From ab222f3d0bfcc711d613fd27bc5dcb31ea0929ed Mon Sep 17 00:00:00 2001 From: raaidrushdy Date: Fri, 8 May 2026 21:22:56 +1000 Subject: [PATCH 1/7] feat: update report service and add report generation template - Updated the current report_service.py to match the new template - Add AutoAudit_Report_Template.docx for Word report generation - Add run_test.py smoke test for local testing - Add fake_dataset.json sample dataset - Add README_report_service.md with schema docs and onboarding notes --- security/reports/README_report_service.md | 240 ++++ security/reports/fake_dataset.json | 843 ++++++++++++ security/reports/report_service.py | 1421 ++++++++++++++++----- security/reports/run_test.py | 95 ++ security/results/report_template.docx | Bin 49490 -> 78211 bytes 5 files changed, 2302 insertions(+), 297 deletions(-) create mode 100644 security/reports/README_report_service.md create mode 100644 security/reports/fake_dataset.json create mode 100644 security/reports/run_test.py diff --git a/security/reports/README_report_service.md b/security/reports/README_report_service.md new file mode 100644 index 000000000..5e15f3df2 --- /dev/null +++ b/security/reports/README_report_service.md @@ -0,0 +1,240 @@ +# AutoAudit Report Service + +Fills `AutoAudit_Report_Template.docx` with compliance assessment data and +produces a Word document or PDF report. + +--- + +## Files + +| File | Purpose | +|------|---------| +| `report_service.py` | The report generator — this is the only file you need to import | +| `AutoAudit_Report_Template.docx` | Word template with `{placeholder}` tokens | +| `run_test.py` | Smoke test runner | +| `fake_dataset.json` | Sample dataset for local testing | + +--- + +## Quick start + +```python +from report_service import generate_full_report_docx +import json + +with open("dataset.json") as f: + data = json.load(f) + +out = generate_full_report_docx(data) +# open out in Word, check layout, export to PDF +``` + +For headless pipelines: + +```python +out = generate_full_report_pdf(data) +``` + +From the command line: + +```bash +python report_service.py dataset.json # produces .docx +python report_service.py dataset.json --pdf # produces PDF +python report_service.py dataset.json --pdf --keep-docx # keeps both +python report_service.py convert path/to/report.docx # convert existing docx +``` + +--- + +## Dataset schema + +The service reads these top-level keys: + +```json +{ + "tenant": {}, + "summary": {}, + "controls": [], + "evidence_register": [], + "remediation_plan": [] +} +``` + +None are required — missing keys produce empty strings in the output. + +Key names are normalised before lookup (lower-cased, underscores/hyphens/slashes +collapsed to spaces), so `"Tenant_Name"`, `"tenant name"`, and `"tenant-name"` +all resolve to the same field. + +### tenant + +```json +{ + "Tenant_Name": "Contoso Ltd", + "Tenant_Domain": "contoso.com", + "Assessor_Name": "Jane Smith", + "Frameworks_Used": "CIS M365 v3.0, ISO 27001:2022", + "Assessment_Period": "April 2025", + "Assessment_Date": "30 April 2025", + "Classification": "Confidential", + "Report_Version": "1.0", + "Distribution": "IT Security, Management", + "Prepared_By": "Jane Smith", + "Reviewed_By": "John Doe", + "Team_Function": "GRC", + "Limitations": "On-premises AD excluded", + "Scope_Owner": "IT Security Manager" +} +``` + +### summary + +```json +{ + "Overall_Score": "72%", + "Overall_Risk_Posture": "Medium", + "Executive_Summary": "...", + "Key_Recommendation": "...", + "Total_Controls": "42", + "Total_Pass": "30", + "Total_Fail": "12", + "Total_Critical": "2", + "Total_High": "4", + "Total_Medium": "4", + "Total_Low": "2", + "Top_Risk_1": "DMARC not enforced", + "Top_Risk_2": "MFA not required for all users", + "Top_Risk_3": "Legacy auth not blocked", + "Strength_1": "MFA enabled for admins", + "Strength_1_Evidence": "AAD-MFA-001", + "Cat_1_Pass": "8", + "Cat_1_Fail": "2", + "Cat_1_Total": "10", + "Cat_1_Comment": "Email security needs attention" +} +``` + +Category fields run from `Cat_1_*` to `Cat_9_*`. Also supports the nested +shape `summary.categories.Cat_1.Pass` if your dataset uses that instead. + +### controls (list) + +Each item maps to one finding block in the report. The template has one block +per severity level — Critical, High, Medium, Low — and only the first FAIL at +each level is used. + +```json +{ + "UniqueID": "AAD-DMARC-001", + "Control_Name": "Ensure DMARC policy is set to reject or quarantine", + "CIS_Section": "1.1.14", + "ISO_Mapping": "A.9.4.3", + "Strategy": "Email / Exchange Online", + "Sub_Strategy": "Email Authentication", + "Test_id": "EXO-DMARC-001", + "Level": "L1", + "Compliance_Status": "Non-Compliant", + "Risk_Rating": "High", + "Priority": "Within 30 Days", + "Pass/Fail": "FAIL", + "Description": "DMARC must be configured with p=quarantine or p=reject.", + "Observations": "The DMARC TXT record is configured with p=none.", + "Justification": "DNS TXT lookup returned: v=DMARC1; p=none; ...", + "Evidence_Type": "DNS TXT record", + "File Name": "dns_dmarc_contoso_20250430.txt", + "Extract": "v=DMARC1; p=none; rua=mailto:dmarc-reports@contoso.com", + "Confidence": "High", + "Evidence_Explanation": "p=none instructs mail servers to take no action on DMARC failures.", + "Impact": "Threat actors can send spoofed emails from @contoso.com addresses.", + "Root_Cause": "DMARC was deployed in monitoring mode and never moved to enforcement.", + "Remediation": "1. Review DMARC aggregate reports. 2. Change p=none to p=quarantine.", + "Owner": "IT Security", + "Target_Date": "30 May 2025", + "Remediation_Status": "Open" +} +``` + +### evidence_register (list, up to 10 items) + +```json +{ + "Evidence_ID": "EV-001", + "Evidence_Description": "DNS TXT record for _dmarc.contoso.com", + "Evidence_Source": "DNS lookup via MXToolbox", + "Mapped_Control": "AAD-DMARC-001", + "Date_Captured": "30 April 2025" +} +``` + +### remediation_plan (list, up to 8 items) + +```json +{ + "Remediation_Action": "Update DMARC policy from p=none to p=quarantine", + "Owner": "IT Security", + "Target_Date": "30 May 2025", + "Status": "Open" +} +``` + +--- + +## Adding new template tokens + +1. Add `{New_Token}` to the Word template wherever you want the value to appear. +2. In `report_service.py`, add the key to the relevant mapping function: + - Tenant-level fields → `_map_tenant()` + - Summary/score fields → `_map_summary()` + - Per-control fields → `_single_control_mapping()` +3. That's it. + +--- + +## PDF conversion + +Tries three methods in order: + +1. **docx2pdf** — needs Microsoft Word installed (Windows/macOS only) +2. **LibreOffice headless** — `soffice` must be on PATH +3. **fpdf2 fallback** — text-only, no layout fidelity, last resort + +Install dependencies: + +```bash +pip install python-docx docx2pdf # for Word-based conversion +# OR +sudo apt install libreoffice # for LibreOffice conversion +``` + +--- + +## Running the smoke test + +```bash +python run_test.py # generates a .docx from fake_dataset.json +python run_test.py --pdf # also converts to PDF +``` + +Expected output: + +``` +Loading dataset : fake_dataset.json + Tenant : Contoso Ltd + Controls : 15 + ... +✓ Report generated successfully! + File : reports_out/Contoso_Ltd_30April2025_AutoAudit_Report.docx + Size : 245.3 KB +``` + +--- + +## Known limitations + +- The template has one finding block per severity level (Critical / High / + Medium / Low). If there are multiple FAILs at the same level, only the first + one appears in the report. The full list is still included in Appendix B. +- Evidence Register supports up to 10 items, remediation plan up to 8 rows. + These limits match the template row count — extend the template if you need more. +- PDF conversion quality depends on which converter is available. Always review + the .docx in Word before distributing the PDF version. diff --git a/security/reports/fake_dataset.json b/security/reports/fake_dataset.json new file mode 100644 index 000000000..7cd2ef382 --- /dev/null +++ b/security/reports/fake_dataset.json @@ -0,0 +1,843 @@ +{ + "tenant": { + "Tenant_Name": "Contoso Ltd", + "Tenant_Domain": "contoso.com", + "Assessor_Name": "AutoAudit Platform", + "Frameworks_Used": "CIS Microsoft 365 Foundations Benchmark v6.0.1 | ISO/IEC 27001:2022", + "Assessment_Period": "01 April 2025 \u2013 30 April 2025", + "Assessment_Date": "30 April 2025", + "Generated_Date": "30 April 2025 09:14 AEST", + "Classification": "Confidential", + "Report_Version": "v1.0", + "Distribution": "IT Security Team, CISO, External Auditor", + "Prepared_By": "AutoAudit Engine v2.1", + "Reviewed_By": "J. Mitchell (Security Lead)", + "Team_Function": "Information Security", + "Limitations": "This assessment was conducted using read-only API access to Microsoft Entra ID. Conditional Access policy logic requiring graph traversal was partially evaluated; edge-case policy exceptions may not be fully captured. Two controls in the MDM category returned INCONCLUSIVE results due to incomplete MDM enrolment data at time of assessment.", + "Scope_Owner": "IT Security Team", + "Date_Generated": "30 April 2025 09:14 AEST" + }, + "summary": { + "Overall_Score": "61%", + "Overall_Risk_Posture": "HIGH", + "Total_Controls": 15, + "Total_Pass": 9, + "Total_Fail": 6, + "Total_Critical": 2, + "Total_High": 2, + "Total_Medium": 1, + "Total_Low": 1, + "Top_Risk_1": "Legacy authentication protocols remain enabled, exposing the tenant to credential stuffing and password spray attacks", + "Top_Risk_2": "MFA is not enforced for all administrator accounts via Conditional Access, leaving privileged roles vulnerable to account takeover", + "Top_Risk_3": "DMARC policy is set to 'none' for the primary domain, providing no enforcement against email spoofing", + "Strength_1": "Audit log search is enabled and unified audit logging is active across all workloads", + "Strength_1_Evidence": "EV-007", + "Strength_2": "Safe Attachments and Safe Links are enabled for Exchange Online and Office applications", + "Strength_2_Evidence": "EV-003", + "Strength_3": "SharePoint Online external sharing is restricted to existing guests only", + "Strength_3_Evidence": "EV-006", + "Strength_4": "Customer Lockbox is enabled, requiring explicit approval for Microsoft support access", + "Strength_4_Evidence": "EV-008", + "Strength_5": "OneDrive external sharing link expiration is enforced at 30 days", + "Strength_5_Evidence": "EV-009", + "Top_Remediation_Action": "Block legacy authentication protocols via Conditional Access policy targeting all users and all cloud apps", + "Key_Recommendation": "Contoso Ltd demonstrates a partial security baseline with several foundational controls in place. However, the presence of two Critical findings \u2014 legacy authentication and MFA gaps for administrators \u2014 represents unacceptable risk to tenant integrity. Immediate remediation of Critical and High findings is required before the next assessment cycle.", + "categories": { + "Cat_1": { + "area": "Users", + "Total": 2, + "Pass": 1, + "Fail": 1, + "Comment": "Password expiry policy non-compliant; licensing controls adequate" + }, + "Cat_2": { + "area": "Email / Exchange Online", + "Total": 2, + "Pass": 1, + "Fail": 1, + "Comment": "DMARC enforcement absent; Safe Attachments active" + }, + "Cat_3": { + "area": "Accounts & Authentication", + "Total": 3, + "Pass": 1, + "Fail": 2, + "Comment": "Critical gaps in MFA and legacy auth blocking" + }, + "Cat_4": { + "area": "Configuration", + "Total": 1, + "Pass": 1, + "Fail": 0, + "Comment": "Unified audit logging correctly enabled" + }, + "Cat_5": { + "area": "Application Permissions", + "Total": 1, + "Pass": 1, + "Fail": 0, + "Comment": "Third-party app consent restricted to verified publishers" + }, + "Cat_6": { + "area": "Data Management", + "Total": 2, + "Pass": 2, + "Fail": 0, + "Comment": "External sharing and Customer Lockbox both compliant" + }, + "Cat_7": { + "area": "Auditing", + "Total": 2, + "Pass": 1, + "Fail": 1, + "Comment": "Audit log enabled; mailbox audit actions incomplete" + }, + "Cat_8": { + "area": "Storage", + "Total": 1, + "Pass": 1, + "Fail": 0, + "Comment": "OneDrive link expiration policy enforced" + }, + "Cat_9": { + "area": "Mobile Device Management", + "Total": 1, + "Pass": 0, + "Fail": 1, + "Comment": "Android MDM security policy not configured" + } + }, + "Executive_Summary": "This report presents the findings of an automated Microsoft 365 compliance assessment conducted against the CIS Microsoft 365 Foundations Benchmark v6.0.1 and ISO/IEC 27001:2022 for Contoso Ltd. The assessment was performed by the AutoAudit platform using read-only Microsoft Entra ID API access. A total of 15 controls were evaluated across 9 service areas. Of these, 9 controls passed and 6 failed, yielding an overall compliance score of 61%. Two Critical findings were identified: the absence of legacy authentication blocking and inadequate MFA enforcement for administrator accounts. These findings represent the highest priority remediation items and must be resolved before the next assessment cycle. Positively, foundational controls including unified audit logging, Safe Attachments, and SharePoint external sharing restrictions are operating effectively.", + "Cat_1_Total": 2, + "Cat_1_Pass": 1, + "Cat_1_Fail": 1, + "Cat_1_Comment": "Password expiry policy non-compliant; licensing controls adequate", + "Cat_2_Total": 2, + "Cat_2_Pass": 1, + "Cat_2_Fail": 1, + "Cat_2_Comment": "DMARC enforcement absent; Safe Attachments active", + "Cat_3_Total": 3, + "Cat_3_Pass": 1, + "Cat_3_Fail": 2, + "Cat_3_Comment": "Critical gaps in MFA and legacy auth blocking", + "Cat_4_Total": 1, + "Cat_4_Pass": 1, + "Cat_4_Fail": 0, + "Cat_4_Comment": "Unified audit logging correctly enabled", + "Cat_5_Total": 1, + "Cat_5_Pass": 1, + "Cat_5_Fail": 0, + "Cat_5_Comment": "Third-party app consent restricted to verified publishers", + "Cat_6_Total": 2, + "Cat_6_Pass": 2, + "Cat_6_Fail": 0, + "Cat_6_Comment": "External sharing and Customer Lockbox both compliant", + "Cat_7_Total": 2, + "Cat_7_Pass": 1, + "Cat_7_Fail": 1, + "Cat_7_Comment": "Audit log enabled; mailbox audit actions incomplete", + "Cat_8_Total": 1, + "Cat_8_Pass": 1, + "Cat_8_Fail": 0, + "Cat_8_Comment": "OneDrive link expiration policy enforced", + "Cat_9_Total": 1, + "Cat_9_Pass": 0, + "Cat_9_Fail": 1, + "Cat_9_Comment": "Android MDM security policy not configured", + "Remediation_Action_1": "Block legacy authentication for all users via Conditional Access", + "Remediation_Owner_1": "IT Security Team", + "Remediation_Target_1": "14 May 2025", + "Remediation_Status_1": "Open", + "Remediation_Priority_1": "Critical", + "Remediation_Action_2": "Enforce MFA for all Global Administrator and Privileged Role Administrator accounts via Conditional Access", + "Remediation_Owner_2": "IT Security Team", + "Remediation_Target_2": "14 May 2025", + "Remediation_Status_2": "Open", + "Remediation_Priority_2": "Critical", + "Remediation_Action_3": "Update DMARC record to p=quarantine or p=reject for contoso.com", + "Remediation_Owner_3": "IT / DNS Team", + "Remediation_Target_3": "31 May 2025", + "Remediation_Status_3": "Open", + "Remediation_Priority_3": "High", + "Remediation_Action_4": "Enable 'Send' and 'HardDelete' mailbox audit actions for all user mailboxes", + "Remediation_Owner_4": "Exchange Admin", + "Remediation_Target_4": "31 May 2025", + "Remediation_Status_4": "Open", + "Remediation_Priority_4": "High", + "Remediation_Action_5": "Set password expiry policy to comply with CIS recommendation (disable expiry or enforce 365-day maximum)", + "Remediation_Owner_5": "IT Operations", + "Remediation_Target_5": "30 June 2025", + "Remediation_Status_5": "Open", + "Remediation_Priority_5": "Medium", + "Remediation_Action_6": "Configure Android MDM security baseline policy in Intune", + "Remediation_Owner_6": "Endpoint Team", + "Remediation_Target_6": "30 June 2025", + "Remediation_Status_6": "Open", + "Remediation_Priority_6": "Low", + "Remediation_Action_7": "Review and remediate remaining Conditional Access policy gaps identified in assessment", + "Remediation_Owner_7": "IT Security Team", + "Remediation_Target_7": "30 June 2025", + "Remediation_Status_7": "Open", + "Remediation_Priority_7": "Medium", + "Remediation_Action_8": "Schedule re-assessment via AutoAudit once Critical and High findings are resolved", + "Remediation_Owner_8": "CISO", + "Remediation_Target_8": "15 July 2025", + "Remediation_Status_8": "Planned", + "Remediation_Priority_8": "Low", + "Evidence_1_Description": "Entra ID Conditional Access policy list \u2014 legacy auth block policy absent", + "Evidence_1_Source": "Microsoft Graph API /identity/conditionalAccess/policies", + "Evidence_2_Description": "Entra ID per-user MFA status report \u2014 3 of 5 Global Admins show MFA disabled", + "Evidence_2_Source": "Microsoft Graph API /reports/authenticationMethods/userRegistrationDetails", + "Evidence_3_Description": "Defender for Office 365 Safe Attachments policy export \u2014 all policies enabled", + "Evidence_3_Source": "Exchange Online PowerShell Get-SafeAttachmentPolicy", + "Evidence_4_Description": "DNS TXT record query for contoso.com DMARC \u2014 record value p=none", + "Evidence_4_Source": "DNS TXT lookup _dmarc.contoso.com", + "Evidence_5_Description": "Password expiry policy extract \u2014 PasswordNeverExpires set to false with 90-day expiry", + "Evidence_5_Source": "Microsoft Graph API /domains", + "Evidence_6_Description": "SharePoint Online sharing capability \u2014 set to ExistingExternalUserSharingOnly", + "Evidence_6_Source": "SharePoint Admin API /sharepoint/sharingCapability", + "Evidence_7_Description": "Unified audit log configuration \u2014 UnifiedAuditLogIngestionEnabled = True", + "Evidence_7_Source": "Exchange Online PowerShell Get-AdminAuditLogConfig", + "Evidence_8_Description": "Customer Lockbox setting \u2014 CustomerLockboxEnabled = True", + "Evidence_8_Source": "Microsoft Graph API /admin/serviceAnnouncement/settings", + "Evidence_9_Description": "OneDrive external sharing link expiration \u2014 ExternalUserExpireInDays = 30", + "Evidence_9_Source": "SharePoint Admin API /onedrive/sharingExpirationDays", + "Evidence_10_Description": "Mailbox audit configuration \u2014 AuditEnabled = True but SendAs and HardDelete actions absent from default policy", + "Evidence_10_Source": "Exchange Online PowerShell Get-MailboxAuditBypassAssociation", + "Evidence_11_Description": "Third-party integrated app consent policy \u2014 set to require admin approval for verified publishers only", + "Evidence_11_Source": "Entra ID Admin Centre > Enterprise Applications > Consent and Permissions", + "Evidence_12_Description": "Intune MDM device configuration profiles \u2014 Android profile absent; iOS profile active", + "Evidence_12_Source": "Microsoft Graph API /deviceManagement/deviceConfigurations" + }, + "remediation_plan": [ + { + "Remediation_Action": "Block legacy authentication for all users via Conditional Access", + "Priority": "Critical", + "Owner": "IT Security Team", + "Target_Date": "14 May 2025", + "Remediation_Status": "Open", + "index": 1 + }, + { + "Remediation_Action": "Enforce MFA for all Global Administrator and Privileged Role Administrator accounts via Conditional Access", + "Priority": "Critical", + "Owner": "IT Security Team", + "Target_Date": "14 May 2025", + "Remediation_Status": "Open", + "index": 2 + }, + { + "Remediation_Action": "Update DMARC record to p=quarantine or p=reject for contoso.com", + "Priority": "High", + "Owner": "IT / DNS Team", + "Target_Date": "31 May 2025", + "Remediation_Status": "Open", + "index": 3 + }, + { + "Remediation_Action": "Enable 'Send' and 'HardDelete' mailbox audit actions for all user mailboxes", + "Priority": "High", + "Owner": "Exchange Admin", + "Target_Date": "31 May 2025", + "Remediation_Status": "Open", + "index": 4 + }, + { + "Remediation_Action": "Set password expiry policy to comply with CIS recommendation (disable expiry or enforce 365-day maximum)", + "Priority": "Medium", + "Owner": "IT Operations", + "Target_Date": "30 June 2025", + "Remediation_Status": "Open", + "index": 5 + }, + { + "Remediation_Action": "Configure Android MDM security baseline policy in Intune", + "Priority": "Low", + "Owner": "Endpoint Team", + "Target_Date": "30 June 2025", + "Remediation_Status": "Open", + "index": 6 + }, + { + "Remediation_Action": "Review and remediate remaining Conditional Access policy gaps identified in assessment", + "Priority": "Medium", + "Owner": "IT Security Team", + "Target_Date": "30 June 2025", + "Remediation_Status": "Open", + "index": 7 + }, + { + "Remediation_Action": "Schedule re-assessment via AutoAudit once Critical and High findings are resolved", + "Priority": "Low", + "Owner": "CISO", + "Target_Date": "15 July 2025", + "Remediation_Status": "Planned", + "index": 8 + } + ], + "evidence_register": [ + { + "Evidence_ID": "EV-001", + "Evidence_Description": "Entra ID Conditional Access policy list \u2014 legacy auth block policy absent", + "Evidence_Source": "Microsoft Graph API /identity/conditionalAccess/policies", + "Mapped_Control": "CIS-2.1.1", + "Date_Captured": "30 April 2025", + "index": 1 + }, + { + "Evidence_ID": "EV-002", + "Evidence_Description": "Entra ID per-user MFA status report \u2014 3 of 5 Global Admins show MFA disabled", + "Evidence_Source": "Microsoft Graph API /reports/authenticationMethods/userRegistrationDetails", + "Mapped_Control": "CIS-1.1.1", + "Date_Captured": "30 April 2025", + "index": 2 + }, + { + "Evidence_ID": "EV-003", + "Evidence_Description": "Defender for Office 365 Safe Attachments policy export \u2014 all policies enabled", + "Evidence_Source": "Exchange Online PowerShell Get-SafeAttachmentPolicy", + "Mapped_Control": "CIS-2.1.6", + "Date_Captured": "30 April 2025", + "index": 3 + }, + { + "Evidence_ID": "EV-004", + "Evidence_Description": "DNS TXT record query for contoso.com DMARC \u2014 record value p=none", + "Evidence_Source": "DNS TXT lookup _dmarc.contoso.com", + "Mapped_Control": "CIS-2.1.9", + "Date_Captured": "30 April 2025", + "index": 4 + }, + { + "Evidence_ID": "EV-005", + "Evidence_Description": "Password expiry policy extract \u2014 PasswordNeverExpires set to false with 90-day expiry", + "Evidence_Source": "Microsoft Graph API /domains", + "Mapped_Control": "CIS-1.1.14", + "Date_Captured": "30 April 2025", + "index": 5 + }, + { + "Evidence_ID": "EV-006", + "Evidence_Description": "SharePoint Online sharing capability \u2014 set to ExistingExternalUserSharingOnly", + "Evidence_Source": "SharePoint Admin API /sharepoint/sharingCapability", + "Mapped_Control": "CIS-7.2.2", + "Date_Captured": "30 April 2025", + "index": 6 + }, + { + "Evidence_ID": "EV-007", + "Evidence_Description": "Unified audit log configuration \u2014 UnifiedAuditLogIngestionEnabled = True", + "Evidence_Source": "Exchange Online PowerShell Get-AdminAuditLogConfig", + "Mapped_Control": "CIS-3.1.1", + "Date_Captured": "30 April 2025", + "index": 7 + }, + { + "Evidence_ID": "EV-008", + "Evidence_Description": "Customer Lockbox setting \u2014 CustomerLockboxEnabled = True", + "Evidence_Source": "Microsoft Graph API /admin/serviceAnnouncement/settings", + "Mapped_Control": "CIS-7.3.1", + "Date_Captured": "30 April 2025", + "index": 8 + }, + { + "Evidence_ID": "EV-009", + "Evidence_Description": "OneDrive external sharing link expiration \u2014 ExternalUserExpireInDays = 30", + "Evidence_Source": "SharePoint Admin API /onedrive/sharingExpirationDays", + "Mapped_Control": "CIS-7.2.9", + "Date_Captured": "30 April 2025", + "index": 9 + }, + { + "Evidence_ID": "EV-010", + "Evidence_Description": "Mailbox audit configuration \u2014 AuditEnabled = True but SendAs and HardDelete actions absent from default policy", + "Evidence_Source": "Exchange Online PowerShell Get-MailboxAuditBypassAssociation", + "Mapped_Control": "CIS-3.1.2", + "Date_Captured": "30 April 2025", + "index": 10 + }, + { + "Evidence_ID": "EV-011", + "Evidence_Description": "Third-party integrated app consent policy \u2014 set to require admin approval for verified publishers only", + "Evidence_Source": "Entra ID Admin Centre > Enterprise Applications > Consent and Permissions", + "Mapped_Control": "CIS-5.1.2", + "Date_Captured": "30 April 2025", + "index": 11 + }, + { + "Evidence_ID": "EV-012", + "Evidence_Description": "Intune MDM device configuration profiles \u2014 Android profile absent; iOS profile active", + "Evidence_Source": "Microsoft Graph API /deviceManagement/deviceConfigurations", + "Mapped_Control": "CIS-8.1.1", + "Date_Captured": "30 April 2025", + "index": 12 + } + ], + "controls": [ + { + "UniqueID": "CIS-1.1.1", + "Control_Name": "Ensure Multi-Factor Authentication is enabled for all users in administrative roles", + "Category": "Accounts & Authentication", + "CIS_Section": "1.1.1", + "ISO_Mapping": "A.9.4.2", + "Strategy": "Identity & Access Management", + "Sub_Strategy": "Privileged Account Protection", + "Test_id": "AAD-MFA-ADMIN-001", + "Level": "L1", + "Compliance_Status": "Non-Compliant", + "Risk_Rating": "Critical", + "Priority": "Immediate Action", + "Pass_Fail": "FAIL", + "Description": "All accounts assigned administrative roles must have MFA enforced via Conditional Access policy. Per-user MFA legacy settings are insufficient as they can be bypassed.", + "Observations": "3 of 5 Global Administrator accounts (admin@contoso.com, svc-admin@contoso.com, backup-admin@contoso.com) do not have MFA enforced via any active Conditional Access policy. Per-user MFA is partially enabled but no CA policy targets the Global Administrator role.", + "Justification": "API query to /reports/authenticationMethods/userRegistrationDetails confirmed 3 accounts with isMfaRegistered = false and no Conditional Access policy with grantControls.builtInControls containing 'mfa' targeting the Global Administrator directory role was found.", + "Evidence_Type": "API JSON output", + "File_Name": "userRegistrationDetails_20250430.json", + "Extract": "{ \"id\": \"svc-admin@contoso.com\", \"isMfaRegistered\": false, \"isMfaCapable\": false }", + "Confidence": "High", + "Evidence_Explanation": "The API response confirms the service account used for automated tasks holds Global Administrator privileges and has no MFA registration or enforcement in place.", + "Impact": "An attacker obtaining valid credentials for any of the three affected admin accounts via phishing, credential stuffing, or password spray would gain unrestricted Global Administrator access to the entire M365 tenant with no additional authentication barrier. This enables full data exfiltration, mailbox access, and tenant configuration modification.", + "Root_Cause": "MFA was not enforced when the service accounts were provisioned. Legacy per-user MFA settings were applied to interactive user accounts but were never extended to service and backup admin accounts. No Conditional Access policy scoped to administrative roles was created.", + "Remediation": "Create a Conditional Access policy requiring MFA for all users assigned Global Administrator, Privileged Role Administrator, Exchange Administrator, and SharePoint Administrator roles. Exclude only break-glass accounts protected by alternative controls. Disable legacy per-user MFA settings once CA policy is verified.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "14 May 2025", + "Remediation_Status": "Open", + "Pass_Fail_Label": "FAIL" + }, + { + "UniqueID": "CIS-2.1.1", + "Control_Name": "Ensure Legacy Authentication is Blocked", + "Category": "Accounts & Authentication", + "CIS_Section": "2.1.1", + "ISO_Mapping": "A.9.4.3", + "Strategy": "Identity & Access Management", + "Sub_Strategy": "Authentication Protocol Hardening", + "Test_id": "AAD-LEGACYAUTH-001", + "Level": "L1", + "Compliance_Status": "Non-Compliant", + "Risk_Rating": "Critical", + "Priority": "Immediate Action", + "Pass_Fail": "FAIL", + "Description": "Legacy authentication protocols such as IMAP, POP3, SMTP AUTH, and Basic Auth do not support MFA and cannot be protected by Conditional Access. These protocols must be blocked tenant-wide.", + "Observations": "No Conditional Access policy blocking legacy authentication protocols was found in the tenant. SMTP AUTH remains enabled at the organisation level. Entra ID sign-in logs show 47 legacy auth sign-in attempts in the 30-day assessment window.", + "Justification": "Enumeration of all Conditional Access policies via /identity/conditionalAccess/policies found no policy with conditions.clientAppTypes containing 'exchangeActiveSync' or 'other' combined with a block grant control. Sign-in logs confirmed active legacy auth usage.", + "Evidence_Type": "API JSON output + Sign-in log extract", + "File_Name": "conditionalAccessPolicies_20250430.json", + "Extract": "No policy found matching: clientAppTypes=[exchangeActiveSync, other] AND grantControls.operator=block", + "Confidence": "High", + "Evidence_Explanation": "The absence of any blocking Conditional Access policy, combined with active legacy auth sign-ins in the log data, confirms the control is not in place and that legacy protocols are actively being used.", + "Impact": "Legacy authentication protocols bypass MFA entirely. Attackers can conduct password spray attacks against Exchange ActiveSync or Basic Auth endpoints with no lockout or MFA challenge. This is the most common attack vector for M365 account compromise.", + "Root_Cause": "No Conditional Access policy was created to block legacy authentication at the time of tenant provisioning. SMTP AUTH was left enabled for a legacy line-of-business application and was never reviewed.", + "Remediation": "1. Create a Conditional Access policy targeting All Users, All Cloud Apps, with client app types set to Exchange ActiveSync and Other clients, and grant control set to Block. 2. Disable SMTP AUTH at the organisation level and re-enable only for specific accounts that genuinely require it via per-mailbox override. 3. Review the 47 legacy auth sign-in accounts and migrate to modern authentication.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "14 May 2025", + "Remediation_Status": "Open", + "Pass_Fail_Label": "FAIL" + }, + { + "UniqueID": "CIS-2.1.9", + "Control_Name": "Ensure DMARC policy for domains is enabled and set to quarantine or reject", + "Category": "Email / Exchange Online", + "CIS_Section": "2.1.9", + "ISO_Mapping": "A.13.2.3", + "Strategy": "Email Security", + "Sub_Strategy": "Anti-Spoofing Controls", + "Test_id": "EXO-DMARC-001", + "Level": "L1", + "Compliance_Status": "Non-Compliant", + "Risk_Rating": "High", + "Priority": "Within 30 Days", + "Pass_Fail": "FAIL", + "Description": "DMARC (Domain-based Message Authentication, Reporting and Conformance) must be configured with a policy of p=quarantine or p=reject to prevent spoofed emails from being delivered to recipients.", + "Observations": "The DMARC TXT record for contoso.com is configured with p=none. This means spoofed emails purporting to be from @contoso.com will be delivered without quarantine or rejection. SPF and DKIM records are correctly configured.", + "Justification": "DNS TXT lookup for _dmarc.contoso.com returned: v=DMARC1; p=none; rua=mailto:dmarc-reports@contoso.com. The p=none policy provides reporting only and no enforcement action.", + "Evidence_Type": "DNS TXT record", + "File_Name": "dns_dmarc_contoso_20250430.txt", + "Extract": "v=DMARC1; p=none; rua=mailto:dmarc-reports@contoso.com", + "Confidence": "High", + "Evidence_Explanation": "The DNS record is unambiguous. p=none instructs receiving mail servers to take no action on DMARC failures, rendering the control ineffective for spoofing prevention.", + "Impact": "Threat actors can send phishing or business email compromise (BEC) emails that appear to originate from @contoso.com addresses. Recipients inside and outside the organisation have no technical protection from these spoofed messages.", + "Root_Cause": "DMARC was initially deployed in monitoring mode (p=none) to review reporting data without impacting legitimate mail flow. The policy was never progressed to enforcement mode after the initial monitoring period.", + "Remediation": "1. Review DMARC aggregate reports to identify any legitimate mail sources not yet covered by SPF or DKIM. 2. Update the DMARC TXT record to p=quarantine as an intermediate step. 3. After 30 days of monitoring, escalate to p=reject. Target record: v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@contoso.com; pct=100.", + "Recommendations": "IT / DNS Team", + "Owner": "IT / DNS Team", + "Target_Date": "31 May 2025", + "Remediation_Status": "Open", + "Pass_Fail_Label": "FAIL" + }, + { + "UniqueID": "CIS-3.1.2", + "Control_Name": "Ensure mailbox auditing for all users is enabled with complete action coverage", + "Category": "Auditing", + "CIS_Section": "3.1.2", + "ISO_Mapping": "A.12.4.1", + "Strategy": "Logging & Monitoring", + "Sub_Strategy": "Mailbox Audit Coverage", + "Test_id": "EXO-MBOXAUDIT-001", + "Level": "L1", + "Compliance_Status": "Partially Compliant", + "Risk_Rating": "High", + "Priority": "Within 30 Days", + "Pass_Fail": "FAIL", + "Description": "Mailbox auditing must be enabled for all user mailboxes and must include the Send, SendAs, HardDelete, and MailItemsAccessed actions to ensure complete forensic capability.", + "Observations": "Mailbox auditing is enabled at the organisation level. However, the default audit action set does not include 'Send' or 'HardDelete' for user mailboxes. MailItemsAccessed is only captured for E5-licensed accounts (14 of 47 users).", + "Justification": "Get-MailboxAuditBypassAssociation and Get-Mailbox -ResultSize Unlimited confirm AuditEnabled = True globally, but AuditOwner action list excludes HardDelete and Send. MailItemsAccessed requires E5 or Compliance add-on licence not assigned to 33 user accounts.", + "Evidence_Type": "PowerShell command output", + "File_Name": "mailbox_audit_config_20250430.txt", + "Extract": "AuditOwner: {Update, MoveToDeletedItems, SoftDelete, UpdateCalendarDelegation}", + "Confidence": "High", + "Evidence_Explanation": "The AuditOwner action list confirms that permanent deletion (HardDelete) and sent-item actions (Send) are not captured, creating blind spots for insider threat and data exfiltration investigations.", + "Impact": "Incident response investigations following a compromised account will have incomplete audit trails. Specifically, investigators will be unable to determine what emails were sent from or permanently deleted from a compromised mailbox, limiting forensic capability and potentially violating compliance obligations.", + "Root_Cause": "Default Exchange Online audit actions were never customised from Microsoft defaults. The Send and HardDelete actions require explicit addition to the AuditOwner and AuditDelegate action sets. Licence gaps prevent MailItemsAccessed from being captured for all users.", + "Remediation": "1. Run: Set-Mailbox -Identity * -AuditOwner @{Add='Send','HardDelete'} -AuditDelegate @{Add='Send','HardDelete'} to add missing actions. 2. Assess licence upgrade or Compliance add-on to extend MailItemsAccessed coverage. 3. Verify changes via Get-Mailbox | Select AuditOwner.", + "Recommendations": "Exchange Admin", + "Owner": "Exchange Admin", + "Target_Date": "31 May 2025", + "Remediation_Status": "Open", + "Pass_Fail_Label": "FAIL" + }, + { + "UniqueID": "CIS-1.1.14", + "Control_Name": "Ensure the password expiration policy is set in accordance with CIS recommendations", + "Category": "Users", + "CIS_Section": "1.1.14", + "ISO_Mapping": "A.9.4.3", + "Strategy": "Identity & Access Management", + "Sub_Strategy": "Password Policy", + "Test_id": "AAD-PWDEXPIRY-001", + "Level": "L1", + "Compliance_Status": "Non-Compliant", + "Risk_Rating": "Medium", + "Priority": "Within 90 Days", + "Pass_Fail": "FAIL", + "Description": "CIS recommends either disabling password expiry entirely (in conjunction with strong MFA and breach password detection) or setting a maximum password age of no less than 365 days. Short rotation periods drive predictable password patterns.", + "Observations": "The tenant password policy has PasswordNeverExpires set to false with a maximum password age of 90 days. This contradicts current NIST SP 800-63B and CIS guidance, which discourages arbitrary rotation in favour of breach detection-triggered resets.", + "Justification": "Microsoft Graph API query to /domains returned: passwordValidityPeriodInDays = 90, passwordNotificationWindowInDays = 14. PasswordNeverExpires = false.", + "Evidence_Type": "API JSON output", + "File_Name": "domain_password_policy_20250430.json", + "Extract": "{ \"passwordValidityPeriodInDays\": 90, \"passwordNotificationWindowInDays\": 14, \"isPasswordSyncEnabled\": false }", + "Confidence": "High", + "Evidence_Explanation": "The 90-day expiry policy is confirmed. This does not represent an immediately exploitable vulnerability but increases risk of predictable password cycling and user workarounds.", + "Impact": "Users subjected to frequent mandatory rotation historically adopt predictable increment patterns (e.g., Password1! \u2192 Password2!). This reduces the effective entropy of credentials and can be exploited in targeted attacks. Risk is partially mitigated if MFA is fully enforced.", + "Root_Cause": "Password expiry policy was set to 90 days at tenant provisioning and has not been reviewed against updated guidance. The organisation's IT policy predates NIST 800-63B revision.", + "Remediation": "Update the domain password policy to either: (a) Set passwordValidityPeriodInDays to 2147483647 (effectively never, relying on breach detection and MFA), or (b) Extend to a minimum of 365 days. Ensure Entra ID Password Protection and leaked credential detection are enabled before removing expiry.", + "Recommendations": "IT Operations", + "Owner": "IT Operations", + "Target_Date": "30 June 2025", + "Remediation_Status": "Open", + "Pass_Fail_Label": "FAIL" + }, + { + "UniqueID": "CIS-8.1.1", + "Control_Name": "Ensure mobile device management policies are configured for Android devices", + "Category": "Mobile Device Management", + "CIS_Section": "8.1.1", + "ISO_Mapping": "A.6.2.1", + "Strategy": "Endpoint Security", + "Sub_Strategy": "Mobile Device Management", + "Test_id": "MDM-ANDROID-001", + "Level": "L1", + "Compliance_Status": "Non-Compliant", + "Risk_Rating": "Low", + "Priority": "Monitor & Review", + "Pass_Fail": "FAIL", + "Description": "An MDM device configuration profile must be assigned in Intune for Android devices, enforcing minimum PIN length, device encryption, screen lock timeout, and block of rooted devices.", + "Observations": "An iOS MDM security baseline profile is active and assigned to all iOS devices. No equivalent profile exists for Android devices. 9 Android devices are enrolled in Intune without any configuration policy applied.", + "Justification": "Microsoft Graph API query to /deviceManagement/deviceConfigurations returned one active profile (iOS General Device Restrictions). No profile with oDataType containing 'android' was found. Enrolled Android device count confirmed via /deviceManagement/managedDevices.", + "Evidence_Type": "API JSON output", + "File_Name": "intune_device_configs_20250430.json", + "Extract": "{ \"value\": [ { \"@odata.type\": \"#microsoft.graph.iosGeneralDeviceConfiguration\", \"displayName\": \"iOS Security Baseline\", \"id\": \"a1b2c3d4\" } ] }", + "Confidence": "High", + "Evidence_Explanation": "The API response lists only an iOS configuration profile. The absence of any Android profile entry confirms the gap. The 9 enrolled Android devices are operating without any enforced security baseline.", + "Impact": "Android devices with access to corporate M365 data (Exchange email, SharePoint, OneDrive) are not subject to any enforced encryption, PIN, or lock-screen policy. A lost or stolen Android device could expose corporate data without any technical barrier.", + "Root_Cause": "The iOS MDM profile was deployed when Intune was first configured. Android device support was added later and the equivalent profile was not created. The gap was not identified in previous reviews.", + "Remediation": "Create an Android Device Restrictions configuration profile in Intune enforcing: minimum 6-digit PIN, device encryption required, screen lock after 5 minutes, block rooted devices, require device compliance for M365 app access. Assign the profile to the All Devices group.", + "Recommendations": "Endpoint Team", + "Owner": "Endpoint Team", + "Target_Date": "30 June 2025", + "Remediation_Status": "Open", + "Pass_Fail_Label": "FAIL" + }, + { + "UniqueID": "CIS-1.1.3", + "Control_Name": "Ensure that between two and four global admins are designated", + "Category": "Accounts & Authentication", + "CIS_Section": "1.1.3", + "ISO_Mapping": "A.9.2.3", + "Strategy": "Identity & Access Management", + "Sub_Strategy": "Privileged Role Governance", + "Test_id": "AAD-GADMIN-COUNT-001", + "Level": "L1", + "Compliance_Status": "Compliant", + "Risk_Rating": "N/A", + "Priority": "N/A", + "Pass_Fail": "PASS", + "Description": "Microsoft recommends between 2 and 4 Global Administrator accounts. Fewer than 2 creates a single point of failure; more than 4 unnecessarily expands the privileged attack surface.", + "Observations": "5 Global Administrator accounts are currently assigned. This marginally exceeds the recommended maximum of 4. However, one account (backup-admin@contoso.com) is noted as a break-glass account with restricted access.", + "Justification": "Graph API /directoryRoles/{GlobalAdmin}/members returned 5 accounts. The break-glass account characteristics partially mitigate the excess.", + "Evidence_Type": "API JSON output", + "File_Name": "globalAdmins_20250430.json", + "Extract": "{ \"value\": [ { \"displayName\": \"Admin1\" }, { \"displayName\": \"Admin2\" }, { \"displayName\": \"Admin3\" }, { \"displayName\": \"svc-admin\" }, { \"displayName\": \"backup-admin\" } ] }", + "Confidence": "Medium", + "Evidence_Explanation": "Five accounts confirmed. Assessed as PASS given break-glass account mitigates the excess count, but the organisation should review whether all five accounts require full Global Admin.", + "Impact": "N/A \u2014 Passed with observation. Minor risk from excess Global Admin count noted.", + "Root_Cause": "N/A", + "Remediation": "Review whether the service account (svc-admin@contoso.com) can be scoped to a lower privilege role. Target 4 accounts maximum.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "30 June 2025", + "Remediation_Status": "Advisory", + "Pass_Fail_Label": "PASS" + }, + { + "UniqueID": "CIS-2.1.6", + "Control_Name": "Ensure Safe Attachments policy is enabled for all users", + "Category": "Email / Exchange Online", + "CIS_Section": "2.1.6", + "ISO_Mapping": "A.12.2.1", + "Strategy": "Email Security", + "Sub_Strategy": "Malware Protection", + "Test_id": "EXO-SAFEATT-001", + "Level": "L2", + "Compliance_Status": "Compliant", + "Risk_Rating": "N/A", + "Priority": "N/A", + "Pass_Fail": "PASS", + "Description": "Microsoft Defender for Office 365 Safe Attachments must be enabled with a policy covering all users to detonate and inspect email attachments in a sandbox prior to delivery.", + "Observations": "A Safe Attachments policy named 'Contoso-SafeAtt-All' is active, set to Dynamic Delivery mode, and assigned to the All Recipients condition. Policy has been active for 14 months.", + "Justification": "Get-SafeAttachmentPolicy returned one active policy with Enable = True, Action = DynamicDelivery, Applied = All.", + "Evidence_Type": "PowerShell command output", + "File_Name": "safeAttachments_policy_20250430.txt", + "Extract": "Name: Contoso-SafeAtt-All | Enable: True | Action: DynamicDelivery | Applied: AllRecipients", + "Confidence": "High", + "Evidence_Explanation": "Policy confirmed active and covering all recipients. Dynamic Delivery ensures users receive emails promptly while attachments are scanned, minimising productivity impact.", + "Impact": "N/A \u2014 Compliant.", + "Root_Cause": "N/A", + "Remediation": "No action required. Maintain current configuration.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "N/A", + "Remediation_Status": "Closed", + "Pass_Fail_Label": "PASS" + }, + { + "UniqueID": "CIS-3.1.1", + "Control_Name": "Ensure audit log search is enabled", + "Category": "Configuration", + "CIS_Section": "3.1.1", + "ISO_Mapping": "A.12.4.1", + "Strategy": "Logging & Monitoring", + "Sub_Strategy": "Audit Configuration", + "Test_id": "EXO-AUDITLOG-001", + "Level": "L1", + "Compliance_Status": "Compliant", + "Risk_Rating": "N/A", + "Priority": "N/A", + "Pass_Fail": "PASS", + "Description": "Unified audit log search must be enabled to capture user and admin activity across Exchange Online, SharePoint, Teams, and Entra ID. This is foundational for incident response and compliance reporting.", + "Observations": "Unified audit logging is enabled. Audit retention is set to 90 days (E3 licence default). Audit records are being ingested into the tenant's Sentinel workspace for extended retention.", + "Justification": "Get-AdminAuditLogConfig returned UnifiedAuditLogIngestionEnabled = True. Microsoft Sentinel data connector confirmed active via Azure Monitor workspace configuration.", + "Evidence_Type": "PowerShell command output", + "File_Name": "auditlog_config_20250430.txt", + "Extract": "UnifiedAuditLogIngestionEnabled: True | AdminAuditLogEnabled: True | MailboxLoggingEnabled: True", + "Confidence": "High", + "Evidence_Explanation": "Audit logging confirmed enabled across all workloads. Sentinel integration provides extended retention beyond the default 90-day M365 window.", + "Impact": "N/A \u2014 Compliant.", + "Root_Cause": "N/A", + "Remediation": "No action required. Consider upgrading to E5 Compliance for 1-year default audit retention if Sentinel integration is ever discontinued.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "N/A", + "Remediation_Status": "Closed", + "Pass_Fail_Label": "PASS" + }, + { + "UniqueID": "CIS-5.1.2", + "Control_Name": "Ensure user consent to apps accessing company data is restricted", + "Category": "Application Permissions", + "CIS_Section": "5.1.2", + "ISO_Mapping": "A.9.4.5", + "Strategy": "Application Security", + "Sub_Strategy": "OAuth Consent Governance", + "Test_id": "AAD-APPCONSENT-001", + "Level": "L1", + "Compliance_Status": "Compliant", + "Risk_Rating": "N/A", + "Priority": "N/A", + "Pass_Fail": "PASS", + "Description": "User consent to third-party applications accessing M365 data must be restricted. Permitted consent models are: admin consent only, or user consent restricted to verified publishers with low-impact permissions.", + "Observations": "The tenant consent policy is set to 'Allow user consent for apps from verified publishers for selected permissions (low impact)'. Admin consent workflow is enabled, routing requests to the IT Security Team.", + "Justification": "Entra ID Enterprise Applications > Consent and Permissions settings confirmed via Graph API /policies/authorizationPolicy: permissionGrantPoliciesAssigned = [managePermissionGrantsForSelf.microsoft-user-default-low].", + "Evidence_Type": "API JSON output", + "File_Name": "authorizationPolicy_20250430.json", + "Extract": "{ \"permissionGrantPoliciesAssigned\": [\"managePermissionGrantsForSelf.microsoft-user-default-low\"] }", + "Confidence": "High", + "Evidence_Explanation": "Policy confirmed. Users can only consent to low-impact permissions from verified publishers. All other consent requires admin approval, preventing illicit consent grant attacks.", + "Impact": "N/A \u2014 Compliant.", + "Root_Cause": "N/A", + "Remediation": "No action required. Periodically review admin consent request queue to ensure timely processing.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "N/A", + "Remediation_Status": "Closed", + "Pass_Fail_Label": "PASS" + }, + { + "UniqueID": "CIS-7.2.2", + "Control_Name": "Ensure SharePoint Online external sharing is restricted to existing external users", + "Category": "Data Management", + "CIS_Section": "7.2.2", + "ISO_Mapping": "A.13.2.3", + "Strategy": "Data Protection", + "Sub_Strategy": "External Sharing Controls", + "Test_id": "SPO-EXTSHARE-001", + "Level": "L2", + "Compliance_Status": "Compliant", + "Risk_Rating": "N/A", + "Priority": "N/A", + "Pass_Fail": "PASS", + "Description": "SharePoint Online external sharing must be set to allow sharing only with existing external users already in the organisation's directory, preventing ad-hoc sharing with unknown recipients.", + "Observations": "SharePoint Online SharingCapability is set to ExistingExternalUserSharingOnly. This was confirmed for both the tenant-level and OneDrive-level settings.", + "Justification": "SharePoint Admin API returned: SharingCapability = ExistingExternalUserSharingOnly at tenant level. OneDrive SharingCapability confirmed as consistent.", + "Evidence_Type": "API JSON output", + "File_Name": "sharepoint_sharing_20250430.json", + "Extract": "{ \"SharingCapability\": \"ExistingExternalUserSharingOnly\", \"OneDriveSharingCapability\": \"ExistingExternalUserSharingOnly\" }", + "Confidence": "High", + "Evidence_Explanation": "Both SharePoint and OneDrive sharing controls confirmed compliant. Users cannot share with new external parties without an admin provisioning the external user first.", + "Impact": "N/A \u2014 Compliant.", + "Root_Cause": "N/A", + "Remediation": "No action required. Review sharing policy annually or following any M365 licence tier changes.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "N/A", + "Remediation_Status": "Closed", + "Pass_Fail_Label": "PASS" + }, + { + "UniqueID": "CIS-7.3.1", + "Control_Name": "Ensure Customer Lockbox is enabled", + "Category": "Data Management", + "CIS_Section": "7.3.1", + "ISO_Mapping": "A.15.1.2", + "Strategy": "Data Protection", + "Sub_Strategy": "Microsoft Support Access Controls", + "Test_id": "M365-LOCKBOX-001", + "Level": "L2", + "Compliance_Status": "Compliant", + "Risk_Rating": "N/A", + "Priority": "N/A", + "Pass_Fail": "PASS", + "Description": "Customer Lockbox ensures that Microsoft support engineers must obtain explicit customer approval before accessing any customer content in M365 during a support engagement.", + "Observations": "Customer Lockbox is enabled at the tenant level. The designated approvers are the two active Global Administrators.", + "Justification": "Graph API /admin/serviceAnnouncement/settings returned: isCustomerLockboxEnabled = true.", + "Evidence_Type": "API JSON output", + "File_Name": "tenant_admin_settings_20250430.json", + "Extract": "{ \"isCustomerLockboxEnabled\": true }", + "Confidence": "High", + "Evidence_Explanation": "Setting confirmed enabled. Customer Lockbox requires an E5 licence or Compliance add-on, confirming appropriate licencing is in place for this control.", + "Impact": "N/A \u2014 Compliant.", + "Root_Cause": "N/A", + "Remediation": "No action required. Ensure Lockbox approval process is documented in the organisation's incident response runbook.", + "Recommendations": "CISO", + "Owner": "CISO", + "Target_Date": "N/A", + "Remediation_Status": "Closed", + "Pass_Fail_Label": "PASS" + }, + { + "UniqueID": "CIS-7.2.9", + "Control_Name": "Ensure external sharing links for OneDrive expire within 30 days", + "Category": "Storage", + "CIS_Section": "7.2.9", + "ISO_Mapping": "A.13.2.3", + "Strategy": "Data Protection", + "Sub_Strategy": "Link Expiration Controls", + "Test_id": "OD-LINKEXPIRY-001", + "Level": "L2", + "Compliance_Status": "Compliant", + "Risk_Rating": "N/A", + "Priority": "N/A", + "Pass_Fail": "PASS", + "Description": "External sharing links for OneDrive must be configured to expire, with a maximum expiration window of 30 days, to limit prolonged unmanaged access to shared files.", + "Observations": "OneDrive external sharing link expiration is set to 30 days (ExternalUserExpireInDays = 30). Anonymous link expiration is also set to 30 days.", + "Justification": "SharePoint Admin API returned: ExternalUserExpireInDays = 30, AnonymousLinkExpirationInDays = 30.", + "Evidence_Type": "API JSON output", + "File_Name": "onedrive_sharing_settings_20250430.json", + "Extract": "{ \"ExternalUserExpireInDays\": 30, \"AnonymousLinkExpirationInDays\": 30 }", + "Confidence": "High", + "Evidence_Explanation": "Both external user and anonymous link expiration periods confirmed at 30 days, meeting the CIS requirement.", + "Impact": "N/A \u2014 Compliant.", + "Root_Cause": "N/A", + "Remediation": "No action required.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "N/A", + "Remediation_Status": "Closed", + "Pass_Fail_Label": "PASS" + }, + { + "UniqueID": "CIS-1.1.15", + "Control_Name": "Ensure user role assignments are reviewed and excess privileges removed", + "Category": "Users", + "CIS_Section": "1.1.15", + "ISO_Mapping": "A.9.2.5", + "Strategy": "Identity & Access Management", + "Sub_Strategy": "Least Privilege Enforcement", + "Test_id": "AAD-ROLEASSIGN-001", + "Level": "L1", + "Compliance_Status": "Compliant", + "Risk_Rating": "N/A", + "Priority": "N/A", + "Pass_Fail": "PASS", + "Description": "User role assignments should be reviewed periodically to ensure no accounts hold unnecessary administrative privileges. Privileged Identity Management (PIM) should be used where available.", + "Observations": "PIM is active for all administrative roles. Eligible assignments require justification and MFA step-up for activation. No permanent active assignments exist outside of break-glass accounts. Last access review was completed 22 March 2025.", + "Justification": "Graph API /privilegedAccess/aadRoles/resources/{tenantId}/roleAssignments confirmed all admin roles use eligible assignment type. roleAssignmentScheduleInstances confirmed no permanent active non-break-glass admin assignments.", + "Evidence_Type": "API JSON output", + "File_Name": "pim_role_assignments_20250430.json", + "Extract": "{ \"assignmentType\": \"Eligible\", \"scheduleInfo\": { \"expiration\": { \"type\": \"noExpiration\" } } }", + "Confidence": "High", + "Evidence_Explanation": "PIM eligible assignments confirmed. All role activations require MFA and business justification, consistent with CIS and Microsoft best practice.", + "Impact": "N/A \u2014 Compliant.", + "Root_Cause": "N/A", + "Remediation": "No action required. Maintain quarterly access review cadence.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "N/A", + "Remediation_Status": "Closed", + "Pass_Fail_Label": "PASS" + }, + { + "UniqueID": "CIS-3.1.3", + "Control_Name": "Ensure Microsoft Defender for Cloud Apps is enabled and alerts are reviewed", + "Category": "Auditing", + "CIS_Section": "3.1.3", + "ISO_Mapping": "A.12.4.1", + "Strategy": "Logging & Monitoring", + "Sub_Strategy": "Cloud Application Security Monitoring", + "Test_id": "MDCA-ENABLE-001", + "Level": "L2", + "Compliance_Status": "Compliant", + "Risk_Rating": "N/A", + "Priority": "N/A", + "Pass_Fail": "PASS", + "Description": "Microsoft Defender for Cloud Apps must be enabled and connected to M365 to provide anomaly detection, shadow IT discovery, and session policy enforcement.", + "Observations": "Defender for Cloud Apps is active with the M365 app connector enabled. Anomaly detection policies are in default state with 3 active custom alert policies. Alert review cadence is weekly per SOC procedures.", + "Justification": "Defender for Cloud Apps admin portal confirmed app connector status = Connected for Microsoft 365. Custom alert policies confirmed via API.", + "Evidence_Type": "Portal configuration screenshot + API output", + "File_Name": "mdca_connector_20250430.json", + "Extract": "{ \"appId\": 11161, \"name\": \"Microsoft 365\", \"status\": \"Connected\", \"lastSynced\": \"2025-04-30T06:00:00Z\" }", + "Confidence": "High", + "Evidence_Explanation": "M365 connector confirmed active and syncing. Anomaly detection is operational. Weekly alert review provides adequate coverage for the current threat posture.", + "Impact": "N/A \u2014 Compliant.", + "Root_Cause": "N/A", + "Remediation": "No action required. Consider enabling session controls for high-risk users once Conditional Access gaps are remediated.", + "Recommendations": "IT Security Team", + "Owner": "IT Security Team", + "Target_Date": "N/A", + "Remediation_Status": "Closed", + "Pass_Fail_Label": "PASS" + } + ] +} \ No newline at end of file diff --git a/security/reports/report_service.py b/security/reports/report_service.py index a2e32a99a..aa23368d9 100644 --- a/security/reports/report_service.py +++ b/security/reports/report_service.py @@ -1,405 +1,1232 @@ +""" +report_service.py +================= +Takes a JSON dataset and a Word template, fills every {placeholder} token, +and saves the result as a .docx or PDF. + +Quick start:: + + from report_service import generate_full_report_docx + import json + + with open("dataset.json") as f: + data = json.load(f) + + out = generate_full_report_docx(data) + # open out in Word, check layout, export to PDF + +For headless pipelines use generate_full_report_pdf() instead. + +Dataset schema +-------------- +The top-level keys the service reads are: + + tenant dict org name, domain, assessor, dates, etc. + summary dict scores, risk posture, strengths, top risks + controls list one dict per control (see _single_control_mapping) + evidence_register list evidence items for Appendix A (up to 10) + remediation_plan list remediation rows (up to 8) + +None of these are required — missing keys produce empty strings in the output. +Key names are normalised before lookup (lower-cased, underscores/hyphens/slashes +collapsed to spaces), so "Tenant_Name", "tenant name", and "tenant-name" all +resolve to the same value. + +Adding new tokens +----------------- +1. Add the {New_Token} placeholder to the Word template. +2. Add "New_Token": _pick(n, "new token", "new_token") to the relevant + mapping function below (_map_tenant, _map_summary, _single_control_mapping, + etc.). That's it — no other changes needed. + +PDF conversion +-------------- +Tries three methods in order: + 1. docx2pdf (requires Microsoft Word on Windows/macOS) + 2. LibreOffice headless (soffice must be on PATH) + 3. fpdf2 plain-text fallback (no layout fidelity, last resort) + +If none of those are available the call raises RuntimeError. +""" + from __future__ import annotations +import logging import os -import uuid +import re import subprocess +import uuid from datetime import datetime from pathlib import Path -from typing import Mapping, Any, Optional, Dict, Tuple +from typing import Any, Dict, List, Mapping, Optional, Tuple from docx import Document +from docx.oxml import OxmlElement +from docx.oxml.ns import qn from docx.shared import Inches -from fpdf import FPDF +log = logging.getLogger(__name__) -def generate_pdf( - data: Mapping[str, Any], - *, - template_path: os.PathLike | str = "templates/report_template.docx", - output_dir: os.PathLike | str = "reports_out", - base_dir: os.PathLike | str = ".", - image_marker: str = "[Embed evidence here]", - unique_id_override: Optional[str] = None, -) -> Path: - """ - Render a single PDF from the in-memory mapping produced by the OCR/rules step. - - Expected keys in `data` (case/spacing tolerant): - UniqueID or UserID -> becomes UniqueID in template - Evidence -> path to original evidence file - Evidence Preview (optional) -> path to an image to embed - Strategy, TestID, Sub-Strategy, ML Level, Pass/Fail, Priority, - Recommendation -> Recommendations, Evidence Extract -> Extract - Description - Confidence - - Returns: Path to the generated PDF. - """ - mapping, embed_path, unique_id = _map_to_placeholders(data, Path(base_dir)) +# OOXML tag names we reference directly in lxml operations. +_W_NS = "http://schemas.openxmlformats.org/wordprocessingml/2006/main" +_W_T = f"{{{_W_NS}}}t" +_W_R = f"{{{_W_NS}}}r" +_W_P = f"{{{_W_NS}}}p" - if unique_id_override: - unique_id = unique_id_override - mapping["UniqueID"] = unique_id - mapping["Unique ID"] = unique_id - tpath = Path(template_path) - if not tpath.exists(): - raise FileNotFoundError(f"Template not found: {tpath}") +# --------------------------------------------------------------------------- +# Text sanitisation +# +# Word XML only accepts characters in the Latin-1 range for most text nodes, +# so we swap common Unicode punctuation for ASCII equivalents before writing +# anything back into the document. +# --------------------------------------------------------------------------- - outdir = Path(output_dir) - outdir.mkdir(parents=True, exist_ok=True) - pdf_path = outdir / f"{unique_id}.pdf" - doc = Document(str(tpath)) - _replace_braced_placeholders_everywhere(doc, mapping) - _replace_xml_text_everywhere(doc, mapping) - if embed_path: - if not _insert_image_at_marker(doc, image_marker, embed_path, width_inches=6.0): - _insert_image_at_marker(doc, "[Embed screenshot here]", embed_path, width_inches=6.0) - else: - _remove_markers_everywhere(doc, ["[Embed evidence here]", "[Embed screenshot here]"]) - filled = pdf_path.with_suffix(".filled.docx") - doc.save(str(filled)) - _convert_docx_to_pdf(filled, pdf_path) - try: - filled.unlink() - except Exception: - pass +_CHAR_SUBS: Dict[str, str] = { + "\u2019": "'", "\u2018": "'", # smart quotes + "\u201c": '"', "\u201d": '"', + "\u2013": "-", "\u2014": "-", # en/em dash + "\u2022": "*", "\u2026": "...", # bullet, ellipsis + "\u00a0": " ", "\u2192": "->", # NBSP, right arrow +} + + +def _sanitise(v: str) -> str: + for ch, rep in _CHAR_SUBS.items(): + v = v.replace(ch, rep) + return v - return pdf_path +def _sanitise_mapping(m: Dict[str, str]) -> Dict[str, str]: + return {k: _sanitise(v) for k, v in m.items()} -# ---------- Mapping (OCR dict -> template placeholders) ---------- + +# --------------------------------------------------------------------------- +# Key normalisation +# +# Dataset keys arrive in all kinds of formats — snake_case, Title Case, +# kebab-case — so we normalise everything to lowercase space-separated words +# before comparing. _pick() then tries several name variants for each token +# so callers don't need to guess the exact key their dataset uses. +# --------------------------------------------------------------------------- def _normalize_keys(d: Mapping[str, Any]) -> Dict[str, str]: norm: Dict[str, str] = {} for k, v in d.items(): - key = " ".join(str(k).strip().lower().replace("_", " ").replace("-", " ").replace("/", " ").split()) + key = " ".join( + str(k).strip().lower() + .replace("_", " ").replace("-", " ").replace("/", " ") + .split() + ) norm[key] = "" if v is None else str(v) return norm + def _pick(norm: Dict[str, str], *names: str) -> str: + """Try each name in order and return the first match, or empty string.""" for n in names: key = " ".join(n.strip().lower().split()) if key in norm: return norm[key] return "" -def _map_to_placeholders(data: Mapping[str, Any], base_dir: Path) -> Tuple[Dict[str, str], Optional[Path], str]: - n = _normalize_keys(data) - # Inputs (tolerant keys) - unique_id = _pick(n, "uniqueid", "unique id", "userid", "user id") or str(uuid.uuid4()) - strategy = _pick(n, "strategy") - testid = _pick(n, "testid", "test id") - substrat = _pick(n, "sub-strategy", "sub strategy") - level = _pick(n, "ml level", "level") - passfail = _pick(n, "pass/fail", "pass fail") - priority = _pick(n, "priority") - rec = _pick(n, "recommendation", "recommendations") - extract = _pick(n, "evidence extract", "extract") - descr = _pick(n, "description") - confidence = _pick(n, "confidence") - - # Evidence paths - evidence_path_str = _pick(n, "evidence", "evidence path", "file", "file path", "filepath", "image", "screenshot") - preview_path_str = _pick(n, "evidence preview", "preview", "embed path") - - # Resolve paths - embed_path: Optional[Path] = None - file_name = "" - if evidence_path_str: - ep = Path(evidence_path_str) - if not ep.is_absolute(): - ep = base_dir / ep - file_name = ep.name - if preview_path_str: - pp = Path(preview_path_str) - if not pp.is_absolute(): - pp = base_dir / pp - if pp.exists(): - embed_path = pp - else: - if evidence_path_str: - ep = Path(evidence_path_str) - if not ep.is_absolute(): - ep = base_dir / ep - if ep.exists() and ep.suffix.lower() in {".png", ".jpg", ".jpeg", ".tif", ".tiff", ".bmp", ".webp"}: - embed_path = ep - - # Mapping to template placeholders (support a couple of variants) - mapping: Dict[str, str] = { - "UniqueID": unique_id, - "Unique ID": unique_id, - "UserID": unique_id, +# --------------------------------------------------------------------------- +# Placeholder variant expansion +# +# Word occasionally substitutes a Unicode dash for the ASCII hyphen inside +# token names when the template is edited on macOS. We add aliases for all +# four Unicode dash variants so {Sub-Strategy} and {Sub‑Strategy} both work. +# --------------------------------------------------------------------------- - "Strategy": strategy, - "Test_id": testid, - "Sub-Strategy": substrat, +_UNICODE_DASHES = ["\u2010", "\u2011", "\u2013", "\u2014"] - "level": level, - "Level": level, - "Pass/Fail": passfail, - "Priority": priority, +def _expand_placeholder_variants(mapping: Dict[str, str]) -> None: + extras: Dict[str, str] = {} + for k, v in list(mapping.items()): + if "-" in k: + for dash in _UNICODE_DASHES: + alias = k.replace("-", dash) + if alias not in mapping: + extras[alias] = v + mapping.update(extras) - "Recommendations": rec, - "extract": extract, - "Extract": extract, +# --------------------------------------------------------------------------- +# XML substitution engine +# +# Word splits paragraph text across multiple runs for formatting +# reasons, so a single token like {Control_Name} can end up split as +# "{Control_", "Name}". We handle this with two passes: +# +# Pass 1 — single-run substitution: replaces tokens that happen to fall +# entirely within one node. Fast and covers most cases. +# +# Pass 2 — paragraph merge: concatenates all run text, does the replace, +# then writes the result back into the first node and +# blanks the rest. This preserves run formatting (bold, colour, +# font size) because we're reusing existing elements rather +# than creating new ones. +# +# JSON in Extract values contains its own braces, so we escape them to +# sentinel strings before substitution and restore them afterwards. +# --------------------------------------------------------------------------- - "Description": descr, - "description": descr, - "Confidence": confidence or "", +def _collapse_token_whitespace(text: str) -> str: + """Strip whitespace inside {...} so mid-word-wrapped tokens still match.""" + def _strip(m: re.Match) -> str: + return "{" + re.sub(r"\s+", "", m.group(1)) + "}" + return re.sub(r"\{([^}]*)\}", _strip, text) - "file name": file_name, - "File Name": file_name, - "Date Generated": datetime.now().strftime("%d %b %Y"), - } - _expand_placeholder_variants(mapping) - return mapping, embed_path, unique_id +def _sub_mapping_in_element(element, mapping: Dict[str, str]) -> None: + # Pass 1: single-run tokens + for t in element.iter(): + if t.tag == _W_T and t.text: + new = t.text + for k, v in mapping.items(): + new = new.replace("{" + k + "}", v) + if new != t.text: + t.text = new + # Pass 2: tokens split across runs within a paragraph + for para in element.iter(): + if para.tag != _W_P: + continue + runs = [c for c in para if c.tag == _W_R] + if not runs: + continue -# ---------- DOCX helpers ---------- + # Collect the first from each run (None if the run has no text node) + t_nodes: List[Optional[Any]] = [] + for r in runs: + for c in r: + if c.tag == _W_T: + t_nodes.append(c) + break + else: + t_nodes.append(None) -def _iter_paragraphs(doc): - for p in doc.paragraphs: - yield p - for tbl in doc.tables: - for row in tbl.rows: - for cell in row.cells: - for p in cell.paragraphs: - yield p - -def _replace_in_runs(paragraph, mapping: Mapping[str, Any]) -> bool: - changed = False - for run in paragraph.runs: - txt = run.text - new = txt + full = "".join((t.text or "") for t in t_nodes if t is not None) + if not full: + continue + + new = _collapse_token_whitespace(full) for k, v in mapping.items(): - new = new.replace("{" + k + "}", str(v)) - if new != txt: - run.text = new - changed = True - return changed - -def _rebuild_paragraph_text(paragraph, mapping: Mapping[str, Any]) -> None: - full = "".join(run.text for run in paragraph.runs) - repl = full - for k, v in mapping.items(): - repl = repl.replace("{" + k + "}", str(v)) - if repl != full: - for r in paragraph.runs: - r.text = "" - paragraph.add_run(repl) - -def _replace_braced_placeholders_everywhere(doc, mapping: Mapping[str, Any]) -> None: - for p in _iter_paragraphs(doc): - if not _replace_in_runs(p, mapping): - _rebuild_paragraph_text(p, mapping) - -def _replace_xml_text_everywhere(doc, mapping: Mapping[str, Any]) -> None: + new = new.replace("{" + k + "}", v) + + if new != full: + valid = [t for t in t_nodes if t is not None] + if valid: + valid[0].text = new + for t in valid[1:]: + t.text = "" + + # Restore JSON braces that were escaped before substitution + for t in element.iter(): + if t.tag == _W_T and t.text: + if "[[LBRACE]]" in t.text or "[[RBRACE]]" in t.text: + t.text = t.text.replace("[[LBRACE]]", "{").replace("[[RBRACE]]", "}") + + +def _sub_part(part, mapping: Dict[str, str]) -> None: + _sub_mapping_in_element(part.element, mapping) + + +def _iter_all_hf_parts(doc: Document): + """Yield every header/footer part for all sections and page variants.""" + attrs = ( + "header", "footer", + "first_page_header", "first_page_footer", + "even_page_header", "even_page_footer", + ) + for section in doc.sections: + for attr in attrs: + try: + hf = getattr(section, attr, None) + if hf and hf.part: + yield hf.part + except Exception: + pass + + +# --------------------------------------------------------------------------- +# Global mapping builders +# --------------------------------------------------------------------------- + +def _map_tenant(t: Mapping[str, Any]) -> Dict[str, str]: + n = _normalize_keys(t) + return { + "Tenant_Name": _pick(n, "tenant name", "tenant_name"), + "Tenant_Domain": _pick(n, "tenant domain", "tenant_domain"), + "Assessor_Name": _pick(n, "assessor name", "assessor_name"), + "Frameworks_Used": _pick(n, "frameworks used", "frameworks_used", "framework"), + "Assessment_Period": _pick(n, "assessment period", "assessment_period"), + "Assessment_Date": _pick(n, "assessment date", "assessment_date"), + "Classification": _pick(n, "classification"), + "Report_Version": _pick(n, "report version", "report_version", "version"), + "Distribution": _pick(n, "distribution"), + "Prepared_By": _pick(n, "prepared by", "prepared_by"), + "Reviewed_By": _pick(n, "reviewed by", "reviewed_by"), + "Team_Function": _pick(n, "team function", "team_function"), + "Limitations": _pick(n, "limitations"), + "Scope_Owner": _pick(n, "scope owner", "scope_owner"), + } + + +def _map_summary(s: Mapping[str, Any]) -> Dict[str, str]: + n = _normalize_keys(s) + rp = _pick(n, "overall risk posture", "overall_risk_posture") + ex = ( + _pick(n, "executive summary", "executive_summary") + or _pick(n, "key recommendation", "key_recommendation") + ) + return { + "Executive_Summary": ex, + "Key_Recommendation": _pick(n, "key recommendation", "key_recommendation"), + "Overall_Score": _pick(n, "overall score", "overall_score"), + "Overall_Risk_Posture": rp, + "OVERALL_RISK_POSTURE": rp, # template uses both cases + "Total_Controls": _pick(n, "total controls", "total_controls"), + "Total_Pass": _pick(n, "total pass", "total_pass"), + "Total_Fail": _pick(n, "total fail", "total_fail"), + "Total_Critical": _pick(n, "total critical", "total_critical"), + "Total_High": _pick(n, "total high", "total_high"), + "Total_Medium": _pick(n, "total medium", "total_medium"), + "Total_Low": _pick(n, "total low", "total_low"), + "Top_Risk_1": _pick(n, "top risk 1", "top_risk_1"), + "Top_Risk_2": _pick(n, "top risk 2", "top_risk_2"), + "Top_Risk_3": _pick(n, "top risk 3", "top_risk_3"), + "Strength_1": _pick(n, "strength 1", "strength_1"), + "Strength_1_Evidence": _pick(n, "strength 1 evidence", "strength_1_evidence"), + "Strength_2": _pick(n, "strength 2", "strength_2"), + "Strength_2_Evidence": _pick(n, "strength 2 evidence", "strength_2_evidence"), + "Strength_3": _pick(n, "strength 3", "strength_3"), + "Strength_3_Evidence": _pick(n, "strength 3 evidence", "strength_3_evidence"), + "Strength_4": _pick(n, "strength 4", "strength_4"), + "Strength_4_Evidence": _pick(n, "strength 4 evidence", "strength_4_evidence"), + "Strength_5": _pick(n, "strength 5", "strength_5"), + "Strength_5_Evidence": _pick(n, "strength 5 evidence", "strength_5_evidence"), + "Top_Remediation_Action": _pick(n, "top remediation action", "top_remediation_action"), + } + + +def _map_categories(data_summary: Mapping[str, Any]) -> Dict[str, str]: """ - Replace {tokens} in all text nodes across main doc part, - headers, and footers. Works even with older python-docx (no namespaces kwarg). + Handles both dataset shapes: + - flat: summary.Cat_1_Pass + - nested: summary.categories.Cat_1.Pass """ - def replace_in_part(part): - root = part.element - texts = [] - try: - ns = getattr(root, "nsmap", None) - if ns: - texts = root.xpath(".//w:t", namespaces=ns) - except TypeError: - texts = [] - if not texts: - texts = root.xpath(".//*[local-name()='t']") - - for t in texts: - old = t.text or "" - new = old - for k, v in mapping.items(): - new = new.replace("{" + k + "}", str(v)) - if new != old: - t.text = new + result: Dict[str, str] = {} + n_summary = _normalize_keys(data_summary) + nested_cats = data_summary.get("categories", {}) - replace_in_part(doc.part) - for section in doc.sections: - try: - if section.header: - replace_in_part(section.header.part) - except Exception: - pass - try: - if section.footer: - replace_in_part(section.footer.part) - except Exception: - pass + for i in range(1, 10): + flat_pass = _pick(n_summary, f"cat {i} pass", f"cat_{i}_pass") + flat_fail = _pick(n_summary, f"cat {i} fail", f"cat_{i}_fail") + flat_total = _pick(n_summary, f"cat {i} total", f"cat_{i}_total") + flat_comment = _pick(n_summary, f"cat {i} comment", f"cat_{i}_comment") -def _insert_image_at_marker(doc, marker: str, image_path: os.PathLike | str, width_inches: float = 6.0) -> bool: + if not flat_pass and nested_cats: + c = nested_cats.get(f"Cat_{i}", {}) + nc = _normalize_keys(c) + flat_pass = _pick(nc, "pass") or "0" + flat_fail = _pick(nc, "fail") or "0" + flat_total = _pick(nc, "total") or "0" + flat_comment = _pick(nc, "comment") or "" + + result[f"Cat_{i}_Pass"] = flat_pass or "0" + result[f"Cat_{i}_Fail"] = flat_fail or "0" + result[f"Cat_{i}_Total"] = flat_total or "0" + result[f"Cat_{i}_Comment"] = flat_comment or "" + + return result + + +def _map_evidence_register(ev: list) -> Dict[str, str]: + """Build Evidence_N_* keys for Appendix A (up to 10 items).""" + result: Dict[str, str] = {} + for i, item in enumerate(ev[:10], 1): + n = _normalize_keys(item) + result[f"Evidence_{i}_Description"] = ( + _pick(n, "evidence description", "evidence_description") or _pick(n, "description") + ) + result[f"Evidence_{i}_Source"] = ( + _pick(n, "evidence source", "evidence_source") or _pick(n, "source") + ) + result[f"Evidence_{i}_MappedControl"] = ( + _pick(n, "mapped control", "mapped_control") or _pick(n, "uniqueid", "unique id") + ) + result[f"Evidence_{i}_Date"] = ( + _pick(n, "date captured", "date_captured") + or _pick(n, "date", "assessment date", "assessment_date") + ) + + # Blank out any template rows that have no corresponding data + for i in range(len(ev) + 1, 11): + result.setdefault(f"Evidence_{i}_Description", "") + result.setdefault(f"Evidence_{i}_Source", "") + result.setdefault(f"Evidence_{i}_MappedControl", "") + result.setdefault(f"Evidence_{i}_Date", "") + + return result + + +def _build_global_mapping(data: Mapping[str, Any]) -> Dict[str, str]: + """Merge all top-level mappings into one dict for global substitution.""" + m: Dict[str, str] = {} + m.update(_map_tenant(data.get("tenant", {}))) + m.update(_map_summary(data.get("summary", {}))) + m.update(_map_categories(data.get("summary", {}))) + m.update(_map_evidence_register(data.get("evidence_register", []))) + + now = datetime.now().strftime("%d %b %Y %H:%M") + # The footer token can appear as '{Date Generated}' or '{Generated Date}'. + # _collapse_token_whitespace strips spaces inside braces, so both the + # spaced and spaceless forms need to be registered. + m["Date Generated"] = now + m["Generated Date"] = now + m["Generated_Date"] = now + m["DateGenerated"] = now + m["GeneratedDate"] = now + + return _sanitise_mapping(m) + + +# --------------------------------------------------------------------------- +# Per-control mapping +# --------------------------------------------------------------------------- + +def _single_control_mapping(ctrl: Mapping[str, Any]) -> Dict[str, str]: + """ + Build the token map for one finding block. + + Extract values often contain JSON with their own braces. We escape those + to sentinel strings here and _sub_mapping_in_element() restores them after + all {Token} replacements are done. + """ + n = _normalize_keys(ctrl) + ss = _pick(n, "sub strategy", "sub_strategy", "substrategy") + + extract_raw = _pick(n, "extract", "evidence extract") + extract_safe = extract_raw.replace("{", "[[LBRACE]]").replace("}", "[[RBRACE]]") + + return { + "Control Name": _pick(n, "control name", "control_name"), + "Control_Name": _pick(n, "control name", "control_name"), + "CIS_Section": _pick(n, "cis section", "cis_section"), + "ISO_Mapping": _pick(n, "iso mapping", "iso_mapping"), + "Strategy": _pick(n, "strategy"), + "Sub-Strategy": ss, + "Sub_Strategy": ss, + "Test_id": _pick(n, "test id", "test_id", "testid"), + "Level": _pick(n, "level"), + "Compliance_Status": _pick(n, "compliance status", "compliance_status"), + "Risk_Rating": _pick(n, "risk rating", "risk_rating"), + "Priority": _pick(n, "priority"), + "Pass/Fail": _pick(n, "pass fail", "pass/fail", "passfail"), + "Description": _pick(n, "description"), + "Observations": _pick(n, "observations", "observation"), + "Justification": _pick(n, "justification"), + "Evidence_Type": _pick(n, "evidence type", "evidence_type"), + "File Name": _pick(n, "file name", "file_name", "filename"), + "Extract": extract_safe, + "Confidence": _pick(n, "confidence"), + "Evidence_Explanation": _pick(n, "evidence explanation", "evidence_explanation"), + "Impact": _pick(n, "impact"), + "Root_Cause": _pick(n, "root cause", "root_cause"), + "Remediation": _pick(n, "remediation"), + "Recommendations": _pick(n, "recommendations", "recommendation"), + "Owner": _pick(n, "owner"), + "Target_Date": _pick(n, "target date", "target_date"), + "Remediation_Status": _pick(n, "remediation status", "remediation_status", "status"), + "UniqueID": _pick(n, "uniqueid", "unique id", "userid"), + } + + +# --------------------------------------------------------------------------- +# Severity bucketing +# --------------------------------------------------------------------------- + +def _bucket_fails_by_severity(controls: list) -> Dict[str, Optional[dict]]: + """ + Pick the first FAIL at each severity level. The template has one finding + block per level, so only the first match matters. + """ + order = ["Critical", "High", "Medium", "Low"] + buckets: Dict[str, Optional[dict]] = {s: None for s in order} + for ctrl in controls: + n = _normalize_keys(ctrl) + pf = _pick(n, "pass fail", "pass/fail", "passfail").upper() + sv = _pick(n, "risk rating", "risk_rating", "severity") + if pf == "FAIL" and sv in buckets and buckets[sv] is None: + buckets[sv] = dict(ctrl) + return buckets + + +# --------------------------------------------------------------------------- +# Table location helpers +# +# These run before any substitution so the placeholder text is still raw +# and searchable. If they run after, the tokens have been replaced and the +# table can no longer be found by content. +# --------------------------------------------------------------------------- + +def _find_remediation_table(doc: Document) -> Optional[Any]: + for table in doc.tables: + for row in table.rows: + if re.search(r"Remediation_Action_\d+", " ".join(c.text for c in row.cells)): + return table + return None + + +def _find_appendix_b_table(doc: Document) -> Optional[Any]: + for table in doc.tables: + full = " ".join(c.text for row in table.rows for c in row.cells) + if "Control_Name" in full and ("EV-00" in full or "UniqueID" in full): + return table + return None + + +def _find_evidence_table(doc: Document) -> Optional[Any]: + for table in doc.tables: + full = " ".join(c.text for row in table.rows for c in row.cells) + if "EV-001" in full and "Evidence_1_Description" in full: + return table + return None + + +# --------------------------------------------------------------------------- +# Document-level substitution steps +# --------------------------------------------------------------------------- + +# Section numbers that anchor each severity finding block in the template. +_BLOCK_SENTINELS = { + "Critical": "6.1", + "High": "6.2", + "Medium": "6.3", + "Low": "6.4", +} + +# These keywords appear in the real section headings but not in TOC entries. +# Requiring both the number AND a keyword prevents matching the TOC. +_BLOCK_SEVERITY_KEYWORDS = { + "Critical": ["(Critical)", "Critical"], + "High": ["(High)", "High"], + "Medium": ["(Medium)", "Medium"], + "Low": ["(Low)", "Low"], +} + + +def _substitute_finding_blocks( + doc: Document, + severity_controls: Dict[str, Optional[dict]], +) -> None: + """ + Substitute tokens in each severity block (6.1-6.4), scoped tightly so + one block's data never leaks into another. + + The TOC contains the same '6.1', '6.2' etc. strings and appears before + the actual headings in the document body. We skip TOC entries by + requiring both the section number and the severity keyword in the same + element. + + Section 7 is the hard stop — nothing past it gets touched here. + """ + body = doc.element.body + children = list(body) + order = ["Critical", "High", "Medium", "Low"] + + anchors: Dict[str, int] = {} + section7_idx: Optional[int] = None + + for idx, child in enumerate(children): + text = "".join(t.text for t in child.iter() if t.tag == _W_T and t.text) + + if (section7_idx is None + and re.match(r"\s*7[\.\s]", text) + and "\u2026" not in text + and "..." not in text + and len(text) < 80): + section7_idx = idx + + for sev, sentinel in _BLOCK_SENTINELS.items(): + if sev not in anchors: + has_num = bool(re.search(r"(? None: + """Fill the remediation plan table row by row (up to 8 rows).""" + if not rem_table: + return + + data_rows = [ + row for row in rem_table.rows + if re.search(r"Remediation_Action_\d+", " ".join(c.text for c in row.cells)) + ] + + for i, (row, item) in enumerate(zip(data_rows, rows), 1): + n = _normalize_keys(item) + action = ( + _pick(n, "remediation action", "action") + or _pick(n, f"remediation action {i}", f"remediation_action_{i}") + ) + row_map = _sanitise_mapping({ + f"Remediation_Action_{i}": action, + "Owner": _pick(n, "owner") or "", + "Target_Date": _pick(n, "target date", "target_date") or "", + "Remediation_Status": _pick(n, "status", "remediation status", "remediation_status") or "", + }) + _sub_mapping_in_element(row._tr, row_map) + + # Blank template rows that have no data + for i in range(len(rows) + 1, len(data_rows) + 1): + pad = { + f"Remediation_Action_{i}": "", + "Owner": "", "Target_Date": "", "Remediation_Status": "", + } + _sub_mapping_in_element(data_rows[i - 1]._tr, pad) + + +def _substitute_appendix_b(doc: Document, controls: list, app_b_table) -> None: + """Fill the Appendix B controls summary table row by row.""" + if not app_b_table: + return + + data_rows = [ + row for row in app_b_table.rows + if "Control_Name" in " ".join(c.text for c in row.cells) + or "UniqueID" in " ".join(c.text for c in row.cells) + ] + + for row, ctrl in zip(data_rows, controls): + n = _normalize_keys(ctrl) + row_map = _sanitise_mapping({ + "Control_Name": _pick(n, "control name", "control_name") or "", + "Control Name": _pick(n, "control name", "control_name") or "", + "UniqueID": _pick(n, "uniqueid", "unique id") or "", + "Level": _pick(n, "level") or "", + "Pass/Fail": _pick(n, "pass fail", "pass/fail") or "", + }) + _sub_mapping_in_element(row._tr, row_map) + + for i in range(len(controls), len(data_rows)): + pad = {"Control_Name": "", "Control Name": "", "UniqueID": "", "Level": "", "Pass/Fail": ""} + _sub_mapping_in_element(data_rows[i]._tr, pad) + + +def _substitute_evidence_table(doc: Document, evidence_items: list, ev_table) -> None: + """ + Fill the Evidence Register table row by row (Appendix A). + + The template reuses {UniqueID} for the Mapped Control column and + {Assessment_Date} for Date Captured. Both are shared token names that + global substitution would fill with wrong values (tenant-level data), so + we handle them per-row here before the global pass runs. + """ + if not ev_table: + return + + data_rows = [ + row for row in ev_table.rows + if "EV-0" in " ".join(c.text for c in row.cells) + ] + + for i, (row, item) in enumerate(zip(data_rows, evidence_items), 1): + n = _normalize_keys(item) + desc = _pick(n, "evidence description", "evidence_description") or _pick(n, "description") or "" + source = _pick(n, "evidence source", "evidence_source") or _pick(n, "source") or "" + mapped = _pick(n, "mapped control", "mapped_control") or _pick(n, "uniqueid", "unique id") or "" + date = ( + _pick(n, "date captured", "date_captured") + or _pick(n, "date", "assessment date", "assessment_date") or "" + ) + row_map = _sanitise_mapping({ + f"Evidence_{i}_Description": desc, + f"Evidence_{i}_Source": source, + "UniqueID": mapped, + "Assessment_Date": date, + }) + _sub_mapping_in_element(row._tr, row_map) + + for i in range(len(evidence_items), len(data_rows)): + pad = { + f"Evidence_{i+1}_Description": "", + f"Evidence_{i+1}_Source": "", + "UniqueID": "", + "Assessment_Date": "", + } + _sub_mapping_in_element(data_rows[i]._tr, pad) + + +def _substitute_global(doc: Document, mapping: Dict[str, str]) -> None: + """Global pass — runs after all scoped steps, fills everything remaining.""" + _sub_part(doc.part, mapping) + for part in _iter_all_hf_parts(doc): + _sub_part(part, mapping) + + +# --------------------------------------------------------------------------- +# Stray marker removal +# --------------------------------------------------------------------------- + +_STRAY_MARKERS = [ + "[Embed evidence here]", + "[Embed screenshot here]", + "End of report. Delete unused finding blocks and this note before issuing the final version.", + "[Repeat the finding block above for each additional failing control, ordered Critical \u2192 High \u2192 Medium \u2192 Low]", + "[Repeat the finding block above for each additional failing control, ordered Critical -> High -> Medium -> Low]", +] + + +def _remove_markers(doc: Document, extra_markers: Optional[List[str]] = None) -> None: + """Strip template instruction strings that should not appear in output.""" + markers = _STRAY_MARKERS + (extra_markers or []) + + def _scrub(element) -> None: + for t in element.iter(): + if t.tag == _W_T and t.text: + new = t.text + for m in markers: + new = new.replace(m, "") + if new != t.text: + t.text = new + + _scrub(doc.element) + for part in _iter_all_hf_parts(doc): + _scrub(part.element) + + +# --------------------------------------------------------------------------- +# Image embedding +# --------------------------------------------------------------------------- + +def _insert_image_at_marker( + doc: Document, + marker: str, + image_path: os.PathLike | str, + width_inches: float = 6.0, +) -> bool: + """Replace marker text with an embedded image. Returns False if not found.""" ip = Path(image_path) if not ip.exists(): return False + target = None - for p in _iter_paragraphs(doc): - if marker in "".join(run.text for run in p.runs): + for p in doc.paragraphs: + if marker in "".join(r.text for r in p.runs): target = p break + + if not target: + for tbl in doc.tables: + for row in tbl.rows: + for cell in row.cells: + for p in cell.paragraphs: + if marker in "".join(r.text for r in p.runs): + target = p + break + if not target: return False + for r in target.runs: r.text = r.text.replace(marker, "") - run = target.add_run() - try: - run.add_picture(str(ip), width=Inches(width_inches)) - except AttributeError: - doc.add_picture(str(ip), width=Inches(width_inches)) + target.add_run().add_picture(str(ip), width=Inches(width_inches)) return True + +# --------------------------------------------------------------------------- +# Finding table column width fix +# +# The template's finding tables (6.1-6.4) have correct column widths in their +# XML (tblW, tcW) but are missing the tblLayout element. Without it the OOXML +# spec defaults to autofit, which lets Word override those widths when long +# content is injected — e.g. a JSON extract in the Justification row collapses +# the right column. Adding tblLayout type="fixed" is all that's needed. +# +# We identify finding tables by checking whether at least 4 known row labels +# appear in the left column, so the fix is robust to table index shifts if the +# template is ever restructured. +# --------------------------------------------------------------------------- + +_FINDING_ROW_LABELS = { + "Description", "Observation", "Justification", + "Evidence Reviewed", "Evidence Explanation", + "Risk / Impact", "Root Cause", "Recommendation", + "Control Reference", "Strategy / Sub-strategy", "Test ID", + "CIS Level", "Compliance Status", "Risk Rating", + "Priority", "Result", "Owner", +} + + +def _fix_finding_table_widths(doc: Document) -> None: + for table in doc.tables: + left_labels = {row.cells[0].text.strip() for row in table.rows if row.cells} + if len(left_labels & _FINDING_ROW_LABELS) < 4: + continue + tblPr = table._tbl.find(qn("w:tblPr")) + if tblPr is None: + continue + if tblPr.find(qn("w:tblLayout")) is None: + el = OxmlElement("w:tblLayout") + el.set(qn("w:type"), "fixed") + tblPr.append(el) + + +# --------------------------------------------------------------------------- +# PDF conversion +# --------------------------------------------------------------------------- + def _convert_docx_to_pdf(input_docx: Path, output_pdf: Path) -> None: """ - Try docx2pdf (uses Word on Windows/macOS). If unavailable, fall back to LibreOffice. + Try docx2pdf, then LibreOffice, then an fpdf2 plain-text fallback. + Raises RuntimeError if all three fail. """ - # Preferred: docx2pdf + # docx2pdf (needs Microsoft Word) try: - from docx2pdf import convert + from docx2pdf import convert # type: ignore convert(str(input_docx), str(output_pdf)) + log.info("PDF via docx2pdf: %s", output_pdf) return - except Exception: - pass + except ImportError: + log.debug("docx2pdf not installed, trying LibreOffice.") + except Exception as exc: + log.warning("docx2pdf failed (%s), trying LibreOffice.", exc) - # Fallback: LibreOffice + # LibreOffice headless try: out_dir = str(output_pdf.parent.resolve()) subprocess.run( - ["soffice", "--headless", "--convert-to", "pdf", "--outdir", out_dir, str(input_docx.resolve())], - check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE + ["soffice", "--headless", "--convert-to", "pdf", + "--outdir", out_dir, str(input_docx.resolve())], + check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, ) - expected = output_pdf.with_suffix(".pdf") - if expected.exists() and expected != output_pdf: - expected.replace(output_pdf) + lo_out = output_pdf.parent / (input_docx.stem + ".pdf") + if lo_out.exists() and lo_out != output_pdf: + lo_out.replace(output_pdf) + log.info("PDF via LibreOffice: %s", output_pdf) return - except Exception: - pass + except FileNotFoundError: + log.debug("soffice not found, using plain-text fallback.") + except subprocess.CalledProcessError as exc: + log.warning("LibreOffice failed (%s), using plain-text fallback.", exc) - # Final fallback: generate a simple text PDF (no external binaries) + # fpdf2 plain-text fallback (no layout fidelity) if _simple_pdf_from_docx(input_docx, output_pdf): + log.warning("PDF via fpdf2 fallback (no formatting): %s", output_pdf) return raise RuntimeError( - "PDF conversion failed. Install Microsoft Word for docx2pdf or LibreOffice, or ensure fpdf2 fallback works." + "PDF conversion failed — install docx2pdf (Word) or LibreOffice, " + "or ensure fpdf2 is available." ) def _simple_pdf_from_docx(input_docx: Path, output_pdf: Path) -> bool: - """ - Pure-Python fallback using fpdf2 to ensure a downloadable PDF is always produced. - """ + """Text-only PDF via fpdf2. Used only when Word and LibreOffice are unavailable.""" try: + from fpdf import FPDF # type: ignore + doc = Document(str(input_docx)) pdf = FPDF() pdf.set_auto_page_break(auto=True, margin=15) pdf.add_page() - pdf.set_font("Helvetica", size=12) + pdf.set_font("helvetica", size=12) - def _safe_text(text: str) -> str: - """fpdf core fonts are latin-1; strip/replace unsupported chars.""" - if text is None: + def _safe(text: str) -> str: + if not text: return "" try: - return text.encode("latin-1").decode("latin-1") + return text.encode("latin-1", errors="replace").decode("latin-1") except Exception: - return text.encode("ascii", "replace").decode("ascii") + return text.encode("ascii", errors="replace").decode("ascii") - def _write_line(line: str): - line = _safe_text(line) - if not line: - return - pdf.multi_cell(0, 8, line) - pdf.ln(1) + def _line(text: str) -> None: + text = _safe(text.strip()) + if text: + pdf.multi_cell(0, 8, text) + pdf.ln(1) for p in doc.paragraphs: - text = (p.text or "").strip() - _write_line(text) - + _line(p.text or "") for tbl in doc.tables: for row in tbl.rows: - row_text = " | ".join((cell.text or "").strip() for cell in row.cells) - _write_line(row_text) + _line(" | ".join((c.text or "").strip() for c in row.cells)) pdf.output(str(output_pdf)) return True - except Exception: + except Exception as exc: + log.error("fpdf2 fallback failed: %s", exc) return False - -def _remove_markers_everywhere(doc, markers: list[str]) -> None: - for p in _iter_paragraphs(doc): - full = "".join(r.text for r in p.runs) - new_full = full - for m in markers: - new_full = new_full.replace(m, "") - if new_full != full: - for r in p.runs: - r.text = "" - p.add_run(new_full) - - def scrub_part(part): - root = part.element - texts = [] - try: - ns = getattr(root, "nsmap", None) - if ns: - texts = root.xpath(".//w:t", namespaces=ns) - except TypeError: - texts = [] - if not texts: - texts = root.xpath(".//*[local-name()='t']") - for t in texts: - old = t.text or "" - new = old - for m in markers: - new = new.replace(m, "") - if new != old: - t.text = new - scrub_part(doc.part) - for section in doc.sections: - try: - if section.header: - scrub_part(section.header.part) - except Exception: - pass + +# --------------------------------------------------------------------------- +# Render core +# --------------------------------------------------------------------------- + +def _resolve_output_stem(mapping: Dict[str, str], override: Optional[str]) -> str: + if override: + return override + tenant = mapping.get("Tenant_Name", "report").replace(" ", "_") + date = mapping.get("Assessment_Date", datetime.now().strftime("%d%b%Y")).replace(" ", "") + return f"{tenant}_{date}_AutoAudit_Report" + + +def _render_report_doc( + data: Mapping[str, Any], + template_path: Path, +) -> Tuple[Document, Dict[str, str]]: + """ + Load the template and run all substitution passes in the correct order. + + Order matters here — do not rearrange: + 1. Locate scoped tables while placeholder text is still raw. + 2. Per-block finding substitution (scoped to sections 6.1-6.4). + 3. Per-row remediation table. + 4. Per-row Appendix B. + 5. Per-row Evidence Register. + 6. Global substitution (everything remaining). + 7. Remove stray template instruction markers. + 8. Lock finding table column widths. + """ + global_mapping = _build_global_mapping(data) + _expand_placeholder_variants(global_mapping) + + severity_controls = _bucket_fails_by_severity(data.get("controls", [])) + remediation_rows = data.get("remediation_plan", [])[:8] + all_controls = data.get("controls", []) + + doc = Document(str(template_path)) + + rem_table = _find_remediation_table(doc) + app_b_table = _find_appendix_b_table(doc) + ev_table = _find_evidence_table(doc) + + _substitute_finding_blocks(doc, severity_controls) + _substitute_remediation_rows(doc, remediation_rows, rem_table) + _substitute_appendix_b(doc, all_controls, app_b_table) + _substitute_evidence_table(doc, data.get("evidence_register", [])[:10], ev_table) + _substitute_global(doc, global_mapping) + _remove_markers(doc) + _fix_finding_table_widths(doc) + + return doc, global_mapping + + +# --------------------------------------------------------------------------- +# Public API — full report +# --------------------------------------------------------------------------- + +def generate_full_report_docx( + data: Mapping[str, Any], + *, + template_path: os.PathLike | str = "AutoAudit_Report_Template.docx", + output_dir: os.PathLike | str = "reports_out", + output_filename: Optional[str] = None, +) -> Path: + """ + Fill the template with *data* and save as a .docx. + + The output filename defaults to ``__AutoAudit_Report.docx``. + Open the result in Word to check layout before exporting to PDF, or call + generate_full_report_pdf() if you want the PDF directly. + + Returns the path to the generated file. + """ + tpath = Path(template_path) + if not tpath.exists(): + raise FileNotFoundError(f"Template not found: {tpath}") + + outdir = Path(output_dir) + outdir.mkdir(parents=True, exist_ok=True) + + doc, mapping = _render_report_doc(data, tpath) + out = outdir / f"{_resolve_output_stem(mapping, output_filename)}.docx" + doc.save(str(out)) + + log.info("Report written to: %s", out) + return out + + +def generate_full_report_pdf( + data: Mapping[str, Any], + *, + template_path: os.PathLike | str = "AutoAudit_Report_Template.docx", + output_dir: os.PathLike | str = "reports_out", + output_filename: Optional[str] = None, + keep_docx: bool = False, +) -> Path: + """ + Fill the template, convert to PDF, and return the PDF path. + + Set keep_docx=True to also keep the intermediate .docx alongside the PDF. + PDF conversion tries docx2pdf → LibreOffice → fpdf2 in that order. + + Returns the path to the generated PDF. + """ + tpath = Path(template_path) + if not tpath.exists(): + raise FileNotFoundError(f"Template not found: {tpath}") + + outdir = Path(output_dir) + outdir.mkdir(parents=True, exist_ok=True) + + doc, mapping = _render_report_doc(data, tpath) + stem = _resolve_output_stem(mapping, output_filename) + docx_path = outdir / f"{stem}.docx" + pdf_path = outdir / f"{stem}.pdf" + + doc.save(str(docx_path)) + _convert_docx_to_pdf(docx_path, pdf_path) + + if not keep_docx: try: - if section.footer: - scrub_part(section.footer.part) + docx_path.unlink() except Exception: pass -# ---------- Tolerant placeholder variants ---------- + return pdf_path + -def _expand_placeholder_variants(mapping: Dict[str, str]) -> None: +def convert_docx_to_pdf( + docx_path: os.PathLike | str, + output_dir: Optional[os.PathLike | str] = None, +) -> Path: """ - Make our {token} replacement tolerant to: - - non-ASCII hyphens/dashes (‐, -, –, —) - - optional spaces inside braces: { Token } as well as {Token} - This only adds alias keys; it does NOT change original keys/values. + Convert an existing .docx to PDF. + + Handy after generate_full_report_docx() has been reviewed in Word and you + want to convert without re-rendering the whole report. + + Returns the path to the generated PDF. """ - hyphens = ["-", "\u2010", "\u2011", "\u2013", "\u2014"] - to_add: Dict[str, str] = {} + src = Path(docx_path) + if not src.exists(): + raise FileNotFoundError(f"File not found: {src}") - for k, v in list(mapping.items()): - spaced = f" {k} " - if spaced not in mapping: - to_add[spaced] = v - if "-" in k: - for h in hyphens: - if h == "-": - continue - k_dash = k.replace("-", h) - if k_dash not in mapping: - to_add[k_dash] = v - spaced_dash = f" {k_dash} " - if spaced_dash not in mapping: - to_add[spaced_dash] = v - - mapping.update(to_add) + outdir = Path(output_dir) if output_dir else src.parent + outdir.mkdir(parents=True, exist_ok=True) + pdf_path = outdir / (src.stem + ".pdf") + + _convert_docx_to_pdf(src, pdf_path) + return pdf_path + + +# --------------------------------------------------------------------------- +# Public API — single finding (legacy) +# --------------------------------------------------------------------------- + +def _build_single_finding_mapping( + data: Mapping[str, Any], + base_dir: Path, +) -> Tuple[Dict[str, str], Optional[Path], str]: + n = _normalize_keys(data) + + unique_id = _pick(n, "uniqueid", "unique id", "userid") or str(uuid.uuid4()) + ss = _pick(n, "sub strategy", "sub-strategy") + extract = _pick(n, "evidence extract", "extract") + + ev_str = _pick(n, "evidence", "evidence path", "file", "file path", + "filepath", "image", "screenshot") + preview_str = _pick(n, "evidence preview", "preview", "embed path") + + file_name: str = "" + embed_path: Optional[Path] = None + + if ev_str: + ep = Path(ev_str) + if not ep.is_absolute(): + ep = base_dir / ep + file_name = ep.name + + if preview_str: + pp = Path(preview_str) + if not pp.is_absolute(): + pp = base_dir / pp + if pp.exists(): + embed_path = pp + elif ev_str: + ep = Path(ev_str) + if not ep.is_absolute(): + ep = base_dir / ep + if ep.exists() and ep.suffix.lower() in {".png", ".jpg", ".jpeg", + ".tif", ".tiff", ".bmp", ".webp"}: + embed_path = ep + + mapping: Dict[str, str] = { + "UniqueID": unique_id, + "Strategy": _pick(n, "strategy"), + "Test_id": _pick(n, "testid", "test id"), + "Sub-Strategy": ss, + "Sub_Strategy": ss, + "Level": _pick(n, "ml level", "level"), + "Pass/Fail": _pick(n, "pass fail", "pass/fail"), + "Priority": _pick(n, "priority"), + "Recommendations": _pick(n, "recommendation", "recommendations"), + "Extract": extract.replace("{", "[[LBRACE]]").replace("}", "[[RBRACE]]"), + "Description": _pick(n, "description"), + "Confidence": _pick(n, "confidence"), + "File Name": file_name, + "Date Generated": datetime.now().strftime("%d %b %Y"), + "Generated Date": datetime.now().strftime("%d %b %Y"), + } + return _sanitise_mapping(mapping), embed_path, unique_id + + +def _render_single_finding_doc( + data: Mapping[str, Any], + base_dir: Path, + template_path: Path, + image_marker: str, + unique_id_override: Optional[str], +) -> Tuple[Document, str]: + mapping, embed_path, unique_id = _build_single_finding_mapping(data, base_dir) + + if unique_id_override: + unique_id = unique_id_override + mapping["UniqueID"] = unique_id + + doc = Document(str(template_path)) + _expand_placeholder_variants(mapping) + _sub_mapping_in_element(doc.element, mapping) + for part in _iter_all_hf_parts(doc): + _sub_mapping_in_element(part.element, mapping) + + if embed_path: + if not _insert_image_at_marker(doc, image_marker, embed_path): + _insert_image_at_marker(doc, "[Embed screenshot here]", embed_path) + else: + _remove_markers(doc, [image_marker, "[Embed screenshot here]"]) + + return doc, unique_id + + +def generate_single_finding_docx( + data: Mapping[str, Any], + *, + template_path: os.PathLike | str = "AutoAudit_Report_Template.docx", + output_dir: os.PathLike | str = "reports_out", + base_dir: os.PathLike | str = ".", + image_marker: str = "[Embed evidence here]", + unique_id_override: Optional[str] = None, +) -> Path: + """ + Render a single finding entry as a .docx (legacy / OCR pipeline usage). + Returns the path to the generated file. + """ + tpath = Path(template_path) + if not tpath.exists(): + raise FileNotFoundError(f"Template not found: {tpath}") + + outdir = Path(output_dir) + outdir.mkdir(parents=True, exist_ok=True) + + doc, uid = _render_single_finding_doc( + data, Path(base_dir), tpath, image_marker, unique_id_override + ) + out = outdir / f"{uid}.docx" + doc.save(str(out)) + log.info("Single-finding docx: %s", out) + return out + + +def generate_single_finding_pdf( + data: Mapping[str, Any], + *, + template_path: os.PathLike | str = "AutoAudit_Report_Template.docx", + output_dir: os.PathLike | str = "reports_out", + base_dir: os.PathLike | str = ".", + image_marker: str = "[Embed evidence here]", + unique_id_override: Optional[str] = None, +) -> Path: + """ + Render a single finding entry directly to PDF (legacy usage). + Prefer generate_single_finding_docx() when you need to review the output first. + Returns the path to the generated PDF. + """ + tpath = Path(template_path) + if not tpath.exists(): + raise FileNotFoundError(f"Template not found: {tpath}") + + outdir = Path(output_dir) + outdir.mkdir(parents=True, exist_ok=True) + + doc, uid = _render_single_finding_doc( + data, Path(base_dir), tpath, image_marker, unique_id_override + ) + docx_path = outdir / f"{uid}.docx" + pdf_path = outdir / f"{uid}.pdf" + doc.save(str(docx_path)) + _convert_docx_to_pdf(docx_path, pdf_path) + + try: + docx_path.unlink() + except Exception: + pass + + return pdf_path + + +# --------------------------------------------------------------------------- +# CLI +# --------------------------------------------------------------------------- + +if __name__ == "__main__": + import json + import sys + + logging.basicConfig(level=logging.INFO, format="%(levelname)s %(message)s") + + args = sys.argv[1:] + + # Subcommand: convert an existing docx to PDF + if args and args[0] == "convert": + src = args[1] if len(args) > 1 else None + outdir = args[2] if len(args) > 2 else None + if not src: + print("Usage: python report_service.py convert [output_dir]") + sys.exit(1) + pdf = convert_docx_to_pdf(src, outdir) + print(f"PDF written to: {pdf}") + sys.exit(0) + + # Default: generate full report + dataset = args[0] if args and not args[0].startswith("--") else "fake_dataset_template_ready.json" + template = args[1] if len(args) > 1 and not args[1].startswith("--") else "AutoAudit_Report_Template.docx" + outdir = args[2] if len(args) > 2 and not args[2].startswith("--") else "reports_out" + to_pdf = "--pdf" in args + keep = "--keep-docx" in args + + with open(dataset) as f: + data = json.load(f) + + if to_pdf: + out = generate_full_report_pdf(data, template_path=template, output_dir=outdir, keep_docx=keep) + print(f"PDF written to: {out}") + else: + out = generate_full_report_docx(data, template_path=template, output_dir=outdir) + print(f"Docx written to: {out}") + print(f"Convert to PDF: python {sys.argv[0]} convert \"{out}\"") \ No newline at end of file diff --git a/security/reports/run_test.py b/security/reports/run_test.py new file mode 100644 index 000000000..26aec0469 --- /dev/null +++ b/security/reports/run_test.py @@ -0,0 +1,95 @@ +""" +run_test.py — smoke test for the AutoAudit report generator + +Place this file in the same folder as: + + report_service.py + AutoAudit_Report_Template.docx + fake_dataset.json + +Usage: + + python run_test.py # generates a .docx + python run_test.py --pdf # converts to PDF as well + python run_test.py --pdf --keep-docx +""" + +import json +import sys +from pathlib import Path + +DATASET_PATH = "fake_dataset.json" +TEMPLATE_PATH = "AutoAudit_Report_Template.docx" +OUTPUT_DIR = "reports_out" + + +def main() -> None: + args = sys.argv[1:] + to_pdf = "--pdf" in args + keep_docx = "--keep-docx" in args + + missing = [p for p in [DATASET_PATH, TEMPLATE_PATH] if not Path(p).exists()] + if missing: + for p in missing: + print(f"ERROR: {p} not found — check you're running from the right directory.") + sys.exit(1) + + with open(DATASET_PATH) as f: + data = json.load(f) + + tenant = data.get("tenant", {}).get("Tenant_Name", "unknown") + print(f"Dataset : {DATASET_PATH}") + print(f" Tenant : {tenant}") + print(f" Controls : {len(data.get('controls', []))}") + print(f" Evidence items : {len(data.get('evidence_register', []))}") + print(f" Remediation items : {len(data.get('remediation_plan', []))}") + + try: + import report_service as svc + except ImportError as e: + print(f"\nERROR: {e}") + print("report_service.py must be in the same directory.") + sys.exit(1) + + fmt = "PDF + docx" if to_pdf and keep_docx else "PDF" if to_pdf else "docx" + print(f"\nTemplate : {TEMPLATE_PATH}") + print(f"Output : {OUTPUT_DIR}/ ({fmt})") + print() + + try: + if to_pdf: + out = svc.generate_full_report_pdf( + data, + template_path=TEMPLATE_PATH, + output_dir=OUTPUT_DIR, + keep_docx=keep_docx, + ) + else: + out = svc.generate_full_report_docx( + data, + template_path=TEMPLATE_PATH, + output_dir=OUTPUT_DIR, + ) + except FileNotFoundError as e: + print(f"ERROR: {e}") + sys.exit(1) + except Exception as e: + import traceback + print(f"ERROR: {e}") + traceback.print_exc() + sys.exit(1) + + out = Path(out) + if not out.exists(): + print("ERROR: generation returned a path but no file was written.") + sys.exit(1) + + size_kb = out.stat().st_size / 1024 + if size_kb < 1: + print(f"WARNING: output is only {size_kb:.1f} KB — something may have gone wrong.") + + print(f"✓ {out.resolve()} ({size_kb:.1f} KB)") + + +if __name__ == "__main__": + main() \ No newline at end of file diff --git a/security/results/report_template.docx b/security/results/report_template.docx index cd10badfe47eb2715124d3f9c17fe01f1d9983e0..bf9d5c1a7fd1339cc3e3d70f1639a60db96536cb 100644 GIT binary patch literal 78211 zcmeFYQKjHExZfR?lUW|Ptmh1jd{5lu zKiuXhnnxFk6x<6cx}JFC$r3Kkzh|+mLk|`AP_Gf(Ho;^+Np@NM#lx@lDx;C2$VM9B zqF4h$;=;$ri^f9(R21E&MYRsam|>T51XC^E0=IWo{4fVyFv)%(IBH4t+brI8BD?^k%)EL!SKS7la@z6d>!`6aXfqLvlcnI5|BC_wJy#2w^wu0#wv+3_*T1o2MlUg%EPjIsN$;#1m z1nNf3H=D_;)xAHDVZYgaUvclru*9-{01#u56Y3%5K zO!;{XDr+hTY^PDnPY~WvTJ1Ik9(z`~CS_x}1G>>&L#K&`w(w2H7Ry5oM->C^KN!-G z6(K}Kf$`Whb8Mepo6R-G;t?$IJ$6os8OWQtPa{hs@Uz(PVKeIVkXo1LREow1#fi_O3K_+MeX@_Dztm{>Xe z{qxL~zpYrMHNVqddDWQXHT!;)5Kk{8C|>1a-0vUM@RwCd^Uw3*Q_ypgbIP{&j+9{10Q4QqC;2e;_v0Ci_kCS*VtRY zzBBBm%T%8)jm+<;-`98E?_%HSsZJXcZiZ|;Aqmc}H}B2Yvk?Nw;iL7+EzDHH{x6mW z?(Fln?p@VkY@=&sT``RCCq%3ucOPaJB;%mKZn&TM*88l?d1 zCMJfiK5Z*=|GaQ}bvh~@a$p^SuqMP`BgHdwMRqBx=Wv8iD#2paI0}clqUJJ(H<#o+ zBgwBzih|MP;8g`rkg|Cr|1P6NLN>2jHbx-F^XDewL2TJkKFIwBM0K0V)WHaaqke1Sy1cBozX63W z$(Bk*wrfb-#UE9@*y{?@d1Vmkz@ABoYuygwsIGoaI!TBEcQ0Xj!^- zw*NXDt@tFD++qbV(0|3u38Q#{Qw6e!u!=GOrC+s*9UiQxMolhxn6raeDR-_oBQ4K+K8fN?-7x=aM~3oaQ7 z25UxftR}cD6qKBe7+kOUehz9@I(C-WMN#3_EWfLcZVjniXDW5&zdge-1(js$R*F!7 zuu`}`3*%$uEFL~0+${7CqY>K8M{l9DX=Q-j!q@mHNAKA`uSI@4!W_I+FJ8r78GB+P zb;_;iARa8RgC`l?^(#B%qlJrTEAm6-`+CA3Yhnr#hl4Nr{0S2DV^U4kS*GZ+h-yn? z>g%|O)w)0=NW~N4pB}@->;X)YzL{#$mGb-%$2y{pTljnFnJtXz3MlxWwLpGLV6fiINgHP$XB{yBMDN zSbdz{yUl}e;wICMMX#kJ=HybgLsG6tf8jCWb{EE|$6&Z}O12wN3m0BYz{f3i0CIQ{ zz7Z=G+5iq1b97&(Xj*0B3P9tr43jBkl2Ju#Z7t&F-}^ox9kUwMZ?JY2@q_!>e#FUSo&XvT#}PeWc#1 zom-DcP>kT2lI~&C3>C**j6|Nki7TQjhJ1EVcknz8gX(A3d+J8~CP6`NXE0~uUIkyj z-ZYwpcP!? zUficcQfc;ZFh;a$zct}n`?7rc%49&~I#aX!h7jdp8))IXIYZkw{CgJ!mC#ThPZ8s9 z8H+bh;P-8>w(Dyge&W8SCYwjTN8}d4cwgRmPp&jbT)H{KC0v3ik$*x1K^HF1PbGiP zb^V5G#;Ld^9+t2XqIdon(DSoFj8z~}PdTqgx|$$MoJoGSf-cD~1Mji)%vnkjvRkxo z^S5HLTyDt%g)c^A@ot1VUZG3RaaG#&7RR|CcAImMUbQu=Rk15%?Ti>Opv{8z=f)5`t##$=-qS83+N~Tzn zxHeSP(df1jy9xtKJO?AYbskeOi@lXIcIZyFP9A)#F#&ar_FR}Uhwt` zumVsh?%~=GxNmI%QfE(>oWgu7ryP>T?vBub{YfyqErhTSh99?w)l1UP*erz7DRI?i zi%ev$ubn`cuitn3inmH?RpM6K1Je7X8tR%~{lz+O2Za^mdz-*ymbAr+t0n8Z-|fjj z?(TMKC#V@hGu>s&1xp>8iNOmZ(Iu@xLp;Ywj3iex?P)`Q6i^K6|PRhN^=8}mwZD=h#HfUij z&@?BF>DkHQ$*QRP5T2KM_vK67Ejsk)1hZwYny{wJ&c*6xcZ&_`=P z>MGlc)a%ew&mb-H%S@9vP80RZ)IhHgt@2KG)zTOfsnm|vkWG~pz0S09I@YSGM0dE5 zFkZK172E5of$!=?6yfF)%|2Q=+tV4~GEbjVqIPSV3E!47on!27PQ}aB$cFUCmI&fI zAivW%OOg3twxUSNw6*hM7Ap{$A79h$*I`B1juOxF-OQYU;EZe*6>cQ)zVh{}ZVH|o zk%;LPx<>z(1Cx{&!+_M?La8nvg>2MpDKDuO9|b(Ps1M^G0#xutCYP1UCC@evqu%-( z?3Hz%q^uY^?-rAoNYNyVKL)cwBCSN|xOG0;GpZshGcS!ng`i|D>N<80b9CTuAC0>_ zT}?~Ab!rGx1-6&ZFIS-sI;vLGL19~g*AX3>ZLl3tg}YeN)+V`!)^+rVn=9M)^E6sX zE2&h$f2#H|?boPe17HIyBh#(B7zH0as)lI%=j@uYmueEVjBa=@FBz@rJyYr!WQ&To z^S!Pjd73`V)@>VL>9n?%Dx1MOuITO8W=Py}Sa_Ik zrcNf5x_1?))sElKO1XMq?VO#d6rLiwq9((Dx^-JKHmX~W)?A&=cTt`xNxt$_nrbGt z2Jr0454V&l;q9u1RN@p|{+O4)&OKgRdW|tltu9XPUkAA_aEB+EwUca5!`1!p>&O zDs@_B4^+XjZ_rBZ{5YS8niS~V5=dW#7Av`Tf#iRDO#*6hb;64o)rqA&T8 zJn8coU*>V-0ugzLEh zYma{ll{QKpX4gt!NRz+KVMyhEmSs!N-Q}EJMbjh~5s9RcVupjF5Hj7(L`~OtG-8zP zw07jzaVnMR=2dlR4&gXHlv_xlg4%KvCu60jTZR(eL}=ZUJDg5>$ydv|J+}~^_I>Qx zWTcw!TodOcH4LNTKmlQV|}MJVnd3+J?|U{ zS--$!uZR3al0zGl{fV!E`qWN^i)>cl$&n{7)>F=(OU!8;d6*I(jp`k*N6ETm;Iv`Gjx@V_c#OYQ4=`qJ$~LzgIh8L4 z=Z;e|=crOHmL}BGEgI;KlUyWx^e^BWFlARYtUckPphb!PWxY|XU2Qg2UY(y5F~K2j@hP>#c@ygj(P zUDxnna8eX#Oqttz0T-4tY>#JC)iA(wx;p3YH`88aZG7t*Cc6ysVFYHbmW1aXW*!15 zc4OLQZ#3y$V6!uab-8MfQKut zB(X4%OGGTr=zZJHimTUZ!`MCk1rLIG;SV+L7? zti*_;N{U9{5q6Fgg`vToeohVd8zKGch|Dso?Bk2~C39%I&};?T`~<24>4EA1RCG-Q z!LNdX+MbaJjo1twaT`rQ!F>~2eszTS}9C>LG2Q#2uYU^5>i%P>3$%VCv23uib zd9wBl2b5lDgpjfQR?V=4nsBIO^rh<0V-QWaAA>TZJ(4~{ERk&7eQZy)EZ4wfzF8HQ zBHnz>8DmpNy_rw_$1!&~Mm%v-#?cCIrZ9f;*u5;_$aUvj6dqtK>?$hvoHlxz7<3i4 z_ME92Me$-jqYNuY3QDgrW_kIg6iJqB^rjAaKn&+qkTu)&GysW>TH$w zorJk?Ll8~4X}xQhX3L$jfh{Pe)(caeq5c5~ML1=~?aJTfxs7ZNVpp#QCBoN6#f2_2 zRijCEjoJ1aAV-Gix3*4|2bJ~OLF^59LjjSfIgT}3Y-?7Iv<}(kAbCiR3~CWc0?9WNyGAz zDp%rT?rOnfk!OYO>duTG9ZD9-S*{So5(a?3tmi%2_)2K}F{;W?@rernF>*Guq_{G= zae-0~it=^=3M&1#B`8bXOE>YQZgD8|97Fa_ZX6>+j^!n)^~w)_@8JRBqMCwqIMu*K zL#bR2?b0^Dh}{wtPWgr_&d)<*XFj7~7%s!Rp8twgPQ^vVgyUknHw+sPNCr!YldZXH%tI50d#SUr4H9l+mX#kP27xXcqhVQ0!&r<4DFa2pz~ zDzkK7INQ6xpF_M;% z9Z}zBohD~5AGHc<7LtA*MU+=h;Cs~n(uyb}!RerKuN8%lm> zwp_f|?xXiI#HceU8VZS7J=p><(h@~NvkcDM*W=23oI9nJU+2{ElS{Mo1n2ce542o*@e(T1vVyQek zQ2`R2$%LxZtYaI#jk-J5rTlEX1^M$zlJoq9R1yVF^mlP+TOsbdkZ(dkNM;75;c$|MZbwr7e-`rY|2vsO2PbBXSe=M;2;-Cw2MG3pibH1kUp2qdLU4%aa zcip7Aw*brn;21i#{}6-o+=fU9vN8=hnt=XTL?+hdqn(ZA*=Vl>pQy4%sseJ=9>X9I zORmp}56bl+=j!g{ToXG2M$F>F>B>FfF*6D4upsB@659}_a;#Tdl#@!r5+1?0ZQ5| zI4oT(5nvTg+_fWpgZWozw$~PLp(^95mQK4NJtcgy9M9U{ zeiX8nDu4-_E=FsipMA|t&S=<2bQ1=)OdjLUEtbGXS}b~&lu6#9Mgds#m#JG-O=xOp zw6XRlDgrz3T3?Qq(`|=K)v?$}5mRSXJ8fmGxoV#DNwi%RTByf{g0A{pKL8F__B)>7 ztv|~b+8Ar-rMG*>-ObtksveY#Nu<-8EZtRZqe%lXI54&u66a_guV#yx4pBPp%SRAt zWNtYk>lUo16U)WdGe+^tbD4Ti z7w{tlW!rkMo>Csp5tEY#U;Cv8k8X*i8+g{%6+2V&1KL0aRA~>@%iTs8q^lsvrFM71 zJnFb}iH&ClnuyUC>h@4Fr3KnWlC33Y&og7}RzNK**x&CaJCK@%zO+H0j^dVQ>bnD*bVW27r(~c5ZdnyqT^J2PJ?3H`V&4=;G zS=qk}$zNKPB@XlED=cqMs*?`SLU1%k${yP+3~6@tgZ@Zp0=CW?1GdgUdB(q1b?m>< zvQfg#`Sj2=t+Q6LJa#u~vtrV5U8Z6+UA{N|G2F+~HG%Y$a%-Y);G9)yRleV{RGG#; z!4o(9DO>5V7%K1F^vE%Mo#eNWJ^KxQ6Pw5$7 zyNp2oo-!V~7<4HJN}a0i#u&ZO46W3r(9=J!RcbZ4mvp!}VQH|fT%Ig-;GvxfLgLDl zdX4&gQL!r4rtrRQWKX&FkmFbD$>EJS9!{bWC6Z(zmspyT0Itw4Kb{=G?9s1cX3$9R z_4z6Tr($56(n&J16^OY!vNd$?si|v9wUA^K((V|5X*7(|)n0^gm^g%SVAAYuZPKb- zI%uVn^s11JvSg}LiXzfM=$Eiu%g*Vev^m(YwXU%JGxqaAH0N|=k)pe7-m@h3tU>_F zSb|e!1vDLe*@?3(QN*zYB3Xj5!SwLDs<+9uOBsfZi48~=jaf5NF{vUS6-!jKuZSY# zlSgCM2qD~$)95d#!XdJGlkY<*``>GE8JbA`-CGAc%RnA}S!`Iqd@jAcaw{Bgl2@@9 zRhImVRCb{qjC7HeCrgu=Cz%Xzv&J=&!>!l|SDBGEBbx3t`*nwH{Vk}IDQ833U{hJUv+B0FI;JVDbf#_`Tuuhv0TSP5@Vng5zL7?;!zJi!FIYw^! z0upBGjO8^E9w4Rz#PtkspO56FobXq~^ezs0_5O<4BB4BU7iyu3$t-i|zSiH}%FT?0 zCNM^2C(j!JD{U45)pmMfeHdx~GgnNfuFLf}5M*j5YIAP}`WzDJR)96@*a>ZQU;gUL z9bMnon9s6yYW#ZkOjAjer~}D(*C-EH6FsD1?e=)Kj>Ei&$Rf|H-Hkrz`(ojtVwef} zMGZm^+ToqynZ&6Ib=djmAtAOJkL%XsiJ5GoWlw z&%Q-H#Lth)QIuss({MEqNJ1V5ZT3(IYQ=OU+TmHPJ7fl)s1MG_wwcIgL8lQHApJZ0ZhIBD@?o6s1UtnD%78kZO(a2l7pxZXm3j%uh zB7iawCmKM+FsVZ~L9}SmYTpYyU#0ZbsSJ}DJ!q$~;KPcfKn`HceA2~tB8^khj9s2i zhLHERfDT6b?B0wDIWb}*yJpi6=MTi5MvD^#0kCM)aN(Gj_b7o-4EI<_M(zmj*f1P< z2hN{e@H{@xwx{TK&=>uW1WOX#+JVM6*>_V0YRg?8|KF^zCpk%mItza@fddrYV3ZKl zW1G0*9OnncFJG>8c=o>^A_zCwZhVk}6og=x4@HnZXo8fW`>!DTp8Q{N-QJ`C_;KNR zAOv#>L;8RAC+iu@Dx}jRX+ihefcHGhKO_NeaI1J>`N1ACp^k&Wj4?A3l5g=)zKU|r zyNy6o4a_=o=b>{)Fu%ih)|xL(=!bF~6iT_0bunsuro<7c0x7}`_DFFleW~qd`{_Cn zZ;zE;5qLVxK-XFLF+{|&Y03aN@Cd*^#KmGz1l+Z|lH(1-IbiE|eRrsEDSvVkh!W|; zSU57&Wl{@hN;8RYDSP4k#iCId1|2w|9x;Y}FjZ1X{oT-KO97hFV?dybR z!y0>WzrCj3;~?s}^RmeSAtbA-!(!fEqCc4hHq#I)u}|qW7Jd?jJo~NkP}d zr|z*Sgu!mLM6hRl+U-yeDr_4NRwRg#wP=EUvdD7RJOcK(Zc6q*Z~*}HAP8`~(*(m6 z&vTdl-eb*?5+-mbq>wIf-|grgA2#JLstA{LsL!;#YJ7<8&2z*OpPYM~i~oI;yu&#e zLcYdm{0L5l+GEg{Z&&jm*9QjywN;ufZhzC2EHRGOZAlP}e%Z-J==IQ1bpa$dg;kGc z5jon~B$d1W7P>gAz0+^5zqEg<>j!6>+sh+a0sjS50TUU#$$2w^(R z_tHl=`I;J0#_hJ?+Ga8RkW6rhFXBaiJ@qZK7KIQ^m4+F-N8fOSn6jJDCu;34c5>ndD8K&4?Di%a& z>U4%0-Jb49AUtFgg}>(^(P`jGFuh;>x7k1q2AM^F&y>m@l|RN%LC(dVW=hA!Iv%UV zB|*=Xwmfu=NGQl3r5vc_QF6$}+|{JNy^6WwJc2d-i7n32jLwAf$;E+u`4I{s{KdxX9zLG3TmLPS&%JK^NT zQudKT{2S%@Xz#X~v3PkTR55|)c$$Y7R$g601jP?z@l642`JkT0!yVNbY&o&eYev+sW_0Z4jR? zzrNoesC`pcx%XN6Vfl@oXIZ|s=#Jpw_=CtPRpfFg05qzYL)W$M+=^eW_6t^pFw=2soIa*yVNg&gC(X3-Y``=HdvogfVhh8!VP<1N;;SBf?P!{iQG9yVGny`*N4G z%MQ`LbTT}RR@wCIL0qps#Vp&A52mn_cPv^C_<0}zi~MWU9yL(W;OBzm)mUU<<0N9w z1t0=ML)W{wz~h{!KmwFnoVA~FJrR5%dDL&)50#;R3N-Ec=-a-rV)gPw&Lb$q?8QHD zXzl_d?HQS%>nJl3a4EYjQX@TL3p7UH7Gt~O$~NxHXP7n&vhtP^36k6x9ax;3J3UVL zfbRLgcKK025E-2h2tw^b1v;UYw^2LtqV1@;Z@9RNx)69L2bU8U?LxePY||;_fU&-L zhi32sPo`g2H`bU_A6PHnN6VAwDLIgktttS(8HynGuZ$~YWo2^mqmMop=h>xq5K5io z$I|+lXg&tzDq@sXyc>(Y)xE;f^aNAZgd2ZVZkbFYghkh!h7Hd(BQD&i}XBh>*)tG|2`mRZ&C ziI&xO!;!+0O>rXuR6$PNU`;5OWrxcKP(w=?A#Cy-$yui6Oe&`pcODfvLnhdW3K`U1 zyagJBBq?K*qQ-g@Ggb}D!ud(0UGe5#B)%?^QWQ;B*Pc5MJa@aeUARp7D1@ETPYCgM zzAZ9jE`gR6c-O`T_6wXpu6E}GH-o7f zV^WU~USg)AqNvCOdlCj7?2igw^X7io+%8vL(ZyF_0v==Sw;rp{AI%%Bb8=Tc;iMuC zW!CG&#B;h|LY35R-c~(OYqu@QcGu;|Cx8(a_u5a%)`yGWB({D0qPhY(bXQy76uTa5 zUky2pdDX`8YE}FFH3Q8`0GRad6;PBYI5uwF=QW>gVd`XPygC-(vXD!E2Nz51<46DY zG(MKC$5yS9gku<$qix{J2<^6r_@_*_Pggd{6tM@6_gaADh(=Mc3C| zpll+mI(KR@`^}0t-bevO@34UhrjD3$=RS*38_OLVbxL{{tFU2b^8O+P|4PaVC6#OO zw%_fymm$lCfzy*=At(Rd;hHB-@E)R>`zE^EJ|N?AJ-^Ix)J#JHh4C=%4NwioKuo!5 zM53hQ1w|Cl7hJ0{-Cu9rl%?TuEoXNv>2giZ@t`Hg_E| zNFMH@depL=9zi8=r%YlVH?!fx9h1?mRrdpwl@XN4;Mtt=_5S|Z!}M`K01~`NdA@5L z*IWF6fC*_~V9s)L2hlkIxp8x!U-7_>cnqj?oIn*9cS7yw|IkmQ&w!4%ff*+ai9 zPP;fVlPJs!-Ypq?5~1dyv>Hs@xFGq)%~Q_*UXMsti;3&T+?Z3x$csR28Ye@Cnr2Md zdXR(G`BO8*RZ!X^D3&WnmD??UwP`F_Lv}D>@0ZMXPzdfbsJoJiUlzn$Lk5UH(q`1R zdfK<^L5ioWTARg zt*>}w*tr2n8l=;mB7)z*m8G`0F`S3nZ2IQVLUd@c>f@_DIy~c7v`=GZ>FVbdIDR<1 zvm6oaiYQ8jLEgj14cgUmQcj=(Q422OkK3nk!F6e$bUCAdKC{PWke(2@ADR+&?)>}j zm5*24CVT6t8sZI5luka^G}|y2KQM}f40w`rpt330r&@lyvP!Rm21_gTa!1TN$}4o8 zc*g{i6z$|}q77M$tMp`}`x}>BuG8Bz(0xbC;xrl5$2Y|j*FyH*DxIKt>(YJh{T-_~ zI&v@+URJU@_A~Q5j%EEaLnlxXi3cYay>Pc{Kkz+++Z!gl=&KU;y(g`n-cOwf0bS35 z2^~LTh~935kA`G%_WoOZ++u|Xmp+ceMIJEX=vKdTRnexK*T$_t_=+1P;q8rNo#C4p ziInPRo(SKF-21aV=OlSn9=%dqkZ!GGaeP4U4iPl<7h-!?pXhgH!RZ&z1V7lD<%rhX$Ve%U(Q-g3gD3!`6G^gd>BF!a@R z=iPfAF4LEH`76w>ES0bkMEp}HJBVUS!34x$#0xU!hIk2#>~SHO4QfSZni~n~L9NCW zqG;;ocvJ;QWcy(uCz523k7y*zZo3LCN~hgZ(0VyJ zwp~9J5^K1kM)%}>1m+o0wAyRX@G+{v|88J`S4?roVWFphae(FUj z{u^>85xwulJ1$C$t&_e=<)ZGbOUv8FGC4iWb}Y!SdiU#%?gv`d!wJ_Z9=K5RwP3x! zBw>S@u2>)xyAU|<+NowFU7aMWffvwynS}lqqeR-3QUc;gC$F1bLSw)qEoO^<=XqR; zkXpqNDR?k9I0#A5=y&dge^L;V-Rw^V(Y+p*Z@XE`icfydRKC4aKFRVQuTgJ%J zUb3o)?vxD(+fNe?k_nK!z%%M1$fY4%LrS>@l*Iqse4IgdPx+?I=ePG@A2)GNnDUwN z>BTW_&Rl%fe+fFEPTM|Q1QuZD9xXaPm)aH19=|P}L~q2NHDy_&>7W)V+#_tuKy4yT z_IBDb_PilyDiZ$Au3Fi(QB9qtogcLXmU(B`$D_4)YuaWuoWl-hCnBMTTP z?s*BLC=wUArLJf0fj~LllhER_Q<`y}8}OBpA$U=aT=;8U0rM7I7|IV6xpbK6i9M#h zulB{#n(~Rh6Ki$I&iLiPoKCAu#{FveKFQB4@@g&nx->u>kKQ)o4}V{sH&yN9zaMnn zMjmV)<^Ve6>MwJ>D=F+OkaDsETJ8SfRUSV3an=6(a_HA#r1h1OjOOe46nlo7d9UYX z;)4I2y?kit7Gpsa-s?7Ua>8iv&~$LZAX@QcL5afm{>oWLW~8B&hlzGoHNg&AD&l5X z79XZIOwQYWJ!Nz0V=e#T%e&F>4%6Nd01+xJEDi zwfRR{B^hPk=Fk-z8z8XUQ-z}6)=?>X-NZSNcA2cFfzs|38&YmPlsmjX8(?DWu?%^Q>3S`v>#a$D!jbUa4!%)&PCi$Gfe)!K?3W-8PkXHGDMCW1_CP5@Dnz z==B9GVw>P6ydkBNuQ&cZ6Sh}JF7osK`0xv@p7>9_lM#;#?+cHP8T{9vcjE1i2>Qh! z`QqObU<^n?MY>pV!_tuIXM9~KFOqoS8WyoX^?7JKo+NiO98W}C54{-1h=n|AhK7x$Kv%3uNOs8SyzqO;$K^L z?3S?h2tew*Z%;1=cJrg~=y|_C<6marD|_L8)um=p3>oNZ2-jge!B*D583DxkJq^uw zon=#;>#8&9(8l#n#BWsDlBo*0O6oxQZd;6 zmcpa1j&fs*vxHT+iEEImb7M|yb!!qvouH6w46#3A~2CjL?pn? z=xKE5O)DB6QdIB6tXjHDy;2^?I{!RT3Rl?9=DN7mZ#AA<;zRm@X1n*Slm$_`1tmi5 z750!sG>~nxDY)daBgufx`?~ICZG7+Lj@YfLldpkzl+c}+&YhUvpxsz_wiwp&8RCda zCb-p%l{F0xvdH5A&3RU;P0AaLVOvI;FT2Uyo|}gj6^VZs)QjFBk8Na&=P3giK-8Z z3h&R_q__d4%8>Y-T4;HqkfE5HbukWAidB}=3U<`2nTiwT;&uC_@d^S>iwmi_{4Y;Z zfz7m72B8#ym$Zv}UMiyykw@pCdgmT{sw*iL);gLe))7VIqGV?aq5AJY$yfm1PR|8W z(|lHLfq_F1B107D_2}E_vh5W6e}y^S9^Qv~$j2JbC&6!)d~iK(j0L)#25+QB)9O%B z8_<1tF1OD&dbnMx(l%}BjFx(&##ZrrFLk&bg0Mtt_uV8y1@%x75~glr0*Be8MK|c( z(xuI!vcuQeI_;|4QXn2trZnWA<%%N#l8u1%=S8%Te*n!!I`z=m z{{TMK!#~FN)ADinWvw@`Lkq_S=F4i*uJ=Y?N~F(vwwz&Lj^-@?AVa9m)|Z>zu?T)iC_G*Ps((*L!#wj#)-ILIEah!RvmdeFI1dIkJXnq z6{F`OhX$gRQJJ6L?)cjvn86jMU$Qs=p;ar0$1&_tlE}G(SI$4H7Ok#Zw&J}v@1CX& zer}pH@kUU(-g70?>i`(1i7Ni}I9E%~vj0O6(euP!N*RsF&hM$M-nr-I`oJ}O;(MCg z`PRy|##z2waW2`Hbe>FjR%{;*iI=tuiOCcJ;ESvP3IRe>{6eGC`Qpns`p1?nCn+WM zmiMbE2r*2cFk&t@p8!kBK%01z=QFM>r1j7h)NL-oB137(OwB&aqK_IcRpy=KWR)@o z!ya`sU#eB<4*2sJyivUYgJ14rF+DkvOM^zDo+S|fP11Mo6TYwS`)gn6sjq3Xt4}y@ zif<>AwP}Pya9N6FWrqxaxSHd&byJHJbuT<{SRQtLS`Md?1t^;pYSV0ebz*R;mv?5m zGwMalZFq_Bn=-`Nw_+A1oXghAC^V?XlZ{ePI5Iw9hm4#N!+if^if)XvOqn`Y%Y3{0 ztJ{1Vx>c{fuxfpFH0_F>Ti?`zOV&q|9LgfXWAW)b+yp5z`t2tmxapq}4X7bgBK6 z%E9_{pJC#lln&n@z)~QoX9GyKhvpn|YiSn~W$QJ^tNxI@iJ{Izxu+_V8= ziZI}f3AsKZ@*nMeo4t6Qf{O3Eki(OBnNwqpzq$H~4&p&9mW$0v!AK=H;-|=&9NMh= zN$J~Blav4o-V%|E^FZryn%NtXw#8i=hK!TT@pBmBzh|!g!G!*-m&`#}7XTo;(SR2i zsI#)B1_@kkgW5F5yYu17MN}s%C%Iop8GK-D>u;QKywQKwwb&0ar^LUGp}2xk_O^`qFOgv^&qEpB(!=p3^$icFAsBi5fe%)t(sLm6Kd zelcVzQFPTZ2yS#oZLXWzp#_>`On3Yo&;v~`0XRUWTVXRBKvGoO{3alyL8V==5}SqQ ztRFShk6yGUudFk9=Bc@|W&w+`DHRkgu~tFVmqz~6G5 zla=7WhI@QsE2TAeW^E-q;lS6e)uXlE4m0}9@(<#jEeP@ZTgmHPnDgP{l|+#-fPXP) zv5MG5N1jKZ^w$#JaSd~1I9z)hWVhgnZRDCRovM@M5v6FleZ46DCPv0*AR6X)WhR+~ zJjS@Z=xv3lpK|iUHO$x;<*boJQk@TDg&U&~qg3A@TyA-zp>>!cU0y}#atx@GhYYop47Fgx?U&*9-xeF?RAT7C*4>ip7-eOTsq>?Hx^)w^b7Dz@ zj~z-Q5mh`qtTY@n0M-_B`WvX7xQ5%X91;>NOVWa5RpU!LRwM`v9jfbh}>ihv3eD% z#nQJ%kV;@G>sluX5ut8+wQwRJi5vKl2Isi~^d-gGOmub4b6YWeq|4ccEn2+K(&_+0 zA}Bi{Xv*{wO>t(*e#SZeTh^9FlA7)80Sz|*3QI0UIR1xG9nZN-L4FbA5K1MjvVUwIhm4S5z*HcqLm})p) zKgkYZY5s>Gn8FOW-wf&aKS@U@$YW$+GTe#@g`%km@)*Znk&lDJ8Dd2!2zC&^WH~1) znl#XQW=Gate6^68Lx{cI?~^HMr*Q57b?X4@V#yYNin1WYy)g24tlDT#4Tk|1qEg`X z*LL>c=BG=KICsy;F2gkbW9I0TXqZd>EJclG5sjc;g*>oTLx7r}CezBcbN)|WVYdI| zwYA0GCW&{1jJe&Hq7^@W1!rkSLlAUs0^DPYuzeA(!!dA9vLDVM@b&4WPXwaGx2w-P zBRlbDxcPO3;KOD7da~?pq?H=`oZPQ2_JO8;Yj0d0lSc0P0aU9Cu8M740Nk)0k;r7! z7t!FcNGez>W@hGsH<syCH;nqUZJp;RG2 z&BdI85sDu#+y4FzW|4q_l_jwG`Coyxry?a>w~zOniBe3H-KkjmFXHPj%&Bnm_sL8l z09K8Qz`y`FlmJ2%pAeS+ry0skx8R+u|4Wu~(q9rp$UA3zal>@~rC2bBHfo5Fa?_+g zGi;UX|7M25%zrb3FiTsEB@z(QOvULs6PA>S{F*kj!t}J6L4p^V!gTIg3URb05g3fS zYdV6yD0L#Q$M-9 zbL^LY(`vtl*ycHafo%RY;Xv+RQ0s9R7Y^CKdmAaoxC7ZTh_1Z`vh(nt|AROknFzrs zxLegMoL(tYR~6#_N2WLX4|(c8Gc`XLp)u z;%Zh?cgA+@D$Q6yZ%o5&UOH~436Yr(r+Bh)c>4~e{?YS0S4Y|>=3#8yN0#sJ!=LuW zX6nYUv$Q18!I(174=k~Bxx)2^z}DLJ`Nv)K_VV^CKq588g*8jYJU8M_TP`=c;k6SG zT7kK_9b=u#58oy|1hAK6Yhj!|+vKlszljgBx^HZ(|L&sGANN+79xF3uvqyE>x!Td6 zSSidZ->hv{2Y||MfO}MqlwGSD{x&`tX7Zubzf_&HKl7{J3~0XhkbAhwH?#Qe;NCcB z^*jUbH4Cy|PTceJ(X4*iC&yr4HGQQ%I@Ewe*9Zu9SuOQQH=7=`xpyKrLji-_#j&ba zN9e+J^fA>XKJ{C-Q(fTE4TECBop{V%7O`gu?j&LG=IEXm#?J81W{BZQPFSdDtgbaSK+k@U;gypqC+{3yuPGgGDh|P&9>x)r}SR&UlWKl7Ng07qHwfTbOXh(=(C%T1y-h+<2 z)aPpvTi+*2L7)%~z9uBs1w#?iE`Vsdi>u*E!=~r3y zAc=F;UL6CQ(|YSEGOUlEN~zVnL@UM%ReMW_9-od}LintZcl?X{`offZkc!`U&Xazy z%I2Ko7JH) z?7SplvTnG&Wu>L^_ePa8-gM4tqe$l@g)8{13faFv=_MuLrJH?pY#QXlh)eFA!?B>* z$L$(x6V?f_oJ+j}<(lbF|Lb}eN}#p67v@+0jimzz6kWEJMJK%}?HJh@;c~ZKXlzd@ zYC&A7-7x{VlPj-#Bvy1I0dk!W{2U!VTelB>jFIT4<`;wf8$`!(?Xhhj!yT->rb6yJ#Y* zB*7VvC7yzaq7d2y`y6e~Qd89Kj-Zibqhj9T6={`!Ri+I$+605fNrspdwWm^YBdn_ z0LxYo-{#|y%1kN5LaF@dHyqFsS&I}g-n33;bwZ5)Wk(t>>9RB!ihbl?rlKf;Nvmjs zr;FJO;5Z}61HQ?e;spGA&=HZ<6~)a@h$lLl3j_#m)4y4s`d*q#m-tg5+xI5}>NsD@mwaSj|h|1EbS^fjK-}$+X4T0%7)NFeOd2#3tyauCu#!q~qmm=IUXUeHxD%CP zD)EHvj?NbteWa8G1J$aHum+Q=DIp0ANv1Q7OI$ya zqQ@OlDR%~$bP*u=Pl84?waww@3^l}-*Rn54zQ6>WU{;d^1=8+3T=1}z8hPfXDp)yP z^${xzRSjXvDc$*tdxC4>?T(@gGsF_*WmZ2 z*#|6>Hud4nXNB3K!2vIKehlOEg_=l*r0rLiA-4mve4V4@im$yVpAHO^C4fbme^FwM zK3UP`v#N}z?oc;UTpzEilLzD1tG4nT3=3FHIB>PYho7O1IIWP0ANtP&;nvw4&44$hgfJ)+yII5*&8t1nDm-nWE8q{{u@B0%}M8yf9b1LJo+ z1C{vbaOwl+@8O-|F4>#1{#3&`Tva+p>I40CUAGLmYWgj)EZcL@S7ZbKa(vR|w?%Tt zk1L_WbX&zC+BG>9VVbT7CU|>k#EX9IZBk?=hjm0>m8P^~Br@%b@roE0OK_&@8ifXS;jDBkSi)}R`vi8q*LfRHpq(WY{u~j0sE}c{ z@|*eRV{BIBTs5MZD5ovKb;&=%d=-)cX(F-ze$bR`w_eAU!inH|D6@lcSqyBkh5T-) zY>>VI6#8IOJOfq^@<_1xGPG-D$qY-K3hM{GTNHDYfxL+TCpZ+Kwi9P3x0m?E+0BCJ z(qKt|5wuq$jSLAP;Iy|K5~rd(;M&LyXlIb2*Uax}If0AXiYYvl?gErYdMuVlrnTtL z3@c+8Ms0*!Z!v(~b|DDgM~Q`<>`h&UG73qCa~o79LsD%6U7P2tIfHFUu|JV@lg?Z@ zP73@n!LW%INEc8Hn)srAKnyZJ!7h$K3sC|8L72b|#KT-B`F540;+lJTtUWq32kE7)YCZfH z08A+LdtQfV2sMn+iY&Ac zYU;V1&oDl@2u;2d3aGRK%YR0_DlFhCaTV3xH(YwF=K@0#vH{1KN@&KCD{6+-=i@bZzGD+k^zM&(haGKsGzfkEvnh&gYkZxlz^CE@ec{UV%h#bsxVt#oG8(ulF2 z&{$H6Rl(BJuxT7ct7lKDF4z-GiH9>!pz69?wN0XpAVw+?4ppFCr|$AuNK zD(w#ZqNxLtmWk+z__Ghg9uCZuc(pc1V=ec*2N_QLt&zYyyGouo-u)83zloDkDhy>l zd>c>=%CnIX#H<*Uo{fr(D2iBaREesi>P0a9r(+Cdz<^}0IWbAZt&09@z~~H%;@^*6 zI&d|^J#dxL(y>YtK4|qD+@QyBg!BAc}9S+6WJ7{ znA*abt@EWLWc)-tc6DX*HoO2ZwGPK^2|o?3tlTANO_dp+wri05s>fW5N#3vAXcq0p zj&XXwTrI+EXSh6^W|Pa5H&5KnvubYFdA=NZF)BxO_Ck0G4J*F2Z8> zqvS0GL!)hAz|^fwLscebcw~l4O9G+pI&TwT=y)4wyXISBs~tC;CU-0K*3wdN<3$Hg zq!mx2qidtFv8l&Zf1cNL%#<&12kfjb@5OfGC=N>Wvp&et<<RFO!PFp-dt^_L#`ZjLmKh+opM{K26~iovC>Z#E6mdm>E7 zP=}F=^+r&OGS*+d*pxUmO8S|6N0|VigShQnaRZ?;`y7W6b1c9bXyWNCTM6p~0y8KKCb#JDd1TsP+%P9-h=#DM-7KT=^RhTqbM_-jZ; zUgU%6__?jg?eyuaRNDuKvFp`l82OE0a#z``5g#eczd16`L>$PviipTK0|SC(4?i8= zGcw00!z7`3L}3%s%ICf|#9qMf?`bCF-<7f<58l^-l<2sAKQ41jSh8N{j;+dH3Zal@ zl!Cg=_U6p^Xz~qF?$)KIOuw--DC$=W9QQe z{L_cXe@HY_CP$noRn*?>1`?ez6V||CIFp@-ZP6ry2VfLf0Gm5oYKsq%o@p97p7+Dm zGG$?<=QsMt`>?x^Jsj%gajLSSKZ|3MXi%_61wCw8!zG6THBkv+1ItXHmXpc({E=EG zv`Io0Ee1Uq;nGaCrwc<)60 zdKvL~pTysk!o43haPd#q7qd6_T#whER!AcG1L%`J{)eovGaL*Ou_Uf2>M}e)FM&b+ zQU!W4Tc0igW0BQSwhNN45yxWd#tGA=fsY|hrOS7?+JxDO3r%iuQ6d-_m%hK*qoVJV zaiK-k)udre^?CM@U2#+VLjM;Zt^NvGaTV`d+t&O7jgCC$>g#@!r1!Vnxb|rO1X<7d za7y!U74p;-%u6XPxP}S-^;$EOY;c zyYeEw&_qYK>V`PNs$jEw3xft+=nFF%apc$Rv`*F1Fk*L12?+{klOT}4#v1vYqAo04 zIj_OVOP_0-J59N&b>EyJ=Aa8I2{%)b8q4RP?>JHh|Jma*oavn&dM;k;$V6qEh*O7P z==6ERpEYG{yUrj+U^Lh2K(}VCN}`Skc4$5XrVd>&L?zQ;yvPm9mdYzeArlPECgJw? zf`!~t^U-Bh|B!ZJ9jmF8rcIG8+^ghe9<;2xoAh`f_G%j?_w+oa_|9>iF?}kgRmB4y zG`6E*Q!9rtb)fp$KUK-F-1QNrba)OErj1^QZH)oR=P5~pR4{U`2cb0PTJQlb1ly*S z7IR>$b2Vbk5GT?jqIaRxpr6{+Z8+Z&+MpA>wId-{`rPV{)~R_|G3Gx(wpy2|CkoZt zoJ=e7mc)Kv*P;6nC+ zGB?GVC7SNOvkMjf3#qX=-7C^9&GSp^ZG0TBOueX;yS(^V?~S#)K>vLJU46Egm%7Y6 z>GRP_X`=&D(ii_N`jW!5dU80ebl!R2=%W!PL&jgm{MD9I13P_@PY+Gsb6#*qF)2V~ zPEM7(zeH!f#6-&C?{37262W!I0T@Mb!$RfHP#z&YS}|qP%jDP3JZgyEZ)W6?PV&0~ z4de-p)Sk@$>Xp=Cu`v}Fr>tL|%VhK-h*(8j$^GDWHT1YqQb48IRBu1e)omFhQT}qf zx~skm8mIMHwRJdq566n2jACFFk2eBYmd8nCd3k^L4AnLO{WtH{LIN`*cfh%- z-%PfBGRUxX2wIaG{v_kWLXW`u`Z*)D*^oXb>6XclnrJ^uKP&3UkLALtjZn-H9^YHq z4;#t&(D4XPQH@X>aS{`+kIbk>p~X0ZkMwI_1+$PBX#i0)qmEpfcW19lWP<-L{PIB& zI!*pn^%OEn+jN4ejoWmaz70iA<-^80HR5}EtM$7j+Qj;cdXT0r4aTMP{4)&J)rboAh9;=8A+fF|B_w7{gBMjhfe0F^dAR6qMVOZga>0JUuM zkZj;{vhNc=k?BBRMi_f;_|A`ItIMUhaTdC0P^NbM(=UFu1Nl?JW5>V+2f;v|j_zx4 zW43Y1mHnDNLjPTTf7Zl>nO3MIKGt>6wW7L4<@LC8>qQzOF&<``Kw==E55@BJN_MDG zXdGsue=!C7PNt#BmqsuHQ35@giu{J-jv;iD?zHyew+Do~X+Sl2n!^}%MwNS6;1HAB z@5%GeMd8zdHhs(Q>q(RI%HbO~i@RkU*p$TwKIN8P;>Iu>W1i?jWdu8P;66BIB)jNq zu`!J+!OnOM@GokxulLApKd)<>@T-w zJiMdM4R&$|MumdRAi#k5ht5ip|H9)9(s+rLbSxOU6y)tVX{H> z+E%<)q+`Y1?nc6T9R;Wkm#Wc>!{maokeJ%W?2wsC|CU)q_8NRF8kOrG-uBhcWRlMH z+5J8qK=+!DY;3S2EN)fHT)DNgp{MtyIvz_y2hI!4+ii~xJgzQ`?DH%@H03sJG6Ts2 z(XKF#L-H|WW!|q1P8HQm^x}AS5a^#$c-mJwB0W^?xcPk1?Usrp$~&L?OBD`qzSnd2VCI89jn9v6tG{eo zZORyGFPix|+Jx)A%XWoTPcTU%rotd<1Z*v~BiI&=S&J68dxbD%iwRQ&CFR|32@j=6 zuIifBJkz3eQh<>FNF@uqPMM1X0+pUMMOOo#rv{tvZTkoDB^Ttaj9~ewD&oJYn1Nr9n-;w;^mwTDH4|+6X#m)Os&Cj{*xtjUkF?BLiFJ$Q*qC$2DP4|L zVY}b5Y{g-R$V^@5H{#&CoSc;1hSx1s-dkXg>^+tB>@cL$jqS&JkF8rp9+*!(Pj5kp zMpr;`F(fyrB;dp>;ErK>Ea7^R&;}Iyx&h4ca$M!o-z~2PBu*`fi4z6i3xEM#3(i&3 zM-K=YU7sbF)&R9Za$lLXal_0-X6^+IUhbLR_8#9KO~S^x*S)O3B!h`QhP@4FB-drV zIlFrMR@0Z+`TG^KsOKJlQuUf08>E;vNYwfBE?(-WEl(<4W1Y;HiMPzB>(%HvVg2k^ ztI+Ndst)I>Q$9T85?hkR8NXRY=4+nW-}4o#&N6W2R!l<%wPb zn$X5ofXK$a4_0K7_irgwp1JM#>vq+Kk&o$lItq5#>&4X58 zF2`b3>s!h*a(dn0hmeD7z`Gg@`B6S#blzl3x`^ivsH2ae1^iV!&)@K_Bth5rI-z%O zp++p!Nf)}$wIH*4A-X45IxtNRb0yK&`ADD+eo8%Gp3by}3y>vC3u5>&*2@_$NmhBb z9nF8C#N+DS$PACx!09OghwYA+EzhV;^Y6Wx+h2Bmufu@%Zzu8HjmN1fS9sv{Vp4gv z_}V1rZ3G-WYuR%4pa_L^R?5P?jw;j<-E4b~X^1o#@A=TPf%o}oR#ta2{XK#Kcyf4{ zgeXeWwdNBnEpHS35wM!zL=oJWp&p8l@Z35Z>C*01=JmPTSRt*N0V)ASd7F%9dEBGE zrb_uOF74iY+U(x%q8P#U&QSIp5Q~w-y$YGx;|p|pE>ch@l}J(*oGKdV-2T@-g5=c=K8hWj%O$>31q1`rt5-&F===n`Zfd&Vz>_giV%uL{DBrD4T3O^)E-w;w8pZ zP_$sdr=r08MO>vNyshL^5k2I})ZpvKRzoN?1UQa-G~jySs9h3Vkl^Lu^g6k_h!N_7 z@dyw8F0aYdJhh4CICgBuoOqVdd^fCAb+g{THp67T+WzLLm@m z$&E2WWYBp{(`?^shjfs(>iK>(uSI6w9r+zA$+o>`Kf~tX@G5EdQ6%oNR!hELRpIoDfhi&aZPste<(zN{h4ayAk zc_Sd)aM1*;39JcvaA!z2yU;_@*{Ng=u?@x(mopP3_+Z7$6`vuep}Q0fc*QZ>x-J@- zcH}Wo!#|Xg#%EL32ZaQPRgEs=m5v3%UGNCe`Si;}08pg42geLdzLcMogeJ$}2O z2h!c)WC`;PEC}0-0AVauo>Qar_?&n@EeU;WbsZ?zye_u@mr;q7D5=>+)b#9+5QS{n zc#DV$A^-8Jc=DA(Xri*jEqEEoD9xrcbtC)i4BOls;P%3XkQ?{=a+jDTqM)=A$CaD@ z!e#{pV+k4soBRo>BUf)_VsUHkyo;*B=Bt{!qKMoGla(ZwO|gRZ`w|&2 zMxh_VSs(0Iiz>oL7@>mJ+>7(XtCH$yw!Gp0i@{_k(xrHc>f83yGzHsw9GC ziC$3?^BnWsbJWA+UaN*Pu9j7Eeh-Tuccd(hpli&wnexFb>MDuf`ELlsQeO}>;xyOU$1tv(NsricYfkAt$z~Hu%M%La;MX`FQ73~fAm~A(K zRn1}h#l^)FLY?97tIf^tTp?Z+5x%UaS|j2r+YygO8XYi1FoxT@047AQghmHu;p>3> z+x&vIVC;NWzXtPCtmdEPrvJ%}5%4OYsAEvqQV(JNYkbDBmeNN3!i2`0#y1DN4)Y&q*xcCBd)4__#+v?P^;K7S+ujT4+Cynhk{rMwVMs=v{zSx|N%1{~3+TUM z8Asb&S5a4^e*{`U*E%VeDQt<-qVSoR*D;_Mw?%*(NojzhZ=N`!(3SU_B&UT{W1xx+ z61S~)-{4BQkR}Yt&#U{5J+8P8Pr-e?vF^oZ8@7s$|8M4HwCL^l%X`~Mx=95oW)hC3 z49MtC6y5wkORZ^7$E$j-Hh?^b>>#T}34-*}jJE@K2EQjxLqO>T)B0iMKLO{18x%69 zFsHZ&9u7Rn1qdLewU9svDS+zMP)sXU3vXxzylm~a0y&j)NW{gEh-K|#m4~(m-!}gS(w?b zAZxES#Sg1Tes1*kKhe%#sxM`|0k!{SX|P&0IB%O2b}-$usHcN-gA0yhMhRZ<2qtoV zgyfCF09(p|IEpwD55o$IA*ft)26F~`sH1^F+xjPodk*b3OIC(!nyF1>rWE&}!=ORi zbW{oKxHio!$H8D9q$FpSALq;XpYyFN6_JFpK$$5H0f!uk%0BI`REt>>IJ{(nB_F^8)SebI68#e2AEbqRbYc?9d4;#ugl zWgD~3mYn9*b|p`}YCq7417;KN(g&64Vg#O|31XZ(gNrd@@*%`@6bij!Bt*D$x}!}) zyEAi4Xo@w#4Sa71(juW;$csSPEDMn7+6ilgI5qpf{p%O2lzwS z%pbX;{*wz~MTkD$8(A_yiD7Ccvg$PIA?ksb*tao&b_NnkXkNDsw{Egz#I0n6?9vwL zD4-;nd&3C6*?N75)4_XnYGPXgTVQAyiEg_N^hKWPGqEL z9K!sMpty63$Ip$^=aV-CDP}QXJEsPPQv*~j42d<4HBJw>3q-bQe}pV)*8oL^*OB9% zP^|i&9Rlw)uY~~j+7>YfU^STSPMiLiVegv5zA`U%HHaeBN;R83#KTZboc5wqcLv$E z)pINDB#n_uHeJ)JKYWGG|1{P%C?zQyVR}HymGg>KIBu3 zRqOMn_Q1Ha*OR1H(sTRa2AC9G71GQtlecLszr_RgQ4HwXU!G~7N`}{QkFtDj>|KVFM z%WOP&X8M$$8Wef@EchDsZ`(UH=#GE*^ZZS!qSZX41N6j_fHCLB&qFs?$jW?g6sk8$ zOdpRQKdxhXTGn5OH&gKjh$vzp5t^TNtLh^@w9|0^bNJV7((XxZ2Rp1|&Rgksg?~hj zwCu3L7cm1!>}zs=YTT+64V*kZe#vJw`2Qs>gWj$}h-r43YIc)(=nt9_$mlGo+9`U_!}jxgBQQ%hu*&q3ZRa4?-&!y zBINB_=w<4ijMiZgtDe!y3WGW7K6Hzo49WuGfP*JGqvEEZY}@E}(%iT`qgb+GL~Z0i z4_*Yx-0ZL1NH*A6v`^Fo-ehw}QcEu{D|VU$7q83X>ce-0i7&8>H^YR3H1YO&c8@-1)Q0!~!`q7tDI z=N1TiB5j+1+&~X(;is!D3Az^Lg!Sf4EO2*4`$Ga~dM?KGr5)x+T{bj2J8b(=%U6Ec z!`7cU2DqWd8UwWk1#QpeBai%3fE% zevP#8zbZx9S@9Qt9DkO1)h2R-bO(SBkm$j8KT7~AmSGEn+K53V;NW0hlgW2uJX*;Z zgp!_-`L>2W{`_U?OH7>OA9fQ@+Piz~BwpVVoe}6wS^f;|EL?H3c8vNf5;b@@=Tb>a z2ub!C*kJoyf}4QdJnSgBRH-kBwM-IFJi3kwbNHyO-fM1)YF90zf0a}vUYtlMOt1YQ zJUw>Oc_2>=b-J^IicppSCTU8dE1F_O%O>HIp_q!}N(urY5Rl7cy$uOM+n;IffRwVV zk`HnV2HN#4jG<*d7_~0THpv4My&peWN2+Rv*Dw`QQfK$F;UbhHptIOQ^8{%4mZK;M zK4IcXKujoEVPf!=)9n#8Efs6_{_u(L#G-rJT8wx}>Io$zk~d?S!MAHa4T}xl2@lV# zFD7-OuCB%RPX`!K-^4MDXL`@&$Ith;j$F|a@6HI_fXn>K-C2EGK|AF?HEi0Vc%w2} z3LpP5ui=qq1U7A*Leh`F!8=CP3!fg%&pmQkW6r5gT+Tatr%C~(5&zZf&~L=oq?QCu zvR7M5{xoKcPR%s!HrEsu>#jRu;5vvN$7bjwkr|#a)4Ud5TG9LkbY?VerrE0!ig}4B z?R?i*^-O3jMi4+C3pCZR6_UK_Il}sTMWO=+P=r z3$JUXh>~+pE@TQK#CnFI_sZ{VewPuF-wJ zTRMKwMe_4iMR-0YaGLw0;n+!qI{3GvHS)9#cT0}H_1f<>0VK;HU#SOTwCG$l386lSE z9PQG5A7{=EI4q)NCrQ-G%Q(y{I%@VnkD?X6GadX>m!Pq?8>_VZw&r~KsworTqKtIJ zn#Prj)MG3+(8@+*aMUFq4DIweL8ys5+wR_VWqjrFD)Z~0iR{$#=cxXouZ=uCzCGD( z@iN!)UDNg4jO~55D=+XKrHSm|yku^qNg=h#J)waSGdAGllmg3Als#uCXu9pEHdFJk zm>IkAm{(uIWeS+D8X3f`ng97WxPPl*J7}EFyL>s&pJ|t2>2Vnv*wFOY&!I?3Np(fI z`i55As|5 zkvz;Bs8OHi#|-!bA;_Rqy8}1#!#3)}=JJ;-XBSmu?4j)8oZ7cm^wW*f&n9p+c4qbX z!HD7X6K^JU^*{Imc|7@+I(Xb@L(tclA4)R{;g42*{!65|4ltM93l5s$v=_8s@Gh%L z(sj+^jZU@G2IQ`x;^K2x73BDrq4IU(B+eFLw_3%S8h8Twr783`|8Pw_X73%d>8x`7 z_6XK;x9b;PwAy_r^KwSWnPYLy@%DlpcG>mG|VnD*T zXo-Zkz#yy*-eoW(m5Ot~B@s?YQ53$5%F&;1OlFOlxR$Ao^KGAN6d<0Q@(szed_rkS%RWJ9>`}97O;d1|O%3 z<>pVDp+p%NM?=30W)PJ2Xmq@!4*kRGGRU=;J*V;jwf0PCU1V8G^6!QkJ6C!)q{J+V z=)^&2t9oIJH1oF-;V{Z~v$ksa2~DE(iF_BFCbw6jU5JziY2zsaIY~i` zBOqCTPV$F0DR2^Krbu^$4h$TKtScr_f=G9m2c_6F!gl5}zro06k&sThM%|yFB|vW= z#*_%!+~DE%+!AVZ-AoAoa`keyH(62WR@rX56xtpQ09K8(&X7F01Lv`L7)jIA>xBH1(6e z7q+A2MeWjt-}dcTTmMO1n3pwZ_<=Eq6)S#nrjw!Qf#fBe<-~Ufq2(sUy0g5H1}f*UQ@`%Y0^lHfK}8;K#l3eufamh9W8a07 z$5#FgH9F684NQnCnvDO+qHFfeS!7iF1Yxq`LIg*C$QUmqJ3VvNRhti2BW)ucCa=ZU zRH=^bfcsES|Jzd{nI=rQ?{20J=LK%~@5y-kGgp)V+{>un;k){PpK$=_L2CI!`clfj z7zcG~txu=RTc5toi0rker*>6}!1*an)s}8nRn-el$3(%ei6Mp%7r%d>Iwi%zvt zwYJdvKQ|jYt$i;BKN%WK*VM{bGM{bn8|1J*#y8a$ zWIz_a#-9=LG^H`1$T@hXL28Lr5Nb{R>iR+bF-;(8I85!tv=;oSfB9db;j3tqi~+!| zb1k7Xrm$T~Q*Yf_GLg@2*SMm^0ZKzPtLcSI;=E2O0o$ctuBA#Up}$L*!tn*ei;&#- zE?KM#eVLJk&^f#5X8rl225J5d@>pI&MFD_%e$zTFMVV~rqxL50k3ZR6@^L_M3v_|& zG7+D3d z14H0f5x8Pmh8aJnoPi!{8D1S-{mdl&JGhwQFhT+I>IK zLEe3VGG5S!u;Z->e!}^=%7S9?57&rO%W~=&QZ=q4Yz;$WuX9`>TbV43;Fu{%4JhhG zl-fsvtYAXMv`lj6+~lIRtECLi(?xIT!y+#-Z*!8e%1{`Y4$(NQ(`aTTd#2aX=eNz4 zbe>=!z|jO8EK)2X3CU5mxfB;Dsi0ZcFH6KrhNM9XW4w{zgaFjFE5A%izLj`8cfSf%=38ZPz+?4Zq{!( z*Q1(uYH#E*TBg~Mmqy}a6Ed|q>3)&AK}N^9-OMONkXTSC*6hslIOZkbpxmas40dqn zB%|oVppqAg+#!kOmbnYTX-9lhxcpu7Cegw#qd$}_tUx+*-YhWI&r3t5%k76+cwxCT zE}&|-X~sllvQlv;tH8Q>T%-K<%ICz4UEI?6BFAmQ#(BXNC}BO$IyO*6gef^(5Qv*Z zTq@9dLXO6H&AR!0fu23%*Jgb`>e}Zig(xXuLW#WBXT7jIg=&QCMmD}Nct`F3!b{s+N%6!QuFUUcym!eNmJu!Q4 ztk5)%ot}9*HZD_1T_jO8PJ!;A_ znZ}(cM}ZT!GjTm(doMUzh)gUvd#mx|4=*vgE8AFFVyJw%Sq(DJmuyvYATbIkIf3DB zB%mrM^qZE7Q_-EvAcGJi8WiwpsEh>xceJc7y_OFI?za_XQ-+-Xlwd1qf@Z{V66 zYpRHG^a-eX0^M@IXkA9mTucs->rZL#t-hTKm$XGItx5(DV3LLY6Rc2Hz}dvw!a^!E zG5pueCYub4Rk5`x#$Nml#dwThM%)q~05l{8*tT$@aM5$#tcjR@yH7rw-tK`Lzujsk zUCNT0jDvC33M;)o*v$7*v9A5o-S^9x+p+Ejv~@j6Aapf2@*0b; zCIW3>M$LgkC>S2{t~{y$WDvyjL$|&6*PXOhwwhoE0uY#4Kv4>t;;cb3%n_<4&}Av; zreVGc!B0woX8d!_%x(zh3cp?5Bxj=?w!w*w7?@y*vXcspb?QkTF3Bz+k!H)}^h!C` zN_*qW^gY^fdC-_2#RSsjYO6Lx`yGg>nIOXr%zWIPdwji68$pulZOLyxdMk%JdvIm> z@dX}IAGgh%q_{j*MOE+4WJ~bJcU?K@YWW}RqEHwVx8~;QG(=xGn>tJnBm!u(d)t>PjQUqA>Wljz{bG4*X8Ogm z0f%$Vj~7-7EAGG8ZFoa-p8Hk#MTsrNiZ*G_up#$yZ2PF?E9P52>l=-+!iAe1`zro_ zk@wE+m3`Z`@QQ8QwryJ#+qP}nR>ig|NyTy+0mtleRkpsF&8^?qnlx-TBrjqdk{ZoFQYdLusf&pa6U-ph+^?UY55clV2=>sQhSl;4w^ zr=PvJ+ImJqv>aYlxpLC>L7HA^ZU?!eR02_~|~bujhlWR!fYVpw*VpfbiJ*Z7jG z3P)VuV!|}BJ-KSbh*INAo8`K~RR+bD$R-$kXPEGAKlT>HJkeBqx13~;--qnM_EOWG z{MfD*YkXf?-2L_G2B+L5xN)p|3CAM0%Nkm>CYZ)h33bKWbDPq5&NdVOtvbSM62m75 zD4Gb=LA+S9^djlXL!J4jdHg0;#&Jmhr{-YNrH-ke`!(@$3YPXH!v*6AfoPl?#&VI> zlyDdXmCsbq1s+$*&%QOsK(Vmby~!itsE~WqAfR_tKB*Lsi?;Jv;lFA5Cscj#m6M0Z zx`>1s*;L-L;gah-Jh5C%zL27ug9Us#B60FHdN2Kt_3Bo|CIkf&Bo?rf97@-ulzmJx z@e{Xdm%1H?TdB-?NOkPPsN^hUti@XS1!D|oxpK(OIf-ptU{OWXlsnJWCB(a)g}G-z ziaC5a+Yz~Ud z5PKSd_k#4S_c6sN=^}UymB{ql-S88Y;I#@|pS+wVDM&(Obt*f=gnTBHB}lHgwG+z2 zfUFKt#aSi+7Kr({EWz;mT)V)gKQURY_ne@4lZi7duAHt-C7KOa2lnF?!n`ULP6X7DJ>OlD zXT_8Z9Hg658mgFb<)mzOuxZ<5F`FSOeo1|#3UtB(7D%@7js>)_O851;DWx#4Y>z)^ zfg$K|P06Gz9O%bffI(R`gk8NUeJjnF)$fR3pinMp<3$HYhNPK$T{8QlF@fsRa{k^K zvacNPRRakqXwcadB&5t--Hv~`9EL~e7z(r@&}2z=#3hF^NNs`5u!WCHeraLcb|P-! z2$M5weB~PpZ(JS&f13X5VcQ?CPuL;C;I}FD(Ofc-i`J>xnI83k7a5p@GN&S*OG4GR zn|64CQ145%HL~I`+H~+E(`LK>M$*6=md*jpg}vF2KW~w>dO|h?%J#Pw?`jg1eA{xr zXY?|ei`IfnT3gW6XU=_^U#(}YtJSi7LR%df{z>q7?8fn2QT3Jc8P4pUcrd|Nrotc< zW{#&)4lh2xa8h>7JA#;e4u2+F*ennQ{w{j$CuC1i3MGtMe|`V5^x}1Yx+{nFtfMzG z`rO^J4ox~kXYEEOB*_JO?xWwpniNMi?PZwKp7UE z$zULhWx><)gK7%nSH+oBoJOxvm9&8%?(}n%S;CmYMRrvIfR~~wP2j2m412^de!Z4P z1!GFpk?K=nb)Col{Jl;oupiLmw6G$oj7L%d?R#O?l)AVPHj<_@k7Nn;o3U(CT{QcZ z8e}PI^$7(EBwbpjXpVJZXuxFEO`-FM)Jik1b4!cKQ8_mm7+63Iv{iW~)L42*4lY@N zo0uUq3DtN9+HM7f!O_Mk>19HPl_7PxsI${)g(s#Q0;p}a7`bXt&ebl`0gmm%aA`Dv%d;_l}c3 zYZD{zcK?2XWY|0$c^E-Pvd0G} zZ9jdtlf*tU*4@Y<72WqnQd&xRGgkb%B}*k}UQ-SSn9(UpL+G?G{#V5J=R(z|ihRGo zJc}|L(Lx0FK;Cg^DFf1g;nvIyc^j8fo4W?g?X-nS)CFdnY~PFvSIQ*e8?~xVWG>gx zoHX^>&vL*E72qzvOjE=^A{6wqz5Ngb#_0k(n~Eq|ghn=7%r-JfEu3uk(CT_)GT|`I zdfx0sU;EtT`ru+xM}RMD_4%7vPVthH>U#|ZT+u$6cwHPF#|sPUevaXCr3OW&yYH=2 z#%nnm$D|A!Fzj5%YLFvh*m!IHT17to6b+Cmti8pSe~({RPu1MrZJ?YVGtyvV^q&W6 z@`cC4diA)8t-2xGieb~6f6{v0eXH@{BwO(kML0b0kBVZ2fBpXTFXp^ySZ`@}47V0s z`H`X*`Uw~eEP5nqNldOSGC%Ivg8h;S7@A$}z+QN73aCJ@!3B>eSf-OBy%W;fr%`=@P(+4(nKMg;El=z=l#*S>1pRAWN_(`80X{u4Y=<$n9;~xF% zhIQOv!|2H}(;ghyzMgMj0fQ}}{$0Q0yA`lP38L}2JTk8BJ_-@G2`T6Ckbr5`6#0u2bEKwMV+FLaGw<5VEy+vLe58rg4Kua)7NiK3|C;Bt8Nwe zedxVD+Ey%zFw51{Z)JG}Ba+zRtlG>UYoIxf&i!=Z%MPC+h!(Lp9h&X!N*)`>b=U*f%WAI0AXzeUcLgK z1mkBKRx74*e=frHnFoFIoIE$>-oBV##?k)@V(+Deye62f08iCs5ggxpZ618{MU+mSmnPX}{EQ5#rhlKlF|&UK$#s%I82gOeGZ!C98>b9n!5Jj730sUuXFt)uc=7QPwhDT$0Ej2PV2 zPMn-1N+FSmyoLt8u((sI)dK6D?gA$mg}Il3(hpFE8P{EB&PI`$r<1G@d)#6h@|xo6 z7cXhNzqT}^j7H%2q9li&7cq5jWGq%NJ)2Xe=|labLy{zyJP# zAtG!X1fFwcB-5%~m?!zrTI3Vly}eYuy%;07$W6{jl#D`a=*v6BZ~mOBRprPJ33Q%H z8;|rSe>EqqjYT9(0&K_YM~@v)sNZSJu^^d*l2?&$B=f9skRj~=%tkEXLrpI0 zzd?bVeNpwLk#3#A_}G2BzkfpQCFe}6|1gz`bXRjgF98gq&44WId`{I$E|+JCF}chz z(ZNpC^r<)UHR(doELwEs*R#va^y`3*Mnq`YhGd1TVDAJaH9Li8p%biET?9emR!4U6 z4f}KQ3$!I*B?E27P=PxS)u0!`WAk9{=$Y zpT4S@lI)juuCiHfy2ytSw=uaSd_O#&B2aI~`Gzg5Y9U9D@u2pJAGIB&sNH$T(H?HjWJ;EWWc{Q2A za7VU-n*Q*U%G>)mw)>NfnpAxH|IPp&8NCTXJhDm zr#Xbl3_hS)(Dd)ZRIir%@05H#Lr?<9+0DCw zp9Pn|adCwrMcr1>j6zX~G>A&9P6r%{0>`Zz?A(9V0tCMNMgnOP!3YX0;)=N#rFz}$ z{L|Y0@zdw*QXHNXFidPuQbp?0wMXP8`U(qW8fmxG#AJyVb4kJ%7j5=9WZ2~bb$S+3 zj0Qr=--s46*l_?{YjxjP#zuv%L}!y7^ZfTaZoa-_zexmYKb)*s|F6TIxZX@`yHkQA zVl^tA_%A-L#5YGatX}&TPodE4=k+TqHiD3uJS)j-m<6Pt#S8EL|pW%dW=ni0kEp9yJ}W%;^hbdZ38GK-_CQ+qy3OgsiAFISt6 zx$Gk{a4*#LVOaE*4x|r{sV@GHer`llp4%mb_#@K@A@z>1WOnWF+8cf4)Dj@{=&GhXBZdjAhUuaFkd6s9hs>d*I=IYRZX>?erGJLxV* z_+UYX>~{J?8Kf7uk#Cw_pLG}auE=Cj8~sJ-fy!~f#e0q9KH6g^d(Ab zf4F@mUzp3V79fd~f_m1z$;F+4yVn9A7dV3G zDxv2x#~$@};?En}RWzhdf8#~sQKTj}#NZ+6jj|GBPA`WN) zbUZc8fZfeEk*kmYgSa_&PB-n@B^A7^9R=7C%A*Hs&YqU-W}0- zE^mx@7z=+MyfYkq+Fu4t9v(~u>m(K!jG~_jbA?w*DUXsGQjhS?Zq9tIN<)BkhYyRC4(XFi~>;+7& z#_LRd(;NtL4zR{3S1PY`_lhqaltJ~Yz*RvpBW|!JEp*sPlmZxme8i4J_=p?v{R%CT6NCl0l(h=M=>ns_R-83xaLR>DVE0Z*Y63s^U8WXu-u@{b! zw25ytr5llDIYpMKi4QF5h;{82Ilp}Unc*dJm79+^3e?MPDj%7Tj`&3K<;lVN)Uqph zAbc~DQM>Q^8dc1Qu_Y~S+g}H0ygEQE4u!A3=+>-Mf8<}DoCvfvFZIt6aI>fkUfEZ0 zzU4GOqbdhy&5R)CApT)gDn$tp!Ydt&2u%ycmxlsQsK@$uJ?XRwC^sGbEQleoqv zM*WAUi7J^WNK@hK5K=dlllGNIEp7%>kj*zTy5xcrzHWO7sfv8<$op$BYc_=}Ho4_q z$)F4j>-~`IiU`tIsh0Mbb@h(8Y3&5c3s(g^*g&s?40v#nFDk!XzfN?e0V_!14ILxhQ&C}@8(tmsLGmu0S z2xX=8Q+#ADI)iHoxR4rBzMTZM1_tXtvJxf~qV3-UrsMEA9g}jHZRStc?wK4|(;I5d zJ*#&vQnM{(n%~JWlR}c zcxbRt^xwR5R%PobbI43V{QYyxKXlELV1%g*FXWygZce$3t2pn@`qfi1hxaF!wYU%PB&R?y3AOkpd!>VN3jgA5Z#o4n zOQ)9av3^dnujCZsCG$Bok~$B+-eNkgOCocYMtbLPhuscR-Y<1MwRQaUf4aJpxZE_* zh;e#G+|M;2tQ`k&m8z0t3+hmw)U-|QD{>Vsrv0|8&!g{TfZs2XQFIrTTwy`psgg7l z2mvLn&zfcJa1qDU#~A;QPo}Yt3>8}gounm%5)mOA0$Se`RF+OUwQCOR41M*K4?gya zcJyeeya4-Vxb^(<)%i4F_$aBc2-VrZ%vntCDKaDw=5YQ0<7ngS0UN@QnqcMmZwrYh z?(jp0)}Vgh0Pm=Pmzf0}GKYu~dsqdfcP<*QZolj2A;M0omtcpj7LIWb)+b+f?8kA()rq^6 ze5Z?7TC z8>M9$3t;yZKUxIQK`kC*kWb6waw(gaJ6!CKjhKD);Yo`9=j| zRqTRpEO}pj_DmkWYE*;&m|^>!`msjt)8ubH?^l#@f+{#U&=nk(^a1G;;Nc!R{$7UK z9NS;gdyk|*^Tcb|20ntNl+uauM>m*86xOPErn3{oas6syj`KA;loPR5d|}3WMT`>v z07$Kx52raa?%gH9Ah0)ixAf%jY(nL4LLKj!q(8H|HhlTY7Vzi94=onFEwpb}C0DLZKYb%*q7l8o)*}j3 zKsZ3Yy<2Txhgyu;3KpxuFcEe;-+?ftu8UMPOtzZt=y~Yehg2!D9_m0p(!H z*4th-0~ee7q~&<11KHt^Ydkaq4I`B@>GKoCkjRSSr=(#IN1DX#o~o0@xFhUWoj&)= zxSlRt)QFE7o%F&{D2AB(`ixC-4NOHT^~V%}v(EGOBMNaoFy*ZqxOHg9AeT{^S~;fB zX7**p0)4Vi8w#C_ES|&bWejlF6spp2Fam2iJg~)NZ;4@=IH0hvGLu;ZdP9aP7j$fu z#CA0VK~{?31$k(ZsZ?!LgSINv%UzI%Q;rO?<}k2gTO)JeWCuGOai?opK{20|xkF^C zFK$mz_q?H)t+(&F)mm#0)rOvZhxMLMi|w{6*b_C@mY9MEUN8}LYEGSGMGL@v`UHluqSN)y|;G-VQr%_{0%;U-?M zA$8Hy|5yXGe09;Z?V{~XJ8sRKL!@tTXxQT`Y_%@0A#&aI>tFs!ew;Hy$FI-&IM0{= z8?JV{e*>m435*2;4+@Q6kj|D+pfX^}&Pp)W|eDde# z+ZaS{RFkS{`-H)4Hh>av#io@3t+zT3slkDF=oMhii}jpe6-AuWCD=O0|9QYqr~=@TnPt zDq&$#{nmjMf%GC)wEQ~Ps2jW~#PF`!si`I=sHK8`l!m z@=(l!!SGPmU&`maC9Kj3C{{cf`scdp{m2I$N;R!DykNSKlD4Z&@_j1@8&*wcnB2dm z&GB@S<$OLqNUR5;KgCDpn_{y+|; zb#b?76+(|woSe0WCqrX#jYUyVcL>s1r2gH+ea&>xE(1HT(60mlE%#AyuTEt!0fl%1JrN`hI8bh-$Y$ zu!I?xVh5ohq2l1(wsGYp?KF!(tWFo&FmTqmP!1mRvxoPcM+YSvZmh0+(tsuE7X7q> zsfBy8_cpa;(+O3uBeV(00d)v!DSwoccDR6i#8cAL%6011Q8B@hrc7bxNSSfWxLzab z!q?T*iqs0gBImM2-2tM+a&??Y3R#mk$9!clZ4}25kvEOpu;Q4>bfvU=`FV0wc%LYx zMVy{eGL$&Te)IeqU(L0MoMpzQr<|75cqglARFgK!1kTzV8)t+n0!~K$omjde=f~uhDL_B^=A9Lx; zgdsF6S+u}iEWdYuM@BK7Iw;QGFJ=*(or)v`)uJnMVc5w`RRdHXn|VzlB_CFc%c!Vi zdfTPc6eS3s>eQ)6<*<~5vf`v(n~Wuevnhtj;DeIibCLJEiYSIDIN&H&cR1-Fg|y5( z3B{g_%doE@2@Yc#v@PKq&?HLU4|=ZL+QwgDFPJ-{!&_U?VuT4y^0L&xnxA8N0t4MR zzUu+|t*Y@_256Q(yu~DdeU2fT1%u=`jwMHsVQA!VQ}z zfRcX|HO18ok@Ne1CbF4MKk2aC>q(!^Mf>@e;zzQdB8du8p%sM=jV?n;ZS>0z!@%2C zl%xfme^nZ_x+YxUjsuyH4Kp!maa3+q)MruQa5KAdMRdtBID2}bNCY4a<5WjT+9e+8 zZo@JCmb2b-{q#affE20$kw$Ovk$^jFJd@}6Ek{ww;aKTxt=rVD3pi9f4^LKH=lW&$ zog*~8st?%*>FjfWW~oQa$1=`|ukKMZwC?41Dz7mB(M7}ukMS%+0IBOB^4myOdu7bW zWEX#7aukRARbM~QTzT$y05vzppju{|pBF1b->7%7*e(64g^%Kv?0~|M?JyIFLhiQS zirGefqt~E*Y-v8iTZ+7y4nt=-Bjz(s$~!myX57RW=_@CFZI4G2JyzMw9%@udXgSk> zpeemDNN%^tkxt&HS<#&&rRLxe3ORYc1VXT$o2uDDKwM+G?*+!{opWaFaNAJ5KqUT$ zzii{5wht5Rys_phg>17AnP}}9paDzvXa3AI_rKC_|BrRg+fh$RhS^`Cnw_$Yu>W!A z?Z)$>6&F5q{bTZSoY`j~``pq0&v~i9`7=p$`t6 zc@jbXyO)LYADC(a*WotlE_g{UF+S z1+?M%(|xYb?8&LYNMKxgp^3_`AuiFo`@LY1 ze`m1pq+roe)6xHi^lAS5zVP}LXgx+5)016Z`$cbHo3K>Lco$3-cB zu*$%@cQ}2qf6Uy8^Ze#L--GvH|H2=N(BXmgvtpaZx6*%sAvlW>QmRv7N8c&5Ec_(C z=vCqBHJKsb0B>x>A64L!|J9M*&4-zUn~jBD;_j;G%{7d1hyr4PV|Be#x*O*Emd?nR zm>x1<#DEL#8z?n!zONS;BVV|&@Zfp6^miJju8RyUB9x&2fd7R17`cQnJ#@=+8F-cG zb}`;ffa&9Eu|4Hbacl8&8^S#x#E@EDi}wT?q(82m62~3u%9do11_mUZcT*hq)(CdU z{5bcUl&MicOd1Bh|9UWAGv^F1Y^qK(Ot$WQ>yWju(M}DLJRcbkPe@(31Y)`Y*y09nd~IFbxMXwJWD~n8ta-hqBnt_d@$BK zojbGVStL0h>4H26<4OW<;^Tq{26f6Jzr7sl66H?dNw(_yx@_3SPRLo8PF)x=ZA5#s z(6dBnzJ7T!J1SMaMB}%)r~j3}@6WWcbN$a}{mgglqqDk+b6?N(eAx-drz|uTL)P@s z@lxxM3}X|6Zr{bMouIgil{o{69qDM9HN6*H-i3TyjVC33;39&huse#?f%;DZgu|Uz zl|YHFbmcy&orb6Ku=|1%J9bzJ#p)(y^?Zh`^kb*W3ziiKIbY|wWaeJdc>}&Ta z)KmPY0y@Ul5$53ciQ#^2|F3+ghWD95A(G~df`_^f0iSF>|Bv6FYSTR*n-+J6H|ZeA zudg3Br2-EkPN?V=64hZq*jrNqzl!<>HXU|v|5Y71GoJnO`)`od;o$_`o`1vY-zH}h z5|p=g&Kg&omSO^)gggy5Y!qcYX`mw_yz0#3?f!n+r2m;F<7#H}8YEh&MtCcJP!3W* z5~gz61e+Mz6&H)a6%?}V{SB&BUmI>9{|Txmb?bB^dJfStIXa*VG>q{BPt6AK z8Dyh_b8P@;@)Uy20=>OVgDtF#Y$qqa%WVkeZP25@GGfI=`<{-q;%t z5JSF?e$`CEz(vbjUzg;KwGdf;zCZwWz>Aw~^ST!63uw>b*KF`QT!yQJ7+^>W_zkGZ zE9CVsfuJVML5~RH=VvIMEQ$E+S^{$nLJk{|vcBr1o$Kkz*nLhb14{f}H2ZB(SX=Ih zwZ{>)J&_I=4?8THeUA$nYKrdRek{Q%GxWBQA}CWK;IJudDSNFzFJeLy9T-{UKby*S{RCy(CZ_Qdz%7Y;2H`FT;eRrhE4=Lj1?UFF4=~G z%njF+c6pcq4N^QUgctfU1k5G`l-T^UVMBRIm&S*WgOPOEsT3OI7(jGuqbyB4nNfaK zn5ejk^ew-pKfsBoT{(8l=wJ-}U@^@XYEl>Eb{7?V5-MD@TEoK&9U6o+407(=M-+8m zxWj9w6Csr7P~Duh|GP#2M?q9k6qq6*Wsa1Q5U_JBeIBt_SFJ`b90&6;Two?vNqhB! z{zbipLtz#GO?-b`pVkX$FlN-&*N+`6XY-cOyb?-KHYBK6NkEKfGEwO^mJ+#=C*-tg z5fpO)_4o&qCUgu4*H|+7tP~@GJPP4FVwh1`yz??BW~ek1S7#rET0O27$^>;1dBS}8 zDr9sPU^Rd`t{Mu_K&Z-={_A5zKRlvN#@4a`!&$@&5ygcMj;yQC(jngj>({z*RcH;e z2>U#f1@Vf}k6jsyC7Zo#4`qjd_b5YSz-j5^(JV(387l$`lFRwE8vq*pDVFp~JHj%* zAvA%VG5UNs8vu+$cTHN=O{g&CVISB^P1yu$841fO6{P4cwjp8-0d|6D5@;}x5R)q! zV0nWF2T45OwnW!w9H3<3OGrF*Fm#EMvet z(pwe`^tcj=(MC4T&{$xOk%jD=anTT}gWF7S&e?b1VL|{WY}F8#I#q-~MoO*x_ZJ&B zpnQwxZxih6mKMF`B6Mpl6pZ@#83<)if}&1Dw=%P!kRj0P?RIXvY8ffA5$tkO+`Q36B_b_wu44>UaSGam-Rq zW_vF=8>7YJ)R#&&Pt+dTv@z}^am_k7P6}3`$;)x_M4sN#5jp@4xgX+mV*pTYDI-5Y zp(b-dZh_X(py5g;aIAIRsL{J3e4;`@1lgs{37Y}P8Cu}QAr^*`gXjF)y=@Frm-->3 zLSXx=Hz36z7E=|6 z)(?>%wEFe?Z_i?wM!hYFwN(4F^=c8NA#KTw8=n2I%rBC5sc|$cR#A<@Y8l+2WOpU7 zEkOO(%I{w#P9rBJ_b#pR$&e^;4Ofg<)MFh7!)#{9-L0Q(@pq38}>7uB$u`%IZ;rT9$KYY?y4L0%Tbv6Q$(N6nG^b-4Dl@dT&-X6vFM3r4_<|;|2sq~8`dXGLod2E%iya9}=Z!mE`SWz_ z`DU4s=92bAaeKMa1(2?AafYVObeA{^AaNn;|ty&UZVg)u7l($UGDfv8-Kv8^~` zU7dfrb2=4|QzknxZk5xl%Ow9%V3V0C^Q3o|6J0?#Xy$!ZQBVQWqh9_87gI7+3z9$0 z^d|d7m$|YY*BhJ`rx-TZJN`*F>v7S0_n^0x{9A74AHH{g7Jq7&Hu}FG`WEuBW|!z$q=C7qhf1c6Cl{sQ~ZVZv2cYX;GJzq<%z z$B_6NONR1c(0{>|{8H&Bmwt-!|3s6U=H%31!8MT<;~Ud;)lY7EdIa9jx1XI~|GJyu zp<=IQLL1+^}IRZO6lFYu5vP7`(q#Ape0jhboHD923X~GQl?|C#@ zZFUr~^|Jpug!aQA2II61DZII(6FFo>1KBx8mz%o;h{$Ik;1H7fTBi0AmUVZEq1!1Q z&G#pp%!bBS4=G9rG-L&c!wqcl7CRN-B*iVfl%Ds5ZknF7V00iNh#X>AoJs_g6eysx zSXJbpB?(2I8Dx+^#utT=CdEQLBgc_ev5!e1yN=qK@8mkw@zE^zv@lY~kC0# z&Arl-*k@D*dB;ipFJ4igx0k)Vr2{yj5i$#_#>BWq8(K6t{hW%^*l}((PoyFFQ2hiG zz)g>bQxlwDLIQzz^S~;HcG?r^D8~*QX+#;T)oMDh!sRP&2^Li$zBc;;oNy67cRt(C zn1!yMylQQn@YMELB$dEEn#{|}^PDrR*R&KJXoqoQugcI-qS&B|fkW0%b+CfHZ2@Yi zI^3}wm^99yfH`~2T^3Ky24wOv;*XJHBuG7!OzQ_*GL9^L)ms^+#PYeUEI?c3Aj;% z(CRF9d)cH9#(@&=9;XLAc}$`9#C|Yjof>AHOhDKxVOM++a?B7uB&X<3jFn?!?Tl&j z`~Zwq-{4O&XA3)fCD|>yjA@C73vewsl?+q7YRfU@#9Q`Z<+I zi&#CLT#rKm$1D@?$9aQ?>U+0r1S9Yosc23aqLA-fIFo&=jSxIG)ftY|g>eDt2Ny+3 zewlD!LQ6!m7SdvXhwv>~k*98G5OM|yJ+?H)4x}`SI_-sWAt#4}ZnK{gD!{X_rl|TjHuCy zm_6Qwm!fQD2S;|R2TO5dZ0JV6Yg;9Df zJ7#YRz2ghFqA!L~N+`RFrE*skDKaPL%;VEplF)5In|I@qpYr!wl9i5@@n@9l)plG+(XTmZ&Gu*PZ=hs&30q z6evUnN!^BaX-Bz)TDm-c>!k&SpRptpHUv_;C*1R606j)<`X)(@qv>c!I*ytk8Aqd) zt6aM!G!#d+_^50Hz{Xr!n&DecJH}Ma;0DFvQCyh)@T6y#U}d^^(Oe$@EkvN1=nyQm zH{83?DwrAuGQqh;KXC#-FXl2>geL@nsM}5SJDwr7%BH5Huu_sj$u(I1yz}jdkIu%!y-$F}BIdgW~b6KgqPt?j! zCj=>gd6oX#+IcT#N^{UL_7BVWs{?R;BJ~A<%N?X5nip~4HizJuXdI9-w1e+5dzX~z zj!;@P$+Ca%6!q;e+_lc`zZVwRBkI<&m7G7i04c|;q?Yk%dmz!QTHCl*KU|m(f!K8~ zLtP*8YAx`0x*^of)cd6SnRcTO5CGuw^IY3DzK9+1gNAb3+d3GI(@L!$yfSr7rP+{(BBbDNFys@!TX{3ZZtq{2~{+?v_YR~p;u9vZ%3o-rhk&FQD zyS>on2Jc!kIyvuXiDU+uCO*TgN(bZ+eKXImQG6PYE(@2+ z+9Iqv;GWlrk;9Rf030q5RjohvCA43sU3@I{2IuxI0DvL#n_>gigFlw_(&J@p``yHg z28(tLu>G95P=%!OLxQd{v07Wawa9w$(s1uH4m?hIX}opP)~d&TX=zTxLBuipb34vm zJE0GWbuA+{NX370ohj(xmqUgYjP9LER^_Sy8UcY*)f~rfT)3mpwLBej^PK5*#^~R} z>Y8sJBnoFIMIZmrKJOdX?}Q6(4ku1SHp%s8an1uZ$VEtkNc=E<2G~VoV{-#)OP@MH zm)S76XWRurusCk<0=z~`eyry>?+`Eidfx;kxW+3xdh_2=7}_1YUgHomJ_}6=>51L!kQpP(&zf@dzJ6B1*>JX-kf|cBniEn1 z#l;)$#TxswWe?%fwGi~AZJ_Ha8~=}0(U!qh@u0g7Fn8QDe+sM82mdWNc|BD_;kjTw z$H`om*lmd?$U@0ieH^=E@#|o7;`*RcJ_jd+hXKkb5=-IwGv ze$uiC#7Qj=4c>cGZw}M}^~hAP&f{6B60ARh)Q1*IP`56t{ElXHF#~Xmmc(Q8FuP7N zCQI%38gpP7mpfteJziuL_V7OPK?{g12L@I@q`~1}!g`q7te%WnxjR&hQggvec~*+H zk?>u#J~W(ggRVB;r=GixQqNO05Zc&2FxuoYpW*U+U9F&2=d_fbpn49YesNL*hBruW zIGu-bNiOMaz8P{zlc=iOZe)~*BHu|-r5n6mVzP+5&r-2Gj&4lAB&*S*|K@ z=2bO4B=wA9n_$EgZ5D$>sI~U7A@**QJ4~svj-si4rU$V9M7FLIe}|XIXx)>Ip;Z)1 zeXnK-qBn7iE@p&X^vAxWf&VeOP_mX!Ieni%C$L{tLXak;8bbO)bC)*s|DEh3*cDA zIq%4${3)x-;2Pg97~;)uo!oiG#+kLxFH!h6t8$$SUFTF_D0!-1+PiaWq+PXn%$S;- zz>7C;q{Y!BG@n%PC*IZO?}i<*qV%v!y-w_ks9d?mzF(aR^EPTlICy>%0RC>TAOJ-f z5KvSAH~{kNZz4csxZJ!Z5CEVE0RZ3vAc5TNolF??olI?<8BFYrU2RS6TEz~FvS^T=24ZYtLze0sUA+83i zUap=EK4Id7c#W!?YXLtfv+JQ7e0Mg?&?F5-HiN!1gt99Wrj{PmjBbfR`Jjuz*p>3F zoR*u{kD-{cb3K>o!hHU&iT*ylqh!tl1+AcQ4J`^E#tp3ktUTk37yc{aX5r&zg90$G ziTVC$%J3DDW!5;y&e{XaEz`eh=RXuUl{i8>DCQVvJeyE9_kXj=9-{;w6Wc`-zBoXK z)on&HO2|=q3K@0#O8=3x0TIJWq%K3wcVxlzIL|#d)u`IQZWM z3}1mGn!%HC$-lEip1es->HwDY@+$?Ha8WV(-=9e^Ye5BG5NdyZEvf&xG!y-(=k|dC z03TQY0Qqah{j)T`0{kv^_AaK*e^=$Nv@yGNM#Qiyuow8COZb*m$B-4FTtYEBp?Q9Q zh*BD&BaoD*=PP`RX6%Nbn*4p=cgYWeaF(1xyDRu=2e)s(b*@v-^gU}uxR9i#+h`si z>qb`RU7P!O`$BhI4)H78u9miYHZS+TK@Nl#t^t8B-{>W!W@C{Uhp>)O4!lGiibByT zJBxve5X(6W&*_zeg5_PQ(p7*KY7GQEW?a>~;ox$`6p=w+3E2c95o4)^;mgB*8ja#^ z791j?$^!b}LHr}28N}%lTC4z3ILnEeXVU?ZZNuGI+%$~LNCTp_8PU=8(lj8uj8*N+2hudbHHzu?bA-Hsu1j{ z;K7s=<3=4n}me50|GhSsxW+97^kb*%J zRNpedU)?n_A1T#1;b0q+uxJ#_Qr%fx5&3&mcow+`zk%N%lu(ziN!BZK;Rx?~)Qc%) zy^icuflS)-`=NdjU#|4SmLH#PuNCr7{gAum7|*Ht5b0^jx8_6P-8Nv_pgUJWkX&lu z2Lkv;-*0kWjzHrvr9mU%8{w9KpqOGPnBir%cT^=81X!S z=H4=PA$*@2uJPK9V{3i<@vKSZlSIxyvm89o?Qs`edlp#QPCMyvu$H6irda12Ec{#>S;Xa{~;@juN$IMF*q@9zV z+Vb+5M30C02C|Ms-m$IS2SQuU=9W4AY4^$f|Nm~Spl#W;^92dFFGwK$2NI@sCjVDN zcqn}#Vx9DVBH~9P&gggrzXs~q=e|Q2%de@6K(y&N>RgzgZtpZRu9OtSW6y3EA0PLO z(K-@1lPEfn^2?WrR*!DC_Y+h6rM$cSiWh*OGY^KbwW*jyCgCiT6hq%3r|%)?6&=Ju zM2V$bg%%9of`DfpE7QIODb^Tv6Z{{5a292*hUL5a3kYD{A`3`p@&JSIKmpNEjH0wr zEjGXu#Xo>x`U{AOzktw^BMB8zW{qX#l(+Hd4K2n6S1H6~zpiYJFuYeA#|j{0f40^; zID(Y5Uo~==-X_-ot&HpKKQQWtW=fnTmeq>V=q%ZDEXsHFvi8zB%a$lB7-}~)?64L^ zD4i``tYrFGb?6?H662)e2}h+BKmfL^N#A+eTRLyRXid}^k6Ujn#$(U$o>=ivH}9q% zUI-D#)DwwEV>KZ_{<0Nep(R>|Y23eU-I~V8+4tU`tmC|=<8N|f3DgIuCv`b6on!tU z7ATp&nU)+cTa~6FG34}TtKnl5`)Ml!MNnBU1hRh#{!rvT9sL^Wb@m3f*JgY(*V5d2js*uw|s$QPAJ<%i}s=jM^0CRZ0D3t-jc zy9&_>A3016SZRu1J2F9=4&|FxfLOv$c#{GZvEGjXq1O0HDFoFXJ^?urIvWxyJZ_=O9d@#r7CKisSI+Kpl_blC)GLJ{T< zu*myY_4uEJmR%)ObkNN>|Cn_CoD#Y6{>JcBd@dp*YjDd5RTkDycAzPgxbE;3k~-{Y z-s&wuqF>u6kk?~b<69J|%u{^lSQj{kB5oh^)ZEl%xa!`^b&Mhit9m8;^NCRQg$D@u z({-=gFM0Am8G_kmJg(vk3e+S30OEh(U}0)#V(P^7mmkixG~>^>o%|3IJ`Fep^>}@o zHL7Or@GKg-q_!RjF)a#dSJ$dH#r=FFJulXM;a~2$QA`prEh4Gae5;MnqQ$;{zO>Ch zT5(07aKP%F4RUnpfdpb{+0}d3FdU7;sMnEI;A{NA0N-ix1D1NX?|DD#d26xYQqu{Z z7n-LgzHPZIw*1v!|20jej$+$qIc9*gdBNW7#JJG5le{;Iv6T^-;<^%Ts1Pa%6rSw2 zP%XthO^&7?{8ZFEFf@rEGz%V|ywGzmp&wSrut$tHf~X%5q?RP|Rbf^S?2v(EmAl}t z^ne1jtAvv}B3}dCTQ<@^e8{hC#Yf(xm)4S3{bT+FJBFaZE0*C6b!FEqTZTXJ2^vqp zfF-<6v1^Y@DIy|SI50Qi;Pq!Ar8kk@O7ABiX^+Cuud|lm$b4$d9cO=x|1Zk^Daf{H z+uB7lXWF)H+qP}nwr1M4ZF{C|+qP|;T;r>En-A(<*TKZ(zAIK ze_kE=`Q(xcuzeB|JaC6ju0$tc*KlWcd`(CjYI+=qUu_B#=?`|o0F5{jeZAKALy39m zY>WRkLyG^q+^>g#kgILUCuws(^ouKI%KV!y$oH5r14sH? zFPd}fP5e0=Fn<|AwIqXWJoP{RW@y?bGC?b|eFv$!2=J2?9K%yGJw8R4JnUXOzY3sV zhJmvLPPK!n>D4>}d<^oB(p5o9LctlDX*TdGGcaLELcHkdd#4Kku0T1f-ww0_Gb6?< z6;|gXq}=3G5;kFnTn~JRTMu9W27ZNM5lIi-kOX=jnDI3HOi*rG2amX!fZTFnb_Iwzf(UqQgvazg zN82AOwKPfDj_I-gwIr}$_twooYMPC*Z;KpJ@i;t0M`h@mm7wfp;SR3#Of880IeFGl05&F9Cs;k?|N&x$mA};Uy zHb@nLgv_}zdOxkro~I8HBF2;POmCgui)CWuW5SLWzB+XvhleFPE`M3QDlq9ccrN<+*_-cnp(J!`**PJ=;tmWtcPez_TR_WRMN3}?yMuT{i}z72T+$cF6Ab3w|ZQT z99GHw}p1B^VwJp;k9$unS*URiEQTmfjZs^cFg8T@$J-_WiT1Vn;D5$J+u@XMsiR#ErPQ5(0kOeBAv}iYLp{JS zjx!{oJw_OaFRI5?S2}g7y!W(qvqN(8jNSDs`ub01%9i8z>mKFgRfA#71CW&?3TunT z;XEswjPSY$_HPQr#I9fc>FPrDk;yE;f_!0EbT4wS^5UOTaw;V}4Z7-;X?tLFn&rDi zCUxmSSe+rUp@*7$+rj}7&{isz>~O*^>QKn`>vU#1p!WFC+V53aRS2BXi2Z2YPijPi z!jEZBJ8sb*6b9-t;&^Q^a+c3(DSYEo0HE6)6Hd=b0zl3x}3ni7mkM&y)}EEVE^ z_5rzU?iAhy)G$S9K7l-=s9*h~5K1gg^@eOKdV1UJXJ&cYU+VV3py^tX)ll&4+Vr<& zbsj?TTd!N;pE7hvCeZG&kc#~bW|5BT;Z<3fpQ_*RgR8T33b2w^-V3rv3)m3`vuBZZ zYuVyQx7M-^xLz47BX2px9#MEFqxH}G_`KGhBCb5m%l#8Ezt)@^^i5=tll^{L6~AHe z`rUAMGK06Yp3tDV5L|H^F?N}>AvViIr85Z3z47MAF_ji}L#y$w>p zL@uD+CK)oZRZJ20M?C~n4td*F|B8Rp*uZ5N*k()PewmbP-o)A2f(yqs*Q zP5Uf64T2|epPj9G&9Ayu?*)mC@;~`;JRaDivRTe3Y*rqo5ICAc&U6c;H1>!nGILoA z#Ib0Nq{|MGpEJ39S^DJYdn!(Fc6%&B{m0dRvADoA-o!oj3LRZiH*X5Rbm1AG) z>k}|?1AXHes%C>;bdkxemxsU)hrWS56ht0f8gDRu9ch8xFZ?X+g#!XgF+&=&Sycol znRko2ZjS}dFHWuXBU~PfGKbL@R_~BIS>jxzESA)k0@l>f*8NJjrbaQxh$Cl-H50h$ zQHrK>I~vi|R5#XIN4)}fN$K%)cl1T;A%|I9Bqk5pW_$NrKDSZ=r%hX#cvL1INnZQ(}4t9GbEreUeTtxV*ab)J2Ll#hbuHg7WcP5Dx;jG78zMjKbTDvl0}w-((Tb4m4_Bv7VK5Z+?(bC?j{=wtXX*3u+lK`aLX!;*@=1vuFQ#UqE(W20+<+39+%wVJ_FLR zS?M=R3%0p4pnlx3iMg0c5(=zh%=XkdWYcr3u;Da4iK=}-UQ)xoUBL4Q72Oqf~ zytpZVrHb0Tnaj0kMSAB&c)29PU~%~g2NzjNRg{KL^smzL08W@kn&R*(sxtY_T39X! zggxOj+>&Y80lIOF<8{Oc%RGoMj;J}@@*kzF8j#OF9C4o5d%-v_?`p6#KMoNiuAy)x zFxg-+^rcymyZR!B=N?9|-HpqzVI^nabH+3bzarEwY!aR=xOR>4hl(HD=w^`#38+T$ z{5CuW?p;>}9-~A3cxOp=ft?4T2H%D$VH{x6VmUvZY&BSBf`>>n2St*?c)q`KjiZNwMFfR!?hSVjWz)nW29Fs*C_S4J3h z!XWV*2VasdEZs2}lB;3Vd)0*(G1^YIBI7o}@W7xxylFZ#ECH$T(n;tdoMbuVsc}u& zR_%4S15;*4N}ohsRnOM@AHy;gt~x_l4SVX71<8ccyu;8q*Cn#-0@wCV2f3PNEvv{$w=1{HS`Z?}l4+@LGz;v=PQ5>^gLN zA1B7VD|`)hst!Yw!S6kUNUoG89S7NadYTJ_Tw>?`dtR{DZ0lY}TJt4_gxmW4u&kmT zdpXF4iKiSq~;v7K`+Nfs!KM*8J2$zqn9h-f(-bA&Q-c~QL-5J(j?Ts!Ex zcB4_$V+AmnaKG$pL>G(YEczZobLo!^*ss(_wP1~U%$|B15IPTIJz2(N~dD4>0DJ}86J0@84^9$tCSB2XPzy`sN8hamCEX}t=~zjSsqBytItNbCqFt_!P+Sj; zakec7;5(Fmc*JFNT8(2^jw4J7TevNdWKKuu2dw|Tet~`V=peDH2mm?;nb1TG?(#zc7PWNaXe;a^%PxT8BY0pP-IB+qN~c z?Z*IU9)R=YbSIe$)26j?>YxSHMnn2xv8Cq{v*02i7-fyB)kk?8l{S!9OR3KllQ)|= z_(DjKD5mbf3xgDrR*e}7M1tfm@8MsUcVz9nQaW-T+0aGNC%zT-Xx3Ryj;GV31cACM z3{2%|Y|-O+^{+o#Lsj6?qC&f-85kw8lR8`-FLJT4)3s#XCe3)4fn%pFP>)I|k}kj~ zwL9TO=_haB$OCx@5)bz`E5eAWX)YOfh#IHN%j8MOnH>q|SAB3@Pinv9 z;eWD;bscz05*PpgG}{01CuaOVY+@zmV6wiOZPyLn8DM9$5!!Ikb6FogS^S7T!GIb) zgOG$Y9$Dh-we#bwWdCxq#>~v`)4&FBK>qT*y`u8{;(Yk?>L&O`g%O_27M)u)9L~M@ z&mX3yP5m$RY?)-R8chjBo;qhb=w72IfQ0iMzOOeqzX>c?Otn1MIOh9N?Hh$Jn*Wzhu;?0f zV_EMQAS|{MzPem=AgE8m(d;f&LrK1>Z;c2XRQ=d5iIuR)zMpKU0J+;;pt_D2<%xF@ zcbyK~VRR(6V`q5b0b6ibszY0j@KeJdS z${G9v>>m1by7ay=errX5_=K4ghF6Pj{mr?Wi6r5j+|?Sn!OZCBBiR<`MFY480Wb<+ zqeVr7zK-%wZ(WPF-(-`mgqo(H1Rv>wp}rG^{hUwZ0E}d6@CI7dY&0 z>^0;rn*YK>7!c?G1Rng(EP=Fkyv`<$2e=e0hUjVS5+8R3*f7&!9~xntp$1i;eZu8n z{!1rVXOR|y`?A}4#VLK_)Q0nG!N9i>0uG<(Oz#!71F%Xflak#2LnjRXOD8N-u;~;7 zI>d>MC$pisG9z?+1m)?(PSu_%z(XC-*L$-3=%GO9KpgT)`2(H@p4yNlWx<{PF@kn< zVF8(AOMlF-Js5)H6^7uZ!7~4c20)G!Y4V1zkfFGW%Da4ia&~u-*5G;Qqm!C!C>g~2 zv)Zq~N;4*qqKA|r88;gOjKENbNoYUAOn1{T?BlKYviB4qU3lrc-;hvx)BP_NJvk*!K*G zsmyOgo#LK2x-}VYIssc?CYwAgkCMCl{mH~pMZk{P1Q^(1LVpOkERJRicsJd1wyS2b zhf$gok=(QUJXYahz4AWdrb#WT3iVa>WkKr5(nt<51~1KM4%4kD8LYXY^40B&@Z_)pbl2aJ}SfEF9KXPH;NC3Wjy*L0O|9FROGdQ*D99 zBB_oZTU!R(HX2AQ4LWk%RQh|Woo%(=m5*mt;y+vVn_bq3j58_=Zu(VjS&o|iJ$qXE z-Mt@Dc`^(BmYElP%7cP?r2xL%l!pIK5)uGwwL^3;YKi$k62kK{wFcedt@<%iSmc?< zhaO`T)io>FM8qk~5j!*Pli`QKeZI8ueZRBd*~jvjvVb%n>6}{fu^@`#k-fQj`P+d+ z4kZ2YnAkXObg+&J!Fb;#UjLTt3qdT1yL$0-Clb~Kiw1zfty%=e&a3ej8!Yzf#gB{z z)}EppWc1TaN?aMf17SnGfDaUUvC(zU@9yJY^DeKCtD;hnQ7tg3H-Q0C!PHkuMf?u)~(2#WpfnHDEp5pxTu-kZpy=)XW7 zLv!b23aAJBx%AkWP?PhKg2`Gul^rg`pt33``#kc4d?V@v$Mf(uI(9Xi%VxL~SNEE1 z2$i#^ux=f^YC0{iR27iZl5NQcGlt5ILi@T6tJkhOacW$p)U50=b^Vx=H5u-QL6JKp zIT&_MxzCYyc2c-L1ghS!60@O;!00y9x|+&Qd#&fHPaRpeMx+jrQeEBnim`n{uU=b% z)D1JHPO>Wlvcn9me-QSRTzK+!;*Y8JZI3?{RDBg+mxGg1D1u345LI>r?|5SALEi%# ztvz>;d7(ZVyC~0`)VBBj3gJwLah3D1FFJC^Xoc1&dho2~-2}gR ze_WLbbD?~sN{5&7*jiuj$l5)>((r!V)zWMs{icGelMJ8~6qKkkA|OM`XH%6c!Jw7E!Q{u-2E68hvAFew^zS!$|v zx{wi17^Q33td1w&=v=g)U|!^rgW1~vOKyRB_` zXS?YT?SEcN9;KD;&1IujbzwohA@b?BwdTISAp<7PK}PP)-_#VM(!yliPvcgrqIw9S zu$?>Z)K-51q9jz%l;@C6I~lRO09(sxF<;!qH>ACGsp??82v%Lhwee|sF#Q`>_?~qk zw#=GJpy&<@#G+&yY4M5Ana*W|ZO#2VjmceElERB6LfD}XcCV`?B29m28IgS@ypN@Q zN3GX(=UA>tL_C6E1#S1nIZd6wTa}aIHA|Rak%(3*p%=I0J@8wJZ1vB|s*+=PlJ9z0 z@g#(^K!jj(Z!zZ{MnOeDPUgcSnyRe%wka>YfE|_yUT%KbR%wU&KRh62-j*xW9s|lc zW&g0uOMPRbB(>SDtkS;-)+>}~#IliQr_mCpfn{kcy)r_m69NLiLD02rWoeK0KRlog zt1haDutrV|8JGE&2beCLCGKCMu_?c?lX-|_IS!}jRML1;@ZJ zxAw5zn`G9JR)H-Gs=KXrYApzYahWfeY!O)eF0Vp0!BX#U{axpl!AVi*a`n?xa(8H+ zu}Pvs*?CP?3}1c~NDFj}{s zij_keWE?V2U?XuMo&+|a5HG7I{eVbIQ6q%H(i*gJEh0I3gyli0vLTO z-;rcooP&Uyce^`JkOj6ikK4k%3KO>~oa(1+;A)wVF8BT+C;OFuKoAOLoXo=nslBgl z@@ebQ`7qa8*+itk z?=UM;-#%ZKhwFqhQj*Gd!Ko(q!1%%|Y6`2|mlHy24gqje`HXa(e+VDY0km~2S#LMg zv*UPUtM0So@~ta+@q&o>azTDo%U1JkrIn``BZA0}NG{ieHKy_3W6Y#z_ty>br|rO7 zBnQT+zk@hKiF?}X>OUc_58Hf1E& zYetILL8&12QrpqoYptNTaW+ck=M7P3&$zj_6}@pp0`NQB^-C!#I6w4@`m&$(I9oU7 z5#M>lqn%O2Z6>t9_EqFhUbpY}m?7B83Y{um757!|xZlP15ExEGEseDNP98{rF zsPZT|e#LdK!4**c+DP?#ThMC^K?y|}y%LG0rq8L|V28y-N5#qxWHXaTI7gp>J?rZNY~xBE*TAQhgGYN_x9ZFYDg#3V!$I0+s%994}vjNkJgP1Uc@ zJKp#PM<@Zd9!3eI%|-jQH9}9B%KB z7xW(<0358Q@2MrjWeC>fQoj!(x4pM1dNr0IBqyX!#NC z9bi}!UHQ)wOGM9Trk{mmyzp)Ew;4V)*xgP$jepp&{@ktwul-ovBd#PJhgjiIo&V}E zQU8Fg&%G2><7hVqekd@r|Lgi&w8O}M&Y9|=!Qbgr=|j^jQH*8#_XgqTl52&6|@~SO&uW4QQbK&*05B9khcUU~-?c-4AC<>xN;fI>~<)!AXD4G;wr@P_e0 zHyDp(|GMX(b5S|V7L4*^Ir(!nhbxY5yS1kKK(!~@j#M#hGpb_9s9VY zQ(Mge3m*G|sUn$NFrJ&~i~V6c)JhrlovKFfG{Z}rr~QtL(ZPgi9X3mN8z zP2;dXa(2L_NFYL?c{?88a5I8NrkQ^n-~b-lARh>p0agnNPL0BCbTQBzUuCA20<4Z< zGdmW~5;Kc;BLC_$2<6HGuJ}6ln|eOmimeosY;&}pfdiBV<@~qPDd$bDpyEozfj!Va ztihZJk{O5+GYJ2W0c3?9rBVJ?Mc&&=_>c0r-_QaA{~8G>UuPqaANG6q6X4VV9rF1X z!6pRv!?8qCIc@30lRQNS`2N#gKdY8-Wd7kwD3kByLf~NBAMa6lU5!CUnH8xd#xy3*YVl{yecFRFx+R{Nu(9_ z0AYuV0m?>3z|g@E59E}%Th*An=@pe#XiQCqeKl#W2(wwzrGll-7UX~E0!puKTx~8y z8!*`P&xMAz9#3)tV5^xl&{PQo>L~^4>_vgqSLwI5deXwF5c(-HSEpnSD@gu<&K0Wq zd&g#l$U(3biuiy_HD(Zze0QJ|0NP9`r5rq>(+Cic#wUay5kHWg+K>|g0 z#aKOaPql}Vg?4;u1nG!t)EWjjh$bTVKaau*DPsIpyUBFhNv5e5hi2sGrnh=Mtv&!I z9bN7-dm{sYt{qOtAw6|X*xeZp^i3=_%Ymq&&>bqXj*!O%Cyb%6XkF5sMGPPl{%CW*s1Evd)Skpll}@#^b(t*44Y9C z8;CK@!r5h3S~)#DcMghes_Q&r_u^{eJ-W`#Gi889FI6nk1t+R9&?@Zh>UhSTqrSQpy0qdH3a(|IyT94qzGhp8PipkBa}6{kTv0z zC?5yUHPB513m}g|c0N0fV4H9n0mHqv2-dz#0=>KZ*x6G#4$0Zy#s=6#nc`Uh+lPl7 z8*@+K2XScL+#LOGAdiC#Aih#pXJ1`gWEn7TSE3&Xn_oCwf`Efa(^*(x3>6G42V1uf ziZ^HnJ>)yvyOS3x9$0&OI`s82>5A|LvEI)s@M8X3$5bor-cHhoa2@VzWOQ_zebL5gC!*L`4mlM)i?Ul< z8F6@QELRV68Ko)n$|Lkh!Yl1!xBuG(TJU?3NX;*I-%!7iAv^EMO@($4L zF~#0QO`g+wIknV4Vuk8F-BHlKXS+J_O?-^EXEQZEvu-gEHAKsiP2~IapJ%1srpMnL z33&Z8fD8AOUk$ex8X__sS|>;x?j%C!s-kddoXcCe0mdN%*XXuO&)#ClZO`XvRxMrk zKBpO}Y>!hPs4;zB6R2bx^&p6&*K5y@$AE7LTSzsGNE3Lg$G#a~GgmK}-!_j5D85G|ez8LJ%;EhnO zT)LS)PoR=HDM&GU8tXea*Y?3_O9X@)4dw!!BFM&8J)_oLb}R4NxD~o|7rGLm>y?Ln z&2LFkPyHP}(^F%C$Lb=RTd(*14xe)(I?M3ip_ZH;r}0%fbDV^hxC*~~@$niG=~qcv zD0HI9mZh{N9KF~Yt++a~L9@j**RJ`s_A7}jf)D@VvVrNA&A3P(S%5XxUGE1jXjq+C6mJzo#nB|LJs|5zxhp8u%V=s)*CYw|ep)Y31f*}5nZOdzQXw-Tn9RI5hV=RR6M4jQv$DAnQQb>-o~ul)-~c)$Qc{Z+^Oq!QY_ZiFpRUxl zM+Sz}2k*jWY*J-q8av0iiL0fRkVoQV4q7i{8zxyx|HB|Lokmv?wpI79>dIR?V&=Lw zOvaOm4>3ugORuL<4XM^yzJxcC+UAH=B4;PIo;k`KM-t0$t9y14=@|A3T_tc+xcTya zsFE#t6S8)n_ku;lYE$=f81V51Fm@1#y>4d>veGLY#R0uGq!vrj8n^xAzcA8g@n{Z_i1QHvl6|f?_O= z&X=&tH+^;`CtmxL?|XO?vT(`L3C$5s8_)w<8R!n6*=rn#X^23Q3**Um+KyLIuqZdB z22`_NEej)BVxp{Q6aKYH=cyAR*W%U}i7IR>+Z;MQ%eRKgCz^~IP4$gUeMhd?bLO5M zVyw>)Pt0d6FQ&|+#;@_yz~VG1mxy5^qAeq&DwfU%X{9;`0o0%t{JcdPYY>q{QJ&%u z&ZhPDhm=`t{QU#57?L#UyQhRcy)X!)CbZI2igCs^&MD1;0!SwTbqK-?sLGZ(^qp;a z2H)UOCxPIdH6YiB)0fh)ZH(^l^&9GHtaC)%<+x20`~qe2=kr8-6THU#jr(nRndQAK zO{lpMaoRHh-Ed*5Zj_$cWyi)O;6G(rIkmH9njLrw!uDsK8Z+HYJS zwc0-p7~|7uZu>}8trcbJv}eiLvAEiiiYv`Ceu};0itXN-6qZ)X-aC}Gi(cLd?mrLP zaJPTatWKAX1rFJA<|S#+{f8W`Ll^d`V$XW|#l#Ku#HD|Cr_}DKe^LT}_Le=LxLigYA|Ks=7(2B%jL-wV6H2vdsLrNIUA|V zj*He4`u-pwL{#y5<^x9#p?#4urKxGVtL8v4PBQdjU%k3hX-W`F#E^tB) z(MkH;0+F*G`(J+AL;e|ur(C6-4#gdC1O)=Egv`?(ZCbQ68gH7B{)6Z|u4gV8yFxvn zu+^bxuJgvZQb2poWU8ruN%gw3j$FPmH2w`@k=M2xR%x#Z-@`TEwpP1rFrA<#u~S7`nxRTUeK<$J}Y?6SfILr4I|62-5l4gU-kYgd11T8^^vyCT-mBI+x*8#+RgnP z)hQdeN4I}e=tR^=bHggsBlmd5NfGn1p+IE+su!EXmLjgmfgI@vc}VV#15!wnr*75U zcre~()bzZWM-EJYrxZ2TQ0$y3dIRJ#W<}&U$ymBb#+CMbdp@6@G>Y|P`P`4K72@^r z!V($8cR(iAQNOIX<^FuV8r`1A?R-BCrMhy{9prx9o;B|H{;)mu=RGYYn(^^@yg!-w zdH)21Y@6NwgXZgJ*xv=^1ZlOPMl(+bz-dfPWRJk7m3mB!8vv%nfbyg!1oANgfoR$V z9c?<$AzcWDdHuf65qPCHl=7$Py-=_QfFmaX8n3cyuQ{gFGDr`49$RaO>VVk`x4GU+ zNgbI`9_DE&#}*yU^N18r9e^hh2VfCJ1J@Yj?O(0C0L)<=KhypjOOMWP%`%3-%UVzl z-yUIfmYN)$_t)#TeG@I z&yF^~KtPBbWfta?IVsb^c&Z!9Xs5B|%dc7=Zv2PNdeleU0)wL<(g65iaU6q80pkNu zZxlXw7ZpVnadDHNg60b#QPOQ^Xw?4Y;pG`8J>(LwKs05tg#@1EA1aaFwD zC!~6gK|Ms&{Dw$)mm-S*_}W{4U}3S&L*QMLxN%&?xN(Zbe7M4rENntk0)-8A#LzbA zk^s^IBsXwLbzh^8IHXGQAvzd?@xX|bt&m1{%-NtwadNSwIq~0^k&#cbrk%(vIMvee zv%3z%fFE7MNYP}MTATnK4H41@)W$J5qEP^$ehfb7M~gF+2=ogYp(U3^eX)wIt?hb0 z%u{s%+3=VXW!_KCef-nVf*r0_-HFoGs(-E0iE?qm)p-eItIh&6Mdn^>PZ36+i6hjQ z(%_%2GILtWj2|BnrRH3^^R!6L1H)l{^i0SK->_vwMC9g@jM5P=POSn|0%=Lk2FzU{W5yD;LgwWKHk3fK3}{)G zvkX)rulpmk&M0>xhC6Z%BLx#g>G>4K$G8J8PGGXbPZJRLF*}@WD$iMvOsQM$`vu&RHpPjRfQ| zZ;>)rPKQ14!n72s;=o_DE4I4oS}h!SG2V+cXzC#Lv8cRN2KVi~2OFnAINxw~Y@+Fp z+0S_Ff_@#(!iBK3B1KtEi7r&T1o##%!v%z}!E(DX-{MIYhLJx9SYL;K*2}5BX?bn+ zJRI}trmm-!FxM#QfUPvw`8wUaE!kZIrlff6#&(tLyo5IIjan^be3z+QG+}+M&)P+Q zc1sIZOZ?;m$uh5EMT!3IZm(zxg_{|Ko5ZVV4Ved3cQ9FtnNN z^7~&AXc=?WOf@6`zz)^_Z2`>5#M#-x*6hD4kxiO5b{p)7-@d(Hq4>FUFgp~OGH8Sp z+t-F(UaQUyxhPt)LF*|5V=|4QA2)0X)$9^@bQ!eo#mR4ROamSV&;zY}-nzBZyec+o zY?+l#-yzw#Dw!UQWo)f#Cp~`RXlrj8E2)_xZI-M{OK(C;**~|}H-27Td>0knr50Nl z@vF{_PoL+XH8-t|6BD++YSk0hGL6-&z_gjJI?s=dU0vF#S0h``hTB!GCVD%ImF<52 zkfYKcfYOi8y;p2a!4T0dJhxeO8ZSdh8co}(PL}q1EJQw7ykDdYnRcoxW%wLBtt(N+ zX06*hJU3((mvmyja7z_eH% zV&yDUYn3v5iC^n@*XuqMsdtyWPE+4YXf}MN+5bIy@_wATE;JoYMGO+G@Dkl{V-;h4 zlMuoEMCUG@IC#%q?HRRU@`^v*kQaZ=F<&%(thHF4Ag?6Bad7ou14NXVdTgcgC}g>8 zST5R8v>*?Cptwaozt?Q4I>`O=dTB{_8R+#_a(lK=^&zdV6xmW* z-(HS%ksu&V!}ZW5M0{y9S$NDWsr}yK{StA6HgM^C>C}Ukd(5e=W{srt?aX`db|!qV z-ut#@_tm+X!O(1=STWu;GaLCZRe%9qZGKwu+ON}BW?TW&;unRIDbUTFE312(4w@|U$S+Ut@ z;s@JL#~Kh+Mq3Q+}KqFc}-WgQ;z z0njE~TZ|F<-eJ!yuV5W@=o>$HvP78zK{|{)D?u9_Jsw377j`HeLLz%pdE7GEY;Ewq zsJ^8r7%U4VqpC2v6CqMVFQ+}>ND5M$4D`bt>jZsnURu9*fj)v~XIP3OhcF~AQ<%6x z1hl2Hq$%>FE=6$UtfS(3ngCy%^tk~ba7j(`zY(U`zK5P@FDO~f(J9@ zMywyr@>c8y4_P6mVzdYrJU~muSwqgcF(2p-Kuduj%AwDZ?v4v+8DK{t+Q>ZG^KmAQ z36?i2@fuiiP*E@XPlLG4I&zl&LG%oJcIGr9M!(5>IUgmCLBuKF_usCBss?$)k-?;w zFC=bMh|53-AxooxCaH(MXNcga!YNF0n&lN`D$PfUB9)Z~8@5lU$0KU|BihA4DpCbx z#Dwic+K8=IF>FzrABs*#RFfR7Mpk80Aj`4rBA`NjoMh>Xa)TX?*|da1lqaXWFsQ;YrwE#?QME7*|S^B{M9Op6C{Gjcs`{BplQ17CnQimnekh%;BLO<>#(Lm38t&;a3=dBKIZQ@s) z{}`6TJn7R*b~a1umouf1Nl#Hw{>b4YzrsUM?sgso9z))cC42}@yp=h6o4%Q2T+8u@ z6#n&CBopBr0*3%_fiK$`a?AFoM8+oZhl;j44oJZKkj-n!5hw>@@&AVixh@Rlf>V`; z9E#wwZ(IPJYu^IBe7vB?qKBWp^lD1rK5#4JgYSqbB_CE)UjvnX3xSS^1W_vyZ~#t9 zyqhgL%^tH$UiKM^C@dfVCf7?|JiLUI%nWi(Tu^`uq*SOnW3&eSL{0xOGAWMT7Z00= z$;jc(oR4-Z>_|jOaU3CVmtpUj~8$Av%0|?T;p{g5231CIMo1 zxtt&*7zsY{2pb8pW`C*le4r$Op+x@d`WS=%lW5p5kEo+Fw@@^x8BsT!MBDsp3XKOv zi5UhRg34}Y?jc385d@(N&1@w&!@mugc(i{^k_r!DE;?!UhJ4|gwwGYxTG|f9#4OW> zLB=1~w~lZwH`_I415T}bUBlm2?&uCJ+qK|F?W!P;HgG>coZo~#wzHq>cGZk9e8x_IV!Ce8Ow3pBq!#jV^om70I7 zGq+r0w_A@~e|CROV#%CURcv2$Po9`Ju52p{6*6nQ-2SeaL$$f<3UXpkn=|hnmOQ-J zZ^hVngi%hFQzG9Vx@!+AUOe24W!tG6SKrnBQ#3uCdP}WtJa{>1kB?RgEqEh%Y_0o$ z!x50YtUnc|L$l{D2SyyErH$l{$1J3AM;4h&VvIa77e*MEqSFm7uMM=CD?K0X&Oh&* z(Dhg=Rh;x_e7X1aps$kYd5zwe-DE=7D(~~xo@S0=SLr=Ivifh?V^U&EJX_qI@6Z~c z;o6Q_+76xu-j82-FQ#;FRkog1mRhVQx-G~q@rZ_(tmh{E3d9R)9X2Ve9bMVW+i-LL zJ{@o&H+M>AsQ=1k;_07YGJAmi_Dyh?l0e z-F(CSZ;t6cvI+2(-&-%iF91RUAO|pVadNh^QMa+Cvv4-C`7hwXFCYdW&-+C{{|}$4 zI2qUgdU(-VK~I1PT6K6|!vZY^0tdZu0GV}+d00?eyQNbIZP{ZVx(Asx>uFNB+dg>J z{Ww!Xh$?&e6nIL1;*9po$QadH0^;~#`N!n6^i;v|JTrUBq9%ahE%9xNn8IA*=)yUB z(k@Q^lo9F)6FW~U^Lxv5x4ZZ+u_b?yDSGG54fhuAE!pff_ipGAqsC_%^Eu2QXDC)s z-CdP7a4}Wlmm4TYh17esf4;wo4*%0Y?ruauy7&8>D!<2p{y&aG-qFt9>HpQ4WW@ys)mX#hLn{6-f zlaKUu7y0^cZruNWu#tF8uKmI9FIm5|@c)+{W9wpLXyW**mHuNFnM~cX-C#u?xdFSx z0p228Of?ZHQ);qMGG2`Ul$o>AETAF$gcl#jYxPOz>Bp_CrB_5W;aZ23kmcG5V)U4f z74y5t&hGT=DjZzHCtxsxTIqS#2CI)cNvlS?J{kF_9CRrPpbiaUYO;S3Z?CoU`#M@; zH9^rK%!k35(r4UCS?i}sqErGfR>g-rVi`)`O{o2ScT?ra~K6Jg8BXbKW zT2A8_W07y6re1~2IRdt>uK^Inp~#aranXOy#bNvdl)(GVk~w38{^X^^j*jpTuK@ea zl5tk%nYYF~)6=E>jgfgTdSg~xB_ml7@468FK+8%EI~zhlL#F&vssaq&FQ=?!{ucyE z$Ixe4o33lk0N+>&fnZS^!$087Yye9>g8<# z-ep1wK@BMCAE~IAuqhBC?u+wug93+wDbC#-+-!q3UOELnaNT4uOy1aMd-64{1)gaA zW(Ys+phJ&7Z%X}gDvqi7P?m!~wBa%0rL~1jv*mKVpG#=JuTG-%rHAA1CO9fX-1~6` zlDV!W9eiy`68#ch)kTiCr#vMIw?xbw$RaIq1JcZpyD3S6J5~HwV`=DMiAI}t|98#c zxsMKy(+^sDswP6npBUCK?rSMyn}{#P-A}ki(Me6CN^^-S5$w+BYacob)zM*UeI90k z;tJw-qid4w=o1fL93h-S7dy8Vo@<^f(o_@zahE}{FaJiVo$l|gsh^ZJjbFE?$6F~q zkm)hY)MI}(mwDuyK|^iHi5G?PsB9h-A`A-OtWku z2&PQKK(8wp&zCfsp_DhE4l%-5YjwY%fhy`oCT2*gl|HKbW^fQQJH&XtP4U`>n5(fX z7%Jd4v6cMMy4%NClT3zTY5ffuG^aL0Xus8%InIHq3K|4zkJp#S)&*Qq#v)ojnUJ(K z)0y-gykANjPknas@6~fqkcs*+pk;H=ieO-%PoTdFO4-^unf+BwYFkUoc7~I{bs_c& zlT2_&AiaW0t%S{ZsCBb<##%uH2oq$X3JN+d zpEZL8FOMh|1RDl|vSQXfVI&SGd#BHuQ)yL-Ffos&y_nUmwQ80FxVhy@sh+kOJGfUF zPPaOLGmTnRf1u5T2$meoo*I3};SN)=uSj z5PBzFY89EmmbAW{8eQC>Q9_%e`#~JWgt)(iU2eS{w5%^3g7=X{P(ZOU>HujG0ht8` z210xj*vid8QYubQCsN zaaJ2^B@Q=UkS#GVGadSKkZX2PgoqnE>FqQGw`?rRN1Zm6ijrNoh_+%L7hZx*JF{nP zsh%p&5SFeq%yveo5+?8T$^1;RP}pAd^8M~vD)qRUsp3xdY* zQelo4?ww$^+pfZ z(%yH{PmEzm4ZW#Y>|Rgsi@y@oc`DAyXS~Ua-RKule3;6Ox!{&~5E)#%Y|=uRm7Ffb zFsLma-x7ItBlX!pL?hzLi_Pf>^+V+&rEdyY@W3z))tTVx`5Fg%g4~p)hI=GCc_|UD z`0VqlLeRJL^m?!tUY{)i9@VERaQ2bjGZ=fq4Q zNjjH0p$+kmtpe@V4uyNC{V*&oJLg=%`>k`XfFA}KY98!gS%Er1g0pi=vzQ>z@d@-) z{y|ku9)2AmDCmThGZ2~KJ|g)e-H!H@zTw9L0*MDagO03_j~`@^ z>BYT-O0;EBU2NNTyFWYP;Be^#NZ{bn`w>9aeefhj7smjcy(8Dk0Ae+lQ>@ji87VJ> z=&#&sqOX%pG^O>vQIOKcT#LXXj=CGB=$>QVXBfzi>q@~c|0wjtl;!=)F^eyPIbZsr zC*q+exZY1dE5fBdR(UkPYflCmoYQL0aq%6gC9fQIO)V*@50f5XuhJu~9h@@7?#g#y z%XjUcvSAwCr>jb<%2Jk4x^iB9%o_cG>gzSSx=0$1s*gBj(LJz)F21&VfGggd;k3{@ zakivtExDkV!}RI0sr5z&>L8Pgyb$~=ezPYYUuk>04TtUn7Mqg|K`JAX*k_#O+d9SQ zD(-6L;#4DB#1dZWJ;;UZdZ%-vfp7F*pA3<1@&?SnDMN$7sv+9vV3^?=-^@kNz;W_UuFogiUa1hioG=g2S)K(Smyh z@rWXm=~(CmU+F5jak}8{pK028ZCX4dpo|<;3$^2lOJD3&jw{{{Kshw;+anh8Qc9aM z+|+D9ji7eM;et)?Q|N?lLq-=DJG69>QsD>?Q)BiDrVWCyQ}q;>TX6T32!PC^W1Vr+ zLHHK>oRA=P45zg!>dFEl=7p_E){4BM++n(%vqv>Lc+EShJts3PkhH|8RgZe(irS`3 zPKtO{Ly~@hLl$-B-oTbt<|50flO^yy`8i za(wFai4zPn$NRoUm?0lnfJe!u!RuBHlJSJf9U<)%Jc>rsD_#+t%(;?ORWbc5qi|ia zT>Vu$wE>;xV1+PJ#3wXdQg5`XAALbMLA$}}=HsI_$vw=S#(lV(Cu^70b#}x%?sV}5 zK5LiRzMk+w7UjColY!3{@AK3@T2~sZTS0s`$Uw7LiSVJMsjnz);?jh}Ni%HCY((rZ z6fIEf%Dg}bnq^)mRVIi#uBrH<2LUSl&af8#19PxkP^v2y9OD={KOz@`RCd!WAR7yj zQ3=J9fZqEB8ooo5m9WnV_b1_Z6rY6ge!R-$AN>XS`2*+|0c~ry#9g7mx0%#oCIcgQ2i5N8pK6i0_?=(hcP@J+hm@Ip!5NAD*m0sBBiy z7*eibpvmx`!Dg{QV~aW{ZmnZf*I4@;Fr!~)grZT!$g1J{*>h&O*vJv5Yq8GUb)-14 zWBgLlV`%LIK}%c6&{|Yz9xIuMo*fmGml(;bVY z7v**CBe z5n9XKM@ppQ^g)VgB<-J#K7937^Q|H+G4e+ni2BrN(p_>w#;Asplt$I1+|6TAW*D*d za-%1S^wZN23k1AmS)%8~7PRcG7PNx7)@d2kxmP}0FPjuYNEvx@Izpn<|1q;lke2|N zzsv>l8!j)x@v33Pr+=I9c+**voPb;N_rLY)qW@@zUfC_lVNo_F^|x8cB;iswP5r~z z{P-m0{}@+1YV2m36pLtvr*JiU?ezv{sk&E!vZp-Vj!7LljzmM+TgYR|jp0+K zbi&qdkG@E|!Ol5r(T(YNaCmIBeb+0Oj%1JGK<(SoGp@}2?4+3oQ1ayq%x&r~T{eJe zRGXEGWHDOKbqg_IumT6S^m7!-`bWDTvYn}UT>?oIAPk- za0Yh0THUti(KwAl!xtJZ1i|O38u9l1nTPTEsffPLdTgbA(>V&}xs6|rmjIfPhS_XJ zWlXG{ZkB3>vg9srPr4!H_G_k5@%C#gyS=7~)v-!W%0*v?4f9<@67wH7ox#33U)YX{ zP(&D7Eq^)108kY$tBB4Ry~sy|xFoz;v?Is$GD&zd)a=ArGPXW0de*mVG|@k^scmF< z+A;gqq^n{Mu=jOSTO{jU>?S$;F307|**r5Fzjr$}sjgK$P3$7(p3>z-S$V+;h5BpX zhpKuud}@1gcIb?z{E|{vME2;yu5Y9!3yT(xkNt78#ABQ^*vYLA%^kfJyL*Ek@VmZX zhMie~H^u`%;30&&@K0ut6PQvAizid8Y^ZO{`Mfplfe;K(m}dWX;e+u}QfgUC7GhKq z%NQ5jd3nxLTO@D(BloS9g)(aNn=Iy!H(J3@vA30P-UnPx`rL5gxwf&<-1y>?Tn}ES zUPjAYCIn`^aiJ!O@9*=Qe&EDj+NAi+=V5u>NCh*uik{8BNw`6+qupd}==5w9Z=RXu zTR3?d@5B!i)1!gF{2T(od76=7@{DLD4)jJ=bgBk|h#+UhO97?N7dy|jg(XW!c@+h1!aox6<p$bm4&zwpK=|cn)5faa=!>pu4 zy?`x^-b_hOb&c^jiNV$iHc;JU;2B|VkZZ>DF*0k#jQXCrslJ(;%p-G@w-P-uu%z@L zBpk!@fLQ4d0hy!SHq{5c>b%4nguv;x0J9d3pnl{F``&tw>Id;p6;-ct&7zQ#l+7DA z0nzVd`>rN-wZ6LArOvWUZBV(6n^ecm@My1PJKQ92ysc8tdl#Rw1>+MA_^k3Q9sy6P zuiH7tUG!OkgAs;+Z6N6k8tg1ZJZzU6as!8y=E`?`levJ|gvR|35Vltn`O@{7O`L4b z%s$lkit!JTGua?cpz=4RIc#ppkx@3=J<8QD;u&3ghr^(8!?C5epP56lxsitx^ok3O zkE&!c>aBy?*_dG|L#KmAPBaOpALxw5Ebvoz@+UG@MY*b#Bf7Hyen_CXYxRd+MXj>4 zUCnRL>UMgObb4EPq~43CSbVIlHvo^8No%nCRh;Y7*UqK^{7Zx02HA-uTeoeoD!G5N zRj}7)dfv^@d*zp)Pveeq6Mi6?BgawuM!nA2>%5Ojk~rq+%r|YH*%1pP;I>`9X&U*) z7Nfn?!s1OeVRp z2lyJpWe+w)qmG#CALmGmT5tH!xK99mBCs_;M4h~0*&y8McTPT2e z$f*is@|x@}b_xV0rnQLM_e>9`kgY^HqK_tcB}$U5FuI9X46}dXL_Eh5OD(1x>4%b9 zi|6eUGY{h`nT-lT26d88u6AT-ElWtu@>#U~_XnD? zvU0tShD`aFkvIGQ&O4!=KbNqCCZZV;U|{h6PMv^^^k4l(JxLgyvuJsU2eWuV_0G@t zT?Q`)z<@)IAbO4gP{9w=l0yZT1*>T?kpi_+5~f*dw0jPZoeI4c%D;N?5~H ziYmM5I!Nri<+;&D&lf%z=1v!8$@6?BQL`x3qxi>_9x+UTJy&R*B(GYT^GbY z?(GX=aDkAB@nl$PG8-SCqFurb{wQo)A>lJO?s4q+nEB#_{nYKw!~y>f%{8@dO(!~n z++^-e|4y{bP|I5CMaC!ngibp zw?Ewe^0-bXzi#XhS;ZuoVFH68q*a;KQyf_u}%=1$Oc1ZgNa z=$~}Av89EblAgYq(T{ZZO61RC=`Wzg(lNbu0|@S%4%jldl>3SZwh%FAy zEPy1s12lO&r$szd3Ct8k25`^V%L*+)ilU^(9&gM2OMBTr#H7}&n3nsyKj+u(TSj3} zpu$!!7OQ)MwJ`5;X;q)7s;=hGqSLH7BBrS^(-(nY(og9Lm}ButjN}Y|UB{j$igQ$F z!IT|^UhLA1Sb0GyH!3-+*T;jWrJPWLEHfES_w@+36#=K*D~`)5#eDFSc{v?v8XbHS z2VnS+a%l@O0v|qfWz1wKvc9d|j_r_EdQfp8d>Nkw1AYa*$-6|0$YA0bPT#hzBXLJ; zot5J>vm^%Zo|SL{}+1>B@!q3AgPW7*B@(+`pBwX`qYTifMa#Hv)E z)D>$XC41}$PpI68kgmQm_y$CGa`vnCVfH^kp+lLn@py-( zrvFS?=eOZ0@}%q9{dkyTagFd_19gR{H53dTN!XxkGuTkU38>1%&$TRO152Bqar$4C z3F!9*J%Yo9EN33#dF(};Q!wmeOj+cj@Dx_a@)szUJE@nGzMu3S*F|8qzuNQLnNq7E za}aty--%o&?sQ=sw}S67R4^BA)-D03QXw@n7v)m4H;OI^cP~$LRDCL(9Im>cP~hW; z^|Z6&aREG-L>Nbg(`vKA5WK;iA++1<|2fb*qi4Rg#gc*FN#(1=npJ3q$;QLjG`HNBJy@NA0Lp)PAWV@;iJL9~hFyHy|A zkzwi;orfhJiLC0R?5P(CmnDc{zrsqN#4r%df|lobJm>F$S=>BGGM06HXnmvKDvMd< zd`dH(NfbtvR1VhGKu}&~Xq24hHJapj>ZoAV;l?yVOb;%IBPS@r0`z71_Qg`P&#j*) zCAfU$ed?Gb*8sYZ6Sl28xgp}R?>Id_pXEl&JWO&w+WN6j@GrwHVqf$cG>X@tQH=F_ z6zf@8{TOWj8^k|j7$)IWGgP7Dem&-tAW;oh$tdLAxLwCv-)Ny?%=HJ3DtN~AI z;h!AUI0&l?+r&KJr!yYY#{>-72gnz(fgvCS>Aw)E#jV1VIJwt_f&_MC2XMA zMr?`03z$-E6Y-E3f710*XSkzhh57k7jh}PE_z(}{<9*9bIsUh1+eC@4Rc2`I3V0Xu zz+H0KGXd}j0*%IYqTAEwNCB%h0~`L+C$x2;*zsL??Kak}CLN#U27pvzZAeE&QqH7i zq(Oeo_F;HL{Q#nQL(IeWJjZ3I;9pk*?R)ZEr}hn$;bcN&=GkZaU&UB?e9V}Ad>Jb| zD}|ADkGYz6h0?M2yrl>(s&<85eho@-TMk`MKV^bTUo)3ruEU`YFE+c6l&|HVG)Zqd zmb47JX2hd{rj3q>!i46hyYF#2GG`_1XmVh2Kw+FWyS=Da7B}6Um^gSUV*i$p=6*$t zEDGP{ljk*G<}>h}zAjP4hFq()L*`Lq*KA)EMxEgp@>GZukR)ueM+WGAcSJ54MLjLz zd0|_4#uqlR1$3#XQ}36$^yTNZt-3e*Zn^Pa`-X>6Sv4lKZ+wKlaDVR`e-S$V+dcm3 z8b548Xun14LoDyT$a4&TKG=wJ^q%9m4O+r0yt2R1Y#%9l4mF?WY zIH*4>u1QUui$tr%MC@T`4ck>VCY8&~o;;H0k??nYR`n>WFbs>_PQT^xI5l-aDP%a| zS{(BFWZPgZ&_}5%etTU%hQgt~p7`oo7^(&2!yOX+tip%{tm{CpTgz znYHP*dlyC+b-AbSnRVsewgIQ@5Z|MiHvfuzA?yItwh0C?$|v3vWz)sx7wF9{&t5?j zpr6i5@ug7t7$@H{yXq#p3iMM9%mhYwA9%AWmHMV-Rmlu<0-h*MqKAarx4a!8INfF5 z=TIfu+sk+R*Eq5hPIa7I)Vp_1EDk@q{XYn z`DPQ#gjx9>>?{DC9iJ3N4T-pOyL9DJDQpBhMOJ`SIn)8ziVrkLOs~V%}W*KWC=>QEST;mVo?3a64fig z^P0{e$*yGAjAl&7zJB7Y5q2&j2jjh`3lWL@75@?+XGj{T>In#yXjRO|fso){*5^w@ z`jFg8C*fy{h^-5`If1A(Z@-PY&;7&WfrVp)&NBa&D61QB!7YWxKq2an@#OBIAp)J` zKvl|gl$@-LY_)!jF7kjs9mFcTAznjqOVIfd+8_9B=q>*Wrk^o%7l`GMZFy1&1LJOt z_ET=>7E21%Bl)RE^}9&gUHG5cYPVn*m>1BI^Z%u^cGuHgDXd#xGtK`djCB`(S2ySu zzuWc;|GSFNUHDy{m0S2#=P&qgsw;QVcgq>yqQ}O5`|!Vt8{b9Wt)qI2j-C1g{j;j- zUG&|OLAU7b)j!Zb3kcms-`#Y2i{3c;g}%E5^{$J%8+LA8?4AE|@%#3jyYN3bk+)zN zm|jHKe`84Ab?_&P@OKAaknTFTxUQx_OD3(gIaeNf0uc4i)Xn13xCVQ zxeLCVd%6X`dGHH-Clhto!`UBkc-K>vaf Mp+o3X=s*nfKO5*gm;e9( literal 49490 zcmeFY1y>y1x-QzddvJGmcXxM(;O_1T?(XhRaCf%=ArRapKyY_BP1as(e|Mby2kzLX z#(&bVC;$Kr01c`u>R|6`X76gK=H+PS zqR-%IXG>HF4oZ~|00mzE|BnB~5@<@9R2XDJ7QdHz5#6J=*3%*i&TQDK2PYFUK3+*$ z7+_qUOMT6AE2d*qC#7E@}3dMueIOsC$GONyI;#`XXxk zB2o4n84r=kr|$9)(VCf4Yc1gCRVY~-HLX3T8+WDgin*V`K}{qy#cO;xa&#)FRUTvZ zQ$PC>OG>fcVsQrIQ8erw*%JtCQyV`ljSgsJG{gM+U5H@7(nU&18#x@oYr&T83iDA;eg;abT+efVPyFD z|NlV!zZl8?V7)rA-+GVIjkDFbj_cgSyXMo`95)t`cU?1;-uutlxL$uM?!w z)DuBb+USupIFJbs;ptO-X!|r`cl%{(f~2J=0BXWg`lz1zB=#fRr<{TNJ1QIh1J)u(+ zuqJNgw&_Q6!`AHgZOX`a3HfBupSqLEG@G!L>Vm&Gg6t20pO$5uwiD`CNC!v)aCtDj zg0kxh=x|+dwY(d640MF_1s_+9kNw{d48|_Ih{x6pE5RXb^gig0IS$T^esxF7^@xd-R5+f6I$*L4QvJgWD?y zzhIFcIVx4%LVr#&CH8n%HN>qPyz=i@E3Y$83XqDc*cyMXY6ybp@8V zsZV3r5l{P8lG+vh zC6f#Kw1g+UNo%k{SGhgW<>NDM7Y_|%oVCme5^ro$6`l0&XcnDTW_^_j;s8_Q@ zr$!=1`>*S)-lo4K&x!gmOd}W-YdOojkV}Z$Wt_bkqdYzK=wUEqzlf-TtIvvKGsus# zgj*p0%sAIGFMged@Smo+*4rmzold&W8`(`66=G`zss#e#Vwd*!xUa&?fZ2Vh zt97|Efd7?uUG7@o`ls$EFv++tFUO5mDs&Ek*lHrT^qSIb24u`(Oe_&hFR)TXt@Ut0 z>1z~O?#l7Sr#6K|Q8Km1&xb$VhsyhRO1~;Z-37^<(d;rkz;xIjHV}W+88QGz+@ZOM zQkURTB1*4AdPrYm(?da&5wTA|L3Od*=zSUvdgOf??cy_xPd6pl>U)%yBaZE2FK56M zGRrXg@=}#(^#0t***DH|L5U3?hOr-m8I$UfzwMQBizt<;Rf$S@hgzMU?gblE#Gc%S zhx1-h#399vEZVN#f-g@%nZok&6$dY7E|Z?io2B^yu{g?Q1ntXCKt9;7u`#F#)2JFN ztl}ghcoccQ-wn(WrIyB9!>+I_@UIMv6Qq#Wl**i58^|>-y4$BN8H;N!bMehCF&^w0 zX>R=(CwX<8Z9VF-*1tm(aMW1Nv*tM_XnW?_aVXQbl|w5HCw9W+LA|D;qCdT%A{{XG z+6V>TRxm0taa@l!W{=P~yfDp>yg+d9EKCb=?Y&84omr(~I!K{9c>=;gkv=J(Bet2f zYP2SwFhL#?zvOMq{T!OoQ!Y8os&s6ABo^JRdm?FPi`gUxGroM0BaI13iQaDIOqHtG0s`Det(stf|nPTXbbCB~tRIU5c4$L3UpP*33Z}r<1_r zdnsHJ6P6@}(T_jj9YixjS`B02(|XbcMNsOmy+C`cn?PD_P5gNEjDRhX^>!O1(68G zx@ZQ72H9odRRwR8W3ODl8fs#A=Nj zx%@^39UItu$r@Ielb~1+=d9GaOEF2_vKeW0civW`v+sUH zZ?LNFXXfa_13mV8D{5XWlr**`s!GOuvoC4KGGhvYt3 zVe5VC+wZ|VM*!oh-Y;+Is^AK}a^4;`Xq%Sy=i1A*PSmR>!)u2#XNxf?F#?4Y-0gx$ zUhopGwVy!Bi3%jqs$&7GG#{hH02w#DRiYY4*4O+wo5J}?Cf;?~QT{nu<9VRN#YtO; zIgcoi`@ktdv$`Q)%Z0d|lvwhLB%JA8hPW&}0hA9fUst5{jXrtKA61;pyhL|;Dk&O{ zq*(F-=8wZsAQDw>TB)PzMIX5fO%gaT8;fi}!M_7xii8$0hk&QW?c8`3nAmNeMyK=ZhYi-I@t8Oj|zW0)Uw( zAzhoF6uy$i`?iggVq|CA46nS@W*L^u!h$5M+ve6V!L_!69C+u5Op@VUA{|Q`>{m>e z9$Tzvsz+$`c8vxovQ`78cZ9GM1WXupFHIeRhPcdiJh7g#9z^xB_)WWjv2L za_~)D3Z`$E!9{{n3;#p?V2lrRVk?_wa&jy>UlI}FB)M+ji5>V=uG&?j8VHS7>_Jbb zn9cQop4nzXVaX;n{ zWHe(|NMpR%>weJ$y3fQuQ{u&oneCOheX@BWkq$b}Ec7Vt=aunSpgJnlWcRp^6dnYo z=8Z-ZB$wapxFsx9r#a2M49pVR&h5Kxg(ESQQe^l8LL7!~ z1Vd@2%9Ja@?u6V*p)+H!y&HKNZO2<4@8+goe`#l^aG>wk(_LR19tM*2Tm&K`=YTU` zWu_?#*RJln62{XHDzTL{GW6?~7AQvFSsUX{s6_C@jFR-Ko`$K9BkYW-if32u_v@~e zFR|xrn|e?l471S%Ogxtw$-+>hwP}54LtuE%D3Vwdq}-+%z;voSRtM`QSJ=?`Jb1ed<*s3GVO<~heP2HQZ6RX$?0%x0I(qtC#z>%`H@Q)Hi2Z z$lIm_kkzfTa8`*JoGNwG(UgoWeT$dTsT3=VsaE&cvd4JP%}E(3b94`hTc5z?jas5{ zpotCPc+h&F&sbxCN6oIKb!x48Az&m;-d*Hw6JSyKl-)2)21nL28H~(|P z(x%cZg67P~#!E#Pg#G+UF3YtdK)te06pFk4m95=X(1H18Gt8fQ~ zpw*mJM_wh3qIKe$%ecA*EuVg&AP1EODN%l_xIW!_C;xn`HbZE+zyq!y&DA}dLQ!b0 z!y-Wc0=sq&QNq(;qaizAnY=9rIg=rUk`h5y^B~d5Df?AO zk9pyVM2KeJR)J}VC6i12pN^u7<1;0@(ofa*tB z#_DmT;?y%PuZSN21fiC>f=NwG*m&j*=fp$48J-^tekmKZB*2hq_T2Pm^Ezp|ujB6$ zIflBMo2d6Uc^P`$jA+vK=8MwHv##)wEn1INXr|Zv`F*+rjj^h<@aR;3b!NN5$Kg4D zCR1{CRlt25#$tsPi(p>?|3yL~ekV7M)ZiC*0UOUvOBFCvda&)xnsQ!U@J-f(YC(oG zracy9$i>s-46J%-bTBmRQjxl5y1_PU7@@&kxf8mZt0Qg`cT5hy^te#~yM54I#EL^_ zp$5um6dg4VJAygK8{M6!w2Ti6YV@x?=r)@SKDQD66`@{4EyCCO$Pgzn(FP8N<6V{3 zT?^}~dt(g)b4W+0!_Tt~y>ZCy=|7GpUP;T(hVK>c*he%2#(QAI63(oex=6Sc?#aCu zmDtA5s>|@8Yxk^YF?`6}Z;dGwG-)+WhLTS5gb*ZO0vXecE~~F@^6rMA=BO zGxWXSjLn9grFbzg5n5Ld^rh8vuv+q6H~D@bq~u|pCLeJ#y}n-{g3(nejN%%an=-oJ zBS(^akr16&!HBf3iVtv;$#xLo7NO#l7P~mjnWDUPW*`-;4us$TRLl2N>jr+^cm7OK z!NKh1R_NBkN8Lgrw9w$ia>Ocl_}3RVN~P6JgX6D#X_vw++j&MN?+bmF*Nlq#FTfV%|J{Mn`(|jW z1nkYIKmq`G0BDfE9hiT$DgW7r`FG0_1UQEPUj4uOs7{&s=)(t}OLd9v@j9vGzm!`s zLRV-~p=xq2lVM!)G_(qB=Ax_5eTp3JAI%wK%^S%wZFykRze1e0i3%B;lOy|5Qp3g( z;;GGVuogL#G$7-KQGl#_VazNjn8hz#7LN3&aW7zmc@tt8@#I78w;ZS}(9BOHSW&|o z>FFACqW)Nl6Q4wvCBu1#d`&uIs*OHCPdjaB=kpNPT4SR>5Jb-j8LuEFWyh6;kYe)% z)+qm{HRW%sxS04dYz7k+&lPvQ9YB4S>fIyl8-+RF=aAG9fDd^vQ$)lU+(yVzT=&md z#mHg=XoYK@4Zl<7Aj8@C%T>_Q`NUXbq*Zlg1;3fa2d0Rf20xq}-aZg`7}rG{r^6H0 z`9qQzgeYT@GA~JB+$+RuSg*(6U>73~tIyXC*D~D6KyNeL*$46($T<#5j1>v?zrg)Z z7CAX_nXn7&m;1s40I2`&37R`NxY|3onz?*51?N*&owJybL(h5VJU+L149!AOxR*+2 zDx9%MKLa9>Lt%KL$)aEHQn)g}Il=ZSdzeIizFRd{={xzkkhQz@iI_**+ucvp)61bm zv36{(1o#WmEwqrM7c+my9@c#hF7a!8emm`mMjiQN1}iJeS{^ME+u~mNDGm@%H4HvM zn@HSGCOeOA3|>bzjtohT#(aUdSfQiG6kIY7w;}BP<)^*lAy+I0oR)Px2qd6HiOQFc zb!|Kz*|yIc`pW#v4I;ls_!VVQYM&N60HRT7r4ocXTe73BeV;FpldR@Xg&cDEP1O<@=&)`-CeHVQ34=yHRmv&XRC-AB8@o_(onI*7go+f^03+t< z*S3^NNw##WGra_0)28m!$;9se06VJ7vI#V>vBcceuu zQ=XdmV|tkca=K&NtWbDT8`HGyyez-o)K|`qnXuBZ4hvny&jqrBUhEGDmm=f&}g!rz)z&xwvMa#H@ME%U#GMH+L?PqZ*|Ect}PtN+|Fp&iJ$uJL@Hc_rm zIy_)CG@!o?2~DrdGas~Wv##gZ64%&v23W{vH*R}CYgkk$zeS+BP~{sBEa+3@Vc4@L z*q9+_)Jv{ouXzdjf1Ap&^uEQfk~^<_#IATFi^*$k*|kkQvvXW^Ti*r8Xvc}=%V5~N z98}k0d?5QS>KuM^c1xB{Rqa4L3Vro`Xb`R=?O>n{3?p*+vj+l?*OcYG8d8L}$nECY zdm$ro5lxY}n_su@O_WPN{j?~SfNl2e`*v#7>hpK;Zp`-Q{}B?FhO*-ykZ=b=;y-P2 zGkep2AY$Bpl?hqs9O4Nn@C=b$b|ZKRq@ihyUTOvDGt~qt2?G%|W58yC2B$NEHuo>6 zBphdgFxG5hhjT_8+JVb zo$Hdxqk34C_(G2Or{vn570fImQc1}y)ec$`$v;S#ImMXB63IwEorXlt&R=&oP^J*6 z*=U`ET;ng;$B>2@HEC`0Q|W#Vmx@d&2#eh|M93&W*SQm(Lm^t)o*J;Ru7($u*?UN_ITD>1Vv3h;a}$^#v^9FZ33kfqTPTb?NTySe-@%Ao zbT}go=0rcuTK7%C<|?<V5|;{_gxOU;!N`tMDAW$JGmB_o z;$|DKQ^ zbcLu=c$gz8?lu3e8%eI_EKztsj|tm*@EN7J77Y6^8Kv&sG2Twq{iq;$^;*>_=LeZu^A^ik53ylyI2)2&oQI+2YS%n zpvtn>Hz1&ZNO=VNpMpddmLPL15E0X`008nogM^tg^GAp%PF=RoX8II*PJ4@wd>^50 zE}juFFQ>Bq&H5*lV>Gr>7t!kXt2=&k2P;w{&LynrgS^J=&SyA_=?Iz}>3Ww}-5IxX zB9`ePr-L_dzmDa$SPreBbZKFavlQ!l|M%O;b#9qx=RTdo!|bG-ESw}sXsbk(*jxIU z@I)Po->FiurirG(g^g;=uzZ`e7VU|_)(E=%pPdF)YMl01VlilaAx+@)h!Ty>4ogfP zl89xS#IuO0(m?_l;a`YpvZHl~tE>S!-$B1tf>?3K-NeP|PLV>0{`4lG#!KY5mI`v+ z83a$`M!#T6h%^Cf{S(fmaW3u;wuP56#D2kbcBZeI%&H-IY!Y<~0i=y1_4PRqj0dhWN_?=pY8H zT;Fm3+jfD5`u89Py!fSQj~D|0AAjiowp}|jQ!67zD?1|#GiC-ydy5Dq1xW;0oR7N@ zq@~1E007V|006`i8kna8uzZ;mfG;2}Dv~0AZ_{{3zz^US!t%lZKz$tCixC9yGmN8@ zwhI7&IQa1gGU`xn3IG`EN{b1rc^aIqd-$T=5<*^3+8yO$o1GUBMMjd8!+&i+|76Mq zSe`&d{Nf42;i#}3w)Ls@F2qul_voniSUCIe=iI*O8U5t zY_LxH<9wpg64}T3aVA?-;Q0j8|Nq<`DaBL@hlG-VYy82&GC9ti@_zeKI+H_fotT*Y zUp_yvdOQ-(TX91P;`Nfzp(JE|{U<(Q)%TBy7@ zSU&cwKez7Uum$@zq6OT+S^0yYVw%;v+>xso%HXhwF>&U9Xh_PfTBGU$8Ks@-pX#kZ zTxE}#5BjHuD+igg#QyaEQ`x_a1}PG}KlGjOrw%tqivOP~FXpjbCR0KBSXG5M<^u3v zJE-8d*rHZIeb`V1;(y=HWc{BnbvgcPXSFcxq<^g`8N|7P)@ zD-+0NiBUk5`m>;A@+5BVVcHy8g+?>0E`U(#EXl61e^TlmE-J*XK) zgs*|$OHh8O$(eSN15dKOjMAk4K(J6^E+f5#N#y~R#2M_r^ymy1rl2QMl!m#pUcnom zk`!?K5Iqc~bo+?C)U+GNYoI75HtqB$k87K_keA6ev2vKav|zEEakgbq=Edu-qYfSr zt|%j#H>-<$IpX~CtPNcG3h8rSyxMzrov<4F`nEt2AOqA?54r zVlOpZD;gc;`oHYM;&^CBdyF`QP;;vSZ9b#=^+~gf*|+F|sbc6C7F-8{K^TKWz}F~E zdBB&HEXBf;xunbSO45NeG-lhxC*Q^chk1ME)$Pl4o1P~KbX(SuwH#!}nO> z8uLab%Qa3a^$FnG=;ua~b{GqjuwlG3TdjMPb2Uf%a! zdRA=W04X5-i?vRzn!csw&I_&MxXbmgos5}cdwkl20b!7gQ=@N12O(z440`N^ z$Gpcsyng6p3lK8Wp(RM6{XPw8+3-9Oa6OCNHORGHRtpMXpeUSNHQb8X#&z1y)YkIP zA0uSUH!6d`5-{VXtI!@`Ng;yI+WVw7WF@GmcB zS~j)$3Nwg?#tig&Mlb-Si72DFU-H?ln2Ig$;G2Xml3ERuKyRW{vCa0~aIip@9DR_Y zy?Bt4u|WI21dHQQS4(Bjha|W6H&rEP?$>=>MQB+u)1bM7-OCeNxXT3}LlS;gO|72c z$*5LB&D;HH)$(;?j^Aqs!u==^A>t2PMem^uex2t{b#nHx7QF4r55;UZ?^`xaNA0MT z@8KA!W(k?OLEEY=yN}aRIU9D0d*31>s}I?oS#$lJ1m3t@&dtW`Et+*g!laA>a-u{J zgl%Sh=FMk!cg_z6)JeVJ*T2NRE^OV;)eo?=Qv+=u+a;Ayq{f`k=(S}tm|XnDod=Tf zRyW9ilyg&OBPjfg!*3SkLGT5n#Wz4ktD|;+Bvf8AA`Gp6*y){0l;p*_@F*eM^Sxy_5Oo7{ zqCvHS$06>F^B6tBXT+qmn5vj!#@h#iu(AwA@^fLA+wmBdO0|h~Vl=~b(hWMTx14g? zb%cv(Dk0?Rf0iGq<*;zRM(&G*kdw4F7|+4T>0=!=UAp1x3IyVlaHzFmb2xan_@h_9 zw(-)WAa(A#-2{B#S@rk1WFfV_ma{aNflatmkZxfUv6L1`3NVgp<2|3!l+s5JZ6~FL zkpH^A`SJOs4m#SeETm4X*c<582Ie6WxGp7=>&RrvG~C4Ptf=6#IAac1!5cRm82R)H za~?=xlMc>DQP2$n{QSC@{4K#ZaDT{Y{f*Mnz+i@4@iH?KzfFg_u^u85V&R_ac2D1t7cESZoF*>qq@& zChBuWCAKcd_)!n9BgPzt7)`^X=Pu+grq}Kk&)=6aZO&8CANJkS9ow24&b-wuk$z)O zdnob>R7~2=mpc*AQbr!4N}KP>W`jY@Ca%0)3zslP zFbRSNeZgKnz=*Qr!S2)o5Ojzp#Q2Khmj!es47=w6yUcz@WIbriMxzG&2EKS%9xFZ2 zUGe-z*QM=*J>do2d6)$5aJ_H%LE5s2#`nZt7-qdWwQ-ov&TzqDnDayawQ zQpbip6>|B!8ZL+u_?@p|nSii7888V^wV z7_nJE%O)N#Y&*$eFXO1wSca55PfXGFJ;dE}ndJycx>_njsY*1BkTy>Mh1sCf{zx`5 zwI0+Ijb|k7eBSklCvoc#`A6OyR+hu17^u#iRe?|^QJq4Cshly({lTgQEHSkCJo#1fZla1u2-+WSn+=Q;e1*j zaTr69Uk621qD3O=z#6#4^MNr5ML>t*g8ks?2gkq;FVwk8?f_~+F(N@{`1tkx?qcs= z-q6C$a>d1&8ehoA(wR7H2WJuU}U%d0MmoszZAF9??fk zCLjM*s|x}o&}-{>2Mf&lJBKJsjDD6qljW3n3l{YI zr}H!*Kz1!CX*n->KusHu6oN&R{g^Q0kjI+p_@VqO;+o%A^dH7<-Np*^>hk3&~+f+h8g6@Wi^$iZzLsa#wdBFl*scJEKi(66{ zlbague3ia}76~@9txA2*x(Ckg@3a0C8*?Db_&W3b4+Zp>o;gcA7}660Q60K6`A2XM78u&!-|2Ui zI1JkgSR6+^3VCs(5A8m6=Z9XvEt+kTM}TzAwx5~|B<{WO`QWpr;SDK-jJU-5l|fK+ zugZ9)kC}hChV7)@VM2>N!?Ve`IWR&*`>#%-1bpVxDL|?QH?5& zNx|iLP%B0g;(TQeGC)o>y+7??1%_?GxAt@@I_a}sH__Fd=2%5w8hUT0Fg|dY!CP4_pl*QvdP&q2=QLA}kI~ou- z&=iuufM1H++OyoDEoD-T*Bd znc4ZmR7$^AJ9b4fBdCuKRNNqIoF-~&_!*PMBe7g|t0vH<=<{kLKDL`pQV%Y9M#bfT z>RLdi<&Y-iaH!Pm#1qI_LYY};ef4M>6~shicDV%k$hU#o5ZEyI$SaDVIDpb?wHnP! zujfKdE7~V4z110|WVVsxP38cHk=-+e&jMf5LNr@jTj#osdueRI<=2Kl3zOUmkzfa+ z8U;5m&?*XXE6QQ-{HZ?%qbS2lW$egxjHZ_^po=?N)e89-SksRJ!h8{V^q7%1)v&#kA! zM#2vh+`}AuR}usQAR4>e*CCVFWQlBOq%2=zPJ3W5aV`Yn^Un*7N*qC#haqw~U01-U ze^S6vLfNtUK%5~G20@Rgw>g7CPIv4GLM4zpk>7N@WZvatkF?T<+{TS0lkN}@51&uA zFg)nYOd0EquDd~|9Is|9#Zy5*zc7Ot_RTBX0kf+H*H>ns+d!s}Ev+MK=a45HX#)c8 z#soctd{|FWYWPMR>f&*+7wGM)fRPC(k^&PkeWQr%k0y>3qNq2299)>7lKKzuFXl1U zTU({VS}dpN$qSRKs9XEmFGtpF7DPKS`elTc zpC$dYVM4&FnTO`fdem5i4yPA1We1}K)&PQ1^vwc5-+bBUS0X0 zuFdA{*fB*Z>_rQi^|dH6a$ZPr;#zaU1d3Yo^Xta8Z(%JMxWoHaOzQWaRe{dH!1@td z!JaTyk-{}tfKEtDD0G!Rs~VN(t!+k0s!I46{Jvet`82THY5eAQ1^7Df?bb+2dQWFo&J zb$lD%saD-_1J+jgWa^kCEN|4a% zzBOaWc8Hnq@F3|#nXjkqY)-yA&^wV?yL&yu$?4Y_dTKcjM!9ePVB)xcd>uCON zDTjwaOxNB7Qp-N{C`$O*QPE2Sv@HkKL~=dj)q|0Q*N>~1d>Y?()2;TCL`ruNMhT4U-g5)2n=yrX*Rp#Wv9ok`d8LEueLp5);O zw!FK86+WlfD}b<86>&B7exyUuP&9_d+ejN-B+!@H;YF6~=@ywSK%+;0fsgGjugEnZ zcC$M?^3uA~yUo+H`cG~t{x4tzcyPIw`pAMxy7)rOX7Q|+yY#KS5l5ysLJoKtM?MMy zGv`ELftoKeSfTas7&q{f9tX<7^urHgA_jcXK5q^4pgsr~wg0nOL_94PJF@D)M@v^R zaIL60+~WpT=dHjg?E&%!m}}|r3V`f}t!#t@)FP{X3jmu>pTl@-9ti z?8JV9a31d+4=ae%u;P4PXluV1@Vt721uTU@Ny|=!jEoZMPPuvWnsbN7q||jReUe>s}|e7SsG5-QTZY-e?$OcbbqmjZiK&9=X#Rcq{;ot z+rv&0fjd;*GruJ`p9&7UpnX__Uv6MnI6e9^5PNB{{^1_aW1P8q3JzU*glTd9;mWTi zIr+c0x4X{afb}BU<8#UYC7Qv&3~y-B{&jQkK5B_^yHfQ_Ic;H_Vjq+Pr^iIhH1>Pk zD!qOH9uoUIv@W`q*h-FGOnv^$A-(1M0?o@ynO$ek8l}UM9S~ejzN<>Jlg*Z*ul0^s zlU#L9@wyCI>~}dBTmgq*H%BW%S`AUX4%FYVS3y4P>e>Qd7xTd%SO8p1yD9s~V;=JI z(b4fM0ZSUky{i5X&lemr##I44))xEZ$Kb_r zPVP{~7&F$LhKbR*!Z4%VDf*wND+f-oDF{ZAhYHw%EBpzpzYbbHaC5kOaUsA56>y6sfVEr+x=L)Z6OzR`h4PY z$TZWMoo^z|BdiyXnpcda)f(%NwWHDEu{CMb!+zDGQ9N9ir%c~pFT@`nF#;Gk?6mMl zTM&j{q;qV&yE{F9N655>J}$B3HlB%^)wyXiR_D$k?8`vGO}aOh`7HE?BC3})iKRF( z_LZ%z2izZiokDiA%_d>J(3ehYiQE2}fW&-<@3gqID(w`TYT6QT93l0o{y37S6IY*# zu@_m>gl=HamGC+Cg_h5hmAdmV^v<6kE#L(?$iRV&4g>(-Ayl2Yjt-0&La!Z2_UtYe zwJlX)9~OLbzXB`UDu=fL+k1-l^=>MMTes^WRlXqJf_8U1r8eL8{9VLsG+fe=!x_Fb zrsKW0n=BJp#Ae6f1*K)zeacBbu#_e{U5^U4hq=MT=Ez|a4o}uxYvZqPB7RF3tU!x( zzzsETr3YbaFjO7NPFLE|9k9RO_+lRZ>a~Nv%grmn7kC{e&=*GHLwY9u-GcD#PZ1V> zEo%$iQN*8=D2EjKh)T_c?Wz)fW*0eLqj3iKtZ87+gAA=c3S4%*0VaWSAW`DG4488a zluv`b*NHwSATMAIKj4gj`U&zx?%R$2To}aXqnqgmt7Bwa?JJ6pg(vn)v}e>#&h=Y0 zw6}?uwLr3`$4B@~NW2X?BPr6}hUYM63dTzUX0KP&zq3;8xGJ=O*|knnx))}#j;f;p z+taoz4OhWoCnV;|9;@vGb|UyM;!SE%-*MfKFMpyX+H-9&>$MsY`dHpu}C)pk)Iz)M#XnkB?wtpgoOnZ8cH2?-U2$9tqo}d@AmRm6SW7Z*Q z5@57n_^m1qG0|dr8ybV(X@6}s|7iCdCRKsq9-vsBRvkL%f5zgTuuf^c-}bdf+=z-2 z_Z1fK<>OQO++5g`CrFV-9p;u&X{@?$t)*E(^YQV?|Bb3nXM1=1>qDS#7ba%ZbvyUK zdkM`2o*TnxZK@arprxm~<29hu|ZTKou z{RcG}e6z2wa(yzV_2WaKsuWhLW_2La;N*aA(bqIcCJcARl3!2|)E7O5U!LP-Qj8jN%UC^;@_9JduDbbyxvpDo{BJE1?%J`l!>eB3ZaGC z(lGf>Uwru4ae{rk3ZTEBYnXnDSe+NKcYo_pga05QzQ{~9r`6#$!3K)hS$s#pr%F9H zW1aIoMMDeaaC=Dx>nlNS-9}qw_;bzvD3r)S;@g?Hm;&)AII)4D9c8Ie%sDH!%+TVr zQLMi{{wud;pUZrEaW7Chs*Xpb_xK?f45BXU|Eg8W~E|r zh#$K*)ZTep-|^419R}WO`XO1?vDpUdmR}*ZgUg50`P27GwpAQ6%3c?K?hHWSVL-giap89u&MlHe&+tAj^vEOog&6E8-E&pHeGYYiBz6@}&^!UB*Z5+)C~Hdwx| zI6X4;`NkcPdXn~jb3uY$k}K3@Q@^?$_y-bPwLWcZ-y zNNp@g*@1R$AVxzh$;q>P_B)XwcFRwWuQ_)4)AO?ItuE!>!JwKFKoAKj`KP54G|`N; zcx(ZH`2d*5Zv-46l2U*5ww2WKjLd5vC&N(j z4U7N>fsYO66A1Lhg;3HLA-0}VMKq{4=m3GfK``;wSN(5tmG|w%JLqvz&0t}j zXmbrCt6Jma9D`hMHI4FLe?`KUbk*nklGC~F9A+eT?8>^UV7iIy{30mpx8B!Y&yc7Mh=j0X@qXJr}cja0vD83CW9 zzs@=vp(RL=sWY4N3;&J_Uf$xRmGk~5F-&`|{o}sE{CN7TZ(?$jP-y}*?P7wK;cviS zj|^pRx^jMOJ2qnhbbn4SrRNWdKjp0vzzV~Z%C8qS@KgM|^-{+i_)*47^1u9DVF?AF zORD)}g@=uV)4wYiT!yO!nsBU#@!kcWNz01AFHvn9p&~yo+pu-nO@1|+Yk#OASAlUa z>cn8?B=x{)^x~n!T`#Qt>};G}?b8$W0jU;s-5!rNQ`LjkNwcAo}&F;t#cBGwlelo&Fm{q>^oS;fKZ7-$_5`XdF=yq(|AhgD7EX<&vB3y|;U$RpaC z$```0HUAY^>5W3NiS|_1UJYF7Si$s*7){!jsp!@*9jJ!UR(B*?P@V-kACKsHfi2t* z8A~IM1cF8@w#6nmF^BsLr9F0scXp@2ldvLhn&?KzMFC0u@Oc^G-R|SFG2akw(Fh8k z9T&5dd()}JO3Pr7R>h`qBXu?d>W!37W-uke^82jCRfIvJAt0oj2lBGs^FXWAuL9oX z3w1euJ>EKNI|DbC0_Pqm6~?6E6EkJyri89gPZ;||ddquKGD`$>2>gYNMY=a;t{ww< z_OofTq)#k`z#q(!vw%;C*C4Tei!@4-qA+GOa6TdWlm`55f`&BN)vl}T)rQhMicWB3 zq?o@`_0QK02+p2)alp^0$n3X+-$MCW0ddK$MsEY6?g`s@T7_dic0?p$S_b^FW!^$?XM;1G`sgYZWk_7 zD~Yd<-5U6GHA>iTB=_Nr3SaU#L0`H;!t5ySTnc%mpRH6Qn1Cb4@B02yp6T{US(;z; z1z&>R)^T}WhV+R-Gr5im_1yb&Nk@MDoTx z609od9T%tPkpmyEaE^qzzT2r^AT(J-dWV)J-x!z)5PO7Fy*T<)r1iKjJr8UUzxuF! z>Z#UpmP3|dDcOy1zpi_T$_p+*W#neZb%?w_by7;C!&& z`C9ts)i`GzTl=mEm@BA$4OgzDwr&W^n#{k@h` zjm88@C-)$5)L`3zk!&jA0tufh-mIMXA6Gd@^Z*WLa)_o(HMwl*-WB@v`R z1wL6Z{$0x#z@9ZV0IW4oQ`de1XY!EIuQ>Duy5@@^_Lm(dT);B*W3~`J0;~>oZMC1q zu<5fz1mCe^6kY{KZ3a2EZXP|2mg)6lISNL9+c0`b2h zfrAS8oE!RFA2XEL>@GTA@rWkx$(fJwyugFyB0j%#?1!fTmZZhTJ1Re1hA3Q5S|I~+ zyBX*@L#j{s>NnUB&X|)kD;_UC)%%ro=+ z182@JIc(U-#3$94uUy6gPxpEmbf58DL$xjIk95oaspL z$gpb8^8%u<0T)rk+UScNu+1D}=5IU>IC72ADW-*EW_ z`-mN#t!f2a*Y`~~Fwe%@f{Gj~()xdq!3Nhas}tqgs{F`4rz zdXy?96zc?-MgU#C(^?U>s4Pq}|1o3Zil?%(%JP5qwwURAK3Ub`d09xymIYK!qxJU% zVJ8J?RP>bdO9kbVyFG|!!xhepa z%|Na3#GyYYP=LBx-YFkXG8{`2unD*Ryf z10-hgd%5?Uw1n!DldoN!F$#jmQ_p$b-Kc_;ZwZdZZYj!ZywLm&d^E4Q2cAFwU6*K= zQHGB7Z=beV;72kLmcdHs>Kd^y`Q!J%KCf}#brNPdBKbaIUg!|+l*L637h%Eeu8kuvXkFVO{m(RaNfOE+3iRD^iwkm|Jpt=~Plxy^`o0;At=%9^ zA6^qPJ%2t&z;FBg(LfiZ>=B8&v-k64TXD=-PnFd!YkPz{CU@R@n%Z`GDq8>Q4YrFo zw%US3blXrGoeLO56sb93lll~86p_|L9wtLE=>@9N9KgcO2n%)HSc-6UYu~y4TXSYX z^gFAf;^l_;vOl0Sj24!sI#1cc+605tEsQ7brt?)ZVFeWjj=s)8N(co8+EF86%iW{X zUcfDL=&Z^qW5_W+4zRYo|6_b0RI-?L47aG>a(D&+>VutCj-9oek}}EzTl|P9G7>xL z8z2+>{-abQ$if168$x<`fN%zyN)d&Z;d3b> zuNrnZIo3be1^m*$j3`23-o!e-xn-a%O7oTl#x4Y#Ja$J`8A|y)upn_@UXuYqDb}fU znr$Vc6ArQfa0DtxaCG?*2qeq!Aw^XvQ`(j@KRkdb^BY7q2JD6YTS4pSdcM4Jgpt|< zAez+&?G+jt7A=ToH$Yo<#Y{y3(8Y1Lja^$rQgJvnYX@6+f9`$p5t^L(1v-VEHa611 zeD+W;S2GKwMcH4KC%cc6xIp6pkR6Oo4c9En`J$AGGNPC zKb(8*j&gLZA-^a~`|ZcZnWy*i$e8oi@{O$?!)9LAAzYUg-- zfuj`gW28mKrgzJ-x`MTV-I}tCvPlL$)o29AwII%JdcX9W^@{P2dU~={6!F$ik6>wM zcA30wt7nv|`CDYt^{vCB1ARXmJdS^bWehI&9Bu9S0-JW@$m=NclZSJPLMU`9VpFH| zdM+s>eYVUvwVQt9{! z(xD29JwNPMekhH_3tld0K<91XVL%r{`45c^9oO~f)6ObJZ|~*Kw-_hvTcJWGuUCJi ztGX8E-s?AkbtfB<$8$1aF{=IYAH9MVfsFE9EP}7ceuAXzV3onNPTQn zWo@zJ>ZD^~B#)51>C}iYWEW5W7axcT;yP?^~F9AJH}w8rc+-VenUw7(xIIaU{QrJ5&iRi7;g zhBXU5wyx{)+g<@2!?U)Ap^kk&qHkYNfQXQRp&lVt{J}PC>|%jzVg1ZGtnC_knslst z^5T@k>;o{T5)?h2%homf&nQvgBv3N8^k0}C#F|{@=2Nc^KKF#W*?np(MmkLyLPaOK zt9=W8n4sf2&iAWpG;qSldd)WhyAQh3_yoeWuknGE;Q``ti`kVo_z)8x3PyC@#Dv=6 z@H74$+iTR8GX0)|oM$;fk|2k~nX z4#$6J!72s>31PK6$8D}fUHPuIy~=XpLwCe?%BZQYuf>3`CIfN*QOY!6`FV?4N53H? zqF(e>BO;g9%i;oORj0;F`{LN{a60HU|h`wtiV%VsEp$Jl2&8Xa!m> ze9ApYk%;5K^)usXeC5z3!D|fxhFmBYtmp&ChI$$F`o{NX?Us8rhpY<+EWK_-_+RgB zZy#x)WGK2K!{vLH*Se0WP!Qf6+nvqxa}0Z(6d}XI6~OMLO>$cm`*1Ko&mzSuKPws5 zSYK9Dz<4l2EeOy6Fv3nw9+ug%l`-zH9>oavManT(LKIZ#p*QS=WhDR28j;n{sSV#= zu__#nXg%)xr2q}sHL=Re`=sNX*D$OuaXU3#d*fhT%t{ZWM}HQ#%Q5O2M8V|vP=De*M)e{*X16d~HWpHfa0(7l zU*MGrdWk(5D6BJd?HL^SkNvE?8yAX0$CMc3p@IpAOlhZL#r(L?_rVExhXz4(7qm5sJkVeN*4EGuH}X_zT?f?xX0g7;;rs! zPzZ%IJ_=6qI81CNTOFS^pSk^9?XCJCDr=MQu!4jzl2IBOPwCVHHf}1`?n}+pm1=G- zIxY%Qb=G$cvin-{P^!!P{53TLcB|X#SHGqdu5so|xJk(|A~c%4#<>|GuGi_@)u&Qy zyvw@-gO)d*Y-><$PaCeaG%yP~dS5&&OrM@~1nS+DFA305HU~6Ixlt%8CMbGV-`N6I z3?pim>1dq&vu>++pcYa|kBc%&>E-U^B^ONR9Ld1i5HsEH6Y_w9$(A#A5q5HP(3ql( z-k8g>bEwi&|KmD#GL1AWVcYM3yW=6G#G*)$2CgTk2kb>0`oE)~de{as>*G2@iq25# zUpN=j(|lN~2dDQ-cRs`3dkiy>s%Z{@_T5d>C>t&jD%Tj6!iALMerTgRL{> zkF}o97{Mcii2lc_+6&II^4w-WCab3cg01G<84<)j=C4S>0Gm&2IxqDR7V}!6T((l^dPyLmeTRZeQ71$4ay`+|T3* zK)Qo2F^Iw_bdD!1#Enk#?*f94PG^eIkLSZj0eu9ixnuw+g2asGehNhqL1a6E?R{B0 z^}jby#I9GVF-&mK?Sd5Dc4Pef6?> zsKIcqIUzAvdYhK4_AGPFK=@hk`W`6|4IfL^xwmhsl@e|yF($MFbOkCg#GM4yRdL?c-xKb0Jt7+MPZpOiS$k_w_|_ox$nHIMFD zOn*lt-s5^7&(R0?3N~=xoLJzQhO80w@cww!0Nqpb4XsUJ_)1+IOg=zRpT*K zSgpXY9DekR{uyEAak`Fd| zxSy?X(f7%Jp@d-hyFxfCGNR2SJdaM}drC%jV_kXh)ZKCyARjtoir}kn`8p9E<2Lzi zpA4g+g@kr)1_)~V(c6^JSN=*3C{sW(W$~Vua1QXtdaZAcH#QCD5G23s}I+Z@Q|<$LljXWnVlV|-n~=!*RT$u zz(@2eYW?t-nIKahVOhi8%MX3JWY$}2IdVyuIQlb~nB_-b>tYvPDiqCt?2GA&V!UI713fZ=v;?bjpNzet> z2@Z`81ZTw7mpIlf1&=~OQVR#l6zJx&|C^VPXMbjEy;8M2y~SqeQ=~>X6Xj>eInObs z-tGi|Io~*uf%>wWf%%V&cuaI;JOM7daD_o$c4Ls`iAK>ztQh652yc!?YIKMCM}Lz~ zTN&hstbmFSLVimFU)9ji4}MVfCy5T9D<_R>JpPJmO)}BqJ=C}prShip+`4lE4E=+t zOXxa0-2}h49W}!0rGg`6Mwyu3M^u{Vc(#88F_@?C`JMuPx}r(Ly>>oCgCJJHmT&j( zns0rl<8C(otnMp%nAkpLh{{lt_gr&oVpzO64F;1P`XNP8S0Yp7m`%L^*luV_v3xl0 zu?bcBo0M{h{!fKKXPVEiNT|AunVy?(Br&? zE1GbpQ7sOkw$!>iVj$xtz^LhA{HK`h_opBUKavZrNY?!j0G{g%iyitU0%zxYq>glo zq_|brp|)%QZ|F=U&z&qgZ<;mC`2QGB^5rmEKh``xjq#p)A{PZ!r(em z2e~S+7{SApn)|7g#s<$g;6*WX(v7~inB2g!S0o}>J6)QwvIBbwC?g0pY10Sj??my? z6p?ri9rJIl`?aG~SV>jVadp^%)?rAnr{{!jvFusB8f z7tfFC){dyTxk5lxmCI8vZiM5JPL#|vtkLgS1Twng zp5H;MOi>hKTp#y9(M1j2cm5J~)}_S43WVZedQX-vDeMN`W6X9VeL;%LT5EI&ID0aE z5D0!k=I+^8a21AS?z7vaioPx{yUJQfoVEWG4+%q0F(wRb(~pwC{BTlV1SO?g^>27BR#z{<}JYe z+c#CNpgSEtpm50TV6BQsoE4Fy)>8^X%^*M2-vPE}NR4J=PrkywKc~Ixvs>qC+v~1I zQy$G^rT*H%l~cOlnKx9f;>~D?Uz5?-$Ru+RPQ@KI1?44|D%E07)F@a>v^du!ar5J%WV8eF+&7a2G#|+TF4OY%+Di zdE)@)DXlmMTc!LW&5p${UY}Gke9*ifAWHHA3HojH3(2xrC(dd>#XOTB-U6Kt{n6SS zD~$9W{S!;5yLdW2i? z&=6`sQivN=+qvNcTQNS(SR?~6y1iniee&3gXX`Kw_UJ9Zjfz|2pCQ789 zfRX$M#EPGO=g?{$I&wfu|0%20rg+D0n|e3f5c=ItF&a;VXWaGX{Fs z4BlRlTY#lV<^vnW0>dFeLMnZhJ)0u&giH)NS3e&YOt@pKS+9hXr8-WPxLl2>MBs|vHA&u^a-0K+# z?H(w`gWsU%`8;N)TBVf+pHZjXT>`f}6Kgkf7`CB;YnS&o%{Nr=OAJStb%ALCF^Tq3 z`G~;ycPp?mcPJ~`XSLL1y)#doK&yZiK$4LGBdZdIithE(`eDcaQd0brLr(-bHr$g1 z;wLS~WsB?G1`1m~7AD0pQp1pfjfI*7v;xfb&-r@20wN4=(wLKtudOfyD zO1VR+#Q5oq%O#H%hNz&s#nW9zea5$UlT(~rYmLCrY77WiCnerN6p2H>7j>h26vgFW zoj03oD&@Q+zZ=zZphQc-_?`YeJlC8?4HXqAh_&b_9k0@!n8^#ZvW{hjJA#nao=)qL z{U4_a2io}F$yfh~YepCG9>k1mJqvN=>J=s?+D!0<8ENa0kD0|9Pc^m=bB()n@eiW|6&FwR zK0x_E{%lsO9WM)cv;v4wj@71Kr))(Yx30C_ouSUrFu@+XolG ztqzk-jh5j*W#8O3il5J!8$^Rog?AQT>eJY6JSNpZw9t9sdBIALiJ)?Ov%$j*Zf*O9OQ#%xDoJ8kVj?Cd4pya&r6ip5cYshg3jsvPQem} zX6*(RusIhrTk@^mcO)d}kC`uj#MaH{y=}OlwLLlgg9MQUN0eW3sV%a#N(*|r*Gk7X zav2TvKl;Afs}6r?Kb+;UY_82OT;4Vl(v4;gM8UCr)iD1PfgEGKgVphpzhqBbI~yZ zll)N7{5dDpnlQDr<5AcIjbd0U)cu*z$0Z{RkR@>9;~7=@nRrnSO|I5gHrXFe`n)xe z!L$tecvOqu8Xf{YdxK$~V^Yb4ZGUsRQUe}IW}9Zzcd=8BA>8EjplJfL8FE&z54oJL zS*i~oxKn2W8tr;GE&x~i^x(bYYg;hQC;yzdCxK$Q@1McOQMjt6ROi|`MmYpKkck5I z)6+W^2ndZe9%!Goor7Hpo1W_D7bt{it&%K?a1wdd3jeY@<(o@}p3&2}6cw-k_3sVd z7(WdB4FrzHBk@Agu5D4h{*exxYHSAlp9NZ1mv6+=Iu0MgbB_ai!s7|d2=aX<$0*-k z<8g2v9DP5I8>_wT}wDPD6?(m3nxRZC;kqYjbI)8ERb+>vJIOGKYCG zH)85XjqNzU9Vv1-s`=bxs}{>8!1Tryf`fT;YYgVb4&q}QSsc$_1(hBt?0pyzjhD~8 zbeO?cg~UQj%8}ZKtG15jzQ*o)6Y<-gt?0zbeJyFzlF#k{0f;CajM!dE(pyYZCtP_U zY}O!6Qj$xG@UVuR)qw-Pg8EaRRU^jIkzBv{0e)xS{Xs_b0h(bRq@veY%~U%4u5f23 z3ZFknNmfxMyiYl_cO-Gr63mEpQXE77Tu|>>T9*VSon*9B{Z;+N+AiD4oz!6<^em`c zEe6O6IsL8u~x>+VGMBkDeHXWbzugbgp_jVD5bWTme)F zL%dyXjvWn@2PgL$R16SxCTe^L&_GcRz=;utA+`hFj+K{A*a_x#w~EzVidz4vMNxJD zo8R8V_IjECxApTnWJOaTVTt7^XCU>111Ajenz_f%t=FS`k0ICH`*F8?`n3}iO`%uH zcRze{8rHzmdfJw3o*!CVxFL`IqmoLtlyw1(6#&KZF}GMFe$jdrSYcc_5Tb+kpA1&te5@A8hL#Tfb$nw2F;+3JRnB|OK^w~s6 zNVYXBG6p_qTFU&I$q`u;!$o)3Mqps`*g2cSe#zZ3jXEa2S5XP)kL&n~60d>J`($$gEe!Mkx7 zF;RGV(T6?+LNrh_GSc^=dN84H(E%Sn`GadLjWwYx_aqk`6$Z_^@xk|(=aNQPGa5x- zv4bXGo>v^LO=@lUx}fKtxb-ksAt}-QI=kq~I*sS7RTTPQ_d~i0EJ&sJA}-4qP~^+K zPf^t4qVXw9p@8?3`C!LN*VC@^+{!Xz4PNJU9FCroDk|7=4Uk7<2*;S}2t}6mQhu58 zHo9Vv#{Rn#;dM5Tsp*si^C{8G(^!d;(o?UD+B}XeYB0As&@6F^_7xT>vqlf6*T=Z3 z4Nq0I)d+)-jb!3oJg0%f;LyWN9ay;z`4WuG{7mf~V{5r)7t<$mVae?A4f*{aSm2>O z^}kr_oD}6lM(a!%oE}%XS{=}pssr(^9L>Kkx+-e`JVVCYp)xcC*F`i>DE-2`yiQPF z7wBb8`0oaINX}a9#`Ti8sq&5RtCBboe~!gDwETE!ck;PiH@oA#mmvR#qM%-!5&4A4 zeW=bsfzH!3$v8?aozzzyB%P>=a=W;=f$Gkz8@QWmq0vE;aHN)GY3HnHe?J%>pV>su zRr}feJkB3w_n^Isd>tjn#<8T0NrPO@Qbo7n_`ODDx~E-v-GhnDfqQ0yCf+yluJ1Yy z*_dj7o;(wIXYuVE)l5O)wj~J_m6MJO!^=3!t~)dqW%n`b?39z69SICB7F!oL>*%?f z9b;>;j{2$gfZCLsI~3-s&07ARSmpW#b!gIV6%Rj1X>rcT*a*hEor3dM$NeuArQtA# z7Bs8b@>N*Abj-;M<>;O2PW% z964Mvwl;Y|cnd35dx}lB+3mI8d$b@n*XsLNcj~yQ?3_|9G*5&}=syr@&&k5sQAo>( za9qfQ4LCD#yAyj%d&*qeKTD8ro_c##Ri(*H!F{&(1{(^A(godZiR2B(2}WagV+bp$ zus4YXL(WIvrl>hzzAl<+2V-%mQA{_l*=D7+&_}2+sMUGSy;WJMrhzt{2wCq14|h)F zSREqW;HKcFdb=@^1Uhy6VubMTFl@xQV`Q+9Fwl>S@vU?c3K z+2BU?X}lEX;1$k15M$a*&9Xes@t51lus~Q5iadK_qlY&7yJ4>FOkD0xgcK`8DZY43 z|Lw=s{<_tM7JC3RyFeyLC=b`d z*O7V429FPlsS`aMG{IyA9OTJ%Ez3K`3a_-b7}m;Hln*9Zl^jcz(%tbS)!MCb0_O2- zQ7S_kQcj~a($(#+;LF(d^~e4w8WVn0@@sZLS@(RK`;Z|H5@}BsiayAmN$jBQ+c5xT<)BCh*ZN?w zr;iwgT&_UCl%UXlAF0pBkh(VJ_EE_(tW9QdRw;dkQ~NOnN9B+!MgMK>uKKWMK3y8v z+0_T*nrcnI>2(Jv*}Ac#NYTdpY!Y8uz3!=^Wx~1<3)R2v=U;z}pbMN6r0!#oJN<0h zB+q3XyL?ZNU5MC4KR~Z*nwUstsM(;q_-k;sCs^tmH<^%6cMZ(pC2q9v@pqM~0epLP z-)`Ih8|)ifR;KRAHoC?_iEg1Cx;{SN5UCAv{||2?If`l6c<7?%#yY1#3!0mdy(7lZ zAx+;MjKXho9!Sx!YcnUxX8lG6*$BJ~*Mgom@-_~Mj=>(5EzJ8o% z4JAW9my!q7nbY6sU@@%Ma*Zr^;@W*$pXjJ-0hBhqDky%{F&1NkGZkS#ee#P69{@+w zjM1@ALOygyvoBMZS$|^4Q&OV@Eoaa%4NRAiI7Dm)ebwWZb}#K|$8nh=WS$lv5ON z4<+jx8F0#x1Q099eN`hSIz!+%dZ1?C0>8p~5mICg1-QhOtr|L@c` zH_^l2(YcnzSXGdw_16kb?rJh-#V>?mvPl)SgXS|G_TEy5eJ9H2G4m0lL$3<4yXXsp z7&xk=Y(RG;XPgsnY^GeP^x_;femzq@&jSXv$fx-kNj8p=8}w=~;CHH<@NTU%_}v?f zO&Qgt-Oi^{n=$aK;mtWPd^Qb2#AeESH!L)iuRyHzHTe~79%_2XCg==yik4 z&)fM^1bL}JFfZouDDf$W6F}!G`4|Cfhhh3?VbGt*YHso?)lq3=NE~QG@xQP7HwN@N za>MDANuV257rX*T-H%~~_GvQ6tCEIp^6&VNa^%R@)rU?ll z4n5hWBn<=?4K&k$2jbv^cP8&z%f+j!#|7w7khwAGDz~Uk^G2zl*R49}j^<(X(M6mv zd83G)0K#$uNmH5c6(6V%6cwcViW4h3Va>J@!)(l*2_I0i&KxGxi@Rd^Yu?ZCzIo>f zkVYU$qqTXXtK)27#cFZumI%#hz039ZUsFsT$4!efoEyrrJv=BA(! zNSNgLv&HZBRzq{_q1D@L0FW|r^kkLk>svRB$BdneP5+vh&A#zDOb!w=+_F#=ceWz< z$*d_hH_iYOGB1bhy8m0_e%&~BncGJ3_oRm#)TRLiqSlH7$PE-j87b!8io!3T;LP&}I=YqxUQpAO@cl;YYVA79B2m9!ajCC=-{Rj_U zlnx+iej%X6Ag;vhd$wh?DL`7-$m*aNfcQ0HfB-tMwW(bSvEiql4VsZ=x=%`e!V$IZ zZ@M$i*__u-R9;#*uI#M-F_+ellQQ1Txf-mpx)NGTV*fM0*0YfhY^J4WUpFx-g8W>Rz-&=-`Cs9(h-749aSc z!{%bB|9Q~$0)gBU%ZJ=#-NasX>#aygzo=!&;^sAbFwbOVe_TO7>vW#)o85fA9|=)W z6|_xYF@nk0yo0WAv=^xPrXytdoquKf1p3Ya4@kdisy^>z{%3$FcW&wJnQN|$#RAo! zczT2BxnINhn07McBma7hDcm>GLU9Uf#m)~)*VZz@ZA>uFed;Ok3I_$n zZjVC$$hfrR{qv}sP+L)O-1-B-J(7u2h`xIY*Q>_eG4c3`v8_7^a5%n>aQY||%TktN zEOQ6^0f!PeVm_EMait{^-dbMlQmg*(#!`SjNk|EwD;wv}0_pAfEO9{a01{ft2OKWg z?>)eoc$zCq1|jOZj@X9plpJ=Sq_$a@83*+?4J>t6$2Z!M}g*;1ZQ{F#^>h~g+sty!s9t3<=Hpi>F>KevsR1I-*_W*SB;gwEyjpGmT@?sv;m-=ApNYBC z_%lvxg5{gD^=9n6x8kJ+zrqdFp-(iE!sn=*+ONNEj)@ujlDK zINS~v@D9EuG4lCwyGIcB^`fz4jsMY9nH67VqN{fNXQ6orlz+`N;eJEt$&V<_C|~~Y zz}MfSBk8tjrM84F4Zf<%X9KPHNelkm%MOYihpI~Y`I3GLP^eDW=0^##ZcmgF1xfoxExlrT%%iE7fEzQb`1{9i*@VRn{p_d5ZoN=ut zlEb~g!v!XBb+wrjDBmt%S0&6H_YLO-A)B4F?}bpUfdP?SM)IQ8nL}lFTmU70(&96O zw6~qWp$lFfC4kU9e2b2pCZJ(wI@Z=?-iml4{FM5DEQJ)v?$UWuv|m#zc0vGq$N8Qx zvgqn(!Z+9d{oAx*1{4X}aeJqTU%-F4wYos~a((aVnf5(A0)y3T6RkWTVC~_UyR!@7 z%WxJoKp5w15iWqZsj9NgWwIYT0|suJ6IE7t0&`_Hi0=`q4Ag`cGcrVgMZupm@r zyXVw$t>5vR#7kyuse3=V%2Gzkes%jdy0dLu$)tMz4OjNp`ALsN+MBviWq2P=_@u`X zN=Wv_C!l#8iEbNeEUL#OL3(CXji`%*DB<-FAsm&%|CC>GI}{wJJ3uV1hfbUT$-(i@ z`f8m#J8L_081f1uFI9=05tjGZprpBKCaCd%vkkJvvOF&cr(F0Fz}(^`tyIdq5PJPA z*r-B`OsB){+d&pJD<3Jo_S2cMuBQMslS|yl`e!ni6B7beH->M~oiH_8#(pKR0fy!d ztrPp)JzZOwpNAO9cPGCnF%fQ2bZcs&N!tU2zoxdLVA*@Zy423*W^lap6<_TRy1dA@ z^-N&Ezh$*O^1Y^~BMuvp`&#p}m83{oyfji*aWDiLD-Swr65rSJD&f>I|N2fHJQ2jb zi^D9IL^klQuO`Pehj5vEv@d}@OqrdNg`Zm#orR5Filss*VIwGo_gMBQtWp3BSSNa zfE&Zdj$y*h4Gbf+E$m97nK-Wth-|sMBmg<<9t9Vu=YsudY37vpB+-YprM317#~(WN z+zcQ8zj$O+9EpPi{P6LK=Ly6PFIMvCO#*wKg(2!62NM(A*D;9}&ik}-b=GT0MG&Wr;^SWV^afXY{bmp#j7`0&h{KfRI=iw& zHaEh+rkTFe{#hHWx-OK@IAuGpZS$%Rd#}rs$yVr!;Vv1lH>bFj4)<|Lg6eCLp1HfD zDC8i5?c{jR8alPQ75GN@sj%G~P6JnvQal$S!75KI_G{_7yl3vN#$QIi*eK5#$B>z{ zRL=adVkoJ-bx#5@<=XMa@rxc$pm5XW(VEKD9B6cXk!UXETZI~y(f%+`i5Y>|Wl#KQ z8~x%oHK6)c#4L(3n;VDfQ*XiHTT0lAmkr z%Y^;Wxh!QtOz_#;^R;mY8E)(b(C$D0CpIy-2XNJ+?_MBSA^-q-Ly1jS<`+G?IAz$d z+%?t1KmGlPr+%CtC`a+1exL{DF3#r|r6B{+?VaGv+ez2qSrrKA*UkpM>RjDi*n4=m z9jNnuB7!CwBaeflosl&kL;$cgbHJ@tiwf*%5K(hzCwJo1q#F>G?1YwHvGB2nPpb!I&_@UQu6xR@(o)K448U4F323 z!><|mzxEvo|DJMuE-w+%=3E5tohd_x1Y1gxNsUi z^L^sgKob|$`xteOKuH~Urt_J%Oz6Dh;|l+h0t5ITXqZ33#`?4P6+Nl8V*WNd!?OK?!|9T=W+7^WpGm`HfC7PT(ad5{eYd&9K(@3?wE=U=b@=0H-J^Nwh6Y+Q5?xgMUp|cQ4+hii zpWdHBmOAV8%codLUD4$!KIvY|x9MNqA{qE2`eo1aH)`7QS}B~9aOawiq1et?*|gLL z| z-S?yF1Q*|M(xf>?+-N4QKfO*`gVdywsujojHhZ3|ADo<3_qC;ox;b246IMh$NI*6( zjW#W|4E|kTtgQGvdAz*{o>gh9+;AiK_h*O0@Zqtqt&k9@)Hb8V{qbPS#qi-~N*%R% zWR($>avjUw4mHj1HE$ehjp7%XgTJ&vPr9{3oi{%dy`eLCb0ux`!R<7R^!p50x0t5~lyYFvb4JX%zEABi)(G}Ru@v@+u)8BO&i zMqx$Fk8KQ9>%A95Ta9-VGC@saD+?}WBvmg$NRoLL5+r^tMxk;C_UAQ^NYeDw5!cDc zS{#yQwnSn1=G*yU{k%&?S25|@X4)h59cK3EH%}oQ57(HE#7eA{)y{PqR5i zCiWsMqPzNw>PzkPZCxH7(_0#PfowK|0ax=Jwc%fRwXr`(-kNwd=wLpz42ZY-?9t4g zwALmtZ=$w+O>R1_JJjF(*jq;|X{`7SX&B46!d9VPt=rCrIjb&~AVqg8Z#z$E>HQ+3 zyChkf`jZEN_$cXhV=Ic+$6iHg%>h-~8=GtVEGg_}xc4W7{Gx(U7||jMtm8wC+f`*Z zE36BFY#(EoJwpN#MNNw)l!HgoEmL*}(4gbMY?L_uv;g zTTQFw*QYl>Q%Box(EeDo7hIEttulV8OwG%&IKEM<9ebnLz?$J$uTf9(3bY+kPPlR{ z8l7}WQA7Azvr<}iXI4lbv#cZ9@>0Kemd((xuIwe_d_7fk@-VGx-M4~r;W4UAEoUm$ z?*s(sxnhZdk2>zs6v_xipH8gkptM~|LFZC8OwopJSDm717K)$e)6LwJdM=DbtiSaK zq{va@2KkDJ@HcVH&5r!aMG`gpYE5#{8+=?VPfgn3D`k$FIw-1DCeLR=RG(USKTk{9 z1^KhVto~+Qmd%1SA;>#%7>9@5{o4ybAADiv1a4YXc(ipoI#ni2dbGTthh#h z*H7l!^6-z4oJI_GE9k>x>*iKl+Y5-!HgtrPcW6Ypbey&RMWB576eDj_t#YQ;{)~se zLH%z_3<{xDDSwu~4)tpL0w}d=^|}SW^rYJ+SbwpAn%rLt5#G5EmLESgoK9a2Hh-Tz z6bA?1|NmvHts$^mY4CEU0PxDP|MMQd&t{H}A8joDd$VN?#5yWP5bM!<@*$WpgM)Ng z5y46K1gEUDaaO&0+RM3}b_P+V7sg+D*tRk!@vgDeYO2VPfM;x&r^{6&{h(MtMMKDg zwmG+?H7!M;*Hh+C_*TvG(x~`KKB}$Qr{`s#^{T!vjz;CAwYfdq*_LCxQ3yb&bw4)zq%hXZS8Y@kG|s1w73a_5YJvxVvdMXL|Eq;WTHHyS^)naSKuHABoOy!rr2JD$AE+ zt9oz6dBbni5beH0DzPC5Cgc1$tQ!8q@_tlb-d1e<^qb+Ak5f`cS&Uz&uodv*`*9w! z_F8L3BKa>@U-B!@sa3Q&V@=f2K~)Y5A1>^-DVug*J;MCBRC(S!ZtvI{z1sJI8Ze_9 zZ^3R#*$U4rI987J=9#v?J&lP*VkV_0iOF;7 zUPavCWw@$BAC)G3wa$S@T|mJG&`Q6@~@y=Z9hq-UFqA$e;%oGj%2#QuNL^w*ho+H1;{Q>aO`RN z!r0hibSNfowW($maoE=XS9@O_RoAZVjk~*3w79z#EACE8n#$JT{AM*m=)ZW5_ql_& zBOpybrXRp-tIIHi%hO3|WDSC!R ztac|OmDsyc-K`tge;R`Zn}J6&fCW_r)(6gi)Q5t-jjhA~s!}pO2wC(pAq0I5cn-<& zFy}l~YU-nwu6t8u7^JN|D2Y&mX=!2^`ShLpWRB1!ZXJE*yMo<4li@{W#-b^=m<_J28mU6w9)#wTy z=;U2O9OBjJoL6X8>e`p4)>t2c$v;~0?QkQI$cPKK6C|K|N5$9Lea>Yi6+LqI*Dfk3 zRh)Rc^oB*sf%G7h)5bW^e)zKO=_8L1W3p-8>`TGwmDSv5US`DXHzWR!LiG1%n0v^; zTKdm1+?*53@BlcU?Tr29dTMJYD+7Q%a1{S>_vnfCX!HsP#v1maAP!Wk47rj#ekz1F z7WGVysgfi8=#@q&Q84)mt9B#tto&i&%bYHiB>&q+I?a6gm^gi`SaDKhH{`DclbFZw-!|8p@TKrLbjK44sdO*b~Ntw`p)ALIr=N42bHm&O7}`qAVs5)=)}B@;U?vZr|!4l!ROi zV=8UZ4jRys_ivijDafOcj{@y@h|%cCa6KiYaEEtAXj=HOoDQG6VPnY6xE7#bazM2)dP%#$bYXA*FX|MiD5Qzu1WQq%8O( zF22?#ro5gN(E)E6PwO8?B)>vwQ_Pr0Ot(!|$%eXF5b>7Lj2GTDAOaWE;!XE-{^mOU zt=|c%wv0^gphdIg35pG&p|r#*4WSoZFaE5^@SsI<@(ZfpsvaAxs7{_FHqy$N`?fx^ zw|PoL8dyut)^0p#7n-kiUa&3}Zg8rB#Er5eIzf@X27qh07=_>IxiSJAXRIdf# z?<=){Z2xK=USpa?r*dhtmN`yBo3?R5Edg5AzuBA%)hN^)l-Z7nv-#2 zG;QS8{&Ve{CuW4k^w(?$EcM^zm2a|&Uqh9%ZAQc^IBJ>*R8$~l4fA{4KCdGSTWoC; zZGAi4f;pK+ef44}P6>UF%0G44=QD#$o9wA!?O`N!@~NL@N=wwvbm@GsVv+au3qKM? zIVJNglc$B8_7juGf<*26uaiC( zmx4=6n%EUH+v&Q(_O_lgPWJbeHg60rY_0CTs|eAy%8W?4Z87nWfeS{%=*OPwy?(el zqz6k@Bh+UIe|>VeS-Z1ioMZ~nhf*>Pr=GSZdWZ0t4oTw_vUJ4c8~Nv8BsdS^=}x`t zX-$KBJ0Xq-k}shz<0BvtJjCFic4o-O!{Kg-GsqT*u?*_8&DK_O&74Qq;;BpcT?TKQ zme(2<*0fc*Oqzi&o3%CeREJuN(Y2_gHEmX|gGT(8wx!m#FEj@Ti~eoW&==usT4fz? zvc)|>nOOJH&BTNWjpQz${AK5(sE zZxpPOtvV%Gur_Nilbd#%;bW!ZVKzy$d58J_a-u(WJPfQ<E8N_Syz7srgDJsYDz0g4Ld8FR2Egqrj29;FS6_f_lD9idyw> zKEWRT_J*3BN1A#V)SPNh7InF3?u4d*t)#fHz9SQUTQ*|dr&L#%oTGxuWHC}IBp2CYUa{Xmiw{Q>$TL}E514D9aNKn`Qm z5-I^SgPflyld7B;JGbt!g;JXdbZYRPPmG!e48XeH%<;?>3tdb1Ndr@+F_lnh+CS8A zy=ADv&Zd#^DW%~69dnZ0=nJe=#vxOW)~itN?PkEyH7SGQm39P|wVhjC#ra^l6WO+P z@vC%+Z)aizO+@WFeH2Qq7N~<2$JUL!FDVVyq8Xqz&L&&Jr_#3u3!QLtGEAz)l8?(S zU`2(@YI7N@o*JXeF7844k6(17^-ucRmt;X#pP*S|G{1y`bgqq`S1E%uosS)GlK8f; z24FMz+PJFU(_(hf^Euzk!fc)iX1R}Pagv?|Hw7?abdi&%LRRyD6+$s$cD2Io#k#v! z4V_mDOt#xbjK31ThdZLpulmp_eBX#__ro=c4SZdQtuB&zg>BSGZ%`}bu%uGlTuSL0 z>gna2i0g&-Y9)1E2KP3LHtuMe8H(@Rg1e6MM2{_hR|3F8Wjud@^1$$Z!%WmTJ0N1b zGYPvIT#Fvb$b7WeRrffHMO{P(m-)aRa077{T!|`K zU^&AbwW#3Mu;_x=@!!w{s{VxjE^$D}7W8Y`Og;PPmDv_q!(+clCt=}DoEUKnV0 zau*nA>d=i6hr86!F(&Qx*YY9%>4RN|lx>Xfy(K%@dP)~EYGq3QUUYFE6IWgbPi7$y z`68~InapZb&`(l#*Etea1s9r;X(nhtKF5*O4w7n`2B4rBTw9**esOUhpMy(V^yUb; zFG+}9RuNHEwNyxmkml*A!cavvmYK#l7pfjA{yD9inUW2oxHMQXKvLII-A|Gjop(UR z*HTz-Zb@fRzBReMk7_E%`i-olPOCSXY8hyOhnQR>|6Qhza+w`f8kD*(C9MpF6p3$| zF^)SsmDi#k=Haj_7!wao5ybTIURVIRZO3r3>o%Gf*!2PqE16 zMFiFYxTcX%0|N3xaB{J+H)3>fbh8Bfv9NKX{mx;91Iv3O^$D3k@Khkbu{)LkMhtHbQu}R+9NT4!qlQR&- z$ji$ai{nv#3Ft{0<;t(pY}THw|8O&iE6YVHeW}_$EL|TWV2Vr^!GQ~JmUa2I3O%Ta z(oU;8k`ly}Fa&pWsrELS^X;O9u-)Z!*kgm7xi2-+CI-lu@I7LPT_tmLOFicesRU!u5JeNT5H0U`W5r4N|H>au+Re~}EFP?|0@to8I1 zjDvbJ$lGQtg34a?uV+e0v0^>3t}0M`)nLH?r8;;F6}));MEM=Q>5zC-^l?+?!B3jg zV9TPFd?kOV-}r`lHr-wNxkcYB785=lq>FUmR6GDGpmYa~7v%_i>+98_$^S;7~>$ATQ&KzbnH>0Kh!zn$*GNPCdHId*Dd;DJn0ta3Ji6Ci<|7HqCq3Oy%p# z-CL;Ib<|p`5ucbzW0vqZKKD!deEe9KyXgcNIYGDp(Tt9$FFgf!K2p`Og%#u8Vqwj< z5P8}#nqC-vCDlVw3yp@>F3Sv)!kBCVDnjuhm~8wiLUkgTj?TsY6UeF`0^LUZx7oHA zQQZXSpmNT7Yl=~$3{mm%20v1;MT^mx5=5X)aV5PG-_h8{i86#$hLGzPeushAEzl_H z!Fl#<5r}{GEbR}pXnlcJ;Md?b!B1^lXYvQu%@1`=Krf@HK~?RFO~PbNEd;ftxEfLb zB%)}M3lp9scM?JDLpM4$f0~cm4W;{5d^lfQBs&+-|Gt90L|j|^P3(7 zVmyhIEi!OeR!==W+x<~7yz%%VwzStFW^D4_%I8O;Hb9RJpvNb(`YrFas0h(Q*SbaK zV?h^}OeQ;IfGz+2xi*an0GjNGdv+6jcu4y#N7rnc-|HDR;@|arZh>H@ZP7#L(yD`-`K9P4FcI z>#3r^z7pc~^>&STF4)KGSL^HEuEeXgQ8>nMgSVjV24dX{>rB@&n}Xg25kB`Nn-s(l zMKM`g9!F;G68_qQL<}r&VPaVyTsc|g3>g;{!oJ(wH|vo{Jmz?f6uT1@Yxgnfq}HehDll~!re>54S#^=!M13hq^26UTB*#l1IsH*_byG@rQe zycz6*j%VB31`{Xi?S^vxCAS8#c`M4Q>(2bdN%(@Vab4JH;BtNyZPLXf1o@ebNLr(D zmGYTD1I+zW5B6|8h;FHJcGV<;B5M#zns4Lu8ixgKvNs{4??D|)e0}JHUS|sMF$F$c zAM|u!ah?OCK{+0o3BfII>v-VCl(D-&E-_7X7+Ki1b!2|^bEG*DL||1ZN~cWCeO8v zffi1;FeT~%e>Bt@NB#zXkv}YWufB+a&Y^Lm_Kbp)Zqi+=hh@@3ODdCtuI=hun$h

6G5q`Yu% z<(w1NTWdueVNY0}@FHk=Da}SMN{e2K01K~$?%G$I%r8vR@7wcM)D>)@+7{^9`b%^(k{x{8* zkf++Un4)&WYT)jm&Y|mTpu7-T#VBC(bD;c?ybw~wU8|DCD3J6jFn(Axfp6e3ox5y> zgKoHTg*~uyg)x3S^$H|^LjDzJzQ)Fe-35(CR0tkZI41~>WJ);ksUP%zf&t?O!i{AH z!YNJ(2ceke3d7VZ%$Eh9{lDP$#(Vzv>4jF_&NWe4#Vo~qtIJw=eef?hAla^i_x&x*cwJl9QJ1I_VK9o0g)KpYg0V= zstx5Liy9>RssX}*Ccg3mCw=!Tn;FcbLW)Btxz^e$GgyXz_{w}*CryEb9!Bx5X4-L_ z0kQ};^+t}d+=w>&dVLuF)x=apk;BbOPfHv*@YoEOiX#3ewz4cnNEq!c(^nZwsI5I{ z_Ns-3RFR$eOQ`p?CgO+Ed4!<-MVL_X<%DqK)r2Ea=2Wb7^Jl^hWO^mRFmfv3I4-3m z39R!dz>pN28Wj-;VCe8t^rk4guU!$IFt;*d?rL#xG7H^23aB)@XqOWIH-F2ZUxG4u z{~d&gno$hJbfzLgWdbCMKd+Y%S%^paBO#4a5`Xl0kbz8dm^~Txz~hfv6Cc@%-!faK z?C|IZlbrcm;%vv&=^rv_v6K^vOGEkZn8Mnt+DGHlr~daPSv4(*GIz;cMy*!ac`L0} zYL{0a_b-crcfNUA3I9*)uL4=u&q=cXWf>LWacY_8{j}USA(!BG15ruK#ecKPf8-?d-xhJRk@xKdQ7`#i@c?+w<$x@vC}x#cDlhTxM4$es?Pq&`?92x zDvpkqG!+W7V@KS~h_ToW9;{S!=#4|KZCAt0mS8}~M8;(9 z08}#mc{{Fc|~;B_WM;OMMSLiOl^;xHK&C=4SW<$h%p*|h(2P{#*$GCG? z635)QV;kHz=1thUH#rQ*kAu7euW-r7j1W~E_i2|F%i#~DDly0NB7+Mj{!}P=;a6O@ zG~jJ6oGi@ncz7u4?dx!GD_lXL-!Qo=3r*W)SI1&r$168?99QFxKfu#XW4!Qgm0ouo z@AxQ-nZVlNEUkr0zsWmlcy>+eIG~%V_;ONC*kay~KI#ajsgTJ->HdX}I!%eaz%1`- z4!yuV>&z!*hD140LTbMJW7JH|YpH8d(~ao2KEW@=sGo)xJ}e27zcV+O99ZZ>f9K9{ zaaZkhh|5b(Yi>V2FfxZu>n`xEDv#tVUok8LJ~FF3-ywI4U=Yuvy!I<<#X1=dsR=&C zkFN)^O4y!l(dJZQq5>V{$q&mmvxTwc`MNgb!_vHJ6fb7bDVB35Rj@m{4rV(P}XE%`!4K?Z&L@00d&`VyuzDqpF z>h2|QiZCkEO|Wh$(%gG!Wz;@PJ^oU$)TZ|E7*=as%`O#OIt|0_VaqqEc)G=Hv1r?X z_nkp#9+X&$p_`|_+$2N6K(5K+noMrfLG6AMebUU(gT(hCmdKaDd2=PF@9ndKA4kB@ z#2xEbE&*o1>4-`h)Co)8&HYrq=rP)ENnzLdvAIAe<>W0r9ew}j#1VTx4&M8ucyu7| zSagPTHHiVQn%PKLp*LKLMfgh#rBUNb58J(Iik`L=M}?;2O6 z&d99{IgtXpROPfH<8|V0n&smyk|XITGy`*LJ()z+Qrb@MAoj?U6;g-6bl&@Tld%c?;z{v$XoTd8Q!6m z2DrB9^wAWZx@!?ANb@z`Ej!23Y_&2dJZ0~9%lkyB6u~S#9l`Xy4Ja4DOQT57U0DHe zynIgA<}XoYR}gTe5YU9sD$*HA3|ZDP7MKH+IJeN5)n)CR-`+P&ka7?`j2SHWvu5A7 z8fc2L-l>^aO++sB79WUTv+BwvA*<=KQhHQuzy;YX-6V>=L+2FBinIQ-SU%*6_&c?-L;Ui1 z(?Ywd^gdJ^zY?}Gv&Xxd!_|S<%hmk%xqfEv{UQ$PzLZIFGw9zTt~;$E)6?%cf6OP@an&pWC{Ns*&*6Z7Y}x(Xvv17 zyT}S3F3QG`9K>t7N1+wQK~D!~8@-S>KQa40jcgV_Lr4oQ0*Q5_p#Q`~MOkHC`dFe& zQ13I+VKyik=!)~e>AIfElB3b`1TG}y7jH#5>}S5 zr|}GVr52e56KuHww?mh%eeMDp%k(Q<5)vK!+Er+&`sMYbiphIwx(yv7D*e~;-Z$|7 z^rhBpzb~2qzu`4-+ZOF#U&`3V+EGQ{z!LCdV{tW6I%b&(W$kdIWIortAl0@u ziH@r&>-jo60)qZ(K!9ezWjcY9c;|}> zc(9I?91mrx9p2L9oH*>;(hRut7-j=mDnuteCBC!`fVZiBRi`9-x1 z5@FpZ6rf?nlzU_mKinF|!3T;wbFDD5l-w{ATn-Uus}9v%1BUGU=`%5>Yy4@)#;_88 zi!D@XW3jw-bviXE>ebULbuCvP$pomR&ABAK>vI%A$rI-*E}|{2$U*&GtQmhCy=X;x z8Cn-Pa_o@2MN>%?c13&Xh&&%@1Q&J{<*r4p8b8&@jC(j*d4C^?f8H%go6i~Oa(|GUI`vi|BG2I3-W)Jo*%7@6@ z2jaI5l1OL2W1Kfh_P1!qigz$);1&(zn@1}8m8kcZFdyaz&*8Ez?hf5$0h%nB4_^@J zy|-7oJ21DR;%8cUGB9du?umJ*vZcysajlP8Pq^L`T_`0B@!)2UmerZN+^=0cTCtpd zHq+Jl)|ZR1`;9nJ6TkWvsG0Vk3%iLS5&gcv4&+Dof(ilyYGh;hhmruJp^g0?T>0uF z1SnMw2r$b3-zG9nQ9c0JIyYn=k@CMzA+cscXgHeJ7Eeg&YC69v8|sjsdYix^l;`^jnVh!eLm32pExeCEpJB-^8zTjIF;qa|(X-B& zN}m*BQ>#i&1;`FJg&Aof+Ld`lI1|SSCY(8#xP-bVwUbbV^fesq$odhSt;7%sLzj{q zeScI=mAhDd(r$UO3NeojBvfPGeYEyL#zvS8vQow8yi^&nfHn1`!w!d?Sm~tBZ(AO^m-cTS%ykB>+ zZ|%Lkwzit>VRE^2VL#o2pHuTpcw9QS%9Sd#&x90gmRs&IWj(anHOoSE zh50MzV!in-#<;v>%)5{BI}N96(Ovu|>T{`WC459<6SeRO!Q=!FM%y9rk%5Y?7^t=^+6U_qIH?fQgtl^qa;*?FBq#9A0q6x1{;N24pE_x&)%F^T z4%v9$BbpGaa8^~&MyJ#wdee_Ay~j9|Ew0$8>KD1bKCYu;@vG{FjIprmp|idkL^e+s z?i0mw=tdK$>i46n%pcqLrQgLR_7E@=HuvL_@xVF9cIw?J1-p$ldLB@UBI){poLZox~D@*b-uLL2^e^4AVNwT_>~nARMV zA|en|2ucX+G%h6ub0Y&=chKU#Fl_of5q)u(_yoNs$B$&An!H%Y?em0|$-N$Uj(W85 zk4?c*klVcn7(xYX4n)AF@KXa$*B)T$@KXqf|Znn|6Ur6hCNEP<-pxD+CB&N+=S7e$~Vy=Kgh$tWj z<^Awv4j$e=(9M7`-9?DoxOO1!(bq2pdwzmm_ED6BDI(vdVrd+QPCbDsX;gw+gW535 zvG&aJ^_;F#$HLtw(6#syqyRrp96W_5{w-dPs63ZuG8b5!J+UBXY%I8<>PI7*sM01k zVdhQ9-i^|daM)Ih>sg;QV3+r2hX@Kr4;1?Ub^MBP1%x6W$OAjjKQtkKH}6D%q9(xF zQCG#y7T}=$qmNXO{yPDpSiGjMK%5*<6ab2_znC9M{>e;#@X+tTIK<8zW#H!UC-Xn` z-hU#WfXBi9*eV8!6;4*bHC*XbzO1~Nol3$Vs*#Dt{`Dfz5sDBs|kVmg%%>e@tkRK1`uV9c1vcJ$)03$Pf zMl&mY696-Vt+mPT`TzX{-cKrDg8w4%`+2;U|fcsJ}@3dZOWX_}|rWe}X|k z^x{GONjdjF2>eZd^;ZJ63BMEgsm=O3mEW~Ef6}Q={Hqjy)9L&j|GT=wPyArkziQ#% z$`8MTf1i{81nXA+1^#V@{yT-==ZZfmz}Egn;cqj?-|>GJ>VKj^KyvCqK>kC-{~i8! z;p$hoI#AX6-|)Xgt>4jqACG=T8?^rV1^;PuQjmrOb^<^8FLaPO;F5-E`w!QD0j@dT A5dZ)H From cb14e15518f23bceca518981c5f235d8a02e9d04 Mon Sep 17 00:00:00 2001 From: raaidrushdy Date: Fri, 8 May 2026 21:49:10 +1000 Subject: [PATCH 2/7] fix: add generate_pdf alias and correct default dataset filename - Add generate_pdf() alias so existing callers in evidence_backend/ reportgenerator.py and evidence_ui/app.py continue to work without changes (maps to generate_single_finding_pdf) - Fix CLI default dataset path from fake_dataset_template_ready.json to fake_dataset.json to match the file actually committed --- security/reports/report_service.py | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/security/reports/report_service.py b/security/reports/report_service.py index aa23368d9..c130b325f 100644 --- a/security/reports/report_service.py +++ b/security/reports/report_service.py @@ -1190,6 +1190,34 @@ def generate_single_finding_pdf( return pdf_path +# --------------------------------------------------------------------------- +# Backward-compatibility alias +# +# security/evidence_backend/reportgenerator.py and security/evidence_ui/app.py +# both import generate_pdf from this module. It maps to generate_single_finding_pdf +# which accepts the same arguments those callers pass. +# --------------------------------------------------------------------------- + +def generate_pdf( + data: Mapping[str, Any], + *, + template_path: os.PathLike | str = "AutoAudit_Report_Template.docx", + output_dir: os.PathLike | str = "reports_out", + base_dir: os.PathLike | str = ".", + image_marker: str = "[Embed evidence here]", + unique_id_override: Optional[str] = None, +) -> Path: + """Alias for generate_single_finding_pdf — kept for backward compatibility.""" + return generate_single_finding_pdf( + data, + template_path=template_path, + output_dir=output_dir, + base_dir=base_dir, + image_marker=image_marker, + unique_id_override=unique_id_override, + ) + + # --------------------------------------------------------------------------- # CLI # --------------------------------------------------------------------------- @@ -1214,7 +1242,7 @@ def generate_single_finding_pdf( sys.exit(0) # Default: generate full report - dataset = args[0] if args and not args[0].startswith("--") else "fake_dataset_template_ready.json" + dataset = args[0] if args and not args[0].startswith("--") else "fake_dataset.json" template = args[1] if len(args) > 1 and not args[1].startswith("--") else "AutoAudit_Report_Template.docx" outdir = args[2] if len(args) > 2 and not args[2].startswith("--") else "reports_out" to_pdf = "--pdf" in args From 92228ab378c310face3df9e73bf4aae78c1340bc Mon Sep 17 00:00:00 2001 From: raaidrushdy Date: Sat, 16 May 2026 23:52:28 +1000 Subject: [PATCH 3/7] fix: patch report_service bugs and update evidence register template tokens --- .../reports/AutoAudit_Report_Template.docx | Bin 0 -> 78252 bytes security/reports/report_service.py | 86 ++++++++++-------- 2 files changed, 49 insertions(+), 37 deletions(-) create mode 100644 security/reports/AutoAudit_Report_Template.docx diff --git a/security/reports/AutoAudit_Report_Template.docx b/security/reports/AutoAudit_Report_Template.docx new file mode 100644 index 0000000000000000000000000000000000000000..0bd056cdb1e022e242a5ef6843926560265b5045 GIT binary patch literal 78252 zcmeFYQKjHExZfR?lUW|Ptmh1jd{5lu zKiuXhnnxFk6x<6cx}JFC$r3Kkzh|+mLk|`AP_Gf(Ho;^+Np@NM#lx@lDx;C2$VM9B zqF4h$;=;$ri^f9(R21E&MYRsam|>T51XC^E0=IWo{4fVyFv)%(IBH4t+brI8BD?^k%)EL!SKS7la@z6d>!`6aXfqLvlcnI5|BC_wJy#2w^wu0#wv+3_*T1o2MlUg%EPjIsN$;#1m z1nNf3H=D_;)xAHDVZYgaUvclru*9-{01#u56Y3%5K zO!;{XDr+hTY^PDnPY~WvTJ1Ik9(z`~CS_x}1G>>&L#K&`w(w2H7Ry5oM->C^KN!-G z6(K}Kf$`Whb8Mepo6R-G;t?$IJ$6os8OWQtPa{hs@Uz(PVKeIVkXo1LREow1#fi_O3K_+MeX@_Dztm{>Xe z{qxL~zpYrMHNVqddDWQXHT!;)5Kk{8C|>1a-0vUM@RwCd^Uw3*Q_ypgbIP{&j+9{10Q4QqC;2e;_v0Ci_kCS*VtRY zzBBBm%T%8)jm+<;-`98E?_%HSsZJXcZiZ|;Aqmc}H}B2Yvk?Nw;iL7+EzDHH{x6mW z?(Fln?p@VkY@=&sT``RCCq%3ucOPaJB;%mKZn&TM*88l?d1 zCMJfiK5Z*=|GaQ}bvh~@a$p^SuqMP`BgHdwMRqBx=Wv8iD#2paI0}clqUJJ(H<#o+ zBgwBzih|MP;8g`rkg|Cr|1P6NLN>2jHbx-F^XDewL2TJkKFIwBM0K0V)WHaaqke1Sy1cBozX63W z$(Bk*wrfb-#UE9@*y{?@d1Vmkz@ABoYuygwsIGoaI!TBEcQ0Xj!^- zw*NXDt@tFD++qbV(0|3u38Q#{Qw6e!u!=GOrC+s*9UiQxMolhxn6raeDR-_oBQ4K+K8fN?-7x=aM~3oaQ7 z25UxftR}cD6qKBe7+kOUehz9@I(C-WMN#3_EWfLcZVjniXDW5&zdge-1(js$R*F!7 zuu`}`3*%$uEFL~0+${7CqY>K8M{l9DX=Q-j!q@mHNAKA`uSI@4!W_I+FJ8r78GB+P zb;_;iARa8RgC`l?^(#B%qlJrTEAm6-`+CA3Yhnr#hl4Nr{0S2DV^U4kS*GZ+h-yn? z>g%|O)w)0=NW~N4pB}@->;X)YzL{#$mGb-%$2y{pTljnFnJtXz3MlxWwLpGLV6fiINgHP$XB{yBMDN zSbdz{yUl}e;wICMMX#kJ=HybgLsG6tf8jCWb{EE|$6&Z}O12wN3m0BYz{f3i0CIQ{ zz7Z=G+5iq1b97&(Xj*0B3P9tr43jBkl2Ju#Z7t&F-}^ox9kUwMZ?JY2@q_!>e#FUSo&XvT#}PeWc#1 zom-DcP>kT2lI~&C3>C**j6|Nki7TQjhJ1EVcknz8gX(A3d+J8~CP6`NXE0~uUIkyj z-ZYwpcP!? zUficcQfc;ZFh;a$zct}n`?7rc%49&~I#aX!h7jdp8))IXIYZkw{CgJ!mC#ThPZ8s9 z8H+bh;P-8>w(Dyge&W8SCYwjTN8}d4cwgRmPp&jbT)H{KC0v3ik$*x1K^HF1PbGiP zb^V5G#;Ld^9+t2XqIdon(DSoFj8z~}PdTqgx|$$MoJoGSf-cD~1Mji)%vnkjvRkxo z^S5HLTyDt%g)c^A@ot1VUZG3RaaG#&7RR|CcAImMUbQu=Rk15%?Ti>Opv{8z=f)5`t##$=-qS83+N~Tzn zxHeSP(df1jy9xtKJO?AYbskeOi@lXIcIZyFP9A)#F#&ar_FR}Uhwt` zumVsh?%~=GxNmI%QfE(>oWgu7ryP>T?vBub{YfyqErhTSh99?w)l1UP*erz7DRI?i zi%ev$ubn`cuitn3inmH?RpM6K1Je7X8tR%~{lz+O2Za^mdz-*ymbAr+t0n8Z-|fjj z?(TMKC#V@hGu>s&1xp>8iNOmZ(Iu@xLp;Ywj3iex?P)`Q6i^K6|PRhN^=8}mwZD=h#HfUij z&@?BF>DkHQ$*QRP5T2KM_vK67Ejsk)1hZwYny{wJ&c*6xcZ&_`=P z>MGlc)a%ew&mb-H%S@9vP80RZ)IhHgt@2KG)zTOfsnm|vkWG~pz0S09I@YSGM0dE5 zFkZK172E5of$!=?6yfF)%|2Q=+tV4~GEbjVqIPSV3E!47on!27PQ}aB$cFUCmI&fI zAivW%OOg3twxUSNw6*hM7Ap{$A79h$*I`B1juOxF-OQYU;EZe*6>cQ)zVh{}ZVH|o zk%;LPx<>z(1Cx{&!+_M?La8nvg>2MpDKDuO9|b(Ps1M^G0#xutCYP1UCC@evqu%-( z?3Hz%q^uY^?-rAoNYNyVKL)cwBCSN|xOG0;GpZshGcS!ng`i|D>N<80b9CTuAC0>_ zT}?~Ab!rGx1-6&ZFIS-sI;vLGL19~g*AX3>ZLl3tg}YeN)+V`!)^+rVn=9M)^E6sX zE2&h$f2#H|?boPe17HIyBh#(B7zH0as)lI%=j@uYmueEVjBa=@FBz@rJyYr!WQ&To z^S!Pjd73`V)@>VL>9n?%Dx1MOuITO8W=Py}Sa_Ik zrcNf5x_1?))sElKO1XMq?VO#d6rLiwq9((Dx^-JKHmX~W)?A&=cTt`xNxt$_nrbGt z2Jr0454V&l;q9u1RN@p|{+O4)&OKgRdW|tltu9XPUkAA_aEB+EwUca5!`1!p>&O zDs@_B4^+XjZ_rBZ{5YS8niS~V5=dW#7Av`Tf#iRDO#*6hb;64o)rqA&T8 zJn8coU*>V-0ugzLEh zYma{ll{QKpX4gt!NRz+KVMyhEmSs!N-Q}EJMbjh~5s9RcVupjF5Hj7(L`~OtG-8zP zw07jzaVnMR=2dlR4&gXHlv_xlg4%KvCu60jTZR(eL}=ZUJDg5>$ydv|J+}~^_I>Qx zWTcw!TodOcH4LNTKmlQV|}MJVnd3+J?|U{ zS--$!uZR3al0zGl{fV!E`qWN^i)>cl$&n{7)>F=(OU!8;d6*I(jp`k*N6ETm;Iv`Gjx@V_c#OYQ4=`qJ$~LzgIh8L4 z=Z;e|=crOHmL}BGEgI;KlUyWx^e^BWFlARYtUckPphb!PWxY|XU2Qg2UY(y5F~K2j@hP>#c@ygj(P zUDxnna8eX#Oqttz0T-4tY>#JC)iA(wx;p3YH`88aZG7t*Cc6ysVFYHbmW1aXW*!15 zc4OLQZ#3y$V6!uab-8MfQKut zB(X4%OGGTr=zZJHimTUZ!`MCk1rLIG;SV+L7? zti*_;N{U9{5q6Fgg`vToeohVd8zKGch|Dso?Bk2~C39%I&};?T`~<24>4EA1RCG-Q z!LNdX+MbaJjo1twaT`rQ!F>~2eszTS}9C>LG2Q#2uYU^5>i%P>3$%VCv23uib zd9wBl2b5lDgpjfQR?V=4nsBIO^rh<0V-QWaAA>TZJ(4~{ERk&7eQZy)EZ4wfzF8HQ zBHnz>8DmpNy_rw_$1!&~Mm%v-#?cCIrZ9f;*u5;_$aUvj6dqtK>?$hvoHlxz7<3i4 z_ME92Me$-jqYNuY3QDgrW_kIg6iJqB^rjAaKn&+qkTu)&GysW>TH$w zorJk?Ll8~4X}xQhX3L$jfh{Pe)(caeq5c5~ML1=~?aJTfxs7ZNVpp#QCBoN6#f2_2 zRijCEjoJ1aAV-Gix3*4|2bJ~OLF^59LjjSfIgT}3Y-?7Iv<}(kAbCiR3~CWc0?9WNyGAz zDp%rT?rOnfk!OYO>duTG9ZD9-S*{So5(a?3tmi%2_)2K}F{;W?@rernF>*Guq_{G= zae-0~it=^=3M&1#B`8bXOE>YQZgD8|97Fa_ZX6>+j^!n)^~w)_@8JRBqMCwqIMu*K zL#bR2?b0^Dh}{wtPWgr_&d)<*XFj7~7%s!Rp8twgPQ^vVgyUknHw+sPNCr!YldZXH%tI50d#SUr4H9l+mX#kP27xXcqhVQ0!&r<4DFa2pz~ zDzkK7INQ6xpF_M;% z9Z}zBohD~5AGHc<7LtA*MU+=h;Cs~n(uyb}!RerKuN8%lm> zwp_f|?xXiI#HceU8VZS7J=p><(h@~NvkcDM*W=23oI9nJU+2{ElS{Mo1n2ce542o*@e(T1vVyQek zQ2`R2$%LxZtYaI#jk-J5rTlEX1^M$zlJoq9R1yVF^mlP+TOsbdkZ(dkNM;75;c$|MZbwr7e-`rY|2vsO2PbBXSe=M;2;-Cw2MG3pibH1kUp2qdLU4%aa zcip7Aw*brn;21i#{}6-o+=fU9vN8=hnt=XTL?+hdqn(ZA*=Vl>pQy4%sseJ=9>X9I zORmp}56bl+=j!g{ToXG2M$F>F>B>FfF*6D4upsB@659}_a;#Tdl#@!r5+1?0ZQ5| zI4oT(5nvTg+_fWpgZWozw$~PLp(^95mQK4NJtcgy9M9U{ zeiX8nDu4-_E=FsipMA|t&S=<2bQ1=)OdjLUEtbGXS}b~&lu6#9Mgds#m#JG-O=xOp zw6XRlDgrz3T3?Qq(`|=K)v?$}5mRSXJ8fmGxoV#DNwi%RTByf{g0A{pKL8F__B)>7 ztv|~b+8Ar-rMG*>-ObtksveY#Nu<-8EZtRZqe%lXI54&u66a_guV#yx4pBPp%SRAt zWNtYk>lUo16U)WdGe+^tbD4Ti z7w{tlW!rkMo>Csp5tEY#U;Cv8k8X*i8+g{%6+2V&1KL0aRA~>@%iTs8q^lsvrFM71 zJnFb}iH&ClnuyUC>h@4Fr3KnWlC33Y&og7}RzNK**x&CaJCK@%zO+H0j^dVQ>bnD*bVW27r(~c5ZdnyqT^J2PJ?3H`V&4=;G zS=qk}$zNKPB@XlED=cqMs*?`SLU1%k${yP+3~6@tgZ@Zp0=CW?1GdgUdB(q1b?m>< zvQfg#`Sj2=t+Q6LJa#u~vtrV5U8Z6+UA{N|G2F+~HG%Y$a%-Y);G9)yRleV{RGG#; z!4o(9DO>5V7%K1F^vE%Mo#eNWJ^KxQ6Pw5$7 zyNp2oo-!V~7<4HJN}a0i#u&ZO46W3r(9=J!RcbZ4mvp!}VQH|fT%Ig-;GvxfLgLDl zdX4&gQL!r4rtrRQWKX&FkmFbD$>EJS9!{bWC6Z(zmspyT0Itw4Kb{=G?9s1cX3$9R z_4z6Tr($56(n&J16^OY!vNd$?si|v9wUA^K((V|5X*7(|)n0^gm^g%SVAAYuZPKb- zI%uVn^s11JvSg}LiXzfM=$Eiu%g*Vev^m(YwXU%JGxqaAH0N|=k)pe7-m@h3tU>_F zSb|e!1vDLe*@?3(QN*zYB3Xj5!SwLDs<+9uOBsfZi48~=jaf5NF{vUS6-!jKuZSY# zlSgCM2qD~$)95d#!XdJGlkY<*``>GE8JbA`-CGAc%RnA}S!`Iqd@jAcaw{Bgl2@@9 zRhImVRCb{qjC7HeCrgu=Cz%Xzv&J=&!>!l|SDBGEBbx3t`*nwH{Vk}IDQ833U{hJUv+B0FI;JVDbf#_`Tuuhv0TSP5@Vng5zL7?;!zJi!FIYw^! z0upBGjO8^E9w4Rz#PtkspO56FobXq~^ezs0_5O<4BB4BU7iyu3$t-i|zSiH}%FT?0 zCNM^2C(j!JD{U45)pmMfeHdx~GgnNfuFLf}5M*j5YIAP}`WzDJR)96@*a>ZQU;gUL z9bMnon9s6yYW#ZkOjAjer~}D(*C-EH6FsD1?e=)Kj>Ei&$Rf|H-Hkrz`(ojtVwef} zMGZm^+ToqynZ&6Ib=djmAtAOJkL%XsiJ5GoWlw z&%Q-H#Lth)QIuss({MEqNJ1V5ZT3(IYQ=OU+TmHPJ7fl)s1MG_wwcIgL8lQHApJZ0ZhIBD@?o6s1UtnD%78kZO(a2l7pxZXm3j%uh zB7iawCmKM+FsVZ~L9}SmYTpYyU#0ZbsSJ}DJ!q$~;KPcfKn`HceA2~tB8^khj9s2i zhLHERfDT6b?B0wDIWb}*yJpi6=MTi5MvD^#0kCM)aN(Gj_b7o-4EI<_M(zmj*f1P< z2hN{e@H{@xwx{TK&=>uW1WOX#+JVM6*>_V0YRg?8|KF^zCpk%mItza@fddrYV3ZKl zW1G0*9OnncFJG>8c=o>^A_zCwZhVk}6og=x4@HnZXo8fW`>!DTp8Q{N-QJ`C_;KNR zAOv#>L;8RAC+iu@Dx}jRX+ihefcHGhKO_NeaI1J>`N1ACp^k&Wj4?A3l5g=)zKU|r zyNy6o4a_=o=b>{)Fu%ih)|xL(=!bF~6iT_0bunsuro<7c0x7}`_DFFleW~qd`{_Cn zZ;zE;5qLVxK-XFLF+{|&Y03aN@Cd*^#KmGz1l+Z|lH(1-IbiE|eRrsEDSvVkh!W|; zSU57&Wl{@hN;8RYDSP4k#iCId1|2w|9x;Y}FjZ1X{oT-KO97hFV?dybR z!y0>WzrCj3;~?s}^RmeSAtbA-!(!fEqCc4hHq#I)u}|qW7Jd?jJo~NkP}d zr|z*Sgu!mLM6hRl+U-yeDr_4NRwRg#wP=EUvdD7RJOcK(Zc6q*Z~*}HAP8`~(*(m6 z&vTdl-eb*?5+-mbq>wIf-|grgA2#JLstA{LsL!;#YJ7<8&2z*OpPYM~i~oI;yu&#e zLcYdm{0L5l+GEg{Z&&jm*9QjywN;ufZhzC2EHRGOZAlP}e%Z-J==IQ1bpa$dg;kGc z5jon~B$d1W7P>gAz0+^5zqEg<>j!6>+sh+a0sjS50TUU#$$2w^(R z_tHl=`I;J0#_hJ?+Ga8RkW6rhFXBaiJ@qZK7KIQ^m4+F-N8fOSn6jJDCu;34c5>ndD8K&4?Di%a& z>U4%0-Jb49AUtFgg}>(^(P`jGFuh;>x7k1q2AM^F&y>m@l|RN%LC(dVW=hA!Iv%UV zB|*=Xwmfu=NGQl3r5vc_QF6$}+|{JNy^6WwJc2d-i7n32jLwAf$;E+u`4I{s{KdxX9zLG3TmLPS&%JK^NT zQudKT{2S%@Xz#X~v3PkTR55|)c$$Y7R$g601jP?z@l642`JkT0!yVNbY&o&eYev+sW_0Z4jR? zzrNoesC`pcx%XN6Vfl@oXIZ|s=#Jpw_=CtPRpfFg05qzYL)W$M+=^eW_6t^pFw=2soIa*yVNg&gC(X3-Y``=HdvogfVhh8!VP<1N;;SBf?P!{iQG9yVGny`*N4G z%MQ`LbTT}RR@wCIL0qps#Vp&A52mn_cPv^C_<0}zi~MWU9yL(W;OBzm)mUU<<0N9w z1t0=ML)W{wz~h{!KmwFnoVA~FJrR5%dDL&)50#;R3N-Ec=-a-rV)gPw&Lb$q?8QHD zXzl_d?HQS%>nJl3a4EYjQX@TL3p7UH7Gt~O$~NxHXP7n&vhtP^36k6x9ax;3J3UVL zfbRLgcKK025E-2h2tw^b1v;UYw^2LtqV1@;Z@9RNx)69L2bU8U?LxePY||;_fU&-L zhi32sPo`g2H`bU_A6PHnN6VAwDLIgktttS(8HynGuZ$~YWo2^mqmMop=h>xq5K5io z$I|+lXg&tzDq@sXyc>(Y)xE;f^aNAZgd2ZVZkbFYghkh!h7Hd(BQD&i}XBh>*)tG|2`mRZ&C ziI&xO!;!+0O>rXuR6$PNU`;5OWrxcKP(w=?A#Cy-$yui6Oe&`pcODfvLnhdW3K`U1 zyagJBBq?K*qQ-g@Ggb}D!ud(0UGe5#B)%?^QWQ;B*Pc5MJa@aeUARp7D1@ETPYCgM zzAZ9jE`gR6c-O`T_6wXpu6E}GH-o7f zV^WU~USg)AqNvCOdlCj7?2igw^X7io+%8vL(ZyF_0v==Sw;rp{AI%%Bb8=Tc;iMuC zW!CG&#B;h|LY35R-c~(OYqu@QcGu;|Cx8(a_u5a%)`yGWB({D0qPhY(bXQy76uTa5 zUky2pdDX`8YE}FFH3Q8`0GRad6;PBYI5uwF=QW>gVd`XPygC-(vXD!E2Nz51<46DY zG(MKC$5yS9gku<$qix{J2<^6r_@_*_Pggd{6tM@6_gaADh(=Mc3C| zpll+mI(KR@`^}0t-bevO@34UhrjD3$=RS*38_OLVbxL{{tFU2b^8O+P|4PaVC6#OO zw%_fymm$lCfzy*=At(Rd;hHB-@E)R>`zE^EJ|N?AJ-^Ix)J#JHh4C=%4NwioKuo!5 zM53hQ1w|Cl7hJ0{-Cu9rl%?TuEoXNv>2giZ@t`Hg_E| zNFMH@depL=9zi8=r%YlVH?!fx9h1?mRrdpwl@XN4;Mtt=_5S|Z!}M`K01~`NdA@5L z*IWF6fC*_~V9s)L2hlkIxp8x!U-7_>cnqj?oIn*9cS7yw|IkmQ&w!4%ff*+ai9 zPP;fVlPJs!-Ypq?5~1dyv>Hs@xFGq)%~Q_*UXMsti;3&T+?Z3x$csR28Ye@Cnr2Md zdXR(G`BO8*RZ!X^D3&WnmD??UwP`F_Lv}D>@0ZMXPzdfbsJoJiUlzn$Lk5UH(q`1R zdfK<^L5ioWTARg zt*>}w*tr2n8l=;mB7)z*m8G`0F`S3nZ2IQVLUd@c>f@_DIy~c7v`=GZ>FVbdIDR<1 zvm6oaiYQ8jLEgj14cgUmQcj=(Q422OkK3nk!F6e$bUCAdKC{PWke(2@ADR+&?)>}j zm5*24CVT6t8sZI5luka^G}|y2KQM}f40w`rpt330r&@lyvP!Rm21_gTa!1TN$}4o8 zc*g{i6z$|}q77M$tMp`}`x}>BuG8Bz(0xbC;xrl5$2Y|j*FyH*DxIKt>(YJh{T-_~ zI&v@+URJU@_A~Q5j%EEaLnlxXi3cYay>Pc{Kkz+++Z!gl=&KU;y(g`n-cOwf0bS35 z2^~LTh~935kA`G%_WoOZ++u|Xmp+ceMIJEX=vKdTRnexK*T$_t_=+1P;q8rNo#C4p ziInPRo(SKF-21aV=OlSn9=%dqkZ!GGaeP4U4iPl<7h-!?pXhgH!RZ&z1V7lD<%rhX$Ve%U(Q-g3gD3!`6G^gd>BF!a@R z=iPfAF4LEH`76w>ES0bkMEp}HJBVUS!34x$#0xU!hIk2#>~SHO4QfSZni~n~L9NCW zqG;;ocvJ;QWcy(uCz523k7y*zZo3LCN~hgZ(0VyJ zwp~9J5^K1kM)%}>1m+o0wAyRX@G+{v|88J`S4?roVWFphae(FUj z{u^>85xwulJ1$C$t&_e=<)ZGbOUv8FGC4iWb}Y!SdiU#%?gv`d!wJ_Z9=K5RwP3x! zBw>S@u2>)xyAU|<+NowFU7aMWffvwynS}lqqeR-3QUc;gC$F1bLSw)qEoO^<=XqR; zkXpqNDR?k9I0#A5=y&dge^L;V-Rw^V(Y+p*Z@XE`icfydRKC4aKFRVQuTgJ%J zUb3o)?vxD(+fNe?k_nK!z%%M1$fY4%LrS>@l*Iqse4IgdPx+?I=ePG@A2)GNnDUwN z>BTW_&Rl%fe+fFEPTM|Q1QuZD9xXaPm)aH19=|P}L~q2NHDy_&>7W)V+#_tuKy4yT z_IBDb_PilyDiZ$Au3Fi(QB9qtogcLXmU(B`$D_4)YuaWuoWl-hCnBMTTP z?s*BLC=wUArLJf0fj~LllhER_Q<`y}8}OBpA$U=aT=;8U0rM7I7|IV6xpbK6i9M#h zulB{#n(~Rh6Ki$I&iLiPoKCAu#{FveKFQB4@@g&nx->u>kKQ)o4}V{sH&yN9zaMnn zMjmV)<^Ve6>MwJ>D=F+OkaDsETJ8SfRUSV3an=6(a_HA#r1h1OjOOe46nlo7d9UYX z;)4I2y?kit7Gpsa-s?7Ua>8iv&~$LZAX@QcL5afm{>oWLW~8B&hlzGoHNg&AD&l5X z79XZIOwQYWJ!Nz0V=e#T%e&F>4%6Nd01+xJEDi zwfRR{B^hPk=Fk-z8z8XUQ-z}6)=?>X-NZSNcA2cFfzs|38&YmPlsmjX8(?DWu?%^Q>3S`v>#a$D!jbUa4!%)&PCi$Gfe)!K?3W-8PkXHGDMCW1_CP5@Dnz z==B9GVw>P6ydkBNuQ&cZ6Sh}JF7osK`0xv@p7>9_lM#;#?+cHP8T{9vcjE1i2>Qh! z`QqObU<^n?MY>pV!_tuIXM9~KFOqoS8WyoX^?7JKo+NiO98W}C54{-1h=n|AhK7x$Kv%3uNOs8SyzqO;$K^L z?3S?h2tew*Z%;1=cJrg~=y|_C<6marD|_L8)um=p3>oNZ2-jge!B*D583DxkJq^uw zon=#;>#8&9(8l#n#BWsDlBo*0O6oxQZd;6 zmcpa1j&fs*vxHT+iEEImb7M|yb!!qvouH6w46#3A~2CjL?pn? z=xKE5O)DB6QdIB6tXjHDy;2^?I{!RT3Rl?9=DN7mZ#AA<;zRm@X1n*Slm$_`1tmi5 z750!sG>~nxDY)daBgufx`?~ICZG7+Lj@YfLldpkzl+c}+&YhUvpxsz_wiwp&8RCda zCb-p%l{F0xvdH5A&3RU;P0AaLVOvI;FT2Uyo|}gj6^VZs)QjFBk8Na&=P3giK-8Z z3h&R_q__d4%8>Y-T4;HqkfE5HbukWAidB}=3U<`2nTiwT;&uC_@d^S>iwmi_{4Y;Z zfz7m72B8#ym$Zv}UMiyykw@pCdgmT{sw*iL);gLe))7VIqGV?aq5AJY$yfm1PR|8W z(|lHLfq_F1B107D_2}E_vh5W6e}y^S9^Qv~$j2JbC&6!)d~iK(j0L)#25+QB)9O%B z8_<1tF1OD&dbnMx(l%}BjFx(&##ZrrFLk&bg0Mtt_uV8y1@%x75~glr0*Be8MK|c( z(xuI!vcuQeI_;|4QXn2trZnWA<%%N#l8u1%=S8%Te*n!!I`z=m z{{TMK!#~FN)ADinWvw@`Lkq_S=F4i*uJ=Y?N~F(vwwz&Lj^-@?AVa9m)|Z>zu?T)iC_G*Ps((*L!#wj#)-ILIEah!RvmdeFI1dIkJXnq z6{F`OhX$gRQJJ6L?)cjvn86jMU$Qs=p;ar0$1&_tlE}G(SI$4H7Ok#Zw&J}v@1CX& zer}pH@kUU(-g70?>i`(1i7Ni}I9E%~vj0O6(euP!N*RsF&hM$M-nr-I`oJ}O;(MCg z`PRy|##z2waW2`Hbe>FjR%{;*iI=tuiOCcJ;ESvP3IRe>{6eGC`Qpns`p1?nCn+WM zmiMbE2r*2cFk&t@p8!kBK%01z=QFM>r1j7h)NL-oB137(OwB&aqK_IcRpy=KWR)@o z!ya`sU#eB<4*2sJyivUYgJ14rF+DkvOM^zDo+S|fP11Mo6TYwS`)gn6sjq3Xt4}y@ zif<>AwP}Pya9N6FWrqxaxSHd&byJHJbuT<{SRQtLS`Md?1t^;pYSV0ebz*R;mv?5m zGwMalZFq_Bn=-`Nw_+A1oXghAC^V?XlZ{ePI5Iw9hm4#N!+if^if)XvOqn`Y%Y3{0 ztJ{1Vx>c{fuxfpFH0_F>Ti?`zOV&q|9LgfXWAW)b+yp5z`t2tmxapq}4X7bgBK6 z%E9_{pJC#lln&n@z)~QoX9GyKhvpn|YiSn~W$QJ^tNxI@iJ{Izxu+_V8= ziZI}f3AsKZ@*nMeo4t6Qf{O3Eki(OBnNwqpzq$H~4&p&9mW$0v!AK=H;-|=&9NMh= zN$J~Blav4o-V%|E^FZryn%NtXw#8i=hK!TT@pBmBzh|!g!G!*-m&`#}7XTo;(SR2i zsI#)B1_@kkgW5F5yYu17MN}s%C%Iop8GK-D>u;QKywQKwwb&0ar^LUGp}2xk_O^`qFOgv^&qEpB(!=p3^$icFAsBi5fe%)t(sLm6Kd zelcVzQFPTZ2yS#oZLXWzp#_>`On3Yo&;v~`0XRUWTVXRBKvGoO{3alyL8V==5}SqQ ztRFShk6yGUudFk9=Bc@|W&w+`DHRkgu~tFVmqz~6G5 zla=7WhI@QsE2TAeW^E-q;lS6e)uXlE4m0}9@(<#jEeP@ZTgmHPnDgP{l|+#-fPXP) zv5MG5N1jKZ^w$#JaSd~1I9z)hWVhgnZRDCRovM@M5v6FleZ46DCPv0*AR6X)WhR+~ zJjS@Z=xv3lpK|iUHO$x;<*boJQk@TDg&U&~qg3A@TyA-zp>>!cU0y}#atx@GhYYop47Fgx?U&*9-xeF?RAT7C*4>ip7-eOTsq>?Hx^)w^b7Dz@ zj~z-Q5mh`qtTY@n0M-_B`WvX7xQ5%X91;>NOVWa5RpU!LRwM`v9jfbh}>ihv3eD% z#nQJ%kV;@G>sluX5ut8+wQwRJi5vKl2Isi~^d-gGOmub4b6YWeq|4ccEn2+K(&_+0 zA}Bi{Xv*{wO>t(*e#SZeTh^9FlA7)80Sz|*3QI0UIR1xG9nZN-L4FbA5K1MjvVUwIhm4S5z*HcqLm})p) zKgkYZY5s>Gn8FOW-wf&aKS@U@$YW$+GTe#@g`%km@)*Znk&lDJ8Dd2!2zC&^WH~1) znl#XQW=Gate6^68Lx{cI?~^HMr*Q57b?X4@V#yYNin1WYy)g24tlDT#4Tk|1qEg`X z*LL>c=BG=KICsy;F2gkbW9I0TXqZd>EJclG5sjc;g*>oTLx7r}CezBcbN)|WVYdI| zwYA0GCW&{1jJe&Hq7^@W1!rkSLlAUs0^DPYuzeA(!!dA9vLDVM@b&4WPXwaGx2w-P zBRlbDxcPO3;KOD7da~?pq?H=`oZPQ2_JO8;Yj0d0lSc0P0aU9Cu8M740Nk)0k;r7! z7t!FcNGez>W@hGsH<syCH;nqUZJp;RG2 z&BdI85sDu#+y4FzW|4q_l_jwG`Coyxry?a>w~zOniBe3H-KkjmFXHPj%&Bnm_sL8l z09K8Qz`y`FlmJ2%pAeS+ry0skx8R+u|4Wu~(q9rp$UA3zal>@~rC2bBHfo5Fa?_+g zGi;UX|7M25%zrb3FiTsEB@z(QOvULs6PA>S{F*kj!t}J6L4p^V!gTIg3URb05g3fS zYdV6yD0L#Q$M-9 zbL^LY(`vtl*ycHafo%RY;Xv+RQ0s9R7Y^CKdmAaoxC7ZTh_1Z`vh(nt|AROknFzrs zxLegMoL(tYR~6#_N2WLX4|(c8Gc`XLp)u z;%Zh?cgA+@D$Q6yZ%o5&UOH~436Yr(r+Bh)c>4~e{?YS0S4Y|>=3#8yN0#sJ!=LuW zX6nYUv$Q18!I(174=k~Bxx)2^z}DLJ`Nv)K_VV^CKq588g*8jYJU8M_TP`=c;k6SG zT7kK_9b=u#58oy|1hAK6Yhj!|+vKlszljgBx^HZ(|L&sGANN+79xF3uvqyE>x!Td6 zSSidZ->hv{2Y||MfO}MqlwGSD{x&`tX7Zubzf_&HKl7{J3~0XhkbAhwH?#Qe;NCcB z^*jUbH4Cy|PTceJ(X4*iC&yr4HGQQ%I@Ewe*9Zu9SuOQQH=7=`xpyKrLji-_#j&ba zN9e+J^fA>XKJ{C-Q(fTE4TECBop{V%7O`gu?j&LG=IEXm#?J81W{BZQPFSdDtgbaSK+k@U;gypqC+{3yuPGgGDh|P&9>x)r}SR&UlWKl7Ng07qHwfTbOXh(=(C%T1y-h+<2 z)aPpvTi+*2L7)%~z9uBs1w#?iE`Vsdi>u*E!=~r3y zAc=F;UL6CQ(|YSEGOUlEN~zVnL@UM%ReMW_9-od}LintZcl?X{`offZkc!`U&Xazy z%I2Ko7JH) z?7SplvTnG&Wu>L^_ePa8-gM4tqe$l@g)8{13faFv=_MuLrJH?pY#QXlh)eFA!?B>* z$L$(x6V?f_oJ+j}<(lbF|Lb}eN}#p67v@+0jimzz6kWEJMJK%}?HJh@;c~ZKXlzd@ zYC&A7-7x{VlPj-#Bvy1I0dk!W{2U!VTelB>jFIT4<`;wf8$`!(?Xhhj!yT->rb6yJ#Y* zB*7VvC7yzaq7d2y`y6e~Qd89Kj-Zibqhj9T6={`!Ri+I$+605fNrspdwWm^YBdn_ z0LxYo-{#|y%1kN5LaF@dHyqFsS&I}g-n33;bwZ5)Wk(t>>9RB!ihbl?rlKf;Nvmjs zr;FJO;5Z}61HQ?e;spGA&=HZ<6~)a@h$lLl3j_#m)4y4s`d*q#m-tg5+xI5}>NsD@mwaSj|h|1EbS^fjK-}$+X4T0%7)NFeOd2#3tyauCu#!q~qmm=IUXUeHxD%CP zD)EHvj?NbteWa8G1J$aHum+Q=DIp0ANv1Q7OI$ya zqQ@OlDR%~$bP*u=Pl84?waww@3^l}-*Rn54zQ6>WU{;d^1=8+3T=1}z8hPfXDp)yP z^${xzRSjXvDc$*tdxC4>?T(@gGsF_*WmZ2 z*#|6>Hud4nXNB3K!2vIKehlOEg_=l*r0rLiA-4mve4V4@im$yVpAHO^C4fbme^FwM zK3UP`v#N}z?oc;UTpzEilLzD1tG4nT3=3FHIB>PYho7O1IIWP0ANtP&;nvw4&44$hgfJ)+yII5*&8t1nDm-nWE8q{{u@B0%}M8yf9b1LJo+ z1C{vbaOwl+@8O-|F4>#1{#3&`Tva+p>I40CUAGLmYWgj)EZcL@S7ZbKa(vR|w?%Tt zk1L_WbX&zC+BG>9VVbT7CU|>k#EX9IZBk?=hjm0>m8P^~Br@%b@roE0OK_&@8ifXS;jDBkSi)}R`vi8q*LfRHpq(WY{u~j0sE}c{ z@|*eRV{BIBTs5MZD5ovKb;&=%d=-)cX(F-ze$bR`w_eAU!inH|D6@lcSqyBkh5T-) zY>>VI6#8IOJOfq^@<_1xGPG-D$qY-K3hM{GTNHDYfxL+TCpZ+Kwi9P3x0m?E+0BCJ z(qKt|5wuq$jSLAP;Iy|K5~rd(;M&LyXlIb2*Uax}If0AXiYYvl?gErYdMuVlrnTtL z3@c+8Ms0*!Z!v(~b|DDgM~Q`<>`h&UG73qCa~o79LsD%6U7P2tIfHFUu|JV@lg?Z@ zP73@n!LW%INEc8Hn)srAKnyZJ!7h$K3sC|8L72b|#KT-B`F540;+lJTtUWq32kE7)YCZfH z08A+LdtQfV2sMn+iY&Ac zYU;V1&oDl@2u;2d3aGRK%YR0_DlFhCaTV3xH(YwF=K@0#vH{1KN@&KCD{6+-=i@bZzGD+k^zM&(haGKsGzfkEvnh&gYkZxlz^CE@ec{UV%h#bsxVt#oG8(ulF2 z&{$H6Rl(BJuxT7ct7lKDF4z-GiH9>!pz69?wN0XpAVw+?4ppFCr|$AuNK zD(w#ZqNxLtmWk+z__Ghg9uCZuc(pc1V=ec*2N_QLt&zYyyGouo-u)83zloDkDhy>l zd>c>=%CnIX#H<*Uo{fr(D2iBaREesi>P0a9r(+Cdz<^}0IWbAZt&09@z~~H%;@^*6 zI&d|^J#dxL(y>YtK4|qD+@QyBg!BAc}9S+6WJ7{ znA*abt@EWLWc)-tc6DX*HoO2ZwGPK^2|o?3tlTANO_dp+wri05s>fW5N#3vAXcq0p zj&XXwTrI+EXSh6^W|Pa5H&5KnvubYFdA=NZF)BxO_Ck0G4J*F2Z8> zqvS0GL!)hAz|^fwLscebcw~l4O9G+pI&TwT=y)4wyXISBs~tC;CU-0K*3wdN<3$Hg zq!mx2qidtFv8l&Zf1cNL%#<&12kfjb@5OfGC=N>Wvp&et<<RFO!PFp-dt^_L#`ZjLmKh+opM{K26~iovC>Z#E6mdm>E7 zP=}F=^+r&OGS*+d*pxUmO8S|6N0|VigShQnaRZ?;`y7W6b1c9bXyWNCTM6p~0y8KKCb#JDd1TsP+%P9-h=#DM-7KT=^RhTqbM_-jZ; zUgU%6__?jg?eyuaRNDuKvFp`l82OE0a#z``5g#eczd16`L>$PviipTK0|SC(4?i8= zGcw00!z7`3L}3%s%ICf|#9qMf?`bCF-<7f<58l^-l<2sAKQ41jSh8N{j;+dH3Zal@ zl!Cg=_U6p^Xz~qF?$)KIOuw--DC$=W9QQe z{L_cXe@HY_CP$noRn*?>1`?ez6V||CIFp@-ZP6ry2VfLf0Gm5oYKsq%o@p97p7+Dm zGG$?<=QsMt`>?x^Jsj%gajLSSKZ|3MXi%_61wCw8!zG6THBkv+1ItXHmXpc({E=EG zv`Io0Ee1Uq;nGaCrwc<)60 zdKvL~pTysk!o43haPd#q7qd6_T#whER!AcG1L%`J{)eovGaL*Ou_Uf2>M}e)FM&b+ zQU!W4Tc0igW0BQSwhNN45yxWd#tGA=fsY|hrOS7?+JxDO3r%iuQ6d-_m%hK*qoVJV zaiK-k)udre^?CM@U2#+VLjM;Zt^NvGaTV`d+t&O7jgCC$>g#@!r1!Vnxb|rO1X<7d za7y!U74p;-%u6XPxP}S-^;$EOY;c zyYeEw&_qYK>V`PNs$jEw3xft+=nFF%apc$Rv`*F1Fk*L12?+{klOT}4#v1vYqAo04 zIj_OVOP_0-J59N&b>EyJ=Aa8I2{%)b8q4RP?>JHh|Jma*oavn&dM;k;$V6qEh*O7P z==6ERpEYG{yUrj+U^Lh2K(}VCN}`Skc4$5XrVd>&L?zQ;yvPm9mdYzeArlPECgJw? zf`!~t^U-Bh|B!ZJ9jmF8rcIG8+^ghe9<;2xoAh`f_G%j?_w+oa_|9>iF?}kgRmB4y zG`6E*Q!9rtb)fp$KUK-F-1QNrba)OErj1^QZH)oR=P5~pR4{U`2cb0PTJQlb1ly*S z7IR>$b2Vbk5GT?jqIaRxpr6{+Z8+Z&+MpA>wId-{`rPV{)~R_|G3Gx(wpy2|CkoZt zoJ=e7mc)Kv*P;6nC+ zGB?GVC7SNOvkMjf3#qX=-7C^9&GSp^ZG0TBOueX;yS(^V?~S#)K>vLJU46Egm%7Y6 z>GRP_X`=&D(ii_N`jW!5dU80ebl!R2=%W!PL&jgm{MD9I13P_@PY+Gsb6#*qF)2V~ zPEM7(zeH!f#6-&C?{37262W!I0T@Mb!$RfHP#z&YS}|qP%jDP3JZgyEZ)W6?PV&0~ z4de-p)Sk@$>Xp=Cu`v}Fr>tL|%VhK-h*(8j$^GDWHT1YqQb48IRBu1e)omFhQT}qf zx~skm8mIMHwRJdq566n2jACFFk2eBYmd8nCd3k^L4AnLO{WtH{LIN`*cfh%- z-%PfBGRUxX2wIaG{v_kWLXW`u`Z*)D*^oXb>6XclnrJ^uKP&3UkLALtjZn-H9^YHq z4;#t&(D4XPQH@X>aS{`+kIbk>p~X0ZkMwI_1+$PBX#i0)qmEpfcW19lWP<-L{PIB& zI!*pn^%OEn+jN4ejoWmaz70iA<-^80HR5}EtM$7j+Qj;cdXT0r4aTMP{4)&J)rboAh9;=8A+fF|B_w7{gBMjhfe0F^dAR6qMVOZga>0JUuM zkZj;{vhNc=k?BBRMi_f;_|A`ItIMUhaTdC0P^NbM(=UFu1Nl?JW5>V+2f;v|j_zx4 zW43Y1mHnDNLjPTTf7Zl>nO3MIKGt>6wW7L4<@LC8>qQzOF&<``Kw==E55@BJN_MDG zXdGsue=!C7PNt#BmqsuHQ35@giu{J-jv;iD?zHyew+Do~X+Sl2n!^}%MwNS6;1HAB z@5%GeMd8zdHhs(Q>q(RI%HbO~i@RkU*p$TwKIN8P;>Iu>W1i?jWdu8P;66BIB)jNq zu`!J+!OnOM@GokxulLApKd)<>@T-w zJiMdM4R&$|MumdRAi#k5ht5ip|H9)9(s+rLbSxOU6y)tVX{H> z+E%<)q+`Y1?nc6T9R;Wkm#Wc>!{maokeJ%W?2wsC|CU)q_8NRF8kOrG-uBhcWRlMH z+5J8qK=+!DY;3S2EN)fHT)DNgp{MtyIvz_y2hI!4+ii~xJgzQ`?DH%@H03sJG6Ts2 z(XKF#L-H|WW!|q1P8HQm^x}AS5a^#$c-mJwB0W^?xcPk1?Usrp$~&L?OBD`qzSnd2VCI89jn9v6tG{eo zZORyGFPix|+Jx)A%XWoTPcTU%rotd<1Z*v~BiI&=S&J68dxbD%iwRQ&CFR|32@j=6 zuIifBJkz3eQh<>FNF@uqPMM1X0+pUMMOOo#rv{tvZTkoDB^Ttaj9~ewD&oJYn1Nr9n-;w;^mwTDH4|+6X#m)Os&Cj{*xtjUkF?BLiFJ$Q*qC$2DP4|L zVY}b5Y{g-R$V^@5H{#&CoSc;1hSx1s-dkXg>^+tB>@cL$jqS&JkF8rp9+*!(Pj5kp zMpr;`F(fyrB;dp>;ErK>Ea7^R&;}Iyx&h4ca$M!o-z~2PBu*`fi4z6i3xEM#3(i&3 zM-K=YU7sbF)&R9Za$lLXal_0-X6^+IUhbLR_8#9KO~S^x*S)O3B!h`QhP@4FB-drV zIlFrMR@0Z+`TG^KsOKJlQuUf08>E;vNYwfBE?(-WEl(<4W1Y;HiMPzB>(%HvVg2k^ ztI+Ndst)I>Q$9T85?hkR8NXRY=4+nW-}4o#&N6W2R!l<%wPb zn$X5ofXK$a4_0K7_irgwp1JM#>vq+Kk&o$lItq5#>&4X58 zF2`b3>s!h*a(dn0hmeD7z`Gg@`B6S#blzl3x`^ivsH2ae1^iV!&)@K_Bth5rI-z%O zp++p!Nf)}$wIH*4A-X45IxtNRb0yK&`ADD+eo8%Gp3by}3y>vC3u5>&*2@_$NmhBb z9nF8C#N+DS$PACx!09OghwYA+EzhV;^Y6Wx+h2Bmufu@%Zzu8HjmN1fS9sv{Vp4gv z_}V1rZ3G-WYuR%4pa_L^R?5P?jw;j<-E4b~X^1o#@A=TPf%o}oR#ta2{XK#Kcyf4{ zgeXeWwdNBnEpHS35wM!zL=oJWp&p8l@Z35Z>C*01=JmPTSRt*N0V)ASd7F%9dEBGE zrb_uOF74iY+U(x%q8P#U&QSIp5Q~w-y$YGx;|p|pE>ch@l}J(*oGKdV-2T@-g5=c=K8hWj%O$>31q1`rt5-&F===n`Zfd&Vz>_giV%uL{DBrD4T3O^)E-w;w8pZ zP_$sdr=r08MO>vNyshL^5k2I})ZpvKRzoN?1UQa-G~jySs9h3Vkl^Lu^g6k_h!N_7 z@dyw8F0aYdJhh4CICgBuoOqVdd^fCAb+g{THp67T+WzLLm@m z$&E2WWYBp{(`?^shjfs(>iK>(uSI6w9r+zA$+o>`Kf~tX@G5EdQ6%oNR!hELRpIoDfhi&aZPste<(zN{h4ayAk zc_Sd)aM1*;39JcvaA!z2yU;_@*{Ng=u?@x(mopP3_+Z7$6`vuep}Q0fc*QZ>x-J@- zcH}Wo!#|Xg#%EL32ZaQPRgEs=m5v3%UGNCe`Si;}08pg42geLdzLcMogeJ$}2O z2h!c)WC`;PEC}0-0AVauo>Qar_?&n@EeU;WbsZ?zye_u@mr;q7D5=>+)b#9+5QS{n zc#DV$A^-8Jc=DA(Xri*jEqEEoD9xrcbtC)i4BOls;P%3XkQ?{=a+jDTqM)=A$CaD@ z!e#{pV+k4soBRo>BUf)_VsUHkyo;*B=Bt{!qKMoGla(ZwO|gRZ`w|&2 zMxh_VSs(0Iiz>oL7@>mJ+>7(XtCH$yw!Gp0i@{_k(xrHc>f83yGzHsw9GC ziC$3?^BnWsbJWA+UaN*Pu9j7Eeh-Tuccd(hpli&wnexFb>MDuf`ELlsQeO}>;xyOU$1tv(NsricYfkAt$z~Hu%M%La;MX`FQ73~fAm~A(K zRn1}h#l^)FLY?97tIf^tTp?Z+5x%UaS|j2r+YygO8XYi1FoxT@047AQghmHu;p>3> z+x&vIVC;NWzXtPCtmdEPrvJ%}5%4OYsAEvqQV(JNYkbDBmeNN3!i2`0#y1DN4)Y&q*xcCBd)4__#+v?P^;K7S+ujT4+Cynhk{rMwVMs=v{zSx|N%1{~3+TUM z8Asb&S5a4^e*{`U*E%VeDQt<-qVSoR*D;_Mw?%*(NojzhZ=N`!(3SU_B&UT{W1xx+ z61S~)-{4BQkR}Yt&#U{5J+8P8Pr-e?vF^oZ8@7s$|8M4HwCL^l%X`~Mx=95oW)hC3 z49MtC6y5wkORZ^7$E$j-Hh?^b>>#T}34-*}jJE@K2EQjxLqO>T)B0iMKLO{18x%69 zFsHZ&9u7Rn1qdLewU9svDS+zMP)sXU3vXxzylm~a0y&j)NW{gEh-K|#m4~(m-!}gS(w?b zAZxES#Sg1Tes1*kKhe%#sxM`|0k!{SX|P&0IB%O2b}-$usHcN-gA0yhMhRZ<2qtoV zgyfCF09(p|IEpwD55o$IA*ft)26F~`sH1^F+xjPodk*b3OIC(!nyF1>rWE&}!=ORi zbW{oKxHio!$H8D9q$FpSALq;XpYyFN6_JFpK$$5H0f!uk%0BI`REt>>IJ{(nB_F^8)SebI68#e2AEbqRbYc?9d4;#ugl zWgD~3mYn9*b|p`}YCq7417;KN(g&64Vg#O|31XZ(gNrd@@*%`@6bij!Bt*D$x}!}) zyEAi4Xo@w#4Sa71(juW;$csSPEDMn7+6ilgI5qpf{p%O2lzwS z%pbX;{*wz~MTkD$8(A_yiD7Ccvg$PIA?ksb*tao&b_NnkXkNDsw{Egz#I0n6?9vwL zD4-;nd&3C6*?N75)4_XnYGPXgTVQAyiEg_N^hKWPGqEL z9K!sMpty63$Ip$^=aV-CDP}QXJEsPPQv*~j42d<4HBJw>3q-bQe}pV)*8oL^*OB9% zP^|i&9Rlw)uY~~j+7>YfU^STSPMiLiVegv5zA`U%HHaeBN;R83#KTZboc5wqcLv$E z)pINDB#n_uHeJ)JKYWGG|1{P%C?zQyVR}HymGg>KIBu3 zRqOMn_Q1Ha*OR1H(sTRa2AC9G71GQtlecLszr_RgQ4HwXU!G~7N`}{QkFtDj>|KVFM z%WOP&X8M$$8Wef@EchDsZ`(UH=#GE*^ZZS!qSZX41N6j_fHCLB&qFs?$jW?g6sk8$ zOdpRQKdxhXTGn5OH&gKjh$vzp5t^TNtLh^@w9|0^bNJV7((XxZ2Rp1|&Rgksg?~hj zwCu3L7cm1!>}zs=YTT+64V*kZe#vJw`2Qs>gWj$}h-r43YIc)(=nt9_$mlGo+9`U_!}jxgBQQ%hu*&q3ZRa4?-&!y zBINB_=w<4ijMiZgtDe!y3WGW7K6Hzo49WuGfP*JGqvEEZY}@E}(%iT`qgb+GL~Z0i z4_*Yx-0ZL1NH*A6v`^Fo-ehw}QcEu{D|VU$7q83X>ce-0i7&8>H^YR3H1YO&c8@-1)Q0!~!`q7tDI z=N1TiB5j+1+&~X(;is!D3Az^Lg!Sf4EO2*4`$Ga~dM?KGr5)x+T{bj2J8b(=%U6Ec z!`7cU2DqWd8UwWk1#QpeBai%3fE% zevP#8zbZx9S@9Qt9DkO1)h2R-bO(SBkm$j8KT7~AmSGEn+K53V;NW0hlgW2uJX*;Z zgp!_-`L>2W{`_U?OH7>OA9fQ@+Piz~BwpVVoe}6wS^f;|EL?H3c8vNf5;b@@=Tb>a z2ub!C*kJoyf}4QdJnSgBRH-kBwM-IFJi3kwbNHyO-fM1)YF90zf0a}vUYtlMOt1YQ zJUw>Oc_2>=b-J^IicppSCTU8dE1F_O%O>HIp_q!}N(urY5Rl7cy$uOM+n;IffRwVV zk`HnV2HN#4jG<*d7_~0THpv4My&peWN2+Rv*Dw`QQfK$F;UbhHptIOQ^8{%4mZK;M zK4IcXKujoEVPf!=)9n#8Efs6_{_u(L#G-rJT8wx}>Io$zk~d?S!MAHa4T}xl2@lV# zFD7-OuCB%RPX`!K-^4MDXL`@&$Ith;j$F|a@6HI_fXn>K-C2EGK|AF?HEi0Vc%w2} z3LpP5ui=qq1U7A*Leh`F!8=CP3!fg%&pmQkW6r5gT+Tatr%C~(5&zZf&~L=oq?QCu zvR7M5{xoKcPR%s!HrEsu>#jRu;5vvN$7bjwkr|#a)4Ud5TG9LkbY?VerrE0!ig}4B z?R?i*^-O3jMi4+C3pCZR6_UK_Il}sTMWO=+P=r z3$JUXh>~+pE@TQK#CnFI_sZ{VewPuF-wJ zTRMKwMe_4iMR-0YaGLw0;n+!qI{3GvHS)9#cT0}H_1f<>0VK;HU#SOTwCG$l386lSE z9PQG5A7{=EI4q)NCrQ-G%Q(y{I%@VnkD?X6GadX>m!Pq?8>_VZw&r~KsworTqKtIJ zn#Prj)MG3+(8@+*aMUFq4DIweL8ys5+wR_VWqjrFD)Z~0iR{$#=cxXouZ=uCzCGD( z@iN!)UDNg4jO~55D=+XKrHSm|yku^qNg=h#J)waSGdAGllmg3Als#uCXu9pEHdFJk zm>IkAm{(uIWeS+D8X3f`ng97WxPPl*J7}EFyL>s&pJ|t2>2Vnv*wFOY&!I?3Np(fI z`i55As|5 zkvz;Bs8OHi#|-!bA;_Rqy8}1#!#3)}=JJ;-XBSmu?4j)8oZ7cm^wW*f&n9p+c4qbX z!HD7X6K^JU^*{Imc|7@+I(Xb@L(tclA4)R{;g42*{!65|4ltM93l5s$v=_8s@Gh%L z(sj+^jZU@G2IQ`x;^K2x73BDrq4IU(B+eFLw_3%S8h8Twr783`|8Pw_X73%d>8x`7 z_6XK;x9b;PwAy_r^KwSWnPYLy@%DlpcG>mG|VnD*T zXo-Zkz#yy*-eoW(m5Ot~B@s?YQ53$5%F&;1OlFOlxR$Ao^KGAN6d<0Q@(szed_rkS%RWJ9>`}97O;d1|O%3 z<>pVDp+p%NM?=30W)PJ2Xmq@!4*kRGGRU=;J*V;jwf0PCU1V8G^6!QkJ6C!)q{J+V z=)^&2t9oIJH1oF-;V{Z~v$ksa2~DE(iF_BFCbw6jU5JziY2zsaIY~i` zBOqCTPV$F0DR2^Krbu^$4h$TKtScr_f=G9m2c_6F!gl5}zro06k&sThM%|yFB|vW= z#*_%!+~DE%+!AVZ-AoAoa`keyH(62WR@rX56xtpQ09K8(&X7F01Lv`L7)jIA>xBH1(6e z7q+A2MeWjt-}dcTTmMO1n3pwZ_<=Eq6)S#nrjw!Qf#fBe<-~Ufq2(sUy0g5H1}f*UQ@`%Y0^lHfK}8;K#l3eufamh9W8a07 z$5#FgH9F684NQnCnvDO+qHFfeS!7iF1Yxq`LIg*C$QUmqJ3VvNRhti2BW)ucCa=ZU zRH=^bfcsES|Jzd{nI=rQ?{20J=LK%~@5y-kGgp)V+{>un;k){PpK$=_L2CI!`clfj z7zcG~txu=RTc5toi0rker*>6}!1*an)s}8nRn-el$3(%ei6Mp%7r%d>Iwi%zvt zwYJdvKQ|jYt$i;BKN%WK*VM{bGM{bn8|1J*#y8a$ zWIz_a#-9=LG^H`1$T@hXL28Lr5Nb{R>iR+bF-;(8I85!tv=;oSfB9db;j3tqi~+!| zb1k7Xrm$T~Q*Yf_GLg@2*SMm^0ZKzPtLcSI;=E2O0o$ctuBA#Up}$L*!tn*ei;&#- zE?KM#eVLJk&^f#5X8rl225J5d@>pI&MFD_%e$zTFMVV~rqxL50k3ZR6@^L_M3v_|& zG7+D3d z14H0f5x8Pmh8aJnoPi!{8D1S-{mdl&JGhwQFhT+I>IK zLEe3VGG5S!u;Z->e!}^=%7S9?57&rO%W~=&QZ=q4Yz;$WuX9`>TbV43;Fu{%4JhhG zl-fsvtYAXMv`lj6+~lIRtECLi(?xIT!y+#-Z*!8e%1{`Y4$(NQ(`aTTd#2aX=eNz4 zbe>=!z|jO8EK)2X3CU5mxfB;Dsi0ZcFH6KrhNM9XW4w{zgaFjFE5A%izLj`8cfSf%=38ZPz+?4Zq{!( z*Q1(uYH#E*TBg~Mmqy}a6Ed|q>3)&AK}N^9-OMONkXTSC*6hslIOZkbpxmas40dqn zB%|oVppqAg+#!kOmbnYTX-9lhxcpu7Cegw#qd$}_tUx+*-YhWI&r3t5%k76+cwxCT zE}&|-X~sllvQlv;tH8Q>T%-K<%ICz4UEI?6BFAmQ#(BXNC}BO$IyO*6gef^(5Qv*Z zTq@9dLXO6H&AR!0fu23%*Jgb`>e}Zig(xXuLW#WBXT7jIg=&QCMmD}Nct`F3!b{s+N%6!QuFUUcym!eNmJu!Q4 ztk5)%ot}9*HZD_1T_jO8PJ!;A_ znZ}(cM}ZT!GjTm(doMUzh)gUvd#mx|4=*vgE8AFFVyJw%Sq(DJmuyvYATbIkIf3DB zB%mrM^qZE7Q_-EvAcGJi8WiwpsEh>xceJc7y_OFI?za_XQ-+-Xlwd1qf@Z{V66 zYpRHG^a-eX0^M@IXkA9mTucs->rZL#t-hTKm$XGItx5(DV3LLY6Rc2Hz}dvw!a^!E zG5pueCYub4Rk5`x#$Nml#dwThM%)q~05l{8*tT$@aM5$#tcjR@yH7rw-tK`Lzujsk zUCNT0jDvC33M;)o*v$7*v9A5o-S^9x+p+Ejv~@j6Aapf2@*0b; zCIW3>M$LgkC>S2{t~{y$WDvyjL$|&6*PXOhwwhoE0uY#4Kv4>t;;cb3%n_<4&}Av; zreVGc!B0woX8d!_%x(zh3cp?5Bxj=?w!w*w7?@y*vXcspb?QkTF3Bz+k!H)}^h!C` zN_*qW^gY^fdC-_2#RSsjYO6Lx`yGg>nIOXr%zWIPdwji68$pulZOLyxdMk%JdvIm> z@dX}IAGgh%q_{j*MOE+4WJ~bJcU?K@YWW}RqEHwVx8~;QG(=xGn>tJnBm!u(d)t>PjQUqA>Wljz{bG4*X8Ogm z0f%$Vj~7-7EAGG8ZFoa-p8Hk#MTsrNiZ*G_up#$yZ2PF?E9P52>l=-+!iAe1`zro_ zk@wEul|@aoXly$j+qP|WY}>YNJ007$?WAMdw)xWEec#1+_dj^&w{y-OWAD9I&6+i< z)>_5=WwO5OlUAc<93IfuS?v_4vw#p5wW^*wRW~ApY>UNW6Y6sYjll*f{;_!O_w) z8l++OuFR2{vJc$wPIW)f-17jIiiS7wXIu+Ihek@?%OZ+thXFEeOni+e!6I+O`6DVs z{g*pObqGOnY;mJZXQ<+!$P&o}o%de`ocpi6c@cM1Mei*K>Eq8KThP7aR0kiH>%}VX zwYiW{nAkF%*1l(blYn6t45l`2RQR2(5|_oxme&z*7bG zV9L-5rzs6~hWz>m*})vqUW&ke>#mwFt`2 z)A2BYO~>vslb z{o1_XR+VEEjrTr(RXV<;NlrXVzxWA}PzU$a;FB>anC3F$Jrc*{x|gpTr$B0tkhQTF+%j3nqK|@GR2!}c6*rFw{Ks&|49ZZk>t@}UT##G3#}_15ALO{I zXi^#$JJ$aF(XHp{XZ^;<`OuD1gY~kT9O`d$|Mg^nP<^&;^B~8njg2Gh?zgaV9yv| zQDWkb$)@8?(S1K`x%2pj8Nv_zm{J|hA`!Z5o|^gFqw4o21szx7P{4JCul#Y_3da}h zd8M*OQW!#=3U*}NX!F03G|+~*qaR~l@1N)HdnApXpbfr~{jJ4^syKP?maP1=UItU) zYT!vrGpgG3*>BV9^OSX!Y8G8k7Dt9Q@y_=ithN>9&p$6wOrEKiV_Jm@wBkWVxQc~v z607Tng=bn*z?1F+++$8`=jy^m@sn1K+ zRB_xbm77f<1cwN<6W&8};+#n+10;*0)$51ma*;1phi#YM$tHY-81L(sr5HWaUVw(< z{Oj+FGUna6658+%!myE9l>UJB?8lZF0;GIRw$%YZH<^{1U!5grX4s)THt*HaSuCnU zMIU^|wzi#h&po1`P{5OGGKRl!VMD>7j%y*-OD;NH#U;?`_98W5bU63DC;CQ77mIJ(H^r{SNzkcmfp)Y zz2g&&g$Fl9m*SCUQ4nfv?kjoX6Tyb@SB*LP?w{`=fT!k(z|cacL4d&>F*@QEpE_I* zo$X(}AD1?1ob-&65UYUf(-admkyps_3KB!z2-c3rXS7OF2EbPM2;xEsGI2-L8$7)+ zYP160xCtwh>yo~GLFJG?P_ z>5gg|>}O$Um5AitZ!=4H52Y85$>4HQ$AUj&g2P#x3U!-NF0yBnJTI? z-=zR=6aWu7BkDrmzn~$%>|G|nEgUYv{!kDk3Q1tjW-5hLAZgBHttiCFVU>7Yp$bVLu(iH5Yiq^zbvAz+Z>}TpPm#LAZyE@)Gq`jA- zwoFQ~0Kv=_tp?a5gp9l7teI!yPEi3G!`PZ{`Sx`7^hAz*+*AGeFe408MnAk%o;3Dk`|SCE<5lj3&#V)6`Zz@riE%#tNlb@_Fb7a?fca%gr?X3VLJ@sxH&dtt$m zEk`z`onncONsA~cj=`}(;=>t}yI(c|O|{GA-x~ui2I+4yIPdWS!*G(Kb3$JI5>B${ zJL>a{jyJivS(&Y(8HDj=e9MCFqvnH`{M>zQXwN|T&5T2foAB)xuN=XR7R%Bw?$*D4 zo68A0jFw0>?Z%ew)%FeQH`o;H+xbhjOD;VKFA|r-E$znUH4lFK+Ge=v?=}3O;&38g zg#mU_{Mn{%g)75MjbK?Q7EH@e{qIuu(^Ux_>oC>LKYD<{-RC9ZJ;w@4^e?iq_6sN+ zy~Ogt5*MUs_8u?zz1X@=%(%g?IwfP?_>FuHu`fm7ft(ju0xpN!9TEH2Ll4e2EcpJ7 zv%5t2oJjv~8rC&(u=2%4ZX|ew{6eX~war!UlKyCt4&9V}cMcvsac3aT{-;zO!}$wu z_e0>2+rx6CQ`Q9f12Bwbk_id%HEfCG*?o4O;ekpeIQVmY1XM66A0S-P*M!B?Zc`bB zp3j?8A$LqE*!N0_?#~;kkk-G7(={F8Jxy}H6gIY>{2QH1g^smgjRg@^>%E3@n!gB) z)M(qoeji^PPJ6gq4|r)zPMlxsTU=l5!8Z)8mjHHQ%J7BL#4tExyROonXVxW?zGTQg z;>LVWe#L)6_<6C{0>#JDlbBrrKLvx!d|8Z?^VmdPvi_l7$x zjX1FW-OA{4L=mC=n{_caNoKF)%TC#QJ#RNtHc+h}L+AqZHtWuWl-qA{_(b8(cPdhA z9EY^|EdE@HDbe#8*G1KnGS#-`ZHHtstvCFZok%8Y;h+GbTXM$^I)Ju1hGh+xh;B?g z2{9QASAngQ6;IwT43SO$6KKF4QL^S-cDCWbM$X7SCrds->ZjdwUOO6ur)Nwyg6xrs zY{;sME?>T-a4&4BM;MI2@`(2c>IDsjkg>S_Fy*AR)ftWf*5>oj2A0S5M^M;Lf>nF% zmDuMDo(~klryPH!i~=RN9|ASoVGjy|-mO!vi^ zGgCVB{u5o0-zXe3|5{J7aiOrt^TWB^)35({^ZaN%k#CKQjDaW~#nK>AvE^v||qWp97N$DP~Ad#?|rfmpjh%(v^5Mq-vc&5dl*FN)y z$fAOL;}vqZvk1`Ox0=j2t|i0y3uxh1j>czd@z&C@>gC4L>4oDUh(;9Y5nC!OE8}3{ zSG!J~=(_<&=CX!OOE)gNL2=;r08m4BDsRM0;+?8Doso61yo=vBGQO3n8+zE{Q0p3E zuwftN(PQ#Xjd^Cg4)ggj3w#y}%a1z|-E9Y6b}{nF{!fpuhfpsFlFoHn{}Me9iN}h0 zV~pyrGRcFtYZ>#$K3*vzND7%*qd#qVZEVea4vs4CxJ)8bfXsA~uoXA_VffRrm+}a& z=^E36yRG&p;!5V0@h6^jpV@dNbhDoB9vQ}OYf&f?zvNJj?{>5wvpaG?6D<< zsLx9mr6^s~Zh*v@9{57%j~_|~8!EzkXLSg<;n(E=?r;%Ed{AD2Txlue-Z zyd#0hB>z9?IQSp}GeMj(UMcV&8|RVm<2>|GB>UOKB&HUT;8{|lyE1q>YxH9hD+{_HwDP&|Y z*`#P*wE1&~>~sU25bFkAQ%@Wl>f*xr3kAZG?zs6gs5d-Rem+pYuX}dO6J0}sKE7$2 zSALo5O+6+O@jAuLrC?G?4ZM_~)W}&VCL(`n*^Y;i88oi8B;BQqHhYhvCJX=&9#JM; zCEs)Pi4(Wr*$Tso=q*+{hM9tuW|P{|spy*#tfR+U^d*1tj`S9H4`w?U`t zYLSeal1pW}hzYvo`LRtm1mV@Qf`8P}V|2Ji1ROB}U&iUeyx?vI4C4CU5*mzoI3>c7 z_Q~-62ljh({Cz)X!u<8Q$JK5c*HZA_ZPB?#pQjr3XO}U{Z4t5ZQU`-DPVORDQBZlTFdIYA%6c%Ll-juE>d5ujCm13A%t^z21`PuFAgD6z2UQ zZYJ~s`1|XEyDb(kYFg35oZol@a!Ky^9?^D%S>I@*-~V zY#26VANOlLZ`Y-?tmT5YKvxJPjwL0*D~izVPosf zzttU5`dAMZAqgw4COv0$zOcX%VO^Fb{Xc{~cl%$$9=`oQ3HvC}2}(aTKh1GiCBxN< zbJ3Iii|JkLi3s3sw--v7H)1K+xmZx{PL)e|ufqXNSb>}rZVoxfAS%mAyLbZW2OiNpzieRAZ*|nM`Ouhk|Cd}X7NAy+I9QCe9aFB&`jYd`Jp7V6AREMhYG@FU3`W8pf9WN z@T1Ek8IfoCB`pUwd%E*ex%`%BLF6#ljZNPECt2&At5ew0@k=!>IBK+y=$3qiw~e>u zX+QOef0@N*3S)xuj|MVB~rYvL^TvS9OaB{VTPLvL8!Ixk~1i5W0a*$`8W*K z&NCzD|8f*mIK4Ug?XE8Apaq3V^YxZAh{;BJJ%>-MzavaBmeeqDdh?{5F@;PDo5*~t zuvhd8$aevM#X6K$h#|TQF+r6RpJ_J}xuj1Y3Lm8rEg*^dCz0{vc4a>M>Cp8N_s*>X z`wNvK#=D{E|HU^-fqE_F;C$)n-GWu;Qi@Zp&j7$36$`eYLD?1jn~6B*p|fUA&*)#SO61vQ!M60(@A=FXQt zay)HfWr2yCnZR4u2Pb8Fyl)E=3c_t}UY zklW4XDvDL(7dI~_mK-qKq<0vQ*A0dd0vb+hp566eEQ$WnlYqS zo&(%P#wTI;_b;J}zGAZd3d%cv&^`9Dcm>c}$7qqQFaC{s?_>4vLo9Pi(k);XSh@dQ8fh$FI4yGT+XC`VZ++nqcrb(gOOLZOsi z%!s()k+C=q_%(6rP^@(OusxlpAWYPFv66rNRm_3FR}(=B(>> zC-W8E$10(6c}h0eCEyZytqmItN$oKIrs*{z+T5Hm-L$>+Pu1GhsWAs6Kmp`QW3tCy z;g_8P|4vC*uk2}p3JPHBO~M!%PDE;LatvW(F`B2`9IlX(WWrhRzmVf&Xt+~JN7lw> z{C3A#m`4wAZZS}LBdPV&|Ihdz2l|WZLkTLG>ZQh6xft{9gTYdzj0TqQiR_FV2J~*` z_xz~un_yaAmm&x<_&N^GCxLe@`jJKpW8^Ss(5^=pcWg?s z#x+JB*rk2r=QnztHju|)2uM#+ATJz>i_kbf5EbMM(o|W9{Xc@Q|CP$)ng;sutbj}` z#QJ8Xh3tAAc;b>03iHvdcB&mYBg}5)Ef}GyC2KnTs7GBjv3y=YW>&PAoZ<}NCakIp zK{?_W?26r=|5GNjg862_2Gu(Mmdvo=MEa!7YxRikjfKk10pkC5&#VB^F)SPWA!&bM znYb;Z4sw6Lzx;{>Vy>2a=>K79LncGm;7LQ$#_35lhr)sT6O*H()7i;LAu+R~$TM3W z&nR#6{+y@U9&*|qEjcpReF2EfidbGRTClH#WY32a+z{Ez*&)LUyv>5p!rG^A+h|az z%p^ErR#|xS<4};H{ZJ(wu3tdBjer63U+eF8&D2Nf-_;iu?6@F$T2Z8_y7hYocZ+!U z%SvdeISmH%7+^WNQS}uD>`=$r9tF~51>2^Hr~ibtwA?2}>Q|KS=k|B%r@PxH$Jahx zHtm(o9^bZ1_h%QdIzpaO%oJfkJ0AXTfI|SC;=5aQ^$WrZCt~PvdbmSfmU?{tiH|nG z0QHY7a9sQevPjk6V$K)hd0k^go?Pe+ukQ}n1do>X+U4fzUg3O?!cjxp+?YmHfur(R z`8*SB6A`!g6+^nKH3bG6`rHD*#15B7C20r-FpyK?7JaIQew~wU8R+N@L+77WG2<2P zFJ(Cp3bJL1E16|^@$ zMOcbl4k3*5q>T?Ts*V-I6fN&qpo1yPv<=b%O^aM613FiI92)-awhfoKa8O2?2f3pr zkLcszEsXkF=)EBK5Ck3n#3`t)p>k+_9nnYd&1zk&iWVuy#VpBwfXr=rQq?-P4Pri3 z?r&FXV{{p#BC`w zbuyD_qY{&3lHG!zYKjO3F~|^azX%rXXZt<5eS|{sS%J|I%#s1jON%`mv>;zKn(NIV z_L4npm1vtk;!HqdjsC_HZ9jhCdhJ*Yg#h@55P1^Nj5;g z*Ih(~S_k`wBA$cRy7QX-7uG(5YP@BqIkGgpI?b-iJb7oaHaZ=r?m4x!-;pH|!k5kP zM+%e`_z{=g&ppCX&_+x3T$=ib;Fr01%#(R!3T9X*yT3oiz_TJ6oQ+#6?7q1NEe$!% zlgU7CQj7+a=p99*mF(f{-QMaoxa5gl#Ssxy=fBP-yT*1=dB zX~&J>8JiUE3>FENoCHriHi(J!D=@Z*f_w`g4kUiSTrx>HfC-6VZ3H^cbOwY06o8jT z;Zoq~DSyGDA#08!miN&aDClF(U1o9lHRK61l9wTycqY}duOgcOY~9LyZg#tu1B<}; zhwFsUngQI{WunGH;ovH$+WbX@!&TIPKnh~UO-P=3nd=f0T3Wfm-7PyhAof9R_wQX} zE0+b*8Zx0NG&%No52}*jvdg!1$(38@f7-hp3ZA*pDdXoQ)UF;_;7Kk*M#^?@jM~5* zf(n;7!+}y5fZ$iX!SZ9|fw8P}7UI|AEujC}u^3BQ9_QG26Hyrg#-_PN()k2Z6S|zdl!s;zhm42DDlb)cpEO4)AX|E= z?^EZh4Jj3OEb6@0e23vgLfB*+%L!_j=vXl&H8LZi%6YnzVYPq%jHgZ{i{Y2`q$JU< zAouwts7k2qL_!)p2-ZZEi$EZn`_hYdljKz7xR6Y4l-D8D0b6euWDt_=NM4p!W}E5O z8Gw8sDN&$NhQO+1#;*wETdv2W*%v;8eU#Kv3@#)QHnsn2Drk9Y_Ynky3=Bf_lC{jw zagSLxSh`F2vI0sL0ay>)67WVZAhE%c@;fa)Zl9g`Y*`8*kvtarJ^=Wr5R{C<-RCV} zzS$LV70$W8{cFt&5f&b2uydvqu48mF=ved1o!)+eI~HX+Zhq0IXkSR04oZ zEz)GW5M(*qZW}PU=#c_^l0~GsC`gdPQRo#Z6tae=|GY1`sHqe*O+R5?1rXOSK_0z@ zTB7vQIi&7efz+~*;Xo~Aw9559Q$2LA_}ZBbzA9FF4ymn>dQl8%{pacV>W`G9%+?m& zB-ACx=ZK8MoizwYFlJ_&IV0p@F#TH7%Sen*v6D$iGf7t(*%66^`+>ct^9mJ;yY2TF zq+~Hpa^sszw1^iu45wte6&M$g6}U~t!pZ-3(6>K(&;~@siEYfi zxQ?B=B^S{yi~xwSK0Q^V`|}U8Gn7FX-IIB~!93gCSwqLHEAyQBDHjG8lFMeW^)vV9 zG0kKEG8srvs-2POz*pk_xF{$rN@J;l5j6a9t2u7Z z@HJKC*wQ8l%cf$Fy|e|QT)*)BdfJvFAM8ACn1WPndI=uR(-n>XVcLpEQGZz!uZs$C zc}}0v&*D$=aRoq<6c{v0#kyt1_bj+Dm$BC*rK$i{-O;Hp&;HqqYFskL$e`I~xkpLA zMX}Y%=)y7n9e3B{>!}PjpeTlI9U)F7_P&<9RFaWO>c5rJJI*P;}@8s4s*|-=WKuzL76;*oPkK*9~yG zQ}a~r!vOdvDK8#Fm4>gvHxXnCIF|e6jBiBuZ$Yw@TU%Y=(BQ%qE)hVbCkhCfrdvPZ zW+w>Ib^O_pcHQhtX=g@gPQ-eYAs8-a4^Q1xE1&UaSWns{U(cN)XNG;(S$@CXf$i_7 zb0-HL8qiXAX#y`?Ek+*heJRjd_#)q~8tK8g)uQNHUe?L;uma~C}@2#G^ zS?O%+4Y)^(50~{{r+lRt{*Le6IkHmGT^A3$K3{m;HD$&`-WsQGCKoYrQYAjY>(efoOrshWy6boomerxX~1n6%@Of$!G_#l)MKdf-GrWQvQt%aU%s=! zUnEVDrTbzG_{Y}NPs|#*u+cQ^wPVDXI{Fq2sJqBdjssM&;edf9#{3@XK)E%K)TSxc zl~RtL_moslqa3t*pdag`v(@QGAlax&Z;?9Moa=<31Phm)*5^9{%{)d4Us9+s+Dc`l zOPGmw$%vbLS6C3uOb~Arv@i<8$6zk%k(q)HQ=^@VK3YWMfXZRIW+HHg%F%tB>&l8; z{qW|%O`3POsesR1Y^3fU%*inA*^JuTzlGmj0&hKhuzcP2L9?wFW!LC9cShi_5SsK| zO1wQhu{jdDhr4BU_=SAf{^E7z2e^s+lXfIa3**f@#F?^Fcl4GQ`N%nZmb;#q7>kx8 z24~PdSLpC-640nvT3|^SL|k2q@eoq=*vn;4FxB-OtjJm)`D^ULbo=^j<;H`n1M3Zi z=WxsDHE;L(P3hZ04eX~BpWu?y%XbJB3qOlT){?UYZ>r1NN16ctP44sM{j_g%@uDZ{ zWM!fieX=d~dJdu=5ervrTi?Q#?13)aRTRV4HXbo+M)3R?;PM96R%I6% z#ybDJ>yR`uQ!exo-(TsE&q|y)WO`lyT#Un*vZFU@w8fLFDg^|qHBU;D?z#@?XdOIm zUQx@Q{v13xAww%%t*FpRb}ty&7Dqw99_wBvR?~B-6kCgTPZ)=FBn~zCbbt+mG-{qP z*@1qKbjp7vT@Lzl8D>Kp=%sU$7Nme0uI(e}6cubj2#@KOQl%61kR;#4y5{%TO^dY2 z_uJp^@rz}8U0-#R>xuJSD;?Q^<;rxZf;M55W^JNDY$D)4mldoa=uXl@F<^8c)s3x% z=S6gVOy8>^!FY!}^db7zqjo8q(V^e=sxjSsC~hd|1&p$LA<1OMUTir=iS}w937gXW zl+mk|58qfusb2vliL)0|NVc|9)Kta#Pfz0m3wW4D1NK_22IKAw*ssr5`pOdSm?o~< zm4inHBKf}RTHiw_10NkdX~F4yAyn`4PVA-Ge%~+OM)tebF#^=>Ry3WDWSuynO)Xz2 zzv3TXf?S85$2LE93o3SP5AV*m|7jdw4*a^FYrL8eMLuFO{dkW-3yj=}NTTJF8smw4yn`cuhMm z9*(Z7W{kFDBvqys$UGB$?7&N_9$Xs9=-{ksAP4eztj!Gdtu*~L?4%4wM<$#taJnt< zJ-^fls3R@vVDaXwpS*yd;S@JjUnd*=H+|b5ofJ)cZc#O{5IY)j@O|h z^%q)F@TS0e6_M(+ThmDqD^Lb-u|dMw!5W0P9xnm?cWbH-Z=YP#L+d=4LjYpRgo@cT zfXQTEanj0N**Q?kkJEx|u%20%jl3Wix;PMt8%R3NUwq06?QV==Wjk4;7v}+9PT&?V z;~J2QtR4)BS1VNYNeBQ&9JL6 z3JZp+Lp^g%B5)Dp$pa#cL`&ZZ+yTf!RdV9@zB@cVo-n3Php^^YW-BRYECPR?3@SKKk)wE%3Kh^WW?)scRL*f8NW*+8 zA-*%*S?S3#)hY<6@Z1rc(Ywtbb&!a%zl{JY zxH2jP_~eS3U$#;($k9k0!lsh4o(iXwv{Z?pxKP5#@G`~A3XBX+*QovwFxAi59LSKp zzscM!Icz+RKJW2M+Oz%L<%;>K-tOJ2l!=!-$!_&@gWUV~0D0_h{S*?3!sBFc4Bxngndj3P6&;({I>b4^_neXBz;->yk)l;>YxZB@{@P z4gW?9P_5c8l4{_*bP0(uN54wUSpl^<SCdT7$2Z;zv?$4MY^RP*McdTu8&Xm z2PzgTWhrJDSA1rBIe^iX*|f&GiM$@Q2q%q`c(~es2FvzmuznhDYW&{N+0Il7E~Hed zL)cbQ_CrhD7(>gackF|?jW5|TBw}`cAOxq8=p8=52r*SWmM9JXU3Ez^&vcyw&awCi z6D0s(hoRzZ^8k*jgyZ2$e5?0w7TtQ~w773D)BlcHb+CnjMR6|VN&FA!>dJBZg&hbU z9pmF7oT&E?H+3~>>MJl3w3pibjLct%$UXm+07^K`1i!Wkkq#_dB=`ik+OXikVJtQb zVwQ#~;RJFhoIvjy>+2u8Vw)kK)Ql(J8>Ym4F8MjVCr5i?%x0sP#4-19k9{CWZ7pwx zv)|Zpra2>y3^9SJX048HayXIFRPCDJ2{_v+n`awTS0xhZQ zT~V$fxA7=NlMfKy=R{0CSj7a*BJ0TWFojX5dDm*GvWsrAQEz^cG_#4&nuPI$Oeq^J z%kEfXD6Ahy2vC4ebCYc}|DNyPRj+npcK4Z`=JV z+&w^2nRtgPLq3mo*3J{#O23vGmiBw8aK)UhoC_b=6<8)c+k=IFV(tDT(BG0p>kS$| zF}jgXTHr>Xi?J}{HFSEao&XHWSm!$f-BAG6kS3}%3_xj+RddSPW@i#(^nv5i5H;%< zufV+zmr`fr=YP}G+~g&PJIj0RO7rzENWKj_174)HrGXZC%+?Y>rf?vLT1b0|#a4X*Get{W=M z?G=6gNcR}c-;EE<`m(-zt3-jTw~143SAwh({$#Quq1!OL(|msxs6D-@X+@3m$%F=u zCw=XUc%%oGTh%FxUC6m{!4(Z|3x*ahl6C%(?%wd_!)MHPX32cZV}^9M98|_o`@e)= zUp9DKpG_XmzhksIdhFQ#8-7*A9k@IDR}JU^<`3&fQD{1|lDhpYS5xHC8u_fTo&MnA zGdcJ1(}%10vbHq+`dwO78gi>hDA0QOvwpylrS(6hZso-td3Lv#gMnj%9pA|4;>dJE zXO_!);XwjxTPq*})|3^}f~%_&FD*HUZALu~Kcw5F3NAoxgLkQ#4MUL}+bJkEw7LiC zae?5$eF2V^5c#SOX*JTMXYfN?KBMdLn!{2d{!zdZhyfK&8{n)!8od&74%-eOXbk%bc+v6;a{9}&+bQsSfi{5C?!jC)!jrcnMO=+W|($Hit zoV2La{AWiHhNPkR6fyn)j@p!L$$jwXwCgquN8L`WNuO+6fPDYgVU?hoQ62vRD;A#Z zXn^U?Z;vxJ9~zT}94&^8YB*0ZWBrx`F>!dtjq+av9FzWWQc1kwM=6?~yv3TCT0-}j zql zJKfvqC-!FCV}~Nou9XFY5NAjU_Lzeq&i47D+&lUJ9P|~>Ou*B;VUh;-!uny<~rbPM9>1vpW#ts6!(S8E?SWOcX+QIMoCUC)DwCa~l5>{q0xRG)fP?qPj zx&s7bVt6l_2-1VZSlDXmDtuk}-I=QnGvwu1fC=TuO=HpE;vMtA?PPu`G=X=SHqrl9!HoiKe$R;W;N{L-?UZna>RS9kyQNXF?2DM0=-uGu93A8K< z+psefssBAf2i1XIN}5uI=4Xejz}!B68XJ#ZEM(2p+9Su@J$dU?akr21A365kTqKaD zM${`4@+G6jd0vF)>N1ZaIHRzp7trUDE?`Co}aDp_X(0uNwKG})axXrQjau4 zSkl7x+O~ebFcpbRuqYiJV9wte_h4-poEUhzm$3>J)SPuS(gcEYpR2_?`-trg^=x;D zie_koZOvWY`n0Q^F$S^3JwApz-GN=D-K>|Y|HfyF^7dm&7@ zKKemv8C>WJ-uIP|41QkupZHV3Xio-QF94$1DbpJD0mxNIOjd7QPMcUXH z4elXtLqM9HeWhEyWCsRsBRJd!PU^bsy);`p_j|*=BTy-oj(av#s`hXiRf*D_{)Ho` z_eZcdX*X+?+Brl#u>qRU*HU%G+mU#4SZ2gk49;7<2xcAKt~6VEqtEif@E^CosN*jw z@z*kCmbBIB)W4;H?sL)bF;osH?F|5Z#{0l$y_SK}P>}RbtP{vuqm*z#@*i{O5;&xXT0&yBN6P)NJ9SF zQ@5*Xv&;!W3j%}EVP%5-dA;PMk;M^kk@1M}Gy}{adrsu!1a{P}Wg5jT0=X+y$ZaR( z*Zpg|7i2z_|NNMO4jCPKs`Vx+-+$8vC9_w-zaQ82xLE=x4Z&Ngn^Vxh$=}X_t2aVqccd`q2NPidJSS1uZT;fq8GSMv~ zcV6J>@-Oq3>CpAcdr=Wm6Q57)2W9A-^Mn98l6 z3?n$Jy%jm^%QS>D)NS@rPPz%@<1aFxLo(A{HWx#q&9s_5>E+RXgCF^M%`B#XJlwzwj$4P>C+v z3EYvzX0HvI7H)ZYM|Sq#0B~x-br*&_ShO7H&0H2Zm{@>6?a|FL)Byk)FJ9OWf<5SO za^s(5K|WN4GeL2L6&#x&XnDNr1Isev??&1qckapVT!~Top|4#@SGN_r&uSFWPN`}J zlhuw!8W9N4nc6~dJv*3y$g%PTX9M=I4r1PBOW1>78T_6?C&->oT+ z6|}qB4W>*1R$js@yV4%Gc>0-fObv|uEtEL4oJHdVEZBshh7ec+Q5X+S=Pt!!3~`Zw zN{?D)4ppyO!Io$fzbP-rHc1-S{Oh-M6etAUPdB;4g2o1IhXER64Ra|yS>nB{!Aptb zL^W6!9l9s)?xKg?`lYI?=9K%0tbdin6B{QO?Uo2a3vW8$qHAP?b0YIjIaCjc)Fn6v zG1U9SnZawlFiLG_X3n8;Q;%@@<_KwRF-!?tzVhVUWtI@6epZL{L%sW_z#Ag+zG{Ok zRuj$6Tx2~2U~}gc6dMe*ec-IKveK$ge?b(&8aF2aQz9ElVXLrS$(mLuWZ57!xHa6tj<)VA<0xYr@7lUkKWmQ7V2v1)S29aG&rdBW zo}Cj%c9+uar7Q}tIBu>tJlK=NFGpR51>{b@{|kR6~$5P25=5IW$o zpA&R1HD`k;(}Y0MWJ~83wi0_n8Qo@Lwnz{(uCq&ZB>KzK&g7DEPPYnzr)O2A+`mU} z09Y!0+(e1|l)A3j=U)sB$S-m z4U{lk2q%;xkiuVYoX~}^+xf5C4Kjc^b&StvV>(WPPDZthUm1Gjfw1{3SJ(d!Du%k8pLJFzXXlCpf!0BwEz;rh$SyW%(Z1e z_c+eJSaN`kVTLbD`%stE2-~?n9Vvp zLdZ4f8(hE@ToZdU(I8v`DTM=c!V@4yM14>gwD|bMx@&1yJl5!V8Lt}3*!R9&2-Cvj zl>gy$3}qH%x63E=UuSYM!s!>6%df9TcFndJ*0d3J^vvo_qQ$GJqxY6`?<5HQR(d6_ z-W|?0sd^VhL!+QLQVL@=-P$PfJP`xhFguMDWPBw{wHxpwuFB0{ zVsQIrb^V?QnmgF>C{#l5I0JlG4&l`^77$RRetMz)e8Rz|1!$uhEC5qv{=MaZrw+eP z2anL^#rxtKGex0(Bro&a4tw1$AbNrWhIEj@N^iv)VaTEV$1*1^RKBQx7g>Is~TPUP!XT7VI1yJ*U? zGFJVPMMa$$;~aS-vfL3f^zdtCheiyF#(DbLte+AilbIcAX%JM2hLvfsNh%{EEs7Qp z!hVfd0h|Iox5PA2c+7EG4~nZ!7vk{VB>Y(>Ou(h_#ImNSTL1iXehQcb%)I4Z6Mxs-I)u%t3$bIr=cF6hQWVxfH)HaswK`8)ZJtsadJI1wZ9!0U9{EA zF^R>s9 zXDX$;1onWUFknB~w|}ii*Z14SRh(X~jb6%c+W>?jPsF4; zPLJORQvd@yNKybLNMJQV62G!Z+ZOs2*P>@QZ=YVHe5Wr0haQYPbbQBf1VT)xx{pTf zNnjQvZc`uSN&bGe6x2@Tk^h!BuBlwCJzKQBwrz-6VS#K@nrQ01@Q_*In!WA|5FN>p zD-Ciex30zl97E|kI8(hgD5Mina&n9@P$bYls7J1Lv|Iz|Pe}nJn_oD}y!+bk!Erhi zIg8KAMXvcoNnJh-(BgrVrio1;FJ`45K!p4Nf)7fGe)0zpx%5pxfH)RzUi6nKTJ7uf zzu%-is$k@qE+ zAB_?17WKT6eCqS&j@Da*^wkM^SdMa^%4u{7a&T$?b7Cy5q!vP9&EoioNaCTfG{Mt zKD9*Wd5LPNbuIJhsPHb3@ul@DfWR%XYclJ?vj>B=@F1q6wM?1~4nJYhhkl5wA!x*A zOV&53=Lrca%O4IchSEaE2Yn2yhOry?h+}q$TCl3fQdkao=-c%vmCYZ3)gO6xQEkJ0tg(*sX#T^BUPrl58PD5BM=l3KNJ%VkF3CJFTM|E(6C#SC%mu^ zAcTha|3le31=$jITbot8Y}>YNb64%MZQHhO+qP}nwry8+edly{{1N9wbo9E&n{}0M zL}t$M%sJ*jyva-NfgaKouW;dCO!3WCzKK1pA@I`0eqbTK=Ry2nDLnQdzP1p*=^yjK z+tma9vuYMnS5tD!w5`{Ti&uXN@<+`59JBhQm@G7mi4A=V23BVlTyhKHv-oKOoccHf z^)`JOhQzbV#BR2Iyl3+$?z}4E^T{a%VEZIEXy6W=T!Bu)rvA?4_?nP5#P~P>zseXU z!Vm0(0UB{6>Uyp3hZ6JB(Hj44h7|v$3rhz9AxG1kPtxjs2nMcqrqt&t>qd+Dhl9}1 zr#}OHpY{#|Wjoq!VK4;Y6aDqC!UJ>LAX&l;jISqHZ|ZJB#t=+EhraHyffEt-OTxr? zu)`f>za1XZUr$D`Z|yWP0IClX@Orlepsv_gBxU`gxFYJy$L^u1Ewz{sODs_4X1v`-wci0L`G<(*6$#d7ydr~ z1jq0cjE_$dCJ(#U&aeFGmto+{fm3W?s(aOs03QSWBDIx}5>ar5W}5UoO7)Cb5)m(Y z`rhgMfy+_O>b3(cz)XlSON3SV2q`x?6@-o0A=d*QV%PmyidljpTlrb+;yMzB83-Bm z6^`+QF;?A=i)1dBVh>u~r{)vDoUD&Hp@(T_Y2a5F7Ljz&^+}-Tff-N3&IDzqweX0W z2*}MBW>e=zxoH$3L=WKakrjWSa25c9&;`$VgKwR!y*7Ju&Ct;bA$~8ua)Z6o5d_TAi~nVzS>~1s*w2xZj0M<1hu)j= zj(}1Du*6ndmeWst1%h}REB%yy?WV^tE^v7!C&J$}r!-LhZl=J#Q#fP+=F4R$l8h2$ zaz|QEW4`rNp0q?x_9)DR-jq*oH}}@!p`sEdQaZx(F1mzjve*`?V<+Jy9C3dCe-4>40hoStL$~0z|!07m)1FRG7=c4P0gdDJ7`)<=1p$N!=84TF!sg}nPZE;#DnqXU_3;t&uv>i_2mO9Gm z@UN-^Fd#NKD1_S(eTW+v#&NnNwA%;+@kQ0R@=B*xrRScec2;msuA!@Ld0+p@OzCpm ze(j@-ta1>HsXww}ctK6!IGlS$qXAwQ!TwFYnAr8JA6;#TE;5-JSfDoyi}pn}R&Lx= za(0D;yIxnFB5e1ey!F_2h<)P zTKl~+s}g}D8nF+p>q)g}VAwJ3X~!-4W1Ow}wpiEgPG$FMc)F-*7NwXXPEtTE8^Z0U zml|10q%29V2j##uM9sJt7t89JIx(=xvV z%&#@adR-%FjynYwlos6I@jVCl{E(B-X28>-MO~?+MJ9;{>^Jazlhvx0PDr4 z{M0?L=B2Hi@ie>+CJzT|YU4ihPQ9Q>+-FCNUel{?<$FP5gS=0E9JdGd$SjsK3agce zDFlwD;4|&~ziN9#6d5_J`Qli#22!Pm$j=#E-Yk7G^gZP#I6Sq5O>D9+ZEgFn$3RZa z=r}7Pw#7%TXpRfto!BHu9XzK~YHKMbP!e=d&hF6c$p$T9d`qtUv|kMHA&SnMhYyZJ z*A6Z{2O+Cxe(N&Jy^1lfb#?I=IRV~r43)EiFWSiDmdiunheO}MZgL`zP7OC0S~MyF z-7ows?F9n@3eiJqvze6yCmDB(+AfdzjxP=^bt7DEi_(Wt7Z&f3JDK8Kq%7vt<^q<~ z(3brQxW)$2$A}|m3Dpz0X_4~Ab31BLRa7^Y8b`eXcZq3nba(WH>%oVaTqH&hS!G7C zjw*jyr{@yFVXubHsq$Y`^Ft4@RY)(9;f@EM>)T8Ow?Pveuo15npeup>WmZLa<969o0JBFd*m0o>y(q$ikT$jfSUa0RJyU}GA zLY~QxIcm^IYZ$PwE(CydNs1o+lT-bpaOT=L=YKa@pKr;+%Z8PTiHBQSZpcp5GjL@} zbQ7hNwBygjfbzKH3is)shRsU9S(3laoeuTmicQSLR2-jg5pA-k%JDBP+X5R--Az_# z-%s*1fSSx#Gdnd)1@hxKeySsNhF<u%pKomP`#WobAvBKkVhxHE}?sEt0_I3j2>_5C81&!Mvra$Qi#IM+cl z^KW#fN2L{Xdc&MOligpmMghShnLEt%KrcwF0n@Ykk)!I<4$;B4uc~o|i@UX~luEBm z$RSWZy`U7D5VCOJKGUEh*Mk=qIj|H_t2a}bW{n8X+;9)41Q;wXAK{=v^S|XKVH5qU zv^;G+({^~0|SH4B@B zXA90x`-P(PlTl3ifufv7>Zp$ZsBSo!7te(A6g zpepiQdR_Tx_1rN;@H6w%b~~Fj%xSw#+4EPNCALUVmf8DV0h0$Oo zOe5wIKzy~BJoQW~TR|1!2AwcS{Dwi7qzg-T4Ep3M7)|itUJs&@yB2@75o={gxfHsU+&knk>^e!55fHr8wT6p|0qd#-9(W!HD!VGh``C6 zprUin?@Mb~XTey^_}u=&vj}_sD9B@wDtLC}-?1M)-0=V`v|MlLOmI`r_B>o5GCu_#>Q1HL(53Xn6Ti z`C8Wvw`k|F6o+Xgj7QjY=<+^JjCoh^8stzFiYATUdkB$KAxkvFzlwZL^0sDW*n*X4$|6A5{rfgVmu*383pso7A zKQ?~E&fbeO2d#=&lnD3^Ro6-L`6iP`Xv8hXC(`-sU|i@InL|kcriX-L+QEhlr0u=# zZK?hCK+Fb`G~2enMx9cjl?IRWj=a6!Tw82$49X%+%ZWAG(2O@-E_Qr8*g@)+U`_ub zW!BpskuDnp5|B!z<{oR`%2E~Rd*D$DC}Kav#wE-nV8nFJIVGB*FdFEV!6b>9Zz7^) zcgzt=%j8D(Qa~V;({SyeYuk)QQjg`sV8Q|P!H#HSv7ANSL#QwPkp}yvU#MoRk&jtZ zZv)~7tY*BC%w`Fw1L9S-h*tnA7zwuw%IdOEHSheuOFH+Lu)P>fo-+#8biLSbD8cq` zM!q7sN=Spm=hCT2d4$RT^276$t*eb>&v%yIP2FWrQ)1Kuinf07S8`yMmAPe6MaOHk z>`pm7n$&v5N~kf#tDHo_ZDlpAJ~<38Dazq16BxFL`V^Ou_K4z#oY@BIh%JyaLk~As z9BT3}|BB+wBqcPDq9yIrZm1XL2i`%&JxmXF=!zaH`4g!Dz-Nd<7ZF}ZjzQdM#Afe0 z(pb(uRE8h2gMHyt>9>Qq03hr}H|Q$A<_D)}Q!8ayP>5H}N#x(YI3JkKX$GmkSqHB; zXcnLftXkgRo=uSOKr*K#^aIv^U$?+M zdvuV{RR{nbjZA1H26uU*d70)s_U^aXU|Xd>Y~Pj|Q+yB*w;vqLXKi z+30;fkP~Ey-N#dQnR2gmRp2eBhCYYnhtFhaT$<5r6(%4m9`zc+b3!*`0ly%fS4iac zBx2;q6IzQwGLN8^Jj=QzqwPlzXdZy`Mrj9F;bJS3{xC8Iw1QIp{)2kSMzLzypI6l2(No3Pgg$m-o=u=^a@!w}g(I=U>R8 z=o8-xdlc&|C&$z2QM^Fy6$Yl_G`8sRyz18tbqgAkpb;rp||5`Q}4 zAMqCw&M~H`w}Xv`++mXt@PpE#aZ7Sr_27441P!={yMPII0D*ak!%}3QZi4mc4VR$s z&$akx%hALiKVr4*qTTQi-w?yR@Z`Tp5MOu;(asKgq;Bc|0DhYO7oA|yHt5E+d6@$O zj(%KZ(VUTngGVx#GJHZoI<)9?Z$;U1&Lw{^__IY%+CfO9koHr4ICVUy!po0G|oj76&gy^=JJ*C?1 z>xs~7{H_aI4vHbuzn zMqvk{G6J4OA!Te&ipeEEBKMhwYYxG!^a7F7e?qGKAtcYmjKjUaVRs=HEmq4^E-yl+ z&7z2}Kfz06)r~TX!mD7fCU;VA4GU&Koc|MWu&G22q_N|1HgP<_C1*B7PivF#xGTVh znFjmN0OJTXs08g5CIjg_4@QKd&US885tE3_^ z(d9pMLjS+$gn2SHoxFdCII-bm7Bp8zxR#foES=b?$};jVBAz#=Ks(D$dN*I-mn!i6lYOcr_WE$ z?k>`5JU3l*Qlkw8y*NKs+Z9+T#&}Zn;8G;RCVhYr7;06HL>L4mz>CLHyne5B2;yCW zoN|<{hkj3hmw(x~Nq?A`rcv`ZN6f+zIW)O_0FpKSK?KKvgBH`>)0k^sl_ML`fjNp0 zp|kwb0J*1y?(~X5f=X{)e7j7}#M# zeh9hDj%M?DH(j&0D`&BXQ5xluT(kPzR^eeiazA3HNzEz?bd`1gfz*H zrdQB85LO3?`h&r( zngztntMC@-E%xffjf@7=oTBTc_tQ*DT2A9JDym2(D%SbYtHSYU#QQ3y)lJ8W*k`(TRyV z)-I%eVE`GE1f9KeC)6(tPzmE(cIBV`B7px`^lq6fKJ(u)yf&VCsT+W4%HRf6*xKt@ z7c};S9Tpj`)kM-3mCLP_z#@`G?jS-IK^e1MdTa_ zw&3lcy+co66EMdB3-Lk=hWbZ2v%~sxCW33gY>~S^A0KaC; zBy~zR>oc1odeE%;-2}gBe{7`@bAfDxQiq4)*jiuj$l5)>!tj3VWUHeLZjc=5>RxRu zyT5W(DGhnZfpf**PFEo->td}t@)=u|BxLoKcGek>J8~s)AMX4NbG>!UiaHOT)VT;l z{%VvU68fZQu)j3u|EQ_f>4HbxVH6IoV3d-eO?F#aS*#4R^2+b2Y>9{cyV0$EbC?RQ z5Q{%l7caORj&Gd146TM0<6EYFQ=BO~7#8fJwv?%w&BZrmA-Y;-!12+*jIU7oi+N2N zSdRxNndBOgV-h7AdM_x61J^!%ucZ7p@1}rlqWu0sdk}#+ur!VQW7TtE@5n1=QWk&dUV%|Wr(_oHM&$6_YRuL}L z2?2p$FX-I1vb0D0A0AMPRU27ISS_Q1jLZDX1B@5W6810A*c9K`$=pOT?T3@KD_J_8 zfmfC|WY44w)x|6gf}&xVTYA{;jWTLUE5VipRb5s)H5LTHxJ(y}wg}9+UHG6HVX61G zeAl_9agyb_oPE?4TI7TaxJ^y<+O0^<}h8d1;<*Az;Z(U zDSRYJ1Zn#fAW?h>2J4nnF)~Plj6EU+!P+-9zon7EZ;R6nHySIc~KIrk6Q zS+D#9f>0>qWNt=C?R{;NPg{?Up8;9prwe70YAOZ&AIeq*Eh!}kr=|Oa^2-M^({12_ zq$uHHWJ)e4n#d!}M!&Ar!^{X>+q{1~Tqm3nl2qOc4%Imah8G@@Q&?r*oDhHK5CAt7 z&q&w#hwuUIKwHL=baq4BJB~NDYCk(J-@2j}FNlaQ7i3p8tkvIET6l^u!iju{WO9sH zqZ?WuqbEhXziyB}tq0yBI518H-rH(E_^75xl*fB@knY zPw`lJC*0q4!r!8>DI>UE)04#xN(8Z&+K%R4YXrp&vrsZVZ-_d3#!Wpf=ncc;f#2b- zUrJEH`JrD_mwhb9*}5^0_|C&0Z4AP1GoS^wuOfbOyS=~1^ubnE=#=p)xvzT1eJ;Kq zf8Ck?%lw0n!!_~rucWf3`5%&s>AxkFTg(Bw^N)|8C)fa>zZUyayU|$J5|moK=U9km zau+x#C%Hy5?L~8f=SysS4W^1qxrK2(4;RBM>)YtdLC5Rs=y}gKjZ2m!WdG=M*9qkv zM2)hq$!qbIRd&Tg+UKAWm0YD;@$oCJYc;Nb;@3us&)b4dL-4Pka`Z|hikd#VVuKwP z6CD*pW7m9+Y=u>j@4o6aVXq_AMy(mJb`nndKbp!EB+tf|-2ZP_dWyN+6ST?UjS!O% zO~530>~Lfi>M(xKe>7FUF846cpEx`Kf6VwnBIKtnS?b_IcYu68VBjKmetq8H$6))* zk=RkO!uOHbQZeFd197;$LtfBUJODUYb?;MihRa~A$)$cTL~emy{s^lr=gU`c2D|4! z1#8>iK!^g>RQ`X{cA{iQGR``t=O__It^fkZ)ypdSX*|$ zT<#EpU7J)l%;%gI5<{1{korL4x`n8LChwvwc!g4TKO%=U0b{PS-~y)THcGE%W&E+y zzb0neTN1PK+RwOZr?I|yAw+tlQqPp3bV*&JL|qQv@`|}+30u9WY{8Tv;c{)zM^8&k z{X26DUOCvP!B{2>{pIzapeldx?>?De<%qa{qz(#z0I|wIiHs_(dg<+);Fat26`#A< z{R`9$S7(QrHbCTz!0X2cU06~z>W7tY^IOCsPvbOmMN1~!fnD-KO@ASXa}xZSS~RyE z`}6~~!~;pn8J2`t5jJ{mlp(nR?!_za4l;y=(wjI#>-T zI5i5l!NovRT&0OhGO#L!)$CXtOY|(>iR`P_Ae1u;xcuu}XHUg!3${XFlGV|AIu1}O zl%sE_L-w0Ye)*M%9eaRZXuT;BBr^~tW+46_J;-t$N`t(u^4zzTuph;9pP>Z={xuR% zzRm_7AME$;C%~x#I^^>&f=vkShhvGvGTM@fCs~RP@cpN~epU_Ph`hs<5GV;2yYz~d z@0WofV!MB>Qy%7P?1ceUS82D_I#R+Z z5W30ISEpolD@c9;j^)a_d&edP$bqos^7w#D)g}-TeFl&*j*V8bdAh5%Ydk%(CsQRkC4X& zCy)$r+Q2~B1sd3au6**6G)sZ8`~TEl=5exB=1wsCDcH(q5#??1sM7JOl-QLL*eL7D zy4jMTll}@#^kS>RbgNM#D~K`mg4tzOS{WTYR}PA8s_R^0*P<%oJ-W`#q!$We_RdTZ zfi+*sP;CPCa}kl?S(X^PW{|rhow56#`@)1d6Mvn zvJ{G-8M?n{G>Hath9emOQ0^eKq9~g|>->)Wl65~*UUCTrCuyd^MqJZL5I?L7Zq|7U z2tq2NiO@ZLu31`@;0jYob4`09Pc+BuJ=N;dJ*Hac;py!*xWB_lKtTbuDhReabZnAo zNa4t?(#ESSM<{DD!E3@RkzRK0YoMEYWDR=;q# z7y$>7rn4a55Gn{*2DWw|6mQT5ddPdWcPBSQJfP!xYlaP-=3jXH<=^+djpXE8Hf?3EX|2oXuz~JaK z>!OX*Mnt}$400-J7G<}jBK+{!P^J#%GE!aol}G52gjdSRX8$)8H2=4dNXaX6-B7)e zCOhx^t#hT{cD`9scn9eAm||`sC(mg;9Ga^ku|l+-?kH&Avz#6HCO*d7vzQv5S+^L7 z>Z4@HCh~mx&ofhQ)8cN91Uy>x;KJNxSHoA=5kkVfN{vc z)w*rcvbGp<+VgmtluOn<&uK;~+GAA*s*Ru51S;4@-3Vgob=vcyGu2K*HqhqdG@1`E ziR|@Z53)uN<0rxN8M&&{rA1rRw2BG}b_!TO<%eSEM<`2R7TAW+N@_0U4aV*kVVpSe zaI_h32F3S=F9y5Rc*7MdmTsoc)T#`+GwgSbGa2(qx1MR zUCO#PZiOygg|0;CdSzi>^O_S?Q+}Jz^we13G1|zcmg{}L&FAd!&Qkn$s3nKTX?&&5 zYzLtwu7WRbe7yPu`c+aE3au!z<-Zye_8x2v7F?ZKpjqPTYri(y{R$$pphI6=HZbkd z87HYDGq8r*t6oyr1THl+Ek?|t%gz=C3k!{P)#QG^uFFvc9HlPO0iwHv~M1cMtLi(ONra+P4YyqRRRKSLsgT=u@^>YlZ+||vXM4L zOECHr_hfr7YsIbOnKYFzkTx@5G@#5!-aA1S6;6?!wVIF6+9j3_ey1qJ%u6{bC^_nUQ`s$YW7H`rB0hMqM}N{$)j6mopu1U*MuR{4704 zaC9;>^>T|m*36706Oaa(z&jxnqYuY$1b%Z}zhQ~9*_PGlP^)o^KW?oGWh{VkN1fry z!<;DOl1odD$6C(iEhS55GfAEc-5j;g>P05St^(b5HBT3)$IdCmEDrp@DknVOh}$@3 zjm&l)3Gc7z3rhuGx9m_OLjV^WKP{wMfBltadmrn?N9L^1L zHSn3}a5!0};hvKojY_pNZ8iG`0cU5Z!UleMt_CI`NQ;k}Rc&S&X!@!OCE5!k=Tc3( z1r~`wV^56QA%5sq9El!Xnh&pLbDPxkV84_EhuW!&bqvegp`mUaV395g^{6Jj8fFHx#6+1&P6RR5|!8%*4cDA=5O^C zPc-Q>>Z%)?y7pW#=gd7j#8{uf?wHRS9!wcW4PWD@0Y#~Qox+ESh_(!nDp@)oq!eoH z1W*H;@pBhxEI~vPM0tvWIUCp8AChOW@%InJqDfMv?w;cNbV4Bv8qrEpD8?DvIH%O} z^C2AsR3Qk{p(>i^(08_F8N7o=9Rz}Q)_|PDPhUzxw=ufI)^Dh*u+9;2mt!|k@beYP zpU)HUjqn=wH}1D(rI+_I)uHA_#A(k2w8Mm{x>0&&m+c!8f&Y}clxq6rkCXI2JXisv zROI!54LJ-rD7olrX})oR)M)!yZ$_E!`=F#S)48%3mmd#&r8yv`wiJ$hb-(<#hmr@i;3&&h)Z!* zf2!P3|0D@B-Lbq60fX@2&8V9sChne;AnzLxyfhd*SN&-0Ag|AdfW9w>$YYx3714b$ zKtXhUhDxT_nHXB6ZxjdCTd2kq-e7zEwkc0l9gey_7y!va?W7X2547xYeB&vy_J}Vz zT%t*vqJdg{$Dk3@bF&)+H{EP*wp^-vCkO=@{>bz0rRdFs1&Y(HTzFD;5cCKuB#zc` z7%?E%kM+Mt_9>LHkvi=-X*{9t4+26&7OiJIaAXtO7AkUjSR5G;{*d@rL{sR6NU|^z zGdnlmE~4q&5$Np#$7d6rq|Gf5IqIu75op9`oc3taqNUP! z(v0*UMCEclb4lA2=m3ST4n=XDH_Vj)+HxjQO|>T0Y0uhoc}LUu)r&=3TW?sTzQ%tK zSASbu?6Sdhf*Qq4ZL$1oKakViWg+)~cE0sm!E?j{)efj1S%&TAxNiBX^IORc-8HO> zux{eYQjXr{KTgza>hGvZ-oQP&{i8%DqC%PzTCN(g$1_ffn41L!^3PYb$P~5&aYY8? zNH@?;a(5h%LW(?PtNO-`@ix7>=gl-?U;;e3u%Vh_=SkkI(J>$;8L=CkSNQub*Lm7nBpE#f%!wGz|c!Atix59G~{@V?yiz zFeL_*J2fGYmjMVw<1XlE%HWZkqO0Np5`)a(a~JD2=SBwcoJ~{7Ev^CwL#wg)!GZdY{v03 zP2U)Lbbd>gF$7-L{4)6VaD%gyq^R7-7QKvs4qg5*=`ZlCRPi=8{JJvXLHdIaTMAuE zBWMG8(Q6@uHF4bP)kS)CwD|=BLgYx3P=}03>1M`L?GQ#AwJmRc<+?D#KXjI(UgBmL z9QhG?zz2)t7-Vu7AAmZe@Ikw%D9VV7n*`-FUjPY`E;~b`wl5Da&p2tpmw@@A$&<|_ z@GLI};gbaQ6gLg4;&ooZRdWog!J?)&M8dlinFPSsp1K1Ii?wb7@9M-2<4T4NQ!J*# z<>q9e6Y3HuY^Wpp)`6Dd1dWG_ni^WX| ztz!lTUPJlU*vY0(3M)NFPue$KZ$t{)D>G_@E!nj#MJh zFKC43TxNAeO4ioa>-{iKRrzGYV-A$LKh^hfPeThfxEi%53RkOsH3}z+Me$eX#gHvp z3(yo9do4YM7=1?eP-6;%f4WLdX(`ixyhIe5a_G)eBRG%qqw69%{Wy!swH`rc-_yk` z!l-UMk5glX>IhA9F7iVry7)3i|830*W>6I~$H%-mg3=nw@&Snsg{TULAV?iCXJ-=} zww=cYB-*R7pIKK}v+yV10cIVsxt90Ox1`Ghgy-+TuzuBxBdOU`XleRcFJ35@)~Kxj zCtgm(l1m%Mo2rU8u4K&+8FTxJdk=;#g8gm zLxsc72!k2nzkSXb`5A2rM_bA)^jSe*k z&{r4vRF5StZ~O4stbU*&S$)y%mAs&1L{{*IEiEDI@k@ z7QYodFDtO20Gg>s%etKTo8fWYAFgpmxf4Fzk)t0W7%xiCCpSLE9dL01lQqxDyl|zI zcIC-1l4n0}k<&hdCJ$6psAlI|s<4pFx4lWAqpx)66`+*d-r}I;l66u3FKmSmUUD&f z4B9-rE=YaOLY`~HKbLunl(}L$^nn+qxj-2Q{-RyJ#aY{8;lP9OUaVeS3$c$y>8&ED zZ|^v$F}n56|N(qc+j4KbQ@c+lBcSPqHAC z{Mp~~I_$GfM)^&{W2@)km{&VxJ*AkrT0skJrK#52;pT10<{B_L*=;wbt9a)nq-k%| zVk!N*ROzA->uY`1ChD_WO0Y`eClBZ!^D0)PXoAGskMf+FoG9Ghqld=i-E!lP} zhdl|qOz_LYW88+m)oho~|B66uk4jHxAproAsQ(WOn1hj{qnWkIf0-g1)vas}SP{Ry zd%r^PbLg&}cX-j?39c5F;iQno&;)l;@Qj5VylHCeCPFVAM4pY64p zb6hqe+#0r%y}T4^&cFBM>5Zr1^wTRIv^vsogf%NK+%_Di>hX#v(~s)2RYHD>F|JxF zJ8}>+-mJB(-tC4an$_cAr;0l&TDFL-zQl?UT-hMr?maSI>$RnCwj7>eHo9!qhYlib z?aE{-%VAmzf&1yfT^8r5D5+oM{alMzrrf5=jg7tNv-eaj_6x1Cpzjq z3=g&U?Vnh~&cg$grKfr?fh*5Fz) zifL?=3t{CxB3Ip5&DlQx{=@yo!mFq`c-7q)7_evIjy>a(mHenOTQ+%Vuv(g?sHVWP zclPE0K$f1mZ>RH!XTNA(GG`$jeJiJw@cUS^(x|3rk|sLH6ltP%srXiKbJ$|ja6kJi z@zJ=CZ||+reAHR9eqqHyW|p`1Xw{Iut-<_b{?2b!Uqrq=)2h+9;&Rj+?$Ngu@-kJ4 z1qw^$WTIodq$1y;zQ|K_W!0scf~@a$fvV z<~DPpoH10vr#om2gC0xi9kXkmZb&~RYTPznlmx&FS9#x8{(HTl$s zW}6p0J=CnNm;^#WHx85dK1u~Y8Z@M^d6#3F$$6U&#^cS9j-6`bT#Ec^OcTP3gb z%%wk|)3_?$+F0I#chPLMj>ifG>DOaf=iXMSuAW;Q`z|h3xpC~>`0%3CmTP}Vr|z<% z^plrDfixzA?3LrS@G|xO5pspI_CDigzkeUst*A&d4335CohR<*nRFz{m~+K~GfUK8 z=vdYpIwt5FI-e{SYHGbou-C~?J<;E%Ooxz{#uG#i7$>!cPY~}gbepLOc0{iq&j^2~ znYmhaBA{0V)Iu8~u1Ko~14)YWEQ81$(r#DXITETX$q!@7mMxHDKSdMJ9w+8dM&Ivr z%s@!P=SLnV5Mf_Y(BEz(k1>jqO+oh$UzC0n{<;t;mSFQtl|RQ`KdFy(RODVYK$9xW zCH(@O0Z{~!-rH3%$QODq2o=F1Hjx>s<^y`G`IQJdY8AhLX4e z@SK$R1w>m6@(fn&l#2L}3_gMVu{m}bE%r{(j;NNo04Ssx6@!W}QZx=iP4|L5&LAgz zlQekcj&^{m`?*7cuKYR#$l;A-Q`QhtFvwY>dK|>CRDHzX!`3bNVv6hgr zTRrIi;Va=rOt$0~uhIz~D6gjnxnJB31{3rfgryN-d9FQ3K zJXss)5W`%f+Bj*0a`{9{g0Wrgv+DfUruDvls3ciY{_~Oa+&iW-`Vw*>Xid}Z8 zNKEIwwp)L%RBC5StY2vW&36lLao49Lj+nJa=;;V{HhYCfaZDNqu$_|CG;dn->IX1o zQDV3ZQz)Vf=H#~fmN<)&b@QsS6fmx_w5GYgQFraL_RP23w2|o}IBNU{<~!qB?@0#@ zl-uwtN1P)_|E3Z+e(zrHBf_=XI7+~uAqdh$_jxH#H}**t%2V&rGNUa6mpak54Wp6_ z?%4#C^q3we>MI7D-#d*Hwrdg2D6uI9@fw$kMl z3saf`&8Q9TxO6fr_gkK!KyhrwsI=41a%xvVt7K_oh4k>aNt+NYugmU$9*k&I055YI zxb@Fx<|pp~3sL|Q3V>wBdCqF?eF+n?K4!*Hj+CUuB=2P}D`e_-zZH%aqZ5GS!u)v} zeVs7NT?ZMF*%dsv@f45+7q|c>VKG*cU7YIu0yd|xdqQpuL#;6YDH4e+MJmC-frKzw z)wSaN+JFBuR>@nZV1xc$g&)fv#X>GTzX}y3^|}Zh78ZCy+-GNrgn0X}ENPFuxga+g z&>S8lh=`k|AQ4kVQxO!U^&?a=>s1h|%Rp%P#idkXN5G9Wq)_F$ldi9>ctkA|^JJF=q9mV|LC#+-o1-O~M$5Z}uM z4Lp2}fG$hE9ZP)Fl@C>AB!6_am(uM($hRAb$HqCE%^zC}?dd4gH2Y+sbE7DpAf`i5 z+NF~kQ-~kI6h8OEuK;Igb@>;E);c38_Yi8Om1?Wc7l!FN88ApwJue@RdBP@G?^Wa0 z7SaxPv(m5^zim5V_`|Gu!me>+5@_$Wuza*OvWK~IbUQ5lv9^){(NmTzt-&Kw?ZSrS zYF7u=?$oAU)SM~Pdz$@ZDd)1GN;7h@G*aKiGtSdF*FPuH^m!+@Y)evR{gnyl#cc=VK&R}#%%pHf7MY8q4csvoMi`i)()2E`^)#9)+#lY~Kkw|&byzEu z9CT>9`SxpqpGDE>biU>`R6|-+j)WR6a=N&52PQU75QC|_n7tgA8peo*bWRyH`7&07 zM=nC1rtXy2I=c2N+AnG=+{_GHlmwXK3eZ&24 z699c=6X4Cig)zaeZvqK`9KgWI!O_M_)yk62%+bi|zZejHJ~04!?k^?!|M*qLO2hio z!;97kx&wsMs=|Bg=W8$!*y)S|NUvke!-87dES*AV{yX-fdyrnUoF;|4?Sog|k2NNQ zsI-+$hNtu+PH(@Ah*qv4AdVZBeN0MCOA#E;HL;~EYy=qI65sxPkL3_Y70lU^c5(72 zk5Eq-*|=Mn-kYbn+{Jx~E%|{=(K~i-xHfZd{mWW&?S>9EXn3YEox==tgklBN-c@P? z7gHvFxq-5mOSxBR_5NM^@IMzqxEfH9?)~1U((iGg|BvI4wYRZ#`2Te#nXv*E1N6{A zHv!*Z1s>)l5(`Cx6qQ!FD|G@j)dj@CtFX-qti#_Q*v{wCToN}BXC9@To~Ln}b8bd3 zA&yhNzo8vU#V5Dl%fvJMp76ye1uUa|s_csuCFM^a%D{U8POcE863mK~DM%qT!B^uB z%El7u*$c!}_geS%n}gOKlj)gO6UC!Fe!`7mCfp$efo3vgDM03XE6##QAz4o9f#g~; zRx1=?WK+J$VPa( zihTXA>jT8Ab8HWO|H=FXivRD58EYpieIxr{IrX23lF5`U>kU@qksGi}9N;ao#S|lv zQiVn{1;f>FKfsAg`F=9UV*jb(K zT?K=`#Ug_V)Jo5@CRknMNop0^^~uOb#h_E6KXphTQ={#RczcbF&)3lss}YJ8VIB<5 zlrG~|@>)MlBBcU=p)x+?5zA28ZhXz6(=f$u1IeWmC^)&#ZSQJ_EMlSl#xmb)=KnXl#DS$IJ=ucis?5J?RuyU|)Qa?vUo_R~m zGaYT(Y*EPf!Z&95RWgzV@vaNu546mb(6b>FG-S#zg-XDn{W8iL=GH(+I)*;;nlx=o z2Ka^&2n4g5X#N3DW<6N)83YK2zk5(Eh}2eJHJm<3?(45DLMMKswN_8gYyeltapUjd z1nVr&b^E;Ca4BQ z{qr|6I&=zzi2LF^O)uXre~NQA8#ha@jh9Z24_rG543jtJ*_M1wV}U11w+X^WGw{%@ z&y!NOjEZAwK7{4q4{cbqcu7qG(`=bc@8=TQ8uSy<`qIPkcOx8?KJNWE1Ib+1k`}(E zB#CY@uks?t+f%NBgi8WuHe{iOxE^Un@ZFRo!JRVxtDzKhkVJ!3yWhKd(A-Cd+vx`_ zJyjziOlta7Z zrFR)%q48?2|2l439YzRsIm=_ClV_@#CR-C%IaXW&(Nn}CT7v5k@c zvEM~`4nPh#$)iyfjoQb_EBQD#)=ZBJY0O(dt#yw9Yl7q4Ag`&K#E@w~)gLt80Ro$~ z&hE>+rcMEwzResco0dI6>&nAFQciBD2g2^orCQYt%Go>-*G%?2U5Nzd*g+A2EW>6# zmvG(^bXpPA*G`?{1c^2p0U-m`v`s9mP_VT=s^?~C2rDPlc)nff%9e_>;y*17)y4i5GN`m^ekoxO|spCzZZwYBYLxbfW=5-%}Gg?0op zD{0hAIUM*aaje*rGc9+@2P06_3mKFEN;b2)O{b5Lwy<$oor`J{<&5?Bq2yk?-?R|o zAMRg*bmMKl`kA=I(5@qQEs&8RK1~>2=b#D+IWM2JfP^j% zDHenp2SRcZ*1h4R4kml2&sxCrsvj^g4yS!s)vvT`mxFkD<;!Ruw;MZpRvS*YxgG=K zSkwvwvlU74hNhc28@tC4Bf?r4!|3gc(^fo4&xU=z5o7ZH)!;NYM{*THSP zT!aCwBb`AaqyyEhK_d6NKCt6Iua*#g;BO?bLSbg9x2lK5Vr@+$888xuXWnukPG$qs zJe0%-JAUL%6_`pOoiwGxTO3ugtxjq1@J!1jO729Eb~buQ`dFd)z_SH(0r5Ea0BkbH zKQtikr2vn6V2+@TPLl|le5wAlYU~)D_@XT9N-IY?5*hSCT`&a9uc)iI!H&J!R3~+? z@tkytiIwFbkc(XF6GfP$v5VeLV`%HfqC(thbD0?FRjXJV#!>MF2-uZ7Ye(}~Wrm<^ zrE#_^T8$uWrzcN4&1$tckACaI%jkn8Ys}LAh6CwbnSN>zFKrdB54w}OGfi=tC-VeT z934fH|FCD#8Z7&kr%^n`q!g=v=o6Cb_)IX0E0Bsv3^{t#7FI%PC8{W73>OS{v~ceP zla1CV6~(>kDMARu?MnER7{ltm&Em!LSQv7yZ-( zCUC@cYTJpVWvSH$>i49 zvul};2BMnLmp&XWhp6FIl*-47n0L$~HPvQ9YvyYm9q{whmm2R8?-Zm*yW?@rs|mw? zWo9;jd~o~h@NsD}szJGjdQadS2*O3fOi2T#hIrALGi*qegrU4KUY$0)Pl>yhx?l~- zkF103*A7H_rvuQfth(mhL0{YE+yOrfGR%;Dy|i}fauS-ITbjjiaymMJohsa~t}Vc; zCtwEz&od_Hm_=qHVHoCA@el(LbblneET5NF)z}-7?r2-&QcRR&gy_}KpL5%;xyC(K3 z%~VTP@0fywKH*CA4$`QnVfyQHj0a2uxk;bWu_|JOseo+nB*rX13*~+8hn+}}<=Qb%4j><%t1ZHSZ|;H=gosvDdFVtp!f!05{ox)+>NTE@XOKJYoZ+o0gcM@zqb_Dvfh`A8VX;8W zIjiHKho#J_6|o~{Me*ig3|dYjb*Xob(XdsF ztVOZFD)X9=RCEN3pz2flWei~}sin)FQmHk+Trmep1mi5U!{Z|-!7mhBf?4p=#v3^f z83&;Jf`Y=$#d9Ydp!H=PO7IJtw-HwW>k_W&D+0}TklLw&gjJUnH{Y!=NrxI5^5f$Z ziVLE8PPwwPr`d0su_FqR0MAQlWueFH-3%XIEn(?=Y=t!Hh{P*8BQo&$eM@7y*ZoQ1 zwX!Td8zV6;As+I*&={{P4tu7LSEE0SodYMKB0)0(`)pc1!KaQLRFAOdNy=R8RY@w@4njGw=-VR__ECn+8E$GdqDIrY zV)MXf_9=G3b}FMuiXT|H$*6J#iL0~vgwlsVIca)|EG&6@N(G%P;uBqQGM(@&^|_%T zoaioV)wESbgscl&lkAlRAM%G8cFrhkb#YsEz&$53Y*0vQ+^ScDab;a|HaA7Gnjvw& z-~pQkYj1FCJVR&OZf6hVP3P(x9_G&E_hS7AnGhN#yZRa1Q9!Y}+*6HKc6ojc#?%R> znWL}%Mi^n?Y-WdPz|eK;MroKC7+Vf^omb3H*3B$O?5*5$|%AoIiCLNow}ed z3y@+Y2@(|@kBo_S4drLVll#}$-TeHtruhf?(>M=z3*_u`KAjyt9e4Tu`A*I*t3v|; zSq}BOFx9}v@9zpUVr;4m)~%ub8>CLNn5lOnNWd?tZId7(Q6yP*=C-2t=t`C-_T@fK zh+5@7C)K7%JMLgSvHc)b0atj-z=1h<9vB-I6M=b*TmXp&Q6{%}7LbdH#H@_sjnC-& z{63yzv$crd32%nTTZ#-3+#j!U1Q@)}wT z$8T*98(NEtC}1ZQ)w8F8Q5Rzcctq5Q=TPVcQ`wyL=M+r+=M+4YMHBV%P6+Zz-~n7> zU%|x9r!Ubm>ht_zEp5$#S;UWC=bc~-SR%6K!-oouWA-EiQC20n>SOit{83)zQzFD| zz2`Bc`=x1n_U|TO;G#H}*M1JMhzrc=MebdQA?G;ej~g{Bp<&hM-etQ|7Nxh!r&J~x zXADt-5O;hu3jgA(?q5w(Y7}^XATFcJw7c|#lvy3+J%r|yN;jWnxncC0#7571l8nb; zmWa4%a)i%HEa^GhEa`>vZ6H~+`ImlM63t3sB+Ptyondhrf16ols084}pXNKV36BrK zc=fQ- zVztnvTgEdzMyTEEXfQYfzrGZbJLT(ke&4CK0E;td_6g3585V7%~{4DDM zKj*5=FsAFp<+auRO|L>WmNSkEwQoz$xGMjni&g=f^#j~zJ8#`vuhq7n)dfOx=2_Q?uSy&C~_1oTu z<8+FRpXqoIg`TNtCOh^v`VS7#W^+&b~4IR5=IO z`?9Gcn)5bslbmyx>q26-z}z`{@S;p>Yfe1x}Llp z2BWEf_uv)LJ%-4uYnjR74+}>}fjBvm2`-wP} zpai>jsAiB;SketkCey8LX|FB#eYG6Spy*DKTK(Td_Qyv_XyvTfh){{G65Md+6}V6B z?)nNGdTy;Ol+&VJ=di|HYll9@+E%%K7j!Y{cg=(A-p)aH?T<%%HFyQSh<|aB5}ae= zMoXOB-xn}V=E7OltaR-6u%dpXl9g9g&-SZnltG=d{bXIl^laSI0&}Z32nuw*so@jT zqrql{dH6!}bR)y$S@FtTXie;BG~v4YyjP!&rZ;=sfqm;rEXy1Fk>}*=6Z?5O8m(q& zc_x^0UTv;MN5*w&8y&P%m$soC3ye5BX#GX=V_P#LWbV$D1LC8zJvfzL)OxclCr3yh zgui=nF@4W8?5VZi6X?b^n5_pnAtUfuS+w$#$HhlG9J6$GL58pBh_oMI z1QBw(D7yMz7b1G~tER0`Mlq+Z+m&!V((lcr)kW9*F1JXjK3v01@R&}lFyUyi3PNd1 zZr|A3(UuU191Z>s$bBam?VTw`m#P&b8%Y1erIdg%OehsG^~@&HT1L#rthLFP<-JRN zQ!;jHsEwj6OkvsVj37V6J!|?1nZ0sGW6uJpZ|?De(gNj;R8Imt38T|pY{T=QMA`75 z?9p!9n*CnbI-4ee*>ro5c`H{)Kk|2n-UhE4vgF4~YM1%uamepgESfd}@o(k&E+=-i zzqs3jXW6DUXxzt5Ym#R8bk=emuT!|*RBIHxO-|o}^NRv}RDF_+hzl!^>YC>%_9Vs8 z2wl)Fm}KTY{47N>{3j3OMlKnxm2Y^ab3wByO<%*I94{vdWgD`axj9@}{b=!&k{=>x zb3k33Doo1qI6Tr~<7~HkRBE0lGrRW=N5bNUYfJBIb{_HOMgexnOP>4uG^LYqZyeRn z#th4tx*Rq0;)%HfoX*(HgEP9*GDz8#8P0+PpuraIHQ~ET+T~}vTE|c7cY5#Y z_O|iKypv3~jHzod0F9Q*YH|itp6fH#%|ZZyWg%}u>_yXT+PB!1J&)}a9duZpbu;x| z2BhfId7@lL?Th8fbJdw>)Vune_t8ibB|M%v*72Jiu{1K(~^^u?{zk0DZGfi z{`&9K6x#W7DJxhani&xe4)?FriIb83%U{?jDWh|itq*bG7QfTH4e)=P^^^->z@?5K zKgR^96o6~Zqd~}l*K&{-${infHgI~0K6JSHl}C5CLZ-3hX%HmhF7c;scv5wi-Muvj)wc6H^%$PD)byQ3N$Z(MjXm@Z^@#nmn2*`?N}m@b zVrbW8Bu(!W6I+kr9ojO-9w9%K8znL$dK=;+PRaL-YQc=Hu{#G}8FRQ=Np&}KyvmeI zLs5NYQR@{*RZ^bAY@pB77Rjue`6<%{8&h^sZidJ?y~U%VD=#yl*KSCCyxZT2Kt;l$ z#*>lYG!A}#CHs_Xyixe}VuB|gyyIBO3G*c>U%}g5sRMzXT5IavS}qLu`DwhHfnE2r zBdqFZk7mj@iJomZ`zM)vAbA&8q!Q6uB-`2{L(J>ZcGjMas<#l@WnuPCq~qcC=STIr zh4o_x$f~AkOcUr#VQsPug$oNhA^|$j4mwz2AOAmB3+_!5S-8N~5oBTfp}*7J##Wa0 z%6j_dMnBTsE3to6RDTYusE*;Y8-(8r2;~)y=6ud7P|o0*&Cv6xReW)1X2D6SJ4lPq zds@^RjBla zs`^eXKPo+|*T;vet&&oT{9-bS;maXT8zOdvPZE!Hy2W6IMFj&1gyBvz7hw2+dT9$O z8t+cT%9!a;Y(sm8J;wpP?4Z&@)G{6$`kj?K&Az4Dga#8&u=}>{oQXOUVbUMd(2Hq9 zS1(&K-%pYOF4fV1y^{2DBQk&fXOQ+)Yyc49_(=)2UOQOQ{JyN|`K(DPn;Dc~QK!~~ ze)FPN#!NI0LHboJ7QX6A%Pv70i2sas=B#>jgo|;B*mNg*re@f&I8bcpTZ0yG35upj z{K{XO#HT>M%h@omV8iTb%OP)SXAp_h8+|W634S)KHoQo!ZH(b4#gxKTl8F=U*^%?1 z8cP2^@;n4cogbQ9RGF%vu&_ z*BJS>fjfn0eFcr=C8zaj5if~&1X>=zSZ*`-G(2{_j$XpEtwY{TyjqQ_zC`2`t*MJ&7*1!`K29zmVuZI{l$w0y6M%RsOA*LWFfz#e?#*ftX0UO?; zRG+RqkA}Gx*I>#${}QMdg^iWru#toVwl;$WQ>B1OQT(x%#cE(>`$wGqCq)7K++as& zl(5yzLtL-D=yM9DUGynSaF4B)MUgEqGq<-K$aD7tYC#K%&hq&J!Awb+J>RyEb3F*d z8MJ(*tu~C6qE?|EW!Nc&C^4p#I2Uy>RlLlP?Xn_qkk9>*n%UV_cixS`w_kkcH57Os z9q*JrA#~7BJ4yiD&v2}dk@Q{tp{!Kngq+=jj2Xq=4w41<7ety0XrE{#<@oi?>8SV^ zvJzrW7V~u;BKh6pBs}6wq&ez)#Jlssa)ZM&QbX^}65~@^y7RdLRP!X`2}1$m-L#?j zD)hRiNQxN`n|*#6$;>B!AH=x0eu--R6{z@e0y2#Sz?*<4zhJ6?ZUGc z$v|E~lJmfa>17;?J~wE3C(g(vZZ-5WDU(V$MT6@ZlNMzRF9k8Xv4=4RXaZtAM_Y+NvS}zRh}U32jQML2>sed> z7;FEF;XgtcF6CtlOvU3t1ICmPVJ%PT947;Uct?c(hMwk~c8kFzS-Mtp>4>TH=}Ay2 z!QixOk~|1>G>Rh~R998pAC3vOaqJIPA7KCZdAxIXay#$b&7rq6uxBFQ0e@l}F>N_8C+ziE66)IvkpR?F4cS)I# zlY^N)AW=j(+hou#8@o`QdUdR&`;17vi0N>%(L@o{Yp2`Ogy1Q?TUCR+3n^~dE^$hw zL4qm0`B;|Txg>t@p4uhRe>tRNC4(N&f-H6A^BH*+Ls4fiy88((f04$N0*N8yGm6hO zW&536&gCNZ?qw`B$)ODq{C;_2+wRgmMiJnA5}68H&m)o^|MadR5TT*bN1B}{yG!Nf z!TnnJ?(p8dt%4f@n2q+6X_yowwIq!Ol?h2Z0uNN_9J2=oOfIr&ZBo_ZH2NgP$gZ%` z+*Wr-gD-ZMX!wXOLt5Gf9;dFAF^&4p_Xm-cD2yt1<%Rk>r}O)Ar#`>_EHJj7#lTE(wC}zzyK$6V>sKx{!o9sh z573A_{B(b>X+JKRi0R5`aU`L?}726cZMrvNO*%@&erRW#jC$fOp-7S}7q_lm*b zy?yDfIo+79L&L;b6Z~9s9{M|PH$q~COMxYR?l6c`HI)-8;i|ZwBLV)soR1fVjA8jz zE+S7Bk=hpW^MX-p-yDy6&i&2dfk$A5%`pGcFsmPN!zqKsKr!l%@#OZQDGHn5z+}vH zm0hfj?6iN3E((C(9VDuFAYH+5OR%{SY{dHI*oNKm&tUo^hHe9iL}{b1s^H+>>)-!F zkLLzS0@G9bL$K;s6}8*&-^JH%z;JLgKlaO;|5^L^Hu`p%)f+Tq>NoTsMOSa5 zZ&wt$L7%MthW?|z&~5bXJ*hY7gTtTb+dEWmySTld=f=g^`A-+W?(Vq_|D6wc1BQb; zMS}k~cI0gbzcUDbb%2a~+rbT=@V1xRM7kS45-9M0c7)$(b+_@iSvNO$^#?!kHyoVX z;M;kp8*mKSPw=fQ)NK#96C*bsxF~*l_$^Ix8~^)!^#% z`WN`mdBbh=?_Z~WMc32)g1-53b=$%3&(U8UATs_M0{`|@RRAEt_GH7s;lqAHk>KF& KF~J66xc>p(ov<+g literal 0 HcmV?d00001 diff --git a/security/reports/report_service.py b/security/reports/report_service.py index c130b325f..bd820d78d 100644 --- a/security/reports/report_service.py +++ b/security/reports/report_service.py @@ -459,6 +459,10 @@ def _bucket_fails_by_severity(controls: list) -> Dict[str, Optional[dict]]: for ctrl in controls: n = _normalize_keys(ctrl) pf = _pick(n, "pass fail", "pass/fail", "passfail").upper() + if not pf: + status = _pick(n, "compliance status", "compliance_status").lower() + if "non" in status or "partial" in status: + pf = "FAIL" sv = _pick(n, "risk rating", "risk_rating", "severity") if pf == "FAIL" and sv in buckets and buckets[sv] is None: buckets[sv] = dict(ctrl) @@ -468,9 +472,14 @@ def _bucket_fails_by_severity(controls: list) -> Dict[str, Optional[dict]]: # --------------------------------------------------------------------------- # Table location helpers # -# These run before any substitution so the placeholder text is still raw -# and searchable. If they run after, the tokens have been replaced and the -# table can no longer be found by content. +# _find_remediation_table runs before substitution so the Remediation_Action_N +# tokens are still present and searchable. +# +# _find_appendix_b_table and _find_evidence_table also run before substitution, +# identifying tables by their header placeholder text. The row-level fill +# functions (_substitute_appendix_b, _substitute_evidence_table) use index- +# based row selection so they work correctly even after earlier passes have +# consumed the placeholder content. # --------------------------------------------------------------------------- def _find_remediation_table(doc: Document) -> Optional[Any]: @@ -484,7 +493,7 @@ def _find_remediation_table(doc: Document) -> Optional[Any]: def _find_appendix_b_table(doc: Document) -> Optional[Any]: for table in doc.tables: full = " ".join(c.text for row in table.rows for c in row.cells) - if "Control_Name" in full and ("EV-00" in full or "UniqueID" in full): + if "Control_Name" in full and "UniqueID" in full: return table return None @@ -492,7 +501,7 @@ def _find_appendix_b_table(doc: Document) -> Optional[Any]: def _find_evidence_table(doc: Document) -> Optional[Any]: for table in doc.tables: full = " ".join(c.text for row in table.rows for c in row.cells) - if "EV-001" in full and "Evidence_1_Description" in full: + if "Evidence_1_Description" in full: return table return None @@ -615,44 +624,47 @@ def _substitute_appendix_b(doc: Document, controls: list, app_b_table) -> None: if not app_b_table: return - data_rows = [ - row for row in app_b_table.rows - if "Control_Name" in " ".join(c.text for c in row.cells) - or "UniqueID" in " ".join(c.text for c in row.cells) - ] + # Skip header row; fill data rows by index so token replacement order + # doesn't matter (tokens are already consumed before this runs). + data_rows = list(app_b_table.rows)[1:] for row, ctrl in zip(data_rows, controls): - n = _normalize_keys(ctrl) + n = _normalize_keys(ctrl) + # Derive Pass/Fail from Compliance_Status if the field is absent. + pf = _pick(n, "pass fail", "pass/fail") + if not pf: + status = _pick(n, "compliance status", "compliance_status").lower() + pf = "FAIL" if ("non" in status or "partial" in status) else "PASS" row_map = _sanitise_mapping({ "Control_Name": _pick(n, "control name", "control_name") or "", "Control Name": _pick(n, "control name", "control_name") or "", "UniqueID": _pick(n, "uniqueid", "unique id") or "", "Level": _pick(n, "level") or "", - "Pass/Fail": _pick(n, "pass fail", "pass/fail") or "", + "Pass/Fail": pf, }) _sub_mapping_in_element(row._tr, row_map) - for i in range(len(controls), len(data_rows)): + for row in data_rows[len(controls):]: pad = {"Control_Name": "", "Control Name": "", "UniqueID": "", "Level": "", "Pass/Fail": ""} - _sub_mapping_in_element(data_rows[i]._tr, pad) + _sub_mapping_in_element(row._tr, pad) def _substitute_evidence_table(doc: Document, evidence_items: list, ev_table) -> None: """ Fill the Evidence Register table row by row (Appendix A). - The template reuses {UniqueID} for the Mapped Control column and - {Assessment_Date} for Date Captured. Both are shared token names that - global substitution would fill with wrong values (tenant-level data), so - we handle them per-row here before the global pass runs. + Uses numbered tokens (Evidence_N_MappedControl, Evidence_N_Date) rather + than shared token names (UniqueID, Assessment_Date) to avoid cross- + contamination with the global substitution pass. + + Rows are selected by index rather than by token text, since this function + runs after earlier passes have already consumed the placeholder content. """ if not ev_table: return - data_rows = [ - row for row in ev_table.rows - if "EV-0" in " ".join(c.text for c in row.cells) - ] + # Skip header row; fill data rows by index. + data_rows = list(ev_table.rows)[1:] for i, (row, item) in enumerate(zip(data_rows, evidence_items), 1): n = _normalize_keys(item) @@ -664,21 +676,21 @@ def _substitute_evidence_table(doc: Document, evidence_items: list, ev_table) -> or _pick(n, "date", "assessment date", "assessment_date") or "" ) row_map = _sanitise_mapping({ - f"Evidence_{i}_Description": desc, - f"Evidence_{i}_Source": source, - "UniqueID": mapped, - "Assessment_Date": date, + f"Evidence_{i}_Description": desc, + f"Evidence_{i}_Source": source, + f"Evidence_{i}_MappedControl": mapped, + f"Evidence_{i}_Date": date, }) _sub_mapping_in_element(row._tr, row_map) - for i in range(len(evidence_items), len(data_rows)): + for idx in range(len(evidence_items) + 1, len(data_rows) + 1): pad = { - f"Evidence_{i+1}_Description": "", - f"Evidence_{i+1}_Source": "", - "UniqueID": "", - "Assessment_Date": "", + f"Evidence_{idx}_Description": "", + f"Evidence_{idx}_Source": "", + f"Evidence_{idx}_MappedControl": "", + f"Evidence_{idx}_Date": "", } - _sub_mapping_in_element(data_rows[i]._tr, pad) + _sub_mapping_in_element(data_rows[idx - 1]._tr, pad) def _substitute_global(doc: Document, mapping: Dict[str, str]) -> None: @@ -902,13 +914,13 @@ def _render_report_doc( """ Load the template and run all substitution passes in the correct order. - Order matters here — do not rearrange: + Order matters — do not rearrange: 1. Locate scoped tables while placeholder text is still raw. - 2. Per-block finding substitution (scoped to sections 6.1-6.4). + 2. Per-block finding substitution (scoped to sections 6.1–6.4). 3. Per-row remediation table. - 4. Per-row Appendix B. - 5. Per-row Evidence Register. - 6. Global substitution (everything remaining). + 4. Per-row Appendix B (index-based; Pass/Fail derived from Compliance_Status). + 5. Per-row Evidence Register (index-based; numbered tokens throughout). + 6. Global substitution (fills everything remaining). 7. Remove stray template instruction markers. 8. Lock finding table column widths. """ From ef83b5b7737d7196ed260230cf28ecb1de391991 Mon Sep 17 00:00:00 2001 From: raaidrushdy Date: Sat, 16 May 2026 23:58:14 +1000 Subject: [PATCH 4/7] fix: move template to correct path security/results/report_template.docx --- .../reports/AutoAudit_Report_Template.docx | Bin 78252 -> 0 bytes security/results/report_template.docx | Bin 78211 -> 78252 bytes 2 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 security/reports/AutoAudit_Report_Template.docx diff --git a/security/reports/AutoAudit_Report_Template.docx b/security/reports/AutoAudit_Report_Template.docx deleted file mode 100644 index 0bd056cdb1e022e242a5ef6843926560265b5045..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 78252 zcmeFYQKjHExZfR?lUW|Ptmh1jd{5lu zKiuXhnnxFk6x<6cx}JFC$r3Kkzh|+mLk|`AP_Gf(Ho;^+Np@NM#lx@lDx;C2$VM9B zqF4h$;=;$ri^f9(R21E&MYRsam|>T51XC^E0=IWo{4fVyFv)%(IBH4t+brI8BD?^k%)EL!SKS7la@z6d>!`6aXfqLvlcnI5|BC_wJy#2w^wu0#wv+3_*T1o2MlUg%EPjIsN$;#1m z1nNf3H=D_;)xAHDVZYgaUvclru*9-{01#u56Y3%5K zO!;{XDr+hTY^PDnPY~WvTJ1Ik9(z`~CS_x}1G>>&L#K&`w(w2H7Ry5oM->C^KN!-G z6(K}Kf$`Whb8Mepo6R-G;t?$IJ$6os8OWQtPa{hs@Uz(PVKeIVkXo1LREow1#fi_O3K_+MeX@_Dztm{>Xe z{qxL~zpYrMHNVqddDWQXHT!;)5Kk{8C|>1a-0vUM@RwCd^Uw3*Q_ypgbIP{&j+9{10Q4QqC;2e;_v0Ci_kCS*VtRY zzBBBm%T%8)jm+<;-`98E?_%HSsZJXcZiZ|;Aqmc}H}B2Yvk?Nw;iL7+EzDHH{x6mW z?(Fln?p@VkY@=&sT``RCCq%3ucOPaJB;%mKZn&TM*88l?d1 zCMJfiK5Z*=|GaQ}bvh~@a$p^SuqMP`BgHdwMRqBx=Wv8iD#2paI0}clqUJJ(H<#o+ zBgwBzih|MP;8g`rkg|Cr|1P6NLN>2jHbx-F^XDewL2TJkKFIwBM0K0V)WHaaqke1Sy1cBozX63W z$(Bk*wrfb-#UE9@*y{?@d1Vmkz@ABoYuygwsIGoaI!TBEcQ0Xj!^- zw*NXDt@tFD++qbV(0|3u38Q#{Qw6e!u!=GOrC+s*9UiQxMolhxn6raeDR-_oBQ4K+K8fN?-7x=aM~3oaQ7 z25UxftR}cD6qKBe7+kOUehz9@I(C-WMN#3_EWfLcZVjniXDW5&zdge-1(js$R*F!7 zuu`}`3*%$uEFL~0+${7CqY>K8M{l9DX=Q-j!q@mHNAKA`uSI@4!W_I+FJ8r78GB+P zb;_;iARa8RgC`l?^(#B%qlJrTEAm6-`+CA3Yhnr#hl4Nr{0S2DV^U4kS*GZ+h-yn? z>g%|O)w)0=NW~N4pB}@->;X)YzL{#$mGb-%$2y{pTljnFnJtXz3MlxWwLpGLV6fiINgHP$XB{yBMDN zSbdz{yUl}e;wICMMX#kJ=HybgLsG6tf8jCWb{EE|$6&Z}O12wN3m0BYz{f3i0CIQ{ zz7Z=G+5iq1b97&(Xj*0B3P9tr43jBkl2Ju#Z7t&F-}^ox9kUwMZ?JY2@q_!>e#FUSo&XvT#}PeWc#1 zom-DcP>kT2lI~&C3>C**j6|Nki7TQjhJ1EVcknz8gX(A3d+J8~CP6`NXE0~uUIkyj z-ZYwpcP!? zUficcQfc;ZFh;a$zct}n`?7rc%49&~I#aX!h7jdp8))IXIYZkw{CgJ!mC#ThPZ8s9 z8H+bh;P-8>w(Dyge&W8SCYwjTN8}d4cwgRmPp&jbT)H{KC0v3ik$*x1K^HF1PbGiP zb^V5G#;Ld^9+t2XqIdon(DSoFj8z~}PdTqgx|$$MoJoGSf-cD~1Mji)%vnkjvRkxo z^S5HLTyDt%g)c^A@ot1VUZG3RaaG#&7RR|CcAImMUbQu=Rk15%?Ti>Opv{8z=f)5`t##$=-qS83+N~Tzn zxHeSP(df1jy9xtKJO?AYbskeOi@lXIcIZyFP9A)#F#&ar_FR}Uhwt` zumVsh?%~=GxNmI%QfE(>oWgu7ryP>T?vBub{YfyqErhTSh99?w)l1UP*erz7DRI?i zi%ev$ubn`cuitn3inmH?RpM6K1Je7X8tR%~{lz+O2Za^mdz-*ymbAr+t0n8Z-|fjj z?(TMKC#V@hGu>s&1xp>8iNOmZ(Iu@xLp;Ywj3iex?P)`Q6i^K6|PRhN^=8}mwZD=h#HfUij z&@?BF>DkHQ$*QRP5T2KM_vK67Ejsk)1hZwYny{wJ&c*6xcZ&_`=P z>MGlc)a%ew&mb-H%S@9vP80RZ)IhHgt@2KG)zTOfsnm|vkWG~pz0S09I@YSGM0dE5 zFkZK172E5of$!=?6yfF)%|2Q=+tV4~GEbjVqIPSV3E!47on!27PQ}aB$cFUCmI&fI zAivW%OOg3twxUSNw6*hM7Ap{$A79h$*I`B1juOxF-OQYU;EZe*6>cQ)zVh{}ZVH|o zk%;LPx<>z(1Cx{&!+_M?La8nvg>2MpDKDuO9|b(Ps1M^G0#xutCYP1UCC@evqu%-( z?3Hz%q^uY^?-rAoNYNyVKL)cwBCSN|xOG0;GpZshGcS!ng`i|D>N<80b9CTuAC0>_ zT}?~Ab!rGx1-6&ZFIS-sI;vLGL19~g*AX3>ZLl3tg}YeN)+V`!)^+rVn=9M)^E6sX zE2&h$f2#H|?boPe17HIyBh#(B7zH0as)lI%=j@uYmueEVjBa=@FBz@rJyYr!WQ&To z^S!Pjd73`V)@>VL>9n?%Dx1MOuITO8W=Py}Sa_Ik zrcNf5x_1?))sElKO1XMq?VO#d6rLiwq9((Dx^-JKHmX~W)?A&=cTt`xNxt$_nrbGt z2Jr0454V&l;q9u1RN@p|{+O4)&OKgRdW|tltu9XPUkAA_aEB+EwUca5!`1!p>&O zDs@_B4^+XjZ_rBZ{5YS8niS~V5=dW#7Av`Tf#iRDO#*6hb;64o)rqA&T8 zJn8coU*>V-0ugzLEh zYma{ll{QKpX4gt!NRz+KVMyhEmSs!N-Q}EJMbjh~5s9RcVupjF5Hj7(L`~OtG-8zP zw07jzaVnMR=2dlR4&gXHlv_xlg4%KvCu60jTZR(eL}=ZUJDg5>$ydv|J+}~^_I>Qx zWTcw!TodOcH4LNTKmlQV|}MJVnd3+J?|U{ zS--$!uZR3al0zGl{fV!E`qWN^i)>cl$&n{7)>F=(OU!8;d6*I(jp`k*N6ETm;Iv`Gjx@V_c#OYQ4=`qJ$~LzgIh8L4 z=Z;e|=crOHmL}BGEgI;KlUyWx^e^BWFlARYtUckPphb!PWxY|XU2Qg2UY(y5F~K2j@hP>#c@ygj(P zUDxnna8eX#Oqttz0T-4tY>#JC)iA(wx;p3YH`88aZG7t*Cc6ysVFYHbmW1aXW*!15 zc4OLQZ#3y$V6!uab-8MfQKut zB(X4%OGGTr=zZJHimTUZ!`MCk1rLIG;SV+L7? zti*_;N{U9{5q6Fgg`vToeohVd8zKGch|Dso?Bk2~C39%I&};?T`~<24>4EA1RCG-Q z!LNdX+MbaJjo1twaT`rQ!F>~2eszTS}9C>LG2Q#2uYU^5>i%P>3$%VCv23uib zd9wBl2b5lDgpjfQR?V=4nsBIO^rh<0V-QWaAA>TZJ(4~{ERk&7eQZy)EZ4wfzF8HQ zBHnz>8DmpNy_rw_$1!&~Mm%v-#?cCIrZ9f;*u5;_$aUvj6dqtK>?$hvoHlxz7<3i4 z_ME92Me$-jqYNuY3QDgrW_kIg6iJqB^rjAaKn&+qkTu)&GysW>TH$w zorJk?Ll8~4X}xQhX3L$jfh{Pe)(caeq5c5~ML1=~?aJTfxs7ZNVpp#QCBoN6#f2_2 zRijCEjoJ1aAV-Gix3*4|2bJ~OLF^59LjjSfIgT}3Y-?7Iv<}(kAbCiR3~CWc0?9WNyGAz zDp%rT?rOnfk!OYO>duTG9ZD9-S*{So5(a?3tmi%2_)2K}F{;W?@rernF>*Guq_{G= zae-0~it=^=3M&1#B`8bXOE>YQZgD8|97Fa_ZX6>+j^!n)^~w)_@8JRBqMCwqIMu*K zL#bR2?b0^Dh}{wtPWgr_&d)<*XFj7~7%s!Rp8twgPQ^vVgyUknHw+sPNCr!YldZXH%tI50d#SUr4H9l+mX#kP27xXcqhVQ0!&r<4DFa2pz~ zDzkK7INQ6xpF_M;% z9Z}zBohD~5AGHc<7LtA*MU+=h;Cs~n(uyb}!RerKuN8%lm> zwp_f|?xXiI#HceU8VZS7J=p><(h@~NvkcDM*W=23oI9nJU+2{ElS{Mo1n2ce542o*@e(T1vVyQek zQ2`R2$%LxZtYaI#jk-J5rTlEX1^M$zlJoq9R1yVF^mlP+TOsbdkZ(dkNM;75;c$|MZbwr7e-`rY|2vsO2PbBXSe=M;2;-Cw2MG3pibH1kUp2qdLU4%aa zcip7Aw*brn;21i#{}6-o+=fU9vN8=hnt=XTL?+hdqn(ZA*=Vl>pQy4%sseJ=9>X9I zORmp}56bl+=j!g{ToXG2M$F>F>B>FfF*6D4upsB@659}_a;#Tdl#@!r5+1?0ZQ5| zI4oT(5nvTg+_fWpgZWozw$~PLp(^95mQK4NJtcgy9M9U{ zeiX8nDu4-_E=FsipMA|t&S=<2bQ1=)OdjLUEtbGXS}b~&lu6#9Mgds#m#JG-O=xOp zw6XRlDgrz3T3?Qq(`|=K)v?$}5mRSXJ8fmGxoV#DNwi%RTByf{g0A{pKL8F__B)>7 ztv|~b+8Ar-rMG*>-ObtksveY#Nu<-8EZtRZqe%lXI54&u66a_guV#yx4pBPp%SRAt zWNtYk>lUo16U)WdGe+^tbD4Ti z7w{tlW!rkMo>Csp5tEY#U;Cv8k8X*i8+g{%6+2V&1KL0aRA~>@%iTs8q^lsvrFM71 zJnFb}iH&ClnuyUC>h@4Fr3KnWlC33Y&og7}RzNK**x&CaJCK@%zO+H0j^dVQ>bnD*bVW27r(~c5ZdnyqT^J2PJ?3H`V&4=;G zS=qk}$zNKPB@XlED=cqMs*?`SLU1%k${yP+3~6@tgZ@Zp0=CW?1GdgUdB(q1b?m>< zvQfg#`Sj2=t+Q6LJa#u~vtrV5U8Z6+UA{N|G2F+~HG%Y$a%-Y);G9)yRleV{RGG#; z!4o(9DO>5V7%K1F^vE%Mo#eNWJ^KxQ6Pw5$7 zyNp2oo-!V~7<4HJN}a0i#u&ZO46W3r(9=J!RcbZ4mvp!}VQH|fT%Ig-;GvxfLgLDl zdX4&gQL!r4rtrRQWKX&FkmFbD$>EJS9!{bWC6Z(zmspyT0Itw4Kb{=G?9s1cX3$9R z_4z6Tr($56(n&J16^OY!vNd$?si|v9wUA^K((V|5X*7(|)n0^gm^g%SVAAYuZPKb- zI%uVn^s11JvSg}LiXzfM=$Eiu%g*Vev^m(YwXU%JGxqaAH0N|=k)pe7-m@h3tU>_F zSb|e!1vDLe*@?3(QN*zYB3Xj5!SwLDs<+9uOBsfZi48~=jaf5NF{vUS6-!jKuZSY# zlSgCM2qD~$)95d#!XdJGlkY<*``>GE8JbA`-CGAc%RnA}S!`Iqd@jAcaw{Bgl2@@9 zRhImVRCb{qjC7HeCrgu=Cz%Xzv&J=&!>!l|SDBGEBbx3t`*nwH{Vk}IDQ833U{hJUv+B0FI;JVDbf#_`Tuuhv0TSP5@Vng5zL7?;!zJi!FIYw^! z0upBGjO8^E9w4Rz#PtkspO56FobXq~^ezs0_5O<4BB4BU7iyu3$t-i|zSiH}%FT?0 zCNM^2C(j!JD{U45)pmMfeHdx~GgnNfuFLf}5M*j5YIAP}`WzDJR)96@*a>ZQU;gUL z9bMnon9s6yYW#ZkOjAjer~}D(*C-EH6FsD1?e=)Kj>Ei&$Rf|H-Hkrz`(ojtVwef} zMGZm^+ToqynZ&6Ib=djmAtAOJkL%XsiJ5GoWlw z&%Q-H#Lth)QIuss({MEqNJ1V5ZT3(IYQ=OU+TmHPJ7fl)s1MG_wwcIgL8lQHApJZ0ZhIBD@?o6s1UtnD%78kZO(a2l7pxZXm3j%uh zB7iawCmKM+FsVZ~L9}SmYTpYyU#0ZbsSJ}DJ!q$~;KPcfKn`HceA2~tB8^khj9s2i zhLHERfDT6b?B0wDIWb}*yJpi6=MTi5MvD^#0kCM)aN(Gj_b7o-4EI<_M(zmj*f1P< z2hN{e@H{@xwx{TK&=>uW1WOX#+JVM6*>_V0YRg?8|KF^zCpk%mItza@fddrYV3ZKl zW1G0*9OnncFJG>8c=o>^A_zCwZhVk}6og=x4@HnZXo8fW`>!DTp8Q{N-QJ`C_;KNR zAOv#>L;8RAC+iu@Dx}jRX+ihefcHGhKO_NeaI1J>`N1ACp^k&Wj4?A3l5g=)zKU|r zyNy6o4a_=o=b>{)Fu%ih)|xL(=!bF~6iT_0bunsuro<7c0x7}`_DFFleW~qd`{_Cn zZ;zE;5qLVxK-XFLF+{|&Y03aN@Cd*^#KmGz1l+Z|lH(1-IbiE|eRrsEDSvVkh!W|; zSU57&Wl{@hN;8RYDSP4k#iCId1|2w|9x;Y}FjZ1X{oT-KO97hFV?dybR z!y0>WzrCj3;~?s}^RmeSAtbA-!(!fEqCc4hHq#I)u}|qW7Jd?jJo~NkP}d zr|z*Sgu!mLM6hRl+U-yeDr_4NRwRg#wP=EUvdD7RJOcK(Zc6q*Z~*}HAP8`~(*(m6 z&vTdl-eb*?5+-mbq>wIf-|grgA2#JLstA{LsL!;#YJ7<8&2z*OpPYM~i~oI;yu&#e zLcYdm{0L5l+GEg{Z&&jm*9QjywN;ufZhzC2EHRGOZAlP}e%Z-J==IQ1bpa$dg;kGc z5jon~B$d1W7P>gAz0+^5zqEg<>j!6>+sh+a0sjS50TUU#$$2w^(R z_tHl=`I;J0#_hJ?+Ga8RkW6rhFXBaiJ@qZK7KIQ^m4+F-N8fOSn6jJDCu;34c5>ndD8K&4?Di%a& z>U4%0-Jb49AUtFgg}>(^(P`jGFuh;>x7k1q2AM^F&y>m@l|RN%LC(dVW=hA!Iv%UV zB|*=Xwmfu=NGQl3r5vc_QF6$}+|{JNy^6WwJc2d-i7n32jLwAf$;E+u`4I{s{KdxX9zLG3TmLPS&%JK^NT zQudKT{2S%@Xz#X~v3PkTR55|)c$$Y7R$g601jP?z@l642`JkT0!yVNbY&o&eYev+sW_0Z4jR? zzrNoesC`pcx%XN6Vfl@oXIZ|s=#Jpw_=CtPRpfFg05qzYL)W$M+=^eW_6t^pFw=2soIa*yVNg&gC(X3-Y``=HdvogfVhh8!VP<1N;;SBf?P!{iQG9yVGny`*N4G z%MQ`LbTT}RR@wCIL0qps#Vp&A52mn_cPv^C_<0}zi~MWU9yL(W;OBzm)mUU<<0N9w z1t0=ML)W{wz~h{!KmwFnoVA~FJrR5%dDL&)50#;R3N-Ec=-a-rV)gPw&Lb$q?8QHD zXzl_d?HQS%>nJl3a4EYjQX@TL3p7UH7Gt~O$~NxHXP7n&vhtP^36k6x9ax;3J3UVL zfbRLgcKK025E-2h2tw^b1v;UYw^2LtqV1@;Z@9RNx)69L2bU8U?LxePY||;_fU&-L zhi32sPo`g2H`bU_A6PHnN6VAwDLIgktttS(8HynGuZ$~YWo2^mqmMop=h>xq5K5io z$I|+lXg&tzDq@sXyc>(Y)xE;f^aNAZgd2ZVZkbFYghkh!h7Hd(BQD&i}XBh>*)tG|2`mRZ&C ziI&xO!;!+0O>rXuR6$PNU`;5OWrxcKP(w=?A#Cy-$yui6Oe&`pcODfvLnhdW3K`U1 zyagJBBq?K*qQ-g@Ggb}D!ud(0UGe5#B)%?^QWQ;B*Pc5MJa@aeUARp7D1@ETPYCgM zzAZ9jE`gR6c-O`T_6wXpu6E}GH-o7f zV^WU~USg)AqNvCOdlCj7?2igw^X7io+%8vL(ZyF_0v==Sw;rp{AI%%Bb8=Tc;iMuC zW!CG&#B;h|LY35R-c~(OYqu@QcGu;|Cx8(a_u5a%)`yGWB({D0qPhY(bXQy76uTa5 zUky2pdDX`8YE}FFH3Q8`0GRad6;PBYI5uwF=QW>gVd`XPygC-(vXD!E2Nz51<46DY zG(MKC$5yS9gku<$qix{J2<^6r_@_*_Pggd{6tM@6_gaADh(=Mc3C| zpll+mI(KR@`^}0t-bevO@34UhrjD3$=RS*38_OLVbxL{{tFU2b^8O+P|4PaVC6#OO zw%_fymm$lCfzy*=At(Rd;hHB-@E)R>`zE^EJ|N?AJ-^Ix)J#JHh4C=%4NwioKuo!5 zM53hQ1w|Cl7hJ0{-Cu9rl%?TuEoXNv>2giZ@t`Hg_E| zNFMH@depL=9zi8=r%YlVH?!fx9h1?mRrdpwl@XN4;Mtt=_5S|Z!}M`K01~`NdA@5L z*IWF6fC*_~V9s)L2hlkIxp8x!U-7_>cnqj?oIn*9cS7yw|IkmQ&w!4%ff*+ai9 zPP;fVlPJs!-Ypq?5~1dyv>Hs@xFGq)%~Q_*UXMsti;3&T+?Z3x$csR28Ye@Cnr2Md zdXR(G`BO8*RZ!X^D3&WnmD??UwP`F_Lv}D>@0ZMXPzdfbsJoJiUlzn$Lk5UH(q`1R zdfK<^L5ioWTARg zt*>}w*tr2n8l=;mB7)z*m8G`0F`S3nZ2IQVLUd@c>f@_DIy~c7v`=GZ>FVbdIDR<1 zvm6oaiYQ8jLEgj14cgUmQcj=(Q422OkK3nk!F6e$bUCAdKC{PWke(2@ADR+&?)>}j zm5*24CVT6t8sZI5luka^G}|y2KQM}f40w`rpt330r&@lyvP!Rm21_gTa!1TN$}4o8 zc*g{i6z$|}q77M$tMp`}`x}>BuG8Bz(0xbC;xrl5$2Y|j*FyH*DxIKt>(YJh{T-_~ zI&v@+URJU@_A~Q5j%EEaLnlxXi3cYay>Pc{Kkz+++Z!gl=&KU;y(g`n-cOwf0bS35 z2^~LTh~935kA`G%_WoOZ++u|Xmp+ceMIJEX=vKdTRnexK*T$_t_=+1P;q8rNo#C4p ziInPRo(SKF-21aV=OlSn9=%dqkZ!GGaeP4U4iPl<7h-!?pXhgH!RZ&z1V7lD<%rhX$Ve%U(Q-g3gD3!`6G^gd>BF!a@R z=iPfAF4LEH`76w>ES0bkMEp}HJBVUS!34x$#0xU!hIk2#>~SHO4QfSZni~n~L9NCW zqG;;ocvJ;QWcy(uCz523k7y*zZo3LCN~hgZ(0VyJ zwp~9J5^K1kM)%}>1m+o0wAyRX@G+{v|88J`S4?roVWFphae(FUj z{u^>85xwulJ1$C$t&_e=<)ZGbOUv8FGC4iWb}Y!SdiU#%?gv`d!wJ_Z9=K5RwP3x! zBw>S@u2>)xyAU|<+NowFU7aMWffvwynS}lqqeR-3QUc;gC$F1bLSw)qEoO^<=XqR; zkXpqNDR?k9I0#A5=y&dge^L;V-Rw^V(Y+p*Z@XE`icfydRKC4aKFRVQuTgJ%J zUb3o)?vxD(+fNe?k_nK!z%%M1$fY4%LrS>@l*Iqse4IgdPx+?I=ePG@A2)GNnDUwN z>BTW_&Rl%fe+fFEPTM|Q1QuZD9xXaPm)aH19=|P}L~q2NHDy_&>7W)V+#_tuKy4yT z_IBDb_PilyDiZ$Au3Fi(QB9qtogcLXmU(B`$D_4)YuaWuoWl-hCnBMTTP z?s*BLC=wUArLJf0fj~LllhER_Q<`y}8}OBpA$U=aT=;8U0rM7I7|IV6xpbK6i9M#h zulB{#n(~Rh6Ki$I&iLiPoKCAu#{FveKFQB4@@g&nx->u>kKQ)o4}V{sH&yN9zaMnn zMjmV)<^Ve6>MwJ>D=F+OkaDsETJ8SfRUSV3an=6(a_HA#r1h1OjOOe46nlo7d9UYX z;)4I2y?kit7Gpsa-s?7Ua>8iv&~$LZAX@QcL5afm{>oWLW~8B&hlzGoHNg&AD&l5X z79XZIOwQYWJ!Nz0V=e#T%e&F>4%6Nd01+xJEDi zwfRR{B^hPk=Fk-z8z8XUQ-z}6)=?>X-NZSNcA2cFfzs|38&YmPlsmjX8(?DWu?%^Q>3S`v>#a$D!jbUa4!%)&PCi$Gfe)!K?3W-8PkXHGDMCW1_CP5@Dnz z==B9GVw>P6ydkBNuQ&cZ6Sh}JF7osK`0xv@p7>9_lM#;#?+cHP8T{9vcjE1i2>Qh! z`QqObU<^n?MY>pV!_tuIXM9~KFOqoS8WyoX^?7JKo+NiO98W}C54{-1h=n|AhK7x$Kv%3uNOs8SyzqO;$K^L z?3S?h2tew*Z%;1=cJrg~=y|_C<6marD|_L8)um=p3>oNZ2-jge!B*D583DxkJq^uw zon=#;>#8&9(8l#n#BWsDlBo*0O6oxQZd;6 zmcpa1j&fs*vxHT+iEEImb7M|yb!!qvouH6w46#3A~2CjL?pn? z=xKE5O)DB6QdIB6tXjHDy;2^?I{!RT3Rl?9=DN7mZ#AA<;zRm@X1n*Slm$_`1tmi5 z750!sG>~nxDY)daBgufx`?~ICZG7+Lj@YfLldpkzl+c}+&YhUvpxsz_wiwp&8RCda zCb-p%l{F0xvdH5A&3RU;P0AaLVOvI;FT2Uyo|}gj6^VZs)QjFBk8Na&=P3giK-8Z z3h&R_q__d4%8>Y-T4;HqkfE5HbukWAidB}=3U<`2nTiwT;&uC_@d^S>iwmi_{4Y;Z zfz7m72B8#ym$Zv}UMiyykw@pCdgmT{sw*iL);gLe))7VIqGV?aq5AJY$yfm1PR|8W z(|lHLfq_F1B107D_2}E_vh5W6e}y^S9^Qv~$j2JbC&6!)d~iK(j0L)#25+QB)9O%B z8_<1tF1OD&dbnMx(l%}BjFx(&##ZrrFLk&bg0Mtt_uV8y1@%x75~glr0*Be8MK|c( z(xuI!vcuQeI_;|4QXn2trZnWA<%%N#l8u1%=S8%Te*n!!I`z=m z{{TMK!#~FN)ADinWvw@`Lkq_S=F4i*uJ=Y?N~F(vwwz&Lj^-@?AVa9m)|Z>zu?T)iC_G*Ps((*L!#wj#)-ILIEah!RvmdeFI1dIkJXnq z6{F`OhX$gRQJJ6L?)cjvn86jMU$Qs=p;ar0$1&_tlE}G(SI$4H7Ok#Zw&J}v@1CX& zer}pH@kUU(-g70?>i`(1i7Ni}I9E%~vj0O6(euP!N*RsF&hM$M-nr-I`oJ}O;(MCg z`PRy|##z2waW2`Hbe>FjR%{;*iI=tuiOCcJ;ESvP3IRe>{6eGC`Qpns`p1?nCn+WM zmiMbE2r*2cFk&t@p8!kBK%01z=QFM>r1j7h)NL-oB137(OwB&aqK_IcRpy=KWR)@o z!ya`sU#eB<4*2sJyivUYgJ14rF+DkvOM^zDo+S|fP11Mo6TYwS`)gn6sjq3Xt4}y@ zif<>AwP}Pya9N6FWrqxaxSHd&byJHJbuT<{SRQtLS`Md?1t^;pYSV0ebz*R;mv?5m zGwMalZFq_Bn=-`Nw_+A1oXghAC^V?XlZ{ePI5Iw9hm4#N!+if^if)XvOqn`Y%Y3{0 ztJ{1Vx>c{fuxfpFH0_F>Ti?`zOV&q|9LgfXWAW)b+yp5z`t2tmxapq}4X7bgBK6 z%E9_{pJC#lln&n@z)~QoX9GyKhvpn|YiSn~W$QJ^tNxI@iJ{Izxu+_V8= ziZI}f3AsKZ@*nMeo4t6Qf{O3Eki(OBnNwqpzq$H~4&p&9mW$0v!AK=H;-|=&9NMh= zN$J~Blav4o-V%|E^FZryn%NtXw#8i=hK!TT@pBmBzh|!g!G!*-m&`#}7XTo;(SR2i zsI#)B1_@kkgW5F5yYu17MN}s%C%Iop8GK-D>u;QKywQKwwb&0ar^LUGp}2xk_O^`qFOgv^&qEpB(!=p3^$icFAsBi5fe%)t(sLm6Kd zelcVzQFPTZ2yS#oZLXWzp#_>`On3Yo&;v~`0XRUWTVXRBKvGoO{3alyL8V==5}SqQ ztRFShk6yGUudFk9=Bc@|W&w+`DHRkgu~tFVmqz~6G5 zla=7WhI@QsE2TAeW^E-q;lS6e)uXlE4m0}9@(<#jEeP@ZTgmHPnDgP{l|+#-fPXP) zv5MG5N1jKZ^w$#JaSd~1I9z)hWVhgnZRDCRovM@M5v6FleZ46DCPv0*AR6X)WhR+~ zJjS@Z=xv3lpK|iUHO$x;<*boJQk@TDg&U&~qg3A@TyA-zp>>!cU0y}#atx@GhYYop47Fgx?U&*9-xeF?RAT7C*4>ip7-eOTsq>?Hx^)w^b7Dz@ zj~z-Q5mh`qtTY@n0M-_B`WvX7xQ5%X91;>NOVWa5RpU!LRwM`v9jfbh}>ihv3eD% z#nQJ%kV;@G>sluX5ut8+wQwRJi5vKl2Isi~^d-gGOmub4b6YWeq|4ccEn2+K(&_+0 zA}Bi{Xv*{wO>t(*e#SZeTh^9FlA7)80Sz|*3QI0UIR1xG9nZN-L4FbA5K1MjvVUwIhm4S5z*HcqLm})p) zKgkYZY5s>Gn8FOW-wf&aKS@U@$YW$+GTe#@g`%km@)*Znk&lDJ8Dd2!2zC&^WH~1) znl#XQW=Gate6^68Lx{cI?~^HMr*Q57b?X4@V#yYNin1WYy)g24tlDT#4Tk|1qEg`X z*LL>c=BG=KICsy;F2gkbW9I0TXqZd>EJclG5sjc;g*>oTLx7r}CezBcbN)|WVYdI| zwYA0GCW&{1jJe&Hq7^@W1!rkSLlAUs0^DPYuzeA(!!dA9vLDVM@b&4WPXwaGx2w-P zBRlbDxcPO3;KOD7da~?pq?H=`oZPQ2_JO8;Yj0d0lSc0P0aU9Cu8M740Nk)0k;r7! z7t!FcNGez>W@hGsH<syCH;nqUZJp;RG2 z&BdI85sDu#+y4FzW|4q_l_jwG`Coyxry?a>w~zOniBe3H-KkjmFXHPj%&Bnm_sL8l z09K8Qz`y`FlmJ2%pAeS+ry0skx8R+u|4Wu~(q9rp$UA3zal>@~rC2bBHfo5Fa?_+g zGi;UX|7M25%zrb3FiTsEB@z(QOvULs6PA>S{F*kj!t}J6L4p^V!gTIg3URb05g3fS zYdV6yD0L#Q$M-9 zbL^LY(`vtl*ycHafo%RY;Xv+RQ0s9R7Y^CKdmAaoxC7ZTh_1Z`vh(nt|AROknFzrs zxLegMoL(tYR~6#_N2WLX4|(c8Gc`XLp)u z;%Zh?cgA+@D$Q6yZ%o5&UOH~436Yr(r+Bh)c>4~e{?YS0S4Y|>=3#8yN0#sJ!=LuW zX6nYUv$Q18!I(174=k~Bxx)2^z}DLJ`Nv)K_VV^CKq588g*8jYJU8M_TP`=c;k6SG zT7kK_9b=u#58oy|1hAK6Yhj!|+vKlszljgBx^HZ(|L&sGANN+79xF3uvqyE>x!Td6 zSSidZ->hv{2Y||MfO}MqlwGSD{x&`tX7Zubzf_&HKl7{J3~0XhkbAhwH?#Qe;NCcB z^*jUbH4Cy|PTceJ(X4*iC&yr4HGQQ%I@Ewe*9Zu9SuOQQH=7=`xpyKrLji-_#j&ba zN9e+J^fA>XKJ{C-Q(fTE4TECBop{V%7O`gu?j&LG=IEXm#?J81W{BZQPFSdDtgbaSK+k@U;gypqC+{3yuPGgGDh|P&9>x)r}SR&UlWKl7Ng07qHwfTbOXh(=(C%T1y-h+<2 z)aPpvTi+*2L7)%~z9uBs1w#?iE`Vsdi>u*E!=~r3y zAc=F;UL6CQ(|YSEGOUlEN~zVnL@UM%ReMW_9-od}LintZcl?X{`offZkc!`U&Xazy z%I2Ko7JH) z?7SplvTnG&Wu>L^_ePa8-gM4tqe$l@g)8{13faFv=_MuLrJH?pY#QXlh)eFA!?B>* z$L$(x6V?f_oJ+j}<(lbF|Lb}eN}#p67v@+0jimzz6kWEJMJK%}?HJh@;c~ZKXlzd@ zYC&A7-7x{VlPj-#Bvy1I0dk!W{2U!VTelB>jFIT4<`;wf8$`!(?Xhhj!yT->rb6yJ#Y* zB*7VvC7yzaq7d2y`y6e~Qd89Kj-Zibqhj9T6={`!Ri+I$+605fNrspdwWm^YBdn_ z0LxYo-{#|y%1kN5LaF@dHyqFsS&I}g-n33;bwZ5)Wk(t>>9RB!ihbl?rlKf;Nvmjs zr;FJO;5Z}61HQ?e;spGA&=HZ<6~)a@h$lLl3j_#m)4y4s`d*q#m-tg5+xI5}>NsD@mwaSj|h|1EbS^fjK-}$+X4T0%7)NFeOd2#3tyauCu#!q~qmm=IUXUeHxD%CP zD)EHvj?NbteWa8G1J$aHum+Q=DIp0ANv1Q7OI$ya zqQ@OlDR%~$bP*u=Pl84?waww@3^l}-*Rn54zQ6>WU{;d^1=8+3T=1}z8hPfXDp)yP z^${xzRSjXvDc$*tdxC4>?T(@gGsF_*WmZ2 z*#|6>Hud4nXNB3K!2vIKehlOEg_=l*r0rLiA-4mve4V4@im$yVpAHO^C4fbme^FwM zK3UP`v#N}z?oc;UTpzEilLzD1tG4nT3=3FHIB>PYho7O1IIWP0ANtP&;nvw4&44$hgfJ)+yII5*&8t1nDm-nWE8q{{u@B0%}M8yf9b1LJo+ z1C{vbaOwl+@8O-|F4>#1{#3&`Tva+p>I40CUAGLmYWgj)EZcL@S7ZbKa(vR|w?%Tt zk1L_WbX&zC+BG>9VVbT7CU|>k#EX9IZBk?=hjm0>m8P^~Br@%b@roE0OK_&@8ifXS;jDBkSi)}R`vi8q*LfRHpq(WY{u~j0sE}c{ z@|*eRV{BIBTs5MZD5ovKb;&=%d=-)cX(F-ze$bR`w_eAU!inH|D6@lcSqyBkh5T-) zY>>VI6#8IOJOfq^@<_1xGPG-D$qY-K3hM{GTNHDYfxL+TCpZ+Kwi9P3x0m?E+0BCJ z(qKt|5wuq$jSLAP;Iy|K5~rd(;M&LyXlIb2*Uax}If0AXiYYvl?gErYdMuVlrnTtL z3@c+8Ms0*!Z!v(~b|DDgM~Q`<>`h&UG73qCa~o79LsD%6U7P2tIfHFUu|JV@lg?Z@ zP73@n!LW%INEc8Hn)srAKnyZJ!7h$K3sC|8L72b|#KT-B`F540;+lJTtUWq32kE7)YCZfH z08A+LdtQfV2sMn+iY&Ac zYU;V1&oDl@2u;2d3aGRK%YR0_DlFhCaTV3xH(YwF=K@0#vH{1KN@&KCD{6+-=i@bZzGD+k^zM&(haGKsGzfkEvnh&gYkZxlz^CE@ec{UV%h#bsxVt#oG8(ulF2 z&{$H6Rl(BJuxT7ct7lKDF4z-GiH9>!pz69?wN0XpAVw+?4ppFCr|$AuNK zD(w#ZqNxLtmWk+z__Ghg9uCZuc(pc1V=ec*2N_QLt&zYyyGouo-u)83zloDkDhy>l zd>c>=%CnIX#H<*Uo{fr(D2iBaREesi>P0a9r(+Cdz<^}0IWbAZt&09@z~~H%;@^*6 zI&d|^J#dxL(y>YtK4|qD+@QyBg!BAc}9S+6WJ7{ znA*abt@EWLWc)-tc6DX*HoO2ZwGPK^2|o?3tlTANO_dp+wri05s>fW5N#3vAXcq0p zj&XXwTrI+EXSh6^W|Pa5H&5KnvubYFdA=NZF)BxO_Ck0G4J*F2Z8> zqvS0GL!)hAz|^fwLscebcw~l4O9G+pI&TwT=y)4wyXISBs~tC;CU-0K*3wdN<3$Hg zq!mx2qidtFv8l&Zf1cNL%#<&12kfjb@5OfGC=N>Wvp&et<<RFO!PFp-dt^_L#`ZjLmKh+opM{K26~iovC>Z#E6mdm>E7 zP=}F=^+r&OGS*+d*pxUmO8S|6N0|VigShQnaRZ?;`y7W6b1c9bXyWNCTM6p~0y8KKCb#JDd1TsP+%P9-h=#DM-7KT=^RhTqbM_-jZ; zUgU%6__?jg?eyuaRNDuKvFp`l82OE0a#z``5g#eczd16`L>$PviipTK0|SC(4?i8= zGcw00!z7`3L}3%s%ICf|#9qMf?`bCF-<7f<58l^-l<2sAKQ41jSh8N{j;+dH3Zal@ zl!Cg=_U6p^Xz~qF?$)KIOuw--DC$=W9QQe z{L_cXe@HY_CP$noRn*?>1`?ez6V||CIFp@-ZP6ry2VfLf0Gm5oYKsq%o@p97p7+Dm zGG$?<=QsMt`>?x^Jsj%gajLSSKZ|3MXi%_61wCw8!zG6THBkv+1ItXHmXpc({E=EG zv`Io0Ee1Uq;nGaCrwc<)60 zdKvL~pTysk!o43haPd#q7qd6_T#whER!AcG1L%`J{)eovGaL*Ou_Uf2>M}e)FM&b+ zQU!W4Tc0igW0BQSwhNN45yxWd#tGA=fsY|hrOS7?+JxDO3r%iuQ6d-_m%hK*qoVJV zaiK-k)udre^?CM@U2#+VLjM;Zt^NvGaTV`d+t&O7jgCC$>g#@!r1!Vnxb|rO1X<7d za7y!U74p;-%u6XPxP}S-^;$EOY;c zyYeEw&_qYK>V`PNs$jEw3xft+=nFF%apc$Rv`*F1Fk*L12?+{klOT}4#v1vYqAo04 zIj_OVOP_0-J59N&b>EyJ=Aa8I2{%)b8q4RP?>JHh|Jma*oavn&dM;k;$V6qEh*O7P z==6ERpEYG{yUrj+U^Lh2K(}VCN}`Skc4$5XrVd>&L?zQ;yvPm9mdYzeArlPECgJw? zf`!~t^U-Bh|B!ZJ9jmF8rcIG8+^ghe9<;2xoAh`f_G%j?_w+oa_|9>iF?}kgRmB4y zG`6E*Q!9rtb)fp$KUK-F-1QNrba)OErj1^QZH)oR=P5~pR4{U`2cb0PTJQlb1ly*S z7IR>$b2Vbk5GT?jqIaRxpr6{+Z8+Z&+MpA>wId-{`rPV{)~R_|G3Gx(wpy2|CkoZt zoJ=e7mc)Kv*P;6nC+ zGB?GVC7SNOvkMjf3#qX=-7C^9&GSp^ZG0TBOueX;yS(^V?~S#)K>vLJU46Egm%7Y6 z>GRP_X`=&D(ii_N`jW!5dU80ebl!R2=%W!PL&jgm{MD9I13P_@PY+Gsb6#*qF)2V~ zPEM7(zeH!f#6-&C?{37262W!I0T@Mb!$RfHP#z&YS}|qP%jDP3JZgyEZ)W6?PV&0~ z4de-p)Sk@$>Xp=Cu`v}Fr>tL|%VhK-h*(8j$^GDWHT1YqQb48IRBu1e)omFhQT}qf zx~skm8mIMHwRJdq566n2jACFFk2eBYmd8nCd3k^L4AnLO{WtH{LIN`*cfh%- z-%PfBGRUxX2wIaG{v_kWLXW`u`Z*)D*^oXb>6XclnrJ^uKP&3UkLALtjZn-H9^YHq z4;#t&(D4XPQH@X>aS{`+kIbk>p~X0ZkMwI_1+$PBX#i0)qmEpfcW19lWP<-L{PIB& zI!*pn^%OEn+jN4ejoWmaz70iA<-^80HR5}EtM$7j+Qj;cdXT0r4aTMP{4)&J)rboAh9;=8A+fF|B_w7{gBMjhfe0F^dAR6qMVOZga>0JUuM zkZj;{vhNc=k?BBRMi_f;_|A`ItIMUhaTdC0P^NbM(=UFu1Nl?JW5>V+2f;v|j_zx4 zW43Y1mHnDNLjPTTf7Zl>nO3MIKGt>6wW7L4<@LC8>qQzOF&<``Kw==E55@BJN_MDG zXdGsue=!C7PNt#BmqsuHQ35@giu{J-jv;iD?zHyew+Do~X+Sl2n!^}%MwNS6;1HAB z@5%GeMd8zdHhs(Q>q(RI%HbO~i@RkU*p$TwKIN8P;>Iu>W1i?jWdu8P;66BIB)jNq zu`!J+!OnOM@GokxulLApKd)<>@T-w zJiMdM4R&$|MumdRAi#k5ht5ip|H9)9(s+rLbSxOU6y)tVX{H> z+E%<)q+`Y1?nc6T9R;Wkm#Wc>!{maokeJ%W?2wsC|CU)q_8NRF8kOrG-uBhcWRlMH z+5J8qK=+!DY;3S2EN)fHT)DNgp{MtyIvz_y2hI!4+ii~xJgzQ`?DH%@H03sJG6Ts2 z(XKF#L-H|WW!|q1P8HQm^x}AS5a^#$c-mJwB0W^?xcPk1?Usrp$~&L?OBD`qzSnd2VCI89jn9v6tG{eo zZORyGFPix|+Jx)A%XWoTPcTU%rotd<1Z*v~BiI&=S&J68dxbD%iwRQ&CFR|32@j=6 zuIifBJkz3eQh<>FNF@uqPMM1X0+pUMMOOo#rv{tvZTkoDB^Ttaj9~ewD&oJYn1Nr9n-;w;^mwTDH4|+6X#m)Os&Cj{*xtjUkF?BLiFJ$Q*qC$2DP4|L zVY}b5Y{g-R$V^@5H{#&CoSc;1hSx1s-dkXg>^+tB>@cL$jqS&JkF8rp9+*!(Pj5kp zMpr;`F(fyrB;dp>;ErK>Ea7^R&;}Iyx&h4ca$M!o-z~2PBu*`fi4z6i3xEM#3(i&3 zM-K=YU7sbF)&R9Za$lLXal_0-X6^+IUhbLR_8#9KO~S^x*S)O3B!h`QhP@4FB-drV zIlFrMR@0Z+`TG^KsOKJlQuUf08>E;vNYwfBE?(-WEl(<4W1Y;HiMPzB>(%HvVg2k^ ztI+Ndst)I>Q$9T85?hkR8NXRY=4+nW-}4o#&N6W2R!l<%wPb zn$X5ofXK$a4_0K7_irgwp1JM#>vq+Kk&o$lItq5#>&4X58 zF2`b3>s!h*a(dn0hmeD7z`Gg@`B6S#blzl3x`^ivsH2ae1^iV!&)@K_Bth5rI-z%O zp++p!Nf)}$wIH*4A-X45IxtNRb0yK&`ADD+eo8%Gp3by}3y>vC3u5>&*2@_$NmhBb z9nF8C#N+DS$PACx!09OghwYA+EzhV;^Y6Wx+h2Bmufu@%Zzu8HjmN1fS9sv{Vp4gv z_}V1rZ3G-WYuR%4pa_L^R?5P?jw;j<-E4b~X^1o#@A=TPf%o}oR#ta2{XK#Kcyf4{ zgeXeWwdNBnEpHS35wM!zL=oJWp&p8l@Z35Z>C*01=JmPTSRt*N0V)ASd7F%9dEBGE zrb_uOF74iY+U(x%q8P#U&QSIp5Q~w-y$YGx;|p|pE>ch@l}J(*oGKdV-2T@-g5=c=K8hWj%O$>31q1`rt5-&F===n`Zfd&Vz>_giV%uL{DBrD4T3O^)E-w;w8pZ zP_$sdr=r08MO>vNyshL^5k2I})ZpvKRzoN?1UQa-G~jySs9h3Vkl^Lu^g6k_h!N_7 z@dyw8F0aYdJhh4CICgBuoOqVdd^fCAb+g{THp67T+WzLLm@m z$&E2WWYBp{(`?^shjfs(>iK>(uSI6w9r+zA$+o>`Kf~tX@G5EdQ6%oNR!hELRpIoDfhi&aZPste<(zN{h4ayAk zc_Sd)aM1*;39JcvaA!z2yU;_@*{Ng=u?@x(mopP3_+Z7$6`vuep}Q0fc*QZ>x-J@- zcH}Wo!#|Xg#%EL32ZaQPRgEs=m5v3%UGNCe`Si;}08pg42geLdzLcMogeJ$}2O z2h!c)WC`;PEC}0-0AVauo>Qar_?&n@EeU;WbsZ?zye_u@mr;q7D5=>+)b#9+5QS{n zc#DV$A^-8Jc=DA(Xri*jEqEEoD9xrcbtC)i4BOls;P%3XkQ?{=a+jDTqM)=A$CaD@ z!e#{pV+k4soBRo>BUf)_VsUHkyo;*B=Bt{!qKMoGla(ZwO|gRZ`w|&2 zMxh_VSs(0Iiz>oL7@>mJ+>7(XtCH$yw!Gp0i@{_k(xrHc>f83yGzHsw9GC ziC$3?^BnWsbJWA+UaN*Pu9j7Eeh-Tuccd(hpli&wnexFb>MDuf`ELlsQeO}>;xyOU$1tv(NsricYfkAt$z~Hu%M%La;MX`FQ73~fAm~A(K zRn1}h#l^)FLY?97tIf^tTp?Z+5x%UaS|j2r+YygO8XYi1FoxT@047AQghmHu;p>3> z+x&vIVC;NWzXtPCtmdEPrvJ%}5%4OYsAEvqQV(JNYkbDBmeNN3!i2`0#y1DN4)Y&q*xcCBd)4__#+v?P^;K7S+ujT4+Cynhk{rMwVMs=v{zSx|N%1{~3+TUM z8Asb&S5a4^e*{`U*E%VeDQt<-qVSoR*D;_Mw?%*(NojzhZ=N`!(3SU_B&UT{W1xx+ z61S~)-{4BQkR}Yt&#U{5J+8P8Pr-e?vF^oZ8@7s$|8M4HwCL^l%X`~Mx=95oW)hC3 z49MtC6y5wkORZ^7$E$j-Hh?^b>>#T}34-*}jJE@K2EQjxLqO>T)B0iMKLO{18x%69 zFsHZ&9u7Rn1qdLewU9svDS+zMP)sXU3vXxzylm~a0y&j)NW{gEh-K|#m4~(m-!}gS(w?b zAZxES#Sg1Tes1*kKhe%#sxM`|0k!{SX|P&0IB%O2b}-$usHcN-gA0yhMhRZ<2qtoV zgyfCF09(p|IEpwD55o$IA*ft)26F~`sH1^F+xjPodk*b3OIC(!nyF1>rWE&}!=ORi zbW{oKxHio!$H8D9q$FpSALq;XpYyFN6_JFpK$$5H0f!uk%0BI`REt>>IJ{(nB_F^8)SebI68#e2AEbqRbYc?9d4;#ugl zWgD~3mYn9*b|p`}YCq7417;KN(g&64Vg#O|31XZ(gNrd@@*%`@6bij!Bt*D$x}!}) zyEAi4Xo@w#4Sa71(juW;$csSPEDMn7+6ilgI5qpf{p%O2lzwS z%pbX;{*wz~MTkD$8(A_yiD7Ccvg$PIA?ksb*tao&b_NnkXkNDsw{Egz#I0n6?9vwL zD4-;nd&3C6*?N75)4_XnYGPXgTVQAyiEg_N^hKWPGqEL z9K!sMpty63$Ip$^=aV-CDP}QXJEsPPQv*~j42d<4HBJw>3q-bQe}pV)*8oL^*OB9% zP^|i&9Rlw)uY~~j+7>YfU^STSPMiLiVegv5zA`U%HHaeBN;R83#KTZboc5wqcLv$E z)pINDB#n_uHeJ)JKYWGG|1{P%C?zQyVR}HymGg>KIBu3 zRqOMn_Q1Ha*OR1H(sTRa2AC9G71GQtlecLszr_RgQ4HwXU!G~7N`}{QkFtDj>|KVFM z%WOP&X8M$$8Wef@EchDsZ`(UH=#GE*^ZZS!qSZX41N6j_fHCLB&qFs?$jW?g6sk8$ zOdpRQKdxhXTGn5OH&gKjh$vzp5t^TNtLh^@w9|0^bNJV7((XxZ2Rp1|&Rgksg?~hj zwCu3L7cm1!>}zs=YTT+64V*kZe#vJw`2Qs>gWj$}h-r43YIc)(=nt9_$mlGo+9`U_!}jxgBQQ%hu*&q3ZRa4?-&!y zBINB_=w<4ijMiZgtDe!y3WGW7K6Hzo49WuGfP*JGqvEEZY}@E}(%iT`qgb+GL~Z0i z4_*Yx-0ZL1NH*A6v`^Fo-ehw}QcEu{D|VU$7q83X>ce-0i7&8>H^YR3H1YO&c8@-1)Q0!~!`q7tDI z=N1TiB5j+1+&~X(;is!D3Az^Lg!Sf4EO2*4`$Ga~dM?KGr5)x+T{bj2J8b(=%U6Ec z!`7cU2DqWd8UwWk1#QpeBai%3fE% zevP#8zbZx9S@9Qt9DkO1)h2R-bO(SBkm$j8KT7~AmSGEn+K53V;NW0hlgW2uJX*;Z zgp!_-`L>2W{`_U?OH7>OA9fQ@+Piz~BwpVVoe}6wS^f;|EL?H3c8vNf5;b@@=Tb>a z2ub!C*kJoyf}4QdJnSgBRH-kBwM-IFJi3kwbNHyO-fM1)YF90zf0a}vUYtlMOt1YQ zJUw>Oc_2>=b-J^IicppSCTU8dE1F_O%O>HIp_q!}N(urY5Rl7cy$uOM+n;IffRwVV zk`HnV2HN#4jG<*d7_~0THpv4My&peWN2+Rv*Dw`QQfK$F;UbhHptIOQ^8{%4mZK;M zK4IcXKujoEVPf!=)9n#8Efs6_{_u(L#G-rJT8wx}>Io$zk~d?S!MAHa4T}xl2@lV# zFD7-OuCB%RPX`!K-^4MDXL`@&$Ith;j$F|a@6HI_fXn>K-C2EGK|AF?HEi0Vc%w2} z3LpP5ui=qq1U7A*Leh`F!8=CP3!fg%&pmQkW6r5gT+Tatr%C~(5&zZf&~L=oq?QCu zvR7M5{xoKcPR%s!HrEsu>#jRu;5vvN$7bjwkr|#a)4Ud5TG9LkbY?VerrE0!ig}4B z?R?i*^-O3jMi4+C3pCZR6_UK_Il}sTMWO=+P=r z3$JUXh>~+pE@TQK#CnFI_sZ{VewPuF-wJ zTRMKwMe_4iMR-0YaGLw0;n+!qI{3GvHS)9#cT0}H_1f<>0VK;HU#SOTwCG$l386lSE z9PQG5A7{=EI4q)NCrQ-G%Q(y{I%@VnkD?X6GadX>m!Pq?8>_VZw&r~KsworTqKtIJ zn#Prj)MG3+(8@+*aMUFq4DIweL8ys5+wR_VWqjrFD)Z~0iR{$#=cxXouZ=uCzCGD( z@iN!)UDNg4jO~55D=+XKrHSm|yku^qNg=h#J)waSGdAGllmg3Als#uCXu9pEHdFJk zm>IkAm{(uIWeS+D8X3f`ng97WxPPl*J7}EFyL>s&pJ|t2>2Vnv*wFOY&!I?3Np(fI z`i55As|5 zkvz;Bs8OHi#|-!bA;_Rqy8}1#!#3)}=JJ;-XBSmu?4j)8oZ7cm^wW*f&n9p+c4qbX z!HD7X6K^JU^*{Imc|7@+I(Xb@L(tclA4)R{;g42*{!65|4ltM93l5s$v=_8s@Gh%L z(sj+^jZU@G2IQ`x;^K2x73BDrq4IU(B+eFLw_3%S8h8Twr783`|8Pw_X73%d>8x`7 z_6XK;x9b;PwAy_r^KwSWnPYLy@%DlpcG>mG|VnD*T zXo-Zkz#yy*-eoW(m5Ot~B@s?YQ53$5%F&;1OlFOlxR$Ao^KGAN6d<0Q@(szed_rkS%RWJ9>`}97O;d1|O%3 z<>pVDp+p%NM?=30W)PJ2Xmq@!4*kRGGRU=;J*V;jwf0PCU1V8G^6!QkJ6C!)q{J+V z=)^&2t9oIJH1oF-;V{Z~v$ksa2~DE(iF_BFCbw6jU5JziY2zsaIY~i` zBOqCTPV$F0DR2^Krbu^$4h$TKtScr_f=G9m2c_6F!gl5}zro06k&sThM%|yFB|vW= z#*_%!+~DE%+!AVZ-AoAoa`keyH(62WR@rX56xtpQ09K8(&X7F01Lv`L7)jIA>xBH1(6e z7q+A2MeWjt-}dcTTmMO1n3pwZ_<=Eq6)S#nrjw!Qf#fBe<-~Ufq2(sUy0g5H1}f*UQ@`%Y0^lHfK}8;K#l3eufamh9W8a07 z$5#FgH9F684NQnCnvDO+qHFfeS!7iF1Yxq`LIg*C$QUmqJ3VvNRhti2BW)ucCa=ZU zRH=^bfcsES|Jzd{nI=rQ?{20J=LK%~@5y-kGgp)V+{>un;k){PpK$=_L2CI!`clfj z7zcG~txu=RTc5toi0rker*>6}!1*an)s}8nRn-el$3(%ei6Mp%7r%d>Iwi%zvt zwYJdvKQ|jYt$i;BKN%WK*VM{bGM{bn8|1J*#y8a$ zWIz_a#-9=LG^H`1$T@hXL28Lr5Nb{R>iR+bF-;(8I85!tv=;oSfB9db;j3tqi~+!| zb1k7Xrm$T~Q*Yf_GLg@2*SMm^0ZKzPtLcSI;=E2O0o$ctuBA#Up}$L*!tn*ei;&#- zE?KM#eVLJk&^f#5X8rl225J5d@>pI&MFD_%e$zTFMVV~rqxL50k3ZR6@^L_M3v_|& zG7+D3d z14H0f5x8Pmh8aJnoPi!{8D1S-{mdl&JGhwQFhT+I>IK zLEe3VGG5S!u;Z->e!}^=%7S9?57&rO%W~=&QZ=q4Yz;$WuX9`>TbV43;Fu{%4JhhG zl-fsvtYAXMv`lj6+~lIRtECLi(?xIT!y+#-Z*!8e%1{`Y4$(NQ(`aTTd#2aX=eNz4 zbe>=!z|jO8EK)2X3CU5mxfB;Dsi0ZcFH6KrhNM9XW4w{zgaFjFE5A%izLj`8cfSf%=38ZPz+?4Zq{!( z*Q1(uYH#E*TBg~Mmqy}a6Ed|q>3)&AK}N^9-OMONkXTSC*6hslIOZkbpxmas40dqn zB%|oVppqAg+#!kOmbnYTX-9lhxcpu7Cegw#qd$}_tUx+*-YhWI&r3t5%k76+cwxCT zE}&|-X~sllvQlv;tH8Q>T%-K<%ICz4UEI?6BFAmQ#(BXNC}BO$IyO*6gef^(5Qv*Z zTq@9dLXO6H&AR!0fu23%*Jgb`>e}Zig(xXuLW#WBXT7jIg=&QCMmD}Nct`F3!b{s+N%6!QuFUUcym!eNmJu!Q4 ztk5)%ot}9*HZD_1T_jO8PJ!;A_ znZ}(cM}ZT!GjTm(doMUzh)gUvd#mx|4=*vgE8AFFVyJw%Sq(DJmuyvYATbIkIf3DB zB%mrM^qZE7Q_-EvAcGJi8WiwpsEh>xceJc7y_OFI?za_XQ-+-Xlwd1qf@Z{V66 zYpRHG^a-eX0^M@IXkA9mTucs->rZL#t-hTKm$XGItx5(DV3LLY6Rc2Hz}dvw!a^!E zG5pueCYub4Rk5`x#$Nml#dwThM%)q~05l{8*tT$@aM5$#tcjR@yH7rw-tK`Lzujsk zUCNT0jDvC33M;)o*v$7*v9A5o-S^9x+p+Ejv~@j6Aapf2@*0b; zCIW3>M$LgkC>S2{t~{y$WDvyjL$|&6*PXOhwwhoE0uY#4Kv4>t;;cb3%n_<4&}Av; zreVGc!B0woX8d!_%x(zh3cp?5Bxj=?w!w*w7?@y*vXcspb?QkTF3Bz+k!H)}^h!C` zN_*qW^gY^fdC-_2#RSsjYO6Lx`yGg>nIOXr%zWIPdwji68$pulZOLyxdMk%JdvIm> z@dX}IAGgh%q_{j*MOE+4WJ~bJcU?K@YWW}RqEHwVx8~;QG(=xGn>tJnBm!u(d)t>PjQUqA>Wljz{bG4*X8Ogm z0f%$Vj~7-7EAGG8ZFoa-p8Hk#MTsrNiZ*G_up#$yZ2PF?E9P52>l=-+!iAe1`zro_ zk@wEul|@aoXly$j+qP|WY}>YNJ007$?WAMdw)xWEec#1+_dj^&w{y-OWAD9I&6+i< z)>_5=WwO5OlUAc<93IfuS?v_4vw#p5wW^*wRW~ApY>UNW6Y6sYjll*f{;_!O_w) z8l++OuFR2{vJc$wPIW)f-17jIiiS7wXIu+Ihek@?%OZ+thXFEeOni+e!6I+O`6DVs z{g*pObqGOnY;mJZXQ<+!$P&o}o%de`ocpi6c@cM1Mei*K>Eq8KThP7aR0kiH>%}VX zwYiW{nAkF%*1l(blYn6t45l`2RQR2(5|_oxme&z*7bG zV9L-5rzs6~hWz>m*})vqUW&ke>#mwFt`2 z)A2BYO~>vslb z{o1_XR+VEEjrTr(RXV<;NlrXVzxWA}PzU$a;FB>anC3F$Jrc*{x|gpTr$B0tkhQTF+%j3nqK|@GR2!}c6*rFw{Ks&|49ZZk>t@}UT##G3#}_15ALO{I zXi^#$JJ$aF(XHp{XZ^;<`OuD1gY~kT9O`d$|Mg^nP<^&;^B~8njg2Gh?zgaV9yv| zQDWkb$)@8?(S1K`x%2pj8Nv_zm{J|hA`!Z5o|^gFqw4o21szx7P{4JCul#Y_3da}h zd8M*OQW!#=3U*}NX!F03G|+~*qaR~l@1N)HdnApXpbfr~{jJ4^syKP?maP1=UItU) zYT!vrGpgG3*>BV9^OSX!Y8G8k7Dt9Q@y_=ithN>9&p$6wOrEKiV_Jm@wBkWVxQc~v z607Tng=bn*z?1F+++$8`=jy^m@sn1K+ zRB_xbm77f<1cwN<6W&8};+#n+10;*0)$51ma*;1phi#YM$tHY-81L(sr5HWaUVw(< z{Oj+FGUna6658+%!myE9l>UJB?8lZF0;GIRw$%YZH<^{1U!5grX4s)THt*HaSuCnU zMIU^|wzi#h&po1`P{5OGGKRl!VMD>7j%y*-OD;NH#U;?`_98W5bU63DC;CQ77mIJ(H^r{SNzkcmfp)Y zz2g&&g$Fl9m*SCUQ4nfv?kjoX6Tyb@SB*LP?w{`=fT!k(z|cacL4d&>F*@QEpE_I* zo$X(}AD1?1ob-&65UYUf(-admkyps_3KB!z2-c3rXS7OF2EbPM2;xEsGI2-L8$7)+ zYP160xCtwh>yo~GLFJG?P_ z>5gg|>}O$Um5AitZ!=4H52Y85$>4HQ$AUj&g2P#x3U!-NF0yBnJTI? z-=zR=6aWu7BkDrmzn~$%>|G|nEgUYv{!kDk3Q1tjW-5hLAZgBHttiCFVU>7Yp$bVLu(iH5Yiq^zbvAz+Z>}TpPm#LAZyE@)Gq`jA- zwoFQ~0Kv=_tp?a5gp9l7teI!yPEi3G!`PZ{`Sx`7^hAz*+*AGeFe408MnAk%o;3Dk`|SCE<5lj3&#V)6`Zz@riE%#tNlb@_Fb7a?fca%gr?X3VLJ@sxH&dtt$m zEk`z`onncONsA~cj=`}(;=>t}yI(c|O|{GA-x~ui2I+4yIPdWS!*G(Kb3$JI5>B${ zJL>a{jyJivS(&Y(8HDj=e9MCFqvnH`{M>zQXwN|T&5T2foAB)xuN=XR7R%Bw?$*D4 zo68A0jFw0>?Z%ew)%FeQH`o;H+xbhjOD;VKFA|r-E$znUH4lFK+Ge=v?=}3O;&38g zg#mU_{Mn{%g)75MjbK?Q7EH@e{qIuu(^Ux_>oC>LKYD<{-RC9ZJ;w@4^e?iq_6sN+ zy~Ogt5*MUs_8u?zz1X@=%(%g?IwfP?_>FuHu`fm7ft(ju0xpN!9TEH2Ll4e2EcpJ7 zv%5t2oJjv~8rC&(u=2%4ZX|ew{6eX~war!UlKyCt4&9V}cMcvsac3aT{-;zO!}$wu z_e0>2+rx6CQ`Q9f12Bwbk_id%HEfCG*?o4O;ekpeIQVmY1XM66A0S-P*M!B?Zc`bB zp3j?8A$LqE*!N0_?#~;kkk-G7(={F8Jxy}H6gIY>{2QH1g^smgjRg@^>%E3@n!gB) z)M(qoeji^PPJ6gq4|r)zPMlxsTU=l5!8Z)8mjHHQ%J7BL#4tExyROonXVxW?zGTQg z;>LVWe#L)6_<6C{0>#JDlbBrrKLvx!d|8Z?^VmdPvi_l7$x zjX1FW-OA{4L=mC=n{_caNoKF)%TC#QJ#RNtHc+h}L+AqZHtWuWl-qA{_(b8(cPdhA z9EY^|EdE@HDbe#8*G1KnGS#-`ZHHtstvCFZok%8Y;h+GbTXM$^I)Ju1hGh+xh;B?g z2{9QASAngQ6;IwT43SO$6KKF4QL^S-cDCWbM$X7SCrds->ZjdwUOO6ur)Nwyg6xrs zY{;sME?>T-a4&4BM;MI2@`(2c>IDsjkg>S_Fy*AR)ftWf*5>oj2A0S5M^M;Lf>nF% zmDuMDo(~klryPH!i~=RN9|ASoVGjy|-mO!vi^ zGgCVB{u5o0-zXe3|5{J7aiOrt^TWB^)35({^ZaN%k#CKQjDaW~#nK>AvE^v||qWp97N$DP~Ad#?|rfmpjh%(v^5Mq-vc&5dl*FN)y z$fAOL;}vqZvk1`Ox0=j2t|i0y3uxh1j>czd@z&C@>gC4L>4oDUh(;9Y5nC!OE8}3{ zSG!J~=(_<&=CX!OOE)gNL2=;r08m4BDsRM0;+?8Doso61yo=vBGQO3n8+zE{Q0p3E zuwftN(PQ#Xjd^Cg4)ggj3w#y}%a1z|-E9Y6b}{nF{!fpuhfpsFlFoHn{}Me9iN}h0 zV~pyrGRcFtYZ>#$K3*vzND7%*qd#qVZEVea4vs4CxJ)8bfXsA~uoXA_VffRrm+}a& z=^E36yRG&p;!5V0@h6^jpV@dNbhDoB9vQ}OYf&f?zvNJj?{>5wvpaG?6D<< zsLx9mr6^s~Zh*v@9{57%j~_|~8!EzkXLSg<;n(E=?r;%Ed{AD2Txlue-Z zyd#0hB>z9?IQSp}GeMj(UMcV&8|RVm<2>|GB>UOKB&HUT;8{|lyE1q>YxH9hD+{_HwDP&|Y z*`#P*wE1&~>~sU25bFkAQ%@Wl>f*xr3kAZG?zs6gs5d-Rem+pYuX}dO6J0}sKE7$2 zSALo5O+6+O@jAuLrC?G?4ZM_~)W}&VCL(`n*^Y;i88oi8B;BQqHhYhvCJX=&9#JM; zCEs)Pi4(Wr*$Tso=q*+{hM9tuW|P{|spy*#tfR+U^d*1tj`S9H4`w?U`t zYLSeal1pW}hzYvo`LRtm1mV@Qf`8P}V|2Ji1ROB}U&iUeyx?vI4C4CU5*mzoI3>c7 z_Q~-62ljh({Cz)X!u<8Q$JK5c*HZA_ZPB?#pQjr3XO}U{Z4t5ZQU`-DPVORDQBZlTFdIYA%6c%Ll-juE>d5ujCm13A%t^z21`PuFAgD6z2UQ zZYJ~s`1|XEyDb(kYFg35oZol@a!Ky^9?^D%S>I@*-~V zY#26VANOlLZ`Y-?tmT5YKvxJPjwL0*D~izVPosf zzttU5`dAMZAqgw4COv0$zOcX%VO^Fb{Xc{~cl%$$9=`oQ3HvC}2}(aTKh1GiCBxN< zbJ3Iii|JkLi3s3sw--v7H)1K+xmZx{PL)e|ufqXNSb>}rZVoxfAS%mAyLbZW2OiNpzieRAZ*|nM`Ouhk|Cd}X7NAy+I9QCe9aFB&`jYd`Jp7V6AREMhYG@FU3`W8pf9WN z@T1Ek8IfoCB`pUwd%E*ex%`%BLF6#ljZNPECt2&At5ew0@k=!>IBK+y=$3qiw~e>u zX+QOef0@N*3S)xuj|MVB~rYvL^TvS9OaB{VTPLvL8!Ixk~1i5W0a*$`8W*K z&NCzD|8f*mIK4Ug?XE8Apaq3V^YxZAh{;BJJ%>-MzavaBmeeqDdh?{5F@;PDo5*~t zuvhd8$aevM#X6K$h#|TQF+r6RpJ_J}xuj1Y3Lm8rEg*^dCz0{vc4a>M>Cp8N_s*>X z`wNvK#=D{E|HU^-fqE_F;C$)n-GWu;Qi@Zp&j7$36$`eYLD?1jn~6B*p|fUA&*)#SO61vQ!M60(@A=FXQt zay)HfWr2yCnZR4u2Pb8Fyl)E=3c_t}UY zklW4XDvDL(7dI~_mK-qKq<0vQ*A0dd0vb+hp566eEQ$WnlYqS zo&(%P#wTI;_b;J}zGAZd3d%cv&^`9Dcm>c}$7qqQFaC{s?_>4vLo9Pi(k);XSh@dQ8fh$FI4yGT+XC`VZ++nqcrb(gOOLZOsi z%!s()k+C=q_%(6rP^@(OusxlpAWYPFv66rNRm_3FR}(=B(>> zC-W8E$10(6c}h0eCEyZytqmItN$oKIrs*{z+T5Hm-L$>+Pu1GhsWAs6Kmp`QW3tCy z;g_8P|4vC*uk2}p3JPHBO~M!%PDE;LatvW(F`B2`9IlX(WWrhRzmVf&Xt+~JN7lw> z{C3A#m`4wAZZS}LBdPV&|Ihdz2l|WZLkTLG>ZQh6xft{9gTYdzj0TqQiR_FV2J~*` z_xz~un_yaAmm&x<_&N^GCxLe@`jJKpW8^Ss(5^=pcWg?s z#x+JB*rk2r=QnztHju|)2uM#+ATJz>i_kbf5EbMM(o|W9{Xc@Q|CP$)ng;sutbj}` z#QJ8Xh3tAAc;b>03iHvdcB&mYBg}5)Ef}GyC2KnTs7GBjv3y=YW>&PAoZ<}NCakIp zK{?_W?26r=|5GNjg862_2Gu(Mmdvo=MEa!7YxRikjfKk10pkC5&#VB^F)SPWA!&bM znYb;Z4sw6Lzx;{>Vy>2a=>K79LncGm;7LQ$#_35lhr)sT6O*H()7i;LAu+R~$TM3W z&nR#6{+y@U9&*|qEjcpReF2EfidbGRTClH#WY32a+z{Ez*&)LUyv>5p!rG^A+h|az z%p^ErR#|xS<4};H{ZJ(wu3tdBjer63U+eF8&D2Nf-_;iu?6@F$T2Z8_y7hYocZ+!U z%SvdeISmH%7+^WNQS}uD>`=$r9tF~51>2^Hr~ibtwA?2}>Q|KS=k|B%r@PxH$Jahx zHtm(o9^bZ1_h%QdIzpaO%oJfkJ0AXTfI|SC;=5aQ^$WrZCt~PvdbmSfmU?{tiH|nG z0QHY7a9sQevPjk6V$K)hd0k^go?Pe+ukQ}n1do>X+U4fzUg3O?!cjxp+?YmHfur(R z`8*SB6A`!g6+^nKH3bG6`rHD*#15B7C20r-FpyK?7JaIQew~wU8R+N@L+77WG2<2P zFJ(Cp3bJL1E16|^@$ zMOcbl4k3*5q>T?Ts*V-I6fN&qpo1yPv<=b%O^aM613FiI92)-awhfoKa8O2?2f3pr zkLcszEsXkF=)EBK5Ck3n#3`t)p>k+_9nnYd&1zk&iWVuy#VpBwfXr=rQq?-P4Pri3 z?r&FXV{{p#BC`w zbuyD_qY{&3lHG!zYKjO3F~|^azX%rXXZt<5eS|{sS%J|I%#s1jON%`mv>;zKn(NIV z_L4npm1vtk;!HqdjsC_HZ9jhCdhJ*Yg#h@55P1^Nj5;g z*Ih(~S_k`wBA$cRy7QX-7uG(5YP@BqIkGgpI?b-iJb7oaHaZ=r?m4x!-;pH|!k5kP zM+%e`_z{=g&ppCX&_+x3T$=ib;Fr01%#(R!3T9X*yT3oiz_TJ6oQ+#6?7q1NEe$!% zlgU7CQj7+a=p99*mF(f{-QMaoxa5gl#Ssxy=fBP-yT*1=dB zX~&J>8JiUE3>FENoCHriHi(J!D=@Z*f_w`g4kUiSTrx>HfC-6VZ3H^cbOwY06o8jT z;Zoq~DSyGDA#08!miN&aDClF(U1o9lHRK61l9wTycqY}duOgcOY~9LyZg#tu1B<}; zhwFsUngQI{WunGH;ovH$+WbX@!&TIPKnh~UO-P=3nd=f0T3Wfm-7PyhAof9R_wQX} zE0+b*8Zx0NG&%No52}*jvdg!1$(38@f7-hp3ZA*pDdXoQ)UF;_;7Kk*M#^?@jM~5* zf(n;7!+}y5fZ$iX!SZ9|fw8P}7UI|AEujC}u^3BQ9_QG26Hyrg#-_PN()k2Z6S|zdl!s;zhm42DDlb)cpEO4)AX|E= z?^EZh4Jj3OEb6@0e23vgLfB*+%L!_j=vXl&H8LZi%6YnzVYPq%jHgZ{i{Y2`q$JU< zAouwts7k2qL_!)p2-ZZEi$EZn`_hYdljKz7xR6Y4l-D8D0b6euWDt_=NM4p!W}E5O z8Gw8sDN&$NhQO+1#;*wETdv2W*%v;8eU#Kv3@#)QHnsn2Drk9Y_Ynky3=Bf_lC{jw zagSLxSh`F2vI0sL0ay>)67WVZAhE%c@;fa)Zl9g`Y*`8*kvtarJ^=Wr5R{C<-RCV} zzS$LV70$W8{cFt&5f&b2uydvqu48mF=ved1o!)+eI~HX+Zhq0IXkSR04oZ zEz)GW5M(*qZW}PU=#c_^l0~GsC`gdPQRo#Z6tae=|GY1`sHqe*O+R5?1rXOSK_0z@ zTB7vQIi&7efz+~*;Xo~Aw9559Q$2LA_}ZBbzA9FF4ymn>dQl8%{pacV>W`G9%+?m& zB-ACx=ZK8MoizwYFlJ_&IV0p@F#TH7%Sen*v6D$iGf7t(*%66^`+>ct^9mJ;yY2TF zq+~Hpa^sszw1^iu45wte6&M$g6}U~t!pZ-3(6>K(&;~@siEYfi zxQ?B=B^S{yi~xwSK0Q^V`|}U8Gn7FX-IIB~!93gCSwqLHEAyQBDHjG8lFMeW^)vV9 zG0kKEG8srvs-2POz*pk_xF{$rN@J;l5j6a9t2u7Z z@HJKC*wQ8l%cf$Fy|e|QT)*)BdfJvFAM8ACn1WPndI=uR(-n>XVcLpEQGZz!uZs$C zc}}0v&*D$=aRoq<6c{v0#kyt1_bj+Dm$BC*rK$i{-O;Hp&;HqqYFskL$e`I~xkpLA zMX}Y%=)y7n9e3B{>!}PjpeTlI9U)F7_P&<9RFaWO>c5rJJI*P;}@8s4s*|-=WKuzL76;*oPkK*9~yG zQ}a~r!vOdvDK8#Fm4>gvHxXnCIF|e6jBiBuZ$Yw@TU%Y=(BQ%qE)hVbCkhCfrdvPZ zW+w>Ib^O_pcHQhtX=g@gPQ-eYAs8-a4^Q1xE1&UaSWns{U(cN)XNG;(S$@CXf$i_7 zb0-HL8qiXAX#y`?Ek+*heJRjd_#)q~8tK8g)uQNHUe?L;uma~C}@2#G^ zS?O%+4Y)^(50~{{r+lRt{*Le6IkHmGT^A3$K3{m;HD$&`-WsQGCKoYrQYAjY>(efoOrshWy6boomerxX~1n6%@Of$!G_#l)MKdf-GrWQvQt%aU%s=! zUnEVDrTbzG_{Y}NPs|#*u+cQ^wPVDXI{Fq2sJqBdjssM&;edf9#{3@XK)E%K)TSxc zl~RtL_moslqa3t*pdag`v(@QGAlax&Z;?9Moa=<31Phm)*5^9{%{)d4Us9+s+Dc`l zOPGmw$%vbLS6C3uOb~Arv@i<8$6zk%k(q)HQ=^@VK3YWMfXZRIW+HHg%F%tB>&l8; z{qW|%O`3POsesR1Y^3fU%*inA*^JuTzlGmj0&hKhuzcP2L9?wFW!LC9cShi_5SsK| zO1wQhu{jdDhr4BU_=SAf{^E7z2e^s+lXfIa3**f@#F?^Fcl4GQ`N%nZmb;#q7>kx8 z24~PdSLpC-640nvT3|^SL|k2q@eoq=*vn;4FxB-OtjJm)`D^ULbo=^j<;H`n1M3Zi z=WxsDHE;L(P3hZ04eX~BpWu?y%XbJB3qOlT){?UYZ>r1NN16ctP44sM{j_g%@uDZ{ zWM!fieX=d~dJdu=5ervrTi?Q#?13)aRTRV4HXbo+M)3R?;PM96R%I6% z#ybDJ>yR`uQ!exo-(TsE&q|y)WO`lyT#Un*vZFU@w8fLFDg^|qHBU;D?z#@?XdOIm zUQx@Q{v13xAww%%t*FpRb}ty&7Dqw99_wBvR?~B-6kCgTPZ)=FBn~zCbbt+mG-{qP z*@1qKbjp7vT@Lzl8D>Kp=%sU$7Nme0uI(e}6cubj2#@KOQl%61kR;#4y5{%TO^dY2 z_uJp^@rz}8U0-#R>xuJSD;?Q^<;rxZf;M55W^JNDY$D)4mldoa=uXl@F<^8c)s3x% z=S6gVOy8>^!FY!}^db7zqjo8q(V^e=sxjSsC~hd|1&p$LA<1OMUTir=iS}w937gXW zl+mk|58qfusb2vliL)0|NVc|9)Kta#Pfz0m3wW4D1NK_22IKAw*ssr5`pOdSm?o~< zm4inHBKf}RTHiw_10NkdX~F4yAyn`4PVA-Ge%~+OM)tebF#^=>Ry3WDWSuynO)Xz2 zzv3TXf?S85$2LE93o3SP5AV*m|7jdw4*a^FYrL8eMLuFO{dkW-3yj=}NTTJF8smw4yn`cuhMm z9*(Z7W{kFDBvqys$UGB$?7&N_9$Xs9=-{ksAP4eztj!Gdtu*~L?4%4wM<$#taJnt< zJ-^fls3R@vVDaXwpS*yd;S@JjUnd*=H+|b5ofJ)cZc#O{5IY)j@O|h z^%q)F@TS0e6_M(+ThmDqD^Lb-u|dMw!5W0P9xnm?cWbH-Z=YP#L+d=4LjYpRgo@cT zfXQTEanj0N**Q?kkJEx|u%20%jl3Wix;PMt8%R3NUwq06?QV==Wjk4;7v}+9PT&?V z;~J2QtR4)BS1VNYNeBQ&9JL6 z3JZp+Lp^g%B5)Dp$pa#cL`&ZZ+yTf!RdV9@zB@cVo-n3Php^^YW-BRYECPR?3@SKKk)wE%3Kh^WW?)scRL*f8NW*+8 zA-*%*S?S3#)hY<6@Z1rc(Ywtbb&!a%zl{JY zxH2jP_~eS3U$#;($k9k0!lsh4o(iXwv{Z?pxKP5#@G`~A3XBX+*QovwFxAi59LSKp zzscM!Icz+RKJW2M+Oz%L<%;>K-tOJ2l!=!-$!_&@gWUV~0D0_h{S*?3!sBFc4Bxngndj3P6&;({I>b4^_neXBz;->yk)l;>YxZB@{@P z4gW?9P_5c8l4{_*bP0(uN54wUSpl^<SCdT7$2Z;zv?$4MY^RP*McdTu8&Xm z2PzgTWhrJDSA1rBIe^iX*|f&GiM$@Q2q%q`c(~es2FvzmuznhDYW&{N+0Il7E~Hed zL)cbQ_CrhD7(>gackF|?jW5|TBw}`cAOxq8=p8=52r*SWmM9JXU3Ez^&vcyw&awCi z6D0s(hoRzZ^8k*jgyZ2$e5?0w7TtQ~w773D)BlcHb+CnjMR6|VN&FA!>dJBZg&hbU z9pmF7oT&E?H+3~>>MJl3w3pibjLct%$UXm+07^K`1i!Wkkq#_dB=`ik+OXikVJtQb zVwQ#~;RJFhoIvjy>+2u8Vw)kK)Ql(J8>Ym4F8MjVCr5i?%x0sP#4-19k9{CWZ7pwx zv)|Zpra2>y3^9SJX048HayXIFRPCDJ2{_v+n`awTS0xhZQ zT~V$fxA7=NlMfKy=R{0CSj7a*BJ0TWFojX5dDm*GvWsrAQEz^cG_#4&nuPI$Oeq^J z%kEfXD6Ahy2vC4ebCYc}|DNyPRj+npcK4Z`=JV z+&w^2nRtgPLq3mo*3J{#O23vGmiBw8aK)UhoC_b=6<8)c+k=IFV(tDT(BG0p>kS$| zF}jgXTHr>Xi?J}{HFSEao&XHWSm!$f-BAG6kS3}%3_xj+RddSPW@i#(^nv5i5H;%< zufV+zmr`fr=YP}G+~g&PJIj0RO7rzENWKj_174)HrGXZC%+?Y>rf?vLT1b0|#a4X*Get{W=M z?G=6gNcR}c-;EE<`m(-zt3-jTw~143SAwh({$#Quq1!OL(|msxs6D-@X+@3m$%F=u zCw=XUc%%oGTh%FxUC6m{!4(Z|3x*ahl6C%(?%wd_!)MHPX32cZV}^9M98|_o`@e)= zUp9DKpG_XmzhksIdhFQ#8-7*A9k@IDR}JU^<`3&fQD{1|lDhpYS5xHC8u_fTo&MnA zGdcJ1(}%10vbHq+`dwO78gi>hDA0QOvwpylrS(6hZso-td3Lv#gMnj%9pA|4;>dJE zXO_!);XwjxTPq*})|3^}f~%_&FD*HUZALu~Kcw5F3NAoxgLkQ#4MUL}+bJkEw7LiC zae?5$eF2V^5c#SOX*JTMXYfN?KBMdLn!{2d{!zdZhyfK&8{n)!8od&74%-eOXbk%bc+v6;a{9}&+bQsSfi{5C?!jC)!jrcnMO=+W|($Hit zoV2La{AWiHhNPkR6fyn)j@p!L$$jwXwCgquN8L`WNuO+6fPDYgVU?hoQ62vRD;A#Z zXn^U?Z;vxJ9~zT}94&^8YB*0ZWBrx`F>!dtjq+av9FzWWQc1kwM=6?~yv3TCT0-}j zql zJKfvqC-!FCV}~Nou9XFY5NAjU_Lzeq&i47D+&lUJ9P|~>Ou*B;VUh;-!uny<~rbPM9>1vpW#ts6!(S8E?SWOcX+QIMoCUC)DwCa~l5>{q0xRG)fP?qPj zx&s7bVt6l_2-1VZSlDXmDtuk}-I=QnGvwu1fC=TuO=HpE;vMtA?PPu`G=X=SHqrl9!HoiKe$R;W;N{L-?UZna>RS9kyQNXF?2DM0=-uGu93A8K< z+psefssBAf2i1XIN}5uI=4Xejz}!B68XJ#ZEM(2p+9Su@J$dU?akr21A365kTqKaD zM${`4@+G6jd0vF)>N1ZaIHRzp7trUDE?`Co}aDp_X(0uNwKG})axXrQjau4 zSkl7x+O~ebFcpbRuqYiJV9wte_h4-poEUhzm$3>J)SPuS(gcEYpR2_?`-trg^=x;D zie_koZOvWY`n0Q^F$S^3JwApz-GN=D-K>|Y|HfyF^7dm&7@ zKKemv8C>WJ-uIP|41QkupZHV3Xio-QF94$1DbpJD0mxNIOjd7QPMcUXH z4elXtLqM9HeWhEyWCsRsBRJd!PU^bsy);`p_j|*=BTy-oj(av#s`hXiRf*D_{)Ho` z_eZcdX*X+?+Brl#u>qRU*HU%G+mU#4SZ2gk49;7<2xcAKt~6VEqtEif@E^CosN*jw z@z*kCmbBIB)W4;H?sL)bF;osH?F|5Z#{0l$y_SK}P>}RbtP{vuqm*z#@*i{O5;&xXT0&yBN6P)NJ9SF zQ@5*Xv&;!W3j%}EVP%5-dA;PMk;M^kk@1M}Gy}{adrsu!1a{P}Wg5jT0=X+y$ZaR( z*Zpg|7i2z_|NNMO4jCPKs`Vx+-+$8vC9_w-zaQ82xLE=x4Z&Ngn^Vxh$=}X_t2aVqccd`q2NPidJSS1uZT;fq8GSMv~ zcV6J>@-Oq3>CpAcdr=Wm6Q57)2W9A-^Mn98l6 z3?n$Jy%jm^%QS>D)NS@rPPz%@<1aFxLo(A{HWx#q&9s_5>E+RXgCF^M%`B#XJlwzwj$4P>C+v z3EYvzX0HvI7H)ZYM|Sq#0B~x-br*&_ShO7H&0H2Zm{@>6?a|FL)Byk)FJ9OWf<5SO za^s(5K|WN4GeL2L6&#x&XnDNr1Isev??&1qckapVT!~Top|4#@SGN_r&uSFWPN`}J zlhuw!8W9N4nc6~dJv*3y$g%PTX9M=I4r1PBOW1>78T_6?C&->oT+ z6|}qB4W>*1R$js@yV4%Gc>0-fObv|uEtEL4oJHdVEZBshh7ec+Q5X+S=Pt!!3~`Zw zN{?D)4ppyO!Io$fzbP-rHc1-S{Oh-M6etAUPdB;4g2o1IhXER64Ra|yS>nB{!Aptb zL^W6!9l9s)?xKg?`lYI?=9K%0tbdin6B{QO?Uo2a3vW8$qHAP?b0YIjIaCjc)Fn6v zG1U9SnZawlFiLG_X3n8;Q;%@@<_KwRF-!?tzVhVUWtI@6epZL{L%sW_z#Ag+zG{Ok zRuj$6Tx2~2U~}gc6dMe*ec-IKveK$ge?b(&8aF2aQz9ElVXLrS$(mLuWZ57!xHa6tj<)VA<0xYr@7lUkKWmQ7V2v1)S29aG&rdBW zo}Cj%c9+uar7Q}tIBu>tJlK=NFGpR51>{b@{|kR6~$5P25=5IW$o zpA&R1HD`k;(}Y0MWJ~83wi0_n8Qo@Lwnz{(uCq&ZB>KzK&g7DEPPYnzr)O2A+`mU} z09Y!0+(e1|l)A3j=U)sB$S-m z4U{lk2q%;xkiuVYoX~}^+xf5C4Kjc^b&StvV>(WPPDZthUm1Gjfw1{3SJ(d!Du%k8pLJFzXXlCpf!0BwEz;rh$SyW%(Z1e z_c+eJSaN`kVTLbD`%stE2-~?n9Vvp zLdZ4f8(hE@ToZdU(I8v`DTM=c!V@4yM14>gwD|bMx@&1yJl5!V8Lt}3*!R9&2-Cvj zl>gy$3}qH%x63E=UuSYM!s!>6%df9TcFndJ*0d3J^vvo_qQ$GJqxY6`?<5HQR(d6_ z-W|?0sd^VhL!+QLQVL@=-P$PfJP`xhFguMDWPBw{wHxpwuFB0{ zVsQIrb^V?QnmgF>C{#l5I0JlG4&l`^77$RRetMz)e8Rz|1!$uhEC5qv{=MaZrw+eP z2anL^#rxtKGex0(Bro&a4tw1$AbNrWhIEj@N^iv)VaTEV$1*1^RKBQx7g>Is~TPUP!XT7VI1yJ*U? zGFJVPMMa$$;~aS-vfL3f^zdtCheiyF#(DbLte+AilbIcAX%JM2hLvfsNh%{EEs7Qp z!hVfd0h|Iox5PA2c+7EG4~nZ!7vk{VB>Y(>Ou(h_#ImNSTL1iXehQcb%)I4Z6Mxs-I)u%t3$bIr=cF6hQWVxfH)HaswK`8)ZJtsadJI1wZ9!0U9{EA zF^R>s9 zXDX$;1onWUFknB~w|}ii*Z14SRh(X~jb6%c+W>?jPsF4; zPLJORQvd@yNKybLNMJQV62G!Z+ZOs2*P>@QZ=YVHe5Wr0haQYPbbQBf1VT)xx{pTf zNnjQvZc`uSN&bGe6x2@Tk^h!BuBlwCJzKQBwrz-6VS#K@nrQ01@Q_*In!WA|5FN>p zD-Ciex30zl97E|kI8(hgD5Mina&n9@P$bYls7J1Lv|Iz|Pe}nJn_oD}y!+bk!Erhi zIg8KAMXvcoNnJh-(BgrVrio1;FJ`45K!p4Nf)7fGe)0zpx%5pxfH)RzUi6nKTJ7uf zzu%-is$k@qE+ zAB_?17WKT6eCqS&j@Da*^wkM^SdMa^%4u{7a&T$?b7Cy5q!vP9&EoioNaCTfG{Mt zKD9*Wd5LPNbuIJhsPHb3@ul@DfWR%XYclJ?vj>B=@F1q6wM?1~4nJYhhkl5wA!x*A zOV&53=Lrca%O4IchSEaE2Yn2yhOry?h+}q$TCl3fQdkao=-c%vmCYZ3)gO6xQEkJ0tg(*sX#T^BUPrl58PD5BM=l3KNJ%VkF3CJFTM|E(6C#SC%mu^ zAcTha|3le31=$jITbot8Y}>YNb64%MZQHhO+qP}nwry8+edly{{1N9wbo9E&n{}0M zL}t$M%sJ*jyva-NfgaKouW;dCO!3WCzKK1pA@I`0eqbTK=Ry2nDLnQdzP1p*=^yjK z+tma9vuYMnS5tD!w5`{Ti&uXN@<+`59JBhQm@G7mi4A=V23BVlTyhKHv-oKOoccHf z^)`JOhQzbV#BR2Iyl3+$?z}4E^T{a%VEZIEXy6W=T!Bu)rvA?4_?nP5#P~P>zseXU z!Vm0(0UB{6>Uyp3hZ6JB(Hj44h7|v$3rhz9AxG1kPtxjs2nMcqrqt&t>qd+Dhl9}1 zr#}OHpY{#|Wjoq!VK4;Y6aDqC!UJ>LAX&l;jISqHZ|ZJB#t=+EhraHyffEt-OTxr? zu)`f>za1XZUr$D`Z|yWP0IClX@Orlepsv_gBxU`gxFYJy$L^u1Ewz{sODs_4X1v`-wci0L`G<(*6$#d7ydr~ z1jq0cjE_$dCJ(#U&aeFGmto+{fm3W?s(aOs03QSWBDIx}5>ar5W}5UoO7)Cb5)m(Y z`rhgMfy+_O>b3(cz)XlSON3SV2q`x?6@-o0A=d*QV%PmyidljpTlrb+;yMzB83-Bm z6^`+QF;?A=i)1dBVh>u~r{)vDoUD&Hp@(T_Y2a5F7Ljz&^+}-Tff-N3&IDzqweX0W z2*}MBW>e=zxoH$3L=WKakrjWSa25c9&;`$VgKwR!y*7Ju&Ct;bA$~8ua)Z6o5d_TAi~nVzS>~1s*w2xZj0M<1hu)j= zj(}1Du*6ndmeWst1%h}REB%yy?WV^tE^v7!C&J$}r!-LhZl=J#Q#fP+=F4R$l8h2$ zaz|QEW4`rNp0q?x_9)DR-jq*oH}}@!p`sEdQaZx(F1mzjve*`?V<+Jy9C3dCe-4>40hoStL$~0z|!07m)1FRG7=c4P0gdDJ7`)<=1p$N!=84TF!sg}nPZE;#DnqXU_3;t&uv>i_2mO9Gm z@UN-^Fd#NKD1_S(eTW+v#&NnNwA%;+@kQ0R@=B*xrRScec2;msuA!@Ld0+p@OzCpm ze(j@-ta1>HsXww}ctK6!IGlS$qXAwQ!TwFYnAr8JA6;#TE;5-JSfDoyi}pn}R&Lx= za(0D;yIxnFB5e1ey!F_2h<)P zTKl~+s}g}D8nF+p>q)g}VAwJ3X~!-4W1Ow}wpiEgPG$FMc)F-*7NwXXPEtTE8^Z0U zml|10q%29V2j##uM9sJt7t89JIx(=xvV z%&#@adR-%FjynYwlos6I@jVCl{E(B-X28>-MO~?+MJ9;{>^Jazlhvx0PDr4 z{M0?L=B2Hi@ie>+CJzT|YU4ihPQ9Q>+-FCNUel{?<$FP5gS=0E9JdGd$SjsK3agce zDFlwD;4|&~ziN9#6d5_J`Qli#22!Pm$j=#E-Yk7G^gZP#I6Sq5O>D9+ZEgFn$3RZa z=r}7Pw#7%TXpRfto!BHu9XzK~YHKMbP!e=d&hF6c$p$T9d`qtUv|kMHA&SnMhYyZJ z*A6Z{2O+Cxe(N&Jy^1lfb#?I=IRV~r43)EiFWSiDmdiunheO}MZgL`zP7OC0S~MyF z-7ows?F9n@3eiJqvze6yCmDB(+AfdzjxP=^bt7DEi_(Wt7Z&f3JDK8Kq%7vt<^q<~ z(3brQxW)$2$A}|m3Dpz0X_4~Ab31BLRa7^Y8b`eXcZq3nba(WH>%oVaTqH&hS!G7C zjw*jyr{@yFVXubHsq$Y`^Ft4@RY)(9;f@EM>)T8Ow?Pveuo15npeup>WmZLa<969o0JBFd*m0o>y(q$ikT$jfSUa0RJyU}GA zLY~QxIcm^IYZ$PwE(CydNs1o+lT-bpaOT=L=YKa@pKr;+%Z8PTiHBQSZpcp5GjL@} zbQ7hNwBygjfbzKH3is)shRsU9S(3laoeuTmicQSLR2-jg5pA-k%JDBP+X5R--Az_# z-%s*1fSSx#Gdnd)1@hxKeySsNhF<u%pKomP`#WobAvBKkVhxHE}?sEt0_I3j2>_5C81&!Mvra$Qi#IM+cl z^KW#fN2L{Xdc&MOligpmMghShnLEt%KrcwF0n@Ykk)!I<4$;B4uc~o|i@UX~luEBm z$RSWZy`U7D5VCOJKGUEh*Mk=qIj|H_t2a}bW{n8X+;9)41Q;wXAK{=v^S|XKVH5qU zv^;G+({^~0|SH4B@B zXA90x`-P(PlTl3ifufv7>Zp$ZsBSo!7te(A6g zpepiQdR_Tx_1rN;@H6w%b~~Fj%xSw#+4EPNCALUVmf8DV0h0$Oo zOe5wIKzy~BJoQW~TR|1!2AwcS{Dwi7qzg-T4Ep3M7)|itUJs&@yB2@75o={gxfHsU+&knk>^e!55fHr8wT6p|0qd#-9(W!HD!VGh``C6 zprUin?@Mb~XTey^_}u=&vj}_sD9B@wDtLC}-?1M)-0=V`v|MlLOmI`r_B>o5GCu_#>Q1HL(53Xn6Ti z`C8Wvw`k|F6o+Xgj7QjY=<+^JjCoh^8stzFiYATUdkB$KAxkvFzlwZL^0sDW*n*X4$|6A5{rfgVmu*383pso7A zKQ?~E&fbeO2d#=&lnD3^Ro6-L`6iP`Xv8hXC(`-sU|i@InL|kcriX-L+QEhlr0u=# zZK?hCK+Fb`G~2enMx9cjl?IRWj=a6!Tw82$49X%+%ZWAG(2O@-E_Qr8*g@)+U`_ub zW!BpskuDnp5|B!z<{oR`%2E~Rd*D$DC}Kav#wE-nV8nFJIVGB*FdFEV!6b>9Zz7^) zcgzt=%j8D(Qa~V;({SyeYuk)QQjg`sV8Q|P!H#HSv7ANSL#QwPkp}yvU#MoRk&jtZ zZv)~7tY*BC%w`Fw1L9S-h*tnA7zwuw%IdOEHSheuOFH+Lu)P>fo-+#8biLSbD8cq` zM!q7sN=Spm=hCT2d4$RT^276$t*eb>&v%yIP2FWrQ)1Kuinf07S8`yMmAPe6MaOHk z>`pm7n$&v5N~kf#tDHo_ZDlpAJ~<38Dazq16BxFL`V^Ou_K4z#oY@BIh%JyaLk~As z9BT3}|BB+wBqcPDq9yIrZm1XL2i`%&JxmXF=!zaH`4g!Dz-Nd<7ZF}ZjzQdM#Afe0 z(pb(uRE8h2gMHyt>9>Qq03hr}H|Q$A<_D)}Q!8ayP>5H}N#x(YI3JkKX$GmkSqHB; zXcnLftXkgRo=uSOKr*K#^aIv^U$?+M zdvuV{RR{nbjZA1H26uU*d70)s_U^aXU|Xd>Y~Pj|Q+yB*w;vqLXKi z+30;fkP~Ey-N#dQnR2gmRp2eBhCYYnhtFhaT$<5r6(%4m9`zc+b3!*`0ly%fS4iac zBx2;q6IzQwGLN8^Jj=QzqwPlzXdZy`Mrj9F;bJS3{xC8Iw1QIp{)2kSMzLzypI6l2(No3Pgg$m-o=u=^a@!w}g(I=U>R8 z=o8-xdlc&|C&$z2QM^Fy6$Yl_G`8sRyz18tbqgAkpb;rp||5`Q}4 zAMqCw&M~H`w}Xv`++mXt@PpE#aZ7Sr_27441P!={yMPII0D*ak!%}3QZi4mc4VR$s z&$akx%hALiKVr4*qTTQi-w?yR@Z`Tp5MOu;(asKgq;Bc|0DhYO7oA|yHt5E+d6@$O zj(%KZ(VUTngGVx#GJHZoI<)9?Z$;U1&Lw{^__IY%+CfO9koHr4ICVUy!po0G|oj76&gy^=JJ*C?1 z>xs~7{H_aI4vHbuzn zMqvk{G6J4OA!Te&ipeEEBKMhwYYxG!^a7F7e?qGKAtcYmjKjUaVRs=HEmq4^E-yl+ z&7z2}Kfz06)r~TX!mD7fCU;VA4GU&Koc|MWu&G22q_N|1HgP<_C1*B7PivF#xGTVh znFjmN0OJTXs08g5CIjg_4@QKd&US885tE3_^ z(d9pMLjS+$gn2SHoxFdCII-bm7Bp8zxR#foES=b?$};jVBAz#=Ks(D$dN*I-mn!i6lYOcr_WE$ z?k>`5JU3l*Qlkw8y*NKs+Z9+T#&}Zn;8G;RCVhYr7;06HL>L4mz>CLHyne5B2;yCW zoN|<{hkj3hmw(x~Nq?A`rcv`ZN6f+zIW)O_0FpKSK?KKvgBH`>)0k^sl_ML`fjNp0 zp|kwb0J*1y?(~X5f=X{)e7j7}#M# zeh9hDj%M?DH(j&0D`&BXQ5xluT(kPzR^eeiazA3HNzEz?bd`1gfz*H zrdQB85LO3?`h&r( zngztntMC@-E%xffjf@7=oTBTc_tQ*DT2A9JDym2(D%SbYtHSYU#QQ3y)lJ8W*k`(TRyV z)-I%eVE`GE1f9KeC)6(tPzmE(cIBV`B7px`^lq6fKJ(u)yf&VCsT+W4%HRf6*xKt@ z7c};S9Tpj`)kM-3mCLP_z#@`G?jS-IK^e1MdTa_ zw&3lcy+co66EMdB3-Lk=hWbZ2v%~sxCW33gY>~S^A0KaC; zBy~zR>oc1odeE%;-2}gBe{7`@bAfDxQiq4)*jiuj$l5)>!tj3VWUHeLZjc=5>RxRu zyT5W(DGhnZfpf**PFEo->td}t@)=u|BxLoKcGek>J8~s)AMX4NbG>!UiaHOT)VT;l z{%VvU68fZQu)j3u|EQ_f>4HbxVH6IoV3d-eO?F#aS*#4R^2+b2Y>9{cyV0$EbC?RQ z5Q{%l7caORj&Gd146TM0<6EYFQ=BO~7#8fJwv?%w&BZrmA-Y;-!12+*jIU7oi+N2N zSdRxNndBOgV-h7AdM_x61J^!%ucZ7p@1}rlqWu0sdk}#+ur!VQW7TtE@5n1=QWk&dUV%|Wr(_oHM&$6_YRuL}L z2?2p$FX-I1vb0D0A0AMPRU27ISS_Q1jLZDX1B@5W6810A*c9K`$=pOT?T3@KD_J_8 zfmfC|WY44w)x|6gf}&xVTYA{;jWTLUE5VipRb5s)H5LTHxJ(y}wg}9+UHG6HVX61G zeAl_9agyb_oPE?4TI7TaxJ^y<+O0^<}h8d1;<*Az;Z(U zDSRYJ1Zn#fAW?h>2J4nnF)~Plj6EU+!P+-9zon7EZ;R6nHySIc~KIrk6Q zS+D#9f>0>qWNt=C?R{;NPg{?Up8;9prwe70YAOZ&AIeq*Eh!}kr=|Oa^2-M^({12_ zq$uHHWJ)e4n#d!}M!&Ar!^{X>+q{1~Tqm3nl2qOc4%Imah8G@@Q&?r*oDhHK5CAt7 z&q&w#hwuUIKwHL=baq4BJB~NDYCk(J-@2j}FNlaQ7i3p8tkvIET6l^u!iju{WO9sH zqZ?WuqbEhXziyB}tq0yBI518H-rH(E_^75xl*fB@knY zPw`lJC*0q4!r!8>DI>UE)04#xN(8Z&+K%R4YXrp&vrsZVZ-_d3#!Wpf=ncc;f#2b- zUrJEH`JrD_mwhb9*}5^0_|C&0Z4AP1GoS^wuOfbOyS=~1^ubnE=#=p)xvzT1eJ;Kq zf8Ck?%lw0n!!_~rucWf3`5%&s>AxkFTg(Bw^N)|8C)fa>zZUyayU|$J5|moK=U9km zau+x#C%Hy5?L~8f=SysS4W^1qxrK2(4;RBM>)YtdLC5Rs=y}gKjZ2m!WdG=M*9qkv zM2)hq$!qbIRd&Tg+UKAWm0YD;@$oCJYc;Nb;@3us&)b4dL-4Pka`Z|hikd#VVuKwP z6CD*pW7m9+Y=u>j@4o6aVXq_AMy(mJb`nndKbp!EB+tf|-2ZP_dWyN+6ST?UjS!O% zO~530>~Lfi>M(xKe>7FUF846cpEx`Kf6VwnBIKtnS?b_IcYu68VBjKmetq8H$6))* zk=RkO!uOHbQZeFd197;$LtfBUJODUYb?;MihRa~A$)$cTL~emy{s^lr=gU`c2D|4! z1#8>iK!^g>RQ`X{cA{iQGR``t=O__It^fkZ)ypdSX*|$ zT<#EpU7J)l%;%gI5<{1{korL4x`n8LChwvwc!g4TKO%=U0b{PS-~y)THcGE%W&E+y zzb0neTN1PK+RwOZr?I|yAw+tlQqPp3bV*&JL|qQv@`|}+30u9WY{8Tv;c{)zM^8&k z{X26DUOCvP!B{2>{pIzapeldx?>?De<%qa{qz(#z0I|wIiHs_(dg<+);Fat26`#A< z{R`9$S7(QrHbCTz!0X2cU06~z>W7tY^IOCsPvbOmMN1~!fnD-KO@ASXa}xZSS~RyE z`}6~~!~;pn8J2`t5jJ{mlp(nR?!_za4l;y=(wjI#>-T zI5i5l!NovRT&0OhGO#L!)$CXtOY|(>iR`P_Ae1u;xcuu}XHUg!3${XFlGV|AIu1}O zl%sE_L-w0Ye)*M%9eaRZXuT;BBr^~tW+46_J;-t$N`t(u^4zzTuph;9pP>Z={xuR% zzRm_7AME$;C%~x#I^^>&f=vkShhvGvGTM@fCs~RP@cpN~epU_Ph`hs<5GV;2yYz~d z@0WofV!MB>Qy%7P?1ceUS82D_I#R+Z z5W30ISEpolD@c9;j^)a_d&edP$bqos^7w#D)g}-TeFl&*j*V8bdAh5%Ydk%(CsQRkC4X& zCy)$r+Q2~B1sd3au6**6G)sZ8`~TEl=5exB=1wsCDcH(q5#??1sM7JOl-QLL*eL7D zy4jMTll}@#^kS>RbgNM#D~K`mg4tzOS{WTYR}PA8s_R^0*P<%oJ-W`#q!$We_RdTZ zfi+*sP;CPCa}kl?S(X^PW{|rhow56#`@)1d6Mvn zvJ{G-8M?n{G>Hath9emOQ0^eKq9~g|>->)Wl65~*UUCTrCuyd^MqJZL5I?L7Zq|7U z2tq2NiO@ZLu31`@;0jYob4`09Pc+BuJ=N;dJ*Hac;py!*xWB_lKtTbuDhReabZnAo zNa4t?(#ESSM<{DD!E3@RkzRK0YoMEYWDR=;q# z7y$>7rn4a55Gn{*2DWw|6mQT5ddPdWcPBSQJfP!xYlaP-=3jXH<=^+djpXE8Hf?3EX|2oXuz~JaK z>!OX*Mnt}$400-J7G<}jBK+{!P^J#%GE!aol}G52gjdSRX8$)8H2=4dNXaX6-B7)e zCOhx^t#hT{cD`9scn9eAm||`sC(mg;9Ga^ku|l+-?kH&Avz#6HCO*d7vzQv5S+^L7 z>Z4@HCh~mx&ofhQ)8cN91Uy>x;KJNxSHoA=5kkVfN{vc z)w*rcvbGp<+VgmtluOn<&uK;~+GAA*s*Ru51S;4@-3Vgob=vcyGu2K*HqhqdG@1`E ziR|@Z53)uN<0rxN8M&&{rA1rRw2BG}b_!TO<%eSEM<`2R7TAW+N@_0U4aV*kVVpSe zaI_h32F3S=F9y5Rc*7MdmTsoc)T#`+GwgSbGa2(qx1MR zUCO#PZiOygg|0;CdSzi>^O_S?Q+}Jz^we13G1|zcmg{}L&FAd!&Qkn$s3nKTX?&&5 zYzLtwu7WRbe7yPu`c+aE3au!z<-Zye_8x2v7F?ZKpjqPTYri(y{R$$pphI6=HZbkd z87HYDGq8r*t6oyr1THl+Ek?|t%gz=C3k!{P)#QG^uFFvc9HlPO0iwHv~M1cMtLi(ONra+P4YyqRRRKSLsgT=u@^>YlZ+||vXM4L zOECHr_hfr7YsIbOnKYFzkTx@5G@#5!-aA1S6;6?!wVIF6+9j3_ey1qJ%u6{bC^_nUQ`s$YW7H`rB0hMqM}N{$)j6mopu1U*MuR{4704 zaC9;>^>T|m*36706Oaa(z&jxnqYuY$1b%Z}zhQ~9*_PGlP^)o^KW?oGWh{VkN1fry z!<;DOl1odD$6C(iEhS55GfAEc-5j;g>P05St^(b5HBT3)$IdCmEDrp@DknVOh}$@3 zjm&l)3Gc7z3rhuGx9m_OLjV^WKP{wMfBltadmrn?N9L^1L zHSn3}a5!0};hvKojY_pNZ8iG`0cU5Z!UleMt_CI`NQ;k}Rc&S&X!@!OCE5!k=Tc3( z1r~`wV^56QA%5sq9El!Xnh&pLbDPxkV84_EhuW!&bqvegp`mUaV395g^{6Jj8fFHx#6+1&P6RR5|!8%*4cDA=5O^C zPc-Q>>Z%)?y7pW#=gd7j#8{uf?wHRS9!wcW4PWD@0Y#~Qox+ESh_(!nDp@)oq!eoH z1W*H;@pBhxEI~vPM0tvWIUCp8AChOW@%InJqDfMv?w;cNbV4Bv8qrEpD8?DvIH%O} z^C2AsR3Qk{p(>i^(08_F8N7o=9Rz}Q)_|PDPhUzxw=ufI)^Dh*u+9;2mt!|k@beYP zpU)HUjqn=wH}1D(rI+_I)uHA_#A(k2w8Mm{x>0&&m+c!8f&Y}clxq6rkCXI2JXisv zROI!54LJ-rD7olrX})oR)M)!yZ$_E!`=F#S)48%3mmd#&r8yv`wiJ$hb-(<#hmr@i;3&&h)Z!* zf2!P3|0D@B-Lbq60fX@2&8V9sChne;AnzLxyfhd*SN&-0Ag|AdfW9w>$YYx3714b$ zKtXhUhDxT_nHXB6ZxjdCTd2kq-e7zEwkc0l9gey_7y!va?W7X2547xYeB&vy_J}Vz zT%t*vqJdg{$Dk3@bF&)+H{EP*wp^-vCkO=@{>bz0rRdFs1&Y(HTzFD;5cCKuB#zc` z7%?E%kM+Mt_9>LHkvi=-X*{9t4+26&7OiJIaAXtO7AkUjSR5G;{*d@rL{sR6NU|^z zGdnlmE~4q&5$Np#$7d6rq|Gf5IqIu75op9`oc3taqNUP! z(v0*UMCEclb4lA2=m3ST4n=XDH_Vj)+HxjQO|>T0Y0uhoc}LUu)r&=3TW?sTzQ%tK zSASbu?6Sdhf*Qq4ZL$1oKakViWg+)~cE0sm!E?j{)efj1S%&TAxNiBX^IORc-8HO> zux{eYQjXr{KTgza>hGvZ-oQP&{i8%DqC%PzTCN(g$1_ffn41L!^3PYb$P~5&aYY8? zNH@?;a(5h%LW(?PtNO-`@ix7>=gl-?U;;e3u%Vh_=SkkI(J>$;8L=CkSNQub*Lm7nBpE#f%!wGz|c!Atix59G~{@V?yiz zFeL_*J2fGYmjMVw<1XlE%HWZkqO0Np5`)a(a~JD2=SBwcoJ~{7Ev^CwL#wg)!GZdY{v03 zP2U)Lbbd>gF$7-L{4)6VaD%gyq^R7-7QKvs4qg5*=`ZlCRPi=8{JJvXLHdIaTMAuE zBWMG8(Q6@uHF4bP)kS)CwD|=BLgYx3P=}03>1M`L?GQ#AwJmRc<+?D#KXjI(UgBmL z9QhG?zz2)t7-Vu7AAmZe@Ikw%D9VV7n*`-FUjPY`E;~b`wl5Da&p2tpmw@@A$&<|_ z@GLI};gbaQ6gLg4;&ooZRdWog!J?)&M8dlinFPSsp1K1Ii?wb7@9M-2<4T4NQ!J*# z<>q9e6Y3HuY^Wpp)`6Dd1dWG_ni^WX| ztz!lTUPJlU*vY0(3M)NFPue$KZ$t{)D>G_@E!nj#MJh zFKC43TxNAeO4ioa>-{iKRrzGYV-A$LKh^hfPeThfxEi%53RkOsH3}z+Me$eX#gHvp z3(yo9do4YM7=1?eP-6;%f4WLdX(`ixyhIe5a_G)eBRG%qqw69%{Wy!swH`rc-_yk` z!l-UMk5glX>IhA9F7iVry7)3i|830*W>6I~$H%-mg3=nw@&Snsg{TULAV?iCXJ-=} zww=cYB-*R7pIKK}v+yV10cIVsxt90Ox1`Ghgy-+TuzuBxBdOU`XleRcFJ35@)~Kxj zCtgm(l1m%Mo2rU8u4K&+8FTxJdk=;#g8gm zLxsc72!k2nzkSXb`5A2rM_bA)^jSe*k z&{r4vRF5StZ~O4stbU*&S$)y%mAs&1L{{*IEiEDI@k@ z7QYodFDtO20Gg>s%etKTo8fWYAFgpmxf4Fzk)t0W7%xiCCpSLE9dL01lQqxDyl|zI zcIC-1l4n0}k<&hdCJ$6psAlI|s<4pFx4lWAqpx)66`+*d-r}I;l66u3FKmSmUUD&f z4B9-rE=YaOLY`~HKbLunl(}L$^nn+qxj-2Q{-RyJ#aY{8;lP9OUaVeS3$c$y>8&ED zZ|^v$F}n56|N(qc+j4KbQ@c+lBcSPqHAC z{Mp~~I_$GfM)^&{W2@)km{&VxJ*AkrT0skJrK#52;pT10<{B_L*=;wbt9a)nq-k%| zVk!N*ROzA->uY`1ChD_WO0Y`eClBZ!^D0)PXoAGskMf+FoG9Ghqld=i-E!lP} zhdl|qOz_LYW88+m)oho~|B66uk4jHxAproAsQ(WOn1hj{qnWkIf0-g1)vas}SP{Ry zd%r^PbLg&}cX-j?39c5F;iQno&;)l;@Qj5VylHCeCPFVAM4pY64p zb6hqe+#0r%y}T4^&cFBM>5Zr1^wTRIv^vsogf%NK+%_Di>hX#v(~s)2RYHD>F|JxF zJ8}>+-mJB(-tC4an$_cAr;0l&TDFL-zQl?UT-hMr?maSI>$RnCwj7>eHo9!qhYlib z?aE{-%VAmzf&1yfT^8r5D5+oM{alMzrrf5=jg7tNv-eaj_6x1Cpzjq z3=g&U?Vnh~&cg$grKfr?fh*5Fz) zifL?=3t{CxB3Ip5&DlQx{=@yo!mFq`c-7q)7_evIjy>a(mHenOTQ+%Vuv(g?sHVWP zclPE0K$f1mZ>RH!XTNA(GG`$jeJiJw@cUS^(x|3rk|sLH6ltP%srXiKbJ$|ja6kJi z@zJ=CZ||+reAHR9eqqHyW|p`1Xw{Iut-<_b{?2b!Uqrq=)2h+9;&Rj+?$Ngu@-kJ4 z1qw^$WTIodq$1y;zQ|K_W!0scf~@a$fvV z<~DPpoH10vr#om2gC0xi9kXkmZb&~RYTPznlmx&FS9#x8{(HTl$s zW}6p0J=CnNm;^#WHx85dK1u~Y8Z@M^d6#3F$$6U&#^cS9j-6`bT#Ec^OcTP3gb z%%wk|)3_?$+F0I#chPLMj>ifG>DOaf=iXMSuAW;Q`z|h3xpC~>`0%3CmTP}Vr|z<% z^plrDfixzA?3LrS@G|xO5pspI_CDigzkeUst*A&d4335CohR<*nRFz{m~+K~GfUK8 z=vdYpIwt5FI-e{SYHGbou-C~?J<;E%Ooxz{#uG#i7$>!cPY~}gbepLOc0{iq&j^2~ znYmhaBA{0V)Iu8~u1Ko~14)YWEQ81$(r#DXITETX$q!@7mMxHDKSdMJ9w+8dM&Ivr z%s@!P=SLnV5Mf_Y(BEz(k1>jqO+oh$UzC0n{<;t;mSFQtl|RQ`KdFy(RODVYK$9xW zCH(@O0Z{~!-rH3%$QODq2o=F1Hjx>s<^y`G`IQJdY8AhLX4e z@SK$R1w>m6@(fn&l#2L}3_gMVu{m}bE%r{(j;NNo04Ssx6@!W}QZx=iP4|L5&LAgz zlQekcj&^{m`?*7cuKYR#$l;A-Q`QhtFvwY>dK|>CRDHzX!`3bNVv6hgr zTRrIi;Va=rOt$0~uhIz~D6gjnxnJB31{3rfgryN-d9FQ3K zJXss)5W`%f+Bj*0a`{9{g0Wrgv+DfUruDvls3ciY{_~Oa+&iW-`Vw*>Xid}Z8 zNKEIwwp)L%RBC5StY2vW&36lLao49Lj+nJa=;;V{HhYCfaZDNqu$_|CG;dn->IX1o zQDV3ZQz)Vf=H#~fmN<)&b@QsS6fmx_w5GYgQFraL_RP23w2|o}IBNU{<~!qB?@0#@ zl-uwtN1P)_|E3Z+e(zrHBf_=XI7+~uAqdh$_jxH#H}**t%2V&rGNUa6mpak54Wp6_ z?%4#C^q3we>MI7D-#d*Hwrdg2D6uI9@fw$kMl z3saf`&8Q9TxO6fr_gkK!KyhrwsI=41a%xvVt7K_oh4k>aNt+NYugmU$9*k&I055YI zxb@Fx<|pp~3sL|Q3V>wBdCqF?eF+n?K4!*Hj+CUuB=2P}D`e_-zZH%aqZ5GS!u)v} zeVs7NT?ZMF*%dsv@f45+7q|c>VKG*cU7YIu0yd|xdqQpuL#;6YDH4e+MJmC-frKzw z)wSaN+JFBuR>@nZV1xc$g&)fv#X>GTzX}y3^|}Zh78ZCy+-GNrgn0X}ENPFuxga+g z&>S8lh=`k|AQ4kVQxO!U^&?a=>s1h|%Rp%P#idkXN5G9Wq)_F$ldi9>ctkA|^JJF=q9mV|LC#+-o1-O~M$5Z}uM z4Lp2}fG$hE9ZP)Fl@C>AB!6_am(uM($hRAb$HqCE%^zC}?dd4gH2Y+sbE7DpAf`i5 z+NF~kQ-~kI6h8OEuK;Igb@>;E);c38_Yi8Om1?Wc7l!FN88ApwJue@RdBP@G?^Wa0 z7SaxPv(m5^zim5V_`|Gu!me>+5@_$Wuza*OvWK~IbUQ5lv9^){(NmTzt-&Kw?ZSrS zYF7u=?$oAU)SM~Pdz$@ZDd)1GN;7h@G*aKiGtSdF*FPuH^m!+@Y)evR{gnyl#cc=VK&R}#%%pHf7MY8q4csvoMi`i)()2E`^)#9)+#lY~Kkw|&byzEu z9CT>9`SxpqpGDE>biU>`R6|-+j)WR6a=N&52PQU75QC|_n7tgA8peo*bWRyH`7&07 zM=nC1rtXy2I=c2N+AnG=+{_GHlmwXK3eZ&24 z699c=6X4Cig)zaeZvqK`9KgWI!O_M_)yk62%+bi|zZejHJ~04!?k^?!|M*qLO2hio z!;97kx&wsMs=|Bg=W8$!*y)S|NUvke!-87dES*AV{yX-fdyrnUoF;|4?Sog|k2NNQ zsI-+$hNtu+PH(@Ah*qv4AdVZBeN0MCOA#E;HL;~EYy=qI65sxPkL3_Y70lU^c5(72 zk5Eq-*|=Mn-kYbn+{Jx~E%|{=(K~i-xHfZd{mWW&?S>9EXn3YEox==tgklBN-c@P? z7gHvFxq-5mOSxBR_5NM^@IMzqxEfH9?)~1U((iGg|BvI4wYRZ#`2Te#nXv*E1N6{A zHv!*Z1s>)l5(`Cx6qQ!FD|G@j)dj@CtFX-qti#_Q*v{wCToN}BXC9@To~Ln}b8bd3 zA&yhNzo8vU#V5Dl%fvJMp76ye1uUa|s_csuCFM^a%D{U8POcE863mK~DM%qT!B^uB z%El7u*$c!}_geS%n}gOKlj)gO6UC!Fe!`7mCfp$efo3vgDM03XE6##QAz4o9f#g~; zRx1=?WK+J$VPa( zihTXA>jT8Ab8HWO|H=FXivRD58EYpieIxr{IrX23lF5`U>kU@qksGi}9N;ao#S|lv zQiVn{1;f>FKfsAg`F=9UV*jb(K zT?K=`#Ug_V)Jo5@CRknMNop0^^~uOb#h_E6KXphTQ={#RczcbF&)3lss}YJ8VIB<5 zlrG~|@>)MlBBcU=p)x+?5zA28ZhXz6(=f$u1IeWmC^)&#ZSQJ_EMlSl#xmb)=KnXl#DS$IJ=ucis?5J?RuyU|)Qa?vUo_R~m zGaYT(Y*EPf!Z&95RWgzV@vaNu546mb(6b>FG-S#zg-XDn{W8iL=GH(+I)*;;nlx=o z2Ka^&2n4g5X#N3DW<6N)83YK2zk5(Eh}2eJHJm<3?(45DLMMKswN_8gYyeltapUjd z1nVr&b^E;Ca4BQ z{qr|6I&=zzi2LF^O)uXre~NQA8#ha@jh9Z24_rG543jtJ*_M1wV}U11w+X^WGw{%@ z&y!NOjEZAwK7{4q4{cbqcu7qG(`=bc@8=TQ8uSy<`qIPkcOx8?KJNWE1Ib+1k`}(E zB#CY@uks?t+f%NBgi8WuHe{iOxE^Un@ZFRo!JRVxtDzKhkVJ!3yWhKd(A-Cd+vx`_ zJyjziOlta7Z zrFR)%q48?2|2l439YzRsIm=_ClV_@#CR-C%IaXW&(Nn}CT7v5k@c zvEM~`4nPh#$)iyfjoQb_EBQD#)=ZBJY0O(dt#yw9Yl7q4Ag`&K#E@w~)gLt80Ro$~ z&hE>+rcMEwzResco0dI6>&nAFQciBD2g2^orCQYt%Go>-*G%?2U5Nzd*g+A2EW>6# zmvG(^bXpPA*G`?{1c^2p0U-m`v`s9mP_VT=s^?~C2rDPlc)nff%9e_>;y*17)y4i5GN`m^ekoxO|spCzZZwYBYLxbfW=5-%}Gg?0op zD{0hAIUM*aaje*rGc9+@2P06_3mKFEN;b2)O{b5Lwy<$oor`J{<&5?Bq2yk?-?R|o zAMRg*bmMKl`kA=I(5@qQEs&8RK1~>2=b#D+IWM2JfP^j% zDHenp2SRcZ*1h4R4kml2&sxCrsvj^g4yS!s)vvT`mxFkD<;!Ruw;MZpRvS*YxgG=K zSkwvwvlU74hNhc28@tC4Bf?r4!|3gc(^fo4&xU=z5o7ZH)!;NYM{*THSP zT!aCwBb`AaqyyEhK_d6NKCt6Iua*#g;BO?bLSbg9x2lK5Vr@+$888xuXWnukPG$qs zJe0%-JAUL%6_`pOoiwGxTO3ugtxjq1@J!1jO729Eb~buQ`dFd)z_SH(0r5Ea0BkbH zKQtikr2vn6V2+@TPLl|le5wAlYU~)D_@XT9N-IY?5*hSCT`&a9uc)iI!H&J!R3~+? z@tkytiIwFbkc(XF6GfP$v5VeLV`%HfqC(thbD0?FRjXJV#!>MF2-uZ7Ye(}~Wrm<^ zrE#_^T8$uWrzcN4&1$tckACaI%jkn8Ys}LAh6CwbnSN>zFKrdB54w}OGfi=tC-VeT z934fH|FCD#8Z7&kr%^n`q!g=v=o6Cb_)IX0E0Bsv3^{t#7FI%PC8{W73>OS{v~ceP zla1CV6~(>kDMARu?MnER7{ltm&Em!LSQv7yZ-( zCUC@cYTJpVWvSH$>i49 zvul};2BMnLmp&XWhp6FIl*-47n0L$~HPvQ9YvyYm9q{whmm2R8?-Zm*yW?@rs|mw? zWo9;jd~o~h@NsD}szJGjdQadS2*O3fOi2T#hIrALGi*qegrU4KUY$0)Pl>yhx?l~- zkF103*A7H_rvuQfth(mhL0{YE+yOrfGR%;Dy|i}fauS-ITbjjiaymMJohsa~t}Vc; zCtwEz&od_Hm_=qHVHoCA@el(LbblneET5NF)z}-7?r2-&QcRR&gy_}KpL5%;xyC(K3 z%~VTP@0fywKH*CA4$`QnVfyQHj0a2uxk;bWu_|JOseo+nB*rX13*~+8hn+}}<=Qb%4j><%t1ZHSZ|;H=gosvDdFVtp!f!05{ox)+>NTE@XOKJYoZ+o0gcM@zqb_Dvfh`A8VX;8W zIjiHKho#J_6|o~{Me*ig3|dYjb*Xob(XdsF ztVOZFD)X9=RCEN3pz2flWei~}sin)FQmHk+Trmep1mi5U!{Z|-!7mhBf?4p=#v3^f z83&;Jf`Y=$#d9Ydp!H=PO7IJtw-HwW>k_W&D+0}TklLw&gjJUnH{Y!=NrxI5^5f$Z ziVLE8PPwwPr`d0su_FqR0MAQlWueFH-3%XIEn(?=Y=t!Hh{P*8BQo&$eM@7y*ZoQ1 zwX!Td8zV6;As+I*&={{P4tu7LSEE0SodYMKB0)0(`)pc1!KaQLRFAOdNy=R8RY@w@4njGw=-VR__ECn+8E$GdqDIrY zV)MXf_9=G3b}FMuiXT|H$*6J#iL0~vgwlsVIca)|EG&6@N(G%P;uBqQGM(@&^|_%T zoaioV)wESbgscl&lkAlRAM%G8cFrhkb#YsEz&$53Y*0vQ+^ScDab;a|HaA7Gnjvw& z-~pQkYj1FCJVR&OZf6hVP3P(x9_G&E_hS7AnGhN#yZRa1Q9!Y}+*6HKc6ojc#?%R> znWL}%Mi^n?Y-WdPz|eK;MroKC7+Vf^omb3H*3B$O?5*5$|%AoIiCLNow}ed z3y@+Y2@(|@kBo_S4drLVll#}$-TeHtruhf?(>M=z3*_u`KAjyt9e4Tu`A*I*t3v|; zSq}BOFx9}v@9zpUVr;4m)~%ub8>CLNn5lOnNWd?tZId7(Q6yP*=C-2t=t`C-_T@fK zh+5@7C)K7%JMLgSvHc)b0atj-z=1h<9vB-I6M=b*TmXp&Q6{%}7LbdH#H@_sjnC-& z{63yzv$crd32%nTTZ#-3+#j!U1Q@)}wT z$8T*98(NEtC}1ZQ)w8F8Q5Rzcctq5Q=TPVcQ`wyL=M+r+=M+4YMHBV%P6+Zz-~n7> zU%|x9r!Ubm>ht_zEp5$#S;UWC=bc~-SR%6K!-oouWA-EiQC20n>SOit{83)zQzFD| zz2`Bc`=x1n_U|TO;G#H}*M1JMhzrc=MebdQA?G;ej~g{Bp<&hM-etQ|7Nxh!r&J~x zXADt-5O;hu3jgA(?q5w(Y7}^XATFcJw7c|#lvy3+J%r|yN;jWnxncC0#7571l8nb; zmWa4%a)i%HEa^GhEa`>vZ6H~+`ImlM63t3sB+Ptyondhrf16ols084}pXNKV36BrK zc=fQ- zVztnvTgEdzMyTEEXfQYfzrGZbJLT(ke&4CK0E;td_6g3585V7%~{4DDM zKj*5=FsAFp<+auRO|L>WmNSkEwQoz$xGMjni&g=f^#j~zJ8#`vuhq7n)dfOx=2_Q?uSy&C~_1oTu z<8+FRpXqoIg`TNtCOh^v`VS7#W^+&b~4IR5=IO z`?9Gcn)5bslbmyx>q26-z}z`{@S;p>Yfe1x}Llp z2BWEf_uv)LJ%-4uYnjR74+}>}fjBvm2`-wP} zpai>jsAiB;SketkCey8LX|FB#eYG6Spy*DKTK(Td_Qyv_XyvTfh){{G65Md+6}V6B z?)nNGdTy;Ol+&VJ=di|HYll9@+E%%K7j!Y{cg=(A-p)aH?T<%%HFyQSh<|aB5}ae= zMoXOB-xn}V=E7OltaR-6u%dpXl9g9g&-SZnltG=d{bXIl^laSI0&}Z32nuw*so@jT zqrql{dH6!}bR)y$S@FtTXie;BG~v4YyjP!&rZ;=sfqm;rEXy1Fk>}*=6Z?5O8m(q& zc_x^0UTv;MN5*w&8y&P%m$soC3ye5BX#GX=V_P#LWbV$D1LC8zJvfzL)OxclCr3yh zgui=nF@4W8?5VZi6X?b^n5_pnAtUfuS+w$#$HhlG9J6$GL58pBh_oMI z1QBw(D7yMz7b1G~tER0`Mlq+Z+m&!V((lcr)kW9*F1JXjK3v01@R&}lFyUyi3PNd1 zZr|A3(UuU191Z>s$bBam?VTw`m#P&b8%Y1erIdg%OehsG^~@&HT1L#rthLFP<-JRN zQ!;jHsEwj6OkvsVj37V6J!|?1nZ0sGW6uJpZ|?De(gNj;R8Imt38T|pY{T=QMA`75 z?9p!9n*CnbI-4ee*>ro5c`H{)Kk|2n-UhE4vgF4~YM1%uamepgESfd}@o(k&E+=-i zzqs3jXW6DUXxzt5Ym#R8bk=emuT!|*RBIHxO-|o}^NRv}RDF_+hzl!^>YC>%_9Vs8 z2wl)Fm}KTY{47N>{3j3OMlKnxm2Y^ab3wByO<%*I94{vdWgD`axj9@}{b=!&k{=>x zb3k33Doo1qI6Tr~<7~HkRBE0lGrRW=N5bNUYfJBIb{_HOMgexnOP>4uG^LYqZyeRn z#th4tx*Rq0;)%HfoX*(HgEP9*GDz8#8P0+PpuraIHQ~ET+T~}vTE|c7cY5#Y z_O|iKypv3~jHzod0F9Q*YH|itp6fH#%|ZZyWg%}u>_yXT+PB!1J&)}a9duZpbu;x| z2BhfId7@lL?Th8fbJdw>)Vune_t8ibB|M%v*72Jiu{1K(~^^u?{zk0DZGfi z{`&9K6x#W7DJxhani&xe4)?FriIb83%U{?jDWh|itq*bG7QfTH4e)=P^^^->z@?5K zKgR^96o6~Zqd~}l*K&{-${infHgI~0K6JSHl}C5CLZ-3hX%HmhF7c;scv5wi-Muvj)wc6H^%$PD)byQ3N$Z(MjXm@Z^@#nmn2*`?N}m@b zVrbW8Bu(!W6I+kr9ojO-9w9%K8znL$dK=;+PRaL-YQc=Hu{#G}8FRQ=Np&}KyvmeI zLs5NYQR@{*RZ^bAY@pB77Rjue`6<%{8&h^sZidJ?y~U%VD=#yl*KSCCyxZT2Kt;l$ z#*>lYG!A}#CHs_Xyixe}VuB|gyyIBO3G*c>U%}g5sRMzXT5IavS}qLu`DwhHfnE2r zBdqFZk7mj@iJomZ`zM)vAbA&8q!Q6uB-`2{L(J>ZcGjMas<#l@WnuPCq~qcC=STIr zh4o_x$f~AkOcUr#VQsPug$oNhA^|$j4mwz2AOAmB3+_!5S-8N~5oBTfp}*7J##Wa0 z%6j_dMnBTsE3to6RDTYusE*;Y8-(8r2;~)y=6ud7P|o0*&Cv6xReW)1X2D6SJ4lPq zds@^RjBla zs`^eXKPo+|*T;vet&&oT{9-bS;maXT8zOdvPZE!Hy2W6IMFj&1gyBvz7hw2+dT9$O z8t+cT%9!a;Y(sm8J;wpP?4Z&@)G{6$`kj?K&Az4Dga#8&u=}>{oQXOUVbUMd(2Hq9 zS1(&K-%pYOF4fV1y^{2DBQk&fXOQ+)Yyc49_(=)2UOQOQ{JyN|`K(DPn;Dc~QK!~~ ze)FPN#!NI0LHboJ7QX6A%Pv70i2sas=B#>jgo|;B*mNg*re@f&I8bcpTZ0yG35upj z{K{XO#HT>M%h@omV8iTb%OP)SXAp_h8+|W634S)KHoQo!ZH(b4#gxKTl8F=U*^%?1 z8cP2^@;n4cogbQ9RGF%vu&_ z*BJS>fjfn0eFcr=C8zaj5if~&1X>=zSZ*`-G(2{_j$XpEtwY{TyjqQ_zC`2`t*MJ&7*1!`K29zmVuZI{l$w0y6M%RsOA*LWFfz#e?#*ftX0UO?; zRG+RqkA}Gx*I>#${}QMdg^iWru#toVwl;$WQ>B1OQT(x%#cE(>`$wGqCq)7K++as& zl(5yzLtL-D=yM9DUGynSaF4B)MUgEqGq<-K$aD7tYC#K%&hq&J!Awb+J>RyEb3F*d z8MJ(*tu~C6qE?|EW!Nc&C^4p#I2Uy>RlLlP?Xn_qkk9>*n%UV_cixS`w_kkcH57Os z9q*JrA#~7BJ4yiD&v2}dk@Q{tp{!Kngq+=jj2Xq=4w41<7ety0XrE{#<@oi?>8SV^ zvJzrW7V~u;BKh6pBs}6wq&ez)#Jlssa)ZM&QbX^}65~@^y7RdLRP!X`2}1$m-L#?j zD)hRiNQxN`n|*#6$;>B!AH=x0eu--R6{z@e0y2#Sz?*<4zhJ6?ZUGc z$v|E~lJmfa>17;?J~wE3C(g(vZZ-5WDU(V$MT6@ZlNMzRF9k8Xv4=4RXaZtAM_Y+NvS}zRh}U32jQML2>sed> z7;FEF;XgtcF6CtlOvU3t1ICmPVJ%PT947;Uct?c(hMwk~c8kFzS-Mtp>4>TH=}Ay2 z!QixOk~|1>G>Rh~R998pAC3vOaqJIPA7KCZdAxIXay#$b&7rq6uxBFQ0e@l}F>N_8C+ziE66)IvkpR?F4cS)I# zlY^N)AW=j(+hou#8@o`QdUdR&`;17vi0N>%(L@o{Yp2`Ogy1Q?TUCR+3n^~dE^$hw zL4qm0`B;|Txg>t@p4uhRe>tRNC4(N&f-H6A^BH*+Ls4fiy88((f04$N0*N8yGm6hO zW&536&gCNZ?qw`B$)ODq{C;_2+wRgmMiJnA5}68H&m)o^|MadR5TT*bN1B}{yG!Nf z!TnnJ?(p8dt%4f@n2q+6X_yowwIq!Ol?h2Z0uNN_9J2=oOfIr&ZBo_ZH2NgP$gZ%` z+*Wr-gD-ZMX!wXOLt5Gf9;dFAF^&4p_Xm-cD2yt1<%Rk>r}O)Ar#`>_EHJj7#lTE(wC}zzyK$6V>sKx{!o9sh z573A_{B(b>X+JKRi0R5`aU`L?}726cZMrvNO*%@&erRW#jC$fOp-7S}7q_lm*b zy?yDfIo+79L&L;b6Z~9s9{M|PH$q~COMxYR?l6c`HI)-8;i|ZwBLV)soR1fVjA8jz zE+S7Bk=hpW^MX-p-yDy6&i&2dfk$A5%`pGcFsmPN!zqKsKr!l%@#OZQDGHn5z+}vH zm0hfj?6iN3E((C(9VDuFAYH+5OR%{SY{dHI*oNKm&tUo^hHe9iL}{b1s^H+>>)-!F zkLLzS0@G9bL$K;s6}8*&-^JH%z;JLgKlaO;|5^L^Hu`p%)f+Tq>NoTsMOSa5 zZ&wt$L7%MthW?|z&~5bXJ*hY7gTtTb+dEWmySTld=f=g^`A-+W?(Vq_|D6wc1BQb; zMS}k~cI0gbzcUDbb%2a~+rbT=@V1xRM7kS45-9M0c7)$(b+_@iSvNO$^#?!kHyoVX z;M;kp8*mKSPw=fQ)NK#96C*bsxF~*l_$^Ix8~^)!^#% z`WN`mdBbh=?_Z~WMc32)g1-53b=$%3&(U8UATs_M0{`|@RRAEt_GH7s;lqAHk>KF& KF~J66xc>p(ov<+g diff --git a/security/results/report_template.docx b/security/results/report_template.docx index bf9d5c1a7fd1339cc3e3d70f1639a60db96536cb..0bd056cdb1e022e242a5ef6843926560265b5045 100644 GIT binary patch delta 19341 zcmZs>V~}P+(=FPz-P5*h+nTm*+j!cxjcMDq-P6;yZ5wyy{qB42`6BMm9Z?ZgJ9Aa8 zwX!m3AFOI0td0s223v$Y>8lk8DA%Zw1u{AiaGtuZR>P(b&gRV2F4^_oi_^ZM`kD0- z&ElPQIj&QrL@ya^g0EbJAho)FSahZ{4LapH$UE-BL5b{7iA*YX3)!8MP7bBmH?VxJ zeSW@JIjXLD;OxgolJ>l0OB2uATD92>Ms$c&H|aY(C&`_RHb}N8UbB8^sSx#2eb{~p z@J%rjD8hPQzbwP*o$&!So)BDrUzD@#$(PbabP|P+%ApPbcH}&^&J-dSXtu8j1i8ts z(*Eiy#jwB)q|+?Dmv8zeB$m@SA#gFD<^5Au22*dCWUzrtsPIy z>XfApLaYc7#fK4PIA;=5@CmsA^dpf78XX6%-)pEY2|bYfXJdEN)n-w zO%tg|mh|G1~g`mi7lSH(O8T&hkTT~FTTXQu|~N1ZFlP43C?I)AZv2Q?DViFf75ldHS^ zxGIPgHg7$&I4C#e*2j8EzoNge;>uN^nAT0T#>A#amX^fg+931ej?LdMpM<5^d#;Tg znW(>6@#ygrzdaIEBY836*cvB12G(!$xxq&;l4xc;I5K?Nzrp>7nnM6xKjga=GJ*-B z@VPwFZ|q(R5Vx=GMw)+LBMvE#Bnea+;U*`XZR%ILGtJftmxtlNwW5A`Uh03kt6<_B zrg;R!3^IB8y+pnP@@!zlf1|4EzJMbzN-ZBO@j#2`?(sw3ORVd~P8j{DS25*J*!aaI z@udtpnD+ut#N%|kBj)&e=*8WRgE+8pc9(>h7ZvbL$G%1hQL(tli-L&st4JnjZFAMP zbRdSTQ$KazlZ($l(iMbz;3-Ydc>coI^AI%j_OJrwls%CVZ~%d|Og1ScxrQs1@@JpZ zZ)C7a1p)Eg5D6Uu#t#Ia{55egt;bwWsrU2dRKyco2L8QDs^{}YCbaFh@=R@KL~pYK zfXdGPQ*fhesmQqwqNy;ldcDtBLHh@hi3WW~_|M~u!x=BP>p>r_smb$eL#yknJ;cW0 z^-|z&Y&n4l09`DTE3W%0{dsnM3i(T>{3Cws_taOyCzQVrXB|jF93z><73fn4q}-R) zXn9^WR}>+c69hs-VX%Ov$e(gWm4Utpr=?LR_TO8X-OgxY^uKd1=B6kdRREmSeb@62 zv*m*|hOxwMAa8#>Sy1u^tPY>3JOxh0>P+KNHlHP*0ae&iy`S;jG`*?Q?Q6acC}uMT zBX7A$6!KP1N?`h>cbwpZ7^~wrwg^d>rleC)Qy~bIxOzDWlmntrxr}vO5C})q?0J`6 z?RfA}v+~a=(ofKa={H^1&PEX#nNv+*d*osp@|xnymv5=O3tO6zMx*e2lD)zP!NZ{x zZ0^o*0Ng2Cn=?EkoXzLq4IHoQkKpj}m;~LmS5m(-L;-LpzY4;Yaw@ct0Vwobw>xP_ z6Y^YbD1z!84?MG9@{UukMkUis4vb;-<@ztK+}W~W_n(-;f+i8*zpf3Wn-+?Sy+2$l zy!{7`H_wmOlLXdyD40kR(5#Ju_!jvrzO!^o0e1Y*prx5~DJk#jCTyKjFf8)CRPt! zJl?5wHyv|vzN3{(l0C{p`v};e+ziPfEN4_NX0p5Hh?2twj<(#bi>(*(L02>GtZfm&o3={GjR0kdp zK(!2~iYBaNzG((CnK>8ByM#@n6I*Ej{jkGUr#kmgqYcMsuU@lvTI@5^b-2%uKcHuE z@Phc0F+C2DnvY$huD>^TeDU_hIU8L+KjV);EPRCy=B7J6R%@6LjI-*IdSX(CmPkifs ze-czQxmUi($YB_Z(Qer;eV>|m=T33C(jt2}M*I44$Cs3%KQG->qV>&tfRbi=5sO?u z{xUSga51jppi!yA?2*#sg3ZCK4tS9XR}-Y>gaR6}d?LN~9T{9U<^N*mkb_9GwUCp@KyEUgWdt>hp>b2$_)gz|ko(Xq1R~U_cO8^yV1V`)21|N83k_*ZGwi0x8f4 z@ilQJsSEEukzV){Hp&FbW{tV=95>dcgcq*)^wpzbmlO2aeQ*&vC@FsfTkuf(0Z5JY zV*{X+jS54N&L%DT_1`A9e>d5W5`o^Ym67cA!AYAh-F+9{nv-A)o(<37C!r#flH>T% zzg+H>EfrjUro@-a`{(FX(VU$)aBL$#$if{rKRZ)?8Wj~nJ~@UTWB%MJH^WFT)V5LI z+#Ao1wxnqOLW#JvCw~46=8XVdPypN?@O95=eWGtn)Gsh&_bMn?vuVIWCRwk%xfDV! ztwoR;oEG&5hJ_?RR=)FLbQXiBJz0M#v)$3FxETuwj8B|JUj=ZkIeFp{@~6_cGG>dN zfoZmIrNykSY&zy<6zAyi7IP_pvNNOA(~Ffs1g>L(4Y%17r$#LEru0&kA##!duslD$ z>47A=dRF+4M|w>T*GNDkM-j`p-B=eqEkMEC-&?~%un(ujxY9qF-m~Dp$0pwQ^Cm4{ zpL^XMX7H_r?>!b>YYq8o;B_YI*?zi(xZXcNSwmAAd&p>fzaMrB(Uaf*u7!In4BkdT zDKugS=*L2Sl_UDm)yS~XMKJ(wr(S%zM&HXmAg z@x#25L7~T}kI^U-^#j%s!59;c+#5IEGWmd%UT>d~&hdlEPX-{;CuqRi{-VQK*aqo` zhKq(FP^kMPV)uJ*C-yRbuK>gw~6r&SR2#|2l$x?^2Dua_zc4Wzx3PP`1IwXy&Ta(f%V zY5yVZhsRS-*PYKWo)Bo%?eGf@{bOLx>NDl>70!=2K! zsiONYfol%pFFVO?Q6tFl=&EEbGc^jN-QrR;I$}}xFYjuq3mwrXGPqY{4 zKJ`m}S;S?FVuK5g1+hXE^d-*ja~bYLHx@e`<&AG)M_7tLX|(cFGAV6im8VbpIStp% zv!ed`;Vi6ldUN#CQ&ZYW2L_w&>n(W*n}hs%j*!%FN0e$j8PGU+dh?{3IgLsVpTv5r zv{(EC1h7E3VjD&;!W7euoT$!C$g-P_TH0?2Lx|Rd5tvMC8~d*U%Y6YLto!bNr z6sbf`^uRLyQ#>j`2CWs4{gh~NYiAU#4-*Su@GSlfY=fTqQb{DC&wiOyEz`5V3Hb8AR)7xbH%?&P<0t$! z;szCVb9sv6Gz29rD@dgWEjAgQ1{L)~726hR-SPpKjKTTA6HK$uiwTxc)da#%{}*{P zht?@_LAuHLC64_3AyV02La|>-eaF?Cn=t8p&Z=sgU<#EdNN_%nEtOInbg3^GX(-7B zwkh-@r$EP9P-=VA=Kprq!%)r>1N*Xi$5SufkY`@;Bvu+1$w~mC3bcjt-KnE8PsJJ# zG-}z!%*YEqIjiHqA48}R?0?yxceDh7nEvpa%G-NCru&k&gP}5&%tp3|$=u95 zCd?kzg!zA&8(fLWZrJXosg0Vvu57)s3!&$CD+WMOAl7qnKMB3-Fpf4^nWBcnf_Fc< zdE!!2G_5i7!7uHbKEE;QwSzr|KtX$pgZSW4U4+H^gQ=lrlBdZ-?Pm$U{=ZIIe?r^H zFo7MIg^kqEqO6G1pp!sST1sg?hTTEEGjEjDqoNfnOuckXPZ0g6yEab12gJgL9vi?d z$pmS}uD%eQCyB+W-1GT=Tr@ibAO}9U&h@8srWH5JCw)PiS4>|VOnx4S;J0UXC77OZ z`Osg^4iJ@#-!kc>4DkOgs7xf`ZY_ZMAJR5vF@_JBGA3`DnbL478oWO-J32c3GZiHw zVR007X3ysx?Q1!Z_XMcxrKIoGQJ`?&7lO*JjN|vAhxkfN@qReL50$_CGi+Q*uvr*Z zRQL349|I1Pos1yLE{|w=90oSLAEtuG^8^6YyJJMh4v`pyXL}*6Ccb#Cz?D> zzhTelZjs=ASp_34uhEDR3nEWHx}nmD6Xsagt5BAraN9iTG#~KScgre#Ql))G13tIE z(>^^tKDoa38FJ~b?Dhn<<$6B5K{b&IRAQ%z3p)r1e*zr>>6P5wYHD5(SGthGPB0=I z>a#Tv3Qm5s0|#n;2wgo|d%gS2yj z*?-I&eF-6ssuCv1)iiXTx^ne=e3@Y@fh}W-M2aOdPul&hUl+gN5+WqL{U^ju2UG6& zcWx4*;y4<1ySg&EHKFswU=H;$(p;I|7{B?cuL)*G_l#7&EV*%26vhBuKc_|YhNs{c zX>)Iu0QzRUAu4kNg{WI{)~M4#ua1BbLm_a1st~15~mqkMu z3`dLm&V+D%CEd+WF}7m2LnzY%S<^$T>SN__fU@-+8*B)5xvo)qka@A&RAAStpHt)S z-S&}EH!kWZ%V1CRlu<)Gf`u`FmB9;YFH!LEU*&?{7N&sF-x+g+*rL(Ru56WhT*8*( z56s$bAXB4f-zec%?fG`KHa=IY`>*}rYZ}VW1nl-MgV=M?TkBwnEd1L52ie7DC$tY> zS?y_kLrhCMwf`du>GgOrYuN+oB7Cc|(` zMsP2!jtH>A0yP-!H$%8fj_}pu?E%QMfl0N78&C8DghA_d?Maj1%EV>+E!Okf?=22=agvTS9!Yy#=6SB z^i*FD^BC8M(cPVOJE`69bTCa{TXp-0wr|99_QwMO)_Ep;oK_FDx~|GfT>EI$Q5*}`r{SmqL(j~P!-JP| zcba=ntY8+W>t^)wcPkl8r;*GdBiR z!h*!Q)dMR6=|$)$`A)7eJA^}U(Nb3ga4I7(!s<78L97A@wsr0z!Ulo`%pV&z{eBGj zG}WLq@W2$t)%c|G$DxyIS)pJ{xs2OHuEnk%!?Ne`&P_LwRiO|Z+FN8@PhhoS%PC6* z7)J4^1Q_g!GJyK~=zg{5~h^ z*|H2!5@j6jeIV#j5jX{vr{7!Pe2Y8s2<+y_@ineyZ3tsAYwJjpTaa|1GD74fWn=V+F}<6f6MG~l=CfA`X_e!w zvSnv2@Y_v2b!kxbn|U=&$9Z6hSAtytoE18sidW( zTzrYy9u(uyu(2sN?GEH^Aw@6-_%{pgfbmn0lw$gYQ6LHSr>7ds0KpMXrgA8gdkXJ2 zxM#aNTiDojRlYNS)uNChO8HEV0oH*6CI(&S+&V9m4>!igG8x&ClsQiO>V$k@79%NY zjWaSm#47y1wF(A@+Ek`+6oYWWW{%f8VohB&uB;i#y1B$_FMWX|-#=o%fxh(!;D=kl z3s;zi%P7UieY&FcKLA%givG=}d|h0G&v*Kad6sbU3ttExqfm#WJ6L zIfjZjY{Qp7&*cP(!I}{Ol;zg1u|FnEw{z^~vSL;2_f(FTI@}yPfhG!85Ge{;+{-q_ z?O_-&3(;SQm%hW6s{m0ibGV0In%9j8`qT3?o+ChnC#f%9!&SzwqBoHgN_f`$70hoW z_iw@S)LUEKkg$-Vm2QzBWhY8V+U8q-HE0(Y$#ufnk#7B;m$EKEW>{Y2dbBYFK6fu) z{dAjv>1TLv`jkNLoicZ(WB1vw0fPhkpHJs5PJDFcjTie(Z6ABn9Y)#wk;;@x7{8X_ zKvUYG;9Z^&GL${P)??;C3yNZ+AZ4fc6|TgCE`CiN0plGKzH`$yydE=W$<{{QI$-d9 ze5acp+7GVs@+Q3kX7kv8f23h7=Yo#h+dTQQGuSs6@s5=oE*rj117w(fPwd?}v(qqK zmkho>UwGX$XU9g}nr3V!o4%BAtbTqStS&n6-bkFK-QUPa;WmIG4y`@#tsfQdM7{|L9?DYna$Tq4o zT4jzl=enS%AtK~w3_H z<)&f7HRz`SF-MCSTrhbo*DOS?FnRiKbKN;ns~^5x_{sB5HEZkZhj`Ntn$Et8Vjp>j&kEO*ljAW8q>xMi-E*Z*|7Ibr%B2Oi#3AI>wOB6^ zb+5gA&O~#4@1e?^_0iv^ZY;O2&o&->_BO9DOT3yVzYxZ;-#yud!lv-Vj^8_BEKdzY+#~trlmt>Fz0ZP2+ zra11a7HpU4xbT~jsa8fxTmpIgn;R5_g26Sws{A6;cvsfD9$6DB^+G@C{gvUwAE^_k zY@h4DtMQmqcMQf%w)pbZWkBF{=E>*Cgl$E+D?uDb; zp%->;M+ffPt(9BhVq$jsZ_bp4oeG6u4{jf-?Yk_eZT$wp14?M)CXvqT~D6x+UUs- zE>~s16t;`1wdj%z;gW!6T~@M#VYk*Spn0HS7Bb84g{DxL`T#icOp+Wmyb?EM2dHCKs~)~_OwzsrOOyUwOrzM_ zPt($r7(P8s3@#90n+!VYv>8o!GU2{HUm2=Od19NnZ&wW+8HxP@XzF|qpA3F<_NIqq z2!ztS&%1Dz<@$fWe49A#+QtgecG%E$JyLYxg*CT+q5VjBd7b-?CX z7~=+C+6)lV$;O8Ms0VSOPQ=;G(%#Af7_Z@{_P7ZWk$iB>CuNuHedY} zh5U`Dd1?B)I2gYf+q3jiwF!B}H6%hE=qMq7=~mWOEwW#EvJ)}%$x5T^yz>LpR@ubWM{yzmb)t?_6A6#D+nu5r0`L1noP*{ka#gR;o)>S&gd9>MRM3Uk?pIm-qV?j!w3? z)fVbaSY%(eHX2|B1fEem9={C#IKuZVu(UIgUh01X0c`}jxJ@Uy|G-EN*%Vr@CQ+a9 zXg(=s2gw92F-kl;Sc8%@;3r}Pe7B|f@%Jk?pi zg!u|Uh@&tvc7k?*a?n*=1by!gkB=u!X)~Z~xt7_`5E&K~_%@u{}8U!NFVv53tip+_{@=?=>f6{}gSFn9X z`xt@US)ukFOuipY>MKO{Wjja?WfoUa5QzyIha+9;NsBVkC!Zq$h^{HcibOAh#WhsW zZ!lCGf2sn*fQ7I~sY)8?;lb|8se;?JCGhvy5l3Pdw^g~h$n}qkTb!MUAyDD}G-R#$ z5ZjC*G!wN;L)AUac%Bc+F7p6lLWW6H6T>+4CluV9+a$%mh+tIE;O(QJ$7d{|nsK#$ zL&t)2N~E~m0q@HJ3&Ip@1 zuX(T%t+^Cc130CL3V~%FKO%9e>2!ZRN~ut&8d|sI)l~=rfH|_*8)zhaU==>ylK^%R;|?D0c1>s-?#tJJb2=G)W5u|y$_pDYWUGk>5HP8?C9M}WqbG-FeN+MC%lUqPF3;(^KB()3c z&l3UpI~+3BiGKeGxs)D%C!0sz7F#7x&pDatD)SPMAq} zh8@n6klj%MWO8LOqqT0PXh18*P3IyRq4A$^+5Zg}y;Q!|&keopY?Y8AYL$AVZ54p3 zKSt8VIL0qV=YF``gwh>j5?0p-Vn{lvzL5j0P;=#Dsj`Tl)t6-REZ2FET#Juz(Lz8D zSZc0z50L08cwPX~TZ4a@^ypL2;l07m_&sjZ$q^0_&Am_{^*=XQUxC*@{6P5Vm=GW7 zL~~%Ixw~20P>GqSqs-xNYyiKZqV@t-0;v(S6aCvK#X529Q4kY7>cT^YMsPT=NZA^z zMH4Au@Pd46ZLj}=i({5@N;`paZ-g5Exl}H}B2Ra6+-{?f%sKyXk8?0sW36D8yc|Y* z@H1Ey-0_SI8X;e2G`8J!0ri41t{XLx;W~!_FuWBdEOL6c#GHkx3P8^l7Hl zPr5Nv*lHsiltjjhSercBxcLl=~(x~ zSsigYO-2Fk{FJEI^N5g@HKAH=MzRhYbQ}nQrP^%*x6fXH0%MkkX>6EmD??;iBom~n z-{N>PLb%nFvoM61rJ<4tL(H=TiddW>YEz~`Xv!Sfc|SWy0pdz#?=C=h2@8{HNTs4Uo~C3S7HE15aw!1-vHmVKOG z=-!VQ7d~#E_E!*>r2o@{guuO*umnNzc_+Q6VP#fX|GwJmhtf!Qr z8{hVPeEPC1J8jj1Gs`@wvI;AvfmnR!kg&6Ab|3KV@U_}|e~bW|M`bo|bVV?E-B@Yq zsO*;|+iNm^H!=7J!2a&577eM{E=j#z1-453x8D^7+m7X%4){Cm_VlKq6Fngy7X}EL zNdDRv^U4USu&Gy-xKQxmK`0*D77i;~r0B|$?b!eb5HjbwvSq&&utIxU52<2l{QoGj zFFS&*&t|XZpRqcfy$&4zRbQ&xjK`5E%iUclrUFj0G0CL%ZnTnaU)rY=lQi3-Aw14{~K8=G&J zO9laA_&^Y6ULedfu^bHHIof=LUZts3=Kc@E=AzY`;UOXgLsdufSEy= zM^HqLc6^FQE{1{Z`AfpRpVWi$)-y~g^b(iTkBp0wI2}#HlW>K@1#67|c?Geyj(=%w zP11~K9}D7b;(SdW(d*pu5AaLN{<^-s5xAOYHLJ|b!3&Ap%w(aA&?OsXe-S5vs#N;b zjgYJY;u35SYc#|zxy8n`1w9U!b&9q@i{e0Aw#rvcK1^Vf$854>6GWYcMSh+CrnXa4 zYixEDOu@|&$!{Jvujo1VB}eHqCM6SsIz^6XwS}mASXlRGc(9^U%2EUfzsf+ zc@;{e28;xG)mOT33f4RTOD2aZC1n8D-mhX8;MjcDU)bB%H9xa|w9Tj#7=U4&aW%Y7 zL4$@Lmt8-kqea>Vc7sx*edl#IPR8H{1K;RAfqkr|ONi_cc7GGO5iZ&c$R~@cvKigT zcnYa13fSBML$ENt7f%KoKw~XzwRRW1uKeuE*MuAPaW2G$apt81ST(x&#y;@6*r99J zBNYgQ@e~!zu3<^8jAQ&JU;8rFm0bil0srcxt^tE7orC z{TW0CE04x8;tB&G54cC_q&YB1O;@SZ{_K<&n%fsl=ioDlgRY%kd*qtCr)--p>G4y| zQsC^%M*(YYLccPjTrw#coxAtZioj22PlKz3)akeC?U=@h7MyY9Q{!N{Pn3R2jyr{? zT_-D(d88Z0krlnywfFyltxRHuL+$JYcmB@22XDvZ!o&yYS;i?+(s0$+N*4;rf3A`2 z>L+zHHn86zDW0VdvA1-4>({Mu#Tvqq^!ga-@&t94^{`#4`JIp}(SNDOt0j?O1&6nZ zgC#+hcp3XbC^F$2V{!|D!<*rYWY1W_QHQ2+?pAF+=_9q&S)w^TCc7ODT(J{Kv7ryT=B^&y@3OEU%fzzD|yj}psKsjB|R{%b@MR3zERBPDz zdomq9AQi0W_phJcsSt*RRIl5;6@;gbgi~4g{>B5=|C39Yt0yu77U0tZscxbNASZF7 zizj#$AP2|K;$M)Wh(4+KjKJZ{4+N?ZkxwOnPfb)7hH?{y*ZfhKL@lV#6bb$R#Osnc z8mKA$Qn*+b7pu`T^lcbKyQ{x!tB>Nq=xr2_*T_XvpRgCFb-CJ@l~_eG|)eIX}W=r_#7bIzK9a|C-z9eky9XJHu&&%L8qpVSIbJowy{ z*!%V}d%Ms8X?2I3d47s8BLo3KF2MO>`PShuVNqmEtN zStHyb{QB>SDdrE#E4?^~S;0`7j*o_eLZJt)6<$Al+dO=7-mw%{&BVh(AwV59izjys zs^g+M;0)TiXQzic8*H~!Gq-vU%8quurE_5k2|i5-e?zPgm=NDc)Erb*>+W|kwdokE zE5StAkr?h~6tQ64smE1~MfRky6_HWdh$_+kyg^Fx=;A1(*hJ(+x)FA;BR6VFA}4zH zGM(}kk;0Wa^tOxY>;ARFF(7vNV`lhN3i0!Lgqppj1=s)>27eniVEnSx@h2LG9}>mi zB3x04IUk+x%9bf7i(5w0Dc?AwgSh4qXGb&LVf|{L@cC@HrSfHH;fEpUhd2~dk>ws?!FAv`kN zMKo0lgN%@Rl!{97$jqM?db<40`eioQ)*(HU$ZHjQhdH?xS zsr1ABt1pjLn;EWZ>u)O(lHJjU68>cd$`$4|_b4yJjCyLa@u0S~KQJ%w&BIF&7jms= zCgF;wBt|2ra0KjK2T)O^ejOd!<>1kE))4?)0NypiGYY1RgUn|2d=8;Ii6d~;0et6r z;W1P>4+k$O`U(zGs?TwPaAdXFXGfufUs2JSoBKNul2&-#ji~@0BhPg+pA7*n4k)W5 zrbUi65GeD-2lqj^7xPVF;*%oSkEUogIG(tYYZDBkfPZ~(86YS5ZlXJS=b7TklN4n|^Lx?~_x5=&L$g#5y|A}38% zktkm4+lg`VyVh6xmc<1RYs|`SwJty?z`Z{;Mz6{(OomJ?$Bp!`prYga^tH)#jMy2^ zBx$79gn>jY0U(bHJ1}B~IJgAeOdk=XSM_A{C^i1ZWQ6`stlH^iEDXuyT;?4g+zD-& zS9Pw@6R)u-M(sv>EIW5KY_)vjU8T`1`YpT1rWREnN9ktqsh*@)r6*T~A{oMhL!;bx z>ThFXoUU-<<+5;TKm~xwSwR01l@~S3HStR+Et2Bg<8u<4y&ljCLOKP z3>6|Gh8Oa1(%UyiU46HuK33B0?l77*2U>ZFsOnCC;Ncr!#WOcD39wS((s31!7qa3I zg&9U-3qoT)IGwwch&9GX0Vz9blRH$uYJ*s!Px_|59N#2sS_^2{)>EPq_B`F>4G$h4 zvL69z0>l~TQ+u-|_}D_0k;aQ_u`fFHOx@kZjCc&l)Kt%@_LJEDC`}+WO*Gjp6^0ev zbi&8f%8cMf<)3z{85XNgbPZ-|@Qb%V)Olf++0M?M!{DVIVwH8BpI%ZvJ133mDP!16T@;2(Yfaj@$7q!A%>n@fA^+8vblFc2 z;A|loLP#X1a)M2K0>+AL2o8spoS0m9FY8Xg8Jj5Q*FYQp-ggLPS$LcdIGl;4&VlZ6 z`-J`NN=ZRH^Wt{-_4UZ9-5$%HKFW!iU9(BDcr|_W-g@qv3}x8HsKV2?!@VZc;HGSB z5*$xXWvZcH7fo3pW<(!uAW14EPPqmPKrigO?`|MVAyl!}xPd(4soMM@fv|5;Kj4j| zy@Q*8Mk9iVHzh$Au=m=w8vOm5l zTO8)Eb6}m@;jG^U#!Pg=k_|Rm>8o5L4qfynG6zasF|pUo%^+dy77Oaf2ILt4kju0{ zVD}rLWrjp$?-}hVjV>`FC7S(~&Z$+*nvolx!kVi+K z9OoW=BeC9*F!u6qgsW^%M zDy74O={+<+E~*8^K1oKd`*w)GEVP*uS+)PIuqo-Z9u7O2D(XJ}4&(Baz$Hy+MO{B2 zPKnuJ!$1Au^b72ex4~Fp7MnJ(bMbC>g3fz4maWBI^ScU-Uur+C`P_5McxRh_t;RcZ zhnQn9!F=772eG?TwRxveu>p~eDPVJuG#d-1HQpTD(`+AkYCSD&paT?Byv@QnM$2>9 z;zUD?u!D99A6$OY|yVBfoA+%luq z;@#XH&U6ESW0~6Nd?zW~!l#h~(|_Gn-SJK*NkHk*e(eSDO{eyh!XHo-1@5N+2G)A@ z0pD)!l8g%Nj2hk;{jN^&7Kg_pV_-lrPE+|kMqpHc0x`3icmqKbY#}V%U}+(=V4>AS zX~L>zU3=J9e5>A(f_+Ae`1{l@=&AWl5&riw;?pt~u+!fH6^=dD5YW^XqG^AhA@gL$WpN zfD;AX%k_&>a2|X!D+HKZhn5&=jmbs}_0YlceM()SY)bIBFc=?mgBB&KDEP6kJ@a%BMk}5Bk88^tr1R@U$ zKUH9tR6=Y93M(WM{X2XSxDcfIaf<1dvsAaW50xjXV8fSA5kRRp7AxK(?tLZw1nBqW zjWJk+2IvJpEJu4z7c`}07aVwwh6LI#Xqn6}H)5ZpAUk|N5q3(f4vjW!=j3%HC@xFF z{!S4EZ2E$Eg$-pFfm_iQ1d3B`yS2Myh8*%*hB)qxS4e(AglA@Pdsn*DL(+k?Yc(0`E7(^)3Zg+!dR>c>39*Ah12u&3ysGVq25mluqH zl|XA{5P&^~*TC8hdc?ChL@!)bW-F?IJ_K}s%H#?L;tWLHU3q<;r0fJLW8AW@@Y`^F zhbhzBU86#}+ID||rWxV^qcy^g-7y0k4$DqvVSs>AXn}x`fq;PA?VU^*oK0O^EbYvl z={;<1nzU@~_t{at{Q5q_2=f?ldX!n&wZn@%Z2xrQXVP6Y8cjyjwU|oYnavM=KI4q5 zWv7h}mx%RVQ2Pw+Ivi!}Mo&F&`|8%t^r+aXb7WOIf5qnHsb+aLmT|PIANKiB<&iSi8t(!dx(E*@n^k$p!Gos4w z55v_Kx!v8LL&nyN$<79ElLNgyr$_dPvxp(Sezob3d*zJ9_2?1;aQ><|{tLZIaE(BkF$Rm9e;5;}XeA_T?v=oL?PD~=BtdHgRNg38+c7lZY|K_@oe_)~$O z((l!lOXkmwwu>`VHBvwR2l83d@4k2iwNXEp66st2aT*hGNRC z-)-7W%kGCQk>35AVb9Z5I1mUluIBn?i|R_9S_^!|m$uy+X=nhWz*EO*8PYw!7Mo1J z`G>{c^-@3rzKDkI&F30JD23Rk_849+6@xsXIO7=7RS{}D z(Z;EUU>?B9D5al$Ozci0NQWlEJ@Xuk2}KNs(a%FA#2;=q1OwSRKAM^lG4U4oDy(cD zOPrGl=S>1C^^h?Ps(=}qj+(R)_>7$N8C*{S<`hBVgogBh0x5~}p(TC^GyYcCk))2b z5Hzd>1Dl38T08+-)8L#l!8k8+gFJNkmVNSuTL{1uvK$d8h6PKk#f?pZyAd`WOUTI4tKo=9LgDy^Wl39Az#T>|cC2>;F#|R~im=+r|Bv$y&Bd%rthPF!t=qW9=bZ z2xH$O+t{Lqrew`B$m5Tfvad;FDP?Ce#$K|ogF$ve%J%AcKlEPD`Et&O-+j*caPIp) zzjI&L&55P&Q0}xvW)O_?1co${8b1tJ-PpKS_4o-)C_5qibG)QVtGXstyv6HMn{9)@oEBf&kP6>8fV&|*J#y;_StP?GxOvEgb7*XyOX8e99%e)I=uXcMS z;+??)(~>QFU>E)pLs=;P9H|5H-3dCPSd(a0)`H!3Ds^gO!dpdN_V79%m%crGR~TQT zUl>#9lIdVQ(W9O9;FUlVIk2GzGmSTfqsPX=8Isv!WLbYkmz8yHDUr(Pyt1VVnR-UJ zmd0D2$Bvu2=A5U))S*ZsPo0hKd$@?XI=V*tGYXh*sJAz2l$h)doU<%~zLn#{Kb|CI z8DU|Y!o`VfJ4)RN9f2H?Dn9@LCB3`#&I?|bTO$bU%Hqys{1O9&##R^;|#@_klRzFIKFk+mgCqWESeTQob7ZZ++f1Jf+gn{~NW z?QkOwoU$`0nwbB|c)E2+sW8nxw<6mV%e8^9=~Fp@&H81NJ*GlzFG|KKR))8KZb+`% zxk7L*-OKal0b>~ z9WWsR+2?6-^S#AX2dQ~~19z@fS7@LP3x=P*^I*~#nNacEKT$FBFXVaWQ0@pAb~Mj; zp$?T>q;xp|^> zIb>MLDWvUlR$dwzq9F?K--Ko*hYq00$C~`|yIHua#NrHG8u`VrX_jNtkAlu3PCjVP zdFs8+gKqbnaVXJnR%3oM^rjJ(?&c~)NY2&F=u2FXvEB5xglsp$p88FofJT6m9ggy5Ru)flL&Pp*ptuMT6o z*5jaS@m*UZTW!zS!(e<|uAw*8I;GeG3C&y_vAPV62A#1A1_APy28v^q?%p&i9ET*}>0PTJxhYArb z>J~(?n$4p0Nv0`8xaP_e-f}vrx(BzDFV*$mGX56hWs~mfs2&Rs?s-ZOfBo4c1-^7$ zqbjU2}%CxAUnidP%{0(=Ea;Y;c$|MkK>$DA27AgTpb<00JPe%P;mk zjUP0Up{?AT?nSdpxr-c=u3 zb#IuMLK{}gyBuyo#=T(bSa%&|WUs&a>Sozq@D!!kuR%?!$=XX|$L@Q_i?jQh?4h}b zpY;BIUCi72tgk9-YFz!{E1HKbZicxWh8)c=nqQWba&*KcU{k+2xb5zf$qHAB@WPuU zcYSW+7uljjr-$%CqLfTRhQr#1gLQ5B!*4%UjT{J*``Vl+yW>w2 zccb4~Q2wZ1ec7mN-`+j3#1?feOg1cFsG213(Qa89t^S`8P2y_wUhlTO`B;79T=|F9 z%5txHx*H@Zbg-O^=j2Ac#MAGB?BW+St z^Lj=19GNo@EqV2In}%=uGv!VgcYj3800vyvSflfuLOQpV9Xy2v6h#ZuQ}<`fYZNvKd0VJ^TvmmEOxT*kmh*`{b)iSA>5~mD77>x(++5!Z%(HfO~`APfGF9HWiSh zsw94$NRCvfs$qK%&!bb|N&C*li1)rN_#n!N>IiSXTb~&x^CQ&63*% zELszIJ{xHY`$IiiMgm4{gTbv1%vwNqtp7T$!{WV*pXRTe=!IP0Ocv#?MHDlIirfkOr_*vZB;lACnxH9js{x zUj3Q+!fl>wLA}o``=sBD4|Qyetd;%@ z4eYLp=^8EzgblAjlBY;G9)i3AGjN^|FX)M`rpdFzaPI+19B!#^Q{BKWf$vX10!E>xeeTz|tJ z>a0aEs{Q-x4GI4_qORu(HALXx@yErS@XxvisUJfz)^utP1mR8V zd=8VR6pQ?)aj#p~@DH+upl9zl;oem=$8e?>f*~1Eb8%SwLaxZ4t+cu);p4OvW@Fp_ z=On3%$`w|lMhNHpak}tRJ_1dN>|BL3X^z!GXJAnnNk9ss4fLCQA4hR22z0JIR>$_7HT9a$AMjR(Mt|Zx9=ZrTm(_gb zeTFi+#_vsuRp@XiMLxyRse~1soja+x<{rXKJcT_`&2Qw3fqxgf@)NeFDS;Egth>5< zUVQetJK2%PdeYUO9(n3&UW2EcX0mo;5|-kDJo7QA=SYmD8g!6uPN;PAT%9NPv-Y(6 zVgMAcAkhuIy9v^UhGnoA%Hdgj>Ha}CiSw)cR616($GB3)P>68qDbhTCRPj8kG9Sc8 zQ<*AwSq_CiY!tUv!=Q>Yspd%cp}4a4#s2KARym*#)aW$7ET%$4Q4a5WZr+%(upT;` zsyl~f3HO_|bV5Tc>xCX-F>>V*0}dihMiwZX<(MDrH(ha4>^P*f(u(ca)Mj&3$w>kS z7ZitVQJD@gkr|XnN>bz{X9-EfG}(r?TgG5R#e*gf23E;Ay^6tOX^5C;n~KrtCkRZl zDhcu%8@e5fusU#r)f4fUb$e@UVlQo_*>7wJ!AMBp&C;TV@qBLo9N>%2tL+(1G%KJH zdMNUlkhA9R#GT2L)gs5#w&`kb>=dEhQtZvJoS3)tspsIHx5~0M6x`%{71V|kumK(0lpjaUH+X8_+AytE;u|4>Utx`K^MiOp?2?pEsj1m^rF zn=Ie-b646#k!$tJ4s;&ZknB{AnU6BiGacwQuT)DE2oHh$XlpxwKyW(8&jRSkl0+Hg zvczp864k?~b`Gqr)+gc*QmyCApAB@*Ot1FOCv*k*GgqFzif0!sI;p)?(;yY@QAyOs zGI2e#WA0@eEmdgJWVrj@IHkXoVR22!eg;RJZC?p=L=7El$y+VYBc5acGefku*aW)$ zI=d@pZ*KzR{XU@$G(`Qmrw6F#9}em?V#haY2W`uT%&w_&dEPR*dROA0DK_II3kkj; zKPZV8B)vGXUj6!%JB8>i`em~;59Js@rcNFe5ij+S@Re|wE&FxJ>ZZ`@UJuFsb_`YzMI{D)&Tr8{YaAIeqNe5 zey084xR@qR{P0Lsi{!(OTWB2f=vyH~1 zM@1w=V3#ZSY-BJoMp3|r+3US^*`g4)OkLwfj!!5&krT*DqGIpwIwQMH;=RC~d(|~WTljnx~YqjsQ ztRrvk3*D8t2cce7`oeB8`WU_+`3941)(lX+FFE zn-17koe~)nY&;D9BJjF=4GtfTNw8ggqVzjK7KDQJs~}yjpu-I5gT=~q`y(T1N}a0% zn^(QfjmWNC%6-VoHvf#vo!PIs#PZ5}5jXVq`yGLdv|#{z)|Hh?yJCKh;$3@zUufs% zLha^!l;k`oDLp|d605#9_k_6VW3on#D-Q?`aGp#ZivXx!zERf1ppvHWQ%Y!qw&Dz; zM)zqnZgu3@(M&_AE2-C$zN~Ulp>2cAhb@sqOfTxb!a(v^Ljo!5ZKzz*w z_jC*}M5ij#+2r3tf`Dq%FNZjnUAdgY<5_G%EjvWEza2Ss;*EYqIUhKK6;*)_4NPTZ z__f1Fp`tWz!E(Tsb9O*dnx7!EGYQqHEkL00YM{ILhWBQ&d-!JQh zi6<|;M3o+8PV>^dg>YWq@Nlr?2Rv1uo#zzbx)T;o)vo-M3SG6$D##P`5_+qL9#L(d zC324+^W%%{SKP^6vmFs(G9{l}D=})a!fk)gXXvM0x59n~wPq2HIL7MXi&(-|BPRJ} z#YUZ4YK)ZqSX1{TPwA0PyA9n%>R)pb>7#df7T~~kaVUbkY&4XeGz8koA3dnE&xcRP9NuedciS| zoCd(LbwYwT)3i&>DTWW}NvXyQ_{UWIzK1&`HmxMF7;Ve7(=#7@(0O|w#dLjqrl-`H zh!<0dD6*ndE2u?c0z1k70OZRdU3|08Qd51Z%5~QV&$gR_+02psn}p2%$y1|BUiNI4+9CcXy z$IHcC1KAr!yC5(l5!;POB_a!d{p)5*m!CBgiZTe0x0`c=J`E~H;^7HFi@d317=fb` ztrwGAnesmn1CL!Z+`fD93=MexjRw&uiW3-6$P;}&Lie)K@u#Kj{io0Ag#;)0dEW&QFkeo0L#U?+mUzsuCq@TEsX;+D0XiH1fZU%w_*v$|M6p%}df#jn>ZkZEE{t29ujI z^5U8<{dI3Q6@_u6+1jQAlFqGS`Mx@P1q3r`K13Lz6h|C!3`(-Z{EX)EwUq-1xiz-1|UU9pBp> z=h>UIDqUw&q3c&NwPA%&-Z)$TZM%>ACf35v4tnn-L35ySheYei~(D7cwq*L2M#*T>qVo zSJBJ&{|DsU+b0_amF{dGW#pZu1cF-&Dxji z)w3KC-nib$pDv8kpuC``LfcvxGq%{C@^tp+cZ;cjk6%4kG=8G_N;oLY6iZj5(T0F+ zlX7%kWu@hSi#kNwjnYFsz3FD|YfA-9M$(omPj>1a#QavqC_$Eimje&GU~U(SJzw6l zMTI!7_-7~eI!;#@IO$W0@=sob!?hmi#es*8{D{=ZcvWj(8Hn(3{tMr-#s7_OuobiN z+yCGj%s*|(WpHa1DDB34c<>{wF#wHWQ#P_5)Vi*eKwX^zNp3GHEGeaa!xslpvv?8n4=!W*o=4{sf0 z!t{4nqnz@Yq}K)PgumATDgiSxqVN{70M~>@FY9;1--~hpRK*>bW_Eq{KBC=j1ZuR; z5!1OVz7S$~RY?G{})s6ZN2LaRaIhF{}NSm<(6DEqU5`G_9{^Z)h=K9Xv+ zf=py}sEGzResqxBMk#T)<)=VKSLzCFn0FKp$ZZ&v@SrZ0F_lUg!HH#IdyR^ov)hYA zOWDLVm@y5@v7eyJR>uVtw#T@3iJo1&{7m-}z0Ao&9Rcg%G*gJk!$y6i5V}%@>Q&Dw z{{rKio`l(T*V~|KPL3~SY1{VF&*0S#VR0aG6&wIKo0k|2zswZ=AZ|muu@U6@y~}G^UPtPvqLL^|os3@laC&cJHOomsINWs;V{M+&B^(@wZCWNUN{;=3yoB{PT5{r8}joiye~`T!*ZKc~qBD^t@$qW}1XQ|6LPezkK~T z_KTF6Ao1`{sl#;joFpS@5r-Oj@&Co`FEcH;B1(YB0q*hh$p}ZVIttm#nv1TkVuy&t z!bS_8=yF*$Ls~J_S$b$K5?e|A*dR;*D`tkcHioCBD%v z5h~5Oa;^Q3usR>tNI}aZd-PNn7qA!BQ~VFOi@%1`L%9N0+>HWOZewcxA|d74$_ZVi z(&xHLK^}cQ|D4^C=92J0@vESj{bgtUL$^c-!Fa?}hX7iNRE2^H*0c7cIRUb-*TUWU z$s=9zSj^rnEghzN>X%TJw1R*8Wl+z_6eBS&hl7%2w#I*+ngn9a^jFs@r%^aTrh$U= zi-ffSQkX5p(frw2GJNLhJ>YbH(~2-y)jv?4vxyZ`mLvQ8J8y%kN!f$D}o09`(Llo?N`MS*^9$HvxGx# z`^j$?dY(GEfWc2!cM6y5dIoWB&+t27wjO2mD3GT_jUr1(m-e{2b#hOMr(hxVw`E-} za|a9ZUa_o_yO`86JNkB|l#yUCBxPOZ3`e_*1g-(j*nfx74E7Nr;;WDojHGa)qEv%m zYa2o;GKnX4O`#njFP;iPM_y5m9?cc!P+yHUpPnE0X#9r`6AKD4oecqVXL0$*h~NN( zgSG#U*(O*0Hl)GTK`L`!=M#?Ikp~Z~A^pCB-Y`MW)APDi4&lY}bcDcL-ZgPJ zNFV4-c%D_Am*zUkPF~hhd3P7f<+yR?)8&}mbH6@lXu;6sjf$a0!r+Y!kT-LD<6-dX^1FH( zB<-Mk4szIR<{I!~ zI`L3wG6%~OpDKpIz@e0ow>{}e@=^ww8)Re~@)7rx-kXK6AuTexIfYoGx^G4xOy5nf z(ND@^b7-5E+Fk6Aj6eArAX60iG1+}LwV1{X~4pFJvr{+Q$Yo%nG?>@nnR zJnfa2aziRQIWXlP6!(G|kPs0bIR0LO+Zf$j)PIYh!SW=k-vU2Gq?Oi<2CxmMP(`%M zpP1}~2wW*_6$w84-nda~B<6u>@8RnRQuk}P>0B%I=y98wJh``^3zSMBa)J$0l)W`4 zkGHo;z9QHfmQc(_TC>Crez}qrH9T^RxO-4a6@h|muDlUKqKZ@ z_XP8))s@k+uaba3cHH1X{_A|(R%LGdhet_fL}z4%b%hq+PIdQ$2Ru+-6!MLxlOX0N zpPwMO=VS(7wePlUPFK2}RX4Y-o&8p@u8i`T+P zucgqTg4YBh9v8d4W&z%hrr4cp7Vm~p2iEMx=AL%=s&KeMNeG-rCkve3hf61=_O&?^ zZ>#_1U)XOm;OhSRmn*Xm-w4?#R4=Ht@O)JWE=UFINdh1U$H>TtcuAAe!5wv7&0~iA zkOG=u%7~zsz4x2%W0Nxjs#+*7S?ewZ0}PcVCcN@l4pMY;EgTM!3xkdg9+F}lFP!1j z??WqfNYfgqaGWgGP5x+m?Ql3UWV|6duxvcJI@^mT@S<-%so5SHV0Oe~n)gj$Lue&z z1_ET!6mozVadImDP=smh&WQ$9v^&aP<;hc@tn11Ad9}od@o^6ljZ*M8U!Tzlp8m;5 z<-X`bXpT9)K2%}ud$!y)L$`LFX!KHAGb_hr#*E&~7_bk{DI?+I;e|6~{q%m`>H;+e zE>>`Dhx^abS)1axrVbdKE1#$=0=!{ERPx(5i(`P!`aswUQKCQ(Z7S8u^(x2~#X9+O z>M+{jA&zVo4t#5LE`qEeheO^pZ7aA>r={*N85#>)=dSfr$zoCQUf^dT`# zIBQEz-Y35iejfdtgZ7f!5-zP}6Uv29kY@$nj@}bcO+Cf}8kHW<#i)J3VMFUp_BRI_ z28x5^#x;V5f|q0mPk%?HW8x0GHd>&NR@0*0jhzOsBAYX^JPc+AaCLqae015W>}>!E z4b_WcbAmkh=oIO-b{TiZGzJ*^u%VE3TxcW+wb zsx*Yt8?zDU2zYh{_N$YTb1S#<=+uC=h5M5A1CbMR7B$j>#JbIWD-xLnyeNe=o)I@> zGnnu5^kIRRY~b+{Z_uRCN?s9sTSo&=9y!(Vmo#d4Ty?3eZaJ59er`N8VD2ZqXu)9ji1kV~tFO#qJt| zp{U^ys7q)0l>)0T6duV!W_udIs={I5M$7Ea{xfuINDEi*sau$FwaU|(8?Ze9>MdKL z#&S@|9x9J7Pb%Xt+lFKV4b?+~;;6ZKI==sj!-M0A6*al`f-^)vNHB5ZHk{ISNK8CB zV&S&+!ZGTc`Mcu9ggY5nRT*b%ITNljN^Yv&-x=FtI?XWbp(Z8xffxW9CIQh+D^G6X zc9ST~%2a_33wN~(?ZA-$XISr9RA7?P`pWVL15|=u;ZG}s8l*>iZ!^o!x*>{oq&C6X zkPd;(We@T)4(G5BM9Ny)IZi#gs-^@ow8@{ilBXThuU5%AiS@L!BeebTsCjHLx4~%f zTph;~gI5*4;l8k#HAnyiq6%ga>sDOT8LqT;&p(e33+@u6waL?xiw6@1IIo{x;;MKS z&@;_H>#L+DHr&c-8CR!{ut9S)#l#w8ib9jte6y0)`XOc(0apsgiKH+9n{Wj(aHcI! zF1OD17)!)}=CvrAq{ESRoznD8s!c|84aQW|av~qQVUE7=Wy1l4holPUd5aWw?{2AR zrcwqZIQzscg0fQ3gyEX?M9+;nKG9W!)x~67QAjI<))2BPDVyDNDmO+7A*VQX=+ikY zCSoi*Y1Aa)NfT^{ci z{}pTkBlib0PfiWc@GJBgcY9=Lb2CbuG@eaCjvid=V>DN=zl*?k&3~^&El%4I%aV*P zGU>3HHO9eWqQ-g(Lw!1ME4GBVIbyU;1^+1KGx}Ex2}Wrs*_?sXgoQ#*eRU(zVjGLw zWpJ?!`OI%L%HB$M;o4Dk>I@Y$3ex=G@af#lI0uXCaTLiwm{HR>SkkY;#@OmXY60LQ z;j`J)qb~cMzRbyNlpjz+9Km^lCMHCORTwfjvIHl+-ls5xfNWb{oa%qpfRNha8h=hW z24+e%#Kxx0Rk2xKmq|y!`^l9jyi< z!(z9%k7cYAf9-=-NbU3Q6h0FWs*9)(5$kEXAX?{s#Mj}>wuITxqd}p&~}IoLNRAcf7yIJufc1;Af_Y_ z&G#H<<<>bPW~gn$A%O3EV!rSk&Ds@k;U{wp>IW|i4bhp>HQm(9z>z+dVwaaX+`wu^E2Tt_iO0tyhlO_iZLfC&PJSrsT_&w4eXFA0@W3q?D+BpUCz8DID7C#o9N#DSs(D`L0fIlzRT!!sE;11>iJ9UmFopNGi$vj{Jf2K70XVcHoxl(*Gja80 zYelS%Hb}TniX*+U8s`Z%z0ib+&Cp6B%CH=UXFIo7&Du~Pu!d6pUj@xe_5b78}5YN59LV&Z{+8J34(OWq`tWr z>=fgT{{kdg_5K|0MnAqi#RiR+`o0EdS3VZuE z9CmJoA+D2mj;F`6o`3(#y*k_Ihc$>msF*UvCx>?>#A9)Vgl&C$g=;a; zLF&(YL@H<-{U24;C~KBHfv2nX8Nb-nXgXTk{)OY*hRXq1HaA>V1K zk68q=`8LzHZ`F62A|Yh3?hlOb|C)yTjs&%cRt3N= z4(DM$%y9+q#yj3AevT;Z&}F!UT30GBOmqeJtd08U;{K6q8g>v3mhp>_b6#O42(PlEs zk7pRrHgr*=ZEoj6T|VO(@~RC{yUS3eFbe`jzJMV>PhGB{j|&Dj@eT5jByMh+=FyUj z->x|z+c5Z`0WFi=AJ4gtnTpfrq{6@0?^&zQ27{ydmRx5HRmT%;pY@>KqRIEDfTg5!W!Kx9&Zk8=Xe9^wzI9 zE#T}x0XTV-IoxJaEGP%->#v6wIl~LsbhD~p*bPpNJ2(`U1x5Z1m*|mIcsRl@g(0w? zxsI4AK^3gQjtrS0I%M2o+Lh0QyO|<=i2=#M!52v5w3PWsj|XKU;LwTSDXm&A^SIcx zasDd>A!zYEJ_>|4$1CG%2}&DiU-PQ_{GG_!RANSr z_eZh!7gBxUCiEa~b}*qQ;KIbJG(Ehq;UPFeVQ0^L#4z_n+P$_rP(sKKG`?~4eb@8{ zxbhdx8 z2BJr7ef>D0vNvu>zg55q$pr@%DGQ2|O(ZDa#L%Kwd0_(lPz{AE zZJGbhBm3bIc|5wB2^z{IpARo8xOe1Od6EhKDpa@HMX1VXm`U2}nIuG1gni`7S|ruv zU2`Be2);`j5)IABq=02PlE7N-pPy7Fpi>Xh>`S&}R^Aqo{SBi9?u^sx!(9)6SO;$# zwW}I25z0c}@s%61NYvBgmsHCsv0ZF~#q0g;gs>#B5MW^@mNlVr2Ld4vkI?w_G#Cxl zd1d89{Y0ch6NgLY^so__)iLT4dpp?#L5Qx2T#ExG{*B(m`?@$-te2yh7Gi)LMpb*w zgM?h!1#HE%I!6Al{Sjwpq6r`vZx^G^OV0q@S+d7RNWMpT%52?!XZ*QrT`q&xkD7o|LDz>}xg^rFF6|GHaY=l*Z_bYR7I zE6rbp9DYMVem#OFUBL{m6XFdkXZC*k=BM?a-7#zjXJ($(&!$(=1U^~LXIs-K`~D|O;rp}AXRthrr?2CjYnB#0 zWui>0%`~hA#OWxda6)2EWH+)ikg&n7la^al2+H;UU*!#XylXB)q?qQ=E zUO3I#7-n$<6v0i9d)41#LqkhX+E55mMv4p@cJ=UKq3U{pfdO1Iv=dq0i_RukaRhZG zQcdGE2R5y&+lf3g4vrH-l~@Y$++QM2ZkR|NKnJ|{v3k)UIJe~CpOA19IS@BsYgq6| z#p49ldT#XCo#8%_ArL~GGT%s>KAWFSx5bFfV0~9AZ@=c{ zhmVWzTw3CiU@?&DFIn;EN89&@KARtvna5Ia#r@J3^8?0|I@l?VL*aX&H$A#AQxK3T zN$JGpuPQzFOY1NLo0qZ~Y}jlg{pHxD5~Sr%75OAXcr}u<4sCF$f~Dj88t+KvLU@8i zsmgoct+J660kkk7*0bJphh=d>VrFTo9{TKY2~{w27w%j)s$n48Y`Rh-o1h?dE@+=n(I&Wi7oMD zKCIO{Eljd(thN8AEUnMO?A?vsTKvBqcizEU*GJKZPDumsb_AHM8oYRLjQEXhrhQz` zkff27PQI(GZ@nDhG%lV*86YYXB_^JHlMRHD#Qg>JuFFQKq22_c{dRi}1aRU={>?H^ z!}+inJQGU&b?V0#eo6}eNi#Rj%Bv$nYoRT~HKgfj9A9^L3%;FgJvqPpi*beqe+i~; zedF5Ot$F3d2S$euV!{ePZ2r7d;odhml~8nR!8c^6?;4onIDLL(eG{N1IlrrK!%qhA zAG}lO-iFyNSzy$B0e6$$5W$^u)~fbLZ2WE}!JYruuNSa{>#D5xWt3v&8AOVjz8?6? zLz0u(?H#+etEasHk1>baZwHt6|1n>Rr<~aTSDu;DQ(w<;k2O7@%njFMEHx(vPXC!| z^Q+?0_2cPjGiGhvinw48YnYnOn8qW}Sy3!ha9o8y!~)l}(~>7xv^Z{#_^*?VQHK*l ze695Vw6FazjK(=>MGI?c??4Y;)!}9(4 zS$17>V6KuD1`Ayg=3pIPqS;OrJW*+rD7pJBzKfwdH3%Dw3?`c#5g@2Q!AOP!JB?98 z4_uT~`ZA3U5y1MaINYdIKxFJV+#>!yA#B%PGyR=fw<<1*{f-eq`iL45AAD^-kf*6f zW&;0|&M@~VvG3U{67uGvhp(icAS7INe#L~Guy9?QfuN6DX$n8qt@@ENI1jFmWE{Nl z;b3x{`>(M;;oI1^0kI zwK|R2S~BfLaG)i+Bk0CX8da=0wjT&yqeoby5)|=@-;r2=9W_D@&Mv$a=ipjjJ!RWC z+lS&XF#MCm4K#CdR#4rrphR7%{ zFrZPVm6v|A(P3smdP{z#eHZjTNy+eh78Hf^S;nP%J$^PcAo2e&cleb|HT+={Ih))HiRb+Tei_{L&A%Q_aVGm zJACG72SAplZQ_JRcdLU+cH?Z4>&VDCczAx|x4B}hGm=~OA52Z0_}(PCD0&aKaF&Tv zawRuvZw9~Zi?nPYj#EM^w}Yp8RZM;iFvstUD7zP%hS06g&dB5VST902i?RCp*6XGq z++UI~GIJ}hygsEWZTd^+eXcsX{mga7}wBd-;7iB{SA!>F-x_|UzM+;3|C#rKb9uCUH(vu_+ zXtwZ_=`@Fg5XcoBmac<7e<~?S_bp=_WvgOwgX8ijD#*Hj)VGVbGFv!rs`G~zCecc8 z0D`1~6VJ<9=OAvlyplC`JsRH~^RjpLZCNbKM zy?>Y1<^d}Eg!|B}ye1P=H=F!AZJ>tgO(=DUgwoUAmu7zcBj%PDo_LDNfF11j?m`vW z705~0_-qR4E6Bm|O{Eti5Jmt2B^@LN^(>zfP|;;6Xl*^f=?0_ue_CPwx_Z`wo7@z5g#W`b?s6YmfJ|dv@M0USkl|SZywxFSI*I_I6l?#x z?Cu4vh9jJIb&}k_y`sMvLb}r3`QPe-dcfRVvXTd|1u3~^q_j;=+5*UC)LX~2`;bC? zNW`ytSZaIGS8Bk&GYtZm8!2~*chhag?+_r+$H$qDZCoKI>N^ANmbY~f61SClA9O{^ zs%n$Ft)Mz&b}(@O=Ey;f+K0ETsJ>y+WR!Z=hKTy^AaNbPpZU=AHjy7v;;hgTjQfLN zP1xX8)y!glS3}1gE6GtqP3OnaxAzp9kFkb^3gzKq-qZs0ia6koV&`(#_H?#~wT=fh z?cjlm1nIlI@WwjdY7;g!-$=1kI+d0HK4j&mq}F+EwC11Bl=9tbtWaA@>Qj&BHcmMSpUfX_%0gf(Pe~@0^NP{Jlnsf2?IYZogB=<1(?7(H=R?4?f{!`dQPC+||uUIvdS& zk+PM?R&m2BVz_uCJzL{{H1DEZxE4SjxAu2lW)c6fD%>>OEE;gv1?P=@5=iDyeiyib zrmmx_FE|s*<2s)06u&9~F1l=HZ_VMM=$4rd)AA;L0kHy;wJ zPS}X4{kph;*1I9N{e9TwM~p& zVEZM#0UO(Z!`|T+GGZKf7Eg7HJYzH{^RbEOR;-)mS>x#)LhOT9ssN5mRNcEBj&aP# z9p)!s7ue*!D6jdGkzFuWdTDUr&YOOtzZR@pwwz;*$V!c5?E#`Lq(G9sWl8mS6swCl zh*zvQ4*$z1*9q1n>1|&VEy6 z4&@{CJjl|X6=JOv{O2wA^~b!BD@}JPXRadv{Ty9Asg3PDt4+?QQ^GHQhbyYrIxVKf ztDPZeoF7+15e+aKP32--P)m7#+Xy~jNKn&jGd51ZQ0Snk)C<}wHeEp9V=rGC!!{vd zlhf=rcy&U|!SiRPsKoqKFrjV^kDFU7YTy)}Tje%2V~|iKLL#iFVfi$arq+KCN~Hr{ zbF1#b%7%)`D^UrDi}=*c4k$e%KaaEGiZzMDqSRRX*pPd-${!?GT1PTeJu!ngf1+F0 zO1vRUrnl_MMKdair@U3M2Qr(wMHR6kE&%u!49Gu5=8ISJXs7PtNrjLG7y9gV9ho%0 z)V!+NDPAxeEg&av+$Tn&ja4Y#kfH;6C4Otr`ES3VD;l^=MqAbWoxm-N%v70<#u-@z zEtnNOMw``s(0dfg?{OqbWl(B87SDi_=}hg3$g-2M@60nEY3pJ#&{6PG90ZBIjD;{a z-uCxW+4lB3buK*6g^$yeWLPi(`>MG&9Q#h|YP3~`f-`@N7$<0e@cdO*N_-&GH&Hvj z7X!T+lVIw=-Da&!ts(mjeMBI6MFm>(>p4r@w;Lz-FQa3hbj~g?1U4#joC{oMRS{^v zR6VzKU=S0YjlDx+PIdHz>?H@R3#pNQ=hvXa>R?&$1m|ZwkxD_;k(>1UaTRU)#@?VdQ8CI#>3>SF>9$=@K@TlDW?@R7|s;v zAT5Ly-$Q>QhE-4R-*IxyKuSv(FCxu0?oHNm{r8qv=kJ#>;U(fOk!;kjUFOzsK^Q*T z9*Nd~*VLUP_TLUoL=b|Aq&_y2$qFkfk6G)%KE-^+!7t_d?ALuwz!d4#LJlQ98HX&e zuDM^Js&jZQLb_qx!8SU6!8nM$s-vhp;`fNi40<7Py?|i|sUCl$oL9#DA<@-{7hCdL zE!Bx4m5k^21A{{T9GUw~KYqO)EA*cR!M965wC7}9u*{UyYtwJ@}um>V(lcgC3^2zzp#$WCs zb8c8WQNB+OReSBker|dA@uWrPlSs|NuoTqa<#8KSa~e?6#yH`yzvA{5E@IzUh2x{H zbYDP4UFV%1tSY*L{iiB_#Fj6x%-fT$`ip~QaMWUJS<+Ipo8n!31$g=b*q-50=r@$>;<&kxbKMBi})% z??5nic{_O^Swaa#`toy9&?A@bk;6FazGp#>~FwZCCl zfS_0iPGRbZ_Gi!}&40ws_D}5N|HQ5>PZ1)j!V$y4tzhHP6H-J7ty+M~c~#L8Zgi(U zhUZVk`D6{~?;pa-*{>KoOl?tXLRQ4~^z9q>!LudIkjrUDYIYRwIu_=+dRcqvo@Pmw z<`1@+8MRxBp_I&&EL5=ltUPcJOpbO^^+cl6_9uZ_(qis7=_#2rWVI&ih$E~s5&vS( z@|IA3Upwcf5mo>b%hnx1#9%cpNd3GSZlNt!ifaP&ZCSUZvU2yn^(E;#@9F}k*Op+t zpgKyIeY4q5-$MhW@-|YF;^Zn*RV4?V{%qF2kKjLUreg@H=m*30Eh4|v{lQ38kW17H zwKfT^!Y0Tz+Mtq`my^T}Oyw3NTZE}XEvo#MD$U}&`W=FJMH=zo-Z|n~HA3aS>D9Su z_@^mwc|JT3RYkp{7#07X&BlV4sx*ohLDH&A`>O3P9{&^BG+$M`=e=LJC9XmmMXj4( zP@aOxhJubr2Yo~S1MT?C#5o!C>#K1{j1sfUic99x0v}wTr_C^N!F)#?_B-DX_e%XX zmgD0BOG)O{=Z0*}H=u9B*{*yh}Ne@r`mPKsW7e`R?rIun(ZGrVDiD-G?V z+Sd|JSabLr#UHdcZT1wSF|V%YE9kSY@-K*1Xm3xhXYcpiL+o!A^wF=K z5>T_%;L56WehYXP*aIWA?4;N_j!2 zPMb=s(HWZ`9bRklzZSP-VtP6vMoIPS+MD5LxKXjg`8b44xjR zOY+_+*RT6zu`0qcy48}C?Nbh4ZPmTPRol(7Tt0kCw->yR)1FJ1)_kY9+itxCUVgjHHyuny4v;Mg zP+am66cfBtQJ{RpyNZno17QfAMoHo9!v{)TsE+wPzeCZ|xMV6R* zZlv)mXS=RhHREIK`>3T*_Pm|7FfApomLxb%0^hY$JJdc3I@>R@nB$dk~@w_pywV7W)#Ki90QJ1Vw$KeS}H_V)y+y5C!> z`%>3eif^c{ZZ1Z-N|RBi6MO2Dqdzp7&EIB~)V^;Byooy@8oBm9bQ&Nk-saX;b4IcF z0iF3bJ}%@pHaqV&+$)LWRUyXtqvoUR&*bir-qMnoBcJelAS6I7)QrddAyaU*W294Dapt~{v=y;( z>|m*8zqMq$)+A_)jS0RLqt&IW&cs$m2NZ24(Jb0J3!Xd;SLiD7{Kkc(2NrD-=?i5xPPmyC_wfl8IY(nDDivv>^PmDLFKrlFQgT4}(e8jB9}4_9HqhqE zBlg`1PF9KacRm)k#-`{>o1u)50A=I183A4A@q9?r99{ZohaAsnsc}V88B-wX zn~bl}&tTKZI5emf>A~Si3POV03d7*qu}PP>RYAIxaa1GCi5{ixv1k;^MIe&^Nj2Cr zm=J6<+4yMsIugn~h;@|qSQFfxeV}_rK%|Z_>`4eVMY>FxECWf2ldPSEm4vS73t<=w zS`v3tdHf>IOl`=ngrSuL4Dx6CPwHa0&g2*kJ-iO&!>JhU@`yLroa3x{`RRQ=-wn~c zI>S?)c*Nj|*~6ubA`z{=%9vx`>eGcp%{Zy7rV9(k%Z!4{=GzVx9Kc?a2?GOg*!eZZ zN$8TPF3F4qnDYzh-AU$jddtT(~!3-c!u^lpKjh=?rBJ%wPQ8wNNe#V_+Prn~g77ASvcb0m4 zOjyT=FdE%f{?3YmZz(vsSNOdPuL&jYW&Xp-2xTlf zQTcAbW+g&3)Gd)bKC4n8WutO@CR!*>IvpZaJ>nm>NS-R9!er+e0SSP;v;ZrbT0seB z$RUH3grX5#;(rB~3264cF(yT<17kBBb0)JKSE|Nouc3z+FC(s%jaMhEZK6&&)^$Nu zEasDJOi*eoxXz&ttWpJz5=)&7_5-U`$YE?-!y@);Ypj!)TBcIO)H2PmMr~#z&MwxG zS7AP0<~Y09C{2#}6jW}UK%|M#e?C+@MTYq#t0L5O#*{KJD`%W*1J9pKQ3OLB5aMu; zkx`z=pw!fsSbWxJb~v3dV&(pN> zly`7VPN^kWsB7m`hI>GlGmravm+K7I$$`SO+=h*b{TFqk(>%2cZSlTNF9&F{r_i3hvZ%7V(XYm&Qt% z6TM;~hx_qL7Y6FUYn9;&(re@JZIRb>0%EBR^7Dijqbsemr6o(OY;$)%(pK!Je*5=b+HD4f^)%a#1c*F2b zeIRlgOHhcUv91f5fA9$y5)%opNrK}DCM4jUM$R~n;3%m4hZ00VK?hI3D5b{L6O}Xt z?j)k39s^UOR?lPE4D~E9`^U^k9Kn$elM{TXU%(L@z4ig?E$E2-Ek+%17a9wd@ZT|F zk{;jl6_So1m_rCj*gjOk3hbkWmW6?ySQst>)J|bkhHt40e=AOOMucS8uM5(2j*+M% z{)G2vN627TVLJ9{ZASA~(B_vwHr%cj=N+DuNq0rjN zF@g0)h{ioea&$aHjV5O!z7I*c()gAwc`2r687~o4;G3W1DV1XhB6Tg$s|Yc;+f9)d zxHC#o^N4j_J(zG}KZ#my><5WkTydo&HO^v$Wc%*$au0Ry-mYiEbGPBW#{O$~7;(1V zuL$M(rmf4f_rrs@%VEY%`_Y$q1OXd=XrA?KQFq%|EywTG`?9?~(ml**;pn1T{`^R5 zc-&L9|7@Gxc8}h-<#zwzVVc5~I;^ZW{V(-;8t-;D*VC#^**-jhcALeopW0DRNA=v# z`nzg9J{m)q_Bt-{SMzdB#lw|6}so)`3g^lMSJ zAIBdzx8i__5fgiC{87$_ozd*W$8k(dV^8MEX-po+)HJ4!V|p6X$1yXFnPKeiVOzDU zdh_w>{PA-bUpA{%b6+ifJmOyr?UgV-WBS&2O^4a5@}b%F&*l!;FnRl&!tgkbmXD@- zws>^$7qScwx#l&w&;&9Ro(U1)wXQQzG)}yA0x)qY|+erqDZ2zaoj4c za&|bWxgMW@_2WAfvion<(wAMeIAGIKyUvJl@9#yhnNaW}4&`e9*1kl5E9D0#>$4+ufFYukX_hNdgM1MAKT>k{$xN zt*$V53hRoC)K7HktLqBk6v2@Rpl(dN!dDO*EK76QE7OxOX%%_IT znIFa7=lY(UeCs+Zc%Dzbcl%F5bG-Kd7&mps`1<97d`l(tl5xiR+0jYw2d-{4SB3TUwt4&h{7~NTLT+%fTtpgtwgaRc@ z*pOq4ZcS;BN9aVDVcKA(wZ0P(Lw}&QZIy&OD_=S=k=>O`R@*3atvcYVkH}9E+ld1NKEGykMC{r6 z28rcz&gh8Q_9(oN5u3=X#d2}OXvVNl&S@n@#0K-PN_rb?8;gg*b&(Vp%}W^GWDoMi zt9ariqj|`Gz9@qps(Hoe2+^Mx2QS<)@ash~IfZO5g@!G*fww{jVDvY^?m?sx?}SPg z`?&5wM(c~9e&Uelr1&lZq~>i%FT4^alCf+I2CQ9(p4TdB)Slu2=4Cln3tkNc2rdhU zVDNzW(%o=Ecxdr%@gHWZ-0a|Cw3^w;ot@A4Lv?FZJ0}dbm`(^g{3ATN+TNuVdF$aN znT`Hg#pB)yndWm-u9o={WI47+78;!DG?j^9_jm`d(+T*mIY4u+`8$!;>S=toyjsml z{DwU`bGQoAd*Z(UlL5#Sx5_60$^;4!cBpUmw*UZtW|y8U0Z#!ym+mY9F9eZ(D$$oA zEddq*+m|>k0VNwxTWP%D0ssJZ3;+NT0000000000000000PdG~Edf3P{l}NMEde|M z)R*-w0X+ekmoqK_Jpt^OaV`Np0qB>nE&(Vcs5Gq4tqK4D-zxwB5dZ)H0000000000 z008g$004Jya%3-amq9QA8xGw=e0W6pJF9AFQ zXB`2Tu^j;wmrO7LDgg+WcQ64Z1>_jRkdK$4FaZ?-v6r_n0VD+q1 Date: Mon, 18 May 2026 11:00:57 +1000 Subject: [PATCH 5/7] feat: update report service and template with dynamic findings and evidence extracts [26T1-DOC-RR-001] --- security/reports/report_service.py | 312 ++++++++++++++++++++++---- security/results/report_template.docx | Bin 78252 -> 75935 bytes 2 files changed, 270 insertions(+), 42 deletions(-) diff --git a/security/reports/report_service.py b/security/reports/report_service.py index bd820d78d..870bc8e79 100644 --- a/security/reports/report_service.py +++ b/security/reports/report_service.py @@ -436,8 +436,7 @@ def _single_control_mapping(ctrl: Mapping[str, Any]) -> Dict[str, str]: "Evidence_Explanation": _pick(n, "evidence explanation", "evidence_explanation"), "Impact": _pick(n, "impact"), "Root_Cause": _pick(n, "root cause", "root_cause"), - "Remediation": _pick(n, "remediation"), - "Recommendations": _pick(n, "recommendations", "recommendation"), + "Remediation": _pick(n, "remediation", "recommendations", "recommendation"), "Owner": _pick(n, "owner"), "Target_Date": _pick(n, "target date", "target_date"), "Remediation_Status": _pick(n, "remediation status", "remediation_status", "status"), @@ -451,11 +450,21 @@ def _single_control_mapping(ctrl: Mapping[str, Any]) -> Dict[str, str]: def _bucket_fails_by_severity(controls: list) -> Dict[str, Optional[dict]]: """ - Pick the first FAIL at each severity level. The template has one finding - block per level, so only the first match matters. + Pick the first FAIL at each severity level. Used by legacy callers; + internally _group_fails_by_severity is preferred for multi-finding support. """ - order = ["Critical", "High", "Medium", "Low"] - buckets: Dict[str, Optional[dict]] = {s: None for s in order} + grouped = _group_fails_by_severity(controls) + return {sev: (lst[0] if lst else None) for sev, lst in grouped.items()} + + +def _group_fails_by_severity(controls: list) -> Dict[str, list]: + """ + Group ALL failing controls by severity level, preserving order. + Returns a dict with keys Critical/High/Medium/Low, each mapping to a + list of dicts (may be empty if no fails at that level). + """ + order: list = ["Critical", "High", "Medium", "Low"] + buckets: Dict[str, list] = {s: [] for s in order} for ctrl in controls: n = _normalize_keys(ctrl) pf = _pick(n, "pass fail", "pass/fail", "passfail").upper() @@ -464,8 +473,8 @@ def _bucket_fails_by_severity(controls: list) -> Dict[str, Optional[dict]]: if "non" in status or "partial" in status: pf = "FAIL" sv = _pick(n, "risk rating", "risk_rating", "severity") - if pf == "FAIL" and sv in buckets and buckets[sv] is None: - buckets[sv] = dict(ctrl) + if pf == "FAIL" and sv in buckets: + buckets[sv].append(dict(ctrl)) return buckets @@ -528,63 +537,162 @@ def _find_evidence_table(doc: Document) -> Optional[Any]: } -def _substitute_finding_blocks( - doc: Document, - severity_controls: Dict[str, Optional[dict]], -) -> None: - """ - Substitute tokens in each severity block (6.1-6.4), scoped tightly so - one block's data never leaks into another. - - The TOC contains the same '6.1', '6.2' etc. strings and appears before - the actual headings in the document body. We skip TOC entries by - requiring both the section number and the severity keyword in the same - element. - - Section 7 is the hard stop — nothing past it gets touched here. - """ - body = doc.element.body - children = list(body) - order = ["Critical", "High", "Medium", "Low"] - - anchors: Dict[str, int] = {} +def _find_block_anchors(children: list, order: list) -> tuple: + """Scan children to locate severity block start indices and section-7 stop.""" + anchors: Dict[str, int] = {} section7_idx: Optional[int] = None - for idx, child in enumerate(children): text = "".join(t.text for t in child.iter() if t.tag == _W_T and t.text) - if (section7_idx is None and re.match(r"\s*7[\.\s]", text) and "\u2026" not in text and "..." not in text and len(text) < 80): section7_idx = idx - for sev, sentinel in _BLOCK_SENTINELS.items(): if sev not in anchors: has_num = bool(re.search(r"(? tuple: + """Return (start, end) indices for a severity block.""" + start = anchors[sev] + end = hard_stop + sev_idx = order.index(sev) + for ns in order[sev_idx + 1:]: + if ns in anchors and anchors[ns] < end: + end = anchors[ns] + return start, end + + +def _renumber_finding_headings(doc: Document) -> None: + """ + After all blocks are inserted, walk section 6 heading paragraphs and + renumber them sequentially: 6.1, 6.2, 6.3, ... + + A heading is identified by matching '6.N {anything} - (Severity)'. + """ + body = doc.element.body + counter = 0 + for child in body: + if child.tag != _W_P: continue + text = "".join(t.text for t in child.iter() if t.tag == _W_T and t.text) + # Match heading pattern like "6.1 SomeName - (Critical)" + m = re.match(r"^6\.\d+\s+.+\s+-\s+\((Critical|High|Medium|Low)\)\s*$", text) + if not m: + continue + counter += 1 + new_num = f"6.{counter}" + # Rewrite the number in-place across all nodes in this paragraph. + # The number "6.X" always appears in the first run. + for t_node in child.iter(): + if t_node.tag == _W_T and t_node.text: + replaced = re.sub(r"^6\.\d+", new_num, t_node.text) + if replaced != t_node.text: + t_node.text = replaced + break # Only the first occurrence per paragraph + + +def _substitute_finding_blocks( + doc: Document, + severity_controls: Dict[str, Optional[dict]], + grouped_controls: Optional[Dict[str, list]] = None, +) -> None: + """ + Substitute tokens in each severity block (6.1-6.4), scoped tightly so + one block's data never leaks into another. + + When *grouped_controls* is supplied (all fails per severity), controls + beyond the first are handled by cloning the unfilled template block and + inserting filled duplicates immediately after the original. All heading + section numbers (6.1, 6.2, ...) are then renumbered sequentially. - start = anchors[sev] - end = hard_stop - for ns in order[i + 1:]: - if ns in anchors and anchors[ns] < end: - end = anchors[ns] + The TOC contains the same '6.1', '6.2' etc. strings and appears before + the actual headings in the document body. We skip TOC entries by + requiring both the section number and the severity keyword in the same + element. - ctrl_map = _sanitise_mapping(_single_control_mapping(ctrl)) + Section 7 is the hard stop — nothing past it gets touched here. + """ + import copy + + body = doc.element.body + order = ["Critical", "High", "Medium", "Low"] + + # Build per-severity control lists. + if grouped_controls is not None: + sev_lists: Dict[str, list] = grouped_controls + else: + sev_lists = { + sev: ([ctrl] if ctrl else []) + for sev, ctrl in (severity_controls or {}).items() + } + + # --- Pass 1: snapshot all unfilled template blocks before any substitution. + children = list(body) + anchors, hard_stop = _find_block_anchors(children, order) + + unfilled: Dict[str, list] = {} + for sev in order: + if sev in anchors: + start, end = _block_slice(anchors, hard_stop, sev, order) + unfilled[sev] = [copy.deepcopy(el) for el in children[start:end]] + + # --- Pass 2: fill the first block for each severity in-place. + for sev in order: + ctrls = sev_lists.get(sev, []) + if not ctrls or sev not in anchors: + continue + start, end = _block_slice(anchors, hard_stop, sev, order) + ctrl_map = _sanitise_mapping(_single_control_mapping(ctrls[0])) _expand_placeholder_variants(ctrl_map) for child in children[start:end]: _sub_mapping_in_element(child, ctrl_map) + # --- Pass 3: for extra controls (beyond first), clone unfilled snapshot, + # fill, and insert after the (already filled) original block. + # Process severities in REVERSE order so insertions into a later + # severity don't shift the anchors of earlier (higher) severities. + for sev in reversed(order): + ctrls = sev_lists.get(sev, []) + if len(ctrls) <= 1 or sev not in anchors or sev not in unfilled: + continue + + # Re-read children after any previous insertions. + children = list(body) + anchors, hard_stop = _find_block_anchors(children, order) + if sev not in anchors: + continue + _, end = _block_slice(anchors, hard_stop, sev, order) + + # Insert each extra control's block in forward order, each time + # appending after the last inserted block. + # We track the last element inserted so far; new blocks go after it. + # Start: the last element of the original (first-control) block. + start, _ = _block_slice(anchors, hard_stop, sev, order) + last_inserted = children[end - 1] # last element of the filled block + + snapshot = unfilled[sev] + for extra_ctrl in ctrls[1:]: + clones = [copy.deepcopy(el) for el in snapshot] + extra_map = _sanitise_mapping(_single_control_mapping(extra_ctrl)) + _expand_placeholder_variants(extra_map) + for clone in clones: + _sub_mapping_in_element(clone, extra_map) + # Insert clones in document order immediately after last_inserted. + for clone in clones: + last_inserted.addnext(clone) + last_inserted = clone + + # --- Pass 4: renumber all 6.x headings sequentially. + _renumber_finding_headings(doc) + def _substitute_remediation_rows(doc: Document, rows: list, rem_table) -> None: """Fill the remediation plan table row by row (up to 8 rows).""" @@ -794,6 +902,124 @@ def _insert_image_at_marker( } +def _inject_evidence_extracts(doc: Document, controls: list) -> None: + """ + For each finding table in section 6, inject a styled evidence extract + paragraph immediately after the table. + + The paragraph shows: + Evidence file: + + + Matching is done by order: finding tables appear in document order, + and failing controls are iterated in the same order they were placed + (Critical → High → Medium → Low, multiple per severity in insertion order). + Only controls with a non-empty Extract are injected. + """ + # Build ordered list of failing controls that have extract data. + order_sev = ["Critical", "High", "Medium", "Low"] + + def _sev_key(ctrl): + sv = _normalize_keys(ctrl).get("risk rating", "") or _normalize_keys(ctrl).get("severity", "") + return order_sev.index(sv) if sv in order_sev else 99 + + def _is_fail(ctrl): + n = _normalize_keys(ctrl) + pf = _pick(n, "pass fail", "pass/fail", "passfail").upper() + if not pf: + status = _pick(n, "compliance status", "compliance_status").lower() + if "non" in status or "partial" in status: + return True + return False + return pf == "FAIL" + + failing = sorted([c for c in controls if _is_fail(c)], key=_sev_key) + + # Identify finding tables in document order. + finding_tables = [] + for table in doc.tables: + left_labels = {row.cells[0].text.strip() for row in table.rows if row.cells} + if len(left_labels & _FINDING_ROW_LABELS) >= 4: + finding_tables.append(table) + + body = doc.element.body + + for table, ctrl in zip(finding_tables, failing): + n = _normalize_keys(ctrl) + extract = _pick(n, "extract", "evidence extract").strip() + filename = _pick(n, "file name", "file_name", "filename").strip() + + if not extract and not filename: + continue + + # Build the paragraph XML inline. + # Style: 9pt Times New Roman, grey label + monospace-ish extract body. + label_line = f"Evidence file: {filename}" if filename else "" + body_line = extract + + ns_w = "http://schemas.openxmlformats.org/wordprocessingml/2006/main" + ns_w14 = "http://schemas.microsoft.com/office/word/2010/wordml" + + def _make_run(text: str, bold: bool = False, colour: str = "595959") -> "lxml.etree._Element": + r = OxmlElement("w:r") + rPr = OxmlElement("w:rPr") + fonts = OxmlElement("w:rFonts") + fonts.set(qn("w:ascii"), "Courier New") + fonts.set(qn("w:hAnsi"), "Courier New") + fonts.set(qn("w:cs"), "Courier New") + rPr.append(fonts) + if bold: + rPr.append(OxmlElement("w:b")) + col = OxmlElement("w:color") + col.set(qn("w:val"), colour) + rPr.append(col) + sz = OxmlElement("w:sz") + sz.set(qn("w:val"), "18") # 9pt + rPr.append(sz) + szCs = OxmlElement("w:szCs") + szCs.set(qn("w:val"), "18") + rPr.append(szCs) + r.append(rPr) + t = OxmlElement("w:t") + t.set("{http://www.w3.org/XML/1998/namespace}space", "preserve") + t.text = _sanitise(text) + r.append(t) + return r + + def _make_para(*runs) -> "lxml.etree._Element": + p = OxmlElement("w:p") + pPr = OxmlElement("w:pPr") + spacing = OxmlElement("w:spacing") + spacing.set(qn("w:before"), "40") + spacing.set(qn("w:after"), "40") + spacing.set(qn("w:line"), "240") + spacing.set(qn("w:lineRule"), "auto") + pPr.append(spacing) + ind = OxmlElement("w:ind") + ind.set(qn("w:left"), "360") + pPr.append(ind) + shd = OxmlElement("w:shd") + shd.set(qn("w:val"), "clear") + shd.set(qn("w:color"), "auto") + shd.set(qn("w:fill"), "F2F2F2") + pPr.append(shd) + p.append(pPr) + for run in runs: + p.append(run) + return p + + paras = [] + if label_line: + paras.append(_make_para(_make_run(label_line, bold=True, colour="404040"))) + if body_line: + paras.append(_make_para(_make_run(body_line, colour="595959"))) + + # Insert paragraphs immediately after the table element. + tbl_el = table._tbl + for para in reversed(paras): + tbl_el.addnext(para) + + def _fix_finding_table_widths(doc: Document) -> None: for table in doc.tables: left_labels = {row.cells[0].text.strip() for row in table.rows if row.cells} @@ -928,6 +1154,7 @@ def _render_report_doc( _expand_placeholder_variants(global_mapping) severity_controls = _bucket_fails_by_severity(data.get("controls", [])) + grouped_controls = _group_fails_by_severity(data.get("controls", [])) remediation_rows = data.get("remediation_plan", [])[:8] all_controls = data.get("controls", []) @@ -937,12 +1164,13 @@ def _render_report_doc( app_b_table = _find_appendix_b_table(doc) ev_table = _find_evidence_table(doc) - _substitute_finding_blocks(doc, severity_controls) + _substitute_finding_blocks(doc, severity_controls, grouped_controls=grouped_controls) _substitute_remediation_rows(doc, remediation_rows, rem_table) _substitute_appendix_b(doc, all_controls, app_b_table) _substitute_evidence_table(doc, data.get("evidence_register", [])[:10], ev_table) _substitute_global(doc, global_mapping) _remove_markers(doc) + _inject_evidence_extracts(doc, all_controls) _fix_finding_table_widths(doc) return doc, global_mapping diff --git a/security/results/report_template.docx b/security/results/report_template.docx index 0bd056cdb1e022e242a5ef6843926560265b5045..b8e0d2e8593113c079e9ade7213c78488cacecd1 100644 GIT binary patch delta 61234 zcmXuKV|1WR(*_u8V%xTD+n(5(*t%oewr$(S#C9_A#F=oP_uJjm^{cCY)G1%x)ip;D z`HK(@G|<4;X;qqXJqXCL85{@-2ndLWgR>cvnS-g@FLQfWM$cb%SAOTt7hUaVFLf6l zj@L>%shfCmP3C+rz#Kz7#1MZ-LS3C26g)RJo*monMU{W}f2-l0T&sx$G@Lxa%aYHM zXrQTup6RoNQsMjUvFI?|lvFZ}jJ&HekPYxpA{!Pc$2Lr}i-jQF#6=Kkic7 z?_X21Ki>cSx%a)*k9j6g&xiNZegYZQ-mx#k_4|zlet6Q063sPybsgS6_PXvC(m?2A z!%O@gh)VT{7bLk65BcPXX{ z6dE@v;}~x$HDp%PdP|;)_R_=8C)3mJGa&n3=yqzUDu4Wh%g}>@{;Xp>Xr5eH3VH|n^$@ptA{Rt#*=Ezt+*>J>88zR=~v<2_e4ay}+dF8?L$V!)JJD z;@1|n*mPDQ4|{O8BAVJ25e-ZmdM7~?%K(1857j)i!XsIF%+kG+$*lBlwC?jf6w6 zrak6SVIfZ~$wLcn)_T8$_EL)FGCN|dJX{jj*hhEGuh8*xISqM?8#Glc0bGmuQVHNx z7-$7Q;V3QAdsrrq*Hdm2Os!$PRk9b?I4uib$i$l8oM89|AN%BSj$KSqQl825-hqwPz2pg2p2kY%c1C(1W_X%?kW-3?P9phn z+)exVbubl4THhLjk0m{?X6Cc1G_hUS47C}23^B(KO91A`N%V7aFRSMoZrH!{cp99|$$VW=5sTY?TTVBB>|yvz@RHY$V|N8a*Yri6&x1TV zi>XjmT(unS0JKq$iUzb@0gkzTbNLy>w`5x0AeFsnCj$AdFoh0n=HLd=H|-SZ5J_nY zseI{#et*wwLm_NZp4IT**8X6O&gn2{`BB+Mylj3&rMWqB;<)Fq>Mo&+kmu+L?iD+H zxjTF}b~WCO@MNvg{=Yv8n?E0fJwBstsfjEZ|P=FA9WPdi?{2^ z3>|K``;mCDhvkiSnO|n$tW}3{yO+9wc?0gjr5Ozw0ZsQCv;Vi!_(k}c&;gS*s(rGkgYy?!fFZw( zuChTc+WEa)N&4^~iuu65KN72-l#1kQPyXcw0iW%i1a>9_XNyYV{8WGaRn@;^Y@7+j z_!LW907d#B7A}6v;+9v?$dL+ejej9XntDeST}bweSwyslQmuk|Wk;bTcdUWB4$cHm=Eq4DEq=|lw}mj{RF|kA9((U-+9^T%X~Orr z7S`P1Y1cAc$8bY({aTfR2pw(Ip!C%*kHz`cdj)#+lfdAubh})Q-sl=u8+xW6TpJX7 z6NqQ+zBm>e-nAO{t2iRAmcNU-@o`4&0PBGA=8Kj9Th?JHU%V|rAtVYZ@PDC2CzvND zU-u@?2lBr3`p-UC?bYUfS6fg1K7Ok;-LH;+iClk;jN42aI4#j{u1DMROvO`-&+y4R$WD9K!-jB^j}r30dwXD z?z_JtQB5vp?;pJn>bz!&Izkhx^ONkA=xO=?*W zqg%akO!4JLANK5@5|p{95XMH00j`Z{(Zd^=oDNzxpO-bA+MDeN?^kKFb5vM?t8L>F z&7*Bv4Y$LjS}IX>d)Dr(8j&unpEC_s!Pc>ph9^eKh)!%me{y%$Hw*TdB336HW4tZ> zN4*KlJ(dr6yN};g+g2}yzlyM1!queo&Ai5$bo?B*x*W2*=09dK(LwIiD z8k>k&S6b5+?H0K!)QDij@#$XLPL2Zyw!p#xC|mVV+)GZ`H;k^)yyf;P+dXhjHT%f` zwlPbMMTj!bvKh-vgEFnF0pINWjnp~jY@ATWwOosAoN1}#8{a~~F)d0h4a}qJ-7DU% z8(j34$FW%nfBk@2jquu8V2dvAvPE-HV=+TyXv>RZsgB<6>PH#p`9e>x}G)AA~75I9HTE}b`NrSSn6JpJ7Y zEv@#o8i4YViFufjpq&-lec7h+M6dodHE8)}KK;jWeC(Yxqe6}-pvb`KID4UQ;PV-H z&~bz}gi@E8$dqlYbGebOL58m7RzInip_7t7BW20ZPGQ(Oz0xH#{`uCDKFJr|U|CnE z!PV20a;MO@sAE3tRCzSllq;&m+)?GmQj74q&^O_^+n`}WX>o&joZUHy%{W(eVqI>a zl}bT<_G1OF8NxXZ7@aW7rRttR&O0B)Hx%>t=RmUGGRUZ%fhx6Q&fP_PXy9Q5oHFnRMj?Xl#f@w;ZRcsE zXU8N&W|p-A2G)Mb!~GiVppCRh%$%gyps77;{-IqtWZpQ*+sa9w6RHQz#6e)FQJrh9 z94_)R`^*8RY-Oy4_3R{!QGYvSi))F84x=}#H7SHYxD%19{@hX;QSwls&}xRu^H7EA^msUpBDl?WA>)E+ctAEA*)Da?K&*iNTP?<;1Jh zhqGSK19vSrXW7ca0a9DPRVH6m_>OZ~f^)=pt5di7>AYl(pewq7nbyL-g|~iQ*mhGd zCLBCn$Fo4opi34pycN!a@|ef846itF1#S7cwakSOu*nT|-?B3gw5iJVZS=lmqWx6G zJdPf97Fxqx#U7l#$G5~D2V}#n!L_H9Iv{%wE8wfQJz6(=p#QDRy7^d`i!4mYz%3z1 z|6uSCsMpfOqVroff8Yw7OBEizQYbsoTg}m*7`3Qq6V1(b9oL2_-3qH_ba-O~+y&0~ z9`u+1pD|4msx_Qp2HMMMJug<9E?EYH`VV_3%xsLQX<14#rW6~$!fN?KS}yZW zhU%2&D#mbwM7&v^O=_`D+G+2Rk8mKIogb~zQ;cR}MUR@OF!uRNJ+XxD^X8TIPu&QB zgZ2p$9zl>c@IJzQFFI9miFw8q`;k*=Ub;1I>w#_Q1BABqQA})`Q7n_dwOFe0^pnTf zSsdwwRMga-*Pj&NlroQKkow!Kxm1v?I7JZ5e=tGlJOgUr+b@!_A4 z5Wh_x^539e6hV8vv9*g;+B>9=Ij;anLmqOmfyR6Pzo~5OD$44{Os}-gK_f-Q!S(MO z#rxF(kgyUW^;i&w4&7VYq#U*k-)Le@AAum2Ice~dgciKN3#uX#Bq2RA=9&_ciwgHr z&Tj`?hn(XIcv)r!OchQ+RG%{#T_Q9_iZlBT{(6|bX%YHzm!?HO{B^*UOR@w6_)040 zBP6J;BCvG)i0DCVl1hfUQA%Ox-)q0Af+3@jvPl%*WsSW0($EP;e=X;UWLREkdYo<@ zM5*-NjWk+|M^x&d%?rWFRRxOF$a{=)6&A|&Bvh@hnVh3w{D5^hw%Y#{eh!vIp)>e` zugLe;^a`GD?$maPf>$v&%%UAg{k6aYs^^rriUWd9 z`aJ68E%(4EH~1j=^NpTLD&@^}zeF-zv`93rv$LzeQqr`L@1-491#_)iS)PlquT)Fx zPJ=(B`P={T*PnUNf0XQpo1%y#!Hw^e_&v=6?y_NDcLSTC)x@GIzpXj|f25l1euh9v zb$_;U693Jz3xEEq2J>9c7w0W_SLP63`+80WjNZ-RFqp8GLKAV`v~wxtD1zh)5wgCe zI|u!eZwd52Aekr>s#0eAK5XqCib&m6@hg8oYgsDk)f*jI*%A~4>Q@I9?;wdVzrc}Y z`LM6}mXv_`w5qCx=1xR>JzNx5CG+SQz)rvBIt<93uD=OMtxJFfK~YUkLRs>NEoxMC zc;M*Pg6kx>j7Jns=g`t&lOUZM=sd@i{m)Z=80-7Q0S|Ii1(#m`MsVxj&3D51ks z7B7mqitHqCw0YO}86yYeQ($RmNV=%#*3hz-B!yp4GaeCT_qCc-&7Ru@H=qtiT4#lyrz04mV zKQU@5!I*|dsv7`O)`+_G{L(zy==o8(=CM1Qw zdX=zXvq8(dl$rU;Z{=fzB@ zBVk~v%ArkAgH|b^BrzysowhV4} zT0@PDz^f#k+20e|q{k)u8k$AgG5=AG&9Je6gd;yY(&>&q^lQJF{R#mhW&b&ik6fM&Hkui%i3vVD4L)BF#${A&{#~xaw=q%$E z$cWLxX{{p>m$3-z9DTfxXoL8Sf#{umM|kk;`Y_4ys0GMfiGT6-C% zk2G25IYS+7^%-gzFi-;ayTZAlyhPXek2PM!6#)G>EXs3V5g$D90RM7w@qLL=;&9q(dfRH{ti-knfGDxqqqS3u+HBb8!(d%=8lO| z-_ERk2{RZE3){^LCI`1+cZD+;nRzGWBmjbOF*p$(U1Ts4#FO@1=?M)2f?P~N-r-%+ zA1s_59-&L%@#e=p|3DYYEU(PTcexzcETZV%&5R&9)F@m~q0u?cNcr4Qdd>gB@oMO# z;-3#Kla02FJkCHuy6dlUuWu_z(SAgPvc{w_r<$~ky;vPYt8OXYp4eAkZsdO$0Q3@K zGutG0UbwR4BKJ7rQ33fw6lGbAPmWW7E3wEh>>iqR(+H?J@XBevZBURK!A+qV+8u!w zSl4v*B^#RJh%iX1kXY{!i#*Y(jN@wc1|aY8t~BqT-*t{jvss$-i?aV3#tkEzW& z&gp%lpWx^ZamO4iY;9BkDK2*-kbE2&GYt3pM&}!k&HfIQ^8DtZf3H#+n;7IpQ39-< z4+9odCa6jLuG5DWRWo8w{L1#t-ocv|RjO;U-@u9XH?d%nWqAiVh%o$fd4!-3F)E$i zJePMjcp^7pr1k)QI$=Z$c;+~g_-2cUH?ivf(QgkyWY}hU_JYS#Xn+*FR+-xB(bZ|ul3vYLMY8Qbe)7}P zLyH_-w6$?Q$(8}S)zFk`mi3Hf-pXpS2f})fSqTJxHoZ4%Eun4Om}~XJl+U?SRiNQ6 z%lKV%pidd6RNeUvEunnT1|^UXHnPSnS83UFc^?Y2teLLiwMp4-wS?zj1;~V4FneX* zb!TFtCER^A9rV<37piJ&HGcl7#0ni9VdvMLuN6tdLjVVeNa8CQM+#kxAsG!AWUFcH z(zQ_e^cTroCApq<&2&3dhYmRS81%_*pY1f+>Kmb%e)1cSK9+UUch|0p_U5?vj3O-6 z>fW0VUVB6~v!`4=n>kxE1&6Kc5F542Ub!*{l!y#J9~K!JW)Ii+Z(Y4;O>xIhS09@A zX~2fyZKMJCM4TDbkh;2b#B(XCam_!u=&LP$8ciX}2fFHX|JZbfsiQo!d2cI+F53+P^(|r4v5$@|>xxb9(+PrzxKDr-ht*F?h}r`C zhhg7(o@|YD{2o0U3_bJtI>uo-Qpo$jOv^5vw%b!+HCUzoq|>CI%f#HQy4r>!8wb6$ zkb%?T!{1gP{zq12N=lMocTM6K7t#CmVu!EFVzi%u&EGKz!wa@!g!}|!-S3NNFWv=VyFM z$9g&eZ8viI-JxlC5&d%ue;N&}4Y*(|_ih{g#&+x}Tg5Eim1wt>9y^5fLxyzy2vMh9 zoaRuLoB@eR22S1LwpgYpG$q7v+gXXFE!E2z2lo~O60?Z2HPxI-xkuk!f*tqPEsYI4 zVe}YpI=woto9nAKq0C)egp;DRZr<$Y=`UB{@TIiU$)Zu!ZHL}-#pB4Z>=yD&=V`%c$l*(SMry#~nfw ze`!*R($h_=t4)Y?8rhuq9>f?pYIq|nCw}?9T87{z9$YCzTh@!j-dfbJ&bayc$R^YQ zluAEowbqR#ZI+@b1%Ao+d2asBDRbaJ7t>HbD{@U(uc>HthQe67hZKpakx1Qp&tAmZ zlr=v!peL#$0Q1wz)Hv6OT^03F=EG10Q4Nwu^$kf3LtPUthbD_`ab)?8aC}?epTWh8 z9mx$E5F12>7jD-YxvT6!^ZetmV}A=D$Ssi;2D@T8`pz1we*3hUJ~R1W-@9H-4yrMr zG-`nI^|5|w--AXF;W1{t7oERCrbPr{R!a#d-en zH)JSYfcjMfUknLayVN%Fi^zjim^FD?F&PJvBp!17!dJw_Ww>=8*`bhw{9%hfPHjZ1 zUJ!4!773X89fJ#cD%|&K&rJ-#C}LTW@Yq{SX>d_gbiWv>%hv%a9z&P0m(S}*YR?_I zQ?So9JZnjI*jIb2xyFp;j*Ob?)gZFxd;YAYmyW=VAD={?L}9&T`J4=CU(A6z>C2wT z-g%lGn|$PrZ?N4Pe@g!9!Hce5VDD(+Y#9`s{L4IatpW2XT&heUXm%M0Vq)LG#0i5D zc2=1a*}AYUBOqhplu?p~rxuU;tj^DTDlN0_>q+BdJ%>3Vttg5~NL-J=5ew1a;Z>yx zow6-JWfQolP>Mu`_2WPpst%)WGI8z`l!Td3v5AVlWe_#!sKi{{TNJ;lZ+Q$E1{+#T z6YG9vLpGCHd!8qhF8lxp3O~An5nzhQ&OYc!aHoZb7U{2grNOGv^z$}7_J|faZ0&zW zr<39~CEh-iBF~Cq{+WEBPc(sPBE52GNhf{dBh@9yx*0IJXuezL#}?lR$nqbR_&5@2 z#0wdv6;D#ke$m+jpsC7Vzv6>(u!xb^bGlB#_aF2z7w0w%_dx((A{c&?#47w3qi-`r zm!z-q_Z^}uYoSeJNPTE9XjGpvl9H;NlI?csO=-i*;l3TPGcrzie@ut)?E|ShDDx2$ zF)wDyIT7k|&-Z7~t+&c=>S`>L>%!tU>eYZiGt5g^(-1XJebZvoHq{zG%bH&T6aTRb ze*EKJ)u#S~s}7(#$C_ejYJNY$YBrs2 zpgjp9;;T!@q!cYkT@3hX;m;2;bq!qnyIw%v@ih;gW5Cp25$-7}(dH)jA%)9B#p6i4 z`Jk)lsvY4);0SyyC|wNnc7lhS&6w)T5aO0nD<`TJCIGyS4(9{LX=e!N1lvuvF;-Ee z;5|YN?4!CD0~8JJS>WT<+Cgw-@BeP6IP{GWWP10?nMOCYhBhk`qBy}Uu81=PSnk68 zN3Fw=K2118f~9INyabftW6dSLLWRAwRy_{q)!Mei0?Ds&3|GYxd`?zOK$Npo3S`;% zYr#-SUgb4M^7#ou1vUR5e$KyxqMFl#Of{}^APyi))_jTHgTr7qQ0wA%W3hr4!QCQl zOFP~DI+2>h@3%VaM`!x+PgEHbUV=?L2WHU)`?6}Jzf~bu^xvh(zffCkNeQo4>3?f0#FFNAv$#+@u@cRr{tE_Ti(K8u(c&OIi|<1a)9ouE zW%>a<9P}<9@hmRg@dTdjB6y!s(+g*L_TDb2G8iXHEWMDqsf9`WDB)`XRk*JC-&~=d zHr_zo`DfS45mnZ%@B)bV{8g)4*ZF6+0;-I{t*L?oJux{g3a7i6epL-g>Q;X9yEm}( zu9RWx>e?t8gn+nCM^6_<2yqRUS>Mo?<4Qz~)K*_uOXm zHm+SOYZs61AByx$F5MIhRxur~b#cT4oi>#i{t3NrMe6TBymB+3p%C)pj zj9PM@hi4-poXWr=l4r#zD6v_rQ)hxi)J&k?A$_oGxM4o;=+e9MP8k@P+Cl7bg7ksy=ksvK>gVfEtdoeCrj+ zvlkS#;BhbVAmPY+)inC&ayh;?Q`keK{=g-=ELiZDB_OFG4pjbCPZ+EV;>c~oBVZE? zdmc@RXAdF`-^=_ zy%t{-^lfyaIgfy~${{?>AsYoTN|XE1JMRb~@4$pd2d9`xp>k z4P&l;S|ID>6*_bVJ9;|1K28*jvzWd~ldcve=mE^bILOUS-a_-Vp(F1iVBe$`5>}gW zD_cJzWnn0&;#P!V3gWm_@~KIji!lb5)_+% z_<+z!%OMCq5cv@@BQOk5x)RVAV^R=M+rwUr#G&J4qoMy;ahU{R>@r#yJe{f_j`V}` z)nx^wk-^Tm9DaoGLri5BZpCVf-lv}nezUkg1^8r*XyeZF><8^Z1_w;b+=WG!)D!pz za+l0Oj$sI2gx4K5kf4W%sF@&4N;G}9fQRb^#0V`i52dIKO7r1^WkV@2$cLyX!W=R< zbJ&V2L1nX8vF$sTn3v}AXhXr)wCE+we&+Asucn>MmG^w9fQVFh87gjR>Hn~_0`qgY zrKmvkTI+%{J;hrm@vEEv zV6UV#y+Af$Ir5iJk7HZV_!tHll>8+fSHXBRyz=vL*phBL(;~S6i`FmT)4v^uXBKWG zTpA-!CZ3xy`i4V~Y->#fBn)NZ_&gl@-_0@1qv_=^Ytt#ZlO*YisH6Cw_~v=z#difN zIBOl}tkmI?C%WlYPCJnGJa9@ACb|P1k^R|i%X#P`d+=bOrP0OWx8aWH)vZL@gePlv z;LHk9ln}+dgLz#TnY|$M@ zs*$REUk~Q1f7z&HcU~&)?Dh+Gk$vB>gr7X<4=;%t48ak1l*pIlnqwD_uZS zeoFscYgzs=Cw|CcxjJqD21W-}&9V6R7P{@5*YcgQnG2iL1)K<>KYg_2G_2HM8_}Wic07E z%JHk_(0SI+Pz|Bk5NSuWGdt#=>aOo6e~$k*TsI6>LCCbZGKPXgvY4&WAGgkcyyO6= z+Zw#b&GP&lM;?)ojD zHDr=9=AMi^tW%!XJhtO$M3!Pr?oeS&ohPr=+U=* zOw+e7T2Li~=XhBeevH*}VKqU-oS)sJ;a&JU2Jv|LdqgnhG1GewaC1nvUpoE4E@`%c znE>MV{Paa@m*gjL#DLdj%d_#wX=L2>Fmhw5rC8_d;QL;tLRL=zL<40;=(J}c4p4@& zOw6zffzuyyJI{pcUu*ace06;O6AeA{(T*P^>iuW)_~5KcQ*Q04w!6(V-C|O!a?sEG z$pp|H7`mB=cF3=D!uRNY!mjnw*8R{YdV0ZyF|1W{I#5Bb;~|VYO<=HWzJFUhnEZQB zE4ZQ7wvq*%|D|2K327G~OOA=~b^SK=C566a1ucAj)cQ8}L^Tsl^I-ZeQ zkBSPS+FUOMD}#qPTeWG{eVXvoQ9^6g*XEj%6+pT`>Hg8@woEG9%_YiKTdSA*wAYOb z3m)5=JmC_^3Ng3(68*FueI=S2JQP#>GzkyY_kH==IUG9pJhbf2yx1mY1jwTw^~~u= zV(@Y+U!Wp)h`&M_PlocfCwwoT`VAGQw(j=7{$Vzd$r)kA_4d3p+*19h`p$oD_Wl;+ zTO$(MLQKOSkd{3!${<3Skq+I0M3O^^BUiPu9vnsunO9PT*@J@ijTBQO;&ThB2UwBL zfce_3`oWUxq}UO=P-nCpAc1nMvrK)JE2HGqAaNk_yBil)klX-p^ zL%Odayw9JX`~I&gdVZY{9+dF3az+&Hpm-TSD=Sxy=m@7Sv z5vPKWP5EiOANcoi_vuwOH~;G?|GeOqWGpF4dr!?OF|#_p9P}!CVzTZaLJMNQb?O}A z2%68Y%qY~K#5?F6-AVTZsG(A#7$U9?Xs_Nzfd1 zrj+@d@-djquKi6y+RcPMbpOc(;5J?dZu#=Asla3`bt8PwlJ}RzXwGpoBC#;*_yTr9 zBTMc`O1Cu~QO4Gj5c5&`Fhc)t=7=j73juwJ)>q9g=Et!kLTFMc0QOOm>9 zEs5!Kr-q6)qaP9qCnSSp*}Ubz&6e-Iq!XEvLu->Qdk>)>s^HLnK-;nFxIC#rEQyCZ zJzDZRPL`3;kavuJ1@+a?X6&>A6?fWw`o6_g>VWn&{cXJmk!f?pS(8|*OMSFLem*gVJ5V|>MEx3M=cBP3wa)Ji7LBn22*7&%G`g92$IZtQikftMX8X~4 z7kqEuqb~AGub39J-iyn*L#a{LO@ikl>TpFvqv}cGf@r%*7K5Zj;p9V*A?JctqblIU zZ8#Ox(!DlNWjYW_kJHQZkKTsi^Ilt9pD4 zixF}tK(hZ|CkGjdm<_l%H3bU%U2^zoZL zek(|)$W*5%(&*bs$#uf10lL0!7kUJMEMQ3l2x_~O^{vaFGg%US?@Bykk91ljUMmu_ zK}kydka@(HSpLCf)c_E}!e0nfmiT1%`>) zF1~Y_Q21?Yzk8Q)Xh%;_w7=&ZE_Mt}GN0mWSSCjOgg^=snj0q5NB%ZO8P9P$jY)Fi zs$!GMfaAQ_ehLwVmiO!;_zQ|S^_*V=KGqjvrr)m%lO@BL#`u}8Dbye&wpe@pe*hnHTJ;ltY3^nDS?{UXaQelL*W)Qn>sl5R^&i>DwB!iRzdf**^Ol*;u< zUfE8}`o#*gis|hx9T)V4725hCSm28>!)&A9^Dr2Kvs$>o9%BB&MTXJdtTpTeT&JTy zl_Z<&z26O(`@Uc65zBC(I!S(uvj$?<#J-*GR-`cruq6>r zzrHqmCrZDb53v9nkmghtq3xT)l1oZaZ2Ek8uQ8bLeSLjtW+D=@{O+Xwpg0s_`KddE;Ti={*U5OX^x<5<$ku0tzaHEv0z_%|cu%Xx@*1fPC~M ztIt^?_eu_K-uTHqtPu2wl9rsSoRFO#DMI4dNrD7{4#@I0%kN!wB_q$a)r$rdzZqE% zs`lHH#Qf-_&z~rCPU32GUrlG3*Ue`kVw6u1tl^wgnGlfL>H>&W~3Oei>K>*6ML_s|MBwwd7(r+HS zV2`Igo&FlC!aAr1ptAo0`1)^xl!I`VyW@nIi8T|Ay_#>Q$HLXH%e6(7kEd3`&Zjx{E z;UZ>-$L_y=#EYjWl@rA|vuFSX)2{f_%K%1{(Xl+|d4$7Z;z9M(-|Obr+|vIFM>_V zqpV8~c%$%f9xJ@d0X3`uTT*V$M?Ey*!pWT_t16#Bj$WJ&@! zagpFr6Q`vHk?BzU(zLvqGxlKye$X9aFDLeolBi@|3oIc^L#90TCtV#MI|%#@=<39o z^=NNW8a?*r&eie0agnA-DUU zE+2!(fIKV=O<_!q4$}xHgbN+W_lF*0lNi%X)}f@cl|#^_?58HAUZ>lpjykJ$h!2*e z4$~|-zHxWa-`UR{$jW_&*$z#c=+>fa0W&5iXxK^Pt!VMl1kK|TjqEAoyqEx7unOV* zPgFMYc-!j#lSS`Jm=G&4h0e-!OT|gXCYtqt*Gq3lfYF^hKH70MlibO^uq6tt^oFT{ zDE^0wa;M&%0~O!DS|7a&cjg=oGlQTvY*E4F7@Wg&UXeew-MZq(b1eI%nl3KUB*p{^ z7^{;jn{WR!PKWMChCTx@5UIfm-)zqe4#hKzp_mQwe{6vZtU62~b=^Xdlmlk=M(YMv zOFwjy1Kv*EdFR$wP<;kj4#z?YUp7=boFI7ti2mmz8x&B6Ig(%B?oG*iUDa-abX2|5 zj0is>iA<$s$UV@4c1y}3nZ-at^!`9$gB;6)XZ(gqE^mGMul{+p{B0Rw@zI4p?VJ%I z#}Q#PLe#^q%lt2NbpP|>|6FAWHGFfKl=v)1l9Q}h)H+BN;y+eyBVYLSAV0%M0AxI_ z1&Bo~<;@`fMtu2bXWKR{Qjcj%GRcTBic*-ZL3H_3;Rh!^MkdV=`!3S_Bo+BK_M|A; zUx-SsTW?U{XscO57w7c@4Y%l1hK_3Oe^$7+I`Ez>zQKqO7=V#TWsG3{d2TdM8i|v1 z*}C#y9%9mC@~SYnt9l!jz_)AVZT}s1Nv=n=R{g{MtiiAD^2D$&mJl56EJy@Hi;bQ` zg5^|_9bG7DH9H$h$z2afqK^wi{w#;hQWWT<^B zfFH-TFqHZpeGd7A6MRCh%zZ-ZQ9Uge*7tjRQTds8anKmCWjYRNPfh)C-bY{e1noT2 z8cYxM0AB9Azox;FFH7HJUu@L>4|UHrCBV>CiAdF|c@ONaYHRuW-+MknUd;b}0$*XJ5u0GYa*E)L|CH;&U8DkGkd?)YwL;Zp3t~y zk;e;E;Wu8LqlO+9BR=r4dI|LBq_iK2^d7$C=NLXgt<i|H;qb4DeJ_Ab39cohuL^i#kga{8rTxvn# zCW~hm(2O)$H`^3Z8S~>u*nrh-kVpZ??6J0r96PDa z%o5nSdXzbrZeNb9PdUGv5AjG4+<|121| zk`*L3KRz(7ePJt4-hF=tpD0Igk)B%p#nO7*l}Ni2(S|*|>!~K~*jc?qxPBDQ?pIEw;RcevczVr$VWxYAQ`zg<~!gXNzc!zL$sI#nQoB zk|(`vGfR!bMNWq$Z?dQR*(p9&u`bpkuZ=PD92RJxcJZ~Ki`3}$zm9V!TEj4;E7XLa znsRhs?Y3!xO5)asyZQbfA>7~Qhpo%YT{9ikqhOp)83`yotwfb>r*f6VKyuP2gf?3y zAOJa9uBM{bGf6{tDoEBesJoeyabrJE12X+9j%ewH0!N zn2N>%Ha{Kn887Xn>f^v~x46yo&;;1N_9)6^?d+6`7=k!iBT!aGblN63yzB&e7)_5x z{pjmBs;~Mud`zegOjVNEQqK~*feD!A&L75e$EFlS)tEXjf@$-SQ-Y~W8`q#8bc*z& zF%s4q4m@spUfRvnIy^?4s zR;e+eL@kZjrtGq!rc#$vd>4vv6o$(Cax9%W)G3d0=d*Ee*%|bQhW4hu+>{-OzM#5h z`^#%s^Fci6`|IrZAMa*kp51N}u^^Dhm%{a=cMsgCYhO;9vGnHZxTx6^StFEE4KD_JL8*XYZPL?p*u%~B)6=n8 zAZnT&>dP7~CFGnoo{0ZHRJ~((C0*368+Dv?oOGOYY;|ngw$rhV>W*#Owr$%+$F_a) ze*5gR_xZQ3^GDc=|PMwU-@lvdLS{K*dUiB zTzC^NCP~ON1(B%Od2b(su}$2|JaMp**S##>3Hy1ZFCcCOQQWdoL zK9HHwd-I^gh5ay<@aF)L(+>cgYS%*Dc|8xXTT;5!a6iQy{JRG|?D9I*8HAUuQ z_*>V{je-(BD+TumFw=^R=hF8#Ik+^qq5*jL$YBdQ3i6Np z7VHxqO@7-nZKpDIJ{%u*PUqJn7#A+_8C>Qi{jhixgCmTl8pCx zAz$ItP z@)Dlz+nuEsV|#mszol_fN7^y{LQN1PjNgvoGJz^4KE~Y3*hk`lR_w}zvHDAh&A^?` zLqTg-t1P3F794-7%J-A)Tcc&T$EwnwRNbeh^JyyVEt57ynE)5&caxzy33@K(lozK& z6}d%EkWIoD1viP>%#>sv(Joi=g&p7--USl+^#Jzksr8 z9?5Q0pt`dG%ZUG2*~myX$Zjr(LW}cvwVgw}zkW>rQP7$JUa8`%-eT|wJO1k=)+lAT zEo5Il#gsjKPik*NY?6OpRlKdxi8;nqX**hp%5jA>hVVc0Heo#!tiU1sy83lt{=dPK z{M83x-M>_C#B$lfo8I~E|I+m{mDhZR!@R9y5C9eLuj-DxH5!~CfBYRHC6uTm;N*By z$P&2QGS)^uhc(@H)~>hdBw_dughF;_-e(8CVZB}pvK_s>odpHM@=OiI)NGer)iLZ@ z*KNa#UOFkuF8sD5o8RD{oKrFwBYmW;9JpUFU1hu18K!c)e-6FW_NG2j)_LAlYieZc z8qoKayS{p3skcfZ^wc65^j8?L~yNhKYJo<1*>`lCZJ;9)_lTkSzRvJXCwH-jg5{h!QoBuu2M~C zwQF84*(pd^Du+qvn@*m5Q!S&KATG*jvdRZe#Fl6{G&zRG370Rs3bbS+QU4=soKe7~ zBdF!)k>34alE{PonR)YHEL{ura{uotkc4}!R*k|}=7b`|ASqq_V3g8!(07ZyR{$Y8 zauqbsQpa|2hSsMPYuer5T$%$@S=^#G=eyODWdrU~m+^tE8G#Si=bjHU!MxeKRAHyr z=%gp6$b%322QNa%<90>rgvWcCJX$qGY!tjicStU0C^2eqjFbCs(MJ#}83qKH)D2_B z*E=@fdfM@-1+S?;@d*dN>5+}Fp@HyKoyM(96Q}YW{h$m>@8KKE>c~XrhqV|Th~ntz zz>i|6rZ906baSLs$P2#Vn6q4OOV));HQ9gVsuCxSH{jHyi+T%3uQBz0sf7NyOc=&k zzM8LjFz{=XS%*I|pbZCb!%Y`R@@`o)ZvB)r7&|G*-{pV3NEMD<>mPB{u>qr0owS8> ztrkr44lmc0uKUK*?DII<--lN6aRVeLxA)nXQxX_o^qS&E?^sqeim@}^$9ZK&HD)e{ z@1&KIn30z%VfaZ)w1~;6?*c01jVqWSgd@Qgz^Hp0VRdO@5JzCW(^M%`1YuIAqVU-{ zgJ`$uWYI-^agJ`X8RNF?1%Xmowx85GXR?Vu>2`#@Bx9zTjQwweW6Q`s;-h2cA4ZK||KZbS`W6VghKV_HYgCzyEwANZlovhjbld3!$J$w5RQtyPVYsHKeu)8T zsTXxSgul>g8ni}5&XuvH2f!dU8tt+)dX6r~Bp5Xa{qFE99p0xxp5Zm+-p1xF@Qp=S z6i4f{Q)_!DEX<(mstAxSo2vAP+fm}UlQ|p26gdLi7;(`**6JiUVE@kcRPicmN}I(Q zbX{~dY37{|dlJy(x-tgd-yXop7{LAz^Xxn^VGIJRjL~+SZ6HAwDOx)-tvx2DW1t>Rq0=8c^ok>M|)w zYX;j~mf{xfh`C=rl#D)`G`9_R*ushuVD==ss@=RcADrxav+rg)PMSM2CPz;VV>{?y zx4II5vkh2cRSBD&o(bjO<+Q5}lv(B3P3GS~!*U>NUVXB$6m6s{cip|@)yJ(e74v0f zdIMb!(FM4Y0lsy`Q;>*pf;0HWg!eerkM4u-OkmKmY~tE7iIXum2CP){b>=f^cU3+k zULm3;H7pMVTF(kVT&HD5)8S^LPDEgLo~?Cn4-atXBh$a;e=Z zV|9EU93NavQ>Hfs|MUjY{xb!JirkmSlcR~NPW-3cbE`d1|Abuz+*7@QCM(TbCl_W) z03M(gstYp@iD6Vv8@A5xSAbJtiDgVlq&L)Lny3+^gVh8xYyMtn`}0qnc}vqPXG=dD z7=&0(^7fU06wwXr7!HXO`P>b(^J>sdnw%SBfUWUkJCAm8S%AMo`4MW*;v?kK|`d(pd6D=Ba2V+qG(#uN)0JijCQg3z6uGdboBi5 z`TX87U*X1^O=LY|)ShOoyWa3D=s0x2F2*}$sY|N#)3Lp4>{=*&-HD9Cd-GNW0wchr z7md0ZFmtDH7>g(^Eknll@tJmP|K})zD}>8TX^fYbCK{|5JGZ3g!86N^ zy;`0??hGo6Z$jn-=&g|@N`&e(G&LYXq>b4Ptg#rv3+PLvk4FEV&yR72{c(YiCY*=P zk}JIjAE*F?h?eceAc4#v!B}E%s%lj7uU%#GJ$w}%M3r9eP|4OeK&6jOx_~CrYNDGF zQVsW*f*7|`(H)`?cW=LnKKS8=y32!)H`sZ$imXxI{OQV(r_#K+2*Mt!M_^^^+UTWo z&x;_CCW#R7uaY2%vjMTLS}qR?`uUvPte7p+)wRc2+ExK3-9yyJk&8ThZJkDqRrl1- z?!6XcFyS8x>Y%VY*|K2cx1dU>Jk_VDz9hr!Q)gl?=0}sJC~X zo7sH?Zd#6H#_Yw_p_vAto`9s`IF9;vsrLa1*WWDvR8!J@OPf=@ibCB<=czfw3K(<* ziPwa@%PN98diU@5{(gEeQ&tAeohX*_-Tv4<=*%*Q3K&LjT=e&jDHLQ`RmYHYLBW2= zK2v2PpU6>V%AaEM*4v9_QJ_xEn-MY(d)9z|eRN2??^O;r*grPq3j{jGBhBJ;T}+wo zkI$x7@}H*GLj8&~=+iLpvFfVZw7m^P=*}YJQT!)~I&7%MeBx1(7UfCX`m^J(IDNv| za0oLWJq}lz?{pB%1`5O+O%A@BsjYk!YoHJUsMgwN6%}B(*oL1GCtU`Y2nXw-R--%xjc+NHz=N!~5hKrUMHcK*p zA9gBKnv<%uTHTUrIKJ_JINdvPp1o==i)IKG$DL=p64sBy;8+V8(EM@9-Do5o2Yht`D_!TQ+=z^3q5%&&2w$^( zLHY0v(=Zr8^U`Ps>dd&`F(Dy`VrHdw8vMz-jmVUu4@w|Mb>x6qGB_-IL$kg4W z5qu!sDc+lMzW^y4I_Pn^oX*N`N6ypoUpW*+4zOT28y@&YN>J+>rLfVi29CXoIXQ}; z_Le_xBVda|iMKw|y2NOLXd)RifAZG%IBksj_=};A#Wxp^|F&a*i_9zS4G^h4n~c1o z;I^DS^7Li9vMbFUpWn+&Xy}@poDkGW*e=Ux<)*)S^#Z> z-lCj#9jLxheZIb5d9as}p4G;ti=|I|D^MQvvkaeXi7ce&QM1c@=q2#+P8)mr(oNQG zHVMA%Sm^I5TNka@b5TBckwAt@(s1GK=EPlTddCCm+q+(U+NA^nG|^3G~c=qUrtV2Lj3#+ z?}_PALiGn*Sr(=KYyN7fmgHC&A(z!vKl{(y6D+BI-GQQ|7{2v1Naql8y`V}Lz zyE>x%+%olIvANzJRDL|YZFfvVfQ-k|fDXrV=9j2QYKrqo;*cBO*3M>^pQ1s<5}lwy zwaAQ0O+ET+mK95;`{5qRhi?uR5Vx2rp2{E`Lv+^jCf)4TFuRvE(7!aJR=ekDub|Pi zTd-q{SL+AMM`w>klr?OM>)|e6~wlu>aXo@EITtmqo>J+X9~zmgaB+yusg1s+#Rr z8YNb(6>p55Xu~*>;8rsdTRydGJ%%D@IO9@Z_C;5f)M)|q3n(~-n6U=GEqaZ5Cw2iITyI>0ag zRninMsH3QIi2Pg(v&)&Z_MP9a>7Cvpg+Renicx!qV; z2*ez>cHE&!{`TciDeT91`~8@BbibUWV9%vC2x`HEkWtRKD(75a`FXmng%Wb5e7t?> zUfx^2BWrW>DOiBD`8>j>!!5X(t+iZQP&`L7f;8I`B8@w!B_yvL_aI&0P1*OTnWx5j z;)l3`Gug)B!9U5Fzv=vlF4*7V80_A1g;e%RnZbB5lT02;Y>@SblD?unaR{sAUhSck zf$kjKOP?*$0nativ zFjyDBr98?kj6*Ljo~^6Mng0|^VpR;wDDWkl?T|gyPWk2e6NVCpxFBr<&p++(W;cdV zTrIIf*ylYJXs(8}!*t$~ZFb|Oi`4T?HeAHHa8$z(tfYY36?rW1SIbS~l5P$TnnC)* z_~)Vc&d5QBOW%3B^<71WPxB=nQ1sSzJIW=W1?9p1NKk94bd-nWZgbQOojH zU+gPM#FMo=D{1f}^4(6n3wz->&PsFqEphb@bBn(k*ql3$U_uwYp6^L8Q1E6iwsB#f zBopaMhcA8XKnm9LT3OP2QO)Y}nfd5AZbJ;jQ${30Qp*AlaHQRyM1MMsn6NE7V872B zod_%DP}iA)!T3eipYMR^Opz{UaS<;(|NgKpr0sIa8Hq(#457p6PeSDI2Ex?ozRz8L znI`cGeD~b?SZj`{c&o$ZG=e+kB2LnBEAHp1Q%FEz-%_ADCudvp*N!Yu%o7e;N zR23S9H5(~3@{LPo#mi)7P~4vuo+mk+@o$TL)?dB%3goR(&PtkT--sMLKF)UoyLB#k z3lsYHKB9*;4q()9bTcym?a|1wmpw?S3En|RDkdQ)2e)W3#;L{_nb zjAS0sD91OsJh+26k?~KpGI1e48GJi+-plDfDl{Y0LRUV|!mFO15O6*qSRycf24?*?A~5i1#=^bm|?&S#8C8J7GeDDwEH>9Ho;gjQaKrrsNy& z1F^8qYu3M}*{t8!gP1ngml9=+0(F_wfX1+0l|QiUGQEZYLmgGwHnV_(L>Nz5KwFU= z0d3NqeowS&JZO_vfd~{jF?Xas!9T5UXyP-1+3jE*P5gH(<~%d(b?0l4!CnDD(DRa) zx-1fOgWYYn9tIg0H;0Lw5=7zS?n)H!zSjP^Z*Iz;Y=+xa=&Gk*Pkt@z5cKmjKeG>G1PxH3;-W>hSl%MzH^||DpJeG`3MTP9+52mT>3V1m%l1w_8 z!irG|^VMby4e`^T`m|h!Fn#$?CU+Yhmg5_(I62@iSe+GWiy(~Yx`n^CMRPLxxd}n0 zDnYn&l~0fCUNQWp)B^@bw9;#dntMsYbvei1M@P2 zr{IIzRF?N$Q1IU*QuA+xTMJXb^I_?e`}1k4>#J|re+Owy6COv3qCT#zu>s{|ll)}< zlN+s7W`$<{G#kyXzQNhl!oZ(p^d@G zIDjSSp+;w#5zxfuZ^`{)Od4>mYt4gl`mIV_W=?0jL{frrRb9yhP$VfHv;0f%C2|Ze zPt%Hzt|e8J%o%ci35De7wlK_PAPwb_il0-Yv_++h)b*n|OF-8&Mm)Mw%;Ysk3?_{R zH7iCX;a+XvZa1!K9O#?pY712RLHDGzM2DqcPBGNBm?%ixyHvn3&X_e}?SxfmF>$Hy zh~s@JRkEoW@t0N;C_A@}IN!VJGkndToYK>EIlmr$K?gxI9c(4rJ$@XAtKfY!lJI>? z|9tGzR~+oWxY2M~fqTX=kh|S};Z#mSAIgFn)3RLtgEqMOWI;j$x{scB zU4c7Bx{b(MW@?jV)Y0S>5ttME!$#P;5WNP=^RiS+%-Ze@Xe*GS&h{K~YB}GB64_f= zq4&%lgVZ1Ng)!OVva3SXu@O(ov(FzVsO>4XEB@q~2ZQh8J5M}R<1^lMhtayUnErm} z{)3e*jhSM)S3>J@0U?6$&#j+BPgI%!Or9u1Lm__y7o?75o>J-G#(QrPX?EXm73Ogi zKRShIMeR-_0CMBu#*diuwdnat?sg2w$a)_;50F^m%3S1tu!|6YKpgZlXFngTc|$7|03yOub5CQt!vIyNscLtE>y`dW z{`n?x?kDaVW!(L3I(iA#808v21g@=E`nwYjc3HfNXFwO{dDP`C|74lwZ&pLCT=?pm zViOq7c<@p@S^Tp?D;!LXpfktT6fsmnmG*yAn zJQ$k=h;zQbi_cpbc!WX_<;@(+`ucVhc zH2TQ7UQh?Hdj zBE000+)>ogV@D5bYgU5yT$GOXCHc}AA3sJZRf_3+l!v!V;)=#99zo<{BPnQ4K zcH64)nxFTk2a(mF3%W%oq8d@`z3oK+J0mpHd|ePCG{RwJJWylg>Iqk?(k8t|WBc*5 zc7$t#ieRG^=+7#1-j&HE9podgAKt=(^gFgRPzGoa(6!&@7pn@%j*PHy6wLR1oQ}$p z)WID8!L)I;`~#WgleTpMr8oR@GgV>NMlASDY?E`lPN`XS+YiEy683^(gKEPD^jHVe z*g&nJ=L}#Pgf$yYAGcnLaUhAR7;VBd!Ze;5;0XGzb-SoYUy014_`?+D;=cx_7>3vh}&2a1QNzg`% zcN%O0Vdi1xJ;Cos2{*%vAxA9%DDgOLt&w6h8S9Ye5psxsb9JN#_KhkB{mjV<-;n1U zIzgqO!!_z{^!!&i_ceHU3~a?(p0_Xei)PtbLg5Wl2V3$of<$w&2cy-w)C5uz#!pX7 z1z;ms`B!TEMK^S|?~VCP8WfP$qEAJ86lp3@Ou~HkC#X$eSwfz&;~p~stR}|Y+)Ceq zZf1X;ViQe6suq-n#%P!(n5I+vHJR#oI|^8{)`J`+KklL2RMJHKH2pUG#taB4IH_1v zWSwM_dBM1+?MhDSF2Sgw&6}{>?{vv;bRPxFKqFQ*#y?jrE^eBbdZeAK(qCau;~KxcHPS z#E133pMZQ{CN;+i-Jt1G1{DS^cNgOS0nH=vToB^QwyU$QG7QAa|EwRJYV2UiOQg9< zwo9{HgKxqMkpA1VI*1r1RUHuNDPz!(Owz;Jq;!_-oO^JO3iIm^%{e%UJOOku8(a!XQ~|h`jL{t$lT2ej3e90-KO~V- zA@^TaNa#dnRT2Oasm3BI9F6H5+Y`M5MOQKB17 zGV}1x>Ycy;n*Z8;^EsI?Y(=m1u*Z_gPS~m1f99Rm3pBe8cZ6qZ7dX=-PLKgWi|e;$>ru=usNQowgth=-<^1nK2`#%Q`F{UPT)l~l4K0A| zRHDf-kl^Bl2|7^$B?Y>tXfF@`D;CQ>ax0z;i004W@8FWR#h?*Eayt=$O(fGYG}1Ek z)2AHd$L_V<_rm&N=5}V-`bPsc(IuiIR2PQ6V7&K`Ex&&BBFqt^`gtbuRsu#@xb7-D zu}h0$u%Z%?RHA1Vl7cHyzvO(v<7+VPD?IxSYl)+{K_L#?F@tuTS`u8c8$Td@y4OGs z6k1Q#mzNPznqZ-PvyhNYrV6!>C_w#kO-s9tX@r!E_~!Uf1$1+~x05@{PFebGj9*3= z%S0K?l6`<;KZuNaBU3DMo!^!3HY@4Xgilf+E`exHn=bqV3M-Y(nNu!XHhUBA%MN1& zY5&}~$!PVUk^FylD4S14_O8eUSAEUp{JNnnzcW6QhSwqT&{Z%0V8LBkW71tqttP@t1{#iXmLUYnit*A&r`WVlHe?pX4W=ArKwqVX+_ZR#f+ryp_ z(S-G#F$uYOBZ+Q55*@V+;}Y|s9r;g1NY@P!8>D_-Mp1Bv#`r4dJjHMlYYY|juojRELW?x(BJ)G#`}+fbid9BcaCk``c@!=VnU@MM~r6cv?%Xm4V%K<^=iu&dRGm4@mg)FPMV;KJ3=`-rNv0uCD{UWyj7hBpK_dPwgU?g#QIB}U! zbF?83wzc&JA{1k^%3`SSH}JpRJbs!EViupcZ#2c*k%#ORmA8UtbQK?SIdT#nZ=Gt^ zq{(wrN+-pc*=e7>Z+)g%W}Lb!i7GMHBI}I-%IQV_Xgiu<(x6rQq&gQpvXex!bux zWdbPS;wQGu#{N(o)AOCBDtaQ8%&7J%SN~x75$?Cr`7IrWMogCgDV?%5oLzzWhQXdF z!y9xC;?OAIRwH`Qc8{Zb^WF3*_b;MilzAwPTNgK#DH|ESp6$6lyW( zEOHYPr6&ClT;A}X^2j!8@MFp$_pY@lMzgyeqApe=Z zzTZI>Hx-4>;Lw7g#Yi>SC4O#4T7=2niy&4m3?r{~+mAE^0X*^Mi>Hr5$;4^*oqND; z)$?A^8P&K>d-~p2!s@$5j&&75V4sz0x?cJM!PbV{psSzxhru`P(`BMqEkOxuF>Ek1 zj)ZFtvNM(tkHDmxXPMM7tCfv!#p-?co9CW)g2^7M+BzAvllf}gHv6=Oc z3}sIaY;&NTctZ8rJo-t^vWr&f5FR`7>AxWwk={_UyyaLTw%!yeaU_(HwfYv*I7y{@gOut)3`#A&$S4CMnkIgbE-iTY?V z(p<Y4Y+xkPdKSj zch)K!ZsI~Z1wAre=B%>z2S}lIG6W~W#g_cif+WT}M{GPESI!zST`)!KM*iIxsCxBT zX>)$}Q&@It#tk2J>_RYYT5)qpldJ7?5{~+RbtBN&ge(x>BYpXYYSmFj$+T7Z=~pX&+;QF>o`a{fU`_q)|oeLFE4Gy z8iUtP=jJE5dNJpQKWLxw@X6*uU~n$>vu55s8<9l}5Mj@exzQL|dx2c%_EMJxv`y5V zUfZ#MVC17R>kakoyuxy$4Sl(4BJc;Msli8g@i^Mak*ccO538$R1U{e9=v}-MbrSg3 zjHxCaR+?V?_Ns3iOlquN-F^CQ3Fw~}=mhK?czkGl=mZ{1IN_!PpYGSRO>x(KGS`#k zPxWoUn*|c^*e9vqQ9$dtQh1%vcvj}X@x7jwD~~Z!g-h~Vde!Twf$;GxRM)i6hLE3b z_#kcCL8=g>9Zy5)V5bQrt&uuA&e9It3i~#1CY*Ox1V>7AsyenqZPLZ}pA?h^4btao zCJ)jYDsuD*D(*+bG?2xXKA%wY1i*G-OsPc^=+%CF38e(DSU&fBzTpB_J!w+r4HBmhT! znzb}>!-3u3tBGe5nD&T-@|n{fxZk>%rs9WYiu?BuL1~K=ICD{+2{w2R+ zj$vW$J1+hCGcl{pYFLju;JLsS8Jo}yLsThAkFJdxm7QBJX8t#CjXls=61 z%2|tLSP(y4_+dlUAU2bKKiKj}Egwm`Ev(sk>i{?!F=QK=dDqAe2ljq&nmRX#IgOW9 zeKiC^KZ1}Ttz9%trVS0g6)BtOBC%yoR6T~<5?77HHo?W}d2e-&CPrX?t745RJPsL0 z4E7QeV(|cCPR6A|f&8QoJPt71YS0HtoXEWvEFL(q{ipETzIZAYYx6Wi{|hz?5{amk z!o-7kpbTbU1o)ALrI0jo5pm_#FIc_+he&S)SHo-Z$a0~c?xWS6?RgkE_lgA8zu&e5 z=JY|WjIZ09zS+@We7D}%0af+`JwE*eq`fObDJbAgYZIfEPzIMzMu!#l(S1x0&VS3UP(IQ;bR`D#6p|+8NL!?$e3;3;CZ* z!({lGQZi5#>*gAu8x~wZw$gDPoTN^8__H|HO{*FgLLO;IqEc#SKvp5w;#P<4Jc2yr zK`skvfSSAhX+ameWX+IE?fJaHCXBD{d&-1aM-M~S=$k&^q{1Cz{*J=r;x+OB;Xa`v;O1z3k1$(*+#}!<(l}+JI&xr4RKy#arxvfrRk1nB zk?1O}1TgUd`(KRj=aNPeg0>3SB@)Y#l}x{rS{~dR#Fm*Yu`n&+2Qbi1(<2~KCj^vW zdFWQu;w9!C4SEQonFNO2cP)8&|8>gem9LVUPc@5M7@3vum8DI88ca^oPYU7OTpvwY zJU;UP>)KD3FjIxv2%woW^2;-LpIlsApUFgsAaAdmwoeEl+5w!x^s2K5DaR8C z)KrA?v8pNqvIu3E3uq+po@!N~h5bx_&MWZ>`c#yLV*P!1)9y^4Cmzp=zC_H;(DB<) zQcc^Bf==k47ahW~zg8I7O|dduIz9YXvsSu*IzF(6OvG}KE#@Z*lRqN&vJm~$;wxYn z5^xoa(OaX!AW{feT5*muh^X7q1C#x4p_vSSK%Hk*i_}Trad}bS6XncSQmixFi_zpq zmrqz2rzDu<_*V!1l`5pf_aQ22z%BBJe`{THnG8VsLcOF*o348YBuDW;Qqh z;Dd%Ba$*L!a8t>3w`WOjmb_LO=GEZ+meVAbW$wIfl}JZ zlx+@Dtb`8OzId!I>-&~dV}3O2$}CEIV6ntInKrmVdSRXo%^Ng6JY}Eld|D2kd?(3^ z<2Q|Xic9Ato9qm>N+((WYqiZjR+G-c6LOfc=kHoWm7{j6X^|H=!>;t=7*p#ufU^U8 z+dE*^fUEW^5(gJ9A9bspyz}`>{RpiBr^bCeyZpr%f)@Rbwwb&{F%vnl6F=v%MHcGk zzjaz*{5rr^H!zAkK-Dab`fQ%AbuH|XR4>VNPtIUK2<+Fl$((3Yj@_vh(lbnb+*{e3 z6MU<5FZ;nJ_sZ8_7YJ$$Ut9%@J>b3_|qT$keSS;^NpA00+wGtU=RsjmT1f*KOw0fzg>W z@~cYyBwH|{F-dt!S%|G{kZt1hB8Au=d&_FV2JYX|(f#-;c@!abt0cJnERXh!7LSOL zzYw?0Iw}H;AzI^qUTs1j@(~o)_1tG~A?)j)fYh^c*9voxOK_mK|H2-nU~%2&op9hE zFefn&KO~<#_IG613#c;(mf-zugB;l*5dWEth(H?(+3lo14st~GMbu6`FA03mc3EV& zVkHC$%G2ZeNi!=^|Lco~YaZs&fXY5OM&`d2f`ZO|oaAad7r4E({pRwa+p~#(VLl|| zSIdX5wj|QrVG3_q5m?x$BS^T|yVOdNKVZ)k*7rS7teL%6$D~FI`0W?)w_eS6*297X z6kbqSMnMK{*BB%4)tmMB-b_p!cR%8nc<)2}(Aif|>3A7%C?gL$X3 zgzihU?-)%phGKkz#Y!xyYtCIUNATUy3vZrB&1{1C5&hm(>lNNskFW35Y$s&xV-;Z8 zE92W}n>^Z@Zhom=fCF!m{!(!t%Izv>io?e0K+URsEOb~Uh58J%#1(9 zH0POInc7jSRcJ7entNJti8_}qUlayrg^6qx;es4&Iy#an5s^NpnXGe3Ow#BcW35j_ z3o)G>coi7FJkmZLN<6wP^-|pYu z<)EQ@h~(ZzU|?}!Fqv%BJjQ{c5FV@}DH0Q2zg+n(!UUfG@YmA9PPZ^ekQ@g=SHz9P zsWdnmb7BlxL_#uMdUgPvMz7d?hA>r-Bo(q^1PVk0d1ybBvcR_;q*W@aYBKKDL4@Oc zhZjl#lOpcEn(fS*4v1M0Hpn~=bV_A)_wOz|0Ohqbu*Q9>W$O?(#k7{TZ-AxGMmxsH zC>i$Rm7&AVehDi?J|;px-bGvEhFtANb!+?Roz!-%!1kLfD#ifmICUVzzUTL}npQWl zaKB>1Qfq-8&%3bp!j%Ju7o90cgy4||)hiW(7W1}l)8ZF9JG^V(_T608{>Iafb?qu& zFU*z$V-X%dv&-e)!3zJeRnNzA2K(xpzU@q}w&#x?i;<1fu`HEd(hJX}P4XV*m3hVL zd7o_TdBi?;_A{G(1rijmd4&d-z*#?>r@fQ+gFOs z%(Xbd+2R7K2V?GSD<_pqFoTh)smUi3?vIr-N1eLgiFyxQLlU(2*-qgM{!TBjd@ypPhos6$9{aD29t+GPGZj^9+G$6=$!CT{v& zqyA_`6k2+UqGn8Ib<9v_k20n^XP59no2&T25Psa`{6EQ7pniS^Ss@Ow>6$UBIHgV-{h z%fC>G#=fEQ8t6O1JLOQaZaz&E)t!wuPI9j+6}ekw#U&q-q>vMy8`>=tZ`Z5!zp}$J z9VheLz?;aL*IaPa_c6~C7o}PQI%HpA#Q)8HEPr^=mcley!_-}q)ZjYNUmgK$;Th(N zb16>JVcg&m)4_{t-A;YXf2c&TRP6E2c2k5x6)aG4WK_69>)9v|GPr zumU_O`?ur4_MCdV|NFz(tV+RnbpsWfZGe|&Vi1I%?A9ykHm3vMR_FG%?ievY6W%B1d*em$%0x5GXs)@J;>wj5k4G}gg%5267WCE0JbGVD;C za)iNncd?x-MR7vN^{JIGRtT+ry*syOLpPa*8`)cR6h=3pb zO&tBE$7Orn8a@l(r>g$pCHmR$xS~ngGFTsHvSugvzOCN4@g)Id0O$UL9-{UFx<^7r}$* z2E^=-IgHl0s&tNR{+GD4E{HZ!iPArAG|#EJ-V(20FY%NIp&M!ST}kxNu*VHF%Jk?z zRL7!NbpMRc*g$u%?xFyLg*#iNj0*9HO!AP-{b>wC1Ti zwKC$3)fkmCPqZ}%L#na!ihJtIWS3Ew7dJC1U(|zc_G8_L$za%}85CnnoFJs;wzzcxAaLtYiXCl&?*V!>R)M|ANo& z>uA1YGHHybxR5VsDNlLkz8fE9bCB|G;QvYWtlXx0b_m312(CBO8Nc=5e^+u zKmLb!(%5wWi+FK?|C@MMQRV)!%VaBOA-s!eNZb1kPuk{)wdMx64^+iFriPW7 z_ycFOAinsy$zOcSLa-a6_SeP#>QXeL7>qU8`pw4pC9bbE{V5t{ti~g}5WZ0uxdBoV zA6*~2721(zO?XmGDeEAHu%pfkGZHq=E%p>}QIJcC%xJoV;TS!$gs}cOE)%;&3v*G@ z$y=P&YO3AB$wCdX@vclQdxueK8(CVaiN5faZk`NGF% zJ9Ty1xE1X{&(;`*R7;k$@F2__T%dYJrEO-Rv+8;3Z0M}23uAGsZ(~b!)ypw0{|k+y zCPZidp|Sn{Ln9aEX69>*;9$gUDZvjpb{w6AqVDBq^MM~-;X``(T_DlwD_4)FJ^B2j z>~EUdilA)UMFVL8=AU+KnjW9m{M;riA3+xpz818=i`ui2696W;c6toickT~tqE!u; z#be?aQD1{m2j#WB-62PHX+%JFRGKIHHFtv-9%0+Q$joF5iv1rh+ADd8C~*B>T$~#D zzq#0IM)QBTm}{b?J5gsRVDLSfjCNWjer$_PqvGQFnj zVPXUGdI@(bPzZtRV5ezr{4gwOeuZcr+O<^_aR~-J?^LM50Rg^U;3lzOTm%*SUtBc$ z3Wy+Zr~Wq=@tpn-7pace)ug^Mei2s{X*jCgZlx=&lZ&*@SAf_s6J@G!@_&RJV_kc; znoZkh+v>w#>)Vf-dyb+va%GnEMi#|2I^nQELFW8Y&UTAKKW{$9KQi8ts~?^8zddF4 zh{}#FtYE>xzV>gfLSC@{-#)Y4t(#*SuDS~5?;^UARjJBP zYN+jb_l zZFD@bjfrhck_jfZITPE-#MYPR{nowf{_R!WU480Q?Omr&ovo_&!}Yw^v!jERz3mm` zHS(2$UQNlKzAmzf@l!@Zh$6^+MoaQ&lL1ZPm zVg=VBh+7I_#s>+g8A{P_;?HQa zI`S=!kzQJRadq^oGk<}cgp7-FM3K~F42pme#e}g#Tw76HFc#YWosN|gYYROqJWGmX zS;W1zRLX*w9{V%fPAPUn@v+tt71

817BTEQ=kr8W&n%EX-E70%;GM;qog^4j~AwaXivW7p5eqb ziRw6-$5Z3-ncuBP*so>13P7oc38kcr*K0UYu7~?}r5#Zp1lfMV>&PYulp-Dd*i;Ci=^~&MzJ@K%eI+t24bk39h zI!z8d8-c+k*0K3f)p7}XraB_MGGBL*P*`9lN4v|3X`rWPVf9mFdDwsd5Qisx>aRX9 zB?ADt<_iljCzq?nMOV2!x!0>GkCbcL20vsPIQ-j&?V96Wk;E; zP{A{1L;~|36GFX^B|BStXhL9y5TX_rj818TvBbE7^mN`zGxPoupp8)G^y_LYFAo+o zVk!-0>VoV>NB;L_U26rd<`vh1W}tki&cHE#f@4tztR+riLBGt!xbxZ=9?l_5BzOEb zHAjA)0}T|d;+fcF`XDD6rHPB8g7#l3;wd7co0E&EbP3}!bGX;|A42TYzH3hfRZ$os z@$ zvyB`bG^1z&$cvbHPaTO;#m9L1j-ij)I!Qh+-3`BE7?DCa6^mvL zfv8(wrEXseuM3{zbLP4=xeSsxD{p^j^88tixPBck#hh^Ac&AOo7Qt0YLE&h-k039C zJK)#4za>4Bz?RF{liTId#t_5tuiRGn`^xdzyZ-}6w};#HL8Y=0(6qM8np%s5klFRG z_(n&E*aRLVj7$Or6-R#iCeiSI?jei*vbez$JQANWIdQS;hcSP{28cYzW5E}m)0L!3 z)Y?oMMdIAqpqNm3z23xg9=4(L2zGu1&T*`mKC|X;9^Sq^{5coWz7=>qt^f8h8AuWe zXyi7JJllI_Oy|V`^aHs=WIxE&QuW(~?0*4(ykd!PWk zx7XK|w$HyOoONB+|F_do~!41DI~`pBENYk|wgSv3m4rRi?VfOb#V3+!e#jJc$7TCQgQfNDc}4SGGG{~`RVmb%-)l4}FEBoS*< z=4UB2Ce&$+UEo%0vFwj2L2J35-W;l}+?3s#;C~}Ps2fU+aQlRZvz69A@zb@@*WrT= zjV4KT#F}luk*qp?0jX^YS~0QK;g%+!>GnCQ_V&OQ`E~0cBACE`@)FKXnD9alzd9ts z)_fr>yd+L)mIGRG4 zL8me?R3vuey=Hw0(~sT5`jtI1)@0AIbo%Cf!*OMxy=Qg35exzr{M570!KP?hFH(Ko zi+w3AszZ6gr*-o3)4ADQc|e#^%c&<}!!q^70H?9vs|8jhcC}lAljb;vxaGQj9TmofGqH&)AK7e-kuN*!bE+(tzV;3sB763``D%W3T!!&Z1~3h1J9onFf1s0^qCmPTr(;`ETCPMapv;lcspPx z1xwwi;M%?H&EH4Hc-)3=l~O;a+vOYP0n(GuBqzQxZo5g&(Y!Jl6WHWLJg&KaEx3Cm zQWQ!vP1m?13hcJzkN*K5gM_;HcFbYGWV&Qd>ogw>42UycaqdTY8qKVydJ&^_v7(*H zPPv3)EiY62IJX2i?ZTqq`w1tf322ppEdi@DrT^{!h0X1jZM>w14M6#Xbwxm&u_7o* zB?KQ&4USJQ3o9#v4Nin?MolLqB(;4$3Ke`K(*8zr?!V~qLIjFRn>*!=!gn7keTKl6 z6&~vsDAhP#QdZhlUb=XBj`RtM7c61HIp^UxR8mSBGAO2eYlYu9QzHq~m6LLr918QJ zT-_Eqh%Mm`f+jR&0G*uml#7eT@4gW9>OP-&NDKva7*pc~0`T$%L`B8k?}hqsUfFWn z3UZ|t=bcRRX1`ZN^mXDz`e_v0-5qnl_bS4`5!r*9vXj=dg3O|Jy7P}O;C9{)Y#Ir+ z;-smI2#`vOM02X7$4@8@>~|PtG{CWJ4(yzy{M@9bMZ@UffaBBSs8E72+5xJ%Yy0?M zb)D~JQri~%*9p%~dvE%IYkZd=$=e)B0ornPd0z4Qp@&B^ke-37{hPQyPDUj|q0S5z zHufMTJ$Ql>=Q9=2p+|1UJ>1; zA!aZ)H!g;N25b~rP^6{mrG_29ovhr|xy#gblx)4QhFDsvr?Q3B7f@W?$0jtD8mtkE zP8rMSLR{$5X^|H47L;5LH@n$Ny}a&G#+4U+$l(ntYCm5f(sT>wFsAI<8|cS+Rsl3eS# z$FWQz^{*Ii!I=Jl2`b#ZAQB(YUL4k#`-5_QhwC7{P)DbX7fQ(l3om8LzLntk+@{ek zBWI5d5kv|dr6tA9JX?t^4ty;RT3^Mw7*i6Y&fchnt+jAFh%iH~TV6Qh(>A$5bq(^y_Xr&(__PvWY;m^ZD?1TF zMWlS8DGB~`AbmXMW2#j#bLjbl=lP@`7w)>nUR0-}2FJKR*YixDePGVa?ON~;?2OoG z`j1QC!|Q6|=_BUzpdJ!n7Z7|h+M4QK=oy4K4U zEC6$y#d8JX-FkCDf0@clm&2x2CvdWSv*Sgt(OG4pm?F3gcnsWc^pCh~w@gOFESCxW z=h*cknh!FT`Coy%jn0+AY9s>lTYnZ@=5)#Y`0~Y*rps^fAr@wVs<#zty4>o1O1#*N=Yietc`~|??n4u&tr0286JPYe zP1t`rBIRx7_S#_ucjzPyCL?k_bPH|g4e~O2?JgrxZ2|E1=zCo`Kf8SdCwtfQ+Ve5N zvKlJ)XV{G^@oN*(eX3AKUWmJ$fqtW0SYfWR&d=}y=(l`8hXfyoZ-14$^lW0+4|%0N zM#IuyI-Svwjmd?q@F9@)cOsE1coCKvAJ91g+;VRjsa}u%>T6`(O<`=@6TjVf9HqP> z7ZxM4V}U)jk_;TUt1_8{EOq&6!M3N}m!-#5>tri8}~QH4{%)|a+b<`VR;DIj%ASz zLkC1!w-qRw5i$U}|8B06pLJtCD7|%Nv3C{b&g~uaID3|)w?pLS1P{TLN2~}l4mM&4ozm#rUSKw)>m= zd>DQGJ2{g37B~r#NfAax-3*K>q3xs};8P)O{qN$XFGp>+BbXF7n}94ht};`@nqzs; zDX?*PZJb1ixQe}UE#nb7Y~be8K-NeSxmg^+J~NF^gB`v>Ep;a(+Jf>7hE9n?sZG@l zV&)FhmI)suuYCIG`AQJyP6d=9OcYfv>c%ZOXAEl`PP{9dxN*gT?Csypu%0y$P+5UgbY1W|wg zXMd$1t?==OcfnN??I8snDcT>2jtp`kRT0!bMXo&(RJ4hP$*cPQtG@-Jl{X#>=7bJ= z0{;AR7Q?Xekd5sm`QXatj&Q=r2bj>OMzHc#W<4ndM8PyC2GnxVXy+Zg_MERPu}KKh zKQGbpkvJPnv`!&*(GPL3>%=vi!e}u<9E%T~$pYiDt;37xerA}S+S=FpZ)b4O*P$8r ziK=H1f;ecD{zjg9(4>`Mp)A1r>uf{1aHCkyEY=J@+vTqr4QBSM?obr81i+*m^NhBI zux=}kS=OW-Zj_|0F~0Dx!bthj+VLvy0*i~3qYH$T!TG7-Sl-oIC})t?J9v-=tMIzf zfRE=*EFaj8{q4KfG=y?VO_-wti~_4%Cs8d7w8P0@txQRsRuTjn9qfDdt=7*X`t$%K zc0ZHWJ(wotybF=&Oo+tseSnuFRwcAmyFi+`!7c1?-0{56Mq0)5)LAxfWYj;rLXkHa ze!#*)(r3`(@##EwT#1l_bzyY~8q>N+Lp-$2PDRq%6FK`x+w&9zjuoZk>Z}!1u8}da zD7hLJboD}~z{3Jso+M0_^JfLK^a`n3`MIW`oIQl{Pu|uZ{Ioo~cEE(2V^k=;D}Wit zr5^-gb)S@uf1~Y?-r{>04Zi|j6k?SnD5=`u>*%9{h9_U`xytCe*qyD<;viZyuJ45B zVAu~N_KgEMp+tJhxT-M5zq1nHM$v*1j0RL4^6CCCm?|oUStf43&?>LsXUI4@5vJ%9 z{c%WeG$*LRrlXd4sDN8{!UF0ve-fx(9j(6A6$;{?AAKUXV!UCc_tnOlnW%$Uy|$E^VWhm2|Qw6=BNp>hAh zuP@gYR+00W0kGwNU-s0Q6=NI@im)k-#288hjcfz2sJL)fT{DSVg2;heFbRu1>us}_ zRyaCgSukii4h{AUG54SoS7XFk+q9vEV%jL~kjDy$r2C8ETilJyO=4Cu=Mtsxr_krQ z2>D3Pl$`#9NFnb!m52egfDr1~ruvqq7F34*cGwCn;H&-!A-;-g8l39bu!M+6>3Jjj zTD{&Kue)7tqUh}>2nfjM=efa|>l#mbAg0#GdHyEHKakE=_3$$VTR%&6S^ z6M-Ke6Z-=c-*US5cI>q>hI*WKx0-LgeLfz$Zk~KCjWXOFsjs*1Ve7}?l+lQe$%P)Oh$@YgIt(E+kTpDsKP&BO|s+QP+dQitM zU@a%tK=!?5+k&(+9@0JXzySYlQ81@1W53>%yf*9P%=IH;MGX!?ro&o&5FCv$u!~~f zf}I{XTEG^YnL&W>R_4ZHwkNqhZh({>_io%6MYZ)CTOo`62N+eIRQy)1=bMy!)RqWD zs@mK-cee&Lg^Py@>4?+ebq=wgdlUVN&L1n8Rd0yZi7d(KN{X6k;^+; zmcvi7(`%u}NgrsGM?nPH;%7N`(UGhMC{@UoKfjyc%gNK0A66_@u&1sroq)`dv2QQ9v*PL`fL z|1wWknPLU0+{ZYD8nSj)0nyj{P26}2#hV{(HmdJJnbRRpR^UbsT2DC-Ox>2mQ_&|0 zCp8^RzQuv8mA?_IEDhhT*_xp{pwkGta{;lQ(cd@3@v2Ni~qh=^|2=QGM(P`-dDqO3B;WezrF5zYTPk( zZ9Gsva+PPs!81RKZt=?uJv$3@=V?e@HgV%9T75`DFYMNE*MdcFdg6d9@QD##CO4Nc zdLn+l%7QOe1r|ZUsE6akk5j}v9t_Fj6oqwC9}YBmb7L@vM2i+RyZ(*$20fybBnvBR z_HH9Fq$nh>yv-ka1=Pyocqo%(x~$A2NpM;Q+|Q!1QTo6r4I{Pn_i6kUx)Qu+s4r=S z%hL=?x=+r{I8U`xsy_Q(M{U*ae-9f?ZNgsO#Y-OztW`cL@VDoT+9;%+72ULhL%ElK z`EP(X&VCX z&z?YTZr|pocV8TfJxb?2S{u%1t!|&km6XG?M(VVMz5{FLou~^Mlu5dEo7qQ+l?=^b zGGuV{`BV+vhdb({dVN764`eYp*`a*?gV(w8rw&$F?&lfC9N7$A=C_ys@UK#;I2=B(t9LC|&HQh(XP4$Vs=iIizC-34N*?V90S#IT8N zb|(i0;>zJ6KOU?fESE9xr60-sQ%O`N`Dc%A7c(Z15Q1c9#b2sseqC4Zmo__Jk;suW z)ES<|KwU`hvfTaE+GA8FB$VW9)Pf8dVL4btx7zYW$Ud{jn`TBMql zS{LQDSj?})71p(Q?@H-<;6h-koA8=U1@BPCbF#IB00C{(CVQw8^BV0$4c47F+cB}5N`&A928cNdOb0;@f8srK( z26{;tC~y>F*57&oHOQ9DoUi()VZ1Bw2{K0W%uvPc<9!;ZcC=QnL-O76XE4&!}~!GmP?jJl<4HFe7f!n+@-WhX=%L}c_fk6Q|+S};LqRL z>MW9h^jub7m8gw-18ZmWr7%%STBIV)*kD`f<$dv8@NWR+e;HPUV)KbH;Z|Qu zTSm(DMFnxj)`rou`_kEK`Cn?!<325rn)$RgN()1o3j_Gn>*-;+Lc!UTi&Ir)Iz$-W zN(WajoA6G?-wxKjlrIdsho}-GsGUZUP?KopyCQZZ*{}!DY}V8gmJ-AOd66QgU_OFl zNYp08T;Jbw?4n;9C^_!3{KX+4BdfVI7GYy!BilZth7B2$Om$ND|rgbu~-r z>&&WS#zJ~5pOr@|0m2Nfumtw#D$vkCk4PL&IzjrFJ) z&12)V9OX~tlKd|VOpSxX@EI2Ux_3Bp#%s{rO6E5GMs#UHQ4 zV!|r*_=G zdT**g#&01z2o+1pfCl=l`K*#bYmVMcBK)5L74+P_KU_NV+uvUSgR2Ahw|V2*JRv7a z9FtOob!#XVGo;o%&!{s0@jYv8VHpVru-tgKy{x%lD_VqomV;86*1~!hSGDmXBpCaawR3iIuo*Cxh!B_&bP#sBZ?ev>`VR7-u`Kg!T*8nI*MZlj+E4aS z$XF{L?#4s}e_^(PnOGzN`0X&bNQUg@)>j@7cP*7U&~06DVvcwV1r`{7BB7rvt~`r9 zaLT`-CH3P3(O|a!;xbB%>ha!*fE2)q;|Pz=d1HpiSNyb{`NN1gb1Kq{R?Na|8=FM{ z!&8Kc0}g5pUfsAL0s@r`rs=60n;aYD(f9T7mqaLf+$bVIfjd&AIU$j8E^DSg!?nv< zGOEWDDws@OC||@(&dRqCFfyChV%>7+h?IFUXgtzw0uu9iUD91S$1J^l>w1VQJ=73; zVr0~n?}Vfxr6}Jj&7rV;(7?xE&@H~cfi>QUSuBWmCoz&*OP5F@3@8 zLx?%d#4Cs?wWr6)feB?QmFmeFocj89oHi8f>KhrQl2}4~a~MP-vI{mpd7`|IK*UvU zrJ(-p)Eo*O2UZU`=TVMy^(o9`HLLR01T&)!q>_&4xFyh4a z@65r$8_blHgCO&MpJwpByWj=;Sw+-LovN;NeOpD|{^65-B-=<=ccn998PN zC+dCs!H1(H7ehd^LLIL*Y8|AQ0`F4%vlQOA4#Ju0RXX8(faTS`33Ws0T+4#>o<-lUM1PfRX_Y85|pS)PTC+tXezRu-KSd3zfuObH;7m;TyT2S{*DEJYG(Ns_0cdLQO{DA z!5I1+8FXj3P{w4iM2<@YY-5W!l-&PZ2Ry&m3nY!tF<=#fr!W4dok`g4*lhTk-m#6E zBehN;J-mx%#R%3lIviYtN|z2r4+M5n{!lqPF9YBDy!70k@&$$sA`^#q%Ke2RxYZeZ z+~b4;N<{=I8K89?EL1C)IO1c=`xjjiFAm`58D1E;FeE09%|gpLm)SqmEnk*|5C!Mj zg_vbdB#dR0Wr1dl$wXd}tv7qD5_tL=VV?dRWDzm2azz>sa=2+bEb+5kz{a65CLj4M zqS*635+Jt{xGl!twXPO))B3C}m-X7F+)&M6^ztC;$d2$?61MvHMbj7zK}t3F@)*Z= z14ys?(NdAhd?3CqQy7LovZ|P0JAR#q`%rXP!-9PZzr>9G11ch2gTAw+4RjP0+t_5dqzu!X#|V9XJYa6}Zs5xTF}vDm?n% z7WZ~8?kim0>qxY4<320i);9Csfl{H)ncogwM&3DBGxEUQW5pVrtnM1Ew^4p%Co0FX@#1-aPY7`JIJb0f-xkgkfk} zHb39t80~@e`t_!h){RudwSZL(6khqD}eX9KRMzRLml==53QnNHF}l0P!0hdTIX)P|lM? z=41|SXZ^!2DumQBO%J614KT>dn)s2I#~v3;xR=!7KYPnp9x?UBs@l}1jdfwFOyk8H z@}Z>kbpgh|bNrZvw6Lp53BTeBR2!soxyEFZym`K$on)Ugde5JgPvtFz$@ zhL(eqF?i&b%ltXh31i+@<=lHVkvxg76;oX|q=?P#uKB?!W1-KN!2kHTU$g4!1p6NJ z%o?JI?D=Vs^+dEagh^gp^Ac-Pv$bc;8V>nih?bdy>KQP`76Nj7@@Bh;HoPZ|)U-J) z0wy74o@-~K#`l|}&HMTFdJHxRT}6wIA=*I|HoH|{B-wwxWT&60KkT%HaRvX(wFBM{mb|^+d zQX3$|m_UA^wMRkut<&acJAypIM2%N6%X||A>o2UsBl1e9ZjJDx5E6kb?LBtqZxoM3 zR*|Ctak+L(fyXVPbaf!!ak+MH#J(-sBl5Jm-J^2Qtei)|23g zj~yn0v{4a#45l9S+)VY0mof~?B!7am6*C`(2OhqXnFCzb_ZPy_YFn~HD5fI$7 zLds@K;?NWJeXL6}sKKs&)#wSq^t$DjgY(F$SQ7k4L zRp+in)fOZZp~ISz8$^jlY?1pX#vTambx~-u13#dI>C&!2Y$L~`IhJh^9Xn6*Pp-?L zDnD+MsM)g%Z*oUP8!k-WX!tWExa!chWx``Nq?RF*kkNO2`dEmiWe z(F-u@9?014&f(ixdb`RCi>5Wm0BHfcMw0h&%lx@0ne6Wv4ZiDVrA!Y&a+m^>`-hc7%C~VhFtcud+shwn$d5`_1)#Rtk*Y(40 zcW-g%G{4BS1@-6{4l#{)h+5-Mv|RJ_r`vVb<;PS~lQ=9n4g3xpRWR%S`uwnRe8Fm0 zUfoB4-n^jbf|6p{JW$WdnkJ@p{h6Dpv04~X>w80I^o-#legbMDp~UbH-Q=hgc4Wxz%m(pieP>d zxSM~wpo*&@87u_s_W1tW|8Fk&=_IC~#ujKZq6HX}eyEJ2=B}In^E0L~UX^qlOktGe zeVz!Gi1q(@+LxpC`mL#Iib*6p;gOSfD@$S17{CJS3eyQ_b4j_kOU6jwJ8ZqzU-omw z`#BYGFHEL?;yaMIja8$VRc1)9tsnh*;1akkKYz&o$$pec=_wS54ZkT*t>|;QfaFsb z5WsPnI?Ya^L2GO+Qg&MoyZ#fq3tux`C9GR8o2ZFCi=+%OOW~-qx3qX}jW%xt#nm`P zs5~0562d$TBO#yj&j^}T<#!i2?wI=r4JzSDmk#2gb47K;NUicwAxbh` zUhhB2lQ+3hv+AH(wvF5{-!Adi_sa>3j{p?9_o3%UIRP=KLMnlKY*6jhEXZjk^n@&y zdgPwcFdxph*uqkmtR2gUHQpQo*`c$_lQKx)0ArO+c6JiMYXZURpq&aqRna3^a42gz zd+~)-eV&|XfmvBrn+%a0f@Q~sDHKEpe2p}N)NQml%y>WX!1gZuf6GSzQdAs6RAf$4 z7vFaZnKXia3V1O15{^r-=Sfob@BXq#vU%FQXp}^_C1s0Eg?h?gof5A@?z!io0B+z~ z_Ycskc-%(GrB+vso^M_vXmbL2Mo<;y^HP5N`7STr+(h(UL&eX8s*yCPR($qggDD|E zp@-~ySiDG#X?rIpa#T1ZN7yj?cLB*}G+qjb>K$w(kCk)#CloCLGsGx4?^U&tK~*U{ zJF|Q>cw2767Gu)+HU)^~YB?e3X zk`uy;;o7{EvfbxE5c?aLolSp!#g5o&c%3>smJc?kAAE+8!TrncvGGzfkm&Db1x#y0 z1snIB!`DKm*n2UiY8$cC&28b85lc06j?!%lRYu-jcB`Qpu#oHHSOFNSZqmt)K& zn@1to-j&U$^u^Xzo_t+|#)t5qcP;^~oaFr1w!S=mmNq?bO&PZ4f za_T!H{6sB^VCJ_Rsp^Onl>saOUp}<2CHP#(tvCK)s;m1Bx@@&aZY=;a0^K?C+2dTt zQ1^p(?h#62flO}*1%0!AMW=roA|H$BAUodeJ$R@bRKYKZw-B5;CZe$hH!`lK?t z89-{}GyX;5AlR(no3&uccs0t$nz~j`dCE))=Tl^1R4n*I?qM@f(4e;p{kMMD-Je(= z*~T!rX_>qB1F@Yy1Pmc}9wgv-Y+w(>NKFB$ioP_j7tfXWvX1yJJAadp9r=ucr-j(0 zVI>qPwf@2!h-FNbM;R#rsRan+{0}gBhR1^Ij9s&gemn7;tzN31H5fv&dsdmp?_GKI zT83*L%IM$r%Y<*tI~@mlJN32Tg=k-A(a`@2D)dJcI>V=h2sB@3MqEs|nQR2ZlYeXZ zB~{yH%HdZPp}|@B=JWt8V@o)vTo-lyHWYdp;@?X*_TYynvi$f&*hz0*d!3Zb!|r~D zPXQgpfCy&z-JJq6L<0Q3u01&R*V5E#zWrpsE~N#z0LCPgv8ClBP7)ia}AhSO>h+! z_>x+@#PnMkZ7%F-av$+|TcR=I)uA#^v7#W4ObG*lfidGha8WVAcIpvHG_EdXw)j z#9rz&`6b&SoUNrBL2<}F4NXIEu%p$4*l~_M0}m268($U&(vbuLX9^$w`u%^S8n4vDZxW*F*vYb?=4gjAuYkwwT1tuh?Z6$~x?j$9{7p|SAWk4Ks6;-x zEwLU0AQdx?17lKUniG}9raZcrI$q|8{!WvSBurGK0zE$m1Y+MpD9td-7n~hpgXY8_ z)oD6QDx=0m#b(h$;Y|a2T_ZYtEi=8d7t#r@6qrm$k@Mvji9;~E$}RGX1@9?4IRIj1 zbREThBP`NqUNb|rQ4dOL8ecvYs%^VE#`zPw6NHv3m`orbajMvMSAEH8T6sanbs-Xd zB2~ig4*;QOQ8N7vobpgbWGJk*Q-P0h-InN2KM9+eatFIV%%%3Lg|T+`OSER0*V0?8 z29P*Bqrc|zd+U2n+=9o23s}rIL<8x-?7G)puiv$2kO16mA^};qk02}++?jj@+I|-7 zcWig&neb~U28`yue^~A}*>nFYiO}xDPJ329IF(7HG^Jur|M~h{Vje}Szl~^K;hYbA z4$x}1JqCxqw64FWi1uK@aY;Pth9ZD~Fp;GYkKzJOdwl7E#Ks??+uF)4dLnE~0TPem@9qtl{)eMu@OW-Qk*Ww%}aUvy%Zu|xCk&(mS4(c^=jKfn(gd%_7 z?{gOg^Cm&s3$F@ur^DYzIT_nnO0=Q|jrus|=Cxe^x%_-4258rQL2eCvIF6j{U$Du}>%CaSuhP+^EK@r9NEU}5C$k)odQ z=Ap+Mjl_#K$z6=ZZM&s+dm`?ba{C`akxT*VkWeNWG4jw2^MvnGu9JJzFa-EnPA|dv zd8AZ*nGfbSLg+?w{s+F9QYM7};2 z6ZN)I8l;Wqk)n`UCw(VajevVmO)K6H9?%x@NVS;+;uX?2Iy{2Ae zO8&a7u$;sA5+ZX@KI-RTCri8Bhnqz5Qy4euVCWt@S(m{rlPnDRlf@2m)?u2=1%;br~Gv-uiR>Fl=x3motqTitH=H>u!dWskODm~-dXs@ zo_@KD$%jD1fB(n{uJN*Va8Jw@zM%pe%2XlzWbbg-c*dX&M9&B&d_9&NhoIg_M$asp zpN(;=iXuck14I6VTbag zR0{_EU`d>-cI4Akl)iSeYX`Oc%NwC)y2oGhX)05&)|iA7(C!7JWeKAfa!(Ev^%t{? zYowPK3Wb4GI_Q|KvhyUNoM4e&BhOQaN@&^A_QR{Xd?QD0(q1^Dq?UcpwmJeCUuQzV zi4`1a$SVmhPTJ=qRTWJwbq-0=6S~{)N6y2*=cVKVFGMZW6kwGTCTg62+{at*5;|xJ z)F%NMGl0^h+`i;v>|U>=0Lp<;nM`etH!8Z1Sy<6-?h)Z{eEJ3@2 zvUw%Wcw0jP;HHkRxDQ?mPK^j$UNr*2L&#JEYBX1Iqpl5E=%Ew?ACtt%44vbT!(pRA z1QW1~H+v+nj}50Y_pjXQ2cPkO0!uc9wKD*bIx*X^y`)ubzG6wE#Z7=F8Vxu5=0T-E zBEl3lJiw1;HkkyiB&^~Spn0Pwf^+hS?xg_jeZRd6^@zkVS3<+hA{T$&L9C@3C%QTd z-A#RU7VblX+#rAc=*F57!fLcEN>m(Zx;tN0zPxQB34Lp-Jwe(t^P z5k*@Or0Y|RdEdm{;=9{$T@K&MV>#B48(7PY-EOzvkWXmG3n4(a+VVOW*}VmR%lLyV zFru>xcl%$&kHOhL{1M+hgpsR-&eFKz&-k>Ke@(;L8WirxMvHF-Un|Zt^oiVV*=X0H z$#H-sxm~REW>esFRI_3T(CZ|JbtR$pV+hQkfj^@y6R1L9hlq-8u+*r|Nk%`XXZQX} zfk=+?tgUw15Uv6IcMJ`;B8)_7ulmFK`j2KRmXo#{?vz!v!VxP%2$n*M4fT$oiw%Cs zMsA{9d(D}Vc)j&vKf#;jmgxQgC5^zFiR(?69hX|8Y2oNp>Q=5a2sG+&EcB0|f}Wdn zDOBG!r74R$%YczaLaW()e@N<>&_3<(;DVvZx7L`A^nqheaLs z;k;bo-J!Z^32Jpu_t*t2VR9-O=i5myg8vM?;zqsd05+)q#HvvDO4AJx!`4p+&`na7 znGmXW#00=QHWbBmsS@WhL2zhkXk<;7#mVaT zy?Em5m3}1D;qur`)XVVj3eb2Ady5mKi6{=(b$=BL_q)_Oh97q`Tam?-&5oWoJde5h zlRv)ru{(1ucpl4-=Ffx@pco6so(*|5V{jkh+J?KLw{LN1ER@5}!=AQ~*s!6EX&A-}Q?(aMQ zH|y)LEN!#Jdl)SnsmiD*E$zE&4RSQ#rNhDQNQ?4 z@gEYG_`$o;26g&^L*hau!O)z<$3mcZZX8R8(u5AEyDQqd(2UTW#hAJ065B`CV5Opz&->Gp` z`u zyUir<@*kbicr95Zdy_d z_wtJID%_fNP(fx1)gPEPqCLa^O>)tem6z*ZVvJg3z@lAHWPbe9sU7*SiBVl#Hll#? zSU=^(OAIOshAC*UeFRmXMz8yLiW1muI# zUnx^)J)io5c4_d=&Fv!9iDuc!=!>kvse4|78(k%XK^xKzW3@4XF>B9t^rc(iz?;Kd zw4d+$kVprOeE%QwG}gOddKgi*DGj<@#jN-*Wzy-BZ;lf3mU;1&-Bqp>b*y9F)zT@y z97djfU2QmB72r<(u6Yuq8lve_8m!Up+aTqBC#v_y}0;mL6DIdQ<)KLn)7?@v-i)um$Xaw+|+4HoCcXk03o~B`@pSy z={LcX<>dF!yy51Yu^}UkT)*t7gLIxfi^O^aSR~m%_QI}(P zH9BSRrg;)LJ^cyfQMxr;0Hks|{>ZjM@B-VKj*?lFzMC24A1_vX#iz1UEb6GYu@6a? zFD(iExF1DK!CY7Sl+%{simXQ)mO1QZQZQ3Y;%9F&S~5qey7IsTHDLsQu%)u(JxdFDSnl)o>V)Y6v}0FO(CGyI_rWUi7@ zDhqu+mqh%ca|51cx;Y3l*gqCBq)n{3Up2f;p5%>Es3f2r$NxgDb8)wf(OTLV5xPNJ z;ZJDJ>z!MZon}g5F=EHWogUaJ{Hmc5O~dN)F<B0w7{oA2tX`S;&efoRkS7VCQ<2H-tX$R3Mm#8%X)#kwk_g&%Y3 zxMpsi-b}toIkJkzQxereW)7WG92dET>U4G?J~Apfe)STtE$iKvJYPm=B(;iNGBDtB zYuTwj={g@>)%X^@tCc$U?H74Gb=dcveyscST@0cBudBBV$|G2#b#a2bySoLq;O}W%J?;?;o!1R0PFgtJ zkuBFWyVr6GY#4po`AG|t-zQn5@H>^HNaR8l_|B@<&vP!n$mDh;DCW+Hk_-|xtoWXM3)r6|=`z=Wn?E4%=J3Nes>KY&$L5>m2`E zYz-&!CxrR9W?fyU&&LbZ!A#ak)=E~^FANJUVO_KE`&#r!iM)@8$GOKE!hvuCm>A9* zNR@tJqu?e2TVk8rwCA3s8i0}$V(qFAOkfd2TKe|3_wjn*An`}W6ww)0rar7mBQHwxW)%F5m=9zF-tonhp!iFCiH-`P4ynwxdL7!nq-uN5_k*>W z^JQ96c8CHe8=C<-+HAIwzc9v*;75iKDu2NO@m2TbN`^edYI)*Mp#ju4W>VS(1j<7{ z>1x{HE|hTZ@PSU0(rff^fMhPx@x~Cw6Za>WziZzzx9V~P6WAqUGV3b#L{_w5AWwZRkc*z{w^ z6#{u|UT%)T;T3x=6Ie-_8S_OgNLskU^_&42$J%ZjClkFs=Jm#`F-X5NLGE{X5NV0; z6Qryzsb)C4_p@*74s<_FJx;{~1aXv`+X_%ld!CVBvZuY0213zZ1+LrWT`cu(qDPP5 zg*(BFn68E-}2eGd-8#!eydwk zghry!?{`s$@3=aTyyiG1_Rq)_>K!K6Z>5Y=k|fDT=FQgP$?`hTBMp@ zU~hfGlGSB!z*q!m_h`;hV7`VOv2b8jO8Y}1R+yWDf~(E(Vy2?c5h{O?o_?KAP5giv zrGU#g`iBy+4ODI!lB6$nw28Qxcrxh|feJV%&g*1+C!b%HYLK?d;LqK$2xodL_+C9E zBEbMBp9XDaM~J~V*+p>a4SOO<{5{GW0866gfpL`cXr=ujq%M5JT}n2R^cr6zu0{H~2mk!jP%zVv;D)Sve6xT)NoY zS4W^K?1n3dElQz>%*7Ne_?NLEozDuQF}pSX&&FW#W&8N490h9)xwb|Q9y}TDFgcH# zbp<^@=%$BOzO44Bj~te0+rEi)gf_(Nd!2|X=LD24ca8CZGLm>H{PIze6JmV>!AOr7 z-vVp@ZJ)`PX~irw4XB2%%;o}z8OU`@JAaLGwB*dZ))OxBzGePhjN5lsG34E2x%n0S9Vf!_b5q$x2KsLPsISuE*gV&%iq(=IEFcSZXMy# zRxebnTibNIx-F3r;LM)KGKiTQxWpEI1|`OenOr?i0ZC0$`5m%aR-W;@u^vXg2^?~) zGq0cONqGP|(su9ddcBwprm0mibvTUN7e`VKAEPJMOoczo!czlA^3aadxK#7d1Ni%Z zT|t^nDH|bw1lfv}=2+WeW0k+ucTFrY4`ujumRiR5-psw<6>;0Fw=}b@;2N>NWF6<_ z%AkxnB{HAj0@ujg%`=ZY5YAx5jK}%ZrMBYRawcE7n%_61 zVx&Wj{@a`#V)s3TPB8+vCYy*3EA!S*y;1TllINKCzc(Me6Eg@%1ZCR5DQ~ zb%&{nAmi#aQ zyyB-ZS7rk9UIk?E>FagAYnnE&l3*c-xqvC;a^Ga;R{hIMu0Aj!lg@oO?bV+=^C|FW zw=?tbAe^?RIX3cWC4Qc8!aoEQ!&YJM^T%EmQqzq&N5&SGEn8=&KrT=CGgmpoKWh%B ztW`;sw)QmLEwl@PQ_8WidpA>=3Q!`(C*Z{2k#ZeTf5Wyy@wlqIj1Prd)O9U2ORc-z z9IC3;H{avIM|mhKR-E(|2_oD0dT>#yKL?u0TBaU!y)$bR^mLxJ=+Nf>Qq;bgGM?+B zZH(FIY*{OEq2(=+<_1IL;tDiAi@HB~;Y>Aa=Rdr#pv#uV|Fzl9HyftG&1%{Sm7AP_Wxx7A zynuAkSOY(R-Ebo*;uQ0(g1r|%tZZ^@-Fz4*5c=VMbm3`by+D<)*!YMjD zltBmp9iRX18QI>pcvRG0!<}w=vYzB3R<88#czX(WQ8!&J z0%gyNFPq^$`~wq##vqncCEMl{vjOE+ZB>25_11H|5i-7_vVJ#FjpG4GhLUA?$x9 z)oEEbuBG#?!n^i&sJuS^bG$z#JH;zMU?M?y-8YW?i$bB#s;=L;;l?MUL}8>q+1YXE ztnm{V6m`viJr9x0krndR9iGhPu`VGf4X_Vcv{a&&j+bsZaNo%Y4fyDmT@BkfAbVh~ z0wk@vX<7TXW|EA1V0$=E{-kX6gKAS4Qy8o~YTFI-T%VHNZt}YF=$+dD3`JKJ-#-!Z z?plA9-`5EXviZX$ayiff-k^FJd$kFtw}vs{40#JCk#s6ZmDvcQZivXv6Z`YdF3zL( z6V|x)< zRq^e+8)1!_ucuc2Ah$}B#GkONr*X?*VmoNafzn97KFs=V?^^s0)m#KUld5O32GICg zhU&r|Uy`y%YJ@fv|AyrRjAk1A;)mPdjg#DMFZ?&lLKn2qF=eEw z1^vTs#|Q|s7OJ)7FWbA z@8l6wm1b|L2_ zvAUq;9HI8J)>wKv|E2b<>^=7*pCG36Ql~B?*;zI`Vn##+B65@10G?1OiE}N_8QW&h zcJ}e^$Sk4sLWAbm)IuOPb;Um7?QAXmE90bEcS2FN1eb_o&?{&}vhB?U=Dp_fbs-Tk ziu8?x^)-7dbNi#KXfNB5%H-p@m3bDjkqhT zLZ^dy%3R9NcD5+VRFD*{;Q++Pck0EbWH!w7WQjwis>fljFJFZbr?npd+Y#>W(*vP1 z(4B){#FZ|i%tmJ9M?sta^QbTE;}VNINk`j7PdQ-s{`3L%A2k!cYB@Zu2nh_#nK1$R z5EuBKush=J?-BIzE0Bi2WnncoHdWV8%*q%eQX7E~1jj^&Y9+?M{Qh?;F(5DG)crGf zL(ru<+-l^)*XuzbZ2@@G-D%Z^$yhA4LN?@Jl!~`=e29C{rkA9u>B`W zmJJQ+()+`G_Qy%J*SI1%qUwti1IpylDl;I{hYcD&ME3N49dwzX4TI$WX97b^yxe38 zA%H@T@Ciw@y2hBPq@W$myh}@Oz4o58!Qq(->1i@H2;1#L#Tazu4wG0R#J+8TDM1L8 zY_LFd)qM)gxBgF+r^Or0+86$d^L@a8FY*b|&hj*wN{sa6G}&y7^!iaO@%pHbD{w^$ z_3d}VuaQ3(%h63O#ZsXhzJWctSv(6yhW_@LJ#WiRj{L;161zjANnFoim-NnbtZFDvGNqgX5X|$Y z+r#`c9p#ZD}J)lRsiUTHGfaFfp}zM)_bgqfcfU`OCx8=e zAbOXAv18+QEF4zw$!$-m^iZ*NA2wkcE5IAfNa3ot{}Yk)SsiaV+t5I_y)|vS>Y5@v zQ{^V3D2F|UUtM603WcCVX0^V}ppbX>M^p~1zTvJfNb=+@VE7deH|LZBs23>Ifea>l z$hFR_+^i0t8c!gJ8omppfR_gsVskgMGQUb}NVU~ewb)r_(K+FQf>3}P+|vss<_DjJ z1;1cW+B&;#XC;Yv+m0y6=*ff?qIM4An1Ju=GhIdw?Qq+5W@QKC0Yn6)QwIg~$o|93$yqLRJVy`Q)QKM6BnvXEWm zHdo>NU*DtfgpgB8uK%@>jOt5?H;ixK`tPBRexDR@g6h3xT-auyXJDndS|=fRX*ZDa z&_~U@r0S!OGdVY06^Vx;#$Lw7|5)N?McCpk%2|CT#_LwYw+&MUD6V2fJ5f(tX5sIp z|Mt2Ld?}E>g*Rl7GUklWQPD}J60ud2CabY+E}G^HjHQ%JEL@wR6#dm9+)%pYhF)_& zuRxrlbQvPcOuyL29ikpc+KN95az&9R=Sh;{6PWS!r|iked(oyhj_t=r!o97{}TH7 zG%B^^^5oqF_3cAt7bH*}P;i=<626Ktd^RHNF_5b0K7i>^1PQd?S8bOsq2uOGqk}%7 zayZ9}3TrqCugtRCklezu6(Ek_fb6YD@hANP)-ne+|FFa@@o(BR@XP||eyKF}{!p-k z`e5bqw(y`*$Xi-QvYkpo5&f$28oZ{vn}K0Q8pT6pn#Q_?u1571yp^1AIgjVnXd)KZ zUdpiXMqpt<2vUFB)?=pfKlqq#v6Bey4sz&i_iIJfrw-8IyjP2*7BqxnjxP=A?PD4l z#tYL^FYEzVZ#Up!M5utNc*Q4oN&`z)g8?U_Yamr+jAydlcD z%kweS3WxaH3R4;D?Jt466lKQ`GrB~Rp2rIVSpW0CTCH^4%wYz8Mv!|ToKvW|0> z{)J$XgU8*QNyPOwFz4}P+cPr%u^A3&OOP6_SLrNgoO>u!7Cr$<^xL)u3i2KxDlbun z;|YW|S`c%y56T_qkeP8*NyyLH^wVbfwqzkwKw)DtQ|jA-;fiqzVFIc{MxSI$Dr*V? z`n}5&7ul+n46{9X>9!ayb0|Fv2j`Bp3@*!FFii*zrgm$rh0(;j%?R&zzlt4K_JIWM z5YT`fA-=j{?x>&L=pibuO9b!oeZ#j!=>Sz(r5vDaTq5ifBU<(uEu4E%5<^UiW2x@|gM6eLxAC-k} z8(P0Wd_eY;66@B_Jh$Ocza+lsm_N1<_hrIA1_w@Z8T zDa&#ZwXMFpAgM(Vt}FjVe+OOe1r@aeA@+&{4weEW2XD|&7r>qOHt2W%X%K!#ZrjyCAonC4;1uLTS zksZ8(&w2?q_9hN|`{0dt)H#CI1;cJ!N}7{?hv&_&UxbX`o}g1t<9HUe(9fKd7tldR zVmq^}qLA5cPUv_=)nxr8RCES>V>4s!i=If0avKY0B?sJuE9%G!hN{ua^ zxy2?8WI{}>G`yAgFM%PpVeKx(R?EJY)_9nIh=$HKX0dLO_asl_xPMRPYDZ`8;pdk$ zvd6fd)({sJ$Wa67;utM#*T({eF=2uGO_IOR7?Bi%Cx~N`xHxGrD|xA2|4AFn`EYI9 zA&2-zLoyV;>)MIKlcA zfmDIi{Q!+;?ZrUWErpR`|52eDnIIxxe;@t>w_L4bJ3bNML(rjK?kzy&jaR9xVW2I( z-N}jcB}jO@^?zYx`XYseB}wvNm*qjhq(bXZ##X13`cT7bTh!KVqZC-}Hp`_S0+E2mqojwkRI_3_vv z5b_+Gw59J$AJMNZK{y)5Ey_uF$AmaXf%%8_f4E?PJKGLD8^s+kyn$%52x#gb*@4fr zdVG_6&KZwH6#E_Tk_XEvqbq4R3NJiZH=Is=F5LPcMI?0Z1T4&i#-*(gB2mKex!FZ7 zg2=vAAGb`w+%EE|!fPgU z_EcD*coizaa&}dwat0oQ*S=4i=Gad%qmB#Mn>yMV-A+?nJQB&CSthEs;dj8cslu=* zHx;%pg||hnUCg-WQYc+Env2hO=CqP;X~Er%BAgBR-oqc%Vt^>+Qn@YWfK~x=@=rdt zZ7TD)xOL|_;T%zM_`>&wG1{uqVzTjjr6QNJ-KZ{G<(?AuT_@WS4GY6I4{X)gf}jh) zt+mN_k;b@Je~d7>S7p%@^fTgq(i`Gm#Ma`IShu|jwQHlQxwRrCsqi(JK(TQF(=;LD zJb^*WSOL%8y*XA~vFjy+l0fAP4ES15gQ2dE|G2<+%E9ryC+GpSkwi$Aymw#1Rul1B zR1vSfUZ8tIxd&&JF-1ZH13Rz=Tf70lPUhW%tL=C6kM>3o`L*>A(kx`?uUh>qQ6~b| zah0ttv=aC7862uKeJgM)6DJ;Xa_o1>8tKN{%$$D-55)sQ*#S!cv>7~`8rG{(ZJvw9w1avDNq>MBCgI*-$RA<%PTmA+J$AHXR zk9boo-8$%L%8!EUy2PQ6Z5G14W0r1Wgq+^MiEGh`I`srxr;l%_DsSp)Nk`ZvRuU5joRu<9lTNC`=jKBw@udIUHM=4F*sm9+U*{IGGmxh z@zMNRexUpDB^RiF<&TSjPrq4H%&Y!D`VY+2-NC}bQ#=M-9KwTv;V>njz2E`54treK z{)R>$VzEb)L64DaX`+;ac9B!=v+}jm5ll3F%gJQp2{Je@TaVIBdwSn+60rSb%=~wE zc3Mdy{&v5#>HYRAZCChHRW2TSPe7;^R{A*#}@!f{KNY4O0tcNnMWg2~7YM5WO{S*&r#q2BZiUpb_{2Q6AGPG4?HUgqSF8{02v zc`O{xl6zntMK-IbE71a%h_2*BbbEBzeH8s+V0yw$;lGGN5|YRIr+w3yc>7n5=-Ba&=$NcHjUT6jJ91C z?Jr@X@bY&Pg54Ck`)_Cos{FQHyftaxQ_ z?JEv-%RDRFisyWlh>V6w!I^wE{o`i$*l#V#e3inqIB^8HNg;6TtCEbOXH<2P9K8DJ zPnHn=i(K5WKmC{)#|+=6x#^nDy?Al|_tyUmGJ8AX@Txh;|EH?LNg!zJ`4lX0aIK+9 zI~us=#Frx#By-{tj<#nK6gHPk6J}+<{B65Kn9;?Fr935UW+F>8F(6EhOEwHsk4>O> zM#U>CwE__khrpq6$M;lEJsYWHA&pO*PW=@x6LX&c%|hz%yBw93JQY0_a#g`dxmeF- zoYbLUR+K)<@d84!;D82|iZGG3nU8KFBVp`wS5<^|f?x|2`3wg424@QL$&@WoQ`9uC zL4=QkJj|Jq-Oa@2ql%)8qqrl#d$SpJ8pq)$kiBFYMz;t+JRl9@r4s$aq%>;Xms)?IpT$8k|OQNs!vdE z^o4)|vQC(~Y;r239Z_gH1?2!D8jE&NU9y4fxyzgyZm=^2JELQAT<`KVc#x3~rM74?NI&qC7@&M!cx>F;zq#=b^9+273b}e6@<$ zn#zNElose5$=X;Le!@*e{xeZo7z?EVQU};F-qMW2f;*Lx@b9Zv$Ap)XOKM=r@mC*} zi##%8CR!9NA`Igl;gYiAPruGFRxc8bvW&9AaB9r0WF>x%X`+U1A-OPXinY1W7)jOX zl|?YmLFg5n|IJ*Y9E_a@Y3>>&jv>%skeNDQkcXimGvn=6+8FSe0uBKqo9M{}uL`jD zT_Ku=oV|>x995-5FbhauZ#nb_y}Amf^$EMxa_4Nd0B27V=UXcm^RmOs`?`Q9CbZj8LmH z2;pppB)7a8T}{)>85D?=wYdxAN!s1S=yE z80EvRg&S?d1`ks}7In;Mtg$zOTmv{@#4C>E zB%1ehB+-j^C?1{%A%0bAVRu$va>8XIaNDq6QPH`1Ui9L2V=|FyKYMA}{;Lv4Ox&9qm z$dAQcM&N6WEDinoKT$dujRE;P5s8>mXbLAHCF!2zWTYOQR~xqYLyO7+n@DcRY{w;2LVtDuhwaWLh%fY>}*QyiBwPriQc}&|VW6So1a_ z1Cfk5ESOnk&WxFXF1Gm+Go!+hEO|2!avb3h9=!9r($MCpJaSKjbbz!eRaA{gt#;2F zRG}PXAx499O9;}cr|%FJhq=x~V=go5vr>&F+(e_P#L#?49?U+}uG1rNUIY($a7k<5 zi;UT_vI|)$gk?`GV?U8IsnFm9b{%<|Nf2(p*RXk~J&aZ9B-DrOk>H`DaFtjDkrQz$ z&Ze@G67Im4@cEow9e~j~fzee4W2o)%VRp_DEq7fupYWR-OC`^2Bie4wU`oNST_}@| zP(G#v#iw$Ov{B#d-;9c$jztyvqIQ<2L6BJ#;zL`Mb+HgG3erE7{KFcfTr?Md)sUIU z%+Da#SwhGqq5{z`+2?dCV&N7J7~i%=gXf;+Sz+mrm%ba2mkrQ-=T&|hCZs$q$>~Hh zag52rU~yVXPB?@cZ{xTg@c-)abmly@zWdB%S?aV;F>t}RG)~m;@5-MSuL=(NQO{ke zKRCYrz+SQy93_F5PP82t$v)EatYe z9cRh6T0p1T!$ZK{{@=pCyw=XMe~wJ~#fJ4|F9Po^tyn(tQK`$udok90=TV!RLWIKu z#^<9xH>}h#rl+h$Ak$~oq8QUdR*R6@_E5JCru2oQ^4sBIW8Y0?>`Y&BeFthqZC4Pcr&hWb4)Wd~xtfy|}DUwf1AZ)4{g zTbC8rn_Fj9TbV;U&48G`*l)O;lD{YDA*n>%l30fH+-_X2lLV@d-NI(nAGhYFchiLd)+KeOPluX zp$4e^0>rFhUbhzM`&hm+l^e0PgVGS1O|okjA-?5*=Qw2`;LFAT=q$$)L$sDMZzjz- zt$2H0RYJz#i=r!VIi7Htg&y-1id^=D)kFk+8nS>zf}d=6x~DYHuS`|8j3wW;`mj$aEC*!sx!t*@V_+|G}d{h_e^(d0F1JL^?GE-dliL) z!Pf-qH)HW+&&6+^c4+EJ^{@2iDRe%D^?^9hmgmFdnYlMJWhchh@U;WJ)+4{Y=)d_@ z{T-S0_-+Y3eLMQN^qxOMSoKCSWUJ3U6nTcAw#S${=JPyRzV%-b4QkBEBB!~L5}X|z z_)|axAu$+ha%`*%Ibb)PE>F{ECKJ1yv$7OZhcmt6o~{%VbN2^BCcM3Q3R@~{)U(-Q zp~4KB=YnAG!RA37XnXF72pZ!Y^MT8e;a1(B#>OoFw;6ktDwD9eIL~t2c0w=BCpyv|u zLYTFKNxKh)E-J2<;l9=7J(Sqm@x?Y{U7J!iS)<5IRYQ}+dS2I(nY3zu`DRqhTT;TI ziecWUoh;W&6ZM1}$f-ldsqN3k_q?ymNbIvDp^56NLw-!nKT|!sEt4FmBzC<5@Z2a* zhLe!~i?k-u;Gy*D9HAaoK5wY2$>kc+T!9MwpdNrM5!kK#y0VL=B{g$w8aIK0fAbq_ zOFeMCgOk6^Dp8Cp5lJM*P8!$TZYKT#_t8;@YtVwMyepu`+?eE!_={oNnUZu2(+1Lq zaZ`Hwg&?9PjeF75l;vw~+qJ&33P@){N}T9DD@*j^?`_2E=?)by-dkjEKQnFSk&CV- zjvVV~I8p7)jQVhCRFG#5zj%gH4zNL-?lQR*-k~|&U!SxvSy52EmCr6!&e}!u592>z z-8@DEJ_d#Gepr^QTnz@cZw8-|%?Pdtk=~T@ml2$q@W1uW5MW@wpZ-(y&voX17iVh< zFB3TBe~U&_jG4f(A*4D|yqLf#2>(}G_kaAV|GP)KJEesQTmS-YBISVzoSg9gcDDYn z=hSox2lHo-|B1N&_gK&CDbCEFV@;i=)G&k7Q2y`l02mnB{|5SOEnNS`X^5ms;l zqW^Er1P24d`2Y1heFaNlX952P`Sb>s;>rRp2Fd*ameR%oE(jqDnevYXoF6h66FjAs z2plU#o)w%Pf*L!;lNFru|14oCxvbz=5YxCREv(=a|9x{(wpc%(OEN*qBkSi(tBF%M X*}#P$9!WprR>4_e-pD^E0QUa??UUL$ delta 63637 zcmXuJV|buF8?9a2w%tx`cZ#WP+qUo8wlTGB&D6%!wr#iH^X|RBzxk6h>sYyxtX%nX z5Y_t-^|a6ct|(RVR~raOo-sTKDhLROhl8^zlc|G=o1K}xE2F2K?SwiZKXw58f&EhN5nAG!Kgf-gp2CU%3MI&w14G!;EM`D`wcIM{DDffHyy0f~ug zsLj7l2TOh_CD(X?EX*IVvtk%N&~!l@;+zsJU>TS0oNqDz*yBy`+DO|8hTa@Efb4=J zeh=O)<)$r(AAM@8E@%9NA~uvaPLu~gUk&SHAPZHN?*h-vGvPAZ8fOJ6>NY~+AK4Y~ z2LmwEH&lNPY$KkbnKPN0QiINU1hq(^FDiM%^-IRnX_Eh%2l>fcj4<30&_?}nyXtS zQVGUJ>GmXCh?BQ?=zw(nw{JLu=ym~i3$0x%3*rW`)>}Dt&+ch0`pW_Cz_n)aGXB!& z0~@7FUPTA_K%oON#mF{LwlBnp6xmh;UQl;-Wx0HxJ=*UR=(J z+nsF3^8M7#bv}#>Kb3AAb}bV*FQ2LdnrcPHlYj}orx;E>4$Fm0ibKCfgxGu{F=4S2 znA4Nk)vr>~HSoYuXHQ^}rfHdtFAz(>I$W-lRkkyvK4A#KtL$?bIWc(SER?50B@%(H zh@Q2#+7s7033MbXfKraifqOUt#xWL!GpEq<^>W>02HClkZ+w;s_`HGn?pMcc3L+MZuO)_k_xXI^Z8NmWelS|E$Q1ZTet>QC z;=bap($FJI^RY=P&Pz*#qsK-EMlcYPIyIb!RQJ>P;WW=|9lw(vEdEr2LVYI84tcJ{ zE79v~Xlj0!2@Ozd_Hr^swQ0XL<6HT#e)z~@LFGHqu>ORR5a8->5xP3T+BN=r6AYKw zP@g~(8(bCg-fu zH2p%Z7?38f4O4eExo*U-!oicw#mQ-%!&T1aZsiS`y~r82JyEcmLRxSerDwfODbI?b zABvHI$iVt)A^{uy*awF)#v9jB{f7%UqOAnN zIC$a<2ve2Ughr_TW}xS=8EHL$NA};iS>M4DPnHiGxe;&v=GcCY!d~+J=Ck9184cj^ zwwo%=57}G-R{{$o++X>E_OC5O>+I=LP?~GyRY23)-V)t&JPJX!hY|C`0r-ps`_nZ4;TumbF@P zx8{5Wu8;cjwl~u{AuUjvna*3zIO?#>w7%=U%?iJwKgd62Ot1Lv^?SX%VqYs4+MLd# zD%hfY5|hJYhtzf%+jj6e{$AwK4-lvTbsRERqG{MU72MYhVcsknXZvH#ytF%6%_ZY6 zy6`$gT<~H#km)X3Q!^7o6IIc-p#o3!o{Q)D8%)@bi581KHQ`O?o%7Yro>pu0hp|_f zjMnKxp)|3J)m8QtX_sNg-oZMS=UHa)yk?r`X+b`rI^~_*>ZP$}GHD&Hq3deEl0j#B zITL5qWRfRRXtRsU!8Jcd|viFO~Og8lI{c$v4~F9ye%#rbtY4KAcLW+Jf{UX7Ho@aAg zs$B4H<1y*2zrtTy6-dsGW%6w?i;a>hmYzBK*R82lTOszp=J z;ck`*`sJ;0TcE3H!M{!eWwOxz{PF1`%t=q(hCVoaBj_@+L%R*JBlJyZ1b*F`vycNosEUcX6TL! zX2+Fj3Xfb40rsoOqj43Wds}%* zSXJnIw}5NYGD58?+$fATmx|xg@_IkJ&_TvfuCt2^FyU$8dkqGRnA#ZerG6FEsLIH_ zyYp0G45~Y{W{^7+$A>9f*<#;GHw4<4Kc6jKKDw>rZlanuENh*f@zPZ3omW;u_cvbY zJ5=c7@VN5iAa*EV#krfVma3V7ToMPC+@PoarJb#eZU;}C`vMTh7K?YqdUf=7U@1)Si+n{8cdcVmfB$Kv zy<8EZ)DG))nEZILx^zyPY8`JA@rWuNIO;h+A?qs9&cO=4`eT!?x0xpbxg4bZbhnl* zmCi~hG|5;quBog0ChBU|ieGPq9F6?9JjV`!;i*!Kjcx$&{;F0_gTLG$!#}Q4pLF3k z&||dt@|!?(PPOVwxu;Hk|4Z3TgvUMlyz3hy;x)bEQHR^L6cpMNV7DJyxtnd>(sOe@>rl}&!AC|RZK9m% zq%4ZgbTtmtbdANJM%z#6MtvNn(V4GbRF~$GjuFFog#K32Sd8Xnt@QTDR3RDVDfyI~x$tV7WWgDskbg+GxdZ`|Mt6 zpWeK$@3cj2NENvioQ0tJBQnwJrFfR?)W+s`>pa?11k) z3?)ByQmm@C_@Jy(;P6}F>gxX2sm8G+KGpQc8h4675uwCSt9r}lUb-#?JblQxBi-Q^ z8Ru`+9fC!hs@*kDZsn8Fsq^IYDW;5@wHf_Xix#%?MA!P#!X#*4BKF~r#W2O3s@HX` zp2luK(>fT*#p~F{7M4Bc%2RpzIOa4|wHqnLyr5x!8sd+AL@sCAz$Bdv2k3T}e~YE*;wWHsfj5g>-s= zjIxZfB^ON=M!UE>w}}-pQgJ1Pm63wL*ZT3qV7YRgL^`}O2eBmd%0jM?ILV=N9b4xu zpNvsw30_)&pX&2^gkB|s)o=a_?x9t^edpE^?TN@|g=G&ReUC4=A9iwHGLMYZzd3JF zIh;QJrXbsxA387q(<)_((pX|~${8M!2@?{zyTp+T!1Yxmd(G6e1s@Xsmo7-?!# zr@Fp}%>eTH54YwJc99Y)A*bDl^uw7`cOn#dkw*XAf_y=iI2r^4`6X1PmL8_3)~*NG zBG^PU0x!2>&$}m1`4J1#Z)U8QDB(vx3qs?Pt=>~V|q}}sR*j8l4~??~BiXLODcRX=~C z54nB&f6X?K%@2@zuwIx>U`3Z?Fv4mWnC+QK@Tkr3k=HRKH2ha#zF))9yn@xvGOEMAN?$CJsHz z5)a(BP9=~*M#C?n^G+FKrpO_e32RT;sxg$$<}%Cha%JEQ8ew5-qR@}%BoFaCMW3oJ2R+*k->!^xw$D*T49MgS2m z>v@eay$~I{kFGLSe&7Q^jhe|SDXxrZ{6}j5M|=Gb4ld)nB{*9X@X=3ts+%7SJH?T| zQ5eI?RN#1uZoL4Ackb?B&Z=oBhtiDPv{cF!u+HrRO}MQgkyNkv;sGzMt+~v?A*4*- zdf^L31vNJ{GoG`}-f(n znjisQOZLTELuK9ocH-8gt6rz@?Z75HQdL&zu2_z5olnELSn<^mZ5KBEepMI=@1Q=Y zlm<5{b+sfl9%=$~2FJjmv5Oy+Ye(z`grcDZ zN~lR%tI}9-{ox)jcZ4aIli3ab;bxP@a>d1dGjPMptUlv5DM9-yP>xelpgA{(d3N zd-_DFjk=a<2_ia!@J0>xk2DQ3I;r$$C|ypjFz*g&8v6W0g&EIM;|P-957UAh9^H z=obTwGx&N$p^|Y9kJa*?4CmoK0ue*}s&k~l7ezsBeYj{9%T4Ex7r##mP+Lol^e~7o zRgEw(;R}g;ew7{57n$U9Jy=H%{3IkJjq%D07ng z?S4Wvu6?r$1#^Qo?2ATH0s4lK(47w&MaBhuS1Ys ze>imyON>BUS`{)jB~LIy1Rb(hsjqg)DZPMlQHgez#wsDg`MdD#7!1}>d~SQv*t=EW z2=?zab~*d!Zf;?LPMi_3A-X136xj@wDWR0`ky%c}SQ+Q;N&|F!KskM6i61b#5-bkT zh4BhR32q6;foskWxUpB1aLYXwX#4MIU7k8b2C(qgO=$XxAp8Rz#l{a9WO1Ec6AwjK zWuV3qF&vG|!aKiru(LiH>6H?aP}NFPLa*9k835zR^E>jxxZH=GSIK!;pP8oE=SKPo z8+y;eGAyFBXR0QN`^>%%f=Z%46nP6UC{rdv-d(Y~jJM}93n@7{n-cFwpa+yPPhR=Q zr8x0TQ<$TMjTP%KM2pLLZ^^w}MS!Etim?>#CrnlfBNuV&4AbKME4fT-PRD6`e<2>> z=GCfe@a?Z8BZ23YCphq?*sqUS_;KFHynkc`))p_h69x+ANF9jpsRPCZA%+S_lR?_? z2jZuV!9;U!Hrrii{fVV)yuaq6a6JFDI$&HE%?~md4aA*9cdX<1=SE$AI=3|tpfSg5 zaZYVw1y9a*tgHJa9NEjbw3T$Me;sVtWf&D84SCFL4$m*xHXPWAJ%9Djm^%bNIOq0W zT4eOaei%sJxAkxU_$~8RU#$Q;pp(^isW7!&T7R!x^}Y6C=fP8+5?%! z^xWjWEwhwq*Q?BdOZI58^|eXD$k7cdOr^)lP=uB-8wpPzPaIs0mvH64&}i-%p6j^< zTC~cvs-@Fm&@{TEBg4{PjuFz&Xsaho)v=97z@$@oxo zsdUnD_aNa8A&OOT5E*E}_mMUq!)Q*Sv7J7X28zsP89baJ50jK_8a#W;c)3PSOzeH^ zmhRnqBvGyr+1gfYP0sb}f*H}J-&HSmo8V9`L!g&B+=vNi5(2YHjVDIhs4-`nj&O3N zg}O!3ttBUq)1%xrU@aW@&|+-t;mA6b(}Xl5_ibMG(*z0&+RwXZaUhk8BLjHNvfx3b z25s$s&7Qq^YZx^>TNLTr$8$DyA-TjJb>AcymUXE|9&$cJffc*XxY=_gTv)B~M(r`P zcX2mE*kup>I^b0i0j`oX{UC|6rxF!4Kel_xQMI?+a)^kUll${G^;4^=)PDY4h4uAO zb@Kj6D1r8H*?pUpF~hcD@DC|%(AF7K(AH@7j@=hVE?T5nzaFNhRnAI|`|d_v zPFyCw^EAAs^Vh~7#=AuNX0YBe9!>NOyfbR8s<#`~YQPl!5s~O=ASSi@<6fb)F2}p< zZQj%rWG}Z(d`3S^+-~;)2L6=ML_hXW13hFg^rA@eyYl^HmwnadPn7vO1k3TKLDH{@ z61MK^^5==h_3%+*_w;sMm)!SLKL`GfW&AtwHXj$x)6|}^mGemS&q>q4vjMll;Izr= zZk&-bZ6K^tm&U;Gv{t3n>{i<8>WHJkzH)J*)JcGGIv9;FOXfNH{YlNHSeM54vXMLW z(n~>DqbFA|@^C1bL4r)0gIa1~QVP7nu>5eMAGgP_ik(F((ckZ*44RIGYf>-S#9k!! z{J`GWv!|x6Da}fnRaCd5AED7WT3>e_!D)OS0dQi|?rm+-sa)7=Ws>%(kdL-zt5b<4 z(?j_qWxbM<+ed4+w`Ol!VgFy2#I<-jUcf6=mM;n$-Y2_$O?L6r^IRLFTJ!JX*dKz%fS+nS z;=uY|8C1=SmFgYFCE+*{rSXYap8e;dCZQgtw`X>KE=Q2vK60Xa(+7?$QIdn zb2M3aQ^|ohYh9u_UH=;9D>Kn$#nQjzzU;8CzlL-%=WQq(Xll*(e`9%ltete~lh2lY z4hLh&%EOtx`~#+~X1KwG*BoiOA+?`22iX4PUfIx>*q^xMAndiT`^`BIzA?}dT^^S` z@x>0qr140a^mA2i&PZY=WJs?~lq<3pM7beonj}befmrF6Ej3PF#y>RNv}x;0G9pl1 zCz#7=!9G9fa|N-F$f<1t>gwGki+NH-_AbodYGyO+VY@niw=35(|209es=9bzi2ydb z93txN%;bg$vH>UVxGr7itML%%^lbE&zAVhS6tb-#E4Fdtx|;sN)#qFK{?D=RW$pCD z_1szJ(iqWu(h2U-UhZZFXhXW~30xif`H@jY-WS_zeek!%VuQs9t>cHN2zj|W$0$aan1l_nKvXbg&8)pW z{IgVzyio}Tzjl zxXixCPplY;YX37Lf0c~o$xO3p19+Fwko}6}ARchs0?PSUGOc6E%x!^AmeAL>zz$aC zoZid|gE_=AEpOPy7Kg~%R;U`v6PmQ~1RL@`3{w1MwW;|%%Xs-;l|cwojngjjwX z!$`NzMy3Li#}5)eq~#grHhlMa%0^#!@=LWJoe=&=AB(+O@o$>_@C!Rhgil(%r4-{c6;yjObNLnIeCju zBL;P?BaT1g*Y1G1S7G0PvLr>0uEP-Gmra$o;uW~VcU7_jK?nk307F99o&GaI`803g z?=9XeC21mmVk+f7{+liR!~Ld$c{Q=J4$bM7XRWtiJ99j7l~rEdt12GK8Z z8s9=v;C5IH725#~FKR<*2uORCsp9q*ed!X@82y&SpD|BcIVinedg^YV)aHnqF&yFt zTkDhxx1ZuSpX0GVVI&CsrSWZfauW-aaxlTkz&bm9PDKA_Y=M(r;N}{lsdC-0DvJowV{c8~D5*IF{TvO_HjV$~=vSyf2!V+HT1*$@Nt6Pn@An zZ?Mth0l1-n@sd*(`<#QtWLXG$jqKHK{VU$}7_<&7LZ937($nLsswPxw z^HmSgr_!Q;4Z0N||(Hv5F}AUf?1aU9KR7e{4Q0($n~5@vKK?H*^4cJVzqT|wbZ|b#RR0J0V>i6y%J*!V_;?yVsr+Zo3U`=i z1fZ$4sit1R_pNosKXQt;G@!@eq-8-Vhtgt)7qpQ4CgJ?GzUdYAq5`+Ozz7prMeah7 zA4l6q3G?4NPe*z;HB2STqu`23yvNeLeDLz?8X{@7aKp=Pz50i3s(+6vli{T_KIg7X zke;1UD7eb6zUyD4QmCQ64m$FhUHkmk|3EZ~6Xq0|(nB1eFEW%h*ozV&z4|Ww#40HQ zHc*l`FjAi$4&z9&*h4(5FEy`qm4Kr^zO}y!UqDlj2aH0^ru2+7VZ%wPP+TTF?$Y`g z7_E7dNRdpYCN@5UyVi}$#88!8eBwMcCaB#M=^kjRnCBjy__@LumCm{k=T3mG>^1M;}VFfg=+xJ!BzY4V-g_zqu@!|~f#ZMz? zemP3M5ir~YMLDvv!Pn7d0VssD-BxK)UU7w5!$|XSUGZgWx8>7pYew1m3rQr&9;{9r zuFaiZM?zq?LQvbn7!ateu6rb54q+mlaEqIm9r-a1^!!(R{6$?Tf)fLaN%Ib&zF_tl zv}hwL=dUB>$;`AoXy`T-AkZvDFuNC~K&8CATy85sf*%h`X4riw*iHUSXDLO#-dM6pYU{ppQ!=hs<8AlAdeC;sE8PjJP z!_;_`y!#QpNR)_Fll*8PRj`v+c;l*NIT7-K^zc$9DC+_T3f5`46RPROod-p( zu!(jOqDHl6FF{73$*MS|m~mdktW`tuNPtxOg<#%U((^neKvOhTU3==<|Jd#3appGZ zrxbq7JT5BS`7+OvwE$UGSWxaCYqP2fUWWHFz|KrAi4w`ok{e>0I%2JfH~(h@(k>u? zRFo^RHyP?n-P>L0Y^4srS!rW#r4_-NL%j=Xi(C=?`&w&B5@FB~|K^1~(YH1(=#R+h z{c?8!cr%nbV2VpWHgJxchKZpj7vfDCw6{C*^HMPH&F*@!>Vheu0vGfUZ@2YObM9cy zWR;h{@_`@?bug=5FE)YK^Bk_EcKy2Qj$XHILB6{#S1}Qaw7A!CQocSyoFJ*~?Hkh_ z%&EKD_Nv%@Z}Vc%Wz?rOUQnkR_-g@~od`1F+bg0BNEIHMHtq^q&a|*~vNT>Citt$} zWV}NEO6n8F{`59Il&{BEuaZV$8Bt(t5Xubewu=0ul^Js3mKKN&KKG0$`zsmr=S+I< z1a%F9Vr-qNI8Wlts#~oZC}i5Px~S`v|MSa8o6Dlq0usM(|FwQ^3@55BqYM3(@ypPq z&G|MC$o>Pz)Yo08Y9_Bfdu%oH$%#7FNCU_0w1x|%iJE%jIfGLh#~&AcOnDQhwB}&; z`Xqz=Ovwo+lV|m^+YRhw$_wET^kiBoD86>M=Sz~jhHB@%NNl(F%eh_7E%F>RGf=?c z+>QByR3ovF)2^FPsOb5?kp=dJ)T&MWskdzcvbDS}6&x<5-7cwl?sOEm?yIN&;gVSQ zsaX)Z7GN1;Lj4hQrjBq^KWN#^h@=y_QKhhqpI-ChkIn4Xsrv%U&J0ds@orB2czu2E zVSBsnhX|RcJ>52q?=8MV!G*OlvgEkBf$8jrUAww1sJP=sJp@%bOr(pCKcWW$?*5Pg zhAh}bYq;^Uumsej(t8P|s$Mx^cfu8SlBpxV?$x-3y@WGISW(aQ4*!A^RrPZ!Ceg*K zC==OM@+%+S&iM))+~^iZWs!yZAbX@hPoUJ?l~zMZnii&9d3Y-X+!~O{>#*@%S(@_d znfQ=sOc7-2(KC#y+79qAy1r|Ny8n~~yn^HSa@F}g3YMEjQ?%p<5_i6-{0Bsl-h;a< z>4fDWe6{4jgrn?6{Hv$@yY6HJ%F1HL8ev7HAeJhE<`KmYIqdg`f z^IM`%YkJ}0>lr*@D5A3*73+d5T8%}~%g+Pe-FiYnqykk3De{NMyIA36X`gI4tB4`H z*LtvlC^Uejf}c0{`hDT&6Ti;gdaQwZ1s1JWz&FJ;#3u}nAteW$>>8wM4)v~4(5|Z1 z>!iieO260<`-<@lUnkiyjwS;zPRu0PQN_B;PBePH@G0cEyi9@JcC^e-QNg`^(me3} z%h_3G`f1s^aGQ5~!zqc49s);{o#KiA$UaA4UBAfE306em#mmPm*6scW{FcSz1s7T3 zSq1;ro6*4Ft4^GRsb|lONf1J+4$pHRkZHm zvvw^KvE)HZdVM8bXZ-SuLPq^PUtDNd;q}pxcY-=QpIN0XSijb}I3ck2d_UMlyXGYvySlQwNNgOn4I2@O%T|$g z78CE?Sb?sXUEJaj_zU2&^X4_5knO{_{25_eo=(gJCgGuz8$!9Ia2#eJ@(CSxO|k?* z{_r=H9cD#Vx(5a3Uai&zszloQSabzMRQrAkxR-~5K1Iqwn3qVT@D^cW`q&E1S==4c z!KQ#$AuCL(wm^ah)4`z_jhtLU&pWAul_{x2YMTqrXcze%7zrSSu*Y~H5Q6CATq)<6 z0J9*@ZJVz|Dl-y$mp|sZ2wV=aTmOqxCAkN=57E4Iass=%(2x=&!}2;Xc{vn+L#`4~ zwz<*imh(9cb~&qKIMPxkcBDk?F!&9KQF z8zOP@?2*~DOZB4 zy$N06k1lXwltOOI@ogJP&2hBlAXAee42VHe$ieM9VuczMJ_f$faTKbarqB*DW{%q9 zP2<(bMyi~)i?E^$#vLV{r=vsr)nn0L4Hxv--h%hw0>jESI}KWXCN;$09tp?VTM?}q zAyNMNN+mPb z^3As|HUL@H!;91@8T7B_~ zv{En!dimYlQd<39>9HHaTaRNhr1WaeXdwf6A;D-rO}=NJgtu}Fv0?5f(_#Me${`7h z5m54hc(4iY#Y3HhV-1Tj+66rkNSkYotGez#DiZ=m;skvHb$2DoeIiEM7b!_{Jv}=C zYZ@mU*zHsAerpWFce_&$>Q+_Fn(-(+P9R{_ZTO5I^r=-ubcA;rGnp z%feC2THHxfwk?((W|7h@%BCFLI@&~Ur+pRWmW0snb>pO8=~s%Icl}cA6VP1yy8sD( zN67phV}AQdpC175G$Xc@I`9Udix?^I_=sUBlNWlVt!C{&z&YPiFcNapTJWA436)Wy z_|OiY1?XIW3l^RkEA|(;byyhux=(*y?u%nI7m|1-*XfX-267ROr_?6mzqR}y6sP9} zbr${I8ek4bt{aJmJ}*w2s&6bRw$p9m;)2uQrS0T`L$>72 zfe}sY`;ohf&dR{3h!EqhZiXMcP{hx&C^n=wTJGME;uWR|_qO5SA027(b#@frSn*t9 zVKhDSs^mQ`M!y>H-gyX;iGE*-M;)bio$_^OmZZ$o%AC>Q*J`|an{@sgm@wPJ6C zz3u1Q*52UL_p)lACb%3i667^r*IbD*+!Fl!1QoeS@)gmL+9}ivB)n!J_Ub7_z26@0 ze_+*<|EPB{5pWZH640|i{uuC0y517UJ{zE(|9b?E152vR6enq18e08GtPkfykswyX z@#{x@z5#(@A0m=xw2*3SO-RpWIO)^Y?%nKs3(mKTJv87n?2z6}t^N

Udxwa0avF zxAz~C>*pv4`HSsCK(fB!`K%~9`=T*N@?+zM+Zxdk1x!=$<>6`1VQvH&JOBG@?85?j zX(!^Zrpye6F$+@-=_-OZ)Y1wxD~P19x3T56t9+_!U3C@{)|kPOlRa&7T0MFkBJ_NMk7)7Ck-F$Rm-mw@+qpmg^1{jgS@z6AX`k0pS%XGIxqIfUcV-B z#03t$#u)z{j(^!9&&M3SNR@K7EfN=kf|)^&+3eY7yb`$&_@JIeR$w`SU+PWvj$yO+q?7|ywgn?n;~84w~+s#B*<$jKrLysRXNJSid2bP1*gw$lwcCP_Dp2`sz-f+-7d7Qru<;+%@x_r%$ElIvF+Z}=c<{BL%!F+uZfxfx7^3guz7n?)gCs$=kBF?2;cr+Z{~45BeH}x z<>IZhNG(z3#6V^elqX%{Acl$TMNn7?yx@4%8%>4pdu?)jze;6j!d5N3B3bBQ?A7Wo z9(5XEnd7*E8#8;l;z+f4)p230f<)WuOlG#=!<$lMJw1*^G!^72{p?nd&LmX)-Zi-1 zwa1a}LWYC0j^TlGSQ))2#nno*{xe8A4n(li`yZuw0Vlsm|2_nnF$Vl<%=J{+W~$?V z=X8c6vLF4RpDmGJA}~Weuo^$g0pHF*G+YB{+w3drf_e_k=Jol<47JNt+NUp^Fwzg# z*eieTqz$#hke0}7znVp=VeTu#BGj#o6R?}L=m)=AyR}(WcKEy6reAbhizJ}x6$?oz zcKiC}!8RNn77jmITH9Jxt7g&FUErDgA^AOpjbce~(8gykaP{Cbl3E!>Y~C!4nK>UHru`vi_#;4WaK)TMFMSC+_b zrV=iTZgtS-4B7&E0fz^j*HtlPKmYgLXU028@@dTb4{or`rCIuX z*t>FUqt!#u$R1bdd6slP7)j>Wh141j5)tko%@R@)r;sSj64>xr8Bg&XlE77U8ILvA z^69KHbnq2hdG)!^r>D9;H$^XyqJ^}dT)V>orVLIaxfiS7LOYPOwZ7CSzttQC;23lNn;=a!p(G}j=EhCF5auh=EIkc)q9>t3)RM?3;?#rUIw6y zE^vVqNf1(-RtT>{#Diq=*${l)ep%%N7aZkFEp>1Hn-I#Gu#t%Kdr$84firpkhahGVu>A3af;+$+V=GHoo5Bj!kfOsmQb`1>JrqhE^T2`wd~R6(yeW2!k0J6|H?!va<% zwPyvqO){eWZ>d`pIftllE7kGu6UJ?T)bHnvIZNJfY4x9n za`fu%K!PvvI-p`mq=9_$SXj{RhI89$B)chBNo?z&aLWq5m`sco7CdYi1J z(Nb1^yU?gvox45n%s*t@1^*FP@$!`_@@NrlZL_gCAUb!clge(8kP0C4Borx{$pT`KHF$y}rEY#93o z@4w+zi|q)?1W~PcO)wHr)jcBmdNISuDXo4^?9C9$YP)5ov_G_}A%;xv;gXQFPM;9q zG7xDe{b=_4mOKh8>1X3*t2KvXhG~P%QM${HQIz5As0x28YWOot`1>KkXi1lHVXRG{ zh56`e0nK#eFTp8lyQ6<>f2+6``EPalAQTBvRP_*7fB1DRdg+Uuum?__6GIp5(UMO+ z#DavisA+}UJrt?T@MR`rDnB7~oG7GD_5LY=cB(l_xYX@InleI76$8C8qc%iE|Dn5U zx09e(Sn+uix_^`)cWkQlH_uSnNivwjdcHY11VAgfk~~Jw;?d>YP0rYio}dL$@|B93 zp95Qs*UnjsvM=shGiIGwOqj)y{629H2q6vNJZBHaI|G5(jsZQx!JLsdH%jDd8_;Dq z+@34&U6Nw)CVjCtsI21*(Ks%LBOeSHeC9(T;pM2Up4>DPQo^KTrtL5vnu85Y?F_mp z28!s8mX7j1&@zRfxK>|y;{{`Wtm<&@<4&@xYJ)O4;uyN8Ibo56$ZGA0J5PY-_Mg2h zfP@jQI+0HQOEHY*mJzjFEVa7c)?jkZ&MY!R7mQqeXAfh2`uB|^Pm7_ikx6o; zKVo;;)DADwBxk+_IAI5wpM&r~Otm6r0SyqT>TSR{Yz(BV8(vbg=&bF%mgd2e&cuan zmcSf6U-k@WQ4Xz=vX#OYvy_N*20YIS{sr}TB*_8Gm1-59sR8s$u4{@464X$SUtFcE z_STHObSDz@s;y>>&dYvgpGCo5f~yrN@t;=edN=k0qy!ZSbR6(+97en%Zi(SXU>MGD zCGnNeI9HCxy|+Pr1DV`Tq3PVEI$04_hN0WvhvsimR6-`Iajs8RvRUYTtlN{pMyTd7 zuP{=>w4F)r3Plv%=@4FoDF!)4^%ctbhA$RYhXvaCMWjAYzb19);FHt+S%*~+IttUl zc;1<5GIz;f3qI0r8R4JnVw2oT0LK8a?wVT9Bs*tRQyA0RqnoUq7f%*?bYB*Ytm5u& zsbQ}Hw6>Txz)0iBJ;ILjaOriJQ%WeNQDCZed1$7xxst}SwJscnf;*xMWqo5Nhk-uF z!M5ppk8zN58Pqw#&K`dqf+n&-syj-Kj3NdU)|zIJlPf<|{3>&h)91Ga5XamaNhyV^ zs&AVtN`|@a)542_CTRpvhUB}0^d-mHjdyj;@!PPyWhmH(&s)9DFzSKAqNuu{Xv_7I zP4Z^RzsEcO_bD!mCNtC70~uii7M@aya`+!dbpr1;4fSQXS8LhoBkwpY1oXii?m-W3?mDt2F%;-Gy?f3q49Y-eH%LOqYpwg49z}L7HYfRzJZFV{Q3^ zB!tES{Er3N;r~<}rlF3NL&)?fCKZjLC&_0WeMUbFiC~EnryX{i{ zb@SIjYYrv%^}J1?Wt=3q0oAVqt&5|Y|0>Fck@UgI7qDq#JO+%1K>kIiA{(x3?I6uf zl^*bJpHQ8LYyFR!r&Fq7Hs!q(GloMVl71O>&t3xsZf=T7C&$6{e+r9n{ZCs=W}$-`%8j%F;BpRP@yJ8Y5mPhxchMy|<@LzyK0ex1xoV6?;z_4y}MM*%EX z-|jF%gaGTugLQW!qs-|0#BO!5A3Xg_d*kA$EPB@$s775#Rb1;o&^7yEsVr7QaV-I> zEfVH~t-B$#=) zlL(>-V`ZD4pCKGl2#E3|c3=NP{{M+}C!?g?HxGAQ$x_WzJn1<8oF&wsS<(>}>{6M- zfGnF9K|z7=sDOkiKcFoBKSPw8Zy>wa{%?P&CjX^Cg}reFh$W3P0v6(+oZ9GNLd(sQ ze@t^#uKrgderNqxBE&e_Vy)4@(55SnSK07n#1&U`;gzPQEQ}I;sFbGiPEyHZtjVAd zJl!);3?=B31ie1rBdwil5xD+E#S4bzlMLFw#z{Qox~ks$-MVp)ljj1&NOzCc|6rH3 z>s{kM0-BbAKU%-mPeF|23oc3f^Zr8Gjv=`5$p770OFbm)&yhoQ?=_O2Lw^51%o*rp zC?+A@>J|~qDp~sKF#ngC+2Vi9lmBDx&-srzgr^PBg;ncow;|ukSk*Yh=^57Al8_{X z`Ttn>=syd4^)Q$Dz4Cf9>N}zVP0o>B|Gmy8-MVqKDfP3``EHY}L5#JrnQTU*z$?Rt ztas8D%ZGiH6j4953e+j1jQ4VfWI?b(`pf)F;<_pSimmB+b1``wBV7)s3qR;*Ob|2$H3 z^<f{r z_+P-WnZ7aNA|nNIFs{P?-#^CA z<7?MYcqPu}cAQPV5K_AgFg)ZS#o5X-bG9i|>2Z@7Y<=I<)bQQSXfWZUIx}8w!s&qF zymPf5-oTEt=wj&gFZWtf&c1#0TuMb0uIyk-`&?pNTZ=N^m3^#Rl6K zV3RNs*jA9aJYtaO&!U(kJv;M3n)f7T!dOi>=*#U;#b zK(OZDeUT3-YLUN)Vo$B+Qt2jy71GM5PvF)8#T$b;Lr5!3;LdRk^AM&gaU8~FR^Hxx z!`ahgd)le$V~zA6ah|RaX~m4FbX4J;B|b1Hs+h-5r8k;6QM9cXxM(z`@-m zxVyXke7F1d7~TE0$9`G6M%AoUYt5>;nPro|amE!wHo+`2e$0+7R|4T)vV(&AgO$F0 zeG216_iudp9v^?ZjGQUR%zZkF4aGOF?*$PfC3016Jxht`H1cnv=1?*v|F>oMfDhGLC&&KpBU$Qu+LkO9%Uu zuxusOe;?wDb!+RIm1YVnePTBvT*RJi8%OM#{UJPO4#08-%1ASEBKdSpF@-#~c(+u- zCUC3Siowg(R!;WT|J9?XLk=wDZVGSxv9k0NYBaESsXaN#$7;+#oJQ0Ny@olHmNf)& z&1|RD2P#`9TogaSE$saka?GVJPn*ow`=z_ks4i|Yxkl?8tLR6F`b&J&*i^(K z%6qwjV-Vr<6Kl?13Q@!9&$PW2E_buz@BB@?;fxm!4h>Q|7Y7M;ZBk+Ix@!5#fZsz( z`F|iu7rt>uCPjR}9AP{p0#t0mm)F8U2pf{PyG!*!q z21y=Hku5Wc%NkSe@UI#Yu2u#|@pBVJD7%n$mXsIEUK>@V|MovwtA=E{8z)%ci)?u6G>bOmO3}CURzf3Fb;lE3A@d8P#7Waa@s-PG~ zXi(vKYiU&Ci}IGStuY~Q>zU@}q>?twh58LEm^+oqnnyx;7aAzXdC%AJ*L%xm#147d z{pX!ie22c~5>%;mz9)8tm&PP}&(DyeDBm#PL4}R?Q5NW=8DpnB)7KXdOXHoq&zD;p zOHHTdcI#w_(mZb8er)Tr1ypzwMJk;rH0`nYGe5jAm?7RFTL(~LhS}8~Fq~vu;Le|9FVLdETlmSmtX93p~P3nK+5tfPR24`(xH;IYP1d;AmGMe#(pki()Y%S!9-Fb|CM zXDBedWFd z`+c~B-?MHD6SO*Z3AeY7<_Q3r2GigyYK!UHqq0RrmV0%1?j|@FnU`v)g6 zn#3loo!T>inbT?ttvR>M4hjl5Fe^HJlTFs=4X%(sflWN~llm)3FO~vq{q?noI%@NC z=?4wJe>_1ThiSYbMOQ8%bZBz50$XDxqP(8Qu(hR{rU=cX-rU(O@ukRSdts&TT}TQ~ zQq$76zg#kOU>ZV&OM$8HFW0_K8nSCACfQ+*q9$S4YOP?fB;h!fwcum9xJJ8n(#~L# zH|S%ACFwd^<}-{3HY~u76<&h-Knm-MRpgy1u70b;bpvFJ84=DXXwcJ*FY_2vffm|6 zMcc)B@O8f&f5!-w(sR$z`!8miV$cHp-$?O>-MqJa5k{6MJKqD|QO) z%=37x1V}YQ`|lwQ1TC-$Zw8P3VK!OZP5Vo3vRz$Q*i=pTMD{?SD?Y`u$1mp$xo)w| z6@n{h@s%f5FYjv-VG5PLPf@VEoPU~a7yV;5-Tf6r*hm`vr>|ih5-wTmazNUlY@SNp z1C9Q^+Rkg{9Cd@{81~KCs0+&ezuCXj6gEY3#ttjsL-krDVA`|*N(haY{o{N+^b&>N zcGjsgl0w^~E=qvOZ8!<6yDQ`o8z+*!zX_7q#fH`_%BJG zDtW#PsW|cF%bpqKcAc&(wG;8>U`9L3k~q{tGu6#t=>StbB>djGL^`58?150zc}VB- zqB#&xgBI_L^;-~kl!d(thbG<^q_dacqH>V@2Iyi(b*Z-^#tGP|mO+Pw5p>#F3XWA( z>34151+_8DGHK;?Hyt?hp-4sh4C6zB*9q!Hd84j*H@!abp;ZnZO*@Idv8K>#T}XgC;Csg|Nb-F%6TCt zrXtsp3|kQOrsV#riu=%zE4*Es=BfaJb`<#U=z57KuG~lYKwKz%(s_z`48unL$S>N1 z(pRXH+uu@55IBI~{||LPhgG3XHL=+0HyJZV}4heDOr&%~U{Mn%w?fk0jvuzb`lU5qZDreFzd~a`-&j{ipr!*5^ zb(r@hU_mdr&UZ4DXe~h(>f;=E*Ee!fP1VN%9mMp>aduA@pqR)kBSE@V=+$GYs9O6e zuA1qL^{XQBLx2yTF<@UAv4jZP0U0<^l-r$7V%sNz3(T$h6=rPXqe|RCrs@lb%htgw zSBFkf_Q3GF&5iEQ{T-8+2wx_FvK-RqXA_q=z5SVv?WeW*1-{l6C(bcwu4>8xsFJBj zmEN$zQG^|g&^SqqCBthtt8l}U8V1pPD5{!ha1ipIdF~C3qT|AM%~Uj10;v@aa}pkfGVJW82*( zVOj#Dtf1(&cv3C|-muQLG+4Cv3>E*a9o8-ecjl}w!%y_pV<2YJu$ICK57VKFq?42; zen)~`nXJ~F8WBX5Nfy4G1~zS(W}^0VE0`t5)P#@pVp)A+mKpyBG@hkL<;SPp9yih| zyA{nn9NmQ&J82P&GCG9pS}I5CZr@#boxO$6K0jT)N*!At9aYiIX1|B>%ZF?6A5p`l z=3D(W?onljR*fyM^1kBHUpW;Vl$7&3#8t*Jky=(as=|&#>x|~(2c97-L})GVd9xdr zMViSbJRkW7v@N4%zZ}0%AK({<%~kb@0^Ev9Pgq(Q&FN%NW8UHMq?IZIWu_2QxeHfL z9@Jd$#}^a!ryn3S^fqc5#TtT_o>f$3s~fI=oou}S9PK$QD34KX`z0Wj(l2F|fSo`z zb2sGii;d<-jqSl`Gw_ygFWqUkB?A2Cwz4OIcb}xscd{gmawFL{pL$HgvMh8IacgGf zN8>_c>O%G_HPWicI#FEURJ4&S6qwv40GC|Cy70d{8r>l=qT7-4Up!4ncRZyGj2to~ zciMf1d4@Fewjtww(IV*;uy{p=wj=6~)JA^_DJSf^*D6X4f&C9b{wd9XEZq-XVUq{4 z(TfY)m!Wx(nN1jBbJ%f6Ma4F8ON#8+lzqL_M;-2Jbkc6czb3IR{Aj1w^OZu}Hs}ydSOgO6W zsL5iPxj^X>kc^|d@%;FepTJ_teyuWKM$C^Ag0=(uUK3n~IjInj%a?|)1PY6xo*7rK zA{A4GjQO4oDK!y-uJg22kh%S(zx9%Tk+WvZY>LXQ#9Lci(TxuqI)OnVm65TP-qyB` zP~&k<%P~VC-yO8IwzLz|MW8ew*~f7w&zM{HcQjWI*a6cQy1Lu{BLfWzF&O^I@y|E0 zTJ$Q6eWFl!lYlfSVajExVPp4DVX1xOMGUU_LO-uX40#UDqG!ylUxue}$G8KT_OT-b zh(#vGla{Kw5_3N@5bb@#Z2`(wSM!_-RQ<;-L~(L26~;1~Ac-*3<)fbCRUIZoz=D-+H;&^U7DZfCG`# z0A$n$em=80%5dN##w*``BAb@ulQOIRXo+X%P>!wQ(Uj=@HN^S#Re43Q;?!$)Tv^v}&!VV5=a{x7KFjj5G*x$} zwp}JaW}j#k&De`-AdM)e zC8>=mje~Y`Z$DL$u(~Byw zPdZ&HPnIBE*w*9*5tTe0TF-4Xot1!Z*(m!1#3DEkHG8ty8W$`x-8gtS=S!$<#?HYc zVEmWwZhJm!D8$R-SasQ8h5%@qV3@x{3qNF4%_ENiH(mi_i^xW-o}B@Bd`qbnUMHuG z5{I7%cWI*C(L zU6m?j8TXvi@T6RY&JLJbVFZu55}>U+TF34$4X;6=_*kM89{7+Bb}w!cgmiJ<_Vj3s zZFa$&WOU3Yu^FOeI@lnE-L(++_VmCsL;ktsGqN~G9Z}pSHa324mtvq9zurN14`q~2 z+H?|_^Ipot7+I|B0_O&^;!@aK)6&p6TpwYnyZj@m;cZp8(*^iFxFO?+&%7~!QKYEL z;DoJ)0&I!8>AdrsK62%lNBT78)5K*PrmFM0tRYJKSt9-HtJZUDTSZ=DCIM3TTE`4C z0m{u$h3kHU`k0Fb{8%wK%SKtR_2Gwlz9o%y``J%uaF@cP506_D9>QhT9qp)KI+lyv zJYshGsHhgbU`HULDn6ID2&CVcfe4E+cV6{Y%VZ5b3x4~gu#iX=ISSQtjPdVd%=!5X z=T#&HnNuALr%6}!uB#K&Y-}NAktSLS6NPN-Ek~NbKRY}|(>+szk43BP8JL{ou^KSU z9lu|QX3SVxFVo3TSS+;Lv28di6Y0VOe>Lrc(}m0%VNwD$Sc90kG~Q%fI7X{$WEhg=3U(^^*aoa>ZzeqM$h=xds60K7sXwz_r_COU7}S1% z5181~bE=minEj&tQpKuZUg~@cRo*{E2-U%^#kawM<@c1LN6Q~R)rV0YbE5#ZsjDL`7zm z^lLxsxv4so&z}9xbjHS}<1Vw>YQlj&>0*JJX#5Nay^+NidV0A1bg1RIX~{ErQOpH8 zle?qINw#5+V!Z9>#3cGaYiLUIif~Ky{Lp?G8~ahJQP{#;R&=QU!qJs)@Y;{9F;m1x zS89>?es8V(uN_v(hv+5hoZ75vVkos_&Ux4PtpOoj7AR}+YzNT9Pg~&E$1?Do6WUTr z^b-Zn%B%7A73;1Qn@U>-ZHFHz6JG}JK~Wdg&sTgk`H?VT711OCX7?B$F~EKC0^Cl=;nbiIPba6|aydsSo<5nu#z{8muIX_T}rnh8?pM zMi8&7E8L!*fNB;*=?;4^V?Y$3D}(v9_A_1}><{YRt3{#6E!NeI(_M_!Mg%?fhC4Zm5(b>A+0_&aDA zBa|H1i;N@T(xm-=I%imk0a)bZSuqI~eR9e@J)3y7knS@Ryhh0G#fBUV=XIZei$Ta$ zeB~Bmn3JAm0NJfh5hIh-UhCF&XYZjHQH&8ByrQuNFsrgy$xJWr&+fsRda(c6=bFh8 zrseklD+W!Jn@0o88~c#eDPa$?zuB2kIG*39rPu4zW~JOR1TYgEW|(Hg90l-P06Hi| z++lG&C4GnyEO+hq(9~5ZMd84s=r{v(7IkWEmT4liZ@a3v1$=1zsAB20R5E;9JDsBA z0ykmjcS`W73eRfCu#q}u}C67cu^}bJ3jjdvqfsdk^EE-Ie+Dab_d=rd{+JFyDb7Ooq4+gRIL; zl|yi1%+mFJ%KrC>-glw|);$AR5&YSq8(;Q~PM4yF8Ti5h*_yR?-?*7}^mj>*EkhRq z6hj3@#*cx2GYyljT$fDY2Co{sGo~(V48p~6F|GryvRt#OaS>7xWASN%|@vAiVkTrx7nEZ??P(iWB z2Jb~uL9>s#6d%>R5bB82g#Ms|`go1l^!2)w_2&k=VuB@Z4B`i_N7hPFAjK&1yd{`8 zkm%cnn*HVHt%dTy+IJN=n(Uh6>kOTfQ9o6o|?^*vwTOj!cCs6sy4>nke1|MYA{ zxeniX$>VyuHt%Mewj|?-29G*HV-VWGptnM5k}K#Vw3cW7Nt5L2q`6wg0ZCInS@`;I zMYl{L7H7C$ezyh43awwpuaty%N*EHee_r~e=+5cbza~BUeIBw|*2sRA-f1gtuw#>b zG%nATZV|8#Caq3?C1@pqT|X6kFjBL-9`#(=!ooknd6S)X*G5K%X$T^YSNH=;pI$k8 zszjgk=QwG0Xi(QQbKU8$JYBP^5y+I)!J1CO;(>L2!zu(ypv=97oM#*vYLu}ix_Np! zbB>t3KhFLf-Iqm5`szu$*H2VI;Eox4oj|y-9CKI^3%d8;%+pGDJZdV94G08pu%@tMcK{EtxYrt_IJymVJ@eiW{pjLiKr|K!e*g{H*l)Zs?NvR2zc@)0^Hd~WW9TE3@pqqCZ^S%7|Uf5Gy%-uu4@ z?{5(X$VoMMt1Upa<{pQe>Ht01BnjBUC=|cHtCFqG9|D`_e^Ss%ONO0nV}wI%Uw$%a z&K6(+6Gpe$>nubl2Q+G0ezc$+Ds6W)kksia!nM0pj->A=<&OqO*ED1WPgek&XHdDS ziSX!EFTZBSFTQ%5bT3bCcYlENF8L`(2iikpSF|luS~}{xd!DM|@HBOiys*68b~vG9 zYeOmDPyED^uTv+|(L7M?3u3vY?$ej&d|Q!#YMAC?XNNNbV1JdvQa{pIu3qeJYTi#3 zp>-tUZb`7v6S(OSUA7~)UOb{6VUh(VwwrX(8%|O{WWP*R;5Oo0LakA_HCVC0 z?F*DiJ6wcHIBD-bD`Yq&DmB;Crs-zwqkNorPzq(}W%6t+7^KXM8MZp~939l$XOzjD zIX(7~wXQlj2ja}&Ylx6(EfLKAl9OW04J=ehL#+v#xY79cuIH!7k$20N-G#%Old<2L z;;F7gJ;m+@;E%M0tuEVaCzzZ`jCTFN7@DxiP?1`;H_q*bt9p8^7&R{FxQp2)`o}iA zA3BV8s-2L$2#^YV>(Z#&FCG=VqAdHNQvWb78{GkEUHtm*xt(djo9#qu^}UG066mQ} z>HKj&$sH!dpyYx#w}Te+TRcx$@nW2dqk?R9hrd-vf&E$`NGU?TtBteo+cGwuguu@V-zL@tcw>eN$e<-(= z5tSo!e1E*Ki1B**rIE8j^c(3p>$+3RU-W+C)iZd`Wbx=RU|DjWhq$8Z=dGfZkXeM{r>erH&A=q3#%?`fFj{=p zU<&~VGXR`HjosOrY9YhW0T(}_@=hTOt$4dWAUy~lRQZY6 zgV?iQ_?DV6Be`ao6cc^wIH||IB4Yntj}NEpxmoCoy-^(+A^X7?U2vU_HTig_d)m5v zzPyPT>t6e`jF1E+b|3oEubEVv`Qq&A?Nh~6Y7g`+V%NyogQV>-KQv4>tCy?=@-3X} zsxM6_U*a82n@cp$rRi7eJK=q4zm@BB3s;5l)T-?7^N26X5sU$^R?zvIrgwLI#H%t5 zU3ryK(Lvd!Qr2aOEqFK%DpmCK85HGa!8cdRIs84KC|m+=ku2hE&lCvtpfPvAQM1kr| zQsCdeK>Wdzr#aNU4rDhPm25cs1a&e=qsl0UAwo8<>^gwK=%6n8g<;Fd%X>rJV{(lW zuPSSQlqBU0T14Grbyrpk3a4+=fHjoMp?KxmhRU?Oei!g_A9i3Bd|Q(_FY-4Oqc`QE z9_r~Y%#r($e1XcJkDth{TxxR&YLI%`ZjW9Tmj*VYaBEMJMER2!+Kc` z+*2^AvfgtcC;hK;Qyd)b<_0^&{m4|v2=S3LW~)s{c-r2k2E$O*feE67(SzO8Z(%vL zwlXDMD{O1C*D=D{)%~=BN(#2=j|zkby^R$L8$3Xro;-%Ep3lN)p|*|?t}O`5;e?%X z*_p#LY$hHGNMmFM|C80}QJ8GqsEaYd-7)-8w;i*5#M(OIa(}8(@C9Ux8V?nHWG0zc zS}>--P>A)?C#oRNQ8>3F=sOQPTF2b{{W!F+T2Vt|oHN zFa2%a@U9vl{P%hj7>>=3Qa}-d2`Jo32ckK1L za88p6wcLJDlNMi1R41o;P1L5u+=gKVhmZj#;&Oj_FRJ#jVSSRg zpIU0TTP0mhSSO`=O&Cho2&Y^f-8V3~f_>&|;5ODCerx0I_n*EJZN{s_H%8F78##-^>43ipmT+%l=^w^{ArLK6sUd(Az zT69Hx#z+A+Cd>5Ez4ef!Nb_*6xzb69p}_yx`uE(+R3eb$4T?7&kY;`-pNm&B)Hi{? zmA@b*engqe@colxJbt&SlS!Msgn#cyd1si- z5uhvaJi?C%6tbtY;)kbzSPQ*feYS3Q4;%0u0sDYEitV8!NsE7YFm~yFB6w;)kB!sf zvg3TUB@OU3bm3fcJKg+TMkJGgkW*YGT@qnT4cj^Q~^-F@cqs^W|OpxyP4d|P)!QOs#w3Uk!_Z3_A&BqVy8vZnNZuh zDX*K|mp4L=UdT0i(_96(H-ouC?tA(j2DQWo0*h>QV73D4!RhT`+Rv6I<4SqVHhT7c zZ)u(t)_8KR{Iq|-0nb0M^{9cPCqqfR4sKcJpF;Geo8XGpki){l!V!t?(C5Ya`e%+X zpQf=)zhL1a#K#&EVh zMQy<*?*61^bQ|Z13&aTx#1~9{q+^{`z&p+ma||1r1@A8Y4vgM0S1Bx@sTaabp;5?< z+72^sjvfFbT?E<(#22)NK%2^}1g2=4J116C^$aEy%YNHa#IF&M#KiGDtd-J6tv1wn5XX|G?Q#b#(o_ROgeerWoSFvc<-U zBNBvu{1@yxf1a6@bS$yVg^Rno!)mGx%)TtTgdBqbhOLrrfh#$7|C)Ql!so@0+NsLR zG|>W%)>U5QZhFsS>kOtkNpXWigrXUHeu?G2C&qOf&0~LyVHs&_S;1V1`Z8%ATl=U? zwxBsuoBH?ooUS30gdGafaB@8yQ`7hXwVs0S1Qi3KIx}rdfP`J0`#+xKGZ~WLyxiLF z_+v`IHDqeu%YSQL{C1%$*hGJ)pGFE_4nMp%jb$2D(V{1i=u5$jZ^W=I{)^Y@wzMCW zk5z`Sr?BmmH5dV~URrVX(9Y1eWT_|^Jy6w8NwEdnoc3Z%l%D5$Cqsf8dnY%b zZKqFF=W^bln*RznL~UDwmvw4;gsvIPF8k5H81p*@D>t?x26buI@qdmRqOQii7!*esUe1HQ7C2KVZNv4O0?7wpAkdF1>IWF2>NwS`a2V(}Xy~rfjg8lxq)_?H8Su#HTQdn@P$tKc`^X>Sr#Uy{1r?0#e<}1^ zGtS&htGkZ9NJj?9Mh^-jfpS^-)NhHS)mf9+`FgBXlaN+_jAB-FxNr={;*XGobF;_S z_S5@2cMw+Gvfpl29gd(HtV#qHZwzmY33TI+ZrgSbTim7ziH@u*&pWPE`4x;nzbEjW zrqy8Z9=k#|KfHSL?J2XbSnPT6V8F@a5RNB^+im)S+3Z)6?8Eky2$CYT8n=%8Wvsa8 zah?ahqRhEnl)OS%bUIRlR|A6Zz+OWo{HY%SSt2+9vvAi-Ord_nnMOpWk3bTwaJ=wk z)Na$)gzjrVeeM3zhnnXwG7xT9Q`ATH$-Wv@v`V>py_;+Zjuqe_HhE*1Wmh%3+(zCI zp={eZwemF)(eaJulA#GTh!kD zRV66Ba&!Ouq;%Uam-+p#%VOl1U=)bRg(Ovxz0(0*vSH*XH_sNq96L9DQ?@krw&8)2+4Y?6d4<)FLi|aDZ4i>BA3ncyY-J0*?{-7&VGhj2VF0AbgTkv z(8Y4xg}L_Itv#xdBH!7oBYKGZ{EB zd&o-(h&X-}dJg@&>75dABQW%S`XXK4ViDX9ggmk$X34(t_0Y=^wzk+Af$NDBH~1ky z6x%*EB?r{y%TT%kBMt9QfEQrcsC_+V9zU=oLjH!6^Mg{b7KFp^tKhw+DMLyyhp*v4@QpkZ zNM0tc-EH^tb^6JU?ydY6P$6e<&)Gx0DUXZVdl$BU^*Z8&3?8W1Wn=V&Awa?%!vCZ5 zOwXt7d(4mEr5T^}9_Q;ecRino33MAq{F0~6Q zo&E`m&(YuY=S+M@R4NSTQlI9WhOT9kKxxjHE~m`+`QItCXn^`v2m$tvt5D0xFy4^JEF#9#yi4Ee<3>Xb{*h%F9ZDOV%*zDzw$o` zU*~)eYtKZKF0**mw034F!a>)*Thv5ACImMUGU*8|FEvf;zdk3ef7d6}i?%G74cyp) z3lJIWeHH(b47U~>612eAIo;9J)5=PVoFl^4(pr{*Z$jABzZm7={EemyC>0_FKO^^O0A2 zcQes%s3==;ThUN0?*6ztqX$&(*7>uIsVM3sLoF2#LHsLO1&_!cS~W!wXzNjyvq@-1 z;K_-ZYi(3Qh8%sg!pyO`sjnZ_Td48V9>9sGY=RhPn-bc^7c4vOT|L<+wQ|Au2l~b4 z^WoOEJ8EUpy8v0b_be_m!8JE1aZ6Dw+Yeirg5LYI{IOE5 zp8@L_nJ~dM)ijyZNGxRr7`hVuyXdInXcO6lbeP$L>U~>n-%s`rkTvU}x*Ibgm)T<_e7oy7#x}RJhx$999RKA2*5YS2nDT#!H@SH@o9qrLV z$t;}sh|a$;`1U7=wKpMQR$$0YB5~*DzJqLSLu^{GCwb{Tq@!RN=w{;>86+Axus`ck z!9W5_`R-qD_gG9AkKZ)pD79E&AcVI>?pHLjhKaC$ucOgpVTWm7C2MezSSeAIKq5lC z0veMa0c=l226Mfyg*cA?q_y{c1l>6^o&7;9+5On>Z+r8}Mitq?69`kpEX z;1nDmI_cg~C4@KuZ|vd1RV2a58xt7|CpoaP$oXZdCu4aM10aY6Yg zrL8Iz0^9<@wtWhs8QAtlY)Z3CbD_j;$Bx#}D%+4X&4iUTxV&t6NaTqbEjO?{L7F~g z7|KEqxIZLe#+9vcarny^cSsu-i?n*a2A6(_M|HP08}pF^>qsOelh$L{pf_vYjfxCk zN%l`{&L(stFD@l^kNcT1UnFo$rh85m#!h#54qUMkZca$tz)OA0+&O$&AUhP^HEmlX z`6APs3-152t^S}$_ix-dhGiOiL3WI+6FEMZo4x0;!JSnbKc92Q)EG}z(13NJuGuP@- z4Z%G}m2tjlsC*=`5hwN|mIIrt--xL69~wNSKNUGbjRC;4%P=wR)@np_%buF9^Ye|a z>VQGojlN()Ex8aAWejtCAAZr4NLclr0yjt?N&$5Mi#+h=QCFz?eHuL6$@Cd%=7QZ= zG8;Tv1Z$A>td(%G$9C2sy3~dCjbB6QH`XI?Xam3_1Bx0v9&-ulQ$%k$7$WOETEv)? z(xp?&>;!f|fo$4Z-FDaL;namQ_#4`tlVqp@?j-sXp~ClP>sUKgy3HE28xAFlM|ST; zK<{dx-s{cc;hi3uua6qa;~}xr>>o|X4qD8Cp!SxC<5t2Ad4ZNo-{*LUOv60oZX~v$ zve@&9b)*!`g<+}yWc|iM>@d2NuWrR!y7yN@lHS37w8HAs2JrMz zT`I^!6XA$AMJOMk&r)WnorT5hs7Eyr(((HUr8?qdvuoRx<@u*qsc$=dM29|*yXu3f zCgS+;`e?h^%R<{{RnK!hrsvhZEZ=*CKB66P&elMmOktaIM2{eDVh8|8LuD$-oiYRS z8?XE5%+)(sq{{{GkEUfB+X06}{qoN(hR~oQP9F z;HzGdgc$_12*_t7#>DIFlMD}X{~3W+MqcUr~_ zovV&Ly3t?a4ipexAdP!H-=?AONFWBJ+kWw~-ECsttuKAJ0y=3UV)o_sXVpKoqaLo5 zza-4nx!5$~2EvEZj=WhlH2x3?=KjpH(*41UH3)x+`=>7FO_` zsmIK%V-}-zj_(ffYR+ce{F8RuZ<^ffVJfy5LW>_eg^lbg{W?0+IX{pJE#M0bY;oYI zy0EfVug{kmg;kk{RjyRNm9iKDm)vG-A`&v2^a3C3anPip@_CNg;?DEAO2w6MI$(p` z0DDqKksx-2eo5&^KH4*b2ZiVbMLupPtTcZKeB#i1%_IQRJ0!~TU_ZL=uG%u>;nB7OXT#=e0v zjO-iJc`$!0HsLuVHCt2Wu4XmIMQDumjy}lBFRg|v(T2Xe@YqHe4ryMfc8$zV8!>eq6M4s`dS`;Dr^m@P zOU2SzU1a(l|y+}io!?Q-XqqO4?z+_&qiV;V+Bit#+q>{9;o%jw! zG>HaxFg5`7zS5TA_N35&gkoMaGfY88469R+2}`jPKib=V#368^CH4LJx(>U`Q7du~?FO{}XsqnZ z(7(J)1h3L{SK}2x>Q?<*qjh89aL4JZ-%;w`z4T9;R ze*zt)nR_AQQjt2r40Ny@3fi!8BexmCu6ws^Z2lz7&&e6qe-R&KO66Z=)X`v6f6^ks zQo^efb8G6u;9T01{OJ$bF7oUG=u%>%`={Lk-JKFO9Cv*5H}6YEyTDFDNPF(n6K`X# z=?x5pAN(SSFG1CSFgpF2!{?!$sTk2KBA`su)#5}-P~nV$XYn&@U|gSp#G{$0>6v#b zrx~TKUC#a?T-mX%chTKyuXz?F&;Qiv@&13Y1d=Y52pD)N@NTTmWWdU}?KLhtGeHFC zUT_hI8?mpQchEWfYxp-|R52AnA;zbxC3BuW{Rd0DXUfOu~X+q_yIX>& z>yqJRRW!!ybz7Q=om+6Kk*)#S!S8ixYYmq(NM?TTJthk!Vrv>&j3nM9g@hN)7ON5LXyky!`mBv&Blv<#~11`I~Ez+{kc zbrMpWi6;N%eT0OqU`??2fxFH&htQiLb}CQ4bY;p$Ji1*HiWT`O4^{(L(h685_?%Sz zHcLKSOO#bZz8ABG5ebDAqPg*(v)dH-u%QcM1G*SzfC7;N^g#nZtuEmrL15kA8Jrd) zO*afMdlC)C9_-Kgx#4&PJE8Sh$+$!l4l;Ayykrjwm;Oqj{mxpA=lw=4$-CxglULqZ zi0!-T$IbLcm=(uuI&T7Op@ec*aOBG+DShST@*$5Y9XKm|kYFRTn~*H%copiwG2hnv zk8&|9OX)D99Kej-AkTI;FXoz*MIiPq_g}Uu#f_U)NyiSc3ag5$dSsRP9#}-ZAFhad z@d4YRpo@yHBgfU9!D7v#(eaR>&%VvkFyBmn&$4F^JPV4v=mOqi7|zl?n-Wj?J{`MU zCq9==D1iUTv4(Y9HF1j9W{mGb+DqK(JzoX#FjY0Gm_wvGQqJLb^fO~PCXwvyG+2wf zM(sim+2f?8>GQGq;66&^1zKG;4)E;?mhwT~g&uB<3y{psR^%5+yt#%STb0pGQ>gPC z;A5c(1O2N z#rv+|dJAi^F0r!B{YZmjro?r#dC9&U(YjH8p^DZv%Yr>OmKYtEt;tUFjnE4)KFsN2 z!ytvlgTt`lVw)qdD29gQHREHpN5Uo_!5)H?I#c2ePAId=nGZ}o;GZNE=$tc+5_uZ= z8V|$sX9QaCWkPYhpBu5BZ{F1)i^!+)fK?$)u_UNamPj~R``6A98t1iDJSL=X6PCmk zI&P9Q%n2>SiRc4rIU$u$CglksV6GAfX(8)KxEtoQYUg$ZyLU{Un+$yEY91#QBc(-1 zBr9%-=f=s^;!~Z#acDSC6&LvV@~z#DAeCH`5rIu>oFW3B`rs!_41(FCQ5UTNs@Fri zJa3p6Z3IF(6?sw*Ua$k&PlfMd`r;1Wc+VeORrCeFD#VT;|1l(t(g|6mt4V_epf)vl z-=cf1$qc_c^IYi3ZNlR%xUbQO=+n`Z$~J68Itm`Sok-}5ICvp3z+~VdIarS!zIll= zUI6W47|7uAA)`v8{Fs*JR}_#N|ObKpF>c zjm;FK#0>@+HA-XrhaE#IqxfU+nOc_EwL zyK7F`%Nvb|{eCEH?2s4*jj=Wm=@uxJsJZ zUz^Zm#>}jUq*;jtCc1UxcjuI6uxK--^7zJ#QJ`b z(XqmY8JhogckcG_!fb#@1lHM6UBC5I40Uu9$_Wq&-lg1cnmbAJc&v!2-JHl36OC=V z0vKxq?(Ajw7`+X4(&lnjcvTAzp5Hy#+Z}g*p>V_~T#WVQYG>{q%hr~-xErmm{Nnl1 zRN}zN$f`@K8q4g|Df8xnZ|%LX9|S)lPyDO@G$BwhgDpN}3N^sd1h^Ae?IBjS9s|nx zTeZ+n0W_+S>mU#%XVxA>_eweRq`(_uX&zJZ$W>$}6mVdtp z_OA`=*F*bvNc=&)Rw1-PAVI#6Y*N@vJt=fw9ki|R7HFvV;&D~)e!uVb(+gLB==c3I zFHVm4(n3osb%EsF{Q~*grL-Y+enR8qvlpPHXE;#%7w}aLkeR&ut>KmKw!gXO4mt&! zXe?t?7gwJ_M(MY8B-<7XTH1*|r9sa8lf1rT%cBJ3|NkO{ zMUOVJc4mI;p70h;?-VnS02QG)D762Vx%+I+o!$dW=)3wek;i!;x zP$!^&P&%#@Lx=_3dMpF3Tipa{47_sl^4b)Tv7(#FTh(0v&O+i!#pLs-y13Y&Cqv`L zUn6!>ZfsUI%GP11SYYuWoa8V%$E6%16G)$U)H*fnx!j6n)&eV|9)=~SVWTWpOV61j zAxo75ug}QrqWufX!YAB$FE3!;^(`$ta}zC)OOf6)H@Jc2tZYqbR^S72@rF%Qz0(}4 zEHzPq-1CCZfmirMM-c57iNkQqWu7)PAhCC25spivDwgK~asob#$HFpDSnp1r6X zUC^Z@oo1YWt0wfpT@Az(Y$}$y>;$i*F@^5stEMTixMgVFjee zU9*DbjV8`;xN^ES73elxZ9kr_5a(2}al)a8?D_5!J!pSYo?UKys|w2uzW+Xqw3;GS$MF|S$~7lDoDFJ zQ~KXDV^$~O3t-SLspEzFhlZpXyPYz7qtOBC(sBUrblEqKkII2~RCJgu3KCLgt}e%a z)DFudbOe9~s}C?)k{xl$rVLb@XESW(-7aUL>Tlwr9PTNCUWt6YUWRmy8o*TY<#IxAibPAf-sa+cb-bc)OU|$KUM6$V8qi5=3!1u&*)Q{} zv(z=U8a91!HfN?b$(4j^pe3Q_{v2HQY&i*MW;Gbpp%{h zykjmLl*s;+$fRO7kXVvim-xM=}BCNNyi!!X9X&+$Yaly5>MLEmvd?{T- zCsFvQ9O?jIN6sVbOd)cCX8W2zkn8L!?a$6q3=7;aKD)OX*&H_Yq2hM|Q+xZ)`llXo za2U|ZRXJl+sfXwy>U-C$DK&taGY-DClN4kTSKb1cD}~~O)B4j=WJFSCHX7116>(jX7d@^rwVhSE&m6EPRdNv)=(58=u1AD% zQqqF{VU=fjXZHGf@?PIrxEGQGtQ>W{^!mbn$pOYg4*TDLbeg5N@(qA*LXxTI;D-28 z0_rRpQk~sh6<u6K)-o9A1I)SgeMA#u@ z2tVGqg@w^1^EZT`pm6}U@ux-m`~ZPC#!X&6BOgaf!*^HclQjE1r&m@V{ZVbBy&No^ zQn5U~M5V+9m%?v5bC{g(qBfrj6rD}17H@VHqAihZm zDITd*?S!XUq$l?8DZiWxSIR`;8~Mr(6fVF+NVb~#%vTxED;3av z-iW5i*AH0ePe->2NGqoch%73iBoP|fG%?$V#HBE@odcu$zmxF?sn&C*ulm~OCfEBL zlk2>EnJX_UVz|XiPKqDZ=5&R7=;F1p)$Fe%XnWa)%jFsr8Sc(^PU&xD=q-~nY#?y6 z#Vdi1NTK6yd8+`+T>L2-U{g4I%S}K}XHQSm*!vw#*1H99xGLtsh3e$t)x=GHc50A* z)R~gp#I6jl^CydUP$L1IcxR40xw_kr%YsN@^OggP{c=-oeXPgyOZsywu3QC*Dcw|S zOl*2&X-O=ubuvHh*!;cn30RsPo`Bw1ND1fwv%z_(lgx4bxA`Y$etPi4@7yk~eK9;cgaF~^q!FYY!R#Qycu+a$!i zsDLjz_Ek!Vip51<6hx$7MKVFF8!Nu0{V`-6`l*0DPcA+KNmmf={>L;uO9_oYBPS|Kyy{O;R|j063|8ujUX43}4uenJS@>WhtVEU!EoZtf(D`Pme2uYZxq?1sS zAqbVYdN~P{{i0C0jNi%w;gFg=@1nB}4?b!}{wYQJ5!x{Qy7S7}C?X?svI%ULTdam28G^7c6t~L}w^|l9|*)Ms=NmrwiDJBQTu=;ZSXIJiQ z*|570OkqKj2=HH52GUInMaAClu7C<}|Nf(mv%|F{fmI#~CXxg+Yoj2(MLvtKEZtH& zerV9rOu7`7FWJXGk~%mA>4WDaj6o9R6;~!IFXv?C zU$;h^1XxF)a9hQtXBY>_uT$-N+ym7zoG6;GlKG|?OlRhtFYgdGjf`)m>4zP(IMum_ z8m&7M!DUmb1O7KXhwMjUCrVN$s096E=K?Z8y!#%i6o0$eq_ko(0&8kacP4LFt$r*P zNI|XqhJWy;VJ|5jGs!*Kwfk+=QJQu@YDEgXN+vIztpd6o=ijS<9FQ|t%qx*S-kp|6 zkex;ek-F+?d6rwmM@(jD88N4M2T=0lYHOn!2~yW82+T;tc*IkR$kJL@*-Q>HG^ayU z1d_9xbA!kVDu(6a3PFy%tF#`4rV^ZD3(hGmYMj1!hs4+L5~w-Yy$dcv2PNfiU<)2>+Xtz!erPCVqry<6vq_8o?k?jQeDnQ~y(kgry;>Q`9v_^v z`O=*?;mtV-w&0oY41N+SGATKZAAQT^UfEK?^`}aFxxBN7CyM6m#DSyh`9T)$xcS+c z@>8g&5c0_}{223RPPrLI0KHJ#MtyT{JUiNwqWNERX}cFexta|F7Bb0t<&C8fa%nAs)ZnzJSr`_Q09pBt`;i$8p0;HDrOY-*ui|Db zATU007JU`KndZc?N62iYab?UVI|I{9;osk8b!AgA*CRNG4>y=gfB?#lj22HXRt6Ec z_Hj1cW>1_NvCQkz3sr{535MnQu?-I-(UsG}e>~D-aVr*|Vv4R+dkF$pF%ZH0uY!c_-#p{2;B&;4t4+D? z>f8%$QT}fpXTdB)yt^vA-DLBjr58WQD;W@ah7~oQAEFzH7K>7y^a5Pat-^^>kn_^Y;iKDPSvnRz*5G^e%Sv zs9hO-DvEg^a$wm}yx*<%yk3>jvsVb;fZ&7~%YR*?KMAZX)aO3!#jNmzxZnq6`JQOx z0{@4{0skTL0A(ig`;XadlCScBZzCTnSU``jBUZDM1m3r5QHUj=u09`mQUyVORB&mm zJKD+fa-pKoK-x3m#LG}xD+{0?x3>YD^c~Q?dpve`-uj#tmLnK`XQ(y%+86LhNo`|` z#*ZCw1@;WpU^2rV7}GgT>MoV4T?}+c^#Kj9b5FD>r!55hzLX5c;3j#+b1ejZV@Qxd z-)Tj3fOX!d()#9WK&vOT?2!RHQZi0_ZARY8d{Ln@(waP5#?e3ip1b*P{vN*hzxn$x z$OXnQ?N_?WWN|B$!AnI@Gz zgP=^)g0oiph<@p3MB8{3}Fb-nlJ*B zX}?1q-z%`(M?V9mA@c5-O;CT4O5}JqEaN}LqY`A$QUTdVi59ndO3`vZz5oUfVDWEY z8}QVZN+Jn;@=JZKDnHq}G`rhbyuM8tjQ}k#lW|3i$hN|Ip9M0ckV51vQazu@v4bqg`HfU;y4XKNy`dS=>dxkMyCNq{ZPf$MOwG~3&!C5 z;Blszr^N(IsA>Y?$Nxp%%%OFPT##;Zeu=|Be~47}l~C+eQr~j*;M`#1aZj+7t}(;s|Md3*20 zbbYZ=uWQJ=Y(7Pli7Lq@R?IA0vadND&sTOIsf8&NsMz6_LP{01Hm)-zx5NFLsh3DV zjHM-WhIxByR`u%Ti76K}P$BejQ;OGa(Wirw;C5+vulz}(8X9oxb>bKWUSwKbN-S|x z35K`A9KMK(bmD36KMnFeG~B78CvRsrezWZ=%4YyPw-_Y5p4@s8kTss=#CTqFAVnir zv(z-J5No-$KUk)c*~k_#k(-&vgbClkvGEXQPF}G zre3uz7U)ziN&eh{qa98njHd=10P)H`cpd7iW}vF zzM$1BrZ)~IKMzFk%QL$YOwYJ{@SC#(MCIZ)O*$w8{Qn3l6G^yR3t;|-w2fJe;X@{k z$(yDDlNwG%19!(}hleM#lTjiP7Kc%%_I%#azLx!Yk99qi^gTKX6z+RMP}!An{66#$ zpNT2n_s965@)xs1#+3vcg<(Z?k6-pN;4s9%g*ioLh0?gBj>Vlc(u7>>AxJ65K5VR4~%=8jTpSAoBF18!C-BVUBdY3S}t@ zx6G4H{`qcMg%7H<&uGBM)>qnxr^g4^=N>~Y{iWTmz?NM1M;E9jQh`eB6melY0pU-e z10cPU+Z#>IbK*)DQrK}ugaduH213D!_cq`_&G#Hge8LHeDD|HbuIG{kU1P=GJeYvS zmp3O|q6ce7-3m)hp9p~m(deNqUTl-?W_mEMm+$~N$j7Atyo_R2GdBwTIC0Hc0xFEBp32HUw)nf zNc7+G#Czl>fw1NC`v6)tni5m?AJd1QLWm=(gb8vr4IL-0T;1=VX4pz#%a|gOV#&-C zcHhg_`7gMH2nlchaj}zulw1Do>x8H{j)tAi&WtWi=sYo)1AUA%SEg6SFMa^^6~Xk# zu93>8B{!~$!YH8g=ai`4&?NjKZSM7wz8PZTmI{$&qAyp_?e73V`T$Bh7b z;g_WU&c>|>0np|~v~}JVL3n921wd_+AMxr_t1F6Iy!C4JBcucRtMjq;lc&OZC|GrQ znKLq6gOVs_0ExKsl(FAs(GUQG;b?K!kr1x0q`UDU##Zch0A*SrYkGiHeWV<&Y<jUhFm**tz28)c9woZMf8pi#p0O*b_Zv#1M~QVH99x@Qm6+6nyk8T+my? z6fpWaVh$01Yjm+ITcsYAu%-9|v$h$?)acnaO88ZKzFw}5&DH9r?g2cxd`(07nSkBi zWDvX0dukmlk%j*l;2^u$Y=`z*R(o1s6VuX8?)``YyTlLdfI;LQ^cgf5;5sMvAb++& z$g{Hp|26(oVqeY2SO$j+*~{^q)l3E1KRZUF?b6-@TmutcMd4!H&TZqd{|X zy_^Y?OgbMG!8f0VKDvDR9_8}Btz8dLA0yP-!*MqoAj_`nL@wNcunZTr4!}Uk{ ze!`%&y0KU)A;@(R%4Cp>2YTK87&g(Lc&EsN^VAvQ2WDh-zJa<{99*JY>?H?21+yAS ztt)>~f?=22=9FmSS9rSwMmx(s^;BOD@)*~K(A}MNJE-08bTCc-CjGX#a0NxD__0QA zrAJuj8=ScZAt(Tl`fhImfUVh3^*ifthSL1C8*J6(Bigne&)F9bw8k^;W*7i_YGAVDPkF5K{!&Vsw9ZK?0M!Dfrc?! zX5iM`M}oM_%V(LwCs#PbKH2^CJ_eZ++30H8TIuk`J7{gpZJ9y=c9XV5tyl{G(kjSh zWv?b!PsZFbb?xL{-GKR@5hzx@JdNyVt5Kh!W*YemiESH#qm_Qt6p^_>^~PkCXw6OZ z$Y+O~1ZemRXOAo_umI*n<`2pvmz)Qjm=xYdr1!*NL>x#3d|?tH1DTQf2OKoQX}^=su{@MqulR$r+Yc57(#HkUIgPekO!w+^jH`I zLM2UGfVgOcng$41VeGgW*%Lo&eNtjeD=(y{HK3ydY7g9g@6J80YFQ|~F&majn`@VU zzd9Kqw_;15QnhvdyLsJ#@TnVvDq%rl-O9cdf%GDDlza!*s2#!qxM-;>0yvcs7-97* zydYKq1lt;S5n%(t0_Kl(n?65=e41)d8hBs|<7#};_@mGXwX9IErCi1>BG+P9k0IH! zcz|=$b!1g21c&w}S?42IZP;?kQUQihJSqVOyP{0}UGf~YkbK#NptvT==Yl>*=x#P!eSv?p+}0VG%e5m8aip;QViQhnHCzuKr25QRpR*;WzQa<0P` za7yt5733tF*ze+CVJc^l7nCsQS^!`FSzk(Va~XKLVdA_RFus4HB4!J%RM~}VX#JNG zxpfoMzDDY3wfkMRX4r1Yl`98gb)4)RN?Q@_q6Es?@X?h(!=Z|d#p5sO9v#SX7|Q+IN?o6uAb8O zd+e+|zw189>LVIPV}r5UUjUd>NlQt&_!6@{D8`^+V^eI}9LQTkieL=zuNU0MPCQbI z=@&+TB-kGxYcK-@hdG(bp-k>5ykFs->~3vgW7kyqPW@GjLW(HmGdcQM`wN&Dbe(hS zyinfV7$3@HWQSAcIPI$w@`YK9q^LDc$@CDb@W0n87#wO-nZgkaLcqAq9Ito8s=8`i zSu>P%bBWh(`T|M5f5ct`eaoRAZUHY`VHz%@6d(7=U#0U-SU#VRy^3txU14K)j%trn6wwC|1hH-pMo_qXt7b@RoZV=VskvY za71{^+co)e0+7Q67RR!$Cnjza%Y5?X7%bwj4PX8^lM^HcYet|fw|bn*V>g!- zt75;aaMvV_1SBv%J@a}I+8*O&w8(d`IY4EHCUc{bF&K)762()=@to6cC3V?ZNB-fK|8@n zt`bfUb?axJ%Q`c|@*>xwjUn*4d-&?7S_Mo$!h6yu1$u6kxicNRPJi_q?A!l*Jacj4 zqcd+j-)m}p-<@hV%I1$$rc}cCwFC#6(gp?Z@`#Y3?D@GCGY48w6dMI8JISwbDIRqG zYw{2n4{$*E#!cJsa>Se^TN`!bfWi0vm2P@qKd{2foAff1$NuL%4P!YMbokEZ(U+aU zzQKrhwB%sf@Z~#m%=Bk`_tu%6hT*DY;N|Ju>$W*NHtNPSVd!dUxJ{r7mzCcCx`qQ^R}l#({XA zJVlWKz#0gMt8JK=HF4vhYus(eiZyoz6b@**DNc?9Rde7$KqSTf9O*#2v5eBCE76xx zjhXkBR!yfKbhu|6>twLk>qjD6ug++ZIoz1*grbIske@abI0Vl=LW@{Zsx{e6V`fO4 z0VKF(#!tQ}Er@3)N;U~wnS>K!u@?8pO~Hn1&`-r2E@E)OA%i(!}$vi@TMFzoqZL>-t!Kg6s{&F#$psm zA(?c~lsf#Ig|sS{7T6L8kyln@y+qW#cJnzC&Go$pD|6OH{+PP4+`K&5c<|xt!TZ7x zINdP&%sc#iRr#{gfcVbjC%WbJ3LL=1AS|2bkOVS3<(?=rCF-Q{Av6A#z;`2=0jEaSkN`Fq4n_xNs<= zmYI_sn0F{Af|s%t;NSOQH@1OaxHjuR3u)lnKY&lsz$b?CnQy98xzG+t3rwtOe~n$Y z$eMk<{`nd|UuM(?XqsJ3obA}?$qy`7Wxy1+iK_k9B^kse0nNIoWCz1^ksXSKU;wLW zYAre|X6R%2S_usyIN$>?h8o(AI;3vIgnc=x$94;#d7xnyGRyCVrcjvraO9aJIcj(% zZpiji$E;M{f8m&cZhePP%EU9AR-Hi9~Dz2XN*-8?Ua)__Y?}r?(GKky!-c$P=Om9 zVaKE>$o~@}U)JOIx!rMQy6zdOIROo+2GVF=Habf7Bw^#xqud)vr1;(zDiZZ$wiCmS7{RS)7q9gnk{p}mo1yn>&U!Z=NjzENb zNYct6>z?UQYZ4v;Q;&Y?o=oH>%vS(H9EFjw9kdOUgRbHt=zDu`bTnZ~n*n9ZwakWw z$grruw|;LNwk$5qCpR)}K_u)rT~34GPYq|d-dN&B19tS&dNJEZ$1=ARJq-Q6o>K)! zQp%C@$q;~z4%r0WgRA1$E2xxzOJC`%HDEN49N+8neSR&HV1XPuBuKHdWV0F#$S`(L zb&O2jQ2|)vd>S#KE5d2n@iNT{7`W)%A%e>XsE89C1+|z10uuAZ3eB#QU51uggFwV- zOi}n?kvXwgK582APkJ!*3bv1EA0x0^E7acoi8sLEguX&#Z?=QvU}kX@1(BGbaX8Y2 zp0p?veexL+(G{gwk?47_xP}V)HHM1gPgP(Tun-n0RY?OqJlGvMRdBo31paP2;z;b` z)+#p_xxNu`i_>E<1S9gI^9V)-4c=Y~dVIzbs%cm2S9B~$r$maIZSdZl!JyJ1P-1vPN_K26*BgJuGPI;9 z9G`r|i2}CzpCl2GZ@=Q^(GW+!-^}2~9|)HFqAp`F2!D1+gjSRt1CenFEkkV-o{c%O z2}9_f;rUow3S=G(dU_4)l(3oeiU%vvnhT()8o(({R0u5d@E(a%O{e?oK}v-})zG>% zudYH+UPl!umC2uD6w~5>iC1QjfHyqUw*4v_6LMi_y6c?k1sh+n9va^`01#PO5i!A1l;c z`ADiP;%D^***wct9wgV|16;HakOP*QtKB^$x(c2bfb_=T-$Z)!D(LWDV`uysv+3Xn zhlu80D3JQEKUg22!0R8rFMN1Jh>vuv*+1Oe)vRr(#7xv)<{-s;{0Ay(H{fp|HG+1c zf7^su2aY`oVxmV~c*x)|4hI$~TVu6oA|(u7kZ-N+)i<~}W+*4M6DW6wsqvpmzfTj& z)14TzTkj=v&Og}Y90=A}EtnxMhtVGR2v!AmJSBrh$kzdk#J0IEpq^94b)hCQT;(tT zhBl*wMNV#)n6ofd(Q`%lhx&mDwTC#7w1A*xZQ+#;Rd7%gAx2xSFKA5tDTt)viF!qu zI1VnLed7vaeC9jxKq(0!tEB*g1xoo7Zp>8nS1^sSp9ZR%pDqr=^@75`-+_MyvY0A6 z{C*MPX3z&*_eVS?F%J4$6Y0oY?TGUXd5lLZo4teaKP6!cz$+(e7u!aig)5E1%)8gf zl%ID~jQR?SrCUsd)h3Q7X3N;=Sa-)+9dbHNL;-I7l&IJ8h>(>vp?+TvXB{-?I1mC$ zwb=x2ojwBv#w-uf*f7~vhRCu=CP-Dk#_?u^aH|87voM61rJ<4tL(H=TiddW>YEz~_ zXv!Sfc|Y1o#hrw3&u4T=OdGX9?}HmP5ogrp&7tdHj*u-~0hTVDn@{wNR5=%^)1lv) zaAODHNxqZe@h;cdw%>n;Hg4JjDm}fx(pdP1szN^ww^z@S+R8qc8khEZY49anZCs1) zIh6oxliuwiqTdp{{}BAAbn#lF*0**y(Mu0n?{hO1Wxj&VNHY+ELmTUSV`4ZA#2L~? zw}k^L3%2>4y1LPs%p9}td^kkQKE^L}=f|Vc+4S)*sQoXd%}ZH&u)Vz7t}@^7i~_Lw zY`njD^I&|ZQ(o!$yz6NYBhC9r?qc`??AdYBiRh$+P;LqIpeHPnaGb;^H+9*vJza}n zu^yD^FyYcfbpZd1mUCskHq#WWC$ZyykL zRL$%Gz8pSRdhU)8VDqTV=8Y~1CaxMQEghBpvSfQq=5NObW&!MPzG~5snr#3{>a8lU z72@xBR}^d;mTx-Xd%N4?tAHd12M zmTdPrK!A`r*Oe{%wSX1c(|S-9OXL5c$Uf}|Hb0uZo_@yabo4lI{I?>jj^Fom4FFUR z7y$noHjJjyc4a5`_}=`c%%?N*QENZ_&L?1Y=I3vSQ2A+VZT|VQthg-nMwwWs_2PR2 zf-_s|e-h=Yi`$Bv9?$y&M@HL#sF;$d3}aWeiw4m_B3pYK5F+-}zvP9Nm&ZOj3Q$|j z23-CqH_4Sez`90nGPUc*VtMvc02mI8`g_`Op^(8nA+DBC#p(`O4f5nC$OC%;ldJLC zgEA4pQQ%Uj0X21Da!OPXb{tqzFx%LCyIe8|5W{H9gdXu;HW7_ z$6vX{sV;UR`9yVm^ywn7RfAQk8kb1iT= z-eOjnnS&P+xsl028KDax8)1JICxNO|`qhPytODW^Y!GWS$S%3b#=y51_D`=<4nI18S!13K(|Qepw}h!- z%f5spBJ+C14y)eEWfB@R{HW~eJ{>L6Hn0nn8tp5ut8pR*HyHR@ z_Yv%UC0#;fo3QJP$c=E(re8i;RF%!>TEnoRAvTONFP&ARn{VtruZtbJc0E#oKp0O^!OSX_djCe)T4%7{@4WoG7j+5LQpTc>EfZzy#=k@WIH-`Azv&O$R^x`dj{ zVjJlEXr&H-kb)@9>*`Ycbdtam>vdYOHiNH^ATn5aG>&0c81jHSqz;;WgVc1DO6`vh zd7-&I!E_EjgE;8gsnrLrxjV|%sgiC#)hq?h-h33W<|gz@Gs-2Cl99PPAFT-dboMm3 zN=ThPtDg2LjA+4WN51dM{JTWy$K<#Zc-l3xGMNVe-4Kqf=$)>;{|{_s5;GiXXD7I` zH|AY0_$<97fM`Hu~ZIa>{`Vf0dx7R-18dt1A97(VD z;Z9FbcUceHrJ6qpxe|RBdc0Z^3081;8#q`JWQiBC&x9i5zA+{@5IDRUzDV|rB^-5V z8fR{RYV!#nsilq@okrSd@&M1jMldkWH09)8+oiZZNK@_){xCX5=la5TeWhfBAD02g z0W@&BlYv(Ypcp783;GJcXSN7#`h{u@+uv`d!v~~-75(=4(>oQyu#oCytEYnS#F20^ z3*X8jj;zs9>@G3wKjvvLpAVm>UK2jv~|1(?{#L+-a@fX6yy0}=4o}sTpAljXMWt+Ve`$n%L zc)Ug~n);l*ber3EyTiRBFsW6}yLL3{jtE-SNwS>*MI-2Uhw#_w*Q-^!c>of=xIk^# zE1CL|ttf&y91GHFCfChgB#Vx2ce+i3(I-Vw#P^#Yv*Y!{s8J}c+r@YjQg8vL;JqKk+yY{LPR8{NtPcgOWD61>Mc-WyB?nV@`VBLwwWsODlgs>HnQQ5F6 z(cZj4O7h6!2&C9}6yJ+*MJ48ZbiONFrkpHp8A*qHTc zn48?gybLqy$q7K?er-!%U|!&>hnFBOZBlK4&uXe4}+K&dS zzxcgQ&^?%yA3#kzN)f71s~O2*6;;`!BUPHALPW&yLLN?fd&a0MZ?@D&O1fR`MpNcM zf1e|&y3+4?`1)D#%#BO}tW>ykT*c#stT;qrhLG5T(3tm6<}M^+jqy=H$_`uQ4%9DO zA(jC2Nng|#V;f{ms{svLdP-Eno+lf;;lX2r_QOC;amM-7-fRgzwvc6{@#0$Si%#8> zx3@9F9{n;k)pM$SB(^_F6G%-HO?FC!VMRBb@G-SABe+rdr<`hr#Of1WgP9uq;w=z$ zo|$E~va{zfcxgv?0C^%hn@m%p)-QZ{x7mPFqO^~i(0-V=fK)_dWd0Xju*DjZ*_rd4 z`#@aYg2ED`fwp(NHFkD-&FN35B6!o^$)L0qk7*-~o^1j-CZ-v5k4MmX_&PbxJFbT1 z;3~Lk?3eQ9l}b5wD2*PCxA3E_d#ZS37-rj%8zvaa(}OUkEbq*1Wl zWemHii^6beEni8BJ?M>Pzq3HVLCAmg?j=dK5dg;Q)))j!&$)mvtrJjE(nFFQ%H38Ub=4OyEc8LY`VFU6Ekju0{VD}oKWd=oM z?-=bUjV>@EC7S(~PODE8i)#t00}uC7Lk?$+*nvolx!kVi+K7~>v!C9&R? zF!u6q<%C5Jj=_8UuCq>!mCMczvo;E@!obNk+8~z`lNHAZ4CTB+t^`emom*m=C_3W0 zXaL98WC(S7YZm<|7bW7+dSqKwRtGdZJ)WJwspVXM5Eu2BO*6qc&mkTjF#t+#iI&*xs~wC z*7;WvL-;oNo|va^m*0Jqdp}*&3?c#H*C%32_WGtd{b|?n6hYF>2Rax`m)dHQW+x%Q zZjbOA>*}lSbv}7UJa(B{auuwq>Rpw;I}in#Vimcd9T4n$wvB&JtNr$FZVP9+2EegQ zZg;$q6mH_v$bspFW$Q7jW*)oi*DO3I$cZ&@aBIhY^9qHS)vb z5vQ3Dpa|{rx8N47#4_p!Y+19XGI|Gggiy2{PPXmzenb5izCpls?>E$Gtsw+;-FOhN z)79WhBO~|Xr|Wlme>~5ovj}QM3yacWQv^^dj>d|2i+f*6KlTB9d1DL~p#gfq_sh|q zQw2>a*#-NaBO!tI3tA@g%Z=E_Daa0AkAxi(D}y5qTRC~{35v^-uzylS0UN$xUSWgT zMc`Jn1%cv}TW)PGnIQ+fmLZP2!@0KR_eetuYg0=M-WTZBI#+TZ&Ps1WnV&i@LP)$~ zJ7%+Pe7kTM3-@{wdOFMGxsZqxR(+TU_*%jy9QG7_lLp?<;PQeIuo7r33<9u6@ETY< zK@WHq2k3<>%4|gy&Gr2(R~Ds3!4P77^5HzEwu(QDVQoUR&m#thmBaIpFlp201$QKm)L~ z?CQL$84kx`)oaPh@ip2pA-0?SK%_qGdp^#3-kUAB)O3R8gyyJ;@0u@*0G12=b>HnU zYALpSmZJwqo96A!j*Sa!JIH$@8GkdPP+V7_4;4Tsf+3Kd2-Q$L&}3`+AxuR+fWVLl z!m!}+$qT*o68d2W4|_y=BZ~R~LupB(Toq*YzzrElR=Nu=r1|HoUBw^Q68Re7-m#J1 z@}a!36&-q$URq0D^^XAv0NaLOAb%~x>T64{SvC#3@d+A^!9gUvPJh%Kl~9C7uy9~) zz$56-KuK>Pzn45rK+ztCVO(b}!ISw^n>)_5kN2z}B%D@9y+6370c{?Ih78)gd0_26q2$anZkC7+$yH`#x0vVU!5v{<|?BQ#AwGM#qg9D=V zR8f=B@rM318+w-+nzALMob~j*G6aHEpr6!l23bRzll~|b1!xEmQ?GL?i<)x6tOni1 zuLiP}u!Tgo3bHvSbR-Qk5i=Vp9}XM3Lt189 zK-I@GB7>U)V?K^J5muPiB_M4kqO_WySq5c|Bmo;6;WN9<)d|2!D@|6hXSwfxE(!Xz zeeG^2GtEKW2iTxQQ96tW)m0t3WG5x~5<*?9kJD~n1Lb(EQQim4*sdfv;ujC)F&f^drTFd|9Ks(hD=7`QW>+G-sZs9 zhXS7ainQ>+36`Y@`~Q{oj=`BN-}`s&iEZ1qt%+umiG9bmjeBC-nb@{%CzDJjwr%^L zbADCNsro+ss$X2yyK7hN-u>ydu3qPqNGiRK3C>6d1-gv`Uf+WPP+7RDvS)|Qw)-k! zBKr%rI|&$_rXkO#{7^v>e;~wfD8%QipzK$B{LO~LQ8CNG=D2H0v-=p%Aki*k2Qk_qO{pxTg?FBzg-cE4*lK>!F~pkO@)SwcLZare`| zA$Sb4Qk+zdsV#sybSk{JfV!E%**V7U`enU+2fs_^Cz~ZqN%I53{Lr-cjskdu%ez(JK31frWuGP3yNu9ANKuqojRg!^W z`%H)JmpHd^_FC&wotGOGU5nxAlIEFoQYwT=0X5vHm#;pW)G3h)ls#T_{pYaNV?J;b zl)<({3T+WUbf%h)pbkZwjF?C<1^=&c0?r&-;Kae+jDbR8ogijK&v!4eO^N`fEBV8} zZrXK>YtkTnEScVi8~6#=9P2gq&4*RFs+5$U$m~Aq(`ORhIpf*VR@BAOU1a4 zZ2-T`mEyCgI-VrsE4XJQ!=qm$YLUgE-k@z+cTcPR?`grdhnj6@1mZ!gF5cNFERBK;|_1 zW;J)*$l6k-0skYbWyB?~)GemaM3nwvA01o zv;^n`!EJ)|7lEoNoq)ns;5v(~>;dh?=+|zPJzds6&jGf7@A6W&pqu8_vd7Yh+u6OG zY#B^@EjtW?CW!8xt$NJQy40@4D2#GnMF>4^cp@`7k7#WcZYEKA8-tH@^S*0tk<thc0edtQ_u+FR(NP_-G1B$cWJ^QT#&FY+H=Qto_+5i zphRyMJe<^AN-=|%VTO10MBqs_Y7P^ga~ENHV?_y3ab4ZLaUMK(a_im+Sv>MvmY?rY ziFvH8jmOOn@Qq`wm=1i<#h|gCAB5Q*e24H*l(==NzrfXDR1fHS5aDdg?-x~$9@GR) zXH<|L{JQ$9>vo&x{NU7FJIwF#S8g}z#OfJtBSV^>iqn$8Qq-CO!MabG$kZr$A8q(3 zp=z8cEmFyJWBQJE9 zK%MFo19`vyzOL0wY#l1Wi2&_f8KDBgU+Hxya27VxD%2xbGqn)c7$k0XzG%<4NQy{v zv#6<0Vk>E?D=nP<0!?=-W^VH&N79h{-IYyCG1O?~EL+vlf$h?wi+3immX8ty&ontw z&oT$2YFr=FLt7}vG2j0RRDJ+PwlMDD5q`2 z$u%1Q+4)U!_lKg!7v&@Oh8h2>iMl*%P9bjmR6Js$k}_i+^6vgKbMlKQ)uau7c2>;W zId|k&|1<(Fmeu0Cb%AvF4|f6(1wVUHe4bUb*_H4!MuY|l^ zZTqD&0cjWJh9V=P&ofLrl32-GS)xrNf>u+XPf~@QItt*H#Z*mmoPZgi@6j1v6*dUz z^)rs_4&SjGM8yi_ukg|Xec&5!Da_o@!tB?q3~D#ut)u9h-WDtt2F2BCxvf>Ibm zsKbBung{Kx9ELZ?XDJekWkX-9bHgnPLpAma0bz6KRoelIHy8}D0W5(JE!N0<@{ zDXFo8rY$UIMMLih>n^E5+I9dp-ZA3#=&y1&5^Tfj4woW($%_Uwe{S~p4(z=Uo#!_- zIU8>WDbSWM`QzDb@L79Pt!P|*F~YKU!?~}<xLdtt7liqj%HmuM@2%U z_ic1DsKrIqA_PB6_XTX7R|M?iz<+pWeCvch4#Wz&3{}S6!_O-N`TM0KML?-5@f&pJ zrPT?Md0rEF>=JSl+!wK8v<~xwj#9`&5(5ZSfXF3>p>cta&N;p= zspgu7=Cly@_>RK))%!zP371OQyFKrUleKVi>bfHP**TjyvN5^a zSf6SwMDI-0c5!dIp*VwWjMO6-{`H*KM@f?2V~IClz)2^gq>96kIeP4PIV##dov1Q1 z1HBs90Qwb9pWDjHpHGg5Ue7LqE>zi2sBLis)WVS68^3&EZ&=lT)5w%d0zp@4$tVfd zI5Q*k7~O%zA8!c1J;{T{@m=xMb6jINu1CBp_$=@^Sr}LeH%~^PH#m1#V9#y?aGy2I zSE^uZ1R@zD2VgtA!?&j)WWKb=-;&HG9OF(gtOuJ8dLkvEk_4qi6BXyQ7@%w*iWvzE zbwZGB03ZY@!cr9OE`kkNK*n?MB*!`;(`DGww=c1}4$&UOXisQiKEz6IlxPn^1=vTs z-LjV~UjVP>|6&fOu2C0}-NOtxMD*=nPT+4jWE6BWCYCmQ>kR|cziniXE+_4%8WYHj zn{$=$-ySvAhDCQOKJ4eDinxC~AFQZ?yW5>$xegoUNOw|n9u9%*aN85w2-3ZXAuM<; zH4p@Nq77nsY@JP@KRV4X^PK>rU7TQP7dp#(s8>U!_nejq@&+w{uEAHQQ|}Aor)E^x zSHzjGDC$wopBIz-j-V8p*wh}rz)NrMrCgU5!UnsB1T*sIX2QZoIFIy8YhH@7U*-N$ z4nIXp2Q%D>$Z!RcM0)*`$`5Asp@U-lW(eIzddFWe@Qv}{Ws`}uFSaV{I64bRJqbJG zOO6UeDditf_W#73J@!D@F1zVN`pw?%2!n?A+OXyDejjIXClErVQ~oKzoZN<=OV;HB zMdE8JE4ow+Ny3Y1emzp32DgAYYDO0(4>-LE#55)qTN@}TCWmH^1~i4-6hc(t1F2|u zhhFhPMw5dVM|48S<3=M{q?w^sR*1orNgH2xK%B^>A7v3mT+UNP5?rYJXF8q!TYqBHz}DuPd#JmSBY!!?aQ8`PWGCL~Sg z6RSQ1%B_ZmSx5EXy<;}LRs#Ct7ndg{y8XjBhW~PoWikP?l7G82h4Dlt0{^dY9Un0T zW~oE(f2b|^Z3=j)EBr~K#PO*speg9o6#DKQS^1^<+W#@M=;;V7tF~WmkOz=lpbIv`IX())OSdpEdvUA^9xC**gM`XE!K+; zKojCbgNNl_QdgfJwKSFl^gg#JD-UAG2N}P`-gKVOs(aRY#WcYXW`h#CduFf4A_|gM z&P(hRl|@CqzMB3I$QtTYO3*Iuz^NJIZkiPxt2KXQu7+LWRNH=Gm9Lbh8kV@50vnK- z{^b!`JsMq;yr1-jdgchwMgm#5b;w8yD`tn`dYaGw^_9%W86&0|0=%78(jmS{q;G^ zr9pd^n`&QorL(Q}v&#OoYTRqncB9J@xp8`V-bJ74CFfp4%e|*1=<0cw-jhS@v&L=S zs{#~^S2Ez?qBzVkFEAcZ4Gh-7t)>u$j1SBGr9I#lXVr(B%&EXJHh3GYq@h*DEg?;7 zj@FTWorE$3JE@#9?>~2#K_TOYD5}BWCC3z0kqm z%ZC-=jzM}Kkdqc^S_+kaE?!}1bJGu-$6~@B*H9;&+1S*q;b7( z91_aJ$J~mG8Y_@=ImG4lreqP@(kKgJQa`(=q{$Yf-25xI#&c-ZIWIdJE@S3O#k+-L{ZXP&m zI4mt!6P4Hg(FDqcHiplR#D2RBtp(N`IMpxGX_a@Iy1vZ(Fd6DY#FRgz+!=CCzRr?$ zc2Ydw1+QGOlCohA$L%uHKAX%#6uC}=H7HxZnQ@Jz;ryFX_kZ4x| zZig3Ad-K)v+w7gUlSp)>Z(H1R!NYGBTV}pXE)9k^houwgWLnd z(dbF(uL+>N_ggSu8ltPbhke1GJ7L4@c>@jwdHd3d>?c%Ev&%3$x^}>SLWO#m@VvXo z)EgByRx{I?3A>P(%^v{xq(t2K}#@bbIJ7^gz!mnL>T|vh2=!a3}DpRB27V437 z)lMqw?TJU%=?-LXC1N;M1?nrt3_gS6SI2OAa@R=cSzjmJ4Hi)-nH5g`3R9TJBaujSZf{eidiG2ry=XA*GA!o?8VcXj(y!)R_olkt)m}N|vN(=KeO5M&(MlqH2$9OJMCY%b{g9Zsl+!= zeirkjYiFHxh+0#lZ?cqLReg*HqUcK+FB@{w@_3NQQRM&3+bVA`{KFN|e{A_f>~Z0( zlec$Eyfju;ic%WwO3M8Tki0_3hb`+FH|i}3>p17u(#pfdJ78f+>cm`I7v{E@{^5!m z{F=xDvMPCX3?hzCt^k?N9wls_VsooJ@lbn6WH=5b>sD~K-$N|S@hTk28f!^e8wEup zax`~yUz_}@p{jtM7t?TC?9iSSgXTA%HCZFI=yDT=Z$M($Ui-N$AV-+2*y#$=Qg(M} z{ER|~77nzJg!)Iohm$lw02G@yVak}0+bj_~74r9W8Xy$K`#>qelu4v%+vSi^!l*{e z){`;v=mTtn=JDK=E))|G2DH*8m47jy#8+E$4PVj1%=%z-Z?G3}<2S0wB-=meEUP`LHUG{haGeug?8E!J-k@xH`k>NP(E^I0=#DOHB;`WUCY_UWd573@mxwy(gvGKPh~ zS<7{#9FyiH6#xmXcjbt2A~oj-Sh!c<5mkiIf0Xo}%?mSUU*BY9K8o~3iC^l=2MhW>g9=zxIigw?86*KXKsAph z>1~F1w(qa3)x5T!K6OU@Jt3z!omE)Ww$*xCXcjEQ4JQYY%V(Q#Mc237Mo&m~y0Q%c8bLa=34h=9;?NqjWaQSynM150IZXbU(mfhi9(MWVCY*UbD`7G{if(69$TpM!SjWq$$Ds zAvV4mPu;D|%Ct_9pLLq+Y2;z2{qb?+xci;aE%O^(-^hLE0o@gBwc1a!$D%Wvtn!;Q z(CdIIy<&w&(f%WmdliwW%G*i`=xJ83KKRqbGIAyn#lVtPzQTiqhl7Qyy=gf^y}%_V zd|mmNu+^Swr`ZIknLw8Nhpx;abM1c8_448n49g3{P8Y1cb zhpzhc1%?E_#1Vt}o?h{2GNw0sXOSx(naR!7?Gu+wZIi18C}&3o*_?*a|GQnv5n zhrxHW)Zk%#fnJ_@$g3m-)(5;Oa`3ct{w&yF6FKHf@z50Ma4Ppt@el;2txJNeiSciWoNpY+I0eu5QAxecihyp=-ZniOthTY z1{!rcY3ta3t0p0MG1b`4lguk6XVdcj_~~!s({0U(nYnF8 z{54bf??SK=-Lk1iYVi70Zc&nMJ5RYq{0d|(KJ@m`YH-Lob~q!4#UOM4j-32QUTy|x z&WQqlCBr-TiVu>jS9T;ta)A%ooqTWrekl~WNrg=hi-QY_TCJhVeJ789zLxRg^bq?B zq@oE--PnK|XR3DHklJNlvsC0^956?+c-#}hEjQFWi67533FSyLTEKy4>V`q)hBD;{ z-^l$u=5|e|x{?6J*&UAE_Pd5`N2PWC~P9@ zlFutUlW^b(@C&UoCx_zzr^5>*`Cz(BZ*wcs`H2| z&>^9T?ujPQ7kK=?I-K;=)w2OY27)~>l4CE`qI0GeR6&afcv=qI>azUdX46!2d2=02 z7%e!W%8#x5tuEv%hy*P6`G&S0ck-gpi@z8V=;KK>lJhip3IZz6(k^ZFWWT1s>L<&c z9a1|ip!)?lm#OJ*?VIIe1R|9wkpSkZ%wQwFL|uhCQltK1NndG@^f*Q<1>ctKvq;_ih3Lf^9 zI8>j|iBn`#kZv<#Vgoy>l|Mbt#U!ss?9NNOPJf<5;a*rtvBli6n)ExG4=U74_cp9%2v+WR@?47}vV>hOn2fUpX$^fGo&|#P}7Z|)JB$FiOYS6NXbKkexk4YcJ1fzpA^I#MHsU+ABu2~P;TxC>o zb;(48?q2syoeCJ`$)uUaEr~nEeV*Ul$^M96XnxRt+q`JwW+9!gjntHermShFh)ST)n?Y^{#SbrVr(L zzfB8EKp-W^6;6ZM-rQu_n0rFpNFxYkXX$r=d+elx3m3aO`|8?a$U%F%l7GP33>JSW zLM23F?8whEh7W>}N2=L|A|9|q81$X)*~kfz4ye979DIA2a7BHCUG5VSeK7y5wgIY^ zb#J3+&4cm~gf~53d(O=E5rmxu4}8_U-sozGpuXdbl*_cZi#<`V76arkPld%Wd+|YX)4^rZgrN>{)XoZ8m-?BUg$oEm zY8cHfyR^(T*6g-i!A7;>W$$Cg;qtavjs7ar`z6tG?hy~tSQfpu+~^F=Lr};H_MbTI zrX4(TM?<8Y%#q#r31~w${;G62$!1NR!uQg17(W}3R zE_}pe;VR{G7gNXa^l}Gz$!2$>y*tN1AHvoI0P;u>Khz{?CV|=! zgYLXrY3ItN_^G@2nFMo>0to3bw<%F0|E@jm=*3-c#ov($l_{;Y^l4w(E+@AL+Wkqy z4Xs=9+eLQI0=mBDtcMCIfnO6_hYfG=w4<5T%1V1#Be~D7^K?X65Tvu&CEx7q;AMHx zFxX68^n)!^v|*WufYplqM+t%Zn(oET-iT0zZ3#tdomsBrxq3jLeW*qf4Z-X%Q<6zJ zX%_mbWHD~9%9cXUX^pgPJUdYB1by`vqBgwc@N);`U*$vedmRJ@NdM%u^f8OTp}BMm z|Fl%z>CyFYnbX=X8<5e?An57@PZeMD7DKVyQ*tAjgRh$fQ`pah)Na+?OvnvIUDnr@w z5k0Yf^XKA?7w{{lCCB5>=LnThr*oSn&xEdyIA-=>P!Uu@t%KYx(?#nDvPK1xQel=IJHTy+%3d%L9%PjBk%m?U37%($V2)@`aCSwisj+MOuX_RLO?#-g8_vYGyZO1LptZig~IQ;ir9q$AA0rTKdveCn(c zGuj6?`&3i683~dpy&WKDN$679sQFsa`bPrHwkmGZMPgEl@IZW&FF;c!W2Q4a|3@s45>m77Pql@oHnd;MK*aPr6CVo70GA$5qbe%xqg)wpa`n|=s|3Cd z0zGrg8D3B#=TNhIW&zbG!2)wRL_?VQ{C0@4ElmRku-ALmB7Cu-YXNG@QT_+j@gtLN z@z&Uni5`S)HI)!psA5-IlZL;vZhVN*e7_rJiI6>8#%w+0*4k#JT~0}Kh`h-N6qSABna4yI$|VN>?@oRD||Gtwe0#OLjJ2rUOa>GLQ%3E3aKU!#~%hkYv^*Ba)t zf!bk`Ludz|J|~2of(@WNF`js4YJZf3j&xJ5!!qm9wlHF%AkT<05m}mWo;(nDEo^>} zsUWbj&0^NGe5xzIV@&_8rLnTA@5mo>%+b9;f&UupiFdE<#r|ur{%!0qpfL5jOZX5u z`I-?3y@IpjMpn7TK@=;ni6rMQqcx;Nf}~(!Fki!R+fDK`0m=4`R5WF(?A2X-uU;su zQ3G~y3hfwME8nD6ULKs2s0J)qI(&K449>>70;_M(h?8j0#uB(|_~Aow=sIp!*zyHK zCH^rQ(R}PGCP|(O&HZr#i3xH2_R96Tg4{f4D?}i(NK`lMD}5Jc_w>ADeImq{ z61NhdU)~sH-_4B;1ZH_|H}s%Wzmuw)z7Ft-AF>+w;eb0fh3&SDUeR1uqQP{Olo>+= zj8Ix={0&m-8B=QW)}pnvQt{rPv;FJk9q;~evyOcE6Wi)=ZeMhlJL}IkMjXFEhw~87 z>^6POQFot|w4t7~EPvIj`W3@Ra=^#dyysn4@Qw@cwdV!z&zZ1U&uqtI@#m)TwW)eh}hsnPw-=CN(xf$%4QIJE9L)^!dH)>q2cWJN)D&tz`&9i63(u0K{j?f zTxjpUJ#Qf-+06J|${bwUp#| z_ar`-33}MN0C|CgPs+NA7uwj-K($AvCr@)vIvaLoDJg5ORaz-)?WWo`FhH)ew$r2E z_xFxEP1$ZM5gzsH$v!^H)yMB!N-U;R$cE|VH#+TUgkOObCmt)#lXb*J6X|<(S?VDl zMYw0p746w*zn*M$Y@Qtk$D6d`kS2@T%bV9IY~G{_QQf&=pRT=rJ=W>UfiBjZ?h#iy z?Uo03BJC9IQfq8}dCa-&=G<8-)vOa>t5rh?R=q{f3t2m0NX+u$XJ=VfZBU7Hpy}_= zEi{jgAh9u7>?`x$ZQD3bTWyUafKa+fd&M7)h1tWl+)%`B8!M2g(_l%PIb#6H9A9l%j}lx)(#@U z3m0ydkeh!MG1{pWASu2?E_!fTa=(86LG+GKTwcBNsK3(R@5m_-dnByz?WNLU-t3{? zW^RhMik8^X)t46xLvHfAjoB-n=cH-Ql9OuWsf

?`6qGyNb3^4n)3_A<@X-R{pN+ z;k3rB?RoTF=A~hq#L-v1X|JPt`NW2o+9G%9)}}svU7O>>@>#^9u8?N^cZ+tzg4J`@tYi;o%li5qqxupk=+our zl{6k%oT!PrUTpi^;HkkTU6pJoL!AfYa=N&fs*{Z}@A^lFg*#3e0{K|s+};aX1)Ja` zP?5spZB3<;>OH?1xQOPrzrMWTDD?k-?!oB zLA5o>%?g(KPE%Of&NtO|m^8)l(($ymkk!(l9 zq+YHOiEE7jAbpry`Uwszngkq+ue(anPlT-?EL5x5NDv(ha{LwGJfvg?N0NsX|5*wq zd53n zZOm;SUxmvqY&IL)x4}z3NO+=sT}_Q(Cjr7VRBb64Qi@1O2^n0goB~)_&tLK8)3Kyu zS!26&;%1ZH6Ve$jFK=?3a=Dc(NRnYqRGuxwnWM(J^UJi^H4Pb< zSj!>@{``l$naaFyxOsw^D>$%2{3E)AX#SH(Wf+=o99o!1X#$KDtSn6!Obty#oZ!jT&V~Cs#Y&X! zrlB;8Ae%TzYk#heW+-4?P!~s|UGt4c4Y^>BE zM+nUt`UzZ;HGvl`xpn<`3Yanc#woPX`7?^^y>onp$@;mKnaa55_&QSp?^v6TnOl}? z9=aGT5xmv@{eL>*TCS-EjMQ35Dn8HVBB;Knk~+U{o^GQdx7az$pd6u!F-G_Ls7*EW z$`&XwY%y_Q&qI{BFtrY0Q4Va`1r&Fi?4R{ z-pZO+&M@qHDi|rkA%)CA{Bk$)IBt=%3^^>nDYkRrEvf(`dICYoX{xI5ce3XV!jjhE z4x=FqtJ(;%P$IGfy%?7e4i;p#sBa_mw*CBNv_hy>*$(Huk|dTVij(H+pGEi}*~h;K zVPSy>6ul1C=xCQeN|UyDn(}j!0hTC`LF59Q`H6VyKouy=mY2|PnU7-lr4F|m+~Ph+ z0<4Cn6wznW(9>ZqCBr?ngq`<~3k5jN1Ktse2RwMNuq`W5LEj!z5>r71!yD-EGSGMv z{DBmwymXTn4&vF~g+cI^{;f zc;uY9u&0Z|_*7yJVB#*BzsN{$VOU$-e#Bw7{QjnR6KbQA zYHuhUhUY#JFu+*#M=2iffLpB2r`n@6qz(CEp?)iV-G1Eog9CWLqkUl(=;$*$zqd5J zg}1SHIVAV8wD1eIyEIu&TTr6PjT_zFp%%K$rB$o2DMP;JFzXIvt?0I*!8m*{H(b{# zI40OJ(>Ej0_+en!-3H-7e>K6DGGe#}z8ek(k8V$rd(29&SoGI_a# zShm3u23bh)6HYn_pInsPxv%XNJ9Y@Mc4^x%UF$szWqtm{w=BQj)vnq;a5LE2er~qP zx;jsu>}m6gyRkqfFCMQu`)UL%tcHd$QJ};d1GC%vtt}p^qFU;UQ43k3;lCV3(MFzl zv%{?HQE3LJ=LXu1<(@ZB$FEloIC@;=s!n>0UBcVd!S|9l%zAG#D;goq>U-k#C)u6+ z`u*c82WY|cJ{&&IbM>R-gL;Q-K;d5tUx!aZ?k2C)mfE#Cx69j3s>^Mbl6_`>EDB3T zmM`U{eTc+;mEUPm)!I9?4|WpN1)dDAukI+lEFkV+T73?yv5V#D@QkHa*5=97^o0N%cW9rVV)?$M5|SkQp61@+$N=_rHGB?nAy`6G=L4QNw0q{KiL#f`7`!ZoqQt6!wlmlcAi$| z*OqB+S8;DrbAFJ_lPu01EACAKYd5s$9NybgM6*%YKm^&#sN?PK%#alBp5$05}t_}&XE>v^Tr&3 zHkFQ+1tsGRmfTR)u;slly4%ki*ekX5&b+7o?j146?lIf%I_fj18S0Ii@y0{a5R!kD z($?Z%7pu1U(L8n~ugkbY%x_13*<11BZU^mi=bkuV==QX_u{>BI}>P14>OBB#G- zlE_MTf#!cWA>^(ojt}B*0OWAB6%a=#rGD@mSW}bp(iWyB-fx!al0XK*ap2r?q*2~Z zknx;V+a9um;r+~AYbN{EW#U|y^S0jOKP7Q;8#GxW{@(L zxNrzN6V?|UhnSP;O?Aj?ZLhZ$P_1ooK>qQ&j0g8c94%2JeldbSgK{#HAy>@OS+a>o z@?PXydI7mgh8Cv)1CTV4hZv8|)YlX_W(AY?Wq*ZYeAfBWXBmWbJlpuupUS|u!`RLN z6YZbdk+RY8`mgg)GL&$sxdb1;4gjrj(0-8^j5Rzo&;}o{`JFCH-DfQmyO^`I5L1W! zd&x6hJ|^aN7F{N+y}4>K8YR!cbuwIYimhgOZs>gBwDj5AWxOtQY`)9|YyK1>Zf!J% zcz}xs8GtwtNns7F2hY=UAi4waVVWg2C0YOvF_dubS2?3*>@RMups_sC4nXiob}&uB z&tozE)(SwvE0Ba$aYFYaFjL@2Mp5)YJBXyaPI?0BOr?N5_56T{s@~IDw@gaN z&)Y2gZR^0_@DQ>nJko-QU8=L}cI;24|KP@b`#Z#7tl zPXe)g0Dj|rLWhDVUCs;HD8%?}_+3U#sp)5e2x`=>MN?B|uZ3+6neyt%S`$)V3Exq( zz4y*%!(Y$0D0y+;B6|C$=ri~08D<05C&LJ96=qe2OCtl_bNB#hL;@ zPVk?x@Bc!z|B0YSQpza+0$<)`9*!@mD1?)OqmC_l%# zzDdca1W*(FcP8+^^LlztxVl15d7=cM5dME_DF6%%{lCFJdykNS6e=o!5I8h6AjOOd zAPz1G14yZ)0tkN5L`XTM0`PxHBut^D28ev&Bu=rS22c?EyO@0r#18(yk6b5BDX0E? w75{uyJD-aEPsKke!T+^ Date: Sun, 24 May 2026 23:34:09 +1000 Subject: [PATCH 6/7] feat: add generate_report_from_scan.py for end-to-end report generation from real tenant scan data --- security/reports/generate_report_from_scan.py | 538 ++++++++++++++++++ 1 file changed, 538 insertions(+) create mode 100644 security/reports/generate_report_from_scan.py diff --git a/security/reports/generate_report_from_scan.py b/security/reports/generate_report_from_scan.py new file mode 100644 index 000000000..5202c9a14 --- /dev/null +++ b/security/reports/generate_report_from_scan.py @@ -0,0 +1,538 @@ +""" +generate_report_from_scan.py +============================= +Transforms AutoAudit API scan results into the dataset schema expected by +report_service.py and generates a compliance report (.docx or PDF). + +Works with any tenant — all tenant metadata is derived from the scan data +or supplied via CLI arguments. No hardcoded values. + +Usage (two modes): +------------------ + +1. From saved JSON files (offline): + + python generate_report_from_scan.py \\ + --results scan_results.json \\ + --meta scan_meta.json \\ + --template AutoAudit_Report_Template.docx \\ + --output reports_out + +2. Live from API (fetches scan data directly): + + python generate_report_from_scan.py \\ + --api-url http://localhost:8000 \\ + --token \\ + --scan-id 1 \\ + --template AutoAudit_Report_Template.docx \\ + --output reports_out + +Add --pdf to also convert the output to PDF. +Add --save-dataset to save the intermediate transformed JSON for inspection. + +Environment variables (alternative to --token): + AUTOAUDIT_TOKEN Bearer token for API authentication + +Examples: +--------- + # Offline from files + python generate_report_from_scan.py --results real_scan_results.json --meta scan_meta.json + + # Live from running API + python generate_report_from_scan.py --api-url http://localhost:8000 --token $TOKEN --scan-id 1 + + # Live + PDF output + python generate_report_from_scan.py --api-url http://localhost:8000 --token $TOKEN --scan-id 1 --pdf +""" + +from __future__ import annotations + +import argparse +import json +import os +import sys +from datetime import datetime +from pathlib import Path +from typing import Optional + +# --------------------------------------------------------------------------- +# API helpers +# --------------------------------------------------------------------------- + +def _api_get(base_url: str, path: str, token: str) -> dict | list: + """GET request to the AutoAudit API.""" + try: + import urllib.request + req = urllib.request.Request( + f"{base_url.rstrip('/')}{path}", + headers={"Authorization": f"Bearer {token}"}, + ) + with urllib.request.urlopen(req) as resp: + return json.loads(resp.read().decode()) + except Exception as e: + print(f"ERROR: API request failed for {path}: {e}") + sys.exit(1) + + +def fetch_scan_data(api_url: str, token: str, scan_id: int) -> tuple[dict, list]: + """Fetch scan metadata and results from the API.""" + print(f"Fetching scan #{scan_id} from {api_url} ...") + meta = _api_get(api_url, f"/v1/scans/{scan_id}", token) + results = _api_get(api_url, f"/v1/scans/{scan_id}/results", token) + print(f" Status: {meta.get('status')} | " + f"Pass: {meta.get('passed_count')} | " + f"Fail: {meta.get('failed_count')} | " + f"Score: {meta.get('compliance_score')}%") + return meta, results + + +# --------------------------------------------------------------------------- +# Severity classification +# --------------------------------------------------------------------------- + +# Controls classified as Critical based on CIS M365 benchmark importance +_CRITICAL_CONTROLS = { + "1.1.3", # Global admin count + "5.2.3.4", # MFA registration + "5.2.3.6", # System-preferred MFA + "5.1.5.1", # User consent to apps + "5.1.6.1", # Cross-tenant collaboration + "5.1.6.3", # Guest invitations + "5.3.2", # Guest access reviews + "5.3.3", # Privileged role access reviews + "5.3.4", # Global admin PIM approval + "5.3.5", # Privileged Role Admin PIM approval +} + +_HIGH_CONTROLS = { + "2.1.11", # Attachment filtering + "4.1", # Intune compliance defaults + "4.2", # Personal device enrollment + "5.1.3.1", # Dynamic guest group + "5.1.4.1", # Device join restriction + "5.2.3.2", # Custom banned password list + "5.2.3.3", # On-prem password protection + "5.2.3.7", # Email OTP + "6.1.2", # Mailbox audit actions + "6.3.1", # Role assignment policy add-ins + "5.1.4.6", # BitLocker key access + "5.1.6.2", # Guest user access (if failed) + "5.1.5.2", # Admin consent workflow + "5.2.2.3", # Legacy auth block + "5.2.3.1", # MFA fatigue protection +} + + +def _severity(control_id: str, status: str) -> str: + if status != "failed": + return "Info" + if control_id in _CRITICAL_CONTROLS: + return "Critical" + if control_id in _HIGH_CONTROLS: + return "High" + return "Medium" + + +# --------------------------------------------------------------------------- +# Core transform +# --------------------------------------------------------------------------- + +def transform(results: list, meta: dict | None = None) -> dict: + """ + Convert AutoAudit API scan data into the report_service.py dataset schema. + + Args: + results: List of control result dicts from GET /v1/scans/{id}/results + meta: Scan metadata dict from GET /v1/scans/{id} (optional but recommended) + """ + passed = [r for r in results if r["status"] == "passed"] + failed = [r for r in results if r["status"] == "failed"] + skipped = [r for r in results if r["status"] == "skipped"] + errored = [r for r in results if r["status"] == "error"] + + total_assessed = len(passed) + len(failed) + if meta and meta.get("compliance_score"): + # Use the API's calculated score if available + score_pct = float(meta["compliance_score"]) + score = f"{score_pct:.1f}%" + elif total_assessed: + score_pct = round(len(passed) / total_assessed * 100, 1) + score = f"{score_pct}%" + else: + score_pct = 0 + score = "N/A" + + # Risk posture based on score + if score_pct < 50: + risk = "CRITICAL" + elif score_pct < 70: + risk = "HIGH" + elif score_pct < 85: + risk = "MEDIUM" + else: + risk = "LOW" + + # Severity counts + critical_count = sum(1 for r in failed if _severity(r["control_id"], r["status"]) == "Critical") + high_count = sum(1 for r in failed if _severity(r["control_id"], r["status"]) == "High") + medium_count = sum(1 for r in failed if _severity(r["control_id"], r["status"]) == "Medium") + low_count = sum(1 for r in failed if _severity(r["control_id"], r["status"]) == "Low") + + # Dates + now = datetime.now() + date_str = now.strftime("%-d %B %Y") + date_full = now.strftime("%-d %B %Y %H:%M AEST") + + # Derive tenant info from meta or fall back to scan data + tenant_name = "Unknown Tenant" + tenant_domain = "unknown" + framework_ver = "v6.0.0" + started_at = date_str + finished_at = date_str + + if meta: + tenant_name = meta.get("connection_name") or tenant_name + framework_ver = meta.get("version") or framework_ver + if meta.get("started_at"): + try: + dt = datetime.fromisoformat(meta["started_at"].replace("Z", "+00:00")) + started_at = dt.strftime("%-d %B %Y") + except Exception: + pass + if meta.get("finished_at"): + try: + dt = datetime.fromisoformat(meta["finished_at"].replace("Z", "+00:00")) + finished_at = dt.strftime("%-d %B %Y") + except Exception: + pass + + # Try to derive domain from evidence in passed controls + for r in passed: + ev = r.get("evidence") or {} + if isinstance(ev, dict): + # Domain password policy evidence contains domain names + domains = ev.get("domains", []) + if domains and isinstance(domains, list) and domains[0].get("name"): + tenant_domain = domains[0]["name"] + break + # DKIM evidence + dkim_domains = ev.get("domains_with_dkim_enabled", []) + if dkim_domains: + tenant_domain = dkim_domains[0] + break + + # Build framework string + frameworks_used = f"CIS Microsoft 365 Foundations Benchmark {framework_ver}" + + # Controls list — all statuses included + controls = [] + for r in results: + evidence_str = json.dumps(r["evidence"], indent=2, default=str) if r["evidence"] else "N/A" + controls.append({ + "Control_ID": r["control_id"], + "Control_Name": r["control_id"], # Name requires benchmark lookup — not in results API + "Status": r["status"].upper(), + "Severity": _severity(r["control_id"], r["status"]), + "Description": r.get("message") or "", + "Evidence": evidence_str, + "Remediation": ( + f"Review and remediate control {r['control_id']} per {frameworks_used}." + if r["status"] == "failed" else "" + ), + }) + + # Sort failed controls by severity for top risks + sev_order = {"Critical": 0, "High": 1, "Medium": 2, "Low": 3, "Info": 4} + sorted_failed = sorted( + failed, + key=lambda r: sev_order.get(_severity(r["control_id"], r["status"]), 5) + ) + top_failed = sorted_failed[:3] + + def risk_text(r: dict) -> str: + return r.get("message") or f"Control {r['control_id']} failed" + + # Evidence register — passed controls with real evidence (up to 10) + evidence_register = [] + ev_num = 1 + for r in passed: + if r.get("evidence") and ev_num <= 10: + evidence_register.append({ + "Evidence_ID": f"EV-{ev_num:03d}", + "Control_Reference": r["control_id"], + "Description": r.get("message") or "", + "Collection_Method": "Automated API scan via AutoAudit Engine", + "Date_Collected": finished_at, + }) + ev_num += 1 + + # Remediation plan — failed controls sorted by severity (up to 8) + remediation_plan = [] + for i, r in enumerate(sorted_failed[:8], 1): + sev = _severity(r["control_id"], r["status"]) + remediation_plan.append({ + "Item": i, + "Control_ID": r["control_id"], + "Finding": r.get("message") or "", + "Action": f"Remediate control {r['control_id']} per {frameworks_used} guidance.", + "Priority": sev, + "Owner": "IT Security Team", + }) + + # Key recommendation + if critical_count > 0: + key_rec = ( + f"{tenant_name} has {critical_count} Critical finding(s) requiring immediate remediation. " + f"The tenant scored {score} against {frameworks_used}. " + f"Critical findings represent unacceptable risk and must be addressed before the next assessment cycle." + ) + else: + key_rec = ( + f"{tenant_name} scored {score} against {frameworks_used}. " + f"{len(failed)} control(s) failed and require remediation. " + f"Priority should be given to High severity findings." + ) + + top_action = remediation_plan[0]["Action"] if remediation_plan else "" + + dataset = { + "tenant": { + "Tenant_Name": tenant_name, + "Tenant_Domain": tenant_domain, + "Assessor_Name": "AutoAudit Platform", + "Frameworks_Used": frameworks_used, + "Assessment_Date": finished_at, + "Assessment_Period": f"{started_at} \u2013 {finished_at}", + "Generated_Date": date_full, + "Date_Generated": date_full, + "Classification": "Confidential", + "Report_Version": "v1.0", + "Distribution": "IT Security Team", + "Prepared_By": "AutoAudit Engine", + "Reviewed_By": "AutoAudit Platform", + "Team_Function": "Information Security", + "Scope_Owner": "IT Security Team", + "Limitations": ( + "Assessment conducted using read-only API access to Microsoft 365 and Entra ID. " + f"{len(skipped)} control(s) were skipped due to API limitations, manual verification " + "requirements, or incomplete collector implementation. " + f"{len(errored)} control(s) returned errors during evaluation." + if errored else + "Assessment conducted using read-only API access to Microsoft 365 and Entra ID. " + f"{len(skipped)} control(s) were skipped due to API limitations or manual verification requirements." + ), + }, + "summary": { + "Overall_Score": score, + "Overall_Risk_Posture": risk, + "Total_Controls": len(results), + "Total_Pass": len(passed), + "Total_Fail": len(failed), + "Total_Critical": critical_count, + "Total_High": high_count, + "Total_Medium": medium_count, + "Total_Low": low_count, + "Top_Risk_1": risk_text(top_failed[0]) if len(top_failed) > 0 else "", + "Top_Risk_2": risk_text(top_failed[1]) if len(top_failed) > 1 else "", + "Top_Risk_3": risk_text(top_failed[2]) if len(top_failed) > 2 else "", + "Strength_1": passed[0].get("message", "") if len(passed) > 0 else "", + "Strength_1_Evidence": "EV-001", + "Strength_2": passed[1].get("message", "") if len(passed) > 1 else "", + "Strength_2_Evidence": "EV-002", + "Strength_3": passed[2].get("message", "") if len(passed) > 2 else "", + "Strength_3_Evidence": "EV-003", + "Strength_4": passed[3].get("message", "") if len(passed) > 3 else "", + "Strength_4_Evidence": "EV-004", + "Strength_5": passed[4].get("message", "") if len(passed) > 4 else "", + "Strength_5_Evidence": "EV-005", + "Top_Remediation_Action": top_action, + "Key_Recommendation": key_rec, + "categories": {}, + }, + "controls": controls, + "evidence_register": evidence_register, + "remediation_plan": remediation_plan, + } + + return dataset + + +# --------------------------------------------------------------------------- +# CLI +# --------------------------------------------------------------------------- + +def build_parser() -> argparse.ArgumentParser: + p = argparse.ArgumentParser( + description="Generate an AutoAudit compliance report from scan results.", + formatter_class=argparse.RawDescriptionHelpFormatter, + epilog=""" +Examples: + # From saved JSON files + python generate_report_from_scan.py --results scan_results.json --meta scan_meta.json + + # Live from running API + python generate_report_from_scan.py --api-url http://localhost:8000 --token $TOKEN --scan-id 1 + + # Live + save dataset + PDF + python generate_report_from_scan.py --api-url http://localhost:8000 --token $TOKEN --scan-id 1 --pdf --save-dataset + """, + ) + + # Input: offline mode + offline = p.add_argument_group("Offline mode (from saved JSON files)") + offline.add_argument("--results", "-r", metavar="FILE", + help="Path to scan results JSON (from GET /v1/scans/{id}/results)") + offline.add_argument("--meta", "-m", metavar="FILE", + help="Path to scan metadata JSON (from GET /v1/scans/{id}), optional") + + # Input: live mode + live = p.add_argument_group("Live mode (fetch directly from API)") + live.add_argument("--api-url", metavar="URL", + help="AutoAudit API base URL (e.g. http://localhost:8000)") + live.add_argument("--token", metavar="TOKEN", + help="Bearer token (or set AUTOAUDIT_TOKEN env var)") + live.add_argument("--scan-id", metavar="ID", type=int, + help="Scan ID to fetch and report on") + + # Output + out = p.add_argument_group("Output options") + out.add_argument("--template", "-t", metavar="FILE", + default="AutoAudit_Report_Template.docx", + help="Path to report template .docx (default: AutoAudit_Report_Template.docx)") + out.add_argument("--output", "-o", metavar="DIR", + default="reports_out", + help="Output directory for generated report (default: reports_out)") + out.add_argument("--pdf", action="store_true", + help="Also convert the report to PDF") + out.add_argument("--keep-docx", action="store_true", + help="Keep .docx when --pdf is set (default: delete after conversion)") + out.add_argument("--save-dataset", action="store_true", + help="Save the intermediate transformed JSON dataset for inspection") + + return p + + +def main() -> None: + parser = build_parser() + args = parser.parse_args() + + results: list | None = None + meta: dict | None = None + + # --- Determine input mode --- + if args.api_url or args.scan_id: + # Live mode + if not args.api_url or not args.scan_id: + parser.error("--api-url and --scan-id are both required for live mode.") + token = args.token or os.environ.get("AUTOAUDIT_TOKEN") + if not token: + parser.error("Provide --token or set the AUTOAUDIT_TOKEN environment variable.") + meta, results = fetch_scan_data(args.api_url, token, args.scan_id) + + elif args.results: + # Offline mode + results_path = Path(args.results) + if not results_path.exists(): + print(f"ERROR: Results file not found: {results_path}") + sys.exit(1) + print(f"Loading results from: {results_path}") + with open(results_path) as f: + results = json.load(f) + + if args.meta: + meta_path = Path(args.meta) + if not meta_path.exists(): + print(f"WARNING: Meta file not found: {meta_path} — tenant name will be generic.") + else: + print(f"Loading metadata from: {meta_path}") + with open(meta_path) as f: + meta = json.load(f) + else: + parser.error("Provide either --results (offline) or --api-url + --scan-id (live).") + + # --- Validate template --- + template_path = Path(args.template) + if not template_path.exists(): + print(f"ERROR: Template not found: {template_path}") + print("Ensure AutoAudit_Report_Template.docx is in the current directory or pass --template.") + sys.exit(1) + + # --- Transform --- + print(f"\nTransforming {len(results)} control results...") + dataset = transform(results, meta) + + passed_n = dataset["summary"]["Total_Pass"] + failed_n = dataset["summary"]["Total_Fail"] + score = dataset["summary"]["Overall_Score"] + risk = dataset["summary"]["Overall_Risk_Posture"] + tenant = dataset["tenant"]["Tenant_Name"] + domain = dataset["tenant"]["Tenant_Domain"] + + print(f" Tenant : {tenant} ({domain})") + print(f" Score : {score} | Risk: {risk}") + print(f" Pass: {passed_n} | Fail: {failed_n} | " + f"Critical: {dataset['summary']['Total_Critical']} | " + f"High: {dataset['summary']['Total_High']}") + + # --- Optionally save dataset --- + if args.save_dataset: + if args.results: + dataset_out = Path(args.results).stem + "_dataset.json" + else: + dataset_out = f"scan_{args.scan_id}_dataset.json" + with open(dataset_out, "w") as f: + json.dump(dataset, f, indent=2, default=str) + print(f"\nDataset saved to: {dataset_out}") + + # --- Generate report --- + print(f"\nGenerating report...") + print(f" Template : {template_path}") + print(f" Output : {args.output}/") + + sys.path.insert(0, str(Path(__file__).parent)) + try: + import report_service as svc + except ImportError: + print("ERROR: report_service.py not found. Place this script in the same folder.") + sys.exit(1) + + try: + if args.pdf: + out = svc.generate_full_report_pdf( + dataset, + template_path=str(template_path), + output_dir=args.output, + keep_docx=args.keep_docx, + ) + print(f"\n✓ PDF written to: {out}") + else: + out = svc.generate_full_report_docx( + dataset, + template_path=str(template_path), + output_dir=args.output, + ) + print(f"\n✓ Report written to: {out}") + print(f" Convert to PDF: python {Path(__file__).name} " + f"--results {args.results or f'scan_{args.scan_id}_results.json'} --pdf") + + except FileNotFoundError as e: + print(f"ERROR: {e}") + sys.exit(1) + except Exception as e: + import traceback + print(f"ERROR during report generation: {e}") + traceback.print_exc() + sys.exit(1) + + out_path = Path(out) + if not out_path.exists(): + print("ERROR: generation completed but no file was written.") + sys.exit(1) + + size_kb = out_path.stat().st_size / 1024 + if size_kb < 1: + print(f"WARNING: output is only {size_kb:.1f} KB — check the template path is correct.") + + +if __name__ == "__main__": + main() \ No newline at end of file From a219a4c662d8c2d548c3ee312736c2d7774d9336 Mon Sep 17 00:00:00 2001 From: raaidrushdy Date: Sun, 24 May 2026 23:42:37 +1000 Subject: [PATCH 7/7] docs: update README_report_service with generate_report_from_scan.py usage --- security/reports/README_report_service.md | 140 +++++++++++++++++++++- 1 file changed, 138 insertions(+), 2 deletions(-) diff --git a/security/reports/README_report_service.md b/security/reports/README_report_service.md index 5e15f3df2..25303fc52 100644 --- a/security/reports/README_report_service.md +++ b/security/reports/README_report_service.md @@ -11,6 +11,7 @@ produces a Word document or PDF report. |------|---------| | `report_service.py` | The report generator — this is the only file you need to import | | `AutoAudit_Report_Template.docx` | Word template with `{placeholder}` tokens | +| `generate_report_from_scan.py` | Transforms live API scan results into the dataset schema and generates the report | | `run_test.py` | Smoke test runner | | `fake_dataset.json` | Sample dataset for local testing | @@ -46,6 +47,136 @@ python report_service.py convert path/to/report.docx # convert existing --- +## Generating a report from a real tenant scan + +`generate_report_from_scan.py` connects to the AutoAudit API, fetches real scan +results, transforms them into the dataset schema, and generates the report. +All tenant metadata (name, domain, framework version, dates) is derived +automatically from the scan data — no hardcoded values. + +### Prerequisites + +1. The full stack must be running (`docker compose --profile all up -d`) +2. You need a valid bearer token (see Authentication below) +3. A completed scan must exist (see Running a scan below) + +### Authentication + +Register and log in to get a token: + +```bash +curl -X POST http://localhost:8000/v1/auth/register \ + -H 'Content-Type: application/json' \ + -d '{"email": "you@example.com", "password": "YourPassword1!", "username": "yourname"}' + +curl -X POST http://localhost:8000/v1/auth/login \ + -H 'Content-Type: application/x-www-form-urlencoded' \ + -d 'username=you@example.com&password=YourPassword1!' +``` + +Copy the `access_token` from the response and set it: + +```bash +export TOKEN="eyJ..." +# or use the env var alternative: +export AUTOAUDIT_TOKEN="eyJ..." +``` + +### Running a scan + +Create an M365 connection using the service principal credentials from Bitwarden: + +```bash +curl -X POST http://localhost:8000/v1/m365-connections/ \ + -H 'Content-Type: application/json' \ + -H "Authorization: Bearer $TOKEN" \ + -d '{ + "name": "My Tenant", + "tenant_id": "", + "client_id": "", + "client_secret": "" + }' +``` + +Trigger a scan (use the `id` returned from the connection step): + +```bash +curl -X POST http://localhost:8000/v1/scans/ \ + -H 'Content-Type: application/json' \ + -H "Authorization: Bearer $TOKEN" \ + -d '{"m365_connection_id": 1, "framework": "cis", "benchmark": "microsoft-365-foundations", "version": "v6.0.0"}' +``` + +Poll until `status` is `completed`: + +```bash +curl http://localhost:8000/v1/scans/1 -H "Authorization: Bearer $TOKEN" | python3 -m json.tool | grep '"status"' | head -1 +``` + +### Live mode (fetches directly from the running API) + +```bash +python generate_report_from_scan.py \ + --api-url http://localhost:8000 \ + --token $TOKEN \ + --scan-id 1 +``` + +### Offline mode (from saved JSON files) + +First save the scan data: + +```bash +curl http://localhost:8000/v1/scans/1 \ + -H "Authorization: Bearer $TOKEN" > scan_meta.json + +curl http://localhost:8000/v1/scans/1/results \ + -H "Authorization: Bearer $TOKEN" > scan_results.json +``` + +Then generate the report: + +```bash +python generate_report_from_scan.py \ + --results scan_results.json \ + --meta scan_meta.json +``` + +### Options + +| Flag | Description | +|------|-------------| +| `--api-url URL` | AutoAudit API base URL (live mode) | +| `--token TOKEN` | Bearer token, or set `AUTOAUDIT_TOKEN` env var | +| `--scan-id ID` | Scan ID to fetch and report on (live mode) | +| `--results FILE` | Path to scan results JSON (offline mode) | +| `--meta FILE` | Path to scan metadata JSON (offline mode, optional) | +| `--template FILE` | Path to template .docx (default: `AutoAudit_Report_Template.docx`) | +| `--output DIR` | Output directory (default: `reports_out`) | +| `--pdf` | Also convert output to PDF | +| `--keep-docx` | Keep .docx when `--pdf` is set | +| `--save-dataset` | Save the intermediate transformed JSON for inspection | + +### Example output + +``` +Fetching scan #1 from http://localhost:8000 ... + Status: completed | Pass: 38 | Fail: 22 | Score: 63.33% + +Transforming 140 control results... + Tenant : AutoAudit Sandbox (t8sjf.onmicrosoft.com) + Score : 63.3% | Risk: HIGH + Pass: 38 | Fail: 22 | Critical: 10 | High: 11 + +Generating report... + Template : AutoAudit_Report_Template.docx + Output : reports_out/ + +✓ Report written to: reports_out/AutoAudit_Sandbox_24May2026_AutoAudit_Report.docx +``` + +--- + ## Dataset schema The service reads these top-level keys: @@ -114,12 +245,12 @@ all resolve to the same field. } ``` -Category fields run from `Cat_1_*` to `Cat_9_*`. Also supports the nested +Category fields run from `Cat_1_*` to `Cat_9_*`. Also supports the nested shape `summary.categories.Cat_1.Pass` if your dataset uses that instead. ### controls (list) -Each item maps to one finding block in the report. The template has one block +Each item maps to one finding block in the report. The template has one block per severity level — Critical, High, Medium, Low — and only the first FAIL at each level is used. @@ -238,3 +369,8 @@ Loading dataset : fake_dataset.json These limits match the template row count — extend the template if you need more. - PDF conversion quality depends on which converter is available. Always review the .docx in Word before distributing the PDF version. +- Fields such as `{ISO_Mapping}`, `{Impact}`, `{Root_Cause}`, and `{Observations}` + in the detailed findings section require enrichment data from the CIS→ISO mapping + and GRC pipeline. These are not populated by `generate_report_from_scan.py` as + that data is not yet wired into the scan results API — this is a separate + integration task.