From 424a385249e06da2fd51bfd7980704becad723e6 Mon Sep 17 00:00:00 2001
From: Jeroen Pinoy <jeroen.pinoy@fortitude.ninja>
Date: Tue, 30 Mar 2021 23:33:33 +0200
Subject: [PATCH 01/14] chg: [Automation] Add separate attributes/restSearch
 section. close #249

---
 automation/README.md | 284 +++++++++++++++++++++++++++++++++++++------
 1 file changed, 250 insertions(+), 34 deletions(-)

diff --git a/automation/README.md b/automation/README.md
index 0234ad6..8700782 100644
--- a/automation/README.md
+++ b/automation/README.md
@@ -139,15 +139,15 @@ Find below a non exhaustive list of parameters that can be used to filter data i
 - **withAttachments**: If set, encodes the attachments / zipped malware samples as base64 in the data field within each attribute
 - **metadata**: Only the metadata (event, tags, relations) is returned, attributes and proposals are omitted.
 - **uuid**: Restrict the results by uuid.
-- **publish_timestamp**: Restrict the results by the timestamp of the last publishing of the event. The input can be a timetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
-- **last**: (Deprecated synonym for publish_timestamp) Restrict the results by the timestamp of the last publishing of the event. The input can be a timetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
-- **timestamp**: Restrict the results by the timestamp (last edit). Any event with a timestamp newer than the given timestamp will be returned. In case you are dealing with /attributes as scope, the attribute's timestamp will be used for the lookup. The input can be a timetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **publish_timestamp**: Restrict the results by the timestamp of the last publishing of the event. The input can be a timsetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **last**: (Deprecated synonym for publish_timestamp) Restrict the results by the timestamp of the last publishing of the event. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **timestamp**: Restrict the results by the timestamp (last edit). Any event with a timestamp newer than the given timestamp will be returned. In case you are dealing with /attributes as scope, the attribute's timestamp will be used for the lookup. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
 - **published**: Set whether published or unpublished events should be returned. Do not set the parameter if you want both.
 - **enforceWarninglist**: Remove any attributes from the result that would cause a hit on a warninglist entry.
 - **to_ids**: By default (0) all attributes are returned that match the other filter parameters, irregardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. You can only use the special "exclude" setting to only return attributes that have the to_ids flag disabled.
-- **deleted**: If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using "only" as a parameter it will limit the returned data set to soft-deleted data only.
+- **deleted**: Default value 0. If set to 1, only deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned.
 - **includeEventUuid**: Instead of just including the event ID, also include the event UUID in each of the attributes.
-- **event_timestamp**: Only return attributes from events that have received a modification after the given timestamp. The input can be a timetamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **event_timestamp**: Only return attributes from events that have received a modification after the given timestamp. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
 - **sgReferenceOnly**: If this flag is set, sharing group objects will not be included, instead only the sharing group ID is set.
 - **eventinfo**: Filter on the event's info field.
 - **searchall**: Search for a full or a substring (delimited by % for substrings) in the event info, event tags, attribute tags, attribute values or attribute comment fields.
@@ -844,6 +844,251 @@ https://<misp url>/attributes/describeTypes
 
 Depending on the headers passed the returned data will be a JSON object or an XML, with 3 main sections: types, categories, category\_type\_mappings.
 
+### POST /attributes/restSearch
+
+Do not use this function with GET!
+
+#### Parameters
+
+- **returnFormat**: The format to return data in. Allowed formats:
+  - **attack-sightings**: Returns ATTA&CK Sightings in json format for
+  attributes with mitre-attack-pattern galaxies attached. For further details on the ATT&CK Sightings, please visit the related [MITRE website page](https://attack.mitre.org/resources/sightings/).
+  - **cache**: Hashes the attributes and returns them as txt. A hashing algorithm can be chosen by also adding the hash_type parameter. Supported hashing algorithms can be found on the [PHP website](https://www.php.net/manual/en/function.hash-algos.php]).
+  - **count**: Returns the attribute count as txt.
+  - **csv**
+  - **hashes**: Returns hash attributes in txt format. For composite attributes, only the hash part is returned. 
+  - **json**
+  - **netfilter**: Returns netfilter rules for IPs. Action can be set with the  netfilter_action parameter. The default action is DROP.
+  - **opendata**: Please refer to the related MISP project [blog post](https://www.misp-project.org/2020/07/30/publishing-open-data-using-MISP.html).
+  - **openioc**
+  - **rpz**
+  - **snort**
+  - **suricata**
+  - **text**: Returns only the attribute values in text format.
+  - **xml**
+  - **yara**:
+  - **yara-json**
+- **value**: Search for the given value in the attributes' value field.
+- **type**: The attribute type, any valid MISP attribute type is accepted.
+- **category**: The attribute category, any valid MISP attribute category is accepted.
+- **org**: Search by the creator organisation by supplying the organisation identifier.
+- **tags**: Include or exclude attributes with certain tags. See example below. It is strongly recommended to specifically exclude the tags you want to avoid, even if the tags should be exclusive, for example tlp:red and tlp:green.
+~~~~json
+{
+    "returnFormat": "json",
+    "tags": {
+        "NOT": [
+            "tlp:red"
+        ],
+        "OR": [
+            "tlp:green"
+        ]
+    }
+}
+~~~~
+- **from**: Will return attributes from events with the date set to a date after the one specified in the from field (format: 2015-02-15).
+- **to**: Will return attributes with the date set to a date before the one specified in the to field (format: 2015-02-15).
+- **last**: ***Deprecated!!!*** (synonym for publish_timestamp) Restrict the results by the timestamp of the last publication of the event. Any attribute with a last publication timestamp newer than the given timestamp will be returned. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **eventid**: The events that should be included / excluded from the search.
+- **withAttachments**: If set, encodes the attachments / zipped malware samples as base64 in the data field within each attribute
+- **uuid**: Restrict the results by uuid.
+- **publish_timestamp**: Restrict the results by the timestamp of the last publication of the event. Any attribute with a last publication timestamp newer than the given timestamp will be returned. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **published**: Set whether published or unpublished events should be returned. Do not set the parameter if you want both.
+- **timestamp**: ***Deprecated!!!*** (synonym for attribute_timestamp) Restrict the results by the timestamp (last edit). Any attribute with a timestamp newer than the given timestamp will be returned. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **enforceWarninglist**: Remove any attributes from the result that would cause a hit on a warninglist entry.
+- **to_ids**: By default (0) all attributes are returned that match the other filter parameters, irregardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. You can only use the special "exclude" setting to only return attributes that have the to_ids flag disabled.
+- **deleted**: Default value 0. If set to 1, only deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned.
+- **includeEventUuid**: Instead of just including the event ID, also include the event UUID in each of the attributes.
+- **event_timestamp**: Only return attributes from events that have received a modification after the given timestamp. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **threat_level_id**: Only return attributes of events with the given threat level id(s). 1 = High, 2 = Medium, 3=Low, 4 = Undefined. See example below.
+```
+{
+    "returnFormat": "json",
+    "threat_level_id": [1,2]
+}
+```
+- **includeEventTags**: If set to 1, the event tags of the event the attribute belongs to will be added to the attribute.
+- **limit**: Limit the number of results returned, for example 10 attributes.
+- **page**: If a limit is set, sets the page to be returned. page 3, limit 100 will return records 201->300).
+- **requested_attributes**: Only for CSV export. Choose the fields you want in the csv output. Available fields are (*non-exhaustive list, more fields can be available depending on the values of other parameters*):
+  - uuid
+  - event_id
+  - category
+  - type
+  - value
+  - comment
+  - to_ids
+  - date
+  - object_relation
+  - attribute_tag
+  - object_uuid
+  - object_name
+  - object_meta_category
+  - event_info. Only available if includeContext parameter is set to 1.
+  - event_member_org. Only available if includeContext parameter is set to 1.
+  - event_source_org. Only available if includeContext parameter is set to 1.
+  - event_distribution. Only available if includeContext parameter is set to 1.
+  - event_threat_level_id. Only available if includeContext parameter is set to 1.
+  - event_analysis. Only available if includeContext parameter is set to 1.
+  - event_date. Only available if includeContext parameter is set to 1.
+  - event_tag. Only available if includeContext parameter is set to 1.
+  - event_timestamp. Only available if includeContext parameter is set to 1.
+- **includeContext**: Adds  extra event level context to the output. For each attribute more details are added to the Event object in the output. Please note that this significantly bloats the output data. Example below.
+```
+"Event": {
+          "id": "31",
+          "orgc_id": "1",
+          "org_id": "1",
+          "date": "2021-03-11",
+          "threat_level_id": "1",
+          "info": "Correlation 2",
+          "published": true,
+          "uuid": "0bfe7bf3-f793-4761-8450-8b30ca9d9964",
+          "analysis": "0",
+          "timestamp": "1616972381",
+          "distribution": "1",
+          "publish_timestamp": "1616972392",
+          "sharing_group_id": "0",
+          "extends_uuid": "",
+          "Tag": [],
+          "Orgc": {
+            "id": "1",
+            "name": "SHARINGORG",
+            "uuid": "26867ddf-5a9b-4af0-b552-e4020a913b95",
+            "local": true
+          }
+        }
+```
+- **headerless**: Only for CSV export. The CSV created when this setting is set to true will not contain the header row.
+- **includeWarninglistHits**: Adds a warnings block to an attribute if it has warninglist hits. See example below.
+```
+"warnings": [
+          {
+            "match": "10.0.0.0/8",
+            "value": "10.0.0.1",
+            "warninglist_name": "List of RFC 5735 CIDR blocks",
+            "warninglist_id": "46"
+          },
+          {
+            "match": "10.0.0.0/8",
+            "value": "10.0.0.1",
+            "warninglist_name": "List of RFC 1918 CIDR blocks",
+            "warninglist_id": "44"
+          }
+        ]
+```
+- **object_relation**: Search on the object_relation field of attributes. You can search for 'malware-sample' attributes of file objects for example. Searching for multiple values at the same time is possible as well.
+```
+{
+    "returnFormat": "json",
+    "object_relation": ["malware-sample", "institution-name"]
+}
+```
+- **includeSightings**: Adds a list of sightings for attributes that have sightings. See example below.
+```
+"Sighting": [
+          {
+            "id": "1",
+            "attribute_id": "29",
+            "event_id": "31",
+            "org_id": "1",
+            "date_sighting": "1617017091",
+            "uuid": "48d21518-6b2a-4615-8c4e-91fbe4f08fe7",
+            "source": "",
+            "type": "0",
+            "attribute_uuid": "b3c25257-7f47-41af-a29b-89188e583b5c",
+            "Organisation": {
+              "id": "1",
+              "uuid": "26867ddf-5a9b-4af0-b552-e4020a913b95",
+              "name": "SHARINGORG"
+            }
+          }
+        ]
+```
+- **includeCorrelations**: Adds a list of correlated attributes for attributes that have correlations. See example below.
+```
+"RelatedAttribute": [
+          {
+            "id": "31",
+            "event_id": "30",
+            "object_id": "0",
+            "object_relation": null,
+            "category": "Network activity",
+            "type": "ip-dst",
+            "uuid": "f3b54c94-89ff-4fcf-9f47-52f70c6540b8",
+            "timestamp": "1616961683",
+            "distribution": "5",
+            "sharing_group_id": "0",
+            "to_ids": false,
+            "comment": "",
+            "value": "10.0.0.1",
+            "Event": {
+              "id": "30",
+              "uuid": "8cca9f2f-9281-49fd-9b30-e16a8dbf6855",
+              "threat_level_id": "1",
+              "analysis": "0",
+              "info": "Correlation 1",
+              "extends_uuid": "",
+              "distribution": "1",
+              "sharing_group_id": "0",
+              "published": false,
+              "date": "2021-03-11",
+              "orgc_id": "1",
+              "org_id": "1"
+            }
+          }
+        ]
+```
+- **includeDecayScore**: If set to 1, decay score information will be included for attributes that are affected by decaying. See example below. Note that includeEventTags will be set to 1 automatically if includeDecayScore is true.
+```
+"decay_score": [
+          {
+            "score": 77.40239901751683,
+            "base_score": 80,
+            "decayed": false,
+            "DecayingModel": {
+              "id": "2",
+              "name": "NIDS Simple Decaying Model"
+            }
+          }
+        ],
+```
+- **decayingModel**: Allows you to set the decaying model(s) to use to calculate the decay score. You can use a model that is not enabled. The value should be set to the id of the model. If this value is not set, a decay score entry will be added for all enabled decaying models that apply to the attribute type.
+- **excludeDecayed**: Filter out all expired IOCs. Note that includeDecayScore will be set to 1 automatically if excludeDecayed is true.
+- **modelOverrides**: JSON that can be used to modify Model parameters on-the-fly. Example can be found beow.
+```
+{
+    "type": "ip-src",
+    "tags": ["tlp:%","phishing:%"],
+    "includeDecayScore": 1,
+    "excludeDecayed": 1,
+    "modelOverrides": {
+        "threshold": 30
+    }
+    "decayingModel": [84, 12],
+}
+```
+- **includeFullModel**: If set to 1, includes the full decaying model details instead of just the id and name.
+- **score**: Overrides the model threshold value with the one you set. This means attributes for which the decay score calculated for all relevant models is lower than this value, will be considered decayed.
+- **attribute_timestamp**: Restrict the results by the timestamp (last edit). Any attribute with a timestamp newer than the given timestamp will be returned. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **first_seen**: Restrict the results by the first_seen timestamp of the attribute. Any attribute with a first_seen timestamp newer than the given timestamp will be returned. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **last_seen**: Restrict the results by the last_seen timestamp of the attribute. Any attribute with a first_seen timestamp newer than the given timestamp will be returned. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
+- **searchall**: Search for a full or a substring (delimited by % for substrings) in the attribute tags, attribute values or attribute comment fields.
+
+#### Example
+~~~~
+curl \
+ -d '{"returnFormat":"json","value":"foobar"}' \
+ -H "Authorization: YOUR API KEY" \
+ -H "Accept: application/json" \
+ -H "Content-type: application/json" \
+ -X POST https://192.168.0.220/attributes/restSearch
+~~~~
+
+~~~~json
+{"response": {"Attribute": [{"id":"44","event_id":"30","object_id":"0","object_relation":null,"category":"Other","type":"comment","to_ids":false,"uuid":"7a5d856c-048a-4dbd-8e6d-41d1790c5ad0","timestamp":"1617056037","distribution":"5","sharing_group_id":"0","comment":"","deleted":false,"disable_correlation":false,"first_seen":null,"last_seen":null,"value":"foobar","Event":{"org_id":"1","distribution":"1","id":"30","info":"Correlation 1","orgc_id":"1","uuid":"8cca9f2f-9281-49fd-9b30-e16a8dbf6855"}}]}}
+~~~~
+
 ## Objects management
 ### POST /objects/delete/[object_id]/[hard_delete]
 #### Description
@@ -1564,35 +1809,6 @@ For example, to retrieve all attributes for event #5, including non IDS marked a
 https://<misp url>/attributes/text/download/all/null/5/true
 ~~~~
 
-## RESTful searches with JSON result
-
-It is possible to search the database for attributes based on a list of criteria
-
-To return an event with all of its attributes, relations, shadowAttributes, use the following syntax:
-
-~~~~
-https://<misp url>/attributes/restSearch/json/[value]/[type]/[category]/[org]/[tag]/[quickfilter]/[from]/[to]/[last]/[eventid]/[withAttachments]/[metadata]/[uuid]
-~~~~
-    
- If you include "includeEventUuid":1" in the json request, it will give you the event_uuid as a result as well.
-
-Be careful if you GET the /attributes/restSearch/json/ without an value, it will return all attributes.
-
-### POST /attributes/restSearch
-
-Do not use that function with GET!
-
-#### Example
-~~~~
-curl -X POST -k -H 'Accept: application/json' -H 'Authorization: API Key' -H 'Content-Type: application/json' -i 'https://URL/attributes/restSearch' --data '{"value":"foobar"}'
-~~~~
-
-~~~~json
-{
-    "response": []
-}
-~~~~
-
 ## RESTful searches with XML result export
 
 It is possible to search the database for attributes based on a list of criteria.

From e150bb34082433122130466c417264013e632c7a Mon Sep 17 00:00:00 2001
From: "E. Cleopatra" <32180937+PROTechThor@users.noreply.github.com>
Date: Fri, 2 Apr 2021 10:16:07 +0100
Subject: [PATCH 02/14] new: [doc] Add a contributing guide

---
 CONTRIBUTING.md | 60 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 create mode 100644 CONTRIBUTING.md

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 0000000..a36a091
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,60 @@
+# Contributing to MISP Book
+
+Most of MISP documentation pages are stored as plain text files in this dedicated misp-book repository. 
+The installation guides are held in the [INSTALL](https://github.com/MISP/MISP/tree/2.4/INSTALL) and [download](https://www.misp-project.org/download/) sections of the core and website repositories respectively.
+By cloning and regularly pulling from this repo, users can maintain their own up-to-date offline copy of MISP documentation rather than relying solely on the web.
+
+## Documentation guidelines
+
+The documentation is a community effort. Volunteers work hard trying to keep everything accurate and comprehensive. 
+If you notice a problem or some way it can be improved, please edit the documentation.
+
+All pull requests against MISP must pass review prior to be merged. This process is designed to ensure that contributed text is accurate and non-malicious. 
+Once a pull request passes review, the documentation maintainer then verifies that the pull request is mechanically sound (no merge conflicts or broken links). If so, the documentation maintainer then merges the pull request. 
+
+If you have a question about something you read in the documentation, you may ask in to the [Gitter Support channel](https://gitter.im/MISP/Support) or open an issue for it. To report an issue with the documentation, please follow our [standard issue reporting guidelines](). If you see that something in the documentation should be fixed or improved, please [contribute the change](#how-to-contribute) yourself. 
+
+## How to contribute
+
+Editing the documentation is easy, so if you see that a change should be made, please contribute it!
+
+A few notes before we get started:
+
+- Every documentation change will be reviewed before it’s accepted. This allows us to maintain quality control and protect our users.
+- If your contribution would take a lot of time, please [file an issue](https://github.com/MISP/misp-book/issues) for it first so that we can make sure we’re on the same page before significant works begins. This ensures you do not spend time and effort on a contribution that we can’t accept. 
+
+Thanks to GitHub’s interface, you can edit MISP's documentation even if you don’t know git at all. All you need to do to contribute is to [fork and clone](https://guides.github.com/activities/forking/) the [misp-book repo](https://github.com/MISP/misp-book/), make your changes, then [submit a pull request](https://help.github.com/articles/using-pull-requests/)).
+
+
+## Organizational guidelines
+
+- Do not duplicate documentation. Duplicating documentation is almost always a bad idea. There are many reasons for this. The main one is that almost all documentation has to be updated as some point. When similar documentation appears in more than one place, it is very easy for it to get updated in one place but not the others (perhaps because the person updating it doesn’t realize it’s in more than once place). Such traps are often more harmful than if the documentation never existed in the first place. The solution is to link to existing documentation rather than duplicating it. There are some exceptions to this policy (e.g., information that is certain not to change for a very long time), but they are rare.
+- We maintain only one set of documentation for MISP. We do not maintain a different set of documentation for each version of MISP. Our single set of MISP documentation is updated on a continual, rolling basis. Our first priority is to document all current, stable releases of MISP. Our second priority is to document the next, upcoming release (if any) that is currently in the beta or release candidate stage.
+- Instructions on how install MISP are held in [INSTALL](https://github.com/MISP/MISP/tree/2.4/INSTALL) and [download](https://www.misp-project.org/download/) sections of the core and website repositories respectively. 
+
+## Style guidelines
+
+- Familiarize yourself with the terms defined in the [glossary](https://www.circl.lu/doc/misp/GLOSSARY.html). Use these terms consistently and accurately throughout your writing.
+- The language in this book is American English. All the screenshots and examples are in English.
+
+## Markdown conventions
+
+All the documentation is written in Markdown for maximum accessibility. When making contributions, please try to observe the following style conventions:
+
+- Use spaces instead of tabs.
+- In order to enable offline browsing, always use relative (rather than absolute) links, e.g., misp/automation/ instead of https://www.circl.lu/doc/misp/automation/. Examples of exceptions:
+    - URLs that appear inside code blocks (e.g., in comments and code snippets)
+    - Files like README.md and CONTRIBUTING.md
+- Insert a newline at, and only at, the end of each sentence. This practice results in one sentence per line, which is most appropriate for source that consists primarily of natural language text. It results in the most useful diffs and facilitates translation into other languages while mostly preserving source readability.
+- If appropriate, make numerals in numbered lists match between Markdown source and HTML output. In the event that a user is required to read the Markdown source directly, this will make it easier to follow, e.g., numbered steps in a set of instructions.
+- Use Atx-style headings: # h1, ##h 2, ### h3, etc.
+- When writing code blocks, use syntax highlighting where possible and use [...] for anything omitted.
+([This](https://daringfireball.net/projects/markdown/) is a great source for learning about Markdown.)
+
+## Git conventions
+
+Please try to write good commit messages, according to the [instructions in our wiki](https://github.com/MISP/MISP/wiki/CommitMessageBestPractices).
+
+## Translate MISP Book
+
+You can help us make MISP Book available in your language. See [MISP and Internationalization (i18n)](https://www.circl.lu/doc/misp/translation/).

From 0f80b5288e0e4273632083a1068eb47db44fa968 Mon Sep 17 00:00:00 2001
From: "E. Cleopatra" <32180937+PROTechThor@users.noreply.github.com>
Date: Fri, 2 Apr 2021 14:04:04 +0100
Subject: [PATCH 03/14] chg: [doc] Add back ticks

---
 CONTRIBUTING.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index a36a091..9016a4d 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -47,7 +47,7 @@ All the documentation is written in Markdown for maximum accessibility. When mak
     - Files like README.md and CONTRIBUTING.md
 - Insert a newline at, and only at, the end of each sentence. This practice results in one sentence per line, which is most appropriate for source that consists primarily of natural language text. It results in the most useful diffs and facilitates translation into other languages while mostly preserving source readability.
 - If appropriate, make numerals in numbered lists match between Markdown source and HTML output. In the event that a user is required to read the Markdown source directly, this will make it easier to follow, e.g., numbered steps in a set of instructions.
-- Use Atx-style headings: # h1, ##h 2, ### h3, etc.
+- Use Atx-style headings: `# h1`, `## h2`, `### h3`, etc.
 - When writing code blocks, use syntax highlighting where possible and use [...] for anything omitted.
 ([This](https://daringfireball.net/projects/markdown/) is a great source for learning about Markdown.)
 

From f1726681a0fe02beb428d0b002f1c3f6b6829beb Mon Sep 17 00:00:00 2001
From: "E. Cleopatra" <32180937+PROTechThor@users.noreply.github.com>
Date: Thu, 8 Apr 2021 05:45:49 +0100
Subject: [PATCH 04/14] Update CONTRIBUTING.md

---
 CONTRIBUTING.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 9016a4d..1dd854f 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,9 +1,12 @@
 # Contributing to MISP Book
 
 Most of MISP documentation pages are stored as plain text files in this dedicated misp-book repository. 
+MISP Book is a generic documentation for MISP including usage, API documentation, best practices and specific configuration settings.
 The installation guides are held in the [INSTALL](https://github.com/MISP/MISP/tree/2.4/INSTALL) and [download](https://www.misp-project.org/download/) sections of the core and website repositories respectively.
 By cloning and regularly pulling from this repo, users can maintain their own up-to-date offline copy of MISP documentation rather than relying solely on the web.
 
+MISP book is generated in HTML, PDF, epub and mobi using [Honkit](https://github.com/honkit/honkit), which is a framework to write documentation in Markdown format. The documentation is regularly published on misp-project.org and circl.lu website.
+
 ## Documentation guidelines
 
 The documentation is a community effort. Volunteers work hard trying to keep everything accurate and comprehensive. 
@@ -25,6 +28,13 @@ A few notes before we get started:
 
 Thanks to GitHub’s interface, you can edit MISP's documentation even if you don’t know git at all. All you need to do to contribute is to [fork and clone](https://guides.github.com/activities/forking/) the [misp-book repo](https://github.com/MISP/misp-book/), make your changes, then [submit a pull request](https://help.github.com/articles/using-pull-requests/)).
 
+[TravisCI](https://travis-ci.org/MISP) (used for automatic integration) is included in misp-book and the book generation is tested at each commit. 
+When you make a pull request, verify if your changes affect the result of the tests. If the checks fails, review the output at Travis and make fixes where possible. 
+
+### For native English speakers
+
+Most of MISP developers are not native English speakers so you're more than welcome to correct or improve our English. For this, you can either submit a pull request or use another way that suits you better to share your improvements with us.
+
 
 ## Organizational guidelines
 

From db72b9fdd92847fd8b747bbf791b2d95a881df83 Mon Sep 17 00:00:00 2001
From: "E. Cleopatra" <32180937+PROTechThor@users.noreply.github.com>
Date: Mon, 12 Apr 2021 07:37:27 +0100
Subject: [PATCH 05/14] chg: [doc] Fix grammatical errors

---
 CONTRIBUTING.md | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 1dd854f..6657291 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,21 +1,21 @@
 # Contributing to MISP Book
 
-Most of MISP documentation pages are stored as plain text files in this dedicated misp-book repository. 
-MISP Book is a generic documentation for MISP including usage, API documentation, best practices and specific configuration settings.
+Most of MISP's documentation pages are stored as plain text files in this dedicated misp-book repository. 
+MISP Book is generic documentation for MISP including usage, API documentation, best practices, and specific configuration settings.
 The installation guides are held in the [INSTALL](https://github.com/MISP/MISP/tree/2.4/INSTALL) and [download](https://www.misp-project.org/download/) sections of the core and website repositories respectively.
 By cloning and regularly pulling from this repo, users can maintain their own up-to-date offline copy of MISP documentation rather than relying solely on the web.
 
-MISP book is generated in HTML, PDF, epub and mobi using [Honkit](https://github.com/honkit/honkit), which is a framework to write documentation in Markdown format. The documentation is regularly published on misp-project.org and circl.lu website.
+MISP book is generated in HTML, PDF, epub, and mobi using [Honkit](https://github.com/honkit/honkit), which is a framework to write documentation in Markdown format. The documentation is regularly published on [misp-project.org](https://www.misp-project.org/) and [circl.lu website](https://www.circl.lu/doc/misp/).
 
 ## Documentation guidelines
 
 The documentation is a community effort. Volunteers work hard trying to keep everything accurate and comprehensive. 
 If you notice a problem or some way it can be improved, please edit the documentation.
 
-All pull requests against MISP must pass review prior to be merged. This process is designed to ensure that contributed text is accurate and non-malicious. 
+All pull requests against MISP must pass review before being merged. This process is designed to ensure that contributed text is accurate and non-malicious. 
 Once a pull request passes review, the documentation maintainer then verifies that the pull request is mechanically sound (no merge conflicts or broken links). If so, the documentation maintainer then merges the pull request. 
 
-If you have a question about something you read in the documentation, you may ask in to the [Gitter Support channel](https://gitter.im/MISP/Support) or open an issue for it. To report an issue with the documentation, please follow our [standard issue reporting guidelines](). If you see that something in the documentation should be fixed or improved, please [contribute the change](#how-to-contribute) yourself. 
+If you have a question about something you read in the documentation, you may ask into the [Gitter Support channel](https://gitter.im/MISP/Support) or open an issue for it. To report an issue with the documentation, please follow our [standard issue reporting guidelines](). If you see that something in the documentation should be fixed or improved, please [contribute the change](#how-to-contribute) yourself. 
 
 ## How to contribute
 
@@ -24,23 +24,23 @@ Editing the documentation is easy, so if you see that a change should be made, p
 A few notes before we get started:
 
 - Every documentation change will be reviewed before it’s accepted. This allows us to maintain quality control and protect our users.
-- If your contribution would take a lot of time, please [file an issue](https://github.com/MISP/misp-book/issues) for it first so that we can make sure we’re on the same page before significant works begins. This ensures you do not spend time and effort on a contribution that we can’t accept. 
+- If your contribution would take a lot of time, please [file an issue](https://github.com/MISP/misp-book/issues) for it first so that we can make sure we’re on the same page before significant work begins. This ensures you do not spend time and effort on a contribution that we can’t accept. 
 
 Thanks to GitHub’s interface, you can edit MISP's documentation even if you don’t know git at all. All you need to do to contribute is to [fork and clone](https://guides.github.com/activities/forking/) the [misp-book repo](https://github.com/MISP/misp-book/), make your changes, then [submit a pull request](https://help.github.com/articles/using-pull-requests/)).
 
 [TravisCI](https://travis-ci.org/MISP) (used for automatic integration) is included in misp-book and the book generation is tested at each commit. 
-When you make a pull request, verify if your changes affect the result of the tests. If the checks fails, review the output at Travis and make fixes where possible. 
+When you make a pull request, verify if your changes affect the result of the tests. If the checks fail, review the output at Travis and make fixes where possible. 
 
 ### For native English speakers
 
-Most of MISP developers are not native English speakers so you're more than welcome to correct or improve our English. For this, you can either submit a pull request or use another way that suits you better to share your improvements with us.
+Most MISP developers are not native English speakers so you're more than welcome to correct or improve our English. For this, you can either submit a pull request or use another way that suits you better to share your improvements with us.
 
 
 ## Organizational guidelines
 
-- Do not duplicate documentation. Duplicating documentation is almost always a bad idea. There are many reasons for this. The main one is that almost all documentation has to be updated as some point. When similar documentation appears in more than one place, it is very easy for it to get updated in one place but not the others (perhaps because the person updating it doesn’t realize it’s in more than once place). Such traps are often more harmful than if the documentation never existed in the first place. The solution is to link to existing documentation rather than duplicating it. There are some exceptions to this policy (e.g., information that is certain not to change for a very long time), but they are rare.
+- Do not duplicate documentation. Duplicating documentation is almost always a bad idea. There are many reasons for this. The main one is that almost all documentation has to be updated at some point. When similar documentation appears in more than one place, it is very easy for it to get updated in one place but not the others (perhaps because the person updating it doesn’t realize it’s in more than one place). Such traps are often more harmful than if the documentation never existed in the first place. The solution is to link to existing documentation rather than duplicating it. There are some exceptions to this policy (e.g., information that is certain not to change for a very long time), but they are rare.
 - We maintain only one set of documentation for MISP. We do not maintain a different set of documentation for each version of MISP. Our single set of MISP documentation is updated on a continual, rolling basis. Our first priority is to document all current, stable releases of MISP. Our second priority is to document the next, upcoming release (if any) that is currently in the beta or release candidate stage.
-- Instructions on how install MISP are held in [INSTALL](https://github.com/MISP/MISP/tree/2.4/INSTALL) and [download](https://www.misp-project.org/download/) sections of the core and website repositories respectively. 
+- Instructions on how to install MISP are held in [INSTALL](https://github.com/MISP/MISP/tree/2.4/INSTALL) and [download](https://www.misp-project.org/download/) sections of the core and website repositories respectively. 
 
 ## Style guidelines
 
@@ -52,11 +52,11 @@ Most of MISP developers are not native English speakers so you're more than welc
 All the documentation is written in Markdown for maximum accessibility. When making contributions, please try to observe the following style conventions:
 
 - Use spaces instead of tabs.
-- In order to enable offline browsing, always use relative (rather than absolute) links, e.g., misp/automation/ instead of https://www.circl.lu/doc/misp/automation/. Examples of exceptions:
+- To enable offline browsing, always use relative (rather than absolute) links, e.g., misp/automation/ instead of https://www.circl.lu/doc/misp/automation/. Examples of exceptions:
     - URLs that appear inside code blocks (e.g., in comments and code snippets)
     - Files like README.md and CONTRIBUTING.md
-- Insert a newline at, and only at, the end of each sentence. This practice results in one sentence per line, which is most appropriate for source that consists primarily of natural language text. It results in the most useful diffs and facilitates translation into other languages while mostly preserving source readability.
-- If appropriate, make numerals in numbered lists match between Markdown source and HTML output. In the event that a user is required to read the Markdown source directly, this will make it easier to follow, e.g., numbered steps in a set of instructions.
+- Insert a newline at, and only at, the end of each sentence. This practice results in one sentence per line, which is most appropriate for sources that consist primarily of natural language text. It results in the most useful diffs and facilitates translation into other languages while mostly preserving source readability.
+- If appropriate, make numerals in numbered lists match between Markdown source and HTML output. If a user is required to read the Markdown source directly, this will make it easier to follow, e.g., numbered steps in a set of instructions.
 - Use Atx-style headings: `# h1`, `## h2`, `### h3`, etc.
 - When writing code blocks, use syntax highlighting where possible and use [...] for anything omitted.
 ([This](https://daringfireball.net/projects/markdown/) is a great source for learning about Markdown.)

From 740c8f9f73e2ddf9ca055cb4758527b1b8fe36e3 Mon Sep 17 00:00:00 2001
From: "E. Cleopatra" <32180937+PROTechThor@users.noreply.github.com>
Date: Mon, 12 Apr 2021 08:31:03 +0100
Subject: [PATCH 06/14] chg: [doc] Add link to contributing.md, update...

copyright year
---
 README.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index a39f67b..6178493 100644
--- a/README.md
+++ b/README.md
@@ -25,7 +25,7 @@ and many other contributors especially the ones during the [MISP hackathons](htt
 
 ## Contributing
 
-We welcome contributions to the MISP book. If you want to contribute, fork the [misp-book](https://github.com/MISP/misp-book) repository and pull a request with your changes. You can also [open issues](https://github.com/MISP/misp-book/issues) if you find any errors or propose changes.
+We welcome contributions to the MISP book. If you want to contribute, see our [contributing guide](/CONTRIBUTING.md) 
 
 <div class="pagebreak"></div>
 
@@ -40,9 +40,9 @@ The MISP user guide is dual-licensed under [GNU Affero General Public License ve
 * Copyright \(C\) 2012 Christophe Vandeplas
 * Copyright \(C\) 2012 Belgian Defence
 * Copyright \(C\) 2012 NATO / NCIRC
-* Copyright \(C\) 2013-2020 Andras Iklody
-* Copyright \(C\) 2015-2020 Alexandre Dulaunoy
-* Copyright \(C\) 2014-2020 CIRCL - Computer Incident Response Center Luxembourg
+* Copyright \(C\) 2013-2021 Andras Iklody
+* Copyright \(C\) 2015-2021 Alexandre Dulaunoy
+* Copyright \(C\) 2014-2021 CIRCL - Computer Incident Response Center Luxembourg
 * Copyright \(C\) 2018 Camille Schneider
-* Copyright \(C\) 2018-2020 Steve Clement
+* Copyright \(C\) 2018-2021 Steve Clement
 

From ebcf0e97d192a941d18c4b33d0e724038e9cd175 Mon Sep 17 00:00:00 2001
From: "E. Cleopatra" <32180937+PROTechThor@users.noreply.github.com>
Date: Mon, 12 Apr 2021 08:33:01 +0100
Subject: [PATCH 07/14] chg: [doc] Minor changes

---
 CONTRIBUTING.md | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 6657291..7887bcd 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -5,19 +5,23 @@ MISP Book is generic documentation for MISP including usage, API documentation,
 The installation guides are held in the [INSTALL](https://github.com/MISP/MISP/tree/2.4/INSTALL) and [download](https://www.misp-project.org/download/) sections of the core and website repositories respectively.
 By cloning and regularly pulling from this repo, users can maintain their own up-to-date offline copy of MISP documentation rather than relying solely on the web.
 
-MISP book is generated in HTML, PDF, epub, and mobi using [Honkit](https://github.com/honkit/honkit), which is a framework to write documentation in Markdown format. The documentation is regularly published on [misp-project.org](https://www.misp-project.org/) and [circl.lu website](https://www.circl.lu/doc/misp/).
+MISP book is generated in HTML, PDF, epub, and mobi using [Honkit](https://github.com/honkit/honkit), which is a framework to write documentation in Markdown format. 
+The documentation is regularly published on [misp-project.org](https://www.misp-project.org/) and [circl.lu website](https://www.circl.lu/doc/misp/).
 
 ## Documentation guidelines
 
 The documentation is a community effort. Volunteers work hard trying to keep everything accurate and comprehensive. 
 If you notice a problem or some way it can be improved, please edit the documentation.
 
-All pull requests against MISP must pass review before being merged. This process is designed to ensure that contributed text is accurate and non-malicious. 
-Once a pull request passes review, the documentation maintainer then verifies that the pull request is mechanically sound (no merge conflicts or broken links). If so, the documentation maintainer then merges the pull request. 
+All pull requests against MISP must pass review before being merged. 
+This process is designed to ensure that contributed text is accurate and non-malicious. 
+Once a pull request passes review, the documentation maintainer then verifies that the pull request is mechanically sound (no merge conflicts or broken links). 
+If so, the documentation maintainer then merges the pull request. 
 
-If you have a question about something you read in the documentation, you may ask into the [Gitter Support channel](https://gitter.im/MISP/Support) or open an issue for it. To report an issue with the documentation, please follow our [standard issue reporting guidelines](). If you see that something in the documentation should be fixed or improved, please [contribute the change](#how-to-contribute) yourself. 
+If you have a question about something you read in the documentation, you may ask into the [Gitter Support channel](https://gitter.im/MISP/Support) or open an issue for it. 
+If you see that something in the documentation should be fixed or improved, please [contribute the change](#how-to-make-a-contributution) yourself. 
 
-## How to contribute
+## How to make a contribution
 
 Editing the documentation is easy, so if you see that a change should be made, please contribute it!
 
@@ -26,14 +30,18 @@ A few notes before we get started:
 - Every documentation change will be reviewed before it’s accepted. This allows us to maintain quality control and protect our users.
 - If your contribution would take a lot of time, please [file an issue](https://github.com/MISP/misp-book/issues) for it first so that we can make sure we’re on the same page before significant work begins. This ensures you do not spend time and effort on a contribution that we can’t accept. 
 
-Thanks to GitHub’s interface, you can edit MISP's documentation even if you don’t know git at all. All you need to do to contribute is to [fork and clone](https://guides.github.com/activities/forking/) the [misp-book repo](https://github.com/MISP/misp-book/), make your changes, then [submit a pull request](https://help.github.com/articles/using-pull-requests/)).
+Thanks to GitHub’s interface, you can edit MISP's documentation even if you don’t know git at all. 
+All you need to do to contribute is to [fork and clone](https://guides.github.com/activities/forking/) the [misp-book repo](https://github.com/MISP/misp-book/), make your changes, then [submit a pull request](https://help.github.com/articles/using-pull-requests/)). 
+You can also [open issues](https://github.com/MISP/misp-book/issues) if you find any errors or propose changes.
 
 [TravisCI](https://travis-ci.org/MISP) (used for automatic integration) is included in misp-book and the book generation is tested at each commit. 
-When you make a pull request, verify if your changes affect the result of the tests. If the checks fail, review the output at Travis and make fixes where possible. 
+When you make a pull request, verify if your changes affect the result of the tests. 
+If the checks fail, review the output at Travis and make fixes where possible. 
 
 ### For native English speakers
 
-Most MISP developers are not native English speakers so you're more than welcome to correct or improve our English. For this, you can either submit a pull request or use another way that suits you better to share your improvements with us.
+Most MISP developers are not native English speakers so you're more than welcome to correct or improve our English. 
+For this, you can either submit a pull request or use another way that suits you better to share your improvements with us.
 
 
 ## Organizational guidelines

From 0b778f1f3ae66453e3ca2e52ab72694f23e704c2 Mon Sep 17 00:00:00 2001
From: Jeroen Pinoy <jeroen.pinoy@fortitude.ninja>
Date: Sat, 24 Apr 2021 14:09:33 +0200
Subject: [PATCH 08/14] chg: [automation] add doc for /events/restSearch order
 parameter

---
 automation/README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/automation/README.md b/automation/README.md
index 8700782..b57022a 100644
--- a/automation/README.md
+++ b/automation/README.md
@@ -152,6 +152,14 @@ Find below a non exhaustive list of parameters that can be used to filter data i
 - **eventinfo**: Filter on the event's info field.
 - **searchall**: Search for a full or a substring (delimited by % for substrings) in the event info, event tags, attribute tags, attribute values or attribute comment fields.
 - **attackGalaxy**: Select the ATT&CK matrix like galaxy to use when using returnFormat = attack. Defaults to the Mitre ATT&CK library via mitre-attack-pattern.
+- **order**: Only available for /events/restSearch. Sorts the results, can be useful in combination with limit. The accepted values to sort on are "Event.[any_field_in_the_events_table] [asc|desc]". You can also sort on multiple columns, see example below.
+~~~
+{
+    "returnFormat": "json",
+    "limit": "3",
+    "order": "Event.attribute_count desc, Event.date desc"
+}
+~~~
 
 ## Events management
 

From ac0145b1e60a671af83f469e150bf4787b853868 Mon Sep 17 00:00:00 2001
From: Jeroen Pinoy <jeroen.pinoy@fortitude.ninja>
Date: Sat, 1 May 2021 20:37:32 +0200
Subject: [PATCH 09/14] chg: [FAQ] add sudo with user www-data to the command
 to replace the css theme

---
 faq/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/faq/README.md b/faq/README.md
index bae78a4..df6ba4a 100644
--- a/faq/README.md
+++ b/faq/README.md
@@ -269,7 +269,7 @@ You can customize this for your own needs. There are also pre-made boostrap them
 
 Before making any changes, confirm the version of boostrap currenlty used by running `head -5 /var/www/MISP/app/webroot/css/bootstrap.css`. You can find themes on sites like [Bootswatch](https://bootswatch.com/2/). 
 
-To replace the current theme with a theme you found on bootsplash, run: `wget https://bootswatch.com/2/readable/bootstrap.css   -O /var/www/MISP/app/webroot/css/bootstrap.css` , replacing the URL as needed. 
+To replace the current theme with a theme you found on bootsplash, run: `sudo -u www-data wget https://bootswatch.com/2/readable/bootstrap.css -O /var/www/MISP/app/webroot/css/bootstrap.css` , replacing the URL as needed.
 
 Some bootswatch themes applied on MISP: 
 * https://i.imgur.com/usONTLk.png

From 625442c5691620299e991a63404223f4bda35bad Mon Sep 17 00:00:00 2001
From: Jeroen Pinoy <jeroen.pinoy@fortitude.ninja>
Date: Tue, 4 May 2021 11:23:20 +0200
Subject: [PATCH 10/14] chg: [User stories] Fix typo

---
 user-stories/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/user-stories/README.md b/user-stories/README.md
index 17dad86..f41eb28 100644
--- a/user-stories/README.md
+++ b/user-stories/README.md
@@ -4,7 +4,7 @@
 |-|-|
 | As a lead threat intelligence analyst, I want to lead a team focused on hunting down threats so that I can prevent attacks against ICT infrastructures and organizations | <ul> <li>Monitor what teams are up to in real-time using the Live Dashboard </li></ul>|
 | As a threat analyst, I want to research, analyze and reverse engineer malware so that I can know how to counter it | <ul> <li> Attach and download files and malware samples from events</li> <li>Search for hashes/IPs/domains/URLs from malware events, or add malware samples hashes to an event</li> <li>Analyse observables and malware collected during an incident (e.g. domain name, IP addresses etc.) by checking whether observables are IoCs or false positives using ‘correlation graph’ and ‘expansion modules’.</li> <li> Enrich malware events by querying data sources external to MISP using modules</li>  <li>Perform dynamic malware analysis correlations</li> <li> Submit events with malware samples to analysis tools (e.g VirusTotal, VMRay) for further analysis, and then extend MISP with malware analysis results</li> </ul> |
-| As a lead threat intelligence analyst, I want to convert threat data into actionable threat intelligence so that I can improve security posture. | <ul> <li>Import data from external sources</li> <li>Add feeds</li> <li>Contextualise events and attributes using tags, taxonomies and galaxies</li></li> |
+| As a lead threat intelligence analyst, I want to convert threat data into actionable threat intelligence so that I can improve security posture. | <ul> <li>Import data from external sources</li> <li>Add feeds</li> <li>Contextualise events and attributes using tags, taxonomies and galaxies</li></ul> |
 | As a threat analyst, I want to exchange threat information with third parties so that we can gain shared situational awareness | <ul> <li>Setup different models of distribution on MISP instance</li> <li>Sync events and attributes between instances</li> <li>Use filtering functionalities to meet an organisation's sharing policy</li> <li>Share information, pentest information, malware samples, vulnerabilities internally and externally</li> <li>Use feature/achievements widget adding gamification to the information sharing</li> </ul> |
 | As a threat analyst, I want to monitor threats and access live data so that I can manage threats before they cause major damage | <ul>  <li>Import lists of indicators and check if the IOCs are present in feeds.</li> <li>Monitor statistics and sightings using widgets</li> <li>Show live data and stats from one or more MISP instances via the Dashboard</li> <li>Process information in real-time when it's updated, created, or published by instances by integrating with ZMQ</li> <li>Use sightings to notify an instance about activities related to an indicator</li> </ul> |
 | As a threat analyst, I want to aggregate and compare indicators from various sources so that I can connect the dots between various threats | <ul><li>Join communities and subscribe to the feeds</li> <li>Add events and assign events to specific feeds</li> <li>Correlate indicators using MISP's automated correlation engine</li> <li> Use the overlap feed analysis available in MISP</li> <li>Link events and attributes using the correlation graph</li> <li>Analyse and gain more information on attributes using modules</li> <li>Link events with malware, threat actors etc using galaxies (e.g ATT&CK)</li></ul> |

From 4afe72a1afc2b7751bce0f0b8fa74900e9c35493 Mon Sep 17 00:00:00 2001
From: Jeroen Pinoy <jeroen.pinoy@fortitude.ninja>
Date: Sat, 8 May 2021 20:26:25 +0200
Subject: [PATCH 11/14] chg: [warninglists] Restructure chapter, add
 screenshots. fix #266

---
 warninglists/README.md                        |  47 ++++++++++++++----
 .../figures/warninglist-checkValue.png        | Bin 0 -> 21224 bytes
 warninglists/figures/warninglist-warnings.png | Bin 0 -> 91431 bytes
 3 files changed, 36 insertions(+), 11 deletions(-)
 create mode 100644 warninglists/figures/warninglist-checkValue.png
 create mode 100644 warninglists/figures/warninglist-warnings.png

diff --git a/warninglists/README.md b/warninglists/README.md
index c71450f..305cb9a 100644
--- a/warninglists/README.md
+++ b/warninglists/README.md
@@ -1,24 +1,49 @@
+<!-- toc -->
 # MISP warninglists
 MISP warninglists are lists of well-known indicators that can be associated to potential false positives, errors or mistakes.
 There is a Python module available to work with warninglists in a Pythonic way called [PyMISPWarningLists](https://github.com/MISP/PyMISPWarningLists).
 [MISP warninglists GitHub Repo](https://github.com/MISP/misp-warninglists)
 
-## MISP warning lists: The dilemma of false-positive
+## MISP warning lists introduction: The dilemma of false-positive
 
-- False-positive is a common issue in threat intelligence sharing.
+- False-positives are a common issue in threat intelligence sharing.
 
 - It’s often a contextual issue:
-   - false-positive might be different per community of users sharing
+   - False-positives might be different per community of users sharing
 information.
+   - Organizations might have their own view on false-positives.
 
-   - organization might have their own view on false-positive.
+## Usage
+By default MISP will only trigger hits for warninglists if the attribute IDS flag is set. This behaviour can be changed by setting the MISP config parameter MISP.warning_for_all to true.
 
-- Based on the success of the MISP taxonomy model, we build misp-warninglists. They are lists of well-known indicators that can be
-associated to potential false positives, errors or mistakes. They are Simple JSON files.
+When an attribute matches a warninglist entry, an info/warning box is displayed at the event and attribute level, as can be seen in the screenshot below.
+![Screenshot of event with one attribute that has warning list hits](./figures/warninglist-warnings.png)
 
-![MISP warning lists](./figures/MISPwarninglist.png)
+Individual warninglists can be enabled or disabled at instance level using the warninglists index page. Examples of default warning lists are known public DNS resolvers, multicast IP addresses, hashes for empty values, rfc1918, TLDs or known google domains.
+![Screenshot of the warninglists index page](./figures/MISPwarninglist.png)
 
-The warning lists are integrated in MISP to display an info/warning box at the event and attribute level. This can be enabled at MISP instance level. Default warning lists can be enabled or disabled like known public
-resolver, multicast IP addresses, hashes for empty values, rfc1918, TLDs or known google domains. The warning lists can be expanded or added in JSON locally or via
-pull requests (https://github.com/MISP/misp-warninglists). Warning lists can be also used for critical or core infrastructure
-warning, personally identifiable information...
+The warning lists can be expanded or added in JSON locally or via
+pull requests (https://github.com/MISP/misp-warninglists). Warning lists can also be used for critical or core infrastructure or personally identifiable information.
+
+### Warninglists and data export
+The enforceWarninglist parameter of MISP restSearch can be used to exclude attributes that have a warninglist hit from the export. For more information on the MISP API, please refer to the [Automation and MISP API chapter](../sharing/).
+
+### Check individual values for warning list hits
+It is also possible to do a lookup for a specific value in the warninglists. This functionality is accessible by using the top menu "Input Filters" > "List Warninglists" and then using the link in the left side menu bar (or by browsing directly to [misp_base_url]/warninglists/checkValue). Only enabled warninglists will be searched.
+
+![Screenshot of example search in warninglists using check value, for value 192.168.0.1. The result shows two hits, one for RFC 5735 CIDR blocka nd one for RFC 1918 CIDR blocks](./figures/warninglist-checkValue.png)
+### Updating warninglists
+An update of the warninglists can be triggered via the GUI using the "Update Warninglists" button in the side menu bar when viewing any of the relevant warninglists pages, for example the index page.
+
+Alternatively, it is also possible to trigger an update using a CLI command.
+~~~
+MISP/app/Console/cake Admin updateWarningLists
+~~~
+
+If you are updating an existing warninglist, make sure you incremented the version number before triggering the update on the MISP. You can also contribute to the existing warninglists by forking [MISP warninglists GitHub Repo](https://github.com/MISP/misp-warninglists), making changes and then creating a pull request.
+### Creating a custom warninglist
+1. Create a new directory for your warninglist in /var/www/MISP/app/files/warninglists.
+2. Add a file called list.json to the newly created directory and add the content you want. You can use any of the existing warning lists in https://github.com/MISP/misp-warninglists as reference.
+3. Trigger an update of the warning lists on the instance to load in your new warning list.
+
+Example use cases are a list of domain names owned by you or your organisation or employee email addresses.
\ No newline at end of file
diff --git a/warninglists/figures/warninglist-checkValue.png b/warninglists/figures/warninglist-checkValue.png
new file mode 100644
index 0000000000000000000000000000000000000000..7a36bd98b3275f5e1f979b3a6ce0a3ef69a93105
GIT binary patch
literal 21224
zcmZ^~WmsIn(k@DX;7)=&1b26WySsY`?hXSaxDzzEySuyF;4Z=4eHh@7>~EiQ&vWnn
zF+I~gtGcUtdR0xm^{y}_1xaKCJOl^`2xMs~F%<|1NTK)7OK>pnEws}Qiubn<&MJ~3
z5S5bzM}NmGgyn@HAZlU|!Nwoo`|u7@+RhLVD1ColABOCU%^)CDe5J*N)jSN&GLVgs
zH8<Y6k~!7N#M&v0IoyM$eu-h|=B_4R+Nk(WtGLwEdo(h&Y9*}8sLGyJ+O<U#t<RWf
zCa))H$hs%KSlbx3M<jno&(&<({TPRaEKTw7#>d3wem>FRi79@5(YHI!<Ger4V=+1Y
zG<lKUVoFC#>-57IC)gNgP_f!K@%O-X$iH4!&q9l{1(py}A2U+lBeDuOAvxKa>2HTw
zuCFl8ZOerg3a#z5c8u|FV<+lXuy-(1Aj|6iPr5LtFNxS~**sbQy;-c%vwWhVql^FW
zZ!%_N!bWiQf8-e30DCfHik6loNJf8k2(~<|-V6CF^jGqZPE!XUBO_x5@t<`?Ll}hq
zyJDqb%gnX&)wVcp_g|fmW~YqDQ2(pXiDqRzSg+YZ80O!1ee5ok@MDVNp74wYD#V%`
zy<<%JV%kA<qc4@HO^~0>)jA`vNhy=k>@0c2B2$Z06LkY*v1Ntl_srV_J0)Md+!>D4
z^hBg_&vebf)^ioqReGBov|ZSmbE48bqa8tpM<DdQ;zc(V#N=rGZxvk;$;GZ}b%umD
zC*{;-&reU8dX7T0G*!ip;MC^MQHG0<jdSd8FTBbIUg!ygzM1XyK<kYPAH#&bxYe@O
zESjd=_Iizjywb<oPU|^4{Nb0l*gIoO!-CxFu+(!yKFx+jybLB;@6MTrph00_VYaG!
zCjJM4CwzW<SCp)8yT@n<&&%{khysCxl3lZ;i*!BBe%tJkUfIML7#LGkS#G9w68rb$
z+*PLfSd*DJ94C(TLhXdwnee<n<JiNZH}~i{m0wm|sx`}xTyUc{k*s6-R_l(bVm7H*
z@|aJ4_nhCY*Fd~&#Q(&{Q`d${49oHIpu{^6obWGm#US(1qGom1>v`XgY-fki$({$V
z&q_mT3zYEjMKQfl5-)dc$RF_^$f_Ja-)RnkVK#-}XSc@=LBMI!MWSuMZDh0LnY;DJ
zWbwBAu#^SKgjE4~Pa&W2v6pQX{z8F`fOCBDM;86rEAuR}J~tssLE;!z;Jv53=#RW|
zj$egfggl0af#@Lo8m=am^*k>V_Vo~vj&&e=kM!I(P{P8a&ttS<z#)3wrOjKK!*~3K
z)lxfD<h@s^MfbFRLle*;?D+kB-H7JWFZIZk4I=Bnx{NZ^l`KtH;!np`z~<hEkF(dN
zM%3g#t@{iEoK%WrN=m7eK5GPDJ6)MEHYUa)V2|q2Xd822;3!tpDzuc$As<uuG15LK
z>Q?)rf15}R+63=&&15wEG2IPU7^FuX_$<>TCloN%N?WBeP75jUl&CMlBfv6pJxqnF
zv(g|=Vq2N*k-1j}7cGIE1{Ix66k5p3azhnuo3D5jS|n}FJ9*n>GFbK|(inNs_R6HM
z@}zdhG+LIKuZA<wWtO0z{0u59+YD&<=GzsPAsk~e3G^xjO`B`(DPu_ll>4m%)H0M(
zz_OK$@s0o_+EM=PvD-2Alu&z`uDdXUMsWmH#n{_?^2w57cUf<SCL$@-2awWSzahF@
z@4@m0HMpp(qqBt^Ek=RJ--vLNd#IGZl-}-;mwA+KjBKS!_c`YzVKlw&Tzy<CsZwMt
z>OTKOlnA);%Gf$Dt3PT{a1SuAp=NSVRNRwvIsDQrwzY6$(eK{CV$R~AqF;}kTQ(uR
zSht6^e-&L>;nS6EeI2Cv2Cu34^`UJ+*kxiSo?|`{2_1{p*Qd{k@#0GYQ(kA3cf@#?
zq<5vS?_3WPZ{Nty^z*o6<u$`bShpnQ&TH)GRmIciC-*J(i-$phnc@q)<SH^ef!?E6
zk3z)UA5r&|O~Wo~&z~O}OV49yEBQCXU5VLy`z8CL+Kcc17-W{IyyZY$&I)!%548F!
zudjk4hcIhOUvO*_SxcX()Ul@b*DEb>2WGlPUyHA=(n*s9hrM3SKp^nQbCI_<)<Y2X
zYw0=Spuktc&F0O}SA*{md4iVu2kU3AW;}%rg86%r;NH54Z_cZiz93Pu3-Q1k2+mWm
zhDP;wW>SG?(o+%MMvKqW@L~Oja|f3=C2CjDUf*_zyda|zY58vp?QjIVn1dd~W~*cz
z7ORF#nFmgm*)do9J8fZ%uB+xS%h$MUiLa%+7A#&rcD^)a-()z#@iq`<5mGacY1&x_
z4xYgp&D0B0FDD3l){=5NViXFk;r-S{&9R&@1Iy6e00@C33_BDyw`Ky~TI{{s#C=9y
zCdZ3)G$?k@C=b!z&>5*4fhb#y*1vcGAAdXx`kz}YZ0CWwkq%vuR`b6^;hD8jfSo|!
z`Kf1OEW@F6*JpY3Bou$&nvu`&X^Ou{x}W|WBEo#i2LacD^TZXz-fTDrQPCYOpM*(g
z?)PRe#r01VmFfJXD9)p*NpFOnZ)Yz(%?Ry-hhN<iUa6pXT&~`nQl}}!ba?{LBqOHo
zsk-{BGCh>`bQc%|;DaTUbrjfJqK?xu2cPfSrGv3m9|Z{QMU=p3{Dr`QfC@<^IahBQ
zD|VG3p~9IQ=O#ycMm#R3T&nr8I*AS?0W7=RMjSr8x=3d{N0hYd+&xcpPsFw@BuM*K
ze-~cZ&3TI#w9c0VprpihV>#E=zJ<6I`PKR~tBYK1-s7zA+!HT4Tlgs1v1n2O`Q)pG
zkdt_aJAKj<LpW~KGBET+WuWD3jq()H7qTuZO2T->fR||+hr^p6!)~&lYilR}<F3$i
zbl%-d{FSwJ+ot=kbF*n2c}Ml<laOeO+1NNqpzWQCfw(KcGe(3`AP5pFaK1nmr@>oY
zFfj`acZ2Hk8%3msZJB8g)lxDxZ6C2sqVxl6E9>4<;mNUzVdSa2zGaym932Ri)k%M-
z%ty#2S9xb}rk2w?r5e0T7I;oG(J2s;3H7XGfgWnt^x1ee^Nq~umVmzqC<~;7txn9`
z7wyM%xu}H0XT^C?_T>X`Px>5ltvU-VYN`V)fWkPqZqN}M;I;bHrAdpNTUhDGtsuo3
zCMsy<hmGLv+p}R>T1lncGWlB@P(i)Y+RBqc|GEoZVpt`<ay0R$Kk>evx9o}s#<jKe
zW!D_>ScGYzo2R<7qu+LimT#y$ZU>pJ{9tvB`eSS!fv@~6gp-_7puH+)kZ>Hz`YMX=
zPsSLbAD1!@L-d~#VM#4Vs|r5L-ihiu?Ec`r@FiPYg<nUQo-}c7!Mlr@ypjrU_CLEg
z>-H=0-Qt6F1Ki`@o0pw{uBPO8w#kTo0C-*)6JDrL1;n+BCs1=hSWlg2r<A7?1t7%E
z&33~QfS5K=Z^$_}<MgLs@5*eA2MHMeI2kzWmaX?7yx*y7HxO%~cgDl!f>Ss&>q|<W
zmWiHQjLLfcVH6=_l{)ww@!WSxeh$|Bv%1>xPfqjDn_~mw!o8y0-qPYOKcQaY0ein^
zU1v{ry^yg%ez<^DZ0W?-@7^RZ)0p4+N-iO%+a>_Go%_@kF)_UW+#-ko^l3Q9`+m%w
zHj<k=?8{z6raui8^%uq8wLjivyd8rB^2;ms(%5KWhBtna2W6n)il!!ia%o!#aPa9w
z;bBoU@)4sn$m8$2?6qE6utJj%FRM|6hS{Dg-89-C=Wu|&moTwmT&P$JfCM#}?(xpv
zGQ?aUNdPN@9>F_$W)}jGVz>EJ?lm0H52z=|hrIgUg<JqHp|u%hMRr;{^*dq@uY$7I
zXVu>;LjK;pF(wVe-lIC)y%#+{&zQPitxlRaU4#d&2xzrQL_|u&NL#d?R1ge4d4m5?
zHzeZFDkA+lwEUj-osNmIA4S)mVmdxH7xQvnj+QD>a)GCS>X@n;(<bXJxEFimQK&;m
zOi*1Oz>dbZ@#%_&|2rC`s>jEI7$}zwm0KQ$M^dt=+W{VZ>8s7jK?q-iZ<Fa^FWb$j
zpi1J+SG2%-NCc<4hOErqUCcR+_Pbu)r7vZPqat@(w6avUhew$PNPDkbY^t}en*PKa
z)0j&yoLFaY{Q?h75=t`yaBDSih{d+FhY~VpuRJksLajxZq)_KQsC61+^(ul+*|P$u
zWX&6+WyO;h8>#-pWTJ+s9}is~pg>;PNi*}oiJt^jcW<VtzAkHO@sb5NFS3>k$k0hH
zZlA3u#vA~I(jz~RZd}*F+WXydv>2LBtR7J~QJTi8&d(w;l@I<F6e@VRb?nQy-e~@_
zgI0A0b~-8Ie2sOZ09`wednZ<xhEv_zMi_SM@~HzRtT1hJ6-gIn?no-TdIf=7@U4cU
z$4Esd`wWgRVb9}vtORGGv29kAD!<eT36M{J;I!@wlo}p{5Y4sDHl#Mfer~&0#S=iQ
z*lCaj(Ri)88KKWF+Y8c)T?~1f#4J9O3(!XbP&#fFNAF2?qWvJJSJ-Ey^<b0SFhn#5
z=PUgj2`dFaqDV7mCt=jeZ&r-6nNTRujdmeU;lvp89|I&GROwU?`gD?rH+;LARh!qV
z%!IBX)}i2UJS2$g8Sz_iD+P;lb2D11q?~O#m$-&11lqD+t*-Oze5dl_2d+MrqW&7H
z%0<0y2Z+7qKeBw<Qg<H6%Ck26Ahs3QCb5RIdyiHRPv5=OaoaBay5=jXgtjDsonCs>
zO@y22T<SkF97{z@6|(?uAyr+BXBBx&A+#96*m_Cb??Ln?(^mh<M)y#o^S9rs{Hk*`
zRebAi<JtF)BKEHHB79>9-BBvnTHwf_G&YtepKDA3H(3MZZaNwr4|hqp_LIj-qNqX9
zgAu-~LBWvQl(RMVZGKu#JYK$X(T{a|U_UrU{RII@bFcjv#KirZuFw1>;!$U61krl#
z%Q5qtf5XuFY{zw_%UWO5SFi2ijT+?5dS8fmaU$Z+kfJuLQ7<ZARhM?ZpL#rfq+hnw
zV>TrJSt(w`hF_Y(%YcA=Ae%n49&*Uv2w!+?^|Sj&-;(@F4}TZgS_>jyV-ks1{YiT3
zdrYL=4!IS>KJk2#S%VW}|9tW6^rgNM%;KTaDB1uw+gvA-Q1D54p|)7RUN=C0wJC=J
z1m6<Ves0FykQH;VGrItc8|I00Uo3ILd-k+_5HN`)U(tIc`Mq!`YrhqgyeJ~YX86>l
z!dUU!4^iRhMA#s(^0I26FCsK6Q@BDj%(fv>kLgHiafkc5YW2lIu=pbT%&Cr!kWE0`
z0l$=4U$N`ujO4f+a=O4GG+e_$#(l}#r}0MSsad2la3PBH7tV6@Ei3OJL+2+M7sH~l
zNbojZ0p(0mCDjLg3vaWIQ;A@7fC+XZkIqg&i3Fim%t>ZU_%-$I_rx$llvbf6yS_|%
z(rxuN)SOm&?s{DWb_)>eczO}A?6R!@`-hR2)+30{QHbj8{Kf8|<4?U6RjDEdsb<$}
zP}{Tp9BkPA-GTzNAnmbLI0jsTA1S1_3c(X|<+G-64~^rzHb|4{CDbFOhDZ{{Gfc3!
z{?iwfJXDN5^_S5&U)s)LppUN*^VEnMufpU;Uo9$Y@E^o$HIK%29#t@A;&XP4LNR#w
zY^8$zphyGZ*W)XgwofFkReAokw=p>Hk!0_SXRe`)^k9_*eUQ59f`Cx?*qy~}n3x#S
z%Kd48LVoS6W!t#h0<4s0*fm%s+$UUm!I_M9i_O=I>}V4|V1Gi%h0=xXbXsCD|EpFy
z?cqq-r-FqrSgi6R_|l5E>m99U83cn=nomu<_wm6&KZ`2`D<iW;ap?mcNS&fJN%rAO
zW3FtkcpAbIP=iLXxNDq8BGe9!E#+LgRbk*FqBhDMtG<|4e$?Nk?T)OfWLl|YfQ0jf
zP^F&mR)~iK93fBj#rHG#dTxvRG{m$@-MyxQN>H&AUv2~4BwQ$Lcbfs?;=D=lHFmq&
z{fp);54U8kg|9YA;-uI3KVS=$2sgd)5KCS<YbHMDfHB|?7V1T~sv2D&POi+aVv5~_
zocCpG*MW~?jNCC*17+KINeiE*ld?WFQjP2-KRCU3iSK;sgL4vZfOkX@uR$6WsA9ti
z*C^%7EH%W=Oat0@W>gBO`}Nj79Sf<4n3K?t=Vo-Vt7_9lx!EZ_UoUQCIoG1W<)X-E
z`OTwu<*$TE`WDM}H+S~miACE`Biw*6(W%>Wi_q49IcEpC696f9KX<(+M>3D@jzhEX
zvrQ8v?y$4fyxVlb0B)iI_oR4kr>rznCE>U|bvm}M0NyuVx^S6;hvUVr6!&ilMca=;
zELkfN)oboyC<SLn6qCH9wMD6ji8W=%w_=1P;%cfT>3zGsVa3o)zDg7VrzbeMg3uDg
zYCN9S{^wQoKsvI{n?Ru8aO#_N-*sNP%vQaGETaN;ID$1f6>~#a<X59D%ULs8<{j@s
zce0SyHic%c5{`^hm3oELADaSiXd?X4&IS5ms`5UVPfF)s=2;MA!zvJiH)q2#i4wX;
zCiBunA3K`6Dnb`w9#kb+_X3n;6z$v;lbL-6gQ%KhWmP^jGI@nTCt&$SG(ufThgJ?N
zyRL}N%kENJrQAwY&E&uo&MME<zOD)d(x}2@BMV4(Je|DtX|!f7M<%$o(_M^qHJdHC
zTO)a-Gm5-G(@-ygm~0Bp1iW!XWovLmGpy8(xE_tpt7>>7ew24$8Ru7_esvL1i<IfI
zfEJ*cQ6+LxoK=MvSg)Vo($_6<@Z{nTuSe|?mTtpwK_5f|;=hEg-}cXp@-t1l7q_b$
zZh%~8xy~U#{2^3%^k)qf)iNa}#ag-aLrQoAWn;N~Bn`AXg!0c2n+c7gNb^x}pD;03
zk#M3Je^WpR)f!J7O6lcVf4wMN@wIqx6T0hB3gl-F;)S#F)7|K=GTaP@<Ymd_wART4
zIa!Lg;IXZV6rBsG`-;!@A+7s5)j7wK_nVzGvbI~eFDezTrSWPg!#d6LXS&b>F1Efw
z6i|q%PaZ+m=brGXG(J;X*5Kn)H6ClRc6#&qZO%;65nmv*v~d<kXH9mU0G42;b2F6s
zShkhrz9jUL({zy$wPXbJ@-rMB@<t$QYzas;4?8F){it|c)Ihkvl|J~IUocy@FN!oY
zb=7HL-6GUk4`b-AAxhDrmTYn?hVQsWO<Fwoz30r+Pwk*-mQWegE_rlQ$%R>Y4Oa<x
zi8wiG>hcw7!c>3TRxq2h21y)Kos$}W*IAnb)EB;5RaM($HLg{O30?E4;O<}1=Atia
z-wBrjN-D*P=cv#HGD;1@re4D9$%KsgXNvD_h}4OO<_#Opr^WAugTG7;$Kndz3d{Wl
zLFgpgxZVk?4Q1XL=>YUTs`+FAmYF<6?S^~0Uh5^I?_ST{yZV^65o`7pO_DmS*!DX$
zVjL`Mrc0hr$Xeru-b6};Obv}G%79=*pJy84gp98lex~T(218aN&eS@A2<SM6-GIL4
z_*YH(Pqt?5q0fl7JasTPf$O?Sz~-y8fqVn<WX7hix45rpA_K31Y)Op0z2r0W^e-l`
z0u-MKi%t@b#dpmeEJE;16OZbD9R-Hw4fB?pzgWB>UJymcDzZy#3<SQkE@tIw0DhM!
z;MgoYFioXhU;Rqa6Fz+%HO`DVoaK`$um2*P9^F;h@cS9bszVfcY`Fe=+)<e`4c1-z
zfqzAa!e-%)>eE5R=bhKeYha$k7aNz%;8h2)l%t<VHZ28;t}m5k9TKYqPHmyeRd=Fl
zN7&}s(cPTG#X?q9JKlM*ya-R%L3Wbo<~c>0`aHQ4r<3$wsaoC~mQYlAbVA6EdrBU~
zo5*W3&0v?jsy}hnB0wj(F=b*zwT@{&Fh;w~F9IJ06Jol^It0gL)ee#moeKzq7}?H9
zIz9?Nl!CnKF$oeBr?<ttG5eIs*0_tvIuDJeJ*zROlXgaK1!7n4YIcQuwP+ekDo}Hy
z$t~9Ty?$sOh$B5g+Zj>=lOw4fFsB6KR$6c{(4KJ1S3PY{cCNwOnb#N#OE6{5v^Qmw
zO|25@2Ic_sG`P7ZLYpLMJ9>Jt)h&~^o;l^RXQY{jKJ+EYbw984L6qb4RfN9qN+>9c
z@APE!4|<70EaeLb=mMf~49C}U#9)zK`&hwbgNqoGW((2=b60>L7d09mR@i+BYEcZ$
z1vcyJe3hRyAItIE#%!y>N2(deUm#4Dgd(N03F-(Jb8Wqs(B{86;u(1iHn#1(@cz|Z
z2RSY0Y6U9Zr^<(hdW%Jt^=CRwp~_YG7xbgFD{<n4W$_HYJXDqV&+=wISBSua$&5VT
zgzaztVD+ZPN{`hOT$d3aD8Jmv^8M$Uv2%{yT*xoB#ND?CD_gS(T_%e14{a#=Po-_l
zd@S!MxoZJWYyX4D)RF#@+ivUgGGDNAzhD?o9+{)#D&J#vK$EHE6OZ?Oxta(}Fe|H(
z(DO170CiuN^>WJ9Z17U}_z&9;zJeWx2SVnAmRD!JXe<E%bf*?wpYQ87M;p$Qld^hy
zMfPe+M!v$FTD;5KcLV;)!z{KL>Hs1k{#z1AUJpK(xiVE3>oxzk$iFr0ivc{R>Pmk=
zPo95E0mdo8as`GS|1tKj#kRxmsD3(+v&8>K^_Q;u{*@oz8&D!0gV58{)BkS)B2Mt%
zq&Py|8Y(K=<;BIZGQ&#Z|5K6ptgEe!Ye|G9_^<y6+jxELL<9I&kuU~-&=nW|NJson
z91Me>=KF8_ifUYQ9rr(jAO2e>`AiQ;IY}zY^pdIiyWesX##jGJ7m<cN|E;V17(o3u
z1o#;7KT{(7KcxRNHJujtU*Td$b50v<<I6?Z=pJL8)q@N6HRjzvoi$(zeSxv(&+|?7
zg*Dbq3DP_J7;QSK_i*dXb$;j6zM_1<J`SF*@%d+r9@|{qUeV`ZA;Jh;<rUp9Hiu7#
z>U3vz{n>Tq4&RyXKa=v5<EkJsrv4a?GmI7%o~W;~gMNq!cGiMDD?@apC;q4HBGMf_
zpgalPwqrU1ZfyOLK_dO5Mv-4cSKBy$zKo8sLj(r5%hH1AfYjLvid(v5DiUUHE(?si
zeF43~w^rC1b(^H5-#=4Chp>_e&9_Lq&=qyP<;G$-I+yHfcz++AoSkbB$v!#NF)vB^
zof~Kq0k2#3?pP}{{+Td`s%bN+cs@8Qg<=hRaI3`~pGxX!jWyLpu2ByGGvL;LX+)?z
zg8;wP{cIS%MMmn9N=iD4k>m|?v4cec9q)fAa}>s2v`SN9l8?K+YXg58qttA?%mYIa
z>XD~wG*vTuZX#>cpS6KfVgWP>lL`@22G@LBBD?qAl{lp&-HE8kni<q;8<$m}XWpLO
zfon`c)%F;Wk|pTVCHnV!J#Dm@Y*RHqGf?ne=g*s>wDvr?aIf7)!}i#w8o2^$uz0z8
z?U2Xl`i{E`>-}JF!&vEQQ7p|Jr=i_WKIjy)qpf{nVeQ5w2e2(kSHlGkz#C6YOM2vU
z$iR3PC@y}}$~ceJ$f`d#2%g=29SBX<AT}Dj{f^o*^!JR6&;JPzBZdyy@io3f)5y9L
zDL*8oH5B7WcJ^rmcoM<c7X<!7cPoW1(U;ac%qi6T5jY^O1=!8h457ww37)sWO$6HZ
zHh!HzRnZ`3fLsrr`e#uKo?ee}RmX7!6)8slR6NRqJlm3TaJ|oPi@>?De5{cIt6gx(
zi)C9inmP-;I(8rj>`-`uR2ikOu`h;+ghDQ5fF?ZYTt3OMKdz>3@!wkk$<)bnTT+)j
za=>aC?ZyzsBFva{rSX*B<X3ABs!k8lp?Pne*!UHVuv0+FYTnOrW>dH^)`VNquzY5t
zhY~NJiuAyhBxdp#)_ygPQ;u>%5(b_6a;Bbe$^Poh0w1`cldS`Evc?F~)^0cT_Ai6~
zw&o#dLi*5kFuZz=o-d{+&$Du}VN_L7AV@p{%ktl`o{Oa8IymqWYlmcF;Ham^w0HLG
zOdMo~zJ93e$x_YiiG6hpjZl>Z`=fhMn)7fH)6LZ2!8}=0rJ6_T#^#8gDEJm>;=*b~
z&m7INI_h_#G&y+Cz~FhJjrGaKm2kCCi>x4NrlVh^c9FRu#|C(Qd!;g&kR}BC*12bD
z3prvgbgR!UO1<LjBlK<$g=hBL&|gHfh|Bfm@Z($71(P_g+0g4ZVMdD(DkNl%_fNXs
zFkjV(MQWu4s1Q#2Y%Wc62!5@CN<;OnSk&7kUJ1eU(*M<g8ba$jg+c(*t0IHwAlvQc
zac-an4owEpNo%l-H++a79<(2RThx=&)y?>r{poi^)?j%Q@))FxfHA7#ly$#B$Vu|%
z7xASg-#P=XrN|6iq650sfR_O;Lio_re9hk%8Q?S7D>)OgOzrdvQJnqbzU`1JOxBuj
zHD$B)sImj4$hy_mi;OKcPk)dj!#L?t3beYmO)o22S%p!7Tqib*fl`DzUF=;Q*j`7j
z1WS=}C&QYSFmAR}Cs+#>1T)s*Gp4_nN){cxDNZNuKpespl(??V)`BpN^F8k_D5Wdj
zn%NqhRWoa1Zk}TO?sg-ylzuoDrXB^wk^eG6bwaL!24`bu%4Y_`oejMr5t!@%=Sk<H
ziT0}`Z3aopjzYwuXpFtZRJbahfPf}Xp=i0}Ddf<L(hV$goZ#u|M`LgxWiy9bl?m1U
zgtm^Slk<{NIdhhWYTO@72DBTj4TZs!4_8*KhwEWDS783~<r8z2%ItQy-}w8+E0<#Z
z_?S`yf;;gwK5Ykr3(|!*)ogsoOhTSn*AK)$EKlg&s7ECSbsk(Uyiai{x;ikQ_IRV2
z6wdpv6Ii6$SC{PZ_H7;JJfh=)@W7;zI?P3t<#5&-Ko7gKiYM5gg<~u$pDq{XP~GG}
zIT_@5`qZC(F?+IQ!OU#nT`SbnY3fDz<Z$Xff#5|^TV{}FLue4=35;PLBgV##>EGHo
zVKfaur$V`LGbcZLFm=ef-3%e^(uuL*olJ$7NcVISlzqM5lOnQ6#}1b~Gkq~u{Cs9D
z;;276yQ>RiNVHD3vk;`>e9jGr2TG(7afmH`WDs1bFYo$Lr*HCkj78#t&AtkyRNM<m
zHS6Ct!rl7L-GL43Uw|o(IAMqwSit=8zER}g!<+}99s&Ksr^aC(-+H{v(&toixQTzK
zC7IqghqTN6ViX@dF=aLxbjl~3bhpKPwkbmK0E=#Hn*FjF9K$R$-UG~!aM&+ni=NMq
zR&Yc4y)KL5u#E|<=bG|K+wlMFH=eTu(GFSEv6ywUr8F@@ZI`k9$ThXp5;T?SP`GBC
z0O3;#GXH=UPvt3TzcmXU-xLK_RS6&9LwE=BTn3FJ!K%r}9<JIfxv%6c5_X_1FILZ+
zlab3t{J5@iJY;J?xD^*`uDwkB1&70y&O0yv``goi=crKmab;<{?dyw}oHvu`UY@zN
zl`K4SLw!D+CF1*i%pZn{(O1eC@hAH}j^79AwY{scL3ix7cF|}%Z^2o1Z>4NyIW$@S
zdZ(5eIGB1Mof69F+s#cCSRfyxr5E9*wt2)N$6$2zPQyUY+us>z(-+nMB?9YKsT-Ya
z5!u~$+wZd(&tw{P5bxRoMQ0(`hi9o>ZTcr&eW}(L+s#%dz>-yfL)vQtYs?nZ?bQC*
zSgTb}EJ&Ot20qiRKGyU#Pg%0K;mh)n+vjlTcC2MG0Dsla;q2go@7QHl5?r7XiYf>h
zaD<$Cc>2t{F7IKQfaNxnv~#rR?sdT&Jv|*fF|@)!yWYSCQlUi{+D?4z&0BIcKiEt*
zwOC^>Un;(N14%hAmE6{G6$2WI5JaSx>K9KQ!Lg-9Gor(5WTO7xDD?QImk*bLkxhW)
zbLuzQ1GQkZ9OXmW{qh706VFknM1@1C@kP(o>kal_lHoJJ*I-4tlQ_O;Q>rQVL7f(0
zWmFmSkwT1HAcxi~C-ZHLwfgE(?dZ$`ffi^IyK=HaVvbCJc6A26u0|V?x6LtH+&j%#
zNCws0-n^l}WzlK;MXsTIxG1@_k?Q19{5J6{zVc_#&E=M#`6n@j?6Z^aY1bI!HEMIj
z4Dq?vSwwwvRP+Fxw;V@mm{(&cjd9$tPFn#!Ch_Ul#1sL3bj(Ga;NSOEJ?$@EFI&<n
zncpS9n(EjS1?14sC|yt{n(XNkr^e^AaWXFSv7zIz6f>npJVrqob@BDg;}Q(tFOy0{
zW(5WaO%eU<v%U;Ir=R+H%|b6yv`WyCnHiX4g($PBzoS1KC>Sv};)`AyK?FL~iex`n
z$lr>MiSD|mAo*fWO{PO@c*7TBVwSE0J3rc4j)!CsDBgTr;vqzkYl3>(A3_U_Gli%x
zzRVYA#4%cJN8De3kXw$l2+n$h`_g{zhqPm!7m5xwt$DyeQcjE!nZve1x4PKBwn}9@
zlXu=oq_`rKA!EX=)({1OG13>sCV~T5i8aS9pv<|mrVXt5ZXY(wVw>{NXrLQ@t&o!2
zTHFj>;FZEmVnae1#YOLcOW{TLcKnO$m`@<M1o`h?{s<Hi+ol*dZ2G7xs1@);LxFc*
z*XQe{NW%$~8I)PiF*{#2+sJ>GaObG_@+%2Fv`xQCmr`0%fq8>MHz3FMW^1Vp*Lnkh
zi<y;T{Tpfv-@Z#W{$*alxl{JJEpIJE9};Ae3MjqjHIya^^goo6U&#{?2%wXhm^`R$
z5t#fW7_PJw#fzagW2X-7A|6O1<3@I)Rr2iFte+J!s6RcHLaf%VjleCbk&2S-5yxwA
zOJOs8SGQerKP;3KFkzj%vp3SmvRF;2F0OYMU--Onj-HpdPWC4<eK9??F!^kl{p5=g
z#C*pp56ai7XZqYDR=Dr`R%+2rS;8jmDNG#5OkEu?MHhP6^lEBd)|u>v_{G0K3Ngl3
zP=BK}{G%{5NRS_6_O%)zt<k<`WpRjPrao{A^MLZMUt482mA}nXBR3PyieB{c`a=i$
zvm?D^)p1xl=D_Y@8zzg{n%KBOHAY(0lZZM-fD+eLHusC6Gc&BQaK)VtL-u4Lzy@M|
zsutdEzRZ;hPTxBf%5W+D=_AS+%Oq4r(=bT~k^gWrMMq}X1TLTScRW|QD?6@jVR^UA
z^w3AXl6YSmB+ALuki;zQeN%N|F+O{%nGFALce-sH^1u~Fub|fB@qAb6`To6GaHoYp
zaMXZL346I7Gd_@C;?B#EjFPePDE}U$_&>%n4Qmx|PUV{aF=6_4JNN;v<3>CGb%ta5
zUQ9X6pp1sfK|zso!b4WxEy<)v8x17L3D4BoiGbhl1B2T{tCJT-(+f@xC3-mGC|&mJ
z2-ph_qO2#*?Y-rl=I5U|UE{LX4w`7IhwU(06b&hOek-TsldZw@&u$AbQ5nV8YB2t6
zz|J7oY3Vz=H`a1OG*;~>l7h{ml^!#JnAIanW66=W`F~vTM}2bQY3sST&W^!!f@A5C
zAZM=$5&x5;dizlrf%;uvbW9%Q+m9NIoZrlD2O=(Py1|A~{oQ<LaIHwnvmjVT<Ho0y
zF}!)B8h2Ot0n;QyFV6idoIvrMEEbq%7UcbGO_TgoY%%=<><fC1hYP+P0h`Ai_DG+U
ze&wk<CacsY=VjOS#)#SFN*<-;2qI3vQ-}Q0-7-wMPI|ayUp$)SZ&A(GfXb@W&H{tK
z;RE?S5q<pl!STVkn3O+UbNk8hrutQ@(>gQ4qr>gYM(#PUEKO?a#;*0=r=NgvrTroH
znR(>Hm?USGUI`^Xc4i}(x1P{#Y&U&|ek|s89;1mX+s(Xti<3Yp@UDwBczgTm`aTtD
zUvCFG%$Tmjj+BOR#`KX9((z?o6dFBlP_L3~`Yml~T_JQ2x%TAKRUO2)Bd&9iLftm%
zf&D1DJJ4QiRH9<*N-{Vj^P6zBB$e^ut{VNzcR`8L&|etDqUx2GAn6$6W0{Nr;DY<C
zvG+ssJ&oAXpD2s^DlaFl^NNIEss<TVpG03{ET;x+?r5HE#Iq#Rx!sicf5~u0&n9-E
z>7*dxdC<zj7ggjB9n4OpC-dhsePeO-`=8fJ?7O!^=D$@qYGd~f8twX)o*;$dhdK^2
zkFA(dbR~z8IkGXj8cmq&R8&GxL^T`Ai`Xr%u;O}RF4(KYR1^#?n4S|e<&ht=q5*N7
zDNx4Aa~icLLa3R<?=9?&MkE^Gjd!GC)v=%!i75ys;Fn>1r|D|1(WDo-lg$;;jeaw)
z>B)JsEY}Ol&*Nuw-F0P!fMQ`Z6N#W$N<s{PuWY|2+>`^y-Lr;nF6KkfPzK1~_|y!A
z3bZmoteh4nF5=It?IYJ?t1i)ziYE01&c&MZ{jN^b0A)+US<@7+ZM-IMdO+USs)ax|
zE|aNcR!!K(D!38jiC7(n=}%%Pt#nAO={2xq&3^3ZeZ1cd^}h#gDGr%PB;0G{ChdK*
z5<Bek>oy$p)<JGZ<3wX(^1zCd=pRJKsq20`izCZ_0YIN)=F$M*zMW_S&+@Ry3cAh{
z(l&!~b|Q6O;mdst<bOr`(c@Z2b4WTnvpN@g1+@)AlhU}74!S7gI=AzohmjGx5AJM@
z(5biCFJLn<;_O@v0`FuOrA%4t1|QdnP$9kgdj$5$Ls=z%rtVY@4W(pUhCLLPc;($B
zw=W1E^nEF0wRRV&M8;cXafzN5tT@{ijC>S@IX^ahp|49tLlYWteId{d3qw8ebjduk
zpHzx?Y|69t>ySC~-C+JK<mn6eyHB7kgfL=b$K{AFdw#gI>h@4qQD3-|5ENY#!Xb{n
zd9re{7W}S((7Nv9Tl@Lf7Hu4xL7vbGD@E*{3g%{Ucmj}?F6w9U25Y`n@Fcl>Fud|K
z&d;_cl_WY~eZKiV$v%C4^*f4#i24-ev9e;S11P^5aEq89ku$V+Z@Si^7qT-~x!cvY
zYic(roFDCi|JolfTeH>ilya{HNmd?DpZ1Y-dy*njI_K=7GZY%wW_$Q`{B4nTJS#TP
zU?1=SE?l8Ef04^*9=fa;;p^@j<3M;qPGt)s!`UH+5ypmA6FgleXQxyHrnMkff!D-$
ztT2nWd-SBjNHLLQlADx?J}**BJz5R$d#=Tqo!QI#TN`akX!1Etb|P<TjMtHe5z=iD
zp49P{KI!#E94U(PxSZ$IrE{QV^)}gJ+&=J3?>T75VcYe`_pFPK0BI<)yLMLEO<(dj
z&_jdAlVkGP-u2WXa8s4#+gGL~d341^VQecu%=eg4aKA_(&6Z@6`kN_yJ!#UYBt=&<
z`4*=z(_tZw;o{V3JLAnNOC%5(<o8s6Z)kCRp}*?<x=BQ}!M!~`y;b5Z{=L(A0Kbx3
z_r7)J*Ohs5_>PQojI(%jq)FILG@RzuKqqXvZn-g!Wcp7R!Ny^JxH%TH%zGk--W!}Q
zP0L~5JI<RWyDJ9s_^pK(`mO87O4Ij{^{cXB&B-q#Ns{o9Pw4Flc!$@=Eci|~vaqo!
z*8yDR+|;9d!|~fkK=I}n4ELU!QgV3EopVUQ2^L|a7~aa%kb-kx-hUQT*0X(qmwvcD
zO!P)?Q;tR-OZX@@$fKb)0>WG?gx83OS>4U-d2UutZJnrYXDvsu2{&@d-oeHC98zD~
z{2kJ}+Te4&k|jwqjft5*l?3=(byMtzneD*p{X=s88N4q)J7$Wk*~%5%l?3m}D%z5_
z*jxNqwhQKAQ&<G>`YN7Gae_;JsGOkE2M6`ujY%TybiJdAOFxgDRRZu}YHd5vd1g)H
zFi+^tzAcHYX6(<%!z0ltPwWw7RTyT%_Ugt>)dXhH3R`JnV0#rGC6e$J7!QTh_K$p~
zDovw*$HEe-oztorlx}{e&#sc*X=Q!_sLLmO!x;o}x4>ZT>8e_x6PF}nUWd(q<;s1A
zQf3JKb9{Xj*v)XdawoSXwN%&WnJB0YcwqYLEeoJVuU?anZ42};$jX8~iie_oBA0jD
zu!v3Cv)htB!&ERSaB3FQF$lj32SCY8wv|wPf}Svv#GSb&J$O$WIi@wJgxTcI6jy_S
zh9|C_pWv*cwYlc=naUMK#)qZnq`j2Z!qKd1(+Qb(tPnYZjVlFKHiDiRx)Rb`JR(zL
z6-B589ijJ+G@sHQ6nmCrh|SD#-ty1;43yVnF?Dl;P5Wyjy&kpNp7G_hH;+kajRwd?
zmXu%>2z{=-YJg1+(0Eux9MIna$<xLBeMHMXp9T!}8?Lys-+`S%rSg}dbu+Ony~t*0
zg`IjBq?ozzj0e$@%&Ct=F{F*V&sFapb$I3{{x586OnwZ6p|6<aL{3l@k|i0s#29=C
zxvGAZgwx0TDv9=Mm+4E4@Jt4JQdnPL=CIIFOj)&?0tTulOXMIW<?G?yJEC=#2uq=U
z$J>-eLeDieX?poRvrKi9|87oI>%Ba5{~vI=`3Gj^3(kr4^9<QST+lyQT8~_hbPTmm
z&+{Exf5*_~J~sXriGI)O|3ZU<Rqu)DUv%yN3(^ik-iFFYa?T(VMDG22O+x^~|2#nO
z4vhZ;7O(yfwEh2{&=Gh00K;LQ#GzL!8fwpLHt`Q+f!}`m{o~hun$~QAc_lH=&adXo
z)B+Ww%B3$7PjY_x&5`WmwNonQ>l#fN@5=e1XI0%M2bJ)+`pv(HsQR$Jpir#kzfg;=
zz*-)<H#gibGN}ejY$yJ?NooCK-Co+q|NDCOd%KhK2b+klY0^$@eom~PKpwQ_<4A<Z
zEC+5=oj-pv&zfI0xs<-r`LOmx$C4j4znFe5xUcV{isvQSWiF^ufSpIv-q4-wZmefP
zkwX<zSTVR=E#cCkK^+Ld)*-hrg#i_uFbm}tR<$1N?QOMPbc((g8z!@aszh;vEr)lL
z*(J7r>7Cu6=K4($sABXn=ekqdaHgS{^Ow{;{$|aGHGpRroO_Ziz=`Y4GsR6Be?iz0
zgErP?LE@<3h2nx2CZ#8p%&!q~QuSVOE30+Vvy!<|ENPBH3{b6SZ011v4v5DR5>MfE
zCN%i`eB!`m#w+|a{sLmTOBs)>(vbjBl_;i{jw|EG8PoD^oBx2~TF@hYIJ!zoRQJQA
zmGX43m?SUAwwMv<cFpIHze?SeEzd>rHTeNchpDL_JLRcqZluEGE#j*KY^kCsc&ZWe
zi8YcFvW2RDL(CZg5r)iOwC86<^>bF*^hFsy%{fa)My%)5335VeXx7@AUOJyU3fHC&
zn_cTj-o*P;97c}Z1UPlcm7X~tii<E!zUoNfRll_%Vqcz(uxVXOaYcrH`>-3q8<91z
zW5RN;f@R~}7#G8Pc8?W-3jcFp2iAoCBO*eKPf)k|TnVD}s2LxI6qFQW`rw?9FH~rB
zr#1~rV;e5%CNEmbI>O`zgIapLOQg63i+Mhp5Vqsg0>OI!tLJ8S<1Rb=m(TJ>I<g9D
zkQQP=bmu{Oa=v@e1`P-S1{umzMW0Gsz?!6i3Wzq+ZGk-!TJ&Mz-jK1NAs?h-PGHc|
zdf^w5N$fn`v~R2{J^E=5&r}(gBZ1LyBXUE(uqq!Zr1hSd8nmVq{6c<KK;?h7(5KQ*
zD(DV4sz@*|suw_jfzB&fGSpgGh|89l@@$jpy?n4>cH6h5^%dFc(ZA(jw;}^{zJjc2
zymT6E!YJiaFDLws!T#al2&e09*p4Tz{#g#Q$Wc?g*^m`@`rYS-{dvmdnJXtzyo;mF
z14Sj|s3FchQaal;TI0#n&Q67qt;D8uQuT6L3bI&EyzYZkHOc-P6I)BQgpEhE;6L&V
z%zq@Eu(LCeb@vO&9XwSDNVc3E{CI7gW5_GSxl#CYca&h0>VkS_5tNr0KV{)Od-a9#
zJ$xdh!Z9VD*@EE%8aJJ3Acf}LE#ae!^qQuBv5~RBKyEp>w35FDqpF|VHC`Ng9Hn@j
zVzjQKN71m({fNF8efuK!q-{a5G-+H42dw$sJAfbI_X&w0#{+Z0=$I=i*1^L0_Bj_K
zNCeK;5yzuepmp!aYttKj-K$@H@+UD_a4RGf)O5Y2swX+xb_lkChvibl@=@}vDj>)y
zXFd3|OGzc*$Be|1dwR%2*)}W17FV;r%TjLLTO;lu0y=vgY~d9A;R3%uua_uJkZK5#
ze~R5%z{C;G!xr-6E|)}e5aJh-CundnjmRZo<1i1a=OGu6)o@<~eId+~iBC2*Poy*(
z8ihx4AJQq3l#c8A4>z%YEGIVem-dgB`eC|SO}db=stKBP{MHC}W+$46;yMP*+i6dz
zJ^oV=pY}hMddi)Iug%<;=}n5)pAyJE;rM@Od;73D_I!smP$tO~TdZ;i__OU@EzmV^
z0H*d68NY&ugNx-73pNHLVL&U0Qctlp3q1l2vxUgkMlf@Hl_jr4Ip{Y`Sb3lQPQRch
zg#6@c==b0F^wn2xD^89k(#E+fHYv2*oPvU=HG+3vizjS}^SSvUx-;%Do7(p&I6*M_
zuA<z_OwWx)L?<u~qQ>|^c{J<GIKa9F!-!+VIV0y7d!S;f>StmS%_8>2uk7Cp{olwb
z_-XqKLtKyQ*r6xaP*z_f4i|Jo8``S1?62Lm9+@Mv$XZcJQNGuxPx*GofFtdXsR1iH
z@!E4OuVh*sM2y%hMF+p?8wuzcCC4Uvtf)`Lm{H(l194id<f!&V7?aw?w@}|1T`Z!q
z#p-l?Or)?3Xm3I$oA{R_<8jnDvj+C%77D6#Ed@LxHUp!%X2^VR8L7?s@%)Rw`OEpF
zT|avv7KXNZkxZ@E?)GdOstBlbw1Y;4j8-+o7+zo)uxJ#qfySdLu*#Qg2;LE5Gq5ex
z^$MXTIKfwv{VzHZA1qor{hogsHb*MH>)r2=;5r$j#Y;jZ-*NPXURd^8w>YQz;}+c0
zeKTIGjwb!VW;<E0J)NYEG=zu<bvuiBUYrNM+$FM|BArNRy<R_AjxxH+TigM<q|0${
zl@BE=imf$$BR*kQ^npBVD32h64$1B=&*Eh)x<+|OrB#B(4$gLr!;z6w8ag9ZjRDVF
z)hjuyWt0nuP?{S-HFizXCYdkQae$w0*ej>Noh{#%CsMOO3+Zd`TmOfIg>w`Wt;j|p
zyvXzy&;;LmVD}3O{Cc)OmC)nHO6V}<B-g^pGOWDw!Zd5>1=DCMIe#cAzpc4v;iK}f
z`DA<ydo>FFP1Ya?CdJ^8*Av3-R+E+AxR+5>l$4W`yAw6Um1VwNNAa*#AX_;m!A)uv
z_Qr^-b)s*z-b{`NF<IzpfYoQdzf+?)<|62D#=!r^AF|V@VPcbyLZ$#nk34vF((>eu
zapmh=WdZ#9k+>6?=j~tx^=pVJKyH8>`N9K;*vI~<UoUyR&7J(5kWh(y)Zgb%{Gu1R
za7Qy8&tn#s<1?&F)srBAcbAb50fuwvoCEjpAqb@m@j!8F#`?{)bGN6N+y-e}T?|S6
z_X68f5<X&9*^jj0X*gkF<FFCB8mBJ|Bi-e=_)?tIJ*;EGWTJty*DLYe7#PHcr2-w<
z{e!>ASFFDd`JOY8Y~{~L*TnnP$PB#T&`5zF=qdc@qtD?B1nl82cdb8Na6}GZ&|l&K
zyCn^93Q0{eFjW=EvSs}Ee6IZ{e8Ls_IC%)8C@+G~l8XYo{i2~nyUKcA@BUzG;D2aI
zP9xgE#}d-S<<Qpa;GjxcdBtFV|9g8fI;94S;Wr~5LalHPA_(D&84wLNr?@7?z{)ZO
z(qx~#lxSJjRMtm5v$S>xV1l^l*U`wVsKb!G$uL}Fdy@G$v&Z5w<sy_H94TDtT@QA{
z`usaO1SQ<po-qGh!ZYRW&k^|m@(}?9R3?q$+tp$OuO=~{EE9{#n2=^kSc3h(mjEWm
zC*WFexji2J&7Zk$vz4Olwwl_uu?atRN{8H}>31KoogaNJ9J96ZPGYAVIs3TFGz`;O
zU|TdNI6339mwXlTE9<`K?N=>9V&{^<WyTkw`Ux+7L%<fR;9t&!kW9~LVu?qw#LY44
zj>lbB-5+6Zenxt}o%1=sPo|oeO_5Cx;%uwc%>I;}Kr9woyX}~EB=0?fBE9A54c=Y1
z-DdZz9kzFEzmk$F-SDs#4Aa20zQk5alk&dGjy<u09X|-<PrgbFbjAKG!6Xj4dC4j>
zpC(N4(g?%U8}HfX;nib|`4j(mVFrrudv^YmzYzh6{`$>cj;6@h<U$G1!XK_^a<oqt
zP5MbG23nK1B!QUaqF4n`cE$Er|3`s!@(y60<?4n4nF+k$=+p;X;*lJ(5bTq&Wb33q
z4hO_}MNK?Hwyk+>z?QH2Qy+Tq*glC4<c7>c&$P0ia%aY`ZV1C-FbEzTxSan<-NBp*
zP`MLM^fXR^frI~W<L*#@vYHhFIC%%IJL%GiV-L0Df0$#~Vv|X=Ptk8jwIli+0^nsc
z<wK&9z8r{Lh0HNGykWkua8|>q?lszK{UY=a^lmG@l?K+^Y{Fec*s7xJ%tsh=Uz$-n
zHI};A=#Ir*n)%TedYCvVix|})_*E(GA9R05s7%<j0!J#ovr{6O$cDBXsM?G~OR*^V
zc#Ui<IwpRkr`=pI;_#KUN)K*uM}E10#N2Hs;xHUaxgihP>4&yyv4v!|FOK1P&j}vI
z;68K=Z}yZ-zP+K4U(#R@*7Ij+M<)q*^*wC?9sgVrtN`F6_!`8F2L&U^h0XXn@poQ-
zNA;pG)HEmD8-hOCh`t4A25EsV<f~7r*hg+ZE*~&Ya&HtT9Z~|O9;#N}7OSQXkDzd<
z#AR`31YaZ$4st=tdI(j@ugF3XS+sx8m^w)XlZsDhPVPN7px-w|rlaHwCB5cDVX}Qc
z0bycpYSm9a`=R7P=H#KqKEJ2o=X|RZ=41jGQyd8sbf`($$<i0>T774a;kQxZ`(92)
zLRHkH9NjnXtA&F5>LzF%iC-k3!-Hb2=Prk6L~+?Qq-VwNZ^WC?kO<hT>BO#*NMFd&
zk8lrn<Sm^sFV{a3%mLVhc4fZLk7pIGfOTI?jD33FIYU;XC72GO#<W*_ih&q{Zu#Zq
zWtWx_C<gS>cA{DwJ*&)`wzEbl!3bdxJg^e&AHS@Xg5T004r=+B@7COt&deW8QJ%!z
zwc}uiw6mFaAZ!#1`#6J>vMR;$J`m?^4s~w>C<3FizLKL0(js5PM`Msl6e?Eg-Ch|8
z=)<h}K(*@6t;$k6-7B}~llAUi6)2vSy$Ige-{C*A7}W4Q^%0M|{%=Y}mc12-Pe^6l
z=gM@^es_3tk|%m-&;I#vvF{Aj<hEOO6|JM=)7k$kr_SGOagFf7wA9oGuxKsS(NzJ8
zBEBkZGf(sM;VOUbVL;wgn|$~16yuvu+SyQ6{kGiI<s7YqLeQ&AKo>0vLG5*X_ydK$
z`!aifNB8ch9Tj?MAIVqxk%Z)|emdnnEmjcSANLv@Z)?s%lvgSPLJ$tZVB;^7VNP=F
z2tV1?Sj1ICDz#dW*5gB3vp#tAJo`PwtMQ#G2t}kU?JsqZLA~tS`!p1J^mG>;HT#xa
zF2-)FHs7MWO~x?&&5Jv~$A`iz@-oXRa8qsxH&rgyU!qkNk3I43-1(4n(8tB+1yxH8
z!q``Jc#{Or8?>D`3zTSw;fvP05EmUlXgB_@>WTl3S9$<5LRuqj8qmdGv^{NrDYvD1
z)6OjSQ%vitTtsLl=FaRJgB`Iafn`N&Z_Cz!*HKi8eRSV_d*;u&LpnJD2e!fEvnnwT
zk(KbOUA@e=b+y1=U6HHsrTba@tJe<*Hm-Dqp|?S=)$8ARHn^Hi#nD9oxiL3t)J}q{
zA%GC-=<`(d*W2U|-y1++UGU%2mPEYYTG077V`nFL=Vn!xh8ig7y}s@m@CV6W)a(sm
z+dTb+0Pq--rBLDMLRqK=v;N}@-ZOn<Yz#<_SN-(hUF-$o!M_F4zx=%jahy4;Nja!X
zw$8sd-223OfoM~rBKu8M;C|p^@Br%UpO(EO-P?D34G>Zv8cPQqP#ydjVOajpi?Vyz
zwO>i>9voP|vvmL;!yuY?SYH1y(TS_2cpdI=b+o^ePb@Fjd~PPVo%fLxvIO55DZy9x
z^u5`g2XlJyuMr1RhubuAc(+hkg6iE}H+_0dbGPmQ=$4iiYDPwh|0@eOv<d7NI-e7K
zBdIkdp%if7lh~O3$hGDGg-AmDj#O0YT9Loobj3tVORJ=#L#yv60xmY*8I0N^Tfn{e
zcfnuI-VWk)18#&6DZRj8?_==)YUaG6n&{Ryeng}Q2uWxnp(9F1igY9aX(B~RC<X%}
zQVhKbh$1Bd(wj63M0y7U66r|q1Ox#oMwA|EDB>AB>s#xrbG{4z=jwkocQbp|e)ltb
zKhN(SdtTt3M`oF_8p{L8BesYD1lfe~H}&_n*|sKBW*aan{=^sgAKAhGHdy{&-iSnZ
zg|&@Wyx;CcIo1BdLt<jAEM#8NwG1)Pgs**u@H9rdwf1&|&_j*2Zk9G{ICHePCiR&6
zc@uYTB)SnYYLwpu&a{-|9~ioS8{#sZCDsDvXbuL@pkI<smwi?zv8h=0I(xa}i|x89
zp2MdiklsS49bNa@qn5vuA$;D5)%cLRO)fmeA3!1gr-$QshOw1m?d+*ERiUomUxr&a
zf9QGH?U)c~p#-w4M7B{G*+i|T{fuF{1RIS$#abkDdv5KnsJ4dXF9yYPk{=^#Nj}y<
z>5DJ`*{#7djh0JIq!QNCW^~Wmjpr%@2l<rT?1$3sV=y1KltqQBRlMcoMj9syxaI^n
zQld6aDF#)PSxqXsv?%vN%pejW>R%n`yE3pzz5yLPEVWk|dbFOmH@)lrtXf<q&Xz1C
zc*^(3#;X_~7gZmazo?&nq6Zmg(G=Bnniu{?$b!<!<`bM?d5lBe<suNlVExOC%hj;e
zYAt&_)SO1V3JuV!rA$Bps%aun(Kp9iVF~kwDQAbCHL8I1!ggSY$Qk6k9i~H<iRxmb
zc2<y0s#}~PnL-yHT9y&2&HL`7LK4gUaVmV8>_@^6SNEpu8*|8FcsxYIFF?N1nnELi
zI0)0jr1W{{GwqkhQw!(F&n(E^xJ6Uwr^H#nHGd<?E;@@c^X$v8B;EbqFDX>pjXkEj
zF4Q^=-F`~w!PYIQFHHI;b4hbDmm9n6saQcYeM+olq|Oktctk;{=Jf}9%=2@rGIy&#
z(9x0r2+8NTDfjl4{&KfHKczYzl}y`m`{$u$@fDv>MT-4h64#9Ts=w0|^$u@LXeSXZ
zDYWo}5V&^H82Hn;X?$?33|6y)31ykt^;!n?!qUkcj$+O(moj3ksFQbhsrpRPv<wPj
zaQ06LL$QAgc-+popqA$ODD(^!yFZR#i$eHC+k^SAHP<`FTe_-p8ii@*n9;r#W;BkP
zpnYWOwKw(x;Lv;sO~sX_Clv(Rs}hbe)-Ed$%79vW*hhyRDUWEBzDHQSU5zerA?o=x
zn5%O)E1okIc$V%7V+ZGxa-5EGiym<muBmB_AtK&HWVPWT3b9&<8(#ytA|;BsNw!5x
z8w?`PnNEAddY?`tgiCytOlP9W2(r>r-l)#S)Jf|m73^Qv-ak)FlPr;eb(%hRNVk17
zxH+(Gn96kw3F(%7*{L$6dnn2CAj2rNN>XV`mb)uaxCHjsECdhx@E99Eo;V%)4`W-J
zD)3HuDpZe+ULy`OqNdL%Bxo#D8s5dX&gFRSHCE?B0=4lC|C@fhkB74*W|9)%4}@3K
z`@Kn=W|4u`GztS=+B9N<sCVt`=W;X+dixQE`#W9(GDJg;ZOPY}j95yO!Pd(j`90E8
z>GuX(?NC>jJnSgszALE9Du^5S-DCfD*z`?cTd~#J{6AdnJAi+EVm|*FVEsoT`Kv|R
zbJ|1ysKpb_N+of^lIBP$BO+*bp`j0!pLhBza*o}B)Y+VWdviTpRWaYGe|DV?%I?m}
z&g|TA_|vN3j(g@#yVG>8l-c*+I5(-ot6V*b^<Kji?rJM**}gl}>h*lH-lVXrThz;R
zW&qT-?F&#Oa1A8bm?HCk;*(X1p+Gd-Nm%M$o0tFAtHMyfsIYw=$uOq8!~-m1v6Eei
zc}PCm?EtJA0z^q;MY4Q*^fPKAZLnfJa$3Gy9`apivRzwV$BrC~hN8zOS%Ozmo3p7>
zj281UfXQkHEgm^1FG86dAHFntNH2X<9gTjXE+C4`!xPa*to#(-?{)g(@H5&Y0g7uh
z%>ZaU=OewExv@oK0pRD*R;csDD#9p^`g46l_rEaeF4YguQS6Oj0PSu~+cwg;Rvvby
zMb2EJ((dg!q@`#i$aOVew(i1SI*Hm<8P3ZbJYfOWWB!sy<2D3@TCZkp2_$+cY>5CE
z?4pp9(YjV=x2Cyr9r7tiSOILzovnF;TW~kzP%C4MO(*ICiVa=!gXu6bu2?fk-R)OQ
z=Z}TUWc<+CR&HL9PjP3|V~E!^7<>6)QvOJ{ysGR{ki_vCc2oEz+Y@kn!|tuae7EJ}
z>!0rcI4ghwph^YmEc}RRsI2=DqjrE>y7KtEj(}k(p+y)>DUc2u&PXHK4MWqaV(004
zA~80}vN}~eOteK!Z%h3;Hm$Qthd{ypTty5<w!HGSr^P07;@!hGh8=4aAN4gTJN__&
zTTxju$93uv-sDeuVRZddt6^@;Vw2{A&HA9HV0pZ7)PlAWkcyEm=61(Nj}60;Aav2>
zL3pO0iUe#hFbZ`42`4Cfv@J-j!eC6STAw}x+L7ROzbF+d(!_cxye|Eur2D4oJV9)1
zLemfVYgwppgV5vpCi)4`(gS3tiYY~??0BoXsg<yGEoB&DKI~Ivq%iI^xA)Pkoc{L5
zrT7$1&tUToR~|||Cv!%SP_d*z5gGAPe8D_5rip75QAU8ETO=5}OxV`=`ofIDXV-9d
z0IEPf*I;fLFTdF%b;+7e8u$99qR_Hl`8=pqV)t?f#y%-F%pvZY_ksvFJrFOQ93k%!
z3Qf`IpR?do1@HNHS2iTLTPp>=9mb8X<QBb}ex9u8_k{h;*1dT5A^KfbGxdwbm;2&o
ztN8b#U1wFSBP(^`KHZTfIS;ouEv3V_32Oc#QPm=6vLK9laq0ZnVpZPJbA_c2!0HeH
zK5^Hj?{+d>#UYtoy}S0IP)WE~;OLxr*ve6#f`}=@h+p1-r0fseWDKEP+hUP(Rq0a6
z^;;?zO`__A?>+P=HMFB&D_y`SD012Mm>&s`NMW4Bg#=@9U%#+ha#)pMHTqO6S51!!
zUbjv!e;8N<32+;G&ppr{9QOyM6cQ{PlA1tU_+rS%ocAcbS4ON-@m4OkY!Q(rz~DH3
z4=(7yYh|)V?|luN(Sf~HWUQ;WdCu=PzC-}0VC`uaN(2&jzngxni7|G1+mdEnJ{^<J
z3d(OT{^XlB0vNok@<&SDow(TXs`k)@W{Yzy4igqU?{XBpgu<Uvoq4veC$7BEA@Jk%
zJK<q>UX3>#VChZ4#XfT8@?GfWt(|4LiOEQLHe1z!E9(@OSTvXXY|$|a)>x7|vdu7?
zNq+Mva$jF(ZD)Lu%U!&Iu!V2?>?K@AI<uDe{(SiUqdCA1EVU|q23&wWf2q>Hg2TU!
z2mh$!<!=PJaiiB7XANoG5N(*QSy85n-6dPrllw=;E(8UqsIQra7a&!I=Aa~Z18Sfx
zg{pm$)If5i{5Q?TFeZQG9%-f$vrOCf_#&<vXKDJVZLi>FD>{XcETry~u$bDdvQW=G
zP{N6>&2#Q66D~WZkHA$%F}_$Dure|CVN2dB*kJiPy*=V$i8l`?Jgm9i$@rwO3}?<t
zUt0FQNTNO!P}>yO@E106<59h-2gVPTML&PV<%x2CtLAH)oKhBWE^8vs-jA7Tgx>ji
zKR=ZWW5zJ%b>m~?8vL=i7k`PYjl%rr`(x|aI+R%bvDu5A07taFtB_jy``nqv!U4(N
z9V*~JQ3uB41y7^s=t4>HHwjX=s3pW$k*Y4bn6j4_NQ4fZ%g2>f0x6do3_!DQfQFK5
z&FzH?=WV+WK!zkz|4<)l@1nLUB~qyQigpAI=RT30c}ABG58wuuBKQr817gcmzd2!P
zSF)E30|gtx4z<+Usf|1jM!)jETFNPX+FMo@Fno&kB+8yqBQKFh^L^L3RZ9Yql)4%R
zlLo6fEhUHbK}RX5v~?)Z>EtQc)z=~tUIRyP#bmvWF$|ou3Z$Ke2hwQEgymk9T8Jvk
z7?{u^VdGwrO)U~-tQh0V&$=u{`u1)TeRBAZH<itBwICm8JI`-%wS#r+c~}P++7<UJ
z<|vVD<@-5WS^@$|raOCDUohqxs-g0mS42%NuY<t|qwvnc@Y%N*by`kja=Uvj^tA1y
zAH<lbecjoSw;N>h=+|E&izv3y(VyCb9AYGf4cJ=mbyR2siao0S^d*Mn4jpr=wf=AU
zTAQlFL`5Z{KY*srKDA=zM|zRhDWvae<>UN$_e^M+#;l`43dLB&y$&A6!}ZLJh;rLG
zG2BycpUohAfz7MeJnv?$rWfajW@><A&}1YofbQVg^qw)9>_ld4^uVtW!Vd8QYz4PX
zv(ET7o_X4z(##ul)@HH2?|>*bs<U`Eh}KNmmfWsNWUq+ctk|FjXYXcmw@dc!(E=qg
zRBTz(-B-eGiIVsB>R!rGv_(nf+tBwUq^-k|Rf(k(Qk2A@X1X?}ENAUJ#pud{%?Y|d
z3sYt^Og*y21OE$qSdn|FNak){c#4yWYaLs~XT{8WXVnUWH#sO4yWxv%t>96Iw9bgi
z1Da;U*28=3Z+{>0(|O_HwRJloX=IT_U#}+mAyUoYoN8QFqk;pr5XG^+eg5smpJtyc
zI9M+)XY#A?`WKF0Ef?k&Q}}p%xG6dBA}wHo>f4aJVOHP*peVUtNhwDc;CgmNHA!*W
z2OFYh0W85z-`#ND#_y=RB1|ms473M|5@>tyf5~fz(VxkyB%dK;eP>rA*F2o(BD5pr
zJE~ZDC8lQF!%sv1K=XYL$0-3t)K8zJ_;t&MY_W(B(LdXn2EG^WF|2WmwLdPTv$2Qp
z8TA!N{kx(%<Cl=M?&58M+4eJM422^{No`Y{p0&CQ3;5b(#~>-=#Hr<111cY_9+-&l
z%Vl*t2R=E>MTesrY{<SR{e#Z)zQ6sG<#Ych`r?0+SMF0s!HWa-YQ-SR=fK}7|Dgl?
Ke5(|8C*+@Nk>9-l

literal 0
HcmV?d00001

diff --git a/warninglists/figures/warninglist-warnings.png b/warninglists/figures/warninglist-warnings.png
new file mode 100644
index 0000000000000000000000000000000000000000..f66070a5585d897424932f99aee72cd8968d5e36
GIT binary patch
literal 91431
zcmbTd2T+q+)Gmxiv4DsTQL4(Zfq>FGHi{sEK<FVNy(6JW319&f1yls2_ZA?bmxK_C
zfYi`JXdxg%AP_<iB!t}PIiBzS^UvJ5bJvXHY%=fr?!ETft32!3?+hMmadGf*u(7dm
zJ=A_+$i{XU&c=37_2^;NU;eULoMruY0Boprj}6u*u*e!5a=fc|myNAFmUGXBoi#q@
zrELyoV>{9M>)(M6&q6ykHfG+#2X~EMSTEx_Q;o4{D~!mGG7+ad-A@iX@!GU^>xMaP
zXhPqeQ0;j?@cMkTL)eL{3*E<_A3FV{bw<ju?)X6SA)BKojwnZQJ&4wPdT}*ECg&x|
z?!iHEtt+ir7CEoJojZ0yhjSfPy*&;<LW^mC=@~UqQpQH6ink$@zK)`6%xWb8xkIeU
z{Uc|?^mq0D4A`dYL>m73GrH4!@&944;5E9s@#ht63Qybv0D>dSRL(&?)Ar5HOz^Al
z63SnK)jw+*`KEd$SH@u}!V|@gd)dS0@8}Xnp~_3O8PCb_$-^Cx3su-)O=a|u(Ts#k
z`im!Ps*Vm-WQ$sJJV@nBfLerQZC^&K^5RC$`mYW8Ez=K(EqMnmyeHz7f-}<khIk~e
z`febodmIT|IV}{parV!TnkrO>)p%|gtWJ)>=o90<zQ5{6<{0t1inEh&3^c;}rpeAO
za~r3j29pHy$P|s5>LuFPm+8HuteyW?9y?K-oqI#@K64t2qN2dUhd93xY01VMKEmfx
zW?ovJs&M_CqWOB%V0^g`Ab!BTzdpH~YI}uI!IhY>xp&9k;n1^FmfOzW4|(+vRYpo@
zIny8r4--3(2fi<PhBxQ`^Cf!xq!@6m-X}5mafU>4)<K>58}ZNpceKy8Gbx|?Wirk-
zh(9bGe>kxGE|C<a^3tr=^+?svWX{*KBjj!iqD))g6r3d9{8@GTgD&zA=M6d!nyJwu
z_Gc+!M)yyi@Le@(fK{F*)b)q*Zsj{@j-)IeEC?%I`0OALZDgq==&@;i@gBlp?#g1O
zsGS(<D%wG;;?)X!w+O)c0D|j3TT(dYW3v2cF;Cr|U8lxX&DZcIHvVZ~Pw|6y<~J9A
z6hr%-EH5u?*Zk;$@eZA?Bxur73sP#)S$U!B-R&@6ip%;Gij>aL{_{2TZQ12+f64Qu
z3sIN<#{w0y(sE`P<Q)@FCuivUCV5$KwBV7YhSW<>n4aIN>@doRF;jyr^!%g6HamxS
zER4FjX|0~oEI?@=+S+_iXRHT7r$V%)VO+1upDO7~lcu6mV|k42dSQy0DN)Mwn)d%)
z@jeiVp_z%txS`l^JOh=J2>Y<Ocz0~pEZmKa=a7j+6KTXqpWvTfbrlbM8riW;igJYy
z=W62V7aSPJY682xFPZwuhshNx<rdUBn7kf?9n2UL!%vFg0(L#PxcM7@Ifs8l0ao}w
zOZ-2bI46gm;y`g>WwW6(A-5wXt|S(M77e%<NI0}4_q}IZ=amiBLbIxev-HCo*Kcl#
zwL7m?MK`y6*Ky~YQ2y#^x=ToGQBeQ)qjxSTle&r_z7xibjUzHEORr@~1rx*569bP=
zV3)!pGmJ|?DlYCQ_385y)W|ug1&EUPXTH}Ea?5gMcdIwhr9mbQ<izJCSSHNS_AvLz
zR}FVCW+E`O>2|eeN&-e8tGTscDIC(s_3xuzEv|qU_DJS<)eWgDBd%?G6ez(wgk9EY
zb~&Sv20_2Ib)<UhAvdlCW|gk^#?i$_`s){oj}u>p7w<$w4u)p1k6r;;rh~}(T23^{
z!tH<UE-bEh0AS7IJFp89%42_DP}n2y%;W=<=6E0ZGiSC^oE-jeIuig0&iO8>UH#5N
zmhYtl$dI2`f8;Bi+t}H;DCsaMLHXL!HP>2a!X@<Mn)~!G!Hqg`lm?B1c)7eNko-Mr
zA27$=9RCIjKTo8(=9hO@#(>~+whVs<zS_%sa^q@`y9rYT?ykgzsZ{~EP{|V`mKs$P
z6caTG46lHkjiXp*Un*7bHIF|%#&vZyNY*jDUNRb1Z33QDa;PAtEh!ikZ?<@#5l@tH
zRUmmFKcm7p?@5R-SdM<xmC6ZCR?@6JzD}1PYJ$r*hW1h<H}>rXM24Y6emp@yzR_f!
zAvG~2t>wD!wM={Es;x2|>zOa?(Ni)thO(M%q3A?H*SQ<<6Wc>sMeatF&w^q%XKB4M
z3+JN0`w9*)QXJER^K@om?~(TO5T;$6VoERAkp8@5v{uh`ekvs}VQop%dHn}3A4>m1
z=n=4pNTT4({$E@=nuLd7V6*b3-v&h^p@HbQOZ9z&=Jo5^YK)+I4nIS?xuwb}jOGsz
z)c)O!=?6oaw$?n0gOc&|fZ1K#W<o|apB(dn2n?+;I}aP+^qqnC)4%ND`2dgkvYH8d
z?_8+#`TnfhYKK8C#2g)5HShnh(l677DhH5EciVPsy-FCpO4|JShF|8HVLY@IJPCr2
zW4WD%YYUbRfF+_E>AODBJAQdJ8lkK5M4&4999QE|Ds?_kI7+5)pBoEJmeaZK4RkHM
zRMbJakUA?c@6?0qaMt^~$z^1sTXtp1R>pCQQ%4i=*Q6<tLa6NxsCp9Ws<jzxv|SYF
zvCYyt3_kdCCTBA)abn@`%Cqqaize!l;8^STDy<RZiOYAVENNSmxR5Cwmu}iBS;A-+
z(6*8!iFSP3ZfAvF3o)EXM#dmS@$@vs@w$l+P_9Jc6ciqEL-3F#*Mu;xZb{2&{Re5d
z(rpx2EDP>%`mX9~AvjXy5y}NkQ@&UG;MWGM2-3z?11lt)lq|SXhzkizuc*E$NZyyj
zbXs+gC3XMczsi4X=6=@tA+S#shcTy+@T>BBcvm0HsE#{$M&nWKzEk*V^hB=SJ01%!
zEzhxxMgDz*BFZCcSgp~4d#_!XI0Zdx-sQiyqa&*>+tlm=@9FD_f+w7qntB<Vx#JS(
zK;4O{4~xk6BS&V}_I^zHn7;Mx-uj6E%lgb4HP^#K?$o9WhfvRmGl8^@?Vp%yOH({|
zM^7PbBGSEyC~Mu7V|^3ArO6VVjQ)I4fIF!mh?fpFtG&Z>WnUSL;xuswSE4$`!Eb%A
zg&Y9d^Ea>73b&nmCl|*TRsxb%7y&I5$|XQ<AJWj(Ej)H$Z$H`V0Y=`X9(qo!0&kS;
z?R$ReZ@_LPSJ8BZ9?zE17>=>Ge+|H>$dI?5*euE5belL|^mj?n-EPp@#+o<Rg3HP_
zLNR$i*h{iIWSVelqeqx8<fSVZS569_#O#rCKLf?8o}y5MW2KA%gEl1^rGYoWWHEd&
zsM-#=`e+0LzvZvgzq<FAI0ky$^|9-AttVav;#kg2QA+W@vE^YxLSA|3?i#1wRJ*l&
zA22U*Aq|fGz_SmLrFu1MhdNM9UB_+rh5Q7ekv-IS5xo54vEk}wIdCL&wD!QC?R?~Z
z&f0#w03tk&IgDBzl@ZR?Mo|LpP^}@2QOmI#8pL9P|Gqi3?KOoj9Sw?Aq1Z-2_&0xM
zuO8X3^rh5ErFm|Ah|!3GxHq(ego5)D6P@(LLhC%c*hMHqg^j>h;TUFg7o%SBwFhpe
zxqNyOnczANI?_90X=CVLXwprL1ZHtzcaGsi=lhWFC3f47>j|C>9$MYd+FTZXz3Vm?
z=ddu+%}`9m>et3B@b>U~qEg+=<9k<J7~W|aOj;?T{9EK*$M~YjjMwo>6cN8S82N5?
zLei-*iTtcqBiSc|p4OcAqUB6;r}A*L-NU6!$jRe66IISYlb$ax?pp2@;cy-@u7?6a
zc>T8dcgAq&ws<XRgnv)@S$cr^Zd2x1ARXUuX|j~Sgwb}j(k<)rAEN+?sXRA*ch^gy
z*SY517ZCPAuC8zkggV$=Y$W$yZI6FtttO-O#ny?0m_cNqGLO*8&;cqzFrq$^(I~A3
zxP)8%=IyR9ZhG$5CiFX;5LWB?_K)~H%C}`5ue4?Eok;7U_V^in0z+m~%m$)WXf`LG
zd+^O1x|l2EI>Dq^7S_9?QzXH~`8@Tj2T;KHgWGtORnC5weC^AM?i`|N$wn*mS`HyG
zNGw^>hgOwwn?xdTIqYMumQwG={6P6SJE~KB2Cje*-!M3+9Pz1nV&UfJp0l%iW_8ie
zSHm)#BjAsoQy0=hlvX?318vB0$<n@G+BMpbDY<CTf-CK&{AaVx5FBoyF!6ECM9D-k
z6=dy*=dpVg2yt39{3?mjb}PBagv>0@pjXZL+eE%X`H~aeFIbjG^l=e7g0PgPiSccu
zY~Z?9oUF?|K$%Nim(N4Y2i}JAZe63hM$^G<Eo?ZY1$9ek9$mTWe&?GEd7`;>a(o#i
zBrGET9z18@q2n8#mo?ez{LkfKBVUWan?Gq_z*_K&P{+cC&X3%`bt}{&9G|`M=wESH
ztTum9O#uo|E8I@=q_05rMK44sA|8~l9wEK`uyPpUtHYT1WRbGb*LyTNCNH}$>C!!!
zOi|KkCq{OAL`_(f%mfFPz`yx$Nr(fS?GSSrt;vFmbL#UXPqLM7*U^TUmK9!OS>G>*
zLlj{zLHt>_<Ae;br11u<y4KI58J;!E^eLAVqTM8MQ%1{1(CRUeRuo*85o({~;;$uE
zEHO|$D;iukCsxVlQte#o`cVRH!ce0SxmgKS8%s+DML!OD_P=H27%%f&jrlLQ-b8cy
zcxZn7(rTXO6OrM5MjQ`f%^xbyluw(nO5;EFB6ji$^lQQjqCY^rh}Xn)@#RAipH^%h
z-wydm)gDs-dGX9|Ej26)$E)rBj2kXUJ0Ym_uPJ`>`DV03IlE1e9KYG1(|Fo1&A|#%
z)G`qA(Nc6(>6{;Ypbj28ARuhwyZfUWy3>4Id{^Th=jGW$S?_5;;0jURWtI}R*ah8S
zYC>q+Pt*zItkRzGZF)3^Rx9EsEkw<&2$vib;nZU#Y?6kx#GOE!N}q!pJPQf8%yHHr
zd4CzhcV-q+UZ_?FzHA5KEZY?SnuJKI7cCObXLZRfUp@PK>fYO0xvSEqPkmRXn}@HR
z`A3Xg3l`A&qebp5#SH%HdEz4U?bO<ow+0{3_LEDLyUzS|xvs)dCH2AzQ8jhL*X5}2
zSrwjFF&a8^C)aLR@cZEtUHK;Da@gl8+_A5Q6^wb0gEFht)3Vk;Xp_X?M(y3Dj+mxX
zYJ_{wkSC7M7Lx$rs!3B59xhSrm3i?M;5^bj*ghv@{aa<@M60gMX7_#<v&@P!ol4o?
z<*_KsHk57*Ery}?f_bVJd(}?#DaoI{cP)OB>}WKFMf!%+i2INWqMYL`kZM_5XtV6d
z{1{y6LEBIMSBo^TdLx6sU3bjOTV-7*N|(7G35V`IcX4rYdiv}iQTlO%M&Z%owH9<S
zfZ+Lh>t}^jFZc=Lb}azMIq0!SV|&8U*;L-DJ^4>7Y-xc2_))D|(ZSM#boLp{6_k<f
zsT)s<afZMl_8M`%WD=jpFy{5QzeQGEK1z|2`TU$F9MnT^0tfZwBLE^}M2J(0sOM2+
zC4b&E=EB6p_m}rW+O77Glw2iA<A)fb#XEWrQ8k?yIS~{(Utng#-4)V7JaJS$+O+c2
zj5))2zPR|yXrb4GVt!po-;8oeMl`oqkAKlelIL)Te<E&m1-S^jtow{~s)$d=Bd8gZ
zmKi01y)uJ(9`9_PrZ(c<zkaS!U(b05e=sT%s2T%=(PA`6>$|$fe)q#y7{r1qJ41DJ
zzPWtbCr2j*pW|W|e(7%dY=T%F2a|Wu=Be*=(*ellfL76BE4RAczY26&JIkORrBirV
zrf<Px4Zxp@kPM-DTfIiBnFB(PhCY!n9D757s>nv@f1=?(pE&8l+_hF+-J5VJYu0X^
z2%MP-@(I1X16v@`jh~Qmq9qRcED742uePE-Vr6Q3lzF;!fT6ni^6V=o1HUJa?3+`o
zigW-NdSEGJqG~UaJGZskwx}>8B19Q76<4skp*EcPGb+RB6a0}VpH&t-V)lw)(FbS&
zZ&j~J)7RN$*Xx7z#JnYYIT$@pJrV+CEc)~YTygUJo3j5ZVKQcQ_uQ9fT<5<8f*V``
zG>uRg=sLEk#A8`v$08|MH6f}m+W6WP=vKG-AxTnWZ+x<vx@!B_yCO3X18HgW(srw-
zGjI?DYMtQUYI<`dS;(j)JW9uNU`LV`{*95m{Y{R{**Zk6b#C>n*$Kalr_Eh7u9CR^
zP`#Gd`Y{4p7m*J#`*lw5h>bRh+7WZ`e??>gWa_%MY|s8VtGWeFVc6!qZY>(&0bdbr
zz5KN-{>VwarR)$};gS0yk`Ec9f>8aQfl*;&XUlZ9qC$%Q)=+(p&qJBN6*g-|9`R*$
zE(N<_wIA`kPjCt*tU7T8&SV^M?Kz`3LJ5A?rJF}0zP^>^MzT=#c}*U@wLud-=PpI(
zoG%@(&*Q6B_^R)D=50v9r}#w=w%!0qG;t|e$Yjw@tjJ*Q#~LXOF=EksLoiQN9+ZEh
zSa`4>=5eVkAV!CBw9yxMs!x#5r?U`ZvGMxl{C-{dS^soXROWL~Mk-0^7IdLRVvtUM
zwL*!I?9Zn}0>t%}DTiePGAx+EDUFnIRz(F%St-u!VYobG#}0f~NPoVI3Upa3RqJu>
zZx?QtT_Jij*WDoi5x=6kWU{OI2IEq4>QaFJ%CmjZZRZT6B#*@^a*c!==&AWhTUVpr
zY4ooQX;a`zpNIcVvlg1!U*5v?3EDJv!=TcbEqE7}GK3vpI5@Bg?qLRRq!T8v$!goy
z;-1<3Enm$;-<hj#5hUTpE(_l?a>WR#elI}3Hg5W?O{i3b5iCkfIju3cUP*oHi`rHT
z=U@hNxt4|UDR4NZX6e(mlxer&h%Z*z>z|B_>jP2eejbID{MdORZoc(Jh%cy=7XL<M
z)aS`^H_m0a=ZXa#Zr&V^T?+;(gTvEl122H|xy?Fx4PftDV+j0QNr=wkbeE_hn!>c=
z?71E2zeRRz8>S%EELJzJASiGQ*LaL9c<Megz&&PTrPQ@UqJR8ab~AQhA=~vDfHbuf
zSUgI>O!3Qp4K-g5EES^d{sobjwKn(^#e`b%Y+J)$T*Oz;R4$1eFg-(eZ9k<-xHnjx
z(bdu=Jp1Y;<TAiXg9J<_eKS-FE$nKXCZ;_D(lKJy)5>#EyHWS4F)^t&E1edqxBd>+
z${3~*(%u5@&eJF*!=ICQM5!3L;6zh3Rt46zemxBYyP;o#eI+~zT}O*PW>Vko@;BN&
z4bQ(R6>2mv-GvDLa&GTB#CjzSX*HfGN%@5cvsIa$w+c5>c!5|FU2Wyws;2~N6-WZ1
z`q39eu-GxKum4I+h!oS>hRMiI>Jnr7UXaA0^y}fKV`9fk-P!=7z^9{tOfHy`wa+IR
ze;A0LjV;q%(07g}%m|y|I}K4U4vEr0B7dVFsbww9G%$><+mC1TIY#Ie3)k~{bjtd`
z_wJZ*fCb-Us!Oj2vn}f|3blVjd~FuE`2HZ460H6^y;7LbI9PJ4p(0LjR>!sjL19fH
zhKGgbeKc+DRv&olX)3yy2qp!;YgA?y@NKnyI92p(mTcFq(~X|UR8`DcjjjBpPFoNG
zdhO0NpEq^PAmdm{a0+^3%9dP1XIC}f{gQz5c(TsD<+9of)RB0CF7^bp5x4-Jh~vK|
z9~P%6(@+6qA7AY{Y$_bGlO=)Jd4_xiVr4bcqkn+sJ38mB!-4E_GBUX>#qV`>enE6i
zw>!R?{+<il_Z!D6T8^<4q<Yf&pQ0$!ob`RSOw@nlhlhTRRar{;=MmQ6>3=_RVYLO7
z4h?xi;?6jueTzIdLX@Tb>E&h1^V`ZMYM#lqk<`n$FV6`UHnb;h6F2F5Jz$PJSo0)C
z9%2c$K<MqLRn3Q-Z2_yETgOXJ2%$z^A@`|On=`!FnSE1o%Ft!xh`ZcUio4Jh4A@wT
zUuJ>b<nj!s#qQ(NW`BV8JN!`(Yj?)%eqLLUj|*vkL0aq){t+sxxU-i%cFvG_?y%gA
zc{PGdO%jQBBAL_RN63s>@ogN1aD;eu@t*qoFfOW^dW+=QLUD@IH|vc}n2J6FVsv-O
zFUCV{D0l=_oJUSiJ@7qz^<R+Oy)b1{LmjDl+Ke&ptZu7%<`~@Xp(K4QoqW=oOPXlY
zu^Q-I=c$nH@p<2=uPr?`#V`Lg8dP0nJ*QCLKdJ8DHy<Jt=XIk&zQcui?QOyo@l_z4
zFf^FVn6J$7Sn++_Z@k*~BmfgLzrljqwYGQ+j{bpF`)l_7G*=a?m3FEQU?tO!Ie6CJ
z*m)E#{c!OH-FX~6*jrt<LTQnhtw7#;@0TNo_m6iVg5Fl4oso4L6XVY2xnC|LgQ`Dx
zj3tlu>6E6}GRh1|g$Pe+98)$l)H>!+sEs{<H2P__eq|3q4{{oXmO4>GW_D%9`<yzf
z9gTM%ooGz)80j4y33Zp<T27uta2^+H=%KIgE^I5Vyi|?7Y7dM{^9EGer-Dbe?A}{b
zJzE3RWs#oJ_GqKtG}~=R4Mw`;QBao(FFg(K*dD}NZ>mQY8=l;9MBndK9RgAo7g2us
zanJVk$B!ZBb@fs<Ocm`*Qe07GmMxny;P*_?bs(%J1&1O|^x#7;<3~zyi`(e%Tm(dX
zg><s1{Qir7P~or|UmLT#Tc4SiRE`%qXsaW}`f^*72oVQxJa_HiF)pbh>B@8wNKWRD
z3zg~I-<E6ej1o@O3Pc^hM`I7qO*<zKW$@ky*tmB|=&)bj{YGQnD7neEZ;USS8_IIr
zs~8PZRB6z%?jy%+rrSHORl16U8*At5ju`bS5>ZFC8|PlAT>wgrGaNE1QM?1b>$jJ-
zVjH<NE9r8}5IuZsLh9_Nw{J2BI2y}nYv(rP7oc?(UJSXqu8_!OY4^)b<JDUSk-UpN
zn9;`%4$6H9bo1;__tq8>>OS>|j4xifur$7vZR?0CN}^r^*1mZXhkMgJtQeIhScTfW
zCTyJdmn=AZf>3Gd(NIKEqA!YlL!>z{Q@$yD9GJZkHv9TND;DFiRz35^)aH)wduMc+
z$^xIH09ADNGhJus5t0!w&iJU-%CevQyn4}34bI2VQ-2et^TvA}3$Nf;WvlTOW6h2*
z@Ou{k)qQ?{H1i?=d-|}91Ddcc!mh{N8vXsbYq0&qs&cQY%#sF@zodNWE8V8pt%5Qq
zoLC2t+50ptElQ{c*>CfB@UFP(z@B`t*j@H6@6Zt>xVa*^s;Fyv8~dYl@ArzaUWB1n
z)l!K34?5B1=M*!%QdX1pM<yee84=WNtzKhZ^P-@H9At<6{MZ|e)H0t`L#&)n<&1%D
z-|Z9#x&?e36J%D^&`FQteg_7qhY-*y;`RIFkd(Z6J~DMi)-KkP_fv`b*`8ELa`eDo
zl;GuqrP9?Kjbgq#jb9T+Z|D1H>wD^%-V1lIa>d;qa(6t8H5iAxfHVLb-;`?(_b-&Z
znMh26k(Vvf1J<~BBeu}Pl96`-FM?eu9deK5Yk!LH!&AUYz`2zN%3>qm6c0Foe!16Q
z;$+JhQg4|!9Rb?)=xcO12=xegRN|OR_)2LJ?!dn=m3v#Ro=snEJFGMY5Wev#?ArY*
zRd1nQ7YF2U>`v{GjFGZqA^GBC7iXP87tS2M=O=f%A86m#9DZeAX#O*wZIAz!V}bFU
znb|2`rNN+c_BF07OU?6|yvA==4`c6bl!k_TYqJ;5Y^9L%M>nL6&Nqfr>_-{tX@<ac
zS>8GgN>V@pnsQ&5_gs?W>BAbjM7pE%=+fH=BXPwJ5uS)|egui@8wWBWXjnytrY;O!
zQ2)5w<ii*x)OLF*9lR4W?{D<{<V8gyq<yM96WZmsL0t_JWj;QsqN;k`)v81qGfal;
z1w;8n&zk6tg)K?ZN7!kpi5DWa7N5a~1t<prDIHHXEN&gf>3O7GJgN(Ln|H6qr|n$W
zZ0vs~EV(y8=Z)2toVZXa5aY}f^R5~-9_m=v{M?Tn|8-2bQyQ_LJk=8rPE5L#0IO5H
zJfHpspjdR{v|--YEvZ+pZn3EtV(h|A-Dk|ykjd>cI+e7P-o2ptHwQi?B`<jlbe`C$
z*!7UOUvyDaw>?u|bH{&1fUGFjCLllV`}Dj6f}<m06{qeNGOsKYVK(p_E7ef&Q%Id3
zTUsy=8XJ&2Z}T?(wgkY{$9P#qeaY^KJ}<Q4TZoY1dfIBLlJh<0MT4M4eNSj$kijLn
z*+B<G1-1_M8J>S^W88Yweat8h(x&yZW50Nhd%;M{&gAtQ{8w`rU0HgLlnj6R_Yg7Y
zk$t4zZcCLwHn2sbpp2GZD$wniNU9iEmOM_kFch3eT-sbJK&Z)7AoU*kGI`UIi*I&u
z)EWZW96E(mZj?-OR&NT#KB!u1TCEFB$;mG6T%uf6z2K~m_uueOlYZI_LJhkc5HjDR
zwdF%cekPN*qdl(h>+G5rJa;<hC#X<AAN{nU__G9wBG!~Xwht3NSX|lFDk{mw{y)J|
z5_$Sc&JU5|XPq(O_TjUjv8J|gG2|c~E@=8mG{LFxBL^TRet)qnGc<Sb3eVXjFh}v&
zJsY#n9Nb!m@a^U{i9rFy4#`6gWCzQG{cKjH++T4UU&h~<kAsxfbT=9+{Dg~?u%)`B
z+r9vH_dqHq@Z*zTP3KcXT>4sX<7gtFQ}a_B3-o6lS2!JpW<Oq#d*ITkD3@0c<1)gZ
zO$Kvzh`f(T=(R@I!^)B+jzisQBW9G7JR5FPk^(0Hpr<%QFRTmN+NxGa0-Gx}adc$5
zd@9TCvce{_l9Q98>oJ;jx1g-3J%_yX$QSV9yD#?w;`TBtbEp9xp~>+&jp<(#3}bbl
zOJK(jR3T49a;az7bi@dTocL#($wgYRLLo55SVq*c&qDttL6sK<TwGi<R_=>GTS<(k
z7vu^oa})5=#m}?VQzwKwTW^1In~M~j?b!dC0k>4(j~cxl>&7;X$U{D)+2$%;1<^N8
zG;>pDZnw<J)uNZlRyg11R6v)wLrTG(>>FGnifOejD4jTrP`ru1!Bsf}7(tz&(v3p7
z##+c0f#fmbQ#e^`UK&A8(OO%UdP7yLc)SVhOrX@uA+DVgH@`-QaLI0|NWsK9=%;m1
zM&b$`R@9qx%C{9bae0yg^uZ55zb{_5pTB=~1D_)fhqfj&JeHwpghl5Zm07*s2Bsi?
zj;x7y`iaold%Rx0p=$<HWCyFDysKlPMZgK)4cnmCt2eq?JcrA+PN;%B?rTO_BcCT|
zE_Gwhy=Npv)A{7PDMQC%<E?p{*5c$FDwxmy;aY@kn;IMcB#wh7!c8?reZHSEd2l~$
zA$EEovxRX|xcj*DmuqaDydSE}U)b9n;+5_}UDrQywnMbR+xyM&vF5w&^%~p!)>_wj
zUR)@x-(Dtu7PKC7kKG)z|9;Bad|;`JxJAw-BtlNatxr+~sHIm9JZ>~-kD99F1NZFv
zO?83w^zfktNnp2?3+8@|;2D6-gYEzzOAnd{OpGuX?Qq?+_&Q33w!P6Tn;4&5wL*h;
zcC+!t4f-9Ii~;bm*6QVtqLhGx3POJpJ&vA-XROm688$!q8A&&ZG*FmX>#@9eJmGN}
zNB*th_4uc3F_P_nn%>E0VlLS$i_wFR)ISfidTTTJtZ}y1qe)q-l|Hdna$<3@l)|oe
zEi4%qEIT5*cl%&?*dGV#)EC~Gr!KL^c}mZh`)DeZMJKr8sDp6}#rQpX@z)C@te-&1
zXYhq3j_W6V_>cZJS%aqwawpl?QoH_dd+zoxssS56p0`yN>{>FY?gb&(L%kC}cn$Z~
z7;80s7$t6L*{Q?f1=eDeK1RthIF^7KEcvg{c&wpi9Ke%NW%%yFWmWuGcj%C&AAGnZ
z=@`2I!~U6SDV13E)+)E2L#2~s^!)=B2Y#OHg|5ASQW~)G&-r2%Lb<~Z_`?X%LgTha
z2Igl>wCi1x%alY*2FFo`XWa6J_X3J2S4%1^J+Te^j-8t4yW8Kmiw`?yMkI+ls$#d}
zpE_}Fqs-th--XXB+DjAg%v4y?@D8h@{71Y<3fZfox53&<A1V$EpDV(J*%<bMbw;5D
z_+zT3B3%6ay5my%_Z_TD!eL4-SrOtF(oSiM58W}9t@e6@rx>~eB=K9z588VDThIM1
zL#O?C+IDUc_IZEaR_n6|k;AY&LghtbKua_ho}5SQy5{mdyzxKfq<$XHooGVRzG{ND
zHYYi^prJF0((;cE>d{BIx_c74WyaZoIlZZ03MZWXXY0bc7p$Mnil%;c^M8rOIXx?W
zrSsn+q+BXJ4(3_&ITaT`6J4Br@2x#-72%O<4W5h77!UkV;->oS@?pj2b!C+f2@#`V
z;2x>Yz5+z%f3%f?&vM7%xz@Fhj2j%160qNV_0Sj9yz$3el14ml3(qK+`t6&IRv1_I
zlwX_j{?K~6s_4g(W5MfQ_Ib#n`V%o>fqQJM67;t;-6+&+Z-|NnNC9UN?J<g2CSMzJ
z{BRBi=%G?<Z`%_n-)H#jTT5n2bG}dX;<F8#+IKOr@kVClwgtDlW!#$GxQ@mCp-ZrZ
zozaPGjmW_C_xDc||9O9ZdQ?=@o)x`Poo8&ZKkL5Ii`7he^a2b2^f4;Y;{H=TI}Ldp
z{7=zgId}gpELiUddv&+=<v;IYpMOJ<^Xe`pm1*is`X?=~E@T0h<cfnB^-6ouoDkjo
z`9@DWoF9H~)LJzs#=_eY#6>wLgHu_{{^8pk+?C|$Li7)Wrc4bDM#k}#<7y*y`ZhXx
zX=>HLnq`KMAFf!Sqj9n8Yr0VGhb_lnPO|>_4485)knq<orW*)<wSn;^@5avM!Bkt+
zT9Yv{joZQGUN4LveX(@v1e=#j_8(doIeQ|rQSY!(C+&U+%-+wPaR)OxJ=f^t75`%#
zzBv?-T<#AS8vB8kcFX*-KlNy(VQRRC9v6skq#@H()eWeTwXUXR=HEiDP{;dkPHLT0
z*kWqdx#dsv4eL3k7wx|88-V$GI(-}4Plb_7I$f;+dS~dJ!^s;`**K5BnLJrZ7l%gI
zTA~>hmM}kgijA$~$bWfGcxmI}>bDe!zKGkB(AODOWfgPS%x8rwX&*ALJQa&**^)nU
z_q{oq{yuV&CJzsiG!ut&0<15iHVYg^CMxvfAfsnVatoKq%Nf>>$F@FM8(wQ$PdJqX
z4)KG-7KDxYWI0y)_C7q@t{h{WFI9xQ;R9Xv;{|1RWrGOdg<lo^#>dZ;ow?(}OP^L7
ziO0LVRd~BizU?}uxGGx;j?C;|Y~Y+{{G4K$)F0p6-{)5vWE$5>x@Z}0TnR+dtnwec
z+a0Vr0-Vgls(kujEbcq_w!<0_Z5~RD7sS)_weF=&P8s{A`Lq!SmsB^NNeL#ux!dJR
z&#Tn$CXK8J_%7LAMW6KsfX3l<1g#u4_ip8tRB3oyq^j$-YXo<7GCp=7d7~?Df~fQ`
zNUaN)SG}aFimJ_dM%<k%M9tSR+`~;C=~kKgJEU3m5r5oQ-X+1ljU`Q7!MUG6C{*z{
zAZuLx(#Tf_gl1KGGygiyHvI?6$prc?`64`^K^@_;(!NP2<P}d02I;JPa<C#5C(wKb
zjtd%8)PHQHsDGV$ZeuQ^-L))tYXK^0GI@Kag5By0z=giy)AqjeL)2}4g}gq+IRP%_
z<FdwJ(~w?rhf8lj^#e^W>Q}C0371K7_K^A9N_tw(db;4&BSr|0?>p7%mB&fX6`n)k
zHT-SHb#?ymACi8CmrL$|0U))ypnJ(*is@QxO*e{KZIu6VJfZBjyvibi{t_pB)xgbF
zFd4INY*%nU^2FkF^J`WIs6SFTWFh~nDtuD?iv9RHRH@|CY4ch6F^_{tTt>=@8m83o
z;3-Q8IBE0S`@4Y0?R91~7B`CQm|~C}JETCcY54>V8tgi<uQI^{3{>}H_~*K|l3z2%
z)^hj&ZetroyC3`<-Z+nSV6FsZY=5O2r-S!I#R!T&ojvCpx<I-h&-v;jgH#lFe&3xM
z5(~*p=|#Dn<+E399afXT6ESlF0Q#(>S|T_;_~r|>0SJOzn*n=(;XdoR+4IU#W~`@I
zTlE@SQ_)S&KPZNgJ_`y|eow%rA+Dd!3@$kq&{|w_OSFPw=68NxmcvWxUUG2rC!ROg
zC4ou%632m3uX8e0H~21J`l#B0L)fL7Hg37ICHkx1(91BD@<!FeA#j*imO+dwW~1cQ
zHbd=ElpD3)-|()*X5AtqwZQJ@`I+5ON1;^Dzc-aIsS}lh!Tz2@HUg}(8urH<dL7U0
zc<w!P#*^kZ0hrQ21RyDhK6bIYUOx~W#X$v6Y6BSPQ$wFs8~K}LSuDz$U>>~ypQWN*
zQymeZiOHU?I=n8QDF{gwidA!bJcMfiM)hMXhIxpt2;6)T4Ocu`m^`j;(T(YT=a=-A
z1GeWsHfd(NZO%R$VlRbTO~&gRiumNuN4`u<q}PwaP7M+HYHckv?y2B>pE3KA8`=dh
zYKiH>g-B)G)4iK4EH_MJ?%#sSa6I>yH=Mq15bz&!kmbr*Kc9`F#zA)>hQhSA{8Wf}
zed8Cr{I_Nxjp1oMAcP*3a$H)62S3ECk$Hawgw*xliBAVVODkvJn98D=b2K`E*5<&4
z8&XbO$kz_5UMf083RyBlf6<o*%H7J3wT6JoyK_xP(9rd3{w|&3ia`&5@#?%dels&W
z`0<DTx^wphh$7DcbL%&Tt)s<p_R$r2d4bh^n1~Z0KOK|3774Bow@&wd-Ik<nNmu$-
zI@1=OuKv3+wzGe+*r?adLg8A_&{7aHR99wKtg+}=K^hj=JED)0GdJ~F$U2q7)D-M%
zwBG1FhsP-OhW?4S9U!sRVpfkw99ze;6*5-U!|LoW3T#A|2i3PHQHXASpbJ|TY9qnw
ze)UQ3`%*kjK1ffDxeponpcNjvrw>ID$%G5F`wHR&a*7dsm6A3$h5D{kdb$DEn{N7Z
z(r9VdUu`^H3BEwvM{&ns5gR_CVnyUuw4!uxsU9Zf#%x0lk!P$XpjlO)$)#my<@$5V
zQKi5s$k<0vItk332eVl&+@ua{Ekk;qbJg!F|6NT8#u3KpgHWohx40tC^T$-pr^-f}
zq|VA%j%sQ0XIdgWeUAFeOZ<`!!gE*y)L<@OZ``f`Yn1E!I(Cs8sW9atON`0QFFBDx
zoeg*ubB8?H3>B)9d!c@=O@`svJYJ14Epmgp3&W>idDh*Ik8qmugurUB){Vt&+-8s&
zQ`3;o{6dLiex%3s1jGsK{gAQ8@glvJsPE~Cs1Z?V;VQVGacT3Xru;TPNnDllfLJkL
z>qo`3kTtOM$@^AxR<$UIH@#MI+ZQWZyEF<WDFS1Kw+H~QSlj(TQ7seaFX(g{&yWnt
z(F^287g4;IzMzyM2Y^0XyDq%)0OsgHn?m?5hpK<zO81gzlUMoT$oNMo2rBk4us$Qw
zejA|li{x7V5buMhI=F5h^rL--=PK!y!z0}NNlLhpQ93#`vm2vk=~(N6usRd6+erAs
za1#g(A98<+J0KdX3y3c*I^BHC9$XDQYgAI4<c~q>VD~#1PHj5pn~Wu4{bad|6|@*!
zemM$Q-CNi;*sk4V_xcm*u95Mnn};i)xrUeSRpBEgQ6034UF#GZ2~VuMv3VzZ$c-cX
z)@~Wup4+k;$T*#3Y0=sZ%{7hN&OuUJ9@j$8nQ+Mh!tD>{xWwyo!Fx<rK1fl$a`Hj)
zTIlCC7WLe#Q9Mh|+w=&<S162#C(a-!gDVI!%LuUhUYOejJsYS7$#@lHT9O5prk<I6
zALwqD*eHpD!}{BO`S}=J$jlo&54KEpwdwWOW&^XE4NhJU83Lum56{}nnZ!gDec0Ln
zhMu8bq3!315!cc13jmPK+eAu09nm2@hjY~8GVBxqZRt<2Em-QgVCGoFtZl71<q$oo
z7D#CH@2&HRI2~j?h*l}n3EHpH@lO{2OsRcZa`PX1WOKU4E;A2UwS}L4h~kl%wmTbp
zgO7R0MmP7F{nptl6zwAyutf%!jt00LeO8>}HW$w+<YqsJ@YX|J+IgpLT<i_{RQb@g
zAfbp9fYh>lc*f*@DfSCF=W_h*sTD5h<J|iNGW_}MS>~EepA6x1@elQqRE8TmHE~~`
zMZFP}8`VZl@b}8s(!p{0nD2t4hqES)xlrHb>)1LEU#u~7ZfJaVu)GbsuR@BS^w_rI
z-QO}UK;G*aQnhAG+}7KoIt^v_^cT4VJ#vKv0e%L&d6@{YE_yof7WgIIbKg^;utpRO
zb!^|teI*M1pjD%P8zY0jh&q1>^+<*}4`hntXaR6_Q)E4&m;ouH$G$P%ox(NGr-7;0
z)`jZBq=*}37;$fi`05OuvILROyPp?p=pMA0<*9rbUOFhEZjp`UB)Yb%_u_^cFZ`=c
z4vhohrV0Ri<B~d$o%Z6|Vk@XlI7j_`AyCrU!<wg1^kmeoXmPVmZO{d*LA2OAtGYQv
zd^eBG=Ew_PlQ+b;;X<eD&+bdcyN1C@&zF$X*N*DsW7~}9(dDAB6EOzCfch@)aMdCM
z33}IMS`0UW0=DUqxe|0(%ZmywHx`Nz8?%Wubz6B-&Yhz}xkXjVcIywDPTv-n_wSjk
zEmOL=eD(RKp68VZ8xoE}JE|74jM<HAXap18nKh$9jC)gNg|;^C1?%u;FdH}JDDMMk
z64%`uUC|fcrox(68jma?y<{*OPAEs84&GJ?hLCZz>qMTTW~4jLHQ&{>Wa8tP1>l08
z<X2CGd7|$kY<*ykG=;J{BWmir{V@}K@0XICq%Exhk#x`&Q(bQy=9_|@c_+^>wC#lu
zzQf3f-F@EPayi#U34+70ip@kteq?P5lhPHauPfZQ1|ij%6AEg&iF&;~3L*2`(zQGD
zUzWF|G1Pfq%I=68s|azYVAOHd1(>XQ*Vr=5EnGFx)iWZfMypJaZF+cEZU$iDdrw5w
z)?EF8d{#YV=34^Ku$}SpgZi#KskT1ub3lNu-}hN)u3I8l?&eWsMkSAh+{N4O@prdA
zmNvK~a6Wg#dDs;Gpw7H{+YY4LXXy7ewfXrjy!xycxZvV!Yeexg@sIEe<!=r9c39U>
zO^ZFAOp{P(zb`6}^F&g>!~`W1g8`@3^kvuu{JQT$yhkl)xZ(uau&<T{%ek=QX9KoJ
zZLT{MXonA_4muD1RKcHDs^Py^v<FStm)D&A<p>(L%aWHromO5+DsAu<JG731e=5gJ
z{zN|L*-{zDY9XsOfa(N8%F3`r;O}c3{f`k`q~ccAO%O@hgc9|iL<<Mp2>0fr&H$xg
z5Qq!2PnfIU7GwCNJ1paiwJzWNb*JYtA*C}dkt^Zz|5RMTS?@V9Qv-HrC$a@KLUZ8}
z*=Hi-TIst(0L7778-rh$P5c-WeP67DMMOq9s@5A=mDcv|U~<n%@!9cSsyr5zGW(T{
zO+dZ$I9$TuCQO_9>@Lo%$g7L}L?cIYfNtjl1-Zx4tmq{2J}>G?bg`4y=eH(n4-iCf
z*1b`DGUsVGGrJCr@j?=TCf{p<w2M@?;rW=-vO*l>QEf(^{m}W-&S#GIjgd#{wV<90
zgT|I?b0$@<x=L=nJwJ{;EV-zYGfphNJj*}FVYN)NS+I`*n8(8$q*~CYcn!yvq7DJ&
zjy|`25Z*0k7NtKhUT+@CFSp9^`Vy6Di~J$&I!aG196227MwfSC9v*7eQBo1zn0-*c
z^iG=*UC<7xpo$6pU?;kZ^-76lEr(3{YGy<$dj_dz&pZ{179G8}NIWNKD@LRRz|=jF
zv&g$Xlsr$DbqM5dhFdH3I$=XW^dYLM(E_`4CU6cy7=8mpCzmR(q-7q{dyJ(mv<z(y
zO2#RXWj2^QlR=RV%qS-Juaxl)UE9=T?ABG_?(8cb-XC8v2!C&5F%7YZ;PZAPl>Hx<
zYD4y2^7_L?B|llyjHH*`#|k?CsgBpU<h+pD%JhQ7p&nTkvEJI5SkH1dHh&`w_^h3C
z8jtd?8gz7ba%rgnV<%A@_iXI0RdJt~Zf$yUsJ)h6h`7FnWi8kTOcJPslxVfk)1|L>
zuUVBCYgnz2Uy;f(r6h9<OJo85EJA>VSgV-&{A0~Ta~|j>;0Ua^3TtFs^WqD9^?V-m
z#kQHu6B}Mj2ZRUWY>e%jxG!WK$#cd!Nkl=*pRL)Av#&jN3@OdVyk46^mPKEMZCzHY
zzKT}1rZl{|b7i5zGg+qa-gvq(DpWlVhHpStQ1YvS+c$mU<1+Z7!{_?&e(}7)l=cN3
z6jd&_`amqm=Q7SE7F%h^t+9VX)R??2J(_Cml3FrSfgj%5B$8Jg&mWhCEE`aY#SCp<
z0205VC$!_Am}7GD#~6s)Ez4l3P<mW9fV`cws}kk;mDCRLrsfTd8oeB^uaS~ir+QrF
z-LVT&E{awZlkJrbo&v=Nd4xo#E)kLYDrDf1LX{PadxWu?RLS4(O9%@Pz%1h@L`ZA)
z6a%tLSn%xf9O(h==6{h~tQy*LbM<+@SRo0_64OEFuA>>B5p;*&-cujR>i>7z`1V()
z$<{j{{kG~Ky*s^;=bSNo%}mmG<AI?_-w7Ng_f#wj%2&DHC#H<p%7}TRRF7iyUKgV<
zdAOkYHajJmW3Rv9wsjpd=3f`|E0RX89nZ;@7|x|^x(y47trR-epos@l7&<Fl_bVrt
zCcG9GC)9GrwpHBfd<pg>3Yw#OrGam0yZ-TDdhEJ!EUKV@>c{FSp#`dO0=4MU{wU{n
z+oZmdkGF{6@|Po(^Vtwz(;v${<j+fTViL&c`aa-<ta6D`CHA>-*a5bNUtI`pHU$s0
zK??64>gwL*#l)0>jmP4&PCeMT?B+oJ5!oN1B_^CvRhRn)eVJ7c{1b&9p8iG8nYObF
z6|ES`x*zGYI(=7GM&^IV%_@)iS>?(aUKV>>9&d_Y!eD1y)dqWG$yn)p_x5Vj{1#Em
z@Yz?<A7Je6zWRop`!j(xE=#~RkEP=E(vVPd;3))SR1|idKcRl>6=O_dr{X?*cvp6y
z+D4?NYoVOmr&2K^bE)MiQ)GL5w=elg1xS)dD<;0WQF(rQsCwwIW%M?W(@H}&Rh+0=
zg~^$ho<C14RPyz3uHkRiJn(cx`cYbI9$ji1yHlT9{L{91!`X+c#;|WPZZqgqy=f8g
zAln_wXjW~gpi{7@YkO`H$0Wcl<?Pu_N1XHgmlmy-<P=r)ynZ=?Ovac?P8rEX53ydP
z7ak9+$?mw>S68+B^l$(0&s=6w9UolA75VlBgC?g(%T<$jKx0yf3!A_lRg`RH%c2v;
z6_;_s&e$Wby}=uJ-fy@UwVnY=QQCNP1*Veu0vgn`YCQ%m_P64(>ZVAuRId344)C)t
z_L@`xKqNK}=oqnX0=ngOxK+%m&++k!!Z~F-1!nVPKiy7RUmVhq-gfW<*Sg~Q`Ld*a
zgG@{#c1K-xqw!U9g3+TB=5u;(Da9$xnl`wBR2(Y_*l4?7->S@iIUhmqwnsyOUpLdC
zwZemXZD~N)iv;ko_FayH3i9~?yPL(MneVIYVuf)%Cdu`;%X_3NfM?P#l&~s?KX_iu
zOGZ>d`<Jfcw-8(iZFx_s?PJv%Q&TH`9}&mb0@&TBBH2v&XA-MkOK`=^E4B81TB9W%
zs<KQS=Wn*X>}GNg6!lFXw72T`E)sE0F{ql6RM*<O5PY2h9=|p<pljOB7rl!mZL9+x
zd3aOh@v^oe9woQwCEo02X?eKikk1m=Q!=pCPgjV~ii-w+qXYInN1Pfdo?<IKYs=up
z-IwU?r+Xz0#A9p<dAH{O0|)GSSj4ZeoI8Ku0@gNj9R9PY|KC7!>NebOd35GKOgV70
zJTK<V?~Y7|<<x4|{`-IH>v7PNC!aE0L+e|LW7TNdbSmZAueJ^O)gM5mzl23O-%(_J
z-1hySwv6Iflc*94Y^XZ&=bEX^=?K6-tgJuK-Nk}iRkYy(wY(TXWgW-VOXRUxG|M;@
z<o<&xwX1%J9*3(f;`E`gZCBPB1o;0j557M=SiCBI9JXA=Ot8$Y2jl%&KX-8aS+8Ms
zGeD++wppNF${le6n^lQPXpiw-`t=G<!4v!;YWMHof1S~70+09S9w^~M7uH=>Q?|U1
zpta>x+oxY`P_(LqOKx*1jO}eFCHnR*h1?a~8eQ$)@+Xe%QnxC#_6sNWmm9T_J63{q
zMM%*1DQiSIg}C*tsd6%S74Nt;Nev{4;!amFc9u7lie^&<@t!Z17k15*w_1hK#i0s0
z@2Bce4?0V1k4VM-zM<GOASx=l4(^C#)L&0!G5OE1`l$VS+tlm`ZgpcEni=F<WeXZR
zS=?Y%@sf4vq-mgn8S(^(AMX+qwsOukxq4dXtMlC7&Lh!hs=RAKbA@i$hTGkHDvvcK
ztj32lJcB9km7W&d)j+r}iqXcDL)cp*o~$S<b5XMSL4-J3<G?mS*%UOsr^Q&Eo2EBK
z($;8HM(_zr101waN$XH$<`HQ5{n3uv=oeQi$lc7m(ACNta*uQc36FnK>sWgqr)%cR
z^Vp{LWyWrgqw(e#hNRD}Ucw#0jl0HqPW#Fgzk^r*k^G#D9<=FbDB1})hfN5GiVaZp
z%mXl>$M~d-qNw`UpPVtaYXg<Jzk3>fiZi~hGBE|Oqz)U<oh%s+%{EaxZ+h8cU~Yt*
zZa&B3LFuziQj8hPznW#kc^Xk13+fny2CNNm*p}_&#=|~~;da~7IWQtH8<AXlU5SyF
zZ$OT|)9$1+C5Y`}2t+)mqVtGh1;8M~7psq67^u^Mt}yqrL;A5Ep$3F*j`vgM%&2x!
zaIIb$Tq4j76S9bA@92azaNshEYmFxIVuo_whoB4M(pP!R{U$<jj$7P8YH6?rZ(=g+
z&~Gdvvs94MB__7ldA+1j$!Ed9g+r{o#h#8zTSf$gxUf#q_Zxe{-J`Im)|Dtr9&7d)
z{e7=%J8Gw|)_;5$!nkM<h(G+0S3<9rVqJ7hzHhM2Bjvjij+Y+hYStd8<Bq<`qhlXs
z9I2}CpiOO|f+(}sYenP@_BYKaQ+^QI@YK;sSJKn8z}IE6E!~~T&3_^-Z)=Rz*<BqM
zgqdb*Z^vKadBd0sEgA~l59dshY8B%*L=}IY=v5qrFjHi3WXa>5eeolV#QpKK9I{k@
z5BF!-T1W4gdnU#37D4fMZ>irR{G_$H&3V?&zvbbotavS^{Oi;kSB)zlFN?YRBG1^~
zMAH{=9RP_p7vwplJ+SKHsQJ;po<aUv7%#FU^EZ!DJ$z8A<<`XX{URaG>WZHOA2zxh
z)8}E_T1DYAfbFlQMYl^0m)P%qD$PVVZDc*oTli|+C`GEpG-M+xx&alpPg{>Qx!9VS
z+aD~hg@l_RT9)9<4SNP16!Jv<qhdN&liSI2T=0K;y#lu3r&;arJEF&nTAD<at2l71
zeR7I+3Y)uklQ4C;jn~?3e;4t&l#kG5BE>#yTff+6E%A3$hn6m9&wAw<9;)k)zj0eb
zh$mdo_a8j%8QbdWU;0+QK&^D51MEAHhFTD^Hz?e`mbr2F%Ihm>@~i7lQFk-8#FJp6
zOC_K^%QVtn#nwbLeRFw<0v(D4$;EMXov@F2Zf~`fn1NN_BR=-GX6_`uG5&p~j4a!^
zAAVX1R%0ycBX5_rbRPEja}i2QNrQ>X2F%3Mj^n=VAL~Vg=8+&qCm-nbcL}^Sfgfn?
zQBQPcoZGMw%l`4aS9(KvY5BZat4zO%Cb=X|_>`EgB$vRYD-IG^6Qom3sL#8zlCfgQ
zoTlTfmSsL#k@PGy#xenMyE1~y$x4^!&GY@ep7D32Nyk@m-q!CL{nswxw>^Dz=1e6$
zak6m#VOx8}dzUNs&%BQEnHVI~N<sTmZNj8vt;-Yq5_?^3CF->uA@~H+yl25aUdVNa
z_jP~w5xem{k1}RIFY_LAhbF{$p|2JH^Zdl`#%GvOG#9J|vwTvF#q8Dp<2Obg4}@lv
z85JYAj=!<JzpK$!iI~y#?{>8J5j^jAVF9@fe)5D__e0j9&zHM!vk{NLOULqfWZX81
zXG+|6NPIIhYNnR~vTD`T?oQ};pDs@rz-PF9wL_9CH}2vf7i_IBcnB2Z)Kf?vx4=On
zQuD?xJ;lbgA%2rk|E-{jt?7Eo{CR1yWr@`d(cRe0i6-IT0g7WR!7~@xlFE9Rsc?Pt
zHzy{n<|z}`5iUwII*mW{7b_~x9BnC%(>6KU{x4%W^W<6Y7d)5iSm(c^t4PpV7JAv}
z4A$z`mb2pO?1SI&FDBkd<zITlb(LRHZ`yeK2J;W*&5C3Ge?lSaq3h@WF9*M4Un?u%
z?g{+<8r!&0tdQ!jLDT<Y?!BX$+S-0mD=G?BMEX`l6a-YHH&Fov=_J&Efb?D?T}5z<
z0ya8GZwVx{P!dQ41e6w92oOR<q=jBWfKcv&y>Y+qx#N82z2CWK+`Il@jFl|1=A3KI
zIiLCb%FGwsLv41xDU<paPlr4IEf0`A`Zn-u|HBXLx`T)q0K)krPX2XboNR9-9Re+I
z`)+5By=G@aE*+=l2~^Ms^RB*I3L-($`KJTO><$9slk-xd%g6gk8d4CB?(WcbkEL4Z
z4lCsr4Jx8cn*RB3Gp(EB*yf!5;$H~0P=e3&ow0?#stnZiy_3x-VE=Jj#YxJg>x!HR
zOozaeomkqBJaD@<Oe3JZr=5Z5v6O?59s-z8K{jTCIh-YP5bBGbc|<m#yHXjdB*6Cp
z@$_bXg6WI7gA9oPazL=+D}ep$;M4n7fnhL`bXO|n8W1j*%)|yIPTT1_$H&TIQ;s6`
zieN8XcpNFIG%JJ<Qe^=ZyXjFDVBFV0AW`B9+lYaQtQx93i0&CFECQM|tH@fP$FzC1
zj!U;CIK{QmZPgE33`@E$GHz}sTgNp;we(pevh>usT%uq`J~<}$i~5|Pj17#pdocLD
zoz!-qQ;3>KRdKFfm}Zcu{$KVdId0#&X1K|LV;2P|H<w%)?dpMoB{iZwGlsrB8X*yf
zv;^#^V>50~4q549%7g!)$!k~8<vXtaLT8Lmj>Qbj#bqTDSDaKI+TngvD56l{FhiQ#
z<u)Z@gU<w&ABP2O^e*LZ8pgmMfnep&J4g>*$}C*9VM7~s^|Gb6OU!CqlGd&m-vT8`
z0x969rveG2cU1Ibgb1?`dIv)2F(UB_5e-ZyB_#Xq<@q9J>Wc2htYH4i1~e8vaLZO+
zkuEpASGp|+Yn3rTkLC+(ZFB?=tr_9-K3Yxw`aT)rVCR5WYfg{=s97~UY;yQk(hMGe
z(rcxzk(p?b-pA}ya)vkMMvr|R(x<IxB|h$*>z(pm3dY9y4dPRBgsF8A1yUdg(Reft
z9ae^h_6%>acX!v5yi(<UKSvbUm#gnB;-G<Recreeh!GfbPE6l8!-PxHO$Sxjhn79@
zx!E8%rjRTIF0kv!Xd~P*trR`#V$+k?V0-a>kLj#NrrmYOOpG4fvDCc3$Bil7h?tHJ
z$}009hZ{_=VZOPc<gT&Tta)AaRpw&u6c@YFUE5(DkS#10@m4ve+=)E4vHwHigdQ4G
zdyXqSg)A^Jh6nph9t7DHc%?UMtiT6+@7ZHcTnDThY@l56y2o}_!MjJ4D!dN<^Nn-c
z8)QMmQ@Cs9x#-CQY))U&ZaD;?U=^g<!?`edtnT-5ml*w#h(a@=z){eRNP3Kk^tEI<
z2RZAYy6vvTOG=Q5(7wI-k38672<o4q2T$L9&;mBAq9NMI0HWsvn5f`gwF}({@)d^o
zETP;FoW*pVu?vRbg@=+h29lKHp2wL_nC`|DK;iBL0Kp-M;>JYYAfJv>vvK|mq*&`b
zip*5>Gt@z^cQUU+aM*d$?0TK(!KDdP1oM(5yj*X@NP?3hWa<_}QinT49~mzVsNyY-
zF$!h6jp(9sdXd`>Go;j3T_ng%<rTn^tv1Sy=9~pMGQcB99z}@nr_UtNQnBS9RpnP4
zJ0ep_!MLBsAn;!k7;gLsr|x(hMC#d?QH2UD$5l?>e}RXhnMTZgW7|^$?+*xshW*{J
z`_jl|C8RG_EGbS+`LM3MuCxGLmmJIt)w5azYliaVJ*{H$j`6o};m@~^d%m{ZyQ*SK
zZpds6-joI#kC={j1vvi-L?j_1`Gsj6ERk{-S_eb&fu#O~<h=C6cBC+>bo>aF*Oy)~
z_AGX=SIVy9S=7uHo(W7pvLBo|({_&HmE$`$iAIvryd>)J7}tGxdB|udn+x%|-MZ@m
zeP`nHSIcipdRc6u{cLg)I7oZ2*)x8^aMAF%wkIl4UsfH&FO2#gZiR_+8uaOAd&A_m
zSG#@E2(9#ab(qCXt<YQ*+2bcd_n@JD0G_Nbv`6X#9;2nx=$=Xk`0szz4ZsP2T>l#*
z>3@3Cxl<<b>AvE6{9ms}ngVU2bN3|Ke=*z;Ae;WfMa|3mwsTdo|1QPv?-C#Wtr!44
z_}@Pn0j6{R!fH9hQ~Bg8_M@)bAk)5E+GoLpBTLeU56=;+MS_cE#)4i0G(cy<0gR#J
zU1|+W4!<9fYN)9bxCO@bBo`(U6LF`ZQA@4hLPGP%-{st=lV-wU-v8M0PuqW6(z(zw
z*T8LDrLFjbA|2zR0=(QAR=D`+<H@cC-4z=FT#tl(G->Z*Us<SS#m%a>_P#>^1(2Ki
zG+$a+B9~9x{QY<YOM1f$O=BIwnr3I`G+rHUAmYJw+tPCfUaTI{bdNDsPGc)uQ;&Oq
zYVKW|q{jUrUsT&?-#-D61OK#;f;S5f4uMJWqsO2}80`gJ#cWq6ed@iK>m;^QQZqnO
zolD0^UXYVfT8&=O1{bmi=FDNTl=EOv;iDkCp|ji5`gnejADaPhTM{4E?ftk-FNa=G
zB>2kg2fe1$+!(lRzUz~_#{*is3P4+s2Qy0XdUN1kl^Xhj6YvzU3jW$=)Zw}J7J?h5
z@k(Nwtdg*yTT|$H-vm|0oM%m30^1W`%GlhmEo1fg?N;=*5tGMWn{o#fG9#&!G87NH
zaPJeghj-bd%RnNf5>LkESrYt;&!dIn!Z^#Hc+Vf)i1p*Fd1BPD1&|q?Y#k<Jtyugz
z3anR7?T|O+0vx6`E+&G`8jB4o8Yp&xItB?%Vp5sGgiMnhAbH><-1t+y)r?wqmP_dE
z&@lXatH*7x2bWL1G1Jz7+r4{LMLIZLQ`W7nIgNWXH4_wtJxPz5pd~(bX{zS(aphWa
zjbFRS#kB5n)_*o^I{r#JQR4;FYWUBWwhE&M(^vpn;IC8P741Y$L~T32{+x6z#yifR
z4ES64)P*UU+R*uuGlSG(U5Xe-?`B&bcV^s=nf|j^HDRRZFsagdsM7r4X8AE3{)EOa
z?8%{VweI~%-5OAlqLBS#=J9k&P2BKW;uP-b*!7C7-dx*<D{fzT)W&3?j^Bc8LsrO9
zhg$a9GWpM_$F1<OuaG|;_jh~&y{}|GZ2<yRh)+;OZt6_AFe1yXF2@y`;Jz{$*ArSq
zeR(q6B5#n?4m^J&=1j&f@2;*K4u)5Tw?4A(dx2@iPLUN|9^AU@sffgJ@CpPeNSoC3
zz@z<25Q*QIJ}Sclv{g?m<7E&|>lj<NcqX)a2}b=9qiDZxp;d!_UwLC4G$Y{QU=Y*X
zd-AKG_O7p{gSxFAR%mIpQzUrw+K{1fKlE#V$xt<B*zcUMIq$68spOAJIk>1Fke2k2
z*Hvfgd2kMLQ>_beZ&%pBD|3QJr~O$joHr0`6ujE$R({-nZ#t4TE)%L|4t^H``To}N
z{n%<mqWdD7z)I88e)aRF&wmo-$IR?);l3{#Y^*Pl>uB21BR0AHM15S>SRfP{9oq*>
zU-q)+lLHx^JqDk?psV;`hvzEb|JC3+MRWA$8M<g6HGiZHbkP<UH><D$GL%YOQpmCP
z-Mf7U*2K_{U{^VX5RpY_NsAiT((U$}UbGTMni1U<D~l}O!>=9_Humiu&9A0rKQHfU
zhR)bkg!F)|Vw#dB&x_=BbVg;#HT^Jp{=+OzXyx(k+e<OGCGgiQk+mT5FD!3anB{sb
z%VS@`<z!^F=iK)Xv@Mxj5-B{0&-n*u@Id+Fw^#e2->VHvor$sUsRE>iG?o%GmCppb
zG#RIDUNutmP1El&{@ZOzGe*WMb4_4GzqZs+@{}z=vfe$OeN+<$1W_Y;g+2GzL|0mG
zKgqeh&@VrtOsmp3u6Bq`3n7O+eVn{%;QKbcG7$RWjRo|gUWcZ|DfueV&M`L-QZCfv
z{h)s^V@x=s?nd+Hkwb;iJw9v}O2wU9(`$!jl%X#cZnm6Dz5RZnFzPT-APu)o*C572
z>lL8%&o5_u(3P6PCDV)_O<|mV9`kQUBr6vob7Z4jHvwn*`(gB0TiG1kLhz_^XmMWM
z3YvEk3e)U+ELHHCYJO(J1?V8*`uU7Ae1$~8!V_D;vu0PTyl!^K6GJ@^W>PN`YH#iJ
z4#A9FaYTB0dM$pxpe%_ejmNsh*OG$?<WT;>Vfn)#W%q%)%b#OoTiZ#O>Yp5D)8Z-D
z_y%O^?hX_kK4#dt8%*Cx-(5Q8-ugRt`s~22Dp1R&kbCL3%i%t0-@QC3Pyn49|KSN>
z`?wJp&Lii$ld#=6%5r%X{CBgr`r1Q#>097)d$&ElJaF>=Y_fjtyU=2>rT2zithd~S
z6sTb`FYBxGinVs}edVtY8n-=vJqV(~EodSRnmmk;+N_gBGQLgPJbpQ(p5nb%{?5`-
zWCtP`xNP#3(ndNOI)`Xak;9bNzhbrD#wtyPmWmQVai0tEfz@hAf^#<(w|d-X?TuEU
z=*dA`2+ntQFrRPZ$B}gsZqt;K$mnZNk1nH6i%sAlOGNYow+TurLuzw8z%Fko*EBV4
zR8DfIDRvHfjymBoxLeSaspyaX3b#~NZs{~_#UZ3({q{o&7Z~xObVI#2{UD42F5ITo
zPnv8tb@wE4=j-QcQM<C=9M9toTGpiutoA*>Cp+HQzfP26<X2kv86XF;OTCHO7J7X>
zdTUX?+1(~NY{Q_M*l3=D$z!++y2bV%8|k#;ch3G?sBD)WIk97GAsaZ)9ptjI-L(pj
zpw)71=da@>Cn`=7CtK(c<cCYR+UFI^Q+(v??Wz@ppyp~AkF2*l<hUf=p+1vN39*on
zkO)>YZek_QY*A42otEgVj~3Uwe@KXI_ClADZc-ry(|EI{-)jPq?g-xg2np}mD=q_N
zJ2ahyQD#u0ALfyJSnT?*kJ@ImZo$;R0^!+|!Z~xo!|j0n8Z_dkZ_v`%&Gop#ZMBer
zIm2>UNE&W!%b84Oq#X~RUWrsZ8JwlS$K4_Ler0<dx$T*%J87*}9=V;}j%P&_XvM*n
z8^8I>D4on7#tji)@!6G+%l`8`5_(w$KfNk!76Lisr;hcG*{5d8c(sl9jph&nORdcO
zgO(tbhqYWKf5>=Gyi=5Md%MN>!8<@t^5fhT;|dBeB)e})MEEQSzmlbO7~&M}@{wlh
zW-?RHhUAD$jZgM+Q`ANWR~}=xj?x`0f}&{Rinw&Ysfr1^vtA*)3i+Lv!UU;V2j8Ky
zLG;Ud!B!%$cjuKdMlnGF8ISbAB<4cT?pZ0FLf+JJT~1?%0bx+OkU~kFs)=-e*l>F-
zGKSivrPrA&H~FPjdwD^PQ8tIS=m8OFomKCj=df;A=Fe`?NL25K395XG$){QSsaGnd
zBa&N{O0X5Fx-u0(o`vS^G-}QE5dmI&ad6|J;7Z<DWh4%-_%Dqlc?=oh_Vhv06^(9Z
zHUbX_3-aGt(1{VBA$;>In$^&@BL^COj#)2UjfsuY0|iFp4C!zOhJ8$A@pCQ`-$07G
zw?NjnaqDrW_?~UXJQD%C5kza7sGED{dpUNJQc;~Bl=6m96L9KG|IA4~#k|dc75llN
z8vku;u5&>dCpSI&B2!Z`x=2jQ`bE`dlvLDh@h|?{C)d~B&N)78rzv#`vM^9hJX8EU
zB?<ja0imOtEV93d6}#p|yWOq^sDYyk^cfKZ9|RlqH^Xh$7E0@U&UQ=mK?VQ(m~=eE
z?8^vOkBT9AGYdi9_R`#X#o{l;Uro(waYb8fKm9%_>pZ4C7lUw=^|mhwUZBGLM`H|^
zshSoyFl!~Vv=-dzt3iVHaIrpPb@iFz1~SNho02oxi`=kS|5=11(&s9{+lGO8SGGy!
zn`@z)2%+mitv|e0ajqTkStB|XCZ5GBmEcv>!o}PB=QsbIGVdH|w1GdWVTPWVwRtu$
zkoyR=9eMHL)-~Ni7R-!ZA&j5Q)V{+@mBQw0CQ0Vs0=*CWn8M;Sy*xz@SrO^wK+jX%
zoEo>KEx3MWqZgZned@C;s3LOCJsfdUI7moUyYw=Gx+Rk5$h>k>(?V*h|7JJB40~^Y
z&bMA{v9-Q^BI-TQA7L)8vOQ@ZNMrW25P(Eu9-xWr#b!m8;&SD-7arCaFknsrqe@_>
zTBruW{c7J8`IVpBTf|vz4ULe3?LNU7qhOmNdH1*H)uQ%BU*Lsjse@aw@PJMmXvf4l
z&dcUM;))3*`3g#d^nY?mY@+pIV!;~u?_d>;Vz7=zhfql04M&fJoJYKlD=$AnE=+GM
zP#kHoZW@!`XvKgZX^brzWv*-JAeKCURZ$Y3u>|Q$SJ{|0*kGtF3qb~Dn?ER<a9)mp
zNYUwO+=jPcibpN`a@g^9om_23c{@97dxkz`u`Mc{+t^f2KA1>jebut|k4DC1?9V!3
zsYXK10(B;i0Ii0nd3F!JT7I|2O)&&kshZtqZ4#|8XKzo%F$gIWl1aQ>I#QzNwS4p6
z3EtFJDz(wzz@}}F51*EOI+5m@s%RGXs`kUmq!M`R<Iw!D&V@7CiZenyvJ>u6bD0^G
zAn1IYcetC|00-Lf8=aG{JBYXZl|%_CRQs<t0<eSg=V2vbJEAy93O}xb)&xvHO4vv!
z6Y{4^T12~Zm1Z=OL^*T##41fgMI%mlqjFWZS3|bVrJT1A*k$(e;b*?`3<Z{yMJ~FJ
z6E^??Myjwy@G?R~LyV>9?xk&{g)*%4a>#mE?Du~i0Ia#q_a}%}{W{|_-KWdroc+m<
zChJ|PdR9o#VKq+7;DRNO^dCMY#~GBKrRcXr==th1#<<Z`z<H{8YyOqeAvuYRrq3(W
z+r4celQ{eKs9c}5kfg3(#fksp%=lR$AP1IOSJX7=6REnP6ap7ZfhHRF!DpsIvO!KE
zxk{?$__wsku~-*c_sR@uQ*W$TNy)i<%Wu_&`ZG4ML>noZk`@rW(yPn!TY*+~Vwi1!
zKqFer34Ktc<!e_J37!ZVSnn>eBv1)(a<z~AzdmdIt+V#*l=a>UGth?_@Z3jj#ZG|D
zF|Z*%xLtwUbP4JCvLOG@$jBiC#1YP4mfl!w+>KV+TD{42mWte>BA46Tg7qyJ1H{1#
zhUp`I&c7ett(S)OP(Wg9Z||P!vbo-mU^v?w7#MsKmzVwg&pg?-XWRk&-<{gWJJ9>z
z$GH=Gh&S-TxwqA1rrH1hq%JaJh6&)dH%)B#__2iEF+h@+=4ZNbKuecq;s^ajPT=$N
zDsR<5X&Zs~$|O+Ovw^AGH4(0Se%erE&rA1I8T!<yeC`j3tFP%^b=~hr<t+*+I%J=D
z{W9r%lu=G66lt)YyUG2x$nlvz0PPwl60FlhpywU?K6EOc8-V#)n-jm<X);RBW+!Ms
zIzEL2wJ_!1yA5v?8#_fF!sbRJ7D=-O`Wf5z3zz5If3}+|2ZRrfpQ~<R9@vyQ-3;I+
zyGMs_6q@wK{9yP)iPEy3&1b1_JzMw~Sz1F9Z6eudSoFjITUOwCTo4OL_0(Qum~%?k
z;a!c9HfW<_1fb?JBQ9Iy(8hwAG1vfnuTvUJbfAVcP2E87oY>@S>~w%*oJ$~Rdu&QC
zIzECd<@ZZQ&?hpXH?MNz;$G$Na7pjDCdFNKRWuJNRm}5#kF+<w@yKK`4?H`Yjrp81
z(aTZ(M|wYT&fBuL!4}&PV=8^jg|IH*0qMr8J=oMZ*Y<3h@#z{mcvmFpNzkyttkyla
z57N&~QS9jg8cROq@sRFzP<itBlcDji6$a2uaxas8sl->Nzu_Wa3ew~bddfB|WHbBG
zwqNIQ>n%!R1E}l}$VgKDLe1Cfl{))#SxsdmOiVhue&nL2q#Bqkl-;R0huNKaBMbAk
zyhebve6y>P&QzP+qdi$5uq;TCJdSh@Yw2C{XmAVEBK9pja~=hqb!Gz#-FZ+}5WysP
zP!3GEK8bxfOC3onDA*?sxfx@($vwyzhvj!Y*Hb-g2o{JL5jtXFxJY<l7;7o;ILgZt
z!Wwm9f<jCauD9WuSUvN1J3cG->=`BisfTNwAsONHd_&Jy4ih1fKOviycdM2;CK|6X
z2hY>3pHvkWyDye18$=;i2IUseAIcfn9f_*=qk|9~;NJ57<OJ6Hb5#9;r+#Ly(SHOF
zpe++jMSbVY(C{zo?4QNwkbZVzTp9hA@#{ZMv5m{*{yZ)g8(RQmv}@(~qToBksNEyV
z{2$3>hI9Ol0Ut)3<fG&D&DTiTCV(^34#;>+s+<4`>LN7=7WPaZk5fgny>*WMm{|DM
zlYC#bl0Llt^DVRqJlZb=ze0q*psNROHahD_+%I)(b>4n$;&AU8sTxp24oYhrlS2aO
zqa;D@77s1(E(=1u&xHTHkcXg~*iLEET-f%Oi`oD)@~;wdJN<<S_S#ziV`;Qc?Kk}f
zxaxmD&zV_oS&z5tE4F@>`d5bdP5`wtbN57=_KOAiS5bh!&sJ3bd2#-8Eb_mCETvf$
zyGThN*Gnz-I{Ut(s7uu_z+5g{NW?|Ht^YcqU1G^PE(sMCX43Y(%B|ZqO3AgMSO(_f
zjGQu9e!qoZ_S_tg`?*fpo+1qH@0}gxG?dk9fii4bP;EE02diHTH|BdIQd+E+xR=bC
zruOdh?5u|HPVAF{d6*>W(lwB8V_S7M#&$?FdXB5WqoAi9u#!`XK5Kl+tVRZ<O1&cS
zRus?oSRx&8CogkwcKZho)4Jj^=<*nqlPy#dIQj<u;u@i{ctj6mqRgh*>mO?&75}1{
z%hX2Pv3O1NCM47p5S$v=sL<JXi7BC@QS9K=Uq*Z`S9#2Ws0a}Hazcj;WqE(E_Q!!a
zqT_4((HQvKQoQptcN+(nU%9FeRZi${A{W4)(k*j&8uPB%(5)*6z{+xj6wb`FyLA{?
zWP{)`L`_3yT^$rirbIo{tn%@|T%KN-lLh?RLS*7rsfnSDzD$=hUup&_sS$2NlPrHz
zudA*FnG$Zunk2UAy8NZ6!83l0tO=D;0DI&_yP%5m10PrrTb{E%vYVN+=z=aLqf|mI
zltQPdCX9!qoJ^g5GL#UxmGr62>$YPta$hpHephvf!&tw$3ng0}bU9~g;X&T-uE%Uh
z3O5uzdMg!T9dTIXTJf8R(1bPu;`kSs+zXvcc`$XV2(5QjGs$49+J&!Rl0*5v@XSz}
zW9cRkgOYDDX_pqO>3t_RaNfv!WMWomvXtuRHC>{7&>$HaR3TONx_de7+OZ&;S)cV^
z3#a`Trafy`H6}|M<d$OsuvzWFg=M!ii<R?Oa;ASB=zJs^$ZgDfC{Z!~5nQKgs(tZ5
z!>xh62>H%MrxDkKrlNU8%(+0+iCN~#RxfoHMs7r?rMDXD9qzuzIRFyE!UjQMAUx`#
zNti3H_LZY5g4S6+6dd?+%j=h(xM60r>xFc7!z(^FR)42;en`JG3~B*cD!u>$4`@(!
z?W&3!;F09cW=N7vtSCW0a}ux!EA=2VN%g+xV!y^s&zsUAD|T^*c#ObOlBY7;rcK5|
z;clW`?7mmL*FkFRk7?L}>W7Gk_IbkJ+Eai^@YR=F2<h*%afwUz?IQUgIM37BEq_i5
zf&z7<{NPs~Xok-`Wd8%AqjyCh$I0Dc)+4WOcB{^zeGKRq@+vm2TqFt0ooF9c)Yu%x
zt9t5_u_iLQyhwwFD`0&APaQ-Y$Iyr|IOYQd;fYy_^G+yr%0g|t!%7wYL6^cGdjp5y
z^IaY<w>6)`c5QdhT6b`#to?wZ%fQCZ)1_oBbHl<#f;asy(*^)Ndi{2uSrF0YW#F$C
zV{x?cdcf6N;T(IvCB3lc=LUR|_L%$C&3_r62LHq4*uP!&zsQuqcGG;jw@*{}Jw%@b
zl#qKx`p05!w@Ck1zW>e%H{g5>%o$%tA}BR_H0<QJ9;Z>Vt<qA(`e?6oqKk)FCEfM~
zcy^_w$~hs<A6ecW?NlcumFw5$Y>0C_F!#G$g3tK@M8x8$)-gGKYsDnyOHug%(s3jG
zYf8<=EiLAtS-qdN7sn=hg{$f-^7jBGK=S_Akz5w_NA&<KTl{R-pO&0CFFyxd)C;hI
z+x|Rz+imO65(l)qTBLLCg(ODHmn{;W{JQK&%TjA+-I_Zot*y+~z<kvF$l(@{QCqh>
z<HU^karkQBC}9OudK<2)-kNMPv@^Da%np|-QmK3URP57vV8Una0t9Yj)_u<~x7}ZU
z%F}uhcH~%%`7PboUjax(OvKc=KCCcN$~GZf<iY9+fSSZ`h_P907e2TEo?C&RK1dK|
zixs&|61_cjy*m?LG7=G65c)!Y39UX`I``7g7Kk5jpOB3#MW#*+rLJbZPGB>{K!wK2
zk5$NhCWP!&J*^NWTfGxh07S%a`g;H?xMCB=st3f8!jh>C5wxQwFI*{SI4f(xEhjwK
zBqC|dbw%iuuGyEL#iveiJ;ofG-nGT}ZeKcMFCyOb`DqO~#6Y80dAQ2xCi|ncapD<B
zK)xZdXuVn9iE?7^u3D^s0H)k=^URX2xW+x_I2Y>|6Oa4DZDl7(fd5D9dZvwV=8K2|
zGqVfjPinyEo2YPy$9yDeQ@P1wZ0U3{mk%59gO9tOJ6W4mm;AuOZ!~Fd5c~2y9W)Gt
z=W3`&9-4uY)8!)RVf?M^8og2qjXmwM0<CH~4^jF)GQ!BWiU%QaA*E*Q&&pfwv_wJA
z5noEZ%8e#I(CDpwSZ}x$1~J-uy>^oQb;3%lplzpf(QlQ1!LrL9O^KsfTf6L@-q<2s
zAQ4EJ{$#NE%!9GKx6EkPvKMJB)NIW86Z%$Tr%GMSGUL8VEMPA-PoFCinELVcjJI4u
zyo`o$rnO1`Gx35AlFrXY?NSBJe{Og0pI~i(2!yMVLpK3Gj?006U6GrUk#R{0pxC-o
z9RMu4Nk>|=_l!f|gBQP7Y|r#{Yk@6ncAGnyy2}&HEvd`@2gUw!?YCVQaM6DnSN*>e
zJpnoRG{SnM`Ok4r)6FlM>x0IrG>yGCql`OdmwUT={vT7ofVas}BDc&So1>e%o9gn}
zI=0DS%@vodwi)38P@u$~<fk~T$oN)K+d^WaS;kETYeI0*Rr%t-c|Ldc%VjjfOY)si
z4&7IzKv4x<c{d(Y<%Y@>veF@B$Eq1~ghRLFdRU`>v;-qX&Y&T<ig0Vi0uZydZ8ff}
zwCojs-_<8-WS7T)b|&kqw}Pv1$}J(}EqGaDVbMaY1I88YTxQ_&%7t{QK-@REu^(TB
zdfyD!(TgTguT^|@gEn1jD?oTsZ014&z@s39*R2gde1e=P4T5dH@%s+ka%xIrgteP7
z3DLi}CM&<gEEfKRwMyxO-F5=I0qGeJ0+7N&e*W2u1a{3iNp@E)DruG=fIUZH@6<1|
zB{{>Zg+TA)5e}9=KIyM);aL-TxI80w@~6E6)*`SQ<F}>H=(!k_Jb}ryn`pk?Q5(-8
z_F%7l`_#rK>f!PcVi5@;u06|B>Jm=}R6*A{k<}@5+S}2&D>uv$`w?7q$Irb<Qb3U0
zpQLx~NMIkZWd_E*48n1|G{C<C8QTcqnuGNVjPPl{qojQ^@U}X5pNjFqN3Lz5JgX9C
zsbKGhT^{*P)t}{X`#c3PN+$;{><E-;Eascca=|?#5pCowO{_4E{{tXRlM3%ORlkz8
z8yt0lEIWn@01gxH46FOnNTRE7F{0h{<Zo2qnXm8t;TRraSXo(*X6AXrJWs@2gjmLE
zcz)s;WY<;9kWV+t<4JZS=^5PVQTaV()7KKN4XI?bW<=AcWXou_w}uilCa=qU_p6pJ
zn7Z^XOqp;nC}+!L8aQR8E=V~QDdft*3?zMA+_io`xvNKasEWM%OtL5w0>Ppcgp-3=
z_!OEk&YOEC#FS(ntRZ@3&hz=YnI|?v7VQ?*hgB-*T%_^{t#?UzPsNp52mJk0UpfJg
zf)2;SeC9kbV&fVe*hj@=W=XT%xCV4{CRIW)_+@%GpO8<>eCpN7^AX-t8zICR3sKL#
zPWG(aqX$@HiRc4l#ZbhR(p(SWa?D&~p?l_gl|!V~{%LmY1FqLAt5CKGu$Ow1Llqak
zurMW%UI=2XDIBGr=&YRn(d>@{gRI-2!b2-8h5FkA=lRTxS^QV%$Th#e3wg)%V)b3Q
zV(TcEt{hEU69p9;m`-+zRQElp<Qd}k^UhwkA~nE)_4fvDmsga@aU4_bh+Qe%emxt4
ztrdG17r1@RWu2_g8B*n@6Drxh^%_Q@ztME)%MD_L_E!*r#d|+j=wZQ}h!TxW`M>X&
zR(Q%h-MvQv;eq88&f|;#pXyi7_C|r*VHv=lKa?W`&HaWmzex2|MA`vIKQw1+L8`f1
zl#GdRF9&8YIX?!G!(5*7QPD0$QJLWeXz09MZf_?jT31Q7MjE8dn7hs@7tKBDY(^DX
zwNUuHlG79z*e9UJ{fv*Y#E+mFNrZW(x3@shJPu&Y0r<w7a1euN@0T$tx3EGDkhr0!
za}WvakK}XEr@ocwJ^50=1Y`A@cfIo-Y{M@b%TW2tJQ%3TvvSp^VK0h30v_oDOirLr
z!(go^jH!n58L;;;%A>s*5vml-kBKND(Df36nUjPKBkzy0etEUf+=jpy!)&W=rri4E
z213^pi(`PqFvkIA+B6Lz6dDVrHt1CWeRAdf1NP^3juTHzgTOi0KE87NLSP#(qQ^3F
zwkik%(g25%tY-pvFC-3$S8v7VSj4eb!VG2yxF{8XW4l4lFD_+`nI(`A*X=K5pIe8z
zobU|e+*H*;Fv942l`KCz_e&%xG~lyo;pa_D)SPdTG7W<#uBvF<9u3zp2;347!k{13
zXrL?I_NHtXV2OX2{{$EqQx3D7ZZM3&%zp#1J5)=y@g#E80Sa;<gIV;2M^LF9hX?gA
z<r<KpUj7ZW-K}gCF^%W+6Pl4F0o8YkD;bg<AAA;HH?<~)lgf_)OOE2ofiT@2cY_8(
ze<!Hs11ZL}Vk!x)xqhRd;46>7Tu?Wf#rC8x-|$-MV1z7#!|n}lf4o6lDf%i#6_)os
zBj3wsmVKjO>G@Ewu(;^nShb_rk-q5-Y+zFdgUdOy`&FTP<#hXX+Q6O!n7_w`FR1sx
zxPx$X>8q~Y=sw~hh>928j7arS%+<il5d%NNHIS@#u{wVEoJ$Q$J|n-bp=oa*20f@p
z6~UW<n~R@oIiK2P$0Ao>U!nLR#|kuUy|woi4E8&>zSvisF<7Y+)O3VAzqWGDkbKT}
zl>II32@y(ofQ5bcJ#1KG6ane+C8)V>zs@o{;++I<<KRvh3XxKQl|lF=XK!_YKQ#F7
zxcgVO^E8>cy?K!b03&SrJ~k-tE+~h+Pv<in7hAr!9HcnPZ8D6KAm}|jiEX>ek!^}}
zMU!wDVkZbSN)Y5%>MQTLljrR>sfW>{UoL5;g7YPC;`qm1M>S2^y|4c+wA@ai&rxoG
zMyHrCt_L-cNr=9T1>=j_ZjlxWDh~}~B#gQxRP^1h`dShP@*hT)kYb|rJgFwcl*dUP
zkX6uOMu@pBHq5NAT({e9^(G9>>fREGIdNi{m+S4wC}MlZG^8E7btT^Gt$??>H-|l2
z&;qN1yLQ6d7560AmB`L`xhDI?E*FGKN{jd0CNvNFk<2vKfl9@C+*86mmdNuD=)&(Y
z1_yS{$&R>JPn#n=hyp&09Pmp$5fosrFKlg+q@dOJ5U~Y~NnDA3Q|1BftFm|>fyCYu
z55A$k8CAykN_GNvo%@LLz$E}S|BYfM84);U>|S73#!@Hz<7w$|7Y|4%2@O8k?^rDP
z1Y^oA?~)1F|2vW*O3yy1#|Fu|KcMzxzlo4tZ_MnRFE8KRg0MllOp8kc_uz%Jwtrh}
z{Z`BYqsM=tkNYo_bGz|ok#!U6PFT4!2CejDs-65R#{AA@4rogM;a2<(KGR8eb}!!f
z^Y0MBzu^V{os+jaq`t9hywOfW=W)sS*%*MwTsoz-lf&Qto_<M!T%#AZ9S#V>R(DJW
z*}WnPthcqa{+w#g1{@1rYbj4zY49so6+_?&PP4(NU%`7%Knv8AwFuh^8~@aCL*&tp
zwVxG**=T2_kp9w7YPzhb={n1`<up5}9+J^toiVjsrSba6tBJ3HOK&88)$ZhlcZ_Yx
zG4X{LA)8j^v4eXE*_Ufm-|B@eRK(qabs}S6CA;>5S6Z1{Zp)gyJ_8=m@p%5HIaIW#
zC~^GL{M<|U&}*!=mJZ9Og{?}c<7ej-ZB^7eq`!#_1?d)A+{1_qre`!AgN2=_n2~Qg
z9zA+jqI8a7cg=E3d}`~DCnU~UlI99`N$<k=spOz2FS<)7E+y7bRs}&Q8b33X>piN!
z9B;cgekRZjfiKfELMh;7vgmveO5xd|+=(qRy+5S;eKYK>qa4Y$ybYbY_Z05~Zv2E>
zEGLBQRUf=g&_JQ^5EGeeu2?`hTq<#2Si-XP7LXfWo)Wk{)p)~u9~zz&a@R+$ZTdV{
zp!u}W%9+<;=%-_+_%d3%u50$FldwO2j@^q+G=_1VnzoKl;47)cW(rGma*tQBx5lnW
z6NrZxr89D>x%HWeM3AS2KPlTZLgE+pbp$D*nBgoD<L5=jZkBJxIRs_;bd|UBWf&`*
zXPP2;MOQP1DN&mN#^sgS%38%gM{PG*lpn<04zXh=3JjLZwb@l?Vaft>t!6pvrXIWs
zHMzucd!`hrL=uq<U=7~<S~|8KD^ER;|91T5msx&Xp?2Gc4a!#Y!>)o{-?5tC%MT+p
z9&^AcvL(n@toS*|+LHYRWs!Vj1>Laa?h-N&eRD^BGYP4|&m{CT)8FC8(Mg)rRH#ml
zJntbM5$cB>YM<+z^NsV^OkfpV<gz6#+2cvL0{}v*iYH1$!L2?}c4v~280{8=6^4A_
zvIIBuR9knuAH<X>9sqgBceyI<`&I0`6}?~2b(7~IVNPp8hUNBlezz91pb{}@H~YxY
zD+*Fi&Ff4U*4sYgW#iEH`Cer(F}_M1TyuudIc|x(h67-vYXHv`j#ghzD*T$VWxn^I
z-!<LjSYo!XN`b*&x7b~sv3rROXU>fc7s7H?t7$k(yf3U?oN*BuAe+OE-^DYjO85*^
zm1?n{oXDOPKss#-aXo=#R<aD4Nxi;jAk}3~s=HF3ZQULoX-ObN${_aU$!FJ_<g0~d
zp^@-1e{azIN7RgJE7<CA%uQ*6ONx?7%leV@H}Eavk|8L(0yGu(fZf7q8n*6?iVg@h
zyCJS^iiwM-HyhsUXU@7JoObJQ(=qgy(wO_@cdsd6!5XXTb+*x51_9YHba{bP$T3SB
zLtsVTIeo*($-u!DUT03s1UPr;sheE-G%xk#KeLHbO1kwklz2H?Q)aZtBc<pZx|?v1
zbKKh<#;{ebM`Y(->j?g7ZQ*AV^3vjzFVA`6ga9x+tcX%1xV02~Tg5GOpHN=$04Ap=
z>;|7YAf3t>u4U!`n-)qt_98k=Ay6vBI@Y1@z|xj?<W%BTumzns`LoyHPSwb&`X3~k
zMRZu=3<lNu-6z2=%BE?+vk7uOd1SLo0_#-&)@Q>O4DbSPq6TSEel?LpL0o?%$Qh4>
z-tclJT)u@7Jb_Ue1X2a-p4Jhl_dllu9W&}SNms>iz_{|Mv5zs0q(phejQ<8t9{Wf;
zudbc=i%Y&(6yt846?W`^!%i*jHB?kob{OVAdH@<;8VF!<cf14aTQ9SizH?{u+_~gg
z`QHS+JxJql_zsgUxjAa{U+C|5j_)a-fq(grlY`#71^d5S2Liv5`?-2JM%H^?e5VXR
zK@I(a5kR0Q&DP=a$L=RPfBsu@+<!6q0bXk=UBmUp-NIX#D+Y5nrxGRuf@MZs9isc2
z;I=r9rM0prDYn&)<&-5S+_RNYO6tUB1wK<??)S1-T7cVll(2qG?-i@9|JUngzTTF4
z&7ocWwyAOC;W&>jS-=7bOWFm$c59KvV^i@Q`T&^_?RqnRF(wU`(^bx3&Yxz^?JPgg
z0v@<+7-m!HD1t$xln8mD$;n#?UAE{{z2QG8Zivkvs~k@;so%SLynZi_1#2=-AkROH
zON@qme_Z^~?xCFBAvRNF!dkwj57}--uA^XSfPa#Tu+MHcmJ8k7SSF-JG%?vqE>D1Y
z%0eiCtjRMZ!6cs{DVK7+>!*{&qL9Q^ua@APSe838UfcOW;ImouHd*h5y^!w9wb5^N
z!dxe+nlG3tEIA&>tOr<_tUbPg>26K+QHi3$-}UDjtHdR4lB}yOL}C~&g~T(p<1KQb
z+NKa%cIk^hT0Rq_TXR8H1DK>0y2XcJXRg5P3sK0F=tFqRA5Zd4JAN(Wu0QR~oPOaq
zgew|;qCfXrCMey{4P?E1(SuUu0!mvkg#{(fR|y}Oxw!(f+FKrVemNdylkNvD=frRD
z?Y%K~Caz*w-X4XgIio(#oI&Vbwd4$6b^Un@mhNeM&Oj%o&-I{OS(*t|d6NF#QB-Ox
zmd{W)v$+N8_2<Z3QwV=y#i-9|i5(8|K?nFG)>gPU(SL8^-}mKv&P*Mg4;ec}#rs~X
z6y$BSyTL*hJd)m%Z5up5SzR%kJqknA%^pjFP_Cw0vU<cW^OtT_h<)r$vf=W-Pdb^j
zltKDZr@K{_x}XZ-J!C>D$2ZF}N?YaJeZ}!SdsRp_*iGJFF<tm8Y4vO+ZhV{*=%@P1
zq`g$%&b4Z<|Ap}SpC<PH=VFroRmzW(lk*?h<&LQW5JpSW{ttH6#?vniO(nz>@f+Q(
zZ9sS!n?~pda>js_H6SSWr<{XXNL(yI^s7braN|x^%mQNkS4)LmU$=DkQBjMtIjK{<
zYddxVDaU(JbIOA_s7%<LxpZ4}fdeJeY%Vkam)K{gIBV3Ftg*bh*Ys%(K(2m9i%Q!P
zpd$PQpkF~<<O(jDn0)Tbl>D2iqEF{{i6OIGc2gUjCS&7Vld|_q&mJQKVhX<JSLo3r
zt>LMEF+oafKJ$ts<XwcgOvq@I`d>Gwt3G>NZ6|&2dH;jtb+kvUsQEkhDS<P>5*|$x
zt^0)I6rl+|b9!R9J}Wt3?^}7kC06b0e#=Mi{*F>QBIcV7zW|{7>qKMDp9cVS1^EIv
z&6%Lbr4xA}$5MTwioNcgC48*krFF36rbi?rx0rK>LJ<`2668a8i4m;C`)%{)S2MdD
z?e(BAd`-WzMZY4*NS-<db8!x6+?uIa3X+IQxKa?29Ou^J+*E8$NvCnf8`%%N4{Viv
zlkEnvm>xSzIMxt!cfjeHUumo7%Ey8APkuPn>u(QzZs7E!+;51Jr&3PBwKVFP5k<_x
zCVnxxRc!gN#kt%hvkSIENjD`qAvvACGS-;+pxbutn-y6N2HShtfew?xqevhuR5snb
z#8S#8iq|rz1~@b)gbm9JpaiXYrorszwkh7<Iy9jDJ~L2T%&V;?vx<`{6{u!GG%Nul
zN^d#ca=Rm_!c)(zrSblYFzyIsYD)3;tYqte<#?!9Z|g<TeE@Siuiwq=Y%0r2QhZg}
z_stBEK4@No`i@<=plN@c??Ra5w?#*4SvQ`^`EZ)venWL45QU}cKq@^W{p8fvVb|LL
zkx!@5ccudTB<GUop}GDk<r|}+LUb&{5#eXr%BcRL>Q-Mi4@mE&yR%|~<s5qThfRCP
zW-8#rm-b#XdoZ9Wcm!p$#~d~AGqWrx@~OYYet~7~tiiXw=G^SU2}u$Dv~RbZ@0^03
zvv^v(Hh!znZ6P?cIVFu*7;vFW=p|AL=!}vWYY&!$gpQ)aY8^q`1D|I;Al0tZ%uy+p
zoD)K&5o}U(E|+2)Im(3}ZHx9X3o#V!zx%uR%uLQWKTRU1WW$+~WWItR0_$zypY8J^
zfW%Ynvi#oSc%MjDv+Kcn#DP%0)lj|}7l9sdp|%f!-Ehzceno_&^9Sk?f>}5ZR^07O
z5=h~iv(LV=auQq&;k>1)YguAx9l_-$(j0!j`9$V*(^}9+nJcE<;SQF+cpMgtjAj)U
zL57kW%$Uo+)ADLrK4hi=kC$erp4>}KYf)hEhtMCe2M$MXBc>EhYtA?a8q}RC*lHuT
zDTS)X7kM_@oJZWf5|`GjDuHE4N(JlQ5Y@e5+pE{WdwYBeBXNKKgn7nlRMyF7x8PaM
zKB<s)L^IXr4G*Q+cXFJ|xx*jFb7abtvx^{=Ewpm0snZkP=v}<F)d{NAC1Wh_U8V54
z+BF5X@N%_9<=RF&Vc?G{XAj+*6jIrHfE}KNRLL7;&<`yF!K@(uI8z`oa1*I3&vtGV
zaj>3m3v%?7fmA==HYTp`&UdhbghDXLKE5{>?WN%}N3=_GIJv?R0&Aa9I!E4a2jV-c
z5Q@NHyiJ65;>3YSD<bw$X8r6Twd>A30^CsmRSEQ@;3_@Y_pL9U5(Sa$1h?5t?F>A}
z1sI}z;~cxoB~|o%X)CFuHY9g?^Uz31|3b$L`m~iup!=VG_|O$1Ihdc+|E#T=<ZD)7
z4pohk8}reu#=F{87GrL0U)ihGou$8U<M41Mr6XmfB1^Z2+lH0tQB5BTznYq5#E9lO
znwI-JO@@^oyT99Q)v|tT7EM5Yhs)k5)&pw3>%^Loo7SPirmy2Nx#}{@1F~&F7Ma6`
zeh+13oO{^M;c#FBxqa?JnR{00KvDi%bJ_oD`r51F{|Ua&@87<9;a~76z?0Vno8UCo
zBx+b=QJPIPeA}Je7My-+C)+fJHu2IbtXbi&F%-o5i|}z_rEC*Tr$~`N`g&#r{1Te;
znwIi|v4IytZ*niK_-}EHQ;=~>$uFSg{Vpku<HQdxWX5U4$Tl|75#PWg2<$tGT>BJA
z-z$k=1V5~LC-VfbfEIV@98`tgRy+^P3a9l3D8LTHbvSvNYWS#o`E$%xO};_HPhG`x
zFha82hs2VBGUVq=ngN4{HP?t0&hK`uY;V4rSc&0>FF&Z90i^J60n@;F9$u21J^md7
zC>2;4qm(;1Y#g=Z)LBkbca0M|zvi_RVzEZ@vR{VUw2z`4V=yC$0i9lGUN;r#<A0a)
zPQcE_2i=7G*a4gA%CxR}R6pNh5aCsV-tz{ZZkrG*B$~gpL|}DTspO<#`WdoX8TGOk
zW%9-!+Jq=%4u{=Jiiwhm<x=UBqR;Gwz7JEaZB?{UZZ6j;RmOzG*mY3|+b3PfS@5@2
zSb~gK5?m|My4Rr^vI=?nb|f31JY7=Ob&H8!E=_`ivg55J-%iTj8C?(pB?ZJlgP?7I
zH}L*<ZVm<JT)n%dxvu$iAbnox8j2C4xy9QJiuZbVB#tNd5X!39?%G78%-QKLCR+@-
z%mkcKOs)9z=+}T9c4eYGR%Ydd*L41Sev%W1Uw{xm=vi9D*6tx0`@#VFH$1YNiE-!a
zqcyaq##e7l;i&{U0}}x2GZ+)n>eUhvCy|6=hd6Qm5e_V{hrH;EhM#m0`G{L%2SoVf
z)E`<bpnPGsH)R>2H7v(e^P3Gj`+^L~r#IeN$PvLc26<hsZqXlgQPw9CsVfp#x5BYO
zU4h6GLf$#Cmmz7k{RpC}3!P0Cv2I&*Jk3l+`%>j+&7|h+hTzZ>YxuT@@$ga-Cg2DB
zg(SW+ui?Fy))VkIg9OH~ke%v)-Kl)7W<Sv}G$8kmNA?uQsAV$4FqI}CF;V?B&{kEG
zHM3RDoyEv$@kqoDg4&cMmFHLd=F%MKQhr4%Pf>boE8|pky{0z~c(q#tFq6Il$Wqe4
zGa<vn2H2&Rib5Cq6sE&D(+^j=g<V9cRY*)TbX<mJ(%IL-KT*Bkndr>z1rPfYqOhbd
z$q)p`d%mqVVkNXIwI}C7a{)XcBlhsgd}=(I%OK^!D_dVaJ%D0W&e@QRPuuURV3<D=
z{H;Ryl>*+4scBNypn~+J$#BRhU&p$lKYA^%QdT<iC%hSGrg}kk&&xSZMVqx0!`J=$
zMha!c*~N(a_~f&MUt}z%B(b~l6*f-F4Hf7ksNWVc>b$DcE=%7No~x=X;?Hv|r8|FO
zL76?(Kl<Xa_M60sb<ulHM7Ic**bR(RuF6fmm*wx^U8S`j$%;?Gk(jNPOaT%a`iDFY
zl~_W4g;*QN1ojM>YL<`?KI$7|JGOSDNrL2v&arX(-H)Ez1N|uJSMbvvHr(S*CLxin
zTBS=wBhw}`Z|BS6qli;ZT;*NxvYznUV@6n^8T;&}2POK)@6}s3`+7-fCMFYnAmE}{
zM0|5;Fl(nMdp#YXWeCGRG|MR2&U)#6H@pP79v<^hrv3Y2W&W1Upc8d<uyND#L8xF7
zAZAtPnkwOM8l0iw3VR!GIHL$JeTU56I6qBBuLLsorueiQWg1V}UfzlpwiPyyy8Ow*
znl)QEw`;@+l4g{pkmp=X{&KkXP9N%X;RC;~V5>Euyc5{PYbQ>d?fWqnA@TT~O!s}1
zWS{G(9%Cg&+Y*CZbOgG2m6(?&$N;8O#o{oe1-0n=R6X8RF&J5K&MdCb>=ymH1$*>N
zBa^NSdcbSkQFyYo8eXzQ|AVsb*H@fem*yHs`LPyuQ4;{Uw$?}i?}J%q{YcHImRHpD
z8^4kO?BB2bJLt41f^|r^6#2_{$$ZTNmDrsD^zaY<TD42wY|ym<{uflm5SBNs-4(S?
zPet;fSw7=?<d-`EPI2?FJ)GI}v=yeF%b3HU^JQ%(Pj)2cPK!=K`p3|lY0jYUc?~v+
zxBT)PP>?Sm*d;v|y<tr3ltM4q--cHlN-%JXtWa8J+<ccq=vPm^<31Fee6e({BwwG5
z6(7)mXD0&~hf+nL|2E{tR*c+ubCz6mqqUMvbBJi?)Z$3U=+w{R6oC3^gJ`!%O?@%$
ziYNF|>;?v<A<AJ!TQt)~a?(t#7s@*BFnO{cnr}v!4el4cI!eiQuEKu@pGKr4E{{K%
zb;1YEfmr=2P#06?&>aQ(`R?+fUYo-d^_@Y^PX&>U`lsS@Q|^89OVa!MVUp}$08-se
z(-_-OPD76o;_v<{t$WHmW!`x-vQURPCi}(py_xITS(ZH;Jm4c{Rm|Ie_6yiocIaQf
z`=94|{_Pvp|F0pBZKVME{xlU2y2l3eQpQ9IXGFyP(L344tg>IfH?q3el_UT@Ba!p)
zPFA1w?f5>OFIw;K=Ua(gICV<-Z1&MhL(h>f>P|n;G{Zq{ed!K#c__ZtL;edrvqe!{
z4meCdW5z>DPwv}yE%e9Ujs*Mm>8T2Y8fws<GFCWO*Hy);G$b9zT%waWKb8gOFeSPu
zZB?Z<nt$V6T5)uX%1lyK;oijaog96IM|w8P4K02hzyE9f^mt;3r~rb<UZI)OOFROu
zM(CFZeJ{Xxf5HuF9+dD3T3cJFoEentF8jh>g@3=c_XM-z6(koON2X3rJdfTuv~qkl
z-Y$x;v9{E98@zdibw2d225nW->Gl)!_f*CE=xqUZdv&v+lIK05qo41+pNg)r`e6Q)
zYyl-Zwz)~&7l+i?qO-H(_ymHJoKH<WXN-<ATq5}7-*jWMddYdy*Yhd*!KAThgShq4
z(Wc>Yaf-H4jtInV%B%v?&7N>_Lg2-hzYF&49LT2@9^ZLA{p2XWD)Oc3oA_$c*?QVT
z&Qo@W9`;Opir2m5)EE{AlD^yI5|GBr$7U{Qj$w-OA4Dk_otLQ-@chc+tC^yqrg|vC
zgjy}U5tkbBxc%h_;Tw}RwSrhRb7k_N*Yz{8&?d&g6uX0Wg0+mfBtm)vQA)!X;vD;n
zQ#DALRSP5uJzIW)hsK!)9aji$Pdxciak$q<j}64RL%1fGRl^IrsnI_P30IXoAuY~~
z+J0H6{nywTteJ=A)jq;v>>3({q65jG-Q$^ozDlhy<N4abu8xGEZ&AWo4@aCkzW<6&
zx?H6zDlU;l4pf+L*2||ACd!o67$Z{~8>9YMIA}U_^kXrV-g(gf2hDw-L-3eHx=U*`
zcRGK_<u?7ztk+`q4}BeTYCCqXRo0iGjG4~k>_!Mz>&o2IGO||pbN=CcC)Og4%cEPM
z_8aGPV)puDtALb%9KO4b&=;3RZaHBiSvXZ=k(r_=DX^y_*;YK18<+0WIvoqe)hJBG
zw>_TmrClFi2=E~F=vB1iRN<HbAD3rBLr3%O&uEk(+UPBqw1g@xGY;{v1I5P{`H2$K
zs2iB2Q$7w8b}s{e@UBhvjut=PYk_m%offd%3}op%I9tE4|LmsoN6OXiRz?3ikU{>Q
zbqD7`wX(1(-J8_hrNM8f7_}RLk=3`kpG^=uO}FFEI?uO^s7{=S<t^fCC8ZgBa{p3~
zYA{I^sbIq)WbHmXsT&7Bu167j2(<m|JwjX$Y7xc!ADJF#$1F`?uEvO1@Xndhcx&uJ
zQ<|opBVtx(C8VtIOrNLM$AMSj^JSjFN4DhNig1$cL4@&E=9#mjY9)a2i4P+DzL{7o
zCZ|<m(uG*ygy{bE>^JKxKP%#e;Yz2?48f+i%Ju699yYe3=&Pmt@zp=x1wDE!aNzJm
z&*-(|*zTsN>H*Mu%Bv?i-+plT#wZx_zGG^VN4G~tFdvVOSJzRD`qretq@14j#k%!@
z(0KgW)~YJi{uX}T0FJkhBD$}zA4UI^56SvSzgqv$>!VzzFb=`)o`RDtVFPb$M82_g
z3O@A|rEJC+n0~{_%U3-2nz}cW{~=+ZIp56py$9<RK<HGpvGeO6`ZHn0aa)}~GFgcd
zV(@s4+IMnbGz6zp6g+X-VPTcz1Vs!G=?4$7E#LyK9_6k)xk-l0y7Dc*f5@P;fo82o
zbskCrq88nNLcG2b*PW8h>R_yG2p~Yy&{5paewB7Gs-k=)%H~v-u`E<?Vk6nlbTuAr
z?S@aWg$x3I&LNd=sF&?O$|(s3|2Xov#!GC~yfET23ZXE5cN`OBkfC(<hHmg7sRK9r
zj&OZNDfd0Lc;SWq;Ic;%OGD2X%sXyvLhkaL4PK4&fp|wUScQ@(Dy1{h!cvaeQRoxA
z87o`#<9-yI(I6%5Q(2s+xVRT_C!M-9%V$N0pvEzbJmu0zIKwaV(X^y(|B=J(hHD2k
zOsHTw*~lEjYZO$ibgPwVU-(l>n+?u%BIlu_lJ^5Pc^GSNm+ryV(-lqffwNDev87G*
zidg(FpP)NUjPVCQ7r%Qn-D;6*TnT8cZkp`(S~P20!O6i|HoM-{LLRvmthy|=<0XQV
zTGtX}B-h^i9V4QYWkc>~ToVV^(mfJ3aaILVKd<Ws|3V*Anbxo&{SHhdG=wEKh`P+o
z%o~P`ON{3@_I>eg2d$^<9Mg{L82n$%y=hoeN!KoHYbz?PXe-iykZw^?5Kx%}ggAo8
zj0`eHMCM6kPDr94q9UL&gMi39M&>DlsE9I!IgmgCA_NFYfRKbFB>7@@+wb$d=X=g|
z&iT%dZ~w@ZWba+Os&>^{t5&W1UYp*3W^><ie~S7#cJCTUq_dadtl{ajhE?W+z@s;>
z?fd-KF8lb0ouWOc`}_%*?B4;W*KB`Ah=Sb({-x-DA$u5?`+nWu$L}8d{wq55Lig|g
zLY<U)@n1aJCl#tkRzOByy1W0Zf#~knx*ndMTv7R3SioJe|2Px2TnL-}M<8t3a!vYY
z#C>Qdiz@hG9dBW|ivB`PeeE1FRy2;6S4up*==CE`;BCZLz3(UKFhzYqOaAGWq8~Md
zoH2C$2~w`&)byQYd!(z<o~L8@;nBYoYyJ$mm35W`W#<|QH$$qOTdk{|n(ZpnRcy&K
z@yBF8a;ZTgdSL#`A5C9|iuwWaL{izV<@M-TwG-;KZKa*=!t2=0;(soYRbr37!^#gz
zd%c<|F*0B<8m!b|<hk6{@!LQ(=>+Cu2QnKGm^y|XpermnZ)So>(#hVngn7EAJF2;=
zP7BS2U|cb|X}$_?z2?Ydzri<G!Sh*O4R^l$nhRbkZxe7SQ_PFgKOh@#)$ogSWVgVx
zkbRr)+?P#9P5Lm^aE1BNqI{>m2NE>>UX8eYB#77(fMuiQ@Y4*Vuqdc~-96Fs_1V3Q
z17V>Y_xyzvQsdh2g{AH<Uk0lj>eoe73%;|T65B+486%bUYPr#CUts@i>afi8B#}!4
z=-7Fbw!Kz#V{pf*KJ~@D#3L3TcUG5K-4N_l4oV$61svX)h^#9ttQr0}MU$SFfV8qc
zqkwo{Sm!U-aiZe!AgExo6a4KZ#N)F4fxx#4NW0Ew$TdUQc1p|sTj>~-kvtFT?GTyj
z@cVC_%xf)4U7lAOX7=A`SFAu`a%Q-v7V?dHxgB*PqBFq>kqtFmYJuxf!&Eso`Yt|_
z4IEH|t%_@U54=<RF&N&V14?7;6SFm5&SQrrnX;N}RMgU4m{-=}<ULoWPImxwm{0QB
z!Fe>)#~mSBzMr6MUsv7?nD7lgWUP8kvM(tKY;K=zAIQ(NvS#hSk4vPyo(alil76e%
zJ6jWSF+UMOEQHMAc+VUlll9rP=rqBto=j#<^!x#RZjS=$`eER;Lk*o(?y(*-TZYbi
z<ez@uAPm?e0&;U+0YaZ@nlJf}!66SPx?3P=&|H#gy%!dLYuqb2ljT}YUe@v#Y(g{*
zj$G5cnCk+VU@A`T+Z*X7tdCs1od^KBhLHPhJv~bT(HzgPg@KEUi;MsAwj}gK<Iy}f
zta#5#72kY<QEb>1cgdc3?Nt3b7c>^UXa_~z>aW5g>*V_BCz`+6I2p}FH-qy=(Dk}_
zqn(E5ec$%00Y()+6hW3xl*o2J`q;e!2#cHx%ismHc8gp0?Rsw{H_}?|Vr`U|9jO!S
zGUYI{;wYwB7wf*Hy<2Q;Qb9t`FFhawxck&lS}wAY(jusbetS7?@oj$Imxzp_4c-s`
zXe-L-8#ZcdUv8@`AMj(Kjl-$mB3v7-$(6;sw8xD$UCR4u?G>!UY;UxQXL-Hc3lAgL
z;+=Zd%g@wnQu1~g-uY<=-{{Aj&k0(}^2)P<!O&nfty(lFoD*f@V&DBUK@s6+Bag{J
zVgOH{$Uu*d`Ve$B$IrX30;!J`WT$oQ67kCGE)HD(^pmzafjP9`IITITR~lcna@qFy
zV)AGFhFO!#O*B_-RA(*tetsejC8DSR{#sGd^5XWzyFmfrSugB6uBjpVAO<@hPf<jV
z4<&gpKgkA_1x~ez8k?&Z5svsVDDR7Mc-p%@zrJ+$eXXnEJA;0#aBsPK|G5vsqzYhJ
z8sDJOjmS1|xdSNF?t0{>)MX$)z}u@*FObIhydT9b4uZ4>=Wtosn_x9C*5Do1U}&If
z8u&iw{T{8)%)-hKv+!oSfkQ&Qwq=E#mDVetKT?*p@_NGgX?(K{LVeB1DV&kil)8nz
zfje&}FFPh?D;wpBHQ-el@Rrrt*WSqnwp{eeiz@LQt(eRBA#S%kXt4eOPh47?P*A-U
zKBrEM2zMjZ2hSR+xFT=n!v(G82An%m4Z5uH%nNEi`uv1@sgdhXC;XU8quFQN9|<^E
zc!g(Qb{nmY61v(cb>KS}?Vrc*#v+Ma@$Tg@lgSg6FJJ!J7&wJbY`AV>!uY2G_wVdS
zZVew2N#D!KJI-?#3S9=2)YXSUKLp~I@Esk>uV0GJlVj|9(pAJ0>niLKd6<JgDzm&h
z#{R-fyBg<3LkAJf%*lfdx*OB6{C_0)YbB9>>$bXi^Ea@@Eh@gzWuU^L-cw-x<9^H0
zovsD=XwF=QpmL-+is2bB*)o{e<U3UKMBGu+e|+Fysv;F*U#6w*)xQp+%I(!%_`NZJ
zU?)nl*zz}|Ra9iScFcb%!fVoE8~?!Mw%kfq_>a2v-<FD^2LGtsmZD$&t-SBr{O{xW
z*?&{wMQJhu$_WPt2f^Pr+m!b9nhHfL(02kwx0Q<5uiwG9|9R{ErO<(kVw}J9_WAG0
zi~m0UeZl&_QHu*t2^$<!GcdU7Q@<;P{C9Eh&<Uaia8cD(6{tXl*|PYPzJW4`iuIiq
zrIz^fc!%~A$#4^+MtdGh5K1r&Xvq3*@feF1!^$tm$;mm)9lrBmpqxj!Ji;G3Ug;kV
zy|pkYz0syO6s#gA`AR{29Vg~no}MG{wa!~v^ZnZ2)zv30)AOo+7uKut&0OvGHTG&h
zuY0T>acu-3S<gO6KTJ@ElKYuf9@xz54#FnaNO1A)&;r5QNVRX&<Gxb^c*IyX{O|dE
zi)6!@9_40%-QJAQ%Q@LV=wm#5{l0u8w9p2VVAwB8IPL`L4F4oD88yDZT_l-*bY_N-
zAMnT!a{mp!hEO2(RqUVv+*$3_=_@WvCgOsq8ru2It5EfCvZ%<7TwQj)>qf<#3eKAu
z3wvF!Tjf;E5%hSggi$tM)KmvoW5;BKbE@SPV3uy!$lOeBtAxKzc)GCejeBbMCGwQr
zT${J;13S#Ucy6-5rd9Pv$OTJ3O~Umm>@i&|)6mtiYy0sdM%Uwvy!MRD7A|||ELbVm
z1Aa+|P{yrxZ#$m79iabOwaNbuRN$?G$Xn4(0`<=&gPoIeTD9@-Wo!4RlIHgB8~2cv
z>eC{d14XOo{nc1?#JnHt&G<@+PT*{j-?C2ec5Xz|2=gN&G?ha~9%#QlA!HeW8f}FA
z^-SwyhTkF;+>Z3W_#C46b@Q2w!$N;fF?jR1tX*!=Psin4u*k<&`Y*_@L?(wA;50-B
zB(d?J>GKP(7vwwMInAh|QJCw^2{6*{jlaHCcj_u$Dk^bDAt}b{(hHuQ>(mS0eix%n
z0d(?PSJKckS5i=pid5AsUV3o8jCsV+`YNpyL;QpT3~U2@k$7&HjI1c522PmMB9LJU
zya_^lq{7BmWlNRZY1b@w67v#MXe;5ukO&d$_dg1W`)3rFt#wq6@imKbH5N-)GZKaF
zP(h3MmDc@QjQE9zRpV!rk55IFIA{%5`c0ZH4!w|p#5s%vKKAU#*s7pn_W!wXe=|1W
z4IFO*EVYOAHtFJ5V(5&F$#`7H34mGjADeF4);KOFyZS)rv;0#QxsSU1h9>WP*kTak
znn&JRLs^f+iM$SN`bK2G`2kJU(;l(nYNpGjwXEoDpdEiQYS_9NA9C%u@Q|?gm(h@x
z3@zt(R|KsaBdg%)4vsG{@^Nq4n?GXP%aU4E+j@0zPJ!6js-IjfKe?z0w8ZjXYtADR
z?TlQGP-=gAo-^kC*stB*;>5XMA3GWPl3GzDFWIyJ7I|ZoF{O#@?<M3<v)eF1fp<KR
zluxuSepftqVT0HHaO>?E*o$^8%@J2JBg}Q9d*oACqQ=K+zvFsagVJ$3{9c}1l#>ue
zP$tH!K#w_-dJBfOAtJkA<rs5s{d#zqs@zxF0ct#0VdK(EZ(hx^=mj~2Yw%jYxe)5s
z7W-FHWPzRC#j%4^tEEy$VzQhXxs{1Z=g{%;El09`IA3nj8xD}7=JY@HY=1a;qWrPd
zc61^MFZPO~;BOkmdl1#Y(q)_K1-?#_@c`>cCN%f!RtrA!E)Wwh-7SoY?s|1=Y$euT
z+f0e~hn97U+(gE5*{_gi^>u|?4@>%z#Xe2CZ!CKs3V~&YwDj;9#ZLg<KG2Z7#+;&`
z0)I~Y6&R>mrWhl>C9c2INmDqZYQ>wW5f^6rkkAR@HTVlXL#-)AzrUVoqCZvi<dsde
z`qJ@pE+XcPqem}F%dVtQ)uoP}$8I*`ov*U?LpqoqKlAJ`FH9HDPQo5;J*^T(lpM+q
z;ur2)0^JZA&FBVfQM4=#Gf~^(#p_7)78l>@U6XspdEbISwS>OISCFNkNs>6)q`{nc
zXT5MPU7@^*-VN(=!Vxo;TRmLyAw?h~#G|#AccY0CeuBMf&`St{#<z68P{Nd&_xwY`
z2yLg@Kf>gy-hSlTganyyW%)uu(fX0_+GXwRp0@yShIDQW)O=wT;<-EVsqu;5+$2rI
zKjs5og%#H9IO<?=%=wJgZP7Wyd$v-t*ErsdA_ZPOtJgGgMzLy83_-YHw{HQ@pFFeF
z=7<~TM=0Q5exvCK%9Le8LluCiuH8+5h#1*HPmxI|FT0RkBw+xmkT|~MBL8Fe&o#X|
zjQ0RYS&!tlk=d9Oo6<)a5`RxtUd44W1d<-T3l01v%Q?v7D-+9h@!YD-0zx~gr)Gc4
z-6wsXw;B7mYX|<tZ`;zQdL*uFOo;N0zKW{Bi;?5>?DiKzw^|jJ<CnY=ixxr9*MMF)
zAX?MKcU?V&lAwOQa!zID-9Yu+_Fa=Zvy8zrVL>J|WK+jJy(6EuUln;5fah|m+|9iK
z!K!$M8n-=hGHgG%=#^Ax?N7GaN?!n3vxztB)Vkex3xyNebewy$H253ncQ<KBU)7-a
z?AYhy)H8#pZq)orD)>f?C%H1{Vh4(6Wj|F>4WDO0S24rAiK+<$FmJea%t<ZGd94MH
zZBIl~$Km+GDBV}DyZS4{%sRm0mi<`3gx_Ng+IF*wg%=M<{ikGGL>}9{Yd@B~Z$V|D
zE8RTRtm$Ask>W~neIlnn#I@7@`bEDE!QbYXn>FdZlQ)B5-)vlv;2&UM#7{&XBslA(
ze<I`e4fcnZOl2JBt)350;JRphgeh7@CEshfD6##bRCxetq7A}8gidbjTC~rhk1eAM
z2GYc%k1}>PZ8$ECEnYs#{!N$H(mJa-W-yO!s%0#%6!On@fiIqB|JH3xWZyn^D^|%}
zogXr|48oKK+L}lmRVUBHsy7b4N-40q44YD*>MZu#3a#QKYQ|Pqw|c%{j$6gC^crtd
zo}|8g27UNiLs%&C|FTf!_JCvT6Ycw&0e(nUwx3_$KvwY9IAWvpI$do4%<Rgn&{VLC
z#cfPht-9Ic^yxY+@Ah#X)Ro1<ObRy0sjaxO`iUfQ7&uuf7cSg3NODQDAsiS_3+s!5
z#^}HbV0*V4D;$ijh>uqtHI{;S>~#LyWEck(|7nM9-@aW?nS0A9w?%@E8dM9nNf6)L
z(p6`BOb=X~AV09LFO;O#V3W)PC}nU?10WJ1f?qb9;M=<f4pRtqqriDc@$>BEvhtr~
zocPJcrjlAW=j79F_UjMqKm<k`EtcM)km5I!-hJO*c$=@c@H<RF^o@s@I)L0AbA5j@
zP<*R{ZNEfnT!ZM#IAnrB{>f+MbDctcwAOEH7rUlH%?oyaByL+~C)kFqfYoM5g?PmS
zHlzke6O4s@PswD5sI>chx$kD^TOh&ghdH`@>bos^3vMU!Q2em)MHa8fDE@o;{pIZW
z=f{7uQ2))%bnUyt>z^y%$#;JKKd^cKt;GNAxcdKYT>qau$k0*5K&fi~veVky(Gl-D
z1rxQ_Mvce#{;IZY8CU;x2g08v8-y&_b>R4dXkED;A{s;Yp#)>a+@i{ww(A+r_jX<U
zYa5PrzokPthe>OvFLj6kY+`rp3H|&>{6j-EY9hm<Cw=k$w!N0aC1xo~nC3n<lTVlm
z;Ud8E>kQ%<@;T~6D;2I6G*;!%DvI5O2|A@fcLR-jTgQ6xg9uG#B)AYI*dzlf@5R+Z
z{{oP{=6>AcnwFZnfcHb#y1M2y`A@uwiHRwKPgrzDiI(96M686tx$-p#AsR%&OzD>j
zE4<8sbh(hE;k;aepc&yeT9IZGHU9-m#cI4F%;@02oDhOqyj*yuFRrGVoCoRO&i%6!
zE-;OML+X-Wg@kU*#QTYy1_hw`Z4f8jjngY4N9Vo8iW;~@>7Nbq5jAK?)Swshq6TU3
zF}$JmfY59~*|~si_Bq-?W3O~VYzhtc{GG+SY_CU*y_Qd`y@;9i7wGHS<^=wIPf$IA
zPNEr#Y&>oh{arA=enB`Dk4`j%AMG-LPK!K>p&iNu(4X~s4IXLfSpmh5ZyBq{8i+!L
zukRz_oyc)<akOpmP*E5R`3nsc46AAKSJp7%Ul=`o^*|bdG;f>_xXQt2x0`L(wG<m&
zkyrk<mZhj!n$J$sVW;TpHS>dPBXd&^`Wgk+G-VtXwebA!!8-E=QC3!i2K@R99%N%u
z3Y*cYA5?=8fN>U0n7=#e+PSp~m-cYm6<kZP(j@vS0fqf~X|KWZ-O&oGs?9!*?(e83
zUvPfT(du*X`ZbBqmelMo(8rdIa2MzBd?bJMKrnR^eOzIJ-_BWNk7BYK?tI0D4c~xy
z7JZElATB`_uN6IIt3{>hhqu3JxZB=zaLmS#nynP%Cu)$kekB`mZX$Hrgv&9r;AZW=
zzPnLBqW!jc#AuaE9FNju^~NzCXFc-Alh43+v<PDrIkd7^U!FKeEEBC~d38Qot-O&!
zzL3VO$L5*L3^Q-Z9U>^&{xKr)1p7xsUaP?1-IQ#_8$?B31WBpNVYT(92Rr3{JK|tv
z6I>X=m*kb)8m%gJjN`1K;}jk5O6&$OvJ1GEZr5N|!lb-Ne29xJk?@{;(KOEZ)#Vp2
z(dMd1dv(KCrMiB=fhklx#RaH$O29)bW)=~w3$CyWeXTg`(ITFfF)jL3(jxY=f$=zS
zrU`J<`3o;hk`-mkG+IZEA3!&Si}LtBv7HL1ey-#&$m)Lu!`=5yU$F<vzQZ%i5qX)Y
zD<<hzEQB%*m*b8_ETkO^S-(Syq@-y}Qdk)o-mEfoa5|M%ev{+WzF3<H<>FpfcdI?M
zH^_XnFn6q;c_lxxry@vq`MKl#=dmF->D7#k$<=!!u<gUjAHJqem6wB)T}W2-jdxfF
zmSnvq%*~|5vWV*XnXsFibI`nj<#T*(@)xB^5;0s>&F`8H2b%w?@K_4{v8(IEmpt(r
zI(O-dj&0Q5qi1YKur%GtA|U4139K3go3ji(=E`x&yu{z<l?7zhk|&fe_fqr+?2Rpm
zs1_vzYBya`U~}#pXnv!2Y!>y@1)rP0A7|v9%}6Ic$p|`*E4|8*xkCfE68-hZ>Q5tc
z-^<}gn5$)!Al8AY22E0+x+f`M;vx}Mqm*pBasIJ`*0N-MkcHh8^hD-fpsDJ&TQw>9
zAD!~1`OVh}FBf1oayJI4T%0@<q%v{~V$ctBMk$bl3cRCk!iR7{F#X1Af6kTRyk*AE
z!_Uhgwc32Yf#cK@4LuPoFO*AeMR@yP6PBAMi`;GKwmro}N~&@^-`{mb_pF=)v77(x
zjL1hbmN@Urb8I@>j(YRQRdyL9VXw^Tf}0!yQbNa>FPgGVJ~`q$($Ww4bd{Llzm>=-
zo$X0rK$aHTN`}5}l{}bHao6Z=bcz;PGOkI^A4oiZFAB*rDplx~VvZdE>>Zg9LNt-U
zWY`<<l)*@u0gTUz9ek~yqs;>lH)09P_nP4|bA;viN`V1^9}MWt5sWt!T3(G3+-rwA
zd4{--#52;SFa!JAhkoXf4|)1MnrI#nWJQr6D6Kh34%4Vf+ZP_glFXiMGK-2LY@%0^
zyo@hyj7N28zd@Cd{Ndwudf}POUIC<wWYIng`pPtWi=u8<(xMz96V^CN<AFFfR}~4I
zKfH>Y$YLlgMMp5Dj{^gRt$XHu2NeeS5dxJ1C_aPW*Mnzhd0X7w8{aRM;>Gp}adq9;
zl;F;`=w5H;eH*$6F@qa@v-oY`VqZJay&rcz0H2Q7d<|>o4{)Sk1;K<If&^D}95?iG
zm&`yxYul8^+HQX!eP`pzI^dL`Ww!ZbgG4Y--3sQxZEZ<5gtpjB4IiobfEyZtF5cO*
zr@!(u<+OKcAED`T6zlwiTmMA}=?t$vsy+giPLh~!gx45ROUoJKx{HAtACoR25N#wX
zJ)iWbjB84qr_Q(RAlK>`91G?ugn}3Z3QfU^s?F^5OKydaQ*If-Hrm!}2-EU5-ZTZ*
zC^|89I`ZgeiKG{~O33^crnqL2M@b#-TbV;VktR63n$F<QvN8|NW$X2u3c;<f6I9QH
z@Y<-o{vjt-hTLIobW{l%X0f>0CeBQ*$1n9t%Z7%t-3kIEiK|c3_xhHo0hqWTUMAXK
z*AiebiajOa=!<vf-Cen(LQOBpnn%_$9}y^1pcr&LzpZcp10aOnmA8$Q-(Z`B@Y^7y
z$AP{?xBJJld9EwOLx)QTqC^6U#=f;XJucm79q!%yOHNSF&s~3<2)c?A;?X+7LuR4m
z8Co0QYDPrZxB-LLL+qhO?VBVq7_pS23$l8WN@^FQ==@vl;p^uenagOY`5gY^Q-D>*
zLz2ASMCfy=Acq0OML@c7SE|~{!*A>o>l(rC>Wx&%NpS^wr>8I$R}wVE@5I0Zm0OIa
zvI+TcQy1Eaw2$l6KFKOUG>P!`0<_XoG>#DP3B_&;=|f<vq$Vk`Cz}8<QQy|i@&GwW
zr-CB>fINazvqJj#&J8w*NjJi8n^ojosV1`;lmI=!q+)elonqa+*xJ#_YeYylE$F!v
z9In7Ux8xPSkl%=8Z$Y5fXit7jcHU`8-XB-L#mjbfZr7c8X1=tp9;8d247r5(uvkA@
zl_#7rsTGQ2qNv4Y&<JP=!q%dT1t|H_Gw&NJRMr5~q_WRfeRd+UPeM03of8*9Z;;io
z8gmJ1>v1_H-UDOjnE<^DUZp0BUJ?Tf=qQ=9$8HMZ(#_B=+mF4V?rA1Hoyvd1RS6Bx
zVs#Z+0L`~|!Z-yP6n~YWLKICLCmd4AZq#*Q=0q;OnYr<S>d@3n&ET($u&(&{)L!Q%
zjZHqD6O9Y|PJUM=vK9Qs{=xMGu6OEUvRcU=+(5Y}$D23f_vAV^6Xu|G^@9Q)G{LW=
z0;t(yog~a{^$Cf=-P%EWp_%nj3=#PN8~59Ai9PK!wVuiA@(#spoeP62-G(3cd&}Dr
zTBZ{S@Lfx7g@K~WtWXIfL7^MtiHm><!KJx9S<Bp6@f-A!a==nT`G?*$J!kzJC3tX&
zPuZd@q~;+vqW=U_6H0(LI2g>G)aMkqkWS^C9f#hchnF_gv~egltj!au6_x2!h5q<#
zO&6WfGC3M1zi}*hI}z+E%!+coBMh+1<DU-vIARH*#(Q2a&1RX(RlJO$%J{psv$FX4
zygNa|q+@~k>1KIV<pMP9jK|}N(t_+U{b7HF8~VMR{ekqiWzjf5lkkz*m=qvs=*I9S
zmwdiJ{zD97Sns&jyV2Q`^mDC(d|z(Aa2iK5@$rG{dvJrgSFD-!b0wy`8c!}*@E#OR
ziP1NpZmfcg48U-{?I`vticszYZt}e18qa187ABt>^M$x(LGcE6o?`M#TyE^}fjnq^
z^e6`@QR@9v-=YMy!17zO332X)dOvH;NF_;>xC-%mSd0&)+_F0#HJILap59>%jO^$0
zAz3~a#t)h}0XvuK0jDyuwNB-@C;8o#&zT)2kPw#egUbWc(`c=TisM*^c`mSxKflrC
zm#pK;(#_no*)U*qQ(dP??T6cZYCy0xOSQY{%fS`v{Es!D(0E4=Pd{V&v2GnoM%xF8
z`;eZ11k;@B3f)HjY71;j&J&W4J6OGuf_8{#=(l0Lgz)F$+GbNt=U{8E0;5iz09t7S
zd1VHfel+iS=g{6W6aF-HP-up$etR-4al$n?7)amHpPL%?$C%3x5porqFzIIUU->^>
zeM#<6o_DNe*Pof~jiz}sDPFi7zZyM;z?<e_vC(w~$-fI(K1cv~5aGjqZSECA+1)$2
zz<yqkPq6C<-@ATK(()M3DwNae&IQvCz~B??dpv{vlO&@=7R{KYd)R}xEy3kh&|41Y
z_cxoYt&&$!fZm~YjDgeQJf<G5Z^##aw2)>Q1qmdq)$+;PU8=^>D&8ZyBZz_!o#W8(
zdR^GQzRF7Po5~(Fu2lvm_d>(9>64GqQWm(8>BdDTx`>Y#-Y>^TPGq!#EAp$c2T%G)
z4mQU&ewaMq%xSeK#}M+SBAg7kt|G2Brvb{70cH^PBD-EhW7)#Lh{ul#P7C!4xQfIo
zGVqJ7r*epS+72K^vK*VTpFQ4MIMPLQ@8g39zOB^eoIQ%2yu2*Hv*i#5Y@$1H`1(`E
z6gIj;fM=Xu73>XxYT=QJ2mR?ZzO&>hx+nb!5t74}pB}Xz)c=bP&jwLs=o&}<z|63M
z50m6i1%XYmLWRu-ulS~g4Ig<c{-WJ4e6*3Wrd`sQ`8x2XvNVDNny;wkJukG0%L+@a
z1*ZpQk6XCUGi^{7@}r_n({dwVd1)TwQ`t9dtgl-Qzi`tlEalTuOfN#S)#rw0fWFH_
zmX!B1-suxfQ>$duqs`07om26T7r%IEmL%H?p6*~4y`pP$fG{UW%gGan4vcpN=of~;
z>BD(VH@))49L>yf<ToP|CJ=7NNz{so32T?&ua5c=pUQoG2<Mr89vYO_%EyUC{pukj
zO<k75K$p?**<W%eD6Uh@N1dd@k|F?4nUs-{^`6^PvR=Sn``p>|m|3K!#^%*cJ|lbL
zrhbMRZf!ur!kuR^a31o^Q6dC>(&gac!d)LUn5+^<mVLciAe>S`9w{h6HRb&>+7s0;
z*DgIF?MZs%^WJQKSK#d{kc3A**V&)CMf;v7g|F@{d1f+WB|gT0!HZ}?mLsoMTDP%y
zig*W_JLoLO<x>0oOB%eEx$3=912=BOOF=l&%v5)Vu=ZN({N`@~J&Fs6vkc+~W-|QB
z`ly-=UZ!|fbthT>oFUd=q6dUk)!>04cZ4dqhIUgZ`;=X{p?cU`h4t&)#mu%=M-8e0
zQ&!zx-$b!pP|s@+EX!)*(`#)#t|yoYw+8@*=>|-&X3we5L!lwChXmP_AY3Eg%S$@I
zHs}dX&0(JTdTf64Ji|(*yU&tgZeJF;VYA1#%~Ya|3M|_m2KMb<dGmO`k!!$w(!OT1
zCLk|4SE^oO+qw<C4j?%8%Dyfiu{`1|-71?ZcLV$I3EKy$kKiT^PSThS3xIG;A9{>h
zE}Enq{!G3E3K_K1_Y?t;%gp&C$&8%{%<^k4<dTL>hU?89EH5rWlS$-x(o2IvO_9oC
zd}6Ve#PQRBl$r=by3ydu$)&8UYU!r@{4ZAe5S^d-0AC?$l`soHeCjJAi~6>Hw1sE0
zhq+B!IxNIlP?*rm++>_7iH>ZS>{EsU&rl@y`UTKt5ZSyjlq0gO){(>hax1C~bGw<m
zhJs0~C9H{2q=x&TL(ZUT0i*&v<?_3pOk-K-L&qG(y$|?ZgG|#`uOW&_5&@+Ri-^X_
zNw2z+@WGwHcZb?toN9vW8}0(a0Mk?U%gnS1#}B5hcd)V3lWmKBDW`RcchMNZgc*xL
z&KWuem+wo{GW=BDru8|2A;<}4y)NSou1PC|Gx(ngftF}SkogHV^i6<1!Gfjl>dT`H
zE`fYw;b-XlkN~tj5dv(vCIv)Uw$5YXEJ#NaQ5O>Hk>Sm-(N~Q5Npzj5u#<8l$Y3*X
za0X^}TA#H!yB~hux~QPKml?qAWqNoj?+NRmeKuGuAQs@*SJ_|8D*d}(9l8k0qTr{L
zH`$2&C93wnx9o_y5}L2r#!gz8uqy@tz1JL<=uIF<w!6F+rm_Nfevq#RqwXjVj2+M~
zZ@AOamg`cnops)u6QN@56sAs3Wa*y>#i*0*P_$u<BjcbOrIlE?3mz!IMz6B9#{+90
znE}4J1cl48WRUvN7V9;`Pw795uw%ctcJk&>MRzKj0@>oJ3K7GO7$jR9{%In%@pk9#
zpt_4s?IBCV0k5BmWwgEG?oqTXF<&q3@f*GAkRSs3Yg<n}b5_Y$CkDVbU(I#*l~o!R
zNbEP|ADH*O8tBe!V45orT~*Ajp>%cnMQn2BtDQF6x~*OnCOWuA1@#oG-gh5X@Z8|t
zDP3fJczHXq1^Qe|B7c5uM?TfSQG)}^F)>+xKX6fI)cu*k8t;9N7ISLK1Wvk({*qD>
z*31jSN8!k{%e8KCak^;pM<g{#I<B9VkLx{UrpFJ>4gMspJJp9B4mv(AU?*D{ztA(B
zNTAyqW87`A+x?IRcX>Hc6^5dXFE{Er`ye~>8k2Z#2W+S01X0ha=WrM_Ji{y*Hz_$d
z7Yn}bdbs3bA;hQGC>)~Sr<)FUt|LWIPpP2n^F2(MGR`w|WL2DV4sca3;H^)JlNBaz
zzSSwsY1vN6zW>uH1hV;}O7yupVZWtCGl;#!SpH?y$GPY$T5iNy*|}Y2;)08(h46eG
zFSTGED2~q)fjj9BgHTQF`;}O6P&oqeE^OuOxja{l=NI`$RoK2@W$9A-z2!P<wcm3F
z?P8}`VwKfC=Ce199xjOtNVWF?b%cZk?18Ve4{07e^+DuI{`tV%i8>!sfBm?qoJQ2!
zE62>1loZa<1e{c><`*P@?0R(%o29I+*i)Tv3Oo<*%4gn5t{ueHd|@YKf@9v72wv|w
z5WxGy2{_jwBG^HPaENDCll&rqkD9f@yx=tufACjll?adCd+@2({3m#KkG?kJ*=247
zJg|R@-q2_d*5wRtu3aKM@iWy<1F_C8YPoRPX>@cb!l)JKyum01wcmoBc2uaqbo*mL
z2a8NhU55K$d2Kg^8%OOEv4HA4{k)+~$>Bc!C%RFHFtMV`AI?jUuGdG@J$rVzZ=;=m
zcT*uTTp{{)vn;J}^|*dN%j&Ltb@v(jCbzW|eTn7Pxurd<&Ok*X6m6=9d|~gwh@kPc
zBL;zQXhx;%w}h!awnC0nsu~;mep0P8Qe^NpvE|{HzU(4Gg#L6ipr5UE2n^gAK!C&7
z2>OjHM{=V-F~R7+=07^j2n}-3xu@-04MMlvDsvolC}HQ<!Bf?*<=@e?tK3g4+}3wH
zxtav0CZVAF*Nr0|<O3#^X=l2QedYJ8;H9k$kiXBM*m<230;~(5oZs%XP-N1FRjiRm
z@I~U30JxZPgt7|&fUAb|SF^CO$#|bJX+_GATPG2v%~NNn7dQmH4+<qpqk2(T&=-vM
z!zGIqb<ifCX+I>X+Z4D$^jb<lDRSvQNlqR3bC2T!)8segZuy*F^@Z)Q(Sk&CJ*q~d
zPf8?=cHip~B}*vckfU4mK*ljmDlCIv-ohoFblqywE3<T2(lujQ4vx#|1c^h}ZLMv-
zEuE|*dANsMO3pqTmT?|YiPgOtU|tV@K)9i7Uo*0<H`}Nu*zCLL^0f)*3p0$Es(q&n
zgt;WykiD7xZ290wiwGy0js9jW-x3G=99;Yfwq9(Php~bucSop%53fjja-MU+q!AJr
zj|(?KvP8zW#niq8u<t<W0Q}nv{_mBw=5qTdL^I$1bn+C&C;ZO+7n=G4LDuN`)g@VB
zfsSF{XaUX=myQhpw!a7YU9Z%tL2FfKQ$BiPMy5QLYIo5u|IXG;rDKPk-O>(CG_W%}
z?_#7cwzhkU-1%aa0<n^*>XJ;AoU62Le!Ms1iI(-rV{1b*0a1h}=Sa@FPdI+t!WO0X
zlRt#=r09mMhB6rSOmu-gaf~jMMW7++cUt#9f?|DCt2YLq7XnR!98OzTJ435SzkWP0
zN&^QqJhojLi$F|%%NNv<f)CijZP1W8>>m4mi%eMEoJ&w<t8$9w)zVkK%_PH84Lz$q
zcvM6gdK%0at7p{leI!Wf+u=9-aDeKOwW5>}R+|+6-WlpMZG=A%o>n;dOqW{@mumy}
zGSx#rT~~?33kRA<V3q+CiGD>mNTu0D%?-yqo^qlY@HC8Esmz>v-UcQ$l%}D=`Oy}=
zoPhde<mV<V4EW6Dx!wFmT(=m{ZJszcosSKKs!`|DL8>qa@{-p0>{5O5(NJj^I;%Yz
zqe|agTdMSSo!}W81NE*SxlDbO84mNILG)#Ml3Zn6e}f&(<B%Gwds(*$IH8ZrO|pC9
zGC1Rt#5w!n5d0GB4{GWQeirSd9HMc4%$dD_?vCJlP)=IA<qvWfdKTMyiu#1}Q15J-
z4DbT>)Jr^3LpKzVJXxdSC0rdM`ZZ4qk50-rU(Xe*Wqw3q<C_72@gM^w;5?r_6L)Xs
z<7C`C|M)8aPv9qfQcdcQAoEXDAR%cB(D$h-tNmh-Tzr)V`_Vo%Qo42wbv#3Wxrzl<
z*9Y*`>qcAR^+_d^{>Q8<P0Cu>exaZ;d?w`FATmWK!kKf##mxxpkr^_u+3SX-x@O&j
z`fMv6gnmUesVz56_E@5E;UdQ?-BFudgh^6%7X&lMyQaBw3KWY_x=P#Zk;c>fRS8Iq
z#2FkhrZg;$P}7VNO?@0-kc_S@EwY3rRVdF@jV2VZpKjgL{<c`BdAY1IT*jYEoh?OZ
zP{!kml~!<srl_1nqX?-6<t*+I*zs$B%78shl(6v{;*WW+9P!O|#RRf~D^0WD0rrjy
zyHBy#sF-8N)O=}AH8k57w`%qaoFiK2Cc3}$Stgi6CqY#9;>acGR-Nu}iuAF#Zo2T<
zA=PL{RP!$*+s)($j94kihC1q#Tt$)~bA6@UF>}nk8KY~{+S*Ec@u0O8I)ZNHpFZ1{
zs%Gn$z0M@?*Y5-Z!x}gxwH;#lGZI{3`2$b>Oeq-N2(r#Bo!qZJYBC(U^m)z~#`ul7
z3cQK(>%O!YjR4V12hihDZ&*1(=q?sk@`P={B7H?L=WCJ&9l@Q0wp{WJX2cQC)XjBG
z3~DEab&L~hoawdV>!a_z!ffASV6Q*Qc`-1008_DXiL%M~=nj_AIObtsmE8v_>j+n6
zL*t}30@^yKz-L&LKqDH@_+`$O$lJr`%VlVIy<W(}@wQ-B^o(F>3b{U{M}oTw$CXUY
zR?~Srmse85aDw<G2qh(<&C7}^fDM}l+B^_#S}58}2ekWSDg$j0FlL%7s%u25R*oL4
z*ADQ65S1mbMz7GC=xfx%(WkwBDQAUZR3?iwHfLRfwEqa`OpSW*iB(6SSJ#SThPtq>
z9#T15iL6-WGMtuHiS4Ns;$MV`iuWrc3DxatMtUK$>&f}%setP_UkJ~e`Dc5&pk;Hd
ziKEJEx(zrB&vat@;CiKaV5223k997SQt$BSUPzr8ePfi%%n}B4kBSukO{YVfCe2yY
zDIbJOidS-_leKjb@)F{i9^FOO|1GW(5vx-=b?q?XVRK+_*ssf^+<dQAMpPMUFE3AF
zIJ()~pI6;NJ(D2QEI&ibX;m=S#C_QT)iwabQ5i(oF<tp5Yq1R+l2lOC6K;fW$us{D
z3q7WdwkVv`ak#FJ|8-FrN%@1tO>!oA=HLp}BSR3i$*t;qAGY7L384LjDB*&A3;lSz
zUvRpP7<@J<pAZx>*+rZ*_em(pVIK(6E77tiC1@K^r@Fj;8QrUAt=0e^oO@FP0Fs)%
zTwgl>Ryg6I>M^uk?+u-y9mVFXus-nRO+~Tea|I0;(DD87sJFmloEgeTVseu|n}%uU
z!49T2cd0Hxzq+#xf{Xn?kFvv-D0BJl{ZiU>!%0Qz9P-8-wl;ZJ-yp7*oRGE5^9go)
zPy-GuFo5AxG1RS^twM#MROeR$as16DgwhMuR%^N5t67>K^bn{JNH(RXmT#)l9x!Z3
zP=sw<iPPKthI=&BfBEwf-uqVs@_J*JXPJ2;9YjJ+Po<n)S}JATY#IEre~!;RFa@D!
z`^+oc)2sl=YGy5Oze#O!XDf!IZ}8pb=iw1F2rkbj2z#cjyjo5Lmf_@iJ#%XWWi$<u
z9YQf?YU28OSV0GSe_E%Zs;6|CJFD2M_TtQ5Nl^P>YFKg;`2r9}YI^!oc{87*MVjaL
zdPy{JveX2E9l}V3M5=po#9ZEAL{=3bYf_Y?X_`gP_K;;UQ;!TnGy_zg0h{4Qq@}zl
zsKV0MGcd1ZbxlVfHC=A-9aY-n(|+-W-sEd3Q#AkgBcjCQU{`JL<+VdHx6=`hnpdb=
z=C-(*i~JdCXTN)fVm@rJp**dmgc%;d<x&tR>b$9KWe+{H2k4wv`AI(j5@?5CJ5}y_
z*@bG*Q3s(wPv_3ihkaxZDQOqxouxy~D#6!pn8_WR4IF6Kp=x|%wxg(+jUfK-2+*&M
zYT@$j=QAfC-2JMi)+lC@I7(o8y@k&=`Xsmr-sl+09!awDS<GGHHpg8Tmn%Fh{4L7K
zn6d3i;D>oQ0oYLsp>=<z=73AQ%8f1BQ8~6jvFymR_2cB`ppRbN-KU}MgpuP$;vwob
z^rKG6C+mvQs`seW>Q58IsObQlX`rl@qyY)Zf)J8(yHq8LU4)UNpIm57&kMpYyK{pE
zL*@^^ouiL5#FbpZ--Dj(cM`@?^t^qWaAXjC%84muaJZT3O6g<yTYi);oZeh%rp{>x
zbBJvv!Wb4eEYcW(1YJ4yp?%41_&8x6fnoK}?ZsiHp$kh*09UNjmw66zLTCzq#Ok06
zZvlQ~dcE1S)b(yA*dW(fy3seqDOa82SzMn{+X(#Jyv)*RXe|6Nl6T2F|CD`xvvRme
zjbJyg;AkinPi@>)<C2n(`UB^zg<|4Suv`{0+52)97bz#++<`H_#M6G`xA5v_n2CN=
zMy$j9nC7P7F-e~OX2P0&gg!}`xalw)fY~72tIS~r`~k=ODwlkP)A3Cy<f{tCk*t-B
z%!l;2<m5!GA;b{7f^p3gFdp(eB>D3$7pKZcW5ey$@?&fBmrXG_bMqUGPn`pkAPI94
z5U6}D-PMH%F-h0)Ovr1;W5t^lPmudRyxvnx^N&EJ7)ZoWxAX3iD1&T{h$hfL<o?8n
z-FSQIUet+z%CNAUlf-*)cnmvdfbTteL?~$I(ToP?+)0W^_L`JgR78^&W&&$5{C<!K
zLFyamcytrqr(@u>WW`=SE1g_K>1qq<pppi{@wc#?v;6(E;X0`8ll8RRks}Hw`B(W>
z!KDU0{gw&&S&WlkT@NqiYtzn9_p+aq_ZL(7!*k^MGNKA=e1i^B=w&_1Ve1L`8x$>{
z`9^z#I>8k-QBN&jsWty{??^qGgm@uR8H(Qr@<hYbb_lJVI>BmlALwrEbn+(zBHTFS
zG2D_%P{AiWWq1lgfw1-JUGeX0+uUBU>r*3W#44_AU!zBRzq2;Y%b*!Uglet|9`QE%
zdp^*m0y!ilxW!-S#8I`rO>23kQ<TVZ5cw}{ML`;j_UP;$LJnCJBc(fie;W(UuO&?k
z38SD|%igGn?m3wkubu07>`F0^9Xq9H?gnI$wfdyTR*1ZLmB2`)4{7_p_lj6Zl~fp|
zwMi-6#O8qbz32I@6H;6!o~(xIleJn#5jMF}P+{MuonmKhOYb1MuXd|o&-<DK6?K|%
zC|Roa5Y9paCp_sWu!OLuR3#Dc#JoIh%f5_c8y+R49d?@x5%TZQ^F+}sjBOI<-%j2u
z4hR~qkJT$DKGNa#+>dYk-KsS;msBim0=ag>se+RGC6&aCa&wy@a_Zj&W-CH1h*&ZU
z>ChJHQ<ncDjN><?2qDuda^!+;0VCf6&Mk-WLP(}6l=Sk+IQR{MA819r2k*yL`zGJ#
zJa#z?cD)rq2?{{m_^O{2-p3F}PTL+Ed(yyWlZX#s<}cw>VoGg-LYG4Fp-qRr413R9
z@580~e!@jK9gXl&8S%)>Z_Eh}G%5tXykTQgB#ILf0WH2)<#o2mb)y-8*I3%NhbIoX
zGl)7VN8gt1QjWb|ypBf0$7rSmfw+Ks-ZG8pR8%PJ23kroU)JD5zkSYs*FSO@OdguV
zMu4)>iRKJqhBKZuyf)Xf>n}i|WuGXl$y|4_Xh7_|9-{}QR7?f+Ir6#%A4~pcaXi;l
z19*#~7^tIv0VFPHRt9IxV8UZSW27ju+}yWsEe(4-9XiyQ5T~}5mhrw=3Au_kfqpI#
z#}0}pUBoOI4`U%l*|QB^!%ae}9~ZMU{E9H>!!7*U01XgkR)R3Fz*NV9zv9$xv6a==
zy6Z4+EwavD6~$8B!;}#~<804bxC;_7@x8=CVTBkU88Lm1>aZ@PT_zb80=uPtM#zH~
z{s^NJ^_Nzk{`pF8u@hvGbq=h{iS{6<tq5Q@+?}S(KL#nCj?J2m&4!w-oXCNO3B$ET
z!Ak>Jh?poo>Z*`#upXd60I-r%mLqfvszeDV9qe7g(%M27zrvCx3Bu>%-^;#_GJ8L5
zyYF2cJWA&Lb&sG!(F^;$BG|sH*mFI!3@8dg{eKB%I<$Uq0C1v*mB61kvvY0G;?GLj
zAVjfa${Usnk)k}&_o4B8PSR`B+f6|+f8nxh5Dz;lZ$d)0D6d_PhpOz8;yvg_H^JLw
z`S$t?WYo4UAM6`p1c0mM=nwz1ye&o9MgM~Jd`J7#Z1E3A+5a+@^#5{5-k;HgyZCgt
za2V%@tJHwU`<8vgcA{V36gyEp_J{A}Ycy;vC4Zy!uO^5-A%?9T%IypFl9dg<vs#Iq
zikk_r)TV=6@mh<|WhZl^iq<Iy{K|}TFNgUKAOAPN(iR)Uy;yspiy*B8in3*^x;Kmp
zZbc?+8>wD(^BrEk@;8sS=ozoU$2R+wd1V*$zCL|7D)=Dp2kE8O{=*zPen2!=mLr@e
zjJDqv-cD}SXZ=_0E{Wd0k6<rb&VC#-?jD$||KrrVyyvGQZ7(0gTQ4ZSCB5yMl>d>M
zV#|H~KivKWuUi)QpTR;lXCrM*nwdVuau|K%%gL<zXD0nYC4eBmVm7vBj(kP;I$byu
z3Jrde|Lm?4=7uddJ|#3KKZ(+tvOYUKY%8N<+hG1Qa{kdU(;ZW|X%jtjwu_R`QM$xe
zM@9dr>3zPHi1LCNdi6uL?#4jq6pkQ%YvSGL$6-Ip<86KwQL&f#_kNOn?o-ykdfU+}
zugI-ybmf5LNl~C;z7q9f5IEeg&9EeT3+05SZZAB`@=lhfuVC7X%Q*u4fhgSa7I6Jf
z+_V9I{YLI;UjE~eZ;{a8C>Kq=0c5}0Sc#)%=)<U1AN~%P)lF^i2g$l+5hHUq>`o<K
zqDEPTW7Bt8oLc8z1lT>wDZ8{M`cAQY_=B1c8o~~bwhpzq@fY^FeiUH+k!^ZS%P$<s
z<ca;x3j7P>B|+%X7b&pQh-IyqcUgO26LsOJyH1nfctKf%*SAr2q7OD$j5h}#Ig{H5
zGaOsQzofD3yNBy*s$HELtbFadnmPz$vSu+_96}B5QgP{cn|_a(Y@Yu4x@S|aZ!K2w
zv^lwYO{{-cW!IR<1gKzq;S4R7=F>`l^z4=ji#ZI#cT`3*|3%^4)%iw1OSkfYmO9t~
z7Vu=(6;2=};+Z+mEf<EKz}{W{T(~jU(>>g_DWhAG7ZqhJo_M~-65D3wpyL?fe3||D
zQhQ>5_vnQjOp#@-o{ffe<s)4{+o<eB;~<jezs)D#cUrqs_iNdQzP2ukxYQMfA$-qf
zNl6W6W@DhO%il@LwVAmJjvUhM>u!FaR-d0xB<cfdwNsVnp6>Kr=R+=E4kKpIrZor9
zC*N1medckqOXqy(k<mwfwB|yc5&(HtRi~gSsa63IEmjJs(%MgYV5`b&c~{s(G0@ia
z#Z84rn)%Gy0T&t#8QRyo4#QHj<s2{Pz{acM16Z;>sq=;rX+a#kCNbJ6xU4^3TdM7R
zu7gR}_!fIFI;45>ak*}MT+DTf7KArDmN@%J+jJ_UVJ9NzIr~J%YZb72WqM_a42Klg
z=;M@^6OaE3CMT-jTZ!_}6{U4K`*~)`9zt4x(Ji@O1$(QWPL6%7a#D6t5X-0O8)DHl
z>uh_uDtBK=zo{KShk)h6t*F5p#MI?$XLz51^%zCTwima;NB#jUZt1SLv$Aw9(SLS(
z&6?J?g{S0nW%bC1(|;_=L=vrPY@+1z)*a4m)E~9z#xgMsr6}yArG4L8GbQn=U}w?5
z&a&B2bdvV&?xg!`@@%h`{T8f22rD?2`1zEqW!ty1HNy*?H&YQ|x;OQ?Q9N&qT4lq_
zi_LS&RG3}E6d)C4ORJ6PKNeq}wL492_2$JNui-w_Ry18n-qY}q#?72PORJMIbiJC%
zh+6>zRdj8iZ({9hC*I96<HS#Q9)LOL=hgsE9hqi+I!ou3PS&;QieS2<lN!A{zT{2G
z$j>xJKao4ej3sUq+%!6j8%WhR?DDVf-Fc!uzy98_<{Icas31>8dtrWiLDD(eZzy<4
z^OR@lxR$*8p*iFD(V+k<kIm6%vUwc4`n{EurW@evW_{Ud%RALR>{z;VQ8Vac27m8q
zMPKP3b-%D={BLsL9c(UzQ9Nt`oU-`SXZ`&;oBW3gh^KvTo@K+f^7j09L2P(($XD)-
zdh+^#@u2@v-j23hgz~u`WnjBS_R{|#!oO>l@0vmrxjp&0$dYgm_;0fO&p_}Gs$Bn0
zrD}YOnLAo(><yq;B~EZ@`M_WDAHUyT>+XNhG!KL#y~YJo!D;h!%ROlut>aP$DO*IE
zfo1jJ**{3zEf7cRA94Dk*1pzViL?9BJ%3U#{PW{~7M1`1w;1~W4Gij!_Wkbh7ZSF!
zvlIW;Ep}~fEj2xTeu!5gqv^Xm%oE!(uKzs>9n4&6W&cP+Xsh71vc#if?2V0|@Ghw8
z>rY{)v?ri_y}j!<L?fpc4GqLM7;`urT@gN+@BH_p+LdP9w>1ZmX!AU<h`-@}uA9*@
zK=8-?1#FYQudpqgq$BH+e-SN(RwuR``s?5O6}Ex@s;15Vvzq?Tu!Gu!j!GsN{_XcY
zG6(Yv(al6q`eRK0!(v$5*>De+AAPZ<sLf@ktBPp&DlnT=hu+1@4_yv#YbzeZs9Vp5
zJNcKRVFm;K<nDCX4-lOQMe_1HAYAU4vT{#fvH{myJGoJSdLhF}3LSj+fExt`s*eo?
z%N%@qXO!K8AH1Q!WDVLwE|#@;_}}t>mEKh6u>_e5c<w)a((%_;8kenk?;Bz56S#3?
zRKg`dum^wW*%ooK;u@b#QWl}SMbq>7c^>Qw<ZpI!%dl|pw^1$~XTl^bq+WTTtasLL
z(z+3ePwJK_OISkS2=tG8zg)K|DTW0Xlt-?fOFXP&9)v(35^4mkZ?rwe<Ty<tj3r=b
zwA!Bwt=8rQO}tCn6W#hc&Deh9#O43$mlzjbe<hQ|Da<P>K5zuh>xL?dq~ZE=b6)R!
z;s_yl*62yk2vF$jVng!3%?FQSR+j1t+tUR`;mRgmQG~<I<42t#OO%^V;j8CTfaWF?
zP*Ei|+2tRJw58lzL<PW1Zu+T!$?cFh*N7ZSy8krtd_J@&e~;3ar2BP+6`Pya=F%My
z^v$-Z6NsOYR!$vvn(1)0u~C@G7^eC~;FZ4zjHuSuQ~hFyeqo%WFN!EHwg0y@qst<&
zTvd8$TTsF7?Qh<s-tgo@g0k9{C~w63>N;l+aviHK^b9+{_Fwc0f54Zoz9kZw=&Fk{
z9KM?K1<I0L(?9%1TUa~VSH>^!K4TuVT?=X-yg>_op!MEHcw`T<uGnEyT>E7=q>AL^
z7-VD%6~>C&#T`|u7eEssU2x}V&c&?YnRl7)O+iNXtzFyjMtidxrfTvrg4`E1X0wO7
zc<6s<<hB&O`ETQjlmQj;+1-E5v7=ZtXiffaP?1fp%WwZeGH0XmzYH)syVqdj)_2VN
z-v_IRZxET5lT(?k>Bl|!<KHdI#y-W5gu2)5?9xSK2*sP5(LgVfyOHz6JKJ2{u+Vou
z{c>sB7MnaMruVPf{dr@!t!Twy@NC<b*U`uyd8BO<W(@x+^*hncKR^C&OW9{Xde0;)
zD+^Y!MvP{dCCX}>gJ7KE`~w~SLxCD9Dt#vOm_HYkAZVj1dgC@w(J_j8;^av!>a`n*
z+rm{I*;|S781ZUcpg$5z?+a-D89{`yUHD7{eDqA$;X)DT1|+MvvzwG&sX{nAf`s0X
zbEvlj)@<Aa1sd4ImjEgp^`wD#G_+lW=qx1!VO*q~?>@+<JR$6@JZF)U>|fQ>&(BI4
z*5<O8aqFYPvo^eUx#A^hxE)*Gp%Z^F;#oF^o2)El`_%;hlsh@;EF#7+ITnY9IfD3e
z>7eqE*$<o6d7A(`@392-A`yok?$FzRzQVRLeQ0>t<?d3Pl<P`}z6XBhAVtx|$hTL;
ztHM0-cfZ0znDzUCPyujvol+rEOGHZ)@Z*i#uV{2aGkoW|)A0WfZ|@z~RQC1%+8sq?
z)ImlOn9)%b1XP;Th$yHuk)~7?>5wSBB~h`0fJpDsJCPa)goubp2|WY|Aqo;8AqgfV
zAqh$D(fQ6izvsSQ&wbrLo_qN($%}LL*=O&y*Is*l-mBgtE_7wGV6JeB+=!47DTE-)
zS=O>_oVIwZ-hn>mcWZmCe@#&qWzJ}bl6nU-yzl98B~?}Xt5+YlX5MARe6els*)rXJ
zUGFhFfgev7hg|y7S7~ip6G?jOrjUBO?JR3<ZmF?`1XiRU+yAfk@w$<?zrEf_PS&=b
zRoJk@_Zwu;wnkb!{?@E^l<g3Tvq*&2R*SbEE2wtV<$M5nf6I5QY-t>?@!I+1@=#px
zOa(2Z@B4P8gj*c}1TF1E57y(*Cw)kewWKd^`%#>4r8>$4FAH%UU;3>H0<GSCt&l|v
zUGe*OG_JH04+1ov6Sy%8ZP)678D3=c`}r)!BAyZ0Iw<r(x#?av%aoBEmVWxuL|<}(
zm}vM`Q9jC<IH#({q3&vk@aU619;tDsHc<N$LOakfeEmS=m%5S2cBiR@(0`SH?*|Dg
zomJN_l)cLy^uE#WU-Ha%K_)XeuXzD%-Os^XrxtB|uotCAE)R((rl%FFx+F`iH~*=Z
z)oUgw%JNO2yl?3@YhT#+*xK59!4>9Y1`v^t1~^vm=I8OUnW}6B?VG;S``Ywf|0%__
zY18X=pjUTq(J2vHPSj~l27Q}C-LbWjd(dUWU&WXOJ5iSwISX)hoh$zfhOdfDqa1Mo
zwZp6*2@ETMIlr)w*{JMNc{F`cowr?Sb*pJ;tOxZzI|Cs4jO`IFKT0p$dNbSJmkHJO
zyZeq<&U~tLh9EJ$@8j?_iI~uZink}7<^SzqJ+&GQqmRI%`S<h;v@~Gb;;L`iP{hTa
z!tdtWrGA;I_iQfJ7jz_afHPDLzy1NjPZz3r4kQh>nX^H%wQ-QB{)N2n0!5A06%@TG
zxaDx(O^2pf<PxD;lG$-q*_0*v?qtw$Md|eEaj$$RIdE%1=(cOI&hIPUmS6JOIX?WT
zW@v2t^V(4Y3t!$+Y`gPF`0Kruc4nH#j3d2-mR1`D=!-Syo9ieO%>rhV)^FhvIui1u
z5CwtN%+HC^#{7pd^tPI)%dEV|F$wt2s(v*;glppNv5T3ah47clsB5*xY_c}^WtJN(
zGt29Wj+krWEj*B=;V^$dR$$}O`rT3U-1wQ4u;xMfm-v+W1)zlEHk${JEZ1?zBHh2r
zIM&^Lnx-a7B*$+Qfm;P0La*<E>D=xQ+H2!jukyF&_3u`Fds6BvKb<GjQhzQ%YB3i&
zp;JKnx0`P-($bO~00P*WseWz=X5jatxI`9ntDBX<Wdpjwb)VyGcH1rlW!h$==a++s
zVGN2r<|ZC8qm+3qFV;{#%NF5oX_LY_4ug5l^YZ+3`<8ZR4~!um-CUHHrs_fo-1;^2
z%5h=d=<}FqrLK~`hRYK2x~AF|yXPW%DAf{<6$zm0)vSk@rH%RKC6<i15)NHhSn$MD
zw7PwSY~6I5^ywcJ>s#L+4GrD)M!2{9&719!{>+ODeBPr^iv~5K%iT&HUlA0AZMCmv
zo+79sT&MwDs41~FScO<-XCkOg4%&jm-2-Dg(wlifjROHa$_o8tz>be#Wty%Yz3<^s
z4&axbO(?61OeALaHgi#0G7%+A*e}!UEb?h~vjPGL^!?}W$}Bj_|Mu!h3?yHnpohd8
zl+x!V_}2zSGKL|#T3q?<-ro>em7QB%f2nZ@%`4S#8s4xu>=kjelZjgX`p2!Oz9s1u
zpo})H7I?qvzj3SgwNuz*i1sA21LE)kn0Tg#uk~AJ-}N>lvyh-{#~TkiI)tld+2VyW
z*aSzl(2i^U=^j43jj2d&qt=^RYBy`I?Tw9fz~mwvJDhLzAN1x_*Z0%@K^X#GG!ih>
zl~<Eb=&rusN~AV6HomaFiVdOL$xt4rNrt?;8X)2apt+nVzPClou91agD;a5NA6%s!
ztakC^0V~`1!<sYHe2#1dh7BnVPFJ$3O~Ythhl>`&Qo+xKgH@A1hkNwmf1HHB7ot%!
zH5?GT4SBzLXUit5Uzes_g8Fw1%!bcPa&_<b9#3DYLUdH7g-(t*Xx%(W_`k1Y{q9>4
zt>nYn`}-0u#X=ih?S^7#&QY``(L|TOYe-|)1O$2DzrU125gswRfMR!S{rf!emulj2
zakAy8or6mW0F`<wzwh_*+R&807tEypXsa*ard2wX`*$P&jKCTF&J&@TQ0IKfgK_}M
zXIG3#Tbo>O<K|887)Sph4B6HI7JmyM)_yNI{`X)2p0q#gzp#Is^!}G)u>bSkv1kSe
zX8Kf!0i@H%Iq3esn^PXSE5@P84?j_Ak-dI<@1}?6R|G}S{6<Flf5vX5rK8W|CEEuN
z>a_eP-_i(3fzGB)f4q@&##K33Y5I<@{zFz;seJN(?tD?Hg53Xf8gQixA^&y>5dQw}
zK*RsvI^ci#Mn9w79{zuCNq_hzfJi$(?mZw4H^;18{=ub^1Gb^MEAP7gDG&rKmA*gp
z=3jgPk@YnztHmzSw)*<|l+4WKG7d~IE&5o$$U=osZ80$DpwE9^z@{6v9{^CsK8J0!
z@6>d@y*37PBRwte|8?oFSO9Mj2toiqBkDF+1H3WNzmc;W!10ANY2m-7H6`uLKSL9^
zyzPIdWc}l%0l)k|`OT9%A3G?oO;29ULUvlwSvR8LAh+7ak*YOx{)|BfPACN{P45ur
zyB-!+(8V)D|IkD?MWLa8gyU?}C6~(fvNyhUfV)f<_-ZycsGdqfivw~r#edy2rJ_$R
zz{a325hN-<mZ(2!WhbrYyW|q^*{ujUyMZ(m2A41s^e*?vQ5FyzcPd1}&ckw%{HuKt
z?$xER)rwQB3VX5w!Ul$NVV$rTp35qu7NbflC0QCibNT@~wWSBGG(u33fzFvo!+PrW
zkf;b&V1Qhc#R1o`$uRAub(@4S4lfy~@sT*AW$2Q*$TWXhY*(Au9(r1Y3Gq~*b-*h_
zp7RBBe2+>|0AXKaRMb28J^>qE(&yB1lXUPm?=Bz=3c0M*1R^1BBwB-(S`yf6Hrde(
z^%6{j9j1a8Gg=0jfDEp`+#7VPxMQ@HHL*;OpoZK?E(+<x_op5_omknGh8;yV58RnO
zaYXM8wHq?PZ%zoQ%$&WDn=o4_wHSa;Dw7AJz{y&|aWZcq`CZgtz(3>Vx^!jqH@m@&
zt63VL9&ArX-G`z0lq!$xEbsRZH&bSBIC5t77uI>Lrp~vSYBnwn^dljG9y|6d6|a>r
zd}p7bbb0H+HCQHfX1yp-w)y4Z2TgPF6^@}T7}v63m26JdT+{o8ixO$qR8Ug^!448C
zV~;;Rtr~FLE&y{DFrlP?+rA0oz0F+^BrQ2oZhWZ2_1@v8yN{4=={W^^7m?RdJVZB7
z?%SN}X4wH*KaO^WV5$u}0<uo*Li(kNKX<IeccTz4-(DySu3!|3-EwM2J3aZARb0+O
zQ#&BJwE`^&?zF(UQ(<?=^e!f4-Ox&Gt)dyb>mu|X2Ui0r4JpG9zmq2M{|Wv8+nsXX
z7zbt7v2o3w<;Mpw<87X^!Z)R&$5)npAC#uMaX-$d<Ozy^;I|oU?x}mA*1|Q?;K*d1
zJ66NgFSQEN(f7R%GP~4=`0QA<BQuG;=soZGl$E7ry|rQX(-V>;&eq~E*>_5#A^xfx
z<r{2k@U3>Tecjrzc4)OAIanJ>6OF9Ur*%Tzuo_-9DT4TpMjALW6Q%IoEm<)nmXN;B
z`JGu-LwSOBqU`zVYar{z6Pj!Jl45lP23L)1!nHObKQ_2bk;C^yQEf^Lyi1YIW~$zH
zPVsxy>^V}SrpioQxsOHf#CPL@(!AHTp`z(Wp*6CRMF?}bo@mFF#een%Kww#V2f}`-
zNvGBK0ZdLMgA<<+CwIv9>at2()Ul+E3b!a5Cv<X1j{j}1r}j|71&h$LljCb|R?Dj@
z+<Q>_+@nlTpe?5}K9IgHY>8Od@%5-iK-IzQ#U)LbQp>Cc0(WsK?fKOzQ5gd?gnM`X
zkz&QO6QVwah=o!coOtPvC3a1HNQN%ba1!@@G?s=!_!z^{59QG8ic!PLiV)F19vcwt
zhg1QlZZ<At`3R(SK$~0{<YMC1R}1ll^?@CHlh$R^v|WKXgQG63W-{vl8kn?G(;m_K
z1RDI-oG8XkKeHG(cnoKk+a(RF{t|2FSQU(`SX@{HGn;)({UiL*obQn#xB}9qkl6Ta
z+iaBXIRku@{#y@BvU2!JegsWE|0Wo2vZ|mKp4rZJeh&$&Pux3hPh?uRzfacwK#83a
zxr=6&Di-*k+x1bdDi$uOMW=LcnpPF)Dzw_!z^V&OOd~G4M<gEG$oH(d`|aNlhyYay
z^?wT;Abuw;5fPRX+dU06M~bKu?Ns?BZ5(XTHfNt>2!U%;_RLSS2kw6x+)pns<>LZK
zCd;j@XA}3VX`qYSWFx*Az|<U6P%h*x&KByjPvnhTu92JEV*;4Sv-Uw+$l>j6dXopz
zCG$dV#C$pX(x@%qSLJZ$+vvT%LF?xbAS%up6?m*edB6)p?Mnj%6=@@u&c@iyDN;za
zX{F!<=)JcdX+rWzB9gyTT=$5VwO-{pyL6h1cIdv5J6(IPNO#m$Z?`g8Q2W^QKxCr)
zhKcXpK5>SkAmr9Rw&yk}#ol)vQFPD4<J6D9B4D_udrj;s7X>AuNaC1j)L=(5=;ex<
z;Ge_8_p{}`0L1d2|KHU1HY>)#B4p|z)P4Nl-rH0uf9(HVOy>#!GWmg>{69Po_K)v?
z1eeATsy%4?itLZ5L(E>?&;OoDJhV*)&T<<(Ef&b+{qH{*cI~MB;p%kl)f*W4w_z10
zeqxtTsj5x@tI`rVw6DLPmHx+Vg_;&Mwwa@2*8ZHmf^B+plwo5jI}?*<zT@Rz|7-5q
zzBv=_G4<BY$mmfvqu)q!Mc{vXa7VTOrnsN*pr21)Q8n{VSO)lfJ$FCsALsbTN8*2@
zO#aUi>Hmg`{$F-@{%6<n|H~UC{TNW(U4lt^N>W;yeSp9lnfeNf9!f&3w5G2_#JZTm
z8S-m>(Q9VDU(VY~@qho(o3CF8iP3JhBa9DiN7^G<SZz)4%y}pP7ljSdA253rsgx?j
z1i;`~S$s0(5<VZVtpVEz2T0YUL*2DN+DvjVfX!WgW2X8t>gWgqN5uq)<}i=TYy(7k
z<8aAM?`JCt^O3-99tuaKKpSrZ2+bAm-d%S>g4scjgf?Jst!S+b#H)asUdBi<Zmd#>
zVI-WJnC}3vlP^3!68M7fum&79K*Rnx?ZAKOj0x%7F0-z(y5%IJos|IOw-osLn4VEP
zb!sG5T6r8mM;G@wbZ^9|bqsIbdE_nNsh>a()(*rNidp&MY6-RW;f3w~nFb>a0X2H6
z-Xn|T(_-nfVH1R#-umToDUB)A4A|cn{#_dvDM=q<89W#wD3I6uHgtq<4hKaYSy525
z!w<;`sO|0ld8Q;GFC0h`(_I@jCVC~j7pVdyX!lRAPI1HfEAt$BywrihwZlMw5_p=o
zEq^~Cz$n6TXn+c*7yz6OHRYd*lKjQ?GXG1Alzn6*>L+g~A3p1L6#o+M5|&FCp?I6V
zZbs0Wfw*sz8T)2$DT~RRX-735T5E+ShtpdZoxhyEEg;In38j>kFh98YBEam1^?bb%
zX#kQ@I%WSnOk`VwzkM5S?u3I5Nv!ny2(n=8OQk^4QFnvl7^ev;t^-M}Tr)Vh{Lv>W
zPa$;j4&7^J@;?t~4Mdy;`pg%{67GZ4Ohu<9S0F2ktNBn)ro^i40;AAA!bcDp2G??@
zTK)!q7kVljS75wT4z~VP^}em#ilzT-`z;n3%L*!<o4XrA8Lx08+?fJ5blFP*K0nBd
z+o15rRE%RTVGn-;;2FKrjo{c~7>JcRak=mpnfChhh;NtMNTp`6I1w6TPh|sauLIn6
z;b!4s1>lXG--}aRkMJAJ(W$g9dY1nq4QVBR<-i{aAW`@hhlh9I+TtO&sOZtwoqQc!
z5z6qul^;!9w$ck2A4+Ji4{B3yivlZD-Ccb2r773JOYd>Snd43{hsEBM3QENAV(9K|
zK2DxiYXXt3L)~(;dMck)JQ|U0$DfyaldH9m=F*W~7Jx~?dks{D%A5D5dF9RMXS`8S
z7>JA8O_bWVefv`-rK>PB+C$!4I#qdq@YQ590aX0CzX7_h%=u~ob0!eueCO&1eg<Qp
z{R%Hh=rpU3IrEaw!9;u;a{3vh<N(!pYgcxXx79v;_nGvka*m9&5=rc$k9m8gySG+G
zU8?k6KVx9#lgx^rUiWlKk^?Zi?66syMc}`hQL&>X+X*Sz`K88t4Qw@~u7H2J^*-SO
zZ+$+I=+`ztzb)X<`e%mca7A+$e*j}lu#S~U2hoJOg&HQMfuN$KbnUJ<&h~YiMTCg_
zq2I4E)FeQzyq;#B(yYLrT$&$Ti?BtVchfT$D@1=b(tUr=!FJZ59xRGR24q9h2}wUl
zRx|A8*Op2Fi9$sh-EO%c#Mn5|zr)4#1p1iM^eQMhxAZ`yTQT0M|9(it{p398oSeZ%
zjK#(!A4zpP-&)LWsu?cW=j9;(%S7>@k@Dv_WKM9mj~>$aX>uz*a{2B8WU5l`_)f}j
z7ZyG1nR?KdKn_sS{qn0^+8uhA^@4%GX}TkQ8@&6?TIBKV)1qXX;Hic5rRpNz%vaG+
z?y_vw_v!rsy60O3k(Fi1jC6Ij07EJqOITB9I#8RU=;O+M=wgT2_AnRy>xo=&MX;LF
zb~j9|ECb$su>7q^sF%Aor0X?PZ3@<LGR@jxW`>oDp};5E60v=uoWN{a)b5e5dfU|X
z^3OmNM>`+JuK=`Xjpso!h+#kX#n0kYHOEK^pqismi11$Dt?yapV>qAp9=;SWTA0?r
zSg{XjsRb+?e*`hPnkCE~NoeN-Wg%aWGt#<wrsbDOej!~?YwVC|DFWd|v^M=Xx_!+Q
zr~7V>y;YB$nOdjrBgk~WxAEsYv(Bo9LEV1Mj(RYR4`oA6sAR4O5!X`kGyiHkCLyC5
zj0hMDP;B<Yt5$@r9TGLF1~{Af8MZifkpgO(E%pW}<b6sO3-zJ(qgEg9AaiHlwRUEm
zLB?6G+T3a7uO-E?1--CyyLt_^-Zi#d*nWBTj=`7rj+KY%lDnVslu+bbSc+4n4|k?~
zL;@|P+wU&eC`vR``oaBs)_YO~&@vGugekTSq0fBVtQxA!>X_P#)Q4-+mACBNj$7v-
zu)Lioi$X1Atfq1Sv+%7ts-#N^aAgCbeg+RlAHkH8j$$L(K|=lTEnc0v%YqD~s0-_~
z{Pj8iW%$7Nfm^3Na#WA&O2&#6q3LRJVXyM7lLAJyNoGA-_8;QZuivOv_YybH1-*NO
zo{$<zu#;Ge$jk@F+GV&E@8|M2$=$5-9QTZ4Y5V!*<*&*`PkybmvnFtidP%G;ooKZ=
zS3Jua&3itUT8qn?`hLw|N&3~BCD*S^GvDRaC%F*B_Zsrymj;IW@UZ1U*9K1#5@LO+
z;Z;_p+>F)VR5J9@555zYzIv&2hai%V`j<n*h$i0VznYZ;4e@c@*|#J4lc3>M*3nD(
zLp!r;nOk0@k~zprO-g7Oll!%=y(d9?@zybr2gwNp7a5}0QuBkEY^Z=l?e70jk|KDS
z*Rn3fFUx-wR^t%9CplcId>tU?Hb=Jy4cW*simoa=e?|-ue<o38o=M9gwg@4!H-(X_
zAdlIQoF`DXs!LAJV)?g^zqFrqxV12du8aUI^MgHAGn^QOiJ#fCx8V-ftJiXOEY;_}
z*i;klUQI4f-r-!o^Mh&IpW#iWTraO*+ow-)!h&Sm`9MktWAQJ0$MCEjmK)h9%{utX
zk%IFM{ciG=e);Q(N9P<CDhIsmyLp6^vKTwU#_SPWw;L&Ca@#{US!@hd9PR$3u%&J7
zYzJ|(tbXOn#+k9(6={3*^jm@4>6==Jc4p_slTvKT)L%C7hckkEsKIzQ`SF-trJ%L)
zmX6y>n3)?`7*!6<D$Oh;L;OUP{W9C?J(3Th9A@i3^LR1&6Bt*1dbWI9Q+$;E8?4&Q
zgG!jVrI!J#A5HYHsWR2C$tE0kfaput9LSQ9DesvFIA^_YhBXA=!F|ft0)>?sGQ`^S
z^nr;3&^M>^2cnny9nT4Nu`QZ6R0kJ8N@^-|brIi3mF>w(C5aPDB@qkeaaz6<nSE3)
zFY}tB<cmCdwVJS{CWj_h#8psutH%G!5nQ@AU~RrQe>w9-`$zWF@?X%i71^_l4DX2G
zX^vS0luVYZ9m$2a+Tep<G;F+bVt@RL;mE_AB~p=PrfLezYwJ0ZrEtk<Tl6A$H#X)}
zCbOF-#zi5}722**#;p3?O;Bp6v?n%bS=%kjN{m%gZFAM(#&%c@j=bp&`)kJaYVWT>
z@oFReVIRMlx(d2nN8adIRl3cv`?I;Y0}Vw(F~>^>dr)8-SkkRouM|&H74@-|o^j<~
z)?XP)N?xYSJi~Rj!w~^F?^ErNO)&N_Mq_EEFoS(91rw4iIuc@tsRlv%Z0^j^Y|k)Q
zPo_xentx3(JKNVoh5c)Ua>L$KsZwTtw@7G#a&(gw<cW5&PqVyqN4jR`U8tPjIcp@)
zJQ(zn`_QmxfVa{2`boe0BD6n+QKh)}(I-2TtdCQ>V}LUhd)CuiXuE_0!WImC{?zcN
zR(Flt!+$|#>R>Y+NW9NdWD~v_KD)*lLSLetRL2-2PG=S=3Qjl~irVXY&gyfgT{H9l
zPG)^kHb*)ofukk~T)tG^7M5i(6ZJIi56c}^cQ4UWa>4TBhd;-)-@L?QKUwUw1-H(r
zYle?*Q3?0S(8aOjt#3N7A7HOjgRz-HHR5dTV>Wii^83n-)yj6sPktAEE#C!wW=q)#
zc7_GACnHX0JGk<0ciiI;A_Z6^n=xb_IqHsL<>?(TH`ZW2jipKeodc}~@a1J(a)wXn
zx99>9<8^}WqSs>ie5+i@#3{CNxne7{k%a<bZOJcZgG0p_?+^Kd_SP_2Nzq~#B`U2q
zEHU$3f`3h1oAYa1^mp4vOK;#sg7wY#-$p{gDb8)CprpaW<-J|)3s3d5TGc!Vji=6?
zyk0DKg0{f8o>Yan9+8ba1%f}%$KVWhjHaro4o{q0hzb3z>h0nPc=G<$JC9^ep6&}G
z1TBO;!N7}74*B(vX%W+PDl>U4JQy;?zC{RB-TrFSO|Rdz9Wqx!f@3b2=1g8ET3P8g
zo#I;;t;}zYVG}$2aSiYdTOTmrz9GT8a#YW1l}b8M!yC6K@#|>LH;N=Qte`mT#LhtV
zA(gcWow*Bg1xIDJN%XZW6r2kcc!I&@sti+c%+Om)r2dAkR)C<S-H=5tt@ar6bc*N!
z>g~*9&(?Euwo2XjWZlUgHCNP(btToHBA<oL@)yBquo;^vC(^M=K?Kk<2<{4dw|z7y
zD;i9)n6|%7j{^&r*v=jK!0cJik;+Xz0XJRR8X8m!kzxwp$4WX+25AlDv1a+*JSSt?
zWR8sN(iMHcZ|mbizj?agS{q=qtwoj~E+b0^UMhmomnoCHMam3MiMVlvR8LI}LS(E{
z_xg^|ToKN9*5zNPBUOSW^-4OM0=OXZG^VZ1F?gft#JccazCd=(xPAUx8U)GRgP_k?
z$xGx*AOgmxV#waMkf8RN=AfpfeehdtJ&jkqsLTQn!SPvrV4^w%uBq^`-I=?^H1h;c
z;qqzW*O()qfbqWZ<6FVj!q4p3NWbytW;lZY&r5<afPANXn38XGe0!;aP&iB3d5{=!
zH$QP@F-qu9$M)dPf|!#m9F_Z-Wf1LZnh(!r?M@}ldryI?>yJGQ$Ui<~1(!EpNN<q3
z0>oLn=iNzT3ixl6m<eS|8`wPqEj6YiMB8R+dG>5$|1p8$THd~#z))d09;suMSd$Fi
zogqjt!0ew<J38cLGcfUc9b9c0DYG6Bc`s?I%^$l;2=BB|yEHCi2!2_c_<7zolWMrk
z(?)oIR_O5-@z*z3$4m5hzt4Az-R(RTG1Z|xwjG1}ILxMm1Xs{{=7m8+5coIfnc0Z8
znlJJpkP#zH-tQ3#Ykkk@+539BRY(9!{gZr83wP=x4>sS$wmb9VfbpGjpax|0rbXnu
zro~}Bdw1emmi^>$mZHxflH839(%?vDyH6%vC<si}fW)NJOs-l)S|Bn}g-jKsWpJL{
zX6eeYTG`66Mi1CW#>!@gPk!kKoV*G{FPD#tKF0dG2kSUNyr+sIN=>_FV4rRck)QMR
zZ<e(;M@!cU-_pvjKgHM_BvrcQc);Mqj!SAprc-=0Z!1=?x)r^Ock_8au4W+_65@%J
zP3D`Q$k=Jqx}e(Oyr@x8;;86a*(Ne{UYyXmXrK^ni4op1E-BNtZP1dghLA&J%N$Ky
zQ;*<ocs*|FZ{D=YL*nWsBir1l1c~t+cXE@kW<vk7S=+`Ktn#AZPT+R-)G7Ojg=32f
zLr`OeP+$P%mt2)m!wHhhd??B`nl%F(A=v)fmX2>^yw7Kn!l<!S3dlhB8>*OMRyt7a
z#lYu=kt+77!3yKMmvyxoT5A>94^jCy&9;+7PDLbcUT&IT*&X#@l^{LgRTkdor06?a
zoHyF!>i20~VXwt{%^*nN&qfcOR+}m4OiuTiItR&$Zj;=Yl*-)UQ=gCYpSmX*sBl73
zGeW_4+{R{O1Ay3-Vbw+xz*fHCd%Q1Qm+=Xr!$N9<h3seu2Vq(TfAFZ8XgH<jS9&U@
z2@6}YODQulax%;*>{ZC(Om1>2jK(OKKib`lp$6%dNS95O2_qiKs$1pE7Fu*`2CsI$
zR7{=TXSa{KQ|~|}V`r{-;zWQh=NAK;+c9QrcDM3YTS_T7Qd}*LpgM&TXAtZGXeV<s
z|NDe-iv93Kx16vix5A&)ip_#b7Cci=6-Bqv|BQq;=EKES{_(Yvy(^Fi=)tV)IZK}c
zN}k@uWVi5ZRtBJ3F+(#2?T>4w?@;%=bS2TUGcU3&_%(UrzZ^2lW(w}gn$zT=Gdl@V
zw)1&oB}#Ob?WHLX{%WtG(lTiJo5h5j>ci{hdIOO`rrbnd_#K4e(Fyg%Xtf~l<-BB1
zpgXxn;nuEU26qOB-ma9>wJ`a4=OPg1b$G0EJiWn~n4cx<7&et+^!2^P$I!3<S1Uzf
zW34Yv3*y|QKC?RaYIuf>yFtv)D~_!DVb+$s2>Kr7r@Z(E!NNgY$|(gtZ+72lo#QQ_
zjHt^D*a%*9zhR}TY@9T6z(3zS6gtQ5QVyGpdfCcd+r#CiobuEIq~l0wUj`bwMxg|2
z8k8a6yo~mZFELd8^z^iY4e++}YOVD#S(oGagV&2#;_5irOa=3!<G#~I_}@&c@nz_&
zQZFjbko%mfPJ^$E9CsuR6=QkhP}}vK486)W!EKD#J6SuTzI2_}e?rO{_Wg_nEzPI-
zO@;i}v(`IbW6IY1i72$~@K7F}yg>~>?36vP-e21BEA;f-3TY7QwOj+w7OqD&*(0XP
zx7dj9EQ6Nf@uX1#q`d|?6P;(jAy5$tf^0se2_jz_uH!FRB$O+*OmwklYla$%BP9pe
z-h##6&wifoWY+Ja12UKo5R82`xGuwrch*uCa(Q21`+^L^YN$=e>7q#4AVS0Pn~o7e
zj=)xd(eWFDe{vB2`bE^I`d;L7@%ph)y|!~=&&Q%**3!8jW)M3hi^(pB%vUdl4m9fh
zc9YOf%<=M!Sc+uFUfH)eJAOy$)MTyE*~L5;HD-IR9yvlizp9LXd3Gn7nap_iX!)-6
z+F|JjSj=4Wlv;hRb<f!msFrnyUyF4pW*+-9H{$JGzr}4vNvms)m-hU{b*jKV+<f@V
z+cw8y1TIJ0z8oxoQO1W)`~R-*33=+8-E6*`>#w68at&Yavu|_BOjGmzhSTJIVQfpF
zKv*lET=hqF!^Nrr&f$Cf5TK%R9M~vVGNmopsAaI&c39QzvS18dGFR)+9A7HpZaf@|
z#cPE4pme9A)kAcnGfPdjEs*`e1@zAPXRVISC!M3phlt#SRHT$A+QOoJ1FVuFqUDsk
zKmVx2&#f;e_3Ac1OTqXinTXxim<)N>g3~spHSU%ZPhU=urg+qtkog1o8OQu6kl+e>
z-nx~L13(x04IX(k?f|7Z8+>00{Nd8=V96uJE{O)~+Cmz_^BhYefi(dMPf8EvSs7N9
zMW(u0odJ^K`jiz05OU0N!mL76Rxrbq&3}BE|83r?@#Nq}KGMP2?M$j0{g%P`@bYH~
zC-o#Te&ODSH@*Z(j~|$IZTCoGF$^<HwB6t~ka*NB{9cTi%{9LF`>Ey8(#w&|u$Z-(
zMr}3#{}`6mws;{hy3rn?uZ3w3xyXu&^!r5lL;)&aId(+1mhPFVR&fI0k=LGC*(DD6
zW6x7h=dwR5R^p*q&r;WLORWZWjAT<Hx6*)r)qt&`80p5v;}7Y!&E5sM`3n4!-Slm3
zAdpHAct9yoRBO2)@h9Pq-t`wk?m#e0T>`s3rRwR>O!Y3#R?H82+r9>DgFLPfWuOse
z4wBxRTb*a*l!vu8;6~i{`4A0he7YR78|hZ~qx_e|!PCP%3h*PENS-t&AEed<f5X@b
z_P=!Efv%h0MTLyx2b(&G(#rK6VXQ{W=j9_q6soX}Y_Te=yGHdb<svJBkQ02Hj$6I8
zUZn&uwUQd=5Z>QbJB&)huDSLg#-nHLZEjcPp}pdPICOu1N`yFvhN2~6$8Tk8u9B@%
z)1VKtGBy2kdsh(D^g#aU45yOkdnVku&ZPs7<EJyyD&*l27V3-+lQMafHOn>fvKzP$
zH(@bC<@uT5wC~V%unt_@>SBG)+-8TV0$1LKe*Ml&5bBacPK*6e?vzPcMm@F^R`beJ
zZX7<RU-P-9%$@&R)%ZAGN!>x2Z24k(b~P`+j{n`*Q?_i0!O3ChICpoIJ{h`-jITKC
z>R4D{v$KNs=@6ZN-p?~(P+q^=pFn>!ev^aZwSs;1?P4rlOP~AeWf>Iz;O#Mozdf$$
zw6$)X8-o?uYzW%tL+*ux<-%fNL0O<1f8E67L_O{C$9R{Y2ph8Hm^UPP8I<Lq4!L&R
zBGJ6E!r&Q60d#3%Vqyo!;*i6{jM+++IbM<D`ljj=2>FO+7)ikg(1z90F_SrpNeft$
z!s%@EpALsYtX3J@J)>gKq44kBe`q?1UZeITPGPpOZdaB&i=QQdRAfm5BkBrj6VGNQ
zlT_Kk{+JhRT}>Mk`VNntaqT;E(5%%rI<DmC!@;2mVTQSy#yVb7feNG9M@y4O8z;#G
zYf$E*Uob{6F0d2KTc(wAQC7lF19pj{z4XK06aMuR`Ou=g(;Zhq$VE5qpVNV+4!HqC
zy|ef<or5nq>VQwgTOcpD8sV$LFtZe*U(2j>Kvwiu3w{$+|NgyJogts$_|jJ@ct)fo
zEYx)^kPuMvlpIZ%dwkNVd8XE8;Oo#W?M`ZbX%gOC%HojyZ!oDd)E;yPmZxt(_^mgu
zc9#1Q<Mvx>kfCYQ&>)dBa05idTwT)|%MKlueo3K%OcuRhHNDOL)aAax_6zR(p7H$K
zKO)8wSWM<y(2Rx|sdeHosl9{>&t6}YL^@;|U_%Z#gMu`hF}J{J5ke{>%;#e(USP<U
z6Ba~%%89aS?O|me6-5YG+4imcfV|u&t`Q?^XoF`%Hk@^^+IwDaE(_vs)+T+C_DVm2
zdjd6dqL0f_n}sQ6{gB0$-;DX=<o>glVLR<3`<q4FYd?;NiE;Jz)uYpE2YqF$@r^YS
z!8N<L-#A=;^-}JgkPzng<vtfy3Fw1&QJ^tf1Lv`?vo=ROmB>=A_z-&hHa^Zfh{y>r
zR~m`j_o%Eiowr%h=JLe!iw^a;!N$%KJJ;b;g*j8|0W&MEPc;4ai&POA%`G9uBz9`;
zK`*`pWva~Yk6Y3rOCONBrmtM+6Uwu^{d3qj3O+?Zu9Rza%<&eU|1p?mkn`XP>BPw)
z=m1Ck+>A|3AUR<)1fKPl@#ZE8*l9D}w;t0@Ihot0`BI{3GG}e77bl}^-8vb(D)Y`q
z%e&sANQ4B}Onl0<R~BT)Qq58nat&R|LcGhG%aD>5G)v@inr@&lJCfC;O>}#P!7LHB
zQF}<>R*%>?TR^V<;c<TXJP%`sX;63m;=59Oyzji{b0+l&;=puHX##t<?Qam_`Q`A(
z=cH@=#<(1PW3QY$r5LpvXnKEBG*3UCZc{Ci93biof{1?omh16@dPV7U<$z+;p;kvj
zuXZQ+hyOqaYk@D$vklWhhMyVu3+$AFW+Wjp-S0J#G+?87^sYeU<yJa!f>>O8E->AX
zzO5~~om}%y;ez()>O{PY6TM+UaR3(>HJ!yY>cD@x54-N=v!9@#?)gff{Q8Pk04sSJ
zq=(!rE8G5n#JdME3C%khQ1)cEhb3!?+4<+*(dLdVf)AB7?t4?SgwYSLm1Qq4nqGN6
zF>-uS5Qjx!_i7_C&n(ajW7(CNt#Wyxj$QWw_PD3%N9C~_={fgbYt>8@Kc|shCkq#v
z+c5}h+RNkwT2agLmq~~M;*i4N7?AN-Or=MdO*I{^ERb}L@34oj_ZXw*Hryyfh|36t
z7uASKTzcASOJZD<Wjf_)LCo4c?%6CzpDF_k`lE@ay+}&G!3yG6yc;@OncjAhH4t&A
z6&)qxr98i4<SEO-iHPdK%#ve$&f2*{D*>)thpnswmnIfPMQpmr`Bv#uNkD^`l%2dl
z38H#7;{G5cEX0gYXtaH=IChcHU}Gz`({-ut=jR_6^neCW1X;PX*-yE7wehAcU>&C(
z*kk(Jd%{hsAq;7taHZz}`on1!Ug^+?V>~tw3PY*@rBbnMDpR<nQ{)9C7Il74Z1=<l
zDlZ+7d987cA7UF6#`wPF1$VkY+vNIe%6*<uRGcsx;z_rFbLl}|dAxFa4cX!d_d-na
z$&9;WFPZLRJkCsF@Ja=0{hfBxpF>urvFm?&v=c#NCbD~gt~v>iYtE$VpU<B`Bfhyp
z^Jt0Z>)GGH*V9x$U-epDW0y=DHfz>*CJp4#58v!)FVoRF<O`!q1O99Y{96uWFvQ0(
zF^b4Be*iat2<&ibU)L@Y^}u;r@{`wVRCTNg%>hAUoM=WwzeoS`F-vdI2DCS?z?H1u
z_JL#7?)S+JTdN@E?<E;u+mE*TOFw_UQM-^7pi9>}fYa{W(I;C~rlMDK1#_Oa$Ax>>
zTqpu&r@xMNO>fXvzudX@^7nTB5sFc$Fd`xUz~Ff+OdZz<^77O?=H0@va|iOGLR%##
zP<$7ku)$lMnjlfzq#vx^&+0zbv{`N3r0B1&P^}!s#I6N_au!W-T0E)o;}n|mb&FYR
zzlNqpq+ey)RJHiB;Yl?^ncw?_CT>}7DnHU@bVc8;U+*z&KJ&XIhkiKy)+s%LD$<po
z1k>wt-|C+`{@xILX7ZV=%fj~Jz;sK=MJuNh0@HF?8sfTj;^t@vPsD+19V+Fon6UKV
zF_4T8JJjY3D_W8oRm|MI8?Y1Q8#L2O{BQ!j0hI$We1IwHaRFKCTEqOOVLf&|_L;5^
z2hwNXzO<}#yGd>U>2(t<_3fCs4jjFz$C97SFosL#a$)>sU0UPVOmvn|!v2^a3h*ht
z*yC~v#~s{GXUia*{rRF=EUrBwNXP^y!-QZL9J&g{UMj8iAfq+!UF>FW2bMg?<qbF2
zQq}aZT^8vs;IZ`OoC9<C?320Xhq4WYeUDI4ABiZhadkd)5mlL*U$Z<!UK-tuUq)dt
z6(dB)s_%7+6z-5=Wrt}L)o%RRPqXHfg0XOF{syE-oe-HUX3ZO@5MZB!OB}3yUUKEE
zySGn+O>a%Ue=;EAvwxG$#%uLMeLYxl8?<#EJs+W2VkaAB*yMwAR%}|TY%830@Bdwk
zR#``A=*M<T^EC#}EN^j|t)ZTCZpMbu5<g4Xv&hl`7~3M##8B<<{v9>`x`7deB8gF>
z)zWsx!`-9($ltOq=^TA*1QuR+-AppZowevGzdi*a5H3CPjL$A=lr^-QM!4Ecmp~|s
zkT%VWS}LLsPOz9$Vaqq=crt<#M?<)*N56l=gFhPdNy^EKiGS2_mGKFI9DGWh@P=!C
zgpbWcp7wFl5|03$aPyS*VGnfjX)4HND{Z$Dr#yklcDko)@rR=j^ld2PSJQE?!4X5#
zOyn#8sGe0(??JPD=<=bCenB(YZna@VrMku7I+KC*8*Y0m%D7maQ2+u74u~?0&v%Di
z@SZU0($!42AHc1@pb<DSlISZcSS`^VQy0mzA*aI~%Xoy<!QP8p;YFkSz&f7fMB1U&
zUj3_6KEP9~v1;JXYWWi9{?ZgLxD?PX)8YQQ8T(bZqXz7_gI^V_0x^-sVToubJf~v<
zOIq*S*fd{7V9HPq)xjQghK3>T<8P0n=XS#-8=&0AYYjC=+t7D|gj49X>4onU3D@Th
z77^kmG)FFZv02t~8jjT=6Wv#e{A<oF1PEf8>@n1#K5Q>%YgTB)u!5TRAXBBUJpGU=
zg#41P4a6V0LkMH{Tlzew#ydet6Yz#VkDPoLiy2E7zq%=|I<nw7Zrvrf{VU&G@Z8*~
zVEfP$MprEf%R2ytG{m*jqINaFR!38i&8L5_upvf8_~izUUiA$Vo_By7Yg5Yd4zH=+
z@2T(yrD8BY{ND1lS35(n`CiKCp&&j$32E^WHAb=fV<(WbzC5zn{G1D?C#71v=fUDb
zC(qhU`+$|9(`6NQK|xq&SlCBi$~vDDyB_kf)osRQkmp>A7I7YPKMiYHK+7z-&CAfu
zH*@&c^6-d3aLJe@vZywa0svwFENK67;`!x!{o9w{F%yd%&J8lZ)Jrg0+$P#J`c<On
zO<DptAXKR=(cw;$ZpT~)C+VpgwGPKVs{$CRAsI9UhQNUaCDaiT{S(s<RqBmECtN_y
z(I-Jh(1o9s=4}&EpsVSlU5T9%r7&9Zu2v1Z<Y%0bN6KpphnHIp2t({o57*D^DCnWH
z{oI?aul}@W^u$^3ce|%HrMZPIjX-BlHm#)*i<)KiwH|aAdh|6Vo?K&1|8;o8)3#RS
zihTseEOOb4{n2Tv4++;7^f+h)tQi9q;#k&NXVqbU@r&m0m=6AiIE7)Teo`DZ_J^GL
zLYi^~!cZ!aJNK(6RTlG^V{+RgbOf46EMg^I1?&Cv#+0Y;&op8>ge5Sq31Bb$<`yII
zz`-R<{^{X$P{vxOP;-ec2xho&DTeBp#oDNu88fLdO*y4nfL{>ab}Tp|F3oq@O2x5p
z)eSk;q;{}HZKv92wd*jWUteE!cAE>hRAxn=yzGL?sxUT|Y01(m&!*>{xmGl*p$MsY
z<{MVoI{$l9f}sOma@p|?R7=jPu)c1&Do=P**})S3ZpN8=zSLPAsY$MuE0dwUcsMX|
z808Tc7!^PAI8}j~soao~oLxX(Tzjw}$Qc7D<vM-m*i)uKn$+<jgXxMP9gg+Q6Yvj?
zLF)e15})`BJy|rBa7TyB%{_i~u@Wr1`aalef-@~@inDe@K;~>+I!#2MCp2|82bn<x
z_{q@Jx$+HcL39JW_8JRvj=&Yn_bTSwW@`l~$+gt8?saTcN~yi#AAvVI@tsyS8s^Ej
zkHk1^m8%1{flsOqqi8!TSP`ZX{fMRFQTz~IJrvp>+{wgt>lWH=HJG13Ak<ueQ%3Na
zewX6T@iw1q`)wZ1LZeKDwNF_`<wlmyNN&(UqX^iXf!1)NVy3W3XnRK?t2c*M8Rfaw
zB+52}m$FpbPVuKPP3Z}-&ZKG|Ok8(f11G0pamgY;Jq5iEPJP8q6lA!9BN%7NE%1$3
z*M0;Y>BmM@Bt#{T$VU!6@O2NPw{YUytQm_M`0W-Jpus~9rNXcd)D1+!XI!$-a_pr|
zyHq*I#cx&=6I9>hjf^it{H~ZyY{AL7Mm;C&`(1|*&Z+4E4-)diur6;$3@ikJ0`IlQ
zsr>b+s{LHIOVb^ykk)j=TkM2jY_R{s^MS40J1EBINL`(~!p~7psStJKbHc2$|DmXQ
z>BM#CDbFECDP+H(!d*SgD2pwOr0tw3^)HV;qjq}LGAO%Q9HovB8g<Ct@}Zw4&$=TO
zj+9;Jy?H!r;NQQxOi9hGT4-?7=pWz=z`J>!2DORP+HAVAG&dbz)|;X%$9s10nMv&-
zf)@3?I^9liIJ>EPs6J2zU67PSZ4>%dyCU{Vu&Lxb>gIw5wkUpHLv=11P=1y>dR>#9
z=<xR49XbOh4bWVt=Y6a^S*Vkk&++&By$Kd!EkgOyWn~9nGLh#h%&OIrQgdKs_mrng
z=1k%ILDB~+PrejNmd5s7F2jr<K?e3cp5de#&$3qop1LKE*~S4u%WXK}*Qb?u_eUn&
z$<jq<vGd!rqNq<9iC9h6K<ccnr;FZkR7dXU(FOFcV%P(Z4=f#6R6xAZG=U6ad)eg6
z{^{SZSjmVjV}I{)$N8}?xP;HSv6FbGMq!Fhg`yW0icYFI94@iqZM*Uu+hIHqM6x)s
zkVepFp@ws;I$Ia%G1-jaJwbGIBvR!o!o9yu@Yn@E;n&a}`51Kfl$^LA3>&tVU^bj+
z^hMb_(LK@qPN85W4ko&uj)}-f$Am_|69#fXM*|iC2X9m5)v*)4uiMNe9`{gq$Ku`y
zMJ1(~96>eNd+KXIA?ASc?-lo8iWyutprq+}%8`n-7pDBF5vKwWn>ZCZ#Xd^S5tEio
zx!awg$r?jVBli>OX85F#$I#tyQwKmOa9B@kE~-Hbq7mhhp(_&9^uJUqRVfHCft5bG
zX13OL?_T6rG?GGhu+LzfGL9#>maDo9*|8#<QZO97g^BXAP;F4@a@WxP&DHlP5~YFt
zA!uWKNbRD5(*4epE<{W=e|zGu11p7Yq}MZ{a}{p@MIMk^R@@aD0!_r4d7}3S+PkL@
z^_~AvoE^;EqAyzOuf@E&!o886e;i*Mi;OA~84B&t6f5<zp*`q?YoPr?qUl$5*YZ6i
zZ&q(??UNrQ!zU}RgLRO|hO}*n*Z9LuYg`#~(cQ3YYZym^7{VIgO>I~X-=7+9feAM@
zwde;|yShP3?5gaSmDMpP7w?3~-APMaDt#`43+wMd73Gc|jK{^#yN<`pmH8MG2rfJV
z0X*E8piSxCFWC2bWaETG4=rG<@%}3;#>T}|)z&eSxsP_pOCch)AQY)zR`rQk4oI)d
ziE_;b#^b79S-P{Uh1X1iC7W1PP81)sKx496Aqk_D0--cEG-{-tXn?|}ry6t9r>zJZ
z@8gN#5u{ygQlP2pg0dhtgFUuaLwuxwN;>>@R2#cy?-VkdQ`BhWH^5X_W0Agj^Q^42
zc%D;FpZiXj^#>a#wL)8@>Pns~teX$jN=`s3-P7PzWOoap*rCv(dA29p@0;7kxmuVF
zS;Fa4wIH3Lsa*3&#39Ek1w_70BM{zHAlro!qYLa?Cx!F&4Lwcc>oei_NOM#VPgn6S
z6d4sC)yBeFkdF}0pquo<%r5poU%(CdJqC0gmqI<z(2ZyCgvQ>p+N-Z3`x<HL1X&JA
zAtkBVSpjvyCRo6r=vq*|LNKOKMvnI4y?60;#>bjR*mqQ_7m@fhxhcD_Ot5-ch2ZV<
z#G*@(4}C*SsUmbOVlZeXf9$8}YtB9BDL4}tu~fY4Qnf+^;upStFyfuwoe32cw3$np
zS4AB)IolQzBh!59)Gi8}B9W?qnZR)Jadx3~ZJuVv(79=aK5cH^+1Vz4B(XF&)n&hu
z!V%1Uap-vbJdN)|1~o{AS=IGhU`kcSZ;l~;7`tcp`cgAEL`@15Dzm4d68{MlMmV{y
zqa)7dvOhxW2u)nuDDWC{8eD2;P~ub5MzL(upNr;Gs$45EOLszK?@WISc{2rXgCam<
z1GA_k=W{*FO>M?K)kp#aLafbN#*x^TK@7AtW1(^EHJ<UZMG90^l{`th9g9Vrkqg>8
z9rWR}x%2D*ZFWj1p`uNb_d_HX#I3D3G{f8dPEZWGYUbEhg;at;$GL`d&)H<)93{%I
zt;Z$u5$`jnwU>>#MJYoEM6$ON{BxH0?*t8nPoHgDESuUH=5l-~aWc4m;e!vtRBlYT
zkQ#Q}0+e=(zL<{k)8o%j0|v{M@>L?E7G3WnRukjG+*Soxk0?S&*$d?Z&MX*+k8k(6
zU>o(}$7xCP_z<_Y&dvb6p=V66Y8NN@=>0fNzFyZ9^tcCq*>ayz+BX0DCY%Qm$>dW#
z35Jx3i>*d3V`*1a+DxHg_N~qjO?+P;s(UPeRXVF=ds3qve8(;>laarxWk?se?rie;
zeKs*HB&VuBIl8TnkY8a|a*+6#kr{itnTW7KkxcZk*5H1L_D#-X{o`nlT5`+AlI{%G
zZF{16^w5f9|JwaCRj=v=uV*Xrb&q^i`($|)ux-J7z+gb3<KLOG?6Lx@rTpZ);nyVg
z$SoOCIi@{r0ctWme-<6-;KbcY_P{4v?zHiT*+%xct<C8vH_qig4`CzR#*v;pu>rh@
zzcCN3xw&R#APf#9yi~-Vo?IrS(9-WIgnxNN=E7NitraJxc$!k^La<_*Z+D~NVSQB|
zd!_x|yJ0Bikq2vKFHq$5Tt#RwA4^27onNMg(MKoYimK@YGhn>QHsx7*Jin*W%mc&0
zIQzLe;6a8imIfvCI?o9padmuy*``ro_UMx{978@~J<H*ZmYDsJ(mr9*I`RYiPPNUZ
zUBfa)8@mmPeQL%-E}dIY)=^U#ouKht`P1L|{*ymBoW%30MxrO%*elOkq1D86tbEem
z3a?RmP}A#{WvWwoBdZf;Sq(&i;hEr7o2$6=*yYi?n!*(aT=ZUhwzJXzp|p)OFxo9^
zTG=Hz`%BR`Jfb6l$!)J<e*v{sRS1J5q)$?Dpd~A{YDpEyeJqLnSxxBmg^U;;?}*W?
zo#EeI>{go2D~nF=u$~v|T`H>%zez*D3m&uIWJdKAy`3}@vx%qKhPNvnGow6tRN96<
z4<<Pz>w4~bn6MTxXgCp4Uv}P&1m#;9gmSN-dGKCbavv*qIemD8;-$$L^12+o?3Y%W
z7uZU_7AizXx;Ei^1{I#~Km`xS9G=89QDEwJWgE=FzwlM`)+x+}T%R&?RH~iT)J6s-
zIc><vEbX*4pl){l!RncGg95u8dJ=WRdC%mKkr_K*ykUxW4zidb9Z$~BCgH@)Vmkdz
zg`*#7>`R=eT)Y1i#w;Ie8wj44Px}7+z3O&EmR11euv_j*LiNqB-6KDeR;NwB+lA?^
zG{?j^xEzgf!1aQ|fUJI?l&;b6JN`_OL;5sC45@J2%WbF}MI(HDkoPmrhJC%#)JA{$
zk%#*Xd)vhPX6mx4q|+4A-(*?=4FDbb+Jk@(LrC?cS!BAh%0zD*qLxD~@O3Hj0v#@I
z7;DgIT2RycFl2E#YA#PEKTP2lm!wt&zk6*|J57gs_w_f5B_mhJ^Yv!J>A52=S($%I
ze_Lumg6s#h@6vFgv}irkt#p)myl~Q06c(gGeu?K+h^|)qA`)FX=uT^6j6t4#V!UX0
z=!zx|j!jowzmxk@>B0%yhIn{J(AFyHDx^4Im_ec4b*MF@LCSZEd)8Wfe(Hq~*umdr
z;lBX+WR!2oR(pky1F9+#S_Qwt7p@_p*<LXYdU{*@9mu#t5qrp-Kc?|fg+nxN<m8uB
z$;0+xP8@uzTm+llYgOK8?*gbHl1T{{m}v~8PilGZ8|6yjG|6odcwi)GU>Uz2#6PY{
z=A55=$>mcr3Hiv5^*M>3z?(@10BrrR!g!?>9s;OBx`i%*VS@qsg}R2>b%d9%K-&O)
zK*-!nMbsw;#kOM{!M4+cU_n7&-tU_|k#f=R>|Itmoc?K--LD!S>0Y2=KC1V?XeS_g
z13f%Y5Bebm_$Hwi{*(x@nqhHv{wrode0d)7cN<85w}A|_VIkE4$o%gS<vGgb@A?QN
zknUV(<=)jB+>uxrCErg@b%2EdiIG#xHeIXI0eV(X@(OAo3<_4{(%9WMvT_OMPx#<L
z(rh_aW%f>+`h`qI?VlO<YOLGWn)QRof)7W4f&DOe^3HP}V$-%ayxjWA#m*FeUT!Yo
zRG!Oj*Qq3j=DPxi)=*<WXmIR4$NK4`KX!YuDjVcFe<%eoRjhk`wru_SA$RfgS3pod
zeN5Pa84URH$+AT2zPp=%CDi$utLE<7^z)XiZ{#1B7Xpd`KyEM?4aw^fz4|G881kK{
zt^nvd05Zt_9LC9>{qy?jL9%Xu=ArxtnzpvlvB`J2206>L$@}A)r#9HmPIofNC}u}1
z!!g!2m-fqOsQkBEdQMgzqs>xB?Jnoq7Y5(U*M`jM2Q&Y#-rh1Oj&2JZ4FQ4%hd^+5
zcXxMp2?Td{2<{%-Ex5Z4?(XhxgG2B;$$Q>Y=icA<`>ML8W@@^7_g=kat>;;?)I#fd
z*$t)c35v}y_oQjW+30ujv96n<W1yEFzp9RSSgrpVcT+3rR@yo#nJf!cRZ&_zxw1L?
z&mAWLNsTuIlPk*}5*J!469GJyrl*9uKCQ*YLmdb{8?`Z#ASr$T#X7WYvRkk0`N&o3
zwl!wMopt_6*ORP&&j%%Y?>b&80p+fyx?s5s%8$$c5FG^?Ovl_+R{ei-61>}9SZx(h
z0NdY%kwk-jNFyQbM8`8@3U2ug0rP^<@e?838S~n4!eU3UIO8a$FRLTsl6MUmz))EZ
zVLYIv1Ah>K_4o;^xFmD`{@|Y{)<cumj!R8V@e!8it_q}bq#kD_8-Fn|_0{L=cT!h(
z{d3$cRK2}>T#3G%+xjxsGz4fo4i$U{heDWh1k>32xF7QdN?-g9xYp8;g&2XB9{DlW
zF`IU;wNP02fS(InA~gn+@uTaSeaOA_v5(u@KHUQ-v(zTLwuCjo{=3T|(biHCS@6~^
zrOtDAdEFDjg6V{4raHbsi$|}+F#H}Li_O~aa&Ol;_3weHUc2|Fi}FnmXjRaJfk;Bo
zV4&cl5D+SQ(kagOe8!9_E%CZ{x!v3R{`Ne+vMl^$Vo@hg5cfv#J6xUH704nThKwvc
zcd1d9lO`63eJpVG6tF?%bZtpLcvx!z&k4x5u#zpco+Lc{xxdoR=SlaNc-@$nip|*x
zp$%k<p2NEbRA=CxF;natjt0-+(Oj(ffyxh!k}}778gz0~6we{tKQ?Y^dmX_1eK^9v
z=D5yLqlTC|zc%@tU+;1ag9-ZluY#B8RU)ya(nH2ec5HUp<l5X=X935q-llD1r_4$N
z%TF1q$xoLECMf@N|7QY0AlQZQx#4KazRW*eC+v%QU0qvOcL3d^s_{)t_P)t(Ayoa3
zRQ}WYpKk>~;j3^YAqlme*>+^136y#wqJPhjaL#oT1)U)$s2Co5=1=tHzn2;Q=a1M@
zGg149*fAni`*0$R|Nc$$SNh*s^u|?~{K7wC5T*(;365BDi_-kJX@z!BGx7E$sO2bO
z%3+P5mifZ^C?42gHUDiLy5^sA6#LkuUDk0g&<_XbvydEIu28eB+LPVT+hR5u|J#xH
zjto<uNo3C}+s^f1xV#>Oa&~Rh8sBr5msPg9c-Z%6M!e?$$LKQCi!S~52kN@qO64H_
ziD<gs`VrF8Fxu?%-@86_lwjuk`gi`nO~*easnYx^H&O3;Z60<^Ji^lHB=O095-UF<
zIjz~AD^bqc-WyKX-fHNu34ZUd&E5>fwv9yW+}ugbB2274KTf&!@<=yrm0)-vH0P?a
zBYR#5x`fe7t3#JHUAaWiTlun_HR5@Em(>=gTZP<s-nDL7HU>*b;#ksG8*&quZQIL1
z!)?Ge|H<~1uFz414nJhG!&r?esp+cCu0>R6#%oax3r8c^KI`yd!t|}YY5YDd-)5~z
zrss5Hu8;c&$93&m%5;9`Ig-LKOL}7zUd-D_^a)z&_$K1mRHJsW&y-nmL^S!^HK0u7
zRV@wxc>xGh3B}pOAr`(EU#-(|p6eZ*OAa7X^xh%+mR@vH>J%g1V~h^?LWxu|JMOCA
zWBX%?rSe$?b<X2WvNgkKl)9uE(a<sZ-mS#d5tkVKOg1EKr&qD1S!U3!y7QxJGLGOP
zU*=_m92p(5K5#J7T~%N<!Oh7PeC%uk^P<D`>%&VixJQ=l%$#Ha*m4wpkE-6xP{rfN
zm?AAUO<Au;iQVTY+Ad#&j!zH2c@2*F^zV?0aIkmpvP)ct`r^!XvRPvuSc89_bkYp0
z<18CLR0U4*zvDn5;B;;GhFt9@>jyWr_|_%%?$=!&tu46irE()P*puiY<ljET7;bQT
z6YXoLhHLH~f)V=!O}mdfmAZ}jB=h^5eyY7C_6lBn^ZKA{kBs5l$*NVHBAiZbcL>!L
zsO?~1C(<0+P|o%Kax-17$qXuS0sBSYt0p=|*2ov~;W`!h{Z$frSfl_v2mjYMo+RF7
zL{5}CFPtY?$bn8K+*d8m5(~8BzNh2LzQJU<D6m<(er990EiTmLxKM#h)U&i|_}NbK
zLetR;SRU>B50&$bcynr4zk#UPlUlhGpqHK32#lJvSMCsRPfnFp$yR~&_ThSkIlMRk
zzboV~OY_dPQ35teZ6Iz->K=b_T!gaDFfLFwB{jPdL3<va7-EN({CudLFGIUubl>3;
z?Cc@CSyY$l8=q0%SJny2SgHZ=;*7@Uw=vuq9v<%Q@&ljF6P1YxBFD>wQv94*@*R;o
z-A+^*2Opwi(umCB$C;;WVx@}yG^6Z^d`N4I0=oGvUDu70+W1$)uI&Uj(UGbxw}SFY
zGyg$X@3@Xkc3=#_B*qhbHofv&&j-~c1!F9mCEe8@!DNW{`Q2+VCQ(;6z2ujc-W#Au
zg7ssW2#l%>Fa862T={P?7<PD_AKk1LB^$<*f^hmCF-KM&7Ig5>UY)AMd6i4O#vD=I
zUDJ&!p23+9bX`aEN0gE29$I7CIOF%1>@K$iy>6$)o3BTx?T-tScY5IHSxR6Co#VV!
zv%ih|s&8ehS@pP9b)syRm<39jeekNl5+Zh-emd{WAGXxrNiO~TxF1q9hgbUfcm|Vy
z&2VMI&eME_5Et9rG=odk`*aJA=hv!-xusSfQRVq$G}q7Aa$-ni(wS}oc*eZQSw;W>
zJ^tgqF$Fdo?yhTeFH6cDPf>tTm6OYu>-|_0uCC%C%Z_GC!l&LW(PcA^K{iE?PCVn*
z*`DE`abdD8LZrT*CBVy)ai*z32c-i<?2lvmThlGO^syqY5~=Mvl<v)JPaCIRCCn=b
zB+iwPCp!L)x}Lk&JbJvySCa@~WN~iB8_XSNz^$7w_6M=#=2m{;xz{Vys+^5=rn^em
ztI7Qs1;!r_O!;9?tE`&Y*{`c?!yk6bi6vVElC1TUp1Bu&-hGf!7twT^aKcWWJ#nFo
zo-lMa`^MX!u-1r@kENXus-m+4{J5#FdNHQG`KH~K7IR}<d*<I!k57wPWw@D18m+^S
z(TL7<`GVmCEQrSh5R{wt4ofb;XBUQRf_>0#ysxC_^r{B~>S7#m$Yp=O0Gx4oR%Wfr
zOJuOOlqcIdx!XG_4|aZSK^IkAG%U<L%W<P%{a{8Tyy2~;d4OE>{u+wxPH$x6Hl=*)
zDr_-l@OH<!Zk<;qd-JMSbFS-#sQ#?wD>-VN1Fi15>CH|ild^?f+4<&CuGg`0rubQl
zwdccK-J?OGMc+LK`r#zkwi`Y&6vB4Q^Xk?Y;q((0C72Vbwmz)Sb~=Tgui^A|2{D}I
zEa8UH>9lkc_xNajH823|StJN876=62pjb^Px*lbv;DEHP7+*er^@7~^JKNGv{RKl}
z8Q12KI@yRh%$@)hql&NY>&JyV*%tOhG$LkkLe>eN)|L-Rd^C2L!1&iN`4b$YTfZVY
zDLz;%9!@k`XO}%sBY{^j;?p|^vo*7CJ7@GAU|16yUzsZVPy(8qlSb2w44AhPGfU}|
z%buI?RVO7-U&`5UJt>Hi9M4a9U$R+1DI}4&dUAj2O7j3t4HjAe*C>^L^rN$t1~}a|
z7g3Na1EmgfJY>C%4@~f;2dxY5%oktXPSlF${T+#14-j%5`K7VMRln#7R$B$z!OAN7
zDL}h{kQ@8hMf+qzy%9&{Jo+W~{N;+?`6NUaY4#vX0QjKlU9x&lf4SPw#hb6PUcz?l
zlGcMxh$X!*-ZuBHPO$X=)%LWj$3;`nTU>61HE>AVC7-9$z7}|8Y_WP&mN|b-eMzk8
zTbupV>ykknKJ-Mr>sRu+qXVW&mwlk&EtzI2;^q!Eil7q#rSjy}pgU0}iaeXD`fG-l
zn}!WBwSV=rfVq!S`52;foyiTmGhyP(@tWe*uA?iK{b)Lqvrm&J*YIdV#~kOVzIbZ0
zBbP$(;^;i5r>-Ti!^vQnGrK?bkw45qu<1jGtlnNTDHZvZJ6+raT_$@&=gMx-eyYdf
z1h3+QSesBhf}r?Zyn`MaSPI*gYiR~*-@8Q`G0rIODe1#db}h9pn&bQ0rQU+Oj<-*b
zafdd?rW<MMX%es;NtrI`)e`aeE%6<PYP03@_=Bxg=RBm`j@@SV;6ueLSrT7huQ&tQ
zH+-S9D|&}K)`_MEqelH2dDO(B^-3SL)%RJv_hp)KK=g^-y2AWh8P|SMsn4~guWCA>
zf51%#16~Wakv4II9>rafmvphwxb7z}+t$i}oKsqQ!FKpIhe7dk<<#Oz&oU7>buPs1
z`#GyovJI`WDtC!0s44A}O9Rc{Sw|Pqk3<8-OtBt14eOnr)QxhkSUoz6+VjVy=bHrL
z#dCu_)f<WrMC2!YuQ(4;myb3QiD_e<Jcy;TItJNL&YOk2&c2rYzE#EE2c<Yi-h0bb
zz4f9_f+<OEq!{X;JYnpX8#*9^`8UXLA6rSa*SxT_dwK4{yn3e+^83=7ucI1jsq!@u
zNcM<LF4Y{C6H`RBsHOVK9Eb4*b9Ref!5$OS&e+kkW46Eb<`=+0Y;y5!cc~l$|NYmE
zqTMp<m*ZgF&``8!x7oU`V}|E4>#=lJ*tQpkdu~72`LwEcf&JWN(IZ_bacojRbZG28
zbeVWfBg@@GBX9<%ql#s*trOPLH4CD$8IxD_g*TteysZARp~#O;|Bh#!WU>P5{C0#e
z`>+Xt@MGd@lx`BI{r$yei~vE7ZUnMWZG>8KQ{V5^*6khTXZzB9_h#^4cvH@T!th7G
zS;=z^0On4fM8!{c#&_1lzAVz2CmMxZ=Wzp#;>o%{D&^n_Nu;NQBA<4Bit)@d1AKr8
zaN8q4!ky!i;SNXFoqqh37v?{XWG60g^+sFYC&eW)j`=uCBI^cW1^+8S*fp)h$%Dnl
z9g?Z!d7hSsBa?0h#uZ~^O91*h)sj2P!DFp}+w~<Dd2q(hC;+b;c+y<DmIJKNI;AB(
zYJhI~z(2jXA8AHc7W%W5*EC(HletmQChIBn9o5wL4kyYrs+??EWF6aj`@ji$#dH+w
z4gi<y>b-+_CK?nzNk8VgA?dCEDhbLq2pad^D_dVYKE%U^@)ma<)*5%Y%i3v<4xIRk
zuO(cp4L*}xYM=t2ZwS`JXCYcD1slzc03G=6(e{E%C56OF-Ug=zpmC1VQo^yvWu)@_
zUO)`L#767F$7{+EIqM_gQ4*0iJSfXsurVaKB}GogsrO7$e7drC!luxaSjsz|&A>-p
zVZOF$GV$T3IR&HP_y+7e*<Oh)SPM|?m0`W{4xodL9IJ$$H|84Ph0@%KtyCy>V|&BX
z)685iblMt<iN3j!dML?1YFNS!F=<j5q~}pUs+TF-+Gtg|-l3!5fCe7IW#L2go#h9#
zvfO3mSl#&bh<Tq*UMQi{(f6MMO8WLAgY$mq!m|AO^FrE(8GWOx)R*e>S;0a5tzxWI
z`3obg!geCOs&s`=nTR~JF5zJvPnT=%ic1~@-hFq8WoNZh4qdc5lD}_f<)>?nrRx%r
z;;rFNH}JB{9&|QbsdYplXd*m0zgnK31wQS$1jn9{7G-*oNDemD>Fw^N##NIwulGRj
zd?oYkI&GE|Taqf$_?R)h#`ZmFl!=<>C~mkW$qGyVQ{!$a1Zg*uGp(@hAo_z{rQ@&p
zmfe#xw1NbR0NMklM6+&tuBX&Nayoz-x0yTrDb>v3;Q*EuP-9R$F!o8@swGDmN|i1e
zJ%IrH2PM$mZXLW7U|*iIw!nlHfXtoIxP<&@B-+?IxvEhHRh{C;XfhR{T`u{>(oeVc
z$k}@O0A52X@MgW*Ak!k`d#qe!p_-uu-~0Ub%5<qL^McOF*>6dJ2E(E)lU%!&{z-E~
zTaz+66+#I#Ggp^A*r8typ2JsmM*Z~zON$KWBz2d--ml4?8P?qOq~dO9B4~`nG?A)`
z3wfi1ttF0j5Mv<o?~U0DFa~Y&thleC&B@^()J*0uR(;1@F~Yadksn}`c@zGdJldf_
zeNn;*m&k(CcpJK`bPP_(*Y=cU!Fj6^6omJqX2lVL?*?b!n;0doOZoKLr0Jw>_>_f+
zrM+S*q<=dwhpkgjkgKlq<yu<DDQ;C4jF2R~xpaQ<GSOpFJ`<&T1i5-IJ15!6d#hX&
zc{fiLQD&Hpy*_YG{T6zjN#<F#fLKeXaqlo@w$dd}yibdr+C;=kXsp=MvXImfF2zW!
zSj4R8iE+?T%-YjHOqClKdk2qfvsrbNrxN$PS;bN3DKm)44E@JYOylez7FZ_V;sz_;
z<33z<&RVns`-7hDs8-7ZldT9~*M!0OJ3_cu<g-~ZhK7|Xkz}0OiC!~TXu}ZYWTJk1
zO*E`41-4~Jn%_fhCGznN^Xc{Zz4mO8@w=K$oSU6J8;Uj^MiJsEfrGd+lTCG5*gZ5c
z99@izVkK<m?}8NDi)!vJYp6S&+6C(A<$+gS1KMmu+N#WMhF{|f4Y3%k7C{isndYX#
zu3^RW=l1uCEiaJH9Rn3vSY0`%dyke4zw;_0dN8hk0re`SNAPcGDI6n$XjkHMI*||L
z9oJaM>gF62cOTiU^LCY#zUhjSjU_xrYoSdU9@fG{2dZukLtl-wdf4ljv38#_+2=Gb
zJVjenBj9(l*C+ay>e!>8U&m@}8;rB9bu_~G<Q`I^+!&_*&_2H~3W~K(QlIJeo}|F?
z`=%ROf|O-7O%f(l_zti*lS$RP^s_J+OFHZOi8yvwij)d{E0bNtR{7f+)3Mlok9en6
zr@f$Y`S9tN?oRg7W+}y)1B2CoF8ftybnubKQ0tJg@s+oG=lXu~?~aO9j=U_fHh7id
z!(CI4N(^^CmtA93K0P|r3JKDS`<s(T*x8Z*X8ELM9U4XaX7&2=S^st?3D0eeN-KiE
z@9a;y>^+GTs&aP(qaJku8+*~AZ;fH~%wY@x?ge<2laAC#@mHau{Y;S|SYTyBoh1Tp
zJ13`jQ@(TDz>`QzbY4MM2L}NA2J*nCVsGB{2MzYXiI!)`e!<w?U^1GK;+tsgjZcW7
z{UI)zNyk9lO6Tj+O7oTLkvfG>2VPu!__I`%4EdoQ_HFEQ-CC0=6WJ8sl-50u6=ojv
zbnp;7*}_f<gT%AWIUBh9#g#o>LUXdB#6?w{vZ5p&3o)`g<<1T!K5UF~g}7#C3r`9f
zS{pyr?_I2#$X@+S^(S1FRG~{6^=OK^eQbGui#ciHs+=V&&@@tc(VW;HQ!gA{Lim{A
zHTI@c$Y>r^yo>L=!!k2@FqU5UygcT0aabx(R7yK*^PP9)n`?R;|7UddUu4i6hCy@M
zC0YQ`M&X2~^Efuj_N7P+EfPy)56^06On#pVeBQ+};-Z*~*Tt#H`34iK3q^X(8@A0-
zX3*HcdQYDhQJyb?@ZNoDQ)@Kdt188G$cvlPvCSk&^t~mg`}hd&2LriWpLX8M(_-g9
zAPnkQ8hZ#L{s1Te(~oCh+hkwtm>`Xg%WjBSIHGet1#mP&azek993P4`MA;>#1QF`I
zR+h$KE<{9Kf13f!wAPkv+a8w)QyfB=JQ|4|NG6d)s!?<D2a(#8O=sI)(6(izgdtoW
z0wr9Zs?cU<v06ep%yiZJtu6$rmgZF5octg3u@AMz<LUV0`G#5`c+J8I`yB{s*tPNL
zxA^rJvN-N$G0eRA14YnG(9)O4Y5<qT1}5A^EdtCe^NW$ckjSoV=`9B4%{Tn8KUlwJ
zL#&eiKI$Cn7=m7D7=T_&f+SRn{qPJ_#g`!X2h)rFIbC^JzOQPnRktUiNn=_Rq-wI;
z9Op!H>C@*h`PIxF1UBwvd`l--Wuz74s;row2i0XO>`kK8wtGHrI;{_kJ^K#I0Dm-7
z2nQ+#QV_8EG@_-a89}Y3hx{+DxGbxcq|V97xzz4nhf(~}6Z{!_3gGQo2L-|=<GIwj
z9O$(LBaq_P`?PdmfX4q`6*z}KQ`^qvbcCc<r57d7_t@9hN8B_20C?c769Zw4zfo5O
zX)_lWuBH4N+T;CDH{ahLoVA1`T&@rK-?2dU(r0bGu=&KzcJ=x{u;xFvtxd1*qXvB~
zAd^&WU#T}oeY!g>nne++O#orxxuBF^|3cJ%9xZEC;LoYQLUFl~slT^?6BhVvJ-n^z
zOP_K57geo=3;zS&PEei&k_8sPp2Ge6_@Hx7+3XG{GEKrjZI`&OjmOYPhdN`M=|TZ+
zCb*j)HauldP87lljcoe&5FD%RWlYH}M&X^_uXs#3J2A_$PGWF0T?UOf4y<tC>crvk
z2K&^;j`&a}HXteV7*SufOZru!-3=)5&bYA(YtJTP(jm+n`Q~xEvDpo+zGzAl+xnDe
z!|s)A&Z1^GkNR`_;qLx0Tt4a+Clz>Bc<}+8fq!ZO!zk&G@92tMkgMnOjjO{kL8|s-
zoRXuJv-u$7WZ1jLim$;jry0G%*H6x0>1Zj#Rb_PAUZU^%<ZuW7@Dnn7w+}gij;)iz
zab*7VW!sT5Ue`0l;jWOKSIOkt%TB`9gUlQf2=?Ovyq?>Nx4_>zVpB{x6Z|W?_zn=h
z50agPwP89wwT`4+gt`lWn)`76ylJy?wkQVKVPtLxn)-l4NX~4BYOEdH!?QYu#`g@G
zhiiR*!siktzCHRFBXaHe)1~1VW4;I}DBX>YyJI%1;@6fe0@wzMB)JV92qtOgpm3*$
z8`QS;XjJOUrG1J>fw|#^advsiP>%S{khv;oVViBbla!KB!FV!$t(=72j&gq-?&*eO
zrmw#czCn~XTe1(j!0CML^eT+kM=X7oDHsB!wa!0iuO(6|cQY2H{@aVcsJFzuP?I01
zOSPEPduTZXn<6k!pm(3$#V*o1ESLkX&}xz?wT@-PZo}dqgNhHr$`=VWKEZcRFE_m_
zpKyfr5wa^jyNGQ=r{jMKn;E*>gR*mHy(YuZUT>T1Qp;q36tPRy0n$W-5`FZCz%BA`
zOj7FpWl#LPatn7~0-Y!(f+fk{EJ7|hM63M6+Tjr8QV~g`U?wOCS9B7l3n<huUarj-
zZ{#dZuvN^%S8)9hTVwXMmgA|}6*6P9U{JAK{SoDqf?5Yg*rdd$%!@QXlgoFQz@R}q
z)j}nUtRy@3X9?8gs)KrGjd4ytpQHTRswhL<!^r8zk*E30ATQLvlMI^B^i%(zS%x+F
z_WC@o<c!4bjfzZ)Tn{VoJ!C3`=v9TNUikHA&}EHPomHw|oa4N0$d8Z@`}Q)jU_y=}
z@bQ-fNqDgw$bAO}zt`fZCbam&LRB19!Wm|Yl7~&X+_}L;)>0^dS8`<vzmkf|nt5_`
z`omUvnudr&=O?CY;%<dki#ZZa9=sY93u7GJ54%r@auSdu1H&GXr~6<jZRw&zrEFG8
z9Q(ti<JAJ0J>hAKTQvArYqr8`O_&U0LY>s+q+D<a*)Gx+PL}8xsgc1{T>w40ExTe2
zTh8UARFRG&x-7*ZhJnSy15&b$$z_i9>JP)=E{3FJSDACQ&uM#l;r&bIEjCq$U6Oy6
zs(%(AC0&X?YvQn(%f&{Nt<O!m39WA5$dKhk=>+EUn%z&iR#iADL9`UNfHB&_!(u9d
zE8ZH<XIy0p$fxq2fv7Tt4E^w7<)pls{XB)i3(PQ}e4*9hPZWIhpTQMFGo$HLVT{<S
z8Jm1CX6n#u#t`Yl7P^6vB1z)8vRx$9C8RZIu)8RMB%u;J82w~e)1pw0KFID$qBJEv
z&)S0HR;VI&t)yassNLqdlG#PqB*zK3;ztZaG;>IbJ(*fbwV^1>I!l(#+j0hR+8>nn
zJ7r&&&UyFWil0f6zDKC|*fJPu)U;Ms_oq-L@FX6vi#1C>aQ<hD0d-#z?C&IDN&+QV
zL`v3ifPsZI>?=&m8P%{t`{G9xd7=Po*5nC`T=^u2Q3BPQogVg9LBix*9y(VRGg7DF
z=-y1xw`Oo+^At~%WCRIa&sqi(I+~8EE2~2kjjm(}na(_*bz4kesIKuMCD0}iDPV-O
z=%R<A_-)R|wIsVbhipOS<i*EdLB}IPzP)JwrxdZ8PRY;oP+yzTifX$epCFF7ibe%v
zA`Go>aFumeIRDu$K&wAM@Glc5W>;Pc3rdehSvpr0=(^z!1#%kcX#(8QCghPJTNVQc
zK3Y)wJNkV*cd0^=F4EYxARcg;4nt>3{waGQT&71c26fP}U4U#!K^yAcLIFQ1Zyb%)
zU@PMjUl{jTt`MphCISk3F4?a?Y_APn72y4%glFebMZ82J)R!J6SQkGuo{89hg0ng&
zN`jVywtzCk`w-vUf=W2TyZMvghHZKGxTRKSL2M_SQH|zCI{SzNqsBrDZP&-P+w5-h
z1>$3>;E2Z&3cjCIf7oe1Pa+h*tG7#KIY)9hRZQkw%sSm-`5_PmOfK_6HbEWvZEc^@
zF;r9C|CsN8<}{_iUqMvZ89poVycT^f<}oKixjfb%*h<%b=K?YJL2TA5IiP)4qr-!h
z%Q-&lZl%i}8=4n!USbTJ5sLX@2uuW;DVXNQhbAu?)(GdpV;DKv+r_2~h{@^70m_A>
z-!Ilik)dO<yI$-a5w2)(lb|0N7N1SwHFE}&JLjlJ$L`}UEf%@T*YsoBhJwMaX4&LG
z76n->5OH}jQw^y*|9gUD_QhDyPnr6#Jl4zf$7pH3rVnT#QcY9Px@?<yj~Qx*F~&nQ
zTgJ{jlCydTZc3*M`<WVCB@R(UY~C&Qamhy<-$d3FjY%Gx9^>8fUk;ue+92l+xz6?V
z9Oy;(EiT9nATxJ|O3K^#BhVp@+nT}GX!l8sk47xZ+r+l@TD}kg9(n$in8N~xe}%6H
z*FIk;M>MeexeR0Hn7`PlnBii+VxBvCM?#bmW5oWgUUffw&Ya3W<?fWcW{0=VXQ4#s
z(U&KTTosSxrxmBkPQLrg)!?`iS0K_$CKs^Qb=+edMT-}%PR-M;KWx7Pef!k&+Ewtp
zWk@z)7PjsW%RC1!E`8N!jcB+%J<xo<srF4O`<IC@#Olk?1pt!2Yu~pO*Or(2!yq-4
z9Vohf7gR53dKHH7E+COwJrAS-t?bMMgEX|A_M3^>T#)m{Ho=nqKT3_n>p`C{zu(1#
zZJ0QBd2dzpJDTsSJ0c6)YCFgE!1uMQDJ7g13Mlm^a3QF)T=ncWg{4(2Os$qjte2B6
zyLPS`q^l0BH<d~c2>ui#l|fp8D}2*DUs&L)<fpny=+8DO;V`yY13&f1=x9rkv^eqQ
z`8pxe*`O5PG{w<26hZ;QVn%aa(PlPEqIFoxt4_j-d5mr03-7Hko`bIQqeObV_e(||
zoX#VPa|HOx5u<h<N@E7|B%y~SwpiyvEVe#`(G}U@HtwQsU%(=@et*r1xc&fsrp*Fx
zT@RHk0^h&WaWmPlpJ*RKLcH1wOo!Jt3Eai^nvZsukJa0?%C6}zAK2d5+$WMeV6Pdx
z<*DpumOm-3;!E+;cerPKnD?&AXeI&HC`l$DJhhZ`@3veQWp_YK>U?i&mheQ9M&!7f
z7po*Srv9lB-;o{tTwDB{h~B5)wEK&;kxo*rv*n6H+Lia9Rh)8Op3hmEXZRv_|25gf
zU|Ug>%db<$<5QsrCrlJw-(e|O`|XT0hzR(Pra8=ay9tzhGMy;KAAWW9{Co#F4<@uK
zrRX-Od*mzcd%M&@UeZ4sRvI9emY>)R1Q=6j*Fnp_7&6$j0iZmJ?N<3;(V9A2k+tQI
z_Dbv>sP!_wstkVKdgB)fEF0+zLfIQ^(Ql+T*&N}X-n#n4wbn9Ip*PgQG8x!hv6w}#
z5_&DQBc)t9^RxIIWkfbD4VXP9Ra)(S-ge?EoKN;tBuV_5U)<AX$u8bVo>z*a49C4Q
z0(ke=jPR#OrX;!Vh}g>0#AHAE>O?~$beWUDlJ?<KVteqSe^_rkA+GGxT*(S%Ut8ta
zX&JXZy+!E;f?=I$7LiKD%NGc(dVz@MDdha*b5XPDm@E2RL5-I)g?cgQx@7C5Wk9}J
z7W>3aTAna6tai3hlV4($Tn|Xm9t(Vo<|aNgR;6E!5vI_~-BCvaPtcpAPxAE;)Kjn@
z{I14pcfoJk$1~RW96nn3Vpz_E`e2JQyBrqN!!18^B$Ea~zOhG{7_IAYPtou|rMl<N
z5P=m&?aS#pcI&Q(+p~%oxHCpqCYoHcloDT7b7FAtafFKJg!HZ^N4N3#$pjsCajo<;
zvhOY(yQ)>L|L$|1!lH1g&nW{Iy%g_HrPn>>rv7bbJ$x#R9rZdL`L*ewl&hI%6H>5j
ze381~&-Ng%wN&Uo?|x1_>o>LCG(=7}@mucr_pQXHafCmrhGOWb8?&#Y>>Z>r2YKU|
zz_h-Hk)4ln26RWvXL9}l?e|x{`vM9cR-1!w`SaCK9*DZ3pI65{s8mX?7r<SGIjkmh
zHSZyS*sXK#d{*wr38SzIOUl0>D7uf{HT@}H<#wGqDK)P7^A&3cf591UgbFz|-VjD;
zKVDNtQ@fsWZTwm;nh8`%JN<jaN)ew3CJVubl<{ZuDK^wXd&7xpd<}_j$|o%?ZIWiF
ztR}9cJPXb<9^NZMGC>>{pI*^eChGw-DBC-BlGiMki<?D9%Wn41nJd5c`g@yYdV<sw
zB2{XIxeF7W*(;Ms?Jbm}z*1Mm>#6ahrDGGP^k$-54%c!E`uopb2&;&=J-Nk5JwL@n
zhwyo{bv+4x=_mzm#rH4W-V&sy5QM|6Hgwk*<1OyPrl)fxnVW~H`#!I3GI&2Z$z+xy
z?4Z6~hVXBJs=qOMl909Tb}++=r--^QBMAtQWiKX-O$ysd``>C6BIGG>naaxWBx*GM
zLW68!;_X;@9@wVPt&{67rNu9$B3bq#<a75=4doXC`^W+_P5`UGgN%7>WRGGCMvVJ-
zGk3w$FgY3;sSwu45vBpnc{RakIKxLu{8eR*FwD`e+<-@{qq)MQ$2}};ae)Q+V(lDF
zzDSl&uCu`Q)Y`MU**8O(pji4Qn^lW;y0#$u^xHhL6*^ly5Z)QLYJ^qlji+)LiEfvX
zzV)l+@@8Kd5{B)Fh*ic<(tQ8+Q&Qc{p}|1CQNf%5iy6Lh83oWvRC0O?H9~Ql{3JQ;
z9{H#sTj+CLwwiazSw$|6^n!Sp`t>EfL8Hxt5AV3L(tcr9!-Bt+XX&+5{A#p2^Xi<s
ziiPpdI4qfbabUgdPc|V9K9J3*zJO+U{fsL42TkbpgEG&1)-W*$K35OFazcfFC?dJ4
z+~JG91v`GDzH@CaqaX5KYn_BSbMKvyXT^Gmg8TMc*=YJP4;5Nf*MB?n$HT%zS9Pv@
zktrv-@aTg2>08=di@>X6%EPYL8rLn|i@}&s;5E3NNB-{e(*O@aCsK!2$wgWdh7ruK
zoa*$IsR{*J+U}huoGam{c&F_9^oaQtG}El@te}%lP+>YU*`b2R#;3<dNz`~2IsJrl
zMDi<^&h2kwK88qX<=!a0T+V&t@3t+``fu+dOIX3=i)`IF<Vm~R8yg7kJ>~R*(^7RA
zp?9-2ZWSTmfF#-}FJ~mdP6gxgUo*Mxgm_uZxB+x9JHxrr`^kV-bkXLPT~^HdRf4oN
zR@_m1%3FKWqdY~_db16jaoz2y5yc^VEyMEi``o<}QVy4A0;diU@xH0Av?_c&RpSua
zRG>jy1$d$Y0-kMTQW(0~b$nm%JSO~am&3Po@>$>*>0P{xx8>;bVO2=?tt2G2u<61|
zX#!*BPpR^fn9Vy?-rh1VH{4GmYp}%$=hW{LC)QK95x&P0-oA*VU8LZ;>KAt7hlLhO
z3q+8e`0$ah-}Ew?jtQuiBoj630dEGOofWQZheG^}2uUVq7K&`5G)8&8bnO9<3C-|e
zRogxAv{In&80}Bfgvzho#Hb!17!(hMqm6=84~4-|)sNk3ex=@?>{q_DWVvDSDq{3;
zc}K-}eni_eYV!U33ep1!g!B}BZ&9`zcZ@m;9lVhWzY&t^&Os>z>FkP?r$JxD5IT>4
zqt4I!AT(f6bUnYE!rqg#YB!c%ht_OF6n^99ABI}DhkIR_>;OPkxRagYA)l!Gejy&1
z^28vM*Gh+p4AG0<NVy;{dAd4xx`c{tYIHz#cv@{=_seXhoiRroFA=m3_jzrkn`B-L
z81c6*m;c#$3jn+1Ixtl)NJ~5zL#mt0g8-&D(4e2-#Bo#jJR$^*Ch0qc15eMar^0gc
z1KVh)_f-m|6SkjQXG8VOen8{P%gKeCy1qgW*t2u=L-l1YIm2NKXG+};$J6_BRa69E
zp!sRx+5X*|>SYIu$Nm)u0#!qf)yA3iBaFv!I;(A1IJl%&u_hHr(R&qzPE$o*s&DIx
z;M$D~c^TPs13Aws<jz!RgU9d@v6mEp(M{4ayl(d;NPj$fzUg0TX@Z~RMG~;HZi%MT
z#}?W0J5*?NCC7Mgr~jDcFB9mUD{EhQ-M$>+`ry9A8MKbJK=Osi?zvav1*rFP94qQa
zE19?RX#n&=^nl~OXN}`_?@@ZCXfjc~L5g&<(rt!+?L6uf>vXOT5EeBq$<6uYw|%|s
z=0>?YF))jYdbhPYfgt}${NrRH)k{G-AMy+(bs_+U@uP^+cc%a#TGA^V@)=&u1YxQ_
z%hJil3*%FzkIps*t$69=M`{((SSejNIBkFEeGH->u^vx+V#QV*ux%VsW0%;n$pE&_
z&xGGam@M}X84!v4S<@$>gyoVahHBK*R%)eUZ$u#AL8Hw*M4y->pIizVWi$!=RK@5x
za^+Iw+Pn{yGQjR_mW(KN|CUC?PkgsXJXXVAM*Hr_jJ$*L8LL=UJrGMGxn{-sSmJd}
zR;W1O$u5-W^+{ISaa<Lj@*W(6$f?xy(P~kid~>kfH~q^E4o)}TO^uu3yv*2!1IT;m
z4-%ksk!lZRH=EdX3Zk}?L%=~p=@1Wrrx;-X6_!rC>o%1`qBG$|Z0BzC%{aln3@C56
z_B1&gP!8#t;UQ*&c-uPCd%hX=S>t)e;8ubm(<LS@#!$u8;CPI4>4Z_<RSxLf<#G%q
z;}5O={z8DE#!(h!+m7Ggi5XUdn%$kZ@5sQh7#1V`^lJEw*b(bA478;(pJN^VVWGZB
zdbNXj-=Q6hPK~=gq6Bb&9NAd^(g-ajaw^coq3-Sjq2)nQ97QK01aqwI_cI26w8nc?
z@mD43$;m=hS2%l<kv`RzF9Ah%ch_c4GDMfUOBB=S@IqZyd_|6WoT1Ovk^*t|j>cif
z&@mb^j|C51=O_~{OJbU6ZmHIdpK}ECcFt>nD`<G`;VxhYDf(hx5#kx^Phu1?!>~@r
zTXVZKSeKEg5zOO^#i6zNe@???&KC(Fo$9gjeV0v}!;I!6ihN43I5lmsh0Z6zU#X??
z?nD2@<7p@x#MglmDtMg{Zpl#tticy%4aATh^W5D9<>Lnq$~abl%+cf1#lScs5w6KK
z88o7u36{*K@u;`o(2J(g)I!L*%9Yt(r>nQcI&UmlZ1|Qv!CU&(+nr5BJG7TZW9dwY
z7uhUjbO^TIFfpB%X_~};cD}Gf@pV5aPcYka$N_)_5eV7;&I4K(0yOB^*qS@8W1+>V
zuIyKn%#L#{VK~>J@&~(}mr}JO#ce&|5HV=`@s7*v<Tvd%Et{Q1zU_1`*!QS1zTKY2
z9lZxUGrmOQL9;mTOhTu&jg=v;%2Jt2C`F%Z_}d48)l=exkYWZNCx{*YR!sO+#=5-l
z32eEMIBaCLj(#A_a`5|YM)bEPw;`2^RRTX?TJ5|N+MtjINOOX&@5I{001L=U`RMKZ
z&H_1m@iB?Vfq4buyEX->-vnXc)=f>1Dxp8P__v_Ui184%7DWqho`I(`oCx(9#nbJP
z5$kRuHIkJPQMTU&4}>#<G`QWINArUk(-eI~1p=;@5sAWmsyQzCWB{=$#>`WcKB_))
zc|E$Wc<O^aohkP*9E14Z&(2e7stI~54{}+wh-GN0%*8aJ%a%Ff^iBZAA6s8{g%?60
zzA<+3y2gGnw9nUlcaK@7NckP3^?hnV>MNEmYR#v*8;!?2+ENoEC0LW5%nQm-2cf5c
zlU8^%B6r6P?0Jb&ODA7}upA5@{#(!d1k2<oj}2PMPNA`-Q)Hq`O+g)Rv~h$sD48ms
z2qB>N&sB*cJgE|&>k8Z10;<qWxhC7>Da^$?8j%=aX549(Y1xiBPY2H%uG!{+(#!P*
zpBu<fmxcd>_MLF==t+qkN0`lvddt5w;$N0LS$cHAoy_jSC4_<iZ!wSp#2RwL4#>n1
zeqz>jOiM7kzYr7+X*4re+cnevvAv^r33zKh2kIM{0C{+R<7?aJsS?^;?2c{gHoEWu
zFLv^MV8q!B#4_yW@vX7BPKWKwPptHvPfvk;1ZafKk`-34rG<jcH?0fP0duy^%CG7W
zLt9>9>gIOBGHE{~Z=#>v2MZWYXgp#ay&Gnvg90vyiVqt+K6`HJMuylTOS7sPHgN#&
z^=5CrL0;J?*~aT$U3SVbjPl*$MD4@jsZq`rIp^Q%KAV3DqPk$Jnzvke&2__6uBY$o
zg>yBuok~Td{;g+$fQWnlZPTL8Ob7Bnwb+z>z>UP4t}iH+K+oD+N~b~dK~v6-N;lP2
zV(p=%8IXYNHj!%C&+l!qH<ZD}jiYW%?22ZT*I3I)w||?#ux@`!^1IpPW+K4}P?d(s
z<nD05f9-lMHbI+t6@yC5Bsqc0tP5NfBVw^nG&;|#xKL@w2*+{tDm-ys(0#MO9wFLM
zIAn~D`S!{auHA(mb_h9>7nh|yDuOApN15qV#wW+nwA8$Xnw-S+B^kBqFghNYRq@f0
zc#%9lK4eq?d3!FYdSAUv&!gjs4*atv*>U?LfZgVcyRy(XWmoqvaEly^=<eB({juVY
z-_gbT=1kt6R&Z-ZI(<+TsZ)*9%6uFag#mX7&nY0|Uh1$Rqidms`6^k1`MD|@Ts)?%
zV*00CcGOHtee&zp!*7Fi-|dmIN)hu^ZHPZBiiGzsLGZ1|?yePIm%eha_hH3n5I;3+
zw<SoM_dX#0viauIcMoZdx)|A?5idTKPZjui^<hgSG9>w7R8I)#>gjfS;W3Swd4U~)
zHwk&QF#K!CywEU>RdhFy2ow?V^2jW3vFhae?Wrem>o(w9h`sER3x$cdDN=Y6t3ZIU
zDCTXZCT8gdVd^#U8DY`7Le6)j*do5z>+rd28uTv-zZ#@a70fr3{v02vqU^hW6)EI`
zYSMnW&-hVG99=!j<+4#CR-s67^9`4>H!y3sFQ2MhgGHNuf1UelzK1JIQw}TFJzfwc
zsqxbD!Nv6AV&QkodO$yDd}gl>&=htDxu;wneDTmL6GDvfuJDWycz_%kI3#t^#1vJJ
zggx)i6%M)VPe+YS1}!q_2ei1~rqV5^2KH*Y&4cPvGD?(-40{6mO1J;Go`al=4aQO!
z$$~+F4xw1}F3KqyRyX2-pHq`5c^_Ozw3ow+Y;nRk@%ZvO%p>C_ledc&xyEBygxNB<
zoMCenpg&`?iG(0rql-hA(3k79pscq#3+IbP^$4E$gJ?bZkWZiI@a@T<?~{?@Gg;jF
z9uwuJIyaznir&QDmzfL((&gIs-|NBIuI1%HQ~-1V&}DIzNNw2T!dKnimpu%vylprY
zxu+c;zBfXgzALUV2y=}su#j5F%-tIdma9Q@xAdXrHY&-jz5p`_Zx+Vg5u#ht)j&_x
z)T{l@LB{J28BOOqn|m!3+y!+Ho-<&k^Py|3K8QNN?Ql9^yKFm%+&TlmgViqI8!^Yx
z=z){=vPph*>Fe!xtOtDc;<(>H8Pjrs#(iE718hn?5<1l&N{iKZXVRz5V+PZ$MLfES
zqETEK-Yyx%q&A>&V)QkWvF{FNcLvjEQOIakuQZuquE5hVTKYr|Tnl%KZ;B)X?5S36
zDZ-m^oMt^>+0HX_DrP_|h|=cN=UpD&P4zo$5PL=v41QrGd{nI|*#nup+e&9`4>0#J
z?5BnS1^>+9F1}wPzURzlaPBB|W2Iu;!`N&<%K9*>g+*w9_|Z`>X8=*vAme!3_L(ly
z;|JOO6fG6DO4;>C`viihW{l4pW}Cw-*9U`7B?4JbytuPK`exK6Mg)qaC_JwMKEsue
zorfDy?^1X*-(@<b2vSc!!UJ%b?9L%g1ZL=^4viR^-n~y<BIImix;K77!kPQU=gRSW
zMLOQdvN1TTndG@Tyk&}SrAD*VYln{d;%JP6QR7u9_fjn$y6N1A!<D>|;(V+=SCW^W
zWERkWI1qNVc9eo$M=ScR<OSL=IF}zNLJ|jEeo%WE_SX<puAL#7&oSU%>ie3wAg5S#
z8IQk{Zfv?C$+qc5HNvz*26NUxUD)zRH_mgaV;<T*7-ZKGP#pWfkR0t2*n43JJqCN5
ztrH{qv6P2f1X4Kz#|ite%GqFYv?o8TwJJ39QR4`kd1Ku-Oo;2*aM?hY&H1DwNf}74
z7I?GoIZM#3oUfwvxgf^C(sE(sQPchj*UFH#x-kl(hEZ$ha=$LXsQ$`s6A3EZt5sCS
zCpHwvx%k~doA#ht9H;xP=64P8<&je|_j9+j#5LD1Z3c%6?5>EK!AO)uhzGz)Oq<=t
znyKthu}bj+nS_`rr|Sd4Sj|#um4deH?4^C@3=O|QI`MB1d2*H3Vb=wd{4%u7fsDvU
zdTN3Zf{a2j>K+eQcP{7`l$iVCaN58dl2$fPIckG`-8N1aDx&n@9dtsH8*^sO`6KZ$
zsgE|w*)Y_ZE%hMfE5nH6@&{-Um5pD>`2YAJTt?Y?^_~fW`l*6wE**`>8xG>-C;L>O
z{_wY5V=ccpLD#)<@a2wsSz0cX%w;mV?1~Zp#(bZ(|BdU2>u=29I6R!;{4aMqqT|WN
zPlr+%cRKA;HanTFVdX6E?!z1eO_wm5X^gBWA`qLit1`8qM76|X^IbpP#}6~4j719+
z29%JNNo|w*(JFyE`A3X@7g6E_t;Jo&hch~r)iDoD=eLl#N#Nr|sqr9+L5@@v%m>#J
z=Z-4*Czl#PT3dgF5R+e}hIk8YZSa`VVBMkQk2_1iO1=#1i5B_)(6;u*1cuoy<iK;H
zlx5F-XWQEjmgC(lkO{)+n1uz6w#S8=;UgGWrhmuE4N_t`59@6#Fwl0Grlgxu06sOE
zf7m>f*d#Yrw@U-7O@OYp+G7y0c(ehi4yg&^ACveg^vB(@X?AYC3in7E+0HLpqCAq1
zy!Nz6PYMOuQh_eT*|kV~N!CfU%nS~dPv=ONNI5*wC6oeY(V>DUczrYADCGW2IPlrr
zOgtqv_4D(o%9K44*?MHz$9w1SNcKi~&AZ$cLaAC=l{?oz9MH*ap4N8a2-LWR+eBv&
zt@C$OzS2UJ+}hJ!@M!2lI61(GqTUeag`q2L=)kY-GhUf;J6F1xa7KpTaM^|kc8!+G
zuo4cAXJZ6=%|tZUYiBB76YeA>8!K6DuvYkG=>Z{mp^Iy8(19bk?EYX?Mzo6GGL(UN
zg1l(NBC>317PTEZnfV>9@<e95EMqk&3BTnmG$W!uwImxdx@aXf;IIHW?c$MzhEf@}
zv<%i?Cx*N_2{6<%RarrdFbVTk*B{f5RZ?qbzA#xY{9A9ZdGZe*KalHvU~F1}_wzld
z?jhosR%>WtTr&UR|BnQ*4y%`56Ey^oifMrjL=eN@4Hnb?!w~P2Hlo2AMcW31lGrF(
z#UtxFF&uu0JCs3=pnzvS{LJMp8>m5OJ}tGs%YL#r+9L^3lSU%dtURiOp-2a=yJk3Y
z_9?MS)CNo@@ty6?sOjP7b3SlZoM@@!Wy7Ga+R$0|TLh!C{IyEjCMGid`XOjWf~MVf
zS{ye4(AXi9l>Y0bGXa^b>yoNjD%cv?FJ_Ni+*6ED_`{{G2x+_Y;(MG2!%Iu*(WVrU
z@?f|`#}gXIf({-XEF*hLYdWAHbYBDPqxHDO$DQi~5%q+HE+I>6qrjhcCdyIYXgySr
zz$j^aNCk9$i^8ycvbR2L#FGl`V1qfSvP5>{sYrvjVGqz6Q#`dD$QYe<kSYXmlmAN)
zLsARObDd;`2B|IipIZHw<pZIdwtpicl@R|=vB30p$*AWMq3oy?)Bq71pcjSO;nFWU
zqSOz@w0>)j^kM1TH7gF2?1|71?RuxC+>U0CnyfH-HlK{DWXsbq`kObk8MI#6`LAjq
zDNl2yy&$O2$t%Cy@RWDZ{J$7rAo-n_E>)EF57g~R-7Kb%6lc;Dpd;wj{4r=jAMqdm
zx<<_j<23nA-6%x$wIe$++(hFD1QHkxF<lH2ofI<+*jFXv*e{zNHl9SsIffWbD8H&&
z)kpLU8?$Xhtuz&5LbCBc_NP!hhV_t-XCX=P9_~BrCO3WWYd&{`!(^JA?dms4Pi2=B
z!9?c!&hM%v2oV!6OXdw=&Q@ZYCJSHavOVB-G$uu>R%s0qJF0!e7$3C6qvG$g&RN&j
z**ll3y+Be$AUYsvXG3;X!IFHl27KS3=xhP3*?_H<86{`m)6=(n$-{4WK&|$lu-{Wz
zSkLYc_pjyks!$59Y#(T~L<1&z67Hl={!hOhKCy6AFpPqvFr?Yb#(!<u3sNVYINYyE
z0HBO8c1s{1GMmm<m&`1XzW2ZSU@mA%bASp!I)Tb63Ud6>2mgu@^sx-}cVqqU??3we
zz+ZCxzry}IGvNQn7ww;G|F4~v;rNxs%peJxun&6y^*;juv=91$w%EW}$M7~`E|=wC
zv8b=xN7MNxaD*hQzh7=9?>vD%7qmWqMD<TchV}kByl|2i%)+eKn=7BKHcf)S)7q%l
z=ZDh=9#sm%e>qIT<<I{(4Edc$CT%WV-c|YHUUWR*{fU0c1ZnELL!Pu3P3?zz7o7&a
z|8bNAVQKt1e?p;2jA}9$L1CVZD^0dB>>F<2Z7%0MHAaInutE~Lq8q#6;jpiIqtCP#
zE!x%pbp(`nEd&_{nq;7douF!jiPy)L%j615AeRsB1^G9kBN*lq0{i)1Z<W13Wk$KI
z&p=VlsUg}w<2OM{KH_1vFCXB(p=!H!l&+UFStk$VwejbDZxfiGzX6T@?LQ%j=iiX*
zy$ob(9!Vs@5n6*Vv;8+`C~CcBgBVfhVVpJpgwI40Es#_&YV{5g>haNk1pLqCO7DL=
zx0kVP<Ntj*T+!xg<WrNIag%a85y_1`oE)3R)d;O&zm|?<bx-1J!+-rpK{M6*!#jRH
WOGLm#-PYf_*^;7iB9%f0{{IgSW-B=W

literal 0
HcmV?d00001


From eb5f225c9f9727dd453bbb9098a7522295760226 Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Fri, 20 Aug 2021 08:34:32 +0200
Subject: [PATCH 12/14] chg: [types] updated types and categories

---
 categories-and-types/README.md | 1418 ++++++++++++++++----------------
 1 file changed, 711 insertions(+), 707 deletions(-)

diff --git a/categories-and-types/README.md b/categories-and-types/README.md
index c201a25..edd5cfd 100644
--- a/categories-and-types/README.md
+++ b/categories-and-types/README.md
@@ -2,774 +2,778 @@
 
 ### Attribute Categories vs. Types
 
-|Category| Internal reference | Targeting data | Antivirus detection | Payload delivery | Artifacts dropped | Payload installation |
+|Category| Antivirus detection | Artifacts dropped | Attribution | External analysis | Financial fraud | Internal reference |
 | --- |:---:|:---:|:---:|:---:|:---:|:---:|
-|md5| | | | X | X | X |
-|sha1| | | | X | X | X |
-|sha256| | | | X | X | X |
-|filename| | | | X | X | X |
-|pdb| | | | | X | |
-|filename&#124;md5| | | | X | X | X |
-|filename&#124;sha1| | | | X | X | X |
-|filename&#124;sha256| | | | X | X | X |
-|ip-src| | | | X | | |
-|ip-dst| | | | X | | |
-|hostname| | | | X | | |
-|domain| | | | X | | |
-|domain&#124;ip| | | | | | |
-|email| | | | X | | |
-|email-src| | | | X | | |
-|eppn| | | | | | |
-|email-dst| | | | X | | |
-|email-subject| | | | X | | |
-|email-attachment| | | | X | | |
-|email-body| | | | X | | |
-|float| | | | | | |
-|git-commit-id| X | | | | | |
-|url| | | | X | | |
-|http-method| | | | | | |
-|user-agent| | | | X | | |
-|ja3-fingerprint-md5| | | | X | | |
-|jarm-fingerprint| | | | X | | |
-|favicon-mmh3| | | | | | |
-|hassh-md5| | | | X | | |
-|hasshserver-md5| | | | X | | |
-|regkey| | | | | X | |
-|regkey&#124;value| | | | | X | |
 |AS| | | | X | | |
-|snort| | | | | | |
-|bro| | | | | | |
-|zeek| | | | | | |
-|community-id| | | | | | |
-|pattern-in-file| | | | X | X | X |
-|pattern-in-traffic| | | | X | | X |
-|pattern-in-memory| | | | | X | X |
-|pattern-filename| | | | | | |
-|pgp-public-key| | | | | X | |
-|pgp-private-key| | | | | X | |
-|yara| | | | X | X | X |
-|stix2-pattern| | | | X | X | X |
-|sigma| | | | X | X | X |
-|gene| | | | | X | |
-|kusto-query| | | | | X | |
-|mime-type| | | | X | X | X |
-|identity-card-number| | | | | | |
-|cookie| | | | | X | |
-|vulnerability| | | | X | | X |
-|cpe| | | | X | | X |
-|weakness| | | | X | | X |
-|attachment| | | X | X | X | X |
-|malware-sample| | | | X | X | X |
-|link| X | | X | X | | |
+|aba-rtn| | | | | X | |
+|anonymised| X | X | X | X | X | X |
+|attachment| X | X | | X | | |
+|authentihash| | X | | | | |
+|bank-account-nr| | | | | X | |
+|bic| | | | | X | |
+|bin| | | | | X | |
+|boolean| | | | | | |
+|bro| | | | X | | |
+|btc| | | | | X | |
+|campaign-id| | | X | | | |
+|campaign-name| | | X | | | |
+|cc-number| | | | | X | |
+|cdhash| | X | | | | |
+|chrome-extension-id| | | | | | |
 |comment| X | X | X | X | X | X |
-|text| X | | X | X | X | X |
-|hex| X | | X | X | X | X |
-|other| X | | X | X | X | X |
-|named pipe| | | | | X | |
-|mutex| | | | | X | |
-|process-state| | | | | X | |
-|target-user| | X | | | | |
-|target-email| | X | | | | |
-|target-machine| | X | | | | |
-|target-org| | X | | | | |
-|target-location| | X | | | | |
-|target-external| | X | | | | |
-|btc| | | | | | |
-|dash| | | | | | |
-|xmr| | | | | | |
-|iban| | | | | | |
-|bic| | | | | | |
-|bank-account-nr| | | | | | |
-|aba-rtn| | | | | | |
-|bin| | | | | | |
-|cc-number| | | | | | |
-|prtn| | | | | | |
-|phone-number| | | | | | |
-|threat-actor| | | | | | |
-|campaign-name| | | | | | |
-|campaign-id| | | | | | |
-|malware-type| | | | X | | X |
-|uri| | | | | | |
-|authentihash| | | | X | X | X |
-|vhash| | | | X | X | X |
-|ssdeep| | | | X | X | X |
-|imphash| | | | X | X | X |
-|telfhash| | | | X | X | X |
-|pehash| | | | X | | X |
-|impfuzzy| | | | X | X | X |
-|sha224| | | | X | X | X |
-|sha384| | | | X | X | X |
-|sha512| | | | X | X | X |
-|sha512/224| | | | X | X | X |
-|sha512/256| | | | X | X | X |
-|sha3-224| | | | X | X | X |
-|sha3-256| | | | X | X | X |
-|sha3-384| | | | X | X | X |
-|sha3-512| | | | X | X | X |
-|tlsh| | | | X | | X |
-|cdhash| | | | X | X | X |
-|filename&#124;authentihash| | | | X | X | X |
-|filename&#124;vhash| | | | X | X | X |
-|filename&#124;ssdeep| | | | X | X | X |
-|filename&#124;imphash| | | | X | X | X |
-|filename&#124;impfuzzy| | | | X | X | X |
-|filename&#124;pehash| | | | X | X | X |
-|filename&#124;sha224| | | | X | X | X |
-|filename&#124;sha384| | | | X | X | X |
-|filename&#124;sha512| | | | X | X | X |
-|filename&#124;sha512/224| | | | X | X | X |
-|filename&#124;sha512/256| | | | X | X | X |
-|filename&#124;sha3-224| | | | X | X | X |
-|filename&#124;sha3-256| | | | X | X | X |
-|filename&#124;sha3-384| | | | X | X | X |
-|filename&#124;sha3-512| | | | X | X | X |
-|filename&#124;tlsh| | | | X | X | X |
-|windows-scheduled-task| | | | | X | |
-|windows-service-name| | | | | X | |
-|windows-service-displayname| | | | | X | |
-|whois-registrant-email| | | | X | | |
-|whois-registrant-phone| | | | | | |
-|whois-registrant-name| | | | | | |
-|whois-registrant-org| | | | | | |
-|whois-registrar| | | | | | |
-|whois-creation-date| | | | | | |
-|x509-fingerprint-sha1| | | | X | X | X |
-|x509-fingerprint-md5| | | | X | X | X |
-|x509-fingerprint-sha256| | | | X | X | X |
-|dns-soa-email| | | | | | |
-|size-in-bytes| | | | | | |
+|community-id| | | | X | | |
+|cookie| | X | | | | |
+|cortex| | | | X | | |
 |counter| | | | | | |
+|country-of-residence| | | | | | |
+|cpe| | | | X | | |
+|dash| | | | | X | |
+|date-of-birth| | | | | | |
 |datetime| | | | | | |
-|port| | | | | | |
-|ip-dst&#124;port| | | | X | | |
-|ip-src&#124;port| | | | X | | |
-|hostname&#124;port| | | | X | | |
-|mac-address| | | | X | | |
-|mac-eui-64| | | | X | | |
-|email-dst-display-name| | | | X | | |
-|email-src-display-name| | | | X | | |
-|email-header| | | | X | | |
-|email-reply-to| | | | X | | |
-|email-x-mailer| | | | X | | |
-|email-mime-boundary| | | | X | | |
-|email-thread-index| | | | X | | |
-|email-message-id| | | | X | | |
-|github-username| | | | | | |
-|github-repository| | | | | | |
-|github-organisation| | | | | | |
-|jabber-id| | | | | | |
-|twitter-id| | | | | | |
 |dkim| | | | | | |
 |dkim-signature| | | | | | |
-|first-name| | | | | | |
-|middle-name| | | | | | |
-|last-name| | | | | | |
-|date-of-birth| | | | | | |
-|place-of-birth| | | | | | |
-|gender| | | | | | |
-|passport-number| | | | | | |
-|passport-country| | | | | | |
-|passport-expiration| | | | | | |
-|redress-number| | | | | | |
-|nationality| | | | | | |
-|visa-number| | | | | | |
-|issue-date-of-the-visa| | | | | | |
-|primary-residence| | | | | | |
-|country-of-residence| | | | | | |
-|special-service-request| | | | | | |
-|frequent-flyer-number| | | | | | |
-|travel-details| | | | | | |
-|payment-details| | | | | | |
-|place-port-of-original-embarkation| | | | | | |
-|place-port-of-clearance| | | | | | |
-|place-port-of-onward-foreign-destination| | | | | | |
-|passenger-name-record-locator-number| | | | | | |
-|mobile-application-id| | | | X | | X |
-|chrome-extension-id| | | | X | | X |
-|cortex| | | | | | |
-|boolean| | | | | | |
-|anonymised| X | X | X | X | X | X |
-
-|Category| Persistence mechanism | Network activity | Payload type | Attribution | External analysis | Financial fraud |
-| --- |:---:|:---:|:---:|:---:|:---:|:---:|
-|md5| | | | | X | |
-|sha1| | | | | X | |
-|sha256| | | | | X | |
-|filename| X | | | | X | |
-|pdb| | | | | | |
-|filename&#124;md5| | | | | X | |
-|filename&#124;sha1| | | | | X | |
-|filename&#124;sha256| | | | | X | |
-|ip-src| | X | | | X | |
-|ip-dst| | X | | | X | |
-|hostname| | X | | | X | |
-|domain| | X | | | X | |
-|domain&#124;ip| | X | | | X | |
-|email| | X | | X | | |
-|email-src| | X | | | | |
-|eppn| | X | | | | |
-|email-dst| | X | | | | |
-|email-subject| | X | | | | |
+|dns-soa-email| | | X | | | |
+|domain| | | | X | | |
+|domain&#124;ip| | | | X | | |
+|email| | | X | | | |
 |email-attachment| | | | | | |
 |email-body| | | | | | |
-|float| | | | | | |
-|git-commit-id| | | | | | |
-|url| | X | | | X | |
-|http-method| | X | | | | |
-|user-agent| | X | | | X | |
-|ja3-fingerprint-md5| | X | | | X | |
-|jarm-fingerprint| | X | | | X | |
-|favicon-mmh3| | X | | | | |
-|hassh-md5| | X | | | X | |
-|hasshserver-md5| | X | | | X | |
-|regkey| X | | | | X | |
-|regkey&#124;value| X | | | | X | |
-|AS| | X | | | X | |
-|snort| | X | | | X | |
-|bro| | X | | | X | |
-|zeek| | X | | | X | |
-|community-id| | X | | | X | |
-|pattern-in-file| | X | | | X | |
-|pattern-in-traffic| | X | | | X | |
-|pattern-in-memory| | | | | X | |
-|pattern-filename| | | | | | |
-|pgp-public-key| | | | | | |
-|pgp-private-key| | | | | | |
-|yara| | | | | | |
-|stix2-pattern| | X | | | | |
-|sigma| | | | | | |
-|gene| | | | | | |
-|kusto-query| | | | | | |
-|mime-type| | | | | | |
-|identity-card-number| | | | | | |
-|cookie| | X | | | | |
-|vulnerability| | | | | X | |
-|cpe| | | | | X | |
-|weakness| | | | | X | |
-|attachment| | X | | | X | |
-|malware-sample| | | | | X | |
-|link| | | | | X | |
-|comment| X | X | X | X | X | X |
-|text| X | X | X | X | X | X |
-|hex| X | X | | | | X |
-|other| X | X | X | X | X | X |
-|named pipe| | | | | | |
-|mutex| | | | | | |
-|process-state| | | | | | |
-|target-user| | | | | | |
-|target-email| | | | | | |
-|target-machine| | | | | | |
-|target-org| | | | | | |
-|target-location| | | | | | |
-|target-external| | | | | | |
-|btc| | | | | | X |
-|dash| | | | | | X |
-|xmr| | | | | | X |
-|iban| | | | | | X |
-|bic| | | | | | X |
-|bank-account-nr| | | | | | X |
-|aba-rtn| | | | | | X |
-|bin| | | | | | X |
-|cc-number| | | | | | X |
-|prtn| | | | | | X |
-|phone-number| | | | | | X |
-|threat-actor| | | | X | | |
-|campaign-name| | | | X | | |
-|campaign-id| | | | X | | |
-|malware-type| | | | | | |
-|uri| | X | | | | |
-|authentihash| | | | | | |
-|vhash| | | | | | |
-|ssdeep| | | | | | |
-|imphash| | | | | | |
-|telfhash| | | | | | |
-|pehash| | | | | | |
-|impfuzzy| | | | | | |
-|sha224| | | | | | |
-|sha384| | | | | | |
-|sha512| | | | | | |
-|sha512/224| | | | | | |
-|sha512/256| | | | | | |
-|sha3-224| | | | | X | |
-|sha3-256| | | | | X | |
-|sha3-384| | | | | X | |
-|sha3-512| | | | | X | |
-|tlsh| | | | | | |
-|cdhash| | | | | | |
-|filename&#124;authentihash| | | | | | |
-|filename&#124;vhash| | | | | | |
-|filename&#124;ssdeep| | | | | | |
-|filename&#124;imphash| | | | | | |
-|filename&#124;impfuzzy| | | | | | |
-|filename&#124;pehash| | | | | | |
-|filename&#124;sha224| | | | | | |
-|filename&#124;sha384| | | | | | |
-|filename&#124;sha512| | | | | | |
-|filename&#124;sha512/224| | | | | | |
-|filename&#124;sha512/256| | | | | | |
-|filename&#124;sha3-224| | | | | X | |
-|filename&#124;sha3-256| | | | | X | |
-|filename&#124;sha3-384| | | | | X | |
-|filename&#124;sha3-512| | | | | X | |
-|filename&#124;tlsh| | | | | | |
-|windows-scheduled-task| | | | | | |
-|windows-service-name| | | | | | |
-|windows-service-displayname| | | | | | |
-|whois-registrant-email| | | | X | | |
-|whois-registrant-phone| | | | X | | |
-|whois-registrant-name| | | | X | | |
-|whois-registrant-org| | | | X | | |
-|whois-registrar| | | | X | | |
-|whois-creation-date| | | | X | | |
-|x509-fingerprint-sha1| | X | | X | X | |
-|x509-fingerprint-md5| | X | | X | X | |
-|x509-fingerprint-sha256| | X | | X | X | |
-|dns-soa-email| | | | X | | |
-|size-in-bytes| | | | | | |
-|counter| | | | | | |
-|datetime| | | | | | |
-|port| | X | | | | |
-|ip-dst&#124;port| | X | | | X | |
-|ip-src&#124;port| | X | | | X | |
-|hostname&#124;port| | X | | | | |
-|mac-address| | X | | | X | |
-|mac-eui-64| | X | | | X | |
+|email-dst| | | | | | |
 |email-dst-display-name| | | | | | |
-|email-src-display-name| | | | | | |
 |email-header| | | | | | |
-|email-reply-to| | | | | | |
-|email-x-mailer| | | | | | |
-|email-mime-boundary| | | | | | |
-|email-thread-index| | | | | | |
 |email-message-id| | | | | | |
-|github-username| | | | | | |
-|github-repository| | | | | X | |
-|github-organisation| | | | | | |
-|jabber-id| | | | | | |
-|twitter-id| | | | | | |
-|dkim| | X | | | | |
-|dkim-signature| | X | | | | |
+|email-mime-boundary| | | | | | |
+|email-reply-to| | | | | | |
+|email-src| | | | | | |
+|email-src-display-name| | | | | | |
+|email-subject| | | | | | |
+|email-thread-index| | | | | | |
+|email-x-mailer| | | | | | |
+|eppn| | | | | | |
+|favicon-mmh3| | | | | | |
+|filename| | X | | X | | |
+|filename&#124;authentihash| | X | | | | |
+|filename&#124;impfuzzy| | X | | | | |
+|filename&#124;imphash| | X | | | | |
+|filename&#124;md5| | X | | X | | |
+|filename&#124;pehash| | X | | | | |
+|filename&#124;sha1| | X | | X | | |
+|filename&#124;sha224| | X | | | | |
+|filename&#124;sha256| | X | | X | | |
+|filename&#124;sha3-224| | X | | X | | |
+|filename&#124;sha3-256| | X | | X | | |
+|filename&#124;sha3-384| | X | | X | | |
+|filename&#124;sha3-512| | X | | X | | |
+|filename&#124;sha384| | X | | | | |
+|filename&#124;sha512| | X | | | | |
+|filename&#124;sha512/224| | X | | | | |
+|filename&#124;sha512/256| | X | | | | |
+|filename&#124;ssdeep| | X | | | | |
+|filename&#124;tlsh| | X | | | | |
+|filename&#124;vhash| | X | | | | |
 |first-name| | | | | | |
-|middle-name| | | | | | |
-|last-name| | | | | | |
-|date-of-birth| | | | | | |
-|place-of-birth| | | | | | |
+|float| | | | | | |
+|frequent-flyer-number| | | | | | |
+|full-name| | | | | | |
 |gender| | | | | | |
-|passport-number| | | | | | |
+|gene| | X | | | | |
+|git-commit-id| | | | | | X |
+|github-organisation| | | | | | |
+|github-repository| | | | X | | |
+|github-username| | | | | | |
+|hassh-md5| | | | X | | |
+|hasshserver-md5| | | | X | | |
+|hex| X | X | | | X | X |
+|hostname| | | | X | | |
+|hostname&#124;port| | | | | | |
+|http-method| | | | | | |
+|iban| | | | | X | |
+|identity-card-number| | | | | | |
+|impfuzzy| | X | | | | |
+|imphash| | X | | | | |
+|ip-dst| | | | X | | |
+|ip-dst&#124;port| | | | X | | |
+|ip-src| | | | X | | |
+|ip-src&#124;port| | | | X | | |
+|issue-date-of-the-visa| | | | | | |
+|ja3-fingerprint-md5| | | | X | | |
+|jabber-id| | | | | | |
+|jarm-fingerprint| | | | X | | |
+|kusto-query| | X | | | | |
+|last-name| | | | | | |
+|link| X | | | X | | X |
+|mac-address| | | | X | | |
+|mac-eui-64| | | | X | | |
+|malware-sample| | X | | X | | |
+|malware-type| | | | | | |
+|md5| | X | | X | | |
+|middle-name| | | | | | |
+|mime-type| | X | | | | |
+|mobile-application-id| | | | | | |
+|mutex| | X | | | | |
+|named pipe| | X | | | | |
+|nationality| | | | | | |
+|other| X | X | X | X | X | X |
+|passenger-name-record-locator-number| | | | | | |
 |passport-country| | | | | | |
 |passport-expiration| | | | | | |
-|redress-number| | | | | | |
-|nationality| | | | | | |
-|visa-number| | | | | | |
-|issue-date-of-the-visa| | | | | | |
-|primary-residence| | | | | | |
-|country-of-residence| | | | | | |
-|special-service-request| | | | | | |
-|frequent-flyer-number| | | | | | |
-|travel-details| | | | | | |
+|passport-number| | | | | | |
+|pattern-filename| | | | | | |
+|pattern-in-file| | X | | X | | |
+|pattern-in-memory| | X | | X | | |
+|pattern-in-traffic| | | | X | | |
 |payment-details| | | | | | |
-|place-port-of-original-embarkation| | | | | | |
+|pdb| | X | | | | |
+|pehash| | | | | | |
+|pgp-private-key| | X | | | | |
+|pgp-public-key| | X | | | | |
+|phone-number| | | | | X | |
+|place-of-birth| | | | | | |
 |place-port-of-clearance| | | | | | |
 |place-port-of-onward-foreign-destination| | | | | | |
-|passenger-name-record-locator-number| | | | | | |
-|mobile-application-id| | | | | | |
-|chrome-extension-id| | | | | | |
-|cortex| | | | | X | |
-|boolean| | | | | | |
-|anonymised| X | X | X | X | X | X |
+|place-port-of-original-embarkation| | | | | | |
+|port| | | | | | |
+|primary-residence| | | | | | |
+|process-state| | X | | | | |
+|prtn| | | | | X | |
+|redress-number| | | | | | |
+|regkey| | X | | X | | |
+|regkey&#124;value| | X | | X | | |
+|sha1| | X | | X | | |
+|sha224| | X | | | | |
+|sha256| | X | | X | | |
+|sha3-224| | X | | X | | |
+|sha3-256| | X | | X | | |
+|sha3-384| | X | | X | | |
+|sha3-512| | X | | X | | |
+|sha384| | X | | | | |
+|sha512| | X | | | | |
+|sha512/224| | X | | | | |
+|sha512/256| | X | | | | |
+|sigma| | X | | | | |
+|size-in-bytes| | | | | | |
+|snort| | | | X | | |
+|special-service-request| | | | | | |
+|ssdeep| | X | | | | |
+|stix2-pattern| | X | | | | |
+|target-email| | | | | | |
+|target-external| | | | | | |
+|target-location| | | | | | |
+|target-machine| | | | | | |
+|target-org| | | | | | |
+|target-user| | | | | | |
+|telfhash| | X | | | | |
+|text| X | X | X | X | X | X |
+|threat-actor| | | X | | | |
+|tlsh| | | | | | |
+|travel-details| | | | | | |
+|twitter-id| | | | | | |
+|uri| | | | | | |
+|url| | | | X | | |
+|user-agent| | | | X | | |
+|vhash| | X | | | | |
+|visa-number| | | | | | |
+|vulnerability| | | | X | | |
+|weakness| | | | X | | |
+|whois-creation-date| | | X | | | |
+|whois-registrant-email| | | X | | | |
+|whois-registrant-name| | | X | | | |
+|whois-registrant-org| | | X | | | |
+|whois-registrant-phone| | | X | | | |
+|whois-registrar| | | X | | | |
+|windows-scheduled-task| | X | | | | |
+|windows-service-displayname| | X | | | | |
+|windows-service-name| | X | | | | |
+|x509-fingerprint-md5| | X | X | X | | |
+|x509-fingerprint-sha1| | X | X | X | | |
+|x509-fingerprint-sha256| | X | X | X | | |
+|xmr| | | | | X | |
+|yara| | X | | | | |
+|zeek| | | | X | | |
 
-|Category| Support Tool | Social network | Person | Other |
+|Category| Network activity | Other | Payload delivery | Payload installation | Payload type | Persistence mechanism |
+| --- |:---:|:---:|:---:|:---:|:---:|:---:|
+|AS| X | | X | | | |
+|aba-rtn| | | | | | |
+|anonymised| X | X | X | X | X | X |
+|attachment| X | | X | X | | |
+|authentihash| | | X | X | | |
+|bank-account-nr| | | | | | |
+|bic| | | | | | |
+|bin| | | | | | |
+|boolean| | X | | | | |
+|bro| X | | | | | |
+|btc| | | | | | |
+|campaign-id| | | | | | |
+|campaign-name| | | | | | |
+|cc-number| | | | | | |
+|cdhash| | | X | X | | |
+|chrome-extension-id| | | X | X | | |
+|comment| X | X | X | X | X | X |
+|community-id| X | | | | | |
+|cookie| X | | | | | |
+|cortex| | | | | | |
+|counter| | X | | | | |
+|country-of-residence| | | | | | |
+|cpe| | X | X | X | | |
+|dash| | | | | | |
+|date-of-birth| | | | | | |
+|datetime| | X | | | | |
+|dkim| X | | | | | |
+|dkim-signature| X | | | | | |
+|dns-soa-email| | | | | | |
+|domain| X | | X | | | |
+|domain&#124;ip| X | | | | | |
+|email| X | | X | | | |
+|email-attachment| | | X | | | |
+|email-body| | | X | | | |
+|email-dst| X | | X | | | |
+|email-dst-display-name| | | X | | | |
+|email-header| | | X | | | |
+|email-message-id| | | X | | | |
+|email-mime-boundary| | | X | | | |
+|email-reply-to| | | X | | | |
+|email-src| X | | X | | | |
+|email-src-display-name| | | X | | | |
+|email-subject| X | | X | | | |
+|email-thread-index| | | X | | | |
+|email-x-mailer| | | X | | | |
+|eppn| X | | | | | |
+|favicon-mmh3| X | | | | | |
+|filename| | | X | X | | X |
+|filename&#124;authentihash| | | X | X | | |
+|filename&#124;impfuzzy| | | X | X | | |
+|filename&#124;imphash| | | X | X | | |
+|filename&#124;md5| | | X | X | | |
+|filename&#124;pehash| | | X | X | | |
+|filename&#124;sha1| | | X | X | | |
+|filename&#124;sha224| | | X | X | | |
+|filename&#124;sha256| | | X | X | | |
+|filename&#124;sha3-224| | | X | X | | |
+|filename&#124;sha3-256| | | X | X | | |
+|filename&#124;sha3-384| | | X | X | | |
+|filename&#124;sha3-512| | | X | X | | |
+|filename&#124;sha384| | | X | X | | |
+|filename&#124;sha512| | | X | X | | |
+|filename&#124;sha512/224| | | X | X | | |
+|filename&#124;sha512/256| | | X | X | | |
+|filename&#124;ssdeep| | | X | X | | |
+|filename&#124;tlsh| | | X | X | | |
+|filename&#124;vhash| | | X | X | | |
+|first-name| | | | | | |
+|float| | X | | | | |
+|frequent-flyer-number| | | | | | |
+|full-name| | | | | | |
+|gender| | | | | | |
+|gene| | | | | | |
+|git-commit-id| | | | | | |
+|github-organisation| | | | | | |
+|github-repository| | | | | | |
+|github-username| | | | | | |
+|hassh-md5| X | | X | | | |
+|hasshserver-md5| X | | X | | | |
+|hex| X | X | X | X | | X |
+|hostname| X | | X | | | |
+|hostname&#124;port| X | | X | | | |
+|http-method| X | | | | | |
+|iban| | | | | | |
+|identity-card-number| | | | | | |
+|impfuzzy| | | X | X | | |
+|imphash| | | X | X | | |
+|ip-dst| X | | X | | | |
+|ip-dst&#124;port| X | | X | | | |
+|ip-src| X | | X | | | |
+|ip-src&#124;port| X | | X | | | |
+|issue-date-of-the-visa| | | | | | |
+|ja3-fingerprint-md5| X | | X | | | |
+|jabber-id| | | | | | |
+|jarm-fingerprint| X | | X | | | |
+|kusto-query| | | | | | |
+|last-name| | | | | | |
+|link| | | X | | | |
+|mac-address| X | | X | | | |
+|mac-eui-64| X | | X | | | |
+|malware-sample| | | X | X | | |
+|malware-type| | | X | X | | |
+|md5| | | X | X | | |
+|middle-name| | | | | | |
+|mime-type| | | X | X | | |
+|mobile-application-id| | | X | X | | |
+|mutex| | | | | | |
+|named pipe| | | | | | |
+|nationality| | | | | | |
+|other| X | X | X | X | X | X |
+|passenger-name-record-locator-number| | | | | | |
+|passport-country| | | | | | |
+|passport-expiration| | | | | | |
+|passport-number| | | | | | |
+|pattern-filename| | | | | | |
+|pattern-in-file| X | | X | X | | |
+|pattern-in-memory| | | | X | | |
+|pattern-in-traffic| X | | X | X | | |
+|payment-details| | | | | | |
+|pdb| | | | | | |
+|pehash| | | X | X | | |
+|pgp-private-key| | X | | | | |
+|pgp-public-key| | X | | | | |
+|phone-number| | X | | | | |
+|place-of-birth| | | | | | |
+|place-port-of-clearance| | | | | | |
+|place-port-of-onward-foreign-destination| | | | | | |
+|place-port-of-original-embarkation| | | | | | |
+|port| X | X | | | | |
+|primary-residence| | | | | | |
+|process-state| | | | | | |
+|prtn| | | | | | |
+|redress-number| | | | | | |
+|regkey| | | | | | X |
+|regkey&#124;value| | | | | | X |
+|sha1| | | X | X | | |
+|sha224| | | X | X | | |
+|sha256| | | X | X | | |
+|sha3-224| | | X | X | | |
+|sha3-256| | | X | X | | |
+|sha3-384| | | X | X | | |
+|sha3-512| | | X | X | | |
+|sha384| | | X | X | | |
+|sha512| | | X | X | | |
+|sha512/224| | | X | X | | |
+|sha512/256| | | X | X | | |
+|sigma| | | X | X | | |
+|size-in-bytes| | X | | | | |
+|snort| X | | | | | |
+|special-service-request| | | | | | |
+|ssdeep| | | X | X | | |
+|stix2-pattern| X | | X | X | | |
+|target-email| | | | | | |
+|target-external| | | | | | |
+|target-location| | | | | | |
+|target-machine| | | | | | |
+|target-org| | | | | | |
+|target-user| | | | | | |
+|telfhash| | | X | X | | |
+|text| X | X | X | X | X | X |
+|threat-actor| | | | | | |
+|tlsh| | | X | X | | |
+|travel-details| | | | | | |
+|twitter-id| | | | | | |
+|uri| X | | | | | |
+|url| X | | X | | | |
+|user-agent| X | | X | | | |
+|vhash| | | X | X | | |
+|visa-number| | | | | | |
+|vulnerability| | | X | X | | |
+|weakness| | | X | X | | |
+|whois-creation-date| | | | | | |
+|whois-registrant-email| | | X | | | |
+|whois-registrant-name| | | | | | |
+|whois-registrant-org| | | | | | |
+|whois-registrant-phone| | | | | | |
+|whois-registrar| | | | | | |
+|windows-scheduled-task| | | | | | |
+|windows-service-displayname| | | | | | |
+|windows-service-name| | | | | | |
+|x509-fingerprint-md5| X | | X | X | | |
+|x509-fingerprint-sha1| X | | X | X | | |
+|x509-fingerprint-sha256| X | | X | X | | |
+|xmr| | | | | | |
+|yara| | | X | X | | |
+|zeek| X | | | | | |
+
+|Category| Person | Social network | Support Tool | Targeting data |
 | --- |:---:|:---:|:---:|:---:|
-|md5| | | | |
-|sha1| | | | |
-|sha256| | | | |
-|filename| | | | |
-|pdb| | | | |
-|filename&#124;md5| | | | |
-|filename&#124;sha1| | | | |
-|filename&#124;sha256| | | | |
-|ip-src| | | | |
-|ip-dst| | | | |
-|hostname| | | | |
+|AS| | | | |
+|aba-rtn| | | | |
+|anonymised| X | X | X | X |
+|attachment| | | X | |
+|authentihash| | | | |
+|bank-account-nr| | | | |
+|bic| | | | |
+|bin| | | | |
+|boolean| | | | |
+|bro| | | | |
+|btc| | | | |
+|campaign-id| | | | |
+|campaign-name| | | | |
+|cc-number| | | | |
+|cdhash| | | | |
+|chrome-extension-id| | | | |
+|comment| X | X | X | X |
+|community-id| | | | |
+|cookie| | | | |
+|cortex| | | | |
+|counter| | | | |
+|country-of-residence| X | | | |
+|cpe| | | | |
+|dash| | | | |
+|date-of-birth| X | | | |
+|datetime| | | | |
+|dkim| | | | |
+|dkim-signature| | | | |
+|dns-soa-email| | | | |
 |domain| | | | |
 |domain&#124;ip| | | | |
-|email| | X | X | |
-|email-src| | X | | |
-|eppn| | X | | |
-|email-dst| | X | | |
-|email-subject| | | | |
+|email| X | X | | |
 |email-attachment| | | | |
 |email-body| | | | |
-|float| | | | X |
-|git-commit-id| | | | |
-|url| | | | |
-|http-method| | | | |
-|user-agent| | | | |
-|ja3-fingerprint-md5| | | | |
-|jarm-fingerprint| | | | |
+|email-dst| | X | | |
+|email-dst-display-name| | | | |
+|email-header| | | | |
+|email-message-id| | | | |
+|email-mime-boundary| | | | |
+|email-reply-to| | | | |
+|email-src| | X | | |
+|email-src-display-name| | | | |
+|email-subject| | | | |
+|email-thread-index| | | | |
+|email-x-mailer| | | | |
+|eppn| | X | | |
 |favicon-mmh3| | | | |
-|hassh-md5| | | | |
-|hasshserver-md5| | | | |
-|regkey| | | | |
-|regkey&#124;value| | | | |
-|AS| | | | |
-|snort| | | | |
-|bro| | | | |
-|zeek| | | | |
-|community-id| | | | |
-|pattern-in-file| | | | |
-|pattern-in-traffic| | | | |
-|pattern-in-memory| | | | |
-|pattern-filename| | | | |
-|pgp-public-key| | X | X | X |
-|pgp-private-key| | X | X | X |
-|yara| | | | |
-|stix2-pattern| | | | |
-|sigma| | | | |
-|gene| | | | |
-|kusto-query| | | | |
-|mime-type| | | | |
-|identity-card-number| | | X | |
-|cookie| | | | |
-|vulnerability| | | | |
-|cpe| | | | X |
-|weakness| | | | |
-|attachment| X | | | |
-|malware-sample| | | | |
-|link| X | | | |
-|comment| X | X | X | X |
-|text| X | X | X | X |
-|hex| X | | | X |
-|other| X | X | X | X |
-|named pipe| | | | |
-|mutex| | | | |
-|process-state| | | | |
-|target-user| | | | |
-|target-email| | | | |
-|target-machine| | | | |
-|target-org| | | | |
-|target-location| | | | |
-|target-external| | | | |
-|btc| | | | |
-|dash| | | | |
-|xmr| | | | |
-|iban| | | | |
-|bic| | | | |
-|bank-account-nr| | | | |
-|aba-rtn| | | | |
-|bin| | | | |
-|cc-number| | | | |
-|prtn| | | | |
-|phone-number| | | X | X |
-|threat-actor| | | | |
-|campaign-name| | | | |
-|campaign-id| | | | |
-|malware-type| | | | |
-|uri| | | | |
-|authentihash| | | | |
-|vhash| | | | |
-|ssdeep| | | | |
-|imphash| | | | |
-|telfhash| | | | |
-|pehash| | | | |
-|impfuzzy| | | | |
-|sha224| | | | |
-|sha384| | | | |
-|sha512| | | | |
-|sha512/224| | | | |
-|sha512/256| | | | |
-|sha3-224| | | | |
-|sha3-256| | | | |
-|sha3-384| | | | |
-|sha3-512| | | | |
-|tlsh| | | | |
-|cdhash| | | | |
+|filename| | | | |
 |filename&#124;authentihash| | | | |
-|filename&#124;vhash| | | | |
-|filename&#124;ssdeep| | | | |
-|filename&#124;imphash| | | | |
 |filename&#124;impfuzzy| | | | |
+|filename&#124;imphash| | | | |
+|filename&#124;md5| | | | |
 |filename&#124;pehash| | | | |
+|filename&#124;sha1| | | | |
 |filename&#124;sha224| | | | |
-|filename&#124;sha384| | | | |
-|filename&#124;sha512| | | | |
-|filename&#124;sha512/224| | | | |
-|filename&#124;sha512/256| | | | |
+|filename&#124;sha256| | | | |
 |filename&#124;sha3-224| | | | |
 |filename&#124;sha3-256| | | | |
 |filename&#124;sha3-384| | | | |
 |filename&#124;sha3-512| | | | |
+|filename&#124;sha384| | | | |
+|filename&#124;sha512| | | | |
+|filename&#124;sha512/224| | | | |
+|filename&#124;sha512/256| | | | |
+|filename&#124;ssdeep| | | | |
 |filename&#124;tlsh| | | | |
-|windows-scheduled-task| | | | |
-|windows-service-name| | | | |
-|windows-service-displayname| | | | |
-|whois-registrant-email| | X | | |
-|whois-registrant-phone| | | | |
-|whois-registrant-name| | | | |
-|whois-registrant-org| | | | |
-|whois-registrar| | | | |
-|whois-creation-date| | | | |
-|x509-fingerprint-sha1| | | | |
-|x509-fingerprint-md5| | | | |
-|x509-fingerprint-sha256| | | | |
-|dns-soa-email| | | | |
-|size-in-bytes| | | | X |
-|counter| | | | X |
-|datetime| | | | X |
-|port| | | | X |
-|ip-dst&#124;port| | | | |
-|ip-src&#124;port| | | | |
+|filename&#124;vhash| | | | |
+|first-name| X | | | |
+|float| | | | |
+|frequent-flyer-number| X | | | |
+|full-name| X | | | |
+|gender| X | | | |
+|gene| | | | |
+|git-commit-id| | | | |
+|github-organisation| | X | | |
+|github-repository| | X | | |
+|github-username| | X | | |
+|hassh-md5| | | | |
+|hasshserver-md5| | | | |
+|hex| | | X | |
+|hostname| | | | |
 |hostname&#124;port| | | | |
+|http-method| | | | |
+|iban| | | | |
+|identity-card-number| X | | | |
+|impfuzzy| | | | |
+|imphash| | | | |
+|ip-dst| | | | |
+|ip-dst&#124;port| | | | |
+|ip-src| | | | |
+|ip-src&#124;port| | | | |
+|issue-date-of-the-visa| X | | | |
+|ja3-fingerprint-md5| | | | |
+|jabber-id| | X | | |
+|jarm-fingerprint| | | | |
+|kusto-query| | | | |
+|last-name| X | | | |
+|link| | | X | |
 |mac-address| | | | |
 |mac-eui-64| | | | |
-|email-dst-display-name| | | | |
-|email-src-display-name| | | | |
-|email-header| | | | |
-|email-reply-to| | | | |
-|email-x-mailer| | | | |
-|email-mime-boundary| | | | |
-|email-thread-index| | | | |
-|email-message-id| | | | |
-|github-username| | X | | |
-|github-repository| | X | | |
-|github-organisation| | X | | |
-|jabber-id| | X | | |
-|twitter-id| | X | | |
-|dkim| | | | |
-|dkim-signature| | | | |
-|first-name| | | X | |
-|middle-name| | | X | |
-|last-name| | | X | |
-|date-of-birth| | | X | |
-|place-of-birth| | | X | |
-|gender| | | X | |
-|passport-number| | | X | |
-|passport-country| | | X | |
-|passport-expiration| | | X | |
-|redress-number| | | X | |
-|nationality| | | X | |
-|visa-number| | | X | |
-|issue-date-of-the-visa| | | X | |
-|primary-residence| | | X | |
-|country-of-residence| | | X | |
-|special-service-request| | | X | |
-|frequent-flyer-number| | | X | |
-|travel-details| | | X | |
-|payment-details| | | X | |
-|place-port-of-original-embarkation| | | X | |
-|place-port-of-clearance| | | X | |
-|place-port-of-onward-foreign-destination| | | X | |
-|passenger-name-record-locator-number| | | X | |
+|malware-sample| | | | |
+|malware-type| | | | |
+|md5| | | | |
+|middle-name| X | | | |
+|mime-type| | | | |
 |mobile-application-id| | | | |
-|chrome-extension-id| | | | |
-|cortex| | | | |
-|boolean| | | | X |
-|anonymised| X | X | X | X |
+|mutex| | | | |
+|named pipe| | | | |
+|nationality| X | | | |
+|other| X | X | X | |
+|passenger-name-record-locator-number| X | | | |
+|passport-country| X | | | |
+|passport-expiration| X | | | |
+|passport-number| X | | | |
+|pattern-filename| | | | |
+|pattern-in-file| | | | |
+|pattern-in-memory| | | | |
+|pattern-in-traffic| | | | |
+|payment-details| X | | | |
+|pdb| | | | |
+|pehash| | | | |
+|pgp-private-key| X | X | | |
+|pgp-public-key| X | X | | |
+|phone-number| X | | | |
+|place-of-birth| X | | | |
+|place-port-of-clearance| X | | | |
+|place-port-of-onward-foreign-destination| X | | | |
+|place-port-of-original-embarkation| X | | | |
+|port| | | | |
+|primary-residence| X | | | |
+|process-state| | | | |
+|prtn| | | | |
+|redress-number| X | | | |
+|regkey| | | | |
+|regkey&#124;value| | | | |
+|sha1| | | | |
+|sha224| | | | |
+|sha256| | | | |
+|sha3-224| | | | |
+|sha3-256| | | | |
+|sha3-384| | | | |
+|sha3-512| | | | |
+|sha384| | | | |
+|sha512| | | | |
+|sha512/224| | | | |
+|sha512/256| | | | |
+|sigma| | | | |
+|size-in-bytes| | | | |
+|snort| | | | |
+|special-service-request| X | | | |
+|ssdeep| | | | |
+|stix2-pattern| | | | |
+|target-email| | | | X |
+|target-external| | | | X |
+|target-location| | | | X |
+|target-machine| | | | X |
+|target-org| | | | X |
+|target-user| | | | X |
+|telfhash| | | | |
+|text| X | X | X | |
+|threat-actor| | | | |
+|tlsh| | | | |
+|travel-details| X | | | |
+|twitter-id| | X | | |
+|uri| | | | |
+|url| | | | |
+|user-agent| | | | |
+|vhash| | | | |
+|visa-number| X | | | |
+|vulnerability| | | | |
+|weakness| | | | |
+|whois-creation-date| | | | |
+|whois-registrant-email| | X | | |
+|whois-registrant-name| | | | |
+|whois-registrant-org| | | | |
+|whois-registrant-phone| | | | |
+|whois-registrar| | | | |
+|windows-scheduled-task| | | | |
+|windows-service-displayname| | | | |
+|windows-service-name| | | | |
+|x509-fingerprint-md5| | | | |
+|x509-fingerprint-sha1| | | | |
+|x509-fingerprint-sha256| | | | |
+|xmr| | | | |
+|yara| | | | |
+|zeek| | | | |
+
 
 ### Categories
 
-*   **Internal reference**: Reference used by the publishing party (e.g. ticket number)
-*   **Targeting data**: Targeting information to include recipient email, infected machines, department, and or locations.
-*   **Antivirus detection**: List of anti-virus vendors detecting the malware or information on detection performance (e.g. 13/43 or 67%). Attachment with list of detection or link to VirusTotal could be placed here as well.
-*   **Payload delivery**: Information about the way the malware payload is initially delivered, for example information about the email or web-site, vulnerability used, originating IP etc. Malware sample itself should be attached here.
+*   **Antivirus detection**: All the info about how the malware is detected by the antivirus products
 *   **Artifacts dropped**: Any artifact (files, registry keys etc.) dropped by the malware or other modifications to the system
-*   **Payload installation**: Location where the payload was placed in the system and the way it was installed. For example, a filename|md5 type attribute can be added here like this: c:\windows\system32\malicious.exe|41d8cd98f00b204e9800998ecf8427e.
-*   **Persistence mechanism**: Mechanisms used by the malware to start at boot. This could be a registry key, legitimate driver modification, LNK file in startup
-*   **Network activity**: Information about network traffic generated by the malware
-*   **Payload type**: Information about the final payload(s). Can contain a function of the payload, e.g. keylogger, RAT, or a name if identified, such as Poison Ivy.
 *   **Attribution**: Identification of the group, organisation, or country behind the attack
-*   **External analysis**: Any other result from additional analysis of the malware like tools output Examples: pdf-parser output, automated sandbox analysis, reverse engineering report.
-*   **Financial fraud**: Financial Fraud indicators, for example: IBAN Numbers, BIC codes, Credit card numbers, etc.
-*   **Support Tool**: Tools supporting analysis or detection of the event
-*   **Social network**: Social networks and platforms
-*   **Person**: A human being - natural person
+*   **External analysis**: Any other result from additional analysis of the malware like tools output
+*   **Financial fraud**: Financial Fraud indicators
+*   **Internal reference**: Reference used by the publishing party (e.g. ticket number)
+*   **Network activity**: Information about network traffic generated by the malware
 *   **Other**: Attributes that are not part of any other category or are meant to be used as a component in MISP objects in the future
+*   **Payload delivery**: Information about how the malware is delivered
+*   **Payload installation**: Info on where the malware gets installed in the system
+*   **Payload type**: Information about the final payload(s)
+*   **Persistence mechanism**: Mechanisms used by the malware to start at boot
+*   **Person**: A human being - natural person
+*   **Social network**: Social networks and platforms
+*   **Support Tool**: Tools supporting analysis or detection of the event
+*   **Targeting data**: Internal Attack Targeting and Compromise Information
 
 ### Types
 
-*   **md5**: You are encouraged to use filename|md5 instead. A checksum in md5 format, only use this if you don't know the correct filename
-*   **sha1**: You are encouraged to use filename|sha1 instead. A checksum in sha1 format, only use this if you don't know the correct filename
-*   **sha256**: You are encouraged to use filename|sha256 instead. A checksum in sha256 format, only use this if you don't know the correct filename
-*   **filename**: Filename
-*   **pdb**: Microsoft Program database (PDB) path information
-*   **filename|md5**: A filename and an md5 hash separated by a | (no spaces)
-*   **filename|sha1**: A filename and an sha1 hash separated by a | (no spaces)
-*   **filename|sha256**: A filename and an sha256 hash separated by a | (no spaces)
-*   **ip-src**: A source IP address of the attacker
-*   **ip-dst**: A destination IP address of the attacker or C&C server. Also set the IDS flag on when this IP is hardcoded in malware
-*   **hostname**: A full host/dnsname of an attacker. Also set the IDS flag on when this hostname is hardcoded in malware
-*   **domain**: A domain name used in the malware. Use this instead of hostname when the upper domain is important or can be used to create links between events.
-*   **domain|ip**: A domain name and its IP address (as found in DNS lookup) separated by a | (no spaces)
-*   **email**: An e-mail address
-*   **email-src**: The source email address. Used to describe the sender when describing an e-mail.
-*   **eppn**: eduPersonPrincipalName - eppn - the NetId of the person for the purposes of inter-institutional authentication. Should be stored in the form of user@univ.edu, where univ.edu is the name of the local security domain.
-*   **email-dst**: The destination email address. Used to describe the recipient when describing an e-mail.
-*   **email-subject**: The subject of the email
-*   **email-attachment**: File name of the email attachment.
-*   **email-body**: Email body
-*   **float**: A floating point value.
-*   **git-commit-id**: A git commit ID.
-*   **url**: url
-*   **http-method**: HTTP method used by the malware (e.g. POST, GET, ...).
-*   **user-agent**: The user-agent used by the malware in the HTTP request.
-*   **ja3-fingerprint-md5**: JA3 is a method for creating SSL/TLS client fingerprints that should be easy to produce on any platform and can be easily shared for threat intelligence.
-*   **jarm-fingerprint**: JARM is a method for creating SSL/TLS server fingerprints.
-*   **favicon-mmh3**: favicon-mmh3 is the murmur3 hash of a favicon as used in Shodan.
-*   **hassh-md5**: hassh is a network fingerprinting standard which can be used to identify specific Client SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint.
-*   **hasshserver-md5**: hasshServer is a network fingerprinting standard which can be used to identify specific Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint.
-*   **regkey**: Registry key or value
-*   **regkey|value**: Registry value + data separated by |
 *   **AS**: Autonomous system
-*   **snort**: An IDS rule in Snort rule-format. This rule will be automatically rewritten in the NIDS exports.
-*   **bro**: An NIDS rule in the Bro rule-format.
-*   **zeek**: An NIDS rule in the Zeek rule-format.
-*   **community-id**: a community ID flow hashing algorithm to map multiple traffic monitors into common flow id
-*   **pattern-in-file**: Pattern in file that identifies the malware
-*   **pattern-in-traffic**: Pattern in network traffic that identifies the malware
-*   **pattern-in-memory**: Pattern in memory dump that identifies the malware
-*   **pattern-filename**: A pattern in the name of a file
-*   **pgp-public-key**: A PGP public key
-*   **pgp-private-key**: A PGP private key
-*   **yara**: Yara signature
-*   **stix2-pattern**: STIX 2 pattern
-*   **sigma**: Sigma - Generic Signature Format for SIEM Systems
-*   **gene**: GENE - Go Evtx sigNature Engine
-*   **kusto-query**: Kusto query - Kusto from Microsoft Azure is a service for storing and running interactive analytics over Big Data.
-*   **mime-type**: A media type (also MIME type and content type) is a two-part identifier for file formats and format contents transmitted on the Internet
-*   **identity-card-number**: Identity card number
-*   **cookie**: HTTP cookie as often stored on the user web client. This can include authentication cookie or session cookie.
-*   **vulnerability**: A reference to the vulnerability used in the exploit
-*   **cpe**: Common Platform Enumeration - structured naming scheme for information technology systems, software, and packages.
-*   **weakness**: A reference to the weakness used in the exploit
-*   **attachment**: Please upload files using the <em>Upload Attachment</em> button.
-*   **malware-sample**: Please upload files using the <em>Upload Attachment</em> button.
-*   **link**: Link to an external information
-*   **comment**: Comment or description in a human language. This will not be correlated with other attributes
-*   **text**: Name, ID or a reference
-*   **hex**: A value in hexadecimal format
-*   **other**: Other attribute
-*   **named pipe**: Named pipe, use the format \.\pipe\<PipeName>
-*   **mutex**: Mutex, use the format \BaseNamedObjects\<Mutex>
-*   **process-state**: State of a process
-*   **target-user**: Attack Targets Username(s)
-*   **target-email**: Attack Targets Email(s)
-*   **target-machine**: Attack Targets Machine Name(s)
-*   **target-org**: Attack Targets Department or Organization(s)
-*   **target-location**: Attack Targets Physical Location(s)
-*   **target-external**: External Target Organizations Affected by this Attack
-*   **btc**: Bitcoin Address
-*   **dash**: Dash Address
-*   **xmr**: Monero Address
-*   **iban**: International Bank Account Number
-*   **bic**: Bank Identifier Code Number also known as SWIFT-BIC, SWIFT code or ISO 9362 code
-*   **bank-account-nr**: Bank account number without any routing number
 *   **aba-rtn**: ABA routing transit number
+*   **anonymised**: Anonymised value - described with the anonymisation object via a relationship
+*   **attachment**: Attachment with external information
+*   **authentihash**: Authenticode executable signature hash
+*   **bank-account-nr**: Bank account number without any routing number
+*   **bic**: Bank Identifier Code Number also known as SWIFT-BIC, SWIFT code or ISO 9362 code
 *   **bin**: Bank Identification Number
-*   **cc-number**: Credit-Card Number
-*   **prtn**: Premium-Rate Telephone Number
-*   **phone-number**: Telephone Number
-*   **threat-actor**: A string identifying the threat actor
-*   **campaign-name**: Associated campaign name
+*   **boolean**: Boolean value - to be used in objects
+*   **bro**: An NIDS rule in the Bro rule-format
+*   **btc**: Bitcoin Address
 *   **campaign-id**: Associated campaign ID
-*   **malware-type**:
-*   **uri**: Uniform Resource Identifier
-*   **authentihash**: You are encouraged to use filename|authentihash instead. Authenticode executable signature hash, only use this if you don't know the correct filename
-*   **vhash**: You are encouraged to use filename|vhash instead. A checksum from VirusTotal, only use this if you don't know the correct filename
-*   **ssdeep**: You are encouraged to use filename|ssdeep instead. A checksum in the SSDeep format, only use this if you don't know the correct filename
-*   **imphash**: You are encouraged to use filename|imphash instead. A hash created based on the imports in the sample, only use this if you don't know the correct filename
-*   **telfhash**: You are encouraged to use a file object with telfash
-*   **pehash**: PEhash - a hash calculated based of certain pieces of a PE executable file
-*   **impfuzzy**: You are encouraged to use filename|impfuzzy instead. A fuzzy hash created based on the imports in the sample, only use this if you don't know the correct filename
-*   **sha224**: You are encouraged to use filename|sha224 instead. A checksum in sha224 format, only use this if you don't know the correct filename
-*   **sha384**: You are encouraged to use filename|sha384 instead. A checksum in sha384 format, only use this if you don't know the correct filename
-*   **sha512**: You are encouraged to use filename|sha512 instead. A checksum in sha512 format, only use this if you don't know the correct filename
-*   **sha512/224**: You are encouraged to use filename|sha512/224 instead. A checksum in sha512/224 format, only use this if you don't know the correct filename
-*   **sha512/256**: You are encouraged to use filename|sha512/256 instead. A checksum in sha512/256 format, only use this if you don't know the correct filename
-*   **sha3-224**: You are encouraged to use filename|sha3-224 instead. A checksum in sha3-224 format, only use this if you don't know the correct filename
-*   **sha3-256**: You are encouraged to use filename|sha3-256 instead. A checksum in sha3-256 format, only use this if you don't know the correct filename
-*   **sha3-384**: You are encouraged to use filename|sha3-384 instead. A checksum in sha3-384 format, only use this if you don't know the correct filename
-*   **sha3-512**: You are encouraged to use filename|sha3-512 instead. A checksum in sha3-512 format, only use this if you don't know the correct filename
-*   **tlsh**: You are encouraged to use filename|tlsh instead. A checksum in the Trend Micro Locality Sensitive Hash format, only use this if you don't know the correct filename
+*   **campaign-name**: Associated campaign name
+*   **cc-number**: Credit-Card Number
 *   **cdhash**: An Apple Code Directory Hash, identifying a code-signed Mach-O executable file
-*   **filename|authentihash**: A checksum in md5 format
-*   **filename|vhash**: A filename and a VirusTotal hash separated by a |
-*   **filename|ssdeep**: A checksum in ssdeep format
-*   **filename|imphash**: Import hash - a hash created based on the imports in the sample.
-*   **filename|impfuzzy**: Import fuzzy hash - a fuzzy hash created based on the imports in the sample.
-*   **filename|pehash**: A filename and a PEhash separated by a |
-*   **filename|sha224**: A filename and a sha-224 hash separated by a |
-*   **filename|sha384**: A filename and a sha-384 hash separated by a |
-*   **filename|sha512**: A filename and a sha-512 hash separated by a |
-*   **filename|sha512/224**: A filename and a sha-512/224 hash separated by a |
-*   **filename|sha512/256**: A filename and a sha-512/256 hash separated by a |
-*   **filename|sha3-224**: A filename and an sha3-224 hash separated by a |
-*   **filename|sha3-256**: A filename and an sha3-256 hash separated by a |
-*   **filename|sha3-384**: A filename and an sha3-384 hash separated by a |
-*   **filename|sha3-512**: A filename and an sha3-512 hash separated by a |
-*   **filename|tlsh**: A filename and a Trend Micro Locality Sensitive Hash separated by a |
-*   **windows-scheduled-task**: A scheduled task in windows
-*   **windows-service-name**: A windows service name. This is the name used internally by windows. Not to be confused with the windows-service-displayname.
-*   **windows-service-displayname**: A windows service's displayname, not to be confused with the windows-service-name. This is the name that applications will generally display as the service's name in applications.
-*   **whois-registrant-email**: The e-mail of a domain's registrant, obtained from the WHOIS information.
-*   **whois-registrant-phone**: The phone number of a domain's registrant, obtained from the WHOIS information.
-*   **whois-registrant-name**: The name of a domain's registrant, obtained from the WHOIS information.
-*   **whois-registrant-org**: The org of a domain's registrant, obtained from the WHOIS information.
-*   **whois-registrar**: The registrar of the domain, obtained from the WHOIS information.
-*   **whois-creation-date**: The date of domain's creation, obtained from the WHOIS information.
-*   **x509-fingerprint-sha1**: X509 fingerprint in SHA-1 format
-*   **x509-fingerprint-md5**: X509 fingerprint in MD5 format
-*   **x509-fingerprint-sha256**: X509 fingerprint in SHA-256 format
-*   **dns-soa-email**: RFC1035 mandates that DNS zones should have a SOA (Statement Of Authority) record that contains an email address where a PoC for the domain could be contacted. This can sometimes be used for attribution/linkage between different domains even if protected by whois privacy
-*   **size-in-bytes**: Size expressed in bytes
+*   **chrome-extension-id**: Chrome extension id
+*   **comment**: Comment or description in a human language
+*   **community-id**: a community ID flow hashing algorithm to map multiple traffic monitors into common flow id
+*   **cookie**: HTTP cookie as often stored on the user web client. This can include authentication cookie or session cookie.
+*   **cortex**: Cortex analysis result
 *   **counter**: An integer counter, generally to be used in objects
+*   **country-of-residence**: The country of residence of a natural person
+*   **cpe**: Common Platform Enumeration - structured naming scheme for information technology systems, software, and packages.
+*   **dash**: Dash Address
+*   **date-of-birth**: Date of birth of a natural person (in YYYY-MM-DD format)
 *   **datetime**: Datetime in the ISO 8601 format
-*   **port**: Port number
-*   **ip-dst|port**: IP destination and port number separated by a |
-*   **ip-src|port**: IP source and port number separated by a |
-*   **hostname|port**: Hostname and port number separated by a |
-*   **mac-address**: Mac address
-*   **mac-eui-64**: Mac EUI-64 address
-*   **email-dst-display-name**: Email destination display name
-*   **email-src-display-name**: Email source display name
-*   **email-header**: Email header
-*   **email-reply-to**: Email reply to header
-*   **email-x-mailer**: Email x-mailer header
-*   **email-mime-boundary**: The email mime boundary separating parts in a multipart email
-*   **email-thread-index**: The email thread index header
-*   **email-message-id**: The email message ID
-*   **github-username**: A github user name
-*   **github-repository**: A github repository
-*   **github-organisation**: A github organisation
-*   **jabber-id**: Jabber ID
-*   **twitter-id**: Twitter ID
 *   **dkim**: DKIM public key
 *   **dkim-signature**: DKIM signature
+*   **dns-soa-email**: RFC1035 mandates that DNS zones should have a SOA (Statement Of Authority) record that contains an email address where a PoC for the domain could be contacted. This can sometimes be used for attribution/linkage between different domains even if protected by whois privacy
+*   **domain**: A domain name used in the malware
+*   **domain&#124;ip**: A domain name and its IP address (as found in DNS lookup) separated by a &#124;
+*   **email**: An e-mail address
+*   **email-attachment**: File name of the email attachment.
+*   **email-body**: Email body
+*   **email-dst**: The destination email address. Used to describe the recipient when describing an e-mail.
+*   **email-dst-display-name**: Email destination display name
+*   **email-header**: Email header
+*   **email-message-id**: The email message ID
+*   **email-mime-boundary**: The email mime boundary separating parts in a multipart email
+*   **email-reply-to**: Email reply to header
+*   **email-src**: The source email address. Used to describe the sender when describing an e-mail.
+*   **email-src-display-name**: Email source display name
+*   **email-subject**: The subject of the email
+*   **email-thread-index**: The email thread index header
+*   **email-x-mailer**: Email x-mailer header
+*   **eppn**: eduPersonPrincipalName - eppn - the NetId of the person for the purposes of inter-institutional authentication. Should be stored in the form of user@univ.edu, where univ.edu is the name of the local security domain.
+*   **favicon-mmh3**: favicon-mmh3 is the murmur3 hash of a favicon as used in Shodan.
+*   **filename**: Filename
+*   **filename&#124;authentihash**: A checksum in md5 format
+*   **filename&#124;impfuzzy**: Import fuzzy hash - a fuzzy hash created based on the imports in the sample.
+*   **filename&#124;imphash**: Import hash - a hash created based on the imports in the sample.
+*   **filename&#124;md5**: A filename and an md5 hash separated by a &#124;
+*   **filename&#124;pehash**: A filename and a PEhash separated by a &#124;
+*   **filename&#124;sha1**: A filename and an sha1 hash separated by a &#124;
+*   **filename&#124;sha224**: A filename and a sha-224 hash separated by a &#124;
+*   **filename&#124;sha256**: A filename and an sha256 hash separated by a &#124;
+*   **filename&#124;sha3-224**: A filename and an sha3-224 hash separated by a &#124;
+*   **filename&#124;sha3-256**: A filename and an sha3-256 hash separated by a &#124;
+*   **filename&#124;sha3-384**: A filename and an sha3-384 hash separated by a &#124;
+*   **filename&#124;sha3-512**: A filename and an sha3-512 hash separated by a &#124;
+*   **filename&#124;sha384**: A filename and a sha-384 hash separated by a &#124;
+*   **filename&#124;sha512**: A filename and a sha-512 hash separated by a &#124;
+*   **filename&#124;sha512/224**: A filename and a sha-512/224 hash separated by a &#124;
+*   **filename&#124;sha512/256**: A filename and a sha-512/256 hash separated by a &#124;
+*   **filename&#124;ssdeep**: A checksum in ssdeep format
+*   **filename&#124;tlsh**: A filename and a Trend Micro Locality Sensitive Hash separated by a &#124;
+*   **filename&#124;vhash**: A filename and a VirusTotal hash separated by a &#124;
 *   **first-name**: First name of a natural person
-*   **middle-name**: Middle name of a natural person
-*   **last-name**: Last name of a natural person
-*   **date-of-birth**: Date of birth of a natural person (in YYYY-MM-DD format)
-*   **place-of-birth**: Place of birth of a natural person
+*   **float**: A floating point value.
+*   **frequent-flyer-number**: The frequent flyer number of a passenger
+*   **full-name**: Full name of a natural person
 *   **gender**: The gender of a natural person (Male, Female, Other, Prefer not to say)
-*   **passport-number**: The passport number of a natural person
+*   **gene**: GENE - Go Evtx sigNature Engine
+*   **git-commit-id**: A git commit ID.
+*   **github-organisation**: A github organisation
+*   **github-repository**: A github repository
+*   **github-username**: A github user name
+*   **hassh-md5**: hassh is a network fingerprinting standard which can be used to identify specific Client SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint.
+*   **hasshserver-md5**: hasshServer is a network fingerprinting standard which can be used to identify specific Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint.
+*   **hex**: A value in hexadecimal format
+*   **hostname**: A full host/dnsname of an attacker
+*   **hostname&#124;port**: Hostname and port number separated by a &#124;
+*   **http-method**: HTTP method used by the malware (e.g. POST, GET, ...).
+*   **iban**: International Bank Account Number
+*   **identity-card-number**: Identity card number
+*   **impfuzzy**: A fuzzy hash of import table of Portable Executable format
+*   **imphash**: Import hash - a hash created based on the imports in the sample.
+*   **ip-dst**: A destination IP address of the attacker or C&C server
+*   **ip-dst&#124;port**: IP destination and port number separated by a &#124;
+*   **ip-src**: A source IP address of the attacker
+*   **ip-src&#124;port**: IP source and port number separated by a &#124;
+*   **issue-date-of-the-visa**: The date on which the visa was issued
+*   **ja3-fingerprint-md5**: JA3 is a method for creating SSL/TLS client fingerprints that should be easy to produce on any platform and can be easily shared for threat intelligence.
+*   **jabber-id**: Jabber ID
+*   **jarm-fingerprint**: JARM is a method for creating SSL/TLS server fingerprints.
+*   **kusto-query**: Kusto query - Kusto from Microsoft Azure is a service for storing and running interactive analytics over Big Data.
+*   **last-name**: Last name of a natural person
+*   **link**: Link to an external information
+*   **mac-address**: Mac address
+*   **mac-eui-64**: Mac EUI-64 address
+*   **malware-sample**: Attachment containing encrypted malware sample
+*   **malware-type**: 
+*   **md5**: A checksum in md5 format
+*   **middle-name**: Middle name of a natural person
+*   **mime-type**: A media type (also MIME type and content type) is a two-part identifier for file formats and format contents transmitted on the Internet
+*   **mobile-application-id**: The application id of a mobile application
+*   **mutex**: Mutex, use the format \BaseNamedObjects\<Mutex>
+*   **named pipe**: Named pipe, use the format \.\pipe\<PipeName>
+*   **nationality**: The nationality of a natural person
+*   **other**: Other attribute
+*   **passenger-name-record-locator-number**: The Passenger Name Record Locator is a key under which the reservation for a trip is stored in the system. The PNR contains, among other data, the name, flight segments and address of the passenger. It is defined by a combination of five or six letters and numbers.
 *   **passport-country**: The country in which the passport was issued
 *   **passport-expiration**: The expiration date of a passport
-*   **redress-number**: The Redress Control Number is the record identifier for people who apply for redress through the DHS Travel Redress Inquiry Program (DHS TRIP). DHS TRIP is for travelers who have been repeatedly identified for additional screening and who want to file an inquiry to have erroneous information corrected in DHS systems
-*   **nationality**: The nationality of a natural person
-*   **visa-number**: Visa number
-*   **issue-date-of-the-visa**: The date on which the visa was issued
-*   **primary-residence**: The primary residence of a natural person
-*   **country-of-residence**: The country of residence of a natural person
-*   **special-service-request**: A Special Service Request is a function to an airline to provide a particular facility for A Passenger or passengers.
-*   **frequent-flyer-number**: The frequent flyer number of a passenger
-*   **travel-details**: Travel details
+*   **passport-number**: The passport number of a natural person
+*   **pattern-filename**: A pattern in the name of a file
+*   **pattern-in-file**: Pattern in file that identifies the malware
+*   **pattern-in-memory**: Pattern in memory dump that identifies the malware
+*   **pattern-in-traffic**: Pattern in network traffic that identifies the malware
 *   **payment-details**: Payment details
-*   **place-port-of-original-embarkation**: The orignal port of embarkation
+*   **pdb**: Microsoft Program database (PDB) path information
+*   **pehash**: PEhash - a hash calculated based of certain pieces of a PE executable file
+*   **pgp-private-key**: A PGP private key
+*   **pgp-public-key**: A PGP public key
+*   **phone-number**: Telephone Number
+*   **place-of-birth**: Place of birth of a natural person
 *   **place-port-of-clearance**: The port of clearance
 *   **place-port-of-onward-foreign-destination**: A Port where the passenger is transiting to
-*   **passenger-name-record-locator-number**: The Passenger Name Record Locator is a key under which the reservation for a trip is stored in the system. The PNR contains, among other data, the name, flight segments and address of the passenger. It is defined by a combination of five or six letters and numbers.
-*   **mobile-application-id**: The application id of a mobile application
-*   **chrome-extension-id**: Chrome extension id
-*   **cortex**: Cortex analysis result
-*   **boolean**: Boolean value - to be used in objects
-*   **anonymised**: Anonymised value - described with the anonymisation object via a relationship.
-
+*   **place-port-of-original-embarkation**: The original port of embarkation
+*   **port**: Port number
+*   **primary-residence**: The primary residence of a natural person
+*   **process-state**: State of a process
+*   **prtn**: Premium-Rate Telephone Number
+*   **redress-number**: The Redress Control Number is the record identifier for people who apply for redress through the DHS Travel Redress Inquiry Program (DHS TRIP). DHS TRIP is for travelers who have been repeatedly identified for additional screening and who want to file an inquiry to have erroneous information corrected in DHS systems
+*   **regkey**: Registry key or value
+*   **regkey&#124;value**: Registry value + data separated by &#124;
+*   **sha1**: A checksum in sha1 format
+*   **sha224**: A checksum in sha-224 format
+*   **sha256**: A checksum in sha256 format
+*   **sha3-224**: A checksum in sha3-224 format
+*   **sha3-256**: A checksum in sha3-256 format
+*   **sha3-384**: A checksum in sha3-384 format
+*   **sha3-512**: A checksum in sha3-512 format
+*   **sha384**: A checksum in sha-384 format
+*   **sha512**: A checksum in sha-512 format
+*   **sha512/224**: A checksum in the sha-512/224 format
+*   **sha512/256**: A checksum in the sha-512/256 format
+*   **sigma**: Sigma - Generic Signature Format for SIEM Systems
+*   **size-in-bytes**: Size expressed in bytes
+*   **snort**: An IDS rule in Snort rule-format
+*   **special-service-request**: A Special Service Request is a function to an airline to provide a particular facility for A Passenger or passengers. 
+*   **ssdeep**: A checksum in ssdeep format
+*   **stix2-pattern**: STIX 2 pattern
+*   **target-email**: Attack Targets Email(s)
+*   **target-external**: External Target Organizations Affected by this Attack
+*   **target-location**: Attack Targets Physical Location(s)
+*   **target-machine**: Attack Targets Machine Name(s)
+*   **target-org**: Attack Targets Department or Organization(s)
+*   **target-user**: Attack Targets Username(s)
+*   **telfhash**: telfhash is symbol hash for ELF files, just like imphash is imports hash for PE files.
+*   **text**: Name, ID or a reference
+*   **threat-actor**: A string identifying the threat actor
+*   **tlsh**: A checksum in the Trend Micro Locality Sensitive Hash format
+*   **travel-details**: Travel details
+*   **twitter-id**: Twitter ID
+*   **uri**: Uniform Resource Identifier
+*   **url**: url
+*   **user-agent**: The user-agent used by the malware in the HTTP request.
+*   **vhash**: A VirusTotal checksum
+*   **visa-number**: Visa number
+*   **vulnerability**: A reference to the vulnerability used in the exploit
+*   **weakness**: A reference to the weakness used in the exploit
+*   **whois-creation-date**: The date of domain's creation, obtained from the WHOIS information.
+*   **whois-registrant-email**: The e-mail of a domain's registrant, obtained from the WHOIS information.
+*   **whois-registrant-name**: The name of a domain's registrant, obtained from the WHOIS information.
+*   **whois-registrant-org**: The org of a domain's registrant, obtained from the WHOIS information.
+*   **whois-registrant-phone**: The phone number of a domain's registrant, obtained from the WHOIS information.
+*   **whois-registrar**: The registrar of the domain, obtained from the WHOIS information.
+*   **windows-scheduled-task**: A scheduled task in windows
+*   **windows-service-displayname**: A windows service's displayname, not to be confused with the windows-service-name. This is the name that applications will generally display as the service's name in applications.
+*   **windows-service-name**: A windows service name. This is the name used internally by windows. Not to be confused with the windows-service-displayname.
+*   **x509-fingerprint-md5**: X509 fingerprint in MD5 format
+*   **x509-fingerprint-sha1**: X509 fingerprint in SHA-1 format
+*   **x509-fingerprint-sha256**: X509 fingerprint in SHA-256 format
+*   **xmr**: Monero Address
+*   **yara**: Yara signature
+*   **zeek**: An NIDS rule in the Zeek rule-format

From 3738cbb2f61a5a159b185327a56890b0e52c2707 Mon Sep 17 00:00:00 2001
From: garanews <puntogtg@tiscali.it>
Date: Fri, 1 Oct 2021 11:46:16 +0200
Subject: [PATCH 13/14] Fix typos

---
 GLOSSARY.md                   |  2 +-
 USAGE.md                      |  2 +-
 administration/README.md      |  2 +-
 appendices/README.md          |  2 +-
 automation/README.md          |  8 ++++----
 connectors/README.md          |  2 +-
 create-event-report/README.md |  4 ++--
 faq/README.md                 |  8 ++++----
 galaxy/README.md              |  2 +-
 using-the-system/README.md    | 10 +++++-----
 10 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/GLOSSARY.md b/GLOSSARY.md
index d5a9a46..9338b0f 100644
--- a/GLOSSARY.md
+++ b/GLOSSARY.md
@@ -51,7 +51,7 @@ MISP can now extend an event (starting from version 2.4.90). This allows users t
 
 ## MISP feeds
 MISP includes a set of public OSINT feeds in its default configuration. The feeds can be used as a source of correlations for all of your events and attributes without the need to import them directly into your system. The MISP feed system allows for fast correlation but also a for quick comparisons of the feeds against one another.
-To get started with MISP we advise to enable the CIRCL OSINT feed withing your MISP instance. This feed is generated with the PyMISP [feed-generator](https://github.com/CIRCL/PyMISP/tree/master/examples/feed-generator).
+To get started with MISP we advise to enable the CIRCL OSINT feed within your MISP instance. This feed is generated with the PyMISP [feed-generator](https://github.com/CIRCL/PyMISP/tree/master/examples/feed-generator).
 [More](http://www.misp-project.org/feeds/)
 
 ## MISP format
diff --git a/USAGE.md b/USAGE.md
index d9ea073..b66be31 100644
--- a/USAGE.md
+++ b/USAGE.md
@@ -212,7 +212,7 @@ canvas needs to be compiled and needs the following dependencies:
 xcode-select --install
 # If you have homebrew not installed yet:
 ## /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
-# For the more adventureous you can install a cask of calibre which gives you access to *ebook-convert*
+# For the more adventurous you can install a cask of calibre which gives you access to *ebook-convert*
 ## brew cask install calibre
 brew install pkg-config cairo pango libpng jpeg giflib
 ```
diff --git a/administration/README.md b/administration/README.md
index 233e8d6..58aea72 100644
--- a/administration/README.md
+++ b/administration/README.md
@@ -766,7 +766,7 @@ Warning: Scheduled tasks come with a lot of caveats and little in regards of cus
 """
 
 The task scheduler is a sub-par component to enable minimal functionality in terms of automating certain MISP tasks.
-If you have a dedicated and concious MISP Site Admin she can keep an eye on the Scheduler to make sure everything runs smoothly.
+If you have a dedicated and conscious MISP Site Admin she can keep an eye on the Scheduler to make sure everything runs smoothly.
 
 For better performance please use a real scheduler like your systems' crontab.
 As a rule of thumb: If you can click on it, MISP can automate it.
diff --git a/appendices/README.md b/appendices/README.md
index b2c983d..2b3e564 100644
--- a/appendices/README.md
+++ b/appendices/README.md
@@ -665,4 +665,4 @@ Because LDAP and MISP users are paired by e-mail address, it is possible to migr
 * When a user is disabled in LDAP and also in MISP and then enabled in LDAP, it will be enabled in MISP for next login just when `updateUser` is set to `true`.
 * Currently it is not possible to log in with both LDAP and local (MISP) accounts.
 * Admins can change users email address. But when `updateUser` is set to true, when the user will log in again, the e-mail address will be updated from LDAP.
-* `Security.require_password_confirmation` setting currently doesnt work with LDAP authentication. But on the other hand, since user cannot change e-mail address and password, this setting is not important.
\ No newline at end of file
+* `Security.require_password_confirmation` setting currently does not work with LDAP authentication. But on the other hand, since user cannot change e-mail address and password, this setting is not important.
\ No newline at end of file
diff --git a/automation/README.md b/automation/README.md
index b57022a..b641724 100644
--- a/automation/README.md
+++ b/automation/README.md
@@ -84,7 +84,7 @@ curl --header "Authorization: YOUR API KEY " --header "Accept: application/json"
 
 ## Search
 
-It is possible to search in the database for a list of attributes or events based on a list of criterias.
+It is possible to search in the database for a list of attributes or events based on a list of criteria.
 
 To return attributes or events in a desired format, use the following URL and header settings:
 
@@ -144,7 +144,7 @@ Find below a non exhaustive list of parameters that can be used to filter data i
 - **timestamp**: Restrict the results by the timestamp (last edit). Any event with a timestamp newer than the given timestamp will be returned. In case you are dealing with /attributes as scope, the attribute's timestamp will be used for the lookup. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
 - **published**: Set whether published or unpublished events should be returned. Do not set the parameter if you want both.
 - **enforceWarninglist**: Remove any attributes from the result that would cause a hit on a warninglist entry.
-- **to_ids**: By default (0) all attributes are returned that match the other filter parameters, irregardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. You can only use the special "exclude" setting to only return attributes that have the to_ids flag disabled.
+- **to_ids**: By default (0) all attributes are returned that match the other filter parameters, regardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. You can only use the special "exclude" setting to only return attributes that have the to_ids flag disabled.
 - **deleted**: Default value 0. If set to 1, only deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned.
 - **includeEventUuid**: Instead of just including the event ID, also include the event UUID in each of the attributes.
 - **event_timestamp**: Only return attributes from events that have received a modification after the given timestamp. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
@@ -904,7 +904,7 @@ Do not use this function with GET!
 - **published**: Set whether published or unpublished events should be returned. Do not set the parameter if you want both.
 - **timestamp**: ***Deprecated!!!*** (synonym for attribute_timestamp) Restrict the results by the timestamp (last edit). Any attribute with a timestamp newer than the given timestamp will be returned. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
 - **enforceWarninglist**: Remove any attributes from the result that would cause a hit on a warninglist entry.
-- **to_ids**: By default (0) all attributes are returned that match the other filter parameters, irregardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. You can only use the special "exclude" setting to only return attributes that have the to_ids flag disabled.
+- **to_ids**: By default (0) all attributes are returned that match the other filter parameters, regardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. You can only use the special "exclude" setting to only return attributes that have the to_ids flag disabled.
 - **deleted**: Default value 0. If set to 1, only deleted attributes will be returned. If set to [0,1] , both deleted and non-deleted attributes wil be returned.
 - **includeEventUuid**: Instead of just including the event ID, also include the event UUID in each of the attributes.
 - **event_timestamp**: Only return attributes from events that have received a modification after the given timestamp. The input can be a timestamp or a short-hand time description (7d or 24h for example). You can also pass a list with two values to set a time range (for example ["14d", "7d"]).
@@ -1230,7 +1230,7 @@ Only the fields POSTed will be updated, the rest is left intact. To view all pos
 
 ### POST admin/users/delete/
 
-You can also delete users by POSTing to the below URL, but keep in mind that disabling users (by setting the disabled flag via an edit) is always prefered to keep user associations to events intact.
+You can also delete users by POSTing to the below URL, but keep in mind that disabling users (by setting the disabled flag via an edit) is always preferred to keep user associations to events intact.
 
 #### Parameters
 
diff --git a/connectors/README.md b/connectors/README.md
index b2ef301..89d2a47 100644
--- a/connectors/README.md
+++ b/connectors/README.md
@@ -159,7 +159,7 @@ Configure a sync user.
 ### Verify Cert
 This gives you the option to choose if python should validate the certificate of the misp instance. (This allows ease within testing environments) 
 
-`misp_verifycert = False` IT IS RECOMENDED TO USE A VALID SSL CERT IN PRODUCTION AND CHANGE THIS TO TRUE
+`misp_verifycert = False` IT IS RECOMMENDED TO USE A VALID SSL CERT IN PRODUCTION AND CHANGE THIS TO TRUE
 
 ## Instructions on Reading TiIndicators That Have Been Pushed
 In the command line, run `python3 script.py -r`
diff --git a/create-event-report/README.md b/create-event-report/README.md
index f2342ba..707d5c7 100644
--- a/create-event-report/README.md
+++ b/create-event-report/README.md
@@ -18,7 +18,7 @@ Then we get the add event form.
 
 Let's fill it with the data we already have:
 * Date: Here we will put the date of the report, so 2016-11-14
-* Distribution: Depending on the event, we might want it to be more or less spread accross the MISP instances. For this one, since it is a public report, there is no reason to limit the diffusion so "All communities".
+* Distribution: Depending on the event, we might want it to be more or less spread across the MISP instances. For this one, since it is a public report, there is no reason to limit the diffusion so "All communities".
 * Threat Level: Self explainatory. Since the ransomware in the report is not using a huge exploit, we can use low, or undefined as we don't really know. we'll go for the latter since it can be edited. 
 * Analysis: Give the current stage of the analysis. Since the report is published, we can assume that the analysis is completed.
 * Event Info: The event's info is in fact the name or title of the event, so it seems legit to put the title of the report here as well. Since it is public information, we also prefix it with "OSINT".
@@ -113,7 +113,7 @@ We only have the network indicators left, and as said before, we will let MISP d
 
 ![type recognition fail](figures/surprise.png)
 
-Oh well, that was unexpected. In fact, it is not that surprising regarding the format of the tor address that look more like a filename than like a url but it is still a problem, since we can't change the type nor the category to a more consistant one. This is indeed one of the limitation of freetext import. To solve this issue, we will use a simple trick: we will add a slash at the end of the tor address so it won't be confused for a filename. 
+Oh well, that was unexpected. In fact, it is not that surprising regarding the format of the tor address that look more like a filename than like a url but it is still a problem, since we can't change the type nor the category to a more consistent one. This is indeed one of the limitation of freetext import. To solve this issue, we will use a simple trick: we will add a slash at the end of the tor address so it won't be confused for a filename. 
 
 ![freetext import network](figures/free_network2.png)
 
diff --git a/faq/README.md b/faq/README.md
index df6ba4a..32f94ba 100644
--- a/faq/README.md
+++ b/faq/README.md
@@ -34,7 +34,7 @@ for different monitoring tools:
 - Using [Cacti](https://www.cacti.net/), a blog post with the [instruction](https://www.misp-project.org/2020/08/22/MISP-Monitoring-with-Cacti.html) is available.
 - Using [Munin](http://munin-monitoring.org/), [misp-monitor](https://github.com/SteveClement/misp-monitor) for instructions.
 - Using [Nagios](https://www.nagios.org/), [Monitoring MISP with Nagios](https://blog.rootshell.be/2020/08/25/monitoring-misp-with-nagios/)
-- Using [OpenNMS](https://www.opennms.com/), a blog post with the [instructions](https://www.misp-project.org/2020/08/18/MISP-Monitoring-with-OpenNMS.html) is availabe.
+- Using [OpenNMS](https://www.opennms.com/), a blog post with the [instructions](https://www.misp-project.org/2020/08/18/MISP-Monitoring-with-OpenNMS.html) is available.
 - [Live monitoring of MISP usage](https://github.com/MISP/misp-monitoring) via the httpd logs. 
 
 ***
@@ -129,7 +129,7 @@ Source: [Getting started with MISP](http://www.vanimpe.eu/2015/05/31/getting-sta
 MISP can be made more appealing to the eye by adding some graphics.
 
 As Org.- or Site-admin navigate to *Administration* -> *List organisations* and edit the corresponding organization.
-Withing this editor you will be able to update the logo.
+Within this editor you will be able to update the logo.
 
 Other ways to achieve this, would be:
     
@@ -627,7 +627,7 @@ OR if you were foolish enough to not install in a Python virtualenv:
 sudo -u www-data misp-modules -l 127.0.0.1 -s &
 ```
 
-> [warning] Running misp-modules like this will certainly kill it once you quit the session. Make sure it is in your **/etc/rc.local** or some ther init script that gets run on boot.
+> [warning] Running misp-modules like this will certainly kill it once you quit the session. Make sure it is in your **/etc/rc.local** or some other init script that gets run on boot.
 
 ## Uninstalling MISP
 
@@ -1025,7 +1025,7 @@ sudo sudo systemctl restart apache2
 
 ### What are the required steps after a MISP installation to have a properly running instance?
 
-- First login with the installation credentials and change the password immediatly (especially if your instance is publicly accessible)
+- First login with the installation credentials and change the password immediately (especially if your instance is publicly accessible)
 - Set the base_url to the hostname of your machine (apache virtualhost name)
 - Create a new organisation which will be the host organisation running the MISP instance
 - Set the new organisation in `MISP.host_org_id` to replace the default one
diff --git a/galaxy/README.md b/galaxy/README.md
index 836cd0f..4a2668e 100644
--- a/galaxy/README.md
+++ b/galaxy/README.md
@@ -74,7 +74,7 @@ The __/galaxies__ file contains metatdatas and galaxy structure.
 The __/clusters__ file contains actual data.
 
 
-#### The galaxy managment GUI
+#### The galaxy management GUI
 
 ![GalaxyManagment](./figures/GalaxyManagmentGui.png)
 
diff --git a/using-the-system/README.md b/using-the-system/README.md
index 45fe2a7..7d3d18f 100644
--- a/using-the-system/README.md
+++ b/using-the-system/README.md
@@ -68,7 +68,7 @@ Sharing groups in MISP are a more granular way to create re-usable distribution
 
 The most general use-cases for sharing groups are creating re-usable topical subgroups in MISP that share events or for ad-hoc sharing scenarios (such as several organisations involved in a specific incident wanting to work together). Generally sharing groups add a level of complexity for the users involved as well as a performance overhead on the data marked with it.
 
-As a best-practice recommendation, using traditional distribution methods is prefered unless they cannot cover the given use-case. Also, whilst sharing groups can be assigned to both events and attributes, it is highly recommended to use the special "inherit" distribution setting on attributes whenever the attribute's sharing group would match the event's.
+As a best-practice recommendation, using traditional distribution methods is preferred unless they cannot cover the given use-case. Also, whilst sharing groups can be assigned to both events and attributes, it is highly recommended to use the special "inherit" distribution setting on attributes whenever the attribute's sharing group would match the event's.
 
 Sharing groups consist of the following elements, each of which has its own page in the sharing group creator/editor tool (accessed via the Global actions -> List Sharing Groups and Add Sharing Group functionalities):
 
@@ -105,7 +105,7 @@ For users trying to populate an event, after clicking on the populate from templ
 ![Choose the most appropriate template for your event.](figures/template_choice.png)
 
 Once you have chosen a template, you'll be presented with the actual form contained within. Make sure you fill out as many fields as possible with the mandatory fields - marked by a star in a bracket such as this: (*) - are filled out.
-Templates are devided into sections, with each section having a title and a description in addition to a series of fields. Each field can be an attribute or a file attachment field. An attribute field has the following components:
+Templates are divided into sections, with each section having a title and a description in addition to a series of fields. Each field can be an attribute or a file attachment field. An attribute field has the following components:
 
 ![MISP will generate attributes based on the field's settings and the data that you provide.](figures/template_field.png)
 
@@ -481,12 +481,12 @@ The platform is also [RESTfull](http://en.wikipedia.org/wiki/Representational_st
 Use any HTTP compliant library to perform requests.
 You can choose which format you would like to use as input/output for the REST calls by specifying the Accept and Content-Type headers.
 
-The following headers are required if you wish to recieve / push XML data:
+The following headers are required if you wish to receive / push XML data:
 **Authorization**: _your authorisation key_
 **Accept**: _application/xml_
 **Content-Type**: _application/xml_
 
-The following headers are required if you wish to recieve / push JSON data:
+The following headers are required if you wish to receive / push JSON data:
 **Authorization**: _your authorisation key_
 **Accept**: _application/json_
 **Content-Type**: _application/json_
@@ -658,7 +658,7 @@ Content-Type: application/xml
 </response>
 ```
 
-The respone from requesting an invalid page
+The response from requesting an invalid page
 
 ```xml
 <?xml version = "1.0" encoding = "UTF-8"?>

From b48e0531548f4a5c7d7fb4d04e3bea285f25af6e Mon Sep 17 00:00:00 2001
From: cliodhna-lynch <91328067+cliodhna-lynch@users.noreply.github.com>
Date: Wed, 13 Oct 2021 09:33:42 +0100
Subject: [PATCH 14/14] Update README.md

Fix typo
---
 using-the-system/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/using-the-system/README.md b/using-the-system/README.md
index 7d3d18f..8932ad8 100644
--- a/using-the-system/README.md
+++ b/using-the-system/README.md
@@ -467,7 +467,7 @@ If you ever need to change the data about the linked servers or remove any conne
 
 ![Apart from editing / deleting the link to the remote server, you can issue a push all or pull all command from here.](figures/list_servers.png)
 
-*   **Editing the connection to the:** By clicking edit a view, [that is identical to the new instance view](#setting-up-a-connection-to-another-server), is loaded, with all the current information of the instance pre-entered.
+*   **Editing the connection to the instance:** By clicking edit a view, [that is identical to the new instance view](#setting-up-a-connection-to-another-server), is loaded, with all the current information of the instance pre-entered.
 *   **Deleting the connection to the instance:** Clicking the delete button will delete the link to the instance.
 *   **Push all:** By clicking this button, all events that are eligible to be pushed on the instance you are on will start to be pushed to the remote instance. Events and attributes that exist on the far end will be updated.
 *   **Pull all:** By clicking this button, all events that are set to be pull-able or full access on the remote server will be copied to this instance. Existing events will not be updated.