9cDrBkfRwZ^fMfA}|F5?ck6x+1*-D~(>FjH>jTmBx~OD2>Ah zN{INI%~iRW4PQwHd6ud-&VtRMP^%hzzxju`6;|3ut!eCR5h%|!C$bYf9JqYep>jzG zFz$i+6%eSCdplv%7&5jeS37S6pnKuV_u+$B=Gd*J9DMJ<^iaNFs?%np-3HDwNkX+o z*O>9|csy^4<;Oe+Z$8z0$jN`0S*XNiKUWiaNcxLy!EHg+uc+UQe)C!0)d-Ijm43tP zk*nYpghnyNZb9)L@CD=0l@BmP;8P1y z7kCGdYnMu{-KJBWLB0j`g=)9(3l>10Y$@Q?;%=$wuNWw!6DjygqnTIFfW}e_vgyQ4WaeDp9F%*PL)L4Gje|6 z&LZ}-l#J()h6x9esc;w?y3XhwWOUb0)9G5nMx03xV&xA|Bym|UvXRJmiI&buxn}*7 z+WjKtjE0c%oI%VfA2MF68ppa{4gN^?5d+dP?0idX6Yt=|UeRuV(rP=%Q+VvUWkKYC z(0Q{4KmXf;fz+t*T_Cd9J)*xD{l4ghuLYe-;5EUda0k-8G{+AyBOpv%n8V^w-AAbq zxbeo2rsF36jRj9yZPJ4c`2)L(tZZ(konr_i78<7}JR)YfY&zfv{0iwllLX)qbd zpwn0PWZy_t+8%#Mgc=)hp{Pg1me+a>;}Jmm(t366R;Ai@Id$wA78-~lk`FmQ-$>I( zf|Wx!n~$xznLQyy*o#G14K*%GE|!~0f>Y&V3myL9+!H1XIJU%MbNf`O_=R@8a~9|& zV{U~l4TAHE0F&oKD#2y4rU4+5S|MKC1&eDy2|mL8X?#;|&dsJQq6OR#GO+^*Iq!pW zzjYhDKZM*6a23-B$1=pN(NFbGghIverOjs!CmefOENb0nMz068D?k92F4jTln$oa8 zI(lwa3swo{tuCBtqewXg>K~mB$ZTWwgo~ZzNmmmHf=6KUAi=XV5c@_4v{XLUMcacM zIP)@Ldt#~+sYIt-Y<@40-CCl*zH%d3^+YpnLWeR%$aML+Q+~B$Ef{yS_;pN?vRy5o z%{-iScMy{@iU*W@c({7N>Y?@~mSM2rjZWl?4!*zSXM9N#p0$QzUHzWkL`HP~(bL`y z6w*yB*_9pz79VW9%-wCE+>GHm0Pe;|&o^-#oDl3M6>`*oc)>&ySXS;OaPBgux%ddW z1FCL5o|cZ0I`l7P?+V`CCw!GD=P76wM#O>de>Vmw5eyW*^jaM%)Gn28Ye2EQPtUum z5?9i^V|Erqx}yhSkQ_|ZBtG&%90qs1zi-CJk_)v~lOO(BqUqMTWtVQz4A2_)R>eap zZuB%s3r(rBfLcuB29E<1O+`S14@jG)G*v3!Ak$xq7T;HA8a@Khb_%J4oNB2=?8@>< z-pRsZ_pDm9NwD2B;lXYdcv~Bs-(TEKwdXP3q)OS-ZaFiGwq~ z0Bd3ft}pJO=fP4G%kV8!HX{4Y; zanDTI*EI@LjZZE2q`5ycVRM|NVH0xN5X0MCXR2$1g5 z6YOMD5e+@I8aA_o3oLmNn+bsuL)am(na58q`2<_0A}wiHWHkIaA9wL&;|JXaHQZVF zZ0lHzNhj*N90s$+Ljx8cU0vB9EtlyJvBoVoiy!|SEjGLvz8h*U2BdBW{K=o zszJ#unhOo}SH&U)`ZO(cMU$5%duucUJlFp29A1&``-+`cw2kfFI%1U1tqeWM8Crq|2opWK{A|`x;Tzl3>K}s)$3h**}_G&oi&J`FK=(TC>I9 z|LDY38R4Z}`l@}7KsnoRxJ{51S{ZJ*5oS?gaBvs@$k~dJJsVD-Iibu{D>|{27m(R5 zz%@TU>3O<>SV-<0UH4O;ccrD9(wb5$oC-kIn^>CRg?KfBTkmUoQN57$&H{7_bD#7p zIDUB?g9~V;HNw%Ze)EJ-`FyUgTS zrY@J^+%fj&`a{WQnMjz|Vsma5vq{w6x-ls^BGNH*_dUt>TK95Ji!rIK>Uox#S2%PG zHis3Fd`s+~Kcx{C_5Vt*m{~U`Fetr@W_rBhmnMrfDC?A}G}2l|%DdyD+Un`+5d+{; zhYm5C*F2neit}KVt;zHR(a}%Wa+7B3l86s)r9|B+*5#Q!3oai^dl1`2gpI+Q!)^$n zVKMuF)TIt>RFfhR8Tp6ymfRbuMvq3}FW-)Y@bkWz>Q&SS>#jBRS2x7pmkK|KXTixj z67{t^M|b`SZjEJ3k~!I#X_k}h!Po_Z0PzDkz%uqqINQQI1pIq&-*>fhqw}BNs4C}O zp>mEbCue~){sAc8UHS=d_*u`t9_(d92VW^dGBF#Q+tqb`Y8!Uh7u( zq@^ZceOH^FK#dwdb;O6)9*jfh%k--CthNC}#_Fx+U}_v{aRcXJQv%v2bD2nKYKff9 zbesF8fY#D6(~fyL`L2)KRZR9m4!A1I#1K3qT&qCPMLGm-33~X9{1flVe4`@y}?f zy~ezhT_})GwYKXd6zii98e!}o9>rt#;`2w2ImMfvhCrqy<+bz4!JXmKhO1gxQc}YG zVvo@0SKs=cKF7A#C=$o*+wF6VRrWZxtkpORdYAL56A^@R#(!dhXF5`qYH#9|)F;WV zE**D({>pK3f-F6;n&PgeLo>~Tqi;!STrqo^d$rIl+r*fBnOcdI_wEq&i~HE7LPxki zzwyXCOE@}AdY5g|X$2vjDy_blf=0?8LionOa_H=>hL7+9Pc@X%62 z^H!5Z%Q~j~gqT)3Iox6CC@1*S^{#|9xdcGOG_G zfzBHG9XB9R1HtV!*HFDHci2Z$X?{YgnFsF>u=s#R>?-H)V0$7uRll(}XYqESV63HG z0y9Z}(cBD3xHB9BC9R#z%_e%+>T&i;Rw7KEz1&D1gP%a$U`LLklZh)!(X-VQBtg7s z%`n$JSGJwa<13(siyPiSflAQ_)#Q^WuGgpR?gzemQ$SMsnycNVU6OvqCt!=k2O~tB zZgt$a!4AMG#=TtV?)2)^tdbpbo_ZR=t}TvxN8aOr+Ic8hP@j!%@S63|y|o=V^gY@) zm)<$9?`E7FG^nN5F_HLVmvJ(^SCVtTg~lW{?AYuy1y9?WGZSLi%QkBG_Tu~-?VqA& zE0!Kp1JXb|yLnkvV7C+vNQ8NcdS>7F=Ow?ocCoV}HJO^w`F49Ys#aY%cM-4U4=8u$ zENU(0lE4hQOV(P>l}e^>6O9H7%=~_gU5)C}wQ801Hj~!zVT)1;PAQ_vb(__24J+KE z148l&eaSB?*_+qt(u(!l34l|cY*AaFP~;4!P%pB^g2$A_dQ-mcy_^)7;j(fj|mA z3RlB7&cw5=(Of%~;~J&5WY9fX>nNkQv(3h7n(HBbojGC`GYu0QnKSV}zMGW6l3?x( zAVGMYyKV&rkC^XgwVHaxS)pO6S;+9bynLDvimNDoRWmp@Uh(>*y?uv9n-xFWTM%{pW}Z;Mnm%2C&;> z8^^~u%tmg-v3X1aJH8h>7a1ZCqo`ZR2y~XU*{#hkgR{)b0*A)#FnXND(Y>eZQ&KoV zB+QrVyN#q13Q#}BV=QM*yFc(?5G!XU>|3V&)@3>os}B*uovH=?2zR620B`W~lX;yH zGD52n|HFDj{;Mymk0Jtv?*%05p0Q_riF%)D7`(n0Aq*ryIVG~p zP+`pI`i$mMkBgdUnt(2h>;*5%SR75u1YzK6~?b`f>$rd>qN>c^q#F)s6g*M zIEvkn2#@OuZmnd#IdcsS^U$qxp-loxTIjKjM?OPO3}kvmraYCIxQ!*9*azicQ_gO= z3?_*aY;L?zz&M|w!5ToO6H@^WbVeOTT?R6tc|%Yjbu)^5(Qwpd+AsP zOOkmBqtUUi%X*or^~rFFsfhtGAL+RoF6lXS%aeqd@r|#LeiVTj1wdY=e{r0OAFHH& zE#`k>zeiWKNEpAtI)#UA{3TZE{(m|NHt;xR}A3Oh5M2PxEl-#rH8-~bHQ#Xx6a@8m+!A8+gq_|)j8 zz?@Z~+@&XvBizj=S@gUP;jm@4E-vj>aZ?7ib|@y+*7rPFV0?yPfPY`(u)RTL>eG zX*xShNMHRS;^oE%&Ese{!RHr^uQA7oL?20jd1zPgvznzjH7LP!KkFRh7MpZuvaD#w zl6PoD_&zw9YinHYk_kd#_?3gZN``fn)<@+pkRJZKA!+C#4W91L3?NpqqjDrjJs;2| zc1g0en27stlKg-+VN*XI1>^*;I+EU_jz^oM`w8lJ!9xpd9?|_YVWs7v@?FqY;2RS? zOBHbAOgI|-2p2x{^B&ZisLN5&Zh)*n0ocp4=+wLM zUh9wH7#e%y-!}>$ZJoD;qaPOb5n(apOU8kKvw40F6Ymf2<+4Q)E4PF1G=RX^QpHzP%fsb$+e)5jbF-oBRcV&T1!kS<^!DWUH47$bf#|7a zeGk`ZG?i<@5x8=tcQd<wBT;JcQA_?_u@IIP;8$caKa8`^yYqPgByJHmf zo~ee4d?Nxfru|%Cz~JZhqNl%eZP5a*YqPwoscc)D3ap|pr(_{qEcj`V)7z1pX^=TJ zcU4^<$;V=or7}#qLsygZa14pujx^In1wcZ}N~ckm52)v59^ukGDT1wjT^NYz@TaIy zxQz<-p|35Y{OWYBKtmA$n3;#LVTz^L@ry&-HocLO6{=N;Re+t8tL~og#cE3=)3x%DK&Z zKUfW=ySLh1>b$R=mcR75+P#%egkXoa-yZZgm5-Y9T(`ezCm6G^ zT4+&{PvJN8rFry}7R$m~s?70;**Q?1YVbgS@`i}d(trM^6^X4`ci?m^aN;9@K`hAN zb#+$zloiwbangv86=nFT9O}%QgVh6MM(L-9usbn#eY%Cb>rx8d55~+ zK2xE&-ugUEly=d8K{^d$u)wk&SIB)sVpC9qSGapCKy6|*{5+`4?l8(-JELIa!MH~M z23_6>PtpkYI)&B-V;Ub0&b=u~Xm_v82{)?y(K*BWog$(E`KUJgI(K~G8$?$~DekUY za9a-cFaRdLX&v*T58T6i!7OJr{pjvX^~Kc!wi6eZby@s@)|u=b4@1~D|28u=3P0%H z{B`&0h^}kG=G}9c06-^Jdlh#@Tmnit^31szDyBM(!sSc4`Io?5SoZEMMd1iHC==5N z0Be|PXP7V-%=Uh|iwkJNV$uiAbVSm32w6A^=O)nvmeh_!tVS}$mcat(!$D>du}=D~ zVfTMN&Fas z+nfqVk#KGE^A^1|y2eD5aFYma^WU;4FfwO+p8%|yc?;j5s!&&z$uK*mhdfh&FQB(w zhtgph5#ORm_mE}8%X)HY`3QIF3C4!l>#)3=>+TcYLv3ajLFmougP+uRaTZ-`M2A)? zr4!SsUf0k=d>wFqPyPf5@4Sg%|8E`C2v_9E zl8ceOViZ#`t|N76tTWFuOh+#J-r7|)AUAT=vDs*F+fsl-<(1T+M4E>LnZqOV8KN`I z2zn=y`dSYOmwXw-cwoEMFX)LjxB2%N9~u6@Nb`P#=K0B+Sf2hnJ||-i06Xz4UNK6@ z5L%8Mp-a}VY|4nKG9MXm?8C31Pd<-(>d{X5a(spwz%S(pZ}_`OUtI9bJcT5%8q5DI zDYN*+Ifv>k3#k|bFXg}BVAKab0MFs8C>N6ysr_c*s+N5KwTB|b{a1li>3(R6K;#{9#Vy{i|Vpo^iDSqIRsJ!=ITpTUSnz~+Y| z{}+Amn~xFq0Z>EAKnExPsDCC45Uwpr`8=R&`{~(YljLpZVoLY`C1K;SS((4+PrdU< z8_kuA+D55V zTe_qzxAf63=#r@SeBA3RA1B!SSQI{W5Mh(rD$n@ERLXb;jP7`5)o&z~|H=h!f6IRB zGmyY48A#zmd106!=Br98MW5cYcxaxGqddZ&+2i-CaETh3M?PV;z#sbg-@WA%O&`&P zTz1Q2TH7OY0|xDP&+QM5T6`2y-kX#Di~swFH~p!RVE{@m3>o&9|MaIf{qgGJBdm|B z@813&%rqZLJjtk4f%JQS{Ft>Ona8J?>8f4fpy}i23euO$I%U7Esq#N9{ZcO6ab9f! z3*bOa^Hr`l&)DCR^-cw#QFk6i{kv!WJEDK{o8<1@0#1F!Ith2GlfbPvq`8j%osRNh zyJ_4m-Hv=R>u7!D7f1L$1~06ae%$AA*)9g~MB=Q*($(5Mee2F6Bdd&mVXi?Wq9Fc_ zZ9u~M8sL8b92K>`cyi4;r?_kKh~oQ0sRGQ#L#a_mTVv9GM;car=Q^WjWq92BEptPO zusXE$M#ko|Fdz#_c=_R`mDH770*gMcR9q~S@gUn2AF2H2L*|W9=5Ie=i`?<)#Nl?? z4vCkzyRIsX0+%H_s1fZ)?fkGL5H^(=RzlhH0|+=$@A-uxeGie ze#g%J?RfwBLbfdcO?-Fuux;<}jQo#-{@Z7 z-A5QW*uDQwm*B4^@#pscXL1#20IgE?yj%8HB-`J70u}jo(TI37_Sdifn`TO`-SPqt zalFC*97+}e*rShf{I87rm+ca!yG0ttq}|yO{Kxn11AxySW&dFR$J69pJwceA zx>q%@xV~!W5#isA$89^m)eA3_Ptm{y(r*XeyYvozu)DzNZ%H?Q+q6Gj5ch7QkiYkj zyACUW0_cdRPpJPh^ZsHWfBN^gSAE2i|Mcwq%NzbQ(pa}S2DFs2zZ!+V`P?{4Z1Ht-yI^bqHt&kMj1hW_T}el;}zKQsiNBP_sC zL|*r5e%q3G;ZW6h%eUFO_y{tI(*?Zkzwg^WbfWN=TYG)@^0f{iN3JlR2{J+4#%F=~ zM&Bv>&!z*}JHUb^AAjomxVYFZT7$S{NSP&aKCGjOGaP(k&5QF-pSqcVZ}xQJ%gesE zIt$lVHB;z><52)*DFqGT&GZk~>m{lP&ZY)Ys~?)_X0;GoySYX~=;SUrw6G?}!VwCg z(XvPt@)Gg9a!Avx74~sI_~aY&PiKrf@PI!&UQ|N6%exxi(jYKOLkSRKm9s5OlOA9Y zh3Gfvxi3Yxl z%TMR6-|4U&D0p%y{POm$8q(3}6k|rfY5DT#m&P4{g)@KNyvtYb@VyCfEpY<36HWUT z%b0jEu=0z;jX%t){~E5aH4^Ky`?b3ASV-u1Mi(qyzFN zX)x!#!p9pc!uUM)$2trEg=S+~!7uvims9!;Gm!Vb=@C!(2Eg40nXPBOeSm9yb_k6W%DtY*lE_of+XwO;!g^exwau&ej6pjTOe4w0^E1X#3H`jZ3 z;oEuAJ1?1SE9u_|$lllLf!9fazx{mp9~dwybsIBWhgCK_#v4cD=~$UbAg=P$B>7lo zl@GS-O+T0#bUPHvRlgekGi&itW(M4bLZSOlFtC)Y72l!Y^0=uq*h{Gk*l(7x1^yx< z4{hO&3D=Ko~CpK5^+i zn9AoQ|DjaNc;o$dHJ(LQ*Ph+ll)#_Gs&)ol zLGNuHqPlHo3{}CqpVlft#*Jx3Dn-ka|9HY8-xAEN3D-MCfp7W~GWoc(S9#SQmY6GN ze%u?GbtnmHVYRxxn?%0V=Htt{l7hKar7~bcT?gJrR`z@CerfPQ9eBdxY~G0$JjRG1Anl$eeGr~N;6`jBsf z2xX6zq7sCG!>tHlj{iK`g7pFrYcM44rIIuNS)w84o2OB&JjaM!XL|FWS@)}j_78vi zx9bMX_>y9E^&^K{q;M_FTf;^Sqc3vhaJ7N&|MZss&=->L04MERbXq8lpKycy)*F9` zUokX(`GD!vCbPIyF_im<&j`S$kSw^}IgP*Q_x$JkhdW4quVwC#6j9thMk%#@+~%CV z0b!)x@xB#Gw-fU|Cy7m-yQrN~Iy=EQtBdWvd%X7^oJ2Lb9M+{pHLwDe;1l@QaL=Hn zt*c8+DXT4Ru&^2#Lau8{tLCe)M%mrj>eao*J!>H)?1u>b)OTSc0JURnO+_n;E4P&@ zMiU9|Rd<>4Y{8#YDrxe2&Qw;o zWZ;voE4-DzC8G;70PAHC)zjeLx*(gu2T;lM#@Ve)0S1hv5nX{{Q2|N9rT2;e%3xvx zneTO%wlCk3wJH~>P4HJ)G2pWr1UR}FuLFXjH@+WQ68W@Gt{YTpVAJHlaYHNs0+K5D zMzz{aSQ3{jR~ie%DR_!HPg|~g&?{^@#Ai;&s8t&+n|HvCDus!j6Zu+lg~|mC)n-%C znPNe2OpT}a6)OO&4DHwot8Qmm#y5JEp}Jy<+Z00pDfJn|`@#?N_$)b^ls$ekLtYci zgy!xZF<$as2`D$XC=V}n=h>ilx$(sW_W_w+)=*{2op2X!qAX!VigB8YG>{%enzzSz z?HGtgdeEe~0XRh!YjKQ#EReM?o+T?~vdBpr;NMrxtyd40M9x{784F#MUclD}1)&Y} zU73g5W@D?zT#zamPoQG<;X>feYD__tUO9E}->!&%+Sh7*+X!}8UT_awFjgpnvS5(MTXp^bO>~{O75z7-9_L2X%-1m(;g1~ z?l6Iqe1o9gNYhwmZCzN)h3BZnoYR8G&ex5!YW;8?-a-D-PDbxK9~%G_K*+(@TukmeY)TUN!Q zSnjVbCOJSSfqP^I$}i9D7WOk&y?YQXTUhON0}n^X=loG)`Bg>>>e*2Z3D*CV(0XNA zK6vHc!l-)gdv$U_I@CXh^r5nw+)>%r^+S$r*LcNCE#x=CfAi8|CMVM!(PE9*_CpQu zMhy_|en`eNTc+zPcjoLGcBoOM--D4P=n)GW#?PykRrz>y1qh*!2q&!qP=l|5s<@K) z_~bawQQlJGqWwyV5)};UHT)CjdE)qKrL85+nyylFk}U>IAFeBY^71Gs^~b^Zhdv!F z=X7tZsfgFVuxHgWVm)5(WJmQK5`euXJf4+#7>+*M;7|m1ol7|x?JuRCaQ|{APTM8a z0qW{|yfea~OTr(iF;?Qc^qn?gxMjs*@^}vV-L00e0$e7f-#rjd&1FZDX#37&{*+sk z;Thu{vx&oK<)pgxDec`PtCmoH8knxb_M1HiT}}(v;%Tb9&@%|TxG^u%(r{jCn0-MA z4hFH~$EJOnZ)DpP$+hM)r%mDfqdhJfgoJ$#z2xuBx1$3iFBUTgT{fmY5JFGq)#e_9 zKqt*Kqw%s$r@)hXH_!((z0J{j_KwSPKH7dO3*roFxmntfboF$y<~QfYx*2j?F<+J# z(-G}Db_eQ#cGIIF_(hKuzr3$kILNJu0K5U9fT@WvwVRIw*lTB1z=cSte-`{ z979ul3!JK@NUk=-8_xsjIwl$#+>AXoOT_v=d&b=P&M}{FhaY}&TXL~+!4V^?t6Tnw z;n$P-gzBVrhkSXyS!+ykcXNGZ<0;Il8L{OFT*Y_Kj4`rf;2#qA0 zi*uY(@-lIfk|V51A8*V=?ZtWCMDhJRbR%T5tgx_I9trUi3vR9DNu#1c^MG{(Vk?e_ zJczAXA0!}LFiS>tIJ#H?H##*7TwIz>Rzj~o6zH9WaEfh-{hh4|BcEX1ee!IV{9cYx z&~JlmfbOH$by7|4d%o+iocZJeW@Vh>@`?_HfP3ZWL%ZRs8-S`7)VI0!WvC`kYM5kf@du=m2b8Hq#sT>K@=tx zj1fTl)bUB1-E6qf+9k`v%(B4E_V@?J-RNhG=J43)7d5P-FAfi9z~1?&HrQ#+EQ>iN z7bm-o;~ZgX9(!Gif>w|wmoY};^8p2q*+h;)wLCLswnHq8f_Ed^lLdxO5JbGiY}L%} zg|_s^)xJ&4TU-0(Yntz&t3{=(xf^!2|c0Casm94#I*No z{c)8)W9ZLn4nkEZkSXO7Q+HNA3t_DmJ4syN&T)yQPqf~oFDkA!ZUxGj3*WR1%_#*+ z5=n^K*uQNwzAUHXyJn8Mgd^74=epYJ8Og;)HtQM4lYPvNF zdvO3@&da{5*SauMIx|Z@4Z@W@ORb%~naxAIJj8eg9*-yXBkKOJ^4IHUZU{Srk+HJ)z+mb|bXtn6hbJf}rjY;*Bqy zLUY^ii_qJrm;9$H8{~VH=VH%aJt;NYf0&9ZD?ZgvYF#~u$`z5{HEXG~ioo4~!dO^H$ zT5K^lKceOWpJr@!J@w#jn13@R0@*YM0B#7E1HB{gkFO`kQwwi|Y9@+Q=D-LDY$d(} zudezvYH1e$=sr7JBlWvJJ?KfBuM0hKn>fU!zf$}HsN2|1x~S#C5G2R1RrM@+f+8Gx z1>5WJ=sxzA2Gd!V3N{`m;4c#^Src#pfRoA}UmvMf7sh-SxoWuPu44bz!~f$Rww50j zYKqf|Dd+YeLN8Tfp;+@G&%!Y?^D?foFu!POmIEk)lku5 z)m>vQx?(ZU!Ju6_L5S`+ZTRd%t)9&QU1eJR=>t47N4V{aL~f3ZSJl^{{&%`GpK?L( z>GJlvEPVM$_IlD{>(5#TS}(A<#>8g}0R#WLR~Zz!qWf+QbXQUSUr&l&$GgwPa4S;p zkmv*U2o<1ZJl#&p{vsy9jSZw0JmB;7&@1md$uAe}eBB$zoYstJ|9IuORAU26NncI zy8DkHJZ6%q*I(FtQ3Omw3AjRCPL^d#r@>C(y>Q%Rq#yCtlB=eVBBgI=NNN)*1p_HT zQ8eL=LoL-DcH+gotDQJ2%@<^>o1@<)UYE*>NMP_}2jLhWS9U-r&@(R)oq?n-J|b8y zJ1i0xD+?tS3op9~$B(wy&`TspJ+cMZ%=3w@h5N{Y@n+BnYsR2YF|i&~J$c5cS~0$_ zgNw}1O~uPONJ{Gbo{xF>;ppL2-;TnIo>dML>o4eD>o4`?{O(;W0S=XcXqqeUW$!}x z^Mh{=P)NTP5zBlq%a1@5Ocy%pLfaha6TrKeZItiCL7p8w`2m0NBlBzUvzarzOXgfJ z5w#Xl_x#%G#&x>JwROVp5jY>SpXJtP5oU>IvTX4DC_N!w33oD(_1$+)gJ@0T%u9G- z;`0u$1%<8f&Ss4}r0{(V-_!iA)BZWqAfWKaN+>NX!{2T0LjL1Z;ySNvCsMaenEqt$ zVEst=<+0GsrG72MF)ozo*mb`0Kt5ee2h(}8{o+Mx$MO?#v0|;tZp+P40eSP&Sh%?O zMJnNS74g*mbUxAghe~f%UkO~)aK*3ixnAbB;ULLlLM?;(Z>ZO>0Tem4qW3zEy8@nO|$e){AX@*H3(LSl2 zd3fhxS1=4OPzJWVVp?fF8={cXTU*GeQ8nHzAOEE92Zuxg#KsO!9Y_?xll$7t#*yz8 zujw-LHIl!*D@4_9CngexTpI~fkqE6RDm5`X#^7UrlK1%6Yv%1j>Jx%3d0?1Y&M(dQ zFPm~h^C9=WnAuS!%{fcpzSe{VevyA)sx?8fo3f0g8@{zlGCvHI3^<>}WB5o`pp`tG zU7oVAZoVN#xn@#kojX&xahm^RsN+F*AKB6NOqX_vLn^kP(2X9}ZmYi_2mdlS-#DC* z0^~@gKneGk4EH0Ery?>%?G{_YllnY($D6^X%Wqfw`6sR1bq6j zG}O3v+Hj^SLSEDs-ywA&ycfuE-3qeWk8DT5u-ff$qSc zJbIpq!=!oMoZ{$e=4O1pMxI=0f!E7yy$ zvH7&Lq*iJwnqY_<)x+h?R(yDwMBaXU6p5}Rg`%Rps)iG6q@Todb)+sU>zx1k&1*$P z?i+6((fP|y`h;ATXhK2t670CoaK&f9LBZ-m&VGEQa&zorVj>Bs&^;h| zc9CIUJSpqgu1`*z0#PE@GSATzQyW#m94-Jo(+i^L$59%?~5wPZ`@huxJG#5qjRB<^& zKQ_CDT4|>6Ho~NI&JJTZ4NQV+k_5onATRX`o45X(QrJL=mMuDlMNo`S8UhoSN=dM z<%!dBj3IWh7llcoWOSb&zr34gJ-gGeQAg2#Ty&w6`<3b=|SQMkDXK9Oy2unGK z>e1_HEKOr>A%ycf{`ojtAW04(*V>9Hi>W+!hRuM$>rwzC?2y`^C%_R&tLS9{lj8zE zQ$ooMpm{A(8R=aenIB>|)Z9i&^-M`}69rp|TjR2|M(`0ckHwr80T)I9B+M=~>4$@S z>R~zgE9s}-@a?|59RM4M-XQtzMkyFce7o822tRRNpaFsw_u-Gjm6zIB%z$8w01>gB zLgUzDu9JqYYoIQWBx{&;@JZNH{x-7@6f9&A=g}hnvk0xt*{g2ujQ6fCj%#N?$RKSv z>6zh@VKAoYH+1I(Y4*~kn9a>DjFgh_C4o=lgnM=0qn#w*(%8WV*c1>FA}BWPTz9F% zo(v4VayU1KAq8+Q?$UJmYILg|)xv|SM_sVhnpPh$qq^=#UVC0*9};PmI(9#@E8wcv zpQKZvvkIU0D$<-fkaj!DnEP&-60J{q@Zk&DW=&E_?a(fBZ7P^|`W|B5fT&$E{;ZGa zhWOIw0p;D#%RMA59lRQL1YBwYqzz87uJ@D@#aT|@BFIyU!EHrHDiPP+hl2>9|JMh=h`QV%VLUUkvw}=kA^)MFmc>enf>&CtFk{ef6=>ut8CPZsf z8jslrS%<--o}gkZ)28#;{CM`fnop)eo~^@Lt_M69uI>CQg1o~Eu#_^&=6xWyYu7(# zVdj!~eOAnZIY8$62w*~gOfH|m?@PEhLhjBm@f^XQjN&tt9jL$CXth3fS`H)3EZA&| zG-yBgG>~yY>dbv!j(5^@wN9JF=H}-CpTOIrt&6+ovpTUx1;nR2IB>1v`Eh?;QU;J+=q0$WS)=Q`j^i_5=_H+OkIzf0!!nE zD6&HHkdiYn2c1|Bg)~RUA9NfVPw8n$A!2LYfO^e&NIxxj0gbt@hNZOW3 zfK-RW=w~N0$qAO%j1`Kd%};6aUza`G4K+R8-_Q@z`_8riabMv`;x)`PCXQ+Y4 zs6roo3Z6^`UUp0O2QvN5j^B^kEP8PH7HPK`s1mkrA912O^_3hPF z7wtAGjA+u~AYt{yJUO*=kXG^!u3BspxJFsp&tIG4GkJ_t-c_9&XQVk&(dyOMNu>3%cLb_+hx^4(d zudqU+Otd1!x~8Y$?4z%;bC2R2v77B=ys#a~zG>STRxF(%wyF8w8HXdO0Bp=T)gbINPn@8_q=%Foz_r2enHx_u%%qq3yNim9+|=vS=6x1VfhGuU zQPMF1dxqU{KZdGEsqCQ`cKJFE;=jPdg%voHg5#GnbF5 zuWS32Se=#{?M(|v*fd8UJ>#eQ^jUOSk&(dS5ZEM1V%9_13GRvTI7FwoGaH6WM?{uM zpr)7i6jlp9IZp(`Jdq(DLj^?(vn6kDJLaX-HEPAP#2Z12>=fqbPG^;eWdUFHE@oSj zjFHFU0{~B2tPItxm-9*r7?ex}gi=odP+nAa&n8)DWD+_5BGywKmi8I)T^Sdb)|0fI zU)TP0bFL$lOU}RA$5j_SW86IoMwJH4<5IX<|(!57GykSXp zP<{O1H!R6lB;ihG=BXGcr7(Bnctle=a(=a z@0+VC5gtpIpJNO5rv>Ae*~D)=)8|p4cp}s5aw&pVLCS77p3c?u8n4l?Lyrs(>Mu)g zrr;b<%UH%7OnmE|sdnn!I3^Lhx=)N1rB06<7KpD#`hwOYt#t~+vs)7>@yM?)dcpt~ z%`dnnIy9scc)vZYoFGoywcW%C$hV&Aim{m_S8^Z}C1t981x-%%S`$EQ_0Z=7sm4Q5 z*Rk8)seF0nOW5&L_6}ha;a~0^hh`1=!G?GRB<^Gq3!mBM&pvlHo)^km!2KlCP-QJY zL;hyFtUn}s6{YpkBtgdz?sgm&dIPLcZU)w5QF@aGj6ep#HTKk?tQrDhsbByfKBQ6| zFVdq9Eqs^vxl!7M7_UHU|G_!hz(LD{wYny(Z?B0-Y1OeLr6eADw9*LQd}ckLcW(|; z>g1t{${bl12+JDwi|$Pv>9DPyjZoyD^%#k88kSR}A38r;gU|PaBLKuhQ6UF9t#33{XeD7Tr+YemHPN)y1W4klm5F)fKn(v+_x z%0)70ml%E%s{9ZdL0&h~^E&#ymZ1G97vo!;;7YP|YDQMgQiu2a8j%edeEZ?mhzJE+ zVM?5=RyDo-R1U@DRQ(}C?qQulgrPTNI#f})xHgz_ZT^L0f!CFbfr3NQP5Vg#c0)-~ zqa5L!u9sX&$eDxMR)-b=HKOxfo_B>@Y|hN=!1_!Ays_l&iy*Bi_Fe9`I}OM-YVboH z@n*k!nKn1|{joItJ3D2XQ^jU_2o#n8C7TBL*LV50#bcu7L6n{=OG=X@9Lb96(R6=< zUlS2U7crqJI{n#F)6mDz=YdD71v01XN-oa+ zCF!O@g#B%D)Kh1N#IR3A+UMbO_WP*1ZA7P>;q+_$SHj=X(U=T49!j7en7){$+T)){|QfU87Lql5L$JP|7vZdowmEq;RVU%vF5F9m&EOhVcn=4*? zoFqv6?Z@kHAGM#Md@sg$0(IJzqZKZCkMzesQL4huXB>a$i*j#Al9Ba(_zV+J!CmT_ z_(2dxRyc?Cc4V9d86zq7u<`0Ckb=6~p0IHIjzYEW`q&P-+|xq@lBI4#H?%)li_BE*7Xy8)I#DI5lUhpMjKn*EA~Nl5$j2=>2yw?v6~?XU#;K*)MnbNuP124?P6QMK^M%6Y-v z+ktCe!USM)vD$gTSls96Mc|>YN$~4WOu`3?^t|Q=gOX8B%K4ns%9f1*sOZa8sL?ml*W5cdR}%|A zOyu~k_Zy9nDZPoo@KkmD)oaOtgYclUYRUtCpxzZ~3%AxxTNVxzh*2tCid$2}F(6!$ zVO;*jZa{c4k?$2UH(OSARbySxrg>Q}MCDlGDR_#_!F6HYjbmh$=4mSbiRG`T$Ulj$ z8GVa$&AYyMsphLscS`T3F(4qi5#(aOsO)9F5b_rmYE7&_w)P=j3k_#nQo_U(p}cm> z#wj0P+6#e62Bd(Qr zn5&WnGh8mcFg=R<0e<()dX{M|Jq0L=`Q!n~67J7Hp`!xRzU2N5>+v7<3DwXaQrT-2 zX75n&IUdVD@m5e)e>)0wEvtq_gw+TT;e|p~0!JhlU|4Jy{N*G-A0V+v?V|gx{Yw&? z!{6uzV(a;7x?!r(IdeQ}8gx;z&G1ElJSce{V%(AH`UuZLwWvh$aLJ+hs-S8v>D60@ z`5H51*6vny*7`*a50B?XFO7WdLgP&XuR*d&PeNxK237a<84Q2h4h9@Ps+Z0+%+d`i zK8zh(37nLdEe~gt9M-`zN$U5bKO2o7h>}uHh9j~G5KTd9U-2lXACCo^FFovhvdkQr zwa@Q_7i9$p9>0MA1fkG&~v&Z^Z@IBWtN6X6GN}}BCU`Bn#sCSnE6-R z2g3T6`<#R2&4>OEX2T%2*r8iB(-Ii&xdk*rSBI0DeNTaRp`TbCd}-MH{>HEO@xd=f z`yGVP9z2lOu`_wjYbK(f*!PWRHu3o7MGA3$wu>eIcK%4deU8(-Y^3aFb1+ifA3azI ztdUP+q;`}&0>Kfp_Imv$Pw(acXH{sYSWwC3t;m{s`ZxK;D%uypQvl%G79Xg;IMhiM zB_x^$kYYHff_G7mGTXx=KKl7MXO{H~&$;_yF8kR;_Fx59cxPKr;^p)~ka}~8GT}!2 z4I%X3T4-4%mjp6>iIvPL%*a_OXPt{iD$sPdb<=4($-A`iY(JI~{&5vH!@rrutU43wo7oydrdJ8X)J#N<;=fQW zr$^=HpN=ppDG*VD!T~ls@^Bf@2zm|44cA{Uwt|BgOE(VSr6yo_q8ZSg`dCgB>7hGY zyE~PYH)rc<=6q}{n(>65s>B2Rw6pq~+!Z}`62e&gQ*tVv3Q4#JCQ^X_M$>3KdE=%;A9g&nb8Q9@lV%4~r;Ps?tF*x21eT{%E^pHZtMIaR+HtG(smqMwc`;xwzb(Ft_UW>T=F&F9xp)j@hwb~ zs8yC3D2tINT!-~=M1%^hZDbkl5hl;NA$1y{i+AbJgdsPj4ofpRu#l9*PTkq=c7*)WnAK(Es zmjtEXme20W8yu?eE1#twMo<}zGr^fCl2dJ=Q7=dF+SGk>LnMhA6%p^bk1$}}^8^6^ zzcNy=DdRuW<(wrQx~|6{@kBS^UUu)?1`PV?$Iqk`{Gq$}3b!bvV7DGn=$TR#K3MD2 z656-hJH9Rjt!Q4Fg|i>qM+wL#-%1tWwhGfKGCakiQSJMlA)GhcuYT3jD}R{g9~&S% zaW1T)(fNVu%LxZhXB-0=OV^w?u`w|W;Az`m6--Dj5t<<$MQQj zdd@==YQ_3@ksq)5l=#c%(_QySkSA3Oo|m_0E;tA2Wak^Rb0mb~@G~2w%D4YR9v-3% z-`u=7bbUbo?}TFXW3-hLCi&u@ul|QQ@fC?^%BtV5!b_`tG#~b1G}ja;pE9OmE?`Rl zROBIlKc+0kRu<0Q!19s0p}NG3OsKJMO4JRI?xanw8hOu^b)Kj~&%CZ{%Za0pYfJJ@ zyvj4`PY~`(3U;3;U5&$JJ_Bpl`i0ZH9smXNc7z)62QdmR%F*vA(qFjRM(}@?3SR@H zave-jpvQs`fQ&nofV?@0e({>*^`b;*R{M1ir{nZ-;+7J>s1$^dc+Fc$&s-9)$e8P)H* zix{%&I2^7zP5)rSy*qU)--3U(UnNOsr|cuukPiEnK!cg^C`!v z%*`#umt9DsnD;s7tf$nZ2Tdhre_hXI=tIq6uI34W^UAVE-Rfr{x&f|_c2gv3$irKe z17c_;3I-)nQO*0z<`J`sC(2*AagBGA$)&ZU|maZ%klCsVz}UkTrBKLm!y}L>lk`y z+Q>e+u)+77rz5@C;6=AvYdG0gm&4^s>#GaU5Q(8gfL&iQZ^`bA^W=u}0{nf}4W@fb znAhhwML;tZo86+CwsbFqNh7{e;>c)TOMzm?#}F!PF>-Pez1YK{dyQ&Wx}sKnIf(5c*-`G&qj9}>0%>< zOvNU;k23s$DBWnU?zFI)0n>^-eVX^{1SQVNP{)PsTHXFUGYCtp=O+?u)Y<-Eu6U^g zeA=uCh^_p3y7;K%&vvZEF#*Ut`fYg4>gNae+CQFzxcR(d7EB$@PqN$5$b9wfrHOZ{ z*36C0BRI&0--9U7qOgHw`D=htx~}`Gln}rO(xFft4F=f?`IYuNbS?ubMv>~igHr%B zFRz++W0X!sZzQkH)_u|$^zLWeM^+F?P^U0Ylu~y6>7Ec!U40dd@-*PFGJ?7dR_$}Z zLNEhBanJUuC4^mQ8G0bmpU?1z)EDP|m=?GgXwV>L=A4@RN?&8&>afVBvk}5&F#J3n zp+Z?G%OUe-+v8uD;Rh_w7Jqq>>XNkviCB2N#-^OE3Kyx) zM9!?;o&=6>jjlIWct?64hiX(ySFZboCZ2Klg;|@$ca!XN_pp}(N;hFTwyvDNTR$t9 z!1|$J{6_TK`niYJvYZJ7gwtuxZIAG8uyHV5Ob1?Co+-ceR&!1z%P>YsPjccZuRjom z#VS-^{Oo}!n+C6^Q>HG_EeRl6t6uj7-`NDD#9^-Kd^R2Mwg=HKtnq{o#L3}H=G*hI zCrI1g$!yKQiA4APnp?~{l~cqoOYHirb>5ju;S&}`#0ema()^Ha^oiL>ZI~5kEFrz| zw!;+~O8P}I;a7x&R6b}NAdUz9Po=1WJ1L5u$3ImI6UNsA8i5Q3;XTy9 zsayGY8@euaf=?mq@*JXOKte!R+o|i0fwzJx1D%5}0Ty`1eczM7?bC(Tx)SB^gUm58 zX!;xsO+|vg*x~(YdhHmX8EmFu*+WhmMMlC)i4&L}_?j~f5n4)cNgD4KhNf{em*rnr z&s`|E&ts(#*ao)F)*RX`J!=-(Mj0}x+N<}=eby+`aPbL1g?K)pgJ+b*u6CkGA(G!e zHed6(yz;gfq-iJCW%=bKki5WlMZHji&h;9o2yejb<^4%U$2q&4OgDJW|Eos)dPZpiwp~@-geqOj7b0 zmv+$JUj-xpnem#j7~aVLJzZM)f0+%M2?ESEDL~#-aXL>8gH%MVBsb(`O(}ngCKfby zTI|X(P{#d;5|faBqVdE1%~Ed0sdVG}dTLkBcPfNdt%;YTgAz*lCxv1xIIXUkKDo;s z>2s;F*2!tRXm@WM6TwEN3h{u4&9N;CU# zb8X8Xe|B30L7tG47*nZEk=?0to1(YU)O`htmbOx7o)oF=X7!pj;ZMw*fjDC z6KG0dw9x?#xw*cYqs`N&F@jTyu-t5M9{ zLy8W`kp938Xk6c=VSWn=0F-FgeBz+K{{WH}9D0F~5DF7>Fr0$>TiPwyUKy{wwU|At zt~T4jDyl2N6jl!;23r3OC5W8B(W;bzRX0d;@ z`BtRX#8K#N!(S_}tYJ=$vWNohPlH~3>>Y!S*J6l@advk>| z=bXfaE@IZRW<*r_%zoo*g=I_i17)5|ylX(^Sm|};_EfJyJC&0`#dWFr9(F^R zfGIY(0HM%}7Zg%>R_qiG7(5OM4 zr@e5txSFk6klep5_fbaddJme-s?{)yod&dwOO9Lr4ipnp&l@omslxF_Fk_>sxCCol zT%D@UhNAYw3-RmF;=?WDjVeBze3)r;Ieb>n^9`Gx<*p~vb&6}hVDpPVo`N&9s-_WM z(`Z!d;98*X>!I@4Wd8B~Adj{6<>p%Z-N*R0o%->Ut1bSnxK$`htbsoH<#4q49q4@d z`&d2VVwvK1bFO^Pi@(#L+}!g8bgy-=h02;M+M<+3jk5XcaIaiE!bxIGOS^sEYn?J5 z_o`KV%3sxt<$6{Rd__X$?FobFo-&Yr$ip<|@l{Nz5}cXCyRmuf3OB5I z1B9zxEGR(R+C#(nF%$vZ{ z$5)NJhTMjY_l5m(tTfI!w0_q9%aLIaVhWSp<^}))Vh)T71w}&NIr=8MH<-`Qj8&QT zByl`GzMQOew1DJ>I8oXktH|--7co&}#E%nd%8@*X520TCLD@UTUyNqDd|`(jT1gEp)u?7}7xQH*QlY8s6{up0dep6y;NvWq5RS;n78mZut3nO+*kNId6=`6XoS~(s2G2CC-KH;N&TS;fv+*v+d}PM>F!SIrN82p{_P9=@o|&}iqBjAco+X0m-PFG@E>2V zm;+Ga>c)}^?2jM&AFj~2-ySPPX5Z!grMLg9fB*ln|9Wokuw7bgr^lul6ZmakKq|a7 zom=(8kALvkcJO?qaifl>zL88)h9#v`DV_LpS2ZcHD^i7XJn; z)Z<1-^aMOV-rJJ0>)oV}KSW%W*@X|h&9?Q0n5p6c^3rUqoyn3`UhC-(KvnUQmcWm@ z+x+i!UoxT8z0gM@C@bH?ReOL#7zs=6Nu>~Lyc*gteX-Sy(+t!k1xTQnxKG-Zp!-pT z>@MLXF3N4sOg615jq6L-0&y<@vlsu7PZ!PZ%eFUHIaUw5U+t^~G?@G!=PihG`FVxU zq}lJBRZq8|DxbdKlT_1XWBh^5lS?fupmY{sPtlHO!1prjXIQkndoNXyW_wHJ7hN=~ zuL1r1iQJ5in`x;=9D4%sAO~Dq^zNwVf3o&JJUdxQz(OV8K4AQvf&Rga|IN|;>uyad z;ErlMP;!xfdi(D#Muz}HLvxw_lg0nhG(QU5#R~s;j`r&G_kQ+|@B5Q0G=#uVA{CX? zf3P5bv+R|Rx8CCj>&xEXP?&%21jOlpp^q~&`Tz06bgcr(d)=$V;&Z^d`Wv|VPj2~2 z0z+R)O4-RZ@YanO#(5n z10^Wman$<{JHQ`5nurh>N=VZF8$+=MLejAWw{^K0}hbuG_w{tv!TO-K&kA2kU z?aK0$eo6a}N7h8%dN=E?F@t|-e0K?DZ_jC)+^_HdIziq7d(&JDQ7Io6m@O z{a1_jFRzOi(gT)INdD1L{l8nazq97yTO+!F#6ADVBR^8!I`X;byw-nnK!5Nme{wfk z6c{>emi^#Q?*0Av=5QN&5HZ^~bxu$G4vG|2NgYooK*RyE3-j^6|pOAEB-F zA&1kc55q_nY{cr2g<8Y1KV<&dj1@Zr=4-xBrFX)Pisp5;B(ptzMT!K%wF2{@%!ge+ zvj5@7odS-;e4qTy2@@(>rRCHIJuiU;(G0$Y^hdnHr~>i-rPKb`^8df`gl{kO+r#1k zhT_!W^=8RG^QtSND6aN;31hGwhQY5!Y8IaTQkAw#%L*3gCMu?#N^@M=ra+!zzG3^( zc(vV&ZAT-uI%K~VfKqb(r9uDces>!XQ-vcsRQj4dHEWK@ZfWcF$GIuERFe|`S6Hc4 zAoW&KV|&7ebEbs8)g+!>r(2g=fbP?N)~`486Mx5-|HzU>%geG_oXF15-vRVGwE~3BB092ls7bp~{RC8ehvT+uy!^4*)r3!li zhHYiiE6?B`u7{l4^`J~%QvapC9Z<7sEoVw*(sjT6lOOa)fAG62UBbZDWKV3{t{^HkjU3vL*#ad`6b}GS2I#xrOkAWq{M=o4kWT&l}Nu#1d$8sA2 zby=c_T%@K?Nj+h;0Xkt;+Ks680BM;d?Aa4`&t=2@S1rO@NfcxKz~Uo1G?IOcINcWe+=vc<45l{u&0cs*}CR^}Yz(v;+K$_l|uj=@x2YLnxeV{;6rD@-z832eR`Vr4ihG_}Z zys1ipH-5P7L!||Eu?tF(x&j!*swlDR$x54r^rcI!O3RX4V(zS8_Ddl^_KY=LUu;8+ zd%*93iYw+oL5i1?>H5N-*>#c+T&3xlpO&=-;gUltO{Auh=En0`qiP0fHL9$2R8_M| zM`)Xbg6-5By*yjuQh2S7+(&^T0iO?COJg*^3-5(?Us`dA^xE2m=i|Cg zt^#LbE2A5|a`Tvyn_Z=@u#@8fv71SN+A_YR>g)3@S*kC0+MS+-&`unSJRN^s=nE(k z#wLxy`Xtmc;xb>`X;lLL;xXSrJL`N2`2z0O$uqEqYOfa zB!YAhbIy8C0isyB@#Y$dbcmBl*7G`V_f{*=90L*$DVbBaj@J4t0OSLV!@uBpnnng9 zQ2Qc&ms&XqgTmHF<;lX2d(#)dt~)dO{0-Vk4nFr9r08(zZlRWoqHT_0>e(NfM*Z$^tyPN0Zoc3fDYbZuh*oY|RzZe?AQ~KA8a~&m0v4@7PhTNOvw$_(&EgagaVh9e3V}FE$C( z`SNsMbRU$!m;%}m?&2;$9(v~B#>roWm~|&`P&1?Y6V963#IwAEf;|Bk`Z}e7Q#Y96 zqin#tw{JYXe_%WH5)QY1x11_%xSBQMOcio2+$Z*2d+7O<4Z_#qe$hjr->cunvx=rr z6NQHv%yhcwkB@*55K=mhs>F!iv)mW~O50sQ1Mk6fG9^R#_lhOj5UUA#wOl>tV9iR) z_yXON@QmPItRun=j`v9k&65`xKQ1Mx6Xkntjy`dy19_|$`np^kegfF`9f4k4>l)ZY zzGmgV=Rj!`wgu|$oKzsWs;4Ucgs87THioX@=I+AAk)K6+Oh#$V6Xhf>6Ayv%c;2JF zOOsyCY45{!GOz2MvH{WYFA}I?!G5A;{b!tf8;mC4BIe-39M3>(GK2~3lN26{&)%vz zN|bq8RfRU#P@+KnUV<;+>wNfhg+*uY-J^TkkrbxqBVr-9gF+x>%>d=g{}DGjMIewGsOPk##sH zhLZ51WTReFAeV+b=l81vtZ6j0>F!5g*hbsWqJx^szEBRGyy4rG4rzsEQB^ndsBT)N=X+nZ4@ccQ5AS9M>=in@DwXjAG1kULvo&>GYbk$-Qx z!=0&%ygXR+z<})@66fk0^>IA!o#J`3YLlZbKKZ>ht@~sZr1b{34f@>-NSCj37vIZ3BWT$ zBOY>haPsQfHs6~U50-EPdaBRc`un1_b^umxZIpCx~<82siJzKXTHy;9fu?7O!y^fz4p1^_l3^ z@yI-8kO58yrI6F{N%L|^Cl&lT`t*GZ9M|%jf~xr==|?ykAT!SB3agp%D#ATb^nUF& z`v7JnC>v-ix)PyR+?oin!wxF zfDVw<>DS`~psWjKPcXOvsLKZh`POn?8%(z92l^%<>d)6w5dPf5Mg)0!jSY_b^K;xy zA)Yr^r^t&W@^XAs^31zy_`M*bjt8w2(oMgVa9Subp()n2zwBFlLJzm*oEIuA3TryZ zhm*)am5Bp@GB*PA5y%Vz1*%)Z?U(%VMT-HU{@Hl|A;DJ}z+I*p6qe^1{ouPWc#ySU zo>D#_42ST6=#6VGw(>m1k}%8RY0mTDjx^pq7`9(6;vh)!>mmzQ5pAcCYxC=bGcVo}ISX zdRwMfB|%AzAX*Khe331)q9%1LnYBCGAdczQR0HcKW=@acJ)mUVd=!UCY(}Lv&?Jix zRdhSfwTG%T*?6ys)Q-Z+6c5aSa@`vnOy$;9q=7TnD{_J7k3sD*NG`UCznxlHGCsKv zq=T+(OFDGeuL&uLd3gfDhkoUzc0g|pI| zgV>!x3dlEN;DGe)*Ln~4i93P>9Ear?&l^rRM>@ktK<=Q@acb8U!huwT;Z86!?76$T z9)tu*fh0tV+HU}^8?y60JCJcZzVa0>+^0rfFW29h0Er8aaP{}W_Eo*PzPh^Z^)R?h z#K%DJz9KyG zJC&Cfr`S?o`p{^omfOkJ>i)SE?}t$)u>|#;9sixfW8Vepm8_!j2$2mS9pfm!QS%@| zn7 z2qV0#%)~34!u}EN8tfD8nR;mI3C0KUt#LQno$a_1gDhtwz3C)s_sylCUu4)ILzD$_f1zcXL8;8nNY2@PO&C)zppbRLo- zJ3rn5_v%f*@Vr#=5%SE!^HM8`JR2<3zdo4pscA_Kx@#YO3{5dWW_9nk{HdP0s{D?P`kSz^CM%O8br0n$r?AHKhj0{`#p zg9W0dvsMgLbo7TfzL<`jTlxoW1pX>0sAwI+5K_=vpyOO|^I|7AgaGs&%&KqRY5M?^ zn2C&DR)4USz;_9k{z(uR=MAWVQ(XT`Qz8jkcdJj>5DF^!@_h&mCO_xL*Nhz`N3Wjj zwl|TK;uwF=G;vC<* z|G>d7&~&~lI0m-_FNm-D4LdyS`gmt*B$>xzt#eI)Q6X!e)707^1n|E7wsf4Ggc$lw zt?E71`s$sDz5Go+qI7~r>?2fb?0y()XhAQ=aZU!waN^1%D)qY0$i_ zeQ}fd4Eufor?n)r3os4!F4ox_jv(!Ea-;r+mh`4aS(Z3!y|f6@>Byx|HF(_J`uJZ4 zdg)ybzOsdoZwOK7lZ1GKWXAEg@APA;sK3|&=euvwiXjP}V?&zT$`*>H^;<8EmA^D% zVloj+U?3T-GC6jzF{!I_>LG-wpjLg)CbGL&p5Hu++b8=34Q!t0H>(>&%VakPU#_&~ zDrl~u?k+!sM_qF(p^c+h8Bh?YpuvvYh?QMnJoY#U+dwQ6nx9MlD%8GcSHbk|n6PfB z>Fh(sHI^2faZ%)*T|5+%=D5SJiYr;HYnt#iMy;e$6U$^+6k*!4fJL3Ai|32Y)wI=L zG6M7=<{XB2A6#AF8q8Pf$My#<~3cJ3+U3!QQ2EVk8!)cc>eK6=h{kGPE- zbfR%{Oc<#RPX%Wct(b|F$teVw!2>GVpuYDkg1nkT9lI~<5YrY{?r0L2Fa?ov z|3gzC5ZE9_c^DvmO!jp&kW6<2hCJC`??I&9oZ@$z?&$YJg9K2>Ix<{)Ma9V{7k-4F z<2fUw1Hxxx6U-n&?lkr(j%`%IE@5_NxW(uOzb+fs)7?GJv;9ThGyCI165S8hZz+auv$1Ng>>NS>%^ckexq?6{GS&{}XEDllNz=n&p$O&nXtyDRHp! zvA3FpXlGgKoKa!QUzDc%>OPmOp5k7au+y#?P>VBl&6eX4h2W!?e zw49s(sm;HK5);-n#ku}+_v59lT%uG=3(#j%5oJXo0;Ms-w=|z4|b6bxxAP zofIB<4v7w}kEpr(X1Z(g4XG#1AY(`RDdBUzjtH)#iQYGBG>%+Bo5Iq**8KDs%0rR1iZGTCI|KSpw~?S%2K``6EvJu+Wq1=$PjT^pD$7$P-+H1r+))2MfV_}KC0jvkxJ5o;*ys@m>Nn8gjC zVTtN@{`F~pPVdR7vo}~#fQv?c5y%w6B%ExRtMQwMj$IiA3cbwIM-=gmH$N?^-_vs4 zs>TvwzPfI9=#Pq(a`r2*9 z$RJ%&2ML2G96S7#>kmn?9-w1G2YFL6raAr^P|F12W2otK|wrBj4Dmh&vigFVBXj0hPc-g0=hz+wL`o( zETCBMwSIo{#`A?u@*tgMRDaTwXsT9Wbmd{A z|9p)B^EY6j*ysVy=v%lSigAQXqVae^z2^4%mvmHAmqmw7=1LTvUw3^EQ}`3JFUj?G z5~E39kitS#@LGw3I3O38_abzGHf59b1Ap>-oHa<-BO!y~W%+Uxi9#trc zqkj2)NKWsIBZ8>rs6)VYQ0Xi|#nIAZ7bCx5M-JU>rAfa_Fhg_MJopRRl-qUjMWnpG zREs|Q>pqAfiFj1eEkKXcpAh}mhWI1sSDKeT#OUKqiNRfWP(_0_sZ%Au8+_7@-}|4U zI2r{QryXLYW2|BbtJ9-hJg?&f5iKfa5U?2JN=8d1L7qOR+=Afs@?EqfOAxe)z^R&X zt^7pb4^-qo_zHp*3|HC@FonjsT|?xbG(iX;CJs~=3LcqeD|tH|SckY4sD&UcjqMN{ z0tZgALsehCNJ-x#jo55|LTI8q8bW-W)JRDLLXEDDkm9EmY}tsQVXJSN_F;4m`f z5ApTH=@@cXc|~fK#R0)E>h)-=!`y8{B}heO@8v=84s-E=+sc&n`ArqMlrvH7*C&ml zPR^5BJxAdk#_56yr6iYFIr*>{)n-Q)2$ydYuk$Jb!}kW8A4^+ zL}4rnrUKQ2b%_^cXKHdRFBJ4C2v>{enW8*6@h~p1o+b|JAzqy|$BWY9J^zA6-41^Jd48eBMq~6L1RYTjKgE$3^3c3nY8IhAw?= zPOBEpSYb0wy(X)H$hCDepuW*MD53SYnx0q7cB{GVyd1m9`il<)Z-Yt z`a4*?sN?tj(A2@~`A^4{nxY)T6Y1-l5}V?{rXqC4`n#pxts+C0-|)t{e4RUh^7Xq? zoX7U1?qZx#DC|3R*(ORQN=e?AN`^K|4?XdRUsJ)+CD@FDI74|ktIXe&`nvXbIRa{J zq`(XELlk0&kV$K}vu?FFW>cNxwyF1JP5->J-&ddopNNY)9>2=@iYKxKYgi zL_y^^=9Kdg^3*;MaZs2g+>t8czYd)ty4MlxVKPgRB4G4=)gGw}B!{I@#u~NrUNkT! z*M)Y!w4#jREimh~fuc7DEYKVis(`4XH>mCLd}#+<^q$;@kX@PB(7z&e=ikQmeXvbr zM{FOpP?9g_rN${8!ukfOL#;z*5e+t^JnY*iLD(Qz$B9;-7?R}ctl>4*5Kfg+D?4q6 z)JL7tZ(G^m1ALC1M`~9EfsD|;Kt1kGv%6Bby_&ppr;?auTOE~Zo%}$r&fw_GTdd;w zsdRt=+4O2$IoW4ND59v5h%Ut)o z7aW!YVTJSkMm!~ zzZ~z!@^j)57V-$deRz>SAbOsKpP!5D%qVYR%;>etpFfpzb7-8uf_?l|4wT>}7h9sQ z+eNs0Qdn6#_pQdP58((oelT0@kvpUI%?j6f(o|>FTP?Te?Jv66gE>&A!><02JFuyA z_2~|fgo`j4E7BWCe{>}IJuYP~P;x(Zs4;E$gPQc|a(Va5wJD&Q_4f6;UH6S(!_IK{ z?9Fjuj6&tJ5#w*g8}Na~as;J~?fwAeIC9B7ZRklx{ZaSR`Pe%_xX(2^Vn!eJi%A>E zwhYGc*@y~#H=wuJ6i!QBSfj8JZx-*p@nF<1ZUXt;bwMJ8_fA{z`(Kr^7Mgb}7&nE; zC%!~;)E{Jeot>zd$lqTnU}Oh_DLcp<;5ZR0%mllQS z`I`A}Ks6i{J%M+LdtINCDKV8d^^K*a$L1zD8C|y0Q1*_|q`P+6<2Y#>31?A*xUupd zdPTK%^^~2(B)@F(>Go)4N>-p@Gcjt)!G*|h!NjM4Vhqlf4>~Um^d%R4zPw*-@}2jQ zdvqaz1b@C+M3W9-sqQonC8Rh+J#RrjJnl&1N-P7>5gH6xdsXF_hJ0sBqRb^WVm)ca zX|?E7O0(MP+*AK%rDb(l4Yn4!`s`3~9EuomhE}J#Ta%}pwtFOqMIoJoYUj03bp<$& zOO>YZ`CGzlgje;ml^+ZnB{3-zBrq!Lp3V!5Qe&TO<#D*93Zj78KrW9$@kae~{p*>9 z(}y;PYrjM2q+a7pZ;yY&bSC=7p^}+Bv+ziRmT!Si;9Ac+Vj`TH=y61-znvYQO{L}h zQPCNr6Pt>deeB^1v6l>kp&Uh!O-E!+uZupb@{_>{)dEeoLsE;7lNP~FRD$^i%s70t zHeDA4<~ZXan%k>ESIL=D6MJoUPrql^`gru+;sMRokGJ$5O>wWP6i2G}04O!WkPMA& z2iK+I`ElZgCt0B|C|GzJ@V*gN(lcfrCTi08<{}DReJh_+ug*Bfi{jQTekeo z`<$<|*+e8#xw0ysVq#QEPrII&*mNu0tY2vloTs^apUyAnh*(&M-KhI3>WJLCa-&g%C7R|z8El_fC_FNm@cENsSpDiH1OajI!+ zh@W+BYJ+V;rDAhIVMyo5sQ7$az@#MSIqTgw`LrtD2=x5>OP`1JWz#18Y4MW4&)pC@ zURtGOT)=iXw@QR@XyuOwJ#bu&-x0G5FgmRdckG`Z(5^*Hv%bzY2M5Avp`W8CnM?6KU<*s?8DaM46~pY;>HpF`FO53rwh*A`$FDou6YT>qf{|s-gke+h@{Z* z{v>mDmO|vSs;}l^qp5YhQGb$Ew4p597Tq}+3*!D>aQrPvGodOMUHiLg$pqAwBYZd(z%idG~t5Ea(C^hX(rBoH2 z+pCiSES8>BG5sh@X&|F7Tawl9i;uRwq8oFxScd57RdRNSzO+{|_W)5i4v1`te}Daa z3%7H1Yss-gUWrxEcJT{zvM#DH%4USmX8z~A&&23;XX}3MU}MI zKpCF@hpn#+inHC8{X!s+5Zr>p5L^QRg1h_R?!kilV8Pwpg9dlk;10nZg8Sey=zX)# zKKq_i_x_xMDypV(E+CP={A$ZV&A^of=;4(ie3x^@~XG(HR@lIm=)I;H0u=S z%Je9du?-8Q;)BvY_=3CILQ&lfCv*F>Ft8=1g5r>ND5WLJtODp0x(Ju|5`<1mE9EN_ zh*A?a9r7Tp>&w>!u-pYXTAg+g;kXG$i(m80I>6^a437l3Y!C zLW|Bf47ggn@nit=8I_yXBDBCdhcBB|$VWt8MAnfHzx&?Hcr&f;IqFX+9E*zKH?U8@ zV6K5Rml@=&Ue0K%_oWfB0#oAGG5KbAv&}^ z#5KA(&#jKiRx*xLVBvDuuB!RQs=0wf@TzOOuZfH3`*$&-B|)NHR^ui0$4Hs(Q8%iN z)5q(v9-ZlV&6=PAkHhV<&s1_6I+>Oi;LHby)Bj z$Nxr7Z?g?Rs$9K9TB!zDLaKiDBpYGfQYmEE@D)P->lKJ$eaN0c42aA*?Lj4(%MXVI zeuTF}*gHmPKi**BuFz3`y0X>vbk>HQ{8KfqFpJ;dR;4v0f^O3wACBvdm3`3YNjlmS zQp0g8#S8=mmIA55eJG8#g;b;xUPTI!``EE>qH+2dCRooED;^20uh|a}6KH#n2aE&TO@Tdd;t|T&t_cuMxc{iB2i@*6L-VQCcq8ni?ta)AH zxL+i!DUdbSkOqR(i>~pyS&S20YEgy0zvj8euEFgk0j%A!$(I{!lFGF?irGig&&J#G zqEkF#5(QY(;2CR9^iVhAZT|ALKPP4zl=e)fe*_0&4f-TsMSa1)}F5 zaOqbZIjwipoy?v0@-ENS^yYEWIK$FUE$sgN)troQxUa&0?F0#~RQivUn>O$PAHR$J z0@-PT&U%$6N)fTOXI{V5O+lkLrjB>14qpjHRV^J-5zQ7m`p4r=VfKQ`S_O3upMM#% zLbet6ycrbiyb_e!+XHmFUUcuawwYfNioy5D@(zZ&E&N4CPR9N%7m)1a$2lM;t{ma$ zAIZF+>!xJC3Tn{Q5IFQv2sW1wY|AGSS<`BhSXJT@63e*QV;RirwN*QBjg#|$Mw1zU(UT%zw4j?c*?s_tejTV^D#8j za0#hB`$^|Sh&!P}t;1t3_VKe6cPg8HX@bMg_Js5f*qaWu?f7^f7$r{g^kb=a=MNLs z3W=55xQk{b$=uHl^p`1(P^)zg_*S#c+#=D*FtISj#3U-~B8f)K_=dA2pAJu0BCAJ^ zNXgrRisxZu_Dp7_U;290NO|Q=HzG!x>(RTW{{$f{m z-7K=0QLZg5a$tL>^D0ej54rzcQt93% zn>E+Rh29F%H2RunDGF{)-v{FsJVCC2<%fZ-c#PP3iU^-gcEd18X;TxgknlbEkMUri zD2SB7-7pqq3IiTqUq-7exheOGI^xxRZ;b9^-&;xsXM!D<>)%S(t(T0&D%EXNDZ*|S zy42(W!bsiD$(=AFY0X~W-uFY(>t8ncH3Z+7mI*msQ?_DK6XfXTU>fGp2G^A}HwnV? zNK&Jp!C_>D_#EuTyue;bC3wxqsT6c|r9ay$ zrn46JoErxx@?^yiKlQU~S>VYodhP!f+Vk-rqL`Bi(Xfe=DZ5lCd;B$(42X^=X*5@z z#TE}HYQlNs%f^e@)O7FGlNK(2HI7$zk8tYWvYYD2@~)anIG_rVrPYHHSe0!0yIE6d z=_^QIoMR(KSDTD=+L~C#&Dqpy;8t&=i0=-!*9Q_!<2TX<{Xv{D7leJxCJ4iF-wY#V zWJ7Ul6_0{cO9himg~zsx`ecx>ZoKOmL@CP>V`IW(b2_XTjak7!5JY5OT9>WA*MrMY zU9ry~v%tjc1d9f}XW%*odMRf2B4_3)`+vUlxZ!p5b-5(2=1t5pKi8b>wW%ED5xalCz3wM`wpYJ6EL9h|G4V#sG&$_^Mxb7<+g-IPqh!U>LUg-(vo~MR(I-tm9%i zNG>DjW3mw=YO#^j$Ek}Qdght!cf~(eUSGa(N&9ROCwYR|NI*j^pUq#qwu^dFer%q= zkkj~48pU=Wq3`ojf%>_<)#h04kIxTL@Y;fH z8ZqoxbRiB*?K`mnmaz3!((vk}8O3n1^t!%2A70U1!F=8&uj*YiQ%Z@=PuCq8l(@!> zw3}Ggt&%<$+v}`8&v0Tos|>0oDwB>t0w@C*(Clb34@gJoNc zDqw4gqlFWB(@7CeC6~zM=%YsEbGtv0!6hIuOR!QpTkPfUQthHXP@%NrOp9ea=WG8n^o4^Zl$K$FJ3P5g;<|@^PrNlP({0t`pxFU^F`3AcYh3_*kka9j z%xV@pU%op8a>_N>EEi5elXb$X)S489inVXwm>O|!2*g^cGy^7Xr4A!!KaZ8&O-ECN ze%h`Sby)iQSn=4%LQh>PA=-CEqc6@mj~63wTxDy$OzI7FEA#cW;N1d_*_mBmA0?lD zJSH8GPYHjMH0=YBZ&a9Af|Dp^2g&t)XkfvQp z!M?bzF}Fb26U6Ya>#O6$!jnsaKa(`Fr-+?SwugJaj_4p^U-Ey7L^*udTQ1m5XavMZ zWA(FI{mmZE|B>b+XKTrj)8rFwa&n&edT-)|f<8g@r|F1V38Fx!R7062LZkDTtwjkb z5<&^jMr;BpLuUZ=lRi0h)!JFJbS%5W-Y{joO;H6&f~xHAut1M;o(fr)T6t_*uwrxA zH!^e+EX>=qK<8MZ#agRIKU3*s@a`>gzYNKth5@m5jZ?FH^eofumrP!mgj|2%$EA%5 zo~tjg>v=KDRjrTebeE#nNAnmu+2=tQDb@O=RrI}l(3FwR()Lj2rNQ3{{PD+@D8dW= zfYiEl?P9e=Hy%^1-jcFdkFjc5@b&}TEx~MQ90MryD;i8YH7J|Iy0A>QQBMwd}`of?^*Ex}XS$6o!Q;6NRN`upWbGs@;EVLe% zt@7v77iC(Tm*2JscxuK!AhW|l<%h5aHt_K(tZ87&_X#mkJLogy34oST?iu&pMHYzH zZ!`E1nzdp>!)RPd06UuG1iFH`B#@YCDfo@(#qagT_a4^&dYb^E@L$8Z0r2sW6a9Ne zqr(pClcymNvDNZ7SUDMxJBuUyTDm55zQ;bquS-`kVJ*)K5ke1-Vbpe&JU0p)EB`+5 z`j9IP!-rWk&0~Xz^V>@93N1nh zTBGVx^pY@Ng2yVOr>;^1@2+(FC#R>zYk(AP2oQHA#3}P3Gi&d1XEw%LVDkBrHG8iT zXx1AQQ+e-qEPg2xa^gwpRJ^UZb^@t`?=^GO&6*Wm$$1*rwlUiOH zQA@N>#ia^#ps?Y>$j*b8#sEA96^$^QPI=9r%k(435Iv`I#o{oNu{5~@b(i59%5am; z7WFDcjAE7MwEWIpg7xDJt7qm)jSf)`>lHEyRMI%%!0{l`j(z(ROrKbP>YP&Fsiq^7r{RJ8Pes^Oai)w(ly*C5yeGlx@chi+8a|0>c!6|u7 zeMU&Q(SzZ}4!CPKKvX5#R;-t7I@v2B75A5RZ*Lqwn&NCPsOgE{aQ>$O+s^clq~2G> zo}ccqB$_*|=1E|iBlc8b{F^Pq0fw=CatvB6PJxb<&PTZCk|3HXJ0W)W;b=W~;X0wg z(`$a_dsTwzn^&&|&=cmKO@1Sij#TCN&ybdapKV4sw>sk+?@_N>5YOKLiO|vcR>`de z$^$OmPxfrk`x_7Sc;7ZwMZB2L{4l5dmBnWl_w5a6M`K^4R8P?LjxVAIq@5V>%5mum z%)l6YeY^Tn1za`sz#nX7G-nA6At3K2dwc04O9w1f8~=1V^z2mUqNqux^^Avk3 zW;FE6pz!ifXW4yc?{-A3^2tl`F^YHzp*(vC%hf%TyCIpJ6m?o?`sYO4vaOY=4fV(t zl+S~>RBkpQmrD(9=r~7WQ>PV02{)S;3KHYfxSLLOMR$V32q*K|&>CD-pRsMY2QsXi z>ug=qc^`j2d6UYD*4{Mj2@>wmolg!xECP8=TM-;)tSZ~c0F2ZQ@#xZgI67G~~2ltltL-qd1C;jlD*DDmU=C|mBZfN{h zqHWHJdfsb3#YBF^fFf?P3bg3qkEUF_C5MF zfPf>Dg@Mzfj#>QX4x>*$br%tMPoAdOUY$}pQGA*+x<8-g_hN4z)qNgTwYsv!s;bbW zFr3oSK`{~smh&X(erkCF~CbnV0)<0o)k0j@F-dK&e8A>8Fs`$A(n8Y3j}G7xPgY}2&b zy>a*jo6C-6oX-(*jp@L!JyO}B+?(4oRVVfOnw6AU=jp)YVKtw$K(-juVZGgTcr@EP z$+k0lcZH3*vEGuZ-uCQSKx(<)lTWGr{dRSP&8CBFp5*5VUf2%^{(yhwCLM=nZm0+8KxxT0J9eV;PWlc$e!zo&i>81! zy-`D}(GseGBy17t!NOUL6en3uXlY)GvOU%g*uGlOgPw=|;LrEB+MT#GXhDo7Y!p}L zK&}Vo#7919X-P4pZN#!q0Th?sH#9U-{?~De1(&O?+>T$GhJW7*WA+Ee#r;zW_Uct;eSL!a(e!lRzHxb53Gf=`5-n#6!(NL z5v$a*{slJl@aKV1XS=K(UAkZ4Ou>nW*Q97(Ye1(= zvo@`PNIbRfIuK7kUQq3>ie_7{cC_UvYXtp5&+DXIP%eZ!BiO(OjA6xeZLo?$HBT=? zdyMf_mzwG6+YL%tFS*8GH<-A)1HpGXn}y_kF%r>8QmFRCV;>qe?ih)mGe{qdVeN2> z7!Z|Z8R;r8^VvDH?pX51TKQ`gMbbO+vDEhdQHlEyesP)y-(ZL(y2pjIL zQ9JJC_s3#A=6(tsz>aV+b^bU9+0OHr_goY}b3;fh?9<+cJDIiL~! zbl^7VbM{B5Ufgzm<7VXlea2NtqGA82LG81%IIOich-8Ky_mGlxR0`|%nqM)OGHGCE z8?ag56X}W}3HO5?gq=BX!zF70w|e}S6BF2FDjeF8c|_ z^!25FDS@qlq48#}zu2+}9VnY%7#vr5<#9O+JfTe@ZZ|;^sCTph-w>mYt1=VpF*You z@oZi{-}y4g;md5@4F(O1Zb9J;lV87$v4GkWeu4AWw8harjbl6Wg z3fA|bdnj&q6qg13DI6G_U-zW;S|=$=G|?c1+!qgwGRpmOm!x-sB*J&iRkImFVA+#;p^Fb)5D z0T^!{2+XhSMOW|LRW<~C_apYbyE>$w;5xrkz8P=zXKxPk2G*KN${6-wfyCz3pB{V_ zBdl|>RS`3nLuU2t#86|^e6h=PXH8EbkfY2l^029^MwR1*sG{8_WUrGh9M6NqLGb%v zJdgSei{ORdZ-eb8*Yz8#$$=F#7tzr77Ju4ZALyokXYq3bVE5zWNae-KW#xXp2E5h6 zj|x0{+NJsdUFwkcCs6ae@{bZ`!~1FM8Jr`` zWtN3?2dwuOO&|k&!}ik36&->ul<6lvl4*@GS;Q{m|X#slz$#I#V1+ z;=@mAeDFroJ<sh8ycP!hXS_~>zf(O(?$$}ArwnLR_8q78FA+Yh z5LR~P&r5Cbb-j@9EoHNPC;G;DIkaB`Xxg0 z*(zT-Agv^EWTd-qWash|)@O_&lh9m0ggjU$QxeK>!3S`o%QZ43wdWT*pes4)Xx@;V ztqsV-Ns2k{GX8!EhwwXOZ;zxeH{%@+9ZZ|$cR1{<)^J&?F`pDA^XYkP>F&61FrSp5 z9Gx-qK80*q7+fZuTtE@C@KlnRv>D|HW@p7RRVNPB%QY(}=v8UxGodYG#c)hB_b88& z&nj7Ok{I>NvmBG1p_GB~%o1qHC(FD~an!cn2RwgX)2g;aWPnYIY&-73_Z^ek>X%lg znfr5d_7e&n&xejb?_VRLBtlSt=sj3X-&Aq?K=%{ku#AYA=>bi>!-1|uvj7{b*OH0* zd17N5FUDv(+sH~%Qn}4-i5$i;vF5SIm{Z|#dz>V-9_c!jS_2GVF*@i~xZ!a! z3X2e}f6rlfaIVhBbjJPOSii%3)wj`^t3m{`wlf!4!Ohq1W`7g-!7my577Y`WlrVm+V-e`v(sZjHtMOxVO@ z#gN`+HGOQwVms*JGZNcJDG=nm82XJy1jaCYtnMwrHUYuIjr$>lUvudLm+a2t%k;^{ zKx^b&qG_~hvhU_r4cAWNw&&`~43CW#@Ki5Rso1CagERnAeDU^@#fE8UGC3ftrP`e! z3>~)ndKHL<8r`E6hWhuRto$I4u~NK8z$`;-#%bzhgD)@*6NCfyYF@ESx7q!#3LDWdT}ZeRGq_x8 z;=3eJwF+x8263?GSrpJ=UJqgbJO5AJAF1y<74z8}MO$y0E=yF3+w=zB7l(K>JM1JR z>v=APHdsu5-OGsANIFflj|o3u<3%H_YWa&L=vlo%^VK_e%FwGMBQ_o0uRarYiLt+L zTT|G3kAZOn{`(awUI zagvSh_RzjMP<`d!3Lb0`&!y%0baO&ET#{D(Pu~YGz0?<%Q+8Ug4&`mhI+DhMFd3@c z-Hpd|#wQ)R{{Qv@a2t@^b!w9}B0@i^PdOB7V7>6`en0OOq$2vIlhH2ngRGJ7Q%be{ z76zD{31jRr|Cqs&x8q891;Q=gJa|owj0^ELuI}F%jFlUwJBskQImVD2Es*ZJ;r!8g zVV&|X`0+o5=UcO_M>F|)|<@gxvdeb zGShKVKDFO}H)jqc!y%ciYP=gZ-d__SFDo6k&8%3FFNeZzRZ=@UFY!dxVV&|m+MrIRu}o)oskDu z`4iT>L9v~Badx-Ss|KsW?xvZyBOBM_EBh5z*VrOxL&pVwb1K;0uu%uO>UQ>TBv2;q1y^TpFoYIii1J(fa) z$PvvHV;i5}cUvnl8)NAkwtqnLOC1pLQQPp>dL_be8IOB66tZG91;%0_!?|&lf-M&~3{ryQf&`p4WKH|$)Ec&3l!O(L9Czq7 zVc1OhZ?$cvl59ydYroq20j4>)RT*>T>4+-B6B+CSLt8*P?==`ZjqqyY$L;+H>2Tl> zj&xV{_&`Ki=zPr%_M`9t8+6^|2xh&BUl=za~F?f$}MMsYp zYlk|A9TZ)}-bpf8Kt*OEoVoB>b@EoFg`EtKCvR;)xLaMvq-E=|TCc*L&~n<9f6C2| zef4axb#2v0a#M6W;AD;VOWl{ zajr}G=h$y}ZC4^klA#O^3#_9LBlRiV(3JyC#4mfUs;^CVhOz;aS}DG>T4zTA)YswF z+Qj*VTHzf1tSW70qoT>q)xAueLc%j&wt+PMvnAst&RR`|k70RB&R1uzbi}!VXj1i~ zRSwN&hXPy7{~wU40pBf51~Bu7eMOix7SmLVz@LCrfLY3}po0RknY7A287HV0+%Mwo zRf!zd1hm@s+?8j7c*Lic6dpIwDPpvF;zDJC#_pbq`WIsm4}MfyX8-Wy_WnMorOb+_l06pT*I z@VSfC0DJC(2-2T}DD_7Nj>BnuBbU60rBX5Jk5WDTa$9`xwR zCO@J7E+5ECQ`}xrp@v=H#bkSHGVRTT^8j?!5dL3)a=hK_$mUp7I_reEPES~kH%>UTZZfNNi2GSmh{|VB?wO$` zfdS`s0R0Fj#&usL0qTo=yM55$8Aor1nmL}ZM%9YJ_c7h_=Pr@%6_>43Et6|DMtD))*%R~B;sT*Ub?bcvQzg;Ki-6s9(l+lSJ>4s=yzl|l0b(n#pn*7E(qmo zT<<$`bho%(VPwrz;M@i!*y8ev(v~uq3PA;*?=BUXN5nhMdo(>(EG~D(wmPo3_ed@$ zo_15z;pfHjcUo(ZAX>HJ?65<>g6M`5XcFM+EmK<ibc- z@I7Rlg*oEeQe9t$r3`pHaN;dmTvbe53S2Bz%tNV0((+YdP!s|&k~q3k#Hh;&Y|J+F zbbP2+X8*$hiGy$|9cM*38Heq11D~YQA?-SX@1sSCSZtD4XH4Cx4%-tqYA!9nopAhCB(+IE1gOpUkK%7?cJ!6=RY8{Ye` z)_ace=ha>3(vAw?S~7c?>3`^B^6uJ`x4faFrXK>22lnAUOe{H0?yqqTE zy_0*q((GfBcVEeUaaozTGs|`{6!Iwy{_2OxMAEE}c*XB;hX_ji&-uBa=i_A`K`MpJ z0!G|SE=RR`>cGw-@1CijGI-1@t6v*;w6T;dP)Ca$x5e_f>q{)=zez+9#pm>N#$X@1 zt4!u16x2Z$BOw=H9dM%0GZ*!xPbz(_*)xsRd|8sUHm6mou!Y^WcXm5=Dup9wt z8J=pnnsO^&sdi@$gd<~(KAdhCjBZaxAqU&wao1}u8Myd8ap~=_S#Rkm@ykA$Pl5?J z*&E94{K2LAG3QJ8OsRSw-z_7!t_f?vD~{c2v;A?8X&_4*9uv#=PT>W!_H%mUf94jW zfPdbxi&TB@^<8F(Lg!Mf5Hzr(H(c#AIte1Zpb@LKOi+%M9t_{=i(3oR)UVfKf9hd( zE?M|C(54hcA6cwyHpqO5XHMx^bW&W&(DlcqzwOh@2s3g3nja4fl0cJi&pYw5o$sK{ z4@1Q|rh)WajwbU=OZV44`qW}WutO`aYc3mJvT$}4XNk9mxST?UcOesj3N(J~qzrK% zxSS8`sG1Dx4Ph6mQNrUZXs{0V2MX z63o+2$@A^a-U$%2_v+DCvstox!IK=PA7T7C(fhQBjLrP1C(;VP9~D{y!U2##VO9HV zdt!?Yt{OA6v^u+-CV_DYR1d6)T;SCO7OGXu!%4Ap%a;wKsWjNSC42B3u+Pz)|0Od$ z(XFeuyCKpqO?~Zie9yhLQ0-R}g_G~U^zYVGNY<9BFI>`V8Y%btU2&!_S{4EIA z-a6kV^DgOdv^^jy7D^tBHgG-AEhdw{ntA(CC848p>ozm0@0a8VRbKBxBd}Pn9h~|W zw)*xlp@$>!%e2@`jtJW!O`rxEKFPM!cNImU_ z6Gpqw`d>)~uE&ZG)8=9`y}Mie1qq^*t0@0p==i@US6@5yKLUL?>W>P1>vs~d0#me& zM);=BkFeoQtJg!x%-K}9=lVU5FG%dC=U6`vi(o4+Yaa+bPg(0UddHu^ zAl+zF2NlZ!EmZ7WkgE`<_6JnW#<^u~jBDA_veT`G(QK!Kn;(BEF?`m2VmWM36#080 zf^OZ#KhYA>=a`h4+f5o)i-#^Sr+tIW)3`q5dY)R+pU;1Kn-6wz$D2>3s?7E~>|LQN z8}Pb$hZcQ*l}G4=a=SZWQP#=-egz+q;mP1P?sqyFG?3kP>Nyd@`JUlrKD#^Y;U;7w z`RuNAqwUN;TqT`S%OzFoN4he^qYpHtLVSKpOr4(aV~*B@@=PdBynt;EBJx}QATH_z zL)xAi)WDLdW5iD|jRAI4i)yM*mRBF1y2h6HGI`7q_-^I1c!$Wp!In)SxVgVxqg~HH zV;)W6Qx9xaqpB@8nB{21 ze|B}*&tNPSOhj)=WDCEB7)klf(>rFi)*ZR{;rQ&$ZvoCc+ov*r@AY2)>d@X z<_&i_IcKC^Ig(NG?vKFVzEtX&X<=3CS4i0x+x(nAijnPAF)!12#B{5LC(kpHxrNe{ zFg&HRl72>uC4BhzZNlk;YgGQRdClMxShSt%d zc9i=`lEYM9M#sxvD~HnhUY1j#5VO&ku4bpxaCrkvUa5%s1?$k??eh0l-Yge3`3slY zZ;U33r+;RGrfF_HV#DkgHRLsmjrBGNB7+~=#B?h4_zq@ElWRV3O927#gccYang6L{ z|G|OINJV~$5Zp^Nrr{|A)?_6s+NLo8M|ikL+{S`iarOdTsNUk%96L-T2FLPbM-2CI zGj%7GYfz*&_G1XF*mv`}YWoSeDYpOFcp|ZCS`@<}Efw>;F<|$Z=Fn`v;WVXmt);Tu zC^@mbhSLw-6w9TfmrVS!UcM|{Pf(vP=qnsYVaDYCxM9QUrA2f;kPtna z>*Bh`*tl+=T&CA7+wtk1O=}5>3Zij#q4bAo1{B&Z7x{1Dp!T#i3WXLYC}j z?8j2zr#?mXlxf9BPEktXtQd1BkB7^Z&sU43E55nlDtrDR9HdomSw5Nqi{B#H-pc9O z0Y=fOyw>2N?&VM75WedoV9*}YdBfL&Q^8D!RkGaR{+x2b;WL2hS|m_bFq56*xup8u z2V%E=IqJxaIL4Nf-Yf%P# zHz{o(F1?bA)Kfrw!k`O1p-FH2HfuGGxdV-YMF~>1wOdoCa=W+HT*OKRH_x|B1o_Y$ zB+Rxc!cYGR@fh>dh}XchQV*G&tF_O2lcpic&-Qh6t~WRP>x5&CHAIJ}ZZ z`i+C*-neU^isu^v+loN#23nfAhlWL~6`KcH%?^p$TZ}9&$Cb1{gv_+M0}hNFCw}JU zCczNxS&iw>hEU@wXAbajwP=WmL!<-=odhUmr|O?D6?N#$O7|%~$v6p*i>wQ<&2*Sf z{0I2|A55p*Sjv!f=J9Q7%TufP*~-B)0f?a3iN z{^F>2IA2aH7LE;=Wwk=qjPoUP7Gl7%-mxT(MR?q>nU0(i@8_4{qu0)AGRc+l4!ybh zyJIeCupu+!0`uxGmH(_Pw3x;_0`g_Gkcvu0DIad<4h1r7=a$;~NBb_L-xsFg^{Sxw zo0hnO0>Lif8n0zFm`(SWVnteLr_IP*W4gH#sZ28M(f0Y#qkD_D{I5VP2Kr3!ORI8e zvag?}^o5*RB_o{FTi-vGRMZ7&OD+GmWd;7yC2k!~sa}V7F5eC#nWD8x8;oy@PX~_d zXNoV1Vo9yyURC5=><*nYv27@57sW|5FIr69iMs=Ygvmv|y@T096X_D0+1Ok5^q5W4 ziKMa6;J`F<%6QQG*_NCj-rsqpo=>wh?kBT&84T14ut_dgtbpg|qx}ANZJ76e1_(CB zQUJ-?kt4PrRwr>DBS^JEN2oPG=xs33``50Szb2CHr-P3uFFB&J&80YyT%E-E31MP` z&`n%s&98A%K&Q^Q+;-Wtk)SmV<05dsyiQJ>xayvIIhoJ=)P zN#`6`^v9>@Fl{{8PA z+XPA2uC}bgKk&VAn3UNzub%h=@~i+h0bAHxgqA&TN--pH4WCiK+m4UbX61_zTiiT431p`Vk8H5TT>=i@sd+-aKu$P$J(3+SEg z069;)4Jn{G?)-j;nooj=N)*R_#4(sp%eL9<7v%PN$B(cMC_i-J$MzHME3l6@uwm6B zlRrNUr(A!bTW1dH>Zx6mvb$CgaqpkS=0UZSA2ZAho0vuHJd&98UwPSd05><}+8nl@ zlgI7XRy3zJqLRS%p7!_)FDTR*SUNv&=!nb`4~`ev^lqEYy|g`ugVO8gbs>I)gzS-c zoKxSAq!aDqqVBdu7TZT2cK&b)jKxrs9+5NiE-Ux@@b!mU0er;}%HN&XhVSc<)xV)F zf>#M8uh;NDGTK=G6i~Q<2nC@&$W{f_e1l29Ep*x;u@8|Um`d{;WYbv6f7e;f^!d)=p9ZWQ{srI32nqoUdNC2G)c(dr;&IP({+r+X#K;7P@V)!)hz~u z4St#!gY#Vg4w}r?$768FHOw&|&&W;o6w60FD@T?vMCvQT_y3y?9TMrU1e5 zNY*0#K0Ke+vZdk?CCXwLwAxhSLuKzs-?32uGB^9@(KHsv$7?@i21nwd^PsfZOp~S( zOrF+Ra~79mF!k(jv?N$4V1G8 zM%p>T2%ls7wlBe_^L^#}oEteL0xw1x87|FJ_CJ9O!}QSy_YPFQ6}XK)$vUg(A?m5E zKBnwovQF!TkNT16WEw7)I1E;+fDxxWOVV^iQ+aM=_F4PeC|6!rXhsC7fYMy$`X6=$ z>BP2i&06uOdsea`yNN8XsrCV52;=ubvyUE8$Ga+;PTE@;tqS``0Z5e4yXr4!eFY!p zuFwzr^~6ZY{v|3DJ`6|d1g(lx!G|DAz^ex@>#DVTmipoF-NaJxqg{g-(;toNZCj5H z*R1RW@Fc4~^l3!_LFi=1h`)R<T=8>b}`4Gn}BK4|~kIs4r~ly?&_JcD6@bb^kSSN{a+&F>#d9e9EO<^>t3_ z|KAx1og0p1-u%Uq)BLZg7!__Tw~oW)wW-XZ@O;HGO;30iTlon z*vsR5Vc3*B0yVwEZ<)&LWa{h_iU%fMY7Wj)wVSrKI_Krni|3dPxKKpoyXA({1hnAD zB$RYs=DxWit;vtg`vaXbBZ76dd!((~>9*7(p~y`0(RA~60^=F3iCkm&9w^Z)K-~7Y7gGwwkS93u>t9!~p7C4SKRLr$86WJ6!%DDMXU(I8TTbV9-r~ z6Cdv5)mOG$OoNg-1=5du19E8`t{3dRh5elD%FsJr-0zv`N*UY3i4xo^tEzi~e89O8 z-PV8?ZA|W)P65Fz$m1*OTU^HFFMBt=pqLf(s*2xn+R=;m|IJT{8w~z&HJQpU4kNm% zZO{s+Cm*Dolx%UbKp3F|NZt73GTcN)ZE1QApLN*JhBwAYY;VvKWJ%G84Vl`bXj-)z z&ztPXR|9PM@r6{UBV{iK14e_11Nz9e~<7KTk`Rfiuv zXCo0GL{`uJgi&Hcm+XaY{G{TRFMkykBZf^P%59GR8SGO5xZ9R*DJ!f634se`X`3o@ zco|-KvA7leRg;|`M#0U}tp76Gy$a=ys{SFQ=UayT!{js5uMoWA&x*YTzNe^jL&2zo zInN(e6C6z2Ux@rxW6%U9?a3~5(zzV-`(SbsJc?mPeLuu5&k|wn5I(AMEe|9-pgVx5 zN>&B_d7Y}*6;MS$EYU~|&s(7s3Kyo3KN;OJ@a*D1-A^(=CjYbq! z%Y;3-h;KaRtBL z2Iuyyx1CC`Y)AR0i(I^l-PYCqmIBXwsC(SxPQyXtI*0TDxQo%9y{)?AJMx8Ac8C0I zRT*BnXiKo7jblCTIG~-b5YFbe9r^xTDRX~y&|U)nYQHNu+lisx>l{W6&bK2crk<)X zuD111z34{R8arl3_tLB#PQFEVl=B>HX70QwY);TlbFX|m9{JG)^H7V(rhYNqZXj4p zbZ%08);7`iu&Z#M8*)=dHS=bK2X~=S@yMUtw}$^cq%ynV$3Bzm)t+%;`obdj{#?@7 zO5-+=O*lL6d^Cqi0;TBJ!mx#IMpXmeykRQ%5@mC-$N#vV=)Op=U+Ho17BReR zTEYNV;zLcTt|}=p?D-mZEK}O&DnSOVW=Q7qU8(qV|8;?9bJJcCGE zza~j{<^q*zJz=RB5$sO7AZ%xQ4mTOvX;<)WXL|tO(Rq3AxlQrTKFE*~zT;MQEP~(=fS0L4$#%?=CUU(4zarc^l>H>T=+7jz@_yivYvyaXX z_HUa{`n-A{2@NnLyOG?oa49$5EtUN1xaePUV^TOAdL3p@bV)Ipoe#0pomTwQ-sY8KP97u@iETzIQl4~dLW>3t1_VXe5GCGiZ?Z1T=s;#*W; z2b$v8o1U(D`5ndBc0P1TX(`ZVcoyijFD-SyIUt2>OBL%^M%9$XiqkK9Zr$tU)e-zY zMLC#hPNzb>K6>dWQ}$U?tT9y){XtpsNUQvlCm&SS(e&^RPxSQtqoCQt3UZ~nkp{wS zHqC;Zma*nWAr(q{f)|>=j2u8dl?9MjdrrprRjR0%=@hpnwxhH3qk;W>_#fk{fqx78gl(2eBU5&Cbr)o9)-1oh0 zJj))PeAr`4Skjr8VUE=!!SCU_V(O#3_T1}tSx%Ah=!!@H-QO8KbZJ~!oW9m7HsUaHRWOP z0{VJl2Fpcz*zROAwG|Gb76BKwohNE$x{!$y9thahSEj|Egmd|QaJ)_sI z899k2a6hA&XV0Zoa8ckPGu`;yRUx7o?q7iBatd71SsG#3r}*4D9c)x5X;ef!TZbX= z?|x$m#eM*GS)RqY3RRJ7bqUz^bSz}Gzuva7BC{YRjs6%7J(!H0;8W7Crv9lo&7;!h z6|S@hJNk3{U}mfgAFk`3et<`Qd6+w{MdXqUFgrhHM2x36GUA1*c5tJ$C1VM@K& zQt%6}r;v!^x^*lu!ve4dib%q_&=8~@lWp#ttgha+Hje^&z2OAf1cVGI>&?-rX(}Ws z>;o7hMTJIR9NJXgeAz8o^~ikF4!8ge|Hd%hhW#XsZ})KF=}TsEY`=2bw@>}#6(+*K zYE3;Ae@NL0hwyGlLS*e)dVp_=A2u2eu8tch`E1xRwK=y;WQ1X}U^!QEL`Zpjlu!(I zFUaYzz4B6b*c;C)r)##wrO}Yos%ru8hx_l4HzaKns|SCjx5ebZ*^*Sb#5b>h!&hYA z;K@=2mDovzPlPjQsANS{c0c!Wb z6y?s}qsMn0^*fBfNtSTAT|elRn)>70{3t*K@4o6sG;>?7UNGW?W*JCu!Z8=x1}Z@g zk#}8lZ&g3zlimocK`*fX!SB2UP5d&7%ph?EIaG2lJr&Hv91(lYPpnadtENeUTkK^7 zZil~?f47I@>O;>TRHo!OT>;Y_Dl}PaLvsubc`wImu@?*4maMV(8(lw8*>oY_fWhl}a*S z{||d_85LKwWeejHT!I9LV8JE0yK903f)zzUa7}QxP-qoSa7%()fZz~3xCBCiyCf7| z*gLtm`+eP4Uf=us>oLw?P>iC^slE4Fd+oL6nse-BVQ$F*?By^sZ$yD3uSrwY%TJ+g zQ)QNI64U9QKJ7C)FaCUA@schn(Eqh&mawtr9UA8IV0JC<=Hbnks3|1l7dPtr-xu-n zu;G0N(+?kc6u)w6sDaIdy4m~Dzbzf=agJr=K3*w>1x@8Y%Ze(ZTjr_Mnu_2 ztA=ZaC(5k@$u_*XfhKR61dr)?&5U$#QB%T=1~N6j}=o#L_R%#Kzht3 zJ7@Pte_U5TfhOhCbq8Bsuz-;%<)eKQ1O76|OsXE81_e{g1i-DH zcNwcCA{tr@Y_9JXxJ%$3MXCg;l$LvBx-GhSQq%kHEeh?CRyZ#^e53v2nMLD~;fVJi z_J4KWucp$LJe^aEA#>z3Y=yJItutdi3f*NR*1YyMjuAilh6L>n<_WvIUqW!OdCY`Q zG;KTw@Ghj_R~vVrAv43t;R8J0N44f;JE1BKmuos>+M_h$dz#KaN<20nFd63sU0wFR z-rO`^o-uM;!eyGZj${qKYdf+Eq(59FfEpW)S!tni;8b4x%LQs#%i-JGGDkx2MSKPoBe?f^lKP1YVtQPK037sras?=2=H!bTHNRU@)0>Ts#1gVObwvxWWliXb=<*v=*ow*Pc;&pa z;YLeF>z8hL>r*@c2y33`X2}}&o$*H_)6b?*J0fcf*=sG`ZfQ27PDaX>NEwIas`#eT z?R_?$tXr@xY3ZGEHelD2MjUfNj4CnDbB0Y?=BBXExFotw%}lFV@vAu= zvw$iW)8?sivF&8>XW{{h_z|H`joCiCQK@yeZx+0N4;ezdv!{v^EHeETLP0d}$HZO3 z=)7ZY?;=u}$>UuHXpIL5)2^ z7Rb#wE#H0i%U%ny9m#smDS5Id%CGSCWMjy%PSv!WDKH9uo`YE(Rh=5E8;y1DXZv+3 zO+Egeb}Y1jV*er07w%hki&eOgs!z-L;;6+1`pb!P>ES>c038;fUv7n}p3du>zjNH< ziw6c$k;9{h`d4{=Fs5jOQOHn=^5@;Rlnd-DzhLaC*%_4{FE&w8nSkOwQ_0B?Tk*)r z_Wi7jHetDpf_SU~&8D}_$npBX!`xjoQd?%uJSl3vm1qT_k3HG4hqdItB?7l{juM}7 zf+Uy2W<3WI-g%gPPmmbq;*(8hWa1L|O<>e1caaecu!E5OtP5@Hk|2HyfUY78RBFUl z;Y693l;*2ypCuOuL5VUesT(_!pjTfPxPZRDRP$Fqx5rYaeW|t{3Upxxc4$_51E=$n z3i*=fw)qv-mDv@aie*dY4)Na#!zGQYlIH2?E0RRMJm+liSNs&ai!w{VdC72=r+Ygv zxp(|K|&N@Hl%%0*$aoWJHa+8oT4w#wFOp)KN+{9`gi7vh1v$We=M{{C+;^kkbQ zhhFK#*_=~j7Y;{v?h)BHzmslS96tqRKTWSQ*wW-UF;-o!(W@PJxVYeXZ~v*4bLJQQ zryS{zL1gcjg$EMy^e(QnpH2KSDXw7CHghnbEw+g9aIrSelL>qQFt|SklEH9`cE9)T ztIk6cbjtv);qQ02P(9*uK=>vAP3c82-%3Jga{>7*Jts=iKooD|G`}So!%s>&ny^GPF{9e|q^$n*vJk zzlo`RhKHD7OqQGIpXsY|PZS$IcrkX1TU6=AK?dESEtDF8f%^=Hi|g5z z&GYGn0cyqtq}4Z#(K38hGRY72os)Z#E6<2yfpQ9+!=!-b0E6LR2JXGi zGR49lie17}(j0#YX3(wGm(Aa{v*`sg6A--y=q_ksgo0k>5%#eD3o5*W+9mS0l0PcV zK1rrEeRvWFxr;!qyb#D{z6TrIifeKsqEiU!{~p`ZBOj7p0)Y8H@)-xngu+DPHuYQM=0Qn}^f_0WmipD`1fUb7%X#J`v*&}#CbK=SCUMVbXhboa zdF&VJN<6^Ln%uQJq^}Eke*SG)C<#iuf*FZL@M!0rvKjM}4N1&XG-JzmMnNxIEp&2k z%nZtOD$ONKC6p=znyzj|Nos_4I~RU6&HiOXSLzhxKFi~+oFCM^DtCqg1CmrhEQjj& z1-MHLekjmrJ94ma(ndP}{-xocroe}GeB5ZbOjh%2D>(90Yh-GS52stNR|OD&#zm(3Qf@6{C@d_2j{(lQ%S zCxR#co z_J;nh>^X&f;x$i{KsU_*P((iUU&iXEM@3?MS^gs$W;sPFqs{@*pY&0THG4qe+MuB!+^)znN4FF+~!mdjX zh|;`u`cAP;&t_4GfyVpks<#B-OI2iKz02p9c+Ay3^;D85UhFP&;3_*(~8b+^>mFHEsib9}I5pB<#d&ZM< z=*htd6<8?_mpd&fcwUghQD7NB+p47hdBx4ucHRrlly4?smO%BhSSgk?DY*evww%aF4HO34%k;uU`a!fRNpqJ$|KrG<0#^+(P z?GWh#KuJ<)Br5Rm=P9mjkJUO!n9h5H5?eqaF6$eGI!Ipwt0%UO`a3bT`#ZE_Cjb(k zOuk-h-A3``ncDmUuGhN|P8Wv2?I+HW#i79JQPP7RE!3-83h^;n*LFm5IZT(%QdPZZ ze8P;$vsqh;NwybFnjyiitX{S>3#b8_RI>myOR0g^7elW5^FzQSlD4;=J_T{lT@!*t ziS?(1AFL69XbOoyPe?-dtgfs0~;?fH|zE_92? zxe~~hP0S~exRnjR!C;@_?_{)M6;2EMKJ<%hPx1Spka+=NLWAG1&H^1}Q{KxZTWp|KtaefFIY#Y$yjTE;LZ2$T#ERR(hmt5R0Wy|~X z)qFrqmRh2jjs>N+U;0c&9K9@fBtY*J>|Lh)YI`QzS1TJ0_XJCj-#y@-rN+1}YRUgs zJMvzsCID^IwU>_`?Nrym{F;{@P5skj$=4|^%jQ*2>-!2v8X?Y~|Cz1-@gPdEC`4TP z`1!(Xp@I*j5(4xr++DBF4-tS&QIt8Uk++^#6c|&`aqAHSEZ9|w)U?XHr5HSt<~KUIe0{+H&kM>bx#pa)Daw?E zcS}U2NKy1WlIs*?H$eyL_w>a6Tlgnw-mC^TB)jOQA8gF6odK<^{kh6%e{VqK>S+t= zl=|bIX3Kgz?XLEe7EeHIW#30A8u~jM6@mNBDikWAC~~<0(-kI(a^%;v&lA3K?|bS9 z$W?j~Kjxi_jMxg3Y!}z%AUJ^lXmpZI=i!+1L8|Ds7&%(Oo>tW3$RI4^pkHzZw()on z-54*zWI_*Hg+AuBW15t^c-!ibBt_XIdWA>xDja#b#dDroGIt3Fls8T4_JLOTtinFA zWJfZq)jH{d(BtPo@lo4GD6rOTRiX1%S5|Rx{UU;|Hs&^@F=d%{)E@zcn%|Lrzo(+a ztM+m*96BajH7jj3IlJadhgqD(KaA`8qQvNO(VkJVSoi;0g8)&I6q?k=cBt$Flmr#^ zNDmBFrne~MUx2}%e^3or2N} ze8Uxr^ovvkeGW`2H=b@zVBwHdzGzGVb_Pc<(OcuC&+g+mR|Pc+;%mIiOGKM7vy?I} zOv`8*sBx?;=F=Et(|1CJaS=y_{dH?9gw5Tu+oO4%uUYVP8$LE!wNOK!uRl z9wgxPHCLco=VwkPOI|<^*9_ne*O!TSXjx$1U+N!F2=ASOWoCCc3=%QppQN^C`mWN9 zn+uJ*KUI8$6OshoQ8Z7xBvZq}qu`E#{1~81KX2JT=ok5Q==X8Ne_qFWFqMM&1-3QIRFQly- zn7)}X%bpV>mzLYS(!0gMD~pLT#g^5bcYeFeot=~_Yy{rcwEBrwDHF74vixOIuY={A zGDV!T*siP&Ytj)^Y-kCz+DU@wyqdSvgo2hd-#T*mvKp< zHLN*w;x+DSK1*vyO-_vCbN+#+6!S^s-9;fUKAQ?%#;;l!nh*6#XxrZ|vH>3)v z(J?}@M37v>wD0pwv%69Dor=NEUvs5D=SGie!id~Q-(ZW*y;8HiF+w*UObD&$y80OY zUecS9=v;SBRx~tL48AWJUH;ks?s_EeN+*z7a#S>&_4YY{BWd?Re2!dxVRvJY(2c=; z`A$6O=1n`FVN}b2!~=n3>5SvSwzAufeF3rh<$6dY%ZxY`Cu~{L#+>0 zTn}3@&RnvOYMrBRLj2H{KfY@!vKbJm1ozZfT`y?G}v>ZvCmmhH_cHIWGBW z-Ipl#Bzw~LOx$O!*u21F$gh&_fFwKN%Z;qOjls8bq=YRu9cF$^v!daK5TD_+qsF25V zXz3*>`XQdD?<2bVtJZ6J8ZGaJ7?WT-)5?0~gtK^JKwCzc!&!e~m7<^Ll*PB;AfhHDL|P;G^-qoq zrWY-#DIDvs<|^Lrud?xMj=eKGYCF++S6#~(UWa?5|9Jg8O6KIbPL`j51(mVNkbTd4 zuG<7OE^_M|@1rHt#U|(d<}mqP92bsh?YyfkO!*RkNpcaB%=QudJqJfOMGwxfwTw!r zy5C-(n0zL|IZ#4D6ExCG3BLI8y7g-@sw0ljMks%feYI>)a(9S(xH8c&|4CTwxOvNJ z6pgS0UKl#s+>g(%=a2OV4JbwJR{Q}~I>$Kr(=&j-qwNTW4GO!86oeg*eq$u6;V>+P zb|ij(Z0U$z{B$kRT<%^VjU)Y7571ARp8GL3yaPE3$E5-UWwFUqlf-w7$EZDt&C6Nl z-j?dT+iM=Qp_4Cw3NHTeF%)%^caK*FXnMrozDATe1wYUg;@c(Tx7B7MT2!PmGBIJ# zkR*=pitQ*Jr}FGWC7Z(^WDSK+5xea;A~4sJSycDDidz7|<1;B+!b!d;J*!1Hb z$W-u^x@t*xKj@+GL?fl#7d?AS(ANfIm#%6zNoR^q!M^B@I!BtB4P}d+$^&G5Ubjpw zjHeIJYzS*}v(Mt&KKmSg7+?q2T4YG1Bm_CnRbqajVP@^zulKXmM9DWmoGYzTKuD@r>#dmpCDVr`$T|XuFb8@*QcH_fk}w& zq`Od@2mMfS3>yqkPV4nY?B<%E0!GxoM#bwt8K_>|$p>x7UzH|~(%Oy}bDy^Xa@9s= z+cu+e_9(Jjvg?_5MGU5K87C&SHUx~L#`b*vWX`3!@sW>fAcU)E2`wX3=c4mNiM48y zOZ#n{*ybd`;A}D4UF>u8bEbZ3a2VdML+91un$Eh;>jApg_QrMYEck<($Ekiz6oeC&>GZt@sdw6Rzim(Rn@G2lE^5C?16fR^Cmq=Hoqhaxj=vN) zCAu=u3Xy&M5o z6|YcTah`Kst1p|f*rLwJ6cHez4#%ANW|df)7!djNT_gHJ70&G`?p2LtQmzDs$4iI) zYDwLGW?u!HEj0#xRhjhqd_1`-gVs+QGtc(2Wt?9<4RY80c)mE&0!xwqp20p}tjW_- z4@nVzZ>aQq9sE&b@ATow!^9^H*_Q};lsjxL_o!2c8CQq#)=@w39K^A92eIq;o%AnU zpMQ6r|7-19Ks6*95T$`$AN<;?h-m=Da!nK`)iEQ;EwgzTV3QC8Autn9-)!$sWOkM(%33<#|^y1(y7 zeG4-f;-GY(e89ID)(3jFL)#rdE2EM(8(t{+lx zphBIvMqrIUVa$QW)EXlCfDbf@jY;aQB=A*?UqgN>g#mk`Sd+l3h^c&3ny{~jfb=D3S^^U(kxv$c-|HKIe+u+<|wR2NjlIqqv+!2S4#a#t+? zY2$1#eI)U1=qwRJNnck|FQ{mycsU(t+;|v9Y)S=!2KM7>C`@0>Wc%q^BIzz1X3)XR zSDr5L-_4DvuaQYX;HnUsEA1>{bx_nH^QTVeVQ2E6N8 zzRDJ-LT3t0W8dt4gs62>g?E9tc?5W=bvX*U<66E36t|Cp=9mylB-+dTN9B_1dB;PS zm_%v>r}e&aE{iI`HRls~N#yv)VK?^Z4pe;2fdU%({rHYlpmbjaaTBSYcCs_pN~Vnb znUZlfot*N0O@^Wyu+GFhF_}G{LyTr--?j`WPrNVre8S>47LnW2eXef;Iy;K|R`j6u z@Fsm-gc6`Zv(&R>eON#Ul?SzliR0_o(M5H2%Aj9?h;NZev4&Sb zww%S2!TKGF5HeZ-XCcBE6J*7OL)c0CW1%=YB@IHP*WVn#_{0YL2 zfQ8<{o>EB@@l*)~8Qz$EJVslZ$7mn=be+tc6R$*4fxdz+>QX~$i_V=R+;2+d`~|fy3_Upo+EB?ka<_ch9nTt}!^z}XO3yU+ z;f|J<$wVgGnaj|J$jswmbI6Z;Ed-c*@>fNAL@1Br2q5E|UkhoYR={v(OUx94?6t$r zQfo1SD!z;c?_tq5M0-cw6@6V%kTs;g)Hm+g5na<$-FoC(+fm=7_nO}p%0J!}b=-^W zl6j@Z4FB@z;`U;B|7m=S+{>=)AkfbwQO~$0eYR`TGutWy$fDX$D5M|T|Iw9To{3P4 zZaXy%&Pn#U+yuI0kY-In2zsC{UFN>kh=j82G^8QZ-<)ORWrMxI?6~jQBIeypo`l!# zl=3ecE5-H&A*L3OJil7YiGh_~DHH}|Udv$aKo)LjEDMN`yF1T)_*>C06ByOQY6H}p1k84!h(a4W4QMn<}i-fYM4 zU#N{-q7xyryrJ$Y7C6?J4{!u-oWdo9i?KZuwWB(vi|Jef9BD)2!nz(p#_q^GJqi}tQ{U8qr#G^` zVu);w{fHKxes4QzPFWJ#l+-70by)gRV%?yLfed>^Gh_cx*>ZPM@Fkx$nbRboY!Zrc zz5aeW7rXtvp=qvb-Hx!?kZoMo)ye(vuF&>Ocn;U&=NgjBDbA{kZ`tuMY6wg3Kp(Ix z?_qGx3d~X4Nr$GCAqv!=RMP%O3?(MWJo6`U^+?l110}g(dHL`{loG56LO3sn%A0-q zO{`&bxEF^}OgNa3+y*!gP7OaMC*!EngBEZrwnU*twCU3p1}McUP-*bN#W{5J5AuoS z1wxtMI>PgpSZGTqHE76fIV#JAj`bu8oR}=hOE#j{V*DO~sl1tG-ja}OmC|!ea}a^a zHF&2y;_I+Wh!2(J!^5(XMH5VxYliH5F=3>bB)goHkpvH%_xiCT3Encq&~L?&4nA`T8eb`e1}+E zNJ=O5fy*ck`CO<#zm(Xt?kVGj^$`}8Mb)Nm}SX}RtCgxftM_MU#P64 z_&Y9>h|bW7h6}Xj1naTf69qZ)&OM8DIDYTy0zxHVr~#jvW<%tgQyNFQ)s3%yXMkY+ z-c$T9!j~io2AM1-p|Ra?#12^vifBKLMj-rR=AF-U88MB$TN%pu*56IKHbf)!M1O<0vqc`+&^dz$L&Z&gqpH?O1R^UA zj5l+|f}VloXm%L(v@=iXPH?!@6>mxUIXzMEITHQNVQIdK*Y?6~FbB0xT<=zw} z66+B+?WJhYhu#meP;yMr)+fx9jXW%Hv+ z%Y)1nRF#=Hnf#7Z+_QXwsNYIIp*#`37`_+*8HrHYshZp@0VT0p42n_5xgcbkfEt1hLVdAJ?&yCV00ZPzJya=&Q%S>k5 zPW8ps^7DNg~k|%-Lx|s;-q$Iw#3dbUe6h9 zNvvlE6(o$}Evg00L?Rrp_pzM|rB}3q^$D*8jZKZa6a0X^8jT$p@2>K4h8QmOiedNz za&4s>{gK%)gszxwRD76)V3SOzGby)LB`9Wr@;y43ERO{&*wh^jNU(yUjz^d5h>8Pe zGLaJ(4Ri&87218)UvE3dM?BgHW@t_jTv2Nj;q!4v-eKlc%w(UJ3B|O6>+G6m` zx+~~_sxNAonT(5-Ni8Z#zLx|=wgNZOkU%i${wGA1rLXL0>$-TdgqYlh1jEPcvQA0`@#hDg5_c0Nxk zk)6JJEP65jNfi@)cF@2a?rACCit4SKoUsgcKDIZ)moRfj>0J%je2VZWld>$=@6|+l z2Xj{l02p74$eoG2tMF`y6Fx0)*~0X$@1KH5O;1MGqV$&1vt4b|coMSHEuTGL<{!a5 z?L0Zo@3p>mmL2gwdKjL^JiS2VLS>0k>oiD z&}P&=SSQ2oN5g+ewaiapB7;vu#lp{TwbPxiXJC->s5?oK-qwbyh!(Y%pzdIVyGlSV z37Z8&@T-YR5LBBYQO53u380X)i_(B{QZ0$GP!{1w@!(tR*dWUB+67Ds7#ud_Mb6w4 z@vF3rg-)$kx=~`82G^3hpE?)OMp5s{SuTdrvqg&yzmOC+OuN}}QQ^xVu8`%IbGI5~ zlHH~9U3nX@r;ODNtb&;EWZ%kho^XHmIn)H{j68kAHCaEr2U0cBcBitUW}wg2&Rb@QEm>Z z$}*)(!I_eDq;}n997TOAiB>RF35O@yG8Vq65FR%~BL<7KY2jePMXE9vuY8^zXJ>gL z!lPucAAhx#Jl$Xs9XwoiG=^P|qGd;k_N`!_^CVzSWcU6a;z1lT1^=|*<_tJwJ!JhWC_tAzcO~`$+vI5v2EUT0*ZA+W_t{>n*{o3)1!ee+d!@Pl7uQV z@}^w6l7pHuQ)1IbUMfVx0tvB@qbat2$>SYuGp*$e5_6~92H%JPgdThJnZWui?Po14 z5B2*K-Oi57Hcjr_0|Vvuoo;zX+2~z4+Ie`%%i>8RuYBO_h?N6<=!gyq2`F|?BEo_z zx*`gN{7kb~<*4`a?^l%a4>tx{VuccvXSAhI#cLF03B8mdh^};G>~@y$*29ZZStLJU z`S(TV!!^&xIzwXH1(L@Y!+NsL%7m?jLaj*yxm*<|0d@uPI|%{b^zx*MlA;qfYHQ=9 z)&^Yzb#HfwRBiPVchybTCga2qB&zwe9?hz37h+chELY_)B-L`$R#Lx&s`OwnKKA@6 zQ5{rtzOR5C+q(e$khKe2{Cu>=XP`~7pY2jLL0P-Tkj59bVKOr)SwlZl4S1OY*emI0 zyvfXrX#eoiPDkkv`<5@SDS&UaQ|~xNMa9qIw$;^@`c%VeiIJ!ud*g*1eH32Yx)WGk zs3=C9Jt-Ysoa$AD1(bDzi9it>f=^?&Qq#l;yZjcSNE6G>hh&KpNs0EuG2(+DNC)G% zg~&a0@0#&jGmf!A+;!sI4Bl2=tGN>Eb#8Jp*dA&{6~_e@YZKV*qfh6+WQuMbn7^M5)|A`&002@(hwYo)@j!ZnheFD3Jv;vM!R)|EBv zJmW$PL9j1MUkAj8Q~Mc=4L`zLw37f5ngo^30x7jDmQ$89(H%31P!k9Mr`gbBpWi{p zqeXT;TEkUc&m0ZK3iSLD5-hBUzZX(V^TatE0b8^_mT zK8dTe)ApIxoWt@QK~~Q4?ESUWrbCL4u5fn36Wp)Fa$5(-<>_Ir&P?ybMtZ#il62^1 zbn_;#q0%t$W+lG2Sx)T=y~SXy$Hu27GNNEJn&vY6-JD8kxU%kP&C^(^9dwqe_t*=A z9Kz9R;hB|q@cMI4?R;LziBQMki6CTz|3*IE`rD3AbsH@7?*>7L9_3vITK)-`ALqzZ zRKf;SYWPz+HANZU!td_#t+{GbtsF!$$yvf6Ej*wU`=WnvO3bi- zi}*r7Xi7__H3bXZb_#2nnr)**rXM@HG4z~@ND`(ZRhQKJ6#L9RYm|>cb@A}g|TLA_ro%>)EWrdc^ChlOJ5HPZuk{r4vH-GN zLg=7q(KW5S)%el7##k!iFw}k;M*b&auGcsY773q%9uo{qtW<|}qxLE_YvTKRViXbe z6F~cB;;lz%h600xURVitH!HN;J!48h&-|(x&&-p&NwhX7J4@5VkM;F;D^hLVhVa+u zN<3?K#?xbxm%R0cBqUn$}i^8r+r=LYrMEOr3i_a21b`k~R zu=B~vDH)V@=nZ~+xAQCBjEBF2?H1y9zkW?b$P?IU_kCS?%I5BIoi){L<{pk>H5v6i zr!yZI*E)yVe_3`=h_EI zkIh4g#yEHa{C63$<4#?L#lWRywOi9b14Cyo9&^eFA1RgTV@_Kgob znp1F+t3tBG$tqF{%`-y8V|=l9acXHFn*qAlfcLI<3303PbHWJu`5FD;cGkJp1-3V< zphI}N`t^IhosH|6YSaR<%eXcJx?Zv4c#UloaHe91R5vn0VnUK8=}T~jcY#)hVhK3; zD~T66?fvx)21whIwJmw&yAu0VNC(*QU1EMaQwO~ItMKM(<>l=B7yn)=# zocFMnBi*5Z{5-1al3TpaiNsvhiRBS?-chE#-+_u|rN2iTw;zGShru^6!4A3dYItP2 zvdlLFcH|;$m|+G>LwA|keSUhnK?3Dw#qBOFLSo7XiP^pb@pp-qFb#&b>*B3{83A+i zcbNX_l{!u>h^q{?ZiCNlb19Q)uz~|bA>w^mu!>dd!wc_?F(y8qGR*d5si6gGt1aML9~pHt*^5ltbZB!{-(gWlzkVNnW}LrFMLqQd9?d(0n*Qk zcy4XtSAdFAA|sny+0VLdcZd5_K|yIn*-3iKiN!84d4{M-bKZXv=VYVw6QE(y;nPxagfTHcrMFT#23ToxaQa_B1!QESXb@Q>G$0ilCtRB_ ztvd{K0F%Y4ZF{LkIn6X zrYm+>S@m{pU>1Rx=V?B+C8yrU5Y+`(;Pb~0VJgDM;{+;FW!sWD1db+ zM(`nWcq-JkQ;ZCxGU`|PoqTaFv}x>O6jqNBx7OY%SiicsV|r=~`zfU3g9}YfU&=!m z)Uzju+9w!S*RIDurAvvuNv2q9SHys)Rppnac^?lN2c(?K?2$5jJul*QnatT2gLT$s1gG6QrGZ3Mi5w>ce*{9 zm;4k?Qb-}D)68EnQ%3}d3CvQAEDIw(fs*w^fz1Ij)LzKq(Ujkc5+60qsZs(p5gF)B zraVcJ)0#;?aumry<@QBm+7Vnk;O@yD866urFIAS;0&%3 z{9Y<0*St*eh$9(+UC%kJW%i}ssQW?e@V=0&9pe7xUzB4*OX>)N1Y#4{C3l)b?$T~nD7#A7CJPc<*1tT{EyYkv`Y45 z&V2i1mSx*%d+JB|c!%m+=-!wv9fW2dNkJ|>KiQ*15a|IsG^JS8Xs#iyL43NXg>Mk7VU0{98lF7{pBQfxZ(IM1&9 zcEY^~BRz(ArHffaX?F~>@(N`rSX+MYLaU4Elo~ViMTi`XCq6eM=y4qucHU5nBxX? z{mPR0fqPZDA!KTWzdXS```}qCW;+^QHMaAaY6^BV%lNkw>rqmM9KrUs-JkN|=aD~N z-$*;>3iOUMZ6t?DF$dy+3cTo9Pg$&%I|qDkB{4uJ_tNo*dMdU< z(#ObslV`<6V>m>MaOg0fI36sm!LG+cmd{>%xEL`kK^h zQwB#p;L+?y&5NYM3!+E*=v?gEIm$MnD|XUjcIn@N<6jb3WttC5lLwQ%`B0(hGzEtB9EhGR(i9lyImC1V?INMsw^+I%d?9SQtLdFVng>Q%t^^&u#a2aZA^N_<&n)n|KiZ^N zhKcN9sr!=HcVU!jpLBAZch&zuhe?=tbHr+ee0PV zooWO(gnWHB@k&g6VUCcEFMcm%)&zvz8Aci;D%&>4x8lIeBMLdowk8&czTG9Wz_k7a zd@FOZ!Ek(7Zy@);9+PW;c85vFP#qA;pPI1wmM6*uq&-*T(5~M%kzLcG2jgMxC4RTt ztdN1p2UIw6kFSY;Z%kdM#n#N*%X6N-5vnQ)ZfeAd8tFqx`|1kT_7VB9rp=(muxLbm?+Jf7?&$z&~bOckNfLd zrIU#4u}Fg2`d|VkSGX38Oo%^l4Phh;2^*?Gs5>F%_v*z)KpwH83+BcYz*){R*L+Qz zvMTvudad7qR<0BOEfjS(P1c`{XD;0zkBwcYOv-N{)N73=?+1+iy9$>mSfj2U=oO5e zj{Wjo+(pQJ@RQYi&f(%-lT=QuVglv}Lwc=;dv-<6alOZJ{ivJ!DM}8R|09OQYK_JuYW^-$mGF%J;X4G-@Ql+reuY1Yy z?7y074E!bvjeS~?1ZPxowB|}ufSC!CNh7r6T&3i_cs)7E*&Di}0WL;eauOv+8r ~ z_k{3G0XitdvG3ty>5nW34%a%d@7@)#+3fiGR_%mM#}C`;umyps$SWg>nXFfavsEez z`SIr@?`M888GkQIf5bO?V#@(6Jjbfk z`fG)46CJ>L+Vu^VemVAWt~=18{>(kc?cbIWx_=~%bc2>#vg}qO8Y_gK$+|n{;rnaVZJ_#qLFWIt% zM<5P9W198NV!8p^t&w865>7I<)9V3gb`tJmP0N2C=9!O(uY2zB@W2&M-a8QW*X(Pb z)Fz(qGKdASgb_Eok+;=6mgchVwN4|h5QN7!X$V)IapzFojS(bZY#2Iy(E0(fAte1^ zGyY7Z#q?ce#V*}QgRo>a{#ak~{D!Ic2nc-ObbKt%3%WYcdJ&*4{`r%TyRTr3Q2UyP z`2dry4tHW(+Q696PsEoqlbqC%wAwn~?dFOSVFVn0>o^>}zXo%z6QX%=zoNZ;%=1r{P&ZjjJfSI=OGwc6WbU*h=|JH)as!w+%3;-j=e}yyPjtbE z{S>3=R&9Xqr}QWb-q_|-^`S$|GT`O&7KPoXsq%Mq^Q5VV2?jJ*Pb;$}>cDjurqYNh zp0Tk7!PFmS)RM+&pY*a)8$F+2t(~?B`ntPkD$K(_YMXL_wxzDzUj)4Snw_p>d`tgc+WEe7H`-_KRyRDU{^WFN*Y|9wT^qoiAz+Pkh z7szjG25~kncSiLbH>ZI@1?L*UwA}VjZ^lwfzFgJKM-D%HJD&E*A6PJPv%KA2~W6!wK6nsH1eGH4cl!0>X`mP z4)4Eb^~gg*e7K*WDaHOvgZy9Dd}yhP98ediRGp>&H;n<6gaZvQhz9{mnlE-<3A*Es8$#|LiyZ#<%3ZCjn}yhWq-Bs{ex1`S1Vy zRt^{@vaDszlSmt1H(kZs1fmR&yDcYKRf6v=?~|BGim?xOF5E1!-PZ3s_<{mP1Yk|9X@TO zfA0V9FA1DK<#&u2Ql@`wnGlU-IVvYp(y2 z>1xNz#g)!6{$JN`hZSmwbTTV@b$7MRAnJe+p06+!nlEjnAMg%)-}5h;^qGR3B*iSA z5$?l(#j*a^_k{Lq0~<>G=lkOJf7{E>-~s;b|8-Xmkx)*<(&oG%5 zj{g{72sVe=5U~9!R);MS$=)P=OgtM%w+zb6wt%VGK9u~^eoOdcPtm8=yHeK|8o2fK zPXkNdteVe5j5k{oM4k6{{w`xfF!t!DuWl}nTXtvTD-w?rj&`2g^ORS)XfrW5t~I-_ z+g*EujV{38aW*f|ErYm6G3fTAW_jY(>BVyJ=Rbh*V_z>H!c&6r5?nI2(J`tSpFewI z#vx8a#^H+!tbZ0LJ&Qw8p@yc2nKZckkbpB0vOI~(^WDlEXnX}IMk~wU6Ho~Vv^F@- zkMT6GgfZO*oP4E3FeOR>`~!hve4h{MTnZv7G{7uH09Qs8Ah1S=J_gAPq@cx*aRi#+ zfkGe9M@=UvPWfO5Il|Z3Y;57nI-^WOVPb{)spkP#Gi$oJpjcJ_(EZzO>X0D5<)+Eg z2seAP8fhp!c?`g#J%LU?a}L#Pl|*_vuVuGh0!80NjqEL;_4z@oo-B52FFrcHmKYAa z*F<|U$8&6V>)q?06CFuZx1qScW)1eM9mqYd`D)8fy$i$$->*3ff9Fp?-*YsA&2uzE z;HYul0uR~sI$4>*J^1#_m_GnOfz#0?Y2J#BbJzBfzQ@N`aZ_9dxD>EJ$QTlqp3J5R z%MtE+t>GsIPaD!(tp=!=WSs!Af8x_^`ta2n>t2Oydm)Dg%$GZ^(2It20lB>HB*zUZ z!=v?(bz%=nGpE`v9QH!qm#xLlf+7vOC*!h2>l75H7ypN@_l{=s|Nq9TW@{Bi5LC6* zmYPLus_3Mx)+jNWTD3*QR-1~@cPVNWZMF7Zu|uf6M~D?$>>VTb^}avf@43(Y{oTKR z^2c>@a?W+-dOg=;JWqFf%>$JjT;BOm&JOFkS~UgzPS#mB+63!aiLp`|3K!RJN)QLg zayPCXY4U-dqMSQk^(?aOORIqrP>g(~lG*0ABCxdTEA#_>f!kFBPeelxt_dmxoFCit z#UHc7?I$W6Z5y_u7sh4n;&kLj^) zd6E~dY3zGy`#V$N@N=C8IY&H=G2~0#@nW)&WBeNf*WCPyw|%r`UQJ{s`upT`uPMND z!wvS)O>VOtJ9+KJVU$EYXz|d%#BssE%xfWz^SD33VhuD}cB#&iMHsI&-RDG(FMck7 zTJDnC=@UWmlWzGF~v1=pG1GbE}glYYI5VQtOMsnU~NX5&+#fmO6@N-h6MS+4DN#CpI{s} zI9R#K{Nr22OHV3PP)mQmoPAr`l}e*y0$u5lq>~$e|E0*Rkv6I8CMZkI_nAmlrYQUZ z^mo*`5NqK5LE(b*ntnbVFpht}k-0$5#$iLBg?~l^yi=9^Ozuhyy6fh}Gh2A1q8+`W zj6VpTmm%nXWZABlJo45)U-H*q&4w4;I?4%EI_U13ds^IJAtUUa&bJsqp+^Vx6j)q& zqKez+bFO83zYR8qMau>`xngz}*&W|A4LT1E0vo*5MXL)yvbf$7(to!4hW$Zp?mhjTIJN{jhG28_^Va9F?a0bf#Mw)-$Hq0}+({ z@VYOuI$W0qHw2ulwGqIc;JYxKir~p&Y&;k)=OUTlkeX3f7F?03k62v7RK@&(>XvWM>Rf&V7*X5uxhk6&+s|1LBbF|L8C+n> z?6z>_gov!}t~beiEmqWCbJY+1`RL2ygVoQre%3)4;J?InzxhAIE6dIYmUiD95!+ZX z8M)LUX<#eQ1RU+^#xK1nK&;7Hv*l3akKX^uGA4;mJjo;a%Kh~>P`AO|Md0C)t}V*E zs=igCckZ}OIAI(^s~aF6B*y}oxloB^QKBKzxPlTS+bwQ1 zZAEOqOGS*hCOg-ANq)0XuimUb38JDQ+C<9#usHQ36}L?SUNao?7DJ7oP$6pAWC3Pl z)nmf3(xRwIJ#?E!n1yT+*W}{1S$7yFXL0l$8i$>=T+6Ry!F}d)s%rAv>(^W-~WB^L+-^>UX zaD&x;PLsd^{x8pwJAXy!=|II2wOh?E)L_(Sl0~!k8;=5c{GO%1OT;o9Wg_V;nS?e` zGCd3_k{0i3y@9+<0Dgm)X$8f|WP)013Z~CyVcwI`o&x?LF;u8Xy6-^UIeE=e*^;KE zAJ(s>+@f?q|&cIqEp?OnI;6H(8*BJB7l*?D)Ux>b*LGenb76%k8F(iP77! zQb3rm4EL}^wO(ideu!QdNaYQfwF1lo%nBdVh)9~}I~R}RnP65^%J~@q$L9>jNt({8 z+V*|_F1o}lH+BuA>sn+9Zb~oKw|fhVJY?w=VzM% z6h;_pu;Ti|Ukblt6TCDhq$ZmaYLWuFEO8Rrj}}4j7_zabq(Sp%sSDg>Mn8}YiW!nL z%TX7jv{BX9(Edxgh6I!;f2h*EI;yOqEp??mETZ6GMVT-VH!j`P?eEQm5QV6Wt^7=2LCm>pE5g!>fLFI>y<$QfWR}$1(y%x1wCQh*Y)p03 zHXjc}+48qltrR+GdKsG{#6m4*&ku{1A%0Yyuu6bFP(eM%iJKbR_oY{B1xStZnD4Q{ zsC7XuzzaJg$s*ox>UOx2ogTK+b%z}7E#Nsrg#`57;j(eEQTr2M0b9{E)m>C|OO4A+ zAbprzzc~KGnwV}vk%d!Z+`e79-@zq&2rTXV=ku}zg%*79=~SIhxB~Ex5KI#gBM1%= z6sw;na2sLU-HDCrJ)Vkl5yH)hKM8;;9h#i8n-rq!!-e2y zC7t4oUH#lJwP!2bdzSwFhI#NjoxBrN20)v?3mt4{)LRs-xt8qOIQH}2P?Jo=e%Lmy zswt3>J|B1k#PfPl+~gS7M&&?J9FhzwX#XCQxF*L163)xmy91ALh0ZN;pE2vD1*702 z&qoyS50W3l3Z$%WcalHqF1M3EiY?x7^jl1_d7xN>4ToYuhGkJpbZekpltPFY7;4#D zwPdVr65C&D(<>=w#5dFOcK5GHdI%!=ppR?BbnK;?TOX^=-85qz0k8Kn=yPz0XettP|@=d7&er7aT!qHMi$6iTz9JDu&|)%IFs>s4I5 z*vmYknzn{wOQY|yOY0xP+A!ioYK>)Te3rffp;KjYcids7G0;*>O3#?ym}p0xu6A3; zq(54Ad6JUCZ4|IKE3%OpCC;?2&7G#?TVSaw^VPEe3neWwKQ5PQI_* zcEGwudNtYH9MTy2~+#(mj$+vqK^M>{-8tsWnlt^EQ)xo9&s7G%|ga4&xn4Vh+40 zU(mSANYfS_a$dT?w)anV+NvDEeXviSx)#Rk7%l~4)VvRi@DJk%ltRNV&?%$J_ZY(v zsK0yEOt!+hHYlq-OVZp{V`8IAdrF1?J}8i#&_}Cziz=LH@fr~%SH^8U#7Li_Ey*zV zTive+H`aM%ftE5CYXlRo!>9QbZB>%yCHht`9kqh`PNDw`J&CI0w z#Owu8_<4q4l3Euvgc#8beiv;yrO&!x9PU!q2zsWx#tf&CL+Ops;G?Liq+ORS&K`>3 zn`=H2sSlT*3N}TmmK{@>gCE(7lAE|-^1C7Bmu#5HmxGmcdBJhnU~Q`%X@S0|`#8b% z>~w}MTK5b=m&_vnn#FJSLEGP?=zOZ0X?P&RE*3*=8bJrx&$1!@R;GiS0N0PRjcHMJ z?Si+7I@hxmLHA5>3CLc>+hK!iz38_Ou=_DWS0G4*G0`02+2;%~?b8j~XCu#bH395@ z^miJ_Aj^(SZ=?-Ve;N#}a0?z97{t+geS`(a3TM!{lQ>fw_%i)ik8ieJc4d#p z@u%``k}SIpBd$C@1I4k(PNd`N;=$93EZ!k*Zedwjd)dGbmTguwSjov!O{SU8A?-5^ z4}DzY@bF$0%~PP18lGAKN4dDP2|WL+o}BNQ1^AV(C<@S#s6CkpAkjXvyFBGPbzeyM>4F`MDCq9z86$5f z*PU=hVU{za9#F!X`vr|;Y?htLaTfOc>(*xd^x!T-K1xeFk!vpBG?eXHEba6efZ;oWZ@lDPr=vr{rtyobi*Htk2V-WW#<);?J{KLxrifkP64LP%{C+)=2eYhArQe z`wHXuhUfOj$6Qgl^AYL-fjly&27UU!jwM7-bML>kt6z|MmBMf}s?nX|tV(fy<~+2G zi7ZRWGJ1CtfS9g@HKRoR@jj0fDKtB(9B8sT1GV5hFJbn5>Gon(-%y|NaWbL z9rco0!HY`sGQ#rX55M+C<6!gDQhR!Bd3WshASoUqD~=Z>UY1&6Id*f3>FtoFKhrKq z`EN`=J+-@#%8q*}gvkOTZPC?|81|AmOIZ8OYNKa_G(}wOVi-wq<-tGm zHRD});;T06i=F%^iZfVL1a8e;l50FahydBSxRdl{KA5c*^ps{qeUZygR|V)(j7GE| zv+g1NeBos|7va=td5)lner^%E5h+lc{pY_A&H*t2o-;+at>Gj}OF4K!WYpqP-pl%*`~{Xz?xEAH5&FJjlq? zrJ2SDX}=Z)jRWz4j$u0DqWa6Ib7S=UPZo6T{Q(}CicY~i*MY|VSm@81lk!W@F-O{^ zZw}_)eA7C+1Q+SO`wnSvRB+mG8l!%RF40BwHf(CH>*bs8dKOOvWdvQ{TWpm0V^y3_ zU(v&p8f9SFsUDYgCChfTD83e89_|t7j`T0UT|`Y)q_`qhd*YtN4oDs{G++a{l|c<- zOwHi~RpuE2qaPoT%yPT9cY9P0tuDMLi@2Kq%83DUI z!>!p}8heg(HAhw9PjWlpTWS7QdEZ%k73cex@_2siI&?Dbu`YN{ZS#a}+pfb@cYJ&K zFkU5>yM=cQzT%FoN3SJr@r20DUB$6HDvOZ{4;Hdhme{>`rsZQi!O;GWIa>wtNJ_%h z=^bfX;j6;mrOV`q-s4c!(Kdt>{fh7+n~iE=k$CUgV#S&=sG!A?BQMg%E}m{LWk(Du$P0Yo7#iC0I)h)@DJ=IcAd{|q>N!JMhv); zulmNGSNvblb+Z1m_4Am2fl#yb94+Pqbw4F8%lC~gp8^?!J5&xQIXu`Ki!^?BL0(1h znrmCWXzasEl;|le#1(Z?;cleZNM70PL|&w0L9NFikekXuLIfA^T)ZcZr zxH#fo<#N&Pw+hRWKhNJj~JN z`rM4k9klgVGvIZ$AfUsN-z|)ulMMiYTwNM7B9A{(eNk8H6ND+igUbVbP+#-dQ2HHK z%yVz@Iey4kOFf(m37yJQ31#ZnNV-nR&|Q?<$1-6>dn~&2=RE7ota@G+D;DW+tQk^d^T6@XE+i+8kLM+AFFalxNeC9bZX)Ygtea5oBHHyicZ_ep*yUI><< zQ;Kd0^mbXb@U=dX=`kFaJ$w7=75m~v$9q@%sOg1_U~$$7!X7F)cdw-vKbqbqwWGQ5 zjblI56iRv{l)ttVFJ6l(eimRMR(SUXOB*w49^xz&o+yzQO1jYEWKOfw#Azb|R(LMw zcrDudF^r`RZTf?)#F63i&wyAxQkQ9_-<}LHkdWIK2)#IKa{F3?oaygi#6PLu$F?uo zT*gV*-{=t-ulSrUo8<8tuzW}S${z|$8RNOvgOx>VLA0=uQuN#@`z7S}ovy4B9)Ft@ zZlC0Za`Z~>g&PV~){TX-iNw`%nMVDi_bd~~%VV!Tlk00yg<)^rYYz)^c&*2%NtfBxTi zWZ&;g7WW$)Bby=(UnK_9M1NwI8+N>bV+SUi!7kp_z&x>eLyhz{D3DPYtWA4zQxQQN z3W00YcIui6D!!|2ISQi6`4y-rnQ0Ny9C;~=OPedj(?vXz8fT5Jp<}WJy&k*wk^e#o zRjT9>41z5REoQ=+BQAz%p_BOgs$U2uiI;_*za!1_{E)n5IfhLNmU^eHDcZ}!v&Rvp zV>bShpJ->Aw)VhEa#^Nlh0pzlAnfb5RoI6;YmzlTI!`5~KivXNJ&U7g+#+`Ey!D;p zNdsLd&3IvqDp=OL7QPnd>q|FG{mvKYvnHH7 zu``jR98U{-=k=_DVADH(-u`QJF-;LhFOF{!wH!mx3XtMn5*m-*N5h!<Vl*M`Ac_mUU-d_Fh0vr=WEBBYCFlzcMH!sD1T8?3MiE(3D8S*kljk0O>HqFNGL{V$3;6sF9$2b z&~Y5h!O`ou$Yw9Zq7B)ZFK5OT!`#qSPqLOpJbE?!&Av-mcEXV#%?n*swOL0Jl>K(z z_nCX8YqUrCR=sT}e&yC7ROr4jWF>Qn@Q%&BkijVx0?<}`20v=ev%YT=6$xQcnOkz2 zn(Q7N##`HTv|8;hvUQEK-F8k%N~uY)qbD*g`Ha}4+~Yay%05zfW6bZ1exPI2?=&I= zo~g>#^ZK>jRouA5w<9TFs|HhI8PXG!I&}GV^L4n5Sg`$~P>+}7JR)>UOK{}*s#TBV z27?ESJo!I_slM+Fwr!bo!~CT&(u=cix%E26!$-Ot|9FUftFC=BL3(=a6l+-cAlZ-p z<6BkzOTc%NKAFUKFVd93`W;j+44o!Dv9Kl?h0M}Xvlafb$_wtCGIJQ74DG{gI}l2q{L*E&#oHnE_Hvh>N2U_H>xci!J_# z!Jkvl2PSNg!cQ*>ek@Vsz)eh%Kx3Q}-C=URgVO zIBS-JkjxTuAGLLA5R4*!Y9X_xJugS4w#INK25vjc88k#urQ2UJ+k3?Cp*Tdu$AEqq? zq9-S33jYHeT-*+k7Wr<(;#kaIne#T6=r(STQ&zg&+M_$J98a)O6PdY9WsZ{~MpnOo zp4rOunCCH;Bj_^33LVxr%-6Kfiiq(Rq~P5oRbJo{Tk#@Ml=VV1JUi;)j$S;L46cYh>z>x0Mb zcfnc8@bNUwTQR-WEm`Ixt^&}@`|@kN>1-}E`Q1iY$}CzC^hPtY+0bW`x1|JZm#AVB|*zPv3cc}1V!sN zs!V#u+1K6wpfz$7y(E_xc=lJb>h?G=bQbd+Xaf1S#8+c}F4uFsseW76yfGg?Q5y8b zQ62@EDzMXoF5YxY^eIQ&&8+2tSKpF!$|=Qht~$>bKQ+kM`|-7dl1Yt`oNd9fh=80K zc^X_(EL6HHvUYgy{xVpgY3g|ZO@^Ukhv0rl#=nVGB=uLO62iWQ{qt0Ip z$52~lh!MzS$2!;M+-E#dLAyehYYe8Hf!3XJ^ydXdh$nu)i8qEfbRbp zzJ9w(Ri9_u(V&`RXG2h(5tl!}xH>Jw8@OOLN?^~UMsHKhrz8)C6ARBIS`D@uF51^L zT*zg+YE^)|=&NzGVk1l_>2%*~m~(<|?*9q;#s-r8P)6ZA^!2w1JGM6{id;xbvUi1P zw#l4yXKYp_nCY5H4aDyE%4`k4HfPEhmI~YPqSJir7d|HWdK$rL;x9z~rg-g-vsYQx zU6`rg+O^|_ORr@sa-K*? zaHFPYaR-nRC(n^0>RABxkK1rDOz{3NAh7Tsve9pqe_23jsZT!rhc2rgeaT|WbA4Z) zAk(Y5835hOr~KTNFF>procnD?)yNu{5AQGc6Y}fvcjG(!_KHO&UpUYFaZ0qA@|sM_ zPQO|LyP!Y`dYWre_Ml!M*^%8nFE*BAdo|a&N+jL;){hj#;$O?o^%RF_=~cASrYk@$ zst(XO3flO=5%YMWQ7uTKdaq+k^k+}%s5@r;Z3FtcT`Tj^T;;SsGKST=Lq%zxmJ&5o zh)r-1&9ACmE9>ZRT1u^eixw35mX`s1pE#eB)Y3(ZiGE zwL-r7AHSdUZJH%C6*kOj*B%0?f8A2(q-HH|eZ&a%rqb>(`pkd`H@tcMM+|7&zt8Gu z>u^%UA3Sq)sCt*zDOEg`@Xfx!>>khixp-drNl*Lsh6qZ$!JAoNX^H#je%+l@X*WZ) zijf0YUd`-8@pLuRgCPH2r!CpJ_LpgYZo$S<1L=6Y(n<@s9iRB8gV78_UoZ65`knhl z@Trh|ASeYq7N!pM3BFrR zI(7q!(2*yFj8N3cdH77+BX7X`n$fB=T5z>3j~1Ne^6KsT&(b!(bOe2*A%4%(l(o=W zbWfHPIV@6UUq7^P^g3Ceb?Uq)Cn|DyHsJLUX8w2JDezi6KVt{&wak`8ML3+I^p$@g;1MeWt;_&jPqEBY z>wk!ktmQBI3OW`Z@yk1<05LR`a%f{XS`5>XZv(@RpykPJpKos`C+TY>zI&ZK~BN?@ydp)(x0vmHMAc>3E=e(k^SMPKZ{d~2coF!%ou#BEDx z(tOTuB1gtmI?J7lTe%QdOD#dgYgV zu`Z>}T01vJ=l5$vb~oj*lwff_m!YB;kDN}%Pv6|ZW#363f3w_&MKeEF-bH;Oh$}gp z=Pv4|9OWtFrX1ec@mk%sc|`bQjw$ zypuFz=D8g&=^R$Sk1kw$ja(nDJ4@hz8;|UDIjQLI`@I|c9Nw<5lro6e#emt&0*Lw7 zhyXbSLC^12hS?6wC9p?Ha1E3MIBf)AFbg9}1GW=hE5sPpOXycOX59Axnqw7~Rq1xO z;c^gvqF7O|zF%0hJic+$!yRrb$^^^KB=&&c;a4-?YPseYTB!JF2-MhoOMxtDaDIbPD&R{Bm9D3ft;3Y*;z3v z3X|v4{76iy$7IjFdQbYNEKAPy{K<-(vrI#WHKLO_pQ%|eTH7BQ49)yhx{|oh(0mh) z7=!}PAf_BYiUQ>S-HvGV6Ki@AlJ z3Y=Evd@XC2Vw7gfUeGLM-K!+MT-XpL8EK5!Vx9h|3S|nMZ{h20=+##J1=OYxTRj4R zO`iCoc{u-L}ejfE99?XQRgukQ0B4u~PtJaNOl;Zs4uLx`SVs)o=di z!zII%>k6X&)&;HOK*UjjCyx5>oYhmlO_%?9Z_^ky#kC^xf3uN+bZ`nJunmAo%c_*= zR6cAld$L^vStXSWHcYC?oZlI%+CFcKlxR@A|D$(&WK+^SSaK(-en|*ZYhZP+*0Q?V5WRdmaE~>6~j3hMe=Xnki#?Uw*>MTR?g~bdS8JulHNh*%R@q zcem%V(v{C_OWz$VxTCV^)%Y@>KKbgFU^ZEr!l5VHK;(8M4QP3;uGsKfmCOR!Q!mT= z{4nowA=4_pJW6;95O~kc$ta2Y%_46JzwodQ`FhW!{g18nM+1IN2C+rt-7oqtX~meY zXZoGc@&d)-1uw1lq}OF0OS1MY2!p&<*;hqW?{Qwpj`_b%`@@E=xdm@a4e9P**#8;y zf3u|3sf8QSYS=JlIFf)!I5|Jr42HdgzMga^IyseY@Lg3NyOY{@xJekvJx99u7OKq@ z1loRCm=#&SA>?U1~MH+^q2m&HUtaq*5v$fOaTowtwR|~teAdh$PtK6uu zPdEubF>z*v1LVE?Bs^@LXRl>&$|BieAA_8?bZ=r}`dkKJ0nyx!m( z<6L3&2A#ZRb4zUcXa*;qb{?uGAT~5~#c5%u2UwK{rxx^tJjWx`Rlpd|;>Af45=Neg z`NMfOc{Dm=^22LK98}pQ>Yath2__@?m>&Ea#dlKT=KjaB zZEKZ@qYdW=7?ZKlhSi+ZX73txmD+*NhO~b3OLuljKuyVn*#&sikrPwBNjV!aVgiqND^DT;%$QGpraG8+jF>sPnz>c|4X@yUQ2em|3;eM z25lSf0Y)%D`RP}af-J!Rl~dkP@xn*Eh6y$6Ub`zc>EZmu#oaZ|!t_axMev8}@zrz17pF4J)pX@Q7^3$;NOx&W^Wsr#9&^Zp45jkiTzr zUl1dCvjbPHcX~+I4*fa!>0IZdl{51ZHh}*4xLtx^=x;c6aDI}jD=M+cwWr2#_o}U6 zVbICq#O7&(l1VkoR7DZ_gDCxYXvh7yBY-Fvu(0GuHW$h{`IU?r@y}j#039D^ zZ*;yi4_QWcime$Kxmr=`j#xJcmVa3dm5|1x0qNC6d`bs=@~5ellX|N8MCs0I@wL3A z#Wb6=ysEvlO^8nI37YTt*v4rt#C%e^Q+&x_qb$e7Vf$vMA9p%eUns-<>lYXD)uSJ| z{<-^KnJhX`y_VSbSA>6UjQ?lO$L(Z-spp%aY)FW&>Og)~^UfPi`?wWg3(Rj!-r;a{ z4eZ&JRRaGcPj;%&mgXU#+*o8$+d0~cH@UTZbMv)&qmh@^CL=t07ew|pcYQ7yVxpkb za5N{nF*32S)pN_IiUY0Ik!kPi&tj7V?~G}@>OMvXye2~4QNgz9rZRq4 zBe}4%xi5~0hiVVlDIa^n63o11qw$_uPAiCmObqh9RNM8A7PQu89Yy1tAAqUdIf{YT zU%8fA{Pepi3HAB%Hn-+9FPD?+>t?E-pg<|VmX{(wdMw+(enu|K8gi81R?j%b6!N9p zG84?b2&vw91tI70bR+>5qq0JVPESMq7JkyEo+l0heX0U-a_+abkMnjRuGveHrPv={ zmM9F7fx2&Vx_&JZ=0smMaU8~;EltX}@u#@xuJ|1fbB@r^sO*wIL(^%0d5p=at~*3&KD1W0&*P+~VEQ>rb~^RJG-jqWtHOTfyGS|< zz)i`Dh4qI-a_G0kdaUE)`8u&-(T_%>?wvaMw1It|RI3WAc%zg~w}Kyh*0OOV52vpGmI_v)*|fBTLEQ@n^?9){TC11>~Q`V;b!tcX3GtH%3OXdIF_1&t_2KdBAy-E`WhFQ|Ci)5pyl}&wJmF&rs z@46|QPW!Muygj?fh*3=K+G>&7!Vlu^r?4t~0c&xia#rwLh5xqIPAgJ$~A@B+d%G|tnZPe$m{ zv599}=4#mHSqv^rnewE)o*tIM`UDJn)dP&_n6v;hc+vY|RKy z{yq0`At$*U@>eRQL^1d|gJ)`-4YujO8k&xD)*W<2*$IH7%)C|L;{>1w$y%vR7)fb5oiwtt?{?kXiLd%4n8RAlNtVS1;b8@FUmTUeRWJ zx)PZ5>{^ngO!ccb|6MhgGE#Z0U$eLY&3>AMefVa*VM+;AyT8adYn!911);R)YLRq9 zb~||ekLgJ2;z1l6oOv^@%M9!N^bbwOh<@xi;|?JXKlge^Xg2gcATyjqeN}&#Csz1 zB+!9;S!`P&Ic%2QN353J2Y^gE#l0e!e)e@duHeeVsePw=n*dV{tBUC&Qxp2_Q1P$n zd$@~e;}+NV$l>a<1I(#}9F7)yr%(zj)e>|j+_NF7v>SDmaeK`n;@{!cgLH?tksJ(R z`Y9<4fb8UI&$i%68~Lq$!EC_uS4Z3uwFcdITdQY1y=u{wokeT9-e2HN1g$%OCXL|Habt@^lqRcM zPqEAsImus%gT*pn_&>#Mpj$J_ZbMQc;rvb|3+w({GfOEzPreHxN{j^Voox8@m1NuC zgmI^y&%cAwkG3b32)%w_$S1ZQ$XczNuGTVUS9c=bq%AQ!;OqI5y9HmM6?3vzrXZQE zn93P<*E8nImezr_n!Lb2vDZygd^?Qo(zBGhkdu~}BF(2l+mOq6{5vnB%6sBdoG3(R zbF7dA-YRq#{!{7p=b|%@1*BnaY_`w&QiDqGM%yY zJ4^4$5{=`#vtk?3HR85Nihzf0US8d>Rlvl0B-Ylzpm-#_@=2-%H=yHdkc*E4fUUKm z|Bp^{o~<#^HuC0IhQ|=rvlR;T{)eI4hOb`DeSQ1k&x}#a;iqk6l$YBF-ow)A$H=3I zc_q!1PdgrcJzpXPDyKjD3f2N;Mpd^wK~lmbnwaJ@8xK&Gr+s&iQgb>z{!(VL^a#U# z&X;txPHo-ZG(^25U2V~QOuEGvPK9K7milSzUR^20a_JpE*Cpfg10{uN_cf^263?jl zgndfq!GupX@bAF8-}u|ufc*vhx9Z*AFjej2fQxaFoy=A1w~&MTqd%-X#=I)`yxV2; zevNuaxz2?Q{b5ib01jp2F0DW7?m{>}FC}cNVTdt`W5qtNz*TB*sCe~LMb-}K-R^Epne?)BaH(HU?+v)#(r?64YX-U8!1^9Zg{ z*f}X$Siga+^J;_o{^i_gI3MNRF7!@2Ky!2TY) zlAK54F7OD8FqyrG3FW~Iix6km&M z*ie45^k~q4uS@JJeJqcu$o8LU(!p*#E(>?{UR)9R`ObCABD%DZw_VY))>yb#8Dq1o zpQ7#3)BL#e0d!RTi#|#QW}VGnxm$QgNja~nR={;&{!jcTT>qR~Lo(QsurJ4KgV#&9 zq3&_a`#FRy(9ceDGY#cWIU3m9*3kQ@QH+ShJ<+7Fs-Srs@MA9^msM$n+ z;b>@`Cb`w$CZi{{t`t^QhlH-miM&ifIMtrttpwzxA>Kz=`|$&{tq7NZo@(x@lMS9& zbm@Kl9xZ74VDY20g*{j=B`sdjcsr+PYKpBNj4o){<_g!}?_z2-i!xqvSW?0_Epd4? ztj(AYYR~KkEuHY^k98N7yx=$>JskCK3aynfPm+NakI*l2>JEhbJ63e8S^2dAh_PIP z>6mv4{l(C5Yb$Wvt^YARy3erX{1X@f+`S(bVDl{Lv@#i)5qcUUi3tywE``1Hqw%1= z9zyu!9Y^UYDj}PBt=~I@t~inC*Bfle1VbyUoG)@-J69`{DE05M`73s$Q;E~9+-7dk zCucEggx?YkZl}xJYBp)H{-gV?zoj<5`B&2QW5WVwDyB+&s?t^iejJ~Nr-!VGry3&Z zPkjzux&_TLJX(k4tBd`!muENqXBzD9o>19+v*R+GgpaN}buCK-(>)cdE?e`nQmgF9 z$qgOFt9epX3J!0oXyU2;k(sGTg3Rz<;0Yzc%$!i!Fi}R&lw6GrZ&+s;vq^{@*~E)Z zYWQbo$vIBcJU?CQ6;oC^dVDy|C@y*k9T1gJasKO+4L!J>V10?CSVru@V2FB(SPI5R zYVmWMBqQ_s1fWx)Z__=ydCt~g`O z`PLakez`w<61x4MXAncHtQiEkaqC z&YADce7B&2`5X+(-Msk}W44r_AYl2sblvTayzdc1Tft2lCbC~a)$f$R3Se8}Mhh`U zH}$fl>CRh0Mp9TY#os3!N>fl*gOqH>VMs;0%!L}l7FW)IU0?aO(LF%it4z^n3-#h3 zZK7XK=!irb3jH&h@=}D#Cg|+E&QL*E63x4GcG%@^_)8=WOj2zp?QM}_=LL004_ZVE zyNs!lPKEb_(w0I9Q7($#0_xu*MFu{wv#88B&OG}_-F9qdMj9)_@#g-_l=O@_Y`D_F z2$~~8Kb`Mw;tC!&K8_lNvyI)c1|*hu4Nnuct>7-_$GKD1BOWym9+@5h6N4uUIIn^B z?t2e^`*#Pzn{)e=;W;@Qs_04NX$LJGK{a%q;9n=}T=- zSDY+JRiW4*TJVh?$XQEKE*Csp%1Kvi-m=r)to8jYQBSS3b8?q}I>T0vKxBGeKB-Zuz|uw`EnKeNn1%Y-x-$ob>wPq|^EE zD+uj?h!WXwzBQva-fwUM0P=3-1#T<1Mn)jIo4YHSiaK2i)_9F{jrg6%Zf@ks=!sX- zwXNClw}!jgDqWc!3e&Wb^PNxCaGklnmD8Ybmhhi?`bthN%W&T;g+B5Lv(wG5jeR8M$PrChfpSSX_<)M21&tT*~ zwnVWy*QScWOV|A$;(;MyZJt&nvCUt2>Z$*gVy&2HQNkOAf-QMURvW$G<9hq~eb`g+ zVxtt(>@`5^GT~S^Z2gC+9|TusFP#V zKEL{I_IQewv)zqv0dVZqQ3>YDB zuFmo5e6O7Hjqbe9E`AwidR*|n6xO-Zdz9;Ka`J#_Uy zh8=<0Iv-Q5#9DgjfTDYJ8nmj723u8f_CRagJ#y!3=OR&yrurE#uJ*%9pPM2)>?1!7 zt=*&?6{m)I%C`5=dbBhZq4m3gz{j`8vufTJsLvwgztH{pJYKI@L-qYuz)`r-wEany z^O=3?H?QmvkN%3B&U+Y?(m^5?Yk6F{lsNwTW!B(m;`?3BnzpJGL}E!TumBlRN$|I+ z(rSPxFCbqDSwyG+=o<0Ip5kdxE8izQ)qT>H!`cAa7qurHDewwroI0u-BHmhPka+>E zzs;iiXNK2QtY*1+gH)>f_g>T5$?^o7@DwYHMB6ccVnOX3J4G})RMX#V`e0r^SYNaD zk{xlH%8alDh$w#+k}{d-CP|Qp)RV<+if7^7mfg6LUz@#Z2@2Zf07CgnYMbQ-P_*!Tkbh;~s{sd4**68N*Wp920<2;6ZEH;!#)^v^5m^q(MZ;tPOWR=;#T}Y4G=7@dmmewnaX|_-A#bH{hJa($$6e_)|fZzYQ z$Xl(Mm=08IM0(WT2QZWpU$Aqu*@vPnlv9+EVwKwGvT9LAW?^G0`Jc1<&&?u z;%B}e#nnye+y^naW# z5fCYr3l8z^+Cyve&c@?+FV${H1_2FThGJ-CzU&wXIQ@YQB5R7(_Oc#tZ#wn>F$x`q zyXyUbX-y2(lT7L3hd1H%pghQ?Fo|k)2JuP6GX&!y*S++_tYp5(+NOi6ud~7dx>3JB0-+TX!V;I4QDA!`hLsNNdA^_sMGr&A2zTKJ zq&&bAq@$3l;j_QLFF+x-n$)DT$~&GX~EwuY3%zD{Uzge}hWBGp<99}6Kt zEwxs#$1JCP?UW@rF=kqWUDplG<1KZUMRL()$wUjvbl#Y?kCN%{D6vA&748+7eI||2 zSwJthfYpU$!vmfXiT<@_P%VXSEXc729p&-tgnwu%^SWc;k}3O^I$ZBVBk1#SYU=$v z-M&HASX1kMUdt(MT^+Xqga{d}^C+0f16UQb%h~fD|ba@&g~f6hwGJVSfyKR zZOEMjq(eTGyCY#gypyyug_iu@Q`Ri$fcI)~iY{#rW|dVlkdj%0`-u)0>AkL5mFO;h z&amos- z)agF|kIs-9{NNs8rr1GBTYL(>01FIiK9!#wY=+tCzWmIwwDLj2SwVU zY}9JR%kjoH|(nJ%}LUs z^Z7f5tD@~tJA6*&KIr*xlI~a`oYU}|>#e))WOK51BVFR| z-3d3dy~b3f>B`TkU$+TwTeDJ90{1d+f687_`_Kv6x_Mp3_jVe4u27ix9VMHi9jxcV zHg>JvC`p3;O+&{$K(z6Ig-DbYa2Y!U1@oA-E03)< zE9lt`PbEUD3~1GqAT(uBcP{EKTnWgh>IzrWPIi@&Jb$0pN6tekv9z>*_nNXzQ8-rt z7;2Zw!tW}vcZE|T$J(;3eRa%b9~Gs9PJUhOXq)z6N*#X7HN7=ahc=Q@8V*iU-?^+6 zl9H9zh)v6-Q#^Vga?&G0iLVo^G>t2f+!}TYXX7 zSB7HFHJ#uH(ZJ1QU2C39Kd!$sl}-tU+Zu%zZrM4>5p1F7dkfmiwquuD8BwlG;Y744 zj^2T~uIrnFpD+pw(VKi3!Tzp8#2ljcmq-n!DIFu|m4HV8Nxi!9rwFFb(LC9SN+IZu z>%TAL|M>(NJodX-^0X10{7|6KL;v!;6utN%>aU^WA8|6|b&&hCQMt^^%MaVN_YJI@ z#`f`#ka2!dS+dlx?D@>+EeB&J2IM_guHRn*WL{_5rK|!hU*yjJWDh)J>PVBqy1?wf z_e0x>43H^l&-&KybefuvWosgSmmJqVb*RX_-%dqy5}$jED;pi#~9843!AO@ z+u3G9OKxNxuL;#5oc~n1*SW&g!qe}+KUX~AVR^AA2)4rz3NJS&wcWh*#IONM3wpkd zF3m~R4;r|nX$DVJ)18irbTS-MpQL^M_c6ylo>HDw&({Pdk(RCr4Jn>6=mtp}mxa@C z8_#RjxvxMh4VE}eBYvWFO)XyTwk$a=ly`! zy?Y{##{=r1ixxBfoffI4S)g}Gd9cj&U2zn`TMN~W*|Ck;238yeB~H*=vi;#Y8NZ+;VnLAjqHkc(v1N-gTYLSMWg9b@P4^aAq}da+yKilhCz=OACnXTi51d z8cjsf(8M#>YAKb;dJE>gikf-zVZh|2Gt4X9e1|bC+}D?K>{nUEzXw8j!Wm@4u*J!e z4=+2hRonl^lZ*2ZFo@G;`|Ok)ZX{|8L2i8Eq7=mfIwBbfLE2I3QfuhLKPwj2gD`?8yFq&WZi*bEmkBFJ4_Ss>iyp|oJ$@sr72QAn?I9@v89r3}* z5WV62aW;WXx622RPGNe+!!|EnO1_PPD%E5MJ1GnrVxhL+j1JoyHp7hdl8z@& ze>*uqju#t<;wlCkdn`-s%ePpYJ$hAly_%DJjf`aJz1fc=B$=`Iw(OssM4fgiQ&-=@1nzG2s9kKL6TJ+7k+X=lWA_JMm*avHPT3MF3^Z1dw3fg}+2d%BggFJ{i{1 zNut0mOP-dna58 zH@eLcrrOE!NJ`S)yZs-ZA;-H;&15Dqu^w@f=jL8l$upWMfHwCf=(LovGdb|jJ9)P3 z6JCQ|-=_RSorF=CYjwtVRKniJ($Jj1JJE6>y`*Bxb11&lqwNp7Rd z29Kp#tX^*Ynp@xbl7orTTsxop9|sILY`_@<{(`p`u&H)!W$K#n7U5K{Z7u98_smk; z?+NNUR6TCh)dcjFl}Jz1#%=?>Xbl)nZSKTt`SmbWGiQYML&eu;gU^^uO!T zRT)u8l#L6UJi06(PX1*aFh!Vm|By7W7jx(9zT%$Bmuy^xH>Nqrks1q(FD$F?Yj)KQ z!{gwUl&9EG@Il4Jum)WW&PTe0~ z``MCg(}?L0BA(8xtNedgZ@ZLOa!9fRiX5Y%%g({>>?xH@;KS96@pHMPo*>I*?`!f% zaG7afSDV&+f(i$DBnbNM)e8NcmvYHUpYJ>?OGti8?;v|8n1F>1^a&XIHmi0%N9d+} z2!My^Wag^UVJ>ni-3E8)7wnC%REWpPj$OL_NofVmH>?cvi$V%wqls7txiev`%f9z* z{U7#Y(5lV~ZZOgFdc|oDYMnBI6+m5yjnY_!)&x#wUb;jy!x{%y625hU84f8)szeC#mFCJe=A3BSiH%J%m>^Gcb z1IFt87pJ$L(jm(&TaGo#YUx-dWm>)JCF-zlbm~hTr`9v|f-~Fghne;@0oz%Tt|aR5 zK91}T5qhQSG3nx{uZGxc?Y~o`w7o}SO2oN)1!F@+{<{1H2%a@yjUouAKU&y$+6OvP zy4hqx78_W{UbqQfX^EAKqSl)^U57=jF!r5k=8u|R7MmUio*s=h&&tiz{>o{&4k?$* z6qC*!MMD3`JXCMa64%HHIP14c`Ztv=ruuq6v&vR)04@E$wijTT8GZZ^P{>&r5V`}4 z&eu|jIQDXT<2&Sn!q@2g10oH>pbwTywYrrJ1|%!KM{T}${>OkQ+vw;I&jw-4ubhCo z{p*ckVSVoHKj@eE-vs8m1}mFM==?S!E*a~1*S^Z0b5_g7?;k1ZyY|vw`h)6s?tW!! z&#=_5^H^Q;JzU5h=GRzpE0?Zp!DxCNEGe}``JBe%cA9eExO$=Xgu95^7CAxBbS-p% z71bM+*|wo4U^x`0%$8NZ?9uByz0FdzH>!R&0WG|ApI-R!?_mn1$f{zyO-?n1)tT*% zxprRo6H9xUiX4w(X$rCv>n#Dv`H%LGwW2@Qzs>xFHm?4!@vOb(%|DF%>`$N4c^$^r zFe%k~oIJR`BvognQl2wm5$4loU(gxX+mlyyY}t!FRf&AL)EiAj1H>Ad7Jg6GF{*HD z+4-ETG9!F*QZ(*<1;|ECXwK&jX0|Cw>ZKVsN?(-MPE(WKlBTBy9+z01EcCl9RYSrz zlHOR9{W#swLVPT{XxiNcx%9QO(cwii=>%%Z1pPRy-E=3U`mA41d)$6I?kzYj03)=Rxd1uKzm@ zvn8VRc~a)%W_g3sLrgjxr8jMF-A{6)e!0JD6K79Be)1G(f(=v26int4FvezIRh+n(yuMU!sM4U(6OXOepC0K^C!KO&D%u_ote2trlO)zvqmW-7-h(&L3Is zJuWvRtfN$#d>c9Ew>WwAAbfB9k9|**Cp{s0y4-Ma+-<*sdb*UfwpaN7J6C!SZ|Eib zE)O?WyY74a?q?>QPXhPVU+R@xmj_|t^|VM{-a4N`i$hju1AV-<8dH_MF+&sV$$3U& z)u)quL!8bX7Zrd|4NQ4FHtLMz^bBz-D0sfMd)c-qc_Ezui)=7uo=CrD zrM;|BT}bu6SgKz;)rutspaB;nHFQfu%QYbwVT?oebGCFwA}IOmYu7m@itgkz?k7&I zM+TAN2Y)9z0r!9@8<2innpELl-Jw9*N|OSaz|c58v&{DHtiT&E+-xcz6x)4vim$Rv;uAPnF(7qLFORkQ?0&}*_Lq1u+ zwJGJ+`LVrFukqwjEEZm>iHC&^8D$UD(jqO2t5u>(e&XK*WP4=&lm7a~fh>~aUu9xl zq#v+Ei5rw&pQ-#{s z5`y?B^vyer+|q2e(v>gli?vvDXF@5A$<;;A%Es$l2L5<0CcJ|OVt_?#Ut4oKn&AfB zKraMN(O*~QhVGW-JI`(EhSNCxDsVXLhZYnW2^X?(*zNGW{0%l4&zT-IE`W0w4+RGPDSG{n^AmfI1kN7s7i zWB#Tx1rMKtCs66M>Wg;7Wx~$n1cG(bCN`?&LR7>N;c0X^5mB6~GcmAvjNgzayPMK$ z8U5S;X`WWGI)Fk7zndv*I#0#tRx|xx`1LOW5Km;(K_t+tjGZ_%4uT)Di-v+eji6S1-xXNOqBiPM8p4KpYSB$w?Ncf}T=xr8g~`{-@kd{v zcX2~DVj9RM^7FD^GsPN904|_~!qvIZ(gX0^ai%tEOTjYHtu)3VDqTyL{{=_<3l|qX zTlHN7gs@Hez~+>P8m`A-NuD;eiis>GYk69atL0^RgD2PI#E#lb(dP?5NUCUF#P?30 z*zB5h;&2^TvRy?KH6YTo zzu01`=hVh||G^_vA=tA-dvjK%kLwpPfhC(1#(w$@J3E1LUB_V$!aoDfL?IxTcCfI# zB*ZGG#ZzP9-F7S5Z?9H3q{8?QIg{G+dL+@ptKd<&c&)>&&sgU~2Lu7aR7hT;d(5|j zPNEOJqD`K}0Kw^S*(SbERMz~~tfxpzT}sM$7XgE=pif35Ia99HB0JmLE=>M}TC7X! zAOol=oSPf3QpA?c&1%Cu_KH-zd3Sy%OajKFcv!fzBbA7A?I@5TK5nZ(3DV!QQVtc& z4<63;{rikZdENY1uL&+T{NX~xSY2^;fRL!FlC;hN7@zqOOw!qCEyuO47*HXTYF=+; z)|*n^?E9{5Hw-WD#aDKI*47!f5WC3uV`UVdt2jUM2zl8L^*h^_^wcw7d(`!7j!j&| z%|<><*VLEs201^d;&SO5wSRQnj&+E{&;dLd(TkT_4p|byw4_G{U zNpLKpT#Xsp_oaI(v}E4JbMJTiu=K2IfcOae*e0~VXciJDo$ja`v5-qv{zLYYU`1ou z@vgS6v1kk_==gCs{nekt3p=jTh8835tD9`7;x*B1AY%3aKU71}FGXjok>B;H_~|z+ z7MDYVfJO`Dmqbx2&xq$8ORJ2c?I>c#oVxFdxT9dn%Apxv9hV+aSDs>abQ*^G<{=MBt1(7h%eQyfpD-qNE(?Q8D z1)2)_HuNQzs8p3f#8!O5Gfubat&GxQZNIeNM0aQLLCN8kX?ZG>RxO>>;QpV|-m_i> zXD1686`6dV8uR^|V=3Nn+@eRtUb*Pt>!_r0b917Jdd*)znOPh+EHiCR& zNofA7%+3K|Mn(JKfu)3cyc!uVXZGf`P48t_9@Qd_-FGH=D?a}YY*<^lf5P4T5%pTo z=QK_!aK3G5JPOdZFLAhiohj!eFtS^6-cFtghr~$<5YV41DYXE5CmYE55WLpvd%)pf zS5%j{-B%DuALu6G)Uc6%!px>fZ4oE2bpf8+WV=9Z89LHr`(vK`Dt4H~DHGx`7T(k- zzC>n9TrUL2?y1d3u8rSrp@+gP8!*G1LS@)fUUlqX z_HF?Zmz5}!6JQo47JJ-Iu0Xk1EH`U)u+#~3BP3!yWzVQe(EcF8yN};8G_Ina6oQ;o z;=LO^x>j4E$O;yT>^y3dW*!o|qu}z!?FOL?+0B7RoncVCjM(@D?%2L^ z1{??K2`{*HZHyiv0+*7G*UGdvs^n>A`F_4$4CoD+g1)n2`iAM07~?JQ!{>``3Y55; z?K|rJ2vW>nOn=9xA-YZcptmBwT{=9l@dcML!1g%fbbzr@mB&@~ZXBYFj%q3QCo0+C zE-6BQiBe>}R-T*Y+uYnm8e~hitw1hJ!)8{z_(exoL2g4%al{mNo3M6rUqV6=Rsw*< z+c@ndcawh*9tSMHF8Qx?%s!FPVZJu$A2BRt6`+92S9z-=+CzoY}-Q;iHN+Rmg21A-VLqZ}!IPQ^2X7 zq7!Hk*iy^l9s477O5a%|d4jxY%kcfwPeUz~dYZ{0ioZ);{2=+GnIKd7kB=1-3~f>` zIBGZ63(-ZBE$@vu?JpWynAj^xDjK&iZb>0=ZDtm)w{F71w!AciYbyHFEAw2Tb|7o>Lj|C-dC@QR?tWF zhSwnb+1s|(mePSG|J1#Qir%ZZ`rQX2)=`I76sGX|!GLIKi7e5ZbqfAuD+l)r_R3!d z4fpXVU<}9!%cBp3fx;{^ytlricCcoMSYRJ7mP{%{q;2OM!?U`Cf<5qZdZ#{1(cUSc z$1TD}i=Emompgw-x1Bewg-X z?}hvG3HV(P_gyk}NQ+EFLulyGsGkPlb0^=KP3xW7xu1(!+^Y)0N%C|yXPNiEG(1OJKtn@a3TXKB zwXJjfJ)-W7PD}J2v4^=u(9hm`^awH)6IxhW;K1nnwCKoVMjp+WxY}Ia(yM2f55A7B z?7i8l;xWEq>PvFr_|$xJp2j$?ETgN)$P4e6;E~eHi_lh#e5n2=)!0Yoa$%)HsZ=-_ z)iJjAO_t~}KG$fQ1nZKMwDs;~9C~Q&OWRGYd2`@VPefK(0F|yTxbUT07YUmuTf!(K zk+cZG*S0&bMUr1FHC#+=RC;*rX)fkx7A~CAc0~Ll8YqUj&kpHlW3QyNMz{=e8mq|} zpgvR_eCc@cd|J*t?u;C=hU6Gn))zzb&z8oPQm-bk{paVA{3kZ<#7PrOEhy>j*At75**wK=mzUd7GQgKz3fy|lg`7h{V( zU7TOj|1RU}N?UNcmu05LPgnw>hJ_bIL}9B&uZl_gd-Bk;D|G3goDDrW>V;&%bJ3jY z-ROSS5Qj$Rm)FdXAKjMDpzI!AMPo=^r^ zDK^+WmG5aSD6ekuQ)0wc4oQwb-E#lNJCj=eGVd7y_x-;sfvwI{WE8k{&gR<9$L%1j z3$hf`I*Ae`_k*?-6Qz6hO3d{u1jWgoZD~1(NcwbDpi)Bc%71@nW?5YiHV<=bGm!deCJRK1*v$ez3;Z@&cD4x^v}}j8=-IBw z$OlQ^p*ffrb7t9`RSx4_npdpCRPROH(jP>8Y#8|sP$B>@kAHq7`6Gwx*o^BZAH}Mi zoNg~@u5->{7f}Xn2Y^nr(gV#W+)GXx%1EzWo7Vys8=zqO#a2iki|O|j9PaTps|ogB zAwnvvXC1PM`%ylinkK0m@MPL|t<;eoQ4ZTGiRwgctS>RU z@!;9RwY5_2HX=#L_16AeL4M-f_#uEKdRd`Xga1ZJ}4ta8Oq$n#pgO2X0 z?4ZU-2z}TDnBb?F16=wdhklHFczk|xW8cv4Hpn7Q8SjJQ9$>R`$$xp%={S3+F(G6r zV#N#pqk#K83`g$-1~_MD@{DiDri_lLfO3a98VL$P3nIB*r`9XxyY=0uk5-UVE?fG8 z`b%j`5c}Rbc{phRiB3|z1QAR0T9;yo=@8$EoS{StN*sv$Q8w&ZOG*+~TL12jp>k)R zOHM6yLkM|@Xl>?|xU#5*2k>zW=Kx$S1Xlk?*Fnp5a`?CKOGo3r>ufj@=$Za-;&QAIeIOYC;%C0Y@ZG)TZIw;OM@1}* zPW>`46g&sa+$yp1wCh&=vCw^1yqI))$3J_q&g=bFuXyX1UHs9!GcX&v&68gASV31` zJmZ8FXPuh))XP>Bxa{BBq_Mg4z%`&agdiAK!}%%4xFXbV*}$=JvlED%%HDbJ7XUAb zfG%kUar*)c*!F0nE2?1=)y1hjY@R%bGQ*TIHP)I3dnu&xQ|ZbF@yZ0=K9z10SEYM+ z+COweG0oHacvka)V&4_=JPHuu@4V9Hsqof80p1e<;G^sp!SP2l@MRPeum1juVO2t1lAv+auG zN_lVkA~hh}AXtZEN5a2%cBF1XdCqkq7Ve(0Okc0&AGv5&pw^X+ zGFhC?(9~Wjnw{fr*^*W|Ulw;Vs3l@i7svKmPS5taNE7t0Hx%X$A77M6zBE@Cr`<`( z_%DTmDlN7iG^m{2G7hJ0Wa8Rg0?YIjLid_Y?XdeOsGvHiNuRf%7Dp#;hc+g@76)Xq z}ELdc6qVnhe0E}NbvNk;uS?U{&Zi>bd&eFv&n|_ z{^;a|o9nJtR5Q+S&+z3YmtltBW}^;G=0Gd&Nf(eylKHbohNk%CLu6zycj7Ew4EHT> zEBL1U^YED}|M2sLd128I!O3dt?yn?kz&Ka3^UuWi2ruP|bgaq&FHy&VhNQP1a1hTG-n&SbcX8|xDKEQC&}yUw4faE!fT;hYb7(5kuWzW|_lI(F~6 zgUo;~7!5=hP{~IXD8eh?=zD481+*ct36|)udn*_YtVK$7nCb0#Z)DX2dG28VRV5@^ zH#Pox=STMwTFM2$?C5;+pkJc@=r0hXQCXOwNd?~pN{}+$xa2JX# z{m-;1fpkF^B2+diVTvMcg__3sNAMbZWwT~tPzok(;^!GDhIb{;)sDdUj|U+Tz7vq4 z*cv@@o&(=YU-3DKIRwU%nuexRK}Z>On?aJB88DJGMyfdHd;$ao zkzO(k$+q2#B0bG>=(D%aC7d*zB=29p0>`3UWo!Kgq#F@c#y|tvGt;ed;4Y95^_2#i zF0`dJ1j4iZ;A`U11~3(BL+QU)GDKjPTd#-!Q@iro&g+9V`fLCuie%HJzVLoCHE4OPKm`KqjfL6wPV8~b64o&zEe)iw09)aZcaQeH-Q+cN`@^@;<2gkLfW`YIB zQ{g*_aJ~s5t=M+K853Qf?7BIhD5dB60QWJj6P5VtV}#kRV)(S|>Hs?zp0r~45IiL8 z6fC>7ZsV`+1-we1oj)j@q#B;W^&5)=zbOTqwRcr@1sz4!0PR9AfSj>JHqC={ZFe3w zAtAHo&cm-Hwbent#xs8zL0)vfVG3plvjDw)XE*ZsXcK53RB{-JQIdCWFKQkACUMqp zJ>rHj2TBZ8W2xh$@4Wa%XV}`PeP_q4wD`>WHgwOUy&q*0!qid#RD;QCGy&cSEOdlPpWUN4tA^+F-~H$4#S7r z94xo6Kws|8{kEF@6va87R?s##f8K#h_wEELTk0@yB1=02q3q9OtYV|T9pLW(9j-@l z>zE_>yIcpGHA^8Ro8EU(50SP&(vM1MK+6%FX4|+05H_)(aA4}TPol49Onl4N{d#`? zUh-Hd^f)14JxqUqBAu;zNF|1}cfQ(8Wl^Nu2kWf(Y95Pl1ErMUOkiI5AOhv(p1k1L z*mO5GrOM6$GDE&I&;2YYv4V??L}7!%pQi~s`{m`V4WMXY&(o0^$gEr+wyZIHR38Qu z)z@qF4pX1v`G`pL6l)Xu4rvmE5w$gzRCI|PY39DP*IK!0r~K*kH=(%tAmU|K5pY-8 z0SRC#>h?QPfZwO7>VDe_c77@GVPCKN`g3Cf0wi(KXAv!u_QsXu5_oBJhSRI+^*i+> zONTxz+O17^zir zonZWiF9poGvZqlY;*R&i%R)!^cM-I&uM+5mDE|=|d>0DEW@HHahoA@e81?zQmH;&x zp%5k5?9=AcTTHX&NI1O2nXYiGcV4A$rMRRXADQ#{5n6*E}XeM9zPxm+t?aj;WW3#!%Tp6d>F zu|19A`1Ovj0sK!EC`hPk9w*F}VE7QMy88Of{rcmNIn~v?K03%auCnhPl!cYf#|-yC zYoT^E9?;r&+`4u`t-uc-2RhZBW8hK=1RLYb^RHQi;Z(Q5t|acidsYBtc_v)&issp9 zuunf?z-%(EOW8Zu1kM=_v`6UpjQ=k2%8CzXBtWn?Z8yI6xk^XD$}L|9W4%yUI9*fW zZuyukxP&x6oYc}#`_-h8oqoP4hO#lzDkfOBuS`SreD(vl=U2g;VaD0I(ecrhw(Lg9 zGw~~oZ3z!3Q8+po`3Puto~c>xoxba^pw=xqV$DQd_t2>f@)+{fVOhlad2Zm7L$hRD zO!SeC!y;<$=RuQ{=p@1m4C?%P6{5}bv)m=5BD&*7)GCyC>(Q3hj@%XyoulXS_>IQS z_<-Q)quaS+jhqb;pRTi+-eit!n;KG9f4Tc3^|wN2s32(H?~DscXieU{UIy3BeE9-L z{GcZ^6aAsFuhVYF%uX8fEx_2eq_9)pDoc=rkxY&PPU7r?KMNxg@ql?A|IYOH{p}}uf zrg|AHhVH6dUK*Bm!pf@~dX-4%{E>^punwzeKlT1d;hkTtC|odF#@B`&@|4zjd&)0H2g7*3S64r=$>PnP;~XrxR86Ifn@8^w@P6*j~eJ`bkT0%~ zock^7KNhMj*p_Kv_~FKh6WsIS!sgCqWqJRpmXp&Ti^Rk?*T{hTa3qUjXmd2Y2eMHw z9kTr?bjj)@wIwmw*RCAWO|kN7YU@zM+TB>d!+z;FlUBUO$-PORfi!LYF|ai|Hlm1V z0a70}KaV<3dt=A&RQd~?y8Q?jG z(q~y+>a6UrJ5fWiYko9gK2Yl5)cO?Wvapx@{762Nfk$wp$Nm5wpIv`x;inb6ti6fg z`s;RBC>=&Z6#Wk$_WL?uE${ytxrPQNe8+EMt|OvWe9yrIU1%d#v)5hL!PV;O@9ejK z4|4qpi4mHA{Q|ca=Qabxc-so7V+f)tsd@d(Ui5C4Eb4tB!Rx{)r88Sy&+x;mN#+yb z1=q-@m{+yv7m~S|b=4Us>wx3^#(4uep0cpMy_y#7%Wr8s!4DH4sM+ZG+ydNrVT8hq zJmu6OW8_%03!NK50dnMUbrAXEs$O)?AiN>2K-)2?n^M@U{quLl{ThLbMc42wk9pSq zDLg*P%+)xCbO$H&Zx_HF_Nket!rc6$MAP^IWfk=^%E14s%Mh@BZ^KR*9qZhcRw2cn z8X7zRFw+@zW}WFcR<8(>s(QfKNS<(lv?N6q_!GGOEJOhQxKFR+T>wzCStO)|Gc7Xo zBDnoBuSK3n@l$&PSe|%i)U{)__eayt&r;@MPME>ts^!4@Tde?sU+4t>-~(V|gXx^+ zR?>ehZQt1LGgCeE0}q)?@C)@}MfFgaN)-Nf(7dw6O45Gq!j*eZsWLg}MG0K*)Vo)< z7N`8%JV7MLjDYs{5w4GK2LvHRxD;;YwfR8hY-x==IYJu8B6@7oK~}oKtie*AmhgzSCKA_$7GU&R&S9MD_rNu4v<ZG9F zWK4xQjLmD?wwwPF&<9ug7LZF^i0^Xp56w|O(wn;-cZpcyu)S)4t@OLMg&aev#xJ<9VE};(V`DyNur@{+~ZhWL!QyvaB&1|xg4F=CjBj(U`LmJ zn`$FV$rx}eHEyQVh*3ar!f`H-ZcduV0#6xTNe~jHdc3$#b?L0R518jwb8JIj&7Kfc zKLR1RAPs1sToDrQv2oJ86U3hP!*O#>Rr*kBRkB;8K)vC8_WAB_6%%IedSHtWuT%`6 z$VsIykTUKp`#nt3YjVxwGkFnFusnxmFh-}6=^F7$k~aIAsb`h>z{$VtsLc2Jjr{JL zwN&M09=vw=;^>Zenp0_=y2TA&1A2e6miK`F3;j4164<0&BNbVWQ5@U4I#uh&QFNz; zTl`zTQiDfE-x(v`n}Dra?FYmGlV2vgx9qwZZsZZOEmlNF>U@{Ij5lZ`C{F)a5T#n zY4&D`s6fxiT_^j&D}h0-#?{H_J_kGO2icyM>*;^oBM|CK%|m{LS93r>$LH;`VZ}Gx z`9-Q;!^JU7o7jK#k|qvopVV+X5GSwYFjWzLK(cz>%et-iO43g#$R_9?Q+1(Y2#Kl4 zvNuX{TLm#^nJHLSx5Kv9O&W)f&)Lvk^LfHSAm}GHJjTwXH{UjSJ1U?xX(~^|ze7&K z^&bWOXi>k2K{gpm0-p8NjW5-Y3!Yx_U{||5gqucxp=9ET1Uq+&guCL-P}*)BRs$`u zEV4Mip!pq?5e$!lv9D$W@Fe@<9+0Qsd;u|X;P6Dh-spKF_r`Od_w5H31=`aFJUY%j2EHMGMLGr^c3e2-K6wf~R zM)YzuI5C(ME=~322QDL7n0Vb}d>;7{Yt#okS$Y^RC3vIPn#gHKtG()7;3~FU=9Rp3 zSZy$o*lU7lxHv%=WdfS?REEnv5C4HIQy2<-y z> zZO@HdVn`4_L=ze1veDB>5KOmcUW+CAK$Yia?frYJS%p9t588EShb9JElUW@^0MixW z;e&iFAf~c9rGco%iX1XaD#4r&=^N4JvLB>Vk zHn_5XiNybY%chzS=f_$D766Ug4$3c25RZ|msO0LAhL7||5>F8g?cmSnxr|0$MXT>j zFxjX$-p3kn;$PldY5d=awJ^a_ma2T*qv}LdmSb_pNnipJGoYDXaujDLk5I(=gD{RO zTmZ+6;AZ|=9O?-c`<}VqgtT*eb;Q*Z7S4uz3XCTA$>Y+1wRb(uVX~Ab&u%|+L=PUO zd2i{zy>3Y8cN^ROT=xQ(k#DcvIyU%an9qE>Ad(nY5EE_n75b$B3!y;g_XzG@H2D{Ub-u-!wX4%48c0$YKAUS%{%vFJg3~|G-pCEtrYpTQ{ zC_03ZK+MjlVAt`8Dv0%Oe5u0}+A~`mlVL>|8_l1sm<`RAfl2;b^8Shj_t6$U{0ZXW z$wLQ}e(?d-LQSfeGu>M{@3cgyPyy{BBwO|Zm)?&jhS2<{+F`DQ#aOD9q6@eSgo9g` zye^ubbxJ?v)tXl9Y`d9T3CynFj^ys!as0hZ`SyQgHl_)^%&G41vash@prVMT$;O{2 zrhyAOjDhf3j-P!~G`U>0S6FFJyO2gaYFf7kjP@L8q~Bd`GmI~-xP+!f=!o+!%62OXVUU;{@jr8{;xR3Me4jBF_GR z!MgQ6_pY-hmKc*Ubbsj!$cqWGisDMQda6eO^=o$q6aniwk)_Y$-vb+UX0=*4%Fu6d zVsvg5X`5C0W$BOAt&H+Wji!j;k_SGgKxu70#qnso(1~cgN7XOJg8(?E*o5u|!+YYR zNtJ8XUcYbR1U7#UfRp!yDoCbl=qitMKER9MK>txxg*55eXI$He7Q>Bz3%aGMK*I+YAM))3(^MhSeIeGZvkvz*A(KgD z?$p@|K+C+!YI573-EsT$r*!H>`K%W=puACm4*!_*8)?x`}d^ zw}ycRDTyNxP1Oxd=*%SzG#0F&F~!SsaPU0zc((pd}bP5D0h{IlfXTQf~z>=B_ zwU2(kAxlqSaoGMeoFvw-hK77`g1&~ZmnhnR&y6uh;P|N`&FB;365P4(6Y9~G=r>Ei zq=t*b3)11C?!+gD^@sC{W}I{${^;$CHw_;-qTAk{OOaOGm{6)sif2T}zlLHroqdBLG9oEJEuNGeY^f zgtS1=dyM8*aSC(Sc>(oW*J{+x>fxSv$&DILJ*L<4!Pl_vu1?AP~aS|!)GCye=CKF zX^izU=QlM5GN5gUx>yMVx{=O3R60B)6M!itfyC-3tEQe-#(`AG{2|}v9lRrpHFXi?_PKL{p9U- zRhI7fg34&jX|*624L1UAr)by5K3c^hE^5H1#(tnQPh>ieZRj?AP2=xXfo2?Lk;uW8 z!fGd8vc@`^j2h`v!12f8UiUh;uG}I#{q8tVC<}V)HEkp9Q*8@U)n^KC9a~g1>__NL z=@m=4$+2KarG`4H3h2%lkFBMBIzQKGQn*rkrv;{`Qo3Th72c!mfIkAKQfFM$V%dAk z?BB&7o9%4HwW)6RXt6r1s2au3mc9{$yx`k+5Tgy)CGzx9un3fZR9Sw4%wQ z7I&RcAm3!p@XZ!CBY@zxl8yQ|^$#bD9??7{d&p<`a9Dh{1qVbc3e2&_?9H0U#^5vW zgsdH>cMKLuR@OqUH^q|@-&(#3rjpdNDZ3j~=093|<9xZ}pqEeWGK;RT;OzMvl>IDvg~LOoY~6sW^!*XTAMjc}QF zzOU2d#vqX7fdr!a75?}UHZ}KjC;F#H#r+o!ub&ms5^liOuN-EnOAgZ$rxy{|g{i7bGmh z4_xMn29lr;ZE?j&8Sh;1HQt=AvUVYMeCq?8truor=l3tTyOgO6ltlWNHIO3Rc{7aC zsy8Qa+(n((ngUoA2!v;~bE&R&5>y{rkWM|M>kGK|zM3~7n$|3KWmKVu7M)E7;?;hm z+OgC_-uTdh$L{ryr)2%PT!%fcKKkZGFfqwI)E9n_ERa~~i9a9^}61y{6IQ_zgsv*zjbD@*_MH;JD$bmBKfqZU^ zgnS`ZOr$r^4%A@vPC&T7ZDWqbH)GVHDK8ox@>+qE-wi2JSAp zts9E^ZXby8lsAz;edfTM_`_H5kD>xEcq@s6IO653PJp837uJa@8#u6-z+I}id}E5m zzHBPb*GsDu=_pyMy&IJ>5k0&+PYEI9DruvD=bxJyr9uO{tH_*jD4q#dGda4Nw$vvh z0>|YGw@2L7@M4J+hj+>7XUK#*Z_4At-!ItQ_H=TJ%QXTK9I8Y(j~qmJ9+5H40lgq=vABNe!k~V3Yrg6*77zfw@-!rM$Am8r|&xFFS4~@l(E=xIBd*CQ}QY{ZAjA!`ANohYkw zg}Q|^R-hbV^qE;FZfZ2wEPl2y7>`inGi+v+!GPN5F_HX3H6-by0WM)?D-bY}yti_8|KK>Kd5A}?b)!RuPAbTaF2WWz z#x-WmE~*&_ro&Nx(>?d)AssD<3K4J>Ig;A45oTh;N5vvbeMp;jqbB`KSjf4j>QhrN zGaWv7qu0M;LzU*|3#omh*dEvJ)4>QNbE`tdSNfoBg}#SD47^1Oo-Y#K9zKfj?z+bkM70~; zFQM+cp(weTC)rcKMm3hSUWA_$38`hV@UUfhv;rO-g*-lRHjViUp>tigaDH927L{b7Job8^ygbn z=__V34kKB&?%+H;aT_GZ!NI#eMD?%%7JmPsP+!3Q)y7+Wole=pLu@K3VUJwY>A3M- zcqWQW!Wa?s1hV*6cPM$Cia7foOA0NG$glK=Ui9UJBeH4UZz5Gqu0f(1W$7`9;eo8s zFsX-T(SzCE6aJ$gy*9rMe7%aL>Z1>@UXg9>$|mxB9(m1~s)n+4f)vfJe&RALqj}!< z9^d_*uvs68-cV&wBV1MzK_`3uC_uRB6V4Rwd1;p~*b8fpa@t1+5f_$ijEV zorLlab-iAaC3R`W3`QqZQC&-9M#-Uu7{Ly+{DcP+Q~hvanMt%1T1q zoirNn=Vo@7sU(R=ZuODgcKhychf>rhL@N>Pb}NF?SaYpDou-k4Vj?T@I<6$w$cT1+ zXqo8!xui*H9r<=cm14i|Dd7~=1oVplK58uVB&tKgGh4_k3H+RpR8lgH49dTzem*HfuNu^{XNl%b>Opvq) z^~M(&^0&N0MVX?(%n>am#N=HdDivT&Kt!2AKl#zfO`B4i)(Ymro4R9n(FmAH@-j z8GMjY(}*`?!ID|(V;g4X&d?L#@jZy~ChaC2che(a*W6of1}S=_L}kC@tED_{$%sF6jo1_co9BMQ~uClw8eM}Qyc*)L~Er&UbS%rj`X zJCzHLslx$lhR6sIbkQ(ze#!*e7!q;hgXl0fIStF`!#`4u9f%`bt&MRlGxH69t~KAB z#nf``6d2pTbpY;c)!hEVnfVBp$vc%tuEZn%Pm%uHg?+TN!;LRVS?{W@2YLlqCc%uNC4WO_Zyw8{Jp~^U@w#S zFo()nSaoyjHVrYI%oAD9M_O}}jtCtwB|XDWWPHvH zYImYo)B6ggMVzHIu0e|REI@qOMv~5PdVNq<2J#XdtPQs_j9X$-w~9Vvq|K+7$I>$m z^5!z!5r6+pOT52D2euc!5vnyhqRZ8VD2a4&IuoOuQzKfH?* z&uEO*A@XF6;JaG4BAs>;$~zYChLR)i&m}}_GCObdcL-D~7D@>dLnWid&7*r{q$7Gr zrf?BO=ZIWMYF62^TtP(zU<<<)nDIt$^Si>O7e*E4nkE(~TXU97^C&I}9olNfL|(Q+ z;mP!^2=Tfqd4W31u>|J6HECuvoeDZyAuY*8O){RI7F!&|2ZBhkhP(8=xO9eMlg0C% zC-7k=n3EAmx+sNhU`(ezKNUf*c}8VMea;F)7jvc+XVOtSX|H_FL&q{1N0(mEr5|hJ zyL894%xx`Y@TMqO<2c9V5(pd62Z8TeD{!$#uBLc)2YXHC@;Tq?3ch`mi;pZ$#N+|? z9Hl_BE0TA6Dvp6@=y_uW;<=_syiW6hIBd&x>(NNQYwrkjYJ2%J_bO=_m?vc=y_0Xk zy{AFoplp6@PNJKn`r7yd|C^cM!eYzjs=vwKpKk|c=!AfBSj_VG?%Zj-dUf@>vuHyv z&m)Gro>5Gl_!cCOncEB13C93`;0`M;Dt3ysG3{nt?CXLU4n$0(8`{N*yRmUu9{ZSG z=l*3>qBrj+C8B)xcDLugwQ`;=ObDb7X=j)l0BfpEe0X*XfO>nDgpTWa*0)pMzhV_I5wwWKW&aTbrDgiTj|RcMnOGwGWh)Kww6qg4Z1WdUGILT zrJ_|l`d3sb&Ywyl19ij69^UO^Ze>x>Y<$#uaK?J@Q>uhgA2G_8vL&CgNf$ZxU^rQr z8X}GbDP+h~x*?9VBBV`fP45IVu(S`c<%;&lZWZwYYf?0;1Z^ga8G=}jGJ?5swz7tb z&uh`7=NBUGLhD=;RO1H@q6@y%!iSQxPIMe0UM#T#Q5=)01DalWsW7C~COcGxH?|Dy zd=b*L-_l>DDC$IN+W*YNmrl%4HiHO@KAh{9^}M*_9O*qowIQP^ z0=pZRv99M0yL*Y)p(7-xYIK0fiXJ5tDzzmkF?YwBg8HO0dhS~7_7D8>H8U9IO9$DY zyrL=*ZWGg5zC%2F0qKa9_<|;&7SRz45%wmmw63(RX`-neX%ScO7V$OMON3NyF?jes@d>4I zUeIP)7pJ3?d$eiOItZx>wCJfn$>5JL%5YPUUfqhmbBNSOWSo%aBJ{{tx)b@XQXd2e z_Y>>w-h5NwyDmuti?pj%IEvLku?0j>l@QJ6(>nJ}wPbswqhlk*#|UPcn20PG+gl{( zU73ikLM9@qu5BY;e&8@q9Cl?jJIif~W?Xy2K%JioL+r2Q3nTX%kM4bGEMhfusBI(F zX8=-j4Q>GbD5(wC|H!5LPsz}H^iD>)=V}-cuP!3+{oII56O1Ji7WcuD4ACC|yBqX8 zpeYnaT$o$bg4k5eFd9aCHYAFtv*w~MTLCX;t> zxb?)JSMG=fiXcH1o;;Stu(3DJtp`5dWDY+&48I0AafRl}x(lSp$>f$eE&UZ%pi#iv zexxW-$aucm|=VaF0q@Uj?lBNrD%0 z7+FM<9~~)es_ml6GOXeYNZPu}3Bo-(Qq$C^aREX;DQjdBv=Y3kNgdMrsklm-N&)*) zliWO3-f*eV1$hKILn7TcC8F|y^^ZnIi{Gb0Z!THL!CMrQPY6Oe0T!#bqnTn}B8i;T zx6h(dcrMaUr*@JTHbdLrKhDbR3sV-|hZTB_4a^qtuCC}>kE`{vF}p{|g-ik7gfqm@ zeNca@#1JV$TzKpX1@wOWz--=rX9!K4p2&)OxcEmS6G^TIP;b%1-gV4IwpEq56gCe! z)K%P)gvvl0u}gC2`aZ|D+yNovBG0g~l1K{@=m|?{Q(OTr*5|pHtHfhj(HEp5W078C z4FG8+!g-8UgL_H|>mF#h;EO77X*7u`trjgc*^O5~KIYaK7+`H>X-AX9>!fV1%}I(5 zMNpE}M}@MJ*4pY}2sskj&$Ugem$Njr<&la5r%#b0rAA{GXJ=(DG394nWcf<+5NhmC zU7B=8Lte&2xA$mNh8qI8r->YIYzf;O9&gl@wltAn4RWhcTGt=3QjFIk-_6e)>Uti* zK!n7=diBv=k&Pju$?Mt?;(6<$%90@9-c+MH#KhQDcOH@k{YSo|0r#)H+J&|%%Rklk zUoJ+NZuIfIdqOYt7%|2BvTsScQ@f%~e$54T5R)+QZT#S^u}Z=aVoCrqq6J}8K_MaW z8NKY>ypI*^hYz+4uA2`rv&s^7& zOm`*Ufsa-+)y3CGdQRZP%TtLJ`jy zpr!A1rwKtI(0!%iz~BH+U{OcH28!%PMYu~3ZIB0Nu)@!<^>y*~m41zuv7BK$Ae&76 zOBG9EqN$dN#bcG#pi^<^re+)ZP~2pS&D11lEOaGUs}cRn=g=9?HUc+tz)C8N3eZZu z=u_nbAW1tdk-dFQa=nZ0XcGD zIGmFKE4p57)96r^)`MV%Mm(CQU{FC048$$6)2`<<#hb2+`^i>>nhWNop^Hq?Nlbk! z;!GZxKG5TWo|#ybUZyyTb78T-;MEB3gW8`>K z*&{?Lv?9@)Mx`{h357=G7Pga<$bV4sG12;ifSSiZN)$7##gumRyVLAP6wH5)@4vo~ z{(S$XMZQI>`0QpXiEZo$PI$XjEUeyb`DW_3Iybch$G>NW{zc^f#v}WWwI3bw6^_IMZu{fuz^^;D5--U$dki$e7s z+0%yetbm(I(gXLFn(w#qE&qCP{zsc!`N*52kMD|VEIxtb8dT7z2>J)!Z#Yc3%q#N( z>JH0>3NP}jf64q-xPNtNE%iS#PyY2-|Jh9X9-v7{o;#=g?^5x9e3R-baB_w}oalvK zO6kFWm-_oME(f4c`&qa1Z^MBnoVe0#lwb17ocC|f4a=jEY?iUVJX1@`|1)8`&!!{7 z+-`Z<%3hq@)>Y?UcWMNU+w$i503Vp(U$^}mo=4VxNztHtGKt{-hM)fnWBv)h#3;dP zo8m9h_3zAe*5EH}rEc-E+x@m2acThI;vAk9_&?Oj|NfD5Dg)4A!6^&f>EA||K?ZhN0Aw_Cq&Fb4p&@&60#znW-3U`MhCL3SV2vaa83IUHkOF0rk+%{R=i zC452DTk}ed)c*I>M|tWmDfYO0+1#(V6hI_-Cx{BH`YZFQ^A6uP9&%gozoBgZyX=je z{L-FBN5KLqVYod2`y_C-Wb(&~3N*0Y#IxJHY)0qzjHmP#6QH5K&r5x;_;~XU^@-9i zvNeMS($L>?8T{)MvW#c7W+>_{uAT1qDNcJ2P=5u^aL?KeN|W+pq=0R_fwb3wT(2`A zo*%E`=-yJGhA0YOV0!rt0&oAG@O_z3{K8JE7TyXEnLX@h?)=K!8Q81yo{)g-9GM2B zDjo3RKky;A0cRPY;IE_#L#>V}x%twL6HIpi9gWYr1 zkz+n}sV9efQl>7rU+Ifj*~yUVa(yj7b6g9hLyi8)3hkf$I@R=Fj;Q;wZK*v8`vYU| zE#sZELmb$Q_)TS;CE@E$6`xSJa2z^y}raD`j1)q0tU%- zsQ-7Tww74l3&gj=)4MIXMB{WCMDmGp%uw-+Gw@FQ+J_jUV;UC%766dVU1jjIV6 zZwRg)W}lYLKV3(Osn7DvdH&rtSziT)x9ED7f%y(D!l>pvt6X-ff-jK9b&$N_SXr)? z&t2*7|MH)}^Iv1&VG||s`7vs>oVq6u;0as#o#SS2Mf76Ctvwhj+a}|5Vh7iC>-a1$|dqYNnkND*tR%7XMcpB5laDL=p;j z+0(~ZG6TiqOFvj;cvj9J4YK~)?hnr)>C1%7yLe|R1LmvH$CIL`-3EVC*fsXQM%o^e zS^Il{1zbUYQhEThq#ZWde-6vPdofb?3#$KLpE{B)muFD)-+r)kD$|c4vAw{KfW_Og zQskr;nXS$5Vsp+`g)edqQ4XLehrD~5QPqa`w0Z8zXxni}-@S|bfO58-h2RmJqOyla zqOwxwC03&M&S$UY-h~|+52wuDsjAQ82N~%zu~@X%_Xy7A77&Oc`@4p`-4yneK$ckmwP+s&6*p}pXgg-0M zEsx7O?d)OTu5?`V#qPD6y(rT3?}MfZJbHKK+6}tDzI3rjSF*^{F#Y+NlESNwuid=9 zXXeR*K7mw%GC9-yj!V|?8uHzoWYv)(-`1@>xlqd&`7UxE-jDGUxD4qReJM$pZqzKe zu0I>fkYMkRVRWVS_1HOSK=fq{4*3p!`(XfG$RR4QohV`}H>|x;lk!YNJ#wqUizY@b zwNCNm5QQv!ZmN{bo*sHIHA^x~eg#c?x-Qwl|)rxL=QrMSTo*A1q_f}gBfHSu^M|k~vNLXJe zil#_w8l^5Y_k<{ z)9!dg0I_b~EKz;YpeZA^eQq|K(JH8&w+eW2QprM&+5D|-(H^9MtIwB)$v>N4oXN#7 zs;uD>k#d^0y)f}a63kSYB@W-)T3-Q*62!-|>xJUogV%vr=bI#0i?#C6$-@xh-6MVs z^kcQnq>Yt(mFMISE#Z!wna`Kiv*R`bsPX*J$+~0_@HN-CP#x9>yK}V)ZD*F+HTxa%HSL$+16$qiuVTp~ z{|CAglYvPX*#1z}{0Ho%^R72x-j0I35}ughH6BD5=2?WU)qPd6t6L?YnuPkLHx~sa z@W0IS$0Oi!_be;*#&+NE@XW)n*~%?rLM$%=__ksz`c$5iGyWo#jVn=hYvf7ErZTY> zXsukxG`Mb{QSFLq=R+0M$y)^V6J^gi;o@Np=<5X+f@&Fi*pgxYwSh#1TO=GTaO3#E zGyYe3JB69O{Y^)d`9N_dhe@u?>k^LdjWsg#x3e&wY`SHi(nNgV>z?Dubt$)$ha_KT8wtbI%Lq99Q_LP*KtFSNq0H4g7ZJqXT zAGyvw`oZV)GQobpi}C#p~feoVS4!>LHIVqU$qEbR0Hk}QpSpdj)gz%Bx5F%|2eLn;`|8s581|2ai*2lYMK-RKkiul8Qsj zW4D^;~*u7hJa}6`h+If?nq8^(pNLT_GquZ=FUShIGK*QyQ*(EM_IDB=g zjy@=YGFrfvrk-VO^&5kt{4<8#6Jra96hj{LtLfz3&Qu_HXk)=|uOWW%iQg73+()q@ z=-D4*vHRXeI@HvkN~C%qu0Pk}(jO;>WcPkGwfNgUUBs9Vol$a>)uW5L^5xoMt)4y< zpVh`LAK|yD1Wr&%Lw>k(zf$`deQyMDtvo5e70Y113Y&Puhmw zdaSN>{p|lk?;26~FZqRfgX)HL|4Vb+4}Pb6_HcjH>X=z0WA3?eb~2Y;4MjBAG~tPC z;KSypVlIb88=`hX*6Yo(;~{c2Kgs%1g*46_KX5)4_2*lo_ks%Ld=+hSHLx#RKbX(? z`0-Gt3LITHS-$JFbZ=H51uv||E1Nxks|9k9+w@gAQ_^STR69q^KM_lquN=?YAuFfc zU_E+YuUa`iWS0j=FG0FMHMyb;r|E-&R?#b8tqv}~5zdQqOgnl!NeS#38%S27?nySn zrB5kPv`UTS^WL2kNj~XS72|3zPD9ON!0_FxQKZkswAUZ1k?zg4 z&OpK_=T)Zu8Wi6%9GMe7dw5vocj$cSB-A5)=gm&Wsc2wr#RrqO*bp6FvmU#dHlLvF z`Fc}ct2ToQR)a2W6VT(2x5+}BF+lgStbe>7OmRPE&WF%tayyz7dl_>Uo3w@)jwz^9DUfb`b0T*f{{Rk}+kg2#sKBm%3NYt=;j;{+fVb?0S;F?tx z@Q-CyPx0Ymv4F+JD95vPO*4Kk)+$6o+t&tCYPZZMO9Wibe%_qbF~OoO@{5Z_V?}k? zF4eFti&kYl;h7wiLiRBdUdKu%#0FaRcmx%(*RH>p+HljoPv+747^o}ivM1p&?UN~S z%AIWC`yweyEm!^s`P~pMoLUKmTTCPRwJf?}I@NxQSCuj))8p9nDfHT37dN+xOnv0PHFWD#iO6&Or+ua}8oyU^d#@zy~ZB+!ecm_RULtZ=9IvI0~F3Glac}9j6Wk#-Q_x8%b zFKM^^gje`PEF}jRRY(&lQ%q^?X{f6p2c%fY;ajnC`_$B~+3UtdQ|guW;S>Tr-pBO= zw_MxZ;GZI;5{=djMhX`3)9X?va+@w#Pvu5hHhl_AdB%z?9~tp^7nU4YK*97vS%C2{kSaoFCNOc~7lnv?tXhS#Bff z`kg9S%%cq(5xU8%B4y@zX**GAGGYt6Jg9cOyh?d!VExs^P|&e96I*SeGBccW=}w-y zdgO~&W2@OJgm1Gv*E{(N;F+mYkvq?jvaXm(E8tCZP{B#k|7^KGV{X@8+Il<4%kf7A z`~6O{p366Sx%3lTlvAPOY?mqRFA2%{?1kzZpX9l3_?TaO&ChAK(k|1KAInqc+!Atl z(#~9-2Rok12e)!o%^X6`FFzCQC)j-Lo5(035}=HViwkH>S-j|&$#FfSDJ`28s1QpwJjfQO(YxtS^m)Lbv zk2Fbf3|?rDTGHc#b?z7reO~-Kq^QmpJMV42b`{|V4TV?@X4vAp`#82@t52O~lPjPU zb{p8Qw#PE19xa5I;+|=DE|-Y0Cj*f?IAWKmlZ)Qxx%nE4{*tl$Z*%Q`oYGF8w_di1 zG1fwoHWt4+d#EZWJIP&~VG%RyCdc}%G@pfD=3RZ?o4LVtd5*~(_J;c;)%C2&9EVC| zRxNXiJ^DgxSZ5b|O6$!J7j^s2E$_?VX6i#O9?n?{z4mO~5I_0BH&H+mly>Yk z)r%u4I-aiQqgY}55oKjri#Moc?8rAytyJ&&ZBi5j z$egEeIK&Hm+6sPeZ@ZGmI=V}yHEgQTWa=qlQ>oajGzK|ZC{V-b1Qhwh_tqr0wxKlj zeyJDh9AYKDt)h}N7Y83tB=2J~USZ7UgZwVerwEiS_!m>vD_OLgrF*N~w*(=5xOnG# zuSFeIF|_Fw*|kBmJ}(6A;W>`;Yu*YQK8FCuV4aM%#|rl9-nyLZ3(Nwha+u>Jd1@Gq zS&Xd42<`3RR*5XwGXcrNcp)V06g)2<4EY#gKJSU)UCQzQBsb5%jv)hte?#Ee3&ay zcTiXzO7ahfwyT%LD;KFlyZI(**BpddKlf&Bc1t z_`NoA6t#VjfcD{-t)t3-?#>*D8?$ZsHC* zhc>!m_%Q5A93nmQ^&bZNA2!`zg)mFonIPyc@Cr#d1Wz@*Nvqv0PDTxlh;z3X`UOth( zKpOvM;S(3v=I>z1@(+1LeYI+Qlf*SB*-c=fSKB%B4g6+2knpq*C}WnVNKgEjg@sbc zA*OuI6ul)WK6xYpL3PvARY!bwp!VC^!JLX0RXlGkLBP_rNI71b2T;M&zt8$C#Mdu+ zck6%inWRe)($4EOsrp)5ZHsZhESKx<2-`G`c$KJFd5BQon3~t0(bY=tr(_$$M|gdc zthXN@OYYYFgboaGld7c{7a=Be9)jXAd`~XXH1)p7&eKR7GX73J;?xE3H`~2CL~Q5?N)ngAVeB9zVE0pD?PQ(_+H#iWF@BGd5DC9oQx#Isl(^6-m|UXh z={H)CEyB#7Hwmi&9i<4C8}3(VZUU~i-4y4tpckLo~O9X<>6F=Bi*_F`m1vxPrelM&3=Iw_PJv!a< zKTbFQHoU0h;Ce|k;g-SNd{`NaPIjmaG1k(q@r>4bu2#5Z<+=23VRyw@!o=fx#?^9~ z2UDjFf%lu;{W{j0)gxtOlYT`-j<$s0oJTzEx4rq_d^$CzO5EFY+9Sx2jhJ4V-q+f0 zvP(=3_rYP$b}-*AM*iawxMp>)6I-5UoV}1vDO1aPmcG_R{xE#GukT24ye+ zg0{lP!G$Ys__@Y`HG3m7lHODJ6#_Qev1e=k$&wR3g?p6Xs!ah(xSkKsrS7{Q5ubNo zL8Z>chjdFvP)(QTCv7Njb{^4Uk4BPRDLLwpe$S6ZXklc+M_8!WEf^?MSUc})D2AFV z&YeZ}p~ef50$R~>&4lA4gWLrn0br6<{_^+ZwX+99hUB~rnFM6Qy%ind>z-{kI9Clm zer>l+b(&8n5IbFLoh24*$e*1Gxi`dD+F4K<&78TpOtT(9G{;Hg;XNWS?MM^mAv9TV zC~m9xG*YKo;P%Afa*ghh^>|ahp@79|&)~6tyZSh7`N(LK&TS88AD$h1eYJNS6X5M> zXODJ)vII7rv2)XAz;QJYB+%Iqc;FB^;J#(&dYH7oD^N%;S^iXK8W)=;2%dWeIS+3; z-Z5-FRYAf?RP*a^>y+@n+jqlc3~i6iYV(a(6r~jyvq-=jOC>O#=aNpB^OAs>#(wo_ zovtOeJCAhVwPr@S@3<}gRK;+;sIgwQ4&`?Qw^DM9X&Ps}ipG;a^vzb=3xJcP)N>j< z)KQY{)e#);w2yAWbXiEfFZMzf;JQbiq-S8 z7MPxG65wI?0`S&M1Oa;Bx#@2N53CcdH9SIZNr0~Bb*m)IyesCS9NPD+rv~g}JCO-b zw#NEF1xav|_-Mbcsp#wvU7}R;-DUMYp}NJ%exbm=>!953)hl zuzGp(gC3v2dt%^27Ss{?GdQ8~vlXm5KQ!O_Bg?5ovxm~Dm!m7$o;6#Z#Lto37&dn{ ztSfvEOe=6h;5@Qea-i`x&z~OdKO!YjEVwbdi;~Q@e8JcLh$1SAU&G8zjq0+Nm_pUN zns~;!ENV6*wBi}tB9C3ik#SlUJu?ZAi^o>q+I^>Zlx`8>IzBZ`!?o+BtRlA${X9PLvCtCIJ~l}HI$Lx9*`=>z z6X2{_vyrt5@vzxtAAH=}olgKi_n0jwYr3M8G3R}EsNS)i5~-^*`YzBauzCTXRSMq_~3IHPJW9Y!{!O7R|Y6u)km10j(Bdb{Pp+z96ml&r6hwH%_9Wp zxw*BT>D~8YeuEV8fW$;hz~s6sSUI+Y?CK8q?OzNNl%e*xPfP;j;K$qZdw8LO_6s(> zC|Z(%Q(s+5p%!(Qb=d1Bb@s=ALU&zP;lLSgKWwUbIoG3IZ^#fSc^rprWpACYO)G$F zo)V_dy^7Yo?gFpQCu2JnXliRDAVKk$tGe~hV`jI6$943Q>Bg>yD#w@3usu^xS|8~M zaG9KZF0-yx@M0Yiyt=(9P^1m@HM7!^gu>lt&WTJmPJYyh?N*)ETfd%=fDEjKJ5(wH zNYqJmXg@HaOmflvUIV$UC9?COyd-b6Cz2e=wf?R1Z}BflxU$z{iIDPxp>ih238qp7ul_qBIuP=~RGp#zFomJF zK9j@#;0}^9opJ+xSjzD0EK<}K>xkf2>UxKByn48zfGbC|wR5Y3)$ql@d<)(re-ddC z=!zP9hxPQU&K|X04tRdz_+;`z?wPFIP#DFHZ}IGf1jnGM5BrmEn!t~02XzbHPi=bO z!6(&(=(Qc?xT#S)c!TY;4SZHZNy8p-Sa)|DIrGFvkiFnO!jBF2-S14iX}Uaf*lkt! z`sO_h0lxLEk53=2%8_KbeJ+;fHYo>M$^(4$AP7vo$-mRYHO85C+JL9cKV2&IM4)wn z|6vJz15iw`x9O=-112!(n6qO1IE7~@#sVmAKrt3GdX8T1XuUQE7vp2A<8pQYbk4|=HFYnz{Y8A0vJjO6X0FAV>Qumw$47dMw>?73Lr z_$`VIJVw}dJpCx=*P>R+x3lQjMoG%;q~JK))J;7UyZ$~@mmi4tf2gtXDn<0&JDMNa z{Vp~SNx$0qUEl`)+4%ux0i>mdvEJE6KwPaF>FIWO)o_&kQv#FDX2XSQ?=iouv0eXY z>w}89yo@i>O z213tDC9vGYlpa!(}LHqKXJ@wy~G}Q8<$xOCkQNYoLtc;o!Y3o z5YV~$XtIUA@baShhvuZ;`De>Pcd3Aj@k1Ysg9aV}>GkG}maUr@Pjm%4S0?}$Fj=X2 zN$#_p?xQASizZfA13}_fVW`iUj02N`FKb4LIna1tDjdf~^mS_Ve1uI}4dSg=8AKix z*fPh=g64|a4kc(gQutANnXjS)pQN*y!dnwAtn9C*=rHn zd2WRoL+)~cFbN%!P^;lI_x0K8qo)E7JrG#`S29gT86h^FnUUt9hd_uz4ac?_ycaF8 zreK-~eQCjNBXa7q2^1W{5B=H-#3v#UTO0fB(~}_SLZ!~7c80E+L48-!hRG0k-OV{Q zYt;d-LJQc#rDpitR!zQoJWQ-qEKOYB#bcVh;X7{7AzytjuE12;EX&@Vhg`|u_C7MI z7@4s>j2Gz0iII_Y8xp;b)?q(YO%|6~`<6jps>=~eu*K~S#f3v(~$9jCn-onR%NADpwkCe>jOLDiU}Hs&y! zRxlMkPCC?n*KOF8&hw{g`#2iWdN;}?VU^_Xn7#S)BGY08E_96d=O;_|Z&^om6(e#x zlCKw}KJb}@$)5b!{SnO|!=7oKPwB&wM^9Mp6xWNZ>}Gu8$vSIWa1!aK6Z*NJxq_Hk zBNXf(&*Z-CcP`<3_JP1qE#<6~!=PruCyE;8?EZGcH(A6sg7Ou)MU&Pjtvwu>B&qEP z#E8RW(lzUdtuxM*UulgQyV2X0|a}dxNT{oyuxZM|1YVw^Ke#Ulw;~ zHKb0J51Hc%CcSIk$BqN>zVG+Ow-)^_SJkrWjK!*|t?m~5!37`$QOZWu=FU5ToSwJ4)`+nc-kO_OENH|PnsaIu+rIP7 z)G7Ox{Kp$$D9Iv*#_E#cC}qYimpt(_5|29#JT*@w67ZxAs4yn7VcCd4Y&*9L# zG*U5iO<*TyvoxBvzmK~;_PJDeRXijOo0c_XmFdTLz5vm>MaH(F8q&A*d|V)Xe5@e&xLLZG^13>;H*4j zRNSlT{Iuo1)w=fPGhdi@;c^!}J+b^FOJ2cm(Z**?# z6En>?Qy4fug@U`VQfa&Sz)=gb$`?SP2F)Pu?pEdrpWr=g%?l&D*?Yvi>Z+XgG5h%g zx_z<6p15}iY$xl+3f`paQn{3vCBuWNm~LPe?rss7nEQ{KG0%#;NQMQ6Q<`{0H{xhy zhV{NAkQbX>s^_#iIH9P!+Z7C9QQ|U+i7T z<_}X!bk8Df=jut58ILkB)23k}Bk=hjW|WQ|_h)|zv%`yA>MebOpFkT{epwO_3*po1+YK!4Du5zLQS0oJ8M&vGCT2$jO`SrqX zv1)wxbcJ!?Su=+VO*PnW?K(MsW#mMO{(OaQsg>}~42_1;(WXv%{gbw}zKr>FnwuUT z7BYC%Z;xH;QQvo6Y)>lHOHDx1YR&rNT)Dr(<3D)ZOdJiDiVtJP$JL@eG6r71O}>dM zTy7H&8+!H3WYuNf6WTZ|Ma@MX;MTd`9#A~waj@D7t|{&QX=C8e^`sWg^q^qDQzMzj zIfQ_;{7F1It>V^fT_dZ(l-yd! zmkUSmee|N8a(WXK5!q}wW)@vp#*VV33G!Gbc7OlK;8?|RG_ifMiBsV_!0@#O>_dU-o zzVD%{TV}wn!)8qRs`vwWt^0sw{iA5zV{+`^a17JV$9E_xKhvV8pH6&y;}3JE zc-P-+cgwo;0jQoodh@Gl^NVri2dg~_IvI*lIRB5mw+@T4>)OU|KtL2kK|orOkd~GP zkuD{rQGua`kQf>PK?&&|VCW9%7#bCj&Jl)`7<%X$;&*Ys@14){KJWeej^q39`^RGr zhdtN6_S$>xwbwe&bB8X-9r!JrorG=-pUxfZsY_n}F*fXXuOVaCP9Gk?s+U=JUSDry zGjaZm#eJ^?Vs@2^w>|Zc*;|=DcSGEP&KnAIUkm1UCP^@jf_R=rYWo7IUj}uFi;rQ) zD^4eC>*!66N%N?y0OTAtpQt7-NYor6=jJiIK4PiT!VZ-K#xwP&I~$1PRJHvT%dfN zfetAmorjfZB6ll_*vT9xPd;Af+UV#1J=lzP;kale_T&cEq`kqLW`BK zsx0`G{HvO-l2 zuQC*_#NV($4osGFu|Q}V3(K?Rmc+Eqv|NTbs;^o}-+k+qcZ`or1_Enl zePBLAzrg5vikfCzi&V!-wPhM##VeN&L`{85*@NkpOl70^NH|m0#|=_#M%CX0Z1n>< z3-i%@9suMEsk0ueLgVkPCuWy_F=U)pVZ8a3g9Z}b< z__(6+iLa&hB#rtnE~V+apx!ev2_|R|oN3=qUi_PCSfP$qwgZ*{QJ1KA#)pG@kgdsw zBNr(T_b51`G%b9qt#WeJ<>dl14!i?*&G(sxs-kmx>e|v)eO2P@n@?2)?I%rfWMuG< z5}NH>s2oiAK;1uGL5J;?M&`W(mocBH$Ae230#Rvi;eth)wSI;!E?T%;=n(ztrmx=X z*CHnqxrP}gk_~+WwDRwf{bE$*kXF@#);TdBc1sd5&ulbr_fpGOsC9pHjh#t$_ufm2 zzhbH0T_+1YzWY1s?D|W;S2Flrb&fH;I8~IHaY44#8IS3uK)s35YY4d7R^tNsP>4c; zCi~0BEpYhEhlni&zVtR~qUCGWBbO;m0}@9Ssai`%A-flm5LJX#x0l6ql~pLFStV(O zxU({`P(=UasSGxi+x7jy5hK4@sR9iqTf|HK63g!4CFVK)@2)(Hsj8P>eaeJRe}Gqx z+XK^TW2)Dyp!W5hw`?4i^5|PgrYY=^^90J;k9;#kqw?1t_H7Jo(^p7wud%t*ftrXA7Tz^BjM-ml?F2c|bHB(;groc#zKn8JdK}Tt^^@Apz5cbn;SUz7S@5M3o#1+1L^f7N>flHO z0nb!St6`32WdyTh21pa35^qWgIOTAIkTo~FyzvZon5ZUx2FX=8pRiF+o}IBf!2~2d z8r51AAX#s}zK!PeHyV)pIjE7XzzUi2Zn4B=0NXbo`VUxFdsYF3gp;rlA)y-Ehmx1a zO_ru8G!7;Q6u~vLJhU}Hx3zCpwIh=0)4@FSO$fYYu*y0~SWXi)K85pv@KR-~@ql@v z863)?*Z4fmXLsJx#(msNa;eAU@uZvFAM51TPmH(xy3U9Ue?B2U{Jr=fb)V3WEsj0p z!gA#Kkbhw4W|0oHh}ZE)8i}{h#!Ha59d3RNHF*et+3ymGtOST`DybsK3b@9w?f6@} zf@5;K#gMSqenNvS!|J6|^!mxpBAdHqDLCY?#L;?CqA@&pPM_#4kfu zWHx?&Exl7>n=$>^`?5pbkGy(;Un|{@(mSy%p1XOphs#%Wh@k>VFDBVEWDQFNkF1S0 zKNoMOM0|cFZZPo-vGXhel>MUP)FO3t@f&rrNaZ!}u?6qiS>)TxfQTP+&s#16`a0$X zGNti0B`lgJd=G}-1qqfI&!?1aOjJ%-OL%NFY?e-^QFynSGqvGdXP@tDYdoq$wETdpU%*=U!div@GIl^`3M@Ethhxlq(!Hp8c+KHT9o|h88yJfJskM@;VDE&VQNDXM6C0UY$cQaw)AcT_@#jDFl>qX#=2K zed)aEzaQMStatdv$q(bqGun8Pa`M!j2-Pq)H`faB?7`U-omf|5H=MSVknsqwVt?AS zg-W~uT3f3^+S#B8ClQ?@k{mWFrb=bBB@9^)GLU^@fj7t>OBYrP#%8V$<{l;B9h6me z^wV?N+b##uRu{FCG2hmxRpXrSoqK1Q5O|v8w58n7yR)O8qcjQ$E`6sC@Uk3wxwz>)mY|l(x%xFfFh-vvHDOoPdvR`Wh6fk=y9dxH_DZ z@am!5_m9MQJwPgBt1<;I#Co*w;XuoA!(um-d+tT9I;>6WUX!-m>DzNH<)sOLgv@ zEf&u|zHuPHU7g;tX=Uw0`tjVjIZ#&~Yx_;{~S*-n$O$5VK} z+nC*dZ~!f9StO-#WSc!6z^wHQD3AYg>0ylXY|=bhaI>&ywX{fYY$TayPodd;tMh!j==%u(|d11ig(g6JBJ)>fRw z51YM>6K)Yp+Tr}tVEftbOLAiR$TS4w3cnK$zq~NoXp&HvtpUSJ7PB4{nU1km@kYA# z-0iNhIiiD&fsr*GDDQmxG~X>N>Kh}^qXf?zMYQd)OJvv;rd{&N+|y6|y_e5XLebjybM>g!$@l_kDF{&COmdK-f+yY!>PlAh5^{?(7+6X>c3*V>y7@9iE_SC27Xe+^Z<3U-=5Q1xA zTK6)}^15P2N0eRElbO1i&g#jy8RV>25loz;$sVr(0tA;{_{=e8L)V|4l->gJGvF*> z7a7r7pg!ALf53U5@WJyLJB9FAP2`*Yt54Dy!QKa zroLwh5TGb(q#IvGbm6ITfgPAV+d99yMvd+&O%=5j@(jE|7RArJE&De@j=~xCi%T=n z9W;yQ$3GT=)R${dH%0P_-4l-iFPzy%eVI#q2)K6hhSVE$gM%Mx=s(?KsJ0o~HkoQh zD6v0mIeu=}$m4*Uc?CfmQBJxcGLtKv_}pN1m}yhO@<(gSQg2d+tESM#IfMy7bxXwT zp?cV1-Xda_Men_x6zHXhDW^>A>g%fqJW_=wH(v~(;1e#{hZx=M z`36zs^(Ad~#gzb;lDRD6^K%1S&79SMR{^&7I(+r(&}E#u<3#3G6#9Kof#4Cg>dBrf zn9Hosxz%%faY1nk6W^2asW*l4tB&%8fp5jFOgpX03q0mH7A{XaPwc3whZE>pd`Aie z^{qGrC80w0V!A|7SsWSVBK$`E!UVhw2 z^YKQ&yXnvgC3EIqNLKcyiuK;CUiL#1Hs(F-Nz?1mGos$5McPG(WBO=}g#C2a8Re>k7Mxjd`7{YBI1r!!FSF(!gN8%wdhnamv7Fu?o8xPt0tV9PFu9LLfJ?@QS>ZXLA-W$iPq5?*fT0Fg98L!>Gt}E3-9|3y; zzHAo)Q{A{8wBEftPhe?IwE0s7{&)ocqrUmmOLK3=WY+>g@Tm$iHP)3qlX$F|Y85%A z%2-1>A_7pBSXk83YNSK>3l@BuR$FFFT70rnp7^wj)pb7v&h6paPZod*aE0dp-N_Lw zAR55|8xVVj_#mGlSn{+IG$1kZX<`iE^esQ9*h^Ap-(3+Fw%L-NBntOU>;hQ~Kmlq{ zkDaCwX!hbf7aCratq|4zlOAukmkzvL#{*m?U3-Q>ODm=^1X}7c0axD=cXJyaS&EW& zd<3$*$a68XhKrF>xe#*J*X&(iJ}W$9rj_t|$(vky4F}ikX9d=IFMxrbt>|?2%$XI^ zFL*lOa^nsC>}J@Buf*PEqJ=?sABfSXrq;Yiu>Rl>vyrjy0c7m_iZ9QfOahf^=t9#K z$!lFR;)H`_%cThAnpeLZP9tm$Pxv0kE?-<~(zNArvan3mIH`s1P7tzJKzwq#Jy|`n zL&~xNYHewV;#2o(Spzws`lpxeulFl*Y0AnJ@#5M*l1e-FC5o^LS!3kop}L5%vv007 z(fZJFPVkcL0qSGC-|V=y$m&@(0B&e&h{cKtrL}+5NpXe1dMK3iE@MkRsyz@}hotd` z#QRet+O4Mf*O<2buA3>mv*6RC1NmjkU3GYe^_{v*+NOD&t+0pIEvQt`tuiAJ@Kw;u6rFkvTz3F`*pKYl z(xxx9*7mOxBwAciH-t)9B0kK{^OtOANS1>qy+7KCmLk=mf}idR5?d_{x4T622?}iA zR-$k(*8@G;vkpvF5Iny*zmbciIIkx``s0R9brh1!mwuiigVA3H{GyWqZ`fWD!n@oi zjSOR4UsXA;b|Iu9OS{mtgO`uG9cimIXLi5hY_{Z2R z>Z#F3AADBq42w{>*2)Pb4)VIZug0WQ+53)l>2L7EAco2O6b);8;h?Kt)eT=8FEv_n zQUFg*GaJE=sxC>!K-l(wNk0OAwtf9J$FAw)-}hZcb1b5ZC-d}qYmq^r&M(>T&`P}h z;+jO>r2v1@W7hC?I5Jx2$#ChYvr*KV2Irt4<%eIe6*cE_C_H~~eU4@!o;d(OLFOdq z8BBJ5egQ$>0YSK5*--#=23|=-H5&K&E4HpxL-%_vr~uduHS+zjU$W~71!B$GZ@lvf z;Hc-6Nb>bdayg9a_0$sWc!6a&7hly99Uk@OZ&bC9jR1SJ3tA!fn|Gh9p!htUp7iea z6`VrB7Tan#ThSK&<>HI?!n5;S5V54>i1YyS>LNM{{`ETLLrGa zu0A0*1asph$zM%+znfrN=&j;btW)bBWuyQ4#8})q(}b}#&j9#OF&nwcaH_GQE+fbc zv#yD^cKg;n1Nq7Er{S8<&Y&5t>F#^}F}^H3pP2!_|;;bt(Sa zQ+^-Ox(eLkq+gWV8uiLH0v1>P{?NzRS{y&${N)w?{J#JC#Sp-dm3{c?+FyI|M>zVg zpKf#fd74I_B`5^`6N;VBdd#h2LDtwc8(Kr8bkb zHwxXx=~;)i5t=n_Guyf(5jN?sUx@vzu>NfU{602+wEXKQE?qxHgYrk^EX`a9Vy%44 zW;VSraYl$y!$~-;q`6Q$7r0Ql_C?KmDU!QSAX_QGhN2J9(3!197$?dW7~PhI7vJB0 z;(3^o^2A*~nnj)2O2es%>5H%_R8fAeH>vXN?kJ^V6hnQsS{%bF%@g?$DeUVh65cv$ zsS*!aHJKB%SnFp<=I(y(W@L2u?p2#AIO_;(iUvx1wDK~)_#KlD&N3Z9zK<4YDugT= z+V8ORCEvM?fiRsym`{KG7bwAfl=NF*Q44lwG)=?J<{h~9(_XZg((gI0To{cFXwwa? zn!(lXr6|=pmFq9)!$+*taqS-uPIM{YPqIC?gx~(-CjJ0U>&E|k#=p3me>ao=-&p-$ zomW!dvprX6gn##5QnuGlA=LEHiJ0ET>C;*T-p=oSzl(_ctB;ZzCIOtuu*fV8=kGu9 zuO9EO>FEc+mT@CEIO*S6```Ybf-ue*f!V_o3U-K(`_j6AAv&f&@(Dm(2u#7_3t5!^!_~lSrUjfnUC; z{7Z-br>&5Y69|bF*S(yo{&AD{j6k;-nJs>Yzy90l^ryY;z7;SRmGn{2EZP5c6a4Sr zy3Yu7>j4iB>3^8-h9rJY31;lJ*Zw>@PXX}xU2Kxd|HXcP3`gYXl_jhB`gi`hCH(HRvgY%By*sX``c3g(gGOuSjgfphps;cJF*Lx zU#rRrYK)%W?EW@|mEV;P{)fHv{=0WNY?(?g zeo4GWmxD69l$0lNP}NqkHtC6=P+mEN4>IA0^0)sH{m_8akSKs zb;WxIW`Xi}u^!3UZ65$5as^M%R*lhVfOs;r9etqvSlpV#2QmXNS#N=od9)xnxvMm# z`rl2pFGav)aa%H9`eVR(2+klIi7F|_p}hdPuf`6^<$1Uf10=c?W*XhIb^6wTTn7$o zq@;;TQ6v`5Y=SrD5I?nZQE(Bcq6;=giMjI@XchQRc_>qhUILmpi+cktw;DFSGGB26 z@4|CezFJfQxz0pR(%y1w&x`szCe2(G*JGvQh0v(kuC*~6Ci(D<;e&$CDVfPiP#GcJ zuHQk+$@2KGGIRPGv`?H@K8Mi?y~sT~g#(~5?JHF?R_%(qSXKl5E15DT<-5ee7J%Lq zul>bSy(-IKcOypJn~O1Q+H8tnZy=OP^v9T7)Si@lOpl0l|rA+?y22fxAmj4d!@Z?5xxD z2cpOSM)Zz*kFRU%-z*SCd0-P67Dmvp{W)EMLC* zu^pjuJr7D`=!V+46+y@MU{a)UiOU-OMdkamW+SA|g8{hRxg5kG zRm7z((_hwUxj*KFc`7qby|FD5$l`SYnEpz+Y8%A$2{xX-d|2l}ZeeJRnEPAh@QsO| zjh>i8`p6IT?oR7#!P|y&$|6Ars%d074r6 zQP4)_SLJ8E5+{o{-GQoW{d&KFcP_qXrR~HGh(>i`+|(<)pYoxt%!aelMOe4XE_-RV2@H%pTQ#_`MJoE zHdh7+N5nsrk5B>}np~S~CmK4o>`GH6a@0z!HP8)I<%RyW zF34LahaY%&=-vYIVmX?f7?npH#}K73c2kDmEcLtRH9W*_yR12_kmSGh$M$ib=Y}Oh zU1sL;Ie*<8_^LJtKpdcJG8o&g_M}5s^hGXJKh^5^rlMjhTO6OrT#=3s!DxTl*jDZr z0660CafH{zySjvYq4B8Mda%Q)Z5$f@!S>b=8KzJ>P{i45if-0vK!OvX$llF+0~AjJ zc8^J?y`IYI_p!hV`m2FkaUhL48&}GZyDw4UShau*?PaBQLrO5PLSi#zZ-fRdRYY}&QIomfqiXa30l@Xa)}a7mm-zV( zJf#aS_f7swNeP;r0xHsscPp>H#sz=~q1NdY|r37Z9Lfu~pilKlUBa3>0x--6RPZ`Wh|- z*)psliAw_!rH=zLdpsL8aN>a3ODT)~lsD)=-!s7(TG&1Os^JBAfLs?H>8*nrU~+%I z^r7PB0}aH0(zX~2USH4iNI=^8mjX!Q{qP%4yf%&<{bjMt?*;!YWRV)aqJ#4H^U44I z4I`Cb`5P8MY|oCz$ZXmZoyx2g+cPasB=2=}u3qyxD*S8}<(PT-^m0r$4T9RCf25He z>9uq6;UY^_$Pl&orF$foM4DGIX7UIzJDj78XDFvTyb)BhJ0N+f)Sn{k-%kpD6DD>4 zqf`XS*p=PY^5fQd+xaGrE6BCvIGgN!l{WxA9nN)8?oQy2;G1Z+LpFC1ky+id?3(kD z7!#<{AGK-n=z;NBbnh;)FA-}7<^nQ@66=FP59Pd;gF>vwi2+&3h7{Zp_A#+FE264)3^|;u%1+6f9r43sp@QN3OcY=slJws%)BPyL8?!;XGjBRk z@076kJx&wAy*UQbOyr0YZfcZ5T8{eA%=nu@fFc!Zj*=mOQM?3W%kF`HDB#GM02qBS zx7p1Ho4^byuHm=R==s#=uN(C}vGwR<qlrJ!MPm*Sv#H&~S)LTI=TT~dTt)m|d5DM_K%sR)7fnA&i~ORfx$%ey zPzzhvhTV>ECCguMP8LknP1v!QJm(*$Jphn0^6PR%`Uh;83#rSgvy>?Bu@L2TRfylD z^=STD>K6yG8)iN60)QZ&hnre{v2;KKk1Ni-h`Yt7B-a-O$R@9oeWmr-878yK&wqn~ zFUHq!_8v*GTD@$kX*`~a(a4vQfbRx|CiDP$Su&G@SWf7%ctDNMYBXJK5C%xWy|0q^ z*Q2i=yJqVV%+@5Sv+KnlK?5U+AIyi&2Cg?eZ8f$gXAsAfYgA-h5+b(q<6-7>tR-fr zb7=SY4In+=WiF`-Hy!zYT9gH%;O*;Y8f!Wavv4jBXFiYG>vt zy&n|ZV9%~wO1^nZzSe12D}xQFXN;B@7<@M|5Da3pS3Rojew&(nw!Z6h27Q03nfOTUb+ zAPRiD_6Ec`lX%VFf+lLfA4Cn|u0()(L?o-G91tEgZjOV3Rwp}KK2bVlKw$s~cbe#d zJ8Hxwyx3b-1@zajXeBMT9~+z~qYztz{@UO4 zs#g480P1K>MFci(s}*Dw?Ox;KiR;#Ycqs2$VBT;(QuxwpM2=X=?Y!z{9UxR#hgqc^^j!4Pj8jIEMo7Ny z;4LrTEA64Yb##&6Hto2;((_Ff+6(fAEecHgtTn-<1J=D7Q#V(Oj`+4$9ug-FY*3B} zEbv|-DvJ%P_1`XcJ6Fv)-Pq;2=-?L6^=P z)uhurqhgP-5RGQT{VfJ`LsrQ?_2a4jO4m)i0*(4JS)odZiIxLDoPbg;^ZbpEy&&Y={#o^u3|lX2WK=S1(&Cqg|s(4h(xYlQs=E+sVW|bh~-?F+#b11!aWh)?`+9 zP)+6s+l@zQ_&`PU)F=@}Du~u;mL3n@Z>1h4NE+v|dNEJoG{03fr!q)Qu#E`DV=*CYX2#nj&=i z&j88VXh0@z*joV|1{3tor5$DC2Xu+{{^US4UhH(jc6V4z5e)lR1NyOB6EyHuQt`tn=|LrM>Bp`!hDmTexyRCeuf)YnAKalbs(!edCrH%f4sj1gxmD; zpW@qOB>1JFMN6L$Ch--__ZO>-;9Odhh0k~NLC&p+Lgup^fR$O)i{na!5LWGQb5Tiu zR8J6UHOKx^^zHG-)J3tzgMK0KB;gS_;1p5cae*V!M?k*HJ7YQokTj+y1RNrP*!`#p zBGtL>EZ#EdEKH=1YwdIy;_;|Znu+M*J+ew!s3cs_dNlD}5!LR+huxu%52SIxZ4&k# zoL9uJp+QANX#_qY?F!z42PfCd&p*zmtX{IbJnkkS*DiiJ!}2nFdPx|Dv{8Mu{7Gom zQBu9Zgvt=`bTuN6{A#M5P<9Y^(U=n%_f(50;7ztk%TbE<1mY_ohM{}DHF$sE{Aik0KdKkm2=g%O%8lRn;mZ<6S%&(dyw5sa1mB!j?m?3)(<;5ijiZ@4Tb7zKjH;yrCfvxCr-b8f zK7bikp4r4Gr7KEzTHRJK$o7{-)@;VwH(yTpa9ff!J?M~dsTDss8?2lb=^4{CF^9W| z0!Lg?BYeOmF&n{F9s%BZo3dr%TEGXN?LZn)pD9pdv(<1uK{pFIA;`}*hc&~Vwn zdM4KWOPz1mAT!jb!HfMd2+;7Bk?2xVX{z~9`$`=C9>pU@96a9@JReu+f$KWSfv8Jx zbdLGx4-@b49Q$}qqYXawN^1Q{_cZiHHjTK)Ge8W`7EOFKJH|CxafR&QZaS^W=9#uQ zt-V7}7!NS6F%dQBS<1&+c9ugTbNqkLLmB#D`(5H4?~2|!`~$jjKk6oMXqRwE|4c4E_yK0Hv`lr!IsBnD0>RQCqALq?e5^sTlP*zW-94%sUgy*GhC z&HGX5`00IJs19!Z(S^K<%R3i|qCq9mE4q$)z5@NvwL=>>wvS#12S=Hbj#gAEZ`m@m z9+{}EA&MRXVVQ$&PDVKaDGMCkgme0N7SJkMaz05GD5|ftGR;KYEb9i;e5W1z-$^_= z1PE^KM7XOWDT1xD0FD6hX09i1OP0#Quw{be*lyqGDl~BPeA? z((GxO%x_u%DULI1T13>w$28%TqC-0Lj`2IqT>NACDeoeJ7S4)t&zA_|$k?=6;g%^u z0%v1+XekJ^fuxDT`d)86%JOC5$QyNJp@ZY3!n?pLsWG=FN1eizm%9M7vB?0(YX%*D zhu)i6=7aZQiyrJ~y5XoQg8}4@Iz=Rnt|x&^qB~GBp(0!<3u8;?&@GtI%OXsf(ZXue zOQ=s!+S+Lfkl`5u4b}Phu6j?L7_Re(_EF{`$4jxBIHx=VAV%f1<7`@!8cBt(Cc#N~ z{uX^n-1NQ|C1Gc$@_J_NpMliO$1&^b*O5-dRV_BEFizN~Gh>P473Cy=ne${i`>S;h z3N)Vn1OK7iY>d#l2jwGWXc!Z=xWMo}1#8g5^J(hM!`hG`#{$N_=w7BPy zB0!mI$jEFD+*SU%YhDuAzqfAhn>@Ja0XlqkAY!*4A$Wh0h|Ijp;lVFWZ@==cZnthO z?|Emeix8bwHJ4`q)3f858WJGnh&defy*2e61!Z~#D*aS3fm_7cPFGAMjd`DMA{4hA z;09X`A5#4Q(7F;ToPv#1WZ~cd^mdB{0vaVPBP#;K%aXvj)j{rD$>{oB zRzg^|1!L`h>7*Bxov0OrKZTkR+?lAgwbHz!R}rHXQhZ16rd5;<6JxAvj#-}XArpi0 z`-<4=OH3m|6w+Uh+CshMZaLbkKk7|dN=-tiBnkIA!SMg6@%Y{4kouN+*K7NS^KS|F z`%DCNA6_>A65D~~tm#-nT&D8$nc*HgC+{kr>bvHBa9=4ZaYA%1rPdn9Wy;?4q)p*r z^1(~4(B?{iM$bk}vt6Ytr>txc#+wty?-?qQ;*D-v9d4P8nb|FC+zsk8%Y0Z`#{eUw zoiYg_3-ubzYa<}84e!$8KhM$=bc(8Vpuy*#lf&UVJ@WisDnl`nPUxL}v1X$Q=6)y_ zUTNN~k)yP9P`EVLkm&8|N1*Sz((DQK)GOkTl*1|I-x~rL@@8FwcLXbAS|TXz z`JFEb^4--4^1V|;g(xwQx=6TCKcc-qG6Q{$Db=oQV7=6t#c{#EM`JWm|jxOGmv(-c)sSXbdEf~3`Ez>(ZNu1du?xhgX>;8U%s_#XtoX(Au=2U*v*ufB~ zYpj^LR%sPni?348h#>LgYVc{_Da>uSRF^!jyIZ$xjm(kQh$yg%Poq%L;RBoZ%)T-a zXf^Aa%h!8erDD=YHMY3N-CPrIg8*Oe8a1a7Y;kU|IanKg8*r$NLtW*ZRg=hTIYIez zTe-*Yfc|!pc$PPOe7H*SA$O#9KywfwtrgD8i^pv@k~tM|9(4@;d_&RL{N9*e$ZnER zU2FoeZg*C9NAP+-?woZ{wS@XXZKpgA#~U_uu3uhqb%_i{&^YM{QTFN>yo{Blb}Wt5 zW2?&J*azPHWuvUN4TR61m0}S-l6#bXrvqPkz8!bd^E|9KRcIDSPrbLGE;7i=g%B&O zoGX_hw<>3*uMw;X$e{1or5M$tbzheeHJ6g`yLAC7IOcsGNkj}D=Y3XK=Nx+EQL~@H z>zJqUiZ>HaHmEsSmM8J)y?^3uu5;T6CH_Jm1-0W~EupuKN`I#=;FAksiE-y-=$NTx zc392Q+p~QaX+dW_RGgvJz{w!>GQirz$Gp&X@~o)%{9}Bla+Eo6CXI2(Cg6AzIpNS_JCxknd#+6v|WREYA+;dnR5$J0C!5-wOG&5t-V!Y zz9%Z&8@Tg*;uwd4gmBNb%V@4 z;Z5!(5BIH@RrKB0Dl-iZVo+m_8isk*N zunoISk~^`O7Pyu-hC==m84<%E{$+OoAlsq^V6WD}(Rc@jE=y!Hp0xQup}~1|YK9s` zOg9w8u2UR+ve!~EA`of1__56x(5vf>d=TKgJ`89P4;A0WCzieTcE!2x>8@#yr!4*5 z2m#^<{_Srtb9ufLOGrRhx*H)ySTZf}^&p1N$}I@|n_ zgFs|PGNPH-?jjm|v2?a~qWmgOP?{qc%!Lzv=ma~N!UNF`Rd`aRsuj>_~kAQ3I@T>cs*)0ob%IpAx|QsZmX zY&YGtD`Vnwq8iI3kiXNz-BP_E@Vw8LYo!awl(?fBTQ*=u_pw^|f2;=2Oxp_bHCa^K zjSb&q8{VqAn;0+d4Bk8?vfFNKX5K%2V!hupautr*Qyo=hw}#R+czF$ z>~9J^1B8zDCnd-G@W@tc$T(d~rjDf8?fHC9OrDu0hQBNq+ufVqF0~NMSLg)wC99@+ zxJHV-^2cRKF4p)&C4?BNIZ+Px7KGGLgG~@g#R^<+G?tJ>Nxfiq>|D4|hg^6<;h6Og zG>|((MH+jjImT?PZyDX8BtGb4VJ3~SDP2tRK>%WVwN+kqCH!#FpPrF;Qr@-qe_{%t zFx}tw_5UhR_{FjU8-A?&)Q{hBpZC8K9OKBnW(yE}v&_PSSGt1pZB7d7L&n72*EXAU zV9r%dc{Af+@Qf4Bd8ce>)0ky?fFx;@P#dA;{Vyn(uQ}h%RY2&C@O!*KQR-4r8HHPA zjs2y9)Z8a%B%m)xDe0QM!EgRmBS(!X$vfu>U<<}nI?vIIx|0ACrxX9S8ru`?Gp2Tb zfT!1Nmr6y#mMBY4s8i|%O#mzMnH{4r`<2|bkkh%Q0aEd&E?{L3@i+bfhB|p=pFZ^5 z$R=(u#C(fY7!H%CGMuy5C+93zMWB4&q0wb-<(cC)V}&qqWUNK1hvS#$S2_%-sy($< zlyz+~a>o>W#K(MijS;JTA~BqD%JcQ(m>s(p68QMuZQeYo0j0#g&m+0kYalJ|pEvcF zd!v|)rk-3D;d#_8oAiGgLBLdUS;6|J3OEoFB(K>=v1SwBN~x!D;Um9D$-ej3ulsu7>zoVIvUk9#3pO?(>4>g#kM-loG$_^G ze5_CppOb(Dawso|OL^Sr(;C#O0J}lo&Y!{Pru_3HW7OJc=__BumbS8Fqh0}V`)C>E zu7ekqpc3Qr%IPyIfg)K?)$#R+_=8~*M{1S$l9gmU*;Brz`V(h&ar%9_W-!Ly&iRM& z`BAGpz+|txz~~NF%Cn&BPSG)_pBFjEs2?@~z9uBR8@%N8=1`#m?pocD-itaAnx5Bd z@tUv|?`5O4f2iCoPr=0<=brU-ZQbP)>mi>)A|`XJfQYPrRI2a!-s9Y_!-& z(p1=cFT4AfiPAT^q7usSJ(((?zrntxzLVbn{Ah`mujcntvO*O0>2{~UQTjyFQA;ys z2H*JG?MpWy!{)P+Aw2T>VO2ZhqeAohy|XpY54MN3)TtcCLUv)jzr0wEhh|MPd%rZP zv860COR_i}B$1s2U;;KK2UsoCAo*+O!?w~FVbanuI5TT9>(fAy*Ld%kwdUvh#%~5aTi&!Z#Blw@o_Vk<| zBGn9TrgAIEMdEl3qMRw8evNYdAuouuRs^^q{d08V1cw5sgF{jA5Ln}kwjAHCx%iv!NI z5t$YM0^<}5%+Nc0aB>nmP06$F^+r4Xm;}6btKhsFOFc>sNh0=geCZP%`%al9FNYYG zUxF(;GJIt%Bt}fdDPG3jMZI1*=#&@-Yi>9(d)@M$n?5c*t%=RTODpEhxlo$*%0gt| z$u#H`>9`23G;y6;1=Efb8kC#2?2?C|-dU&)uXoKzUVJVq-A{JSYP;E;LB{d&{$$_B zt<#kOx>!kjV~lV_DJg|*UZ(K)EAlgNO`%(!PwHIBFU=fa$kH~F<(hexM)z52>m`jr*s0%Ro7>E6LkPbN`9vFx*h)J|Cb1UjaK#9;oNbsBhuDd( z3s`czQKjVVJFIl-bamg|;acuAljQf4(a%*0@GfP4!S?;7ezGF-$g-AgUWUGN zvv?uBpmUrFr$v4&l@|e9q2%maxa3zVMqCxXm-I6du?-iwkFZ{gXyTFHOXa>K zyU>38H%wS$JMMK3rFs0wzTf#Q8X@l_Z+?PRGc#q4trwG zXKtndJ8Qn!62cNI{YrlQd7Xo_P!Y`&he7HYOs9mXVS4M>Ox^J|wdCT?C? zuYMQA-J{@z3AVdXNy;2(Uf`ZyFqvtI(9h+}&DB%j|GYu`=8oap^$F0a0<Z@bp}e+3=BB&&W7iT|9g%as2LlTxo?Rou zFeBS+Ldj~5c!*l{T3$I7`^mQT;I|+MO##3IP@)j}9;9mE&jPDF(%&ta9ho+t+@Gj$ zH3Bq7BoEJ7Pb=pzFh*Fn|7gZ$0P_d zj>)=LsYGhSQ4oQ8q=i@oALGviN%-&*h!4b^DN6n~+@Qh(?5Im@)d$qQ7Jq=ZvQ_*5 z@RKL?#opz(!nBA$)6s<=YngiFM?#sXH!!yfSi;yBm@w1Z@K{mj{goH?3va%6W$^)l zCN%U{0n#LR!g{c@bgwDegL`Kg6N*Ll6y z4m*(l^P?v>gX3ADCqwYvZ?Uy1%Q@;zU&p}xQv)07OG>rfPUkS*97%>AMt8m-E2)6> zT(u-d{TXl@M6xTKR#Y}3$s&`@=v0msWGs;WwVI|p7FX0`Khb$}9NDwxoJXKyJ-cmg%!8F9%;NAR5{m4AfdGXp+(yRhh~4c1xIoK2E0dkF z00t5`L(Tf)ls3)y6WklzwX`wIBCrT2BvF+T3O0U*MpKDpQ<4fn!#)8QwZ(l^)=e&! z=(KgsbtE-T0Htk^gU7R;*-K%I{5V{Xf0v#K1lkG*qBh83OZ^7hPJ3jIVt}a3q1V_L zqU*ixEbpw<;r9^p&?VFu`_ei$%2WEOeWOTQEK%<(oG?TDi3;-sYsh%TUWsA(C>Lgo z0#@Ix(egsm{s|8b?hW!o^4X?!h<)N8>9=1$`Q0>l*P3|~b6f%W4Y4Oxap#K4ccQ$i zY|Bj3$GGD*!1bVqWd#qz2VOCm;nu5|LPi)0J9%_aw7-*dGee=_DvA*+mAAmN%^gT{ z@2=(Kc%cyuNl{<*A2?|s4Dq3V$o@U?AG>t*&02~>gbKoM&1#8fTTa&u+;>+|Q)~m> zHiEMz?e@qEgRu3{UafVZXJ)*E;9GXq*-Y(p=&>;~lb76=d~M*H6kO3`l9#VR=RWfh z!v)IRL#;L0wrfZrKZGH*76(F30>s<@kG=N{i)z`rMkT9=s3-_XP=X*d2s9uW6a>jh z$w{EeIfo{Q2~l!vaz@FSCN+qXo74o!C^_d0%`MLNo_+TAJ?DJ;xqt8d<3rnBYptp^ zt7_JqV~+9m2PwZoX`L`u(!egcT++~&>~_?M21g5e+1Dj=5Xu%6eK&}MtPQZS*~~rA zdl9qA@4I&o{pjX{y{?%zrF!_{+ND-guYLTFxC)rx-}cl?OEw_{Xo)^R;)K#FbT| zM%fT9lN?kh8N>EtW_iQo5VBh=9t(x7en@+3x5r1VOEsc@(=6$#58-#{jG_t~CyU=l(glSA?eYeNJcQoZ5jY@`$gq^oDUWdjB zdq-yoA@8J@TY6}z&3N^A@P47#%*T22jA(N<4?V79OpcF&hua7{wP6{MuNyv_#|h+E zSh{1Q-(dNo;Qf`G1!{$1wGWqO{T7AXnosJU2CM)e21EHWUzr$)aYt2V*E4fo`EFb~zj z*X@YmEF_8UnMy;QiCWX$sJ1Asv%C~%+VNs!xPKqb&-_Lg+l@!`a{0jurqnd3v!}?x z*rY)r=ho_QX$v)6>I$VZw@Is^9Ipj3>m6;al8;uYqUWAxd-M$*E8Jk$^$CV0%C3sG z$WX2FBi{-+k`z|;9P!pQ-q`t53(P7MLUZfEHR=0H-ls{_OEmn6Za;c((&ja-74Vv& zRv}3N9WjOB0JZR1S5k~jFoaL9c@iqq!;3!X&$Cz{>Jto6bVH*Of`tIP7R8Uu%!TkT z7Jdj=Mql#Ys&VFEQfp?!Z_dU{%6<-Ks?8HGw|pMMu2mvA{FTl}*Sf_* zS+}ZSxkDpwYY@|cUpO&dTf9F(vT#^BiGTOCr3FUvsAfg2aeJ`|J7Cs5KV>lw|tdy&C2=mFX(SZZSVpl=E4g*na0NY*x=Yt0@U> zZRS1I^?_O?d9g{sGu3u^3NsePREd* z4%Bc2>FIQG;1FlKXVugU>B}&pK`u789*4oqs|O0Uw*JPwmNS&?H(pVy+?mg-i z1*^WQRDSQ&E0OyIuC?21M0-YRIdDu$>ToFoEtRD}^2_?EVA)%2?m_a$^uG!*b=T|t z`Lk*vAoXhLyBF7aZNzo$qq})d)4-SKmncDuiu|-p-Jr_?<0wmYB~77&9dg8auSOx~ zll%JVd%ru0FN$Bz7|bpQ%+GdcjD&06S9}Uz(EKvv!rTDiJ`l(IlxD@z!(6@C`$^0a z*Li2VK&k_4Gi9A&;y|7eU3hOQ&u1wQW6w5tA_AVQ#R=i#*JfnRyi*`#Jucec> z5OF(m+<#?1iP~{WmAKvrxij>3N|bC1J5j^%s+d=(JIL4|tbCb&*buSGthuwxpB;B$ zkhfwqoauwdK0ai6?;s+;WU7a2YtPGnlJvtZ2;*Yk)04WNRWSxJ9?5WKLJJ)!< zYm9zmBiK!nSy0+Ef2855HnQrA%Hy9OGvMA$TueLuvM(V5oU&nNjOfV^Th*+Olu`kO z;c9GZd|NfcAjZm=?8~R&x;nxtN5L6BAtLA*_vTflfC8edWOXQ??~x3ib3GT(s2i`= zIw$+@79Hq_uX~Y5I8j91YItXf|KouoaJ=7p#Vh9Oi2W*^o|9Y2g~|3^V7AeYUTvGu zn+2!CqR}77Cv2QKEJ_pJj?)U2jIJ*1zsYllUcm>4K0+dYg+I~-9OVAg@gKo_B?&;ymIu8^Y2)S3>Jj0Gy1r1MK8@~?e;N8vNPg{u)UFi3_IRx!_ za;7?2zQj!5THaQuxLMLr<#6-`t`vKKF#nta>J^>^uUwz~dSY4t2)pJCzEKZ~*bm zAJ%wrh@5kYd3dOU1J&tO$kd-^MJ35&-b$P{TaM+PH9uKBQe~>WZ~-#3H*98baDUW@ z#Aj*SL<}6`jH47TWh<`^3}v-T^W3A&uzdU3!C3!d9B^?<1PdaE$tyzu2tLugNXy>K zxLrtpD!ePV1HY0S9q$gfrx&IP=BvVv_tz?NQA4<2H0GkxVwIANJ&1<| zZTS|QVosVi%eOhHhm1(7a&)qz6X7wJgyD;`ZFfU3{F6R*V!4Te``ojUh}Q}C3zk3H zg3O=YhR8+$DPDkqbE4-M;T0;_x`8LDQ{3rSm$R*y@qYS2Wk~VRTV;5&TLSE6b)Bl@ z#&p5Bm+4nFwM?^Q9PXDpj9R9$B9<7Bk&5c>WzXs6e8;}Xy8a4hj~T!tv+E^!Tmf0l z?b=?PpKNsskZx1!7PXW8h%RdsqEhcK)e&k#@NVhnbR^|wWje$|zZh#|kLDbYtZria z>h_(u=Q4*R1Mz$;Vrzi%DJkL-n>?(0+60CW@H{K8_LOig9PjG#)_K2)2D-*5n!LW6_ zbiXu9E_;u3)aGPu^nHUWi7*x4OWlV30ef3K_`l$~|0s@1(7};SP1La){Da$1cLx_l z)YZY^ijB%Jbr^@1f0pbrd2Ms#vzn$zuU6KhhnjLwq&4}~l{ZFs-_JI>Ke-hGb#)$z z8!DwV=AC`4WU=X_*`V^w2G_DA@C+wa2kTw8Poo{PAGeB<#lv(g4No$MUE<$Px!a5g>`pQSiTx$tml-X<-MRLH?fxi7y=mu;q zPhf%@k$T@{Nqw(QG+{7LoT@0L@d?$KYPqE;t9C{a8kW&WN9X+rqqC<=s?LSOSB)yH z6CF4zv&E>;+KjeGlVRY;7MrTn4`(anO7{=M?(Z%QZoLYIE-V?S2}+hu&p;a)sUB`7 zUb>@MYZ9lYEA~!9&n0uYyt+I=4hTm=}486#H2>ew5!KK>ai40_JY9B${JDT zczS-OX7N48t#8k^;|_;oySKR~B3YeEZ?fvjP?STs=F?nLa9$h<^iL7iiSk)^qQ>0p zoOHI#x91F2J*bMaGS1-dierKJ+jwx79vwg5b9p~qX0py3l;Sg!mt*ug#T3QJQiJow za`Mc>?qQ{F@OoRt^-XMvc#5(@)@<*Yc2@Pz3DyiIn0a26qIi@>3^YtTvXNFv6UolL zyHrJ1L$tm0G$I^SSF#Ix%MV7RhLo%Un!ftG304PbS#CbaciLG|i+ZDLQJ`|%2{*~S z^wk3d9qMe$PKXL=3!{k@S;@e!6FUOQC-+1L`3^;$7CXlba` zaEYF6>1EzL4W6mnR+mcI<2cK=Uwqb`K(EzV4yI*$xkbCl)Av@a3fVjiQ|#xq(pJp( z85f$4y2SG7FzJ?>98J>>^fSXc9@eKF;b>-|;D_lPPDZdh_v>5n$`=FleH&i;8tmY#6{U8!}OTGfq6_r&rpTShBrAgX#ko1cd z9dq@U0%)=gkeSY!l>Zz(HCQA;GhF3RdP(zrYjdhUF^7AjSm9bg^wQ;lxvpbj!!oaH zv=6x#&;!g3^i}wAgjOUpW8E;W-eKO*Ryz5a>K+g031tPk*m@{dYSD%pZ_!K|&jotG zRyF<-*HiztC`-GUYj={EaQ2oF`Y^Q9wywQ; z!?%a^y?#_A?0ps1!?K*mYWawP^gBw4(jA+Npo4AnIRcy zRkzEuH!|fC+3FA6=Z;Vuxb?MVS~B%SA&sjMKj*?j>n#0xrsk8b)hU^F#@?L~rs^NB zbJC&qM%qm#r!|TRIGK%_#u~e;9Hz&0(De{m?7ivA@zG%n2zB*p21F9|U zkV{Ke^7PMFTBHiC7UeCJhAanc76{X8eJWWV20h=nk|?kI87n!|9*t6%IGiG*{#Ir; zNykhN2^j9ey}N$Bcel~~_l*4A(AqPCB~-hY zRMJDL$>#=Zmg)f0^WjuNR+s;7{<@Kze1|#gD#?TQYZAKh9n2=$n=hpR;QW5;Oq-hZ z+tevhXwX~O8j=x#QXV?wRg+`pIo;)-*m}jMD@KK%3O|tRMOrYS12C172zGFKWk;Qq z41TI8q_W?hAroPY@=$iE#|?s}e^*o5D~WrRg-A)6lD{kU;bsXXV(npE^yBiYtD`dh zxI;hKp^d|`Q2Ttx*~@*UUS?`bvs=nR9U>6Kh{d#l=l2fhQpefuiP|H|#UH7kNDO(h4nI3)UgndLrh^hz-eSJpRvxba%U4$D zXgWP!-&BrBqsfkw-f=g7h!I*>cD63)q7p*VsHqPtiA))@MEY_&dQG-m$S-^ct=DD()dddU$>fjyHH4V5F zPeD-Vy+EW#3g?Q_zW>*6>h*O9fh><-rS7lh z2Ch6idh#2|LX|y%YT_f0Bb5DmQgr;az=anbxC_VUqK`Ljnwhk$;f1%$LsX!?RT^@> ztTKk^EIn5%xh(-1SLxMcU!@V7_DHTR&av?ErzH{>buZw0`kw3`u<9UKjR}8wbNW4L z=U`Nw0<>RQ)_p$1W+kr|42I^rqU1REB}jj^nmEjL`Z}I`V;$9ayTdx|E#$rsy25Ab zwj)$VczG7Uk6?I#Y^7_ZqE(Y9U(~6U4@qc`;rpsG&L*;7aB9{^`;oZNZ7C`00q|Xj0-R0j6&+pK;65RN5S) z_w*WK&F!B)9svqC5Rm*c3YON7cz!q6;e9ET4QgoEwL<#1pa4`6sl0mixNCu0 z;0zPzI&K@Oud^5H_)42xHbf!y6#-)@EAh>tEWR3r3U;(%2I+Wdyy^#_y2v$5|H~Ef z44eo@-9aR-2Ef!WL?D*<5<;?Y1hs9sb6JIEIC*c^LeAs;v~~AN9_=m-e<$o9=uW5n zL`dS%7>sovJmxdj*%1EuXwS3$tlp~fq~0mUd_zHEd-$rTS-=qWiGIi#IHoZsvZ`gw zdq3{_R5e0SD8#X@lqkpm*eLmiu1BPP^RC~m&KhcY!kjB-=|nrvJJg&Y;FN^1a(}d^ z5pd{Az0Wgu+wv)@ijd;nG&XZTcG7J%Ts})OQa?FOX#R$m&HIi`)1+;NDJ*K~Bu~W1 z>U2KYn0s-Si%%^qTG?qeeb_)|(@L(YlHwcNS%|yDon}q9ufl~7C%3z0j&>{*kg>@3__N4EQ7hPS_ONODYL$mqKL8Ew6wf$O%f;b*j4K>wcSEY^v^68$X#l7^P0A#nDlvqF4VF}>tMcRiOsl85qvs8FL)YgN8EBM zx6b7t@Q-(~Ue6_l%XNue=P069(89ZcU9Vcqp^@Mg!3zEF%%NSMFZfH%N5)6}^>j;7 z*|4{Y@`!uiKH(`>c3W*Cmi{b`KI5Qlp?&y!HtC!~Yy+r#ng#myCB)|kpZIZBbtN$l z?U<wfWvTZLW7(M761y&kxEf_#i?&{RtCpvR`Qp2@xLYrEd8nc>B)^{=oB$Me(cO z!&leL{H^2(lk8AQR`cEF?Icn|zruMLt4%3=ZSjFh2EAR~X}#Vs$UrUUmp#uVs{J|T z@8Ogk-@bSj7cR0GaNlEHV2_pn52W+N^KflOU818&D~dCZxxd*Pd@5&v{Sg!UCz%u# z4sKAIzY+9LCC%q;4+zSHW25ELGQIunD7-nbe)q=H3-knKHedF}9AX@w|3g&Ff8(;r z%m|gfvgdEh?!{}MZ+-#%|4b_W(fMl>{?jc=GHYW6U zKMX8?{QCb4mH6fB;A(H~u<()nGq>|Uz3`u5?8?xj1=2HB@x1O<-m>Q*P~kB1Y9 zEyZ?z^!&zo)D(vpaur3 zi9D_;+7D%r@SMqBjJSaBjm4@h#WV-H8{fY(6;|d`2V@z;ybu; z+*uK?H0B~ZxXlX85aJb`OnYjc)$m+yBpVP}DR? z#TT<6rM;QdVEHGKo&KBV35^ZT0zdf+;8yi)O^U@V`vXiq~a{%*EMiA$ec;R_w{( zeb>PX2=zCY>vJ`&1P3smFy9M5;D6dh{%KAB-UuFF0tO)a#^HZW`M*xFf0?@O3@$#o z-VEIZSGs?H#s7Uje`V0*jjGX|zyG?BV6CS(B=Q^o0|EBGFZ}30>CcTjH#)3eJ{*7Jv%K!KXtSWvVrC2v}iqZe^C%=EeSPYEq z*%kTy-@o|RJo)Xf3`wwmsQywhj{n=nCi4`$rA^ z2AVK&Jski0EpD8nGXteR**yL0{?GmLXCwzr0{s_h|8|Q=7O-Z>3R_z9 z{LO_4@Y}P4CO7afB7eIDu;GTZNca99u)n?Xhiif+jD%TUf4hZh8nF8R4^I?}h$`P| zY5MOM?+Clg%=u!Y@-&g!fIf!faC<(gq;lfkt@fBG0Po3&JvDst_a?2s{Y9|WsOGt=93HQuOpm1LIw~i9IM2ClIygG+eWDr+Di?$O z+1&q&k#pdmJH)TkTSXaV4R@E$hCyZ6%z#F7+j9-Q#og@89>Obkn4RW)n3LgqO#V_y zSN`79+ouv|)c3fBp33Rtt_nFvJpHsD1#p<}Y?{hAS4*F?tX*1iI!|#U5xidr@NXfz z5J1&|D5g-82|)Us(mj3y>i(zBaG2w8lk4@o<3C&-TO0Q>*-xtL`&qok{WDWVHBU24 z(k6rOmW9DPQo8Ga77c&bWgE@keoJE}=2zBqq>JMR4jB8NG2Y zftyUk{?)pN-k~=k+CKa*Ac_N;&pbs zUSs+zW5@;t^rEhw;wmislMBG>%=r&hj{k0Gj2h=V({dQnuaZqJx-;-H$K_k<8Su9? zG{^IF9$TM%Dn@~TL>u0I<;DF63#9+WivBcwG8N}L(dZK=BRkE<0YP2Qm3sl)b2iS5 zue#QT`@PbxbELYPTxbhF7zc=m;_d^HyJLz%f)f)&X%0b=&a46lQpP z;77F0%IIc{{(KemfgHjP?5DUOYz${iSoT4X%3i zN0fNZRN5@ti$JV-AQU9kwLUS|3u`-1WSA%WZkB(1$kbCdkgFqC?Y10wGdES~?~OaX z)Wr;i>pE>u^>5;GROP^1Y)b&K(_&9?P37b>8uc>wP430xPVt)hFVETJCbQ{cKrGf{ z+3Y_)?gjtXmrtBdGFFbai|z=x>H@Y;)N9u!N26;pQ4gX_>Y)KMT}e{hFd2%sw2OZT zmsS-4ucNvs#O}kW5QQ%EaDbKDY|RV^SHV83W`+a6fql5?gCkS4;NsY>gO$tffQD>M zMgI9xaCemhwNk=38XU@I!uX%|VDS&+2lJB=B{uUu0#C$MN*)DM{ct&GMLEtaIIy~# zUTuryf|vZ@;QQlwWD3p=e2Bs6x?Kz*1yF@)!zK{F{n;e#k$bpWndrEFnqRlyh!?WI z^Z*?{eoGkfU%boLHvt{ZLkX$7rd{hYBo9Y?H{R<;aULIzUmN@*7t846-{0na{6iQ& zT$kPj0d>%qM!0uU&nw1V|HHC>8}g}Fw;oxxC-;VDHyA~fzyFuDUn{*p8T4|`Xi19x z;q2}uibnmCp#QiV%|G$GVLtyv#CEwqPwF2Lr+?hfKbD|X^JXcj+TYt6L7OU;^Eb#s zDkSvjKdg5DYZ{7ofF(~fWzJsy5lD95`KwBO%nX2iE3CDcy!Nae4BiX;Hk{$= z=YHL6rqiEC;389z_xA^JLT>f!2ezqq`1~a|EwFy+1jOW?K`<`=r{|?ayGsM%Ify)JW3y=fNfuy^vuKq4&wFtIdc1cU0r!*vZcnX68yqMR*JM1y9IwJA zoG~O@?cd(N``HGs;e5Rcrs$c;!Zv67buxR65$_71zU18Hwmd!TWV-pw^zKkR$ZNEP ziPVt1|Lm^gft*9+KJKEhobksak~-F}JE9oIj@mhHOc?;#7Y^jn7q-mDhb5{tiX=!z zwJhbJw|6SNy7jfHO^|tdD2c%Wt^26e1HFQpir7eYk3@JK+S(vXo-&E$-o8P6e5SHR7yG>x57$lFaUrHM>gb>VamSkAe67+6p* zGeEq_pnxvt{#;M0o7W<%x9&A{{cv|^)v=8!rnQrDU8W*WtErjm<&5UxR8w393c&V4 zf&1qUSAs8#XaP~Zb7D)t#@tEW{hRrU_nn_rcAE2W{yY=AF0b%u1)lp&RGKr|fUD5D z;x7782IYGwSs0A*0|#ChA-Tm<2DEhsW$;cN)?BMZ{X?9rDq=XFnZ1xM z{@odHg@T+6!0t(Uk$t4hBiH+Ipwjj5D$NLEe8au*Y&7!|zY1?=JoSPEft8}OpMCocO zCC-bNKWn9H{}>c#!B4E&L%&+bJMYEhlW2&JMJeTV&6&ur$4AQ*G$nobM+JJ7&-Spz zO6S-WIDoW7>Ik&_{R#tNAOB-s3(lIH~wJCX3>ycON|(-Ac|+o$?Sg# z>CWrZADzt#?T>z?`t!7$!lhUM{3Q^tXo2la$8`~O1}Hk=3uO|mStWh+1?)zZIfM`k z!(Oj-rAi6>a}Nb1TUQiF_Z!N;2Q`mm5-w)Eu0TifTVeR_smUha_mqifCP}m2Ta98v zuwN_uK@0%}paX)7+LBC_2{ ze+Wu(Y$M?im0#NNhvxf9A|=E4KP@msLr;?FSOG@@v!0;a`wIL?YPE?9e_7YN+sl^Q z7s}MzZiElxv#yQT3=y&}LRa_wqisz4TT>l@cU(0rg%{ivYnVNiMH%8uU1kwjvXUjN zWFMsTHfze1*LZX(*|#{IEs~8|IBwsF{D0o)BmTvAbQGg&?J+3cXR@+yoOB|pIoZRt z9|@n%^EOUV$$uV#Kr~*|kLCYdJh0~6FEf8oh}w*XQ*`-d7TL}aj0}Hxj%uY=%O+SE z?@e!!7w>@`tDOeRI%))H<6w-vwvP)$xE*&G1w57_`Ik4R@0*P7C2sX)@Mpe!qcfW{ zM^a~T<@mHaG*iEXTr@>%X}>_qWJl!fYU&SWt&idzxj z!ENw9J|PHUhK;X|mRH2l@(LxxI#Ls<{dt%9JSC(MDmg&5UbRd{f*N{q8X{*M*H>7t z#q#E|K7>EAnnRI#_Z=&Z@X7Z}73`^dU>=$RI(0Vrir)M!O!%!d2{|!#ZAEl`YBzF}reyzjZd zsY;L3Z2>e+t2X_RN>G?$@DWclqc%NB%y-J=QG!=!6Mkl2SAN4st?iY|m^j1HiE*LW zD{z6;V?cxeO3I>u4!A)${Ft=0Y%y8p^NsHcdky`?wo^dc*Dl}#cN~53gow}&Lt{Oe z<2=3eFT%Sk+k6qdwTA{|nm2QqdH!VK_E_Li37)n1LH=}Zok}B%-PmG@r-J`SC-e2Um1N>b6j*=;{?#-$K<214-lUj?2?34zY6EnfbvLI-73R|+TJ>c7LPZV z6c3iyQRkWT4w5Wk1)wL84xz|`(}?-#g37XMdX<5+g*X!0bIPS8G{Ww!u<{KtKcDGO zm31yVKDAb@DfjFMc~U4}?Nrr+G9cHTcNnt~KZY}5Fjg2Zoz04^3HuE{*h9}LEIG(2 zG7CKmIXtwTgr5bBzXnJr5-mQCyQA5|>A*c>rslIf2O+nj&S)!{?%P$RX7odo0M%Gf z@#wb%>5<~->Ugm;Hmy?E#FfeYY+c7^%w7qFbrrD-9=}T3k)Jk_rMdKUDr`nMN=1{b zD69YmaWf_*o`2mbg21@cT>Nnd(OU6w!TisVx%;0yF6ifL--;(-s&@IltDQs12W5FN zdTTDhYGQ>$=+4qmGT1~bCwwLq`<$lM=04%UFfNvul#(>55AK+>(WmEZ8(bb$9^Eax zyag>^ZPM$Xn*B_^pW5V^WCde^jPG^;5sR;pMi10;{L}%_%a}d9?RL%XB!z42a_3zq zgEnJajspIUH^)AArr&F+WRWE{7M+qX-R`_x&EvVGAemPKJzq zD;wbpX7hlb<{TRk9`Nq!@RnIfg^lU@&$ZiDPg5&wXe-7UcgCuKXPOC|m^y_`yOt-U z;}lFnN&Lo8JkL&_gU$O|weE2%W5|xK%>CzeSoNCeJ>XUt9ing@m=+<@Ep<34K z7@xB*mbfqE5RQr1Rkh`hluss=PWKP%0GFT-nWVuF@9Zzy<>753PNq;DIxfNDp^e)@ zq+BX;5vN8410x8&f@OkRNG;ycp7ao5`ha(zqEKjoBF9}S8xiueBYdx(H$=tEF7=b^I;fdzrLuOR%|oG{r+k+>(jF7ax~i2x$*IvOwG;ZP84LX zy?s`0wW`mwUA90Msi3@nRjb%KaD@kRnf$>$Q(Fk97Do`aYWdWDpxv~@VwzCEdBgAK z16@f#P9eKx;P5Kfpl*SC=P)dlxvjr)B4TZvwp4=7_U%Bf@20E*(g6S^U+hTh>@GbAuBg5j{0of% zN`E!fUy6zmQ*W#>T(Qb8lzd#?fG=x-X~+V6c5l3MvPhR{*T;tl)2n93mWk-PijIY? z7o6_WF(wFXC$nno)^;B6I90xfKUcD$x;BvRm2KXk$<(h$=l&=HYJq7jnPoE_A>vsP z9Opz!{vu^RGH-6-wmvZDANESz-Mk|-mI|l#SZF+cdF5&!x3QAwX+mWlb&pFoi-^wK zD{J?MI|EF7g$!w9MSAD8j_vE7MZE3Hc5^$MDY{C*s@l4&L}y(?Gz{qZExKJ2bNpew z1lbu>Q5&|^+gH;M%^aQ%%z_r>s~e-(gG4kPP&M9U0(GCpB+TV zv8RDuU&WLjzuT=p1OYcZ@-yH%Z_V|)*;stn7pWmUsG&5j=Jej2X%33Kf@)*QYxY?rp-~(x)yVs%t4* z??LNZo$xG}Nr-XQdAb(Q){MEx&^#d^e^cFEGtIS@`D}0{m1sQ*&?+Bm7{4QPA_?i! zx+87937@a6a5o7}_uZ`Za2z(ICb`{bnD_%XC_4XO7{=CjMTUR!wxHkop6skVU&g_B z$mH>qG4+N1B2ZI4e;UVkt<`3}#Yr?~8I(f4N?D_TjPfl<9NLEOkJLUpWmy)6AC=XL z!7DC(2x+BXKwA?+NBbf|+_)z{bL@vG@--2Wp0EZadCAWCQf<<3yEl1?Y}W~Y zk9-<6`qmfUbC;6o!{rF~ymacZ+#9hbpz=Zg_HIcen?Wzf@>!;Y49%!0iw>XNPDn-5 z>;v`4Fk|LtgLzzM#Zr+3l>UDl&_h}L`vbKRZ~lCI19*(*By6268BR{}NG{911J@OVAriRO+P9#t&{ zaQG^#*lx#+A#7ymv}^c4u?}CvJ1<`ldK_8gk7K`AV6hPbc!fC*IuwEycL5zs->7iI z2GOlWgF}r1=Xi>lG#oVuoh3yP$w)RKce%xAo0n#x#059Rh1br8E4YrZX)NEFE5z!7v$8SrMa!MhsZL&7?TuU*vQM6DWJj}rw^0`RqE=I7 zeKkWvKjxI#kCmxxmiZdGyw8Z`O(yC0_)7Oyp{@}(WQl2pQB$@4;UlynpYx9(+j5-3 zK!K35bUo%Labh_#VrR1*la`f@`7!~&&g*$#ypGdf50B#8Ud)j`=o7~k={})Ud7RH# zF!UA5j5i86(LD6nL7^1?9pNcb=e*~o+6^-_%+!e;H?vz<##X)c)yC_;?P@Y+z9ICf zPPtdtwX{1pPT?$+?YmQqbi)^27~D)#Kx9r)}yQ4qb4>O*PwyG?@~`#k~AV z#V_AjN9QEY2^B;?jeqFzrSsrGjXEJ??vl+m>R^!Y);aHK8~!beV-)YQ>CS*j*DWD_gH=cs38ONcSx zgsj)G(dR7m$?*{7DdPFSe4r4+vB)82Li}5c+}PQyTG40Bb;8X$Sw_>aiH(?K>B!FQ zr?LJ|-dzQ!$&qdwW;IoN>dlh|7C@KT?Ju@37jrdVVXy1Gp=zOO^xv#Z?G4_t0XNldRu&cR6vMH^Qf#7uF?`2!otg#~O(Vd%8}1an9n} zVz29d{Z25x@FXuVt3M(7)Lx;qO8CHD=y-3j9?xXNOKl~97Q&M$rp^46uEN6Vob0#n z(bmrt8p;mNajbv9yLi9s_w1~*9Whajc*lU5QEMgqXv4TaHbx3hd#7>OYh57*dz!T4 zdDsbIUaW-CIqkw$vg1@$2IbSR7I`Iv$CG9H??F3GX9 zW1IOnoH)8S%=6=j+lnoGt}C9CRLt2|{3&^5icScOX^Y6mqB%rAM9jtvFem2%%ODC3^MbFq~*5)Kb2@-Se)d+F)c4@eYwGt3Qt(Pw}DA zag?=zx_=oSCv9iQ*B;r@I1(2|R%FUClrR9M$LJC{>*KaaZ11+5PEbv}Ov_c9y1oGI zu6coo0Xexy3;XW*IjZ!`1YNmKj|})7QE$y^=jGLW)IihzXeY~>@StI#J~Q4ceXAYa zL7Sdw^0m1=lty``=pZ%M1$w##TSMq-8w0^zcda_EWfr-NzJ8pM}-joq_Z`_oT1m}yvY)8sv%V3`8Yoc znC7U~j$~S`QeTBl#tqv1V86vCN#fcs-WV|_nzs6**w6 zmIx+0H%7&BJK6@+Jiqs=o@K+{FSmM8F0v$gdeR{%q?@%vveko!uH&`1RDM1E{;;DJ z+Y4;>osL#|Z@aARM;jBPcC8f#l_QXnf*EAB2Hh{fJa&pwVw?)=}3N)#DFy}k3{T!hTnI=pxzIKgAyEbBr#l^GA4_( zPN>Z58_b{&RY2EsX0d)ZM@OG7yrvVn=3gFPvAwUiXH-{jr;Kt1dwDR1KD}OPKe{HK zKkOe|!q>hYD>dF?dok=spf|LeDT|m&@}Fpup~=>|TJ5s9uo?l|dgRWsRTzOf;Qp2R z8b;E4MQrVE0!J>+!=+Tx%e)J%2INw7x}>z+kIhQqD5!15KK(#26a{sc=!h}Lyvr61b=tS67gC4W2uZw|>8;-BFyAReTxuh@u-LQ;ia6ZI z*G5s3)Lo{u?BBBw=g%;aF58uWS6KdO@asNEi0OeR^1$HXl3 z$`}6g_FxK+#=RoTDA}J2s!)b#t9*q(TJ+A0wzgVumRn%~U#v`kZ2?NO1gh||n?bMT z7z1-3q9^%)=`+A?Yl;z_CM{0$NsC^2pfIa&vFSW*u~OcZFXmzy5x`K;nYo}w!3)O_6iN%^#yPZ1SRb;Sq~wG>xh2b>JO7jnTa%OkyP47r)T zCzI*WfKSANeTPJ(-Y=kJNj0_$%K(27$`>M>6OnGiU~p$$!OQg5ZC0;k2+oiM$vrB8 zm-aKl%uZn_rX8xab%wi5OA+fUE(;7~_+@76^?tTkZk!1+W@-G7i?7MQK{$ z(6I0pe4|6!T>_~50d}b)h`OaCD7|@<8wQvTi+w2z3W2t3bZ3nI z1Hn6A7E7dqX?ZERgWq4Z8#D3g%q1jG?8stL|0k1jc90F<@x~WjBzKw^S2+;x8NKlW zaXJS|HJP0re-m3gnSEBz#ndF|W=S#2`F1z;r7AD__0$N%oPWMo%6ju+uILoyKM0kX z{8ZzJPUGOSR2)dg2zXI$oII4i*??OzW?%&edqrAMaWqXz?jB*M9SLlMsMwvX(+_6Y zXH9T)!J}i)pzhgG(L*k<2EfGeNKWF2PB3LNVQf#bhKY5bg7BnZp6Th%?K3mnzAZ^I z>lD(~T_e*R*HN3X~AKGho0 zJaVVs`dN48@6sUOTia$L%1{89-oKG}79twWkBIDsPm_VVZH$1lm>R<3u`jeW1yB~O z%s2XWxhEzx`73~v!>Bvp6fgqvlXt&FpJF~TV6*0^)XB$gc+pz;79>PcReIBN^Stua z^VC;Lxd92%Uv`Vx*zjXNy zW_z}!bf^FjFda}3k8T`RXA!Q8TesZ%3|SideEpi?uL`BY(6-L0$M5th0Bj^8WG8PQCOaYPiivSt^D4G#y>c&$rC68l}t@ zLF>rtG1w>Q^sWMty&vg!Q2`4((((1JCXLPPo3DD;5#V55OO#aDW zP=O=<29z9*c8WN+^*v8xYSgV+Ia^62O6XUo_|8d_;U?+1uHZ?OxzCaI3inPsyr#kwr`(gz1(*6Y?-&?%qdoeui3zJfqst5I#0tzp>!n5N- zPs06?h#AC!;ERpQ9l^bPJddoO}_SqNQH_tXh~a0n8>% zNJ5x=GLST;QvK-aRBe`s+fn(1Ft?P|Xo%dLeK*!!NJxdt>f-~%f4oG{9(FTT_Ha=~ zLf~Eq{_+A3B1$P_G{iG%=kPjNeDx&__GQM{jiiu>m7`UrXJXJbdq$%Zx)}Z?hDHD% z`k`*H+n)|1Mz)Rh4d|*nKF=Z*@X1~1n?EV#>%|K=a-?82fXN|4n52#o!dL1AhqgIRsu3|68wJ$ktF9G#Luqb3UAxt5%pVXML=anZ0fK~O$tHUJ7M zKdy8OiwINB6#<<93jzqKEMVj@Cc0O!IUObdA$qDEv;)+cYFi4GHT!If9}Z2X*Ilx0V_Y|VnH)*|PN&groUW?-@Rv=%7;d4tTn&E5aom;T{^bX;uoNrc_SnS>ntQE++65 zNG$k@G!vD$ZLu8fp3eZNulf_|MjGZ4;a%S4xmjF@ z^5R#dF;qbq?%FwO=W>C)>p=+szDI$GLKp%o>%tybYlOGF)m zwm0hQ!zq$8)uuFKCPNd;nYtXejA~&IjsC?!l`rtb*;83*AgFi&g3 z&T4{oVbzlBMXzVE2mQECCpPq*a#{~)Io)$sBK*Yp&3pKNyvSqUU$uUH{Znt6^A8of z*EK;0%J;ok^vuB@n8p3rc+vHupT&4Mu>__m52a31lwVfAqKsUc_^Hn3<5yD_LGQO7 z?rLxH8+493EtS0h(@yVm#ktl2E?Lq;dYqS1CUvFD(1 zqPdGZB$)duD?#A@VR?_^nEw2ph_feO;kne0dj{qM_!v zxF}CS%1gVD|J9~g*Oc;0DlCgH!i$^aDBZh6+?`^EyKG^E2cwTdNk<5yW+1M5Yrp1& zOtc84G~VX`2(EB<$-0;-&AGjxd`N;nM(fxNm@5CSYlKQ{@ zuv=rY=jEyzLZpSrPTJN}Na?hw-nq(iclb;PgyVHrojj1tAnA2J4MU6?86`>Bcnn2( zg1TMk6|$|9s;_*k_o(~5&^|VChsbK`^qA49>XBhPjDnj!*|aPoU zM1E$y&~nd-FcCzZ3!8l0$85{t&?9)Ew;{{AH~Tn#lCTQhORY;bF*E)12U?U^7Vq@W zv(6C6>eL?c*zH(DAO|@p^sV`~l7t_F&&*2+1a7OOa)mq$;j6fpMg%C2wU!`{;rMY< zR(OY4CXU-v91Y9%b4Z4au05G}ht6!b)yh+4yY&`!N45aS5}K>e41mWBq_8<&n+EM2 z3~~fBomfvbUAFf}m6vtCqh1*bT`txn+jAX@=h(Wl(5r{>1iIT3TK5~uK`F||3s2#3(yhyb(BF}{ zpOHih2Sw75T|P=WSmSkl?b%q5)cRxh`uTIusgLLk@)%8sY-XbniG*TO;8YOfFr1^h zw9ei0K^NjLkRy9;Y(8BO{>pm;d%Dp*VSBz=xW;;pzEJfxGgOPyTPAtDlydeADmP!f zoMZ;K1ojs#o1lx|C^N~q$^0Vmrb{ZRxZ>6VXalMHtyDWZrOx3XlQ)6PLqKCc7rjXG z7guF5`9XkaNj-DiABOmUEHZic1OF#ovtYF3=VI&tJ_))yn4&4YpM@)h33Qpc96-X) z!AiaLk^Ai3ssr=|!JYPA{J5>GpN&f36*CtJ^S^G;i)p&CLQlH*@*+3+c4xV6pWWey z#eSBei-w;|K}SldWMfTfZ}|#U6-Yk?3Ab7zz{01!U+M^_*l1c7IX0N0UPdzCOV7&U zTUc*&Pe1q#Wvt4lx)lC8O)AAD#V~ET7!}!u=7X-nC8Xyn+ffOusRB)#{@6G}Nf^AY z`2FcjrPIfzX%v#i*p$V^O$%3#w5`u}n;8R0_}QLCz+4!^vAtUor%`&IK?S4pN(K``;<^&_D-hTo@Tv!ynoFB5P1#X#tWC@~cnMi}_>OuU|qg(7-*wQVQ4 z>8kJaM)cMkhh20!@OHPc*99o}ne}29g@#CuI#+DN@>^16N!8Eov}BFunsM!Z4A6km z<7t(VLWt;$V?9aSF{e}IGA_fW1BfUYz+0o)5`h;M04RoPymD#Sc8~+~Ej^rINm=oL zI3!elYWFevlA*Snt=stKbY;69NgBGo_i*b%VPP!2`uFS2T_ODJH* zu3fSekoTs1+0FFkGKKc|kjr$gAmsX_$KdM_k!H0jxgwW!3tTjXIXl-yH==rzP0Ld{ z;zKm^sjPaMA7>4M?GP1$R?AD}vtbFBs)xf8wG*D$x^t>}t`c@7-JX9KQPPKZAUU;F z5`k}&zZ%hpm>>inRUPxv=BH$_QlB7+WUf+(jX{a$3>$U>OKX{r~6iL2e}HHQgFvOhEm4>|u{ zZ?~B(zVgKGHZ6kH@F!^c@QQs7Ml0a#DoytjT5siuN$>-dXV)Fc)i1@wm2IXkBw7I8Wmg>Uu zAzyyk?s9K*poyj8=A<(Qu?!m=#uAi|3?}E^=;ZU&o5T9znor-l-@=_IFy(Mbn@TcX zMCSS+7ww_b#a`i|UaOTpNf5w0LAOx&@ogF8@loJmRp1_zzjS4*qy!EVIpC8|5_|t( zl3VK3U~~LA540Xz>o#iFFdeE$}D!yiU)%l^~H)>r+A<4%wcEV?iDZrJ9urZcbZS=!!X7qDZ0FkB2V*I4&+e0{YCw8p;1E==awk(8FN5*O5u2 zsL!g$C5O)teu`Uz{G7JGGxRu{^a$g}ei7l?Om_NetmZgZeNi_io62eGxD-$jrzP`& zOeqMl(GP|`;oY^Ur*{P)Unf#s?Kr4=UTAK?T^vaOk(VM*Q26(x1G8nu1!cDjJENl2 zy;fZd;M_NmcoElhp@Q4In6St!6+udmO}W0L_hot%Nb>-Ji;C!-7&oWL2go?LZ{uv| zA2dEjj_+yr3p#m`(0i89XxcsYjM!NAr zu@lp)qW{9eV*a|3U!vYFo5CuU^C1tpKLc3BYVH}i7Hjy*t$XFoma%Fiu5tImI%xep zb0{-!e`2Du5x_olN|3d;$8Tnda`qVBgxN*4!Jg`v4F#!z3g~RftW0jSGpGg{iDwD^ z;H7q1IX{@d6p17jGi|88Woeem9xv;fWp8wQ=#pwsPDtuj5SsU9DJ`lIc%CkFZDx?YGlg^8Y5m!sMJ6)wGz zzU8AHR|O7+BRK+r zU)3lipH4^%lD=B=*4@??Q8)QhbSwO@#K?T7>V)gPz2bRi-7m zv8_+IXHH|H@aK)?taE=+>5u;O+~Ic*hkg9S3|FUmCANv_zvU~?oZsjvM|6g#NYFb0 z^jD6usd0O_H!nDdU4c?j&s+xGYMsyzUx}=nUWw}0p4?F>d6ozA1MUEa;W^bKqq~;5 zzLc-F*f_4xD$nA8{#`>ky)TO)Ajcfpq))twGEsgAryEtap9QKRA2aNFqcch+2WL)- zox;oVUl%u+(IaBuX+DP4NAY_;ajlki*Cx2J7|E)kPZUrk{gBM*RdwuES~+3o7Z~Bo zM(0QHhvEprVL;v!hmyn75m5ZLA%wPNg%}uaj2cN$R|>fgkIV;Nr@rcX@jCm%TK1Zx z^kd>E=!^br-g-QHY>A)keh2_A3QzIH_~lWEqS1V9I~Mmjw#$`MF;O3{$GMzL>UoDm zhkxc=^b{p724qmx56=w9$2H7^CFx3pL=Q_I=m!ucw;TS*>b)B?1!H7MMM11f?;K;W zlQ%EeL|2axKTj}q8E}r@bl@~l=(c?9J@;@u0#Q;&p$my}VJCx#EmJLlPH3!WDSHmA zybx5P!;JaUgvKM=?>n>29G?b)fBdH@qQgzvc2ci*}28f%DavB1?Uk*%AZ6{!& zl190hYd~E_|Dno?Y|2vpY^JLLcD#82&L=`e=*yX!J^FMn)}Cz8BmMeazAH_vddIDC zrI_?#9zq=A#{+!t5f>2CWut0&oNYF49_YBWBp$>mw<^)>K_=9&;mRJC>VX&9!n!{_ zctw{GCs!&C^q^A&V=!EMMZBnW#e{U>r`VL*WPl?d0B+K|MxR3&U%61`?+aM`1T^`U z#9uz5Ev-nfWuV#P1Pl2;+Ec6xjLG#N+iSXsXG0?`c3$xL=J|;r_>;E>5%Lk;NX`Mw zsEfk^AWPL?bg$Fvu;y+CNCGi=YOVx&FFICiBk~z#XQVT0>Ax#QmKj>lBX@|2e7~An zz!Iir3bP+tcnC6JTkMD|{$b94cx^%f@A6z0s?`@N@r0;r{MKT;Q1fM*80O9VoyE1` z-0ptV%8PW&3&Y;j-X%^jJtP>dG`wuSxj}qIY;SrX>E$Ln>G{LfA#3M^3}FPMc_!wj z^mXrAxqXJEAz!}42_^E4$8Pjj9?P#>&(dlkh+ig)Zj{5yFb#lAg`@+%cbAQ`=OIP2 z>F1gI(m?Fntq(}q?jlS>C%WFn^@b{w<5pr3sb8THA8V8mgLO=&r~16g&0MGJ-P2R~ zoP}z3rat4+9gVy`!KD+=Mk0eTuU`kxGwBqS(d*XhxNB*&>V>`y$%XIVA2mcFj{AVa z_}1z3K!fdAe1+Q@Q-i?Kk0Bg-r~Z#Dm1~|oStf(=!a9n2!!4;S%2eTm>{EtZMOR+? z<(;7<3uLG~`-DoFO6t=M6z86iRShR8Z?WaJGN2Pj>qC7XbiKx*N&G)2pDSH~d{l~a zK2Px~kx~953JP4n--mAW;g6Xu!hSzSKtQ~@MZs@4D1cQJmCvMD045tJDYyd zUb-on$IJzA>x>X5suXEF2euHWce5>uxlX8(YOkbkW^PZ@W)-e4GNWmYBz7JeHXrU9 zLPCW6qgXz#bb?`)iM_T`MX1Ui7_3M)ZaUQ~yj_p z@~&Q1ppuzALEoez;&z&tM9D1s!Bjm$Z2jRWP2Lyg#HqPYyUs3?%z;-mnv;uPaVZCj z8l5%_=iK)_s%^)NO=q$)plT6V91-`$DK(Z06y_8DB`lx;B9^n|UF3mjw>X zQBq#%E2UhZwU4j$v&Q>qx+e$e>~M}Goxy9*%x=Cg??KHfwA&{%8gBwZB&gjd8Vv&u zsf|TM@gxhl0$$wM2wDUD33L?zEA`GqzRX;XMpg0)Tm2ITI~XSWv+~%&h}J6^1g;Xu z$Pynq%S-r)(i$@|{PDB#?9c?GTr>Am)de+WjDm0emPaNiwa<*+@QlNxX@#`{0*wkz~W zDy)4lDkA{fJRw4{@_Iit1< z?)Fhu!^=Q1OgEROAIXHpHjP`LJi29^1hB2dka9fCj=n&X_mj$X%+H-zGct}5vH!f5PQ$#Idv4jD};G@jpi8{+`EnSH8VKJdVA$&^oJ5rFfypd_1f+ssTJl@ z^}F+2zqON^v?>IIVB>8Vz9Q=6JD@mj6Za@0hMrQO$$b4Q6F7yl62*G9<(nTze9}uw z$w{j{O$ahbKdhTz{nUoUi`V6SGASAw)q3il$DUBt8gG(i>CsFfL$+e~;?)-@G5##b z`%#DEP&`BEJleRxT!UjgP!;s99j6QNr3z;)x=;$A1NiX9HA3nNj0NStNubv)*EnlW zOJECg#OvRFLMB5)QNsfFMrzl9CGZfu@4;#jEB>LZy3|0=kwUHvIkZ3}pSm}i0(C+F zK|TqgJx73-cs=piX4c$`a~Mn-3nPAe&z%gsXW%VUvZ85O?JNi~+sV`zqwIoWqe}?KS75tG@rdIR%{J?NLII{XD_WbeN z*PwTOCmVCxGHI8JEw?X^&+z*erwML1#71`qYaO-2+Piq7OgoCmtSl!A>Zd2nf$cOX z5LWMZ%V8#``0QILnQDp7ScU}IgNjgv)RaKybTYsBNn)?IuhXP0{;K5kleYkLR{Kf} zd6skrF%otA4mxY5UTGM6@L9kv1wB$yEp;c!1oP){g66AnXecSYL`m1aVQ(}iZn)i* zQJ>03<*izp(g57G?WC6)%&{*__pfsG*KiH@KQ7*tmN^qnX1VsOW}AkpNJu%WGwN_s zA!71A2kIY`CufcvLyAQNx=2}Jo-2LHuiVwk>MG9>F?(8`n|wDyK6IzX7;oG=`8FSF zrFEwoa?DCsZus-8aQ1bg&@X{GupAt;73Yx~C;RJPKK+}jj06d8bJ{lXt4k&40_1a{ zp^Ir9R*6b`3$?kY=Swp5Uk{3%%pgLD?8bwLZ1{n?>#BKjuYq#p?lpgoh!cfSN^Wb| zx?;66IBVxSK5KcTr|h>ndCw3m4k&Q&s>Z>a>hD;QIx-H=5?}eMgUL+B={W;`u^c)* z(-_rET(dNtU3jPx!=w6BxBoebPLVN9M&I$B=Y~S6LX(TU=~x30RME)WVsfrpDyC3@ zqEmXXOXPU7NXFA&^kzIOkr&5?l(^T{R@YJl4LsN$FHzQB5b(aeNO)_n9Q!E)AC`{{Q(TeUORmTQD}2A^Y!CAooi(mwiKwn|#`6^Qx!PyClcFm`kascT&n=!ZB)PXY!x?`CQ<=bnYZfW{? zyuL5#2(Z1c+R7TX`y=iV+lUVg{E zX`J!k8bdhGvtVRJ+!k6KH89kVj5U~RAj*o2A#FK}c^fs#LhKI@WrcGQm~XL{ zmCfvo6ieGvbaHj&mJe(5LqJ~}nsax9z0}d-w~o9zY%4^8q>}mLQ@Q{tdE7FvF(|)A zCg2)UN93>6@!}$N8rqD+XGK{O;jMh5aE*@Lg18r2WEMS-JItErCuatxnrrbCyMg11 z$x_ja_F(aURG$IU$dXA@2qHPGVH82zykj}J+L@W4+r%ADa6AY3qxqC|5L}7fWZql{ zAlvP13PkHjxAEmt?xayIz|7V!Pqyq-=8%61Kt5$jr)b<9@*b}i7P4P2?G`kbjgmG9 z3Ro{RFo;hut)xq)>qIK*O&oBbpLL;P8-rtVx_9{>4Y>K9*xYe)F|f4NLJ#MZdj2L5{k$S1%~`wdfvrN6;zLo&NH{*KAVB! z0@S7oG3J{v=O_0JCbNag@&dcc*QigQ+&9nH*L1OGSe>@jq8ZFpd?p#KQ4OYcc${B^ zV^YG;xF^(l3UXO@!xD5&>Gth>ZLPjAg$k$9L7S7S3CuIZI-WRYTc_`~I0#2>EUg`I zb}Ok;ZJ;8T!7J*bEKdL_+e?Kng%v-V!CCW`py$by(zGE&{qo@D5;E(B?tL>q=B$>f zeLcU&dcu19D({-8z3%2zqgguaFRva#Ml08cHk?V}8RTuZ&(=~sX+l|6eJ|0F8VItw z+Z-gA;YOlbzo}}|tti{>B&WkHuom9pAuMH65NWvD$5~_Uuad z6Eigo*)LjCoTnh(s^~+M#i-x0%fO8!w(al;xwY_mHF0iQQ;y)l%kuSs6WOm2<`Paz zzlE}T>WdLGJv?eo-k5&cmtrJ!bEX!idd~82;Hq_#cm8N`MEsW=Igpxx!okH*MZ`gy zFZ(0X8jX&l5V?c%`Hf{3UI0e%X-v+ zuIfge`;mjYShaz;aH>#H6BowyFtNzfTM*4XzCaCTe*W13z(yP|n-hSA-XfOjEx&T+ z40w5Kb5`97CT;7NGJLihp2uCDN-E^xlba%l2QQwe){Plw0R$OUoSRTt-YM_fKH?>- zYQrQxTIYftkdpg?o;N*_rIK%N!bd(M;mi^h{b>!z0wm)uW*9 z6+%Vrv|LsC%&#J$u1tbz{v=YD`aUisS9ZMa>VyPP*YB?DfO5&73+g>oAkV#~Y zI=-^Ws~$%E#TE7WDfAwe`O`MdHU8HC(+e;KNbuDw*HN|U7J~$UqFTxoZ|2iup_$pQ z4X9oxEKx{)3i_}%32FIT zx{x=Nz}UzPlj($mD}iIW>G11)Gx$iccgW_??hUwzG92LMjgpn=cZIFhgo;PMzyZ?x zd=#`u4bHj&&yE=BV>m1;!kpnrna|G_wkq!0gf3Ph6&o;N3IMCl46-^Og-fw~a{=SJ zrP`Z4x5L%A!$47bYMS>7*mk8W4k%eO)x&_rIswt-pv}S0 zql-5OumH)!71{pPfh7BH8$jpO57mRHm@dhPyhl=y3(G4ZAl4-iLL$(D6wu7X`)AnqF*P-qzZYMvNKN>HD5b@MtzCVz)c?-cgLh z>+@kjJ&V%Wevvn;!^hR$w3kZ6SZ@|hDZnp{rG(C3{%t=0H>M(ZOxf0ICbG9RTuJrk z$mTx~1^dwtAY|<+LxU-Irc5uhCHR>DI2I!ic|NFkjPu;54YTJXS+f$gt_lZIBze_7 z#=EO7a|NJVqk5G~{`RbM+o4=6jp7pk#v8P%qMu0_P5^@Jjs7+bZ%7+3K9x~7Xxl=W ze%Y>n0l<9}tOFVL$BX_LOv5i}C=!9g5c)I|stk`j=nZ!&*L=3OkbuXc4{ECZ`i2w? zuU~Mr(cTf{^X`KseBuMBj**ghO2Z5+${vDAI4g zE*|sCV(?DG|1AI6+v2s&_uudH$Fu$I4kDn3NdGF5{ttQkw--KCDfgD-^u%EAPnP7* zo7V4=^*`T|LO`7nA63%dzdj@3yMjMv-E@v3{Cvx%kNy{K^#Hyv-b=@CQOkS0p5$;{ zio}t7C6nq{Z50kF=3oEqe;68R16FViacE}4@|I~UOZa8fB-y6+hGwmwLoQ}#B-ROc zH*r*(qR8S>N08ms5MKz!^T5tXTua?<*%9oud=Vo!bYk9E9_Kyrfkc)U_l~Cgg+{rx zEWgjy8A;FFrz=c46{!#cs&6sg5Z*_a!7zA$f|69|Y*%u7iiJYP0{H#8LbFeKqbnk6s z=D?3@2@`d=(E_?T9De-)i=)fk?orNk^CHj)a6$;kDS#f@KO_BS#7*Kgm`!9B&P&xF1DKMnEM(Fgyy$6fv4 zcp#hpdtCaziiQ?o`+BgkbE1Axv41_j-+mzYiV83muUa3v{F3GUS7zs5%-Q1owp^0O z9R8Pwo5=-eaOMSS+t|O`GJc(yKVPc?vt%b4VEQix^q?EA=Z*?$5*eH_PqwP6n{-@4O!EAO8h2@jpu6h7HV;mb~7tThDLH_ix^c*aJc+ zdPML(SN8XC%zvG>5>Tg8T+cs=uS+WYYsb3-TVnnhqQU`!*b==KI(6kLX_i<|x(?|GIrM z0YuByxD)fY8TjY7QKE}_hD5>Le?pNy#M~DFMlI`~_}3+K}MXu{&lIqx|a$J z{lBjHBEt8o)Db$Q_#2Sx|DgV|fIuCJ1Yi8~-29hMz^M183YCdlHt8>~E${tSfJOG> zFR!fNt9!rkRnt#iqrWbS|8G(MZoB^N(*D0i{SUtEKfY@F|C6Q$@8mx?`rVk3RvG$6-MgIregbB_l3wD0^mp!46g4BRP41mDk|FV%F^_dd+ zuUZ29U@@t!m`BKNV{glDrIqJ!e@S>4Ta6qBRJULVV^W1t!%KR@u-zMHROn6#dcD#BNg*LsTo)fMIM z4+vB~ywCWWxn}g|BkaH2>(3#Jqj6hLu`l50qx&Fl9WFLc-f%xd7yiQy8;QK%#rBeq z!hT=)f9Sy9FFan@C*ZJ{!@&%psGA~mZj?8 zU(Z2cmV0Lhuf*b?p!EOstO0!o{5ju9LS))scHVu0$$%}U)5fUqUyt@bNXNbiR`89; z8T8-$sZY1m;`xDq;cnBO1Jk_4K6=Upw#mℜZWYdZ z^KnbhyEpj9i*7TYGU*(bpRU^yr_vKsc`ihF0+}E#hx0tc;dtfc?#OjbBPIz0DJdv# zQr4TO@1djgzm-n{V+K#$Z`Tv0;485|uLqbB&i!;Z!MX(z`qSBp)Oa8<`h~c@cp7&c zPz?D737huk$?9<$kF(*IKDLV6N$JB$U6a-A=_9j4`h3HIL?I-c9x9-x`hmET&Cw6< zij7(ZGvB>n!YS`JXvEy)Nv!--kCilC4_D(^vn79eai@1M^{e(aI1;4BG|!Xp=B0N= z>|A&wlJI*_16epMDZB()Wv%q|NraH)#~s|Y44O5)%M=2eFMr<7^F*^6eW3PY$5?0{ z%e{-Wh)_}U{_pG>*5OY39 zyRtkgLg~j@eO_!DI z07XP^#oC#ro6z!>rADtN(TqeG-fr_(4*)SAM#M3a5x&FYgowlIt=;G_3ZV*uli|T- z(utO_ZpGc4*1TL{ZD+kIv~GHaB~{sabJ{rXUz==#`GUDu3+OTj$eBj*a*IER!gA)7 z%Cp^m12YeQzAFoE@ibcf^mzd6tJWPz`ifigliJ(wuqzyu8jJj&VXq)VM8hbZ8O*#) znzg$hHzx|7Y^zCnUw<((A8gPiYSCpcT*uu*b$OXt)&qO`HQauksjq9HroeVT>+(q* zH4t5nPo1um7=c}63*PcRST?RYeE3#uLs{60D z@?OJ9;XsnH5NUmUVLYP7M1)x)9_N@|tZoTfj+n1wcW2pBY3v=ZGA4n7-FTE?J}T8x z?HJE1G&R@rY<_=%4gn&1fIYuvbcbLc099{YsbIp302uyQrM{O#6NQsi95_WR8)q^J zP&c>|0Pk~y+2iJn!aC^#*F2@(b zZ~HDsD%~Y;wiqa$G=)&UsT{F&Kb9o`OJsPMRlbQYTYB{U#{T9Kb-LLkeTY$!wvNcz zC}~%~2Y}nrShFjh@BuYGrU>#F8Up!{tZH+TZMK55t3C0R*C*Ek@9-EbzE_E^$E(b* zk&|Zu4e}!F)D1D#7(@EefJ#smBwX50-3%ZPi3HlE3N05bU9%C9mP8g!RrIX4G)*@l zGAC$6{FE^{gWu*`23&QUFC(v8EE9AJTGhliCr*beXR`af`<;>f__&wx)`zrT1uZB4 z`DC?7Ln){?qUd4kYWCaS)DG`P8wCN9u0%GZPkTZHWcu>tSE_TdK#1I}W7?!`HmC7$ z!-!7u@}C18*Ctdoxj|^8Dwpy%65gFXi)Fm~P*#VjcNc~|L1^7yhIVG14HrMj7CC@O zbxbEo ztBYjYtN8-iv+m8+)M&6K95a1xgC}D0gnd(@qC;d(;1)D;Uc5f#(p%qqaB&97R1&*o z4h5|*p5baR*|!VQRozIPo9Z(bP^6sG*S407nKG(vm5lMQc7VlNACc65^n)%=|61!^ zyh)tkvMoTmc1;JKZ--+Ta!Fmsh8o0(y5#XexzD?j*d3dY*4$)}k5aqMz1>e#f;h6& z#{xG~C|h1gorkp!mbWCpGv+yeTURvR7)5+~<>pwBzc+63SWm!Pr{(of-q+@S)smPO zAy@#!IJ?<`&7mA$*NcEVisrW^ljVDOD{_+G+Q}>QcPH+D<36hJK=zM@tHLA(aYalb zf^gaa!~aRSJ1b;)!CQA^X;_M2?`*T+3-^$Y6!;c|Wvc6aB0#kKXiYU=&O$BKa;s)% zh7Mzt49#rvlnoH&(Us1S;@J-PG?tZ#FWdIga2V1+?RE9cOOyydW)sg?1U&a(0jW2w zmwl3>IgWHdyA**?+#nZL<{Qn+G1f{NKmP44Qd-CpctO7>rfvVn;B%=uB^J$_L3J3ovPBI4{{+Onvo1TgT$C(n<>iRxVRUt;SK)hML}m zA291;YNAQFq;Pm7B(-^<+zR`3tF17ocS~?J5fMkva&P12#+U$s1pKqS$~XBF`clgrO7n+Te(xl|M}`BxZkjF$M_cjVeuRK7{$l{YIC}q?KeKGv z<%yX%&?KOUSCs%vbFw$7*l-5I5tmBiSJZLIs1P0*%Nr+et9!BN!m zu(A*Q-vAKeOr33|g#y|9;^U?HW>O-`lDF+13Oip4GW-=wxRFa`0U}$8QxZ<<1g4u} zh!Vv|xW|X$P~Q5icTtcGUh(N!!8xOTmA-O=?#CG=#QZLKU+6$gsu>>Yr4iQF!>(5V z=V^slK;uky(-8;q`^eL-5J@a0gU z>K$23_N4Rf_b8WxWv(o}^|OUqb<1iPue4H zE=EHlZ)rY3lJTzqKMEmI3lzzIUz5QOIU6t9;EqKe?G8`R3UH@Jw|;xtyF(!f5s@v{ zvC8Q9lw^?11`p}Ea_O;2^XIl)a2YfV(kQ)S;|wE!<=3xZ6+{QYyU;(n>JW?Q18SwJ z6JGiY&?`~5o^~4II@g0FwuetVR3eCjirob_SCbU`Ti_7KsRtSeI_I3#ty< zcPJl+cbX`OtC|{}E4LZ8P|)j@3g#hn*@*0qRXeWQ6=rw5#p|$Tl2%+{-R8pnf#xgc z{6ueKyR>Cw8m#xq`dd#1bp&DuA5bkCoHw9NLPT4bR_2mefyYFu(@_~oQG=<>m%!ir zY_ji7Z}e~w7h`6)a8N|g2W4~ky|k@9d+~Vsq=~6GY`OMpJ@(KBpiW@i@lJvG=2jkMl)6;arIu7m z^~2NNjv{Y~05gBpibtDV{^y*o9}H(S_0ne8j$Lq!jYwEox=MALWhPw;g*8L)>2l_~ zkGxlVSj2O>nk~$(J8f;58d$GxG-|D+#S_?z0rp6`IL_5 zqjuPpg`o;et`TTTQ(t9uW0&U~%ddua_j4~qIz@S*wpTY&gnqixWMTnMxlrlYEcG#m zON###HuUG=k3oiWVjA6&Fs*vK3Ad7V#65l0AH$rRdw9DA0?^S@BF>^vApfr&O(D4~ zN2pUk8_&dG->RJzAOs`=#Z#wRq>;bZ*((0@E&P0lM_GSZd|h&AE`<^v-(O z{b#P5tB71~t7SSsai$il@enzMWSpbRJ&=Yj_l`Ha5SLa<2`YV;YOiRww%1>AayH1# zCq9~`kYn+Gn*6ygjP1YO76ZzteV5G5=%=bTn!#;U3ZMAoP!J8%>x4*}41UW%(VSRX=c&FmF zD|7G{*3P?cKLpeVetb+8&u%?mKt;~t8rG|203N{WFf`)AULHsToS)aP!wHuec_gw7 zmK%k;885YVh`*gZ23@XldoZZyO8Dp$qCe5EZ)d7AK2XIIt z>jINn5yVy+RT=jJj3XHAyOP3emjkWcnw3x*FSqBQTaC&OYLSK>26!+pdgg29=7>9~ z8DzfO7fbJx6<~6HvvBgx`g&avRuqXiGD3?&+zBbM01&xGmsN;pF=^=M*8yEVbt7Ce86ynjHDibdyUKrCSV20Jb1U)^>^8n?Qz0CycG=-h0KqH9r z5X)lo6_T^$%%z?^3(e(4m0TT4|Z zq{w$hd8n)SdKjB^SU71s-a&M}Ui5S{ zlF;S&9pF@Iz2fB;{OQD;;qiQumbwd6RO!XL_QwCJ;y3Alr08YFE_vNNc zRlV^}sY(jbf?00=?4A1E7G<+$zCM?uY*$&u_mdIY{ddpliK*dyUdv)94X4aj{s(apN$#469c28c~GaCRXy$$}Ne z()6x7IN#MWM2b|n%x{h7>)F!EHzi8yMG36r)f&{@Xq)euyVS-|Nz!`vnAUsW`Seqg zLVUi2;;QQN1kgFEx6>S?Tu8$Ez8JTjDT@fhdpVu&@7$Oxn?3;v-%!Pv0T#F@BNv&>?hS0O|Vq#i8 z+85se3L(lc0t(&XTS&;2mH(zfnp^nlik?9%m@Yzi{=(iQ+oTrYcj;CMa@aQPNmTEm zc6z;ExmJtHYIfe;pq0YG{RTbvjE)tD;auf);ny8x}i6IJwGE)LmHtJC!zdEjw0S`Rm`Ej;+ zssHRh2`Z7l*NrEryjvoMBJG|N4IZQ&Gw9<%q38zIx+bv^1Do})Kejy7p zy>UZeP%For=+a<2h!huDQATpz7dgnp#K>}8%|M7bB;sk!<$FB6<<>ZtyCBHN73!5C z3l7(t#q;N?Q`MS2M^q%FJPoBDmIQMq%4z2LUG5Jo_Ra4dW%%WRVhZ+AmN;}9P zKDmenoKMb8`eNH(n2vx)%i8S2S%Tk?()#LQ-X^RWYYfMN)Vn|8k?}Cr>{4UImRFiU z;Kkn*W>W6j&Wj@9z7mBLJMSVP(#5?r>3QkvyZ_b*MJEr&>fX{!yxDg25QV&;jM6bG zh?QAUY>)G%((_7&E?eyZL~n`T>RVHC(6V!!98H}`Y#$_&RM+W;di z%o9m3?#9cn78(+hGh3)Wd&?WD^4!bneXX{VzdP|VLZjGI)u6VUh%17#R+iM-`n|yu zf7Sdz)XhZl3cVHUZ#74O+F-TMZas++c3@k)y*H=j_Z>=hg~1agH?#41ph?UX4a+r( z!7u^5I~;lk25z7XKDlGc?*L4$a#hE<=ok5gvBrM4uy&H1TwSp2zL@LGhHsGTQ|p3f zt6JJR(~$P0uYe2Mt3Ar6Z7-ERcOj#ZPwJTY62UQ=_z8A1(n_RpSD)f2$-9cPvcC@D zUs9+08n~q|B3c&|ip#WV6P!P0OzpFDM>v}592iMx67r!9c^D(U44%t{eNlWs%_SXG zabc3pzlv{xWYK1j^i9{1(e4F63`092EOuWS-~VGtZ$Mqi-?;`~fUGI)(|o^P5}?$r z1}AmDW^SD9MhJWiVz%J*Mb!q z64(~an6Y_=&8bBaMfo7zdKS&gwaVdKQ+fF=l#Pkzln%_Nx=IU=j&SK6-x06#n0;50 zREnjre?pVVdyQWzMW=dKATr!dxG55sCIm#ZOk)J>!Ppd1c+1ke-6S}D2sdt=4!Cex zPpS(!gFlc`vYt+ED30bRV_jSwQlu$WItAnQQiQhRmO0lL2?R7rn$fYuRHpIYhznwHOU4WLH z*GVkF3SruHc&xU{H5OC)PZYb0B;#G?Eea6JkiW6B9~SD)7*vq7wgvsnKH0LSVS)>H zR4ekJ)k1)%@FE6=gb4LL4?KuC@S}5RWjpiIllOwKl%%QR#z62tn6Km&It- zKjj?7W1a*(Xn(QxRrd8puOsLIDV$H;7u61147k0t+J!1gjyvTghbQ?49p+CgE^#YY zKMUOuC3hK~rIKCuL_TbxVJZ;hz#wTxxw4kYnuZ~Hz=<)P%%OOzwY z;f*1cie-_?>mWcFLWRC_JKM~u1Xw^zClm2Vc&sw#cc(vxq7fNxCRbOgF$Q4TOzm)C z+pSNPV{vbkAw4wl=HFiXs(J-~8=k_kGfiAuZ9=)m*Qr)tL8cS<(Mew09N-G{XJ$4% zt>#jJ55!Gn<35D?RRr?Pam`ji>>s&sa{c`nq~h;;k_>0B4XuGB;vJ zIq&0n!?b&!B0QACAGyujSFnjj#J7 za_p;<<8}2av}f;8?Qemo+2?egW0HAiUewV2Ccno9kNpwKa0XM}{D16yWk6Kx_O~KR zcZnb!N_UsENQiWIcQd3kh?I0ANOw0#cS$pZbPO<(L-TI$z2_Xy&HwrSe&EZn_kL>C zv*NebCCNpRCR>5_&jTNmolcp$ojI*q%&ST`#Z`O3SmLioSMyyD5wSY)JgG#h=@9gd zlAA_*f5K#Sxh7kM9c@Rrrk^Gul4}4h1c?vZd+5AK1@^v@$@=6gSt+`y~a-`qelaXzl4hhG6reQilFofg6|=uL@er z_58H*`iztTDAIODBSZ3+G=_w&?FNi!=5o^f3I5j?sa&O_H$&Ywml?Y zv^s@LI}9leGNasC%xpS5GqCE-l?FaFCDm>F(Z=OZhq$xsz0F9k{CpV;Q~X(!Y!_hr z>?cLTgd;0$ZzVTdS=1NbL!Q{_x^t~}Bi)^F_gWz)lF2)o-9_fKeOw)y_O>AS+zg4W z-@R0xo0}?p*PlD2wlNullPg&(LuYNscL}?a)2K6yxIzc2>THUX8P;uLn}}O*M{X?J zmL-#_I)g;pV!bWN31@0>JxL=>`Xd%I-fBLN6S~_hp#zhJ3SWJf@6M4Eq z;~t*`^jV&o?FU-C1IkVh2oVhi7HZLj0QuydF93(8vXX`5Qtu0HSjMJ^e`_!%>B}X7 zWUut%;jIc`VXr5mH<^$ofI-wU(H4vD9qg!8Z~cvY>>LWFe2nrqJb!{LP#Q7u$nU< zT1#oZrx)ynbH=OhlWLsj9GCDoXN{(E7<{a;p6<=9rz~dU{xukw4eytvm`$(`|BLYZ zTPl+P4IJWp;J9e-e)|^Cx0{|u<9q2>f;TY~jVg;wwjvZX!dOBmu|B<+Gg~g4gu2zP zMuHBAs}E?fbE<5VM4zAHJh6M=eSP}&^Gi{heAeU;dq$cmqCi>{g4?X2RNuDb`me{x z(}4HvRRcLYD3T3miyVi65GX4{{-MusI)xe|SsqIRmq( zcMfRVFp{TWMY#2Aa55#9 z?~moj@6;FwN4A!|3_j@<=VB>X&w#t&Cu z*HQTp@ex-{mOt~DrG>DDj`O*i7mF!(g3;9HAvwg|*)#(ASkcK>zUjPH5mG>>y*L4x z3Ipza7Kqb|P>$H;D=({kupL3t$XlzAdO1>PF6Lc2 zh_5|OKDKW0zi1f?ZWXkvciW#c0nPcV6+OK5)X1i&@q>Y8nbJ!tTrf@f_3DpsXtYAE z--7&JsuVR)1BV=j-D3=tK$o(Waos$Z@+Rs!Y2FiUn8eI3@r5#dVz!fiUS+*IR%|?Y zzqM0ggo(FG@{A{|*?8~*0O?b|>0-X}#D$F&GjksmmgRRcbK2>LeRx~vkBvphEXJd| z`$?jd<_CI-O6!N(`zUPnXZ&~lRy2VslFESsE!?`kwT;e)n~(P+a1(+C5EgL9d-(=NDX;FPx{~3$<%gj@9uLKIKan ziWZ^Szi>RK{PwDZmLn$xE9aVsW8MtG{Uq5te-xh!#s5 zG3}3c9Y`D5xDk?>8-;AAvKhoDlg6gI4@avcOjmM%1HHXEb;evyx-)o}@4JHeaI{KK zHHD#-i`<$8bhAfK-Y!&6;NKU)Y$hLbv@R))L0!Uvzj>=j{Tmj5u#Z4T;I-MF+P9<| zSCcU7&zxyJ!exWaGFB5MF~}XCO^eb|V=oaa;R0Ut9-_g;X7sW=w1tTqf2#}*?L{O8 z+%J1%_Ft(!R|0I3EEmE_qY19JVg$wK7yo!BASU~cgqLjC|LL&pj|WEZDwq=@75W4% z0Qj01rehxo8}b<|Xrq)-y`uYA)NjB(bRzAb>iDZZgJQP0>E!0ZA*e?ex;Kpp^!6F6 z*2yw1w?g+gopTtXlnGnwk*(6RTAb|F4l3wu^uC#Rz-TU=$Yos8^hH3DP=OTj%oqc~ zbOAt4FH4*0zA>OJe-2zr&W+#=n|*kK9NUPSeQx3ES3$tu97 zU}%#&fR(jB4Oe$N%#P%&^;Bzr`RnjQvb*;$FpbFIANBfpPBHI`l^{9f(Ff4do>-F# zAB7ZC@QqCV#2&7-QgOmeN{U=tde?!UfJ&10ksKo%8_~VbmrHbiEdFJH%R)_uKZ|=s zWr%ofl%ADx1F!p#L*3OG*{FvUikVI;Y1+_rRn&OMVYlVMLS3b3$Le!yX#MR|%&7T3 zQO}J0gR7_(xa_p@vEcl=rOklq%F*-{XUuQO&Ls!X5S*xPDrsTRaUAuN02ZWGZXH7S zL`j~_G}2IqDW7uCv#x`c)KPDwF`=07R6IYG1Qw4KhLS$?42!njka82kks< zuE0m`b&+_4UyU|zH7^IkL{=m0WNUzMPe?jLV6GaA?iRMfSZsS`7O)cXW2Qy~B+zs| z)~-s@D;4;z+BZ=vISNGS;}8F?%2~r=W%W7Z9P3hJP7CLAfeHmC-3I+n8=aTYtcQ)L zgr%o1ar%(N1?p`d-#>k*8$q`CQm^vE7uom)I+*`4zOnVd8gw{M7u=OK-<8LU`;LE; zUe#5)GYUz!Ky^r_*?zU9w$;Y!hj%R3QuVu5(@>E?+?|}3)>8HBX5GQKQu9xZe|Q*y zROL>1;(NoVLHvVd|KehFM`!j;)zd;-aF9L1EQY|=4)YO z*4smw1oSqDzAiTxq~DHn^WNn-zpgiYs3i2(3eld%TS$}7)ki^?`;D(QjrvFXo=^>Y z0e4$gSXs3jwcD+q)JKD^KJ|G3&uRBqNIH#2T-NzIa;=1BeUb1uVjhxg70{wJsFX}w zome@`c~)n)V#1YcKG8W-CrpIc7=-D@68P9ZskrdCEWCFHntz5iNF|% zUWuMHfp84dvPw4qe^5-Da&w~8ANgf6QV-=6&?FdA=iS1ORcEtVRC~41L7#dnXiR51 zx_{SdGT5M{rZN^xmcZzadcY|db_&wG5zX9q55Th+=DT7@>Fi= zSW`VUWq*#qR3|RqKE)aW035lId3FBY^bY%s5$lHO#hsTyp>C}|{_fZ6vC*aLxbItL zm)C$EX{J>X@s(tPrB~bk(4(V&%^@&DpE+3dT4RDUybC24twZMQLc+ zuhdjaEhXkFEQ;~n%N19rD!u?7J~DYa-ID0zMZCN1j_D(~^e0$Y-GYcxPsYR%`SBB` z3umQ;lnna6A0QYEU!8iXG16Jv#u)O+5_SuLPI!G1X#vn=kVI*IAdC zTv<7|Kw4|Ip{TAVXyKc86x1^joj_4$ER_f?=LYgHNh(1^+ghH z%~azY5*W?Kk-R-6hAYZ(E2*)TyE!q z&dfUYRlTK4Xh?-i1a6JPC5t)p!~B>3{fJh zD&^zYr}>GY2Z0ZM6u~J-l+kRChb}<|ms=6w$pPK!IafMWC@PM%JQaeudB#=#0s{%n zc&B2bYA?pjUoW9N!PQ3ZBri<*rBS!)a++S%7xGx%UZ?1#YFU34f$=~Wwv%=(DoW)S zOlrYM`tGjp?H}M{;e0KN46gyQ?=&?s#A(kfwCiny+`+FNjihoW07o*Y=CoBf{zj{W zYn9L(z`fep962wCu$Zo5Jyu8an0sGfGLQ}WiG*2Y14h3*Io10Fpy0mLZ7KL_gwoBK zsgPz`yEd?n+M?J3&P`OgyVcc+pDlVf(+0SM$(#=sgl#i5ro`G3j|GC42Ie&p7L*;*>TSb^teIg`V=B1#SrNt^dr!`JfgG zLu_`VCPmK|$XNW=^XQ1-%5kya9sY9Y@I?gx?Qq-D@un|Im~m34`zag-)u?G_#Okd9 zM*WWVXr^~4|JHCuS;i5lN`DpmjqwMri0{@w7vL-1iuRR#qbTOS_I!c!hGWdN!iawT z)k2K2V{+~8r|UAxsI02Go0mw->9Rhk4yS?sZhf85c2$bjc|L(c-Y3hRy-q{|C}_{- zxWB{R^LG^O26%h9;N^|PotWw5%cB7R>qFI8%SI_sB)z?rw}#J*FwLJj;e(T%t6gcO zPuz$lt^sGxk2KsD*XtV=#f5`-+977c`7N;TIzPKaO!3dfR+t}s!|WJPb0SbbNJXQ3 z0xnn%l2Y+}io)M|dC{h*RB-fc?K8jI;UFtDAHU;ip!Ix{QYN(VgdjdYkGUqF##h{J zYw=O7Zk2soKtX}SWa1Y97>NpK?eK}*h$dOsE)tdS)c1T8UOs;>V!f}-H;&P2u#DlQ zCw*yL?s$=4VF}XfnDd|)?+RbkK)+BhQc+lG_G4pd$WUt{o(Z?JkEUO@owTt-lL&(^ zg}j#=w=)hhu3KRl*IPHs+q(oO_M1^W-#$J)YeCy?nP5ob278@t5||E3#ik=ray}Kb z3`C>USVa2hh0vGj{-G7&Q@0Gx%5ytDH;BoyFZ1h)BEJ0eDwXy<43Xwe(;Dj75-T?a`G}+rpEDfDs=pIn40cs zr*}ZhVA+<(h5ZTViCsCfgWlZB{#j zXqPWv)I`@C_I&bb)#f;*-$EnuJ?=rW+vKEWp!)=iQ7T1<0G@L8U?eucQ!{bxMMsYd5h8><#0E?qS6tPWB z!(!uP?Sve=OMA_2&;8k~&Vf)RpKi^CRwARFOkr{-rpsXpuBO}>)kjOSF7I4ZgQ!>G z?K*pbvPXNxi&_oo#~fT?Rc#k*^f~tYN1`$oF`6!3M2U#EmkS^8Tc*nsn`RO8m?ui% z4Uva(qYj_zoCN9l9JDxsu*9LM*U2Fv0_J-MLas66)l@MFoe*k6UEHJzGu9ZR!pIg& zV_N=>51mw^n6qKALe8Dpxm+JV!?35eT2x<(Hr$wW?F@v6%aT~J8Co2T&z%liEGL?A zEuoxPBMODdnKUIbx9rG3{MHzo-)m2825o0l=45gNi5kG`1o8MDYm__f)(#uTEF0yk z>U9c3ZKThNlnafW88^KTemI&$h-Ba(nwxDn?wF)x?`pe( z`Sngk2=-o)$O~oFi={?`^6JTcS`r!@{SR zf`JO~rr)TaN=e@k>-0eZPhY!`#Y~CZxd@K&p}cf|&au~wm4Pcu&~*vOnG?oazp1g6 ztJcTwH!+s#!ID*~E0lEHi}>02e_=y8SBBr{22fNgMjE32-ZK^&{iOcmKjaRjhvd zM-jqAj||O!veWPX5gDb9X4cc4Y`G+4y7`Eo(HG%63&N5K?@y@}enM_l!{W8*&<8J9 z^Y)}WRB=oAI+-fJD|0{kEe{ss*YF5@QH<9neonhpn;p?8 zcyt@zBt$7vdcr@6zkHPokL}~2r{W3Qvz2&g^RDKTh;gir>;hP|$avs;bn!lg{alXp z+Y0_l!%f&L)i5B6O6KGyx`qMjAKwm!lsl}ZT&?&-(Wmq51~6dZ53mn5oe?dvrf~Bw zN$=wiQAMV3Ls8VG_Dd#>R2)FqQZCgfM?R}9x6}kwR0+kJwT|QYEkXUMY641)_4fRm zK$hKP7_0NxXgyqnWP~A#y)#qMI=Df6XG|MXJD@e9DRpg}XGiTno)4;KmxYzhg5Sy- zjf69|Zbh=6#aj4P^rHkS|Cr76O+5}td^4-gcEu1ZC=%FJB!OW#K_aj{;cdLtCU9C) zlc7Pyq|xFYrbB!`;dMGO^&PWmJLljH{qeEtiU;I_N%Dx8zbX>VSq!3`SiSsK+cha$ z_4cq+$n5$4)@yRGOz;-wi0^JIfnmBrON+RAw^eHVB_Iy4oqc2Opm!)t1ZEmgAESs7Rs1WF0QMhZ;HEcmL>0P}%8gtZX_4v_iDN%~5CuoK%T6?BJ zXyLnzngY8g>`l`!(y$O+kIOTjG0AVY2@~rV=K!vo;|lF*dUnaJEf&P%vZ=BzS8R1; zLvBcYBysp80th^|yzyrH^oJHv)bJIoB~`y=eq6U@cm7sq)9Au(zvrSh&1R}(Hi zuD4sUU4AM&!Jt#uS!3f}$6F^q^8M|x@_g1^rM&u=Vc)xXtT>a9?it1b5`3$vlIN^n z01!268U+tpiZSTvp+kVi@d3rjiGpyl8;$Q?w*=j!lTx|Qv0$zDHP;H&T*l8i z$(7V*giFRT8=^1lln&ZUPk?W?NeXc;N}q1XLG!dcTsT*}(y6|A-^Cvxh6@na{mwjO zL^%C7BH!mPj0vCp!A?Ip%kLE1eCc>UYalBmIHh7cJ&P6av!P={M4}#u@=!6~hixg? z@?t)oyBg)pXF{<3cC$vDt%~|hB0?u_BGy&T<52L`l1W+fs-#o#l7|wI3weZ(mAK&3 zDnfMw@myglu8R=!$3uGMj9w`lUVuX*>nwrXtjtK26@zHDP(#SYF!KdhuGZaoCOJRZ z=)kaE*30(}r1Zf98&5T`1Q$c|j|pd{ugclZHT_ zYn0rwG@Q)866AEUN$8D#COb44D!UwCGfrf~@4C;CId=`ROYuEd;?EP;TBf2q9!u@K zRw=Om!i-#JpeTw4c}SaJ5*MijGZ)*t{+2fr!I{|*_; za#~5oNVWeFzT-H--ED&B>37n2uG;5co>5U_p~ZqKg7T`?2qc z+A`3{S>hLH1ag$?4HE4& zU2;`?KGhk$l6sxi^`f~@^6_UPqk4HYgzW5hxkE{OeKSLGM&FSBU^0;z?EduHrAhuj ze)=2V-KM_BPux`L0Z%{YBLX>unP7)4jyHxVhB760GUcU@nPSD!Z{Ng^){>tjXI`s~-Z=>2wDM+~ySux_Kl%POB;d9+nP)IkZq?0L6W-_WGEs?G zcg>F<+9cec_+Fxu-R^lg#MHKJ)0I~FWcj^Uavic+m95UV>{xtdAajL;iAzG%fEF+h z@D=fwCvF*56T}fG;0j_DAQ7rK zF>g6+JgRoh2-w=?|PA@CB!8({3g>CZUmjd0Jy&Ij9zt)u{BllqcFZmmb@8@uHe>L2Dc2q7zGa#R~}Zq)PW^iPQePG3&0Z}E@Fc^|TMk@)t$fKS<9 zR2^C5;=i@<*dz42Fg@H)&RbU@NCmPK*szyhd`#*L>#360vHM`2e^r{o&Fbyx#y*rl z1A0)ZdTTzp*K(r7K~T=cMXWhD+FsD=ooSLGt?5l)Ge4Q5hmL+SdciF_OH}4)baNU@ zb(9q-1yngiT^tf|kUjkUrbZThfVeT@N@*zayRQ8E6|RcVkEjf)-*)8@qxHp6SIuK- zPnliAac0mB0C zx)^HM^C6j2m8#l!m+hoC^>urdsu<&8txfE4V&AL$Ycj>E4Fgl4aAd2Oq`o2N4Uc^g z-aF0$y|Im<#6FLBjaB$3%U05fqtE5Kp2W1v2yJfQEH(^qGTO_``UbIfX$GfbCc ziG>$yHlT;p@zuLjVHUo6fvTwBDaX`QQL1R3z34h&TzS@cw54U2ziU8OTw$?l+W-A} zM8$PNcUB|3O8B;BAZUhvZkY(VgMH>hM9Vf3$SM>)JU?103e|fNt#akSjcAG61wsPx z2@@U*Ui&6UCCLV|{(!$bRqR$mKS>G#Umeu1$acUzmYY;kKo__yxRpytmt8CELZ>Hj zk9nsXKNvsEYnEw(Ybi&A)v2OZ=XT%=zG+V8w2Dj?GRmW$6kJ)|8`9ysk%EimhqeeK zg1=M^#?xt5PSdYiVp)WbAzjssL*z(8Yu+;}M)fkrWCmJ#*lx7SWS9zIOrMZMdU>`V zjIYW#og79JH!&R#I(y|jDRZCMZ^RNsosOt`Os??iZ2zpEK}nht^aEQ#cuacHahSDs z@izO1)%uDLGmmzx5=ASDGt{+J!$9oCOYtm$(B0*xn{VMIX8w*`+JiJFLFraha3?eq zMm&peB{L+>=8w}%{dV4ws8Q|l&UMN;ePrmlbv#n zg2%SW_y|N$qy}xk4VkPi0!fh5b-AXTIpf#}YaJyLoO0Mc<^Pyr7mGzgn=$@EKNm8; zB6N?2IvzsGp{6rAFd~TkDcxv$f_;o&ZoiEQkCi}ci*Lvj*d%&eEMcJ{&ce%HHI##X6J58?{@~wm%z8Sme zSq(S!DWM<{LR!wL%11z@AD;#voKB_$yRlR25oQOyq0$A4kFOm4HR{;c`+Y= zAvEXlMZ;RChNP!Oif@G4OtakE04E9vpYudTdq8!aYzT-b_E?natO;p5&!7n2nO7Yi zwP7ZN$x@U2A(@t$yTdhxs``uN3T~8965)vqZYy%$_m7b`xbgNunJaa6H-|OcTW$yP{a^T2DUjPF9CsIV~O| zY~od9WNZ+=#2QLvb}TF$t#lcw9&5D?7Q7MZzAP-qQLweNJ@BocXw?5j7+oXy_1k$~ z_azZh|C0sLDkHL%MN8s22g3MtAxdK>deq5k(P6jK^=KqUD#6Vq=ic1Gsb37%D8Z~p zV<0DBWlT^3q|m&7soh}TLU+xeN22x9adFsc7mb4|aJli~xweR*KWQV0F_!xpl53DhCb0+ zGLw_%WkrOsJ5H&qCD7Vsd_|ePLL&;ek}1)^A=H%wdE4#own&-3QX@8s5F?2t@wE=c zp(vD_t9b#dH8`8zHtyyzaS5y$x(SEZ>xoAl>QOY|lw45F z(?&b!hCe}T>C^VqQKR)y1l#X?wI?-Ghms}gdKmBw<-$%il#P%aIMhZm*vHPOC%y1r%|{2os( zw)F-NNjvBYEg~(wgNi^bVxfJ1z~}PW+({S7Wn@}eX=K(SSReszp*&<}n}^(@rBP9q zoh>TQ3>_oH_hfx+M-?vn4YNFU*bDdtg_+ou&#FoI=jTtoKSIh|hx?sk#3gqt@4TDy z^F7|y=i#xT`Ceq`3-e7>U%PO@uQEXtp({HS{LG}-^)^dJR)pSE9?RCkO$oU&3DVQm z+8-Y62cU+9>v|nLKj|aY8rf5!Kk(A+jC-lY^z`+R6ZrA2y{LbhpBM?d+rp0_@)vM~gsJ09yJl9}!^6-P*iH@L0` z+nK&>fYYL4y#y1+ui4_$AM%G=Y7PdEiGOfy^%e1VN7dgg{P*v>C9r*KY$g{#kB)RT zJH--1H;;#yxJE|#DD(2O?RA3GuI!J&u9YXX`bTWqWv7*WBt`^#5Z+hv7m0%tXPwuV zC)6Qq{fW%;;5QBOruka+eBktQ7$5GT9!geXUHiCq=jCdRfVDZR;^zR|bB2YS*Uur9 zxlZ|!TRf0PGHYz)!gP3T%?FXTw9G<+9?o3c&U;wygh=%(M7w}!ggExxyoJWpFp zMoVq3DI%c z%#}y1cG_;|+8-(lrCU3h`$2Acy0c9wkZ~!)7YXlEs+EqTWL}>S*#89KAqR%{bKANy zN5tG#u1&iWt<^EJxvd5SdQ+oF0VJL`yCTXzdI$z6@^@JKbHcU=p|46L!c8Ys7Ta2S z`<++%a3Y(K&lMy=JB`Gg$E+v&K)QT`lnW}-4oAC1WSEIcu_~9*K`X~z@-|$#;i^Yd zy9={~XAH{hYsPeZl%NA-l%aQ!p~UCbUF-*8{R8zFcGQNk_0Ph>J3FzbW3meFZMgXr ziwN+8z;sKy!B$J`g)EuNZ{o`-?Rb%K<{^2ueh(Na$6BGYc4HN~AE?q)o+^gPbkW$! z%<8z+#@M^q%^8Hm+b^$dY|6Ms3i_y~w2be17l6c0yrVQF6|GC6geyJD+l5pPQ0$8tT4ai&X=op(PmIgezdh2HsE#Ntu*dw%qB@Djf~W^x`|KCh^z zHNvQ$w~#=$@?A715cTD}Jl^68SqOU0=tD#I;ho-EQ%5k{eAO8Sm?^4IxiTBAIN`jy z*bNc|nMoy`En^QVX~;GVqCCIw2poIKKG|-wY&}yB{(g6VLDp{{~4_JBT=@)88TB^*DlH$#5U1)aW=c6t)9Hr z6HW+{oKK_~!?m(*APY;`h&NEMo-NZcoh~BPoGjy&PVW6KoRa0QwQxoNLUP`z*(8IAk04Ak#1qpLS-qoNEjb91DHtpRcoN z_DtAlB(L9k0qH0b55qq6-hq6nTbeYRfL&If#Z}r|yDEJ{#`%Wraml4odApgYS4tZy ztdk^+B)X|8`SVRqV*V^(m16VbE#YJ6R@6D@eX-aqeeO=Xhc<7QHH=8l8zk$ILZz&> zmIhTTbv2-(*LelmyUfkrh-DD$tyK?{=`yRW{XIZM|E+m4iW(tjBe0ygk3I zGyT&kgcK`Ox%vbpcgDG$-l&z_J5lytHQSecqCH+ZE$r0;I1MR%@cDDw))sv~uk-un z>O-DWR6lVb{CM|Vt#*C06x&9$^-%>sNPS~a%vfO^e?1_#bj+g~aHw6)6LVs7Bkf&h^|Cz0-JNd0X+X_h= z`22M4co=7le=Os)QMh)3J$8B9^lc`Vql-Orb?e;4V#ka~7xVG&5sMKt1QKru5 z7-#`h@NBZ*Titq-%`$uhvPpy9@sEp3VA1xY|6xOmNgtrD#$E!o>A5di|&zg!70rNbX|X4fDpqW|H? z_#@8D;0L~jIgnR4Zbw36AkkvTMBWwqa{4H}!I4bM``%!y_j zyyn}-zixF5U^Yn{>tp=-+i$Dvrh1zt;+J%3e5eP1cd@Q;@@=SG3RUwn-1TW2D+O~) zj(y;jey_v($8Msol=k0V_oc3Ok+3b<Tq-!ooz+Z%q&bA0maa(<27{@q?SX7%g(fX8*L8EC=`cdV+MZN9qC`9kv1?}UsF zU^<1PXN3+J3Ba7yQN2f~~1Nswm;tDlnk)Nv0u*fTvH$4f#r8B1^(e2z> z_|?$R5F@jjaeh<&-)ATC{VRq2TR*R@(5fEvlGrutUk8syekg#S3l~E1Pr~-Ue{w?^ zSdZgg{C3NqQbGP$$RCXRPlE+Y6n_1T_$TuC*ZutSCh^9LET?&_g(s8`73OD@j;2DQ zOPLS?{QkJB{Fg8IJxcnD6ai_hHYydm*4{`_88Xf6=zfYs5^g9${@X$SuX+D{HN5E} zk!R|0OL%$+R}s6@QQ9HEKseZJ%r>(G>ZQsg#-V6Z$HOk$2fzI!7 z)=q!0&j)wK zR0xgxoAP!%X)$?j;Sv1a;Wv%Evm(oaC_)B7v5?q5a_|1_F!e$=>qNRuGqh2)<2)k?_@%T|1eOZvLG60QTQL8_%~nkBbI+) zporf7kjMKky!8;Vo8o=N3w*reUuo;#Q`|4VMt32RF$}J9Kgh@UOLJ5QgjY|tD9Il> z_WwY5jy%A2@B*m*r+;qm|HBZ!FJ1(l7TAuEl?Q1;e`$_}SR(4U;mDxh z&+y-z(7)_d|LRX!{)6cKtG_hI zPzn7^#PGXtPVB!%ArJhl#eTl&Xp%Z%x{k&K*a68P8~Z;l|6d3V7|`*jOyPxiIQ^0G@qd}BbSOYIfh>wh ze@)B$WW6+(R$i^Yv>{aDfCLjwDuDlY3;5?f|84euX%fI&qfN_cjDKlEuz$)ua#>~n zza$<;f4*g=V>gQbmo@|m5D#&fG<3fhSO1$*$jpAeRb9qyhVqv-BoGnkGm3~4|DSg3 z-+nB*8hC3^V>Y!q=r3)ED8Mk(fnhTLpUwV85dWXe{)rI&Kb!qYDgkV^F`|(_^e_5F zBpcoX%_7EJMa^!u%y$HE9V82Y98+&DkG~W%#{U-uL3WMx)kyKYndakPy9r$Xv zke>b(c7Fh0MGEMVd1wmDU%TY&JHdfqmx%wD!CY}JJi+MIyY;1}kWBE1@BJ-8qPH{| z;1GFV0e5-6D$T?3+tyxx__-E|jP?JiwZ$=`3wEw+Q!#NR-p;%6W4qei z8l_%#eP{tLgp0(=Ecb0hs8YfI*b@CrOfuXBp^nj4|7HLGu7|Rb`jxPBKV%o~UwiAs z%C+BCLJ>NDkM_(#04aIkvO$dbzqAHm`UeSjRna~ylRIx=`iT7Z=cA{A_f0qruKuT; z2gHzofYIGjT-JYsQ!# zKKkFr>@UZ1$#vUH0~>&qQ;@8Q#zP z)pr21GYNEppJbQFzz#f>_);k^j`w=Mdf0&a12lZqUiMEW3>gt7pp(&<;KcrEY0;C2 zH>Z075?u##wf{ZuM|w2awrN1|2O8I|%er zfN&e@idXgA&BeM0tuhWj;BBq!>jB(tH-Gv!1sU zs`QTqDl}~R*j8#S=CU#Xq=E!qpfa^ksC@z<>3kQJ-JnxEap@$lY@+Aoxt`Bvn7#$u zZ&(0mC$%Q_JD)>Rw60F26*Dw@zmrF$%<7VE7on1#M|(1PdpmgdoHIfe8*_MDv^DhN za_Y-l&l8f{^*(&GKGDI18&Y{^|n5DM5P>n>r->0%50h1_t%onyz-Wf zs!c~&!}r}{%G>UG0qp$Asd^_z0JQ6%axb~cWay#@$)?`+whNW`H1rZUu7k9Uu~Ud! z^?+S{vPl=I=U|Cmdq+gERU(9~7#!-8z@TGmyFbzA!we>lDZljALkUOUfGT5E%>U|$ z5#geWK5y4F>3YRZ^(P_(M9!QrlKF(~T#f=f%JpjX#cD|VFotjmXQuagBjM2o`_|`I zFv(DrP8aUmi{^i%2t%{Jx8O{Hdn1BN&5I%q}uLd`cLl8 z7qM79nl~iY;dbRZU~VMK7Vwbj{5q=R*|g26eSYW(CGyVjUBzQx zJCYg(qLhdPeR5U?dNc~m_xw9q4QE~*r-baK+!4%aJoK%d*={ST`^~IM`EpU1_(1$Z z$9_d-+@Fy0bMPTra>hxkL8{L(u679iHV2p}WO$r)YeWyTrd*|1GMXla6;9#fQ;Q7G zyUi>d!ILY7+Rj8zXyekz$g9=E?i^Kjz_0zq>?Wm{If^NAE|IoO>k2)ze=>4;{^|zm zd(R$)PK0}8`$mzMPK;szLnsY}uqCx0f(=Nl_))wCR-@MM!Z+&R#mGYbuP(Ih$-S>G3xCCod?ekY( zg^(^eyoqNpkQZq462%Kv@P{3ovV-U9nv9H)^@?t$eVR zF7Lb>4J{V%405YCy3*I1J#pgmGlXy+wXviK}SoNp?^eLLwtuFm^%)-Kr*PJ?!UT3!^tCD>Q z(h=-abK9}bAZF!|D;G{7XuH`Xnw>q0_|)UeM2T{z?WM?nvcI#fGj_yd(qRAtGu_rs zAob_qC471>u-E^L+g2Y)>Wr>}Op+djr?%aM%I5OfiV>fqJ6iM zcd2|*D!c4eq#VXPMJ%}Wm{$M%QL*}wv=Z1OTB)J^u^t0QN-SsMu4n(Gf}mw&Ey+jh zN|)gnaT#1{q^i!a_>Licu{Zs7w9Q!Vsu4w!Y=`gE1Rhq@Yc+0P zmPZPpMGh>~Eb4G#LqZ~);j-*E&xm~3e&*GCaaol$Hk#4KGCzbSSl+KUp_%rN=MSUP zA0E@Jek+=`8d+C}a52mcXEr|wpZnE}(l7t1%x7bqME*$z@y5Ov#T)>?uTS-GW(Be( zjL?NHe1(QeRw^b0PKMP1Vepy>>W2_A7i|QRElw~)aLL92Vtkz-jj&M#8$H8Zb${w0 z2@AJ7lQN6yYIys4|tsBnc?NmgC)g63Uo?hs$_NS;b@b-?2V8*p9fL$~E^(GP{A z(wLN*9Mo9=@=*XS=011>G2PHoHs1hmS-4P z+1WcR`p9~-2fe8}q}ZhCE;GBVV#N`}yuI#kZtK96NM07M7f`jFq&^(eNKtq`ObiU)T;9$pCX1fyEZm8%2=oBJ z+0(%E_z@N@M|rnPvNA*~T2GIy{K%Y#lL$t}r9NGu)AdM~Xw?h-INS`+m%W|p2W!Vr zgj|(ax9U^@88$+#R$lHS;sOJY(VRp?KOd41-!!1C7f;$aIvP1C*A8xN%e8C1nh>Dn z`t)@tC~=uXP0v9wMck)Kcj1YkKxfc+Y+^RM0{?vQ6DBjDG{!>xXIV^8NUxg`fRtHRUihL1w0*LA&hk zyFA}^A*|(hy+W{0I@XuW*}|@56~dVAw?`E)XX;#Tev`rH$q0YkmyLg~a*@ zsA`Ea8%vlAuCA;qP}MqFY{m^KeDRHbFpQSVm4r`OYPk)Uj&`9p!jrcDo2W;Q zbxpaK-RhN)LPqS369Wb*#?b`A+JJ%@~)626Aj3^q9*J|(Anr+c{AIQ;*}ddsLN+qV7t z(hH?TX;G9;DQT4M?rw+fkQ`F!Qox~+LAtwP2Bcd$2Zrvh8JhRJ{_peL_r31t1GDB6 zYq1u`ai06O|F&(jOg34U;I=b`#sQ%v<>!5ULAup zppFTj!~>QO|Int4OU`w{=6lhkxV^#*mKG ze)2=jS-*IN$R*VJk7wa!x>wVdReKP}@Tzli%8&53o6xslUqL!zBxf__ z!JbKA;HfP8(0Z(BIscOv?`#GV+00dhFNj%23)e7+tLCqSB0FGmWv-oa)M*tp1qgb@ zq||;&zkMNB$GPfmt@^X}lj${82m>SiLf&TC3kS+oR%cG1r-O-X_Ddw+lybuG#)U-R zGSQyp&yS=Env$bgwaN$$$r^kvUek^krQLMZMEF1TcnfU7Syw-JyqyyrLyH{>H7yF? zl;LUCIm~&L`_r=^HE*ixGix1G4?A5lR{^tD@BafA@-qXgwtV8$u{6PzKSmkL@b#Og zDFcM2gkymaMh|pA;yaQu>$(YLz&PI#jx%neblxEBIa}|rxa)bgp?J^ei0wm6p`3rL z3*c*8<0tnv&nJDA8AcpVN)KIopPGU*dt@)=L3I_KLn4ER40U6!hiUM!G*x~D^ zM`r#H`fUNhEd?YW&sYVmx8aF}p+|e)$OHK-9WQlBRmL1|q7f*!!bwG_D3V#L(Pbga zx#ny%iezx;)KYO+m7G82N1j5u-BfISmW91+ZR-6F@maDZtvz4^%Kvg#PVP9E%*M&0 z>$g?SqEozoeYI2YZ8Q4H&Ddn|8t(vo^n;J}>~+m22DeWt|Gmu|m;B;PvXdok{NIl_IsQj%PJy=4 z^wqC*)Fxqbudpv%r?itlg5uxB2Hq_Gt)rLwo_WTrnN#mK+J!hsZcBK5rFRG*UIjV7 zazrB)q&QthN4FhjOj0wP8mEl_8(#|Uft}!ORlzq5p0WJU4{RN~msO;+IeWeHOIFg- z8O;mCA-Ja=wfMK|nj>kC8kWoq>TQ5Du6jbFMgI{oZr5>4f-8ANm!4;Vw?$frLBvR> zB&8Sh3(dz__}T25YPvctC3o*+`OfEBG1Tpud^B|Bngf38Q(00K7ApNZQ^5AbYdP2p z(=3+F^ULC-R4}(s-4n|H|g#VAV+X?w|=3Nm!OnN(JT0 ze1B~Z{H$FkCKsTRjh4r+0og@@e3NO%r{3Pn$p|z?IXx&NWI`yD*xRtkqnUudccBd zHgx5&aOw3;!l$Qt3mQ1bL{|tyhq7H$z_*a%Rx2HSVDWSJOvT%om9#gy~FO=6YYY5d#y;i)f(~vwLV8mF?5O`7i}7y(H~XYfv|mn1==x6F^Z^s|&xlI> znu$gKR__x+mfw1id@^+-o-L`i=nc-DR3P3#Hk>|^_l|ST(R^{{{(elbX01+l?&$Ai zsR%98Ky$ySwE&o5Y2KQVw|F`hXbc+Q9LM-h^g+SsjjA3`Ck_`Q3_@pdFuu{u6Dked zR?4FlTQsgoB3z3Fsr0P#7TxOhUTqC3_CDF7MqTv|sT!Lr;_^oa5kX{vXQX}`Fp`ZL zik0srkXvIaql*N{>sS8c<{WLPdJ@t*D}x51LD=PhK+QnZ7a08R5Hr92qSDmqkNC_p~jtZ)0GpBId+&YW7{$8(ZlKJVQk%y~NmbUw%f7Jt`qAkVusCifkdhRsT zi3TjHZrb7G8VPJEqP^$a^JBNygZadkjL?Niq4Q&+%{WPj#M{>M1sht|`28xz-jw`; zjMVJm<*(?Jk^I2bQ*GJDc{>v#d|tD0vDE}QP=55nNl@yk`Z_PO4lD$`9nYwg)5Co9 zArj%dHzB;)l=#lLN9g3-E&p2mBsBi;_wB!x9c=uFI}Uklp4|Vtz@{R2TqBZ6q&4x_ z%m9h!w_(0F$>%1LxhwJluX)CrQVsFX9F%@@{z6Ln)csetI-7>#DD4D|d9oAyCpun_ zvEoT%Wue@`q)EpkXWG)2P{5_X?G;=m_1uo!q;FCpQwTd@;h;!t#qy)a&W_NNCwLR_ zjde>IDq6X2kl*>PYflNFPIN;QhR&scgykPfqN|I60~P^Aig0grhTJqztGQW;?bR&ODJ_DOBk_m^fJAfJI4e zz{rbevbR=)0p4?}vJlw#_RkCXVZ}cSO}IgxV-&^fmR;#EwLGhpQy0OyD^LR_Rb-*Y zSyB$y6n2BFpn70OM`Cj-v5eh$%1dBSI9y@OBzwIus2;BBf&SA%i6td1`^L4g#j6vq zR)GCPt@aMUXcxx4#6k+?&_BvE4+EV!TF=wQ73lBq&3iZ1 zrH0rxlBgq_rf!P6H~_|`-@LFrhpeK#nme_ex3WN<-`TuDN-A8=Uw>Yt1*ymPFuMl# z>>d!X_$Ba{dVAh{@%>vpeiMFu0TG524NuU@8h*7>FiCZ#R2U`NEcKO*>D+pE(x0en z3cN})%tOgIxymvyawNMsG^)EN9X%9Sdvt4%jccodU-0=;G6m zrmqb}Ti$1GqoaT22w-DpZ#+`VZ=E=OMnCci3458lX-ywpD0=z+YH@ilwBdAfrszzW z;K&Ty`TP%L=S|DfY;VAe%MS~z(gtQd$LL4jj7I`4GnmIVh-hV`YlW}Y*B1SYn*OA3 zl0O`lzzzLMs^KT__E_q%vYxUk9}~L*H`LmTk&H;xs|sk_Q^LoIEQa&9R^2Ov2qA71 z$=R)oaeh+{1G6v@zJbUn9O6D_JADor>1YOQ3$2}t2Bb2<01xZC@vE6q^L< z>PsNtf!ojw1_=s2%n1qMPd5E*5^}t`983$(lRxG@9M+|kX>@59a_gpdq>+*)-1UZt z6&emNAdyfzj?Qc6zf{bB_<5GO5rz z(*?|hX_nQ6gd@kbu#0@-J?>%HhZ;Z9f71_@y%?v5u8Ob!Q&{=`7e|Ctm7q>l@iL%| z;>pfW=&0Fmcex7YgpBKh>5FEuQd(ybuQ_wo%=q;K^T`_XVPUU}*lmLjEDqRc z_6qF_Q8I#6nU22#5C36kVVAc|nss*7vYEap*8$D#I)t-$yAPr_7F_p~|eef&CZOXbgPwg-QPdu(Z z{H6zW@ypmQ3(-do#*rR$zR}VJHNr?Zl2~I-!7Gl9LJKMqPdLQRI=;BHY}Z!g@Y$t{ znznAg>xs_NLIb%=nh6E`k`$k0gi`6M)iPhxPX7e z*z1cn#KB8qqgGPfb2g@ybJ^klt>vGb3UV zCxNm`{ZlL2SaY0kTF7ip0|{*adQrhk*qzeU5#9oZco9*eRKPFhx-}xj{R%}wX?7QY z%1Q3sE49X&N=){pSSj+%ITxwwNtouAN?$uNw zm`B4%OWVs94>%GWdkQ)yeyU+6Im`xR>D0K*e%hL1Wfho%fNM(esz@D8L!gM}mQeSV zkIvuHmpwhoRYguBaNlkY^75OyPF*1xhs7$w3b z0LhXfWRu}zN3@mKkIo#saVf$3kni<8wZGkIjI+u_C9%j|6U3oaEnkPF5s;7V4Of)@&Y>3p%@Hu`azv ze@{0|3`CT{&5*sV%GrjYGUNW2$F#9ewvZ?DEarbqTUFsKa4h+mVx8gF<%L-!gus8y zt+Q&1jj*CIApIoH-`E$05oY!e8onZLRbq&bYGnx##%c;G6eTR&fo~|IV=#E{)B1f? zmk@{UM?#Uv^Ndd4XQxM|8#kkw{OHy(SJa(tOG7JvNNlQ{LAHl~$Jw6r%X&ot3}c$! zV-MmeC5Ei;Qc@$|zY*sQr8bNvdcpGjC6K;+&MLbVg?Az+J&ow0+MRyrA!%UC0?->f z@n`8uc?oH(fv39p{PkL_L|KN%HFLgpG`De))EBhK`yq!qlPjH4qXVgq1~i=0yVtM5 zEb$e}d)(LkKBz+ZtS0R#{7=esKcMRs6 zqdqys%^5B}(rwOqV{$LYy}i<_JZw;RP*XPyyP6-g8vWa=xtia^za58+11C(#*6b8E zvC_=`=fu8wp9j?<0nOMn3EPApd`DOp%U2m*M`oxAkHWWYv!(RLPC9XTx9(B z84(j?T0)cP@f@~U+Hy&ENfJQj;>raRmBv8D}d=U_|h~63jI;-38R5E5Z4R2qj zXdCXt8aana^(5m&T_WZqHZ{AiQ|Y96*JxFon_n>Jwr~4}pu(r&f0S2afGn)D;YCy~ zOJ0iDZUvul17S9%s}e6oKDx*GKJBF83=N(5xdjeA{ID2xrk z7Ib0n(Z?`KVus1Z(p*)e8)SGg~0b9VqnKyhvV?BQy z>>uowobv9Yma+R*O{vQyE-;mRK0>J#cr|up_tR+^U2f=(DKFla>bnK4^((4pru$-K z(`d&P9=G~B#U9tbETIimzCfKrIv3o?TdfEQ@Lu_4R+vF4cp2mv(`F5q$O+$$v=*Wf z&TTE7_pqHAF)g}y^_-`@b2mbBYZHCerd-jJpW?j&WhUmD7fhSFr}k`0OTW9xBs?iiga-HP5L4M#* zUQapW=+e?lp-GER!Yp~z1LgPR;a_qOZaQD(TVa@^Vaxh+Opv48yVvqTRjqgO!=FFa zU`MQ8iOq4Aa!*4%t;f{ZcQAhuw`SEe&zH6Qge3g~l&-n2gxo`3xy%Gx?JGLZxmd|I z-9FqMePYBJ{~jXdCZc-%eGTUzvmf%Ktuu4t9bds~UiC{BI03$Ht`}! zbq-?-V8^SYrH6e9>C@E)(jT>AC8|O!THDLNm<(=-h;!o`w}bfFCF~pR#%QE}7Rn?2 z)=y~m^Ll-G)%~#pvxSc@1L&Sz{|=*sU=m)OAvT9)?gq|r1D!SVRk#bnq(nqav%kg6 z{}YpP9%=c}EA(5u@W)&EhD%SUJ<>niKTd0Z`IlT!QIF}(o`&~O{E1b0u&*c*s_r8S zRifd+md|#C82@zvIB=;mW18?pb5=at?vhwpPfg0qJSzpcS=BTUHY?qyM>-hMCwRLv z%4H=ygLHf+CVX^EV7so$h|nt@!3cHn>`Fji?_#Qw;PqYVha|(E_H%z1>XX~2F41WE zL39|>EjX6(##1kn%Dy}5h_(Zb@q~|B)fA*E*s4U4;0{f@(J8xcw{9uJpnRPva>BZw zXqQUD06sBmY?ZhHM{j)VO{Q-)uCa1-$=vfkfo1YK=#7ApCnlNMH_35Y3|T!nsJUr9G+u17{@EPF#(0Tx_4*YqEE9H|Xrq)bwClUZEbl}fOeMThgl zk8+NP5^bO9nv97w7Wn(OC2m!P;zB|chto1Byi~>(vYM2S^734zLR&}l5bz5)^>kH@ zA{4E+-s>igNZKT3`Eyd=9ySKSvI&P*$mqL{#eMzT?9W>3{gIB*zVb|yHTwIe9E;95 zpL4se)jn>8ptBeUoDb>Vbgy8VFp4VN)z+9S(OQY1syKA53$9fqX3^=2qMb<>&5`=k z?bwQ;O(>pNdsNkfxA%0ZP9a(0K49mjpB<6i9hI)BDmv)jVLsn%8GZ5j!b4!t;r>8Z zvs&v%LnSSX7SAaaT}x-wO2yvfB9DVRjEG*l*l22-$PvgXv_?{(n+NZ=gXK4KHGgbk zyxoH^%O7!oNq_vsl$0^I{}YR#VE1Rh=G3sLc_a4W-y7~ z7gS`*fm)58wr4aRo ze_8@PC`+mb;Gu{s`<&`FN2bJDRwKrR>4tPsQT@ixMls!u38mJ{9&h>Dk`XLd}CSkA}1dV3YDFkrwoiab|5x3jlKt3li!mc1l1fKU>_+x zEAAtb781<%J6-+k{x(rwFL%_+c1~xHL>|iEehaKO)BAN|wv$ulmT+%*L7lNcrB39#MYlSoTfvTX57B|C4 zE?9D!UWY(vGK7&9Tj$)U;Uk*HZ7kGrc&C8ZW~QVbLk&!qH6KzRf~~ci|I-BYLk};|JF@CWt*v_BLgp zDd(k34hTS6;gU_@um`p@!#st$*0B;2zmizN{6GONAnrHpJlqu3nevYlCSH@J0 zkzRc)<*k2|u9)Nn1iVm6IkEfenkw9YXxjC2t~B(FmDq`6MIA^r8mee>;DR815$A1Z zB3odap7Y!zyJ8jswaeEbh~#(1e6YQ7Sqgp5K7{Q9fauY3JY;8p(A{QQ|;RGt^%G zoW9aUu(6I)@gYK$z(Q9WGZrtnHXP*2h3f#8fCn%m$6r~@pQo6RqiRi;%75X-6O5c1 zsA^R?KuFBI1yB1fJLsm0j6Q(dH)imOLfdy2OAM(##$&BReKDJyx?zzd9DV5_Aw>GN zrwJD$qJlIME&iyvErM{r&s}OcYPJS`BH4aT5!Jx28b4cAtY|dD77Y{O8fC|4#Es}U z=%Dz_hv;6P43U0^CUtsAY94wdY|8ILUQXn+w|Dhk0|zfDO{{Aswr;AUQG&_`GRu&& zGU8{Nr`TO#ut$S8r)#RGc&l0T-&jK zYCKre4?Y!1oACORWT-Kss-z^}{utOeHOE3{h*T?0(pBuuzBhEd#hzN#FXDlHvAKs_ zO6SKZfPlpSG92`0gXm}M!e5>b*dt3wpj1dm$3TJ${0TRj)ocp#ekfeX0a0J~VdYXr zW(y1`pFyKhb_MorKbTc>3Ik9Rf1AjI^+bB;XUkIwH#>RK7Mk&zcd;ZMSHdSN!_@?Fz< z?NOV{=LR}~&T>cID66{%5+%|>{?b5)AxTQ@vTEOQ-j^Ku*T%&i*}*uZJn6%vx@|h& zb~$eZ%T<&aS%19DtqoD&6zt0#GPir{*zDOnA5#-V6RGVHP@+@ekr{cU%2_avZ|_)o z2@I_akg)her+^3lnjITyLlE`%BdL{9;(FGkDd*AIm^Wup;A7;YuUj-zntGi66tJV` zXQQ;LdKKAQPlrj&4q){!)2wAhR<41Yt{&GK)qc~zLeY5<9M(d#18Q(uj1@nV#Gxe2 zmH(Gz=xZqr{(~uX^=`!Z|FH&rh!WG&0>bwjIN_0fYrpsPHE9}c+E>rH4O^tIhK^GR z#=v~DC(*&-iE_`QiJkSNCEEB<(BSpEenY#*7^aNVIxAZguZ383;thW%@W=%`Er@BUtJ{AM8ZWi2m|N5aDayDY{t$!TU)jmNjl+i;b-%8#arisgvB^$ofFjb3T^=fG@9`WLanA`bRsoI5=_9JN&?{t7LJWOz%^ zHUQ1Mr)D%KGC&L>_k!`E&`CGNu8^M!s6v!b+kI!6rGs4C`#oWGe@)b3d+GZ~n!{GK z_*Nc^&co@ZyLZ!PE7VVLxqxnY!d4Ri3;(iZbruo_eIx{pC;`Fe&1&0&dZeg)lIL|V zOUh59^a;W+-Uj^9GO-#;-|Y>*DK;0@4V9EB9!iIvxH`95NK=d$a%e;R>WRYS8na`C z2p2uJ99?fB7+cRXLc4*cA@E?|KhGkycgW$}s_cf9E5T;gy1NWPudZi*Zz8sDuMHo? zE1_M{PW+ATdRlZV)iAuBX0OBf2^eaCOf#z^zT6}`a2>mN7|b?Ity2iLZ)-8C0SKNb zX4bT0r&EtavJu?V)wlN9c*b5yB(-6~zO4!@N_q24wd$<6z7f&d6dWA44qYWg8JWgy z{8F*pB`6@P^|d?Oh((psQZml$Xn3Gutjmg*U1@W7G>L~v7&nUr5EAjtoqZg)v$HaugRtL>NNVw>NI!# z*o=Q^at?T0_U*n&e>1M#L5&@4p(*0G6e@gnN2%NJl{rxAdNcRfyJM$V8xm?m&R6>4 zW&HoTH-Pj83BVbc^eIpCU&G=5%z?)k-*H28Q@Jb+qNI6EIj(h^afmivE@4!5mtd)@11Jzr0n{f7cSkGVVdrdk7L8+m=xcG@b($Z6I-14)4Vo3&3>3?^T{iz`UzTVwP#r-xi zUs;v!pC~YQSb4fVFRCedXiQd@zhKVy1MOyL;K{Wf{5t$sq1<*W`KM0k<(4*0I1sxx z%k)Mg6i1c}EHf5#);rx9^O6-K!$M;<^rdMeK8d{1%x~mFVyQLxqT#7ecAOrY0hAIQ zakj~UHDG7xs$`|7hm~tR9nKmvQUs& zXaqz^qVHC6Vhd7%tg@9Bxf#^?M0#4bj(3Uuah<=HRC))_H5fRI$kt6~;Xsgh)B`*I z^GB~s;1Zv}BeG)~D>v6kBEm)yquU>=P(%cL;fRB>BfRuLRno?=*vz-%i7fQd5_F}2 z72z9k=ltyrDdRg0@x*ui$O8?n+E?0+SNze*29L%``5U@UnHq(NRVshr`KG^iXA7+jndYvGssOYPh?5L+^8b-K^5x}#EKlS z+c;mN+7Lh{buu_`Rj~Zpnr}#7PtUy;Pf-VuM{0I&5;qTAE7F@UAWKABbuI6wsZmTv zg*lL=k%I&XF=m4Arw=PLCDR2TnJj*T?MkI%(4_B6j3Mha=oO!a8(F^mqe(8Ed8=S0Sp*aw5mIG_*slcOP zMuwk)&&KxU%w>sd}rLiHn3Njr`Eiey#!7p?MKwp9Z4h$)u@A%IG^L|`M0yBFR>x96`$zsZF9!~^@1B+9Re$UB z4!0PJ6Dd^=0h0PH@bNl+zd-)_bc3QCwZFCfC6NPS?Mq^d#);Qa3XcF7fQC9sY;TF% zoh{Q1pn33d6*&?U$y(<#vU(T8`C`iqogeBMvy!2a?X6z(%IuqS<_EW}z1vJ};Sd+z zu*zusS8HU)=TNkAP|aa>*VV52=HUCl7Vp%$j84*Wl2q#v<2ay+T5qKTU*(`BPjtuE zt-XUX_iC>^TNNudP_I>^0rN=a>uX5a^Xn7=|IMF=m=c*Dd$ThBH4OE3*{V;VgDfn% zW$_R9Ep{8SNnK0H?7QV+S`cPU(qyLtWZfeDQ0g3bcT)bk}2`p<2@ShTM70MsLcw#*1t+DnXVnbXIS=U_DHM!tO914uLcL- z*6+S#elW8vnLFG1qYynqu7^NMRO*MOP(AurZ5IcI#I+zwBc#h;gdQ!7#hVb950 z(mMntf=&I(7~M0zf9s#6R}5k}rWzWsB^v!LIp*9}7JuZJWv4`*@+J(wWK`1G;P|oY zio|FagxP%BN@C6--16>>qs^{DE%@mRG#L#hG;ru5T$ajP_cNDw`_8e6m%VN#ayy?~TPLk5U@>>upZZ46n@KdZB*YRu$%_(-ljF zkUYiYQ3`jZ0KJ)%Azq?8-YGKB%U%!QeR0yY2XV6LUnTaF0atx1!pC#j_UY5CsFm{> z(*k#jdo8VOI#tl^wD7aPtx2AL>hKnm?5i{S;3iQ2Og*Iv^Mz5SeGKii@Uk=$X!oZ1 zPdekQBu1D0@%*X<*2+a^HHk`#7Fl6R5Wjy1%UlGP`$9pz|2njt$i-hR1&^CUZ zVWdrRJE9EXgKHPQhZ*iuG)9rIn2{Ja_MHiQt#V%Jp#Lb8+knRHS$;(Me9BRRb+%X= zx8#oH#gec0%lYmm8LjPmlaTGdDVE+dcpXg3Mn5X+Ss(-qMpZDAl@I*pcu`qxOU13^ zo&4WV6t-#u^2Cq%@g>aWhuKGOHxWnsEk@%@K6A+&rcQglpH^1s=W#O?EfG(J@*Njy zyZ4$9Q7v?LcTRE{40Th;KjG-|#FO`5Po^N-eelu-#|3@@OXb&3j8(n2U-3Gn?Jow( zakkMiCLDX_pGMU9_fq(8`+?mQVBW4}PBCu;wZoo~Gu~l-!(WJgAEHsJej%NKER~4z zM_oO>I$LL6L?Zn$ExS^fqk1jj58bE8P?u&kjJwFUf=T-eb*h2(0Uv!^jkIV4$U2Oi z5LJdc53MH7FOMZzOUWa?h?21APL!Fncxs0Q@`$1Kky$Y8x9VB%+I}>o^Lh%Iy{4c2 zT8NdM`xenK@QI}Q^I4C_=i}cZ|14LPC`1Q}(PrIo53xWS>@oTW0iU)eMKB?wirEyd zRCe+y)M7t_Z`g96i}Unm*VKa&QSaBe|Kl1jU2ef8q`vm`ryz`f9a-W>IMLqZasRKY z{XajY1isFs@l?aY#bC#qh=cQW*u>Wc7H51cbF*jEZl_x>UfFf*2WreDYNwEx1Id2Y zq2GZjD#`uF)JdEzGvrFuZCVvcbM%=pZ^+HK2#9ngMJcj6QB)!FuMxQ>(1j0W&4JL{ zL51`#OOk=LHBdVdBg2Dwsar{_}SdccP6aeU6te*RiO)7cmp+|##~utMmRzXmus;XKA+zbZEr&s_bHrZVl&8A zuf<$O4V7_TWsQ`4Gp!0SM|n~`w@0)>=udYitKgHx`imxXlkVmugoAno?81^jvTz0U zQVJZ_-|2?+=wjs}D!m8Df+pihs~Y>0c}mAsd^Mc@b}y z>?=CP*Jsl4Gw|M=R}ub&p^Qx9YAxqv7PdW&!M`Bjt60JeF06t}WE3wK*lZd(GpmCs)4< zCgb%9n#tdr#zUdrFL%bid4h$-e=#+K>mi8$Gl7G0|H;sjE73Qagjdf%mqMX`{}ixI ztMx62jv*J77P;BSHAdcJnxBp3w3}26xmj`q^8oXib*SH;_W^T9ox6OlHdKe5K2ArZ zj4Sj~nr%$+I7qgU*^UfxDXS3S#wBVC*Xk3Z{DIz1S;aGcgaLBx=fF43jbowCuxGnR zG%`G^!V8+7oH$*~m2{E8@ZwM8t5hwc4##mT)IE*~!S72)Bx3;@zOAAPuAEWxfue(* zK_LNaj)Lvmsf&5X!-~Hddf>t=^s^3J)%uTmc7pMAy*$-X^cC)qRfGp%i_P;a`{ngm zPx&X$;t7mOD-5f&vt=>YXZZTNr38=D;4!*|8eDCmV~+*0?wCzg3X!jE3s-8b*s~@S zH7AkYZjY!g)#p-Z;_CJ|J6`7o&%fE3cl$;7NICJ~-NL(PmIm;vG?ld%5=SZ^HgI~n`Q5m4z`(_;r$a^16R1>G(*LSgNj$x?KJY5Xuvd6s0KYQ#}Ldy za!@{h#kS~!H;&t-<&~iJUS}vpBTr*ac8WeTR`Vf|L1(UFb0o3n!d~IPZX?&Uf_*+m zEi5Lr?2dteRz_)u|5M>y!V^<}b~dE9^zKX%tE9+&&K}76BF$sHDTw;XitR*Ra(1_I z=%>0pzRG!At;ZB`KE>AavmsTPaxF>99+cEULBi?61+_<`-NY+t|32;=%2Za3_SH21 zUDgg9{Y$yOAWbRw4n?>QH_(06ZKZQ<_9H{HF<#SV~mX22ig!JrI& zin{P2p8T3Z%>&flN0azd*P6vThze1~yyaH<=;>ohS>rZia*8rk&SR3;W8zQ^e?b|~ ztZ8kq`o(L$0cY$1_?$Kg#fMsSM0?EA4G?$+BgLUT2Vr*2j2HeL|{@0(i zg{HI9)YEYbn8&B=%Y%lrCif!oJ0C8eA*qa+f+aEA(_NNb6P8>!hJ#L4V}Q|p%?36O zMS8Yu?4|}Kg|Cuc<>3)p8|e}h@&QkajMMx43uv5j1}_X7mB0)!go?z4d#-$Vf)-5b zQ8w6qFA_<}FiC-}Q+7Q}I435zvHk&vg8w6IW-6_#hx-vg`{TN+f``T0%x5vQ1=uBa zW}k5MbzX_V{sLiN-vM{4hj;z{J0)D0+V2{oQxKE2(3_oSh|Gp1C-y~O3}HwkJErz* z@sAh6h*CslzqHhs>ce{N#gd*Osg^muz0t+tXexh3!!b_~x@JXpBA)`!W{DXZ>&METFxq`&Xa zWkiJtRyd|NJON>Xw$}{V5SZZSESEo@KY8lRhEh{h!F*?0UfT-A|Mba0jJ(VcUesy2 z*yd$AUE+(6&Z|Y%v#4w4=XY2rEfEiaaGF;#4a3|z%ty$nlwwDl;b_$lUwHGm`_il39wev^kN=Ngr7rq{u zW|67f((-2T>I9RyQg);s%(bZc#t!_Thmg*TC4^WnVTB);2i#pOZ@oE~y8&8-EYXqz zPBUt25lwB$59iS-YLHZJ>&dLK7#FM+_7d$frj3E5Bn<4;y_+XAy`%eZF9cINO5Ok2 zIptAre(};PuKZ-&Ee<=*$%T=&+B9*w4=pbl?8B2o+LrJd`Iq(o!~}aMi@8MjUY_sN zJYFH{VUH2j3!mc3RV_etc+p`vN=~)#<$MhECiN8;4*Xghc44oGT=-ytOpab3n6lTI zz#@2BA?#tV?Xf~`3Xbm2c+U=MWK)K6*CwF~v6 z^GEJAu2K7?onfi>8-e9Zr!)OT9}zzV`HHnl^7fQp^J~;QE?N}tcqEn1 z~=b^6~6FNINPM*$vwP3(3yxyVCp?_!um&>pPKdzRK&h&jDD8 zI^v-+dt<&|PGdHVZ?};Q4f0?9_hS4V`B$j4idKs3W4iw=?FPQ%yFA8M8Oq>R{>W0n zgs=bmy=_EyKa~@}g#9g_#c&RP1%s2tav%qI9k1=MK;IiqW6daq>dy}*B$s&~L2Qnf zmo4!7KM{^DQst6~IQ$}w{K71;_Q{nWi;8M8(mXw`FYmIW^ASTh=T{s8$fv4TLZ(Jq zSt6qiqYT*&Q;&ZrmB3iOkqa87@!6Llf=98VTXt?NTmqA^g%ZG5c^|7i51tBxW6#cb zIB{JSYx0#B(i2w|c)nm;DrKAh7>`I;Ccw;c`h=e`dysog(zf{i!^cxd);ujHS$0Mi z<+s|GW45)}k1!bG7acPR!KqtMZd}+Q1>Tt!Jsxf^NkP>Pt0C&+l3>@4b-q8itIxdt zj#UkN@w|N^A-Hml_QEJ_R5k_XaVi(Y#kA*y|G2|N)oL(Fx?u4kq-P2a^B2r}%@Ov3 zobFifN%}{}BtnG^_Y(~>jw9x~fLIkShfA`n%(U&ERVVQoPq_$tR1zU(5Jx#b>>~)6 zLzaV+lOx_oOeC?iKgF;RADqPxuc8z+sQtuY%5*78B7z@gk4Yd#g=b95f&FuH?j5h`Aj!2go*2UHA&Pn$12x(Hz!W3o^uY?LSg-jcN2`d(KayucLh}ORi zP31tWvmV3B;d84Visv77v70L!$)UlI?tGi94G{!BtoeWK268!6iYZw% zh%JPd8Pvx?2GZYl@soKi8~62JpC4L%i?j-yueG)4Xe2moCcJ8=V&cx`((EZ+`C1l7 znA}7T+k6%4PeyARSQhU~z@`PrS3wlPR(>C4E6F;!4eIRZYi!G09go?9)NHK$D7ig< z)Ga}OyK+Lm)Kro4I~h<5#OoGYaMld&z3wo9?ST}N*^^O@h6Za6>C?{rW9GeV>dV>P zicg{!seXS5TnXwOb#KHRok=Pav^gP%vT>^*5aP|%W~l2uYH)M1+tTwcFG)pufxD|@ z?If4MyVfreFDY`8{2qdDR{ZCk77D-e2C&|q zVXJQma!l)YUqz;iP2`Jpi>Q+C?`6RUO<9ugJe9Wt$hr>UEf_z9H6O&A&e6dKw>pBjAYQ zwYg0DbYg)8s=xWQhtBhzlc{LUnzzZ83fWpeYU5yjr1x1K!k6L8=>+-L(DTIi^yd|GFB!V8Dp_QmEkoohqrCo2I6F$V)Z9y;xE*l)|a5CZa~lVilMC%K6}x zDi0G8OVXZHS%c60K9C1Ww0vx^;*>HJk{sq_94tk6cvJNapOt8`qUeA+Na=%8X@~j1 z&pA!{z*Zp!!wPER-I<2)-$aB1P2?Cj69wONi5i#}y@aa|fRVqiG!;^3%~BBDan?S| z+4+`n2j2(#aVlTglDm+ox7?TH9PBmOLhO`W>NM3-p*h`CCGhbm$o{P9_KLL~ zr`*&7bA;qrrpn?Zd7d^w`vmmZe3D5wL&B)wPao{nB4sF%}Ak^+?#19`Qgu%kgQq#||QF;(OU!Q>P}JG~vwe{LHh zKVL~E6*!R}Gey*Lc=4Y3VXl;!x&xMFB*GiuFXGj_CL%P_DN3=;6z3u;5AR z!KY0k{U9L)6hXN9Va~Kb#Xjo^iiGVNrb+O16c1_AQ7x8WR;rZxBP|0W%L*gf97$)! z4Y|zyQU$t{buL0+hW>^QEHPOO@kERZ>^p^cin=m2xcw}y}-`p5R zGIxU&E99-R+&$PIMa*2P%z`y8ZJ~{8Qu^Q~+dwg-UO5sCyoYE;p{UKX8$wav(?cz84~D@jR$f0OFH$qt#qT z1ggU1$^zS{j=~Cw&$4EOO1_3;$D9!L#JZn+0wy#xMQg?JFz5lvX=w(wnc05 zvCTmatDT#rTKj2lMz6z3q(hkfo!#0~F166&p!c)0^^OFz>pTZ**W#sX%32l!A0wlN zL~2yBTSco2Pv~LUG!rUPWzp@GiHt4ACKR;rxK7{%^!6|LYQJ5 z!F0~8TYiKj)I5hnuOMZc_ETlfd9?4o?mgxtxRz5_mr}QC`JV?TejT<{i~klfSd3N; z)RFjvH#%iywzXoxZAqIwQWbh-cwCgqk4ZA|b@QICu3>A`c5%@U_JU^7vc>i6`=KVR zF-x^ss`*ciB;7Fv!S9=s&9atj%1^63*h?Iv&|edly7J3agpGj@Ul*GFbsu&`R2)Q{ zV=v5(msN$o`tCklO+J_x_qT1^b-cUOZAPlRX;YBZD+#>6(REphZ!`|> zim{NnGx|?POVo&M`N-y6jrB$wi>?P*$)tkP7Z*bir)iI}H*3ck>hoQX0r9B@eBR*K%Ao7} zR+B~-_2~NJKZB)EBJb%_3#XB9v%H^X&-b_gA7xh=5LLIe6#)T325IT;Mi3Y}q>=6pkr3$yiJ`l@ySvK) zNfGI8kWT6R4)@+S?)}~y{yQ^s&di>@*Iu=s^(-=xf}x6vZX6%i=az5ktdc5H-Y7Ac z|3FR4`Ken7Eh6Bx5$CX)A@;nv@ZQR9`U}bnCwkbtp<5lIdgW2>@bwF@=^B|{TRUs6Oy0dE_C1mJQU48I!iJ|z zfZGO?F!Fbs^xFm47p#}DydM_R77`Ez1Xh11KXs-Y|=?1xFO#hbog^o%MPi(@hsHi$IP5vCHwv0#RCvq%-#i zwc{r&-M;Hi^inX2RH3o0t`6$NFUZBI-T83LEZGGA@YLm4fgEPqT5(U?9~S+$*?UN7 zcAyLC?bH!8&tKY*3y!1E*D`p|7njXCPw z{zCQSw*E2{u9O}9AByec?bRzT>zf3)ET_Jak=i%>n6ktCk4wjif4cz)77h~-->RJ? zFg-$*`(t>2jws~41lrqp?Jf#7Y3D!;$7pJ2ot)km$dv|P&ZZhMXnnEc3QU1sN3q-E zbQ02-`_cNbSt|q`wv-QtE<>;@J#xf5b-U4coMlp4nB1IV$g-`@d0%*c{{=bH#~$5DhS_{?vol}4YEDF=ZZvjLL z3_L;<5d(2Ly;Tj!Bd1w{QN_Dc5gv_uEH@kpe+E zfxcwEwu}_uu+oFFH^G*|>Zh zuKY(d{U_h~KYh#6dkO*l;ZYZ3XPrMpn0r?7K9}89;QsySh_jA= z{<`Eb_&@#PKM#zQ$4h}i=ezcrmit1rBZu62+BB!DON}I3Bdkwb{xUbOkV08h$}2eSHoH z{Dt7s{`|Gg#y)Q#E?ZMqP~XNNYD|eFOy-M*>;+55aURAvm-;VC2d`fuMhJAFb<~r$ z(HQoGk+5X_bPj$!Vvz_da<7SaHwb&L;_bU^6oD=Re}?E! z<$tqY*p}lpVdctdj6vv2@y;0SkDac5ea%EZK}o4-zy7{||NH*<`G3PDmc;2(k6QsFy#BLc}L@K%t}*Fo*x4LjOmx%z6zxnFTcS z82w*#(LYZh6|fPxy#I+FyJc zu=1cLS2!QZrT_9Qr69ajTN8me|K*7O)0?0#fC0kzV)ZDE@0U0DYqX4t-aw?E|Km#j zaT{?EdPW6x(BdPo`(Mn%f1aq1q@Yon=)eA>a`0Y}+MZ6V-2FOHf3tO9OxUKdl2fIW zr*eNf;r+)zIyhlY)YkB*;(j+&|M{2y_|%J9^kMtiH#%4Sr@8%Y-~7`(OL%}hyRCL9 z{L{OCdF#Kt3CaZ)86%gGQ!eh8<-?6kKtIwdMJ?!;pUlGW>LI0f0p)^z8vU}aS?VJ@ zRPz;;Bcwb_`1N1Ldf53uqmJpnFXo>&=zqEXBnNDzXU?Z@K=R8^253BNeT~WFcT)e}o%|PZ`0XX%!!D$frvDF)=x?|Fi^$0b zKj`xvm!B5Dys#Y)s`b)05c0>S{%2R>-@Z?528@^5Oxr4r;g=Q8#e=;}XRZYO@{=MA z4+_0>XRw;$H?Q=M?fhTfNq^9-=#*H$t|kf|)I@=Ot8?AI%=~|Ux%6N#-Jo4U|NYi~ zSzS;qLRW}J{s8b#4`2cEOPch-RHndmXEAuU?*p#-`@c2;Uik@tkjNc`cK^$A z|GSre>k+lbemXJ{J(mr*7$N|Iy4{>1cnLUt5yilSJZ264HOujd2-e_AK3-X(g9%1VYpl+lipy>@ z01&Eb>9p4xAjZKyYTEzr+IbboX6*E8$P)<0fbW|f4+c`3&&f@`ZoZ&138C)$L?r_g z9@LS_bH29Udi{b<1vwDcr+w5-Y0eq{|JezzUcpcIRQOzF!ZCXgH0<@>qY{A6TRAwG znAnChC}=M5WAZP~Z5*(B(FWp6uLX$Ntv6{@>63M+Jz${4lS`F@uosPtgsg z0~34Ra3mv3g9tjIdD1V*sHJ{&p#s!kSjg&}>ttct(3w}V>h^g0GKJsd0Eku<T0M1Tsz1kIotZhK_cS}V2 z=@BoM=p!W#Tn}JrPkaiDb%JVi`Hn<#+u_|9vkXvV$55MMQh+`K#YCVA`W1up`7I94}$YsE&3lL-V@(}%% zz4xLD>WC|yUH2za>9s1J?8T%YM+%;Xd((bf*Ikq(ju_e>Pe)d3rW}o(#$>eql$!;B zi8X#)&KerTV$^#3vh6rZ*<&!tzG}B8{luX>O`BXkOJt(0H|=6)?0wB6kj4_J+_^^m34)Sw)Rg1qN|6^wD_qL9wki63Z5HZT$~9I$iic0T!!MX#n4`IjX+AQk_6$$7=`++(hj_a}?OQsvzXm z(ni?%cXO*2hMut0h>N4ufh@>R^7m2Xk9ocYM6Rv@FflvV)gBL0;0&{JCXLOpjc`^m zPnsl^r`2%%&k1^9s{j&)iunWz6~2(|3+QO*lvD1g^0hd&VgN`pDv4Z4Orxbwd@tzYHasVMdV>2D z`7ot1n(-)0DsSqpP;v8Nl>z)O6;r#?Y-_^6+3hu|(Zp^etNjdpyqiS^0ewZ0GOgsn z!n{yGEQiG$sq6Xvq%rg=U(f5t12K4_bhZE$(dv~xnmnX7ot{Y&f5RRBr!hS;dC#C` zoyOq$Q2M0gn=c|6YP<7}9qYV!$Cg-_Tk!iSNBcb&$ell{-jAyAmcef$NW~t`O%*MA zIHF;dstz6e7@V!)Btr^D&h020N^K`@zps=JBfM6WP35CQM5l~MnXZ<+YiW!rX#6zk zlgj0)bEj4>;Vwt0y12eUVZ9;}wK`p*(4fcHm(El_*)%8dhpO@-Ub@sJh8gCb{maP0 zi5#}+bhEfKO+PBDuee-%Ph-3`fP(&M{j;$CcqT(-h$$j8>r&Sv8zQy0utlFfl=xvU zJV0b$i%ZB7i!_z$b6D}A34ayOVZV8Z zmdNap6a0zM^~}OXH!yW>Pj3ASg8L^D5p`C~w4QnBN@iaxV@uuMRHNp*czT_$?ws{c zq={>+zs6TGM`&Le?!nJ%1-=j^BhOJHzJ57u87V4){#^R{eGD=FDqS~&FCCqHi>cmA zkE#CRP`uu+>b9p?z8N)d-soM2@v@rlPtNdUacz6vYex=hI&QBQT&Y;7Evm0I-*@OI zg5Arcw4I3O8l0PTic}bx?9Ie1%Pst9CVw}RXm5bPEWmIe?l0nvrAV~bfY-;T@)jp6 zA~WFTK%AYfE0WhJ>3+}8;xROcD_!PU<0{QJ!A$_{=SGFir2WDvDN9rv2Joj5(XM^~ zN845Je`4WY4U2P?g9$sD<&iMG5i$ejEaxt07_+j@7cA*cwzJ5G-{!GA>&IST8u!Nt!lQ08?L*svV{Nme;kzgPHT9u=(eK3XJq|QwPWR^L zC1=q=^w80lyYtU2b2P>!&*nYy0nQHN+Q;FdH31Z$#O}(0`1|S>BRGu|v`UO8i`?q4 zY41g91FRahM!O%X1!_8`B*5E4m9uruQm!r`z$qHJIA}3FPmL29_BjC`WxB^%ZW$Vt ztVN-EX%>=1k`6KK-TLI>`qWW$mCGQ!MAQXtp+aGb)WD$)yY==vZl<)R5B6rtk;q%4 zNFoyacQul(d{S2 z7zG+c>By+fSoWO{lnhp8`}TSLXi>s4!?k|OwB6-1bNrD4=_uNWGP{>XT% zrnmfl?q?+p*3U=*BitT_gz>O*>2e|GhP@9ud9coZ%|FEt_?Hqfh~m?|S{>#Kkxs zP_(357V^CEOsrbPqxQ6cZn51{SEc+;*dOX_81HH2oCBEfKew}sX!RUj)~{iH!Lvl036H}fuKkX?R1@e? zQF7IQsY{Pt^obliwhxo-W0M|G z*Rk%<@=H-S@~9{BIVz<5qj*dRG8iT7ORfB&$Jha#dw9 zEvI3MBq%h>sWZM2w(+r4!=RvVA7}+&&P1ISw!Wk0v^QhV5cI`*G#|i6v%7!PeZahY zy#@C^K}howL(z4h@iv4K(+))PHrEa*5|zTBqAxflRNaLXnv#Lfy~`(|Curt!^t;B; zR7_;BSg=wuXT2sfZvgLRx8fsn-J?1-`c}orCgl5Rv z@2-*=$Lj`Xxnarcj&6i~Lk~V#Y~O|-Ji2zWu$pK^nd32^w2a`tQ)9Znxh{Y1Ingwp z{DMhGi)9jrG)9F%bJGNRZDI5+MMB4e=5=f!^COOLIH7IpF6?EIp+<|L-soI|A{uAXrtwiVNM}}{Vdg>T# zj#iu{5@|y*7<3d`!&zN+XLvDxoOT^$+iWg9Zk3H9FEsj^A{vCrw0=Ba={Us5b-95! zFYDzEp|ET^Apy$gM?|M#2^S))(S!L^&W#pns#O z#*YGzb=YsStM;9LcXkMIL02p^jTpdD7EtDS-;pe~5p9VE$M?S>3bz}Yn6>@!E&f~T z!f+Okno6v6`)7Zwl6_#OjT;u|l>cIxi#$q;D5EYX|g&M_5Boo^&dWuG?K9_@^}K`Mk~j z-4o2SJwx@gRXN7%L$?lM`dt7}KKb!uTK6YiB~x(1D2|?I7&w%nAb7`IXjRYxfk~-5 zj!}~_nbT_Y98>7WvQ9nTexzS{3;Eyl3If{WeZhbqdJX=(fukz72ad(EQ5uh;l1gkN}l&tE(;c$XZ?`)f*2u?C6+hKt-Rw1Z&mNSr^Z%6oqcF@u7$0 zTeXj~cQubKh+$F~c;pMK#yegDW&3dY{dzxMQYm{=kkKQJRqG!-{YC*qcUK8*H%I51 zj}9X1_PDnyyFI{j&z#yFcCOL{1dO{$KH9y&;%eO(JjLO+E;5;DQAY;~Ue!_z!~9uV z9Me%dU->0-K&$r`XRkRwTT-Y&1TkPM!{?(YCFpzBa)6kAG0ifU#KKE31cOZsnQl>Y zWvy>iBgEIyo$i%~Tq@zoZ6J3;y#9fsB~zfXXR(Aa7*`*JO^Ux!7w`zx!<4ZGA~wf_7|TrRf?MxgwMV`OlTH;5n@+k+vS z57!`;1)8M;prf^7y&-9n=k`A*w|7|2_?gD7$Zz4@$gN`%fSAw9^vXO?Pf>3Zm>oE!?WRRV3l(z5vWTTM z@bGv|vd-4@>wsQP8DQSnIHCU8Fczm*LWEdkkJzqTO6Ah|R!M20A|90nqB&~A*d=Ck z<3=BVDo)dIN|iiGf!?ty<)`LVg!XiFXbLjx@-XkG?#IY)p`ucDGj|&R^m63()`M}5 z*n*}k%yN65|D(7@%ed^fG+wLnqR~4WP88^~cr?uA1`vzBCH7E>ybfqLi&VPb+x9ce z=k}E}u(4kf2BAq3N~K>!UqH}X)KlxyQ1_pEj*>W4Pzw$708t0(asp;wQZ^lr5}3!* z9kbq*Q)Z;YQ{3wW12`=Z0gSca&%%C*E&dsXf+tVe8L^P$GBQV4^TJ0uZdrvQ3=!o+% z^9DP747I${`DgrIV1J)oH~USZG#4PiaDd-Agj34`+}-pdn=SF%<5fv&KYO_8_R=bz z)f6e0ZdP6A9E-gJe_4JBH*hgRyo0$l`Q#v+{!c=bI`_Xqa^5gl8&ii=UO=ndiqNYz4 zNl{{m$CK-Mz<7t`CiE>seuYF6we5>Ap!Sm;{w~1WR(5&}h2U_>J`^CDPcAL@-KF*1 z`Y~rZghwJg1wT|C@9801O*J?-^c;dv;HjVJBzs)i*M4BIN=u2Wm}J*2(Bn(>?ICtz zufl7%yQ$c>rOinyKX4xfg6pp-rx3m$)zhrSMA+oa%|>%wiN}4LeHuzJEW+Fr^n)Kx z_gaqQ>h<&^^k$U=7RAC+O#*|ejJ^>=VyO661-IgLJyj>~D`*G{Cy34tXh!oxY|$_Q zIPdrERn$eMs5|#2^;vO&O~vvb!Hij?0f8a6_Q$?8POV;AO*nRgMUy4w4t-GvZOR6# z5ki&g1K#bO=Cmx)&8gta{2HtAue_R8!ZGZwKgK}UZE5_I*#!s?l8~g^tr*a0!f&yc zEUec0kSxVt)OP*tFiDR2v6KJis8zFta(x=l--GU{TpQe2TyZfzz)gZt;5cVN77V9Ush9z$ScYyWWrK zT&{>(d~a3fq`lx$-B>UhmB5lcV2ml2n|v(hyLwY7BqyNtHs1lIczm7KE~ygr>B$7i zBC`bIwH(C2rP$b28#US<$gIU8)54-5r}6rEu#Y5(KtPBK7Sau`rP&RRzd2!Fs3FpJ zhdjR%wIgoW2`k_SY3seP>3G`u5Z!U(MYDESKkt&!ZaU@oBJ9-E@ycwrt=i-Q;D#8< zy4+zTRF@W&b`pNezT~qoaqAVxgAn#mj)aZJV$<^6*)Y9>OA8BX#!3bmlf$!CTg5O;CW)*G=v^o}+n@nIvm?2Jg9twuYLUb>$ zKlGu(l$$V1e?nDE8?GtYJ7rrF+I6_I3nYju?iRi+awuCl_VmX_803_L%M$zK|?Jx=St$swZhgX@#PsM8)R zT)pMIepHY#2^~R!h*OUe{^FwR=M$Sp#jP@D$@~+c&NCsi{0kn-p<|Sc0bEjxx3C z&pBUvWKK(1fYB!C=LS>%9*^VN*p}__s$6@2`~6*hGNUH<=5@D6O3St@n{kkl&GO13 zt3?-ip-OHGl3}vgU9*i$+d5AHA8KJw`ic^T#ID-4ps8md^e*9V0YJa~8V?yK*XLX!pD9xj4@p9Tjich3Q~XEqoH zMcGh0;=*j6sF;C7K_2tWVyvNXo99(xQ`~(o!fBZQ_opk_2UrXd^%}L4nL}?sjQZ7j zN4#@&IEdLmf^APH77=P-R|Bd=l?tl##U&PP-+Uu!b++%3>Q9-I_B z_!`>BWtHv zVGCg;{l6tAJ^?5iG^@W%ZwDc?441^7vBS#Ic^z~3zBOwvz3Y5ID8kO@ODo*VYK6t* z0d~&UHs?iLDaAk2A8FPG3aQbp5qwxa3Z#RUUomrC?Fq}VnLuZ1t|tpeHJp6*xND1> z1A-!+M#?Yp@!B;sMoDI%F=*HsJ^k8tW0q;}hF}0X+jzi+-tY6ehhWe|4LrSdkzA!@ zI5~rPMPrVQb$c^V&P}8vyi4d2f%q8NNsqMN>4=n3U%u|c{0C>X&$nacR;cDMsPxWxGAw_7CWHy}b?73e^xHG0Rip0X*la<)M_z}GJC-ai9MsxXY!PQ*jM9;I5e~m=5TevK7j{vu>!sT z0~n&=*W3bUD#z#N3QCgqYp{_ z(3cbSNk>>J-)S-YV0~3VMgsH*2jutE%Q>zMdAh2lbs9C{_LS%=oH*Sr?C%v4cR!VO z^5ns<=v1WpGCgRM4m@2)`^DLV$1RFiXM2p}MNge)1scSfFOPMcwsM=QJ|3Ohob<9t z37E_{%^et?78Pb8V2_^3&#edGIn+u_#~HO%nke%(-3zhrJNjr-E>i_CP`^k*}W{0tSV zR!a41*k`hXN1&AwtD!J}vVJJ`4Un}t>Cvlv-M@6VGry|sOetUCPoOv%Z|`$eOA(0V zY=XR!MUBs;I31BHG(h;_DkoWdAm$jkI zio=qe>YkecsBQ5s5jWj|n5f#mP*w%Ly+51xErt)Yb5>e!_3;osVWpmCH=5@O&)a<*(=QhF&^g>sY>G917 z!78OUh+g}7uYcnLn4Wpb?lwp+T;d;^qIZg>^R4N0_Z?#J+l#MTiUwdR_i`{9ZnZyH zDv>po-Evqm44*G&N9a-QReh{Nt_Fi*iupehyB~o>ZzLI($zOmmI-(^Wj#pW?mtb)L z1{W->^{A#LoFDSR-eR4RAubA1S+rEfBjW86%a*QDxWr=!IiQaB0rZiZWY$K?`hm$!x`T5!BYP#Ca1xSag5c+yKuq4z9Q!Mo% z6Lt{uaoLrv+@OcT&^7cyRs@3qEabw4o z1W-vDY8cZCJqYfb5+xJIdsxSvRp}=@h%5Cvyv-VmXnrUYC@;rQ&T-UL13@J8-jLJj z@3GLMo<%D!ehU(m)`SRJoQ1?0s zILTuaCCTgNeNOWB&aF|%?V3U+X^PhK_6kKxEr!w3jLU7U;jE@9 zs8Cca7>_9pgHB$O>FjP^VIe7uke7aA2+q|9?06QUOz!R%qT;fhQ>kI6+-QbE!5voK z`cklA^+Rk-eMZ}e`a7n}eY~xyS5wImyvRws7D=vn#{J44`y>;XBbAC2gjMctvcK^= z?w0_q99w9_L8;s_8igA3r^#>-R~n{b%NfV9(-#y-Sn*rPcfWx&o&vy$e^a3WE`+5l zX4VEu<5d^9ClFu-XJ#XkV9$GA6zM9&GpULtwOj>tkd0(B>w?=vq7Q?yndN=H%OhO- zp6>Hr*F1e>`@wO4p^_4oMgGYUHt2^ymqNadApsI_B8h zOo$`M6f5(*eMe_Cb{{V;pHwYEtYgf^u=W$Zf`;#37gS0_f`Uf zQR%Joiz^*YFOb*kbJdvqYAEEHlX0sYWSK1vtj-!fgx0SI#hSb>kWs@301V{f;wvbc zP{zw)cvQV^^ZDcT_6CIDkLjOnu}k7!_Au*Pat0uNWkaWyPi%G10j%MbE7R2V@<45X zDOMsYoLtH5wOR+(1)1w!{7m-A?RNuwmr7d&phKYy_1L4ldyWaa$L! z6HtnW{X9>n8+l8H_3KX1_B1ohXayghKHpR)5@7Q1`3Y~dBRJ(ggwKB>Mp;>6(DdoC zQoM+G(S#=z&k;IljX~(42U5~)wE1%NL1eFpI=BRDXl@g6>1IC8E(AlGc0)==ni!Fk!EoDo#Re+ z#wGj#+7n$CKhm7s`7C~nr=4uM&CXXpN);+oO4OSr{7*G=p@sSqv8;_q(@DZXU|j*o z^AoU61JSCr#Q{LnNW3rjn$?L?Xo|&3rTE(bt1N`Xr=G}{WoP`Bw>AKS{-ou(B7CJ> zTFa$&lK9D2Hh}bvz&_<*{N6JK4Ikb3TN)PwPu)`p;Jqj~r^sx8#mJ@7gb)*iJhIn& z69-;kC0ZQ^V-M{ZW<0q}fA$>L^x!R^GIo!XfVtdY#cu*ebGfAx^QgKDD2Y1V(}1K9Fn$xPv@;w2|!0exn+;S#E`Hl z8c-+@@>mBI3(?U)ivb`)!m?T>@B_sGaM$m=+Lt?4D&gkTsD}G>&I25D#d<(G%Z?a* znLzQj6&vdE9Bq)ai~&ExbRv5R;L z*jdumxa&he6*7;-HMd{3g$R!Ce4(=VXwo>HWZ15{@mx+K_svv!`z=Xrk?M$lm*e$S zsGv8xFSYqtM%Xx}FOzGf7R`M3+I!oWi0vwig{n~syF}#+H1a5NXE8n?_-nfo3$#`0 z<(RsB7JqU)d$2=Mdh9(`rp(5W;SM{0bO{1+cud{9t2gMi8K%M_zA!tAxR&(=U;k)M zH!66caNl;NYR(BOq?RX*Pi9qTL6sV#nuWvSov**sHum;e@LT=yeoPIun(fK-lB-jl z4@Q6{6DTpFue|z@{f}Y@0b&H$_F&1ykw)yeg50(iwxb0R*#$+&-V(}>iPXG^u%W$jTsI%0!)cLp-jxY_znA2*$ zCMhT%`pUP58I8+oA35>*Qnl*i@Qe9(qhX0^$+y#B+@n6wY4Guq1b>RA+Fnr-Y;|(` z+@7VgWG7EJixv8Op0trJ=LaQSXF7zo36L_-@LmLwPT_(3%Jl>%8tlxvGj_H=d%!Xm zqTCx-@oaB*Zz||DB^u0g7!bYrL`ihp?bDrin>%pNa($4}-=XrZP6@yoEwmJN$;&pSeYIC{01Bsi&$A5HF5t7cV%>M@A>AT$|Bqm(K=HiyT&zd5{ z-JcHe@2w}jI7wI0%*XFlq_X`^*FXC_mF%k1azt4nBg?8iANR!*-fR;H`*LRJ>nMGC zu2XUTIsPPDZ&`|eZov0UM_^MbV25<}8fOD7Nw0r@_@R1#Kc6sSPouWzy*}E@X9Lw} z3qIG^43EP7yITSs<-4P?zu<9tFaFG9(49aSH%2zR_)hXF~B`mxk^=P2dVm&N$`_4T;Pz~P6i^vQv#NXqbE!_OrP-Tj1bT3HV*LrFyF-B zAN&1gDKonY02a)1IvKs>cg{O2TI<`9$9axfktK!2@DUAj+;d%-Mm00aXed$&f-yk; ztSu?OMf}tntkW%>XnY*f*q^+`HQnUwvpZKQ<8f;YIn(n+sy2~US+we_?dWBHTV=;( z-|F2ZIS|JfcXr?qyUq_Acq^Z0kZYD#pu0n_o?g41&gI@O`8z!B4g}y9iClm}&)?xX ze_VjJ5CMm~1tqf@U|Wce*DWG*J}!`Wvc3!--Bt0xrAyLj=Qo>vvNb9RqylnW>%*$v z9e7OVc1eO1cb#xpch6s$=XScz8=Zaa`|zr>9r1v<`&$~1Rg}JtFnB!gGW4fjFeRsl6|)PYSwix^|h{AabDh#KQX4D&us_8pmWs7>zvI1dz8VIVk_r@G(uq0lk$M@XxU>?&)J4%rH*&)e3f+LL1-zj4Ji(`Fb?Odg3QXt%TQraKIm zl0ph&bY8p+x`14FVDfzL^!lTFO1N=_94@K`AX^I)KbN?)Mc8ug1P> zJpgl@zh3Cslr|+z&ZbpLuk51Tl^0P9T=~+%hsQKtjJYy>m`?;a8&j=IBq=4?*!lhh zV0UinlVVrTy@ShhSGy>KFF_61)^oCnq`jkw)3|9Yb7Lq6FIO_sl?vFVibJ<03{Z7W z40@g;Swr|ltuLrT(SP^|c%!|MalicF_ws6T9BMWx_sw^qGKLRGmtdr6N=8&FOZlaIM##I&Hd@8o|MD zK?lCrL9ov>t){`@Nq%M%9um)jE9R@OT`4uqCX20dpF~pMxXA;F9L>@EFzkS|kY(4k z+cE;9^Rhi|^Zoc>8hX}`4Sy%VI20#t>fxRH?I`GX34OQ#_$oeC7>sQqDjcj+x@_Hf z@bfOC=zpKE&uQxox4K0-PRIf2_~J2hVdLaHltR| zLEKFS!-4}cGTMeV92slj{_INUjzPGQ0y0QV(=q^Ax# zQJ;FytCqW*OI5-_;#zn#5R@yN}5j36hTDyQvnN|0U&Dm z`rvEqA-N3Xp`j{cI-}7%z2&I)c;~u1DppA{ygCUe&F?}X!6{VK@>qu7p%AH>{CoiB zp1gg9e}ntvqprY5cppa!=||18K&zQ`&-PO5p|J0ky4^wnbs>UEC$}R+rzQ(6jeu|S z)g-=lp``o0p>ymTZmOU0{``hT?dRU3mrngZA&~qgw8VoQSN+iAN2c^y3q5(a6(uBu zUA#+12>zyE9MY6zPEWycrKTXqZa0=|<_(+UkP7?H`K6(By6voR>dF-m(Oh!m@R>(YK6ZsO|6^ zQ=9T);B{>W{OZwFsHXASRH4c!T-r0NF1~CqTCNh5e2O#JBO-UeBl4cmC0@9pa!}Ku zx1e&gv}s5*BVmF&Ko~~oyLR(Ao!6~#BHIBTS7wVIG#Yim*gqUUz8nkInJ5^bg36JL z@6Lqu#6!Ltb&Db6(eF&$G3LwNQxvP*kq;)d04v1pIt(!8=bgQ_+nZ5l_%3*9_y%=g zgyLDQ=fQ_Oi9(g^uvm^j7`SJ}%;thaTMrEZEPUV40VpP#7ZI<(6q(vM(5lnzVfnlB z9iYS3L7nU93(Q>EXcZ(Z7ZTzgBeK752RY8iF7z%<EHqL_kO&pQ3_W&4WHNLYk#M2)_hteq+9@@wnBq6!4L>CL>{R;1ZUk&-tm(1zJO1NO&9h#oC^PGr9 z<+v!Yl|GSe%kt;bXai8jXGQdqcj4a@+C8*W&*Gauboui;9H3A?7rRyJ<(9U??R@p} z>Ii{OTEWNPo&EY&TNtCt^hjYk&(|5?xvgj!znJ}?w)5bLL)Nd7H zi&5Crust5?Lb%L;TCNWo`5e-daadJ~~^z z>ZHS@+{*{ROa~68=Aln|ccxuG*%M{BiKwgfK;0y3-nV>|NjokaFKwzdS9|Yj5Q-#& zSo}7#q$_0WGQIV7d3osXInK6)k+!PC2{Dn~pX;s6LZQoPUl-3S^Bvp={i$*jtNBom z2tF|@-SXjByi&Z)+~B7p>j<1{w3W=0#paILpQ$h;`Jzx@zc%%W0$;~dCn zd$dCF{!sF5KygLba@rL}+|3Uw_89AE6SL*P?!j5O;N~w1hAP(_gA|#A=EVJWZ($-> z&`ma*=wg@wqSViHZ+Gf-u>%qa{g;z7JX&9Bu-m_JM-9bcQ*Jf%c6&Jm0XBz{EB^dX zm#;`nDsk4?euZysRPTotoIBpg*XZBmVhg$)v`QYxJVwjm1bVhujiA9|Y_&Q@kWR>n zV!)zd3g(Do!shs#kOq7jx&4u7#Nis>JV4<{^5(eZj**9l$MU|J$CY)cwS0G~P1JK2 zQ~EWFE8&Q?>&Y-Ff#d00N~<;)g>rpGasuR*mxUiq+45y7j*~e&m0Rm?sQkn_5iINU z`reFWsYf)tAMYQ6C2AIQV)q!4-f@`@XZa0g_ziaMo+!>%V*f8mN?^fW07E?@A9FyE z!`?!1{UL{);%)!sk5WyWlTGXRjYujv##-t~ktj+TQnef53#1xjRKw+}taLUe?Iu#G zI1i9XaiK!qTas61{_5ZM8x5{P8evd*a+MQO?6yYCn51{w7m4}rTLvw8?9C>DUQ*A- z%l8fnD&TV^v4F}Nh4-k$$ua&^=#t1V-t_9;9*G}biZq~9zYc@cvIJSj(I>*L(iYAj z4iqVs5%0~`Mmb`)=YK&2Ioew+0;OgBG?Ot)`o%BYraH%773lVuyB&k_WGa@F6g zK=T$of1t($m`{zb&r*+TkD&%70BbxY4em&ObYXOlWV(ls{jJHMX7QIX4q8|(w9{vs z`D5jysQoVMqFq4ku^fsf4y$gX=944R;Z{v5t`b;^*KeFuy#ruKlP%P%sWbb~F7-Pp zpAHY$4yhbxDIWw|D6O;xO1i=MbnGO*q9f03;wP#nf$a%!^b_AGYqdA!3s6sLofC6y zrB&I*W$^n9-8Zps?`-yCnX7kqab#^}zr~tjh$Q5;c=%oyGVNOd4W<<^vU_Fg5AT zOg~e5T~k3(8jB(5SSFcOcBW>hs2mX-G_C@Z@N!6X+!mB3j8N4vuEu76Ff%xg|6Sc# zyuVl^a|7um|<7+fdo@M>zyg>1Rv(wh4o$Dzg zD!+rrK#~d%+zA?3=4~?BfRm(ss7UmhW`&K45n!*4g8_F4G-p^T6&P zULfQUzq|PfbmjoKv+au%>kF~8_)^&muNZBhFF0OS#uR(CFH~3Kt7dKxxK~N)eZXD(nt#;3GNOP$BQ0*S|a=iR4z6#N}wHcPndo zzBlVB?v9OmM43P==+>7B4dAfSkaI7$!wAhDh}q@^8!he37!H444Ci(-7Mb6b)SIZW z)|Nj@<2+3s18#l_r5_WlOMYIL5rr}bwlMo4+$kkFD zkFV2X3KgVMT|#qI(>clYvqYZveEk+||ME3L@b;Lc(R0WQ<=eD0V!h+;m7=$S4s;qN zzVsdkiiv#2C7qX<(qH~)QuvwmpZwpyp`U7!x6_!U&ZX7@;s47yzm=X-}&leC1Pz3GZlo6vWHH!X%j za4Vw`QH(JWWCeU#Zc0CYn|5h;uBPM`A#hOfXw=vsX$jzjl4AH}YXCFdg{9utBun4@}kO&?Qg_F z-qeE$<#RGT3l{&!-dRS)vFGbLAp{x;Gz1AQ2@+gFfZ!Gq+}%C61h?Q2+zAc|?!g@z zcXyWtf;H}Pi<#MH_B|&vYwrGXznryLi=rCn>Z-r|^m$h*O&}K-qgC$gd##T%@#?KR zE4<9!IFG*g7(wdQbJRDDm?g*8gh>L2yfwQ6$kMECOG!^Ir(U&HeHfV9Odzo>Y zwlh)S*wMoa2A1&Map*6wgGcblQtZ^HNeZ}SN!N80UO<*wtW)eZ`isZzuEvC%FM-DR z2#-4^>4aKHtvhITH^ax8(2kiqw9;fo09U*GOr1jbVzM@W5w=i}ghh+Ldf1I+oBCwl zS=BD}i42Kg@=q~y{bB-~^FwBT&L?oGWowj4g&*ep9U0sNg0S}>nWl;bAAlxK!O$TA z1ss2!Fn82K}&Jjs!Q-YB2T9UaMiIi{o;ZCpk16&uH`_}*S9DA;n#EDlISh7+$# zEac7$YMiv*E9D)Ou|rSto^M~PoAyL7N3;E?dzJ{8FL2(;htbA8)~7^xWMg-C*H%4I zZ0gh{nP=}PiKr|C`DtCllI2RRG3=$@%VXtYFHIv!+ zAU$Y(0X_n)($-@urpnjZ?@@QevXdFNc`s-Bl^YzcLcOh(1`&oB8e^*y-JFSpYQEW? z#u&%7Z{tq&EnW{Jvl@o!q8#FLKOvnDD!=SqsO6Eq{usOIqsmIzm)X&`UQja0fz`oA zBcJ`F?mbUM{EGk|kLkSIRg|l{%eC-w?~VnyUIIl0d~OLk?J9oP@0TBfwj`XGt`kV# zI74Hz<%-Smu;E?`e=r7AV#3JiaEqbym#{jl@fIP`4DYAw6Uth);402)XoHouTR3jm z=1eV7`MtjNw5ZdfcQt`=o8W%rvdpK!uKB&Sc^1Q7x^FB-5stV6kx0;vh7@j6vJQW;3P+PiOBe+J^f8;?p8GJQRr{8Ki=6WI#HVN>-; z4GcVJC@_r#S(~mK1lX(6clM@rgp>`PEu_2FY`8PDm%VLMoD)+(&Yq!oRJV+OnxVe5 zUy)$YS(?JRH*0yIHktiew-I;o#k4d~S@R^cw7YiTpeY=k=pEfuv8JPC=NfMl?y{C` z)n;sbrkmLK&0wI7TDl$|nw40}J3w3NZuc@W_B}_tEmTZ>@xrv=?&X-s&%4Z59yF0yGUP1%t_eapl4)y)SfuUW*zA7N$!4(gUElP{7&2?GU4OWB zshp_q8=*z#&KCGw|M}N7Mq-Nui&={m6v+CNfdUSfeP;C_HxvRRJ_uO6d$7$ zkg*x?_jLhoH^;n|=b|(esPG3K4R+^VcU}9wNV&)EsNFLnsFVj=Bc9&cE4s{-0&cuk%oj?_d3*?P z=o9zHdG}ok%^o52hiiT}$j8i|2N6<&k@l~*Fv8sk9cwL*97v8|+E;)e**)b)WB@#V5Ef_j@Zt6HaDQ8)It{sz7} zg7mXoj7`p_h?^cCQ?74a&reIBW5yqHL_|}!6ZD&`*)5#v{SLMp>a1WluA)(S9Yqp& ztlKcS#mVpwobv?L3b_JwsR)U;1soc3Q@8t#u2-o-FIp}zu#Ud$`Ju$GuXc#n6#;G$ zd^=|vulsu~(?zlGq8v49Y-#BBc%@(--Apqp?F?i@~0Z+rpdbbFU*8Vog{r=-SV zgjz$7O`Z=Orqnx96k$?c%mKa#bA9i*1B2UX4L_AeE7ty0tHtr7TTTcGUs$^hX23MT z>6trf$y<;RK5-J0r7!a33#?J_B628h#}J>ZcF;SPUodoVRBE%e0AD@00)BO#B-IX0 zT2;FV#c6v}(!MA}xr2ng@bKamZmE?C9l|PQj*al9(WN9yDrL67v9ZLiCdbZcG;C!_ z?7)ihq8d}0e2t%rv78s%WbNop>dOH19>=BPSiTZ1rQ=_=nr}3(P>&{NNhTbG@6dO_euP{|=++r;o_4`~Rr%{qTqCm^HU(+@X zdLrcR=NRsaK*zC{BVmsB+b6G5n7hP&laXPLXldXaGiYha_~|-S!UFB4BXU3?Qzm`W zn0k(cwovD;ZkgX<`XiiBk)+bEv>Qkyh!_HL8b;?q^AHp-T50&j zWYjx>r>WrwLAhCCv2wsS0pS=BcNv)2?Qu?3*2ub*LBn_#!sE+ikJADZ80XvO zNZ>)Wc2HC+wzS^0MbNk(R5%C|xk2-?t>vw9G2zu(_}R?_Ak*twnBDM<*+da!4987Y z(LzP;fBh;A9qvv4W1wO%?88)@lyKS#$Z;z>lihB`%ct2)79$ZD5>nK%7)R2{9EQ%} zuM4=N{ifVjR(6uNcN&-7inYo>d;NX2-@2+`eXgw}u(iNc>MMWa!qNtPk&0XX65K@? z9Jm-j_=tJl(`nSC_l>z8EPL(FdGeFAxgw-u^58)VL{1tvb_n-BX>h-X+XuNdZlgFm zwwedDfwFKGghkM(x{3Z)lHg_Xz!EdD=XCy!&B`46NLc82Ln;~wvGs0GEK#EiB~_As za3z?nnW3Wlr~ryFE>MU9+CGpVMk9ZVVhw}%6_9+UyHaqOeP5%%2;**$P&YA6rYJMl zY8~&J`cunW^3kl^iu(gGtP5)}n>!7T{hxB5`b}MfA&fkE{@{d^cNIue2V(`+QE%?S zH96eSQ)S4x#himliGDOyC>k3&pWB5@fBrY2kT#gI4oje;p|N83IxIuuudg{&A^43DDd{iQW|1(*sb&n{G zFsvDq%2EUB&Zza7lRg#kZ}lYns1J}q)VgVI#edYB{1X}Bl_0_&AYk|WjLs->`GI^W z>iaYzzP&gUjRO3>S>w&V&u)`k?*@sRLnp$cuaqcRmOM8FNeJT7ULwn!d$+$ z5m_?pWBtQP`X86}K>eZeem_aL|}x%9QJ5G1!$yX>`Xb2wuY2VR6YQH0o0GMG~CT34o?Z~(0{nSQ)d5G0agR7;tE?!*F;jDPb{ zuqUJVBe}iBKa8M}X#V*vXEkoxe|LxfG%B~=KZ1)Z#FKwtJ+^xJ4?+@u%LD1^OXC~D z7r!f$`nPvLm3Ted|DA1&mcBj&$`&c8p%4C9~A z-Fau~%4>b%HjYM`cp?=xvMzY^=HLI>pI^=7@j`}*ZQHG@c`j>g3p%qP4C-iv_!0+e z{1rxa`)4?2fRUX}+mv}7`e{780nN)X>%P%W8=XcL;^f875f%uaiQxqdTscTxvjdIS$|? zabE&VFH)~Z52)>zwfD;z?V$wfs~yl|oR;{nLcs{|`vs13Pfo*va~3UZCb+@?k{Q?; z{y-CR>GfJy_)8l-fRN4oTS7Lm7ndU}SPfIg?D64vBLDhnTinMMbvTsxl2H+^s=`eR z?6}|+_=^E<|G!521$I4h<=@GW{SmDBtyc=1WPX5EGygSMH7!t3Tl<#~&MOZb*OkA7 zaMpO>xME{({AL6Ew=*e%AC>B1H~DJ>@~^;MD*h{6ZoLOCx87glaw`LO$yVgA(5l-W zXw_|hiB??$?75M&e+9Pw;sLh);;+Hhv4Oj!@mCP!?bg5`>^S&K2=Zc3yM1iWZ#fH( zF$2TkDbKIpy-URz3VK*T$y4~7d+f;@(H;Khlma`!Z7|JCgNm*>IIhZ%Sz-tzeW!ub8}UHyv&$M}%_ z-zWPY**pI`jDHg__|540-#Pmq4X23zU7&t5c>Y+F{`}Jaw*_kT{UwOw(eGUQS#m#_1d0I>MgISF@6jg7u|LyZl2H7h_vW=?JaBDK)gHcn` zjOK4%ycJ+AiNJRH%Ku&T;*XmEycy^b92h%=!%ifZ3i(TLhW|lY9oTcJ?j^g`Qf#uS zoV*6si+I2955LF{hw6v(1=mmLKk~r=`$`L*LA(B=tn4E#IZ(*5$k)GPp_daMEbUsR z{}_&b^L{z*C`1TF0N}?j>irH9RHJE{-@jf-yY}Re+0n; z59ujHarwo+`se@hJZTH4{aNXuHOIgCq`>^~yuYOaeB`eySl&|ii;b=P<#+rx zvlQ}H*D-_OiFw_qn@M?AypItr^&P)N!|$SrxEy-ecbcN3bENw6p?NfaP!JQ4Pddd7) za#iN9Kgl$QvF!rAqJ90U$Iy}QqN6`PK6$O0nP5+sO$lU_vkTQ4l_ou_1(we5Z;r#) zhvG$%acD>Z7C@|<^RaIbLciywVf^mgebVmYZ9&sgn(Vm?ASwF8sVvil!02Uu3!vr> z%^6TP97@$T>>A{WA`^0Xolz`1LhhFZU`a5kq>`DEyf~m;p-F~IO-l*{_0XHkU^z7; z@2|LwG_ka?@qjd9z>NQEYkr=3ZTHIeFhLdJU~V`kN^SR|Mxb{~4fq#y+JzVVa<8O` zor(NMj)0n5!~F(F`@GMe#{6a9xsaUUq6{`idZtMvatqy^|H7^N{%wqE+cCY_rGrba zdl;jxHjHTYLl;_6QTF$pbEF;kZ~q+1Uepi7QY?t^KS8p89*#hfKcK7ndS}udHnCjB z!Q(u-#nkZ<5Fd>P08M=)p2_wmxNyNcQ}o7EwENWw-Y@p$ z0hztl=ZL&aAr?2&j)L@8n)MEvP1kp#nv~?8`0V*G`$|A7qg#q%@r$v~7A2h;P-ihf z2EAekt*j6Kymp2J-<3e-Dn1^hIia10J~l|}Aa_oH1~=yuv@o}DzO>qJ-k zj;|#@%;L{Rk1FFSEH$R?laa`VE|A6ypz#Gnv(tBdQmu%SRVX$mfq$?7BvAkr@kUYU z5B0GLx#ClcXcmNg9)bs#Cu7)0YvDsZ2P;-$H%^Cyz0;2S3(Y0HAxNjF7V{_N%d8ex zgx}a56Jun^Us{=O7B46<2f}@d6n&KWJn*Ydf-69*rDq(^-56d0y0uR3#-yoYcg0Td zzE$znFrGZtRg-w@Sr&+PY?Z!*SkSCx{LH4UGfmLFs}$`$>0z6{q*4)^*%T)zIP>9Q z`92|i?6u?{s=j^^ByUS|acx?hJo8FBRYNXM5HE;i>9!tYbt%o`P6UncUEwz3KzXiu zEE_lmx{oN~qP;sqjo0UZtm+RO+>A%U92T<ecuaw49~HQfRU)5s4K@l_1kDXZYz)c}g1Q$7#}lp5s0G&fZdr z5NagV1M0P2ObV%Wnk46uz()=5`AMH#U$jv~u^Kz1putF-?zczE(|mGsRm#YtUh5;w zT<`GGl4z-eud;!jsEoP?z2F8Ow+f2&R#w$oTjyKU+YERI@Nr8V-7WueM}cSalu)G? z>gFbRNQV;);sHArkN^>0ETcrAQcex`PbNX zLtlK!mRn$awiGcfHf>yaZ>{)EgJC_dZyCIx34`NW2-+pki#m3EQqnty)gA_j4xrhq z5xqMbb{fU|Mwf&;KjVqiXg zLn|1}*RzZ}!5RvXKD=_=z5(@WB5MH9uW&F^wxj%O;k(aS#V;BDy%vJ`Rl~IIl56yL zge>;qggj(>YV7gTW%^u%n`nPn-u%lz+ZnZW@l#R3-&r>Y@R&d@FzjT1f_}Wagocq0 z#-PQJR&pUnvNN5RQ>by6VW8lRR1W~d2L%-1WktgGQ+{-_`W5P_M9dVni^}H=j0&Oz zdIL~*auSbHm8jPxcn&_Lx))sfMTJsCbG>HtiCiE|()KUL@j=nqJGQ_d#EFS5>p)ns zWtxdSt!Cf~p1Edj1cz2oBW0pE8ty{BQ9hQ2M?iDwI|4^@IZA!wvHOYhIpH06)P83~ z8OGoW6Z!5bmF(-_c?ih-%Od3PHC?1~h>=CkUX&Q~5I5%+CRl~}~G2U#`WE@EN}B>Xh* zar;;zEYgX?phk&;OFvP+Wi_xp#O<&2P+7p~bl|AD7~9=Z(O2XNYX6EY9?UU*fLro%uV~abVO?Lblf40-$(EO+^DZL!E+K*C( za2W*vIaRft*dCTrUvcsH`eCO;+f(NRSVbfNskU(|po34pvmkh8GY+0S=@I0ftepf^ zkIWdzIE&{UNRMTQ3CYdva%MaQL>k=m(fYWontzefKpy)RxENo63sBp|2G7Q%)eASX zJsNR|AUo;ifbh1#S>bD?N_5_bWu-{>K4EpH2JB_57Yd(`M;xxpT36uTlbX06X10@?-$|M&e z`!xCk3mfl6_$Po{`B+@xO}aGhCxzxXEV>Bg;9xC_MH$nn!fa97-HX>=pdL&1yQbIm zXS-9XekdE!`CZzyme2Ne|jC>Esyk z_~H*@_IxeZ3In+LC=HMN409A~O0_2%FRoW!&brFjDw1S$Z|6p^a@rc$VcC|}_d z%B;PqI#@7_l5#Hf=26dz!eZ2FCmfw~1++EhIc#G22O|$t8_6=ibw1nSa-#XkE|cM= z>P1D)FRk`h9(^^Oy45dnv z-aXlgrjqU>rua%D+mNdWf88CBk<7{^58m^vG%Z>bX&&NHo*_i8WFwmfFVX|~sf;ku zH~LF=Pqt_HUIk3p*?;t__Hrbiw*yk^ujv>`!ED8ME-A?zc%PdM`y;e$q5TP%g2* zsNeCt&1y?)tyj+!M(R-1KG1=;Qg)cDbS=R~V=6wHeJpLqk`=hY(K6o|W9Y;FJmki` zbCmcL-#n-9LE>K#7;%Xp<`MW}~ zg4R-7>Y{k+tUd49X4;g&N)X%Mn0~a-BMYHO^H`EeGS+f)xtR3g;Zd>R^H*Gh% zx50N)6|#APpH$2D5gT148lzF32Kz;n>FNi5!66RnuWV=j5jo{~@L_lR=d+!O@lVp8 zr0WZL+!VTKv`Q7}uL4Q5!%{ekQorkqX(WpUr|uH-l;j&PA4IO%s=D9zC6J|Hz1H9# zI^Vy#kk{;z&l&0k;KcSO)u`J<)Y+|i?`~b8EqB@!hw{>S&eS-TE3H9y>FT(|6@=2ztaxw9B|;< zWgkDIwUiEiCX|I~*jPcmTEhn&wAux7c-1KeB7^+~k-Gj)$s~IxYWc_Bc>0JFtGE#V z8dhJEM4;=ezU^^jxX2R5OT}(#ijC5_#pM*>KJ}@$Ek@MYo6ewf{U|$_`)=&{;HDBD zNnR9go7&iJB|Xt_QU2nj18M&hr_;Xp2nPq~iJ|}+%nqp0%BE~$-xCaG`lY?K8iDi6 zmc$42B^m{TY$dormFymnH|0B}9psj4ou|;y$BhdNb#7(0l_5mzGa0Ef&Q_PAqdAU_ zh$ZS~&8j6&WwKGLmT1eu%lb`aXBg-p7e<3>>8V}@ET-$~re(~{uW5k3&7Y$p!94oF zS}YbzXXyve^`jjX(6_4i`po5f3AdbHlmaolkpnui%9o0{BK2xT>iBdnWH?I4)mP)r z0zpsv8*4=9bLad-rrG^%_fhu&xFC zJCNAOk3*jfRnl1A_Fz56PZbIDP^)$k2@)j4OKKv&qJz+4b4%(n*i+GY^LNv2QGJYR z7f`7XcMiTj_%40QWJ=Afb549qxZ(5MbY$Mi+HPX%@))=1YD0r5C+RKO4GV<4!fz8^ zDML^-z;$B017|T1hf%e-eED17jL_(rw!<%d4&%V4-3`-_v$YSdt6pp1w+)=@DKbN> zVPp!F!qOy7_r?6f+vefKw>cY7o5^yWu%u0sR!G)pwKO`t<(sbl$t1IpVhdV%4J)29 zYw8zXDS?B{4;`>bG|5{-G!l8`w-;;DG+5iNqpK4}qdTX?g8`?!zGP1j&?<#Z&IIqT z-+Zv<@Yv6K#(^8WRO2=V;j-{2keLHeuv@LwX;2=Y z(^4Y1ni745S(kA#pA6_6tWb$(P!tTVk>D&pH6%W@M`PCq!Ky@#-+PC1)!#3B*;A|j z%qe;U)aX173Pi!~FAxF5GA5+F;SVPqeHv_+moYRa33NvQciDdHO+_qFApg^8rYnP+ zqH(;YSfNuLx2b0_Avd`?qpsij@S%3f5O$Fv35_@Uj5$8yOa-pX9V2o0e8I5 zw{;#F5Wc%eYWUuSexEHYG8o6AX!^h_iYWoBb>IA=g6+5r+Ltb6Ya0J5*m&(E<=1#> z#8>Nn9Vc~P;ohtlDVH-q5*R*Pjf`Ym{mE>&^4|JV@6tsvg2QpoQT>PhobvkaH&U{y zJoO3{q;E|2VMjW6YNQ_f^LW1|%VGh_Ks#1-6-_0v_fH=1f4Pk`&- zi!N%aAh+r-IWlib5bLhdQgwWJJo6`4zO%al8}qU+XjTeL*SGns6u9N5GiJZN$GbE$esM;rh~ zuYI%3gm+5yO*s(M-?tfKhv%a#Q7YP$tU6ONbZENX7mY@(yyczt!9*J`xYo;E1BXIr zl&CjxZGsw~a7Qz;S?vLKIge7ahsD4XLmOBq5nqSafY{Kt`e9wI&iTg}1>fpP>+sJe zsb^|N4sQ+Ez{%G3^!RTJaktfkae{#feE>Q0PdwktBj&Wu(fM&9=)r^O})KD!BNj7*I;ZwmrOH3%$(F}L@*uF-kKK8~;L`eWGa8)xukWwS$m#j^KRD8))E7skD2#Q~_2 z?V>|iy;ev`2aPwH6z{zwx-G@yJxznYf_qDRF?rhBFm|;m62IN=UuQtlXLm#uuf}`U zj^x@B(K0i0Qjrhw9ruO`M#~2JY=xaEe$I_LZUWAcOqZ6`uhmNy&%w`{6kc^z_B-r9 z^Q}&-Qt8h?^& z_Sa~1!K;7swB%sHd6KhLdy9)s7A_z88mq0@~?r0XF)jM_~hU0{>8ICT@sM8Huh(Y0X@n1uj%1y$lUcNycxd^!{imL+{Z(zqLM&A(_Fq zcZSJm<$C^K4_Mu=oAVr9&+th}=(JxsjC4z4qphAUKA|79n5zK$akeUlnNU z>3d=6VS_^Y;rO@-Q1RYE@`J4v8(kbKalj*a3p*|BrUD~LrG`ekMkuY%go)agJjP53 zP&8Ezv`+S2>!yG7u-dDzTvxV1-ZW^wNMf^#@-dE)&yf-*p-AVyM#0UKF{CknCM@K@ z8a%0@kjieHkA`9#_EJHj;BCt3eniI0_2}?8Q_F>V`*CM5g=7-1Xb$2D47>L`G8!p2 z7WZMo^*pD6X5D8pI2vEQ<94g#A$5E03%g^Z;Sy+32ovUPo6ixlVPWPGxqdYe2K}^` z{gKE8qyJql=Al9^`2mDev&N~%qkFc?Cg#}S%wxEjmhq#j10ujb*o(17_JihGICfb# z6Oh60*V^@5|WE1`pWTw2$d-iv)WscZMaKqe<6k)vGEnO%2|3xGzHFaZt}$eQlUD?0i>! zBXG{2j;7Jd<{$F^K$*E)uG2-sV=?$*zt`sCFS9^0HhtuK0%#9x}Xxa*0-SXi{}g*;>wLJ5Z1jJIJZO zF_K%=1ZJFF$m#zx_er?mB7U#q-nba@#?beIWcj7gF3H5AF_5v6f?u9li7?v*nqRHs z!d2+eDf<#iDx2@SK4L;aY_0gSTbx%7uN5-`D?Iin%s@F4j_m+08)bH}(YV>=9=j~; zsi0m%qEE;~uBxcZsk_k6&F-wlo_K@pAIv{Zp~hDS)k}qO4VTCXnMX7CyrrXKM)WcH z6K1AT0O>knvgGY#m(ftdDDwDT6KqeA5A*3Os=|NkkUZCP?GQQvER>Rk6+Dk^ z#vW1FTF$Q<65ZKM#M2tIt6Oc6gOT=@s+GTD(HEZ|y4Q$qzO~&p7;f-8FcVtBdkM&< zMJ#YRc8BDxJ=JggeCS=Mv{xa!_TwMb#KZtP;wyKR`L~DCs{j5)>i@h2u2UoF9L=>m z%xp@q;l~g8<_q+aEb$~MWiQfBOBD_Q6DGPVJfZIBD$~evrM*rXw;uRLmEGQ#L9aNlqDqw9E+GNsl)`xB)ZNsw4?eg6)R5Do^Zf9YITTH$bTdAHeEogW&RF^*LvVn*Lw z8vg zK#@_|9}O>8!h_r#nt~_!20^29XgKh-udO;T=m|7 z?>B!$BKdouXKvJdH?~y8j83F?o${9hiYy5#vD2>6*?`S8^X6w;=w4?+qi1x$9v~Kc z!XRu9Qr{}L#UxZi*=xx6MRNe+Wnc$%H)|MMt}=mYoMb8{dA}NyRUJ;*Od3VM#aZcB z6dd}>ZSs}A@~zNK(FP@s{7BLv>@>bMpV7D~ z&8CP8YWRc=mGoPY0$DlkP#3LNsFBRx4?BHWFWQz6T`n3X2y#%p!1Z@MJO2Vi<}b z9HAt-u{N;>_Qa=#XpU^e+DDWUDFuRN10!0VA-TC7eW5?JQt;6RwC;EOD`7N+nVcqk zMkV@TuCsBp>JUuq3_@;P=wR$Z{t@I@u|fp_?;Hl$5k6?V6sTF zC@Em-JI#<1yC$bOhE|ciI>oO0)u+?_k8}fC9+JbwWn($s!ot&{_z*G`pzp+R@`hsj z+7^dxum*tZJLB2NN@cTLfuPxC>!GX<09IqO$ z8pxJjGjcG|wa)y(p=j!==En$Vd4w>v$FN^-)bu!3O2*Os zAaT9Vrt`>ZHr!!!sg~gcwdw_q&{$y8Z~>5A9zqs}Po=KL`~f*<{n2 z6>hxhuPXKKW0Qo4A6E??d0TyttO2*BB`{UFd4ZL>!8c}jR zHf<0F0T81L{E*hPSbgxwq#eLhlig&~wmEV;t}Nd$hrj;}Oi?B6W4(GXL5WJO5*ndx zgYmAe#2R($SFUmrpo4IuIIM>;g0cFe+MI^zzOR?+BwbkMXOJr+EnzSar@2joF5n)6D;;RB14huQ&1_=aUoZ^a?I$5Smi%cz250Om zMvwt-CmMcZ8CxXtOVw*C!`m-dWmPor2^l;~)hGSH^Gc$*>RhJ$>Ju_w38Aew%1TA= zi)3ahci1Y97?Synv(WEwP8OcvrPQBJdXw*@i!C>>-!zC$-d_aMX&jZ^g8yNKNAi%L)H`%z1HtU zMKd2z84*o22Rdg;G00@J4rB z_7U`O%-8~w*x6v+PB;svFv+I!O;)RI-)dCuZ!12o_=Sk*+s4im5bmF6NvCxm=UD;y z9eWdEltVt6G7?m+8S=K}6od?zj((>Uj<2(6egmK@sMU@MU%P!CA!!2lIHg>tQ;SOE ztHBj9?}~s5)?{U%IS!D^s79Y5+q1m0r#6`LvR;Sy1>61_HEh+mp2%mLl=U_JsosGM zSS9BuDHAubZ%1ov-1F4yv(Mb%VFHn#hLrLQg5WhypD=GFRxWJ|&(T*Wn-k-6eQ|*wqc&_ zL0Ei6SmU^)1D9vkb(1JVVZ=mxd;h>AEvNFYdx+aFF^2#5>i55gs`)F(bl@KqOM$!t z0X@mUW5MKG<)O1ulj2$HSV!nKc1ntppX~9vBtqA+E__<*0@s6#F#Mtz@7=l`ZG%$y z6k_+0;qiitmi2_E!RAbx5NEmFJ^@NB(0^NB9BmYwLMPR%#BSI)qepm<|7b`akuct5jIs zKmIjlRm!&eNxrN0)Ft+vy;#9~<&MC4c{|(^ zlFd@2h6^&?o+(zU{OW>hK3YizVI}_ov{#Hjiqa@cY~A&m#*I zWzJJK*RUkZ03E=9T&og%MPxFY8+L{XmNPcRO_nsiqDY4P z5E+$$Oza9!yfVF3lkd}yXk_sf1SIc!-+kWC5Q-W|VVj`w`DxaCC+9huHAHHM(?E53 zgjv@Bmb%<9ccMp*}7J&&SdJ}7x&zlswkay4Ns(6c5F`LvXA@r^a7$lZ!tOwI2f z6khW7s;aW_IHi#KxoKIbXTph3&CY|sgIA+ ztQYc#Gy|+-$dm4%o|?n=yHHI9 zK;qaraCa(xa6Cvs_-uN)H$@FgFT}GN=$%=dWStwQ_zOU@MKVo=m9XRwu{6RezINvZ zAbLH)RDp40_VVyG>dl_r+v#g|dx@>o%w8^kK3vtL#&MO6{zS~Lh{Bo&<`en$R6qdO zRSl%qx$3r*a8p{<`8e1o|dI@30;h#$1%!f;Hm!tho0GjokCx5YN=KJqC0r8Ze>TM!gf0? zRIIRH$Vuf9poAR1X*VL5r_z89-=lpnRzl9tHX}(O= zkNwpfKXEio3S_h(``z}}0dCiWWzPlRFy$vbc5QM1=u&^60Lyx4>XF=9otSx&I{FGw zFZpx5Q96d2p*?tMjX0^`?!f)Kc)%2$EQT3-V`t{rJ=9tGmOL3+{Qx(11bxs0_<0TpJ`eAkgKAi)FEPVGBvJS9$-P5J@EM-9? zqaw(P#Co50cfJku$dGp6@2(5~I2dTg&0QJP`mHeq6j5M`X^a+`1z4v&!*NI}l9LTc z7wBeiLKoN~v@)MNBT{1aeH zlwl|`4e6B;!zNpW7H#Gzw(a-Fm6{#H^A6&co9(8wc2ZEww97Y&pa6W25RzMGG2HjW zGjDS-dS)r-%y>#Z<$%~nxnVO#na=md?$jJhK{rQ(hhSx|E9U&PiEW8?c(Fq~EE8`m zU`9&;MykBA!)stXt>|danF6mO6{CXwE^7%#-oM4vyryd1+TVPrc)Z+N0RQ zD>l=~$g-CKziv-=lnR^~*RO{G@|z0OO%lr^J8+_XlAiC^p(JI9EH<6! zRl;x1PGxnByvex}FTC?2S_E^e0+_*yE+RVeG!Exp`H?OUI?dS%rL-Ic6FO-~Cg3!x z8OrA%VY0qL$9b{R()uKzaBYzijreMT1{sF@GIokkITgep!e3#)M%e0m7~-={#qIQ{ z0r#d-$Puh_TCCfSJ4stSxrxi~A%z zE*dC!GQ{LxlR3-l3z4lbNIZ|e@gkt}g3W7KK!z?f7%_(kC;7-}8=)#_LyvLlWYP7$ zB>7w+`#Khz-#U_|HXdybt;w`Eh1>4?ihvVd2#^4YbcbujAg+*D8b!#f+a^DgblWWC ztFbIQuFJcCP?pcr9~OoHi(3ss{t^uF^0d6CRb??oo>Fmh#~D$*aS}k8ta)EUqQMgk zWMnamZFs^U_GVKRf+4!a0genWXKl`~{100QQZP=PF=H>25Zj|J#`7;58Wz8o(`i&l z@Ln8v;$!RwA3?q0Ek9YHntp zee7)=EZuy%LIlYSCVsz|Le#MTLw1Ra#ZZEAbC4Fzb0ILFtZw(b3R%Pmm8_3cr*bZz zQF+?2=tMfnBjTx@QFmlpz<26L3l&g|?MAN!Qt{l%GHxkS}k*wWq(L#QpeJq*9_z-$`$J93psZlHjsF!FzZQ2}J(xurof4Ftf zVBz4Y%s(_R@V~;)p|1D<*Jt$GUE>2O9b9Y-I|>Lz2aI2MYvit?XmID}ZA{itn z*Q@OUws$CW#~VFaV~4Q;sDYF^Ku3ltJ^T*p97)A>_7TlUo;V{S4AY@i3UHO{uvoZd zf(_ok@TVl(av?;pLZc+?i{G9<6n9Z}0Hnz;x4x4yKH;!5{@P*Vl;?8qBMq;|W=yM* z`=w#LA~N<_MkJR{KuX}W1%*ix$EUhGR8Qj&p$mFfR~_?qL7=i&kIx{BY;tSNv9zTR zvCuL_?Wj&I{k(Iz7FwyCq%P8|dfpgYMb%;sjR({!4oV)_oVtxx#VEbsO5M=>#>04a zNgrlTIimzF-Es}T86)oE8((DtcFQ=$f+_!eWSce=u`QKCl?ca2zIOGt(0m5vT$%3M zDm|$3Y?5p)f;THu`0Y>q_%E@{+G!#c(X#Yg_&$!f%2fbEU3n%l&RDR~c{^RN<7l$H zPHI7UX;x5bRw(P++q0*x$ZZ~ZQ5}*FxkV-1gVfSSAjca0u6-GcHDdo9M*Re;keNos zq6@v)9<<7i`5K^j&~|HB_f&%q*?v9=)k&IlBgpUdaZQy2qxHmieQRtkNPi|Dp1K$n zM%WPj&>I0KEjt*;>#p``EZZ;kS-9Ta8>fu6Q%6HEk4JHF5}=nYgmWsH+FS)5{B}8d zIn%;5mA0|tu1@NywNsDZlv9f$i&!ELCaz`C-juDt8{wRvaDpT$H%WZdgr0n}V=?T6 zn>p*VB%;JVKOWJiGK9o9A5Cd{?yzKuV*%vYBxIC?w~{m|=g@5{=p2ka?;yMS#JEwc zM59uQL)*>5}e{UUYY-3ew#j(%mIUcQ3k|1=6sHJJ~1R_nfo$dwlNKd%vs) zm`s>+)PKZpjFIWzw%fd`*o`*Fq>?8+dI_oux4aXTDbcQm@jvcKk7G1227&XktzLSv zSSx6%c-%x{vkWD2iXdJbS~<>SeCl;6mi{}q<5m)wUeUH@Xz*_b&)>gY;f103j_zvj zqr7^!YEb>IH+FO#81Tbnd|>Fgp!7P2r-);|N?Aw?EBcd zao>pEGVGJk9vqir7XXQs85D>>i>wgJ3es9$#n}RO>M;fzu5IknsSBu`roI$@93Y!k z8+ZlFkJqQ1Zrc)RG>KI2+uV;|`9m#YPFj5{7V2MA@0h;l z%N7z$3^WQo#mD)<^%)Nl-Ahx|*QVGm_G?~a&Ck=5?u@z`6LP~hUBeOV(BPK`YFJut z_ohpXHiZrhd7=`ek;#Lex%a%}UK$7_xhV48B!HMJRBoye#s%ugXUX6#a?nYPI+qr~$)|eN?IB$nev8>x zF)#YOzrB9-sgnW8wG!wY6ED#i*?)7)11I;9!9~!XTpV1%EWYEv{U&{aIiDKw;a6af zGWiFK@iSJ|hwzz8{}+egd43bj=2x^Y-_TL1k+f~}zF-L#NHFBF2JgS&wV(Fj<*&7x z|9RrKsYOwIm#R~VTtw(iJYt5)H;Yhk;nj{vdaMP`ORp6#nof0iJv5e0*_hHK_nzLf z8x{L3y?(Ts)Ad9e=~sFmF}KxM)*iux{XHU9BhN*BokAR*qq+2Ndsb=ax;Li)0K~M( zAee3XIhXTpuJDXH?t9;cmY#jmh>IQ`JU~%hXnc)ETn^%lTx~>g{7ajpW^*+bx^-7j!%M#C{?xF1tYr$!GWoaVWW9?Wb4@9oz`#lbUN`XjblMu6b{h%B z4_^NBfd&&ghE`3E`|rfUh$diP(DYyI@qW~C%`H4ZjSzKxQBPhpQ(VQvN$M~M>?|e> zQWOg`Wx8DWAtJRoyvRK#ENMng;j5<~eeyEE>C^LS4$&x}C*7 z!c*lpE8s2(e+Uxtyxyom$qJ|V<_G^FuNC~};dG>JJgvRfVv&xJ`*JePMyqA=m+n9t|~!e)OA6W9yS5G!fBqIMFOx1h zHefQfAMW9c$F~iYL;TiLV5}H+9B%&Y%GP6ncY>cqR~kg!ZxmLo_hvlhzrOoLx~2R% zIn;#iETlDbH7$Y7D5V-S!z#{`A7EHB#iOx){oT!q$L*m0VpjjMbw;{n`Hen5l6wYf zh{%Vzi`-{h=$#mAq{zgiu!F$j`u5}(R~`6~+(l}c#g1ibu6WwC2 zP$lCk*=)=Tv#N}Zg?;=pNjWzHpH%DXtGn>+hEcr_mK6I%IOT-WQ| z8!xO|jZ|pDPPWhtg;bo@)<|M0@AJg1=cN|qsJ3&pMv4sppaajn_d09PN6?yT%vCm# z-?@>`YVT7>xiK7K8#%dDY>kQLZr7LeD8z3%QS@zBO541uB|$mTv2$Eja$WW}5Mv;J z9ELw)3&uP8QGuB!l_#B8qe||6eZXla3AagJ=-C5##!pio|0(GY!_)2!PhevDP%{ws z?`V;K;76L@j+R-=Nu=|o3bey^W?}tEY^Xw67n1;28fg&)9UGl=jk%2tyz(jUPK{Mw z3uMe*j>?gUZlr!`bdCEe8h3(Hd_YC8tstnrUtKS-1DM^nBX8ZH^*J~m=5t}I_JjY{ z-tfS4o&}Pw1V)#yf=fG$(GJ+~l%fv${dyr>&sp2`3m=H$1@)M{4v=?83xlz<1k?<0 zW)f@#EEvtZKlmoJTOA`$sRYieSDwM8euEB8@gl7b9M>Vv7wxe?9@jFGV4_;BW*Kqu zhiO#%=^+Loa6(~=cuUX<_|NxS3Ia7A5z1=82(GFjC)uLUCSVB_M=VG``}I&Yxi&7# zG;sC9$>C8_P&gzt3_phf2MQFR5k02+L;CV)q1YjVKz&bTDdT1bihdc?z<;pW-g{;; zvRo2?*iBM?lFw?UCRb|#EK}-4nR4Q-w7Jy`g0|lxuZ6Di5%XUV(w;H8M%D!S^dbkYfcstQzF!MD z#@mlF2cm&s{9X|06&qP*5)Eoi;N(gTf+Y+$;&){~uy{HB-D1ZOVcSq7hVNaw2Y zZ_-!|qN;&G=_Z|M(Z9M3>4P1PbQa&fS*@niZd_wU+vX$g@oI9St?7OCgT|%bZj%=6 z69Os3k&QrTH$p!rvR*AhHQxf?z!%kjW@#w{1IiU zGXCQ^m+OAzFND;!Ir5}~B#0OTBm{d)4K>(RNzY3`6ZP0x0aGdfM%!pBCekXTdcV-yxmsmr*BV#h>(e>MJ6;Nr6T>I~w+%@`O}KR;Y?4U6&<1eQ{2S9l zZRE~Nw{bosE)L$~9b>CftCogJCvj*j zxtSLa>11t(Oq?xDw!a$kdQkwXeQAl;uGHwzr&eX!P$|%XT48(^+G|9#Wo8ph6fOv- z8+j=$THU9ppN{rZruz%_3~M|T(n6-^6ME{I%wcO+>_e@cN>?@$&Bk8+G=Y;O#aJK#emO(UA{b?<@}AA#Un! z+WZS9^31Q7B?@ey-t^w$ z=DSaIw%j6nNZd=X7m06cwz7PXAobL#SYvl?)x*|s+w1xg4e`i)I$1{S+^+J@bB71- zIkV9ThwFXdJ>LvUYTh7eVsBL-VaCKb1cXP zo!&;Yho7I{XKx#192q1s*4s^&hhUQua;jXO218 zX?!tRCqBNw)JsXo>!A69{!Vi6=4DkVA{`br-en6P;~m90lbe=gEM4@<)Q%kj8g^yb zN1S`}BcjBcJ|w3LEuf1kni_7IUg(fM=9-0ro)L;8xjg9q1Qwa(d7D6xqP)rQPkzlG zTMS@(nGlGI;_jZwH$6Vjt>S}O&-VL6mDsO8Urtlm=TrN#;yZ)y3i~ffrU+-&DYFjP zHha^^r!4XD0|eY&jzZVJMCTvso*9mardYdi)gDOgVUC`>rj$#q%_XQb+Vqg}6#Gmo zDFo*#ARcw8<-vy#!eKm4hu!uHhI-xhfE|5b{0e|X80X2l#84cv@Tq@DlCK{vxn;)q3i0X|P zFKY)MV&zb(4?DUKms)y^8%Bd~Z4ovK4MO4$EmxMlS!xbU$en+i+RT&D%n6}_i;Kw1 zJ>a|1iyC>Op>G>b<(_Lacs5($DAYe%@GVU$_!(hbXrA;JK0UgR89sMIhgDf5#6LK3 zY6i%}!V(Tpkq)>pD;EXXD95r{Gi0mwH&~6lP7+tD^enr28LbLA&?W6)MVn9C^dxUU zD2(XFDHl^cOA^1H1+QmrZxh*jU%4;yxevY5td$nu{$3^D2+`i+_Bz{XyU?Q2s@F@w z9=7XPI=}$|y7%iQ!&f{i*Mbkgig)$07B`(VmhAw<(^tUK z$Bk2g8ON(*{w=KqbI4_IZi0GieM8x5)s@mRCqjBzR^7nf&w7#{L``Gi>r}QmW%)}y2GE_5~ z3cPhZwoLte^do7sA=eL0G4uS>p*~~`Rwpw~$M^G!suB(+P!~Bbm=^xs%|gSm+lytV zbM``=vXsF99(9R(gCBS=1fIaaKmXq!z8nZ=t6_XAAzi|JcReJYA4|%rm(DsowJ?s> z=lRj!yjQRM;8BH;QmX#$ELJ1g*y8)gR;?_y5n~MGb?&TzeYkTyTG9?+ll*3N?xEj# zY|1(-vba>YNTLAJoqt~!8~Vw(s)yx3oF!X<`1XW_K8$7n(Fc&q^C6AwvM!bylo)jK z$yPup90@fV8ChejCyO=k>akQO+EYiQ%YE5W**|`a>D>1-@Hv}_Nq?j;y1%5zVOJm_E+Uk*^J~{N(8eh zYGaa|2|AHUe4fDWD*Ci%ow;g(ssELN{~)NiFzgc2IIB4#U0^P_^0o@&XI+TKcwn3z zY;?ZIit%(qVdpm(c0=d||AOmFO+FgE9+1rjvG)OTpZ<84yxlN7DS3`7^8>kILrj{g z)HuksI-t6`u?z*=vytMwa3ztKviflFo>lGRfI63V%aKLT;F0k>Q__vP|1(zZx9GlS zZ_7V*a-}aeRCrSE-tA0OR2E+kb|F1Jtgi!^fS!CKXUqXIU|xZD`S*_;WnX-ax`_Q! zOJjCjVo4;kL}_qEmvJ1*B=LHbsNUR}wbAalu4O~5NJ#u#tZ8=@zJ@NbO(3vZD2kI` zx^AM<1f!+dpnZ7!suu{n`$Mf;BZ}3TB}z%QeIfd|22QQjXmq_~H(9wU?c}laPO5yS z$2N)gL(+wcO?f+)=jDBCC#NGJhTsz{2oG=LvUzJKykjHD(;PHkF30_WuQl@<8-39f zE_ABJD~%2n(FgF4Zy@jy1~$ZRoB`$^9QfaI4g5@;2!_@&n_goM=jyDA-so^{+0)6e zegE!*6fuIC#yyi7gL=mG#3@IQ5L`%g3?;hnB*|#KEgUYRM+DDVuYr^O+3f{?PwJsZ z!*Ugc_?g)@*%5LMwJ)%{DPj4&`uG%I1@j+t%tSf%{+`Lni1Qz0{U@nyQByeWMJp4Y zR0sv4&Ix4UO%?SKIy>-{F&%WFbaffx^hR^nX^quqYL|J@gT7!EsFsC!oQyS{T;u2t z(4*lD0GVM+v7~RslCk{?6+*6{sS_?L?MA~jm3D=H@KWGCHc9zAEMfvS^uHj80LdY; zX+xu}fmlu|y0O$mi@^1Xkx}o;{jL{(v;h*UX~7H`@4@~7*xv5q0GDZq9La-AQ!MBy z?gp^AW7nc=ya!@B&4c#`?e$>nz92e%qWSB0{^PkS;8~vdp2SwDy?)^*0MYUt&<`qq zSM|0+pp<|h`7K4BJHVz+Sa|H*RsWtmvOkf`f0FQ#;d9U5#qftGL`+9wOm&V;=u z$7iP^ll1X9;IVrNTv!bL(_;R|pL|1=0Yj7fbu-*B{w(kh-4cjGji`7h;krxkAHVz; zPv=`r1!(9TkCg@Mf1&6<*!=`n;yrLn)X6yKZ{Gn@B(a}cI5@6z8|v0xbr!<-gl0qV zgCYm+&n?=&>XXn*Q?<6*)Nqq?Qd{x?X=Q3`skrmEPUMC(lEnlAf6(lIGwVN%%-^m? zgdq&ihl&*Pu2I)`Z>Q{t5GX<;C9f_B`Ck~}^hfea{lGCsfq#yyz5)oH-P#7IFM`zH zaKve8DNOi6Uljhw3l8^-l*dIlOvZyG;7YsJK!d(Y9GY9CU5PxLZir;w>4kK(0mnWhLzu1a++IMuS{^)G`0`VCiM{*N7=EK zxRXg_HK*u{i9Ds<&Dq6;sd!MydN9uV<5NiZiEj=jhb@!jAQ{Xl4M~VAMTEnCrU|?d z)@$}_bMF1Sy5;A4Zw8&y(2fUgc^+WPq5s3J|MC_5OF(%eP}l!LKK@gVI7SeVX}Ct( zo*eM~HvfUsjRrO62gmQQ`;P}1wg}%hQ}|!;^WSw=fCRV&wvgf3e?IcR%F{pI z)b~^iI9N|_(b^&Z%>exK8J>#+w+Ors75;a3=CA(g3J(rR`Og2(l7A5WujuqQdj7v- z35k71>x93Iz6UDm8R7VQgqh**e>brtypKkcmq_^n<^O)V|GDbR0O$ZJ zX2j3mu+o2fbMf%U!=@*@pYOK~*7Lk4z9OGsD>;5!&35G zq3v(;a6B6jl-*wim2$sL;DEyN`2+?33zxpH~3WT*(DJnVEl27b379=*VY*kf(d3-=X)-oI;TC^%_@_RISE?x$U zJFy>DpkgZMmCO>A&$vW>k6sGNfch66e$F{P9D6E~ zy-bAdWFudk@n*tgEKB4~R-N|)47k-ZnC9V}-PL{4Wq0wCYTmjN@jT~arr!&7q}2a0 zyZ`4`h1xy}riFLNxt)gt(Uf)QbbHg;@fHj9oE=7Eun1V7^hh(HAuEQyHDzl;`_k%C zGJcrQv-{Uy1m_G#sGh-NS0z1N_l{U{Zd@#e_w;d=YC#bT{Cg>1?j{)ft5*}aLT z`~^FEq$7)6tE;Oo@0#Q|D@`Pvq213&Ba-0H?p^*FKZwG1OgdQ1#+^~xTpVz6y6#mQ z4kifxk^l7;OW>81`A7aYMw&v6-#kvb5HvB14L_dR4)i#Y@15cHrEq2&_6=UgL7p*i z$9#v+8f=ky&}I&4s55$Yj07q)GXTGaAFubhkDFYMQLi$NlEyW7fHB2e=4B)HRU*&$ zvpC}KxxBv!BjSeXx9$qVsoe2&my9I`Nla3iv&l%QH(Tj8e)|>T z+`kVO+@GKB3EBpE$uOHR{??Oa2#RPvEKoiW@CtsEf6ws)Z`QGkAcU6tqVE@GzCs6f z1%=aQY`8^Sv#X z3q&?}WdEHkXKykRzxFD`+=S&3MSCKJOZH`5D=v3ei0rBWE}(V|hiV#u+N??UGY+=G z%h{Y6TC(zYEkx=U)HJ?70?`6%c+h^+!vtxQ7-%fR)Dr(+=iI-V+Bfuod$1w1`{H+R z@nxYGpsHr^Mh5@c9ljgbv*n+nfrCKZ>2Qe*pUo;N8yIRCnJp&LgJcGv`XhK6?4=+) z4Y>+GQ5A|!UlgiUH1D`*jH6mCH7lQN4p0Nz)TQRI#<*d(BiqC6xBC3jaU?G+z?(ot zH&x6%jj1Uqsnmb~nsD?4n-ROvb7%I~dZp()vE8qqv2TI4v}nJB$NJ zf%kjuLi6=cY=+G}GL2@dP@Y^mmA!Woy_htKyigMRiYa8_8j|HIoiP?GgC|v_G9v*9 zO2axCs|^5M#$|E{Na6IP*r1!QGbaP)%Q1<7~G`NL+usu1p^RnkqoXHAd;3uFBlPsKR^I(pL() zT+tVGHe>qgbyh9K+D$qtW$M(N_FEBB=1O&UJC1_>&+q1M(D66DAKaI{9eUG`8n&IP zS~i8!mc6^f`P1IJ$uw7svOY+7gp~`JHHFz87(BDdp#hp96xD0YzG=Cv2A*`Sx9F?1 zfBXP{ztA8x=UhK^;RrTjH9Xi^eX*;`{iW!L&>IpXpWQw0xM(*Zqmb=3^|>TI?C-&@ z6<~*>G*iz1EY{7T@?E5$mT!wknho9=4#J^Tm^H>94;4=G6=!|{63x=X{mfD>&Wr~# zCL6NJNk6Y~AJIuHfw=iN4#!pSYTI92A|FmembfsV|T@~%<$ zR#4O%i=&<2*lBx68id2m)tHjL08_XO&G<43VDOg)AVzt|4Vw}%%`hC+`Hc7olUV&|<|)R_!F_f^`iv*<>o4Y6QAFJ7_IL|Af9pUS+Cc{ z(P^353{vuDb|38wU>rEJf4GGg9RWLA>SsVLDlgSuVLP@5%BAs8g~Z=en9o>7oa3_% zBvzTojM~5y>eN(LTZ~BqsmWJ14fUdFz|3whoqDC|yH<%>t7THRGCJkT1T70c4`7BB z*|iL|^kb6Uh7SmH9r%bGFL3`v<4FvCfuYFLal8Y-f#ksEZM)Q{j7DW9nFv&o;KE9q zD=V4`5NSbrk;c@cNau^h2egVygxj*=8$O6~G4IuRmgwl4N#vSObAoV1n^{G%Y1B+B zn>J!N`9GL+|5`59w1SXeQpnb3msu_idNZYuV8T2c-S0A+7|xXPvXO|Run1(hhc7W% z9emEfbvbLAZaPxr(+^}>kLK47yn_2Zg_kDiFK^rh-1KZ-!mH6&D(1 zGhlH9tX(fkqvgUy*4(vw}^Kz zLkd~6T$nufu*679KG z+!w{L3{Q+s$TkkBFG;qJXIe}+e~O|1a`WBpF|e4SNl-*4S%);7_eQ+Zb+@F9nL^-dsE(puPy|Pn zhSJeY_dVy}QA=#mOd^da^~PwXx8Xv-eY#SVVCG6B>dkAI@ta^}bb#{ZMtjPKi*9QyqU z-|+eST3HMt6%l2YYdq8;S`BM7fq6zv)fk$Hhi!JINfn>ts$p@oWB5U;0!JW~3?C}x zJfq-B<01X3pxrPUR@`TEF0dgidOMq{h>g(MlNvx(`-G&O^sxym#; zd3VV|AyDFl_AE7K%Jt9JXkHcO6FvolJZdu7*OPXH>$5!sRy6uF<3A#Fs>leHHV&K> zE)I+RoppVIfrxz@Z>JXj z;Aa5;Ej3uzjkS%(XnJvZG8YozfRL`2ZYw$Z9J-wrIK+gMY9l8q!=9 zvN4c6lQ^_}chq*7807$Lrk*Zg+sPJR{h^TC|5KqwLzznXd(24lJ+T9!`E+sgdERXd zm+6;SyUqSybapLb2Txhzo-pEgU`5S*rD~JYVI1JKONl6Q70DiIC`{bOdU((>LUf|7 zw2xT5$Gp|N?u{a8shy8UNi|Uqe4$5i1Y57UWcobh}*B+$)J`QMFd5d;+~eXDjlFLup!q-|IRrzf@9+QPc#(XOFsc5dW=M>s92e2 zGNiYlc)HNLOZ1bw1L7f8i~JNOTqKe~R{5AIDA@=1yM9i!2CBjfPg-Syd=dk)P&kRckoU^C!r^kc(m+YKn zg(#fZ!%p2stAm)sO;*u5&R*ITlJ~O}!Yoj=+^<+0LDMrm?kzHdo*m%nfQ9f>qnD?^ zoL){`ZmTE)_RIDp3b>TG&x_TdklRX|iWWoyR>4`fVN;u2LI2lmep_Z7XRJh<20)h)e3cB~ce&{YO*FBw zWvi}3ymC_RL3ZdE)x5vHK^Nh%K@(3O6ILb-ZjR>tcJ}wh+I8}I-rU?d?O8I(bzqtg zcnt2FSm-IG3(n|trPE{+^A7Kiqo$9gYwcPnyX-F;h?`Y6pK8!T z#ilX5Z!-?2(QQ<_XPfAcDMW8pp9VqTWyC zsQro}H5s<9m$Qj8 zt}`S)NbU>t)-AllVdHvT`17?+6i|4?;#LMnQ&R#0|Z&oX_3Bt?qjrAa+AZX|i=UuwH`gky} zbEo$Wp8zpej4G6$9vy%3G!eoZ?x(Hk07DreI@C0RlzeR-_l_93{?&w{ zbTCdb!0;Q}2y{RAM3V0F+s8|ZhqUb^vLSg8sH zpLamHF_&sWjQUd~!qPcNN7_dDRoLAuM}3Aft(%D$NUY}Am%qm4Oq@0cp!{%O>)ZCc z89h}U$aI^@zr>>~7l&i(q*+TGTT-@bzf)w#RYm2=Z$vBg*VK);H@ciSKPrq$HFXMt}+$#bPABNFHQ%u zwu*5qV&&?GSB-fwNv&&U^7&Z@8))=TiPYBGZjp$+L9ijuBnPlnlUK^hq{~-io#W{9 zJt?P(RN{~zEy~6Z9J;MnZh728xI440H7uY5cZ_lO_TY3cav%tFHnv}8o!u+!ahqF~ zh4d=1*c`Wexo+m>8*PQ|EQ9ZpFLp3T`m`^dPKjyLJy=9^nA&jQYMLOs?>&jUr_l@C z9u~i3b%@M~hNZogNftrEbc-kCSus*)unr^4JvG%EYi_983^XCCS{MD6PD9_uAmWv< z=`MYut0aJk?y0#qWxa7Y{LK8hLOAp&VknudD@mnHkPMf}BNUjoOFzvbN)n+0&y*L7 zZp8hkIU;ddSiI*s82M+uBP5tgjBb+*uGS|m>dnVJKJ=-1r#sD!p>)a9{$J13OjiQD z0f3@UTcrfq=@ZI)UM-E6dxa)C)tyTZrg@oR?902DN=hS!0zeye?p={ps;ZPk3)>31 zGvgha#o_#Xo2)}O$k;z1=4lfD15SFz8+5v{R+iWOAcG#62pBj-ZsNsD$~3nQ$^vm> zi`u4&nvqI8mh&TTZ^lD9Q$!YnZ@_;?Omdwm5@h#;@)`LTHV^FCa6pz?ZxZg$IZP*t z8E$6Il5)FH(#DXc!uc*jstOr>k5)Db)KvT6X^N_8Vmp<{{<0<7VqwoSI zd&aSim@6I8X{Xb{dcx8CW2Dux?CH#1^bp*6js>Mm9G>Mp*qcZV*8ki*G@{6hIn;WorNt@~5a4Ps_DI?1d0d4Lnj)uxGNLc1c zx-rYC^$nrxAdim&)4N@VA-~*Z#_gNaCX~^J{WM6W$%yWK$oz=L_hEdcoNZqnF_r|u zWUmLeb1#L~G`3DJ*{=_#4B?m#`GO!f+Oc?JY1HYLcC^iV->Da@T5sHf&?{}kToB_P zZj#-3NB7Iw%@c>QcMXozYY3(L%)eLBW)g+uRF1B612I#1k6;^`Tgmwn&RN>kf&HDu z^SG*^VRw$pz%IZ?I1hrBUVfr1=xq?&Y2`k|h;G=t;3g_>LrSr|Kf)_mMSnkjDpn@% zCKpzuZNvo2Nt4hFOM#HOrg@l<7d%sc~; z$*gLoj86_s;==u=-TOyN*o|)I`7CIf|BiOET5rb2#7&{aygX;(;=X1CSNaTEsjCVm z;W*5gHezhU6h5@M2tT#>D8JN^us9$aqpX}iR7qxi=0^B?J9t>v~%Ca_w@S;xW$*Cxc*p~+{%rhss2cQ-BMpcohq&UY>XaX?caVcPj3JEWW$NYDwg7l=barcC75 zbsc4G1k?cBm$TeEooC^WD0=lQV&u(D!#=MzEF#u!Xo#0O3E><|yeAa)f#}z6CutNFtIDSh9PNh`si#)<{lC1mHwdGG5Vcj%S+?Lq~Oq({_a;{SfHv zwslSW&31+9E!myT=m8k%5nu0gupoWQZ6hrv+dTZNhY8V{u6gCYsVge_@c8sR{7=)i z8Oqi@~i6xeVn_=Oe%~ zlN<$gQ}BindmI-wU;R*YQh#{Z@n3y*I6rsJ0Yj`IxsmHtHqd;{KM(GayGn1q9j}69 zxfRzaWtUoA=nhrA!H^r5Y3(%r}y|Fiu zc7jbUHS#3d15d%reygZzJ64dUvQVhh>Tl?(}Cp{^X&I|3OXjm^Tbz&XinU{NP4bXfkQMWlY6I73zr;!xp zhQU86bCNvHICu7`fiKj#GP2nU_Ej*t=c26reYQFq3tT80uZlm?1rBXyo(wb{fC%HC z<)yR2C6IxR>+J9w}kN+RKAU&((ZR!PYLe0k?yVeIAYo2wdX7ir&zt9m2sfU zwFoLHZ5zg|K9aCKXrUGd)ZLj|h!b1FGIQqXP-X6naeiolaqcd3cH+V2 zAGC;$D7FMA23Xs&@v@gTLCm0Aj$Y?~BVe30u5>76EK)6trA+r4 zORI7toS+H9o84z=>E<msBiPWoRNPpuaC=c zNV*S0bpqxkN*uUvhEVrfVKRJA3~}IRX-fBoT25&=$Haw5nN}r+4cZ~e^vwdnao-49 z{2ZNR0yHp=O3HNN$(HfflB+@T{(-Y%-EQnmP;zMgL;n`-yrt9dcA7`m&~afdIH>JB zOnazuvnc0hjm)7<%=NcsyK^pXt$Y>qhSS^pT0#MWPNN+l|bF@k)g>7KW~PdyGrxDOShQwy|%6P8=ky>8Q*@BtGQ zT~w;l`SfJ}gxt;~eupXBI`N>uIayi^Y`+mfEpyGB@5z6P@7lWjB)$EYtGxllnZ5RC zgLz0@w(41p<%~QL{5qfbYqYuqv-tUeTYQtXDhmjh z`g!&p=sAdA)uyDc09s-j3Hw0vlmbXE#g-yWja%dtold7LCw1ttRAyZ z03(~4fzfkwvAa8bdd|+g@QG40Fl=W$H(KsvWLQ&QjQ0L`L-vsD)J0GnSHC5(Cyz4A zsAw{x&|?)m-E(H8sKfuJ3D>uJGUc)i(&^~T-u2X!Ei^yvU>y-{mt`m*%kugJ>*7<< zGxO2Th>knYtqFt0{Z%3>C#sUF-eIITrUH23sy%f+AcHKeUtHsu9un2m+NU8m-`2ZW|?crgz7CR`o}v%xymM4L$vl2cp%(8`_r zShLJ{v)Bq8kO@zw_#k;!bFc37mT+G{JU`vv?)V5E(vw4a+(sr}rpN-0lUU%%X3nzI zNc|-`E#`N@jE*@n4ClHTR7wUhDC#SVwYFyau>Gs96#VJcRO`;`cY?fr9dSi1#;vWAv$pmx|P9E^vqk_WhA?{mht6>8fun zCFwd)wn;YLc70f<*Qez=g>qIJ?Gr;>@&gjN-vs!E^FuXs@L3c@!;=pXv9ukHgm>>o zJxOT@-Q&>c2gztl&9`KGL9lvBN%tvExm3C5xoNnO@MY`LR-(z;ai2Bf9xkXs+uc8BA@V6ngeW{ye&nGc^Pl_w^1kR4?%nwK zqW$>7VslK!K>hT&XF~pw>&XU?8ngqi3g8zG5ZztsCYOi?vsK#t=O6Y_$x*75$3pA3= z(`PZ)K3|~fGoQuyAe{dLn%DSKELm`&&0-7n!Dyz;C{kIKcf$VgT*-V340Fv6Bf<67 z^XmzogCRYlwXF+klT`;B`yMAgjL_6yz-adx^->l+VSnp0!9@0qtRR$kr+jLTaUoq$ z0E}~>dl62^K8F5!%wP>Yfz#uP*jd^2v^$2}R;-&j12;Ye8_RKyay=4~Z(KQ^k${3p z(X=d<>J5=YJJ>&m(H}`9T7*P@#Tww&&YguaVGgcWYiu>6)VadF@MaN&OZq9nWO%Zx zBDDu^#?>}K!~zq#gmg0O;@LI>PirRNS4*2`k&elc=PN4fzH;B>=@*sq>!!3LaHh`G zN{oDpu|D(soKMhw>0HcAt!)NxHa}5{g+!{PWqa<8;@WVZ+1gOddNKca&(iLUtK6gK zkA6ecUmi<*aN3=B178rEf}qw?Lj1Z~ z6)7=v>RPqQ_McX>HY=Tvma_!e5}Aydz=6~KZqa?c^Cwyn^H9c|Pe-id>Uxmoz$h|z zr-u8+q7-@3HdRy`VtUoQm?n>sq*jiFNW{Uk)tLw{ITW3D&3pv_oitP{IRf`Vp z(d^F=Uq0^y`?2am6zo0df{JTz1R8x^q7`$>kLGkyWdOf+Cdi; zDin;k`99(@r;avSB3+-H${p}jwI-8(Oa4I2tUZ%LoaG&2KK&Nm3Ux9`cZO-&8V%jd z&AkiX=>piqULR7TP3XzD|GAXcEpgMMlOAXdCgZ2OQkE4HX&7Me5zu&bd}o~hlUFbK z&vg>fS3XaAq#CrGgmiyuDG-5(01}Yqkb%PhN)KvW%XW&DhP30-uWVVZIm_y|(AZ@B zS*ve<0EySWTA+l#UNh)h2NDR!+{q#T#*(l`5uKQ4JcMTz1bcKFNw8FJTQ#qJ zYVOBRFm8e5C)yk72#T^y}FxWvFSmfvFmnS#$1DF%MLgqn43?3FmWE!gXdN0NQ#RXSJf&}DvT1O z#G%HnD)tgB@z?{H>zc(GTvfDNH$lrl+LpDK}l@>rl(r^P-XAnvgY?c{FjWjIZzG|A52i%DOg z9tqzF`1%er;jO5Z=@4!kL^by~T8WtjCLxqQ0$5uv`D)(0s)JzK3OP3F6qq!XV@$FvU){MQNa)EOjjOU}NPv=4d$TF&c;q zJ0)79ov$PBDlrNP z@FYIj2)iRZ$3sAU#_U?x++-Nc`uw<`dM^Z#6Vy;^i@6+6vxTQyp|4)3l3O{+1|!MI z+or4U81aJ)nE6D@Pk$w`HFz&OU93Z{S!YqH9_VKohv)+0WTK_aJH%9^kkL(QDbTqS ztvyhmFdmY*Uf2QB2HSSgRN~uXdO5fgZ80Xg2iD9OL+LotHDz})b@edn!*;{&t8ad$ z2wt{0>{ddKK_k}9%G9d$>(olkvxFDVUeT!aLL)!HkLLh@KF~>d#n_+K^7?2qI#K&9DcpH+8u~FkhC@bbO z4#jJ<{xJ&x*Eo(2s@!_#6i0LAn(6rt$4qx9NgFf}es{bs=k$WoM~L54<%Q?0x8|KulF@dMke_k>{~b_QoLDJe7D&SPX^ z1>~pAc}|ut(WC2k&m-7!REPrbsF_@!c2|!K%`kY8lhWL-gmY(Mg|IdGitpPj6!UN ze;AtQB}xY!$4o;IJW!t~S0C0b*`)4(BAece)wqVE1fbf(0w98_!=6e+)A8rYD;Sk+ zZhhbG>G)h+2b??EcaXkul#8euJg+IVD^U=KK_<)XZx~m5uVR_sZ5VCJZhvAz&b(kq z-paclV|Ly+U#^^p|D7O2MSuioUJ)={^&D~H#+&(@3R!7o7o^+*s-nD%a=APTZ$HXZ zqGcywQ$)p+fGN?vp-vseaL@FbfJ37p#JgB4>z!=E@KWU4{=9chSz8?N?=DcaE0Bp9cK!_Hb^zPioKd|J3Y z$U@^BM))Cbp}BwUu5jm1FfnyFL9;hexS;BbAg^?bqahpoTIE>6pE%oJ z*x^QfE#pkrmhN}ULiqlZTEKD%8>&T)--tdx55?=b7pC6Ijr?fl%Ui;Wm1X}igW%4j zHRsUEyjq2O6V^&7>YJ!#4Q}o~4SwPjAj*`yi8YS%*^fgsEcd(YkJtm~B3~ zHN6u1ADHd1Q_!Xu+$gVHnq7VEZIrRi=Xxz-OGx}o&HL>T>z;MnT9Oy$ax7)wM&CV#67p6EBa!fEbKI%imY)c!op}JsSlp8s3 znaRtLR60CS0YW@Xy2*FLcf7-GyaReUFHdf+QB}?5#)i^wbq8U(eEiGJG(d{>;EUUg zgmAve2~?yvCeiB{X-x(mJ1xk@+F9#iUYwM2W0l^c(6xEHP3scMm$uYN#R0`0U+I}J`lnDS(Q$yzSz4Z>y)sv zBab<*BX1&k#*mUNPzXNC$?N)9fT!r8T__P{LmdW4IvpdAP8+Pz0^o`4%pjt94eLy1 zaajZFxUJ&eMCWQOEn?I_@^0rl6{DZuQ!i;n{tUjKkLg5hN{9KJ0X-%4xx!SM+QQT; zccqr#moo0WpP}D&jp4YreQQrT$0F<^=5dBVoTNt4Xx$XhLNY!3kg)$IkjeXW->e-` zf;ZJGHF|)8W`>o`_e0+YXYI~J7yLObGDO>wAxYLRvA;M?R)do$7&Qm>XZ+?Y^4Q0(3i3x+2vx1N%PPA}8gt~_W=(yj zmH=7_^!{BW#?FrA{&KEba-8+)aNI*0?50D{ef$6qQVbDXSqOv(sBmWqA| zfh;&I_k6AnQhi;g-Wd*kb}}Lb-0Da1?O4LE{eevziJMfc2ga)r2SVACbLTlAV*MA`jf;S_npTU- ztxdo>NzG&zHX8Fddkb#U3L9ueRi)cz7lg^Q8Px$<=8!|iGB*0dd>d)~azlm#Mhwj9 zsjOXpy5YF1Pzo=+IFd8i2OO15YcQ2WKDLRXV-gEFeEB{6Pa(QIa#Mc@GF{>p025V8 z(rs+&w~;a2OW#V9l$B^VE;A8#=8qPX5uX*lfbGl*5eeIPv1eaiCX@fPTFS^>2j#h1 zCe6Nvck^)3YueCuAdo)oDq{P z_W~Eh@0{hxQ}jacAg_Rmf)THK8TzEQUWSFtTY_aa;fE>1iwOKZd^FL>_Ax-PahZkM za81Ldd@&`GC8VeNM@H-R-2m$NQU6t-ci|?_gOw_q-Vkqct7b>r2f+rhF?!WKY&jc) zN0=oVr#X%6Wo&YUHjVT&qJ=%}1b7o7SAfQlp1O_%7mosPXt>OuqZcThPX`CO>#}Jy zg%#e_006p)h_EAtP@+9~9w24xx(}mJm~Wskc-i_Q>W;8mrz2&Vh4Vrl=bl`x@}|0= zZhq}}-HTv%sP)=z^6nOP7qgK3oo-q#8)#*(Tpn+ta-OO(WY-c|-s^KbJy;XCheD&~ z0lCH0c9>w<^S0!VxBBbyLJ+M2)SE+kFteF=rJ7jKfHM!r*Dx|dDbW3$w+Pyr9y*Pg z0!Q_^yBk$_e3UR9Xy${Zx|ECdpPib)%rxkWREdEDlHGQGVVra;L9k}SuR_V)U`GU5 zh#SmLRbwY#&{ex7!h?s~zD2fQSfv~$2>ZZ0lY{gQ{;=|0gm2V}xlCEjOvh@=E9S-* zqf3TTs>%_8=I=)FVoxNCW|4-KAy@0x>OEJN!f9l^3l*VPbCGBWY3hkmczE?m)*T*W zGu*66tbeglH57NpdY!?1vhQtMz&P%cnfgHh+F4)Nc_AcS%so? z?z{;=4pLc?GmU?v(rX1yJ8QGs!_(|n{ z{Z~4|pnl-K?NRc>oZcX%3>lts>JW9Ht77)-Et2C@dep;ekt2i!2(hgizxji$1+o6M zd@b`3xOk<1uaBoWk}WHEH|j3F+ywK=vz*Wm^rGAX7ke94A2+Ctqfc>llfsBeZvt-n z#qHy%4^Z1fSN60)TOHcN2ld!bX{0V%lsbAEf;Z3ti=7{ZCaF5R8mf!8>gHXqx~a#Y zem2p2!J3 zTHm_i+O-&b&npldxCp}VlU~jfKCkIkKlpXT`Ws<--n-VXwGln%>72Rj6A{n1a1ra* z>Oa81@(AQ7GODi{yU@blB_tX}F}`$m>tmMmnHs*Ynf$ARw3A*wrsO8zI8w8>+o`=bvL(YjWgReWas^s z%V5m>UOH#T5|8^AnmDuI;0o%?BPmn0(f<7IL{geb4HAhK`&ibRyQ$YCK}6aRMA^(y zE_uF**NZ-dQW0mPo&nf1I|zCf64Uf#Y0Mzy`oVoyz$NkQZEGf?BwgIp#4!CwZ}!S2 z?^IdG)wnNmq(lf;gOo1JM(DyyO?YyZU{D+m6#lE^ z=G9Tb{2>|qraI1jFM(zms$Q&K?eH?a8-tr~Cw2kk?S?Gx`h-W}N5zzpUPfC}N#fzJ zV6ej@1NYbCpO|IuV`qH=7rYM&AZ9lwyPiXm9+?i@~UpE}nx=?pYk>*ph%;Be*B{$&nR2JD)t zPDzMR1dwM_$wEob;Nr;fSN{+jl}3;{yZ%E>WpAZf4%1Ycs}Y2Kpu>8Q5G1@MiQ7AR z@gpd!VTJ)ebM(pF1$tZDc{k2nv62qVWn7R@<>DWufwN7d);?X>NXg+N`hX7~djL@| zAvb=jGSLU;GOh)*V#=R@39PuDM4n=AH<1O_`1_SB`7N-?bTH=$icrwM*Ir^j5-pR= zeY#ge%ckBq8Iitg)B7?;Qe(2xm*Z1)E;$S}kg~K-IM^>&so9(i{)MK1-_@-(Q!s=+ zI-MSOFGYF{*1oGzhHpm!Q+2wrf`!OFjR9FYAjCW@ol@JUFMZHpCZWJ0ejX5OI*;@24lq}smz|mc? z98|@(-98aYrR0`J=)nC{-R?l<64>y|-j1D;S+=}GC6cMm=c00tc4{6)W|w;>t6xh@ zs;8_ko(@uf+}$n-J=t)FU(Kf3@j5{jl*p%zBhr?OyUq6X=hYK=McZzV%yg7F1iS$Z z-(Hm+{y2N_(cgX`wbZb&lTzef<-iibu(qi@Z#6oS_ktec*c}ETAOVddw6Fl zf*AtE751)^O7n!RRsr1w6;>F+Q|E zLKELI$~c8e4R26N*2)~ih%JqIiT>H%M}3C4ioJb4%Zv6xl^=a&6$}*9E59zsYr*Eo z-N19*K#4HgGbJx|0!SeoHO^mZ`v`RXY4{T#3`GnApwXle_Qtkzbya22P}|dfA1TL+ zaX|O=R*=`M@MXmT2p+>E<)?zF-8%e{D!lK zL8Aq$@*P)hvDRSpc*;FVKM474{p_auHK(n^$eUGSSgW@(fHS1$F>^rZ*EoTPhGjLm zjPfe3GVP@{`>YA)jlg}CAhM3*{A_w2-H+pUHv;3yIw&6xJ0qYzn!NzFsp-kFaQ!}} zY#hK3+^|I*dPGqg^fHTq&OFq@KcGl`0R#wg4R?o4A;|T)UAE?0_}d~!BY{wS?MzEf6GB5icEE`BwMWCf|bT)X(aZaw{hM1;g9$z z#gHmcx*aSwHZ4k1XS&Sa#x_>`GSOI~`ZITdbtHA~s$dW6c_==1lQCJ%+sBw>8J}EqWz8rA8o=DPApr)+G6= z*vxXS7A$d@Dt}aZmzh&c~GcyQvmid^&N{Je4*l&3By)ZLr$~!1JU(?eF>BBSwG?KQD zuSFL0=RJej3Fi}=K(*NFuy#b?074G5C6j#uNC|mZ(kdFTTFUzfZ$q`ml z0@ht?mFuWx=7cfF@hJ++(+hq6msbSiPqN!&P##SEUT~J@T~bR!6mg6t#HC z`B<`&EErLuNJ?=K-?+W?DqO$nAi3o%&34c4a4bZIMhH3M7k+lO&x&i+U|s{)ypaQi zD`V=KJxf$)K%wt!orhZ=nGz03Tz{r2E8EZgQ0J4{667)Q&FWt`8O$aupQ|-B#=~Fv zXi^h^8f{v9t@X=ne_9Dm<~TfXOkyliuY9cqt{rUc$J~6<#@#-9*9P&e6QrI(=BPl9 z_3d3h9>|?-Mwkb7%UF0EZ4{Tc+z2LfIF)9W@d{1gGZz_LddMug3hQ%XG-2qTdjeJU7PDHW&%pGq!x z$G_ruz5z5`+h14L7KL9%G>mz(#}BSzzLmks>Lu@XlfaFH+**4*W=W-;Lvsk^9#FcI za^)zO=IVH&eHz;qe4aGlvDVCGE=EEEMEY2{MO?*9BxPIZvcU6^S^f9T=R8$F89~XU z-(mvxC!kRx#sg;ifzQK__m>;_`(1=n9!r^#K}Z*-$=l@{7wJTg|MHL z*4^oBd1QyLh{;2)Q`vvO2N!1>d>aRBy?|UHJ5lw>^Zi1H_3+Oj0r2q6UE3CS+cF?0 z3*YoC<>-AU2x#ZH#}j-zQ#@=GtUq--%~es~5q)#hAa8%e{46@i^WDd+9hiYU)2Wk*C7+U{5P5;T&JF+%Aiv;gA7e(#wRaH@60={PCR5Fy|TL05Qwaw zYmNqS#n@Q0pD3B#yDpx+99H$rAVg>U;b;NP-D+9ktF`BSM`^*uE;B|XjX*iK`7S@3 zA?>ixu@O_l;4(mqqSIDvGVjR~){TkeS9k zwZwGxCgL9(xp3VFRXX}t#;idnK|U!%xe-8u%dBjYv>CLWk41SZL&-fHV>0LrZf;KR zxLAp`Gj57`{JfrGk15ym*Kmb25CiZIRsv7Sd!0Pp^CS1*Ra(5wqM~5(Q8HowIS`IpMJ4HWLTUfY&s3djcqzHq;YK}Icgo2^X2dEX=_-(f2}cMUy6U?^tl@6(9x;& zY_bd}{B1Gch30HvrZry`_Ub@L6oV1(B$rtE+)fV+-%AAl%Bvf&*G74^D4I>w zD)S6{Ve7B@GestEyo3oAC)VQ0u^FGJo93vdXurb9Q&hkMM9G53H7yTn4|4Eqa5o+HhIt4sNrF}ICJl3o(DkO zyqCqZW*0p79l6=ima3q(sDE_9N;umGy#I zYHxTdn>XJ0bHJvoo7}aO3-_d5j8J?AJL->=0BE@YWTtGjHH1^QB9waS%FRAnHS^eX z<;tmZYzq>Yi5K+9NTL%4PNa72W+kG-WN3n#vxE*4#6}?;C%En46)BYC#luhPCs%Cp z-iasC4SV^+4Zg6E9ZG2blyVx&&V8OnZiN;;DVe07(c-yr%Rv%Awn#_w@rQ*nF2yE0 zKL5HA>DcnT{LTIO}uKR zDL038pFx&yb2!~{rkvqeN6;J$=5&T$d_y~W)Beuzh8Ty{iz6q)K55pi&HQ~Su`MU} zgT#Ijn=zn?>V=&T=pauBe5Rz{5{Vg{H6k8b{M!za3Wq3 z47m1#U$qtY1-4K1SL;2Oq3xL0nIzPV5~tg+9EfUJd+JMNplz>aLq}G>%5nz0%^Cf7rgb8z1o*W1_kl`(~BL`o=mPs@S>HElH znv80%gqFBUwC@99k;B1=g4h7JR6bWTonH^jP2zfdeCBi5d_D-pa6fee3!ciGU*C9c zw(kNh-3}}iObnkCD`eswg6gnu+_pRCHi#xCExd7l1naWATBf6m=syKnI~Sh%&MnhF(1vGLP!Pno{P#es~yod?m~ z{TYplu&nY!$bCH#5Vb92K0jG5vX{3wL}sue`f{>G1H=YbQ(E?{nLH|QdvPFTZhlbk zMgx@~ke@39Zj+bnTnGNoq5t{EOALdp%pAv^-4c0iiV`I>uAlBoJE#|st;?&YFL!4k zZAFH!DjTVRaFM#I)p8rwcL9;*^|Dsc5!qW$^4p-+-HcUSJfwwuM(ei>fU{LYBn4Cj zPnGU$*?^o^6n!TkED2WIFpU8G-N=p;pL=<4ubQF{ar8YQx9Zkd_0FL5?t&`V01`=Z>vrb+jjIxec`wuituq`F@;8eqIhJPrJ&1RsDwIE?<6dtgc$| zuw|jseb&jG>pd8v%(mY^df+PRi6FMWFC%3Zck(e1V>r7n4a9U(`%_B>qek{5fXCx+RyTBmYj%WrvN{NIcN zu$?aJi#1nMDX-_8i&|0)Ss*PzDgIb!Ukm)y)<;e*7IQ4^i;a2wnd^=4+(hSy#SPcC z=T4XHyBlI3koShuNUzwi;MNwk6nx6$!}phVm6-)dlur~i?H*oCdBFl~OgYN~_P~>t z1}HB%cHOD}-9Z0yhX_li6?2=*P7gT+vwJGs<1{Y#XflSrQe+Nu(Kw9lw`L1-@|Y*1 z-n!=amdU8+(%w?{gZ2n&V8m4_o1n~z#(4!((ia2ek}OtZD{>0yFEUgxs&(L;th7^~ zR5G~ow+n?W0(?>T$G@|n|MzDpy4eV6X+?CwMruK$By9%g+702QeBBt3r2ajQ=~^o78d zwv`X{qsP{t6yFRhvYDf%i@sBizn3!zOMg}PFS+*rY--TFP;!RPyk-y8F_Mx|7cTAs z0Kdpui_8DH_Wxf$eWJQ<@U!T@-tfP9wv+(-L{09;<=J8{Ynn5c|JfvWR`KLY}G7CG)V5(H*L9(yaa7nlC<)3Xp8@R8P|Xm0$5UJGlLf zrPr1_^6*{xRS!a5T^jFc>|%`N4_)IO7(QaNVSgF^*#T+MahZk1V{_ukBxJ6_x;GKD zx6%z|?o7XOIq!YzP;Tc^Yg>C95Z83ar)}_n1}9Y#Z;5#N8|= zjqG~xmWBWKiLl_wx(pHsouT*sVcGuO?*dL;Prw#Brtg1I_{)zk4+i*HXvozyl7F-(NU6rE~7MlDPK4??lG`5Fq@gw-F|E?wnA6pS<~( z&x+fMfamnlBX5o4FaH~Cv?<8~P@#J-NcT6H z_9gP9-QNeq=lW|y(6FHY1o^Q*7P z_WQzg59m!!54BMQ{K|hQ{#5vYyB=20-1=R^7)y-WMOi*mUe}h}*lbxpI^eQN@tThx z7G~(_I%F6FlOLocyJ-q(?uxNwL3XQyBykici_st`FqCnBr=$X?%c%92y#P&BJ7<(+ zzveNn?LPCTvgzO}w(i*byodV*(mpKd(QXcSiJPi;McSRj=eon&bxav=otq-cRvL5y z9iF))`!JsgV9=6NhiH4j?g)u#mD$g-bAGUS=P#1FC>nD15QzY4w%QJvrZXGZJ1f(M z4*g#MR%|aR7Q6S$ZaGZx10)Vx82qR=u`~vhRx=Ut%R#SDlLtNVC1a__d%?WgQLZam zw(nN6%qpM3LkRw`cC;+Gtoho;Sn&g3q_isSZXBB|a+!hWR8@}voigL9cFcOPI#$ZF zn(8RQxs?Su>H@0&Hr-n4HmI{VKCuC-W3it7MfVv*>$^}7;-L33R?}Qz@c_|&Vlr?x z&`z7ds^#Y8v+v+auQk66Q|;(OD!PT&0ooPczH&o@PWVvY5v@5T(>XRzd@&bKEKWNU zp<3IGOQSj;tZl}>ZsUe>m6xYB8oOO#&M{{v`@J|F^LQOi8F2^XZSnQn{3@dmi_4`0`9}T9xn^ImN1QhDgg5H z;tEyB{*14z8c~^?!(jG@qWUvP)yonC`M0v-Dr%p(Z&VzcP%9bjs<+nVwTKtmMp={5 z2TSaGHm(DAWAm+*mD<65Ri*vyA?d{rwh(MMkd>VvAFv*6%>m527Zr@t7&P%IdUbJ( z6aR85kR@Y%DIRUfp!o$Co6D|?YW z_+Ym%M^?uySWp#vsdgt?w!bnwwUiymEV>Al7qRgBVuD;t87%IO{SW_qcsOZor2BY!Fc#4aKPNo3bHL+hNmU9vTAYeg}t!KOadlzu!9xheD%*A zQZ7s_2~l6kKuw0pURpG(zE9>&ufD|y6bRz8iO?$RGE4l7yOZ0bGzrj1VY z45BZH+UC8XS0NtRHy`VEMP2g?2JaQKZwwNf+!?2Ja|47q4JxwzpSQrt9oK%ELrggk zzGz;pXvW9Y4jp!uL!r631qrHdBOjG{cR2lEGfjXx)hE2k)-vq-fDGR(M7Gm5FZuAL z$x(E|CT6r~g!FY}RTGFQ-ezqULW~FG`HuQUtLSQkcf6KN2%oi2?3N@U?w)j@KO!SD zje4Nm^)yi{F-^l%7T?rYRyYt$(>o_m`a@=E-0^w2A}|C?TlHH?HYfZj-zK;UJUE1E z4qP6`h}KVDG!tHgZ%GHdCuabUd}IQClU)RapX6x(eocD5z(v~T$MF#5>(kATEs&$l z$&Ewe*{S=+F36U@2Y}m7sQmgA*mkc_DT?tDz$7UU%1x(|3fw){-@K1f-b0>7p&W#9H^UU~Q2@n+m^Z+=)bo@g&GdIe zRJsB#2IHoAqVAYquUIs?Vm;%!VKe&myNF~AIV~`?hIxo$sEtNlNGDeIt4eQ}H`)W> z&W4e51v?ScAV0h6pi-&w%kN)lbr0T;CU?@GwZHJE?ANvKSETv7iVT+$tdPw(=KYwd>@M_j1~o zgyK6Y=CuMV*ZqA@mXrJuT?9PEQf%kji8xD%k)On7ZWz?Q&x!epA7~vqhUiAGw>4$OGV`-MJUFMd`45NFhzB6>bruI8S`76^jFO8fRes-Gy z?6&Zacc1+1PN0L|xkPAYD=X!K)mKZUvL6O0hI zz%IusorWqjU8%FDu*+Kw$+t!tnHtRt6rqbt+qD1qsBO9*%zT-nQCs+>mZzCUoTf5KFhFK@CFZZ+&-Xhi4}=J_zT z-6lfNWue)uOywzdn5IQNrkgz9S9%U6Zgdj;iFlgk+Gy$F0j}~zrEx&Whc?1H-tZWc{6lTL4AE_adi`)A80!Hfy2VdXeJg#~y!xcLH`5 zsq?|{O0OV7?b#xD46;Ig<{@_NUH3=vlQG{WoA@Rc!Sl^AMK|=LV#+}))cBtq!oT}y z=_+!}-(~{T_3Mdk%9|xzdIVO2_Nx(@<1X8)!|$Cz1&N=Srq~+PcwUSX=UZ~vGOC*S z!B7(qRXX4q?NaawJ501jY3`%~d2E0g(I3a>DkBN1Tt+tSnu)KJ~4Zt z~sY4=`*S+o7nXijl5PPFp0Ub$X7)7 zOFE7_1%EFc`K({p7OGGE3q8E-kanWZVb9-h>N~vxuiWzMe!}!6rQVD196$;jJIQ{a z=exl$ox6`gV#}L$R~mhu@XU-rZ7QD^R{**RCfD$IuMnPym4W0Z!2v<4bsJ?{PQBS= z*AYl^l{yqznBrJp2zp88a|9agbu0X?% zH5!GA@oA)U6H_)SB005u4SQGa>oR3As`C#TOd!?L zvk;+tbd{9pwSE33@W?L_Kf&o5p|7BFKAzImRNFy`c9Y_%gXs~ExBy;|5Z1;S7=ux< zQRVvdEEj=K(4Vc+5xTtiO*0J9+H^v-mC4M1@OKt~khI<7mmg^!Qz1I%Ko3{uSH^H} z$jj0GG1H#%vVtwdSD)Z3hn>u6TaORT0>%wL=c79q-bk6_gUh{LK=rNZo~dD4(H)ka zG*ZSR=0HM*5iQ`V4vapJP>Ip=Ek&bxv8qW ze5#9Ma`62-fAVdu&5n~r^#d%XAW0#m~1# z0MiZ}hJRji*Dv?clOv8wm{7K>U~*$kYF%V=4!=!Cn*91=3*x)l2>Vil9pW(WkzEmd zMj9tkKc+7GVgc`EH-@K}$WQc1H#PS+eI^>^xs#PP*)M`a0J>sl($g(rXn20(RitqmfO?gB?QIsQvBE_Uh{d4B9r`Y-D`CqdcJhm&apD%fuJNAQxWH> zM<3|>;~a;c3u2-H`a6A8y=J%rdt-n}xeTSlSO#w_)a8H_fhI23EGhqE50%rM;Xpkys*8*?K zp@}|hYjHfG`bl;L9T@Dk45h6{6A*7#5e)eE%LQ%Ed{N$6457>08^~>q&y^b4ZIz3e zYCwyBa}je_e7iD^p}L)MBEPhAtF|jj)Z~tUoN5x2B<4*F5)qNd_)efZA^3bSjH$i{ z5g3n`JMA~Jbss_ONf3ReK8bGcc@AQBa{xC0eltD4fA_AhRaUUsz1usXRp1!`i-y2l zl6y4LXLXbUhAT?`2Xu7x>aPPsAxr?8`?DlwlWwOT5HSS| z3D`_c9~NXq^Hw}cqSW?YZ46;h;|3_uqBDp2*oTmPtOAxzoWy`r+I8kgIOgc+UNfz= z-)LZV2=6pv)#Z-K+K~=ZIOzx0=4d64nFjp3m5qbwg%-%#s+A|5LBeRw*rnm%-IpeA z?rC~(jloq;Ra2q1AlD{*7*FT;w`Df=3#Q?6qW=3q7N@>Ghm}j?E{N_Va|p+XOgb9m zNtz*175jnr@)>W*tS>6ax1lfPPLl8-ytte(Xrg>OV+Cjainx}18+C#;7dYOHuwLQ# zLRyUpvuUJ zd)@NDQ~^Vj6r+Iv=?OYq*+kSeA!NXUcR!YlsbCrb%g>XdptmoE()uwbsJFGfMdf1iweM@<61yqF5; zhCrlhCO-G6=_O8<@?^8?Mgi>7mSj9n>+Cn(vZdx=!W#ygPD(W%f5FbV)?czBWS4G% z*_ng8%EDfjq1!#FKkZ63f=^E~y1D0Q9uHGwG+cw1%}x2mzp)#fK&LyJ+c^V7HTM*xlZ;dPxG{d~;O zG|Zo>b=)dlY}|$%ybY%~BMIZ-je-?!1O;r5Y-pvKB@MX*@JtqS%;HW8zihVYJNYDAnWPWueQe=HaBB+9Nr$?a`9}$FS_k zT-JD6#=i5AP?R;+##59? z`{9vZE%mY?d`w6YQQ|fwv3}88;eRno``x$DL|IR`wC)HNN%%Quzcz)xEt_pxP2 zoB8zlIN2c}?Q{0n63%GalSuWKV?OOCU?@@?)%>La(LbCw7S8ZJho&}g78_F=(XPQx z&oi``YU|a|yxQz@hj}2G)6})8pGtGcNhX^5?uu=7${$s_ra&}1>3$ls_x?++Q}!G3 z3-;IFk=H(~1uHSaH-}nG@9=TGCm%RK<6_`?xg)})YK=9!ZC4tiYG?h;%>tz{ZRzBa zQutARpsTo`u0Z~-%j~wmr*crr!_SX9><&__UPq-nuNF(F4BVS(hB_KeExX63*sk>P zZIPk|G+JZGE0_CHbd;_#JBb2%f{GG0w}bmlcUEh*%swOwJRq#l)Nn3wb$pqu^-60X zJa-<-$!Z#!vV)H<5gbryFP^X3G!$Y(b59*t~sj2>P-O;I*yn4KE=!*HQ}pwCbgY zzqb3%#w4sFmqz}GEGf%qQ*zZY4L#&S@SNZ6yaz?pa#bfy)Mt~B1k8GdaWW?O07|M4 zjpK(c$J58EX11xX*!kTLMs~3P7-P*Yf!tQgwqG%+nSHc6BbAu=KkhQ%F9kMChX1ifljGM(+O=m`xyexG>XrJ#aPVQ~= zAI_w`LL1ZJ*x3zdNk&pGy)(;jlFle5v}rqI>p?!}=M{k>^hw}uN0jqQ(R1XeRbiIl z`bwFnv=4`a(cV}F);t(r%1Pz_^0newn;%nI-89ZbgWpO(>Dgk_n4Fofru}sj7)2m5 zF8?$`0a2dSIq)&#`gOmX(;X_?xtz@|;kX;6*i>pD(R)u6_7FW8X$z6n5^;Tx!vu^_ zXTb5I#<~q&z_dKDgTTcaSL6@WNVV?#+!rhB0aP&5XNLUFj^tchVAF-K=7_SSCj-C8 zhImY>MuXTzzT?HLTcXdJobs86RDNNBPsZ&4kQdnrgx`wkPeBdO++WFMu}kyziWlm8n%hyRHYMSyvw^O5)PWr>()W z^WQ?jF0XBw9DEfy>TxKFrO_Nko3^uh53Kal&`i*|a&haVMu> zn7GT42l&qgAE$!+SI`{J=C#f|if` z3vp)iiXZ?%Z%u&4GxKoRLefi= zn+JKrtVix8S*bCLHx%33Tcs=d<^{}5^$4klBYl_4sG0T*x(Pt{ zxp=h}%Pb+TG7^q}g3ZY+yF>}3xm;em>`*x0;dQv*!92{7aV^GR-;REt4~sRIZ07tz zjGeIeG=S#z-cOZAN@~p@pUp>nEN#yEq>R;90ZOz)vdET|Xm^W}2M>A4qbshM`o;*8 zv7&Ha*=`pBTg8pG8Xqmvav{@2ueqK2k8(X^d2Ihpdv*&p-S%{y%!rbbO@n^8cHZi=po@Suq+#C)@t<$UX#c{~_l9|>fv`S5V5o9WK8h80F1(kLjh0D1tDUX* zbi&EN2`}&KNQJ2>l^hj(hayM!tn*bBSw*pv7L9IqaVUDWZ^>x#PEp6%VfCaRc7en) zm0Lsn_M{GxGaEC}_HV}|;Eo82z6q&@@P<~J1hJ!mz@2rjn1kIrp7M&*Ab=GuP2}7N zo-q>+UgFcnr5j@aBrU*--U&}@<$nqiFj}$wI@^SU2w6Vsk2M=T6UL`zBfT=34_4nW zSR{Yq$o$w)7<{j3K*rpJct){R?`239f~VrTvvZ!wF;)C0PPw zS+_auQve0Lq^EKiPAHZc(ms)9J2x#h4@?xS^FnO&1B3R^4}nC^c%Jgwxdz;3mXJaw z%QgZ_8@Hz<{7R1UI#9I=V|md0C&R~Aa-!t>LP#^EP;A96z1CoX-{(f*%guM7$2)M4 z<@YGnt%)p@ZOo_iN28q7tOsg7_W4070A4)=LfWVx$GOix*rQCf_Y5vV>j9+HD z_8dOKtvg25NygfaPTNoHZCrrcUH7nU6y{p;U zk~pxwm=kjGlW|ulMJrG`$!fdAecJ&|+>7-*?jLg&T}?YvXPay(pv?*s`Pt}r>NZXB z*g>Bi_A2ar(YR<-@3hk}EJXCeSJ-^BH}|Su|I&Kc&ou06)kk zmAL1}G)QFc4{zT}Jei8%M(r$6I@5;Rvo+Mlmf@;p|yMFPMGSLW8-ERpCw4ucaB<#q;+}Tb83u$VlUW zU25Ad^p=?k!;dQ zY*D_y`R)qW{Mr>mS;P@zq3vj}d9!f#Rx0KF45oySBjrME7MeUBCB5Qa#j|5;@;nxw za*!D^=V#U;r2ZTOoq}{)dF5`4$FH0O6vT(gw=0eAWVz_|r!`D7F?+Q_2|p3l+iJoRFwcJgo;D~NK{(&xvcnA^+kg=$PScH3wY zcuX|fiNT+PWWkwgK^uryj;-?S9GA#5QH;fF|4ap-@nHBUgk=7!R|YC^`j=4Ass>QO z?*Z{HbU}-3N$qF?a!Kea9Dgbm=@)6qGhg$>yGYDLjHAyVK5IX=NFk`t{bzLk# zb&NUo)BW+&QIA{xy;Rv9yXV2njGe znL9TRtE#my{-I$pFGvD+9Ot-hAkRcPLu!DJIIo)YU z)L=I4+2%wkHqmb62AIhvU)`c^C0bm-B@g9ZA<7xzG*QCnCOgBZy^$qVuuFS@wQi_P z8@^$BnoA-FuqZBF^c(iDWXjG7;p<|I_~H#Yd#${OT5~rF5RLp`w{mG>-`L&dJcN*A zMDs-~V+RhCWYEeTBZ{QiQNyi0q9s^*<#NNRoiE9lb&DbA_yIq~ zMDcRtsR1*h<@W`bGEq)4voUQqF!Bc#bEdwx>&@lWIm;>Jc>M#N0?pvh#scj5Neh zl6UmN%tEDdW}*G*sd)|ltk&y|86qDMms$S2KeF7g>4%{2@_|7(f6Ogq^yN1fulg9} zd$oOPmre=tz9e4U6&5Ar%#I$&TvPo zPzth+NTf(=C@_(fPFI#`^UkdmoH3tv?O@w3C0`Q_BB=j*l52PgA}gU)?|ioQWl{H=*>9@@Kzx>eT{KPpPfA1fHu7181+5t*`#a$2h4z71 zK5m070C|RroNfGOezY@(RTm5}Uf;UwN=f~sxv}@n;o2vv-FVx6gC6@Vs4eN$rM`3r z@$kT%CJQcg7KVd}Cl$24Py&AUcuNR?dp`GaM=-5~YV6-F0>e%wUsT(CiC}PTr)wiN z`(#jGO*ud~zbJJOr}p>>+P`ex(DCFW3~u+$qud$wllF&qrpV9-*z;vy7bj9SxOvdW z#yBWVZW3|jM^M_0EpF$Il!e>W zug0Ap5}{Em#!nWNtQ{z2)@pTAD7PGAyL@!SdoqM9PK8U&e2j49ZRS;OpCxwEJ#W}e z{p3=5m<^<;m6|UM=4D@h-g#){+qWpSAbBjwo3+*eST^aA{5`x7Y zC?6vNL_Ed~TLP$s#|E6HYemhLBL!nIn0ah90(I%d+1k@1FT#LZ2nd#jH!JGAhwDmQ zVg*RX=eB@kQj#BPt}gN!^Mt<+k>sjRscU*)3;gZ}rcs(@jeTuA6kvJb9J+ZsGxqsoAp z<(RnEa|Rz01t!tF)xONY#aqQ5`eKkaxL6T1qIBi^yCKwpUs;3m zY)@jRj?fGK60WlgQBuA8@!@iIw}2q6hSliskF_Eaj^S_QmI+q^hVw!$6vEX+;l&SD z6eMfXHGEx)Px^QDlR4Y&zwX$YbW~gpyEl9KrEOCo7@?F6GJtDy(e4M1+r1fKe+864 z{7}wc1hVv(2}Uo^ICH?ERzRl+xAh)TZ`_E-kZn1^BG)#r}-txNJ^Tb zTuK@T)joy2SU#1m9w`3MUp3 zSCr*<2h+%2lxx{QX{ymIVG(PDo~{lx=EW^DW=#uj%6zlEhC4zfs*MiOQm3m$6|8*$ z>u~h~W#qWxT}{osrr23_!)?5Ie28GafB?VtXv1?5bL}@9z%mE044dCmfjNRi{k;21 zA=6nVE$I6a=y6V);`)Srlz?Z>D<0Sd3?Mn3vw9IYvE^V;3$gC6-XvBSw$bvgoEB;Tkbo=R<4uF;}@6g}I<$0x6yV6~6)0Zr54wA;IwnT4pfgO6a z-%%Ya);^+FV!!hn@%Ai89Ox4L?>P%Orz^GMB=S+r+~-1AKK&;m3zdgrVe*Yv#k%l6 z>v}Vnjf<$pT#ct7Lvc5VPwku45}G-tun3$=dltjzV(_$oJV9H=RAZ(@rvmFs4B z>oE*@h>I({-F2#JB(RjkkXR66w>@274{Bzm<}$V#Bomlhsdk$~9=&7~IaM|(=jfPUC3wj9cg6nv3tdnz4dDlG3)LR7hB9F;z8E2Nn=-#v>9j%*P)Jd zjWK7A)9fHXy`#wXG$ODwXr<@6bc~6T1;GW7h0M=1dpiYw9l1U1{8S=sRAH_KZ5etQ zIb+@4nP4^+_Y`9{N+=XZWQB}vv@uOL21rW@S}lE zx(|~#-hUovf@eQGm;^ii;Le)q%+V|O@TvcXmmV>apg8rw()~o7vbH$EMT)7hn*B)jzS(4!ki3p z^ScC_9&ezbVwRJ2fUQfK<&U`?mrx`~?UJF(J4C$YCta2o12(SXS&@Q8LNn?=dO|cm z)SH+z0<=>=Tnh?J;{MfX zbAMtzyrhV8(ZAPV_*)WSdUCm%*x5tMd#9 z^6eK1qO2Aj6pj&Fb*Af2xY^3Gd;Klv?{0(*hhc_4767fDvKv&S=g=Z+$)jZbf??Co zxFWTV<47uIn9rwH5`{*o)Bug>d9@jvp=O5o+@NujwxXl^2B+)i*vfpUZ9ehX+Ox-h z)Ov-d@Ee8bdc8p!)vtGTfWdh{yefP^yu#666zO%xc#=;N0T6s`cd(ufmo7Kn>sn%B zueR=fS2K3s@Zp#1_UXaR4dDlvyH%i;4-$*Voxh)ObKjq;1p9Nu&?X44F6|fEM%sBC zWi<4DQx*!O4X*PVJE2};qo)u`8$Ajb1YgjYZ}nf<6Hk6)7A5QKEAV;mG1Ki4>^#+6 znXvQva*nO9#yGE@)L7bTZVX6$Uut}#;v{*@-5y!wO6IvAVD1p={lz7)EA+ehLXsfe zEJnz1C8{J-1;r%#_5~XTtJzJnZG$zFvFV}Xu-R#)@R>O+F;b|_*pY_prwf_!IB$kn6 zR!o#LOBL}?v-V0dyw7kCrw$q!g5UTa$$9aE2Q=mfSerlRbH+*q$8;7o)APXJkbFGkne0Jyj)|Cll;E5o}t^KNOescBNPQlj|7i3So~G z0%n6F2U4ylGb)PsJ9g@cn&hpyxO-N#6ddi=yDWEr8-Jaa90gNfyD|Z64V0B4l1P`I z)jZG++kSDA%WBDx;9kX-HMh0_DcHLG8&IwlqNY^E%|{jn5>N9U%3w2~tTszib)oOs zoZ!XVE7vS$1)JZsfZ@Xg#sVxVXGn#$o&0O#xEh0iEI8MLhe2+-aPP^6yJE;az)5w> zC{=iMs|s(A8s)^Cns3hsRMvD5RLuQ$7y$%!zNshFU}K^%OF~^WTkmmA4uhfBy4Dwd zyF1cme7WJY^{c~~w?#Wm>QVXSt&7j8O7vrdu1KB0=$tRrFL5q)L=k9JFP>@pP7r=dK*OBHO@oRe&X$X!6k5LjdCd5}m# z>*KlBE1*-5BFu}iU#}{3R_26Yu91Px9wM2sFgHw;S|JH_^C(sMbg)Q>2xu^sp`IJk zdQu@#{vwxh-tE9i&!zs_onL@R1~8pE^cy=PGif05$OO#uHOvRcw4U{0=kqL(L=1Jy zg)6|E4$vTUt$o*yD)h^a%O>uG=f<)X(%)Xb9osxcZ-mk1>hWm?IW z7sjo1Q+;mqcIbpBExNlberb$=?zElj9a*s1<>x_(-wnk15;Dh(-}C8?b#nNA5aZBl zq#6v!1l+tWAh*a)(L(C#;l+8P)CnVTV8A(hw6dKFOI-DC?N86cQBh5KZ4FPR5eSZK z0bjew#?*QxkZ1jk?w-+Ey8*ImvY7_}(r=@bl>@PLFdsNJKsM6oe2wURi_fRoYdauA zqVL?T)x7O^p{#f}0xcw?&-9>pb?XeNkcZ5n9Ci3{-39&v+Zh7D+UGg}g_iB41iGog zaj%5YTVq^QYe|X zuwfTj?i(c+s@!dWpkJyoZ$i291$gLr%zW?nE1sgV8Q-@*S}OtG2_3P#P8}+9Gz<5s zwd;P-?@<3uRz&nMt}rVZg~-s$k2_X%RH~tEt^gjjru3XBISKq8sZ=xO^Sldz>Z0|` z8~%avxwtmhRzPctxW5|ple*RSiPo${AM=NOS*BiZtoOYyAxEHeM`SkYJzU)JriV-E zWLZ2F)z!oZHfBK_J^wEZ4_LOtJJk(TH(0)iz+!kd`53p<)xtucm_Q)e$83{(sSyU5 zzKQ~q=GShEqd7qMJrlqddKZj8E!!Py*&yUP*3j28;}5qJ7ZupzSNns7QLiWafI2nj zoa;JEbtF)oe1v$K*RK{3oURu9%ipNUD)o*8rkEQL(KNfY1-PRT1U@GeFR>-&inEiu z5wqv{#eujD3$CWGoGJ-%f@Uo<-)plnr0ap;we>F3&4byg!WH7YuV1M%lBfbnAt4ur z0}bAc+iyoK{c(H;;5J)tx$`*V znhOqNuVUPXWZA?UpV!=LJsvIfF(+`F`rLwqi?TY*h!ce}*aCx!c;0>Hlc%lSnlOQA z)-8+O{$UZP5f=YjA|W7RHJ(CFOBQoSnoIL4v!g0)G5E8Uy&uj%hL0$;3IlYu67$qs z^MshIfqOhh;_4Pd!q8H~&!KY#vgDJU#R~hQ(_X#k*wV}3=B9x-?zrj8x1U@(mYt~uP^0Gkec?~`e=gq*`}(^UWU{sKXo%~v zEWi?ri#Vm-Cxuq*1mz#s)HS{ld#qMT&9E|o&CLAmPtt#4A?>@l(6&8+?;@wg9W1s- z`yxOc%m%qiVmkEsaZvmO65Xd7zg#IKF{B!Af$NLj0BqPhHvD&3tDcFdjyKf6VwqiA z^)gvyG?cEw`pAhaILIUoKE}Gv>6g5~L`mlAoPp?t&P4Sq=3P_nL;ZljzduT1ZpYSi z#2-i`d*2bf_$=nv>otq3>mAY9v7@`Y$Jn#t2@OHhDU$<0k9!#Ym0B0@YrXQG3A6~C zufx#t9th!q?xN`iz)|gXeM08owRaKH3`)@fO5s--uUl@M-qN6&p6L!?jt|lhP}d($!@hQlU6Yb5}IZg=)PJj%Dz9Yqe-2~ znRCQcwsOAZ%Qv=7k8!xNftm$~GG5Ao0j1|ErOx3%-N&z#DussvdHoaHwo9+= zXC3_4KX%1&L(F&En1=`C*CuGMK6V-)9nDS9=8k{y=Y9m{32x8L-@Af{r6B`^hxg}P+vSNzOMHhf&kzm!wMJgNx(~RY z#jqqwdagyv7Wr-$ztDUOno{gWkKpu2%KkELR;mFzxat4aZlHwo)qnnQ0!!Hs2DMxk za~VA*ZIF^2G6*kfkmPDkPvYv!6iDNts8*RzJMFq8qUO&Rx%Y|^`GM)=wU-zP3)9;i z8W^$ZYtkg2<)QUVJ!sXI&Ur;x)1jWS&P%<2#zCnFg(fUycrvYP)!0$DlqD^}59NdO zGa}Vv6@X?ZnF@YGG}UREw!3?XJF4nW)ht zBGIRoH5s7#_MIFoSKlQ#3>v|-q6e90=~F!?>ZIz1yu+?{hy#fVyPuA`^*EfDJiG3I%CjO?80z#UN08d)%>=60;I$@HB2zAR& z;8t)=Mq=0FHJ4c%H}?!uvER}6n&`b{T#V~}h6;);_j$w{ZT=OnXwz*0Lyf)&aNcK{ zB&Z^Qrp>cQBmABK5-XwAe@`VoQb;YfO9lT4>C{qRzS{IFp0s&loI!Vu%UOa1CYW6q zBBYv-wgZd$_7x_$-uC(YRY*>VnlcdYrY-arKBKP7(s6?7tug201Z0Qd3Rsgk-o7@kZg=MYcNf)yf-ULE4M)TL+-!_|!uY?S_2DFLBy%u{b~?T^lTZQZup9 zR=1SuE?@JpOxh3SklqkO+)${}C(o>EuxD0{sS5 zG!84?D8%Crvc?$rJVNMuxi5FJ-#9;I8ZYJa#0XU93OeheK|E&RW^&$*QQ#yt7s+TU zbF7;y&g_IZFSAna3rbK_T_Vlj4}2p&cRpP=m{clVr!IOtHkeLxF6uaK%B2yka|-gS zbe?Jcj+Kw98A{CbJxCIgJ^#iB#vGd2Z{im?v@1+0{DaR@Uafk;1!o%29NLAh$IGal z_Zq^m9a^cD-+<~bTt1KEU><9|bXARqzUx09VTihYc6xi7{6N9C7VDPig$<5ic)FW4 z_>lBp^w4jx$4Wq0{at5uxB>?rG6#J!8;(<5?0d99)-h5b8bYLi78Mw2oX-2kFbsd{ z5(RV|Y)<;pJK=&zK%~|1IwLca&UJfUuikaej*Qg{#0uq?C5!2>0K^gxX#)m-#Z-TV z^VlB8lexscm0cfO5FlJ~W%`g4BIO@M`v`DhNOv)AsO=JAYRxs$ehLdxXJg-)`qco< z_REPdX#bugTtusq#VBIhJbUfP0K>GN2kKI18>eABdmcI}d^8^z!Ee(3h4Q__wO3cj zFPfW^m7Lky%06cW^jjE{ocNHrz0D8B)+k|KwnfX3qf9u-~F3E-V0(TGUv7>*wG)DBzE znebQ}6i^uO&IyT}7PU?VGCM%ame9iEjVH#u?z18stIdM$NACeaJ=ZB+iKE+c(;B&5 z)B6?UaTf>n=uA(~HG!(M@vGK?foajho*HC+;WVm##3_oL{TNE^4R<_dW_O#38_;35 zV|r3K*zxHwPvhx6Hp4v5Q=oNO7WXktg1x9rLqI}m1$>{i3rNlrHZ+UqH%*7}AxTVL zwvuAcIZemdffmZk;b|;BK_2{HD()w8Jv~JM($#*&{@Bf?vLn9prp4XrdGJ0?avJCy zm~(zuLiz9{jAYJde_mv%w~MRsUITNYQzh|&p&+?BQ?VV0Jc-3#U>gcXaPX-C5rVlNF}Nx8q;pQz#0CNbxhxUT8ep9RXg19MqB+(V)P zWc3~orX9N1%S|!F}#T09pkBQOKteow?)ED?~z4(P#dlH0tvPR2(~ zTz6A6N$XM+=_Qw-4qx{mOpGp#+T9hob+Wb#G&;t+7bdBlqWOLoOJTMeRyD zB?-V&56qUb64tBE<>f0(n{H%CFwq^zcPkKf;z#pU;T{%{07jD8X0ga9yZ(!bFS-#r zJvMZ=j|Lv3?l1KVLrn&x@G3M{4*@Z$y{L0a zBrnxQZ;Z{~q}Fh=-JVr5o~&FvIdCZ`2|Brvgm%LzV)e+_l|V8BvR>yqcs4T9r2W&D zPMe;Qh&|$kTCJIOAS~TW_kVk|35IY!7HkFqav+pV$K^YZh5K#%M++Fk_RnZt;k~wX zy(J0h1zm5ArBvC`q`#yp zO%UjtbZ|@WXP<2Lj*P`QO+Ij8nz}CNHZE|xI3n{(JXdr)gGGAW0?UL;`nu_`vw48U z$nqzn_Rus+Tc_edy6tB_J$4B1`0q8*%!+HDGHuw01IK<@bMY?fUPmV9!ZmHTu^To_ECLA3zs4la(h}nD1+me)F8_ zYWWPM9lzRUK%7Vx5tavdDD)b=_P^e9jTA-0Ds|%~8>4^6@;$+2{nCx=2ZY}MhAL%} zR`-5%&iP!Ce(}>4W-Dq&eajO#qJDQmlGbYHHW7ffZ0oeQ7N7Swq|EqBy_RFTyuP*! zFa@`TG67)A{quNb1(5g~IS=w^Rv9iT8rJ%aCfo`pKsEXf?p~~E2nXgo2y>o-VHiNE zzx&vjFxP8Fh2wZ7H%d;!Cd(T^!}f@0rzS1o$P}WiV_o5JnMKNL%1&)0!Ue9JZ}@p^ z`)fmj^YX$ch5FWsNr9OGe`rq<dJ_j|^u!r|_^1gG6@40o2V4|R&@OS8lr#Imgz3rMHvKG~` z|NLjW%T(11Dev~KXx8K7ui`(2{8*_0orh_!qp{P*yt(g`;(kkBaN*f*2ecZB_d(Tp zHY7X@xyp$+iAygt0objdk)!i%c;`#}0yDQw-#`2;Td;5Jg`I7OMx3+_kw_A1bGWbW zd-OlW>kYY3^FP#d7$B^BdD31vKVJk_?%LI)uS1uChVc6-2FQtOJu2q)--2>FEflxW zT+}y(Azb-Peg3iOunR4{fd)akvv0@G{do`F3qe90uvlSq*pZS?n=Vw3{r znu&G=2FafvKr&4+sd7J1B1caomiHf56k5Qmov@P?A1QEaeMdF+sE-0BW`Z2gG*6UX-sJlM$QhlDCB>~>pM#c$`O4Yzj4!bG0V$;|on8bkc%G?pE` zLhf^Xq(BxcDjiGA%iH)2IQOdcC{73#)0Q42V~u&0U{;?TEp_s`)R~@p0X@+1wbEA@ z1P?K#o}t=?^B;Ivh6%hk?xiVf8x(fes*uZHTXbrq9( z2vSO3>*G#$vp2SF>(PNaecej^^C$OYhP-D!I)nTyIO;B%TR64H?AP2a?A?kp&k~sS zMLb9xEz>UEfYW0&cKl08ti}qU4-)wd5}3qF-fZPiz9+PLHDweWHPTT`DSEI)?Ke|5 zk$rf|&PX~0l2Fp;x7ZYTku4|he>}q7dUO@&^56Si9BgM){pXOP*nDz&0b=h?C8b}6 z{{DC@z5?hZR@3vC?&XqZ5P*`4TF=%DwJo@qs=j{XBzRlCaH7OpqsXXwpfS(TrVcCD z?>+C-7tB?7OEuTSu6IL6DdT9NE6f8;AlL%z7IBlsqK^tUW+TL;Gm_--V>Y{^1*;B@ z7j5(b+Rz*~^W-^Z+nj)7R?fmxrR+s2wz~h@NBvuyo7CBtDHC*Q@HaB(R3XxZg!*Vz zP5GNfi7tTt&wXnIXYLsEf^%|H|# z18MG=cvCP)d*CoN+SWBhJ71;e4TET{bTLZNfroD02S@F((M#jHcuh3(Z{~z z0L8JWvZ_n{zotCr<;X>|NM7VsQAC$jZ~jH`AdIQB8*WWk`iu*A7}=RK5a^5&`9B=$ ze~nw5fYyG(U*b5uY6hDS-CM)Xii(;%DJ3(Os~5=uJm*dRFM_&a~La+&rGv|44TG{@scEZ!Ca+esaJMhA5_< z{;c-=?+S!JsS<#{<*BjT_tEzss|r}uNG|U_<(eXkR^WR4c8m01pRru{HHWF}=xy$y zP3tu`y-MACK2mf!+&27|L%uxt=STSugHhcqmxM69iM?)-O8DkA62lTPB|Un+4YH9= z6oOPtVOeDUVyC;r0+7KD*&g$wssWgXfAvmJ0tB7MTDw8kQ%&L22<%nwsXV zP7FsHJ_xz3^t_PtTYtOK^U=&>t?%P6-?uVy?BNvuE2#RIE?J{mk!}ik6jZcs%ysRt zjqD6f+EAk@rbeLf_42{Mb21}@#jDO70Xc$bM5xT+Va3>j^bJd zs8XFqzF3X%e;$```|qWb_{fI#zm3u#e(yhq^ldY6oG-X--~8KapG^>;T=}0L`G-yH zpT7KmYq&bkQ7yE7X;@J7vW0LYeRYl4a8+7uoo=4Iih_!2(S!RRuPYutcz-ymk>BS0 zB2JH&?>$jh{{)6cWAQB=o;#99v%PIQSiB$0nr|@v=!`J9>${0>%A)<>=fp}daIHPg zC08!~+c#8?2k?>V^n_b~PMG~+Lyg7%MxYYbVmbc#B>#uom%ab@M?AFk-~QqI{(*b? zpD*Qheoy+NEQRQQ_^N;YGKBy4NBWhG?*8vX@=q`H?|(E|0MX+tj7F05-(M*H!(8D1 zW&-}tMfsnL^8dM+@*s80TTp0^NL>nUzc=hpMPp=l6IDkxukVjAST0& zhT)GR_4mtC$T)dI@mqey;!E2Zj#Avr;;txZX8TfqeP9)P61XYp_V;i9^EYZ=E;?fr zu)pl)>Vfe`B_F--%z>V4c{u;~Gx+Z(nWyv0S#g7WCalKO^^jdW&Eq$d`tJW>5dPsS z z>`vaZA^H+QX)ZJMX@GxR3eeq`BBBX#(s=y&BVeCsIcsfH^-~%*>!}=a(cS(%+-)tR zfilA?w_ELD$5}P6Q*z0cyXVkcM(8hpf6JX#$UvzM`XM^FrKile z?gvGEPnmh!vU)!~Lux1m-8lpYG~ss#9jso>#ln)d_Xz-7SZ%JkJ9Rlm`iH2q;gD{H zmmmD?+K|OUQkL`)Gtxb1{G-@*K(rY3CQ_^$<(;2T*oCDby2Tf4h!R&214f>+_o$i2 zMY>r{X3{73bv+kCzK>NiNeppk1-qIz9Ff%x9tOgTY%!-yPgWk`zC>0wt6yb1tiqe0 zZg0S$i*F2O0iOI!8sMFNqU?Wa#^s3_l;~#F35tSDC{ ziMV;JMD9#4xSw!@78IG77wM=%hE{as#>jpV1(YGCj#(0KF5i0J`|Ah|ON*ca*}-(2 zMV{U9e(e}IaqH0af2-%_e{ z94knhu8R=|+^XNrysPut5XN=w$LN%C)Lp;h+B%pr2Xg_`7c4anBTM6UG1BT8*o{m4 z0RVJ+wi)nxuGXZW=PCN06-MX6Zuq!ry=JJxYt7K;r3ZkOdw&a*DgYzc?yU_$oRCty zI|s2zmvl0N=bwlNseLQktR<|B3C#k1ob%#P*2W>-N_{b_%%2hJX++TsDPL9hIgJK1 zS=)H{)g5~c$&;rNEW26unb47|cf@(Es-?CM0D+wH*hX}8!9imAy@F@35($Y-2nB>y>v#Iy%#zqy1j2Ve#sVDTa*VAmJvk7$RB9}x3f~QSVThs1@>e; ze&`-)WRjo>tLd0QLz{4lkPz(yEd^vaynQV&2LMv+3e2^5*QX7j0B@bP;G@@z?Nw1P za=X(Cxj@V;?}H`Q55lN}Ht?33z7QI&9ag^q%K6pXmsMKT@|qLRRtce;b5sD)ASK2qFXfAcXSaePLIbb2bS29(!38PO#s+}PW`}3 z%$c42l&86j8P>`USV}D|033mXg=9Pn)gJ?9$D3N&Kei7m7j7jiq)C+}yvddeAypb9 zh}wELm26XE7UiLIKAXkPqo2fIalYWQk#-0wHE%09*+s($-3tW!wC_E>Mc+*z`6{=< zP8g?rDZ*n|!0pFN!1B*$ot^-VuM;5_}35kj!Hvz>EWZoZZ ztCREX6Hk5JJmt#V>}Q>8J-J}qH##O1ly6hmC8%b>q(LpY;;4z{sAfn?=DU=r)$H** zyD!U{6l3F(&{}G^u}zKh1JyV1&}e{_W##G&b9rdtw}8|uHS4Z9uh^6hTDn9%$8Rxx z;Vu+*)6Hx9;0_{XM1jtZfNJ%R{Dp`8m790)x*>VutAXkK=#xk8)g~@a3d`p0T+OpU z5>k}5wKGd69$5SicVaS5UeP{%WW2UDujyopl9YEQC3H}*F*~(|DxAU#G(pf; zM+NPt#~`^h;8p;q{Ygrh+G}rTO36fgnlz;SipONzR`_89+})Z@q#Jcr=^Y$nU}@W^ z4v?qEHb*1B=6dY^%-Mxq3?}0VoNJqFX;ky;OG=(+Pi=G0-i7^qaqTgFR)kJ{q9n1# zMZ#vUr|OsBg$J!4#lSETp|;bclciE4OvRu?TIk`Ci}7^H1Q-$f$r?e!JiD4knjCC= zQpzZKsLW92rC5pyzOf5L19F+ypU;?y4!OBy|1mb$njr;ju0_mtnk6o>Xj?u_9&AX} z(Uct7YCs2fb@638Oj+leWrqki7wPQ2S>sCWOXQ=#J*AzUSoImp>+K!M)gjC-&$n1< z7!+D&QBgHJHq1?TrF#M*pEc|Iq>k5tJHLYQ;rfWBzL_tBxu5H>eCh5RVZY+MlnseQB%fPN1P<|$(nF6&)Bx8|mgMz+!0;$g;Z%&ONAuE$dbDF&B z7?UCVjt5ER!R8(Nn~!tQlxS$f<9k)>z{<7O7wyDod&_z3RJgWEQcmKCo)KO~9Y>}7kVB=YP4i5Ao<9$j2TT#DM{G-VU{9oOOG z%g6M8j=i3nS)MJ&50vPEXVv=R_Qvx*V`>Wup8`P@vRJ#DuvcJOQb*iF=LSM8888O5%(D06a z;LaGIvRxmplA6=w z3ZY8$zXASZqGE_rTWxTS-H>;D;z^MmLPlp((dZLUp4l$Duc@=aSyylvTt47Y`#hx0 zouIVS)qb*(Y!Tn5!h?<7p?2y^@oYup`Y_Sw`6<87Md29>Tn!6uEDTFy_l zaCu;3Hps@5?7gDr%fMD>U*Y80#D^#v>U&-5G9yl1Fg+hEUA$Fnx5vqocu50w+f#L> zNklTCA<2&q znkqA1ME}_$;W4R+b79{~?+}F!{$SgdMrJ>D!E;~kQz(V{d2k!zgrVMpQ}U+s$l?z$ z;w}}ppf7z}#q6FDr`UWTr1@mh&e561mfgR1!I-ex3D&<%BpgvINt0anYPu(!sWY@c( zW;YG&0xvN`7M2)Dh1adxhK+0F1=+OwUyutyhSPGE_N2vesBHM>rvdg5ywe1ATrV(SzDYk-U=*FY7 z4SQuHSzQf*^frF0f~!G(CyB@bq59fS#uL1WW?ISN4E$$znn zgSPPloif8mI{ABxm{!lBM~*!2idJPC1)lzyNMl0K+TWb8>?k{N>S9);@ZhoWY zfy8fMAdnS&2%c|+IQths2KusseflS=?@XPVQnxmqh9JQ$!V7IVGL_!e_P^Zj`INm*BLRZ5JNj(dwc`5YX#RXS@!8mG*CQ|S zTYUE^yk93@p~bSUlfe>F1w5G-Ag!gU;Ud7SuxZOD8^e2mfGHpQ}3W-USB$ab`p33XgIJ)le-q(!Kig+KCk>;C{4SJOSzp zj8?&v-Tqs)Eg#sqb^HrC4?tVE4QUa>1mevGvOpchwyM{X1>%EbTt0VPPq^clFJNu_ zg(wR;En?z1)np(gFs zJe#d**y8wOGVlkHi1RbBRKj}2tz*E_{knh+t<=x2!7`k3qoiN z!eoJJ4liHNQ4H(A&$%6J{t|ia{5iv{{T9Dr4{h@igr5JZtVGAp*2WCjrrY>FcUAzG z;SLa}Q}hS#^{#cfjp_E$I>BlAM}>cpMoyNQG1v%$XN%;kb_QrZWc|!z1ig$iiIUPY zu|V+}uBJ=kTvBuMaH#54#Ybe)qBW%VTD;nZZ22zH*ORf$AfK8rDPvm+^=VedyzG|4 z3on&8H*?ZR6Io$PJO(8j(KC?fOy~I^ycxql_AV6gT~eDVg?vbPM&fWf*lsD(w9%5w z-n3r8ZxBPxW^L~GYhqn_r{+hg>G;oX%0ed5$M(M6?erxKmrWy^Mn$7_FNF6U3YgHR zrmA-5V+HkjIt@!Tw%bpD?1K#+s)J8hKb`RRvsr(h{EmO}(TCfTgKD=yUwnGFVdr8N z`(me-XnDbhBCXLIhhY_-6z66zvze4T-KkA9gnD6|^9$wAva~eM-Omr@6X>|reQfVo zC$i{W$bt*s;hoYa(Y?I4A0qpV<;9pfQik}6s4!c#qsNO*EZXqDzMFd8+-Iyny{p@* z_z6rbJ~S-|Y)4iQU6Y!)zoko`UtHO?I;fMgaJy+eGk5u_1R*>iXvqdQRh4In_*rZC z_48mVY2d{EfHO=%8XvgO_m+Kv!2%AqY8fkpZ6%F>lIxo9->Z6%+rgaht`7}MjN&!7 z906=;9OvSKJG^R*@^7Gc*pJdE(3JSnke@_@sxCXDTZXk=l+SpcKil3f;BGovhxPqG z4_ftmuHWNQtB(UD91r(%mUAGc-tdZbV6gp*seU?q)y~lx`SmK&885i05XX z=XcKgJIDR(eg1y`nGZt@-&*Ut?zOIUT`&$u8jASC+1L!SOP}Le5WtnyfdT5<>z1F# zy=W=OnEkd2%Q)V|El0NJ#4NV}kEaU;ATtKgv>kPM>sdyT)g2w@mbRGWtKk*MI_0QV zNt13Au9kx~;(dnSn#aLWbR)~MeqH{y*PLBBI!sHY7n@$-YOi?>-QEhB7FC?oJ(Tch zEhw<{x>Oy`?T;E%=O&y&C080XZ-^uf)Lj$e% zWmoNwd{7^|D;c9E^c{~vU;8IVKI&iwTky)(i=5DjtGk!OD^(Yc4-#` z*@#bhWnDjPVf!ZC`&yJ|e7N8sFF;efd$qsb-7`5f6f`Q71s3&a>n=6l&`x->8+Zw+ z-aA}Hb{F1}(4&;FbdW8m5wVByKTeBL2vOjLJOxMIE0^gWTi>^TB0@>Jkn3uVBcM5Y zj3)GdYM_!XQ#INP?HiJnR9ni@k?$1*iJc9o=y$P`u)pUb>4b5~OC_2|%zIs>`a9+J zE;Fwxc9-be8M;FHm9|%-1~h74UhZ@($A`1ll4a1Csr8=5DuRc0I}9o(@@-R?T2xBT zK8LV*Y%uiG+P57>rwZ9B-Pg&pcj_z5?x;=6I6B-OmAuC)aXHYc!)#{84v3R_)T{c`k`3KS3!&6Fcm(2P@rW7y!d>Hi zC}#~pkm*L#R-pOLt|iNB=s?=fuC)w+Jvh;_Lx?`!adX|1`U#-XN)a)-! z{wV4C((L?N*`|l7c{?=_@xT;u;*O96!v79S9Di)oo!Yn_X0r05&2hndtRn&CftSDf ztc@T*W-nr0>lvvG^J78L+(zQ0?HZB{~(Hx;9FR8n* zox9dho%tk7LE6GLVbkOp+^=Dq!gm}SgaDuHU?MILTY44I6wcSMQkLQrNi3YZtmb9W zNShsd^FZ+#v8!KhkbPdRR3DW81`j>l!w*M8r`WLiQ?nCEP2Px2Znq@Z%x8-_QSrrX zaSF##$@4z(WdX+*`5N^(iaT1W>;a&{S|(z;$^P3Q zfr4D4>o&iK3-wD;JzGVLb!)_BY;$O=EDWtdMsf+hilx3zk#vCmY7dbyVQN+?5gQAt z=p7*57SdhuSt&cg%)4_gX`xmRj`i2ZPD%Cj(rY_9<{RBk5s(fJ<`F;K=4~IeyGcUW zB7ZzFPFa=`RO^uFxtqN}0a_>|HtirE|Rd)ll%ccS58J@1v-+7`mTR1vHi*}sYTl-F|67%RgML=6!hrEQv`hKrbQmkM- zVNY4n;m93-R z^A%-2pjKw(Z$$hbw~enas>cIpcQ%H*`#)J!Rd0GdN$ZEsHoTQbDf5Hw9_>udcs|r8 z99YSbi&Aag_`pNjdbqEX*!ZoV>L)GeDKmYdlG)i#t5S}~wrja4d5?8Y@E<>8ONrS_ zU$t$f%S$+jDwDeWR6Z&q(d;%BZGHf4YSZ2BgD&9cSz?U|Uwlneq)622RU*sP$=8sB_RF+KH?Oi>V|<;?;P&zz(h@UqJ;ff)_4UomBo8S#<&GEbh|gL++EEUgA3q{k z*_~PHbKCdIX288cJe~54;tDH$rZy?*b7Q5>5tmNv zr^kMRCa46@=H*X%9iBSR9e0N+A>-?{bq*_^b(9ex+^vofXn_i!0=-kb?J-mgs}4eLiFWfg_PqI;S(Bc) zo~63Aq+Bk`-jFC+Xc9-*q=jWZQ(SgWh0Par=pa93?<=Mnw z;5iIrJ{J%13bpILGLU0R%Nf<#jrY{ix4KoNtX92XmEjk1cfc7aG|2XUhQL&lIJ>JK z*%PO;;@`ls`>lS%p(qQm{L?tj;8mv?+fNobKt(s|Ti5-*_}3x4YR*5DW|^a2ps@Vl z-=cHz6xzg3E_wr>{V-)1jrVvudv%4*-0jwhI7&QScR$`LC;Ql?m9G1n$F-vl>5*GYOppZNxKKmsM-~TekD-?`I?g!#b?RUdZ>Kx0T z_2?uTDZ8U|EPh?KHi0I6^iYDAZ46C;0d-9MsOgLy7mfE_rgpu%EbnSA@wfWq>Mkto z96vV@No&L|Ys2q@GXE&mdBio#<3|lyM&?+24kX0)Y|dQ}0o^;xdV+{sN%xBl5SUw* zSQkkZIpUCH@z$psNG(TLoQt_+RyXa;mn|3FvT4$C|l<5pziNFuGo&NR3 zVvVuxOA6uZ(Hq{U87Wki(|OYz0(JCqYZ_%TRQ)F)vgR);69`)8P&a9;{$e@CiCy(BGTVq^RN@5Sa|f zJQOR}N4%$i4mw{)(DHJ%?8ma$1aTE_A+B#b89&ma8|o|n82EFwdb-AI{>7t;>kO|& zh7K3+g;gUDmCT6ONh1P6g#hm+d=Hx`)xJzQ5K?ZC;jdbHVH=K1HL?#Y*5Rk`QmeV$ zPdZo0Z{r@iCg@^QvF`Ft=h=tbcU|8~g_u-jZZiHha=K@&)s96L&YLY;zTZu&pQ0`q zbwRtk=)*dd^#Jthi`_Y!f2)>##56lc8=tn_!Pa-%9*Zn^v{26~aWTssHK5=^z;obl zQ>{Z)-Td^eNdN^W^$d0lWtUMnu8PJ)g6Z{E6*XxD=%A2Zk-EnBtNqtV>ia5Mdat8v zqPW_gEn6;rkhlR+Skiz^_f)BOhAF%+_&oX$P*D$IlehRW4eYSVZ#hp7qJC4{ZlJJ12@Wwzxkw zPI$_(CF!R|yD7@taHR`*5%P4{F>LGBQK>lG)lO^NeR zW#xf;|0omhuX0E3XXUm^Up5t$vM%z0Qcu|_acmxm`Wnb~`+p|=k|Ztt5+^un+0f)*2@{L8gXJ1v z?1rB~FKuXl*6y}?e;)ytiRm7;EL!w6HTO=-4SviRlt8~v&|J`V&&o1S>@j1#qux?i zzw;kYKdc( z^GHHMqcFh!+6iK&A1kLBj*(e-RyYlYZBKZl1_sONIv^`)Yi5CIRqlt#bVqg6iQjhH zsCv&(a}~*1w9FzYvxTB`++utCt~-9Q?AqAmhtQlFu3-c(ko+>#@Kgzjugs{Y-3pYq z2@v0IWrL6rZ*}tP*AoQd+RVFXFIS!&kT+jqjZ7@mYCDA6N^8M~BzN=hB#9k%zrPD<4ZWo#seXE?PHD24I^ec4 zGeZelKNaxX#yI#DPadNbBYyB%$4xoH{vwaBbrKKkdWfr2>fb=i=Mh&; z)_4SlB!ur7gTI|m1&>cSmh2|3Qb2b#_`)rMq&xz5toWu&Bjg8J$)E(_b zC?e1>e#H*e%4x%uG;*T*z=bu&XLm~PbgWw(h)rgE=s4nKMla&N`3oa5^sVQ@t`e+Y z!Mu-G)N$g)BaBAF8+fe$@s!tZtA8Vpv)U;a$jaW%zm+v! zJSlsZr09+*^?6f<6%0SBw)h4_wbOc?otoz=1IV9{+Y1<5G7Bf!Y}A#?Q{evKS3Tiq zNjvVX4{~6E$#RIPdmAEVflTFPmN-*4X6G99kT8vyb%U`AH9AiH;aXYoVHuO}mA1O# z!0LT*)yX;Tx)#`A&C$juU83ZeoE80oYXJPyFEX=OVvhz8G6WD!#z=1tGbwpnztYnL zqpsXtF;>mot?R>4CE|gK9Ia=S)B5I2pa|xTNE6APB*6FU*Tvdt(CDg|EdRXt z9_FYoHRKq%4*=LY1W3QYtqAJ@$#IX6G7#=Iw7fKIwrxXD$|zOI`aH`BT(BP!%er?M z)_-4nz2d_fYiS`m8zVSA9Du2f3#`5hpJ8fT&%agS9pcODn5>og_Jy>}BA&EJ2Jcq2 z&)6#V_RxHtv_&OG6v^yLY7b+VJwD}loZxqM{L)+#Bo9kpC+>NcAUJa5lAcQCQ3h9O zCvp$CcW34)50++3M|5ZOq%?u-&d;7HsclLJikjh{8Ll02_6~4bFkR%N|62o9MB5xG z5LZ4bsIrorS+Ix68n<0A=?jcNeMb*vOTD8le(dg720H)ZJ<}@DlLo7**=|;`7WvPd zz8y>ot!uH5d8Di2nEJLn17Bl0==v1Fp;h8S7e=##n4|U&2f7wAhFnz$O^l_ z0ud3P21{|?sNIvNvwQv?L)dq(@NSC8!gwW3IcdKv^vj(SuejuVhWR?z&)zW5zG}X@ zmOW0&zBJRi(DByEkVsFWI+AE{MftGJ;SA?syO}mAPV$T$GVxlrw?M%3HufSx$*NDT z=*!DPe1ZF&^-3_-^NysQ@lOn14S$%b*He_KNp9)ns?gY(`|s8I*&2l4_t53+3->I? zr>iD^sB=aUX-=!6A2?ab6Y{gd;O#k`Yzc(wk)kDMnf~h(f~Es9jw|{?_nBKPgk%O7 zXOh#5EZ)P>WM-UHctmZ-7cIj(i#|Z~eAbr1-HZQ;&%iFkBk;;#XZ@i*wk(RE+~D!( z(%?l?PkbzjsKn=!u4>!1fE=s<+2oOmZ;hU95#74O>pUMyx7%JW%CS=fI{1Q~KRsfV zvOG@n+4d`4kTM_XQ&&H10|>Minn#4x7;9uV-ej~bo(y@N?~WlxNjERq^(-_`(XGH8 z_qNO&wy2#fM|%i|W>rNM6^ZG6)K(XOBGGXe^;-6Cx7C}jSx)6t8DO6Q-o93XPSjkq znDOV6odMGw4|KvREjV2pv(Dw6TnU)u@Ru@8oz3uUn)h@1+@G7sjgG9EoP<%{YOnHb z#xx49iE}=+4hNu+L#(1l_5{YcAxXzVr-K}dt+*|TLlWb}TDy{3RTIt|aJF~Oxgjdl ziTRkNf$Kc2tWG+}t_dC>Ac}A}HN8z2Xu7!f=<4$1SBZPiDGZ?X*sbazEA(^mHTJx6 zda={CxpsEK^?^!kwBqU&w_uQUza8hU;R&EM#;(j?QE2o23FPBhW-8)%xH3#8R*tZxkOo)CPHU>k_TKCP*T^T!y0JiB1+Lv*F19dD)=U){ z3v+<4-NszJnu`3lfu$zKx~z7=Cy@yfp=<)gDtw@W!khtYwl`X%l3FL&5cief1?Tsr zf|cbH7ri8x?}gso?uA=P@uoudLldRn4Xq+cI373;>vSVdM|2K$7hZC&Xkx*uUNVoy zrCj;?sn-G&=xkFuIa$P+rO$CM4%A(bNj(O{#>(q`e)iY*A8@riuudHIZ}XqOfqX7R zpp(a{Ms2S8>Utd%Yo-Olz5~o6U>z;B+qbH81>jvVlnoZQU`pCi+wQToj-V2NfclNa zNUqFz!6OY~g8S1oYlCkV!Ymk?vH0fdcU>1t%oo)hB%Kfayfb#IQq)6kv6>bD?A0-| zetH+V?2J}j5-*(qbjoOPFT#9%((g3svtba4&Z}NW(6~PkTxp6d!7Nw?z}M zG3ThGZp$0GTJnRji#6I>a9xKE{m-;$R=iLg1Z4dV$s&jx7YJN7ByVrittWuDbh5ms zNw-w%tBTLL4>9LXp_`;nkK49~6(B$5F+F*NOv4!= zY3qY(bW`Z#u?RGzHYcQ%%7bs59?v+rb}nW;0V`-@J{IQ^ou5Xw?9M*bZggc3G&j1| z1Z2xO+uEsYcw0RXJGbkn@|ZFei3|=UjX(EbdDt>$CNtM=F?X5(>4!H-U!h`3I&dvq z(wYvrN+Tf|lajT)uJ9o3FR4tv{%V(V_ggcOM~$*?WkPi$dc#2UTfu=`q?|h6U|hJ8 z+MNfdiw`1beuRb-h*cQOq71RZL*-|A#b9_Z0$Y(sWhHXHMZW-5Jjs;sW1s8=7LcZ@ z|GE!lgUJ_6m9D`Sm?;`I?TdBT43sIf1hSQl%$y!&dPlYj>hObm5~`P0M3PPl7_hER zJ=Vm`knr@z&B)@u&(6!K&TYx|%YEn5{-@GfQj1Ns_A0&0&}3m;{fDrwBh?TY9Cj`A z?xmM0k{5CHb3@=6DWN(_{Cm0J`Q;mW`($-VHQ$Ny`egZD{TH0C$i=yUl6F4;&tF=u z?rx+1U60i}g4-S{Xgm%aEnAPZuiS~TS8Q`pZRlhfs^H0+m*z~V{K>2anaRkALhQhP6?ffI=tQV6o9=@}I*)p#= z=xcoHRV9+}#Qyb{;P5wz6whyKMv*aq+@1o{4}M;bMuVCK{iix#O>RJOpm;I(*to#ujA{OkbX&$8 zU7xzuP+}7?J>Z54tToj7q*uBr3HL^wcEd@2@;zai6|ALQYYc>OE0o8i3N)ezLqRB{ zMSPqI_KQ;co3c?Z(sOigIgidL2De^zaxrplG9>{Ui`IHsq;IpD!T&nY^~XbPcAZE~ zbdi>gZy9M-{?KQN$RD778;aUJ;taetW5TJbIA3|-F$V6xTO3+b<~Z54n(Q)%U*F(& zfi)`0Eoc(tF@iI4wnG8sHgEEE53(zlqiFO$S$|*EEDD_0Mo{MT=E9q_{k$z}KYf>etekjh6D!Ur zY#f7vsRmsQ0t$j|N9(#5t4TZjn}^Qimlir^D$)g4_4?k+`Pr_ax{k=vv>~1SK4+4d ze{lh*a=}7JdGiNlWagaulk1;#11#`+$nM+7pXw6Mc4N_fBej-3BhH%^@WR{R$0B7; z0Vhq%)08n7k!7}{BNt7gRzpB~)kN}ag(NPIbM%~1JIGc4~-2=;0_lE zmffT5WfsTFv1JEG)jl67=sr0*%EziqNot-z(uzf^_!f z@@2=y)`G5lpp+gBOm@`}CNC%bA}s(I+h}+GIO3^S71O$kNwcS;ivvKYhX1-VIkScU zcBG_^o9M7Mz2uo&A~LLc`w6AM1(CSOjAWw3W`zZ%Br^733;?m0pK>SFTNjqf%GCl!K?@`-T2m(89gQ7<@`TJo?ScX3KlnlN z9!=H8&wQk=u~c&9kHQA`Fzv<)$yBu7W-1$Zadl>|wS^~+3W2^cSGh$kh|q_vUsng#&2_9^3JN zob^7D0SUME7#5iRAfL9pv8lHA6mHmNej)P=s%-p7^#sGzm?>ju2uy5Lu{&eYgy|l@ zVm}15ctlr$*3^X%A78zen06^z?8JU2%wudmydq5vW?#q#A=@& zN*kb!{Hj|#(cs8DYAh5yHJIxK>h7{%yp@f(K4%K|X;~T(m8eEgex_&uOqL~hJypZP z$M=N0d4RNg%|9p-&VgZ=NmXsBJF_GUUR7jh@P5sVtSmz?O)_$cA|)2+Q4s| z%+{X$V5>_rNL9Yv+%^sAc5Y3Lhsh&js@5~8D&O<@pF%pG91ItjH;t5;ih8{HR+fiu zHqk>?1yafw5{_0(J7mf&vzo)AROH50dpy!xo*XB6)z_c15F(o%R8-2wq^4a&8l=+Wv_C${`*V94pb{cc z5napc>ToH|jl;pH$pBzfnuZAmsua{t+uj9$RD@_~tYLpW`yu)64d`(qXBjJ%_JU8)nl0>Ar8%q^%`9*QahJ(NaB54~o}B8jp^fLlwpS zX498T#MY;f3+H%ykB@^6Yt)C>ce|r zhJutGY&EW!$D-4(E~3hRLcrevE2Ne&Dl-Q&pa1$e=*ZILb@38wrwKxO&v*7!cf%`R z&NB1Nu|4X(8b7*PbS4HqsY@>WV5|2zo%3s`GX+7S6>HkDAx$pQb!6pF}XuCo3 zxiCM;-FJE`p`e+1=att-gUfS+;&Y=%c)R^rr1FyFq=(tj&P_~SYrdImy{n0D15qtL zZtplWP;Nox!~TeieS3>?JQt=+|IpsME4-s}2y_2oP{(>fYa+?h9}0hj$sElvnfVFB zY-{bPDK2Qd!Rs5GxOy!|%vRGt=b4uHv3D=z*h^-OCqGP=Ybsz1lirhX_39DVDzoqW zm;@VI-LsaBt9h!_w-vu7@K@z4$ncMR&IL$5K9%2R$d}~nelI8A(p>wLoMz>5yP)m$ z`AM;xA4lvBV^#wi3T`A62*i z;7eyxG2-y>v^S72vE0Bm@XVtYH*Ff=*K}eFn%-IP8e`g0?vHgF2@tQO?*JcdMe3pYWn`Dr0>gP>Pp!m57_9! z_p`Rp2vxxqbV%B7;S=RLJNZE9AhI%xyBQ#ICPC`fx%SWyV8tD+Gxe+gHnT8GFKW`0M-I_8oUI?|%c`M46!hw+9Ca<20PQ7(_XfrQ%R-WJ|IV1^DNWqBB2zp#} zM~S*XHRUO^T9XO=l{}qx6WJ;AI)7CqensXECMB3c1N$RSwpwd$YzYNBx_awrj8o9G z7R?<@i3j4oasCn`+r~h^F;_SCs;s?e6>dR~LYCO#SZF4*)Z*8%EA%Rt^90aP*=#oz zKviaRvo{I5X+B=)qntp;nJ!2M^XVS-10eShw3lDB?Hfx(wp<|S!-B?b)m^J zP;tekXdCi&Kv^{Kuqau`HZqf>MLq4XhV3Yy2*-1XXAw?dWj?+0M;CtQ$IwODvW{rY zJ6^N%!wLC{>ti}YhCsVaLm#tdb^cmzD204X#yd+NSn0Y?5XyqOpG##xHoyHDO0VSf zJE43F+f;wz>*%C+a z2UFaxtnnC5=ciqAMnlOhz)U^4(_u!`@kYX1ebQIxp-z*lTQklY zeRP80fF@@zd6v?JKHe1h66mxaEoSDRBo~X#%-vyKJnO6Gl8+;hAP2fbOk4taPYh4m0AO~vSXrDydtJ}7d0%7w(ajbz z?iFmkM^<#ey{ts#Yg3^It2h8}Uc7)+;z~wboYu5O44(X$lTNTT6%aqrEixH~-5TX7 zo-E4MC`XLEkXf~L)q zHok{6*7M#Q0fJ_uagqX15SeYak%@2qjO69PMfJ!2C5{1J@-(+kYsl7WT&hnRm0Hi{ z2z3BFw25PH#+iV(6z%Bx4>y$=Hco+`-D1lMseXP({NYg~*b?a5U;?`#W}b!B&}ELx zU+jK6cA31;^pA%q3>=Gf4|9FD1AIqEi{blT4%6?HveL)dg&Vkg1qLGTPsw0_j)y#_ z@P2=N|GIS>mbD&$;Lx?cV>3n)pOq-`*>0j_yC=IZ6EWm}Hs1GUzy<7V>!q5i6St7= zg%V_Q5J;5W0`@p5lJukK6>)#&+-NEQ!*9H5Dvl9(F#gzg4xieTj2iX|+2&YqX4j>{ z`|@+1g&+;ZzJ_c?6yxm3o_wP2ix3$ABkPr3o@hStSx2NL2Y=q+M>JwSomwtLQB@{H z5&t=btjNp*LL)Upx&4)1=(W-n*1!}f*Er*C|2cTzf7Q&6R zNZ}V9rLu^#nrlM!eH57b2Hnt5sALb&R-^;}p`}ORA%wDxD{thG^Nhw98Lnal=M9*m zfTI{mi#HFe>`nwVZ)DI2P^xKJs3{xE_d$`G@*g6w2;F-9Ekp-V0chA8SD~J}`3|y@ zGwhhYrh#D5Tpo$9QKW7Z*b?WfAL+iyhv-!DD6stODy{dz7U?Jbqr!2D?Qo!Atbu@_ITr6149Jve z`(pVcJ9$HEphoG!BWi5r$9b4O=@B&ApWYWvo&haK8wphRlI2!usH+BY{-B|3pbbE@QfK2086qOKamK!@()bZ zZi%ZOylpB8z?xEoceC#FM^jYy&+Mq+hC0TRJ~Nqr#s;LX#Ejk9WoRiZrcJ%7(KM{@ zmRbf8u4wb7!b}eR3VtGq-(J4HYO|+) zGU;*PaV@`Au{IM=h2~F@DF+XU26gaooAF^QkceS`yDoK_X2pblIGmfTR!~JoPS+@2 zWn2S2>gWsaQPok&$_(0$FLQU$~4~Zhkw{+3Hp9$zh$#vpkG3pmEYBl7!PT zCBswcogruIMzmm1F&TMMZd}RBjKFQ(YM);74hMi%;hk_-!l^^x6_Th;0qGMpvniV* zC?W+Q2{7O{oor}J z0KW8TJR!l<6?5OtzFNfO_@S|EY1Z6zQ}-mdevO@zJG*cxzxX9PZ{UaXI73INi&%<#Q`pPc1ByEx|33OcyVV{ZF^o#5`?Or7}wq0^aF9djt zbOIQvkTfs-?;Nh1OuzMmjXF~43hQqWxufD8L=EjRzfNNk6=zm%Sns4t}}6c(OY zwjZ#rp|^tIkvgTj4gR8;Ovw*3#uWr{P&c8u&iT#Kb7g1(zkz?f%bqyUxPH7SH(N1L zbnBkS6NUO6$9IVXrOqPyx!rm5-%Ae2s15Q43f|K@*y5olx7NKUUa=H%G_g#r0A1zU z-sfi|Q^N?{0Ou7@#{ zqE0#Z@t-ITsL)``R+O6;6R*pVM(&5`Hg+rTwmi2PuCKz)+f8)?`YWRIt%?j4@wH5% zDWN*^wbE=jbjrRAptkUO()qwPe?`N#i^Dj_inNpgQ@ak%z^lU+!OD;r0FgEUSxDX_ zi-J|kPCAV;7JTW`TCT4Z+)1@<46MyeH1W?q+wY}-yvC;+_7X6&c+=*rU#~gTQ1CuXa7{ zp0kxK)m<$1^LGL;8|2*MfS%zhk|;KfHM~^S7bjWRags}Bfs6qP05}8hn%i4nzU8}m zj9dQD#bv;1g=WX$Zg5>O`fXZ(c5ntEj`l4$hT-VQKwZc4d8xsRUAKbHm`UWVwan10 zcKw1j+d~||OU84@%kw0P3O<1Eerp3?aDF|M_NY%=L%#%$r{XxBcNop@>}{fV;ndK9 znbvmQp|I_j?cqm^pa$)+@|p;F_o^!&mTgF%aAsoLUi`r{_XJHkH3)KMFp_8;wWkjF z!>3SP@L*8V7?9%H=zp27l;_QO>hZ}Pion`_)gdGoDT^6lLj%%bV|#Cwx><{`9nIui zP?8pRnIk0VBI}>obP9%mVox)kLL~;r=L0xYh$Bdj`YQ7ZgiEF}xX#O0F2b?B zH9tN(wkSgW$Ai`nb^=lTQpSOco7HM@86^IkW-Sd{?bMc^8A2~)JxW-udbB@wrA*hx z?&r=mV}t`@o-+_}J6g9H9F2#PP7N%kO*&s({q{SF`0bP4sz(bjW!y(|eTJP`0JuYW zBwbEwm9=V$P?zU!H|KR0o;1$X`p8*bQqaqwcl~%gOGSGFTrJxS%84M_@!?{rd$psE z%P^N?Jjst$nk^DX!ihvZaR)oPpLAT)m*VjKrdGuuUTkJ9NkC)!t;vq{lNo32Oc=k+ zXcV#pr>K_Kq2Q32GLK}V#U>4In_wPJAl0gJ$g4x;HU17kRY z-Z5LL)`=PD$5%VV^nS2}MUHe>Qze8O$6dQF@vy~znY>ivM8r|@{Ct#eu9#6mqQ|q3 z36Nj>x~ik@jvDh41v)+eTlZkcq0$I8i=Zrz@d+CD$Y-~we@z&BPkyXw(G%XUmA7Lp zRPj|^ADeUTr$6$Aq}h()D{9Cg^2bT;Yy9Q$6IsI+puqNYY;U8DxHyIe?S0>Wq*%Yc zp(D0+i!XqwQ*|;CLz_*HnU;ncZv(l%IU3ij;$C?{vU^ikb9}b^j^wzfaM`$JCpnWQ z(0MA$%!PxwGd&dQ&t_Ef2KV{+iT2>us;6VK09=3YSJo!RtH8`v8p+QIQaI2GoO0#K zKe;2InS(9l85yfy>VQ29O=0GUo%G4N4G6P@wH>B6RBLzda_0Ma16g8|3bUy_^jFC| zKk+p~sTK7Ok+*@>>+_^+h0MOjSTiVE*p_odG$yHBIajeH+Y6=q8TY=%$A!%P7YxcY z5CD~U>JFM)ZQ{~hf2Li0TnThuKC;DO)oPq)VvHsb2nakN>u~YJUq!qmDAz$!nWB^2 zsm(pN2sh;Ditp|_qV}A1{H>Su(@9<>*BIr099y}*LJw}%tZ@Yy9z=YH3chlWaZN_u zxBpg)f#NXTI&LMKl#UgR06Ik$kBe;HZ(h@S3U4nUAKyLB3eJc#uHSOM{#o{7@r&k> zpUWg5{Dn>n*0OS*X&b!^hb}(%M;$j3_uXD%4hh-{IzV1`)m*zVAvlyjT#&yMwqrt4 z+&v}=Nf*7YE;_rerQSW;x?WvI*Ttnxv<5y*6?Cr4FPccbVMX$ohp`&+sHSuJ1$0-x z#PZynvaKdB<-eY3`FcfqN}!!1i%mJE(M3`**ia(?Ry1sdlp^h}eXrxkoJvM3k{uM?ws;0x>$F7X@IbwjT|xl=D}w&&X;+WC1DV+8w!(8kR)W zcF1cZ#LF&gG`N0SN zYH{`z8kksz###s#T+->mKa>%t<1Ei0Un6N_sxX)>I7;=J%7Op%8PHwo2QkA~v>8=V z3W&MBww>9=(R51FlL#0qILyaEp|;JP0KBP1u6V<*zdy?W(_Kb0(5rJj~{ya9|8KF;hv zyZBOkEpRn17?H9$BMp;R>A zJyJa%-Pat@O^~Yj6+&I9Cz8r?jW=tzBYLiyoz-(8;HE@@Ze_L&vI6Te@|b>1 zzMRY2DJhEz1>rQ=KdD_&@a3otVl9XGMQsHvR_N>mteJW_rJ$hftXd6OTg2bQ{kG9= zZi6&TTWjvddX8WB^C8D26w6VA5}x#_>0a3sV(uzVqVYN>g1ncTKba7V6LW1_;YChi zZ+#S`P+oHxtO?>{mk3kw19!y!bt~z0qWwJgj~Blsx&3y4vHnoier2^SHlHBK{F7q@ zzWWfZ3cP-e>#$hAIA#9p>~(`~`yXb)wbZV=9c41&^yrl;?5P1ukB88_wb>iSuRggW z$<|R{{EeXaV%c|Q!r3fRjHS{%d&m0J9XL3O%Bj3ivuDPwzTH@zm6#(xAK9OkP!%|E zzdaV5IF47`ND`^FRGp^(8K19;G_V9)zpcGvKA5y5&o-l6l9gl7YweyEN=ZVMs}C_c zZA%_L$~$UH&e#xa;SwQCZbhu4vo@i=`SoC+$xbiV8x8mSMbunfwH8-FVvsPd8e&V) z+HG$L=I+5(P5y&be_*PbwdJ}e`XlKEb~&$Di9JvCWNilRUX@aKJ?#C-;pSj9e@mF8&*?w`dQ@0MB(`>_arF6NAa{6m3m79O^!{j*2fuv3a*URNy;xF4b z)WUw63jiqw4_nYV_f(iXQ<`}NXNqJ5Y+2|4T({=I z8-i{4+JCY)M&qXqIO|+RzrKZG2+%-kP8e1({uW&NFRsUs0I96!;jYW^AJyFza!Sbg z{`K2*mZ#e!QQEv)aj%q5JI-So}GFQ@`$MFjco z9_LA2i8pfp19JbH{S-FNI=vmQ)?WmDn}-qD&aPPlod2BczmNKVkT`|}+-NrhoFBTn{I&J`X+r_H%Vpm8^n*&w;dnhjw(pH(zwniUqLqr>a~Gg>GKiorg>aJh`l*o+v_k_H~OnL zagc;14NBXM9->&%aII<&y58cMsoUW@J6Pcj$K4C){k{?z(0hpigf^MTwx8zJsK7JT z>`?U5)tw*r?tkmR5cRr(dIIXsB+TznB<$@c99WsGo{qHlr(R|{if-|iWd+ocRtyR~ z!nkLh862p*E(p$kj!wSZKM3fRu$_nwesx_gdp#)o=j$JU;USqSJZ1>2n(qQ9Px zUBJxC{(E`478kz+XG^wb%#tSLlDOhkczad@Uzad@sxxiT1 z{q249KTZs=w{IALQ^rpEx2)^`Y5woJ0T12tll)f1KOt@X^UtK%0hUtBqGtsEkF)e| z$1OyR6Brc@;+ByAzr54moc-H(EwKR+59RPz|M=+tdIgMX{}j}|_**pBpRV`6z1&v@ z49tKv`k#2FKL<<~2S|&=cXQn$p#8^lHvr0iU$tIR{q+s>-=^qeVo?sb%$}dC|BJIF zEKOG{l+pUYAf8xb3hN)Q^8Ghlz|Qzn!vD*K{LNSIpdg%INcxrbzde!w1*}X{3n>&Q z_XIAL_;_WfzrWfM7#ZCl_Pa{v!E{%GhyQpHzW|HKAYe)Gk0-XDc4Io*@ow$^ZFT?p z?Nc%UMP5nd_BRXgUuWpu$_?1btsw2rKjwC(s|1GiHYN$sh50uN`OCKiLb@1GoRNpLu5h4C{-0U&ue6c?L0X7XSZhB2pn=s-FRy4qUlc7og?u-v?8| z2*idC+Yo+6^@Y-{PdZ_e9KHEhv%V^H9^ZT{L=WAhmRdF{VK?_?SihF$(cqrGt? zCim`HKeyX*|PfXoUMGE|JYcG zq4;)-ZE{xDlTv%2Rjq4t8kQjUWSK?xQ=ZRS`1g*6IEgFvhme12LH!uk>^=QZF2Zee zXV`fPAg9+TMF+YIW^}vhVFDhqd~Ik*mfrm{XB0AZbHRGPbRZzrc%8$Y`x+wBz$~Zn z-V_Q{4O~|>tBwEXg8t49+cN-p44c8!>aQv|BwS|f+5j{jAh%Hi!p6T^vw!=6R26Vg zzLViCJqd}%Bq!2|k5c1l{)@Eszx^Tb46B>fZZ;=EsX#}JA4h4zS9}00^#O;R)!zoM32V zj@;=#^u&2L(c8L&NF<_ z&w)3BGFEupm;fO|RZ{>1Artn4{yuYq&DS2?9NMiXs?`*>dbz;8l*F!|YuA6yj zl0gy!ONMlNcLBL$CSf=0_sR#$A4&{)80KFWQULBBP(=&=oEOiwaF=}Ul^^BzWZno8 zRs$*bG!;3PlcW*Xzw>Pk6&R0nYOGEI&sJ8kLnAra1KLY%EhdTF*z2zA%wsc!NL?rx zpS&{w{*e;9;kqi%ZG6skWNz{0Q$zZxzmFi^JqPh=6B$N+Ky{2-0h7{X(PMVrx2NJz zs=fKd+K2>dWt8l4=b+}*GiShdkLN@cI8Yx zB2hL@4wtGTx0%j+&u%Ivh^+sJ`S;GWbR}b@Q$$&tzl={{2KM{xc zb1Osc-w0pbek=EnulpDFfP2ZWr60KZ`{Dgxv%ViH)pbANCDHFUbN8OZe2Xr?xXtJn zbS)#`jAT`aqk_>Z#6_wR>hvUXu{8q8oU}$)r88G>zDstfR+$OK@LK#A(y2Pfh+p47 z8t*Une{7)4@w_|ou6@=A*LpZEiorgiWTaWYp08#_vAX#CnnYJ+oCH?Io4OaJ2Q}HrSh`c^utBFxfgS6e`r$sgO!uOpK*9niEW8YOn2VR?iH;j!H z(?$5_mQbmO?;U0v3;_aQCh;c8bv1Qt`mhMRM0Lsk!`8P)GyTW^f6Aqgq&}q*LM22l zx#zBO4I_obT*6%EZp&qsRElzE=6)yF+}W@scQbb}qug)X+}ALE@6YdhzJL7A@AIcK z=a{qiUeD+2aXlPX2>9`Jq9Bx^ESfXz*0Ct?NrsRCL=-5wPLz217)ZFZ z1`?bFOu?Ag@rGADrjuXo6UuCH`r{Q=QvWsuu8oyU1?{$GKlpI$G_oYIjXOcCXecdE zFQ~tYarIh_MbT_GM~p?HW;g+OcTOXU$|fE=O>ww>xWbffa#a9v)Kq3!1Cnh0^D=O) zhcd)#C;osLMxDG{PONPR7%P5a)EUj4d}Gf|sA`Nsq^QXR?W(}6;L|>7K-R2MTfKqy z|2#0(F2J5ES$m)OU-wYGC#P{~Wm=4b3xJD1<2{$y^KTH|;ZKiJ!}Me?y6WWGaet8e zswd0i3K7J6=g;o#910vd_QGe0F|7ZbUnObXUk=^hm~`s?WifY-G9vCo*bRIV$_QwHKivlK*xsB+5l(>dd7I8< zOZ?W1ve^)%?{u_I=*I9Tgi2jV3=}?$X>b7t?;lA%Ey90Izy=_+D4s}cz5!Q;)BLZt zM-`QDl1Z2R>wB%*G>h=aTA-stqjl`7&4<%Iq^^feT<;sd+~=DAsmm#p-|^<128LjH zIx6=wr<=z|I^X=|7Go-rR&@D}_ZL~wTziiIf&1QrEyn9D@!xVk6f;$XY%l0rVve{h zarQMpO|{WLri$~M_dEJyy;lkXYf6P4y+3zqA__VOAW(~49eqyio#oXI6JEK5wYiS7 z1}vNl#A18C9`|ZHQ{Wg0tGxrvxEHEx8~UJ2~TZ)n09KprtK&^v^JvoWad6R^kKBirq33dD}nOhgJ&t&=0Wg11GtV`sQ$4qZ(U2e>fX#TMcI_IRh z<4!xX42yG-f>jqe^G6$fm_$t*V_gY8mJOld8$YZ1#uZ;K5SI#8g#(*xZD~TTo(Yrr zFW>pXT2C~16`?*NELOs4J&~7ZxBJ%WC?x^wqrP3-`q#r6DGoW)?3^V|*AHFv#d9U% z51)?+e|GxOUA1phNt=9oR&1C7>c=Et-Ax;)qhFqGcW(L=TFoKUjp&RR4WnPjS=Ig> zVyoMm2-9M_l?RSpF@D+Z)6pCcRdZ_8P%IdI%R zzN?$c_^);41L`$Ibm&r&#BF50H`-VqWG*^FA z9Xi~)#vPrUDmjq}m?jTpLh5^tNArCixy~E~S&ccN%wlQBisQH!hm7~UUUd&ZJbx~G zpkLp8fBy*(WN-=8;5DFpuANg4M3at2>{hkkngTk(T`ekPi;xnjJs??-u%muIhO;{3 zOL;|&u;!~jR`aCn+_Q_14Kk+2gwp6O4MAkqgbtUa>*_}_pLkEgRB48A8XRVQUQow4 zb{0mhi!v(>LXTEh;{Bhb^s(|F6ruI$s)3JL&+`j0*^&j(GTV`AlEzCwcm3L>Ulk}! zv`BFHf2`ZFdZ%>_6(RF8Xcvvts_s=*qlhVl<-m2Nm*lfXSn{y4hoZ|#Ktv&T)SZua zy?cZLIpIvBnJ-zk(G|V5#GHP#>|~ieMzGK5eYkn%w_6<7)=su>zy;D~U$yK8?z8nI z_Rx^!?x+x>G`V=5vC_wtGlWQpEPaQ7a~xfP=ff+zruPCCfRieYt|4AM0(kiCWiJ99 z*^|!P4AV+aXrN!W`?lV47rB{RcDXT3Tl#A2YtE~Z2R)ufOt~`KFZbSbi=Ym#b*UeC zJ6wduUFzJ;%ou#2JrF7aAq^;8J2>m{v(^m8sP6)Kcwj`Zd1O50^jN8x4Cyi|nWm8{ zjwEZ`F-T^JbF6h_fT@GOalpr5E>V%NUg5enZrQ0?+LtJK^O0_|U=bl*8g1BMP|(+l z-QoUsu^oQ%nu=uPzf*$<{O1knL&Ue0CtkgYqO)nQU%$&e_22-lfwWh3i?q?kT3~Zm z7wesK&m{jErdGg7`o`3Ym$_wG7#J5A|5Xy{j}wuWS~ zkU?@E|H!~6ZW+CIXBVLs)^+X^yO!gYUC3fmRGC7XLTRX_AaJDBTe8%qedRUE26;#Y z8)v9P>rv9NTez@7TE#VNffq+4cM0Cc-TzRg9TxC)uIk0U#{BKcHT#-jf8O+$>ng ziJ&CC)Q-~2hQ9NYN|&Xb2_~<0PSrL|j;|{G@N!%m<*uG&Zgq1V!6aS2Yd#9TRqr5B z{FxG&8E40zsl9P*(;e(~zw5iJv&Yo|nYeRxMnSXmz%d^BUc;l!Cs2_j|5w}cN1EFxX{pN$UyB^~YsrzCnlDGFVON3e{I?07;X3I@i z$|&B}&A12qIPx^&x%cW1ehI#ISamHb$!@pLNgLSM2GZ$FaB zBOZwt@VG2yt>rde;vO->0B^Qmmp!pnS?w*YND^OC-IB6W@Jb{Ta|iNF3;OivXHn?o zJ#~6uhYZ%GTzT&{^4I{6oH!D`i;_yh^)~~*^Ed;;aeG3Wi*B(TIuZQ6Bn#D-j89wG z%n3Ke7+N-!nO+gK&VSyGu9@z=_TUEkU(Bxm{NMQhy1?sYp00Br`-kB&#HD!GyrTLM zUNay4A^N)78Y}h>^+A)b(`^(R&rrWk>Tf++epj%vVb3D4NXUfzxHk0bqo#I|MWwm6 z&N%@OU~F7+xQIaSdt{+JU|c6?TZEc+XS14(ddLa*@RsiKdf%>oLat3`Flqud26COu zMf3js^}A!1&(bRUo@SW#6vz0t2ahtwNI9OieeHY#i7M1)QU>MIN-Iu!R|2g{=XH)J zcrREvEN1u!A~1d1lG##!VPWe~ro85nWxSPL^-G3vMa$CT)uFsntkjItE#S0dU|GsJ{$1ZPDGlS4?A(Ev{aB#-O1YHyTYRJi z#XrBC75sR&k6Fd#CL@bSyr>|T?bfS@%FYJ!v0xik&Vp`yhGi{th!0ct(u1D@6&?$V z7B;jdb%j*T4j9y{j(D!N+?(=_C;zv{-QazXrOf@;gx34EyB(D5w)W}6Ho*(JvuFI# zKcf-Z3d(yy5pAme=zL7kdq44X#7F#hOX1c>9D|M2Fc8IOb3AXN{o5(V=^1vxK*<$_ z?+E^2;uT6`>nkMuC>U0Ej$5{Si&JEQ&SmrQ$>$kfx$GUhA}jN`4{0)c!9$X(yUJ2- zZ#FZ74g#~3cMrxWCN0Df=g*wa^G~J4+3>cl?YruU+n#2y`eZ&51e{XJutr-7mNt-m zs`#Kk^lN*b^Z-h`(0u?dVi=#})huiy!trfeDsDzsuqooOL1>i96OyMb%gJ&#$q1Fh z^E@A%%Q&R^j7YfF+eJ;S1{hhm9egZLR}YvP07}Asg$W(6BX?IPgukxDrmkte`rj-7 zIWO2}w&R0NW_F4X7d@!=+?N+kxvEDd!DuyjPRJhFAD$^YTpwWI8q`FU)yq01fIR*z zZc{yM+0W^S$a zBQn2^=-_1a4{)2U{piJD!)=>*V;iJj;=ffCRvCN~H}WOqt#FzV^S_vHZ2XVQ>e6T027O11yi^lO2P zqP~@COms!saCqeIbC+LlktT7iuW`Aq4m+nsuxi#*LZh+>o7(vqq}+%Jkx1QP6D#qO z$*y%9n?5#ckSqo3wcjNG+eQHQS2 zs4%88Dz>EGPYKPxIG^Q9DR{LM6c8{xaseASTnfxWPB68qQ=?dq3ExZ{%TBXt$*gL7 zHWLt_dI|0YRx@G*U9WX9zs7J6!kf-96IPhar=~C!9eXe#9t%kI#qzb`%W{ev;B}6@q0lC!^691NR1UFT zpxgxSokQwXS~TMPR>X}zipmr;PT`6Lu?l5WT7KQV?nlw!HF`b3xByGmIQ}z&3^)X1 zOLl-a7LZN5$N?G5UACq18}~IlEu5r&+=^k{x&HvplUPW*#Bk}%w-ZVa{%vLWUHut43B@3M@Ess*_h(#hIJWIJ{IaaVl}d11n#$ns>jA@S)OQhNsdqx`6ye$mFE zA5NBs`a3df;^&R~<=N(+S7txvnBNCt5P6>^s?fCSt>m3s@GSn04FpJom*ehe$D#n{sYmeBm-21 z8rcAe2rQHW%!Jq<;Lxg7a|7ET*QOS*`|5C0-r+4PTh^9Qix zj#=&#jnxxVTez9p_>@_;U-ZIGx(ekXn_MopK{|O<25hUOja~FBRP=Z*H7+@r9*~{` zvo8pH!E?DT*w`O-I-`<(51^-~m=>olZ1Aw>QU_FiAmCcr05HyjpzDmM z1ZfW7qgp!cbTUi_x%$j=3>5PTcUI9nZ-`RA%)s9IieDl=q;jV^8Bp;c#oW}S!U;~o z)Zxd02|F!>=Y65!uux%Fn!>jh)BiAEYl4d zi)RG)Pt~n2t~%S+PL$1b$wlR`?kj6keOip(UxhYYSvSubDpVaZr%A-)Q zX6ELI)5e-S?*afcLa%7!cOGIz*&AH`+8JA#3^XX^-Dvs(4WifC3(v1gPu3$)_yPJf zV0qwHuXC@r_iAxhta-V};|gOW!H#O_pPK>rM#ZMcT)v4)sfSsg3`vf%UO*82tqvo~ zJ)Ps<3Hm0jc3SV5RF3GHXZpimdDkRC_^I2m^zg8}{hh^Sfv5yaeObK# z#6l>1HdU_W#X;+C$z`B8$v>~&@I6jxus&c`0N0mTDS};BBEI~f`S>D0YCcvnt>yd= zZtjLY3#GLoFXX6)tLk_W-pDa3IaUiQSE-6>{V-~W`l$}0+2+(107Y%Xj4erpn)j^Z z*7i2Z_kp9bm37J=v1{K@f*027w30Ijd&(cO$*=fTr)bq+MHO z5k4T^N}cXs?UMcZD#zQ#`F#cT!-_VGa9d;tATI>t15eh}P2mkUAzC%|0DNGq_*`$< zRrs>RU5kopDXReMaQ^q_LOYz5)W%5y>vIs)aG6xZ`NQMA`ifHR8WC0d=pta{7?H%> zLG6-x$4GBOXYJnbHER>M*6vFERB$sHMhJhsD;?Pyd!5|F`WxXBy!q<^Jb^`(TWWBU`?J#Z!m3PJ=_l*hTSYA4Hg)1F_a$>j73IbA)T)(s0shhn;dk} z?s5KPM6JuOcdfc#lNngbHkT>cNMq z9Ntd`myEzNatOB&6lJFk70!$&D%N(PkCbR~_`%%;P7*2m7FZLTH72Q*v7xPg_k<=i zeCTqUwy8;Gb53Qw>N>QcDiC^L_Q?!D`$UNFqcsp5bI(uY?Y-?)uGwDq%9upydEur9 z+7{p;y&(Vff4)yib2a^$vmV}fUrOShH2SMQsZhPh+8(2_1LL)>H`E`xAuMrt%zk6U z2mfuEIct2kFa6nfM`G~NP{cw_QjE&k=qG@`|drN zY7wO5X!jd~!yQrnqY@)Ui1lbi+^RWzTE+B>uh}YX?H^IQH{mjn{@WZpHj*^8Ym8ZW zVuSVx9AA+^g#L=Hu&sXP%1z&A-Z^YcAvIw3czf?MMPST=!}F&qHX)hT{z=sWb5l;akiYx_#1g`vIlJDl09h?83l*a0QEt`(iVG;=-9aca)@RhXD5oXSe9b-l9Nu?`d(lC)I< zg6`NAUR8T97;zzvwB+QaymLvh$QFJT#M02vGPeA#N>HXuwSN|@~}caBAwE?+^BTlgI(^d zPr8__)Sk!TFFRwh7BXWnM@IrzCkd~^URI(dGnDlJKqb8--lOq5^UnQ(Np_IcSC8>$JMt|ke-ZjgDBQBt`wK?<#t4aREW#(wt?6{}=ls~VH zP2z#qc&uMJ)U0ph|4?RCtZN<;aUozCZ+RwmUN9ZX`F&({{8C4IVf7Nz=vSTkN_O!+ z(HQtTkFK9f*v?$5eGrjzJ?ck&<6?4JvypGt`skO{=o1L$csp4yi(Q|tI?ixGTKGdQ zQ9~CAS;lguvwgzBnaM2dq2~_L@{(--scgvn*||407>qmCi6qorv?8@Fxk7-lRCD5F zsi|;6@}o zw~g}q7|KQqe&<_IpjCCNy3d+D3RRYfI6S@tpw_YK;XRVIHVSA%otgOc-1M2so1cTJ zaRX;}xWtn^ENgl{D_Soao(+7i{>`u1zh{neQ0I2Q>c930$ZSe0i@^0&A!D$8fi*}s zMOR;&e7B@X3RQ_i?{S5Y@r;3Cea=P%z7nWiy7hmlU@5P+5~s5PXU-O7XKY1XCX9mm3=8K7O0S^X#(< zY);^(*{eK2`1ucB*p^ywsGo%uPGK!*oGr$G)pLA@19!(JH@_deTa&JYm;y&!WH!xx zO+{y1qP`b_httqao|xjTAHFK>zRyz02C7@x6rXy0@J8{u zk{br=T|MDqG6m$+g-f^3kqhNX2yDK9Gn8(K%>#4ju|x2$4Pd-OC?x4w{}4fn@{dNzwX49GBf zmG`Y5fMcR>XigaW#)gw;13rRpNb|65cnoB;8184UpvuGQYYuSVG&730TXuQQJsUu~ zPl#eeKM&aaM(7LNxi@I3%XEExqH;dODAC?y0`?GUQuB=zWMDx5)ou*^tE0qr{6hl~ z$DJ8m$Ey4X^;UiVcuxcs>~^Q?R+Ypy+5;IDIrAu;a^=Da1D>rNQuuDix)@xF36WM3 z+x+uTBgP;}?BcrY4+LT%zW+ek&N8Qj5kS`fH%&ls9klQ6<}K?+W74y?a%N(?ku(= zN4sPA8@dc3nToofYQhv%V8_A-Tgkx`H^Bt;qwk{zofxa=mHT$ME-JfG zUkJ)_z}mXch&S)tv=~TPE}pn!;+@iiT_g#qRD`{@kaNAkvye}!`<%9!<0wP>>T1+i7Y9eozfrT+qT zUh3IU|HHQGl^+cpsrC?hWY*##)ww5EfQyLo%^45a8?*RH>00V%v{lS8o2+o*#d4(% zD{&MzQIi|LPjrs}?qM2oRrJzMN0^Fiw;oV?t%Y^rRdsv|euyntJ@I{}!@`j`Xjipv zNRs^K?(e$3e%b>OZS}j0mX` z?t|Jgsi<(ST;{XFzV)SD9>3ffFPXi-@rp4uA6{X#{eUU8y=;q|6q3s(5Ic;s#~vr& zkrbk~7*J#d$flt1t0Kn7Its_Ag1No6c8|dk`6Y~gr0?3ODDSU)qUS%i+bu$-_Ky6F z4I-k!c|vfnM*P~?7; zZd$zg4tqg`xO=`uD!FBZGpO0J#vN)GH(m->R|?Y(g7&8TW)Nom;OFzx>_ILWs1}_^K-RJo1~pbV5?6=;29Zt7nEQo3sb4 zy-wk)-g@NT)Q7zCochIYVJn^rB8EqryPS`Q49$`Ze|@-$AI#H6I{$##IQAw!+2zh} zOFIVk#^Uj1;v`X9@|OZ{k%21kvPYS4HE@phVmmn^QvuiNQLpMH2y zo#8+FyVR&CBUV#rHAtVc)P$2W50$Mx7CKqGhXGF@DbzTldbz z4h5qZh8Y(by(R;c)yDFU6fWVA;(5332%{h67|d2jnMDdDN7H6+u20Y*BEtuMDP^cB zsAcx>@3;zJ;6*v^b}K@&VoA$n={r``Z6^Z{ zI7GHJ=DZxPssm5iJ{GJZMKMqeas!x>A7!W_`gguLAdNCzk8{HPmtgObktQHsNh_fjF~(0{zX!Omd69BDrgyyWnzkXCK`AWZv2B-9uKia?;dyU=Yhr5 z{(MvOH0i;0v3@|iG-kcL@ae2-2N9J^{fjzHlkC44_$o&1p`+*oQ)LTTvy*AN!^UTF5mS- zw99ZJ5!4f}gmHi5{KDWA|FF;TxH zxCE*4@-Q?<{H6P&?7%p6uK4Z1>sBV8DDJ|>T(%;{ndfQ`FB;#qs;^zqrB42~=G`J~ zZoN9bx(ONZd*kGn;`wS`jK}(N@qGeabLWlG&WvsV`p-;z_?Q62pBz*kN=n_I$5D(6 zqvRw~_e3jp`jI5f**)c^t%Fj>-9~+dSgJASig}~SD*{b(uM?gMkr*Zj2pg;{NvJq} z4g`5k*N)XgzXxZfcm~u=y)OPUo^@@VCKPTja5*c4TK}fOI^xO7gV6 z=s$m4;}a!b691EsxDmU-GIR3F0U!tvqSg%{BT;Z+B3>pRtbF8D4JfVxtp*W8;*yFD zZuT0$CAzLnYl`C|MAO$MbuTnG<{Yo`AdKruZSFni1%)tP(2yr_&T1`%F%| z8B7Q8RNiydZewmkT&@# z)t4SUBoEr>Z7>2Rx33Hr+au6)+xlBj0>BP@94dROy6+QsyF*RB^L&@g&6^T0Ck=nr zT$*c&eMWHb+RxNfIi9dRB=w}Sh*U+g`km*O0qp96tb& z#St?%kHwA28j9DYlf{4e`@KNw@AYx7M0xk|j}2A?O`5ke>CgEhe2P0JmMA*)j+#L} z?VJI~A>+zhqgU6Y5_8d^=da(tz1W)^Us~yL-TMlMqwiyD^xqkamx7-UI_{4ekMyk* zXGshjJ~zdtxn=nt$*(R$ZvrK|uqTIFy-6{>-xdw0TcJ_1Jl@5YAKXSu95iTZn_pct zhY)09H|0czmC@{r#y?&t3$ZK^GX<{3lT8lT5XPdjX(>p}IeB`xFhhlZRWGSzY+5Yz zz$XlvrScnh5nty2o%sp`pNwZ!r4yD_PK!POR*FRLM3?{SY}brupGJ7;rWNQhaa<~4 zmnA=j9$$#^Fps`H+jfultN-d*_-B3UXL+zzq90C0@VCE!*{HvMp#V94p{gP#g%W$b z3?s@04;(QA?5*d6^jz?yE6P3YGX7qkrP=PtYTOxZB9Yc~T;Ka;1k(6GB2X3VPS)_g zp@VvqQ+qRq6b^k#@Zl&NB50gkkBhpsqI3JFg6VgE@-V3Ki3Amta=Q|ZtB)y7S4O;; z;XBF1rXas|E=b{$)PiYKba(>}ynFPqJW&$d%X)QH2APW5I0l<_)O$X}TkXzYvN8*2 z4G?l4U-9^h%?vl5cj~FU+cViP12YfJvG*Kl`4&`XC|A@vzR#`2R+%;f#7#6VJKOtJ zyifa_`>gtNy(rnjweI`DZZ7!C1xy0*2+} zbkVA5a|Ki)C+?4sg3K6&IjpPK>p@&s^qFSl4>P#*h(sDhZ`4jrewZT1bcJJ=%^Y}I z4<<@!-sG20G^WazrviB2%(OEmIB3D0pSYbyt|qJwhlrso2qhL#l+y<5!`Z2`Cm+sU z$1RnlJb0MOW*T16jDvzQlqK9JbOXMaSAsaQ!~;QxOH!YDHA9N#hy z+hc^i8MV8V;}6CbIa6vcE{?P;XSN_yvS~Oe$C|n6s*Vrk(US1t>NCX1Gl~ zDW_%XM9I0@IvC*xR~?S)6SD{?P5DE)Mr5(d`94ItKaizjkhwC{AvyBZ=jrJvYY83G zRLz6Lal5Ig|Iih_)-?Uw<*!~|ujs@yua=R}%vWnlyhphY&fG;FYx{?O&E4_m2AeZM z{J};1<+Akw;bZ905k-$r2U#am_-BB@2|62jrF0sSsev5eo4Clh8%$nvnXFzhyfbhb z&@XV2b^1l`njdX^>b&L#5ky#C1bwkyl^KG%1bPkYDtHSI9w1XtrX>D#Cyj)DU(nDw z?VV*QIZ~rGoV3tC^4A#z+m}<9UhEcRCHOqBO?P|$k3-vhht48|N%4LPgC}BQ-~?E~$@K@gEU`_xv%gvxHB6T(kTt zGaSq%Hsz6IPds)QSRWjRZ;ya8=^-@mGe!Ox`V1gz08Q%|8@ed2y3_+H-o10OG1%0{UQW;L1e%E?i?%|Y>>A|rx z$RfgrHHdM0IT&m{PX&64yk=yyqdd7VVr;w_MJH{1Uf|xYZ1oWdyz! z)CyzRssdB}#iBUa(yR{!YA%$eB`{~&59wql@ zVh4}j6QzRq-QW&X!#{fFjOqb%vznmq5Xw%yRK=FVQtH2aO<)B%NvbtfO!s76lIFEj zmTA8a2Jr0Bk|#nHC6X&43`EFYo#Ia@zY6RbYs-Fanbl!bk8myC|Kq_&Revh^6!Gb( z|J_3L2Y(=Skl(eMt5t$`ys~cOeT(!U`Hi7Pg@x1_&%XI+S>Rn-Dd$iB_RkWFb5RZ# z)?gNA?eo2V=lT*DeB}740U}Wj)suy|&2w2Ez<9PD3A&^go~?@t@N@vnN&SmE%5>^t zUdw;&GWxgf1&yZ3IQ7zm@4MvS)9q_G(7)pK9uK4|8Cn>i`ZD0t!l@TUg_7KWdd^=d zwn(A__Po#OfON#qM%Sp-vmUuSW6s53pm|fGg!dkp3Q*ME;fm=jw3LdWbkmj>ySArQ zMw%^cfE=hRzFcOQ&_Y9Q0P3^q2AUBerNM~qdw~P~9Sh{Shqkv{lG?wb-$Fgz}i=T*Pz_IJQdJ@YC9nVfh6_C&o?VO zyWeI@1!C3r-xB$N=Edf9)*`JrO08644#aCvGNJZUuybyp~^Cm)n50J3S1odNK z+~l*1@y&tcR}UF^Xh-$qUG^cnR3foXS}IKPadF9`3S9z0ouGbmN+>HCV35uBPXaVO zad}3c&hh^1c=#>Y*==EK?6XeY@$iCAbAR!|=o|uh@#G18DpDK>a7_|36H}@o{hmdh z2uk5(x)~MgLfVQh8fn>jMWYqqcJ9xw{)`t_%`unrX@oumghhlRPz!5=*X(c5$PJw$ zYd?I__zTWE-Ii?Zi4GqStaM|S><5QL*(%PSIV zv(&{f1&4T$l;s>ZygormU*r=Hqe9MY^c%$5@9JO$(ngVt`A29vIEPjLKJ7-)=b)_N zoj%;#pbf!2z24xG6ZJEP{3Y67_c;B6ZWCC@k!4V9u*c5ap=z}Mtj_1qE>+u-NOj%j zMS}#AQTQPsJgF^h{vj@5rNG$&tGhq(-cxa~?xMcRZo_+6LiSq412K!{};rH;S2<$q*U zXWWeMkN7UP>QS)Ra>G|t&JpbuQ97je+~L;vlhJhJ3}vkh;>_w@BL%@CaqxbP3+$Fe z!Q-o_WPBwM!sR@9qoA@iL-JrtYOK^ep6ChvtwDc-n5ZB@`VStQzpi>)L)`kM2H-ua zKMxX=l;)OkH>WZ1OZ^7D_5jqAs8o|{s6ls$U+J=nyn6RHM8LNYB?dO9$dfW#6z$70 zrXkGaTP}!Up&MeV_r+(H5oxKZa_MK&A z)n-MOs5oA$Y4HhpcXT$fK!#Z|AFyn3nWjPi$HDdgT2AtxhfUSFeF&{}F&Tf2U&lJBEN`h`*hbZa>L*QUXqm@iE$eR#o>>q%qoAns8+Hr+V?Ok#{GY;${J!{J{s;sWlMBi)AlNEODy8Eyf}-6|I9KlAGzng?sqzrNM@c z33b9=O_+UM|JJDHhs8qjLA=HlHS-6AF$?*mL#n$}s*pAlkEc7lQgwSX ze82fVVy%|${%33(-|!Tyf{1$okbQ85-Zbg)!)rqoIY712oftT>SF&8{SOpO8xuLmU zEDvPXNZrL9i7CIm!Zfvl7{)J-AR6Tya{Cq;c3=J3!s+Zq$GRw}D zH!LzPXk0|Ffot_HDmhg1dd#*yZB4m;MSP()uaZqq%(D9J&KRHDKan;kK@>h^|L6Q0 zo5e2Q(5%-0G3@i>DV(j`FKt=!N=T9a+HS0D(1VB|HMgPlZ0pHtwtDhayce*T%Dp20 z=;7?l#;o#4#*`7i+FX_V^CVdu?Ac&Z@{Db$0tw()cBlSzG3?Le&|+Z?vs?k8<7E)c z^PZdThMkpYVfILXE{0BclGEcQ!ODRSo9@1|Ofk>r+aBqpI4Snj3EPP_uvPn1ICR;{ z2EU?CTrrGIsMinY2{;7oZ76`sazBleNpomu=Ky)vqf*+vsqaAMSH03aWoWaSq@H*G zdr(Z=tlu(`cv&h~wWPgmJ!q%~EH$^;xjIe)udjx#?o>0>_&gMg7x8rkVNE>G@+O1Q z|8+8IT`2Py{hHZASd}LyDnMVbG%KXjxA@e@$rmT}9PmN2}t!-3K z{LW6vSZ-JmXsDv2d7>DGS9tlyF0flwV^>{1a9eRd?^MdF5#$;buz_t-5}rEe(}px@ zo62?WkJUL1Th>tW+u=RK+#CFq+MDq?kcFn7{v!u%T?u%Yp??yLHD!*U1q&5)4}t!Jat)Kan=O^HSBZaWI;6?M_+dtA zT8@rA9VKVC6wIlahyIwWE?wj20=Fye?~|5T9WJ0v`p59c^a25eWOix9sikJ-9n0>J zAv*ytINv}B{)YFLz@9v*+wyn1*>;D@l!1BZf0bQ%v`ia_Z%#PFzxFcRqIO-H@rMh) zu(ejo2(fXQ3FtDW!udYV^ZWa#ND zYJ`XuB@=*xy5a)MHBO`1LKHYE47z_w<9T+!G03FXx<$eFPxyx2H#?TIwz52^?1Vjp z=>ZNnQAK~!zua~EC!Q4+WYG2o)jO!jn(`|b1lt~UmDSQX)~?ZajZJA-VgFHN$arSYc><*)$5PIn*CgU zNJRU!6*IA@h97}sk#<3xer2BQINOplXI*I`YQ(T zr;0P)87i5vf~j>tob>VV@81;)nop2SN|PUt8uE0=#D<+LkD7cA0R=t&)lm}1byM9U z7tO`)-<1Z)1Ue}E2GbP=;>zryOaA{=JiuR|hlLjC&cQ!D)DHWp4>;xs3CnZOONaWk z!q2EWhv&;*8^tBwwR)VnHr4@}@sbHzrN+Hs**;{3(JMKLG_J$_+8X0@Rp{wK1WMej zI_1-=JRDVv&~SzV6#-`Vq|tk^jL->k!_R*0sZP};$XZy~lItv*+Qtb$tnhF^*CS&7`z@cr{op!3nmOXh$Tb|v!h`j%&g5LJktzDB<1J}$m}kd0boN~nVjA7(X5 z?WVu0RY5_PoE#$}C>(!oJ+_TiJv5X8D9~b;!qXh4TUSZ@VE7C~_NFUui;yXxTh0Mg z6mcF)+C6{R5<*TR{J|U{!(6Qx!-rh*l;Nguj;U&Xc%9LT(OatdhnFZ6-qDUK@^s=dTj9`s2hqOB#KlxQ*(w+XIbpG6Vj^6~}S!tD~r7zyrGOSsut3$i@~Ie5#z*N-gqE+9dlML%sv2Q;-u9u={!GBF zt$+7oxWJpw5ic+H1pMQH%>l*iHvN;eycKyxBMR1V1#on{m=V8?@ib2WL;6$fw^IX? z-S;)UhMZR)U6=`ez|K!maHJsj#9ujc!o;V=9T1tb zzc~Wc6Nc_8agnIs-<`d^EX)eEY7Id}hJF_f;#(jfzcAinfI3-crz4do4}N1nQRd~3 z!16PFuD?vTE(y)IsNcO6Yt1s8p^O-pQkU5-)X}!qF)I~y-@_J0src=uAMGDL(05jN z^2Pdhx1tt@sJR^}xuu?*q;w&kB&`}cR||bwUzWo#{^8ibB=>jN00b3ht+o zh-J;&O7FOQrki$rw@0}TQFWFwel0>>4q9oZG2bkAW6()bf`kQXNV z<8jp2(VB=2w$nYjzxvUBz6br533KW#`hkSK`z|qM)NSLZ3QDQB_IPux)<6tD;5(&C z+&yuJ$Pns3Epac~`p=%+BQ>~A2yyrCJ;yxL|2OpGPt3k_g@vD4{L1!gXugni z2#8$RI#vdMw=Y!^_jvB#KrIoR!|PA8)Vwvdcqo}?3AG8`3$R+8utkUiB@f6Uao!op zsH5dG2kI`G8co9^9XZFyc---nSH(O+*o4}cC~9STHq~7zJ$K!`^DNoageu5_?=$C6 zK3nHn)Hlbj%8JhlGk7U$o^5BRs5&b-5v|4e4zvuX7HZ9H59f2L47 z)52eK>do=qd*2PlgiovPTpS?HD`FhCn}}bUQ{J5Q3~7znu^v3J$fe0JkU}7ZYLl!k z3meic9TTWEIYXUn5R6zk{LcEhqAF^gS^{{SdZX9b;1!`cM*a+U!e{AMvTP zx5Fc%^(H6`pUEM=&VJ&Sf0p^Gy0Ywu&K2meqX#r1#{r};)8}54tbpt&PMLrfjNpS??0#|? z90U>?v`*r!yW~rw&+iG(4NL6s;JH{HYN55`3RLh8ma(NDP$(*c(Bmt9yf}Lbkm*IY3rc z$eS?jYbisV>@Y~4yy|+xGCMo>ty@Lw*THNcZDcz&`;A{=TKr}>WGC&lIO7K(&xsA4 zdn)(0_;9dENc}nvR80FW)q2zkHp5z;eRfM}Kkn7-MK$@@a8T5bThB8-%Ksns-ZC!A zZ|(awFaQw*0Tl^JB_*UoxF#C-0cnQrk{o)dVPJ;1PyRceYwzuT zF5f)QtNR_Fff;74bslRS>$iUEd+?1yg|dfMB~GO?I^J2ThGvI6Z7Ma{8{M^Dj=j0t zi&(l=pG_X{MqWHrcG^P@V%-{hUs5mS4$Fe@X~R~ZqJ8yko68F51rqD|+_j!)B_#Nu z5S0edRvzBKeh&uKe+Sni!$Jo-F>yrL7{CSnC1rIC3lZTMRbdV4J&X1;scpEq7~NkE z?43oF3F&SuP3Q~YXz-bQJtm|AL>31K5japDmdBx87JG?XsvsaYWyL3*uLnQZfw)rjmRIm1im zQ|7~a^U8(SCCc)h>SA?{^0b|9Fj(&KsBldvg*tIFg7eC4yIe=IG36-H>d0 z3&Yu{8PKz10H<9gPw{i7*N1pLU#UVLy%^Rr8A_r7h$m69DYZQSBgNVnsJj|-w4v0j z3FsH#q-^;NMo%JrhQIB(t^f*Pkkakn7~TJQ>qa8y&H^cn9QmCr>LnUm&kc{|tFV%y zI}z}VzaF%ypY(JvmCN9#c+P4P<*@aTQtI#lN7C+>bZMw;LVoNTO`Bu-MTDeUZ{clts45-sK;iDg|m+wT%$2Ni2Uc5t6wp^t`70?_M~PiO)$KSCjm50)ICUs z027T|dbGpVsN^KQ`RS*Zm4uk&IKgcV_R#gU0@knm9^AcOlXe(zr6)zn7`>}Zhk6Uf zOaTPX$yY9=fO-N`fUhhpH z`F7F(k9X(X<98G|g>ChcOS7Upi}p(SMdjKr2!ADjUI^Tt_V|;h`L8~@156xGCH&3* zcpS5Dpv9wS=xzJIHPQa7wEMS_$B_VH>^-f_?_g2?`c(aW*vP_f5T{-8x19bQTKpb> zp50T_|5Ntitvlx0z_()ayi<<)aw0(W{x)~YxmE&-rhG%x$O3TlK21DFE@I_^)|mi`-u20 zz~y%x@Q@OKOp)Q|{!a4$?JN=1bwdGOrMcDg=Ui_x?=Wv_7OX#*Mr^!aHMfMiy^0S~ z|27px@MKEx-e3K@j0sF7?yNxU|L-62*PoD0+&rAy*vvdZe>_BIz+>QV+x6nlMilti zY}XqX;pHon2Y=q*|1Y`ZZ` z4@@Nf9nb2oPRAL3FY^x;z`u_InLE%A?Hq|ZnHs7qqS2$I^f85!AH~nyCQvBzz zZZ&1!((nO2z#@ z9?t?@U=mdJ3Yro8;|^}WY5V^Tm_Lkw|1SdO{|3oF!{z^{AR#j>ToV3+V3(lu))m&I zR2)?Po73z4=*{Y~6?vQC-^c8qE%^6ekj>m|<#r#VWBnFX@VobsZQabVNW=G-e?GZ5 z-FY6P6KaO@M>7RwK^u@J8()8?_`EhP$puu`{aQ;^V#}-3=J8zu)WJVl_M=kovE`d}?_Z)lrHb**_SO-PNRP^*?kQ3pk*3s|9O%t9W}{$u zIE=5U$=SF2J4fh$tiZ1@%yP*qpZW(m-X{DD2t0yWFUs!!<)OD|>faXp|7}_Lg<*y; zja_@wRw0?*P4%uWq%CvY-C>5~PbSFrr({|Ri605=K1B@P>oieP{nAD*hxRA${M*O{ zy#iLEN4V5~IJw+31!&jZ|E)>?&su>aOlBDNM&{oix_^19R$jf;UqMxx!eE~@ejeR8 z7!LEjRob8Y51KC?#3HzI_uo*yA~RxA1y4g`KWB?vAuU@k02C0wwN>}wKrXFz8&5&> za)kVkfZbCgT3H6h-_n};55O9y^V+=jcfiFj?{U$=Tqg{u75d=~R#OQ5`H>DeP&PY` zT9!yMeZJu?1A$#~%kb64TtOx1SQQ}i<=t={rQ+!se}>>k@02xZ{&jmM+drP|5>V(X zf6vpE62<%Wp-C0%jasQpm=o{`in`kzWL+m8XteF&_@4*gsRdM@wfhV70>_%Wl|#G> zN}t#J@JC(W=zm90dr%T_*u(>_Kgr1b$VOS9@H80A{tJuC^(23srTbScJ6cF8zlYcc z1SQyV>6C1>SgG=unEQqq7}poa7*kYgMXr`C|JoS17+7g_E_Hqm)f+f4wZ|feo(0bN z!?#s(^gCQLr%bfhGrS^tc<}}*fOG#!hZ&3}m*&Qr99KAPE`#iPW~dO4xLS#(^<3rW zb*9Q6sSjQ}RW4F>EYQk}AJ11{C^e}+mQUq;16+1hf?|7Lo9U)2$(>U={%69RYcp<%br`) z%PnZYl@C6*9LJQ?TK?w92x8WO5}tS0>2}Uv0m%>8N-N(K_9^5}-Ti$DdFFd9S0;t$ zmKR=zkb{h)!XCo~?%stxTSUg{@#PKX()02`A3z>K%1klsOxadv00>3tXmbCx972>t zO<|lNJv7bkWRrOdarB;uY&os;HW2{l-M@c)0~xW_YIGR!f_t6rY9zgLOLwj*?*dLl z-c0$`cg2^?Em%A5&%aW+N5G(4DHEUai(t@wg;f1yVoIs_15imoRPp1-=ya5pEKX`X zP@h`L6HkJ03BWc!-#XTAeFohIZk-Wa-Vlhe3f(dhtDg^l65d-F0B}K)*9i~K2bKT} z;U?4CM{_LYn{;3&Z6DrL~fY zeH=O6<5}OVFl2A5l3MSdH^ws*DP!d`{R=?M%pPs9E%O=^i(YCAv9#tnd~<=$dS%>v z43DkcEErVEE$YjG*h48{JPpFAmlD%5MGe`TAclEfk?v3zi_`VNB)lc-AguFKw?!Ib~85h1x4HTyT*)cu6ue| z6FC}m$s}bf=7fBPpglV$#2U4eDo~`Nl>YMQZ33n5zHcf!i_A;!v|OSWeAqR-m&)?y z9y_v!v%`SevzBvp*WD+CO-Z4qP{pc?5vy>F#c<>0$g%4MPu3kLk7K~;8*1{zJ|rCm zRF;hOeSn=LBY|m!^9#6Fm}6PD$l|_9c5`%AmCrMd{;1nS@6vK`KYP`*XuCBv~IRqC$2tMb^MN-I6NNRxOgkjhDM35t{s#{HQs1X}t=oyIkQ#$a~Kk6=$oinaO7GFh9iLXI8wEwNUW~{6C~GBmWiaD%+>Sl*tSqC~1rIQ0 z^|zd?RP8rHdLTNjNHqL&=bRd&-p^YmJ`Zcm4o2WpdK6UBPn}h! zf;x0r4utR`P5G7S=F2WsWo|PM9;Cm%K82ty78Zne6e;AJee-5}t&pt{^Xj=2t`v(3 zTXMHhmk6$CbVa^=(i;{k$tNNAl`?yAf|ZRd_O-4Z_h(Hr?1vi08tNMNkFQdjrgX=2 zQ8R939+g*64*^!pR?XCEl6yE`ZlPgdc(>nM7vYkB`2N1O@$*SWWMlXFTJu5&FfKZ!-8oZrFbQQ;C6yXrWurtD32 zrF?ALx`c9asH3YI{SGmzyD98@3uGQ8_#^(JqO`Ad8e^Zk?A)T!9&PCqJgi05y<=QU zK7!BBJ3`x@Jpt^}Nzx$Nm^ZvBvz>FKCGZ?k-eQY*>Ng_R))Lzhw z>PukH{tB*>up`43>wZbBF|5!5lo5VBOA0bNek80oUgnj^Rj`N7PC2%etC*vMO1Q?5 zhj*nY4OXr%B?I^<>%RDzIpu=NR&ztX7Ky01q&I7m4@e>GN6(I9jFrbLi*-kGT$b0X;!(2;7N+nv>>(rl2>cH`{@j! z$(7I00O`(D(_1b0HnBy7i^_jbQtWxA?_Z?U!Lnu7 zCn@Mb)#cWeynT(7k#4CeA0&6Xzw?j6DCh zJL6l*Q+Z{0tsbl41ty1Ia~PYHx*yxf9XnELAHSkYA$~$fE6pah#0Zw{qR zB#n160#gTC4cOO9%x{WUrHs!pQ(mt=i8aW$Wp%T+Yr%G0y zbA@kn+nOvIYSKb;YmeBEr#C-s=%IGm^Yw;6BIAg_NE5GJq3>64sGitR7+NY2ufBDKT90k*|2>{6onX z{X;ao4V#6>0@rvq@=Z*TVL|yGGe@uzj={TlPGxVi-C#PigK@xGUXEBYV7(qQ>*@9j z$2IaaY$hqG_&#$wSN3(U2#ghntkO7v8=%1W>_B~kT7>j?%7)(Q0@$VZGm+|-s?yOtxPOVPlHMCitPYwXEOQ4gGsi)ajtRY#WJY@=kag1(I2i+ z+^M+c?i0Ujn*Y01u5(2=J6BilF*N$BHGi_0v0^P+x-tRymXECN!Ulx72SDS)0kI1j?eJqH7k0PHbVND zj%H>SX`e29A+nX80-VV-$-!7ODLfCBUbyTAmr?#0%SnJ^qH!++h>65aKPBvl#wiK) zm>x>nOpA$S!P2F@ zH2vju7#>r)$K-SL{+I<@R|2uf^9+2YY8JJb^WLFPhiPjk8mSzxv0p7Q>NH8eeqx$$ zYaNQHt7qGRu3Gp8FsApPxkuueA`d;RMc*C0rIB`^M-T0ajC>g5PGs$oAw>sHhiD;^ zhL#K?7t-ux)(>-Wgp#!=KYWGnjZx%=pgAm3dOp(1WDe-};C_xBM+aVNW*32W2FG~7 z6Zi5Tkg^(zMOI>NI~pEc%4LGimFV6^^Bw%k0!q*w%OY${^YH3SpqgifH57JJ@t z*;%je>@ky!l*?xDX|rQJejvZy^;;TtU~~lgu$&gBUOu;FY6a|(Ya=uRV|XOaBvUK> zRZV50pynbY(GY@9>83Ufj&_YUY#cA`+O9TQ++b2PL7^~VA@k;}_Q`w&4;p$5JwtS_ zW;12-4dsmR1J08HV>O^EF={d+4?MBJeIVCLWR*9AsNeTr?${60FDb7*jNj%>?t4ih z5MR6xYgSuZXq>?C$4lCfu*H2$RYmb)iUaAQbpprD7??awg6dVYXFBHU%&qP^`}A%E zMzx*AP30zcY?D|aPk5)m$NTihM@6HKq)n^D)V&ownQK4OnyNB{1qehaxsD zOKX>~FP)R}GG1CzGJXwrHA*#~;BL;hogSVWd;lAIxGkZ6ay8&QP{JW5)W*+i0&cjR zL^nZJPg^S1YJ=>DJg}2;2Qvj??b4}l-oSc}u+ zjD~w{`D!Wc{@sB8%p?DnU4HicLO|B+&xZp>Tm|yaG4wp(NuqpQqD6y~++#1{A}Frw z4mSUx82a&ihVlwMG^ASM&0z?ERkOLi`@rh;aTBvv1#IfN>zP6{0aqkqo_zIO{+r{Pm7Q!ugES2w&H_{P%)p5=*nP|UqGSXwHoOi!c(3mJxiH$3ATKJ-6C?aZLhcw?aEX~_^ z3|a}P!!DjGI{?#D<97Qu>x7fALU>OO63=p(Q5wwzpr7P%=ZGJHVtIJ@!QP7uS0p2; ztiQUvnW4qRItYkP;{*GzM<;S49%R_`Ea*&ukD8})?2jXPVIYO*u7cHVu7guw`1WXx z7OAs)24SnmUd+tr>Q+2*iq=X1VSr`ItkAxx(Cq|H#FrBVA4!GGCTfW+Ttl7jrBC1We5 zbaQ-tC7+Rx`J@WD8ckpjG8z$aYX z=d~*9J77N)hPfXoaDCCQ?YUlan+7DyQ`6Dw{Y)%<+J=~OdLXT-jgJ-M&?y}YYlC6J zbOaGYq{STfY+Gzc@P~ksCjC%P$ShFHOTEm5WsnQ^b8*k96I)@a++N6!T~B zU2U&Dl|Coxk)&rXW8mV3{=lJ8u*W6VT^+4pvi9%g?nJGFeKkGO1YBue_&(!-eB%xC zhJ<@mo667n!c%IeMfcxrY+IJv`>1|;>_)46Ib*+Ze@HQbl_xorX`7f=`pC#}ZqK>F z&i5#nZ6ajSL0~=p{J@ouadR7NzJ>C$+NxYPIXifu?ZP@}-Ldb{Ht#X@%`Xr>f6`*L zNKc+Q&br2zLTP2h3b(2@w@>A%OXVl(MMCHWCQzr{8LG*2WsUrtGS{AJiM6NN7YK9^ z2N>Y6`NAFv{`^2b0aDgkcX*7AMIqk%Rn;tO*w~(5<72w3)7SIUCj4B;kD4&vXC7xG zG#f-j7BZ9Dn;Tr)0(s%=HuFZBT4f*d9L)?{mqdgfEioHqpO3kAD@w2jd)u~Lg|t~t zj~Xu}MPu{tKjyH#BFxRsjM+32=gQa~8{EJ3~0Tq$h9-jTRhwy^Bmj=8Fv=Bo&n(`@lHz*wy=8X@rVkpkwNIGg#?T{?vlO%;2TwZd|=kg_EGn)TI%{KB2w z(;63k_vv3BpL_smqO}|yh2F(}VhiS)C`R!iEw_LIaLxvVAc}gg&ILKYC%T+*3HK}F zCFf6|8D5PJPS^ANo4G)WF-z*9jG5)HXY0v44WpAuig+{D?lE-?!5}z|qq#j-Qm0Mo zV(fYuUN=DK^h3bPRz8&ej^qKgJf7~eZ`_(;L~I9Q&}NCuETivv?Uz(ih;2{{*WUOk z1aHi`wza&xz!h%cZHmn>?si+uyC*MW5&WpW7rx+k6e4)l3#3Vzi0`KY&oJfg;O z@}4YE1cx^@!0+Q?yR}+bM1T|K)S+X?oLx_?U6Wm!-C16MYJGH}xxTg#^URyQxvrp) zSeob&Sq|MDp&%W{pH!!sq6yqjk9z8wFDfwyHFUV|2|cWdEB`dj=j)4-eU(WWbr8Q@ zwTbEtFDV^t?tlSm*EZ{gHnfX*wuXm!(`2^V*|%EWEFGA~0_NgA>>YGqAB);Fxt}|G z=hJ&Gh884t5W{Xu3=UP;tE($#gITTWxzO?PA-l>%lT20}Fk<{&{?i@_4yHipW02pN z_Rd}f^Qt?`0z2Ild6~wV(G_35s;vDwJ|U018m{r1`M5=z#Xe2_Whz3%X_LvPe4@veaSd#je`Oq^4;Jy6B?(yq4)J3j($wPx>~znRLI2gnEVupH{p z1!(@Pu3KE?owED`8*I8S=8iI<-^vWF>Z@?6GKWkC?-pr9J5Z@zNxy!%Q>fDVg6XaG z2Z8M;O87;yFbOs7(XmJ1t!*7312~k-KW^(Vl!dhvhFmK-q@?1&DRX<#@Fn|W| zEmXwD<7}?ZkiLFCt!3NtB6}|FvnwEpZIAN}JZiMBFZlRVP&AZ)bugLKyb-a9r>xOJ zPrjkng;-*6Zhw_iq*A6Y#>YMBsaLiFDUlr8FgX~0Li?G3K=PdTuXxW~sy*%xdQS5n z>ha&BKFSiU+Km2H&%+%onwN}XLUH9FeFb$R9LAy747Se~ug+0=84g+uk0gRvKX(o% zmb23;n^iPfxx~fDZ|#ER09}hdcdxWEOO%9(O(8#eEXJjCguGVd-Qq^JKlbPq&zLFF z%6{3O&(M#xrcLz8|d=dHj>ZDSrj*{ z6Ei`XY&n)!QNkg+oQ$g?1RwE^<57JVs3iz7OD->Q|t35Pp zQ8Bhm4`Mn&pkd3rcpNjUJ$K#bfcVkqsGzSfouyuB=$A2NH@D;&ig6(oABH82yQJnK z$UV=fZCeXxqf&Bt1B<5DPG4|PKRYPJ$MO?qL$<6PN*e^kGo<_sdYlV}*A|h#>ftgK z?{sJhU$PLaGmW(Iyvat0n^!IHMhqtkQzv&vXs9|Pi%R_jbFw9K;|-Hy z)Bz*?!3Sdh_b2g0nJh~QOSEiJbz3kosANW7i63jTnJ{K@S^zMM*mp3ih=iPAr{!G4c4}(F^ti`J$if%MZzHzAENZ}TD1hD zt;(9oAH}LZs}xiXYBBmmDUyHmv}-q3i6@CWa5D59GQPM0N@0h~X0UNjhHXW|(2tTS zKPi#(e3xxXyiyj=q_!2ftZt_nRMQh%eAl<>R?*UgkJT5;`OV_p@%{tMfjL%w_N;Dx zBBid!Xh(S7(>y!^;i(lu|6?8fmmg=y$ppoUCTY5>4>7xz2fnjsOLW{146K@OuiC!C z)0__~i24CBA@b?fsxSz?PRItMZyqlo1fDVI_DTB??&O#7KHtiUB0<70OO5)i)Cp_{ zt)AtV=MiPV>cU@4aIDgZ5a1Iq>28BB^R1TK%e3(s&;mNb&Ye7qej0mJ8fbn~?uoh4 zi#OF{^uie{-%yG>mBho{qX%eJr#W6LKE$_`aHcxfwgOFr@BC;(Nkf>`h1L>LlSH`_e}UOJ&?Nl1ZnF()>-LT6nlu1z>O}ibp0_< zM&@R8YFE2LV`qIwT`^|N^O*0IVM|_FnBgrt7wp+vO^Q8=m&-A?{}9 zoOqRhlLoGx%M&s8H09HsaXw13t9Y#7*9vPhrfJKIgt&v0RaCFMWsG;eQ&BMI5Hf8& zkLRc>PlO;c{uV_n*T{-)TgM2DxRWe6W!~E~;Gp1P;cH5T=@Wj%daju?;Q*c=u;;|` z?|=hOOf>UlWJ6N?2j(n0)an-^ z_FU;rZrO(E8lryd#1A?92d~7*z*(v z)>z%?+5K{2V8Gq07VBNpB8Eyj`_EloUBDJ&pO3G>QF(`osY`Ckg|KJ3(J}P=z!xzP z=A4`Cuji@XqSG=C!k1!aySyd1-1AgU=F|r(CN~mH_|AHA)Su6C0*R(nX|#*zrzp-N zn}~k4H8`cm%rS$Lf5gkSbLs3W?8v)XoV_$dr(FDU{5ZH!CF{61eo#R^P|y9Upv=Hx zG6X~0S0-iJG-DI7X2);-aE;~;&xW4%dGJF+|KCejZC;6A^z5V@LU2juU4#Yft&$M| zcEGf$WkF~}soYyyqC*6){Hk%5YoUVuc4D_|6E5xQkNnzWw$jhqf~2rR%~}|F#oQ-q&fwIX>xVlCA3F z59p5-1JyZG)v~p8H|mm1{|pg=mQ#$e_~1G2Mv z7D{lDvwbBgEFvz3C2e((LuUsJm2oo-*bx#!V=7b#=zNPE-Z)hav&*F`E4SUil-yqZ z+Fy$9Ckb^HnCc;tC&$Em(~i)|Z0y6FLa)PeD?=`j2vF!p_ci;^orB9C7Jtg>Y`s7@ zR#i2xZ|ndn{gX&agOi>t`TEFCI^5)~WDZ+T5gGNYac-cX+OyZuG;h%PjR%Y0 zvN6f%+N~v7Oaog%ge&%fXZHeQ33M+pE0T?7`hzwuyFUYOYXmVOc7%qm*5Ic+tn7=(#D1YpS(uRq`CbLa6D!&3+_?l!4=p>`3QYic^E8R zHS25wf1F?G6`)e6UJ+Ecq*`{^n`m9>tR$23$Z58gYY{zEnX1E-BBsK`E+{cm88){I zwvR#Avo|D}kX$!<9O)h1kro`2S09gyuj2+6Rh7Zjz?iCC{2rK?Qrg=7=!JX6jFo7G ztxS>)<7WIco$6!kR^jBdPsm;f&o3?8p|@U|f+djkB2npi=ugSAlzpfpJJxD@_Fj~? z@#iR@VA{e7|26&bL_5>y#Qd1+vhsAL$Yc>LCs%oEbYoco!Sy|A+vP`;h%koQ>9C=E z^6Ufg=9pf~VRPakHu*5m9ykvohKn(EX8cXrgFw!$H6>pMck(JO0d23JAu!*CQK!^r zXjeryS}v^BwKkRTza(`SZ*K=PQffZ*az$`2`I9TTl$a~&G1I*CvJw)Cqg8b{*Ni$@ zRL517iE1EYco`nj7aty=E&1Ucbwxh0cHspMlcppX1XB@ zraZo`-9xvSL(Jx2&yn;v`-?$Wnr%-(J^Nz@=X(Dum)l7M3pEd0vlw>ws9(m@&2aW< zjs(#!vc}Kyzw->k)We72i()SL+K^f_rY%i@z*3XWHf#O9KlglXSUUEf@A}CY&_=!> z=5exH{?f&NRgU$O0RN-^Pu}2&Yv3YrB3&t%9Y+Q@K%}$RUrG-yYy{gS)*ak&sJy?- zyuw?9kGAU|YZ++LCcmt-|>h6d2unxG`s9pG*^=VV?PFz29CM%%FYd7&Vdo zse>$SE|`_a*};boq>i2fR_eX0UAONskl3A3tv{cso8NwHSubm{b=E*rg=}#buQ=%L z-&UPEnw;BbOVFJh;^VlwI^CmsVdE-d*lOAA+{s7;2*i*dchfdGbzdUa6ZDcEi1BUn zhBPNoKGhih^cXkUmbKD=T_lIY-*FIgj0<%PfmB70Rb;y^1qeSk*{Gp@z67igj#pes z9rk^Lbun$Omq>vHoBj>iI||WEQ%<%-_xH<%v7I!e6U6VmTIN1~#ZV^d{J3#(-eti! z7dX;T)z%op(n7RN(_~cnT;w#(o6o;Hn*@YaTOmG_wt<+|kOIaNcDJjk4L|k@U6o68 z2{M<{255@2=^!g!y2sBGQoAB^4|gIxD^Eag*cx9(+X<$1B6)}znA^(t)3fek4t%L9 zqCWmjA5UrhOOG4V=Ig-V*#}ctnx#PTXfoM5cdp;vaiK?+=_o)R{1?$w^5N#x7NOo# z{7uS&__s}xF##Kw8l;UZ3}opeZ_dlyJBW)l;YH`$MLjE3yt=Rbgq>tV^$1hFO5vTy zwOH0C&FAA7an&wS3PF*(BouK-H?7;Tb@+6ikH8*hfc4~60yvJ25MM(wH8VA>hbRfnXrVFPm=Lo40`z|LQ}yfP2zVu+o6l8_>Xc4Ia}K1m&l?-z-g6mJ z)@N@ChZNanV9J!GFAOLWdCG;(+Cx3IA<~YNESy!+&aCUQMWoCo*aN-)l8(d%$ox3t&er1X2h906y2T6H## zjx^d$`CbDC?|R7$u;y?iR; zvaOMY^LdeS)WU#klC!*Vrb$LaY1|dA-g<>?FBJ%Bk!md2pj;qDUYw0db?Y6c@{)m` zShikqBu7&OG~zgJarfwpsXt4~51lCT!mM1qmnSI5NJ(i&!hUgO#Ye=&X9Z+ex~hIV z*2dH%)XmQ9dP}yzq5$_Wc7BZ5``mbmSi%wO8_Zg`6Yt_3N6m(fSYjHYl5gOUH zKZ%wN7y9+M(cX_}6nsw)%^)j{Pt5BAdog1w>F`wq#)__&ZnIbLT z*kbb)>kfB|leWOR2#vC-)-=q0@dXmfzngaWSpH;Q*`B|@Is}0`8=HKSmq=yVxjOUXmpTDdA_RMHM zyR!wgkM|OEegyMz$n30J673YA#SE3BRVmyol-6GJvd+l&$mG2g^4g!jS1J+e0&FKH zPwKxFML(12KKTA|vREf2AC$fUP#38;y$)Bxy!cuzCJMjpd&be-+dA{}<2x!JEm$ou z3A%)%))F#859`0J7lZB4oy#EVysnJ- zQ5Vu`#pOmIW85dSya_^-5uUrZk2_bfpSQlHU(UoHQSS z_1PkydPTAt289iNW<^-(Gd9%Mfez0PAxep)LqxW6a7iNS*R(iDD9nqs`N0L>*Iizp zh#1Psc5=xv-a)_>0usDl&2S&^kK@@$q#(u?SSlXuYSO>Hq$Toy&;$^{28haFs;34fP!21%x)j3p0sWo*dJp}B?dF` zr))2qVFQo&E&UNW;UVu=|K^DNhoV|Sb$d2A!(YsT-m|(g1XIsQ!c5rAAq!J!3eR@5LNBF^E?-F zRj7Tc(Fxhuk=_8EWA?3eH4m1B)AinHJ5t(*bt5ezPjP*FCD07}x~pPX?V@jT;NYQ@x;9`MZt!dO5#Av&;LiBuY8S>t$oSbDoyxtQo}n<%|AF9o zwI6uVOb$KJRY`$%D05a#4iBC7aw4;=M$(kj3m4xln{L4O(E`FXf`ug*hmR+?cQN?| z{Ik8{9Ny@=xLYjs9LZw)ISz4FVuiev+bLZ3@gM+~Jm$z0{oRikz9SA6-8?_mwc4Hx zhxFs=rKf&Ze~<7k4c>1`Raezm%Z4e>(IdGlKa|-e;u=v`o*!r3`MEb|=#N2HoWQq$ zo#DzbXoBLROZ8&mT| z!1)f$OS_lUNiH1;aofm?dlK!`fgG_9g&CUe?kt`x_fsA>gx zZ)BgElr^6|R+E0C(*StTcFvo1NMD#H$n6bu5~efbit?SbHE#f{L3E@5yqeXA4X}i9 z+<6#!G>2~p{x6QOX-TxF5j}JLWndGVMo`rGY9ySWZrb8-BPX~lu?V$*vj*t>m2DkC zLsl;^WN+M&jNlL^Ok2mW6x#;A9>pddsz=H9b42UMSoF77vC*mY0$qYnoAtD(2p0!Q_j_v(P77^PAx%2-X#0Tq@=NzF%>zkFww z_np)mg#$Os+8<~#@$F3JAmrf7;`U*L%H|cCB=5j)PIQ5kT>EwM4_}yM&t#ytQVRDc zl7~_-m09QYcJq5YpU}g1z6W+EzH-LGZtpv%Ju>(Vn58dDLDQ3=91JVK8S8|gQ}=(SR&u+B9v(>SZ zptM!f_3$9;IRN3ByYyr zt(E}0pVtYtK);6_T;>A6LV@c?+vk3rxCy$8OaAwHEB4G8tJ9gJ*EN($7gwW4vH31s zxS3Pi>m;*lDd=B@yuApc(0TcwnnKx_Fg);Fr9rhS9KSI{rkF+7$eJJa0eFzW`@lcAD0orXP1u^7cAr^;h}YsldIpo^31Ok62ai=)4jR-3n)|JZrKwn zG<^H0o^Vucf6_?9Wdsk5Ii}>722eH`#A%* z#GVX_T|6b_f%cxCFiI`hlj#({Xe!^lai-jKF<{|cj{|>6_^|;SG8*Mk+prwZGhjnC zidjvkvN*(M{(_FvV(GimFk>C=<*wVdAA7VHrbL@VfB5BqXmg{c{)nBk4R?glx3u9} z4;$jIo@C`6=ua1x#n-<4Jtn=nFX6XtQDjPr2rB=_`R)4_O0uE17<})5ZOQyuo(2;( z((Ly3H_dk?(|Pq;w_>{qg6Y9qQ^z!QmaERb)}aK0GJr#Rkavec5Hp_7Rc8fR=yj&g z9xH6TgTKK6m0ZW)0a1a!fq;`6Uw)^!&Y$e`kpyP=o>JfIOY4s`?N4V+6Fm?!-50>+V=cOlJqD zB9f`T#|v542sBuCVzyV>ritTwWo#!!0T(4=e#vzoPJX*uHaRNV;;T6OY#k}kqQWgN z$miz7aaq>fs}eJ9b@AW>hy zuqKDDW*AN!lSH(83?hF~)Xim{KM`Ae__?3W^vq2a%x*RRil8ZL?Cn@wH1)Xs_u$6ZbPWWq64Cy#AEEckBFgy;@*Y>2;ZVCf;j1eHWS z=;MiI&Jn!@4z9Yn4DQip`rh=GwmoDfZQ-KcVXJPR3+sMLH@Xh%LQ&<_)PfO21~103 zau0Ni^`8WVPx9Pd*YC~An>T#uZjZD$_C@d&BzAgLx z6gRDiNxpWFHq>bEn58u-jc~158j;yanU^{Wk+3>}B3lRC-L8NWF82fa&d4kYB(S*V|N^0l(?7QW7wxd3b;tI{p!EFQm3QN*lie!K@wNu7{1 z6HDyt^FUHh8O|_esDcOd*kE}VvW)&9HhjQ9G&C8r6MRMS2yG-a|*FC_VHJIUq%P6A%!%+jGBiJ)fNK@c-uLexB^L z*UY@L)~uO%*YD(`U#-8H4%cbAu(B-KfuO-J4V!i$w^xejs%lRA*2${|HOo#I+9;4% zCC4a6X8Jz?J9@x36E8$uLgxbFEUTuBz2(ifiKAJtZOy82)^X<5@gW@V809%^v?| z;DYYNwT#gj?#Ez-tLOur!C0i2u3T0{vQO0&uEzsj?KB)4PtBMdH#{>R#n#)lL+seu z*mR79-CT7oC4vAVW=1n31@ZKf5`~c6!mDW^IsMh#^sU8J*y2@hanJKW<}-!Pf09tgs7~gzd@UwtBwT zRkAEb{Wkf0&rPufT&ih>l-H&rrpDj7=hCG{;L{vsvl2*M5`&zVg^OS+}W5&3hz)8yibX_>%Jvv|y#7b<*sQI`5>_RM*KqDH8>%e`rw661h4iF}E zk2^^lYT2AL~>@F(9*0(AzB=0YbyL>G+n^(Ml?}L)%(FSO&uQ2?M-)}^+ z{AzmTcQET#Jzt&{X`3`$I6mye@Oi9KXIoV+@70=dIKe2vBC@7$%-K*sBH=!!_?S^o zm!0|9FD|X$+*mfu5lXLh?IZHN^es;g9UGu!8h1~=&#sgc`Fxk6-N|8pmrU~cjEoo# z-gdM%+@l`8WqC_cT!(94U#IEv(Ck-jjV@H1wQTjYKA+ss9mTLp-zerDYx#`E!9ei> znK#igyx?`tBn~@a7;->dSzi}u2JVJYZ5xK}mVoy-<|6U~8bv&NszP8(62jjEw|h$K z^x|BNSHFo?0KtoIFMZx}i>_XsjDXR13&+kvzkz`0sBgyaoir20_sBPdWVPNP(y3PI zv*DM7@12Z^MlWC_Mzp9CULosyeRt#fGP_6>LtUm5ffkUMx4(C=a`IIY<;|BHqs^U` zOvxwrcrvLy*oYn3w1`>D1Tk(rs2qCs_Yd)7zKooF8VguoEG)5YX$u?(lQ0e=RfP8h zH!6hObJkz8U;`h>1A*-`6M&L2x9`A|j9O-Y_2tp}Q%p)d5z;61Bbz;$G}^|lqB^OK zs?CE{YJ2#-+weovodtF-fRkEIEt<<7;2;=Y5tY!@XrZop?XEG0Y;zyo3}fgO>Tr8q zy^z;A>9l*`MOA|>a#*BQyt}m%Jf3PI9Nc~+pR1DPQ66Wjkcx1kcbNRfMB_;RfpblG zUYI7LV&>RPi<5JDPLCZ`A~SER2p1tHTdI-c4Lr4I zHb5$?McuB|r_g1ALtZE~p>tBadfdp}IHo4)>`iS8-)CxK?3P;WDPvM!e;U6xjvVzj1epW}Db~mY`72Ga$Qj-Q5iH%AFF)5?Tf3E9kow z5&CR~8SA!^9A~V@k8Fw>slNFbJcd-XYEKE9q?EOrtlH*tmW+}z>(CvTyungxb7|$K zvVM!s*ptlXf%Tk>lrDKY7A%gg8C!F_iWn!x6^A>lw=sza?Yz?+F)VXAbeB!o4ZI9k z%P`|kTVc=G_s7f)_P3Dnw$PM=Aa0_|LkjD?+%k*m;!Rl>^E5j1*O$m~g~CMB?;>xFP_?s zt{zS{NR~d@NW4ae;{&_UK*Mh{IqOBIY+O};nmW;UE6P{&!>tnFI_h$V0kVCPuPAep*pTp^^f!QzH-_*OWG4`A$j|NVxP{jXkB(iASg{5+*DLPwg=!(mRbZ&MM$%i8Hdx!k z(}dR5y27`|mF^mAsn1WH=ydtM*L@&R15Rt>3K7Ph5kpPK_Ix*z@HoIonJXyhKRTgsSuX+*1{nQOD26Cc;{-#E)fnC$1H*t#S6RiPwsE zt#%!$5t?H?_x-4zR$5(VfM}UIi?EPSK!<@+c815dts+O537`zINZailf;#)5!?|bT zk^WGL_~QES^=suxTj>U0Pn9%^(bS;T9a@x%y1Uo5AWEGyF}1LY4awCnUegi;WmS8k z&s^3o4V*w7Vyhi8g&G&6g5bO_l8xNfy>x2&SM6FUYt7m}a$65eFD!eJa4H-Z)l3Fa zeE!55Aq6UCaG#$yU(4_uCP%Bz&>6L`Q2ELlbp?-Z+z0M%y2DrqW6aM!l6J%Z$wVWN zE)f}YtzNa!;~;wBQ$b1O>o=0rtvr!jxc+Oq|O`c|PEXSLaY2n4BkpcepevOQ=#T1IgWh?el?U2upbTZO)?HYTs z7{7gANX$aHynqI&p*Pf!%`Et_@o!r zx9|By8`FA z`;0kL(M~JAVIMtnV~;OzPRd-UG(xywBt7BsaN8DsMVl_bIz%ZEJ9RXuTq%Rg@-D#}E@n?4$jdwY0ly zU*t)S<5y+&?d6I`?{vB%iKSAL;zrw6f<^9?0*y2`6@ANrnvS;ibjQlDl)8e@&sh(m z{64cl)aet2nZUS8zMocK1`leoz!}Qq=5-!&#Z6#rSlGa&-JS3)Lih2$h?1{t=0gw` zMS5D#S31-Lw;2j-d(-s$n@?U7K7ER1`I_#Z3KTqX=59LAG$AgaK}Tla^=`!=d57-7 zuQL$foBF-aBnsm-VE;~UQM#DI*d10iO|cpUwCa~B;utCK#rNT!k<9!fq*pQ|@Hjmt z@?oM67=K{)`J;#p+FYW#1i8b?Gtf7-dyCHAzJ9+ib;e5rQ3FMgov|~ z4%#C2)2;E{It(bpx~O*WYiT-lxe2s<<`Rq0@q*LTGT&g%zDV?t$$ZtOs zQ+?#hlR$%-ZS#S5SSVkMRZ!dvo54wPjZ2H4nEsT+PF<3a02EAIf>k`>!#>})70s~R ziCsvr2HILLl7@8n1vAj%_*@~NW$Pd&3OM7O@Emz3~p2^ zlng|arzpmSM7Q^5DvNoSL}9kP^VA=WwmPkN@fSCUw90UeF2~){`y$$1ysh>X=&JWq zrgnTLt9q2C^FahS*L1-JHgP!z7Sr@Q0GvmA(Tp}SOmoBs#|bU+T5jqbBX z19cno3nK=ab(kLwkpf+IdKf(I@dwpq~N%8zj}+!69KH*YTV$;cma+14{Yzj9>>|SF&VZ^XOrOIz6B901Ok{ zK+Q6D00`Q#zxa`0RRFiv06o$BdbCK|+Z;Jkcl&gg1bR}OO1pUZ*Tek$G%XDb(eR~S*3Y{VFuX{-wM6W@lIXk z10F_~4=C<8r#u(@5vTL{oi%`V{@T3%!N*bdz;GYjDz|&wnb^-LOUu=9yRQB%hnO<6 zJG+${v%NE?GMw|8SSqp1!!(P2FzBp|?ay-s#)d`WF>vImTtw{*()&4Z~@ox4U%CKivd`uoM}2;Xgj=7yKjt787K=0=cp``LSeb_xh4^-BjNR z&~(-Xut{|Vr;a3u?|C~}srRfko8`aj`)tsy;mIPAmPRa4?5OLKN2(vEqNEVN|WG$%ZEyQ|Dj7O{}%fdx2Si7Gy?<&&4W zdgXZsrXT2cy8Aa=I<5=AesHar=@8uhsd2wM2v<|Gr?%DQ`;tBPxR=F4c9|nVnlQYyK#IX};nIR|_o_o|}s>BUPp2yX7WE*5vS< zhgoIWGN`8PCo@gik0c`2&ulTGAiPbj zXk2*0nFY$fvUUJ-v=AM!hV3N&zlp2=H3uGA?-JNW0m$D4(I2P)1{2j%Q!0ipUOksc zuHXY+3+Ec*R}=WRb^b{pu(yD}fDW=^kpIQk{roAk7l9lZkGBNLxx@it0RVMrx5IJz zT;JH{jnkBI<##2#pTFVEIsIV}KE4luHRbZv z!u@+KN7u$LG-ZtL4B?$ZHV8BL z-rNg$U1wgR@V~Wz`u9LuxcYUUE8)`y%Cx(sPTP;PAR=)^9d@lDRwl!z2gMWHXO&-` zG5^t0yn5$PmdM#lB6hHVZ57~s8S*RlSxv@GB4*cn-xVHpey?-b31@8T``i1UA39cg zPaso%Yb{((Cq=w}S0Fdyh_tu;P6PtwmvvM6a@B(XaaQGmxUo!0Zq3cl7;6&pORs(L z&ShlVvEGu1{?)cOGpJbU1Zs0SJrpUG?RdSD`x}P+Q#&m6n%e~0)+})fTkDiRR*%eA z7e2NH?%`X$rqd|*K(%&mJ-fvYQFzGA+cZf77CztNDoPUh!o2w-yV2E2)!Q|}5 z9Wi4A5LS&A2(wBH1f7uF6wnYs&w95EoFa~7W$VBD@?{8mtlOEDW4zWWajeWKWUONB z+8*YrStgXi=nUw<*=-siH4*is+QNznZ`%%;LA`UiC9tQEn{2a{G8YF$dE3^8ll%9?J2*{) z$=GcI5PWJ0q~s3_P48RXIL;Kl^7r=Y|1`d~Xm3eDlAy>6K?MQRT|q>FCVhY~YXaGc z9A%0OvO;3Xy?(x?MCS5Dqn`9+3ZKl)@!+6P&LxMb(j{WZKH8tL_?Fv-GyMDI#EUM3?<7 zcO(Z}zY+axM%#s{CxwwR9dtK6@~P5xH7XiPjb>*qopZDgcqfkjBZW%TG z(`3#7(VxQfByaL7W0ZUp`^#uKe$(7I(h6<~VG+ Q;sCz~2nER^aYNt#0f;6SuBJyP8a`xr9B)L@$pI9Ip%W|%v^B- zB>|nBj}$~in1u1ezHvxbRGuu`@%ODK$ji$-^W7t54iqJ>uQ?*j{CDU1jPV^?Z&RRr zZhk#&{6SviTNP23Yy=t+^__)%>IQXeT zrQV2t*J~kuL)a_*J&|?pC*iZ*0E+Q(+%~tHhH@?Xcqs929?>6gJ|4Ox6H}u|X_isn zeWJe*fFze~)l6czL=2qScJxMqmmf)!$(OlP2n2AwOG1;5A=Ygwe6v?4=0;0+6KPGxog(rmR z_-!}N6?H?&dv=p1B7CxEuj_bC_Sysr_yGvGf8Ae^S4dBn*7jPKYt+k9VKD9n&H3 zP6R&*N|3}0CAw&|OewnOx7c5einl5;t75B3RrC|B2sn||;5kbWq*9v`dZ2p;zj%b5 z_4TA!P=wgDQC@)Ly+5L9)$Udj7J1{{Ih-$;qBr@Q%;xicQhmAWgB_lVB8%}3dnp%(MreNk7x63g%*}g@lRt)#~@hH+mN}AjZzJI(SFJwxTMX2(AJj|j+r*W!j-*CpLM1yh^ zZ9N$O8{7AdDWXe>p_hIcYWGIk`i&@n_UX5eRd zXYdW84{CG8TPYqgFnust#9!3f72H+Xl~#L`o6MpelU<`+AzLAHkhR9j8;}rBsbXEP z1=FgYcwDh=DYbUP+0i*xNZLEdBj&{Zz;lhBk^~>?o!vXDcL$VMJRDFw^B+7tyy!gc z2^a~rynPmj%1R`}IALEi^V2rcbW-1UkUNEBsbqU9A{03je4I|CKpK5ooU*n#Gd6Ij2mJ}=iNwjv zbL$hteh8j9W<4earU_;?J|;eM@Jz5|GgmWrFz1Sv6C)^0PeKe#!#Bu{!xwp1?XENB zJ4)?4ZInfPHjjK>O7a+f%!rSUFHgivq)h1L(>2vHJL!LG@a+-tM{C~oN2dlhhSaw8 zqjlq6jgpfA)*sAXnC*Ozv|2TaH_|k6pTvQ-7I&6U7&OSNs(;clTuk~_vc8vKl zT6?P|z9#dFwQFr#Di__Ib&9yD$6G#Itkd8c-(9!lqk)r!mx4O@v&+Ue14Fqfi zqYjWnu}-n}hV}+-ac)|^RIWLTRC@yt1Kl~h2)X{j)Jg++JM*7ebDmb-d~v#6)VJ($ zHK`p$qe&>Kv?xy4x`pI#j|$y|QE_?hZL~RdFTY;q33+Aba@CIYU>@t8Df{>)sB2kFh}Wo}EbmMBho|a1dSHyr z8dSs`!0lq<)sELU6_?Zgrq8ndn_0Fo4Y|b|uBQlcN;aLkVmT{%4iZ;{+oDwmMQot# zq3r!t5sR?5Z}4Qt7Grm}7eUoC)oRr=IaQYnmX&xQqRuwUgvSCpO;SfIIpg`LVt{vldX_1lJEPF z@9XNOS*B(DoYCs5sI8awI5k;T)*nL zx50j?O>SFes}JW!D2`2kuSIS%%&yn>)r$S3U2j?ssV0!7SrYpu!r}4hBI7J)W+*|w zz{h&UWm9xyVb*a|bH7X)J~b29Ame*FsQxqQtgddhxWT2-es0lVZtfkqqy9deq~RVF z%bD&1aF3{uqdhckvamp@8xQGj3q?_ipa>9feOXUU zZvG?DAgR&!M<|7tjt=T)>EZ9@EtcqWk4n4uP?h#D46NAR>|hi}MLC?yWmqV_CoXy3 z?i70bS*dOW3uO$aQ9V@hag9{kQ4JRJAu5WsAhF~5$2+vMcN}?9wDj!6O6X|Lq!>*v z8upLC_}^IUFfWIF(X#1i)Pw4^C4q?djfsYgse%Fu3vhfBMsI#UETAqPxQ!O6fEG|ZQ$jWiuUiTu{BcB|9y=9 z8TbuFLPbhO2KZDlaxgKmaWuDex(QC40#0DtJ=b(ZK_O$fdZEfFKllkef6PKv!%0Iy zUdYJSn#0i8_N57jo3-85b5KOwgn&b96DLDjH)|^!MiQ>@G(uz13n+hpEdG^Qcz&8+`xs#Kf5GSXrt1E{qH;1i* z8Rug`K|#((T%257?7$W5j_x*2hHmUOj`aU}$iJWS#Kh6a!NShT!q$fN>bZt5ZJnJ! zbaYn({mgDnuV|qn2*$%n~@37S=HlOL!ZDt;+CP&uPfF#ws&6k|n8Kov2*M-An7Q zW25-LWlxP~;XX$im^vvos|i8r)K9?8Y7h)v#oXlm&wCb$8|z|+^ke>m%hJ}rnY$J0 zdX3_VF4o|}0|U~-ah&=z?-vSV6TUs>7S3da*rGT$r$zC@()1pBPQwpN_%bV4-y1Ywz zv|KLIxepg*^~Rry(EXV_zo-@X@aJp{Z-KR`t{kK(6qc(fs<9+STZn%ARO8v-hxo)i zSF;I#IFEQ#~Ul zj+$gTtQNz+$imgvY=7}`j)bRsIgV5h6Kcxe{cT!ix#Da^SI<$=R}>#4Zbmu=veOL88~FirDLRJA z#Vl@MHAs$GjM@C6OZVutmu-C0|4W9M1@%QD?ruIkaXFm0JC2NodG&ub62 zsgA1`sV~#%I7il7 zz5o4$|1M18S~qx%D_n*Yp;2COP{i|bk!Fl6=Nm$35Q_oih%-{pq;LB>9DFhD``k&R zv5TW)elpEw7Fwy*lnX6vXNc#D zzsS>pYY-K`x#PTxKQ4u4iJv@nk$0Q;w(<0`?r118N5pn0)9>HB;y+#m37E723wP%g{eK59gtxE6y0m9LBuCNs^S_JedR`$9Aeg? zs2JYlo7$P*Uu$*{`sZLXl!<=->4%+#m4~nGGW1G~%ar7I?&i0nMd+a^HnMEDLI@y2 z@^hiEJiuw4iwFRdb&R=1_<26}#?U)JLO&0cpafbo_G@BLj#{y|hSSmtizJ0POFHMwL=iA!&zL2_!I z=1Ynb0qiUnf%_DS3ynLf9*3As8yeM&eXO+zo*_M;=Rrp#1 zb^c9_piXJfwTbzOV-8!xM3ItCDFg!$C1(%f0y=}3Tb&zd*Of~DpBMpH`Q5bsE?+xG z64hiqLxnxqL~~fPqAg2$=_9lnWm)yrABCIUCA&5=#A(lO@EBwc#Z)`Wnr34G7IM`A z69`mrxrMLqXsv*Fz;Gz}EVu(B|9u-%`*MM&Ji?H!b){)-G0g(?+RJ-{0gx1%JhTT8 zUC9r8*IvYH7z%3M%6QfU7iykr=;z( zpn{*DTFncrt=E2Psn`tHo@kORFyKo!K7fgYDZ1CTl!O5QSqLLOsRj9|l^a`-Uz-o@ z0OQ}hHPR>m_#gJ}-L>WOIX|EvtIw#u(4#^88KeJZXnrS~SLf_lu&<)#aasdXDKD45 z2k`$uDDj&BStP~ZKuFOb1Cg1!*X9EqJ-~Rb_l6acjVx?@e3Jhp$bS`h+UXmB$++u0 z_x`2^MuJknKdtAlirJX+02naX?A3o2@J}TBivqsOY8)+?TulE!)3vdUkgdp7%aB-KW0AycsYc7GBkaL?sqEJeL6ar$a_FhklZj6s z+JTA)oHjXl;m408cTZD9p{~P%LgvQP^_{xC-WV|mJ2JZDuj271n*2v;l9+#KJtOun zt@peUfU!DyR;^rW*0+_DeLvr`YnI8kP;WDO)>q$zLde*!tQ+ro7SoRLU+M-pXF%OH ziEfe=YgIVJFSdVZRsoYQ_g%iwb6X|VtXOkp*3HeRyU-$FR?e^!2jN`L5cqRT04%`k z`>{$`JW=A9Z8cTQ{CO~;0-Cu{rYo`zTOaJenRdgu)NW5cb?AuWv@KSPZq=Y=M`b-# za^0SxC)ZCJ(px0Dp0yI7zjAFq%VD=r^P=5iIrZ-&)!Z9ZmYRvAGF}Gl!b;28?g=?P zFE#C9(JVEVaV|@j4%a&1GU<%AoK|AFC+P5`S7<$7DHpTA@$AT6h1%>rvt$238VTcr z2kj+BZHj9G8|N8I$AQGfrO2pQX;7Bcc&Utzj*b?eTxFq0Yg?OkQM@s0W+@%JVh&HM z<+V(Z0Q#>vXPCD5ji`XDqIjWWf@|z4Rvcc@@; zmI$}PniJWaa|4B(7wH~v=4tS;dSD=FQ7Zl!OS9>k1IS&Edl2NTjF7wHMZE_p5I#OFy#!($FiGkaho$@|X&T(m1 zb!QvdN?y}Z!Kk#?Zqy@kFojFGOUdQtx7ZOiscY5Kmn0~s1seH=?T(>(R5TYU#}R9v z;`0Oh&A2na)%S-A)D~-jfg8I9;hgZJI`eks?-?L7_|KOFtWG3W@LH>WzYFC8Ez<0j zQDs-4ZjuyJ7~h*LB%7G6t;yiiRpShm(87oMSXa0+{h)GRqQ@%}KgL%*oG{^~#*2l*0xYM;5 z_&&$ErLX_NYWINw4IE7)Zg~&srs-tl8Hd1yn`XvD4nkgzHW_ zk0qDd&iWiXbgG(tma2W%mMF>s(i0`>^eDG*jDKvD1)p#q7FUOfxG&}v)!#CgVzt&l zhM2WC`D`D?!EBNCl~rau#j15j&ZYLvjAmcNJ(EQ(&E=6JJL4RsP~=wX!B+JtM@IsC zUWH}>7PK9GBu{hCN6wc3B6jv@cFm+ScjGjivOo{c`1t_7wDsWw4ZfqtI~=lN2mb87 z$JLHm2&1*=zNEEn-$zP%zUkRz`P?2etdNJC7`S8+DP(MTCqi1KN7CSxt|1iM-}>&q zQZwQ{5O1~qlvQ^G_ZYYRIa?H@&i`^X=8v?8HIMRgQ zRE3FXuZk6~4do^Qq!G`UcUDC~!2p41O@VS}xwzR18VhxB6EG}o-M zxeK&J?@!mbRCYS)9#B?**3X-f3<<<}QUsRb?J%D1GKXWXj!1^Gv%^W29F6K+c&Ep( z;qJbBviITmsDq?r0Pn`^YXWJHHE+-+F7t~|U(^nfv)Y-)t6Z>y8iSCb4bp{g;D|#i zq4BWM^ex-7FW{t717}Eq4x^yMqTSkeZXY?^RF_MTX9DD)(|vwO6ojTO5hr?%OoAUCXCxOG@LZyCoPmGeG}~m zDYFo^iZ$~W>EFUTfj~+C%A0hs$v?FC6_?YgGaz|#OwU`B+B+juC4}Ny{;J*WS0K`> z(Ay$E>YLvm$^k82cJm6bnyHcg(LM1JW3T1sO_iAghoRc&VC$)&5c*&ZI9her)ZT^N z`$Et4p0N!3^x!Sa-nv7j3YSeG*5Wdsb4+GqkGqzG86V1KU=}-1SmT8@p`HV4$t%cN zA7>9KoXS~yBWbyKt}5Zl6?sd;0$Wor)^J|y`Ek>qsRS98F{dIXla z-^t~%Ig3!^Gj6wY&uPnp9duv>oT1WBn=hP*Da^5kRd{EhLAqkkUj~cr-!l5#EUtKm ze-tOKn&5DKb+&z>M{%DkYdu%Jhy`8DtuL31%^*`sS~2O-s9=$cXP>LDj51DoPP)g$ zP{o)Yy`!n`-TvM{>?q^5-eia4r8v2*F3u>l<%8JuNV$z3x8F2={vK`l<2}5}Bbbu? zVqPCUC^v7a^GlV}QtT4DJfknrsyf(L%9t$DE|Ud98n!%U-$q$Tf*wj?q%SSR(6&6dK@+nuWokxN^UCe5ul8T{R1DYa+5T%#5$=&E~&p32zpdxCVCHnl1)n-iP)u6@zWjv-SX zT|Ewa3jCc^u2ZJ?jw^aJRz5%={|WBDD(1~0R0lh(EcdMyiLzZy{P zOa=_fRW{bElZZ`{zON0J7p&VK^*&${P{+OmU3NyJL6|qIpjG5RvX!2+JcY{2jz@N8 z&vI&NIhM=J>9ox_Q5)@>0CYa;fH>nSFucq)j@$Gb0Yc)%H7Ks<8ffH1#=TIE39R`U z_XCc`NC7gU`*MfLtcv-7BrAsJZDtx9lE-=t;m~}*5Fpf-C@fc4f5PJG4D~rZ+;rG0 zn3<=ZM$KDjTgX&|W5TE#&?t|K#KVu{Z*69nzFX^1OS^Zi_@67{SA1aw)IYKEomQ$C z3B;CHbC`!!$O`;owtPDxGk4|NIPM3fJKbp^YQ~fcz1>>|)Uvf-vNoc5E_wMSEyzn0jQ!9EgSz3bhT)-de8fKoMF4%BB5pZ5pANIyLtH-JOpx`WpJH#&NjD|3c?|cu6Fc^=rBekrv4Uy_mGkk^#)f;y_l9$+x%hy(fFU!s@}ds2`eiPI1I@nK*P3-@d*0CJ#rT zOK9PiMoev0X*L!+exkP+G&mdIa{=y&?4%=RbO2vvQ{!c3Rc`>}Ht3j&_zGe_TgB=~ z1c2g}MUL*6S+I2>`ZnE8~6z$?(ImUmcepJyHl%7)pHKU&n|L4zdn*~VH= zR(AC!*LF7~M*?mn!*b*l{k_@n%HzRmIezeQVo?K~LIO`@scRf^zjI`_gKXEUiUU?t zQ|!@0S)HxJ0In7`IM`(^>X>V47Fn0ZqhX6-f&7eKm5eK#URns37G9!U)4J&Di)7d4 z%VX1MT#L&Ld*V5=3r5EGPdX6$lrg#XX%02S-&dgV{iQ- zj~S15_d+2rGCYcf+xI=l%4+`x4rpYfd^na*>!8=b3sa7<5j&P z8hfa#mwNi(cxsi*&Ji>ZjKtIP(3x){cZ;uAG@_8aD!qWYfno?c#P<@eCL7DKAPATY zvgoT?mokHGg`^O7{kh_d*Sa;B%JV)YYMxA#SX}mGd6lanNY8mGW-wJkm)U)ty%gzt z*$x(Cj{wrN{ow%&&(9*hw#qeyPxrEv)4bfP*K%1+Hfx**^IT{B=GV$$!a(?QTXa{0 z8~PBWi-1w`eP&WmSV#~?V#QxBfVb2}>%@MRzigGw@$xT<6`sr?XR-{X;-^VBJCq^`r$daqKean9Y==p58#%EQ5aa^h`pBdP;AQ+1z76XaQ6|ECfj`Ms~4RM=Q!Ida4*nvYI~IF#@4`)oi_Y z?UXY($gfyg)*5QQmQEyA(6TK_}S+$k?N=%iO1KQ|BYYs@A@_W)tvES z!*pyOHMz&)84@2kl2c+3wGE4ci32w^R&VhP?;8}Hpn~Y!UADCPsUxUu2A}@`%9Vp# zoONu?(q4;fScw)h`8gDl+vJ+%D`sXDVg{M4qeZi{1Y##{&(kmxb!XBKmnt_LBYc=Aiuc~J9)(IFlleAY8; z@SX^FVn)SV0^0nuUQzozO(`JHLs>ZHJCXHfd<~16(#-;g8B!>{Dg2Xq<{TJx`cir@A#{NFNPB@c*mCjyO3 z{^@$}Q{#ni3ZC0ek+x9*=tEa$Wu2Dkpbfau(u*)HH ze060Yz0{;@)}cj2F9F!!)9wDjSKUHu2JRW|EPr{nS7glBlsOfrZxfUYlxP#OTq2`Gb z%l)fSMLXTd@|< zC?&gl_xf-v8z7t+d?#cleIp-D;o&uVEQI27s<*F-Xk`+BydG^({sR^MCiVV=09k_k zND5d0GzEiP?X~&vKx_s2uNq__Pbj?(RVlL|Q5fKsLFHRJ%F z*vNbZe+kYG_%9mePZ8c<&?x_fgZ&X;`TrLV_WQ{Ezi_aB@LK=HWB#?1{fkilcX&(z z?;DUJO-|^jO~eRvtV>_JQVR>lX=}s$@sg4`;?j~?V=iF`(UIgYEqm1)jQKyY>V!uA zK7y+Xsngy~@fU^+gut8yy}=Iwdi|!W+W&wm{AhVsn4MqRewGc#UK}_xo*p< zE2~xEMK@lP|F^vODlMg*Kno$DiG>tQcJ3T4^cE(F&8T+9vM;cuSa64Q>&u7@>@p)P zoY%ffydiJs)fCk=^QfPeK7mip3Z31x{i2tpc)a1{&2rC`1mmg_$lZ|0Aa-7^w0!aN zRYmr?Ty%tTrfg>vm?vtlPfToOrtMt{P~!3-bxN-Nxt3QLNzK_X$06&iCl;b5GCq-m zJjnw+(66uS<>Jn+6bCRDCP1fdRHD+oCdO%NcpxE#=h*QWD6Quoe+|NssVYncZ!$Rq z-p`#p%VJ-j!^CyouCj=~Y)#T2*PNvc}Ex&Ut9 zw>8yR|D)gYkKNkm1gLOG=2-sJ&^b~qHcbliOIYvcWAD>LnGY}d1^O&Dm}pYS{7dgk zg>-$Omo8YSM{Jd%rWOCuimM!5ckYboijxIkD@lkBJhU*fb2eV+hyvMA{EE zZI-)Ai1_!(CL7rc=$+>nSNOngpxmi)cCc@2+>_u8(ey_f>-3Icbswb>aZ|z}cat8YF~f_D4j#k-kj&XW861rDM@Bu= zzHE??uReW`P?6p~qF8Vy{)%msnTe*jjfiMrflN5WA~knP*R}nC;f>baiGwr4+-zYd zf}3U-vqK$m%kUpsc^}vlqw33GUSZj0xL26?8LpR&vegIVuYv9^)+Qt#uzvaxzbzTj ziqCaGz+G|riue!ptGz;X+~$K&m&_!aRw;{FbjkyXU%J&I?tYTMLS}&4%{j%jt8Aji z^w;l)i%floCmiE({2U4hQm$2e6+uFFCcvMHmGkT!P0Tp3Hs@0VR94ry1pvAB{1SQM zF>&8uX7s2Ka zXHg?(g)9^rkRh7f*4kn)s}Ydr1(Vb>FFGs&>d3fSv4tG+&O;c!;!D8X-KGY1?zs^q zZ)8#M8f4nQXM9wEHVwJ>^F|iGK(yavTK;#i&rY`+l=o}q;4SlH#G!FR)xyE zPhG}=3N_4|L#JE=wmvb5Rm9VcFit) zur(Nb-%Fj}itxgv6CyEKRpyu3OlS(xJA-yXpf@FCNGyhGau&N1Cx@n5`m#C#p2}q+ zpfad(eVsQsff64Yg8}J0IYcX=s~wfqdC(@}pvZX&sO9JRUK~p=_guBjfi3OEnD7O>|np@NPM5PohX;FVb$$)BGsF6!hr3|DFFDf zvz@k-Prd~t9k4WBNzzW0IJ7EAZOym5$rAScq1-$bE-n_3JA_;eIi#_t5~EEL$Voa&>3w}Gm%h^jOya3 z?bZ{?X#-4QBGh`%WN(?h_u}^LA5m1mrZ1(T#33PF&rROZ18yYh**Ow20Q=-5)P?s# zr9{#ls@H7kcyYIekwb+sM{7yc@s(#$cLGS7&t}T}p6v5#2Uj`9vR>G*$LgSd{<jTd&F%fP$76p`uyU^s~o zkUS5$bp;5%T;+&RtQIg+>`1xPVzw@%uX#mui27x+yhw~%$f^AfTU6$9!u(R4F3Z@g zk|Yi(UY(0YRg=*M#+hNK&-Q+#kh7)xEvtXw{F$;h{(u%FnVe=tk;x~XR8JWcYG(5l zXdTq%>((k_;!`Zw*~)(G3(VF6Sy*dTT2Ty)Svr6;Ry~dVt78kcjlAEjB6^Pz$#D}l z1qWNm3^LU`Nb4Hv7J@-;5x^>IZdY-+PTi0Ds3apBrKh4_eq^S3j<6gzl4Nat+wqQn zhR{ja+jq4%uPvOaDq$GmI;v^b5iZ7FTv(!SSXiX~I0YX7M7}TUnyy7^q`c6sJhL8Q z*EJ zZJEn(+ga`BTaMg7*rDZ>{K|l_2Ms`h>aX#O4CKxK2-;(C-ReT0uy25DIOZ3jZo;=3 z{n3{ZoyoA2^|o*t{v!Q7Ztn#~AnXgrwq7dr5MTv5%CHpI8hWHB7ql{8xmx)tD@p#g zG~6t6JBIElPMA#|vM4}7$Z7fne|@P>Y)m7CUC<$k6X>3O5VmR1?FAuQPFcQJrbSn$ zT(*)Uq9<(|dQKFJj}V!V#{HA^Fzuq#jq$SV?@5?Z!(OkBkBgr1Pual_;#YmPC-J}N zN}gXB*ye?AZCZ~3I{*?=4#c#@vJXU4XIPzR_Vj(NKcsXc25;?w#Kp9?Yt|JzV%ZaG zHD$KEH~D0{kZ6|(qvCCkh6F>DgNlqOm^u{;B;0;J;OQvTuKT-v@8esP{j&*UDJmzR zZ=jv(AEO4My#9;8R;ZmB7W1w1^>g1-y}DZ+h=!_^sU4`f-uChO_Dul$NqGMLMOODF z4Czs9ec(AhnAx>xJG8Kw3E&xjjFCot4Z_vDZ&B-`RgeCC@&WQA&^~Te_s~vsS^Yk7 z&vTCEwFYWl5Tn6?5a0^l((3}dVu8rUoHHFOf4{3K(B25t(4Rq4JjfYri(F$rpQX8@ zs>x{yA1kUt{D?dykDjQo?3{LuiQ(I<(?zVtEyi=#-#(XAuQ+)HA)nu(T8aCPJVoLk zHIC?8R)ihJbDLG?Y44rLA*5+;McwU*lVtpz!x&O&1TDttb>-?86*_rUhV2qzVs4_h>o?%|E zBLimrdC}~%g%8b3dc@R1@iIuHTN#tWL#z61ifR2zlnbj32wQgeJsiW@Wu!Fcqe7cR?X5xjaR>fYSh=SfE-IU|dJWEFiRg`_O z&2mlg8AK%e)DIGer6^F^;xi!#G*(Zu^&2iwrEafz+VnRf3lhVbw6H}HzF;4I#~Kk+ zy;_&o!!xo)wFLY{-rnISOmOUD^Py#lS?-gzUYc7pbd+Cuhr0B9_}BM zb3TzW70O)PlMksJEZiJIy-zy5wW+uLeAZ`%`dhh9Hp~{z@s8RuqWtHqZ?iki`g!0P zMwt7AJ*PRXQTNIR$P0&*#I1A8Q+e6EBG1e2Yz0~%PB=|kh0}W{H|&^#&CIm;yuQ;y z-3J%@mX@fCv{0XCfA!_2R2u!DCmYAIn(xrSba2ks94L?{ro?J+>bX@fcXF^vMfg$& zZu+j=YUCNum(`SVIJv%?sKJVkFMK$5x=&w!L1?(pC+;VhJ%PXC5WzWSay~v&=q+vb zT;G+-+qV89t*535GilLYB#eDL444e!DE{YiCtHD+uVz>LNoNT)Y+l^ z(*!{8U&{TwlPm6knz!#}>kOnZHNLak(;1Da-rXm9qbUep>gOlarg7^FZ%A1)bwkXe z&e^=`q2vRz3};an{!iAkCp0DOE`@Y2%v+Rll;-uIYJlS3fOhG|P7wNnT~|1e>KsgJ zEKHk|@Pgj#N_fLX2iv5te6h)1O_arQ`D`o@`+^Oh;c2YK5h}z_L|sa%$fB~IKe{L8 z^9gRzFRk!$oiq8QDL3l03+7{}dj*T#WPz}83cGIXJE3kCeoyn(9?<{3AwztikO(6B z$*D-Ky-pyLd78`MN!3?4TPy)uUoPj6rZdQd52<_7 z{tV~bJYP-M+fL+Las-13x7Ncipeb9{&KCvz`cdEBQJ#cpielUlz5F3JV0f}&aX`Z= z0)J>x9eg{C1hj)ykqq0UwVr%%kg!YuzNlM~ju)^fW#i{R-e=T_7q+Rou-N9_(wk7m zAzT%W!qu?2(*{aP8?9jSPUbkWFT6@8Twe4`Bj3F!h!{NB12(C|M~oPNS0p@3aSyS& zwvtypUtU4~X-iU0}R8#hz3b6C5OJTnRcIwX`VS1O61V5M~$oYakyoEVcMCx6%IqTa9*K#s{ zvB^6yyO5k62{l}<(w8F|;(nuefi#vCQ#osnwwb8Yv}tI*`^|pyTl|RLyYi|UJ0|2F z^70ctx%cpiTd%itr1yI&4C%nhD;GZXsDzN{_sN2%5tQT6PJvmbQDUUN*O(v zqrP2#wV$lO{XD!f52S6v3*vcqVVqy~PIulI9a6(Noej#YY%sr(zu^rfzyp${3LD7E zBhV{Mf&;v&Ot^t+p-u-So%LL58jQLM!lC~%=sAyh>GrJm;9Oe9Ok=tA^wx}n3_NHY zZd+YMTGNb2xt6P3k%b_Tsz8=Z_SgkZ9M0XBN={tyNVXmAwtZmM8GSQ7cB*GQvir*Bjl-b?c}SG%fme=~|?aUksz&x#qiDS*62 z(No^7c`B(a1UYChyEXz{tl*z<&|`J|c)w~wWO~9kEAdT-IjO}6Sb%CWdcHTZJ|{}+O39kU-1G^z1QJ!To!pKu|NO$TaVq)OG zIIzM|)7DdP)d+0GiALzSY6zh`dltrhdD?QP`W5knXY6~oG!=pEg`*=k?xb~asmrub z_L!)3o@-In16!DgLsJmBfK+SH?G`)Xp!K{{GaN8&5&*+y@;)E)C=On+i?v01HRHLH zbMnt>O}K;Cyt6BpLAvdA-^kC(mGrpaTH{fNHb;`k!qJz-$P63pwm=l8cFoIomx5&t z&S(u%A@3r{^@Z#m^}?lQ`_@N`s`O?L`{-O>4~Pbri(q;dna^o@jturY6^U*O^l48f zKk|8dP^OBg2r2OFR2$TU4$^vr99qkBx{_;4-K<5Av4+_&OgO$%Y|<&8x;&TY3Q%aO z9Gj_f`raaA`q11po3IA%Qz^P@M=a>F@!5;(+v)fkAHkBhH4XUTEbduKcp7H@{+?tA z-vzMsY+X40{2qX(Hs8GH%quMRkXmwV6}>BxrFP}%EAOr%W4-fFs4`Nq4KH8T$2D9^ z3_`WXR!>K$SjJ%H)AZm~n&xP(`F39Ds8*WwX}IwIY49@fMu+dL{wo;ev-2UZY>ML@ zb40kLlW&*r@i--)$nZAGp=hKh5CHrtxx}Uq={up)@2RUUs6-vucKYXyLa}a9%bc0brnQjz z+Q{fwTqI);9q`X2d}NyC9Tgj5xBWyB#k&(5StV?;jH~uZ#zPByP?E)-w7bl%B?P`i zie1Q`88oIo8RB*Obll1^;6-FNN+s;VHsI8-VTFYB&GZT-S0M|+^?d|KG|j%{ALb7k zaW#+#u1}V4&S@646+~@KPG=o=NtxYEeyksGyGI{K!12xad< zG9|&N{jKkTpOYNm&y2qk_0|Arb&t_^6vDllK&s2pR|9N4aU4~vZ>T9#EMkqPew^ei z9Zs#_R5a$@du9_`CYnTnbi_6Bz1knSku`x{kz~ZnFO}@z`K%~te5`lBCKc3k;qzXl zaGl0IU-L)9>EU=@vh;Ku1sD5^qMn1Tp)uyM_*ozAB@3xZC-4?Dkn!WPo=Hz_5oxYJ zDBh3)wE6y?U?+eC_W_;X?ejqLK66bxsXH6P(FUr%Wd-%mJ}N4pBAutNBf`Bm9R}rY$=rJaw7JQOXMAXmX!JdfNzH^kzu~PfSrv^noDTto_@sjg7{jv+H`cb)tFM&WT^DImt$frV)mA9XGCrDrBXb?z<=Hz&2lD zwik8MA7Dn2O7F=HSl7_y&jNGQ#3H=4zj`Dwt_8j4U++JRU*9Jy^Xxs?RGY0TLu?yn z2KH-_H=N)T5HDIp=JY!8dg>98BBw-bGH{`F&>B{#*Uv1=1);RmBSS*JXay8f2%nN^ zq-j0p4WvZLjvc&ZLlAkoq-Z+esOwjdx5J&gZI%KXh*AD&g&N5B>R1!byd8*K2cfKM z*S=O&LNRHt!c!@Uj*(CLNvqK3AmgV@FV{JL(n8FXHoeqEEp1A6DXNH58)6aZQ0n{D zkWos`PnyjD<$0b9p89{=Fjv|3<9<-J|%hv1nQ@=82Jf?D)J*9B z&yrj9I-pjw1y>e6)8C#M=!1FcC$AG-VA`p`xvk;K!OQKQ+298iac}$mbQ}% z`yrDuGkm$6Oj#--v{yt~sfffiO z&CLG|zAc%t06R_P%p%Dwrc2&fP;`;oy6ZN0G0*Je3!Ky9eiK@Yx(z zLwEcLmwmM`(5M^zxEUa09k+5D6!WqXeIV9jidV@)(7stN zOf%L7Y|VZD#Rl0`52!+t)1t=Gi;#RR+dj0%OePHiOhyhM)YCeJ$pW8L`cF^7P*L@- z+PkkLS1K{<6=plzo06J$HBtdJQP{|pakYJ+xcU17`6{QT7Kf7&B9}&lV?EIV+8hEv zz41~^V_o-uXorl;Bv#J7?*%9fy<#uABE&5Qyo9M*__T2!98Mht+MN0l*9>neHmyUO zctv^_pI$ks+sk$fUMTXv)Jh5G9MeQ$sf=B{YxTXd^df(bS9!P0X>_lsLH#llf)*Ol zGYy_{J$>o+%jb2x$6}4Tn|N$xR01{0j*SV3B%cjxg=2$Mz>}(#JME|Fiaoe|GHL#5 zD!Yl{gRda@9vcjtRPE5V;qUgFf-kxJL5`6tW#u`Ka)h*MBA=d*Wn{&9$9X>uO%k6! zlPAKVa*9fw7V`jD4sv9-frN_*3CRhsAQ{pfJ5`>Pevs-axq0OI#;A-trPOWca{u6C zS^4M-=__f`aKkl4Y1!+Y8FUm>vN2)BwkF~3N2#(l4(Q?GV<$8!7gm3%q}+XxzhSZ8 zzqpZ zF+RBUWcJyx!z}we`<2gS+0VZI9R3+Vua&xAqn9?N(P1~GM)q+o{;r4`xH(~$c$Qba zz1tv_f3+`_&&UEATa_~NnO1eD0fO7{b~5ZTwo6@R|NAbGJmxYl28aZywup2o6~-%_ zcoB@oZIw?Ac#C%!%%tEshs$T|J}PrH4l8Js!$JYUXK29ovcB;foE>GSN34H90IWb9 zte_H?T!rIIRNggW;Gr9kz1aAr3RRw3Lo!03zHaFI31Nf68&Zz?@c_2MqfDL9M7B$F zX$r*Rj}>6ra$?E6kASk0ZS1<634*p?#NI8b6J`!pd2w>!cj^1>^oTe)Ts`PWR1gYt zbH??O>go{jldNfYYIH(*Qq9Z7;EkOhWXh(&c$UJgIMJqAMEa;?gzWpB7OkGuPc%=( zQQi|JA>uT4DahxwyLPe#a7At6uhlTqki+UT^-5q_h3SWzxv({9|LX?Zisc+9L<_F3>hW{Dsf|u@S19tJ1siq6$dWMx9+$ z{E8_RzUn1GCb;#ict1oYb3X^ftD(O>Gx7t4O%3zF0{=lsp1)Q0hcf_K=eIB~kcjQI zSnYxmmF7OXrpOVOJ(gLGI)QgbL=)WF?ZqcRdY-FRm?y;L17t&ta@-d~Q}%(xLIdKu zY^+{_%%pgUo_&(RpUx+pi*5j<=XReq#iMe@cah1^K%)2EmD^r_D@%BF{?$M(txR+K z)yW*HcDS=#Orj>U{D~RlJ|it!41eo!eD?z z=+M<|ii~VE?iqKEW-^%E+ZETP6DDdV3% z(WOjB<&a&tM3A5vt`-Wr53iw za+d9@VXM`ZQS@}gRjqouBDY!7J0|j?Vm{i87aEx-xvqJ^R);P&tq+N1-_7GH_kfw_ z?WF|*#ow8Z)TyKIDxo%`32Hl-FayJ}x2H?L2KYsv(1#_KQ#Yj4Qh$FF^@|xTHGWcQ zrzBUyuVU`{^bE_0oLd;LFqv@oWotKAsX8w5;v>Zby{5m9F?t!FxyyASG>fcy?NB+( zWi4|jE{g6>>&daD##imxFTS4`rnGYd1SLr)f;~gAg* z0X_r4^wBL}`9J%Cj@zJ8ASbBYIgex>(b{Pd13q8Htvig9H);xnh(~b}0ah`z0 zZC;>v3DgYhpj4_QE^FDsh7Lu%ZPLG$~xI5s;HJQOKXqC(zY2A`9 zhXaB)qW}$;ZNAv5?=FR%jcru~^O-&RsY_!+HBe?%PqN}G;WqKgafz4lw9QLX7|C%0 zA08|Yjc0zKmz1~E#v!4%6<(e`$DjJ9wYz1=o+n0;RMs<{C0{?wOq?|`=Juhvw9V%c)T>R=bMBm@^Pu{z%JlrOb%B?B+cOThhhKc* zQkpAe$y(}KzWNNfjC?)+^3Z~XL_)r>DTwCd1N2%?Li#y2h6GEL1W*qd07AsHT%bI9 zqrxV5ozCMEdydUYud&Id28rwS@=i`P-}9?^B6lQk#4z#%%DG-?V7Ecc{K2dVR?!DL zh8s84y1o1o zhCIQLj_5DleA1ALY~Y3m+IbQ`BI|WjhI9&d;V*$Yh%7>2jjY_Z&G8L6V9o?FETLu) zcCmN`7JiNBTCAMO@(;9JKm9}7qjcgANX7X|+;bD z11&0__9wpNPWO%ks=K@~B!6nA{ZJm5$lX6k%@y{Bt7k@xyotwLE1-5Mj92&( z56K-`thw9og8TJ9swEl->rzL6Tr@;RCKXJCtV?4+E_sq9vqt=yWH3~yJ1ws71gNpr-5^1}BW||#dYtBZ9_8@|m z`6a4T_jZ_W+>5yE%6D(DLXY{d`s(9Xqxs;c%?NDLy zx?O+oj2sv@^JRblY4BXxT!pTr$l10KiS-1@ro2ybn#AdV#Cfd|x{(^oK`*<^0u6iw z(i?|@4>*}?-t~BQjhGcuoN)&_Y`axQeWTZvBY>cml>Iq?^Qbt*Ao(Ssg*LXm| zc|~#{t=S*tw=3bWnpCJ$)i2I6?vb}1gyv~Ve}W+3$PY(&U<-oaLpNkLtwxEEZ2YhX z!-8*qt|X>id|1{+MDtv&{D>x}EDk%hIoy2u*`ouaz-uNkhIoq$m(`Z+m`A8G1yK5; z#+d!cT;$Z?K-Y}bC&@6Gk#_q|k6iLl6vos}z2Cbjpq&xqV) z8ub#2VwH$`9qfuo<@Dm#tV^>(URqD_v)d0`wSndN;#g(ViQq;mw|5dP={(VYm>l@S z%M>Hx$g`(t{Whax*Bd9Lt>03$^N8kY?%=_JlUf9}sG|Gm0k4UM^z#9f zFXhwd2G6|axMr3t_w9Z>kJcN%vPdv2b?*VWI5L;~%5JwJ+Z@^d_A8og?U3NoLk8uE z7R}1>OG20Ohj3na%G9JNkyZ6=M>eA`UalW+22yo2GbNeq!)9Fyof^x$oB30SM@p1k z&p}@(&Y47G$4k9_JLywNBi64w^uQA+h={Y64R|??8f9=JY|;%+H)PHFPvq{~xBsnLrKp8dl~5j9$~`8X-o0tbTK{WT zGlUqzwz{xOU);oFnGmQPQmP5N*iFuDBio9Z(+Sg(uR{sT6lMYt0M0O*?f#yHYtu3) z%YUNBDwD1Z4)``%{5>;PuJem)%q@~26Q{TlU!^rN5ZQ#;?zd}X^R)Hk;dw)SHrTlP zT#s_^A>tNgY2@s~5ibxrDE7lONXz(i;2NINIt%hk2=?ccW-`eOY*~?{WVVu*^IZlw z%N=L8-)Gn`Ftajd6isN;&K^YE?bJf3E-VGh@o^vi6`zDqr8$PWH+v?#d-$|;2 z6nYO|3Z(3vhucebe3yXWKS4w_Y)-+O zs4tr#U*IkZY-q~~3UjSn-umJ02fjTs$VqFo3id|bu;y4!1`JK_&CL8|Hc70agA>! z{0Xt)g1wOpiCquK#J>G4X0aVQa@=h6WwLt3*g0E%je6QSyOtoAP} zGD};wl(VorK9iJ#i0k8*S*CTWcz1An|d{d)AHm5;)ZS4sSg=!sNkr+8TC1s=wAlV1PX zA(zgyH+x=#cKam1zyjTz*E#FMUK`bAX42k+qCWv}+*K}BZzk_mI*vKA6SoC$d-;gzl|H84 zI`FKbVBix6;ChWNu@0T{&yd?b2qK!e=dO#JSuD#=);q)`SQbi5q2aax3S;OVuk5pK zU05)h%S-9ac=0E*C?y28fAEwz%BBonTKSo5{|(CBM`i&3xO?)`oidbEl3P4T7cZfL z=D1RQHSf6y*Wn81$>mzplf>NP14^9*VljtRA5T=8!SklB0Bbm1>}Xz9JXo5mS~FhQ z9l(^7f;h=se86G#;r~6X3Q$ins>-Ge%6+7omf|g*l=0@R1%@EI zXfpf((rX*H;+BF+!t}t zY_EfM+>u*Lcz^DU{4~kI4>y^oGM;twGU=#@@LcTKs*$;OJb|9;$l|vq%`t2({^BPo zJwJ7Gtk2&US5hrbUbWClU5VJCFP8l5g~2juZrOj8L$MEv5xD(#t%wp;*@5oG7;z9x z4Qb^6py)hgbT8566iO_NLRa)`zHCew7GKpbEBxc`w?mA#1A1X7>cuB8LwBsOu(jr0 ze&AwhVuNFRpXl!mDcQx+` znn%AU(;5?$tO-CE!zH>E9nUO$D3m_^WkjH#2cP@2b>jnP;l~0)wn}E%h2?nJuA9tC zS0pvt{${T66}dfnNwRHQpiRjaNp-JO{Ic>O#k)6I+Cn21kULCtAQ|>!lzR|H@OZO@XWC$QYVQ?n#uQ%iGwr77-X5SD|28Q zl-s4%zr=n}xh(d?eTv3L;VIBUYq{rnFH6?trsPKt~f_Kr`snMw1C?W?H+sbmWM&NBj>cs z{sR*ayKd#kWSLqFVza6uvn37rm;?ES67Y~bR9wNMTHvSGc z-sT3BQ6oumIRU|`31zYeYXC35rdwW}3ksqEPuK+$vXO*Vy}}D0oQ>eOc}OA)+=DBxy6gz$la{{*b&l~uw^&l^!r^|1f_Bbneik` z<^ul2lymZ78zuufOc^Ez(^{55T5u_*x)ikV9yJqG4l(s8vj(LjIG;6#%G@acos#Y0 z8$%jLbY!3Fr3F45#Av{anUI(LOCI#tgOjI9a$C$(VI;W<3tDi8Mv#nsO4Vmt(&%gr zb>*l9=^b%RT*$uC2fPxkGM)o%FTfiTFFs4?fYG+EyN49W3 z&(0-VK}yb={5Cd6U`ELKbx#%-QfHM?CUzo%aUr;PgbX=15>4c)Fh_oB78@k2QMj^K zpCX9*PWToG;+*%s@vJHY{%8!k4^Hfbwht|cn*=|bCFG6Q*qktYh%eer8uU*^aB3)U zV?T`fr>;q55S5!R93j)p#i+K_!IcD}Z|d@14;iXHZ3*NZjgN2U1V8n(@#8kk{Vb`Ph&waP)3 z@_~l0)3s*i8p77Rf2`RXD#Kled`RnwA?NSEnYkTX+WdoyxGun>mJ`N0v)Y*AW1J5& z=6X&B^c7e;Q#NxqtIk>$lk~GHlR{U3w5>P1_qjbaTVo_lcO{(JbbAFrZC9}7M^`o( zUYvwkBCx+Ti;Vbk9Kbxub#J~Z!0;8Qq;-o<0dFp~Np3=}HeGY6VTt)2yHvki?83(G zh_?1{#D-MC*fU0pfQl4{@k`FrKxX32Yz4?;xtnjY$|l^W;?@9LL1DPLf01F?*Q1rj zh2tqYGH;0#AlhoFhk2WKK|9ORDE#_f!iy1TuPshW3t4xz4^v{fjFox{*F}|Eg{%`1FM_S`rZZndI$$6a6Aye$gH5_B{p|v zj55bww~Su>sK2K(%dkc%T+4~)C&A6|Vt`bmoLB=iq6^3(h}Tl_6fnRnpJiB=x~BQO zfcV$Y8@ZfScOhfHI?qDyb88Cwz6Rx);mT!>-`W7y%)3|j|L_XXozi+mhmCV1?IzY1 zl}x+BpU_`e6Hb(1cw|Vjf+AfMe(8hUPY0Sk(3ad)Q322fuUJ1`DG&38iiG}kLI9zh z9W>SjTe=Q-f@Q}6|1fZLPRG7uTbp*x_)I?VWy@j0hfQFi2RYiM6#!*tE8udux=O(P zKe}fq%U-$*^6v@?4w-2lQr9;C@a*~?4?z5yX@8rr|8xKfH+hATorW*;ESr4THcEju#7z~fAx_qVU5{!{@u^V%(#MwR<}Q9vVVzD>1j!6L3+HEXQ6w6PGtbNR(cx_Cvt z?*7)5`ukr1oTAnvJX@zV|HOLrp{L#R@nYlDynlUF-V?4ZQjb5hu;gbJ;5GB}*&qEn zbL!%=T;(bT?r4h$nnixQN?(paPe)9{)2pgCS^(C<0wyuL1~72C%qH=t*zAUz`k7;2 z0iVqo!PVCas{Jydt!;wt!!pnQ{T&JRx&s7I@H zz>3tnD$W1>xBg!cL<`5*2gL~S5@4Xl8&KKM zj$>OMhmQlf{}{vd@t9$F<(Z(=Ie=mqZPWaZXXckGFfib{wFxjVVdCXK_Z`wd_8oE@ z{mu#a4mtk3_K#BYe(*wM5@jWo?c9gE;RRCbg*8}EQE~APG1I>hE&lV<3ywKXWBDr50LN+co%lbV(QE-=B|01%59RPGCjWEL z7$Y!D=SI$`2!JD0kK6m_pei0<;I{i`2f%Lb)vG@qtbcyNbv1!UU#Ju60yrz>pSAuo zui-!GG5=d3{Y?9qP__k-)c)JO^G`FXd<7VmsjOaL49v_o5zHTV!9RSQ@(sn~4P^1! zhzXG4{Pp|MKYtQQz@yjCx`4V!SM-AA_kTXw|F2&Vl?E`;a^@#H&(H}&g9rcl#0Upp zZWq-k(wxQ~pDTg?|JLxmcfenJ-aSdzRzL!P>Dff2)coUjAWHmHzGdu()lb0Qu~6mk zj~8R+F&yo*u6iHvfjO^@#s2Z)*gmG)@pL4N0|WW*U;UHP;eWp{|K+C}W5-j=;l1_& zpw1=T{l}h*!Mn$9P)x`4xBuDr|Lf!ZpN;=dTgLJKef*z||G$}<|JnHen|z3uJpK>ALHYk>R70>C@Gt^4Q@X1aVE7=7$zuJ{bDbCpbq+m=#1{&AcM83Hj>DRAd8n)CU z+RnHX)tjjG{EdzrWe}!n)1Hg4LDfPltp^agTSuNt(MOZZnewa8a_?d$8ZjAfW(nH* znEe6$8(>2jG1K9Q0YpT$qEWg6!v(cC3GMjjVx4KD?IUlfDDs7_UOv-oH}o6bQhVHM ze1}qKM5j7IcF0F3?M?Je40{)#I~9IOUR5-%Ul1$s^5bskyngPE^XcKm!_Iu9{ZyJ- z?f(r;oEHY1dV0$mo+y zB9X!_ZCYP#sh-4#>vB}-MAFFbC}UB8-mOJ6=d%&}biG%`V>dy=tlS)(RIT9!qWV1f zo-({&s_RiBHZy|FvUt5&=X6x1y4M748y>FT;M3{jj7;3U=H!(kBuAtQvud=iqVh_^ zXA(6E|APh4;izZB6?q{^fDrFoHO(=$LN5rqWmH*9?gBe4$BKtzWj`qSH-BrE+;O^T z%(){{{JoU1!vargq~@w}$&h<{(`2q`Xa?{4D&E_XN=jOdaQ?sWU|S1>m0LGP6^Pdl zyMUjB++2=PDjWiqtlZf4r#9JEu|IiPXe2U^!^9#d=XJ)!HFoiA8=HcFC*}hQtr-x+ zgB?50a^Sx?w>PnTOTo!u4b~F6t&aV}CBq(DM4wp;|1FLJPtAwK2gBr61qHiFN4v)K zlRPE2$28VNW%`WM4R0sUG~_0{br3}FUw3ial5)}i>zmmM+|%OZ-a2%xbSKjdnLgC^gnh2vuu8c<;P`J*RIr!8VBPGE z$qH+`=>4KVN^;Il4Xa9=jMrLJZ<>TrAQ=lbKI$o}^ua;|L5=Us3>ve|K&79*3F^td zX1Dv*=*_u={f?K@W(g26-cfg$$+vn-xC^-74TrXN8x+~h|4e@kz;P<=w=Z`Aja3ai zW_&s7u~C>J{W#BozOQQ$rN&iSEo7ILqoxD4L^-0r48AGF!?+?-_xsN=4{+P`a&gsV zoWkGSnWE7qGWYK7D4&W~j!&;Lo z0YS+;S zeBXUyH+I2T$M_4jIp!04fCnCJh=Q)p8d6HVK+?7e3NA9XanX zbH3h8QMM_vbGdV=))fAB)h?FcnS!;DY)?}n;~pip*jK&&wV|d&tpF+BOPc~Ms?>x5 z-L${V4;|Wb6+DcHiQ~otnx0iHqmGNKB{7o-mm0c?>C)!gHTRQUYODNdyba&6SKvxh zV~geE$h`HIoI1kSuVq7$3SZqP>d`E_=nQOLa9t;Ro?Td*iSg-w+lHguPdg$TK!B%A zYW7LrmcEhUtejFjJ z^xcF)z%dK)p|nkDZt_L+NXOrxKOgY? zY2@LAi!e7{+OW)An7ogV*GRml)^*wFu{=Hh+(Fp_hgYH~rWRW@LRQk%aWrE!;VPinA-WhWXjZF3xDy?7-^+DBL0X)3?{;%40sicG#-C97_s%ZP2@1?bRI?Hxh zz$me65n`s?2TdAwy9~wE-EB7`7494-1~FYpQbqb@J|Ropv3fx6NNhGxdH_TN?1BEq zPS^UR%bn!;LKzJVE*v<{7QgPheCU}1lxX7&@9=nET|QpR--ABzl6IjelthUoc$qaG zuxz3Vb0kdxlGW5)VmNq~{nisPrV?esm$T-zgi~UBXtzEoo8?Xztt-WKwPF56iM`ZH z8?jGeRUYgwdodDv#)MZJpn4gcmNeV*h{xS?o;nYPo3Ik1pELISa1 znyk>#`(@e+U2)6j<(g3X4TWf{LauS#RP}VN8+Nu$HTy`yqCTdHJQuNhKD#bx>^956 zhPV8dR3r9_?#{v-O&{We;+mswuNfRPbZP5rmh81* zFQ}k#vj(1*G&P=EwkM$}l}0O>y#vE3-flmaCTy~!3kJJJRTwVU!lFY%)lc?-wFLq4y--3NxQC}F2w#L=qF*H@?eV@2$2_lMt~ zmop%HDMF#^hhvT~;kwPQGb<#0+OP3>Pyw!ON@>g^5*6ChtC*77sraDBAJ5j{nZlPC z!Lv!{$!y%{6My8K;$;z*ge>GvA8A6?N5B!YbvS&2m_>n28M~c1wD(o1tE(?k?u*rb zz19IZch*4~Ga9*RW!!LYEA-8xA_xEba~7K(P1`Fk*u_0QLrXynKG2*PEPZdH)pGaP z@WNL^z(;^i&T%JO`_{l=Lu%Llkg52qu*AR?SIA(m{KLP1>}k0Z(WL-Nz~U75u_Jvx z3~Qescpa3V=a78-JA%_y)j=BOoaW!1_=bmwofaE&EyPD)CbPnsTx4&0H5xXP0p=3+ zHj|-!>raR62?je5kPcR!I%8iK#PMSIs_18#`6{*HEISMEs;yS~t;x#MEiCS;{P!|~ zwV4cMc-`@vQVTD{V}fFhBx|jJY;{A$l@sg6KoV+h^VrJT0AMj*!M1-@f}?hsU^s}N zznY7T{fWD*rVNj?Ij$wnG}!*S@xzISCdAXv7%;I|a=T{o)Fqd|ZDIIBrmkKrNbFTm z{%Xhb*F%NM*K)`dqvW|q`-5Bxiu}!|i&KO^R7T7B3(6r6C>rgh?|W2e>N-X5fLNNb z;c(-`{MA^pCiqLZA^ux{OjTz_htMYr;nX|&yTKd;L{#FJKs11llECcE6YMrT@I<6{2;=*= zzh$)JN~if!mCTlWvQ|DLF)I~~?K#GKnO0?p?3OO30enKiK{&3pNj|j47J} zG)v7o=0He~t{jtK@wQRLdmK>?3n{na!+tOjKG{MXW3)3QR&4S$EEy0?27}@d4qN3v zx5+q=0ps)cJ^gG@E*UyQJE~)jSd>w6Y|LgyTXDZHKI=o4xdhR`m94nn3l$ol{H+G{ zR(A2HLd)F+yTtk%gYS#zU+)Eu^yn9OHh%Gr+cr`QAYo5iHK!a>BJ1>kZa3w%p&uFCF@bnY@*iMt&1bm7{l`@dir}!@C^x1Umg>Jn1!&0%(^;S;XkWjqwsz z$pM11MbxC{%9Q);Kr;KbCp_c5FJMHzuG?zrS7W3mX4!b->xKDY8%|F-5y!EOOG zX@{FzqY}=`WIU{#6K1z|V`#&GdVdK^1ez_MP7OJy!=Bt+tXt$tJ*$gl9E^WNOm^YdY_hkl) z`fO4A4DVBk_%ZrRr#npq-iMBHuMzd5n;`fY1#fSOwwJ}4$0!}^_iOat5u89Eai}e zlEWR8D{Klo5Ln{!ESAGA3+Ui^4M1M#(cPBszfE3adU;y&4B_#~M7#os z?~Qbd$>DQ2ShKg%h~T7=QDvD>!|>FbgBlZ1;T8hTmC5-b+}Q!eqU*m{m^rp-F$GH%i4faomz+~zGB3sIj7WX;~-!# zfTQ{);M9BNw%d1&gWa|ahc4hE-=W1WvvCuiMA~zWdwZI(b0GX`4|A^n_hn&2bs+wH zcIectHd&doygPC-wx`aS{5+84S0Q3j{rG-TX|JfDM}>Z|ujUKZG&gdM3yK~v)3mUe z++khu9aqz0xi087e_FT9#aZyx_(PRB{fh?&F$3A)^x*v$WFnRq31Vvj2d6cYdJeW( zumR~`cu@cMz+~*?IW8lnI z(ktv;(DslYH%vq)UT>LF+FWdaK6DSg64Omd>{G89)wY-`!{dyG z7TW28Y-UjwUUE6lCM50n5O@*5`Qf-7p&0*Y(_+S;f0H-A0uQk+IQo zU{MFiY;$IyQUW9F9PFTL_e!*}kb#I8tB~2vL&9p!^CP=P6HwzWtkS+h@PQRI)w5ql zw|I@ugY3-oSfy;efNu|;w_AFUtd0zu(C2+k3JwtWU>& zTM&KiIq{Oa*$=Ndn@Fvo?*{YOX_9QH*s}g|ZG3(}h1dO9os@mjFIpFTL`&b@L5F}Iw7c^GHL-~8L1!T?qM7Zezhh8q9qqlFO zD+**bDo158B^|(fEo%F4(e(E82^*?*sb7srpOtjB?V{H2Z$BM@W{w0(#x^GLl#S*r zrZv>Oo6+BYB!lugc}OVa8g||k!-+d|>a<0mbICjD>-UtWT}Il|S@z+@$`{t{PRLVp zQCFUBnD+ye%lM%}9ad4LSuZBvxJ_x)&yxE{QixP|S1kX#b>}Vxo~bV=XOLa}SY`E3 zT~E(1Yd+P5vF6s+wq-ujGTS-H+2!l^?m_f=C#%l~;#DAFw?AOFM zrxyH{&yTP!pU^wh!WU?rV+$N(p2y=3zi@61cJU z4tPMGZ4Jt${-1#&OTuB_b%)t`8~+J!%xHAK7(?U6w(Lxx9n0kFN6$#_XR5^nd<7cX zrZg=V$=sC#Z3fluk4$2PV&jnvyB_i39j&ied?8Cid7FiRKc4}=#=)bNKIWs~Trj0h zGXJKSm!p%4L8KzJ8XPSbp!cP4#}OI-NO5(T{RqU`aE^<|p3)mLyoQD!W%)(4stL@M zyv$?8SMPx8bBR}*JM5FU_taQMYsNV29v8c!`1|?mn6!zPGUkk9KQ$Gri;vU)cFesa+8?7Sf4rU?lK z7id=p^!p^59PPXsCMCvQUWfK34B>m)`9F?-x3;VE$OltQnB0^R+?laW!_RM8#+vt^ zA_prUozmTb6ArL8OH!B0!`{R!=$(0)dSl$>FZgHkCBw2pH$QGaVgY9JJcs?D<=fg{ zg(*jSL?zvgT?CXR)oMJVP6(+pLz7n>#osHQA zlAV?(1Y*-tm$?!v zC*U*3F%o7yWt+@sQxaixd*q@nW?Fq>I|ep!gX;t3b!anh0gRbP{Kv0Em#x>&db)KF z!&)uwO(gb3*6^PP_Xv+*^_XfkpgD%WFzuWRBdt9^wnwh$)5Z`_Iix~|-Ly-n@O@kF zw{L`bCaGBISR^`NVJd3zy1Y#y)<;`xSHFnys5`jjrlvN4Z{Q>X+$*Gf#QXPTwi3 zGFVPoZ)B$Mi^R@L7*6Tb^flLm-}%P_4t$`)=9zkpXUg5i;Oq`~jVT1eN)P5wlL)Wv!P-KYd!CI0b{sNvpwsXlJOUZQ(@vTs|}_{OMS^5 zCAV~j^gSlvuIWd3SkGqdUI&m2Suh+G)Xgpj+OayYY0vVU{MXxkbP?#jV1W);1UI4L z{I!EPIjuUqF8!uqYtKf-(N8y3&&T$N39s~b03AY#jK@_tU{K!n+8iq1W%06 zBNGoI@9Xz1mu8FtZpc5m(SO3VNk;$a=j+x;06+F%XtwBUQe85FH-zC?L#5G^B&ovf zF2Eho`!>^E2l9N!lYd=3H=Bqucl7wz2XV%Ay5FQN0cXs16p`;q*p*t=0^k71Z^Hgy zNa|dStl5gV3`BD`rEcX+>sP&M7p?i>ZpY(gR-nuG`a?l+4k1<)^yt1Tdc$Y0xW`FK zr{uctN@4|D-r(M^B4GW+-@-h+K{=DX1YRw0{|59+sL1@huhkx8ps44tlsH}L_2dEt ztUvw+CBVW~3~qa1;%;Xa>gWP?Ho24AQP1a-NX@+*>7#SCz%PW$Kz%8uPUFGPX~}0h zKaj9a(-`dlw*?I(_I`=EKCZ~8V5t-GK|=ON2e3esUN`n{*f$Oi=XMl#a2GgFQzDNl z4qfFAhtGLTgsD>f5ElFK@~;YK?VU_0!%-U#fXMf#WiR9rOMj!}?VMmi=c&E;4~v(b zfT`n>Vl%+9wN#?=9oo}|oLx2CVg&SByZzJRTuG)JKD6K5h}MGF>7>wma*W_RVS3c!H;# zlx^)j6lOUj=^Az0j8zsCDjl_TN4^d5yGm;_or@-a%zh({FI z>|L;EG{`;Ty<->X+Nxf(03EJKdaWQl=o})UEg5OfcEWJzqd4<_P57pCpCB!phH8OC z9%gSC$hz-s)OffqGGGHpHmDJ81<@KOgF1^D2V@Y>dDPeDJ)Xc%e73k;-y}StLTUF~D{DOU)?*^Ak#Zh$o>tkcMbVb@e+;7J$Sxa`U)~L}d zI@xLVbvn-j-$BD>jsubDX(BN&D14U{S9Q2OO%t>1KDgKLbtW6Imd?K`T7#D(uZ z@5$y4f#0LQ*m>hbDttFe&?3-=Xm~QZ#6&^p2_xHmkS$l->2t7eNC=Z#TSVDjz>`7) zfQy)fZe8eIk9plWNVJ)$-?oZ0!%J&&%yRjdcxP3+Vkjjj?5@+wYy2(n z1ZVm1SB|$3>lZwA&sQj9=FamYHgiQNE&YS*;sN>gH9~oQCk1r+6^_&OQz$ zkZK;lcl&NBYazr3FVf(VYG+j8xW}(30}(*oxisI`Zw*(lI|$ZT`jk=jTN5 z^11OrV<#zy8W3i^#Yy>xX~FMF_7%}!1D(3DFd3@d?>bTlQbnoEyfEyakrwr-FE z_uA;Wns}4no!~%IfG_MgABG)%H3#;IH9@WPV;KF7c&B_1wyU7kqWnzEQQQ z%_}A!n+C^6t)@BKgf=Vj2X5ySA6Vy@nN~EJIsN2Un}p#Z*Ph-JW8?k*#CiGqIu$k123iByl4@u z%I!bp6BGa9Zr5a{VP-(a;o|#yDlP0zL|y6-buRbtxROq^Ly zO|b=9jfX#{G2M)M1vHVJs6Mto_yn|MW~{T3IbPJG^+Cg;n10!t2W5kbhb|>e_iQUt z8{lUx#>!sY&fHH26nK4FBb#0&UOB8~mmN7oP0EkN^d35eXiyxi2aAWibmF;B7-H(M zF(l9lP#quNyYDD}=$jL^5`mMKy=JHa74*ek3P?riF8YaT*#yHz^;B-JRv#|aA{#4LdTq;A(et0ms!`o;j_J=k- z_2*6T@L#zdkS`Db2OxTMd1|Hbj=yGnWH17!X0J$-bbWab7}nkAzjT3Rcz6Z7Ffa{W zX5u6Ca7G&Kxb{PFSo-_AcZdC*1#$qZgRhGxPZb~iEwB1-ts+0q`NG!inF{zF;Pedk-p#ZkZm zK4#2md@Agm*4}N;GZzJ)@f3)^_0qC<+RwhzLki0qIJwK|nydQUZi79i&L_ zh$t+j_YTrKp(BJ)M5T8^CxC(ofzSyxe3Sj|_nhS(@7~|~{(NJcG0s0ro@73A&U?H`+a*`db}GU!ElzXtZ|&wU+KwN92$G;ln&~jd}-eK-au)#rOt#^Ct-|{^5f# z8Kwxr`qcStR!Wnx?#RqAy6E{7q~RMO1bn}Ls)pyb*O z`QNdd?5t6vtJ<78WeML@8AzuX%b;!x?+%x6bBR4wO97uo%A2Y_UG+P51IgK3?UIb0 zbqSjtUm)hBSrF!dsC}g%e|wXdSzs}bnKNL-L^m?SZ~fOl9os{zO4A5H2A$r*uZsg# z)|0ZBy!cXEEx2v-ZJuAy#;PmZM1h)5KK5`*T5QL)GV-l5W2levl;flPj&VJo-$`B6 zMqo~1It^RjILgC>AAGzg$d#2v5^%h>qd1IIm~TWm{aB{_cEPPBIn8g=vF9x9_=EA= z<;!1mK2DxSPT(kx#NDP61D#xQxl0Xf&>=I_o{ZZQIemGDL8|xqXi=VQf99Inkr}cT zu+)aOqLD`NbdHyOzcDx<(0>%ylg7KusT6+KL9OnsA#vyVwThMgiMbli&$fcAlS9!Q z&PR!g;o!E>kWIE{ifTMR646?q^y22hL0qatEvhbG+we#c20TS>;4xYxg7h`)D~HAi zhZZbcA=OYL>7ZH7n!GEb(fx@w@w)9n%waBIt5e43M7AolPaWU_aVx?_$#tDD@SP2uqL zhl-~SMiMp*L<6J~gL^_4ZN-P1w@7`Wo=1c&(YitD?SLm9Zue}r>nJOb#flEyfhq4@ z4ra!j*w~NP&Fmx!BD{*6OFJ#Q@SkT>yTe)zE{w-=mcfk*43V_OeO40!%QFV;hwO~ zmXk8Bf&ZiNRb!oo7!v(i>qg>I6a1h+EdP6j3u-U|$4$kSwE*BSvg>_+!g6BvGxYj8 z;b4(U!A=?fAT0z|+ zR`v@SLuRWV%OmFedr=aBb?e4e+MBN2pum!Bl11z|?miX1$xXI;-|mMEO$9CRMsKz> z>3%s4*f_nuy+25?wu_td=|R?mJ`8UOZ4?2*>Bxxtdjy*qIBd-4D<2T9Xfd(0h^vRo z=D*RleV{M_kiVB7HV@H08|;2^e0Hc_(>=U4zM8_JydV{}=}#hcGKtAs%WGJlf~At` zs_A%cKn&$L4BVR?IoUEGgJ=4OUQ6WSGO`4;gwPP)?00O`0Sh($BvZU*JqZX%_9I2T+ zhO!6bAH~5b3DFEJcTRmQC`{I->X{W>-Cf8CwwPCmx)oxAr^9;4+Y+>5{D;yOHxPGDD!W~u* z#=G_dGy{HLLGdIo?)qkMaY2CKbLYj&XC3H9H^=&KL`S%|?s2Hfm|C7itL<(fE*F$g z?qbhAMRug}gkPFmL4QcSP%GU*%N;k!MaV<9?3Hp=plcNB!!O zJn648%vT&i@IEujzRAc-_M&f9PXRcA)#(FtZyQULOuf3a>_3dwggz|m&gQP<-9}}3bmw@izD@W{ zC}cpF-LHeUHpj8dHQLoa#WT?l_=8Q_t{II>N;c2MpEdNhsNL;1>lAA*x zG|F79E35%hE4RHOb4`NH?qUgVz|4bn$mNqfok?Zqu1ls*aW+G+3+=9~ z-x`q0ghYa~Zj92dRVfh;s?sM7#~%$*|AiXM>R5QGFfcyZ>=S~!V>@1+GmZY$%dk5E z@Pm9-D^PJY_$%aC`ppjm|jUmY9A+Z{7D_igi|0{yXEe9N_ZInB5q%y(~qWJNWpW&^l{HuXf&= zQ;k%U;U9vHI3632a(>R80+YUMWraV*86U0(^epOVqE-^U79+EMsD0C+%rzTod9 z4v!Waug6+|EaC^Y=?~uN&H98CcMGDt_4?f`1PUE4~tSctWPFHiw(J5OIrJQHjK2Pyw4Bwz$b0f*! zu#kI-=NKf~_Z~@?UuPZ6vxkjOIZKywxrCl8RMNRrgpy{~ha5y97GCh#nF2 zSmjfm|1x}b2i0vL#cgZMpz+FjsF*&RKytlU6LBw0OHqvsNs#$e8UnBN5CH>5e^8l1 zqQzOw;{lo&JsWE}au(%J>0kYW0j_Vr0H%n@=5?>V9OFfO%1^$t7p^K(cP+h~axZ~p?NMWQnz=ci_EiP)t@n32CcKO;m@}G} zh;Q%%xp*$N(i+>3P>NA^y}&!}j7f52@fM3T_cA(kP}+?YZRy1 ztx$Ki;y%X9)%Okqf4kGuJ`_M zypEFH-C6cl#}X2aZ5iF)9if-gf;KmCH!h;Bt^*Z^MQ4uWf;HamAk)r zuWV+1e|!Xz2%xm4R-nn7V%QcyTrvPS+{J!UDiC110rnGZO1-$S;dT}*v5O`DxWth4 z%TDFtXJ3FxcYjCAdQfPHihA}%Tr;ufBd@=Qa53rw@bVrzC)={qK0LG?Vy#z7=wGC; zX}ID|Jj`bzxSFaxjEOZ~M~B(E$UYPKTph|BL<=e+@gphF7Oir=Hqz5;b_*X`&f%>S zZOQ&-MJIf}DwX;*&nx*We@-otPHf6$q*?ViQwGyn7t4rJ+1%A`8RF3E5yI2gpy8^5 zJnKKzQ;89~2Hw-Bf*-nRnz77+_p<}<%x1VR7sh|dwr>oBO1kW82iey4R-PcwqD~Gv z+>`frScP44F;}T8hMhVyh(dyd4$(TCGj6tW+>Sji*hy(^|E7@`u_mt$f`-F9_}U9^ z2EpB2`@{T}JX73brme0coj=`Y^Z%LQbzFBsAe0niZQ1ZKvL)AS1n(9UE!pSO4!vur z>i(I2Y0-+Ze0VToB)GQOsGF*9U4qPO7n(k@b1=%SGqFZR`L7EH1HO)6vS&S3di5`zX-s3bJ2*V188Zj=w znh2rZc(H&_oenYsnMRCxS2EdP@h?w}kIy4i=8o$Q0k;9G`!7CpS{UIJOQL&U9(NWN z-_(I!|6K5o(u~sLfJGzj7iXp)q>BezCjZE@6OnI+q*y-yswA3930Lu4Uneu%$bRt;h-`Hz^fy}zGL&`alueiL zD)yxoi^h6Bna{m3QE65%TI5k6ng2bJI(DHQU6&~yBHqajNc{Sah;g-Hj1fG*9u`>K zR)(8s{US$A6?46Pj+`!O@Q_x}hG)9&)FRPECgWc(lk?h>b7+H<$T+U1h;p$hO;mPF zqQ{l7)YQ=)mo(QlAUVxpo{<~z^gZbJ(|*!0!s7C?ml=_>5x9$tssmy+e-c-=_tm?u zoaK6jKHgJ9wnW^9j2coCa3;P1Sd`8`&O<#mKo7ji3k9tnWW`@L|1thY=ZVGiU7kYY zq(~cmZPMkQTYQn;IQ*{8(4g##vgo4K(ep5$6oOv@Hn`;K;|@T|+h2Qx4?VcQyOh!H zfRKvP%~eL>(Ao0(x>C>d2?6JZz(xg+_-;|R#{IeXwr2gV0Ve%4nS(z(^0R>mc2xcM zXP-F4Ny^jYXEi-IOL-@ZRpWkFe;mu$HnO9k0?6$P4dJS{3O|G zG+{$3L{22Ns;np4%bo|EGrqJ206rb=6dMDS!8;DmDJ?~R)<1lZcGE#&E+GGdff=Df zH0*pgH!of&b*1+vpYq!b;?kqM94d<0ld`?M9p1sISiWY}5c~OJ>CF4)K)cZ8_+|>7 zsFy$S7)RSl>?z}n1NG_1UIV)RQqt-xs&?0oU%iarItWmRP-jYW1^XzWFS6TUD zue)WZ=fC7A*s5C>+RuQzlaPB$=ZV0FRqfS<(-)eYgJHB=Y7-n#^r345jj?*%+9XjX zHMc%KL;xZ6Y%3o)wM*-5M7=fh1N&%(qrfH{{<5K#t2k}0$m#CjS;!QPuat(^Xynq6(@W{3*WpJA-IbQGeNZsaMKKagb65pcBilwGUPWKcpvdfxo{;P^2zJhdl9 z&~BYsa^Kp;YcudzMg|I6dc+lEI$)qLwv5FA99!#XFQC0V=fyj_T*o=A^nx6jP@Q*i zIHHM|N6@o~+vwOt=hng{T>RySVe%kpHdR*PepaB0m_Ru^skW3HQf_AqD2)kW^y@A& z62#`1YJA#!zrkJ8hZv`AipRrB;H>!&7&ADf<2RP^LC3{)`57JV|>!Zj+ zgP$RLWPS10Q1N+O#_6bPbW2O`X@Tut78{0|+L2moL8#`%2m_78p~n!m4w`Gs~)N7a$HHggxBbtq*!-`k05or4n;rf zGo?~jGDr#;n1S83c5^evPeG9+w8^cM0dl;OptAe5G`EIB=V$fO_SuZzp!?T?9*DJ3 zeVOBxwP~dhmY?(;h%ckXGBCrZsW>;va-XN^3JAG1yZ!>`rgMKw#CX0T5yVOJ(e$jo ziOOdwH=o&WJg-Xbdo4SdjG@-?CCHo^(}Fkg86$^3)7bJ@aK0kb!yn{fS&AjaqNuGj z8(N-`ZiVP#?iF7n%z47EgZhf_pTwax$ce%*fl`eLa<-)qG=J@O5_Er?F{Jt1o_EXf z(dRmjcn>7{xUSiIYAaScy5HXU_WK5mv%$LLjq`9Sn6ah>G=Ud?hK z8B;!RmiIB3IYq!v7g~PxL0j`ORF9>y)x{a0~>Mxn{ zg0A(bEEQW)NUUPztMhT)D4j&WtXaM_yMM=JtshU#uA%!a;;=P65$K!92YT&Lck-7_ zBSP}q{?w-(6*M&a8GGJR9<+QiKlt;J!vh)4I%^SrtA3YR3vzl07jEYGH681q5>&8w zjw#XDKlucI>`bS7-n%Q^IPq*AS^ws9I=E3htUh0LGA0T7{NTcOt_rIGqY<}P{Pm%; z0G+3tp6Xb|yaf0feOh1B*3b$L#m}`HJ$yv1DJ+vrTtF3e<`u|}CK@#KyJRZR{%O^^ zS^~G~zQXHXo67NQUZw%Du0TrLkVUv3UyLFjc{T(%%t@$XL-MoKo@epaMS8WgJT=({ef@_xOZ*7_X{ z*)0n}!#W!sD?HD^=dyOXilb&@KSb&JiyqgJq^`6}WDfWDeBVy1z4!re{ts%6(=4ra z+@ljGoTKy405m82tVX|SwAjQYV2;wTP;QF%?7+)!b#fdT;46`dIaM^K6W_<16$huY zAFALYE8mX0X4Y+xe6po#Ov_j9zv5z{_%Moc;K!dGjr;TxFJ)XW-7g`zKqY{q^$TYk z`|cLbT9=-yGCnv;OzAY-s%fMNl%*5|C4++P@vl+8>V&5bM_x!#)af(Q6yA+&`w(*am<;%y2dBXO8iT}s`t`(Myw|SssC#~BW~P6HfrUXL z%?UK1q0xZm>^liWeTC`mEU&t7NVL0rkQvd@UL2>&L0E8W7thD>^x#tRJ0el@Sqbc# zFeA()%gb?N*lf9MN54ZM)69q6M(?xP`rOBXS7cZ_%ot^$-o6)b@lW}}&ShWDyMZU< z!)CoHKShkLjuo-+x_U!$tClJj7`yd@hzvJYs@kP)-#~55gL)Sp?-NN9UGFq!Cff0E z?X<0qBN2ilE@cQfUBi#9m$&%`fM7q*lO19ahuLkUjwQbKayDDfsxKts`Zwq!STASI;;e-s zQ+KsHy?4qyR8Z+d?ink_s&RMnWfJTCMEC4ygnVnJ1ylG{5&Vt#BfF)Bv9dQDyCNfA zPe3YT0!X-CWfYZ9;5zIpd$xS1gqQ^=Iaw8>1Y-bpU}m%Gz|d%A1&Vb}C<3)aiS5oHXKB1|{{!5kl-JtpV)fH*tEW0d z7=Z4)1}%9$5HY5dT?Wf2>|ex2=xic;EN1)cZO2uPVaOa1HgQLWnD~9L7 zuyQMhp~-z0HoTZHd7;x%nXe7G*UQlOiX-y~#=$`v|MXrn^ zR?^4m8hc8Pl;6F8 zFeSipzItp<#TMRbJnhjLK`-9tm;2iKwP0arr|a?viLS-l>MxMHQ38N-M!*YPd7s&d29P~} z{q63`xdu?92-(^NLiTg*ny=P+kNz4x{a!ZQqz6-wzcc-In$W+oN4?4 z%rp^gD3F;1-I%`%R8U^dO#)um%^Zubznwk5g=V_o!z3-&F6*+awQF7A%l?O(2E?e_ zOA`Nk$%0k%SWD`${CR0|Mh)<^G%xRAWwC-#B2zX%$}4RJj&=8ydjSbK3UYwa&I)+m z4DJy5{~&?#_$3(p4R?Uitf0`m-udVGU1N2=LEuJ!Z2PhD^1pxif4)al8%SEP_!5G? znE&&re=p(uK7s%B9Y9hGUJ!6kvp}t0VW|1EI%fG~hUVnY?}+1b(W|bhYfmZuF|NS# zamoM9alLL;1Ugr%xe(-?8Fr5Ih4~H^#)$wNbOhmYe_LvPv%JsyC$n>Uzmt$z=V5>pZ|&C zmrI1u>o#}Q|H*s(pC;&k`nTLmU{E%mxBicjNV+;PM)TiV0RLAm>AWM!UzYX%Kh=!? z`r*gE0G0N&<57Msu!r~I@BW58{MSdG3W9A{Bv0SSObE?l4U_)OWd6gqFiD<^xwThI z0|lb3NrB&9{$J+ex4%9I%>NIB?0J^VCh;0orPRNXg8rT9f^h^MoIe<8reeozLPbe; z*t73XMG3`KX~jv#EuEeD_q#>7j5oM! zq$i8>!#6gzTm~e2aA`XdR{bh2b32EijzE>jZbQx|2)vYZNU8vvI{ded`=2)WTjnSh zmv0Zplp3`QP2yeaNcI78RQfLTKN#L`v-Wfu7}M|;8MuDwjeXUAlRx-RhXofnWK19B z^~HnRtq;?!_jj%LiyF9}*SItd)qxGqvix}c8$aQ8kR!{2>SqYSurT0Se;Qcj?3NjD4>QvPxu{BA;j{g1~} zKp`W(4(`}l4P3*RkavIYF|f*)2})djDZwe+L7l1jJ6Q4G5Bjn)ct2eg8y6PfZR|8U zL;vp2RRV2GD)AnzaZ2!-9$g|Pe`Rz2KKZ}>dZ79F`}NLm)rbR0Mpr?RTYvXKPaxw; z6{!P+13-?RPr91!?>?w?t`LMWYWzi!_F8*4c=z8={_nODRR>((ymbuS_8K4uEt&$w z+`q2W?;rl{OM&7a{oI9f)A+hP`gix}XK=w#-O`*g0IxUIRGvolH-GN&+WB4I&xhIr zDx4@oKJwfD!4Uqs7EHFFU5!E} z)Va!UZ6ePR5s+#^GE4r=`MjKKf9?$*9|cQ*UBm393uxqjZ!KP*+k-H{xoK>Py8Yc9 zQvqi5-PbrF9q@WWa89dtfAii~-nMqFP>f08w(UHs3}Gjv63z4^hB+ArqGi$8Y@GuDpHLy8pUt76_| zi|GQ5)vY{i_=sKW>SiV7c6+~+oGhi)06sI0BgI%L^^CeRmH*d8N%OkH^++P=#ABY$ zv`0B{yxJ2fev6s0RXeyAKOGW`U&fuu#bKGsD~@lgM_S0~W03*$buEk}IJjd#3C5r#+WW+&pAoqy7Bp8lNX&!@1lr_Vfv4BEZu zHycXn8@5{%4{WUbxo78B?fMA`9bDpin)X;}cKW?|cdp*?eDseh=XMH>>`pn2GT*J- zNfPA0kEx@S&QFE@D?qu(&8U7+%$5+!uyXY*U2G?y>sN(@I+mdYHurF)W@+N3=>{%e^A!D?j`m<%8CGSd21)AyRsOb&oWBwl#ogCU zW`Abp?ad3PiNZvcf*wrrcHZ^bXG|c|4~YMIPdvEvLHxuHlgW}3Th9}vndvU)7p7~u zeNi;qUHSB5DLa_~PdSXC0%2vk|Nhtr+&veSb~Ca9F~v?J%lLE3itVSA6(8m!l+}Tx zUBST9js=&cAMm<&al=dP%r^q=s?I z(8vv*WPXbe*1|&>A?OfqDO=^2t+o@ROMDhXR%3P5!FAEJItdl|hYF>e2Hzc$amlbxMPC*%{@+_ei)S!* zCEa=OE!B+?@4Z!45A;y49p!07HE5er1$ZX#L#(hm8O;OXS*4^ zHz6dr5F_^wW-om1F(rCG?C3jU1mGn)Cm!9)^W2&UJBm(P4%?`_;CT{Af=EGB!HjZ2H)`r%?SoZlo?sbRy# zkH`?=@ltrmi?U_?zIOTw?>ZMv8!s2_f|jRjb@&s6^~LM<^r}pSktFb3*J{rFI4(gi5B~&d$9i@XJ;FA-}J`?1mZJ$Ws{bcRo3I zWtXv^rCk-lAj*;HyL#BpV)zVORkhvCdGEeee_DT?3aCQ)l6?8z@Ewu^`mlF*M&~T$ zXfujeQ<4Hu_w6)#eo(3DV*N<4Sq|DM@QMe3&LjnD+zk(X-1VyWHJ7b|*M1^{OL-8b zVbw-2*zS7uzpajJKFx>%V+dvVafwsnBID=D2)F(#*DAyuqf&H$)^0N( zviQb_7kQy{hA|r#uxaV_$*b%&Oc`hP+1Ai|;G#KqyOh z#uxT#G<0NCLyTrDI22BgItUIoMrj(pTrDeX?_BDS=Khs0mNxX9(t0F8%8|U}`)G84 zT6bi=#xQ~A`yAgc87QN)_`@rBaW@z_z2tS*_%v!Grb&Dv%dhRXw^aNbkrLt-$+c7B z_ZSjNx(#9mS)J!QrM9OTFIhy=pt&8(*S_72yeW7qD>!Oo)$$DQF?EC?@Hs$8sdjFJ z7@yVb>r|>-?@Hv{tnhRQ@@=Tr#~YtkD61uFpyIoYzP~JJ@3Wt5?(hzn{y$XnNB2aeNZ}%^$V7 z`f5iI-iP-dw@EKR5mBVVf4rnNkM7~&W_q{dL(x}^nN*Ejz_pO;573c4zSW(n{DG>I z^WwJL{*`s74SOHZFde--?Xi)Vi94~NcNBG*nG92`$j4yDL+WPo?`9dYC~d^T{byKc z`jCcA&mfqyWIl^s%(v4fm0t}%(c@=Tmiyl12zbz(TJKdq{DrBOjYeu=k6gBrA4em%4Wh8quyl-F|WlGr@T;H>sFQv)WnkI1Jos6Ftl^ArH^4rj( zyLh0mp?GRkZfw=S)61H8tD94tO zH?w44^`+t>YD=YqQga#sN%)F^4DA0%L zRE;m|b^IJLf#qA5s{}%3w+Juak8Q=k)#H+@f5Lo5UhkE_o6UpC_kE3A_Sf{heoii1 z9B#*tZ7aodblaIJupD*99Er-dattMYaU>#y`rj{l0XQ34uaY&^m;g}c7m2Q%)0Ndr z*<)<+M{uv4jlGaJBR|_e8|JUZ;z_f7C+{|De5eI(lRR=G6%pnhe5Nl|8@WhvV{|Y| zJv~GLc3koz7?&!vc*3hREZf>G8TP%A9hvtSJ>Pcm^s#;j<(-`|T29{|KG9e^T~)DU z<^or1!MXkJG;O{k?g8UtuG>S>^2s>H05?4RnwuYe!p32F-y8C;2k0s8;hm*=KZHA) z&Hc8ZRl5u2zNBXU#Mi1d6i;&~5^eWz{cwe`(@NieD+TUYb3-@M2c!IBO6Q1sgogW) zN;Gf4L7#KV<^gi}>s6wHKtYcYv%ytGi%=@3fdn}_A!T@UhA{)g+e6ZYTOxm7sj+XB zx4vtd(a&t4O6I0!W|MJuD#b#(4c279?o_{{yd z@AcZ12K2MCv~iAFM(@cYrsdlCnbh?w!532KtGyWQPo9fiO^q$Y=aczAw$!9>si=X(Dm!bFKD}LUXA{7=OpPl^ahFc-ZrRNP~0;K{LFGdbi!r zF(6rp3r5e0-7g`2F;iCM^|L};H z%0y!Gjh6=`r&LDUX3;0}%2p31_xs9Y3G5wS@$RSK=XV%$M_e+_=391xyT|q_b#5OV z`J6|L`}!?9wYb^(IVHmT6&nOe?EjLp3s16};FoMVEP<_*t;=hMv%a){& z9OtX2c$Mk=X5^^0829Ak{)pposn7KI^Klg1g`T!fG5rH``{%$T3x>bM>XkPKIj$2C zOW3#-5frmsB6DgSe=U>VD6F?pyE@ubZ|VK6WQ}T0Z?n8Tk8>6iCrc_&nf)1gmF zblf}_pJPtl#!+$0!BXqgty91Sp796}FM++oTD6J0uqY>Vo_!ja6r}`E>$`+m8JznB z+(u1W!BV*FQ>egWQwmwy(AU}`9rJ5xB%l`$G%%J;U1?+*>)gE2^2jd+=!=YFZmT8F z>Flqf=8ED({f?dhG3DKj9;Dbq$A1`Zw~oZt2B?Ihxftp|vW7y3**`Myb^P)as71^( zs8SGcmT}}#0qGOec?2cL#1bo7R*joa?qqFj{FV-{}QrKP|+)dz2HSkw7r5KF;!GtH5H+gb9% zjjzajqUTD8r5OAz>*jptXo47ZY|_Ak=U3rkdl zk?5|Bdu=?wV!qN?X0*I~EZ|}z)Ve}RtJ@ujg6l-5iE4|yK;aUdh|8r?S|fd!N+aYahi$gNg*QxLC!Md7;Z0%Hi-xOg@ zVjvw6XUCb^r`;a<$EV7Y*eJ`r@~Sx)bA_%Xe@??cwsn>+fV;|4i9aJ?t;x=V*5&>s zI~{d{u$jupGIdq^t0Afc4{>_zz|Z*F)@~{{T4G-}^L0qW&iLG7^YIj{N6cf@Bwt?) zLq>m;#-)!B+%pO}C^9%a2~ZZ{OeXPQ2`vb|8kg!&ykT_56&CqwtW>ycDcsTiL85`i zljcLqSl_L$I@=?4>l#@nR2q9J92yP7+WBIimOXfBe;plRRJZ%``#}F!BX+&)Pg-#Q z@X=zb#_uPNE$cCTsV%j|uhvhNbh={M>Td#I9j#!aoKh0R`ZCkU0CTJ%)c~&H1)YsW zGKG`@_d8PRxDufH{ecSZN|-)GT>4p(_*mE1*sJ{D!zM%EJmE3!j77hBmgC5c&OyKF z%LT3wAHoC*sTt^$gl9mj>NtFk33=@KX09()xVG4u*x*rTZ?0!QNC~BdWj@qXOMNa5 zP0mu?vm&+U)~|Dl$VMSOl<_ASbF&VURobAJoEbM}(@DG}`?OfwZV^!BXg9X{98i)P?IlX><&ap1CpCM!dvtM2|pGyC2@T0;2R9K{Ejf9@Kk72tnBk|_)LU~=> zAhHY`AA*KcE!@8wHtDW%zms$1ExgP#S4@C1yVXr8OgM;;g1Q3hD^n_H|ApI zX~E{TD=uDNlgf=ysREr1APa$YuxJKzL*6Zaqr%xEKd_5b>_QO@&-0Md5vF+PkV^>P zK$5YM5Js|}q2T@r>$+-4!|a@Yy;#stBeieY}c-oo%=6L9<>9my^T^9}SWB^tg6 z?mJfa)~|oht_AJDJ%-7elUiFKG~4S9+t2uOUt)K0*G@Ksb<};(m$yo`?Z{1}E)#c} zgSq*zeT$g3yUM>qC#@pY|IB7?4Q8kN*e|#+(R+&f*;j}U&0p((_w!n9cLL`qi88C) zhbr3o_^b!bj1b4mnLoAD;K)-j#{Fn=hZ-c0m2Q##l6uy;@`tbxB_L$ zT2^{+``GKceJe+b+2D^K4L4RfDz6emw$25daaS+*#x}StcTwrY#VS%7UrGJ>NK@3M ztmtErJ$6PoS9eI6(4j=T)WO~tp}Ata<7h<^FY$Gn3x8(%p`atf~>)yn` zBYt$!{X`>}3Ng9&)Rvn^uB>Q_$crTHM}v}5ECoOYDA#}S7-YU04812}fHS~xp5Syi z@4q+DGRux5OR-#eq8Zo*Qd|`81P5=F#`EfR`abnCtoYjR>#=m1YE0)-#^{BB8P$+KMkwrSZ33EQzcm2KqWh?@0+^5A zW(lfBELn*w^W~K3-qt^YdB0zb#BN`|ynR+0L3HABvKZiuLbjK(gqN3?T)aS7YS{;K zAe1)Dz@6+Z%nBRYUrhELce`|tkZfp?T=$}wI$6xDO|ijbU~(m^=g|DjLqBZAYjVl4 z!M9gyY;?^&6An<|DKFK<9BK1b|3q+3aM7R?yQwJd{8aF<(lbFIO?2RzovOCrRGPuG>?(IAX4)o+|Lx2%$baDRKJ&TO<$xY0ZKXZ;=nJhZgi5k}BozYcJVSMm__ z`{Z^4(WlMq5%ZzNG8{VYVyRvYi3>HC!ctHe`z^^8!D>IC`YO#ja;4iX$6Q6?*-`|M zn&b=;=GxUXl1F(J(a z;xcX?hFRUfc6k9VK-=jVRM`>q^v z4FU2RY{$ztPDSr$7Cp`L`=pNrU>xL5?9BOH~+L zje+%_c#`Ng5ItYGfE0Q;%g)wU@r*X=Q{4;2W#1V}?ED}xe~m%20kv4@EI|po`VmEC zK4&A*#Up}~{7Is;^&r(Jlrojat^t3*$DhG1D)yJ>6c!aU{p9uaC_izgN!8C4V~=^C zwGOQ3F8?B@n@C4iF1idcy%j3U&6TyXabYYWUnz_?sA&kgRh?<`<0_{JcD;7{yNbF= zH@#Se(DtE15T_d>1A9P{%T=qV(u7dRYlx$!e(UOaod4xrMikm5QYiM8u($up8iX6E zAkdi||Dnd-&+enKAaD8x@I|PE$S@Yd+7X{^U>6-W4_L;EC9!3^k!ZsK$7+4<<%Qh|Yv=z=e2cz?O#1H*agMIdVqJ+p2gv&ICJgCrrK~G2J5*{r~e{^BI#+v^k zZbSO?a2e9@Lv4Vu#5$hi^rL`&-ODlCmXs_a{d799&8(2Ar_(|d2M*Xh$Roy2Q*@0% z*TmG@4PjkMQo5u2D+QT~EqJ0bo8!zjbqG)W%=bgt9Ke*;)rNlyqp{-V(QJ&fULx^8 zETb=#QLxnxJYqf2E>Bygz`CY02An8P)oz%V8I|fj$H?}mFylWB&+?93&J_%_&g2{- zW*p_8G8=?=mKPF|5jY06heUSjJ0iJ9@_jC43smF;esl`iM;SRb=M_=i7+#R3B-KKM zTr=A2H{jG=^fQ0&Lmj#thV1xf_E}%b#kb-!<$PV@Bpf(&{Ug^#3!`~OWcloB2enJ2 z+=Ep{-SSmvth7spZS27Zngj3+SsIACf@|-ByE5;bgz1Z!4KWr5B?C)jX;i&4k2YmSy=QFkWKsJES7T(78-CHD^B3p!OvCQN)w z;mQOPl?z#!vf^@060#RtT+pPH)V6>Lev;3?PJFS`^ZIEk&pn1s=x;7c5gZFAsF`=bR%M@At7Bi9mV8)vk2QcwtvdH*%H8{VqDNWZBt?EtUPENJ3U@3@j` zTMD^cN#K*YVn6KZMbg8m(>))ztfuO2vxZJBLk>p{md4a$%;{Dg*%P8v_mPhk5Z+oF zZ8mxyfwWuptx6#telDH}CwCSx36lo#%&IZ%9_{=i(~AAIIE%4Cpt?+d!|hURO-wGa z9Fd^MJN7b(0;*p%4P^Jo^1gjP_g#GlCQl_l3(qej%8!vou_YS;{Up^kUmqgj94WTu z?+?+-*jSstURdl--%f-l{c!az9JEhhNTm{y-Ie1{FJ}(&+&tCEX_?4q)6R%`LGe<) z(H&#YJz`7Vm+Ezf{f0|hqu_AEPYH4ok)xIo;o_IG2;lYTw1u}NYi^nJ`)``g@XnZZ z`+C6y{AvH0(XdfL`#nPoP`D|r&nz`uxjIk{BIpK09@}mAM4F?D5E{avdTygCtvdT@ zX2D`(pjtb28S}~ScwUmQ$dKvQK)iJjMWqNal3YSZ<9N1nt3%_wZpIgYmq`}zO3|sO zRjk(xfA6>-SxJ{>q`-d6hx;Z}YV%+0*rd^4z)coL^2BC|s!Ss*-qJIzyax+XS^6)-?_-MBKzylI} zonK-pew}O&f@rqY<1E!iINQKUz4pc0jAlDx&tuaDT6a3S(vpumv!-26z)4(qLPXY3 zAX_l@@;I9+m|bu2?qREzV^!)=VQk&Sdty(&@{v%C7hvS+Dr`ONy=X=@9M(D7>U`#y z8}QN3$Gl-SFTYcky>a+aZtxTDPv`K^W{Yi3DKhb={;AYZc~*`6>Y;Lht^~i?EA=Nn z49!me4|`u859Qmw{f(pul_X@VkiD#BFUh`SHy9-QzGoYxC<>8%-(!p=#y*yiec#t1 z`#Sc)Sl-L?d!F~{S>Nv;@1MVa`XDoNyYK6|&htFZ<2cSQm-0&Ju@BoeV0(vp*>V=W z1qFbw;>i8#x50^iugSG593!vNZGS@6zW8kW#ZP%R)EwPiyZIf=CTJYfgsW7)3Lxx= zdF0<8?I|u9D8?!{fGtQ`%d=*lc>2vm9{7YMJedSHt;+ve{SP&}T9gWuZut{b74LT%95?8{omSFIXyfueUBL=Qm5)xPdFVT_pi z)wR%9ym*Liy0jvR-*>d*SE{WJ4cdP)EB3STQeK>Z#r;sxq2|f=yxwh}E;+lk;}EGK z{Dpg`;RIdwA2xgk$9K%+Q=gqCGRwB>m zlS`Kw09xf?<{kp{P4XXtSg^6Xd#%th&=k-68=O9>GVroBc2|Mj`eyFiNE|-;@<^iM zFGj<8x*r>$r!n6}!zSEJY5h#R1GQSzy4^lii_(0_OCn}o4A)wA&H#wcG2iS7$=Lf2 z_o1sSCT#xiEdeq%5s7?Df}5-Ial2Lr&0_ra4E=s{p|RJUzQ9ook$kTh9*`)_;zo7b16qf zIae2l%vEl_l?YCB|A;CRKedc6p%-c&6`T0jowffZcxSFqGgPBaPS}YshwmypRohKQ zKwTqSqB$wy0$fpiJxUm-{GIgPfXc_pACBaj>)XfiLzRFHRK|1?=B8h8h8Eyk47(G-{vbD25!SZM>Og(b83;XltZ$SUdmB!p3!JaKN zv~=cujYUciTE)WmRt04+V)%JwkdIHhSnY#L!;Ot*$?yY&i+*VF7|wg0K*xFxe8CmtTW=dK;W;D<_=X9 zxBAH*@xFdc|Db=K?_yv2Iqkt!LZTstIzT}oc<|AZn0x;H7fCMtadiL|onJ3QBLnb6 zV8`W79$FgJs&v*)wHk;=aTssv3Co^M0XW+JM~q#3*l;^{ttCR-wL=Dgw`_|scVj;+ zJejSk1?$=Q@~n`H<)Q0rHT~;=E!t6?43H5WX#KbZqnA#%FHno$NnO+}VU?$2;C3&n`Px|cO zlGKFc#jH%=Mt|62Nk8_3DnNO-zs?WVl82ZYG|9AT_c-SQR_oDI2}p}g9Hb+aGA_WS z4c^G}X{T|HY#I;!Z~~9*nM2^sAGEKQX~=K)FrKan3|u|Sz7SDe(M6WMzaE0>tM0yN z6$!?wy85y{Vbku^-^#q|bt1YN({N>ODQJJ|5H_iun1Bl;(oB+gRZW<;Yn7@OoSi5y z=wP@hC)p)u`Ye#5-G@tkE{PuG-jnF0lfc&}QHjj<$OaJum}7uI|GbdiWCTFl9BUV$sR=L{iJ%u8Fhi(&2S{YWr_6o9Zfj0oAC+0X6>1a_KL{b zVTwep9VnWTy>G(`ilc15){~3)=!+fqnmP`D*2r^70}B<{9sFgXZW06w7@Ay+rmJOd0Gd{r<_C){PrE8gf<#wB z#<%awZ_pG%O3ah=zG9BMmq6kl8Io9eNb4Vf$VZh14Aj=-Q&AUI=FENRwWBo!u0R)G zZRx$tHh)W2By>rXG>JV|LcRbGl&h2^q@##u@3;FZ`Ws#n#;=|34xT~^UZ%%YANM(J zNWuDr_+|!jc=HawkXo#53{1J*f2!mrE|fUpJNT7#Hjl`#=41qutrX7~!K_$3RT(H* zg0FexBwd&sdIRj_lsDaUp<`8wy;>l-Zlm7=+#a2s219?)Yb)mcU7{`mh{56@Y{|szTZ`d^yMR@A&oFbi zzlPA+qhYt^BlTP5GKVs4a8REl@uTa+CN|S4E)6g$A(?iOR>@lB*!|vFmdrNqq_a0% zYHP1__AM!~jPLkq+ks(B&&i2GaxnhSYOD9J`Tr<}$=S8KJ{>9yk=K&z@{NQRv~Rp= z6B5`16+-kO@k(9bN>=(&DoIzV-UM9`Bsd-R0ufTj81e`6#H> zaHZxY5^9Dgj&Im{JUQn`@GP`J{z?(g(l;&15&AUr{bG=})EmW6ymNkosAnR*khcE- zLboh@JYJ9=J?q%`t}*|rPL?z44$9?Ki`v@GQDpsBlS^?{aurKL9wSy-q1g~flkQ>9~&UIm|hXX|*UMH;rhWc9^|2Y?F z=G$1LT>IC0EFsC~3^2H-BaqCy>fj+>zy{sdRIc7nsy?ib9va^YMY9WPvYT-e9j%a#5)j)GOg?TS z5W1t^enBk{3K7g_R2Ca}@QW_}FA%5wTi+U%EQ*eju?PX$B*j1r;vuDkWA3?Od9W=| zlxI)2k`F6e*f2E*AJiz?yg4w4$-ANk`^Qb2paCCUPljHBt|>@+*i|+7_Xn0lK_cIt zHD_K@@n$z~5;8;r-g2MAf!=EMt{(rV41`U8-1hUTfFbAdv-@Usa-p*9r=v!R7XI{M zW0CSW+T2Sqmg0PUIZ6wp2U0W&L4&-!W9Q+0Q_6`jIhdk@9sbh=tIss;iE=AZjVuLp z-Z@(?t^-sBHr( zb7)?DqahI;K)3}XVb4-o-EPC7lVd#AF^gof35f);GWiVeP&j}tYSrLQ2@m(jF|Q}H zR}n$F``_Pn^+H3nF7|~>lyp;+NoCXrYSa1Ck#$pGHH?HriI#@z8b7Md!wYI1lnnee zId!L4IXA4i+_&c(7NmK4)6K+3%X@c(xBr?O`@1@wovhDAC)PsR#ZTrMQdZwrG4w4e zq@0q2nrlAtx})MC9N)#H(V-TkEc-SZIQgPehsk*A zXv70f5o;38l{fKt9#Rf%OWcz0c=&a))BY=v zl$*%E!%{D!5U47AnGIj)H_b8}TpspGxg+wXC63=`ii1_JJPZ{B_CU$`9xzCd0r`R0B~fNT=G6+oE^AD$76`V! zyP{V8qtUWAS3};y9h(>~ekOIj_Y=Li&Q#2!@iBps&6-MkKn|X-C!{YOf&<*Y`Y6bZ z?}pWjcW2MH6RwoPK^j}>vT9vHu-Z+>rW0LT``T}=E3q8{imZo^7P9|`GpkICV**)$ z(s@>3&@W#nXCXHE8rDJuX69r>=Ghh)$ja%58-yG?sn#5WY4g@^nSk+NmSp3yy_zdv zdD!N-zXwc|3FysT4e>ks2-9CsclhD7YG7X9Q13guqZoS$M}9Zov@?If_J&TY_ed+0 znPn;M%te^9H> z{>f%fZ=Y4Nhb*snC|k6=Uc?YS$7lA)+qm_>Ff%o%L0Y+7E5ZTe^(&!PbHGuMzpqY3 z6)D56E#*m9R9!Y`+Prbnm$IrID2wTjhZ}I|e1Cm|Byz=jKP9IpGihW02MvA8JA!1P z;*uaO6uez#oaXZ}W$SdR)hA-ktmCH<@ky*tS*H?T5$$qfn!-7EenBkdyNMD_Z zj}!Eb-_mfESeaRMZT)B_ruZlH8mLSCva0Cf*Y*^?Z(zPl&7XCg)l6uiskrjoinL9rJH*=Y_86%RFxQVe$EeLc8)RQjx?h!Im5j#AeU#VL2nsF32 zY!q9zZFOj$zKBnvUt{ZNSAgRgGgQq>itU{`Zla!t^$uFw1@YQNqbnQ>JIVVAKv4-iw_`5d>d?q-ZI-EvH4@j-iDr0;( z76o1GzXdwkyPK!D_W4mGZf$QtiwT)aSC`25Vf$;N?4izUEAKvd?7vZmlx!AM(|v20 zZ`W$;mkiVmcK*OfqI@WTaNgT&(4T8g7Kt=O>mO*2(2p^@T>CXAt5($Z?i=i2i>0DH z!6}ME$BWD$ODPeg>&nFo;wJ+Pz#)J2F9Fx$B}3ez97E_|&j79@cE5bmoxb9_bLekt zmgR|`#rQM0&ZKd`A4=AR+JTdUMt(?rjV(DUVb_e;V0zoekh}NZ;P6~$*;MHinWyWA z0XXHS)Yot_UQ36NeRdu&W%x&xSl7_UAn;D{T?Xt>q+8(3ZyN4CO-e( z0@H&`Nk370E0O{^Qh;Q>rA^SC>6b-iq~vVh%*%XT*QQ_5h?QJ3Y_{q~7rJDZP(SX3 z(QInqQ@Uy^`dd&he2KTx+bA>ttELOKBiR}AxG-{{z#|sTw!dlf zk@i#ujwtc*$l~QoGH5mp7=OwR^M18)#chW~yCS+G8yp1tX?_w_O>7*7*v0&CzAVgS zU(ZF3%VWiuk6kZ|sqvQYs}=8j)JtVYZk?m)nv7<-TU!Fj3O*C(}ql1gUndD-ivu9$=7)`+uo3u z$bS>y;zIVS}$>^(_mc9jqE9jw8Zp0C{J9<2&H zr;taCX$fKQ70Uycu9k@ORCAl{Vu?GYKn>@8Z2MMS6zVa4MTcOlKuplUCoj`LMgZ&y zj^x^Dq3$4L$A9^BAp={JX+Y zLLD!=gB~_HxeXfy6w5*7Z*r%{m5hzmaByPvuq6>s;o-k;triiPjXz|#*e3qD1~3xT;$mZLU%B9ly7<86S(bf@!{Kfzb?E`KX<2MJS6G520p5O#7;|1Pj(DW?Ijs zEI$bB(tVlvynN(Ej${=4*`rn3K)D-qUS5IjeO|1IV?vPoG z^+#+DvC)a@PEJD;UiVWc^e}Gm{Xy|9SM{;*P>@tZ76%p=R=qMG9oI%Bs6A+s6kFY~ zvf`%;Z=VjdbE$M8%zJ@F0Y%4xnfs1EcjCNI>R@OIB*6025(V=XS>12G0iHD25{QyFhPS|yr&13e&tr;=ze;mObUTP#UK>Hg=?TEFOv_z>OCnm$8oeLOUOH z<9(h5j-EE^C46G3$S!6|>oj`)*yr-d>N}6YTrP-%T;K<1!AYNFLffy#3oy?EDrH%H z?AF-okl>83KJ)!+wmXQW%;D|nm)+O?nAv|>Ca2T-wfF1Fm7WP~fTp*{#Kkv1EWq;4 z+pxhFt#}L7>&5pj1}r#p_Zy~?HfW-rUBOzLK`V?kH z&51_eM;IYSgiHV!DO_`86zyVg2(ww@LA)5534y?j?&zDAnV+*(F?O`nO0_kxQC!(1 zaxWK1r>5H8yxu<~PWcQ}lAeT0$f4DNw2%YMSH;5AuL6D+!>0(2j!K4$4fr|oQfKUI zp@g9ZcL9m7M38KCFJ1@#zV!Z?I|6Qy?h$I$ALLmO*Q5Aq++s%yUC^n^PONFSeH1tB zlw*L*+e0qszEs4fHk?2mhE=TGY7EXcjO_z+CMBaP+0!bLpMDYhD-Ro6QJK9Ln>jq1 zFSh_4`k$(~&ZnXva_vQJ#TeE05GrwMoEDR39I%+Tq}ADhqU-;=1nP3*GeZCw@OYJ* zX(whWQnwn1?p=ZFp41gMEp7~56Wzb$$EGsczPtCI@)|{BN#f5z4+cbFIwD1nGf#Hj;xt>!FI2)xV zd9-h2{zOW>V%C_6cWWeX_8xCzp9y<{edIoG`!UBCek)D5!AYQRq-6c`gmVv?2;%G6 zfluq&oQy65^@e{|vu|W)2K}dvF*g;`J7Qd!K?~6$rX%p(z6p9B!d$(G+k_+*>qk3b z2~RvViQ*W4ZsXqh;_ZQ+wIa>2??ApDq$@7oVVIr}!JsOumdQHM6XbXF$vNrLm)!;z zn`FiHS;|*LWd@=!L`Rw=>#~Z1(9Kj#55(`tkuXo78>ofjZIG28NfFug$>+-Gs31m9 zENF+&zJLVA#5{bN;?!5bc~S?(e4eY0;v`I<_u%MpAc({6jGV_+p|1&-mK_aZ6p7}$ zBMq-TjKY?Bk5FslfHd53>`tf{ma8qX0sbo$MOSczctC4mdt#ixn#Rd?rZ6%3gu@#FGqbgV|2vR^&B1OYJK%n)?;4QjB}PAbP%CaE7QW7vjndx1VS@?f;*xZU7rG5Tv!f#PPoU3W{8Xw^AtstU+G zo|@VPvb67d{CiTpck%mF6uWUv*Bj=x+uPqmKAT+5xZ-D?#Gd-c4RSA;+~28)zM3g| zVC1+$9A77q7K?ykCd#}H(jb`%!Awogg^b4^B6y5{T2l#5@$M#ZC5S8|3u_2jK(C-o zEtx8ijJ}9Xd6eSWdXr^pDlcF{Xath31BiCtqo&}fxbfS|d&g`>pd%3Z%UceJ_~e$^ zuc2`)AgG9)2NmUhr#d#ge7@pV0F%9*TrkKZQ*k+{v41O3ByuQm0j|BD98<$*xEFmz zN*`LC0*2KcHCj_gxZo4yz3OwgE8J^DpUrtXF_vovKT<8#_Ith`whfoQQAnho$}->m z?%sz?2}pUF@$yrH-%f^e=S-qbO!8t2wfAu(gwJu8x36ZSYAF4#Blp3|Xix z`=)z=d~5z_b+xUy`zmR95~ib3#LTOVWcPG)reXVdhr7MmO3dLF7BehwTZJgvn*wZ2 z#yB_3)V*#IT=jWPu4BM*&Z4KYM85z-VVC#~(C^3#E&Fzr;N9o!`QCJc?Nv#5_*7p? z4u7o%JgP6#iLlm1_0@~PjbPPRWox{0z~SK~Ue;FUIgoVTu(Wjs&7YJa*#W$*n}tC~ zuhZ5TfbRWe(hEIn*mkX&-Krc_Slj1`h|=gthcZW76 zt2!62WrL9$!LlGXA{V)Ma`ePBfTqhLU`&45we6FAksAhT^`Rk{y9;w{Jxf!_2HCyQ zJ3C}JGKD@1t9Ew`CMCX2witFJ0Eob!i5_|1C=8l<$cdEzr=bgIC)h^=+QA>671My_ zi%U|N@1Q$z)_?ZEI5&+6S7uPDV>{fZJM#n$owMNwJ=ei1&G;dr>+2gS{nj_qTl)Sl zfKA*j)aEw@-a}n#0E@G$|Gn|}4=eaDS*^r2z@Uk26zkYZl&iS_E22P)Su6y!suqRL zbvrOXf4D#$|D3bXdeZItS}`UMCWQQUZ$1bYI(%nONmZ6G9et$jx;Dm5#cLY2NN2;W zQ+!`fRUk5fI`Fr&`R@tz|NZJ(Gq}WO26up!n)fdk)(h}AD4s0`y^DDw!@%qCBK96w z1wA7d|DUcaGV_0VABq1D??VqOhiK+$TO>-MYeboRPJ>ksshajTfpy{#Z-oc&iPY=M zaS}hjLf{g45ep{E{i!RIU{E|iwGyL&ljTaaZL7-wc#FRCqiYsKMc<#y|N2z^?_K)a zdbWT7E25R^>VGj508Sftd;)*gicUrg4pjZeR%|LwD;x+u;0d*Z%dj4Cnhn@qBCiuMgbcTfE?_|Mh|Ur$znOZ~yKCS2b|0 zaIDhCPUMRN$KO}tfB$M(A?4ZVT~?2uamlTQAt~B3Uch(vMQhBX^w$r0d6vXA+YM3T zSmq`9fHS4U!`c*ioogy!WlP*L{nIOY8WeYq5Bkv0Ediaf7XE|kH?sFXE&hM{)*k9h zq`Al$?hQ=+zef~H{zfJ{n7`f6BS>L(00z&q4YwLIak~{o|*GqgqXCDYyp3#ERO3;Y(PY3y} z^R_QR0WfE{*=RQWAKv|6uj1Xg-PP5M3<$VR)z&`lKmB<{*MXdzrul;hz|ODJ(EOWh z|KDFj*tx%V_~$VnX)vN%G3L*^*@~Rsn0h#%q!Db5^8e}UGy+=hPi+lkxrx;FH?Cx80JG)DYo3sV2@7W~Ht`ERyhm?K^?7#Z9ZN9fhHrjsF; z6RbKXu}?3?ipB`tbVg?q&3{ch?FP9`G&DidF}9AF)A7QIkeJi{*?pgU;*7Av%FILJZ_1JR7zi;JZ+FIF zD0;e9^`g`6*5P1CEy8SwB$7xziMTjm&7}3GK9Av8^wZ(x(dxG)s0!{(e9+*N-F1*{ zcB4)n6AX9;EAOsU3@jZ&TiU&62x8|0;6(D-KcfTla<>;#$+!E2bxlU2t4@ykA2yI< z)roW-y=Wi{7CTdf>K^->8`P`^y>ibm2o6#mWSQ7mn^4?d7&GwFB3nH%cGG7<c5nS`j&Ai!Ka<;Yq-@WyMZW5_`M$f=vgEQoN`}kx?p#yT%4dt^&IS6B*V!VX zi!|`iWz>pHWM6M!X_`=qdi7QaI<#%Q+si!hY1w#NyCeyhe3My(b6}GC1-Knd3{13y z7}LI4CnA_fb`1xJe9Soa{IcSklf9_(*u6=4yR8bXBkws0eL6Pr^&mw%EI;+}8;^+?onle#c` zr#r)gEN&~3qHtSxiMIhOi5s|C2-#Vu-(Ff>Meusmtn>FR#ifavQP$e&ij|E~4Xs5= zTgrHoR|aQ|o-C`F%LhzYYgB*Cs@<(#|K?WK_LX9si%RQFt7XlxR$6a#(nbIk2fuvgvhp3jT)cac5fqp{u z;llU@(Bg8hC!lPJ@IUh8Jlz}C=YjpWS>RqjrRQ$qZsCH_ufN4h4-_wGbkneU&2+CP`D%FS5r*LTX#=C%ZF7K!P3Oyn zf=Owq zJ{4yQE0F}w8S`tm9{j;$Gw^>Z$q479lx8T_&J12&@`tQ>;C9SAYz%Q*7!)T*I{4?aLK>q{$lu zq9LgxevhT(vkco>EW&$rGr8YmNOsBIpKExr2(omoc)jCcpj5}hyx*0~Aa(T{xw1Bf zlBP4Cd>TTJJ)Y@Wi;c)sh^-qOrR3IORwnZn>lH>9!Xk$S;93Qduu#!ue(sTY8oO#} zfVlAEkyqyr^bS!*qZ8BZhCUPemTAU@gr+iqN~wUWbko&l!29r*v_ykC%0rxsdWm#k zd!h5*Y%}UEQ;-3*xkK9GXODUQSW&Yiq&^31>fmrO(Qz%==f3gJPmU(<*>8A@STj7U z3#$6VuY~0s^i(|GjCR@0zJnS}J8d0edw7lNt($*wl8QGwotdn|ieb zX>9+QN2?Lub62(YRHxeOv^SK-QOv#%r#IlBbDEr`jQDDRr7fNcSyPd;&6_izm4#O+ zoYbjhN(T~q?G&x9cjDJ{L6DM3$+b<8EJ@ep9(~r)Q-KD&As_1;m&=^1QD0dgnsTiT zvc2A+Z#;vqbgmbM7|j=xWJ)9vtM0y0-Ra`59`Qb29Ad2=sfn9#++)f)bPnGgiC_a% zdjAlqI<~&q4<_JWV?*J8JjMNb@Xqak^G@F&C}O@hXjDpl^Bt`07K?V6We(gJ;Slv+ z$g@Uo9EyI<2V(s=t6W2rh~uZh?#$?05o@Dw&*-ut$lSiYUgGNIpDS**a_Z0qIzw$8fM_dVwdhE@6y#{1Vn+R=kzX8Bk zX>-av@7FcoDBOP0Z}>JK#r1426lpjqub6O61NSny<%Qa$%=jD~G7~a-JXC_CN8~&8 zleg!w2@Cm527hLfF69_v^ND5C61=Kys%X`eJJ`+tJ;p;=M0Qrzu?*!+)g zh_yTU{0b<$2x?5Ra2Bmw-K#=lbrFQ2C+t-U1O+HUC7G!^I+=x3M~H7ZmqBASppGV{ zLOLY*2D0t-&`V_-9BJZLunkMI*l%_lA8mJ(nO;1Q4tyxQg<1YXUZl9hU|l>stJxKG zC2m>tCARGuPnKF|VP&tUisTz%m^hpJC#lxAPj2XYTVwoYxBEBlY0ek62QQQ!T`^nq z=vc|+)Y|7z+T%JQm!!D>^(5eEsGS099P&%N>PN6Y-%++Wu=?l}OB?8lJIS}f*pWo;*sx zh&x$3T`jjB_k8XcKRdjc1-WE(gnF8+Qy+H}=y zL&BrDl7d*=!QL3Xz+k~!WWoYf@(7!EU`LTx*=pF5sAj1Q*J>=~f{g|3Plug}F_RkQ zW&X|tR)2RW)O@3J&B#apqA(>mGkz}^SXnnmeCxlT?rL^v5`yVY5@lBwJxMT^60(V8H((-HV1hT6c6WA* zQRf}4m+8ae!Fs(X`-KW5PVW*E?*i310NMd$ez&~yvi4y*35f5!3h3P_m-94t?%kE( zfu-duq84?pTEpV~1LTvE%cM*Z`^WqVRcT)Xpwy%gqjeR3lH?HcJA4wm6V;vDdm;Ek zl?`-xmIOS?t3Ff~pqeboS}J_!`mhTs8#>dpKj?oXD!S;^^axN+Ry)L8=5xajCyIY0 zxf060)nIpW%c{=;Lwv)rf*Y>grCIzL`{g+St|lL+jrd7=s<&obscLtnS*Fe0GO*TX zw@f)UgWj*{Trh9}?wn`Hj`oirINh?8pb=R->a}3wqD^Nd^@3P9qd_D>}QMNjim2YP_V@)8|_nE(~Z` z$Ul6NlDSc4k{G_N($Jpg*^PZXbXI5}^yzdUPIT7~-f8b4ZPFHGQv;U`44BVwifH!_ zK<$nm&t#!YWqJ`XEYdZr;l8VdmsFkS4?)As2DSaf@4em6aJNsV`7hwVsf{l*_J7)b z5;C52efi<%je=nNfXkout@w)0X3~chFluhPM@_cN;(Nqcj)G*))CCp=WRb)if1XNQOQjO}q?}5tiLgiK8@8ooBGH<2){6P|HDXtekeaXMXxlR z!a_n0y(7y{f>3-&G1m2%-&0#q(2%0^ZrdkPr-K1nlQhkJkJI(;v`fWrtEkXT>K}n58 z>i~4DxX%~y*9LbDv@4ahC9mpNiCR()R;C8*y5|K}jVYmr=17Gvs+=AlzCIcdygNkS z`F66(=S$J-R7ur0UF@YN+&(a!stx1b!lq~g?|V#KsOR}?Y7ig|VP#3Webi8*Uj_Sa zFp{rZ1}(KgGcM9Z!wb0XMY3tiY^&Ft!Qfuot=Ze)rLl`Us5w3ZqQ&lLt(Ad%3!8|E zn8?e=%@@IX|K&&rvYR+QE6(vwoX+@pW~+pH;VSgSmjX*6-%NJ#*Np>U1!8h?M3Uy0 z`DXl6tWzeMTzPy0J244?pnLDGWC^KnNzzu1x(K563@TmLuOSWc-b3mwXM}^9?53RN z+xoO*TEnAdD~JZIvCr`}f!L<(Djkm=DLoi#sZ;WNm-l^Xmf|z)okZKAHG$S0J7m{h zGK@Kxl6$bpv3t@@E-FuF?RYWSht(jqoApTNnRwum*+;JhUa1lRvo5^D72rJYwxQRT z=5E~EeGjf#5E%&{ig|hayIcjlApE;YdrQS)l8vCa*FmB6Na4$&*oU#F*$rG!l{GI5 zdo|Hs30+f5){`X0DJLMeDY$uZO~xDGXpCxLP@i;=t8i;G#QlNCa?{P@5v1!wDd@YxG*=y}9~-A%6^wML9?DvHU;64JDM7S(y8_U1 z>+vn0bnfRYJ+z(b@vdLohf~?Y9fzNs{t_;zRiV~k<8W6J*Kv(woMet$d1_1b8yHw#xM9?6Z^n1ksed;3xaWD!j+3m_?8}LZI6jrsB=RWRZNb>BB^T9^t29dj zwBauUO@SrWce*ltF0Gi8JCAqENc5Lo7Wqkb2iTmF1Znn{fS!?pq>VBh&s_=ml!4^( zii(dub%55FKE`g#J?L~Gyo5-FSWQ+s&}#tOSZ9%Zq~W>iLj7h@V}tRP(yFK&I)YlP z>fzZkPp0&e563H;X{f))iHpEKa0^HMn z!GnTGI)m;88%UE?O$DYxF|d{9v5mj}SLg+Jx_9WtLrD=jfr7+R1I0ZS?mu#e`-*J} zO4}#t-Mb#^D77XH>c0;BsCRNJm~pT8VasqoYTQ;s)x^j*z0PXra>HD#={FyYf&G5yBIS|Zk{VxWL| zS>q|YO`iBp_VX%ZBbNKkf?$j^)_bdi;ZV`4pn%+s8f^WvrLd3w9$Oz~OZpzHJCi-T zmS6se?DkC;Vf~SrR9vR)tnRCPGXlIb7r)(_g7PHEfRM23_nOC~sOx$d0^HED_YIr8 zn+8p&{g&{=&#HBQq8`2csT{-66l}ne{^DxL)T1`lvhVW)t;T@Lzlompj5nu%Q}f&H zvg>yy3s34sZl=50$pH2k*yeIgZTt};H8fEACo3d0Eqx?eN>nVNSkJM7G>VBdPuYv~-q~J5C+%w(ezw<*1IKnvG%eDsIwG9OuFolh^G6 z^_-*4=713F)4<}$<&4ju3=3nw0Kb?IX0uB7INz=ln;kwJgttMzN(YGBe_l^vq&#ud z)h&^Dr@w_Eb9>B78?FdvaaZ&wqczZ_dNdbzNy+&^bx>3HN1?U2GVhY+jvIwzK1+pP zS0A@0y>h%j?G{sLc)8Ov#5RTjqCq8SIG88*(tYGAZlQFYSvz$QS{*i6Y}4N6qBZAK z^*nLtkFEozR0*{-0Mqokr)K4d!dnRrl|nr@^p^tS@_95$!6;U*M*fE*7h#v;r$b8( zHA*lF5_vGR+nNxGmf{kG>8>yG^$FQ_U5^U#Aqj2gs;773BWJ>milypHpMJXL-f_A7 zL?2TMH6CjFM4`KuW;mSSPYcFSlw&3yS4nPEc9KXpd5H2c zWJ*4<>^I`rqi+3m-2Fkg;~VL9h@c8m0d74hFs)Cc*YDlI0~o~JytfPce1{b08+;s& z_d?K_nN+6z#B&$1sW_6-WFPSdpqwub?q@fo5Ft!d-W6TBBrH$a&Y3Qx9#o1ekE*~H z&f#fN`&#zc6&a-3e#n{DoC)tSSbjrD46W*&O4q3D+{2i)cU&vZUTj&gv84y8Iab7G z>)mx5Y1r?e-XD0e+6>6I*Mb$KE}h&^*3G-tU{`x$TYG0vjKnsVol}>OUxRX}#SLw9 z9f6lRNDbzeK!_-a&Llb4>6M-QubCw$HW%D?K<3O9x}n8J%OCA}(oaSQaAhgR8@cIb z$QV6YOc2@bl};5uE+Os=m8N&sUKy&Wk4J_c%@=7Qq$!si+G2yWjwY&8$y^Rc9yQFR z5p(y*QsXrzN_b3Z=}p+xOx{;i>`~MG2&l>jh0zK!Jo32&dF2J=V+!{efd6j6_Rj-Z z9@Djp$@elZz@y60Cb>^xoLlOpYbPTSJZ{h>Pk*v0g9oGE-{-zOB2=Df1U@1qLSM0? zW`ip(r`I}$96A(=7S0wsO-;GGS$A3 zTmxYPrzf~|voFM44=nv>g$figTG9HhIp;<(`|LW~s-s1-gg)Bl>*)*RET6uvjgoUK zrQ&3PT!9UFf0PU_RvI)?mylorTOGf<2)L48?UI5NSR`Lw;bEY+z@1<39r$iP%JI}- zHDsf==qGx1!t$OCE#fvjnAY&P$#Nt5fP!088p`iSRkj?xevcBy31MX!*)50cWxEfi zT{lP~#Chz*G8yt)&1)_{^7t&u>D_fSVT{zTrTbdoc5JFe+38uC;JLthU4Jq~F4$7) z9vgGT1^B%G%2=CXeWJNa8(jM)LQc7`wu^;&YIA=t)Lm_G4Os{H%o?UY z?z)28Hu*-?*J;&_+KWXcIYZfp%*$CJI{_R6E)Y>U zN&EU+SG6sW4@fNU50~_5HgOf(2zvW;E~`m?m!i7iFjGm}XK^4mt{m7kP^j&=UL-hl zNRd3{Q|a0m=C!fEQRo3-lz|IKS(U{b_Esv^j%dIQzR?TZiPxm=!8?=^Yu4JH(_LqSRQFT`rM%=zm6Xh|}q%!~cRZ~#gfkVSdjgUh-f^&UmfSW(C z`Y1uqYwP{#5diPyAf=V#U6gzp_jcvmzlst1m?<#WUnS01^lmcl!>Pnqjg6-kI>&0- zv3kI+SB(+BY$WpWzP%EaH zquCtr&UvJ!egQq0G1gvib*Dj(7oBAOqj$!~Fn*x4cgP(Z@SI({0=L$aQ{}Z;FTKy( z9Nv_QahTW>S_ft>P)QZ;TE3owgTrQeoD}}*RM^KcvyLUBQb?qd6}S^Z;+wH78IGAf zZaSXWjfkYsT@vC?1`blPRGV|g;q1e)WBN6dB|09vYpYs!yj`aw0N4Bg3okXkbPTrJ zg{3<;{P+M5mI99%Y`*udVDp6=_xXN+UD$wCB*tA}#~eV6WZ8|EeV{!*bh9HJE+JXj zwc^;=Tah5VS?*2XT+KyAu~N!YhJml;HzrVfKCxlr8>qm!MKoz!jZa|t*zqh>d?2gA z#A5GmSp{QsXcB^k|J|>E$zNB5mrp|l43XRL0Pj zc`X6wnaceZn%`92ToCPLTHa!=7|1ao=LF$fVIzO#0GB4fS-nxfoxTc)#^EqMDo)gv zJI@@R?!3X%^teiEY1ffvw>A?_eBaX0H2O*4q$k;!m4u*UAoW$vLGX}d!6b{3cO4}` zk)`8olwXoe&0905FTn2!u>x}@iuDp|gTe4#{K{alQASiVqL^^GzxwM^PlE00tAL!n z0GsLz38mh!G-z!v-kS|qg@1$rn{y>BFEZY$*~#Bs8yvoIpTbbP)VjiXZQ>pm8;Q>H zLzqrSA!bWJ@Up`~>=P4ER36($mW9@YiZd0P2C_+`osIREdr=W(Z9dkM3o!AFqF0Bn zeBLD4fRXo|B=MuLvPq9(=M_M${uv+h$SL1zZ%?;0n_`M4f|@{W&$z`{H;Jf||_!k38e@6Ra4 zzM7zA(O2llyLtoG9G89gBF!v!6YMB0GT9Ma5$gT+Ur2QYjGHuR;_Puhd7tZ>Ue>l5 zMJliCUm;P84ma!yOvZ$_G8<;iBxgWC8aHX?PTte|N4zFse=c_`5&%(qd>YlJahA}r zG?LkQI-f;u!iAU#$PB)k zeJ{J6`}C7o>2TV_NT%Qf)>$EgRgRAd&fR9(IIE0_re1bAciqZc^tH~$KWZNwyP%VK z++zdiYjgXFyBD2L6E3v zhs)Zu*JWkva#ueLUdQg=^9&NBu!&Jb9A`frvJpSKUiyX9#r^YP89X7U+*M~r?-AyL z5zV82r2X8%$CIXc*OPi;Yvm~YeGvZj)nG2NbgXH}W}FFAu_zOKOK~o!ojc;}1j9F4 zawx3pP!FfeJc;K=Y0!C1LlZy2E1rJPp2?Ao$ZoHD$_>mT1r6p_qI2uBR*}i21UpmV z2~WBU`^8VHbyo&ZO-fdSA1%~=n#38otjTWS`zhQFOTtokw~3$Z77yeMw}^QnQg*U( zpe}u~EQi$455LUuH7B&ZRGC9~{k(CfVXbOY;l0K`aShX~^-Yxe3~r^itdVT`5k1(8 zRjw!ZT~^VS{B~dtfRLL9gRBmTjFk#R*HRt2y+J~Cy|A(fW}}8EmLFKe0VFWVqF_8TfyldL8d`_-;`SL z(ZS$8dOnIJf>cy$vPWmhyHGwKFG}+=+%h1uUvo_T1C&Zy zUPG7OAtCfoq=u5vBZTrS_I;o6Y|nYlKAw;781Fa7z?EdJbzSqC^FQbOO^W#O8GwW_ zN;|oo202xMh3QaT?-^c5b31yuOgCT>XgCv@^YK#Q0iy`#lE?r&*BC26Ri{ykDD?xz zkKK=sdZ&TNjc2(NC0e#Jq<+gYe&)gj=7X2g&(#s^D~i>!%z>dY#VYhiu3gDpOcs^p zr%A)}If~Kb4`esK{yw)4LAmZq=o72zOz${s!&$m3#@Xz4 zlb1`*Ve90>YEwXCj|C`q*X|T=g?hh=)BJmof0#7r--@6_GH^-nsvJ z%sQ46YNpYkL(QhO^{fdVTa?M<^o%SE=bLR?Eoa^xh2uJ$(@c%!DCVT@zy^_r3j!fF z^XJ%v1<5%e+t1rhQ~*TCf}C1zUfnm~FgG$b%Y1>#Fjq>i8Nr zT3*oMP=ijQvTcA7=&2C{e5%-F1IYIbJ+~I^)7_7P=~9DvDOF`TM}1qDO(0fbRSnz) zC~!KXH2#;lS|wY@8Gns&kyh(2GhGQ??UwDZ@oojW!~$9TL7XUYa|;`RP#&--rtwGs ze(NuRRT?_w*C8+Jau3=uYu^!Up8q%SOr~BSu>Oc=%eDsF_tg zE?;XUGHT^5mV>e9@*R%}eQT?=`tl4)eKZ3H1f!O1HFH)Q`XlFzKbBJB#32Ie_kGN^ zq-SC`$Js+D}&Pt~8L6>*}keC(|?J`5cxlQ;wH; z7I;d})lkU~;(OpY@knlcu=c{yzRg6sOyJyq7~+7kzOyl6@n3Tf(12fj#t+P0;oihH z;lBqeol^9_$DML&V%WX54|7o(*Uy1-TVqnx2`nmi9|T>Y{;(PyMLbi=ci%|BV(+mo z0q5vpqqxcEtMs?%J`K}T43lZ0SHcfnq>zGvczM7sfv9d`@0xcl%!wmRfl3+gM=n>1 z;F>^0+LiQ9Z-Gg--tnHH`+<0z3auF#RM-1--F+uDv+<1E5f_(&T$2vP&qi(t z0<4V8I|m7<+~Av!{gbWiTP8Q*hx;1tNW%S4#iYdaxwI*v;dilM@`~>ubr^qrAIkm( zVzB8X;j`9OCCc4lcAXi5S(IXRPn?f5~t}IYt!(xyBdD(roKmTUs z^P&%g!erApU;sNke7iChB*!6(db4m*j@<{|5Qkv@mDPH=k>4e={$%(Tcx#b;GAND7 z<@acC`R3Eadu`KRWZ5`Vl}XkdrbpzAS+d|U^$f3Z^{nC1s{YO8CXl;GEhGAR3EXA8 z(Kq+=T>+3q-&Kt#l&PB8pQy72O~n=~5UK~F(Q|%Z<>s`g<%{v3Kuy-;-)lD}b_=Wo z;;VC2BKZcMiUstOy)heo7n}MR7yBVTj5tBksQnWXe%kV&bsUY~2nY2qE??T;+-l5w z`^mt(>)*j-^z_oZ+_Y$GgvGcxmOGIvH#PAXNBeSfs7}aCy4mKqW-ME)bk{U>CaW9K z7umrxvG35X1Q0g6O^Ut+XuP5W-HTiXa^x?7*^D=8&W8X+oTvH{%59QRb06b06&ea2 zP^}&@7_xZg<241t zD{+5bvX4%TpbsgI@fZy{rE_X`*b;Dl-lwP<4sHDM z93eQ~E)>V{D5Cli{l<+a*h_{T3F!|NZwc?jzq_82LhKOqU5kJvw@v~bY+Vr$3o5%J z2nD%pwz}9g^Jt;hmJ-r>OS}vxmH7FyJHtmOzuxOtp!z<1@B^i(h>ZGzvZ(?60AI>5YtWBcCLJe47pKPC-xn3}0o0=95QX-o;+3&38|;HB=G%dgl^i zo}k$3tV-;%zzA5rVws}%_Ek2Udle&1_@Qt8&-m(1__6=eJJThVak`2M(YB^%D$%K} zr3@v`gswWYcHyKCSteCgTWm0E_B&f$uQgg#S5~6Fuz23#@bPNayEBYQF9$hLH#AnF z%!8xr^L$!9sGW7{CA%?#JBzKVSG(^#9HeEH+cPEjtxnLXkmMoV`w!m@1k96fKIMVr zKihO{oOq~|G;57RW^Hr90ZDyf($Sl^us&MYbv4qbYMbnEM7v4Lojvjz6H7 z2GWod^@pP1ud$2`NnP_ls=B-0Avt)+qY8>Xo#-dtVM%)I_x>g@DM8HRBFLD>SdR~w zwQG_=b0qw; zds9%sK%{qms$pvfm1pnKog#8t<<~0FRqV@ROZwH(FpbzyviA~~$KYM+3gaVfIOZo=l&aFZxczrdnzw!J^W_5j6Nfpy2t zG6M?x$58GD0304Yxizr@H2+fSD#?vm3#8P04U)T?GWeg>OM0U;Qz7#jv=YY7FH-gE zo;|GQuYWROUt9c8Q95KnT9ObX_3GO&In}zF<8XZ`zo7BzGs_^^gqLic1%V;G--jK? z`%TDO^EgmjZV9~EOUU@k*?X_ApYZV-WzWAQ|I%q=kF~+-@+6;C8Ky+M)8H%}?*$r? ztBe6?DHpKFAHD(>IS0^>+%t6a`AjRvZ!4u~IAzT6(aOq6+Qt*6)b8HKXspL(`Fe#& zPZG=OjjKKN7VP8=W*6xU5cd?IyobzV)~p}>NSlmM?oA4D2c*Fj^_$b3pRWROc}#ZJ zWHf~-0GuvHmpI2KDZDvSEQ~cgc}O)owE-=Q7&CA$s&`eXEird!R?r;bOfj^H>0$M9 zPUSRAd^}CYCwN31pm0+}t-}MD;sQAqB-I0x*Owux?Cs^O&vSf#1rP-DC6v?D>txqQ?-@MYqS^Ep0 z`B{2v27yBHjnpDWcu|0Q&7xh(UeX=OkrgKoXlS2PNNzWy1(<&AEjm}?m#M5 z-F%r7^A-TI^4-tNz}l$DQa?8qHXZpDR0O{QazMDyHal{Pe&SIw5DJNF)TKa$&_-C(m7Id5UrFckm&L2%Q3W(DcuYco)=qxLZd>^?h4zQ!}AM|FzN z*P5}WfB)2TNWJjLF4O0P>?gN>hH{sj=zg8Ec!pI04x}CU{8M1EfK8ayBb&^;xz#FN zC4mA!`FPpru0 zk#-*g3`=^eHhkS*odyU~?=u6McQ#N_Y;Gmun&9`c@i&>#CBk1`L1vs~?F)XrrMEKRVds=r0ps3NB=b02D~804 z4)VCr$h=wyPuB?sA~ORB3OeTcu-}JP?)T$ zMG3>Y&Jqk24mOaQ_48dh$_yODSCVN)LuiS@FZ=J+7q=~-gC5z8!3-GIQDUh|$KrrW zc!lNK7V+L}-4Y|Tf*Lw~A=AC4!CbBOtg*^(){{lV4a0`z!4J73dz^KQ2kgr&2BQJJ z-JC`SZ}+VQi+1dfa$6Vw;=Szh^3d5F)o-c{#svd?9P($Z-klpXgIB~P#8m8oa)0jj zPbrM034n2n9TrzS-tP3Xo+*Rc%{I0=oDBuyCgu{W`2c*i^l=2>d{t+#Ud;RJTsn8Y zIM#tFUiAF2?|R(7S_cKR24u%5wUX(yD{#yc5ndB{HFM&|6UV0{lb@9cYN36GchTPK z9{Av(Gm%wE$}UX?mv$8-o6&>4Oy&2#VLzNdKTd7EWeTV+8}TQw^~C_uVT$77?(z27 z_ZoX}KRS|OqcG50_L;yo_-E4#YR^WK8@ z%ln9ucHlRYf=_2eaBt6Rdz|Nm{D`?7Qz)cxb7Ac=99Nl<7K!OZ;8W3{x4i^1fYitw*dWra?eW!7js!Fzi z#f_ioUiF%~)@8o(7Ijbfy+t6c`W^}g%Ymsr9KqF%;gU&JMkIaYT9u8b7pa_uC#E^X zamA)6S;CKWvY&2c4DU}?+#e6kxiSS*RlFcOJ;|G=h3dH)HzKmpe2SZJqvm09EhJxS zf1VeRTL{r!t<0Aic5AGa9$6RA`og*K(4=qG%i5^Vc6Zb+zUTqStNg7PMPpOFp4#!< zCP$kFxfA+C(gqK)CvSb*@Y4A2V^r0KX!rOLPlg!^w^jJ_WrOVJ;@FvGC}K=X3Zj$3 z4no-Te-mw)#sy+|e3jh5P|h5UF<|KK->S)*OSvQA_u330^i{Des=%nDls&Qu3$DpT zW4{-Wn|X#&YeO$&uFynb`-l8{ z5C=++n4~)+yZE)X3>n2N@Syl<8KAtrEYh<)+AU?N2TK9s$}LVk&ISgrX$E%4sZR!V zLxljp|C8dM=8uiC*KJX+TR{lXlg|iqAnea*eF&asM@9I>b)}wkVbe*q@^pHDOkIrE z@E!k=b7>R)5I8e5+<@Bl8{a4m`7pl{H7WjJY@csF>*ZN+^etQylf?(NS{HRf=vVYS`AQbfDY87jHaE+Ylc{@?5;CHdX&{j*>p!aox^LZ_UTme(I?*rOv&uC zQ>|j(M@B%u62UWDk4;IvDe4U5zkrCp#oatK>}EVvHGz)!thmc;JMDn|}ucH^eAn69;KI-Zrt zu`8c22yE!Y+a|`)tp6PqFgH#mZ+*?AJDxU?_}baMSwNMKxp(NN1jX zTsF+Fl|pxwi&4y3UhnJ@V8#I{=L8_evq;Z$Fp5uz(vT-vuf77@Qy4B)v>$xtR;=5W z=@;j@l>PjAYzffm^P0I15E{#*T_x}J1HI@$R=^l{r;q6P`enz8jkv_s(L>0quX9_o zEHNd!G{P-~Y<|ysfUWPX1JQXiYzE7VR!Keen>U-=8^+7hf%D5Zd>~G|3t!g%0dj(DKQbI z`VFMwvp!~KJEaG_6py$>o^%*XoulL{HNc0YR-LT4G75AVnkVFWU%#s(UjV8Aa=tN- z-e!5b)Z-%nL>vX*&4L%B9L0?+nVp}jLwqe;t_q**ZOuycr&Pa|4P)R*5`xgU+niV9 zDa7_D=2C1jTMqF37=03WZXmAXVzYbz193n7HHPD5cNvAh6T!)hT0xnYf5uj2_aM4T zHB7`j*$xF$I@+VZ2R=An z!;O6uskH6U_dqdu4T|wz2^wPpbmD#;@(po;??wLmMhIgPpvc&i2FTn3lWWvht{x~2 z9!BAsVp&1}^aV@d#!dg4^S2A|a@yT$-+KV*5lqW;>4Qk^i=fW%+m?w8fEEasN-+Jq zO+MG+BM&ZKrnno!rCXhN1+Bf5?6T8!c1puwp@8R;-yk`Xt2j?*Le<}H%`vg5*L+(P z=I}5PHRS->ADT&=4Ci?z?>+oRUCQs{`U~5t`rU{?c)N`%I(ry52=tfowy%(oM>)=x zN+}B;nh66El7%!8SNU~=76n2O@j$QREDoSqM$?OW^dtzoD4ZU9@wL0i-+D$4;K>vS z)!jczUOI19Xt;1LVO|5)Ex^-Ccmb^D98cP(AKw9~^$R5BznwC_Wf$&6S`!CQ7xEj) zhys$)+6Q7al4H&Dhh*^byv!Ql6W@?Djed2Gu28GLnk)^pVryJ@ul@JVj{mf9yDEUE z80BXTFcLOfb%?@cfST=eO&~zOs0jeWh=#@=s*zkx*bTBfGEOt=z7MbVvhMcFNchGS z*>Vwx;5ejK{HzCm!Z>z%_OlNaBd+?reERISi0W?#CU7fl*MQ@IaCx>J_|gMou8W-+ zz%36I05xs?1psgCqLp31?>GGW<$t~Ey9_61fFBAE6WNgj+Ub6nydf{r|TQM)Dr&d~x4#Tl5E9n#7VnFfaf5 zWdFW%pb?=V`9%=zhr$2iiTt-;_(2Ld4DQNXBLSe1PIsB%A1@iz^Frgbrz{n~yC?nM z@Nm%QJRH>b2b935DENEkKi*AdEWnzf{bd7`^GNzo{1ZXrw~v&(3vBwIk_rU?%L=X# z_vgT$ND<&d)y^mB4ZxfH5Ek}dE!h9vc)$HiUI_T1Xjyu%dlx}pSUCR_=_h%Q4?s5c zG;1zsk!YcbU;J$%%|9=mdznPs4fhOX=_eV0!}8J&)&J@NIlTf_stAigPK9u{DPT|q z2a_BA7>eX%NAkJ_Saq!b|El}lr2Kzx)d75?OFvz#{&@fYye1EQhdd*^aN+Ds^ynh~ zKc>NKph)ZckY}CS5dykp(g)XW+$dw6xH6o2;LF2ypL$b9M>_92B=4aP+YPRV*&Djd zGF>`mhP^xZv_ab0w-yb2E-N#&7~ho62YkDzra>%kG1UMUEv|c&9MqvtQ?HYlRW*NRzO&SOXuCw|a&lbzHvX>e-Xk{MjK~qFo?elIn$nfU z!RU#kwxfSo9dnVAsG_ts^CvLyLQRgP3DLDKAOA^YulcD$bd4;)t8Dx1@kW>#sMS4O zUxPXiRksqns&!e4TKGg06D7w;{rDM_vY@YZOJdY99=TjO@`O06=dGOL{*DZ@3P#Vm z-=@>{_9CuwYH^TU)EsdD$^KCqlx>rcnXQ`lBTBT7_jIyM?sTG2D98M=iaIduip}6* z;|ZC8Y<(Ki5|25{GCHkyeld}WNYvikbP&3Z*$4W&05FCA^wZs|Mauo;Hdd!z&FBiG5J6&}3)}2jdr>~p0 zvOcxLj~RyWkhJQRp7`BS+38{JzyW|>`6lE#NgL}mtN`6Cy!>E<<7|el+;8@gk_snt zY#;9Sf5S92InNT-QLEi|$^s154t<{9*`}z`eYy%yB4>qWn?cCstd|knZ>+D-baB|P z#l=pEA}fq@<*CjZ+#;^t-3@(}SjS=(MaN=<#FeRK`60WQu9Am*PO4QfIJEn?S{9Hb zo{aU~?sm3$9ho@`CR;kef{0WY5G(k)kys8LjWFv;vsYR8@v6ax6Lv2yhxHRSjA2E% z`rEm+8nugPpY|({WgNWS>7nn3Cx?)hg-cox6`pD}NpX8Rm!Z&g15jq6%Hr!6BHs`c z=!P8MlVHgI99#HJt2ub(8>OSqVO{+e+N7=%r}tX7$W~KKcf%Ju?{Yj#%BS==--s?Y zH`uRHI#^lj=PVAU@kz1&O1qt>Q~Ru_*``F@Qi0#*$$}S9;g6>JfTL5Ioh%!e2KQrU zJ3{=<*09r#scZ61eCu}^s{UVR5Wuhn$ooWh9|~Uge+tmz4x0fh>-BSW5ooQ?6m#_w zL&GziySl=r4iw^Z8%tZ#Bfkv1GxiXSUuKPU5B@cikCVdol>_a%U!D^Nv|g4|ZMK;l zgmkA!S&oZ&9~}k5OO1oRHISXG4rEdncZiP*x@KIx%j-94b9j*3v_Xe?%p?kBkqy2b9P6|GDpyfqT zC{zR>vk7x1uXw^DX&mhDLzS*Y$9;VVzFO?y5-<%O?*7R2h^#-GdO&9eSBuIB?Z4Jk=rNJeq*sCaO)f0n=B|0i1L}D0WpRf4nT3FtU!)V$r z(a#3i^5~%h6h5oHf$F%9-%V1E?Yd<<=&X;le!d#em-_zW_#?RJvfLN{#I$q57zIPI znD^eLc`Od41eC+b=YfWC{YlmGDI%3XcST*6Kqx@2dfk{NE+u~A8gP7oSDh#^&Wz#K zS6EBc)742HeI?@l454lw4)yj;@3`c_Uz?JJ=w=RMYHewxfl%s>lAW^lu zw|c_qMYG;6s4d07SbJ$LDJe4$sUSoq5Oxdxl22(Mk_{6*1nhJ zS-tTY#%iXM=^O4z!$76&=$(N=?xk0_Y&mZ*c4`TJ7AWH`B)ezFwx2JHz2Y+JcxNex z#y7pmg-$cZZ!FbY`i9;#fBgDW=RQiv z$Ik?4R@XCPxAV6JQTo{7AfyL5z=>BLhZ1ls;Z!(61%^*XJuAqSfYOm{m`M|^wc;^8Vj)_rJ+<>6j4vs=UP!G3aQW1NK0Mg{hA zLO!#7V1C@{hv#X>_Z|I~3gDS2;zkIBL)14*V&-I-((5QQZNq94q*6DgXzo%_t~Xis zX|G`~M%_WVZ+)4`s89Wg%GbVkvB5N0KerrxoQsfPR5@KtgtchY^^#B4GOuDxiR-_8 z@#Fanu1PtJ?;B?0zcz(E339*RAhG7VBX2k3w_Zh6B61_bXkfwus~5IU*DuUV+mw4; z)#GV8`Y#1Y(*5Spr$)7=6J-X-Pishx0*){BT`Z{3+kGyS*K0>z;teN2pz+Tc&}#G% zR!hhTFVsDY=hT|RhX~AU;pCdw4tG~@JZVC|zY-)dP-n+pjT)8$25g{bNBDG7S%S!D z1e-J)ac3Yl_3x3S+T?Lmw(2+)8f=m@q$#U1l|hU#5}hNG>##7w7Q&H|E5Nuw326Ny zb}gbrWufQq=gWB-losf-xVHK3Q1LGLbLgREJpFcS^T6pfWLRKR{6tPvSd~0=cm+(k zt})s!mOcd&vLf>GOTghCwB|YGW~xk`HR;$X%0rUQjS#*-gsrp9%h`{lO^&mE-1TTHV!?S=ncwN-&FmG@Ef-eKB;#Owd2FD4y3pvAsSlb3l!neF1Ev%}fulo$>K#Bg-_-$3sXHYNpvn44nClc*e!`Dgc8BtAP; z%AoGx5PLiuOT{R`v6#$lh4FVF(OyA-s~8CFF(*9~PN!Spb)fc7u9UcN?X3pw;=|d# z{VLNzKQ?2Gp@7nB;YmNV&Awl)=RRm%6*X&{Wfr~ha ztq*-)g*(qm;HXbp7eRde^>jd0gH5Gqfo~e9c?}pC8GWikzBeee7-X6KGCKHlP`BD4 z8h|YE034*!R@khs+$(*GBbw$rMAzg$Uckl1l$5Iym4!7c@-(qLn4z`D+RRnR>loL!XL?`1;5j9W$d``^bqJd z+@Ti$B+}%DqYLtFr%XDRbS2g!0#26a`_}f8WXRr*0Mdm&vn5pf;A_YaCGTG^6o=Wh z&>)GufoBjQUq>82iU`EThB-dE=KUknQr73!(O!r|cb(c<$pr@)Hu4!)&s9ZHJ*oSM zw9T7ON-|nv4k30`hyx*%oV5T{o(r%8_3ZjB)XmeIhK>QEn~X<4=x=U`$KC653v7(` z>J|J5%KEi8Uvh9p1M7n9YhfA-WQ^>Y$>ok5jQnr;WYypVRRuj;)^oYqwCcP8iHJr5T3o>L05 zw_5)4Wp`;s!dGA0dl$X!xzTf^TCK2%>D_z2x0@4?=x%&#dZgBNB|57$Zz)ht<~X?! zI3u_w54PQQJv7#-vT*IJa(b3qA3O;`5fS2gLEN6&N5ZK^6qReE<&0+=l<76Sb(v~P zwMF{-k-P8|*+3pCR?brWwc6HwUta_{DtdY5_3(5=K+?e2mV=?kC7qWl5mT9&%To@b zDC>Rkk(DU5ta5Y?x9V4EDNaYf%05OC=an%Wj8U^P@79g1;kQ&PgaSO#<;Kj!Ia`Q$~dYDr2;Bz6NxXUxCwuCq7NRUQWh5cfktT^nw`G7Zs zO1Ml%#x+0w(WL>;#&UA&;3RQidy`Al3)$D!i)>d%g0qX(;fR7RC3>5$7rN)K(nY}`X3_@cYyUE59Frg4qa4{UaP?Vw^B@!#u z3deL#p{PFM~b1h`j30JXRNx`a&%!6=!z?C<4>>(+a~Sx!}S2}{npL7#wcRS zD@pI0uir1R95g_WqwnLVr0WRoo?x8V-rV29b{%X^@pzzoi~CZln=u-kO_~875@Jn; z0rAurK7s-#_HFV9M$~CEY7d+q{uSvmpKpFBAhHc(AhzK?;@~j)bkv2>BK5vYUi?Fu zn>ThZ=oExY+eFh8#WNK5S7h!JKrdaZUl#ubAL{o~Ld>$3;~)2uyLzqn^=U%GU63w_ z4R$P6RdcV!re-;~|3?^5Ba*$FhWZ|G_BBX%Ca6CmUQVf|%f2W{^cfs4PuU_s1n+#$ z*O*)_2rqQ^#O>Pjl3U79MDGdo-gbPUGwGeE@RY8HWQ;%ZTMJP!(0}N@-`gG0!ZilxX*7O*`*#Z}#>0%m@6pdGkFAN|4`26V_gM zG>ANS_-mf~wbVTzl(}(Z#wGA2-R;TUSwFQm79pax&0zAkHeKvB*4gPCX(xgYOKv<% zDO%`f;Chj-t@O2Fk};noRZgOlszhPX&q|{X2+-$>_ij1p)*EjV74jF39Ql7d@V3>j zF06O5rE+{iQ2ddo(2pNUwf_so)qtZ*Ig4XLY~m8?rsr^U_ZjS8ShU2}M=_MZI*1Ar z-=}(D4(}*7D`5Neb=0fUOXqxt2O|uTk^_#nj`Y`OG=KExwpQGk&2_Z8shYw8-`l<# zA!M}w6RMQ0focX?AdBCiW?Irtqm~;Ka__hm=gHGDnIW+aK|7}&9Ij>jQ-DabSfS&u zPn(OI4zGY~6~A#j)yPrMuvBYTPh!AB`UQ4Rcp%_RLIVkKRti*hmEu*0U)C7>Bn9n| zgcFYgzG9%j?4%05snj8mxa!C;7^?Yi5x>iaU^7ESH~A6z2SlsYYPw$p+fP<#&(I#G($CboT+VylSl^e_Bxy02%Gz|&_-buL{3V@$ z-M#(wvDkVq-!q9C<5pRGv-|0>Oqs=|NS=*eMgAz7D=~y~mVRp`t-yT#2T)1k*p$Q_ zb{b={obCkF^JXI^Hla{aF6{L#%*AOLDFr@2 z68}REGDIX{jo2VNU?Om^G@XEaaL?PcDy1fZ^sC-2W}}Sf!DOk)cDdvf2Ue>;_j&wq z#p(qd)>!35GMv9|{H1bw77>oF2>7g>8qIEAQs#-TXQsBz>>YC{&=F;JrYxVsh94nSEVSln5J+y0zq1FBhW0i7z$s66JvRdFrC^GpFr%4BZdF2dEoL^OC5KFg zrVdsHTiB&%3hoI-wDCz;Q)m>Zmna*Rv$8~ap1YY?nc=*uq&*H%yl5#6H{MKV}Sc(Om>M5^wc@ zgIO0ik--3bV($(E3RhoyqYzxv85=<;Fv2X%pRQ-hn6RZ*;Io=@$}k4w{hSX9Vw z-*y+LAI}79)*ka3e&zfr{aNzf9WtPRurVr3#nGMXbF&1CwAc;`XFjq@nGJ#_?u>4w z8|Pe+Se==n?5RfNOnqU5{0dhu)MDCruhYKPcd&BEq3`?Tt=%~KC++QCEI>TPW1G&h zWO@&VS*{D!pDycSCne(swg9-~(nr>`ZA}7lgDx&1Lmr_Sr^-X{4?TiROig)i-xGiK zO@&f9oalqoa9S~&n!An{H!1hLMzHJL@&)fH{7%`16|%Imub1?&%LQyo-tz)vB%io* znK2h&*2p3pE-><;th|r~bZJ@&22JbyqW+gI?)gVo0eXNH>?PTmltO16DgiAe?7M{# z@Qw5xJnO%Lwm=tNTCyLr<$9$NG8Y*rj&wwvt8;%+gaVrr2eFnrI0Ih5ihz9a_M$=+S-P>e@*5mmx%de0`ARwU-h z5Z09mZz-$E(D&_*`;c&t_rW<9aD!B&4Q$|rUvKOvXQXpj z+w0Oim28QeQmQt1PC$oZ*;GJ)=fqrwgb6eX#ZyXq+%*93n?Fnl8?dTLP<*G51<6^Csxjt23@EnY{_w!kplBC)T@kLmIvHOVD_%QhbgK*%G4q zG{=|?>Xgkjx|IYjYQIyWU?wqr;bZWyEY5-YM$BEC7jl!-nNO$tOf1dgc+MT z=15*0%h&fml#;5Vt3n>sqf<-t8=Mb(DWyU-xpN?bU@7yBxZ&>JICkLw*PZ6uGm)es`g@=(Y~1Ln#GVgAUH z6V)1?B5J;EGJ6)k_M_sc{p*v34d(*&JkCyfO$Cd-t&>(2(V^q*Eh*f~6=nMRhyx8q z1~Agw^<7bJUY=*A{nWv`%U`jdJ(ZLTuh;f?H@`T1Cn-oZ*LXiCiXInh=dM#OYD{!4 z1Y*OFBxURQCM5)C-XR6XW=!&*bI0y1^#V6DyU)Wqog~Mw$wS3@c@4vvZO)7DReH59y@WW_Lh;R|ONArdczxAu1#{gm3V~`4 zb*C_nrGqI4=gS{yO5pxJu*2h9lC9mbWK`N|3ZEySIm?FWFmDiW@T*07ERbj z4cUx&%cptBc)><%IqqxoEdjGxQSi+EqdNSP5Xr)&!o7Kq+HWQA z9767h!yPs&Ocb-?x}+pGtCZ_XhHvHFVc+D&+@~_zhFR_AXAnDv;IF-|TRr-&Vynyb zz!Nq%h!K~)B8PrfG`4t3e=)%5P8B9Ld%bExChc|AxtRFaQ{d+%jiP^NkC+fdlpk2X z-h5V!(+-q22ujDM3X5h<@jAlfi?>rX=i{gb{c7~NWDDAI{29m(tiW|EXw{~*`A^mk zPRy#6kA=GOmbVs7`r=(XBd@4qo?*Na*WSgtQ;E*Of-%c7K4(xgMdegF=5=75o|`2c z>vMt`JAjc23l@EGUmZ=6fZ~9R3G)J-z76|bhjCb^Lq5oUB<c)e6|hB zCpck@y}|rx%KB8R@x{@e@3gC9J>1XlwDuI9Av3qDA$p$}0u*8ph!jZQ3p`KYz5^b* zQwBQl=5>4sI&KY8Wt$&(neqtsK(|S|!a@PM7QzT)E&0UxBovfu12^?~HI+e72xPM8 zwjK*45O6p?sK9eVKWCqL#oE=s)p;UCNST{BC#}O(KvYoA0za5dpaY zRmf5*(9;kvlJ7FZNHveaQdpF1gDEA61_6+{!_xv7x&!JCs8PFt50)pcrTdX!xSx1l zf;wcO{7+2TBdk0mCPBvyt&F@Q+}|n^)pfX1jZ|yQ(Xb@kabNf+R>^s84nXrw83Qu{ z;XF0JSbT+;8!8W;_eSPCcBhNndEuc$-%h5Ek#KrVH@$?{%%@|Aud#heyo5Uyoc}Oq zBLy__7t~q1c(6{*W8x!dWYBe!(Meg)FWw4;hDq(yoryP5OCUu z5&OJLZFG!BejfykmVy!DUf-eW0w|%5zjo@b!Ge9RyZ-l;c?-l+f_p)}QXSQa+dc?y zP!~u>Q&sVxpHZ95h#D>0JO#ob_s48}j!@T%lniQ=8EA!P!@W21kDQ;EFSIJfZJir` z*Y@s4*?paHqk)e~q6a-qXY>{L9Mpyv)7adV)N&;&Y=@LSm(63ny85eQ(-<~jm(sp< zSQmWg90nsOILg8IRfDUpR*M>k{A;7SxArvy{s8Q=S*qs8<0^&aa~YsOKJMzj+2;Oz zG+l-F-k+ve#VZ!?Ybp0QUT;-;4I%0|iR@O;}3pXLSXSSn7(PTU@I7QQltIIgw zE1{5u4wabMc^h zhLrpxIsF05>b7DM2tM*D@&B;*UU5yY>$>(p1q4M@1e9t66aMHF@DO%QxZ>=MmL$=jE*)n=Q)Fpj8ZKN z4ii2Ict$P1dcH43vF(;{AjbByAWWXq65(iBmH=wnG+s|S4vN8OVNR9F@n4UY$0dlI z(Z8skO-w(^30n0I&~*4rnnSRnCXM{RqkCxeA^2HdAMc#9trzz)g}t(8rOPIK8VR7@ zwI!2DIOTY)r)|%7;R@uQx||;Kz2#L;q4YiLdsAba{^6qLxrCI-w#Dx#+uIM1pLZJW zvi420TNsr>ZzkrnUZnLtm%J5)he>+IV{9f%H1 z>0{4BjcwfHA>u^6F16wsEm+uM-1FV!9tuv5Ya62YXQRYW`9pz`_62SYh4=R|C3pge zZmKQ#5ZM#d#S<~sIkYbk?`9=-yJC{55v}U&tM21Xsax+Z z@Oi$6;B;q(iWn?pSdy#|s0!8&u;|Z$MPKqT>I4CL_B<8agJV)&8*%iq`;XwCbI_D& zP653Pu#q2P>{IG5Y9_=bD0Rlm`dZqC6QD)qBlzTFF_MEFO^H; zCaQ9sGyK{%aKLsp|0<%iyg5wd1`)-av5%B@+(6Sri%_XDf=v2R-QufK*Ut=ydDsJCx z_UvIq3rU&JA4Nx}%b9IEa5^!+U=I7GUG9qP9-&oQ6y1g@pF#e-eS8+gQ>&)g?f8|& zyuD_#26Zh~x;+q->H&@!OF804lJoHC^UFk}I=E+`wU%OnG4ViP;H2SOIvB!z%bR56 zCU?vRq2A6U-KCw?;~3(dqAoAz*h;~-epL@#uRB}Ybh#F7v^$WWoUuS0DOnqWPFxaA z1|j36gILpU^Wy|JFe4{TTzV0T+;{|jT-y#qbcepXG5GO|nhFq$A2GxM9CHuR$sZ}XCO+X(Eh36yag+BcO-Oh{RXYyfgy?xmA{+1Fe;z%x8H_8HfvlwT~X@hPWVomu`cemlmwmIQXr?u-~ryaK3M9-a+RDP zZ)Mz@+*`EyChA|x5Ay29CL5{GZ*1CkM%tjtJW%u|KB#F3Fv605{CFveh%2>WO8F2ch|f*O61kzBn!yld?ah=%!v1IKszzIm)|V%GR%)1rG};KNRri1&AUq?uSuSH>l3j$}$k zUlN@p;xCos#k3RmhP(J{#?wPvUh!d1H|4&AOK_E^mWh`gB#(hFo4Y`VvRb~#^@1}c zUoE1G{Q< z01;>s&=5QWveaW>E8p+YZd%#gF_zkp(W1n4ed6_= ztdXY$+ihZJbheS(HInX1^oWxDtX1e+Zmo z41;^lJhasd?x*+dbiX6Qy%yzQyR5_Dzk)irf=M%PKV#En5xqkr<@ghv zqw%x551S{TiNpX`#_=le6PlO7K+CYlzz`b`_*pM(_kR`xDWfHN@+eCO(gfLmp@rf( zG*hUfcbf>3r`MwBUiDqyMj9#2va~B0*Ryi?&PQ4AJoC%(Cfnwd4C=AtaY25mm5CuVGoYNlC!ZgpaVa|a@M&;B{6Z*FA^Eu zo+$9V4<;5TuCe5$50JOqJ*NEhAH$W$HyW2L>k;bawI3uWqyqufbbiw4IUUuCCl~VT zd7>&TqQw?-ps+=u!U}!P!k}&$8K(qFlg|o_h}4|YF0%KwhYY&J$%t%m_?o(H&%4^7jh;X3dJnFdj`8Z%`QF;e*q5_B zq1e)4Bazz7@~iT+VeI|)PgEkoiX9+%1@1vfRan?^1^pQSklElXy5DVo3`{hRb@Jle z`1TmaZ4!uuy3SB8b`2^rD|apULa)Gdq#h_l`b)0}QQs3*`u6^kP5z!W{=`k=yA_L< zCRG}ySPD<-N3!gNYQuCz1WqU&}Ph1}P%Fo-~mZ$P0 z$MYrWCjMZ2-P7Ih8LL;l-J6Q5C4xXeB`|1xMpBV>p+A1$#}B&C*QLxERXc8Yw{vhd z-j~@A$Yn2POn?t*=G3%n-;S`3Uy^IF1a~_h=F!TJLAoI;cS;x}&rq}bK&CeM+c%zs zII;%(yhCyu2%kUm-v&20MpWmhh-+>=Jq&rxBk>5RV%5-wvX}>k+v>1ppI$oChS7C+ z0TyTHl6QYVbdgFMAUW+s8R_J0k-2T}Tmz~GoPM537L4hO4p_%Yy1J6iXs&!5_$|KH zY@d866TaK&g`zVIuvoT(Njghg=1QQ=J0}z=J}s@4R@_{unb%7<;5%#KqYgxYU@hx% zBJpF+>kDZXMYnfOX}x(GNWUav>QM>j)vupnTMu|D=V>P@{wQk(%qO6%1u{Ia)mZ>S!O<8;|}o z0FR8@GR+>BHgA;ExtQ&twfi|gVm?wZuy&R1%rt_achoC9Ul{eQd2u497j&*4@oo6< zH!jxHvf)If(Y9d0FJq%E^?j*Y%fMX*%D9weQhzBPF*b1e|KTv3wX0X!@&xu(H+(%p**TUaX_9V!4)X4YxkS9Pkrjb|BG3q4E_}d52d`5v zOX*hI7A{*waH@;D`Ih+gmb}WvdLCuae5BO-x$iYa;e!W)hO}k;`d6cr6W_tx5cL}4 zt`CSQ6N(HqR`~cyKQsG`bG8#~a#K>~F!zPnLAGPxsYQk2H5*Vp1Lr*NZj&@fCMirB z?UdFkyqG(_bCTdGA9Y*0PBjC}+s~z>I6i#I7-l{O4T9n2MszXJCeht@jt|Mt@_K(R zvxZ_ZRkA^Zs5j`iX=n(Yow%=Dj2hocMgNv5Mz`$`QVHVOO3+DMK`b_J>QVK)4MIKE zdRMubZMN5saaus`=k4%>vULOH+MroU_o7hb3X+&`K^ps311#BxF zgD`PY?H5f3*axAVYmEt|AqO(#Klkx@VgFLF;q&73j{Y+}WdsGAFO!X=@o*hPEl?!f zEHO;uc-f9s5zKghiEF+K8hN)w>S`6JSt7QN`kN1VrTw;J`HgDEpJqg{^ILUu5Ea>4 zhc_<;uknHn@+(N^r$j4+OaFC$;rW3eRQWUK6R+QS7?n1y2-UAuMyz}JUB&El4WQ>s zYNx8J6jmnn6a|cGj7#fQ6r@brLh0t9iB#i+<-KcA3K$0#*){)-UlX~P;1sZ0*0ie~ zC6QN<_8|!M3{3tAQ(nL+0d*sf7UX#F#$Zsxos%9(L6oobkr`qt&QuFG=GIm!Y zLwqA@tQ0n$s`(f{-^pe8)T%St(bWpZ@Q`=w^!^+($#bJCY=iUR|I0DlVdnP93kzIM*_&Uwu>W{E*dz+XF|5dRH2ZPOwZz zhI!Gl4_1pxZ%+jS4cP(z+%x9pDb4R8mlO{%qBY4eU13q!@j|Qx!j#ku2o=XxQA%)L#6MUPN z>eoH46bvhz(yynWmF7TK!%C~ZU_tj{S!KwrY!J6UO0TvR77jn?bm;LhD0T_h^Xul= z>(ExlKMbBcv+Si`q7qAjqCavHKPXP6IrHeDOVc#s5YPyW08!U*!ip~i>*2)j{E~>4 z3hRrpTWBg!=TpMI;LWjntAAXbrDd~Ef<5CL1)oW2sab8C1HU~d&ti(XWBvIzYexa; zV@w1o-ny<-aWh}jKrx-KrFXS;)Dp87wN2biiS;k@dx%GzMwwkE0spmQSxZqC-VW^y zz>#;gvfG%|H!a{G9(UIVbFP%{X(P2Q!P|5g7q&y!rJD4E(rPBWR}7wy<@4je3r0H+ zyE*xFqtM`TTm~P0e;CQxSw1o_2|PvaZini8F+S~=caukoLRfeShUB`F!9KYNYiaUN z(iPf=OR@Kzt6km+Qpt0{l@0oD|xH+TZg@oTpAx~JsiZ>#jqcH6Xf}79+`wvy)s2K7M4)WseddsA7atk zUgBlg!t-kTbkhf*rYEHG9vUdSMIjwOuc7cQMsC;#c1>uAok2T6&^ErB(@?Y!R`}=w z+hy9?JA=n`ow%y>5pt(%{n^Ql#7080geobPl`4?au4>KYh=?!UbU}qrBoR38-Y`ku z=e~S)J_=2kK{OpWu8S=Xky56Wk20!X&AggVS@*Qm24v%f0Iz*Ljs{=u%+ls)AVKqRvkihCRpJ?zgC`r>u%=H-NbSSqv%eVLOgA_23*T)iM zFIvYpoZTN=J)D5V57Z1niB>ir!!OC9xK|7!e6!=#>!k5HU~#HrtlBf zR||)ldmUhm_Rj>Uu8mh4l_D0b4UnE`kFR2JO>I=@HR?^k&eeDb^fY4(X(N>K~GvEG=JiCJ$a_iGq8^S6t9aM+?a0oDeuyfld-(9 zawLZ}p}cjsD~wYO?JeJf$L@@xRp<9An!i8DR;NrGf6BX5x4C>^nX1=0PLEB`P6CxqsesyGx$#$x5RFY{^#se3@jrGfk7#(#!g}tu9atm~KuUyu4KC z6}Rmd-p{fkJG#VR^sGBhQ_7@`cz^-bfQSrmUS_&W4Pt zKn#}^Fy?L=_7)rJzu;RF4siRpQ2)i0-{LV_eibPaJb}VGOXoznM{whUxlZKf%U{~#f z#Vq?2Oi{dpLj!Rif-M4>=rZaT-w3E8sYW)9YxXsAA-_JCG(OjV=&SjGl>@W$La=f=zrK4-eT-)66!08kk#R z`^=v16{yhMz1&gIz5wh4<9=a!nL?U+2n2pB71LR#Agb@alUXWKO^dD)7o)xXZd=ZG zM-Cm!p^6Q_M(Z2p;NEVf>uu~0Z(?|39Y##NvYJaKtbYDE;9Zk1Ch5W3X5#qeM3a|| zC69CcO!6P|FT4KQa~*lA*g2FN*pVaHv?KfE-a0%_=;s)bf}$9nBP3~F{Y4w>GlbDm z%FA98krU><-jTB;_>R`d%;c7dtvJP{_j8BI7j51Ip7g;j=NO8kB8mFPs?e1|C%Uh z_86X(SQDXU-UIUnlCYs)>{6+AFcT(Gli&JMB@|^cc5_L!F#?K#s&oB;yY--!t+Of0 ztM7BZ;VSTjlItmS9}}(m?C6FsNb;7gm-1KjDK~O@ z_>K@<^pUrRKN)!1+9STXC)Kp4GR&(pTlzM?tzAC8f?CL|*QMiip<0T(&n#DuWqf%*6OHo5BB^aIE zDZNes%TTq8G3kDhp*(Pv@!*iA&6{=m`VA?~!|uNjPMaJIBNNUb7+2S+dbKB~s!lDa zhYUq^xxMLaXr7jk2{lhwlTOl6ngT*E6P(}*vmBwB-|EKR@4RqIc=@@N?aHx zCVdY~FpinxhwI{DU$@v(dxB6kj+pr_m~$K*tC(-fGc(Z_d6~kFV4@ySnu(x^te)O= zvRk!ZKqVwp`}0+E5B&&`;{APb4`P1hIq9sr`|4uILNH9`i&T^{2q{Ay;6pFn{Htd~+FA9~D&STm@5YPfV$h|m3E1H1p@#-PwgEFJ`%FYi4Z zuIkW)dk~9dur^h?s=`{*!p2XW0reth_F5Q>vyao&H1u^;Rkvs|B~zKyvQ) zoxdn-oqF2aItIH;KN)Dm%V~DgDM;5*a;!*u9a9VC;qbfNyH_2DijWK4M-FXT4^YS0 z!0)M-*6+J^#`7G?cKpnvBe1A~gw)#h`#|f^r+}@?U(jYz@mccGXY{eaAlPZ-9398V zr%QEO5cq>r1AK)6VmAdejMZB1f_NqVzZ6W$i&6)^`u8*Z>~+KhpSXLgy}-FoiibwW zjB&rH_9Hlv)WDZi&M0V9D~Xlufn;ZL({Yp-RvV7Poo*gamo)C}N)yn*zHcdrpVkOAk> zydb~-`t{4noJSy(iB1E>uzXH%N)3FZBm<15-=6($QAB4#IP|JP)??K5ti)4wq(2D_ zet5H*i!3ait&TpZiCxK46=69xcmjUxqhKe+@(M3qDXN!EhLQ-lC?lmA^&D zxh`977FDMG6u+R3%*qWA#7)#|Maf9szK}*+136IZr&=9VZatQ_@4u{>7e;F)ehHL% z!Wp|TS!^)fl30&bv?{1M=72eE2G2P)XMnwfaiy3c_&vEavPo8(_<$c#h*7}ec3wbQCCF1f$Gy5cD2J-_~zs=VOaqTSE%`!9|;LmIWyIS(QN ze^8-R#$$ejmiSqLI)r?i?fBOC!P=m3n{GY6KecVjJgH6NH&4!gBuOd7-meSN2^Zs1 zEd}9u^Ey=z#*KsQko2$~gKgo&Mmq*`uop zm(M;mhc7?eETm_WXEV$8f9kWTEfbQ?_n85lE8OT=^cSxXZ!iwF!iP==j_#F^mA$v=?=ZeE9=R5zVJNr~Y@!+5H+Y zi5gl$FDR8LM~)rNkdd(hzawY=fB5HrlrfWT{OksU(z}bx{)Vx3+;y3=X1+3m9`be< z&@r#7&z%E2R?Kax|M5Zn6$3H27<5B<-zWkM?|&F;fBjtk!&v*nCh%7q?Dyw$`Tsq} z+TTBdzgj1Mz0ZWy0me1&X;|soAe{mlxj&!^|KgYb>Tf$#K>JJ6TLdV|&SvQR?TE5} zd0d{nd^Q9em=|M&?9T&YC|9@ZzfTM%pVe~!H+umbffaWc{`VvB&qIien;kBY(*xJq z$m=Wr!+ZN%c(5fGpw`{I#{xd(+y0_|`+dHB0G{V*rAwkT6tMSkR`vh(>s=@FbY0mP z3~9;C=Z`dh{U!a?bN`30HCTn&2V zzOSK6s^a^xJAKZ_ZILX%s0i^|8{-Ld`hMx2vRX#;%~Ug94x_tycJZQvKugoL--}%T z@wiA|4L{chUC654IMm3yWhe+$WsU_Ybe@DXnXl@xpzr0q)cuy#-LPax2=1`?cGiNu z!hTj@tm#1Z=11AG)F(Sj`ZgAb>ok^VhYy>)$~-3{{s*XV@NXb~pkVXAf7$4F49qt& z@bqW%i_-OL4 zsl}J$K^|!(bQdOfnSq>;#*lq#mGe14D4Aipaco)d2VCHuRFU?~F&`_nsT$3iN3B82 z0PU&*n}9dq+>kit+Jam3W~PEISBAn=snwundd}6^qG$73%X{o2^cf048-5N{|p( zgC7uZi8rUz;weutbrz3pTB3?jn!uK*nY~ZrI+n|<+?y==xv%{`KzRlLAW7xa9joZG zN{`IRQuy8xyGoZC4I!_|hhr5MVIofcMX8zuONrU{OdzG7+g@>`ekXT#7A}mKn=5>|jv>^f#^2wvO zxc2Z12^o4$vH7z5ol}u!K&xo!9X)&;@eLTD08cK#`mG`oB~|bG5-GDD=dx!OOu@ts z%$Do;?*){e$w1oB4K2|q$6;l|lLU_Or3joBhBXq_U6)C%SCNQw(nc!M7Uxt`$b?Pj zaoR$Agki&fF*e~a)322i`guu+CBgbt9W(F6sK=sJ+P_^-Snm%XKCFV2!F|l*uyD&0 z#T!151b^wkw54i7uNHgm{nI*wm08`f4eIYqvyIdV1^j*o4-?0a7L67rKkBe7>gYr(=w7FaWQa0?6W};n4R$Zc3xBLze{bnt{3Gt}kfWo)zk2by?$tv;W*TTI0y) zQ#5t$m%vr?{rPUau09iF4=&+%k|xFM?pgA%k?*M=X@jqUzzmABCD(?EL8lg`!|J8H zsMw4@73o)JqGW5gICyCM94)D?j&xxUvhFDX*qcxDjTKv_K&Yrfq=^S*d2TH_*!B^_x`OE+8NJ%k{nbn`8u3%ccVt1SL{L94u;)Pck2B7CzrAI2gcnhUGs0+Ojf^^juFc zCG3boZ~BuiYBCQr7%&tX*T;bwn6ya}4pD(gCb&9-(#8c^lFj7hp!++(>K=C#b<^+l z{f1*;Y84c-v2^b2v`qHAoo1cOv!wlXLM5n3Bb9)Qccr}5^?BsVuhP%5jsFeTB$b0z z@Q0Q53L;V~U+pKDP*wq`m*Lp(o9FIo{$9_zK(1$f2hA*Br=EVH=aprTc7fX{VRifs zDOT8S!*E&JzXsY+iK1~eON>7%k^otX$-2qTmNv4V3{NyHy=K!PDnavuf)?Y z+B4xJ6K++X3~X}j8fQzpZ+fT&mq)mj2@@m-EsAvrHA!yyp9)XtmKZ<1sdcYhRm*GA z<&?%M3u;xBAdg`hb}XP0tWMLe_}Jj?r*$xS)FzEHIiAKnMD*EQtr!JNoK^K&{)B{4 zpLv!gu_cK{m#<7Wol0{Jq2Xh^_SC(~S?yk5&7^wwbUHT74AF-avssKZdLKz6jlO#p zYcJngr6m1bvG1}4Kq_E)*QJcjnFEv)Pvz+KBY&6eXb_Pj_9}Vz=o3_U{KDc}?IMFmfoeXE_Gu-^Lg74}M z$x({^ytCOFLOuT%bmKl|MpUblcT&u4fsM6zNZ?%vD+SCvcEq3C9LnM~8h&4aOmAE! zvzTsmgI({&aWFo0G$npqQl;}G{ZFrt1N{c{0nfNrbp@`Jc{*(9_0mxA)v|u=Jd%2J zTH&6IZ?ON?kxH}r&y?6kLlrDT9bbsee|0-L^&l?hDc3eKwaR{+b3_|#U zAPt-1IM5Wak)=cAzDw22t-E(e@(^!LC&}~4uVIx6!n2v+SjpHX1F0(^Yh*7uBJ3ut z9=>ow7DDLifoz>(6EW+-X_~g1;{Ov%>s1aZ!{V145;LBP{y1zE<`OoaHwonVAZgt(I>)OBPk>g%5VE#cjaPzYgvxt-_2eK%j<503i zYGa>>wCStKdUjn#&s4L#ZP zrXhe18xxhsNtq5iJhw$JEFjFx`F4ETs{OuSsTDuPI(N{Ynj+T=Sp_KMDddd&dCzOuMvcfeHBo3FzT^CO&q?tQF2v0n7eQ%!4Y7)%HoGFn_D^ z3pdX0(+6?*z?(@ARpcvy2#)o5vohwRH8z4T(=~ z#tmXw^WCNNC61lEt^uyF{x~x9L;LYbeaErAvecIuWqy_39Fx>;)&yY7bhbZgdBmzT zXddqwd$F*-^^MCgz*7x938ngQRdl_`MQutfu3y^%ZwR=%!U-=vaFE1>ufLrwQ8n{m zHEpb_{}6F@WpA!s2me#atYsy%s;K+5fy2Yk&k<}TJ=qT~)z&{?rQ09_5TzuikABA# zmYt?svxVkG?5n>+&?7(|(A^1m(0IMmr}VuC!YnC^nM%Ij(vueN6*wXac+7|E>V%BC z?`G>V00Y@X0hMHRsD+I8Cy(#9BSOvHFPZfj`FXcKoAi(^t68d`MY~S|iO(5vUUU7r z=@=l(ax)51oJsbZ$WIE=siU=m^ai{ae{jc9T3x*sY$Q0s{F@{plWX^e0o^Y!aWtEqlFIHTB5A7MOR_y_eKP5#_{Qpi_u)pW z#DPy=(lW8sldw;_jP@L*3gNTTTA8 zkUj44q&6(1kk8tDU3HrLEA6*g44V9*hlkzVH=iC- z-SktvbkhWpW9(m1=DO3DhFoK=f$5b&9Wh=V)s$ti_<848UT8n@f$j9mt-XvuCn#sY z?o%=1VT7ICR=%Z}8SP?siXzK|sUB@Ii6Kb;-dN z%^Zuak!8GZS?$_Nv<&{!z1{mMF)0Df-i7yufB7KSN|7wxnS8Wz05pUke7*>njuJH@>i zt5iwxGa8#xOeoXm>P{#VVK*L9d4spgHLf?h?zNHXxe4N({3s7r%W9hVWfFY-dF*Gj zO1u>7JF0QbA(tjWFs3KYl(CO8*bUTe=QjZ>v<>os1xU+@%56N74=K-GwL%Vn{iW+9 zynaqkKZ+t+H^yFk;f!kbOsFhTVy@O0Hek!e%|3Xd*d0R0QC(y>aDu@#Sw&{qvXDl) zQQRto_2P>4=SwAON^O_MvmB5#_wLRf(2S1U2u*)Q|twzI`v>32Vn)fAapVX;V7F2+F)1~gjHws|GLJ?gTy0{I~oOY7gH-tx9F-xMJTu(nF}46Wp5vt?o{DO?`?JRqBCF{=zu#F$8`H>mPN4v z-8y-`y1s*>zP^vGXl>kJiV~}7tA5(Y<@0+E)Y=0WG(8@=u53rqoTEJB*qXmin>KSa zf%1vi7mMK=qOSFtsM`*LFKw1!)sCz9MjIz@tOcYVQOYQ|n)w{p_2@kyWMWFIO2pIb z-4GfONVV14)y+%zg+Rw!$3yD&r#g3zGu4+NYwAXHt9&&I;+tf*CsCPY{o>Nj5lbv< zREK|86H+=GtRa(j3v$rtOb}fQJLU)s(zn$m$wy&-1dl;oFIH zj)1wF$Zr_uMuB+Xt8PCvk@GTpAODT4=Vy z>8RbSB6TGXRM|5EC3W$O&Af9phF^;wW2Gik^rqA@*jyWJtrK8R+DbVbT2{WiW6-R( z$KIu1E~yc99Z?jE$z`=YHJ4u2Jg+-QJJH#;&KVQN@!}e@iF@o+R=bpY93%IW+>#4Y zGQ(HaaCaEKMaMXl_6Z8Q`=PeCH*Uy?kg$6fnOrO7*B5v*>N9=i7(|{lrsSVZWx^(dT)SpyQ+n*;5 zd+q9}(-_O%$*A?4V!k{O)Usykpik(_KFs9HqJ}?HvVuB{bjI$)Wqwvi1ek->Zn`XL zCHA0XHx!tY38y)J?6C9(lYAX zOoBYwSd(ZkEhV5nBsx%6*QX-fVeXu>$TEBE2Ss>pwwE_dLHbGiA!o4E5$VCsdm8p? zaUA23@!*}UPL%-0i1R@0ynfEi&ZMg>IfXDWn-aAky@Ev(+jw&9(Pitm=-eV#^uHqS zu5HbRFm-?4CVihbYz1R8DWk;IZfhDnUwOOL$hr)f2i#AibYDJeet%>z=1loxg7b^B znz*#DM=Xf^6-SC9wCv$>m)Nc4;!h-Yl!aY~wxapv5rb&Ozio&Fe_>c6O zwT*sLy0ZSF``WRSZy~bF2P)JVd`(iXz*aggtJM@#b9iKX$RlLEc7kA8P3a;+0XrC% zc~SI$$h(K1hjuP_Mbw4XzWJGjvsOm96Q_QCsdg-|T4X67T6w}^K2+iV)t;3&v}~`# zw;W>pfjhF{=R}oL?hW9EPD`CqrDeKh&ZlYT(j~=FN8<2V8}yts_yKN?ywIE|Hi@hI zNl$Z>uCTJ97bV@(iH~zpavqIwToK(-?19}0{7p_Ah^Sq3eq7dd~?&k{OD7$!DeAiBeM&A(w(RT{8N|0{V4>28lEgtIM_>>AVe-M^EnOB{p zdyCSHchIeBZ{VR=MFB0krB(FG>(iw@hK+KPbVkCsdbeX#FVOlH61cLLNE-QYLfu%C(KmpQR zq}C^skW8z~QaO}aG6&C16+X{r?xC~Ot^T!yC2nTuJ1N>g1ow2&ck9k*5EQN4A2<%H zJ{s5Z#i>e1iJ!>rZ;MpI@j18Hx2ELL%?1XyN6962v1yH|w-*sukCaiby>GXGx>5n5TVr_j<+^?DHIMe^GY5xUyviB0LCL3^T z-}b+z4b!$G#gES8jtG;qMNZp+3sbaRdRx^$1_e*Aj+EZixHqP})jiho6l{gP>7!aM z#i;4Ps*}d(g9#96@6~?v41!Fp*fr~qEKczsno4?Xl*Vr?{WA0_)I$?+&lICLs&&dH z{igJMvR!5#3I$Bu_A*Jc9sMD5FrQ<(81n!ZUUS?1+qcN(4hTW^d4{QDk-}19f}J{& zgX-AH*UZyyZ~CD>y{J_+i-JPKdHfHP-d~g$#a$3B-~66U-|6V#PiiC>U0hJ!PNsXI zq=ea_6C;^KI{4pqDPUbl-k*QO5Vb>^{Z&^(SG{I@Tz3-UxwiG{mLdELvG0y^DNgDR z&NXcZ;0o)B0^6-YO`6jzQ(m{i=s9C0^4@$J7J7=lBStK$1gv;GT`MI@k11En|#$^`c0Ax=7cnBvAV8 zXj$V3wj>XAlH&ovV6S3}N)DosScTT6pk-r0Bw6uFNVI`x%B!Jg)jxfU*7ugy4W#20 zM)+lO1+ayDj%%1TXsecrmXu|&gDuq1elT4@t6BYMBPMLKNo=x3Zn~@DM6oWZNpXB< z^QbMQhQ_Z(`CSWke33=Owdm>_hdTfsD6L8I^~uT%*;!$bjIMXmy=?tvt zH)DTP1N`%ljMhtAG||Gf1%7g?vHdIECHn#SHp^d;uTSbrp!0Cdbp5swU+O|@&X0^b zOS-3=`Bo8HC`=A$fZ+>fh{^Fcpa&Y*1`Gh$OSCOgF{*LgT4qpFZVflwz&i z)C~=XS0<Rw!^0aj%Rqol%g)mD5+eCK9tI8fh=#% zozYj{d!9Ad$If=1^`7NNI*VlqdoJ~og5}fBEk&w}`MEw-Re@iMSG@!E1{clLSOk4G z7Y3ERZW%RcO5PhAlL@S`pteI*79wv+@PLt&`7-SamtT@=w#Gp0>k^n78iZPzQj1w& zH;c)$g1#DRM5za8PM(eSdSDDrW>eeWW{nk9PU@$L1+$ejWL>F>qpa$v>q9+96x)7g zjRow}q6A&^Q0xE&te?p#frDZ6kw?jle**=~784@z?3{G03k9s1zz)Tj9)3%AsAhHR z4pQVhkyfi~ITRE(?8I;ThGczRr^UXzPj2XE_1I29Y-r!(bjfS|$@b4S0}nB{t?E|> zsPpwX&j(XAcMxk%UvD-;d*Z{>@;YZM@{ifH?@eIBUG~Er@e>`4o{$pvd`4Ur`#Z++ z@H}3_I=A108pUD?K5SSmDxd16=#%BsbX9f*>WXzcDSe1O3z6R!+7<*gw=K~(b1lFa z|G3SqNQ~)Mu>QHfO~+ek8%DFE$@%kGl})sWlRNTg2v-EdcMWE@&xLUYe0a&J{s9W} zC!NV@&5QnaMtI%E-)!ZGcwlXZ+NY3JK6+TwHoHE*kfPf8l{r6NRJIsO9~QOckd*Bh zI+QPKWPov|rqBRS&Sj?X&xD}Xzs*0^sM|l2^{#t;X}-n6d%^2&3u>Oe=nd(iPtSy< zN_2R*Az}hw;iw9puk9&vcUm7ixa+w*S)$spD(!>+UxdGBqxlJpfsW+FeFE%(KB(+T-6 z2tGBjuhV_g$zG1vHFXtGGMcbExR;-s8oK9BUOvTn44)T@JJ$<=f`RpKR!On#)cjF%BZs3P zAdqg}fd-uN`E&H(pH;-UV*rnsn4iAP>oB@Y3~VN-N;&T;Yp7vP(jEPTbjC`jO!*KG za1ZQA9a>JSEG6TgP^?!kO`wRbd}#4XjiSNU;S17w;|w?xX|mjG}WY<11@8Z18*kgn>d@DnF_zaaA@IqPe zJXWob(kh7xeGFH5l6*Iy!rroIit6&YHdtz1j-@Yi%qb>P`~1xCB0&oImP}@!Oo?;sIis&TbnGRCMyr?9a7wx>8rS< zc`K`^xmz4 zCP-qcT$P>_lnvyOSh}YNk#xq%Qp0M3tqYP*QKY0p=|+j0C7GEB zv?+%A41esGddlqMPthd(zDQlvv8saVGnk`*3ni%xGsAg@QX4Guli*oz#Dco2Q` z6x=%I?LyDSsr)i8CGX>QC55Zab*C2{9j4w>S3IAxBy$)DjqzLzRL!=)CG676waO(u zy(wxn;U=NIgB{67R~`><9eNtyAMZg9gw{%@Pswp_KTIe>STepNov}|g^`{*d-e}Y1aZf&SoeiK{)Qk4oL;C= zPp(T4mtw2kQ5ma-BYEIX1@4^F?1{$XcyDp%n~5KGpSI=MCFt?%x>GnyCkLiq)?Aq_ zw?3777D~RDMP0E&j*78EHV&wG4^zl9^l&tnF zo?w<@N(4heZ&~z~L(>QSuN^uUIR=i}E@G{}|E>PyhF_^XMol_Z>jXy*f@6d zHXo|k1|Y&c;)m}`2WP!_EGHzLHYbcL9CHl(bx?6BYUh}jT-w5DVs|O{I>Iu)k2LxR zF9ej;c?%CLw5-=CDgMn1Ac!PdnGRnVvGwi`yroACO9Uz47q1q%zQ;S99w8E^q-EB~ zv)%vn7%}3^AGO$>AQRISH;FBh7s0BLYE@hMPdfDEGBQ*;J{_GbtvNae5Rqc~I`Qw< zk#-lZMuIJ3BO%VH!*@&r%u$Wbut7=GozgST_iNG^b+AQR&PZ6bx6if+J=h|$=eeAB z66w%RH082kaWgGxyTS3)T{tu0J<5p8+NJRhrtH+$>fH8u;{)M(}UeYjNqWo{|O$@6$v*3}A`q9LR{M zW9W;b8#I1=18lqaUyxhLK(cCH!qzt=QS833cwWPxakE{;Yn}YA6=O(2wb$Akx8kE| zLzQiRGAHGXR}3Exn)6a2SK}*|W^A*6)?f-A%;kI`shs^8m6fs1T?a|7w(RIE%aF*Q zspt7wXJRO%9<72hada+w+35w_T@=}Ot>k!5%rXSV&{TB`*W|6mLzwQd#|0Tot;&*r za%-L7KTDgf_Uf~ko@3We&hsnEsA?RP>JV0mK^ZW#>8LjGZ%{JCfe-!)AsMVC z8)1)M&)2j2#%%|(XBT5pXbUNDyIDpbvQQ`c#b@}ywLaLZZl$l6)U$irl__h*qt+YB zU$Ew!8NF~6_8~U%V((OJb)xV8FlW!c3U|RH50B?|PCib-2K21uGqa$eq;+`;lZOgM z({(3%Mll}ZZSYuUC_2D+uD4G7TD-8k_9%f8Qa<4;{%IN6dxkF`hRz`*HXPTyBNda7 zRVduT{1xC@ve_`~68Z<;=@k%`PV*X;WRIWaM(_Y_Dmj-?CG?|a*u>%#WFSYK8)R4I zjd*_eL{Z9V;>Dyl^J@#(CQ4VFVV)Q%r&=8=Mmj&SWz($Q1!=Gogv7SrOu#1^L-vTo zSG0Q%7vWCeeV$Qf#uwTS_Xc-~%KC-zMuTuIayvoH(8`GL{08qVH5K{g>WXKy z?H^`ujTyg|tlvD)==iv*>st`_Hp|>OWp-1p7yD8*WO;moY~j-thP=rdB?h*Grb*0S zQ<gnjTztDM$ID0?((dcJHrrgwqaYE`A@lXX!mX zy^jr32n#%rBc$&J7q+Ks^w_YNWV@cVN%j%sQr@<ayw3A-LMCM@vPUz8e-VvH` zctxykMGM7dU%rp;>X3|&*(teKU&W6b^HzJ-b^H_{B&dA-@9`{L9co@zMFRTm`JUIG zYLl72D3Key_4)0Z!XK9Htw~m+-GU~sF68#?imoOmY#$tdA=%p9g70P5DJ7eG_<4p| zIF^dz#2&3EaByCQEDp1G#dQYieWI`l z8|-0Y2G!abEQOrX1y5GX%(Ye^J8Ot(l#X?$T=&llBeVvE(=B36&oa1& zz+!WhQ?hkQo6d=X;`$|CJ9P>h4l{wOZx=uttdnqCI15yFaWc~D^ zbpz8B)p13mrD_tr>EcX~bk82xnOl&=_(7!pw+{IpSA4NLKCcjuIy3v3b%7Li(2k%m zdcN!vO)XG|Dp%;1WLUN{>=R@=ag7z>xAUj?OrSkmPexANU+y?%{;a1O{Ivo5yFzoO zSc6rio|Wb!f!a2>7m16cI%$yg!`Vj85c$zHCE~;CRyBcmb0(^%+@%D4bTl692)>O# z=aPn1^&b53&l@31BOUWC-a;jkV&*?!4QV9uG7NHkcA|CVY4&*TkC{J`k#h}{$EPyI zuLyqe!!MR3B-B}PQZ#r7{MMEZsR>0e8=2M6lUP&y9;cK5i-6^P1BRMZ#UvUR8aEVS zV(71s9Gx7je`-$`+o?^w6Kr9&tSFV{=KT*FO!1Q(iqsf~H%$Y1o5NLP*aqEdkP1VR zBqn3Vl{c$9NjnBgMC^9H@KhnnkRA>0)^gabiUYldW9-$8PJ8yM?Pu|P?kx()TA63B zF6AE9a!W9HakVGQ9y#sH9XY{I6y*@^j^0H9UCG?NJ*UTmMUmpC>RxLM!!vIounjG&MCZ0XRE6}Y_~DMU`eLwKT3{j* zmTWz~Fz$4K$WG~KAx+tc1pR)-xZ@Tct=hv&u%Rz?YPm1iKF={2HOTfV^{TcV*fwR@ z%v$*Md9>#Ei!oFzX(D86aO3 zndLsww_q(P=NR5^g?@6KTl{?#e=Lc%` zE1bl&1+%5nD85gcO6Gn#7f#MDUol)=`aJ?);WL>pYtQ|$y(2HeNr=IeL|^#zijF+~ z`D<0dGR&HS6iPbf>TU{P2!iBd7fSZ2Qo^cgp1c{`P#=@X`An-Dd5t7@a~Lg{qRX+;RH^ zk1~hwQ(aiSR#~^2f;P?V)vDTcbpYO?QwoT)4pqemR|^$aYBpcuF}qe>{r<5}R$sfn zQ+Nbdq_N2x?d4$hQ9%mcAIhDn-G^c>Zx0ysE`OZYu)({WIXog+MzoWUAW3{HKYjQ1 zJ7p+b&&7MAF_PZ!;Kuv-{e+qxNZs}nakb}BH45FKX{(-v_C9#ClUxY_rTU^MtIkb? zduM{t@$s}gFALP4!}_2Pxy3vOK|U@5iPtSc&Zj~k`jW2-93Jj*q2|@hxAN1}2i;tm zaIUd}gHz!nfV%K}I-o-+_`ApZ-MTHvlWlTmPFkI%ZSP$l;Rkuydzo`ZzSGFz7Cc1F zid~*jM)Xu^NBrB%wNmH($vfc689us+d?C&^2Y;)TpWpigoK~d-(o8~fR1gqH9hhYO zP$KV<4!?-{q*~1K@V4>u*q+mAgBob$s+WWN$^D&E9OgZXevSO1*V++3k>1{c;l@0! ze1F;K30={72!+Bz&e5iKvuNzmcxhyUH5=<#i7~P09^PDu!x#aw#^5U+m+k9<$Y|s_ zVj!M;@GEV8%zu%)hvFQewr7P+(KW2i8`$iAf+)sJ`$&ki`mc5RQnpz}SB|<>^bXlT z=hgyZVkR>G$FY5Hhn@m?)!J$^C9$Pf>XF4}4H;A^GFQv*bQ!HTTOau5nr3$*uZF%y zcGjeQormjFX15hHb0%9M687`J+PKE6R;YY@Av*Ko%s@tFQ_D`ARi*5HTD=@FrlYUU zq57wXrqw69DIFSPJ?*KvM=eBq(cbujd~C|e(*~_2Nzb7^Y1GX+Z#7p;#1`LY|sUD50eohj{Fu)U#lA-rl*U@sx&^jP8I9D zM->$;-%1B9@0@(0qmuZAzmID_#BBtp8;T&wE8h^ifB1#Ow{$g%_-&v=y_>k%-Dmp| z*eyBu(<-z5)R)XBDb(U>Ejg7vPs5PLsF&_j%DNsT_`5-qe$noYuHW#giP(lU_Z1ygxUz!o8R*%dQn7m7c=+b3MN0 zw;jYu;8HJfts)q-YoBBE3-J9B4ky5q`CG%|)2O03vFjC8Nv91b`@o^2JlH;|!9NhV z+s(l&Xii@9%?+=RRizJ))cfzy0Px*VR$?Y;Aj_T~w{0PT6mrR&EQIuC%kMW-O) z(U&{qLW8rQ8??79Wra3Ea?Awa*f?z@>OaY9UdYA!VGAgo#qBdVK(y%aJ-JQdK5`9LQfT1kCqY*3Qv zEQ>DBn=~ifZ1lN8D7EWt9d0>V*l!&Ou`sh&lB*wi?Zw>u^FgFfbj9nD@UJHs@+%3i z_r9Df>^E#hV@pgGBbW-D&_6-lQJRZS?J)dXCx$MXHn!U2)u4*10Qq zmz!CCJz?8vS{6~73p`KqhN+VzluMU#(bs7>pT#5;M(^(jpOppO36qSx@{V0Eq@)zc zMaGMb5oV6vV%CXyCM4#bruv`@xo*2Ul1DEJ71l`|)S}*)!<}48cTVx*vYv9@%$(F; ze&9US-zT<@pDT81nP@p#t)Rcw-jw>(8zZT|wfhsN$i-^9H8^OAu6#=931 zI_KfjKVvD6_dgkN<-zS1Iv8QV$p>?aBuNpEk`9?Py2RQa}|3?Iue%trOIm8D$E5=z7AeMil;cG8(@8y{%hsaqw4GJ#dT*%pn zoV)P-wtyjSP9>)))@w~SiaYJSS9y?8?RS-WtjNC;n#}{*5J`pbIYgzWW>5q6FIDH+ zoo&(^kenw^_;oGKjGssln;S?85Dr=B^V{!72QNilTDu+5$rhMTC6##TCGDRyIDeLL zCPo1zOeGd%K^sjf7kZ?Dw5?7f1PI-o*@2wDZxrNjztt+g|5KnB+;Yna-mStQbU?=C z#IQ3UwtyV`_NG1_g!5AoIBoy)(EjOHHpy4J;!pCrK60YcRD*;GE~l<3n{R6zGe-qR{o=#`r8#fe^iJ=QQ1WZ>f=PT z=;7l$k-!48>RVT(jQ6N*gePt~s*vbHZsWikD7d>CLb-o`O@H@OnJeH)NB&d?OoR6a zl;r=%h5GBw`CbO0;;GLEO$6w^uxRZC{~4&rz;Wq6zS0j5z#}1p5`rl??|M`J^alBNf8(755Zhmn2`mGK3(b+n z_5XM)|KgS(ya$KjjqQ6FJJ=|%4C($)TmOG=mq>Z=iIK{eXn@y7;T8M8TcrQ}U;gR$ zWS;+8!r}ie;cw6Bzf1V9g64lu;Xge|XZz>>^%M%w;6dE{fPUd0HTnPadopak-=A(V zpi(z%fn=Ia91JmPUh4Z#qs@{(2sYc_jb#&~M8F3J+Apk={JW_3_gCe+E#*T1X+IDG z+R|qp*F*kAJo|^2t;AWE^uB~_t~vi)xz z3^zK9aPNfR`}@mAO4z;ge;p9_r;MXO=K{>CM`}+2vJxG4wwU z;kTZF5Z)-zT1pDu??pv7|JC{XhZ}f)W<%8e#g7QIq(JM4qHl}d*W1aq7regel4Tfd zGCz>c>};$fzjQq%JP%0}phsOf^PLBlZibV0+WQI!CA~=jcp8Dru9=xOEWj5x3D8YL!@PDa0!%3)#V&nwN9q3^DHoXby7u|;^H4X3?% ztvl%Ax{p>Q?-tca@6!m;+M{sv7wt?waQTA@o-|9C#c*M#`G+n#jHrs(`c|`M zpJOvYT#;SE^G@1I&D>z4!*L zsx|v>g;`A44R)YSyW&aZ^)RU;IT!0$FoCl6tzGSCv2Xv>#;kt>4?GJRvLCf9xPtHF zl|AYiMqhKEo2RB0zAfmnYf_JeIu)rg#mE&Wtg5@?MA`o2o~y~MNx$Rh(#u|^;0~3_liVD^ z7WvHshk~)HY2oumz{F)!C_AY<} zMuleZ0lC}-2_w?W=^Ve10$@mYjo$>Yx^}S+dGAy9k?I3C)GO}rKllGE_#g>JS7Eg+ z=DJ-%Gs)+bQP9mqCj|Lv5wb+6c}7VbVk2?3R)iy*4SiYmT*f1R?AM?82~-1U6&Ho}UI`A2{m9<)u6HgSoN#D|G*F|5lN=xP}@~pxP^l7P=FQl{n$*o@eT*L0)5eN=I4*0jO-}I zf!?w=JEqXzHsMlOLtxayj9pQp_83;3$taw|_q$b#ac(WS6AU_ZlAtHOAnE?Jiu%I$JAE9(B}vuoL>4H2T~4`}uC3Yd{qzQ2jR0Nh zjV>I9(9UnR%v?Q|->vr62HWw->B)Y#-SUr@+X3CM^d~cqUC1q87qZk*6?~FfHzDq@{()yjP#SOthVt)d&Vre$ZW)e@Fzsxg668mk zviSGF@8xG795uH0X74!{&TPaz|G4-BTE$@cjN&ziR)(5jX_8jRQWo06TC41ngSD&b zlk0%H8MG{s`@#HT4{G16MRCy5U4oE>Z4<>YT<4`L@b}3NIHLnst^o*Ij8bR-73?BiGRGw z0+$7Q5{{yg)(rR0%$%!8EbiOX{bE-ETI{Pz!!rUNI(~JGp=AL#p6cBWA|TR%s%S!X zO0_mz1a)i~Ts3r~aJ z8au`-G(JZ%AT+tOq*%{2J5Ru|PXuLvs*`HVSXPf)7pp;EP+TjzPAPU%0PX4Z^w8m^ zdZHcw<&SswH>|f}vduFMJy7N<-^ro8#XiHYlb?axXiQ#w*kDSY} z)AX4tI_Xm4q)zLiuk^#t12tCgLbZp6Y|Q)E)+%iN`L^|~oy-o6XNCn*2w-_(W9Elzmz z6|{&Sg^hJ6YlkQz&?_eenDbPETzYq0$X}*_Y39QX%l&g%jhheGNMaAwm#^w_4!NtL z#?1A@Qo5F&FsN!_Rw>E+w6opz=QLMqxEEWp2Tv%F0vd}ud!h?^8d7Oq z_^m_@))m`#v0QO;rr|^6cp;sE#=jl6`w6EL_gS^e2|r&ZDJ0NlY`zA!@Wyy<7!PJn zuMa4RQPW=}&?SDQU_$HD;Lp^s)Zu^FVW)Tb&7A{-nHOZ-POtSecMk7!nav<0Ip-Gk zuyNd`^JUbYMu+dU_FS`7=#9T*8b-ba34biFQ1#g{Ftrjv8`=V74$ti(u_q z3)ykskFK_>Ua>@3r)7#237k9@vG*O!tR|3a6|d*@6HZ(yP=m_wI& zw}W@z&@F~|z<&wx)THK??wXlb6wOkemYtCCVt35E}TkPJ9V zH9}rx@PcJM6s&u!P#0I2dY5p0#T{N)CB7HW^vXBQ7K>Qmv}eUimU))DpQ@?!c~vY1un!^l+_W zvbiqHe04D2vEgQC+2j54Db?}oYRrFRa(?9n^143*0!*J?evzi}em0V;W%0Oly!rTI z@VZ0pIRrLS7l4N#FK`b0&Y7WhphXCAlUm$w^e=F9y4gSXff3rdRy*y48vYcseRTC4 zb1c2qnFNVh{F3xN<+C(R^Q>p$4kSp?kS95Ni3P(6knh-Bo$kBo&G_{CCuU`ndyD!IaOoZ9N*FVAarf z^*19SpaSB-*Et#rl&lx?tHw9kBWXZSFBM#0AFdr1Du^LO!s22dia!>=8*yQ62S)S9B1GA3vh- z#bkm(_N-lPb0n$FOVM}55$ZvL9DpZ%fFYV{AsDflgTyfmtnhn)#_1FJu-r51r6#ZOqe+UTVWPngEz<3Mt zX~3rCDyyt)wna$?Y#ZgPn2{jvOkIq&5RhWtbCEV^$SEBw*IIaOCxw$Q9<$_k>S542 zInsBIA``WWsyRmzT*^8d1a(HPEjNcH?6*IhK6$y6B-gOI8|H1Z&)usgGU#L;5o&fG za>bTv3Z>YqD)pjbDqOYnOcmECa!9o^*{Y2Yp7Zd%^3R(O-D(m6$atA~p953Sb7jtQf~-A-(vR za68ljN4*F1!P@Br`$@g7HCkp>@r-sgC!}G2-IRvcXGcLoLf%ho{Jxqr&pBqKFZO1q zqX);Z_>FY<^UnCSzCGvd5gfdrX{=uC8F}H>Ve>xqaQF<(>A{p=PZ0wP)u+MwT zcO2KT$z^)K#{PF=&Rp4oi9zJ zH(TZZ9AGb}6PzRD=7mqSLK45laR(5pc^;0<+Y@MZpE&u7oHjC#VD=6x+7SgcH=-BF ziCx?dBC^)`tm}8H<&#C!cdm{#^j9i-x)!->^uHLU3lpWP92F~o*HL=aE_Ko}3o899 zJC7UMznbon(_~!=D|kp}OvITS@h7oZ^sAPjjxRU;=)@M-^q>w1s26TUvpwZBCmd}~ zf)H}V*f8sPa(mi++x;A;l`l#7>ogHRRFqlBahwxLuNWTzJkBwR7^@#x)4BAeHR~$% zQatA^o1;tfsh7|n+2~2JtZp?@54B$6sgKJR&2dvT;;6Y_9$&6nTs_{BtkBSdVnVr$ zzTG>Sc9klP)Q}|uChQ%|UtRBo+W?%{Bjzm6%mVry^QtSeB17J(!~L={+BX?vz^0l6 zgc38}Pd0Oh2(IU7ZT}`#r=`2i}Or4~i*ie6)Ja<-0L{)+ev1|Gp-i_w^bfqiX>0=Xe};PIzRC%sTIMY6#OK5an^C7Y9O)ze)DsG)2uPi2?#^Vj^~%${h_&}P(I+#9?-8F z@HT<`u0@t3+NVukApecGfMV}+DEGr_B|DSPyr%x<(vchlQHkHO+xWB>t{Q66_y?(rzhn~yRyxqMPaRYTzvued#Nj-84byT6QYd&SV(S6iS2E@6aUBiTq z_Qc%KSI^Fb`zy<=92Eh~*o&l1l#VBBU5>MMQm$G6`^JjdBl}h6vf8XWcG{RY;V#eY zl!roxWz42h?o-jc&BMjL6`QqGcX8YKojiZeC?r;IxU58@780yIPJ4dppYmtC^0(tM zS%35KJjApoF#?Hk{ifzOZh6iy+Xq;Mz?M6+A1F_$*$KET|DySL+Lj)+q(4_(-v+a; zWb$pggI#7EQKOFN&zHbU*aR3+Tf0MwBJdE7CbDL*X@ z)U~WaK4tbu(X!vUvlM}~O2>+c} z!OY^Ae2row+p(fK>oGtm(#sbg^7#HH0#NO6leQBikuI-&)NlFO3tWf&e3RDx3LyX=pS2Jl&C!0`?zLb%)$(|-zlQqkwRQB6tfTj#_T^`Qm9i(g zDjLI0WzoQ-D<^$&?a@(}8uI8sQWc~>HTzCl_UvzR+%hhq+%+&Sshq)JOl{?`-{mVp z7i-{de_?sK_e&-Ml~Mg49)M-(BwnOeFhE!foFcq}VV6et^OE<1pL*gZ8!;KGOPfL~ zq0|MAv2Ko@-k%)imz8yPS8Mk@qxlK`B8{_04F{UAZk9k5S7W24@N1c$2J0`eO;`RT zt-|1>*S8T0!DmsH-s3w_ zyYJ9e<%JgPCQmnVDCM9m4WuN;%dHEs7;{}I^o=zPxlpE;VE>ymPxz1T;|%#{PBUAZ zNW&~rqyEqId!8cJn;KJ3H%mb{De3cqF$)NV~wat4moVAaLvEtt*Jb zXl=9x9{c&I-#=gCejyS}(}*SlW5urV)0|_DSnXAEX8!JSr7UEaMYX-1415H{xSGiw z-&DEJFivvpDf)E_zlv-_2Zaardxo|heDlX}m84!2i3sdw5H?H1n8R~Y=!y(btiQ}mY=3z016 z+VIDzHt5x3Gd$7RJ>qW1_naHIlkT`!Pk5K`JOUQ3R=c~ljmjhadjT@-U~);c^;RJ{d=n10&YsJ=WF6tgAHeoCm!x|~#G#p_xtRIK`9C)j zW?qx@-B1aRfx{gi5t1ozv05dvZ@ePZOcL|d)}A`?(NU+3Syd<4B-Au+j~s(E_Sx@* zQj1Q1fI+(pOa6@yM)`*De17KsD3(=cf<7tPlgkXvsG8MzW~mpn&?(yzv>;V}_uBY7 zvdigqzx)WEFIf9-FK!Y2y$wbpuiCNA(NPAZ+g$l#a4qXzDX%p~zmD&#m+-#GPe=qM zr$_jQM_zuWu$?HN`j6jgdD5OFEbxHO8^$YM0df= z)UqLU1Us!WIF$af+w>_*WHVVNU-d3VEm_F)ADbd(T$MQEebjR?%9x)HLO_2qPA~+U zjRjU78sgfl=qdPS0LD zs!k64TJ+UH<`h@5*b&UWTY3buao2NQSXi3$e8vq{%>SyA=hlkR3L4{yMDur%R+V*; zR{KiDuDJ=B^c+ZXneLq+oAM{!(;qjPIMqRt`fRjhVF*K|AezgGS-(pAP?r>yT3|WnV1%-3 zGVeO%fZC@z?dQfotxjw>%6)5|5jId-Mq!e&+Z}5q{KUFpwUb>eMx@FQ*(89<_*&5` zMn>##?SH&2T>6CCIYC^r`(iJD;g$x7YrU}`uI+1`iOr?Bwf&zWid+I9yMq7J-C{zS zwo)_^C6~2NBSs59WD6HpxYsT`B+pE=Vw0n>a)!t7i)k?vFP`Qj!kgGP z{THGnH=1;`s%}TKdoZA0cG7^>>B04j}7OF9i57J|TrE0RCq6uReDP!w_HnNW%}^Rxxa z3Y+4bUe|9KV#7tY!kUr#nhCDYy#TxVegbqS&ze}?{q!(n~><-+H)&^HqXt{%R{id$c*S*V4uUL0riYd z@nS6~bn2&ijpXh0Hap9l*scqRw+Rp*=}<~rrMW-3U0kjcx8c9`v2O;_JzjST zk-k+p5{^Q9PM5f2ZGO0`R6Df$h(6mNx^f>jsx5_D;`$7~d9bHbAXkY z?-4;x==gU4SjoS~Chzi`1@cSYFWUA#RsMa`QDV8~i{Sol#_G|9%b!&_XEfBxbE;B6 zp%*x)l0T=0NE=qTvkSjr%F%@VtnWv;eVBM6$8R0na5WpKwQmn}NDAGDHD#^2`VpOx zd!-f1vTj{0KBy8CGz!!Sd;~&F>1?Xm>*sD%Q?q%u(jT)CI<#>8iY4AWs9D0)5I{Hn zz;@gDGV70zZj%`)#{)@JcO@K1FUa5KAAXZK;(6t!Ji%zKnOv2E@b!*?6z8!$e?_x) ztpcDi9ROw*J%fe7rs-FLl_NLKq^!g6mb@R_glpJap+#W3G2j$2&Zp8Qt(VgtvdGOa zVZ)?((aS18Ck6W(;z%0mgP%(6@`JOV<4x!b`0=YNn%xH` z3!asBbd~b2_7g^(PUVr`~jA35$Fk{?S*$2Ovpe zH^emXtga&CRS|h;5PiFY^1N^QuK}P8XRfcY!1c9bYqSAl-2XNSVm3M$oskIR zzGEf8T7XyorTzveD*|(Xu_9}WUWGm#u$d8}3>KcI&>S3rM?rHLNwWxX0da4D`PNH* z(Su@Vigx4JbjM!0p(o(I0fbl$X*Yc=d@gf8*}5UGu#{) zytG-*zuXAQGgzf0vm|_a6G4u{W*O3Z;}Ea+C|2I51B;3(%V}KfdrDqNrhF3h)=-XG zow~kzS%OiQi|e&GAo?o}KZc)I4ylmG5 zC@bR&5bQBe&lEG=aoQkbvr%jLENE;K5acx+Q{#}$Xs}xZt4EcGGD1F;VVQ z$<`GxBT1QB`MZoZ%bpo)xkvUXdbc$$o)upoWLsXla~5#7!A_=a@tUlB+w7C2iRJCe zZK-RAi(}$BG!9)Fb$gtA!@!c`RX8R~+fz;L*`BqK(}dL>o#yrh%=Z{vO^ewRZ;x6P zwY}lp8f)x!I+0d5s%@jVy^9_>dg7<(%LmT;_;D{S{|qG6?7Ay}H|IBx!e6J|X(m`J!&c$Fr|ZJyO-b-VROL(5MsQdl-oFG{QRzufF}=Na;Hm;zDY z5SNv-wG42uPR5r^nIRZ$*7=MR>(*W_prLir0x*2K+#rQie%o*C4d1Iu5;_;u5w_)c zwdJMHW7+ij{Be6nCTFcoCtMy$r`+3XD+|S)Y{YpCB<3EXo|!d=;}lN)Rgi*#Bw+W{ zQ57@S7S?%4NU4oZk=11Vt7D(C}s>|I64!p zwf7vDNh}1%nq&Q?O3Tof7}h^Udn9rKeR3o_daN1O02BWu*$kEgNb0G3PBGMM>Dy0L zKFbpGL26_uz8B8{@$`?kIzY3o3$*JG>J-+uL@$NOowcl2?x+)V1m{@=nIT^=KP6ti zQdZj&yeQQ3@s2m^p~u==N1h*b8YZk^iY9}S9U%+c*dF-$KUSxaUL*~G@iFg6T zd;PMe+CRITd~JRB%VWr_KMItQ&iZboir&`kCfD5Rk)0+2l7EZl6ZIfro=t^ zU)mL>v!p@z%-{r86YaHA1t}hgQN3snrM(oE_+hwyBZAYOzY02J5i9^FSvvCr98qwc zkGVgV^zhy@tD^wv$s{Z4djP-Mwq?|JJMWEejWTY%LoP3? zDej$hOREY%jPtM<_f{pXa9y!*~i+1u)Tk7qZ}( z#8r)IkFN<8a*OX{m(ztoN9@y?i9@NaiPeOY1n8VurI;fM2^PJllu@M?oz{&;zD?*L zOW*^cQfy#!`cTEsz%75u_Q&#bGGO8*EO*|F6>&Il)FV`FZ5`b4rt-SAyOgM+&bFIc z4Q-YYZywHTyc~+JfL?x!XjDHqGyU3hT@(9d50TLE>X$vl`(5WXoRgn|Hhd)^*>QtQ zkDvDS^Xe3oIPS3+C;Sh`WlkZUny=*^gMCwB-s@2qc?#(zUev;Nx2J7;iz!+)d2KD? z1?p!648FhUowu>0y_v25O;_59_M54_&n>i$)y+$t6*Do1zifYpLliBXK@;#HLM5jIE7)tO@hK{k-Kl;8xJd$zmK zvZ+@a3`*H`pW!0I%vZyQgj<8H(DbLl$oa?{>NRf(Y3R;eDwDknP|z5mGK*#hR?9aH z{%j3PL73@Q?3ttG&Q;9eS#eDsG;Y8o;3j=lwL52bvYXy|N@Qy6r=o>>7lVQhde@3c zOHzz-D>?nS{oc`K(@W!-n&_Zaml7qSY~|XZl1Gbe&EO5+&Z5twGmxo3;h;|^?fJkj z;9&gTD(3m0>>@UT^`TE%-&3z{2Kz+IeZ7Ep8MuLiq?-K};2T(t4BakNp$2{;|6>_} z&|A~!Z>J~>a=vt$$AQ!kZI8ni7a|^-0yn8{6Ge<$B%SKP_O%)xlKRb&``Q{BnB3%Nx%&>m9Tl2u_JU>sY3Q#iO$g2l`=;=x!%4^M-bT5_{9DDC= zp5JUeJe@melYwwa^7+5{pvRCYPrtK#s>dwiIHn<` z+CLL8G>yUuHAngA`F`nf0qZ8WjRPZ6>>d)cQNurF6C!e=hP>VBDm8Xd-sPw>FpVDc zyEjF&N$e+ZL8RtBBTFUG<3W^l^B(Fn$OewY-|H66yoxLcQx~!u zEsYO$(#RS%shPcLTJ2q--*YgeKS;oKQvNcl)NPjn8FVQ=i4I;M#9ubtVj2GyR!R_! z|A|c)#HEjc4hx+lma+V;Y|&2<rA&$)fVX{^WG`7?xbFd!c|9a zcpUPToW$KHy)A?MiKNBxL-REJ-v<2#u6I^Z@SZ=Ru9acqQ;(~G2WG#vmo6A{8d5cJ z*PdmZD0gi;2ODVF|H?CAtj(YID2#$8t7TQd!BehVuz!;*Hg|0CE!v?5zs(^*f$dT9 zeV#9a#|aRzRdJX<3nxihjly~RanJ9f3LSFiRLMHgrB{36mE;T4O3BCGWwCE7ItA38 zYwKBbt8CFF#VH{DkIZM?(EjOfr@$Z4ACP_ewVFsCgMGJR`!Qhc6QlR2xw<0iy&KD6 zVn5rXX=-bndUm!!796LeaZ#;W4kJ1~c_H!{6$0Oc|5j@l#vKY{mRiX@&v0r|Ku@(f zU7kF|P166m%!~<;J&?9~6qj`LzS%O5Y~0Q(=5uaYyuF>M!&IMF?$qs{q56J_@Xy=# z4?KNe8^0UG42qE&)%8}SwTr8F1~Rr)r-q-1Qeu3D2~?|A^WCW(_A&Xw))Dc%h)yzp zf-xJ^`k1}Z)Um&lTa}%$@sJFZp4s^vKJX}ebuO7%MB{#)ndZHhc;uyrd&sJR)04-U zSL?+$oR~H8A4uWv2Ak2uu;{Vnp-UZOvz?Xovb|xV?a{)qESf)}D0BzNghU4)=htsC zIqOq_MrL=f)5>CK!tt=FO5w~;@0v};9~AG58_YX~$Od++VmI!{et5*D-7kkGWZ+m- ztJxvaT-jOdW~&%x+m2)VW2sx`5mX`m`&)#A=%Lnq>CidR-W!D~yx9Tj4`H!HPm$}_Gw<5s!l&+ zsZ$%{RM59We_Xd@g(T(RV&4_*JOS9QEI(?R8x_vnzZmW_r?nMo?)^dgtB(C7Ctg{m z;OZG?MYLZ2vxZlVQUc#|G;_CBM8+W|6p#asc^bLW0DE2ddEfD#S2||g!}!aso55+C zq>yQM!rcyvrD~ebJ9XZE(}S2JFFk&5Au4U51e|3{5C5-ol;2^3$ZE)WPW?wO+A^q< zlfw1o{+;LafMkyB=82fg^OEK{w>MBNU!lF%_pO>9hs%Vywo^s@(3 zC6;EK2j%UA@_=g5brNwcpXcIQZME7->{cX)xW(j(rg+@hiwSylPO>*jN0Ema0b4iY|m)+GLr)e%B^12I70{HM5gb$36=iVZr?ZE_q<}y!Ny3 z{T88t1GcB(UW3gz6>Pxof(-@NL5qrBo0xts0zUKnEs11Oh^k}ygD@XHoA^GwU6|=$ zf@USYNxj@c`A69q3T<|mv*L`S0pk<;XLC$Gj4sV3G*QK6bYHx6xhx=fR5o=@6{gey zHwr90lNZ*Hk8&;Zl#l;Bf{O_wsgBw37BC7SKJnkmIgjtqUVrFRx#Nj|OT7KHAgfSj zVnKc*qNYunt4M1#xD6IO-LLmy{PSbCMmlfvhGA|<+W|46miYq zi%d7ctReY_lJ1)`POD%PXXjp&{K-*%e$rP)ph=(-uySEA{zu7;1cl%hRdv?KMG~Tc zpP%ENBr-j+OyYWATm)kDx-cYEQ(6b*0TZxwEEF3M`;=uz$qWNvB2a(kmGHg+H(yF0 z^sjxAo!};>oGO%%h;ZG_yzvXqB<9vrB;noLmpohF>*iOTt>@hzzt;#{J&FykTVqh) zIHq3hfZJ`G;~FcMQTO~F=$-p5`M!7P@ah~{af(p$KuLvp1VxVFY)#sDJ$#DN80aWt z@M73n8D<;r2GM*m^{eDii8cJ$ZMNwkWXJ2PZZXQY0v^97hAc*ai`U@j;s)-EPi4>R z&+w_WaG=h%U%32}+7bHM%B*(9UP4MnvvO8=Bi4;{Ik`vA8>2Qj>lHZTA^)mb@F(rR zcX)`V{F};Sgv?a=lA&(ld`sXvwLDv^`#!Q+KOkS#z}^L10T-uPK){QC=rH_@X;;g0 zx!;{3;hiGjMcA0EkW&%kHoGUy6J_|*8sAwn1`IZWz>$4W5ECEqq8;i^s17p>htm`dzPJ=`P%e)HcC z=bt|YlAR+1Hf>aqY)(y9%-3INB6sDSE;tTRKuYXeV&5Ob?-22SjVu;xTu)y?QDV08`#NQmnp`}=yF`!B!KKi{$CJg|ke_mYh_X5=}D zb~1k+*a=aV0ociZ+w^~$y9!a3;qK1r(sz~LWf`bnfV+wj{I1t5x&DSK#6QrHk4erX z5Xw}`lQ8idkeB6Vy&SJ9%;UMtpV1y0>(b&+zNJP35rC&7?=yhiR#K|}jraP;Kj}IL zHZInK7Jyr?WGeqh@sPjn*JXg2E_x6>FGz8^$fLX5;QzTd|2i8cY~TfjB2{64@Ty_U z_5LsR`yW3(ZUbA#9xm!A4fKDMum62wt}Kz5`=tU*V*0Re`}b8R9)QOM1zv-{0%9SG z3A?xc0#f~tA1^b4-7b3*Zp{sh*5vigzr8S5iM(9nu|URKMl_af*Z=nS_+r6M+|B@i zP5Cbtf7J>5&jc+& ztBFjb^VyeXfd2er>aTw_sQgjrAgUoH1*M4J`@e zSFBm%e_n~dyvY|LvD)@VwhplDf^XXA{{6rGml^-h^A-3Wh{7vecl{m=R6|l8{AH}{ zfB9ZGQ8na)1?b3L{WbZQ2IPM{4yQCzfwj+^i{qIxbg}{L~S-3u~1FpM{ zuTTH>!rUf`hO`xs3IpQ!(EEpf`+KHD;<&sxBXBdn4gR&W@;}${U+aBN8a(d$^Is{z zQ8bvo;{AU+>VGa)8Bv9Zv9n+TST=_c?cbMuF(zKVvP`u%Ng#oD!vBlV(Z62tA18#B zjkxjilU)~2b2dKyuebBRZRc&pPv8RXo~lIgfCIcm{r_d(UDv?N@^x5+4yu?32Wa|4 zrd9oI7Zoi+RsdY$HrU7ib%}p6nVy9?4dL%U-pt?DF5fE6#(_xA70w zS}3oSUJx+8__x1DFApxKtAnySU^r712TkbRH&p*0SNGkT-$OPa0r-2!miCy0Q+P8r zVtOw~{4;|EU2H?0%6SoqY^APqon^NDZj;q3pV;eaom9IM1QpvnPsDsQ{IttN7TqY8 zdhcs0tWb%hpQl%R?2jBgFpIk(NP6J35=}9{k(A~3vul{pz0Wey(E2ZG zbED1*tG7HC+nhtYs_5beUg8-C1~$IoGr3+h_7CV(KR0mZ@@#(YFYrG`9sXN&$=nNZp;_8=9paep-^76~e4{wIx!6Ukb~ zw`%o{0pb0E*=XyG4B43og2qHE0Fc!A4ev!QZFI}5{-ky z*@o=Cn9z$^D0eY2oS6C+LU@j|E;U98hQA3uzn^BcIjvpuj7iQK@9Uq5H4QwUVu|0| zrFHVUx_O4OSJ2yDp$pYe>vUxmXW1A%njBq5wu4iK-M#ZIU9?8SkAA%H$&A~B5pS2{ zX75~7fafx9uH+M51NFW&*sYkwC57LqGlO9IHMUvioswV=os;a{T}@Ius%By2X1g>u zM>iWcC%dcvx4%%S|L`)87r{xmCH(q48DBk-`%T}oHJinD=kt@WXWvcFYhwu5-^T2u z9%`nDi&Q9PTX!rPZ?hK!r$4Py7TZ(A4kq+2vLMg)sR7Va{ftwSh7{)xT?50VMFiV#)_x?BE1~zmDU_70-77y$cJLyS!XUv2O2yGO9TaCGJo5P4^RRT&=waFjYmI<+Ur7H9r=a-Rg^`^R!uw+xC zSXF)|cbaJ&wc1L~?6cyX>|H#sQ{0x;T20;k2yo#oAO5E(F!~`VbeQ#Rw;9}wW(MJ= zqy({UAOi@4*%I#SXGYdy%TH6+Y>2bMynJ52lRix?!FE^!ySqEUJx{;DsDWLPJnSYf zCb@GM@xxJ{rY>LpjJvHl;5`}aMO9*O?@&18CXBt`Cf+5AZ7jf@9_ArfVzcnF;;Y%w zmxFcFi4p&e`l^xNAk^7Gyq|Di-PC2iPLnI0DCZqjwnm1^{Ky*IU*fauVR7?~Gi-Vq zO4o-$=_v(Mzqw(Bv6MZh%_MlUJO0klvK>Q`&-Zi@w`(-T4Se+ek5o?=J;x3wE1tx3 z&f<gU$XcA03%@#kub+x91zrT| zS3T}miFLP!8R1}NAGTq9d7njUCu~J9)vdR-&c8d&PzVt!EvCmYJ}7yT^_nbcizjZhn=eF$~2gC5s+F4F8y=T@<$7~JFirkPI=cgppy7`@^dB%?t zBarw@ECY#FVM3vhGx$6?=k8=S-IP>OBWO5f+7_Z1T`6ae*eL$g8MCY~@=zK+n9yCi z%86khuSPtx)_TOoWb;~;=7)&ahw!Aj9+Mm}d}>2T~>PQhPU{^U6Sc%oP$y z>z+E|p54xdso4GD71nPj4|se6pMm;8ogCh`>gl0xT^sXnkiz=S&wO(%A1wxg@)Y}D z^kJV+entDsoDtdmSn0pwK^xV}3Zzj>%hmo=I#8q8U&-v>+TqtX>u_lDPouG2Mqule znSFDVTXORH;c=L0ce3yoc3;$ANZy3mHwaa|N(w$j0!nc!3U{OeHzY|OULJa&84{Vk zw8GxmJiT2~{W$Q5I2J3{HhBa+tV)Fg<#aIdbPDi5-jJ>i9|sj6b16!6s$};zP&Ox5 zY#@a?OEWI8byNMMfbnjxWsyzlSH#-j2B@>nb4byXLdJV&qUT;1&}#JJ&EWnt>@fQs zZGXeu2tJvuo-PZ9=LXcQPANJ~N8Ki%7Rn&D2BE&{wU=i-V2bzBtg+fcE=#!W!_KZL zENqh&**5GRIMIub<3d<5JdPS*XyU{iVR^yf7- zLKIb#jOS!mL3MMP+1KeiNlgzbX&~YmVp2jClv=5ml$>t-kya$jJeJm^l9*B1!%SPa zi-4{{b@{WxSaws4j(U|(HT+hE%9z4sOoqqpjx1N7@-W-Ua`ui|BZr1LZeSSiuZOgJ zU~6$+`XZ8e<2=dm16~^lz0-uWSxl@FTl_x9rdGDUy8Ot;-peN>>gWaFb93Z})Jit2 z%VXbsvoSg5(d~w*b&s+)KU9W!W(v+Wq1!gIA@I?4g+ceFkpnj9^ZfXrN)q%GxA(Jm zLQ_?rA>S3(nYU-4%~U>x7cAqbRSHM_!zK@^C(tV(*t)%JJNP7n-RzFwQ4H4EXJ zsXPty8yGwpZmRt@Bsq z(H=I8B6K)~X^`GK-<;e1>s|ulSTK*^ARPu>@v-hsPm)F6rmg^Ynzu_Qn(z!RmtRFN z%Fw0RqNdi_lS*veRK-?|yo$nU`Zwq86^C{5JC8;l@4d<%Jif3@55oiB?+v;Br-~ly z2??&sPa}aF-(g=Mv(5Re{RP0Wxd}HoEpb>Kx4hn@%Zh8d!5MUc#w9<5|C7Ia{X&UQ zxzkdn+ujQ)`denb3Fj?Tm!F&pRJzyV%ubyl;6@*KouUDcK1IJb{2Vc%u%Z#&gl%L8 zV`j^+QOpt?D1){8ad%!+VXHXjPv^yI=GdVdf`qhl104ynEj@;}MX*39vojrb>+%a? zP@zu@D$EW$N`5=ON#J+bY4p4I$Y-&j81J2`|JuB{WruYy^?@>KuW3llnx@zVO^hlq zc@CCxqsrf31*vhtTi^2R$=p*UaaHabp>vLHjJSqf*iofZk)>eS zuR&p2%I6VjRXvn7BAm9U%Fp6M8)*Ud7aHvc8VVcpXhTPrnv$AT>Z1-tjPRhn6Pt)F zo^#v1Zq2A4a(tV5`Jg^z>{LwfkpT;0jFRP1?}1_Swm(5jr};QNeFovm#K_@oynpM} zULu@R(LzLm1!WKC8Se=?S;z{GK?~4~EfZ+>d4~=xH{tf~u;9sP7zL=QqZa$<8<~&YS%`39er8!rk89M$qF|Tq06*abupY@rWaapCUmhC~ zPQa{~B}$<*80u8ykw^43uB0t&GjSGgXQqdO-;q@rYW}x5(p;Z|id$2M@6Q`{bHbbE zc(R|sI>Hja;mC^h5^^qqYAA;kqZ}&_NwNgt^B_BS%S)*C6QHD3gdvAiaK4&3rI=9K zw8CaY)3KCm$N;i~^GK_%rw7)pUSev9)5Rvx4$EjcQi&;hzO45pHSag~><0pZm-e@;g+_HAu$!sL-G9q zoV_MInm^@yYa3(ha@5YFO1`NIX}@cN$}kkFwxLq^CL;kVjSkSX?p?2ZiEA)Oq-x;r zltifMh6FdtrbNGb6yFd_Q#$e>BG`Jw+E=NjDB`UPf+5Vi@}K#J73OWYM~?=E;!3%W z4OBzlisQER=%z7Mit`R?OZf@%po2m=r}F%;XDY=}J0)6bzR0 zEz^HzdAw6{Z)Enx96Gz~oVF`tnfBL#R|_cAwe}dY;*ssXw4((tPp_f2Ytxr@zY;1Q z7aUxV`XiA&MKXNec4oh3$8TF7;kfWM@dKpv!o&njmshy5epID?HE(^X`%=`IRPGfsIL$sf5?pZe)kYSVJ<%lqMdb2VU2C1WL;(!~4) z%(Jf925!5<&lq7jeDzhcadw(!N%$B{SCOYN$6(0UMfPMDDSB|Ql3PAsGpn2^>o4!O zo$L5vz9YvhEKhBq_#Fs%ttfu#$y;!Dphl5f zhMqP&Mqd_JBZs3?)0h1A1>jttH=nTd7>^=4D_8ktq|_}(?PJs3@EBpmIsOZiHHry5 ziS+#DlXD@=4Tj|@yz9Hi@aB^{&8dU;4_`f%3IU+n`DK2Y(!3{ovjlA`&i81~PVUcx z5oaj;V-G0&1SEz{<0#fAgiylBSpGpS6FMoMZ#!rcXcP~hG2ihEgnqG6n-x;uJ06I< zuz}_}{iSLYFMt@lH94u zx%%K>8;f#6agJiZadaWfzBgQyR`>m4rK7)EBD*xY!Pl28^{q(w-Zc)}E4FnW;oeJe znM<*#ow=O2ac?o4A5I7^3#N(@$*_@ zJz7ulQpO(iT6dXG%|~nsq#G-($ht{k`uvDIEsNL^xC|^d4_~I&1a-8h9m9r4FPUnCG6Dl7>}YKk;Nb=LU_9KMKp5y_ zv$9};YTkudB%k(vyZ$%+%T^D%D+(A`z!Ib zoBPnYsNtbovbVD3kUIRJQiqQO%y>cu_h)3zZ%%>wOtt3N*3!Vu^*+Iejy+gDyJ1=P z!wsYknfQyUP;IZxVHSvOnX#Y+8!t*#njvZJb)8E89nSu310;qlcPC|ZJBB@sANNZO zuub>1%i{Ygr{ypPDhT-4>`kC3hv?iE!ftC0;^Xf8R!Fm2DJG7QRL2VE@7Ct$RTk^_ zc-kO>i+8_};TkXfaLuJz6?oRr;ZpZ)P>)w-S5%*%h2p8fe>BNrb+}b0Cyae$gq5)n zOeg1cDZ)?+YF1rHwur2;at}H|ky}T*@7|f+?n`!`nQ5MRV0;^F<-zmJUUOPLTS-TTN=cSPC*I$Jz zaz`tgcpnM2?9NjR23I7B4VnPKoA0fi7`(87zs%Q&)O&|P#r}vx=<-Na@95_&=vfxO zHve+p*)KkmhdsT6XJO$|o7=oOa)an6iK8)?X$g)RwA1UZRV5&f&_(7^@>B1_MyT=T zGm0ZT7D9jW>mEHor)iYv$p>Ftqub*V-*wSS7W9rx_uu#tm7`Jk(ZACjlA~G7~(N&FT7zBGQ4Hj zO=`CpkH;cL)!93QJK5~SdY)1jjFeoPuCZaEamsroi^8?ij=}!N&sLuU^X}P!dw4IIh^u>Hn~EHCls|fSI>Miz zO+N;VH@yp4YP)1u+c~;^GWBFnXs6(LJEIC+V7)Bnj-3%g@izQ?g-2@5$OpG>H^gcJ zr^cvbqT6boGBQ_RJa-&&T%lXyJ4u%}%G&>aC6(;`={p0uclCphEwyO4W)^MRrHpd* zT^b#y&p3q|cC{tXdhSwbTP4P7rEqAWmoX_yorI&!s{16Y3}mD0YN`JBh9U)|8s;J$ zi>ANaGRigngqYpYj2i8Eqw|DEW1HMqfR%4+mHc$pBg&W^{y8?gU+1)84_l*(3{%XJ zaOC?<>B-OcIj{8VZAFQnG{JR}HdhuCOP;@(1yL-6-orkC6 ze=H}LNK7APV*U54roUvFGv|A9YOg+mWlYS~L+@vhhV;GBoAnK5Y#6n(yvGZp?Uq<; z=79+byLXt2dC5kZI|UoI^!T5=#Iku#e3?%!9K7tCU`eb8Pw)OH%r|v*f6+dL+dUX) zlsm6oCvfqPMj~spKp-KR;J-1m%bsixePp?gD)LT=|FjXl+&P>rw=^-06(0XI@l7>b zjxvtVOzi~Ikt{q`By6M!5PdbV&-B&1jd2+gTfMwZgwCO*s>2S8%!88{B>-Q}wH$8S zYNu-Q-!B}kk|50RJDK&GHwkz8ttEE)qBqwgM=^Sq90r(~I?fKdBo<0W))kG5`erEo z)1+YDFZ9$P&FpN}wGS%_(8LSWajd1j_)7;KU-J0?D`0bi4e0Q=;z;ut7FmFd?i+gH zz1Qv%t>gwCzciBtCULkuky({^brtyoea%ucHO54u97xE>skrJh6m*k66E7J;W^w5j z3B|9LCM`s3<3EEN$JI$P@gt|!1SDtV`^OrT_aJ8Lr!=fF`^$Ol)#sG*nCY4qI~C7^ zE?7)|uWdr+EewdkLywj6wl#|&GD7x8auX%`7WwN`f-HhgrHfrL?M#V%AVuvSvzR{j zMUHq(aV%Zg7VbZaL0fU?pp4%>K5)vMmlFAb55HP^ z*yiGpufJp!mKO`jnWJ<7#{D{Z*!bjFvb!blX` zZB8wcQ|k;t1*X!VmU|H^L`f@Db;Rn-gW|P^=+_r%B1if?8uOZ`xMVIX74;mIy~#(V zR)j6Z@lz~rZ6rGkF&flY3{P&2QLdcnTadaHJM@lFK7gl_GFXJ9AA&Ycp_>_qU^TRY z(X2+|BoG~LC9H#;j>LMP`O2e^*!kUjzM-TI(HPv2o<7ILnSMYQfoLzj0Tf~ z{Es*fi-&t`7-%Uc8pfN<8z*KUT^EEh`FTdX$6oPBz|oHD*;*N#R6mGZU~`R#M69T!ui}NX}`gHKpdQ|`1x*}hM8weL+$*0_XAj^FRt$xc%A`6Px z+wR|h3PTLTTQ6L?fxUZ|H*Pa-HLv$^e($q%i*G}xt99Zp*=!SkO}KEq;<4iT>L<{! zkgFHRsfD)GLJHOn*22_EjZTXVW)?vdS9o~q0{4Wy8#xm7Vz=;`Vz00Ifqa%kH1!$l z0I^Wo0?P8WLn>bbG2`81n1;jrQtg0v+MlY~W$!I8# zGU@4XXOk7Dor>B-kb6{4L!aw_lVagrA0g7H(_>XfLTZKXQJ!L&n5N3xU>HRBgQi`> z+$oF@uRqW!E^-N(y^hfMN+_LZLUL%G&_uYr6*dz5UKY00rqC+=a8n_Q(t{L&(^q{W z;B%$em1!@I^2(Y3Ve{(o3Q|Ex*PZ2~zdQ3~4Diis$_P|+79?iGTFt5o?7PeKuBe}} z@F>WPS3O_AG=x_h?>u!?EkvnLSV;|+++{vpRDJB{Sajb?>rHE$b^RNM$30Sy7J&rH zh2kF~P|xCCVai1-cl*LBef*`#HLqzUI+v-SJR!<=BKnkh)$jo?wnn-1rIBr@zMi!v zd%l&CGH2x(L`a%v0~|=kr|+%_R!+_^f>(@wM_{VTzDuY@Q<4NjoqkYiA7~{xO)#yE zd+RIvO_C{4l&k#dI5qdbjb+A||M2Mpgt`VUUqU^dHF zw{B^fal^6PADn?bdLvLHG9cb9ABlGh?P*Syl;F3Osdx-Dt63ljCmL|J`>JX|KQ(2xYMEI%w2ncwlt=4qC1fmS3OB7cAO=xDhvE*&~dgTPQJxKrHzVpYPZmv^I*>1f_|FB#w z*-P3%Uglm1o3S3}ton9#;NPqN;@=yd+_vb|iI|h87Ox-EP(N4WHTtoT|Cuz+luorJ z2e0^S_bdHpa8Nob_&JuJ-6;=86D*L^?LINn-+Z#xXI<(C^6h#S2Z3P4DCTE^e~m&f zr$c4CS6XHSeTH%Uc$ruS6`9JZ-)Uef0loY0#okMJ@Adq6nAtmI%r;~HbBC2PUH!>s zGnQvtj4&V2oEq}3)N`A*Zfh-dqgc4AUL|8=-vb(E^;qZK$drky=l$f#Ulk(F=@F4s9^ z9ohr0g~LK163G)6?{h=NLP z*y8S{iFSK3H?WVHs}rZ0Q&;*{d2q` zru5_-=nYS=SIm?~`FFiUa5PpRZE>&Wi}maT(sKF>4RYJ*MT~Os`T81r_${p(ycpAp z9nQd@H8`*#e#68S^fC^mRs|M215Oo-X2f7M)M30ul%;n3D;l~W{uyx1#VyXDwY;b# ziswAe6yIu;J9Zc1CoiTYf;o~)u2-RKp$D$#Rr{j?;t7+>5`W5$KhO-71Wv$b?@d?R zB{ol##8Kw8#f`2_6q<3Uiu2~DyQT1R{IDqo(oa3$c7`eC-sB_*{WI@%b0PTo=E&~0 ztj%F}k6Zjc6!R;etnt_AGWlX%t`xNEuq$%D60{$CtdPjF3aKBl68JX)RcJ^Hm`!UM zejY+8(2T`lrdRCekE}J9n(&(+DU_?ea&?#jYzFtlha zu37_b!2K3>W?+phM!*)9wZ2pN9C6NPVOMLh{E#kW#?)feZcAX)w_M19hU2bLZfns? z{VRFnn9pu9-%8&oA~s*rh+w{u5dc8U$WbWdF$s}65>2Fjl%);G(zKgC@*+D57E z8RcF!Tg|*Grq!g|)LpW5Reg2!ruwTA>q(OPdn;upQeDNlgm0dFUM)RkleKo4T>Hm{ zfW}*aa(6f*f^oz8jy9SP+?d?hD65wXQNl~3Z`90`s3TtcCfCc zOv-i3@E|KLSrh7~?B(Vg@41C}D+odl%T3i4aZz~kL!%{(mrxZ)JP4sG`u<$Ep_hJ) z7+>FA76a)Z=f0i(370c%%zNf#eM%1+I-*0=~|s0 z9xz^-MQVHI0rtcrOM1ICr_+$)KfPmD`{qa_YeO`ZWioTs{zf_ z@3PNn1R}LAjeB#{iOTE}&KCU(p3j}dLct`-^q)p@O)^XrNjYqeKPZvopBu3J&Zbs<R5eQ` zv|gQQnaKN^Yd4(D6}1vhMP|_tkU<`N&P@I@CZJK9>C2Cqpov;4<82fr}UXx4!f1bGEbg zC%?Yg;X<3N@lNxW_w^p_&#qK@#Y5gZaTrE09mjm+(BxYqm4DWv;BMa@+-&wUI?A-| znc=uCfvIUH){EFsixqY-B^a(YGo#r6XE9(U^xPoLX0YkGzSNqR%--`J!frZ(t7vcg z#C14gN~55UF;3r!Lpp)izdHQ-i7|A25kgCw(qfN0I59uv+;Rj@$IqAi*O2oho;Y*qu%T=oGni0n;p>Dx*gIPk4R7C1`yv z2`#!|AwXc2Z!!|eI?|FZ+pIr>R@35h!Bv!8z+WD-0!1Qc!+j;r}mQm1y?M=c?d>hs=mgnRSvS#>AzW+`# zh`y?_U+Rl{y>t0hV&wYcr)nXgPfKV>yHn%B;m=<~OO}mjbhHfKrsy{}#+BL1^@hV2 z{$_GE?pbUZDu|SH_r`W*+~@HgCIT|+WZmC=9?oa9<>2PBo<}3ouHLG%PDo|j_MbMn z+XzV9R@$&6u~cCr8V)7?laQ*d89Av*v!kLPT>2II_WrLE(w7aHdMAIA#Jgsg`P z)1apI@K4Nn@tp%TKQTopR>xve$S^wFty5fz?=>)?SzT4GG5#l{Zy3Ty6DF`{#i*tJ zjJ9RHNpd{Pa(k*jvD$rhmEF}Ed9fY^zoQ&OhuAG09nl3k6tM*X@y-v|HG8f8nh4>2%5^mcBTVX4~q8DFfFMfL6HSe#pY;-c5<})qlI%_0q7- zyPc#y9bh5^auF4^>%Ul@o3~i6Z@wETjl&v#31Y1O1w^uafpas!+3;|2^Ul&AlIBzl zqM<6H_5rII8*K_f>D`;_cPk*>MVUM?bPjMHB$9I>5_jn~KM+x8qTB#2t+x9$NztJ- zFm$CZ^L{hd3_w)eDw*FgE9!8^8pXQn>%{-~h4U}Xeu}z_K1eqvcxxa?BoNXfnSb$tp`>SpDwQ=&f8K3zeGwq#ehdr!HgC)fB-%(lSV zbCyUC|KlY*LbjcJR~O_j>l)lLZi@sh=RAW~p z>!a)b?b+GlBb?pjmSOHfTsmq^f1xwtqe(|3fxFe;56$LSPHfQPFMO|yt-j)XTlO(2 ztl z=dc842)QN50xh)4^ZP@j*BWwRX=ikM^3{3mpsTNmxQJ(K?5f%WY+?CIi*a(f60L`_<$Y-R$vUQ_js>SkxA*@Xmq@Wnt?%j7cA%erPEcybeTq#CQ0$ z)U1XTXo`pR5q!hKQyO*T5Zp<*kXki1hg55hR1y7q*7p>#6b=Z)8&47T=US;MNY}Mp z<*4OY{pRMI3?y zJonCCVyZ&653O>h%Wn;|-?^bFxWppRm~|_?%;bYlHG|fPxX3ej;T->oOS>k+5Cg&I zb+`3E{OC>{`sd_A7As{k%B5xop|9fYY2QOC!X@Dx-fxY{YUR>h^H*HAqSlvI zpEUWi=d2GyO@THHkEgR);%wh;^^ZY2z7ewP>C65%L?s(>1;POZ$gy|*gAet0mf{8@rGIV9s` zzPEd8q!&KvS<(cpbHQx6bnOO--9(=*B0a0r0bOeDf^+&MrrOsVIHkpIImFgyvRt}x z2Na8K-9rOCCOA={!z14*(o~uBGv?u1=lELj!l4K*0ge7%D7!kb?kgc6rpiU zOk%9m4dIQVteNay(JJD=;{2ztNp~?k!0Y;=<6<(y%N7jR4`PALg;k4qOyqBJplD*e znPwHsty>*{q8DF$y^5SgQkulv3X*yEt#w(qdV{VGzMJiKKm_Xzh$(f_5jd> zlZnFxu(yfViV3(@=u_Ona`Yc~N;90;4DmL}NunP2(DtuO$&cY9$`obZ$y*6x)}R1< zb!Rd5Fs&OX!=P?kb-kXaP*$5&9n_%Y667~jksA@v&O$Yba8I1()OVm#H|t@XaI9Wx zICNjiTcAqnF{@8gr|C{c5;PHXqX9@yGm8Be1~{T%F5kh=!dBx8A}Ye5fT z%6KKje}9NRb86i^Pc+s4n{Dp^=}7IiDI&?=-JuZHo1CYa&WsTgW_`SDH968YobkH>^*$HNek9tR0=SspPe`u6lsHQULeMy5J z0magFg-pRrUxHStzGJ6rZAs|NXwF-_!C4b}qD`)$$}CABtBrE6uau6w)^4y)^|bfH zqNULbTP$~smU!E||AZ?y;e3E1%gYdKy>EBs!eSzol!vfoN8w|m7N^D=$_9;-IYvj+&BNEXI-Ynt_+JpY*eIdz$ah`XcSNez4iy5{-;} z;T8kB7ib>m1xjSs=!+`FvIgOguuSfzv`0GS7EGB*^?;6X;c9kcq$k7UYUTonNFShb~6_;0YLi;IWjH&N~zOr z51CVeeZNx|5{T4=syu+f(lpOoeYy=n)C81pE$*AUesi}vI#R2ze!3W3lD_D6I(x+L_U%#^E6Xl)hka<9~x zVVi1wvjQXO0*oE{&Epi8U%sCx1fvN1fMV0Lpv6Ma3PNA*0rj1{A0+*+CK$;qZJ~7y zX3+Yai5*dTQ>f)GPJ_j18F_hYS`KRP{@Y|2l*^_1f@bKDR>^lfd@HTN9N`uKm}8*o<5 zy;ZH-QonL-FY?lL6_5`w6NKmJ0D;Obbk|x_s1eJN(j!yT_^?-ng65IFL%qH2o8tAa zd4dXEj5wr9S&8GUWrqk1;K|`12UA3s_r;PfLu;-kSEx{)Mf#Y$^=0JJ{?R8qtj1xqCqy?ldg5P!C2W>>Y!*a z$Efu?;hbT<7(5nfJ_|?Ms39O@KaDokD-`cjv!0)bFcjaD z$&}+ZOtap=O$8*A_m7P3XiwOqIYXju#H$5ucL9_|+^o>XM+n^SwU)PLy4uL`X3Fa1 zGwt5Bs?q_nhvg|N?}8m}`KtVoOI_F*+iF$cdeHF^7H&H>3o zT5dET+R9<3mY*>v^vrW*u$;TvNZ-ZpoE(68gf615`tEayUe(ZHdU~G5m`E2tY zJAiDYYg7(E!k4cREyMs~Mp`U6PwHs;{;jQJ0yp7LAtNoR>R-`041khl9!5Wa0^C-#j3wj{Pf9?k^Lnprf{56^S z!TODsC+&b+tLrIcIQEC&nbnY{wWaPmIU8h2oGj(K;tT4nOZkG9V#gQhI2d&J4;h`y>Ve03sqNnAqY1ZeoMV_m_4Ff{&Qc}46oDH< z-sg<&`Nk8G^LBMAf|lhpENv+a8(ed;k+=3@;6~@5mWSd)x<55hez*QWl0zza!U>*b z5)6*C6c)-)PY`y@qjm{r#sj?ZlmgA!OE*69nJE&1!0DgldW~;JKl;4^clH0U_nuKv zZC%>v5kUzCf`EwRoRz3#5JAbY$Vnt;iA9v0gF=DC0kwM&r?9# zGf+d>pD4E+px)JG{1XWpBI-X$&=4GKn73NMVKY0m*lOGHo{nZr64vo<+JHtoZ`WasjG+*Wtvqa@moo-w#cBdFV(BiOY zcyi`8qfCi><8E+WN7KlK|G#*l|MW+{|0^ItjTUG^d+mzr)(a3+bw8pG=;gRP^|^T& zI^71Y=J=gOi}nk?-E_T*@ZD22KfOAEAL2C*dTRV8Zt@33bjzk#|Ffun5l z=eK~&Y9_1z_qFWriM#A&;tt$v@^2(t6h_~HD@;=x*J+M@zbH@C9mXeeq-vuwz^VLA zSsy5r{n*gA?snbz7ZfTjcs#(V)qM@cf5xo#*GyvZ-9S+v=7)u+1Ka$fiOrjHd9qvg z@)*P@K*5gBPxjZ8GrV;zU#(}mesqtltGTXzmBNRru_n-{*?B+#&LS~gN-T=Yd#biL z0ZyQK8^$XVui>T-0*kNwbEKy=rQVEgm%O06)!1@Ms(EoX*{wc@Pa-toAw8nB_rn2>+{l|Maw@c}TH zV6~eL;cvCF@XY@76avSztnIZoR8$Z0lrIIEP+XJYJ#ifOAM6VD^zmVo@ zBoW5OWvU8Bdzan_y3PHzJf`@d&mXj9T~(i;yj=My0s6RpCPRFnzkf6C5aWFli;(rs zHEdA(oQ^6NZV~=xSvp+F->?YZ{)SEa+qJ*`XB7qTWBbs0>u0z{sl0SIuKr8lD^!5M z;qFLE+@eV$aiwQ}%W%opWglh;LOmX zj0<6>tQU;Xkbert=+xAD;n|dAD2wKR85QgG{NAOLN=0D ze@{c+0V`$G*$~iDNHsUY|F=ZFL;JRc{qBoO4gxIr#PcMtza=l#hk$lPeksq=1JpY> zM*7OYC7Fd60QEbW08WI!OY{-o>9YMX>-WlSMI@dF6XerXDf5Cwy*kEK$w+=Iw1j%M zb_YSQC5SH)13h4=lfoV??HCtFAMt`ALYgP`8bVp)J~8vcsF3?n)gPj^)9EXu0dV3Y z{F~q;pD9@o3HQs;T~Kbi&^m0>pB1RPNu_H7>+g@C=K$;{*LvzXpdKP)RaZt@$z^)g z$oWD<^M@as-pBKkyO@YvsR-B(%scq-e;1 zaEn|KQ*6L=S$^?f*?J{k60@2+L*8~`!67%ee}atP5P8fjK>6#*Ve_phVKJ6)V0aTV z4q*&{!+fipaAh@5WDHOz*Ty^Pp;2)%}5E*_xj2JC+qavAYlncry@5ELz8J42|6foarg{>{)svYYrPCp}!9 zOs9`+o?VO)n1*w~W!Uz&){S|PLIwn5FH22m)AD-3Sf;Ln9FQ(iNPeSjWVDGwrDJv_ z=n_NLPNLGoDpIrr+@5N@?2-rK1`wyr)g!wAByM7TSK&PzkV|TNmQmcodUtS( z&4CjPbY*Ni|<-3?}WMv zyRVJ)**8seWLVfyS=0Wzud81h%4wjiK?|2uR8%myIo9ms1dQ4}n|jlZTcl?pbLYzA zr;WdR4Xo|8vZ!r<0N2-@rDOVkDKJh-!Ujz$xE#Yy$TWriUP|y=fG!Jd0K`@F{FL(tKx*c(xVTu- zE0?&!5?tYA=>Kk4^%APME!pvO0jNSnhP=4Ccz}4>^*+{f5}m#ex`xZoRINtG#w_mX zMOJ!>*zA!xG7ej-d+CZ7G$uNX3$q(K+i>*5ch#+%Yd~g&1o(*57S0uKEw>m-k&8~k z=IQsoSUvqu{3sJ<#`k=yj{3bY6#hZX8l1J5+qOo%fyc8?$Ne)gv4>|utUdb&bbrL* z|1xH`qE+P&&{}V07kt=bl0qh00LH^jRPje8gyS;y%FEoiZRncqV<5W>%EKd?KZ6Z7 zVT0VwosWKTRu^YD>x6cB$EWg;f zkP3(8z5SQN_&rAtcp4=+gbf<;&(O`Y$6<<(e6I1?I*^5e$=1f^%qZB97mKbvrL1!} zvAI9W_s1+fk&%EWq8w@Qy{bmD=Ii8P4uS932mVZ(tvY!*aM^?14H>B3a+0x4dCNes zN?(j|krH;c*DG21k?O}af~1yidZ{1S`%ynr4@l;q<&hH)w6_EOoiqKHXa;E3RMyb` zMG_m$7pqgi%|m~^;I7J-s|-Wn-Yd~TGQ5kG=9GLFE)7;}F&n2dJ692;i^8iaN?$~* z>7-}7*lHZFPoIosZj5`XX!#vcNTt@`73~@oy}AqH;B3^npV^Vyl!`0AP_b=6*$k`Z z_v7H;M%f~{&?VM17rhdh5@XOC0cFMIHK0j1q+sQRAm&2AJ!AjeY)gfbMeeT$E1Bhr zcTdZN$?RivuZ7jvP+)tvWT}sJP$7)PoYBJio3yH1+X{QB1fP+kr3qO zHLYsPy}nwSFYW<7ToZEL_QDq*+}=o7Nm%eUEE`Xgoh1k`T3}%&8ZO$4Qv7=*&=T$5 zn2_YB5?27I%cwE6#l}J_W_FZkyYThYj}HhEzTwW`R{@E`8!F~*M*8{-&vm-pMe37i z73hfQ!3dRoDQkS@Z^Lc{RXhP&U@*P>NUcrdA-nSsS%7g&#&`Dm#D>MB^)w=F>-1s@ ze>b;kcz!}+{caT=iHb;MLKk7&;E^xKNWt6;g$ZzEM=A~*H zCzlzOUoh&!$#yQv1(Np>W=MZU&!R))GvAM=_x$~TPHuWA?9T4!QY<1|NYX>dxvwPt zFlGP;Mx#?kV?=ej-&#p6Thu1XQR0wn>mcWcZzwh-1q?@jKqcQn<(Y)`eA6jDik)mC zELa+^=B3Q*xOX!O;U#Z=_8{n_#BZu@27dHScdI!j zW!nW~&)v3bG!R;ng2`|>M|k(|8Ve6JH`=;waq1X|Zy7hHk?t9Av~5X7)xpJgsI(jl zs(Hk_LE#Z^CG~HFmU{+_CeQlNU;`F7Q<}9+NuwmT0N-6YqI|YcYzF9wL|yVP%Zu%^ zMZ`tr1>@GEu~}Vz3}W$AZUC`V(xkF}A5nU0Ewxf#Be7Vy-@4SixQKfd*xrf(`mNf{)1HWd=c%8A6q#Fw{pA)mMH|1|K&clMF9H>NHU%_RI$4o8Y^zkOU; zIO%(OuF{Gb-%;4_yKidgc4pJ1)8^w^QXf+X9xfBLz|K9tQK}izD{;h!@w_0;E-L2I z1B9;QFS2tgw>y%l-#5NA=Des?c3k{Mu#?nrImuxhK>0=7tH8}E$tB#Jl=7`9hBGW= zW3v+9ww@BlbH8^lPxK^e!918hC})SQIl|Yq*yM(C21n_lP`xkr{uMNLn45X~l>_U$nw*!h+PZW%;$WjqHP~O>Lmp^L0<%1l@=3hwZa8Uf66{_w08zS?=g!_NftPtB8{VFmNrKz4!xN&0 z+-XB=$QStTn!w6gf9jc9XhA4NHaktS3@ubkqiYq-l;Vu1@3G{R2F4iM^|ny%lDI55 zbgB+we(ISQ#rXW2QHug0N>OvhBH;MjebD{~%KZYE{Z0FobK6;kmBZ5cg`N7ErU{WW zhN~=u`{n50-{j!CS9mHcG#3&b=yow6XCWhDfz&kO<4mO+z7=64y*NTl1ldt|!E`O2 zf=UY{bzE#mtnpxjC6GO42$|p+lPc5&I(-~>>>e1pWf#@rd4{41Tk3E`YRVofxYNAl%-jFnGl)iCdURNxZAZHV%%zcmUQ^{XaV zXYy6y3rmxwHN?WVy4=^&q{Ib9nu|QVASyj2?2b%(7>4bO^m|W4vXHbrr=E z#ExVydq2lRB-Xtq9rTMaNl|nxFT1?zVr5tsvfLSw zIGNlc&tCZYR<&Pm_XnHLWC0|G$veD=y%r;-4xT&s<<~&tk>f|CrNaApCY>M5Q~i5Y zkJA=ZPJfLfUtI{`(zXQw=}Fi=q6#f>kZHGaZaIKxl9)e)qH~;e8!#xdEklt>5v}8m z^C|UHXNtvYkJ=NnwbFjPEBKa{_1`f&PC^OqJqyJh(%1JBrBr1lMcC2(Tt?$$(D1za z*KJ}bvtw7ynL_PlUXzXvxpuZh^;6>P(Yq3RjfL#n;hKvvwUhLNcfWFp)T)H)x-1Bx z+aEN~u(zY(P=DayjUI7 zRKz)1i!X1bF)OM)&EWVZ=*G*qYS5_%w%D<@_>f4av5e22w+0x{Olh$Ib@!7hrL5g4 zPCtQzo7zhwVVqME(F5OlSC3-e&E(mg#lXHrHt!7j@e0jBaj)b1UVQNH-tFH__CB{f ze~C6PYHs((v~7uO$CPeRS?;O~Sk(XsVK%?7vK3q#y{a{FbSk&vZg0JEu;JaYs$SpE z1&uwpP%|X^x^*-;|MV*5r*@`G7po$H0V-@3GKr>-9^aS8hTI<+b>kzPRO^t9;AUr6 zq#gA<6`;5a8NU?+YDT?GXMFd*<`(DfN5)aJ71&@??U8A)AG~>zSJkZefFADHp|qoq zofO7}HL{SL7xnt=ww>Lyd(}3jWtyOSagKEQ>=B#MihNH8^k8n_OaVwsmG_D!Twcp% zHorbc?919l1{$vA6YjnOL|{BmFaEm}!i&dBl9r%5<_l0{9_5(-VieRr!jrqiN;r6uO<0Luq!6jrwC}u$2t%q3 zAL@s;@bXN*q#SwX(>TXxFRE$OE^z<3n~`yHoVNZ6NA&>-s9P|+n@g$9LZI4hb8U+m zg<1va)Ek?S&b}!xGm$k}D6qv@D0QK5Za0=Phje~;piQ;l0wH(g`z`GAz68oL;DCha zw=)uFT%cs2Vtai}g+7poU~D#a|DxPO?<9k~8MC*k&InBZ$bhUb4#heRTomZFj zq+zUXvD^hxDXecZyQIkmH5F26vqLg|L+~W9ZI22PW+? zHaqlI5Z%xFyv(7;_>TES`_8<=g~}8U`+ixOudaRtX=KN(azGAj8{<(Lxc;FZ3sD5w zq9S-jNMmlqUe+Z5-8dnk5s7>kk=xc1T_vpj=z7Uwd4+tXuq!v3_cwh5!3+6HSCL`y zGkXVX>c<%3xeOiFUuR6Oh|?H~ByIOT`u(ea;JI?vgEIZaxzt&Lo=I=iSm{J66= zu&UZrWrZ4(faw~7ps{47{BYnX_c=nih>D7|$agf`1+HSgA^Q3U&<*jIjSsBs0Uz;- zm=)6*A&Fb*xBMcu)jK2{uic`C_c~eKP!O@b_rZOnYmQ~%AoIk1DjvFbaf(tpQIB!=^midfj#$GzlyMXg-_VhJ9e<}0Ai+lZ?eAo2c{^;UG zv*Ymi0k^u(!?wY|Vu=o|U6t8~^<)?n3MIQGNAjuwS)J#?K|?dLG3Cu8&hGEyua!5c zO5MI@;9F6j2)zot-Gg4L|3U{wm7J2S7;eG3w^^1>sTOT{?pSpH%)+x7GF6`=HziQ<_)+ENWeUg1xhpmsY zJzhU9_b4sVV)pY()E;*}1))z&_ML*Su=!_^aVddW%p-u33KiI@5^6?q^vcX+-MTe8 z9>p-Hl_EsU{^9ZC#}6jS-uiJ+ZxM0azjH1aBw+N`oKBGbq|k@8_+WIlzW%`gD*97I z_Slrw%=iNHvF36T#aEFpY73+{3AT?&^K8p)Bbq5pH!kwiN9~v0<6NV6hb~i7ylY|{ z&VvF#(e3V<mCe~9$*PS_p|2zH z7c(&7vr*6MFc-tu`I_>Lxa{|d-3%RDir~9O@WgT>TBae04~QxBIXDz|7Kx5%?}BDM10WsEKw$Fn6NZ%GJSAHPk2g2< z@%XJ%3m*Zql3^}ZF4LJZ^LMLdPxzKr^_Iy>cZA1jHf$A8GFCXhS9~fiDlQm5(~r&m zpfquB_HP4&#*Dq2+X0avCQb*?Y3@~r&{%wSxYzrwyAiOB(>zms2^gD^)G}yna=f~| zePeBUUJJdWo9THbOzudvp)zh0bS29OlT^Usm{{GxGoSSnYBHi`q|*wT(~y-iT+`9# z2!c}Fw&$SY6J?+WSlI}%_x{r4P^I1^WvLiVSkeRDRH8%DwL^6U9nmy z+V4E$&}4BT$>5`hp-_>uGQ4+nEnX)& zmw%lc_asFLNMcyb3fr{a918f&-`j%0JGcbOJRVgsFL?N!K?0sn4nF9h(Sg(z78XV) zvu&%T24j-CchD5{oEaX3dHUZlps^w5NOWNk2OQ!ax z59NIZ2NIq~%Aha^;$+?@`z_{O_IPwvWM##rLy-_H<(KIFRtkQ#y^S2M>!afU0?9m7a%;cHiL_#XtYC<3%*Lkymu_xtQHn=jS+Y`ihYEwb2< zRsCZFK46%6u+(_=*JFX#UHA@D_6WD@H*Vq5bHvDhW;su}&wkOOj>Ln#D%BvflpAH( z0uigGgrkNPbzrtQwk#z)jK8j;JXMiz?HsrKPcj6TU7`*Rzlpqj;a>8t9yLw%A)^Eq z32e^FguDJxj1(3NI9`U%av@dkBG6uI^%)-Mi50zh76N9^VYv_UZd8t#JfD-JVW^BI zK6Bx49g2;sWJG){(V`XAdCVDemFh>lM8FDP;qU8P^&tm$Zw>KbP2Fhu&eI=+h#eG1gTqWc4iN+o#^^O%S98J_04X75 zEFA7k_I;ZoiNe;c7u-&at=Z3-SMo78S8_5RcloMhQuZGz@JFBEKh%s_i37Gt{M<>H zG4o3qd2s#L*~g7skGRU-`|>n*5b7*;Mi~6@lHP0BNxEJy5o3C`wN&ok=se5czeUNY zmxrT*)tEo=K28kQW{y`+ZPNh?AyTR^&)s0AME7E^1;JsrfotC==>IxdkCbmgY8MP= z5)3Rq2e|+pr@AQ*8FVyoi=wgrbK5CiC_pOcMm;K$SIFio>o{`|-HemScqNE)sEH+v z*BBjDXmjTN_9dyf7?ERvgRw%FvA#a}sv6ZvrEr4i*;Vr230%faq6g|rJ0A--cLz4= zL7>`5Zqine_EH9I;&?+TufEZVu)tcK>kjQ%%`NTAR%%;%x}IE?X()Wt%3kQeCtadw4$56CQPF0&^jF zsc$az&0HT}@4>%Z`j&K=tT{~Pz{?zqBEq+lbl9(x6BdHF(I6r1aeSde1JaU;kHcEn z0T9IQO9S)OLXcOfxGiK>YpkzFMOCstqsA*wba=%^Vz)AhYJa3uOWNst=O66! zAN8XR`^O^f8M%ApyBH-b_NQ|3R3)Fi%ib>+;y3q1N5FgUSa#OdB=r;NJP%&lLeGq9 zYByMqhG`UuWLqBSVTW(%wD(esOhYkmBGyLX9!K{_ZYBqcw^bRM>|9F~q4F*w}Uk9SNa;@iGmY+Fx^42pWT#2#LR{DMsdWILbP zc?#cmv4_JMk?Qr3crKn2w&vYH98egwUoGV$lPvH3QSE6%kLh>Dwp35X2dl^3MK-Hk z2)hjYXR0^9+!g=X(%3gs9V0Z+X5ZAFp$9C16$QPauKGFdC?U!3UiAS0RC3*C@($_WiG-uDp`H5`=D^XPaoo2Tfn`j5UjNm zI!fECo=FJ3xB0#5C-q+=@MMG}&{fL?3D5n}%D%3=VDDpy?CV?iPC`4``T7%(>14Q| zk6U#-cVmR=J<#BWeJ+nOV*e*URE0ddnVyxRJ_oUN#vTg@~mQgv;k+es$O;5CY; zHi_gcu6=t(MlV94uCJEr88UA@;Q!{fF*zD@?p~C(vpYal9u;%qipC+oVfxu03hofw z``-KjHt~G6$#-U`^NcN=NcNV*gkz7^24b<$NrAggvukH14;uWWXQ2EMR$pI+>00Sl z&CI4p_B@UM*-(b}fo_Pv@HKhZ_@H!sqU~*9;a?@|+7!T$k6dSaA2{w0q(2>*@#^VI z*+JO~rT;aoQ0nS?a)9@lB_gA$=KBJbA?Ds7+C>*~P=7 zLn_r`C(WTCbS(*@!NvUf{afwrtAuqeB)Ecgy>#C;T^IMYC@76mJUp{(+tY6IJSCGY zqYW5s3AjF!9Y#ZRD`w{#Ly%cPn3R!c#em=GarxJJ4(^8D7#fKt#xU2-V{+`Ebph=d zcVMQ@Qdn@n7{1z9tmGOc3Je*#&V^9i!7butoi2nIFS$?o#u09hCL7m_Y$3m#|2jXs zO(Fa}Bpf?<`MUY-2;*n$V_} z>!s2Z@}B4EA{$4-GCb6WVvN`tT%IUXM{Lfy`9>?(_c$j{=^i zO6r*`ntlkEXNf3duPIOIDs-~J!7Bnp;=%JscgA-Mhl$+KQ);eQqaq*swdgG7?e(Cc zF;O;BjeA}%X8&z6L;&B1H$#xvD%nWh%3SrHmEALShsM>- zPrtS8Is^#D`G12epbrwqgSDMA*z>ZU;6R3Gt`gJ}26VYEspP=p$4vCn+)N?c{kTPB zD-$EEUshtg@bP5{O8ctIdNtYMlA>AfmNC zdUG-FJhDKGadM42x8jiRgj$cUf+2A6_N}r7Wrq#7F}w~(uyYSf6~BtP)%Y}f8wse% zK#$@5yT`@@+phk`O!ZbuT?h&1j5%>I#mc7$622iWaM>{5o27|m?73Fs3m?;tU4v{a z4tt^eatrSof!yck2FYcbpToz3!OI!reFEbK-~p-ft(gWynke`U+Ex$YFk|4slSv`u zU|?HMwqzi_rfa*T>_YXyG81e7o6W5d*t!9Cba&~k3DujbT*!Y4t9~>q;0HQ+bU5uI zVsDuL>(~-n$5C2~RCBwDnIlAeniW?y{o3{J;^`4g&C4g-t#J5IEG@57S9f+naPrhZ zAKS=nU!X(<+VqBJaj*2Vh^TBvA ztHaN=d4%KDyt|o_d-tT~LmZpW$HXqak#=|xv z8<;9$H-7eu8+c# zr_2T#4S0CG%F4T0*{`*2AkeE#7ha02l$a`aJCJ+wECyX%H7_3!)85_F#iz2?Bx|;@coxygYd%kc_g-+yhd^l7XV?6rmTVw>bq3jXy627);(H)L zy|$6xgzs+OxPyzayOHtOQIGA{+vA3mOY*s&Pe}0W+$X`y(T7COdnC_y2P7J%92#NY zxfa}K&F&(0*x?o@SzZF2q>QSfYrSf7NEq1b(9k2)hZuLGVr^@tMJj0e%&02A+}g<6 zulZsUp1G_+XMCoCn|v9^++U8#SgrH}Zd$qwog}*W>E6A|%zjS30f|Tx_x19O9o?!z zlt`bLkt!%=6+cZjbg#Rmv9B<&4LJFAWlFGYcyb<<*w#wcQ`oVv%aWqUD%+PCljhhL ztRGFxs-0Ia(ku}Wklw^b`M8m(a=ORn)9mPAZuT5EdE2*vCy4VqBDJF+;~6cG`)%iw zA>repPMW$jN91D?OBQ1K0%~Wfis49Q`=WO3z>>R?wQX0vnBnS>DTIQbl1}i4T zGTM$&2ZC$$Ro61?>DjlOxO#14U#22~!rj)Jn~wCc>V~QQ_{$kCvHl1qY0HMYLTIN( zeaA*qWn1_vD2*k<$)~FnI##lk5=gc8DfdL%BV?Ao%ma#^n;1V)Q!_>9zAwh&;An3> zt`?ZMqpG;~P~L8|eOW0A&T05ekPfmlRSD0@^jLrkl9DfPWYzv8`)k`4{w<&_4kA?E zm!x{|gKvOkHC}TcQ;+dGT(86^vi94WCCD&YutwjGD3p;-CFmDH zytBN&2prcU2}(|9zI}{4x_#JeIN#y7tHca$zJAB4hYR6DsM&?f_9X}KvQ^K&=`N>J zp3u>KF~=M=Fj>ZiQEkf!nY6rB#e~nXgf($Bf5vy1JwLb$ex>pxGCq8+EkU{8v$#uB z)BmF%+O3nS^)0~q9<5{^C$atMdv^EgOBbJ&cJdi9k6H8Xl$;Y!RJhD7Cc3u~kXLG7 zkBwfunnUQ@ZwO9X%#fM`Cwp@r^?uHJvn0_Xm4+0 zdw0I6QTtRGwauLoU>X??s$2|_Ygh8T35ZM+vL)@16y9lBH$z(6A-&O5tu1ABN8FH zFbD$d$IkZWa1ZCg9nqiPtRv69abLawExI-DLISGIid>7(h8+|<@FoXdE(+-( z=Da%JsI!tU@%TlXYW0OEksh1jw!HSBP-L*W@FaBDtt1EC;1vpCNz|a&!c%Bn1&ZgW zE40=vmBk0QEHSiL@y!^@Lgqj=%nvhp`7wtc5 zxYc-5H$M3`#jrVN;&RF%+E?hlAL82%!eL)v40i(UcUnwqSI%qkWUN}$qswfR(eV?t zuxtL5Yh_OdRPh-h&e zR*?Y~2SvZif$WCE%+hTwB#>!JdFFCekLh~ML<=#1GvaRoTfO)cQ*U~BwhpE+Z&i&% z9hz2TS#l0|dpOq)_R#KM$zz^xSe>>%v1@84b4XAUa%ny)KKaqz78vodY6IBvtvTBO zIpo9$-O&X&C~HwC#a#yTzrlM}$(k`>y3yM0g=sz8+iqXRj3vzYseRi?fx3_cfi9E5 z{mtdDZ)<+?zvyDm$&IIrn=fvp*cTXq7Z+(YD^HYab8Kf6@E#iZpSuag&92&5ZdF@4 z8yn5##EH9(8~M6D86UuH4uJ(f#h>g@-|t_%{mr(tvP8dUfNP&&iHLXUn8EC18hw30 z(CBsTstr8s)Kogf#$ToPi<0e9LFz@nx1IM=N?xO7F;64n)9AFL;4~|PMSPa>XJLX6 zr+1co6dQ8sUV8U2lou)BU#&NvK_<~^yYlF&(75~WQr3tC8h@R+WYbVOR#^Y~k%Kks zFM&36H4VzokH5&zHwv2q{j=xVRetZHRjKX1;_y2xz z`gzQTqqHK@-%k(^J*s(N!*l1P&3n4SB=DZ0?ace{s%zOxYYs-g=!dcbW!#BF*sX3c z-x__u-1<(m!MgbT+@ay-T`v@iY1Wt;4)|guDGT502C$j8UFKJ^(Kv8!@#S{VIMs|c zNh_-{-I}hri=3M!(6FOlpAZUtzpb}_pzl~mZtO#6CsH>ySRFLZAQq?R&s}%K6N6;0 zCY9Saq#J)=gT;;~#)JHR#^`dsMXbO%cL%fZZjPPIWKr*#n?#)G>d#)i{JQN>;}J4r zA3Q{#`;b~=H`6lI<3SRmi_j?w21uwYRhESIcjjg(~$_mzsi5u}%PX&8@HPC))IE9FS>55Z9 zK-4mZx3P-vL`FJD{gE~P(_)=TEUl`b>xL=%>9ct%DF(r~`;j8YZ6v9ZPnMCpL8hu7 zaqRVBv}W1SYxvd+Me~>G^cJKbk8%Mq#OEl=J83Jz91_>~;b$sbHq7NTqWw0;?nAcmyZ!aHE-3r>@)BKElCkW4x!)#Z>m*%4%xEk9-HYdoU%n zcaMA3UvR=z!|}r`uYs-v0o9a|_tpZ)z#3+vL+Z^3+#epn#~7_%+e5(j!;Sq;=R@!G zwG9N1&swq2OtH{x`b%E5M7+qV^AByj_!DhfkpoP3%IXv4ulIU`bCAv*NS0*elIBUAME-!xzY*;2lCA4~d&I+rw>enZ=Tv2X2kz#{^mkPU@^pr6wQu@v>pAg-AEOJo0@TF4Vx&GZ) z`5ktZYy(ZulGB(<@!vH#fUFPr$@)SJS~a&iqoX{8w0w2y_4=Lf!D!^CC>tU5@RG&$B6h!@0Y_jJmIS1oy%T+egv`)!rw zZ7*U85g`MALqb~ixIh^-@6&22`dfG#d(j+LVuV563Cv!l?lI$1Bm`_wBwdO}{t5Eh;X+xIDMwc1qaw>eU!+TH#MZ7+djx_qheC6+wq$!bwKlswcLDACsdP?Pf zD>LOQ)s%8iy`a^giAR@d7!JcLz29DUxPfbHw?iq@Z&ml4;w-_cZwLVsS1Di zwUl$WG3=vl$(`8;iul z`L7}v*x5OzKRh-I98Zz%tcf~ARduA=hBl!T`er=PDcj+R6p~3K6t9`mhaQt@u)-rg zwrLwh{aBQjnu@Wu<>Olq?K**8dOL*)NH{bXn@dIgo4uez@oo??`WIhafdo50MI^FY4 z#q$*G=fq@e_l9XALVr-an5$dPbh|t4Vf-Y{|J7qvK-FSJHr7ME9F?q1Ggqx*T2M&i zcKc-)@i$*nTKN)?W`@+okC|T_fAy|@&r<061dw04sEF?xf)M$mlsxPQEZJz1%JUb^ z=eo?kwUS0=yOD%FbRAeD5v`ZWGPk7C(+ zQ*`_UZIBWh4_ZUuBF`d+jB2Mja6gL5Tj%g*7PW!a`4NjSRGZdnLw^iB^SPnE7iSYb z=@>zkCUn?Ub5PBE-bI1n-Pu1X=|3K@u$Rw@XtDVcBlxCy#%66WqN)XjO|!!FIdP(m zd(1n+vC8~iO~>$VzkR=<%Bg!*zOyr9(xtTV3+Rmv4;hXw^)5a?^zb|5 zmIm=;*FrM(HNJEA@TKbK$4a$)2WgJ!GA~w4(ko;1!KeFcG&PL|POTwv_EY@I&#Dt`9sdX&SPMD21|vM#gdXlh>C65>QV zWn%R)nGR`1rfyJQAJt+vb6G`shi&bsWoOWxiy(azLGSQDIiB}qpqYzp{)zR%V8iOb z{uDL}o;7wm-#oSGozdNDNn-Yx3T@Jr$6<3mmh1re~1E?q^WDcAqjiw1TzU_1FBpk`qp&KvhI};7M z%Sl50B)mI+Y*7BIPQ5C&01#f0ve?F+$=N8`^T|TiJG|KPAF9!1rmch&c`xHH%O-W5 zG~S#HRl+BjSZCix6FMj%ffp|pJn=q@VO-7rQy|HIwr7txvd5bBVem|?*tmvSM_`}M zoo?~9_qLSag57x^CxC|{5y+l`i58pJxk2)LqMFLFZiShJM|VP6(E06-u3=w9-#k|b_nvex-v0bkirs1$poZW+ zVWh3txT7@qRgb%{8Bou@eOHMJLj}>}xMoA*_xLLVN&5DSf|FJYs^VyeM>9zgBEwi5 zc=vz6ls^XTRTc^BF_c9vOHDT|tji1!3Q5beQB7EiMJCg3Zr)-n_>F8B(Fo{&*Dn7;;K!zAO6wL@-IAoKn+7YqDB4{ zWMtqzsTZ?~@&wY6RqaN*z?cDto$l9We~c`(?jPHVp~AgSxW1T9o+@?`o-3Z47bbMF zh4|orP_}42#owHN&V@AuT)$aoC%X(}RPZmi#tRWJ)t}$yy%q(`eon5{wkq5?FbX2; zyALvt7VGrhjTGDb1~M;?|GWxBwxYiocm3yY({PQALhIYzdw& zMu_oE2)-{@eX${rJm>~$l2E_1Zl&$apdSKCuNq$A7V%@MaMEH^^>@;DfyW}?%oN^5 z%gfr;cM5smm=J-TH`OgzV)rrxe74#>HS(1EJ}qvvvR|T>`44kh-`=Gah12ed_aqEcy!+P19l?BAC-&)hzd=#PK3xANVxfT!O zG+$!#W~yz4msKQ!QIVj?4&J$!UhYTs%!Jf?aU>n%)jK{%k;=Q6{3zLd%Kq?sK;Ia- zZ3B~(Ja+&DvW3nGqg>rO2P!mcKLiv$5&&gs&m8aN48#|h*kS#k*y(!ZKwvVTn1+U5 z=KO)gual^FF}|=KyPSI}G{jWj=eW&BKb~Y~rD=ppRq5c++Ulh5gzW3A=YCjX<>^N7*+G<8a7u|4(D*;>hItzwwGbDV5Mir4Mo}i4~DF)h0P5KV_&fA|a=o&*ZSQ zmQ+rOoaa2}^K67g4q>xR#$-+nGhvqV_t8J_>-iU+=YBue^}4S6zOyfjQVi4lhdbXr z(thXIF<}D!%3WLrPzS<$r)jHJ!B+{2s4#yRI8}aoyM__}u=cg`XbhCbb9M90t#52R z&x>oenGNExB+?-VvoGrzU&at-zYm7O`c3B=BA3p2%>OdXz7W2Qztug%ok~DhoTX-CkV2hzek#37>zT6!d1Y`|N;> z4>lqmL79fTjsteA>W4HFz>Hq1|JQxyV=tct@G5F(X~{w;?=HMQy0CeZS*>oDW#6st z=XScbkFe1Ii8>H-VToUXqi{$y+vsxEvoC-T$RbuhbHAbRs#3Y}#S!?J+Xik7`FOOu zYID_TsYN8lmAMB4x7L!nwE5Tq2E&kVkAJu!F?WO%Y6Ui7dhN1iAf>vOquR0V_Ct(I z|BNB3A_e@JZe^02G`@xKoh^@?+Ax62yN`0If}RyEMY|U53CvdAhg}oZ0x>2^l9_q_ zzZkEnmiE00G9}P@OMEZtv1@Uyt7KqFNUgo})<9ZPf$lg9$bv+$xl!PBR2B50t?!U< zxDQ{GfjwSh0UgL+Pa z)_clvLu-NVbaGhL$M5qK@=j3T$L##5CP?UooGMmZq!C(8ziq zX>pv9LxVzo+QUB=5t5>{l@C(PVvttWbLN-yA^u2TDt=Pon^H$*ll;9Jmrtqh}2CM;qs*ysols%~_e=Ppk`J)Z| z=5rq95%ec?Hq@Nr*>S@o4!wWx>*$MzOtjZ>gD1y?uBZ;xJ#k$!A8ZRYU7zg+jf(E9 zndJD%-F$lt0)Z1#Xl1>1LnL&k#t}*Ew-viWpNkW`T!Z+LwV8C$_q<_8sXFE>CFF92 zeMe*S7MFRO=!N1dQE}LwC!37^R4Q{ayGuX)l&**j5WKqlG2Xad)8`~xLxHYT%dfWMmH1su>R}>R}t}AV{CIdW@YubWuefp*L`U`ERDGm0z_|%w$FEn zg1m2F``m1ubJ6HT^>?qQha8f(+p^m{CyX_G;jRr1n#uYT$e9e61VVqSAkNxvl!6xQ z8YPEy_W>aHM(&AWspU>tpqt~Ee(F{rH51(OdND+<{hq#HNl6Kq`Be>}b@=4P7K3Qa zA}2;_Ri^apX@_^udeiAv%Pssm-`jyJeF%-@&HMU&eM$U^-=iVBoK)alp7E!oUrQ(a zhrVoV@g_!fPasZ$`3-#v-x^O9{#iv*JpnlC=b3e8?wZ~M}q%VM4Rb#?9QbTCx(C^3( zpr~!Yuba%0xCl6i?1V4*f99}%O}6h{4l4kMAa={rHkbQo(Q#BhtWGc2VhSx>RGf$F zR%veKvT+~EO23s6Q5NlocHHhMc$i)PU}-2>c)Z=rbIIyoFv0)~%dp^Cjj6Ab@s~gr zT^`N=qn{-;Na(;3Ty#P_U#2j&6skMt5Z8^RD}(@u0b9Obn8P$6vfTB%;2X zkVXx7zUC3U3V8&(@u7)0UOGAm+3n8=qifIOhwgmTycA&b?)PWXLgVsLURO6LCIl;N zS=cgwIGM+ux!~kdWu&r=wtn&kSR1?b_{C!wZ02!97z=YoWsMRX{@ybPtsH*(aGq*( zy5HX{FMW;JiX*H{F14<0~)h zo5QxE-s;f5J?NA#saTnQQ#Je9&^NUX^r>5v94;9=7&?JGs#IEi?-;iiNU;r{${agy z)}Pzx3RgSzo6|IrvCw;kA#ghcV=(xvatu*YS?TgJcz!@{WVuiK1UON-YQ8dTu2b9E z0yN)mm7Fh4SE%ma{t%;5gXJ=_!neBdJO&QpRNbpVZ`2K1HM=KJ0o=B@)R_}^bnC67 zR;;`PQ`xvi{-^O3#t*_0z4Ae)o~=WxaAL#E0yQdu9lnss$k}#tfxLm z692fOu%@1sN+jB;qRE$N;zihFHNH6usnJOPk!=&+0*(`n{fD-jBT}gJ=*w*#mp1hhbMr!T;Y^1`f#$u4Jtv8LxzxbPDGn;G`olZmC&VEp?_K^aZ9Bl=DkTbtO z_0Xjbhh+FScHPe2h$zNJ(2kOmQY+xhRonB40n$3}!k-p7)*FFvBhEO4w#P%Bh-pH* zX<~{CsxaiTxCXXB|WTbnd?%hWj{k^fwq-s?^QDR$Bu;l4 zFpMZb8LRl(gEpnIfQZi$sFoJh~#2ZUFe)YA90a{sSKw;WsEzy9mlR-2ANE?G(*Nk+>h5%h@8aCT`a>&=jyHD|({M z;rgFGo}9orY)FWiHH88jUsHV1V%Yb7U1@J>Bn2cLgFP_3eIN0&XM+Kh{TBWKu2y21 zgZtze6_voEND+L{XI6@706Zhc3m?Sw(vw=wPn$z7jd+ob7ua=UBxi*`pJ(|~<&F?) z|DBl4uMCFE5U>*knh@Z){Gy;85IZEM+e2T8u`4*LnzJPHxFZC?>ERoLdk|Re_^BsG zhxA0Db25zU<)(S-f;gMTgaS^ZOWD^XEDDyi{?8D$kI=8_Qm@TD#)n@0uxdB ze3h}K_k=3QVCk?zpM_`thw9jm!vmot4Ifn}PVL5mJB4B{#JedOdBM_p>6Tv^@27W5 z#DV?x&D{IGofDm-{-e&is(OJ^R~LUoslf?~kbmrB4eSbhsn%BlYET?jVSe0UXemg> z^g$jp+)nZ>X(HKjZt;dBD=0`vpL!*c>=!H2x;5V4-fh%`H@EV*K11h}+yAWka%SL> z*5ox4c^|q9C)BEWdrK|*qUWH7jmO4SZc8W+Q|yQIGS#IrGCxPDxssSk08{(o#@1$a zs#&}CCuT zf!n;ZP1F8ec0fE44Z7SsCEWoYSL~%$2cVm$rz4tRUyI*HBgEvMk<1HHH`vG3J4nmq zXvpwU6FL(URl7czlrgq;X+RF&h)`r}$e@^s+O ztUjYL)fBs+BL+NT=~S=2)xVW)Z09vEY*tb!R+NTt99_I#p>EiR53mYmtGl-f-LRzI z))RGCR81|Q)=t2JjP{Y*wuYPApYMGH9Q`)zG8!WlmT6}UHR3_`A9^rG4C92Z9$^DF z_35NI>Sh<~Y<@g5V0wWXiws(lOJQr1bC;`*nObv;aU+7s!Mp|0_3WZXpLb3p(J+KD z3{>!nW&l^3ClsYICjU)L9RHLbFzOO(GPQ!u(G*2|SCgbUJ216if2WhK?b{KuQh&Gu T3H+$J2Y3v0@7^kf+D85lelMvK literal 0 HcmV?d00001 From f961e90ea7dbc26b9fbda53f8e790b02dea75396 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Mon, 7 Dec 2020 19:41:38 +0000 Subject: [PATCH 06/11] chore(NA): remove scripts on plugins to find circular deps (#84852) * chore(NA): remove extra scripts on plugins to find circular deps * chore(NA): remove madge as dependency * Move cyclic dep jobs Signed-off-by: Tyler Smalley Co-authored-by: Tyler Smalley Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../tests/xpack_list_cyclic_dependency.sh | 8 - .../tests/xpack_siem_cyclic_dependency.sh | 8 - .teamcity/src/builds/test/QuickTests.kt | 2 - package.json | 1 - test/scripts/jenkins_xpack.sh | 12 - .../test/xpack_list_cyclic_dependency.sh | 6 - .../test/xpack_siem_cyclic_dependency.sh | 6 - vars/tasks.groovy | 2 - .../lists/scripts/check_circular_deps.js | 8 - .../run_check_circular_deps_cli.ts | 45 --- .../scripts/check_circular_deps.js | 8 - .../run_check_circular_deps_cli.js | 82 ---- yarn.lock | 368 +----------------- 13 files changed, 11 insertions(+), 545 deletions(-) delete mode 100755 .ci/teamcity/tests/xpack_list_cyclic_dependency.sh delete mode 100755 .ci/teamcity/tests/xpack_siem_cyclic_dependency.sh delete mode 100755 test/scripts/test/xpack_list_cyclic_dependency.sh delete mode 100755 test/scripts/test/xpack_siem_cyclic_dependency.sh delete mode 100644 x-pack/plugins/lists/scripts/check_circular_deps.js delete mode 100644 x-pack/plugins/lists/scripts/check_circular_deps/run_check_circular_deps_cli.ts delete mode 100644 x-pack/plugins/security_solution/scripts/check_circular_deps.js delete mode 100644 x-pack/plugins/security_solution/scripts/check_circular_deps/run_check_circular_deps_cli.js diff --git a/.ci/teamcity/tests/xpack_list_cyclic_dependency.sh b/.ci/teamcity/tests/xpack_list_cyclic_dependency.sh deleted file mode 100755 index 39f79f94744c7..0000000000000 --- a/.ci/teamcity/tests/xpack_list_cyclic_dependency.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -source "$(dirname "${0}")/../util.sh" - -cd x-pack -checks-reporter-with-killswitch "X-Pack List cyclic dependency test" node plugins/lists/scripts/check_circular_deps diff --git a/.ci/teamcity/tests/xpack_siem_cyclic_dependency.sh b/.ci/teamcity/tests/xpack_siem_cyclic_dependency.sh deleted file mode 100755 index e3829c961fac8..0000000000000 --- a/.ci/teamcity/tests/xpack_siem_cyclic_dependency.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -source "$(dirname "${0}")/../util.sh" - -cd x-pack -checks-reporter-with-killswitch "X-Pack SIEM cyclic dependency test" node plugins/security_solution/scripts/check_circular_deps diff --git a/.teamcity/src/builds/test/QuickTests.kt b/.teamcity/src/builds/test/QuickTests.kt index 1fdb1e366e83f..cca10cc3f2aa2 100644 --- a/.teamcity/src/builds/test/QuickTests.kt +++ b/.teamcity/src/builds/test/QuickTests.kt @@ -13,8 +13,6 @@ object QuickTests : BuildType({ val testScripts = mapOf( "Test Hardening" to ".ci/teamcity/tests/test_hardening.sh", - "X-Pack List cyclic dependency" to ".ci/teamcity/tests/xpack_list_cyclic_dependency.sh", - "X-Pack SIEM cyclic dependency" to ".ci/teamcity/tests/xpack_siem_cyclic_dependency.sh", "Test Projects" to ".ci/teamcity/tests/test_projects.sh", "Mocha Tests" to ".ci/teamcity/tests/mocha.sh" ) diff --git a/package.json b/package.json index 93a72553b4551..5b6bdab3c32c8 100644 --- a/package.json +++ b/package.json @@ -731,7 +731,6 @@ "loader-utils": "^1.2.3", "log-symbols": "^2.2.0", "lz-string": "^1.4.4", - "madge": "3.4.4", "mapbox-gl": "^1.12.0", "mapbox-gl-draw-rectangle-mode": "^1.0.4", "marge": "^1.0.1", diff --git a/test/scripts/jenkins_xpack.sh b/test/scripts/jenkins_xpack.sh index 6a56b11344af5..438a85aa86142 100755 --- a/test/scripts/jenkins_xpack.sh +++ b/test/scripts/jenkins_xpack.sh @@ -9,18 +9,6 @@ if [[ -z "$CODE_COVERAGE" ]] ; then echo "" echo "" - echo " -> Running Security Solution cyclic dependency test" - cd "$XPACK_DIR" - checks-reporter-with-killswitch "X-Pack Security Solution cyclic dependency test" node plugins/security_solution/scripts/check_circular_deps - echo "" - echo "" - - echo " -> Running List cyclic dependency test" - cd "$XPACK_DIR" - checks-reporter-with-killswitch "X-Pack List cyclic dependency test" node plugins/lists/scripts/check_circular_deps - echo "" - echo "" - # echo " -> Running jest integration tests" # cd "$XPACK_DIR" # node scripts/jest_integration --ci --verbose diff --git a/test/scripts/test/xpack_list_cyclic_dependency.sh b/test/scripts/test/xpack_list_cyclic_dependency.sh deleted file mode 100755 index 493fe9f58d322..0000000000000 --- a/test/scripts/test/xpack_list_cyclic_dependency.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -source src/dev/ci_setup/setup_env.sh - -cd x-pack -checks-reporter-with-killswitch "X-Pack List cyclic dependency test" node plugins/lists/scripts/check_circular_deps diff --git a/test/scripts/test/xpack_siem_cyclic_dependency.sh b/test/scripts/test/xpack_siem_cyclic_dependency.sh deleted file mode 100755 index b21301f25ad08..0000000000000 --- a/test/scripts/test/xpack_siem_cyclic_dependency.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -source src/dev/ci_setup/setup_env.sh - -cd x-pack -checks-reporter-with-killswitch "X-Pack SIEM cyclic dependency test" node plugins/security_solution/scripts/check_circular_deps diff --git a/vars/tasks.groovy b/vars/tasks.groovy index f86c08d2dbe83..348da83cc1364 100644 --- a/vars/tasks.groovy +++ b/vars/tasks.groovy @@ -36,8 +36,6 @@ def test() { kibanaPipeline.scriptTask('Jest Unit Tests', 'test/scripts/test/jest_unit.sh'), kibanaPipeline.scriptTask('API Integration Tests', 'test/scripts/test/api_integration.sh'), - kibanaPipeline.scriptTask('X-Pack SIEM cyclic dependency', 'test/scripts/test/xpack_siem_cyclic_dependency.sh'), - kibanaPipeline.scriptTask('X-Pack List cyclic dependency', 'test/scripts/test/xpack_list_cyclic_dependency.sh'), kibanaPipeline.scriptTask('X-Pack Jest Unit Tests', 'test/scripts/test/xpack_jest_unit.sh'), ]) } diff --git a/x-pack/plugins/lists/scripts/check_circular_deps.js b/x-pack/plugins/lists/scripts/check_circular_deps.js deleted file mode 100644 index 4ba7020d13465..0000000000000 --- a/x-pack/plugins/lists/scripts/check_circular_deps.js +++ /dev/null @@ -1,8 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -require('../../../../src/setup_node_env'); -require('./check_circular_deps/run_check_circular_deps_cli'); diff --git a/x-pack/plugins/lists/scripts/check_circular_deps/run_check_circular_deps_cli.ts b/x-pack/plugins/lists/scripts/check_circular_deps/run_check_circular_deps_cli.ts deleted file mode 100644 index f9ef5b8fde5b5..0000000000000 --- a/x-pack/plugins/lists/scripts/check_circular_deps/run_check_circular_deps_cli.ts +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { resolve } from 'path'; - -// @ts-expect-error -import madge from 'madge'; -import { createFailError, run } from '@kbn/dev-utils'; - -run( - async ({ log }) => { - const result = await madge( - [resolve(__dirname, '../../public'), resolve(__dirname, '../../common')], - { - excludeRegExp: [ - 'test.ts$', - 'test.tsx$', - 'src/core/server/types.ts$', - 'src/core/server/saved_objects/types.ts$', - 'src/core/public/chrome/chrome_service.tsx$', - 'src/core/public/overlays/banners/banners_service.tsx$', - 'src/core/public/saved_objects/saved_objects_client.ts$', - 'src/plugins/data/public', - 'src/plugins/ui_actions/public', - ], - fileExtensions: ['ts', 'js', 'tsx'], - } - ); - - const circularFound = result.circular(); - if (circularFound.length !== 0) { - throw createFailError( - `Lists circular dependencies of imports has been found:\n - ${circularFound.join('\n - ')}` - ); - } else { - log.success('No circular deps 👍'); - } - }, - { - description: 'Check the Lists plugin for circular deps', - } -); diff --git a/x-pack/plugins/security_solution/scripts/check_circular_deps.js b/x-pack/plugins/security_solution/scripts/check_circular_deps.js deleted file mode 100644 index 4ba7020d13465..0000000000000 --- a/x-pack/plugins/security_solution/scripts/check_circular_deps.js +++ /dev/null @@ -1,8 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -require('../../../../src/setup_node_env'); -require('./check_circular_deps/run_check_circular_deps_cli'); diff --git a/x-pack/plugins/security_solution/scripts/check_circular_deps/run_check_circular_deps_cli.js b/x-pack/plugins/security_solution/scripts/check_circular_deps/run_check_circular_deps_cli.js deleted file mode 100644 index ac4102184091d..0000000000000 --- a/x-pack/plugins/security_solution/scripts/check_circular_deps/run_check_circular_deps_cli.js +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -/* eslint-disable-next-line import/no-extraneous-dependencies */ -import madge from 'madge'; -/* eslint-disable-next-line import/no-extraneous-dependencies */ -import { run, createFailError } from '@kbn/dev-utils'; -import * as os from 'os'; -import * as path from 'path'; - -run( - async ({ log, flags }) => { - const result = await madge( - [path.resolve(__dirname, '../../public'), path.resolve(__dirname, '../../common')], - { - fileExtensions: ['ts', 'js', 'tsx'], - excludeRegExp: [ - 'test.ts$', - 'test.tsx$', - 'containers/detection_engine/rules/types.ts$', - 'src/core/server/types.ts$', - 'src/core/server/saved_objects/types.ts$', - 'src/core/public/chrome/chrome_service.tsx$', - 'src/core/public/overlays/banners/banners_service.tsx$', - 'src/core/public/saved_objects/saved_objects_client.ts$', - 'src/plugins/data/public', - 'src/plugins/ui_actions/public', - ], - } - ); - - const circularFound = result.circular(); - if (circularFound.length !== 0) { - if (flags.svg) { - await outputSVGs(circularFound); - } else { - console.log( - 'Run this program with the --svg flag to save an SVG showing the dependency graph.' - ); - } - throw createFailError( - `SIEM circular dependencies of imports has been found:\n - ${circularFound.join('\n - ')}` - ); - } else { - log.success('No circular deps 👍'); - } - }, - { - description: - 'Check the Security Solution plugin for circular deps. If any are found, this will throw an Error.', - flags: { - help: ' --svg, Output SVGs of circular dependency graphs', - boolean: ['svg'], - default: { - svg: false, - }, - }, - } -); - -async function outputSVGs(circularFound) { - let count = 0; - for (const found of circularFound) { - // Calculate the path using the os tmpdir and an increasing 'count' - const expectedImagePath = path.join(os.tmpdir(), `security_solution-circular-dep-${count}.svg`); - console.log(`Attempting to save SVG for circular dependency: ${found}`); - count++; - - // Graph just the files in the found circular dependency. - const specificGraph = await madge(found, { - fileExtensions: ['ts', 'js', 'tsx'], - }); - - // Output an SVG in the tmp directory - const imagePath = await specificGraph.image(expectedImagePath); - - console.log(`Saved SVG: ${imagePath}`); - } -} diff --git a/yarn.lock b/yarn.lock index 12cb4b2673134..23f451a5ae8ab 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6161,14 +6161,6 @@ semver "^7.3.2" tsutils "^3.17.1" -"@typescript-eslint/typescript-estree@^1.9.0": - version "1.9.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-1.9.0.tgz#5d6d49be936e96fb0f859673480f89b070a5dd9b" - integrity sha512-7Eg0TEQpCkTsEwsl1lIzd6i7L3pJLQFWesV08dS87bNz0NeSjbL78gNAP1xCKaCejkds4PhpLnZkaAjx9SU8OA== - dependencies: - lodash.unescape "4.0.1" - semver "5.5.0" - "@typescript-eslint/visitor-keys@4.3.0": version "4.3.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.3.0.tgz#0e5ab0a09552903edeae205982e8521e17635ae0" @@ -7101,11 +7093,6 @@ apollo-utilities@^1.3.0, apollo-utilities@^1.3.2: ts-invariant "^0.4.0" tslib "^1.9.3" -app-module-path@^2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/app-module-path/-/app-module-path-2.2.0.tgz#641aa55dfb7d6a6f0a8141c4b9c0aa50b6c24dd5" - integrity sha1-ZBqlXft9am8KgUHEucCqULbCTdU= - app-root-dir@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/app-root-dir/-/app-root-dir-1.0.2.tgz#38187ec2dea7577fff033ffcb12172692ff6e118" @@ -7456,11 +7443,6 @@ assign-symbols@^1.0.0: resolved "https://registry.yarnpkg.com/assign-symbols/-/assign-symbols-1.0.0.tgz#59667f41fadd4f20ccbc2bb96b8d4f7f78ec0367" integrity sha1-WWZ/QfrdTyDMvCu5a41Pf3jsA2c= -ast-module-types@^2.3.1, ast-module-types@^2.3.2, ast-module-types@^2.4.0: - version "2.5.0" - resolved "https://registry.yarnpkg.com/ast-module-types/-/ast-module-types-2.5.0.tgz#44b8bcd51684329a77f2af6b2587df9ea6b4d5ff" - integrity sha512-dP6vhvatex3Q+OThhvcyGRvHn4noQBg1b8lCNKUAFL05up80hr2pAExveU3YQNDGMhfNPhQit/vzIkkvBPbSXw== - ast-transform@0.0.0: version "0.0.0" resolved "https://registry.yarnpkg.com/ast-transform/-/ast-transform-0.0.0.tgz#74944058887d8283e189d954600947bc98fe0062" @@ -9625,7 +9607,7 @@ cli-cursor@^3.1.0: dependencies: restore-cursor "^3.1.0" -cli-spinners@^2.0.0, cli-spinners@^2.2.0, cli-spinners@^2.4.0: +cli-spinners@^2.2.0, cli-spinners@^2.4.0: version "2.4.0" resolved "https://registry.yarnpkg.com/cli-spinners/-/cli-spinners-2.4.0.tgz#c6256db216b878cfba4720e719cec7cf72685d7f" integrity sha512-sJAofoarcm76ZGpuooaO0eDy8saEy+YoZBLjC4h8srt4jeBnkYeOgqxgsJQTpyt2LjI5PTfLJHSL+41Yu4fEJA== @@ -10002,7 +9984,7 @@ comma-separated-tokens@^1.0.0: resolved "https://registry.yarnpkg.com/comma-separated-tokens/-/comma-separated-tokens-1.0.8.tgz#632b80b6117867a158f1080ad498b2fbe7e3f5ea" integrity sha512-GHuDRO12Sypu2cV70d1dkA2EUmXHgntrzbpvOB+Qy+49ypNfGgFQIC2fhhXbnyrJRynDCAARsT7Ou0M6hirpfw== -commander@2, commander@^2.11.0, commander@^2.13.0, commander@^2.15.1, commander@^2.16.0, commander@^2.19.0, commander@^2.20.0, commander@^2.7.1, commander@^2.8.1, commander@^2.9.0: +commander@2, commander@^2.11.0, commander@^2.19.0, commander@^2.20.0, commander@^2.7.1, commander@^2.8.1, commander@^2.9.0: version "2.20.3" resolved "https://registry.yarnpkg.com/commander/-/commander-2.20.3.tgz#fd485e84c03eb4881c20722ba48035e8531aeb33" integrity sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ== @@ -11626,16 +11608,6 @@ dependency-check@^4.1.0: read-package-json "^2.0.10" resolve "^1.1.7" -dependency-tree@^7.0.2: - version "7.0.2" - resolved "https://registry.yarnpkg.com/dependency-tree/-/dependency-tree-7.0.2.tgz#01df8bbdc51e41438f5bb93f4a53e1a9cf8301a1" - integrity sha512-yh3qCLHl/o/ZUPq14HUF6AGEbNTMyCAu92D6AmY3SEynJHkB25o3hTDzvt3Tu/KpR0093ATyrhr4aGwcx8NnVw== - dependencies: - commander "^2.19.0" - debug "^4.1.1" - filing-cabinet "^2.3.1" - precinct "^6.1.1" - deprecated-decorator@^0.1.6: version "0.1.6" resolved "https://registry.yarnpkg.com/deprecated-decorator/-/deprecated-decorator-0.1.6.tgz#00966317b7a12fe92f3cc831f7583af329b86c37" @@ -11729,82 +11701,6 @@ detect-port@^1.3.0: address "^1.0.1" debug "^2.6.0" -detective-amd@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/detective-amd/-/detective-amd-3.0.0.tgz#40c8e21e229df8bca1ee2d4b952a7b67b01e2a5a" - integrity sha512-kOpKHyabdSKF9kj7PqYHLeHPw+TJT8q2u48tZYMkIcas28el1CYeLEJ42Nm+563/Fq060T5WknfwDhdX9+kkBQ== - dependencies: - ast-module-types "^2.3.1" - escodegen "^1.8.0" - get-amd-module-type "^3.0.0" - node-source-walk "^4.0.0" - -detective-cjs@^3.1.1: - version "3.1.1" - resolved "https://registry.yarnpkg.com/detective-cjs/-/detective-cjs-3.1.1.tgz#18da3e39a002d2098a1123d45ce1de1b0d9045a0" - integrity sha512-JQtNTBgFY6h8uT6pgph5QpV3IyxDv+z3qPk/FZRDT9TlFfm5dnRtpH39WtQEr1khqsUxVqXzKjZHpdoQvQbllg== - dependencies: - ast-module-types "^2.4.0" - node-source-walk "^4.0.0" - -detective-es6@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/detective-es6/-/detective-es6-2.1.0.tgz#7848feaec92279d82f7b3a98d8e1f5d93483a0f7" - integrity sha512-QSHqKGOp/YBIfmIqKXaXeq2rlL+bp3bcIQMfZ+0PvKzRlELSOSZxKRvpxVcxlLuocQv4QnOfuWGniGrmPbz8MQ== - dependencies: - node-source-walk "^4.0.0" - -detective-less@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/detective-less/-/detective-less-1.0.2.tgz#a68af9ca5f69d74b7d0aa190218b211d83b4f7e3" - integrity sha512-Rps1xDkEEBSq3kLdsdnHZL1x2S4NGDcbrjmd4q+PykK5aJwDdP5MBgrJw1Xo+kyUHuv3JEzPqxr+Dj9ryeDRTA== - dependencies: - debug "^4.0.0" - gonzales-pe "^4.2.3" - node-source-walk "^4.0.0" - -detective-postcss@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/detective-postcss/-/detective-postcss-3.0.1.tgz#511921951f66135e17d0ece2e7604c6e4966c9c6" - integrity sha512-tfTS2GdpUal5NY0aCqI4dpEy8Xfr88AehYKB0iBIZvo8y2g3UsrcDnrp9PR2FbzoW7xD5Rip3NJW7eCSvtqdUw== - dependencies: - debug "^4.1.1" - is-url "^1.2.4" - postcss "^7.0.2" - postcss-values-parser "^1.5.0" - -detective-sass@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/detective-sass/-/detective-sass-3.0.1.tgz#496b819efd1f5c4dd3f0e19b43a8634bdd6927c4" - integrity sha512-oSbrBozRjJ+QFF4WJFbjPQKeakoaY1GiR380NPqwdbWYd5wfl5cLWv0l6LsJVqrgWfFN1bjFqSeo32Nxza8Lbw== - dependencies: - debug "^4.1.1" - gonzales-pe "^4.2.3" - node-source-walk "^4.0.0" - -detective-scss@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/detective-scss/-/detective-scss-2.0.1.tgz#06f8c21ae6dedad1fccc26d544892d968083eaf8" - integrity sha512-VveyXW4WQE04s05KlJ8K0bG34jtHQVgTc9InspqoQxvnelj/rdgSAy7i2DXAazyQNFKlWSWbS+Ro2DWKFOKTPQ== - dependencies: - debug "^4.1.1" - gonzales-pe "^4.2.3" - node-source-walk "^4.0.0" - -detective-stylus@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/detective-stylus/-/detective-stylus-1.0.0.tgz#50aee7db8babb990381f010c63fabba5b58e54cd" - integrity sha1-UK7n24uruZA4HwEMY/q7pbWOVM0= - -detective-typescript@^5.1.1: - version "5.3.0" - resolved "https://registry.yarnpkg.com/detective-typescript/-/detective-typescript-5.3.0.tgz#ba2ac4aba923f87a421ae45fba3f7cf02c9ba527" - integrity sha512-J6WsrycYUZAHGTIdO1hXnoGGH8/Aw+XlCKUIOfEhqUhCkEpzwb16UHWPWiPd63ohag2NhBUY8zkZrLNKAUkHVA== - dependencies: - "@typescript-eslint/typescript-estree" "^1.9.0" - node-source-walk "^4.2.0" - typescript "^3.4.5" - detective@^5.0.2, detective@^5.2.0: version "5.2.0" resolved "https://registry.yarnpkg.com/detective/-/detective-5.2.0.tgz#feb2a77e85b904ecdea459ad897cc90a99bd2a7b" @@ -12452,7 +12348,7 @@ endent@^2.0.1: fast-json-parse "^1.0.3" objectorarray "^1.0.4" -enhanced-resolve@^4.0.0, enhanced-resolve@^4.1.0, enhanced-resolve@^4.1.1, enhanced-resolve@^4.3.0: +enhanced-resolve@^4.0.0, enhanced-resolve@^4.1.1, enhanced-resolve@^4.3.0: version "4.3.0" resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-4.3.0.tgz#3b806f3bfafc1ec7de69551ef93cca46c1704126" integrity sha512-3e87LvavsdxyoCfGusJnrZ5G8SLPOFeHSNpZI/ATL9a5leXo2k0w6MKnbqhdBad9qTobSfB20Ld7UmgoNbAZkQ== @@ -12812,7 +12708,7 @@ escape-string-regexp@2.0.0, escape-string-regexp@^2.0.0: resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz#a30304e99daa32e23b2fd20f51babd07cffca344" integrity sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w== -escodegen@^1.11.0, escodegen@^1.11.1, escodegen@^1.12.0, escodegen@^1.14.1, escodegen@^1.8.0: +escodegen@^1.11.0, escodegen@^1.11.1, escodegen@^1.12.0, escodegen@^1.14.1: version "1.14.3" resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.14.3.tgz#4e7b81fba61581dc97582ed78cab7f0e8d63f503" integrity sha512-qFcX0XJkdg+PB3xjZZG/wKSuT1PnQWx57+TVSjIMmILd2yC/6ByYElPwJnslDsuWuSAp4AwJGumarAAmJch5Kw== @@ -13749,11 +13645,6 @@ file-entry-cache@^5.0.1: dependencies: flat-cache "^2.0.1" -file-exists-dazinatorfork@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/file-exists-dazinatorfork/-/file-exists-dazinatorfork-1.0.2.tgz#cd8d0d85f63e39dc81eceb0b687c44a2cca95c47" - integrity sha512-r70c72ln2YHzQINNfxDp02hAhbGkt1HffZ+Du8oetWDLjDtFja/Lm10lUaSh9e+wD+7VDvPee0b0C9SAy8pWZg== - file-loader@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/file-loader/-/file-loader-4.2.0.tgz#5fb124d2369d7075d70a9a5abecd12e60a95215e" @@ -13823,24 +13714,6 @@ filesize@6.0.1: resolved "https://registry.yarnpkg.com/filesize/-/filesize-6.0.1.tgz#f850b509909c7c86f7e450ea19006c31c2ed3d2f" integrity sha512-u4AYWPgbI5GBhs6id1KdImZWn5yfyFrrQ8OWZdN7ZMfA8Bf4HcO0BGo9bmUIEV8yrp8I1xVfJ/dn90GtFNNJcg== -filing-cabinet@^2.3.1: - version "2.3.3" - resolved "https://registry.yarnpkg.com/filing-cabinet/-/filing-cabinet-2.3.3.tgz#77882b25ef0859c321a871b440823bc2ed590995" - integrity sha512-Lp9FNBm74UnZI/0tVcH8WlJZmnYf9/qImt1/VUaEj3rlBl+V7M5yVAzYPJ7X1T2WxQeCrSQN4jN64SlQa6Rbew== - dependencies: - app-module-path "^2.2.0" - commander "^2.13.0" - debug "^4.1.1" - enhanced-resolve "^4.1.0" - is-relative-path "^1.0.2" - module-definition "^3.0.0" - module-lookup-amd "^6.1.0" - resolve "^1.11.1" - resolve-dependency-path "^2.0.0" - sass-lookup "^3.0.0" - stylus-lookup "^3.0.1" - typescript "^3.0.3" - fill-keys@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/fill-keys/-/fill-keys-1.0.2.tgz#9a8fa36f4e8ad634e3bf6b4f3c8882551452eb20" @@ -13940,13 +13813,6 @@ find-up@^5.0.0: locate-path "^6.0.0" path-exists "^4.0.0" -find@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/find/-/find-0.3.0.tgz#4082e8fc8d8320f1a382b5e4f521b9bc50775cb8" - integrity sha512-iSd+O4OEYV/I36Zl8MdYJO0xD82wH528SaCieTVHhclgiYNe9y+yPKSwK+A7/WsmHL1EZ+pYUJBXWTL5qofksw== - dependencies: - traverse-chain "~0.1.0" - findup-sync@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/findup-sync/-/findup-sync-2.0.0.tgz#9326b1488c22d1a6088650a86901b2d9a90a2cbc" @@ -14021,11 +13887,6 @@ flatted@^2.0.0: resolved "https://registry.yarnpkg.com/flatted/-/flatted-2.0.0.tgz#55122b6536ea496b4b44893ee2608141d10d9916" integrity sha512-R+H8IZclI8AAkSBRQJLVOsxwAoHd6WC40b4QTNWIjzAa6BXOBfQcM587MXDTVPeYaopFNWHUFLx7eNmHDSxMWg== -flatten@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/flatten/-/flatten-1.0.2.tgz#dae46a9d78fbe25292258cc1e780a41d95c03782" - integrity sha1-2uRqnXj74lKSJYzB54CkHZXAN4I= - flush-write-stream@^1.0.0, flush-write-stream@^1.0.2: version "1.0.3" resolved "https://registry.yarnpkg.com/flush-write-stream/-/flush-write-stream-1.0.3.tgz#c5d586ef38af6097650b49bc41b55fabb19f35bd" @@ -14534,14 +14395,6 @@ geojson-vt@^3.2.1: resolved "https://registry.yarnpkg.com/geojson-vt/-/geojson-vt-3.2.1.tgz#f8adb614d2c1d3f6ee7c4265cad4bbf3ad60c8b7" integrity sha512-EvGQQi/zPrDA6zr6BnJD/YhwAkBP8nnJ9emh3EnHQKVMfg/MRVtPbMYdgVy/IaEmn4UfagD2a6fafPDL5hbtwg== -get-amd-module-type@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/get-amd-module-type/-/get-amd-module-type-3.0.0.tgz#bb334662fa04427018c937774570de495845c288" - integrity sha512-99Q7COuACPfVt18zH9N4VAMyb81S6TUgJm2NgV6ERtkh9VIkAaByZkW530wl3lLN5KTtSrK9jVLxYsoP5hQKsw== - dependencies: - ast-module-types "^2.3.2" - node-source-walk "^4.0.0" - get-assigned-identifiers@^1.1.0, get-assigned-identifiers@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/get-assigned-identifiers/-/get-assigned-identifiers-1.2.0.tgz#6dbf411de648cbaf8d9169ebb0d2d576191e2ff1" @@ -14567,11 +14420,6 @@ get-nonce@^1.0.0: resolved "https://registry.yarnpkg.com/get-nonce/-/get-nonce-1.0.1.tgz#fdf3f0278073820d2ce9426c18f07481b1e0cdf3" integrity sha512-FJhYRoDaiatfEkUK8HKlicmu/3SGFD51q3itKDGoSTysQJBnfOcxU5GxnhE1E6soB76MbT0MBtnKJuXyAx+96Q== -get-own-enumerable-property-symbols@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/get-own-enumerable-property-symbols/-/get-own-enumerable-property-symbols-3.0.0.tgz#b877b49a5c16aefac3655f2ed2ea5b684df8d203" - integrity sha512-CIJYJC4GGF06TakLg8z4GQKvDsx9EMspVxOYih7LerEL/WosUnFIww45CGfxfeKHqlg3twgUrYRT1O3WQqjGCg== - get-port@^5.0.0: version "5.1.1" resolved "https://registry.yarnpkg.com/get-port/-/get-port-5.1.1.tgz#0469ed07563479de6efb986baf053dcd7d4e3193" @@ -14998,13 +14846,6 @@ gonzales-pe-sl@^4.2.3: dependencies: minimist "1.1.x" -gonzales-pe@^4.2.3: - version "4.3.0" - resolved "https://registry.yarnpkg.com/gonzales-pe/-/gonzales-pe-4.3.0.tgz#fe9dec5f3c557eead09ff868c65826be54d067b3" - integrity sha512-otgSPpUmdWJ43VXyiNgEYE4luzHCL2pz4wQ0OnDluC6Eg4Ko3Vexy/SrSynglw/eR+OhkzmqFCZa/OFa/RgAOQ== - dependencies: - minimist "^1.2.5" - good-listener@^1.2.2: version "1.2.2" resolved "https://registry.yarnpkg.com/good-listener/-/good-listener-1.2.2.tgz#d53b30cdf9313dffb7dc9a0d477096aa6d145c50" @@ -15325,13 +15166,6 @@ graphql@^0.13.2: dependencies: iterall "^1.2.1" -graphviz@^0.0.8: - version "0.0.8" - resolved "https://registry.yarnpkg.com/graphviz/-/graphviz-0.0.8.tgz#e599e40733ef80e1653bfe89a5f031ecf2aa4aaa" - integrity sha1-5ZnkBzPvgOFlO/6JpfAx7PKqSqo= - dependencies: - temp "~0.4.0" - grid-index@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/grid-index/-/grid-index-1.1.0.tgz#97f8221edec1026c8377b86446a7c71e79522ea7" @@ -17097,11 +16931,6 @@ is-number@^7.0.0: resolved "https://registry.yarnpkg.com/is-number/-/is-number-7.0.0.tgz#7535345b896734d5f80c4d06c50955527a14f12b" integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng== -is-obj@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-1.0.1.tgz#3e4729ac1f5fde025cd7d83a896dab9f4f67db0f" - integrity sha1-PkcprB9f3gJc19g6iW2rn09n2w8= - is-obj@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-2.0.0.tgz#473fb05d973705e3fd9620545018ca8e22ef4982" @@ -17225,16 +17054,6 @@ is-regex@^1.0.4, is-regex@^1.0.5, is-regex@^1.1.0, is-regex@^1.1.1: dependencies: has-symbols "^1.0.1" -is-regexp@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-regexp/-/is-regexp-1.0.0.tgz#fd2d883545c46bac5a633e7b9a09e87fa2cb5069" - integrity sha1-/S2INUXEa6xaYz57mgnof6LLUGk= - -is-relative-path@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/is-relative-path/-/is-relative-path-1.0.2.tgz#091b46a0d67c1ed0fe85f1f8cfdde006bb251d46" - integrity sha1-CRtGoNZ8HtD+hfH4z93gBrslHUY= - is-relative@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/is-relative/-/is-relative-1.0.0.tgz#a1bb6935ce8c5dba1e8b9754b9b2dcc020e2260d" @@ -17330,7 +17149,7 @@ is-upper-case@^1.1.0: dependencies: upper-case "^1.1.0" -is-url@^1.2.2, is-url@^1.2.4: +is-url@^1.2.2: version "1.2.4" resolved "https://registry.yarnpkg.com/is-url/-/is-url-1.2.4.tgz#04a4df46d28c4cff3d73d01ff06abeb318a1aa52" integrity sha512-ITvGim8FhRiYe4IQ5uHSkj7pVaPDrCTkNd3yq3cV7iZAcJdHTUMPMEHcqSOy9xZ9qFenQCvi+2wjH9a1nXqHww== @@ -19417,11 +19236,6 @@ lodash.toarray@^4.4.0: resolved "https://registry.yarnpkg.com/lodash.toarray/-/lodash.toarray-4.4.0.tgz#24c4bfcd6b2fba38bfd0594db1179d8e9b656561" integrity sha1-JMS/zWsvuji/0FlNsRedjptlZWE= -lodash.unescape@4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/lodash.unescape/-/lodash.unescape-4.0.1.tgz#bf2249886ce514cda112fae9218cdc065211fc9c" - integrity sha1-vyJJiGzlFM2hEvrpIYzcBlIR/Jw= - lodash.union@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.union/-/lodash.union-4.6.0.tgz#48bb5088409f16f1821666641c44dd1aaae3cd88" @@ -19626,24 +19440,6 @@ macos-release@^2.2.0: resolved "https://registry.yarnpkg.com/macos-release/-/macos-release-2.2.0.tgz#ab58d55dd4714f0a05ad4b0e90f4370fef5cdea8" integrity sha512-iV2IDxZaX8dIcM7fG6cI46uNmHUxHE4yN+Z8tKHAW1TBPMZDIKHf/3L+YnOuj/FK9il14UaVdHmiQ1tsi90ltA== -madge@3.4.4: - version "3.4.4" - resolved "https://registry.yarnpkg.com/madge/-/madge-3.4.4.tgz#f0b254a78f6e0fb54bb8dfe5ffdee3caee280b3d" - integrity sha512-ywk2Zca1Qn3FMH4btNcJN9q3z2+AZhJeUCzUMbUwSL/xmevCC4CzBQNF6i22V1SJ8cbXLKrXrJ6k0QQPtd9/KQ== - dependencies: - chalk "^2.4.1" - commander "^2.15.1" - commondir "^1.0.1" - debug "^4.0.1" - dependency-tree "^7.0.2" - graphviz "^0.0.8" - ora "^3.0.0" - pify "^4.0.0" - pluralize "^7.0.0" - pretty-ms "^4.0.0" - rc "^1.2.7" - walkdir "^0.0.12" - magic-string@0.25.1: version "0.25.1" resolved "https://registry.yarnpkg.com/magic-string/-/magic-string-0.25.1.tgz#b1c248b399cd7485da0fe7385c2fc7011843266e" @@ -20432,14 +20228,6 @@ mock-http-server@1.3.0: multiparty "^4.1.2" underscore "^1.8.3" -module-definition@^3.0.0, module-definition@^3.1.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/module-definition/-/module-definition-3.2.0.tgz#a1741d5ddf60d76c60d5b1f41ba8744ba08d3ef4" - integrity sha512-PO6o0BajpdRR+fb3FUSeDISgJpnyxg8UDUEalR8LPQajl0M5+m4jHWhgrMGGSEl6D9+sVl/l1fjOCvpBXIQ+2Q== - dependencies: - ast-module-types "^2.4.0" - node-source-walk "^4.0.0" - module-deps@^6.0.0, module-deps@^6.2.3: version "6.2.3" resolved "https://registry.yarnpkg.com/module-deps/-/module-deps-6.2.3.tgz#15490bc02af4b56cf62299c7c17cba32d71a96ee" @@ -20466,18 +20254,6 @@ module-details-from-path@^1.0.3: resolved "https://registry.yarnpkg.com/module-details-from-path/-/module-details-from-path-1.0.3.tgz#114c949673e2a8a35e9d35788527aa37b679da2b" integrity sha1-EUyUlnPiqKNenTV4hSeqN7Z52is= -module-lookup-amd@^6.1.0: - version "6.2.0" - resolved "https://registry.yarnpkg.com/module-lookup-amd/-/module-lookup-amd-6.2.0.tgz#70600008b3f26630fde9ef9ae6165ac69de6ecbb" - integrity sha512-uxHCj5Pw9psZiC1znjU2qPsubt6haCSsN9m7xmIdoTciEgfxUkE1vhtDvjHPuOXEZrVJhjKgkmkP+w73rRuelQ== - dependencies: - commander "^2.8.1" - debug "^4.1.0" - file-exists-dazinatorfork "^1.0.2" - find "^0.3.0" - requirejs "^2.3.5" - requirejs-config-file "^3.1.1" - module-not-found-error@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/module-not-found-error/-/module-not-found-error-1.0.1.tgz#cf8b4ff4f29640674d6cdd02b0e3bc523c2bbdc0" @@ -21009,13 +20785,6 @@ node-sass@^4.14.1: stdout-stream "^1.4.0" "true-case-path" "^1.0.2" -node-source-walk@^4.0.0, node-source-walk@^4.2.0: - version "4.2.0" - resolved "https://registry.yarnpkg.com/node-source-walk/-/node-source-walk-4.2.0.tgz#c2efe731ea8ba9c03c562aa0a9d984e54f27bc2c" - integrity sha512-hPs/QMe6zS94f5+jG3kk9E7TNm4P2SulrKiLWMzKszBfNZvL/V6wseHlTd7IvfW0NZWqPtK3+9yYNr+3USGteA== - dependencies: - "@babel/parser" "^7.0.0" - node-status-codes@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/node-status-codes/-/node-status-codes-1.0.0.tgz#5ae5541d024645d32a58fcddc9ceecea7ae3ac2f" @@ -21558,18 +21327,6 @@ optionator@^0.8.1, optionator@^0.8.3: type-check "~0.3.2" word-wrap "~1.2.3" -ora@^3.0.0: - version "3.4.0" - resolved "https://registry.yarnpkg.com/ora/-/ora-3.4.0.tgz#bf0752491059a3ef3ed4c85097531de9fdbcd318" - integrity sha512-eNwHudNbO1folBP3JsZ19v9azXWtQZjICdr3Q0TDPIaeBQ3mXLrh54wM+er0+hSp+dWKf+Z8KM58CYzEyIYxYg== - dependencies: - chalk "^2.4.2" - cli-cursor "^2.1.0" - cli-spinners "^2.0.0" - log-symbols "^2.2.0" - strip-ansi "^5.2.0" - wcwidth "^1.0.1" - ora@^4.0.3, ora@^4.0.4: version "4.1.1" resolved "https://registry.yarnpkg.com/ora/-/ora-4.1.1.tgz#566cc0348a15c36f5f0e979612842e02ba9dddbc" @@ -22022,7 +21779,7 @@ parse-link-header@^1.0.1: dependencies: xtend "~4.0.1" -parse-ms@^2.0.0, parse-ms@^2.1.0: +parse-ms@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/parse-ms/-/parse-ms-2.1.0.tgz#348565a753d4391fa524029956b172cb7753097d" integrity sha512-kHt7kzLoS9VBZfUsiKjv43mr91ea+U05EyKkEtqp7vNbHxmaVuEqN7XxeEVnGrMtYOAxGrDElSi96K7EgO1zCA== @@ -22336,7 +22093,7 @@ pify@^3.0.0: resolved "https://registry.yarnpkg.com/pify/-/pify-3.0.0.tgz#e5a4acd2c101fdf3d9a4d07f0dbc4db49dd28176" integrity sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY= -pify@^4.0.0, pify@^4.0.1: +pify@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/pify/-/pify-4.0.1.tgz#4b2cd25c50d598735c50292224fd8c6df41e3231" integrity sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g== @@ -22441,11 +22198,6 @@ pluralize@^1.2.1: resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-1.2.1.tgz#d1a21483fd22bb41e58a12fa3421823140897c45" integrity sha1-0aIUg/0iu0HlihL6NCGCMUCJfEU= -pluralize@^7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-7.0.0.tgz#298b89df8b93b0221dbf421ad2b1b1ea23fc6777" - integrity sha512-ARhBOdzS3e41FbkW/XWrTEtukqqLoK5+Z/4UeDaLuSW+39JPeFgs4gCGqsrJHVZX0fUrx//4OF0K1CUGwlIFow== - pn@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/pn/-/pn-1.1.0.tgz#e2f4cef0e219f463c179ab37463e4e1ecdccbafb" @@ -22578,16 +22330,7 @@ postcss-value-parser@^4.0.0, postcss-value-parser@^4.0.2, postcss-value-parser@^ resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.1.0.tgz#443f6a20ced6481a2bda4fa8532a6e55d789a2cb" integrity sha512-97DXOFbQJhk71ne5/Mt6cOu6yxsSfM0QGQyl0L25Gca4yGWEGJaig7l7gbCX623VqTBNGLRLaVUCnNkcedlRSQ== -postcss-values-parser@^1.5.0: - version "1.5.0" - resolved "https://registry.yarnpkg.com/postcss-values-parser/-/postcss-values-parser-1.5.0.tgz#5d9fa63e2bcb0179ce48f3235303765eb89f3047" - integrity sha512-3M3p+2gMp0AH3da530TlX8kiO1nxdTnc3C6vr8dMxRLIlh8UYkz0/wcwptSXjhtx2Fr0TySI7a+BHDQ8NL7LaQ== - dependencies: - flatten "^1.0.2" - indexes-of "^1.0.1" - uniq "^1.0.1" - -postcss@^7.0.0, postcss@^7.0.14, postcss@^7.0.16, postcss@^7.0.2, postcss@^7.0.32, postcss@^7.0.5, postcss@^7.0.6: +postcss@^7.0.0, postcss@^7.0.14, postcss@^7.0.16, postcss@^7.0.32, postcss@^7.0.5, postcss@^7.0.6: version "7.0.32" resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.32.tgz#4310d6ee347053da3433db2be492883d62cec59d" integrity sha512-03eXong5NLnNCD05xscnGKGDZ98CyzoqPSMjOe6SuoQY7Z2hIj0Ld1g/O/UQRuOle2aRtiIRDg9tDcTGAkLfKw== @@ -22601,25 +22344,6 @@ potpack@^1.0.1: resolved "https://registry.yarnpkg.com/potpack/-/potpack-1.0.1.tgz#d1b1afd89e4c8f7762865ec30bd112ab767e2ebf" integrity sha512-15vItUAbViaYrmaB/Pbw7z6qX2xENbFSTA7Ii4tgbPtasxm5v6ryKhKtL91tpWovDJzTiZqdwzhcFBCwiMVdVw== -precinct@^6.1.1: - version "6.1.2" - resolved "https://registry.yarnpkg.com/precinct/-/precinct-6.1.2.tgz#279cc694ff109969fa0f82d77e62bcfa4a6c93be" - integrity sha512-Mk+oWvR7N2D2EY+5vKNnnXPGor1aU3ZbkcHp2ER68el5PL1nmZsvpq41s69emiNMSuL6TMoIeTabvwfe5w7vNg== - dependencies: - commander "^2.19.0" - debug "^4.1.1" - detective-amd "^3.0.0" - detective-cjs "^3.1.1" - detective-es6 "^2.0.0" - detective-less "^1.0.2" - detective-postcss "^3.0.0" - detective-sass "^3.0.0" - detective-scss "^2.0.0" - detective-stylus "^1.0.0" - detective-typescript "^5.1.1" - module-definition "^3.1.0" - node-source-walk "^4.2.0" - prelude-ls@~1.1.2: version "1.1.2" resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" @@ -22719,13 +22443,6 @@ pretty-ms@5.0.0: dependencies: parse-ms "^2.1.0" -pretty-ms@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/pretty-ms/-/pretty-ms-4.0.0.tgz#31baf41b94fd02227098aaa03bd62608eb0d6e92" - integrity sha512-qG66ahoLCwpLXD09ZPHSCbUWYTqdosB7SMP4OffgTgL2PBKXMuUsrk5Bwg8q4qPkjTXsKBMr+YK3Ltd/6F9s/Q== - dependencies: - parse-ms "^2.0.0" - prismjs@1.22.0, prismjs@^1.8.4, prismjs@~1.16.0: version "1.22.0" resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.22.0.tgz#73c3400afc58a823dd7eed023f8e1ce9fd8977fa" @@ -23212,7 +22929,7 @@ rc-pagination@^1.20.1: prop-types "^15.5.7" react-lifecycles-compat "^3.0.4" -rc@^1.0.1, rc@^1.2.7, rc@^1.2.8: +rc@^1.0.1, rc@^1.2.8: version "1.2.8" resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed" integrity sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw== @@ -24790,20 +24507,6 @@ requireindex@~1.2.0: resolved "https://registry.yarnpkg.com/requireindex/-/requireindex-1.2.0.tgz#3463cdb22ee151902635aa6c9535d4de9c2ef1ef" integrity sha512-L9jEkOi3ASd9PYit2cwRfyppc9NoABujTP8/5gFcbERmo5jUoAKovIC3fsF17pkTnGsrByysqX+Kxd2OTNI1ww== -requirejs-config-file@^3.1.1: - version "3.1.2" - resolved "https://registry.yarnpkg.com/requirejs-config-file/-/requirejs-config-file-3.1.2.tgz#de8c0b3eebdf243511c994a8a24b006f8b825997" - integrity sha512-sdLWywcDuNz7EIOhenSbRfT4YF84nItDv90coN2htbokjmU2QeyQuSBZILQUKNksepl8UPVU+hgYySFaDxbJPQ== - dependencies: - esprima "^4.0.0" - make-dir "^2.1.0" - stringify-object "^3.2.1" - -requirejs@^2.3.5: - version "2.3.6" - resolved "https://registry.yarnpkg.com/requirejs/-/requirejs-2.3.6.tgz#e5093d9601c2829251258c0b9445d4d19fa9e7c9" - integrity sha512-ipEzlWQe6RK3jkzikgCupiTbTvm4S0/CAU5GlgptkN5SO6F3u0UD0K18wy6ErDqiCyP4J4YYe1HuAShvsxePLg== - requires-port@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-1.0.0.tgz#925d2601d39ac485e091cf0da5c6e694dc3dcaff" @@ -24838,11 +24541,6 @@ resolve-cwd@^3.0.0: dependencies: resolve-from "^5.0.0" -resolve-dependency-path@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/resolve-dependency-path/-/resolve-dependency-path-2.0.0.tgz#11700e340717b865d216c66cabeb4a2a3c696736" - integrity sha512-DIgu+0Dv+6v2XwRaNWnumKu7GPufBBOr5I1gRPJHkvghrfCGOooJODFvgFimX/KRxk9j0whD2MnKHzM1jYvk9w== - resolve-dir@^1.0.0, resolve-dir@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/resolve-dir/-/resolve-dir-1.0.1.tgz#79a40644c362be82f26effe739c9bb5382046f43" @@ -24914,7 +24612,7 @@ resolve@1.8.1: dependencies: path-parse "^1.0.5" -resolve@^1.1.10, resolve@^1.1.4, resolve@^1.1.5, resolve@^1.1.6, resolve@^1.1.7, resolve@^1.10.0, resolve@^1.10.1, resolve@^1.11.1, resolve@^1.12.0, resolve@^1.17.0, resolve@^1.18.1, resolve@^1.3.2, resolve@^1.3.3, resolve@^1.4.0, resolve@^1.5.0, resolve@^1.7.1, resolve@^1.8.1: +resolve@^1.1.10, resolve@^1.1.4, resolve@^1.1.5, resolve@^1.1.6, resolve@^1.1.7, resolve@^1.10.0, resolve@^1.10.1, resolve@^1.12.0, resolve@^1.17.0, resolve@^1.18.1, resolve@^1.3.2, resolve@^1.3.3, resolve@^1.4.0, resolve@^1.5.0, resolve@^1.7.1, resolve@^1.8.1: version "1.19.0" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.19.0.tgz#1af5bf630409734a067cae29318aac7fa29a267c" integrity sha512-rArEXAgsBG4UgRGcynxWIWKFvh/XZCcS8UJdHhwy91zwAvCZIbcs+vAbflgBnNjYMs/i/i+/Ux6IZhML1yPvxg== @@ -25243,13 +24941,6 @@ sass-loader@^8.0.2: schema-utils "^2.6.1" semver "^6.3.0" -sass-lookup@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/sass-lookup/-/sass-lookup-3.0.0.tgz#3b395fa40569738ce857bc258e04df2617c48cac" - integrity sha512-TTsus8CfFRn1N44bvdEai1no6PqdmDiQUiqW5DlpmtT+tYnIt1tXtDIph5KA1efC+LmioJXSnCtUVpcK9gaKIg== - dependencies: - commander "^2.16.0" - sass-resources-loader@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/sass-resources-loader/-/sass-resources-loader-2.0.1.tgz#c8427f3760bf7992f24f27d3889a1c797e971d3a" @@ -25411,11 +25102,6 @@ semver-greatest-satisfied-range@^1.1.0: resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7" integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ== -semver@5.5.0: - version "5.5.0" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.5.0.tgz#dc4bbc7a6ca9d916dee5d43516f0092b58f7b8ab" - integrity sha512-4SJ3dm0WAwWy/NVeioZh5AntkdJoWKxHxcmyP622fOkgHa4z3R0TdBJICINyaSDE6uNwVc8gZr+ZinwZAH4xIA== - semver@7.0.0: version "7.0.0" resolved "https://registry.yarnpkg.com/semver/-/semver-7.0.0.tgz#5f3ca35761e47e05b206c6daff2cf814f0316b8e" @@ -26569,15 +26255,6 @@ stringify-entities@^3.0.1: is-decimal "^1.0.2" is-hexadecimal "^1.0.0" -stringify-object@^3.2.1: - version "3.3.0" - resolved "https://registry.yarnpkg.com/stringify-object/-/stringify-object-3.3.0.tgz#703065aefca19300d3ce88af4f5b3956d7556629" - integrity sha512-rHqiFh1elqCQ9WPLIC8I0Q/g/wj5J1eMkyoiD6eoQApWHP0FtlK7rqnhmabL5VUY9JQCcqwwvlOaSuutekgyrw== - dependencies: - get-own-enumerable-property-symbols "^3.0.0" - is-obj "^1.0.1" - is-regexp "^1.0.0" - strip-ansi@*, strip-ansi@5.2.0, strip-ansi@^5.0.0, strip-ansi@^5.1.0, strip-ansi@^5.2.0: version "5.2.0" resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-5.2.0.tgz#8c9a536feb6afc962bdfa5b104a5091c1ad9c0ae" @@ -26741,14 +26418,6 @@ stylis@^3.5.0: resolved "https://registry.yarnpkg.com/stylis/-/stylis-3.5.4.tgz#f665f25f5e299cf3d64654ab949a57c768b73fbe" integrity sha512-8/3pSmthWM7lsPBKv7NXkzn2Uc9W7NotcwGNpJaa3k7WMM1XDCA4MgT5k/8BIexd5ydZdboXtU90XH9Ec4Bv/Q== -stylus-lookup@^3.0.1: - version "3.0.2" - resolved "https://registry.yarnpkg.com/stylus-lookup/-/stylus-lookup-3.0.2.tgz#c9eca3ff799691020f30b382260a67355fefdddd" - integrity sha512-oEQGHSjg/AMaWlKe7gqsnYzan8DLcGIHe0dUaFkucZZ14z4zjENRlQMCHT4FNsiWnJf17YN9OvrCfCoi7VvOyg== - dependencies: - commander "^2.8.1" - debug "^4.1.0" - subarg@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/subarg/-/subarg-1.0.0.tgz#f62cf17581e996b48fc965699f54c06ae268b8d2" @@ -27154,11 +26823,6 @@ temp-dir@^1.0.0: resolved "https://registry.yarnpkg.com/temp-dir/-/temp-dir-1.0.0.tgz#0a7c0ea26d3a39afa7e0ebea9c1fc0bc4daa011d" integrity sha1-CnwOom06Oa+n4OvqnB/AvE2qAR0= -temp@~0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/temp/-/temp-0.4.0.tgz#671ad63d57be0fe9d7294664b3fc400636678a60" - integrity sha1-ZxrWPVe+D+nXKUZks/xABjZnimA= - tempy@^0.3.0: version "0.3.0" resolved "https://registry.yarnpkg.com/tempy/-/tempy-0.3.0.tgz#6f6c5b295695a16130996ad5ab01a8bd726e8bf8" @@ -27641,11 +27305,6 @@ traceparent@^1.0.0: dependencies: random-poly-fill "^1.0.1" -traverse-chain@~0.1.0: - version "0.1.0" - resolved "https://registry.yarnpkg.com/traverse-chain/-/traverse-chain-0.1.0.tgz#61dbc2d53b69ff6091a12a168fd7d433107e40f1" - integrity sha1-YdvC1Ttp/2CRoSoWj9fUMxB+QPE= - traverse@^0.6.6, traverse@~0.6.6: version "0.6.6" resolved "https://registry.yarnpkg.com/traverse/-/traverse-0.6.6.tgz#cbdf560fd7b9af632502fed40f918c157ea97137" @@ -27944,7 +27603,7 @@ typescript-tuple@^2.2.1: dependencies: typescript-compare "^0.0.2" -typescript@4.1.2, typescript@^3.0.3, typescript@^3.2.2, typescript@^3.3.3333, typescript@^3.4.5, typescript@^3.5.3, typescript@~3.7.2: +typescript@4.1.2, typescript@^3.2.2, typescript@^3.3.3333, typescript@^3.5.3, typescript@~3.7.2: version "4.1.2" resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.1.2.tgz#6369ef22516fe5e10304aae5a5c4862db55380e9" integrity sha512-thGloWsGH3SOxv1SoY7QojKi0tc+8FnOmiarEGMbd/lar7QOEd3hvlx3Fp5y6FlDUGl9L+pd4n2e+oToGMmhRQ== @@ -29380,11 +29039,6 @@ walk@^2.3.14: dependencies: foreachasync "^3.0.0" -walkdir@^0.0.12: - version "0.0.12" - resolved "https://registry.yarnpkg.com/walkdir/-/walkdir-0.0.12.tgz#2f24f1ade64aab1e458591d4442c8868356e9281" - integrity sha512-HFhaD4mMWPzFSqhpyDG48KDdrjfn409YQuVW7ckZYhW4sE87mYtWifdB/+73RA7+p4s4K18n5Jfx1kHthE1gBw== - walker@^1.0.7, walker@~1.0.5: version "1.0.7" resolved "https://registry.yarnpkg.com/walker/-/walker-1.0.7.tgz#2f7f9b8fd10d677262b18a884e28d19618e028fb" From 81a340e681b417eb6241dff938827dd8381095e2 Mon Sep 17 00:00:00 2001 From: John Schulz Date: Mon, 7 Dec 2020 15:11:09 -0500 Subject: [PATCH 07/11] [Fleet][EPM] Save installed package assets in ES (#83391) ## Summary Store package assets (from Registry or local upload) in Elasticsearch. Related to proposal [issue](https://github.com/elastic/kibana/issues/83426) & [document](https://docs.google.com/document/d/18XoS6CSl9UxxPPBt9LXuJngf1Jv-4tl3jY6l19U1yH8) * New `epm-packages-assets` saved objects are stored on `.kibana` index, like our existing saved object `epm-packages` * Asset id is uuid v5 based on the package name, package version & file path. See 1974324 * Add a list of IDs of all the installed assets, to `epm-packages` saved object. Like the existing `installed_` properties. [Example](https://github.com/elastic/kibana/pull/83391/files#diff-fa07cac51b6a49bf1e4824bc2250c9a77dac6c7d6b0a56020f559ef1ff9be25fR491-R512) from a test
Mapping for new Saved Object https://github.com/elastic/kibana/blob/37f7b6ded747edb5cc487661b801c5e1c0a102a7/x-pack%2Fplugins%2Ffleet%2Fserver%2Fsaved_objects%2Findex.ts#L329-L339
Additional property on existing epm-packages Saved Object https://github.com/elastic/kibana/blob/c4f27ab25715a225c710727a37f5f105364e2f72/x-pack/plugins/fleet/server/saved_objects/index.ts#L306-L312 I don't think the saved object changes are strictly required. It can be removed without changing much about how things work - Pros: - Preserves accurate record of the assets added at installation time. Separates what assets are currently available for package-version from what was installed. They _should_ be the same, but things happen. - Avoids a query to get the installed assets before operating on them - Cons: - size/noise? Could be tens or hundreds of ids - migration?
### More details **When are saved objects added?** During installation, after all other actions have succeeded, just before marking the save object as installed, we commit all the files from the package to ES https://github.com/elastic/kibana/blob/37f7b6ded747edb5cc487661b801c5e1c0a102a7/x-pack%2Fplugins%2Ffleet%2Fserver%2Fservices%2Fepm%2Fpackages%2F_install_package.ts#L193-L198 **When are documents removed from the index?** In the `removeInstallation` function which is called in response to a `DELETE /api/fleet/epm/packages/pkgkey` https://github.com/elastic/kibana/blob/37f7b6ded747edb5cc487661b801c5e1c0a102a7/x-pack%2Fplugins%2Ffleet%2Fserver%2Fservices%2Fepm%2Fpackages%2Fremove.ts#L72 or a failed package (re-)installation https://github.com/elastic/kibana/blob/bf068739acce044ac27902253e8fc31df621f081/x-pack%2Fplugins%2Ffleet%2Fserver%2Fservices%2Fepm%2Fpackages%2Finstall.ts#L145 **How are we using these assets?** We're not, currently. Here's an example showing how we could update [`getFileHandler`](https://github.com/elastic/kibana/blob/514b50e4c2d7a3be79d77e73838ff57b6cf1304a/x-pack%2Fplugins%2Ffleet%2Fserver%2Froutes%2Fepm%2Fhandlers.ts#L101) to check for local assets before reaching out to the Registry if we wished. It's not DRY, but it does work ```typescript const esDocRoot = `http://elastic:changeme@localhost:9200/${PACKAGE_ASSETS_INDEX_NAME}/_doc`; const escapedDocId = encodeURIComponent(`${pkgName}-${pkgVersion}/${filePath}`); const esRes = await fetch(`${esDocRoot}/${escapedDocId}`); const esJson = await esRes.json(); if (esJson.found) { const asset: PackageAsset = esJson._source; const body = asset.data_utf8 || Buffer.from(asset.data_base64, 'base64'); return response.ok({ body, headers: { 'content-type': asset.media_type, // should add our own `cache-control` header here // kibana default is prevents caching: `private, no-cache, no-store, must-revalidate` // https://github.com/elastic/kibana/issues/83631 }, }); } ``` ### Checklist _updated tests to include new saved object output, no tests added yet_ - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --- x-pack/plugins/fleet/common/constants/epm.ts | 2 +- .../plugins/fleet/common/types/models/epm.ts | 6 + .../plugins/fleet/server/constants/index.ts | 1 + .../fleet/server/saved_objects/index.ts | 27 ++++ .../server/services/epm/archive/save_to_es.ts | 121 ++++++++++++++++++ .../services/epm/packages/_install_package.ts | 25 +++- .../ensure_installed_default_packages.test.ts | 1 + .../epm/packages/get_install_type.test.ts | 2 + .../server/services/epm/packages/install.ts | 1 + .../server/services/epm/packages/remove.ts | 5 +- .../common/endpoint/generate_data.ts | 1 + .../apis/epm/install_remove_assets.ts | 23 ++++ .../apis/epm/update_assets.ts | 20 +++ 13 files changed, 232 insertions(+), 3 deletions(-) create mode 100644 x-pack/plugins/fleet/server/services/epm/archive/save_to_es.ts diff --git a/x-pack/plugins/fleet/common/constants/epm.ts b/x-pack/plugins/fleet/common/constants/epm.ts index 287b7ccdb88e0..297b15790b528 100644 --- a/x-pack/plugins/fleet/common/constants/epm.ts +++ b/x-pack/plugins/fleet/common/constants/epm.ts @@ -3,8 +3,8 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ - export const PACKAGES_SAVED_OBJECT_TYPE = 'epm-packages'; +export const ASSETS_SAVED_OBJECT_TYPE = 'epm-packages-assets'; export const INDEX_PATTERN_SAVED_OBJECT_TYPE = 'index-pattern'; export const INDEX_PATTERN_PLACEHOLDER_SUFFIX = '-index_pattern_placeholder'; export const MAX_TIME_COMPLETE_INSTALL = 60000; diff --git a/x-pack/plugins/fleet/common/types/models/epm.ts b/x-pack/plugins/fleet/common/types/models/epm.ts index c99ad71a2df6e..66a2a58a25ac5 100644 --- a/x-pack/plugins/fleet/common/types/models/epm.ts +++ b/x-pack/plugins/fleet/common/types/models/epm.ts @@ -8,6 +8,7 @@ // TODO: Update when https://github.com/elastic/kibana/issues/53021 is closed import { SavedObject, SavedObjectAttributes, SavedObjectReference } from 'src/core/public'; import { + ASSETS_SAVED_OBJECT_TYPE, agentAssetTypes, dataTypes, defaultPackages, @@ -264,6 +265,7 @@ export type PackageInfo = export interface Installation extends SavedObjectAttributes { installed_kibana: KibanaAssetReference[]; installed_es: EsAssetReference[]; + package_assets: PackageAssetReference[]; es_index_patterns: Record; name: string; version: string; @@ -293,6 +295,10 @@ export type EsAssetReference = Pick & { type: ElasticsearchAssetType; }; +export type PackageAssetReference = Pick & { + type: typeof ASSETS_SAVED_OBJECT_TYPE; +}; + export type RequiredPackage = typeof requiredPackages; export type DefaultPackages = typeof defaultPackages; diff --git a/x-pack/plugins/fleet/server/constants/index.ts b/x-pack/plugins/fleet/server/constants/index.ts index b1d7318ff5107..f380608e6817e 100644 --- a/x-pack/plugins/fleet/server/constants/index.ts +++ b/x-pack/plugins/fleet/server/constants/index.ts @@ -41,6 +41,7 @@ export { PACKAGE_POLICY_SAVED_OBJECT_TYPE, OUTPUT_SAVED_OBJECT_TYPE, PACKAGES_SAVED_OBJECT_TYPE, + ASSETS_SAVED_OBJECT_TYPE, INDEX_PATTERN_SAVED_OBJECT_TYPE, ENROLLMENT_API_KEYS_SAVED_OBJECT_TYPE, GLOBAL_SETTINGS_SAVED_OBJECT_TYPE, diff --git a/x-pack/plugins/fleet/server/saved_objects/index.ts b/x-pack/plugins/fleet/server/saved_objects/index.ts index 201ca1c7a97bc..20bbee2b1c791 100644 --- a/x-pack/plugins/fleet/server/saved_objects/index.ts +++ b/x-pack/plugins/fleet/server/saved_objects/index.ts @@ -12,6 +12,7 @@ import { AGENT_POLICY_SAVED_OBJECT_TYPE, PACKAGE_POLICY_SAVED_OBJECT_TYPE, PACKAGES_SAVED_OBJECT_TYPE, + ASSETS_SAVED_OBJECT_TYPE, AGENT_SAVED_OBJECT_TYPE, AGENT_EVENT_SAVED_OBJECT_TYPE, AGENT_ACTION_SAVED_OBJECT_TYPE, @@ -304,6 +305,13 @@ const getSavedObjectTypes = ( type: { type: 'keyword' }, }, }, + package_assets: { + type: 'nested', + properties: { + id: { type: 'keyword' }, + type: { type: 'keyword' }, + }, + }, install_started_at: { type: 'date' }, install_version: { type: 'keyword' }, install_status: { type: 'keyword' }, @@ -311,6 +319,25 @@ const getSavedObjectTypes = ( }, }, }, + [ASSETS_SAVED_OBJECT_TYPE]: { + name: ASSETS_SAVED_OBJECT_TYPE, + hidden: false, + namespaceType: 'agnostic', + management: { + importableAndExportable: false, + }, + mappings: { + properties: { + package_name: { type: 'keyword' }, + package_version: { type: 'keyword' }, + install_source: { type: 'keyword' }, + asset_path: { type: 'keyword' }, + media_type: { type: 'keyword' }, + data_utf8: { type: 'text', index: false }, + data_base64: { type: 'binary' }, + }, + }, + }, }); export function registerSavedObjects( diff --git a/x-pack/plugins/fleet/server/services/epm/archive/save_to_es.ts b/x-pack/plugins/fleet/server/services/epm/archive/save_to_es.ts new file mode 100644 index 0000000000000..a29ae2112f017 --- /dev/null +++ b/x-pack/plugins/fleet/server/services/epm/archive/save_to_es.ts @@ -0,0 +1,121 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { extname } from 'path'; +import { isBinaryFile } from 'isbinaryfile'; +import mime from 'mime-types'; +import uuidv5 from 'uuid/v5'; +import { SavedObjectsClientContract, SavedObjectsBulkCreateObject } from 'src/core/server'; +import { + ASSETS_SAVED_OBJECT_TYPE, + InstallablePackage, + InstallSource, + PackageAssetReference, +} from '../../../../common'; +import { getArchiveEntry } from './index'; + +// uuid v5 requires a SHA-1 UUID as a namespace +// used to ensure same input produces the same id +const ID_NAMESPACE = '71403015-cdd5-404b-a5da-6c43f35cad84'; + +// could be anything, picked this from https://github.com/elastic/elastic-agent-client/issues/17 +const MAX_ES_ASSET_BYTES = 4 * 1024 * 1024; + +export interface PackageAsset { + package_name: string; + package_version: string; + install_source: string; + asset_path: string; + media_type: string; + data_utf8: string; + data_base64: string; +} + +export async function archiveEntryToESDocument(opts: { + path: string; + buffer: Buffer; + name: string; + version: string; + installSource: InstallSource; +}): Promise { + const { path, buffer, name, version, installSource } = opts; + const fileExt = extname(path); + const contentType = mime.lookup(fileExt); + const mediaType = mime.contentType(contentType || fileExt); + // can use to create a data URL like `data:${mediaType};base64,${base64Data}` + + const bufferIsBinary = await isBinaryFile(buffer); + const dataUtf8 = bufferIsBinary ? '' : buffer.toString('utf8'); + const dataBase64 = bufferIsBinary ? buffer.toString('base64') : ''; + + // validation: filesize? asset type? anything else + if (dataUtf8.length > MAX_ES_ASSET_BYTES) { + throw new Error(`File at ${path} is larger than maximum allowed size of ${MAX_ES_ASSET_BYTES}`); + } + + if (dataBase64.length > MAX_ES_ASSET_BYTES) { + throw new Error( + `After base64 encoding file at ${path} is larger than maximum allowed size of ${MAX_ES_ASSET_BYTES}` + ); + } + + return { + package_name: name, + package_version: version, + install_source: installSource, + asset_path: path, + media_type: mediaType || '', + data_utf8: dataUtf8, + data_base64: dataBase64, + }; +} + +export async function removeArchiveEntries(opts: { + savedObjectsClient: SavedObjectsClientContract; + refs: PackageAssetReference[]; +}) { + const { savedObjectsClient, refs } = opts; + const results = await Promise.all( + refs.map((ref) => savedObjectsClient.delete(ASSETS_SAVED_OBJECT_TYPE, ref.id)) + ); + return results; +} + +export async function saveArchiveEntries(opts: { + savedObjectsClient: SavedObjectsClientContract; + paths: string[]; + packageInfo: InstallablePackage; + installSource: InstallSource; +}) { + const { savedObjectsClient, paths, packageInfo, installSource } = opts; + const bulkBody = await Promise.all( + paths.map((path) => { + const buffer = getArchiveEntry(path); + if (!buffer) throw new Error(`Could not find ArchiveEntry at ${path}`); + const { name, version } = packageInfo; + return archiveEntryToBulkCreateObject({ path, buffer, name, version, installSource }); + }) + ); + + const results = await savedObjectsClient.bulkCreate(bulkBody); + return results; +} + +export async function archiveEntryToBulkCreateObject(opts: { + path: string; + buffer: Buffer; + name: string; + version: string; + installSource: InstallSource; +}): Promise> { + const { path, buffer, name, version, installSource } = opts; + const doc = await archiveEntryToESDocument({ path, buffer, name, version, installSource }); + return { + id: uuidv5(doc.asset_path, ID_NAMESPACE), + type: ASSETS_SAVED_OBJECT_TYPE, + attributes: doc, + }; +} diff --git a/x-pack/plugins/fleet/server/services/epm/packages/_install_package.ts b/x-pack/plugins/fleet/server/services/epm/packages/_install_package.ts index 1af7ce149dfc0..7b84ecc259a5f 100644 --- a/x-pack/plugins/fleet/server/services/epm/packages/_install_package.ts +++ b/x-pack/plugins/fleet/server/services/epm/packages/_install_package.ts @@ -5,7 +5,13 @@ */ import { SavedObject, SavedObjectsClientContract } from 'src/core/server'; -import { InstallablePackage, InstallSource, MAX_TIME_COMPLETE_INSTALL } from '../../../../common'; +import { + InstallablePackage, + InstallSource, + PackageAssetReference, + MAX_TIME_COMPLETE_INSTALL, + ASSETS_SAVED_OBJECT_TYPE, +} from '../../../../common'; import { PACKAGES_SAVED_OBJECT_TYPE } from '../../../constants'; import { AssetReference, @@ -23,6 +29,7 @@ import { updateCurrentWriteIndices } from '../elasticsearch/template/template'; import { deleteKibanaSavedObjectsAssets } from './remove'; import { installTransform } from '../elasticsearch/transform/install'; import { createInstallation, saveKibanaAssetsRefs, updateVersion } from './install'; +import { saveArchiveEntries } from '../archive/save_to_es'; // this is only exported for testing // use a leading underscore to indicate it's not the supported path @@ -177,12 +184,28 @@ export async function _installPackage({ if (installKibanaAssetsError) throw installKibanaAssetsError; await Promise.all([installKibanaAssetsPromise, installIndexPatternPromise]); + const packageAssetResults = await saveArchiveEntries({ + savedObjectsClient, + paths, + packageInfo, + installSource, + }); + const packageAssetRefs: PackageAssetReference[] = packageAssetResults.saved_objects.map( + (result) => ({ + id: result.id, + type: ASSETS_SAVED_OBJECT_TYPE, + }) + ); + // update to newly installed version when all assets are successfully installed if (installedPkg) await updateVersion(savedObjectsClient, pkgName, pkgVersion); + await savedObjectsClient.update(PACKAGES_SAVED_OBJECT_TYPE, pkgName, { install_version: pkgVersion, install_status: 'installed', + package_assets: packageAssetRefs, }); + return [ ...installedKibanaAssetsRefs, ...installedPipelines, diff --git a/x-pack/plugins/fleet/server/services/epm/packages/ensure_installed_default_packages.test.ts b/x-pack/plugins/fleet/server/services/epm/packages/ensure_installed_default_packages.test.ts index 4ad6fc96218de..fe7b8be23b03b 100644 --- a/x-pack/plugins/fleet/server/services/epm/packages/ensure_installed_default_packages.test.ts +++ b/x-pack/plugins/fleet/server/services/epm/packages/ensure_installed_default_packages.test.ts @@ -43,6 +43,7 @@ const mockInstallation: SavedObject = { id: 'test-pkg', installed_kibana: [{ type: KibanaSavedObjectType.dashboard, id: 'dashboard-1' }], installed_es: [{ type: ElasticsearchAssetType.ingestPipeline, id: 'pipeline' }], + package_assets: [], es_index_patterns: { pattern: 'pattern-name' }, name: 'test package', version: '1.0.0', diff --git a/x-pack/plugins/fleet/server/services/epm/packages/get_install_type.test.ts b/x-pack/plugins/fleet/server/services/epm/packages/get_install_type.test.ts index a41511260c6e7..2dcfc7949d5e5 100644 --- a/x-pack/plugins/fleet/server/services/epm/packages/get_install_type.test.ts +++ b/x-pack/plugins/fleet/server/services/epm/packages/get_install_type.test.ts @@ -15,6 +15,7 @@ const mockInstallation: SavedObject = { id: 'test-pkg', installed_kibana: [{ type: KibanaSavedObjectType.dashboard, id: 'dashboard-1' }], installed_es: [{ type: ElasticsearchAssetType.ingestPipeline, id: 'pipeline' }], + package_assets: [], es_index_patterns: { pattern: 'pattern-name' }, name: 'test packagek', version: '1.0.0', @@ -32,6 +33,7 @@ const mockInstallationUpdateFail: SavedObject = { id: 'test-pkg', installed_kibana: [{ type: KibanaSavedObjectType.dashboard, id: 'dashboard-1' }], installed_es: [{ type: ElasticsearchAssetType.ingestPipeline, id: 'pipeline' }], + package_assets: [], es_index_patterns: { pattern: 'pattern-name' }, name: 'test packagek', version: '1.0.0', diff --git a/x-pack/plugins/fleet/server/services/epm/packages/install.ts b/x-pack/plugins/fleet/server/services/epm/packages/install.ts index 29300818288b4..d641c4945e681 100644 --- a/x-pack/plugins/fleet/server/services/epm/packages/install.ts +++ b/x-pack/plugins/fleet/server/services/epm/packages/install.ts @@ -379,6 +379,7 @@ export async function createInstallation(options: { { installed_kibana: [], installed_es: [], + package_assets: [], es_index_patterns: toSaveESIndexPatterns, name: pkgName, version: pkgVersion, diff --git a/x-pack/plugins/fleet/server/services/epm/packages/remove.ts b/x-pack/plugins/fleet/server/services/epm/packages/remove.ts index 2e879be20c18b..6e0d574d311cc 100644 --- a/x-pack/plugins/fleet/server/services/epm/packages/remove.ts +++ b/x-pack/plugins/fleet/server/services/epm/packages/remove.ts @@ -23,6 +23,7 @@ import { deleteTransforms } from '../elasticsearch/transform/remove'; import { packagePolicyService, appContextService } from '../..'; import { splitPkgKey } from '../registry'; import { deletePackageCache } from '../archive'; +import { removeArchiveEntries } from '../archive/save_to_es'; export async function removeInstallation(options: { savedObjectsClient: SavedObjectsClientContract; @@ -48,7 +49,7 @@ export async function removeInstallation(options: { `unable to remove package with existing package policy(s) in use by agent(s)` ); - // Delete the installed assets + // Delete the installed assets. Don't include installation.package_assets. Those are irrelevant to users const installedAssets = [...installation.installed_kibana, ...installation.installed_es]; await deleteAssets(installation, savedObjectsClient, callCluster); @@ -68,6 +69,8 @@ export async function removeInstallation(options: { version: pkgVersion, }); + await removeArchiveEntries({ savedObjectsClient, refs: installation.package_assets }); + // successful delete's in SO client return {}. return something more useful return installedAssets; } diff --git a/x-pack/plugins/security_solution/common/endpoint/generate_data.ts b/x-pack/plugins/security_solution/common/endpoint/generate_data.ts index 4e001554226ff..440ffae0986d6 100644 --- a/x-pack/plugins/security_solution/common/endpoint/generate_data.ts +++ b/x-pack/plugins/security_solution/common/endpoint/generate_data.ts @@ -1337,6 +1337,7 @@ export class EndpointDocGenerator { { id: 'logs-endpoint.events.security', type: 'index_template' }, { id: 'metrics-endpoint.telemetry', type: 'index_template' }, ] as EsAssetReference[], + package_assets: [], es_index_patterns: { alerts: 'logs-endpoint.alerts-*', events: 'events-endpoint-*', diff --git a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts index 2ae4273bfa7e8..a7d46b9c6677e 100644 --- a/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts +++ b/x-pack/test/fleet_api_integration/apis/epm/install_remove_assets.ts @@ -433,6 +433,7 @@ const expectAssetsInstalled = ({ ...res.attributes, installed_kibana: sortBy(res.attributes.installed_kibana, (o: AssetReference) => o.type), installed_es: sortBy(res.attributes.installed_es, (o: AssetReference) => o.type), + package_assets: sortBy(res.attributes.package_assets, (o: AssetReference) => o.type), }; expect(sortedRes).eql({ installed_kibana: [ @@ -487,6 +488,28 @@ const expectAssetsInstalled = ({ test_logs: 'logs-all_assets.test_logs-*', test_metrics: 'metrics-all_assets.test_metrics-*', }, + package_assets: [ + { id: '333a22a1-e639-5af5-ae62-907ffc83d603', type: 'epm-packages-assets' }, + { id: '256f3dad-6870-56c3-80a1-8dfa11e2d568', type: 'epm-packages-assets' }, + { id: '3fa0512f-bc01-5c2e-9df1-bc2f2a8259c8', type: 'epm-packages-assets' }, + { id: 'ea334ad8-80c2-5acd-934b-2a377290bf97', type: 'epm-packages-assets' }, + { id: '96c6eb85-fe2e-56c6-84be-5fda976796db', type: 'epm-packages-assets' }, + { id: '2d73a161-fa69-52d0-aa09-1bdc691b95bb', type: 'epm-packages-assets' }, + { id: '0a00c2d2-ce63-5b9c-9aa0-0cf1938f7362', type: 'epm-packages-assets' }, + { id: 'b36e6dd0-58f7-5dd0-a286-8187e4019274', type: 'epm-packages-assets' }, + { id: 'f839c76e-d194-555a-90a1-3265a45789e4', type: 'epm-packages-assets' }, + { id: '9af7bbb3-7d8a-50fa-acc9-9dde6f5efca2', type: 'epm-packages-assets' }, + { id: '1e97a20f-9d1c-529b-8ff2-da4e8ba8bb71', type: 'epm-packages-assets' }, + { id: '8cfe0a2b-7016-5522-87e4-6d352360d1fc', type: 'epm-packages-assets' }, + { id: 'bd5ff3c5-655e-5385-9918-b60ff3040aad', type: 'epm-packages-assets' }, + { id: '0954ce3b-3165-5c1f-a4c0-56eb5f2fa487', type: 'epm-packages-assets' }, + { id: '60d6d054-57e4-590f-a580-52bf3f5e7cca', type: 'epm-packages-assets' }, + { id: '47758dc2-979d-5fbe-a2bd-9eded68a5a43', type: 'epm-packages-assets' }, + { id: '318959c9-997b-5a14-b328-9fc7355b4b74', type: 'epm-packages-assets' }, + { id: 'e786cbd9-0f3b-5a0b-82a6-db25145ebf58', type: 'epm-packages-assets' }, + { id: '53c94591-aa33-591d-8200-cd524c2a0561', type: 'epm-packages-assets' }, + { id: 'b658d2d4-752e-54b8-afc2-4c76155c1466', type: 'epm-packages-assets' }, + ], name: 'all_assets', version: '0.1.0', internal: false, diff --git a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts index b16cf039f0dad..37aa94beec8b0 100644 --- a/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts +++ b/x-pack/test/fleet_api_integration/apis/epm/update_assets.ts @@ -318,6 +318,26 @@ export default function (providerContext: FtrProviderContext) { test_logs: 'logs-all_assets.test_logs-*', test_metrics: 'metrics-all_assets.test_metrics-*', }, + package_assets: [ + { id: '3eb4c54a-638f-51b6-84e2-d53f5a666e37', type: 'epm-packages-assets' }, + { id: '4acfbf69-7a27-5c58-9c99-7c86843d958f', type: 'epm-packages-assets' }, + { id: '938655df-b339-523c-a9e4-123c89c0e1e1', type: 'epm-packages-assets' }, + { id: 'eec4606c-dbfa-565b-8e9c-fce1e641f3fc', type: 'epm-packages-assets' }, + { id: 'ef67e7e0-dca3-5a62-a42a-745db5ad7c1f', type: 'epm-packages-assets' }, + { id: '64239d25-be40-5e10-94b5-f6b74b8c5474', type: 'epm-packages-assets' }, + { id: '071b5113-4c9f-5ee9-aafe-d098a4c066f6', type: 'epm-packages-assets' }, + { id: '498d8215-2613-5399-9a13-fa4f0bf513e2', type: 'epm-packages-assets' }, + { id: 'd2f87071-c866-503a-8fcb-7b23a8c7afbf', type: 'epm-packages-assets' }, + { id: '5a080eba-f482-545c-8695-6ccbd426b2a2', type: 'epm-packages-assets' }, + { id: '28523a82-1328-578d-84cb-800970560200', type: 'epm-packages-assets' }, + { id: 'cc1e3e1d-f27b-5d05-86f6-6e4b9a47c7dc', type: 'epm-packages-assets' }, + { id: '5c3aa147-089c-5084-beca-53c00e72ac80', type: 'epm-packages-assets' }, + { id: '48e582df-b1d2-5f88-b6ea-ba1fafd3a569', type: 'epm-packages-assets' }, + { id: 'bf3b0b65-9fdc-53c6-a9ca-e76140e56490', type: 'epm-packages-assets' }, + { id: '2e56f08b-1d06-55ed-abee-4708e1ccf0aa', type: 'epm-packages-assets' }, + { id: 'c7bf1a39-e057-58a0-afde-fb4b48751d8c', type: 'epm-packages-assets' }, + { id: '8c665f28-a439-5f43-b5fd-8fda7b576735', type: 'epm-packages-assets' }, + ], name: 'all_assets', version: '0.2.0', internal: false, From a7c5b49343f451da2b2b5c1987955d0f394e53b8 Mon Sep 17 00:00:00 2001 From: Spencer Date: Mon, 7 Dec 2020 13:20:15 -0700 Subject: [PATCH 08/11] [esArchiver] support kibana and es ssl from cli (#85073) Co-authored-by: spalger Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- packages/kbn-es-archiver/src/cli.ts | 50 +++++++++++++++++++-- packages/kbn-es-archiver/src/es_archiver.ts | 27 +++++------ test/common/services/es_archiver.ts | 21 +++++---- 3 files changed, 69 insertions(+), 29 deletions(-) diff --git a/packages/kbn-es-archiver/src/cli.ts b/packages/kbn-es-archiver/src/cli.ts index d65f5a5b23cd0..1acb21748f773 100644 --- a/packages/kbn-es-archiver/src/cli.ts +++ b/packages/kbn-es-archiver/src/cli.ts @@ -26,8 +26,9 @@ import Path from 'path'; import Url from 'url'; import readline from 'readline'; +import Fs from 'fs'; -import { RunWithCommands, createFlagError } from '@kbn/dev-utils'; +import { RunWithCommands, createFlagError, KbnClient, CA_CERT_PATH } from '@kbn/dev-utils'; import { readConfigFile } from '@kbn/test'; import legacyElasticsearch from 'elasticsearch'; @@ -40,13 +41,15 @@ export function runCli() { new RunWithCommands({ description: 'CLI to manage archiving/restoring data in elasticsearch', globalFlags: { - string: ['es-url', 'kibana-url', 'dir', 'config'], + string: ['es-url', 'kibana-url', 'dir', 'config', 'es-ca', 'kibana-ca'], help: ` --config path to an FTR config file that sets --es-url, --kibana-url, and --dir default: ${defaultConfigPath} --es-url url for Elasticsearch, prefer the --config flag --kibana-url url for Kibana, prefer the --config flag --dir where arechives are stored, prefer the --config flag + --kibana-ca if Kibana url points to https://localhost we default to the CA from @kbn/dev-utils, customize the CA with this flag + --es-ca if Elasticsearch url points to https://localhost we default to the CA from @kbn/dev-utils, customize the CA with this flag `, }, async extendContext({ log, flags, addCleanupTask }) { @@ -78,6 +81,40 @@ export function runCli() { throw createFlagError('--kibana-url or --config must be defined'); } + const kibanaCaPath = flags['kibana-ca']; + if (kibanaCaPath && typeof kibanaCaPath !== 'string') { + throw createFlagError('--kibana-ca must be a string'); + } + + let kibanaCa; + if (config.get('servers.kibana.certificateAuthorities') && !kibanaCaPath) { + kibanaCa = config.get('servers.kibana.certificateAuthorities'); + } else if (kibanaCaPath) { + kibanaCa = Fs.readFileSync(kibanaCaPath); + } else { + const { protocol, hostname } = Url.parse(kibanaUrl); + if (protocol === 'https:' && hostname === 'localhost') { + kibanaCa = Fs.readFileSync(CA_CERT_PATH); + } + } + + const esCaPath = flags['es-ca']; + if (esCaPath && typeof esCaPath !== 'string') { + throw createFlagError('--es-ca must be a string'); + } + + let esCa; + if (config.get('servers.elasticsearch.certificateAuthorities') && !esCaPath) { + esCa = config.get('servers.elasticsearch.certificateAuthorities'); + } else if (esCaPath) { + esCa = Fs.readFileSync(esCaPath); + } else { + const { protocol, hostname } = Url.parse(kibanaUrl); + if (protocol === 'https:' && hostname === 'localhost') { + esCa = Fs.readFileSync(CA_CERT_PATH); + } + } + let dir = flags.dir; if (dir && typeof dir !== 'string') { throw createFlagError('--dir must be a string'); @@ -91,15 +128,22 @@ export function runCli() { const client = new legacyElasticsearch.Client({ host: esUrl, + ssl: esCa ? { ca: esCa } : undefined, log: flags.verbose ? 'trace' : [], }); addCleanupTask(() => client.close()); + const kbnClient = new KbnClient({ + log, + url: kibanaUrl, + certificateAuthorities: kibanaCa ? [kibanaCa] : undefined, + }); + const esArchiver = new EsArchiver({ log, client, dataDir: dir, - kibanaUrl, + kbnClient, }); return { diff --git a/packages/kbn-es-archiver/src/es_archiver.ts b/packages/kbn-es-archiver/src/es_archiver.ts index c6f890b963e3d..6733a48f4b370 100644 --- a/packages/kbn-es-archiver/src/es_archiver.ts +++ b/packages/kbn-es-archiver/src/es_archiver.ts @@ -29,27 +29,24 @@ import { editAction, } from './actions'; +interface Options { + client: Client; + dataDir: string; + log: ToolingLog; + kbnClient: KbnClient; +} + export class EsArchiver { private readonly client: Client; private readonly dataDir: string; private readonly log: ToolingLog; private readonly kbnClient: KbnClient; - constructor({ - client, - dataDir, - log, - kibanaUrl, - }: { - client: Client; - dataDir: string; - log: ToolingLog; - kibanaUrl: string; - }) { - this.client = client; - this.dataDir = dataDir; - this.log = log; - this.kbnClient = new KbnClient({ log, url: kibanaUrl }); + constructor(options: Options) { + this.client = options.client; + this.dataDir = options.dataDir; + this.log = options.log; + this.kbnClient = options.kbnClient; } /** diff --git a/test/common/services/es_archiver.ts b/test/common/services/es_archiver.ts index 9c99445fa4827..964c40e02b9cc 100644 --- a/test/common/services/es_archiver.ts +++ b/test/common/services/es_archiver.ts @@ -17,17 +17,18 @@ * under the License. */ -import { format as formatUrl } from 'url'; import { EsArchiver } from '@kbn/es-archiver'; import { FtrProviderContext } from '../ftr_provider_context'; // @ts-ignore not TS yet import * as KibanaServer from './kibana_server'; -export function EsArchiverProvider({ getService, hasService }: FtrProviderContext): EsArchiver { +export function EsArchiverProvider({ getService }: FtrProviderContext): EsArchiver { const config = getService('config'); const client = getService('legacyEs'); const log = getService('log'); + const kibanaServer = getService('kibanaServer'); + const retry = getService('retry'); if (!config.get('esArchiver')) { throw new Error(`esArchiver can't be used unless you specify it's config in your config file`); @@ -39,17 +40,15 @@ export function EsArchiverProvider({ getService, hasService }: FtrProviderContex client, dataDir, log, - kibanaUrl: formatUrl(config.get('servers.kibana')), + kbnClient: kibanaServer, }); - if (hasService('kibanaServer')) { - KibanaServer.extendEsArchiver({ - esArchiver, - kibanaServer: getService('kibanaServer'), - retry: getService('retry'), - defaults: config.get('uiSettings.defaults'), - }); - } + KibanaServer.extendEsArchiver({ + esArchiver, + kibanaServer, + retry, + defaults: config.get('uiSettings.defaults'), + }); return esArchiver; } From de289de6c132f84927aa61ff0e417a0dfe432909 Mon Sep 17 00:00:00 2001 From: Zacqary Adam Xeper Date: Mon, 7 Dec 2020 14:46:26 -0600 Subject: [PATCH 09/11] [Metrics UI] Refactor Process List API to fetch only top processes (#84716) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../http_api/host_details/process_list.ts | 129 +++++++++++++- .../node_details/tabs/processes/index.tsx | 145 +++++++++------- .../tabs/processes/parse_process_list.ts | 55 ------ .../tabs/processes/parse_search_string.ts | 37 ++++ .../tabs/processes/process_row.tsx | 124 +------------ .../tabs/processes/process_row_charts.tsx | 164 ++++++++++++++++++ .../tabs/processes/processes_table.tsx | 117 +++++-------- .../tabs/processes/summary_table.tsx | 14 +- .../inventory_view/hooks/use_process_list.ts | 54 ++++-- .../hooks/use_process_list_row_chart.ts | 54 ++++++ .../infra/server/lib/host_details/common.ts | 6 + .../server/lib/host_details/process_list.ts | 157 ++++++++++++----- .../lib/host_details/process_list_chart.ts | 138 +++++++++++++++ .../infra/server/routes/process_list/index.ts | 37 +++- 14 files changed, 859 insertions(+), 372 deletions(-) delete mode 100644 x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/parse_process_list.ts create mode 100644 x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/parse_search_string.ts create mode 100644 x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/process_row_charts.tsx create mode 100644 x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_process_list_row_chart.ts create mode 100644 x-pack/plugins/infra/server/lib/host_details/common.ts create mode 100644 x-pack/plugins/infra/server/lib/host_details/process_list_chart.ts diff --git a/x-pack/plugins/infra/common/http_api/host_details/process_list.ts b/x-pack/plugins/infra/common/http_api/host_details/process_list.ts index 4b4a0a54b9d13..3141d100307c4 100644 --- a/x-pack/plugins/infra/common/http_api/host_details/process_list.ts +++ b/x-pack/plugins/infra/common/http_api/host_details/process_list.ts @@ -5,16 +5,139 @@ */ import * as rt from 'io-ts'; -import { MetricsAPITimerangeRT, MetricsAPISeriesRT } from '../metrics_api'; +import { MetricsAPISeriesRT, MetricsAPIRow } from '../metrics_api'; + +const AggValueRT = rt.type({ + value: rt.number, +}); export const ProcessListAPIRequestRT = rt.type({ hostTerm: rt.record(rt.string, rt.string), - timerange: MetricsAPITimerangeRT, + timefield: rt.string, indexPattern: rt.string, + to: rt.number, + sortBy: rt.type({ + name: rt.string, + isAscending: rt.boolean, + }), + searchFilter: rt.array(rt.record(rt.string, rt.record(rt.string, rt.unknown))), }); -export const ProcessListAPIResponseRT = rt.array(MetricsAPISeriesRT); +export const ProcessListAPIQueryAggregationRT = rt.type({ + summaryEvent: rt.type({ + summary: rt.type({ + hits: rt.type({ + hits: rt.array( + rt.type({ + _source: rt.type({ + system: rt.type({ + process: rt.type({ + summary: rt.record(rt.string, rt.number), + }), + }), + }), + }) + ), + }), + }), + }), + processes: rt.type({ + filteredProcs: rt.type({ + buckets: rt.array( + rt.type({ + key: rt.string, + cpu: AggValueRT, + memory: AggValueRT, + startTime: rt.type({ + value_as_string: rt.string, + }), + meta: rt.type({ + hits: rt.type({ + hits: rt.array( + rt.type({ + _source: rt.type({ + process: rt.type({ + pid: rt.number, + }), + system: rt.type({ + process: rt.type({ + state: rt.string, + }), + }), + user: rt.type({ + name: rt.string, + }), + }), + }) + ), + }), + }), + }) + ), + }), + }), +}); + +export const ProcessListAPIResponseRT = rt.type({ + processList: rt.array( + rt.type({ + cpu: rt.number, + memory: rt.number, + startTime: rt.number, + pid: rt.number, + state: rt.string, + user: rt.string, + command: rt.string, + }) + ), + summary: rt.record(rt.string, rt.number), +}); + +export type ProcessListAPIQueryAggregation = rt.TypeOf; export type ProcessListAPIRequest = rt.TypeOf; export type ProcessListAPIResponse = rt.TypeOf; + +export const ProcessListAPIChartRequestRT = rt.type({ + hostTerm: rt.record(rt.string, rt.string), + timefield: rt.string, + indexPattern: rt.string, + to: rt.number, + command: rt.string, +}); + +export const ProcessListAPIChartQueryAggregationRT = rt.type({ + process: rt.type({ + filteredProc: rt.type({ + buckets: rt.array( + rt.type({ + timeseries: rt.type({ + buckets: rt.array( + rt.type({ + key: rt.number, + memory: AggValueRT, + cpu: AggValueRT, + }) + ), + }), + }) + ), + }), + }), +}); + +export const ProcessListAPIChartResponseRT = rt.type({ + cpu: MetricsAPISeriesRT, + memory: MetricsAPISeriesRT, +}); + +export type ProcessListAPIChartQueryAggregation = rt.TypeOf< + typeof ProcessListAPIChartQueryAggregationRT +>; + +export type ProcessListAPIChartRequest = rt.TypeOf; + +export type ProcessListAPIChartResponse = rt.TypeOf; + +export type ProcessListAPIRow = MetricsAPIRow; diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/index.tsx b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/index.tsx index 836d491e6210e..6ee3c9f1fae80 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/index.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/index.tsx @@ -5,16 +5,28 @@ */ import React, { useMemo, useState } from 'react'; +import { debounce } from 'lodash'; import { i18n } from '@kbn/i18n'; -import { EuiSearchBar, EuiSpacer, EuiEmptyPrompt, EuiButton, Query } from '@elastic/eui'; -import { useProcessList } from '../../../../hooks/use_process_list'; +import { EuiSearchBar, EuiSpacer, EuiEmptyPrompt, EuiButton } from '@elastic/eui'; +import { + useProcessList, + SortBy, + ProcessListContextProvider, +} from '../../../../hooks/use_process_list'; import { TabContent, TabProps } from '../shared'; import { STATE_NAMES } from './states'; import { SummaryTable } from './summary_table'; import { ProcessesTable } from './processes_table'; +import { parseSearchString } from './parse_search_string'; const TabComponent = ({ currentTime, node, nodeType, options }: TabProps) => { - const [searchFilter, setSearchFilter] = useState(EuiSearchBar.Query.MATCH_ALL); + const [searchFilter, setSearchFilter] = useState(''); + const [sortBy, setSortBy] = useState({ + name: 'cpu', + isAscending: false, + }); + + const timefield = options.fields!.timestamp; const hostTerm = useMemo(() => { const field = @@ -26,69 +38,80 @@ const TabComponent = ({ currentTime, node, nodeType, options }: TabProps) => { const { loading, error, response, makeRequest: reload } = useProcessList( hostTerm, - 'metricbeat-*', - options.fields!.timestamp, - currentTime + timefield, + currentTime, + sortBy, + parseSearchString(searchFilter) ); - if (error) { - return ( - - - {i18n.translate('xpack.infra.metrics.nodeDetails.processListError', { - defaultMessage: 'Unable to show process data', - })} - - } - actions={ - - {i18n.translate('xpack.infra.metrics.nodeDetails.processListRetry', { - defaultMessage: 'Try again', - })} - - } - /> - - ); - } + const debouncedSearchOnChange = useMemo( + () => + debounce<(props: { queryText: string }) => void>( + ({ queryText }) => setSearchFilter(queryText), + 500 + ), + [setSearchFilter] + ); return ( - - - setSearchFilter(query ?? EuiSearchBar.Query.MATCH_ALL)} - box={{ - incremental: true, - placeholder: i18n.translate('xpack.infra.metrics.nodeDetails.searchForProcesses', { - defaultMessage: 'Search for processes…', - }), - }} - filters={[ - { - type: 'field_value_selection', - field: 'state', - name: 'State', - operator: 'exact', - multiSelect: false, - options: Object.entries(STATE_NAMES).map(([value, view]: [string, string]) => ({ - value, - view, - })), - }, - ]} - /> - - + + + + ({ + value, + view, + })), + }, + ]} + /> + + {!error ? ( + + ) : ( + + {i18n.translate('xpack.infra.metrics.nodeDetails.processListError', { + defaultMessage: 'Unable to show process data', + })} + + } + actions={ + + {i18n.translate('xpack.infra.metrics.nodeDetails.processListRetry', { + defaultMessage: 'Try again', + })} + + } + /> + )} + ); }; diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/parse_process_list.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/parse_process_list.ts deleted file mode 100644 index 88584ef2987e1..0000000000000 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/parse_process_list.ts +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { ProcessListAPIResponse } from '../../../../../../../../common/http_api'; -import { Process } from './types'; - -export const parseProcessList = (processList: ProcessListAPIResponse) => - processList.map((process) => { - const command = process.id; - let mostRecentPoint; - for (let i = process.rows.length - 1; i >= 0; i--) { - const point = process.rows[i]; - if (point && Array.isArray(point.meta) && point.meta?.length) { - mostRecentPoint = point; - break; - } - } - if (!mostRecentPoint) return { command, cpu: null, memory: null, startTime: null, state: null }; - - const { cpu, memory } = mostRecentPoint; - const { system, process: processMeta, user } = (mostRecentPoint.meta as any[])[0]; - const startTime = system.process.cpu.start_time; - const state = system.process.state; - - const timeseries = { - cpu: pickTimeseries(process.rows, 'cpu'), - memory: pickTimeseries(process.rows, 'memory'), - }; - - return { - command, - cpu, - memory, - startTime, - state, - pid: processMeta.pid, - user: user.name, - timeseries, - } as Process; - }); - -const pickTimeseries = (rows: any[], metricID: string) => ({ - rows: rows.map((row) => ({ - timestamp: row.timestamp, - metric_0: row[metricID], - })), - columns: [ - { name: 'timestamp', type: 'date' }, - { name: 'metric_0', type: 'number' }, - ], - id: metricID, -}); diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/parse_search_string.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/parse_search_string.ts new file mode 100644 index 0000000000000..455656306c8d0 --- /dev/null +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/parse_search_string.ts @@ -0,0 +1,37 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +export const parseSearchString = (query: string) => { + if (query.trim() === '') { + return [ + { + match_all: {}, + }, + ]; + } + const elements = query + .split(' ') + .map((s) => s.trim()) + .filter(Boolean); + const stateFilter = elements.filter((s) => s.startsWith('state=')); + const cmdlineFilters = elements.filter((s) => !s.startsWith('state=')); + return [ + ...cmdlineFilters.map((clause) => ({ + query_string: { + fields: ['system.process.cmdline'], + query: `*${escapeReservedCharacters(clause)}*`, + minimum_should_match: 1, + }, + })), + ...stateFilter.map((state) => ({ + match: { + 'system.process.state': state.replace('state=', ''), + }, + })), + ]; +}; + +const escapeReservedCharacters = (clause: string) => + clause.replace(/([+-=!\(\)\{\}\[\]^"~*?:\\/!]|&&|\|\|)/g, '\\$1'); diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/process_row.tsx b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/process_row.tsx index bbf4a25fc49a7..4718ed09dc9b2 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/process_row.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/process_row.tsx @@ -4,9 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import React, { useState, useMemo } from 'react'; -import moment from 'moment'; -import { first, last } from 'lodash'; +import React, { useState } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiTableRow, @@ -22,18 +20,10 @@ import { EuiButton, EuiSpacer, } from '@elastic/eui'; -import { Axis, Chart, Settings, Position, TooltipValue, niceTimeFormatter } from '@elastic/charts'; import { AutoSizer } from '../../../../../../../components/auto_sizer'; -import { createFormatter } from '../../../../../../../../common/formatters'; -import { useUiSetting } from '../../../../../../../../../../../src/plugins/kibana_react/public'; -import { getChartTheme } from '../../../../../metrics_explorer/components/helpers/get_chart_theme'; -import { calculateDomain } from '../../../../../metrics_explorer/components/helpers/calculate_domain'; -import { MetricsExplorerChartType } from '../../../../../metrics_explorer/hooks/use_metrics_explorer_options'; -import { MetricExplorerSeriesChart } from '../../../../../metrics_explorer/components/series_chart'; -import { MetricsExplorerAggregation } from '../../../../../../../../common/http_api'; -import { Color } from '../../../../../../../../common/color_palette'; import { euiStyled } from '../../../../../../../../../observability/public'; import { Process } from './types'; +import { ProcessRowCharts } from './process_row_charts'; interface Props { cells: React.ReactNode[]; @@ -118,26 +108,7 @@ export const ProcessRow = ({ cells, item }: Props) => { {item.user} - - {cpuMetricLabel} - - - - - - {memoryMetricLabel} - - - - + @@ -149,76 +120,6 @@ export const ProcessRow = ({ cells, item }: Props) => { ); }; -interface ProcessChartProps { - timeseries: Process['timeseries']['x']; - color: Color; - label: string; -} -const ProcessChart = ({ timeseries, color, label }: ProcessChartProps) => { - const chartMetric = { - color, - aggregation: 'avg' as MetricsExplorerAggregation, - label, - }; - const isDarkMode = useUiSetting('theme:darkMode'); - - const dateFormatter = useMemo(() => { - if (!timeseries) return () => ''; - const firstTimestamp = first(timeseries.rows)?.timestamp; - const lastTimestamp = last(timeseries.rows)?.timestamp; - - if (firstTimestamp == null || lastTimestamp == null) { - return (value: number) => `${value}`; - } - - return niceTimeFormatter([firstTimestamp, lastTimestamp]); - }, [timeseries]); - - const yAxisFormatter = createFormatter('percent'); - - const tooltipProps = { - headerFormatter: (tooltipValue: TooltipValue) => - moment(tooltipValue.value).format('Y-MM-DD HH:mm:ss.SSS'), - }; - - const dataDomain = calculateDomain(timeseries, [chartMetric], false); - const domain = dataDomain - ? { - max: dataDomain.max * 1.1, // add 10% headroom. - min: dataDomain.min, - } - : { max: 0, min: 0 }; - - return ( - - - - - - - - - ); -}; - export const CodeLine = euiStyled(EuiCode).attrs({ transparentBackground: true, })` @@ -246,22 +147,3 @@ const ExpandedRowCell = euiStyled(EuiTableRowCell).attrs({ padding: 0 ${(props) => props.theme.eui.paddingSizes.m}; background-color: ${(props) => props.theme.eui.euiColorLightestShade}; `; - -const ChartContainer = euiStyled.div` - width: 300px; - height: 140px; -`; - -const cpuMetricLabel = i18n.translate( - 'xpack.infra.metrics.nodeDetails.processes.expandedRowLabelCPU', - { - defaultMessage: 'CPU', - } -); - -const memoryMetricLabel = i18n.translate( - 'xpack.infra.metrics.nodeDetails.processes.expandedRowLabelMemory', - { - defaultMessage: 'Memory', - } -); diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/process_row_charts.tsx b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/process_row_charts.tsx new file mode 100644 index 0000000000000..7b7a285b5d6b8 --- /dev/null +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/process_row_charts.tsx @@ -0,0 +1,164 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React, { useMemo } from 'react'; +import moment from 'moment'; +import { first, last } from 'lodash'; +import { i18n } from '@kbn/i18n'; +import { + EuiDescriptionListTitle, + EuiDescriptionListDescription, + EuiFlexItem, + EuiLoadingChart, + EuiEmptyPrompt, + EuiText, +} from '@elastic/eui'; +import { Axis, Chart, Settings, Position, TooltipValue, niceTimeFormatter } from '@elastic/charts'; +import { createFormatter } from '../../../../../../../../common/formatters'; +import { useUiSetting } from '../../../../../../../../../../../src/plugins/kibana_react/public'; +import { getChartTheme } from '../../../../../metrics_explorer/components/helpers/get_chart_theme'; +import { calculateDomain } from '../../../../../metrics_explorer/components/helpers/calculate_domain'; +import { MetricsExplorerChartType } from '../../../../../metrics_explorer/hooks/use_metrics_explorer_options'; +import { MetricExplorerSeriesChart } from '../../../../../metrics_explorer/components/series_chart'; +import { MetricsExplorerAggregation } from '../../../../../../../../common/http_api'; +import { Color } from '../../../../../../../../common/color_palette'; +import { euiStyled } from '../../../../../../../../../observability/public'; +import { useProcessListRowChart } from '../../../../hooks/use_process_list_row_chart'; +import { Process } from './types'; + +interface Props { + command: string; +} + +export const ProcessRowCharts = ({ command }: Props) => { + const { loading, error, response } = useProcessListRowChart(command); + + const isLoading = loading || !response; + + const cpuChart = error ? ( + {failedToLoadChart}} /> + ) : isLoading ? ( + + ) : ( + + ); + const memoryChart = error ? ( + {failedToLoadChart}} /> + ) : isLoading ? ( + + ) : ( + + ); + + return ( + <> + + {cpuMetricLabel} + {cpuChart} + + + {memoryMetricLabel} + {memoryChart} + + + ); +}; + +interface ProcessChartProps { + timeseries: Process['timeseries']['x']; + color: Color; + label: string; +} +const ProcessChart = ({ timeseries, color, label }: ProcessChartProps) => { + const chartMetric = { + color, + aggregation: 'avg' as MetricsExplorerAggregation, + label, + }; + const isDarkMode = useUiSetting('theme:darkMode'); + + const dateFormatter = useMemo(() => { + if (!timeseries) return () => ''; + const firstTimestamp = first(timeseries.rows)?.timestamp; + const lastTimestamp = last(timeseries.rows)?.timestamp; + + if (firstTimestamp == null || lastTimestamp == null) { + return (value: number) => `${value}`; + } + + return niceTimeFormatter([firstTimestamp, lastTimestamp]); + }, [timeseries]); + + const yAxisFormatter = createFormatter('percent'); + + const tooltipProps = { + headerFormatter: (tooltipValue: TooltipValue) => + moment(tooltipValue.value).format('Y-MM-DD HH:mm:ss.SSS'), + }; + + const dataDomain = calculateDomain(timeseries, [chartMetric], false); + const domain = dataDomain + ? { + max: dataDomain.max * 1.1, // add 10% headroom. + min: dataDomain.min, + } + : { max: 0, min: 0 }; + + return ( + + + + + + + + + ); +}; + +const ChartContainer = euiStyled.div` + width: 300px; + height: 140px; +`; + +const cpuMetricLabel = i18n.translate( + 'xpack.infra.metrics.nodeDetails.processes.expandedRowLabelCPU', + { + defaultMessage: 'CPU', + } +); + +const memoryMetricLabel = i18n.translate( + 'xpack.infra.metrics.nodeDetails.processes.expandedRowLabelMemory', + { + defaultMessage: 'Memory', + } +); + +const failedToLoadChart = i18n.translate( + 'xpack.infra.metrics.nodeDetails.processes.failedToLoadChart', + { + defaultMessage: 'Unable to load chart', + } +); diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/processes_table.tsx b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/processes_table.tsx index 43f3a333fda83..1952ba947761c 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/processes_table.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/processes_table.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import React, { useMemo, useState, useEffect, useCallback } from 'react'; +import React, { useMemo, useState, useCallback } from 'react'; import { omit } from 'lodash'; import { i18n } from '@kbn/i18n'; import { @@ -13,10 +13,8 @@ import { EuiTableBody, EuiTableHeaderCell, EuiTableRowCell, - EuiSpacer, - EuiTablePagination, EuiLoadingChart, - Query, + EuiEmptyPrompt, SortableProperties, LEFT_ALIGNMENT, RIGHT_ALIGNMENT, @@ -24,17 +22,18 @@ import { import { ProcessListAPIResponse } from '../../../../../../../../common/http_api'; import { FORMATTERS } from '../../../../../../../../common/formatters'; import { euiStyled } from '../../../../../../../../../observability/public'; +import { SortBy } from '../../../../hooks/use_process_list'; import { Process } from './types'; import { ProcessRow, CodeLine } from './process_row'; -import { parseProcessList } from './parse_process_list'; import { StateBadge } from './state_badge'; import { STATE_ORDER } from './states'; interface TableProps { - processList: ProcessListAPIResponse; + processList: ProcessListAPIResponse['processList']; currentTime: number; isLoading: boolean; - searchFilter: Query; + sortBy: SortBy; + setSortBy: (s: SortBy) => void; } function useSortableProperties( @@ -43,25 +42,21 @@ function useSortableProperties( getValue: (obj: T) => any; isAscending: boolean; }>, - defaultSortProperty: string + defaultSortProperty: string, + callback: (s: SortBy) => void ) { const [sortableProperties] = useState>( new SortableProperties(sortablePropertyItems, defaultSortProperty) ); - const [sortedColumn, setSortedColumn] = useState( - omit(sortableProperties.getSortedProperty(), 'getValue') - ); return { - setSortedColumn: useCallback( + updateSortableProperties: useCallback( (property) => { sortableProperties.sortOn(property); - setSortedColumn(omit(sortableProperties.getSortedProperty(), 'getValue')); + callback(omit(sortableProperties.getSortedProperty(), 'getValue')); }, - [sortableProperties] + [sortableProperties, callback] ), - sortedColumn, - sortItems: (items: T[]) => sortableProperties.sortItems(items), }; } @@ -69,28 +64,15 @@ export const ProcessesTable = ({ processList, currentTime, isLoading, - searchFilter, + sortBy, + setSortBy, }: TableProps) => { - const [currentPage, setCurrentPage] = useState(0); - const [itemsPerPage, setItemsPerPage] = useState(10); - useEffect(() => setCurrentPage(0), [processList, searchFilter, itemsPerPage]); - - const { sortedColumn, sortItems, setSortedColumn } = useSortableProperties( + const { updateSortableProperties } = useSortableProperties( [ - { - name: 'state', - getValue: (item: any) => STATE_ORDER.indexOf(item.state), - isAscending: true, - }, - { - name: 'command', - getValue: (item: any) => item.command.toLowerCase(), - isAscending: true, - }, { name: 'startTime', getValue: (item: any) => Date.parse(item.startTime), - isAscending: false, + isAscending: true, }, { name: 'cpu', @@ -103,32 +85,34 @@ export const ProcessesTable = ({ isAscending: false, }, ], - 'state' + 'cpu', + setSortBy ); - const currentItems = useMemo(() => { - const filteredItems = Query.execute(searchFilter, parseProcessList(processList)) as Process[]; - if (!filteredItems.length) return []; - const sortedItems = sortItems(filteredItems); - return sortedItems; - }, [processList, searchFilter, sortItems]); - - const pageCount = useMemo(() => Math.ceil(currentItems.length / itemsPerPage), [ - itemsPerPage, - currentItems, - ]); - - const pageStartIdx = useMemo(() => currentPage * itemsPerPage + (currentPage > 0 ? 1 : 0), [ - currentPage, - itemsPerPage, - ]); - const currentItemsPage = useMemo( - () => currentItems.slice(pageStartIdx, pageStartIdx + itemsPerPage), - [pageStartIdx, currentItems, itemsPerPage] + const currentItems = useMemo( + () => + processList.sort( + (a, b) => STATE_ORDER.indexOf(a.state) - STATE_ORDER.indexOf(b.state) + ) as Process[], + [processList] ); if (isLoading) return ; + if (currentItems.length === 0) + return ( + + {i18n.translate('xpack.infra.metrics.nodeDetails.noProcesses', { + defaultMessage: 'No processes matched these search terms', + })} + + } + /> + ); + return ( <> @@ -139,27 +123,18 @@ export const ProcessesTable = ({ key={`${String(column.field)}-header`} align={column.align ?? LEFT_ALIGNMENT} width={column.width} - onSort={column.sortable ? () => setSortedColumn(column.field) : undefined} - isSorted={sortedColumn.name === column.field} - isSortAscending={sortedColumn.name === column.field && sortedColumn.isAscending} + onSort={column.sortable ? () => updateSortableProperties(column.field) : undefined} + isSorted={sortBy.name === column.field} + isSortAscending={sortBy.name === column.field && sortBy.isAscending} > {column.name} ))} - + - - ); }; @@ -213,8 +188,8 @@ const StyledTableBody = euiStyled(EuiTableBody)` const ONE_MINUTE = 60 * 1000; const ONE_HOUR = ONE_MINUTE * 60; -const RuntimeCell = ({ startTime, currentTime }: { startTime: string; currentTime: number }) => { - const runtimeLength = currentTime - Date.parse(startTime); +const RuntimeCell = ({ startTime, currentTime }: { startTime: number; currentTime: number }) => { + const runtimeLength = currentTime - startTime; let remainingRuntimeMS = runtimeLength; const runtimeHours = Math.floor(remainingRuntimeMS / ONE_HOUR); remainingRuntimeMS -= runtimeHours * ONE_HOUR; @@ -244,7 +219,7 @@ const columns: Array<{ name: i18n.translate('xpack.infra.metrics.nodeDetails.processes.columnLabelState', { defaultMessage: 'State', }), - sortable: true, + sortable: false, render: (state: string) => , width: 84, textOnly: false, @@ -254,7 +229,7 @@ const columns: Array<{ name: i18n.translate('xpack.infra.metrics.nodeDetails.processes.columnLabelCommand', { defaultMessage: 'Command', }), - sortable: true, + sortable: false, width: '40%', render: (command: string) => {command}, }, @@ -265,7 +240,7 @@ const columns: Array<{ }), align: RIGHT_ALIGNMENT, sortable: true, - render: (startTime: string, currentTime: number) => ( + render: (startTime: number, currentTime: number) => ( ), }, diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/summary_table.tsx b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/summary_table.tsx index 59becb0bf534d..6efabf1b8c0ae 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/summary_table.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/components/node_details/tabs/processes/summary_table.tsx @@ -5,16 +5,15 @@ */ import React, { useMemo } from 'react'; -import { mapValues, countBy } from 'lodash'; +import { mapValues } from 'lodash'; import { i18n } from '@kbn/i18n'; import { EuiBasicTable, EuiLoadingSpinner, EuiBasicTableColumn } from '@elastic/eui'; import { euiStyled } from '../../../../../../../../../observability/public'; import { ProcessListAPIResponse } from '../../../../../../../../common/http_api'; -import { parseProcessList } from './parse_process_list'; import { STATE_NAMES } from './states'; interface Props { - processList: ProcessListAPIResponse; + processSummary: ProcessListAPIResponse['summary']; isLoading: boolean; } @@ -22,18 +21,17 @@ type SummaryColumn = { total: number; } & Record; -export const SummaryTable = ({ processList, isLoading }: Props) => { - const parsedList = parseProcessList(processList); +export const SummaryTable = ({ processSummary, isLoading }: Props) => { const processCount = useMemo( () => [ { - total: isLoading ? -1 : parsedList.length, + total: isLoading ? -1 : processSummary.total, ...mapValues(STATE_NAMES, () => (isLoading ? -1 : 0)), - ...(isLoading ? [] : countBy(parsedList, 'state')), + ...(isLoading ? {} : processSummary), }, ] as SummaryColumn[], - [parsedList, isLoading] + [processSummary, isLoading] ); return ( diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_process_list.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_process_list.ts index 8e0843fe8b278..888c4321a1905 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_process_list.ts +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_process_list.ts @@ -3,20 +3,32 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ +import createContainter from 'constate'; import { fold } from 'fp-ts/lib/Either'; import { identity } from 'fp-ts/lib/function'; import { pipe } from 'fp-ts/lib/pipeable'; -import { useEffect } from 'react'; +import { useEffect, useState } from 'react'; import { ProcessListAPIResponse, ProcessListAPIResponseRT } from '../../../../../common/http_api'; import { throwErrors, createPlainError } from '../../../../../common/runtime_types'; import { useHTTPRequest } from '../../../../hooks/use_http_request'; +import { useSourceContext } from '../../../../containers/source'; + +export interface SortBy { + name: string; + isAscending: boolean; +} export function useProcessList( hostTerm: Record, - indexPattern: string, timefield: string, - to: number + to: number, + sortBy: SortBy, + searchFilter: object ) { + const { createDerivedIndexPattern } = useSourceContext(); + const indexPattern = createDerivedIndexPattern('metrics').title; + + const [inErrorState, setInErrorState] = useState(false); const decodeResponse = (response: any) => { return pipe( ProcessListAPIResponseRT.decode(response), @@ -24,32 +36,52 @@ export function useProcessList( ); }; - const timerange = { - field: timefield, - interval: 'modules', - to, - from: to - 15 * 60 * 1000, // 15 minutes - }; + const parsedSortBy = + sortBy.name === 'runtimeLength' + ? { + ...sortBy, + name: 'startTime', + } + : sortBy; const { error, loading, response, makeRequest } = useHTTPRequest( '/api/metrics/process_list', 'POST', JSON.stringify({ hostTerm, - timerange, + timefield, indexPattern, + to, + sortBy: parsedSortBy, + searchFilter, }), decodeResponse ); + useEffect(() => setInErrorState(true), [error]); + useEffect(() => setInErrorState(false), [loading]); + useEffect(() => { makeRequest(); }, [makeRequest]); return { - error, + error: inErrorState, loading, response, makeRequest, }; } + +function useProcessListParams(props: { + hostTerm: Record; + timefield: string; + to: number; +}) { + const { hostTerm, timefield, to } = props; + const { createDerivedIndexPattern } = useSourceContext(); + const indexPattern = createDerivedIndexPattern('metrics').title; + return { hostTerm, indexPattern, timefield, to }; +} +const ProcessListContext = createContainter(useProcessListParams); +export const [ProcessListContextProvider, useProcessListContext] = ProcessListContext; diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_process_list_row_chart.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_process_list_row_chart.ts new file mode 100644 index 0000000000000..ef638319fd9f4 --- /dev/null +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_process_list_row_chart.ts @@ -0,0 +1,54 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { fold } from 'fp-ts/lib/Either'; +import { identity } from 'fp-ts/lib/function'; +import { pipe } from 'fp-ts/lib/pipeable'; +import { useEffect, useState } from 'react'; +import { + ProcessListAPIChartResponse, + ProcessListAPIChartResponseRT, +} from '../../../../../common/http_api'; +import { throwErrors, createPlainError } from '../../../../../common/runtime_types'; +import { useHTTPRequest } from '../../../../hooks/use_http_request'; +import { useProcessListContext } from './use_process_list'; + +export function useProcessListRowChart(command: string) { + const [inErrorState, setInErrorState] = useState(false); + const decodeResponse = (response: any) => { + return pipe( + ProcessListAPIChartResponseRT.decode(response), + fold(throwErrors(createPlainError), identity) + ); + }; + const { hostTerm, timefield, indexPattern, to } = useProcessListContext(); + + const { error, loading, response, makeRequest } = useHTTPRequest( + '/api/metrics/process_list/chart', + 'POST', + JSON.stringify({ + hostTerm, + timefield, + indexPattern, + to, + command, + }), + decodeResponse + ); + + useEffect(() => setInErrorState(true), [error]); + useEffect(() => setInErrorState(false), [loading]); + + useEffect(() => { + makeRequest(); + }, [makeRequest]); + + return { + error: inErrorState, + loading, + response, + makeRequest, + }; +} diff --git a/x-pack/plugins/infra/server/lib/host_details/common.ts b/x-pack/plugins/infra/server/lib/host_details/common.ts new file mode 100644 index 0000000000000..ddf606e417126 --- /dev/null +++ b/x-pack/plugins/infra/server/lib/host_details/common.ts @@ -0,0 +1,6 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +export const CMDLINE_FIELD = 'system.process.cmdline'; diff --git a/x-pack/plugins/infra/server/lib/host_details/process_list.ts b/x-pack/plugins/infra/server/lib/host_details/process_list.ts index 99e8b2e8f6ab1..e9d35f3601634 100644 --- a/x-pack/plugins/infra/server/lib/host_details/process_list.ts +++ b/x-pack/plugins/infra/server/lib/host_details/process_list.ts @@ -4,61 +4,136 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ProcessListAPIRequest, MetricsAPIRequest } from '../../../common/http_api'; -import { getAllMetricsData } from '../../utils/get_all_metrics_data'; -import { query } from '../metrics'; +import { ProcessListAPIRequest, ProcessListAPIQueryAggregation } from '../../../common/http_api'; import { ESSearchClient } from '../metrics/types'; +import { CMDLINE_FIELD } from './common'; + +const TOP_N = 10; export const getProcessList = async ( - client: ESSearchClient, - { hostTerm, timerange, indexPattern }: ProcessListAPIRequest + search: ESSearchClient, + { hostTerm, timefield, indexPattern, to, sortBy, searchFilter }: ProcessListAPIRequest ) => { - const queryBody = { - timerange, - modules: ['system.cpu', 'system.memory'], - groupBy: ['system.process.cmdline'], - filters: [{ term: hostTerm }], - indexPattern, - limit: 9, - metrics: [ - { - id: 'cpu', - aggregations: { - cpu: { - avg: { - field: 'system.process.cpu.total.norm.pct', + const body = { + size: 0, + query: { + bool: { + filter: [ + { + range: { + [timefield]: { + gte: to - 60 * 1000, // 1 minute + lte: to, + }, }, }, - }, + { + term: hostTerm, + }, + ], }, - { - id: 'memory', - aggregations: { - memory: { - avg: { - field: 'system.process.memory.rss.pct', - }, + }, + aggs: { + summaryEvent: { + filter: { + term: { + 'event.dataset': 'system.process.summary', }, }, - }, - { - id: 'meta', - aggregations: { - meta: { + aggs: { + summary: { top_hits: { size: 1, - sort: [{ [timerange.field]: { order: 'desc' } }], - _source: [ - 'system.process.cpu.start_time', - 'system.process.state', - 'process.pid', - 'user.name', + sort: [ + { + [timefield]: { + order: 'desc', + }, + }, ], + _source: ['system.process.summary'], + }, + }, + }, + }, + processes: { + filter: { + bool: { + must: searchFilter ?? [{ match_all: {} }], + }, + }, + aggs: { + filteredProcs: { + terms: { + field: CMDLINE_FIELD, + size: TOP_N, + order: { + [sortBy.name]: sortBy.isAscending ? 'asc' : 'desc', + }, + }, + aggs: { + cpu: { + avg: { + field: 'system.process.cpu.total.pct', + }, + }, + memory: { + avg: { + field: 'system.process.memory.rss.pct', + }, + }, + startTime: { + max: { + field: 'system.process.cpu.start_time', + }, + }, + meta: { + top_hits: { + size: 1, + sort: [ + { + [timefield]: { + order: 'desc', + }, + }, + ], + _source: ['system.process.state', 'user.name', 'process.pid'], + }, + }, }, }, }, }, - ], - } as MetricsAPIRequest; - return await getAllMetricsData((body: MetricsAPIRequest) => query(client, body), queryBody); + }, + }; + try { + const result = await search<{}, ProcessListAPIQueryAggregation>({ + body, + index: indexPattern, + }); + const { buckets: processListBuckets } = result.aggregations!.processes.filteredProcs; + const processList = processListBuckets.map((bucket) => { + const meta = bucket.meta.hits.hits[0]._source; + + return { + cpu: bucket.cpu.value, + memory: bucket.memory.value, + startTime: Date.parse(bucket.startTime.value_as_string), + pid: meta.process.pid, + state: meta.system.process.state, + user: meta.user.name, + command: bucket.key, + }; + }); + const { + summary, + } = result.aggregations!.summaryEvent.summary.hits.hits[0]._source.system.process; + + return { + processList, + summary, + }; + } catch (e) { + throw e; + } }; diff --git a/x-pack/plugins/infra/server/lib/host_details/process_list_chart.ts b/x-pack/plugins/infra/server/lib/host_details/process_list_chart.ts new file mode 100644 index 0000000000000..11df1937764c8 --- /dev/null +++ b/x-pack/plugins/infra/server/lib/host_details/process_list_chart.ts @@ -0,0 +1,138 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { first } from 'lodash'; +import { + ProcessListAPIChartRequest, + ProcessListAPIChartQueryAggregation, + ProcessListAPIRow, + ProcessListAPIChartResponse, +} from '../../../common/http_api'; +import { ESSearchClient } from '../metrics/types'; +import { CMDLINE_FIELD } from './common'; + +export const getProcessListChart = async ( + search: ESSearchClient, + { hostTerm, timefield, indexPattern, to, command }: ProcessListAPIChartRequest +) => { + const body = { + size: 0, + query: { + bool: { + filter: [ + { + range: { + [timefield]: { + gte: to - 60 * 1000, // 1 minute + lte: to, + }, + }, + }, + { + term: hostTerm, + }, + ], + }, + }, + aggs: { + process: { + filter: { + bool: { + must: [ + { + match: { + [CMDLINE_FIELD]: command, + }, + }, + ], + }, + }, + aggs: { + filteredProc: { + terms: { + field: CMDLINE_FIELD, + size: 1, + }, + aggs: { + timeseries: { + date_histogram: { + field: timefield, + fixed_interval: '1m', + extended_bounds: { + min: to - 60 * 15 * 1000, // 15 minutes, + max: to, + }, + }, + aggs: { + cpu: { + avg: { + field: 'system.process.cpu.total.pct', + }, + }, + memory: { + avg: { + field: 'system.process.memory.rss.pct', + }, + }, + }, + }, + }, + }, + }, + }, + }, + }; + try { + const result = await search<{}, ProcessListAPIChartQueryAggregation>({ + body, + index: indexPattern, + }); + const { buckets } = result.aggregations!.process.filteredProc; + const timeseries = first( + buckets.map((bucket) => + bucket.timeseries.buckets.reduce( + (tsResult, tsBucket) => { + tsResult.cpu.rows.push({ + metric_0: tsBucket.cpu.value, + timestamp: tsBucket.key, + }); + tsResult.memory.rows.push({ + metric_0: tsBucket.memory.value, + timestamp: tsBucket.key, + }); + return tsResult; + }, + { + cpu: { + id: 'cpu', + columns: TS_COLUMNS, + rows: [] as ProcessListAPIRow[], + }, + memory: { + id: 'memory', + columns: TS_COLUMNS, + rows: [] as ProcessListAPIRow[], + }, + } + ) + ) + ); + return timeseries as ProcessListAPIChartResponse; + } catch (e) { + throw e; + } +}; + +const TS_COLUMNS = [ + { + name: 'timestamp', + type: 'date', + }, + { + name: 'metric_0', + type: 'number', + }, +]; diff --git a/x-pack/plugins/infra/server/routes/process_list/index.ts b/x-pack/plugins/infra/server/routes/process_list/index.ts index 9851613255d8d..cf7765737e78b 100644 --- a/x-pack/plugins/infra/server/routes/process_list/index.ts +++ b/x-pack/plugins/infra/server/routes/process_list/index.ts @@ -13,7 +13,13 @@ import { InfraBackendLibs } from '../../lib/infra_types'; import { throwErrors } from '../../../common/runtime_types'; import { createSearchClient } from '../../lib/create_search_client'; import { getProcessList } from '../../lib/host_details/process_list'; -import { ProcessListAPIRequestRT, ProcessListAPIResponseRT } from '../../../common/http_api'; +import { getProcessListChart } from '../../lib/host_details/process_list_chart'; +import { + ProcessListAPIRequestRT, + ProcessListAPIResponseRT, + ProcessListAPIChartRequestRT, + ProcessListAPIChartResponseRT, +} from '../../../common/http_api'; const escapeHatch = schema.object({}, { unknowns: 'allow' }); @@ -47,4 +53,33 @@ export const initProcessListRoute = (libs: InfraBackendLibs) => { } } ); + + framework.registerRoute( + { + method: 'post', + path: '/api/metrics/process_list/chart', + validate: { + body: escapeHatch, + }, + }, + async (requestContext, request, response) => { + try { + const options = pipe( + ProcessListAPIChartRequestRT.decode(request.body), + fold(throwErrors(Boom.badRequest), identity) + ); + + const client = createSearchClient(requestContext, framework); + const processListResponse = await getProcessListChart(client, options); + + return response.ok({ + body: ProcessListAPIChartResponseRT.encode(processListResponse), + }); + } catch (error) { + return response.internalError({ + body: error.message, + }); + } + } + ); }; From 28ea225bef12a9fef72df3626549955683b76737 Mon Sep 17 00:00:00 2001 From: DeDe Morton Date: Mon, 7 Dec 2020 12:54:41 -0800 Subject: [PATCH 10/11] Change link text to say Fleet (#85083) --- docs/fleet/fleet.asciidoc | 4 +--- docs/settings/fleet-settings.asciidoc | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/fleet/fleet.asciidoc b/docs/fleet/fleet.asciidoc index 06b2b96c0035c..aac733ad8468c 100644 --- a/docs/fleet/fleet.asciidoc +++ b/docs/fleet/fleet.asciidoc @@ -17,8 +17,6 @@ Standalone mode requires you to manually configure and manage the agent locally. * An overview of the data ingest in your {es} cluster. * Multiple integrations to collect and transform data. -//TODO: Redo screen capture. - [role="screenshot"] image::fleet/images/fleet-start.png[{fleet} app in {kib}] @@ -26,4 +24,4 @@ image::fleet/images/fleet-start.png[{fleet} app in {kib}] == Get started To get started with {fleet}, refer to the -{ingest-guide}/index.html[Ingest Management Guide]. +{ingest-guide}/index.html[{fleet}] docs. diff --git a/docs/settings/fleet-settings.asciidoc b/docs/settings/fleet-settings.asciidoc index 9c28d28003175..abfd2d3a95bed 100644 --- a/docs/settings/fleet-settings.asciidoc +++ b/docs/settings/fleet-settings.asciidoc @@ -10,7 +10,7 @@ experimental[] You can configure `xpack.fleet` settings in your `kibana.yml`. By default, {fleet} is enabled. To use {fleet}, you also need to configure {kib} and {es} hosts. -See the {ingest-guide}/index.html[Ingest Management] docs for more information. +See the {ingest-guide}/index.html[{fleet}] docs for more information. [[general-fleet-settings-kb]] ==== General {fleet} settings From 1f75d0b79fa5ffda1936c798d3147b27b427f53f Mon Sep 17 00:00:00 2001 From: Dave Snider Date: Mon, 7 Dec 2020 12:59:45 -0800 Subject: [PATCH 11/11] Small fixes to Kibana search bar (#85079) * Small fixes to Kibana search bar * Animate width * tweak for ipad breakpoint Co-authored-by: Ryan Keairns --- .../__snapshots__/search_bar.test.tsx.snap | 2 +- .../public/components/search_bar.scss | 21 +++++++++++ .../public/components/search_bar.tsx | 36 ++++++++++--------- 3 files changed, 42 insertions(+), 17 deletions(-) create mode 100644 x-pack/plugins/global_search_bar/public/components/search_bar.scss diff --git a/x-pack/plugins/global_search_bar/public/components/__snapshots__/search_bar.test.tsx.snap b/x-pack/plugins/global_search_bar/public/components/__snapshots__/search_bar.test.tsx.snap index de45d8ea5dfaf..f5e7a030d59e3 100644 --- a/x-pack/plugins/global_search_bar/public/components/__snapshots__/search_bar.test.tsx.snap +++ b/x-pack/plugins/global_search_bar/public/components/__snapshots__/search_bar.test.tsx.snap @@ -35,7 +35,7 @@ exports[`SearchBar supports keyboard shortcuts 1`] = ` aria-haspopup="listbox" aria-label="Filter options" autocomplete="off" - class="euiFieldSearch euiFieldSearch--fullWidth euiFieldSearch--compressed euiSelectableSearch euiSelectableTemplateSitewide__search" + class="euiFieldSearch euiFieldSearch--fullWidth euiFieldSearch--compressed euiSelectableSearch euiSelectableTemplateSitewide__search kbnSearchBar" data-test-subj="nav-search-input" placeholder="Search Elastic" type="search" diff --git a/x-pack/plugins/global_search_bar/public/components/search_bar.scss b/x-pack/plugins/global_search_bar/public/components/search_bar.scss new file mode 100644 index 0000000000000..eadac85c8be89 --- /dev/null +++ b/x-pack/plugins/global_search_bar/public/components/search_bar.scss @@ -0,0 +1,21 @@ +//TODO add these overrides to EUI so that search behaves the same globally +.kbnSearchBar { + width: 400px; + max-width: 100%; + will-change: width; +} + +@include euiBreakpoint('l', 'xl') { + .kbnSearchBar:focus { + animation: kbnAnimateSearchBar $euiAnimSpeedFast forwards; + } +} + +@keyframes kbnAnimateSearchBar { + from { + width: 400px; + } + to { + width: 600px; + } +} diff --git a/x-pack/plugins/global_search_bar/public/components/search_bar.tsx b/x-pack/plugins/global_search_bar/public/components/search_bar.tsx index db180d027b228..98dfe937d16cb 100644 --- a/x-pack/plugins/global_search_bar/public/components/search_bar.tsx +++ b/x-pack/plugins/global_search_bar/public/components/search_bar.tsx @@ -32,6 +32,7 @@ import { } from '../../../global_search/public'; import { SavedObjectTaggingPluginStart } from '../../../saved_objects_tagging/public'; import { parseSearchParams } from '../search_syntax'; +import './search_bar.scss'; interface Props { globalSearch: GlobalSearchPluginStart['find']; @@ -273,6 +274,7 @@ export function SearchBar({ 'data-test-subj': 'nav-search-input', inputRef: setSearchRef, compressed: true, + className: 'kbnSearchBar', placeholder: i18n.translate('xpack.globalSearchBar.searchBar.placeholder', { defaultMessage: 'Search Elastic', }), @@ -289,16 +291,16 @@ export function SearchBar({ emptyMessage={emptyMessage} noMatchesMessage={emptyMessage} popoverFooter={ - - - -

+ + + +

tag:

- - -

+ + + + +

- - - + + + } /> );