From 68f56b7f33382ce923194ba7c86ebc1068e7c037 Mon Sep 17 00:00:00 2001 From: Ben Alfasi Date: Tue, 7 Jan 2020 11:26:50 +0200 Subject: [PATCH 01/18] 1 --- windows/security/threat-protection/TOC.md | 1 + .../exposed-apis-create-app-partners.md | 231 ++++++++++++++++++ .../microsoft-defender-atp/oldTOC.txt | 1 + 3 files changed, 233 insertions(+) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index a483760fe8..f45b83e421 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -367,6 +367,7 @@ ###### [Hello World](microsoft-defender-atp/api-hello-world.md) ###### [Get access with application context](microsoft-defender-atp/exposed-apis-create-app-webapp.md) ###### [Get access with user context](microsoft-defender-atp/exposed-apis-create-app-nativeapp.md) +###### [Get partner application access](microsoft-defender-atp/exposed-apis-create-app-partners.md) ##### [APIs]() ###### [Supported Microsoft Defender ATP APIs](microsoft-defender-atp/exposed-apis-list.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md new file mode 100644 index 0000000000..f69367a074 --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md @@ -0,0 +1,231 @@ +--- +title: Create an Application to access Microsoft Defender ATP without a user +ms.reviewer: +description: Learn how to design a web app to get programmatic access to Microsoft Defender ATP without a user. +keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: article +--- + +# Create an app to access Microsoft Defender ATP without a user + +**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + +This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user. + +If you need programmatic access Microsoft Defender ATP on behalf of a user, see [Get access with user context](exposed-apis-create-app-nativeapp.md) + +If you are not sure which access you need, see [Get started](apis-intro.md). + +Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate work flows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). + +In general, you’ll need to take the following steps to use the APIs: +- Create an AAD application +- Get an access token using this application +- Use the token to access Microsoft Defender ATP API + +This page explains how to create an AAD application, get an access token to Microsoft Defender ATP and validate the token. + +## Create an app + +1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role. + +2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**. + + ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png) + +3. In the registration form, choose a name for your application and then click **Register**. + +4. Allow your Application to access Microsoft Defender ATP and assign it **'Read all alerts'** permission: + + - On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**. + + - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. + + ![Image of API access and API selection](images/add-permission.png) + + - Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions** + + ![Image of API access and API selection](images/application-permissions.png) + + **Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example! + + For instance, + + - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission + - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission + - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call. + +5. Click **Grant consent** + + - **Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect. + + ![Image of Grant permissions](images/grant-consent.png) + +6. Add a secret to the application. + + - Click **Certificates & secrets**, add description to the secret and click **Add**. + + **Important**: After click Add, **copy the generated secret value**. You won't be able to retrieve after you leave! + + ![Image of create app key](images/webapp-create-key2.png) + +7. Write down your application ID and your tenant ID: + + - On your application page, go to **Overview** and copy the following: + + ![Image of created app id](images/app-and-tenant-ids.png) + +8. **For Microsoft Defender ATP Partners only** - Set your application to be multi-tenanted (available in all tenants after consent) + + This is **required** for 3rd party applications (for example, if you create an application that is intended to run in multiple customers tenant). + + This is **not required** if you create a service that you want to run in your tenant only (i.e. if you create an application for your own usage that will only interact with your own data) + + - Go to **Authentication** > Add https://portal.azure.com as **Redirect URI**. + + - On the bottom of the page, under **Supported account types**, mark **Accounts in any organizational directory** + + - Application consent for your multi-tenant Application: + + You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with Microsoft Defender ATP application on behalf of your customer. + + You (or your customer if you are writing a 3rd party application) need to click the consent link and approve your application. The consent should be done with a user who has admin privileges in the active directory. + + Consent link is of the form: + + ``` + https://login.microsoftonline.com/common/oauth2/authorize?prompt=consent&client_id=00000000-0000-0000-0000-000000000000&response_type=code&sso_reload=true + ``` + + where 00000000-0000-0000-0000-000000000000 should be replaced with your Application ID + + +- **Done!** You have successfully registered an application! +- See examples below for token acquisition and validation. + +## Get an access token examples: + +For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds) + +### Using PowerShell + +``` +# That code gets the App Context Token and save it to a file named "Latest-token.txt" under the current directory +# Paste below your Tenant ID, App ID and App Secret (App key). + +$tenantId = '' ### Paste your tenant ID here +$appId = '' ### Paste your Application ID here +$appSecret = '' ### Paste your Application key here + +$resourceAppIdUri = 'https://api.securitycenter.windows.com' +$oAuthUri = "https://login.windows.net/$TenantId/oauth2/token" +$authBody = [Ordered] @{ + resource = "$resourceAppIdUri" + client_id = "$appId" + client_secret = "$appSecret" + grant_type = 'client_credentials' +} +$authResponse = Invoke-RestMethod -Method Post -Uri $oAuthUri -Body $authBody -ErrorAction Stop +$token = $authResponse.access_token +Out-File -FilePath "./Latest-token.txt" -InputObject $token +return $token +``` + +### Using C#: + +>The below code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8 + +- Create a new Console Application +- Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/) +- Add the below using + + ``` + using Microsoft.IdentityModel.Clients.ActiveDirectory; + ``` + +- Copy/Paste the below code in your application (do not forget to update the 3 variables: ```tenantId, appId, appSecret```) + + ``` + string tenantId = "00000000-0000-0000-0000-000000000000"; // Paste your own tenant ID here + string appId = "11111111-1111-1111-1111-111111111111"; // Paste your own app ID here + string appSecret = "22222222-2222-2222-2222-222222222222"; // Paste your own app secret here for a test, and then store it in a safe place! + + const string authority = "https://login.windows.net"; + const string wdatpResourceId = "https://api.securitycenter.windows.com"; + + AuthenticationContext auth = new AuthenticationContext($"{authority}/{tenantId}/"); + ClientCredential clientCredential = new ClientCredential(appId, appSecret); + AuthenticationResult authenticationResult = auth.AcquireTokenAsync(wdatpResourceId, clientCredential).GetAwaiter().GetResult(); + string token = authenticationResult.AccessToken; + ``` + + +### Using Python + +Refer to [Get token using Python](run-advanced-query-sample-python.md#get-token) + +### Using Curl + +> [!NOTE] +> The below procedure supposed Curl for Windows is already installed on your computer + +- Open a command window +- Set CLIENT_ID to your Azure application ID +- Set CLIENT_SECRET to your Azure application secret +- Set TENANT_ID to the Azure tenant ID of the customer that wants to use your application to access Microsoft Defender ATP application +- Run the below command: + +``` +curl -i -X POST -H "Content-Type:application/x-www-form-urlencoded" -d "grant_type=client_credentials" -d "client_id=%CLIENT_ID%" -d "scope=https://securitycenter.onmicrosoft.com/windowsatpservice/.default" -d "client_secret=%CLIENT_SECRET%" "https://login.microsoftonline.com/%TENANT_ID%/oauth2/v2.0/token" -k +``` + +You will get an answer of the form: + +``` +{"token_type":"Bearer","expires_in":3599,"ext_expires_in":0,"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIn aWReH7P0s0tjTBX8wGWqJUdDA"} +``` + +## Validate the token + +Sanity check to make sure you got a correct token: +- Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it +- Validate you get a 'roles' claim with the desired permissions +- In the screen shot below you can see a decoded token acquired from an Application with permissions to all of Microsoft Defender ATP's roles: + +![Image of token validation](images/webapp-decoded-token.png) + +## Use the token to access Microsoft Defender ATP API + +- Choose the API you want to use, for more information, see [Supported Microsoft Defender ATP APIs](exposed-apis-list.md) +- Set the Authorization header in the Http request you send to "Bearer {token}" (Bearer is the Authorization scheme) +- The Expiration time of the token is 1 hour (you can send more then one request with the same token) + +- Example of sending a request to get a list of alerts **using C#** + ``` + var httpClient = new HttpClient(); + + var request = new HttpRequestMessage(HttpMethod.Get, "https://api.securitycenter.windows.com/api/alerts"); + + request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token); + + var response = httpClient.SendAsync(request).GetAwaiter().GetResult(); + + // Do something useful with the response + ``` + +## Related topics +- [Supported Microsoft Defender ATP APIs](exposed-apis-list.md) +- [Access Microsoft Defender ATP on behalf of a user](exposed-apis-create-app-nativeapp.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt index c4263e9958..a603fac035 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt +++ b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt @@ -341,6 +341,7 @@ ###### [Hello World](api-hello-world.md) ###### [Get access with application context](exposed-apis-create-app-webapp.md) ###### [Get access with user context](exposed-apis-create-app-nativeapp.md) +###### [Get partner application access](microsoft-defender-atp/exposed-apis-create-app-partners.md) ##### [APIs]() ###### [Supported Microsoft Defender ATP APIs](exposed-apis-list.md) From 4c10a7daf19ab6c3bf27165fd7876d9923497cd5 Mon Sep 17 00:00:00 2001 From: Ben Alfasi Date: Tue, 7 Jan 2020 13:43:08 +0200 Subject: [PATCH 02/18] 2 --- .../api-microsoft-flow.md | 2 +- .../exposed-apis-create-app-partners.md | 34 +++++++++++------- .../images/atp-api-new-app-partner.png | Bin 0 -> 51136 bytes 3 files changed, 22 insertions(+), 14 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/atp-api-new-app-partner.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md b/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md index 03274e47b8..c27bcf9d6b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md +++ b/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md @@ -17,7 +17,7 @@ ms.collection: M365-security-compliance ms.topic: article --- -# Microsoft Defender ATP Flow connector +# Microsoft Power Automate (formerly Microsoft Flow), and Azure Functions **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md index f69367a074..a21d54b88a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md @@ -17,36 +17,44 @@ ms.collection: M365-security-compliance ms.topic: article --- -# Create an app to access Microsoft Defender ATP without a user +# Partner access through Microsoft Defender ATP APIs **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) -This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user. - -If you need programmatic access Microsoft Defender ATP on behalf of a user, see [Get access with user context](exposed-apis-create-app-nativeapp.md) - -If you are not sure which access you need, see [Get started](apis-intro.md). +This page describes how to create an AAD application to get programmatic access to Microsoft Defender ATP on behalf of your customers. Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate work flows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). In general, you’ll need to take the following steps to use the APIs: -- Create an AAD application -- Get an access token using this application -- Use the token to access Microsoft Defender ATP API +- Create a **multi-tenant** AAD application. +- Get authorized(consent) by your customer administrator for your application to access Microsoft Defender ATP resources it needs. +- Get an access token using this application. +- Use the token to access Microsoft Defender ATP API. This page explains how to create an AAD application, get an access token to Microsoft Defender ATP and validate the token. +
To call Microsoft Defender ATP API on behalf of your customer, you must register an application to acquire an access token from the Microsoft identity platform. +
When calling the Microsoft Defender ATP APIs, each request from your application will contain your application identifier and the customer tenant you are calling on behalf of, more details below. +
**To become an official partner of Microsoft Defender ATP and appear in our partner page, you will provide us with your application identifier.** -## Create an app +## Create the multi-tenant app -1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role. +1. Log on to your [Azure tenant](https://portal.azure.com) with user that has **Global Administrator** role. 2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**. ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png) -3. In the registration form, choose a name for your application and then click **Register**. +3. In the registration form: + + ![Image of Microsoft Azure partner application registration](images/atp-azure-new-app2.png) + + -Choose a name for your application. + + -Supported account types - accounts in any organizational directory. + + -Redirect URI - type: Web, URI: https://portal.azure.com 4. Allow your Application to access Microsoft Defender ATP and assign it **'Read all alerts'** permission: @@ -82,7 +90,7 @@ This page explains how to create an AAD application, get an access token to Micr ![Image of create app key](images/webapp-create-key2.png) -7. Write down your application ID and your tenant ID: +7. Write down your application ID: - On your application page, go to **Overview** and copy the following: diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/atp-api-new-app-partner.png b/windows/security/threat-protection/microsoft-defender-atp/images/atp-api-new-app-partner.png new file mode 100644 index 0000000000000000000000000000000000000000..ffb7163ee0b2508d81554d66ece3004410b33dd6 GIT binary patch literal 51136 zcmd43c~lcw+%|~XNH+-BDxe_X(kg<03W9(T5fxC`2}oF?BC_v<$dW`ww1q}g1QcZ7 z2?3EMBmp8Ipdf@jKoX*2*a88=ntdw$zVFPL_m6MBIp55gsdG3*Ds^vFZr$JZJkPCX z_O_O?(#p~j5)!i3R+k+mBz9Z`{%-%i6FAbJMi~Tl+aet;FG*DQADjn1{N`(JV=f_4 zn<~SZ{TuP zQn^OH)yqojcp=YpG1QcFL61R(*LeTH)4ud`m|n#SQ3uV?CD7Dg)4cq<+9wAnnA z*YB}GFXrg>)brw#`~n&$?x~P}Os9gX7shLgcymRm(&l#Ot+pmE6L$b7Tyz@4xEqr1 zaM%p+5(Ntfy3_v6`1Z%W0eCysA#?#h4mPsT<1l7FPxnN>_i4cmC??AH9vbnxQ| z<(2=sfif%wQ?!Wj1l067#iSWcDeQA)dmAFBp&m22v4JUsn9nXDX*GzGphjW& zJ1P3cbHZYNe~4&_^0V9EU1@YYHEy|u#hJ~66S<=`9%vT~+q-T)#c(Q&C|C-mg(6o~ zM2PYCw^{EZ`@`wnF)V*`68|Gfiw`aNL*im&SthaJX5BrT(c{@cKU^>nhUF7;`z`Y8 zz5Mb$D3|Jp3wJJd2c+Kz&mh^eS6G{((R$6ky(etf(x23)U%=2sgk^+bRO$xnLB1om z?x_-oNHnQOi?j@z-+%3M=lVBDD2H_T{~7r3P%O% z{S?kZE_ZQ$!Cpjr%F{){P1<$cmY-87kzkx&WI@S*hD$9DjG3MdwYg2jql~aCX()pK zauxhK8R@kjv^q;_bv8^|I<)jB)8o%RkM|6H`qzu+7#df~JY|Y##c;r@n0c zpL?omO@(xpYJ9A6$iWW{yusotqinB$^5kGnx2p@j&7=Vhi~{0sEoObf%rHNkcy7#| z_3O69CW}U+gc6qs6AS7dUiE%2<9>B2d6!|BZT-P2Jo`+hTc-b+)8b9Pp$$5FN_@FktM%%`DVdPMteC_x8_nh$E8))DqPiYSdm^tI`b`{7p_ zmNTCJd)bl$J(!u*;drnc(d{H03_F*S*&AznkJ82&Cg>YfIIERk@;J(WXbEIejtV8mWlp|SWdnEBCRNeiS-H0 z+w_~zqGuhax}d(KB=`CnC9r=Xb^IXzjSz-tmGj8At z0rgA5v&P0i5Zmv~w%qB+QyP4rz)Ah(5q4&F6-mf@eJC>)| z!+y<;SKbic-w5*R#g+<&(Rurj*!aNTGyRz_qRapKU7Dm45Uh6k)&s!KHu;+hS}sk8 zEuNfj`P=8)$A>Hoc1rUGnxtGt?>FNG!I>B=w>p$-gR)Fj^L*oycP?kAp!D`YzBwxu z#V=wGm0UmkZRmcsjTf?RX2z#=T$rohS@4{5~IJUN~E z-T1Y;;;w(UlrvTh5}$PnZzmpO#Ti*RGR|)j+h>_j50<-)S@Zi;_sDtMkTp0qs!S9U zez^R8#}pb_#+&Jx_da3ZK%xe0xHDB+!Y7StGOt-sdFP$uPa<^V#!bLT1QpHAXo{EN9Ke;KtkHO3+?^A1I4YiXxf zl#X)I>!dpWpS&0hJyIYEzqw|ds*{kdC|+Qyz1rHGM~iNzyWS$@>^|GP0L1vAuTFR zWHUb(Q!3b?)V%*kB%q7dd*9O=gql(UvwL6n1AWbMB8Ec40Y}75WLAB=I^AIA(x`a? zRxo@4PJ?CY>ZR00{9Rh6c;UL8PhoI5Y*^pF_t8V~R#3aMVowM|No66xv5*w9pdXFn2(6GlQ`#_K4B{mfXHC5KXAd^|H3ZLj-9+k)PEz}dk;QkR7d zo1<=^Ss;94#PF0Gb8LpaGSqH|$c_FgX=2xkyG>Q;HH(yD4RqDe6Czy+bR-s?XSb@( zQD5S3F}-fGZ0U901-opgFbNbCuMsKeV9bM541cZL@jt-(Wx1`Z88{+`P6*yON2CU< z&g>K@3e=txmO{1o22K;el-_8>IM-t5b;nUM^vM$c;CHg*miJZf`<~voPs+R!rJOR1 zSD*5A5_zI9)F5T;<&Pd0D@YKsh+3VZ8;T$aNK$PsJ0~}KNP)?Q&YufA{=~5x{gan; z&-EB=y7tya=>u^F>pJ;iY_|?{RTxjymZo?xb9vuD%o^FjW&hLz!775%^+^N6Q*MG# za?Egz;&UZ|%lwOtt%3Zc_xQGovzVUsbXTwW*!2a57h)ZZVomsDdh(;Pu9B4IafiVl z<2G4KWy7IdwBobVo`ZBX)7U0?v#pO9D6w^N`MW;X#=KV^xw3g+&I*j*&G>Sg>LQky(MUl!nj|~5?p1CFb48y9bX3K^X=OQAW($M zq2lGjbu8QdZE#(mf!T{%`nn;%3MT9Z2^~IXcc~(`z6x^2H};qlS?p}mm>!37$wn_JuBE<%emb}jP@vCOyV7Zdu~4Z@^Q z>)K_!-cKy_jz*dup7{R1bbo@>B$Wpg_JPe_l($7k!LV`8V8)`0(N&*akd@&)%vvq z)+c*yHJMKQ8In~yRD*t!+sYd)Ln2U-R<1;k6xRp8IxkFSj1KP_9=HHMNJezjU3vLo zbT`dKx&1<7$J@A2ukjgq{`>AH`bUSGTlmlrpXwXVUR<-&N*5|m>3h)|_;amf-{g$M z_$y?~-np^Xdz^s3uWR|E2J0cV=a-&v0!z~yt2$zW?w^#wj>2YghVp)s8M&x}XVlH&n?h6mw)LjVpZ_L7JSEGm8rv1v@_Si|T-H^8 zce7E*UE-Blr`EI~$7HLf_-vgJ&TZpCy21@E>WlFf4OvH$ey|py(!v@>)|pf8tbA)T zQ>Wo!tL8}pMNgM4PugVr+UwNDU;aw8v2}q=EYGLH=N21?VIN*1sCz@Je_6bFE{hX^weQ8zw0x01$>ENwXBC^)0@9Tyv|c#%~90^-ZDDE+%1Bfi@OerGzqCbR6Y|rh$tI> z!GjJ8uJryxUekO0CO#CCmjUlA@T9%x zfy&1wT>{E~ZoM~8U;6Xt)h*x4r#|E63X|i*{*=pTZ0H}~El`sSXc=sleq4=Ts2ukn zar`BYCzBtlaWl$!HBIxu_J;~s_qx?l&3Trz=GN7m<$cIhEoPIs=irER2`BwI{#mDu zZ^D=>#yy;P(hlufGqn)vN_gKJ5Qg#QQ+ zC*@v^1NK@=ANu#PDalp7M-&BW8M1ZN6*cdm`Xpr+o|J@K;O6q6x4C!dyje}5XmbOy zd0A)oA1FJM@`y4Wm9b+dmIe&ePrr*09T8O}rI3A7>hi4=e86TT#NFEEu3~>yUPF(R zi83m<`fQL-7#(C59vbhVC&9KbyU!=(22*8qPr*@kbF32c-Vru^>%IlU)b-|QuN{4L zz7u$M3TBi>{I3$-M|%-ot*sv7a1Eeri7=dcro*oZeu|H8m{AUP}ch!bTcL z4aOSB;0y#mxmSh})2pR|Uzup#D+f#hck&%xa?i$FPM}QhD3oz@vlB(8pVpQw>4D^R z#OUXgVjrxwO~fi7*5{WZw^|Clug>rE51h-oUiOX^mae9LCvP+&YOdfZUL~Zd4Ib`f zpMUtBS3>TeTp*WNnCZ)&B{G)3cAiL3sCAOyz4`6^cj#U0L*ZtMQ}B@MxR zj-Nhoy<3Bb;I36P_5(p6Uss*yIbHu%oM=q)H;njdnNwfi>dA24`*+Ux+!Ako0SQ5V zQa#Uj4u#XbY7rua*~tDp6}PSUzCYbLvl^4BS<|f>pgO+iFOyUzOX~^lkIFviB0=-X z-sej!+ty`7-t#AI*p}=CIV`@uJVI$B(az-Nt>L&x7=mJdhCJXiT!Xj85ElubCz|pW zXj=zk%h9d*^=&U8fCAiN#|&*W*%ID!I5n%B)SA z8|R#`Zs?kk-(A)`rxku%AoP51KVi1kJNzHdJrpP6kdxK#uWlC+9vyD!p*%{O15EdO zWUb&Bq!A)qc{rLU|3y&a;)5ZlKJ}@fFT%B<=Fd0ws>&PG2)z2wc&{$hJTi5kYD2|$ z3y>==i62fGjLdBPool&vs8w?_6(np5O|(Z3kXtv-f!>989cYcfB#A_PlBg*(ep&_D ztVt`&iH023=Aq3ong$|9CX}VqvgW9McM;F5MjFE?L+p`j#Ub9@km09ond7rz_MK49 zhvqpS$xg_P8&Uk1mTL0}^6t@F*$3}`dx$h$&+fVG<87YwBtg#jvtZ>ZXpKk@?^aD* z-!=S9PO~E{XZ^;D?dFmNo`h)aVjl{4e%>Z5*6d4TV%K$#*sM)Bk>`2G>;^UTzY3Kt z<`7XNSgzDXae8$&u~n#_`}}?O?Zm9#*#dD3{d-tt9DtMpiaNze zR*7K?LpWo(4LI_#tDDF$799`+P6n~RT@>%nCP@4a>@MD00WJe=`>>B1ABU%j`(0;Vb}Ri(Z{2 zg$|(Nu2G=8hZ|DjZd?<7y9lR-Kdt%gsYR-qDb)_eb;90id&GBMpDuW+#uoix0x8|> zSPe8!J-O>c1mhZfp`r{AL{D*fav0QzL~Km>vf5>I*LZC$n^W29GQeG(3K&q#_iBm7 ziRX~Ks&Q19ch^7R-D+`FL_H|fIC^m|deZ*{mKIIH)gaf=oZ8NowV~@FTPxq4Gnj4S zsg7MAb0_4$rzT(vBLF}a!spRN(RQZmuTAEQ)2ILzl&8+5W)k^6#2ZUeT=6v*0|q4K zwx(0zPNg?~b<~l}n6@B66kYms_>WJqOu2KnK1yr?rFsX}pyJ58F7H&+8Kj6u=Vj~| z!2swO=OcWw-amx5ge9e7R3^QEvMZGUR7i-^ck5{lf(CUz6fj&Dqt8w1UCa*p@XX}L z-$(hgKsGvLDl7h?C2%D3P?bBjUj&AqhoziF0e#a%Jd}t8hYqhKsPjLzuzR#dA6~X2cKTHlZ&oXNkMSQ2YX~!ii)cS?>x6J zciYg}l%8dv?yPo^>sb!0X_-OkHpuljF~=~7n9m;{?hr)93UB=I>dKFZ1MWv);4GYO zEPKo}@$EmDXK8~L%siA*^Bc%C0!A}GT3K5HQhO(n0MxJ^l*VA%HmQU5bGaK|^+-(s z22Dk*v`MjiLA!s_&Qx-ARc&# zn=~wPtwWuu!-x4tDHm5ZJVEK`&jgu4nwd_FLC8|L|5BVj_$EKlOHc_OCf ztzl?x%^JF}CSFtHJTRANz+Jz~J2C|rA&cy4{&38a)55GK#K!<|^aar9PR*xz{GTUS z0Gzz>Fhi58>DzMo5cjyLL7n9IfJJh-{85sDR z0ZPDxA|@8!cgUH&&p8*ELEkK-`~eKT&CTjpWsqFqNcJClk8k;`EsUZU@)P9P31+jJ z0x&M=-Y7`Ku>*Nlvpv_LqID=3_pLNwePI;&u6d%#u!IsDSAKi>cF9Ybh__@ML5=cZ%9d5=w=tL>np#5Km z7OlNz0Uij_;5S&vAFr(Btj@Y3nC|pSV*ubln{j@oRT@RkIIlCwHJYx6Yw%k?lF=B; zcO};|T^O3*IH4*(HMvNRt5-~kD8#>VSH!kQ>L`p*jO1r zHzynKFwqy7a0kxM?HZt|#=XFpXBmvrlmq~ z!gCYWd3w?-nInj|SMyqw_5EH@02d{|ThI3AAh7SjXqVCZJ~;e_pc}=v6lO=7u$qb} z0M1TB*R(D~JoH2c`7hwN`c0O%)?Jjtd)%Jtd&U2{LbMI=2gVFGJsj(wU8!}?3Ueg` zlulw1mRTT6?7!nyy;JtV$gvwFmvXJlN4sI(PML;9*P1m;lxr?(7|%`o+0p|UuINpB zRQy7-MEYKm!$AH=%T+WbZR&Dqh)=STZol21cD>HnlPyi=p|!~~OFxozt25LkkKgVz zel`ZBHC|0sTS_>FDat*QR8$?RcxzaM269r^(bVU(B~63D1mZTC{De-3%#WnN8AVIDZz zF!z_Fiu9U6yDOSy@{oD1z;Y$99W9ckj^AEXKUi%za#;=d!Z(v9&q0QexT2=rx z`LU~{ZO5UyULC@g4s^k>wE71AXbq~^kydluF4tp8{eyGKS}2N_jhc4t&CnJ^RTc|5 zB$N*I3mJ;Q_5|)}xpnd3D~Rog^!jR^h)R5HP9qeyrD<-J0xX`{=|PqD5$Qi&_@n2v z;)~oM3unu!BOxaOjRuo%iTRZwv4Q2*`Pmr72+dLiI=IAlRpBv7a-+ z<20MK7=!))TvJ;tXo7*UnoBZ1xt2%Q0Ssy z$}76oICUfX=Sxd27Bye6p2M})VS`5DI~-6zKwzl8&n z&`%8rvwOge-~#X!7ZO9`@ACl8Mk}^XqpHO%eiyElfjH#D%yZpDz=a7CRtm@dX4Vj= zh&pcDQiK>K@EwKS^G0v)0FEURfD$yJgRU}PVPwx)t&d}!*GU;3QG-{6=Z2+`i|eFV z^M~x{@!L;1vk&x%kX=B^2j#G07>*JJN%%(^4fwgvU696BvVvrKtZIFalXkH5o^&V> z0-xvB;AXM{sX)+X^m;KWmhxvy3TcyTjyr9NzO5%|Rj-hoD&qGwy|y5koqRJAQJ>Oa zy7pnmVB}SQvUyvrmk;Ka8^x#n@gL8$%>!&4vtktpc)Y*qh;lLOCD-uHzOD3yb|Be) zFjIB~{9H5kc4qa=HPNjS);A_j4IEM=zk2j7ex+ilX6(%w@2-9LpPddyT3Z9xwf9Ad zlkUEUKXR`IZ>zi>YkOJSoQv);YLf>JKPbO1%{yZr20%26i^ zujdiwJ zcN^+Vr7ZM{BJ84UL97-OYE%|7G?B^_GEn$#V_j=g))ETQsmlHSWG!~4%haQ*$xyTo z-h`@$ScN{V;SbwP9T7C)MBFSBc84~S!`;6;=>R zyt&~d)Z~x=AcZ;MaR@{U0XID~GF^(A?8#w=TY^Hqk;%AUsvuia*4uS$nt!iBF&5gp z&YG0F?vxrAfY5@^e2|@29f-)`A)clJhwdN(4ez)~fmrz&fi$pcMv2odkvL(VI z_C)Z9NkJhkX=FOYZFo!&&3LjVj7tNvsL@(Zsf3umQWjjxaD5ut{N)6zY{?9G5>H06 z@wItD`{4oEcGMM{;Z#C2%mluEB3RI*XXweW4Xr!7-V~0juO^k8JR0FI+gtKBnwpM- zHJ!xju z@Ec|?Obi%goOeVRYy5@@YZe#TmVk?V#5aKJoIeG(wK8G7qc&Nxr;(W|aH|8;{XIE6 zHB!zFpCA?$ev5VRO*GXmVwQR$a@GrH4DY9b;4B*x)*2Ou3}C&}B{TZhc{BYS|8Chn zPw!Gj^|=Udma^UPw+i z{1a};Shx`x0Xu;Mx%w`oqfJUw4bQu}#vOI_O#{s?1W;xdg8aKxv(V7i9JFswhx@5$ zQzE-&WLmC2CC(5Oa;+LUq3ucn2IQkh&X&M~c2oEYy%#mBVuDu$8)-x8!*C#>7)+2D z-+z)-AR`tB{U5l*|B~PN|7+vHux$g26a6_zd}JVb#_|(k`nicmvZ6MhUM?1(IN6z= z+b|T5h(?KUN4{@vc(tYctQmg*XNGu3VCu|nP=|3P*H`y`QZbFK&o%-4383eakQnh2 zNL}QynA9q_{uK3P>dJSOE>lr+WR7w0)% zcBYTAf_wZOcgw%+kz~kFu{Gz+FEinmHykLHc_EPiIXC@vZGKqL^d;?tQmKQXv82lw zP3NGJG>V*GFYZhqD!W(0GdwZU;;HebU^#TFIwbs9)Z+M{=l$=A#|Z5<*#>0C)ieGQMJ=+Q7u7Sc$pz`8=tOS04h>*`2?MiIRc$DXxhcHkgVAh8L zu(&%1Kreq2XTKNq#!hb=5DAx`REG_cj%mC(aQ3d%V0Bo6lzenc?0OF>GDIZU+-&=2 zyON&Yz#%x^>*I@}j|-pn+Wn(i_Q0~&L1xH8-t?zfmqD%sYk^WS3Ysshk2ncUfX;zn zetUa9#Que2rIyDyI2h1!0Ql1S++YWGd#6J(@Z9P=m#13Lu!kx}5qFVdO`b%bLz?`9 zBv@kIEULXaU}2A|5_fHWddK0C19Ck8wgmK9@kQ$59nbIL3KlzGnmyBPEb@5n5k29P zSRDW>a4NG60TgP9YhuJM=wQ|riND4aY_-j=K1_o6j5r<*_!AG{TY}k1dvw|(9Y8+d zU>o{sntoiIMP$|7+biMb+VsNfM%a+`35DEIBjMIG&A%)sL(~vme@fC^`orRZLoL=i z@!!SgKbR>ICo7u)*5ZpjNJ;;ZdvAFAzX)T)6^Z{LM)?1tISrO?8=&GMX#i3@3rxFd z{+pRA95Vnb@dV6*3QW9J?_sf(P%FxE7XV3Lrn(d8wVk#lN}H7alk5Q?m1fH-TA1uc ze?*W<35K2Qq(mvz(NH(mfyF1WvtQ3%(;q>qgR2%BsuOm~YF0&hYh{q}_VjtO%l-bO zfQ1+-34O%6vP8wBqU1N4X@llUwKJ^RZnelAJ9mWvQ&t#?dkzxbhYQxp1hE*ddxZF0 z)kKkvzu({CYQS0a0-3UGSmG=jaLix z^+_i_H0WTD(MDmr;CBGRtsqNSDI5ex?K@O{DQ2;@8!tA5<;vfJcQpb4C;vpyDFB+8 zHHIy`7Co7{gfRq!d=aznB5jeo><=tiOlD?XOFkr#A9C)Q?}JjCY!|-+NmH=lO-IaC zWp!a`@)!WWx;Cwr(SHotDc6w1#!q|sighR;Yp?D3Hu)@DZK>O_2K{p(ch?MULVLlv zqf375pI;K^+hId%S)>_q)a~4&wd|52_PJ{(7N?4d0^X)>F`7QjepO#}8mfGXlx3DB z3d41E1-fOVhPmAq>fhWv-CNX{))lCnQWt!SZu5pT7kYJC4q$oV9kPa75}(-W=>d4I14wcMy`Q^L`EUF;~_bi<{bcgeyO+oIV?#LnJ{-j>?AE-K??q?LQ<0l2z$mV&$s0-&@4JM;+Pqjy- zU)A_}{eHjZv3GX8BhiBqKc2UoMh&hHowHaCyzLS}@yezWS*CG~aZ3$k zY0PDSx|1B$dB?R;Dh6CvI;Lv_IQ<#s$Qk1;TJS=#PFCoEhFls zC!n!BYzp(n15Qv-56RFO8so0lQl`AuvEo4g_<;Ue(vJ$poSg4BO{^!Uom3=K}Rbp2XhxnP!K--SLDIU!LyBX#y~A8H$c^4ZHR3mpvl)dax5c-M6IdY<+cb zrm2DHg2$MwIJ$hiZb~8#;d=Udb2=y^=2N6Al!1mN52~v z`dmw|nLBUHTdWf-e-Bp}TC2O)7XehZaRm(Ek;1?mS(Y)Az}WKjdx#rXQtXW7t(y2@ z>M2e^yvN;586|v8x`Q?4`m3J8A=rSy@1zr&d10-7xFn3_WTeaMjER!#N}$xCbnCR^ zooaD|e1F11^DTx5!2Nj_D8fR7HRhrlYNSU2F98lr$NHhW*ZW_0-rWEK| zwRWlt5aKPNoJy{yr|2tnzF_^V@xXlu3*YBC5LGKyPsy~U=*$6B$!6XaqFae|x*Q?! zO%&N>ewV6oJtTGp@L+5u_v_0acgR;c{Q0{0!+l1&E5FGTP8$`CHd`zF@WVYDS{y90 z6jGG-)mIQQGyYVVxxy@F|Gq=HC@FELL++AXv*b}1mS)2H87KMpV8?Vyk7qlq)|& z-X?N(buMAUuch172JfG-@Sl6m`R9NhfAcSEUc?a6{zevC0sJ9YwL$*mi)7Z*SEbB5 zp6M-*2sVba5mnfTgOI?k`JfT4_Cmkc(3(>AF4DU;($3LK(^E=P?z@egV6<^BWh{J_ z8qx3O0LgT+HR?n)Mp*6XgRUJsclYy)_RvDXHvow~iB|`rS=n(w05-S1an!|~K@4sp zR42cNh1$b2PFq=9DAntcE(}Azw(H0jN+*_JNY)BkC1)aMZlK8asE*{jR`By3YnSKe zb?#IoxjEOLTAR?6D=9`ixiaqwL|UO-E&Cu`YC^*lyj56_Treo)DA>>IRF>ZV zzKgWe*G;dss6c4UzeDQ}{nUF7Nj+tgZgD1{<%54iGr$a*jm7}nUbw&GHv88siG?3` zX-BFkmvB+ovy%+-bPaHSM}6SxJx%cbsHaYFne+@ibU*D%)zTFM<#!6`xymE^b?oxe zG@nX4NBKGrdmz?FpLyo5#nrc$@yi)k;jo5&$R=PMzZ+l!`((f3u!HvGgZB+IdaE`>)k`g)&WPX55~y z(1M=fntC8>RUkkL;+iJ=pi1&^H4*h%bH`YNWdgUD*{)u4?Uha?0G}k=)(STnju-bd z4wW;X%@OcEk4g6~0CrXjPfwe(tr@~rdt|vPygsjK2wQDBasR$+9<00RjUW8HDX8$H zRs979Xj0*-!e8lSG#nV4?+QhXq7-3?ke1j6)NUd*0=W@YxUFE+l9I1&}gxk2EG?m#sbFSEDp4Fu3#I;G^u5GBzaD{V7=cjjp zh(jhz^}}r9*gkD6K#Uq~Jjd(Ij3KUZ9DKe&uB`DtKUGK0p`2RNMSjW8*d>a;gM0LI zdR$1_2f(q;Mh>SdZ;Bsfq>&YhpB@T(sM0Akz)siu-5a?7a6O+u6l17d)PFI__1^1HuV!?$S66NC& z$<|IA-0Cr@bX=*EupuQmN2&)L#49#6bctY9M5)$;00HWfR1d*4;dsyWAtS>jBdu%m z6oUaAXi@Ee=|&-EIRD$}XSrC-u{+WdeytE^#@wZRmp}E@H^%+~Yc6DII##ZM9sf+J zB*h*wx~S;l7v2I{43kk8Y@8`Ex6jqvSxO#+NLGDscgLvwfcb4D=&59Av zzDY?K*#360@8USvCP8!GLeJo9-G2OPAgwxplJr|~i6SPY0*p2qOgX@t-L7A}%LV%?aTN|z;zbdsW=EurE2r=fHW9g*maLO{aLGM2&5f zP!hZY#omj()5+$)!58VH?hidXm*M7qZF#_g$Xrz$+Jr)pICmlvffTRid2sCpf~g4a z968FS|J#?C4K@Y1z|luJ0PQ^>SoxVoyO-TSO06&<-9U7$vuNFYS?AFG3IDD}$_{CM zc1wKk<=)arwVcRw6JKJF%Gs>T5+il9jUhbM#?6P%$~*7&Eu0Gh2y)H(vBgHF4$?mG z<+H}Bxti9%<{2lMp&YpI3&|H_nsxOd>D$qryyav?#5Yk=-zrd`Ze<+ogST;Jm4;lE zA+0-mNxiznMUJQQOV-4sbL!AddBI2c@_Q8*aEaB4vnAAEu8Dvk#Pt z@!_DLQ(FgOzByyRkPUiMwV`P-J2iqN9hoHagq@sUMJSU=AZqX4WNV>T6Kgh?> zqFSmWe$J}Ie|mE7tjv9&?l2)^L!rc~7c+0UYr`QwK3OBpB=x4d=`Td1IQLLor|kaI z1EOg9r)MFHVDI=tdyD~D1s{L8J9+z?2Id%k9);*HtEI3A1WE|t;Lwr7rFM}ZGe)-% zF0M||2<*pe4E>p&Gpq%4&BpvL_3#W`^y!QL*0afO*Gp$Wqt32vsrqjvK0_W>6E^Ud zm?VHaV4+l^R@#I$8ur&HFpMXmkH24TTL-UH@x#xlRU`v)JL69 z!84W`DIvl-b~DeAIPVp=eojOyr{tC;^iHbC1BI=~Qfh~oJgS$Jp`PZYv|ylmm@*3092C7wN!ZFq3=!I6N6wWOg| zL>v~-Mki@tCJ36|ahh^94gjqzk zxs;43`^+DFFA|2#p!H~MMpOdu3@@%ma;LCOl~mO2-OglSASxuv1IgO7kK1<0Y)d-j z)?5tHO48g4o~-{Oc?DS4HRP19XR34y5&HSXrEmF%?hJi;_DuU)Nk*CCTMPl#i$eF~ z+gms@?wm6!kJPnE_>U>XU!{CqhKdpUNZu1!K;K|ha78Q|@(VfjJD1ZzXtKNq1<(F_ zVU24vyrNEg4MgkOc%ltP4=BhrFOZAoM;`67-1dCCyyU^#11mqB>~H{4t1vX6cX7kx z#f*btE8ElCo=t(+ONmThs%j06SuTn&We6)xiEXBk>&rpJ$AtHSCq z=|}(M`Z}UBFm@#)LwY}|>d+1M5<@?W4JS)W(tQ0-zEyJNJ4J0s6E%-t&emo&S_p@g zjGH%~h)iNj}}eU&4AAB zZI!H^+Hpwy&40M_1hK>jaOW6F@gPfNZHGJ%@9*yUZyK=w3=2iJ{}BKrY*cm4#V5Y_ z|ByQRZ=vdcE(-pasO|sN#v^}=l~p@sm4AxFeybcMt0*DHud0ECf{6tvkk9+r6$ND;>$4(G&>W}XO64Jue5~#fFb9M)zM(wJRIO=frbz8 zF3a0qXnqjazhW#QaI_MPtcv{KF;4M>eZVCj(!SW6sSDS;_w_RhZ4DOy8aHR4)Wh@N zWNGi*X#NTSr-J&ibX&~z!w7OdCkckFTT3f-@T!0JYr0!016Ytl#sNz(a3`Hgn;!0v z;)dT&ev*;>I`=V6Vx0$oT5RH9$uoM@u)jQ9WpBGp#y%!Kjd>nz^G`+@GWB^~@NH(< zT9CVcOJVOI{SM<^{Xs$Xynf42{P#qqJ9%jzd@4^Zt~ST4@}cgnY&CF@%6#M-(ffnI z&wC#(p5@-%&&Arms1xtPE~O+z;rXBT1KzadYEX z;TBJJg^MNkBAuS;a)+Y$PUGVFYp_u#NeGP($Qal7`)9RCjW-xJZ4cQ23ef`atzlr< zvdGlB9{o+oTV7TKkR+|SjF6kh7w(;pnzI+VZo3S~IV;l>$D9(_L2c;_>s5{MI6&S= z1F#rocgbiClo&ueIJ)PkKLnTL5G(DxzU!@|40O(6jR^-s3a*HqJ;6#11?%m zw?ETJ84kV8>;}Scw&?YZ-d3^X&8v#%42S}0vW8UqtrkEH+nQLhC!q6v)aaG3udlf> z2_!S#Czl`RY9KCn_;Rj#-NV+v_?x-@QS(D3U5yo55F)UYTk+9ZNid+>LuYI@F|@Yo zZq<$$IDRbtF!~{2Z$4mI`Tl|LB|dBH#se@Kg5kVvu(Im?HLM_zTAx^cfU3#tsF>VPjJr3hLn*@Wpst#v@Ram4LFAJE&clvf89?0r`BZs zDtu8%*Xx}q<3{?Ari_1HZ2zOdxFWGTLv?B4xUy2P=`{5r0$tA!D*LM{`Le_#m$DDxi7)BrI7d?>W}R~H{EyLO=qh`TbhfvU5C+LtPWQV-~L zx!$*^jAEL@(62RBP3P2>W=b*-J(edjuk5_j>)-?Fl`nJfah-0Tz4oJ=@*0LYI~IH+ zMs9~B2FtEwfnzg1dr2SSx>qKer$;x~--OrCU8o#KAG@q;ZtwPYMvWnPz6O%|nxs|T z)Gj&>v6CHRXq~dtf~R18lcMPe_$GgqL;%!wohZAs<@4bT#S{4cuI*GywU|#*6_Cvr zUXOOS9=yaX7ku2Pb);A^3}e_o`8R>{hI|5>-=380Vx_r29S z0qWd2Txx^f02YCo2^4Hl1Ljg-Q$Tbhgl9(sCM$&N1&oxp-x}6XWgIPDYmX`%uJR-_ z1^`UixuML{H5s7nsjk4kd$R@in5D3!j4M|Dk5~N!MKQ8vgS&MMA;Q6!jtf_2&kbI< zyoy;Kj0(oNm=%&TY|oqZu=m+GajYic`k0=sp;Y&)wZYB-DBx}{u9n4m$sh(+b=vl=gKMN7!v-0=+cF}KW?a_8g)7U|aE%_XAU`qEh_)i5$ z@XD_LVIBDYL~#A*_yGyAaGV9G`aYu)z5@DpRX`vvmXG(RR@nNK7StwEY*GIiri?`` zjm|p(Muv@YFbd8rMkJmE5-1e{P*47N^tLJK7r^{5>pxJb>C*QLb(&W$f%K1w{Tu<9 z*`EKt(V%B9?SyzmVkxk6R&=DL$@{c*aL>)&^8j@exL7y&9N?EVc8NKQ-)?5PP{wB* zlnqp80SmWRUoe%J6srgUskb}kh#uf|{+)wxI>HcmU4W#FViO?rEc?-O_CZ&X#MSN? zvAkUz5WR_~14cAl!C=PIz-nAq%KkHjSM!S_F9Qlo>EYmpQI~(&Qz-C&7Ou8PU2KWl z+&}@ZkYI``hgJb!O8}PS4r_bjM^c?SyEX0Z0p+DoE^O_2?PK_}BH|VQ7`#^SFf*in zuDU5jW?4Uwzx8WcruR9aC|Dm;aspThwnxV>w%a5m-fF&_%EB{s$iRyv0^rL)taJH{ z)xN$qQR&DIfCQ_Pjn_ar5$JfSxy+gUQDtGYw04=OT zwi+N^kr4Mrj9pW%a(l!FANNUXpWyZjkA3bj3J^!|yNbfYSFa5jpGdKrjQ+m%9sjsj zt{39`T$A+js3jiYkqWL(wZr5x)ic6t*DR!C_q~62|Hm^H0Ce}HreFc5jRycHTo_-4 z#@~P8ewdK5^Sco+Jo!2!aT3Kn=yA{QO-ZjHk6fxf+OS6eq(|FxlaH$cFeG72WW8K+jY6@l^BhL7g~& zVHU<2Isa+~r03GTIYyDC%Z~e0^IpTXonlM@othvvK=tm%;sgs=Zm(69{HVaM#LNGr zO$lZm5U-sf*LrvJYoG)C+c+v9%uB4#(1o(p5Ni&A7MsMOH?&kY{g4)AKjzqTPUfe` z?7GAVk+DIqs~7~mQLj1shre0Fk@9nGGvM993Na3yQ0*670niWzux}@Si#W{iWajJZ zW7y?OcZVx4h;tqkkV)yMJc4B#QlUwh$f2z;ikn%6w!0z$J;L-N!yf^r#zGdP|+ThgEy8*>$f}xzz|UG2mza44nt(SM4eBhi!VS z=0^0KM80F_?!zuNB}MKjsmM2{aWB<0vy((^Ga zzygw#7=^ILKyvlntlKyZj99MtZ*{CL5n%cgctML!kk%io1^)ZKRu+0x{i8`!w03?g zKU^387$aY~MOg+C41)Xz@LPHR95sMi4Pc^|>Hx}I5${)d!Fgx6K53x9LS{7pb;g?c z4p?hijF{LkB^=KGb~FSvbY>sc*1z~>}T}l zA2&~{${L8R^Acd4h0$+VO;aZK;8JB6+VNn?uT0Nqw}LpQ@gsX2-xsnR zGExCwbwPC9MstTG*m~%-gJ)23xnFG0(~X*@i&f*se$7Zj%?@CRYUz}Yrgtw9zx1{k zrsJX*@V2)8^$An0viMI+cG9o=FRb1GdDh3d8@=i|9?X@FZdchatq28h{Q$~g4_(Yt z$n+_{e}?oPMIivkwq9bs{SaXotz%QTT*)sV{r=WB_gA`$q_zKCe|Y^JNL70=z0mpL z$bFg{R_7wjhFQk4#K%=j=Sd#<-to;~JZB4Em{bng>ud`k<**c%Rppz?P7CehkXH76 zAbv7XnE#Et_l|0^3)?-hASxmj5Csub6bQ{ik**@WcL)YlLO(p6mE}5YhmKXmK;Lrpi@aoIF-uR{-c@N#9QPd7gM_oSaw}kuXdx#C91}i! zZQ^AW9ngf_O~Z}Yyb7kD??)FzqLB*~lX2mLrE&buhhBdY?>8ze-@7VTR1(Jt67-6L z;zu3#=9KTJ!&)=tZE@kJG!-n1)lCc*3!@XED!-5cL!0M~X3gJSDYtO!tHfF07U1X~ z_?`Cqu(x3)i5WGKpD^z9hFlGZLQ=+hQlF?9#=~|UA6{DGOmy{G`qr+=axbybB07m7 zRWx_yav6KqH0E>(99^TBKqiQ{?z}1@@Fl{{@*sChi*pV502U&AN4Q=>@^Ckb65MSH$-92j z>b9U=+y%7ji*v||Q_t*WB2kU|W;<(7Noj+cgI(Er(*Ko9Y`Tl3o8u%9gG-}`H7|+W zg-4145=(o{)H~wrb%%+`@I#v=8o+x{9WTb0(g_&@tBIgLJ|7iiq_g8?y`0I8_%`KW z6&TB6@I3e36f^!YdeE61cV{&;^QM80AoF+70nJ@Y`%BeqWg5`liba(E1G;p zIwKdES1ghhtG*{)BB5(N5Ix~a~l@;)tvJ!=BmnnlViCv^P>G$XGop* z+Yzvf!Afs-SGda0^ejx%!n0~?Z+VQ>1(g_2%OgKIy3?jPzx8++p2#)xyZNBMzL@_j zb)a=Ex=v7n>2k=4kfW3gu}2sF_L;aKgFkk3k4K8m$rIO(5P*t4-72u!#M?#UG`%0* zTF6**o#6<0{BvF;6;!FijfQ zX1#POzY_%7`ijg*$+Ve_UQe?*H7cLw!Io;BzV&7LCf|;Zv#2TsMM;PxCK+?h`UpkK z6w~%Qe6h>Cste<~u!~=DZOg&F^)cCEYX{f&ZqAJyA3T+BLm*s{%wSWIeHbuuU2Zlwjg)}U7Y6~)*p((=8 z`7~R=5hw>aBdskz`q7$bq)lX7JW#nJy(wi{3a(e`BL6iWvctfbM|U-uHv zyJWNE@b}e>&4c=VlD5lkE;|i{NU`Nij2mU}lIah!f0M96Q|jL;`0P4;;a)G0uUn#p z`e%@s%Gj2Lb3N>5Bbje5l&(^>rL_Z}&NTdvO!Zj_GOEy?t@!LX41jS;ff=vN+&5kf zsd?3|Gt9$=%M?7dj!s=nJWt7euLx6S%H9+A8Pb%TmAs*CKK{RDHS;oC8O{F8`{% zE%JPXWHZ*}H>jARjCA>@>_8$iksPD$EFtS*r4O%u z>vLx-ay@kmS*HjA!5i@ zrt&8-tJx?vLlJ)GHk*^e`g~J0Z#bgr4e$=th)v5|rJxBEH24>o+Gs$zu=Tkq?KVZw z&dp>N5@K3ZVxLlyShJK9paO00SqRV{CI-|iZOf@VT#?nD4>>AHJfTo;gD<{8e|z4A zc)aLH;gS;N_hI+io<>nvfk5%i+9rTN)8A4FLu=TV;BE~s;hm}idlx?9rW{E~#5iFl zSa(s=cOpb-0l%LNWVDI=p6cGMOuvMh%E@ZOC9{x1lq@LwsgH^*o*TJrKnp_(98R=Y z9=aSjS~IjM{jDfT{m$Bb?al=v2#gIng!O3Xiz)d7c68Zf-X4?zj4BQ8adE|jhQE4J=-?g&q zJ|U6;l54H8+O%>WQqU7<;nnr!A0e!kl}><0<9C%`IKvqXfzqwbD6Dk#(@}NN!tlTcORcA-UMK{E;XK@kcOn zL#!#6qor;2d<86qLUHOJhRvJZqIRBTkZ>oV5r(}pCBc0hJ#O2xR&V4!h^0q_n9#j< zL?+?ghSi*I-4410@0F{H>6JIH}NJT_UQ+Q!nQxzU3i^H@TjGi=EaaJdl#MY zlewIAS4}}`;tGt>4EGSNl-Hw|wpF9VqOII63Ojs~mZaPnxze#v+3DG_&ygE8(h?hD zt3e86%;nodAvu0sd~gYbkY+~iv0X87)mLsrz&+A=fkVY^$z)VbP@M`NuJMoM zb|tFbQrYW$^9x~5B$!piJ{%+-S0@SM^ znK#|r83i-hpWeilLePo%Oz#%xk#NZfpA24=7v-8glihaJ zLAASOreT9AH;S@5CsWb{?R)?O_UXsO+)Pu-&AyIn^!TYW)I;Q-#)2lc6DH+RIXBvE z1*t$jVRh}d2oM?|W)`ICpR=j8RU1eUuQDW!q7>U&zwqi4qZMjDDOl4SaNGt_7)#+f zWi0J`Cek*LM*|`B)}zIoUTTCzosG6CdL#Q_1ED=HBzLkOlZs4GY`3PlT)X-OGP$Dh zs-b8B&$I)%;W}!`z@2|qM&koFz$FBDjjNS(n|Hs@?QPk~^O8weKgqY(6qYuhn8E2& zspKjSE!tOMuNugy+%5`*_JnB79`6n!#}gK?T!wh03N3tJQJ<$%!6iZT;9&LBorhDM zVKz&@!e@~FL)UMi*V?fqJ~$f(uS}biz*_q8_ig!)jMWl1MJ zpYeBuON#-)$$e|&`K@aoZ`ax|$1lgO7rBZXxn*vi*68fDa`Ym7_t%HRUC3K-6|25G zdDE2;>|(_VVkH0H16w8NhS$iak!qZLuu-4dBc{4= zU3&|F2mr`z=V=q>K;$%bXT53N-|h4I~;^5&vF z@#Sk~SKPH~7lbwh~8&6O=N)hd;`S%gpU_>**&C4q3ci~Uk8E+%fw533?^V$r=XET_TMubAvyuJ5-?(6sW-8v^Yw?1UEu!qaT0aRG$xDwu8 zb|=Dn(^3A@-{jb5^Y=ens#dB0E#7fin^T9y+vV)J%6ZTo4?gkC<$oW)`41wC9-jE& zuiF4*(>-E=;XrTeD3>>TW+%sRByRmb;kKZ*j_f{_w;L!{6GT37`h$I(GWxLzyz*G4 z`&4OQ+&38Go;-9u@)*b|q7k#}KHtfr14S_+L;kPXiJTs6_s-qobnteJxRwB>mvpXZ zd$yqm+y6XMQpJY0wfM1{hfXP~ZKNn~;5HbiVG95w{do8c*UorU%n>fc#z+wJRlQnG z2BTM6`}~+shT|Oa!R@yX>2(0a1LO__&=kI?wP^CKAF$}6enSDErro)xVyZq=Gv@Og zB2l#D$0v?4D-)^cz?F;iac5F`7zD(+`@@Ec5U15ipK7#rSb%Tn0YD0&^YksPj4V+uv3Ri`lrp+~`@!*7&^+S!IX_)vP3c3zQ3G5w|sz zR1h=M8-afF__h4hhRpRftAKGU?u(`^?=KeY%#Jds6&xCG)?eG91PTK@iLtV8%jaD7 z$1lJ@h9-;!l16}gpS_xwtF>TfcEQf6dRt%S4K82+%}oh!&22-t8mPIz*+>%83Q^F( z7ynWJPzE32bbs$KTix!*t_fW@_`w+r?9~Y5B?<`v5;%Sb{6~ z0TZ$+2E)1B7i6DQ9fyhiE_T?i6$6OkYw=Sd514bHzz8_}05r@g15RjvpZXS2wamgG z5MzN&%cq4zj20Xr-2HQ8JE$j{pG{r=4Js9&q=$e6Sw+eXV}ruQesE^4O?F{9-Hy+D z zTA))BL1lDi<-Ht}<4YE^QiC>Nec&&^v6MYNm0Bd{)H}2U4RuJm{Z^k4F;x-N%(&g& zQ#sC7c4(L++od-oQ(eGeG7KPSWi*XlsK)r5f#y&G&2aQm@80$qZ1TOIt)b-1FLNmMf;K2#t3IzAm!k$08ynbujT)wxgO_}8cz?w>y`WS@-)xZ!w{C@g+f!P< zo-zVl0qo4K({d_E7lI%EplQ(F#S`TBf@=q~?v!nx+5^4qIFji{zEqhWc=E4b5TCP< zH;Vv&F0w&ev^1(A%8K_l5+E#g)m|A_?xlijN((D=R<;XliEY3C(6b)TRvJam*Kcj$ z38NFB$&g!SDsglB_wksdK~t4j1+NWkIbEK#epSuHT0kJ}e$&1ZP~mQoLhZMjXDe^Y z@Ek=W%iaSTyXBn|5}2INl4*qH!D`qrYhoe)SOY**eBKkz^;qw~MQd4eUE1418Mm5!Rn<-0}lr&9oI35N>YSKmf*uuab z*?T~LWwzFe>o4NSe&9x7F^yGTHTL{hzeHXdfLRv*Rx#1u_8P>adbig{pUu zsd~WPO%v2lM|Zt860`>NWFziT`HoTF%<)#?7^L5$=<5wgH zC-nK^F+wStLBx6if>9Rj6Iqp0%&kg|B!h~dBrJG?`&f0lCyF)xRWg6>PQm1KPMp@l zB5PCLz5&8BGIk`%(WZRS_K2xiQdK!3kAZjd3VU<^;X;GmuNs@Jsss2qa(zIbl-RpD z6~rY!rOlA$HeGBr{jIFd?8=|q_th@KP%+x&1BYz$AS0saUl_61&gK43cgECQ zGJxp64j8jj9jfN-I(;75kjtLEVkKh{Ahv@`(Sj>C?5E9kr#V!x?jO}*fM z@)ny6FY#;q{?HTv5kV0yGKLXT3OM2$FHO{K*cxDVRt)qn_G; z23{PNw;!+kU?_On_I|Tbr=et;&6n2;zN5a{zr%Ftg8OCih+m2>;rEA~lr!G(8t+nA z`TFmlvf$1b-U;mzh>@+Z0j-M6J0p6S#tUm@w{&QU0S9hi9jAeVwnbj2_>NefejA9~%rX=Ti{46Tq& z_tz_r6gc^yRvU8dVXpVZpoLhqRUjx;>C-g;7UpH@`(UqspkaOc6Q9cm5Qm0aREo>s z-J<0)x)p1c1|F*Vh`p^Y1kx=7oG_eET%9IrfhdoXg?g8SCbh_ipK zsWSXVjSj}wzc3{f9&9i^fheKO1K{gh6`KAnA7+48PWe1j@%d#qH$}Hv{>EIB-9Fwk zj96UXd4}I$j}1`s-4gYd##tc3@d+fAFZ;U0Su@p&c5csod)qKk81>-hp~LtZ__htf z*!Bpc#uHor?}Q4Po6l*R1essiF(_wD-OzP*oQhYIne?Ptt}a|M(^ zmAg6_8CqEVm@pZGuHB+zk}Ubga-*lViU3%BOSDR z^R&W}Bid9~u==-rV0qGGiD74)gdXXl?cYKfclRx}tw6x`Oima7i-kjk(vfM4bM#`Q zdeLCgry^K?wnGnIho1IXZ#3r*N94Jyt#m|VlXJhH0f}T(~1aEZ#Y6X&0 zLhG8f_fXX6%xqc_$yRv0Zf+ryu+LFQ2^G>E{K@t{Bx`@fdgF*%!I?MJ+y=$$1m-uK z>{3}31Zw2+H2nO-<0`Svy*TwY<@$A^Q@YI#zObTa5V7F)bbQ4gO&tqa1m<=4!H%OL z9`y+*MNEk~r-r6q`s>pU97?T9SXrJ~w}0O`T&ffUNjK~o_oz$XVa07K7+e+psp_7` zyChMece;gsn(m$6F8{>lwB%h}7q6hU%*_NoSNBg}N@g7niw4f|&84%?`BxQ$4P=O2-$h2VH^Nu`vBN9d z6bsJ8Hu^pq$KUPQl+kcMFI}|>xjjAfTeZqUb$b5J^q!YV*Q`{JZQ+PU;z27q9TPdcc&xk#RN)c`Ti<~D1agZNQ zVG~dwPx19}%P)OaRj+aL+NOoxAAG3wB`AOiAw1~U-puSurhN|Cj$Iv{>(Y{3gWn|@ zmzEs2vZwqpS&Q3^bBZG#5cIluwKpGulfN=&XM;Oabk$yAPXR;OzCDX5Bs~+QMS7YS z$FSG#dk?k87jczc^z4?upEb)nP!l;_0=yK};J8sr92gl}YI>^J#RdiH5~!O0R<%$r zKr|3OHi+PI9Q^SgHaJ&My@HZ6{sd}_8|0J}#emivfA0TYaDD}?-wiZtV4mmw&vcY9 zo_hw+aszwwP5u3+J5Y;Loy$E#vFa;+fI;C00?cvr#&&s@H0RecR|Nb)g$)uf)Y`aY zIe##drJj!A4FHp%=6Nj!3dl2Q{{6=+JHE4B&DC zmF-TbNgaS$wV2lVWN$1!<)3Qhyr-))VGS-dc9{-ESIA`oxG7iJZzh}{j0dgK+ZE9K zCR_f0!%ti`dO&cm-+hfT7OOQi)b}y&5#8w_@ocOHIYtDqiS_{Q^YSjw;0*?gnS0dy zcNo1XO0b>6Z?4v(U25l&ILHx)UF@V&rhwMF8YXhaXXuKDSh@e_pFF32Z*+6CVYGzx z+rqkuzUA7y+WlRIBGG=GUt1Kb{3};zlt436^}VoEm7@Q3Jw&C0Xw@dYh#J^ zEvl@a+kpV77YL?BeTy^HS5G$6GDS7d?#?}GSu5H4-&ff@8~=TkJrFOcKC+!7XaYMl zx3Lo;`1(JK>^g|txJ7F8)Q_{V_kj*u>-GJ;Tc`;`kXJxBWx*E+#ij>LAe6@JR=uU0 zy+dw?Ix-flQ#W`2Y5U%oLSEL{XyJe|nWp(BVBB5iTM;Xm_P+Mih=4}s!DKX-pHhQLvsUFK7omW%#}lJmLi zn4%nDHwReY_PEXPGfvT8nxk%zALte-YrXohOv?U#U&k|&@WnA>zHZSxH06RRU-R?y z3E-;h8I4_;Y!W?-En3QH=a)8(PJc~~JDP|8xKJ>Q5~977OqXIiU-9tobr>_LVaJnu z7UV*Vbt=8(CizvUHxb`cKIaWCG`~O4u0fPj%;*q7@;k-m@l6vxE{G;qFD%uwxBNbA zZEV05oo5}_*PT5@t4^(uT)n18a+zaXrfVg1O?uC)ppRes_+v~bM=Eu_Ee>@0n4D?rRuG9FSrD)B~i^qw~*UG zNRHdjw+WHg2zZC>+gA17#lNCNlgC&3f}L1iHS=Q+H&;37x)@=U;q6p|nyvAR!g8gl z$dfJuE5@#au)yUf0dMkVnnJ;7pBiPv@Y?)3jK!bd>xVySGFtnw4IH6$U%JKH#0qBw zj19Pq1j47I+cO}-z$G7pFEA$i0l%CeTJyqqaKv=36t)oFJe%VtvURLO=YdHCD~4%4 z9{en*3Sl!i{nKwnL5{ir8NXB|iZYSzYU!j1H$94Mj9{6i=mRhB)&m!6_twP~T+yAb zhF1x zIfBk-6BHay{dy;SN^;$lmiY+2+2sFtYTsgfAndwiT0jCP&9_+xEm>h);}LtejoKwT zUCkU{d0qCc*$r3c4LGm)*W_}DW9MLv!d9S{w~h{7!qJTYO?Cuewg>E%&LghLkqCj=L< z0VBq?K*BRv^dyi6O1F`fPvf>29_T(xok#1!5*j-=Qas0G%EuZ-5So0HHvv{?v?*eq z4gxsyS`QE+K??bfqwMK^g62I)}SXNop0Pzy-Gla{S&z;H)_6srJJzh-!<4Ed7(wHIJ@cuvHyeNhGdbNsE;+DF3gd{StIeM%gHjQwxS#nhobM#<}g>aPRvYmF!Ev;mS69qD{Q;q$xSbiFRv5UL*2N4J%4#*-90zK08!4Z#eihKIsIKG=PV0c)3WoQ9&2=*b3{)c=g8EYU6yn z#o+Fo)F(VA?_bT*I-b5uF>cCM7(RH;Xm*Z`4MMqE!6RY0&8`OYQngG>)z%ydV_ajx zo833k9Lvw`lJgxAO;s=kAn& zgeKb^Uqmyc7k{C&HF@wP|1Nm~xo}%3hv6q^#``WH6BjOG=NE9xAw4l}GIrzIxOiW1 zL{n6u*Z*6hKm`9^G~ zAcP*@c^dL?BndmSR?f)v>rvIgtB$XjseMoWkEY7Fng5sS?`GjqdX6-H9aongi0+n*rrj>M`SKEmwNPhara{gmt^(zhAFuC3QmK z0T9olYo}IDKeR+kidy?lf4_kVcVpLaWllDNg0Yus;V~3 zEi7Bg&cj_^RiFq+-8i0{ zg^H5LEhVq@W_7z}p&3u4S59EEb|wJqNrj$Q%*>t$?iY4r!-QX-BN!^e?qIp>TpU2D zbr2;i)gVHm?#hk(;!cm03LL;KJGEY|F_#f#@C=J7nl)-_xkZuaog{YchZSE@NkbL) zzbhtDCOhnBrIqKVrHqBJ+F`h4S@=PIWj@H#j3ESG=i#c?>eCyN`sr!eacs`ggonE& z)qwJLkb8{z43p!qu4d_UxiaNdG^MI{{RHgzF9~Sz^`c#^2X{&b{=xi~5NM^+zS;-& znO=BFwtyN2*qie>Kd{I*RmZ(U^#!Di*}VT|+>VMZ(M9&ExS=-0(<6>o;=k#uzS^e&n{X9PnJkxtsf`#UA!f9S%1M-IM}8r>HV z-fwmfeJ0??_s{zvvkzco9$RP)a(JwEg4q|l8UGRR?V)PybfmslrTgQcs!DXv!~0R~Z>#9E}{ zd+gHe>+g9(-zz};dVy!Jm!hp-&<{mdf$~!cxcg7XYbtzNX7V9=uLA|`z5}R z>QR?ckO_WWZ{Y-&+De5v<|OEZ&&lXj?el22Ek60Wz`H-j;A3OnAnQyAY|5|yo@y1? z88)t|y5+j+x5h8vTt9a*_(IGMVn|`S?ImwK#0w_B?tGOSe7!uV&C+w*K#f0FG$T;N zwh5Ww@$i*cm`>;~AsffIu?sOIGrg|u9{-eZ0&uO+8nHQw{cdt~<@u=5X{VQq! zKNxnoV2JOuW$kkn#ol7$#1*lspHgLZ?I8~|Uma!I_k^gWh+*-JQjxg8Z_4L@Ly&LO zT};Jitd31s=tx!XVgUB_+wG)p5WYaGifif-fog~gqQ}P<6+p6WQQd#|&v52|Tg$;) zq^HGv#Ye3W(lF879-|vrZ=Nax7)x$or-0Sl*^>4QF}DANp|e}o(l7b&8)AwFr1>bC zycvz%?v%pFj_{QWd@{R3U z0fxVk3e)k$OhaZs74=37!)09cvSA^^eqW=)6hwaRvY3!f{~(Lx02(cm*EX_kPgOP+ z&WB(VASoF6`~-ii2S;^iMIxfZ{1Cab43`x1={}=Q^E~;Ii`bRYcns`;b9eKm@AO_Q z)~{lJP8um&MWZSB`fw0gs+x1(l4Fzai(veba{A@W`?s;0vue^1<0^@lo$%YYGQE=0 zV-9zCDM;^yL+i`Lzv+yI<_(zAlpfVSZZjP`!`G9fo7RPJgeWkc4hu!&jgQbw0no-Z z*DESE`u;<>W>rHrZEmz=6N1bbKmn=;TqfQwQz*#=`!NUxJcAw}OyUbuL;DiOpj$1v zKKio*^{FF4(_}Pvl|NiR<`^#U6|ivrL?57>wg@v;;-CAsS7$B(Z{3LOmlvg}G$iH3 zcu`=Lj}SA8O+l#mLTxO{()wu0Ku$@@0o$zZgGhR&=tTr?yaQ|2=OiZL)Q`R=zy>Pi zVfFo7`O~pHdokDc*O1I{A53>d|5&i=Yytg7d8MtHTBefuP{(zMqrUa*x`0fMRi*sd zPBjwLD>CiY>;I-dm$rM7)14#h8c5!t^u&-Xyly^tub?ONO4a|~MpVE_*e%p}Z@_8w zmsF6$+q#P%5E2cmZXoXU6c*LCOA3BK91``%#L1uO3CJeDE0yp*VV$DpBSDe2ckU+_ z@%Sihz8G)bjNU_zV)_sGXc84X#Nhp&IxWyAOkjr*8sie6G&cF)ORyR#JrWqpmtoC| z@!ygUM8XYpy&x&_`U509A0XN}L#_M4fgtmc` zo|?V`T9z+6M3!joSupSKSJ1a5h;>!gP>?EkffTWX&dIyAmWeLn_&ummMUn!kl4j+b zwL@En<^0vb!cls9RByfhoxhh9@u0Bx30!WG?pY*tP$Ll7p(J3EIz9fuDUUqA2eX@} zdc=GD33=AeDE|*crgVl{pwf)L2k7Q3PNT5-epSn|)$;2iXukJJ`M>ir(%QX)L6YN7 ztJubp&43zVBvg=+Z%e4V|I;7?EGSe({GO0%+U(7u&CDKK!~^vwTYaQ$&?Lff0At(u zO84#gZCtF{!V9*FViITlC9>bQg`2Wz5bzcds<`v7}&FL zo!fxs?xLve-AKeP7IfyTl`0=g+cmdvoM-MjtWQaJ;t|$W9~^%_V~Evya7`r_YgK|W z#=m|deGh!crPtf+%#CGQa;+1RosfzvTgg-X*%Ip^VxZ*J-$0BpjC8QCoJddmh z6Y8#LGxw?Yf=sU;i+U!!pwxc}`O9Hj83%X( zW5D;h@?52!VXB}3+EE}SG4)pa&t%V)zTG(HY0rb^bAHy+N?)IEGU%=+JRGV`m*1IM z4Mr35cq7J&dmCN0ulK5_@K;km8>^@+-O`#yDWZpy`vt$xP;GE=i?#Or(Tyl<^3MxN{EM~thebF@~Zz{nYd}#4@kk5rKexGLY zpyi4WAD6myWhn{GcKLfj_Wnn+_Jk>fOO5e_|7NsH12fV$Z1akCwVJ8__g*p9z*$oQ z3+sP`lqStrrS-jXU_v0&o)^=zRQ*U!^5s;yqT;il%@H1YNcsesf3UO*<74BsNd~h3 zsm-*=Mrni-HTMtawI-ARgDCt3&Sn0moeR0u^ethS-?t=XrJVH0!d;v3%(XhOb&QqH zzh^?@&u33>QvSqXESvf5y7{!}ZY+MQ?Hspip! zX|ESsUuY$8lUQARaZ5p)Id0a)ZE8s4yw}VpJ2Nr#ZN_@s!=i3tR#v;4f5>BTTqSjL z4vgI*sIASXK4KVaeRxA!vfkF5Yucr}dhPLnUp>Q!k#R5N6we>L7#N$I7Ya4LydJU= znX!KB`p3_|>($r)_}!qIZu(gIgtFgy4KB1Z^+|+PsycxcC9)uvy51!U4f)PvZ=^H1 zIudxa@nCi6N~#pqNPpHb{w_SKZGwd!WOY$gHauhAmjxxpdQ<;+AyZde{G;s;|4n}x z0>R2kH*D%RV?SO*xbJ%Qhn9k6i316G8Z}pxxn5db&Em?EKgn)YAXd#*K)nS{MhM)h z^kQMJi(8vy$Tg&I{~Wzn`=h{kr1WPa;tPRX{#ciOD6bGMc%`IMZaZo|@DJX)&3*{7 z{AIMiq(ir2^TB5QWud$OzW7)0;zl|jjM(9&PlA8_u6m zXX>4KROmS7{TZPj5g!c|sXdA+yP+>{@BY0{j%*oE!1vVrLUWm3Xl*H1A*zrco34NvGGHNU3`UL^R66$&c)9=80wkD;=K&`t}_(thMqG?bL$H^UO+78<~s=-j-Y zb?e?-cY0_o7~OlR5R)eW2uQOshiZZS@=-$$+|y!Jm1g+FcRz+fXdv7?!z>^IM| zXaJv4@G+S)4Q~oG|1-g$rDo3ftl|40dPM?F-z(ZJpQVN0MPxUEAqyb`SGZ5M3=&6A)o{3dJ&-Y z>ym9#V!JGau{9s@b2|V|$$sP~b z56)D+K@MvT0A1L}Z`fMt;n-a%O6{T`uEe_dy_|y^;EbLI(*kAxrX&kWdUlH2&Lzt^ zC2dz8jeL*YNw5AC6(8rSOV!8#yCi@y3MY*}7r6-l zHN5aoRWC5mbj?QBMZIMA>=E(xhX(jijxP8Rj65uo9F+A_HeFe^yicoWS0cylBPGz>=K zdM|Mf(Vo}hwWuIts}23==pMBdi43mU~Oy_w>a>W^HR)0NF6Y7n-+I#R)zni9$=86d$+g{+~8xdi0#DW?ik%+<*roJF{sC^y!Dyyw?4@ zGzrDWFn&prP;IAlVi^N)qmZ9po!EL<`K=#^r3(I#uq=8PevUgIyxprdPaAh%dkQJ{ zq?8#|L5cvcDG)$AN(Ly>-jui6VWBZeF_nE*cV!JM>`U%DdcrTZnF9gNE8uLAPfJ^Y z6;w!5KleSKbd80V!*P>>2;&_$3Pw3EK3MBNE!-Y$b=3{_Q{W`TKvr)SHPd~1n?qwO zDEUbGApN-Z*ZcNIx@%yp`qwyAiFt-r!-6*@&08v;JNKmL_)Gbs24V$9rtsB!J=ml` zw})8wishj^aSlkSz$QmySFX4YtaFJS$^2cEKzhVl5T@j0XT!>imGV#SmtWF|LgAxx z*mVHW&7`2I9dU)Ppy|aod5m~I zq`y5Yr!B|bLu~0BLO1VUJN?CmRq(Fqs_CKt{fK?%LR2}*a!~*E zy@y_@1*CV?oC|TN-vb1UYj9Fd;@L>E{oyvgRnvaXfXCkSbZNbaP(3SmYlV~>wC{Ri zQjYxn{eH4?-0I{0S9{nqJ|IlG>2pkcRyBEso}sgU4`AM;yLYKHzZzn`M{p zVf@zlSXT0hXI&14iu}P9l+%$XtsWeHI$%i?sQxh2Se3KzqG5PA7v?M->>EBXLUsT= z_pjiEIuo_=oGAODelVaFV_fBt$+9krc6QT5j@Eek+?LUO^1MDl4S^=)>3w`N_AWo! zO=>Ua|6d1(eE{lPZieP_`0VUAzq)zP_U*h2;|KTFW2v2)G4Uu-YcDgq0-AA`XvB62 z2kCQ2SLn(E5uLw#Z07N8Z`FUvezHIQts4H9?z$byTtv=f25ho3bkg5H57kXn6y(E* z$>qxvTwwW;3xXr)|03ln^FWgUTk&pahLO|3;S!*$yxRcqbzl;SslrDyB2k9zh3%U< zL0Vve0@K{-3$AmKN!H1%F$cksQ^H_;^t9m0AL5u$g1|_i>E_9z#ioxuV!!gtGt$L+ z%Y?HZ2~P}Jsd_f{Q45}{MJAGm1|Q!6bp-ifCg0(xkqc^vj1aPdKfpAu1?pTnnZSz< z=?(S_5uxusB#CtDuc}#Y08=P8Eebsvyi%Qy^#@WF+^Mr5)t`FFEowVekG#)@YWt^K z%WVS#nNfZ=eH5EDPbAMOvgmzc6rvMp+9&IS!>ETd5j>Z zI8zZbxMbK0u)PTjcbWp0?WcuORdNF+R$R&}m7YyDSLU?y!ME;fg;Z-uU@g5Ljn*pj zRmpOAOIyzY7kIsBzJ~_ss@9CbCnI(p&C7Z$lRMkwHVfi+3pX;9%o^d}+lo585>^ho z0>m96GoW3y73vr z7AikpXQW=Jbwpo9vN=RkqqAwj!09pn2`h}K$o&V$y52|WvM z0U(AuXz(51P*?LbY5)|cN4GhXR|Sqb z!oY|}TGO(|&v+d$<`pYvyg2uxSJ9BA3{in){yLaNwrFVHC3~~=4z21D%Z~ttWN4?Y z#N{HgFIhMim?(yVdo*Ix4zBT^<2V{;9cm_`WY|8KDJ6JN&mZ5}m*khsjg)%;vCd5K zD*3Yrd@Utyt_2Apk^*u%v?_TIifz&`k8uw%5D*T_(zBD!$_OzUg~I^Ud@aO$qqKpJ z?r{2b%^TKLa?2;k0cAxtaTo|^4b7XD^RRjTyOO&X5*1O zyv9t;OJns}wxx+;OyzXmOl`H5@AR)+|Kd3@T%<#nKum83G=^U{uFzEZ`zNt!!-Q&B zz;>^eFd;)|gz&l=CY9oX33~T?ICr7vk?@TTOxqcg=2$^F>YU#?ET95fEK5SqGq*n* zrZ(OQiZ5eg;fnaF@VBkE)Hf0ab^S#Taj}ZI+T=qz?dL#@uSM!o9+jKzjnNI&SgspZcXu z_oQz;jn_gDGo>qalMkPNDBu36HN!Yl`yl z3dt8=DLq1{w3SPn6$;dVo65M zIsk45Dy>8qEhO4idjEnR!qzDd`oEDtmA(VhfLJtT6A_i0lD7|-rv;d)riYQ16p(O-Vq(hKULnvoOzrFW2XLdPz z=FFKnGn+q|WD=66t!J&fTo<8y=(ltSozrkD_92-0NobI&I^=^-xr6=-o$qzHGes$d zuku!3)ILHIlRlkLtm>ZxhZ$iij! zs$}Dzb|xElS?UT*71^)8$x+C`-0-z>#!DkI4MmlmFh)Mlir1Y}wNfMJjF=!Wz6bpP zuF{D5L^R1iQyz6K z3E6^nw~M#K9gUJ31Obt|-nn6?h}Vb&hDX8M9eqpC+0f%cg;ofH;_}z4+l$rio2Hw1 z$ee_sVYJb4%o}$N#8nZE+$m0Lb1pYn{jK`HKK3pmcMb`lZsSU z@nLIygbGoXfHYN^x99G+>b7geg`+B|e~XUUm+ou5wVWkY{p_~;?LKTL{R6SBP9$eJ zn^x)#IJ*E0G*WxhQM8CCZ;H9ruTfP>c3s({T;ijzjtg8WWrB9r843^VV3k-3c8Pup63wEySP;M9eU! zc;8FhVjhmNBc$>YFDEs_b#_W7;c+pnLu^cGm6L(+ZdEyz@VB? zxwAihuMM}4&NFvTj?I#VjOb>Q%h~aAx!G~r?zE&TB}yIJa()YSI{vu3o$;u5OBD4{ zHM52TzxTx8N@+#!7b#2GR$8{A1O5Zo0*XfiBUM_AiCvrXB2He@_xYEVByXH)ETHK}2&Yi5MIvTF0N3GF1#h+F zXg}6?EW!9q(Jl8b{ydc~o%5;uCZkEs#5FNQjLCH@t;%#yas87lm~-PO@MDAY@U8Ch z-bF+%Q63jRjj&jT=30;kXT4?*7f6wT(S6HD6aVFyRvZ{ApJv1QY|66QUQAZcd0oMz z6uTIuMFzFMAYeA>{+xi$^Y zo=>&27gBJKmFD)tJQjUuw`)0Jc4AywXu_TV=hVqxu%nyU4h7J}IdL5Ex{-(ZW-pd~ zr%9);SrmK5tC4+ve2fbB!Jd86AsUYn6F`W3f3Q`S|tDl&5hur?4D45+zB-^0R&Ilohw zmjgPELts)glzc|>6)jQl2x%Ybq&?$a(j10Q?K`j9;uq`eaa^!*`6H9#irop&^l~Zv z(dR0~x(2*By}>DYvBFUYhL&}DWSiSrh$f=0`RsRwTg#lbqnR zJllezEJ#e{q+En0JExWmn}_L$&9ajLP+HYy8HQq%62OS2w>%@!2Q=^o8{#nAXewh9 z8+qK_X2Qfz8?OfKYT`8Xvlt}?-9DoBsT5RtVY=<<$H-&a)%FF|cNp=6{)flTavFTU zlG9-3f97ese2RuO!8@?vP^nebDCm;2M8zaAo{I9dYnLy9;STo_(bD6gu)p|H9F5Cl z*6P(QSYgE(Q>&~$SD9Pm>VV3*8b_F_*%-=bW{FezQ#M1}*n3wzFJ)PSpaSKd%ENO} zWFJnM_nTC8zQ=0;&Tm`1=r(5LbSyQvh>KLo|8SN8j_eA)WI31SI<*hFpW&qC?dE|S zegHa`;;ZOlnElF%*@=?VHPfr-{e#$H7CcUa5Doh-~XJiaapoeq+!u6tM@_mkl)1?u0oO_&#eFX6y)_A+8DiLygWxlmu%Ku<+rc-vN+Nbo<>B`hLC>}A>$&_7 z+yE!nIsgNJ$ilg+{~LIKsXjmAaTYLr(X?3p+}y#aPmNa_%a^eeF7$SdM~3`#(dO#(KDk9dca_GOy|-9@WD(i*=4$>g ziLJNfNW66T;^&%^>~knt0F!>d*h>}KgfGJsa)G7iJ@sai>b$}U38Q7u3NN^;{qUh* zzgLVB?GDpn$Ry>PLTfGuo1VnkjJL&>$u_-)_2r!)9PGHh9I-4GJeBH`2Cen9vroHe zxARPgQ$meCShbm4wQ%$MiaIQ!?-Rx-KH&tiSWG51FIvoLyP6)aE`0auNV-;Om`db~ zE3dQvLa=PG`}%G1@h6P?w6QC%NKrv~(%os!B@8?{{%vwX+UjulT97fUa0u5TyuU zYVJJPo-+x)sJM#%L?fdL&#nnd-i1CFEA^md*Ak}W3KglPHg9`FqeSoSWw2` zDB2CybEWBJ@wE-@AQrM1!NEJ(W|5e1IT&DOS9eA60I6He6c8rkTez+UthqJA6S{!* z(6+)bLqh1GA6wxWJc!TSF%#5D`nemiHWnP5?o&Kca0o|o5o>;KPnIaPpNPMRUx;hJ zY}ut{HsdPKBa~n&-RT)DItaoz)O9fg0|o+8sq@iE!Ju^=1t4##vM|2{&#|7SYzO`3 zR)i{Buqwa%1Zju=$0aXtowcAozjwOMj&70y1>7|wNKyoOsu&5vj8%^JycS1G9928>@ z8fYHarPePd+|{F>xnlpM9_SCY8XmTVwren+qVz<|rZ-6y(l%|^U)O+TR!$bJ+)Es} zb0GHdVLpYQZSah3^{Ff5weM2dZFYsr7a)*UCWbkBiy1MB`5lqxrtCeU)DsLJYievh zRdgJ?g!hF`c>Vg;5=RBH)Rzu!Z)Q=0I+dEeUbhETwc~?2@iC&AcGnF> zFjFG=DL+)9J3q{GheYK8B0RqAs3wVa$FL~nm9u=&bqp{brpT0vwu-8XYgC;Dkub?R zRgCNB7w5yh3d@3e3Dx5|@xj%v%&wX$Qy2 zYL1A*e3tG|VnirAJMDdgM#nY0s!*rdvzWamBZxCmT?k}M#Y$D_i9>mrff36^R#jy# z^6HF;(#Uo(>M8wuBUo$2=HPIyUr%Pl_^PLkEmd;6_`hE{TH(;yHJ9a}Hh9=tjc}F> zf#eu4uaH`RZxgp7K0BE1(8FqgkwExN6AO)cpBZ0Em!Ku7MB#%Ar82x%eO9J>!?kYY zb{oXUnN_P4NZA43*y?S}0*T;dVo|`3C-Y27#)v8ueJf(gmAC}>=c2}w9U`$8G4XMt z_lrDX^%2${1pUP8&;%8zV=-~Zn0K{Y@)=Isw?SkV(2q5X*aGXGiO(_DA2;d-B;6j1 z-Y(_+jw=vrPsZgNh((BNG%N3JEz7X{71fn^ixC~O7p!B(s`OkeNCPehHO26f!a?Ff z@ZABAhf{mpvjK~#qzC=g@`bmX;DReAK`&`pBW1cgPic;n={PVsv=4Hw=tkNe(e%@p3*nHohizA^ho2Mc0vcg?9&Z-f~SCkw@1!7qZ!oy7tNFGfFL? z-X-dNW`4pwg;mU5@?_qeJys1-PW02Z-lv9ilZ4{F*6eHLQ-eUbjF{Jg8(yp+8i&Xg zMhIE@oIavBe_6G3vbO;SJw{wm=hm1DEnn_Z~X_l2mTCby4r{t}aFEDid_+ANQhh$XfA{i`t%de